Merge main -> VMS_64BITBRANCH_VMS_64BIT

1434 files changed, 172042 insertions, 52315 deletions

diff --git a/.cvsignore b/.cvsignore
index a01eb86196..01be5fa8f7 100644
--- a/.cvsignore
+++ b/.cvsignore
@@ -1,5 +1,6 @@
 openssl.pc
-Makefile.ssl
+libcrypto.pc
+libssl.pc
 MINFO
 makefile.one
 tmp
@@ -12,5 +13,10 @@ maketest.log
 cctest
 cctest.c
 cctest.a
-libcrypto.so.*
-libssl.so.*
+*.flc
+semantic.cache
+Makefile
+*.dll*
+*.so*
+*.sl*
+*.dylib*
diff --git a/CHANGES b/CHANGES
index 10302e0dda..d6d863a447 100644
--- a/CHANGES
+++ b/CHANGES
@@ -2,11 +2,1787 @@
  OpenSSL CHANGES
  _______________
 
- Changes between 0.9.7e and 0.9.8  [xx XXX xxxx]
+ Changes between 1.0.0 and 1.1.0  [xx XXX xxxx]
+
+  *) Add an "external" session cache for debugging purposes to s_server. This
+     should help trace issues which normally are only apparent in deployed
+     multi-process servers.
+     [Steve Henson]
+
+  *) Initial TLSv1.1 support. Since TLSv1.1 is very similar to TLS v1.0 only
+     a few changes are required:
+
+       Add SSL_OP_NO_TLSv1_1 flag.
+       Add TLSv1_1 methods.
+       Update version checking logic to handle version 1.1.
+       Add explicit IV handling (ported from DTLS code).
+       Add command line options to s_client/s_server.
+     [Steve Henson]
+
+  *) Experiemental password based recipient info support for CMS library:
+     implementing RFC3211.
+     [Steve Henson]
+
+  *) Split password based encryption into PBES2 and PBKDF2 functions. This
+     neatly separates the code into cipher and PBE sections and is required
+     for some algorithms that split PBES2 into separate pieces (such as
+     password based CMS).
+     [Steve Henson]
+
+  *) Extensive audit of libcrypto with DEBUG_UNUSED. Fix many cases where
+     return value is ignored. NB. The functions RAND_add(), RAND_seed(),
+     BIO_set_cipher() and some obscure PEM functions were changed so they
+     can now return an error. The RAND changes required a change to the
+     RAND_METHOD structure.
+     [Steve Henson]
+
+  *) New macro __owur for "OpenSSL Warn Unused Result". This makes use of
+     a gcc attribute to warn if the result of a function is ignored. This
+     is enable if DEBUG_UNUSED is set. Add to several functions in evp.h
+     whose return value is often ignored. 
+     [Steve Henson]
+
+ Changes between 0.9.8m (?) and 1.0.0  [xx XXX xxxx]
+
+  *) Tolerate yet another broken PKCS#8 key format: private key value negative.
+     [Steve Henson]
+
+  *) Add new -subject_hash_old and -issuer_hash_old options to x509 utility to
+     output hashes compatible with older versions of OpenSSL.
+     [Willy Weisz <weisz@vcpc.univie.ac.at>]
+
+  *) Fix compression algorithm handling: if resuming a session use the
+     compression algorithm of the resumed session instead of determining
+     it from client hello again. Don't allow server to change algorithm.
+     [Steve Henson]
+
+  *) Constify crypto/cast (i.e., <openssl/cast.h>): a CAST_KEY doesn't
+     change when encrypting or decrypting.
+     [Bodo Moeller]
+
+  *) Add load_crls() function to apps tidying load_certs() too. Add option
+     to verify utility to allow additional CRLs to be included.
+     [Steve Henson]
+
+  *) Update OCSP request code to permit adding custom headers to the request:
+     some responders need this.
+     [Steve Henson]
+
+  *) The function EVP_PKEY_sign() returns <=0 on error: check return code
+     correctly.
+     [Julia Lawall <julia@diku.dk>]
+
+  *) Update verify callback code in apps/s_cb.c and apps/verify.c, it
+     needlessly dereferenced structures, used obsolete functions and
+     didn't handle all updated verify codes correctly.
+     [Steve Henson]
+
+  *) Disable MD2 in the default configuration.
+     [Steve Henson]
+
+  *) In BIO_pop() and BIO_push() use the ctrl argument (which was NULL) to
+     indicate the initial BIO being pushed or popped. This makes it possible
+     to determine whether the BIO is the one explicitly called or as a result
+     of the ctrl being passed down the chain. Fix BIO_pop() and SSL BIOs so
+     it handles reference counts correctly and doesn't zero out the I/O bio
+     when it is not being explicitly popped. WARNING: applications which
+     included workarounds for the old buggy behaviour will need to be modified
+     or they could free up already freed BIOs.
+     [Steve Henson]
+
+  *) Extend the uni2asc/asc2uni => OPENSSL_uni2asc/OPENSSL_asc2uni
+     renaming to all platforms (within the 0.9.8 branch, this was
+     done conditionally on Netware platforms to avoid a name clash).
+     [Guenter <lists@gknw.net>]
+
+  *) Add ECDHE and PSK support to DTLS.
+     [Michael Tuexen <tuexen@fh-muenster.de>]
+
+  *) Add CHECKED_STACK_OF macro to safestack.h, otherwise safestack can't
+     be used on C++.
+     [Steve Henson]
+
+  *) Add "missing" function EVP_MD_flags() (without this the only way to
+     retrieve a digest flags is by accessing the structure directly. Update
+     EVP_MD_do_all*() and EVP_CIPHER_do_all*() to include the name a digest
+     or cipher is registered as in the "from" argument. Print out all
+     registered digests in the dgst usage message instead of manually 
+     attempting to work them out.
+     [Steve Henson]
+
+  *) If no SSLv2 ciphers are used don't use an SSLv2 compatible client hello:
+     this allows the use of compression and extensions. Change default cipher
+     string to remove SSLv2 ciphersuites. This effectively avoids ancient SSLv2
+     by default unless an application cipher string requests it.
+     [Steve Henson]
+
+  *) Alter match criteria in PKCS12_parse(). It used to try to use local
+     key ids to find matching certificates and keys but some PKCS#12 files
+     don't follow the (somewhat unwritten) rules and this strategy fails.
+     Now just gather all certificates together and the first private key
+     then look for the first certificate that matches the key.
+     [Steve Henson]
+
+  *) Support use of registered digest and cipher names for dgst and cipher
+     commands instead of having to add each one as a special case. So now
+     you can do:
+
+        openssl sha256 foo
+
+     as well as:
+
+        openssl dgst -sha256 foo
+
+     and this works for ENGINE based algorithms too.
+
+     [Steve Henson]
+
+  *) Update Gost ENGINE to support parameter files.
+     [Victor B. Wagner <vitus@cryptocom.ru>]
+
+  *) Support GeneralizedTime in ca utility. 
+     [Oliver Martin <oliver@volatilevoid.net>, Steve Henson]
+
+  *) Enhance the hash format used for certificate directory links. The new
+     form uses the canonical encoding (meaning equivalent names will work
+     even if they aren't identical) and uses SHA1 instead of MD5. This form
+     is incompatible with the older format and as a result c_rehash should
+     be used to rebuild symbolic links.
+     [Steve Henson]
+
+  *) Make PKCS#8 the default write format for private keys, replacing the
+     traditional format. This form is standardised, more secure and doesn't
+     include an implicit MD5 dependency.
+     [Steve Henson]
+
+  *) Add a $gcc_devteam_warn option to Configure. The idea is that any code
+     committed to OpenSSL should pass this lot as a minimum.
+     [Steve Henson]
+
+  *) Add session ticket override functionality for use by EAP-FAST.
+     [Jouni Malinen <j@w1.fi>]
+
+  *) Modify HMAC functions to return a value. Since these can be implemented
+     in an ENGINE errors can occur.
+     [Steve Henson]
+
+  *) Type-checked OBJ_bsearch_ex.
+     [Ben Laurie]
+
+  *) Type-checked OBJ_bsearch. Also some constification necessitated
+     by type-checking.  Still to come: TXT_DB, bsearch(?),
+     OBJ_bsearch_ex, qsort, CRYPTO_EX_DATA, ASN1_VALUE, ASN1_STRING,
+     CONF_VALUE.
+     [Ben Laurie]
+
+  *) New function OPENSSL_gmtime_adj() to add a specific number of days and
+     seconds to a tm structure directly, instead of going through OS
+     specific date routines. This avoids any issues with OS routines such
+     as the year 2038 bug. New *_adj() functions for ASN1 time structures
+     and X509_time_adj_ex() to cover the extended range. The existing
+     X509_time_adj() is still usable and will no longer have any date issues.
+     [Steve Henson]
+
+  *) Delta CRL support. New use deltas option which will attempt to locate
+     and search any appropriate delta CRLs available.
+
+     This work was sponsored by Google.
+     [Steve Henson]
+
+  *) Support for CRLs partitioned by reason code. Reorganise CRL processing
+     code and add additional score elements. Validate alternate CRL paths
+     as part of the CRL checking and indicate a new error "CRL path validation
+     error" in this case. Applications wanting additional details can use
+     the verify callback and check the new "parent" field. If this is not
+     NULL CRL path validation is taking place. Existing applications wont
+     see this because it requires extended CRL support which is off by
+     default.
+
+     This work was sponsored by Google.
+     [Steve Henson]
+
+  *) Support for freshest CRL extension.
+
+     This work was sponsored by Google.
+     [Steve Henson]
+
+  *) Initial indirect CRL support. Currently only supported in the CRLs
+     passed directly and not via lookup. Process certificate issuer
+     CRL entry extension and lookup CRL entries by bother issuer name
+     and serial number. Check and process CRL issuer entry in IDP extension.
+
+     This work was sponsored by Google.
+     [Steve Henson]
+
+  *) Add support for distinct certificate and CRL paths. The CRL issuer
+     certificate is validated separately in this case. Only enabled if
+     an extended CRL support flag is set: this flag will enable additional
+     CRL functionality in future.
+
+     This work was sponsored by Google.
+     [Steve Henson]
+
+  *) Add support for policy mappings extension.
+
+     This work was sponsored by Google.
+     [Steve Henson]
+
+  *) Fixes to pathlength constraint, self issued certificate handling,
+     policy processing to align with RFC3280 and PKITS tests.
+
+     This work was sponsored by Google.
+     [Steve Henson]
+
+  *) Support for name constraints certificate extension. DN, email, DNS
+     and URI types are currently supported.
+
+     This work was sponsored by Google.
+     [Steve Henson]
+
+  *) To cater for systems that provide a pointer-based thread ID rather
+     than numeric, deprecate the current numeric thread ID mechanism and
+     replace it with a structure and associated callback type. This
+     mechanism allows a numeric "hash" to be extracted from a thread ID in
+     either case, and on platforms where pointers are larger than 'long',
+     mixing is done to help ensure the numeric 'hash' is usable even if it
+     can't be guaranteed unique. The default mechanism is to use "&errno"
+     as a pointer-based thread ID to distinguish between threads.
+
+     Applications that want to provide their own thread IDs should now use
+     CRYPTO_THREADID_set_callback() to register a callback that will call
+     either CRYPTO_THREADID_set_numeric() or CRYPTO_THREADID_set_pointer().
+
+     Note that ERR_remove_state() is now deprecated, because it is tied
+     to the assumption that thread IDs are numeric.  ERR_remove_state(0)
+     to free the current thread's error state should be replaced by
+     ERR_remove_thread_state(NULL).
+
+     (This new approach replaces the functions CRYPTO_set_idptr_callback(),
+     CRYPTO_get_idptr_callback(), and CRYPTO_thread_idptr() that existed in
+     OpenSSL 0.9.9-dev between June 2006 and August 2008. Also, if an
+     application was previously providing a numeric thread callback that
+     was inappropriate for distinguishing threads, then uniqueness might
+     have been obtained with &errno that happened immediately in the
+     intermediate development versions of OpenSSL; this is no longer the
+     case, the numeric thread callback will now override the automatic use
+     of &errno.)
+     [Geoff Thorpe, with help from Bodo Moeller]
+
+  *) Initial support for different CRL issuing certificates. This covers a
+     simple case where the self issued certificates in the chain exist and
+     the real CRL issuer is higher in the existing chain.
+
+     This work was sponsored by Google.
+     [Steve Henson]
+
+  *) Removed effectively defunct crypto/store from the build.
+     [Ben Laurie]
+
+  *) Revamp of STACK to provide stronger type-checking. Still to come:
+     TXT_DB, bsearch(?), OBJ_bsearch, qsort, CRYPTO_EX_DATA, ASN1_VALUE,
+     ASN1_STRING, CONF_VALUE.
+     [Ben Laurie]
+
+  *) Add a new SSL_MODE_RELEASE_BUFFERS mode flag to release unused buffer
+     RAM on SSL connections.  This option can save about 34k per idle SSL.
+     [Nick Mathewson]
+
+  *) Revamp of LHASH to provide stronger type-checking. Still to come:
+     STACK, TXT_DB, bsearch, qsort.
+     [Ben Laurie]
+
+  *) Initial support for Cryptographic Message Syntax (aka CMS) based
+     on RFC3850, RFC3851 and RFC3852. New cms directory and cms utility,
+     support for data, signedData, compressedData, digestedData and
+     encryptedData, envelopedData types included. Scripts to check against
+     RFC4134 examples draft and interop and consistency checks of many
+     content types and variants.
+     [Steve Henson]
+
+  *) Add options to enc utility to support use of zlib compression BIO.
+     [Steve Henson]
+
+  *) Extend mk1mf to support importing of options and assembly language
+     files from Configure script, currently only included in VC-WIN32.
+     The assembly language rules can now optionally generate the source
+     files from the associated perl scripts.
+     [Steve Henson]
+
+  *) Implement remaining functionality needed to support GOST ciphersuites.
+     Interop testing has been performed using CryptoPro implementations.
+     [Victor B. Wagner <vitus@cryptocom.ru>]
+
+  *) s390x assembler pack.
+     [Andy Polyakov]
+
+  *) ARMv4 assembler pack. ARMv4 refers to v4 and later ISA, not CPU
+     "family."
+     [Andy Polyakov]
+
+  *) Implement Opaque PRF Input TLS extension as specified in
+     draft-rescorla-tls-opaque-prf-input-00.txt.  Since this is not an
+     official specification yet and no extension type assignment by
+     IANA exists, this extension (for now) will have to be explicitly
+     enabled when building OpenSSL by providing the extension number
+     to use.  For example, specify an option
+
+         -DTLSEXT_TYPE_opaque_prf_input=0x9527
+
+     to the "config" or "Configure" script to enable the extension,
+     assuming extension number 0x9527 (which is a completely arbitrary
+     and unofficial assignment based on the MD5 hash of the Internet
+     Draft).  Note that by doing so, you potentially lose
+     interoperability with other TLS implementations since these might
+     be using the same extension number for other purposes.
+
+     SSL_set_tlsext_opaque_prf_input(ssl, src, len) is used to set the
+     opaque PRF input value to use in the handshake.  This will create
+     an interal copy of the length-'len' string at 'src', and will
+     return non-zero for success.
+
+     To get more control and flexibility, provide a callback function
+     by using
+
+          SSL_CTX_set_tlsext_opaque_prf_input_callback(ctx, cb)
+          SSL_CTX_set_tlsext_opaque_prf_input_callback_arg(ctx, arg)
+
+     where
+
+          int (*cb)(SSL *, void *peerinput, size_t len, void *arg);
+          void *arg;
+
+     Callback function 'cb' will be called in handshakes, and is
+     expected to use SSL_set_tlsext_opaque_prf_input() as appropriate.
+     Argument 'arg' is for application purposes (the value as given to
+     SSL_CTX_set_tlsext_opaque_prf_input_callback_arg() will directly
+     be provided to the callback function).  The callback function
+     has to return non-zero to report success: usually 1 to use opaque
+     PRF input just if possible, or 2 to enforce use of the opaque PRF
+     input.  In the latter case, the library will abort the handshake
+     if opaque PRF input is not successfully negotiated.
+
+     Arguments 'peerinput' and 'len' given to the callback function
+     will always be NULL and 0 in the case of a client.  A server will
+     see the client's opaque PRF input through these variables if
+     available (NULL and 0 otherwise).  Note that if the server
+     provides an opaque PRF input, the length must be the same as the
+     length of the client's opaque PRF input.
+
+     Note that the callback function will only be called when creating
+     a new session (session resumption can resume whatever was
+     previously negotiated), and will not be called in SSL 2.0
+     handshakes; thus, SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2) or
+     SSL_set_options(ssl, SSL_OP_NO_SSLv2) is especially recommended
+     for applications that need to enforce opaque PRF input.
+
+     [Bodo Moeller]
+
+  *) Update ssl code to support digests other than SHA1+MD5 for handshake
+     MAC. 
+
+     [Victor B. Wagner <vitus@cryptocom.ru>]
+
+  *) Add RFC4507 support to OpenSSL. This includes the corrections in
+     RFC4507bis. The encrypted ticket format is an encrypted encoded
+     SSL_SESSION structure, that way new session features are automatically
+     supported.
+
+     If a client application caches session in an SSL_SESSION structure
+     support is transparent because tickets are now stored in the encoded
+     SSL_SESSION.
+     
+     The SSL_CTX structure automatically generates keys for ticket
+     protection in servers so again support should be possible
+     with no application modification.
+
+     If a client or server wishes to disable RFC4507 support then the option
+     SSL_OP_NO_TICKET can be set.
+
+     Add a TLS extension debugging callback to allow the contents of any client
+     or server extensions to be examined.
+
+     This work was sponsored by Google.
+     [Steve Henson]
+
+  *) Final changes to avoid use of pointer pointer casts in OpenSSL.
+     OpenSSL should now compile cleanly on gcc 4.2
+     [Peter Hartley <pdh@utter.chaos.org.uk>, Steve Henson]
+
+  *) Update SSL library to use new EVP_PKEY MAC API. Include generic MAC
+     support including streaming MAC support: this is required for GOST
+     ciphersuite support.
+     [Victor B. Wagner <vitus@cryptocom.ru>, Steve Henson]
+
+  *) Add option -stream to use PKCS#7 streaming in smime utility. New
+     function i2d_PKCS7_bio_stream() and PEM_write_PKCS7_bio_stream()
+     to output in BER and PEM format.
+     [Steve Henson]
+
+  *) Experimental support for use of HMAC via EVP_PKEY interface. This
+     allows HMAC to be handled via the EVP_DigestSign*() interface. The
+     EVP_PKEY "key" in this case is the HMAC key, potentially allowing
+     ENGINE support for HMAC keys which are unextractable. New -mac and
+     -macopt options to dgst utility.
+     [Steve Henson]
+
+  *) New option -sigopt to dgst utility. Update dgst to use
+     EVP_Digest{Sign,Verify}*. These two changes make it possible to use
+     alternative signing paramaters such as X9.31 or PSS in the dgst 
+     utility.
+     [Steve Henson]
+
+  *) Change ssl_cipher_apply_rule(), the internal function that does
+     the work each time a ciphersuite string requests enabling
+     ("foo+bar"), moving ("+foo+bar"), disabling ("-foo+bar", or
+     removing ("!foo+bar") a class of ciphersuites: Now it maintains
+     the order of disabled ciphersuites such that those ciphersuites
+     that most recently went from enabled to disabled not only stay
+     in order with respect to each other, but also have higher priority
+     than other disabled ciphersuites the next time ciphersuites are
+     enabled again.
+
+     This means that you can now say, e.g., "PSK:-PSK:HIGH" to enable
+     the same ciphersuites as with "HIGH" alone, but in a specific
+     order where the PSK ciphersuites come first (since they are the
+     most recently disabled ciphersuites when "HIGH" is parsed).
+
+     Also, change ssl_create_cipher_list() (using this new
+     funcionality) such that between otherwise identical
+     cihpersuites, ephemeral ECDH is preferred over ephemeral DH in
+     the default order.
+     [Bodo Moeller]
+
+  *) Change ssl_create_cipher_list() so that it automatically
+     arranges the ciphersuites in reasonable order before starting
+     to process the rule string.  Thus, the definition for "DEFAULT"
+     (SSL_DEFAULT_CIPHER_LIST) now is just "ALL:!aNULL:!eNULL", but
+     remains equivalent to "AES:ALL:!aNULL:!eNULL:+aECDH:+kRSA:+RC4:@STRENGTH".
+     This makes it much easier to arrive at a reasonable default order
+     in applications for which anonymous ciphers are OK (meaning
+     that you can't actually use DEFAULT).
+     [Bodo Moeller; suggested by Victor Duchovni]
+
+  *) Split the SSL/TLS algorithm mask (as used for ciphersuite string
+     processing) into multiple integers instead of setting
+     "SSL_MKEY_MASK" bits, "SSL_AUTH_MASK" bits, "SSL_ENC_MASK",
+     "SSL_MAC_MASK", and "SSL_SSL_MASK" bits all in a single integer.
+     (These masks as well as the individual bit definitions are hidden
+     away into the non-exported interface ssl/ssl_locl.h, so this
+     change to the definition of the SSL_CIPHER structure shouldn't
+     affect applications.)  This give us more bits for each of these
+     categories, so there is no longer a need to coagulate AES128 and
+     AES256 into a single algorithm bit, and to coagulate Camellia128
+     and Camellia256 into a single algorithm bit, which has led to all
+     kinds of kludges.
+
+     Thus, among other things, the kludge introduced in 0.9.7m and
+     0.9.8e for masking out AES256 independently of AES128 or masking
+     out Camellia256 independently of AES256 is not needed here in 0.9.9.
+
+     With the change, we also introduce new ciphersuite aliases that
+     so far were missing: "AES128", "AES256", "CAMELLIA128", and
+     "CAMELLIA256".
+     [Bodo Moeller]
+
+  *) Add support for dsa-with-SHA224 and dsa-with-SHA256.
+     Use the leftmost N bytes of the signature input if the input is
+     larger than the prime q (with N being the size in bytes of q).
+     [Nils Larsch]
+
+  *) Very *very* experimental PKCS#7 streaming encoder support. Nothing uses
+     it yet and it is largely untested.
+     [Steve Henson]
+
+  *) Add support for the ecdsa-with-SHA224/256/384/512 signature types.
+     [Nils Larsch]
+
+  *) Initial incomplete changes to avoid need for function casts in OpenSSL
+     some compilers (gcc 4.2 and later) reject their use. Safestack is
+     reimplemented.  Update ASN1 to avoid use of legacy functions. 
+     [Steve Henson]
+
+  *) Win32/64 targets are linked with Winsock2.
+     [Andy Polyakov]
+
+  *) Add an X509_CRL_METHOD structure to allow CRL processing to be redirected
+     to external functions. This can be used to increase CRL handling 
+     efficiency especially when CRLs are very large by (for example) storing
+     the CRL revoked certificates in a database.
+     [Steve Henson]
+
+  *) Overhaul of by_dir code. Add support for dynamic loading of CRLs so
+     new CRLs added to a directory can be used. New command line option
+     -verify_return_error to s_client and s_server. This causes real errors
+     to be returned by the verify callback instead of carrying on no matter
+     what. This reflects the way a "real world" verify callback would behave.
+     [Steve Henson]
+
+  *) GOST engine, supporting several GOST algorithms and public key formats.
+     Kindly donated by Cryptocom.
+     [Cryptocom]
+
+  *) Partial support for Issuing Distribution Point CRL extension. CRLs
+     partitioned by DP are handled but no indirect CRL or reason partitioning
+     (yet). Complete overhaul of CRL handling: now the most suitable CRL is
+     selected via a scoring technique which handles IDP and AKID in CRLs.
+     [Steve Henson]
+
+  *) New X509_STORE_CTX callbacks lookup_crls() and lookup_certs() which
+     will ultimately be used for all verify operations: this will remove the
+     X509_STORE dependency on certificate verification and allow alternative
+     lookup methods.  X509_STORE based implementations of these two callbacks.
+     [Steve Henson]
+
+  *) Allow multiple CRLs to exist in an X509_STORE with matching issuer names.
+     Modify get_crl() to find a valid (unexpired) CRL if possible.
+     [Steve Henson]
+
+  *) New function X509_CRL_match() to check if two CRLs are identical. Normally
+     this would be called X509_CRL_cmp() but that name is already used by
+     a function that just compares CRL issuer names. Cache several CRL 
+     extensions in X509_CRL structure and cache CRLDP in X509.
+     [Steve Henson]
+
+  *) Store a "canonical" representation of X509_NAME structure (ASN1 Name)
+     this maps equivalent X509_NAME structures into a consistent structure.
+     Name comparison can then be performed rapidly using memcmp().
+     [Steve Henson]
+
+  *) Non-blocking OCSP request processing. Add -timeout option to ocsp 
+     utility.
+     [Steve Henson]
+
+  *) Allow digests to supply their own micalg string for S/MIME type using
+     the ctrl EVP_MD_CTRL_MICALG.
+     [Steve Henson]
+
+  *) During PKCS7 signing pass the PKCS7 SignerInfo structure to the
+     EVP_PKEY_METHOD before and after signing via the EVP_PKEY_CTRL_PKCS7_SIGN
+     ctrl. It can then customise the structure before and/or after signing
+     if necessary.
+     [Steve Henson]
+
+  *) New function OBJ_add_sigid() to allow application defined signature OIDs
+     to be added to OpenSSLs internal tables. New function OBJ_sigid_free()
+     to free up any added signature OIDs.
+     [Steve Henson]
+
+  *) New functions EVP_CIPHER_do_all(), EVP_CIPHER_do_all_sorted(),
+     EVP_MD_do_all() and EVP_MD_do_all_sorted() to enumerate internal
+     digest and cipher tables. New options added to openssl utility:
+     list-message-digest-algorithms and list-cipher-algorithms.
+     [Steve Henson]
+
+  *) Change the array representation of binary polynomials: the list
+     of degrees of non-zero coefficients is now terminated with -1.
+     Previously it was terminated with 0, which was also part of the
+     value; thus, the array representation was not applicable to
+     polynomials where t^0 has coefficient zero.  This change makes
+     the array representation useful in a more general context.
+     [Douglas Stebila]
+
+  *) Various modifications and fixes to SSL/TLS cipher string
+     handling.  For ECC, the code now distinguishes between fixed ECDH
+     with RSA certificates on the one hand and with ECDSA certificates
+     on the other hand, since these are separate ciphersuites.  The
+     unused code for Fortezza ciphersuites has been removed.
+
+     For consistency with EDH, ephemeral ECDH is now called "EECDH"
+     (not "ECDHE").  For consistency with the code for DH
+     certificates, use of ECDH certificates is now considered ECDH
+     authentication, not RSA or ECDSA authentication (the latter is
+     merely the CA's signing algorithm and not actively used in the
+     protocol).
+
+     The temporary ciphersuite alias "ECCdraft" is no longer
+     available, and ECC ciphersuites are no longer excluded from "ALL"
+     and "DEFAULT".  The following aliases now exist for RFC 4492
+     ciphersuites, most of these by analogy with the DH case:
+
+         kECDHr   - ECDH cert, signed with RSA
+         kECDHe   - ECDH cert, signed with ECDSA
+         kECDH    - ECDH cert (signed with either RSA or ECDSA)
+         kEECDH   - ephemeral ECDH
+         ECDH     - ECDH cert or ephemeral ECDH
+
+         aECDH    - ECDH cert
+         aECDSA   - ECDSA cert
+         ECDSA    - ECDSA cert
+
+         AECDH    - anonymous ECDH
+         EECDH    - non-anonymous ephemeral ECDH (equivalent to "kEECDH:-AECDH")
+
+     [Bodo Moeller]
+
+  *) Add additional S/MIME capabilities for AES and GOST ciphers if supported.
+     Use correct micalg parameters depending on digest(s) in signed message.
+     [Steve Henson]
+
+  *) Add engine support for EVP_PKEY_ASN1_METHOD. Add functions to process
+     an ENGINE asn1 method. Support ENGINE lookups in the ASN1 code.
+     [Steve Henson]
+
+  *) Initial engine support for EVP_PKEY_METHOD. New functions to permit
+     an engine to register a method. Add ENGINE lookups for methods and
+     functional reference processing.
+     [Steve Henson]
+
+  *) New functions EVP_Digest{Sign,Verify)*. These are enchance versions of
+     EVP_{Sign,Verify}* which allow an application to customise the signature
+     process.
+     [Steve Henson]
+
+  *) New -resign option to smime utility. This adds one or more signers
+     to an existing PKCS#7 signedData structure. Also -md option to use an
+     alternative message digest algorithm for signing.
+     [Steve Henson]
+
+  *) Tidy up PKCS#7 routines and add new functions to make it easier to
+     create PKCS7 structures containing multiple signers. Update smime
+     application to support multiple signers.
+     [Steve Henson]
+
+  *) New -macalg option to pkcs12 utility to allow setting of an alternative
+     digest MAC.
+     [Steve Henson]
+
+  *) Initial support for PKCS#5 v2.0 PRFs other than default SHA1 HMAC.
+     Reorganize PBE internals to lookup from a static table using NIDs,
+     add support for HMAC PBE OID translation. Add a EVP_CIPHER ctrl:
+     EVP_CTRL_PBE_PRF_NID this allows a cipher to specify an alternative
+     PRF which will be automatically used with PBES2.
+     [Steve Henson]
+
+  *) Replace the algorithm specific calls to generate keys in "req" with the
+     new API.
+     [Steve Henson]
+
+  *) Update PKCS#7 enveloped data routines to use new API. This is now
+     supported by any public key method supporting the encrypt operation. A
+     ctrl is added to allow the public key algorithm to examine or modify
+     the PKCS#7 RecipientInfo structure if it needs to: for RSA this is
+     a no op.
+     [Steve Henson]
+
+  *) Add a ctrl to asn1 method to allow a public key algorithm to express
+     a default digest type to use. In most cases this will be SHA1 but some
+     algorithms (such as GOST) need to specify an alternative digest. The
+     return value indicates how strong the prefernce is 1 means optional and
+     2 is mandatory (that is it is the only supported type). Modify
+     ASN1_item_sign() to accept a NULL digest argument to indicate it should
+     use the default md. Update openssl utilities to use the default digest
+     type for signing if it is not explicitly indicated.
+     [Steve Henson]
+
+  *) Use OID cross reference table in ASN1_sign() and ASN1_verify(). New 
+     EVP_MD flag EVP_MD_FLAG_PKEY_METHOD_SIGNATURE. This uses the relevant
+     signing method from the key type. This effectively removes the link
+     between digests and public key types.
+     [Steve Henson]
+
+  *) Add an OID cross reference table and utility functions. Its purpose is to
+     translate between signature OIDs such as SHA1WithrsaEncryption and SHA1,
+     rsaEncryption. This will allow some of the algorithm specific hackery
+     needed to use the correct OID to be removed. 
+     [Steve Henson]
+
+  *) Remove algorithm specific dependencies when setting PKCS7_SIGNER_INFO
+     structures for PKCS7_sign(). They are now set up by the relevant public
+     key ASN1 method.
+     [Steve Henson]
+
+  *) Add provisional EC pkey method with support for ECDSA and ECDH.
+     [Steve Henson]
+
+  *) Add support for key derivation (agreement) in the API, DH method and
+     pkeyutl.
+     [Steve Henson]
+
+  *) Add DSA pkey method and DH pkey methods, extend DH ASN1 method to support
+     public and private key formats. As a side effect these add additional 
+     command line functionality not previously available: DSA signatures can be
+     generated and verified using pkeyutl and DH key support and generation in
+     pkey, genpkey.
+     [Steve Henson]
+
+  *) BeOS support.
+     [Oliver Tappe <zooey@hirschkaefer.de>]
+
+  *) New make target "install_html_docs" installs HTML renditions of the
+     manual pages.
+     [Oliver Tappe <zooey@hirschkaefer.de>]
+
+  *) New utility "genpkey" this is analagous to "genrsa" etc except it can
+     generate keys for any algorithm. Extend and update EVP_PKEY_METHOD to
+     support key and parameter generation and add initial key generation
+     functionality for RSA.
+     [Steve Henson]
+
+  *) Add functions for main EVP_PKEY_method operations. The undocumented
+     functions EVP_PKEY_{encrypt,decrypt} have been renamed to
+     EVP_PKEY_{encrypt,decrypt}_old. 
+     [Steve Henson]
+
+  *) Initial definitions for EVP_PKEY_METHOD. This will be a high level public
+     key API, doesn't do much yet.
+     [Steve Henson]
+
+  *) New function EVP_PKEY_asn1_get0_info() to retrieve information about
+     public key algorithms. New option to openssl utility:
+     "list-public-key-algorithms" to print out info.
+     [Steve Henson]
+
+  *) Implement the Supported Elliptic Curves Extension for
+     ECC ciphersuites from draft-ietf-tls-ecc-12.txt.
+     [Douglas Stebila]
+
+  *) Don't free up OIDs in OBJ_cleanup() if they are in use by EVP_MD or
+     EVP_CIPHER structures to avoid later problems in EVP_cleanup().
+     [Steve Henson]
+
+  *) New utilities pkey and pkeyparam. These are similar to algorithm specific
+     utilities such as rsa, dsa, dsaparam etc except they process any key
+     type.
+     [Steve Henson]
+
+  *) Transfer public key printing routines to EVP_PKEY_ASN1_METHOD. New 
+     functions EVP_PKEY_print_public(), EVP_PKEY_print_private(),
+     EVP_PKEY_print_param() to print public key data from an EVP_PKEY
+     structure.
+     [Steve Henson]
+
+  *) Initial support for pluggable public key ASN1.
+     De-spaghettify the public key ASN1 handling. Move public and private
+     key ASN1 handling to a new EVP_PKEY_ASN1_METHOD structure. Relocate
+     algorithm specific handling to a single module within the relevant
+     algorithm directory. Add functions to allow (near) opaque processing
+     of public and private key structures.
+     [Steve Henson]
+
+  *) Implement the Supported Point Formats Extension for
+     ECC ciphersuites from draft-ietf-tls-ecc-12.txt.
+     [Douglas Stebila]
+
+  *) Add initial support for RFC 4279 PSK TLS ciphersuites. Add members
+     for the psk identity [hint] and the psk callback functions to the
+     SSL_SESSION, SSL and SSL_CTX structure.
+     
+     New ciphersuites:
+         PSK-RC4-SHA, PSK-3DES-EDE-CBC-SHA, PSK-AES128-CBC-SHA,
+         PSK-AES256-CBC-SHA
+ 
+     New functions:
+         SSL_CTX_use_psk_identity_hint
+         SSL_get_psk_identity_hint
+         SSL_get_psk_identity
+         SSL_use_psk_identity_hint
+
+     [Mika Kousa and Pasi Eronen of Nokia Corporation]
+
+  *) Add RFC 3161 compliant time stamp request creation, response generation
+     and response verification functionality.
+     [Zoltán Glózik <zglozik@opentsa.org>, The OpenTSA Project]
+
+  *) Add initial support for TLS extensions, specifically for the server_name
+     extension so far.  The SSL_SESSION, SSL_CTX, and SSL data structures now
+     have new members for a host name.  The SSL data structure has an
+     additional member SSL_CTX *initial_ctx so that new sessions can be
+     stored in that context to allow for session resumption, even after the
+     SSL has been switched to a new SSL_CTX in reaction to a client's
+     server_name extension.
+
+     New functions (subject to change):
+
+         SSL_get_servername()
+         SSL_get_servername_type()
+         SSL_set_SSL_CTX()
+
+     New CTRL codes and macros (subject to change):
+
+         SSL_CTRL_SET_TLSEXT_SERVERNAME_CB
+                                 - SSL_CTX_set_tlsext_servername_callback()
+         SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG
+                                      - SSL_CTX_set_tlsext_servername_arg()
+         SSL_CTRL_SET_TLSEXT_HOSTNAME           - SSL_set_tlsext_host_name()
+
+     openssl s_client has a new '-servername ...' option.
+
+     openssl s_server has new options '-servername_host ...', '-cert2 ...',
+     '-key2 ...', '-servername_fatal' (subject to change).  This allows
+     testing the HostName extension for a specific single host name ('-cert'
+     and '-key' remain fallbacks for handshakes without HostName
+     negotiation).  If the unrecogninzed_name alert has to be sent, this by
+     default is a warning; it becomes fatal with the '-servername_fatal'
+     option.
+
+     [Peter Sylvester,  Remy Allais, Christophe Renou]
+
+  *) Whirlpool hash implementation is added.
+     [Andy Polyakov]
+
+  *) BIGNUM code on 64-bit SPARCv9 targets is switched from bn(64,64) to
+     bn(64,32). Because of instruction set limitations it doesn't have
+     any negative impact on performance. This was done mostly in order
+     to make it possible to share assembler modules, such as bn_mul_mont
+     implementations, between 32- and 64-bit builds without hassle.
+     [Andy Polyakov]
+
+  *) Move code previously exiled into file crypto/ec/ec2_smpt.c
+     to ec2_smpl.c, and no longer require the OPENSSL_EC_BIN_PT_COMP
+     macro.
+     [Bodo Moeller]
+
+  *) New candidate for BIGNUM assembler implementation, bn_mul_mont,
+     dedicated Montgomery multiplication procedure, is introduced.
+     BN_MONT_CTX is modified to allow bn_mul_mont to reach for higher
+     "64-bit" performance on certain 32-bit targets.
+     [Andy Polyakov]
+
+  *) New option SSL_OP_NO_COMP to disable use of compression selectively
+     in SSL structures. New SSL ctrl to set maximum send fragment size. 
+     Save memory by seeting the I/O buffer sizes dynamically instead of
+     using the maximum available value.
+     [Steve Henson]
+
+  *) New option -V for 'openssl ciphers'. This prints the ciphersuite code
+     in addition to the text details.
+     [Bodo Moeller]
+
+  *) Very, very preliminary EXPERIMENTAL support for printing of general
+     ASN1 structures. This currently produces rather ugly output and doesn't
+     handle several customised structures at all.
+     [Steve Henson]
+
+  *) Integrated support for PVK file format and some related formats such
+     as MS PUBLICKEYBLOB and PRIVATEKEYBLOB. Command line switches to support
+     these in the 'rsa' and 'dsa' utilities.
+     [Steve Henson]
+
+  *) Support for PKCS#1 RSAPublicKey format on rsa utility command line.
+     [Steve Henson]
+
+  *) Remove the ancient ASN1_METHOD code. This was only ever used in one
+     place for the (very old) "NETSCAPE" format certificates which are now
+     handled using new ASN1 code equivalents.
+     [Steve Henson]
+
+  *) Let the TLSv1_method() etc. functions return a 'const' SSL_METHOD
+     pointer and make the SSL_METHOD parameter in SSL_CTX_new,
+     SSL_CTX_set_ssl_version and SSL_set_ssl_method 'const'.
+     [Nils Larsch]
+
+  *) Modify CRL distribution points extension code to print out previously
+     unsupported fields. Enhance extension setting code to allow setting of
+     all fields.
+     [Steve Henson]
+
+  *) Add print and set support for Issuing Distribution Point CRL extension.
+     [Steve Henson]
+
+  *) Change 'Configure' script to enable Camellia by default.
+     [NTT]
+
+ Changes between 0.9.8l (?) and 0.9.8m (?)  [xx XXX xxxx]
+
+  *) The code that handled flusing of data in SSL/TLS originally used the
+     BIO_CTRL_INFO ctrl to see if any data was pending first. This caused
+     the problem outlined in PR#1949. The fix suggested there however can
+     trigger problems with buggy BIO_CTRL_WPENDING (e.g. some versions
+     of Apache). So instead simplify the code to flush unconditionally.
+     This should be fine since flushing with no data to flush is a no op.
+     [Steve Henson]
+
+  *) Handle TLS versions 2.0 and later properly and correctly use the
+     highest version of TLS/SSL supported. Although TLS >= 2.0 is some way
+     off ancient servers have a habit of sticking around for a while...
+     [Steve Henson]
+
+  *) Modify compression code so it frees up structures without using the
+     ex_data callbacks. This works around a problem where some applications
+     call CRYPTO_cleanup_all_ex_data() before application exit (e.g. when
+     restarting) then use compression (e.g. SSL with compression) later.
+     This results in significant per-connection memory leaks and
+     has caused some security issues including CVE-2008-1678 and
+     CVE-2009-4355.
+     [Steve Henson]
+
+  *) Add option SSL_OP_LEGACY_SERVER_CONNECT which will allow clients to
+     connect (but not renegotiate) with servers which do not support RI.
+     Until RI is more widely deployed this option is enabled by default.
+     [Steve Henson]
+
+  *) Add "missing" ssl ctrls to clear options and mode.
+     [Steve Henson]
+
+  *) If client attempts to renegotiate and doesn't support RI respond with
+     a no_renegotiation alert as required by draft-ietf-tls-renegotiation.
+     Some renegotiating TLS clients will continue a connection gracefully
+     when they receive the alert. Unfortunately OpenSSL mishandled
+     this alert and would hang waiting for a server hello which it will never
+     receive. Now we treat a received no_renegotiation alert as a fatal 
+     error. This is because applications requesting a renegotiation might well
+     expect it to succeed and would have no code in place to handle the server
+     denying it so the only safe thing to do is to terminate the connection.
+     [Steve Henson]
+
+  *) Add ctrl macro SSL_get_secure_renegotiation_support() which returns 1 if
+     peer supports secure renegotiation and 0 otherwise. Print out peer
+     renegotiation support in s_client/s_server.
+     [Steve Henson]
+
+  *) Replace the highly broken and deprecated SPKAC certification method with
+     the updated NID creation version. This should correctly handle UTF8.
+     [Steve Henson]
+
+  *) Implement draft-ietf-tls-renegotiation-03. Re-enable
+     renegotiation but require the extension as needed. Unfortunately,
+     SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION turns out to be a
+     bad idea. It has been replaced by
+     SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION which can be set with
+     SSL_CTX_set_options(). This is really not recommended unless you
+     know what you are doing.
+     [Eric Rescorla <ekr@networkresonance.com>, Ben Laurie, Steve Henson]
+
+  *) Fixes to stateless session resumption handling. Use initial_ctx when
+     issuing and attempting to decrypt tickets in case it has changed during
+     servername handling. Use a non-zero length session ID when attempting
+     stateless session resumption: this makes it possible to determine if
+     a resumption has occurred immediately after receiving server hello
+     (several places in OpenSSL subtly assume this) instead of later in
+     the handshake.
+     [Steve Henson]
+
+  *) The functions ENGINE_ctrl(), OPENSSL_isservice(),
+     CMS_get1_RecipientRequest() and RAND_bytes() can return <=0 on error
+     fixes for a few places where the return code is not checked
+     correctly.
+     [Julia Lawall <julia@diku.dk>]
+
+  *) Add --strict-warnings option to Configure script to include devteam
+     warnings in other configurations.
+     [Steve Henson]
+
+  *) Add support for --libdir option and LIBDIR variable in makefiles. This
+     makes it possible to install openssl libraries in locations which
+     have names other than "lib", for example "/usr/lib64" which some
+     systems need.
+     [Steve Henson, based on patch from Jeremy Utley]
+
+  *) Don't allow the use of leading 0x80 in OIDs. This is a violation of
+     X690 8.9.12 and can produce some misleading textual output of OIDs.
+     [Steve Henson, reported by Dan Kaminsky]
+
+  *) Delete MD2 from algorithm tables. This follows the recommendation in
+     several standards that it is not used in new applications due to
+     several cryptographic weaknesses. For binary compatibility reasons
+     the MD2 API is still compiled in by default.
+     [Steve Henson]
+
+  *) Add compression id to {d2i,i2d}_SSL_SESSION so it is correctly saved
+     and restored.
+     [Steve Henson]
+
+  *) Rename uni2asc and asc2uni functions to OPENSSL_uni2asc and
+     OPENSSL_asc2uni conditionally on Netware platforms to avoid a name
+     clash.
+     [Guenter <lists@gknw.net>]
+
+  *) Fix the server certificate chain building code to use X509_verify_cert(),
+     it used to have an ad-hoc builder which was unable to cope with anything
+     other than a simple chain.
+     [David Woodhouse <dwmw2@infradead.org>, Steve Henson]
+
+  *) Don't check self signed certificate signatures in X509_verify_cert()
+     by default (a flag can override this): it just wastes time without
+     adding any security. As a useful side effect self signed root CAs
+     with non-FIPS digests are now usable in FIPS mode.
+     [Steve Henson]
+
+  *) In dtls1_process_out_of_seq_message() the check if the current message
+     is already buffered was missing. For every new message was memory
+     allocated, allowing an attacker to perform an denial of service attack
+     with sending out of seq handshake messages until there is no memory
+     left. Additionally every future messege was buffered, even if the
+     sequence number made no sense and would be part of another handshake.
+     So only messages with sequence numbers less than 10 in advance will be
+     buffered.  (CVE-2009-1378)
+     [Robin Seggelmann, discovered by Daniel Mentz] 	
+
+  *) Records are buffered if they arrive with a future epoch to be
+     processed after finishing the corresponding handshake. There is
+     currently no limitation to this buffer allowing an attacker to perform
+     a DOS attack with sending records with future epochs until there is no
+     memory left. This patch adds the pqueue_size() function to detemine
+     the size of a buffer and limits the record buffer to 100 entries.
+     (CVE-2009-1377)
+     [Robin Seggelmann, discovered by Daniel Mentz] 	
+
+  *) Keep a copy of frag->msg_header.frag_len so it can be used after the
+     parent structure is freed.  (CVE-2009-1379)
+     [Daniel Mentz] 	
+
+  *) Handle non-blocking I/O properly in SSL_shutdown() call.
+     [Darryl Miles <darryl-mailinglists@netbauds.net>]
+
+  *) Add 2.5.4.* OIDs
+     [Ilya O. <vrghost@gmail.com>]
+
+ Changes between 0.9.8k and 0.9.8l  [5 Nov 2009]
+
+  *) Disable renegotiation completely - this fixes a severe security
+     problem (CVE-2009-3555) at the cost of breaking all
+     renegotiation. Renegotiation can be re-enabled by setting
+     SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION in s3->flags at
+     run-time. This is really not recommended unless you know what
+     you're doing.
+     [Ben Laurie]
+
+ Changes between 0.9.8j and 0.9.8k  [25 Mar 2009]
+
+  *) Don't set val to NULL when freeing up structures, it is freed up by
+     underlying code. If sizeof(void *) > sizeof(long) this can result in
+     zeroing past the valid field. (CVE-2009-0789)
+     [Paolo Ganci <Paolo.Ganci@AdNovum.CH>]
+
+  *) Fix bug where return value of CMS_SignerInfo_verify_content() was not
+     checked correctly. This would allow some invalid signed attributes to
+     appear to verify correctly. (CVE-2009-0591)
+     [Ivan Nestlerode <inestlerode@us.ibm.com>]
+
+  *) Reject UniversalString and BMPString types with invalid lengths. This
+     prevents a crash in ASN1_STRING_print_ex() which assumes the strings have
+     a legal length. (CVE-2009-0590)
+     [Steve Henson]
+
+  *) Set S/MIME signing as the default purpose rather than setting it 
+     unconditionally. This allows applications to override it at the store
+     level.
+     [Steve Henson]
+
+  *) Permit restricted recursion of ASN1 strings. This is needed in practice
+     to handle some structures.
+     [Steve Henson]
+
+  *) Improve efficiency of mem_gets: don't search whole buffer each time
+     for a '\n'
+     [Jeremy Shapiro <jnshapir@us.ibm.com>]
+
+  *) New -hex option for openssl rand.
+     [Matthieu Herrb]
+
+  *) Print out UTF8String and NumericString when parsing ASN1.
+     [Steve Henson]
+
+  *) Support NumericString type for name components.
+     [Steve Henson]
+
+  *) Allow CC in the environment to override the automatically chosen
+     compiler. Note that nothing is done to ensure flags work with the
+     chosen compiler.
+     [Ben Laurie]
+
+ Changes between 0.9.8i and 0.9.8j  [07 Jan 2009]
+
+  *) Properly check EVP_VerifyFinal() and similar return values
+     (CVE-2008-5077).
+     [Ben Laurie, Bodo Moeller, Google Security Team]
+
+  *) Enable TLS extensions by default.
+     [Ben Laurie]
+
+  *) Allow the CHIL engine to be loaded, whether the application is
+     multithreaded or not. (This does not release the developer from the
+     obligation to set up the dynamic locking callbacks.)
+     [Sander Temme <sander@temme.net>]
+
+  *) Use correct exit code if there is an error in dgst command.
+     [Steve Henson; problem pointed out by Roland Dirlewanger]
+
+  *) Tweak Configure so that you need to say "experimental-jpake" to enable
+     JPAKE, and need to use -DOPENSSL_EXPERIMENTAL_JPAKE in applications.
+     [Bodo Moeller]
+
+  *) Add experimental JPAKE support, including demo authentication in
+     s_client and s_server.
+     [Ben Laurie]
+
+  *) Set the comparison function in v3_addr_canonize().
+     [Rob Austein <sra@hactrn.net>]
+
+  *) Add support for XMPP STARTTLS in s_client.
+     [Philip Paeps <philip@freebsd.org>]
+
+  *) Change the server-side SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG behavior
+     to ensure that even with this option, only ciphersuites in the
+     server's preference list will be accepted.  (Note that the option
+     applies only when resuming a session, so the earlier behavior was
+     just about the algorithm choice for symmetric cryptography.)
+     [Bodo Moeller]
+
+ Changes between 0.9.8h and 0.9.8i  [15 Sep 2008]
+
+  *) Fix NULL pointer dereference if a DTLS server received
+     ChangeCipherSpec as first record (CVE-2009-1386).
+     [PR #1679]
+
+  *) Fix a state transitition in s3_srvr.c and d1_srvr.c
+     (was using SSL3_ST_CW_CLNT_HELLO_B, should be ..._ST_SW_SRVR_...).
+     [Nagendra Modadugu]
+
+  *) The fix in 0.9.8c that supposedly got rid of unsafe
+     double-checked locking was incomplete for RSA blinding,
+     addressing just one layer of what turns out to have been
+     doubly unsafe triple-checked locking.
+
+     So now fix this for real by retiring the MONT_HELPER macro
+     in crypto/rsa/rsa_eay.c.
+
+     [Bodo Moeller; problem pointed out by Marius Schilder]
+
+  *) Various precautionary measures:
+
+     - Avoid size_t integer overflow in HASH_UPDATE (md32_common.h).
+
+     - Avoid a buffer overflow in d2i_SSL_SESSION() (ssl_asn1.c).
+       (NB: This would require knowledge of the secret session ticket key
+       to exploit, in which case you'd be SOL either way.)
+
+     - Change bn_nist.c so that it will properly handle input BIGNUMs
+       outside the expected range.
+
+     - Enforce the 'num' check in BN_div() (bn_div.c) for non-BN_DEBUG
+       builds.
+
+     [Neel Mehta, Bodo Moeller]
+
+  *) Allow engines to be "soft loaded" - i.e. optionally don't die if
+     the load fails. Useful for distros.
+     [Ben Laurie and the FreeBSD team]
+
+  *) Add support for Local Machine Keyset attribute in PKCS#12 files.
+     [Steve Henson]
+
+  *) Fix BN_GF2m_mod_arr() top-bit cleanup code.
+     [Huang Ying]
+
+  *) Expand ENGINE to support engine supplied SSL client certificate functions.
+
+     This work was sponsored by Logica.
+     [Steve Henson]
+
+  *) Add CryptoAPI ENGINE to support use of RSA and DSA keys held in Windows
+     keystores. Support for SSL/TLS client authentication too.
+     Not compiled unless enable-capieng specified to Configure.
+
+     This work was sponsored by Logica.
+     [Steve Henson]
+
+  *) Fix bug in X509_ATTRIBUTE creation: dont set attribute using
+     ASN1_TYPE_set1 if MBSTRING flag set. This bug would crash certain
+     attribute creation routines such as certifcate requests and PKCS#12
+     files.
+     [Steve Henson]
+
+ Changes between 0.9.8g and 0.9.8h  [28 May 2008]
+
+  *) Fix flaw if 'Server Key exchange message' is omitted from a TLS
+     handshake which could lead to a cilent crash as found using the
+     Codenomicon TLS test suite (CVE-2008-1672) 
+     [Steve Henson, Mark Cox]
+
+  *) Fix double free in TLS server name extensions which could lead to
+     a remote crash found by Codenomicon TLS test suite (CVE-2008-0891) 
+     [Joe Orton]
+
+  *) Clear error queue in SSL_CTX_use_certificate_chain_file()
+
+     Clear the error queue to ensure that error entries left from
+     older function calls do not interfere with the correct operation.
+     [Lutz Jaenicke, Erik de Castro Lopo]
+
+  *) Remove root CA certificates of commercial CAs:
+
+     The OpenSSL project does not recommend any specific CA and does not
+     have any policy with respect to including or excluding any CA.
+     Therefore it does not make any sense to ship an arbitrary selection
+     of root CA certificates with the OpenSSL software.
+     [Lutz Jaenicke]
+
+  *) RSA OAEP patches to fix two separate invalid memory reads.
+     The first one involves inputs when 'lzero' is greater than
+     'SHA_DIGEST_LENGTH' (it would read about SHA_DIGEST_LENGTH bytes
+     before the beginning of from). The second one involves inputs where
+     the 'db' section contains nothing but zeroes (there is a one-byte
+     invalid read after the end of 'db').
+     [Ivan Nestlerode <inestlerode@us.ibm.com>]
+
+  *) Partial backport from 0.9.9-dev:
+
+     Introduce bn_mul_mont (dedicated Montgomery multiplication
+     procedure) as a candidate for BIGNUM assembler implementation.
+     While 0.9.9-dev uses assembler for various architectures, only
+     x86_64 is available by default here in the 0.9.8 branch, and
+     32-bit x86 is available through a compile-time setting.
+
+     To try the 32-bit x86 assembler implementation, use Configure
+     option "enable-montasm" (which exists only for this backport).
+
+     As "enable-montasm" for 32-bit x86 disclaims code stability
+     anyway, in this constellation we activate additional code
+     backported from 0.9.9-dev for further performance improvements,
+     namely BN_from_montgomery_word.  (To enable this otherwise,
+     e.g. x86_64, try "-DMONT_FROM_WORD___NON_DEFAULT_0_9_8_BUILD".)
+
+     [Andy Polyakov (backport partially by Bodo Moeller)]
+
+  *) Add TLS session ticket callback. This allows an application to set
+     TLS ticket cipher and HMAC keys rather than relying on hardcoded fixed
+     values. This is useful for key rollover for example where several key
+     sets may exist with different names.
+     [Steve Henson]
+
+  *) Reverse ENGINE-internal logic for caching default ENGINE handles.
+     This was broken until now in 0.9.8 releases, such that the only way
+     a registered ENGINE could be used (assuming it initialises
+     successfully on the host) was to explicitly set it as the default
+     for the relevant algorithms. This is in contradiction with 0.9.7
+     behaviour and the documentation. With this fix, when an ENGINE is
+     registered into a given algorithm's table of implementations, the
+     'uptodate' flag is reset so that auto-discovery will be used next
+     time a new context for that algorithm attempts to select an
+     implementation.
+     [Ian Lister (tweaked by Geoff Thorpe)]
+
+  *) Backport of CMS code to OpenSSL 0.9.8. This differs from the 0.9.9
+     implemention in the following ways:
+
+     Lack of EVP_PKEY_ASN1_METHOD means algorithm parameters have to be
+     hard coded.
+
+     Lack of BER streaming support means one pass streaming processing is
+     only supported if data is detached: setting the streaming flag is
+     ignored for embedded content.
+
+     CMS support is disabled by default and must be explicitly enabled
+     with the enable-cms configuration option.
+     [Steve Henson]
+
+  *) Update the GMP engine glue to do direct copies between BIGNUM and
+     mpz_t when openssl and GMP use the same limb size. Otherwise the
+     existing "conversion via a text string export" trick is still used.
+     [Paul Sheer <paulsheer@gmail.com>]
+
+  *) Zlib compression BIO. This is a filter BIO which compressed and
+     uncompresses any data passed through it.
+     [Steve Henson]
+
+  *) Add AES_wrap_key() and AES_unwrap_key() functions to implement
+     RFC3394 compatible AES key wrapping.
+     [Steve Henson]
+
+  *) Add utility functions to handle ASN1 structures. ASN1_STRING_set0():
+     sets string data without copying. X509_ALGOR_set0() and
+     X509_ALGOR_get0(): set and retrieve X509_ALGOR (AlgorithmIdentifier)
+     data. Attribute function X509at_get0_data_by_OBJ(): retrieves data
+     from an X509_ATTRIBUTE structure optionally checking it occurs only
+     once. ASN1_TYPE_set1(): set and ASN1_TYPE structure copying supplied
+     data.
+     [Steve Henson]
+
+  *) Fix BN flag handling in RSA_eay_mod_exp() and BN_MONT_CTX_set()
+     to get the expected BN_FLG_CONSTTIME behavior.
+     [Bodo Moeller (Google)]
+  
+  *) Netware support:
+
+     - fixed wrong usage of ioctlsocket() when build for LIBC BSD sockets
+     - fixed do_tests.pl to run the test suite with CLIB builds too (CLIB_OPT)
+     - added some more tests to do_tests.pl
+     - fixed RunningProcess usage so that it works with newer LIBC NDKs too
+     - removed usage of BN_LLONG for CLIB builds to avoid runtime dependency
+     - added new Configure targets netware-clib-bsdsock, netware-clib-gcc,
+       netware-clib-bsdsock-gcc, netware-libc-bsdsock-gcc
+     - various changes to netware.pl to enable gcc-cross builds on Win32
+       platform
+     - changed crypto/bio/b_sock.c to work with macro functions (CLIB BSD)
+     - various changes to fix missing prototype warnings
+     - fixed x86nasm.pl to create correct asm files for NASM COFF output
+     - added AES, WHIRLPOOL and CPUID assembler code to build files
+     - added missing AES assembler make rules to mk1mf.pl
+     - fixed order of includes in apps/ocsp.c so that e_os.h settings apply
+     [Guenter Knauf <eflash@gmx.net>]
+
+  *) Implement certificate status request TLS extension defined in RFC3546.
+     A client can set the appropriate parameters and receive the encoded
+     OCSP response via a callback. A server can query the supplied parameters
+     and set the encoded OCSP response in the callback. Add simplified examples
+     to s_client and s_server.
+     [Steve Henson]
+
+ Changes between 0.9.8f and 0.9.8g  [19 Oct 2007]
+
+  *) Fix various bugs:
+     + Binary incompatibility of ssl_ctx_st structure
+     + DTLS interoperation with non-compliant servers
+     + Don't call get_session_cb() without proposed session
+     + Fix ia64 assembler code
+     [Andy Polyakov, Steve Henson]
+
+ Changes between 0.9.8e and 0.9.8f  [11 Oct 2007]
+
+  *) DTLS Handshake overhaul. There were longstanding issues with
+     OpenSSL DTLS implementation, which were making it impossible for
+     RFC 4347 compliant client to communicate with OpenSSL server.
+     Unfortunately just fixing these incompatibilities would "cut off"
+     pre-0.9.8f clients. To allow for hassle free upgrade post-0.9.8e
+     server keeps tolerating non RFC compliant syntax. The opposite is
+     not true, 0.9.8f client can not communicate with earlier server.
+     This update even addresses CVE-2007-4995.
+     [Andy Polyakov]
+
+  *) Changes to avoid need for function casts in OpenSSL: some compilers
+     (gcc 4.2 and later) reject their use.
+     [Kurt Roeckx <kurt@roeckx.be>, Peter Hartley <pdh@utter.chaos.org.uk>,
+      Steve Henson]
+  
+  *) Add RFC4507 support to OpenSSL. This includes the corrections in
+     RFC4507bis. The encrypted ticket format is an encrypted encoded
+     SSL_SESSION structure, that way new session features are automatically
+     supported.
+
+     If a client application caches session in an SSL_SESSION structure
+     support is transparent because tickets are now stored in the encoded
+     SSL_SESSION.
+     
+     The SSL_CTX structure automatically generates keys for ticket
+     protection in servers so again support should be possible
+     with no application modification.
+
+     If a client or server wishes to disable RFC4507 support then the option
+     SSL_OP_NO_TICKET can be set.
+
+     Add a TLS extension debugging callback to allow the contents of any client
+     or server extensions to be examined.
+
+     This work was sponsored by Google.
+     [Steve Henson]
+
+  *) Add initial support for TLS extensions, specifically for the server_name
+     extension so far.  The SSL_SESSION, SSL_CTX, and SSL data structures now
+     have new members for a host name.  The SSL data structure has an
+     additional member SSL_CTX *initial_ctx so that new sessions can be
+     stored in that context to allow for session resumption, even after the
+     SSL has been switched to a new SSL_CTX in reaction to a client's
+     server_name extension.
+
+     New functions (subject to change):
+
+         SSL_get_servername()
+         SSL_get_servername_type()
+         SSL_set_SSL_CTX()
+
+     New CTRL codes and macros (subject to change):
+
+         SSL_CTRL_SET_TLSEXT_SERVERNAME_CB
+                                 - SSL_CTX_set_tlsext_servername_callback()
+         SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG
+                                      - SSL_CTX_set_tlsext_servername_arg()
+         SSL_CTRL_SET_TLSEXT_HOSTNAME           - SSL_set_tlsext_host_name()
+
+     openssl s_client has a new '-servername ...' option.
+
+     openssl s_server has new options '-servername_host ...', '-cert2 ...',
+     '-key2 ...', '-servername_fatal' (subject to change).  This allows
+     testing the HostName extension for a specific single host name ('-cert'
+     and '-key' remain fallbacks for handshakes without HostName
+     negotiation).  If the unrecogninzed_name alert has to be sent, this by
+     default is a warning; it becomes fatal with the '-servername_fatal'
+     option.
+
+     [Peter Sylvester,  Remy Allais, Christophe Renou, Steve Henson]
+
+  *) Add AES and SSE2 assembly language support to VC++ build.
+     [Steve Henson]
+
+  *) Mitigate attack on final subtraction in Montgomery reduction.
+     [Andy Polyakov]
+
+  *) Fix crypto/ec/ec_mult.c to work properly with scalars of value 0
+     (which previously caused an internal error).
+     [Bodo Moeller]
+
+  *) Squeeze another 10% out of IGE mode when in != out.
+     [Ben Laurie]
+
+  *) AES IGE mode speedup.
+     [Dean Gaudet (Google)]
+
+  *) Add the Korean symmetric 128-bit cipher SEED (see
+     http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp) and
+     add SEED ciphersuites from RFC 4162:
+
+        TLS_RSA_WITH_SEED_CBC_SHA      =  "SEED-SHA"
+        TLS_DHE_DSS_WITH_SEED_CBC_SHA  =  "DHE-DSS-SEED-SHA"
+        TLS_DHE_RSA_WITH_SEED_CBC_SHA  =  "DHE-RSA-SEED-SHA"
+        TLS_DH_anon_WITH_SEED_CBC_SHA  =  "ADH-SEED-SHA"
+
+     To minimize changes between patchlevels in the OpenSSL 0.9.8
+     series, SEED remains excluded from compilation unless OpenSSL
+     is configured with 'enable-seed'.
+     [KISA, Bodo Moeller]
+
+  *) Mitigate branch prediction attacks, which can be practical if a
+     single processor is shared, allowing a spy process to extract
+     information.  For detailed background information, see
+     http://eprint.iacr.org/2007/039 (O. Aciicmez, S. Gueron,
+     J.-P. Seifert, "New Branch Prediction Vulnerabilities in OpenSSL
+     and Necessary Software Countermeasures").  The core of the change
+     are new versions BN_div_no_branch() and
+     BN_mod_inverse_no_branch() of BN_div() and BN_mod_inverse(),
+     respectively, which are slower, but avoid the security-relevant
+     conditional branches.  These are automatically called by BN_div()
+     and BN_mod_inverse() if the flag BN_FLG_CONSTTIME is set for one
+     of the input BIGNUMs.  Also, BN_is_bit_set() has been changed to
+     remove a conditional branch.
+
+     BN_FLG_CONSTTIME is the new name for the previous
+     BN_FLG_EXP_CONSTTIME flag, since it now affects more than just
+     modular exponentiation.  (Since OpenSSL 0.9.7h, setting this flag
+     in the exponent causes BN_mod_exp_mont() to use the alternative
+     implementation in BN_mod_exp_mont_consttime().)  The old name
+     remains as a deprecated alias.
+
+     Similary, RSA_FLAG_NO_EXP_CONSTTIME is replaced by a more general
+     RSA_FLAG_NO_CONSTTIME flag since the RSA implementation now uses
+     constant-time implementations for more than just exponentiation.
+     Here too the old name is kept as a deprecated alias.
+
+     BN_BLINDING_new() will now use BN_dup() for the modulus so that
+     the BN_BLINDING structure gets an independent copy of the
+     modulus.  This means that the previous "BIGNUM *m" argument to
+     BN_BLINDING_new() and to BN_BLINDING_create_param() now
+     essentially becomes "const BIGNUM *m", although we can't actually
+     change this in the header file before 0.9.9.  It allows
+     RSA_setup_blinding() to use BN_with_flags() on the modulus to
+     enable BN_FLG_CONSTTIME.
+
+     [Matthew D Wood (Intel Corp)]
+
+  *) In the SSL/TLS server implementation, be strict about session ID
+     context matching (which matters if an application uses a single
+     external cache for different purposes).  Previously,
+     out-of-context reuse was forbidden only if SSL_VERIFY_PEER was
+     set.  This did ensure strict client verification, but meant that,
+     with applications using a single external cache for quite
+     different requirements, clients could circumvent ciphersuite
+     restrictions for a given session ID context by starting a session
+     in a different context.
+     [Bodo Moeller]
+
+  *) Include "!eNULL" in SSL_DEFAULT_CIPHER_LIST to make sure that
+     a ciphersuite string such as "DEFAULT:RSA" cannot enable
+     authentication-only ciphersuites.
+     [Bodo Moeller]
+
+  *) Update the SSL_get_shared_ciphers() fix CVE-2006-3738 which was
+     not complete and could lead to a possible single byte overflow
+     (CVE-2007-5135) [Ben Laurie]
+
+ Changes between 0.9.8d and 0.9.8e  [23 Feb 2007]
+
+  *) Since AES128 and AES256 (and similarly Camellia128 and
+     Camellia256) share a single mask bit in the logic of
+     ssl/ssl_ciph.c, the code for masking out disabled ciphers needs a
+     kludge to work properly if AES128 is available and AES256 isn't
+     (or if Camellia128 is available and Camellia256 isn't).
+     [Victor Duchovni]
+
+  *) Fix the BIT STRING encoding generated by crypto/ec/ec_asn1.c
+     (within i2d_ECPrivateKey, i2d_ECPKParameters, i2d_ECParameters):
+     When a point or a seed is encoded in a BIT STRING, we need to
+     prevent the removal of trailing zero bits to get the proper DER
+     encoding.  (By default, crypto/asn1/a_bitstr.c assumes the case
+     of a NamedBitList, for which trailing 0 bits need to be removed.)
+     [Bodo Moeller]
+
+  *) Have SSL/TLS server implementation tolerate "mismatched" record
+     protocol version while receiving ClientHello even if the
+     ClientHello is fragmented.  (The server can't insist on the
+     particular protocol version it has chosen before the ServerHello
+     message has informed the client about his choice.)
+     [Bodo Moeller]
+
+  *) Add RFC 3779 support.
+     [Rob Austein for ARIN, Ben Laurie]
+
+  *) Load error codes if they are not already present instead of using a
+     static variable. This allows them to be cleanly unloaded and reloaded.
+     Improve header file function name parsing.
+     [Steve Henson]
+
+  *) extend SMTP and IMAP protocol emulation in s_client to use EHLO
+     or CAPABILITY handshake as required by RFCs.
+     [Goetz Babin-Ebell]
+
+ Changes between 0.9.8c and 0.9.8d  [28 Sep 2006]
+
+  *) Introduce limits to prevent malicious keys being able to
+     cause a denial of service.  (CVE-2006-2940)
+     [Steve Henson, Bodo Moeller]
+
+  *) Fix ASN.1 parsing of certain invalid structures that can result
+     in a denial of service.  (CVE-2006-2937)  [Steve Henson]
+
+  *) Fix buffer overflow in SSL_get_shared_ciphers() function. 
+     (CVE-2006-3738) [Tavis Ormandy and Will Drewry, Google Security Team]
+
+  *) Fix SSL client code which could crash if connecting to a
+     malicious SSLv2 server.  (CVE-2006-4343)
+     [Tavis Ormandy and Will Drewry, Google Security Team]
+
+  *) Since 0.9.8b, ciphersuite strings naming explicit ciphersuites
+     match only those.  Before that, "AES256-SHA" would be interpreted
+     as a pattern and match "AES128-SHA" too (since AES128-SHA got
+     the same strength classification in 0.9.7h) as we currently only
+     have a single AES bit in the ciphersuite description bitmap.
+     That change, however, also applied to ciphersuite strings such as
+     "RC4-MD5" that intentionally matched multiple ciphersuites --
+     namely, SSL 2.0 ciphersuites in addition to the more common ones
+     from SSL 3.0/TLS 1.0.
+
+     So we change the selection algorithm again: Naming an explicit
+     ciphersuite selects this one ciphersuite, and any other similar
+     ciphersuite (same bitmap) from *other* protocol versions.
+     Thus, "RC4-MD5" again will properly select both the SSL 2.0
+     ciphersuite and the SSL 3.0/TLS 1.0 ciphersuite.
+
+     Since SSL 2.0 does not have any ciphersuites for which the
+     128/256 bit distinction would be relevant, this works for now.
+     The proper fix will be to use different bits for AES128 and
+     AES256, which would have avoided the problems from the beginning;
+     however, bits are scarce, so we can only do this in a new release
+     (not just a patchlevel) when we can change the SSL_CIPHER
+     definition to split the single 'unsigned long mask' bitmap into
+     multiple values to extend the available space.
+
+     [Bodo Moeller]
+
+ Changes between 0.9.8b and 0.9.8c  [05 Sep 2006]
+
+  *) Avoid PKCS #1 v1.5 signature attack discovered by Daniel Bleichenbacher
+     (CVE-2006-4339)  [Ben Laurie and Google Security Team]
+
+  *) Add AES IGE and biIGE modes.
+     [Ben Laurie]
+
+  *) Change the Unix randomness entropy gathering to use poll() when
+     possible instead of select(), since the latter has some
+     undesirable limitations.
+     [Darryl Miles via Richard Levitte and Bodo Moeller]
+
+  *) Disable "ECCdraft" ciphersuites more thoroughly.  Now special
+     treatment in ssl/ssl_ciph.s makes sure that these ciphersuites
+     cannot be implicitly activated as part of, e.g., the "AES" alias.
+     However, please upgrade to OpenSSL 0.9.9[-dev] for
+     non-experimental use of the ECC ciphersuites to get TLS extension
+     support, which is required for curve and point format negotiation
+     to avoid potential handshake problems.
+     [Bodo Moeller]
+
+  *) Disable rogue ciphersuites:
+
+      - SSLv2 0x08 0x00 0x80 ("RC4-64-MD5")
+      - SSLv3/TLSv1 0x00 0x61 ("EXP1024-RC2-CBC-MD5")
+      - SSLv3/TLSv1 0x00 0x60 ("EXP1024-RC4-MD5")
+
+     The latter two were purportedly from
+     draft-ietf-tls-56-bit-ciphersuites-0[01].txt, but do not really
+     appear there.
+
+     Also deactivate the remaining ciphersuites from
+     draft-ietf-tls-56-bit-ciphersuites-01.txt.  These are just as
+     unofficial, and the ID has long expired.
+     [Bodo Moeller]
+
+  *) Fix RSA blinding Heisenbug (problems sometimes occured on
+     dual-core machines) and other potential thread-safety issues.
+     [Bodo Moeller]
+
+  *) Add the symmetric cipher Camellia (128-bit, 192-bit, 256-bit key
+     versions), which is now available for royalty-free use
+     (see http://info.isl.ntt.co.jp/crypt/eng/info/chiteki.html).
+     Also, add Camellia TLS ciphersuites from RFC 4132.
+
+     To minimize changes between patchlevels in the OpenSSL 0.9.8
+     series, Camellia remains excluded from compilation unless OpenSSL
+     is configured with 'enable-camellia'.
+     [NTT]
+
+  *) Disable the padding bug check when compression is in use. The padding
+     bug check assumes the first packet is of even length, this is not
+     necessarily true if compresssion is enabled and can result in false
+     positives causing handshake failure. The actual bug test is ancient
+     code so it is hoped that implementations will either have fixed it by
+     now or any which still have the bug do not support compression.
+     [Steve Henson]
+
+ Changes between 0.9.8a and 0.9.8b  [04 May 2006]
+
+  *) When applying a cipher rule check to see if string match is an explicit
+     cipher suite and only match that one cipher suite if it is.
+     [Steve Henson]
+
+  *) Link in manifests for VC++ if needed.
+     [Austin Ziegler <halostatue@gmail.com>]
+
+  *) Update support for ECC-based TLS ciphersuites according to
+     draft-ietf-tls-ecc-12.txt with proposed changes (but without
+     TLS extensions, which are supported starting with the 0.9.9
+     branch, not in the OpenSSL 0.9.8 branch).
+     [Douglas Stebila]
+
+  *) New functions EVP_CIPHER_CTX_new() and EVP_CIPHER_CTX_free() to support
+     opaque EVP_CIPHER_CTX handling.
+     [Steve Henson]
+
+  *) Fixes and enhancements to zlib compression code. We now only use
+     "zlib1.dll" and use the default __cdecl calling convention on Win32
+     to conform with the standards mentioned here:
+           http://www.zlib.net/DLL_FAQ.txt
+     Static zlib linking now works on Windows and the new --with-zlib-include
+     --with-zlib-lib options to Configure can be used to supply the location
+     of the headers and library. Gracefully handle case where zlib library
+     can't be loaded.
+     [Steve Henson]
+
+  *) Several fixes and enhancements to the OID generation code. The old code
+     sometimes allowed invalid OIDs (1.X for X >= 40 for example), couldn't
+     handle numbers larger than ULONG_MAX, truncated printing and had a
+     non standard OBJ_obj2txt() behaviour.
+     [Steve Henson]
+
+  *) Add support for building of engines under engine/ as shared libraries
+     under VC++ build system.
+     [Steve Henson]
+
+  *) Corrected the numerous bugs in the Win32 path splitter in DSO.
+     Hopefully, we will not see any false combination of paths any more.
+     [Richard Levitte]
+
+ Changes between 0.9.8 and 0.9.8a  [11 Oct 2005]
+
+  *) Remove the functionality of SSL_OP_MSIE_SSLV2_RSA_PADDING
+     (part of SSL_OP_ALL).  This option used to disable the
+     countermeasure against man-in-the-middle protocol-version
+     rollback in the SSL 2.0 server implementation, which is a bad
+     idea.  (CVE-2005-2969)
+
+     [Bodo Moeller; problem pointed out by Yutaka Oiwa (Research Center
+     for Information Security, National Institute of Advanced Industrial
+     Science and Technology [AIST], Japan)]
+
+  *) Add two function to clear and return the verify parameter flags.
+     [Steve Henson]
+
+  *) Keep cipherlists sorted in the source instead of sorting them at
+     runtime, thus removing the need for a lock.
+     [Nils Larsch]
+
+  *) Avoid some small subgroup attacks in Diffie-Hellman.
+     [Nick Mathewson and Ben Laurie]
+
+  *) Add functions for well-known primes.
+     [Nick Mathewson]
+
+  *) Extended Windows CE support.
+     [Satoshi Nakamura and Andy Polyakov]
+
+  *) Initialize SSL_METHOD structures at compile time instead of during
+     runtime, thus removing the need for a lock.
+     [Steve Henson]
+
+  *) Make PKCS7_decrypt() work even if no certificate is supplied by
+     attempting to decrypt each encrypted key in turn. Add support to
+     smime utility.
+     [Steve Henson]
+
+ Changes between 0.9.7h and 0.9.8  [05 Jul 2005]
+
+  [NB: OpenSSL 0.9.7i and later 0.9.7 patch levels were released after
+  OpenSSL 0.9.8.]
+
+  *) Add libcrypto.pc and libssl.pc for those who feel they need them.
+     [Richard Levitte]
+
+  *) Change CA.sh and CA.pl so they don't bundle the CSR and the private
+     key into the same file any more.
+     [Richard Levitte]
+
+  *) Add initial support for Win64, both IA64 and AMD64/x64 flavors.
+     [Andy Polyakov]
+
+  *) Add -utf8 command line and config file option to 'ca'.
+     [Stefan <stf@udoma.org]
+
+  *) Removed the macro des_crypt(), as it seems to conflict with some
+     libraries.  Use DES_crypt().
+     [Richard Levitte]
+
+  *) Correct naming of the 'chil' and '4758cca' ENGINEs. This
+     involves renaming the source and generated shared-libs for
+     both. The engines will accept the corrected or legacy ids
+     ('ncipher' and '4758_cca' respectively) when binding. NB,
+     this only applies when building 'shared'.
+     [Corinna Vinschen <vinschen@redhat.com> and Geoff Thorpe]
+
+  *) Add attribute functions to EVP_PKEY structure. Modify
+     PKCS12_create() to recognize a CSP name attribute and
+     use it. Make -CSP option work again in pkcs12 utility.
+     [Steve Henson]
+
+  *) Add new functionality to the bn blinding code:
+     - automatic re-creation of the BN_BLINDING parameters after
+       a fixed number of uses (currently 32)
+     - add new function for parameter creation
+     - introduce flags to control the update behaviour of the
+       BN_BLINDING parameters
+     - hide BN_BLINDING structure
+     Add a second BN_BLINDING slot to the RSA structure to improve
+     performance when a single RSA object is shared among several
+     threads.
+     [Nils Larsch]
+
+  *) Add support for DTLS.
+     [Nagendra Modadugu <nagendra@cs.stanford.edu> and Ben Laurie]
+
+  *) Add support for DER encoded private keys (SSL_FILETYPE_ASN1)
+     to SSL_CTX_use_PrivateKey_file() and SSL_use_PrivateKey_file()
+     [Walter Goulet]
+
+  *) Remove buggy and incompletet DH cert support from
+     ssl/ssl_rsa.c and ssl/s3_both.c
+     [Nils Larsch]
+
+  *) Use SHA-1 instead of MD5 as the default digest algorithm for
+     the apps/openssl applications.
+     [Nils Larsch]
+
+  *) Compile clean with "-Wall -Wmissing-prototypes
+     -Wstrict-prototypes -Wmissing-declarations -Werror". Currently
+     DEBUG_SAFESTACK must also be set.
+     [Ben Laurie]
 
   *) Change ./Configure so that certain algorithms can be disabled by default.
-     The new counterpiece to "no-xxx" is "enable-xxx", and RC5 will now be
-     disabled unless "enable-rc5" is specified.
+     The new counterpiece to "no-xxx" is "enable-xxx".
+
+     The patented RC5 and MDC2 algorithms will now be disabled unless
+     "enable-rc5" and "enable-mdc2", respectively, are specified.
+
+     (IDEA remains enabled despite being patented.  This is because IDEA
+     is frequently required for interoperability, and there is no license
+     fee for non-commercial use.  As before, "no-idea" can be used to
+     avoid this algorithm.)
+
      [Bodo Moeller]
 
   *) Add processing of proxy certificates (see RFC 3820).  This work was
@@ -437,14 +2213,13 @@
      Makefile.shared, for Cygwin's sake.
      [Richard Levitte]
 
-  *) Extend the BIGNUM API by creating new macros that behave like
-     functions
-
-          void BN_set_sign(BIGNUM *a, int neg);
-          int BN_get_sign(const BIGNUM *a);
+  *) Extend the BIGNUM API by creating a function 
+          void BN_set_negative(BIGNUM *a, int neg);
+     and a macro that behave like
+          int  BN_is_negative(const BIGNUM *a);
 
-     and avoid the need to access 'a->neg' directly in applications.
-     [Nils Larsch  <nla@trustcenter.de>]
+     to avoid the need to access 'a->neg' directly in applications.
+     [Nils Larsch]
 
   *) Implement fast modular reduction for pseudo-Mersenne primes
      used in NIST curves (crypto/bn/bn_nist.c, crypto/ec/ecp_nist.c).
@@ -735,14 +2510,14 @@
   *) Include some named elliptic curves, and add OIDs from X9.62,
      SECG, and WAP/WTLS.  Each curve can be obtained from the new
      function
-          EC_GROUP_new_by_nid(),
+          EC_GROUP_new_by_curve_name(),
      and the list of available named curves can be obtained with
           EC_get_builtin_curves().
      Also add a 'curve_name' member to EC_GROUP objects, which can be
      accessed via
-         EC_GROUP_set_nid()
-         EC_GROUP_get_nid()
-     [Nils Larsch <nla@trustcenter.de, Bodo Moeller]
+         EC_GROUP_set_curve_name()
+         EC_GROUP_get_curve_name()
+     [Nils Larsch <larsch@trustcenter.de, Bodo Moeller]
  
   *) Remove a few calls to bn_wexpand() in BN_sqr() (the one in there
      was actually never needed) and in BN_mul().  The removal in BN_mul()
@@ -753,7 +2528,232 @@
      differing sizes.
      [Richard Levitte]
 
- Changes between 0.9.7e and 0.9.7f  [XX xxx XXXX]
+ Changes between 0.9.7l and 0.9.7m  [23 Feb 2007]
+
+  *) Cleanse PEM buffers before freeing them since they may contain 
+     sensitive data.
+     [Benjamin Bennett <ben@psc.edu>]
+
+  *) Include "!eNULL" in SSL_DEFAULT_CIPHER_LIST to make sure that
+     a ciphersuite string such as "DEFAULT:RSA" cannot enable
+     authentication-only ciphersuites.
+     [Bodo Moeller]
+
+  *) Since AES128 and AES256 share a single mask bit in the logic of
+     ssl/ssl_ciph.c, the code for masking out disabled ciphers needs a
+     kludge to work properly if AES128 is available and AES256 isn't.
+     [Victor Duchovni]
+
+  *) Expand security boundary to match 1.1.1 module.
+     [Steve Henson]
+
+  *) Remove redundant features: hash file source, editing of test vectors
+     modify fipsld to use external fips_premain.c signature.
+     [Steve Henson]
+
+  *) New perl script mkfipsscr.pl to create shell scripts or batch files to
+     run algorithm test programs.
+     [Steve Henson]
+
+  *) Make algorithm test programs more tolerant of whitespace.
+     [Steve Henson]
+
+  *) Have SSL/TLS server implementation tolerate "mismatched" record
+     protocol version while receiving ClientHello even if the
+     ClientHello is fragmented.  (The server can't insist on the
+     particular protocol version it has chosen before the ServerHello
+     message has informed the client about his choice.)
+     [Bodo Moeller]
+
+  *) Load error codes if they are not already present instead of using a
+     static variable. This allows them to be cleanly unloaded and reloaded.
+     [Steve Henson]
+
+ Changes between 0.9.7k and 0.9.7l  [28 Sep 2006]
+
+  *) Introduce limits to prevent malicious keys being able to
+     cause a denial of service.  (CVE-2006-2940)
+     [Steve Henson, Bodo Moeller]
+
+  *) Fix ASN.1 parsing of certain invalid structures that can result
+     in a denial of service.  (CVE-2006-2937)  [Steve Henson]
+
+  *) Fix buffer overflow in SSL_get_shared_ciphers() function. 
+     (CVE-2006-3738) [Tavis Ormandy and Will Drewry, Google Security Team]
+
+  *) Fix SSL client code which could crash if connecting to a
+     malicious SSLv2 server.  (CVE-2006-4343)
+     [Tavis Ormandy and Will Drewry, Google Security Team]
+
+  *) Change ciphersuite string processing so that an explicit
+     ciphersuite selects this one ciphersuite (so that "AES256-SHA"
+     will no longer include "AES128-SHA"), and any other similar
+     ciphersuite (same bitmap) from *other* protocol versions (so that
+     "RC4-MD5" will still include both the SSL 2.0 ciphersuite and the
+     SSL 3.0/TLS 1.0 ciphersuite).  This is a backport combining
+     changes from 0.9.8b and 0.9.8d.
+     [Bodo Moeller]
+
+ Changes between 0.9.7j and 0.9.7k  [05 Sep 2006]
+
+  *) Avoid PKCS #1 v1.5 signature attack discovered by Daniel Bleichenbacher
+     (CVE-2006-4339)  [Ben Laurie and Google Security Team]
+
+  *) Change the Unix randomness entropy gathering to use poll() when
+     possible instead of select(), since the latter has some
+     undesirable limitations.
+     [Darryl Miles via Richard Levitte and Bodo Moeller]
+
+  *) Disable rogue ciphersuites:
+
+      - SSLv2 0x08 0x00 0x80 ("RC4-64-MD5")
+      - SSLv3/TLSv1 0x00 0x61 ("EXP1024-RC2-CBC-MD5")
+      - SSLv3/TLSv1 0x00 0x60 ("EXP1024-RC4-MD5")
+
+     The latter two were purportedly from
+     draft-ietf-tls-56-bit-ciphersuites-0[01].txt, but do not really
+     appear there.
+
+     Also deactive the remaining ciphersuites from
+     draft-ietf-tls-56-bit-ciphersuites-01.txt.  These are just as
+     unofficial, and the ID has long expired.
+     [Bodo Moeller]
+
+  *) Fix RSA blinding Heisenbug (problems sometimes occured on
+     dual-core machines) and other potential thread-safety issues.
+     [Bodo Moeller]
+
+ Changes between 0.9.7i and 0.9.7j  [04 May 2006]
+
+  *) Adapt fipsld and the build system to link against the validated FIPS
+     module in FIPS mode.
+     [Steve Henson]
+
+  *) Fixes for VC++ 2005 build under Windows.
+     [Steve Henson]
+
+  *) Add new Windows build target VC-32-GMAKE for VC++. This uses GNU make 
+     from a Windows bash shell such as MSYS. It is autodetected from the
+     "config" script when run from a VC++ environment. Modify standard VC++
+     build to use fipscanister.o from the GNU make build. 
+     [Steve Henson]
+
+ Changes between 0.9.7h and 0.9.7i  [14 Oct 2005]
+
+  *) Wrapped the definition of EVP_MAX_MD_SIZE in a #ifdef OPENSSL_FIPS.
+     The value now differs depending on if you build for FIPS or not.
+     BEWARE!  A program linked with a shared FIPSed libcrypto can't be
+     safely run with a non-FIPSed libcrypto, as it may crash because of
+     the difference induced by this change.
+     [Andy Polyakov]
+
+ Changes between 0.9.7g and 0.9.7h  [11 Oct 2005]
+
+  *) Remove the functionality of SSL_OP_MSIE_SSLV2_RSA_PADDING
+     (part of SSL_OP_ALL).  This option used to disable the
+     countermeasure against man-in-the-middle protocol-version
+     rollback in the SSL 2.0 server implementation, which is a bad
+     idea.  (CVE-2005-2969)
+
+     [Bodo Moeller; problem pointed out by Yutaka Oiwa (Research Center
+     for Information Security, National Institute of Advanced Industrial
+     Science and Technology [AIST], Japan)]
+
+  *) Minimal support for X9.31 signatures and PSS padding modes. This is
+     mainly for FIPS compliance and not fully integrated at this stage.
+     [Steve Henson]
+
+  *) For DSA signing, unless DSA_FLAG_NO_EXP_CONSTTIME is set, perform
+     the exponentiation using a fixed-length exponent.  (Otherwise,
+     the information leaked through timing could expose the secret key
+     after many signatures; cf. Bleichenbacher's attack on DSA with
+     biased k.)
+     [Bodo Moeller]
+
+  *) Make a new fixed-window mod_exp implementation the default for
+     RSA, DSA, and DH private-key operations so that the sequence of
+     squares and multiplies and the memory access pattern are
+     independent of the particular secret key.  This will mitigate
+     cache-timing and potential related attacks.
+
+     BN_mod_exp_mont_consttime() is the new exponentiation implementation,
+     and this is automatically used by BN_mod_exp_mont() if the new flag
+     BN_FLG_EXP_CONSTTIME is set for the exponent.  RSA, DSA, and DH
+     will use this BN flag for private exponents unless the flag
+     RSA_FLAG_NO_EXP_CONSTTIME, DSA_FLAG_NO_EXP_CONSTTIME, or
+     DH_FLAG_NO_EXP_CONSTTIME, respectively, is set.
+
+     [Matthew D Wood (Intel Corp), with some changes by Bodo Moeller]
+
+  *) Change the client implementation for SSLv23_method() and
+     SSLv23_client_method() so that is uses the SSL 3.0/TLS 1.0
+     Client Hello message format if the SSL_OP_NO_SSLv2 option is set.
+     (Previously, the SSL 2.0 backwards compatible Client Hello
+     message format would be used even with SSL_OP_NO_SSLv2.)
+     [Bodo Moeller]
+
+  *) Add support for smime-type MIME parameter in S/MIME messages which some
+     clients need.
+     [Steve Henson]
+
+  *) New function BN_MONT_CTX_set_locked() to set montgomery parameters in
+     a threadsafe manner. Modify rsa code to use new function and add calls
+     to dsa and dh code (which had race conditions before).
+     [Steve Henson]
+
+  *) Include the fixed error library code in the C error file definitions
+     instead of fixing them up at runtime. This keeps the error code
+     structures constant.
+     [Steve Henson]
+
+ Changes between 0.9.7f and 0.9.7g  [11 Apr 2005]
+
+  [NB: OpenSSL 0.9.7h and later 0.9.7 patch levels were released after
+  OpenSSL 0.9.8.]
+
+  *) Fixes for newer kerberos headers. NB: the casts are needed because
+     the 'length' field is signed on one version and unsigned on another
+     with no (?) obvious way to tell the difference, without these VC++
+     complains. Also the "definition" of FAR (blank) is no longer included
+     nor is the error ENOMEM. KRB5_PRIVATE has to be set to 1 to pick up
+     some needed definitions.
+     [Steve Henson]
+
+  *) Undo Cygwin change.
+     [Ulf Möller]
+
+  *) Added support for proxy certificates according to RFC 3820.
+     Because they may be a security thread to unaware applications,
+     they must be explicitely allowed in run-time.  See
+     docs/HOWTO/proxy_certificates.txt for further information.
+     [Richard Levitte]
+
+ Changes between 0.9.7e and 0.9.7f  [22 Mar 2005]
+
+  *) Use (SSL_RANDOM_VALUE - 4) bytes of pseudo random data when generating
+     server and client random values. Previously
+     (SSL_RANDOM_VALUE - sizeof(time_t)) would be used which would result in
+     less random data when sizeof(time_t) > 4 (some 64 bit platforms).
+
+     This change has negligible security impact because:
+
+     1. Server and client random values still have 24 bytes of pseudo random
+        data.
+
+     2. Server and client random values are sent in the clear in the initial
+        handshake.
+
+     3. The master secret is derived using the premaster secret (48 bytes in
+        size for static RSA ciphersuites) as well as client server and random
+        values.
+
+     The OpenSSL team would like to thank the UK NISCC for bringing this issue
+     to our attention. 
+
+     [Stephen Henson, reported by UK NISCC]
+
+  *) Use Windows randomness collection on Cygwin.
+     [Ulf Möller]
 
   *) Fix hang in EGD/PRNGD query when communication socket is closed
      prematurely by EGD/PRNGD.
@@ -762,6 +2762,10 @@
   *) Prompt for pass phrases when appropriate for PKCS12 input format.
      [Steve Henson]
 
+  *) Back-port of selected performance improvements from development
+     branch, as well as improved support for PowerPC platforms.
+     [Andy Polyakov]
+
   *) Add lots of checks for memory allocation failure, error codes to indicate
      failure and freeing up memory if a failure occurs.
      [Nauticus Networks SSL Team <openssl@nauticusnet.com>, Steve Henson]
@@ -814,11 +2818,11 @@
  Changes between 0.9.7c and 0.9.7d  [17 Mar 2004]
 
   *) Fix null-pointer assignment in do_change_cipher_spec() revealed           
-     by using the Codenomicon TLS Test Tool (CAN-2004-0079)                    
+     by using the Codenomicon TLS Test Tool (CVE-2004-0079)                    
      [Joe Orton, Steve Henson]   
 
   *) Fix flaw in SSL/TLS handshaking when using Kerberos ciphersuites
-     (CAN-2004-0112)
+     (CVE-2004-0112)
      [Joe Orton, Steve Henson]   
 
   *) Make it possible to have multiple active certificates with the same
@@ -861,9 +2865,9 @@
   *) Fix various bugs revealed by running the NISCC test suite:
 
      Stop out of bounds reads in the ASN1 code when presented with
-     invalid tags (CAN-2003-0543 and CAN-2003-0544).
+     invalid tags (CVE-2003-0543 and CVE-2003-0544).
      
-     Free up ASN1_TYPE correctly if ANY type is invalid (CAN-2003-0545).
+     Free up ASN1_TYPE correctly if ANY type is invalid (CVE-2003-0545).
 
      If verify callback ignores invalid public key errors don't try to check
      certificate signature with the NULL public key.
@@ -948,7 +2952,7 @@
      via timing by performing a MAC computation even if incorrrect
      block cipher padding has been found.  This is a countermeasure
      against active attacks where the attacker has to distinguish
-     between bad padding and a MAC verification error. (CAN-2003-0078)
+     between bad padding and a MAC verification error. (CVE-2003-0078)
 
      [Bodo Moeller; problem pointed out by Brice Canvel (EPFL),
      Alain Hiltgen (UBS), Serge Vaudenay (EPFL), and
@@ -1165,7 +3169,7 @@
 
      Remote buffer overflow in SSL3 protocol - an attacker could
      supply an oversized master key in Kerberos-enabled versions.
-     (CAN-2002-0657)
+     (CVE-2002-0657)
      [Ben Laurie (CHATS)]
 
   *) Change the SSL kerb5 codes to match RFC 2712.
@@ -2849,7 +4853,7 @@ des-cbc           3624.96k     5258.21k     5530.91k     5624.30k     5628.26k
  Changes between 0.9.6l and 0.9.6m  [17 Mar 2004]
 
   *) Fix null-pointer assignment in do_change_cipher_spec() revealed
-     by using the Codenomicon TLS Test Tool (CAN-2004-0079)
+     by using the Codenomicon TLS Test Tool (CVE-2004-0079)
      [Joe Orton, Steve Henson]
 
  Changes between 0.9.6k and 0.9.6l  [04 Nov 2003]
@@ -2857,7 +4861,7 @@ des-cbc           3624.96k     5258.21k     5530.91k     5624.30k     5628.26k
   *) Fix additional bug revealed by the NISCC test suite:
 
      Stop bug triggering large recursion when presented with
-     certain ASN.1 tags (CAN-2003-0851)
+     certain ASN.1 tags (CVE-2003-0851)
      [Steve Henson]
 
  Changes between 0.9.6j and 0.9.6k  [30 Sep 2003]
@@ -2865,7 +4869,7 @@ des-cbc           3624.96k     5258.21k     5530.91k     5624.30k     5628.26k
   *) Fix various bugs revealed by running the NISCC test suite:
 
      Stop out of bounds reads in the ASN1 code when presented with
-     invalid tags (CAN-2003-0543 and CAN-2003-0544).
+     invalid tags (CVE-2003-0543 and CVE-2003-0544).
      
      If verify callback ignores invalid public key errors don't try to check
      certificate signature with the NULL public key.
@@ -2917,7 +4921,7 @@ des-cbc           3624.96k     5258.21k     5530.91k     5624.30k     5628.26k
      via timing by performing a MAC computation even if incorrrect
      block cipher padding has been found.  This is a countermeasure
      against active attacks where the attacker has to distinguish
-     between bad padding and a MAC verification error. (CAN-2003-0078)
+     between bad padding and a MAC verification error. (CVE-2003-0078)
 
      [Bodo Moeller; problem pointed out by Brice Canvel (EPFL),
      Alain Hiltgen (UBS), Serge Vaudenay (EPFL), and
@@ -3050,7 +5054,7 @@ des-cbc           3624.96k     5258.21k     5530.91k     5624.30k     5628.26k
   *) Add various sanity checks to asn1_get_length() to reject
      the ASN1 length bytes if they exceed sizeof(long), will appear
      negative or the content length exceeds the length of the
-     supplied buffer. (CAN-2002-0659)
+     supplied buffer. (CVE-2002-0659)
      [Steve Henson, Adi Stav <stav@mercury.co.il>, James Yonan <jim@ntlp.com>]
 
   *) Assertions for various potential buffer overflows, not known to
@@ -3058,15 +5062,15 @@ des-cbc           3624.96k     5258.21k     5530.91k     5624.30k     5628.26k
      [Ben Laurie (CHATS)]
 
   *) Various temporary buffers to hold ASCII versions of integers were
-     too small for 64 bit platforms. (CAN-2002-0655)
+     too small for 64 bit platforms. (CVE-2002-0655)
      [Matthew Byng-Maddick <mbm@aldigital.co.uk> and Ben Laurie (CHATS)>
 
   *) Remote buffer overflow in SSL3 protocol - an attacker could
-     supply an oversized session ID to a client. (CAN-2002-0656)
+     supply an oversized session ID to a client. (CVE-2002-0656)
      [Ben Laurie (CHATS)]
 
   *) Remote buffer overflow in SSL2 protocol - an attacker could
-     supply an oversized client master key. (CAN-2002-0656)
+     supply an oversized client master key. (CVE-2002-0656)
      [Ben Laurie (CHATS)]
 
  Changes between 0.9.6c and 0.9.6d  [9 May 2002]
diff --git a/CHANGES.SSLeay b/CHANGES.SSLeay
index dbb80b003d..ca5cd72976 100644
--- a/CHANGES.SSLeay
+++ b/CHANGES.SSLeay
@@ -148,7 +148,7 @@ eric (about to go bushwalking for the 4 day easter break :-)
       This would tend to cause memory overwrites since SSLv3 has
       a maximum packet size of 16k.  If your program uses
       buffers <= 16k, you would probably never see this problem.
-    - Fixed a new errors that were cause by malloc() not returning
+    - Fixed a few errors that were cause by malloc() not returning
       0 initialised memory..
     - SSL_OP_NETSCAPE_CA_DN_BUG was being switched on when using
       SSL_CTX_set_options(ssl_ctx,SSL_OP_ALL); which was a bad thing
diff --git a/Configure b/Configure
index bd9d4a6495..5920da8613 100755
--- a/Configure
+++ b/Configure
@@ -10,7 +10,7 @@ use strict;
 
 # see INSTALL for instructions.
 
-my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [no-asm] [no-dso] [no-krb5] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--with-xxx[=vvv]] [--test-sanity] os/compiler[:flags]\n";
+my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [experimental-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [no-asm] [no-dso] [no-krb5] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--with-xxx[=vvv]] [--test-sanity] os/compiler[:flags]\n";
 
 # Options:
 #
@@ -38,6 +38,8 @@ my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [-Dxxx] [-lx
 # --test-sanity Make a number of sanity checks on the data in this file.
 #               This is a debugging tool for OpenSSL developers.
 #
+# --cross-compile-prefix Add specified prefix to binutils components.
+#
 # no-hw-xxx     do not compile support for specific crypto hardware.
 #               Generic OpenSSL-style methods relating to this support
 #               are always compiled but return NULL if the hardware
@@ -97,6 +99,13 @@ my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [-Dxxx] [-lx
 # SHA512_ASM	sha512_block is implemented in assembler
 # AES_ASM	ASE_[en|de]crypt is implemented in assembler
 
+# Minimum warning options... any contributions to OpenSSL should at least get
+# past these. 
+
+my $gcc_devteam_warn = "-Wall -pedantic -DPEDANTIC -Wno-long-long -Wsign-compare -Wmissing-prototypes -Wshadow -Wformat -Werror -DCRYPTO_MDEBUG_ALL -DCRYPTO_MDEBUG_ABORT -DREF_CHECK -DOPENSSL_NO_DEPRECATED";
+
+my $strict_warnings = 0;
+
 my $x86_gcc_des="DES_PTR DES_RISC1 DES_UNROLL";
 
 # MD2_CHAR slags pentium pros
@@ -114,14 +123,23 @@ my $tlib="-lnsl -lsocket";
 my $bits1="THIRTY_TWO_BIT ";
 my $bits2="SIXTY_FOUR_BIT ";
 
-my $x86_elf_asm="x86cpuid-elf.o:bn86-elf.o co86-elf.o:dx86-elf.o yx86-elf.o:ax86-elf.o:bx86-elf.o:mx86-elf.o:sx86-elf.o s512sse2-elf.o:cx86-elf.o:rx86-elf.o:rm86-elf.o:r586-elf.o";
-my $x86_coff_asm="x86cpuid-cof.o:bn86-cof.o co86-cof.o:dx86-cof.o yx86-cof.o:ax86-cof.o:bx86-cof.o:mx86-cof.o:sx86-cof.o s512sse2-cof.o:cx86-cof.o:rx86-cof.o:/rm86-cof.o:r586-cof.o";
-my $x86_out_asm="x86cpuid-out.o:bn86-out.o co86-out.o:dx86-out.o yx86-out.o:ax86-out.o:bx86-out.o:mx86-out.o:sx86-out.o s512sse2-out.o:cx86-out.o:rx86-out.o:rm86-out.o:r586-out.o";
+my $x86_asm="x86cpuid.o:bn-586.o co-586.o x86-mont.o:des-586.o crypt586.o:aes-586.o aesni-x86.o:bf-586.o:md5-586.o:sha1-586.o sha256-586.o sha512-586.o:cast-586.o:rc4-586.o:rmd-586.o:rc5-586.o:wp_block.o wp-mmx.o:cmll-x86.o";
 
-my $x86_64_asm="amd64cpuid.o:x86_64-gcc.o:::::::rc4-amd64.o::";
-my $ia64_asm=":ia64.o::aes_core.o aes_cbc.o aes-ia64.o:::sha1-ia64.o sha256-ia64.o sha512-ia64.o::rc4-ia64.o::";
+my $x86_elf_asm="$x86_asm:elf";
 
-my $no_asm="::::::::::";
+my $x86_64_asm="x86_64cpuid.o:x86_64-gcc.o x86_64-mont.o::aes-x86_64.o aesni-x86_64.o::md5-x86_64.o:sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o::rc4-x86_64.o:::wp-x86_64.o:cmll-x86_64.o cmll_misc.o";
+my $ia64_asm="ia64cpuid.o:bn-ia64.o ia64-mont.o::aes_core.o aes_cbc.o aes-ia64.o::md5-ia64.o:sha1-ia64.o sha256-ia64.o sha512-ia64.o::rc4-ia64.o rc4_skey.o:::::void";
+my $sparcv9_asm="sparcv9cap.o sparccpuid.o:bn-sparcv9.o sparcv9-mont.o sparcv9a-mont.o:des_enc-sparc.o fcrypt_b.o:aes_core.o aes_cbc.o aes-sparcv9.o:::sha1-sparcv9.o sha256-sparcv9.o sha512-sparcv9.o:::::::void";
+my $sparcv8_asm=":sparcv8.o:des_enc-sparc.o fcrypt_b.o:::::::::::void";
+my $alpha_asm="alphacpuid.o:bn_asm.o alpha-mont.o::::::::::::void";
+my $mips3_asm=":bn-mips3.o::::::::::::void";
+my $s390x_asm="s390xcap.o s390xcpuid.o:bn-s390x.o s390x-mont.o::aes-s390x.o:::sha1-s390x.o sha256-s390x.o sha512-s390x.o::rc4-s390x.o:::::void";
+my $armv4_asm=":bn_asm.o armv4-mont.o::aes_cbc.o aes-armv4.o:::sha1-armv4-large.o sha256-armv4.o sha512-armv4.o:::::::void";
+my $parisc11_asm="pariscid.o:bn_asm.o parisc-mont.o::aes_core.o aes_cbc.o aes-parisc.o:::sha1-parisc.o sha256-parisc.o sha512-parisc.o::rc4-parisc.o:::::32";
+my $parisc20_asm="pariscid.o:pa-risc2W.o parisc-mont.o::aes_core.o aes_cbc.o aes-parisc.o:::sha1-parisc.o sha256-parisc.o sha512-parisc.o::rc4-parisc.o:::::64";
+my $ppc32_asm="ppccpuid.o ppccap.o:bn-ppc.o ppc-mont.o ppc64-mont.o::aes_core.o aes_cbc.o aes-ppc.o:::sha1-ppc.o sha256-ppc.o::::::";
+my $ppc64_asm="ppccpuid.o ppccap.o:bn-ppc.o ppc-mont.o ppc64-mont.o::aes_core.o aes_cbc.o aes-ppc.o:::sha1-ppc.o sha256-ppc.o sha512-ppc.o::::::";
+my $no_asm=":::::::::::::void";
 
 # As for $BSDthreads. Idea is to maintain "collective" set of flags,
 # which would cover all BSD flavors. -pthread applies to them all, 
@@ -132,7 +150,7 @@ my $no_asm="::::::::::";
 # seems to be sufficient?
 my $BSDthreads="-pthread -D_THREAD_SAFE -D_REENTRANT";
 
-#config-string	$cc : $cflags : $unistd : $thread_cflag : $sys_id : $lflags : $bn_ops : $cpuid_obj : $bn_obj : $des_obj : $aes_obj : $bf_obj : $md5_obj : $sha1_obj : $cast_obj : $rc4_obj : $rmd160_obj : $rc5_obj : $dso_scheme : $shared_target : $shared_cflag : $shared_ldflag : $shared_extension : $ranlib : $arflags
+#config-string	$cc : $cflags : $unistd : $thread_cflag : $sys_id : $lflags : $bn_ops : $cpuid_obj : $bn_obj : $des_obj : $aes_obj : $bf_obj : $md5_obj : $sha1_obj : $cast_obj : $rc4_obj : $rmd160_obj : $rc5_obj : $wp_obj : $cmll_obj : $dso_scheme : $shared_target : $shared_cflag : $shared_ldflag : $shared_extension : $ranlib : $arflags : $multilib
 
 my %table=(
 # File 'TABLE' (created by 'make TABLE') contains the data from this list,
@@ -150,22 +168,29 @@ my %table=(
 "debug-ben",	"gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown):::::bn86-elf.o co86-elf.o",
 "debug-ben-openbsd","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -DOPENSSL_OPENBSD_DEV_CRYPTO -DOPENSSL_NO_ASM -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown)::::",
 "debug-ben-openbsd-debug","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -DOPENSSL_OPENBSD_DEV_CRYPTO -DOPENSSL_NO_ASM -g3 -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown)::::",
-"debug-ben-debug",	"gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -g3 -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown)::::::",
+"debug-ben-debug",	"gcc:$gcc_devteam_warn -DBN_DEBUG -DCONF_DEBUG -DBN_CTX_DEBUG -DDEBUG_SAFESTACK -g3 -O2 -pipe::(unknown)::::::",
+"debug-ben-no-opt",	"gcc: -Wall -Wmissing-prototypes -Wstrict-prototypes -Wmissing-declarations -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG -Werror -DL_ENDIAN -DTERMIOS -Wall -g3::(unknown)::::::",
 "debug-ben-strict",	"gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DCONST_STRICT -O2 -Wall -Wshadow -Werror -Wpointer-arith -Wcast-qual -Wwrite-strings -pipe::(unknown)::::::",
 "debug-rse","cc:-DTERMIOS -DL_ENDIAN -pipe -O -g -ggdb3 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",
-"debug-bodo",	"gcc:-DL_ENDIAN -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DBIO_PAIR_DEBUG -DPEDANTIC -g -march=i486 -pedantic -Wshadow -Wall::-D_REENTRANT:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",
+"debug-bodo",	"gcc:-DL_ENDIAN -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBIO_PAIR_DEBUG -DPEDANTIC -g -march=i486 -pedantic -Wshadow -Wall -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wundef -Wconversion::-D_REENTRANT:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",
 "debug-ulf", "gcc:-DTERMIOS -DL_ENDIAN -march=i486 -Wall -DBN_DEBUG -DBN_DEBUG_RAND -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -g -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations:::CYGWIN32:::${no_asm}:win32:cygwin-shared:::.dll",
-"debug-steve",	"gcc:-DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG_ALL -DPEDANTIC -g -mcpu=i486 -pedantic -Wno-long-long -Wall -Werror -Wshadow -pipe::-D_REENTRANT::-rdynamic -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared",
-"debug-steve-linux-pseudo64",	"gcc:-DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG_ALL -DOPENSSL_NO_ASM -g -mcpu=i486 -Wall -Werror -Wshadow -pipe::-D_REENTRANT::-rdynamic -ldl:SIXTY_FOUR_BIT:${no_asm}:dlfcn:linux-shared",
+"debug-steve64", "gcc:$gcc_devteam_warn -m64 -DL_ENDIAN -DTERMIO -DCONF_DEBUG -DDEBUG_SAFESTACK -g -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-steve32", "gcc:$gcc_devteam_warn -m32 -DL_ENDIAN -DCONF_DEBUG -DDEBUG_SAFESTACK -g -pipe::-D_REENTRANT::-rdynamic -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC:-m32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-steve-opt", "gcc:$gcc_devteam_warn -m64 -O3 -DL_ENDIAN -DTERMIO -DCONF_DEBUG -DDEBUG_SAFESTACK -g -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 "debug-levitte-linux-elf","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DCRYPTO_MDEBUG -DENGINE_CONF_DEBUG -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wundef -Wconversion -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 "debug-levitte-linux-noasm","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DCRYPTO_MDEBUG -DENGINE_CONF_DEBUG -DOPENSSL_NO_ASM -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wundef -Wconversion -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 "debug-levitte-linux-elf-extreme","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DCRYPTO_MDEBUG -DENGINE_CONF_DEBUG -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -W -Wundef -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wundef -Wconversion -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 "debug-levitte-linux-noasm-extreme","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DCRYPTO_MDEBUG -DENGINE_CONF_DEBUG -DOPENSSL_NO_ASM -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -W -Wundef -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wundef -Wconversion -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-geoff","gcc:-DBN_DEBUG -DBN_DEBUG_RAND -DBN_STRICT -DPURIFY -DOPENSSL_NO_DEPRECATED -DOPENSSL_NO_ASM -DOPENSSL_NO_INLINE_ASM -DL_ENDIAN -DTERMIO -DPEDANTIC -O1 -ggdb2 -Wall -Werror -Wundef -pedantic -Wshadow -Wpointer-arith -Wbad-function-cast -Wcast-align -Wsign-compare -Wmissing-prototypes -Wmissing-declarations -Wno-long-long::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-geoff32","gcc:-DBN_DEBUG -DBN_DEBUG_RAND -DBN_STRICT -DPURIFY -DOPENSSL_NO_DEPRECATED -DOPENSSL_NO_ASM -DOPENSSL_NO_INLINE_ASM -DL_ENDIAN -DTERMIO -DPEDANTIC -DMD32_REG_T=int -O1 -ggdb2 -Wall -Werror -Wundef -pedantic -Wshadow -Wpointer-arith -Wbad-function-cast -Wcast-align -Wsign-compare -Wmissing-prototypes -Wmissing-declarations -Wno-long-long::-D_REENTRANT::-ldl:BN_LLONG:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-geoff64","gcc:-DBN_DEBUG -DBN_DEBUG_RAND -DBN_STRICT -DPURIFY -DOPENSSL_NO_DEPRECATED -DOPENSSL_NO_ASM -DOPENSSL_NO_INLINE_ASM -DL_ENDIAN -DTERMIO -DPEDANTIC -DMD32_REG_T=int -O1 -ggdb2 -Wall -Werror -Wundef -pedantic -Wshadow -Wpointer-arith -Wbad-function-cast -Wcast-align -Wsign-compare -Wmissing-prototypes -Wmissing-declarations -Wno-long-long::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 "debug-linux-pentium","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -mcpu=pentium -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn",
 "debug-linux-ppro","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -mcpu=pentiumpro -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn",
-"debug-linux-elf","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall::-D_REENTRANT::-lefence -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-linux-elf-noefence","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-linux-elf","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -march=i486 -Wall::-D_REENTRANT::-lefence -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-linux-elf-noefence","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -march=i486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-linux-ia32-aes", "gcc:-DAES_EXPERIMENTAL -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:x86cpuid.o:bn-586.o co-586.o x86-mont.o:des-586.o crypt586.o:aes_x86core.o aes_cbc.o:bf-586.o:md5-586.o:sha1-586.o sha256-586.o sha512-586.o:cast-586.o:rc4-586.o:rmd-586.o:rc5-586.o:wp_block.o wp-mmx.o::elf:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-linux-generic32","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DTERMIO -g -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-linux-generic64","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DTERMIO -g -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-linux-x86_64","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -m64 -DL_ENDIAN -DTERMIO -g -Wall -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
 "dist",		"cc:-O::(unknown)::::::",
 
 # Basic configs that should work on any (32 and less bit) box
@@ -173,10 +198,8 @@ my %table=(
 "cc",		"cc:-O::(unknown)::::::",
 
 ####VOS Configurations
-"vos-gcc","gcc:-b hppa1.1-stratus-vos -O3 -Wall -Wuninitialized -D_POSIX_C_SOURCE=200112L -D_BSD::(unknown):VOS:-Wl,-map:BN_LLONG:${no_asm}:::::.so:",
-"debug-vos-gcc","gcc:-b hppa1.1-stratus-vos -O0 -g -Wall -D_POSIX_C_SOURCE=200112L -D_BSD -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG::(unknown):VOS:-Wl,-map:BN_LLONG:${no_asm}:::::.so:",
-"vos-vcc","vcc:-b i386-stratus-vos -O3 -D_POSIX_C_SOURCE=200112L -D_BSD::(unknown):VOS:-Wl,-map::${no_asm}:::::.so:",
-"debug-vos-vcc","vcc:-b i386-stratus-vos -O0 -g -D_POSIX_C_SOURCE=200112L -D_BSD -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG::(unknown):VOS:-Wl,-map::${no_asm}:::::.so:",
+"vos-gcc","gcc:-O3 -Wall -D_POSIX_C_SOURCE=200112L -D_BSD -D_VOS_EXTENDED_NAMES -DB_ENDIAN::(unknown):VOS:-Wl,-map:BN_LLONG:${no_asm}:::::.so:",
+"debug-vos-gcc","gcc:-O0 -g -Wall -D_POSIX_C_SOURCE=200112L -D_BSD -D_VOS_EXTENDED_NAMES -DB_ENDIAN -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG::(unknown):VOS:-Wl,-map:BN_LLONG:${no_asm}:::::.so:",
 
 #### Solaris x86 with GNU C setups
 # -DOPENSSL_NO_INLINE_ASM switches off inline assembler. We have to do it
@@ -184,31 +207,42 @@ my %table=(
 # surrounds it with #APP #NO_APP comment pair which (at least Solaris
 # 7_x86) /usr/ccs/bin/as fails to assemble with "Illegal mnemonic"
 # error message.
-"solaris-x86-gcc","gcc:-O3 -fomit-frame-pointer -m486 -Wall -DL_ENDIAN -DOPENSSL_NO_INLINE_ASM::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"solaris-x86-gcc","gcc:-O3 -fomit-frame-pointer -march=pentium -Wall -DL_ENDIAN -DOPENSSL_NO_INLINE_ASM::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+# -shared -static-libgcc might appear controversial, but modules taken
+# from static libgcc do not have relocations and linking them into our
+# shared objects doesn't have any negative side-effects. On the contrary,
+# doing so makes it possible to use gcc shared build with Sun C. Given
+# that gcc generates faster code [thanks to inline assembler], I would
+# actually recommend to consider using gcc shared build even with vendor
+# compiler:-)
+#						<appro@fy.chalmers.se>
+"solaris64-x86_64-gcc","gcc:-m64 -O3 -Wall -DL_ENDIAN -DMD32_REG_T=int::-D_REENTRANT::-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:solaris-shared:-fPIC:-m64 -shared -static-libgcc:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/64",
+ 
 #### Solaris x86 with Sun C setups
-"solaris-x86-cc","cc:-fast -O -Xa::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_UNROLL BF_PTR:${no_asm}:dlfcn:solaris-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"solaris-x86-cc","cc:-fast -O -Xa::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_UNROLL BF_PTR:${no_asm}:dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"solaris64-x86_64-cc","cc:-fast -xarch=amd64 -xstrconst -Xa -DL_ENDIAN::-D_REENTRANT::-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:solaris-shared:-KPIC:-xarch=amd64 -G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/64",
 
 #### SPARC Solaris with GNU C setups
 "solaris-sparcv7-gcc","gcc:-O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${no_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"solaris-sparcv8-gcc","gcc:-mv8 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::sparcv8.o:des_enc-sparc.o fcrypt_b.o:::::::::dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"solaris-sparcv8-gcc","gcc:-mv8 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 # -m32 should be safe to add as long as driver recognizes -mcpu=ultrasparc
-"solaris-sparcv9-gcc","gcc:-m32 -mcpu=ultrasparc -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::sparcv8plus.o:des_enc-sparc.o fcrypt_b.o:::md5-sparcv8plus.o::::::dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"solaris64-sparcv9-gcc","gcc:-m64 -mcpu=ultrasparc -O3 -Wall -DB_ENDIAN::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR:::des_enc-sparc.o fcrypt_b.o:::md5-sparcv9.o::::::dlfcn:solaris-shared:-fPIC:-m64 -shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"solaris-sparcv9-gcc","gcc:-m32 -mcpu=ultrasparc -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"solaris64-sparcv9-gcc","gcc:-m64 -mcpu=ultrasparc -O3 -Wall -DB_ENDIAN::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:solaris-shared:-fPIC:-m64 -shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/64",
 ####
-"debug-solaris-sparcv8-gcc","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -O -g -mv8 -Wall -DB_ENDIAN::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::sparcv8.o::::::::::dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-solaris-sparcv9-gcc","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -DPEDANTIC -O -g -mcpu=ultrasparc -pedantic -ansi -Wall -Wshadow -Wno-long-long -D__EXTENSIONS__ -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::sparcv8plus.o:des_enc-sparc.o fcrypt_b.o:::md5-sparcv8plus.o::::::dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-solaris-sparcv8-gcc","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -O -g -mv8 -Wall -DB_ENDIAN::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-solaris-sparcv9-gcc","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -DPEDANTIC -O -g -mcpu=ultrasparc -pedantic -ansi -Wall -Wshadow -Wno-long-long -D__EXTENSIONS__ -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 
 #### SPARC Solaris with Sun C setups
 # SC4.0 doesn't pass 'make test', upgrade to SC5.0 or SC4.2.
 # SC4.2 is ok, better than gcc even on bn as long as you tell it -xarch=v8
 # SC5.0 note: Compiler common patch 107357-01 or later is required!
-"solaris-sparcv7-cc","cc:-xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${no_asm}:dlfcn:solaris-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"solaris-sparcv8-cc","cc:-xarch=v8 -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR::sparcv8.o:des_enc-sparc.o fcrypt_b.o:::::::::dlfcn:solaris-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"solaris-sparcv9-cc","cc:-xtarget=ultra -xarch=v8plus -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR::sparcv8plus.o:des_enc-sparc.o fcrypt_b.o:::md5-sparcv8plus.o::::::dlfcn:solaris-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"solaris64-sparcv9-cc","cc:-xtarget=ultra -xarch=v9 -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR:::des_enc-sparc.o fcrypt_b.o:::md5-sparcv9.o::::::dlfcn:solaris-shared:-KPIC:-xarch=v9:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):/usr/ccs/bin/ar rs",
+"solaris-sparcv7-cc","cc:-xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${no_asm}:dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"solaris-sparcv8-cc","cc:-xarch=v8 -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"solaris-sparcv9-cc","cc:-xtarget=ultra -xarch=v8plus -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"solaris64-sparcv9-cc","cc:-xtarget=ultra -xarch=v9 -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:solaris-shared:-KPIC:-xarch=v9 -G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):/usr/ccs/bin/ar rs::/64",
 ####
-"debug-solaris-sparcv8-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -xarch=v8 -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR::sparcv8.o::::::::::dlfcn:solaris-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-solaris-sparcv9-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -xtarget=ultra -xarch=v8plus -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR::sparcv8plus.o::::md5-sparcv8plus.o::::::dlfcn:solaris-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", 
+"debug-solaris-sparcv8-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -xarch=v8 -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-solaris-sparcv9-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -xtarget=ultra -xarch=v8plus -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", 
 
 #### SunOS configs, assuming sparc for the gcc one.
 #"sunos-cc", "cc:-O4 -DNOPROTO -DNOCONST::(unknown):SUNOS::DES_UNROLL:${no_asm}::",
@@ -221,11 +255,11 @@ my %table=(
 #### IRIX 6.x configs
 # Only N32 and N64 ABIs are supported. If you need O32 ABI build, invoke
 # './Configure irix-cc -o32' manually.
-"irix-mips3-gcc","gcc:-mabi=n32 -mmips-as -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::MD2_CHAR RC4_INDEX RC4_CHAR RC4_CHUNK_LL DES_UNROLL DES_RISC2 DES_PTR BF_PTR SIXTY_FOUR_BIT::mips3.o::::::::::dlfcn:irix-shared::-mabi=n32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"irix-mips3-cc", "cc:-n32 -mips3 -O2 -use_readonly_const -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::DES_PTR RC4_CHAR RC4_CHUNK_LL DES_RISC2 DES_UNROLL BF_PTR SIXTY_FOUR_BIT::mips3.o::::::::::dlfcn:irix-shared::-n32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"irix-mips3-gcc","gcc:-mabi=n32 -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::MD2_CHAR RC4_INDEX RC4_CHAR RC4_CHUNK_LL DES_UNROLL DES_RISC2 DES_PTR BF_PTR SIXTY_FOUR_BIT:${mips3_asm}:dlfcn:irix-shared::-mabi=n32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::32",
+"irix-mips3-cc", "cc:-n32 -mips3 -O2 -use_readonly_const -G0 -rdata_shared -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::DES_PTR RC4_CHAR RC4_CHUNK_LL DES_RISC2 DES_UNROLL BF_PTR SIXTY_FOUR_BIT:${mips3_asm}:dlfcn:irix-shared::-n32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::32",
 # N64 ABI builds.
-"irix64-mips4-gcc","gcc:-mabi=64 -mips4 -mmips-as -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG::mips3.o::::::::::dlfcn:irix-shared::-mabi=64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"irix64-mips4-cc", "cc:-64 -mips4 -O2 -use_readonly_const -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG::mips3.o::::::::::dlfcn:irix-shared::-64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"irix64-mips4-gcc","gcc:-mabi=64 -mips4 -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG:${mips3_asm}:dlfcn:irix-shared::-mabi=64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
+"irix64-mips4-cc", "cc:-64 -mips4 -O2 -use_readonly_const -G0 -rdata_shared -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG:${mips3_asm}:dlfcn:irix-shared::-64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
 
 #### Unified HP-UX ANSI C configs.
 # Special notes:
@@ -258,26 +292,26 @@ my %table=(
 # Since there is mention of this in shlib/hpux10-cc.sh
 "hpux-parisc-cc-o4","cc:-Ae +O4 +ESlit -z -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY::-D_REENTRANT::-ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1:${no_asm}:dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 "hpux-parisc-gcc","gcc:-O3 -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-Wl,+s -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1:${no_asm}:dl:hpux-shared:-fPIC:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"hpux-parisc2-gcc","gcc:-march=2.0 -O3 -DB_ENDIAN -D_REENTRANT::::-Wl,+s -ldld:SIXTY_FOUR_BIT RC4_CHAR RC4_CHUNK DES_PTR DES_UNROLL DES_RISC1::pa-risc2.o::::::::::dl:hpux-shared:-fPIC:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"hpux64-parisc2-gcc","gcc:-O3 -DB_ENDIAN -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::pa-risc2W.o::::::::::dlfcn:hpux-shared:-fpic:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"hpux-parisc2-gcc","gcc:-march=2.0 -O3 -DB_ENDIAN -D_REENTRANT::::-Wl,+s -ldld:SIXTY_FOUR_BIT RC4_CHAR RC4_CHUNK DES_PTR DES_UNROLL DES_RISC1::pa-risc2.o::::::::::::void:dl:hpux-shared:-fPIC:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"hpux64-parisc2-gcc","gcc:-O3 -DB_ENDIAN -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::pa-risc2W.o::::::::::::void:dlfcn:hpux-shared:-fpic:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/pa20_64",
 
 # More attempts at unified 10.X and 11.X targets for HP C compiler.
 #
 # Chris Ruemmler <ruemmler@cup.hp.com>
 # Kevin Steves <ks@hp.se>
 "hpux-parisc-cc","cc:+O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY::-D_REENTRANT::-Wl,+s -ldld:MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:${no_asm}:dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"hpux-parisc1_0-cc","cc:+DAportable +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-Wl,+s -ldld:MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:${no_asm}:dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"hpux-parisc2-cc","cc:+DA2.0 +DS2.0 +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY -D_REENTRANT::::-Wl,+s -ldld:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::pa-risc2.o::::::::::dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"hpux64-parisc2-cc","cc:+DD64 +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::pa-risc2W.o::::::::::dlfcn:hpux-shared:+Z:+DD64 -b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"hpux-parisc1_1-cc","cc:+DA1.1 +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-Wl,+s -ldld:MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:${parisc11_asm}:dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/pa1.1",
+"hpux-parisc2-cc","cc:+DA2.0 +DS2.0 +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY -D_REENTRANT::::-Wl,+s -ldld:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::pa-risc2.o::::::::::::void:dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"hpux64-parisc2-cc","cc:+DD64 +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:${parisc20_asm}:dlfcn:hpux-shared:+Z:+DD64 -b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/pa20_64",
 
 # HP/UX IA-64 targets
-"hpux-ia64-cc","cc:-Ae +DD32 +O2 +Olit=all -z -DB_ENDIAN -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT:${ia64_asm}:dlfcn:hpux-shared:+Z:+DD32 -b:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"hpux-ia64-cc","cc:-Ae +DD32 +O2 +Olit=all -z -DB_ENDIAN -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT:${ia64_asm}:dlfcn:hpux-shared:+Z:+DD32 -b:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/hpux32",
 # Frank Geurts <frank.geurts@nl.abnamro.com> has patiently assisted with
 # with debugging of the following config.
-"hpux64-ia64-cc","cc:-Ae +DD64 +O3 +Olit=all -z -DB_ENDIAN -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT:${ia64_asm}:dlfcn:hpux-shared:+Z:+DD64 -b:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"hpux64-ia64-cc","cc:-Ae +DD64 +O3 +Olit=all -z -DB_ENDIAN -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT:${ia64_asm}:dlfcn:hpux-shared:+Z:+DD64 -b:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/hpux64",
 # GCC builds...
-"hpux-ia64-gcc","gcc:-O3 -DB_ENDIAN -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT::ia64.o::aes-ia64.o:::sha256-ia64.o sha512-ia64.o::rc4-ia64.o:::dlfcn:hpux-shared:-fpic:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"hpux64-ia64-gcc","gcc:-mlp64 -O3 -DB_ENDIAN -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT:${ia64_asm}:dlfcn:hpux-shared:-fpic:-mlp64 -shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", 
+"hpux-ia64-gcc","gcc:-O3 -DB_ENDIAN -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT:${ia64_asm}:dlfcn:hpux-shared:-fpic:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/hpux32",
+"hpux64-ia64-gcc","gcc:-mlp64 -O3 -DB_ENDIAN -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT:${ia64_asm}:dlfcn:hpux-shared:-fpic:-mlp64 -shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/hpux64", 
 
 # Legacy HPUX 9.X configs...
 "hpux-cc",	"cc:-DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY -Ae +ESlit +O2 -z::(unknown)::-Wl,+s -ldld:DES_PTR DES_UNROLL DES_RISC1:${no_asm}:dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
@@ -293,19 +327,11 @@ my %table=(
 #
 # - William Shakespeare, "Romeo & Juliet", Act II, scene II.
 #
-# There's also an alternate target available (which `config' will never
-# select) called alpha-cc-rpath.  This target builds an RPATH into the
-# shared libraries, which is very convenient on Tru64 since binaries
-# linked against that shared library will automatically inherit that RPATH,
-# and hence know where to look for the openssl libraries, even if they're in
-# an odd place.
-#
 # For gcc, the following gave a %50 speedup on a 164 over the 'DES_INT' version
 #
-"osf1-alpha-gcc", "gcc:-O3::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_RISC1:${no_asm}:dlfcn:alpha-osf1-shared:::.so",
-"ofs1-alpha-cc",  "cc:-std1 -tune host -O4 -readonly_strings::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${no_asm}:dlfcn:alpha-osf1-shared:::.so",
-"tru64-alpha-cc", "cc:-std1 -tune host -fast -readonly_strings::-pthread:::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${no_asm}:dlfcn:tru64-shared:::.so",
-"alpha-cc-rpath", "cc:-std1 -tune host -fast -readonly_strings::-pthread:::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${no_asm}:dlfcn:tru64-shared-rpath:::.so",
+"osf1-alpha-gcc", "gcc:-O3::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_RISC1:${alpha_asm}:dlfcn:alpha-osf1-shared:::.so",
+"osf1-alpha-cc",  "cc:-std1 -tune host -O4 -readonly_strings::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${alpha_asm}:dlfcn:alpha-osf1-shared:::.so",
+"tru64-alpha-cc", "cc:-std1 -tune host -fast -readonly_strings::-pthread:::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${alpha_asm}:dlfcn:alpha-osf1-shared::-msym:.so",
 
 ####
 #### Variety of LINUX:-)
@@ -313,27 +339,31 @@ my %table=(
 # *-generic* is endian-neutral target, but ./config is free to
 # throw in -D[BL]_ENDIAN, whichever appropriate...
 "linux-generic32","gcc:-DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"linux-ppc",	"gcc:-DB_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL::linux_ppc32.o::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-ppc",	"gcc:-DB_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc32_asm}:linux32:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+# It's believed that majority of ARM toolchains predefine appropriate -march.
+# If you compiler does not, do complement config command line with one!
+"linux-armv4",	"gcc:-DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${armv4_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 #### IA-32 targets...
 "linux-ia32-icc",	"icc:-DL_ENDIAN -DTERMIO -O2 -no_cpprt::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 "linux-elf",	"gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"linux-aout",	"gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}",
+"linux-aout",	"gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -march=i486 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_asm}:a.out",
 ####
 "linux-generic64","gcc:-DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-# -bpowerpc64-linux is transient option, -m64 should be the one to use...
-"linux-ppc64",	"gcc:-bpowerpc64-linux -DB_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL::linux_ppc64.o::::::::::dlfcn:linux-shared:-fPIC:-bpowerpc64-linux:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"linux-ia64",	"gcc:-DL_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"linux-ia64-ecc","ecc:-DL_ENDIAN -DTERMIO -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"linux-x86_64",	"gcc:-m64 -DL_ENDIAN -DTERMIO -O3 -Wall -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK BF_PTR2 DES_INT DES_UNROLL:${x86_64_asm}:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-ppc64",	"gcc:-m64 -DB_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc64_asm}:linux64:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
+"linux-ia64",	"gcc:-DL_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-ia64-ecc","ecc:-DL_ENDIAN -DTERMIO -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-ia64-icc","icc:-DL_ENDIAN -DTERMIO -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-x86_64",	"gcc:-m64 -DL_ENDIAN -DTERMIO -O3 -Wall -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
+"linux-s390x",	"gcc:-m64 -DB_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:${s390x_asm}:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
 #### SPARC Linux setups
 # Ray Miller <ray.miller@computing-services.oxford.ac.uk> has patiently
 # assisted with debugging of following two configs.
-"linux-sparcv8","gcc:-mv8 -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::sparcv8.o:des_enc-sparc.o fcrypt_b.o:::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-sparcv8","gcc:-mv8 -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 # it's a real mess with -mcpu=ultrasparc option under Linux, but
 # -Wa,-Av8plus should do the trick no matter what.
-"linux-sparcv9","gcc:-m32 -mcpu=ultrasparc -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -Wa,-Av8plus -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::sparcv8plus.o:des_enc-sparc.o fcrypt_b.o:::md5-sparcv8plus.o::::::dlfcn:linux-shared:-fPIC:-m32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-sparcv9","gcc:-m32 -mcpu=ultrasparc -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -Wa,-Av8plus -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:linux-shared:-fPIC:-m32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 # GCC 3.1 is a requirement
-"linux64-sparcv9","gcc:-m64 -mcpu=ultrasparc -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT:ULTRASPARC:-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:::des_enc-sparc.o fcrypt_b.o:::md5-sparcv9.o::::::dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux64-sparcv9","gcc:-m64 -mcpu=ultrasparc -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT:ULTRASPARC:-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
 #### Alpha Linux with GNU C and Compaq C setups
 # Special notes:
 # - linux-alpha+bwx-gcc is ment to be used from ./config only. If you
@@ -347,26 +377,27 @@ my %table=(
 #
 #					<appro@fy.chalmers.se>
 #
-"linux-alpha-gcc","gcc:-O3 -DL_ENDIAN -DTERMIO::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"linux-alpha+bwx-gcc","gcc:-O3 -DL_ENDIAN -DTERMIO::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"linux-alpha-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${no_asm}",
-"linux-alpha+bwx-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${no_asm}",
+"linux-alpha-gcc","gcc:-O3 -DL_ENDIAN -DTERMIO::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-alpha+bwx-gcc","gcc:-O3 -DL_ENDIAN -DTERMIO::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-alpha-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}",
+"linux-alpha+bwx-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}",
 
 #### *BSD [do see comment about ${BSDthreads} above!]
 "BSD-generic32","gcc:-DTERMIOS -O3 -fomit-frame-pointer -Wall::${BSDthreads}:::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"BSD-x86",	"gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -Wall::${BSDthreads}:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}:dlfcn:bsd-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"BSD-x86",	"gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -Wall::${BSDthreads}:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_asm}:a.out:dlfcn:bsd-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 "BSD-x86-elf",	"gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -Wall::${BSDthreads}:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"BSD-sparcv8",	"gcc:-DB_ENDIAN -DTERMIOS -O3 -mv8 -Wall::${BSDthreads}:::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL::sparcv8.o:des_enc-sparc.o fcrypt_b.o:::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-BSD-x86-elf",	"gcc:-DL_ENDIAN -DTERMIOS -O3 -Wall -g::${BSDthreads}:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"BSD-sparcv8",	"gcc:-DB_ENDIAN -DTERMIOS -O3 -mv8 -Wall::${BSDthreads}:::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL:${sparcv8_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 
 "BSD-generic64","gcc:-DTERMIOS -O3 -Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 # -DMD32_REG_T=int doesn't actually belong in sparc64 target, it
 # simply *happens* to work around a compiler bug in gcc 3.3.3,
 # triggered by RIPEMD160 code.
-"BSD-sparc64",	"gcc:-DB_ENDIAN -DTERMIOS -O3 -DMD32_REG_T=int -Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC2_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC2 BF_PTR:::des_enc-sparc.o fcrypt_b.o:::md5-sparcv9.o::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"BSD-ia64",	"gcc:-DL_ENDIAN -DTERMIOS -O3 -Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${ia64_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"BSD-x86_64",	"gcc:-DL_ENDIAN -DTERMIOS -O3 -DMD32_REG_T=int -Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"BSD-sparc64",	"gcc:-DB_ENDIAN -DTERMIOS -O3 -DMD32_REG_T=int -Wall::${BSDthreads}:::BN_LLONG RC2_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC2 BF_PTR:${sparcv9_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"BSD-ia64",	"gcc:-DL_ENDIAN -DTERMIOS -O3 -Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_INT:${ia64_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"BSD-x86_64",	"gcc:-DL_ENDIAN -DTERMIOS -O3 -DMD32_REG_T=int -Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 
-"bsdi-elf-gcc",     "gcc:-DPERL5 -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::(unknown)::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"bsdi-elf-gcc",     "gcc:-DPERL5 -DL_ENDIAN -fomit-frame-pointer -O3 -march=i486 -Wall::(unknown)::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 
 "nextstep",	"cc:-O -Wall:<libc.h>:(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:::",
 "nextstep3.3",	"cc:-O3 -Wall:<libc.h>:(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:::",
@@ -376,7 +407,12 @@ my %table=(
 
 # QNX
 "qnx4",	"cc:-DL_ENDIAN -DTERMIO::(unknown):::${x86_gcc_des} ${x86_gcc_opts}:",
-"qnx6",	"cc:-DL_ENDIAN -DTERMIOS::(unknown)::-lsocket:${x86_gcc_des} ${x86_gcc_opts}:",
+"QNX6",       "gcc:-DTERMIOS::::-lsocket::${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"QNX6-i386",  "gcc:-DL_ENDIAN -DTERMIOS -O2 -Wall::::-lsocket:${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+
+# BeOS
+"beos-x86-r5",   "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -mcpu=pentium -Wall::-D_REENTRANT:BEOS:-lbe -lnet:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:beos:beos-shared:-fPIC -DPIC:-shared:.so",
+"beos-x86-bone", "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -mcpu=pentium -Wall::-D_REENTRANT:BEOS:-lbe -lbind -lsocket:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:beos:beos-shared:-fPIC:-shared:.so",
 
 #### SCO/Caldera targets.
 #
@@ -393,21 +429,19 @@ my %table=(
 "unixware-2.0","cc:-DFILIO_H -DNO_STRINGS_H::-Kthread::-lsocket -lnsl -lresolv -lx:${x86_gcc_des} ${x86_gcc_opts}:::",
 "unixware-2.1","cc:-O -DFILIO_H::-Kthread::-lsocket -lnsl -lresolv -lx:${x86_gcc_des} ${x86_gcc_opts}:::",
 "unixware-7","cc:-O -DFILIO_H -Kalloca::-Kthread::-lsocket -lnsl:BN_LLONG MD2_CHAR RC4_INDEX ${x86_gcc_des}:${x86_elf_asm}:dlfcn:svr5-shared:-Kpic::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"unixware-7-gcc","gcc:-DL_ENDIAN -DFILIO_H -O3 -fomit-frame-pointer -m486 -Wall::-D_REENTRANT::-lsocket -lnsl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:gnu-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"OpenUNIX-8","cc:-O -DFILIO_H -Kalloca::-Kthread::-lsocket -lnsl:BN_LLONG MD2_CHAR RC4_INDEX ${x86_gcc_des}:${x86_elf_asm}:dlfcn:svr5-shared:-Kpic::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"OpenUNIX-8-gcc","gcc:-O -DFILIO_H -fomit-frame-pointer::-pthread::-lsocket -lnsl:BN_LLONG MD2_CHAR RC4_INDEX ${x86_gcc_des}:${x86_elf_asm}:dlfcn:svr5-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"sco3-gcc",  "gcc:-O3 -fomit-frame-pointer -Dssize_t=int -DNO_SYS_UN_H::(unknown)::-lsocket:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:::", # the SCO assembler doesn't seem to like our assembler files ...
+"unixware-7-gcc","gcc:-DL_ENDIAN -DFILIO_H -O3 -fomit-frame-pointer -march=pentium -Wall::-D_REENTRANT::-lsocket -lnsl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:gnu-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 # SCO 5 - Ben Laurie <ben@algroup.co.uk> says the -O breaks the SCO cc.
 "sco5-cc",  "cc:-belf::(unknown)::-lsocket -lnsl:${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:svr3-shared:-Kpic::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 "sco5-gcc",  "gcc:-O3 -fomit-frame-pointer::(unknown)::-lsocket -lnsl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:svr3-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 
 #### IBM's AIX.
 "aix3-cc",  "cc:-O -DB_ENDIAN -qmaxmem=16384::(unknown):AIX::BN_LLONG RC4_CHAR:::",
-"aix-gcc",  "gcc:-O -DB_ENDIAN::-D_THREAD_SAFE:AIX::BN_LLONG RC4_CHAR::aix_ppc32.o::::::::::dlfcn:",
+"aix-gcc",  "gcc:-O -DB_ENDIAN::-pthread:AIX::BN_LLONG RC4_CHAR:${ppc32_asm}:aix32:dlfcn:aix-shared::-shared -Wl,-G:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X32",
+"aix64-gcc","gcc:-maix64 -O -DB_ENDIAN::-pthread:AIX::SIXTY_FOUR_BIT_LONG RC4_CHAR:${ppc64_asm}:aix64:dlfcn:aix-shared::-maix64 -shared -Wl,-G:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X64",
 # Below targets assume AIX 5. Idea is to effectively disregard $OBJECT_MODE
 # at build time. $OBJECT_MODE is respected at ./config stage!
-"aix-cc",   "cc:-q32 -O -DB_ENDIAN -qmaxmem=16384::-qthreaded:AIX::BN_LLONG RC4_CHAR::aix_ppc32.o::::::::::dlfcn:aix-shared::-q32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X 32",
-"aix64-cc", "cc:-q64 -O -DB_ENDIAN -qmaxmem=16384::(unknown):AIX::SIXTY_FOUR_BIT_LONG RC4_CHAR::aix_ppc64.o::::::::::dlfcn:aix-shared::-q64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X 64",
+"aix-cc",   "cc:-q32 -O -DB_ENDIAN -qmaxmem=16384 -qro -qroconst::-qthreaded:AIX::BN_LLONG RC4_CHAR:${ppc32_asm}:aix32:dlfcn:aix-shared::-q32 -G:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X 32",
+"aix64-cc", "cc:-q64 -O -DB_ENDIAN -qmaxmem=16384 -qro -qroconst::-qthreaded:AIX::SIXTY_FOUR_BIT_LONG RC4_CHAR:${ppc64_asm}:aix64:dlfcn:aix-shared::-q64 -G:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X 64",
 
 #
 # Cray T90 and similar (SDSC)
@@ -455,54 +489,72 @@ my %table=(
 #
 "OS390-Unix","c89.sh:-O -DB_ENDIAN -DCHARSET_EBCDIC -DNO_SYS_PARAM_H  -D_ALL_SOURCE::(unknown):::THIRTY_TWO_BIT DES_PTR DES_UNROLL MD2_CHAR RC4_INDEX RC4_CHAR BF_PTR:::",
 
-# Win64 targets, WIN64I denotes IA-64 and WIN64A - AMD64
-"VC-WIN64I","cl::::WIN64I::SIXTY_FOUR_BIT EXPORT_VAR_AS_FN:${no_asm}:win32",
-"VC-WIN64A","cl::::WIN64A::SIXTY_FOUR_BIT EXPORT_VAR_AS_FN:${no_asm}:win32",
-
 # Visual C targets
-"VC-NT","cl::::WINNT::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}:${no_asm}:win32",
+#
+# Win64 targets, WIN64I denotes IA-64 and WIN64A - AMD64
+"VC-WIN64I","cl:-W3 -Gs0 -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DUNICODE -D_UNICODE -D_CRT_SECURE_NO_DEPRECATE:::WIN64I::SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN:ia64cpuid.o:ia64.o ia64-mont.o::aes_core.o aes_cbc.o aes-ia64.o::md5-ia64.o:sha1-ia64.o sha256-ia64.o sha512-ia64.o:::::::ias:win32",
+"VC-WIN64A","cl:-W3 -Gs0 -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DUNICODE -D_UNICODE -D_CRT_SECURE_NO_DEPRECATE:::WIN64A::SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN:x86_64cpuid.o:bn_asm.o x86_64-mont.o::aes-x86_64.o aesni-x86_64.o::md5-x86_64.o:sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o::rc4-x86_64.o:::wp-x86_64.o:cmll-x86_64.o cmll_misc.o:auto:win32",
+# x86 Win32 target defaults to ANSI API, if you want UNICODE, complement
+# 'perl Configure VC-WIN32' with '-DUNICODE -D_UNICODE'
+"VC-WIN32","cl:-W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE:::WIN32::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}:${x86_asm}:win32n:win32",
+# Unified CE target
+"debug-VC-WIN32","cl:-W3 -WX -Gs0 -GF -Gy -Zi -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE:::WIN32::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}:${x86_asm}:win32n:win32",
 "VC-CE","cl::::WINCE::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}:${no_asm}:win32",
-"VC-WIN32","cl::::WIN32::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}:${no_asm}:win32",
-"VC-WIN16","cl:::(unknown):WIN16::MD2_CHAR DES_UNROLL DES_PTR RC4_INDEX THIRTY_TWO_BIT:::",
-"VC-W31-16","cl:::(unknown):WIN16::BN_LLONG MD2_CHAR DES_UNROLL DES_PTR RC4_INDEX SIXTEEN_BIT:::",
-"VC-W31-32","cl::::WIN16::BN_LLONG MD2_CHAR DES_UNROLL DES_PTR RC4_INDEX THIRTY_TWO_BIT:::",
-"VC-MSDOS","cl:::(unknown):MSDOS::BN_LLONG MD2_CHAR DES_UNROLL DES_PTR RC4_INDEX SIXTEEN_BIT:::",
 
 # Borland C++ 4.5
 "BC-32","bcc32::::WIN32::BN_LLONG DES_PTR RC4_INDEX EXPORT_VAR_AS_FN:${no_asm}:win32",
-"BC-16","bcc:::(unknown):WIN16::BN_LLONG DES_PTR RC4_INDEX SIXTEEN_BIT:::",
 
 # MinGW
-"mingw", "gcc:-mno-cygwin -DL_ENDIAN -fomit-frame-pointer -O3 -march=i486 -Wall:::MINGW32:-mno-cygwin -lwsock32 -lgdi32:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_coff_asm}:win32:cygwin-shared:-D_DLL:-shared:.dll",
+"mingw", "gcc:-mno-cygwin -DL_ENDIAN -DWIN32_LEAN_AND_MEAN -fomit-frame-pointer -O3 -march=i486 -Wall:::MINGW32:-lws2_32 -lgdi32 -lcrypt32:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts} EXPORT_VAR_AS_FN:${x86_asm}:coff:win32:cygwin-shared:-D_WINDLL -DOPENSSL_USE_APPLINK:-mno-cygwin:.dll.a",
+# As for OPENSSL_USE_APPLINK. Applink makes it possible to use .dll
+# compiled with one compiler with application compiled with another
+# compiler. It's possible to engage Applink support in mingw64 build,
+# but it's not done, because till mingw64 supports structured exception
+# handling, one can't seriously consider its binaries for using with
+# non-mingw64 run-time environment. And as mingw64 is always consistent
+# with itself, Applink is never engaged and can as well be omitted.
+"mingw64", "gcc:-mno-cygwin -DL_ENDIAN -O3 -Wall -DWIN32_LEAN_AND_MEAN -DUNICODE -D_UNICODE:::MINGW64:-lws2_32 -lgdi32 -lcrypt32:SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN:${x86_64_asm}:mingw64:win32:cygwin-shared:-D_WINDLL:-mno-cygwin:.dll.a",
 
 # UWIN 
 "UWIN", "cc:-DTERMIOS -DL_ENDIAN -O -Wall:::UWIN::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${no_asm}:win32",
 
 # Cygwin
 "Cygwin-pre1.3", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::(unknown):CYGWIN32::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${no_asm}:win32",
-"Cygwin", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -march=i486 -Wall:::CYGWIN32::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_coff_asm}:win32:cygwin-shared:-D_DLL:-shared:.dll",
-"debug-Cygwin", "gcc:-DTERMIOS -DL_ENDIAN -march=i486 -Wall -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -g -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror:::CYGWIN32:::${no_asm}:win32:cygwin-shared:::.dll",
+"Cygwin", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -march=i486 -Wall:::CYGWIN32::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_asm}:coff:dlfcn:cygwin-shared:-D_WINDLL:-shared:.dll.a",
+"debug-Cygwin", "gcc:-DTERMIOS -DL_ENDIAN -march=i486 -Wall -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -g -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror:::CYGWIN32:::${no_asm}:dlfcn:cygwin-shared:-D_WINDLL:-shared:.dll.a",
 
-# NetWare from David Ward (dsward@novell.com) - requires MetroWerks NLM development tools
+# NetWare from David Ward (dsward@novell.com)
+# requires either MetroWerks NLM development tools, or gcc / nlmconv
+# NetWare defaults socket bio to WinSock sockets. However,
+# the builds can be configured to use BSD sockets instead.
 # netware-clib => legacy CLib c-runtime support
-"netware-clib", "mwccnlm:::::${x86_gcc_opts}:::",
+"netware-clib", "mwccnlm::::::${x86_gcc_opts}::",
+"netware-clib-bsdsock", "mwccnlm::::::${x86_gcc_opts}::",
+"netware-clib-gcc", "i586-netware-gcc:-nostdinc -I/ndk/nwsdk/include/nlm -I/ndk/ws295sdk/include -DL_ENDIAN -DNETWARE_CLIB -DOPENSSL_SYSNAME_NETWARE -O2 -Wall:::::${x86_gcc_opts}::",
+"netware-clib-bsdsock-gcc", "i586-netware-gcc:-nostdinc -I/ndk/nwsdk/include/nlm -DNETWARE_BSDSOCK -DNETDB_USE_INTERNET -DL_ENDIAN -DNETWARE_CLIB -DOPENSSL_SYSNAME_NETWARE -O2 -Wall:::::${x86_gcc_opts}::",
 # netware-libc => LibC/NKS support
-"netware-libc", "mwccnlm:::::BN_LLONG ${x86_gcc_opts}:::",
-"netware-libc-gcc", "i586-netware-gcc:-nostdinc -I/ndk/libc/include -I/ndk/libc/include/winsock -DL_ENDIAN -DNETWARE_LIBC -DOPENSSL_SYSNAME_NETWARE -DTERMIO -O2 -Wall::::${x86_gcc_opts}:::",
+"netware-libc", "mwccnlm::::::BN_LLONG ${x86_gcc_opts}::",
+"netware-libc-bsdsock", "mwccnlm::::::BN_LLONG ${x86_gcc_opts}::",
+"netware-libc-gcc", "i586-netware-gcc:-nostdinc -I/ndk/libc/include -I/ndk/libc/include/winsock -DL_ENDIAN -DNETWARE_LIBC -DOPENSSL_SYSNAME_NETWARE -DTERMIO -O2 -Wall:::::BN_LLONG ${x86_gcc_opts}::",
+"netware-libc-bsdsock-gcc", "i586-netware-gcc:-nostdinc -I/ndk/libc/include -DNETWARE_BSDSOCK -DL_ENDIAN -DNETWARE_LIBC -DOPENSSL_SYSNAME_NETWARE -DTERMIO -O2 -Wall:::::BN_LLONG ${x86_gcc_opts}::",
 
 # DJGPP
-"DJGPP", "gcc:-I/dev/env/WATT_ROOT/inc -DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O2 -Wall -DDEVRANDOM=\"/dev/urandom\\x24\":::MSDOS:-L/dev/env/WATT_ROOT/lib -lwatt:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}:",
+"DJGPP", "gcc:-I/dev/env/WATT_ROOT/inc -DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O2 -Wall:::MSDOS:-L/dev/env/WATT_ROOT/lib -lwatt:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_asm}:a.out:",
 
 # Ultrix from Bernhard Simon <simon@zid.tuwien.ac.at>
 "ultrix-cc","cc:-std1 -O -Olimit 2500 -DL_ENDIAN::(unknown):::::::",
-"ultrix-gcc","gcc:-O3 -DL_ENDIAN::(unknown):::::::",
+"ultrix-gcc","gcc:-O3 -DL_ENDIAN::(unknown):::BN_LLONG::::",
 # K&R C is no longer supported; you need gcc on old Ultrix installations
 ##"ultrix","cc:-O2 -DNOPROTO -DNOCONST -DL_ENDIAN::(unknown):::::::",
 
 ##### MacOS X (a.k.a. Rhapsody or Darwin) setup
 "rhapsody-ppc-cc","cc:-O3 -DB_ENDIAN::(unknown):MACOSX_RHAPSODY::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${no_asm}::",
-"darwin-ppc-cc","cc:-O3 -fno-common -DB_ENDIAN::-D_REENTRANT:MACOSX::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::osx_ppc32.o:::::::::::darwin-shared:-fPIC::.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
-"darwin-i386-cc","cc:-O3 -fomit-frame-pointer -fno-common -DB_ENDIAN::-D_REENTRANT:MACOSX::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${no_asm}::darwin-shared:-fPIC::.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
+"darwin-ppc-cc","cc:-arch ppc -O3 -DB_ENDIAN -Wa,-force_cpusubtype_ALL::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${ppc32_asm}:osx32:dlfcn:darwin-shared:-fPIC -fno-common:-arch ppc -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
+"darwin64-ppc-cc","cc:-arch ppc64 -O3 -DB_ENDIAN::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${ppc64_asm}:osx64:dlfcn:darwin-shared:-fPIC -fno-common:-arch ppc64 -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
+"darwin-i386-cc","cc:-arch i386 -O3 -fomit-frame-pointer -DL_ENDIAN::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:BN_LLONG RC4_INT RC4_CHUNK DES_UNROLL BF_PTR:${x86_asm}:macosx:dlfcn:darwin-shared:-fPIC -fno-common:-arch i386 -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
+"debug-darwin-i386-cc","cc:-arch i386 -g3 -DL_ENDIAN::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:BN_LLONG RC4_INT RC4_CHUNK DES_UNROLL BF_PTR:${x86_asm}:macosx:dlfcn:darwin-shared:-fPIC -fno-common:-arch i386 -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
+"darwin64-x86_64-cc","cc:-arch x86_64 -O3 -DL_ENDIAN -DMD32_REG_T=int -Wall::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:macosx:dlfcn:darwin-shared:-fPIC -fno-common:-arch x86_64 -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
+"debug-darwin-ppc-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DB_ENDIAN -g -Wall -O::-D_REENTRANT:MACOSX::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${ppc32_asm}:osx32:dlfcn:darwin-shared:-fPIC:-dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
 
 ##### A/UX
 "aux3-gcc","gcc:-O2 -DTERMIO::(unknown):AUX:-lbsd:RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:::",
@@ -511,7 +563,7 @@ my %table=(
 "newsos4-gcc","gcc:-O -DB_ENDIAN::(unknown):NEWS4:-lmld -liberty:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR::::",
 
 ##### GNU Hurd
-"hurd-x86",  "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -m486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC",
+"hurd-x86",  "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -march=i486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC",
 
 ##### OS/2 EMX
 "OS2-EMX", "gcc::::::::",
@@ -526,12 +578,17 @@ my %table=(
 ##### Compaq Non-Stop Kernel (Tandem)
 "tandem-c89","c89:-Ww -D__TANDEM -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1 -D_TANDEM_SOURCE -DB_ENDIAN::(unknown):::THIRTY_TWO_BIT:::",
 
+# uClinux
+"uClinux-dist","$ENV{'CC'}:\$(CFLAGS)::-D_REENTRANT::\$(LDFLAGS) \$(LDLIBS):BN_LLONG:::::::::::::::$ENV{'LIBSSL_dlfcn'}:linux-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):$ENV{'RANLIB'}::",
+"uClinux-dist64","$ENV{'CC'}:\$(CFLAGS)::-D_REENTRANT::\$(LDFLAGS) \$(LDLIBS):SIXTY_FOUR_BIT_LONG:::::::::::::::$ENV{'LIBSSL_dlfcn'}:linux-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):$ENV{'RANLIB'}::",
+
 );
 
 my @MK1MF_Builds=qw(VC-WIN64I VC-WIN64A
-		    VC-NT VC-CE VC-WIN32
-		    VC-WIN16 VC-W31-16 VC-W31-32 VC-MSDOS
-		    BC-32 BC-16 OS2-EMX netware-clib netware-libc);
+		    VC-NT VC-CE VC-WIN32 debug-VC-WIN32
+		    BC-32 
+		    netware-clib netware-clib-bsdsock
+		    netware-libc netware-libc-bsdsock);
 
 my $idx = 0;
 my $idx_cc = $idx++;
@@ -552,6 +609,9 @@ my $idx_cast_obj = $idx++;
 my $idx_rc4_obj = $idx++;
 my $idx_rmd160_obj = $idx++;
 my $idx_rc5_obj = $idx++;
+my $idx_wp_obj = $idx++;
+my $idx_cmll_obj = $idx++;
+my $idx_perlasm_scheme = $idx++;
 my $idx_dso_scheme = $idx++;
 my $idx_shared_target = $idx++;
 my $idx_shared_cflag = $idx++;
@@ -559,20 +619,25 @@ my $idx_shared_ldflag = $idx++;
 my $idx_shared_extension = $idx++;
 my $idx_ranlib = $idx++;
 my $idx_arflags = $idx++;
+my $idx_multilib = $idx++;
 
 my $prefix="";
+my $libdir="";
 my $openssldir="";
 my $exe_ext="";
-my $install_prefix="";
+my $install_prefix= "$ENV{'INSTALL_PREFIX'}";
+my $cross_compile_prefix="";
 my $no_threads=0;
 my $threads=0;
 my $no_shared=0; # but "no-shared" is default
 my $zlib=1;      # but "no-zlib" is default
 my $no_krb5=0;   # but "no-krb5" is implied unless "--with-krb5-..." is used
+my $no_rfc3779=1; # but "no-rfc3779" is default
 my $no_asm=0;
 my $no_dso=0;
+my $no_gmp=0;
 my @skip=();
-my $Makefile="Makefile.ssl";
+my $Makefile="Makefile";
 my $des_locl="crypto/des/des_locl.h";
 my $des	="crypto/des/des.h";
 my $bn	="crypto/bn/bn.h";
@@ -587,11 +652,12 @@ my $des_enc="des_enc.o fcrypt_b.o";
 my $aes_enc="aes_core.o aes_cbc.o";
 my $bf_enc	="bf_enc.o";
 my $cast_enc="c_enc.o";
-my $rc4_enc="rc4_enc.o";
+my $rc4_enc="rc4_enc.o rc4_skey.o";
 my $rc5_enc="rc5_enc.o";
 my $md5_obj="";
 my $sha1_obj="";
 my $rmd160_obj="";
+my $cmll_enc="camellia.o cmll_misc.o cmll_cbc.o";
 my $processor="";
 my $default_ranlib;
 my $perl;
@@ -599,16 +665,31 @@ my $perl;
 
 # All of the following is disabled by default (RC5 was enabled before 0.9.8):
 
-my %disabled = ( # "what"         => "comment"
+my %disabled = ( # "what"         => "comment" [or special keyword "experimental"]
+		 "gmp"		  => "default",
+                 "jpake"          => "experimental",
+                 "md2"            => "default",
                  "rc5"            => "default",
+		 "rfc3779"	  => "default",
                  "shared"         => "default",
+		 "store"	  => "experimental",
                  "zlib"           => "default",
                  "zlib-dynamic"   => "default"
                );
+my @experimental = ();
+
+# This is what $depflags will look like with the above defaults
+# (we need this to see if we should advise the user to run "make depend"):
+my $default_depflags = " -DOPENSSL_NO_GMP -DOPENSSL_NO_JPAKE -DOPENSSL_NO_MD2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_RFC3779 -DOPENSSL_NO_STORE";
+
+# Explicit "no-..." options will be collected in %disabled along with the defaults.
+# To remove something from %disabled, use "enable-foo" (unless it's experimental).
+# For symmetry, "disable-foo" is a synonym for "no-foo".
+
+# For features called "experimental" here, a more explicit "experimental-foo" is needed to enable.
+# We will collect such requests in @experimental.
+# To avoid accidental use of experimental features, applications will have to use -DOPENSSL_EXPERIMENTAL_FOO.
 
-# Additional "no-..." options will be collected in %disabled.
-# To remove something from %disabled, use e.g. "enable-rc5".
-# For symmetry, "disable-..." is a synonym for "no-...".
 
 my $no_sse2=0;
 
@@ -616,6 +697,7 @@ my $no_sse2=0;
 
 my $flags;
 my $depflags;
+my $openssl_experimental_defines;
 my $openssl_algorithm_defines;
 my $openssl_thread_defines;
 my $openssl_sys_defines="";
@@ -636,6 +718,7 @@ while($argv_unprocessed)
 	{
 	$flags="";
 	$depflags="";
+	$openssl_experimental_defines="";
 	$openssl_algorithm_defines="";
 	$openssl_thread_defines="";
 	$openssl_sys_defines="";
@@ -661,37 +744,51 @@ PROCESS_ARGS:
 
 		if (/^no-(.+)$/ || /^disable-(.+)$/)
 			{
-			if ($1 eq "ssl")
-				{
-				$disabled{"ssl2"} = "option(ssl)";
-				$disabled{"ssl3"} = "option(ssl)";
-				}
-			elsif ($1 eq "tls")
+			if (!($disabled{$1} eq "experimental"))
 				{
-				$disabled{"tls1"} = "option(tls)"
-				}
-			else
+				if ($1 eq "ssl")
+					{
+					$disabled{"ssl2"} = "option(ssl)";
+					$disabled{"ssl3"} = "option(ssl)";
+					}
+				elsif ($1 eq "tls")
+					{
+					$disabled{"tls1"} = "option(tls)"
+					}
+				else
+					{
+					$disabled{$1} = "option";
+					}
+				}			
+			}
+		elsif (/^enable-(.+)$/ || /^experimental-(.+)$/)
+			{
+			my $algo = $1;
+			if ($disabled{$algo} eq "experimental")
 				{
-				$disabled{$1} = "option";
+				die "You are requesting an experimental feature; please say 'experimental-$algo' if you are sure\n"
+					unless (/^experimental-/);
+				push @experimental, $algo;
 				}
-			}			
-		elsif (/^enable-(.+)$/)
-			{
-			delete $disabled{$1};
+			delete $disabled{$algo};
 
-			$threads = 1 if ($1 eq "threads");
+			$threads = 1 if ($algo eq "threads");
 			}
 		elsif (/^--test-sanity$/)
 			{
 			exit(&test_sanity());
 			}
+		elsif (/^--strict-warnings/)
+			{
+			$strict_warnings = 1;
+			}
 		elsif (/^reconfigure/ || /^reconf/)
 			{
 			if (open(IN,"<$Makefile"))
 				{
 				while (<IN>)
 					{
-					chop;
+					chomp;
 					if (/^CONFIGURE_ARGS=(.*)/)
 						{
 						$argvstring=$1;
@@ -718,7 +815,7 @@ PROCESS_ARGS:
 			}
 		elsif (/^[-+]/)
 			{
-			if (/^-[lL](.*)$/)
+			if (/^-[lL](.*)$/ or /^-Wl,/)
 				{
 				$libs.=$_." ";
 				}
@@ -730,6 +827,10 @@ PROCESS_ARGS:
 				{
 				$prefix=$1;
 				}
+			elsif (/^--libdir=(.*)$/)
+				{
+				$libdir=$1;
+				}
 			elsif (/^--openssldir=(.*)$/)
 				{
 				$openssldir=$1;
@@ -742,6 +843,18 @@ PROCESS_ARGS:
 				{
 				$withargs{"krb5-".$1}=$2;
 				}
+			elsif (/^--with-zlib-lib=(.*)$/)
+				{
+				$withargs{"zlib-lib"}=$1;
+				}
+			elsif (/^--with-zlib-include=(.*)$/)
+				{
+				$withargs{"zlib-include"}="-I$1";
+				}
+			elsif (/^--cross-compile-prefix=(.*)$/)
+				{
+				$cross_compile_prefix=$1;
+				}
 			else
 				{
 				print STDERR $usage;
@@ -755,7 +868,7 @@ PROCESS_ARGS:
 			}
 		else
 			{
-			die "target already defined - $target\n" if ($target ne "");
+			die "target already defined - $target (offending arg: $_)\n" if ($target ne "");
 			$target=$_;
 			}
 
@@ -821,6 +934,16 @@ if (defined($disabled{"md5"}) || defined($disabled{"sha"})
 	$disabled{"tls1"} = "forced";
 	}
 
+if (defined($disabled{"tls1"}))
+	{
+	$disabled{"tlsext"} = "forced";
+	}
+
+if (defined($disabled{"ec"}) || defined($disabled{"dsa"})
+    || defined($disabled{"dh"}))
+	{
+	$disabled{"gost"} = "forced";
+	}
 
 if ($target eq "TABLE") {
 	foreach $target (sort keys %table) {
@@ -860,6 +983,8 @@ foreach (sort (keys %disabled))
 		{ $no_shared = 1; }
 	elsif (/^zlib$/)
 		{ $zlib = 0; }
+	elsif (/^static-engine$/)
+		{ }
 	elsif (/^zlib-dynamic$/)
 		{ }
 	elsif (/^symlinks$/)
@@ -876,8 +1001,8 @@ foreach (sort (keys %disabled))
 			$openssl_other_defines .= "#define OPENSSL_NO_$ALGO\n";
 			print " OPENSSL_NO_$ALGO";
 		
-			if (/^err$/)
-				{ $flags .= "-DOPENSSL_NO_ERR "; }
+			if (/^err$/)	{ $flags .= "-DOPENSSL_NO_ERR "; }
+			elsif (/^asm$/)	{ $no_asm = 1; }
 			}
 		else
 			{
@@ -890,6 +1015,8 @@ foreach (sort (keys %disabled))
 				{
 				push @skip, $algo;
 				print " (skip dir)";
+
+				$depflags .= " -DOPENSSL_NO_$ALGO";
 				}
 			}
 		}
@@ -897,12 +1024,21 @@ foreach (sort (keys %disabled))
 	print "\n";
 	}
 
+my $exp_cflags = "";
+foreach (sort @experimental)
+	{
+	my $ALGO;
+	($ALGO = $_) =~ tr/[a-z]/[A-Z]/;
+
+	# opensslconf.h will set OPENSSL_NO_... unless OPENSSL_EXPERIMENTAL_... is defined
+	$openssl_experimental_defines .= "#define OPENSSL_NO_$ALGO\n";
+	$exp_cflags .= " -DOPENSSL_EXPERIMENTAL_$ALGO";
+	}
 
 my $IsMK1MF=scalar grep /^$target$/,@MK1MF_Builds;
 
-$IsMK1MF=1 if ($target eq "mingw" && $^O ne "cygwin");
-
-$exe_ext=".exe" if ($target eq "Cygwin" || $target eq "DJGPP" || $target eq "mingw");
+$exe_ext=".exe" if ($target eq "Cygwin" || $target eq "DJGPP" || $target =~ /^mingw/);
+$exe_ext=".nlm" if ($target =~ /netware/);
 $exe_ext=".pm"  if ($target =~ /vos/);
 $openssldir="/usr/local/ssl" if ($openssldir eq "" and $prefix eq "");
 $prefix=$openssldir if $prefix eq "";
@@ -910,9 +1046,12 @@ $prefix=$openssldir if $prefix eq "";
 $default_ranlib= &which("ranlib") or $default_ranlib="true";
 $perl=$ENV{'PERL'} or $perl=&which("perl5") or $perl=&which("perl")
   or $perl="perl";
+my $make = $ENV{'MAKE'} || "make";
+
+$cross_compile_prefix=$ENV{'CROSS_COMPILE'} if $cross_compile_prefix eq "";
 
 chop $openssldir if $openssldir =~ /\/$/;
-chop $prefix if $prefix =~ /\/$/;
+chop $prefix if $prefix =~ /.\/$/;
 
 $openssldir=$prefix . "/ssl" if $openssldir eq "";
 $openssldir=$prefix . "/" . $openssldir if $openssldir !~ /(^\/|^[a-zA-Z]:[\\\/])/;
@@ -922,6 +1061,10 @@ print "IsMK1MF=$IsMK1MF\n";
 
 my @fields = split(/\s*:\s*/,$table{$target} . ":" x 30 , -1);
 my $cc = $fields[$idx_cc];
+# Allow environment CC to override compiler...
+if($ENV{CC}) {
+    $cc = $ENV{CC};
+}
 my $cflags = $fields[$idx_cflags];
 my $unistd = $fields[$idx_unistd];
 my $thread_cflag = $fields[$idx_thread_cflag];
@@ -939,13 +1082,27 @@ my $cast_obj = $fields[$idx_cast_obj];
 my $rc4_obj = $fields[$idx_rc4_obj];
 my $rmd160_obj = $fields[$idx_rmd160_obj];
 my $rc5_obj = $fields[$idx_rc5_obj];
+my $wp_obj = $fields[$idx_wp_obj];
+my $cmll_obj = $fields[$idx_cmll_obj];
+my $perlasm_scheme = $fields[$idx_perlasm_scheme];
 my $dso_scheme = $fields[$idx_dso_scheme];
 my $shared_target = $fields[$idx_shared_target];
 my $shared_cflag = $fields[$idx_shared_cflag];
 my $shared_ldflag = $fields[$idx_shared_ldflag];
 my $shared_extension = $fields[$idx_shared_extension];
-my $ranlib = $fields[$idx_ranlib];
+my $ranlib = $ENV{'RANLIB'} || $fields[$idx_ranlib];
+my $ar = $ENV{'AR'} || "ar";
 my $arflags = $fields[$idx_arflags];
+my $multilib = $fields[$idx_multilib];
+
+$libdir="lib$multilib" if $libdir eq "";
+
+$cflags = "$cflags$exp_cflags";
+
+# '%' in $lflags is used to split flags to "pre-" and post-flags
+my ($prelflags,$postlflags)=split('%',$lflags);
+if (defined($postlflags))	{ $lflags=$postlflags;	}
+else				{ $lflags=$prelflags; undef $prelflags;	}
 
 my $no_shared_warn=0;
 my $no_user_cflags=0;
@@ -975,7 +1132,7 @@ if (!$no_krb5)
 			if $withargs{"krb5-dir"} eq "";
 		$withargs{"krb5-lib"} = "-L".$withargs{"krb5-dir"}.
 			"/lib -lgssapi -lkrb5 -lcom_err"
-			if $withargs{"krb5-lib"} eq "";
+			if $withargs{"krb5-lib"} eq "" && !$IsMK1MF;
 		$cflags="-DKRB5_HEIMDAL $cflags";
 		}
 	if ($withargs{"krb5-flavor"} =~ /^[Mm][Ii][Tt]/)
@@ -984,7 +1141,7 @@ if (!$no_krb5)
 			if $withargs{"krb5-dir"} eq "";
 		$withargs{"krb5-lib"} = "-L".$withargs{"krb5-dir"}.
 			"/lib -lgssapi_krb5 -lkrb5 -lcom_err -lk5crypto"
-			if $withargs{"krb5-lib"} eq "";
+			if $withargs{"krb5-lib"} eq "" && !$IsMK1MF;
 		$cflags="-DKRB5_MIT $cflags";
 		$withargs{"krb5-flavor"} =~ s/^[Mm][Ii][Tt][._-]*//;
 		if ($withargs{"krb5-flavor"} =~ /^1[._-]*[01]/)
@@ -1073,8 +1230,9 @@ $lflags="$libs$lflags" if ($libs ne "");
 
 if ($no_asm)
 	{
-	$cpuid_obj=$bn_obj=$des_obj=$aes_obj=$bf_obj=$cast_obj=$rc4_obj=$rc5_obj="";
-	$sha1_obj=$md5_obj=$rmd160_obj="";
+	$cpuid_obj=$bn_obj=
+	$des_obj=$aes_obj=$bf_obj=$cast_obj=$rc4_obj=$rc5_obj=$cmll_obj=
+	$sha1_obj=$md5_obj=$rmd160_obj=$wp_obj="";
 	}
 
 if (!$no_shared)
@@ -1093,7 +1251,14 @@ if ($zlib)
 	$cflags = "-DZLIB $cflags";
 	if (defined($disabled{"zlib-dynamic"}))
 		{
-		$lflags = "$lflags -lz";
+		if (defined($withargs{"zlib-lib"}))
+			{
+			$lflags = "$lflags -L" . $withargs{"zlib-lib"} . " -lz";
+			}
+		else
+			{
+			$lflags = "$lflags -lz";
+			}
 		}
 	else
 		{
@@ -1116,21 +1281,34 @@ if (!$no_shared)
 		}
 	}
 
-if ($no_shared)
-	{
-	$openssl_other_defines.="#define OPENSSL_NO_DYNAMIC_ENGINE\n";
-	}
-else
+if (!$IsMK1MF)
 	{
-	$openssl_other_defines.="#define OPENSSL_NO_STATIC_ENGINE\n";
+	# add {no-}static-engine to options to allow mkdef.pl to work without extra arguments
+	if ($no_shared)
+		{
+		$openssl_other_defines.="#define OPENSSL_NO_DYNAMIC_ENGINE\n";
+		$options.=" static-engine";
+		}
+	else
+		{
+		$openssl_other_defines.="#define OPENSSL_NO_STATIC_ENGINE\n";
+		$options.=" no-static-engine";
+		}
 	}
 
-# Compiler fix-ups
-if ($target =~ /icc$/)
+$cpuid_obj.=" uplink.o uplink-x86.o" if ($cflags =~ /\-DOPENSSL_USE_APPLINK/);
+
+#
+# Platform fix-ups
+#
+if ($target =~ /\-icc$/)	# Intel C compiler
 	{
-	my($iccver)=`$cc -V 2>&1`;
-	if ($iccver =~ /Version ([0-9]+)\./)	{ $iccver=$1; }
-	else					{ $iccver=0;  }
+	my $iccver=0;
+	if (open(FD,"$cc -V 2>&1 |"))
+		{
+		while(<FD>) { $iccver=$1 if (/Version ([0-9]+)\./); }
+		close(FD);
+		}
 	if ($iccver>=8)
 		{
 		# Eliminate unnecessary dependency from libirc.a. This is
@@ -1138,6 +1316,28 @@ if ($target =~ /icc$/)
 		# apps/openssl can end up in endless loop upon startup...
 		$cflags.=" -Dmemcpy=__builtin_memcpy -Dmemset=__builtin_memset";
 		}
+	if ($iccver>=9)
+		{
+		$cflags.=" -i-static";
+		$cflags=~s/\-no_cpprt/-no-cpprt/;
+		}
+	if ($iccver>=10)
+		{
+		$cflags=~s/\-i\-static/-static-intel/;
+		}
+	}
+
+# Unlike other OSes (like Solaris, Linux, Tru64, IRIX) BSD run-time
+# linkers (tested OpenBSD, NetBSD and FreeBSD) "demand" RPATH set on
+# .so objects. Apparently application RPATH is not global and does
+# not apply to .so linked with other .so. Problem manifests itself
+# when libssl.so fails to load libcrypto.so. One can argue that we
+# should engrave this into Makefile.shared rules or into BSD-* config
+# lines above. Meanwhile let's try to be cautious and pass -rpath to
+# linker only when --prefix is not /usr.
+if ($target =~ /^BSD\-/)
+	{
+	$shared_ldflag.=" -Wl,-rpath,\$(LIBRPATH)" if ($prefix !~ m|^/usr[/]*$|);
 	}
 
 if ($sys_id ne "")
@@ -1159,10 +1359,13 @@ if ($ranlib eq "")
 $cpuid_obj="" if ($processor eq "386");
 
 $bn_obj = $bn_asm unless $bn_obj ne "";
-# bn86* is the only one implementing bn_*_part_words
-$cflags.=" -DOPENSSL_BN_ASM_PART_WORDS" if ($bn_obj =~ /bn86/);
-$cflags.=" -DOPENSSL_IA32_SSE2" if (!$no_sse2 && $bn_obj =~ /bn86/);
+# bn-586 is the only one implementing bn_*_part_words
+$cflags.=" -DOPENSSL_BN_ASM_PART_WORDS" if ($bn_obj =~ /bn-586/);
+$cflags.=" -DOPENSSL_IA32_SSE2" if (!$no_sse2 && $bn_obj =~ /86/);
 
+$cflags.=" -DOPENSSL_BN_ASM_MONT" if ($bn_obj =~ /-mont/);
+
+$cpuid_obj="mem_clr.o"	unless ($cpuid_obj =~ /\.o$/);
 $des_obj=$des_enc	unless ($des_obj =~ /\.o$/);
 $bf_obj=$bf_enc		unless ($bf_obj =~ /\.o$/);
 $cast_obj=$cast_enc	unless ($cast_obj =~ /\.o$/);
@@ -1174,7 +1377,7 @@ if ($sha1_obj =~ /\.o$/)
 	$cflags.=" -DSHA1_ASM"   if ($sha1_obj =~ /sx86/ || $sha1_obj =~ /sha1/);
 	$cflags.=" -DSHA256_ASM" if ($sha1_obj =~ /sha256/);
 	$cflags.=" -DSHA512_ASM" if ($sha1_obj =~ /sha512/);
-	if ($sha1_obj =~ /x86/)
+	if ($sha1_obj =~ /sse2/)
 	    {	if ($no_sse2)
 		{   $sha1_obj =~ s/\S*sse2\S+//;        }
 		elsif ($cflags !~ /OPENSSL_IA32_SSE2/)
@@ -1194,10 +1397,20 @@ if ($rmd160_obj =~ /\.o$/)
 if ($aes_obj =~ /\.o$/)
 	{
 	$cflags.=" -DAES_ASM";
+	$aes_obj =~ s/\s*aesni\-x86\.o// if ($no_sse2);
 	}
 else	{
 	$aes_obj=$aes_enc;
 	}
+$wp_obj="" if ($wp_obj =~ /mmx/ && $processor eq "386");
+if ($wp_obj =~ /\.o$/)
+	{
+	$cflags.=" -DWHIRLPOOL_ASM";
+	}
+else	{
+	$wp_obj="wp_block.o";
+	}
+$cmll_obj=$cmll_enc	unless ($cmll_obj =~ /.o$/);
 
 # "Stringify" the C flags string.  This permits it to be made part of a string
 # and works as well on command lines.
@@ -1235,6 +1448,16 @@ if ($shlib_version_number =~ /(^[0-9]*)\.([0-9\.]*)/)
 	$shlib_minor=$2;
 	}
 
+if ($strict_warnings)
+	{
+	my $wopt;
+	die "ERROR --strict-warnings requires gcc" unless ($cc =~ /gcc$/);
+	foreach $wopt (split /\s+/, $gcc_devteam_warn)
+		{
+		$cflags .= " $wopt" unless ($cflags =~ /$wopt/)
+		}
+	}
+
 open(IN,'<Makefile.org') || die "unable to read Makefile.org:$!\n";
 unlink("$Makefile.new") || die "unable to remove old $Makefile.new:$!\n" if -e "$Makefile.new";
 open(OUT,">$Makefile.new") || die "unable to create $Makefile.new:$!\n";
@@ -1242,15 +1465,18 @@ print OUT "### Generated automatically from Makefile.org by Configure.\n\n";
 my $sdirs=0;
 while (<IN>)
 	{
-	chop;
+	chomp;
 	$sdirs = 1 if /^SDIRS=/;
 	if ($sdirs) {
 		my $dir;
 		foreach $dir (@skip) {
-			s/([ 	])$dir /\1/;
+			s/(\s)$dir /$1/;
+			s/\s$dir$//;
 			}
 		}
 	$sdirs = 0 unless /\\$/;
+        s/engines // if (/^DIRS=/ && $disabled{"engine"});
+	s/ccgost// if (/^ENGDIRS=/ && $disabled{"gost"});
 	s/^VERSION=.*/VERSION=$version/;
 	s/^MAJOR=.*/MAJOR=$major/;
 	s/^MINOR=.*/MINOR=$minor/;
@@ -1260,21 +1486,36 @@ while (<IN>)
 	s/^SHLIB_MINOR=.*/SHLIB_MINOR=$shlib_minor/;
 	s/^SHLIB_EXT=.*/SHLIB_EXT=$shared_extension/;
 	s/^INSTALLTOP=.*$/INSTALLTOP=$prefix/;
+	s/^MULTILIB=.*$/MULTILIB=$multilib/;
 	s/^OPENSSLDIR=.*$/OPENSSLDIR=$openssldir/;
+	s/^LIBDIR=.*$/LIBDIR=$libdir/;
 	s/^INSTALL_PREFIX=.*$/INSTALL_PREFIX=$install_prefix/;
 	s/^PLATFORM=.*$/PLATFORM=$target/;
 	s/^OPTIONS=.*$/OPTIONS=$options/;
 	s/^CONFIGURE_ARGS=.*$/CONFIGURE_ARGS=$argvstring/;
-	s/^CC=.*$/CC= $cc/;
-	s/^MAKEDEPPROG=.*$/MAKEDEPPROG= $cc/ if $cc eq "gcc";
+	if ($cross_compile_prefix)
+		{
+		s/^CC=.*$/CROSS_COMPILE= $cross_compile_prefix\nCC= \$\(CROSS_COMPILE\)$cc/;
+		s/^AR=\s*/AR= \$\(CROSS_COMPILE\)/;
+		s/^NM=\s*/NM= \$\(CROSS_COMPILE\)/;
+		s/^RANLIB=\s*/RANLIB= \$\(CROSS_COMPILE\)/;
+		s/^MAKEDEPPROG=.*$/MAKEDEPPROG= \$\(CROSS_COMPILE\)$cc/ if $cc eq "gcc";
+		}
+	else	{
+		s/^CC=.*$/CC= $cc/;
+		s/^AR=\s*ar/AR= $ar/;
+		s/^RANLIB=.*/RANLIB= $ranlib/;
+		s/^MAKEDEPPROG=.*$/MAKEDEPPROG= $cc/ if $cc eq "gcc";
+		}
 	s/^CFLAG=.*$/CFLAG= $cflags/;
-	s/^DEPFLAG=.*$/DEPFLAG= $depflags/;
+	s/^DEPFLAG=.*$/DEPFLAG=$depflags/;
+	s/^PEX_LIBS=.*$/PEX_LIBS= $prelflags/;
 	s/^EX_LIBS=.*$/EX_LIBS= $lflags/;
 	s/^EXE_EXT=.*$/EXE_EXT= $exe_ext/;
 	s/^CPUID_OBJ=.*$/CPUID_OBJ= $cpuid_obj/;
 	s/^BN_ASM=.*$/BN_ASM= $bn_obj/;
 	s/^DES_ENC=.*$/DES_ENC= $des_obj/;
-	s/^AES_ASM_OBJ=.*$/AES_ASM_OBJ= $aes_obj/;
+	s/^AES_ENC=.*$/AES_ENC= $aes_obj/;
 	s/^BF_ENC=.*$/BF_ENC= $bf_obj/;
 	s/^CAST_ENC=.*$/CAST_ENC= $cast_obj/;
 	s/^RC4_ENC=.*$/RC4_ENC= $rc4_obj/;
@@ -1282,12 +1523,16 @@ while (<IN>)
 	s/^MD5_ASM_OBJ=.*$/MD5_ASM_OBJ= $md5_obj/;
 	s/^SHA1_ASM_OBJ=.*$/SHA1_ASM_OBJ= $sha1_obj/;
 	s/^RMD160_ASM_OBJ=.*$/RMD160_ASM_OBJ= $rmd160_obj/;
+	s/^WP_ASM_OBJ=.*$/WP_ASM_OBJ= $wp_obj/;
+	s/^CMLL_ENC=.*$/CMLL_ENC= $cmll_obj/;
+	s/^PERLASM_SCHEME=.*$/PERLASM_SCHEME= $perlasm_scheme/;
 	s/^PROCESSOR=.*/PROCESSOR= $processor/;
-	s/^RANLIB=.*/RANLIB= $ranlib/;
 	s/^ARFLAGS=.*/ARFLAGS= $arflags/;
 	s/^PERL=.*/PERL= $perl/;
 	s/^KRB5_INCLUDES=.*/KRB5_INCLUDES=$withargs{"krb5-include"}/;
 	s/^LIBKRB5=.*/LIBKRB5=$withargs{"krb5-lib"}/;
+	s/^LIBZLIB=.*/LIBZLIB=$withargs{"zlib-lib"}/;
+	s/^ZLIB_INCLUDE=.*/ZLIB_INCLUDE=$withargs{"zlib-include"}/;
 	s/^SHLIB_TARGET=.*/SHLIB_TARGET=$shared_target/;
 	s/^SHLIB_MARK=.*/SHLIB_MARK=$shared_mark/;
 	s/^SHARED_LIBS=.*/SHARED_LIBS=\$(SHARED_CRYPTO) \$(SHARED_SSL)/ if (!$no_shared);
@@ -1323,7 +1568,7 @@ print "EX_LIBS       =$lflags\n";
 print "CPUID_OBJ     =$cpuid_obj\n";
 print "BN_ASM        =$bn_obj\n";
 print "DES_ENC       =$des_obj\n";
-print "AES_ASM_OBJ   =$aes_obj\n";
+print "AES_ENC       =$aes_obj\n";
 print "BF_ENC        =$bf_obj\n";
 print "CAST_ENC      =$cast_obj\n";
 print "RC4_ENC       =$rc4_obj\n";
@@ -1331,6 +1576,7 @@ print "RC5_ENC       =$rc5_obj\n";
 print "MD5_OBJ_ASM   =$md5_obj\n";
 print "SHA1_OBJ_ASM  =$sha1_obj\n";
 print "RMD160_OBJ_ASM=$rmd160_obj\n";
+print "CMLL_ENC=     =$cmll_obj\n";
 print "PROCESSOR     =$processor\n";
 print "RANLIB        =$ranlib\n";
 print "ARFLAGS       =$arflags\n";
@@ -1394,6 +1640,7 @@ print OUT "/* WARNING: Generated automatically from opensslconf.h.in by Configur
 
 print OUT "/* OpenSSL was configured with the following options: */\n";
 my $openssl_algorithm_defines_trans = $openssl_algorithm_defines;
+$openssl_experimental_defines =~ s/^\s*#\s*define\s+OPENSSL_NO_(.*)/#ifndef OPENSSL_EXPERIMENTAL_$1\n# ifndef OPENSSL_NO_$1\n#  define OPENSSL_NO_$1\n# endif\n#endif/mg;
 $openssl_algorithm_defines_trans =~ s/^\s*#\s*define\s+OPENSSL_(.*)/# if defined(OPENSSL_$1) \&\& !defined($1)\n#  define $1\n# endif/mg;
 $openssl_algorithm_defines =~ s/^\s*#\s*define\s+(.*)/#ifndef $1\n# define $1\n#endif/mg;
 $openssl_algorithm_defines = "   /* no ciphers excluded */\n" if $openssl_algorithm_defines eq "";
@@ -1402,8 +1649,10 @@ $openssl_sys_defines =~ s/^\s*#\s*define\s+(.*)/#ifndef $1\n# define $1\n#endif/
 $openssl_other_defines =~ s/^\s*#\s*define\s+(.*)/#ifndef $1\n# define $1\n#endif/mg;
 print OUT $openssl_sys_defines;
 print OUT "#ifndef OPENSSL_DOING_MAKEDEPEND\n\n";
+print OUT $openssl_experimental_defines;
+print OUT "\n";
 print OUT $openssl_algorithm_defines;
-print OUT "\n#endif /* OPENSSL_DOING_MAKEDEPEND */\n";
+print OUT "\n#endif /* OPENSSL_DOING_MAKEDEPEND */\n\n";
 print OUT $openssl_thread_defines;
 print OUT $openssl_other_defines,"\n";
 
@@ -1415,14 +1664,22 @@ print OUT "#ifdef OPENSSL_ALGORITHM_DEFINES\n";
 print OUT $openssl_algorithm_defines_trans;
 print OUT "#endif\n\n";
 
-print OUT "#define OPENSSL_CPUID_OBJ\n\n" if ($cpuid_obj);
+print OUT "#define OPENSSL_CPUID_OBJ\n\n" if ($cpuid_obj ne "mem_clr.o");
 
 while (<IN>)
 	{
 	if	(/^#define\s+OPENSSLDIR/)
-		{ print OUT "#define OPENSSLDIR \"$openssldir\"\n"; }
+		{
+		my $foo = $openssldir;
+		$foo =~ s/\\/\\\\/g;
+		print OUT "#define OPENSSLDIR \"$foo\"\n";
+		}
 	elsif	(/^#define\s+ENGINESDIR/)
-		{ print OUT "#define ENGINESDIR \"$prefix/lib/engines\"\n"; }
+		{
+		my $foo = "$prefix/$libdir/engines";
+		$foo =~ s/\\/\\\\/g;
+		print OUT "#define ENGINESDIR \"$foo\"\n";
+		}
 	elsif	(/^#((define)|(undef))\s+OPENSSL_EXPORT_VAR_AS_FUNCTION/)
 		{ printf OUT "#undef OPENSSL_EXPORT_VAR_AS_FUNCTION\n"
 			if $export_var_as_fn;
@@ -1527,10 +1784,10 @@ if($IsMK1MF) {
 EOF
 	close(OUT);
 } else {
-	my $make_command = "make -f Makefile.ssl PERL=\'$perl\'";
+	my $make_command = "$make PERL=\'$perl\'";
 	my $make_targets = "";
 	$make_targets .= " links" if $symlink;
-	$make_targets .= " depend" if $depflags ne "" && $make_depend;
+	$make_targets .= " depend" if $depflags ne $default_depflags && $make_depend;
 	$make_targets .= " gentests" if $symlink;
 	(system $make_command.$make_targets) == 0 or exit $?
 		if $make_targets ne "";
@@ -1542,11 +1799,11 @@ EOF
 	    &dofile("tools/c_rehash",'/usr/local/bin/perl','^#!/', '#!%s','^my \$dir;$', 'my $dir = "' . $openssldir . '";');
 	    &dofile("apps/CA.pl",'/usr/local/bin/perl','^#!/', '#!%s');
 	}
-	if ($depflags ne "" && !$make_depend) {
+	if ($depflags ne $default_depflags && !$make_depend) {
 		print <<EOF;
 
-Since you've disabled at least one algorithm, you need to do the following
-before building:
+Since you've disabled or enabled at least one algorithm, you need to do
+the following before building:
 
 	make depend
 EOF
@@ -1554,7 +1811,7 @@ EOF
 }
 
 # create the ms/version32.rc file if needed
-if ($IsMK1MF) {
+if ($IsMK1MF && ($target !~ /^netware/)) {
 	my ($v1, $v2, $v3, $v4);
 	if ($version_num =~ /(^[0-9a-f]{1})([0-9a-f]{2})([0-9a-f]{2})([0-9a-f]{2})/i) {
 		$v1=hex $1;
@@ -1600,7 +1857,7 @@ BEGIN
 	    VALUE "ProductVersion", "$version\\0"
 	    // Optional:
 	    //VALUE "Comments", "\\0"
-	    VALUE "LegalCopyright", "Copyright © 1998-2002 The OpenSSL Project. Copyright © 1995-1998 Eric A. Young, Tim J. Hudson. All rights reserved.\\0"
+	    VALUE "LegalCopyright", "Copyright © 1998-2005 The OpenSSL Project. Copyright © 1995-1998 Eric A. Young, Tim J. Hudson. All rights reserved.\\0"
 	    //VALUE "LegalTrademarks", "\\0"
 	    //VALUE "PrivateBuild", "\\0"
 	    //VALUE "SpecialBuild", "\\0"
@@ -1712,8 +1969,8 @@ sub print_table_entry
 	(my $cc,my $cflags,my $unistd,my $thread_cflag,my $sys_id,my $lflags,
 	my $bn_ops,my $cpuid_obj,my $bn_obj,my $des_obj,my $aes_obj, my $bf_obj,
 	my $md5_obj,my $sha1_obj,my $cast_obj,my $rc4_obj,my $rmd160_obj,
-	my $rc5_obj,my $dso_scheme,my $shared_target,my $shared_cflag,
-	my $shared_ldflag,my $shared_extension,my $ranlib,my $arflags)=
+	my $rc5_obj,my $wp_obj,my $cmll_obj,my $perlasm_scheme,my $dso_scheme,my $shared_target,my $shared_cflag,
+	my $shared_ldflag,my $shared_extension,my $ranlib,my $arflags,my $multilib)=
 	split(/\s*:\s*/,$table{$target} . ":" x 30 , -1);
 			
 	print <<EOF
@@ -1737,6 +1994,9 @@ sub print_table_entry
 \$rc4_obj      = $rc4_obj
 \$rmd160_obj   = $rmd160_obj
 \$rc5_obj      = $rc5_obj
+\$wp_obj       = $wp_obj
+\$cmll_obj     = $cmll_obj
+\$perlasm_scheme = $perlasm_scheme
 \$dso_scheme   = $dso_scheme
 \$shared_target= $shared_target
 \$shared_cflag = $shared_cflag
@@ -1744,6 +2004,7 @@ sub print_table_entry
 \$shared_extension = $shared_extension
 \$ranlib       = $ranlib
 \$arflags      = $arflags
+\$multilib     = $multilib
 EOF
 	}
 
@@ -1760,23 +2021,23 @@ sub test_sanity
 		{
 		@fields = split(/\s*:\s*/,$table{$target} . ":" x 30 , -1);
 
-		if ($fields[$idx_dso_scheme-1] =~ /^(dl|dlfcn|win32|vms)$/)
+		if ($fields[$idx_dso_scheme-1] =~ /^(beos|dl|dlfcn|win32|vms)$/)
 			{
 			$errorcnt++;
 			print STDERR "SANITY ERROR: '$target' has the dso_scheme [$idx_dso_scheme] values\n";
 			print STDERR "              in the previous field\n";
 			}
-		elsif ($fields[$idx_dso_scheme+1] =~ /^(dl|dlfcn|win32|vms)$/)
+		elsif ($fields[$idx_dso_scheme+1] =~ /^(beos|dl|dlfcn|win32|vms)$/)
 			{
 			$errorcnt++;
 			print STDERR "SANITY ERROR: '$target' has the dso_scheme [$idx_dso_scheme] values\n";
 			print STDERR "              in the following field\n";
 			}
-		elsif ($fields[$idx_dso_scheme] !~ /^(dl|dlfcn|win32|vms|)$/)
+		elsif ($fields[$idx_dso_scheme] !~ /^(beos|dl|dlfcn|win32|vms|)$/)
 			{
 			$errorcnt++;
 			print STDERR "SANITY ERROR: '$target' has the dso_scheme [$idx_dso_scheme] field = ",$fields[$idx_dso_scheme],"\n";
-			print STDERR "              valid values are 'dl', 'dlfcn', 'win32' and 'vms'\n";
+			print STDERR "              valid values are 'beos', 'dl', 'dlfcn', 'win32' and 'vms'\n";
 			}
 		}
 	print STDERR "No sanity errors detected!\n" if $errorcnt == 0;
diff --git a/FAQ b/FAQ
index 12f3d24d16..584cb9fef9 100644
--- a/FAQ
+++ b/FAQ
@@ -31,6 +31,9 @@ OpenSSL  -  Frequently Asked Questions
 * Why does my browser give a warning about a mismatched hostname?
 * How do I install a CA certificate into a browser?
 * Why is OpenSSL x509 DN output not conformant to RFC2253?
+* What is a "128 bit certificate"? Can I create one with OpenSSL?
+* Why does OpenSSL set the authority key identifier extension incorrectly?
+* How can I set up a bundle of commercial root CA certificates?
 
 [BUILD] Questions about building and testing OpenSSL
 
@@ -46,6 +49,9 @@ OpenSSL  -  Frequently Asked Questions
 * Why does the OpenSSL test suite fail on MacOS X?
 * Why does the OpenSSL test suite fail in BN_sqr test [on a 64-bit platform]?
 * Why does OpenBSD-i386 build fail on des-586.s with "Unimplemented segment type"?
+* Why does the OpenSSL test suite fail in sha512t on x86 CPU?
+* Why does compiler fail to compile sha512.c?
+* Test suite still fails, what to do?
 
 [PROG] Questions about programming with OpenSSL
 
@@ -62,6 +68,9 @@ OpenSSL  -  Frequently Asked Questions
 * Why doesn't my server application receive a client certificate?
 * Why does compilation fail due to an undefined symbol NID_uniqueIdentifier?
 * I think I've detected a memory leak, is this a bug?
+* Why does Valgrind complain about the use of uninitialized data?
+* Why doesn't a memory BIO work when a file does?
+* Where are the declarations and implementations of d2i_X509() etc?
 
 ===============================================================================
 
@@ -70,7 +79,7 @@ OpenSSL  -  Frequently Asked Questions
 * Which is the current version of OpenSSL?
 
 The current version is available from <URL: http://www.openssl.org>.
-OpenSSL 0.9.7e was released on October 25, 2004.
+OpenSSL 0.9.8k was released on Mar 25th, 2009.
 
 In addition to the current stable release, you can also access daily
 snapshots of the OpenSSL development version at <URL:
@@ -86,14 +95,17 @@ explains how to install this library.
 
 OpenSSL includes a command line utility that can be used to perform a
 variety of cryptographic functions.  It is described in the openssl(1)
-manpage.  Documentation for developers is currently being written.  A
-few manual pages already are available; overviews over libcrypto and
+manpage.  Documentation for developers is currently being written. Many
+manual pages are available; overviews over libcrypto and
 libssl are given in the crypto(3) and ssl(3) manpages.
 
 The OpenSSL manpages are installed in /usr/local/ssl/man/ (or a
 different directory if you specified one as described in INSTALL).
 In addition, you can read the most current versions at
-<URL: http://www.openssl.org/docs/>.
+<URL: http://www.openssl.org/docs/>. Note that the online documents refer
+to the very latest development versions of OpenSSL and may include features
+not present in released versions. If in doubt refer to the documentation
+that came with the version of OpenSSL you are using.
 
 For information on parts of libcrypto that are not yet documented, you
 might want to read Ariel Glenn's documentation on SSLeay 0.9, OpenSSL's
@@ -141,8 +153,8 @@ less Unix-centric, it might have been used much earlier.
 
 With version 0.9.6 OpenSSL was extended to interface to external crypto
 hardware. This was realized in a special release '0.9.6-engine'. With
-version 0.9.7 (not yet released) the changes were merged into the main
-development line, so that the special release is no longer necessary.
+version 0.9.7 the changes were merged into the main development line,
+so that the special release is no longer necessary.
 
 * How do I check the authenticity of the OpenSSL distribution?
 
@@ -167,8 +179,8 @@ you if you want to use OpenSSL.  For information on intellectual
 property rights, please consult a lawyer.  The OpenSSL team does not
 offer legal advice.
 
-You can configure OpenSSL so as not to use RC5 and IDEA by using
- ./config no-rc5 no-idea
+You can configure OpenSSL so as not to use IDEA, MDC2 and RC5 by using
+ ./config no-idea no-mdc2 no-rc5
 
 
 * Can I use OpenSSL with GPL software?
@@ -384,6 +396,76 @@ interface, the "-nameopt" option could be introduded. See the manual
 page of the "openssl x509" commandline tool for details. The old behaviour
 has however been left as default for the sake of compatibility.
 
+* What is a "128 bit certificate"? Can I create one with OpenSSL?
+
+The term "128 bit certificate" is a highly misleading marketing term. It does
+*not* refer to the size of the public key in the certificate! A certificate
+containing a 128 bit RSA key would have negligible security.
+
+There were various other names such as "magic certificates", "SGC
+certificates", "step up certificates" etc.
+
+You can't generally create such a certificate using OpenSSL but there is no
+need to any more. Nowadays web browsers using unrestricted strong encryption
+are generally available.
+
+When there were tight restrictions on the export of strong encryption
+software from the US only weak encryption algorithms could be freely exported
+(initially 40 bit and then 56 bit). It was widely recognised that this was
+inadequate. A relaxation of the rules allowed the use of strong encryption but
+only to an authorised server.
+
+Two slighly different techniques were developed to support this, one used by
+Netscape was called "step up", the other used by MSIE was called "Server Gated
+Cryptography" (SGC). When a browser initially connected to a server it would
+check to see if the certificate contained certain extensions and was issued by
+an authorised authority. If these test succeeded it would reconnect using
+strong encryption.
+
+Only certain (initially one) certificate authorities could issue the
+certificates and they generally cost more than ordinary certificates.
+
+Although OpenSSL can create certificates containing the appropriate extensions
+the certificate would not come from a permitted authority and so would not
+be recognized.
+
+The export laws were later changed to allow almost unrestricted use of strong
+encryption so these certificates are now obsolete.
+
+
+* Why does OpenSSL set the authority key identifier (AKID) extension incorrectly?
+
+It doesn't: this extension is often the cause of confusion.
+
+Consider a certificate chain A->B->C so that A signs B and B signs C. Suppose
+certificate C contains AKID.
+
+The purpose of this extension is to identify the authority certificate B. This
+can be done either by including the subject key identifier of B or its issuer
+name and serial number.
+
+In this latter case because it is identifying certifcate B it must contain the
+issuer name and serial number of B.
+
+It is often wrongly assumed that it should contain the subject name of B. If it
+did this would be redundant information because it would duplicate the issuer
+name of C.
+
+
+* How can I set up a bundle of commercial root CA certificates?
+
+The OpenSSL software is shipped without any root CA certificate as the
+OpenSSL project does not have any policy on including or excluding
+any specific CA and does not intend to set up such a policy. Deciding
+about which CAs to support is up to application developers or
+administrators.
+
+Other projects do have other policies so you can for example extract the CA
+bundle used by Mozilla and/or modssl as described in this article:
+
+  http://www.mail-archive.com/modssl-users@modssl.org/msg16980.html
+
+
 [BUILD] =======================================================================
 
 * Why does the linker complain about undefined symbols?
@@ -598,6 +680,35 @@ Reportedly elder *BSD a.out platforms also suffer from this problem and
 remedy should be same. Provided binary is statically linked and should be
 working across wider range of *BSD branches, not just OpenBSD.
 
+* Why does the OpenSSL test suite fail in sha512t on x86 CPU?
+
+If the test program in question fails withs SIGILL, Illegal Instruction
+exception, then you more than likely to run SSE2-capable CPU, such as
+Intel P4, under control of kernel which does not support SSE2
+instruction extentions. See accompanying INSTALL file and
+OPENSSL_ia32cap(3) documentation page for further information.
+
+* Why does compiler fail to compile sha512.c?
+
+OpenSSL SHA-512 implementation depends on compiler support for 64-bit
+integer type. Few elder compilers [ULTRIX cc, SCO compiler to mention a
+couple] lack support for this and therefore are incapable of compiling
+the module in question. The recommendation is to disable SHA-512 by
+adding no-sha512 to ./config [or ./Configure] command line. Another
+possible alternative might be to switch to GCC.
+
+* Test suite still fails, what to do?
+
+Another common reason for failure to complete some particular test is
+simply bad code generated by a buggy component in toolchain or deficiency
+in run-time environment. There are few cases documented in PROBLEMS file,
+consult it for possible workaround before you beat the drum. Even if you
+don't find solution or even mention there, do reserve for possibility of
+a compiler bug. Compiler bugs might appear in rather bizarre ways, they
+never make sense, and tend to emerge when you least expect them. In order
+to identify one, drop optimization level, e.g. by editing CFLAG line in
+top-level Makefile, recompile and re-run the test.
+
 [PROG] ========================================================================
 
 * Is OpenSSL thread-safe?
@@ -609,8 +720,11 @@ libraries.  If your platform is not one of these, consult the INSTALL
 file.
 
 Multi-threaded applications must provide two callback functions to
-OpenSSL.  This is described in the threads(3) manpage.
-
+OpenSSL by calling CRYPTO_set_locking_callback() and
+CRYPTO_set_id_callback(), for all versions of OpenSSL up to and
+including 0.9.8[abc...]. As of version 0.9.9, CRYPTO_set_id_callback()
+and associated APIs are deprecated by CRYPTO_THREADID_set_callback()
+and friends. This is described in the threads(3) manpage.
 
 * I've compiled a program under Windows and it crashes: why?
 
@@ -630,10 +744,10 @@ your application must link  against the same by which OpenSSL was
 built.  If you are using MS Visual C++ (Studio) this can be changed
 by:
 
-1.  Select Settings... from the Project Menu.
-2.  Select the C/C++ Tab.
-3.  Select "Code Generation from the "Category" drop down list box
-4.  Select the Appropriate library (see table below) from the "Use
+ 1. Select Settings... from the Project Menu.
+ 2. Select the C/C++ Tab.
+ 3. Select "Code Generation from the "Category" drop down list box
+ 4. Select the Appropriate library (see table below) from the "Use
     run-time library" drop down list box.  Perform this step for both
     your debug and release versions of your application (look at the
     top left of the settings panel to change between the two)
@@ -652,6 +766,20 @@ by:
 Note that debug and release libraries are NOT interchangeable.  If you
 built OpenSSL with /MD your application must use /MD and cannot use /MDd.
 
+As per 0.9.8 the above limitation is eliminated for .DLLs. OpenSSL
+.DLLs compiled with some specific run-time option [we insist on the
+default /MD] can be deployed with application compiled with different
+option or even different compiler. But there is a catch! Instead of
+re-compiling OpenSSL toolkit, as you would have to with prior versions,
+you have to compile small C snippet with compiler and/or options of
+your choice. The snippet gets installed as
+<install-root>/include/openssl/applink.c and should be either added to
+your application project or simply #include-d in one [and only one]
+of your application source files. Failure to link this shim module
+into your application manifests itself as fatal "no OPENSSL_Applink"
+run-time error. An explicit reminder is due that in this situation
+[mixing compiler options] it is as important to add CRYPTO_malloc_init
+prior first call to OpenSSL.
 
 * How do I read or write a DER encoded buffer using the ASN1 functions?
 
@@ -737,11 +865,11 @@ code itself (the hex digits after the second colon).
 
 * Why do I get errors about unknown algorithms?
 
-This can happen under several circumstances such as reading in an
-encrypted private key or attempting to decrypt a PKCS#12 file. The cause
-is forgetting to load OpenSSL's table of algorithms with
-OpenSSL_add_all_algorithms(). See the manual page for more information.
-
+The cause is forgetting to load OpenSSL's table of algorithms with
+OpenSSL_add_all_algorithms(). See the manual page for more information. This
+can cause several problems such as being unable to read in an encrypted
+PEM file, unable to decrypt a PKCS#12 file or signature failure when
+verifying certificates.
 
 * Why can't the OpenSSH configure script detect OpenSSL?
 
@@ -793,10 +921,62 @@ that is allocated when an application starts up. Since such tables do not grow
 in size over time they are harmless.
 
 These internal tables can be freed up when an application closes using various
-functions.  Currently these include: EVP_cleanup(), ERR_remove_state(),
-ERR_free_strings(), ENGINE_cleanup(), CONF_modules_unload() and
-CRYPTO_cleanup_all_ex_data().
+functions.  Currently these include following:
 
+Thread-local cleanup functions:
 
-===============================================================================
+  ERR_remove_state()
+
+Application-global cleanup functions that are aware of usage (and therefore
+thread-safe):
+
+  ENGINE_cleanup() and CONF_modules_unload()
+
+"Brutal" (thread-unsafe) Application-global cleanup functions:
+
+  ERR_free_strings(), EVP_cleanup() and CRYPTO_cleanup_all_ex_data().
+
+
+* Why does Valgrind complain about the use of uninitialized data?
+
+When OpenSSL's PRNG routines are called to generate random numbers the supplied
+buffer contents are mixed into the entropy pool: so it technically does not
+matter whether the buffer is initialized at this point or not.  Valgrind (and
+other test tools) will complain about this. When using Valgrind, make sure the
+OpenSSL library has been compiled with the PURIFY macro defined (-DPURIFY)
+to get rid of these warnings.
+
+
+* Why doesn't a memory BIO work when a file does?
+
+This can occur in several cases for example reading an S/MIME email message.
+The reason is that a memory BIO can do one of two things when all the data
+has been read from it.
 
+The default behaviour is to indicate that no more data is available and that
+the call should be retried, this is to allow the application to fill up the BIO
+again if necessary.
+
+Alternatively it can indicate that no more data is available and that EOF has
+been reached.
+
+If a memory BIO is to behave in the same way as a file this second behaviour
+is needed. This must be done by calling:
+
+   BIO_set_mem_eof_return(bio, 0);
+
+See the manual pages for more details.
+
+
+* Where are the declarations and implementations of d2i_X509() etc?
+
+These are defined and implemented by macros of the form:
+
+
+ DECLARE_ASN1_FUNCTIONS(X509) and IMPLEMENT_ASN1_FUNCTIONS(X509)
+
+The implementation passes an ASN1 "template" defining the structure into an
+ASN1 interpreter using generalised functions such as ASN1_item_d2i().
+
+
+===============================================================================
diff --git a/INSTALL b/INSTALL
index 91b639282f..85e2660191 100644
--- a/INSTALL
+++ b/INSTALL
@@ -75,7 +75,9 @@
   no-asm        Do not use assembler code.
 
   386           Use the 80386 instruction set only (the default x86 code is
-                more efficient, but requires at least a 486).
+                more efficient, but requires at least a 486). Note: Use
+                compiler flags for any other CPU specific configuration,
+                e.g. "-m32" to build x86 code on an x64 system.
 
   no-sse2	Exclude SSE2 code pathes. Normally SSE2 extention is
 		detected at run-time, but the decision whether or not the
@@ -96,7 +98,7 @@
                 The crypto/<cipher> directory can be removed after running
                 "make depend".
 
-  -Dxxx, -lxxx, -Lxxx, -fxxx, -Kxxx These system specific options will
+  -Dxxx, -lxxx, -Lxxx, -fxxx, -mXXX, -Kxxx These system specific options will
                 be passed through to the compiler to allow you to
                 define preprocessor symbols, specify additional libraries,
                 library directories or other compiler options.
@@ -156,7 +158,7 @@
      standard headers).  If it is a problem with OpenSSL itself, please
      report the problem to <openssl-bugs@openssl.org> (note that your
      message will be recorded in the request tracker publicly readable
-     via http://www.openssl.org/support/rt2.html and will be forwarded to a
+     via http://www.openssl.org/support/rt.html and will be forwarded to a
      public mailing list). Include the output of "make report" in your message.
      Please check out the request tracker. Maybe the bug was already
      reported or has already been fixed.
@@ -178,7 +180,7 @@
      in Makefile.ssl and run "make clean; make". Please send a bug
      report to <openssl-bugs@openssl.org>, including the output of
      "make report" in order to be added to the request tracker at
-     http://www.openssl.org/support/rt2.html.
+     http://www.openssl.org/support/rt.html.
 
   4. If everything tests ok, install OpenSSL with
 
@@ -204,6 +206,10 @@
                        compile programs with libcrypto or libssl.
        lib             Contains the OpenSSL library files themselves.
 
+     Use "make install_sw" to install the software without documentation,
+     and "install_docs_html" to install HTML renditions of the manual
+     pages.
+
      Package builders who want to configure the library for standard
      locations, but have the package installed somewhere else so that
      it can easily be packaged, can use
@@ -300,10 +306,10 @@
  Note on shared libraries
  ------------------------
 
- Shared library is currently an experimental feature.  The only reason to
- have them would be to conserve memory on systems where several program
- are using OpenSSL.  Binary backward compatibility can't be guaranteed
- before OpenSSL version 1.0.
+ Shared libraries have certain caveats.  Binary backward compatibility
+ can't be guaranteed before OpenSSL version 1.0.  The only reason to
+ use them would be to conserve memory on systems where several programs
+ are using OpenSSL.
 
  For some systems, the OpenSSL Configure script knows what is needed to
  build shared libraries for libcrypto and libssl.  On these systems,
@@ -328,7 +334,7 @@
  Note on support for multiple builds
  -----------------------------------
 
- OpenSSL is usually built in it's source tree.  Unfortunately, this doesn't
+ OpenSSL is usually built in its source tree.  Unfortunately, this doesn't
  support building for multiple platforms from the same source tree very well.
  It is however possible to build in a separate tree through the use of lots
  of symbolic links, which should be prepared like this:
diff --git a/INSTALL.NW b/INSTALL.NW
index 6ee02939c0..609a7309e1 100644
--- a/INSTALL.NW
+++ b/INSTALL.NW
@@ -8,54 +8,62 @@ Notes about building OpenSSL for NetWare.
 BUILD PLATFORM:
 ---------------
 The build scripts (batch files, perl scripts, etc) have been developed and
-tested on W2K.  The scripts should run fine on other Windows
-platforms (NT, Win9x, WinXP) but they haven't been tested.  They may require 
-some modifications.
+tested on W2K.  The scripts should run fine on other Windows platforms
+(NT, Win9x, WinXP) but they have not been tested.  They may require some
+modifications.
 
 
 Supported NetWare Platforms - NetWare 5.x, NetWare 6.x:
-------------------------------------------
-OpenSSL uses the WinSock interfaces introduced in NetWare 5.  Therefore,
-previous versions of NetWare, 4.x and 3.x, are not supported.
+-------------------------------------------------------
+OpenSSL can either use the WinSock interfaces introduced in NetWare 5,
+or the BSD socket interface.  Previous versions of NetWare, 4.x and 3.x,
+are only supported if OpenSSL is build for CLIB and BSD sockets;
+WinSock builds only support NetWare 5 and up.
 
 On NetWare there are two c-runtime libraries.  There is the legacy CLIB 
-interfaces and the newer LibC interfaces.  Being ANSI-C libraries, the 
-functionality in CLIB and LibC is similar but the LibC interfaces are built 
+interfaces and the newer LIBC interfaces.  Being ANSI-C libraries, the 
+functionality in CLIB and LIBC is similar but the LIBC interfaces are built 
 using Novell Kernal Services (NKS) which is designed to leverage 
 multi-processor environments.
 
-The NetWare port of OpenSSL can configured to build using CLIB or LibC.  The 
-CLIB build was developed and tested using NetWare 5.0 sp6.0a.  The LibC 
+The NetWare port of OpenSSL can be configured to build using CLIB or LIBC.
+The CLIB build was developed and tested using NetWare 5.0 sp6.0a.  The LIBC 
 build was developed and tested using the NetWare 6.0 FCS.  
 
-The necessary LibC functionality ships with NetWare 6.  However, earlier 
-NetWare 5.x versions will require updates in order to run the OpenSSL LibC
-build.
+The necessary LIBC functionality ships with NetWare 6.  However, earlier 
+NetWare 5.x versions will require updates in order to run the OpenSSL LIBC
+build (NetWare 5.1 SP8 is known to work).
 
+As of June 2005, the LIBC build can be configured to use BSD sockets instead
+of WinSock sockets. Call Configure (usually through netware\build.bat) using
+a target of "netware-libc-bsdsock" instead of "netware-libc".
+
+As of June 2007, support for CLIB and BSD sockets is also now available
+using a target of "netware-clib-bsdsock" instead of "netware-clib";
+also gcc builds are now supported on both Linux and Win32 (post 0.9.8e).
 
 REQUIRED TOOLS:
 ---------------
 Based upon the configuration and build options used, some or all of the
 following tools may be required:
 
-
 * Perl for Win32 - required (http://www.activestate.com/ActivePerl)
    Used to run the various perl scripts on the build platform.
 
-
 * Perl 5.8.0 for NetWare v3.20 (or later) - required 
    (http://developer.novell.com) Used to run the test script on NetWare 
    after building.
 
+* Compiler / Linker - required:
+   Metrowerks CodeWarrior PDK 2.1 (or later) for NetWare (commercial):
+      Provides command line tools used for building.
+      Tools:
+      mwccnlm.exe  - C/C++ Compiler for NetWare
+      mwldnlm.exe  - Linker for NetWare
+      mwasmnlm.exe - x86 assembler for NetWare (if using assembly option)
 
-* Metrowerks CodeWarrior PDK 2.1 (or later) for NetWare - required:
-   Provides command line tools used for building.
-
-   Tools:
-   mwccnlm.exe  - C/C++ Compiler for NetWare
-   mwldnlm.exe  - Linker for NetWare
-   mwasmnlm.exe - x86 assembler for NetWare (if using assembly option)
-
+   gcc / nlmconv Cross-Compiler, available from Novell Forge (free):
+         http://forge.novell.com/modules/xfmod/project/?aunixnw
 
 * Assemblers - optional:
    If you intend to build using the assembly options you will need an
@@ -75,11 +83,11 @@ following tools may be required:
    In order to build you will need a make tool.  Two make tools are
    supported, GNU make (gmake.exe) or Microsoft nmake.exe.
 
-   gmake.exe - GNU make for Windows (version 3.75 used for development)
-         http://www.gnu.org/software/make/make.html
+   make.exe - GNU make for Windows (version 3.75 used for development)
+         http://gnuwin32.sourceforge.net/packages/make.htm
 
    nmake.exe - Microsoft make (Version 6.00.8168.0 used for development)
-
+         http://support.microsoft.com/kb/132084/EN-US/
 
 * Novell Developer Kit (NDK) - required: (http://developer.novell.com)
 
@@ -95,7 +103,12 @@ following tools may be required:
          Microsoft SDK.  Note: The winsock2.h support headers may change
          with various versions of winsock2.h.  Check the dependencies
          section on the NDK WinSock2 download page for the latest
-         information on dependencies.
+         information on dependencies. These components are unsupported by
+         Novell. They are provided as a courtesy, but it is strongly
+         suggested that all development be done using LIBC, not CLIB.
+
+         As of June 2005, the WinSock2 components are available at:
+         http://forgeftp.novell.com//ws2comp/
 
 
       NLM and NetWare libraries for C (including CLIB and XPlat):
@@ -114,14 +127,15 @@ following tools may be required:
 
    LIBC - BUILDS:
    
-      Libraries for C (LibC) - LibC headers and import files
-         If you are going to build a LibC version of OpenSSL, you will
-         need the LibC headers and imports.  The March 14, 2002 NDK release or
+      Libraries for C (LIBC) - LIBC headers and import files
+         If you are going to build a LIBC version of OpenSSL, you will
+         need the LIBC headers and imports.  The March 14, 2002 NDK release or
          later is required.  
          
-         NOTE: The LibC SDK includes the necessary WinSock2 support.  It
-         It is not necessary to download the WinSock2 Developer when building
-         for LibC.
+         NOTE: The LIBC SDK includes the necessary WinSock2 support.
+         It is not necessary to download the WinSock2 NDK when building for
+         LIBC. The LIBC SDK also includes the appropriate BSD socket support
+         if configuring to use BSD sockets.
 
 
 BUILDING:
@@ -133,33 +147,36 @@ The set_env.bat file is a template you can use to set up the path
 and environment variables you will need to build.  Modify the
 various lines to point to YOUR tools and run set_env.bat.
 
-   netware\set_env.bat [target]
+   netware\set_env.bat <target> [compiler]
+
+      target        - "netware-clib" - CLIB NetWare build
+                    - "netware-libc" - LIBC NetWare build
 
-      target        - "netware-clib" - CLib NetWare build
-                    - "netware-libc" - LibC NetWare build
+      compiler      - "gnuc"         - GNU GCC Compiler
+                    - "codewarrior"  - MetroWerks CodeWarrior (default)
 
 If you don't use set_env.bat, you will need to set up the following
 environment variables:
 
-   path - Set path to point to the tools you will use.
+   PATH - Set PATH to point to the tools you will use.
 
-   MWCIncludes - The location of the NDK include files.
+   INCLUDE - The location of the NDK include files.
          
-            CLIB ex: set MWCIncludes=c:\ndk\nwsdk\include\nlm
-            LibC ex: set MWCIncludes=c:\ndk\libc\include
+            CLIB ex: set INCLUDE=c:\ndk\nwsdk\include\nlm
+            LIBC ex: set INCLUDE=c:\ndk\libc\include
 
    PRELUDE - The absolute path of the prelude object to link with.  For
             a CLIB build it is recommended you use the "clibpre.o" files shipped
-            with the Metrowerks PDK for NetWare.  For a LibC build you should 
-            use the "libcpre.o" file delivered with the LibC NDK components.
+            with the Metrowerks PDK for NetWare.  For a LIBC build you should 
+            use the "libcpre.o" file delivered with the LIBC NDK components.
 
             CLIB ex: set PRELUDE=c:\ndk\nwsdk\imports\clibpre.o
-            LibC ex: set PRELUDE=c:\ndk\libc\imports\libcpre.o
+            LIBC ex: set PRELUDE=c:\ndk\libc\imports\libcpre.o
 
    IMPORTS - The locaton of the NDK import files.
 
             CLIB ex: set IMPORTS=c:\ndk\nwsdk\imports
-            LibC ex: set IMPORTS=c:\ndk\libc\imports
+            LIBC ex: set IMPORTS=c:\ndk\libc\imports
 
 
 In order to build, you need to run the Perl scripts to configure the build
@@ -172,8 +189,10 @@ the assembly code.  Always run build.bat from the "openssl" directory.
 
    netware\build [target] [debug opts] [assembly opts] [configure opts]
 
-      target        - "netware-clib" - CLib NetWare build
-                    - "netware-libc" - LibC NetWare build
+      target        - "netware-clib" - CLIB NetWare build (WinSock Sockets)
+                    - "netware-clib-bsdsock" - CLIB NetWare build (BSD Sockets)
+                    - "netware-libc" - LIBC NetWare build (WinSock Sockets)
+                    - "netware-libc-bsdsock" - LIBC NetWare build (BSD Sockets)
  
       debug opts    - "debug"  - build debug
 
@@ -182,35 +201,41 @@ the assembly code.  Always run build.bat from the "openssl" directory.
                       "no-asm"   - don't use assembly
 
       configure opts- all unrecognized arguments are passed to the
-                      perl configure script
+                      perl 'configure' script. See that script for
+                      internal documentation regarding options that
+                      are available.
 
    examples:
 
       CLIB build, debug, without assembly:
          netware\build.bat netware-clib debug no-asm
 
-      LibC build, non-debug, using NASM assembly:
-         netware\build.bat netware-libc nw-nasm
+      LIBC build, non-debug, using NASM assembly, add mdc2 support:
+         netware\build.bat netware-libc nw-nasm enable-mdc2
+
+      LIBC build, BSD sockets, non-debug, without assembly:
+         netware\build.bat netware-libc-bsdsock no-asm
 
 Running build.bat generates a make file to be processed by your make 
 tool (gmake or nmake):
 
-   CLIB ex: gmake -f netware\nlm_clib.mak 
-   LibC ex: gmake -f netware\nlm_libc.mak 
+   CLIB ex: gmake -f netware\nlm_clib_dbg.mak 
+   LIBC ex: gmake -f netware\nlm_libc.mak 
+   LIBC ex: gmake -f netware\nlm_libc_bsdsock.mak 
 
 
 You can also run the build scripts manually if you do not want to use the
 build.bat file.  Run the following scripts in the "\openssl"
 subdirectory (in the order listed below):
 
-   perl configure no-asm [other config opts] [netware-clib|netware-libc]
+   perl configure no-asm [other config opts] [netware-clib|netware-libc|netware-libc-bsdsock]
       configures no assembly build for specified netware environment
-      (CLIB or LibC).
+      (CLIB or LIBC).
 
    perl util\mkfiles.pl >MINFO
       generates a listing of source files (used by mk1mf)
 
-   perl util\mk1mf.pl no-asm [other config opts] [netware-clib|netware-libc >netware\nlm.mak
+   perl util\mk1mf.pl no-asm [other config opts] [netware-clib|netware-libc|netware-libc-bsdsock >netware\nlm.mak
       generates the makefile for NetWare
 
    gmake -f netware\nlm.mak
@@ -235,12 +260,12 @@ The output from the build is placed in the following directories:
       tmp_nw_clib         - temporary build files
       outinc_nw_clib      - necesary include files
 
-   LibC Debug build:
+   LIBC Debug build:
       out_nw_libc.dbg     - static libs & test nlm(s)
       tmp_nw_libc.dbg     - temporary build files
       outinc_nw_libc      - necessary include files
 
-   LibC Non-debug build:
+   LIBC Non-debug build:
       out_nw_libc         - static libs & test nlm(s)
       tmp_nw_libc         - temporary build files
       outinc_nw_libc      - necesary include files
@@ -266,7 +291,7 @@ To run cpy_tests.bat:
       NetWare drive    - drive letter of mapped drive
 
       CLIB ex: netware\cpy_tests out_nw_clib m:
-      LibC ex: netware\cpy_tests out_nw_libc m:
+      LIBC ex: netware\cpy_tests out_nw_libc m:
 
 
 The Perl script, "do_tests.pl", in the "OpenSSL" directory on the server
@@ -288,13 +313,6 @@ The do_tests.pl script generates a log file "\openssl\test_out\tests.log"
 which should be reviewed for errors.  Any errors will be denoted by the word
 "ERROR" in the log.
 
-NOTE:  Currently (11/2002), the LibC test nlms report an error while loading
-       when launched from the perl script (do_tests.pl).  The problems are 
-       being addressed by the LibC development team and should be fixed in the
-       next release.  Until the problems are corrected, the LibC test nlms 
-       will have to be executed manually.  
-
-
 DEVELOPING WITH THE OPENSSL SDK:
 --------------------------------
 Now that everything is built and tested, you are ready to use the OpenSSL
@@ -348,9 +366,9 @@ clean up the resources!
 
 Multi-threaded Development
 ---------------------------
-The NetWare version of OpenSSL is thread-safe however, multi-threaded
+The NetWare version of OpenSSL is thread-safe, however multi-threaded
 applications must provide the necessary locking function callbacks.  This
-is described in doc\threads.doc.  The file "openssl\crypto\threads\mttest.c"
+is described in doc\threads.doc.  The file "openssl-x.x.x\crypto\threads\mttest.c"
 is a multi-threaded test program and demonstrates the locking functions.
 
 
@@ -420,7 +438,7 @@ Makefile "vclean"
 ------------------
 The generated makefile has a "vclean" target which cleans up the build
 directories.  If you have been building successfully and suddenly
-experience problems, use "vclean" (gmake -f netware\nlm.mak vclean) and retry.
+experience problems, use "vclean" (gmake -f netware\nlm_xxxx.mak vclean) and retry.
 
 
 "Undefined Symbol" Linker errors
diff --git a/INSTALL.W32 b/INSTALL.W32
index 0f6c302f0d..77441f1ef3 100644
--- a/INSTALL.W32
+++ b/INSTALL.W32
@@ -3,20 +3,32 @@
  ----------------------------------
 
  [Instructions for building for Windows CE can be found in INSTALL.WCE]
+ [Instructions for building for Win64 can be found in INSTALL.W64]
 
- Heres a few comments about building OpenSSL in Windows environments.  Most
- of this is tested on Win32 but it may also work in Win 3.1 with some
- modification.
+ Here are a few comments about building OpenSSL for Win32 environments,
+ such as Windows NT and Windows 9x. It should be noted though that
+ Windows 9x are not ordinarily tested. Its mention merely means that we
+ attempt to maintain certain programming discipline and pay attention
+ to backward compatibility issues, in other words it's kind of expected
+ to work on Windows 9x, but no regression tests are actually performed.
 
- You need Perl for Win32.  Unless you will build on Cygwin, you will need
- ActiveState Perl, available from http://www.activestate.com/ActivePerl.
+ On additional note newer OpenSSL versions are compiled and linked with
+ Winsock 2. This means that minimum OS requirement was elevated to NT 4
+ and Windows 98 [there is Winsock 2 update for Windows 95 though].
 
- and one of the following C compilers:
+ - you need Perl for Win32.  Unless you will build on Cygwin, you will need
+   ActiveState Perl, available from http://www.activestate.com/ActivePerl.
+
+ - one of the following C compilers:
 
   * Visual C++
   * Borland C
   * GNU C (Cygwin or MinGW)
 
+- Netwide Assembler, a.k.a. NASM, available from http://nasm.sourceforge.net/
+  is required if you intend to utilize assembler modules. Note that NASM
+  is now the only supported assembler.
+
  If you are compiling from a tarball or a CVS snapshot then the Win32 files
  may well be not up to date. This may mean that some "tweaking" is required to
  get it all to work. See the trouble shooting section later on for if (when?)
@@ -25,37 +37,18 @@
  Visual C++
  ----------
 
- If you want to compile in the assembly language routines with Visual C++ then
- you will need an assembler. This is worth doing because it will result in
- faster code: for example it will typically result in a 2 times speedup in the
- RSA routines. Currently the following assemblers are supported:
-
-  * Microsoft MASM (aka "ml")
-  * Free Netwide Assembler NASM.
-
- MASM is distributed with most versions of VC++. For the versions where it is
- not included in VC++, it is also distributed with some Microsoft DDKs, for
- example the Windows NT 4.0 DDK and the Windows 98 DDK. If you do not have
- either of these DDKs then you can just download the binaries for the Windows
- 98 DDK and extract and rename the two files XXXXXml.exe and XXXXXml.err, to
- ml.exe and ml.err and install somewhere on your PATH. Both DDKs can be
- downloaded from the Microsoft developers site www.msdn.com.
-
- NASM is freely available. Version 0.98 was used during testing: other versions
- may also work. It is available from many places, see for example:
- http://www.kernel.org/pub/software/devel/nasm/binaries/win32/
- The NASM binary nasmw.exe needs to be installed anywhere on your PATH.
-
- Firstly you should run Configure:
+ If you want to compile in the assembly language routines with Visual
+ C++, then you will need already mentioned Netwide Assembler binary,
+ nasmw.exe or nasm.exe, to be available on your %PATH%.
 
- > perl Configure VC-WIN32
+ Firstly you should run Configure with platform VC-WIN32:
 
- Next you need to build the Makefiles and optionally the assembly language
- files:
+ > perl Configure VC-WIN32 --prefix=c:\some\openssl\dir
 
- - If you are using MASM then run:
+ Where the prefix argument specifies where OpenSSL will be installed to.
 
-   > ms\do_masm
+ Next you need to build the Makefiles and optionally the assembly
+ language files:
 
  - If you are using NASM then run:
 
@@ -63,6 +56,7 @@
 
  - If you don't want to use the assembly language files at all then run:
 
+   > perl Configure VC-WIN32 no-asm --prefix=c:/some/openssl/dir
    > ms\do_ms
 
  If you get errors about things not having numbers assigned then check the
@@ -73,30 +67,39 @@
 
  > nmake -f ms\ntdll.mak
 
- If all is well it should compile and you will have some DLLs and executables
- in out32dll. If you want to try the tests then do:
+ If all is well it should compile and you will have some DLLs and
+ executables in out32dll. If you want to try the tests then do:
  
- > cd out32dll
- > ..\ms\test
+ > nmake -f ms\ntdll.mak test
+
+
+ To install OpenSSL to the specified location do:
+
+ > nmake -f ms\ntdll.mak install
 
  Tweaks:
 
- There are various changes you can make to the Win32 compile environment. By
- default the library is not compiled with debugging symbols. If you add 'debug'
- to the mk1mf.pl lines in the do_* batch file then debugging symbols will be
- compiled in. Note that mk1mf.pl expects the platform to be the last argument
- on the command line, so 'debug' must appear before that, as all other options.
+ There are various changes you can make to the Win32 compile
+ environment. By default the library is not compiled with debugging
+ symbols. If you use the platform debug-VC-WIN32 instead of VC-WIN32
+ then debugging symbols will be compiled in.
+
+ By default in 1.0.0 OpenSSL will compile builtin ENGINES into the
+ separate shared librariesy. If you specify the "enable-static-engine"
+ option on the command line to Configure the shared library build
+ (ms\ntdll.mak) will compile the engines into libeay32.dll instead.
 
  The default Win32 environment is to leave out any Windows NT specific
  features.
 
- If you want to enable the NT specific features of OpenSSL (currently only the
- logging BIO) follow the instructions above but call the batch file do_nt.bat
- instead of do_ms.bat.
+ If you want to enable the NT specific features of OpenSSL (currently
+ only the logging BIO) follow the instructions above but call the batch
+ file do_nt.bat instead of do_ms.bat.
 
  You can also build a static version of the library using the Makefile
  ms\nt.mak
 
+
  Borland C++ builder 5
  ---------------------
 
@@ -122,17 +125,13 @@
  GNU C (Cygwin)
  --------------
 
- Cygwin provides a bash shell and GNU tools environment running
- on NT 4.0, Windows 9x, Windows ME, Windows 2000, and Windows XP.
- Consequently, a make of OpenSSL with Cygwin is closer to a GNU
- bash environment such as Linux than to other the other Win32
- makes.
-
- Cygwin implements a Posix/Unix runtime system (cygwin1.dll).
- It is also possible to create Win32 binaries that only use the
- Microsoft C runtime system (msvcrt.dll or crtdll.dll) using
- MinGW. MinGW can be used in the Cygwin development environment
- or in a standalone setup as described in the following section.
+ Cygwin implements a Posix/Unix runtime system (cygwin1.dll) on top of
+ Win32 subsystem and provides a bash shell and GNU tools environment.
+ Consequently, a make of OpenSSL with Cygwin is virtually identical to
+ Unix procedure. It is also possible to create Win32 binaries that only
+ use the Microsoft C runtime system (msvcrt.dll or crtdll.dll) using
+ MinGW. MinGW can be used in the Cygwin development environment or in a
+ standalone setup as described in the following section.
 
  To build OpenSSL using Cygwin:
 
@@ -177,35 +176,35 @@
  non-fatal error in "make test" but is otherwise harmless.  If
  desired and needed, GNU bc can be built with Cygwin without change.
 
- GNU C (MinGW)
+ GNU C (MinGW/MSYS)
  -------------
 
- * Compiler installation:
+ * Compiler and shell environment installation:
 
-   MinGW is available from http://www.mingw.org. Run the installer and
-   set the MinGW bin directory to the PATH in "System Properties" or
-   autoexec.bat.
+   MinGW and MSYS are available from http://www.mingw.org/, both are
+   required. Run the installers and do whatever magic they say it takes
+   to start MSYS bash shell with GNU tools on its PATH.
 
  * Compile OpenSSL:
 
-   > ms\mingw32
+   $ ./config
+   [...]
+   $ make
+   [...]
+   $ make test
 
-   This will create the library and binaries in out. In case any problems
-   occur, try
-   > ms\mingw32 no-asm
-   instead.
+   This will create the library and binaries in root source directory
+   and openssl.exe application in apps directory.
+
+   It is also possible to cross-compile it on Linux by configuring
+   with './Configure --cross-compile-prefix=i386-mingw32- mingw ...'.
+   'make test' is naturally not applicable then.
 
    libcrypto.a and libssl.a are the static libraries. To use the DLLs,
    link with libeay32.a and libssl32.a instead.
 
-   See troubleshooting if you get error messages about functions not having
-   a number assigned.
-
- * You can now try the tests:
-
-   > cd out
-   > ..\ms\test
-
+   See troubleshooting if you get error messages about functions not
+   having a number assigned.
 
  Installation
  ------------
@@ -286,3 +285,21 @@
  (e.g. fopen()), and OpenSSL cannot change these; so in general you cannot
  rely on CRYPTO_malloc_init() solving your problem, and you should
  consistently use the multithreaded library.
+
+ Linking your application
+ ------------------------
+
+ If you link with static OpenSSL libraries [those built with ms/nt.mak],
+ then you're expected to additionally link your application with
+ WS2_32.LIB, ADVAPI32.LIB, GDI32.LIB and USER32.LIB. Those developing
+ non-interactive service applications might feel concerned about linking
+ with the latter two, as they are justly associated with interactive
+ desktop, which is not available to service processes. The toolkit is
+ designed to detect in which context it's currently executed, GUI,
+ console app or service, and act accordingly, namely whether or not to
+ actually make GUI calls.
+
+ If you link with OpenSSL .DLLs, then you're expected to include into
+ your application code small "shim" snippet, which provides glue between
+ OpenSSL BIO layer and your compiler run-time. Look up OPENSSL_Applink
+ reference page for further details.
diff --git a/INSTALL.W64 b/INSTALL.W64
new file mode 100644
index 0000000000..9fa7a19205
--- /dev/null
+++ b/INSTALL.W64
@@ -0,0 +1,66 @@
+
+ INSTALLATION ON THE WIN64 PLATFORM
+ ----------------------------------
+
+ Caveat lector
+ -------------
+
+ As of moment of this writing Win64 support is classified "initial"
+ for the following reasons.
+
+ - No assembler modules are engaged upon initial 0.9.8 release.
+ - API might change within 0.9.8 life-span, *but* in a manner which
+   doesn't break backward binary compatibility. Or in other words,
+   application programs compiled with initial 0.9.8 headers will
+   be expected to work with future minor release .DLL without need
+   to re-compile, even if future minor release features modified API.
+ - Above mentioned API modifications have everything to do with
+   elimination of a number of limitations, which are normally
+   considered inherent to 32-bit platforms. Which in turn is why they
+   are treated as limitations on 64-bit platform such as Win64:-)
+   The current list comprises [but not necessarily limited to]:
+
+   - null-terminated strings may not be longer than 2G-1 bytes,
+     longer strings are treated as zero-length;
+   - dynamically and *internally* allocated chunks can't be larger
+     than 2G-1 bytes;
+   - inability to encrypt/decrypt chunks of data larger than 4GB
+     [it's possibly to *hash* chunks of arbitrary size through];
+
+   Neither of these is actually big deal and hardly encountered
+   in real-life applications.
+
+ Compiling procedure
+ -------------------
+
+ You will need Perl. You can run under Cygwin or you can download
+ ActiveState Perl from http://www.activestate.com/ActivePerl.
+
+ You will need Microsoft Platform SDK, available for download at
+ http://www.microsoft.com/msdownload/platformsdk/sdkupdate/. As per
+ April 2005 Platform SDK is equipped with Win64 compilers, as well
+ as assemblers, but it might change in the future.
+
+ To build for Win64/x64:
+
+ > perl Configure VC-WIN64A
+ > ms\do_win64a
+ > nmake -f ms\ntdll.mak
+ > cd out32dll
+ > ..\ms\test
+
+ To build for Win64/IA64:
+
+ > perl Configure VC-WIN64I
+ > ms\do_win64i
+ > nmake -f ms\ntdll.mak
+ > cd out32dll
+ > ..\ms\test
+
+ Naturally test-suite itself has to be executed on the target platform.
+
+ Installation
+ ------------
+
+ TBD, for now see INSTALL.W32.
+
diff --git a/INSTALL.WCE b/INSTALL.WCE
index ac587d6bd2..d78c61afa8 100644
--- a/INSTALL.WCE
+++ b/INSTALL.WCE
@@ -4,24 +4,36 @@
 
  Building OpenSSL for Windows CE requires the following external tools:
 
-  * Microsoft eMbedded Visual C++ 3.0
-  * wcecompat compatibility library (www.essemer.com.au)
-  * Optionally ceutils for running automated tests (www.essemer.com.au)
-
- You also need Perl for Win32.  You will need ActiveState Perl, available
- from http://www.activestate.com/ActivePerl.
-
- Windows CE support in OpenSSL relies on wcecompat.  All Windows CE specific
- issues should be directed to www.essemer.com.au.
-
- The C Runtime Library implementation for Windows CE that is included with
- Microsoft eMbedded Visual C++ 3.0 is incomplete and in some places
- incorrect.  wcecompat plugs the holes and tries to bring the Windows CE
- CRT to a level that is more compatible with ANSI C.  wcecompat goes further
- and provides low-level IO and stream IO support for stdin/stdout/stderr
- (which Windows CE does not provide).  This IO functionality is not needed
- by the OpenSSL library itself but is used for the tests and openssl.exe.
- More information is available at www.essemer.com.au.
+  * Microsoft eMbedded Visual C++ 3.0 or later
+  * Appropriate SDK might be required
+  * Perl for Win32 [commonly recommended ActiveState Perl is available
+    from http://www.activestate.com/Products/ActivePerl/]
+
+  * wcecompat compatibility library available at
+    http://www.essemer.com.au/windowsce/
+  * Optionally ceutils for running automated tests (same location)
+
+  _or_
+
+  * PocketConsole driver and PortSDK available at
+    http://www.symbolictools.de/public/pocketconsole/
+  * CMD command interpreter (same location)
+
+ As Windows CE support in OpenSSL relies on 3rd party compatibility
+ library, it's appropriate to check corresponding URL for updates. For
+ example if you choose wcecompat, note that as for the moment of this
+ writing version 1.2 is available and actually required for WCE 4.2
+ and newer platforms. All wcecompat issues should be directed to
+ www.essemer.com.au.
+
+ Why compatibility library at all? The C Runtime Library implementation
+ for Windows CE that is included with Microsoft eMbedded Visual C++ is
+ incomplete and in some places incorrect.  Compatibility library plugs
+ the holes and tries to bring the Windows CE CRT to [more] usable level.
+ Most gaping hole in CRT is support for stdin/stdout/stderr IO, which
+ proposed compatibility libraries solve in two different ways: wcecompat
+ redirects IO to active sync link, while PortSDK - to NT-like console
+ driver on the handheld itself.
 
  Building
  --------
@@ -31,9 +43,21 @@
 
  > "C:\Program Files\Microsoft eMbedded Tools\EVC\WCE300\BIN\WCEARM.BAT"
 
- Next indicate where wcecompat is located:
+ Next pick compatibility library according to your preferences.
+
+ 1. To choose wcecompat set up WCECOMPAT environment variable pointing
+    at the location of wcecompat tree "root":
+
+    > set WCECOMPAT=C:\wcecompat
+    > set PORTSDK_LIBPATH=
 
- > set WCECOMPAT=C:\wcecompat
+ 2. To choose PortSDK set up PORTSDK_LIBPATH to point at hardware-
+    specific location where your portlib.lib is installed:
+
+    > set PORTSDK_LIBPATH=C:\PortSDK\lib\ARM
+    > set WCECOMPAT=
+
+ Note that you may not set both variables.
 
  Next you should run Configure:
 
@@ -49,16 +73,16 @@
 
  Then from the VC++ environment at a prompt do:
 
- - to build static libraries:
+   > nmake -f ms\cedll.mak
 
-   > nmake -f ms\ce.mak
+ [note that static builds are not supported under CE]
 
- - or to build DLLs:
+ If all is well it should compile and you will have some DLLs and executables
+ in out32dll*. 
 
-   > nmake -f ms\cedll.mak
+ <<< everyting below needs revision in respect to wcecompat vs. PortSDK >>>
 
- If all is well it should compile and you will have some static libraries and
- executables in out32, or some DLLs and executables in out32dll.  If you want
+ If you want
  to try the tests then make sure the ceutils are in the path and do:
  
  > cd out32
diff --git a/LICENSE b/LICENSE
index dddb07842b..a2c4adcbe6 100644
--- a/LICENSE
+++ b/LICENSE
@@ -12,7 +12,7 @@
   ---------------
 
 /* ====================================================================
- * Copyright (c) 1998-2003 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1998-2008 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
diff --git a/MacOS/GetHTTPS.src/ErrorHandling.hpp b/MacOS/GetHTTPS.src/ErrorHandling.hpp
index 3036df7ee0..fbfbe786b7 100644
--- a/MacOS/GetHTTPS.src/ErrorHandling.hpp
+++ b/MacOS/GetHTTPS.src/ErrorHandling.hpp
@@ -29,7 +29,7 @@ OSErr AppendErrorMessageToHandle(Handle inoutHandle);
 
 
 
-//	A bunch of evil macros that would be uneccessary if I were always using C++ !
+//	A bunch of evil macros that would be unnecessary if I were always using C++ !
 
 #define SetErrorMessageAndBailIfNil(theArg,theMessage)								\
 {																					\
diff --git a/Makefile.org b/Makefile.org
index d47d3b937d..675a9b5a02 100644
--- a/Makefile.org
+++ b/Makefile.org
@@ -66,10 +66,12 @@ EXE_EXT=
 ARFLAGS=
 AR=ar $(ARFLAGS) r
 RANLIB= ranlib
+NM= nm
 PERL= perl
 TAR= tar
 TARFLAGS= --no-recursion
 MAKEDEPPROG=makedepend
+LIBDIR=lib
 
 # We let the C compiler driver to take care of .s files. This is done in
 # order to be excused from maintaining a separate set of architecture
@@ -87,7 +89,7 @@ PROCESSOR=
 CPUID_OBJ= 
 BN_ASM= bn_asm.o
 DES_ENC= des_enc.o fcrypt_b.o
-AES_ASM_OBJ=aes_core.o aes_cbc.o
+AES_ENC= aes_core.o aes_cbc.o
 BF_ENC= bf_enc.o
 CAST_ENC= c_enc.o
 RC4_ENC= rc4_enc.o
@@ -95,36 +97,46 @@ RC5_ENC= rc5_enc.o
 MD5_ASM_OBJ= 
 SHA1_ASM_OBJ= 
 RMD160_ASM_OBJ= 
+WP_ASM_OBJ=
+CMLL_ENC=
+PERLASM_SCHEME=
 
 # KRB5 stuff
 KRB5_INCLUDES=
 LIBKRB5=
 
+# Zlib stuff
+ZLIB_INCLUDE=
+LIBZLIB=
+
 DIRS=   crypto ssl engines apps test tools
+ENGDIRS= ccgost
 SHLIBDIRS= crypto ssl
 
 # dirs in crypto to build
 SDIRS=  \
 	objects \
-	md2 md4 md5 sha mdc2 hmac ripemd \
-	des aes rc2 rc4 rc5 idea bf cast \
+	md2 md4 md5 sha mdc2 hmac ripemd whrlpool \
+	des aes rc2 rc4 rc5 idea bf cast camellia seed modes \
 	bn ec rsa dsa ecdsa dh ecdh dso engine \
 	buffer bio stack lhash rand err \
 	evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5 \
-	store
+	cms pqueue ts jpake store
+# keep in mind that the above list is adjusted by ./Configure
+# according to no-xxx arguments...
 
 # tests to perform.  "alltests" is a special word indicating that all tests
 # should be performed.
 TESTS = alltests
 
-MAKEFILE= Makefile.ssl
-NEWMAKE=  make
-MAKE=     $(NEWMAKE) -f Makefile.ssl
+MAKEFILE= Makefile
 
 MANDIR=$(OPENSSLDIR)/man
 MAN1=1
 MAN3=3
 MANSUFFIX=
+HTMLSUFFIX=html
+HTMLDIR=$(OPENSSLDIR)/html
 SHELL=/bin/sh
 
 TOP=    .
@@ -146,34 +158,83 @@ WTARFILE=       $(NAME)-win.tar
 EXHEADER=       e_os2.h
 HEADER=         e_os.h
 
-all: Makefile.ssl build_all openssl.pc
-
-BUILDENV=	PLATFORM='${PLATFORM}' PROCESSOR='${PROCESSOR}' \
-		SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}'	\
-		CC='${CC}' CFLAG='${CFLAG}' 			\
-		AS='${CC}' ASFLAG='${CFLAG} -c'			\
-		AR='${AR}' PERL='${PERL}' RANLIB='${RANLIB}'	\
-		LDFLAGS="$(LDFLAGS)" SHARED_LDFLAGS="$(SHARED_LDFLAGS)"	\
-		KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}'	\
-		EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}'	\
-		SHLIB_EXT='${SHLIB_EXT}' SHLIB_TARGET='${SHLIB_TARGET}'	\
-		PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}'	\
-		CPUID_OBJ='${CPUID_OBJ}'			\
-		BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' 	\
-		AES_ASM_OBJ='${AES_ASM_OBJ}'			\
-		BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}'	\
-		RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}'	\
-		SHA1_ASM_OBJ='${SHA1_ASM_OBJ}'			\
-		MD5_ASM_OBJ='${MD5_ASM_OBJ}'			\
-		RMD160_ASM_OBJ='${RMD160_ASM_OBJ}'
-
-BUILD_CMD=if echo " $(DIRS) " | grep " $$dir " >/dev/null 2>/dev/null; then \
-	if [ -d "$$dir" ]; then \
-		(cd $$dir && echo "making $$target in $$dir..." && \
-		$(MAKE) -e $(BUILDENV) $$target ) || exit 1; \
-	else \
-		$(MAKE) $$dir; \
-	fi; fi
+all: Makefile build_all openssl.pc libssl.pc libcrypto.pc
+
+# as we stick to -e, CLEARENV ensures that local variables in lower
+# Makefiles remain local and variable. $${VAR+VAR} is tribute to Korn
+# shell, which [annoyingly enough] terminates unset with error if VAR
+# is not present:-( TOP= && unset TOP is tribute to HP-UX /bin/sh,
+# which terminates unset with error if no variable was present:-(
+CLEARENV=	TOP= && unset TOP $${LIB+LIB} $${LIBS+LIBS}	\
+		$${INCLUDE+INCLUDE} $${INCLUDES+INCLUDES}	\
+		$${DIR+DIR} $${DIRS+DIRS} $${SRC+SRC}		\
+		$${LIBSRC+LIBSRC} $${LIBOBJ+LIBOBJ} $${ALL+ALL}	\
+		$${EXHEADER+EXHEADER} $${HEADER+HEADER}		\
+		$${GENERAL+GENERAL} $${CFLAGS+CFLAGS}		\
+		$${ASFLAGS+ASFLAGS} $${AFLAGS+AFLAGS}		\
+		$${LDCMD+LDCMD} $${LDFLAGS+LDFLAGS}		\
+		$${SHAREDCMD+SHAREDCMD} $${SHAREDFLAGS+SHAREDFLAGS}	\
+		$${SHARED_LIB+SHARED_LIB} $${LIBEXTRAS+LIBEXTRAS}
+
+BUILDENV=	PLATFORM='$(PLATFORM)' PROCESSOR='$(PROCESSOR)' \
+		CC='$(CC)' CFLAG='$(CFLAG)' 			\
+		AS='$(CC)' ASFLAG='$(CFLAG) -c'			\
+		AR='$(AR)' NM='$(NM)' RANLIB='$(RANLIB)'	\
+		CROSS_COMPILE='$(CROSS_COMPILE)'	\
+		PERL='$(PERL)' ENGDIRS='$(ENGDIRS)'		\
+		SDIRS='$(SDIRS)' LIBRPATH='$(INSTALLTOP)/$(LIBDIR)'	\
+		INSTALL_PREFIX='$(INSTALL_PREFIX)'		\
+		INSTALLTOP='$(INSTALLTOP)' OPENSSLDIR='$(OPENSSLDIR)'	\
+		LIBDIR='$(LIBDIR)'				\
+		MAKEDEPEND='$$$${TOP}/util/domd $$$${TOP} -MD $(MAKEDEPPROG)' \
+		DEPFLAG='-DOPENSSL_NO_DEPRECATED $(DEPFLAG)'	\
+		MAKEDEPPROG='$(MAKEDEPPROG)'			\
+		SHARED_LDFLAGS='$(SHARED_LDFLAGS)'		\
+		KRB5_INCLUDES='$(KRB5_INCLUDES)' LIBKRB5='$(LIBKRB5)'	\
+		ZLIB_INCLUDE='$(ZLIB_INCLUDE)' LIBZLIB='$(LIBZLIB)'	\
+		EXE_EXT='$(EXE_EXT)' SHARED_LIBS='$(SHARED_LIBS)'	\
+		SHLIB_EXT='$(SHLIB_EXT)' SHLIB_TARGET='$(SHLIB_TARGET)'	\
+		PEX_LIBS='$(PEX_LIBS)' EX_LIBS='$(EX_LIBS)'	\
+		CPUID_OBJ='$(CPUID_OBJ)'			\
+		BN_ASM='$(BN_ASM)' DES_ENC='$(DES_ENC)' 	\
+		AES_ENC='$(AES_ENC)' CMLL_ENC='$(CMLL_ENC)'	\
+		BF_ENC='$(BF_ENC)' CAST_ENC='$(CAST_ENC)'	\
+		RC4_ENC='$(RC4_ENC)' RC5_ENC='$(RC5_ENC)'	\
+		SHA1_ASM_OBJ='$(SHA1_ASM_OBJ)'			\
+		MD5_ASM_OBJ='$(MD5_ASM_OBJ)'			\
+		RMD160_ASM_OBJ='$(RMD160_ASM_OBJ)'		\
+		WP_ASM_OBJ='$(WP_ASM_OBJ)'			\
+		PERLASM_SCHEME='$(PERLASM_SCHEME)'		\
+		THIS=$${THIS:-$@} MAKEFILE=Makefile MAKEOVERRIDES=
+# MAKEOVERRIDES= effectively "equalizes" GNU-ish and SysV-ish make flavors,
+# which in turn eliminates ambiguities in variable treatment with -e.
+
+# BUILD_CMD is a generic macro to build a given target in a given
+# subdirectory.  The target must be given through the shell variable
+# `target' and the subdirectory to build in must be given through `dir'.
+# This macro shouldn't be used directly, use RECURSIVE_BUILD_CMD or
+# BUILD_ONE_CMD instead.
+#
+# BUILD_ONE_CMD is a macro to build a given target in a given
+# subdirectory if that subdirectory is part of $(DIRS).  It requires
+# exactly the same shell variables as BUILD_CMD.
+#
+# RECURSIVE_BUILD_CMD is a macro to build a given target in all
+# subdirectories defined in $(DIRS).  It requires that the target
+# is given through the shell variable `target'.
+BUILD_CMD=  if [ -d "$$dir" ]; then \
+	    (	cd $$dir && echo "making $$target in $$dir..." && \
+		$(CLEARENV) && $(MAKE) -e $(BUILDENV) TOP=.. DIR=$$dir $$target \
+	    ) || exit 1; \
+	    fi
+RECURSIVE_BUILD_CMD=for dir in $(DIRS); do $(BUILD_CMD); done
+BUILD_ONE_CMD=\
+	if expr " $(DIRS) " : ".* $$dir " >/dev/null 2>&1; then \
+		$(BUILD_CMD); \
+	fi
+
+reflect:
+	@[ -n "$(THIS)" ] && $(CLEARENV) && $(MAKE) $(THIS) -e $(BUILDENV)
 
 sub_all: build_all
 build_all: build_libs build_apps build_tests build_tools
@@ -181,21 +242,21 @@ build_all: build_libs build_apps build_tests build_tools
 build_libs: build_crypto build_ssl build_engines
 
 build_crypto:
-	@dir=crypto; target=all; $(BUILD_CMD)
+	@dir=crypto; target=all; $(BUILD_ONE_CMD)
 build_ssl:
-	@dir=ssl; target=all; $(BUILD_CMD)
+	@dir=ssl; target=all; $(BUILD_ONE_CMD)
 build_engines:
-	@dir=engines; target=all; $(BUILD_CMD)
+	@dir=engines; target=all; $(BUILD_ONE_CMD)
 build_apps:
-	@dir=apps; target=all; $(BUILD_CMD)
+	@dir=apps; target=all; $(BUILD_ONE_CMD)
 build_tests:
-	@dir=test; target=all; $(BUILD_CMD)
+	@dir=test; target=all; $(BUILD_ONE_CMD)
 build_tools:
-	@dir=tools; target=all; $(BUILD_CMD)
+	@dir=tools; target=all; $(BUILD_ONE_CMD)
 
 all_testapps: build_libs build_testapps
 build_testapps:
-	@dir=crypto; target=testapps; $(BUILD_CMD)
+	@dir=crypto; target=testapps; $(BUILD_ONE_CMD)
 
 libcrypto$(SHLIB_EXT): libcrypto.a
 	@if [ "$(SHLIB_TARGET)" != "" ]; then \
@@ -228,10 +289,10 @@ clean-shared:
 	done
 
 link-shared:
-	@ set -e; for i in ${SHLIBDIRS}; do \
-		$(NEWMAKE) -f $(HERE)/Makefile.shared \
-			LIBNAME=$$i LIBVERSION=${SHLIB_MAJOR}.${SHLIB_MINOR} \
-			LIBCOMPATVERSIONS=";${SHLIB_VERSION_HISTORY}" \
+	@ set -e; for i in $(SHLIBDIRS); do \
+		$(MAKE) -f $(HERE)/Makefile.shared -e $(BUILDENV) \
+			LIBNAME=$$i LIBVERSION=$(SHLIB_MAJOR).$(SHLIB_MINOR) \
+			LIBCOMPATVERSIONS=";$(SHLIB_VERSION_HISTORY)" \
 			symlink.$(SHLIB_TARGET); \
 		libs="$$libs -l$$i"; \
 	done
@@ -239,24 +300,48 @@ link-shared:
 build-shared: do_$(SHLIB_TARGET) link-shared
 
 do_$(SHLIB_TARGET):
-	@ set -e; libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
-		if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
+	@ set -e; libs='-L. $(SHLIBDEPS)'; for i in $(SHLIBDIRS); do \
+		if [ "$$i" = "ssl" -a -n "$(LIBKRB5)" ]; then \
 			libs="$(LIBKRB5) $$libs"; \
 		fi; \
-		$(NEWMAKE) -f Makefile.shared \
-			$(BUILDENV) \
-			LIBNAME=$$i LIBVERSION=${SHLIB_MAJOR}.${SHLIB_MINOR} \
-			LIBCOMPATVERSIONS=";${SHLIB_VERSION_HISTORY}" \
+		$(CLEARENV) && $(MAKE) -f Makefile.shared -e $(BUILDENV) \
+			LIBNAME=$$i LIBVERSION=$(SHLIB_MAJOR).$(SHLIB_MINOR) \
+			LIBCOMPATVERSIONS=";$(SHLIB_VERSION_HISTORY)" \
 			LIBDEPS="$$libs $(EX_LIBS)" \
-			LIBRPATH="$(INSTALLTOP)/lib" \
 			link_a.$(SHLIB_TARGET); \
 		libs="-l$$i $$libs"; \
 	done
 
-openssl.pc: Makefile.ssl
+libcrypto.pc: Makefile
+	@ ( echo 'prefix=$(INSTALLTOP)'; \
+	    echo 'exec_prefix=$${prefix}'; \
+	    echo 'libdir=$${exec_prefix}/$(LIBDIR)'; \
+	    echo 'includedir=$${prefix}/include'; \
+	    echo ''; \
+	    echo 'Name: OpenSSL-libcrypto'; \
+	    echo 'Description: OpenSSL cryptography library'; \
+	    echo 'Version: '$(VERSION); \
+	    echo 'Requires: '; \
+	    echo 'Libs: -L$${libdir} -lcrypto $(EX_LIBS)'; \
+	    echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > libcrypto.pc
+
+libssl.pc: Makefile
+	@ ( echo 'prefix=$(INSTALLTOP)'; \
+	    echo 'exec_prefix=$${prefix}'; \
+	    echo 'libdir=$${exec_prefix}/$(LIBDIR)'; \
+	    echo 'includedir=$${prefix}/include'; \
+	    echo ''; \
+	    echo 'Name: OpenSSL'; \
+	    echo 'Description: Secure Sockets Layer and cryptography libraries'; \
+	    echo 'Version: '$(VERSION); \
+	    echo 'Requires: '; \
+	    echo 'Libs: -L$${libdir} -lssl -lcrypto $(EX_LIBS)'; \
+	    echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > libssl.pc
+
+openssl.pc: Makefile
 	@ ( echo 'prefix=$(INSTALLTOP)'; \
 	    echo 'exec_prefix=$${prefix}'; \
-	    echo 'libdir=$${exec_prefix}/lib'; \
+	    echo 'libdir=$${exec_prefix}/$(LIBDIR)'; \
 	    echo 'includedir=$${prefix}/include'; \
 	    echo ''; \
 	    echo 'Name: OpenSSL'; \
@@ -266,25 +351,19 @@ openssl.pc: Makefile.ssl
 	    echo 'Libs: -L$${libdir} -lssl -lcrypto $(EX_LIBS)'; \
 	    echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > openssl.pc
 
-Makefile.ssl: Makefile.org
-	@echo "Makefile.ssl is older than Makefile.org."
+Makefile: Makefile.org Configure config
+	@echo "Makefile is older than Makefile.org, Configure or config."
 	@echo "Reconfigure the source tree (via './config' or 'perl Configure'), please."
 	@false
 
 libclean:
-	rm -f *.map *.so *.so.* engines/*.so *.a */lib */*/lib
+	rm -f *.map *.so *.so.* *.dll engines/*.so engines/*.dll *.a engines/*.a */lib */*/lib
 
 clean:	libclean
 	rm -f shlib/*.o *.o core a.out fluff rehash.time testlog make.log cctest cctest.c
-	@set -e; for i in $(DIRS) ;\
-	do \
-	if [ -d "$$i" ]; then \
-		(cd $$i && echo "making clean in $$i..." && \
-		$(MAKE) SDIRS='${SDIRS}' clean ) || exit 1; \
-		rm -f $(LIBS); \
-	fi; \
-	done;
-	rm -f openssl.pc
+	@set -e; target=clean; $(RECURSIVE_BUILD_CMD)
+	rm -f $(LIBS)
+	rm -f openssl.pc libssl.pc libcrypto.pc
 	rm -f speed.* .pure
 	rm -f $(TARFILE)
 	@set -e; for i in $(ONEDIRS) ;\
@@ -297,83 +376,57 @@ makefile.one: files
 	sh util/do_ms.sh
 
 files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl > $(TOP)/MINFO
-	@set -e; for i in $(DIRS) ;\
-	do \
-	if [ -d "$$i" ]; then \
-		(cd $$i && echo "making 'files' in $$i..." && \
-		$(MAKE) SDIRS='${SDIRS}' PERL='${PERL}' files ) || exit 1; \
-	fi; \
-	done;
+	$(PERL) $(TOP)/util/files.pl Makefile > $(TOP)/MINFO
+	@set -e; target=files; $(RECURSIVE_BUILD_CMD)
 
 links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
 	@$(PERL) $(TOP)/util/mkdir-p.pl include/openssl
 	@$(PERL) $(TOP)/util/mklink.pl include/openssl $(EXHEADER)
-	@set -e; target=links; for dir in $(DIRS); do $(BUILD_CMD); done
+	@set -e; target=links; $(RECURSIVE_BUILD_CMD)
 
 gentests:
 	@(cd test && echo "generating dummy tests (if needed)..." && \
-	$(MAKE) $(BUILDENV) TESTS='${TESTS}' OPENSSL_DEBUG_MEMORY=on generate );
+	$(CLEARENV) && $(MAKE) -e $(BUILDENV) TESTS='$(TESTS)' OPENSSL_DEBUG_MEMORY=on generate );
 
 dclean:
-	rm -f *.bak
-	@set -e; for i in $(DIRS) ;\
-	do \
-	if [ -d "$$i" ]; then \
-		(cd $$i && echo "making dclean in $$i..." && \
-		$(MAKE) SDIRS='${SDIRS}' PERL='${PERL}' dclean ) || exit 1; \
-	fi; \
-	done;
+	rm -rf *.bak include/openssl certs/.0
+	@set -e; target=dclean; $(RECURSIVE_BUILD_CMD)
 
 rehash: rehash.time
-rehash.time: certs
-	@(OPENSSL="`pwd`/util/opensslwrap.sh"; \
-	  OPENSSL_DEBUG_MEMORY=on; \
-	  export OPENSSL OPENSSL_DEBUG_MEMORY; \
-	  $(PERL) tools/c_rehash certs)
-	touch rehash.time
+rehash.time: certs apps
+	@if [ -z "$(CROSS_COMPILE)" ]; then \
+		(OPENSSL="`pwd`/util/opensslwrap.sh"; \
+		[ -x "apps/openssl.exe" ] && OPENSSL="apps/openssl.exe" || :; \
+		OPENSSL_DEBUG_MEMORY=on; \
+		export OPENSSL OPENSSL_DEBUG_MEMORY; \
+		$(PERL) tools/c_rehash certs) && \
+		touch rehash.time; \
+	else :; fi
 
 test:   tests
 
 tests: rehash
 	@(cd test && echo "testing..." && \
-	$(MAKE) -e $(BUILDENV) TESTS='${TESTS}' OPENSSL_DEBUG_MEMORY=on tests );
-	util/opensslwrap.sh version -a
+	$(CLEARENV) && $(MAKE) -e $(BUILDENV) TOP=.. TESTS='$(TESTS)' OPENSSL_DEBUG_MEMORY=on OPENSSL_CONF=../apps/openssl.cnf tests );
+	OPENSSL_CONF=apps/openssl.cnf util/opensslwrap.sh version -a
 
 report:
 	@$(PERL) util/selftest.pl
 
 depend:
-	@set -e; for i in $(DIRS) ;\
-	do \
-	if [ -d "$$i" ]; then \
-		(cd $$i && echo "making dependencies $$i..." && \
-		$(MAKE) SDIRS='${SDIRS}' CFLAG='-DOPENSSL_NO_DEPRECATED ${CFLAG}' DEPFLAG='${DEPFLAG}' MAKEDEPPROG='${MAKEDEPPROG}' KRB5_INCLUDES='${KRB5_INCLUDES}' PERL='${PERL}' depend ) || exit 1; \
-	fi; \
-	done;
+	@set -e; target=depend; $(RECURSIVE_BUILD_CMD)
 
 lint:
-	@set -e; for i in $(DIRS) ;\
-	do \
-	if [ -d "$$i" ]; then \
-		(cd $$i && echo "making lint $$i..." && \
-		$(MAKE) SDIRS='${SDIRS}' lint ) || exit 1; \
-	fi; \
-	done;
+	@set -e; target=lint; $(RECURSIVE_BUILD_CMD)
 
 tags:
-	@set -e; for i in $(DIRS) ;\
-	do \
-	if [ -d "$$i" ]; then \
-		(cd $$i && echo "making tags $$i..." && \
-		$(MAKE) SDIRS='${SDIRS}' tags ) || exit 1; \
-	fi; \
-	done;
+	rm -f TAGS
+	find . -name '[^.]*.[ch]' | xargs etags -a
 
 errors:
 	$(PERL) util/mkerr.pl -recurse -write
 	(cd engines; $(MAKE) PERL=$(PERL) errors)
+	$(PERL) util/ck_errf.pl -strict */*.c */*/*.c
 
 stacks:
 	$(PERL) util/mkstack.pl -write
@@ -388,15 +441,21 @@ crypto/objects/obj_dat.h: crypto/objects/obj_dat.pl crypto/objects/obj_mac.h
 	$(PERL) crypto/objects/obj_dat.pl crypto/objects/obj_mac.h crypto/objects/obj_dat.h
 crypto/objects/obj_mac.h: crypto/objects/objects.pl crypto/objects/objects.txt crypto/objects/obj_mac.num
 	$(PERL) crypto/objects/objects.pl crypto/objects/objects.txt crypto/objects/obj_mac.num crypto/objects/obj_mac.h
+crypto/objects/obj_xref.h: crypto/objects/objxref.pl crypto/objects/obj_xref.txt crypto/objects/obj_mac.num
+	$(PERL) crypto/objects/objxref.pl crypto/objects/obj_mac.num crypto/objects/obj_xref.txt >crypto/objects/obj_xref.h
 
 apps/openssl-vms.cnf: apps/openssl.cnf
 	$(PERL) VMS/VMSify-conf.pl < apps/openssl.cnf > apps/openssl-vms.cnf
 
+crypto/bn/bn_prime.h: crypto/bn/bn_prime.pl
+	$(PERL) crypto/bn/bn_prime.pl >crypto/bn/bn_prime.h
+
+
 TABLE: Configure
 	(echo 'Output of `Configure TABLE'"':"; \
 	$(PERL) Configure TABLE) > TABLE
 
-update: depend errors stacks util/libeay.num util/ssleay.num crypto/objects/obj_dat.h apps/openssl-vms.cnf TABLE
+update: errors stacks util/libeay.num util/ssleay.num crypto/objects/obj_dat.h crypto/objects/obj_xref.h apps/openssl-vms.cnf crypto/bn/bn_prime.h TABLE depend
 
 # Build distribution tar-file. As the list of files returned by "find" is
 # pretty long, on several platforms a "too many arguments" error or similar
@@ -427,19 +486,19 @@ tar-snap:
 dist:   
 	$(PERL) Configure dist
 	@$(MAKE) dist_pem_h
-	@$(MAKE) SDIRS='${SDIRS}' clean
-	@$(MAKE) TAR='${TAR}' TARFLAGS='${TARFLAGS}' tar
+	@$(MAKE) SDIRS='$(SDIRS)' clean
+	@$(MAKE) TAR='$(TAR)' TARFLAGS='$(TARFLAGS)' tar
 
 dist_pem_h:
-	(cd crypto/pem; $(MAKE) $(BUILDENV) pem.h; $(MAKE) clean)
+	(cd crypto/pem; $(MAKE) -e $(BUILDENV) pem.h; $(MAKE) clean)
 
 install: all install_docs install_sw
 
 install_sw:
 	@$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/bin \
-		$(INSTALL_PREFIX)$(INSTALLTOP)/lib \
-		$(INSTALL_PREFIX)$(INSTALLTOP)/lib/engines \
-		$(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig \
+		$(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR) \
+		$(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines \
+		$(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig \
 		$(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl \
 		$(INSTALL_PREFIX)$(OPENSSLDIR)/misc \
 		$(INSTALL_PREFIX)$(OPENSSLDIR)/certs \
@@ -449,21 +508,15 @@ install_sw:
 	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
 	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
 	done;
-	@set -e; for i in $(DIRS) ;\
-	do \
-	if [ -d "$$i" ]; then \
-		(cd $$i; echo "installing $$i..."; \
-		$(MAKE) $(BUILDENV) INSTALL_PREFIX='${INSTALL_PREFIX}' OPENSSLDIR='${OPENSSLDIR}' install ); \
-	fi; \
-	done
+	@set -e; target=install; $(RECURSIVE_BUILD_CMD)
 	@set -e; for i in $(LIBS) ;\
 	do \
 		if [ -f "$$i" ]; then \
 		(       echo installing $$i; \
-			cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \
-			$(RANLIB) $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \
-			chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \
-			mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i ); \
+			cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
+			$(RANLIB) $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
+			chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
+			mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i ); \
 		fi; \
 	done;
 	@set -e; if [ -n "$(SHARED_LIBS)" ]; then \
@@ -473,23 +526,33 @@ install_sw:
 			if [ -f "$$i" -o -f "$$i.a" ]; then \
 			(       echo installing $$i; \
 				if [ "$(PLATFORM)" != "Cygwin" ]; then \
-					cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \
-					chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \
-					mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i; \
+					cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
+					chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
+					mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i; \
 				else \
-					c=`echo $$i | sed 's/^lib/cyg/'`; \
+					c=`echo $$i | sed 's/^lib\(.*\)\.dll\.a/cyg\1-$(SHLIB_VERSION_NUMBER).dll/'`; \
 					cp $$c $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c.new; \
 					chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c.new; \
 					mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c.new $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c; \
-					cp $$i.a $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.a.new; \
-					chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.a.new; \
-					mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.a.new $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.a; \
+					cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
+					chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
+					mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i; \
 				fi ); \
+				if expr $(PLATFORM) : 'mingw' > /dev/null; then \
+				(	case $$i in \
+						*crypto*) i=libeay32.dll;; \
+						*ssl*)    i=ssleay32.dll;; \
+					esac; \
+					echo installing $$i; \
+	 				cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new; \
+	 				chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new; \
+	 				mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i ); \
+				fi; \
 			fi; \
 		done; \
 		(	here="`pwd`"; \
-			cd $(INSTALL_PREFIX)$(INSTALLTOP)/lib; \
-			$(NEWMAKE) -f $$here/Makefile HERE="$$here" link-shared ); \
+			cd $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR); \
+			$(MAKE) -f $$here/Makefile HERE="$$here" link-shared ); \
 		if [ "$(INSTALLTOP)" != "/usr" ]; then \
 			echo 'OpenSSL shared libraries have been installed in:'; \
 			echo '  $(INSTALLTOP)'; \
@@ -497,8 +560,33 @@ install_sw:
 			sed -e '1,/^$$/d' doc/openssl-shared.txt; \
 		fi; \
 	fi
-	cp openssl.pc $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig/openssl.pc
+	cp libcrypto.pc $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig/libcrypto.pc
+	cp libssl.pc $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig/libssl.pc
+	cp openssl.pc $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig/openssl.pc
+
+install_html_docs:
+	here="`pwd`"; \
+	for subdir in apps crypto ssl; do \
+		mkdir -p $(INSTALL_PREFIX)$(HTMLDIR)/$$subdir; \
+		for i in doc/$$subdir/*.pod; do \
+			fn=`basename $$i .pod`; \
+			echo "installing html/$$fn.$(HTMLSUFFIX)"; \
+			cat $$i \
+			| sed -r 's/L<([^)]*)(\([0-9]\))?\|([^)]*)(\([0-9]\))?>/L<\1|\3>/g' \
+			| pod2html --podroot=doc --htmlroot=.. --podpath=apps:crypto:ssl \
+			| sed -r 's/<!DOCTYPE.*//g' \
+			> $(INSTALL_PREFIX)$(HTMLDIR)/$$subdir/$$fn.$(HTMLSUFFIX); \
+			$(PERL) util/extract-names.pl < $$i | \
+				grep -v $$filecase "^$$fn\$$" | \
+				(cd $(INSTALL_PREFIX)$(HTMLDIR)/$$subdir; \
+				 while read n; do \
+					PLATFORM=$(PLATFORM) $$here/util/point.sh $$fn.$(HTMLSUFFIX) "$$n".$(HTMLSUFFIX); \
+				 done); \
+		done; \
+	done
 
 install_docs:
 	@$(PERL) $(TOP)/util/mkdir-p.pl \
@@ -509,7 +597,7 @@ install_docs:
 	@pod2man="`cd util; ./pod2mantest $(PERL)`"; \
 	here="`pwd`"; \
 	filecase=; \
-	if [ "$(PLATFORM)" = "DJGPP" -o "$(PLATFORM)" = "Cygwin" ]; then \
+	if [ "$(PLATFORM)" = "DJGPP" -o "$(PLATFORM)" = "Cygwin" -o "$(PLATFORM)" = "mingw" ]; then \
 		filecase=-i; \
 	fi; \
 	set -e; for i in doc/apps/*.pod; do \
@@ -522,11 +610,11 @@ install_docs:
 			--release=$(VERSION) `basename $$i`") \
 			>  $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \
 		$(PERL) util/extract-names.pl < $$i | \
-			grep -v $$filecase "^$$fn\$$" | \
-			grep -v "[	]" | \
+			(grep -v $$filecase "^$$fn\$$"; true) | \
+			(grep -v "[	]"; true) | \
 			(cd $(INSTALL_PREFIX)$(MANDIR)/man$$sec/; \
 			 while read n; do \
-				$$here/util/point.sh $$fn.$${sec}$(MANSUFFIX) "$$n".$${sec}$(MANSUFFIX); \
+				PLATFORM=$(PLATFORM) $$here/util/point.sh $$fn.$${sec}$(MANSUFFIX) "$$n".$${sec}$(MANSUFFIX); \
 			 done); \
 	done; \
 	set -e; for i in doc/crypto/*.pod doc/ssl/*.pod; do \
@@ -539,11 +627,11 @@ install_docs:
 			--release=$(VERSION) `basename $$i`") \
 			>  $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \
 		$(PERL) util/extract-names.pl < $$i | \
-			grep -v $$filecase "^$$fn\$$" | \
-			grep -v "[	]" | \
+			(grep -v $$filecase "^$$fn\$$"; true) | \
+			(grep -v "[	]"; true) | \
 			(cd $(INSTALL_PREFIX)$(MANDIR)/man$$sec/; \
 			 while read n; do \
-				$$here/util/point.sh $$fn.$${sec}$(MANSUFFIX) "$$n".$${sec}$(MANSUFFIX); \
+				PLATFORM=$(PLATFORM) $$here/util/point.sh $$fn.$${sec}$(MANSUFFIX) "$$n".$${sec}$(MANSUFFIX); \
 			 done); \
 	done
 
diff --git a/Makefile.shared b/Makefile.shared
index 8593ead067..3569832f1b 100644
--- a/Makefile.shared
+++ b/Makefile.shared
@@ -7,12 +7,15 @@
 
 # CC contains the current compiler.  This one MUST be defined
 CC=cc
+CFLAGS=$(CFLAG)
 # LDFLAGS contains flags to be used when temporary object files (when building
 # shared libraries) are created, or when an application is linked.
 # SHARED_LDFLAGS contains flags to be used when the shared library is created.
 LDFLAGS=
 SHARED_LDFLAGS=
 
+NM=nm
+
 # LIBNAME contains just the name of the library, without prefix ("lib"
 # on Unix, "cyg" for certain forms under Cygwin...) or suffix (.a, .so,
 # .dll, ...).  This one MUST have a value when using this makefile to
@@ -66,8 +69,8 @@ LIBDEPS=
 #------------------------------------------------------------------------------
 # The rest is private to this makefile.
 
-#SET_X=:
-SET_X=set -x
+SET_X=:
+#SET_X=set -x
 
 top:
 	echo "Trying to use this makefile interactively?  Don't."
@@ -88,20 +91,26 @@ CALC_VERSIONS=	\
 
 LINK_APP=	\
   ( $(SET_X);   \
-    LIBPATH=`for x in $$LIBDEPS; do if echo $$x | grep '^ *-L' > /dev/null 2>&1; then echo $$x | sed -e 's/^ *-L//'; fi; done | uniq`; \
+    LIBDEPS="$${LIBDEPS:-$(LIBDEPS)}"; \
+    LDCMD="$${LDCMD:-$(CC)}"; LDFLAGS="$${LDFLAGS:-$(CFLAGS)}"; \
+    LIBPATH=`for x in $$LIBDEPS; do echo $$x; done | sed -e 's/^ *-L//;t' -e d | uniq`; \
     LIBPATH=`echo $$LIBPATH | sed -e 's/ /:/g'`; \
     LD_LIBRARY_PATH=$$LIBPATH:$$LD_LIBRARY_PATH \
-    $$LDCMD $$LDFLAGS -o $$APPNAME $(OBJECTS) $$LIBDEPS )
+    $${LDCMD} $${LDFLAGS} -o $${APPNAME:=$(APPNAME)} $(OBJECTS) $${LIBDEPS} )
 
 LINK_SO=	\
   ( $(SET_X);   \
-    nm -Pg $$SHOBJECTS | grep ' [BDT] ' | cut -f1 -d' ' > lib$(LIBNAME).exp; \
-    LIBPATH=`for x in $$LIBDEPS; do if echo $$x | grep '^ *-L' > /dev/null 2>&1; then echo $$x | sed -e 's/^ *-L//'; fi; done | uniq`; \
+    LIBDEPS="$${LIBDEPS:-$(LIBDEPS)}"; \
+    SHAREDCMD="$${SHAREDCMD:-$(CC)}"; \
+    SHAREDFLAGS="$${SHAREDFLAGS:-$(CFLAGS) $(SHARED_LDFLAGS)}"; \
+    LIBPATH=`for x in $$LIBDEPS; do echo $$x; done | sed -e 's/^ *-L//;t' -e d | uniq`; \
     LIBPATH=`echo $$LIBPATH | sed -e 's/ /:/g'`; \
     LD_LIBRARY_PATH=$$LIBPATH:$$LD_LIBRARY_PATH \
-    $$SHAREDCMD $$SHAREDFLAGS -o $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX \
-	$$ALLSYMSFLAGS $$SHOBJECTS $$NOALLSYMSFLAGS $$LIBDEPS ) && \
-  $(SYMLINK_SO); ( $(SET_X); rm -f lib$(LIBNAME).exp )
+    $${SHAREDCMD} $${SHAREDFLAGS} \
+	-o $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX \
+	$$ALLSYMSFLAGS $$SHOBJECTS $$NOALLSYMSFLAGS $$LIBDEPS \
+  ) && $(SYMLINK_SO)
+
 SYMLINK_SO=	\
 	if [ -n "$$INHIBIT_SYMLINKS" ]; then :; else \
 		prev=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX; \
@@ -120,12 +129,14 @@ SYMLINK_SO=	\
 
 LINK_SO_A=	SHOBJECTS="lib$(LIBNAME).a $(LIBEXTRAS)"; $(LINK_SO)
 LINK_SO_O=	SHOBJECTS="$(LIBEXTRAS)"; $(LINK_SO)
+
 LINK_SO_A_VIA_O=	\
   SHOBJECTS=lib$(LIBNAME).o; \
   ALL=$$ALLSYMSFLAGS; ALLSYMSFLAGS=; NOALLSYMSFLAGS=; \
   ( $(SET_X); \
     ld $(LDFLAGS) -r -o lib$(LIBNAME).o $$ALL lib$(LIBNAME).a $(LIBEXTRAS) ); \
   $(LINK_SO) && rm -f $(LIBNAME).o
+
 LINK_SO_A_UNPACKED=	\
   UNPACKDIR=link_tmp.$$$$; rm -rf $$UNPACKDIR; mkdir $$UNPACKDIR; \
   (cd $$UNPACKDIR; ar x ../lib$(LIBNAME).a) && \
@@ -133,20 +144,16 @@ LINK_SO_A_UNPACKED=	\
   SHOBJECTS=$$UNPACKDIR/*.o; \
   $(LINK_SO) && rm -rf $$UNPACKDIR
 
-DETECT_GNU_LD=(${CC} -Wl,-V /dev/null 2>&1 | grep '^GNU ld' )>/dev/null
+DETECT_GNU_LD=($(CC) -Wl,-V /dev/null 2>&1 | grep '^GNU ld' )>/dev/null
 
 DO_GNU_SO=$(CALC_VERSIONS); \
 	SHLIB=lib$(LIBNAME).so; \
 	SHLIB_SUFFIX=; \
-	LIBDEPS="$(LIBDEPS)"; \
 	ALLSYMSFLAGS='-Wl,--whole-archive'; \
 	NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \
-	SHAREDFLAGS="$(CFLAGS) -shared -Wl,-Bsymbolic -Wl,-soname=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX -Wl,-rpath,$(LIBRPATH)"; \
-	SHAREDCMD='$(CC)'
-DO_GNU_APP=LDCMD=$(CC);\
-	LDFLAGS="$(CFLAGS) -Wl,-rpath,$(LIBRPATH)"; \
-	LIBDEPS="$(LIBDEPS)"; \
-	APPNAME=$(APPNAME)
+	SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-Bsymbolic -Wl,-soname=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX"
+
+DO_GNU_APP=LDFLAGS="$(CFLAGS) -Wl,-rpath,$(LIBRPATH)"
 
 #This is rather special.  It's a special target with which one can link
 #applications without bothering with any features that have anything to
@@ -154,10 +161,6 @@ DO_GNU_APP=LDCMD=$(CC);\
 #libraries.  It's mostly here to avoid a lot of conditionals everywhere
 #else...
 link_app.:
-	LDCMD=$(CC); \
-	LDFLAGS="$(CFLAGS)"; \
-	LIBDEPS="$(LIBDEPS)"; \
-	APPNAME="$(APPNAME)"; \
 	$(LINK_APP)
 
 link_o.gnu:
@@ -167,46 +170,54 @@ link_a.gnu:
 link_app.gnu:
 	@ $(DO_GNU_APP); $(LINK_APP)
 
+DO_BEOS_SO=	SHLIB=lib$(LIBNAME).so; \
+	SHLIB_SUFFIX=; \
+	ALLSYMSFLAGS='-Wl,--whole-archive'; \
+	NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \
+	SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-Bsymbolic -Wl,-soname=$$SHLIB$$SHLIB_SUFFIX"
+
+link_o.beos:
+	@ $(DO_BEOS_SO); $(LINK_SO_O)
+link_a.beos:
+	@ $(DO_BEOS_SO); $(LINK_SO_A)
+
 link_o.bsd:
-	@if ${DETECT_GNU_LD}; then $(DO_GNU_SO); else \
+	@if $(DETECT_GNU_LD); then $(DO_GNU_SO); else \
 	$(CALC_VERSIONS); \
 	SHLIB=lib$(LIBNAME).so; \
 	SHLIB_SUFFIX=; \
-	LIBDEPS=; \
+	LIBDEPS=" "; \
 	ALLSYMSFLAGS="-Wl,-Bforcearchive"; \
 	NOALLSYMSFLAGS=; \
-	SHAREDFLAGS="$(CFLAGS) -shared -nostdlib"; \
-	SHAREDCMD=$(CC); \
+	SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -nostdlib"; \
 	fi; $(LINK_SO_O)
 link_a.bsd:
-	@if ${DETECT_GNU_LD}; then $(DO_GNU_SO); else \
+	@if $(DETECT_GNU_LD); then $(DO_GNU_SO); else \
 	$(CALC_VERSIONS); \
 	SHLIB=lib$(LIBNAME).so; \
 	SHLIB_SUFFIX=; \
-	LIBDEPS=; \
+	LIBDEPS=" "; \
 	ALLSYMSFLAGS="-Wl,-Bforcearchive"; \
 	NOALLSYMSFLAGS=; \
-	SHAREDFLAGS="$(CFLAGS) -shared -nostdlib"; \
-	SHAREDCMD=$(CC); \
+	SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -nostdlib"; \
 	fi; $(LINK_SO_A)
 link_app.bsd:
-	@if ${DETECT_GNU_LD}; then $(DO_GNU_APP); else \
-	LDCMD=$(CC); \
+	@if $(DETECT_GNU_LD); then $(DO_GNU_APP); else \
 	LDFLAGS="$(CFLAGS) -Wl,-rpath,$(LIBPATH)"; \
-	LIBDEPS="$(LIBDEPS)"; \
-	APPNAME="$(APPNAME)"; \
 	fi; $(LINK_APP)
 
 # For Darwin AKA Mac OS/X (dyld)
+# link_o.darwin produces .so, because we let it use dso_dlfcn module,
+# which has .so extension hard-coded. One can argue that one should
+# develop special dso module for MacOS X. At least manual encourages
+# to use native NSModule(3) API and refers to dlfcn as termporary hack.
 link_o.darwin:
 	@ $(CALC_VERSIONS); \
 	SHLIB=lib$(LIBNAME); \
-	SHLIB_SUFFIX=.dylib; \
-	LIBDEPS="$(LIBDEPS)"; \
+	SHLIB_SUFFIX=.so; \
 	ALLSYMSFLAGS='-all_load'; \
 	NOALLSYMSFLAGS=''; \
-	SHAREDFLAGS="$(CFLAGS) -dynamiclib"; \
-	SHAREDCMD='$(CC)'; \
+	SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS)"; \
 	if [ -n "$(LIBVERSION)" ]; then \
 		SHAREDFLAGS="$$SHAREDFLAGS -current_version $(LIBVERSION)"; \
 	fi; \
@@ -218,65 +229,82 @@ link_a.darwin:
 	@ $(CALC_VERSIONS); \
 	SHLIB=lib$(LIBNAME); \
 	SHLIB_SUFFIX=.dylib; \
-	LIBDEPS="$(LIBDEPS)"; \
 	ALLSYMSFLAGS='-all_load'; \
 	NOALLSYMSFLAGS=''; \
-	SHAREDFLAGS="$(CFLAGS) -dynamiclib"; \
-	SHAREDCMD='$(CC)'; \
+	SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS)"; \
 	if [ -n "$(LIBVERSION)" ]; then \
 		SHAREDFLAGS="$$SHAREDFLAGS -current_version $(LIBVERSION)"; \
 	fi; \
 	if [ -n "$$SHLIB_SOVER_NODOT" ]; then \
 		SHAREDFLAGS="$$SHAREDFLAGS -compatibility_version $$SHLIB_SOVER_NODOT"; \
 	fi; \
+	SHAREDFLAGS="$$SHAREDFLAGS -install_name $(INSTALLTOP)/$(LIBDIR)/$$SHLIB$(SHLIB_EXT)"; \
 	$(LINK_SO_A)
-link_app.darwin:
-	LDCMD=$(CC);\
-	LDFLAGS="$(CFLAGS)"; \
-	LIBDEPS="$(LIBDEPS)"; \
-	APPNAME="$(APPNAME)"; \
+link_app.darwin:	# is there run-path on darwin?
 	$(LINK_APP)
 
 link_o.cygwin:
 	@ $(CALC_VERSIONS); \
 	INHIBIT_SYMLINKS=yes; \
 	SHLIB=cyg$(LIBNAME); \
-	expr $(PLATFORM) : 'mingw' > /dev/null && SHLIB=$(LIBNAME)eay32; \
+	base=-Wl,--enable-auto-image-base; \
+	deffile=; \
+	if expr $(PLATFORM) : 'mingw' > /dev/null; then \
+		SHLIB=$(LIBNAME)eay32; base=; \
+		if test -f $(LIBNAME)eay32.def; then \
+			deffile=$(LIBNAME)eay32.def; \
+		fi; \
+	fi; \
 	SHLIB_SUFFIX=.dll; \
-	LIBDEPS="$(LIBDEPS)"; \
-	SHLIB_SOVER=-$(LIBVERSION); \
+	LIBVERSION="$(LIBVERSION)"; \
+	SHLIB_SOVER=${LIBVERSION:+"-$(LIBVERSION)"}; \
 	ALLSYMSFLAGS='-Wl,--whole-archive'; \
 	NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \
-	SHAREDFLAGS="$(CFLAGS) -Wl,-Bsymbolic -Wl,--out-implib,lib$(LIBNAME).dll.a"; \
-	SHAREDCMD='${CC}'; \
+	SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared $$base $$deffile -Wl,-s,-Bsymbolic"; \
 	$(LINK_SO_O)
+#for mingw target if def-file is in use dll-name should match library-name
 link_a.cygwin:
 	@ $(CALC_VERSIONS); \
 	INHIBIT_SYMLINKS=yes; \
-	SHLIB=cyg$(LIBNAME); \
-	expr $(PLATFORM) : 'mingw' > /dev/null && SHLIB=$(LIBNAME)eay32; \
-	SHLIB_SUFFIX=.dll; \
-	LIBDEPS="$(LIBDEPS)"; \
-	SHLIB_SOVER=; \
+	SHLIB=cyg$(LIBNAME); SHLIB_SOVER=-$(LIBVERSION); SHLIB_SUFFIX=.dll; \
+	dll_name=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX; extras=; \
+	base=-Wl,--enable-auto-image-base; \
+	if expr $(PLATFORM) : 'mingw' > /dev/null; then \
+		case $(LIBNAME) in \
+			crypto) SHLIB=libeay;; \
+			ssl) SHLIB=ssleay;; \
+		esac; \
+		SHLIB_SOVER=32; \
+		extras="$(LIBNAME).def"; \
+		$(PERL) util/mkdef.pl 32 $$SHLIB > $$extras; \
+		base=; [ $(LIBNAME) = "crypto" ] && base=-Wl,--image-base,0x63000000; \
+	fi; \
+	dll_name=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX; \
+	$(PERL) util/mkrc.pl $$dll_name | \
+		$(CROSS_COMPILE)windres -o rc.o; \
+	extras="$$extras rc.o"; \
 	ALLSYMSFLAGS='-Wl,--whole-archive'; \
 	NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \
-	SHAREDFLAGS="$(CFLAGS) -Wl,-Bsymbolic -Wl,--out-implib,lib$(LIBNAME).dll.a"; \
-	SHAREDCMD='${CC}'; \
-	$(LINK_SO_A)
+	SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared $$base -Wl,-s,-Bsymbolic -Wl,--out-implib,lib$(LIBNAME).dll.a $$extras"; \
+	[ -f apps/$$dll_name ] && rm apps/$$dll_name; \
+	[ -f test/$$dll_name ] && rm test/$$dll_name; \
+	$(LINK_SO_A) || exit 1; \
+	rm $$extras; \
+	cp -p $$dll_name apps/; \
+	cp -p $$dll_name test/
 link_app.cygwin:
-	LDCMD=$(CC);\
-	LDFLAGS="$(CFLAGS)"; \
-	LIBDEPS="$(LIBDEPS)"; \
-	APPNAME="$(APPNAME)"; \
+	@if expr "$(CFLAGS)" : '.*OPENSSL_USE_APPLINK' > /dev/null; then \
+		LIBDEPS="$(TOP)/crypto/applink.o $${LIBDEPS:-$(LIBDEPS)}"; \
+		export LIBDEPS; \
+	fi; \
 	$(LINK_APP)
 
 link_o.alpha-osf1:
-	@ if ${DETECT_GNU_LD}; then \
+	@ if $(DETECT_GNU_LD); then \
 		$(DO_GNU_SO); \
 	else \
 		SHLIB=lib$(LIBNAME).so; \
 		SHLIB_SUFFIX=; \
-		LIBDEPS="$(LIBDEPS)"; \
 		SHLIB_HIST=`echo "$(LIBCOMPATVERSIONS)" | cut -d';' -f2 | sed -e 's/ */:/'`; \
 		if [ -n "$$SHLIB_HIST" ]; then \
 			SHLIB_HIST="$${SHLIB_HIST}:$(LIBVERSION)"; \
@@ -286,20 +314,18 @@ link_o.alpha-osf1:
 		SHLIB_SOVER=; \
 		ALLSYMSFLAGS='-all'; \
 		NOALLSYMSFLAGS='-none'; \
-		SHAREDFLAGS="$(CFLAGS) -shared"; \
-		SHAREDCMD='$(CC)'; \
+		SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-B,symbolic"; \
 		if [ -n "$$SHLIB_HIST" ]; then \
-			SHAREDFLAGS="$$SHAREDFLAGS -set_version \"$$SHLIB_HIST\""; \
+			SHAREDFLAGS="$$SHAREDFLAGS -set_version $$SHLIB_HIST"; \
 		fi; \
 	fi; \
 	$(LINK_SO_O)
 link_a.alpha-osf1:
-	@ if ${DETECT_GNU_LD}; then \
+	@ if $(DETECT_GNU_LD); then \
 		$(DO_GNU_SO); \
 	else \
 		SHLIB=lib$(LIBNAME).so; \
 		SHLIB_SUFFIX=; \
-		LIBDEPS="$(LIBDEPS)"; \
 		SHLIB_HIST=`echo "$(LIBCOMPATVERSIONS)" | cut -d';' -f2 | sed -e 's/ */:/'`; \
 		if [ -n "$$SHLIB_HIST" ]; then \
 			SHLIB_HIST="$${SHLIB_HIST}:$(LIBVERSION)"; \
@@ -309,310 +335,148 @@ link_a.alpha-osf1:
 		SHLIB_SOVER=; \
 		ALLSYMSFLAGS='-all'; \
 		NOALLSYMSFLAGS='-none'; \
-		SHAREDFLAGS="$(CFLAGS) -shared"; \
-		SHAREDCMD='$(CC)'; \
+		SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-B,symbolic"; \
 		if [ -n "$$SHLIB_HIST" ]; then \
-			SHAREDFLAGS="$$SHAREDFLAGS -set_version \"$$SHLIB_HIST\""; \
+			SHAREDFLAGS="$$SHAREDFLAGS -set_version $$SHLIB_HIST"; \
 		fi; \
 	fi; \
 	$(LINK_SO_A)
 link_app.alpha-osf1:
-	@ if ${DETECT_GNU_LD}; then \
-		$(DO_GNU_APP); \
-	else \
-		LDCMD=$(CC);\
-		LDFLAGS="$(CFLAGS)"; \
-		LIBDEPS="$(LIBDEPS)"; \
-		APPNAME="$(APPNAME)"
-	fi; \
-	$(LINK_APP)
-
-# The difference between alpha-osf1-shared and tru64-shared is the `-msym'
-# option passed to the linker.
-link_o.tru64:
-	@ if ${DETECT_GNU_LD}; then \
-		$(DO_GNU_SO); \
-	else \
-		SHLIB=lib$(LIBNAME).so; \
-		SHLIB_SUFFIX=; \
-		LIBDEPS="$(LIBDEPS)"; \
-		SHLIB_HIST=`echo "$(LIBCOMPATVERSIONS)" | cut -d';' -f2 | sed -e 's/ */:/'`; \
-		if [ -n "$$SHLIB_HIST" ]; then \
-			SHLIB_HIST="$${SHLIB_HIST}:$(LIBVERSION)"; \
-		else \
-			SHLIB_HIST="$(LIBVERSION)"; \
-		fi; \
-		SHLIB_SOVER=; \
-		ALLSYMSFLAGS='-all'; \
-		NOALLSYMSFLAGS='-none'; \
-		SHAREDFLAGS="$(CFLAGS) -shared -msym -rpath $(LIBRPATH)"; \
-		SHAREDCMD='$(CC)'; \
-		if [ -n "$$SHLIB_HIST" ]; then \
-			SHAREDFLAGS="$$SHAREDFLAGS -set_version \"$$SHLIB_HIST\""; \
-		fi; \
-	fi; \
-	$(LINK_SO_O)
-link_a.tru64:
-	@ if ${DETECT_GNU_LD}; then \
-		$(DO_GNU_SO); \
-	else \
-		SHLIB=lib$(LIBNAME).so; \
-		SHLIB_SUFFIX=; \
-		LIBDEPS="$(LIBDEPS)"; \
-		SHLIB_HIST=`echo "$(LIBCOMPATVERSIONS)" | cut -d';' -f2 | sed -e 's/ */:/'`; \
-		if [ -n "$$SHLIB_HIST" ]; then \
-			SHLIB_HIST="$${SHLIB_HIST}:$(LIBVERSION)"; \
-		else \
-			SHLIB_HIST="$(LIBVERSION)"; \
-		fi; \
-		SHLIB_SOVER=; \
-		ALLSYMSFLAGS='-all'; \
-		NOALLSYMSFLAGS='-none'; \
-		SHAREDFLAGS="$(CFLAGS) -shared -msym -rpath $(LIBRPATH)"; \
-		SHAREDCMD='$(CC)'; \
-		if [ -n "$$SHLIB_HIST" ]; then \
-			SHAREDFLAGS="$$SHAREDFLAGS -set_version \"$$SHLIB_HIST\""; \
-		fi; \
-	fi; \
-	$(LINK_SO_A)
-link_app.tru64:
-	@ if ${DETECT_GNU_LD}; then \
-		$(DO_GNU_APP); \
-	else \
-		LDCMD=$(CC);\
-		LDFLAGS="$(CFLAGS) -rpath $(LIBRPATH)"; \
-		LIBDEPS="$(LIBDEPS)"; \
-		APPNAME="$(APPNAME)"; \
-	fi; \
-	$(LINK_APP)
-
-# The difference between tru64-shared and tru64-shared-rpath is the
-# -rpath ${LIBRPATH} passed to the linker.
-link_o.tru64-rpath:
-	@ if ${DETECT_GNU_LD}; then \
-		$(DO_GNU_SO); \
-	else \
-		SHLIB=lib$(LIBNAME).so; \
-		SHLIB_SUFFIX=; \
-		LIBDEPS="$(LIBDEPS)"; \
-		SHLIB_HIST=`echo "$(LIBCOMPATVERSIONS)" | cut -d';' -f2 | sed -e 's/ */:/'`; \
-		if [ -n "$$SHLIB_HIST" ]; then \
-			SHLIB_HIST="$${SHLIB_HIST}:$(LIBVERSION)"; \
-		else \
-			SHLIB_HIST="$(LIBVERSION)"; \
-		fi; \
-		SHLIB_SOVER=; \
-		ALLSYMSFLAGS='-all'; \
-		NOALLSYMSFLAGS='-none'; \
-		SHAREDFLAGS="$(CFLAGS) -shared -msym -rpath $(LIBRPATH)"; \
-		SHAREDCMD='$(CC)'; \
-		if [ -n "$$SHLIB_HIST" ]; then \
-			SHAREDFLAGS="$$SHAREDFLAGS -set_version \"$$SHLIB_HIST\""; \
-		fi; \
-	fi; \
-	$(LINK_SO_O)
-link_a.tru64-rpath:
-	@ if ${DETECT_GNU_LD}; then \
-		$(DO_GNU_SO); \
-	else \
-		SHLIB=lib$(LIBNAME).so; \
-		SHLIB_SUFFIX=; \
-		LIBDEPS="$(LIBDEPS)"; \
-		SHLIB_HIST=`echo "$(LIBCOMPATVERSIONS)" | cut -d';' -f2 | sed -e 's/ */:/'`; \
-		if [ -n "$$SHLIB_HIST" ]; then \
-			SHLIB_HIST="$${SHLIB_HIST}:$(LIBVERSION)"; \
-		else \
-			SHLIB_HIST="$(LIBVERSION)"; \
-		fi; \
-		SHLIB_SOVER=; \
-		ALLSYMSFLAGS='-all'; \
-		NOALLSYMSFLAGS='-none'; \
-		SHAREDFLAGS="$(CFLAGS) -shared -msym -rpath $(LIBRPATH)"; \
-		SHAREDCMD='$(CC)'; \
-		if [ -n "$$SHLIB_HIST" ]; then \
-			SHAREDFLAGS="$$SHAREDFLAGS -set_version \"$$SHLIB_HIST\""; \
-		fi; \
-	fi; \
-	$(LINK_SO_A)
-link_app.tru64-rpath:
-	@ if ${DETECT_GNU_LD}; then \
+	@if $(DETECT_GNU_LD); then \
 		$(DO_GNU_APP); \
 	else \
-		LDCMD=$(CC);\
 		LDFLAGS="$(CFLAGS) -rpath $(LIBRPATH)"; \
-		LIBDEPS="$(LIBDEPS)"; \
-		APPNAME="$(APPNAME)"; \
 	fi; \
 	$(LINK_APP)
 
 link_o.solaris:
-	@ if ${DETECT_GNU_LD}; then \
+	@ if $(DETECT_GNU_LD); then \
 		$(DO_GNU_SO); \
 	else \
 		$(CALC_VERSIONS); \
 		MINUSZ='-z '; \
-		(${CC} -v 2>&1 | grep gcc) > /dev/null && MINUSZ='-Wl,-z,'; \
+		($(CC) -v 2>&1 | grep gcc) > /dev/null && MINUSZ='-Wl,-z,'; \
 		SHLIB=lib$(LIBNAME).so; \
 		SHLIB_SUFFIX=; \
-		LIBDEPS="$(LIBDEPS)"; \
 		ALLSYMSFLAGS="$${MINUSZ}allextract"; \
 		NOALLSYMSFLAGS="$${MINUSZ}defaultextract"; \
-		SHAREDFLAGS="$(CFLAGS) -G -dy -z text -h $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX -R $(LIBRPATH) -Wl,-Bsymbolic"; \
-		SHAREDCMD='$(CC)'; \
+		SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -h $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX -Wl,-Bsymbolic"; \
 	fi; \
 	$(LINK_SO_O)
 link_a.solaris:
-	@ if ${DETECT_GNU_LD}; then \
+	@ if $(DETECT_GNU_LD); then \
 		$(DO_GNU_SO); \
 	else \
 		$(CALC_VERSIONS); \
 		MINUSZ='-z '; \
-		(${CC} -v 2>&1 | grep gcc) > /dev/null && MINUSZ='-Wl,-z,'; \
+		($(CC) -v 2>&1 | grep gcc) > /dev/null && MINUSZ='-Wl,-z,'; \
 		SHLIB=lib$(LIBNAME).so; \
 		SHLIB_SUFFIX=;\
-		LIBDEPS="$(LIBDEPS)"; \
 		ALLSYMSFLAGS="$${MINUSZ}allextract"; \
 		NOALLSYMSFLAGS="$${MINUSZ}defaultextract"; \
-		SHAREDFLAGS="$(CFLAGS) -G -dy -z text -h $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX -R $(LIBRPATH) -Wl,-Bsymbolic"; \
-		SHAREDCMD='$(CC)'; \
+		SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -h $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX -Wl,-Bsymbolic"; \
 	fi; \
 	$(LINK_SO_A)
 link_app.solaris:
-	@ if ${DETECT_GNU_LD}; then \
+	@ if $(DETECT_GNU_LD); then \
 		$(DO_GNU_APP); \
 	else \
-		LDCMD=$(CC);\
 		LDFLAGS="$(CFLAGS) -R $(LIBRPATH)"; \
-		LIBDEPS="$(LIBDEPS)"; \
-		APPNAME="$(APPNAME)"; \
 	fi; \
 	$(LINK_APP)
 
 # OpenServer 5 native compilers used
 link_o.svr3:
-	@ if ${DETECT_GNU_LD}; then \
+	@ if $(DETECT_GNU_LD); then \
 		$(DO_GNU_SO); \
 	else \
 		$(CALC_VERSIONS); \
 		SHLIB=lib$(LIBNAME).so; \
 		SHLIB_SUFFIX=; \
-		LIBDEPS="$(LIBDEPS)"; \
 		ALLSYMSFLAGS=''; \
 		NOALLSYMSFLAGS=''; \
 		SHAREDFLAGS="$(CFLAGS) -G -h $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX"; \
-		SHAREDCMD='$(CC)'; \
 	fi; \
 	$(LINK_SO_O)
 link_a.svr3:
-	@ if ${DETECT_GNU_LD}; then \
+	@ if $(DETECT_GNU_LD); then \
 		$(DO_GNU_SO); \
 	else \
 		$(CALC_VERSIONS); \
 		SHLIB=lib$(LIBNAME).so; \
 		SHLIB_SUFFIX=; \
-		LIBDEPS="$(LIBDEPS)"; \
 		ALLSYMSFLAGS=''; \
 		NOALLSYMSFLAGS=''; \
 		SHAREDFLAGS="$(CFLAGS) -G -h $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX"; \
-		SHAREDCMD='$(CC)'; \
 	fi; \
 	$(LINK_SO_A_UNPACKED)
 link_app.svr3:
-	@ if ${DETECT_GNU_LD}; then \
-		$(DO_GNU_APP); \
-	else \
-		LDCMD=$(CC);\
-		LDFLAGS="$(CFLAGS)"; \
-		LIBDEPS="$(LIBDEPS)"; \
-		APPNAME="$(APPNAME)"; \
-	fi; \
+	@$(DETECT_GNU_LD) && $(DO_GNU_APP); \
 	$(LINK_APP)
 
 # UnixWare 7 and OpenUNIX 8 native compilers used
 link_o.svr5:
-	@ if ${DETECT_GNU_LD}; then \
+	@ if $(DETECT_GNU_LD); then \
 		$(DO_GNU_SO); \
 	else \
 		$(CALC_VERSIONS); \
 		SHARE_FLAG='-G'; \
-		(${CC} -v 2>&1 | grep gcc) > /dev/null && SHARE_FLAG='-shared'; \
+		($(CC) -v 2>&1 | grep gcc) > /dev/null && SHARE_FLAG='-shared'; \
 		SHLIB=lib$(LIBNAME).so; \
 		SHLIB_SUFFIX=; \
-		LIBDEPS="$(LIBDEPS)"; \
 		ALLSYMSFLAGS=''; \
 		NOALLSYMSFLAGS=''; \
 		SHAREDFLAGS="$(CFLAGS) $${SHARE_FLAG} -h $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX"; \
-		SHAREDCMD='$(CC)'; \
 	fi; \
 	$(LINK_SO_O)
 link_a.svr5:
-	@ if ${DETECT_GNU_LD}; then \
+	@ if $(DETECT_GNU_LD); then \
 		$(DO_GNU_SO); \
 	else \
 		$(CALC_VERSIONS); \
 		SHARE_FLAG='-G'; \
-		(${CC} -v 2>&1 | grep gcc) > /dev/null && SHARE_FLAG='-shared'; \
+		($(CC) -v 2>&1 | grep gcc) > /dev/null && SHARE_FLAG='-shared'; \
 		SHLIB=lib$(LIBNAME).so; \
 		SHLIB_SUFFIX=; \
-		LIBDEPS="$(LIBDEPS)"; \
 		ALLSYMSFLAGS=''; \
 		NOALLSYMSFLAGS=''; \
 		SHAREDFLAGS="$(CFLAGS) $${SHARE_FLAG} -h $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX"; \
-		SHAREDCMD='$(CC)'; \
 	fi; \
 	$(LINK_SO_A_UNPACKED)
 link_app.svr5:
-	@ if ${DETECT_GNU_LD}; then \
-		$(DO_GNU_APP); \
-	else \
-		LDCMD=$(CC);\
-		LDFLAGS="$(CFLAGS)"; \
-		LIBDEPS="$(LIBDEPS)"; \
-		APPNAME="$(APPNAME)"; \
-	fi; \
+	@$(DETECT_GNU_LD) && $(DO_GNU_APP); \
 	$(LINK_APP)
 
 link_o.irix:
-	@ if ${DETECT_GNU_LD}; then \
+	@ if $(DETECT_GNU_LD); then \
 		$(DO_GNU_SO); \
 	else \
 		$(CALC_VERSIONS); \
 		SHLIB=lib$(LIBNAME).so; \
 		SHLIB_SUFFIX=; \
-		LIBDEPS="$(LIBDEPS)"; \
 		MINUSWL=""; \
 		($(CC) -v 2>&1 | grep gcc) > /dev/null && MINUSWL="-Wl,"; \
 		ALLSYMSFLAGS="$${MINUSWL}-all"; \
 		NOALLSYMSFLAGS="$${MINUSWL}-none"; \
-		SHAREDFLAGS="$(CFLAGS) -shared -Wl,-soname,$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX -Wl,-rpath,$(LIBRPATH)"; \
-		SHAREDCMD='$(CC)'; \
+		SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-soname,$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX,-B,symbolic"; \
 	fi; \
 	$(LINK_SO_O)
 link_a.irix:
-	@ if ${DETECT_GNU_LD}; then \
+	@ if $(DETECT_GNU_LD); then \
 		$(DO_GNU_SO); \
 	else \
 		$(CALC_VERSIONS); \
 		SHLIB=lib$(LIBNAME).so; \
 		SHLIB_SUFFIX=; \
-		LIBDEPS="$(LIBDEPS)"; \
 		MINUSWL=""; \
 		($(CC) -v 2>&1 | grep gcc) > /dev/null && MINUSWL="-Wl,"; \
 		ALLSYMSFLAGS="$${MINUSWL}-all"; \
 		NOALLSYMSFLAGS="$${MINUSWL}-none"; \
-		SHAREDFLAGS="$(CFLAGS) -shared -Wl,-soname,$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX -Wl,-rpath,$(LIBRPATH)"; \
-		SHAREDCMD='$(CC)'; \
+		SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-soname,$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX,-B,symbolic"; \
 	fi; \
 	$(LINK_SO_A)
 link_app.irix:
-	@ if ${DETECT_GNU_LD}; then \
-		$(DO_GNU_APP); \
-	else \
-		LDCMD=$(CC);\
-		LDFLAGS="$(CFLAGS) -Wl,-rpath,$(LIBRPATH)"; \
-		LIBDEPS="$(LIBDEPS)"; \
-		APPNAME="$(APPNAME)"; \
-	fi; \
+	@LDFLAGS="$(CFLAGS) -Wl,-rpath,$(LIBRPATH)"; \
 	$(LINK_APP)
 
 # 32-bit PA-RISC HP-UX embeds the -L pathname of libs we link with, so
@@ -624,98 +488,78 @@ link_app.irix:
 # ELFs by the way].
 #
 link_o.hpux:
-	@if ${DETECT_GNU_LD}; then $(DO_GNU_SO); else \
+	@if $(DETECT_GNU_LD); then $(DO_GNU_SO); else \
 	$(CALC_VERSIONS); \
 	SHLIB=lib$(LIBNAME).sl; \
-	expr $(PLATFORM) : '.*ia64' > /dev/null && SHLIB=lib$(LIBNAME).so; \
+	expr "$(CFLAGS)" : '.*DSO_DLFCN' > /dev/null && SHLIB=lib$(LIBNAME).so; \
 	SHLIB_SUFFIX=; \
-	LIBDEPS="$(LIBDEPS)"; \
 	ALLSYMSFLAGS='-Wl,-Fl'; \
 	NOALLSYMSFLAGS=''; \
 	expr $(PLATFORM) : 'hpux64' > /dev/null && ALLSYMSFLAGS='-Wl,+forceload'; \
-	SHAREDFLAGS="$(CFLAGS) -Wl,-B,symbolic,+vnocompatwarnings,-z,+s,+cdp,../:,+cdp,./:,+h,$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX,+b,$(LIBRPATH)"; \
-	SHAREDCMD=$(CC); \
+	SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -Wl,-B,symbolic,+vnocompatwarnings,-z,+s,+h,$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX,+cdp,../:,+cdp,./:"; \
 	fi; \
+	rm -f $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX || :; \
 	$(LINK_SO_O) && chmod a=rx $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX
 link_a.hpux:
-	@if ${DETECT_GNU_LD}; then $(DO_GNU_SO); else \
+	@if $(DETECT_GNU_LD); then $(DO_GNU_SO); else \
 	$(CALC_VERSIONS); \
 	SHLIB=lib$(LIBNAME).sl; \
 	expr $(PLATFORM) : '.*ia64' > /dev/null && SHLIB=lib$(LIBNAME).so; \
 	SHLIB_SUFFIX=; \
-	LIBDEPS="$(LIBDEPS)"; \
 	ALLSYMSFLAGS='-Wl,-Fl'; \
 	NOALLSYMSFLAGS=''; \
 	expr $(PLATFORM) : 'hpux64' > /dev/null && ALLSYMSFLAGS='-Wl,+forceload'; \
-	SHAREDFLAGS="$(CFLAGS) -Wl,-B,symbolic,+vnocompatwarnings,-z,+s,+cdp,../:,+cdp,./:,+h,$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX,+b,$(LIBRPATH)"; \
-	SHAREDCMD='$(CC)'; \
+	SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -Wl,-B,symbolic,+vnocompatwarnings,-z,+s,+h,$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX,+cdp,../:,+cdp,./:"; \
 	fi; \
+	rm -f $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX || :; \
 	$(LINK_SO_A) && chmod a=rx $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX
 link_app.hpux:
-	@if ${DETECT_GNU_LD}; then $(DO_GNU_APP); else \
-	LDCMD=$(CC);\
+	@if $(DETECT_GNU_LD); then $(DO_GNU_APP); else \
 	LDFLAGS="$(CFLAGS) -Wl,+s,+cdp,../:,+cdp,./:,+b,$(LIBRPATH)"; \
-	LIBDEPS="$(LIBDEPS)"; \
-	APPNAME="$(APPNAME)"; \
 	fi; \
 	$(LINK_APP)
 
 link_o.aix:
 	@ $(CALC_VERSIONS); \
-	OBJECT_MODE=`expr x$(SHARED_LDFLAGS) : 'x\-[a-z]\([0-9]*\)'`; \
+	OBJECT_MODE=`expr "x$(SHARED_LDFLAGS)" : 'x\-[a-z]*\(64\)'` || :; \
 	OBJECT_MODE=$${OBJECT_MODE:-32}; export OBJECT_MODE; \
 	SHLIB=lib$(LIBNAME).so; \
 	SHLIB_SUFFIX=; \
-	LIBDEPS="$(LIBDEPS)"; \
-	ALLSYMSFLAGS='-bnogc'; \
+	ALLSYMSFLAGS=''; \
 	NOALLSYMSFLAGS=''; \
-	SHAREDFLAGS='$(CFLAGS) -G -bE:lib$(LIBNAME).exp -bM:SRE -blibpath:$(LIBRPATH)'; \
-	SHAREDCMD='$(CC)'; \
-	$(LINK_SO_O); rm -rf lib$(LIBNAME).exp
+	SHAREDFLAGS='$(CFLAGS) $(SHARED_LDFLAGS) -Wl,-bexpall,-bnolibpath,-bM:SRE'; \
+	$(LINK_SO_O);
 link_a.aix:
 	@ $(CALC_VERSIONS); \
-	OBJECT_MODE=`expr x$(SHARED_LDFLAGS) : 'x\-[a-z]\([0-9]*\)'`; \
+	OBJECT_MODE=`expr "x$(SHARED_LDFLAGS)" : 'x\-[a-z]*\(64\)'` || : ; \
 	OBJECT_MODE=$${OBJECT_MODE:-32}; export OBJECT_MODE; \
 	SHLIB=lib$(LIBNAME).so; \
 	SHLIB_SUFFIX=; \
-	LIBDEPS="$(LIBDEPS)"; \
 	ALLSYMSFLAGS='-bnogc'; \
 	NOALLSYMSFLAGS=''; \
-	SHAREDFLAGS='$(CFLAGS) -G -bE:lib$(LIBNAME).exp -bM:SRE -blibpath:$(LIBRPATH)'; \
-	SHAREDCMD='$(CC)'; \
+	SHAREDFLAGS='$(CFLAGS) $(SHARED_LDFLAGS) -Wl,-bexpall,-bnolibpath,-bM:SRE'; \
 	$(LINK_SO_A_VIA_O)
 link_app.aix:
-	LDCMD=$(CC);\
-	LDFLAGS="$(CFLAGS) -blibpath:$(LIBRPATH)"; \
-	LIBDEPS="$(LIBDEPS)"; \
-	APPNAME="$(APPNAME)"
+	LDFLAGS="$(CFLAGS) -Wl,-brtl,-blibpath:$(LIBRPATH):$${LIBPATH:-/usr/lib:/lib}"; \
 	$(LINK_APP)
 
 link_o.reliantunix:
 	@ $(CALC_VERSIONS); \
 	SHLIB=lib$(LIBNAME).so; \
 	SHLIB_SUFFIX=; \
-	LIBDEPS="$(LIBDEPS)"; \
 	ALLSYMSFLAGS=; \
 	NOALLSYMSFLAGS=''; \
 	SHAREDFLAGS='$(CFLAGS) -G'; \
-	SHAREDCMD='$(CC)'; \
 	$(LINK_SO_O)
 link_a.reliantunix:
 	@ $(CALC_VERSIONS); \
 	SHLIB=lib$(LIBNAME).so; \
 	SHLIB_SUFFIX=; \
-	LIBDEPS="$(LIBDEPS)"; \
 	ALLSYMSFLAGS=; \
 	NOALLSYMSFLAGS=''; \
 	SHAREDFLAGS='$(CFLAGS) -G'; \
-	SHAREDCMD='$(CC)'; \
 	$(LINK_SO_A_UNPACKED)
 link_app.reliantunix:
-	LDCMD=$(CC);\
-	LDFLAGS="$(CFLAGS)"; \
-	LIBDEPS="$(LIBDEPS)"; \
-	APPNAME="$(APPNAME)"
 	$(LINK_APP)
 
 # Targets to build symbolic links when needed
@@ -735,7 +579,7 @@ symlink.hpux:
 	expr $(PLATFORM) : '.*ia64' > /dev/null && SHLIB=lib$(LIBNAME).so; \
 	$(SYMLINK_SO)
 # The following lines means those specific architectures do no symlinks
-symlink.cygwin symlib.alpha-osf1 symlink.tru64 symlink.tru64-rpath:
+symlink.cygwin symlink.alpha-osf1 symlink.tru64 symlink.tru64-rpath symlink.beos:
 
 # Compatibility targets
 link_o.bsd-gcc-shared link_o.linux-shared link_o.gnu-shared: link_o.gnu
@@ -793,3 +637,7 @@ link_o.reliantunix-shared: link_o.reliantunix
 link_a.reliantunix-shared: link_a.reliantunix
 link_app.reliantunix-shared: link_app.reliantunix
 symlink.reliantunix-shared: symlink.reliantunix
+link_o.beos-shared: link_o.beos
+link_a.beos-shared: link_a.beos
+link_app.beos-shared: link_app.gnu
+symlink.beos-shared: symlink.beos
diff --git a/NEWS b/NEWS
index 496f59de41..9d0d563d2d 100644
--- a/NEWS
+++ b/NEWS
@@ -5,6 +5,214 @@
   This file gives a brief overview of the major changes between each OpenSSL
   release. For more details please read the CHANGES file.
 
+  Major changes between OpenSSL 0.9.8l and OpenSSL 1.0:
+
+      o Support for draft-ietf-tls-renegotiation-03.txt
+      o RFC3280 path validation: sufficient to process PKITS tests.
+      o Integrated support for PVK files and keyblobs.
+      o Change default private key format to PKCS#8.
+      o CMS support: able to process all examples in RFC4134
+      o Streaming ASN1 encode support for PKCS#7 and CMS.
+      o Multiple signer and signer add support for PKCS#7 and CMS.
+      o ASN1 printing support.
+      o Whirlpool hash algorithm added.
+      o RFC3161 time stamp support.
+      o New generalised public key API supporting ENGINE based algorithms.
+      o New generalised public key API utilities.
+      o New ENGINE supporting GOST algorithms.
+      o SSL/TLS GOST ciphersuite support.
+      o PKCS#7 and CMS GOST support.
+      o RFC4279 PSK ciphersuite support.
+      o Supported points format extension for ECC ciphersuites.
+      o ecdsa-with-SHA224/256/384/512 signature types.
+      o dsa-with-SHA224 and dsa-with-SHA256 signature types.
+      o Opaque PRF Input TLS extension support.
+      o Updated time routines to avoid OS limitations.
+
+  Major changes between OpenSSL 0.9.8j and OpenSSL 0.9.8k:
+
+      o Fix various build issues.
+      o Fix security issues (CVE-2009-0590, CVE-2009-0591, CVE-2009-0789)
+
+  Major changes between OpenSSL 0.9.8i and OpenSSL 0.9.8j:
+
+      o Fix security issue (CVE-2008-5077)
+      o Merge FIPS 140-2 branch code.
+
+  Major changes between OpenSSL 0.9.8g and OpenSSL 0.9.8h:
+
+      o CryptoAPI ENGINE support.
+      o Various precautionary measures.
+      o Fix for bugs affecting certificate request creation.
+      o Support for local machine keyset attribute in PKCS#12 files.
+
+  Major changes between OpenSSL 0.9.8f and OpenSSL 0.9.8g:
+
+      o Backport of CMS functionality to 0.9.8.
+      o Fixes for bugs introduced with 0.9.8f.
+
+  Major changes between OpenSSL 0.9.8e and OpenSSL 0.9.8f:
+
+      o Add gcc 4.2 support.
+      o Add support for AES and SSE2 assembly lanugauge optimization
+        for VC++ build.
+      o Support for RFC4507bis and server name extensions if explicitly 
+        selected at compile time.
+      o DTLS improvements.
+      o RFC4507bis support.
+      o TLS Extensions support.
+
+  Major changes between OpenSSL 0.9.8d and OpenSSL 0.9.8e:
+
+      o Various ciphersuite selection fixes.
+      o RFC3779 support.
+
+  Major changes between OpenSSL 0.9.8c and OpenSSL 0.9.8d:
+
+      o Introduce limits to prevent malicious key DoS  (CVE-2006-2940)
+      o Fix security issues (CVE-2006-2937, CVE-2006-3737, CVE-2006-4343)
+      o Changes to ciphersuite selection algorithm
+
+  Major changes between OpenSSL 0.9.8b and OpenSSL 0.9.8c:
+
+      o Fix Daniel Bleichenbacher forged signature attack, CVE-2006-4339
+      o New cipher Camellia
+
+  Major changes between OpenSSL 0.9.8a and OpenSSL 0.9.8b:
+
+      o Cipher string fixes.
+      o Fixes for VC++ 2005.
+      o Updated ECC cipher suite support.
+      o New functions EVP_CIPHER_CTX_new() and EVP_CIPHER_CTX_free().
+      o Zlib compression usage fixes.
+      o Built in dynamic engine compilation support on Win32.
+      o Fixes auto dynamic engine loading in Win32.
+
+  Major changes between OpenSSL 0.9.8 and OpenSSL 0.9.8a:
+
+      o Fix potential SSL 2.0 rollback, CVE-2005-2969
+      o Extended Windows CE support
+
+  Major changes between OpenSSL 0.9.7g and OpenSSL 0.9.8:
+
+      o Major work on the BIGNUM library for higher efficiency and to
+        make operations more streamlined and less contradictory.  This
+        is the result of a major audit of the BIGNUM library.
+      o Addition of BIGNUM functions for fields GF(2^m) and NIST
+        curves, to support the Elliptic Crypto functions.
+      o Major work on Elliptic Crypto; ECDH and ECDSA added, including
+        the use through EVP, X509 and ENGINE.
+      o New ASN.1 mini-compiler that's usable through the OpenSSL
+        configuration file.
+      o Added support for ASN.1 indefinite length constructed encoding.
+      o New PKCS#12 'medium level' API to manipulate PKCS#12 files.
+      o Complete rework of shared library construction and linking
+        programs with shared or static libraries, through a separate
+        Makefile.shared.
+      o Rework of the passing of parameters from one Makefile to another.
+      o Changed ENGINE framework to load dynamic engine modules
+        automatically from specifically given directories.
+      o New structure and ASN.1 functions for CertificatePair.
+      o Changed the ZLIB compression method to be stateful.
+      o Changed the key-generation and primality testing "progress"
+        mechanism to take a structure that contains the ticker
+        function and an argument.
+      o New engine module: GMP (performs private key exponentiation).
+      o New engine module: VIA PadLOck ACE extension in VIA C3
+        Nehemiah processors.
+      o Added support for IPv6 addresses in certificate extensions.
+        See RFC 1884, section 2.2.
+      o Added support for certificate policy mappings, policy
+        constraints and name constraints.
+      o Added support for multi-valued AVAs in the OpenSSL
+        configuration file.
+      o Added support for multiple certificates with the same subject
+        in the 'openssl ca' index file.
+      o Make it possible to create self-signed certificates using
+        'openssl ca -selfsign'.
+      o Make it possible to generate a serial number file with
+        'openssl ca -create_serial'.
+      o New binary search functions with extended functionality.
+      o New BUF functions.
+      o New STORE structure and library to provide an interface to all
+        sorts of data repositories.  Supports storage of public and
+        private keys, certificates, CRLs, numbers and arbitrary blobs.
+	This library is unfortunately unfinished and unused withing
+	OpenSSL.
+      o New control functions for the error stack.
+      o Changed the PKCS#7 library to support one-pass S/MIME
+        processing.
+      o Added the possibility to compile without old deprecated
+        functionality with the OPENSSL_NO_DEPRECATED macro or the
+        'no-deprecated' argument to the config and Configure scripts.
+      o Constification of all ASN.1 conversion functions, and other
+        affected functions.
+      o Improved platform support for PowerPC.
+      o New FIPS 180-2 algorithms (SHA-224, -256, -384 and -512).
+      o New X509_VERIFY_PARAM structure to support parametrisation
+        of X.509 path validation.
+      o Major overhaul of RC4 performance on Intel P4, IA-64 and
+        AMD64.
+      o Changed the Configure script to have some algorithms disabled
+        by default.  Those can be explicitely enabled with the new
+        argument form 'enable-xxx'.
+      o Change the default digest in 'openssl' commands from MD5 to
+        SHA-1.
+      o Added support for DTLS.
+      o New BIGNUM blinding.
+      o Added support for the RSA-PSS encryption scheme
+      o Added support for the RSA X.931 padding.
+      o Added support for BSD sockets on NetWare.
+      o Added support for files larger than 2GB.
+      o Added initial support for Win64.
+      o Added alternate pkg-config files.
+
+  Major changes between OpenSSL 0.9.7l and OpenSSL 0.9.7m:
+
+      o FIPS 1.1.1 module linking.
+      o Various ciphersuite selection fixes.
+
+  Major changes between OpenSSL 0.9.7k and OpenSSL 0.9.7l:
+
+      o Introduce limits to prevent malicious key DoS  (CVE-2006-2940)
+      o Fix security issues (CVE-2006-2937, CVE-2006-3737, CVE-2006-4343)
+
+  Major changes between OpenSSL 0.9.7j and OpenSSL 0.9.7k:
+
+      o Fix Daniel Bleichenbacher forged signature attack, CVE-2006-4339
+
+  Major changes between OpenSSL 0.9.7i and OpenSSL 0.9.7j:
+
+      o Visual C++ 2005 fixes.
+      o Update Windows build system for FIPS.
+
+  Major changes between OpenSSL 0.9.7h and OpenSSL 0.9.7i:
+
+      o Give EVP_MAX_MD_SIZE it's old value, except for a FIPS build.
+
+  Major changes between OpenSSL 0.9.7g and OpenSSL 0.9.7h:
+
+      o Fix SSL 2.0 Rollback, CVE-2005-2969
+      o Allow use of fixed-length exponent on DSA signing
+      o Default fixed-window RSA, DSA, DH private-key operations
+
+  Major changes between OpenSSL 0.9.7f and OpenSSL 0.9.7g:
+
+      o More compilation issues fixed.
+      o Adaptation to more modern Kerberos API.
+      o Enhanced or corrected configuration for Solaris64, Mingw and Cygwin.
+      o Enhanced x86_64 assembler BIGNUM module.
+      o More constification.
+      o Added processing of proxy certificates (RFC 3820).
+
+  Major changes between OpenSSL 0.9.7e and OpenSSL 0.9.7f:
+
+      o Several compilation issues fixed.
+      o Many memory allocation failure checks added.
+      o Improved comparison of X509 Name type.
+      o Mandatory basic checks on certificates.
+      o Performance improvements.
+
   Major changes between OpenSSL 0.9.7d and OpenSSL 0.9.7e:
 
       o Fix race condition in CRL checking code.
diff --git a/Netware/build.bat b/Netware/build.bat
index ee73da4dff..3125c2a487 100644
--- a/Netware/build.bat
+++ b/Netware/build.bat
@@ -6,14 +6,16 @@ rem
 rem   usage:
 rem      build [target] [debug opts] [assembly opts] [configure opts]
 rem
-rem      target        - "netware-clib" - CLib NetWare build
-rem                    - "netware-libc" - LibC NKS NetWare build
+rem      target        - "netware-clib" - CLib NetWare build (WinSock Sockets)
+rem                    - "netware-clib-bsdsock" - CLib NetWare build (BSD Sockets)
+rem                    - "netware-libc" - LibC NetWare build (WinSock Sockets)
+rem                    - "netware-libc-bsdsock" - LibC NetWare build (BSD Sockets)
 rem 
 rem      debug opts    - "debug"  - build debug
 rem
 rem      assembly opts - "nw-mwasm" - use Metrowerks assembler
-rem      "nw-nasm"  - use NASM assembler
-rem      "no-asm"   - don't use assembly
+rem                    - "nw-nasm"  - use NASM assembler
+rem                    - "no-asm"   - don't use assembly
 rem
 rem      configure opts- all unrecognized arguments are passed to the
 rem                       perl configure script
@@ -70,12 +72,16 @@ if "%1" == "nw-nasm"  set NO_ASM=
 if "%1" == "nw-nasm"  set ARG_PROCESSED=YES
 if "%1" == "nw-mwasm" set ASM_MODE=nw-mwasm
 if "%1" == "nw-mwasm" set ASSEMBLER=Metrowerks
-if "%1" == "nw-mwasm"  set NO_ASM=
+if "%1" == "nw-mwasm" set NO_ASM=
 if "%1" == "nw-mwasm" set ARG_PROCESSED=YES
 if "%1" == "netware-clib" set BLD_TARGET=netware-clib
 if "%1" == "netware-clib" set ARG_PROCESSED=YES
+if "%1" == "netware-clib-bsdsock" set BLD_TARGET=netware-clib-bsdsock
+if "%1" == "netware-clib-bsdsock" set ARG_PROCESSED=YES
 if "%1" == "netware-libc" set BLD_TARGET=netware-libc
 if "%1" == "netware-libc" set ARG_PROCESSED=YES
+if "%1" == "netware-libc-bsdsock" set BLD_TARGET=netware-libc-bsdsock
+if "%1" == "netware-libc-bsdsock" set ARG_PROCESSED=YES
 
 rem   If we didn't recognize the argument, consider it an option for config
 if "%ARG_PROCESSED%" == "NO" set CONFIG_OPTS=%CONFIG_OPTS% %1
@@ -91,7 +97,9 @@ if "%BLD_TARGET%" == "no_target" goto no_target
 rem build the nlm make file name which includes target and debug info
 set NLM_MAKE=
 if "%BLD_TARGET%" == "netware-clib" set NLM_MAKE=netware\nlm_clib
+if "%BLD_TARGET%" == "netware-clib-bsdsock" set NLM_MAKE=netware\nlm_clib_bsdsock
 if "%BLD_TARGET%" == "netware-libc" set NLM_MAKE=netware\nlm_libc
+if "%BLD_TARGET%" == "netware-libc-bsdsock" set NLM_MAKE=netware\nlm_libc_bsdsock
 if "%DEBUG%" == "" set NLM_MAKE=%NLM_MAKE%.mak
 if "%DEBUG%" == "debug" set NLM_MAKE=%NLM_MAKE%_dbg.mak
 
@@ -106,7 +114,14 @@ echo Generating x86 for %ASSEMBLER% assembler
 
 echo Bignum
 cd crypto\bn\asm
-perl x86.pl %ASM_MODE% > bn-nw.asm
+rem perl x86.pl %ASM_MODE% > bn-nw.asm
+perl bn-586.pl %ASM_MODE% > bn-nw.asm
+perl co-586.pl %ASM_MODE% > co-nw.asm
+cd ..\..\..
+
+echo AES
+cd crypto\aes\asm
+perl aes-586.pl %ASM_MODE% > a-nw.asm
 cd ..\..\..
 
 echo DES
@@ -144,6 +159,8 @@ cd ..\..\..
 echo SHA1
 cd crypto\sha\asm
 perl sha1-586.pl %ASM_MODE% > s1-nw.asm
+perl sha256-586.pl %ASM_MODE% > sha256-nw.asm
+perl sha512-586.pl %ASM_MODE% > sha512-nw.asm
 cd ..\..\..
 
 echo RIPEMD160
@@ -156,6 +173,16 @@ cd crypto\rc5\asm
 perl rc5-586.pl %ASM_MODE% > r5-nw.asm
 cd ..\..\..
 
+echo WHIRLPOOL
+cd crypto\whrlpool\asm
+perl wp-mmx.pl %ASM_MODE% > wp-nw.asm
+cd ..\..\..
+
+echo CPUID
+cd crypto
+perl x86cpuid.pl %ASM_MODE% > x86cpuid-nw.asm
+cd ..\
+
 rem ===============================================================
 rem
 :do_config
@@ -172,8 +199,10 @@ echo mk1mf.pl options: %DEBUG% %ASM_MODE% %CONFIG_OPTS% %BLD_TARGET%
 echo .
 perl util\mk1mf.pl %DEBUG% %ASM_MODE% %CONFIG_OPTS% %BLD_TARGET% >%NLM_MAKE%
 
+make -f %NLM_MAKE% vclean
+echo .
 echo The makefile "%NLM_MAKE%" has been created use your maketool to
-echo build (ex: gmake -f %NLM_MAKE%)
+echo build (ex: make -f %NLM_MAKE%)
 goto end
 
 rem ===============================================================
@@ -184,8 +213,10 @@ echo .  No build target specified!!!
 echo .
 echo .  usage: build [target] [debug opts] [assembly opts] [configure opts]
 echo .
-echo .     target        - "netware-clib" - CLib NetWare build
-echo .                   - "netware-libc" - LibC NKS NetWare build
+echo .     target        - "netware-clib" - CLib NetWare build (WinSock Sockets)
+echo .                   - "netware-clib-bsdsock" - CLib NetWare build (BSD Sockets)
+echo .                   - "netware-libc" - LibC NetWare build (WinSock Sockets)
+echo .                   - "netware-libc-bsdsock" - LibC NetWare build (BSD Sockets)
 echo .
 echo .     debug opts    - "debug"  - build debug
 echo .
diff --git a/Netware/cpy_tests.bat b/Netware/cpy_tests.bat
index c2f07c00c7..1583f28067 100644
--- a/Netware/cpy_tests.bat
+++ b/Netware/cpy_tests.bat
@@ -73,6 +73,7 @@ copy %loc%\test\testsid.pem   %2\openssl\test\
 copy %loc%\test\testx509.pem  %2\openssl\test\
 copy %loc%\test\v3-cert1.pem  %2\openssl\test\
 copy %loc%\test\v3-cert2.pem  %2\openssl\test\
+copy %loc%\crypto\evp\evptests.txt %2\openssl\test\
 
 rem   copy the apps directory stuff
 copy %loc%\apps\client.pem    %2\openssl\apps\
diff --git a/Netware/do_tests.pl b/Netware/do_tests.pl
index f4e11272d3..ac482dbe2b 100644
--- a/Netware/do_tests.pl
+++ b/Netware/do_tests.pl
@@ -34,16 +34,21 @@ sub main()
    # delete all the output files in the output directory
    unlink <$output_path\\*.*>;
 
-   # open the main log file 
+   # open the main log file
    open(OUT, ">$log_file") || die "unable to open $log_file\n";
 
-   
+   print( OUT "========================================================\n");
+   my $outFile = "$output_path\\version.out";
+   system("openssl2 version (CLIB_OPT)/>$outFile");
+   log_output("CHECKING FOR OPENSSL VERSION:", $outFile);
+
    algorithm_tests();
    encryption_tests();
+   evp_tests();
    pem_tests();
    verify_tests();
-   ssl_tests();
    ca_tests();
+   ssl_tests();
 
    close(OUT);
 
@@ -56,9 +61,10 @@ sub algorithm_tests
 {
    my $i;
    my $outFile;
-   my @tests = ( rsa_test, destest, ideatest, bftest, shatest, sha1test,
-                 md5test, dsatest, md2test, mdc2test, rc2test, rc4test, randtest,
-                 dhtest, exptest );
+   my @tests = ( rsa_test, destest, ideatest, bftest, bntest, shatest, sha1test,
+                 sha256t, sha512t, dsatest, md2test, md4test, md5test, mdc2test,
+                 rc2test, rc4test, rc5test, randtest, rmdtest, dhtest, ecdhtest,
+                 ecdsatest, ectest, exptest, casttest, hmactest );
 
    print( "\nRUNNING CRYPTO ALGORITHM TESTS:\n\n");
 
@@ -67,10 +73,17 @@ sub algorithm_tests
 
    foreach $i (@tests)
    {
-      $outFile = "$output_path\\$i.out";
-      system("$i > $outFile");
-      log_desc("Test: $i\.nlm:");
-      log_output("", $outFile );
+      if (-e "$base_path\\$i.nlm")
+      {
+         $outFile = "$output_path\\$i.out";
+         system("$i (CLIB_OPT)/>$outFile");
+         log_desc("Test: $i\.nlm:");
+         log_output("", $outFile );
+      }
+      else
+      {
+         log_desc("Test: $i\.nlm: file not found");
+      }
    }
 }
 
@@ -102,24 +115,24 @@ sub encryption_tests
 
       # do encryption
       $outFile = "$output_path\\enc.out";
-      system("openssl2 $i -e -bufsize 113 -k test -in $input -out $cipher > $outFile" );
+      system("openssl2 $i -e -bufsize 113 -k test -in $input -out $cipher (CLIB_OPT)/>$outFile" );
       log_output("Encrypting: $input --> $cipher", $outFile);
 
       # do decryption
       $outFile = "$output_path\\dec.out";
-      system("openssl2 $i -d -bufsize 157 -k test -in $cipher -out $clear > $outFile");
+      system("openssl2 $i -d -bufsize 157 -k test -in $cipher -out $clear (CLIB_OPT)/>$outFile");
       log_output("Decrypting: $cipher --> $clear", $outFile);
 
       # compare files
       $x = compare_files( $input, $clear, 1);
       if ( $x == 0 )
       {
-         print( "SUCCESS - files match: $input, $clear\n");
+         print( "\rSUCCESS - files match: $input, $clear\n");
          print( OUT "SUCCESS - files match: $input, $clear\n");
       }
       else
       {
-         print( "ERROR: files don't match\n");
+         print( "\rERROR: files don't match\n");
          print( OUT "ERROR: files don't match\n");
       }
 
@@ -129,24 +142,24 @@ sub encryption_tests
 
       # do encryption B64
       $outFile = "$output_path\\B64enc.out";
-      system("openssl2 $i -a -e -bufsize 113 -k test -in $input -out $cipher > $outFile");
+      system("openssl2 $i -a -e -bufsize 113 -k test -in $input -out $cipher (CLIB_OPT)/>$outFile");
       log_output("Encrypting(B64): $cipher --> $clear", $outFile);
 
       # do decryption B64
       $outFile = "$output_path\\B64dec.out";
-      system("openssl2 $i -a -d -bufsize 157 -k test -in $cipher -out $clear > $outFile");
+      system("openssl2 $i -a -d -bufsize 157 -k test -in $cipher -out $clear (CLIB_OPT)/>$outFile");
       log_output("Decrypting(B64): $cipher --> $clear", $outFile);
 
       # compare files
       $x = compare_files( $input, $clear, 1);
       if ( $x == 0 )
       {
-         print( "SUCCESS - files match: $input, $clear\n");
+         print( "\rSUCCESS - files match: $input, $clear\n");
          print( OUT "SUCCESS - files match: $input, $clear\n");
       }
       else
       {
-         print( "ERROR: files don't match\n");
+         print( "\rERROR: files don't match\n");
          print( OUT "ERROR: files don't match\n");
       }
 
@@ -192,24 +205,24 @@ sub pem_tests
 
       if ($i ne "req" )
       {
-         system("openssl2 $i -in $input -out $tmp_out > $outFile");
+         system("openssl2 $i -in $input -out $tmp_out (CLIB_OPT)/>$outFile");
          log_output( "openssl2 $i -in $input -out $tmp_out", $outFile);
       }
       else
       {
-         system("openssl2 $i -in $input -out $tmp_out -config $OpenSSL_config > $outFile");
+         system("openssl2 $i -in $input -out $tmp_out -config $OpenSSL_config (CLIB_OPT)/>$outFile");
          log_output( "openssl2 $i -in $input -out $tmp_out -config $OpenSSL_config", $outFile );
       }
 
       $x = compare_files( $input, $tmp_out);
       if ( $x == 0 )
       {
-         print( "SUCCESS - files match: $input, $tmp_out\n");
+         print( "\rSUCCESS - files match: $input, $tmp_out\n");
          print( OUT "SUCCESS - files match: $input, $tmp_out\n");
       }
       else
       {
-         print( "ERROR: files don't match\n");
+         print( "\rERROR: files don't match\n");
          print( OUT "ERROR: files don't match\n");
       }
       do_wait();
@@ -224,7 +237,8 @@ sub verify_tests
    my $i;
    my $outFile = "$output_path\\verify.out";
 
-   my @cert_files = <$cert_path\\*.pem>;
+   $cert_path =~ s/\\/\//g;
+   my @cert_files = <$cert_path/*.pem>;
 
    print( "\nRUNNING VERIFY TESTS:\n\n");
 
@@ -235,7 +249,7 @@ sub verify_tests
 
    foreach $i (@cert_files)
    {
-      system("openssl2 verify -CAfile $tmp_cert $i >$outFile");
+      system("openssl2 verify -CAfile $tmp_cert $i (CLIB_OPT)/>$outFile");
       log_desc("Verifying cert: $i");
       log_output("openssl2 verify -CAfile $tmp_cert $i", $outFile);
    }
@@ -246,113 +260,115 @@ sub verify_tests
 sub ssl_tests
 {
    my $outFile = "$output_path\\ssl_tst.out";
+   my($CAcert) = "$output_path\\certCA.ss";
+   my($Ukey)   = "$output_path\\keyU.ss";
+   my($Ucert)  = "$output_path\\certU.ss";
+   my($ssltest)= "ssltest -key $Ukey -cert $Ucert -c_key $Ukey -c_cert $Ucert -CAfile $CAcert";
 
    print( "\nRUNNING SSL TESTS:\n\n");
 
    print( OUT "\n========================================================\n");
    print( OUT "SSL TESTS:\n\n");
 
-   make_tmp_cert_file();
-
-   system("ssltest -ssl2 >$outFile");
+   system("ssltest -ssl2 (CLIB_OPT)/>$outFile");
    log_desc("Testing sslv2:");
    log_output("ssltest -ssl2", $outFile);
 
-   system("ssltest -ssl2 -server_auth -CAfile $tmp_cert >$outFile");
+   system("$ssltest -ssl2 -server_auth (CLIB_OPT)/>$outFile");
    log_desc("Testing sslv2 with server authentication:");
-   log_output("ssltest -ssl2 -server_auth -CAfile $tmp_cert", $outFile);
+   log_output("$ssltest -ssl2 -server_auth", $outFile);
 
-   system("ssltest -ssl2 -client_auth -CAfile $tmp_cert >$outFile");
+   system("$ssltest -ssl2 -client_auth (CLIB_OPT)/>$outFile");
    log_desc("Testing sslv2 with client authentication:");
-   log_output("ssltest -ssl2 -client_auth -CAfile $tmp_cert", $outFile);
+   log_output("$ssltest -ssl2 -client_auth", $outFile);
 
-   system("ssltest -ssl2 -server_auth -client_auth -CAfile $tmp_cert >$outFile");
+   system("$ssltest -ssl2 -server_auth -client_auth (CLIB_OPT)/>$outFile");
    log_desc("Testing sslv2 with both client and server authentication:");
-   log_output("ssltest -ssl2 -server_auth -client_auth -CAfile $tmp_cert", $outFile);
+   log_output("$ssltest -ssl2 -server_auth -client_auth", $outFile);
 
-   system("ssltest -ssl3 >$outFile");
+   system("ssltest -ssl3 (CLIB_OPT)/>$outFile");
    log_desc("Testing sslv3:");
    log_output("ssltest -ssl3", $outFile);
 
-   system("ssltest -ssl3 -server_auth -CAfile $tmp_cert >$outFile");
+   system("$ssltest -ssl3 -server_auth (CLIB_OPT)/>$outFile");
    log_desc("Testing sslv3 with server authentication:");
-   log_output("ssltest -ssl3 -server_auth -CAfile $tmp_cert", $outFile);
+   log_output("$ssltest -ssl3 -server_auth", $outFile);
 
-   system("ssltest -ssl3 -client_auth -CAfile $tmp_cert >$outFile");
+   system("$ssltest -ssl3 -client_auth (CLIB_OPT)/>$outFile");
    log_desc("Testing sslv3 with client authentication:");
-   log_output("ssltest -ssl3 -client_auth -CAfile $tmp_cert", $outFile);
+   log_output("$ssltest -ssl3 -client_auth", $outFile);
 
-   system("ssltest -ssl3 -server_auth -client_auth -CAfile $tmp_cert >$outFile");
+   system("$ssltest -ssl3 -server_auth -client_auth (CLIB_OPT)/>$outFile");
    log_desc("Testing sslv3 with both client and server authentication:");
-   log_output("ssltest -ssl3 -server_auth -client_auth -CAfile $tmp_cert", $outFile);
+   log_output("$ssltest -ssl3 -server_auth -client_auth", $outFile);
 
-   system("ssltest >$outFile");
+   system("ssltest (CLIB_OPT)/>$outFile");
    log_desc("Testing sslv2/sslv3:");
    log_output("ssltest", $outFile);
 
-   system("ssltest -server_auth -CAfile $tmp_cert >$outFile");
+   system("$ssltest -server_auth (CLIB_OPT)/>$outFile");
    log_desc("Testing sslv2/sslv3 with server authentication:");
-   log_output("ssltest -server_auth -CAfile $tmp_cert", $outFile);
+   log_output("$ssltest -server_auth", $outFile);
 
-   system("ssltest -client_auth -CAfile $tmp_cert >$outFile");
+   system("$ssltest -client_auth (CLIB_OPT)/>$outFile");
    log_desc("Testing sslv2/sslv3 with client authentication:");
-   log_output("ssltest -client_auth -CAfile $tmp_cert", $outFile);
+   log_output("$ssltest -client_auth ", $outFile);
 
-   system("ssltest -server_auth -client_auth -CAfile $tmp_cert >$outFile");
+   system("$ssltest -server_auth -client_auth (CLIB_OPT)/>$outFile");
    log_desc("Testing sslv2/sslv3 with both client and server authentication:");
-   log_output("ssltest -server_auth -client_auth -CAfile $tmp_cert", $outFile);
+   log_output("$ssltest -server_auth -client_auth", $outFile);
 
-   system("ssltest -bio_pair -ssl2 >$outFile");
+   system("ssltest -bio_pair -ssl2 (CLIB_OPT)/>$outFile");
    log_desc("Testing sslv2 via BIO pair:");
    log_output("ssltest -bio_pair -ssl2", $outFile);
 
-   system("ssltest -bio_pair -dhe1024dsa -v >$outFile");
+   system("ssltest -bio_pair -dhe1024dsa -v (CLIB_OPT)/>$outFile");
    log_desc("Testing sslv2/sslv3 with 1024 bit DHE via BIO pair:");
    log_output("ssltest -bio_pair -dhe1024dsa -v", $outFile);
 
-   system("ssltest -bio_pair -ssl2 -server_auth -CAfile $tmp_cert >$outFile");
+   system("$ssltest -bio_pair -ssl2 -server_auth (CLIB_OPT)/>$outFile");
    log_desc("Testing sslv2 with server authentication via BIO pair:");
-   log_output("ssltest -bio_pair -ssl2 -server_auth -CAfile $tmp_cert", $outFile);
+   log_output("$ssltest -bio_pair -ssl2 -server_auth", $outFile);
 
-   system("ssltest -bio_pair -ssl2 -client_auth -CAfile $tmp_cert >$outFile");
+   system("$ssltest -bio_pair -ssl2 -client_auth (CLIB_OPT)/>$outFile");
    log_desc("Testing sslv2 with client authentication via BIO pair:");
-   log_output("ssltest -bio_pair -ssl2 -client_auth -CAfile $tmp_cert", $outFile);
+   log_output("$ssltest -bio_pair -ssl2 -client_auth", $outFile);
 
-   system("ssltest -bio_pair -ssl2 -server_auth -client_auth -CAfile $tmp_cert >$outFile");
+   system("$ssltest -bio_pair -ssl2 -server_auth -client_auth (CLIB_OPT)/>$outFile");
    log_desc("Testing sslv2 with both client and server authentication via BIO pair:");
-   log_output("ssltest -bio_pair -ssl2 -server_auth -client_auth -CAfile $tmp_cert", $outFile);
+   log_output("$ssltest -bio_pair -ssl2 -server_auth -client_auth", $outFile);
 
-   system("ssltest -bio_pair -ssl3 >$outFile");
+   system("ssltest -bio_pair -ssl3 (CLIB_OPT)/>$outFile");
    log_desc("Testing sslv3 via BIO pair:");
    log_output("ssltest -bio_pair -ssl3", $outFile);
 
-   system("ssltest -bio_pair -ssl3 -server_auth -CAfile $tmp_cert >$outFile");
+   system("$ssltest -bio_pair -ssl3 -server_auth (CLIB_OPT)/>$outFile");
    log_desc("Testing sslv3 with server authentication via BIO pair:");
-   log_output("ssltest -bio_pair -ssl3 -server_auth -CAfile $tmp_cert", $outFile);
+   log_output("$ssltest -bio_pair -ssl3 -server_auth", $outFile);
 
-   system("ssltest -bio_pair -ssl3 -client_auth -CAfile $tmp_cert >$outFile");
+   system("$ssltest -bio_pair -ssl3 -client_auth (CLIB_OPT)/>$outFile");
    log_desc("Testing sslv3 with client authentication  via BIO pair:");
-   log_output("ssltest -bio_pair -ssl3 -client_auth -CAfile $tmp_cert", $outFile);
+   log_output("$ssltest -bio_pair -ssl3 -client_auth", $outFile);
 
-   system("ssltest -bio_pair -ssl3 -server_auth -client_auth -CAfile $tmp_cert >$outFile");
+   system("$ssltest -bio_pair -ssl3 -server_auth -client_auth (CLIB_OPT)/>$outFile");
    log_desc("Testing sslv3 with both client and server authentication via BIO pair:");
-   log_output("ssltest -bio_pair -ssl3 -server_auth -client_auth -CAfile $tmp_cert", $outFile);
+   log_output("$ssltest -bio_pair -ssl3 -server_auth -client_auth", $outFile);
 
-   system("ssltest -bio_pair >$outFile");
+   system("ssltest -bio_pair (CLIB_OPT)/>$outFile");
    log_desc("Testing sslv2/sslv3 via BIO pair:");
    log_output("ssltest -bio_pair", $outFile);
 
-   system("ssltest -bio_pair -server_auth -CAfile $tmp_cert >$outFile");
+   system("$ssltest -bio_pair -server_auth (CLIB_OPT)/>$outFile");
    log_desc("Testing sslv2/sslv3 with server authentication via BIO pair:");
-   log_output("ssltest -bio_pair -server_auth -CAfile $tmp_cert", $outFile);
+   log_output("$ssltest -bio_pair -server_auth", $outFile);
 
-   system("ssltest -bio_pair -client_auth -CAfile $tmp_cert >$outFile");
+   system("$ssltest -bio_pair -client_auth (CLIB_OPT)/>$outFile");
    log_desc("Testing sslv2/sslv3 with client authentication via BIO pair:");
-   log_output("ssltest -bio_pair -client_auth -CAfile $tmp_cert", $outFile);
+   log_output("$ssltest -bio_pair -client_auth", $outFile);
 
-   system("ssltest -bio_pair -server_auth -client_auth -CAfile $tmp_cert >$outFile");
+   system("$ssltest -bio_pair -server_auth -client_auth (CLIB_OPT)/>$outFile");
    log_desc("Testing sslv2/sslv3 with both client and server authentication via BIO pair:");
-   log_output("ssltest -bio_pair -server_auth -client_auth -CAfile $tmp_cert", $outFile);
+   log_output("$ssltest -bio_pair -server_auth -client_auth", $outFile);
 }
 
 
@@ -380,43 +396,43 @@ sub ca_tests
    print( OUT "\n========================================================\n");
    print( OUT "CA TESTS:\n");
 
-   system("openssl2 req -config $CAconf -out $CAreq -keyout $CAkey -new >$outFile");
+   system("openssl2 req -config $CAconf -out $CAreq -keyout $CAkey -new (CLIB_OPT)/>$outFile");
    log_desc("Make a certificate request using req:");
    log_output("openssl2 req -config $CAconf -out $CAreq -keyout $CAkey -new", $outFile);
 
-   system("openssl2 x509 -CAcreateserial -in $CAreq -days 30 -req -out $CAcert -signkey $CAkey >$outFile");
+   system("openssl2 x509 -CAcreateserial -in $CAreq -days 30 -req -out $CAcert -signkey $CAkey (CLIB_OPT)/>$outFile");
    log_desc("Convert the certificate request into a self signed certificate using x509:");
    log_output("openssl2 x509 -CAcreateserial -in $CAreq -days 30 -req -out $CAcert -signkey $CAkey", $outFile);
 
-   system("openssl2 x509 -in $CAcert -x509toreq -signkey $CAkey -out $CAreq2 >$outFile");
+   system("openssl2 x509 -in $CAcert -x509toreq -signkey $CAkey -out $CAreq2 (CLIB_OPT)/>$outFile");
    log_desc("Convert a certificate into a certificate request using 'x509':");
    log_output("openssl2 x509 -in $CAcert -x509toreq -signkey $CAkey -out $CAreq2", $outFile);
 
-   system("openssl2 req -config $OpenSSL_config -verify -in $CAreq -noout >$outFile");
+   system("openssl2 req -config $OpenSSL_config -verify -in $CAreq -noout (CLIB_OPT)/>$outFile");
    log_output("openssl2 req -config $OpenSSL_config -verify -in $CAreq -noout", $outFile);
 
-   system("openssl2 req -config $OpenSSL_config -verify -in $CAreq2 -noout >$outFile");
+   system("openssl2 req -config $OpenSSL_config -verify -in $CAreq2 -noout (CLIB_OPT)/>$outFile");
    log_output( "openssl2 req -config $OpenSSL_config -verify -in $CAreq2 -noout", $outFile);
 
-   system("openssl2 verify -CAfile $CAcert $CAcert >$outFile");
+   system("openssl2 verify -CAfile $CAcert $CAcert (CLIB_OPT)/>$outFile");
    log_output("openssl2 verify -CAfile $CAcert $CAcert", $outFile);
 
-   system("openssl2 req -config $Uconf -out $Ureq -keyout $Ukey -new >$outFile");
+   system("openssl2 req -config $Uconf -out $Ureq -keyout $Ukey -new (CLIB_OPT)/>$outFile");
    log_desc("Make another certificate request using req:");
    log_output("openssl2 req -config $Uconf -out $Ureq -keyout $Ukey -new", $outFile);
 
-   system("openssl2 x509 -CAcreateserial -in $Ureq -days 30 -req -out $Ucert -CA $CAcert -CAkey $CAkey -CAserial $CAserial >$outFile");
+   system("openssl2 x509 -CAcreateserial -in $Ureq -days 30 -req -out $Ucert -CA $CAcert -CAkey $CAkey -CAserial $CAserial (CLIB_OPT)/>$outFile");
    log_desc("Sign certificate request with the just created CA via x509:");
    log_output("openssl2 x509 -CAcreateserial -in $Ureq -days 30 -req -out $Ucert -CA $CAcert -CAkey $CAkey -CAserial $CAserial", $outFile);
 
-   system("openssl2 verify -CAfile $CAcert $Ucert >$outFile");
+   system("openssl2 verify -CAfile $CAcert $Ucert (CLIB_OPT)/>$outFile");
    log_output("openssl2 verify -CAfile $CAcert $Ucert", $outFile);
 
-   system("openssl2 x509 -subject -issuer -startdate -enddate -noout -in $Ucert >$outFile");
+   system("openssl2 x509 -subject -issuer -startdate -enddate -noout -in $Ucert (CLIB_OPT)/>$outFile");
    log_desc("Certificate details");
    log_output("openssl2 x509 -subject -issuer -startdate -enddate -noout -in $Ucert", $outFile);
 
-   print(OUT "-- \n");
+   print(OUT "--\n");
    print(OUT "The generated CA certificate is $CAcert\n");
    print(OUT "The generated CA private key is $CAkey\n");
    print(OUT "The current CA signing serial number is in $CAserial\n");
@@ -427,6 +443,29 @@ sub ca_tests
 }
 
 ############################################################################
+sub evp_tests
+{
+   my $i = 'evp_test';
+
+   print( "\nRUNNING EVP TESTS:\n\n");
+
+   print( OUT "\n========================================================\n");
+   print( OUT "EVP TESTS:\n\n");
+
+   if (-e "$base_path\\$i.nlm")
+   {
+       my $outFile = "$output_path\\$i.out";
+       system("$i $test_path\\evptests.txt (CLIB_OPT)/>$outFile");
+       log_desc("Test: $i\.nlm:");
+       log_output("", $outFile );
+   }
+   else
+   {
+       log_desc("Test: $i\.nlm: file not found");
+   }
+}
+
+############################################################################
 sub log_output( $ $ )
 {
    my( $desc, $file ) = @_;
@@ -436,7 +475,7 @@ sub log_output( $ $ )
 
    if ($desc)
    {
-      print("$desc\n");
+      print("\r$desc\n");
       print(OUT "$desc\n");
    }
 
@@ -448,8 +487,8 @@ sub log_output( $ $ )
       # copy test output to log file
    open(IN, "<$file");
    while (<IN>)
-   { 
-      print(OUT $_); 
+   {
+      print(OUT $_);
       if ( $_ =~ /ERROR/ )
       {
          $error = 1;
@@ -476,13 +515,13 @@ sub log_output( $ $ )
       $key = getc;
       print("\n");
    }
-      
-      # Several of the testing scripts run a loop loading the 
+
+      # Several of the testing scripts run a loop loading the
       # same NLM with different options.
-      # On slow NetWare machines there appears to be some delay in the 
+      # On slow NetWare machines there appears to be some delay in the
       # OS actually unloading the test nlms and the OS complains about.
-      # the NLM already being loaded.  This additional pause is to 
-      # to help provide a little more time for unloading before trying to 
+      # the NLM already being loaded.  This additional pause is to
+      # to help provide a little more time for unloading before trying to
       # load again.
    sleep(1);
 }
@@ -553,7 +592,7 @@ sub do_wait()
 ############################################################################
 sub make_tmp_cert_file()
 {
-   my @cert_files = <$cert_path\\*.pem>;
+   my @cert_files = <$cert_path/*.pem>;
 
       # delete the file if it already exists
    unlink($tmp_cert);
@@ -561,7 +600,7 @@ sub make_tmp_cert_file()
    open( TMP_CERT, ">$tmp_cert") || die "\nunable to open $tmp_cert\n";
 
    print("building temporary cert file\n");
-   
+
    # create a temporary cert file that contains all the certs
    foreach $i (@cert_files)
    {
diff --git a/Netware/set_env.bat b/Netware/set_env.bat
index e9012e3409..ace024e529 100644
--- a/Netware/set_env.bat
+++ b/Netware/set_env.bat
@@ -16,75 +16,97 @@ if "a%1" == "a" goto usage
                
 set LIBC_BUILD=
 set CLIB_BUILD=
+set GNUC=
 
 if "%1" == "netware-clib" set CLIB_BUILD=Y
 if "%1" == "netware-clib" set LIBC_BUILD=
 
-if "%1" == "netware-libc"  set LIBC_BUILD=Y
-if "%1" == "netware-libc"  set CLIB_BUILD=
+if "%1" == "netware-libc" set LIBC_BUILD=Y
+if "%1" == "netware-libc" set CLIB_BUILD=
+
+if "%2" == "gnuc" set GNUC=Y
+if "%2" == "codewarrior" set GNUC=
 
 rem   Location of tools (compiler, linker, etc)
-set TOOLS=d:\i_drive\tools
+if "%NDKBASE%" == "" set NDKBASE=c:\Novell
 
 rem   If Perl for Win32 is not already in your path, add it here
 set PERL_PATH=
 
 rem   Define path to the Metrowerks command line tools
+rem   or GNU Crosscompiler gcc / nlmconv
 rem   ( compiler, assembler, linker)
-set METROWERKS_PATH=%TOOLS%\codewar\pdk_21\tools\command line tools
-rem set METROWERKS_PATH=%TOOLS%\codewar\PDK_40\Other Metrowerks Tools\Command Line Tools
+if "%GNUC%" == "Y" set COMPILER_PATH=c:\usr\i586-netware\bin;c:\usr\bin
+if "%GNUC%" == "" set COMPILER_PATH=c:\prg\cwcmdl40
 
 rem   If using gnu make define path to utility
-set GNU_MAKE_PATH=%TOOLS%\gnu
+rem set GNU_MAKE_PATH=%NDKBASE%\gnu
+set GNU_MAKE_PATH=c:\prg\tools
 
 rem   If using ms nmake define path to nmake
-set MS_NMAKE_PATH=%TOOLS%\msvc\600\bin
+rem set MS_NMAKE_PATH=%NDKBASE%\msvc\600\bin
 
 rem   If using NASM assembler define path
-set NASM_PATH=%TOOLS%\nasm
+rem set NASM_PATH=%NDKBASE%\nasm
+set NASM_PATH=c:\prg\tools
 
 rem   Update path to include tool paths
-set path=%path%;%METROWERKS_PATH%
+set path=%path%;%COMPILER_PATH%
 if not "%GNU_MAKE_PATH%" == "" set path=%path%;%GNU_MAKE_PATH%
 if not "%MS_NMAKE_PATH%" == "" set path=%path%;%MS_NMAKE_PATH%
 if not "%NASM_PATH%"     == "" set path=%path%;%NASM_PATH%
 if not "%PERL_PATH%"     == "" set path=%path%;%PERL_PATH%
 
-rem   Set MWCIncludes to location of Novell NDK includes
-if "%LIBC_BUILD%" == "Y" set MWCIncludes=%TOOLS%\ndk\libc\include;%TOOLS%\ndk\libc\include\winsock;.\engines
-if "%CLIB_BUILD%" == "Y" set MWCIncludes=%TOOLS%\ndk\nwsdk\include\nlm;.\engines
-set include=
+rem   Set INCLUDES to location of Novell NDK includes
+if "%LIBC_BUILD%" == "Y" set INCLUDE=%NDKBASE%\ndk\libc\include;%NDKBASE%\ndk\libc\include\winsock
+if "%CLIB_BUILD%" == "Y" set INCLUDE=%NDKBASE%\ndk\nwsdk\include\nlm;%NDKBASE%\ws295sdk\include
 
 rem   Set Imports to location of Novell NDK import files
-if "%LIBC_BUILD%" == "Y" set IMPORTS=%TOOLS%\ndk\libc\imports
-if "%CLIB_BUILD%" == "Y" set IMPORTS=%TOOLS%\ndk\nwsdk\imports
+if "%LIBC_BUILD%" == "Y" set IMPORTS=%NDKBASE%\ndk\libc\imports
+if "%CLIB_BUILD%" == "Y" set IMPORTS=%NDKBASE%\ndk\nwsdk\imports
 
 rem   Set PRELUDE to the absolute path of the prelude object to link with in
 rem   the Metrowerks NetWare PDK - NOTE: for Clib builds "clibpre.o" is 
 rem   recommended, for LibC NKS builds libcpre.o must be used
+if "%GNUC%" == "Y" goto gnuc
 if "%LIBC_BUILD%" == "Y" set PRELUDE=%IMPORTS%\libcpre.o
-if "%CLIB_BUILD%" == "Y" set PRELUDE=%IMPORTS%\clibpre.o
+rem if "%CLIB_BUILD%" == "Y" set PRELUDE=%IMPORTS%\clibpre.o
+if "%CLIB_BUILD%" == "Y" set PRELUDE=%IMPORTS%\prelude.o
+echo using MetroWerks CodeWarrior 
+goto info
+
+:gnuc
+if "%LIBC_BUILD%" == "Y" set PRELUDE=%IMPORTS%\libcpre.gcc.o
+rem if "%CLIB_BUILD%" == "Y" set PRELUDE=%IMPORTS%\clibpre.gcc.o
+if "%CLIB_BUILD%" == "Y" set PRELUDE=%IMPORTS%\prelude.gcc.o
+echo using GNU GCC Compiler 
 
+:info
+echo.
 
 if "%LIBC_BUILD%" == "Y" echo Enviroment configured for LibC build
 if "%LIBC_BUILD%" == "Y" echo use "netware\build.bat netware-libc ..." 
 
 if "%CLIB_BUILD%" == "Y" echo Enviroment configured for CLib build
 if "%CLIB_BUILD%" == "Y" echo use "netware\build.bat netware-clib ..." 
+
 goto end
 
 :usage
 rem ===============================================================
-echo .
-echo . No target build specified!
-echo .
-echo . usage: set_env [target]
-echo .
-echo .   target      - "netware-clib" - Clib build
-echo .               - "netware-libc" - LibC build
-echo .
-
-
+echo.
+echo No target build specified!
+echo.
+echo usage: set_env [target] [compiler]
+echo.
+echo target      - "netware-clib" - Clib build
+echo             - "netware-libc" - LibC build
+echo.
+echo compiler    - "gnuc"         - GNU GCC Compiler
+echo             - "codewarrior"  - MetroWerks CodeWarrior (default)
+echo.
 
 :end
+echo.
+
 
diff --git a/PROBLEMS b/PROBLEMS
index 8301624639..ed3c174535 100644
--- a/PROBLEMS
+++ b/PROBLEMS
@@ -12,8 +12,8 @@ along the whole library path before it bothers looking for .a libraries.  This
 means that -L switches won't matter unless OpenSSL is built with shared
 library support.
 
-The workaround may be to change the following lines in apps/Makefile.ssl and
-test/Makefile.ssl:
+The workaround may be to change the following lines in apps/Makefile and
+test/Makefile:
 
   LIBCRYPTO=-L.. -lcrypto
   LIBSSL=-L.. -lssl
@@ -48,20 +48,34 @@ will interfere with each other and lead to test failure.
 The solution is simple for now: don't run parallell make when testing.
 
 
-* Bugs in gcc 3.0 triggered
+* Bugs in gcc triggered
 
-According to a problem report, there are bugs in gcc 3.0 that are
-triggered by some of the code in OpenSSL, more specifically in
-PEM_get_EVP_CIPHER_INFO().  The triggering code is the following:
+- According to a problem report, there are bugs in gcc 3.0 that are
+  triggered by some of the code in OpenSSL, more specifically in
+  PEM_get_EVP_CIPHER_INFO().  The triggering code is the following:
 
 	header+=11;
 	if (*header != '4') return(0); header++;
 	if (*header != ',') return(0); header++;
 
-What happens is that gcc might optimize a little too agressively, and
-you end up with an extra incrementation when *header != '4'.
+  What happens is that gcc might optimize a little too agressively, and
+  you end up with an extra incrementation when *header != '4'.
 
-We recommend that you upgrade gcc to as high a 3.x version as you can.
+  We recommend that you upgrade gcc to as high a 3.x version as you can.
+
+- According to multiple problem reports, some of our message digest
+  implementations trigger bug[s] in code optimizer in gcc 3.3 for sparc64
+  and gcc 2.96 for ppc. Former fails to complete RIPEMD160 test, while
+  latter - SHA one.
+
+  The recomendation is to upgrade your compiler. This naturally applies to
+  other similar cases.
+
+- There is a subtle Solaris x86-specific gcc run-time environment bug, which
+  "falls between" OpenSSL [0.9.8 and later], Solaris ld and GCC. The bug
+  manifests itself as Segmentation Fault upon early application start-up.
+  The problem can be worked around by patching the environment according to
+  http://www.openssl.org/~appro/values.c.
 
 * solaris64-sparcv9-cc SHA-1 performance with WorkShop 6 compiler.
 
@@ -120,3 +134,64 @@ Any information helping to solve this issue would be deeply
 appreciated.
 
 NOTE: building non-shared doesn't come with this problem.
+
+* ULTRIX build fails with shell errors, such as "bad substitution"
+  and "test: argument expected"
+
+The problem is caused by ULTRIX /bin/sh supporting only original
+Bourne shell syntax/semantics, and the trouble is that the vast
+majority is so accustomed to more modern syntax, that very few
+people [if any] would recognize the ancient syntax even as valid.
+This inevitably results in non-trivial scripts breaking on ULTRIX,
+and OpenSSL isn't an exclusion. Fortunately there is workaround,
+hire /bin/ksh to do the job /bin/sh fails to do.
+
+1. Trick make(1) to use /bin/ksh by setting up following environ-
+   ment variables *prior* you execute ./Configure and make:
+
+	PROG_ENV=POSIX
+	MAKESHELL=/bin/ksh
+	export PROG_ENV MAKESHELL
+
+   or if your shell is csh-compatible:
+
+	setenv PROG_ENV POSIX
+	setenv MAKESHELL /bin/ksh
+
+2. Trick /bin/sh to use alternative expression evaluator. Create
+   following 'test' script for example in /tmp:
+
+	#!/bin/ksh
+	${0##*/} "$@"
+
+   Then 'chmod a+x /tmp/test; ln /tmp/test /tmp/[' and *prepend*
+   your $PATH with chosen location, e.g. PATH=/tmp:$PATH. Alter-
+   natively just replace system /bin/test and /bin/[ with the
+   above script.
+
+* hpux64-ia64-cc fails blowfish test.
+
+Compiler bug, presumably at particular patch level. It should be noted
+that same compiler generates correct 32-bit code, a.k.a. hpux-ia64-cc
+target. Drop optimization level to +O2 when compiling 64-bit bf_skey.o.
+
+* no-engines generates errors.
+
+Unfortunately, the 'no-engines' configuration option currently doesn't
+work properly.  Use 'no-hw' and you'll will at least get no hardware
+support.  We'll see how we fix that on OpenSSL versions past 0.9.8.
+
+* 'make test' fails in BN_sqr [commonly with "error 139" denoting SIGSEGV]
+  if elder GNU binutils were deployed to link shared libcrypto.so.
+
+As subject suggests the failure is caused by a bug in elder binutils,
+either as or ld, and was observed on FreeBSD and Linux. There are two
+options. First is naturally to upgrade binutils, the second one - to
+reconfigure with additional no-sse2 [or 386] option passed to ./config.
+
+* If configured with ./config no-dso, toolkit still gets linked with -ldl,
+  which most notably poses a problem when linking with dietlibc.
+
+We don't have framework to associate -ldl with no-dso, therefore the only
+way is to edit Makefile right after ./config no-dso and remove -ldl from
+EX_LIBS line.
diff --git a/README b/README
index 2ab8488bf3..52d678442b 100644
--- a/README
+++ b/README
@@ -1,7 +1,7 @@
 
- OpenSSL 0.9.8-dev XX xxx XXXX
+ OpenSSL 1.1.0-dev XX xxx XXXX
 
- Copyright (c) 1998-2002 The OpenSSL Project
+ Copyright (c) 1998-2009 The OpenSSL Project
  Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
  All rights reserved.
 
@@ -36,12 +36,13 @@
      actually logically part of it. It includes routines for the following:
 
      Ciphers
-        libdes - EAY's libdes DES encryption package which has been floating
-                 around the net for a few years.  It includes 15
-                 'modes/variations' of DES (1, 2 and 3 key versions of ecb,
-                 cbc, cfb and ofb; pcbc and a more general form of cfb and
-                 ofb) including desx in cbc mode, a fast crypt(3), and
-                 routines to read passwords from the keyboard.
+        libdes - EAY's libdes DES encryption package which was floating
+                 around the net for a few years, and was then relicensed by
+                 him as part of SSLeay.  It includes 15 'modes/variations'
+                 of DES (1, 2 and 3 key versions of ecb, cbc, cfb and ofb;
+                 pcbc and a more general form of cfb and ofb) including desx
+                 in cbc mode, a fast crypt(3), and routines to read
+                 passwords from the keyboard.
         RC4 encryption,
         RC2 encryption      - 4 different modes, ecb, cbc, cfb and ofb.
         Blowfish encryption - 4 different modes, ecb, cbc, cfb and ofb.
@@ -80,16 +81,16 @@
         A simple stack.
         A Configuration loader that uses a format similar to MS .ini files.
 
- openssl: 
+ openssl:
      A command line tool that can be used for:
         Creation of RSA, DH and DSA key parameters
-        Creation of X.509 certificates, CSRs and CRLs 
+        Creation of X.509 certificates, CSRs and CRLs
         Calculation of Message Digests
         Encryption and Decryption with Ciphers
         SSL/TLS Client and Server Tests
         Handling of S/MIME signed or encrypted mail
 
-        
+
  PATENTS
  -------
 
@@ -104,13 +105,17 @@
  licensing conditions. Their web page is http://www.rsasecurity.com/.
 
  RC4 is a trademark of RSA Security, so use of this label should perhaps
- only be used with RSA Security's permission. 
+ only be used with RSA Security's permission.
 
  The IDEA algorithm is patented by Ascom in Austria, France, Germany, Italy,
  Japan, the Netherlands, Spain, Sweden, Switzerland, UK and the USA.  They
  should be contacted if that algorithm is to be used; their web page is
  http://www.ascom.ch/.
 
+ NTT and Mitsubishi have patents and pending patents on the Camellia
+ algorithm, but allow use at no charge without requiring an explicit
+ licensing agreement: http://info.isl.ntt.co.jp/crypt/eng/info/chiteki.html
+
  INSTALLATION
  ------------
 
@@ -129,16 +134,19 @@
  or application author.  We try to collect those in doc/PROBLEMS, with current
  thoughts on how they should be solved in a future of OpenSSL.
 
- SUPPORT 
+ SUPPORT
  -------
 
+ See the OpenSSL website www.openssl.org for details of how to obtain
+ commercial technical support.
+
  If you have any problems with OpenSSL then please take the following steps
  first:
 
     - Download the current snapshot from ftp://ftp.openssl.org/snapshot/
       to see if the problem has already been addressed
     - Remove ASM versions of libraries
-    - Remove compiler optimisation flags 
+    - Remove compiler optimisation flags
 
  If you wish to report a bug then please include the following information in
  any bug report:
@@ -154,10 +162,14 @@
     - Stack Traceback (if the application dumps core)
 
  Report the bug to the OpenSSL project via the Request Tracker
- (http://www.openssl.org/rt2.html) by mail to:
+ (http://www.openssl.org/support/rt.html) by mail to:
 
     openssl-bugs@openssl.org
 
+ Note that the request tracker should NOT be used for general assistance
+ or support queries. Just because something doesn't work the way you expect
+ does not mean it is necessarily a bug in OpenSSL.
+
  Note that mail to openssl-bugs@openssl.org is recorded in the publicly
  readable request tracker database and is forwarded to a public
  mailing list. Confidential mail may be sent to openssl-security@openssl.org
@@ -168,10 +180,22 @@
 
  Development is coordinated on the openssl-dev mailing list (see
  http://www.openssl.org for information on subscribing). If you
- would like to submit a patch, send it to openssl-dev@openssl.org with
+ would like to submit a patch, send it to openssl-bugs@openssl.org with
  the string "[PATCH]" in the subject. Please be sure to include a
  textual explanation of what your patch does.
 
+ If you are unsure as to whether a feature will be useful for the general
+ OpenSSL community please discuss it on the openssl-dev mailing list first.
+ Someone may be already working on the same thing or there may be a good
+ reason as to why that feature isn't implemented.
+
+ Patches should be as up to date as possible, preferably relative to the
+ current CVS or the last snapshot. They should follow the coding style of
+ OpenSSL and compile without warnings. Some of the core team developer targets
+ can be used for testing purposes, (debug-steve64, debug-geoff etc). OpenSSL
+ compiles on many varied platforms: try to ensure you only use portable
+ features.
+
  Note: For legal reasons, contributions from the US can be accepted only
  if a TSU notification and a copy of the patch are sent to crypt@bis.doc.gov
  (formerly BXA) with a copy to the ENC Encryption Request Coordinator;
diff --git a/STATUS b/STATUS
index 10e3a8dd16..85615e313d 100644
--- a/STATUS
+++ b/STATUS
@@ -1,12 +1,37 @@
 
   OpenSSL STATUS                           Last modified at
-  ______________                           $Date: 2003/04/04 15:17:19 $
+  ______________                           $Date: 2010/01/27 11:14:44 $
 
   DEVELOPMENT STATE
 
-    o  OpenSSL 0.9.8:  Under development...
+    o  OpenSSL 1.0.0-beta1: Released on April 1st, 2009
+    o  OpenSSL 0.9.8h: Released on May       28th, 2008
+    o  OpenSSL 0.9.8g: Released on October   19th, 2007
+    o  OpenSSL 0.9.8f: Released on October   11th, 2007
+    o  OpenSSL 0.9.8e: Released on February  23rd, 2007
+    o  OpenSSL 0.9.8d: Released on September 28th, 2006
+    o  OpenSSL 0.9.8c: Released on September  5th, 2006
+    o  OpenSSL 0.9.8b: Released on May        4th, 2006
+    o  OpenSSL 0.9.8a: Released on October   11th, 2005
+    o  OpenSSL 0.9.8:  Released on July       5th, 2005
+    o  OpenSSL 0.9.7m: Released on February  23rd, 2007
+    o  OpenSSL 0.9.7l: Released on September 28th, 2006
+    o  OpenSSL 0.9.7k: Released on September  5th, 2006
+    o  OpenSSL 0.9.7j: Released on May        4th, 2006
+    o  OpenSSL 0.9.7i: Released on October   14th, 2005
+    o  OpenSSL 0.9.7h: Released on October   11th, 2005
+    o  OpenSSL 0.9.7g: Released on April     11th, 2005
+    o  OpenSSL 0.9.7f: Released on March     22nd, 2005
+    o  OpenSSL 0.9.7e: Released on October   25th, 2004
+    o  OpenSSL 0.9.7d: Released on March     17th, 2004
+    o  OpenSSL 0.9.7c: Released on September 30th, 2003
+    o  OpenSSL 0.9.7b: Released on April     10th, 2003
     o  OpenSSL 0.9.7a: Released on February  19th, 2003
     o  OpenSSL 0.9.7:  Released on December  31st, 2002
+    o  OpenSSL 0.9.6m: Released on March     17th, 2004
+    o  OpenSSL 0.9.6l: Released on November   4th, 2003
+    o  OpenSSL 0.9.6k: Released on September 30th, 2003
+    o  OpenSSL 0.9.6j: Released on April     10th, 2003
     o  OpenSSL 0.9.6i: Released on February  19th, 2003
     o  OpenSSL 0.9.6h: Released on December   5th, 2002
     o  OpenSSL 0.9.6g: Released on August     9th, 2002
@@ -25,10 +50,11 @@
     o  OpenSSL 0.9.2b: Released on March     22th, 1999
     o  OpenSSL 0.9.1c: Released on December  23th, 1998
 
-  [See also http://www.openssl.org/support/rt2.html]
+  [See also http://www.openssl.org/support/rt.html]
 
   RELEASE SHOWSTOPPERS
 
+    o The Makefiles fail with some SysV makes.
     o 
 
   AVAILABLE PATCHES
@@ -45,16 +71,8 @@
 	Private key, certificate and CRL API and implementation.
 	Developing and bugfixing PKCS#7 (S/MIME code).
         Various X509 issues: character sets, certificate request extensions.
-    o Geoff and Richard are currently working on:
-	ENGINE (the new code that gives hardware support among others).
     o Richard is currently working on:
-	UI (User Interface)
-	UTIL (a new set of library functions to support some higher level
-	      functionality that is currently missing).
-	Shared library support for VMS.
-	Kerberos 5 authentication (Heimdal)
 	Constification
-	Compression
 	Attribute Certificate support
 	Certificate Pair support
 	Storage Engines (primarly an LDAP storage engine)
diff --git a/TABLE b/TABLE
index a3f6f94213..f764f8d6cf 100644
--- a/TABLE
+++ b/TABLE
@@ -1,32 +1,5 @@
 Output of `Configure TABLE':
 
-*** BC-16
-$cc           = bcc
-$cflags       = 
-$unistd       = 
-$thread_cflag = (unknown)
-$sys_id       = WIN16
-$lflags       = 
-$bn_ops       = BN_LLONG DES_PTR RC4_INDEX SIXTEEN_BIT
-$cpuid_obj    = 
-$bn_obj       = 
-$des_obj      = 
-$aes_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-$shared_ldflag = 
-$shared_extension = 
-$ranlib       = 
-$arflags      = 
-
 *** BC-32
 $cc           = bcc32
 $cflags       = 
@@ -46,6 +19,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = void
 $dso_scheme   = win32
 $shared_target= 
 $shared_cflag = 
@@ -53,6 +29,7 @@ $shared_ldflag =
 $shared_extension = 
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** BS2000-OSD
 $cc           = c89
@@ -73,6 +50,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = 
 $dso_scheme   = 
 $shared_target= 
 $shared_cflag = 
@@ -80,6 +60,7 @@ $shared_ldflag =
 $shared_extension = 
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** BSD-generic32
 $cc           = gcc
@@ -100,6 +81,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = void
 $dso_scheme   = dlfcn
 $shared_target= bsd-gcc-shared
 $shared_cflag = -fPIC
@@ -107,6 +91,7 @@ $shared_ldflag =
 $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** BSD-generic64
 $cc           = gcc
@@ -127,6 +112,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = void
 $dso_scheme   = dlfcn
 $shared_target= bsd-gcc-shared
 $shared_cflag = -fPIC
@@ -134,6 +122,7 @@ $shared_ldflag =
 $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** BSD-ia64
 $cc           = gcc
@@ -142,18 +131,21 @@ $unistd       =
 $thread_cflag = -pthread -D_THREAD_SAFE -D_REENTRANT
 $sys_id       = 
 $lflags       = 
-$bn_ops       = SIXTY_FOUR_BIT_LONG RC4_CHUNK
-$cpuid_obj    = 
-$bn_obj       = ia64.o
+$bn_ops       = SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_INT
+$cpuid_obj    = ia64cpuid.o
+$bn_obj       = bn-ia64.o ia64-mont.o
 $des_obj      = 
 $aes_obj      = aes_core.o aes_cbc.o aes-ia64.o
 $bf_obj       = 
-$md5_obj      = 
+$md5_obj      = md5-ia64.o
 $sha1_obj     = sha1-ia64.o sha256-ia64.o sha512-ia64.o
 $cast_obj     = 
-$rc4_obj      = rc4-ia64.o
+$rc4_obj      = rc4-ia64.o rc4_skey.o
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = void
 $dso_scheme   = dlfcn
 $shared_target= bsd-gcc-shared
 $shared_cflag = -fPIC
@@ -161,6 +153,7 @@ $shared_ldflag =
 $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** BSD-sparc64
 $cc           = gcc
@@ -169,18 +162,21 @@ $unistd       =
 $thread_cflag = -pthread -D_THREAD_SAFE -D_REENTRANT
 $sys_id       = 
 $lflags       = 
-$bn_ops       = SIXTY_FOUR_BIT_LONG RC2_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC2 BF_PTR
-$cpuid_obj    = 
-$bn_obj       = 
+$bn_ops       = BN_LLONG RC2_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC2 BF_PTR
+$cpuid_obj    = sparcv9cap.o sparccpuid.o
+$bn_obj       = bn-sparcv9.o sparcv9-mont.o sparcv9a-mont.o
 $des_obj      = des_enc-sparc.o fcrypt_b.o
-$aes_obj      = 
+$aes_obj      = aes_core.o aes_cbc.o aes-sparcv9.o
 $bf_obj       = 
-$md5_obj      = md5-sparcv9.o
-$sha1_obj     = 
+$md5_obj      = 
+$sha1_obj     = sha1-sparcv9.o sha256-sparcv9.o sha512-sparcv9.o
 $cast_obj     = 
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = void
 $dso_scheme   = dlfcn
 $shared_target= bsd-gcc-shared
 $shared_cflag = -fPIC
@@ -188,6 +184,7 @@ $shared_ldflag =
 $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** BSD-sparcv8
 $cc           = gcc
@@ -208,6 +205,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = void
 $dso_scheme   = dlfcn
 $shared_target= bsd-gcc-shared
 $shared_cflag = -fPIC
@@ -215,6 +215,7 @@ $shared_ldflag =
 $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** BSD-x86
 $cc           = gcc
@@ -224,17 +225,20 @@ $thread_cflag = -pthread -D_THREAD_SAFE -D_REENTRANT
 $sys_id       = 
 $lflags       = 
 $bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$cpuid_obj    = x86cpuid-out.o
-$bn_obj       = bn86-out.o co86-out.o
-$des_obj      = dx86-out.o yx86-out.o
-$aes_obj      = ax86-out.o
-$bf_obj       = bx86-out.o
-$md5_obj      = mx86-out.o
-$sha1_obj     = sx86-out.o s512sse2-out.o
-$cast_obj     = cx86-out.o
-$rc4_obj      = rx86-out.o
-$rmd160_obj   = rm86-out.o
-$rc5_obj      = r586-out.o
+$cpuid_obj    = x86cpuid.o
+$bn_obj       = bn-586.o co-586.o x86-mont.o
+$des_obj      = des-586.o crypt586.o
+$aes_obj      = aes-586.o aesni-x86.o
+$bf_obj       = bf-586.o
+$md5_obj      = md5-586.o
+$sha1_obj     = sha1-586.o sha256-586.o sha512-586.o
+$cast_obj     = cast-586.o
+$rc4_obj      = rc4-586.o
+$rmd160_obj   = rmd-586.o
+$rc5_obj      = rc5-586.o
+$wp_obj       = wp_block.o wp-mmx.o
+$cmll_obj     = cmll-x86.o
+$perlasm_scheme = a.out
 $dso_scheme   = dlfcn
 $shared_target= bsd-shared
 $shared_cflag = -fPIC
@@ -242,6 +246,7 @@ $shared_ldflag =
 $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** BSD-x86-elf
 $cc           = gcc
@@ -251,17 +256,20 @@ $thread_cflag = -pthread -D_THREAD_SAFE -D_REENTRANT
 $sys_id       = 
 $lflags       = 
 $bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$cpuid_obj    = x86cpuid-elf.o
-$bn_obj       = bn86-elf.o co86-elf.o
-$des_obj      = dx86-elf.o yx86-elf.o
-$aes_obj      = ax86-elf.o
-$bf_obj       = bx86-elf.o
-$md5_obj      = mx86-elf.o
-$sha1_obj     = sx86-elf.o s512sse2-elf.o
-$cast_obj     = cx86-elf.o
-$rc4_obj      = rx86-elf.o
-$rmd160_obj   = rm86-elf.o
-$rc5_obj      = r586-elf.o
+$cpuid_obj    = x86cpuid.o
+$bn_obj       = bn-586.o co-586.o x86-mont.o
+$des_obj      = des-586.o crypt586.o
+$aes_obj      = aes-586.o aesni-x86.o
+$bf_obj       = bf-586.o
+$md5_obj      = md5-586.o
+$sha1_obj     = sha1-586.o sha256-586.o sha512-586.o
+$cast_obj     = cast-586.o
+$rc4_obj      = rc4-586.o
+$rmd160_obj   = rmd-586.o
+$rc5_obj      = rc5-586.o
+$wp_obj       = wp_block.o wp-mmx.o
+$cmll_obj     = cmll-x86.o
+$perlasm_scheme = elf
 $dso_scheme   = dlfcn
 $shared_target= bsd-shared
 $shared_cflag = -fPIC
@@ -269,6 +277,7 @@ $shared_ldflag =
 $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** BSD-x86_64
 $cc           = gcc
@@ -278,17 +287,20 @@ $thread_cflag = -pthread -D_THREAD_SAFE -D_REENTRANT
 $sys_id       = 
 $lflags       = 
 $bn_ops       = SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL
-$cpuid_obj    = amd64cpuid.o
-$bn_obj       = x86_64-gcc.o
+$cpuid_obj    = x86_64cpuid.o
+$bn_obj       = x86_64-gcc.o x86_64-mont.o
 $des_obj      = 
-$aes_obj      = 
+$aes_obj      = aes-x86_64.o aesni-x86_64.o
 $bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
+$md5_obj      = md5-x86_64.o
+$sha1_obj     = sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o
 $cast_obj     = 
-$rc4_obj      = rc4-amd64.o
+$rc4_obj      = rc4-x86_64.o
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = wp-x86_64.o
+$cmll_obj     = cmll-x86_64.o cmll_misc.o
+$perlasm_scheme = elf
 $dso_scheme   = dlfcn
 $shared_target= bsd-gcc-shared
 $shared_cflag = -fPIC
@@ -296,6 +308,7 @@ $shared_ldflag =
 $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** Cygwin
 $cc           = gcc
@@ -305,24 +318,28 @@ $thread_cflag =
 $sys_id       = CYGWIN32
 $lflags       = 
 $bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$cpuid_obj    = x86cpuid-cof.o
-$bn_obj       = bn86-cof.o co86-cof.o
-$des_obj      = dx86-cof.o yx86-cof.o
-$aes_obj      = ax86-cof.o
-$bf_obj       = bx86-cof.o
-$md5_obj      = mx86-cof.o
-$sha1_obj     = sx86-cof.o s512sse2-cof.o
-$cast_obj     = cx86-cof.o
-$rc4_obj      = rx86-cof.o
-$rmd160_obj   = /rm86-cof.o
-$rc5_obj      = r586-cof.o
-$dso_scheme   = win32
+$cpuid_obj    = x86cpuid.o
+$bn_obj       = bn-586.o co-586.o x86-mont.o
+$des_obj      = des-586.o crypt586.o
+$aes_obj      = aes-586.o aesni-x86.o
+$bf_obj       = bf-586.o
+$md5_obj      = md5-586.o
+$sha1_obj     = sha1-586.o sha256-586.o sha512-586.o
+$cast_obj     = cast-586.o
+$rc4_obj      = rc4-586.o
+$rmd160_obj   = rmd-586.o
+$rc5_obj      = rc5-586.o
+$wp_obj       = wp_block.o wp-mmx.o
+$cmll_obj     = cmll-x86.o
+$perlasm_scheme = coff
+$dso_scheme   = dlfcn
 $shared_target= cygwin-shared
-$shared_cflag = -D_DLL
+$shared_cflag = -D_WINDLL
 $shared_ldflag = -shared
-$shared_extension = .dll
+$shared_extension = .dll.a
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** Cygwin-pre1.3
 $cc           = gcc
@@ -343,6 +360,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = void
 $dso_scheme   = win32
 $shared_target= 
 $shared_cflag = 
@@ -350,26 +370,30 @@ $shared_ldflag =
 $shared_extension = 
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** DJGPP
 $cc           = gcc
-$cflags       = -I/dev/env/WATT_ROOT/inc -DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O2 -Wall -DDEVRANDOM="/dev/urandom\x24"
+$cflags       = -I/dev/env/WATT_ROOT/inc -DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O2 -Wall
 $unistd       = 
 $thread_cflag = 
 $sys_id       = MSDOS
 $lflags       = -L/dev/env/WATT_ROOT/lib -lwatt
 $bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$cpuid_obj    = x86cpuid-out.o
-$bn_obj       = bn86-out.o co86-out.o
-$des_obj      = dx86-out.o yx86-out.o
-$aes_obj      = ax86-out.o
-$bf_obj       = bx86-out.o
-$md5_obj      = mx86-out.o
-$sha1_obj     = sx86-out.o s512sse2-out.o
-$cast_obj     = cx86-out.o
-$rc4_obj      = rx86-out.o
-$rmd160_obj   = rm86-out.o
-$rc5_obj      = r586-out.o
+$cpuid_obj    = x86cpuid.o
+$bn_obj       = bn-586.o co-586.o x86-mont.o
+$des_obj      = des-586.o crypt586.o
+$aes_obj      = aes-586.o aesni-x86.o
+$bf_obj       = bf-586.o
+$md5_obj      = md5-586.o
+$sha1_obj     = sha1-586.o sha256-586.o sha512-586.o
+$cast_obj     = cast-586.o
+$rc4_obj      = rc4-586.o
+$rmd160_obj   = rmd-586.o
+$rc5_obj      = rc5-586.o
+$wp_obj       = wp_block.o wp-mmx.o
+$cmll_obj     = cmll-x86.o
+$perlasm_scheme = a.out
 $dso_scheme   = 
 $shared_target= 
 $shared_cflag = 
@@ -377,6 +401,7 @@ $shared_ldflag =
 $shared_extension = 
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** MPE/iX-gcc
 $cc           = gcc
@@ -397,6 +422,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = 
 $dso_scheme   = 
 $shared_target= 
 $shared_cflag = 
@@ -404,6 +432,7 @@ $shared_ldflag =
 $shared_extension = 
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** OS2-EMX
 $cc           = gcc
@@ -424,6 +453,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = 
 $dso_scheme   = 
 $shared_target= 
 $shared_cflag = 
@@ -431,6 +463,7 @@ $shared_ldflag =
 $shared_extension = 
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** OS390-Unix
 $cc           = c89.sh
@@ -451,6 +484,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = 
 $dso_scheme   = 
 $shared_target= 
 $shared_cflag = 
@@ -458,60 +494,69 @@ $shared_ldflag =
 $shared_extension = 
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
-*** OpenUNIX-8
-$cc           = cc
-$cflags       = -O -DFILIO_H -Kalloca
+*** QNX6
+$cc           = gcc
+$cflags       = -DTERMIOS
 $unistd       = 
-$thread_cflag = -Kthread
+$thread_cflag = 
 $sys_id       = 
-$lflags       = -lsocket -lnsl
-$bn_ops       = BN_LLONG MD2_CHAR RC4_INDEX DES_PTR DES_RISC1 DES_UNROLL
-$cpuid_obj    = x86cpuid-elf.o
-$bn_obj       = bn86-elf.o co86-elf.o
-$des_obj      = dx86-elf.o yx86-elf.o
-$aes_obj      = ax86-elf.o
-$bf_obj       = bx86-elf.o
-$md5_obj      = mx86-elf.o
-$sha1_obj     = sx86-elf.o s512sse2-elf.o
-$cast_obj     = cx86-elf.o
-$rc4_obj      = rx86-elf.o
-$rmd160_obj   = rm86-elf.o
-$rc5_obj      = r586-elf.o
+$lflags       = -lsocket
+$bn_ops       = 
+$cpuid_obj    = 
+$bn_obj       = 
+$des_obj      = 
+$aes_obj      = 
+$bf_obj       = 
+$md5_obj      = 
+$sha1_obj     = 
+$cast_obj     = 
+$rc4_obj      = 
+$rmd160_obj   = 
+$rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = void
 $dso_scheme   = dlfcn
-$shared_target= svr5-shared
-$shared_cflag = -Kpic
+$shared_target= bsd-gcc-shared
+$shared_cflag = -fPIC
 $shared_ldflag = 
 $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
-*** OpenUNIX-8-gcc
+*** QNX6-i386
 $cc           = gcc
-$cflags       = -O -DFILIO_H -fomit-frame-pointer
+$cflags       = -DL_ENDIAN -DTERMIOS -O2 -Wall
 $unistd       = 
-$thread_cflag = -pthread
+$thread_cflag = 
 $sys_id       = 
-$lflags       = -lsocket -lnsl
-$bn_ops       = BN_LLONG MD2_CHAR RC4_INDEX DES_PTR DES_RISC1 DES_UNROLL
-$cpuid_obj    = x86cpuid-elf.o
-$bn_obj       = bn86-elf.o co86-elf.o
-$des_obj      = dx86-elf.o yx86-elf.o
-$aes_obj      = ax86-elf.o
-$bf_obj       = bx86-elf.o
-$md5_obj      = mx86-elf.o
-$sha1_obj     = sx86-elf.o s512sse2-elf.o
-$cast_obj     = cx86-elf.o
-$rc4_obj      = rx86-elf.o
-$rmd160_obj   = rm86-elf.o
-$rc5_obj      = r586-elf.o
+$lflags       = -lsocket
+$bn_ops       = DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
+$cpuid_obj    = x86cpuid.o
+$bn_obj       = bn-586.o co-586.o x86-mont.o
+$des_obj      = des-586.o crypt586.o
+$aes_obj      = aes-586.o aesni-x86.o
+$bf_obj       = bf-586.o
+$md5_obj      = md5-586.o
+$sha1_obj     = sha1-586.o sha256-586.o sha512-586.o
+$cast_obj     = cast-586.o
+$rc4_obj      = rc4-586.o
+$rmd160_obj   = rmd-586.o
+$rc5_obj      = rc5-586.o
+$wp_obj       = wp_block.o wp-mmx.o
+$cmll_obj     = cmll-x86.o
+$perlasm_scheme = elf
 $dso_scheme   = dlfcn
-$shared_target= svr5-shared
+$shared_target= bsd-gcc-shared
 $shared_cflag = -fPIC
 $shared_ldflag = 
 $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** ReliantUNIX
 $cc           = cc
@@ -532,6 +577,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = void
 $dso_scheme   = dlfcn
 $shared_target= reliantunix-shared
 $shared_cflag = 
@@ -539,6 +587,7 @@ $shared_ldflag =
 $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** SINIX
 $cc           = cc
@@ -559,6 +608,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = 
 $dso_scheme   = 
 $shared_target= 
 $shared_cflag = 
@@ -566,6 +618,7 @@ $shared_ldflag =
 $shared_extension = 
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** SINIX-N
 $cc           = /usr/ucb/cc
@@ -586,6 +639,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = 
 $dso_scheme   = 
 $shared_target= 
 $shared_cflag = 
@@ -593,6 +649,7 @@ $shared_ldflag =
 $shared_extension = 
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** UWIN
 $cc           = cc
@@ -613,6 +670,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = void
 $dso_scheme   = win32
 $shared_target= 
 $shared_cflag = 
@@ -620,6 +680,7 @@ $shared_ldflag =
 $shared_extension = 
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** VC-CE
 $cc           = cl
@@ -640,6 +701,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = void
 $dso_scheme   = win32
 $shared_target= 
 $shared_cflag = 
@@ -647,161 +711,30 @@ $shared_ldflag =
 $shared_extension = 
 $ranlib       = 
 $arflags      = 
-
-*** VC-MSDOS
-$cc           = cl
-$cflags       = 
-$unistd       = 
-$thread_cflag = (unknown)
-$sys_id       = MSDOS
-$lflags       = 
-$bn_ops       = BN_LLONG MD2_CHAR DES_UNROLL DES_PTR RC4_INDEX SIXTEEN_BIT
-$cpuid_obj    = 
-$bn_obj       = 
-$des_obj      = 
-$aes_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-$shared_ldflag = 
-$shared_extension = 
-$ranlib       = 
-$arflags      = 
-
-*** VC-NT
-$cc           = cl
-$cflags       = 
-$unistd       = 
-$thread_cflag = 
-$sys_id       = WINNT
-$lflags       = 
-$bn_ops       = BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN RC4_INDEX MD2_INT
-$cpuid_obj    = 
-$bn_obj       = 
-$des_obj      = 
-$aes_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = win32
-$shared_target= 
-$shared_cflag = 
-$shared_ldflag = 
-$shared_extension = 
-$ranlib       = 
-$arflags      = 
-
-*** VC-W31-16
-$cc           = cl
-$cflags       = 
-$unistd       = 
-$thread_cflag = (unknown)
-$sys_id       = WIN16
-$lflags       = 
-$bn_ops       = BN_LLONG MD2_CHAR DES_UNROLL DES_PTR RC4_INDEX SIXTEEN_BIT
-$cpuid_obj    = 
-$bn_obj       = 
-$des_obj      = 
-$aes_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-$shared_ldflag = 
-$shared_extension = 
-$ranlib       = 
-$arflags      = 
-
-*** VC-W31-32
-$cc           = cl
-$cflags       = 
-$unistd       = 
-$thread_cflag = 
-$sys_id       = WIN16
-$lflags       = 
-$bn_ops       = BN_LLONG MD2_CHAR DES_UNROLL DES_PTR RC4_INDEX THIRTY_TWO_BIT
-$cpuid_obj    = 
-$bn_obj       = 
-$des_obj      = 
-$aes_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-$shared_ldflag = 
-$shared_extension = 
-$ranlib       = 
-$arflags      = 
-
-*** VC-WIN16
-$cc           = cl
-$cflags       = 
-$unistd       = 
-$thread_cflag = (unknown)
-$sys_id       = WIN16
-$lflags       = 
-$bn_ops       = MD2_CHAR DES_UNROLL DES_PTR RC4_INDEX THIRTY_TWO_BIT
-$cpuid_obj    = 
-$bn_obj       = 
-$des_obj      = 
-$aes_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-$shared_ldflag = 
-$shared_extension = 
-$ranlib       = 
-$arflags      = 
+$multilib     = 
 
 *** VC-WIN32
 $cc           = cl
-$cflags       = 
+$cflags       = -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE
 $unistd       = 
 $thread_cflag = 
 $sys_id       = WIN32
 $lflags       = 
 $bn_ops       = BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN RC4_INDEX MD2_INT
-$cpuid_obj    = 
-$bn_obj       = 
-$des_obj      = 
-$aes_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
+$cpuid_obj    = x86cpuid.o
+$bn_obj       = bn-586.o co-586.o x86-mont.o
+$des_obj      = des-586.o crypt586.o
+$aes_obj      = aes-586.o aesni-x86.o
+$bf_obj       = bf-586.o
+$md5_obj      = md5-586.o
+$sha1_obj     = sha1-586.o sha256-586.o sha512-586.o
+$cast_obj     = cast-586.o
+$rc4_obj      = rc4-586.o
+$rmd160_obj   = rmd-586.o
+$rc5_obj      = rc5-586.o
+$wp_obj       = wp_block.o wp-mmx.o
+$cmll_obj     = cmll-x86.o
+$perlasm_scheme = win32n
 $dso_scheme   = win32
 $shared_target= 
 $shared_cflag = 
@@ -809,26 +742,30 @@ $shared_ldflag =
 $shared_extension = 
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** VC-WIN64A
 $cc           = cl
-$cflags       = 
+$cflags       = -W3 -Gs0 -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DUNICODE -D_UNICODE -D_CRT_SECURE_NO_DEPRECATE
 $unistd       = 
 $thread_cflag = 
 $sys_id       = WIN64A
 $lflags       = 
-$bn_ops       = SIXTY_FOUR_BIT EXPORT_VAR_AS_FN
-$cpuid_obj    = 
-$bn_obj       = 
+$bn_ops       = SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN
+$cpuid_obj    = x86_64cpuid.o
+$bn_obj       = bn_asm.o x86_64-mont.o
 $des_obj      = 
-$aes_obj      = 
+$aes_obj      = aes-x86_64.o aesni-x86_64.o
 $bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
+$md5_obj      = md5-x86_64.o
+$sha1_obj     = sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o
 $cast_obj     = 
-$rc4_obj      = 
+$rc4_obj      = rc4-x86_64.o
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = wp-x86_64.o
+$cmll_obj     = cmll-x86_64.o cmll_misc.o
+$perlasm_scheme = auto
 $dso_scheme   = win32
 $shared_target= 
 $shared_cflag = 
@@ -836,26 +773,30 @@ $shared_ldflag =
 $shared_extension = 
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** VC-WIN64I
 $cc           = cl
-$cflags       = 
+$cflags       = -W3 -Gs0 -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DUNICODE -D_UNICODE -D_CRT_SECURE_NO_DEPRECATE
 $unistd       = 
 $thread_cflag = 
 $sys_id       = WIN64I
 $lflags       = 
-$bn_ops       = SIXTY_FOUR_BIT EXPORT_VAR_AS_FN
-$cpuid_obj    = 
-$bn_obj       = 
+$bn_ops       = SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN
+$cpuid_obj    = ia64cpuid.o
+$bn_obj       = ia64.o ia64-mont.o
 $des_obj      = 
-$aes_obj      = 
+$aes_obj      = aes_core.o aes_cbc.o aes-ia64.o
 $bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
+$md5_obj      = md5-ia64.o
+$sha1_obj     = sha1-ia64.o sha256-ia64.o sha512-ia64.o
 $cast_obj     = 
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = ias
 $dso_scheme   = win32
 $shared_target= 
 $shared_cflag = 
@@ -863,60 +804,69 @@ $shared_ldflag =
 $shared_extension = 
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** aix-cc
 $cc           = cc
-$cflags       = -q32 -O -DB_ENDIAN -qmaxmem=16384
+$cflags       = -q32 -O -DB_ENDIAN -qmaxmem=16384 -qro -qroconst
 $unistd       = 
 $thread_cflag = -qthreaded
 $sys_id       = AIX
 $lflags       = 
 $bn_ops       = BN_LLONG RC4_CHAR
-$cpuid_obj    = 
-$bn_obj       = aix_ppc32.o
+$cpuid_obj    = ppccpuid.o ppccap.o
+$bn_obj       = bn-ppc.o ppc-mont.o ppc64-mont.o
 $des_obj      = 
-$aes_obj      = 
+$aes_obj      = aes_core.o aes_cbc.o aes-ppc.o
 $bf_obj       = 
 $md5_obj      = 
-$sha1_obj     = 
+$sha1_obj     = sha1-ppc.o sha256-ppc.o
 $cast_obj     = 
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = aix32
 $dso_scheme   = dlfcn
 $shared_target= aix-shared
 $shared_cflag = 
-$shared_ldflag = -q32
+$shared_ldflag = -q32 -G
 $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = -X 32
+$multilib     = 
 
 *** aix-gcc
 $cc           = gcc
 $cflags       = -O -DB_ENDIAN
 $unistd       = 
-$thread_cflag = -D_THREAD_SAFE
+$thread_cflag = -pthread
 $sys_id       = AIX
 $lflags       = 
 $bn_ops       = BN_LLONG RC4_CHAR
-$cpuid_obj    = 
-$bn_obj       = aix_ppc32.o
+$cpuid_obj    = ppccpuid.o ppccap.o
+$bn_obj       = bn-ppc.o ppc-mont.o ppc64-mont.o
 $des_obj      = 
-$aes_obj      = 
+$aes_obj      = aes_core.o aes_cbc.o aes-ppc.o
 $bf_obj       = 
 $md5_obj      = 
-$sha1_obj     = 
+$sha1_obj     = sha1-ppc.o sha256-ppc.o
 $cast_obj     = 
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = aix32
 $dso_scheme   = dlfcn
-$shared_target= 
+$shared_target= aix-shared
 $shared_cflag = 
-$shared_ldflag = 
-$shared_extension = 
+$shared_ldflag = -shared -Wl,-G
+$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
-$arflags      = 
+$arflags      = -X32
+$multilib     = 
 
 *** aix3-cc
 $cc           = cc
@@ -937,6 +887,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = 
 $dso_scheme   = 
 $shared_target= 
 $shared_cflag = 
@@ -944,60 +897,69 @@ $shared_ldflag =
 $shared_extension = 
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** aix64-cc
 $cc           = cc
-$cflags       = -q64 -O -DB_ENDIAN -qmaxmem=16384
+$cflags       = -q64 -O -DB_ENDIAN -qmaxmem=16384 -qro -qroconst
 $unistd       = 
-$thread_cflag = (unknown)
+$thread_cflag = -qthreaded
 $sys_id       = AIX
 $lflags       = 
 $bn_ops       = SIXTY_FOUR_BIT_LONG RC4_CHAR
-$cpuid_obj    = 
-$bn_obj       = aix_ppc64.o
+$cpuid_obj    = ppccpuid.o ppccap.o
+$bn_obj       = bn-ppc.o ppc-mont.o ppc64-mont.o
 $des_obj      = 
-$aes_obj      = 
+$aes_obj      = aes_core.o aes_cbc.o aes-ppc.o
 $bf_obj       = 
 $md5_obj      = 
-$sha1_obj     = 
+$sha1_obj     = sha1-ppc.o sha256-ppc.o sha512-ppc.o
 $cast_obj     = 
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = aix64
 $dso_scheme   = dlfcn
 $shared_target= aix-shared
 $shared_cflag = 
-$shared_ldflag = -q64
+$shared_ldflag = -q64 -G
 $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = -X 64
+$multilib     = 
 
-*** alpha-cc-rpath
-$cc           = cc
-$cflags       = -std1 -tune host -fast -readonly_strings
+*** aix64-gcc
+$cc           = gcc
+$cflags       = -maix64 -O -DB_ENDIAN
 $unistd       = 
 $thread_cflag = -pthread
-$sys_id       = 
+$sys_id       = AIX
 $lflags       = 
-$bn_ops       = SIXTY_FOUR_BIT_LONG RC4_CHUNK
-$cpuid_obj    = 
-$bn_obj       = 
+$bn_ops       = SIXTY_FOUR_BIT_LONG RC4_CHAR
+$cpuid_obj    = ppccpuid.o ppccap.o
+$bn_obj       = bn-ppc.o ppc-mont.o ppc64-mont.o
 $des_obj      = 
-$aes_obj      = 
+$aes_obj      = aes_core.o aes_cbc.o aes-ppc.o
 $bf_obj       = 
 $md5_obj      = 
-$sha1_obj     = 
+$sha1_obj     = sha1-ppc.o sha256-ppc.o sha512-ppc.o
 $cast_obj     = 
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = aix64
 $dso_scheme   = dlfcn
-$shared_target= tru64-shared-rpath
+$shared_target= aix-shared
 $shared_cflag = 
-$shared_ldflag = 
-$shared_extension = .so
+$shared_ldflag = -maix64 -shared -Wl,-G
+$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
-$arflags      = 
+$arflags      = -X64
+$multilib     = 
 
 *** aux3-gcc
 $cc           = gcc
@@ -1018,6 +980,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = 
 $dso_scheme   = 
 $shared_target= 
 $shared_cflag = 
@@ -1025,26 +990,92 @@ $shared_ldflag =
 $shared_extension = 
 $ranlib       = 
 $arflags      = 
+$multilib     = 
+
+*** beos-x86-bone
+$cc           = gcc
+$cflags       = -DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -mcpu=pentium -Wall
+$unistd       = 
+$thread_cflag = -D_REENTRANT
+$sys_id       = BEOS
+$lflags       = -lbe -lbind -lsocket
+$bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
+$cpuid_obj    = x86cpuid.o
+$bn_obj       = bn-586.o co-586.o x86-mont.o
+$des_obj      = des-586.o crypt586.o
+$aes_obj      = aes-586.o aesni-x86.o
+$bf_obj       = bf-586.o
+$md5_obj      = md5-586.o
+$sha1_obj     = sha1-586.o sha256-586.o sha512-586.o
+$cast_obj     = cast-586.o
+$rc4_obj      = rc4-586.o
+$rmd160_obj   = rmd-586.o
+$rc5_obj      = rc5-586.o
+$wp_obj       = wp_block.o wp-mmx.o
+$cmll_obj     = cmll-x86.o
+$perlasm_scheme = elf
+$dso_scheme   = beos
+$shared_target= beos-shared
+$shared_cflag = -fPIC
+$shared_ldflag = -shared
+$shared_extension = .so
+$ranlib       = 
+$arflags      = 
+$multilib     = 
+
+*** beos-x86-r5
+$cc           = gcc
+$cflags       = -DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -mcpu=pentium -Wall
+$unistd       = 
+$thread_cflag = -D_REENTRANT
+$sys_id       = BEOS
+$lflags       = -lbe -lnet
+$bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
+$cpuid_obj    = x86cpuid.o
+$bn_obj       = bn-586.o co-586.o x86-mont.o
+$des_obj      = des-586.o crypt586.o
+$aes_obj      = aes-586.o aesni-x86.o
+$bf_obj       = bf-586.o
+$md5_obj      = md5-586.o
+$sha1_obj     = sha1-586.o sha256-586.o sha512-586.o
+$cast_obj     = cast-586.o
+$rc4_obj      = rc4-586.o
+$rmd160_obj   = rmd-586.o
+$rc5_obj      = rc5-586.o
+$wp_obj       = wp_block.o wp-mmx.o
+$cmll_obj     = cmll-x86.o
+$perlasm_scheme = elf
+$dso_scheme   = beos
+$shared_target= beos-shared
+$shared_cflag = -fPIC -DPIC
+$shared_ldflag = -shared
+$shared_extension = .so
+$ranlib       = 
+$arflags      = 
+$multilib     = 
 
 *** bsdi-elf-gcc
 $cc           = gcc
-$cflags       = -DPERL5 -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall
+$cflags       = -DPERL5 -DL_ENDIAN -fomit-frame-pointer -O3 -march=i486 -Wall
 $unistd       = 
 $thread_cflag = (unknown)
 $sys_id       = 
 $lflags       = -ldl
 $bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$cpuid_obj    = x86cpuid-elf.o
-$bn_obj       = bn86-elf.o co86-elf.o
-$des_obj      = dx86-elf.o yx86-elf.o
-$aes_obj      = ax86-elf.o
-$bf_obj       = bx86-elf.o
-$md5_obj      = mx86-elf.o
-$sha1_obj     = sx86-elf.o s512sse2-elf.o
-$cast_obj     = cx86-elf.o
-$rc4_obj      = rx86-elf.o
-$rmd160_obj   = rm86-elf.o
-$rc5_obj      = r586-elf.o
+$cpuid_obj    = x86cpuid.o
+$bn_obj       = bn-586.o co-586.o x86-mont.o
+$des_obj      = des-586.o crypt586.o
+$aes_obj      = aes-586.o aesni-x86.o
+$bf_obj       = bf-586.o
+$md5_obj      = md5-586.o
+$sha1_obj     = sha1-586.o sha256-586.o sha512-586.o
+$cast_obj     = cast-586.o
+$rc4_obj      = rc4-586.o
+$rmd160_obj   = rmd-586.o
+$rc5_obj      = rc5-586.o
+$wp_obj       = wp_block.o wp-mmx.o
+$cmll_obj     = cmll-x86.o
+$perlasm_scheme = elf
 $dso_scheme   = dlfcn
 $shared_target= bsd-gcc-shared
 $shared_cflag = -fPIC
@@ -1052,6 +1083,7 @@ $shared_ldflag =
 $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** cc
 $cc           = cc
@@ -1072,6 +1104,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = 
 $dso_scheme   = 
 $shared_target= 
 $shared_cflag = 
@@ -1079,6 +1114,7 @@ $shared_ldflag =
 $shared_extension = 
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** cray-j90
 $cc           = cc
@@ -1099,6 +1135,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = 
 $dso_scheme   = 
 $shared_target= 
 $shared_cflag = 
@@ -1106,6 +1145,7 @@ $shared_ldflag =
 $shared_extension = 
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** cray-t3e
 $cc           = cc
@@ -1126,6 +1166,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = 
 $dso_scheme   = 
 $shared_target= 
 $shared_cflag = 
@@ -1133,60 +1176,131 @@ $shared_ldflag =
 $shared_extension = 
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** darwin-i386-cc
 $cc           = cc
-$cflags       = -O3 -fomit-frame-pointer -fno-common -DB_ENDIAN
+$cflags       = -arch i386 -O3 -fomit-frame-pointer -DL_ENDIAN
 $unistd       = 
 $thread_cflag = -D_REENTRANT
 $sys_id       = MACOSX
-$lflags       = 
+$lflags       = -Wl,-search_paths_first%
+$bn_ops       = BN_LLONG RC4_INT RC4_CHUNK DES_UNROLL BF_PTR
+$cpuid_obj    = x86cpuid.o
+$bn_obj       = bn-586.o co-586.o x86-mont.o
+$des_obj      = des-586.o crypt586.o
+$aes_obj      = aes-586.o aesni-x86.o
+$bf_obj       = bf-586.o
+$md5_obj      = md5-586.o
+$sha1_obj     = sha1-586.o sha256-586.o sha512-586.o
+$cast_obj     = cast-586.o
+$rc4_obj      = rc4-586.o
+$rmd160_obj   = rmd-586.o
+$rc5_obj      = rc5-586.o
+$wp_obj       = wp_block.o wp-mmx.o
+$cmll_obj     = cmll-x86.o
+$perlasm_scheme = macosx
+$dso_scheme   = dlfcn
+$shared_target= darwin-shared
+$shared_cflag = -fPIC -fno-common
+$shared_ldflag = -arch i386 -dynamiclib
+$shared_extension = .$(SHLIB_MAJOR).$(SHLIB_MINOR).dylib
+$ranlib       = 
+$arflags      = 
+$multilib     = 
+
+*** darwin-ppc-cc
+$cc           = cc
+$cflags       = -arch ppc -O3 -DB_ENDIAN -Wa,-force_cpusubtype_ALL
+$unistd       = 
+$thread_cflag = -D_REENTRANT
+$sys_id       = MACOSX
+$lflags       = -Wl,-search_paths_first%
 $bn_ops       = BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR
-$cpuid_obj    = 
-$bn_obj       = 
+$cpuid_obj    = ppccpuid.o ppccap.o
+$bn_obj       = bn-ppc.o ppc-mont.o ppc64-mont.o
 $des_obj      = 
-$aes_obj      = 
+$aes_obj      = aes_core.o aes_cbc.o aes-ppc.o
 $bf_obj       = 
 $md5_obj      = 
-$sha1_obj     = 
+$sha1_obj     = sha1-ppc.o sha256-ppc.o
 $cast_obj     = 
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
-$dso_scheme   = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = osx32
+$dso_scheme   = dlfcn
 $shared_target= darwin-shared
-$shared_cflag = -fPIC
-$shared_ldflag = 
+$shared_cflag = -fPIC -fno-common
+$shared_ldflag = -arch ppc -dynamiclib
 $shared_extension = .$(SHLIB_MAJOR).$(SHLIB_MINOR).dylib
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
-*** darwin-ppc-cc
+*** darwin64-ppc-cc
 $cc           = cc
-$cflags       = -O3 -fno-common -DB_ENDIAN
+$cflags       = -arch ppc64 -O3 -DB_ENDIAN
 $unistd       = 
 $thread_cflag = -D_REENTRANT
 $sys_id       = MACOSX
-$lflags       = 
-$bn_ops       = BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR
-$cpuid_obj    = 
-$bn_obj       = osx_ppc32.o
+$lflags       = -Wl,-search_paths_first%
+$bn_ops       = SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR
+$cpuid_obj    = ppccpuid.o ppccap.o
+$bn_obj       = bn-ppc.o ppc-mont.o ppc64-mont.o
 $des_obj      = 
-$aes_obj      = 
+$aes_obj      = aes_core.o aes_cbc.o aes-ppc.o
 $bf_obj       = 
 $md5_obj      = 
-$sha1_obj     = 
+$sha1_obj     = sha1-ppc.o sha256-ppc.o sha512-ppc.o
 $cast_obj     = 
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
-$dso_scheme   = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = osx64
+$dso_scheme   = dlfcn
 $shared_target= darwin-shared
-$shared_cflag = -fPIC
-$shared_ldflag = 
+$shared_cflag = -fPIC -fno-common
+$shared_ldflag = -arch ppc64 -dynamiclib
 $shared_extension = .$(SHLIB_MAJOR).$(SHLIB_MINOR).dylib
 $ranlib       = 
 $arflags      = 
+$multilib     = 
+
+*** darwin64-x86_64-cc
+$cc           = cc
+$cflags       = -arch x86_64 -O3 -DL_ENDIAN -DMD32_REG_T=int -Wall
+$unistd       = 
+$thread_cflag = -D_REENTRANT
+$sys_id       = MACOSX
+$lflags       = -Wl,-search_paths_first%
+$bn_ops       = SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL
+$cpuid_obj    = x86_64cpuid.o
+$bn_obj       = x86_64-gcc.o x86_64-mont.o
+$des_obj      = 
+$aes_obj      = aes-x86_64.o aesni-x86_64.o
+$bf_obj       = 
+$md5_obj      = md5-x86_64.o
+$sha1_obj     = sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o
+$cast_obj     = 
+$rc4_obj      = rc4-x86_64.o
+$rmd160_obj   = 
+$rc5_obj      = 
+$wp_obj       = wp-x86_64.o
+$cmll_obj     = cmll-x86_64.o cmll_misc.o
+$perlasm_scheme = macosx
+$dso_scheme   = dlfcn
+$shared_target= darwin-shared
+$shared_cflag = -fPIC -fno-common
+$shared_ldflag = -arch x86_64 -dynamiclib
+$shared_extension = .$(SHLIB_MAJOR).$(SHLIB_MINOR).dylib
+$ranlib       = 
+$arflags      = 
+$multilib     = 
 
 *** debug
 $cc           = gcc
@@ -1207,6 +1321,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = 
 $dso_scheme   = 
 $shared_target= 
 $shared_cflag = 
@@ -1214,6 +1331,38 @@ $shared_ldflag =
 $shared_extension = 
 $ranlib       = 
 $arflags      = 
+$multilib     = 
+
+*** debug-BSD-x86-elf
+$cc           = gcc
+$cflags       = -DL_ENDIAN -DTERMIOS -O3 -Wall -g
+$unistd       = 
+$thread_cflag = -pthread -D_THREAD_SAFE -D_REENTRANT
+$sys_id       = 
+$lflags       = 
+$bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
+$cpuid_obj    = x86cpuid.o
+$bn_obj       = bn-586.o co-586.o x86-mont.o
+$des_obj      = des-586.o crypt586.o
+$aes_obj      = aes-586.o aesni-x86.o
+$bf_obj       = bf-586.o
+$md5_obj      = md5-586.o
+$sha1_obj     = sha1-586.o sha256-586.o sha512-586.o
+$cast_obj     = cast-586.o
+$rc4_obj      = rc4-586.o
+$rmd160_obj   = rmd-586.o
+$rc5_obj      = rc5-586.o
+$wp_obj       = wp_block.o wp-mmx.o
+$cmll_obj     = cmll-x86.o
+$perlasm_scheme = elf
+$dso_scheme   = dlfcn
+$shared_target= bsd-shared
+$shared_cflag = -fPIC
+$shared_ldflag = 
+$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
+$ranlib       = 
+$arflags      = 
+$multilib     = 
 
 *** debug-Cygwin
 $cc           = gcc
@@ -1234,13 +1383,48 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
-$dso_scheme   = win32
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = void
+$dso_scheme   = dlfcn
 $shared_target= cygwin-shared
+$shared_cflag = -D_WINDLL
+$shared_ldflag = -shared
+$shared_extension = .dll.a
+$ranlib       = 
+$arflags      = 
+$multilib     = 
+
+*** debug-VC-WIN32
+$cc           = cl
+$cflags       = -W3 -WX -Gs0 -GF -Gy -Zi -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE
+$unistd       = 
+$thread_cflag = 
+$sys_id       = WIN32
+$lflags       = 
+$bn_ops       = BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN RC4_INDEX MD2_INT
+$cpuid_obj    = x86cpuid.o
+$bn_obj       = bn-586.o co-586.o x86-mont.o
+$des_obj      = des-586.o crypt586.o
+$aes_obj      = aes-586.o aesni-x86.o
+$bf_obj       = bf-586.o
+$md5_obj      = md5-586.o
+$sha1_obj     = sha1-586.o sha256-586.o sha512-586.o
+$cast_obj     = cast-586.o
+$rc4_obj      = rc4-586.o
+$rmd160_obj   = rmd-586.o
+$rc5_obj      = rc5-586.o
+$wp_obj       = wp_block.o wp-mmx.o
+$cmll_obj     = cmll-x86.o
+$perlasm_scheme = win32n
+$dso_scheme   = win32
+$shared_target= 
 $shared_cflag = 
 $shared_ldflag = 
-$shared_extension = .dll
+$shared_extension = 
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** debug-ben
 $cc           = gcc
@@ -1261,6 +1445,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = 
 $dso_scheme   = 
 $shared_target= 
 $shared_cflag = 
@@ -1268,10 +1455,42 @@ $shared_ldflag =
 $shared_extension = 
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** debug-ben-debug
 $cc           = gcc
-$cflags       = -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -g3 -O2 -pedantic -Wall -Wshadow -Werror -pipe
+$cflags       = -Wall -pedantic -DPEDANTIC -Wno-long-long -Wsign-compare -Wmissing-prototypes -Wshadow -Wformat -Werror -DCRYPTO_MDEBUG_ALL -DCRYPTO_MDEBUG_ABORT -DREF_CHECK -DOPENSSL_NO_DEPRECATED -DBN_DEBUG -DCONF_DEBUG -DBN_CTX_DEBUG -DDEBUG_SAFESTACK -g3 -O2 -pipe
+$unistd       = 
+$thread_cflag = (unknown)
+$sys_id       = 
+$lflags       = 
+$bn_ops       = 
+$cpuid_obj    = 
+$bn_obj       = 
+$des_obj      = 
+$aes_obj      = 
+$bf_obj       = 
+$md5_obj      = 
+$sha1_obj     = 
+$cast_obj     = 
+$rc4_obj      = 
+$rmd160_obj   = 
+$rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = 
+$dso_scheme   = 
+$shared_target= 
+$shared_cflag = 
+$shared_ldflag = 
+$shared_extension = 
+$ranlib       = 
+$arflags      = 
+$multilib     = 
+
+*** debug-ben-no-opt
+$cc           = gcc
+$cflags       = -Wall -Wmissing-prototypes -Wstrict-prototypes -Wmissing-declarations -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG -Werror -DL_ENDIAN -DTERMIOS -Wall -g3
 $unistd       = 
 $thread_cflag = (unknown)
 $sys_id       = 
@@ -1288,6 +1507,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = 
 $dso_scheme   = 
 $shared_target= 
 $shared_cflag = 
@@ -1295,6 +1517,7 @@ $shared_ldflag =
 $shared_extension = 
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** debug-ben-openbsd
 $cc           = gcc
@@ -1315,6 +1538,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = 
 $dso_scheme   = 
 $shared_target= 
 $shared_cflag = 
@@ -1322,6 +1548,7 @@ $shared_ldflag =
 $shared_extension = 
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** debug-ben-openbsd-debug
 $cc           = gcc
@@ -1342,6 +1569,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = 
 $dso_scheme   = 
 $shared_target= 
 $shared_cflag = 
@@ -1349,6 +1579,7 @@ $shared_ldflag =
 $shared_extension = 
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** debug-ben-strict
 $cc           = gcc
@@ -1369,6 +1600,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = 
 $dso_scheme   = 
 $shared_target= 
 $shared_cflag = 
@@ -1376,26 +1610,30 @@ $shared_ldflag =
 $shared_extension = 
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** debug-bodo
 $cc           = gcc
-$cflags       = -DL_ENDIAN -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DBIO_PAIR_DEBUG -DPEDANTIC -g -march=i486 -pedantic -Wshadow -Wall
+$cflags       = -DL_ENDIAN -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBIO_PAIR_DEBUG -DPEDANTIC -g -march=i486 -pedantic -Wshadow -Wall -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wundef -Wconversion
 $unistd       = 
 $thread_cflag = -D_REENTRANT
 $sys_id       = 
 $lflags       = 
 $bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$cpuid_obj    = x86cpuid-elf.o
-$bn_obj       = bn86-elf.o co86-elf.o
-$des_obj      = dx86-elf.o yx86-elf.o
-$aes_obj      = ax86-elf.o
-$bf_obj       = bx86-elf.o
-$md5_obj      = mx86-elf.o
-$sha1_obj     = sx86-elf.o s512sse2-elf.o
-$cast_obj     = cx86-elf.o
-$rc4_obj      = rx86-elf.o
-$rmd160_obj   = rm86-elf.o
-$rc5_obj      = r586-elf.o
+$cpuid_obj    = x86cpuid.o
+$bn_obj       = bn-586.o co-586.o x86-mont.o
+$des_obj      = des-586.o crypt586.o
+$aes_obj      = aes-586.o aesni-x86.o
+$bf_obj       = bf-586.o
+$md5_obj      = md5-586.o
+$sha1_obj     = sha1-586.o sha256-586.o sha512-586.o
+$cast_obj     = cast-586.o
+$rc4_obj      = rc4-586.o
+$rmd160_obj   = rmd-586.o
+$rc5_obj      = rc5-586.o
+$wp_obj       = wp_block.o wp-mmx.o
+$cmll_obj     = cmll-x86.o
+$perlasm_scheme = elf
 $dso_scheme   = 
 $shared_target= 
 $shared_cflag = 
@@ -1403,15 +1641,78 @@ $shared_ldflag =
 $shared_extension = 
 $ranlib       = 
 $arflags      = 
+$multilib     = 
+
+*** debug-darwin-i386-cc
+$cc           = cc
+$cflags       = -arch i386 -g3 -DL_ENDIAN
+$unistd       = 
+$thread_cflag = -D_REENTRANT
+$sys_id       = MACOSX
+$lflags       = -Wl,-search_paths_first%
+$bn_ops       = BN_LLONG RC4_INT RC4_CHUNK DES_UNROLL BF_PTR
+$cpuid_obj    = x86cpuid.o
+$bn_obj       = bn-586.o co-586.o x86-mont.o
+$des_obj      = des-586.o crypt586.o
+$aes_obj      = aes-586.o aesni-x86.o
+$bf_obj       = bf-586.o
+$md5_obj      = md5-586.o
+$sha1_obj     = sha1-586.o sha256-586.o sha512-586.o
+$cast_obj     = cast-586.o
+$rc4_obj      = rc4-586.o
+$rmd160_obj   = rmd-586.o
+$rc5_obj      = rc5-586.o
+$wp_obj       = wp_block.o wp-mmx.o
+$cmll_obj     = cmll-x86.o
+$perlasm_scheme = macosx
+$dso_scheme   = dlfcn
+$shared_target= darwin-shared
+$shared_cflag = -fPIC -fno-common
+$shared_ldflag = -arch i386 -dynamiclib
+$shared_extension = .$(SHLIB_MAJOR).$(SHLIB_MINOR).dylib
+$ranlib       = 
+$arflags      = 
+$multilib     = 
+
+*** debug-darwin-ppc-cc
+$cc           = cc
+$cflags       = -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DB_ENDIAN -g -Wall -O
+$unistd       = 
+$thread_cflag = -D_REENTRANT
+$sys_id       = MACOSX
+$lflags       = 
+$bn_ops       = BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR
+$cpuid_obj    = ppccpuid.o ppccap.o
+$bn_obj       = bn-ppc.o ppc-mont.o ppc64-mont.o
+$des_obj      = 
+$aes_obj      = aes_core.o aes_cbc.o aes-ppc.o
+$bf_obj       = 
+$md5_obj      = 
+$sha1_obj     = sha1-ppc.o sha256-ppc.o
+$cast_obj     = 
+$rc4_obj      = 
+$rmd160_obj   = 
+$rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = osx32
+$dso_scheme   = dlfcn
+$shared_target= darwin-shared
+$shared_cflag = -fPIC
+$shared_ldflag = -dynamiclib
+$shared_extension = .$(SHLIB_MAJOR).$(SHLIB_MINOR).dylib
+$ranlib       = 
+$arflags      = 
+$multilib     = 
 
-*** debug-geoff
+*** debug-geoff32
 $cc           = gcc
-$cflags       = -DBN_DEBUG -DBN_DEBUG_RAND -DBN_STRICT -DPURIFY -DOPENSSL_NO_DEPRECATED -DOPENSSL_NO_ASM -DOPENSSL_NO_INLINE_ASM -DL_ENDIAN -DTERMIO -DPEDANTIC -O1 -ggdb2 -Wall -Werror -Wundef -pedantic -Wshadow -Wpointer-arith -Wbad-function-cast -Wcast-align -Wsign-compare -Wmissing-prototypes -Wmissing-declarations -Wno-long-long
+$cflags       = -DBN_DEBUG -DBN_DEBUG_RAND -DBN_STRICT -DPURIFY -DOPENSSL_NO_DEPRECATED -DOPENSSL_NO_ASM -DOPENSSL_NO_INLINE_ASM -DL_ENDIAN -DTERMIO -DPEDANTIC -DMD32_REG_T=int -O1 -ggdb2 -Wall -Werror -Wundef -pedantic -Wshadow -Wpointer-arith -Wbad-function-cast -Wcast-align -Wsign-compare -Wmissing-prototypes -Wmissing-declarations -Wno-long-long
 $unistd       = 
 $thread_cflag = -D_REENTRANT
 $sys_id       = 
 $lflags       = -ldl
-$bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
+$bn_ops       = BN_LLONG
 $cpuid_obj    = 
 $bn_obj       = 
 $des_obj      = 
@@ -1423,6 +1724,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = void
 $dso_scheme   = dlfcn
 $shared_target= linux-shared
 $shared_cflag = -fPIC
@@ -1430,6 +1734,38 @@ $shared_ldflag =
 $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
+$multilib     = 
+
+*** debug-geoff64
+$cc           = gcc
+$cflags       = -DBN_DEBUG -DBN_DEBUG_RAND -DBN_STRICT -DPURIFY -DOPENSSL_NO_DEPRECATED -DOPENSSL_NO_ASM -DOPENSSL_NO_INLINE_ASM -DL_ENDIAN -DTERMIO -DPEDANTIC -DMD32_REG_T=int -O1 -ggdb2 -Wall -Werror -Wundef -pedantic -Wshadow -Wpointer-arith -Wbad-function-cast -Wcast-align -Wsign-compare -Wmissing-prototypes -Wmissing-declarations -Wno-long-long
+$unistd       = 
+$thread_cflag = -D_REENTRANT
+$sys_id       = 
+$lflags       = -ldl
+$bn_ops       = SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR
+$cpuid_obj    = 
+$bn_obj       = 
+$des_obj      = 
+$aes_obj      = 
+$bf_obj       = 
+$md5_obj      = 
+$sha1_obj     = 
+$cast_obj     = 
+$rc4_obj      = 
+$rmd160_obj   = 
+$rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = void
+$dso_scheme   = dlfcn
+$shared_target= linux-shared
+$shared_cflag = -fPIC
+$shared_ldflag = 
+$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
+$ranlib       = 
+$arflags      = 
+$multilib     = 
 
 *** debug-levitte-linux-elf
 $cc           = gcc
@@ -1439,17 +1775,20 @@ $thread_cflag = -D_REENTRANT
 $sys_id       = 
 $lflags       = -ldl
 $bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$cpuid_obj    = x86cpuid-elf.o
-$bn_obj       = bn86-elf.o co86-elf.o
-$des_obj      = dx86-elf.o yx86-elf.o
-$aes_obj      = ax86-elf.o
-$bf_obj       = bx86-elf.o
-$md5_obj      = mx86-elf.o
-$sha1_obj     = sx86-elf.o s512sse2-elf.o
-$cast_obj     = cx86-elf.o
-$rc4_obj      = rx86-elf.o
-$rmd160_obj   = rm86-elf.o
-$rc5_obj      = r586-elf.o
+$cpuid_obj    = x86cpuid.o
+$bn_obj       = bn-586.o co-586.o x86-mont.o
+$des_obj      = des-586.o crypt586.o
+$aes_obj      = aes-586.o aesni-x86.o
+$bf_obj       = bf-586.o
+$md5_obj      = md5-586.o
+$sha1_obj     = sha1-586.o sha256-586.o sha512-586.o
+$cast_obj     = cast-586.o
+$rc4_obj      = rc4-586.o
+$rmd160_obj   = rmd-586.o
+$rc5_obj      = rc5-586.o
+$wp_obj       = wp_block.o wp-mmx.o
+$cmll_obj     = cmll-x86.o
+$perlasm_scheme = elf
 $dso_scheme   = dlfcn
 $shared_target= linux-shared
 $shared_cflag = -fPIC
@@ -1457,6 +1796,7 @@ $shared_ldflag =
 $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** debug-levitte-linux-elf-extreme
 $cc           = gcc
@@ -1466,17 +1806,20 @@ $thread_cflag = -D_REENTRANT
 $sys_id       = 
 $lflags       = -ldl
 $bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$cpuid_obj    = x86cpuid-elf.o
-$bn_obj       = bn86-elf.o co86-elf.o
-$des_obj      = dx86-elf.o yx86-elf.o
-$aes_obj      = ax86-elf.o
-$bf_obj       = bx86-elf.o
-$md5_obj      = mx86-elf.o
-$sha1_obj     = sx86-elf.o s512sse2-elf.o
-$cast_obj     = cx86-elf.o
-$rc4_obj      = rx86-elf.o
-$rmd160_obj   = rm86-elf.o
-$rc5_obj      = r586-elf.o
+$cpuid_obj    = x86cpuid.o
+$bn_obj       = bn-586.o co-586.o x86-mont.o
+$des_obj      = des-586.o crypt586.o
+$aes_obj      = aes-586.o aesni-x86.o
+$bf_obj       = bf-586.o
+$md5_obj      = md5-586.o
+$sha1_obj     = sha1-586.o sha256-586.o sha512-586.o
+$cast_obj     = cast-586.o
+$rc4_obj      = rc4-586.o
+$rmd160_obj   = rmd-586.o
+$rc5_obj      = rc5-586.o
+$wp_obj       = wp_block.o wp-mmx.o
+$cmll_obj     = cmll-x86.o
+$perlasm_scheme = elf
 $dso_scheme   = dlfcn
 $shared_target= linux-shared
 $shared_cflag = -fPIC
@@ -1484,6 +1827,7 @@ $shared_ldflag =
 $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** debug-levitte-linux-noasm
 $cc           = gcc
@@ -1504,6 +1848,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = void
 $dso_scheme   = dlfcn
 $shared_target= linux-shared
 $shared_cflag = -fPIC
@@ -1511,6 +1858,7 @@ $shared_ldflag =
 $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** debug-levitte-linux-noasm-extreme
 $cc           = gcc
@@ -1531,6 +1879,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = void
 $dso_scheme   = dlfcn
 $shared_target= linux-shared
 $shared_cflag = -fPIC
@@ -1538,26 +1889,30 @@ $shared_ldflag =
 $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** debug-linux-elf
 $cc           = gcc
-$cflags       = -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall
+$cflags       = -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -march=i486 -Wall
 $unistd       = 
 $thread_cflag = -D_REENTRANT
 $sys_id       = 
 $lflags       = -lefence -ldl
 $bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$cpuid_obj    = x86cpuid-elf.o
-$bn_obj       = bn86-elf.o co86-elf.o
-$des_obj      = dx86-elf.o yx86-elf.o
-$aes_obj      = ax86-elf.o
-$bf_obj       = bx86-elf.o
-$md5_obj      = mx86-elf.o
-$sha1_obj     = sx86-elf.o s512sse2-elf.o
-$cast_obj     = cx86-elf.o
-$rc4_obj      = rx86-elf.o
-$rmd160_obj   = rm86-elf.o
-$rc5_obj      = r586-elf.o
+$cpuid_obj    = x86cpuid.o
+$bn_obj       = bn-586.o co-586.o x86-mont.o
+$des_obj      = des-586.o crypt586.o
+$aes_obj      = aes-586.o aesni-x86.o
+$bf_obj       = bf-586.o
+$md5_obj      = md5-586.o
+$sha1_obj     = sha1-586.o sha256-586.o sha512-586.o
+$cast_obj     = cast-586.o
+$rc4_obj      = rc4-586.o
+$rmd160_obj   = rmd-586.o
+$rc5_obj      = rc5-586.o
+$wp_obj       = wp_block.o wp-mmx.o
+$cmll_obj     = cmll-x86.o
+$perlasm_scheme = elf
 $dso_scheme   = dlfcn
 $shared_target= linux-shared
 $shared_cflag = -fPIC
@@ -1565,26 +1920,30 @@ $shared_ldflag =
 $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** debug-linux-elf-noefence
 $cc           = gcc
-$cflags       = -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall
+$cflags       = -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -march=i486 -Wall
 $unistd       = 
 $thread_cflag = -D_REENTRANT
 $sys_id       = 
 $lflags       = -ldl
 $bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$cpuid_obj    = x86cpuid-elf.o
-$bn_obj       = bn86-elf.o co86-elf.o
-$des_obj      = dx86-elf.o yx86-elf.o
-$aes_obj      = ax86-elf.o
-$bf_obj       = bx86-elf.o
-$md5_obj      = mx86-elf.o
-$sha1_obj     = sx86-elf.o s512sse2-elf.o
-$cast_obj     = cx86-elf.o
-$rc4_obj      = rx86-elf.o
-$rmd160_obj   = rm86-elf.o
-$rc5_obj      = r586-elf.o
+$cpuid_obj    = x86cpuid.o
+$bn_obj       = bn-586.o co-586.o x86-mont.o
+$des_obj      = des-586.o crypt586.o
+$aes_obj      = aes-586.o aesni-x86.o
+$bf_obj       = bf-586.o
+$md5_obj      = md5-586.o
+$sha1_obj     = sha1-586.o sha256-586.o sha512-586.o
+$cast_obj     = cast-586.o
+$rc4_obj      = rc4-586.o
+$rmd160_obj   = rmd-586.o
+$rc5_obj      = rc5-586.o
+$wp_obj       = wp_block.o wp-mmx.o
+$cmll_obj     = cmll-x86.o
+$perlasm_scheme = elf
 $dso_scheme   = dlfcn
 $shared_target= linux-shared
 $shared_cflag = -fPIC
@@ -1592,6 +1951,100 @@ $shared_ldflag =
 $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
+$multilib     = 
+
+*** debug-linux-generic32
+$cc           = gcc
+$cflags       = -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DTERMIO -g -Wall
+$unistd       = 
+$thread_cflag = -D_REENTRANT
+$sys_id       = 
+$lflags       = -ldl
+$bn_ops       = BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR
+$cpuid_obj    = 
+$bn_obj       = 
+$des_obj      = 
+$aes_obj      = 
+$bf_obj       = 
+$md5_obj      = 
+$sha1_obj     = 
+$cast_obj     = 
+$rc4_obj      = 
+$rmd160_obj   = 
+$rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = void
+$dso_scheme   = dlfcn
+$shared_target= linux-shared
+$shared_cflag = -fPIC
+$shared_ldflag = 
+$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
+$ranlib       = 
+$arflags      = 
+$multilib     = 
+
+*** debug-linux-generic64
+$cc           = gcc
+$cflags       = -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DTERMIO -g -Wall
+$unistd       = 
+$thread_cflag = -D_REENTRANT
+$sys_id       = 
+$lflags       = -ldl
+$bn_ops       = SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR
+$cpuid_obj    = 
+$bn_obj       = 
+$des_obj      = 
+$aes_obj      = 
+$bf_obj       = 
+$md5_obj      = 
+$sha1_obj     = 
+$cast_obj     = 
+$rc4_obj      = 
+$rmd160_obj   = 
+$rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = void
+$dso_scheme   = dlfcn
+$shared_target= linux-shared
+$shared_cflag = -fPIC
+$shared_ldflag = 
+$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
+$ranlib       = 
+$arflags      = 
+$multilib     = 
+
+*** debug-linux-ia32-aes
+$cc           = gcc
+$cflags       = -DAES_EXPERIMENTAL -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall
+$unistd       = 
+$thread_cflag = -D_REENTRANT
+$sys_id       = 
+$lflags       = -ldl
+$bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
+$cpuid_obj    = x86cpuid.o
+$bn_obj       = bn-586.o co-586.o x86-mont.o
+$des_obj      = des-586.o crypt586.o
+$aes_obj      = aes_x86core.o aes_cbc.o
+$bf_obj       = bf-586.o
+$md5_obj      = md5-586.o
+$sha1_obj     = sha1-586.o sha256-586.o sha512-586.o
+$cast_obj     = cast-586.o
+$rc4_obj      = rc4-586.o
+$rmd160_obj   = rmd-586.o
+$rc5_obj      = rc5-586.o
+$wp_obj       = wp_block.o wp-mmx.o
+$cmll_obj     = 
+$perlasm_scheme = elf
+$dso_scheme   = dlfcn
+$shared_target= linux-shared
+$shared_cflag = -fPIC
+$shared_ldflag = 
+$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
+$ranlib       = 
+$arflags      = 
+$multilib     = 
 
 *** debug-linux-pentium
 $cc           = gcc
@@ -1601,17 +2054,20 @@ $thread_cflag = -D_REENTRANT
 $sys_id       = 
 $lflags       = -ldl
 $bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$cpuid_obj    = x86cpuid-elf.o
-$bn_obj       = bn86-elf.o co86-elf.o
-$des_obj      = dx86-elf.o yx86-elf.o
-$aes_obj      = ax86-elf.o
-$bf_obj       = bx86-elf.o
-$md5_obj      = mx86-elf.o
-$sha1_obj     = sx86-elf.o s512sse2-elf.o
-$cast_obj     = cx86-elf.o
-$rc4_obj      = rx86-elf.o
-$rmd160_obj   = rm86-elf.o
-$rc5_obj      = r586-elf.o
+$cpuid_obj    = x86cpuid.o
+$bn_obj       = bn-586.o co-586.o x86-mont.o
+$des_obj      = des-586.o crypt586.o
+$aes_obj      = aes-586.o aesni-x86.o
+$bf_obj       = bf-586.o
+$md5_obj      = md5-586.o
+$sha1_obj     = sha1-586.o sha256-586.o sha512-586.o
+$cast_obj     = cast-586.o
+$rc4_obj      = rc4-586.o
+$rmd160_obj   = rmd-586.o
+$rc5_obj      = rc5-586.o
+$wp_obj       = wp_block.o wp-mmx.o
+$cmll_obj     = cmll-x86.o
+$perlasm_scheme = elf
 $dso_scheme   = dlfcn
 $shared_target= 
 $shared_cflag = 
@@ -1619,6 +2075,7 @@ $shared_ldflag =
 $shared_extension = 
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** debug-linux-ppro
 $cc           = gcc
@@ -1628,17 +2085,20 @@ $thread_cflag = -D_REENTRANT
 $sys_id       = 
 $lflags       = -ldl
 $bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$cpuid_obj    = x86cpuid-elf.o
-$bn_obj       = bn86-elf.o co86-elf.o
-$des_obj      = dx86-elf.o yx86-elf.o
-$aes_obj      = ax86-elf.o
-$bf_obj       = bx86-elf.o
-$md5_obj      = mx86-elf.o
-$sha1_obj     = sx86-elf.o s512sse2-elf.o
-$cast_obj     = cx86-elf.o
-$rc4_obj      = rx86-elf.o
-$rmd160_obj   = rm86-elf.o
-$rc5_obj      = r586-elf.o
+$cpuid_obj    = x86cpuid.o
+$bn_obj       = bn-586.o co-586.o x86-mont.o
+$des_obj      = des-586.o crypt586.o
+$aes_obj      = aes-586.o aesni-x86.o
+$bf_obj       = bf-586.o
+$md5_obj      = md5-586.o
+$sha1_obj     = sha1-586.o sha256-586.o sha512-586.o
+$cast_obj     = cast-586.o
+$rc4_obj      = rc4-586.o
+$rmd160_obj   = rmd-586.o
+$rc5_obj      = rc5-586.o
+$wp_obj       = wp_block.o wp-mmx.o
+$cmll_obj     = cmll-x86.o
+$perlasm_scheme = elf
 $dso_scheme   = dlfcn
 $shared_target= 
 $shared_cflag = 
@@ -1646,6 +2106,38 @@ $shared_ldflag =
 $shared_extension = 
 $ranlib       = 
 $arflags      = 
+$multilib     = 
+
+*** debug-linux-x86_64
+$cc           = gcc
+$cflags       = -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -m64 -DL_ENDIAN -DTERMIO -g -Wall -DMD32_REG_T=int
+$unistd       = 
+$thread_cflag = -D_REENTRANT
+$sys_id       = 
+$lflags       = -ldl
+$bn_ops       = SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL
+$cpuid_obj    = x86_64cpuid.o
+$bn_obj       = x86_64-gcc.o x86_64-mont.o
+$des_obj      = 
+$aes_obj      = aes-x86_64.o aesni-x86_64.o
+$bf_obj       = 
+$md5_obj      = md5-x86_64.o
+$sha1_obj     = sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o
+$cast_obj     = 
+$rc4_obj      = rc4-x86_64.o
+$rmd160_obj   = 
+$rc5_obj      = 
+$wp_obj       = wp-x86_64.o
+$cmll_obj     = cmll-x86_64.o cmll_misc.o
+$perlasm_scheme = elf
+$dso_scheme   = dlfcn
+$shared_target= linux-shared
+$shared_cflag = -fPIC
+$shared_ldflag = -m64
+$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
+$ranlib       = 
+$arflags      = 
+$multilib     = 64
 
 *** debug-rse
 $cc           = cc
@@ -1655,17 +2147,20 @@ $thread_cflag = (unknown)
 $sys_id       = 
 $lflags       = 
 $bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$cpuid_obj    = x86cpuid-elf.o
-$bn_obj       = bn86-elf.o co86-elf.o
-$des_obj      = dx86-elf.o yx86-elf.o
-$aes_obj      = ax86-elf.o
-$bf_obj       = bx86-elf.o
-$md5_obj      = mx86-elf.o
-$sha1_obj     = sx86-elf.o s512sse2-elf.o
-$cast_obj     = cx86-elf.o
-$rc4_obj      = rx86-elf.o
-$rmd160_obj   = rm86-elf.o
-$rc5_obj      = r586-elf.o
+$cpuid_obj    = x86cpuid.o
+$bn_obj       = bn-586.o co-586.o x86-mont.o
+$des_obj      = des-586.o crypt586.o
+$aes_obj      = aes-586.o aesni-x86.o
+$bf_obj       = bf-586.o
+$md5_obj      = md5-586.o
+$sha1_obj     = sha1-586.o sha256-586.o sha512-586.o
+$cast_obj     = cast-586.o
+$rc4_obj      = rc4-586.o
+$rmd160_obj   = rmd-586.o
+$rc5_obj      = rc5-586.o
+$wp_obj       = wp_block.o wp-mmx.o
+$cmll_obj     = cmll-x86.o
+$perlasm_scheme = elf
 $dso_scheme   = 
 $shared_target= 
 $shared_cflag = 
@@ -1673,6 +2168,7 @@ $shared_ldflag =
 $shared_extension = 
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** debug-solaris-sparcv8-cc
 $cc           = cc
@@ -1684,7 +2180,7 @@ $lflags       = -lsocket -lnsl -ldl
 $bn_ops       = BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR
 $cpuid_obj    = 
 $bn_obj       = sparcv8.o
-$des_obj      = 
+$des_obj      = des_enc-sparc.o fcrypt_b.o
 $aes_obj      = 
 $bf_obj       = 
 $md5_obj      = 
@@ -1693,13 +2189,17 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = void
 $dso_scheme   = dlfcn
 $shared_target= solaris-shared
 $shared_cflag = -KPIC
-$shared_ldflag = 
+$shared_ldflag = -G -dy -z text
 $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** debug-solaris-sparcv8-gcc
 $cc           = gcc
@@ -1711,7 +2211,7 @@ $lflags       = -lsocket -lnsl -ldl
 $bn_ops       = BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR
 $cpuid_obj    = 
 $bn_obj       = sparcv8.o
-$des_obj      = 
+$des_obj      = des_enc-sparc.o fcrypt_b.o
 $aes_obj      = 
 $bf_obj       = 
 $md5_obj      = 
@@ -1720,6 +2220,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = void
 $dso_scheme   = dlfcn
 $shared_target= solaris-shared
 $shared_cflag = -fPIC
@@ -1727,6 +2230,7 @@ $shared_ldflag = -shared
 $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** debug-solaris-sparcv9-cc
 $cc           = cc
@@ -1736,24 +2240,28 @@ $thread_cflag = -D_REENTRANT
 $sys_id       = ULTRASPARC
 $lflags       = -lsocket -lnsl -ldl
 $bn_ops       = BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR
-$cpuid_obj    = 
-$bn_obj       = sparcv8plus.o
-$des_obj      = 
-$aes_obj      = 
+$cpuid_obj    = sparcv9cap.o sparccpuid.o
+$bn_obj       = bn-sparcv9.o sparcv9-mont.o sparcv9a-mont.o
+$des_obj      = des_enc-sparc.o fcrypt_b.o
+$aes_obj      = aes_core.o aes_cbc.o aes-sparcv9.o
 $bf_obj       = 
-$md5_obj      = md5-sparcv8plus.o
-$sha1_obj     = 
+$md5_obj      = 
+$sha1_obj     = sha1-sparcv9.o sha256-sparcv9.o sha512-sparcv9.o
 $cast_obj     = 
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = void
 $dso_scheme   = dlfcn
 $shared_target= solaris-shared
 $shared_cflag = -KPIC
-$shared_ldflag = 
+$shared_ldflag = -G -dy -z text
 $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** debug-solaris-sparcv9-gcc
 $cc           = gcc
@@ -1763,17 +2271,20 @@ $thread_cflag = -D_REENTRANT
 $sys_id       = ULTRASPARC
 $lflags       = -lsocket -lnsl -ldl
 $bn_ops       = BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR
-$cpuid_obj    = 
-$bn_obj       = sparcv8plus.o
+$cpuid_obj    = sparcv9cap.o sparccpuid.o
+$bn_obj       = bn-sparcv9.o sparcv9-mont.o sparcv9a-mont.o
 $des_obj      = des_enc-sparc.o fcrypt_b.o
-$aes_obj      = 
+$aes_obj      = aes_core.o aes_cbc.o aes-sparcv9.o
 $bf_obj       = 
-$md5_obj      = md5-sparcv8plus.o
-$sha1_obj     = 
+$md5_obj      = 
+$sha1_obj     = sha1-sparcv9.o sha256-sparcv9.o sha512-sparcv9.o
 $cast_obj     = 
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = void
 $dso_scheme   = dlfcn
 $shared_target= solaris-shared
 $shared_cflag = -fPIC
@@ -1781,60 +2292,100 @@ $shared_ldflag = -shared
 $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
+$multilib     = 
+
+*** debug-steve-opt
+$cc           = gcc
+$cflags       = -Wall -pedantic -DPEDANTIC -Wno-long-long -Wsign-compare -Wmissing-prototypes -Wshadow -Wformat -Werror -DCRYPTO_MDEBUG_ALL -DCRYPTO_MDEBUG_ABORT -DREF_CHECK -DOPENSSL_NO_DEPRECATED -m64 -O3 -DL_ENDIAN -DTERMIO -DCONF_DEBUG -DDEBUG_SAFESTACK -g -DMD32_REG_T=int
+$unistd       = 
+$thread_cflag = -D_REENTRANT
+$sys_id       = 
+$lflags       = -ldl
+$bn_ops       = SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL
+$cpuid_obj    = x86_64cpuid.o
+$bn_obj       = x86_64-gcc.o x86_64-mont.o
+$des_obj      = 
+$aes_obj      = aes-x86_64.o aesni-x86_64.o
+$bf_obj       = 
+$md5_obj      = md5-x86_64.o
+$sha1_obj     = sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o
+$cast_obj     = 
+$rc4_obj      = rc4-x86_64.o
+$rmd160_obj   = 
+$rc5_obj      = 
+$wp_obj       = wp-x86_64.o
+$cmll_obj     = cmll-x86_64.o cmll_misc.o
+$perlasm_scheme = elf
+$dso_scheme   = dlfcn
+$shared_target= linux-shared
+$shared_cflag = -fPIC
+$shared_ldflag = -m64
+$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
+$ranlib       = 
+$arflags      = 
+$multilib     = 
 
-*** debug-steve
+*** debug-steve32
 $cc           = gcc
-$cflags       = -DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG_ALL -DPEDANTIC -g -mcpu=i486 -pedantic -Wno-long-long -Wall -Werror -Wshadow -pipe
+$cflags       = -Wall -pedantic -DPEDANTIC -Wno-long-long -Wsign-compare -Wmissing-prototypes -Wshadow -Wformat -Werror -DCRYPTO_MDEBUG_ALL -DCRYPTO_MDEBUG_ABORT -DREF_CHECK -DOPENSSL_NO_DEPRECATED -m32 -DL_ENDIAN -DCONF_DEBUG -DDEBUG_SAFESTACK -g -pipe
 $unistd       = 
 $thread_cflag = -D_REENTRANT
 $sys_id       = 
 $lflags       = -rdynamic -ldl
 $bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$cpuid_obj    = x86cpuid-elf.o
-$bn_obj       = bn86-elf.o co86-elf.o
-$des_obj      = dx86-elf.o yx86-elf.o
-$aes_obj      = ax86-elf.o
-$bf_obj       = bx86-elf.o
-$md5_obj      = mx86-elf.o
-$sha1_obj     = sx86-elf.o s512sse2-elf.o
-$cast_obj     = cx86-elf.o
-$rc4_obj      = rx86-elf.o
-$rmd160_obj   = rm86-elf.o
-$rc5_obj      = r586-elf.o
+$cpuid_obj    = x86cpuid.o
+$bn_obj       = bn-586.o co-586.o x86-mont.o
+$des_obj      = des-586.o crypt586.o
+$aes_obj      = aes-586.o aesni-x86.o
+$bf_obj       = bf-586.o
+$md5_obj      = md5-586.o
+$sha1_obj     = sha1-586.o sha256-586.o sha512-586.o
+$cast_obj     = cast-586.o
+$rc4_obj      = rc4-586.o
+$rmd160_obj   = rmd-586.o
+$rc5_obj      = rc5-586.o
+$wp_obj       = wp_block.o wp-mmx.o
+$cmll_obj     = cmll-x86.o
+$perlasm_scheme = elf
 $dso_scheme   = dlfcn
 $shared_target= linux-shared
-$shared_cflag = 
-$shared_ldflag = 
-$shared_extension = 
+$shared_cflag = -fPIC
+$shared_ldflag = -m32
+$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
-*** debug-steve-linux-pseudo64
+*** debug-steve64
 $cc           = gcc
-$cflags       = -DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG_ALL -DOPENSSL_NO_ASM -g -mcpu=i486 -Wall -Werror -Wshadow -pipe
+$cflags       = -Wall -pedantic -DPEDANTIC -Wno-long-long -Wsign-compare -Wmissing-prototypes -Wshadow -Wformat -Werror -DCRYPTO_MDEBUG_ALL -DCRYPTO_MDEBUG_ABORT -DREF_CHECK -DOPENSSL_NO_DEPRECATED -m64 -DL_ENDIAN -DTERMIO -DCONF_DEBUG -DDEBUG_SAFESTACK -g -DMD32_REG_T=int
 $unistd       = 
 $thread_cflag = -D_REENTRANT
 $sys_id       = 
-$lflags       = -rdynamic -ldl
-$bn_ops       = SIXTY_FOUR_BIT
-$cpuid_obj    = 
-$bn_obj       = 
+$lflags       = -ldl
+$bn_ops       = SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL
+$cpuid_obj    = x86_64cpuid.o
+$bn_obj       = x86_64-gcc.o x86_64-mont.o
 $des_obj      = 
-$aes_obj      = 
+$aes_obj      = aes-x86_64.o aesni-x86_64.o
 $bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
+$md5_obj      = md5-x86_64.o
+$sha1_obj     = sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o
 $cast_obj     = 
-$rc4_obj      = 
+$rc4_obj      = rc4-x86_64.o
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = wp-x86_64.o
+$cmll_obj     = cmll-x86_64.o cmll_misc.o
+$perlasm_scheme = elf
 $dso_scheme   = dlfcn
 $shared_target= linux-shared
-$shared_cflag = 
-$shared_ldflag = 
-$shared_extension = 
+$shared_cflag = -fPIC
+$shared_ldflag = -m64
+$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** debug-ulf
 $cc           = gcc
@@ -1855,6 +2406,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = void
 $dso_scheme   = win32
 $shared_target= cygwin-shared
 $shared_cflag = 
@@ -1862,10 +2416,11 @@ $shared_ldflag =
 $shared_extension = .dll
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** debug-vos-gcc
 $cc           = gcc
-$cflags       = -b hppa1.1-stratus-vos -O0 -g -Wall -D_POSIX_C_SOURCE=200112L -D_BSD -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG
+$cflags       = -O0 -g -Wall -D_POSIX_C_SOURCE=200112L -D_BSD -D_VOS_EXTENDED_NAMES -DB_ENDIAN -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG
 $unistd       = 
 $thread_cflag = (unknown)
 $sys_id       = VOS
@@ -1882,6 +2437,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = void
 $dso_scheme   = 
 $shared_target= 
 $shared_cflag = 
@@ -1889,33 +2447,7 @@ $shared_ldflag =
 $shared_extension = .so
 $ranlib       = 
 $arflags      = 
-
-*** debug-vos-vcc
-$cc           = vcc
-$cflags       = -b i386-stratus-vos -O0 -g -D_POSIX_C_SOURCE=200112L -D_BSD -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG
-$unistd       = 
-$thread_cflag = (unknown)
-$sys_id       = VOS
-$lflags       = -Wl,-map
-$bn_ops       = 
-$cpuid_obj    = 
-$bn_obj       = 
-$des_obj      = 
-$aes_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-$shared_ldflag = 
-$shared_extension = .so
-$ranlib       = 
-$arflags      = 
+$multilib     = 
 
 *** dgux-R3-gcc
 $cc           = gcc
@@ -1936,6 +2468,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = 
 $dso_scheme   = 
 $shared_target= 
 $shared_cflag = 
@@ -1943,6 +2478,7 @@ $shared_ldflag =
 $shared_extension = 
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** dgux-R4-gcc
 $cc           = gcc
@@ -1963,6 +2499,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = 
 $dso_scheme   = 
 $shared_target= 
 $shared_cflag = 
@@ -1970,6 +2509,7 @@ $shared_ldflag =
 $shared_extension = 
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** dgux-R4-x86-gcc
 $cc           = gcc
@@ -1979,17 +2519,20 @@ $thread_cflag = (unknown)
 $sys_id       = 
 $lflags       = -lnsl -lsocket
 $bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$cpuid_obj    = x86cpuid-elf.o
-$bn_obj       = bn86-elf.o co86-elf.o
-$des_obj      = dx86-elf.o yx86-elf.o
-$aes_obj      = ax86-elf.o
-$bf_obj       = bx86-elf.o
-$md5_obj      = mx86-elf.o
-$sha1_obj     = sx86-elf.o s512sse2-elf.o
-$cast_obj     = cx86-elf.o
-$rc4_obj      = rx86-elf.o
-$rmd160_obj   = rm86-elf.o
-$rc5_obj      = r586-elf.o
+$cpuid_obj    = x86cpuid.o
+$bn_obj       = bn-586.o co-586.o x86-mont.o
+$des_obj      = des-586.o crypt586.o
+$aes_obj      = aes-586.o aesni-x86.o
+$bf_obj       = bf-586.o
+$md5_obj      = md5-586.o
+$sha1_obj     = sha1-586.o sha256-586.o sha512-586.o
+$cast_obj     = cast-586.o
+$rc4_obj      = rc4-586.o
+$rmd160_obj   = rmd-586.o
+$rc5_obj      = rc5-586.o
+$wp_obj       = wp_block.o wp-mmx.o
+$cmll_obj     = cmll-x86.o
+$perlasm_scheme = elf
 $dso_scheme   = 
 $shared_target= 
 $shared_cflag = 
@@ -1997,6 +2540,7 @@ $shared_ldflag =
 $shared_extension = 
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** dist
 $cc           = cc
@@ -2017,6 +2561,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = 
 $dso_scheme   = 
 $shared_target= 
 $shared_cflag = 
@@ -2024,6 +2571,7 @@ $shared_ldflag =
 $shared_extension = 
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** gcc
 $cc           = gcc
@@ -2044,6 +2592,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = 
 $dso_scheme   = 
 $shared_target= 
 $shared_cflag = 
@@ -2051,6 +2602,7 @@ $shared_ldflag =
 $shared_extension = 
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** hpux-cc
 $cc           = cc
@@ -2071,6 +2623,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = void
 $dso_scheme   = dl
 $shared_target= hpux-shared
 $shared_cflag = +Z
@@ -2078,6 +2633,7 @@ $shared_ldflag = -b
 $shared_extension = .sl.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** hpux-gcc
 $cc           = gcc
@@ -2098,6 +2654,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = void
 $dso_scheme   = dl
 $shared_target= hpux-shared
 $shared_cflag = -fPIC
@@ -2105,6 +2664,7 @@ $shared_ldflag = -shared
 $shared_extension = .sl.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** hpux-ia64-cc
 $cc           = cc
@@ -2114,17 +2674,20 @@ $thread_cflag =
 $sys_id       = 
 $lflags       = -ldl
 $bn_ops       = SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT
-$cpuid_obj    = 
-$bn_obj       = ia64.o
+$cpuid_obj    = ia64cpuid.o
+$bn_obj       = bn-ia64.o ia64-mont.o
 $des_obj      = 
 $aes_obj      = aes_core.o aes_cbc.o aes-ia64.o
 $bf_obj       = 
-$md5_obj      = 
+$md5_obj      = md5-ia64.o
 $sha1_obj     = sha1-ia64.o sha256-ia64.o sha512-ia64.o
 $cast_obj     = 
-$rc4_obj      = rc4-ia64.o
+$rc4_obj      = rc4-ia64.o rc4_skey.o
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = void
 $dso_scheme   = dlfcn
 $shared_target= hpux-shared
 $shared_cflag = +Z
@@ -2132,6 +2695,7 @@ $shared_ldflag = +DD32 -b
 $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
+$multilib     = /hpux32
 
 *** hpux-ia64-gcc
 $cc           = gcc
@@ -2141,17 +2705,20 @@ $thread_cflag =
 $sys_id       = 
 $lflags       = -ldl
 $bn_ops       = SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT
-$cpuid_obj    = 
-$bn_obj       = ia64.o
+$cpuid_obj    = ia64cpuid.o
+$bn_obj       = bn-ia64.o ia64-mont.o
 $des_obj      = 
-$aes_obj      = aes-ia64.o
+$aes_obj      = aes_core.o aes_cbc.o aes-ia64.o
 $bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = sha256-ia64.o sha512-ia64.o
+$md5_obj      = md5-ia64.o
+$sha1_obj     = sha1-ia64.o sha256-ia64.o sha512-ia64.o
 $cast_obj     = 
-$rc4_obj      = rc4-ia64.o
+$rc4_obj      = rc4-ia64.o rc4_skey.o
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = void
 $dso_scheme   = dlfcn
 $shared_target= hpux-shared
 $shared_cflag = -fpic
@@ -2159,6 +2726,7 @@ $shared_ldflag = -shared
 $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
+$multilib     = /hpux32
 
 *** hpux-parisc-cc
 $cc           = cc
@@ -2179,6 +2747,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = void
 $dso_scheme   = dl
 $shared_target= hpux-shared
 $shared_cflag = +Z
@@ -2186,6 +2757,7 @@ $shared_ldflag = -b
 $shared_extension = .sl.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** hpux-parisc-cc-o4
 $cc           = cc
@@ -2206,6 +2778,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = void
 $dso_scheme   = dl
 $shared_target= hpux-shared
 $shared_cflag = +Z
@@ -2213,6 +2788,7 @@ $shared_ldflag = -b
 $shared_extension = .sl.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** hpux-parisc-gcc
 $cc           = gcc
@@ -2233,6 +2809,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = void
 $dso_scheme   = dl
 $shared_target= hpux-shared
 $shared_cflag = -fPIC
@@ -2240,26 +2819,30 @@ $shared_ldflag = -shared
 $shared_extension = .sl.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
-*** hpux-parisc1_0-cc
+*** hpux-parisc1_1-cc
 $cc           = cc
-$cflags       = +DAportable +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY
+$cflags       = +DA1.1 +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY
 $unistd       = 
 $thread_cflag = -D_REENTRANT
 $sys_id       = 
 $lflags       = -Wl,+s -ldld
 $bn_ops       = MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT
-$cpuid_obj    = 
-$bn_obj       = 
+$cpuid_obj    = pariscid.o
+$bn_obj       = bn_asm.o parisc-mont.o
 $des_obj      = 
-$aes_obj      = 
+$aes_obj      = aes_core.o aes_cbc.o aes-parisc.o
 $bf_obj       = 
 $md5_obj      = 
-$sha1_obj     = 
+$sha1_obj     = sha1-parisc.o sha256-parisc.o sha512-parisc.o
 $cast_obj     = 
-$rc4_obj      = 
+$rc4_obj      = rc4-parisc.o
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = 32
 $dso_scheme   = dl
 $shared_target= hpux-shared
 $shared_cflag = +Z
@@ -2267,6 +2850,7 @@ $shared_ldflag = -b
 $shared_extension = .sl.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
+$multilib     = /pa1.1
 
 *** hpux-parisc2-cc
 $cc           = cc
@@ -2287,6 +2871,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = void
 $dso_scheme   = dl
 $shared_target= hpux-shared
 $shared_cflag = +Z
@@ -2294,6 +2881,7 @@ $shared_ldflag = -b
 $shared_extension = .sl.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** hpux-parisc2-gcc
 $cc           = gcc
@@ -2314,6 +2902,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = void
 $dso_scheme   = dl
 $shared_target= hpux-shared
 $shared_cflag = -fPIC
@@ -2321,6 +2912,7 @@ $shared_ldflag = -shared
 $shared_extension = .sl.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** hpux64-ia64-cc
 $cc           = cc
@@ -2330,17 +2922,20 @@ $thread_cflag =
 $sys_id       = 
 $lflags       = -ldl
 $bn_ops       = SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT
-$cpuid_obj    = 
-$bn_obj       = ia64.o
+$cpuid_obj    = ia64cpuid.o
+$bn_obj       = bn-ia64.o ia64-mont.o
 $des_obj      = 
 $aes_obj      = aes_core.o aes_cbc.o aes-ia64.o
 $bf_obj       = 
-$md5_obj      = 
+$md5_obj      = md5-ia64.o
 $sha1_obj     = sha1-ia64.o sha256-ia64.o sha512-ia64.o
 $cast_obj     = 
-$rc4_obj      = rc4-ia64.o
+$rc4_obj      = rc4-ia64.o rc4_skey.o
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = void
 $dso_scheme   = dlfcn
 $shared_target= hpux-shared
 $shared_cflag = +Z
@@ -2348,6 +2943,7 @@ $shared_ldflag = +DD64 -b
 $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
+$multilib     = /hpux64
 
 *** hpux64-ia64-gcc
 $cc           = gcc
@@ -2357,17 +2953,20 @@ $thread_cflag =
 $sys_id       = 
 $lflags       = -ldl
 $bn_ops       = SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT
-$cpuid_obj    = 
-$bn_obj       = ia64.o
+$cpuid_obj    = ia64cpuid.o
+$bn_obj       = bn-ia64.o ia64-mont.o
 $des_obj      = 
 $aes_obj      = aes_core.o aes_cbc.o aes-ia64.o
 $bf_obj       = 
-$md5_obj      = 
+$md5_obj      = md5-ia64.o
 $sha1_obj     = sha1-ia64.o sha256-ia64.o sha512-ia64.o
 $cast_obj     = 
-$rc4_obj      = rc4-ia64.o
+$rc4_obj      = rc4-ia64.o rc4_skey.o
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = void
 $dso_scheme   = dlfcn
 $shared_target= hpux-shared
 $shared_cflag = -fpic
@@ -2375,6 +2974,7 @@ $shared_ldflag = -mlp64 -shared
 $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
+$multilib     = /hpux64
 
 *** hpux64-parisc2-cc
 $cc           = cc
@@ -2384,17 +2984,20 @@ $thread_cflag =
 $sys_id       = 
 $lflags       = -ldl
 $bn_ops       = SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT
-$cpuid_obj    = 
-$bn_obj       = pa-risc2W.o
+$cpuid_obj    = pariscid.o
+$bn_obj       = pa-risc2W.o parisc-mont.o
 $des_obj      = 
-$aes_obj      = 
+$aes_obj      = aes_core.o aes_cbc.o aes-parisc.o
 $bf_obj       = 
 $md5_obj      = 
-$sha1_obj     = 
+$sha1_obj     = sha1-parisc.o sha256-parisc.o sha512-parisc.o
 $cast_obj     = 
-$rc4_obj      = 
+$rc4_obj      = rc4-parisc.o
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = 64
 $dso_scheme   = dlfcn
 $shared_target= hpux-shared
 $shared_cflag = +Z
@@ -2402,6 +3005,7 @@ $shared_ldflag = +DD64 -b
 $shared_extension = .sl.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
+$multilib     = /pa20_64
 
 *** hpux64-parisc2-gcc
 $cc           = gcc
@@ -2422,6 +3026,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = void
 $dso_scheme   = dlfcn
 $shared_target= hpux-shared
 $shared_cflag = -fpic
@@ -2429,26 +3036,30 @@ $shared_ldflag = -shared
 $shared_extension = .sl.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
+$multilib     = /pa20_64
 
 *** hurd-x86
 $cc           = gcc
-$cflags       = -DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -m486 -Wall
+$cflags       = -DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -march=i486 -Wall
 $unistd       = 
 $thread_cflag = -D_REENTRANT
 $sys_id       = 
 $lflags       = -ldl
 $bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$cpuid_obj    = x86cpuid-elf.o
-$bn_obj       = bn86-elf.o co86-elf.o
-$des_obj      = dx86-elf.o yx86-elf.o
-$aes_obj      = ax86-elf.o
-$bf_obj       = bx86-elf.o
-$md5_obj      = mx86-elf.o
-$sha1_obj     = sx86-elf.o s512sse2-elf.o
-$cast_obj     = cx86-elf.o
-$rc4_obj      = rx86-elf.o
-$rmd160_obj   = rm86-elf.o
-$rc5_obj      = r586-elf.o
+$cpuid_obj    = x86cpuid.o
+$bn_obj       = bn-586.o co-586.o x86-mont.o
+$des_obj      = des-586.o crypt586.o
+$aes_obj      = aes-586.o aesni-x86.o
+$bf_obj       = bf-586.o
+$md5_obj      = md5-586.o
+$sha1_obj     = sha1-586.o sha256-586.o sha512-586.o
+$cast_obj     = cast-586.o
+$rc4_obj      = rc4-586.o
+$rmd160_obj   = rmd-586.o
+$rc5_obj      = rc5-586.o
+$wp_obj       = wp_block.o wp-mmx.o
+$cmll_obj     = cmll-x86.o
+$perlasm_scheme = elf
 $dso_scheme   = dlfcn
 $shared_target= linux-shared
 $shared_cflag = -fPIC
@@ -2456,6 +3067,7 @@ $shared_ldflag =
 $shared_extension = 
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** irix-cc
 $cc           = cc
@@ -2476,6 +3088,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = void
 $dso_scheme   = dlfcn
 $shared_target= irix-shared
 $shared_cflag = 
@@ -2483,6 +3098,7 @@ $shared_ldflag =
 $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** irix-gcc
 $cc           = gcc
@@ -2503,6 +3119,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = void
 $dso_scheme   = dlfcn
 $shared_target= irix-shared
 $shared_cflag = 
@@ -2510,17 +3129,18 @@ $shared_ldflag =
 $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** irix-mips3-cc
 $cc           = cc
-$cflags       = -n32 -mips3 -O2 -use_readonly_const -DTERMIOS -DB_ENDIAN -DBN_DIV3W
+$cflags       = -n32 -mips3 -O2 -use_readonly_const -G0 -rdata_shared -DTERMIOS -DB_ENDIAN -DBN_DIV3W
 $unistd       = 
 $thread_cflag = -D_SGI_MP_SOURCE
 $sys_id       = 
 $lflags       = 
 $bn_ops       = DES_PTR RC4_CHAR RC4_CHUNK_LL DES_RISC2 DES_UNROLL BF_PTR SIXTY_FOUR_BIT
 $cpuid_obj    = 
-$bn_obj       = mips3.o
+$bn_obj       = bn-mips3.o
 $des_obj      = 
 $aes_obj      = 
 $bf_obj       = 
@@ -2530,6 +3150,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = void
 $dso_scheme   = dlfcn
 $shared_target= irix-shared
 $shared_cflag = 
@@ -2537,17 +3160,18 @@ $shared_ldflag = -n32
 $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
+$multilib     = 32
 
 *** irix-mips3-gcc
 $cc           = gcc
-$cflags       = -mabi=n32 -mmips-as -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W
+$cflags       = -mabi=n32 -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W
 $unistd       = 
 $thread_cflag = -D_SGI_MP_SOURCE
 $sys_id       = 
 $lflags       = 
 $bn_ops       = MD2_CHAR RC4_INDEX RC4_CHAR RC4_CHUNK_LL DES_UNROLL DES_RISC2 DES_PTR BF_PTR SIXTY_FOUR_BIT
 $cpuid_obj    = 
-$bn_obj       = mips3.o
+$bn_obj       = bn-mips3.o
 $des_obj      = 
 $aes_obj      = 
 $bf_obj       = 
@@ -2557,6 +3181,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = void
 $dso_scheme   = dlfcn
 $shared_target= irix-shared
 $shared_cflag = 
@@ -2564,17 +3191,18 @@ $shared_ldflag = -mabi=n32
 $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
+$multilib     = 32
 
 *** irix64-mips4-cc
 $cc           = cc
-$cflags       = -64 -mips4 -O2 -use_readonly_const -DTERMIOS -DB_ENDIAN -DBN_DIV3W
+$cflags       = -64 -mips4 -O2 -use_readonly_const -G0 -rdata_shared -DTERMIOS -DB_ENDIAN -DBN_DIV3W
 $unistd       = 
 $thread_cflag = -D_SGI_MP_SOURCE
 $sys_id       = 
 $lflags       = 
 $bn_ops       = RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG
 $cpuid_obj    = 
-$bn_obj       = mips3.o
+$bn_obj       = bn-mips3.o
 $des_obj      = 
 $aes_obj      = 
 $bf_obj       = 
@@ -2584,6 +3212,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = void
 $dso_scheme   = dlfcn
 $shared_target= irix-shared
 $shared_cflag = 
@@ -2591,17 +3222,18 @@ $shared_ldflag = -64
 $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
+$multilib     = 64
 
 *** irix64-mips4-gcc
 $cc           = gcc
-$cflags       = -mabi=64 -mips4 -mmips-as -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W
+$cflags       = -mabi=64 -mips4 -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W
 $unistd       = 
 $thread_cflag = -D_SGI_MP_SOURCE
 $sys_id       = 
 $lflags       = 
 $bn_ops       = RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG
 $cpuid_obj    = 
-$bn_obj       = mips3.o
+$bn_obj       = bn-mips3.o
 $des_obj      = 
 $aes_obj      = 
 $bf_obj       = 
@@ -2611,6 +3243,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = void
 $dso_scheme   = dlfcn
 $shared_target= irix-shared
 $shared_cflag = 
@@ -2618,6 +3253,7 @@ $shared_ldflag = -mabi=64
 $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
+$multilib     = 64
 
 *** linux-alpha+bwx-ccc
 $cc           = ccc
@@ -2627,8 +3263,8 @@ $thread_cflag = -D_REENTRANT
 $sys_id       = 
 $lflags       = 
 $bn_ops       = SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL
-$cpuid_obj    = 
-$bn_obj       = 
+$cpuid_obj    = alphacpuid.o
+$bn_obj       = bn_asm.o alpha-mont.o
 $des_obj      = 
 $aes_obj      = 
 $bf_obj       = 
@@ -2638,6 +3274,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = void
 $dso_scheme   = 
 $shared_target= 
 $shared_cflag = 
@@ -2645,6 +3284,7 @@ $shared_ldflag =
 $shared_extension = 
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** linux-alpha+bwx-gcc
 $cc           = gcc
@@ -2654,8 +3294,8 @@ $thread_cflag = -D_REENTRANT
 $sys_id       = 
 $lflags       = -ldl
 $bn_ops       = SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL
-$cpuid_obj    = 
-$bn_obj       = 
+$cpuid_obj    = alphacpuid.o
+$bn_obj       = bn_asm.o alpha-mont.o
 $des_obj      = 
 $aes_obj      = 
 $bf_obj       = 
@@ -2665,6 +3305,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = void
 $dso_scheme   = dlfcn
 $shared_target= linux-shared
 $shared_cflag = -fPIC
@@ -2672,6 +3315,7 @@ $shared_ldflag =
 $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** linux-alpha-ccc
 $cc           = ccc
@@ -2681,8 +3325,8 @@ $thread_cflag = -D_REENTRANT
 $sys_id       = 
 $lflags       = 
 $bn_ops       = SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL
-$cpuid_obj    = 
-$bn_obj       = 
+$cpuid_obj    = alphacpuid.o
+$bn_obj       = bn_asm.o alpha-mont.o
 $des_obj      = 
 $aes_obj      = 
 $bf_obj       = 
@@ -2692,6 +3336,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = void
 $dso_scheme   = 
 $shared_target= 
 $shared_cflag = 
@@ -2699,6 +3346,7 @@ $shared_ldflag =
 $shared_extension = 
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** linux-alpha-gcc
 $cc           = gcc
@@ -2708,8 +3356,8 @@ $thread_cflag = -D_REENTRANT
 $sys_id       = 
 $lflags       = -ldl
 $bn_ops       = SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL
-$cpuid_obj    = 
-$bn_obj       = 
+$cpuid_obj    = alphacpuid.o
+$bn_obj       = bn_asm.o alpha-mont.o
 $des_obj      = 
 $aes_obj      = 
 $bf_obj       = 
@@ -2719,6 +3367,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = void
 $dso_scheme   = dlfcn
 $shared_target= linux-shared
 $shared_cflag = -fPIC
@@ -2726,26 +3377,30 @@ $shared_ldflag =
 $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** linux-aout
 $cc           = gcc
-$cflags       = -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall
+$cflags       = -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -march=i486 -Wall
 $unistd       = 
 $thread_cflag = (unknown)
 $sys_id       = 
 $lflags       = 
 $bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$cpuid_obj    = x86cpuid-out.o
-$bn_obj       = bn86-out.o co86-out.o
-$des_obj      = dx86-out.o yx86-out.o
-$aes_obj      = ax86-out.o
-$bf_obj       = bx86-out.o
-$md5_obj      = mx86-out.o
-$sha1_obj     = sx86-out.o s512sse2-out.o
-$cast_obj     = cx86-out.o
-$rc4_obj      = rx86-out.o
-$rmd160_obj   = rm86-out.o
-$rc5_obj      = r586-out.o
+$cpuid_obj    = x86cpuid.o
+$bn_obj       = bn-586.o co-586.o x86-mont.o
+$des_obj      = des-586.o crypt586.o
+$aes_obj      = aes-586.o aesni-x86.o
+$bf_obj       = bf-586.o
+$md5_obj      = md5-586.o
+$sha1_obj     = sha1-586.o sha256-586.o sha512-586.o
+$cast_obj     = cast-586.o
+$rc4_obj      = rc4-586.o
+$rmd160_obj   = rmd-586.o
+$rc5_obj      = rc5-586.o
+$wp_obj       = wp_block.o wp-mmx.o
+$cmll_obj     = cmll-x86.o
+$perlasm_scheme = a.out
 $dso_scheme   = 
 $shared_target= 
 $shared_cflag = 
@@ -2753,6 +3408,38 @@ $shared_ldflag =
 $shared_extension = 
 $ranlib       = 
 $arflags      = 
+$multilib     = 
+
+*** linux-armv4
+$cc           = gcc
+$cflags       = -DTERMIO -O3 -Wall
+$unistd       = 
+$thread_cflag = -D_REENTRANT
+$sys_id       = 
+$lflags       = -ldl
+$bn_ops       = BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR
+$cpuid_obj    = 
+$bn_obj       = bn_asm.o armv4-mont.o
+$des_obj      = 
+$aes_obj      = aes_cbc.o aes-armv4.o
+$bf_obj       = 
+$md5_obj      = 
+$sha1_obj     = sha1-armv4-large.o sha256-armv4.o sha512-armv4.o
+$cast_obj     = 
+$rc4_obj      = 
+$rmd160_obj   = 
+$rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = void
+$dso_scheme   = dlfcn
+$shared_target= linux-shared
+$shared_cflag = -fPIC
+$shared_ldflag = 
+$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
+$ranlib       = 
+$arflags      = 
+$multilib     = 
 
 *** linux-elf
 $cc           = gcc
@@ -2762,17 +3449,20 @@ $thread_cflag = -D_REENTRANT
 $sys_id       = 
 $lflags       = -ldl
 $bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$cpuid_obj    = x86cpuid-elf.o
-$bn_obj       = bn86-elf.o co86-elf.o
-$des_obj      = dx86-elf.o yx86-elf.o
-$aes_obj      = ax86-elf.o
-$bf_obj       = bx86-elf.o
-$md5_obj      = mx86-elf.o
-$sha1_obj     = sx86-elf.o s512sse2-elf.o
-$cast_obj     = cx86-elf.o
-$rc4_obj      = rx86-elf.o
-$rmd160_obj   = rm86-elf.o
-$rc5_obj      = r586-elf.o
+$cpuid_obj    = x86cpuid.o
+$bn_obj       = bn-586.o co-586.o x86-mont.o
+$des_obj      = des-586.o crypt586.o
+$aes_obj      = aes-586.o aesni-x86.o
+$bf_obj       = bf-586.o
+$md5_obj      = md5-586.o
+$sha1_obj     = sha1-586.o sha256-586.o sha512-586.o
+$cast_obj     = cast-586.o
+$rc4_obj      = rc4-586.o
+$rmd160_obj   = rmd-586.o
+$rc5_obj      = rc5-586.o
+$wp_obj       = wp_block.o wp-mmx.o
+$cmll_obj     = cmll-x86.o
+$perlasm_scheme = elf
 $dso_scheme   = dlfcn
 $shared_target= linux-shared
 $shared_cflag = -fPIC
@@ -2780,6 +3470,7 @@ $shared_ldflag =
 $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** linux-generic32
 $cc           = gcc
@@ -2800,6 +3491,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = void
 $dso_scheme   = dlfcn
 $shared_target= linux-shared
 $shared_cflag = -fPIC
@@ -2807,6 +3501,7 @@ $shared_ldflag =
 $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** linux-generic64
 $cc           = gcc
@@ -2827,6 +3522,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = void
 $dso_scheme   = dlfcn
 $shared_target= linux-shared
 $shared_cflag = -fPIC
@@ -2834,6 +3532,7 @@ $shared_ldflag =
 $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** linux-ia32-icc
 $cc           = icc
@@ -2843,17 +3542,20 @@ $thread_cflag = -D_REENTRANT
 $sys_id       = 
 $lflags       = -ldl
 $bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$cpuid_obj    = x86cpuid-elf.o
-$bn_obj       = bn86-elf.o co86-elf.o
-$des_obj      = dx86-elf.o yx86-elf.o
-$aes_obj      = ax86-elf.o
-$bf_obj       = bx86-elf.o
-$md5_obj      = mx86-elf.o
-$sha1_obj     = sx86-elf.o s512sse2-elf.o
-$cast_obj     = cx86-elf.o
-$rc4_obj      = rx86-elf.o
-$rmd160_obj   = rm86-elf.o
-$rc5_obj      = r586-elf.o
+$cpuid_obj    = x86cpuid.o
+$bn_obj       = bn-586.o co-586.o x86-mont.o
+$des_obj      = des-586.o crypt586.o
+$aes_obj      = aes-586.o aesni-x86.o
+$bf_obj       = bf-586.o
+$md5_obj      = md5-586.o
+$sha1_obj     = sha1-586.o sha256-586.o sha512-586.o
+$cast_obj     = cast-586.o
+$rc4_obj      = rc4-586.o
+$rmd160_obj   = rmd-586.o
+$rc5_obj      = rc5-586.o
+$wp_obj       = wp_block.o wp-mmx.o
+$cmll_obj     = cmll-x86.o
+$perlasm_scheme = elf
 $dso_scheme   = dlfcn
 $shared_target= linux-shared
 $shared_cflag = -KPIC
@@ -2861,6 +3563,7 @@ $shared_ldflag =
 $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** linux-ia64
 $cc           = gcc
@@ -2869,18 +3572,21 @@ $unistd       =
 $thread_cflag = -D_REENTRANT
 $sys_id       = 
 $lflags       = -ldl
-$bn_ops       = SIXTY_FOUR_BIT_LONG RC4_CHUNK
-$cpuid_obj    = 
-$bn_obj       = ia64.o
+$bn_ops       = SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_INT
+$cpuid_obj    = ia64cpuid.o
+$bn_obj       = bn-ia64.o ia64-mont.o
 $des_obj      = 
 $aes_obj      = aes_core.o aes_cbc.o aes-ia64.o
 $bf_obj       = 
-$md5_obj      = 
+$md5_obj      = md5-ia64.o
 $sha1_obj     = sha1-ia64.o sha256-ia64.o sha512-ia64.o
 $cast_obj     = 
-$rc4_obj      = rc4-ia64.o
+$rc4_obj      = rc4-ia64.o rc4_skey.o
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = void
 $dso_scheme   = dlfcn
 $shared_target= linux-shared
 $shared_cflag = -fPIC
@@ -2888,6 +3594,7 @@ $shared_ldflag =
 $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** linux-ia64-ecc
 $cc           = ecc
@@ -2896,18 +3603,52 @@ $unistd       =
 $thread_cflag = -D_REENTRANT
 $sys_id       = 
 $lflags       = -ldl
-$bn_ops       = SIXTY_FOUR_BIT_LONG RC4_CHUNK
-$cpuid_obj    = 
-$bn_obj       = ia64.o
+$bn_ops       = SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT
+$cpuid_obj    = ia64cpuid.o
+$bn_obj       = bn-ia64.o ia64-mont.o
 $des_obj      = 
 $aes_obj      = aes_core.o aes_cbc.o aes-ia64.o
 $bf_obj       = 
-$md5_obj      = 
+$md5_obj      = md5-ia64.o
+$sha1_obj     = sha1-ia64.o sha256-ia64.o sha512-ia64.o
+$cast_obj     = 
+$rc4_obj      = rc4-ia64.o rc4_skey.o
+$rmd160_obj   = 
+$rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = void
+$dso_scheme   = dlfcn
+$shared_target= linux-shared
+$shared_cflag = -fPIC
+$shared_ldflag = 
+$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
+$ranlib       = 
+$arflags      = 
+$multilib     = 
+
+*** linux-ia64-icc
+$cc           = icc
+$cflags       = -DL_ENDIAN -DTERMIO -O2 -Wall -no_cpprt
+$unistd       = 
+$thread_cflag = -D_REENTRANT
+$sys_id       = 
+$lflags       = -ldl
+$bn_ops       = SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_INT
+$cpuid_obj    = ia64cpuid.o
+$bn_obj       = bn-ia64.o ia64-mont.o
+$des_obj      = 
+$aes_obj      = aes_core.o aes_cbc.o aes-ia64.o
+$bf_obj       = 
+$md5_obj      = md5-ia64.o
 $sha1_obj     = sha1-ia64.o sha256-ia64.o sha512-ia64.o
 $cast_obj     = 
-$rc4_obj      = rc4-ia64.o
+$rc4_obj      = rc4-ia64.o rc4_skey.o
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = void
 $dso_scheme   = dlfcn
 $shared_target= linux-shared
 $shared_cflag = -fPIC
@@ -2915,6 +3656,7 @@ $shared_ldflag =
 $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** linux-ppc
 $cc           = gcc
@@ -2924,17 +3666,20 @@ $thread_cflag = -D_REENTRANT
 $sys_id       = 
 $lflags       = -ldl
 $bn_ops       = BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL
-$cpuid_obj    = 
-$bn_obj       = linux_ppc32.o
+$cpuid_obj    = ppccpuid.o ppccap.o
+$bn_obj       = bn-ppc.o ppc-mont.o ppc64-mont.o
 $des_obj      = 
-$aes_obj      = 
+$aes_obj      = aes_core.o aes_cbc.o aes-ppc.o
 $bf_obj       = 
 $md5_obj      = 
-$sha1_obj     = 
+$sha1_obj     = sha1-ppc.o sha256-ppc.o
 $cast_obj     = 
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = linux32
 $dso_scheme   = dlfcn
 $shared_target= linux-shared
 $shared_cflag = -fPIC
@@ -2942,33 +3687,69 @@ $shared_ldflag =
 $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** linux-ppc64
 $cc           = gcc
-$cflags       = -bpowerpc64-linux -DB_ENDIAN -DTERMIO -O3 -Wall
+$cflags       = -m64 -DB_ENDIAN -DTERMIO -O3 -Wall
 $unistd       = 
 $thread_cflag = -D_REENTRANT
 $sys_id       = 
 $lflags       = -ldl
 $bn_ops       = SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL
-$cpuid_obj    = 
-$bn_obj       = linux_ppc64.o
+$cpuid_obj    = ppccpuid.o ppccap.o
+$bn_obj       = bn-ppc.o ppc-mont.o ppc64-mont.o
 $des_obj      = 
-$aes_obj      = 
+$aes_obj      = aes_core.o aes_cbc.o aes-ppc.o
 $bf_obj       = 
 $md5_obj      = 
-$sha1_obj     = 
+$sha1_obj     = sha1-ppc.o sha256-ppc.o sha512-ppc.o
 $cast_obj     = 
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = linux64
 $dso_scheme   = dlfcn
 $shared_target= linux-shared
 $shared_cflag = -fPIC
-$shared_ldflag = -bpowerpc64-linux
+$shared_ldflag = -m64
 $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
+$multilib     = 64
+
+*** linux-s390x
+$cc           = gcc
+$cflags       = -m64 -DB_ENDIAN -DTERMIO -O3 -Wall
+$unistd       = 
+$thread_cflag = -D_REENTRANT
+$sys_id       = 
+$lflags       = -ldl
+$bn_ops       = SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL
+$cpuid_obj    = s390xcap.o s390xcpuid.o
+$bn_obj       = bn-s390x.o s390x-mont.o
+$des_obj      = 
+$aes_obj      = aes-s390x.o
+$bf_obj       = 
+$md5_obj      = 
+$sha1_obj     = sha1-s390x.o sha256-s390x.o sha512-s390x.o
+$cast_obj     = 
+$rc4_obj      = rc4-s390x.o
+$rmd160_obj   = 
+$rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = void
+$dso_scheme   = dlfcn
+$shared_target= linux-shared
+$shared_cflag = -fPIC
+$shared_ldflag = -m64
+$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
+$ranlib       = 
+$arflags      = 
+$multilib     = 64
 
 *** linux-sparcv8
 $cc           = gcc
@@ -2989,6 +3770,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = void
 $dso_scheme   = dlfcn
 $shared_target= linux-shared
 $shared_cflag = -fPIC
@@ -2996,6 +3780,7 @@ $shared_ldflag =
 $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** linux-sparcv9
 $cc           = gcc
@@ -3005,17 +3790,20 @@ $thread_cflag = -D_REENTRANT
 $sys_id       = ULTRASPARC
 $lflags       = -ldl
 $bn_ops       = BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR
-$cpuid_obj    = 
-$bn_obj       = sparcv8plus.o
+$cpuid_obj    = sparcv9cap.o sparccpuid.o
+$bn_obj       = bn-sparcv9.o sparcv9-mont.o sparcv9a-mont.o
 $des_obj      = des_enc-sparc.o fcrypt_b.o
-$aes_obj      = 
+$aes_obj      = aes_core.o aes_cbc.o aes-sparcv9.o
 $bf_obj       = 
-$md5_obj      = md5-sparcv8plus.o
-$sha1_obj     = 
+$md5_obj      = 
+$sha1_obj     = sha1-sparcv9.o sha256-sparcv9.o sha512-sparcv9.o
 $cast_obj     = 
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = void
 $dso_scheme   = dlfcn
 $shared_target= linux-shared
 $shared_cflag = -fPIC
@@ -3023,6 +3811,7 @@ $shared_ldflag = -m32
 $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** linux-x86_64
 $cc           = gcc
@@ -3031,18 +3820,21 @@ $unistd       =
 $thread_cflag = -D_REENTRANT
 $sys_id       = 
 $lflags       = -ldl
-$bn_ops       = SIXTY_FOUR_BIT_LONG RC4_CHUNK BF_PTR2 DES_INT DES_UNROLL
-$cpuid_obj    = amd64cpuid.o
-$bn_obj       = x86_64-gcc.o
+$bn_ops       = SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL
+$cpuid_obj    = x86_64cpuid.o
+$bn_obj       = x86_64-gcc.o x86_64-mont.o
 $des_obj      = 
-$aes_obj      = 
+$aes_obj      = aes-x86_64.o aesni-x86_64.o
 $bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
+$md5_obj      = md5-x86_64.o
+$sha1_obj     = sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o
 $cast_obj     = 
-$rc4_obj      = rc4-amd64.o
+$rc4_obj      = rc4-x86_64.o
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = wp-x86_64.o
+$cmll_obj     = cmll-x86_64.o cmll_misc.o
+$perlasm_scheme = elf
 $dso_scheme   = dlfcn
 $shared_target= linux-shared
 $shared_cflag = -fPIC
@@ -3050,6 +3842,7 @@ $shared_ldflag = -m64
 $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
+$multilib     = 64
 
 *** linux64-sparcv9
 $cc           = gcc
@@ -3058,18 +3851,21 @@ $unistd       =
 $thread_cflag = -D_REENTRANT
 $sys_id       = ULTRASPARC
 $lflags       = -ldl
-$bn_ops       = SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR
-$cpuid_obj    = 
-$bn_obj       = 
+$bn_ops       = BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR
+$cpuid_obj    = sparcv9cap.o sparccpuid.o
+$bn_obj       = bn-sparcv9.o sparcv9-mont.o sparcv9a-mont.o
 $des_obj      = des_enc-sparc.o fcrypt_b.o
-$aes_obj      = 
+$aes_obj      = aes_core.o aes_cbc.o aes-sparcv9.o
 $bf_obj       = 
-$md5_obj      = md5-sparcv9.o
-$sha1_obj     = 
+$md5_obj      = 
+$sha1_obj     = sha1-sparcv9.o sha256-sparcv9.o sha512-sparcv9.o
 $cast_obj     = 
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = void
 $dso_scheme   = dlfcn
 $shared_target= linux-shared
 $shared_cflag = -fPIC
@@ -3077,33 +3873,69 @@ $shared_ldflag = -m64
 $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
+$multilib     = 64
 
 *** mingw
 $cc           = gcc
-$cflags       = -mno-cygwin -DL_ENDIAN -fomit-frame-pointer -O3 -march=i486 -Wall
+$cflags       = -mno-cygwin -DL_ENDIAN -DWIN32_LEAN_AND_MEAN -fomit-frame-pointer -O3 -march=i486 -Wall
 $unistd       = 
 $thread_cflag = 
 $sys_id       = MINGW32
-$lflags       = -mno-cygwin -lwsock32 -lgdi32
-$bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$cpuid_obj    = x86cpuid-cof.o
-$bn_obj       = bn86-cof.o co86-cof.o
-$des_obj      = dx86-cof.o yx86-cof.o
-$aes_obj      = ax86-cof.o
-$bf_obj       = bx86-cof.o
-$md5_obj      = mx86-cof.o
-$sha1_obj     = sx86-cof.o s512sse2-cof.o
-$cast_obj     = cx86-cof.o
-$rc4_obj      = rx86-cof.o
-$rmd160_obj   = /rm86-cof.o
-$rc5_obj      = r586-cof.o
+$lflags       = -lws2_32 -lgdi32 -lcrypt32
+$bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT EXPORT_VAR_AS_FN
+$cpuid_obj    = x86cpuid.o
+$bn_obj       = bn-586.o co-586.o x86-mont.o
+$des_obj      = des-586.o crypt586.o
+$aes_obj      = aes-586.o aesni-x86.o
+$bf_obj       = bf-586.o
+$md5_obj      = md5-586.o
+$sha1_obj     = sha1-586.o sha256-586.o sha512-586.o
+$cast_obj     = cast-586.o
+$rc4_obj      = rc4-586.o
+$rmd160_obj   = rmd-586.o
+$rc5_obj      = rc5-586.o
+$wp_obj       = wp_block.o wp-mmx.o
+$cmll_obj     = cmll-x86.o
+$perlasm_scheme = coff
 $dso_scheme   = win32
 $shared_target= cygwin-shared
-$shared_cflag = -D_DLL
-$shared_ldflag = -shared
-$shared_extension = .dll
+$shared_cflag = -D_WINDLL -DOPENSSL_USE_APPLINK
+$shared_ldflag = -mno-cygwin
+$shared_extension = .dll.a
 $ranlib       = 
 $arflags      = 
+$multilib     = 
+
+*** mingw64
+$cc           = gcc
+$cflags       = -mno-cygwin -DL_ENDIAN -O3 -Wall -DWIN32_LEAN_AND_MEAN -DUNICODE -D_UNICODE
+$unistd       = 
+$thread_cflag = 
+$sys_id       = MINGW64
+$lflags       = -lws2_32 -lgdi32 -lcrypt32
+$bn_ops       = SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN
+$cpuid_obj    = x86_64cpuid.o
+$bn_obj       = x86_64-gcc.o x86_64-mont.o
+$des_obj      = 
+$aes_obj      = aes-x86_64.o aesni-x86_64.o
+$bf_obj       = 
+$md5_obj      = md5-x86_64.o
+$sha1_obj     = sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o
+$cast_obj     = 
+$rc4_obj      = rc4-x86_64.o
+$rmd160_obj   = 
+$rc5_obj      = 
+$wp_obj       = wp-x86_64.o
+$cmll_obj     = cmll-x86_64.o cmll_misc.o
+$perlasm_scheme = mingw64
+$dso_scheme   = win32
+$shared_target= cygwin-shared
+$shared_cflag = -D_WINDLL
+$shared_ldflag = -mno-cygwin
+$shared_extension = .dll.a
+$ranlib       = 
+$arflags      = 
+$multilib     = 
 
 *** ncr-scde
 $cc           = cc
@@ -3124,6 +3956,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = 
 $dso_scheme   = 
 $shared_target= 
 $shared_cflag = 
@@ -3131,6 +3966,7 @@ $shared_ldflag =
 $shared_extension = 
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** netware-clib
 $cc           = mwccnlm
@@ -3138,8 +3974,101 @@ $cflags       =
 $unistd       = 
 $thread_cflag = 
 $sys_id       = 
-$lflags       = RC4_INDEX MD2_INT
-$bn_ops       = 
+$lflags       = 
+$bn_ops       = RC4_INDEX MD2_INT
+$cpuid_obj    = 
+$bn_obj       = 
+$des_obj      = 
+$aes_obj      = 
+$bf_obj       = 
+$md5_obj      = 
+$sha1_obj     = 
+$cast_obj     = 
+$rc4_obj      = 
+$rmd160_obj   = 
+$rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = 
+$dso_scheme   = 
+$shared_target= 
+$shared_cflag = 
+$shared_ldflag = 
+$shared_extension = 
+$ranlib       = 
+$arflags      = 
+$multilib     = 
+
+*** netware-clib-bsdsock
+$cc           = mwccnlm
+$cflags       = 
+$unistd       = 
+$thread_cflag = 
+$sys_id       = 
+$lflags       = 
+$bn_ops       = RC4_INDEX MD2_INT
+$cpuid_obj    = 
+$bn_obj       = 
+$des_obj      = 
+$aes_obj      = 
+$bf_obj       = 
+$md5_obj      = 
+$sha1_obj     = 
+$cast_obj     = 
+$rc4_obj      = 
+$rmd160_obj   = 
+$rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = 
+$dso_scheme   = 
+$shared_target= 
+$shared_cflag = 
+$shared_ldflag = 
+$shared_extension = 
+$ranlib       = 
+$arflags      = 
+$multilib     = 
+
+*** netware-clib-bsdsock-gcc
+$cc           = i586-netware-gcc
+$cflags       = -nostdinc -I/ndk/nwsdk/include/nlm -DNETWARE_BSDSOCK -DNETDB_USE_INTERNET -DL_ENDIAN -DNETWARE_CLIB -DOPENSSL_SYSNAME_NETWARE -O2 -Wall
+$unistd       = 
+$thread_cflag = 
+$sys_id       = 
+$lflags       = 
+$bn_ops       = RC4_INDEX MD2_INT
+$cpuid_obj    = 
+$bn_obj       = 
+$des_obj      = 
+$aes_obj      = 
+$bf_obj       = 
+$md5_obj      = 
+$sha1_obj     = 
+$cast_obj     = 
+$rc4_obj      = 
+$rmd160_obj   = 
+$rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = 
+$dso_scheme   = 
+$shared_target= 
+$shared_cflag = 
+$shared_ldflag = 
+$shared_extension = 
+$ranlib       = 
+$arflags      = 
+$multilib     = 
+
+*** netware-clib-gcc
+$cc           = i586-netware-gcc
+$cflags       = -nostdinc -I/ndk/nwsdk/include/nlm -I/ndk/ws295sdk/include -DL_ENDIAN -DNETWARE_CLIB -DOPENSSL_SYSNAME_NETWARE -O2 -Wall
+$unistd       = 
+$thread_cflag = 
+$sys_id       = 
+$lflags       = 
+$bn_ops       = RC4_INDEX MD2_INT
 $cpuid_obj    = 
 $bn_obj       = 
 $des_obj      = 
@@ -3151,6 +4080,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = 
 $dso_scheme   = 
 $shared_target= 
 $shared_cflag = 
@@ -3158,6 +4090,7 @@ $shared_ldflag =
 $shared_extension = 
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** netware-libc
 $cc           = mwccnlm
@@ -3165,8 +4098,8 @@ $cflags       =
 $unistd       = 
 $thread_cflag = 
 $sys_id       = 
-$lflags       = BN_LLONG RC4_INDEX MD2_INT
-$bn_ops       = 
+$lflags       = 
+$bn_ops       = BN_LLONG RC4_INDEX MD2_INT
 $cpuid_obj    = 
 $bn_obj       = 
 $des_obj      = 
@@ -3178,6 +4111,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = 
 $dso_scheme   = 
 $shared_target= 
 $shared_cflag = 
@@ -3185,6 +4121,69 @@ $shared_ldflag =
 $shared_extension = 
 $ranlib       = 
 $arflags      = 
+$multilib     = 
+
+*** netware-libc-bsdsock
+$cc           = mwccnlm
+$cflags       = 
+$unistd       = 
+$thread_cflag = 
+$sys_id       = 
+$lflags       = 
+$bn_ops       = BN_LLONG RC4_INDEX MD2_INT
+$cpuid_obj    = 
+$bn_obj       = 
+$des_obj      = 
+$aes_obj      = 
+$bf_obj       = 
+$md5_obj      = 
+$sha1_obj     = 
+$cast_obj     = 
+$rc4_obj      = 
+$rmd160_obj   = 
+$rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = 
+$dso_scheme   = 
+$shared_target= 
+$shared_cflag = 
+$shared_ldflag = 
+$shared_extension = 
+$ranlib       = 
+$arflags      = 
+$multilib     = 
+
+*** netware-libc-bsdsock-gcc
+$cc           = i586-netware-gcc
+$cflags       = -nostdinc -I/ndk/libc/include -DNETWARE_BSDSOCK -DL_ENDIAN -DNETWARE_LIBC -DOPENSSL_SYSNAME_NETWARE -DTERMIO -O2 -Wall
+$unistd       = 
+$thread_cflag = 
+$sys_id       = 
+$lflags       = 
+$bn_ops       = BN_LLONG RC4_INDEX MD2_INT
+$cpuid_obj    = 
+$bn_obj       = 
+$des_obj      = 
+$aes_obj      = 
+$bf_obj       = 
+$md5_obj      = 
+$sha1_obj     = 
+$cast_obj     = 
+$rc4_obj      = 
+$rmd160_obj   = 
+$rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = 
+$dso_scheme   = 
+$shared_target= 
+$shared_cflag = 
+$shared_ldflag = 
+$shared_extension = 
+$ranlib       = 
+$arflags      = 
+$multilib     = 
 
 *** netware-libc-gcc
 $cc           = i586-netware-gcc
@@ -3192,8 +4191,8 @@ $cflags       = -nostdinc -I/ndk/libc/include -I/ndk/libc/include/winsock -DL_EN
 $unistd       = 
 $thread_cflag = 
 $sys_id       = 
-$lflags       = RC4_INDEX MD2_INT
-$bn_ops       = 
+$lflags       = 
+$bn_ops       = BN_LLONG RC4_INDEX MD2_INT
 $cpuid_obj    = 
 $bn_obj       = 
 $des_obj      = 
@@ -3205,6 +4204,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = 
 $dso_scheme   = 
 $shared_target= 
 $shared_cflag = 
@@ -3212,6 +4214,7 @@ $shared_ldflag =
 $shared_extension = 
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** newsos4-gcc
 $cc           = gcc
@@ -3232,6 +4235,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = 
 $dso_scheme   = 
 $shared_target= 
 $shared_cflag = 
@@ -3239,6 +4245,7 @@ $shared_ldflag =
 $shared_extension = 
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** nextstep
 $cc           = cc
@@ -3259,6 +4266,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = 
 $dso_scheme   = 
 $shared_target= 
 $shared_cflag = 
@@ -3266,6 +4276,7 @@ $shared_ldflag =
 $shared_extension = 
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** nextstep3.3
 $cc           = cc
@@ -3286,6 +4297,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = 
 $dso_scheme   = 
 $shared_target= 
 $shared_cflag = 
@@ -3293,8 +4307,9 @@ $shared_ldflag =
 $shared_extension = 
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
-*** ofs1-alpha-cc
+*** osf1-alpha-cc
 $cc           = cc
 $cflags       = -std1 -tune host -O4 -readonly_strings
 $unistd       = 
@@ -3302,8 +4317,8 @@ $thread_cflag = (unknown)
 $sys_id       = 
 $lflags       = 
 $bn_ops       = SIXTY_FOUR_BIT_LONG RC4_CHUNK
-$cpuid_obj    = 
-$bn_obj       = 
+$cpuid_obj    = alphacpuid.o
+$bn_obj       = bn_asm.o alpha-mont.o
 $des_obj      = 
 $aes_obj      = 
 $bf_obj       = 
@@ -3313,6 +4328,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = void
 $dso_scheme   = dlfcn
 $shared_target= alpha-osf1-shared
 $shared_cflag = 
@@ -3320,6 +4338,7 @@ $shared_ldflag =
 $shared_extension = .so
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** osf1-alpha-gcc
 $cc           = gcc
@@ -3329,8 +4348,8 @@ $thread_cflag = (unknown)
 $sys_id       = 
 $lflags       = 
 $bn_ops       = SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_RISC1
-$cpuid_obj    = 
-$bn_obj       = 
+$cpuid_obj    = alphacpuid.o
+$bn_obj       = bn_asm.o alpha-mont.o
 $des_obj      = 
 $aes_obj      = 
 $bf_obj       = 
@@ -3340,6 +4359,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = void
 $dso_scheme   = dlfcn
 $shared_target= alpha-osf1-shared
 $shared_cflag = 
@@ -3347,6 +4369,7 @@ $shared_ldflag =
 $shared_extension = .so
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** purify
 $cc           = purify gcc
@@ -3367,6 +4390,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = 
 $dso_scheme   = 
 $shared_target= 
 $shared_cflag = 
@@ -3374,6 +4400,7 @@ $shared_ldflag =
 $shared_extension = 
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** qnx4
 $cc           = cc
@@ -3394,6 +4421,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = 
 $dso_scheme   = 
 $shared_target= 
 $shared_cflag = 
@@ -3401,33 +4431,7 @@ $shared_ldflag =
 $shared_extension = 
 $ranlib       = 
 $arflags      = 
-
-*** qnx6
-$cc           = cc
-$cflags       = -DL_ENDIAN -DTERMIOS
-$unistd       = 
-$thread_cflag = (unknown)
-$sys_id       = 
-$lflags       = -lsocket
-$bn_ops       = DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$cpuid_obj    = 
-$bn_obj       = 
-$des_obj      = 
-$aes_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-$shared_ldflag = 
-$shared_extension = 
-$ranlib       = 
-$arflags      = 
+$multilib     = 
 
 *** rhapsody-ppc-cc
 $cc           = cc
@@ -3448,6 +4452,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = void
 $dso_scheme   = 
 $shared_target= 
 $shared_cflag = 
@@ -3455,33 +4462,7 @@ $shared_ldflag =
 $shared_extension = 
 $ranlib       = 
 $arflags      = 
-
-*** sco3-gcc
-$cc           = gcc
-$cflags       = -O3 -fomit-frame-pointer -Dssize_t=int -DNO_SYS_UN_H
-$unistd       = 
-$thread_cflag = (unknown)
-$sys_id       = 
-$lflags       = -lsocket
-$bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$cpuid_obj    = 
-$bn_obj       = 
-$des_obj      = 
-$aes_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-$shared_ldflag = 
-$shared_extension = 
-$ranlib       = 
-$arflags      = 
+$multilib     = 
 
 *** sco5-cc
 $cc           = cc
@@ -3491,17 +4472,20 @@ $thread_cflag = (unknown)
 $sys_id       = 
 $lflags       = -lsocket -lnsl
 $bn_ops       = DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$cpuid_obj    = x86cpuid-elf.o
-$bn_obj       = bn86-elf.o co86-elf.o
-$des_obj      = dx86-elf.o yx86-elf.o
-$aes_obj      = ax86-elf.o
-$bf_obj       = bx86-elf.o
-$md5_obj      = mx86-elf.o
-$sha1_obj     = sx86-elf.o s512sse2-elf.o
-$cast_obj     = cx86-elf.o
-$rc4_obj      = rx86-elf.o
-$rmd160_obj   = rm86-elf.o
-$rc5_obj      = r586-elf.o
+$cpuid_obj    = x86cpuid.o
+$bn_obj       = bn-586.o co-586.o x86-mont.o
+$des_obj      = des-586.o crypt586.o
+$aes_obj      = aes-586.o aesni-x86.o
+$bf_obj       = bf-586.o
+$md5_obj      = md5-586.o
+$sha1_obj     = sha1-586.o sha256-586.o sha512-586.o
+$cast_obj     = cast-586.o
+$rc4_obj      = rc4-586.o
+$rmd160_obj   = rmd-586.o
+$rc5_obj      = rc5-586.o
+$wp_obj       = wp_block.o wp-mmx.o
+$cmll_obj     = cmll-x86.o
+$perlasm_scheme = elf
 $dso_scheme   = dlfcn
 $shared_target= svr3-shared
 $shared_cflag = -Kpic
@@ -3509,6 +4493,7 @@ $shared_ldflag =
 $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** sco5-gcc
 $cc           = gcc
@@ -3518,17 +4503,20 @@ $thread_cflag = (unknown)
 $sys_id       = 
 $lflags       = -lsocket -lnsl
 $bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$cpuid_obj    = x86cpuid-elf.o
-$bn_obj       = bn86-elf.o co86-elf.o
-$des_obj      = dx86-elf.o yx86-elf.o
-$aes_obj      = ax86-elf.o
-$bf_obj       = bx86-elf.o
-$md5_obj      = mx86-elf.o
-$sha1_obj     = sx86-elf.o s512sse2-elf.o
-$cast_obj     = cx86-elf.o
-$rc4_obj      = rx86-elf.o
-$rmd160_obj   = rm86-elf.o
-$rc5_obj      = r586-elf.o
+$cpuid_obj    = x86cpuid.o
+$bn_obj       = bn-586.o co-586.o x86-mont.o
+$des_obj      = des-586.o crypt586.o
+$aes_obj      = aes-586.o aesni-x86.o
+$bf_obj       = bf-586.o
+$md5_obj      = md5-586.o
+$sha1_obj     = sha1-586.o sha256-586.o sha512-586.o
+$cast_obj     = cast-586.o
+$rc4_obj      = rc4-586.o
+$rmd160_obj   = rmd-586.o
+$rc5_obj      = rc5-586.o
+$wp_obj       = wp_block.o wp-mmx.o
+$cmll_obj     = cmll-x86.o
+$perlasm_scheme = elf
 $dso_scheme   = dlfcn
 $shared_target= svr3-shared
 $shared_cflag = -fPIC
@@ -3536,6 +4524,7 @@ $shared_ldflag =
 $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** solaris-sparcv7-cc
 $cc           = cc
@@ -3556,13 +4545,17 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = void
 $dso_scheme   = dlfcn
 $shared_target= solaris-shared
 $shared_cflag = -KPIC
-$shared_ldflag = 
+$shared_ldflag = -G -dy -z text
 $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** solaris-sparcv7-gcc
 $cc           = gcc
@@ -3583,6 +4576,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = void
 $dso_scheme   = dlfcn
 $shared_target= solaris-shared
 $shared_cflag = -fPIC
@@ -3590,6 +4586,7 @@ $shared_ldflag = -shared
 $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** solaris-sparcv8-cc
 $cc           = cc
@@ -3610,13 +4607,17 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = void
 $dso_scheme   = dlfcn
 $shared_target= solaris-shared
 $shared_cflag = -KPIC
-$shared_ldflag = 
+$shared_ldflag = -G -dy -z text
 $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** solaris-sparcv8-gcc
 $cc           = gcc
@@ -3637,6 +4638,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = void
 $dso_scheme   = dlfcn
 $shared_target= solaris-shared
 $shared_cflag = -fPIC
@@ -3644,6 +4648,7 @@ $shared_ldflag = -shared
 $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** solaris-sparcv9-cc
 $cc           = cc
@@ -3653,24 +4658,28 @@ $thread_cflag = -D_REENTRANT
 $sys_id       = ULTRASPARC
 $lflags       = -lsocket -lnsl -ldl
 $bn_ops       = BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR
-$cpuid_obj    = 
-$bn_obj       = sparcv8plus.o
+$cpuid_obj    = sparcv9cap.o sparccpuid.o
+$bn_obj       = bn-sparcv9.o sparcv9-mont.o sparcv9a-mont.o
 $des_obj      = des_enc-sparc.o fcrypt_b.o
-$aes_obj      = 
+$aes_obj      = aes_core.o aes_cbc.o aes-sparcv9.o
 $bf_obj       = 
-$md5_obj      = md5-sparcv8plus.o
-$sha1_obj     = 
+$md5_obj      = 
+$sha1_obj     = sha1-sparcv9.o sha256-sparcv9.o sha512-sparcv9.o
 $cast_obj     = 
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = void
 $dso_scheme   = dlfcn
 $shared_target= solaris-shared
 $shared_cflag = -KPIC
-$shared_ldflag = 
+$shared_ldflag = -G -dy -z text
 $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** solaris-sparcv9-gcc
 $cc           = gcc
@@ -3680,17 +4689,20 @@ $thread_cflag = -D_REENTRANT
 $sys_id       = ULTRASPARC
 $lflags       = -lsocket -lnsl -ldl
 $bn_ops       = BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR
-$cpuid_obj    = 
-$bn_obj       = sparcv8plus.o
+$cpuid_obj    = sparcv9cap.o sparccpuid.o
+$bn_obj       = bn-sparcv9.o sparcv9-mont.o sparcv9a-mont.o
 $des_obj      = des_enc-sparc.o fcrypt_b.o
-$aes_obj      = 
+$aes_obj      = aes_core.o aes_cbc.o aes-sparcv9.o
 $bf_obj       = 
-$md5_obj      = md5-sparcv8plus.o
-$sha1_obj     = 
+$md5_obj      = 
+$sha1_obj     = sha1-sparcv9.o sha256-sparcv9.o sha512-sparcv9.o
 $cast_obj     = 
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = void
 $dso_scheme   = dlfcn
 $shared_target= solaris-shared
 $shared_cflag = -fPIC
@@ -3698,6 +4710,7 @@ $shared_ldflag = -shared
 $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** solaris-x86-cc
 $cc           = cc
@@ -3718,33 +4731,40 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = void
 $dso_scheme   = dlfcn
 $shared_target= solaris-shared
 $shared_cflag = -KPIC
-$shared_ldflag = 
+$shared_ldflag = -G -dy -z text
 $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** solaris-x86-gcc
 $cc           = gcc
-$cflags       = -O3 -fomit-frame-pointer -m486 -Wall -DL_ENDIAN -DOPENSSL_NO_INLINE_ASM
+$cflags       = -O3 -fomit-frame-pointer -march=pentium -Wall -DL_ENDIAN -DOPENSSL_NO_INLINE_ASM
 $unistd       = 
 $thread_cflag = -D_REENTRANT
 $sys_id       = 
 $lflags       = -lsocket -lnsl -ldl
 $bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$cpuid_obj    = x86cpuid-elf.o
-$bn_obj       = bn86-elf.o co86-elf.o
-$des_obj      = dx86-elf.o yx86-elf.o
-$aes_obj      = ax86-elf.o
-$bf_obj       = bx86-elf.o
-$md5_obj      = mx86-elf.o
-$sha1_obj     = sx86-elf.o s512sse2-elf.o
-$cast_obj     = cx86-elf.o
-$rc4_obj      = rx86-elf.o
-$rmd160_obj   = rm86-elf.o
-$rc5_obj      = r586-elf.o
+$cpuid_obj    = x86cpuid.o
+$bn_obj       = bn-586.o co-586.o x86-mont.o
+$des_obj      = des-586.o crypt586.o
+$aes_obj      = aes-586.o aesni-x86.o
+$bf_obj       = bf-586.o
+$md5_obj      = md5-586.o
+$sha1_obj     = sha1-586.o sha256-586.o sha512-586.o
+$cast_obj     = cast-586.o
+$rc4_obj      = rc4-586.o
+$rmd160_obj   = rmd-586.o
+$rc5_obj      = rc5-586.o
+$wp_obj       = wp_block.o wp-mmx.o
+$cmll_obj     = cmll-x86.o
+$perlasm_scheme = elf
 $dso_scheme   = dlfcn
 $shared_target= solaris-shared
 $shared_cflag = -fPIC
@@ -3752,6 +4772,7 @@ $shared_ldflag = -shared
 $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** solaris64-sparcv9-cc
 $cc           = cc
@@ -3760,25 +4781,29 @@ $unistd       =
 $thread_cflag = -D_REENTRANT
 $sys_id       = ULTRASPARC
 $lflags       = -lsocket -lnsl -ldl
-$bn_ops       = SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR
-$cpuid_obj    = 
-$bn_obj       = 
+$bn_ops       = BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR
+$cpuid_obj    = sparcv9cap.o sparccpuid.o
+$bn_obj       = bn-sparcv9.o sparcv9-mont.o sparcv9a-mont.o
 $des_obj      = des_enc-sparc.o fcrypt_b.o
-$aes_obj      = 
+$aes_obj      = aes_core.o aes_cbc.o aes-sparcv9.o
 $bf_obj       = 
-$md5_obj      = md5-sparcv9.o
-$sha1_obj     = 
+$md5_obj      = 
+$sha1_obj     = sha1-sparcv9.o sha256-sparcv9.o sha512-sparcv9.o
 $cast_obj     = 
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = void
 $dso_scheme   = dlfcn
 $shared_target= solaris-shared
 $shared_cflag = -KPIC
-$shared_ldflag = -xarch=v9
+$shared_ldflag = -xarch=v9 -G -dy -z text
 $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = /usr/ccs/bin/ar rs
 $arflags      = 
+$multilib     = /64
 
 *** solaris64-sparcv9-gcc
 $cc           = gcc
@@ -3787,18 +4812,21 @@ $unistd       =
 $thread_cflag = -D_REENTRANT
 $sys_id       = ULTRASPARC
 $lflags       = -lsocket -lnsl -ldl
-$bn_ops       = SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR
-$cpuid_obj    = 
-$bn_obj       = 
+$bn_ops       = BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR
+$cpuid_obj    = sparcv9cap.o sparccpuid.o
+$bn_obj       = bn-sparcv9.o sparcv9-mont.o sparcv9a-mont.o
 $des_obj      = des_enc-sparc.o fcrypt_b.o
-$aes_obj      = 
+$aes_obj      = aes_core.o aes_cbc.o aes-sparcv9.o
 $bf_obj       = 
-$md5_obj      = md5-sparcv9.o
-$sha1_obj     = 
+$md5_obj      = 
+$sha1_obj     = sha1-sparcv9.o sha256-sparcv9.o sha512-sparcv9.o
 $cast_obj     = 
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = void
 $dso_scheme   = dlfcn
 $shared_target= solaris-shared
 $shared_cflag = -fPIC
@@ -3806,6 +4834,69 @@ $shared_ldflag = -m64 -shared
 $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
+$multilib     = /64
+
+*** solaris64-x86_64-cc
+$cc           = cc
+$cflags       = -fast -xarch=amd64 -xstrconst -Xa -DL_ENDIAN
+$unistd       = 
+$thread_cflag = -D_REENTRANT
+$sys_id       = 
+$lflags       = -lsocket -lnsl -ldl
+$bn_ops       = SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL
+$cpuid_obj    = x86_64cpuid.o
+$bn_obj       = x86_64-gcc.o x86_64-mont.o
+$des_obj      = 
+$aes_obj      = aes-x86_64.o aesni-x86_64.o
+$bf_obj       = 
+$md5_obj      = md5-x86_64.o
+$sha1_obj     = sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o
+$cast_obj     = 
+$rc4_obj      = rc4-x86_64.o
+$rmd160_obj   = 
+$rc5_obj      = 
+$wp_obj       = wp-x86_64.o
+$cmll_obj     = cmll-x86_64.o cmll_misc.o
+$perlasm_scheme = elf
+$dso_scheme   = dlfcn
+$shared_target= solaris-shared
+$shared_cflag = -KPIC
+$shared_ldflag = -xarch=amd64 -G -dy -z text
+$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
+$ranlib       = 
+$arflags      = 
+$multilib     = /64
+
+*** solaris64-x86_64-gcc
+$cc           = gcc
+$cflags       = -m64 -O3 -Wall -DL_ENDIAN -DMD32_REG_T=int
+$unistd       = 
+$thread_cflag = -D_REENTRANT
+$sys_id       = 
+$lflags       = -lsocket -lnsl -ldl
+$bn_ops       = SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL
+$cpuid_obj    = x86_64cpuid.o
+$bn_obj       = x86_64-gcc.o x86_64-mont.o
+$des_obj      = 
+$aes_obj      = aes-x86_64.o aesni-x86_64.o
+$bf_obj       = 
+$md5_obj      = md5-x86_64.o
+$sha1_obj     = sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o
+$cast_obj     = 
+$rc4_obj      = rc4-x86_64.o
+$rmd160_obj   = 
+$rc5_obj      = 
+$wp_obj       = wp-x86_64.o
+$cmll_obj     = cmll-x86_64.o cmll_misc.o
+$perlasm_scheme = elf
+$dso_scheme   = dlfcn
+$shared_target= solaris-shared
+$shared_cflag = -fPIC
+$shared_ldflag = -m64 -shared -static-libgcc
+$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
+$ranlib       = 
+$arflags      = 
+$multilib     = /64
 
 *** sunos-gcc
 $cc           = gcc
@@ -3826,6 +4917,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = void
 $dso_scheme   = 
 $shared_target= 
 $shared_cflag = 
@@ -3833,6 +4927,7 @@ $shared_ldflag =
 $shared_extension = 
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** tandem-c89
 $cc           = c89
@@ -3853,6 +4948,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = 
 $dso_scheme   = 
 $shared_target= 
 $shared_cflag = 
@@ -3860,6 +4958,7 @@ $shared_ldflag =
 $shared_extension = 
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** tru64-alpha-cc
 $cc           = cc
@@ -3869,8 +4968,8 @@ $thread_cflag = -pthread
 $sys_id       = 
 $lflags       = 
 $bn_ops       = SIXTY_FOUR_BIT_LONG RC4_CHUNK
-$cpuid_obj    = 
-$bn_obj       = 
+$cpuid_obj    = alphacpuid.o
+$bn_obj       = bn_asm.o alpha-mont.o
 $des_obj      = 
 $aes_obj      = 
 $bf_obj       = 
@@ -3880,13 +4979,79 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = void
 $dso_scheme   = dlfcn
-$shared_target= tru64-shared
+$shared_target= alpha-osf1-shared
 $shared_cflag = 
-$shared_ldflag = 
+$shared_ldflag = -msym
 $shared_extension = .so
 $ranlib       = 
 $arflags      = 
+$multilib     = 
+
+*** uClinux-dist
+$cc           = 
+$cflags       = $(CFLAGS)
+$unistd       = 
+$thread_cflag = -D_REENTRANT
+$sys_id       = 
+$lflags       = $(LDFLAGS) $(LDLIBS)
+$bn_ops       = BN_LLONG
+$cpuid_obj    = 
+$bn_obj       = 
+$des_obj      = 
+$aes_obj      = 
+$bf_obj       = 
+$md5_obj      = 
+$sha1_obj     = 
+$cast_obj     = 
+$rc4_obj      = 
+$rmd160_obj   = 
+$rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = 
+$dso_scheme   = 
+$shared_target= linux-shared
+$shared_cflag = -fPIC
+$shared_ldflag = -shared
+$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
+$ranlib       = 
+$arflags      = 
+$multilib     = 
+
+*** uClinux-dist64
+$cc           = 
+$cflags       = $(CFLAGS)
+$unistd       = 
+$thread_cflag = -D_REENTRANT
+$sys_id       = 
+$lflags       = $(LDFLAGS) $(LDLIBS)
+$bn_ops       = SIXTY_FOUR_BIT_LONG
+$cpuid_obj    = 
+$bn_obj       = 
+$des_obj      = 
+$aes_obj      = 
+$bf_obj       = 
+$md5_obj      = 
+$sha1_obj     = 
+$cast_obj     = 
+$rc4_obj      = 
+$rmd160_obj   = 
+$rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = 
+$dso_scheme   = 
+$shared_target= linux-shared
+$shared_cflag = -fPIC
+$shared_ldflag = -shared
+$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
+$ranlib       = 
+$arflags      = 
+$multilib     = 
 
 *** ultrix-cc
 $cc           = cc
@@ -3907,6 +5072,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = 
 $dso_scheme   = 
 $shared_target= 
 $shared_cflag = 
@@ -3914,6 +5082,7 @@ $shared_ldflag =
 $shared_extension = 
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** ultrix-gcc
 $cc           = gcc
@@ -3922,7 +5091,7 @@ $unistd       =
 $thread_cflag = (unknown)
 $sys_id       = 
 $lflags       = 
-$bn_ops       = 
+$bn_ops       = BN_LLONG
 $cpuid_obj    = 
 $bn_obj       = 
 $des_obj      = 
@@ -3934,6 +5103,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = 
 $dso_scheme   = 
 $shared_target= 
 $shared_cflag = 
@@ -3941,6 +5113,7 @@ $shared_ldflag =
 $shared_extension = 
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** unixware-2.0
 $cc           = cc
@@ -3961,6 +5134,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = 
 $dso_scheme   = 
 $shared_target= 
 $shared_cflag = 
@@ -3968,6 +5144,7 @@ $shared_ldflag =
 $shared_extension = 
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** unixware-2.1
 $cc           = cc
@@ -3988,6 +5165,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = 
 $dso_scheme   = 
 $shared_target= 
 $shared_cflag = 
@@ -3995,6 +5175,7 @@ $shared_ldflag =
 $shared_extension = 
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** unixware-7
 $cc           = cc
@@ -4004,17 +5185,20 @@ $thread_cflag = -Kthread
 $sys_id       = 
 $lflags       = -lsocket -lnsl
 $bn_ops       = BN_LLONG MD2_CHAR RC4_INDEX DES_PTR DES_RISC1 DES_UNROLL
-$cpuid_obj    = x86cpuid-elf.o
-$bn_obj       = bn86-elf.o co86-elf.o
-$des_obj      = dx86-elf.o yx86-elf.o
-$aes_obj      = ax86-elf.o
-$bf_obj       = bx86-elf.o
-$md5_obj      = mx86-elf.o
-$sha1_obj     = sx86-elf.o s512sse2-elf.o
-$cast_obj     = cx86-elf.o
-$rc4_obj      = rx86-elf.o
-$rmd160_obj   = rm86-elf.o
-$rc5_obj      = r586-elf.o
+$cpuid_obj    = x86cpuid.o
+$bn_obj       = bn-586.o co-586.o x86-mont.o
+$des_obj      = des-586.o crypt586.o
+$aes_obj      = aes-586.o aesni-x86.o
+$bf_obj       = bf-586.o
+$md5_obj      = md5-586.o
+$sha1_obj     = sha1-586.o sha256-586.o sha512-586.o
+$cast_obj     = cast-586.o
+$rc4_obj      = rc4-586.o
+$rmd160_obj   = rmd-586.o
+$rc5_obj      = rc5-586.o
+$wp_obj       = wp_block.o wp-mmx.o
+$cmll_obj     = cmll-x86.o
+$perlasm_scheme = elf
 $dso_scheme   = dlfcn
 $shared_target= svr5-shared
 $shared_cflag = -Kpic
@@ -4022,26 +5206,30 @@ $shared_ldflag =
 $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** unixware-7-gcc
 $cc           = gcc
-$cflags       = -DL_ENDIAN -DFILIO_H -O3 -fomit-frame-pointer -m486 -Wall
+$cflags       = -DL_ENDIAN -DFILIO_H -O3 -fomit-frame-pointer -march=pentium -Wall
 $unistd       = 
 $thread_cflag = -D_REENTRANT
 $sys_id       = 
 $lflags       = -lsocket -lnsl
 $bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$cpuid_obj    = x86cpuid-elf.o
-$bn_obj       = bn86-elf.o co86-elf.o
-$des_obj      = dx86-elf.o yx86-elf.o
-$aes_obj      = ax86-elf.o
-$bf_obj       = bx86-elf.o
-$md5_obj      = mx86-elf.o
-$sha1_obj     = sx86-elf.o s512sse2-elf.o
-$cast_obj     = cx86-elf.o
-$rc4_obj      = rx86-elf.o
-$rmd160_obj   = rm86-elf.o
-$rc5_obj      = r586-elf.o
+$cpuid_obj    = x86cpuid.o
+$bn_obj       = bn-586.o co-586.o x86-mont.o
+$des_obj      = des-586.o crypt586.o
+$aes_obj      = aes-586.o aesni-x86.o
+$bf_obj       = bf-586.o
+$md5_obj      = md5-586.o
+$sha1_obj     = sha1-586.o sha256-586.o sha512-586.o
+$cast_obj     = cast-586.o
+$rc4_obj      = rc4-586.o
+$rmd160_obj   = rmd-586.o
+$rc5_obj      = rc5-586.o
+$wp_obj       = wp_block.o wp-mmx.o
+$cmll_obj     = cmll-x86.o
+$perlasm_scheme = elf
 $dso_scheme   = dlfcn
 $shared_target= gnu-shared
 $shared_cflag = -fPIC
@@ -4049,10 +5237,11 @@ $shared_ldflag =
 $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** vos-gcc
 $cc           = gcc
-$cflags       = -b hppa1.1-stratus-vos -O3 -Wall -Wuninitialized -D_POSIX_C_SOURCE=200112L -D_BSD
+$cflags       = -O3 -Wall -D_POSIX_C_SOURCE=200112L -D_BSD -D_VOS_EXTENDED_NAMES -DB_ENDIAN
 $unistd       = 
 $thread_cflag = (unknown)
 $sys_id       = VOS
@@ -4069,6 +5258,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = void
 $dso_scheme   = 
 $shared_target= 
 $shared_cflag = 
@@ -4076,33 +5268,7 @@ $shared_ldflag =
 $shared_extension = .so
 $ranlib       = 
 $arflags      = 
-
-*** vos-vcc
-$cc           = vcc
-$cflags       = -b i386-stratus-vos -O3 -D_POSIX_C_SOURCE=200112L -D_BSD
-$unistd       = 
-$thread_cflag = (unknown)
-$sys_id       = VOS
-$lflags       = -Wl,-map
-$bn_ops       = 
-$cpuid_obj    = 
-$bn_obj       = 
-$des_obj      = 
-$aes_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-$shared_ldflag = 
-$shared_extension = .so
-$ranlib       = 
-$arflags      = 
+$multilib     = 
 
 *** vxworks-mipsle
 $cc           = ccmips
@@ -4123,6 +5289,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = void
 $dso_scheme   = 
 $shared_target= 
 $shared_cflag = 
@@ -4130,6 +5299,7 @@ $shared_ldflag =
 $shared_extension = 
 $ranlib       = ranlibmips
 $arflags      = 
+$multilib     = 
 
 *** vxworks-ppc405
 $cc           = ccppc
@@ -4150,6 +5320,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = 
 $dso_scheme   = 
 $shared_target= 
 $shared_cflag = 
@@ -4157,6 +5330,7 @@ $shared_ldflag =
 $shared_extension = 
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** vxworks-ppc750
 $cc           = ccppc
@@ -4177,6 +5351,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = 
 $dso_scheme   = 
 $shared_target= 
 $shared_cflag = 
@@ -4184,6 +5361,7 @@ $shared_ldflag =
 $shared_extension = 
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** vxworks-ppc750-debug
 $cc           = ccppc
@@ -4204,6 +5382,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = 
 $dso_scheme   = 
 $shared_target= 
 $shared_cflag = 
@@ -4211,6 +5392,7 @@ $shared_ldflag =
 $shared_extension = 
 $ranlib       = 
 $arflags      = 
+$multilib     = 
 
 *** vxworks-ppc860
 $cc           = ccppc
@@ -4231,6 +5413,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
+$wp_obj       = 
+$cmll_obj     = 
+$perlasm_scheme = 
 $dso_scheme   = 
 $shared_target= 
 $shared_cflag = 
@@ -4238,3 +5423,4 @@ $shared_ldflag =
 $shared_extension = 
 $ranlib       = 
 $arflags      = 
+$multilib     = 
diff --git a/VMS/install.com b/VMS/install.com
index 6cc624f035..d357d12a02 100644
--- a/VMS/install.com
+++ b/VMS/install.com
@@ -23,6 +23,14 @@ $	    FILE_PREFIX = "OPENSSL_"
 $	    LOG_PREFIX = "SSL"
 $	ENDIF
 $
+$	IF (F$GETSYI("CPU").LT.128)
+$	THEN
+$	    ARCH := VAX
+$	ELSE
+$	    ARCH = F$EDIT( F$GETSYI( "ARCH_NAME"), "UPCASE")
+$	    IF (ARCH .EQS. "") THEN ARCH = "UNK"
+$	ENDIF
+$
 $	ROOT = F$PARSE(P1,"[]A.;0",,,"SYNTAX_ONLY,NO_CONCEAL") - "A.;0"
 $	ROOT_DEV = F$PARSE(ROOT,,,"DEVICE","SYNTAX_ONLY")
 $	ROOT_DIR = F$PARSE(ROOT,,,"DIRECTORY","SYNTAX_ONLY") -
@@ -30,14 +38,7 @@ $	ROOT_DIR = F$PARSE(ROOT,,,"DIRECTORY","SYNTAX_ONLY") -
 $	ROOT = ROOT_DEV + "[" + ROOT_DIR
 $
 $	DEFINE/NOLOG WRK_SSLROOT 'ROOT'.] /TRANS=CONC
-$	DEFINE/NOLOG WRK_SSLVLIB WRK_SSLROOT:[VAX_LIB]
-$	DEFINE/NOLOG WRK_SSLALIB WRK_SSLROOT:[ALPHA_LIB]
 $	DEFINE/NOLOG WRK_SSLINCLUDE WRK_SSLROOT:[INCLUDE]
-$	DEFINE/NOLOG WRK_SSLVEXE WRK_SSLROOT:[VAX_EXE]
-$	DEFINE/NOLOG WRK_SSLAEXE WRK_SSLROOT:[ALPHA_EXE]
-$	DEFINE/NOLOG WRK_SSLCERTS WRK_SSLROOT:[CERTS]
-$	DEFINE/NOLOG WRK_SSLPRIVATE WRK_SSLROOT:[PRIVATE]
-$	DEFINE/NOLOG WRK_SSLCOM WRK_SSLROOT:[COM]
 $
 $	IF F$PARSE("WRK_SSLROOT:[000000]") .EQS. "" THEN -
 	   CREATE/DIR/LOG WRK_SSLROOT:[000000]
@@ -51,27 +52,34 @@ $
 $	IF F$SEARCH("WRK_SSLINCLUDE:vms_idhacks.h") .NES. "" THEN -
 	   DELETE WRK_SSLINCLUDE:vms_idhacks.h;*
 $
-$	OPEN/WRITE SF WRK_SSLCOM:'FILE_PREFIX'STARTUP.COM
-$	WRITE SYS$OUTPUT "%OPEN-I-CREATED,  ",F$SEARCH("WRK_SSLCOM:''FILE_PREFIX'STARTUP.COM")," created."
-$	WRITE SF "$! Startup file for OpenSSL"
+$	OPEN/WRITE SF WRK_SSLROOT:[VMS]OPENSSL_STARTUP.COM
+$	WRITE SYS$OUTPUT "%OPEN-I-CREATED,  ",F$SEARCH("WRK_SSLROOT:[VMS]OPENSSL_STARTUP.COM")," created."
+$	WRITE SF "$! Startup file for Openssl"
 $	WRITE SF "$!"
 $	WRITE SF "$! Do not edit this file, as it will be regenerated during next installation."
 $	WRITE SF "$! Instead, add or change ''LOG_PREFIX'COM:'''FILE_PREFIX'SYSTARTUP.COM"
 $	WRITE SF "$!"
 $	WRITE SF "$!"
-$	WRITE SF "$	ARCH = ""VAX"""
-$	WRITE SF "$	IF F$GETSYI(""CPU"") .GE. 128 THEN ARCH = ""ALPHA"""
+$	WRITE SF "$	IF (F$GETSYI(""CPU"").LT.128)"
+$	WRITE SF "$	THEN"
+$	WRITE SF "$	    ARCH := VAX"
+$	WRITE SF "$	ELSE"
+$	WRITE SF "$	    ARCH = F$EDIT( F$GETSYI( ""ARCH_NAME""), ""UPCASE"")"
+$	WRITE SF "$	    IF (ARCH .EQS. """") THEN ARCH = ""UNK"""
+$	WRITE SF "$	ENDIF"
 $	WRITE SF "$!"
-$	WRITE SF "$ IF F$SEARCH(""SYS$STARTUP:''FILE_PREFIX'DEFINE_ROOT.COM"") .NES."""" THEN -"
-$	WRITE SF "$	@SYS$STARTUP:''FILE_PREFIX'DEFINE_ROOT.COM"
+$	WRITE SF "$	IF F$SEARCH(""SYS$STARTUP:''FILE_PREFIX'DEFINE_ROOT.COM"") .NES."""" THEN -"
+$	WRITE SF "	    @SYS$STARTUP:''FILE_PREFIX'DEFINE_ROOT.COM"
 $	WRITE SF "$!"
 $	WRITE SF "$!"
-$	WRITE SF "$	DEFINE/NOLOG/SYSTEM/EXEC	''LOG_PREFIX'COM		''LOG_PREFIX'ROOT:[COM]"
-$	WRITE SF "$	DEFINE/NOLOG/SYSTEM/EXEC	''LOG_PREFIX'EXE		''LOG_PREFIX'ROOT:['ARCH'_EXE]"
-$	WRITE SF "$	DEFINE/NOLOG/SYSTEM/EXEC	''LOG_PREFIX'INCLUDE	''LOG_PREFIX'ROOT:[INCLUDE]"
-$	WRITE SF "$	DEFINE/NOLOG/SYSTEM/EXEC	''LOG_PREFIX'CERTS	''LOG_PREFIX'ROOT:[CERTS]"
-$	WRITE SF "$	DEFINE/NOLOG/SYSTEM/EXEC	''LOG_PREFIX'PRIVATE	''LOG_PREFIX'ROOT:[PRIVATE]"
-$	WRITE SF "$	DEFINE/NOLOG/SYSTEM/EXEC	''LOG_PREFIX'KEYS		''LOG_PREFIX'ROOT:[PRIVATE]"
+$	WRITE SF "$	DEFINE/NOLOG'P1	''LOG_PREFIX'ROOT	",ROOT,".] /TRANS=CONC"
+$	WRITE SF "$	DEFINE/NOLOG'P1	''LOG_PREFIX'LIB	''LOG_PREFIX'ROOT:['ARCH'_LIB]"
+$	WRITE SF "$	DEFINE/NOLOG'P1	''LOG_PREFIX'INCLUDE	''LOG_PREFIX'ROOT:[INCLUDE]"
+$	WRITE SF "$	DEFINE/NOLOG'P1	''LOG_PREFIX'EXE	''LOG_PREFIX'ROOT:['ARCH'_EXE]"
+$	WRITE SF "$	DEFINE/NOLOG'P1	''LOG_PREFIX'COM	''LOG_PREFIX'ROOT:[COM]"
+$	WRITE SF "$	DEFINE/NOLOG'P1	''LOG_PREFIX'CERTS	''LOG_PREFIX'ROOT:[CERTS]"
+$	WRITE SF "$	DEFINE/NOLOG'P1	''LOG_PREFIX'PRIVATE	''LOG_PREFIX'ROOT:[PRIVATE]"
+$	WRITE SF "$	DEFINE/NOLOG'P1	''LOG_PREFIX'KEYS	''LOG_PREFIX'ROOT:[PRIVATE]"
 $	WRITE SF "$"
 $	WRITE SF "$!	This is program can include <openssl/{foo}.h>"
 $	WRITE SF "$	DEFINE/NOLOG/SYSTEM/EXEC	OPENSSL		''LOG_PREFIX'INCLUDE:"
diff --git a/VMS/mkshared.com b/VMS/mkshared.com
index da8f899db8..a950460b19 100644
--- a/VMS/mkshared.com
+++ b/VMS/mkshared.com
@@ -12,10 +12,10 @@ $!		"64" for 64-bit pointer size
 $!		"" for default pointer size (64 bits on Alpha, 32 bits on VAX)
 $!		any other value gets the same effect as ""
 $!
-$! Input:	[.UTIL]LIBEAY.NUM,[.AXP.EXE.CRYPTO]LIBCRYPTO.OLB
-$!		[.UTIL]SSLEAY.NUM,[.AXP.EXE.SSL]LIBSSL.OLB
-$! Output:	[.AXP.EXE.CRYPTO]LIBCRYPTO.OPT,.MAP,.EXE
-$!		[.AXP.EXE.SSL]LIBSSL.OPT,.MAP,.EXE
+$! Input:	[.UTIL]LIBEAY.NUM,[.xxx.EXE.CRYPTO]LIBCRYPTO.OLB
+$!		[.UTIL]SSLEAY.NUM,[.xxx.EXE.SSL]LIBSSL.OLB
+$! Output:	[.xxx.EXE.CRYPTO]LIBCRYPTO.OPT,.MAP,.EXE
+$!		[.xxx.EXE.SSL]LIBSSL.OPT,.MAP,.EXE
 $!
 $! So far, tests have only been made on VMS for Alpha.  VAX will come in time.
 $! ===========================================================================
@@ -31,36 +31,46 @@ $
 $ file_prefix = p1
 $ if p2 .nes. "" .and. p2 .nes. "32" .and. p2 .nes. "64" then p2 = ""
 $
-$ if f$getsyi("CPU") .ge. 128
+$ if (f$getsyi("cpu").lt.128)
 $ then
-$   if p2 .eqs. "" then p2 = "64"
-$   build_bits = p2
-$   if build_bits .eqs. "64" then build_bits = ""
+$     arch := VAX
+$ else
+$     arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
+$     if (arch .eqs. "") then arch = "UNK"
+$     if p2 .eqs. "" then p2 = "64"
+$     build_bits = p2
+$     if build_bits .eqs. "64" then build_bits = ""
+$ endif
+$
+$ if arch .nes. "VAX"
+$ then
+$   arch_vax = 0
 $   libid  = "Crypto"
 $   libnum = "[.UTIL]LIBEAY.NUM"
-$   libdir = "[.AXP.EXE.CRYPTO]"
+$   libdir = "[.''ARCH'.EXE.CRYPTO]"
 $   libolb = "''libdir'LIBCRYPTO.OLB"
 $   libopt = "''libdir'LIBCRYPTO.OPT"
 $   libmap = "''libdir'LIBCRYPTO.MAP"
 $   libgoal= "''libdir'''file_prefix'LIBCRYPTO_SHR''build_bits'.EXE"
 $   libref = ""
-$   gosub create_axp_shr
+$   gosub create_nonvax_shr
 $   libid  = "SSL"
 $   libnum = "[.UTIL]SSLEAY.NUM"
-$   libdir = "[.AXP.EXE.SSL]"
+$   libdir = "[.''ARCH'.EXE.SSL]"
 $   libolb = "''libdir'LIBSSL.OLB"
 $   libopt = "''libdir'LIBSSL.OPT"
 $   libmap = "''libdir'LIBSSL.MAP"
 $   libgoal= "''libdir'''file_prefix'LIBSSL_SHR''build_bits'.EXE"
-$   libref = "[.AXP.EXE.CRYPTO]''file_prefix'LIBCRYPTO_SHR''build_bits'.EXE"
-$   gosub create_axp_shr
+$   libref = "[.''ARCH'.EXE.CRYPTO]''file_prefix'LIBCRYPTO_SHR''build_bits'.EXE"
+$   gosub create_nonvax_shr
 $ else
 $   p2 = "32"
 $   build_bits = ""
+$   arch_vax = 1
 $   libtit = "CRYPTO_TRANSFER_VECTOR"
 $   libid  = "Crypto"
 $   libnum = "[.UTIL]LIBEAY.NUM"
-$   libdir = "[.VAX.EXE.CRYPTO]"
+$   libdir = "[.''ARCH'.EXE.CRYPTO]"
 $   libmar = "''libdir'LIBCRYPTO.MAR"
 $   libolb = "''libdir'LIBCRYPTO.OLB"
 $   libopt = "''libdir'LIBCRYPTO.OPT"
@@ -73,22 +83,22 @@ $   gosub create_vax_shr
 $   libtit = "SSL_TRANSFER_VECTOR"
 $   libid  = "SSL"
 $   libnum = "[.UTIL]SSLEAY.NUM"
-$   libdir = "[.VAX.EXE.SSL]"
+$   libdir = "[.''ARCH'.EXE.SSL]"
 $   libmar = "''libdir'LIBSSL.MAR"
 $   libolb = "''libdir'LIBSSL.OLB"
 $   libopt = "''libdir'LIBSSL.OPT"
 $   libobj = "''libdir'LIBSSL.OBJ"
 $   libmap = "''libdir'LIBSSL.MAP"
 $   libgoal= "''libdir'''file_prefix'LIBSSL_SHR''build_bits'.EXE"
-$   libref = "[.VAX.EXE.CRYPTO]''file_prefix'LIBCRYPTO_SHR''build_bits'.EXE"
+$   libref = "[.''ARCH'.EXE.CRYPTO]''file_prefix'LIBCRYPTO_SHR''build_bits'.EXE"
 $   libvec = "LIBSSL"
 $   gosub create_vax_shr
 $ endif
 $ exit
 $
-$! ----- Soubroutines to actually build the shareable libraries
-$! The way things work, there's a main shareable library creator for each
-$! supported architecture, which is called from the main code above.
+$! ----- Soubroutines to build the shareable libraries
+$! For each supported architecture, there's a main shareable library
+$! creator, which is called from the main code above.
 $! The creator will define a number of variables to tell the next levels of
 $! subroutines what routines to use to write to the option files, call the
 $! main processor, read_func_num, and when that is done, it will write version
@@ -114,10 +124,10 @@ $! read_func_num depends on the following variables from the creator:
 $! libwriter	The name of the writer routine to call for each .num file line
 $! -----
 $
-$! ----- Subroutines for AXP
+$! ----- Subroutines for non-VAX
 $! -----
 $! The creator routine
-$ create_axp_shr:
+$ create_nonvax_shr:
 $   open/write opt 'libopt'
 $   write opt "identification=""",libid," ",libverstr,""""
 $   write opt libolb,"/lib"
@@ -125,7 +135,7 @@ $   if libref .nes. "" then write opt libref,"/SHARE"
 $   write opt "SYMBOL_VECTOR=(-"
 $   libfirstentry := true
 $   libwrch   := opt
-$   libwriter := write_axp_transfer_entry
+$   libwriter := write_nonvax_transfer_entry
 $   textcount = 0
 $   gosub read_func_num
 $   write opt ")"
@@ -135,7 +145,7 @@ $   link/map='libmap'/full/share='libgoal' 'libopt'/option
 $   return
 $
 $! The record writer routine
-$ write_axp_transfer_entry:
+$ write_nonvax_transfer_entry:
 $   if libentry .eqs. ".dummy" then return
 $   if info_kind .eqs. "VARIABLE"
 $   then
@@ -281,8 +291,15 @@ $             truesum = truesum + 1
 $           if plat_entry .eqs. "!EXPORT_VAR_AS_FUNCTION" then -
 $             falsesum = falsesum + 1
 $         endif
-$         if plat_entry .eqs. "VMS" then truesum = truesum + 1
-$         if plat_entry .eqs. "!VMS" then falsesum = falsesum + 1
+$!
+$         if ((plat_entry .eqs. "VMS") .or. -
+            (arch_vax .and. (plat_entry .eqs. "VMSVAX"))) then -
+            truesum = truesum + 1
+$!
+$         if ((plat_entry .eqs. "!VMS") .or. -
+            (arch_vax .and. (plat_entry .eqs. "!VMSVAX"))) then -
+            falsesum = falsesum + 1
+$!
 $	  goto loop1
 $       endif
 $     endloop1:
diff --git a/VMS/openssl_utils.com b/VMS/openssl_utils.com
index ddc107394f..64f4915104 100644
--- a/VMS/openssl_utils.com
+++ b/VMS/openssl_utils.com
@@ -8,31 +8,39 @@ $!
 $!
 $! Slightly modified by Richard Levitte <richard@levitte.org>
 $!
+$!
+$! Always define OPENSSL.  Others are optional (non-null P1).
+$!
 $ OPENSSL  :== $SSLEXE:OPENSSL
-$ VERIFY   :== $SSLEXE:OPENSSL VERIFY
-$ ASN1PARSE:== $SSLEXE:OPENSSL ASN1PARS
-$ REQ      :== $SSLEXE:OPENSSL REQ
-$ DGST     :== $SSLEXE:OPENSSL DGST
-$ DH       :== $SSLEXE:OPENSSL DH
-$ ENC      :== $SSLEXE:OPENSSL ENC
-$ GENDH    :== $SSLEXE:OPENSSL GENDH
-$ ERRSTR   :== $SSLEXE:OPENSSL ERRSTR
-$ CA       :== $SSLEXE:OPENSSL CA
-$ CRL      :== $SSLEXE:OPENSSL CRL
-$ RSA      :== $SSLEXE:OPENSSL RSA
-$ DSA      :== $SSLEXE:OPENSSL DSA
-$ DSAPARAM :== $SSLEXE:OPENSSL DSAPARAM
-$ X509     :== $SSLEXE:OPENSSL X509
-$ GENRSA   :== $SSLEXE:OPENSSL GENRSA
-$ GENDSA   :== $SSLEXE:OPENSSL GENDSA
-$ S_SERVER :== $SSLEXE:OPENSSL S_SERVER
-$ S_CLIENT :== $SSLEXE:OPENSSL S_CLIENT
-$ SPEED    :== $SSLEXE:OPENSSL SPEED
-$ S_TIME   :== $SSLEXE:OPENSSL S_TIME
-$ VERSION  :== $SSLEXE:OPENSSL VERSION
-$ PKCS7    :== $SSLEXE:OPENSSL PKCS7
-$ CRL2PKCS7:== $SSLEXE:OPENSSL CRL2P7
-$ SESS_ID  :== $SSLEXE:OPENSSL SESS_ID
-$ CIPHERS  :== $SSLEXE:OPENSSL CIPHERS
-$ NSEQ     :== $SSLEXE:OPENSSL NSEQ
-$ PKCS12   :== $SSLEXE:OPENSSL PKCS12
+$
+$ IF (P1 .NES. "")
+$ THEN
+$     VERIFY   :== $SSLEXE:OPENSSL VERIFY
+$     ASN1PARSE:== $SSLEXE:OPENSSL ASN1PARS
+$! REQ could conflict with REQUEST.
+$     OREQ     :== $SSLEXE:OPENSSL REQ
+$     DGST     :== $SSLEXE:OPENSSL DGST
+$     DH       :== $SSLEXE:OPENSSL DH
+$     ENC      :== $SSLEXE:OPENSSL ENC
+$     GENDH    :== $SSLEXE:OPENSSL GENDH
+$     ERRSTR   :== $SSLEXE:OPENSSL ERRSTR
+$     CA       :== $SSLEXE:OPENSSL CA
+$     CRL      :== $SSLEXE:OPENSSL CRL
+$     RSA      :== $SSLEXE:OPENSSL RSA
+$     DSA      :== $SSLEXE:OPENSSL DSA
+$     DSAPARAM :== $SSLEXE:OPENSSL DSAPARAM
+$     X509     :== $SSLEXE:OPENSSL X509
+$     GENRSA   :== $SSLEXE:OPENSSL GENRSA
+$     GENDSA   :== $SSLEXE:OPENSSL GENDSA
+$     S_SERVER :== $SSLEXE:OPENSSL S_SERVER
+$     S_CLIENT :== $SSLEXE:OPENSSL S_CLIENT
+$     SPEED    :== $SSLEXE:OPENSSL SPEED
+$     S_TIME   :== $SSLEXE:OPENSSL S_TIME
+$     VERSION  :== $SSLEXE:OPENSSL VERSION
+$     PKCS7    :== $SSLEXE:OPENSSL PKCS7
+$     CRL2PKCS7:== $SSLEXE:OPENSSL CRL2P7
+$     SESS_ID  :== $SSLEXE:OPENSSL SESS_ID
+$     CIPHERS  :== $SSLEXE:OPENSSL CIPHERS
+$     NSEQ     :== $SSLEXE:OPENSSL NSEQ
+$     PKCS12   :== $SSLEXE:OPENSSL PKCS12
+$ ENDIF
diff --git a/apps/.cvsignore b/apps/.cvsignore
index cdd6c00dae..9981329b02 100644
--- a/apps/.cvsignore
+++ b/apps/.cvsignore
@@ -3,3 +3,6 @@ Makefile.save
 der_chop
 der_chop.bak
 CA.pl
+*.flc
+semantic.cache
+*.dll
diff --git a/apps/CA.pl.in b/apps/CA.pl.in
index 5d829c05eb..c783a6e6a5 100644
--- a/apps/CA.pl.in
+++ b/apps/CA.pl.in
@@ -68,19 +68,19 @@ foreach (@ARGV) {
 	    exit 0;
 	} elsif (/^-newcert$/) {
 	    # create a certificate
-	    system ("$REQ -new -x509 -keyout newreq.pem -out newreq.pem $DAYS");
+	    system ("$REQ -new -x509 -keyout newkey.pem -out newcert.pem $DAYS");
 	    $RET=$?;
-	    print "Certificate (and private key) is in newreq.pem\n"
+	    print "Certificate is in newcert.pem, private key is in newkey.pem\n"
 	} elsif (/^-newreq$/) {
 	    # create a certificate request
-	    system ("$REQ -new -keyout newreq.pem -out newreq.pem $DAYS");
+	    system ("$REQ -new -keyout newkey.pem -out newreq.pem $DAYS");
 	    $RET=$?;
-	    print "Request (and private key) is in newreq.pem\n";
+	    print "Request is in newreq.pem, private key is in newkey.pem\n";
 	} elsif (/^-newreq-nodes$/) {
 	    # create a certificate request
-	    system ("$REQ -new -nodes -keyout newreq.pem -out newreq.pem $DAYS");
+	    system ("$REQ -new -nodes -keyout newkey.pem -out newreq.pem $DAYS");
 	    $RET=$?;
-	    print "Request (and private key) is in newreq.pem\n";
+	    print "Request is in newreq.pem, private key is in newkey.pem\n";
 	} elsif (/^-newca$/) {
 		# if explicitly asked for or it doesn't exist then setup the
 		# directory structure that Eric likes to manage things 
@@ -94,6 +94,9 @@ foreach (@ARGV) {
 		mkdir "${CATOP}/private", $DIRMODE;
 		open OUT, ">${CATOP}/index.txt";
 		close OUT;
+		open OUT, ">${CATOP}/crlnumber";
+		print OUT "01\n";
+		close OUT;
 	    }
 	    if ( ! -f "${CATOP}/private/$CAKEY" ) {
 		print "CA certificate filename (or enter to create)\n";
@@ -113,6 +116,7 @@ foreach (@ARGV) {
 		    system ("$CA -create_serial " .
 			"-out ${CATOP}/$CACERT $CADAYS -batch " . 
 			"-keyfile ${CATOP}/private/$CAKEY -selfsign " .
+			"-extensions v3_ca " .
 			"-infiles ${CATOP}/$CAREQ ");
 		    $RET=$?;
 		}
@@ -120,10 +124,11 @@ foreach (@ARGV) {
 	} elsif (/^-pkcs12$/) {
 	    my $cname = $ARGV[1];
 	    $cname = "My Certificate" unless defined $cname;
-	    system ("$PKCS12 -in newcert.pem -inkey newreq.pem " .
+	    system ("$PKCS12 -in newcert.pem -inkey newkey.pem " .
 			"-certfile ${CATOP}/$CACERT -out newcert.p12 " .
 			"-export -name \"$cname\"");
 	    $RET=$?;
+	    print "PKCS #12 file is in newcert.p12\n";
 	    exit $RET;
 	} elsif (/^-xsign$/) {
 	    system ("$CA -policy policy_anything -infiles newreq.pem");
diff --git a/apps/CA.sh b/apps/CA.sh
index 46e86bf94b..7ad6b8c52e 100644
--- a/apps/CA.sh
+++ b/apps/CA.sh
@@ -5,10 +5,10 @@
 #      things easier between now and when Eric is convinced to fix it :-)
 #
 # CA -newca ... will setup the right stuff
-# CA -newreq ... will generate a certificate request 
-# CA -sign ... will sign the generated request and output 
+# CA -newreq ... will generate a certificate request
+# CA -sign ... will sign the generated request and output
 #
-# At the end of that grab newreq.pem and newcert.pem (one has the key 
+# At the end of that grab newreq.pem and newcert.pem (one has the key
 # and the other the certificate) and cat them together and that is what
 # you want/need ... I'll make even this a little cleaner later.
 #
@@ -16,8 +16,8 @@
 # 12-Jan-96 tjh    Added more things ... including CA -signcert which
 #                  converts a certificate to a request and then signs it.
 # 10-Jan-96 eay    Fixed a few more bugs and added the SSLEAY_CONFIG
-#		   environment variable so this can be driven from
-#		   a script.
+#                  environment variable so this can be driven from
+#                  a script.
 # 25-Jul-96 eay    Cleaned up filenames some more.
 # 11-Jun-96 eay    Fixed a few filename missmatches.
 # 03-May-96 eay    Modified to use 'ssleay cmd' instead of 'cmd'.
@@ -29,52 +29,87 @@
 
 # default openssl.cnf file has setup as per the following
 # demoCA ... where everything is stored
+cp_pem() {
+    infile=$1
+    outfile=$2
+    bound=$3
+    flag=0
+    exec <$infile;
+    while read line; do
+	if [ $flag -eq 1 ]; then
+		echo $line|grep "^-----END.*$bound"  2>/dev/null 1>/dev/null
+		if [ $? -eq 0 ] ; then
+			echo $line >>$outfile
+			break
+		else
+			echo $line >>$outfile
+		fi
+	fi
+
+	echo $line|grep "^-----BEGIN.*$bound"  2>/dev/null 1>/dev/null
+	if [ $? -eq 0 ]; then
+		echo $line >$outfile
+		flag=1
+	fi
+    done
+}
+
+usage() {
+ echo "usage: $0 -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify" >&2
+}
 
 if [ -z "$OPENSSL" ]; then OPENSSL=openssl; fi
 
-DAYS="-days 365"	# 1 year
+if [ -z "$DAYS" ] ; then DAYS="-days 365" ; fi	# 1 year
 CADAYS="-days 1095"	# 3 years
 REQ="$OPENSSL req $SSLEAY_CONFIG"
 CA="$OPENSSL ca $SSLEAY_CONFIG"
 VERIFY="$OPENSSL verify"
 X509="$OPENSSL x509"
+PKCS12="openssl pkcs12"
 
-CATOP=./demoCA
+if [ -z "$CATOP" ] ; then CATOP=./demoCA ; fi
 CAKEY=./cakey.pem
 CAREQ=./careq.pem
 CACERT=./cacert.pem
 
-for i
-do
-case $i in
+RET=0
+
+while [ "$1" != "" ] ; do
+case $1 in
 -\?|-h|-help)
-    echo "usage: CA -newcert|-newreq|-newca|-sign|-verify" >&2
+    usage
     exit 0
     ;;
--newcert) 
+-newcert)
     # create a certificate
-    $REQ -new -x509 -keyout newreq.pem -out newreq.pem $DAYS
+    $REQ -new -x509 -keyout newkey.pem -out newcert.pem $DAYS
     RET=$?
-    echo "Certificate (and private key) is in newreq.pem"
+    echo "Certificate is in newcert.pem, private key is in newkey.pem"
     ;;
--newreq) 
+-newreq)
     # create a certificate request
-    $REQ -new -keyout newreq.pem -out newreq.pem $DAYS
+    $REQ -new -keyout newkey.pem -out newreq.pem $DAYS
+    RET=$?
+    echo "Request is in newreq.pem, private key is in newkey.pem"
+    ;;
+-newreq-nodes) 
+    # create a certificate request
+    $REQ -new -nodes -keyout newreq.pem -out newreq.pem $DAYS
     RET=$?
     echo "Request (and private key) is in newreq.pem"
     ;;
--newca)     
+-newca)
     # if explicitly asked for or it doesn't exist then setup the directory
-    # structure that Eric likes to manage things 
+    # structure that Eric likes to manage things
     NEW="1"
     if [ "$NEW" -o ! -f ${CATOP}/serial ]; then
 	# create the directory hierarchy
-	mkdir ${CATOP} 
-	mkdir ${CATOP}/certs 
-	mkdir ${CATOP}/crl 
-	mkdir ${CATOP}/newcerts
-	mkdir ${CATOP}/private
-	echo "00" > ${CATOP}/serial
+	mkdir -p ${CATOP}
+	mkdir -p ${CATOP}/certs
+	mkdir -p ${CATOP}/crl
+	mkdir -p ${CATOP}/newcerts
+	mkdir -p ${CATOP}/private
 	touch ${CATOP}/index.txt
     fi
     if [ ! -f ${CATOP}/private/$CAKEY ]; then
@@ -83,37 +118,60 @@ case $i in
 
 	# ask user for existing CA certificate
 	if [ "$FILE" ]; then
-	    cp $FILE ${CATOP}/private/$CAKEY
+	    cp_pem $FILE ${CATOP}/private/$CAKEY PRIVATE
+	    cp_pem $FILE ${CATOP}/$CACERT CERTIFICATE
 	    RET=$?
+	    if [ ! -f "${CATOP}/serial" ]; then
+		$X509 -in ${CATOP}/$CACERT -noout -next_serial \
+		      -out ${CATOP}/serial
+	    fi
 	else
 	    echo "Making CA certificate ..."
 	    $REQ -new -keyout ${CATOP}/private/$CAKEY \
 			   -out ${CATOP}/$CAREQ
-	    $CA -out ${CATOP}/$CACERT $CADAYS -batch \
+	    $CA -create_serial -out ${CATOP}/$CACERT $CADAYS -batch \
 			   -keyfile ${CATOP}/private/$CAKEY -selfsign \
-			   -infiles ${CATOP}/$CAREQ 
+			   -extensions v3_ca \
+			   -infiles ${CATOP}/$CAREQ
 	    RET=$?
 	fi
     fi
     ;;
 -xsign)
-    $CA -policy policy_anything -infiles newreq.pem 
+    $CA -policy policy_anything -infiles newreq.pem
     RET=$?
     ;;
--sign|-signreq) 
+-pkcs12)
+    if [ -z "$2" ] ; then
+	CNAME="My Certificate"
+    else
+	CNAME="$2"
+    fi
+    $PKCS12 -in newcert.pem -inkey newreq.pem -certfile ${CATOP}/$CACERT \
+	    -out newcert.p12 -export -name "$CNAME"
+    RET=$?
+    exit $RET
+    ;;
+-sign|-signreq)
     $CA -policy policy_anything -out newcert.pem -infiles newreq.pem
     RET=$?
     cat newcert.pem
     echo "Signed certificate is in newcert.pem"
     ;;
--signcert) 
+-signCA)
+    $CA -policy policy_anything -out newcert.pem -extensions v3_ca -infiles newreq.pem
+    RET=$?
+    echo "Signed CA certificate is in newcert.pem"
+    ;;
+-signcert)
     echo "Cert passphrase will be requested twice - bug?"
     $X509 -x509toreq -in newreq.pem -signkey newreq.pem -out tmp.pem
     $CA -policy policy_anything -out newcert.pem -infiles tmp.pem
+    RET=$?
     cat newcert.pem
     echo "Signed certificate is in newcert.pem"
     ;;
--verify) 
+-verify)
     shift
     if [ -z "$1" ]; then
 	    $VERIFY -CAfile $CATOP/$CACERT newcert.pem
@@ -127,13 +185,14 @@ case $i in
 	    fi
 	done
     fi
-    exit 0
+    exit $RET
     ;;
 *)
-    echo "Unknown arg $i";
+    echo "Unknown arg $i" >&2
+    usage
     exit 1
     ;;
 esac
+shift
 done
 exit $RET
-
diff --git a/apps/Makefile.ssl b/apps/Makefile.ssl
deleted file mode 100644
index 8fd61bfe54..0000000000
--- a/apps/Makefile.ssl
+++ /dev/null
@@ -1,878 +0,0 @@
-#
-#  apps/Makefile.ssl
-#
-
-DIR=		apps
-TOP=		..
-CC=		cc
-INCLUDES=	-I$(TOP) -I../include $(KRB5_INCLUDES)
-CFLAG=		-g -static
-INSTALL_PREFIX=
-INSTALLTOP=	/usr/local/ssl
-OPENSSLDIR=	/usr/local/ssl
-NEWMAKE=	make
-MAKE=		$(NEWMAKE) -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-PERL=		perl
-RM=		rm -f
-# KRB5 stuff
-KRB5_INCLUDES=
-LIBKRB5=
-
-PEX_LIBS=
-EX_LIBS= 
-EXE_EXT= 
-
-SHLIB_TARGET=
-
-CFLAGS= -DMONOLITH $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile makeapps.com install.com
-
-DLIBCRYPTO=../libcrypto.a
-DLIBSSL=../libssl.a
-LIBCRYPTO=-L.. -lcrypto
-LIBSSL=-L.. -lssl
-
-PROGRAM= openssl
-
-SCRIPTS=CA.sh CA.pl
-
-EXE= $(PROGRAM)$(EXE_EXT)
-
-E_EXE=	verify asn1pars req dgst dh dhparam enc passwd gendh errstr \
-	ca crl rsa rsautl dsa dsaparam ec ecparam \
-	x509 genrsa gendsa s_server s_client speed \
-	s_time version pkcs7 crl2pkcs7 sess_id ciphers nseq pkcs12 \
-	pkcs8 spkac smime rand engine ocsp
-
-PROGS= $(PROGRAM).c
-
-A_OBJ=apps.o
-A_SRC=apps.c
-S_OBJ=	s_cb.o s_socket.o
-S_SRC=	s_cb.c s_socket.c
-RAND_OBJ=app_rand.o
-RAND_SRC=app_rand.c
-
-E_OBJ=	verify.o asn1pars.o req.o dgst.o dh.o dhparam.o enc.o passwd.o gendh.o errstr.o \
-	ca.o pkcs7.o crl2p7.o crl.o \
-	rsa.o rsautl.o dsa.o dsaparam.o ec.o ecparam.o \
-	x509.o genrsa.o gendsa.o s_server.o s_client.o speed.o \
-	s_time.o $(A_OBJ) $(S_OBJ) $(RAND_OBJ) version.o sess_id.o \
-	ciphers.o nseq.o pkcs12.o pkcs8.o spkac.o smime.o rand.o engine.o \
-	ocsp.o 
-
-E_SRC=	verify.c asn1pars.c req.c dgst.c dh.c enc.c passwd.c gendh.c errstr.c ca.c \
-	pkcs7.c crl2p7.c crl.c \
-	rsa.c rsautl.c dsa.c dsaparam.c ec.c ecparam.c \
-	x509.c genrsa.c gendsa.c s_server.c s_client.c speed.c \
-	s_time.c $(A_SRC) $(S_SRC) $(RAND_SRC) version.c sess_id.c \
-	ciphers.c nseq.c pkcs12.c pkcs8.c spkac.c smime.c rand.c engine.c \
-	ocsp.c
-
-SRC=$(E_SRC)
-
-EXHEADER=
-HEADER=	apps.h progs.h s_apps.h \
-	testdsa.h testrsa.h \
-	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	@(cd ..; $(MAKE) DIRS=$(DIR) all)
-
-all:	exe
-
-exe:	$(EXE)
-
-req: sreq.o $(A_OBJ) $(DLIBCRYPTO)
-	shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \
-		shlib_target="$(SHLIB_TARGET)"; \
-	fi; \
-	$(NEWMAKE) -f $(TOP)/Makefile.shared \
-		APPNAME=req CC="$(CC)" CFLAGS="$(CFLAGS)" \
-		LDFLAGS="$(LDFLAG)" SHARED_LDFLAGS="$(SHARED_LDFLAGS)" \
-		OBJECTS="sreq.o $(A_OBJ) $(RAND_OBJ)" \
-		LIBDEPS="$(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)" \
-		LIBRPATH=$(INSTALLTOP)/lib \
-		link_app.$${shlib_target}
-
-sreq.o: req.c 
-	$(CC) -c $(INCLUDES) $(CFLAG) -o sreq.o req.c
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-install:
-	@set -e; for i in $(EXE); \
-	do  \
-	(echo installing $$i; \
-	 cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new; \
-	 chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new; \
-	 mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i ); \
-	 done;
-	@set -e; for i in $(SCRIPTS); \
-	do  \
-	(echo installing $$i; \
-	 cp $$i $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i.new; \
-	 chmod 755 $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i.new; \
-	 mv -f $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i.new $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i ); \
-	 done
-	@cp openssl.cnf $(INSTALL_PREFIX)$(OPENSSLDIR)/openssl.cnf.new; \
-	chmod 644 $(INSTALL_PREFIX)$(OPENSSLDIR)/openssl.cnf.new; \
-	mv -f  $(INSTALL_PREFIX)$(OPENSSLDIR)/openssl.cnf.new $(INSTALL_PREFIX)$(OPENSSLDIR)/openssl.cnf
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-links:
-	@sh $(TOP)/util/point.sh Makefile.ssl Makefile
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(SRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff $(EXE)
-	rm -f req
-
-$(DLIBSSL):
-	(cd ..; $(MAKE) DIRS=ssl all)
-
-$(DLIBCRYPTO):
-	(cd ..; $(MAKE) DIRS=crypto all)
-
-$(EXE): progs.h $(E_OBJ) $(PROGRAM).o $(DLIBCRYPTO) $(DLIBSSL)
-	$(RM) $(EXE)
-	shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \
-		shlib_target="$(SHLIB_TARGET)"; \
-	fi; \
-	if [ "$${shlib_target}" = "darwin-shared" ] ; then \
-	  LIBRARIES="$(DLIBSSL) $(LIBKRB5) $(DLIBCRYPTO)" ; \
-	else \
-	  LIBRARIES="$(LIBSSL) $(LIBKRB5) $(LIBCRYPTO)" ; \
-	fi; \
-	$(NEWMAKE) -f $(TOP)/Makefile.shared \
-		APPNAME=$(EXE) CC="$(CC)" CFLAGS="$(CFLAG)" \
-		LDFLAGS="$(LDFLAGS)" SHARED_LDFLAGS="$(SHARED_LDFLAGS)" \
-		OBJECTS="$(PROGRAM).o $(E_OBJ)" \
-		LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
-		LIBRPATH=$(INSTALLTOP)/lib \
-		link_app.$${shlib_target}
-	@case "../*.dll" in *\**) ;; *) cp -p ../*.dll .;; esac
-	-(cd ..; \
-	  OPENSSL="`pwd`/util/opensslwrap.sh"; export OPENSSL; \
-	  $(PERL) tools/c_rehash certs)
-
-progs.h: progs.pl
-	$(PERL) progs.pl $(E_EXE) >progs.h
-	$(RM) $(PROGRAM).o
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-app_rand.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-app_rand.o: ../include/openssl/buffer.h ../include/openssl/conf.h
-app_rand.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-app_rand.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-app_rand.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-app_rand.o: ../include/openssl/evp.h ../include/openssl/lhash.h
-app_rand.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-app_rand.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-app_rand.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
-app_rand.o: ../include/openssl/rand.h ../include/openssl/safestack.h
-app_rand.o: ../include/openssl/sha.h ../include/openssl/stack.h
-app_rand.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-app_rand.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h app_rand.c
-app_rand.o: apps.h
-apps.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-apps.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-apps.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-apps.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-apps.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-apps.o: ../include/openssl/engine.h ../include/openssl/err.h
-apps.o: ../include/openssl/evp.h ../include/openssl/lhash.h
-apps.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-apps.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-apps.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-apps.o: ../include/openssl/pem2.h ../include/openssl/pkcs12.h
-apps.o: ../include/openssl/pkcs7.h ../include/openssl/rsa.h
-apps.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-apps.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-apps.o: ../include/openssl/txt_db.h ../include/openssl/ui.h
-apps.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
-apps.o: ../include/openssl/x509v3.h apps.c apps.h
-asn1pars.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-asn1pars.o: ../include/openssl/buffer.h ../include/openssl/conf.h
-asn1pars.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-asn1pars.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-asn1pars.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-asn1pars.o: ../include/openssl/err.h ../include/openssl/evp.h
-asn1pars.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-asn1pars.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-asn1pars.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-asn1pars.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-asn1pars.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
-asn1pars.o: ../include/openssl/sha.h ../include/openssl/stack.h
-asn1pars.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-asn1pars.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h
-asn1pars.o: asn1pars.c
-ca.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-ca.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-ca.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-ca.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-ca.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-ca.o: ../include/openssl/engine.h ../include/openssl/err.h
-ca.o: ../include/openssl/evp.h ../include/openssl/lhash.h
-ca.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-ca.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
-ca.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-ca.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-ca.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
-ca.o: ../include/openssl/sha.h ../include/openssl/stack.h
-ca.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-ca.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
-ca.o: ../include/openssl/x509v3.h apps.h ca.c
-ciphers.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-ciphers.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-ciphers.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-ciphers.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-ciphers.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-ciphers.o: ../include/openssl/engine.h ../include/openssl/err.h
-ciphers.o: ../include/openssl/evp.h ../include/openssl/kssl.h
-ciphers.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-ciphers.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-ciphers.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-ciphers.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-ciphers.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
-ciphers.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-ciphers.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-ciphers.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-ciphers.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-ciphers.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
-ciphers.o: ../include/openssl/x509_vfy.h apps.h ciphers.c
-crl.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-crl.o: ../include/openssl/buffer.h ../include/openssl/conf.h
-crl.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-crl.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-crl.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-crl.o: ../include/openssl/err.h ../include/openssl/evp.h
-crl.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-crl.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-crl.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-crl.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-crl.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
-crl.o: ../include/openssl/sha.h ../include/openssl/stack.h
-crl.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-crl.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
-crl.o: ../include/openssl/x509v3.h apps.h crl.c
-crl2p7.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-crl2p7.o: ../include/openssl/buffer.h ../include/openssl/conf.h
-crl2p7.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-crl2p7.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-crl2p7.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-crl2p7.o: ../include/openssl/err.h ../include/openssl/evp.h
-crl2p7.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-crl2p7.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-crl2p7.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-crl2p7.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-crl2p7.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
-crl2p7.o: ../include/openssl/sha.h ../include/openssl/stack.h
-crl2p7.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-crl2p7.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h
-crl2p7.o: crl2p7.c
-dgst.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-dgst.o: ../include/openssl/buffer.h ../include/openssl/conf.h
-dgst.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-dgst.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-dgst.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-dgst.o: ../include/openssl/err.h ../include/openssl/evp.h
-dgst.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-dgst.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-dgst.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-dgst.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-dgst.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
-dgst.o: ../include/openssl/sha.h ../include/openssl/stack.h
-dgst.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-dgst.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h dgst.c
-dh.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-dh.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-dh.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-dh.o: ../include/openssl/dh.h ../include/openssl/e_os2.h
-dh.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-dh.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-dh.o: ../include/openssl/err.h ../include/openssl/evp.h
-dh.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-dh.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-dh.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-dh.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-dh.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
-dh.o: ../include/openssl/sha.h ../include/openssl/stack.h
-dh.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-dh.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h dh.c
-dsa.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-dsa.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-dsa.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-dsa.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-dsa.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-dsa.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-dsa.o: ../include/openssl/err.h ../include/openssl/evp.h
-dsa.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-dsa.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-dsa.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-dsa.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-dsa.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
-dsa.o: ../include/openssl/sha.h ../include/openssl/stack.h
-dsa.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-dsa.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h dsa.c
-dsaparam.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-dsaparam.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-dsaparam.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-dsaparam.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-dsaparam.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-dsaparam.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-dsaparam.o: ../include/openssl/engine.h ../include/openssl/err.h
-dsaparam.o: ../include/openssl/evp.h ../include/openssl/lhash.h
-dsaparam.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-dsaparam.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-dsaparam.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-dsaparam.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-dsaparam.o: ../include/openssl/rand.h ../include/openssl/rsa.h
-dsaparam.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-dsaparam.o: ../include/openssl/stack.h ../include/openssl/store.h
-dsaparam.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-dsaparam.o: ../include/openssl/ui.h ../include/openssl/x509.h
-dsaparam.o: ../include/openssl/x509_vfy.h apps.h dsaparam.c
-ec.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-ec.o: ../include/openssl/buffer.h ../include/openssl/conf.h
-ec.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-ec.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-ec.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-ec.o: ../include/openssl/err.h ../include/openssl/evp.h
-ec.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-ec.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-ec.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-ec.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-ec.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
-ec.o: ../include/openssl/sha.h ../include/openssl/stack.h
-ec.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-ec.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h ec.c
-ecparam.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-ecparam.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-ecparam.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-ecparam.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-ecparam.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-ecparam.o: ../include/openssl/engine.h ../include/openssl/err.h
-ecparam.o: ../include/openssl/evp.h ../include/openssl/lhash.h
-ecparam.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-ecparam.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-ecparam.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-ecparam.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-ecparam.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-ecparam.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-ecparam.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
-ecparam.o: ../include/openssl/x509_vfy.h apps.h ecparam.c
-enc.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-enc.o: ../include/openssl/buffer.h ../include/openssl/conf.h
-enc.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-enc.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-enc.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-enc.o: ../include/openssl/err.h ../include/openssl/evp.h
-enc.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-enc.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-enc.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-enc.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-enc.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-enc.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-enc.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-enc.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
-enc.o: ../include/openssl/x509_vfy.h apps.h enc.c
-engine.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-engine.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-engine.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-engine.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-engine.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-engine.o: ../include/openssl/engine.h ../include/openssl/err.h
-engine.o: ../include/openssl/evp.h ../include/openssl/kssl.h
-engine.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-engine.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-engine.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-engine.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-engine.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
-engine.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-engine.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-engine.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-engine.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-engine.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
-engine.o: ../include/openssl/x509_vfy.h apps.h engine.c
-errstr.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-errstr.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-errstr.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-errstr.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-errstr.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-errstr.o: ../include/openssl/engine.h ../include/openssl/err.h
-errstr.o: ../include/openssl/evp.h ../include/openssl/kssl.h
-errstr.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-errstr.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-errstr.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-errstr.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-errstr.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
-errstr.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-errstr.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-errstr.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-errstr.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-errstr.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
-errstr.o: ../include/openssl/x509_vfy.h apps.h errstr.c
-gendh.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-gendh.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-gendh.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-gendh.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-gendh.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-gendh.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-gendh.o: ../include/openssl/engine.h ../include/openssl/err.h
-gendh.o: ../include/openssl/evp.h ../include/openssl/lhash.h
-gendh.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-gendh.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-gendh.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-gendh.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-gendh.o: ../include/openssl/rand.h ../include/openssl/rsa.h
-gendh.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-gendh.o: ../include/openssl/stack.h ../include/openssl/store.h
-gendh.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-gendh.o: ../include/openssl/ui.h ../include/openssl/x509.h
-gendh.o: ../include/openssl/x509_vfy.h apps.h gendh.c
-gendsa.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-gendsa.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-gendsa.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-gendsa.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-gendsa.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-gendsa.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-gendsa.o: ../include/openssl/err.h ../include/openssl/evp.h
-gendsa.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-gendsa.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-gendsa.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-gendsa.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-gendsa.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
-gendsa.o: ../include/openssl/sha.h ../include/openssl/stack.h
-gendsa.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-gendsa.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h
-gendsa.o: gendsa.c
-genrsa.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-genrsa.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-genrsa.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-genrsa.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-genrsa.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-genrsa.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-genrsa.o: ../include/openssl/engine.h ../include/openssl/err.h
-genrsa.o: ../include/openssl/evp.h ../include/openssl/lhash.h
-genrsa.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-genrsa.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-genrsa.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-genrsa.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-genrsa.o: ../include/openssl/rand.h ../include/openssl/rsa.h
-genrsa.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-genrsa.o: ../include/openssl/stack.h ../include/openssl/store.h
-genrsa.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-genrsa.o: ../include/openssl/ui.h ../include/openssl/x509.h
-genrsa.o: ../include/openssl/x509_vfy.h apps.h genrsa.c
-nseq.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-nseq.o: ../include/openssl/buffer.h ../include/openssl/conf.h
-nseq.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-nseq.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-nseq.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-nseq.o: ../include/openssl/err.h ../include/openssl/evp.h
-nseq.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-nseq.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-nseq.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-nseq.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-nseq.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
-nseq.o: ../include/openssl/sha.h ../include/openssl/stack.h
-nseq.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-nseq.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h nseq.c
-ocsp.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-ocsp.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-ocsp.o: ../include/openssl/comp.h ../include/openssl/conf.h
-ocsp.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-ocsp.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-ocsp.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-ocsp.o: ../include/openssl/err.h ../include/openssl/evp.h
-ocsp.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-ocsp.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-ocsp.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
-ocsp.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-ocsp.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-ocsp.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
-ocsp.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-ocsp.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-ocsp.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-ocsp.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-ocsp.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
-ocsp.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h ocsp.c
-openssl.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-openssl.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-openssl.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-openssl.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-openssl.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-openssl.o: ../include/openssl/engine.h ../include/openssl/err.h
-openssl.o: ../include/openssl/evp.h ../include/openssl/kssl.h
-openssl.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-openssl.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-openssl.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-openssl.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-openssl.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
-openssl.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-openssl.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-openssl.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-openssl.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-openssl.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
-openssl.o: ../include/openssl/x509_vfy.h apps.h openssl.c progs.h s_apps.h
-passwd.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-passwd.o: ../include/openssl/buffer.h ../include/openssl/conf.h
-passwd.o: ../include/openssl/crypto.h ../include/openssl/des.h
-passwd.o: ../include/openssl/des_old.h ../include/openssl/e_os2.h
-passwd.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-passwd.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-passwd.o: ../include/openssl/err.h ../include/openssl/evp.h
-passwd.o: ../include/openssl/lhash.h ../include/openssl/md5.h
-passwd.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-passwd.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-passwd.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
-passwd.o: ../include/openssl/rand.h ../include/openssl/safestack.h
-passwd.o: ../include/openssl/sha.h ../include/openssl/stack.h
-passwd.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-passwd.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
-passwd.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h
-passwd.o: passwd.c
-pkcs12.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-pkcs12.o: ../include/openssl/buffer.h ../include/openssl/conf.h
-pkcs12.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-pkcs12.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-pkcs12.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-pkcs12.o: ../include/openssl/err.h ../include/openssl/evp.h
-pkcs12.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-pkcs12.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-pkcs12.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-pkcs12.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-pkcs12.o: ../include/openssl/pkcs12.h ../include/openssl/pkcs7.h
-pkcs12.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-pkcs12.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-pkcs12.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
-pkcs12.o: ../include/openssl/x509_vfy.h apps.h pkcs12.c
-pkcs7.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-pkcs7.o: ../include/openssl/buffer.h ../include/openssl/conf.h
-pkcs7.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-pkcs7.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-pkcs7.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-pkcs7.o: ../include/openssl/err.h ../include/openssl/evp.h
-pkcs7.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-pkcs7.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-pkcs7.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-pkcs7.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-pkcs7.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
-pkcs7.o: ../include/openssl/sha.h ../include/openssl/stack.h
-pkcs7.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-pkcs7.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h pkcs7.c
-pkcs8.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-pkcs8.o: ../include/openssl/buffer.h ../include/openssl/conf.h
-pkcs8.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-pkcs8.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-pkcs8.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-pkcs8.o: ../include/openssl/err.h ../include/openssl/evp.h
-pkcs8.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-pkcs8.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-pkcs8.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-pkcs8.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-pkcs8.o: ../include/openssl/pkcs12.h ../include/openssl/pkcs7.h
-pkcs8.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-pkcs8.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-pkcs8.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
-pkcs8.o: ../include/openssl/x509_vfy.h apps.h pkcs8.c
-rand.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-rand.o: ../include/openssl/buffer.h ../include/openssl/conf.h
-rand.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-rand.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-rand.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-rand.o: ../include/openssl/err.h ../include/openssl/evp.h
-rand.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-rand.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-rand.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-rand.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-rand.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-rand.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-rand.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
-rand.o: ../include/openssl/x509_vfy.h apps.h rand.c
-req.o: ../crypto/cryptlib.h ../e_os.h ../include/openssl/asn1.h
-req.o: ../include/openssl/bio.h ../include/openssl/bn.h
-req.o: ../include/openssl/buffer.h ../include/openssl/conf.h
-req.o: ../include/openssl/crypto.h ../include/openssl/dh.h
-req.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-req.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-req.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-req.o: ../include/openssl/err.h ../include/openssl/evp.h
-req.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-req.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-req.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-req.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-req.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-req.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-req.o: ../include/openssl/sha.h ../include/openssl/stack.h
-req.o: ../include/openssl/store.h ../include/openssl/symhacks.h
-req.o: ../include/openssl/txt_db.h ../include/openssl/ui.h
-req.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
-req.o: ../include/openssl/x509v3.h apps.h req.c
-rsa.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-rsa.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-rsa.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-rsa.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-rsa.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-rsa.o: ../include/openssl/engine.h ../include/openssl/err.h
-rsa.o: ../include/openssl/evp.h ../include/openssl/lhash.h
-rsa.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-rsa.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-rsa.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-rsa.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-rsa.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-rsa.o: ../include/openssl/sha.h ../include/openssl/stack.h
-rsa.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-rsa.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h rsa.c
-rsautl.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-rsautl.o: ../include/openssl/buffer.h ../include/openssl/conf.h
-rsautl.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-rsautl.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-rsautl.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-rsautl.o: ../include/openssl/err.h ../include/openssl/evp.h
-rsautl.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-rsautl.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-rsautl.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-rsautl.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-rsautl.o: ../include/openssl/pkcs7.h ../include/openssl/rsa.h
-rsautl.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-rsautl.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-rsautl.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
-rsautl.o: ../include/openssl/x509_vfy.h apps.h rsautl.c
-s_cb.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-s_cb.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-s_cb.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-s_cb.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-s_cb.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-s_cb.o: ../include/openssl/engine.h ../include/openssl/err.h
-s_cb.o: ../include/openssl/evp.h ../include/openssl/kssl.h
-s_cb.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-s_cb.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-s_cb.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-s_cb.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-s_cb.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
-s_cb.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-s_cb.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-s_cb.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-s_cb.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-s_cb.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
-s_cb.o: ../include/openssl/x509_vfy.h apps.h s_apps.h s_cb.c
-s_client.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-s_client.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-s_client.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-s_client.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-s_client.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-s_client.o: ../include/openssl/engine.h ../include/openssl/err.h
-s_client.o: ../include/openssl/evp.h ../include/openssl/kssl.h
-s_client.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-s_client.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-s_client.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-s_client.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-s_client.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-s_client.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-s_client.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-s_client.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-s_client.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-s_client.o: ../include/openssl/tls1.h ../include/openssl/txt_db.h
-s_client.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h
-s_client.o: s_apps.h s_client.c
-s_server.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-s_server.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-s_server.o: ../include/openssl/comp.h ../include/openssl/conf.h
-s_server.o: ../include/openssl/crypto.h ../include/openssl/dh.h
-s_server.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-s_server.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-s_server.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-s_server.o: ../include/openssl/err.h ../include/openssl/evp.h
-s_server.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-s_server.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-s_server.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-s_server.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-s_server.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s_server.o: ../include/openssl/rand.h ../include/openssl/rsa.h
-s_server.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-s_server.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-s_server.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-s_server.o: ../include/openssl/stack.h ../include/openssl/store.h
-s_server.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-s_server.o: ../include/openssl/txt_db.h ../include/openssl/ui.h
-s_server.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h
-s_server.o: s_apps.h s_server.c
-s_socket.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-s_socket.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-s_socket.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-s_socket.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-s_socket.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-s_socket.o: ../include/openssl/engine.h ../include/openssl/evp.h
-s_socket.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-s_socket.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-s_socket.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-s_socket.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-s_socket.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s_socket.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-s_socket.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-s_socket.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-s_socket.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-s_socket.o: ../include/openssl/tls1.h ../include/openssl/txt_db.h
-s_socket.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h
-s_socket.o: s_apps.h s_socket.c
-s_time.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-s_time.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-s_time.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-s_time.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-s_time.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-s_time.o: ../include/openssl/engine.h ../include/openssl/err.h
-s_time.o: ../include/openssl/evp.h ../include/openssl/kssl.h
-s_time.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-s_time.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-s_time.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-s_time.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-s_time.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
-s_time.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-s_time.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-s_time.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-s_time.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-s_time.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
-s_time.o: ../include/openssl/x509_vfy.h apps.h s_apps.h s_time.c
-sess_id.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-sess_id.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-sess_id.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-sess_id.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-sess_id.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-sess_id.o: ../include/openssl/engine.h ../include/openssl/err.h
-sess_id.o: ../include/openssl/evp.h ../include/openssl/kssl.h
-sess_id.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-sess_id.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-sess_id.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-sess_id.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-sess_id.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
-sess_id.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-sess_id.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-sess_id.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-sess_id.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-sess_id.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
-sess_id.o: ../include/openssl/x509_vfy.h apps.h sess_id.c
-smime.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-smime.o: ../include/openssl/buffer.h ../include/openssl/conf.h
-smime.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-smime.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-smime.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-smime.o: ../include/openssl/err.h ../include/openssl/evp.h
-smime.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-smime.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-smime.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-smime.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-smime.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
-smime.o: ../include/openssl/sha.h ../include/openssl/stack.h
-smime.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-smime.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
-smime.o: ../include/openssl/x509v3.h apps.h smime.c
-speed.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
-speed.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
-speed.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-speed.o: ../include/openssl/cast.h ../include/openssl/conf.h
-speed.o: ../include/openssl/crypto.h ../include/openssl/des.h
-speed.o: ../include/openssl/des_old.h ../include/openssl/dsa.h
-speed.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-speed.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-speed.o: ../include/openssl/engine.h ../include/openssl/err.h
-speed.o: ../include/openssl/evp.h ../include/openssl/hmac.h
-speed.o: ../include/openssl/idea.h ../include/openssl/lhash.h
-speed.o: ../include/openssl/md2.h ../include/openssl/md4.h
-speed.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-speed.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-speed.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-speed.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
-speed.o: ../include/openssl/rand.h ../include/openssl/rc2.h
-speed.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-speed.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-speed.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-speed.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-speed.o: ../include/openssl/txt_db.h ../include/openssl/ui.h
-speed.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
-speed.o: ../include/openssl/x509_vfy.h apps.h speed.c testdsa.h testrsa.h
-spkac.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-spkac.o: ../include/openssl/buffer.h ../include/openssl/conf.h
-spkac.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-spkac.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-spkac.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-spkac.o: ../include/openssl/err.h ../include/openssl/evp.h
-spkac.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-spkac.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-spkac.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-spkac.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-spkac.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
-spkac.o: ../include/openssl/sha.h ../include/openssl/stack.h
-spkac.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-spkac.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h spkac.c
-verify.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-verify.o: ../include/openssl/buffer.h ../include/openssl/conf.h
-verify.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-verify.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-verify.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-verify.o: ../include/openssl/err.h ../include/openssl/evp.h
-verify.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-verify.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-verify.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-verify.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-verify.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
-verify.o: ../include/openssl/sha.h ../include/openssl/stack.h
-verify.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-verify.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
-verify.o: ../include/openssl/x509v3.h apps.h verify.c
-version.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-version.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-version.o: ../include/openssl/buffer.h ../include/openssl/conf.h
-version.o: ../include/openssl/crypto.h ../include/openssl/des.h
-version.o: ../include/openssl/des_old.h ../include/openssl/e_os2.h
-version.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-version.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-version.o: ../include/openssl/evp.h ../include/openssl/idea.h
-version.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-version.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-version.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-version.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
-version.o: ../include/openssl/rc4.h ../include/openssl/safestack.h
-version.o: ../include/openssl/sha.h ../include/openssl/stack.h
-version.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-version.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
-version.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h
-version.o: version.c
-x509.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-x509.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-x509.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-x509.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-x509.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-x509.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-x509.o: ../include/openssl/err.h ../include/openssl/evp.h
-x509.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-x509.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-x509.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-x509.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-x509.o: ../include/openssl/pkcs7.h ../include/openssl/rsa.h
-x509.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-x509.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-x509.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
-x509.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h x509.c
diff --git a/apps/apps.c b/apps/apps.c
index 1bcebc749a..5dccea70d2 100644
--- a/apps/apps.c
+++ b/apps/apps.c
@@ -109,12 +109,22 @@
  *
  */
 
+#ifndef _POSIX_C_SOURCE
+#define _POSIX_C_SOURCE 2	/* On VMS, you need to define this to get
+				   the declaration of fileno().  The value
+				   2 is to make sure no function defined
+				   in POSIX-2 is left undefined. */
+#endif
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
+#if !defined(OPENSSL_SYSNAME_WIN32) && !defined(NETWARE_CLIB)
+#include <strings.h>
+#endif
 #include <sys/types.h>
-#include <sys/stat.h>
 #include <ctype.h>
+#include <errno.h>
+#include <assert.h>
 #include <openssl/err.h>
 #include <openssl/x509.h>
 #include <openssl/x509v3.h>
@@ -125,15 +135,25 @@
 #ifndef OPENSSL_NO_ENGINE
 #include <openssl/engine.h>
 #endif
+#ifndef OPENSSL_NO_RSA
 #include <openssl/rsa.h>
+#endif
 #include <openssl/bn.h>
+#ifndef OPENSSL_NO_JPAKE
+#include <openssl/jpake.h>
+#endif
 
 #define NON_MAIN
 #include "apps.h"
 #undef NON_MAIN
 
+#ifdef _WIN32
+static int WIN32_rename(const char *from, const char *to);
+#define rename(from,to) WIN32_rename((from),(to))
+#endif
+
 typedef struct {
-	char *name;
+	const char *name;
 	unsigned long flag;
 	unsigned long mask;
 } NAME_EX_TBL;
@@ -160,18 +180,23 @@ int args_from_file(char *file, int *argc, char **argv[])
 	static char *buf=NULL;
 	static char **arg=NULL;
 	char *p;
-	struct stat stbuf;
-
-	if (stat(file,&stbuf) < 0) return(0);
 
 	fp=fopen(file,"r");
 	if (fp == NULL)
 		return(0);
 
+	if (fseek(fp,0,SEEK_END)==0)
+		len=ftell(fp), rewind(fp);
+	else	len=-1;
+	if (len<=0)
+		{
+		fclose(fp);
+		return(0);
+		}
+
 	*argc=0;
 	*argv=NULL;
 
-	len=(unsigned int)stbuf.st_size;
 	if (buf != NULL) OPENSSL_free(buf);
 	buf=(char *)OPENSSL_malloc(len+1);
 	if (buf == NULL) return(0);
@@ -236,18 +261,25 @@ int str2fmt(char *s)
 		return(FORMAT_ASN1);
 	else if ((*s == 'T') || (*s == 't'))
 		return(FORMAT_TEXT);
-	else if ((*s == 'P') || (*s == 'p'))
-		return(FORMAT_PEM);
-	else if ((*s == 'N') || (*s == 'n'))
-		return(FORMAT_NETSCAPE);
-	else if ((*s == 'S') || (*s == 's'))
-		return(FORMAT_SMIME);
+  	else if ((*s == 'N') || (*s == 'n'))
+  		return(FORMAT_NETSCAPE);
+  	else if ((*s == 'S') || (*s == 's'))
+  		return(FORMAT_SMIME);
+ 	else if ((*s == 'M') || (*s == 'm'))
+ 		return(FORMAT_MSBLOB);
 	else if ((*s == '1')
 		|| (strcmp(s,"PKCS12") == 0) || (strcmp(s,"pkcs12") == 0)
 		|| (strcmp(s,"P12") == 0) || (strcmp(s,"p12") == 0))
 		return(FORMAT_PKCS12);
 	else if ((*s == 'E') || (*s == 'e'))
 		return(FORMAT_ENGINE);
+	else if ((*s == 'P') || (*s == 'p'))
+ 		{
+ 		if (s[1] == 'V' || s[1] == 'v')
+ 			return FORMAT_PVK;
+ 		else
+  			return(FORMAT_PEM);
+ 		}
 	else
 		return(FORMAT_UNDEF);
 	}
@@ -374,10 +406,17 @@ int chopup_args(ARGS *arg, char *buf, int *argc, char **argv[])
 		/* The start of something good :-) */
 		if (num >= arg->count)
 			{
-			arg->count+=20;
-			arg->data=(char **)OPENSSL_realloc(arg->data,
-				sizeof(char *)*arg->count);
-			if (argc == 0) return(0);
+			char **tmp_p;
+			int tlen = arg->count + 20;
+			tmp_p = (char **)OPENSSL_realloc(arg->data,
+				sizeof(char *)*tlen);
+			if (tmp_p == NULL)
+				return 0;
+			arg->data  = tmp_p;
+			arg->count = tlen;
+			/* initialize newly allocated data */
+			for (i = num; i < arg->count; i++)
+				arg->data[i] = NULL;
 			}
 		arg->data[num++]=p;
 
@@ -626,6 +665,15 @@ static char *app_get_pass(BIO *err, char *arg, int keepbio)
 				BIO_printf(err, "Can't open file %s\n", arg + 5);
 				return NULL;
 			}
+#if !defined(_WIN32)
+		/*
+		 * Under _WIN32, which covers even Win64 and CE, file
+		 * descriptors referenced by BIO_s_fd are not inherited
+		 * by child process and therefore below is not an option.
+		 * It could have been an option if bss_fd.c was operating
+		 * on real Windows descriptors, such as those obtained
+		 * with CreateFile.
+		 */
 		} else if(!strncmp(arg, "fd:", 3)) {
 			BIO *btmp;
 			i = atoi(arg + 3);
@@ -637,6 +685,7 @@ static char *app_get_pass(BIO *err, char *arg, int keepbio)
 			/* Can't do BIO_gets on an fd BIO so add a buffering BIO */
 			btmp = BIO_new(BIO_f_buffer());
 			pwdbio = BIO_push(btmp, pwdbio);
+#endif
 		} else if(!strcmp(arg, "stdin")) {
 			pwdbio = BIO_new_fp(stdin, BIO_NOCLOSE);
 			if(!pwdbio) {
@@ -736,8 +785,6 @@ static int load_pkcs12(BIO *err, BIO *in, const char *desc,
 X509 *load_cert(BIO *err, const char *file, int format,
 	const char *pass, ENGINE *e, const char *cert_descrip)
 	{
-	ASN1_HEADER *ah=NULL;
-	BUF_MEM *buf=NULL;
 	X509 *x=NULL;
 	BIO *cert;
 
@@ -749,7 +796,9 @@ X509 *load_cert(BIO *err, const char *file, int format,
 
 	if (file == NULL)
 		{
+#ifdef _IONBF
 		setvbuf(stdin, NULL, _IONBF, 0);
+#endif
 		BIO_set_fp(cert,stdin,BIO_NOCLOSE);
 		}
 	else
@@ -767,46 +816,21 @@ X509 *load_cert(BIO *err, const char *file, int format,
 		x=d2i_X509_bio(cert,NULL);
 	else if (format == FORMAT_NETSCAPE)
 		{
-		const unsigned char *p,*op;
-		int size=0,i;
-
-		/* We sort of have to do it this way because it is sort of nice
-		 * to read the header first and check it, then
-		 * try to read the certificate */
-		buf=BUF_MEM_new();
-		for (;;)
-			{
-			if ((buf == NULL) || (!BUF_MEM_grow(buf,size+1024*10)))
+		NETSCAPE_X509 *nx;
+		nx=ASN1_item_d2i_bio(ASN1_ITEM_rptr(NETSCAPE_X509),cert,NULL);
+		if (nx == NULL)
 				goto end;
-			i=BIO_read(cert,&(buf->data[size]),1024*10);
-			size+=i;
-			if (i == 0) break;
-			if (i < 0)
-				{
-				perror("reading certificate");
-				goto end;
-				}
-			}
-		p=(unsigned char *)buf->data;
-		op=p;
 
-		/* First load the header */
-		if ((ah=d2i_ASN1_HEADER(NULL,&p,(long)size)) == NULL)
-			goto end;
-		if ((ah->header == NULL) || (ah->header->data == NULL) ||
-			(strncmp(NETSCAPE_CERT_HDR,(char *)ah->header->data,
-			ah->header->length) != 0))
+		if ((strncmp(NETSCAPE_CERT_HDR,(char *)nx->header->data,
+			nx->header->length) != 0))
 			{
+			NETSCAPE_X509_free(nx);
 			BIO_printf(err,"Error reading header on certificate\n");
 			goto end;
 			}
-		/* header is ok, so now read the object */
-		p=op;
-		ah->meth=X509_asn1_meth();
-		if ((ah=d2i_ASN1_HEADER(&ah,&p,(long)size)) == NULL)
-			goto end;
-		x=(X509 *)ah->data;
-		ah->data=NULL;
+		x=nx->cert;
+		nx->cert = NULL;
+		NETSCAPE_X509_free(nx);
 		}
 	else if (format == FORMAT_PEM)
 		x=PEM_read_bio_X509_AUX(cert,NULL,
@@ -828,9 +852,7 @@ end:
 		BIO_printf(err,"unable to load certificate\n");
 		ERR_print_errors(err);
 		}
-	if (ah != NULL) ASN1_HEADER_free(ah);
 	if (cert != NULL) BIO_free(cert);
-	if (buf != NULL) BUF_MEM_free(buf);
 	return(x);
 	}
 
@@ -868,7 +890,9 @@ EVP_PKEY *load_key(BIO *err, const char *file, int format, int maybe_stdin,
 		}
 	if (file == NULL && maybe_stdin)
 		{
+#ifdef _IONBF
 		setvbuf(stdin, NULL, _IONBF, 0);
+#endif
 		BIO_set_fp(key,stdin,BIO_NOCLOSE);
 		}
 	else
@@ -899,6 +923,13 @@ EVP_PKEY *load_key(BIO *err, const char *file, int format, int maybe_stdin,
 				&pkey, NULL, NULL))
 			goto end;
 		}
+#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DSA)
+	else if (format == FORMAT_MSBLOB)
+		pkey = b2i_PrivateKey_bio(key);
+	else if (format == FORMAT_PVK)
+		pkey = b2i_PVK_bio(key, (pem_password_cb *)password_callback,
+								&cb_data);
+#endif
 	else
 		{
 		BIO_printf(err,"bad input format specified for key file\n");
@@ -945,7 +976,9 @@ EVP_PKEY *load_pubkey(BIO *err, const char *file, int format, int maybe_stdin,
 		}
 	if (file == NULL && maybe_stdin)
 		{
+#ifdef _IONBF
 		setvbuf(stdin, NULL, _IONBF, 0);
+#endif
 		BIO_set_fp(key,stdin,BIO_NOCLOSE);
 		}
 	else
@@ -960,6 +993,37 @@ EVP_PKEY *load_pubkey(BIO *err, const char *file, int format, int maybe_stdin,
 		{
 		pkey=d2i_PUBKEY_bio(key, NULL);
 		}
+#ifndef OPENSSL_NO_RSA
+	else if (format == FORMAT_ASN1RSA)
+		{
+		RSA *rsa;
+		rsa = d2i_RSAPublicKey_bio(key, NULL);
+		if (rsa)
+			{
+			pkey = EVP_PKEY_new();
+			if (pkey)
+				EVP_PKEY_set1_RSA(pkey, rsa);
+			RSA_free(rsa);
+			}
+		else
+			pkey = NULL;
+		}
+	else if (format == FORMAT_PEMRSA)
+		{
+		RSA *rsa;
+		rsa = PEM_read_bio_RSAPublicKey(key, NULL, 
+			(pem_password_cb *)password_callback, &cb_data);
+		if (rsa)
+			{
+			pkey = EVP_PKEY_new();
+			if (pkey)
+				EVP_PKEY_set1_RSA(pkey, rsa);
+			RSA_free(rsa);
+			}
+		else
+			pkey = NULL;
+		}
+#endif
 	else if (format == FORMAT_PEM)
 		{
 		pkey=PEM_read_bio_PUBKEY(key,NULL,
@@ -969,6 +1033,10 @@ EVP_PKEY *load_pubkey(BIO *err, const char *file, int format, int maybe_stdin,
 	else if (format == FORMAT_NETSCAPE || format == FORMAT_IISSGC)
 		pkey = load_netscape_key(err, key, file, key_descrip, format);
 #endif
+#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DSA)
+	else if (format == FORMAT_MSBLOB)
+		pkey = b2i_PublicKey_bio(key);
+#endif
 	else
 		{
 		BIO_printf(err,"bad input format specified for key file\n");
@@ -1027,76 +1095,120 @@ error:
 	}
 #endif /* ndef OPENSSL_NO_RC4 */
 
-STACK_OF(X509) *load_certs(BIO *err, const char *file, int format,
-	const char *pass, ENGINE *e, const char *cert_descrip)
+static int load_certs_crls(BIO *err, const char *file, int format,
+	const char *pass, ENGINE *e, const char *desc,
+	STACK_OF(X509) **pcerts, STACK_OF(X509_CRL) **pcrls)
 	{
-	BIO *certs;
 	int i;
-	STACK_OF(X509) *othercerts = NULL;
-	STACK_OF(X509_INFO) *allcerts = NULL;
+	BIO *bio;
+	STACK_OF(X509_INFO) *xis = NULL;
 	X509_INFO *xi;
 	PW_CB_DATA cb_data;
+	int rv = 0;
 
 	cb_data.password = pass;
 	cb_data.prompt_info = file;
 
-	if((certs = BIO_new(BIO_s_file())) == NULL)
+	if (format != FORMAT_PEM)
 		{
-		ERR_print_errors(err);
-		goto end;
+		BIO_printf(err,"bad input format specified for %s\n", desc);
+		return 0;
 		}
 
 	if (file == NULL)
-		BIO_set_fp(certs,stdin,BIO_NOCLOSE);
+		bio = BIO_new_fp(stdin,BIO_NOCLOSE);
 	else
+		bio = BIO_new_file(file, "r");
+
+	if (bio == NULL)
 		{
-		if (BIO_read_filename(certs,file) <= 0)
-			{
-			BIO_printf(err, "Error opening %s %s\n",
-				cert_descrip, file);
-			ERR_print_errors(err);
+		BIO_printf(err, "Error opening %s %s\n",
+				desc, file ? file : "stdin");
+		ERR_print_errors(err);
+		return 0;
+		}
+
+	xis = PEM_X509_INFO_read_bio(bio, NULL,
+				(pem_password_cb *)password_callback, &cb_data);
+
+	BIO_free(bio);
+
+	if (pcerts)
+		{
+		*pcerts = sk_X509_new_null();
+		if (!*pcerts)
 			goto end;
-			}
 		}
 
-	if      (format == FORMAT_PEM)
+	if (pcrls)
 		{
-		othercerts = sk_X509_new_null();
-		if(!othercerts)
-			{
-			sk_X509_free(othercerts);
-			othercerts = NULL;
+		*pcrls = sk_X509_CRL_new_null();
+		if (!*pcrls)
 			goto end;
+		}
+
+	for(i = 0; i < sk_X509_INFO_num(xis); i++)
+		{
+		xi = sk_X509_INFO_value (xis, i);
+		if (xi->x509 && pcerts)
+			{
+			if (!sk_X509_push(*pcerts, xi->x509))
+				goto end;
+			xi->x509 = NULL;
 			}
-		allcerts = PEM_X509_INFO_read_bio(certs, NULL,
-				(pem_password_cb *)password_callback, &cb_data);
-		for(i = 0; i < sk_X509_INFO_num(allcerts); i++)
+		if (xi->crl && pcrls)
 			{
-			xi = sk_X509_INFO_value (allcerts, i);
-			if (xi->x509)
-				{
-				sk_X509_push(othercerts, xi->x509);
-				xi->x509 = NULL;
-				}
+			if (!sk_X509_CRL_push(*pcrls, xi->crl))
+				goto end;
+			xi->crl = NULL;
 			}
-		goto end;
 		}
-	else	{
-		BIO_printf(err,"bad input format specified for %s\n",
-			cert_descrip);
-		goto end;
-		}
-end:
-	if (othercerts == NULL)
+
+	if (pcerts && sk_X509_num(*pcerts) > 0)
+		rv = 1;
+
+	if (pcrls && sk_X509_CRL_num(*pcrls) > 0)
+		rv = 1;
+
+	end:
+
+	if (xis)
+		sk_X509_INFO_pop_free(xis, X509_INFO_free);
+
+	if (rv == 0)
 		{
-		BIO_printf(err,"unable to load certificates\n");
+		if (pcerts)
+			{
+			sk_X509_pop_free(*pcerts, X509_free);
+			*pcerts = NULL;
+			}
+		if (pcrls)
+			{
+			sk_X509_CRL_pop_free(*pcrls, X509_CRL_free);
+			*pcrls = NULL;
+			}
+		BIO_printf(err,"unable to load %s\n",
+				pcerts ? "certificates" : "CRLs");
 		ERR_print_errors(err);
 		}
-	if (allcerts) sk_X509_INFO_pop_free(allcerts, X509_INFO_free);
-	if (certs != NULL) BIO_free(certs);
-	return(othercerts);
+	return rv;
 	}
 
+STACK_OF(X509) *load_certs(BIO *err, const char *file, int format,
+	const char *pass, ENGINE *e, const char *desc)
+	{
+	STACK_OF(X509) *certs;
+	load_certs_crls(err, file, format, pass, e, desc, &certs, NULL);
+	return certs;
+	}	
+
+STACK_OF(X509_CRL) *load_crls(BIO *err, const char *file, int format,
+	const char *pass, ENGINE *e, const char *desc)
+	{
+	STACK_OF(X509_CRL) *crls;
+	load_certs_crls(err, file, format, pass, e, desc, NULL, &crls);
+	return crls;
+	}	
 
 #define X509V3_EXT_UNKNOWN_MASK		(0xfL << 16)
 /* Return error for unknown extensions */
@@ -1269,7 +1381,7 @@ static int set_table_opts(unsigned long *flags, const char *arg, const NAME_EX_T
 	return 0;
 }
 
-void print_name(BIO *out, char *title, X509_NAME *nm, unsigned long lflags)
+void print_name(BIO *out, const char *title, X509_NAME *nm, unsigned long lflags)
 {
 	char *buf;
 	char mline = 0;
@@ -1383,6 +1495,10 @@ ENGINE *setup_engine(BIO *err, const char *engine, int debug)
 
 int load_config(BIO *err, CONF *cnf)
 	{
+	static int load_config_called = 0;
+	if (load_config_called)
+		return 1;
+	load_config_called = 1;
 	if (!cnf)
 		cnf = config;
 	if (!cnf)
@@ -1416,7 +1532,7 @@ char *make_config_name()
 	return p;
 	}
 
-static unsigned long index_serial_hash(const char **a)
+static unsigned long index_serial_hash(const OPENSSL_CSTRING *a)
 	{
 	const char *n;
 
@@ -1425,7 +1541,7 @@ static unsigned long index_serial_hash(const char **a)
 	return(lh_strhash(n));
 	}
 
-static int index_serial_cmp(const char **a, const char **b)
+static int index_serial_cmp(const OPENSSL_CSTRING *a, const OPENSSL_CSTRING *b)
 	{
 	const char *aa,*bb;
 
@@ -1437,17 +1553,16 @@ static int index_serial_cmp(const char **a, const char **b)
 static int index_name_qual(char **a)
 	{ return(a[0][0] == 'V'); }
 
-static unsigned long index_name_hash(const char **a)
+static unsigned long index_name_hash(const OPENSSL_CSTRING *a)
 	{ return(lh_strhash(a[DB_name])); }
 
-int index_name_cmp(const char **a, const char **b)
-	{ return(strcmp(a[DB_name],
-	     b[DB_name])); }
+int index_name_cmp(const OPENSSL_CSTRING *a, const OPENSSL_CSTRING *b)
+	{ return(strcmp(a[DB_name], b[DB_name])); }
 
-static IMPLEMENT_LHASH_HASH_FN(index_serial_hash,const char **)
-static IMPLEMENT_LHASH_COMP_FN(index_serial_cmp,const char **)
-static IMPLEMENT_LHASH_HASH_FN(index_name_hash,const char **)
-static IMPLEMENT_LHASH_COMP_FN(index_name_cmp,const char **)
+static IMPLEMENT_LHASH_HASH_FN(index_serial, OPENSSL_CSTRING)
+static IMPLEMENT_LHASH_COMP_FN(index_serial, OPENSSL_CSTRING)
+static IMPLEMENT_LHASH_HASH_FN(index_name, OPENSSL_CSTRING)
+static IMPLEMENT_LHASH_COMP_FN(index_name, OPENSSL_CSTRING)
 
 #undef BSIZE
 #define BSIZE 256
@@ -1575,7 +1690,6 @@ int rotate_serial(char *serialfile, char *new_suffix, char *old_suffix)
 	{
 	char buf[5][BSIZE];
 	int i,j;
-	struct stat sb;
 
 	i = strlen(serialfile) + strlen(old_suffix);
 	j = strlen(serialfile) + strlen(new_suffix);
@@ -1600,29 +1714,21 @@ int rotate_serial(char *serialfile, char *new_suffix, char *old_suffix)
 	j = BIO_snprintf(buf[1], sizeof buf[1], "%s-%s",
 		serialfile, old_suffix);
 #endif
-	if (stat(serialfile,&sb) < 0)
-		{
-		if (errno != ENOENT 
-#ifdef ENOTDIR
-			&& errno != ENOTDIR)
-#endif
-			goto err;
-		}
-	else
-		{
 #ifdef RL_DEBUG
-		BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n",
-			serialfile, buf[1]);
+	BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n",
+		serialfile, buf[1]);
 #endif
-		if (rename(serialfile,buf[1]) < 0)
-			{
+	if (rename(serialfile,buf[1]) < 0 && errno != ENOENT
+#ifdef ENOTDIR
+			&& errno != ENOTDIR
+#endif
+	   )		{
 			BIO_printf(bio_err,
 				"unable to rename %s to %s\n",
 				serialfile, buf[1]);
 			perror("reason");
 			goto err;
 			}
-		}
 #ifdef RL_DEBUG
 	BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n",
 		buf[0],serialfile);
@@ -1689,10 +1795,7 @@ CA_DB *load_index(char *dbfile, DB_ATTR *db_attr)
 		goto err;
 		}
 	if ((tmpdb = TXT_DB_read(in,DB_NUMBER)) == NULL)
-		{
-		if (tmpdb != NULL) TXT_DB_free(tmpdb);
 		goto err;
-		}
 
 #ifndef OPENSSL_SYS_VMS
 	BIO_snprintf(buf[0], sizeof buf[0], "%s.attr", dbfile);
@@ -1753,8 +1856,8 @@ CA_DB *load_index(char *dbfile, DB_ATTR *db_attr)
 int index_index(CA_DB *db)
 	{
 	if (!TXT_DB_create_index(db->db, DB_serial, NULL,
-				LHASH_HASH_FN(index_serial_hash),
-				LHASH_COMP_FN(index_serial_cmp)))
+				LHASH_HASH_FN(index_serial),
+				LHASH_COMP_FN(index_serial)))
 		{
 		BIO_printf(bio_err,
 		  "error creating serial number index:(%ld,%ld,%ld)\n",
@@ -1764,8 +1867,8 @@ int index_index(CA_DB *db)
 
 	if (db->attributes.unique_subject
 		&& !TXT_DB_create_index(db->db, DB_name, index_name_qual,
-			LHASH_HASH_FN(index_name_hash),
-			LHASH_COMP_FN(index_name_cmp)))
+			LHASH_HASH_FN(index_name),
+			LHASH_COMP_FN(index_name)))
 		{
 		BIO_printf(bio_err,"error creating name index:(%ld,%ld,%ld)\n",
 			db->db->error,db->db->arg1,db->db->arg2);
@@ -1774,7 +1877,7 @@ int index_index(CA_DB *db)
 	return 1;
 	}
 
-int save_index(char *dbfile, char *suffix, CA_DB *db)
+int save_index(const char *dbfile, const char *suffix, CA_DB *db)
 	{
 	char buf[3][BSIZE];
 	BIO *out = BIO_new(BIO_s_file());
@@ -1841,11 +1944,10 @@ int save_index(char *dbfile, char *suffix, CA_DB *db)
 	return 0;
 	}
 
-int rotate_index(char *dbfile, char *new_suffix, char *old_suffix)
+int rotate_index(const char *dbfile, const char *new_suffix, const char *old_suffix)
 	{
 	char buf[5][BSIZE];
 	int i,j;
-	struct stat sb;
 
 	i = strlen(dbfile) + strlen(old_suffix);
 	j = strlen(dbfile) + strlen(new_suffix);
@@ -1889,29 +1991,21 @@ int rotate_index(char *dbfile, char *new_suffix, char *old_suffix)
 	j = BIO_snprintf(buf[3], sizeof buf[3], "%s-attr-%s",
 		dbfile, old_suffix);
 #endif
-	if (stat(dbfile,&sb) < 0)
-		{
-		if (errno != ENOENT 
-#ifdef ENOTDIR
-			&& errno != ENOTDIR)
-#endif
-			goto err;
-		}
-	else
-		{
 #ifdef RL_DEBUG
-		BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n",
-			dbfile, buf[1]);
+	BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n",
+		dbfile, buf[1]);
 #endif
-		if (rename(dbfile,buf[1]) < 0)
-			{
+	if (rename(dbfile,buf[1]) < 0 && errno != ENOENT
+#ifdef ENOTDIR
+		&& errno != ENOTDIR
+#endif
+	   )		{
 			BIO_printf(bio_err,
 				"unable to rename %s to %s\n",
 				dbfile, buf[1]);
 			perror("reason");
 			goto err;
 			}
-		}
 #ifdef RL_DEBUG
 	BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n",
 		buf[0],dbfile);
@@ -1925,22 +2019,15 @@ int rotate_index(char *dbfile, char *new_suffix, char *old_suffix)
 		rename(buf[1],dbfile);
 		goto err;
 		}
-	if (stat(buf[4],&sb) < 0)
-		{
-		if (errno != ENOENT 
-#ifdef ENOTDIR
-			&& errno != ENOTDIR)
-#endif
-			goto err;
-		}
-	else
-		{
 #ifdef RL_DEBUG
-		BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n",
-			buf[4],buf[3]);
+	BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n",
+		buf[4],buf[3]);
 #endif
-		if (rename(buf[4],buf[3]) < 0)
-			{
+	if (rename(buf[4],buf[3]) < 0 && errno != ENOENT
+#ifdef ENOTDIR
+		&& errno != ENOTDIR
+#endif
+	   )		{
 			BIO_printf(bio_err,
 				"unable to rename %s to %s\n",
 				buf[4], buf[3]);
@@ -1949,7 +2036,6 @@ int rotate_index(char *dbfile, char *new_suffix, char *old_suffix)
 			rename(buf[1],dbfile);
 			goto err;
 			}
-		}
 #ifdef RL_DEBUG
 	BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n",
 		buf[2],buf[4]);
@@ -1979,7 +2065,7 @@ void free_index(CA_DB *db)
 		}
 	}
 
-int parse_yesno(char *str, int def)
+int parse_yesno(const char *str, int def)
 	{
 	int ret = def;
 	if (str)
@@ -1998,7 +2084,7 @@ int parse_yesno(char *str, int def)
 		case 'y': /* yes */
 		case 'Y': /* YES */
 		case '1': /* 1 */
-			ret = 0;
+			ret = 1;
 			break;
 		default:
 			ret = def;
@@ -2144,52 +2230,13 @@ error:
 	return NULL;
 }
 
-/* This code MUST COME AFTER anything that uses rename() */
-#ifdef OPENSSL_SYS_WIN32
-int WIN32_rename(char *from, char *to)
-	{
-#ifndef OPENSSL_SYS_WINCE
-	/* Windows rename gives an error if 'to' exists, so delete it
-	 * first and ignore file not found errror
-	 */
-	if((remove(to) != 0) && (errno != ENOENT))
-		return -1;
-#undef rename
-	return rename(from, to);
-#else
-	/* convert strings to UNICODE */
-	{
-	BOOL result = FALSE;
-	WCHAR* wfrom;
-	WCHAR* wto;
-	int i;
-	wfrom = malloc((strlen(from)+1)*2);
-	wto = malloc((strlen(to)+1)*2);
-	if (wfrom != NULL && wto != NULL)
-		{
-		for (i=0; i<(int)strlen(from)+1; i++)
-			wfrom[i] = (short)from[i];
-		for (i=0; i<(int)strlen(to)+1; i++)
-			wto[i] = (short)to[i];
-		result = MoveFile(wfrom, wto);
-		}
-	if (wfrom != NULL)
-		free(wfrom);
-	if (wto != NULL)
-		free(wto);
-	return result;
-	}
-#endif
-	}
-#endif
-
 int args_verify(char ***pargs, int *pargc,
 			int *badarg, BIO *err, X509_VERIFY_PARAM **pm)
 	{
 	ASN1_OBJECT *otmp = NULL;
 	unsigned long flags = 0;
 	int i;
-	int purpose = 0;
+	int purpose = 0, depth = -1;
 	char **oldargs = *pargs;
 	char *arg = **pargs, *argn = (*pargs)[1];
 	if (!strcmp(arg, "-policy"))
@@ -2229,6 +2276,21 @@ int args_verify(char ***pargs, int *pargc,
 			}
 		(*pargs)++;
 		}
+	else if (strcmp(arg,"-verify_depth") == 0)
+		{
+		if (!argn)
+			*badarg = 1;
+		else
+			{
+			depth = atoi(argn);
+			if(depth < 0)
+				{
+				BIO_printf(err, "invalid depth\n");
+				*badarg = 1;
+				}
+			}
+		(*pargs)++;
+		}
 	else if (!strcmp(arg, "-ignore_critical"))
 		flags |= X509_V_FLAG_IGNORE_CRITICAL;
 	else if (!strcmp(arg, "-issuer_checks"))
@@ -2241,10 +2303,20 @@ int args_verify(char ***pargs, int *pargc,
 		flags |= X509_V_FLAG_POLICY_CHECK;
 	else if (!strcmp(arg, "-explicit_policy"))
 		flags |= X509_V_FLAG_EXPLICIT_POLICY;
+	else if (!strcmp(arg, "-inhibit_any"))
+		flags |= X509_V_FLAG_INHIBIT_ANY;
+	else if (!strcmp(arg, "-inhibit_map"))
+		flags |= X509_V_FLAG_INHIBIT_MAP;
 	else if (!strcmp(arg, "-x509_strict"))
 		flags |= X509_V_FLAG_X509_STRICT;
+	else if (!strcmp(arg, "-extended_crl"))
+		flags |= X509_V_FLAG_EXTENDED_CRL_SUPPORT;
+	else if (!strcmp(arg, "-use_deltas"))
+		flags |= X509_V_FLAG_USE_DELTAS;
 	else if (!strcmp(arg, "-policy_print"))
 		flags |= X509_V_FLAG_NOTIFY_POLICY;
+	else if (!strcmp(arg, "-check_ss_sig"))
+		flags |= X509_V_FLAG_CHECK_SS_SIGNATURE;
 	else
 		return 0;
 
@@ -2270,6 +2342,9 @@ int args_verify(char ***pargs, int *pargc,
 	if (purpose)
 		X509_VERIFY_PARAM_set_purpose(*pm, purpose);
 
+	if (depth >= 0)
+		X509_VERIFY_PARAM_set_depth(*pm, depth);
+
 	end:
 
 	(*pargs)++;
@@ -2281,7 +2356,63 @@ int args_verify(char ***pargs, int *pargc,
 
 	}
 
-static void nodes_print(BIO *out, char *name, STACK_OF(X509_POLICY_NODE) *nodes)
+/* Read whole contents of a BIO into an allocated memory buffer and
+ * return it.
+ */
+
+int bio_to_mem(unsigned char **out, int maxlen, BIO *in)
+	{
+	BIO *mem;
+	int len, ret;
+	unsigned char tbuf[1024];
+	mem = BIO_new(BIO_s_mem());
+	if (!mem)
+		return -1;
+	for(;;)
+		{
+		if ((maxlen != -1) && maxlen < 1024)
+			len = maxlen;
+		else
+			len = 1024;
+		len = BIO_read(in, tbuf, len);
+		if (len <= 0)
+			break;
+		if (BIO_write(mem, tbuf, len) != len)
+			{
+			BIO_free(mem);
+			return -1;
+			}
+		maxlen -= len;
+
+		if (maxlen == 0)
+			break;
+		}
+	ret = BIO_get_mem_data(mem, (char **)out);
+	BIO_set_flags(mem, BIO_FLAGS_MEM_RDONLY);
+	BIO_free(mem);
+	return ret;
+	}
+
+int pkey_ctrl_string(EVP_PKEY_CTX *ctx, char *value)
+	{
+	int rv;
+	char *stmp, *vtmp = NULL;
+	stmp = BUF_strdup(value);
+	if (!stmp)
+		return -1;
+	vtmp = strchr(stmp, ':');
+	if (vtmp)
+		{
+		*vtmp = 0;
+		vtmp++;
+		}
+	rv = EVP_PKEY_CTX_ctrl_str(ctx, stmp, vtmp);
+	OPENSSL_free(stmp);
+	return rv;
+	}
+
+static void nodes_print(BIO *out, const char *name,
+	STACK_OF(X509_POLICY_NODE) *nodes)
 	{
 	X509_POLICY_NODE *node;
 	int i;
@@ -2320,3 +2451,553 @@ void policies_print(BIO *out, X509_STORE_CTX *ctx)
 	if (free_out)
 		BIO_free(out);
 	}
+
+#if !defined(OPENSSL_NO_JPAKE) && !defined(OPENSSL_NO_PSK)
+
+static JPAKE_CTX *jpake_init(const char *us, const char *them,
+							 const char *secret)
+	{
+	BIGNUM *p = NULL;
+	BIGNUM *g = NULL;
+	BIGNUM *q = NULL;
+	BIGNUM *bnsecret = BN_new();
+	JPAKE_CTX *ctx;
+
+	/* Use a safe prime for p (that we found earlier) */
+	BN_hex2bn(&p, "F9E5B365665EA7A05A9C534502780FEE6F1AB5BD4F49947FD036DBD7E905269AF46EF28B0FC07487EE4F5D20FB3C0AF8E700F3A2FA3414970CBED44FEDFF80CE78D800F184BB82435D137AADA2C6C16523247930A63B85661D1FC817A51ACD96168E95898A1F83A79FFB529368AA7833ABD1B0C3AEDDB14D2E1A2F71D99F763F");
+	g = BN_new();
+	BN_set_word(g, 2);
+	q = BN_new();
+	BN_rshift1(q, p);
+
+	BN_bin2bn((const unsigned char *)secret, strlen(secret), bnsecret);
+
+	ctx = JPAKE_CTX_new(us, them, p, g, q, bnsecret);
+	BN_free(bnsecret);
+	BN_free(q);
+	BN_free(g);
+	BN_free(p);
+
+	return ctx;
+	}
+
+static void jpake_send_part(BIO *conn, const JPAKE_STEP_PART *p)
+	{
+	BN_print(conn, p->gx);
+	BIO_puts(conn, "\n");
+	BN_print(conn, p->zkpx.gr);
+	BIO_puts(conn, "\n");
+	BN_print(conn, p->zkpx.b);
+	BIO_puts(conn, "\n");
+	}
+
+static void jpake_send_step1(BIO *bconn, JPAKE_CTX *ctx)
+	{
+	JPAKE_STEP1 s1;
+
+	JPAKE_STEP1_init(&s1);
+	JPAKE_STEP1_generate(&s1, ctx);
+	jpake_send_part(bconn, &s1.p1);
+	jpake_send_part(bconn, &s1.p2);
+	(void)BIO_flush(bconn);
+	JPAKE_STEP1_release(&s1);
+	}
+
+static void jpake_send_step2(BIO *bconn, JPAKE_CTX *ctx)
+	{
+	JPAKE_STEP2 s2;
+
+	JPAKE_STEP2_init(&s2);
+	JPAKE_STEP2_generate(&s2, ctx);
+	jpake_send_part(bconn, &s2);
+	(void)BIO_flush(bconn);
+	JPAKE_STEP2_release(&s2);
+	}
+
+static void jpake_send_step3a(BIO *bconn, JPAKE_CTX *ctx)
+	{
+	JPAKE_STEP3A s3a;
+
+	JPAKE_STEP3A_init(&s3a);
+	JPAKE_STEP3A_generate(&s3a, ctx);
+	BIO_write(bconn, s3a.hhk, sizeof s3a.hhk);
+	(void)BIO_flush(bconn);
+	JPAKE_STEP3A_release(&s3a);
+	}
+
+static void jpake_send_step3b(BIO *bconn, JPAKE_CTX *ctx)
+	{
+	JPAKE_STEP3B s3b;
+
+	JPAKE_STEP3B_init(&s3b);
+	JPAKE_STEP3B_generate(&s3b, ctx);
+	BIO_write(bconn, s3b.hk, sizeof s3b.hk);
+	(void)BIO_flush(bconn);
+	JPAKE_STEP3B_release(&s3b);
+	}
+
+static void readbn(BIGNUM **bn, BIO *bconn)
+	{
+	char buf[10240];
+	int l;
+
+	l = BIO_gets(bconn, buf, sizeof buf);
+	assert(l > 0);
+	assert(buf[l-1] == '\n');
+	buf[l-1] = '\0';
+	BN_hex2bn(bn, buf);
+	}
+
+static void jpake_receive_part(JPAKE_STEP_PART *p, BIO *bconn)
+	{
+	readbn(&p->gx, bconn);
+	readbn(&p->zkpx.gr, bconn);
+	readbn(&p->zkpx.b, bconn);
+	}
+
+static void jpake_receive_step1(JPAKE_CTX *ctx, BIO *bconn)
+	{
+	JPAKE_STEP1 s1;
+
+	JPAKE_STEP1_init(&s1);
+	jpake_receive_part(&s1.p1, bconn);
+	jpake_receive_part(&s1.p2, bconn);
+	if(!JPAKE_STEP1_process(ctx, &s1))
+		{
+		ERR_print_errors(bio_err);
+		exit(1);
+		}
+	JPAKE_STEP1_release(&s1);
+	}
+
+static void jpake_receive_step2(JPAKE_CTX *ctx, BIO *bconn)
+	{
+	JPAKE_STEP2 s2;
+
+	JPAKE_STEP2_init(&s2);
+	jpake_receive_part(&s2, bconn);
+	if(!JPAKE_STEP2_process(ctx, &s2))
+		{
+		ERR_print_errors(bio_err);
+		exit(1);
+		}
+	JPAKE_STEP2_release(&s2);
+	}
+
+static void jpake_receive_step3a(JPAKE_CTX *ctx, BIO *bconn)
+	{
+	JPAKE_STEP3A s3a;
+	int l;
+
+	JPAKE_STEP3A_init(&s3a);
+	l = BIO_read(bconn, s3a.hhk, sizeof s3a.hhk);
+	assert(l == sizeof s3a.hhk);
+	if(!JPAKE_STEP3A_process(ctx, &s3a))
+		{
+		ERR_print_errors(bio_err);
+		exit(1);
+		}
+	JPAKE_STEP3A_release(&s3a);
+	}
+
+static void jpake_receive_step3b(JPAKE_CTX *ctx, BIO *bconn)
+	{
+	JPAKE_STEP3B s3b;
+	int l;
+
+	JPAKE_STEP3B_init(&s3b);
+	l = BIO_read(bconn, s3b.hk, sizeof s3b.hk);
+	assert(l == sizeof s3b.hk);
+	if(!JPAKE_STEP3B_process(ctx, &s3b))
+		{
+		ERR_print_errors(bio_err);
+		exit(1);
+		}
+	JPAKE_STEP3B_release(&s3b);
+	}
+
+void jpake_client_auth(BIO *out, BIO *conn, const char *secret)
+	{
+	JPAKE_CTX *ctx;
+	BIO *bconn;
+
+	BIO_puts(out, "Authenticating with JPAKE\n");
+
+	ctx = jpake_init("client", "server", secret);
+
+	bconn = BIO_new(BIO_f_buffer());
+	BIO_push(bconn, conn);
+
+	jpake_send_step1(bconn, ctx);
+	jpake_receive_step1(ctx, bconn);
+	jpake_send_step2(bconn, ctx);
+	jpake_receive_step2(ctx, bconn);
+	jpake_send_step3a(bconn, ctx);
+	jpake_receive_step3b(ctx, bconn);
+
+	BIO_puts(out, "JPAKE authentication succeeded, setting PSK\n");
+
+	psk_key = BN_bn2hex(JPAKE_get_shared_key(ctx));
+
+	BIO_pop(bconn);
+	BIO_free(bconn);
+
+	JPAKE_CTX_free(ctx);
+	}
+
+void jpake_server_auth(BIO *out, BIO *conn, const char *secret)
+	{
+	JPAKE_CTX *ctx;
+	BIO *bconn;
+
+	BIO_puts(out, "Authenticating with JPAKE\n");
+
+	ctx = jpake_init("server", "client", secret);
+
+	bconn = BIO_new(BIO_f_buffer());
+	BIO_push(bconn, conn);
+
+	jpake_receive_step1(ctx, bconn);
+	jpake_send_step1(bconn, ctx);
+	jpake_receive_step2(ctx, bconn);
+	jpake_send_step2(bconn, ctx);
+	jpake_receive_step3a(ctx, bconn);
+	jpake_send_step3b(bconn, ctx);
+
+	BIO_puts(out, "JPAKE authentication succeeded, setting PSK\n");
+
+	psk_key = BN_bn2hex(JPAKE_get_shared_key(ctx));
+
+	BIO_pop(bconn);
+	BIO_free(bconn);
+
+	JPAKE_CTX_free(ctx);
+	}
+
+#endif
+
+/*
+ * Platform-specific sections
+ */
+#if defined(_WIN32)
+# ifdef fileno
+#  undef fileno
+#  define fileno(a) (int)_fileno(a)
+# endif
+
+# include <windows.h>
+# include <tchar.h>
+
+static int WIN32_rename(const char *from, const char *to)
+	{
+	TCHAR  *tfrom=NULL,*tto;
+	DWORD	err;
+	int	ret=0;
+
+	if (sizeof(TCHAR) == 1)
+		{
+		tfrom = (TCHAR *)from;
+		tto   = (TCHAR *)to;
+		}
+	else	/* UNICODE path */
+		{
+		size_t i,flen=strlen(from)+1,tlen=strlen(to)+1;
+		tfrom = (TCHAR *)malloc(sizeof(TCHAR)*(flen+tlen));
+		if (tfrom==NULL) goto err;
+		tto=tfrom+flen;
+#if !defined(_WIN32_WCE) || _WIN32_WCE>=101
+		if (!MultiByteToWideChar(CP_ACP,0,from,flen,(WCHAR *)tfrom,flen))
+#endif
+			for (i=0;i<flen;i++)	tfrom[i]=(TCHAR)from[i];
+#if !defined(_WIN32_WCE) || _WIN32_WCE>=101
+		if (!MultiByteToWideChar(CP_ACP,0,to,  tlen,(WCHAR *)tto,  tlen))
+#endif
+			for (i=0;i<tlen;i++)	tto[i]  =(TCHAR)to[i];
+		}
+
+	if (MoveFile(tfrom,tto))	goto ok;
+	err=GetLastError();
+	if (err==ERROR_ALREADY_EXISTS || err==ERROR_FILE_EXISTS)
+		{
+		if (DeleteFile(tto) && MoveFile(tfrom,tto))
+			goto ok;
+		err=GetLastError();
+		}
+	if (err==ERROR_FILE_NOT_FOUND || err==ERROR_PATH_NOT_FOUND)
+		errno = ENOENT;
+	else if (err==ERROR_ACCESS_DENIED)
+		errno = EACCES;
+	else
+		errno = EINVAL;	/* we could map more codes... */
+err:
+	ret=-1;
+ok:
+	if (tfrom!=NULL && tfrom!=(TCHAR *)from)	free(tfrom);
+	return ret;
+	}
+#endif
+
+/* app_tminterval section */
+#if defined(_WIN32)
+double app_tminterval(int stop,int usertime)
+	{
+	FILETIME		now;
+	double			ret=0;
+	static ULARGE_INTEGER	tmstart;
+	static int		warning=1;
+#ifdef _WIN32_WINNT
+	static HANDLE		proc=NULL;
+
+	if (proc==NULL)
+		{
+		if (GetVersion() < 0x80000000)
+			proc = OpenProcess(PROCESS_QUERY_INFORMATION,FALSE,
+						GetCurrentProcessId());
+		if (proc==NULL) proc = (HANDLE)-1;
+		}
+
+	if (usertime && proc!=(HANDLE)-1)
+		{
+		FILETIME junk;
+		GetProcessTimes(proc,&junk,&junk,&junk,&now);
+		}
+	else
+#endif
+		{
+		SYSTEMTIME systime;
+
+		if (usertime && warning)
+			{
+			BIO_printf(bio_err,"To get meaningful results, run "
+					   "this program on idle system.\n");
+			warning=0;
+			}
+		GetSystemTime(&systime);
+		SystemTimeToFileTime(&systime,&now);
+		}
+
+	if (stop==TM_START)
+		{
+		tmstart.u.LowPart  = now.dwLowDateTime;
+		tmstart.u.HighPart = now.dwHighDateTime;
+		}
+	else	{
+		ULARGE_INTEGER tmstop;
+
+		tmstop.u.LowPart   = now.dwLowDateTime;
+		tmstop.u.HighPart  = now.dwHighDateTime;
+
+		ret = (__int64)(tmstop.QuadPart - tmstart.QuadPart)*1e-7;
+		}
+
+	return (ret);
+	}
+
+#elif defined(OPENSSL_SYS_NETWARE)
+#include <time.h>
+
+double app_tminterval(int stop,int usertime)
+	{
+	double		ret=0;
+	static clock_t	tmstart;
+	static int	warning=1;
+
+	if (usertime && warning)
+		{
+		BIO_printf(bio_err,"To get meaningful results, run "
+				   "this program on idle system.\n");
+		warning=0;
+		}
+
+	if (stop==TM_START)	tmstart = clock();
+	else			ret     = (clock()-tmstart)/(double)CLOCKS_PER_SEC;
+
+	return (ret);
+	}
+
+#elif defined(OPENSSL_SYSTEM_VXWORKS)
+#include <time.h>
+
+double app_tminterval(int stop,int usertime)
+	{
+	double ret=0;
+#ifdef CLOCK_REALTIME
+	static struct timespec	tmstart;
+	struct timespec		now;
+#else
+	static unsigned long	tmstart;
+	unsigned long		now;
+#endif
+	static int warning=1;
+
+	if (usertime && warning)
+		{
+		BIO_printf(bio_err,"To get meaningful results, run "
+				   "this program on idle system.\n");
+		warning=0;
+		}
+
+#ifdef CLOCK_REALTIME
+	clock_gettime(CLOCK_REALTIME,&now);
+	if (stop==TM_START)	tmstart = now;
+	else	ret = ( (now.tv_sec+now.tv_nsec*1e-9)
+			- (tmstart.tv_sec+tmstart.tv_nsec*1e-9) );
+#else
+	now = tickGet();
+	if (stop==TM_START)	tmstart = now;
+	else			ret = (now - tmstart)/(double)sysClkRateGet();
+#endif
+	return (ret);
+	}
+
+#elif defined(OPENSSL_SYSTEM_VMS)
+#include <time.h>
+#include <times.h>
+
+double app_tminterval(int stop,int usertime)
+	{
+	static clock_t	tmstart;
+	double		ret = 0;
+	clock_t		now;
+#ifdef __TMS
+	struct tms	rus;
+
+	now = times(&rus);
+	if (usertime)	now = rus.tms_utime;
+#else
+	if (usertime)
+		now = clock(); /* sum of user and kernel times */
+	else	{
+		struct timeval tv;
+		gettimeofday(&tv,NULL);
+		now = (clock_t)(
+			(unsigned long long)tv.tv_sec*CLK_TCK +
+			(unsigned long long)tv.tv_usec*(1000000/CLK_TCK)
+			);
+		}
+#endif
+	if (stop==TM_START)	tmstart = now;
+	else			ret = (now - tmstart)/(double)(CLK_TCK);
+
+	return (ret);
+	}
+
+#elif defined(_SC_CLK_TCK)	/* by means of unistd.h */
+#include <sys/times.h>
+
+double app_tminterval(int stop,int usertime)
+	{
+	double		ret = 0;
+	struct tms	rus;
+	clock_t		now = times(&rus);
+	static clock_t	tmstart;
+
+	if (usertime)		now = rus.tms_utime;
+
+	if (stop==TM_START)	tmstart = now;
+	else
+		{
+		long int tck = sysconf(_SC_CLK_TCK);
+		ret = (now - tmstart)/(double)tck;
+		}
+
+	return (ret);
+	}
+
+#else
+#include <sys/time.h>
+#include <sys/resource.h>
+
+double app_tminterval(int stop,int usertime)
+	{
+	double		ret = 0;
+	struct rusage	rus;
+	struct timeval	now;
+	static struct timeval tmstart;
+
+	if (usertime)		getrusage(RUSAGE_SELF,&rus), now = rus.ru_utime;
+	else			gettimeofday(&now,NULL);
+
+	if (stop==TM_START)	tmstart = now;
+	else			ret = ( (now.tv_sec+now.tv_usec*1e-6)
+					- (tmstart.tv_sec+tmstart.tv_usec*1e-6) );
+
+	return ret;
+	}
+#endif
+
+/* app_isdir section */
+#ifdef _WIN32
+int app_isdir(const char *name)
+	{
+	HANDLE		hList;
+	WIN32_FIND_DATA	FileData;
+#if defined(UNICODE) || defined(_UNICODE)
+	size_t i, len_0 = strlen(name)+1;
+
+	if (len_0 > sizeof(FileData.cFileName)/sizeof(FileData.cFileName[0]))
+		return -1;
+
+#if !defined(_WIN32_WCE) || _WIN32_WCE>=101
+	if (!MultiByteToWideChar(CP_ACP,0,name,len_0,FileData.cFileName,len_0))
+#endif
+		for (i=0;i<len_0;i++)
+			FileData.cFileName[i] = (WCHAR)name[i];
+
+	hList = FindFirstFile(FileData.cFileName,&FileData);
+#else
+	hList = FindFirstFile(name,&FileData);
+#endif
+	if (hList == INVALID_HANDLE_VALUE)	return -1;
+	FindClose(hList);
+	return ((FileData.dwFileAttributes&FILE_ATTRIBUTE_DIRECTORY)!=0);
+	}
+#else
+#include <sys/stat.h>
+#ifndef S_ISDIR
+# if defined(_S_IFMT) && defined(_S_IFDIR)
+#  define S_ISDIR(a)   (((a) & _S_IFMT) == _S_IFDIR)
+# else 
+#  define S_ISDIR(a)   (((a) & S_IFMT) == S_IFDIR)
+# endif 
+#endif 
+
+int app_isdir(const char *name)
+	{
+#if defined(S_ISDIR)
+	struct stat st;
+
+	if (stat(name,&st)==0)	return S_ISDIR(st.st_mode);
+	else			return -1;
+#else
+	return -1;
+#endif
+	}
+#endif
+
+/* raw_read|write section */
+#if defined(_WIN32) && defined(STD_INPUT_HANDLE)
+int raw_read_stdin(void *buf,int siz)
+	{
+	DWORD n;
+	if (ReadFile(GetStdHandle(STD_INPUT_HANDLE),buf,siz,&n,NULL))
+		return (n);
+	else	return (-1);
+	}
+#else
+int raw_read_stdin(void *buf,int siz)
+	{	return read(fileno(stdin),buf,siz);	}
+#endif
+
+#if defined(_WIN32) && defined(STD_OUTPUT_HANDLE)
+int raw_write_stdout(const void *buf,int siz)
+	{
+	DWORD n;
+	if (WriteFile(GetStdHandle(STD_OUTPUT_HANDLE),buf,siz,&n,NULL))
+		return (n);
+	else	return (-1);
+	}
+#else
+int raw_write_stdout(const void *buf,int siz)
+	{	return write(fileno(stdout),buf,siz);	}
+#endif
diff --git a/apps/apps.h b/apps/apps.h
index 7d879637b7..596a39aceb 100644
--- a/apps/apps.h
+++ b/apps/apps.h
@@ -122,6 +122,9 @@
 #ifndef OPENSSL_NO_ENGINE
 #include <openssl/engine.h>
 #endif
+#ifndef OPENSSL_NO_OCSP
+#include <openssl/ocsp.h>
+#endif
 #include <openssl/ossl_typ.h>
 
 int app_RAND_load_file(const char *file, BIO *bio_e, int dont_warn);
@@ -134,11 +137,6 @@ long app_RAND_load_files(char *file); /* `file' is a list of files to read,
                                        * (see e_os.h).  The string is
                                        * destroyed! */
 
-#ifdef OPENSSL_SYS_WIN32
-#define rename(from,to) WIN32_rename((from),(to))
-int WIN32_rename(char *oldname,char *newname);
-#endif
-
 #ifndef MONOLITH
 
 #define MAIN(a,v)	main(a,v)
@@ -170,64 +168,47 @@ extern BIO *bio_err;
 #define do_pipe_sig()
 #endif
 
+#ifdef OPENSSL_NO_COMP
+#define zlib_cleanup() 
+#else
+#define zlib_cleanup() COMP_zlib_cleanup()
+#endif
+
 #if defined(MONOLITH) && !defined(OPENSSL_C)
 #  define apps_startup() \
 		do_pipe_sig()
 #  define apps_shutdown()
 #else
 #  ifndef OPENSSL_NO_ENGINE
-#    if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WIN16) || \
-     defined(OPENSSL_SYS_WIN32)
-#      ifdef _O_BINARY
-#        define apps_startup() \
-			do { _fmode=_O_BINARY; do_pipe_sig(); CRYPTO_malloc_init(); \
+#    define apps_startup() \
+			do { do_pipe_sig(); CRYPTO_malloc_init(); \
 			ERR_load_crypto_strings(); OpenSSL_add_all_algorithms(); \
 			ENGINE_load_builtin_engines(); setup_ui_method(); } while(0)
-#      else
-#        define apps_startup() \
-			do { _fmode=O_BINARY; do_pipe_sig(); CRYPTO_malloc_init(); \
-			ERR_load_crypto_strings(); OpenSSL_add_all_algorithms(); \
-			ENGINE_load_builtin_engines(); setup_ui_method(); } while(0)
-#      endif
-#    else
-#      define apps_startup() \
-			do { do_pipe_sig(); OpenSSL_add_all_algorithms(); \
-			ERR_load_crypto_strings(); ENGINE_load_builtin_engines(); \
-			setup_ui_method(); } while(0)
-#    endif
 #    define apps_shutdown() \
 			do { CONF_modules_unload(1); destroy_ui_method(); \
-			EVP_cleanup(); ENGINE_cleanup(); \
-			CRYPTO_cleanup_all_ex_data(); ERR_remove_state(0); \
-			ERR_free_strings(); } while(0)
+			OBJ_cleanup(); EVP_cleanup(); ENGINE_cleanup(); \
+			CRYPTO_cleanup_all_ex_data(); ERR_remove_thread_state(NULL); \
+			ERR_free_strings(); zlib_cleanup();} while(0)
 #  else
-#    if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WIN16) || \
-     defined(OPENSSL_SYS_WIN32)
-#      ifdef _O_BINARY
-#        define apps_startup() \
-			do { _fmode=_O_BINARY; do_pipe_sig(); CRYPTO_malloc_init(); \
-			ERR_load_crypto_strings(); OpenSSL_add_all_algorithms(); \
-			setup_ui_method(); } while(0)
-#      else
-#        define apps_startup() \
-			do { _fmode=O_BINARY; do_pipe_sig(); CRYPTO_malloc_init(); \
+#    define apps_startup() \
+			do { do_pipe_sig(); CRYPTO_malloc_init(); \
 			ERR_load_crypto_strings(); OpenSSL_add_all_algorithms(); \
 			setup_ui_method(); } while(0)
-#      endif
-#    else
-#      define apps_startup() \
-			do { do_pipe_sig(); OpenSSL_add_all_algorithms(); \
-			ERR_load_crypto_strings(); \
-			setup_ui_method(); } while(0)
-#    endif
 #    define apps_shutdown() \
 			do { CONF_modules_unload(1); destroy_ui_method(); \
-			EVP_cleanup(); \
-			CRYPTO_cleanup_all_ex_data(); ERR_remove_state(0); \
-			ERR_free_strings(); } while(0)
+			OBJ_cleanup(); EVP_cleanup(); \
+			CRYPTO_cleanup_all_ex_data(); ERR_remove_thread_state(NULL); \
+			ERR_free_strings(); zlib_cleanup(); } while(0)
 #  endif
 #endif
 
+#ifdef OPENSSL_SYSNAME_WIN32
+#  define openssl_fdset(a,b) FD_SET((unsigned int)a, b)
+#else
+#  define openssl_fdset(a,b) FD_SET(a, b)
+#endif
+
+
 typedef struct args_st
 	{
 	char **data;
@@ -254,7 +235,7 @@ void program_name(char *in,char *out,int size);
 int chopup_args(ARGS *arg,char *buf, int *argc, char **argv[]);
 #ifdef HEADER_X509_H
 int dump_cert_text(BIO *out, X509 *x);
-void print_name(BIO *out, char *title, X509_NAME *nm, unsigned long lflags);
+void print_name(BIO *out, const char *title, X509_NAME *nm, unsigned long lflags);
 #endif
 int set_cert_ex(unsigned long *flags, const char *arg);
 int set_name_ex(unsigned long *flags, const char *arg);
@@ -270,17 +251,26 @@ EVP_PKEY *load_pubkey(BIO *err, const char *file, int format, int maybe_stdin,
 	const char *pass, ENGINE *e, const char *key_descrip);
 STACK_OF(X509) *load_certs(BIO *err, const char *file, int format,
 	const char *pass, ENGINE *e, const char *cert_descrip);
+STACK_OF(X509_CRL) *load_crls(BIO *err, const char *file, int format,
+	const char *pass, ENGINE *e, const char *cert_descrip);
 X509_STORE *setup_verify(BIO *bp, char *CAfile, char *CApath);
 #ifndef OPENSSL_NO_ENGINE
 ENGINE *setup_engine(BIO *err, const char *engine, int debug);
 #endif
 
+#ifndef OPENSSL_NO_OCSP
+OCSP_RESPONSE *process_responder(BIO *err, OCSP_REQUEST *req,
+			char *host, char *path, char *port, int use_ssl,
+			STACK_OF(CONF_VALUE) *headers,
+			int req_timeout);
+#endif
+
 int load_config(BIO *err, CONF *cnf);
 char *make_config_name(void);
 
 /* Functions defined in ca.c and also used in ocsp.c */
 int unpack_revinfo(ASN1_TIME **prevtm, int *preason, ASN1_OBJECT **phold,
-			ASN1_GENERALIZEDTIME **pinvtm, char *str);
+			ASN1_GENERALIZEDTIME **pinvtm, const char *str);
 
 #define DB_type         0
 #define DB_exp_date     1
@@ -310,16 +300,30 @@ int rotate_serial(char *serialfile, char *new_suffix, char *old_suffix);
 int rand_serial(BIGNUM *b, ASN1_INTEGER *ai);
 CA_DB *load_index(char *dbfile, DB_ATTR *dbattr);
 int index_index(CA_DB *db);
-int save_index(char *dbfile, char *suffix, CA_DB *db);
-int rotate_index(char *dbfile, char *new_suffix, char *old_suffix);
+int save_index(const char *dbfile, const char *suffix, CA_DB *db);
+int rotate_index(const char *dbfile, const char *new_suffix, const char *old_suffix);
 void free_index(CA_DB *db);
-int index_name_cmp(const char **a, const char **b);
-int parse_yesno(char *str, int def);
+#define index_name_cmp_noconst(a, b) \
+	index_name_cmp((const OPENSSL_CSTRING *)CHECKED_PTR_OF(OPENSSL_STRING, a), \
+	(const OPENSSL_CSTRING *)CHECKED_PTR_OF(OPENSSL_STRING, b))
+int index_name_cmp(const OPENSSL_CSTRING *a, const OPENSSL_CSTRING *b);
+int parse_yesno(const char *str, int def);
 
 X509_NAME *parse_name(char *str, long chtype, int multirdn);
 int args_verify(char ***pargs, int *pargc,
 			int *badarg, BIO *err, X509_VERIFY_PARAM **pm);
 void policies_print(BIO *out, X509_STORE_CTX *ctx);
+int bio_to_mem(unsigned char **out, int maxlen, BIO *in);
+int pkey_ctrl_string(EVP_PKEY_CTX *ctx, char *value);
+int init_gen_str(BIO *err, EVP_PKEY_CTX **pctx,
+			const char *algname, ENGINE *e, int do_param);
+#ifndef OPENSSL_NO_PSK
+extern char *psk_key;
+#endif
+#ifndef OPENSSL_NO_JPAKE
+void jpake_client_auth(BIO *out, BIO *conn, const char *secret);
+void jpake_server_auth(BIO *out, BIO *conn, const char *secret);
+#endif
 
 #define FORMAT_UNDEF    0
 #define FORMAT_ASN1     1
@@ -331,6 +335,10 @@ void policies_print(BIO *out, X509_STORE_CTX *ctx);
 #define FORMAT_ENGINE   7
 #define FORMAT_IISSGC	8	/* XXX this stupid macro helps us to avoid
 				 * adding yet another param to load_*key() */
+#define FORMAT_PEMRSA	9	/* PEM RSAPubicKey format */
+#define FORMAT_ASN1RSA	10	/* DER RSAPubicKey format */
+#define FORMAT_MSBLOB	11	/* MS Key blob format */
+#define FORMAT_PVK	12	/* MS PVK file format */
 
 #define EXT_COPY_NONE	0
 #define EXT_COPY_ADD	1
@@ -342,4 +350,11 @@ void policies_print(BIO *out, X509_STORE_CTX *ctx);
 
 #define SERIAL_RAND_BITS	64
 
+int app_isdir(const char *);
+int raw_read_stdin(void *,int);
+int raw_write_stdout(const void *,int);
+
+#define TM_START	0
+#define TM_STOP		1
+double app_tminterval (int stop,int usertime);
 #endif
diff --git a/apps/asn1pars.c b/apps/asn1pars.c
index f1d8bc8b98..b5d65e725b 100644
--- a/apps/asn1pars.c
+++ b/apps/asn1pars.c
@@ -56,7 +56,7 @@
  * [including the GNU Public Licence.]
  */
 
-/* A nice addition from Dr Stephen Henson <shenson@bigfoot.com> to 
+/* A nice addition from Dr Stephen Henson <steve@openssl.org> to 
  * add the -strparse option which parses nested binary structures
  */
 
@@ -96,7 +96,7 @@ int MAIN(int argc, char **argv)
 	unsigned char *tmpbuf;
 	const unsigned char *ctmpbuf;
 	BUF_MEM *buf=NULL;
-	STACK *osk=NULL;
+	STACK_OF(OPENSSL_STRING) *osk=NULL;
 	ASN1_TYPE *at=NULL;
 
 	informat=FORMAT_PEM;
@@ -113,7 +113,7 @@ int MAIN(int argc, char **argv)
 	prog=argv[0];
 	argc--;
 	argv++;
-	if ((osk=sk_new_null()) == NULL)
+	if ((osk=sk_OPENSSL_STRING_new_null()) == NULL)
 		{
 		BIO_printf(bio_err,"Memory allocation failure\n");
 		goto end;
@@ -169,7 +169,7 @@ int MAIN(int argc, char **argv)
 		else if (strcmp(*argv,"-strparse") == 0)
 			{
 			if (--argc < 1) goto bad;
-			sk_push(osk,*(++argv));
+			sk_OPENSSL_STRING_push(osk,*(++argv));
 			}
 		else if (strcmp(*argv,"-genstr") == 0)
 			{
@@ -196,7 +196,7 @@ int MAIN(int argc, char **argv)
 bad:
 		BIO_printf(bio_err,"%s [options] <infile\n",prog);
 		BIO_printf(bio_err,"where options are\n");
-		BIO_printf(bio_err," -inform arg   input format - one of DER TXT PEM\n");
+		BIO_printf(bio_err," -inform arg   input format - one of DER PEM\n");
 		BIO_printf(bio_err," -in arg       input file\n");
 		BIO_printf(bio_err," -out arg      output file (output format is always DER\n");
 		BIO_printf(bio_err," -noout arg    don't produce any output\n");
@@ -302,18 +302,18 @@ bad:
 
 	/* If any structs to parse go through in sequence */
 
-	if (sk_num(osk))
+	if (sk_OPENSSL_STRING_num(osk))
 		{
 		tmpbuf=(unsigned char *)str;
 		tmplen=num;
-		for (i=0; i<sk_num(osk); i++)
+		for (i=0; i<sk_OPENSSL_STRING_num(osk); i++)
 			{
 			ASN1_TYPE *atmp;
 			int typ;
-			j=atoi(sk_value(osk,i));
+			j=atoi(sk_OPENSSL_STRING_value(osk,i));
 			if (j == 0)
 				{
-				BIO_printf(bio_err,"'%s' is an invalid number\n",sk_value(osk,i));
+				BIO_printf(bio_err,"'%s' is an invalid number\n",sk_OPENSSL_STRING_value(osk,i));
 				continue;
 				}
 			tmpbuf+=j;
@@ -378,7 +378,7 @@ end:
 		ERR_print_errors(bio_err);
 	if (buf != NULL) BUF_MEM_free(buf);
 	if (at != NULL) ASN1_TYPE_free(at);
-	if (osk != NULL) sk_free(osk);
+	if (osk != NULL) sk_OPENSSL_STRING_free(osk);
 	OBJ_cleanup();
 	apps_shutdown();
 	OPENSSL_EXIT(ret);
diff --git a/apps/ca.c b/apps/ca.c
index 15c5741624..6b8b0ef8fd 100644
--- a/apps/ca.c
+++ b/apps/ca.c
@@ -63,7 +63,6 @@
 #include <string.h>
 #include <ctype.h>
 #include <sys/types.h>
-#include <sys/stat.h>
 #include <openssl/conf.h>
 #include <openssl/bio.h>
 #include <openssl/err.h>
@@ -105,6 +104,9 @@
 
 #define ENV_DEFAULT_CA		"default_ca"
 
+#define STRING_MASK	"string_mask"
+#define UTF8_IN			"utf8"
+
 #define ENV_DIR			"dir"
 #define ENV_CERTS		"certs"
 #define ENV_CRL_DIR		"crl_dir"
@@ -143,7 +145,7 @@
 #define REV_KEY_COMPROMISE	3	/* Value is cert key compromise time */
 #define REV_CA_COMPROMISE	4	/* Value is CA key compromise time */
 
-static char *ca_usage[]={
+static const char *ca_usage[]={
 "usage: ca args\n",
 "\n",
 " -verbose        - Talk alot while doing things\n",
@@ -174,6 +176,7 @@ static char *ca_usage[]={
 " -msie_hack      - msie modifications to handle all those universal strings\n",
 " -revoke file    - Revoke a certificate (given in file)\n",
 " -subj arg       - Use arg instead of request's subject\n",
+" -utf8           - input characters are UTF8 (default ASCII)\n",
 " -multivalue-rdn - enable support for multivalued RDNs\n",
 " -extensions ..  - Extension section (override value in config file)\n",
 " -extfile file   - Configuration file with X509v3 extentions to add\n",
@@ -192,30 +195,29 @@ extern int EF_PROTECT_BELOW;
 extern int EF_ALIGNMENT;
 #endif
 
-static void lookup_fail(char *name,char *tag);
+static void lookup_fail(const char *name, const char *tag);
 static int certify(X509 **xret, char *infile,EVP_PKEY *pkey,X509 *x509,
 		   const EVP_MD *dgst,STACK_OF(CONF_VALUE) *policy,CA_DB *db,
-		   BIGNUM *serial, char *subj, int multirdn, int email_dn, char *startdate,
+		   BIGNUM *serial, char *subj,unsigned long chtype, int multirdn, int email_dn, char *startdate,
 		   char *enddate, long days, int batch, char *ext_sect, CONF *conf,
 		   int verbose, unsigned long certopt, unsigned long nameopt,
 		   int default_op, int ext_copy, int selfsign);
 static int certify_cert(X509 **xret, char *infile,EVP_PKEY *pkey,X509 *x509,
 			const EVP_MD *dgst,STACK_OF(CONF_VALUE) *policy,
-			CA_DB *db, BIGNUM *serial, char *subj, int multirdn, int email_dn,
+			CA_DB *db, BIGNUM *serial, char *subj,unsigned long chtype, int multirdn, int email_dn,
 			char *startdate, char *enddate, long days, int batch,
 			char *ext_sect, CONF *conf,int verbose, unsigned long certopt,
 			unsigned long nameopt, int default_op, int ext_copy,
 			ENGINE *e);
 static int certify_spkac(X509 **xret, char *infile,EVP_PKEY *pkey,X509 *x509,
 			 const EVP_MD *dgst,STACK_OF(CONF_VALUE) *policy,
-			 CA_DB *db, BIGNUM *serial,char *subj, int multirdn, int email_dn,
+			 CA_DB *db, BIGNUM *serial,char *subj,unsigned long chtype, int multirdn, int email_dn,
 			 char *startdate, char *enddate, long days, char *ext_sect,
 			 CONF *conf, int verbose, unsigned long certopt, 
 			 unsigned long nameopt, int default_op, int ext_copy);
-static int fix_data(int nid, int *type);
 static void write_new_certificate(BIO *bp, X509 *x, int output_der, int notext);
 static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, const EVP_MD *dgst,
-	STACK_OF(CONF_VALUE) *policy, CA_DB *db, BIGNUM *serial,char *subj, int multirdn,
+	STACK_OF(CONF_VALUE) *policy, CA_DB *db, BIGNUM *serial,char *subj,unsigned long chtype, int multirdn,
 	int email_dn, char *startdate, char *enddate, long days, int batch,
        	int verbose, X509_REQ *req, char *ext_sect, CONF *conf,
 	unsigned long certopt, unsigned long nameopt, int default_op,
@@ -223,9 +225,9 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, const EVP_MD *dgst,
 static int do_revoke(X509 *x509, CA_DB *db, int ext, char *extval);
 static int get_certificate_status(const char *ser_status, CA_DB *db);
 static int do_updatedb(CA_DB *db);
-static int check_time_format(char *str);
+static int check_time_format(const char *str);
 char *make_revocation_str(int rev_type, char *rev_arg);
-int make_revoked(X509_REVOKED *rev, char *str);
+int make_revoked(X509_REVOKED *rev, const char *str);
 int old_entry_print(BIO *bp, ASN1_OBJECT *obj, ASN1_STRING *str);
 static CONF *conf=NULL;
 static CONF *extconf=NULL;
@@ -255,6 +257,7 @@ int MAIN(int argc, char **argv)
 	int doupdatedb=0;
 	long crldays=0;
 	long crlhours=0;
+	long crlsec=0;
 	long errorline= -1;
 	char *configfile=NULL;
 	char *md=NULL;
@@ -275,6 +278,7 @@ int MAIN(int argc, char **argv)
 	char *extensions=NULL;
 	char *extfile=NULL;
 	char *subj=NULL;
+	unsigned long chtype = MBSTRING_ASC;
 	int multirdn = 0;
 	char *tmp_email_dn=NULL;
 	char *crl_ext=NULL;
@@ -300,7 +304,9 @@ int MAIN(int argc, char **argv)
 	X509_REVOKED *r=NULL;
 	ASN1_TIME *tmptm;
 	ASN1_INTEGER *tmpser;
-	char **pp,*p,*f;
+	char *f;
+	const char *p;
+	char * const *pp;
 	int i,j;
 	const EVP_MD *dgst=NULL;
 	STACK_OF(CONF_VALUE) *attribs=NULL;
@@ -355,6 +361,8 @@ EF_ALIGNMENT=0;
 			subj= *(++argv);
 			/* preserve=1; */
 			}
+		else if (strcmp(*argv,"-utf8") == 0)
+			chtype = MBSTRING_UTF8;
 		else if (strcmp(*argv,"-create_serial") == 0)
 			create_ser = 1;
 		else if (strcmp(*argv,"-multivalue-rdn") == 0)
@@ -449,6 +457,11 @@ EF_ALIGNMENT=0;
 			if (--argc < 1) goto bad;
 			crlhours= atol(*(++argv));
 			}
+		else if (strcmp(*argv,"-crlsec") == 0)
+			{
+			if (--argc < 1) goto bad;
+			crlsec = atol(*(++argv));
+			}
 		else if (strcmp(*argv,"-infiles") == 0)
 			{
 			argc--;
@@ -542,8 +555,10 @@ bad:
 
 	if (badops)
 		{
-		for (pp=ca_usage; (*pp != NULL); pp++)
-			BIO_printf(bio_err,"%s",*pp);
+		const char **pp2;
+
+		for (pp2=ca_usage; (*pp2 != NULL); pp2++)
+			BIO_printf(bio_err,"%s",*pp2);
 		goto err;
 		}
 
@@ -644,6 +659,23 @@ bad:
 		ERR_clear_error();
 	app_RAND_load_file(randfile, bio_err, 0);
 
+	f = NCONF_get_string(conf, section, STRING_MASK);
+	if (!f)
+		ERR_clear_error();
+
+	if(f && !ASN1_STRING_set_default_mask_asc(f)) {
+		BIO_printf(bio_err, "Invalid global string mask setting %s\n", f);
+		goto err;
+	}
+
+	if (chtype != MBSTRING_UTF8){
+		f = NCONF_get_string(conf, section, UTF8_IN);
+		if (!f)
+			ERR_clear_error();
+		else if (!strcmp(f, "yes"))
+			chtype = MBSTRING_UTF8;
+	}
+
 	db_attr.unique_subject = 1;
 	p = NCONF_get_string(conf, section, ENV_UNIQUE_SUBJECT);
 	if (p)
@@ -801,7 +833,6 @@ bad:
 	/* lookup where to write new certificates */
 	if ((outdir == NULL) && (req))
 		{
-		struct stat sb;
 
 		if ((outdir=NCONF_get_string(conf,section,ENV_NEW_CERTS_DIR))
 			== NULL)
@@ -820,28 +851,24 @@ bad:
 	       that to access().  However, time's too short to do that just
 	       now.
 	    */
+#ifndef _WIN32
 		if (access(outdir,R_OK|W_OK|X_OK) != 0)
+#else
+		if (_access(outdir,R_OK|W_OK|X_OK) != 0)
+#endif
 			{
 			BIO_printf(bio_err,"I am unable to access the %s directory\n",outdir);
 			perror(outdir);
 			goto err;
 			}
 
-		if (stat(outdir,&sb) != 0)
-			{
-			BIO_printf(bio_err,"unable to stat(%s)\n",outdir);
-			perror(outdir);
-			goto err;
-			}
-#ifdef S_IFDIR
-		if (!(sb.st_mode & S_IFDIR))
+		if (app_isdir(outdir)<=0)
 			{
 			BIO_printf(bio_err,"%s need to be a directory\n",outdir);
 			perror(outdir);
 			goto err;
 			}
 #endif
-#endif
 		}
 
 	/*****************************************************************/
@@ -855,9 +882,9 @@ bad:
 	if (db == NULL) goto err;
 
 	/* Lets check some fields */
-	for (i=0; i<sk_num(db->db->data); i++)
+	for (i=0; i<sk_OPENSSL_PSTRING_num(db->db->data); i++)
 		{
-		pp=(char **)sk_value(db->db->data,i);
+		pp=sk_OPENSSL_PSTRING_value(db->db->data,i);
 		if ((pp[DB_type][0] != DB_TYPE_REV) &&
 			(pp[DB_rev_date][0] != '\0'))
 			{
@@ -870,7 +897,7 @@ bad:
 			BIO_printf(bio_err," in entry %d\n", i+1);
 			goto err;
 			}
-		if (!check_time_format(pp[DB_exp_date]))
+		if (!check_time_format((char *)pp[DB_exp_date]))
 			{
 			BIO_printf(bio_err,"entry %d: invalid expiry date\n",i+1);
 			goto err;
@@ -910,7 +937,7 @@ bad:
 #endif
 		TXT_DB_write(out,db->db);
 		BIO_printf(bio_err,"%d entries loaded from the database\n",
-			db->db->data->num);
+			   sk_OPENSSL_PSTRING_num(db->db->data));
 		BIO_printf(bio_err,"generating index\n");
 		}
 	
@@ -944,7 +971,6 @@ bad:
 			if (verbose) BIO_printf(bio_err,
 				"Done. %d entries marked as expired\n",i); 
 	      		}
-			goto err;
 	  	}
 
  	/*****************************************************************/
@@ -1002,6 +1028,17 @@ bad:
 		goto err;
 		}
 
+	if (!strcmp(md, "default"))
+		{
+		int def_nid;
+		if (EVP_PKEY_get_default_digest_nid(pkey, &def_nid) <= 0)
+			{
+			BIO_puts(bio_err,"no default digest\n");
+			goto err;
+			}
+		md = (char *)OBJ_nid2sn(def_nid);
+		}
+
 	if ((dgst=EVP_get_digestbyname(md)) == NULL)
 		{
 		BIO_printf(bio_err,"%s is an unsupported message digest type\n",md);
@@ -1071,9 +1108,9 @@ bad:
 			if (startdate == NULL)
 				ERR_clear_error();
 			}
-		if (startdate && !ASN1_UTCTIME_set_string(NULL,startdate))
+		if (startdate && !ASN1_TIME_set_string(NULL, startdate))
 			{
-			BIO_printf(bio_err,"start date is invalid, it should be YYMMDDHHMMSSZ\n");
+			BIO_printf(bio_err,"start date is invalid, it should be YYMMDDHHMMSSZ or YYYYMMDDHHMMSSZ\n");
 			goto err;
 			}
 		if (startdate == NULL) startdate="today";
@@ -1085,9 +1122,9 @@ bad:
 			if (enddate == NULL)
 				ERR_clear_error();
 			}
-		if (enddate && !ASN1_UTCTIME_set_string(NULL,enddate))
+		if (enddate && !ASN1_TIME_set_string(NULL, enddate))
 			{
-			BIO_printf(bio_err,"end date is invalid, it should be YYMMDDHHMMSSZ\n");
+			BIO_printf(bio_err,"end date is invalid, it should be YYMMDDHHMMSSZ or YYYYMMDDHHMMSSZ\n");
 			goto err;
 			}
 
@@ -1134,7 +1171,7 @@ bad:
 			{
 			total++;
 			j=certify_spkac(&x,spkac_file,pkey,x509,dgst,attribs,db,
-				serial,subj,multirdn,email_dn,startdate,enddate,days,extensions,
+				serial,subj,chtype,multirdn,email_dn,startdate,enddate,days,extensions,
 				conf,verbose,certopt,nameopt,default_op,ext_copy);
 			if (j < 0) goto err;
 			if (j > 0)
@@ -1158,7 +1195,7 @@ bad:
 			{
 			total++;
 			j=certify_cert(&x,ss_cert_file,pkey,x509,dgst,attribs,
-				db,serial,subj,multirdn,email_dn,startdate,enddate,days,batch,
+				db,serial,subj,chtype,multirdn,email_dn,startdate,enddate,days,batch,
 				extensions,conf,verbose, certopt, nameopt,
 				default_op, ext_copy, e);
 			if (j < 0) goto err;
@@ -1178,7 +1215,7 @@ bad:
 			{
 			total++;
 			j=certify(&x,infile,pkey,x509p,dgst,attribs,db,
-				serial,subj,multirdn,email_dn,startdate,enddate,days,batch,
+				serial,subj,chtype,multirdn,email_dn,startdate,enddate,days,batch,
 				extensions,conf,verbose, certopt, nameopt,
 				default_op, ext_copy, selfsign);
 			if (j < 0) goto err;
@@ -1198,7 +1235,7 @@ bad:
 			{
 			total++;
 			j=certify(&x,argv[i],pkey,x509p,dgst,attribs,db,
-				serial,subj,multirdn,email_dn,startdate,enddate,days,batch,
+				serial,subj,chtype,multirdn,email_dn,startdate,enddate,days,batch,
 				extensions,conf,verbose, certopt, nameopt,
 				default_op, ext_copy, selfsign);
 			if (j < 0) goto err;
@@ -1225,7 +1262,12 @@ bad:
 				BIO_printf(bio_err,"\n%d out of %d certificate requests certified, commit? [y/n]",total_done,total);
 				(void)BIO_flush(bio_err);
 				buf[0][0]='\0';
-				fgets(buf[0],10,stdin);
+				if (!fgets(buf[0],10,stdin))
+					{
+					BIO_printf(bio_err,"CERTIFICATION CANCELED: I/O error\n"); 
+					ret=0;
+					goto err;
+					}
 				if ((buf[0][0] != 'y') && (buf[0][0] != 'Y'))
 					{
 					BIO_printf(bio_err,"CERTIFICATION CANCELED\n"); 
@@ -1251,7 +1293,7 @@ bad:
 			x=sk_X509_value(cert_sk,i);
 
 			j=x->cert_info->serialNumber->length;
-			p=(char *)x->cert_info->serialNumber->data;
+			p=(const char *)x->cert_info->serialNumber->data;
 			
 			if(strlen(outdir) >= (size_t)(j ? BSIZE-j*2-6 : BSIZE-8))
 				{
@@ -1342,7 +1384,7 @@ bad:
 				goto err;
 				}
 
-		if (!crldays && !crlhours)
+		if (!crldays && !crlhours && !crlsec)
 			{
 			if (!NCONF_get_number(conf,section,
 				ENV_DEFAULT_CRL_DAYS, &crldays))
@@ -1351,7 +1393,7 @@ bad:
 				ENV_DEFAULT_CRL_HOURS, &crlhours))
 				crlhours = 0;
 			}
-		if ((crldays == 0) && (crlhours == 0))
+		if ((crldays == 0) && (crlhours == 0) && (crlsec == 0))
 			{
 			BIO_printf(bio_err,"cannot lookup how long until the next CRL is issued\n");
 			goto err;
@@ -1365,14 +1407,19 @@ bad:
 		if (!tmptm) goto err;
 		X509_gmtime_adj(tmptm,0);
 		X509_CRL_set_lastUpdate(crl, tmptm);	
-		X509_gmtime_adj(tmptm,(crldays*24+crlhours)*60*60);
+		if (!X509_time_adj_ex(tmptm, crldays, crlhours*60*60 + crlsec,
+			NULL))
+			{
+			BIO_puts(bio_err, "error setting CRL nextUpdate\n");
+			goto err;
+			}
 		X509_CRL_set_nextUpdate(crl, tmptm);	
 
 		ASN1_TIME_free(tmptm);
 
-		for (i=0; i<sk_num(db->db->data); i++)
+		for (i=0; i<sk_OPENSSL_PSTRING_num(db->db->data); i++)
 			{
-			pp=(char **)sk_value(db->db->data,i);
+			pp=sk_OPENSSL_PSTRING_value(db->db->data,i);
 			if (pp[DB_type][0] == DB_TYPE_REV)
 				{
 				if ((r=X509_REVOKED_new()) == NULL) goto err;
@@ -1398,15 +1445,6 @@ bad:
 
 		/* we now have a CRL */
 		if (verbose) BIO_printf(bio_err,"signing CRL\n");
-#ifndef OPENSSL_NO_DSA
-		if (pkey->type == EVP_PKEY_DSA) 
-			dgst=EVP_dss1();
-		else
-#endif
-#ifndef OPENSSL_NO_ECDSA
-		if (pkey->type == EVP_PKEY_EC)
-			dgst=EVP_ecdsa();
-#endif
 
 		/* Add any extensions asked for */
 
@@ -1439,6 +1477,12 @@ bad:
 		if (crlnumberfile != NULL)	/* we have a CRL number that need updating */
 			if (!save_serial(crlnumberfile,"new",crlnumber,NULL)) goto err;
 
+		if (crlnumber)
+			{
+			BN_free(crlnumber);
+			crlnumber = NULL;
+			}
+
 		if (!X509_CRL_sign(crl,pkey,dgst)) goto err;
 
 		PEM_write_bio_X509_CRL(Sout,crl);
@@ -1491,24 +1535,26 @@ err:
 	if (free_key && key)
 		OPENSSL_free(key);
 	BN_free(serial);
+	BN_free(crlnumber);
 	free_index(db);
 	EVP_PKEY_free(pkey);
 	if (x509) X509_free(x509);
 	X509_CRL_free(crl);
 	NCONF_free(conf);
+	NCONF_free(extconf);
 	OBJ_cleanup();
 	apps_shutdown();
 	OPENSSL_EXIT(ret);
 	}
 
-static void lookup_fail(char *name, char *tag)
+static void lookup_fail(const char *name, const char *tag)
 	{
 	BIO_printf(bio_err,"variable lookup failed for %s::%s\n",name,tag);
 	}
 
 static int certify(X509 **xret, char *infile, EVP_PKEY *pkey, X509 *x509,
 	     const EVP_MD *dgst, STACK_OF(CONF_VALUE) *policy, CA_DB *db,
-	     BIGNUM *serial, char *subj, int multirdn, int email_dn, char *startdate, char *enddate,
+	     BIGNUM *serial, char *subj,unsigned long chtype, int multirdn, int email_dn, char *startdate, char *enddate,
 	     long days, int batch, char *ext_sect, CONF *lconf, int verbose,
 	     unsigned long certopt, unsigned long nameopt, int default_op,
 	     int ext_copy, int selfsign)
@@ -1564,7 +1610,7 @@ static int certify(X509 **xret, char *infile, EVP_PKEY *pkey, X509 *x509,
 	else
 		BIO_printf(bio_err,"Signature ok\n");
 
-	ok=do_body(xret,pkey,x509,dgst,policy,db,serial,subj, multirdn, email_dn,
+	ok=do_body(xret,pkey,x509,dgst,policy,db,serial,subj,chtype,multirdn, email_dn,
 		startdate,enddate,days,batch,verbose,req,ext_sect,lconf,
 		certopt, nameopt, default_op, ext_copy, selfsign);
 
@@ -1576,7 +1622,7 @@ err:
 
 static int certify_cert(X509 **xret, char *infile, EVP_PKEY *pkey, X509 *x509,
 	     const EVP_MD *dgst, STACK_OF(CONF_VALUE) *policy, CA_DB *db,
-	     BIGNUM *serial, char *subj, int multirdn, int email_dn, char *startdate, char *enddate,
+	     BIGNUM *serial, char *subj, unsigned long chtype, int multirdn, int email_dn, char *startdate, char *enddate,
 	     long days, int batch, char *ext_sect, CONF *lconf, int verbose,
 	     unsigned long certopt, unsigned long nameopt, int default_op,
 	     int ext_copy, ENGINE *e)
@@ -1618,7 +1664,7 @@ static int certify_cert(X509 **xret, char *infile, EVP_PKEY *pkey, X509 *x509,
 	if ((rreq=X509_to_X509_REQ(req,NULL,EVP_md5())) == NULL)
 		goto err;
 
-	ok=do_body(xret,pkey,x509,dgst,policy,db,serial,subj,multirdn,email_dn,startdate,enddate,
+	ok=do_body(xret,pkey,x509,dgst,policy,db,serial,subj,chtype,multirdn,email_dn,startdate,enddate,
 		days,batch,verbose,rreq,ext_sect,lconf, certopt, nameopt, default_op,
 		ext_copy, 0);
 
@@ -1630,7 +1676,7 @@ err:
 
 static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, const EVP_MD *dgst,
 	     STACK_OF(CONF_VALUE) *policy, CA_DB *db, BIGNUM *serial, char *subj,
-	     int multirdn,
+	     unsigned long chtype, int multirdn,
 	     int email_dn, char *startdate, char *enddate, long days, int batch,
 	     int verbose, X509_REQ *req, char *ext_sect, CONF *lconf,
 	     unsigned long certopt, unsigned long nameopt, int default_op,
@@ -1646,9 +1692,11 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, const EVP_MD *dgst,
 	X509_NAME_ENTRY *tne,*push;
 	EVP_PKEY *pktmp;
 	int ok= -1,i,j,last,nid;
-	char *p;
+	const char *p;
 	CONF_VALUE *cv;
-	char *row[DB_NUMBER],**rrow=NULL,**irow=NULL;
+	OPENSSL_STRING row[DB_NUMBER];
+	OPENSSL_STRING *irow=NULL;
+	OPENSSL_STRING *rrow=NULL;
 	char buf[25];
 
 	tmptm=ASN1_UTCTIME_new();
@@ -1663,7 +1711,7 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, const EVP_MD *dgst,
 
 	if (subj)
 		{
-		X509_NAME *n = parse_name(subj, MBSTRING_ASC, multirdn);
+		X509_NAME *n = parse_name(subj, chtype, multirdn);
 
 		if (!n)
 			{
@@ -1890,7 +1938,9 @@ again2:
 
 	if (db->attributes.unique_subject)
 		{
-		rrow=TXT_DB_get_by_index(db->db,DB_name,row);
+		OPENSSL_STRING *crow=row;
+
+		rrow=TXT_DB_get_by_index(db->db,DB_name,crow);
 		if (rrow != NULL)
 			{
 			BIO_printf(bio_err,
@@ -1966,11 +2016,11 @@ again2:
 
 	if (strcmp(startdate,"today") == 0)
 		X509_gmtime_adj(X509_get_notBefore(ret),0);
-	else ASN1_UTCTIME_set_string(X509_get_notBefore(ret),startdate);
+	else ASN1_TIME_set_string(X509_get_notBefore(ret),startdate);
 
 	if (enddate == NULL)
-		X509_gmtime_adj(X509_get_notAfter(ret),(long)60*60*24*days);
-	else ASN1_UTCTIME_set_string(X509_get_notAfter(ret),enddate);
+		X509_time_adj_ex(X509_get_notAfter(ret),days, 0, NULL);
+	else ASN1_TIME_set_string(X509_get_notAfter(ret),enddate);
 
 	if (!X509_set_subject_name(ret,subject)) goto err;
 
@@ -2066,7 +2116,7 @@ again2:
 		}
 
 	BIO_printf(bio_err,"Certificate is to be certified until ");
-	ASN1_UTCTIME_print(bio_err,X509_get_notAfter(ret));
+	ASN1_TIME_print(bio_err,X509_get_notAfter(ret));
 	if (days) BIO_printf(bio_err," (%ld days)",days);
 	BIO_printf(bio_err, "\n");
 
@@ -2076,7 +2126,12 @@ again2:
 		BIO_printf(bio_err,"Sign the certificate? [y/n]:");
 		(void)BIO_flush(bio_err);
 		buf[0]='\0';
-		fgets(buf,sizeof(buf)-1,stdin);
+		if (!fgets(buf,sizeof(buf)-1,stdin))
+			{
+			BIO_printf(bio_err,"CERTIFICATE WILL NOT BE CERTIFIED: I/O error\n");
+			ok=0;
+			goto err;
+			}
 		if (!((buf[0] == 'y') || (buf[0] == 'Y')))
 			{
 			BIO_printf(bio_err,"CERTIFICATE WILL NOT BE CERTIFIED\n");
@@ -2085,25 +2140,11 @@ again2:
 			}
 		}
 
-
-#ifndef OPENSSL_NO_DSA
-	if (pkey->type == EVP_PKEY_DSA) dgst=EVP_dss1();
 	pktmp=X509_get_pubkey(ret);
 	if (EVP_PKEY_missing_parameters(pktmp) &&
 		!EVP_PKEY_missing_parameters(pkey))
 		EVP_PKEY_copy_parameters(pktmp,pkey);
 	EVP_PKEY_free(pktmp);
-#endif
-#ifndef OPENSSL_NO_ECDSA
-	if (pkey->type == EVP_PKEY_EC)
-		dgst = EVP_ecdsa();
-	pktmp = X509_get_pubkey(ret);
-	if (EVP_PKEY_missing_parameters(pktmp) &&
-		!EVP_PKEY_missing_parameters(pkey))
-		EVP_PKEY_copy_parameters(pktmp, pkey);
-	EVP_PKEY_free(pktmp);
-#endif
-
 
 	if (!X509_sign(ret,pkey,dgst))
 		goto err;
@@ -2200,12 +2241,12 @@ static void write_new_certificate(BIO *bp, X509 *x, int output_der, int notext)
 
 static int certify_spkac(X509 **xret, char *infile, EVP_PKEY *pkey, X509 *x509,
 	     const EVP_MD *dgst, STACK_OF(CONF_VALUE) *policy, CA_DB *db,
-	     BIGNUM *serial, char *subj, int multirdn, int email_dn, char *startdate, char *enddate,
+	     BIGNUM *serial, char *subj,unsigned long chtype, int multirdn, int email_dn, char *startdate, char *enddate,
 	     long days, char *ext_sect, CONF *lconf, int verbose, unsigned long certopt,
 	     unsigned long nameopt, int default_op, int ext_copy)
 	{
 	STACK_OF(CONF_VALUE) *sk=NULL;
-	LHASH *parms=NULL;
+	LHASH_OF(CONF_VALUE) *parms=NULL;
 	X509_REQ *req=NULL;
 	CONF_VALUE *cv=NULL;
 	NETSCAPE_SPKI *spki = NULL;
@@ -2292,25 +2333,9 @@ static int certify_spkac(X509 **xret, char *infile, EVP_PKEY *pkey, X509 *x509,
 			continue;
 			}
 
-		/*
-		if ((nid == NID_pkcs9_emailAddress) && (email_dn == 0))
-			continue;
-		*/
-		
-		j=ASN1_PRINTABLE_type((unsigned char *)buf,-1);
-		if (fix_data(nid, &j) == 0)
-			{
-			BIO_printf(bio_err,
-				"invalid characters in string %s\n",buf);
-			goto err;
-			}
-
-		if ((ne=X509_NAME_ENTRY_create_by_NID(&ne,nid,j,
-			(unsigned char *)buf,
-			strlen(buf))) == NULL)
+		if (!X509_NAME_add_entry_by_NID(n, nid, chtype,
+				(unsigned char *)buf, -1, -1, 0))
 			goto err;
-
-		if (!X509_NAME_add_entry(n,ne,-1, 0)) goto err;
 		}
 	if (spki == NULL)
 		{
@@ -2341,7 +2366,7 @@ static int certify_spkac(X509 **xret, char *infile, EVP_PKEY *pkey, X509 *x509,
 
 	X509_REQ_set_pubkey(req,pktmp);
 	EVP_PKEY_free(pktmp);
-	ok=do_body(xret,pkey,x509,dgst,policy,db,serial,subj,multirdn,email_dn,startdate,enddate,
+	ok=do_body(xret,pkey,x509,dgst,policy,db,serial,subj,chtype,multirdn,email_dn,startdate,enddate,
 		   days,1,verbose,req,ext_sect,lconf, certopt, nameopt, default_op,
 			ext_copy, 0);
 err:
@@ -2353,29 +2378,9 @@ err:
 	return(ok);
 	}
 
-static int fix_data(int nid, int *type)
-	{
-	if (nid == NID_pkcs9_emailAddress)
-		*type=V_ASN1_IA5STRING;
-	if ((nid == NID_commonName) && (*type == V_ASN1_IA5STRING))
-		*type=V_ASN1_T61STRING;
-	if ((nid == NID_pkcs9_challengePassword) && (*type == V_ASN1_IA5STRING))
-		*type=V_ASN1_T61STRING;
-	if ((nid == NID_pkcs9_unstructuredName) && (*type == V_ASN1_T61STRING))
-		return(0);
-	if (nid == NID_pkcs9_unstructuredName)
-		*type=V_ASN1_IA5STRING;
-	return(1);
-	}
-
-static int check_time_format(char *str)
+static int check_time_format(const char *str)
 	{
-	ASN1_UTCTIME tm;
-
-	tm.data=(unsigned char *)str;
-	tm.length=strlen(str);
-	tm.type=V_ASN1_UTCTIME;
-	return(ASN1_UTCTIME_check(&tm));
+	return ASN1_TIME_set_string(NULL, str);
 	}
 
 static int do_revoke(X509 *x509, CA_DB *db, int type, char *value)
@@ -2390,6 +2395,8 @@ static int do_revoke(X509 *x509, CA_DB *db, int type, char *value)
 		row[i]=NULL;
 	row[DB_name]=X509_NAME_oneline(X509_get_subject_name(x509),NULL,0);
 	bn = ASN1_INTEGER_to_BN(X509_get_serialNumber(x509),NULL);
+	if (!bn)
+		goto err;
 	if (BN_is_zero(bn))
 		row[DB_serial]=BUF_strdup("00");
 	else
@@ -2459,7 +2466,7 @@ static int do_revoke(X509 *x509, CA_DB *db, int type, char *value)
 		goto err;
 
 		}
-	else if (index_name_cmp((const char **)row,(const char **)rrow))
+	else if (index_name_cmp_noconst(row, rrow))
 		{
 		BIO_printf(bio_err,"ERROR:name does not match %s\n",
 			   row[DB_name]);
@@ -2608,9 +2615,9 @@ static int do_updatedb (CA_DB *db)
 	else
 		a_y2k = 0;
 
-	for (i = 0; i < sk_num(db->db->data); i++)
+	for (i = 0; i < sk_OPENSSL_PSTRING_num(db->db->data); i++)
 		{
-		rrow = (char **) sk_value(db->db->data, i);
+		rrow = sk_OPENSSL_PSTRING_value(db->db->data, i);
 
 		if (rrow[DB_type][0] == 'V')
 		 	{
@@ -2654,7 +2661,7 @@ err:
 	return (cnt);
 	}
 
-static char *crl_reasons[] = {
+static const char *crl_reasons[] = {
 	/* CRL reason strings */
 	"unspecified",
 	"keyCompromise",
@@ -2682,7 +2689,8 @@ static char *crl_reasons[] = {
 
 char *make_revocation_str(int rev_type, char *rev_arg)
 	{
-	char *reason = NULL, *other = NULL, *str;
+	char *other = NULL, *str;
+	const char *reason = NULL;
 	ASN1_OBJECT *otmp;
 	ASN1_UTCTIME *revtm = NULL;
 	int i;
@@ -2776,7 +2784,7 @@ char *make_revocation_str(int rev_type, char *rev_arg)
  */
 
 
-int make_revoked(X509_REVOKED *rev, char *str)
+int make_revoked(X509_REVOKED *rev, const char *str)
 	{
 	char *tmp = NULL;
 	int reason_code = -1;
@@ -2869,7 +2877,7 @@ int old_entry_print(BIO *bp, ASN1_OBJECT *obj, ASN1_STRING *str)
 	return 1;
 	}
 
-int unpack_revinfo(ASN1_TIME **prevtm, int *preason, ASN1_OBJECT **phold, ASN1_GENERALIZEDTIME **pinvtm, char *str)
+int unpack_revinfo(ASN1_TIME **prevtm, int *preason, ASN1_OBJECT **phold, ASN1_GENERALIZEDTIME **pinvtm, const char *str)
 	{
 	char *tmp = NULL;
 	char *rtime_str, *reason_str = NULL, *arg_str = NULL, *p;
diff --git a/apps/ciphers.c b/apps/ciphers.c
index 7c62fc5dc3..3d4c60db9e 100644
--- a/apps/ciphers.c
+++ b/apps/ciphers.c
@@ -69,9 +69,10 @@
 #undef PROG
 #define PROG	ciphers_main
 
-static char *ciphers_usage[]={
+static const char *ciphers_usage[]={
 "usage: ciphers args\n",
-" -v          - verbose mode, a textual listing of the ciphers in SSLeay\n",
+" -v          - verbose mode, a textual listing of the SSL/TLS ciphers in OpenSSL\n",
+" -V          - even more verbose\n",
 " -ssl2       - SSL2 mode\n",
 " -ssl3       - SSL3 mode\n",
 " -tls1       - TLS1 mode\n",
@@ -83,14 +84,14 @@ int MAIN(int, char **);
 int MAIN(int argc, char **argv)
 	{
 	int ret=1,i;
-	int verbose=0;
-	char **pp;
+	int verbose=0,Verbose=0;
+	const char **pp;
 	const char *p;
 	int badops=0;
 	SSL_CTX *ctx=NULL;
 	SSL *ssl=NULL;
 	char *ciphers=NULL;
-	SSL_METHOD *meth=NULL;
+	const SSL_METHOD *meth=NULL;
 	STACK_OF(SSL_CIPHER) *sk;
 	char buf[512];
 	BIO *STDout=NULL;
@@ -114,6 +115,8 @@ int MAIN(int argc, char **argv)
 	STDout = BIO_push(tmpbio, STDout);
 	}
 #endif
+	if (!load_config(bio_err, NULL))
+		goto end;
 
 	argc--;
 	argv++;
@@ -121,6 +124,8 @@ int MAIN(int argc, char **argv)
 		{
 		if (strcmp(*argv,"-v") == 0)
 			verbose=1;
+		else if (strcmp(*argv,"-V") == 0)
+			verbose=Verbose=1;
 #ifndef OPENSSL_NO_SSL2
 		else if (strcmp(*argv,"-ssl2") == 0)
 			meth=SSLv2_client_method();
@@ -179,15 +184,33 @@ int MAIN(int argc, char **argv)
 			}
 		BIO_printf(STDout,"\n");
 		}
-	else
+	else /* verbose */
 		{
 		sk=SSL_get_ciphers(ssl);
 
 		for (i=0; i<sk_SSL_CIPHER_num(sk); i++)
 			{
-			BIO_puts(STDout,SSL_CIPHER_description(
-				sk_SSL_CIPHER_value(sk,i),
-				buf,sizeof buf));
+			SSL_CIPHER *c;
+
+			c = sk_SSL_CIPHER_value(sk,i);
+			
+			if (Verbose)
+				{
+				unsigned long id = c->id;
+				int id0 = (int)(id >> 24);
+				int id1 = (int)((id >> 16) & 0xffL);
+				int id2 = (int)((id >> 8) & 0xffL);
+				int id3 = (int)(id & 0xffL);
+				
+				if ((id & 0xff000000L) == 0x02000000L)
+					BIO_printf(STDout, "     0x%02X,0x%02X,0x%02X - ", id1, id2, id3); /* SSL2 cipher */
+				else if ((id & 0xff000000L) == 0x03000000L)
+					BIO_printf(STDout, "          0x%02X,0x%02X - ", id2, id3); /* SSL3 cipher */
+				else
+					BIO_printf(STDout, "0x%02X,0x%02X,0x%02X,0x%02X - ", id0, id1, id2, id3); /* whatever */
+				}
+
+			BIO_puts(STDout,SSL_CIPHER_description(c,buf,sizeof buf));
 			}
 		}
 
diff --git a/apps/cms.c b/apps/cms.c
new file mode 100644
index 0000000000..e8981c679f
--- /dev/null
+++ b/apps/cms.c
@@ -0,0 +1,1393 @@
+/* apps/cms.c */
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project.
+ */
+/* ====================================================================
+ * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+/* CMS utility function */
+
+#include <stdio.h>
+#include <string.h>
+#include "apps.h"
+
+#ifndef OPENSSL_NO_CMS
+
+#include <openssl/crypto.h>
+#include <openssl/pem.h>
+#include <openssl/err.h>
+#include <openssl/x509_vfy.h>
+#include <openssl/x509v3.h>
+#include <openssl/cms.h>
+
+#undef PROG
+#define PROG cms_main
+static int save_certs(char *signerfile, STACK_OF(X509) *signers);
+static int cms_cb(int ok, X509_STORE_CTX *ctx);
+static void receipt_request_print(BIO *out, CMS_ContentInfo *cms);
+static CMS_ReceiptRequest *make_receipt_request(STACK_OF(OPENSSL_STRING) *rr_to,
+						int rr_allorfirst,
+					STACK_OF(OPENSSL_STRING) *rr_from);
+
+#define SMIME_OP	0x10
+#define SMIME_IP	0x20
+#define SMIME_SIGNERS	0x40
+#define SMIME_ENCRYPT		(1 | SMIME_OP)
+#define SMIME_DECRYPT		(2 | SMIME_IP)
+#define SMIME_SIGN		(3 | SMIME_OP | SMIME_SIGNERS)
+#define SMIME_VERIFY		(4 | SMIME_IP)
+#define SMIME_CMSOUT		(5 | SMIME_IP | SMIME_OP)
+#define SMIME_RESIGN		(6 | SMIME_IP | SMIME_OP | SMIME_SIGNERS)
+#define SMIME_DATAOUT		(7 | SMIME_IP)
+#define SMIME_DATA_CREATE	(8 | SMIME_OP)
+#define SMIME_DIGEST_VERIFY	(9 | SMIME_IP)
+#define SMIME_DIGEST_CREATE	(10 | SMIME_OP)
+#define SMIME_UNCOMPRESS	(11 | SMIME_IP)
+#define SMIME_COMPRESS		(12 | SMIME_OP)
+#define SMIME_ENCRYPTED_DECRYPT	(13 | SMIME_IP)
+#define SMIME_ENCRYPTED_ENCRYPT	(14 | SMIME_OP)
+#define SMIME_SIGN_RECEIPT	(15 | SMIME_IP | SMIME_OP)
+#define SMIME_VERIFY_RECEIPT	(16 | SMIME_IP)
+
+int verify_err = 0;
+
+int MAIN(int, char **);
+
+int MAIN(int argc, char **argv)
+	{
+	ENGINE *e = NULL;
+	int operation = 0;
+	int ret = 0;
+	char **args;
+	const char *inmode = "r", *outmode = "w";
+	char *infile = NULL, *outfile = NULL, *rctfile = NULL;
+	char *signerfile = NULL, *recipfile = NULL;
+	STACK_OF(OPENSSL_STRING) *sksigners = NULL, *skkeys = NULL;
+	char *certfile = NULL, *keyfile = NULL, *contfile=NULL;
+	char *certsoutfile = NULL;
+	const EVP_CIPHER *cipher = NULL;
+	CMS_ContentInfo *cms = NULL, *rcms = NULL;
+	X509_STORE *store = NULL;
+	X509 *cert = NULL, *recip = NULL, *signer = NULL;
+	EVP_PKEY *key = NULL;
+	STACK_OF(X509) *encerts = NULL, *other = NULL;
+	BIO *in = NULL, *out = NULL, *indata = NULL, *rctin = NULL;
+	int badarg = 0;
+	int flags = CMS_DETACHED, noout = 0, print = 0;
+	int verify_retcode = 0;
+	int rr_print = 0, rr_allorfirst = -1;
+	STACK_OF(OPENSSL_STRING) *rr_to = NULL, *rr_from = NULL;
+	CMS_ReceiptRequest *rr = NULL;
+	char *to = NULL, *from = NULL, *subject = NULL;
+	char *CAfile = NULL, *CApath = NULL;
+	char *passargin = NULL, *passin = NULL;
+	char *inrand = NULL;
+	int need_rand = 0;
+	const EVP_MD *sign_md = NULL;
+	int informat = FORMAT_SMIME, outformat = FORMAT_SMIME;
+        int rctformat = FORMAT_SMIME, keyform = FORMAT_PEM;
+#ifndef OPENSSL_NO_ENGINE
+	char *engine=NULL;
+#endif
+	unsigned char *secret_key = NULL, *secret_keyid = NULL;
+	unsigned char *pwri_pass = NULL, *pwri_tmp = NULL;
+	size_t secret_keylen = 0, secret_keyidlen = 0;
+
+	ASN1_OBJECT *econtent_type = NULL;
+
+	X509_VERIFY_PARAM *vpm = NULL;
+
+	args = argv + 1;
+	ret = 1;
+
+	apps_startup();
+
+	if (bio_err == NULL)
+		{
+		if ((bio_err = BIO_new(BIO_s_file())) != NULL)
+			BIO_set_fp(bio_err, stderr, BIO_NOCLOSE|BIO_FP_TEXT);
+		}
+
+	if (!load_config(bio_err, NULL))
+		goto end;
+
+	while (!badarg && *args && *args[0] == '-')
+		{
+		if (!strcmp (*args, "-encrypt"))
+			operation = SMIME_ENCRYPT;
+		else if (!strcmp (*args, "-decrypt"))
+			operation = SMIME_DECRYPT;
+		else if (!strcmp (*args, "-sign"))
+			operation = SMIME_SIGN;
+		else if (!strcmp (*args, "-sign_receipt"))
+			operation = SMIME_SIGN_RECEIPT;
+		else if (!strcmp (*args, "-resign"))
+			operation = SMIME_RESIGN;
+		else if (!strcmp (*args, "-verify"))
+			operation = SMIME_VERIFY;
+		else if (!strcmp (*args, "-verify_retcode"))
+			verify_retcode = 1;
+		else if (!strcmp(*args,"-verify_receipt"))
+			{
+			operation = SMIME_VERIFY_RECEIPT;
+			if (!args[1])
+				goto argerr;
+			args++;
+			rctfile = *args;
+			}
+		else if (!strcmp (*args, "-cmsout"))
+			operation = SMIME_CMSOUT;
+		else if (!strcmp (*args, "-data_out"))
+			operation = SMIME_DATAOUT;
+		else if (!strcmp (*args, "-data_create"))
+			operation = SMIME_DATA_CREATE;
+		else if (!strcmp (*args, "-digest_verify"))
+			operation = SMIME_DIGEST_VERIFY;
+		else if (!strcmp (*args, "-digest_create"))
+			operation = SMIME_DIGEST_CREATE;
+		else if (!strcmp (*args, "-compress"))
+			operation = SMIME_COMPRESS;
+		else if (!strcmp (*args, "-uncompress"))
+			operation = SMIME_UNCOMPRESS;
+		else if (!strcmp (*args, "-EncryptedData_decrypt"))
+			operation = SMIME_ENCRYPTED_DECRYPT;
+		else if (!strcmp (*args, "-EncryptedData_encrypt"))
+			operation = SMIME_ENCRYPTED_ENCRYPT;
+#ifndef OPENSSL_NO_DES
+		else if (!strcmp (*args, "-des3")) 
+				cipher = EVP_des_ede3_cbc();
+		else if (!strcmp (*args, "-des")) 
+				cipher = EVP_des_cbc();
+#endif
+#ifndef OPENSSL_NO_SEED
+		else if (!strcmp (*args, "-seed")) 
+				cipher = EVP_seed_cbc();
+#endif
+#ifndef OPENSSL_NO_RC2
+		else if (!strcmp (*args, "-rc2-40")) 
+				cipher = EVP_rc2_40_cbc();
+		else if (!strcmp (*args, "-rc2-128")) 
+				cipher = EVP_rc2_cbc();
+		else if (!strcmp (*args, "-rc2-64")) 
+				cipher = EVP_rc2_64_cbc();
+#endif
+#ifndef OPENSSL_NO_AES
+		else if (!strcmp(*args,"-aes128"))
+				cipher = EVP_aes_128_cbc();
+		else if (!strcmp(*args,"-aes192"))
+				cipher = EVP_aes_192_cbc();
+		else if (!strcmp(*args,"-aes256"))
+				cipher = EVP_aes_256_cbc();
+#endif
+#ifndef OPENSSL_NO_CAMELLIA
+		else if (!strcmp(*args,"-camellia128"))
+				cipher = EVP_camellia_128_cbc();
+		else if (!strcmp(*args,"-camellia192"))
+				cipher = EVP_camellia_192_cbc();
+		else if (!strcmp(*args,"-camellia256"))
+				cipher = EVP_camellia_256_cbc();
+#endif
+		else if (!strcmp (*args, "-text")) 
+				flags |= CMS_TEXT;
+		else if (!strcmp (*args, "-nointern")) 
+				flags |= CMS_NOINTERN;
+		else if (!strcmp (*args, "-noverify") 
+			|| !strcmp (*args, "-no_signer_cert_verify")) 
+				flags |= CMS_NO_SIGNER_CERT_VERIFY;
+		else if (!strcmp (*args, "-nocerts")) 
+				flags |= CMS_NOCERTS;
+		else if (!strcmp (*args, "-noattr")) 
+				flags |= CMS_NOATTR;
+		else if (!strcmp (*args, "-nodetach")) 
+				flags &= ~CMS_DETACHED;
+		else if (!strcmp (*args, "-nosmimecap"))
+				flags |= CMS_NOSMIMECAP;
+		else if (!strcmp (*args, "-binary"))
+				flags |= CMS_BINARY;
+		else if (!strcmp (*args, "-keyid"))
+				flags |= CMS_USE_KEYID;
+		else if (!strcmp (*args, "-nosigs"))
+				flags |= CMS_NOSIGS;
+		else if (!strcmp (*args, "-no_content_verify"))
+				flags |= CMS_NO_CONTENT_VERIFY;
+		else if (!strcmp (*args, "-no_attr_verify"))
+				flags |= CMS_NO_ATTR_VERIFY;
+		else if (!strcmp (*args, "-stream"))
+				flags |= CMS_STREAM;
+		else if (!strcmp (*args, "-indef"))
+				flags |= CMS_STREAM;
+		else if (!strcmp (*args, "-noindef"))
+				flags &= ~CMS_STREAM;
+		else if (!strcmp (*args, "-nooldmime"))
+				flags |= CMS_NOOLDMIMETYPE;
+		else if (!strcmp (*args, "-crlfeol"))
+				flags |= CMS_CRLFEOL;
+		else if (!strcmp (*args, "-noout"))
+				noout = 1;
+		else if (!strcmp (*args, "-receipt_request_print"))
+				rr_print = 1;
+		else if (!strcmp (*args, "-receipt_request_all"))
+				rr_allorfirst = 0;
+		else if (!strcmp (*args, "-receipt_request_first"))
+				rr_allorfirst = 1;
+		else if (!strcmp(*args,"-receipt_request_from"))
+			{
+			if (!args[1])
+				goto argerr;
+			args++;
+			if (!rr_from)
+				rr_from = sk_OPENSSL_STRING_new_null();
+			sk_OPENSSL_STRING_push(rr_from, *args);
+			}
+		else if (!strcmp(*args,"-receipt_request_to"))
+			{
+			if (!args[1])
+				goto argerr;
+			args++;
+			if (!rr_to)
+				rr_to = sk_OPENSSL_STRING_new_null();
+			sk_OPENSSL_STRING_push(rr_to, *args);
+			}
+		else if (!strcmp (*args, "-print"))
+				{
+				noout = 1;
+				print = 1;
+				}
+		else if (!strcmp(*args,"-secretkey"))
+			{
+			long ltmp;
+			if (!args[1])
+				goto argerr;
+			args++;
+			secret_key = string_to_hex(*args, &ltmp);
+			if (!secret_key)
+				{
+				BIO_printf(bio_err, "Invalid key %s\n", *args);
+				goto argerr;
+				}
+			secret_keylen = (size_t)ltmp;
+			}
+		else if (!strcmp(*args,"-secretkeyid"))
+			{
+			long ltmp;
+			if (!args[1])
+				goto argerr;
+			args++;
+			secret_keyid = string_to_hex(*args, &ltmp);
+			if (!secret_keyid)
+				{
+				BIO_printf(bio_err, "Invalid id %s\n", *args);
+				goto argerr;
+				}
+			secret_keyidlen = (size_t)ltmp;
+			}
+		else if (!strcmp(*args,"-pwri_password"))
+			{
+			if (!args[1])
+				goto argerr;
+			args++;
+			pwri_pass = (unsigned char *)*args;
+			}
+		else if (!strcmp(*args,"-econtent_type"))
+			{
+			if (!args[1])
+				goto argerr;
+			args++;
+			econtent_type = OBJ_txt2obj(*args, 0);
+			if (!econtent_type)
+				{
+				BIO_printf(bio_err, "Invalid OID %s\n", *args);
+				goto argerr;
+				}
+			}
+		else if (!strcmp(*args,"-rand"))
+			{
+			if (!args[1])
+				goto argerr;
+			args++;
+			inrand = *args;
+			need_rand = 1;
+			}
+#ifndef OPENSSL_NO_ENGINE
+		else if (!strcmp(*args,"-engine"))
+			{
+			if (!args[1])
+				goto argerr;
+			engine = *++args;
+			}
+#endif
+		else if (!strcmp(*args,"-passin"))
+			{
+			if (!args[1])
+				goto argerr;
+			passargin = *++args;
+			}
+		else if (!strcmp (*args, "-to"))
+			{
+			if (!args[1])
+				goto argerr;
+			to = *++args;
+			}
+		else if (!strcmp (*args, "-from"))
+			{
+			if (!args[1])
+				goto argerr;
+			from = *++args;
+			}
+		else if (!strcmp (*args, "-subject"))
+			{
+			if (!args[1])
+				goto argerr;
+			subject = *++args;
+			}
+		else if (!strcmp (*args, "-signer"))
+			{
+			if (!args[1])
+				goto argerr;
+			/* If previous -signer argument add signer to list */
+
+			if (signerfile)
+				{
+				if (!sksigners)
+					sksigners = sk_OPENSSL_STRING_new_null();
+				sk_OPENSSL_STRING_push(sksigners, signerfile);
+				if (!keyfile)
+					keyfile = signerfile;
+				if (!skkeys)
+					skkeys = sk_OPENSSL_STRING_new_null();
+				sk_OPENSSL_STRING_push(skkeys, keyfile);
+				keyfile = NULL;
+				}
+			signerfile = *++args;
+			}
+		else if (!strcmp (*args, "-recip"))
+			{
+			if (!args[1])
+				goto argerr;
+			recipfile = *++args;
+			}
+		else if (!strcmp (*args, "-certsout"))
+			{
+			if (!args[1])
+				goto argerr;
+			certsoutfile = *++args;
+			}
+		else if (!strcmp (*args, "-md"))
+			{
+			if (!args[1])
+				goto argerr;
+			sign_md = EVP_get_digestbyname(*++args);
+			if (sign_md == NULL)
+				{
+				BIO_printf(bio_err, "Unknown digest %s\n",
+							*args);
+				goto argerr;
+				}
+			}
+		else if (!strcmp (*args, "-inkey"))
+			{
+			if (!args[1])	
+				goto argerr;
+			/* If previous -inkey arument add signer to list */
+			if (keyfile)
+				{
+				if (!signerfile)
+					{
+					BIO_puts(bio_err, "Illegal -inkey without -signer\n");
+					goto argerr;
+					}
+				if (!sksigners)
+					sksigners = sk_OPENSSL_STRING_new_null();
+				sk_OPENSSL_STRING_push(sksigners, signerfile);
+				signerfile = NULL;
+				if (!skkeys)
+					skkeys = sk_OPENSSL_STRING_new_null();
+				sk_OPENSSL_STRING_push(skkeys, keyfile);
+				}
+			keyfile = *++args;
+			}
+		else if (!strcmp (*args, "-keyform"))
+			{
+			if (!args[1])
+				goto argerr;
+			keyform = str2fmt(*++args);
+			}
+		else if (!strcmp (*args, "-rctform"))
+			{
+			if (!args[1])
+				goto argerr;
+			rctformat = str2fmt(*++args);
+			}
+		else if (!strcmp (*args, "-certfile"))
+			{
+			if (!args[1])
+				goto argerr;
+			certfile = *++args;
+			}
+		else if (!strcmp (*args, "-CAfile"))
+			{
+			if (!args[1])
+				goto argerr;
+			CAfile = *++args;
+			}
+		else if (!strcmp (*args, "-CApath"))
+			{
+			if (!args[1])
+				goto argerr;
+			CApath = *++args;
+			}
+		else if (!strcmp (*args, "-in"))
+			{
+			if (!args[1])
+				goto argerr;
+			infile = *++args;
+			}
+		else if (!strcmp (*args, "-inform"))
+			{
+			if (!args[1])
+				goto argerr;
+			informat = str2fmt(*++args);
+			}
+		else if (!strcmp (*args, "-outform"))
+			{
+			if (!args[1])
+				goto argerr;
+			outformat = str2fmt(*++args);
+			}
+		else if (!strcmp (*args, "-out"))
+			{
+			if (!args[1])
+				goto argerr;
+			outfile = *++args;
+			}
+		else if (!strcmp (*args, "-content"))
+			{
+			if (!args[1])
+				goto argerr;
+			contfile = *++args;
+			}
+		else if (args_verify(&args, NULL, &badarg, bio_err, &vpm))
+			continue;
+		else if ((cipher = EVP_get_cipherbyname(*args + 1)) == NULL)
+			badarg = 1;
+		args++;
+		}
+
+	if (((rr_allorfirst != -1) || rr_from) && !rr_to)
+		{
+		BIO_puts(bio_err, "No Signed Receipts Recipients\n");
+		goto argerr;
+		}
+
+	if (!(operation & SMIME_SIGNERS)  && (rr_to || rr_from))
+		{
+		BIO_puts(bio_err, "Signed receipts only allowed with -sign\n");
+		goto argerr;
+		}
+	if (!(operation & SMIME_SIGNERS) && (skkeys || sksigners))
+		{
+		BIO_puts(bio_err, "Multiple signers or keys not allowed\n");
+		goto argerr;
+		}
+
+	if (operation & SMIME_SIGNERS)
+		{
+		if (keyfile && !signerfile)
+			{
+			BIO_puts(bio_err, "Illegal -inkey without -signer\n");
+			goto argerr;
+			}
+		/* Check to see if any final signer needs to be appended */
+		if (signerfile)
+			{
+			if (!sksigners)
+				sksigners = sk_OPENSSL_STRING_new_null();
+			sk_OPENSSL_STRING_push(sksigners, signerfile);
+			if (!skkeys)
+				skkeys = sk_OPENSSL_STRING_new_null();
+			if (!keyfile)
+				keyfile = signerfile;
+			sk_OPENSSL_STRING_push(skkeys, keyfile);
+			}
+		if (!sksigners)
+			{
+			BIO_printf(bio_err, "No signer certificate specified\n");
+			badarg = 1;
+			}
+		signerfile = NULL;
+		keyfile = NULL;
+		need_rand = 1;
+		}
+
+	else if (operation == SMIME_DECRYPT)
+		{
+		if (!recipfile && !keyfile && !secret_key && !pwri_pass)
+			{
+			BIO_printf(bio_err, "No recipient certificate or key specified\n");
+			badarg = 1;
+			}
+		}
+	else if (operation == SMIME_ENCRYPT)
+		{
+		if (!*args && !secret_key && !pwri_pass)
+			{
+			BIO_printf(bio_err, "No recipient(s) certificate(s) specified\n");
+			badarg = 1;
+			}
+		need_rand = 1;
+		}
+	else if (!operation)
+		badarg = 1;
+
+	if (badarg)
+		{
+		argerr:
+		BIO_printf (bio_err, "Usage cms [options] cert.pem ...\n");
+		BIO_printf (bio_err, "where options are\n");
+		BIO_printf (bio_err, "-encrypt       encrypt message\n");
+		BIO_printf (bio_err, "-decrypt       decrypt encrypted message\n");
+		BIO_printf (bio_err, "-sign          sign message\n");
+		BIO_printf (bio_err, "-verify        verify signed message\n");
+		BIO_printf (bio_err, "-cmsout        output CMS structure\n");
+#ifndef OPENSSL_NO_DES
+		BIO_printf (bio_err, "-des3          encrypt with triple DES\n");
+		BIO_printf (bio_err, "-des           encrypt with DES\n");
+#endif
+#ifndef OPENSSL_NO_SEED
+		BIO_printf (bio_err, "-seed          encrypt with SEED\n");
+#endif
+#ifndef OPENSSL_NO_RC2
+		BIO_printf (bio_err, "-rc2-40        encrypt with RC2-40 (default)\n");
+		BIO_printf (bio_err, "-rc2-64        encrypt with RC2-64\n");
+		BIO_printf (bio_err, "-rc2-128       encrypt with RC2-128\n");
+#endif
+#ifndef OPENSSL_NO_AES
+		BIO_printf (bio_err, "-aes128, -aes192, -aes256\n");
+		BIO_printf (bio_err, "               encrypt PEM output with cbc aes\n");
+#endif
+#ifndef OPENSSL_NO_CAMELLIA
+		BIO_printf (bio_err, "-camellia128, -camellia192, -camellia256\n");
+		BIO_printf (bio_err, "               encrypt PEM output with cbc camellia\n");
+#endif
+		BIO_printf (bio_err, "-nointern      don't search certificates in message for signer\n");
+		BIO_printf (bio_err, "-nosigs        don't verify message signature\n");
+		BIO_printf (bio_err, "-noverify      don't verify signers certificate\n");
+		BIO_printf (bio_err, "-nocerts       don't include signers certificate when signing\n");
+		BIO_printf (bio_err, "-nodetach      use opaque signing\n");
+		BIO_printf (bio_err, "-noattr        don't include any signed attributes\n");
+		BIO_printf (bio_err, "-binary        don't translate message to text\n");
+		BIO_printf (bio_err, "-certfile file other certificates file\n");
+		BIO_printf (bio_err, "-certsout file certificate output file\n");
+		BIO_printf (bio_err, "-signer file   signer certificate file\n");
+		BIO_printf (bio_err, "-recip  file   recipient certificate file for decryption\n");
+		BIO_printf (bio_err, "-skeyid        use subject key identifier\n");
+		BIO_printf (bio_err, "-in file       input file\n");
+		BIO_printf (bio_err, "-inform arg    input format SMIME (default), PEM or DER\n");
+		BIO_printf (bio_err, "-inkey file    input private key (if not signer or recipient)\n");
+		BIO_printf (bio_err, "-keyform arg   input private key format (PEM or ENGINE)\n");
+		BIO_printf (bio_err, "-out file      output file\n");
+		BIO_printf (bio_err, "-outform arg   output format SMIME (default), PEM or DER\n");
+		BIO_printf (bio_err, "-content file  supply or override content for detached signature\n");
+		BIO_printf (bio_err, "-to addr       to address\n");
+		BIO_printf (bio_err, "-from ad       from address\n");
+		BIO_printf (bio_err, "-subject s     subject\n");
+		BIO_printf (bio_err, "-text          include or delete text MIME headers\n");
+		BIO_printf (bio_err, "-CApath dir    trusted certificates directory\n");
+		BIO_printf (bio_err, "-CAfile file   trusted certificates file\n");
+		BIO_printf (bio_err, "-crl_check     check revocation status of signer's certificate using CRLs\n");
+		BIO_printf (bio_err, "-crl_check_all check revocation status of signer's certificate chain using CRLs\n");
+#ifndef OPENSSL_NO_ENGINE
+		BIO_printf (bio_err, "-engine e      use engine e, possibly a hardware device.\n");
+#endif
+		BIO_printf (bio_err, "-passin arg    input file pass phrase source\n");
+		BIO_printf(bio_err,  "-rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
+		BIO_printf(bio_err,  "               load the file (or the files in the directory) into\n");
+		BIO_printf(bio_err,  "               the random number generator\n");
+		BIO_printf (bio_err, "cert.pem       recipient certificate(s) for encryption\n");
+		goto end;
+		}
+
+#ifndef OPENSSL_NO_ENGINE
+        e = setup_engine(bio_err, engine, 0);
+#endif
+
+	if (!app_passwd(bio_err, passargin, NULL, &passin, NULL))
+		{
+		BIO_printf(bio_err, "Error getting password\n");
+		goto end;
+		}
+
+	if (need_rand)
+		{
+		app_RAND_load_file(NULL, bio_err, (inrand != NULL));
+		if (inrand != NULL)
+			BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
+				app_RAND_load_files(inrand));
+		}
+
+	ret = 2;
+
+	if (!(operation & SMIME_SIGNERS))
+		flags &= ~CMS_DETACHED;
+
+	if (operation & SMIME_OP)
+		{
+		if (outformat == FORMAT_ASN1)
+			outmode = "wb";
+		}
+	else
+		{
+		if (flags & CMS_BINARY)
+			outmode = "wb";
+		}
+
+	if (operation & SMIME_IP)
+		{
+		if (informat == FORMAT_ASN1)
+			inmode = "rb";
+		}
+	else
+		{
+		if (flags & CMS_BINARY)
+			inmode = "rb";
+		}
+
+	if (operation == SMIME_ENCRYPT)
+		{
+		if (!cipher)
+			{
+#ifndef OPENSSL_NO_DES			
+			cipher = EVP_des_ede3_cbc();
+#else
+			BIO_printf(bio_err, "No cipher selected\n");
+			goto end;
+#endif
+			}
+
+		if (secret_key && !secret_keyid)
+			{
+			BIO_printf(bio_err, "No secret key id\n");
+			goto end;
+			}
+
+		if (*args)
+			encerts = sk_X509_new_null();
+		while (*args)
+			{
+			if (!(cert = load_cert(bio_err,*args,FORMAT_PEM,
+				NULL, e, "recipient certificate file")))
+				goto end;
+			sk_X509_push(encerts, cert);
+			cert = NULL;
+			args++;
+			}
+		}
+
+	if (certfile)
+		{
+		if (!(other = load_certs(bio_err,certfile,FORMAT_PEM, NULL,
+			e, "certificate file")))
+			{
+			ERR_print_errors(bio_err);
+			goto end;
+			}
+		}
+
+	if (recipfile && (operation == SMIME_DECRYPT))
+		{
+		if (!(recip = load_cert(bio_err,recipfile,FORMAT_PEM,NULL,
+			e, "recipient certificate file")))
+			{
+			ERR_print_errors(bio_err);
+			goto end;
+			}
+		}
+
+	if (operation == SMIME_SIGN_RECEIPT)
+		{
+		if (!(signer = load_cert(bio_err,signerfile,FORMAT_PEM,NULL,
+			e, "receipt signer certificate file")))
+			{
+			ERR_print_errors(bio_err);
+			goto end;
+			}
+		}
+
+	if (operation == SMIME_DECRYPT)
+		{
+		if (!keyfile)
+			keyfile = recipfile;
+		}
+	else if ((operation == SMIME_SIGN) || (operation == SMIME_SIGN_RECEIPT))
+		{
+		if (!keyfile)
+			keyfile = signerfile;
+		}
+	else keyfile = NULL;
+
+	if (keyfile)
+		{
+		key = load_key(bio_err, keyfile, keyform, 0, passin, e,
+			       "signing key file");
+		if (!key)
+			goto end;
+		}
+
+	if (infile)
+		{
+		if (!(in = BIO_new_file(infile, inmode)))
+			{
+			BIO_printf (bio_err,
+				 "Can't open input file %s\n", infile);
+			goto end;
+			}
+		}
+	else
+		in = BIO_new_fp(stdin, BIO_NOCLOSE);
+
+	if (operation & SMIME_IP)
+		{
+		if (informat == FORMAT_SMIME) 
+			cms = SMIME_read_CMS(in, &indata);
+		else if (informat == FORMAT_PEM) 
+			cms = PEM_read_bio_CMS(in, NULL, NULL, NULL);
+		else if (informat == FORMAT_ASN1) 
+			cms = d2i_CMS_bio(in, NULL);
+		else
+			{
+			BIO_printf(bio_err, "Bad input format for CMS file\n");
+			goto end;
+			}
+
+		if (!cms)
+			{
+			BIO_printf(bio_err, "Error reading S/MIME message\n");
+			goto end;
+			}
+		if (contfile)
+			{
+			BIO_free(indata);
+			if (!(indata = BIO_new_file(contfile, "rb")))
+				{
+				BIO_printf(bio_err, "Can't read content file %s\n", contfile);
+				goto end;
+				}
+			}
+		if (certsoutfile)
+			{
+			STACK_OF(X509) *allcerts;
+			allcerts = CMS_get1_certs(cms);
+			if (!save_certs(certsoutfile, allcerts))
+				{
+				BIO_printf(bio_err,
+						"Error writing certs to %s\n",
+								certsoutfile);
+				ret = 5;
+				goto end;
+				}
+			sk_X509_pop_free(allcerts, X509_free);
+			}
+		}
+
+	if (rctfile)
+		{
+		char *rctmode = (rctformat == FORMAT_ASN1) ? "rb" : "r";
+		if (!(rctin = BIO_new_file(rctfile, rctmode)))
+			{
+			BIO_printf (bio_err,
+				 "Can't open receipt file %s\n", rctfile);
+			goto end;
+			}
+		
+		if (rctformat == FORMAT_SMIME) 
+			rcms = SMIME_read_CMS(rctin, NULL);
+		else if (rctformat == FORMAT_PEM) 
+			rcms = PEM_read_bio_CMS(rctin, NULL, NULL, NULL);
+		else if (rctformat == FORMAT_ASN1) 
+			rcms = d2i_CMS_bio(rctin, NULL);
+		else
+			{
+			BIO_printf(bio_err, "Bad input format for receipt\n");
+			goto end;
+			}
+
+		if (!rcms)
+			{
+			BIO_printf(bio_err, "Error reading receipt\n");
+			goto end;
+			}
+		}
+
+	if (outfile)
+		{
+		if (!(out = BIO_new_file(outfile, outmode)))
+			{
+			BIO_printf (bio_err,
+				 "Can't open output file %s\n", outfile);
+			goto end;
+			}
+		}
+	else
+		{
+		out = BIO_new_fp(stdout, BIO_NOCLOSE);
+#ifdef OPENSSL_SYS_VMS
+		{
+		    BIO *tmpbio = BIO_new(BIO_f_linebuffer());
+		    out = BIO_push(tmpbio, out);
+		}
+#endif
+		}
+
+	if ((operation == SMIME_VERIFY) || (operation == SMIME_VERIFY_RECEIPT))
+		{
+		if (!(store = setup_verify(bio_err, CAfile, CApath)))
+			goto end;
+		X509_STORE_set_verify_cb(store, cms_cb);
+		if (vpm)
+			X509_STORE_set1_param(store, vpm);
+		}
+
+
+	ret = 3;
+
+	if (operation == SMIME_DATA_CREATE)
+		{
+		cms = CMS_data_create(in, flags);
+		}
+	else if (operation == SMIME_DIGEST_CREATE)
+		{
+		cms = CMS_digest_create(in, sign_md, flags);
+		}
+	else if (operation == SMIME_COMPRESS)
+		{
+		cms = CMS_compress(in, -1, flags);
+		}
+	else if (operation == SMIME_ENCRYPT)
+		{
+		flags |= CMS_PARTIAL;
+		cms = CMS_encrypt(encerts, in, cipher, flags);
+		if (!cms)
+			goto end;
+		if (secret_key)
+			{
+			if (!CMS_add0_recipient_key(cms, NID_undef, 
+						secret_key, secret_keylen,
+						secret_keyid, secret_keyidlen,
+						NULL, NULL, NULL))
+				goto end;
+			/* NULL these because call absorbs them */
+			secret_key = NULL;
+			secret_keyid = NULL;
+			}
+		if (pwri_pass)
+			{
+			pwri_tmp = (unsigned char *)BUF_strdup((char *)pwri_pass);
+			if (!pwri_tmp)
+				goto end;
+			if (!CMS_add0_recipient_password(cms,
+						-1, NID_undef, NID_undef,
+						 pwri_tmp, -1, NULL))
+				goto end;
+			pwri_tmp = NULL;
+			}
+		if (!(flags & CMS_STREAM))
+			{
+			if (!CMS_final(cms, in, NULL, flags))
+				goto end;
+			}
+		}
+	else if (operation == SMIME_ENCRYPTED_ENCRYPT)
+		{
+		cms = CMS_EncryptedData_encrypt(in, cipher,
+						secret_key, secret_keylen,
+						flags);
+
+		}
+	else if (operation == SMIME_SIGN_RECEIPT)
+		{
+		CMS_ContentInfo *srcms = NULL;
+		STACK_OF(CMS_SignerInfo) *sis;
+		CMS_SignerInfo *si;
+		sis = CMS_get0_SignerInfos(cms);
+		if (!sis)
+			goto end;
+		si = sk_CMS_SignerInfo_value(sis, 0);
+		srcms = CMS_sign_receipt(si, signer, key, other, flags);
+		if (!srcms)
+			goto end;
+		CMS_ContentInfo_free(cms);
+		cms = srcms;
+		}
+	else if (operation & SMIME_SIGNERS)
+		{
+		int i;
+		/* If detached data content we enable streaming if
+		 * S/MIME output format.
+		 */
+		if (operation == SMIME_SIGN)
+			{
+				
+			if (flags & CMS_DETACHED)
+				{
+				if (outformat == FORMAT_SMIME)
+					flags |= CMS_STREAM;
+				}
+			flags |= CMS_PARTIAL;
+			cms = CMS_sign(NULL, NULL, other, in, flags);
+			if (!cms)
+				goto end;
+			if (econtent_type)
+				CMS_set1_eContentType(cms, econtent_type);
+
+			if (rr_to)
+				{
+				rr = make_receipt_request(rr_to, rr_allorfirst,
+								rr_from);
+				if (!rr)
+					{
+					BIO_puts(bio_err,
+				"Signed Receipt Request Creation Error\n");
+					goto end;
+					}
+				}
+			}
+		else
+			flags |= CMS_REUSE_DIGEST;
+		for (i = 0; i < sk_OPENSSL_STRING_num(sksigners); i++)
+			{
+			CMS_SignerInfo *si;
+			signerfile = sk_OPENSSL_STRING_value(sksigners, i);
+			keyfile = sk_OPENSSL_STRING_value(skkeys, i);
+			signer = load_cert(bio_err, signerfile,FORMAT_PEM, NULL,
+					e, "signer certificate");
+			if (!signer)
+				goto end;
+			key = load_key(bio_err, keyfile, keyform, 0, passin, e,
+			       "signing key file");
+			if (!key)
+				goto end;
+			si = CMS_add1_signer(cms, signer, key, sign_md, flags);
+			if (!si)
+				goto end;
+			if (rr && !CMS_add1_ReceiptRequest(si, rr))
+				goto end;
+			X509_free(signer);
+			signer = NULL;
+			EVP_PKEY_free(key);
+			key = NULL;
+			}
+		/* If not streaming or resigning finalize structure */
+		if ((operation == SMIME_SIGN) && !(flags & CMS_STREAM))
+			{
+			if (!CMS_final(cms, in, NULL, flags))
+				goto end;
+			}
+		}
+
+	if (!cms)
+		{
+		BIO_printf(bio_err, "Error creating CMS structure\n");
+		goto end;
+		}
+
+	ret = 4;
+	if (operation == SMIME_DECRYPT)
+		{
+
+		if (secret_key)
+			{
+			if (!CMS_decrypt_set1_key(cms,
+						secret_key, secret_keylen,
+						secret_keyid, secret_keyidlen))
+				{
+				BIO_puts(bio_err,
+					"Error decrypting CMS using secret key\n");
+				goto end;
+				}
+			}
+
+		if (key)
+			{
+			if (!CMS_decrypt_set1_pkey(cms, key, recip))
+				{
+				BIO_puts(bio_err,
+					"Error decrypting CMS using private key\n");
+				goto end;
+				}
+			}
+
+		if (pwri_pass)
+			{
+			if (!CMS_decrypt_set1_password(cms, pwri_pass, -1))
+				{
+				BIO_puts(bio_err,
+					"Error decrypting CMS using password\n");
+				goto end;
+				}
+			}
+
+		if (!CMS_decrypt(cms, NULL, NULL, indata, out, flags))
+			{
+			BIO_printf(bio_err, "Error decrypting CMS structure\n");
+			goto end;
+			}
+		}
+	else if (operation == SMIME_DATAOUT)
+		{
+		if (!CMS_data(cms, out, flags))
+			goto end;
+		}
+	else if (operation == SMIME_UNCOMPRESS)
+		{
+		if (!CMS_uncompress(cms, indata, out, flags))
+			goto end;
+		}
+	else if (operation == SMIME_DIGEST_VERIFY)
+		{
+		if (CMS_digest_verify(cms, indata, out, flags) > 0)
+			BIO_printf(bio_err, "Verification successful\n");
+		else
+			{
+			BIO_printf(bio_err, "Verification failure\n");
+			goto end;
+			}
+		}
+	else if (operation == SMIME_ENCRYPTED_DECRYPT)
+		{
+		if (!CMS_EncryptedData_decrypt(cms, secret_key, secret_keylen,
+						indata, out, flags))
+			goto end;
+		}
+	else if (operation == SMIME_VERIFY)
+		{
+		if (CMS_verify(cms, other, store, indata, out, flags) > 0)
+			BIO_printf(bio_err, "Verification successful\n");
+		else
+			{
+			BIO_printf(bio_err, "Verification failure\n");
+			if (verify_retcode)
+				ret = verify_err + 32;
+			goto end;
+			}
+		if (signerfile)
+			{
+			STACK_OF(X509) *signers;
+			signers = CMS_get0_signers(cms);
+			if (!save_certs(signerfile, signers))
+				{
+				BIO_printf(bio_err,
+						"Error writing signers to %s\n",
+								signerfile);
+				ret = 5;
+				goto end;
+				}
+			sk_X509_free(signers);
+			}
+		if (rr_print)
+			receipt_request_print(bio_err, cms);
+					
+		}
+	else if (operation == SMIME_VERIFY_RECEIPT)
+		{
+		if (CMS_verify_receipt(rcms, cms, other, store, flags) > 0)
+			BIO_printf(bio_err, "Verification successful\n");
+		else
+			{
+			BIO_printf(bio_err, "Verification failure\n");
+			goto end;
+			}
+		}
+	else
+		{
+		if (noout)
+			{
+			if (print)
+				CMS_ContentInfo_print_ctx(out, cms, 0, NULL);
+			}
+		else if (outformat == FORMAT_SMIME)
+			{
+			if (to)
+				BIO_printf(out, "To: %s\n", to);
+			if (from)
+				BIO_printf(out, "From: %s\n", from);
+			if (subject)
+				BIO_printf(out, "Subject: %s\n", subject);
+			if (operation == SMIME_RESIGN)
+				ret = SMIME_write_CMS(out, cms, indata, flags);
+			else
+				ret = SMIME_write_CMS(out, cms, in, flags);
+			}
+		else if (outformat == FORMAT_PEM) 
+			ret = PEM_write_bio_CMS_stream(out, cms, in, flags);
+		else if (outformat == FORMAT_ASN1) 
+			ret = i2d_CMS_bio_stream(out,cms, in, flags);
+		else
+			{
+			BIO_printf(bio_err, "Bad output format for CMS file\n");
+			goto end;
+			}
+		if (ret <= 0)
+			{
+			ret = 6;
+			goto end;
+			}
+		}
+	ret = 0;
+end:
+	if (ret)
+		ERR_print_errors(bio_err);
+	if (need_rand)
+		app_RAND_write_file(NULL, bio_err);
+	sk_X509_pop_free(encerts, X509_free);
+	sk_X509_pop_free(other, X509_free);
+	if (vpm)
+		X509_VERIFY_PARAM_free(vpm);
+	if (sksigners)
+		sk_OPENSSL_STRING_free(sksigners);
+	if (skkeys)
+		sk_OPENSSL_STRING_free(skkeys);
+	if (secret_key)
+		OPENSSL_free(secret_key);
+	if (secret_keyid)
+		OPENSSL_free(secret_keyid);
+	if (pwri_tmp)
+		OPENSSL_free(pwri_tmp);
+	if (econtent_type)
+		ASN1_OBJECT_free(econtent_type);
+	if (rr)
+		CMS_ReceiptRequest_free(rr);
+	if (rr_to)
+		sk_OPENSSL_STRING_free(rr_to);
+	if (rr_from)
+		sk_OPENSSL_STRING_free(rr_from);
+	X509_STORE_free(store);
+	X509_free(cert);
+	X509_free(recip);
+	X509_free(signer);
+	EVP_PKEY_free(key);
+	CMS_ContentInfo_free(cms);
+	CMS_ContentInfo_free(rcms);
+	BIO_free(rctin);
+	BIO_free(in);
+	BIO_free(indata);
+	BIO_free_all(out);
+	if (passin) OPENSSL_free(passin);
+	return (ret);
+}
+
+static int save_certs(char *signerfile, STACK_OF(X509) *signers)
+	{
+	int i;
+	BIO *tmp;
+	if (!signerfile)
+		return 1;
+	tmp = BIO_new_file(signerfile, "w");
+	if (!tmp) return 0;
+	for(i = 0; i < sk_X509_num(signers); i++)
+		PEM_write_bio_X509(tmp, sk_X509_value(signers, i));
+	BIO_free(tmp);
+	return 1;
+	}
+	
+
+/* Minimal callback just to output policy info (if any) */
+
+static int cms_cb(int ok, X509_STORE_CTX *ctx)
+	{
+	int error;
+
+	error = X509_STORE_CTX_get_error(ctx);
+
+	verify_err = error;
+
+	if ((error != X509_V_ERR_NO_EXPLICIT_POLICY)
+		&& ((error != X509_V_OK) || (ok != 2)))
+		return ok;
+
+	policies_print(NULL, ctx);
+
+	return ok;
+
+	}
+
+static void gnames_stack_print(BIO *out, STACK_OF(GENERAL_NAMES) *gns)
+	{
+	STACK_OF(GENERAL_NAME) *gens;
+	GENERAL_NAME *gen;
+	int i, j;
+	for (i = 0; i < sk_GENERAL_NAMES_num(gns); i++)
+		{
+		gens = sk_GENERAL_NAMES_value(gns, i);
+		for (j = 0; j < sk_GENERAL_NAME_num(gens); j++)
+			{
+			gen = sk_GENERAL_NAME_value(gens, j);
+			BIO_puts(out, "    ");
+			GENERAL_NAME_print(out, gen);
+			BIO_puts(out, "\n");
+			}
+		}
+	return;
+	}
+
+static void receipt_request_print(BIO *out, CMS_ContentInfo *cms)
+	{
+	STACK_OF(CMS_SignerInfo) *sis;
+	CMS_SignerInfo *si;
+	CMS_ReceiptRequest *rr;
+	int allorfirst;
+	STACK_OF(GENERAL_NAMES) *rto, *rlist;
+	ASN1_STRING *scid;
+	int i, rv;
+	sis = CMS_get0_SignerInfos(cms);
+	for (i = 0; i < sk_CMS_SignerInfo_num(sis); i++)
+		{
+		si = sk_CMS_SignerInfo_value(sis, i);
+		rv = CMS_get1_ReceiptRequest(si, &rr);
+		BIO_printf(bio_err, "Signer %d:\n", i + 1);
+		if (rv == 0)
+			BIO_puts(bio_err, "  No Receipt Request\n");
+		else if (rv < 0)
+			{
+			BIO_puts(bio_err, "  Receipt Request Parse Error\n");
+			ERR_print_errors(bio_err);
+			}
+		else
+			{
+			char *id;
+			int idlen;
+			CMS_ReceiptRequest_get0_values(rr, &scid, &allorfirst,
+							&rlist, &rto);
+			BIO_puts(out, "  Signed Content ID:\n");
+			idlen = ASN1_STRING_length(scid);
+			id = (char *)ASN1_STRING_data(scid);
+			BIO_dump_indent(out, id, idlen, 4);
+			BIO_puts(out, "  Receipts From");
+			if (rlist)
+				{
+				BIO_puts(out, " List:\n");
+				gnames_stack_print(out, rlist);
+				}
+			else if (allorfirst == 1)
+				BIO_puts(out, ": First Tier\n");
+			else if (allorfirst == 0)
+				BIO_puts(out, ": All\n");
+			else
+				BIO_printf(out, " Unknown (%d)\n", allorfirst);
+			BIO_puts(out, "  Receipts To:\n");
+			gnames_stack_print(out, rto);
+			}
+		if (rr)
+			CMS_ReceiptRequest_free(rr);
+		}
+	}
+
+static STACK_OF(GENERAL_NAMES) *make_names_stack(STACK_OF(OPENSSL_STRING) *ns)
+	{
+	int i;
+	STACK_OF(GENERAL_NAMES) *ret;
+	GENERAL_NAMES *gens = NULL;
+	GENERAL_NAME *gen = NULL;
+	ret = sk_GENERAL_NAMES_new_null();
+	if (!ret)
+		goto err;
+	for (i = 0; i < sk_OPENSSL_STRING_num(ns); i++)
+		{
+		char *str = sk_OPENSSL_STRING_value(ns, i);
+		gen = a2i_GENERAL_NAME(NULL, NULL, NULL, GEN_EMAIL, str, 0);
+		if (!gen)
+			goto err;
+		gens = GENERAL_NAMES_new();
+		if (!gens)
+			goto err;
+		if (!sk_GENERAL_NAME_push(gens, gen))
+			goto err;
+		gen = NULL;
+		if (!sk_GENERAL_NAMES_push(ret, gens))
+			goto err;
+		gens = NULL;
+		}
+
+	return ret;
+
+	err:
+	if (ret)
+		sk_GENERAL_NAMES_pop_free(ret, GENERAL_NAMES_free);
+	if (gens)
+		GENERAL_NAMES_free(gens);
+	if (gen)
+		GENERAL_NAME_free(gen);
+	return NULL;
+	}
+
+
+static CMS_ReceiptRequest *make_receipt_request(STACK_OF(OPENSSL_STRING) *rr_to,
+						int rr_allorfirst,
+						STACK_OF(OPENSSL_STRING) *rr_from)
+	{
+	STACK_OF(GENERAL_NAMES) *rct_to, *rct_from;
+	CMS_ReceiptRequest *rr;
+	rct_to = make_names_stack(rr_to);
+	if (!rct_to)
+		goto err;
+	if (rr_from)
+		{
+		rct_from = make_names_stack(rr_from);
+		if (!rct_from)
+			goto err;
+		}
+	else
+		rct_from = NULL;
+	rr = CMS_ReceiptRequest_create0(NULL, -1, rr_allorfirst, rct_from,
+						rct_to);
+	return rr;
+	err:
+	return NULL;
+	}
+
+#endif
diff --git a/apps/crl.c b/apps/crl.c
index 878f65468e..c395b2afd5 100644
--- a/apps/crl.c
+++ b/apps/crl.c
@@ -72,7 +72,7 @@
 #undef POSTFIX
 #define	POSTFIX	".rvk"
 
-static char *crl_usage[]={
+static const char *crl_usage[]={
 "usage: crl args\n",
 "\n",
 " -inform arg     - input format - default PEM (DER or PEM)\n",
@@ -85,6 +85,7 @@ static char *crl_usage[]={
 " -issuer         - print issuer DN\n",
 " -lastupdate     - lastUpdate field\n",
 " -nextupdate     - nextUpdate field\n",
+" -crlnumber      - print CRL number\n",
 " -noout          - no CRL output\n",
 " -CAfile  name   - verify CRL using certificates in file \"name\"\n",
 " -CApath  dir    - verify CRL using certificates in \"dir\"\n",
@@ -107,15 +108,15 @@ int MAIN(int argc, char **argv)
 	int informat,outformat;
 	char *infile=NULL,*outfile=NULL;
 	int hash=0,issuer=0,lastupdate=0,nextupdate=0,noout=0,text=0;
-	int fingerprint = 0;
-	char **pp;
+	int fingerprint = 0, crlnumber = 0;
+	const char **pp;
 	X509_STORE *store = NULL;
 	X509_STORE_CTX ctx;
 	X509_LOOKUP *lookup = NULL;
 	X509_OBJECT xobj;
 	EVP_PKEY *pkey;
 	int do_ver = 0;
-	const EVP_MD *md_alg,*digest=EVP_md5();
+	const EVP_MD *md_alg,*digest=EVP_sha1();
 
 	apps_startup();
 
@@ -206,6 +207,8 @@ int MAIN(int argc, char **argv)
 			noout= ++num;
 		else if (strcmp(*argv,"-fingerprint") == 0)
 			fingerprint= ++num;
+		else if (strcmp(*argv,"-crlnumber") == 0)
+			crlnumber= ++num;
 		else if ((md_alg=EVP_get_digestbyname(*argv + 1)))
 			{
 			/* ok */
@@ -281,7 +284,21 @@ bad:
 				{
 				print_name(bio_out, "issuer=", X509_CRL_get_issuer(x), nmflag);
 				}
-
+			if (crlnumber == i)
+				{
+				ASN1_INTEGER *crlnum;
+				crlnum = X509_CRL_get_ext_d2i(x, NID_crl_number,
+							      NULL, NULL);
+				BIO_printf(bio_out,"crlNumber=");
+				if (crlnum)
+					{
+					i2a_ASN1_INTEGER(bio_out, crlnum);
+					ASN1_INTEGER_free(crlnum);
+					}
+				else
+					BIO_puts(bio_out, "<NONE>");
+				BIO_printf(bio_out,"\n");
+				}
 			if (hash == i)
 				{
 				BIO_printf(bio_out,"%08lx\n",
diff --git a/apps/crl2p7.c b/apps/crl2p7.c
index b2f2d121d5..bbc83774db 100644
--- a/apps/crl2p7.c
+++ b/apps/crl2p7.c
@@ -63,7 +63,6 @@
 #include <stdio.h>
 #include <string.h>
 #include <sys/types.h>
-#include <sys/stat.h>
 #include "apps.h"
 #include <openssl/err.h>
 #include <openssl/evp.h>
@@ -93,7 +92,7 @@ int MAIN(int argc, char **argv)
 	PKCS7 *p7 = NULL;
 	PKCS7_SIGNED *p7s = NULL;
 	X509_CRL *crl=NULL;
-	STACK *certflst=NULL;
+	STACK_OF(OPENSSL_STRING) *certflst=NULL;
 	STACK_OF(X509_CRL) *crl_stack=NULL;
 	STACK_OF(X509) *cert_stack=NULL;
 	int ret=1,nocrl=0;
@@ -141,8 +140,8 @@ int MAIN(int argc, char **argv)
 		else if (strcmp(*argv,"-certfile") == 0)
 			{
 			if (--argc < 1) goto bad;
-			if(!certflst) certflst = sk_new_null();
-			sk_push(certflst,*(++argv));
+			if(!certflst) certflst = sk_OPENSSL_STRING_new_null();
+			sk_OPENSSL_STRING_push(certflst,*(++argv));
 			}
 		else
 			{
@@ -227,8 +226,8 @@ bad:
 	if ((cert_stack=sk_X509_new_null()) == NULL) goto end;
 	p7s->cert=cert_stack;
 
-	if(certflst) for(i = 0; i < sk_num(certflst); i++) {
-		certfile = sk_value(certflst, i);
+	if(certflst) for(i = 0; i < sk_OPENSSL_STRING_num(certflst); i++) {
+		certfile = sk_OPENSSL_STRING_value(certflst, i);
 		if (add_certs_from_file(cert_stack,certfile) < 0)
 			{
 			BIO_printf(bio_err, "error loading certificates\n");
@@ -237,7 +236,7 @@ bad:
 			}
 	}
 
-	sk_free(certflst);
+	sk_OPENSSL_STRING_free(certflst);
 
 	if (outfile == NULL)
 		{
@@ -295,19 +294,12 @@ end:
  */
 static int add_certs_from_file(STACK_OF(X509) *stack, char *certfile)
 	{
-	struct stat st;
 	BIO *in=NULL;
 	int count=0;
 	int ret= -1;
 	STACK_OF(X509_INFO) *sk=NULL;
 	X509_INFO *xi;
 
-	if ((stat(certfile,&st) != 0))
-		{
-		BIO_printf(bio_err,"unable to load the file, %s\n",certfile);
-		goto end;
-		}
-
 	in=BIO_new(BIO_s_file());
 	if ((in == NULL) || (BIO_read_filename(in,certfile) <= 0))
 		{
diff --git a/apps/dgst.c b/apps/dgst.c
index c13535f3b2..64fe56e518 100644
--- a/apps/dgst.c
+++ b/apps/dgst.c
@@ -66,6 +66,7 @@
 #include <openssl/objects.h>
 #include <openssl/x509.h>
 #include <openssl/pem.h>
+#include <openssl/hmac.h>
 
 #undef BUFSIZE
 #define BUFSIZE	1024*8
@@ -74,8 +75,29 @@
 #define PROG	dgst_main
 
 int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
-	  EVP_PKEY *key, unsigned char *sigin, int siglen, const char *title,
-	  const char *file);
+	  EVP_PKEY *key, unsigned char *sigin, int siglen,
+	  const char *sig_name, const char *md_name,
+	  const char *file,BIO *bmd);
+
+static void list_md_fn(const EVP_MD *m,
+			const char *from, const char *to, void *arg)
+	{
+	const char *mname;
+	/* Skip aliases */
+	if (!m)
+		return;
+	mname = OBJ_nid2ln(EVP_MD_type(m));
+	/* Skip shortnames */
+	if (strcmp(from, mname))
+		return;
+	/* Skip clones */
+	if (EVP_MD_flags(m) & EVP_MD_FLAG_PKEY_DIGEST)
+		return;
+	if (strchr(mname, ' '))
+		mname= EVP_MD_name(m);
+	BIO_printf(arg, "-%-14s to use the %s message digest algorithm\n",
+			mname, mname);
+	}
 
 int MAIN(int, char **);
 
@@ -83,12 +105,11 @@ int MAIN(int argc, char **argv)
 	{
 	ENGINE *e = NULL;
 	unsigned char *buf=NULL;
-	int i,err=0;
+	int i,err=1;
 	const EVP_MD *md=NULL,*m;
 	BIO *in=NULL,*inp;
 	BIO *bmd=NULL;
 	BIO *out = NULL;
-	const char *name;
 #define PROG_NAME_SIZE  39
 	char pname[PROG_NAME_SIZE+1];
 	int separator=0;
@@ -104,6 +125,9 @@ int MAIN(int argc, char **argv)
 #ifndef OPENSSL_NO_ENGINE
 	char *engine=NULL;
 #endif
+	char *hmac_key=NULL;
+	char *mac_name=NULL;
+	STACK_OF(OPENSSL_STRING) *sigopts = NULL, *macopts = NULL;
 
 	apps_startup();
 
@@ -131,6 +155,8 @@ int MAIN(int argc, char **argv)
 		if ((*argv)[0] != '-') break;
 		if (strcmp(*argv,"-c") == 0)
 			separator=1;
+		if (strcmp(*argv,"-r") == 0)
+			separator=2;
 		else if (strcmp(*argv,"-rand") == 0)
 			{
 			if (--argc < 1) break;
@@ -180,6 +206,7 @@ int MAIN(int argc, char **argv)
 			{
 			if (--argc < 1) break;
 			engine= *(++argv);
+        		e = setup_engine(bio_err, engine, 0);
 			}
 #endif
 		else if (strcmp(*argv,"-hex") == 0)
@@ -188,6 +215,36 @@ int MAIN(int argc, char **argv)
 			out_bin = 1;
 		else if (strcmp(*argv,"-d") == 0)
 			debug=1;
+		else if (!strcmp(*argv,"-hmac"))
+			{
+			if (--argc < 1)
+				break;
+			hmac_key=*++argv;
+			}
+		else if (!strcmp(*argv,"-mac"))
+			{
+			if (--argc < 1)
+				break;
+			mac_name=*++argv;
+			}
+		else if (strcmp(*argv,"-sigopt") == 0)
+			{
+			if (--argc < 1)
+				break;
+			if (!sigopts)
+				sigopts = sk_OPENSSL_STRING_new_null();
+			if (!sigopts || !sk_OPENSSL_STRING_push(sigopts, *(++argv)))
+				break;
+			}
+		else if (strcmp(*argv,"-macopt") == 0)
+			{
+			if (--argc < 1)
+				break;
+			if (!macopts)
+				macopts = sk_OPENSSL_STRING_new_null();
+			if (!macopts || !sk_OPENSSL_STRING_push(macopts, *(++argv)))
+				break;
+			}
 		else if ((m=EVP_get_digestbyname(&((*argv)[1]))) != NULL)
 			md=m;
 		else
@@ -196,12 +253,9 @@ int MAIN(int argc, char **argv)
 		argv++;
 		}
 
-	if (md == NULL)
-		md=EVP_md5();
 
 	if(do_verify && !sigfile) {
 		BIO_printf(bio_err, "No signature to verify: use the -signature option\n");
-		err = 1; 
 		goto end;
 	}
 
@@ -210,6 +264,7 @@ int MAIN(int argc, char **argv)
 		BIO_printf(bio_err,"unknown option '%s'\n",*argv);
 		BIO_printf(bio_err,"options are\n");
 		BIO_printf(bio_err,"-c              to output the digest with separating colons\n");
+		BIO_printf(bio_err,"-r              to output the digest in coreutils format\n");
 		BIO_printf(bio_err,"-d              to output debug info\n");
 		BIO_printf(bio_err,"-hex            output as hex dump\n");
 		BIO_printf(bio_err,"-binary         output in binary form\n");
@@ -217,51 +272,27 @@ int MAIN(int argc, char **argv)
 		BIO_printf(bio_err,"-verify file    verify a signature using public key in file\n");
 		BIO_printf(bio_err,"-prverify file  verify a signature using private key in file\n");
 		BIO_printf(bio_err,"-keyform arg    key file format (PEM or ENGINE)\n");
+		BIO_printf(bio_err,"-out filename   output to filename rather than stdout\n");
 		BIO_printf(bio_err,"-signature file signature to verify\n");
-		BIO_printf(bio_err,"-binary         output in binary form\n");
+		BIO_printf(bio_err,"-sigopt nm:v    signature parameter\n");
+		BIO_printf(bio_err,"-hmac key       create hashed MAC with key\n");
+		BIO_printf(bio_err,"-mac algorithm  create MAC (not neccessarily HMAC)\n"); 
+		BIO_printf(bio_err,"-macopt nm:v    MAC algorithm parameters or key\n");
 #ifndef OPENSSL_NO_ENGINE
 		BIO_printf(bio_err,"-engine e       use engine e, possibly a hardware device.\n");
 #endif
 
-		BIO_printf(bio_err,"-%3s to use the %s message digest algorithm (default)\n",
-			LN_md5,LN_md5);
-		BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
-			LN_md4,LN_md4);
-		BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
-			LN_md2,LN_md2);
-#ifndef OPENSSL_NO_SHA
-		BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
-			LN_sha1,LN_sha1);
-		BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
-			LN_sha,LN_sha);
-#ifndef OPENSSL_NO_SHA256
-		BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
-			LN_sha256,LN_sha256);
-#endif
-#ifndef OPENSSL_NO_SHA512
-		BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
-			LN_sha512,LN_sha512);
-#endif
-#endif
-		BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
-			LN_mdc2,LN_mdc2);
-		BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
-			LN_ripemd160,LN_ripemd160);
-		err=1;
+		EVP_MD_do_all_sorted(list_md_fn, bio_err);
 		goto end;
 		}
 
-#ifndef OPENSSL_NO_ENGINE
-        e = setup_engine(bio_err, engine, 0);
-#endif
-
 	in=BIO_new(BIO_s_file());
 	bmd=BIO_new(BIO_f_md());
 	if (debug)
 		{
 		BIO_set_callback(in,BIO_debug_callback);
 		/* needed for windows 3.1 */
-		BIO_set_callback_arg(in,bio_err);
+		BIO_set_callback_arg(in,(char *)bio_err);
 		}
 
 	if(!app_passwd(bio_err, passargin, NULL, &passin, NULL))
@@ -277,8 +308,10 @@ int MAIN(int argc, char **argv)
 		}
 
 	if(out_bin == -1) {
-		if(keyfile) out_bin = 1;
-		else out_bin = 0;
+		if(keyfile)
+			out_bin = 1;
+		else
+			out_bin = 0;
 	}
 
 	if(randfile)
@@ -304,6 +337,11 @@ int MAIN(int argc, char **argv)
 		ERR_print_errors(bio_err);
 		goto end;
 	}
+	if ((!!mac_name + !!keyfile + !!hmac_key) > 1)
+		{
+		BIO_printf(bio_err, "MAC and Signing key cannot both be specified\n");
+		goto end;
+		}
 
 	if(keyfile)
 		{
@@ -321,6 +359,101 @@ int MAIN(int argc, char **argv)
 			}
 		}
 
+	if (mac_name)
+		{
+		EVP_PKEY_CTX *mac_ctx = NULL;
+		int r = 0;
+		if (!init_gen_str(bio_err, &mac_ctx, mac_name,e, 0))
+			goto mac_end;
+		if (macopts)
+			{
+			char *macopt;
+			for (i = 0; i < sk_OPENSSL_STRING_num(macopts); i++)
+				{
+				macopt = sk_OPENSSL_STRING_value(macopts, i);
+				if (pkey_ctrl_string(mac_ctx, macopt) <= 0)
+					{
+					BIO_printf(bio_err,
+						"MAC parameter error \"%s\"\n",
+						macopt);
+					ERR_print_errors(bio_err);
+					goto mac_end;
+					}
+				}
+			}
+		if (EVP_PKEY_keygen(mac_ctx, &sigkey) <= 0)
+			{
+			BIO_puts(bio_err, "Error generating key\n");
+			ERR_print_errors(bio_err);
+			goto mac_end;
+			}
+		r = 1;
+		mac_end:
+		if (mac_ctx)
+			EVP_PKEY_CTX_free(mac_ctx);
+		if (r == 0)
+			goto end;
+		}
+
+	if (hmac_key)
+		{
+		sigkey = EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, e,
+					(unsigned char *)hmac_key, -1);
+		if (!sigkey)
+			goto end;
+		}
+
+	if (sigkey)
+		{
+		EVP_MD_CTX *mctx = NULL;
+		EVP_PKEY_CTX *pctx = NULL;
+		int r;
+		if (!BIO_get_md_ctx(bmd, &mctx))
+			{
+			BIO_printf(bio_err, "Error getting context\n");
+			ERR_print_errors(bio_err);
+			goto end;
+			}
+		if (do_verify)
+			r = EVP_DigestVerifyInit(mctx, &pctx, md, e, sigkey);
+		else
+			r = EVP_DigestSignInit(mctx, &pctx, md, e, sigkey);
+		if (!r)
+			{
+			BIO_printf(bio_err, "Error setting context\n");
+			ERR_print_errors(bio_err);
+			goto end;
+			}
+		if (sigopts)
+			{
+			char *sigopt;
+			for (i = 0; i < sk_OPENSSL_STRING_num(sigopts); i++)
+				{
+				sigopt = sk_OPENSSL_STRING_value(sigopts, i);
+				if (pkey_ctrl_string(pctx, sigopt) <= 0)
+					{
+					BIO_printf(bio_err,
+						"parameter error \"%s\"\n",
+						sigopt);
+					ERR_print_errors(bio_err);
+					goto end;
+					}
+				}
+			}
+		}
+	/* we use md as a filter, reading from 'in' */
+	else
+		{
+		if (md == NULL)
+			md = EVP_md5(); 
+		if (!BIO_set_md(bmd,md))
+			{
+			BIO_printf(bio_err, "Error setting digest %s\n", pname);
+			ERR_print_errors(bio_err);
+			goto end;
+			}
+		}
+
 	if(sigfile && sigkey) {
 		BIO *sigbio;
 		sigbio = BIO_new_file(sigfile, "rb");
@@ -341,53 +474,51 @@ int MAIN(int argc, char **argv)
 			goto end;
 		}
 	}
-		
-
+	inp=BIO_push(bmd,in);
 
-	/* we use md as a filter, reading from 'in' */
-	if (!BIO_set_md(bmd,md))
+	if (md == NULL)
 		{
-		BIO_printf(bio_err, "Error setting digest %s\n", pname);
-		ERR_print_errors(bio_err);
-		goto end;
+		EVP_MD_CTX *tctx;
+		BIO_get_md_ctx(bmd, &tctx);
+		md = EVP_MD_CTX_md(tctx);
 		}
-		
-	inp=BIO_push(bmd,in);
 
 	if (argc == 0)
 		{
 		BIO_set_fp(in,stdin,BIO_NOCLOSE);
 		err=do_fp(out, buf,inp,separator, out_bin, sigkey, sigbuf,
-			  siglen,"","(stdin)");
+			  siglen,NULL,NULL,"stdin",bmd);
 		}
 	else
 		{
-		name=OBJ_nid2sn(md->type);
+		const char *md_name = NULL, *sig_name = NULL;
+		if(!out_bin)
+			{
+			if (sigkey)
+				{
+				const EVP_PKEY_ASN1_METHOD *ameth;
+				ameth = EVP_PKEY_get0_asn1(sigkey);
+				if (ameth)
+					EVP_PKEY_asn1_get0_info(NULL, NULL,
+						NULL, NULL, &sig_name, ameth);
+				}
+			md_name = EVP_MD_name(md);
+			}
+		err = 0;
 		for (i=0; i<argc; i++)
 			{
-			char *tmp,*tofree=NULL;
 			int r;
-
 			if (BIO_read_filename(in,argv[i]) <= 0)
 				{
 				perror(argv[i]);
 				err++;
 				continue;
 				}
-			if(!out_bin)
-				{
-				size_t len = strlen(name)+strlen(argv[i])+5;
-				tmp=tofree=OPENSSL_malloc(len);
-				BIO_snprintf(tmp,len,"%s(%s)= ",name,argv[i]);
-				}
 			else
-				tmp="";
 			r=do_fp(out,buf,inp,separator,out_bin,sigkey,sigbuf,
-				siglen,tmp,argv[i]);
+				siglen,sig_name,md_name, argv[i],bmd);
 			if(r)
 			    err=r;
-			if(tofree)
-				OPENSSL_free(tofree);
 			(void)BIO_reset(bmd);
 			}
 		}
@@ -402,6 +533,10 @@ end:
 		OPENSSL_free(passin);
 	BIO_free_all(out);
 	EVP_PKEY_free(sigkey);
+	if (sigopts)
+		sk_OPENSSL_STRING_free(sigopts);
+	if (macopts)
+		sk_OPENSSL_STRING_free(macopts);
 	if(sigbuf) OPENSSL_free(sigbuf);
 	if (bmd != NULL) BIO_free(bmd);
 	apps_shutdown();
@@ -409,10 +544,11 @@ end:
 	}
 
 int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
-	  EVP_PKEY *key, unsigned char *sigin, int siglen, const char *title,
-	  const char *file)
+	  EVP_PKEY *key, unsigned char *sigin, int siglen,
+	  const char *sig_name, const char *md_name,
+	  const char *file,BIO *bmd)
 	{
-	int len;
+	size_t len;
 	int i;
 
 	for (;;)
@@ -430,7 +566,7 @@ int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
 		{
 		EVP_MD_CTX *ctx;
 		BIO_get_md_ctx(bp, &ctx);
-		i = EVP_VerifyFinal(ctx, sigin, (unsigned int)siglen, key); 
+		i = EVP_DigestVerifyFinal(ctx, sigin, (unsigned int)siglen); 
 		if(i > 0)
 			BIO_printf(out, "Verified OK\n");
 		else if(i == 0)
@@ -450,7 +586,8 @@ int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
 		{
 		EVP_MD_CTX *ctx;
 		BIO_get_md_ctx(bp, &ctx);
-		if(!EVP_SignFinal(ctx, buf, (unsigned int *)&len, key)) 
+		len = BUFSIZE;
+		if(!EVP_DigestSignFinal(ctx, buf, &len)) 
 			{
 			BIO_printf(bio_err, "Error Signing Data\n");
 			ERR_print_errors(bio_err);
@@ -458,13 +595,31 @@ int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
 			}
 		}
 	else
+		{
 		len=BIO_gets(bp,(char *)buf,BUFSIZE);
+		if ((int)len <0)
+			{
+			ERR_print_errors(bio_err);
+			return 1;
+			}
+		}
 
 	if(binout) BIO_write(out, buf, len);
+	else if (sep == 2)
+		{
+		for (i=0; i<(int)len; i++)
+			BIO_printf(out, "%02x",buf[i]);
+		BIO_printf(out, " *%s\n", file);
+		}
 	else 
 		{
-		BIO_write(out,title,strlen(title));
-		for (i=0; i<len; i++)
+		if (sig_name)
+			BIO_printf(out, "%s-%s(%s)= ", sig_name, md_name, file);
+		else if (md_name)
+			BIO_printf(out, "%s(%s)= ", md_name, file);
+		else
+			BIO_printf(out, "(%s)= ", file);
+		for (i=0; i<(int)len; i++)
 			{
 			if (sep && (i != 0))
 				BIO_printf(out, ":");
diff --git a/apps/dh.c b/apps/dh.c
index cd01fed139..e9609d630d 100644
--- a/apps/dh.c
+++ b/apps/dh.c
@@ -57,6 +57,7 @@
  * [including the GNU Public Licence.]
  */
 
+#include <openssl/opensslconf.h>	/* for OPENSSL_NO_DH */
 #ifndef OPENSSL_NO_DH
 #include <stdio.h>
 #include <stdlib.h>
@@ -348,4 +349,10 @@ end:
 	apps_shutdown();
 	OPENSSL_EXIT(ret);
 	}
+#else /* !OPENSSL_NO_DH */
+
+# if PEDANTIC
+static void *dummy=&dummy;
+# endif
+
 #endif
diff --git a/apps/dhparam.c b/apps/dhparam.c
index e3cabcfcdc..5fab29eb87 100644
--- a/apps/dhparam.c
+++ b/apps/dhparam.c
@@ -109,6 +109,7 @@
  *
  */
 
+#include <openssl/opensslconf.h>	/* for OPENSSL_NO_DH */
 #ifndef OPENSSL_NO_DH
 #include <stdio.h>
 #include <stdlib.h>
@@ -553,4 +554,10 @@ static int MS_CALLBACK dh_cb(int p, int n, BN_GENCB *cb)
 	return 1;
 	}
 
+#else /* !OPENSSL_NO_DH */
+
+# if PEDANTIC
+static void *dummy=&dummy;
+# endif
+
 #endif
diff --git a/apps/dsa.c b/apps/dsa.c
index b6f0ed3d02..1109346f78 100644
--- a/apps/dsa.c
+++ b/apps/dsa.c
@@ -56,6 +56,7 @@
  * [including the GNU Public Licence.]
  */
 
+#include <openssl/opensslconf.h>	/* for OPENSSL_NO_DSA */
 #ifndef OPENSSL_NO_DSA
 #include <stdio.h>
 #include <stdlib.h>
@@ -83,6 +84,10 @@
  * -aes128	- encrypt output if PEM format
  * -aes192	- encrypt output if PEM format
  * -aes256	- encrypt output if PEM format
+ * -camellia128 - encrypt output if PEM format
+ * -camellia192 - encrypt output if PEM format
+ * -camellia256 - encrypt output if PEM format
+ * -seed        - encrypt output if PEM format
  * -text	- print a text version
  * -modulus	- print the DSA public key
  */
@@ -91,9 +96,7 @@ int MAIN(int, char **);
 
 int MAIN(int argc, char **argv)
 	{
-#ifndef OPENSSL_NO_ENGINE
 	ENGINE *e = NULL;
-#endif
 	int ret=1;
 	DSA *dsa=NULL;
 	int i,badops=0;
@@ -109,6 +112,8 @@ int MAIN(int argc, char **argv)
 	char *passin = NULL, *passout = NULL;
 	int modulus=0;
 
+	int pvk_encr = 2;
+
 	apps_startup();
 
 	if (bio_err == NULL)
@@ -168,6 +173,12 @@ int MAIN(int argc, char **argv)
 			engine= *(++argv);
 			}
 #endif
+		else if (strcmp(*argv,"-pvk-strong") == 0)
+			pvk_encr=2;
+		else if (strcmp(*argv,"-pvk-weak") == 0)
+			pvk_encr=1;
+		else if (strcmp(*argv,"-pvk-none") == 0)
+			pvk_encr=0;
 		else if (strcmp(*argv,"-noout") == 0)
 			noout=1;
 		else if (strcmp(*argv,"-text") == 0)
@@ -211,6 +222,13 @@ bad:
 		BIO_printf(bio_err," -aes128, -aes192, -aes256\n");
 		BIO_printf(bio_err,"                 encrypt PEM output with cbc aes\n");
 #endif
+#ifndef OPENSSL_NO_CAMELLIA
+		BIO_printf(bio_err," -camellia128, -camellia192, -camellia256\n");
+		BIO_printf(bio_err,"                 encrypt PEM output with cbc camellia\n");
+#endif
+#ifndef OPENSSL_NO_SEED
+		BIO_printf(bio_err," -seed           encrypt PEM output with cbc seed\n");
+#endif
 		BIO_printf(bio_err," -text           print the key in text\n");
 		BIO_printf(bio_err," -noout          don't print key out\n");
 		BIO_printf(bio_err," -modulus        print the DSA public value\n");
@@ -248,16 +266,22 @@ bad:
 		}
 
 	BIO_printf(bio_err,"read DSA key\n");
-	if	(informat == FORMAT_ASN1) {
-		if(pubin) dsa=d2i_DSA_PUBKEY_bio(in,NULL);
-		else dsa=d2i_DSAPrivateKey_bio(in,NULL);
-	} else if (informat == FORMAT_PEM) {
-		if(pubin) dsa=PEM_read_bio_DSA_PUBKEY(in,NULL, NULL, NULL);
-		else dsa=PEM_read_bio_DSAPrivateKey(in,NULL,NULL,passin);
-	} else
+
 		{
-		BIO_printf(bio_err,"bad input format specified for key\n");
-		goto end;
+		EVP_PKEY	*pkey;
+
+		if (pubin)
+			pkey = load_pubkey(bio_err, infile, informat, 1,
+				passin, e, "Public Key");
+		else
+			pkey = load_key(bio_err, infile, informat, 1,
+				passin, e, "Private Key");
+
+		if (pkey)
+			{
+			dsa = EVP_PKEY_get1_DSA(pkey);
+			EVP_PKEY_free(pkey);
+			}
 		}
 	if (dsa == NULL)
 		{
@@ -310,11 +334,24 @@ bad:
 			i=PEM_write_bio_DSA_PUBKEY(out,dsa);
 		else i=PEM_write_bio_DSAPrivateKey(out,dsa,enc,
 							NULL,0,NULL, passout);
+#ifndef OPENSSL_NO_RSA
+	} else if (outformat == FORMAT_MSBLOB || outformat == FORMAT_PVK) {
+		EVP_PKEY *pk;
+		pk = EVP_PKEY_new();
+		EVP_PKEY_set1_DSA(pk, dsa);
+		if (outformat == FORMAT_PVK)
+			i = i2b_PVK_bio(out, pk, pvk_encr, 0, passout);
+		else if (pubin || pubout)
+			i = i2b_PublicKey_bio(out, pk);
+		else
+			i = i2b_PrivateKey_bio(out, pk);
+		EVP_PKEY_free(pk);
+#endif
 	} else {
 		BIO_printf(bio_err,"bad output format specified for outfile\n");
 		goto end;
 		}
-	if (!i)
+	if (i <= 0)
 		{
 		BIO_printf(bio_err,"unable to write private key\n");
 		ERR_print_errors(bio_err);
@@ -330,4 +367,10 @@ end:
 	apps_shutdown();
 	OPENSSL_EXIT(ret);
 	}
+#else /* !OPENSSL_NO_DSA */
+
+# if PEDANTIC
+static void *dummy=&dummy;
+# endif
+
 #endif
diff --git a/apps/dsaparam.c b/apps/dsaparam.c
index 14e79f9a21..4305a739b3 100644
--- a/apps/dsaparam.c
+++ b/apps/dsaparam.c
@@ -56,6 +56,7 @@
  * [including the GNU Public Licence.]
  */
 
+#include <openssl/opensslconf.h>	/* for OPENSSL_NO_DSA */
 /* Until the key-gen callbacks are modified to use newer prototypes, we allow
  * deprecated functions for openssl-internal code */
 #ifdef OPENSSL_NO_DEPRECATED
@@ -474,4 +475,10 @@ static int MS_CALLBACK dsa_cb(int p, int n, BN_GENCB *cb)
 #endif
 	return 1;
 	}
+#else /* !OPENSSL_NO_DSA */
+
+# if PEDANTIC
+static void *dummy=&dummy;
+# endif
+
 #endif
diff --git a/apps/ec.c b/apps/ec.c
index 392e6a2ef6..31194b48df 100644
--- a/apps/ec.c
+++ b/apps/ec.c
@@ -3,7 +3,7 @@
  * Written by Nils Larsch for the OpenSSL project.
  */
 /* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1998-2005 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -56,6 +56,7 @@
  *
  */
 
+#include <openssl/opensslconf.h>
 #ifndef OPENSSL_NO_EC
 #include <stdio.h>
 #include <stdlib.h>
@@ -89,6 +90,7 @@ int MAIN(int argc, char **argv)
 #endif
 	int 	ret = 1;
 	EC_KEY 	*eckey = NULL;
+	const EC_GROUP *group;
 	int 	i, badops = 0;
 	const EVP_CIPHER *enc = NULL;
 	BIO 	*in = NULL, *out = NULL;
@@ -242,7 +244,7 @@ bad:
 				" the ec parameters are encoded\n");
 		BIO_printf(bio_err, "                 in the asn1 der "
 				"encoding\n");
-		BIO_printf(bio_err, "                 possilbe values:"
+		BIO_printf(bio_err, "                 possible values:"
 				" named_curve (default)\n");
 		BIO_printf(bio_err,"                                  "
 				"explicit\n");
@@ -328,14 +330,13 @@ bad:
 			}
 		}
 
+	group = EC_KEY_get0_group(eckey);
+
 	if (new_form)
-		{
-		EC_GROUP_set_point_conversion_form(eckey->group, form);
-		eckey->conv_form = form;
-		}
+		EC_KEY_set_conv_form(eckey, form);
 
 	if (new_asn1_flag)
-		EC_GROUP_set_asn1_flag(eckey->group, asn1_flag);
+		EC_KEY_set_asn1_flag(eckey, asn1_flag);
 
 	if (text) 
 		if (!EC_KEY_print(out, eckey, 0))
@@ -346,13 +347,16 @@ bad:
 			}
 
 	if (noout) 
+		{
+		ret = 0;
 		goto end;
+		}
 
 	BIO_printf(bio_err, "writing EC key\n");
 	if (outformat == FORMAT_ASN1) 
 		{
 		if (param_out)
-			i = i2d_ECPKParameters_bio(out, eckey->group);
+			i = i2d_ECPKParameters_bio(out, group);
 		else if (pubin || pubout) 
 			i = i2d_EC_PUBKEY_bio(out, eckey);
 		else 
@@ -361,7 +365,7 @@ bad:
 	else if (outformat == FORMAT_PEM) 
 		{
 		if (param_out)
-			i = PEM_write_bio_ECPKParameters(out, eckey->group);
+			i = PEM_write_bio_ECPKParameters(out, group);
 		else if (pubin || pubout)
 			i = PEM_write_bio_EC_PUBKEY(out, eckey);
 		else 
@@ -396,4 +400,10 @@ end:
 	apps_shutdown();
 	OPENSSL_EXIT(ret);
 }
+#else /* !OPENSSL_NO_EC */
+
+# if PEDANTIC
+static void *dummy=&dummy;
+# endif
+
 #endif
diff --git a/apps/ecparam.c b/apps/ecparam.c
index 29d215e883..e9aa0a184a 100644
--- a/apps/ecparam.c
+++ b/apps/ecparam.c
@@ -3,7 +3,7 @@
  * Written by Nils Larsch for the OpenSSL project.
  */
 /* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1998-2005 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -68,6 +68,8 @@
  * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories.
  *
  */
+
+#include <openssl/opensslconf.h>
 #ifndef OPENSSL_NO_EC
 #include <assert.h>
 #include <stdio.h>
@@ -349,7 +351,7 @@ bad:
 
 		crv_len = EC_get_builtin_curves(NULL, 0);
 
-		curves = OPENSSL_malloc(sizeof(EC_builtin_curve) * crv_len);
+		curves = OPENSSL_malloc((int)(sizeof(EC_builtin_curve) * crv_len));
 
 		if (curves == NULL)
 			goto end;
@@ -411,7 +413,7 @@ bad:
 			goto end;
 			}
 
-		group = EC_GROUP_new_by_nid(nid);
+		group = EC_GROUP_new_by_curve_name(nid);
 		if (group == NULL)
 			{
 			BIO_printf(bio_err, "unable to create curve (%s)\n", 
@@ -647,11 +649,11 @@ bad:
 
 		assert(need_rand);
 
-		eckey->group = group;
+		if (EC_KEY_set_group(eckey, group) == 0)
+			goto end;
 		
 		if (!EC_KEY_generate_key(eckey))
 			{
-			eckey->group = NULL;
 			EC_KEY_free(eckey);
 			goto end;
 			}
@@ -664,11 +666,9 @@ bad:
 			{
 			BIO_printf(bio_err, "bad output format specified "
 				"for outfile\n");
-			eckey->group = NULL;
 			EC_KEY_free(eckey);
 			goto end;
 			}
-		eckey->group = NULL;
 		EC_KEY_free(eckey);
 		}
 
@@ -725,4 +725,10 @@ static int ecparam_print_var(BIO *out, BIGNUM *in, const char *var,
 	BIO_printf(out, "\n\t};\n\n");
 	return 1;
 	}
+#else /* !OPENSSL_NO_EC */
+
+# if PEDANTIC
+static void *dummy=&dummy;
+# endif
+
 #endif
diff --git a/apps/enc.c b/apps/enc.c
index 4261267e97..7416581e71 100644
--- a/apps/enc.c
+++ b/apps/enc.c
@@ -67,6 +67,7 @@
 #include <openssl/x509.h>
 #include <openssl/rand.h>
 #include <openssl/pem.h>
+#include <openssl/comp.h>
 #include <ctype.h>
 
 int set_hex(char *in,unsigned char *out,int size);
@@ -114,9 +115,15 @@ int MAIN(int argc, char **argv)
 	unsigned char salt[PKCS5_SALT_LEN];
 	char *str=NULL, *passarg = NULL, *pass = NULL;
 	char *hkey=NULL,*hiv=NULL,*hsalt = NULL;
+	char *md=NULL;
 	int enc=1,printkey=0,i,base64=0;
+#ifdef ZLIB
+	int do_zlib=0;
+	BIO *bzl = NULL;
+#endif
 	int debug=0,olb64=0,nosalt=0;
 	const EVP_CIPHER *cipher=NULL,*c;
+	EVP_CIPHER_CTX *ctx = NULL;
 	char *inf=NULL,*outf=NULL;
 	BIO *in=NULL,*out=NULL,*b64=NULL,*benc=NULL,*rbio=NULL,*wbio=NULL;
 #define PROG_NAME_SIZE  39
@@ -124,6 +131,7 @@ int MAIN(int argc, char **argv)
 #ifndef OPENSSL_NO_ENGINE
 	char *engine = NULL;
 #endif
+	const EVP_MD *dgst=NULL;
 
 	apps_startup();
 
@@ -138,9 +146,18 @@ int MAIN(int argc, char **argv)
 	program_name(argv[0],pname,sizeof pname);
 	if (strcmp(pname,"base64") == 0)
 		base64=1;
+#ifdef ZLIB
+	if (strcmp(pname,"zlib") == 0)
+		do_zlib=1;
+#endif
 
 	cipher=EVP_get_cipherbyname(pname);
+#ifdef ZLIB
+	if (!do_zlib && !base64 && (cipher == NULL)
+				&& (strcmp(pname,"enc") != 0))
+#else
 	if (!base64 && (cipher == NULL) && (strcmp(pname,"enc") != 0))
+#endif
 		{
 		BIO_printf(bio_err,"%s is an unknown cipher\n",pname);
 		goto bad;
@@ -196,6 +213,10 @@ int MAIN(int argc, char **argv)
 			base64=1;
 		else if	(strcmp(*argv,"-base64") == 0)
 			base64=1;
+#ifdef ZLIB
+		else if	(strcmp(*argv,"-z") == 0)
+			do_zlib=1;
+#endif
 		else if (strcmp(*argv,"-bufsize") == 0)
 			{
 			if (--argc < 1) goto bad;
@@ -222,7 +243,12 @@ int MAIN(int argc, char **argv)
 				goto bad;
 				}
 			buf[0]='\0';
-			fgets(buf,sizeof buf,infile);
+			if (!fgets(buf,sizeof buf,infile))
+				{
+				BIO_printf(bio_err,"unable to read key from '%s'\n",
+					file);
+				goto bad;
+				}
 			fclose(infile);
 			i=strlen(buf);
 			if ((i > 0) &&
@@ -253,6 +279,11 @@ int MAIN(int argc, char **argv)
 			if (--argc < 1) goto bad;
 			hiv= *(++argv);
 			}
+		else if (strcmp(*argv,"-md") == 0)
+			{
+			if (--argc < 1) goto bad;
+			md= *(++argv);
+			}
 		else if	((argv[0][0] == '-') &&
 			((c=EVP_get_cipherbyname(&(argv[0][1]))) != NULL))
 			{
@@ -271,11 +302,15 @@ bad:
 			BIO_printf(bio_err,"%-14s encrypt\n","-e");
 			BIO_printf(bio_err,"%-14s decrypt\n","-d");
 			BIO_printf(bio_err,"%-14s base64 encode/decode, depending on encryption flag\n","-a/-base64");
-			BIO_printf(bio_err,"%-14s key is the next argument\n","-k");
-			BIO_printf(bio_err,"%-14s key is the first line of the file argument\n","-kfile");
+			BIO_printf(bio_err,"%-14s passphrase is the next argument\n","-k");
+			BIO_printf(bio_err,"%-14s passphrase is the first line of the file argument\n","-kfile");
+			BIO_printf(bio_err,"%-14s the next argument is the md to use to create a key\n","-md");
+			BIO_printf(bio_err,"%-14s   from a passphrase.  One of md2, md5, sha or sha1\n","");
+			BIO_printf(bio_err,"%-14s salt in hex is the next argument\n","-S");
 			BIO_printf(bio_err,"%-14s key/iv in hex is the next argument\n","-K/-iv");
 			BIO_printf(bio_err,"%-14s print the iv/key (then exit if -P)\n","-[pP]");
 			BIO_printf(bio_err,"%-14s buffer size\n","-bufsize <n>");
+			BIO_printf(bio_err,"%-14s disable standard block padding\n","-nopad");
 #ifndef OPENSSL_NO_ENGINE
 			BIO_printf(bio_err,"%-14s use engine e, possibly a hardware device.\n","-engine e");
 #endif
@@ -296,6 +331,17 @@ bad:
         e = setup_engine(bio_err, engine, 0);
 #endif
 
+	if (md && (dgst=EVP_get_digestbyname(md)) == NULL)
+		{
+		BIO_printf(bio_err,"%s is an unsupported message digest type\n",md);
+		goto end;
+		}
+
+	if (dgst == NULL)
+		{
+		dgst = EVP_md5();
+		}
+
 	if (bufsize != NULL)
 		{
 		unsigned long n;
@@ -319,7 +365,7 @@ bad:
 			}
 
 		/* It must be large enough for a base64 encoded line */
-		if (n < 80) n=80;
+		if (base64 && n < 80) n=80;
 
 		bsize=(int)n;
 		if (verbose) BIO_printf(bio_err,"bufsize=%d\n",bsize);
@@ -344,12 +390,16 @@ bad:
 		{
 		BIO_set_callback(in,BIO_debug_callback);
 		BIO_set_callback(out,BIO_debug_callback);
-		BIO_set_callback_arg(in,bio_err);
-		BIO_set_callback_arg(out,bio_err);
+		BIO_set_callback_arg(in,(char *)bio_err);
+		BIO_set_callback_arg(out,(char *)bio_err);
 		}
 
 	if (inf == NULL)
+	        {
+		if (bufsize != NULL)
+			setvbuf(stdin, (char *)NULL, _IONBF, 0);
 		BIO_set_fp(in,stdin,BIO_NOCLOSE);
+	        }
 	else
 		{
 		if (BIO_read_filename(in,inf) <= 0)
@@ -400,6 +450,8 @@ bad:
 	if (outf == NULL)
 		{
 		BIO_set_fp(out,stdout,BIO_NOCLOSE);
+		if (bufsize != NULL)
+			setvbuf(stdout, (char *)NULL, _IONBF, 0);
 #ifdef OPENSSL_SYS_VMS
 		{
 		BIO *tmpbio = BIO_new(BIO_f_linebuffer());
@@ -419,6 +471,19 @@ bad:
 	rbio=in;
 	wbio=out;
 
+#ifdef ZLIB
+
+	if (do_zlib)
+		{
+		if ((bzl=BIO_new(BIO_f_zlib())) == NULL)
+			goto end;
+		if (enc)
+			wbio=BIO_push(bzl,wbio);
+		else
+			rbio=BIO_push(bzl,rbio);
+		}
+#endif
+
 	if (base64)
 		{
 		if ((b64=BIO_new(BIO_f_base64())) == NULL)
@@ -426,7 +491,7 @@ bad:
 		if (debug)
 			{
 			BIO_set_callback(b64,BIO_debug_callback);
-			BIO_set_callback_arg(b64,bio_err);
+			BIO_set_callback_arg(b64,(char *)bio_err);
 			}
 		if (olb64)
 			BIO_set_flags(b64,BIO_FLAGS_BASE64_NO_NL);
@@ -483,7 +548,7 @@ bad:
 				sptr = salt;
 			}
 
-			EVP_BytesToKey(cipher,EVP_md5(),sptr,
+			EVP_BytesToKey(cipher,dgst,sptr,
 				(unsigned char *)str,
 				strlen(str),1,key,iv);
 			/* zero the complete buffer or the string
@@ -495,7 +560,13 @@ bad:
 			else
 				OPENSSL_cleanse(str,strlen(str));
 			}
-		if ((hiv == NULL) && (str == NULL))
+		if ((hiv != NULL) && !set_hex(hiv,iv,sizeof iv))
+			{
+			BIO_printf(bio_err,"invalid hex iv value\n");
+			goto end;
+			}
+		if ((hiv == NULL) && (str == NULL)
+		    && EVP_CIPHER_iv_length(cipher) != 0)
 			{
 			/* No IV was explicitly set and no IV was generated
 			 * during EVP_BytesToKey. Hence the IV is undefined,
@@ -516,17 +587,35 @@ bad:
 
 		if ((benc=BIO_new(BIO_f_cipher())) == NULL)
 			goto end;
-		BIO_set_cipher(benc,cipher,key,iv,enc);
-		if (nopad)
+
+		/* Since we may be changing parameters work on the encryption
+		 * context rather than calling BIO_set_cipher().
+		 */
+
+		BIO_get_cipher_ctx(benc, &ctx);
+		if (!EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, enc))
 			{
-			EVP_CIPHER_CTX *ctx;
-			BIO_get_cipher_ctx(benc, &ctx);
+			BIO_printf(bio_err, "Error setting cipher %s\n",
+				EVP_CIPHER_name(cipher));
+			ERR_print_errors(bio_err);
+			goto end;
+			}
+
+		if (nopad)
 			EVP_CIPHER_CTX_set_padding(ctx, 0);
+
+		if (!EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, enc))
+			{
+			BIO_printf(bio_err, "Error setting cipher %s\n",
+				EVP_CIPHER_name(cipher));
+			ERR_print_errors(bio_err);
+			goto end;
 			}
+
 		if (debug)
 			{
 			BIO_set_callback(benc,BIO_debug_callback);
-			BIO_set_callback_arg(benc,bio_err);
+			BIO_set_callback_arg(benc,(char *)bio_err);
 			}
 
 		if (printkey)
@@ -594,6 +683,9 @@ end:
 	if (out != NULL) BIO_free_all(out);
 	if (benc != NULL) BIO_free(benc);
 	if (b64 != NULL) BIO_free(b64);
+#ifdef ZLIB
+	if (bzl != NULL) BIO_free(bzl);
+#endif
 	if(pass) OPENSSL_free(pass);
 	apps_shutdown();
 	OPENSSL_EXIT(ret);
diff --git a/apps/engine.c b/apps/engine.c
index b951254612..9a0294398e 100644
--- a/apps/engine.c
+++ b/apps/engine.c
@@ -56,7 +56,6 @@
  *
  */
 
-#ifndef OPENSSL_NO_ENGINE
 
 #include <stdio.h>
 #include <stdlib.h>
@@ -66,13 +65,14 @@
 #endif
 #include "apps.h"
 #include <openssl/err.h>
+#ifndef OPENSSL_NO_ENGINE
 #include <openssl/engine.h>
 #include <openssl/ssl.h>
 
 #undef PROG
 #define PROG	engine_main
 
-static char *engine_usage[]={
+static const char *engine_usage[]={
 "usage: engine opts [engine ...]\n",
 " -v[v[v[v]]] - verbose mode, for each engine, list its 'control commands'\n",
 "               -vv will additionally display each command's description\n",
@@ -92,7 +92,7 @@ static char *engine_usage[]={
 NULL
 };
 
-static void identity(void *ptr)
+static void identity(char *ptr)
 	{
 	return;
 	}
@@ -148,11 +148,6 @@ static int util_flags(BIO *bio_out, unsigned int flags, const char *indent)
 
 	if(flags & ENGINE_CMD_FLAG_NUMERIC)
 		{
-		if(started)
-			{
-			BIO_printf(bio_out, "|");
-			err = 1;
-			}
 		BIO_printf(bio_out, "NUMERIC");
 		started = 1;
 		}
@@ -205,7 +200,7 @@ static int util_verbose(ENGINE *e, int verbose, BIO *bio_out, const char *indent
 	char *desc = NULL;
 	int flags;
 	int xpos = 0;
-	STACK *cmds = NULL;
+	STACK_OF(OPENSSL_STRING) *cmds = NULL;
 	if(!ENGINE_ctrl(e, ENGINE_CTRL_HAS_CTRL_FUNCTION, 0, NULL, NULL) ||
 			((num = ENGINE_ctrl(e, ENGINE_CTRL_GET_FIRST_CMD_TYPE,
 					0, NULL, NULL)) <= 0))
@@ -216,7 +211,7 @@ static int util_verbose(ENGINE *e, int verbose, BIO *bio_out, const char *indent
 		return 1;
 		}
 
-	cmds = sk_new_null();
+	cmds = sk_OPENSSL_STRING_new_null();
 
 	if(!cmds)
 		goto err;
@@ -252,7 +247,7 @@ static int util_verbose(ENGINE *e, int verbose, BIO *bio_out, const char *indent
                         /* Now decide on the output */
                         if(xpos == 0)
                                 /* Do an indent */
-                                xpos = BIO_printf(bio_out, indent);
+                                xpos = BIO_puts(bio_out, indent);
                         else
                                 /* Otherwise prepend a ", " */
                                 xpos += BIO_printf(bio_out, ", ");
@@ -263,7 +258,7 @@ static int util_verbose(ENGINE *e, int verbose, BIO *bio_out, const char *indent
 					(xpos + (int)strlen(name) > line_wrap))
                                         {
                                         BIO_printf(bio_out, "\n");
-                                        xpos = BIO_printf(bio_out, indent);
+                                        xpos = BIO_puts(bio_out, indent);
                                         }
                                 xpos += BIO_printf(bio_out, "%s", name);
                                 }
@@ -289,15 +284,17 @@ static int util_verbose(ENGINE *e, int verbose, BIO *bio_out, const char *indent
 		BIO_printf(bio_out, "\n");
 	ret = 1;
 err:
-	if(cmds) sk_pop_free(cmds, identity);
+	if(cmds) sk_OPENSSL_STRING_pop_free(cmds, identity);
 	if(name) OPENSSL_free(name);
 	if(desc) OPENSSL_free(desc);
 	return ret;
 	}
 
-static void util_do_cmds(ENGINE *e, STACK *cmds, BIO *bio_out, const char *indent)
+static void util_do_cmds(ENGINE *e, STACK_OF(OPENSSL_STRING) *cmds,
+			BIO *bio_out, const char *indent)
 	{
-	int loop, res, num = sk_num(cmds);
+	int loop, res, num = sk_OPENSSL_STRING_num(cmds);
+
 	if(num < 0)
 		{
 		BIO_printf(bio_out, "[Error]: internal stack error\n");
@@ -307,7 +304,7 @@ static void util_do_cmds(ENGINE *e, STACK *cmds, BIO *bio_out, const char *inden
 		{
 		char buf[256];
 		const char *cmd, *arg;
-		cmd = sk_value(cmds, loop);
+		cmd = sk_OPENSSL_STRING_value(cmds, loop);
 		res = 1; /* assume success */
 		/* Check if this command has no ":arg" */
 		if((arg = strstr(cmd, ":")) == NULL)
@@ -344,12 +341,12 @@ int MAIN(int, char **);
 int MAIN(int argc, char **argv)
 	{
 	int ret=1,i;
-	char **pp;
+	const char **pp;
 	int verbose=0, list_cap=0, test_avail=0, test_avail_noise = 0;
 	ENGINE *e;
-	STACK *engines = sk_new_null();
-	STACK *pre_cmds = sk_new_null();
-	STACK *post_cmds = sk_new_null();
+	STACK_OF(OPENSSL_STRING) *engines = sk_OPENSSL_STRING_new_null();
+	STACK_OF(OPENSSL_STRING) *pre_cmds = sk_OPENSSL_STRING_new_null();
+	STACK_OF(OPENSSL_STRING) *post_cmds = sk_OPENSSL_STRING_new_null();
 	int badops=1;
 	BIO *bio_out=NULL;
 	const char *indent = "     ";
@@ -394,18 +391,22 @@ int MAIN(int argc, char **argv)
 		else if (strcmp(*argv,"-pre") == 0)
 			{
 			argc--; argv++;
-			sk_push(pre_cmds,*argv);
+			if (argc == 0)
+				goto skip_arg_loop;
+			sk_OPENSSL_STRING_push(pre_cmds,*argv);
 			}
 		else if (strcmp(*argv,"-post") == 0)
 			{
 			argc--; argv++;
-			sk_push(post_cmds,*argv);
+			if (argc == 0)
+				goto skip_arg_loop;
+			sk_OPENSSL_STRING_push(post_cmds,*argv);
 			}
 		else if ((strncmp(*argv,"-h",2) == 0) ||
 				(strcmp(*argv,"-?") == 0))
 			goto skip_arg_loop;
 		else
-			sk_push(engines,*argv);
+			sk_OPENSSL_STRING_push(engines,*argv);
 		argc--;
 		argv++;
 		}
@@ -420,17 +421,17 @@ skip_arg_loop:
 		goto end;
 		}
 
-	if (sk_num(engines) == 0)
+	if (sk_OPENSSL_STRING_num(engines) == 0)
 		{
 		for(e = ENGINE_get_first(); e != NULL; e = ENGINE_get_next(e))
 			{
-			sk_push(engines,(char *)ENGINE_get_id(e));
+			sk_OPENSSL_STRING_push(engines,(char *)ENGINE_get_id(e));
 			}
 		}
 
-	for (i=0; i<sk_num(engines); i++)
+	for (i=0; i<sk_OPENSSL_STRING_num(engines); i++)
 		{
-		const char *id = sk_value(engines,i);
+		const char *id = sk_OPENSSL_STRING_value(engines,i);
 		if ((e = ENGINE_by_id(id)) != NULL)
 			{
 			const char *name = ENGINE_get_name(e);
@@ -450,6 +451,7 @@ skip_arg_loop:
 				const int *nids;
 				ENGINE_CIPHERS_PTR fn_c;
 				ENGINE_DIGESTS_PTR fn_d;
+				ENGINE_PKEY_METHS_PTR fn_pk;
 
 				if (ENGINE_get_RSA(e) != NULL
 					&& !append_buf(&cap_buf, "RSA",
@@ -488,6 +490,15 @@ skip_ciphers:
 						goto end;
 
 skip_digests:
+				fn_pk = ENGINE_get_pkey_meths(e);
+				if(!fn_pk) goto skip_pmeths;
+				n = fn_pk(e, NULL, &nids, 0);
+				for(k=0 ; k < n ; ++k)
+					if(!append_buf(&cap_buf,
+						       OBJ_nid2sn(nids[k]),
+						       &cap_size, 256))
+						goto end;
+skip_pmeths:
 				if (cap_buf && (*cap_buf != '\0'))
 					BIO_printf(bio_out, " [%s]\n", cap_buf);
 
@@ -522,9 +533,9 @@ skip_digests:
 end:
 
 	ERR_print_errors(bio_err);
-	sk_pop_free(engines, identity);
-	sk_pop_free(pre_cmds, identity);
-	sk_pop_free(post_cmds, identity);
+	sk_OPENSSL_STRING_pop_free(engines, identity);
+	sk_OPENSSL_STRING_pop_free(pre_cmds, identity);
+	sk_OPENSSL_STRING_pop_free(post_cmds, identity);
 	if (bio_out != NULL) BIO_free_all(bio_out);
 	apps_shutdown();
 	OPENSSL_EXIT(ret);
diff --git a/apps/errstr.c b/apps/errstr.c
index 19489b0df3..fe3b98077e 100644
--- a/apps/errstr.c
+++ b/apps/errstr.c
@@ -97,10 +97,12 @@ int MAIN(int argc, char **argv)
 			out = BIO_push(tmpbio, out);
 			}
 #endif
-			lh_node_stats_bio((LHASH *)ERR_get_string_table(),out);
-			lh_stats_bio((LHASH *)ERR_get_string_table(),out);
-			lh_node_usage_stats_bio((LHASH *)
-				ERR_get_string_table(),out);
+			lh_ERR_STRING_DATA_node_stats_bio(
+						  ERR_get_string_table(), out);
+			lh_ERR_STRING_DATA_stats_bio(ERR_get_string_table(),
+						     out);
+			lh_ERR_STRING_DATA_node_usage_stats_bio(
+						    ERR_get_string_table(),out);
 			}
 		if (out != NULL) BIO_free_all(out);
 		argc--;
diff --git a/apps/gendh.c b/apps/gendh.c
index 69baa50b01..caa7327a10 100644
--- a/apps/gendh.c
+++ b/apps/gendh.c
@@ -57,6 +57,7 @@
  * [including the GNU Public Licence.]
  */
 
+#include <openssl/opensslconf.h>
 /* Until the key-gen callbacks are modified to use newer prototypes, we allow
  * deprecated functions for openssl-internal code */
 #ifdef OPENSSL_NO_DEPRECATED
@@ -234,4 +235,10 @@ static int MS_CALLBACK dh_cb(int p, int n, BN_GENCB *cb)
 #endif
 	return 1;
 	}
+#else /* !OPENSSL_NO_DH */
+
+# if PEDANTIC
+static void *dummy=&dummy;
+# endif
+
 #endif
diff --git a/apps/gendsa.c b/apps/gendsa.c
index 6d2ed06c81..22c39629e5 100644
--- a/apps/gendsa.c
+++ b/apps/gendsa.c
@@ -56,6 +56,7 @@
  * [including the GNU Public Licence.]
  */
 
+#include <openssl/opensslconf.h>	/* for OPENSSL_NO_DSA */
 #ifndef OPENSSL_NO_DSA
 #include <stdio.h>
 #include <string.h>
@@ -139,6 +140,10 @@ int MAIN(int argc, char **argv)
 		else if (strcmp(*argv,"-idea") == 0)
 			enc=EVP_idea_cbc();
 #endif
+#ifndef OPENSSL_NO_SEED
+		else if (strcmp(*argv,"-seed") == 0)
+			enc=EVP_seed_cbc();
+#endif
 #ifndef OPENSSL_NO_AES
 		else if (strcmp(*argv,"-aes128") == 0)
 			enc=EVP_aes_128_cbc();
@@ -147,6 +152,14 @@ int MAIN(int argc, char **argv)
 		else if (strcmp(*argv,"-aes256") == 0)
 			enc=EVP_aes_256_cbc();
 #endif
+#ifndef OPENSSL_NO_CAMELLIA
+		else if (strcmp(*argv,"-camellia128") == 0)
+			enc=EVP_camellia_128_cbc();
+		else if (strcmp(*argv,"-camellia192") == 0)
+			enc=EVP_camellia_192_cbc();
+		else if (strcmp(*argv,"-camellia256") == 0)
+			enc=EVP_camellia_256_cbc();
+#endif
 		else if (**argv != '-' && dsaparams == NULL)
 			{
 			dsaparams = *argv;
@@ -169,10 +182,18 @@ bad:
 #ifndef OPENSSL_NO_IDEA
 		BIO_printf(bio_err," -idea     - encrypt the generated key with IDEA in cbc mode\n");
 #endif
+#ifndef OPENSSL_NO_SEED
+		BIO_printf(bio_err," -seed\n");
+		BIO_printf(bio_err,"                 encrypt PEM output with cbc seed\n");
+#endif
 #ifndef OPENSSL_NO_AES
 		BIO_printf(bio_err," -aes128, -aes192, -aes256\n");
 		BIO_printf(bio_err,"                 encrypt PEM output with cbc aes\n");
 #endif
+#ifndef OPENSSL_NO_CAMELLIA
+		BIO_printf(bio_err," -camellia128, -camellia192, -camellia256\n");
+		BIO_printf(bio_err,"                 encrypt PEM output with cbc camellia\n");
+#endif
 #ifndef OPENSSL_NO_ENGINE
 		BIO_printf(bio_err," -engine e - use engine e, possibly a hardware device.\n");
 #endif
@@ -258,4 +279,10 @@ end:
 	apps_shutdown();
 	OPENSSL_EXIT(ret);
 	}
+#else /* !OPENSSL_NO_DSA */
+
+# if PEDANTIC
+static void *dummy=&dummy;
+# endif
+
 #endif
diff --git a/apps/genpkey.c b/apps/genpkey.c
new file mode 100644
index 0000000000..6dfda08b9e
--- /dev/null
+++ b/apps/genpkey.c
@@ -0,0 +1,440 @@
+/* apps/genpkey.c */
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project 2006
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+#include <stdio.h>
+#include <string.h>
+#include "apps.h"
+#include <openssl/pem.h>
+#include <openssl/err.h>
+#include <openssl/evp.h>
+#ifndef OPENSSL_NO_ENGINE
+#include <openssl/engine.h>
+#endif
+
+static int init_keygen_file(BIO *err, EVP_PKEY_CTX **pctx,
+				const char *file, ENGINE *e);
+static int genpkey_cb(EVP_PKEY_CTX *ctx);
+
+#define PROG genpkey_main
+
+int MAIN(int, char **);
+
+int MAIN(int argc, char **argv)
+	{
+	ENGINE *e = NULL;
+	char **args, *outfile = NULL;
+	char *passarg = NULL;
+	BIO *in = NULL, *out = NULL;
+	const EVP_CIPHER *cipher = NULL;
+	int outformat;
+	int text = 0;
+	EVP_PKEY *pkey=NULL;
+	EVP_PKEY_CTX *ctx = NULL;
+	char *pass = NULL;
+	int badarg = 0;
+	int ret = 1, rv;
+
+	int do_param = 0;
+
+	if (bio_err == NULL)
+		bio_err = BIO_new_fp (stderr, BIO_NOCLOSE);
+
+	if (!load_config(bio_err, NULL))
+		goto end;
+
+	outformat=FORMAT_PEM;
+
+	ERR_load_crypto_strings();
+	OpenSSL_add_all_algorithms();
+	args = argv + 1;
+	while (!badarg && *args && *args[0] == '-')
+		{
+		if (!strcmp(*args,"-outform"))
+			{
+			if (args[1])
+				{
+				args++;
+				outformat=str2fmt(*args);
+				}
+			else badarg = 1;
+			}
+		else if (!strcmp(*args,"-pass"))
+			{
+			if (!args[1]) goto bad;
+			passarg= *(++args);
+			}
+#ifndef OPENSSL_NO_ENGINE
+		else if (strcmp(*args,"-engine") == 0)
+			{
+			if (!args[1])
+				goto bad;
+        		e = setup_engine(bio_err, *(++args), 0);
+			}
+#endif
+		else if (!strcmp (*args, "-paramfile"))
+			{
+			if (!args[1])
+				goto bad;
+			args++;
+			if (do_param == 1)
+				goto bad;
+			if (!init_keygen_file(bio_err, &ctx, *args, e))
+				goto end;
+			}
+		else if (!strcmp (*args, "-out"))
+			{
+			if (args[1])
+				{
+				args++;
+				outfile = *args;
+				}
+			else badarg = 1;
+			}
+		else if (strcmp(*args,"-algorithm") == 0)
+			{
+			if (!args[1])
+				goto bad;
+			if (!init_gen_str(bio_err, &ctx, *(++args),e, do_param))
+				goto end;
+			}
+		else if (strcmp(*args,"-pkeyopt") == 0)
+			{
+			if (!args[1])
+				goto bad;
+			if (!ctx)
+				{
+				BIO_puts(bio_err, "No keytype specified\n");
+				goto bad;
+				}
+			else if (pkey_ctrl_string(ctx, *(++args)) <= 0)
+				{
+				BIO_puts(bio_err, "parameter setting error\n");
+				ERR_print_errors(bio_err);
+				goto end;
+				}
+			}
+		else if (strcmp(*args,"-genparam") == 0)
+			{
+			if (ctx)
+				goto bad;
+			do_param = 1;
+			}
+		else if (strcmp(*args,"-text") == 0)
+			text=1;
+		else
+			{
+			cipher = EVP_get_cipherbyname(*args + 1);
+			if (!cipher)
+				{
+				BIO_printf(bio_err, "Unknown cipher %s\n",
+								*args + 1);
+				badarg = 1;
+				}
+			if (do_param == 1)
+				badarg = 1;
+			}
+		args++;
+		}
+
+	if (!ctx)
+		badarg = 1;
+
+	if (badarg)
+		{
+		bad:
+		BIO_printf(bio_err, "Usage: genpkey [options]\n");
+		BIO_printf(bio_err, "where options may be\n");
+		BIO_printf(bio_err, "-out file          output file\n");
+		BIO_printf(bio_err, "-outform X         output format (DER or PEM)\n");
+		BIO_printf(bio_err, "-pass arg          output file pass phrase source\n");
+		BIO_printf(bio_err, "-<cipher>          use cipher <cipher> to encrypt the key\n");
+#ifndef OPENSSL_NO_ENGINE
+		BIO_printf(bio_err, "-engine e          use engine e, possibly a hardware device.\n");
+#endif
+		BIO_printf(bio_err, "-paramfile file    parameters file\n");
+		BIO_printf(bio_err, "-algorithm alg     the public key algorithm\n");
+		BIO_printf(bio_err, "-pkeyopt opt:value set the public key algorithm option <opt>\n"
+				            "                   to value <value>\n");
+		BIO_printf(bio_err, "-genparam          generate parameters, not key\n");
+		BIO_printf(bio_err, "-text              print the in text\n");
+		BIO_printf(bio_err, "NB: options order may be important!  See the manual page.\n");
+		goto end;
+		}
+
+	if (!app_passwd(bio_err, passarg, NULL, &pass, NULL))
+		{
+		BIO_puts(bio_err, "Error getting password\n");
+		goto end;
+		}
+
+	if (outfile)
+		{
+		if (!(out = BIO_new_file (outfile, "wb")))
+			{
+			BIO_printf(bio_err,
+				 "Can't open output file %s\n", outfile);
+			goto end;
+			}
+		}
+	else
+		{
+		out = BIO_new_fp (stdout, BIO_NOCLOSE);
+#ifdef OPENSSL_SYS_VMS
+			{
+			BIO *tmpbio = BIO_new(BIO_f_linebuffer());
+			out = BIO_push(tmpbio, out);
+			}
+#endif
+		}
+
+	EVP_PKEY_CTX_set_cb(ctx, genpkey_cb);
+	EVP_PKEY_CTX_set_app_data(ctx, bio_err);
+
+	if (do_param)
+		{
+		if (EVP_PKEY_paramgen(ctx, &pkey) <= 0)
+			{
+			BIO_puts(bio_err, "Error generating parameters\n");
+			ERR_print_errors(bio_err);
+			goto end;
+			}
+		}
+	else
+		{
+		if (EVP_PKEY_keygen(ctx, &pkey) <= 0)
+			{
+			BIO_puts(bio_err, "Error generating key\n");
+			ERR_print_errors(bio_err);
+			goto end;
+			}
+		}
+
+	if (do_param)
+		rv = PEM_write_bio_Parameters(out, pkey);
+	else if (outformat == FORMAT_PEM) 
+		rv = PEM_write_bio_PrivateKey(out, pkey, cipher, NULL, 0,
+								NULL, pass);
+	else if (outformat == FORMAT_ASN1)
+		rv = i2d_PrivateKey_bio(out, pkey);
+	else
+		{
+		BIO_printf(bio_err, "Bad format specified for key\n");
+		goto end;
+		}
+
+	if (rv <= 0)
+		{
+		BIO_puts(bio_err, "Error writing key\n");
+		ERR_print_errors(bio_err);
+		}
+
+	if (text)
+		{
+		if (do_param)
+			rv = EVP_PKEY_print_params(out, pkey, 0, NULL);
+		else
+			rv = EVP_PKEY_print_private(out, pkey, 0, NULL);
+
+		if (rv <= 0)
+			{
+			BIO_puts(bio_err, "Error printing key\n");
+			ERR_print_errors(bio_err);
+			}
+		}
+
+	ret = 0;
+
+	end:
+	if (pkey)
+		EVP_PKEY_free(pkey);
+	if (ctx)
+		EVP_PKEY_CTX_free(ctx);
+	if (out)
+		BIO_free_all(out);
+	BIO_free(in);
+	if (pass)
+		OPENSSL_free(pass);
+
+	return ret;
+	}
+
+static int init_keygen_file(BIO *err, EVP_PKEY_CTX **pctx,
+				const char *file, ENGINE *e)
+	{
+	BIO *pbio;
+	EVP_PKEY *pkey = NULL;
+	EVP_PKEY_CTX *ctx = NULL;
+	if (*pctx)
+		{
+		BIO_puts(err, "Parameters already set!\n");
+		return 0;
+		}
+
+	pbio = BIO_new_file(file, "r");
+	if (!pbio)
+		{
+		BIO_printf(err, "Can't open parameter file %s\n", file);
+		return 0;
+		}
+
+	pkey = PEM_read_bio_Parameters(pbio, NULL);
+	BIO_free(pbio);
+
+	if (!pkey)
+		{
+		BIO_printf(bio_err, "Error reading parameter file %s\n", file);
+		return 0;
+		}
+
+	ctx = EVP_PKEY_CTX_new(pkey, e);
+	if (!ctx)
+		goto err;
+	if (EVP_PKEY_keygen_init(ctx) <= 0)
+		goto err;
+	EVP_PKEY_free(pkey);
+	*pctx = ctx;
+	return 1;
+
+	err:
+	BIO_puts(err, "Error initializing context\n");
+	ERR_print_errors(err);
+	if (ctx)
+		EVP_PKEY_CTX_free(ctx);
+	if (pkey)
+		EVP_PKEY_free(pkey);
+	return 0;
+
+	}
+
+int init_gen_str(BIO *err, EVP_PKEY_CTX **pctx,
+			const char *algname, ENGINE *e, int do_param)
+	{
+	EVP_PKEY_CTX *ctx = NULL;
+	const EVP_PKEY_ASN1_METHOD *ameth;
+	ENGINE *tmpeng = NULL;
+	int pkey_id;
+
+	if (*pctx)
+		{
+		BIO_puts(err, "Algorithm already set!\n");
+		return 0;
+		}
+
+	ameth = EVP_PKEY_asn1_find_str(&tmpeng, algname, -1);
+
+#ifndef OPENSSL_NO_ENGINE
+	if (!ameth && e)
+		ameth = ENGINE_get_pkey_asn1_meth_str(e, algname, -1);
+#endif
+
+	if (!ameth)
+		{
+		BIO_printf(bio_err, "Algorithm %s not found\n", algname);
+		return 0;
+		}
+
+	ERR_clear_error();
+
+	EVP_PKEY_asn1_get0_info(&pkey_id, NULL, NULL, NULL, NULL, ameth);
+#ifndef OPENSSL_NO_ENGINE
+	if (tmpeng)
+		ENGINE_finish(tmpeng);
+#endif
+	ctx = EVP_PKEY_CTX_new_id(pkey_id, e);
+
+	if (!ctx)
+		goto err;
+	if (do_param)
+		{
+		if (EVP_PKEY_paramgen_init(ctx) <= 0)
+			goto err;
+		}
+	else
+		{
+		if (EVP_PKEY_keygen_init(ctx) <= 0)
+			goto err;
+		}
+
+	*pctx = ctx;
+	return 1;
+
+	err:
+	BIO_printf(err, "Error initializing %s context\n", algname);
+	ERR_print_errors(err);
+	if (ctx)
+		EVP_PKEY_CTX_free(ctx);
+	return 0;
+
+	}
+
+static int genpkey_cb(EVP_PKEY_CTX *ctx)
+	{
+	char c='*';
+	BIO *b = EVP_PKEY_CTX_get_app_data(ctx);
+	int p;
+	p = EVP_PKEY_CTX_get_keygen_info(ctx, 0);
+	if (p == 0) c='.';
+	if (p == 1) c='+';
+	if (p == 2) c='*';
+	if (p == 3) c='\n';
+	BIO_write(b,&c,1);
+	(void)BIO_flush(b);
+#ifdef LINT
+	p=n;
+#endif
+	return 1;
+	}
diff --git a/apps/genrsa.c b/apps/genrsa.c
index f0bb30c56b..a9f40e8adf 100644
--- a/apps/genrsa.c
+++ b/apps/genrsa.c
@@ -56,6 +56,7 @@
  * [including the GNU Public Licence.]
  */
 
+#include <openssl/opensslconf.h>
 /* Until the key-gen callbacks are modified to use newer prototypes, we allow
  * deprecated functions for openssl-internal code */
 #ifdef OPENSSL_NO_DEPRECATED
@@ -104,9 +105,9 @@ int MAIN(int argc, char **argv)
 	char *inrand=NULL;
 	BIO *out=NULL;
 	BIGNUM *bn = BN_new();
-	RSA *rsa = RSA_new();
+	RSA *rsa = NULL;
 
-	if(!bn || !rsa) goto err;
+	if(!bn) goto err;
 
 	apps_startup();
 	BN_GENCB_set(&cb, genrsa_cb, bio_err);
@@ -159,6 +160,10 @@ int MAIN(int argc, char **argv)
 		else if (strcmp(*argv,"-idea") == 0)
 			enc=EVP_idea_cbc();
 #endif
+#ifndef OPENSSL_NO_SEED
+		else if (strcmp(*argv,"-seed") == 0)
+			enc=EVP_seed_cbc();
+#endif
 #ifndef OPENSSL_NO_AES
 		else if (strcmp(*argv,"-aes128") == 0)
 			enc=EVP_aes_128_cbc();
@@ -167,6 +172,14 @@ int MAIN(int argc, char **argv)
 		else if (strcmp(*argv,"-aes256") == 0)
 			enc=EVP_aes_256_cbc();
 #endif
+#ifndef OPENSSL_NO_CAMELLIA
+		else if (strcmp(*argv,"-camellia128") == 0)
+			enc=EVP_camellia_128_cbc();
+		else if (strcmp(*argv,"-camellia192") == 0)
+			enc=EVP_camellia_192_cbc();
+		else if (strcmp(*argv,"-camellia256") == 0)
+			enc=EVP_camellia_256_cbc();
+#endif
 		else if (strcmp(*argv,"-passout") == 0)
 			{
 			if (--argc < 1) goto bad;
@@ -186,10 +199,18 @@ bad:
 #ifndef OPENSSL_NO_IDEA
 		BIO_printf(bio_err," -idea           encrypt the generated key with IDEA in cbc mode\n");
 #endif
+#ifndef OPENSSL_NO_SEED
+		BIO_printf(bio_err," -seed\n");
+		BIO_printf(bio_err,"                 encrypt PEM output with cbc seed\n");
+#endif
 #ifndef OPENSSL_NO_AES
 		BIO_printf(bio_err," -aes128, -aes192, -aes256\n");
 		BIO_printf(bio_err,"                 encrypt PEM output with cbc aes\n");
 #endif
+#ifndef OPENSSL_NO_CAMELLIA
+		BIO_printf(bio_err," -camellia128, -camellia192, -camellia256\n");
+		BIO_printf(bio_err,"                 encrypt PEM output with cbc camellia\n");
+#endif
 		BIO_printf(bio_err," -out file       output the key to 'file\n");
 		BIO_printf(bio_err," -passout arg    output file pass phrase source\n");
 		BIO_printf(bio_err," -f4             use F4 (0x10001) for the E value\n");
@@ -245,6 +266,10 @@ bad:
 	BIO_printf(bio_err,"Generating RSA private key, %d bit long modulus\n",
 		num);
 
+	rsa = RSA_new();
+	if (!rsa)
+		goto err;
+
 	if(!BN_set_word(bn, f4) || !RSA_generate_key_ex(rsa, num, bn, &cb))
 		goto err;
 		
diff --git a/apps/install.com b/apps/install.com
index f927dc29f5..c5821b40e3 100644
--- a/apps/install.com
+++ b/apps/install.com
@@ -5,13 +5,23 @@ $! Time of creation: 22-MAY-1998 10:13
 $!
 $! P1	root of the directory tree
 $!
+$
 $	IF P1 .EQS. ""
 $	THEN
 $	    WRITE SYS$OUTPUT "First argument missing."
-$	    WRITE SYS$OUTPUT "Should be the directory where you want things installed."
+$	    WRITE SYS$OUTPUT -
+		  "Should be the directory where you want things installed."
 $	    EXIT
 $	ENDIF
 $
+$	IF (F$GETSYI("CPU").LT.128)
+$	THEN
+$	    ARCH := VAX
+$	ELSE
+$	    ARCH = F$EDIT( F$GETSYI( "ARCH_NAME"), "UPCASE")
+$	    IF (ARCH .EQS. "") THEN ARCH = "UNK"
+$	ENDIF
+$
 $	ROOT = F$PARSE(P1,"[]A.;0",,,"SYNTAX_ONLY,NO_CONCEAL") - "A.;0"
 $	ROOT_DEV = F$PARSE(ROOT,,,"DEVICE","SYNTAX_ONLY")
 $	ROOT_DIR = F$PARSE(ROOT,,,"DIRECTORY","SYNTAX_ONLY") -
@@ -19,23 +29,16 @@ $	ROOT_DIR = F$PARSE(ROOT,,,"DIRECTORY","SYNTAX_ONLY") -
 $	ROOT = ROOT_DEV + "[" + ROOT_DIR
 $
 $	DEFINE/NOLOG WRK_SSLROOT 'ROOT'.] /TRANS=CONC
-$	DEFINE/NOLOG WRK_SSLVEXE WRK_SSLROOT:[VAX_EXE]
-$	DEFINE/NOLOG WRK_SSLAEXE WRK_SSLROOT:[ALPHA_EXE]
-$	DEFINE/NOLOG WRK_SSLLIB WRK_SSLROOT:[LIB]
+$	DEFINE/NOLOG WRK_SSLEXE WRK_SSLROOT:['ARCH'_EXE]
 $
 $	IF F$PARSE("WRK_SSLROOT:[000000]") .EQS. "" THEN -
 	   CREATE/DIR/LOG WRK_SSLROOT:[000000]
-$	IF F$PARSE("WRK_SSLVEXE:") .EQS. "" THEN -
-	   CREATE/DIR/LOG WRK_SSLVEXE:
-$	IF F$PARSE("WRK_SSLAEXE:") .EQS. "" THEN -
-	   CREATE/DIR/LOG WRK_SSLAEXE:
-$	IF F$PARSE("WRK_SSLLIB:") .EQS. "" THEN -
-	   CREATE/DIR/LOG WRK_SSLLIB:
+$	IF F$PARSE("WRK_SSLEXE:") .EQS. "" THEN -
+	   CREATE/DIR/LOG WRK_SSLEXE:
 $
 $	EXE := openssl
 $
-$	VEXE_DIR := [-.VAX.EXE.APPS]
-$	AEXE_DIR := [-.AXP.EXE.APPS]
+$	EXE_DIR := [-.'ARCH'.EXE.APPS]
 $
 $	I = 0
 $ LOOP_EXE: 
@@ -43,25 +46,18 @@ $	E = F$EDIT(F$ELEMENT(I, ",", EXE),"TRIM")
 $	I = I + 1
 $	IF E .EQS. "," THEN GOTO LOOP_EXE_END
 $	SET NOON
-$	IF F$SEARCH(VEXE_DIR+E+".EXE") .NES. ""
-$	THEN
-$	  COPY 'VEXE_DIR''E'.EXE WRK_SSLVEXE:'E'.EXE/log
-$	  SET FILE/PROT=W:RE WRK_SSLVEXE:'E'.EXE
-$	ENDIF
-$	IF F$SEARCH(AEXE_DIR+E+".EXE") .NES. ""
+$	IF F$SEARCH(EXE_DIR+E+".EXE") .NES. ""
 $	THEN
-$	  COPY 'AEXE_DIR''E'.EXE WRK_SSLAEXE:'E'.EXE/log
-$	  SET FILE/PROT=W:RE WRK_SSLAEXE:'E'.EXE
+$	  COPY 'EXE_DIR''E'.EXE WRK_SSLEXE:'E'.EXE/log
+$	  SET FILE/PROT=W:RE WRK_SSLEXE:'E'.EXE
 $	ENDIF
 $	SET ON
 $	GOTO LOOP_EXE
 $ LOOP_EXE_END:
 $
 $	SET NOON
-$	COPY CA.COM WRK_SSLAEXE:CA.COM/LOG
-$	SET FILE/PROT=W:RE WRK_SSLAEXE:CA.COM
-$	COPY CA.COM WRK_SSLVEXE:CA.COM/LOG
-$	SET FILE/PROT=W:RE WRK_SSLVEXE:CA.COM
+$	COPY CA.COM WRK_SSLEXE:CA.COM/LOG
+$	SET FILE/PROT=W:RE WRK_SSLEXE:CA.COM
 $	COPY OPENSSL-VMS.CNF WRK_SSLROOT:[000000]OPENSSL.CNF/LOG
 $	SET FILE/PROT=W:R WRK_SSLROOT:[000000]OPENSSL.CNF
 $	SET ON
diff --git a/apps/makeapps.com b/apps/makeapps.com
index 2148baa071..d5714360ee 100644
--- a/apps/makeapps.com
+++ b/apps/makeapps.com
@@ -6,11 +6,12 @@ $!               A-Com Computing, Inc.
 $!               byer@mail.all-net.net
 $!
 $!  Changes by Richard Levitte <richard@levitte.org>
+$!             Zoltan Arpadffy <zoli@polarhome.com>   
 $!
 $!  This command files compiles and creates all the various different
 $!  "application" programs for the different types of encryption for OpenSSL.
 $!  The EXE's are placed in the directory [.xxx.EXE.APPS] where "xxx" denotes
-$!  either AXP or VAX depending on your machine architecture.
+$!  ALPHA, IA64 or VAX, depending on your machine architecture.
 $!
 $!  It was written so it would try to determine what "C" compiler to
 $!  use or you can specify which "C" compiler to use.
@@ -49,20 +50,21 @@ $ TCPIP_LIB = ""
 $!
 $! Check What Architecture We Are Using.
 $!
-$ IF (F$GETSYI("CPU").GE.128)
+$ IF (F$GETSYI("CPU").LT.128)
 $ THEN
 $!
-$!  The Architecture Is AXP.
+$!  The Architecture Is VAX.
 $!
-$   ARCH := AXP
+$   ARCH := VAX
 $!
 $! Else...
 $!
 $ ELSE
 $!
-$!  The Architecture Is VAX.
+$!  The Architecture Is Alpha, IA64 or whatever comes in the future.
 $!
-$   ARCH := VAX
+$   ARCH = F$EDIT( F$GETSYI( "ARCH_NAME"), "UPCASE")
+$   IF (ARCH .EQS. "") THEN ARCH = "UNK"
 $!
 $! End The Architecture Check.
 $!
@@ -71,22 +73,6 @@ $!
 $! Define what programs should be compiled
 $!
 $ PROGRAMS := OPENSSL
-$!$ PROGRAMS := VERIFY,ASN1PARS,REQ,DGST,DH,ENC,PASSWD,GENDH,ERRSTR,CA,CRL,-
-$!	      RSA,DSA,DSAPARAM,-
-$!	      X509,GENRSA,GENDSA,S_SERVER,S_CLIENT,SPEED,-
-$!	      S_TIME,VERSION,PKCS7,CRL2P7,SESS_ID,CIPHERS,NSEQ,
-$!
-$! Check To Make Sure We Have Valid Command Line Parameters.
-$!
-$ GOSUB CHECK_OPTIONS
-$!
-$! Initialise logical names and such
-$!
-$ GOSUB INITIALISE
-$!
-$! Tell The User What Kind of Machine We Run On.
-$!
-$ WRITE SYS$OUTPUT "Compiling On A ",ARCH," Machine."
 $!
 $! Define The CRYPTO Library.
 $!
@@ -100,6 +86,26 @@ $! Define The OBJ Directory.
 $!
 $ OBJ_DIR := SYS$DISK:[-.'ARCH'.OBJ.APPS]
 $!
+$! Define The EXE Directory.
+$!
+$ EXE_DIR := SYS$DISK:[-.'ARCH'.EXE.APPS]
+$!
+$! Define The LIS Directory.
+$!
+$ LIS_DIR := SYS$DISK:[-.'ARCH'.LIS.APPS]
+$!
+$! Check To Make Sure We Have Valid Command Line Parameters.
+$!
+$ GOSUB CHECK_OPTIONS
+$!
+$! Initialise logical names and such
+$!
+$ GOSUB INITIALISE
+$!
+$! Tell The User What Kind of Machine We Run On.
+$!
+$ WRITE SYS$OUTPUT "Compiling On A ",ARCH," Machine."
+$!
 $! Check To See If The OBJ Directory Exists.
 $!
 $ IF (F$PARSE(OBJ_DIR).EQS."")
@@ -113,11 +119,7 @@ $! End The OBJ Directory Check.
 $!
 $ ENDIF
 $!
-$! Define The LIS Directory.
-$!
-$ LIS_DIR := SYS$DISK:[-.'ARCH'.LIS.APPS]
-$!
-$! Check To See If The OBJ Directory Exists.
+$! Check To See If The LIS Directory Exists.
 $!
 $ IF (F$PARSE(LIS_DIR).EQS."")
 $ THEN
@@ -130,10 +132,6 @@ $! End The LIS Directory Check.
 $!
 $ ENDIF
 $!
-$! Define The EXE Directory.
-$!
-$ EXE_DIR := SYS$DISK:[-.'ARCH'.EXE.APPS]
-$!
 $! Check To See If The EXE Directory Exists.
 $!
 $ IF (F$PARSE(EXE_DIR).EQS."")
@@ -156,176 +154,188 @@ $!
 $ GOSUB CHECK_OPT_FILE
 $!
 $! Define The Application Files.
-$!
-$ LIB_FILES = "VERIFY;ASN1PARS;REQ;DGST;DH;DHPARAM;ENC;PASSWD;GENDH;ERRSTR;"+-
-	      "CA;PKCS7;CRL2P7;CRL;"+-
-	      "RSA;RSAUTL;DSA;DSAPARAM;EC;ECPARAM;"+-
-	      "X509;GENRSA;GENDSA;TERM_SOCK;S_SERVER;S_CLIENT;SPEED;"+-
-	      "S_TIME;APPS;S_CB;S_SOCKET;APP_RAND;VERSION;SESS_ID;"+-
-	      "CIPHERS;NSEQ;PKCS12;PKCS8;SPKAC;SMIME;RAND;ENGINE;OCSP"
-$ APP_FILES := OPENSSL,'OBJ_DIR'VERIFY.OBJ,ASN1PARS.OBJ,REQ.OBJ,DGST.OBJ,DH.OBJ,DHPARAM.OBJ,ENC.OBJ,PASSWD.OBJ,GENDH.OBJ,ERRSTR.OBJ,-
-	       CA.OBJ,PKCS7.OBJ,CRL2P7.OBJ,CRL.OBJ,-
-	       RSA.OBJ,RSAUTL.OBJ,DSA.OBJ,DSAPARAM.OBJ,EC.OBJ,ECPARAM.OBJ,-
-	       X509.OBJ,GENRSA.OBJ,GENDSA.OBJ,TERM_SOCK.OBJ,S_SERVER.OBJ,S_CLIENT.OBJ,SPEED.OBJ,-
-	       S_TIME.OBJ,APPS.OBJ,S_CB.OBJ,S_SOCKET.OBJ,APP_RAND.OBJ,VERSION.OBJ,SESS_ID.OBJ,-
-	       CIPHERS.OBJ,NSEQ.OBJ,PKCS12.OBJ,PKCS8.OBJ,SPKAC.OBJ,SMIME.OBJ,RAND.OBJ,ENGINE.OBJ,OCSP.OBJ
+$! NOTE: Some might think this list ugly.  However, it's made this way to
+$! reflect the E_OBJ variable in Makefile as closely as possible, thereby
+$! making it fairly easy to verify that the lists are the same.
+$!
+$ LIB_OPENSSL = "VERIFY,ASN1PARS,REQ,DGST,DH,DHPARAM,ENC,PASSWD,GENDH,ERRSTR,"+-
+	     	"CA,PKCS7,CRL2P7,CRL,"+-
+	      	"RSA,RSAUTL,DSA,DSAPARAM,EC,ECPARAM,"+-
+	      	"X509,GENRSA,GENDSA,GENPKEY,S_SERVER,S_CLIENT,SPEED,"+-
+	      	"S_TIME,APPS,S_CB,S_SOCKET,APP_RAND,VERSION,SESS_ID,"+-
+	      	"CIPHERS,NSEQ,PKCS12,PKCS8,PKEY,PKEYPARAM,PKEYUTL,"+ -
+	      	"SPKAC,SMIME,CMS,RAND,ENGINE,OCSP,PRIME,TS"
 $ TCPIP_PROGRAMS = ",,"
 $ IF COMPILER .EQS. "VAXC" THEN -
      TCPIP_PROGRAMS = ",OPENSSL,"
-$!$ APP_FILES := VERIFY;ASN1PARS;REQ;DGST;DH;ENC;GENDH;ERRSTR;CA;-
-$!	       PKCS7;CRL2P7;CRL;-
-$!	       RSA;DSA;DSAPARAM;-
-$!	       X509;GENRSA;GENDSA;-
-$!	       S_SERVER,'OBJ_DIR'S_SOCKET.OBJ,'OBJ_DIR'S_CB.OBJ;-
-$!	       S_CLIENT,'OBJ_DIR'S_SOCKET.OBJ,'OBJ_DIR'S_CB.OBJ;-
-$!	       SPEED;-
-$!	       S_TIME,'OBJ_DIR'S_CB.OBJ;VERSION;SESS_ID;CIPHERS;NSEQ
-$!$ TCPIP_PROGRAMS = ",,"
-$!$ IF COMPILER .EQS. "VAXC" THEN -
-$!     TCPIP_PROGRAMS = ",S_SERVER,S_CLIENT,SESS_ID,CIPHERS,S_TIME,"
 $!
 $! Setup exceptional compilations
 $!
-$ COMPILEWITH_CC2 = ",S_SERVER,S_CLIENT,"
+$ COMPILEWITH_CC2 = ",S_SOCKET,S_SERVER,S_CLIENT,"
 $ COMPILEWITH_CC3 = ",TERM_SOCK,"
 $!
 $ PHASE := LIB
 $!
 $ RESTART: 
 $!
-$!  Define A File Counter And Set It To "0".
+$!  Define An App Counter And Set It To "0".
+$!
+$ APP_COUNTER = 0
 $!
-$ FILE_COUNTER = 0
+$!  Top Of The App Loop.
 $!
-$! Top Of The File Loop.
+$ NEXT_APP:
 $!
-$ NEXT_FILE:
+$!  Make The Application File Name
 $!
-$! O.K, Extract The File Name From The File List.
+$ CURRENT_APP = F$EDIT(F$ELEMENT(APP_COUNTER,",",PROGRAMS),"TRIM")
 $!
-$ FILE_NAME0 = F$EDIT(F$ELEMENT(FILE_COUNTER,";",'PHASE'_FILES),"TRIM")
-$ FILE_NAME = F$EDIT(F$ELEMENT(0,",",FILE_NAME0),"TRIM")
-$ EXTRA_OBJ = FILE_NAME0 - FILE_NAME
+$!  Create The Executable File Name.
 $!
-$! Check To See If We Are At The End Of The File List.
+$   EXE_FILE = EXE_DIR + CURRENT_APP + ".EXE"
 $!
-$ IF (FILE_NAME0.EQS.";")
+$!  Check To See If We Are At The End Of The File List.
+$!
+$ IF (CURRENT_APP.EQS.",")
 $ THEN
 $   IF (PHASE.EQS."LIB")
 $   THEN
 $     PHASE := APP
 $     GOTO RESTART
 $   ELSE
-$     GOTO FILE_DONE
+$     GOTO APP_DONE
 $   ENDIF
 $ ENDIF
 $!
-$! Increment The Counter.
+$!  Increment The Counter.
 $!
-$ FILE_COUNTER = FILE_COUNTER + 1
+$ APP_COUNTER = APP_COUNTER + 1
 $!
-$! Check to see if this program should actually be compiled
+$!  Decide if we're building the object files or not.
 $!
-$ IF PHASE .EQS. "APP" .AND. -
-     ","+PROGRAMS+"," - (","+F$EDIT(FILE_NAME,"UPCASE")+",") .EQS. ","+PROGRAMS+","
+$ IF (PHASE.EQS."LIB")
 $ THEN
-$   GOTO NEXT_FILE
-$ ENDIF
 $!
-$! Create The Source File Name.
+$!  Define A Library File Counter And Set It To "-1".
+$!  -1 Means The Application File Name Is To Be Used.
 $!
-$ SOURCE_FILE = "SYS$DISK:[]" + FILE_NAME + ".C"
+$   LIB_COUNTER = -1
 $!
-$! Create The Object File Name.
+$!  Create a .OPT file for the object files
 $!
-$ OBJECT_FILE = OBJ_DIR + FILE_NAME + ".OBJ"
+$   OPEN/WRITE OBJECTS 'EXE_DIR''CURRENT_APP'.OPT
 $!
-$! Create The Listing File Name.
+$!  Top Of The File Loop.
 $!
-$ LIST_FILE = LIS_DIR + FILE_NAME + ".LIS"
+$  NEXT_LIB:
 $!
-$! Create The MAP File Name.
+$!  O.K, Extract The File Name From The File List.
 $!
-$ MAP_FILE = LIS_DIR + FILE_NAME + ".MAP"
+$   IF LIB_COUNTER .GE. 0
+$   THEN
+$     FILE_NAME = F$EDIT(F$ELEMENT(LIB_COUNTER,",",LIB_'CURRENT_APP'),"TRIM")
+$   ELSE
+$     FILE_NAME = CURRENT_APP
+$   ENDIF
 $!
-$! Create The Executable File Name.
+$!  Check To See If We Are At The End Of The File List.
 $!
-$ EXE_FILE = EXE_DIR + FILE_NAME + ".EXE"
-$ ON WARNING THEN GOTO NEXT_FILE
+$   IF (FILE_NAME.EQS.",")
+$   THEN
+$     CLOSE OBJECTS
+$     GOTO NEXT_APP
+$   ENDIF
 $!
-$! Check To See If The File We Want To Compile Actually Exists.
+$!  Increment The Counter.
 $!
-$ IF (F$SEARCH(SOURCE_FILE).EQS."")
-$ THEN
+$   LIB_COUNTER = LIB_COUNTER + 1
 $!
-$!  Tell The User That The File Dosen't Exist.
+$!  Create The Source File Name.
 $!
-$   WRITE SYS$OUTPUT ""
-$   WRITE SYS$OUTPUT F$MESSAGE("%X10018290") + ".  The File ",SOURCE_FILE," Dosen't Exist."
-$   WRITE SYS$OUTPUT ""
+$   SOURCE_FILE = "SYS$DISK:[]" + FILE_NAME + ".C"
 $!
-$!  Exit The Build.
+$!  Create The Listing File Name.
 $!
-$   GOTO EXIT
+$   LIST_FILE = LIS_DIR + FILE_NAME + ".LIS"
 $!
-$! End The File Exist Check.
+$!  Create The MAP File Name.
 $!
-$ ENDIF
+$   MAP_FILE = LIS_DIR + FILE_NAME + ".MAP"
 $!
-$! Tell The User What We Are Building.
+$!  Create The Object File Name.
 $!
-$ IF (PHASE.EQS."LIB")
-$ THEN
-$   WRITE SYS$OUTPUT "Compiling The ",FILE_NAME,".C File."
-$ ELSE
-$   WRITE SYS$OUTPUT "Building The ",FILE_NAME," Application Program."
-$ ENDIF
+$   OBJECT_FILE = OBJ_DIR + FILE_NAME + ".OBJ"
+$   ON WARNING THEN GOTO NEXT_LIB
 $!
-$! Compile The File.
+$!  Check To See If The File We Want To Compile Actually Exists.
 $!
-$ ON ERROR THEN GOTO NEXT_FILE
-$ IF COMPILEWITH_CC3 - FILE_NAME .NES. COMPILEWITH_CC3
-$ THEN
-$   CC3/OBJECT='OBJECT_FILE'/LIST='LIST_FILE'/MACHINE_CODE 'SOURCE_FILE'
-$ ELSE
-$   IF COMPILEWITH_CC2 - FILE_NAME .NES. COMPILEWITH_CC2
+$   IF (F$SEARCH(SOURCE_FILE).EQS."")
 $   THEN
-$     CC2/OBJECT='OBJECT_FILE'/LIST='LIST_FILE'/MACHINE_CODE 'SOURCE_FILE'
+$!
+$!    Tell The User That The File Dosen't Exist.
+$!
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT "The File ",SOURCE_FILE," Dosen't Exist."
+$     WRITE SYS$OUTPUT ""
+$!
+$!    Exit The Build.
+$!
+$     GOTO EXIT
+$!
+$!  End The File Exist Check.
+$!
+$   ENDIF
+$!
+$!  Tell The User What We Are Building.
+$!
+$   IF (PHASE.EQS."LIB")
+$   THEN
+$     WRITE SYS$OUTPUT "Compiling The ",FILE_NAME,".C File."
 $   ELSE
-$     CC/OBJECT='OBJECT_FILE'/LIST='LIST_FILE'/MACHINE_CODE 'SOURCE_FILE'
+$     WRITE SYS$OUTPUT "Building The ",FILE_NAME," Application Program."
 $   ENDIF
-$ ENDIF
 $!
-$ ON WARNING THEN GOTO NEXT_FILE
+$!  Compile The File.
+$!
+$   ON ERROR THEN GOTO NEXT_FILE
+$   IF COMPILEWITH_CC3 - FILE_NAME .NES. COMPILEWITH_CC3
+$   THEN
+$     CC3/OBJECT='OBJECT_FILE'/LIST='LIST_FILE'/MACHINE_CODE 'SOURCE_FILE'
+$   ELSE
+$     IF COMPILEWITH_CC2 - FILE_NAME .NES. COMPILEWITH_CC2
+$     THEN
+$	CC2/OBJECT='OBJECT_FILE'/LIST='LIST_FILE'/MACHINE_CODE 'SOURCE_FILE'
+$     ELSE
+$	CC/OBJECT='OBJECT_FILE'/LIST='LIST_FILE'/MACHINE_CODE 'SOURCE_FILE'
+$     ENDIF
+$   ENDIF
+$   WRITE OBJECTS OBJECT_FILE
 $!
-$ IF (PHASE.EQS."LIB") 
-$ THEN 
-$   GOTO NEXT_FILE
+$   GOTO NEXT_LIB
 $ ENDIF
 $!
 $!  Check if this program works well without a TCPIP library
 $!
-$ IF TCPIP_LIB .EQS. "" .AND. TCPIP_PROGRAMS - FILE_NAME .NES. TCPIP_PROGRAMS
+$ IF TCPIP_LIB .EQS. "" .AND. TCPIP_PROGRAMS - CURRENT_APP .NES. TCPIP_PROGRAMS
 $ THEN
-$   WRITE SYS$OUTPUT FILE_NAME," needs a TCP/IP library.  Can't link.  Skipping..."
-$   GOTO NEXT_FILE
+$   WRITE SYS$OUTPUT CURRENT_APP," needs a TCP/IP library.  Can't link.  Skipping..."
+$   GOTO NEXT_APP
 $ ENDIF
 $!
 $! Link The Program.
 $! Check To See If We Are To Link With A Specific TCP/IP Library.
 $!
-$ _save_ver = f$verify(1)
+$ ON WARNING THEN GOTO NEXT_APP
+$!
 $ IF (TCPIP_LIB.NES."")
 $ THEN
 $!
 $!  Check To See If We Are To Link With A Specific TCP/IP Library.
 $!
-$   LINK /'DEBUGGER'/'TRACEBACK' /EXE='EXE_FILE' /MAP='MAP_FILE' /FULL/CROSS -
-	'OBJECT_FILE''EXTRA_OBJ', -
-        'SSL_LIB'/LIBRARY, -
-	'CRYPTO_LIB'/LIBRARY, -
-        'TCPIP_LIB', -
-	'OPT_FILE'/OPTION, -
+$   LINK/'DEBUGGER'/'TRACEBACK' /EXE='EXE_FILE' /MAP='MAP_FILE' /FULL/CROSS -
+	'EXE_DIR''CURRENT_APP'.OPT/OPTION, -
+        'SSL_LIB'/LIBRARY,'CRYPTO_LIB'/LIBRARY, -
+        'TCPIP_LIB','OPT_FILE'/OPTION, -
 	SYS$DISK:[-]SSL_IDENT.OPT/OPTION
 $!
 $! Else...
@@ -334,11 +344,10 @@ $ ELSE
 $!
 $!  Don't Link With TCP/IP Library.
 $!
-$   LINK /'DEBUGGER'/'TRACEBACK' /EXE='EXE_FILE' /MAP='MAP_FILE' /FULL/CROSS -
-	'OBJECT_FILE''EXTRA_OBJ', -
-        'SSL_LIB'/LIBRARY, -
-	'CRYPTO_LIB'/LIBRARY, -
-	'OPT_FILE'/OPTION, -
+$   LINK/'DEBUGGER'/'TRACEBACK' /EXE='EXE_FILE' /MAP='MAP_FILE' /FULL/CROSS -
+	'EXE_DIR''CURRENT_APP'.OPT/OPTION, -
+        'SSL_LIB'/LIBRARY,'CRYPTO_LIB'/LIBRARY, -
+        'OPT_FILE'/OPTION, -
 	SYS$DISK:[-]SSL_IDENT.OPT/OPTION
 $!
 $! End The TCP/IP Library Check.
@@ -348,11 +357,11 @@ $ _save_ver := 'f$verify(_save_ver)
 $!
 $! Go Back And Do It Again.
 $!
-$ GOTO NEXT_FILE
+$ GOTO NEXT_APP
 $!
 $! All Done With This File.
 $!
-$ FILE_DONE:
+$ APP_DONE:
 $ EXIT:
 $!
 $! All Done, Time To Clean Up And Exit.
@@ -453,19 +462,19 @@ $!    Else...
 $!
 $     ELSE
 $!
-$!      Create The AXP Linker Option File.
+$!      Create The non-VAX Linker Option File.
 $!
 $       CREATE 'OPT_FILE'
 $DECK
 !
-! Default System Options File For AXP To Link Agianst 
+! Default System Options File For non-VAX To Link Agianst 
 ! The Sharable C Runtime Library.
 !
 SYS$SHARE:CMA$OPEN_LIB_SHR/SHARE
 SYS$SHARE:CMA$OPEN_RTL/SHARE
 $EOD
 $!
-$!    End The VAX/AXP DEC C Option File Check.
+$!    End The DEC C Option File Check.
 $!
 $     ENDIF
 $!
@@ -614,7 +623,7 @@ $   ELSE
 $!
 $!  Check To See If We Have VAXC Or DECC.
 $!
-$     IF (ARCH.EQS."AXP").OR.(F$TRNLNM("DECC$CC_DEFAULT").NES."")
+$     IF (ARCH.NES."VAX").OR.(F$TRNLNM("DECC$CC_DEFAULT").NES."")
 $     THEN 
 $!
 $!      Looks Like DECC, Set To Use DECC.
@@ -691,7 +700,7 @@ $ CCDEFS = "MONOLITH"
 $ IF F$TYPE(USER_CCDEFS) .NES. "" THEN CCDEFS = CCDEFS + "," + USER_CCDEFS
 $ CCEXTRAFLAGS = ""
 $ IF F$TYPE(USER_CCFLAGS) .NES. "" THEN CCEXTRAFLAGS = USER_CCFLAGS
-$ CCDISABLEWARNINGS = "LONGLONGTYPE,LONGLONGSUFX"
+$ CCDISABLEWARNINGS = "LONGLONGTYPE,LONGLONGSUFX,FOUNDCR"
 $ IF F$TYPE(USER_CCDISABLEWARNINGS) .NES. "" THEN -
 	CCDISABLEWARNINGS = CCDISABLEWARNINGS + "," + USER_CCDISABLEWARNINGS
 $!
@@ -724,7 +733,7 @@ $     CC = CC + "/''CC_OPTIMIZE'/''DEBUGGER'/STANDARD=ANSI89" + -
 $!
 $!    Define The Linker Options File Name.
 $!
-$     OPT_FILE = "SYS$DISK:[]''arch'_DECC_OPTIONS.OPT"
+$     OPT_FILE = "''EXE_DIR'''arch'_DECC_OPTIONS.OPT"
 $!
 $!  End DECC Check.
 $!
@@ -745,9 +754,9 @@ $!
 $!    Compile Using VAXC.
 $!
 $     CC = "CC"
-$     IF ARCH.EQS."AXP"
+$     IF ARCH.NES."VAX"
 $     THEN
-$	WRITE SYS$OUTPUT "There is no VAX C on Alpha!"
+$	WRITE SYS$OUTPUT "There is no VAX C on ''ARCH'!"
 $	EXIT
 $     ENDIF
 $     IF F$TRNLNM("DECC$CC_DEFAULT").EQS."/DECC" THEN CC = "CC/VAXC"
@@ -761,7 +770,7 @@ $     DEFINE/NOLOG SYS SYS$COMMON:[SYSLIB]
 $!
 $!    Define The Linker Options File Name.
 $!
-$     OPT_FILE = "SYS$DISK:[]''arch'_VAXC_OPTIONS.OPT"
+$     OPT_FILE = "''EXE_DIR'''arch'_VAXC_OPTIONS.OPT"
 $!
 $!  End VAXC Check
 $!
@@ -788,7 +797,7 @@ $     CC = GCC+"/NOCASE_HACK/''GCC_OPTIMIZE'/''DEBUGGER'" + -
 $!
 $!    Define The Linker Options File Name.
 $!
-$     OPT_FILE = "SYS$DISK:[]''arch'_GNUC_OPTIONS.OPT"
+$     OPT_FILE = "''EXE_DIR'''arch'_GNUC_OPTIONS.OPT"
 $!
 $!  End The GNU C Check.
 $!
diff --git a/apps/nseq.c b/apps/nseq.c
index dc71d45012..e3c4dba547 100644
--- a/apps/nseq.c
+++ b/apps/nseq.c
@@ -1,5 +1,5 @@
 /* nseq.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
 /* ====================================================================
diff --git a/apps/ocsp.c b/apps/ocsp.c
index 52af592a4a..01847dfad7 100644
--- a/apps/ocsp.c
+++ b/apps/ocsp.c
@@ -1,5 +1,5 @@
 /* ocsp.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2000.
  */
 /* ====================================================================
@@ -57,25 +57,52 @@
  */
 #ifndef OPENSSL_NO_OCSP
 
+#ifdef OPENSSL_SYS_VMS
+#define _XOPEN_SOURCE_EXTENDED	/* So fd_set and friends get properly defined
+				   on OpenVMS */
+#endif
+
+#define USE_SOCKETS
+
 #include <stdio.h>
+#include <stdlib.h>
 #include <string.h>
-#include "apps.h"
-#include <openssl/pem.h>
-#include <openssl/ocsp.h>
+#include <time.h>
+#include "apps.h" /* needs to be included before the openssl headers! */
+#include <openssl/e_os2.h>
+#include <openssl/crypto.h>
 #include <openssl/err.h>
 #include <openssl/ssl.h>
+#include <openssl/evp.h>
 #include <openssl/bn.h>
-
+#include <openssl/x509v3.h>
+
+#if defined(NETWARE_CLIB)
+#  ifdef NETWARE_BSDSOCK
+#    include <sys/socket.h>
+#    include <sys/bsdskt.h>
+#  else
+#    include <novsock2.h>
+#  endif
+#elif defined(NETWARE_LIBC)
+#  ifdef NETWARE_BSDSOCK
+#    include <sys/select.h>
+#  else
+#    include <novsock2.h>
+#  endif
+#endif
+  
 /* Maximum leeway in validity period: default 5 minutes */
 #define MAX_VALIDITY_PERIOD	(5 * 60)
 
-static int add_ocsp_cert(OCSP_REQUEST **req, X509 *cert, X509 *issuer,
+static int add_ocsp_cert(OCSP_REQUEST **req, X509 *cert, const EVP_MD *cert_id_md, X509 *issuer,
 				STACK_OF(OCSP_CERTID) *ids);
-static int add_ocsp_serial(OCSP_REQUEST **req, char *serial, X509 *issuer,
+static int add_ocsp_serial(OCSP_REQUEST **req, char *serial, const EVP_MD * cert_id_md, X509 *issuer,
 				STACK_OF(OCSP_CERTID) *ids);
 static int print_ocsp_summary(BIO *out, OCSP_BASICRESP *bs, OCSP_REQUEST *req,
-				STACK *names, STACK_OF(OCSP_CERTID) *ids,
-				long nsec, long maxage);
+			      STACK_OF(OPENSSL_STRING) *names,
+			      STACK_OF(OCSP_CERTID) *ids, long nsec,
+			      long maxage);
 
 static int make_ocsp_response(OCSP_RESPONSE **resp, OCSP_REQUEST *req, CA_DB *db,
 			X509 *ca, X509 *rcert, EVP_PKEY *rkey,
@@ -86,6 +113,9 @@ static char **lookup_serial(CA_DB *db, ASN1_INTEGER *ser);
 static BIO *init_responder(char *port);
 static int do_responder(OCSP_REQUEST **preq, BIO **pcbio, BIO *acbio, char *port);
 static int send_ocsp_response(BIO *cbio, OCSP_RESPONSE *resp);
+static OCSP_RESPONSE *query_responder(BIO *err, BIO *cbio, char *path,
+				STACK_OF(CONF_VALUE) *headers,
+				OCSP_REQUEST *req, int req_timeout);
 
 #undef PROG
 #define PROG ocsp_main
@@ -103,6 +133,7 @@ int MAIN(int argc, char **argv)
 	char *rsignfile = NULL, *rkeyfile = NULL;
 	char *outfile = NULL;
 	int add_nonce = 1, noverify = 0, use_ssl = -1;
+	STACK_OF(CONF_VALUE) *headers = NULL;
 	OCSP_REQUEST *req = NULL;
 	OCSP_RESPONSE *resp = NULL;
 	OCSP_BASICRESP *bs = NULL;
@@ -112,11 +143,11 @@ int MAIN(int argc, char **argv)
 	BIO *acbio = NULL, *cbio = NULL;
 	BIO *derbio = NULL;
 	BIO *out = NULL;
+	int req_timeout = -1;
 	int req_text = 0, resp_text = 0;
 	long nsec = MAX_VALIDITY_PERIOD, maxage = -1;
 	char *CAfile = NULL, *CApath = NULL;
 	X509_STORE *store = NULL;
-	SSL_CTX *ctx = NULL;
 	STACK_OF(X509) *sign_other = NULL, *verify_other = NULL, *rother = NULL;
 	char *sign_certfile = NULL, *verify_certfile = NULL, *rcertfile = NULL;
 	unsigned long sign_flags = 0, verify_flags = 0, rflags = 0;
@@ -125,7 +156,7 @@ int MAIN(int argc, char **argv)
 	int badarg = 0;
 	int i;
 	int ignore_err = 0;
-	STACK *reqnames = NULL;
+	STACK_OF(OPENSSL_STRING) *reqnames = NULL;
 	STACK_OF(OCSP_CERTID) *ids = NULL;
 
 	X509 *rca_cert = NULL;
@@ -133,14 +164,16 @@ int MAIN(int argc, char **argv)
 	char *rca_filename = NULL;
 	CA_DB *rdb = NULL;
 	int nmin = 0, ndays = -1;
+	const EVP_MD *cert_id_md = NULL;
 
 	if (bio_err == NULL) bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
 
 	if (!load_config(bio_err, NULL))
 		goto end;
 	SSL_load_error_strings();
+	OpenSSL_add_ssl_algorithms();
 	args = argv + 1;
-	reqnames = sk_new_null();
+	reqnames = sk_OPENSSL_STRING_new_null();
 	ids = sk_OCSP_CERTID_new_null();
 	while (!badarg && *args && *args[0] == '-')
 		{
@@ -153,6 +186,22 @@ int MAIN(int argc, char **argv)
 				}
 			else badarg = 1;
 			}
+		else if (!strcmp(*args, "-timeout"))
+			{
+			if (args[1])
+				{
+				args++;
+				req_timeout = atol(*args);
+				if (req_timeout < 0)
+					{
+					BIO_printf(bio_err,
+						"Illegal timeout value %s\n",
+						*args);
+					badarg = 1;
+					}
+				}
+			else badarg = 1;
+			}
 		else if (!strcmp(*args, "-url"))
 			{
 			if (args[1])
@@ -184,6 +233,16 @@ int MAIN(int argc, char **argv)
 				}
 			else badarg = 1;
 			}
+		else if (!strcmp(*args, "-header"))
+			{
+			if (args[1] && args[2])
+				{
+				if (!X509V3_add_value(args[1], args[2], &headers))
+					goto end;
+				args += 2;
+				}
+			else badarg = 1;
+			}
 		else if (!strcmp(*args, "-ignore_err"))
 			ignore_err = 1;
 		else if (!strcmp(*args, "-noverify"))
@@ -383,9 +442,10 @@ int MAIN(int argc, char **argv)
 				cert = load_cert(bio_err, *args, FORMAT_PEM,
 					NULL, e, "certificate");
 				if(!cert) goto end;
-				if(!add_ocsp_cert(&req, cert, issuer, ids))
+				if (!cert_id_md) cert_id_md = EVP_sha1();
+				if(!add_ocsp_cert(&req, cert, cert_id_md, issuer, ids))
 					goto end;
-				if(!sk_push(reqnames, *args))
+				if(!sk_OPENSSL_STRING_push(reqnames, *args))
 					goto end;
 				}
 			else badarg = 1;
@@ -395,9 +455,10 @@ int MAIN(int argc, char **argv)
 			if (args[1])
 				{
 				args++;
-				if(!add_ocsp_serial(&req, *args, issuer, ids))
+				if (!cert_id_md) cert_id_md = EVP_sha1();
+				if(!add_ocsp_serial(&req, *args, cert_id_md, issuer, ids))
 					goto end;
-				if(!sk_push(reqnames, *args))
+				if(!sk_OPENSSL_STRING_push(reqnames, *args))
 					goto end;
 				}
 			else badarg = 1;
@@ -497,7 +558,10 @@ int MAIN(int argc, char **argv)
 				}
 			else badarg = 1;
 			}
-		else badarg = 1;
+		else if ((cert_id_md = EVP_get_digestbyname((*args)+1))==NULL)
+			{
+			badarg = 1;
+			}
 		args++;
 		}
 
@@ -553,6 +617,7 @@ int MAIN(int argc, char **argv)
 		BIO_printf (bio_err, "-ndays n	 	 number of days before next update\n");
 		BIO_printf (bio_err, "-resp_key_id       identify reponse by signing certificate key ID\n");
 		BIO_printf (bio_err, "-nrequest n        number of requests to accept (default unlimited)\n");
+		BIO_printf (bio_err, "-<dgst alg>     use specified digest in the request");
 		goto end;
 		}
 
@@ -659,7 +724,8 @@ int MAIN(int argc, char **argv)
 			"signer private key");
 		if (!key)
 			goto end;
-		if (!OCSP_request_sign(req, signer, key, EVP_sha1(), sign_other, sign_flags))
+
+		if (!OCSP_request_sign(req, signer, key, NULL, sign_other, sign_flags))
 			{
 			BIO_printf(bio_err, "Error signing OCSP request\n");
 			goto end;
@@ -702,47 +768,14 @@ int MAIN(int argc, char **argv)
 	else if (host)
 		{
 #ifndef OPENSSL_NO_SOCK
-		cbio = BIO_new_connect(host);
+		resp = process_responder(bio_err, req, host, path,
+					port, use_ssl, headers, req_timeout);
+		if (!resp)
+			goto end;
 #else
 		BIO_printf(bio_err, "Error creating connect BIO - sockets not supported.\n");
 		goto end;
 #endif
-		if (!cbio)
-			{
-			BIO_printf(bio_err, "Error creating connect BIO\n");
-			goto end;
-			}
-		if (port) BIO_set_conn_port(cbio, port);
-		if (use_ssl == 1)
-			{
-			BIO *sbio;
-#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
-			ctx = SSL_CTX_new(SSLv23_client_method());
-#elif !defined(OPENSSL_NO_SSL3)
-			ctx = SSL_CTX_new(SSLv3_client_method());
-#elif !defined(OPENSSL_NO_SSL2)
-			ctx = SSL_CTX_new(SSLv2_client_method());
-#else
-			BIO_printf(bio_err, "SSL is disabled\n");
-			goto end;
-#endif
-			SSL_CTX_set_mode(ctx, SSL_MODE_AUTO_RETRY);
-			sbio = BIO_new_ssl(ctx, 1);
-			cbio = BIO_push(sbio, cbio);
-			}
-		if (BIO_do_connect(cbio) <= 0)
-			{
-			BIO_printf(bio_err, "Error connecting BIO\n");
-			goto end;
-			}
-		resp = OCSP_sendreq_bio(cbio, path, req);
-		BIO_free_all(cbio);
-		cbio = NULL;
-		if (!resp)
-			{
-			BIO_printf(bio_err, "Error querying OCSP responsder\n");
-			goto end;
-			}
 		}
 	else if (respin)
 		{
@@ -881,23 +914,23 @@ end:
 	OCSP_REQUEST_free(req);
 	OCSP_RESPONSE_free(resp);
 	OCSP_BASICRESP_free(bs);
-	sk_free(reqnames);
+	sk_OPENSSL_STRING_free(reqnames);
 	sk_OCSP_CERTID_free(ids);
 	sk_X509_pop_free(sign_other, X509_free);
 	sk_X509_pop_free(verify_other, X509_free);
+	sk_CONF_VALUE_pop_free(headers, X509V3_conf_free);
 
 	if (use_ssl != -1)
 		{
 		OPENSSL_free(host);
 		OPENSSL_free(port);
 		OPENSSL_free(path);
-		SSL_CTX_free(ctx);
 		}
 
 	OPENSSL_EXIT(ret);
 }
 
-static int add_ocsp_cert(OCSP_REQUEST **req, X509 *cert, X509 *issuer,
+static int add_ocsp_cert(OCSP_REQUEST **req, X509 *cert, const EVP_MD *cert_id_md,X509 *issuer,
 				STACK_OF(OCSP_CERTID) *ids)
 	{
 	OCSP_CERTID *id;
@@ -908,7 +941,7 @@ static int add_ocsp_cert(OCSP_REQUEST **req, X509 *cert, X509 *issuer,
 		}
 	if(!*req) *req = OCSP_REQUEST_new();
 	if(!*req) goto err;
-	id = OCSP_cert_to_id(NULL, cert, issuer);
+	id = OCSP_cert_to_id(cert_id_md, cert, issuer);
 	if(!id || !sk_OCSP_CERTID_push(ids, id)) goto err;
 	if(!OCSP_request_add0_id(*req, id)) goto err;
 	return 1;
@@ -918,7 +951,7 @@ static int add_ocsp_cert(OCSP_REQUEST **req, X509 *cert, X509 *issuer,
 	return 0;
 	}
 
-static int add_ocsp_serial(OCSP_REQUEST **req, char *serial, X509 *issuer,
+static int add_ocsp_serial(OCSP_REQUEST **req, char *serial,const EVP_MD *cert_id_md, X509 *issuer,
 				STACK_OF(OCSP_CERTID) *ids)
 	{
 	OCSP_CERTID *id;
@@ -940,7 +973,7 @@ static int add_ocsp_serial(OCSP_REQUEST **req, char *serial, X509 *issuer,
 		BIO_printf(bio_err, "Error converting serial number %s\n", serial);
 		return 0;
 		}
-	id = OCSP_cert_id_new(EVP_sha1(), iname, ikey, sno);
+	id = OCSP_cert_id_new(cert_id_md, iname, ikey, sno);
 	ASN1_INTEGER_free(sno);
 	if(!id || !sk_OCSP_CERTID_push(ids, id)) goto err;
 	if(!OCSP_request_add0_id(*req, id)) goto err;
@@ -952,8 +985,9 @@ static int add_ocsp_serial(OCSP_REQUEST **req, char *serial, X509 *issuer,
 	}
 
 static int print_ocsp_summary(BIO *out, OCSP_BASICRESP *bs, OCSP_REQUEST *req,
-					STACK *names, STACK_OF(OCSP_CERTID) *ids,
-					long nsec, long maxage)
+			      STACK_OF(OPENSSL_STRING) *names,
+			      STACK_OF(OCSP_CERTID) *ids, long nsec,
+			      long maxage)
 	{
 	OCSP_CERTID *id;
 	char *name;
@@ -963,13 +997,13 @@ static int print_ocsp_summary(BIO *out, OCSP_BASICRESP *bs, OCSP_REQUEST *req,
 
 	ASN1_GENERALIZEDTIME *rev, *thisupd, *nextupd;
 
-	if (!bs || !req || !sk_num(names) || !sk_OCSP_CERTID_num(ids))
+	if (!bs || !req || !sk_OPENSSL_STRING_num(names) || !sk_OCSP_CERTID_num(ids))
 		return 1;
 
 	for (i = 0; i < sk_OCSP_CERTID_num(ids); i++)
 		{
 		id = sk_OCSP_CERTID_value(ids, i);
-		name = sk_value(names, i);
+		name = sk_OPENSSL_STRING_value(names, i);
 		BIO_printf(out, "%s: ", name);
 
 		if(!OCSP_resp_find_status(bs, id, &status, &reason,
@@ -1026,7 +1060,6 @@ static int make_ocsp_response(OCSP_RESPONSE **resp, OCSP_REQUEST *req, CA_DB *db
 	OCSP_BASICRESP *bs = NULL;
 	int i, id_count, ret = 1;
 
-
 	id_count = OCSP_request_onereq_count(req);
 
 	if (id_count <= 0)
@@ -1035,7 +1068,6 @@ static int make_ocsp_response(OCSP_RESPONSE **resp, OCSP_REQUEST *req, CA_DB *db
 		goto end;
 		}
 
-	ca_id = OCSP_cert_to_id(EVP_sha1(), NULL, ca);
 
 	bs = OCSP_BASICRESP_new();
 	thisupd = X509_gmtime_adj(NULL, 0);
@@ -1048,8 +1080,23 @@ static int make_ocsp_response(OCSP_RESPONSE **resp, OCSP_REQUEST *req, CA_DB *db
 		OCSP_ONEREQ *one;
 		ASN1_INTEGER *serial;
 		char **inf;
+		ASN1_OBJECT *cert_id_md_oid;
+		const EVP_MD *cert_id_md;
 		one = OCSP_request_onereq_get0(req, i);
 		cid = OCSP_onereq_get0_id(one);
+
+		OCSP_id_get0_info(NULL,&cert_id_md_oid, NULL,NULL, cid);
+
+		cert_id_md = EVP_get_digestbyobj(cert_id_md_oid);	
+		if (! cert_id_md) 
+			{
+			*resp = OCSP_response_create(OCSP_RESPONSE_STATUS_INTERNALERROR,
+				NULL);
+				goto end;
+			}	
+		if (ca_id) OCSP_CERTID_free(ca_id);
+		ca_id = OCSP_cert_to_id(cert_id_md, NULL, ca);
+
 		/* Is this request about our CA? */
 		if (OCSP_id_issuer_cmp(ca_id, cid))
 			{
@@ -1094,8 +1141,8 @@ static int make_ocsp_response(OCSP_RESPONSE **resp, OCSP_REQUEST *req, CA_DB *db
 		}
 
 	OCSP_copy_nonce(bs, req);
-		
-	OCSP_basic_sign(bs, rcert, rkey, EVP_sha1(), rother, flags);
+	
+	OCSP_basic_sign(bs, rcert, rkey, NULL, rother, flags);
 
 	*resp = OCSP_response_create(OCSP_RESPONSE_STATUS_SUCCESSFUL, bs);
 
@@ -1115,6 +1162,7 @@ static char **lookup_serial(CA_DB *db, ASN1_INTEGER *ser)
 	char *itmp, *row[DB_NUMBER],**rrow;
 	for (i = 0; i < DB_NUMBER; i++) row[i] = NULL;
 	bn = ASN1_INTEGER_to_BN(ser,NULL);
+	OPENSSL_assert(bn); /* FIXME: should report an error at this point and abort */
 	if (BN_is_zero(bn))
 		itmp = BUF_strdup("00");
 	else
@@ -1221,8 +1269,153 @@ static int send_ocsp_response(BIO *cbio, OCSP_RESPONSE *resp)
 		return 0;
 	BIO_printf(cbio, http_resp, i2d_OCSP_RESPONSE(resp, NULL));
 	i2d_OCSP_RESPONSE_bio(cbio, resp);
-	BIO_flush(cbio);
+	(void)BIO_flush(cbio);
 	return 1;
 	}
 
+static OCSP_RESPONSE *query_responder(BIO *err, BIO *cbio, char *path,
+				STACK_OF(CONF_VALUE) *headers,
+				OCSP_REQUEST *req, int req_timeout)
+	{
+	int fd;
+	int rv;
+	int i;
+	OCSP_REQ_CTX *ctx = NULL;
+	OCSP_RESPONSE *rsp = NULL;
+	fd_set confds;
+	struct timeval tv;
+
+	if (req_timeout != -1)
+		BIO_set_nbio(cbio, 1);
+
+	rv = BIO_do_connect(cbio);
+
+	if ((rv <= 0) && ((req_timeout == -1) || !BIO_should_retry(cbio)))
+		{
+		BIO_puts(err, "Error connecting BIO\n");
+		return NULL;
+		}
+
+	if (BIO_get_fd(cbio, &fd) <= 0)
+		{
+		BIO_puts(err, "Can't get connection fd\n");
+		goto err;
+		}
+
+	if (req_timeout != -1 && rv <= 0)
+		{
+		FD_ZERO(&confds);
+		openssl_fdset(fd, &confds);
+		tv.tv_usec = 0;
+		tv.tv_sec = req_timeout;
+		rv = select(fd + 1, NULL, (void *)&confds, NULL, &tv);
+		if (rv == 0)
+			{
+			BIO_puts(err, "Timeout on connect\n");
+			return NULL;
+			}
+		}
+
+
+	ctx = OCSP_sendreq_new(cbio, path, NULL, -1);
+	if (!ctx)
+		return NULL;
+
+	for (i = 0; i < sk_CONF_VALUE_num(headers); i++)
+		{
+		CONF_VALUE *hdr = sk_CONF_VALUE_value(headers, i);
+		if (!OCSP_REQ_CTX_add1_header(ctx, hdr->name, hdr->value))
+			goto err;
+		}
+
+	if (!OCSP_REQ_CTX_set1_req(ctx, req))
+		goto err;
+	
+	for (;;)
+		{
+		rv = OCSP_sendreq_nbio(&rsp, ctx);
+		if (rv != -1)
+			break;
+		if (req_timeout == -1)
+			continue;
+		FD_ZERO(&confds);
+		openssl_fdset(fd, &confds);
+		tv.tv_usec = 0;
+		tv.tv_sec = req_timeout;
+		if (BIO_should_read(cbio))
+			rv = select(fd + 1, (void *)&confds, NULL, NULL, &tv);
+		else if (BIO_should_write(cbio))
+			rv = select(fd + 1, NULL, (void *)&confds, NULL, &tv);
+		else
+			{
+			BIO_puts(err, "Unexpected retry condition\n");
+			goto err;
+			}
+		if (rv == 0)
+			{
+			BIO_puts(err, "Timeout on request\n");
+			break;
+			}
+		if (rv == -1)
+			{
+			BIO_puts(err, "Select error\n");
+			break;
+			}
+
+		}
+	err:
+	if (ctx)
+		OCSP_REQ_CTX_free(ctx);
+
+	return rsp;
+	}
+
+OCSP_RESPONSE *process_responder(BIO *err, OCSP_REQUEST *req,
+			char *host, char *path, char *port, int use_ssl,
+			STACK_OF(CONF_VALUE) *headers,
+			int req_timeout)
+	{
+	BIO *cbio = NULL;
+	SSL_CTX *ctx = NULL;
+	OCSP_RESPONSE *resp = NULL;
+	cbio = BIO_new_connect(host);
+	if (!cbio)
+		{
+		BIO_printf(err, "Error creating connect BIO\n");
+		goto end;
+		}
+	if (port) BIO_set_conn_port(cbio, port);
+	if (use_ssl == 1)
+		{
+		BIO *sbio;
+#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
+		ctx = SSL_CTX_new(SSLv23_client_method());
+#elif !defined(OPENSSL_NO_SSL3)
+		ctx = SSL_CTX_new(SSLv3_client_method());
+#elif !defined(OPENSSL_NO_SSL2)
+		ctx = SSL_CTX_new(SSLv2_client_method());
+#else
+		BIO_printf(err, "SSL is disabled\n");
+			goto end;
+#endif
+		if (ctx == NULL)
+			{
+			BIO_printf(err, "Error creating SSL context.\n");
+			goto end;
+			}
+		SSL_CTX_set_mode(ctx, SSL_MODE_AUTO_RETRY);
+		sbio = BIO_new_ssl(ctx, 1);
+		cbio = BIO_push(sbio, cbio);
+		}
+	resp = query_responder(err, cbio, path, headers, req, req_timeout);
+	if (!resp)
+		BIO_printf(bio_err, "Error querying OCSP responsder\n");
+	end:
+	if (cbio)
+		BIO_free_all(cbio);
+	if (ctx)
+		SSL_CTX_free(ctx);
+	return resp;
+	}
+
 #endif
diff --git a/apps/openssl-vms.cnf b/apps/openssl-vms.cnf
index 7d5fec3747..8182961f7e 100644
--- a/apps/openssl-vms.cnf
+++ b/apps/openssl-vms.cnf
@@ -21,12 +21,17 @@ oid_section		= new_oids
 
 [ new_oids ]
 
-# We can add new OIDs in here for use by 'ca' and 'req'.
+# We can add new OIDs in here for use by 'ca', 'req' and 'ts'.
 # Add a simple OID like this:
 # testoid1=1.2.3.4
 # Or use config file substitution like this:
 # testoid2=${testoid1}.5.6
 
+# Policies used by the TSA examples.
+tsa_policy1 = 1.2.3.4.1
+tsa_policy2 = 1.2.3.4.5.6
+tsa_policy3 = 1.2.3.4.5.7
+
 ####################################################################
 [ ca ]
 default_ca	= CA_default		# The default ca section
@@ -67,7 +72,7 @@ cert_opt 	= ca_default		# Certificate field options
 
 default_days	= 365			# how long to certify for
 default_crl_days= 30			# how long before next CRL
-default_md	= md5			# which md to use.
+default_md	= default		# use public key default MD
 preserve	= no			# keep passed DN ordering
 
 # A few difference way of specifying how similar the request should look
@@ -110,13 +115,12 @@ x509_extensions	= v3_ca	# The extentions to add to the self signed cert
 
 # This sets a mask for permitted string types. There are several options. 
 # default: PrintableString, T61String, BMPString.
-# pkix	 : PrintableString, BMPString.
-# utf8only: only UTF8Strings.
+# pkix	 : PrintableString, BMPString (PKIX recommendation before 2004)
+# utf8only: only UTF8Strings (PKIX recommendation after 2004).
 # nombstr : PrintableString, T61String (no BMPStrings or UTF8Strings).
 # MASK:XXXX a literal mask value.
-# WARNING: current versions of Netscape crash on BMPStrings or UTF8Strings
-# so use this option with caution!
-string_mask = nombstr
+# WARNING: ancient versions of Netscape crash on BMPStrings or UTF8Strings.
+string_mask = utf8only
 
 # req_extensions = v3_req # The extensions to add to a certificate request
 
@@ -188,7 +192,7 @@ nsComment			= "OpenSSL Generated Certificate"
 
 # PKIX recommendations harmless if included in all certificates.
 subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid,issuer:always
+authorityKeyIdentifier=keyid,issuer
 
 # This stuff is for subjectAltName and issuerAltname.
 # Import the email address.
@@ -207,6 +211,9 @@ authorityKeyIdentifier=keyid,issuer:always
 #nsCaPolicyUrl
 #nsSslServerName
 
+# This is required for TSA certificates.
+# extendedKeyUsage = critical,timeStamping
+
 [ v3_req ]
 
 # Extensions to add to a certificate request
@@ -224,7 +231,7 @@ keyUsage = nonRepudiation, digitalSignature, keyEncipherment
 
 subjectKeyIdentifier=hash
 
-authorityKeyIdentifier=keyid:always,issuer:always
+authorityKeyIdentifier=keyid:always,issuer
 
 # This is what PKIX recommends but some broken software chokes on critical
 # extensions.
@@ -257,7 +264,7 @@ basicConstraints = CA:true
 # Only issuerAltName and authorityKeyIdentifier make any sense in a CRL.
 
 # issuerAltName=issuer:copy
-authorityKeyIdentifier=keyid:always,issuer:always
+authorityKeyIdentifier=keyid:always
 
 [ proxy_cert_ext ]
 # These extensions should be added when creating a proxy certificate
@@ -290,7 +297,7 @@ nsComment			= "OpenSSL Generated Certificate"
 
 # PKIX recommendations harmless if included in all certificates.
 subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid,issuer:always
+authorityKeyIdentifier=keyid,issuer
 
 # This stuff is for subjectAltName and issuerAltname.
 # Import the email address.
@@ -311,3 +318,33 @@ authorityKeyIdentifier=keyid,issuer:always
 
 # This really needs to be in place for it to be a proxy certificate.
 proxyCertInfo=critical,language:id-ppl-anyLanguage,pathlen:3,policy:foo
+
+####################################################################
+[ tsa ]
+
+default_tsa = tsa_config1	# the default TSA section
+
+[ tsa_config1 ]
+
+# These are used by the TSA reply generation only.
+dir		= sys\$disk:[.demoCA		# TSA root directory
+serial		= $dir]tsaserial.	# The current serial number (mandatory)
+crypto_device	= builtin		# OpenSSL engine to use for signing
+signer_cert	= $dir/tsacert.pem 	# The TSA signing certificate
+					# (optional)
+certs		= $dir.cacert.pem]	# Certificate chain to include in reply
+					# (optional)
+signer_key	= $dir/private/tsakey.pem # The TSA private key (optional)
+
+default_policy	= tsa_policy1		# Policy if request did not specify it
+					# (optional)
+other_policies	= tsa_policy2, tsa_policy3	# acceptable policies (optional)
+digests		= md5, sha1		# Acceptable message digests (mandatory)
+accuracy	= secs:1, millisecs:500, microsecs:100	# (optional)
+clock_precision_digits  = 0	# number of digits after dot. (optional)
+ordering		= yes	# Is ordering defined for timestamps?
+				# (optional, default: no)
+tsa_name		= yes	# Must the TSA name be included in the reply?
+				# (optional, default: no)
+ess_cert_id_chain	= no	# Must the ESS cert id chain be included?
+				# (optional, default: no)
diff --git a/apps/openssl.c b/apps/openssl.c
index 9f85495075..e998d2cbac 100644
--- a/apps/openssl.c
+++ b/apps/openssl.c
@@ -56,7 +56,7 @@
  * [including the GNU Public Licence.]
  */
 /* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -152,7 +152,11 @@ typedef char ** Argv_t;
 #pragma __required_pointer_size __restore
 #endif
 
-static int do_cmd(LHASH *prog,int argc,char *argv[]);
+static LHASH_OF(FUNCTION) *prog_init(void );
+static int do_cmd(LHASH_OF(FUNCTION) *prog,int argc,char *argv[]);
+static void list_pkey(BIO *out);
+static void list_cipher(BIO *out);
+static void list_md(BIO *out);
 char *default_config_file=NULL;
 
 /* Make sure there is only one when MONOLITH is defined */
@@ -232,12 +236,13 @@ int main(int Argc, Argv_t Argv)
 #define PROG_NAME_SIZE	39
 	char pname[PROG_NAME_SIZE+1];
 	FUNCTION f,*fp;
-	MS_STATIC char *prompt,buf[1024];
+	MS_STATIC const char *prompt;
+	MS_STATIC char buf[1024];
 	char *to_free=NULL;
 	int n,i,ret=0;
 	int argc;
 	char **argv,*p;
-	LHASH *prog=NULL;
+	LHASH_OF(FUNCTION) *prog=NULL;
 	long errline;
  
 	arg.data=NULL;
@@ -284,9 +289,21 @@ int main(int Argc, Argv_t Argv)
 	i=NCONF_load(config,p,&errline);
 	if (i == 0)
 		{
-		NCONF_free(config);
-		config = NULL;
-		ERR_clear_error();
+		if (ERR_GET_REASON(ERR_peek_last_error())
+		    == CONF_R_NO_SUCH_FILE)
+			{
+			BIO_printf(bio_err,
+				   "WARNING: can't open config file: %s\n",p);
+			ERR_clear_error();
+			NCONF_free(config);
+			config = NULL;
+			}
+		else
+			{
+			ERR_print_errors(bio_err);
+			NCONF_free(config);
+			exit(1);
+			}
 		}
 
 	prog=prog_init();
@@ -295,7 +312,7 @@ int main(int Argc, Argv_t Argv)
 	program_name(Argv[0],pname,sizeof pname);
 
 	f.name=pname;
-	fp=(FUNCTION *)lh_retrieve(prog,&f);
+	fp=lh_FUNCTION_retrieve(prog,&f);
 	if (fp != NULL)
 		{
 		Argv[0]=pname;
@@ -344,7 +361,8 @@ int main(int Argc, Argv_t Argv)
 			else	prompt="OpenSSL> ";
 			fputs(prompt,stdout);
 			fflush(stdout);
-			fgets(p,n,stdin);
+			if (!fgets(p,n,stdin))
+				goto end;
 			if (p[0] == '\0') goto end;
 			i=strlen(p);
 			if (i <= 1) break;
@@ -375,7 +393,7 @@ end:
 		NCONF_free(config);
 		config=NULL;
 		}
-	if (prog != NULL) lh_free(prog);
+	if (prog != NULL) lh_FUNCTION_free(prog);
 	if (arg.data != NULL) OPENSSL_free(arg.data);
 
 	apps_shutdown();
@@ -391,9 +409,13 @@ end:
 
 #define LIST_STANDARD_COMMANDS "list-standard-commands"
 #define LIST_MESSAGE_DIGEST_COMMANDS "list-message-digest-commands"
+#define LIST_MESSAGE_DIGEST_ALGORITHMS "list-message-digest-algorithms"
 #define LIST_CIPHER_COMMANDS "list-cipher-commands"
+#define LIST_CIPHER_ALGORITHMS "list-cipher-algorithms"
+#define LIST_PUBLIC_KEY_ALGORITHMS "list-public-key-algorithms"
+
 
-static int do_cmd(LHASH *prog, int argc, char *argv[])
+static int do_cmd(LHASH_OF(FUNCTION) *prog, int argc, char *argv[])
 	{
 	FUNCTION f,*fp;
 	int i,ret=1,tp,nl;
@@ -401,7 +423,22 @@ static int do_cmd(LHASH *prog, int argc, char *argv[])
 	if ((argc <= 0) || (argv[0] == NULL))
 		{ ret=0; goto end; }
 	f.name=argv[0];
-	fp=(FUNCTION *)lh_retrieve(prog,&f);
+	fp=lh_FUNCTION_retrieve(prog,&f);
+	if (fp == NULL)
+		{
+		if (EVP_get_digestbyname(argv[0]))
+			{
+			f.type = FUNC_TYPE_MD;
+			f.func = dgst_main;
+			fp = &f;
+			}
+		else if (EVP_get_cipherbyname(argv[0]))
+			{
+			f.type = FUNC_TYPE_CIPHER;
+			f.func = enc_main;
+			fp = &f;
+			}
+		}
 	if (fp != NULL)
 		{
 		ret=fp->func(argc,argv);
@@ -416,7 +453,7 @@ static int do_cmd(LHASH *prog, int argc, char *argv[])
 		}
 #endif
 		f.name=argv[0]+3;
-		ret = (lh_retrieve(prog,&f) != NULL);
+		ret = (lh_FUNCTION_retrieve(prog,&f) != NULL);
 		if (!ret)
 			BIO_printf(bio_stdout, "%s\n", argv[0]);
 		else
@@ -434,7 +471,10 @@ static int do_cmd(LHASH *prog, int argc, char *argv[])
 		}
 	else if ((strcmp(argv[0],LIST_STANDARD_COMMANDS) == 0) ||
 		(strcmp(argv[0],LIST_MESSAGE_DIGEST_COMMANDS) == 0) ||
-		(strcmp(argv[0],LIST_CIPHER_COMMANDS) == 0))
+		(strcmp(argv[0],LIST_MESSAGE_DIGEST_ALGORITHMS) == 0) ||
+		(strcmp(argv[0],LIST_CIPHER_COMMANDS) == 0) ||
+		(strcmp(argv[0],LIST_CIPHER_ALGORITHMS) == 0) ||
+		(strcmp(argv[0],LIST_PUBLIC_KEY_ALGORITHMS) == 0))
 		{
 		int list_type;
 		BIO *bio_stdout;
@@ -443,6 +483,12 @@ static int do_cmd(LHASH *prog, int argc, char *argv[])
 			list_type = FUNC_TYPE_GENERAL;
 		else if (strcmp(argv[0],LIST_MESSAGE_DIGEST_COMMANDS) == 0)
 			list_type = FUNC_TYPE_MD;
+		else if (strcmp(argv[0],LIST_MESSAGE_DIGEST_ALGORITHMS) == 0)
+			list_type = FUNC_TYPE_MD_ALG;
+		else if (strcmp(argv[0],LIST_PUBLIC_KEY_ALGORITHMS) == 0)
+			list_type = FUNC_TYPE_PKEY;
+		else if (strcmp(argv[0],LIST_CIPHER_ALGORITHMS) == 0)
+			list_type = FUNC_TYPE_CIPHER_ALG;
 		else /* strcmp(argv[0],LIST_CIPHER_COMMANDS) == 0 */
 			list_type = FUNC_TYPE_CIPHER;
 		bio_stdout = BIO_new_fp(stdout,BIO_NOCLOSE);
@@ -452,10 +498,23 @@ static int do_cmd(LHASH *prog, int argc, char *argv[])
 		bio_stdout = BIO_push(tmpbio, bio_stdout);
 		}
 #endif
-		
-		for (fp=functions; fp->name != NULL; fp++)
-			if (fp->type == list_type)
-				BIO_printf(bio_stdout, "%s\n", fp->name);
+
+		if (!load_config(bio_err, NULL))
+			goto end;
+
+		if (list_type == FUNC_TYPE_PKEY)
+			list_pkey(bio_stdout);	
+		if (list_type == FUNC_TYPE_MD_ALG)
+			list_md(bio_stdout);	
+		if (list_type == FUNC_TYPE_CIPHER_ALG)
+			list_cipher(bio_stdout);	
+		else
+			{
+			for (fp=functions; fp->name != NULL; fp++)
+				if (fp->type == list_type)
+					BIO_printf(bio_stdout, "%s\n",
+								fp->name);
+			}
 		BIO_free_all(bio_stdout);
 		ret=0;
 		goto end;
@@ -470,7 +529,11 @@ static int do_cmd(LHASH *prog, int argc, char *argv[])
 		for (fp=functions; fp->name != NULL; fp++)
 			{
 			nl=0;
+#ifdef OPENSSL_NO_CAMELLIA
 			if (((i++) % 5) == 0)
+#else
+			if (((i++) % 4) == 0)
+#endif
 				{
 				BIO_printf(bio_err,"\n");
 				nl=1;
@@ -491,7 +554,11 @@ static int do_cmd(LHASH *prog, int argc, char *argv[])
 					BIO_printf(bio_err,"\nCipher commands (see the `enc' command for more details)\n");
 					}
 				}
+#ifdef OPENSSL_NO_CAMELLIA
 			BIO_printf(bio_err,"%-15s",fp->name);
+#else
+			BIO_printf(bio_err,"%-18s",fp->name);
+#endif
 			}
 		BIO_printf(bio_err,"\n\n");
 		ret=0;
@@ -510,34 +577,107 @@ static int SortFnByName(const void *_f1,const void *_f2)
     return strcmp(f1->name,f2->name);
     }
 
-static LHASH *prog_init(void)
+static void list_pkey(BIO *out)
 	{
-	LHASH *ret;
-	FUNCTION *f;
 	int i;
+	for (i = 0; i < EVP_PKEY_asn1_get_count(); i++)
+		{
+		const EVP_PKEY_ASN1_METHOD *ameth;
+		int pkey_id, pkey_base_id, pkey_flags;
+		const char *pinfo, *pem_str;
+		ameth = EVP_PKEY_asn1_get0(i);
+		EVP_PKEY_asn1_get0_info(&pkey_id, &pkey_base_id, &pkey_flags,
+						&pinfo, &pem_str, ameth);
+		if (pkey_flags & ASN1_PKEY_ALIAS)
+			{
+			BIO_printf(out, "Name: %s\n", 
+					OBJ_nid2ln(pkey_id));
+			BIO_printf(out, "\tType: Alias to %s\n",
+					OBJ_nid2ln(pkey_base_id));
+			}
+		else
+			{
+			BIO_printf(out, "Name: %s\n", pinfo);
+			BIO_printf(out, "\tType: %s Algorithm\n", 
+				pkey_flags & ASN1_PKEY_DYNAMIC ?
+					"External" : "Builtin");
+			BIO_printf(out, "\tOID: %s\n", OBJ_nid2ln(pkey_id));
+			if (pem_str == NULL)
+				pem_str = "(none)";
+			BIO_printf(out, "\tPEM string: %s\n", pem_str);
+			}
+					
+		}
+	}
+
+static void list_cipher_fn(const EVP_CIPHER *c,
+			const char *from, const char *to, void *arg)
+	{
+	if (c)
+		BIO_printf(arg, "%s\n", EVP_CIPHER_name(c));
+	else
+		{
+		if (!from)
+			from = "<undefined>";
+		if (!to)
+			to = "<undefined>";
+		BIO_printf(arg, "%s => %s\n", from, to);
+		}
+	}
+
+static void list_cipher(BIO *out)
+	{
+	EVP_CIPHER_do_all_sorted(list_cipher_fn, out);
+	}
+
+static void list_md_fn(const EVP_MD *m,
+			const char *from, const char *to, void *arg)
+	{
+	if (m)
+		BIO_printf(arg, "%s\n", EVP_MD_name(m));
+	else
+		{
+		if (!from)
+			from = "<undefined>";
+		if (!to)
+			to = "<undefined>";
+		BIO_printf(arg, "%s => %s\n", from, to);
+		}
+	}
+
+static void list_md(BIO *out)
+	{
+	EVP_MD_do_all_sorted(list_md_fn, out);
+	}
+
+static int MS_CALLBACK function_cmp(const FUNCTION *a, const FUNCTION *b)
+	{
+	return strncmp(a->name,b->name,8);
+	}
+static IMPLEMENT_LHASH_COMP_FN(function, FUNCTION)
+
+static unsigned long MS_CALLBACK function_hash(const FUNCTION *a)
+	{
+	return lh_strhash(a->name);
+	}	
+static IMPLEMENT_LHASH_HASH_FN(function, FUNCTION)
+
+static LHASH_OF(FUNCTION) *prog_init(void)
+	{
+	LHASH_OF(FUNCTION) *ret;
+	FUNCTION *f;
+	size_t i;
 
 	/* Purely so it looks nice when the user hits ? */
 	for(i=0,f=functions ; f->name != NULL ; ++f,++i)
 	    ;
 	qsort(functions,i,sizeof *functions,SortFnByName);
 
-	if ((ret=lh_new(hash, cmp)) == NULL)
+	if ((ret=lh_FUNCTION_new()) == NULL)
 		return(NULL);
 
 	for (f=functions; f->name != NULL; f++)
-		lh_insert(ret,f);
+		(void)lh_FUNCTION_insert(ret,f);
 	return(ret);
 	}
 
-/* static int MS_CALLBACK cmp(FUNCTION *a, FUNCTION *b) */
-static int MS_CALLBACK cmp(const void *a_void, const void *b_void)
-	{
-	return(strncmp(((FUNCTION *)a_void)->name,
-			((FUNCTION *)b_void)->name,8));
-	}
-
-/* static unsigned long MS_CALLBACK hash(FUNCTION *a) */
-static unsigned long MS_CALLBACK hash(const void *a_void)
-	{
-	return(lh_strhash(((FUNCTION *)a_void)->name));
-	}
diff --git a/apps/openssl.cnf b/apps/openssl.cnf
index 6d731cbe8b..9d2cd5bfa5 100644
--- a/apps/openssl.cnf
+++ b/apps/openssl.cnf
@@ -21,12 +21,17 @@ oid_section		= new_oids
 
 [ new_oids ]
 
-# We can add new OIDs in here for use by 'ca' and 'req'.
+# We can add new OIDs in here for use by 'ca', 'req' and 'ts'.
 # Add a simple OID like this:
 # testoid1=1.2.3.4
 # Or use config file substitution like this:
 # testoid2=${testoid1}.5.6
 
+# Policies used by the TSA examples.
+tsa_policy1 = 1.2.3.4.1
+tsa_policy2 = 1.2.3.4.5.6
+tsa_policy3 = 1.2.3.4.5.7
+
 ####################################################################
 [ ca ]
 default_ca	= CA_default		# The default ca section
@@ -67,7 +72,7 @@ cert_opt 	= ca_default		# Certificate field options
 
 default_days	= 365			# how long to certify for
 default_crl_days= 30			# how long before next CRL
-default_md	= md5			# which md to use.
+default_md	= default		# use public key default MD
 preserve	= no			# keep passed DN ordering
 
 # A few difference way of specifying how similar the request should look
@@ -110,13 +115,12 @@ x509_extensions	= v3_ca	# The extentions to add to the self signed cert
 
 # This sets a mask for permitted string types. There are several options. 
 # default: PrintableString, T61String, BMPString.
-# pkix	 : PrintableString, BMPString.
-# utf8only: only UTF8Strings.
+# pkix	 : PrintableString, BMPString (PKIX recommendation before 2004)
+# utf8only: only UTF8Strings (PKIX recommendation after 2004).
 # nombstr : PrintableString, T61String (no BMPStrings or UTF8Strings).
 # MASK:XXXX a literal mask value.
-# WARNING: current versions of Netscape crash on BMPStrings or UTF8Strings
-# so use this option with caution!
-string_mask = nombstr
+# WARNING: ancient versions of Netscape crash on BMPStrings or UTF8Strings.
+string_mask = utf8only
 
 # req_extensions = v3_req # The extensions to add to a certificate request
 
@@ -188,7 +192,7 @@ nsComment			= "OpenSSL Generated Certificate"
 
 # PKIX recommendations harmless if included in all certificates.
 subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid,issuer:always
+authorityKeyIdentifier=keyid,issuer
 
 # This stuff is for subjectAltName and issuerAltname.
 # Import the email address.
@@ -207,6 +211,9 @@ authorityKeyIdentifier=keyid,issuer:always
 #nsCaPolicyUrl
 #nsSslServerName
 
+# This is required for TSA certificates.
+# extendedKeyUsage = critical,timeStamping
+
 [ v3_req ]
 
 # Extensions to add to a certificate request
@@ -224,7 +231,7 @@ keyUsage = nonRepudiation, digitalSignature, keyEncipherment
 
 subjectKeyIdentifier=hash
 
-authorityKeyIdentifier=keyid:always,issuer:always
+authorityKeyIdentifier=keyid:always,issuer
 
 # This is what PKIX recommends but some broken software chokes on critical
 # extensions.
@@ -257,7 +264,7 @@ basicConstraints = CA:true
 # Only issuerAltName and authorityKeyIdentifier make any sense in a CRL.
 
 # issuerAltName=issuer:copy
-authorityKeyIdentifier=keyid:always,issuer:always
+authorityKeyIdentifier=keyid:always
 
 [ proxy_cert_ext ]
 # These extensions should be added when creating a proxy certificate
@@ -290,7 +297,7 @@ nsComment			= "OpenSSL Generated Certificate"
 
 # PKIX recommendations harmless if included in all certificates.
 subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid,issuer:always
+authorityKeyIdentifier=keyid,issuer
 
 # This stuff is for subjectAltName and issuerAltname.
 # Import the email address.
@@ -311,3 +318,33 @@ authorityKeyIdentifier=keyid,issuer:always
 
 # This really needs to be in place for it to be a proxy certificate.
 proxyCertInfo=critical,language:id-ppl-anyLanguage,pathlen:3,policy:foo
+
+####################################################################
+[ tsa ]
+
+default_tsa = tsa_config1	# the default TSA section
+
+[ tsa_config1 ]
+
+# These are used by the TSA reply generation only.
+dir		= ./demoCA		# TSA root directory
+serial		= $dir/tsaserial	# The current serial number (mandatory)
+crypto_device	= builtin		# OpenSSL engine to use for signing
+signer_cert	= $dir/tsacert.pem 	# The TSA signing certificate
+					# (optional)
+certs		= $dir/cacert.pem	# Certificate chain to include in reply
+					# (optional)
+signer_key	= $dir/private/tsakey.pem # The TSA private key (optional)
+
+default_policy	= tsa_policy1		# Policy if request did not specify it
+					# (optional)
+other_policies	= tsa_policy2, tsa_policy3	# acceptable policies (optional)
+digests		= md5, sha1		# Acceptable message digests (mandatory)
+accuracy	= secs:1, millisecs:500, microsecs:100	# (optional)
+clock_precision_digits  = 0	# number of digits after dot. (optional)
+ordering		= yes	# Is ordering defined for timestamps?
+				# (optional, default: no)
+tsa_name		= yes	# Must the TSA name be included in the reply?
+				# (optional, default: no)
+ess_cert_id_chain	= no	# Must the ESS cert id chain be included?
+				# (optional, default: no)
diff --git a/apps/passwd.c b/apps/passwd.c
index b9d9d7a36a..9ca25dd1da 100644
--- a/apps/passwd.c
+++ b/apps/passwd.c
@@ -359,13 +359,13 @@ static char *md5crypt(const char *passwd, const char *magic, const char *salt)
 	for (i = 0; i < 1000; i++)
 		{
 		EVP_DigestInit_ex(&md2,EVP_md5(), NULL);
-		EVP_DigestUpdate(&md2, (i & 1) ? (unsigned char *) passwd : buf,
+		EVP_DigestUpdate(&md2, (i & 1) ? (unsigned const char *) passwd : buf,
 		                       (i & 1) ? passwd_len : sizeof buf);
 		if (i % 3)
 			EVP_DigestUpdate(&md2, salt_out, salt_len);
 		if (i % 7)
 			EVP_DigestUpdate(&md2, passwd, passwd_len);
-		EVP_DigestUpdate(&md2, (i & 1) ? buf : (unsigned char *) passwd,
+		EVP_DigestUpdate(&md2, (i & 1) ? buf : (unsigned const char *) passwd,
 		                       (i & 1) ? sizeof buf : passwd_len);
 		EVP_DigestFinal_ex(&md2, buf, NULL);
 		}
@@ -474,7 +474,8 @@ static int do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p,
 	if ((strlen(passwd) > pw_maxlen))
 		{
 		if (!quiet)
-			BIO_printf(bio_err, "Warning: truncating password to %u characters\n", pw_maxlen);
+			/* XXX: really we should know how to print a size_t, not cast it */
+			BIO_printf(bio_err, "Warning: truncating password to %u characters\n", (unsigned)pw_maxlen);
 		passwd[pw_maxlen] = 0;
 		}
 	assert(strlen(passwd) <= pw_maxlen);
diff --git a/apps/pkcs12.c b/apps/pkcs12.c
index c92f713f5c..514a02e0f1 100644
--- a/apps/pkcs12.c
+++ b/apps/pkcs12.c
@@ -1,11 +1,9 @@
 /* pkcs12.c */
-#if !defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_SHA1)
-
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project.
  */
 /* ====================================================================
- * Copyright (c) 1999-2002 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2006 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -58,6 +56,9 @@
  *
  */
 
+#include <openssl/opensslconf.h>
+#if !defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_SHA1)
+
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
@@ -83,10 +84,11 @@ int dump_certs_keys_p12(BIO *out, PKCS12 *p12, char *pass, int passlen, int opti
 int dump_certs_pkeys_bags(BIO *out, STACK_OF(PKCS12_SAFEBAG) *bags, char *pass,
 			  int passlen, int options, char *pempass);
 int dump_certs_pkeys_bag(BIO *out, PKCS12_SAFEBAG *bags, char *pass, int passlen, int options, char *pempass);
-int print_attribs(BIO *out, STACK_OF(X509_ATTRIBUTE) *attrlst, char *name);
+int print_attribs(BIO *out, STACK_OF(X509_ATTRIBUTE) *attrlst,const char *name);
 void hex_prin(BIO *out, unsigned char *buf, int len);
 int alg_print(BIO *x, X509_ALGOR *alg);
 int cert_load(BIO *in, STACK_OF(X509) *sk);
+static int set_pbe(BIO *err, int *ppbe, const char *str);
 
 int MAIN(int, char **);
 
@@ -99,6 +101,7 @@ int MAIN(int argc, char **argv)
     char **args;
     char *name = NULL;
     char *csp_name = NULL;
+    int add_lmk = 0;
     PKCS12 *p12 = NULL;
     char pass[50], macpass[50];
     int export_cert = 0;
@@ -114,11 +117,12 @@ int MAIN(int argc, char **argv)
     int ret = 1;
     int macver = 1;
     int noprompt = 0;
-    STACK *canames = NULL;
+    STACK_OF(OPENSSL_STRING) *canames = NULL;
     char *cpass = NULL, *mpass = NULL;
     char *passargin = NULL, *passargout = NULL, *passarg = NULL;
     char *passin = NULL, *passout = NULL;
     char *inrand = NULL;
+    char *macalg = NULL;
     char *CApath = NULL, *CAfile = NULL;
 #ifndef OPENSSL_NO_ENGINE
     char *engine=NULL;
@@ -152,15 +156,23 @@ int MAIN(int argc, char **argv)
     			cert_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
 		else if (!strcmp (*args, "-export")) export_cert = 1;
 		else if (!strcmp (*args, "-des")) enc=EVP_des_cbc();
+		else if (!strcmp (*args, "-des3")) enc = EVP_des_ede3_cbc();
 #ifndef OPENSSL_NO_IDEA
 		else if (!strcmp (*args, "-idea")) enc=EVP_idea_cbc();
 #endif
-		else if (!strcmp (*args, "-des3")) enc = EVP_des_ede3_cbc();
+#ifndef OPENSSL_NO_SEED
+		else if (!strcmp(*args, "-seed")) enc=EVP_seed_cbc();
+#endif
 #ifndef OPENSSL_NO_AES
 		else if (!strcmp(*args,"-aes128")) enc=EVP_aes_128_cbc();
 		else if (!strcmp(*args,"-aes192")) enc=EVP_aes_192_cbc();
 		else if (!strcmp(*args,"-aes256")) enc=EVP_aes_256_cbc();
 #endif
+#ifndef OPENSSL_NO_CAMELLIA
+		else if (!strcmp(*args,"-camellia128")) enc=EVP_camellia_128_cbc();
+		else if (!strcmp(*args,"-camellia192")) enc=EVP_camellia_192_cbc();
+		else if (!strcmp(*args,"-camellia256")) enc=EVP_camellia_256_cbc();
+#endif
 		else if (!strcmp (*args, "-noiter")) iter = 1;
 		else if (!strcmp (*args, "-maciter"))
 					 maciter = PKCS12_DEFAULT_ITER;
@@ -168,32 +180,18 @@ int MAIN(int argc, char **argv)
 					 maciter = 1;
 		else if (!strcmp (*args, "-nomac"))
 					 maciter = -1;
+		else if (!strcmp (*args, "-macalg"))
+		    if (args[1]) {
+			args++;	
+			macalg = *args;
+		    } else badarg = 1;
 		else if (!strcmp (*args, "-nodes")) enc=NULL;
 		else if (!strcmp (*args, "-certpbe")) {
-			if (args[1]) {
-				args++;
-				if (!strcmp(*args, "NONE"))
-					cert_pbe = -1;
-				cert_pbe=OBJ_txt2nid(*args);
-				if(cert_pbe == NID_undef) {
-					BIO_printf(bio_err,
-						 "Unknown PBE algorithm %s\n", *args);
-					badarg = 1;
-				}
-			} else badarg = 1;
+			if (!set_pbe(bio_err, &cert_pbe, *++args))
+				badarg = 1;
 		} else if (!strcmp (*args, "-keypbe")) {
-			if (args[1]) {
-				args++;
-				if (!strcmp(*args, "NONE"))
-					key_pbe = -1;
-				else
-					key_pbe=OBJ_txt2nid(*args);
-				if(key_pbe == NID_undef) {
-					BIO_printf(bio_err,
-						 "Unknown PBE algorithm %s\n", *args);
-					badarg = 1;
-				}
-			} else badarg = 1;
+			if (!set_pbe(bio_err, &key_pbe, *++args))
+				badarg = 1;
 		} else if (!strcmp (*args, "-rand")) {
 		    if (args[1]) {
 			args++;	
@@ -214,7 +212,9 @@ int MAIN(int argc, char **argv)
 			args++;	
 			name = *args;
 		    } else badarg = 1;
-		} else if (!strcmp (*args, "-CSP")) {
+		} else if (!strcmp (*args, "-LMK"))
+			add_lmk = 1;
+		else if (!strcmp (*args, "-CSP")) {
 		    if (args[1]) {
 			args++;	
 			csp_name = *args;
@@ -222,8 +222,8 @@ int MAIN(int argc, char **argv)
 		} else if (!strcmp (*args, "-caname")) {
 		    if (args[1]) {
 			args++;	
-			if (!canames) canames = sk_new_null();
-			sk_push(canames, *args);
+			if (!canames) canames = sk_OPENSSL_STRING_new_null();
+			sk_OPENSSL_STRING_push(canames, *args);
 		    } else badarg = 1;
 		} else if (!strcmp (*args, "-in")) {
 		    if (args[1]) {
@@ -299,17 +299,27 @@ int MAIN(int argc, char **argv)
 #ifndef OPENSSL_NO_IDEA
 	BIO_printf (bio_err, "-idea         encrypt private keys with idea\n");
 #endif
+#ifndef OPENSSL_NO_SEED
+	BIO_printf (bio_err, "-seed         encrypt private keys with seed\n");
+#endif
 #ifndef OPENSSL_NO_AES
 	BIO_printf (bio_err, "-aes128, -aes192, -aes256\n");
 	BIO_printf (bio_err, "              encrypt PEM output with cbc aes\n");
 #endif
+#ifndef OPENSSL_NO_CAMELLIA
+	BIO_printf (bio_err, "-camellia128, -camellia192, -camellia256\n");
+	BIO_printf (bio_err, "              encrypt PEM output with cbc camellia\n");
+#endif
 	BIO_printf (bio_err, "-nodes        don't encrypt private keys\n");
 	BIO_printf (bio_err, "-noiter       don't use encryption iteration\n");
+	BIO_printf (bio_err, "-nomaciter    don't use MAC iteration\n");
 	BIO_printf (bio_err, "-maciter      use MAC iteration\n");
+	BIO_printf (bio_err, "-nomac        don't generate MAC\n");
 	BIO_printf (bio_err, "-twopass      separate MAC, encryption passwords\n");
 	BIO_printf (bio_err, "-descert      encrypt PKCS#12 certificates with triple DES (default RC2-40)\n");
 	BIO_printf (bio_err, "-certpbe alg  specify certificate PBE algorithm (default RC2-40)\n");
 	BIO_printf (bio_err, "-keypbe alg   specify private key PBE algorithm (default 3DES)\n");
+	BIO_printf (bio_err, "-macalg alg   digest algorithm used in MAC (default SHA1)\n");
 	BIO_printf (bio_err, "-keyex        set MS key exchange type\n");
 	BIO_printf (bio_err, "-keysig       set MS key signature type\n");
 	BIO_printf (bio_err, "-password p   set import/export password source\n");
@@ -321,6 +331,8 @@ int MAIN(int argc, char **argv)
 	BIO_printf(bio_err,  "-rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
 	BIO_printf(bio_err,  "              load the file (or the files in the directory) into\n");
 	BIO_printf(bio_err,  "              the random number generator\n");
+	BIO_printf(bio_err,  "-CSP name     Microsoft CSP name\n");
+	BIO_printf(bio_err,  "-LMK          Add local machine keyset attribute to private key\n");
     	goto end;
     }
 
@@ -410,6 +422,7 @@ int MAIN(int argc, char **argv)
 	EVP_PKEY *key = NULL;
 	X509 *ucert = NULL, *x = NULL;
 	STACK_OF(X509) *certs=NULL;
+	const EVP_MD *macmd = NULL;
 	unsigned char *catmp = NULL;
 	int i;
 
@@ -460,7 +473,7 @@ int MAIN(int argc, char **argv)
 					X509_keyid_set1(ucert, NULL, 0);
 					X509_alias_set1(ucert, NULL, 0);
 					/* Remove from list */
-					sk_X509_delete(certs, i);
+					(void)sk_X509_delete(certs, i);
 					break;
 					}
 				}
@@ -525,20 +538,29 @@ int MAIN(int argc, char **argv)
 		    X509_free(sk_X509_value(chain2, 0));
 		    sk_X509_free(chain2);
 		} else {
-			BIO_printf (bio_err, "Error %s getting chain.\n",
+			if (vret >= 0)
+				BIO_printf (bio_err, "Error %s getting chain.\n",
 					X509_verify_cert_error_string(vret));
+			else
+				ERR_print_errors(bio_err);
 			goto export_end;
 		}			
     	}
 
 	/* Add any CA names */
 
-	for (i = 0; i < sk_num(canames); i++)
+	for (i = 0; i < sk_OPENSSL_STRING_num(canames); i++)
 		{
-		catmp = (unsigned char *)sk_value(canames, i);
+		catmp = (unsigned char *)sk_OPENSSL_STRING_value(canames, i);
 		X509_alias_set1(sk_X509_value(certs, i), catmp, -1);
 		}
-		
+
+	if (csp_name && key)
+		EVP_PKEY_add1_attr_by_NID(key, NID_ms_csp_name,
+				MBSTRING_ASC, (unsigned char *)csp_name, -1);
+
+	if (add_lmk && key)
+		EVP_PKEY_add1_attr_by_NID(key, NID_LocalKeySet, 0, NULL, -1);
 
 #ifdef CRYPTO_MDEBUG
 	CRYPTO_pop_info();
@@ -567,8 +589,18 @@ int MAIN(int argc, char **argv)
 		goto export_end;
 		}
 
+	if (macalg)
+		{
+		macmd = EVP_get_digestbyname(macalg);
+		if (!macmd)
+			{
+			BIO_printf(bio_err, "Unknown digest algorithm %s\n", 
+						macalg);
+			}
+		}
+
 	if (maciter != -1)
-		PKCS12_set_mac(p12, mpass, -1, NULL, 0, maciter, NULL);
+		PKCS12_set_mac(p12, mpass, -1, NULL, 0, maciter, macmd);
 
 #ifdef CRYPTO_MDEBUG
 	CRYPTO_pop_info();
@@ -655,7 +687,7 @@ int MAIN(int argc, char **argv)
 #endif
     BIO_free(in);
     BIO_free_all(out);
-    if (canames) sk_free(canames);
+    if (canames) sk_OPENSSL_STRING_free(canames);
     if(passin) OPENSSL_free(passin);
     if(passout) OPENSSL_free(passout);
     apps_shutdown();
@@ -796,7 +828,7 @@ int get_cert_chain (X509 *cert, X509_STORE *store, STACK_OF(X509) **chain)
 {
 	X509_STORE_CTX store_ctx;
 	STACK_OF(X509) *chn;
-	int i;
+	int i = 0;
 
 	/* FIXME: Should really check the return status of X509_STORE_CTX_init
 	 * for an error, but how that fits into the return value of this
@@ -804,13 +836,17 @@ int get_cert_chain (X509 *cert, X509_STORE *store, STACK_OF(X509) **chain)
 	X509_STORE_CTX_init(&store_ctx, store, cert, NULL);
 	if (X509_verify_cert(&store_ctx) <= 0) {
 		i = X509_STORE_CTX_get_error (&store_ctx);
+		if (i == 0)
+			/* avoid returning 0 if X509_verify_cert() did not
+			 * set an appropriate error value in the context */
+			i = -1;
+		chn = NULL;
 		goto err;
-	}
-	chn =  X509_STORE_CTX_get1_chain(&store_ctx);
-	i = 0;
-	*chain = chn;
+	} else
+		chn = X509_STORE_CTX_get1_chain(&store_ctx);
 err:
 	X509_STORE_CTX_cleanup(&store_ctx);
+	*chain = chn;
 	
 	return i;
 }	
@@ -820,12 +856,14 @@ int alg_print (BIO *x, X509_ALGOR *alg)
 	PBEPARAM *pbe;
 	const unsigned char *p;
 	p = alg->parameter->value.sequence->data;
-	pbe = d2i_PBEPARAM (NULL, &p, alg->parameter->value.sequence->length);
+	pbe = d2i_PBEPARAM(NULL, &p, alg->parameter->value.sequence->length);
+	if (!pbe)
+		return 1;
 	BIO_printf (bio_err, "%s, Iteration %ld\n", 
 		OBJ_nid2ln(OBJ_obj2nid(alg->algorithm)),
 		ASN1_INTEGER_get(pbe->iter));
 	PBEPARAM_free (pbe);
-	return 0;
+	return 1;
 }
 
 /* Load all certificates from a given file */
@@ -857,7 +895,7 @@ int cert_load(BIO *in, STACK_OF(X509) *sk)
 
 /* Generalised attribute print: handle PKCS#8 and bag attributes */
 
-int print_attribs (BIO *out, STACK_OF(X509_ATTRIBUTE) *attrlst, char *name)
+int print_attribs (BIO *out, STACK_OF(X509_ATTRIBUTE) *attrlst,const char *name)
 {
 	X509_ATTRIBUTE *attr;
 	ASN1_TYPE *av;
@@ -885,7 +923,7 @@ int print_attribs (BIO *out, STACK_OF(X509_ATTRIBUTE) *attrlst, char *name)
 			av = sk_ASN1_TYPE_value(attr->value.set, 0);
 			switch(av->type) {
 				case V_ASN1_BMPSTRING:
-        			value = uni2asc(av->value.bmpstring->data,
+        			value = OPENSSL_uni2asc(av->value.bmpstring->data,
                                 	       av->value.bmpstring->length);
 				BIO_printf(out, "%s\n", value);
 				OPENSSL_free(value);
@@ -918,4 +956,22 @@ void hex_prin(BIO *out, unsigned char *buf, int len)
 	for (i = 0; i < len; i++) BIO_printf (out, "%02X ", buf[i]);
 }
 
+static int set_pbe(BIO *err, int *ppbe, const char *str)
+	{
+	if (!str)
+		return 0;
+	if (!strcmp(str, "NONE"))
+		{
+		*ppbe = -1;
+		return 1;
+		}
+	*ppbe=OBJ_txt2nid(str);
+	if (*ppbe == NID_undef)
+		{
+		BIO_printf(bio_err, "Unknown PBE algorithm %s\n", str);
+		return 0;
+		}
+	return 1;
+	}
+			
 #endif
diff --git a/apps/pkcs7.c b/apps/pkcs7.c
index da4dbe7a07..86d31b99a7 100644
--- a/apps/pkcs7.c
+++ b/apps/pkcs7.c
@@ -90,7 +90,7 @@ int MAIN(int argc, char **argv)
 	BIO *in=NULL,*out=NULL;
 	int informat,outformat;
 	char *infile,*outfile,*prog;
-	int print_certs=0,text=0,noout=0;
+	int print_certs=0,text=0,noout=0,p7_print=0;
 	int ret=1;
 #ifndef OPENSSL_NO_ENGINE
 	char *engine=NULL;
@@ -139,6 +139,8 @@ int MAIN(int argc, char **argv)
 			noout=1;
 		else if (strcmp(*argv,"-text") == 0)
 			text=1;
+		else if (strcmp(*argv,"-print") == 0)
+			p7_print=1;
 		else if (strcmp(*argv,"-print_certs") == 0)
 			print_certs=1;
 #ifndef OPENSSL_NO_ENGINE
@@ -238,6 +240,9 @@ bad:
 			}
 		}
 
+	if (p7_print)
+		PKCS7_print_ctx(out, p7, 0, NULL);
+
 	if (print_certs)
 		{
 		STACK_OF(X509) *certs=NULL;
diff --git a/apps/pkcs8.c b/apps/pkcs8.c
index d5085444e2..7edeb179dd 100644
--- a/apps/pkcs8.c
+++ b/apps/pkcs8.c
@@ -1,5 +1,5 @@
 /* pkcs8.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999-2004.
  */
 /* ====================================================================
@@ -80,11 +80,12 @@ int MAIN(int argc, char **argv)
 	int informat, outformat;
 	int p8_broken = PKCS8_OK;
 	int nocrypt = 0;
-	X509_SIG *p8;
-	PKCS8_PRIV_KEY_INFO *p8inf;
+	X509_SIG *p8 = NULL;
+	PKCS8_PRIV_KEY_INFO *p8inf = NULL;
 	EVP_PKEY *pkey=NULL;
 	char pass[50], *passin = NULL, *passout = NULL, *p8pass = NULL;
 	int badarg = 0;
+	int ret = 1;
 #ifndef OPENSSL_NO_ENGINE
 	char *engine=NULL;
 #endif
@@ -225,7 +226,7 @@ int MAIN(int argc, char **argv)
 #ifndef OPENSSL_NO_ENGINE
 		BIO_printf(bio_err," -engine e       use engine e, possibly a hardware device.\n");
 #endif
-		return 1;
+		goto end;
 		}
 
 #ifndef OPENSSL_NO_ENGINE
@@ -235,7 +236,7 @@ int MAIN(int argc, char **argv)
 	if (!app_passwd(bio_err, passargin, passargout, &passin, &passout))
 		{
 		BIO_printf(bio_err, "Error getting passwords\n");
-		return 1;
+		goto end;
 		}
 
 	if ((pbe_nid == -1) && !cipher)
@@ -247,7 +248,7 @@ int MAIN(int argc, char **argv)
 			{
 			BIO_printf(bio_err,
 				 "Can't open input file %s\n", infile);
-			return (1);
+			goto end;
 			}
 		}
 	else
@@ -259,7 +260,7 @@ int MAIN(int argc, char **argv)
 			{
 			BIO_printf(bio_err,
 				 "Can't open output file %s\n", outfile);
-			return (1);
+			goto end;
 			}
 		}
 	else
@@ -274,21 +275,15 @@ int MAIN(int argc, char **argv)
 		}
 	if (topk8)
 		{
-		BIO_free(in); /* Not needed in this section */
 		pkey = load_key(bio_err, infile, informat, 1,
 			passin, e, "key");
 		if (!pkey)
-			{
-			BIO_free_all(out);
-			return 1;
-			}
+			goto end;
 		if (!(p8inf = EVP_PKEY2PKCS8_broken(pkey, p8_broken)))
 			{
 			BIO_printf(bio_err, "Error converting key\n");
 			ERR_print_errors(bio_err);
-			EVP_PKEY_free(pkey);
-			BIO_free_all(out);
-			return 1;
+			goto end;
 			}
 		if (nocrypt)
 			{
@@ -299,10 +294,7 @@ int MAIN(int argc, char **argv)
 			else
 				{
 				BIO_printf(bio_err, "Bad format specified for key\n");
-				PKCS8_PRIV_KEY_INFO_free(p8inf);
-				EVP_PKEY_free(pkey);
-				BIO_free_all(out);
-				return (1);
+				goto end;
 				}
 			}
 		else
@@ -313,12 +305,7 @@ int MAIN(int argc, char **argv)
 				{
 				p8pass = pass;
 				if (EVP_read_pw_string(pass, sizeof pass, "Enter Encryption Password:", 1))
-					{
-					PKCS8_PRIV_KEY_INFO_free(p8inf);
-					EVP_PKEY_free(pkey);
-					BIO_free_all(out);
-					return (1);
-					}
+					goto end;
 				}
 			app_RAND_load_file(NULL, bio_err, 0);
 			if (!(p8 = PKCS8_encrypt(pbe_nid, cipher,
@@ -327,10 +314,7 @@ int MAIN(int argc, char **argv)
 				{
 				BIO_printf(bio_err, "Error encrypting key\n");
 				ERR_print_errors(bio_err);
-				PKCS8_PRIV_KEY_INFO_free(p8inf);
-				EVP_PKEY_free(pkey);
-				BIO_free_all(out);
-				return (1);
+				goto end;
 				}
 			app_RAND_write_file(NULL, bio_err);
 			if (outformat == FORMAT_PEM) 
@@ -340,22 +324,12 @@ int MAIN(int argc, char **argv)
 			else
 				{
 				BIO_printf(bio_err, "Bad format specified for key\n");
-				PKCS8_PRIV_KEY_INFO_free(p8inf);
-				EVP_PKEY_free(pkey);
-				BIO_free_all(out);
-				return (1);
+				goto end;
 				}
-			X509_SIG_free(p8);
 			}
 
-		PKCS8_PRIV_KEY_INFO_free (p8inf);
-		EVP_PKEY_free(pkey);
-		BIO_free_all(out);
-		if (passin)
-			OPENSSL_free(passin);
-		if (passout)
-			OPENSSL_free(passout);
-		return (0);
+		ret = 0;
+		goto end;
 		}
 
 	if (nocrypt)
@@ -367,7 +341,7 @@ int MAIN(int argc, char **argv)
 		else
 			{
 			BIO_printf(bio_err, "Bad format specified for key\n");
-			return (1);
+			goto end;
 			}
 		}
 	else
@@ -379,14 +353,14 @@ int MAIN(int argc, char **argv)
 		else
 			{
 			BIO_printf(bio_err, "Bad format specified for key\n");
-			return (1);
+			goto end;
 			}
 
 		if (!p8)
 			{
 			BIO_printf (bio_err, "Error reading key\n");
 			ERR_print_errors(bio_err);
-			return (1);
+			goto end;
 			}
 		if (passin)
 			p8pass = passin;
@@ -396,21 +370,20 @@ int MAIN(int argc, char **argv)
 			EVP_read_pw_string(pass, sizeof pass, "Enter Password:", 0);
 			}
 		p8inf = PKCS8_decrypt(p8, p8pass, strlen(p8pass));
-		X509_SIG_free(p8);
 		}
 
 	if (!p8inf)
 		{
 		BIO_printf(bio_err, "Error decrypting key\n");
 		ERR_print_errors(bio_err);
-		return (1);
+		goto end;
 		}
 
 	if (!(pkey = EVP_PKCS82PKEY(p8inf)))
 		{
 		BIO_printf(bio_err, "Error converting key\n");
 		ERR_print_errors(bio_err);
-		return (1);
+		goto end;
 		}
 	
 	if (p8inf->broken)
@@ -430,13 +403,16 @@ int MAIN(int argc, char **argv)
 			BIO_printf(bio_err, "DSA public key include in PrivateKey\n");
 			break;
 
+			case PKCS8_NEG_PRIVKEY:
+			BIO_printf(bio_err, "DSA private key value is negative\n");
+			break;
+
 			default:
 			BIO_printf(bio_err, "Unknown broken type\n");
 			break;
 		}
 	}
 	
-	PKCS8_PRIV_KEY_INFO_free(p8inf);
 	if (outformat == FORMAT_PEM) 
 		PEM_write_bio_PrivateKey(out, pkey, NULL, NULL, 0, NULL, passout);
 	else if (outformat == FORMAT_ASN1)
@@ -444,10 +420,13 @@ int MAIN(int argc, char **argv)
 	else
 		{
 		BIO_printf(bio_err, "Bad format specified for key\n");
-			return (1);
+			goto end;
 		}
+	ret = 0;
 
 	end:
+	X509_SIG_free(p8);
+	PKCS8_PRIV_KEY_INFO_free(p8inf);
 	EVP_PKEY_free(pkey);
 	BIO_free_all(out);
 	BIO_free(in);
@@ -456,5 +435,5 @@ int MAIN(int argc, char **argv)
 	if (passout)
 		OPENSSL_free(passout);
 
-	return (0);
+	return ret;
 	}
diff --git a/apps/pkey.c b/apps/pkey.c
new file mode 100644
index 0000000000..17e6702fb1
--- /dev/null
+++ b/apps/pkey.c
@@ -0,0 +1,284 @@
+/* apps/pkey.c */
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project 2006
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+#include <stdio.h>
+#include <string.h>
+#include "apps.h"
+#include <openssl/pem.h>
+#include <openssl/err.h>
+#include <openssl/evp.h>
+
+#define PROG pkey_main
+
+int MAIN(int, char **);
+
+int MAIN(int argc, char **argv)
+	{
+	ENGINE *e = NULL;
+	char **args, *infile = NULL, *outfile = NULL;
+	char *passargin = NULL, *passargout = NULL;
+	BIO *in = NULL, *out = NULL;
+	const EVP_CIPHER *cipher = NULL;
+	int informat, outformat;
+	int pubin = 0, pubout = 0, pubtext = 0, text = 0, noout = 0;
+	EVP_PKEY *pkey=NULL;
+	char *passin = NULL, *passout = NULL;
+	int badarg = 0;
+#ifndef OPENSSL_NO_ENGINE
+	char *engine=NULL;
+#endif
+	int ret = 1;
+
+	if (bio_err == NULL)
+		bio_err = BIO_new_fp (stderr, BIO_NOCLOSE);
+
+	if (!load_config(bio_err, NULL))
+		goto end;
+
+	informat=FORMAT_PEM;
+	outformat=FORMAT_PEM;
+
+	ERR_load_crypto_strings();
+	OpenSSL_add_all_algorithms();
+	args = argv + 1;
+	while (!badarg && *args && *args[0] == '-')
+		{
+		if (!strcmp(*args,"-inform"))
+			{
+			if (args[1])
+				{
+				args++;
+				informat=str2fmt(*args);
+				}
+			else badarg = 1;
+			}
+		else if (!strcmp(*args,"-outform"))
+			{
+			if (args[1])
+				{
+				args++;
+				outformat=str2fmt(*args);
+				}
+			else badarg = 1;
+			}
+		else if (!strcmp(*args,"-passin"))
+			{
+			if (!args[1]) goto bad;
+			passargin= *(++args);
+			}
+		else if (!strcmp(*args,"-passout"))
+			{
+			if (!args[1]) goto bad;
+			passargout= *(++args);
+			}
+#ifndef OPENSSL_NO_ENGINE
+		else if (strcmp(*args,"-engine") == 0)
+			{
+			if (!args[1]) goto bad;
+			engine= *(++args);
+			}
+#endif
+		else if (!strcmp (*args, "-in"))
+			{
+			if (args[1])
+				{
+				args++;
+				infile = *args;
+				}
+			else badarg = 1;
+			}
+		else if (!strcmp (*args, "-out"))
+			{
+			if (args[1])
+				{
+				args++;
+				outfile = *args;
+				}
+			else badarg = 1;
+			}
+		else if (strcmp(*args,"-pubin") == 0)
+			{
+			pubin=1;
+			pubout=1;
+			pubtext=1;
+			}
+		else if (strcmp(*args,"-pubout") == 0)
+			pubout=1;
+		else if (strcmp(*args,"-text_pub") == 0)
+			{
+			pubtext=1;
+			text=1;
+			}
+		else if (strcmp(*args,"-text") == 0)
+			text=1;
+		else if (strcmp(*args,"-noout") == 0)
+			noout=1;
+		else
+			{
+			cipher = EVP_get_cipherbyname(*args + 1);
+			if (!cipher)
+				{
+				BIO_printf(bio_err, "Unknown cipher %s\n",
+								*args + 1);
+				badarg = 1;
+				}
+			}
+		args++;
+		}
+
+	if (badarg)
+		{
+		bad:
+		BIO_printf(bio_err, "Usage pkey [options]\n");
+		BIO_printf(bio_err, "where options are\n");
+		BIO_printf(bio_err, "-in file        input file\n");
+		BIO_printf(bio_err, "-inform X       input format (DER or PEM)\n");
+		BIO_printf(bio_err, "-passin arg     input file pass phrase source\n");
+		BIO_printf(bio_err, "-outform X      output format (DER or PEM)\n");
+		BIO_printf(bio_err, "-out file       output file\n");
+		BIO_printf(bio_err, "-passout arg    output file pass phrase source\n");
+#ifndef OPENSSL_NO_ENGINE
+		BIO_printf(bio_err, "-engine e       use engine e, possibly a hardware device.\n");
+#endif
+		return 1;
+		}
+
+#ifndef OPENSSL_NO_ENGINE
+        e = setup_engine(bio_err, engine, 0);
+#endif
+
+	if (!app_passwd(bio_err, passargin, passargout, &passin, &passout))
+		{
+		BIO_printf(bio_err, "Error getting passwords\n");
+		goto end;
+		}
+
+	if (outfile)
+		{
+		if (!(out = BIO_new_file (outfile, "wb")))
+			{
+			BIO_printf(bio_err,
+				 "Can't open output file %s\n", outfile);
+			goto end;
+			}
+		}
+	else
+		{
+		out = BIO_new_fp (stdout, BIO_NOCLOSE);
+#ifdef OPENSSL_SYS_VMS
+			{
+			BIO *tmpbio = BIO_new(BIO_f_linebuffer());
+			out = BIO_push(tmpbio, out);
+			}
+#endif
+		}
+
+	if (pubin)
+		pkey = load_pubkey(bio_err, infile, informat, 1,
+			passin, e, "Public Key");
+	else
+		pkey = load_key(bio_err, infile, informat, 1,
+			passin, e, "key");
+	if (!pkey)
+		goto end;
+
+	if (!noout)
+		{
+		if (outformat == FORMAT_PEM) 
+			{
+			if (pubout)
+				PEM_write_bio_PUBKEY(out,pkey);
+			else
+				PEM_write_bio_PrivateKey(out, pkey, cipher,
+							NULL, 0, NULL, passout);
+			}
+		else if (outformat == FORMAT_ASN1)
+			{
+			if (pubout)
+				i2d_PUBKEY_bio(out, pkey);
+			else
+				i2d_PrivateKey_bio(out, pkey);
+			}
+		else
+			{
+			BIO_printf(bio_err, "Bad format specified for key\n");
+			goto end;
+			}
+
+		}
+
+	if (text)
+		{
+		if (pubtext)
+			EVP_PKEY_print_public(out, pkey, 0, NULL);
+		else
+			EVP_PKEY_print_private(out, pkey, 0, NULL);
+		}
+
+	ret = 0;
+
+	end:
+	EVP_PKEY_free(pkey);
+	BIO_free_all(out);
+	BIO_free(in);
+	if (passin)
+		OPENSSL_free(passin);
+	if (passout)
+		OPENSSL_free(passout);
+
+	return ret;
+	}
diff --git a/apps/pkeyparam.c b/apps/pkeyparam.c
new file mode 100644
index 0000000000..7f18010f9d
--- /dev/null
+++ b/apps/pkeyparam.c
@@ -0,0 +1,201 @@
+/* apps/pkeyparam.c */
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project 2006
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+#include <stdio.h>
+#include <string.h>
+#include "apps.h"
+#include <openssl/pem.h>
+#include <openssl/err.h>
+#include <openssl/evp.h>
+
+#define PROG pkeyparam_main
+
+int MAIN(int, char **);
+
+int MAIN(int argc, char **argv)
+	{
+	char **args, *infile = NULL, *outfile = NULL;
+	BIO *in = NULL, *out = NULL;
+	int text = 0, noout = 0;
+	EVP_PKEY *pkey=NULL;
+	int badarg = 0;
+#ifndef OPENSSL_NO_ENGINE
+	ENGINE *e = NULL;
+	char *engine=NULL;
+#endif
+	int ret = 1;
+
+	if (bio_err == NULL)
+		bio_err = BIO_new_fp (stderr, BIO_NOCLOSE);
+
+	if (!load_config(bio_err, NULL))
+		goto end;
+
+	ERR_load_crypto_strings();
+	OpenSSL_add_all_algorithms();
+	args = argv + 1;
+	while (!badarg && *args && *args[0] == '-')
+		{
+		if (!strcmp (*args, "-in"))
+			{
+			if (args[1])
+				{
+				args++;
+				infile = *args;
+				}
+			else badarg = 1;
+			}
+		else if (!strcmp (*args, "-out"))
+			{
+			if (args[1])
+				{
+				args++;
+				outfile = *args;
+				}
+			else badarg = 1;
+			}
+#ifndef OPENSSL_NO_ENGINE
+		else if (strcmp(*args,"-engine") == 0)
+			{
+			if (!args[1]) goto bad;
+			engine= *(++args);
+			}
+#endif
+
+		else if (strcmp(*args,"-text") == 0)
+			text=1;
+		else if (strcmp(*args,"-noout") == 0)
+			noout=1;
+		args++;
+		}
+
+	if (badarg)
+		{
+#ifndef OPENSSL_NO_ENGINE
+		bad:
+#endif
+		BIO_printf(bio_err, "Usage pkeyparam [options]\n");
+		BIO_printf(bio_err, "where options are\n");
+		BIO_printf(bio_err, "-in file        input file\n");
+		BIO_printf(bio_err, "-out file       output file\n");
+		BIO_printf(bio_err, "-text           print parameters as text\n");
+		BIO_printf(bio_err, "-noout          don't output encoded parameters\n");
+#ifndef OPENSSL_NO_ENGINE
+		BIO_printf(bio_err, "-engine e       use engine e, possibly a hardware device.\n");
+#endif
+		return 1;
+		}
+
+#ifndef OPENSSL_NO_ENGINE
+        e = setup_engine(bio_err, engine, 0);
+#endif
+
+	if (infile)
+		{
+		if (!(in = BIO_new_file (infile, "r")))
+			{
+			BIO_printf(bio_err,
+				 "Can't open input file %s\n", infile);
+			goto end;
+			}
+		}
+	else
+		in = BIO_new_fp (stdin, BIO_NOCLOSE);
+
+	if (outfile)
+		{
+		if (!(out = BIO_new_file (outfile, "w")))
+			{
+			BIO_printf(bio_err,
+				 "Can't open output file %s\n", outfile);
+			goto end;
+			}
+		}
+	else
+		{
+		out = BIO_new_fp (stdout, BIO_NOCLOSE);
+#ifdef OPENSSL_SYS_VMS
+			{
+			BIO *tmpbio = BIO_new(BIO_f_linebuffer());
+			out = BIO_push(tmpbio, out);
+			}
+#endif
+		}
+
+	pkey = PEM_read_bio_Parameters(in, NULL);
+	if (!pkey)
+		{
+		BIO_printf(bio_err, "Error reading parameters\n");
+		ERR_print_errors(bio_err);
+		goto end;
+		}
+
+	if (!noout)
+		PEM_write_bio_Parameters(out,pkey);
+
+	if (text)
+		EVP_PKEY_print_params(out, pkey, 0, NULL);
+
+	ret = 0;
+
+	end:
+	EVP_PKEY_free(pkey);
+	BIO_free_all(out);
+	BIO_free(in);
+
+	return ret;
+	}
diff --git a/apps/pkeyutl.c b/apps/pkeyutl.c
new file mode 100644
index 0000000000..22a6c4bf39
--- /dev/null
+++ b/apps/pkeyutl.c
@@ -0,0 +1,570 @@
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project 2006.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+
+#include "apps.h"
+#include <string.h>
+#include <openssl/err.h>
+#include <openssl/pem.h>
+#include <openssl/evp.h>
+
+#define KEY_PRIVKEY	1
+#define KEY_PUBKEY	2
+#define KEY_CERT	3
+
+static void usage(void);
+
+#undef PROG
+
+#define PROG pkeyutl_main
+
+static EVP_PKEY_CTX *init_ctx(int *pkeysize,
+				char *keyfile, int keyform, int key_type,
+				char *passargin, int pkey_op, ENGINE *e);
+
+static int setup_peer(BIO *err, EVP_PKEY_CTX *ctx, int peerform,
+							const char *file);
+
+static int do_keyop(EVP_PKEY_CTX *ctx, int pkey_op,
+		unsigned char *out, size_t *poutlen,
+		unsigned char *in, size_t inlen);
+
+int MAIN(int argc, char **);
+
+int MAIN(int argc, char **argv)
+{
+	BIO *in = NULL, *out = NULL;
+	char *infile = NULL, *outfile = NULL, *sigfile = NULL;
+	ENGINE *e = NULL;
+	int pkey_op = EVP_PKEY_OP_SIGN, key_type = KEY_PRIVKEY;
+	int keyform = FORMAT_PEM, peerform = FORMAT_PEM;
+	char badarg = 0, rev = 0;
+	char hexdump = 0, asn1parse = 0;
+	EVP_PKEY_CTX *ctx = NULL;
+	char *passargin = NULL;
+	int keysize = -1;
+
+	unsigned char *buf_in = NULL, *buf_out = NULL, *sig = NULL;
+	size_t buf_outlen;
+	int buf_inlen = 0, siglen = -1;
+
+	int ret = 1, rv = -1;
+
+	argc--;
+	argv++;
+
+	if(!bio_err) bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
+
+	if (!load_config(bio_err, NULL))
+		goto end;
+	ERR_load_crypto_strings();
+	OpenSSL_add_all_algorithms();
+	
+	while(argc >= 1)
+		{
+		if (!strcmp(*argv,"-in"))
+			{
+			if (--argc < 1) badarg = 1;
+                        infile= *(++argv);
+			}
+		else if (!strcmp(*argv,"-out"))
+			{
+			if (--argc < 1) badarg = 1;
+			outfile= *(++argv);
+			}
+		else if (!strcmp(*argv,"-sigfile"))
+			{
+			if (--argc < 1) badarg = 1;
+			sigfile= *(++argv);
+			}
+		else if(!strcmp(*argv, "-inkey"))
+			{
+			if (--argc < 1)
+				badarg = 1;
+			else
+				{
+				ctx = init_ctx(&keysize,
+						*(++argv), keyform, key_type,
+						passargin, pkey_op, e);
+				if (!ctx)
+					{
+					BIO_puts(bio_err,
+						"Error initializing context\n");
+					ERR_print_errors(bio_err);
+					badarg = 1;
+					}
+				}
+			}
+		else if (!strcmp(*argv,"-peerkey"))
+			{
+			if (--argc < 1)
+				badarg = 1;
+			else if (!setup_peer(bio_err, ctx, peerform, *(++argv)))
+				badarg = 1;
+			}
+		else if (!strcmp(*argv,"-passin"))
+			{
+			if (--argc < 1) badarg = 1;
+			passargin= *(++argv);
+			}
+		else if (strcmp(*argv,"-peerform") == 0)
+			{
+			if (--argc < 1) badarg = 1;
+			peerform=str2fmt(*(++argv));
+			}
+		else if (strcmp(*argv,"-keyform") == 0)
+			{
+			if (--argc < 1) badarg = 1;
+			keyform=str2fmt(*(++argv));
+			}
+#ifndef OPENSSL_NO_ENGINE
+		else if(!strcmp(*argv, "-engine"))
+			{
+			if (--argc < 1)
+				badarg = 1;
+			else
+				e = setup_engine(bio_err, *(++argv), 0);
+			}
+#endif
+		else if(!strcmp(*argv, "-pubin"))
+			key_type = KEY_PUBKEY;
+		else if(!strcmp(*argv, "-certin"))
+			key_type = KEY_CERT;
+		else if(!strcmp(*argv, "-asn1parse"))
+			asn1parse = 1;
+		else if(!strcmp(*argv, "-hexdump"))
+			hexdump = 1;
+		else if(!strcmp(*argv, "-sign"))
+			pkey_op = EVP_PKEY_OP_SIGN;
+		else if(!strcmp(*argv, "-verify"))
+			pkey_op = EVP_PKEY_OP_VERIFY;
+		else if(!strcmp(*argv, "-verifyrecover"))
+			pkey_op = EVP_PKEY_OP_VERIFYRECOVER;
+		else if(!strcmp(*argv, "-rev"))
+			rev = 1;
+		else if(!strcmp(*argv, "-encrypt"))
+			pkey_op = EVP_PKEY_OP_ENCRYPT;
+		else if(!strcmp(*argv, "-decrypt"))
+			pkey_op = EVP_PKEY_OP_DECRYPT;
+		else if(!strcmp(*argv, "-derive"))
+			pkey_op = EVP_PKEY_OP_DERIVE;
+		else if (strcmp(*argv,"-pkeyopt") == 0)
+			{
+			if (--argc < 1)
+				badarg = 1;
+			else if (!ctx)
+				{
+				BIO_puts(bio_err,
+					"-pkeyopt command before -inkey\n");
+				badarg = 1;
+				}
+			else if (pkey_ctrl_string(ctx, *(++argv)) <= 0)
+				{
+				BIO_puts(bio_err, "parameter setting error\n");
+				ERR_print_errors(bio_err);
+				goto end;
+				}
+			}
+		else badarg = 1;
+		if(badarg)
+			{
+			usage();
+			goto end;
+			}
+		argc--;
+		argv++;
+		}
+
+	if (!ctx)
+		{
+		usage();
+		goto end;
+		}
+
+	if (sigfile && (pkey_op != EVP_PKEY_OP_VERIFY))
+		{
+		BIO_puts(bio_err, "Signature file specified for non verify\n");
+		goto end;
+		}
+
+	if (!sigfile && (pkey_op == EVP_PKEY_OP_VERIFY))
+		{
+		BIO_puts(bio_err, "No signature file specified for verify\n");
+		goto end;
+		}
+
+/* FIXME: seed PRNG only if needed */
+	app_RAND_load_file(NULL, bio_err, 0);
+
+	if (pkey_op != EVP_PKEY_OP_DERIVE)
+		{
+		if(infile)
+			{
+			if(!(in = BIO_new_file(infile, "rb")))
+				{
+				BIO_puts(bio_err,
+					"Error Opening Input File\n");
+				ERR_print_errors(bio_err);	
+				goto end;
+				}
+			}
+		else
+			in = BIO_new_fp(stdin, BIO_NOCLOSE);
+		}
+
+	if(outfile)
+		{
+		if(!(out = BIO_new_file(outfile, "wb")))
+			{
+			BIO_printf(bio_err, "Error Creating Output File\n");
+			ERR_print_errors(bio_err);	
+			goto end;
+			}
+		}
+	else
+		{
+		out = BIO_new_fp(stdout, BIO_NOCLOSE);
+#ifdef OPENSSL_SYS_VMS
+		{
+		    BIO *tmpbio = BIO_new(BIO_f_linebuffer());
+		    out = BIO_push(tmpbio, out);
+		}
+#endif
+	}
+
+	if (sigfile)
+		{
+		BIO *sigbio = BIO_new_file(sigfile, "rb");
+		if (!sigbio)
+			{
+			BIO_printf(bio_err, "Can't open signature file %s\n",
+								sigfile);
+			goto end;
+			}
+		siglen = bio_to_mem(&sig, keysize * 10, sigbio);
+		BIO_free(sigbio);
+		if (siglen <= 0)
+			{
+			BIO_printf(bio_err, "Error reading signature data\n");
+			goto end;
+			}
+		}
+	
+	if (in)
+		{
+		/* Read the input data */
+		buf_inlen = bio_to_mem(&buf_in, keysize * 10, in);
+		if(buf_inlen <= 0)
+			{
+			BIO_printf(bio_err, "Error reading input Data\n");
+			exit(1);
+			}
+		if(rev)
+			{
+			size_t i;
+			unsigned char ctmp;
+			size_t l = (size_t)buf_inlen;
+			for(i = 0; i < l/2; i++)
+				{
+				ctmp = buf_in[i];
+				buf_in[i] = buf_in[l - 1 - i];
+				buf_in[l - 1 - i] = ctmp;
+				}
+			}
+		}
+
+	if(pkey_op == EVP_PKEY_OP_VERIFY)
+		{
+		rv  = EVP_PKEY_verify(ctx, sig, (size_t)siglen,
+				      buf_in, (size_t)buf_inlen);
+		if (rv == 0)
+			BIO_puts(out, "Signature Verification Failure\n");
+		else if (rv == 1)
+			BIO_puts(out, "Signature Verified Successfully\n");
+		if (rv >= 0)
+			goto end;
+		}
+	else
+		{	
+		rv = do_keyop(ctx, pkey_op, NULL, (size_t *)&buf_outlen,
+			      buf_in, (size_t)buf_inlen);
+		if (rv > 0)
+			{
+			buf_out = OPENSSL_malloc(buf_outlen);
+			if (!buf_out)
+				rv = -1;
+			else
+				rv = do_keyop(ctx, pkey_op,
+						buf_out, (size_t *)&buf_outlen,
+						buf_in, (size_t)buf_inlen);
+			}
+		}
+
+	if(rv <= 0)
+		{
+		BIO_printf(bio_err, "Public Key operation error\n");
+		ERR_print_errors(bio_err);
+		goto end;
+		}
+	ret = 0;
+	if(asn1parse)
+		{
+		if(!ASN1_parse_dump(out, buf_out, buf_outlen, 1, -1))
+			ERR_print_errors(bio_err);
+		}
+	else if(hexdump)
+		BIO_dump(out, (char *)buf_out, buf_outlen);
+	else
+		BIO_write(out, buf_out, buf_outlen);
+
+	end:
+	if (ctx)
+		EVP_PKEY_CTX_free(ctx);
+	BIO_free(in);
+	BIO_free_all(out);
+	if (buf_in)
+		OPENSSL_free(buf_in);
+	if (buf_out)
+		OPENSSL_free(buf_out);
+	if (sig)
+		OPENSSL_free(sig);
+	return ret;
+}
+
+static void usage()
+{
+	BIO_printf(bio_err, "Usage: pkeyutl [options]\n");
+	BIO_printf(bio_err, "-in file        input file\n");
+	BIO_printf(bio_err, "-out file       output file\n");
+	BIO_printf(bio_err, "-sigfile file signature file (verify operation only)\n");
+	BIO_printf(bio_err, "-inkey file     input key\n");
+	BIO_printf(bio_err, "-keyform arg    private key format - default PEM\n");
+	BIO_printf(bio_err, "-pubin          input is a public key\n");
+	BIO_printf(bio_err, "-certin         input is a certificate carrying a public key\n");
+	BIO_printf(bio_err, "-pkeyopt X:Y    public key options\n");
+	BIO_printf(bio_err, "-sign           sign with private key\n");
+	BIO_printf(bio_err, "-verify         verify with public key\n");
+	BIO_printf(bio_err, "-verifyrecover  verify with public key, recover original data\n");
+	BIO_printf(bio_err, "-encrypt        encrypt with public key\n");
+	BIO_printf(bio_err, "-decrypt        decrypt with private key\n");
+	BIO_printf(bio_err, "-derive         derive shared secret\n");
+	BIO_printf(bio_err, "-hexdump        hex dump output\n");
+#ifndef OPENSSL_NO_ENGINE
+	BIO_printf(bio_err, "-engine e       use engine e, possibly a hardware device.\n");
+#endif
+	BIO_printf(bio_err, "-passin arg     pass phrase source\n");
+
+}
+
+static EVP_PKEY_CTX *init_ctx(int *pkeysize,
+				char *keyfile, int keyform, int key_type,
+				char *passargin, int pkey_op, ENGINE *e)
+	{
+	EVP_PKEY *pkey = NULL;
+	EVP_PKEY_CTX *ctx = NULL;
+	char *passin = NULL;
+	int rv = -1;
+	X509 *x;
+	if(((pkey_op == EVP_PKEY_OP_SIGN) || (pkey_op == EVP_PKEY_OP_DECRYPT) 
+		|| (pkey_op == EVP_PKEY_OP_DERIVE))
+		&& (key_type != KEY_PRIVKEY))
+		{
+		BIO_printf(bio_err, "A private key is needed for this operation\n");
+		goto end;
+		}
+	if(!app_passwd(bio_err, passargin, NULL, &passin, NULL))
+		{
+		BIO_printf(bio_err, "Error getting password\n");
+		goto end;
+		}
+	switch(key_type)
+		{
+		case KEY_PRIVKEY:
+		pkey = load_key(bio_err, keyfile, keyform, 0,
+			passin, e, "Private Key");
+		break;
+
+		case KEY_PUBKEY:
+		pkey = load_pubkey(bio_err, keyfile, keyform, 0,
+			NULL, e, "Public Key");
+		break;
+
+		case KEY_CERT:
+		x = load_cert(bio_err, keyfile, keyform,
+			NULL, e, "Certificate");
+		if(x)
+			{
+			pkey = X509_get_pubkey(x);
+			X509_free(x);
+			}
+		break;
+
+		}
+
+	*pkeysize = EVP_PKEY_size(pkey);
+
+	if (!pkey)
+		goto end;
+
+	ctx = EVP_PKEY_CTX_new(pkey, e);
+
+	EVP_PKEY_free(pkey);
+
+	if (!ctx)
+		goto end;
+
+	switch(pkey_op)
+		{
+		case EVP_PKEY_OP_SIGN:
+		rv = EVP_PKEY_sign_init(ctx);
+		break;
+
+		case EVP_PKEY_OP_VERIFY:
+		rv = EVP_PKEY_verify_init(ctx);
+		break;
+
+		case EVP_PKEY_OP_VERIFYRECOVER:
+		rv = EVP_PKEY_verify_recover_init(ctx);
+		break;
+
+		case EVP_PKEY_OP_ENCRYPT:
+		rv = EVP_PKEY_encrypt_init(ctx);
+		break;
+
+		case EVP_PKEY_OP_DECRYPT:
+		rv = EVP_PKEY_decrypt_init(ctx);
+		break;
+
+		case EVP_PKEY_OP_DERIVE:
+		rv = EVP_PKEY_derive_init(ctx);
+		break;
+		}
+
+	if (rv <= 0)
+		{
+		EVP_PKEY_CTX_free(ctx);
+		ctx = NULL;
+		}
+
+	end:
+
+	if (passin)
+		OPENSSL_free(passin);
+
+	return ctx;
+
+
+	}
+
+static int setup_peer(BIO *err, EVP_PKEY_CTX *ctx, int peerform,
+							const char *file)
+	{
+	EVP_PKEY *peer = NULL;
+	int ret;
+	if (!ctx)
+		{
+		BIO_puts(err, "-peerkey command before -inkey\n");
+		return 0;
+		}
+		
+	peer = load_pubkey(bio_err, file, peerform, 0, NULL, NULL, "Peer Key");
+
+	if (!peer)
+		{
+		BIO_printf(bio_err, "Error reading peer key %s\n", file);
+		ERR_print_errors(err);
+		return 0;
+		}
+
+	ret = EVP_PKEY_derive_set_peer(ctx, peer);
+
+	EVP_PKEY_free(peer);
+	if (ret <= 0)
+		ERR_print_errors(err);
+	return ret;
+	}
+
+static int do_keyop(EVP_PKEY_CTX *ctx, int pkey_op,
+		unsigned char *out, size_t *poutlen,
+		unsigned char *in, size_t inlen)
+	{
+	int rv = 0;
+	switch(pkey_op)
+		{
+		case EVP_PKEY_OP_VERIFYRECOVER:
+		rv  = EVP_PKEY_verify_recover(ctx, out, poutlen, in, inlen);
+		break;
+
+		case EVP_PKEY_OP_SIGN:
+		rv  = EVP_PKEY_sign(ctx, out, poutlen, in, inlen);
+		break;
+
+		case EVP_PKEY_OP_ENCRYPT:
+		rv  = EVP_PKEY_encrypt(ctx, out, poutlen, in, inlen);
+		break;
+
+		case EVP_PKEY_OP_DECRYPT:
+		rv  = EVP_PKEY_decrypt(ctx, out, poutlen, in, inlen);
+		break; 
+
+		case EVP_PKEY_OP_DERIVE:
+		rv  = EVP_PKEY_derive(ctx, out, poutlen);
+		break;
+
+		}
+	return rv;
+	}
diff --git a/apps/prime.c b/apps/prime.c
new file mode 100644
index 0000000000..f1aaef8725
--- /dev/null
+++ b/apps/prime.c
@@ -0,0 +1,160 @@
+/* ====================================================================
+ * Copyright (c) 2004 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#include <string.h>
+
+#include "apps.h"
+#include <openssl/bn.h>
+
+
+#undef PROG
+#define PROG prime_main
+
+int MAIN(int, char **);
+
+int MAIN(int argc, char **argv)
+    {
+    int hex=0;
+    int checks=20;
+    int generate=0;
+    int bits=0;
+    int safe=0;
+    BIGNUM *bn=NULL;
+    BIO *bio_out;
+
+    apps_startup();
+
+    if (bio_err == NULL)
+	if ((bio_err=BIO_new(BIO_s_file())) != NULL)
+	    BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
+
+    --argc;
+    ++argv;
+    while (argc >= 1 && **argv == '-')
+	{
+	if(!strcmp(*argv,"-hex"))
+	    hex=1;
+	else if(!strcmp(*argv,"-generate"))
+	    generate=1;
+	else if(!strcmp(*argv,"-bits"))
+	    if(--argc < 1)
+		goto bad;
+	    else
+		bits=atoi(*++argv);
+	else if(!strcmp(*argv,"-safe"))
+	    safe=1;
+	else if(!strcmp(*argv,"-checks"))
+	    if(--argc < 1)
+		goto bad;
+	    else
+		checks=atoi(*++argv);
+	else
+	    {
+	    BIO_printf(bio_err,"Unknown option '%s'\n",*argv);
+	    goto bad;
+	    }
+	--argc;
+	++argv;
+	}
+
+    if (argv[0] == NULL && !generate)
+	{
+	BIO_printf(bio_err,"No prime specified\n");
+	goto bad;
+	}
+
+    if ((bio_out=BIO_new(BIO_s_file())) != NULL)
+	{
+	BIO_set_fp(bio_out,stdout,BIO_NOCLOSE);
+#ifdef OPENSSL_SYS_VMS
+	    {
+	    BIO *tmpbio = BIO_new(BIO_f_linebuffer());
+	    bio_out = BIO_push(tmpbio, bio_out);
+	    }
+#endif
+	}
+
+    if(generate)
+	{
+	char *s;
+
+	if(!bits)
+	    {
+	    BIO_printf(bio_err,"Specifiy the number of bits.\n");
+	    return 1;
+	    }
+	bn=BN_new();
+	BN_generate_prime_ex(bn,bits,safe,NULL,NULL,NULL);
+	s=hex ? BN_bn2hex(bn) : BN_bn2dec(bn);
+	BIO_printf(bio_out,"%s\n",s);
+	OPENSSL_free(s);
+	}
+    else
+	{
+	if(hex)
+	    BN_hex2bn(&bn,argv[0]);
+	else
+	    BN_dec2bn(&bn,argv[0]);
+
+	BN_print(bio_out,bn);
+	BIO_printf(bio_out," is %sprime\n",
+		   BN_is_prime_ex(bn,checks,NULL,NULL) ? "" : "not ");
+	}
+
+    BN_free(bn);
+    BIO_free_all(bio_out);
+
+    return 0;
+
+    bad:
+    BIO_printf(bio_err,"options are\n");
+    BIO_printf(bio_err,"%-14s hex\n","-hex");
+    BIO_printf(bio_err,"%-14s number of checks\n","-checks <n>");
+    return 1;
+    }
diff --git a/apps/privkey.pem b/apps/privkey.pem
index 0af46474a7..02f34981ec 100644
--- a/apps/privkey.pem
+++ b/apps/privkey.pem
@@ -1,18 +1,16 @@
------BEGIN RSA PRIVATE KEY-----
-Proc-Type: 4,ENCRYPTED
-DEK-Info: DES-EDE3-CBC,BA26229A1653B7FF
-
-6nhWG8PKhTPO/s3ZvjUa6226NlKdvPDZFsNXOOoSUs9ejxpb/aj5huhs6qRYzsz9
-Year47uaAZYhGD0vAagnNiBnYmjWEpN9G/wQxG7pgZThK1ZxDi63qn8aQ8UjuGHo
-F6RpnnBQIAnWTWqr/Qsybtc5EoNkrj/Cpx0OfbSr6gZsFBCxwX1R1hT3/mhJ45f3
-XMofY32Vdfx9/vtw1O7HmlHXQnXaqnbd9/nn1EpvFJG9+UjPoW7gV4jCOLuR4deE
-jS8hm+cpkwXmFtk3VGjT9tQXPpMv3JpYfBqgGQoMAJ5Toq0DWcHi6Wg08PsD8lgy
-vmTioPsRg+JGkJkJ8GnusgLpQdlQJbjzd7wGE6ElUFLfOxLo8bLlRHoriHNdWYhh
-JjY0LyeTkovcmWxVjImc6ZyBz5Ly4t0BYf1gq3OkjsV91Q1taBxnhiavfizqMCAf
-PPB3sLQnlXG77TOXkNxpqbZfEYrVZW2Nsqqdn8s07Uj4IMONZyq2odYKWFPMJBiM
-POYwXjMAOcmFMTHYsVlhcUJuV6LOuipw/FEbTtPH/MYMxLe4zx65dYo1rb4iLKLS
-gMtB0o/Wl4Xno3ZXh1ucicYnV2J7NpVcjVq+3SFiCRu2SrSkZHZ23EPS13Ec6fcz
-8X/YGA2vTJ8MAOozAzQUwHQYvLk7bIoQVekqDq4p0AZQbhdspHpArCk0Ifqqzg/v
-Uyky/zZiQYanzDenTSRVI/8wac3olxpU8QvbySxYqmbkgq6bTpXJfYFQfnAttEsC
-dA4S5UFgyOPZluxCAM4yaJF3Ft6neutNwftuJQMbgCUi9vYg2tGdSw==
------END RSA PRIVATE KEY-----
+-----BEGIN PRIVATE KEY-----
+MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAMo7DFNMqywUA1O/
+qvWqCOm6rGrUAcR+dKsSXw6y2qiKO7APDDyotc0b4Mxwqjga98npex2RBIwUoCGJ
+iEmMXo/a8RbXVUZ+ZwcAX7PC+XeXVC5qoajaBBkd2MvYmib/2PqnNrgvhHsUL5dO
+xhC7cRqxLM/g45k3Yyw+nGa+WkTdAgMBAAECgYBMBT5w4dVG0I8foGFnz+9hzWab
+Ee9IKjE5TcKmB93ilXQyjrWO5+zPmbc7ou6aAKk9IaPCTY1kCyzW7pho7Xdt+RFq
+TgVXGZZfqtixO7f2/5oqZAkd00eOn9ZrhBpVMu4yXbbDvhDyFe4/oy0HGDjRUhxa
+Lf6ZlBuTherxm4eFkQJBAPBQwRs9UtqaMAQlagA9pV5UsQjV1WT4IxDURMPfXgCd
+ETNkB6pP0SmxQm5xhv9N2HY1UtoWpug9s0OU5IJB15sCQQDXbfbjiujNbuOxCFNw
+68JZaCFVdNovyOWORkpenQLNEjVkmTCS9OayK09ADEYtsdpUGKeF+2EYBNkFr5px
+CajnAkBMYI4PNz1HBuwt1SpMa0tMoMQnV7bbwVV7usskKbC5pzHZUHhzM6z5gEHp
+0iEisT4Ty7zKXZqsgzefSgoaMAzzAkEAoCIaUhtwXzwdPfvNYnOs3J6doJMimECB
++lbfcyLM8TimvadtRt+KGEg/OYGmLNM2UiqdY+duzdbUpvhYGcwvYwJAQvaoi9z2
+CkiwSs/PFrLaNlfLJmXRsUBzmiWYoh6+IQJJorEXz7ewI72ee9RBO4s746cgUFwH
+Ri+qO+HhZFUBqQ==
+-----END PRIVATE KEY-----
diff --git a/apps/progs.h b/apps/progs.h
index 131a721a39..79e479a337 100644
--- a/apps/progs.h
+++ b/apps/progs.h
@@ -22,35 +22,44 @@ extern int ecparam_main(int argc,char *argv[]);
 extern int x509_main(int argc,char *argv[]);
 extern int genrsa_main(int argc,char *argv[]);
 extern int gendsa_main(int argc,char *argv[]);
+extern int genpkey_main(int argc,char *argv[]);
 extern int s_server_main(int argc,char *argv[]);
 extern int s_client_main(int argc,char *argv[]);
 extern int speed_main(int argc,char *argv[]);
 extern int s_time_main(int argc,char *argv[]);
 extern int version_main(int argc,char *argv[]);
 extern int pkcs7_main(int argc,char *argv[]);
+extern int cms_main(int argc,char *argv[]);
 extern int crl2pkcs7_main(int argc,char *argv[]);
 extern int sess_id_main(int argc,char *argv[]);
 extern int ciphers_main(int argc,char *argv[]);
 extern int nseq_main(int argc,char *argv[]);
 extern int pkcs12_main(int argc,char *argv[]);
 extern int pkcs8_main(int argc,char *argv[]);
+extern int pkey_main(int argc,char *argv[]);
+extern int pkeyparam_main(int argc,char *argv[]);
+extern int pkeyutl_main(int argc,char *argv[]);
 extern int spkac_main(int argc,char *argv[]);
 extern int smime_main(int argc,char *argv[]);
 extern int rand_main(int argc,char *argv[]);
-#ifndef OPENSSL_NO_ENGINE
 extern int engine_main(int argc,char *argv[]);
-#endif
 extern int ocsp_main(int argc,char *argv[]);
+extern int prime_main(int argc,char *argv[]);
+extern int ts_main(int argc,char *argv[]);
 
 #define FUNC_TYPE_GENERAL	1
 #define FUNC_TYPE_MD		2
 #define FUNC_TYPE_CIPHER	3
+#define FUNC_TYPE_PKEY		4
+#define FUNC_TYPE_MD_ALG	5
+#define FUNC_TYPE_CIPHER_ALG	6
 
 typedef struct {
 	int type;
-	char *name;
-	int (*func)();
+	const char *name;
+	int (*func)(int argc,char *argv[]);
 	} FUNCTION;
+DECLARE_LHASH_OF(FUNCTION);
 
 FUNCTION functions[] = {
 	{FUNC_TYPE_GENERAL,"verify",verify_main},
@@ -96,6 +105,7 @@ FUNCTION functions[] = {
 #ifndef OPENSSL_NO_DSA
 	{FUNC_TYPE_GENERAL,"gendsa",gendsa_main},
 #endif
+	{FUNC_TYPE_GENERAL,"genpkey",genpkey_main},
 #if !defined(OPENSSL_NO_SOCK) && !(defined(OPENSSL_NO_SSL2) && defined(OPENSSL_NO_SSL3))
 	{FUNC_TYPE_GENERAL,"s_server",s_server_main},
 #endif
@@ -110,6 +120,9 @@ FUNCTION functions[] = {
 #endif
 	{FUNC_TYPE_GENERAL,"version",version_main},
 	{FUNC_TYPE_GENERAL,"pkcs7",pkcs7_main},
+#ifndef OPENSSL_NO_CMS
+	{FUNC_TYPE_GENERAL,"cms",cms_main},
+#endif
 	{FUNC_TYPE_GENERAL,"crl2pkcs7",crl2pkcs7_main},
 	{FUNC_TYPE_GENERAL,"sess_id",sess_id_main},
 #if !defined(OPENSSL_NO_SOCK) && !(defined(OPENSSL_NO_SSL2) && defined(OPENSSL_NO_SSL3))
@@ -120,13 +133,20 @@ FUNCTION functions[] = {
 	{FUNC_TYPE_GENERAL,"pkcs12",pkcs12_main},
 #endif
 	{FUNC_TYPE_GENERAL,"pkcs8",pkcs8_main},
+	{FUNC_TYPE_GENERAL,"pkey",pkey_main},
+	{FUNC_TYPE_GENERAL,"pkeyparam",pkeyparam_main},
+	{FUNC_TYPE_GENERAL,"pkeyutl",pkeyutl_main},
 	{FUNC_TYPE_GENERAL,"spkac",spkac_main},
 	{FUNC_TYPE_GENERAL,"smime",smime_main},
 	{FUNC_TYPE_GENERAL,"rand",rand_main},
 #ifndef OPENSSL_NO_ENGINE
 	{FUNC_TYPE_GENERAL,"engine",engine_main},
 #endif
+#ifndef OPENSSL_NO_OCSP
 	{FUNC_TYPE_GENERAL,"ocsp",ocsp_main},
+#endif
+	{FUNC_TYPE_GENERAL,"prime",prime_main},
+	{FUNC_TYPE_GENERAL,"ts",ts_main},
 #ifndef OPENSSL_NO_MD2
 	{FUNC_TYPE_MD,"md2",dgst_main},
 #endif
@@ -166,7 +186,28 @@ FUNCTION functions[] = {
 #ifndef OPENSSL_NO_AES
 	{FUNC_TYPE_CIPHER,"aes-256-ecb",enc_main},
 #endif
+#ifndef OPENSSL_NO_CAMELLIA
+	{FUNC_TYPE_CIPHER,"camellia-128-cbc",enc_main},
+#endif
+#ifndef OPENSSL_NO_CAMELLIA
+	{FUNC_TYPE_CIPHER,"camellia-128-ecb",enc_main},
+#endif
+#ifndef OPENSSL_NO_CAMELLIA
+	{FUNC_TYPE_CIPHER,"camellia-192-cbc",enc_main},
+#endif
+#ifndef OPENSSL_NO_CAMELLIA
+	{FUNC_TYPE_CIPHER,"camellia-192-ecb",enc_main},
+#endif
+#ifndef OPENSSL_NO_CAMELLIA
+	{FUNC_TYPE_CIPHER,"camellia-256-cbc",enc_main},
+#endif
+#ifndef OPENSSL_NO_CAMELLIA
+	{FUNC_TYPE_CIPHER,"camellia-256-ecb",enc_main},
+#endif
 	{FUNC_TYPE_CIPHER,"base64",enc_main},
+#ifdef ZLIB
+	{FUNC_TYPE_CIPHER,"zlib",enc_main},
+#endif
 #ifndef OPENSSL_NO_DES
 	{FUNC_TYPE_CIPHER,"des",enc_main},
 #endif
@@ -179,6 +220,9 @@ FUNCTION functions[] = {
 #ifndef OPENSSL_NO_IDEA
 	{FUNC_TYPE_CIPHER,"idea",enc_main},
 #endif
+#ifndef OPENSSL_NO_SEED
+	{FUNC_TYPE_CIPHER,"seed",enc_main},
+#endif
 #ifndef OPENSSL_NO_RC4
 	{FUNC_TYPE_CIPHER,"rc4",enc_main},
 #endif
@@ -245,6 +289,18 @@ FUNCTION functions[] = {
 #ifndef OPENSSL_NO_IDEA
 	{FUNC_TYPE_CIPHER,"idea-ofb",enc_main},
 #endif
+#ifndef OPENSSL_NO_SEED
+	{FUNC_TYPE_CIPHER,"seed-cbc",enc_main},
+#endif
+#ifndef OPENSSL_NO_SEED
+	{FUNC_TYPE_CIPHER,"seed-ecb",enc_main},
+#endif
+#ifndef OPENSSL_NO_SEED
+	{FUNC_TYPE_CIPHER,"seed-cfb",enc_main},
+#endif
+#ifndef OPENSSL_NO_SEED
+	{FUNC_TYPE_CIPHER,"seed-ofb",enc_main},
+#endif
 #ifndef OPENSSL_NO_RC2
 	{FUNC_TYPE_CIPHER,"rc2-cbc",enc_main},
 #endif
diff --git a/apps/progs.pl b/apps/progs.pl
index c94f49bbf0..de6fdeabbd 100644
--- a/apps/progs.pl
+++ b/apps/progs.pl
@@ -13,12 +13,16 @@ print <<'EOF';
 #define FUNC_TYPE_GENERAL	1
 #define FUNC_TYPE_MD		2
 #define FUNC_TYPE_CIPHER	3
+#define FUNC_TYPE_PKEY		4
+#define FUNC_TYPE_MD_ALG	5
+#define FUNC_TYPE_CIPHER_ALG	6
 
 typedef struct {
 	int type;
-	char *name;
-	int (*func)();
+	const char *name;
+	int (*func)(int argc,char *argv[]);
 	} FUNCTION;
+DECLARE_LHASH_OF(FUNCTION);
 
 FUNCTION functions[] = {
 EOF
@@ -29,6 +33,10 @@ foreach (@ARGV)
 	$str="\t{FUNC_TYPE_GENERAL,\"$_\",${_}_main},\n";
 	if (($_ =~ /^s_/) || ($_ =~ /^ciphers$/))
 		{ print "#if !defined(OPENSSL_NO_SOCK) && !(defined(OPENSSL_NO_SSL2) && defined(OPENSSL_NO_SSL3))\n${str}#endif\n"; } 
+	elsif ( ($_ =~ /^speed$/))
+		{ print "#ifndef OPENSSL_NO_SPEED\n${str}#endif\n"; }
+	elsif ( ($_ =~ /^engine$/))
+		{ print "#ifndef OPENSSL_NO_ENGINE\n${str}#endif\n"; }
 	elsif ( ($_ =~ /^rsa$/) || ($_ =~ /^genrsa$/) || ($_ =~ /^rsautl$/)) 
 		{ print "#ifndef OPENSSL_NO_RSA\n${str}#endif\n";  }
 	elsif ( ($_ =~ /^dsa$/) || ($_ =~ /^gendsa$/) || ($_ =~ /^dsaparam$/))
@@ -39,6 +47,10 @@ foreach (@ARGV)
 		{ print "#ifndef OPENSSL_NO_DH\n${str}#endif\n"; }
 	elsif ( ($_ =~ /^pkcs12$/))
 		{ print "#if !defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_SHA1)\n${str}#endif\n"; }
+	elsif ( ($_ =~ /^cms$/))
+		{ print "#ifndef OPENSSL_NO_CMS\n${str}#endif\n"; }
+	elsif ( ($_ =~ /^ocsp$/))
+		{ print "#ifndef OPENSSL_NO_OCSP\n${str}#endif\n"; }
 	else
 		{ print $str; }
 	}
@@ -53,14 +65,18 @@ foreach (
 	"aes-128-cbc", "aes-128-ecb",
 	"aes-192-cbc", "aes-192-ecb",
 	"aes-256-cbc", "aes-256-ecb",
-	"base64",
-	"des", "des3", "desx", "idea", "rc4", "rc4-40",
+	"camellia-128-cbc", "camellia-128-ecb",
+	"camellia-192-cbc", "camellia-192-ecb",
+	"camellia-256-cbc", "camellia-256-ecb",
+	"base64", "zlib",
+	"des", "des3", "desx", "idea", "seed", "rc4", "rc4-40",
 	"rc2", "bf", "cast", "rc5",
 	"des-ecb", "des-ede",    "des-ede3",
 	"des-cbc", "des-ede-cbc","des-ede3-cbc",
 	"des-cfb", "des-ede-cfb","des-ede3-cfb",
 	"des-ofb", "des-ede-ofb","des-ede3-ofb",
-	"idea-cbc","idea-ecb",   "idea-cfb", "idea-ofb",
+	"idea-cbc","idea-ecb",    "idea-cfb", "idea-ofb",
+	"seed-cbc","seed-ecb",    "seed-cfb", "seed-ofb",
 	"rc2-cbc", "rc2-ecb", "rc2-cfb","rc2-ofb", "rc2-64-cbc", "rc2-40-cbc",
 	"bf-cbc",  "bf-ecb",     "bf-cfb",   "bf-ofb",
 	"cast5-cbc","cast5-ecb", "cast5-cfb","cast5-ofb",
@@ -71,12 +87,15 @@ foreach (
 	$t=sprintf("\t{FUNC_TYPE_CIPHER,\"%s\",enc_main},\n",$_);
 	if    ($_ =~ /des/)  { $t="#ifndef OPENSSL_NO_DES\n${t}#endif\n"; }
 	elsif ($_ =~ /aes/)  { $t="#ifndef OPENSSL_NO_AES\n${t}#endif\n"; }
+	elsif ($_ =~ /camellia/)  { $t="#ifndef OPENSSL_NO_CAMELLIA\n${t}#endif\n"; }
 	elsif ($_ =~ /idea/) { $t="#ifndef OPENSSL_NO_IDEA\n${t}#endif\n"; }
+	elsif ($_ =~ /seed/) { $t="#ifndef OPENSSL_NO_SEED\n${t}#endif\n"; }
 	elsif ($_ =~ /rc4/)  { $t="#ifndef OPENSSL_NO_RC4\n${t}#endif\n"; }
 	elsif ($_ =~ /rc2/)  { $t="#ifndef OPENSSL_NO_RC2\n${t}#endif\n"; }
 	elsif ($_ =~ /bf/)   { $t="#ifndef OPENSSL_NO_BF\n${t}#endif\n"; }
 	elsif ($_ =~ /cast/) { $t="#ifndef OPENSSL_NO_CAST\n${t}#endif\n"; }
 	elsif ($_ =~ /rc5/)  { $t="#ifndef OPENSSL_NO_RC5\n${t}#endif\n"; }
+	elsif ($_ =~ /zlib/)  { $t="#ifdef ZLIB\n${t}#endif\n"; }
 	print $t;
 	}
 
diff --git a/apps/rand.c b/apps/rand.c
index a893896033..44a1d46a03 100644
--- a/apps/rand.c
+++ b/apps/rand.c
@@ -68,7 +68,8 @@
 
 /* -out file         - write to file
  * -rand file:file   - PRNG seed files
- * -base64           - encode output
+ * -base64           - base64 encode output
+ * -hex              - hex encode output
  * num               - write 'num' bytes
  */
 
@@ -84,6 +85,7 @@ int MAIN(int argc, char **argv)
 	char *outfile = NULL;
 	char *inrand = NULL;
 	int base64 = 0;
+	int hex = 0;
 	BIO *out = NULL;
 	int num = -1;
 #ifndef OPENSSL_NO_ENGINE
@@ -133,6 +135,13 @@ int MAIN(int argc, char **argv)
 			else
 				badopt = 1;
 			}
+		else if (strcmp(argv[i], "-hex") == 0)
+			{
+			if (!hex)
+				hex = 1;
+			else
+				badopt = 1;
+			}
 		else if (isdigit((unsigned char)argv[i][0]))
 			{
 			if (num < 0)
@@ -148,6 +157,9 @@ int MAIN(int argc, char **argv)
 			badopt = 1;
 		}
 
+	if (hex && base64)
+		badopt = 1;
+
 	if (num < 0)
 		badopt = 1;
 	
@@ -160,7 +172,8 @@ int MAIN(int argc, char **argv)
 		BIO_printf(bio_err, "-engine e             - use engine e, possibly a hardware device.\n");
 #endif
 		BIO_printf(bio_err, "-rand file%cfile%c... - seed PRNG from files\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
-		BIO_printf(bio_err, "-base64               - encode output\n");
+		BIO_printf(bio_err, "-base64               - base64 encode output\n");
+		BIO_printf(bio_err, "-hex                  - hex encode output\n");
 		goto err;
 		}
 
@@ -210,10 +223,18 @@ int MAIN(int argc, char **argv)
 		r = RAND_bytes(buf, chunk);
 		if (r <= 0)
 			goto err;
-		BIO_write(out, buf, chunk);
+		if (!hex) 
+			BIO_write(out, buf, chunk);
+		else
+			{
+			for (i = 0; i < chunk; i++)
+				BIO_printf(out, "%02x", buf[i]);
+			}
 		num -= chunk;
 		}
-	BIO_flush(out);
+	if (hex)
+		BIO_puts(out, "\n");
+	(void)BIO_flush(out);
 
 	app_RAND_write_file(NULL, bio_err);
 	ret = 0;
diff --git a/apps/req.c b/apps/req.c
index d634268653..65cb19b4ee 100644
--- a/apps/req.c
+++ b/apps/req.c
@@ -79,7 +79,13 @@
 #include <openssl/x509v3.h>
 #include <openssl/objects.h>
 #include <openssl/pem.h>
-#include "../crypto/cryptlib.h"
+#include <openssl/bn.h>
+#ifndef OPENSSL_NO_RSA
+#include <openssl/rsa.h>
+#endif
+#ifndef OPENSSL_NO_DSA
+#include <openssl/dsa.h>
+#endif
 
 #define SECTION		"req"
 
@@ -130,44 +136,38 @@ static int prompt_info(X509_REQ *req,
 static int auto_info(X509_REQ *req, STACK_OF(CONF_VALUE) *sk,
 				STACK_OF(CONF_VALUE) *attr, int attribs,
 				unsigned long chtype);
-static int add_attribute_object(X509_REQ *req, char *text,
-				char *def, char *value, int nid, int n_min,
+static int add_attribute_object(X509_REQ *req, char *text, const char *def,
+				char *value, int nid, int n_min,
 				int n_max, unsigned long chtype);
-static int add_DN_object(X509_NAME *n, char *text, char *def, char *value,
+static int add_DN_object(X509_NAME *n, char *text, const char *def, char *value,
 	int nid,int n_min,int n_max, unsigned long chtype, int mval);
-#ifndef OPENSSL_NO_RSA
-static int MS_CALLBACK req_cb(int p, int n, BN_GENCB *cb);
-#endif
+static int genpkey_cb(EVP_PKEY_CTX *ctx);
 static int req_check_len(int len,int n_min,int n_max);
-static int check_end(char *str, char *end);
+static int check_end(const char *str, const char *end);
+static EVP_PKEY_CTX *set_keygen_ctx(BIO *err, const char *gstr, int *pkey_type,
+					long *pkeylen, char **palgnam,
+					ENGINE *keygen_engine);
 #ifndef MONOLITH
 static char *default_config_file=NULL;
 #endif
 static CONF *req_conf=NULL;
 static int batch=0;
 
-#define TYPE_RSA	1
-#define TYPE_DSA	2
-#define TYPE_DH		3
-#define TYPE_EC		4
-
 int MAIN(int, char **);
 
 int MAIN(int argc, char **argv)
 	{
-	ENGINE *e = NULL;
-#ifndef OPENSSL_NO_DSA
-	DSA *dsa_params=NULL;
-#endif
-#ifndef OPENSSL_NO_ECDSA
-	EC_KEY *ec_params = NULL;
-#endif
+	ENGINE *e = NULL, *gen_eng = NULL;
 	unsigned long nmflag = 0, reqflag = 0;
 	int ex=1,x509=0,days=30;
 	X509 *x509ss=NULL;
 	X509_REQ *req=NULL;
+	EVP_PKEY_CTX *genctx = NULL;
+	const char *keyalg = NULL;
+	char *keyalgstr = NULL;
+	STACK_OF(OPENSSL_STRING) *pkeyopts = NULL;
 	EVP_PKEY *pkey=NULL;
-	int i=0,badops=0,newreq=0,verbose=0,pkey_type=TYPE_RSA;
+	int i=0,badops=0,newreq=0,verbose=0,pkey_type=-1;
 	long newkey = -1;
 	BIO *in=NULL,*out=NULL;
 	int informat,outformat,verify=0,noout=0,text=0,keyform=FORMAT_PEM;
@@ -187,7 +187,7 @@ int MAIN(int argc, char **argv)
 	char *p;
 	char *subj = NULL;
 	int multirdn = 0;
-	const EVP_MD *md_alg=NULL,*digest=EVP_md5();
+	const EVP_MD *md_alg=NULL,*digest=NULL;
 	unsigned long chtype = MBSTRING_ASC;
 #ifndef MONOLITH
 	char *to_free;
@@ -230,6 +230,16 @@ int MAIN(int argc, char **argv)
 			if (--argc < 1) goto bad;
 			engine= *(++argv);
 			}
+		else if (strcmp(*argv,"-keygen_engine") == 0)
+			{
+			if (--argc < 1) goto bad;
+			gen_eng = ENGINE_by_id(*(++argv));
+			if (gen_eng == NULL)
+				{
+				BIO_printf(bio_err, "Can't find keygen engine %s\n", *argv);
+				goto end;
+				}
+			}
 #endif
 		else if (strcmp(*argv,"-key") == 0)
 			{
@@ -286,121 +296,20 @@ int MAIN(int argc, char **argv)
 			}
 		else if (strcmp(*argv,"-newkey") == 0)
 			{
-			int is_numeric;
-
-			if (--argc < 1) goto bad;
-			p= *(++argv);
-			is_numeric = p[0] >= '0' && p[0] <= '9';
-			if (strncmp("rsa:",p,4) == 0 || is_numeric)
-				{
-				pkey_type=TYPE_RSA;
-				if(!is_numeric)
-				    p+=4;
-				newkey= atoi(p);
-				}
-			else
-#ifndef OPENSSL_NO_DSA
-				if (strncmp("dsa:",p,4) == 0)
-				{
-				X509 *xtmp=NULL;
-				EVP_PKEY *dtmp;
-
-				pkey_type=TYPE_DSA;
-				p+=4;
-				if ((in=BIO_new_file(p,"r")) == NULL)
-					{
-					perror(p);
-					goto end;
-					}
-				if ((dsa_params=PEM_read_bio_DSAparams(in,NULL,NULL,NULL)) == NULL)
-					{
-					ERR_clear_error();
-					(void)BIO_reset(in);
-					if ((xtmp=PEM_read_bio_X509(in,NULL,NULL,NULL)) == NULL)
-						{
-						BIO_printf(bio_err,"unable to load DSA parameters from file\n");
-						goto end;
-						}
-
-					if ((dtmp=X509_get_pubkey(xtmp)) == NULL) goto end;
-					if (dtmp->type == EVP_PKEY_DSA)
-						dsa_params=DSAparams_dup(dtmp->pkey.dsa);
-					EVP_PKEY_free(dtmp);
-					X509_free(xtmp);
-					if (dsa_params == NULL)
-						{
-						BIO_printf(bio_err,"Certificate does not contain DSA parameters\n");
-						goto end;
-						}
-					}
-				BIO_free(in);
-				in=NULL;
-				newkey=BN_num_bits(dsa_params->p);
-				}
-			else 
-#endif
-#ifndef OPENSSL_NO_ECDSA
-				if (strncmp("ec:",p,3) == 0)
-				{
-				X509 *xtmp=NULL;
-				EVP_PKEY *dtmp;
-
-				pkey_type=TYPE_EC;
-				p+=3;
-				if ((in=BIO_new_file(p,"r")) == NULL)
-					{
-					perror(p);
-					goto end;
-					}
-				if ((ec_params = EC_KEY_new()) == NULL)
-					goto end;
-				if ((ec_params->group = PEM_read_bio_ECPKParameters(in, NULL, NULL, NULL)) == NULL)
-					{
-					if (ec_params)
-						EC_KEY_free(ec_params);
-					ERR_clear_error();
-					(void)BIO_reset(in);
-					if ((xtmp=PEM_read_bio_X509(in,NULL,NULL,NULL)) == NULL)
-						{	
-						BIO_printf(bio_err,"unable to load EC parameters from file\n");
-						goto end;
-						}
-
-					if ((dtmp=X509_get_pubkey(xtmp))==NULL)
-						goto end;
-					if (dtmp->type == EVP_PKEY_EC)
-						ec_params = ECParameters_dup(dtmp->pkey.eckey);
-					EVP_PKEY_free(dtmp);
-					X509_free(xtmp);
-					if (ec_params == NULL)
-						{
-						BIO_printf(bio_err,"Certificate does not contain EC parameters\n");
-						goto end;
-						}
-					}
-
-				BIO_free(in);
-				in=NULL;
-				
-				newkey = EC_GROUP_get_degree(ec_params->group);
-
-				}
-			else
-#endif
-#ifndef OPENSSL_NO_DH
-				if (strncmp("dh:",p,4) == 0)
-				{
-				pkey_type=TYPE_DH;
-				p+=3;
-				}
-			else
-#endif
-				{
+			if (--argc < 1)
 				goto bad;
-				}
-
+			keyalg = *(++argv);
 			newreq=1;
 			}
+		else if (strcmp(*argv,"-pkeyopt") == 0)
+			{
+			if (--argc < 1)
+				goto bad;
+			if (!pkeyopts)
+				pkeyopts = sk_OPENSSL_STRING_new_null();
+			if (!pkeyopts || !sk_OPENSSL_STRING_push(pkeyopts, *(++argv)))
+				goto bad;
+			}
 		else if (strcmp(*argv,"-batch") == 0)
 			batch=1;
 		else if (strcmp(*argv,"-newhdr") == 0)
@@ -456,11 +365,6 @@ int MAIN(int argc, char **argv)
 			serial = s2i_ASN1_INTEGER(NULL, *(++argv));
 			if (!serial) goto bad;
 			}
-		else if ((md_alg=EVP_get_digestbyname(&((*argv)[1]))) != NULL)
-			{
-			/* ok */
-			digest=md_alg;
-			}
 		else if (strcmp(*argv,"-extensions") == 0)
 			{
 			if (--argc < 1) goto bad;
@@ -471,6 +375,11 @@ int MAIN(int argc, char **argv)
 			if (--argc < 1) goto bad;
 			req_exts = *(++argv);
 			}
+		else if ((md_alg=EVP_get_digestbyname(&((*argv)[1]))) != NULL)
+			{
+			/* ok */
+			digest=md_alg;
+			}
 		else
 			{
 			BIO_printf(bio_err,"unknown option %s\n",*argv);
@@ -708,8 +617,7 @@ bad:
 			   message */
 			goto end;
 			}
-		if (EVP_PKEY_type(pkey->type) == EVP_PKEY_DSA || 
-			EVP_PKEY_type(pkey->type) == EVP_PKEY_EC)
+		else
 			{
 			char *randfile = NCONF_get_string(req_conf,SECTION,"RANDFILE");
 			if (randfile == NULL)
@@ -720,13 +628,20 @@ bad:
 
 	if (newreq && (pkey == NULL))
 		{
-		BN_GENCB cb;
 		char *randfile = NCONF_get_string(req_conf,SECTION,"RANDFILE");
 		if (randfile == NULL)
 			ERR_clear_error();
 		app_RAND_load_file(randfile, bio_err, 0);
 		if (inrand)
 			app_RAND_load_files(inrand);
+
+		if (keyalg)
+			{
+			genctx = set_keygen_ctx(bio_err, keyalg, &pkey_type, &newkey,
+							&keyalgstr, gen_eng);
+			if (!genctx)
+				goto end;
+			}
 	
 		if (newkey <= 0)
 			{
@@ -734,57 +649,54 @@ bad:
 				newkey=DEFAULT_KEY_LENGTH;
 			}
 
-		if (newkey < MIN_KEY_LENGTH && (pkey_type == TYPE_RSA || pkey_type == TYPE_DSA))
+		if (newkey < MIN_KEY_LENGTH && (pkey_type == EVP_PKEY_RSA || pkey_type == EVP_PKEY_DSA))
 			{
 			BIO_printf(bio_err,"private key length is too short,\n");
 			BIO_printf(bio_err,"it needs to be at least %d bits, not %ld\n",MIN_KEY_LENGTH,newkey);
 			goto end;
 			}
-		BIO_printf(bio_err,"Generating a %ld bit %s private key\n",
-			newkey,(pkey_type == TYPE_RSA)?"RSA":
-			(pkey_type == TYPE_DSA)?"DSA":"EC");
 
-		if ((pkey=EVP_PKEY_new()) == NULL) goto end;
-
-#ifndef OPENSSL_NO_RSA
-		BN_GENCB_set(&cb, req_cb, bio_err);
-		if (pkey_type == TYPE_RSA)
-			{
-			RSA *rsa = RSA_new();
-			BIGNUM *bn = BN_new();
-			if(!bn || !rsa || !BN_set_word(bn, 0x10001) ||
-					!RSA_generate_key_ex(rsa, newkey, bn, &cb) ||
-					!EVP_PKEY_assign_RSA(pkey, rsa))
-				{
-				if(bn) BN_free(bn);
-				if(rsa) RSA_free(rsa);
+		if (!genctx)
+			{
+			genctx = set_keygen_ctx(bio_err, NULL, &pkey_type, &newkey,
+							&keyalgstr, gen_eng);
+			if (!genctx)
 				goto end;
-				}
-			BN_free(bn);
 			}
-		else
-#endif
-#ifndef OPENSSL_NO_DSA
-			if (pkey_type == TYPE_DSA)
+
+		if (pkeyopts)
 			{
-			if (!DSA_generate_key(dsa_params)) goto end;
-			if (!EVP_PKEY_assign_DSA(pkey,dsa_params)) goto end;
-			dsa_params=NULL;
+			char *genopt;
+			for (i = 0; i < sk_OPENSSL_STRING_num(pkeyopts); i++)
+				{
+				genopt = sk_OPENSSL_STRING_value(pkeyopts, i);
+				if (pkey_ctrl_string(genctx, genopt) <= 0)
+					{
+					BIO_printf(bio_err,
+						"parameter error \"%s\"\n",
+						genopt);
+					ERR_print_errors(bio_err);
+					goto end;
+					}
+				}
 			}
-#endif
-#ifndef OPENSSL_NO_ECDSA
-			if (pkey_type == TYPE_EC)
+
+		BIO_printf(bio_err,"Generating a %ld bit %s private key\n",
+				newkey, keyalgstr);
+
+		EVP_PKEY_CTX_set_cb(genctx, genpkey_cb);
+		EVP_PKEY_CTX_set_app_data(genctx, bio_err);
+
+		if (EVP_PKEY_keygen(genctx, &pkey) <= 0)
 			{
-			if (!EC_KEY_generate_key(ec_params)) goto end;
-			if (!EVP_PKEY_assign_EC_KEY(pkey, ec_params)) 
-				goto end;
-			ec_params = NULL;
+			BIO_puts(bio_err, "Error Generating Key\n");
+			goto end;
 			}
-#endif
 
-		app_RAND_write_file(randfile, bio_err);
+		EVP_PKEY_CTX_free(genctx);
+		genctx = NULL;
 
-		if (pkey == NULL) goto end;
+		app_RAND_write_file(randfile, bio_err);
 
 		if (keyout == NULL)
 			{
@@ -883,14 +795,7 @@ loop:
 			BIO_printf(bio_err,"you need to specify a private key\n");
 			goto end;
 			}
-#ifndef OPENSSL_NO_DSA
-		if (pkey->type == EVP_PKEY_DSA)
-			digest=EVP_dss1();
-#endif
-#ifndef OPENSSL_NO_ECDSA
-		if (pkey->type == EVP_PKEY_EC)
-			digest=EVP_ecdsa();
-#endif
+
 		if (req == NULL)
 			{
 			req=X509_REQ_new();
@@ -933,7 +838,7 @@ loop:
 
 			if (!X509_set_issuer_name(x509ss, X509_REQ_get_subject_name(req))) goto end;
 			if (!X509_gmtime_adj(X509_get_notBefore(x509ss),0)) goto end;
-			if (!X509_gmtime_adj(X509_get_notAfter(x509ss), (long)60*60*24*days)) goto end;
+			if (!X509_time_adj_ex(X509_get_notAfter(x509ss), days, 0, NULL)) goto end;
 			if (!X509_set_subject_name(x509ss, X509_REQ_get_subject_name(req))) goto end;
 			tmppkey = X509_REQ_get_pubkey(req);
 			if (!tmppkey || !X509_set_pubkey(x509ss,tmppkey)) goto end;
@@ -955,7 +860,10 @@ loop:
 				}
 			
 			if (!(i=X509_sign(x509ss,pkey,digest)))
+				{
+				ERR_print_errors(bio_err);
 				goto end;
+				}
 			}
 		else
 			{
@@ -976,7 +884,10 @@ loop:
 				goto end;
 				}
 			if (!(i=X509_REQ_sign(req,pkey,digest)))
+				{
+				ERR_print_errors(bio_err);
 				goto end;
+				}
 			}
 		}
 
@@ -1113,7 +1024,7 @@ loop:
 			}
 		fprintf(stdout,"Modulus=");
 #ifndef OPENSSL_NO_RSA
-		if (tpubkey->type == EVP_PKEY_RSA)
+		if (EVP_PKEY_base_id(tpubkey) == EVP_PKEY_RSA)
 			BN_print(out,tpubkey->pkey.rsa->n);
 		else
 #endif
@@ -1169,18 +1080,22 @@ end:
 	BIO_free(in);
 	BIO_free_all(out);
 	EVP_PKEY_free(pkey);
+	if (genctx)
+		EVP_PKEY_CTX_free(genctx);
+	if (pkeyopts)
+		sk_OPENSSL_STRING_free(pkeyopts);
+#ifndef OPENSSL_NO_ENGINE
+	if (gen_eng)
+		ENGINE_free(gen_eng);
+#endif
+	if (keyalgstr)
+		OPENSSL_free(keyalgstr);
 	X509_REQ_free(req);
 	X509_free(x509ss);
 	ASN1_INTEGER_free(serial);
 	if(passargin && passin) OPENSSL_free(passin);
 	if(passargout && passout) OPENSSL_free(passout);
 	OBJ_cleanup();
-#ifndef OPENSSL_NO_DSA
-	if (dsa_params != NULL) DSA_free(dsa_params);
-#endif
-#ifndef OPENSSL_NO_ECDSA
-	if (ec_params != NULL) EC_KEY_free(ec_params);
-#endif
 	apps_shutdown();
 	OPENSSL_EXIT(ex);
 	}
@@ -1280,7 +1195,8 @@ static int prompt_info(X509_REQ *req,
 	char buf[100];
 	int nid, mval;
 	long n_min,n_max;
-	char *type,*def,*value;
+	char *type, *value;
+	const char *def;
 	CONF_VALUE *v;
 	X509_NAME *subj;
 	subj = X509_REQ_get_subject_name(req);
@@ -1506,7 +1422,7 @@ static int auto_info(X509_REQ *req, STACK_OF(CONF_VALUE) *dn_sk,
 	}
 
 
-static int add_DN_object(X509_NAME *n, char *text, char *def, char *value,
+static int add_DN_object(X509_NAME *n, char *text, const char *def, char *value,
 	     int nid, int n_min, int n_max, unsigned long chtype, int mval)
 	{
 	int i,ret=0;
@@ -1525,7 +1441,8 @@ start:
 		buf[0]='\0';
 		if (!batch)
 			{
-			fgets(buf,sizeof buf,stdin);
+			if (!fgets(buf,sizeof buf,stdin))
+				return 0;
 			}
 		else
 			{
@@ -1562,8 +1479,8 @@ err:
 	return(ret);
 	}
 
-static int add_attribute_object(X509_REQ *req, char *text,
-				char *def, char *value, int nid, int n_min,
+static int add_attribute_object(X509_REQ *req, char *text, const char *def,
+				char *value, int nid, int n_min,
 				int n_max, unsigned long chtype)
 	{
 	int i;
@@ -1583,7 +1500,8 @@ start:
 		buf[0]='\0';
 		if (!batch)
 			{
-			fgets(buf,sizeof buf,stdin);
+			if (!fgets(buf,sizeof buf,stdin))
+				return 0;
 			}
 		else
 			{
@@ -1626,24 +1544,6 @@ err:
 	return(0);
 	}
 
-#ifndef OPENSSL_NO_RSA
-static int MS_CALLBACK req_cb(int p, int n, BN_GENCB *cb)
-	{
-	char c='*';
-
-	if (p == 0) c='.';
-	if (p == 1) c='+';
-	if (p == 2) c='*';
-	if (p == 3) c='\n';
-	BIO_write(cb->arg,&c,1);
-	(void)BIO_flush(cb->arg);
-#ifdef LINT
-	p=n;
-#endif
-	return 1;
-	}
-#endif
-
 static int req_check_len(int len, int n_min, int n_max)
 	{
 	if ((n_min > 0) && (len < n_min))
@@ -1660,13 +1560,193 @@ static int req_check_len(int len, int n_min, int n_max)
 	}
 
 /* Check if the end of a string matches 'end' */
-static int check_end(char *str, char *end)
+static int check_end(const char *str, const char *end)
 {
 	int elen, slen;	
-	char *tmp;
+	const char *tmp;
 	elen = strlen(end);
 	slen = strlen(str);
 	if(elen > slen) return 1;
 	tmp = str + slen - elen;
 	return strcmp(tmp, end);
 }
+
+static EVP_PKEY_CTX *set_keygen_ctx(BIO *err, const char *gstr, int *pkey_type,
+					long *pkeylen, char **palgnam,
+					ENGINE *keygen_engine)
+	{
+	EVP_PKEY_CTX *gctx = NULL;
+	EVP_PKEY *param = NULL;
+	long keylen = -1;
+	BIO *pbio = NULL;
+	const char *paramfile = NULL;
+
+	if (gstr == NULL)
+		{
+		*pkey_type = EVP_PKEY_RSA;
+		keylen = *pkeylen;
+		}
+	else if (gstr[0] >= '0' && gstr[0] <= '9')
+		{
+		*pkey_type = EVP_PKEY_RSA;
+		keylen = atol(gstr);
+		*pkeylen = keylen;
+		}
+	else if (!strncmp(gstr, "param:", 6))
+		paramfile = gstr + 6;
+	else
+		{
+		const char *p = strchr(gstr, ':');
+		int len;
+		ENGINE *tmpeng;
+		const EVP_PKEY_ASN1_METHOD *ameth;
+
+		if (p)
+			len = p - gstr;
+		else
+			len = strlen(gstr);
+		/* The lookup of a the string will cover all engines so
+		 * keep a note of the implementation.
+		 */
+
+		ameth = EVP_PKEY_asn1_find_str(&tmpeng, gstr, len);
+
+		if (!ameth)
+			{
+			BIO_printf(err, "Unknown algorithm %.*s\n", len, gstr);
+			return NULL;
+			}
+
+		EVP_PKEY_asn1_get0_info(NULL, pkey_type, NULL, NULL, NULL,
+									ameth);
+#ifndef OPENSSL_NO_ENGINE
+		if (tmpeng)
+			ENGINE_finish(tmpeng);
+#endif
+		if (*pkey_type == EVP_PKEY_RSA)
+			{
+			if (p)
+				{
+				keylen = atol(p + 1);
+				*pkeylen = keylen;
+				}
+			}
+		else if (p)
+			paramfile = p + 1;
+		}
+
+	if (paramfile)
+		{
+		pbio = BIO_new_file(paramfile, "r");
+		if (!pbio)
+			{
+			BIO_printf(err, "Can't open parameter file %s\n",
+					paramfile);
+			return NULL;
+			}
+		param = PEM_read_bio_Parameters(pbio, NULL);
+
+		if (!param)
+			{
+			X509 *x;
+			(void)BIO_reset(pbio);
+			x = PEM_read_bio_X509(pbio, NULL, NULL, NULL);
+			if (x)
+				{
+				param = X509_get_pubkey(x);
+				X509_free(x);
+				}
+			}
+
+		BIO_free(pbio);
+
+		if (!param)
+			{
+			BIO_printf(err, "Error reading parameter file %s\n",
+					paramfile);
+			return NULL;
+			}
+		if (*pkey_type == -1)
+			*pkey_type = EVP_PKEY_id(param);
+		else if (*pkey_type != EVP_PKEY_base_id(param))
+			{
+			BIO_printf(err, "Key Type does not match parameters\n");
+			EVP_PKEY_free(param);
+			return NULL;
+			}
+		}
+
+	if (palgnam)
+		{
+		const EVP_PKEY_ASN1_METHOD *ameth;
+		ENGINE *tmpeng;
+		const char *anam;
+		ameth = EVP_PKEY_asn1_find(&tmpeng, *pkey_type);
+		if (!ameth)
+			{
+			BIO_puts(err, "Internal error: can't find key algorithm\n");
+			return NULL;
+			}
+		EVP_PKEY_asn1_get0_info(NULL, NULL, NULL, NULL, &anam, ameth);
+		*palgnam = BUF_strdup(anam);
+#ifndef OPENSSL_NO_ENGINE
+		if (tmpeng)
+			ENGINE_finish(tmpeng);
+#endif
+		}
+
+	if (param)
+		{
+		gctx = EVP_PKEY_CTX_new(param, keygen_engine);
+		*pkeylen = EVP_PKEY_bits(param);
+		EVP_PKEY_free(param);
+		}
+	else
+		gctx = EVP_PKEY_CTX_new_id(*pkey_type, keygen_engine);
+
+	if (!gctx)
+		{
+		BIO_puts(err, "Error allocating keygen context\n");
+		ERR_print_errors(err);
+		return NULL;
+		}
+
+	if (EVP_PKEY_keygen_init(gctx) <= 0)
+		{
+		BIO_puts(err, "Error initializing keygen context\n");
+		ERR_print_errors(err);
+		return NULL;
+		}
+#ifndef OPENSSL_NO_RSA
+	if ((*pkey_type == EVP_PKEY_RSA) && (keylen != -1))
+		{
+		if (EVP_PKEY_CTX_set_rsa_keygen_bits(gctx, keylen) <= 0)
+			{
+			BIO_puts(err, "Error setting RSA keysize\n");
+			ERR_print_errors(err);
+			EVP_PKEY_CTX_free(gctx);
+			return NULL;
+			}
+		}
+#endif
+
+	return gctx;
+	}
+
+static int genpkey_cb(EVP_PKEY_CTX *ctx)
+	{
+	char c='*';
+	BIO *b = EVP_PKEY_CTX_get_app_data(ctx);
+	int p;
+	p = EVP_PKEY_CTX_get_keygen_info(ctx, 0);
+	if (p == 0) c='.';
+	if (p == 1) c='+';
+	if (p == 2) c='*';
+	if (p == 3) c='\n';
+	BIO_write(b,&c,1);
+	(void)BIO_flush(b);
+#ifdef LINT
+	p=n;
+#endif
+	return 1;
+	}
diff --git a/apps/rsa.c b/apps/rsa.c
index afbe0b4eb0..b3c8aff7e3 100644
--- a/apps/rsa.c
+++ b/apps/rsa.c
@@ -56,6 +56,7 @@
  * [including the GNU Public Licence.]
  */
 
+#include <openssl/opensslconf.h>
 #ifndef OPENSSL_NO_RSA
 #include <stdio.h>
 #include <stdlib.h>
@@ -80,9 +81,13 @@
  * -des		- encrypt output if PEM format with DES in cbc mode
  * -des3	- encrypt output if PEM format
  * -idea	- encrypt output if PEM format
+ * -seed	- encrypt output if PEM format
  * -aes128	- encrypt output if PEM format
  * -aes192	- encrypt output if PEM format
  * -aes256	- encrypt output if PEM format
+ * -camellia128 - encrypt output if PEM format
+ * -camellia192 - encrypt output if PEM format
+ * -camellia256 - encrypt output if PEM format
  * -text	- print a text version
  * -modulus	- print the RSA key modulus
  * -check	- verify key consistency
@@ -110,6 +115,8 @@ int MAIN(int argc, char **argv)
 #endif
 	int modulus=0;
 
+	int pvk_encr = 2;
+
 	apps_startup();
 
 	if (bio_err == NULL)
@@ -172,6 +179,16 @@ int MAIN(int argc, char **argv)
 			pubin=1;
 		else if (strcmp(*argv,"-pubout") == 0)
 			pubout=1;
+		else if (strcmp(*argv,"-RSAPublicKey_in") == 0)
+			pubin = 2;
+		else if (strcmp(*argv,"-RSAPublicKey_out") == 0)
+			pubout = 2;
+		else if (strcmp(*argv,"-pvk-strong") == 0)
+			pvk_encr=2;
+		else if (strcmp(*argv,"-pvk-weak") == 0)
+			pvk_encr=1;
+		else if (strcmp(*argv,"-pvk-none") == 0)
+			pvk_encr=0;
 		else if (strcmp(*argv,"-noout") == 0)
 			noout=1;
 		else if (strcmp(*argv,"-text") == 0)
@@ -207,10 +224,17 @@ bad:
 #ifndef OPENSSL_NO_IDEA
 		BIO_printf(bio_err," -idea           encrypt PEM output with cbc idea\n");
 #endif
+#ifndef OPENSSL_NO_SEED
+		BIO_printf(bio_err," -seed           encrypt PEM output with cbc seed\n");
+#endif
 #ifndef OPENSSL_NO_AES
 		BIO_printf(bio_err," -aes128, -aes192, -aes256\n");
 		BIO_printf(bio_err,"                 encrypt PEM output with cbc aes\n");
 #endif
+#ifndef OPENSSL_NO_CAMELLIA
+		BIO_printf(bio_err," -camellia128, -camellia192, -camellia256\n");
+		BIO_printf(bio_err,"                 encrypt PEM output with cbc camellia\n");
+#endif
 		BIO_printf(bio_err," -text           print the key in text\n");
 		BIO_printf(bio_err," -noout          don't print key out\n");
 		BIO_printf(bio_err," -modulus        print the RSA key modulus\n");
@@ -245,10 +269,23 @@ bad:
 		EVP_PKEY	*pkey;
 
 		if (pubin)
-			pkey = load_pubkey(bio_err, infile,
-				(informat == FORMAT_NETSCAPE && sgckey ?
-					FORMAT_IISSGC : informat), 1,
+			{
+			int tmpformat=-1;
+			if (pubin == 2)
+				{
+				if (informat == FORMAT_PEM)
+					tmpformat = FORMAT_PEMRSA;
+				else if (informat == FORMAT_ASN1)
+					tmpformat = FORMAT_ASN1RSA;
+				}
+			else if (informat == FORMAT_NETSCAPE && sgckey)
+				tmpformat = FORMAT_IISSGC;
+			else
+				tmpformat = informat;
+					
+			pkey = load_pubkey(bio_err, infile, tmpformat, 1,
 				passin, e, "Public Key");
+			}
 		else
 			pkey = load_key(bio_err, infile,
 				(informat == FORMAT_NETSCAPE && sgckey ?
@@ -256,7 +293,7 @@ bad:
 				passin, e, "Private Key");
 
 		if (pkey != NULL)
-		rsa = pkey == NULL ? NULL : EVP_PKEY_get1_RSA(pkey);
+			rsa = EVP_PKEY_get1_RSA(pkey);
 		EVP_PKEY_free(pkey);
 	}
 
@@ -308,7 +345,7 @@ bad:
 			BIO_printf(out,"RSA key ok\n");
 		else if (r == 0)
 			{
-			long err;
+			unsigned long err;
 
 			while ((err = ERR_peek_error()) != 0 &&
 				ERR_GET_LIB(err) == ERR_LIB_RSA &&
@@ -334,7 +371,13 @@ bad:
 		}
 	BIO_printf(bio_err,"writing RSA key\n");
 	if 	(outformat == FORMAT_ASN1) {
-		if(pubout || pubin) i=i2d_RSA_PUBKEY_bio(out,rsa);
+		if(pubout || pubin) 
+			{
+			if (pubout == 2)
+				i=i2d_RSAPublicKey_bio(out,rsa);
+			else
+				i=i2d_RSA_PUBKEY_bio(out,rsa);
+			}
 		else i=i2d_RSAPrivateKey_bio(out,rsa);
 	}
 #ifndef OPENSSL_NO_RC4
@@ -358,14 +401,32 @@ bad:
 #endif
 	else if (outformat == FORMAT_PEM) {
 		if(pubout || pubin)
-		    i=PEM_write_bio_RSA_PUBKEY(out,rsa);
+			{
+			if (pubout == 2)
+		    		i=PEM_write_bio_RSAPublicKey(out,rsa);
+			else
+		    		i=PEM_write_bio_RSA_PUBKEY(out,rsa);
+			}
 		else i=PEM_write_bio_RSAPrivateKey(out,rsa,
 						enc,NULL,0,NULL,passout);
+#ifndef OPENSSL_NO_DSA
+	} else if (outformat == FORMAT_MSBLOB || outformat == FORMAT_PVK) {
+		EVP_PKEY *pk;
+		pk = EVP_PKEY_new();
+		EVP_PKEY_set1_RSA(pk, rsa);
+		if (outformat == FORMAT_PVK)
+			i = i2b_PVK_bio(out, pk, pvk_encr, 0, passout);
+		else if (pubin || pubout)
+			i = i2b_PublicKey_bio(out, pk);
+		else
+			i = i2b_PrivateKey_bio(out, pk);
+		EVP_PKEY_free(pk);
+#endif
 	} else	{
 		BIO_printf(bio_err,"bad output format specified for outfile\n");
 		goto end;
 		}
-	if (!i)
+	if (i <= 0)
 		{
 		BIO_printf(bio_err,"unable to write key\n");
 		ERR_print_errors(bio_err);
diff --git a/apps/rsautl.c b/apps/rsautl.c
index 596199010a..b01f004eb3 100644
--- a/apps/rsautl.c
+++ b/apps/rsautl.c
@@ -1,5 +1,5 @@
 /* rsautl.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2000.
  */
 /* ====================================================================
@@ -56,6 +56,7 @@
  *
  */
 
+#include <openssl/opensslconf.h>
 #ifndef OPENSSL_NO_RSA
 
 #include "apps.h"
@@ -118,24 +119,36 @@ int MAIN(int argc, char **argv)
 	while(argc >= 1)
 	{
 		if (!strcmp(*argv,"-in")) {
-			if (--argc < 1) badarg = 1;
-                        infile= *(++argv);
+			if (--argc < 1)
+				badarg = 1;
+			else
+				infile= *(++argv);
 		} else if (!strcmp(*argv,"-out")) {
-			if (--argc < 1) badarg = 1;
-			outfile= *(++argv);
+			if (--argc < 1)
+				badarg = 1;
+			else
+				outfile= *(++argv);
 		} else if(!strcmp(*argv, "-inkey")) {
-			if (--argc < 1) badarg = 1;
-			keyfile = *(++argv);
+			if (--argc < 1)
+				badarg = 1;
+			else
+				keyfile = *(++argv);
 		} else if (!strcmp(*argv,"-passin")) {
-			if (--argc < 1) badarg = 1;
-			passargin= *(++argv);
+			if (--argc < 1)
+				badarg = 1;
+			else
+				passargin= *(++argv);
 		} else if (strcmp(*argv,"-keyform") == 0) {
-			if (--argc < 1) badarg = 1;
-			keyform=str2fmt(*(++argv));
+			if (--argc < 1)
+				badarg = 1;
+			else
+				keyform=str2fmt(*(++argv));
 #ifndef OPENSSL_NO_ENGINE
 		} else if(!strcmp(*argv, "-engine")) {
-			if (--argc < 1) badarg = 1;
-			engine = *(++argv);
+			if (--argc < 1)
+				badarg = 1;
+			else
+				engine = *(++argv);
 #endif
 		} else if(!strcmp(*argv, "-pubin")) {
 			key_type = KEY_PUBKEY;
@@ -148,6 +161,7 @@ int MAIN(int argc, char **argv)
 		else if(!strcmp(*argv, "-oaep")) pad = RSA_PKCS1_OAEP_PADDING;
 		else if(!strcmp(*argv, "-ssl")) pad = RSA_SSLV23_PADDING;
 		else if(!strcmp(*argv, "-pkcs")) pad = RSA_PKCS1_PADDING;
+		else if(!strcmp(*argv, "-x931")) pad = RSA_X931_PADDING;
 		else if(!strcmp(*argv, "-sign")) {
 			rsa_mode = RSA_SIGN;
 			need_priv = 1;
@@ -328,4 +342,10 @@ static void usage()
 
 }
 
+#else /* !OPENSSL_NO_RSA */
+
+# if PEDANTIC
+static void *dummy=&dummy;
+# endif
+
 #endif
diff --git a/apps/s_apps.h b/apps/s_apps.h
index 4e989b819c..820e5c5815 100644
--- a/apps/s_apps.h
+++ b/apps/s_apps.h
@@ -117,7 +117,7 @@
 #include <conio.h>
 #endif
 
-#ifdef OPENSSL_SYS_MSDOS
+#if defined(OPENSSL_SYS_MSDOS) && !defined(_WIN32)
 #define _kbhit kbhit
 #endif
 
@@ -148,7 +148,7 @@ typedef fd_mask fd_set;
 #define PORT_STR        "4433"
 #define PROTOCOL        "tcp"
 
-int do_server(int port, int *ret, int (*cb) (), char *context);
+int do_server(int port, int type, int *ret, int (*cb) (char *hostname, int s, unsigned char *context), unsigned char *context);
 #ifdef HEADER_X509_H
 int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx);
 #endif
@@ -156,15 +156,21 @@ int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx);
 int set_cert_stuff(SSL_CTX *ctx, char *cert_file, char *key_file);
 int set_cert_key_stuff(SSL_CTX *ctx, X509 *cert, EVP_PKEY *key);
 #endif
-int init_client(int *sock, char *server, int port);
+int init_client(int *sock, char *server, int port, int type);
 int should_retry(int i);
 int extract_port(char *str, short *port_ptr);
 int extract_host_port(char *str,char **host_ptr,unsigned char *ip,short *p);
 
 long MS_CALLBACK bio_dump_callback(BIO *bio, int cmd, const char *argp,
-	int argi, long argl, long ret);
+				   int argi, long argl, long ret);
 
 #ifdef HEADER_SSL_H
 void MS_CALLBACK apps_ssl_info_callback(const SSL *s, int where, int ret);
 void MS_CALLBACK msg_cb(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg);
+void MS_CALLBACK tlsext_cb(SSL *s, int client_server, int type,
+					unsigned char *data, int len,
+					void *arg);
 #endif
+
+int MS_CALLBACK generate_cookie_callback(SSL *ssl, unsigned char *cookie, unsigned int *cookie_len);
+int MS_CALLBACK verify_cookie_callback(SSL *ssl, unsigned char *cookie, unsigned int cookie_len);
diff --git a/apps/s_cb.c b/apps/s_cb.c
index 92d9ae8893..c4f5512247 100644
--- a/apps/s_cb.c
+++ b/apps/s_cb.c
@@ -56,7 +56,7 @@
  * [including the GNU Public Licence.]
  */
 /* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -117,16 +117,21 @@
 #undef NON_MAIN
 #undef USE_SOCKETS
 #include <openssl/err.h>
+#include <openssl/rand.h>
 #include <openssl/x509.h>
 #include <openssl/ssl.h>
 #include "s_apps.h"
 
+#define	COOKIE_SECRET_LENGTH	16
+
 int verify_depth=0;
 int verify_error=X509_V_OK;
+int verify_return_error=0;
+unsigned char cookie_secret[COOKIE_SECRET_LENGTH];
+int cookie_initialized=0;
 
 int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx)
 	{
-	char buf[256];
 	X509 *err_cert;
 	int err,depth;
 
@@ -134,15 +139,23 @@ int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx)
 	err=	X509_STORE_CTX_get_error(ctx);
 	depth=	X509_STORE_CTX_get_error_depth(ctx);
 
-	X509_NAME_oneline(X509_get_subject_name(err_cert),buf,sizeof buf);
-	BIO_printf(bio_err,"depth=%d %s\n",depth,buf);
+	BIO_printf(bio_err,"depth=%d ",depth);
+	if (err_cert)
+		{
+		X509_NAME_print_ex(bio_err, X509_get_subject_name(err_cert),
+					0, XN_FLAG_ONELINE);
+		BIO_puts(bio_err, "\n");
+		}
+	else
+		BIO_puts(bio_err, "<no cert>\n");
 	if (!ok)
 		{
 		BIO_printf(bio_err,"verify error:num=%d:%s\n",err,
 			X509_verify_cert_error_string(err));
 		if (verify_depth >= depth)
 			{
-			ok=1;
+			if (!verify_return_error)
+				ok=1;
 			verify_error=X509_V_OK;
 			}
 		else
@@ -151,25 +164,33 @@ int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx)
 			verify_error=X509_V_ERR_CERT_CHAIN_TOO_LONG;
 			}
 		}
-	switch (ctx->error)
+	switch (err)
 		{
 	case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
-		X509_NAME_oneline(X509_get_issuer_name(ctx->current_cert),buf,sizeof buf);
-		BIO_printf(bio_err,"issuer= %s\n",buf);
+		BIO_puts(bio_err,"issuer= ");
+		X509_NAME_print_ex(bio_err, X509_get_issuer_name(err_cert),
+					0, XN_FLAG_ONELINE);
+		BIO_puts(bio_err, "\n");
 		break;
 	case X509_V_ERR_CERT_NOT_YET_VALID:
 	case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
 		BIO_printf(bio_err,"notBefore=");
-		ASN1_TIME_print(bio_err,X509_get_notBefore(ctx->current_cert));
+		ASN1_TIME_print(bio_err,X509_get_notBefore(err_cert));
 		BIO_printf(bio_err,"\n");
 		break;
 	case X509_V_ERR_CERT_HAS_EXPIRED:
 	case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
 		BIO_printf(bio_err,"notAfter=");
-		ASN1_TIME_print(bio_err,X509_get_notAfter(ctx->current_cert));
+		ASN1_TIME_print(bio_err,X509_get_notAfter(err_cert));
 		BIO_printf(bio_err,"\n");
 		break;
+	case X509_V_ERR_NO_EXPLICIT_POLICY:
+		policies_print(bio_err, ctx);
+		break;
 		}
+	if (err == X509_V_OK && ok == 2)
+		policies_print(bio_err, ctx);
+
 	BIO_printf(bio_err,"verify return:%d\n",ok);
 	return(ok);
 	}
@@ -258,7 +279,7 @@ int set_cert_key_stuff(SSL_CTX *ctx, X509 *cert, EVP_PKEY *key)
 	}
 
 long MS_CALLBACK bio_dump_callback(BIO *bio, int cmd, const char *argp,
-	int argi, long argl, long ret)
+				   int argi, long argl, long ret)
 	{
 	BIO *out;
 
@@ -267,15 +288,15 @@ long MS_CALLBACK bio_dump_callback(BIO *bio, int cmd, const char *argp,
 
 	if (cmd == (BIO_CB_READ|BIO_CB_RETURN))
 		{
-		BIO_printf(out,"read from %p [%p] (%d bytes => %ld (0x%lX))\n",
- 			(void *)bio,argp,argi,ret,ret);
+		BIO_printf(out,"read from %p [%p] (%lu bytes => %ld (0x%lX))\n",
+ 			(void *)bio,argp,(unsigned long)argi,ret,ret);
 		BIO_dump(out,argp,(int)ret);
 		return(ret);
 		}
 	else if (cmd == (BIO_CB_WRITE|BIO_CB_RETURN))
 		{
-		BIO_printf(out,"write to %p [%p] (%d bytes => %ld (0x%lX))\n",
-			(void *)bio,argp,argi,ret,ret);
+		BIO_printf(out,"write to %p [%p] (%lu bytes => %ld (0x%lX))\n",
+			(void *)bio,argp,(unsigned long)argi,ret,ret);
 		BIO_dump(out,argp,(int)ret);
 		}
 	return(ret);
@@ -283,7 +304,7 @@ long MS_CALLBACK bio_dump_callback(BIO *bio, int cmd, const char *argp,
 
 void MS_CALLBACK apps_ssl_info_callback(const SSL *s, int where, int ret)
 	{
-	char *str;
+	const char *str;
 	int w;
 
 	w=where& ~SSL_ST_MASK;
@@ -336,6 +357,12 @@ void MS_CALLBACK msg_cb(int write_p, int version, int content_type, const void *
 	case TLS1_VERSION:
 		str_version = "TLS 1.0 ";
 		break;
+	case DTLS1_VERSION:
+		str_version = "DTLS 1.0 ";
+		break;
+	case DTLS1_BAD_VER:
+		str_version = "DTLS 1.0 (bad) ";
+		break;
 	default:
 		str_version = "???";
 		}
@@ -346,14 +373,14 @@ void MS_CALLBACK msg_cb(int write_p, int version, int content_type, const void *
 
 		if (len > 0)
 			{
-			switch (((unsigned char*)buf)[0])
+			switch (((const unsigned char*)buf)[0])
 				{
 				case 0:
 					str_details1 = ", ERROR:";
 					str_details2 = " ???";
 					if (len >= 3)
 						{
-						unsigned err = (((unsigned char*)buf)[1]<<8) + ((unsigned char*)buf)[2];
+						unsigned err = (((const unsigned char*)buf)[1]<<8) + ((const unsigned char*)buf)[2];
 						
 						switch (err)
 							{
@@ -401,7 +428,10 @@ void MS_CALLBACK msg_cb(int write_p, int version, int content_type, const void *
 			}
 		}
 
-	if (version == SSL3_VERSION || version == TLS1_VERSION)
+	if (version == SSL3_VERSION ||
+	    version == TLS1_VERSION ||
+	    version == DTLS1_VERSION ||
+	    version == DTLS1_BAD_VER)
 		{
 		switch (content_type)
 			{
@@ -422,7 +452,7 @@ void MS_CALLBACK msg_cb(int write_p, int version, int content_type, const void *
 			
 			if (len == 2)
 				{
-				switch (((unsigned char*)buf)[0])
+				switch (((const unsigned char*)buf)[0])
 					{
 				case 1:
 					str_details1 = ", warning";
@@ -433,7 +463,7 @@ void MS_CALLBACK msg_cb(int write_p, int version, int content_type, const void *
 					}
 
 				str_details2 = " ???";
-				switch (((unsigned char*)buf)[1])
+				switch (((const unsigned char*)buf)[1])
 					{
 				case 0:
 					str_details2 = " close_notify";
@@ -504,6 +534,21 @@ void MS_CALLBACK msg_cb(int write_p, int version, int content_type, const void *
 				case 100:
 					str_details2 = " no_renegotiation";
 					break;
+				case 110:
+					str_details2 = " unsupported_extension";
+					break;
+				case 111:
+					str_details2 = " certificate_unobtainable";
+					break;
+				case 112:
+					str_details2 = " unrecognized_name";
+					break;
+				case 113:
+					str_details2 = " bad_certificate_status_response";
+					break;
+				case 114:
+					str_details2 = " bad_certificate_hash_value";
+					break;
 					}
 				}
 			}
@@ -514,7 +559,7 @@ void MS_CALLBACK msg_cb(int write_p, int version, int content_type, const void *
 
 			if (len > 0)
 				{
-				switch (((unsigned char*)buf)[0])
+				switch (((const unsigned char*)buf)[0])
 					{
 				case 0:
 					str_details1 = ", HelloRequest";
@@ -525,6 +570,9 @@ void MS_CALLBACK msg_cb(int write_p, int version, int content_type, const void *
 				case 2:
 					str_details1 = ", ServerHello";
 					break;
+				case 3:
+					str_details1 = ", HelloVerifyRequest";
+					break;
 				case 11:
 					str_details1 = ", Certificate";
 					break;
@@ -567,11 +615,248 @@ void MS_CALLBACK msg_cb(int write_p, int version, int content_type, const void *
 			{
 			if (i % 16 == 0 && i > 0)
 				BIO_printf(bio, "\n   ");
-			BIO_printf(bio, " %02x", ((unsigned char*)buf)[i]);
+			BIO_printf(bio, " %02x", ((const unsigned char*)buf)[i]);
 			}
 		if (i < len)
 			BIO_printf(bio, " ...");
 		BIO_printf(bio, "\n");
 		}
-	BIO_flush(bio);
+	(void)BIO_flush(bio);
+	}
+
+void MS_CALLBACK tlsext_cb(SSL *s, int client_server, int type,
+					unsigned char *data, int len,
+					void *arg)
+	{
+	BIO *bio = arg;
+	char *extname;
+
+	switch(type)
+		{
+		case TLSEXT_TYPE_server_name:
+		extname = "server name";
+		break;
+
+		case TLSEXT_TYPE_max_fragment_length:
+		extname = "max fragment length";
+		break;
+
+		case TLSEXT_TYPE_client_certificate_url:
+		extname = "client certificate URL";
+		break;
+
+		case TLSEXT_TYPE_trusted_ca_keys:
+		extname = "trusted CA keys";
+		break;
+
+		case TLSEXT_TYPE_truncated_hmac:
+		extname = "truncated HMAC";
+		break;
+
+		case TLSEXT_TYPE_status_request:
+		extname = "status request";
+		break;
+
+		case TLSEXT_TYPE_elliptic_curves:
+		extname = "elliptic curves";
+		break;
+
+		case TLSEXT_TYPE_ec_point_formats:
+		extname = "EC point formats";
+		break;
+
+		case TLSEXT_TYPE_session_ticket:
+		extname = "server ticket";
+		break;
+
+		case TLSEXT_TYPE_renegotiate:
+		extname = "renegotiate";
+		break;
+
+#ifdef TLSEXT_TYPE_opaque_prf_input
+		case TLSEXT_TYPE_opaque_prf_input:
+		extname = "opaque PRF input";
+		break;
+#endif
+
+		default:
+		extname = "unknown";
+		break;
+
+		}
+	
+	BIO_printf(bio, "TLS %s extension \"%s\" (id=%d), len=%d\n",
+			client_server ? "server": "client",
+			extname, type, len);
+	BIO_dump(bio, (char *)data, len);
+	(void)BIO_flush(bio);
+	}
+
+int MS_CALLBACK generate_cookie_callback(SSL *ssl, unsigned char *cookie, unsigned int *cookie_len)
+	{
+	unsigned char *buffer, result[EVP_MAX_MD_SIZE];
+	unsigned int length, resultlength;
+	union {
+		struct sockaddr sa;
+		struct sockaddr_in s4;
+#if OPENSSL_USE_IPV6
+		struct sockaddr_in6 s6;
+#endif
+	} peer;
+
+	/* Initialize a random secret */
+	if (!cookie_initialized)
+		{
+		if (!RAND_bytes(cookie_secret, COOKIE_SECRET_LENGTH))
+			{
+			BIO_printf(bio_err,"error setting random cookie secret\n");
+			return 0;
+			}
+		cookie_initialized = 1;
+		}
+
+	/* Read peer information */
+	(void)BIO_dgram_get_peer(SSL_get_rbio(ssl), &peer);
+
+	/* Create buffer with peer's address and port */
+	length = 0;
+	switch (peer.sa.sa_family)
+		{
+	case AF_INET:
+		length += sizeof(struct in_addr);
+		length += sizeof(peer.s4.sin_port);
+		break;
+#if OPENSSL_USE_IPV6
+	case AF_INET6:
+		length += sizeof(struct in6_addr);
+		length += sizeof(peer.s6.sin6_port);
+		break;
+#endif
+	default:
+		OPENSSL_assert(0);
+		break;
+		}
+	buffer = OPENSSL_malloc(length);
+
+	if (buffer == NULL)
+		{
+		BIO_printf(bio_err,"out of memory\n");
+		return 0;
+		}
+
+	switch (peer.sa.sa_family)
+		{
+	case AF_INET:
+		memcpy(buffer,
+		       &peer.s4.sin_port,
+		       sizeof(peer.s4.sin_port));
+		memcpy(buffer + sizeof(peer.s4.sin_port),
+		       &peer.s4.sin_addr,
+		       sizeof(struct in_addr));
+		break;
+#if OPENSSL_USE_IPV6
+	case AF_INET6:
+		memcpy(buffer,
+		       &peer.s6.sin6_port,
+		       sizeof(peer.s6.sin6_port));
+		memcpy(buffer + sizeof(peer.s6.sin6_port),
+		       &peer.s6.sin6_addr,
+		       sizeof(struct in6_addr));
+		break;
+#endif
+	default:
+		OPENSSL_assert(0);
+		break;
+		}
+
+	/* Calculate HMAC of buffer using the secret */
+	HMAC(EVP_sha1(), cookie_secret, COOKIE_SECRET_LENGTH,
+	     buffer, length, result, &resultlength);
+	OPENSSL_free(buffer);
+
+	memcpy(cookie, result, resultlength);
+	*cookie_len = resultlength;
+
+	return 1;
+	}
+
+int MS_CALLBACK verify_cookie_callback(SSL *ssl, unsigned char *cookie, unsigned int cookie_len)
+	{
+	unsigned char *buffer, result[EVP_MAX_MD_SIZE];
+	unsigned int length, resultlength;
+	union {
+		struct sockaddr sa;
+		struct sockaddr_in s4;
+#if OPENSSL_USE_IPV6
+		struct sockaddr_in6 s6;
+#endif
+	} peer;
+
+	/* If secret isn't initialized yet, the cookie can't be valid */
+	if (!cookie_initialized)
+		return 0;
+
+	/* Read peer information */
+	(void)BIO_dgram_get_peer(SSL_get_rbio(ssl), &peer);
+
+	/* Create buffer with peer's address and port */
+	length = 0;
+	switch (peer.sa.sa_family)
+		{
+	case AF_INET:
+		length += sizeof(struct in_addr);
+		length += sizeof(peer.s4.sin_port);
+		break;
+#if OPENSSL_USE_IPV6
+	case AF_INET6:
+		length += sizeof(struct in6_addr);
+		length += sizeof(peer.s6.sin6_port);
+		break;
+#endif
+	default:
+		OPENSSL_assert(0);
+		break;
+		}
+	buffer = OPENSSL_malloc(length);
+	
+	if (buffer == NULL)
+		{
+		BIO_printf(bio_err,"out of memory\n");
+		return 0;
+		}
+
+	switch (peer.sa.sa_family)
+		{
+	case AF_INET:
+		memcpy(buffer,
+		       &peer.s4.sin_port,
+		       sizeof(peer.s4.sin_port));
+		memcpy(buffer + sizeof(peer.s4.sin_port),
+		       &peer.s4.sin_addr,
+		       sizeof(struct in_addr));
+		break;
+#if OPENSSL_USE_IPV6
+	case AF_INET6:
+		memcpy(buffer,
+		       &peer.s6.sin6_port,
+		       sizeof(peer.s6.sin6_port));
+		memcpy(buffer + sizeof(peer.s6.sin6_port),
+		       &peer.s6.sin6_addr,
+		       sizeof(struct in6_addr));
+		break;
+#endif
+	default:
+		OPENSSL_assert(0);
+		break;
+		}
+
+	/* Calculate HMAC of buffer using the secret */
+	HMAC(EVP_sha1(), cookie_secret, COOKIE_SECRET_LENGTH,
+	     buffer, length, result, &resultlength);
+	OPENSSL_free(buffer);
+
+	if (cookie_len == resultlength && memcmp(result, cookie, resultlength) == 0)
+		return 1;
+
+	return 0;
 	}
diff --git a/apps/s_client.c b/apps/s_client.c
index e8d5234796..0a04e049d3 100644
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -56,7 +56,7 @@
  * [including the GNU Public Licence.]
  */
 /* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -108,8 +108,35 @@
  * Hudson (tjh@cryptsoft.com).
  *
  */
+/* ====================================================================
+ * Copyright 2005 Nokia. All rights reserved.
+ *
+ * The portions of the attached software ("Contribution") is developed by
+ * Nokia Corporation and is licensed pursuant to the OpenSSL open source
+ * license.
+ *
+ * The Contribution, originally written by Mika Kousa and Pasi Eronen of
+ * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+ * support (see RFC 4279) to OpenSSL.
+ *
+ * No patent licenses or other rights except those expressly stated in
+ * the OpenSSL open source license shall be deemed granted or received
+ * expressly, by implication, estoppel, or otherwise.
+ *
+ * No assurances are provided by Nokia that the Contribution does not
+ * infringe the patent or other intellectual property rights of any third
+ * party or that the license provides you with all the necessary rights
+ * to make use of the Contribution.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+ * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+ * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+ * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+ * OTHERWISE.
+ */
 
 #include <assert.h>
+#include <ctype.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
@@ -134,26 +161,21 @@ typedef unsigned int u_int;
 #include <openssl/err.h>
 #include <openssl/pem.h>
 #include <openssl/rand.h>
+#include <openssl/ocsp.h>
+#include <openssl/bn.h>
 #include "s_apps.h"
 
-#ifdef OPENSSL_SYS_VMS
-#include "term_sock.h"
-#endif
-
-#ifdef OPENSSL_SYS_WINCE
-/* Windows CE incorrectly defines fileno as returning void*, so to avoid problems below... */
-#ifdef fileno
-#undef fileno
-#endif
-#define fileno(a) (int)_fileno(a)
-#endif
-
+#include "timeouts.h"
 
 #if (defined(OPENSSL_SYS_VMS) && __VMS_VER < 70000000)
 /* FIONBIO used as a switch to enable ioctl, and that isn't in VMS < 7.0 */
 #undef FIONBIO
 #endif
 
+#if defined(OPENSSL_SYS_BEOS_R5)
+#include <fcntl.h>
+#endif
+
 #undef PROG
 #define PROG	s_client_main
 
@@ -168,21 +190,92 @@ typedef unsigned int u_int;
 
 extern int verify_depth;
 extern int verify_error;
+extern int verify_return_error;
 
 #ifdef FIONBIO
 static int c_nbio=0;
 #endif
 static int c_Pause=0;
 static int c_debug=0;
+#ifndef OPENSSL_NO_TLSEXT
+static int c_tlsextdebug=0;
+static int c_status_req=0;
+#endif
 static int c_msg=0;
 static int c_showcerts=0;
 
 static void sc_usage(void);
 static void print_stuff(BIO *berr,SSL *con,int full);
+#ifndef OPENSSL_NO_TLSEXT
+static int ocsp_resp_cb(SSL *s, void *arg);
+#endif
 static BIO *bio_c_out=NULL;
 static int c_quiet=0;
 static int c_ign_eof=0;
 
+#ifndef OPENSSL_NO_PSK
+/* Default PSK identity and key */
+static char *psk_identity="Client_identity";
+/*char *psk_key=NULL;  by default PSK is not used */
+
+static unsigned int psk_client_cb(SSL *ssl, const char *hint, char *identity,
+	unsigned int max_identity_len, unsigned char *psk,
+	unsigned int max_psk_len)
+	{
+	unsigned int psk_len = 0;
+	int ret;
+        BIGNUM *bn=NULL;
+
+	if (c_debug)
+		BIO_printf(bio_c_out, "psk_client_cb\n");
+	if (!hint)
+                {
+                /* no ServerKeyExchange message*/
+		if (c_debug)
+			BIO_printf(bio_c_out,"NULL received PSK identity hint, continuing anyway\n");
+                }
+        else if (c_debug)
+		BIO_printf(bio_c_out, "Received PSK identity hint '%s'\n", hint);
+
+	/* lookup PSK identity and PSK key based on the given identity hint here */
+	ret = BIO_snprintf(identity, max_identity_len, "%s", psk_identity);
+	if (ret < 0 || (unsigned int)ret > max_identity_len)
+		goto out_err;
+	if (c_debug)
+		BIO_printf(bio_c_out, "created identity '%s' len=%d\n", identity, ret);
+        ret=BN_hex2bn(&bn, psk_key);
+        if (!ret)
+                {
+                BIO_printf(bio_err,"Could not convert PSK key '%s' to BIGNUM\n", psk_key);
+                if (bn)
+                        BN_free(bn);
+                return 0;
+                }
+
+        if ((unsigned int)BN_num_bytes(bn) > max_psk_len)
+                {
+                BIO_printf(bio_err,"psk buffer of callback is too small (%d) for key (%d)\n",
+                        max_psk_len, BN_num_bytes(bn));
+                BN_free(bn);
+                return 0;
+                }
+
+        psk_len=BN_bn2bin(bn, psk);
+        BN_free(bn);
+        if (psk_len == 0)
+                goto out_err;
+
+	if (c_debug)
+		BIO_printf(bio_c_out, "created PSK len=%d\n", psk_len);
+
+        return psk_len;
+ out_err:
+	if (c_debug)
+		BIO_printf(bio_err, "Error in PSK client callback\n");
+        return 0;
+	}
+#endif
+
 static void sc_usage(void)
 	{
 	BIO_printf(bio_err,"usage: s_client args\n");
@@ -216,10 +309,21 @@ static void sc_usage(void)
 	BIO_printf(bio_err," -crlf         - convert LF from terminal into CRLF\n");
 	BIO_printf(bio_err," -quiet        - no s_client output\n");
 	BIO_printf(bio_err," -ign_eof      - ignore input eof (default when -quiet)\n");
+	BIO_printf(bio_err," -no_ign_eof   - don't ignore input eof\n");
+#ifndef OPENSSL_NO_PSK
+	BIO_printf(bio_err," -psk_identity arg - PSK identity\n");
+	BIO_printf(bio_err," -psk arg      - PSK in hex (without 0x)\n");
+# ifndef OPENSSL_NO_JPAKE
+	BIO_printf(bio_err," -jpake arg    - JPAKE secret to use\n");
+# endif
+#endif
 	BIO_printf(bio_err," -ssl2         - just use SSLv2\n");
 	BIO_printf(bio_err," -ssl3         - just use SSLv3\n");
+	BIO_printf(bio_err," -tls1_1       - just use TLSv1.1\n");
 	BIO_printf(bio_err," -tls1         - just use TLSv1\n");
-	BIO_printf(bio_err," -no_tls1/-no_ssl3/-no_ssl2 - turn off that protocol\n");
+	BIO_printf(bio_err," -dtls1        - just use DTLSv1\n");    
+	BIO_printf(bio_err," -mtu          - set the link layer MTU\n");
+	BIO_printf(bio_err," -no_tls1_1/-no_tls1/-no_ssl3/-no_ssl2 - turn off that protocol\n");
 	BIO_printf(bio_err," -bugs         - Switch on all SSL implementation bug workarounds\n");
 	BIO_printf(bio_err," -serverpref   - Use server's cipher preferences (only SSLv2)\n");
 	BIO_printf(bio_err," -cipher       - preferred cipher to use, use the 'openssl ciphers'\n");
@@ -227,21 +331,61 @@ static void sc_usage(void)
 	BIO_printf(bio_err," -starttls prot - use the STARTTLS command before starting TLS\n");
 	BIO_printf(bio_err,"                 for those protocols that support it, where\n");
 	BIO_printf(bio_err,"                 'prot' defines which one to assume.  Currently,\n");
-	BIO_printf(bio_err,"                 only \"smtp\" and \"pop3\" are supported.\n");
+	BIO_printf(bio_err,"                 only \"smtp\", \"pop3\", \"imap\", \"ftp\" and \"xmpp\"\n");
+	BIO_printf(bio_err,"                 are supported.\n");
 #ifndef OPENSSL_NO_ENGINE
 	BIO_printf(bio_err," -engine id    - Initialise and use the specified engine\n");
 #endif
 	BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
+	BIO_printf(bio_err," -sess_out arg - file to write SSL session to\n");
+	BIO_printf(bio_err," -sess_in arg  - file to read SSL session from\n");
+#ifndef OPENSSL_NO_TLSEXT
+	BIO_printf(bio_err," -servername host  - Set TLS extension servername in ClientHello\n");
+	BIO_printf(bio_err," -tlsextdebug      - hex dump of all TLS extensions received\n");
+	BIO_printf(bio_err," -status           - request certificate status from server\n");
+	BIO_printf(bio_err," -no_ticket        - disable use of RFC4507bis session tickets\n");
+#endif
+	BIO_printf(bio_err," -legacy_renegotiation - enable use of legacy renegotiation (dangerous)\n");
+	}
+
+#ifndef OPENSSL_NO_TLSEXT
 
+/* This is a context that we pass to callbacks */
+typedef struct tlsextctx_st {
+   BIO * biodebug;
+   int ack;
+} tlsextctx;
+
+
+static int MS_CALLBACK ssl_servername_cb(SSL *s, int *ad, void *arg)
+	{
+	tlsextctx * p = (tlsextctx *) arg;
+	const char * hn= SSL_get_servername(s, TLSEXT_NAMETYPE_host_name);
+	if (SSL_get_servername_type(s) != -1) 
+ 	        p->ack = !SSL_session_reused(s) && hn != NULL;
+	else 
+		BIO_printf(bio_err,"Can't use SSL_get_servername\n");
+	
+	return SSL_TLSEXT_ERR_OK;
 	}
+#endif
+
+enum
+{
+	PROTO_OFF	= 0,
+	PROTO_SMTP,
+	PROTO_POP3,
+	PROTO_IMAP,
+	PROTO_FTP,
+	PROTO_XMPP
+};
 
 int MAIN(int, char **);
 
 int MAIN(int argc, char **argv)
 	{
-	int off=0;
-	SSL *con=NULL,*con2=NULL;
-	X509_STORE *store = NULL;
+	unsigned int off=0, clr=0;
+	SSL *con=NULL;
 	int s,k,width,state=0;
 	char *cbuf=NULL,*sbuf=NULL,*mbuf=NULL;
 	int cbuf_len,cbuf_off;
@@ -261,17 +405,41 @@ int MAIN(int argc, char **argv)
 	int write_tty,read_tty,write_ssl,read_ssl,tty_on,ssl_pending;
 	SSL_CTX *ctx=NULL;
 	int ret=1,in_init=1,i,nbio_test=0;
-	int starttls_proto = 0;
-	int prexit = 0, vflags = 0;
-	SSL_METHOD *meth=NULL;
+	int starttls_proto = PROTO_OFF;
+	int prexit = 0;
+	X509_VERIFY_PARAM *vpm = NULL;
+	int badarg = 0;
+	const SSL_METHOD *meth=NULL;
+	int socket_type=SOCK_STREAM;
 	BIO *sbio;
 	char *inrand=NULL;
+	int mbuf_len=0;
+	struct timeval timeout, *timeoutp;
 #ifndef OPENSSL_NO_ENGINE
 	char *engine_id=NULL;
-	ENGINE *e=NULL;
+	char *ssl_client_engine_id=NULL;
+	ENGINE *ssl_client_engine=NULL;
 #endif
-#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE)
+	ENGINE *e=NULL;
+#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_BEOS_R5)
 	struct timeval tv;
+#if defined(OPENSSL_SYS_BEOS_R5)
+	int stdin_set = 0;
+#endif
+#endif
+#ifndef OPENSSL_NO_TLSEXT
+	char *servername = NULL; 
+        tlsextctx tlsextcbp = 
+        {NULL,0};
+#endif
+	char *sess_in = NULL;
+	char *sess_out = NULL;
+	struct sockaddr peer;
+	int peerlen = sizeof(peer);
+	int enable_timeouts = 0 ;
+	long socket_mtu = 0;
+#ifndef OPENSSL_NO_JPAKE
+	char *jpake_secret = NULL;
 #endif
 #ifdef OPENSSL_SYS_VMS
         int stdin_sock;
@@ -348,15 +516,29 @@ int MAIN(int argc, char **argv)
 			if (--argc < 1) goto bad;
 			cert_file= *(++argv);
 			}
+		else if	(strcmp(*argv,"-sess_out") == 0)
+			{
+			if (--argc < 1) goto bad;
+			sess_out = *(++argv);
+			}
+		else if	(strcmp(*argv,"-sess_in") == 0)
+			{
+			if (--argc < 1) goto bad;
+			sess_in = *(++argv);
+			}
 		else if	(strcmp(*argv,"-certform") == 0)
 			{
 			if (--argc < 1) goto bad;
 			cert_format = str2fmt(*(++argv));
 			}
-		else if	(strcmp(*argv,"-crl_check") == 0)
-			vflags |= X509_V_FLAG_CRL_CHECK;
-		else if	(strcmp(*argv,"-crl_check_all") == 0)
-			vflags |= X509_V_FLAG_CRL_CHECK|X509_V_FLAG_CRL_CHECK_ALL;
+		else if (args_verify(&argv, &argc, &badarg, bio_err, &vpm))
+			{
+			if (badarg)
+				goto bad;
+			continue;
+			}
+		else if (strcmp(*argv,"-verify_return_error") == 0)
+			verify_return_error = 1;
 		else if	(strcmp(*argv,"-prexit") == 0)
 			prexit=1;
 		else if	(strcmp(*argv,"-crlf") == 0)
@@ -368,10 +550,18 @@ int MAIN(int argc, char **argv)
 			}
 		else if	(strcmp(*argv,"-ign_eof") == 0)
 			c_ign_eof=1;
+		else if	(strcmp(*argv,"-no_ign_eof") == 0)
+			c_ign_eof=0;
 		else if	(strcmp(*argv,"-pause") == 0)
 			c_Pause=1;
 		else if	(strcmp(*argv,"-debug") == 0)
 			c_debug=1;
+#ifndef OPENSSL_NO_TLSEXT
+		else if	(strcmp(*argv,"-tlsextdebug") == 0)
+			c_tlsextdebug=1;
+		else if	(strcmp(*argv,"-status") == 0)
+			c_status_req=1;
+#endif
 #ifdef WATT32
 		else if (strcmp(*argv,"-wdebug") == 0)
 			dbug_init();
@@ -384,6 +574,27 @@ int MAIN(int argc, char **argv)
 			nbio_test=1;
 		else if	(strcmp(*argv,"-state") == 0)
 			state=1;
+#ifndef OPENSSL_NO_PSK
+                else if (strcmp(*argv,"-psk_identity") == 0)
+			{
+			if (--argc < 1) goto bad;
+			psk_identity=*(++argv);
+			}
+                else if (strcmp(*argv,"-psk") == 0)
+			{
+                        size_t j;
+
+			if (--argc < 1) goto bad;
+			psk_key=*(++argv);
+			for (j = 0; j < strlen(psk_key); j++)
+                                {
+                                if (isxdigit((int)psk_key[j]))
+                                        continue;
+                                BIO_printf(bio_err,"Not a hex number '%s'\n",*argv);
+                                goto bad;
+                                }
+			}
+#endif
 #ifndef OPENSSL_NO_SSL2
 		else if	(strcmp(*argv,"-ssl2") == 0)
 			meth=SSLv2_client_method();
@@ -393,9 +604,25 @@ int MAIN(int argc, char **argv)
 			meth=SSLv3_client_method();
 #endif
 #ifndef OPENSSL_NO_TLS1
+		else if	(strcmp(*argv,"-tls1_1") == 0)
+			meth=TLSv1_1_client_method();
 		else if	(strcmp(*argv,"-tls1") == 0)
 			meth=TLSv1_client_method();
 #endif
+#ifndef OPENSSL_NO_DTLS1
+		else if	(strcmp(*argv,"-dtls1") == 0)
+			{
+			meth=DTLSv1_client_method();
+			socket_type=SOCK_DGRAM;
+			}
+		else if (strcmp(*argv,"-timeout") == 0)
+			enable_timeouts=1;
+		else if (strcmp(*argv,"-mtu") == 0)
+			{
+			if (--argc < 1) goto bad;
+			socket_mtu = atol(*(++argv));
+			}
+#endif
 		else if (strcmp(*argv,"-bugs") == 0)
 			bugs=1;
 		else if	(strcmp(*argv,"-keyform") == 0)
@@ -427,14 +654,28 @@ int MAIN(int argc, char **argv)
 			if (--argc < 1) goto bad;
 			CAfile= *(++argv);
 			}
+		else if (strcmp(*argv,"-no_tls1_1") == 0)
+			off|=SSL_OP_NO_TLSv1_1;
 		else if (strcmp(*argv,"-no_tls1") == 0)
 			off|=SSL_OP_NO_TLSv1;
 		else if (strcmp(*argv,"-no_ssl3") == 0)
 			off|=SSL_OP_NO_SSLv3;
 		else if (strcmp(*argv,"-no_ssl2") == 0)
 			off|=SSL_OP_NO_SSLv2;
+		else if	(strcmp(*argv,"-no_comp") == 0)
+			{ off|=SSL_OP_NO_COMPRESSION; }
+#ifndef OPENSSL_NO_TLSEXT
+		else if	(strcmp(*argv,"-no_ticket") == 0)
+			{ off|=SSL_OP_NO_TICKET; }
+#endif
 		else if (strcmp(*argv,"-serverpref") == 0)
 			off|=SSL_OP_CIPHER_SERVER_PREFERENCE;
+		else if (strcmp(*argv,"-legacy_renegotiation") == 0)
+			off|=SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION;
+		else if	(strcmp(*argv,"-legacy_server_connect") == 0)
+			{ off|=SSL_OP_LEGACY_SERVER_CONNECT; }
+		else if	(strcmp(*argv,"-no_legacy_server_connect") == 0)
+			{ clr|=SSL_OP_LEGACY_SERVER_CONNECT; }
 		else if	(strcmp(*argv,"-cipher") == 0)
 			{
 			if (--argc < 1) goto bad;
@@ -449,9 +690,15 @@ int MAIN(int argc, char **argv)
 			if (--argc < 1) goto bad;
 			++argv;
 			if (strcmp(*argv,"smtp") == 0)
-				starttls_proto = 1;
+				starttls_proto = PROTO_SMTP;
 			else if (strcmp(*argv,"pop3") == 0)
-				starttls_proto = 2;
+				starttls_proto = PROTO_POP3;
+			else if (strcmp(*argv,"imap") == 0)
+				starttls_proto = PROTO_IMAP;
+			else if (strcmp(*argv,"ftp") == 0)
+				starttls_proto = PROTO_FTP;
+			else if (strcmp(*argv, "xmpp") == 0)
+				starttls_proto = PROTO_XMPP;
 			else
 				goto bad;
 			}
@@ -461,12 +708,32 @@ int MAIN(int argc, char **argv)
 			if (--argc < 1) goto bad;
 			engine_id = *(++argv);
 			}
+		else if	(strcmp(*argv,"-ssl_client_engine") == 0)
+			{
+			if (--argc < 1) goto bad;
+			ssl_client_engine_id = *(++argv);
+			}
 #endif
 		else if (strcmp(*argv,"-rand") == 0)
 			{
 			if (--argc < 1) goto bad;
 			inrand= *(++argv);
 			}
+#ifndef OPENSSL_NO_TLSEXT
+		else if (strcmp(*argv,"-servername") == 0)
+			{
+			if (--argc < 1) goto bad;
+			servername= *(++argv);
+			/* meth=TLSv1_client_method(); */
+			}
+#endif
+#ifndef OPENSSL_NO_JPAKE
+		else if (strcmp(*argv,"-jpake") == 0)
+			{
+			if (--argc < 1) goto bad;
+			jpake_secret = *++argv;
+			}
+#endif
 		else
 			{
 			BIO_printf(bio_err,"unknown option %s\n",*argv);
@@ -483,11 +750,42 @@ bad:
 		goto end;
 		}
 
+#if !defined(OPENSSL_NO_JPAKE) && !defined(OPENSSL_NO_PSK)
+	if (jpake_secret)
+		{
+		if (psk_key)
+			{
+			BIO_printf(bio_err,
+				   "Can't use JPAKE and PSK together\n");
+			goto end;
+			}
+		psk_identity = "JPAKE";
+		}
+
+	if (cipher)
+		{
+		BIO_printf(bio_err, "JPAKE sets cipher to PSK\n");
+		goto end;
+		}
+	cipher = "PSK";
+#endif
+
 	OpenSSL_add_ssl_algorithms();
 	SSL_load_error_strings();
 
 #ifndef OPENSSL_NO_ENGINE
         e = setup_engine(bio_err, engine_id, 1);
+	if (ssl_client_engine_id)
+		{
+		ssl_client_engine = ENGINE_by_id(ssl_client_engine_id);
+		if (!ssl_client_engine)
+			{
+			BIO_printf(bio_err,
+					"Error getting client auth engine\n");
+			goto end;
+			}
+		}
+
 #endif
 	if (!app_passwd(bio_err, passarg, NULL, &pass, NULL))
 		{
@@ -555,11 +853,47 @@ bad:
 		goto end;
 		}
 
+	if (vpm)
+		SSL_CTX_set1_param(ctx, vpm);
+
+#ifndef OPENSSL_NO_ENGINE
+	if (ssl_client_engine)
+		{
+		if (!SSL_CTX_set_client_cert_engine(ctx, ssl_client_engine))
+			{
+			BIO_puts(bio_err, "Error setting client auth engine\n");
+			ERR_print_errors(bio_err);
+			ENGINE_free(ssl_client_engine);
+			goto end;
+			}
+		ENGINE_free(ssl_client_engine);
+		}
+#endif
+
+#ifndef OPENSSL_NO_PSK
+#ifdef OPENSSL_NO_JPAKE
+	if (psk_key != NULL)
+#else
+	if (psk_key != NULL || jpake_secret)
+#endif
+		{
+		if (c_debug)
+			BIO_printf(bio_c_out, "PSK key given or JPAKE in use, setting client callback\n");
+		SSL_CTX_set_psk_client_callback(ctx, psk_client_cb);
+		}
+#endif
 	if (bugs)
 		SSL_CTX_set_options(ctx,SSL_OP_ALL|off);
 	else
 		SSL_CTX_set_options(ctx,off);
 
+	if (clr)
+		SSL_CTX_clear_options(ctx, clr);
+	/* DTLS: partial reads end up discarding unread UDP bytes :-( 
+	 * Setting read ahead solves this problem.
+	 */
+	if (socket_type == SOCK_DGRAM) SSL_CTX_set_read_ahead(ctx, 1);
+
 	if (state) SSL_CTX_set_info_callback(ctx,apps_ssl_info_callback);
 	if (cipher != NULL)
 		if(!SSL_CTX_set_cipher_list(ctx,cipher)) {
@@ -584,10 +918,50 @@ bad:
 		/* goto end; */
 		}
 
-	store = SSL_CTX_get_cert_store(ctx);
-	X509_STORE_set_flags(store, vflags);
+#ifndef OPENSSL_NO_TLSEXT
+	if (servername != NULL)
+		{
+		tlsextcbp.biodebug = bio_err;
+		SSL_CTX_set_tlsext_servername_callback(ctx, ssl_servername_cb);
+		SSL_CTX_set_tlsext_servername_arg(ctx, &tlsextcbp);
+		}
+#endif
 
 	con=SSL_new(ctx);
+	if (sess_in)
+		{
+		SSL_SESSION *sess;
+		BIO *stmp = BIO_new_file(sess_in, "r");
+		if (!stmp)
+			{
+			BIO_printf(bio_err, "Can't open session file %s\n",
+						sess_in);
+			ERR_print_errors(bio_err);
+			goto end;
+			}
+		sess = PEM_read_bio_SSL_SESSION(stmp, NULL, 0, NULL);
+		BIO_free(stmp);
+		if (!sess)
+			{
+			BIO_printf(bio_err, "Can't open session file %s\n",
+						sess_in);
+			ERR_print_errors(bio_err);
+			goto end;
+			}
+		SSL_set_session(con, sess);
+		SSL_SESSION_free(sess);
+		}
+#ifndef OPENSSL_NO_TLSEXT
+	if (servername != NULL)
+		{
+		if (!SSL_set_tlsext_host_name(con,servername))
+			{
+			BIO_printf(bio_err,"Unable to set TLS servername extension.\n");
+			ERR_print_errors(bio_err);
+			goto end;
+			}
+		}
+#endif
 #ifndef OPENSSL_NO_KRB5
 	if (con  &&  (con->kssl_ctx = kssl_ctx_new()) != NULL)
                 {
@@ -595,10 +969,15 @@ bad:
 		}
 #endif	/* OPENSSL_NO_KRB5  */
 /*	SSL_set_cipher_list(con,"RC4-MD5"); */
+#if 0
+#ifdef TLSEXT_TYPE_opaque_prf_input
+	SSL_set_tlsext_opaque_prf_input(con, "Test client", 11);
+#endif
+#endif
 
 re_start:
 
-	if (init_client(&s,host,port) == 0)
+	if (init_client(&s,host,port,socket_type) == 0)
 		{
 		BIO_printf(bio_err,"connect:errno=%d\n",get_last_socket_error());
 		SHUTDOWN(s);
@@ -619,7 +998,43 @@ re_start:
 		}
 #endif                                              
 	if (c_Pause & 0x01) con->debug=1;
-	sbio=BIO_new_socket(s,BIO_NOCLOSE);
+
+	if ( SSL_version(con) == DTLS1_VERSION)
+		{
+
+		sbio=BIO_new_dgram(s,BIO_NOCLOSE);
+		if (getsockname(s, &peer, (void *)&peerlen) < 0)
+			{
+			BIO_printf(bio_err, "getsockname:errno=%d\n",
+				get_last_socket_error());
+			SHUTDOWN(s);
+			goto end;
+			}
+
+		(void)BIO_ctrl_set_connected(sbio, 1, &peer);
+
+		if (enable_timeouts)
+			{
+			timeout.tv_sec = 0;
+			timeout.tv_usec = DGRAM_RCV_TIMEOUT;
+			BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_RECV_TIMEOUT, 0, &timeout);
+			
+			timeout.tv_sec = 0;
+			timeout.tv_usec = DGRAM_SND_TIMEOUT;
+			BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_SEND_TIMEOUT, 0, &timeout);
+			}
+
+		if (socket_mtu > 28)
+			{
+			SSL_set_options(con, SSL_OP_NO_QUERY_MTU);
+			SSL_set_mtu(con, socket_mtu - 28);
+			}
+		else
+			/* want to do MTU discovery */
+			BIO_ctrl(sbio, BIO_CTRL_DGRAM_MTU_DISCOVER, 0, NULL);
+		}
+	else
+		sbio=BIO_new_socket(s,BIO_NOCLOSE);
 
 	if (nbio_test)
 		{
@@ -633,13 +1048,41 @@ re_start:
 		{
 		con->debug=1;
 		BIO_set_callback(sbio,bio_dump_callback);
-		BIO_set_callback_arg(sbio,bio_c_out);
+		BIO_set_callback_arg(sbio,(char *)bio_c_out);
 		}
 	if (c_msg)
 		{
 		SSL_set_msg_callback(con, msg_cb);
 		SSL_set_msg_callback_arg(con, bio_c_out);
 		}
+#ifndef OPENSSL_NO_TLSEXT
+	if (c_tlsextdebug)
+		{
+		SSL_set_tlsext_debug_callback(con, tlsext_cb);
+		SSL_set_tlsext_debug_arg(con, bio_c_out);
+		}
+	if (c_status_req)
+		{
+		SSL_set_tlsext_status_type(con, TLSEXT_STATUSTYPE_ocsp);
+		SSL_CTX_set_tlsext_status_cb(ctx, ocsp_resp_cb);
+		SSL_CTX_set_tlsext_status_arg(ctx, bio_c_out);
+#if 0
+{
+STACK_OF(OCSP_RESPID) *ids = sk_OCSP_RESPID_new_null();
+OCSP_RESPID *id = OCSP_RESPID_new();
+id->value.byKey = ASN1_OCTET_STRING_new();
+id->type = V_OCSP_RESPID_KEY;
+ASN1_STRING_set(id->value.byKey, "Hello World", -1);
+sk_OCSP_RESPID_push(ids, id);
+SSL_set_tlsext_status_ids(con, ids);
+}
+#endif
+		}
+#endif
+#ifndef OPENSSL_NO_JPAKE
+	if (jpake_secret)
+		jpake_client_auth(bio_c_out, sbio, jpake_secret);
+#endif
 
 	SSL_set_bio(con,sbio,sbio);
 	SSL_set_connect_state(con);
@@ -664,24 +1107,127 @@ re_start:
 	sbuf_off=0;
 
 	/* This is an ugly hack that does a lot of assumptions */
-	if (starttls_proto == 1)
+	/* We do have to handle multi-line responses which may come
+ 	   in a single packet or not. We therefore have to use
+	   BIO_gets() which does need a buffering BIO. So during
+	   the initial chitchat we do push a buffering BIO into the
+	   chain that is removed again later on to not disturb the
+	   rest of the s_client operation. */
+	if (starttls_proto == PROTO_SMTP)
 		{
-		BIO_read(sbio,mbuf,BUFSIZZ);
+		int foundit=0;
+		BIO *fbio = BIO_new(BIO_f_buffer());
+		BIO_push(fbio, sbio);
+		/* wait for multi-line response to end from SMTP */
+		do
+			{
+			mbuf_len = BIO_gets(fbio,mbuf,BUFSIZZ);
+			}
+		while (mbuf_len>3 && mbuf[3]=='-');
+		/* STARTTLS command requires EHLO... */
+		BIO_printf(fbio,"EHLO openssl.client.net\r\n");
+		(void)BIO_flush(fbio);
+		/* wait for multi-line response to end EHLO SMTP response */
+		do
+			{
+			mbuf_len = BIO_gets(fbio,mbuf,BUFSIZZ);
+			if (strstr(mbuf,"STARTTLS"))
+				foundit=1;
+			}
+		while (mbuf_len>3 && mbuf[3]=='-');
+		(void)BIO_flush(fbio);
+		BIO_pop(fbio);
+		BIO_free(fbio);
+		if (!foundit)
+			BIO_printf(bio_err,
+				   "didn't found starttls in server response,"
+				   " try anyway...\n");
 		BIO_printf(sbio,"STARTTLS\r\n");
 		BIO_read(sbio,sbuf,BUFSIZZ);
 		}
-	if (starttls_proto == 2)
+	else if (starttls_proto == PROTO_POP3)
 		{
 		BIO_read(sbio,mbuf,BUFSIZZ);
 		BIO_printf(sbio,"STLS\r\n");
 		BIO_read(sbio,sbuf,BUFSIZZ);
 		}
+	else if (starttls_proto == PROTO_IMAP)
+		{
+		int foundit=0;
+		BIO *fbio = BIO_new(BIO_f_buffer());
+		BIO_push(fbio, sbio);
+		BIO_gets(fbio,mbuf,BUFSIZZ);
+		/* STARTTLS command requires CAPABILITY... */
+		BIO_printf(fbio,". CAPABILITY\r\n");
+		(void)BIO_flush(fbio);
+		/* wait for multi-line CAPABILITY response */
+		do
+			{
+			mbuf_len = BIO_gets(fbio,mbuf,BUFSIZZ);
+			if (strstr(mbuf,"STARTTLS"))
+				foundit=1;
+			}
+		while (mbuf_len>3 && mbuf[0]!='.');
+		(void)BIO_flush(fbio);
+		BIO_pop(fbio);
+		BIO_free(fbio);
+		if (!foundit)
+			BIO_printf(bio_err,
+				   "didn't found STARTTLS in server response,"
+				   " try anyway...\n");
+		BIO_printf(sbio,". STARTTLS\r\n");
+		BIO_read(sbio,sbuf,BUFSIZZ);
+		}
+	else if (starttls_proto == PROTO_FTP)
+		{
+		BIO *fbio = BIO_new(BIO_f_buffer());
+		BIO_push(fbio, sbio);
+		/* wait for multi-line response to end from FTP */
+		do
+			{
+			mbuf_len = BIO_gets(fbio,mbuf,BUFSIZZ);
+			}
+		while (mbuf_len>3 && mbuf[3]=='-');
+		(void)BIO_flush(fbio);
+		BIO_pop(fbio);
+		BIO_free(fbio);
+		BIO_printf(sbio,"AUTH TLS\r\n");
+		BIO_read(sbio,sbuf,BUFSIZZ);
+		}
+	if (starttls_proto == PROTO_XMPP)
+		{
+		int seen = 0;
+		BIO_printf(sbio,"<stream:stream "
+		    "xmlns:stream='http://etherx.jabber.org/streams' "
+		    "xmlns='jabber:client' to='%s' version='1.0'>", host);
+		seen = BIO_read(sbio,mbuf,BUFSIZZ);
+		mbuf[seen] = 0;
+		while (!strstr(mbuf, "<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'"))
+			{
+			if (strstr(mbuf, "/stream:features>"))
+				goto shut;
+			seen = BIO_read(sbio,mbuf,BUFSIZZ);
+			mbuf[seen] = 0;
+			}
+		BIO_printf(sbio, "<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>");
+		seen = BIO_read(sbio,sbuf,BUFSIZZ);
+		sbuf[seen] = 0;
+		if (!strstr(sbuf, "<proceed"))
+			goto shut;
+		mbuf[0] = 0;
+		}
 
 	for (;;)
 		{
 		FD_ZERO(&readfds);
 		FD_ZERO(&writefds);
 
+		if ((SSL_version(con) == DTLS1_VERSION) &&
+			DTLSv1_get_timeout(con, &timeout))
+			timeoutp = &timeout;
+		else
+			timeoutp = NULL;
+
 		if (SSL_in_init(con) && !SSL_total_renegotiations(con))
 			{
 			in_init=1;
@@ -693,6 +1239,25 @@ re_start:
 			if (in_init)
 				{
 				in_init=0;
+#if 0 /* This test doesn't really work as intended (needs to be fixed) */
+#ifndef OPENSSL_NO_TLSEXT
+				if (servername != NULL && !SSL_session_reused(con))
+					{
+					BIO_printf(bio_c_out,"Server did %sacknowledge servername extension.\n",tlsextcbp.ack?"":"not ");
+					}
+#endif
+#endif
+				if (sess_out)
+					{
+					BIO *stmp = BIO_new_file(sess_out, "w");
+					if (stmp)
+						{
+						PEM_write_bio_SSL_SESSION(stmp, SSL_get_session(con));
+						BIO_free(stmp);
+						}
+					else 
+						BIO_printf(bio_err, "Error writing session file %s\n", sess_out);
+					}
 				print_stuff(bio_c_out,con,full_log);
 				if (full_log > 0) full_log--;
 
@@ -700,7 +1265,7 @@ re_start:
 					{
 					BIO_printf(bio_err,"%s",mbuf);
 					/* We don't need to know any more */
-					starttls_proto = 0;
+					starttls_proto = PROTO_OFF;
 					}
 
 				if (reconnect)
@@ -719,26 +1284,22 @@ re_start:
 
 		if (!ssl_pending)
 			{
-#if !defined(OPENSSL_SYS_WINDOWS) && !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_NETWARE)
+#if !defined(OPENSSL_SYS_WINDOWS) && !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_NETWARE) && !defined (OPENSSL_SYS_BEOS_R5)
 			if (tty_on)
 				{
-#ifdef OPENSSL_SYS_VMS
-                                if (read_tty)  FD_SET(stdin_sock,&readfds);
-#else
-                                if (read_tty)  FD_SET(fileno(stdin),&readfds);
-                                if (write_tty) FD_SET(fileno(stdout),&writefds);
-#endif
+				if (read_tty)  openssl_fdset(fileno(stdin),&readfds);
+				if (write_tty) openssl_fdset(fileno(stdout),&writefds);
 				}
 			if (read_ssl)
-				FD_SET(SSL_get_fd(con),&readfds);
+				openssl_fdset(SSL_get_fd(con),&readfds);
 			if (write_ssl)
-				FD_SET(SSL_get_fd(con),&writefds);
+				openssl_fdset(SSL_get_fd(con),&writefds);
 #else
 			if(!tty_on || !write_tty) {
 				if (read_ssl)
-					FD_SET(SSL_get_fd(con),&readfds);
+					openssl_fdset(SSL_get_fd(con),&readfds);
 				if (write_ssl)
-					FD_SET(SSL_get_fd(con),&writefds);
+					openssl_fdset(SSL_get_fd(con),&writefds);
 			}
 #endif
 /*			printf("mode tty(%d %d%d) ssl(%d%d)\n",
@@ -771,7 +1332,7 @@ re_start:
 					if(!i && (!((_kbhit()) || (WAIT_OBJECT_0 == WaitForSingleObject(GetStdHandle(STD_INPUT_HANDLE), 0))) || !read_tty) ) continue;
 #endif
 				} else 	i=select(width,(void *)&readfds,(void *)&writefds,
-					 NULL,NULL);
+					 NULL,timeoutp);
 			}
 #elif defined(OPENSSL_SYS_NETWARE)
 			if(!write_tty) {
@@ -781,11 +1342,30 @@ re_start:
 					i=select(width,(void *)&readfds,(void *)&writefds,
 						NULL,&tv);
 				} else 	i=select(width,(void *)&readfds,(void *)&writefds,
-					NULL,NULL);
+					NULL,timeoutp);
+			}
+#elif defined(OPENSSL_SYS_BEOS_R5)
+			/* Under BeOS-R5 the situation is similar to DOS */
+			i=0;
+			stdin_set = 0;
+			(void)fcntl(fileno(stdin), F_SETFL, O_NONBLOCK);
+			if(!write_tty) {
+				if(read_tty) {
+					tv.tv_sec = 1;
+					tv.tv_usec = 0;
+					i=select(width,(void *)&readfds,(void *)&writefds,
+						 NULL,&tv);
+					if (read(fileno(stdin), sbuf, 0) >= 0)
+						stdin_set = 1;
+					if (!i && (stdin_set != 1 || !read_tty))
+						continue;
+				} else 	i=select(width,(void *)&readfds,(void *)&writefds,
+					 NULL,timeoutp);
 			}
+			(void)fcntl(fileno(stdin), F_SETFL, 0);
 #else
 			i=select(width,(void *)&readfds,(void *)&writefds,
-				 NULL,NULL);
+				 NULL,timeoutp);
 #endif
 			if ( i < 0)
 				{
@@ -796,6 +1376,11 @@ re_start:
 				}
 			}
 
+		if ((SSL_version(con) == DTLS1_VERSION) && DTLSv1_handle_timeout(con) > 0)
+			{
+			BIO_printf(bio_err,"TIMEOUT occured\n");
+			}
+
 		if (!ssl_pending && FD_ISSET(SSL_get_fd(con),&writefds))
 			{
 			k=SSL_write(con,&(cbuf[cbuf_off]),
@@ -836,6 +1421,7 @@ re_start:
 				if (cbuf_len != 0)
 					{
 					BIO_printf(bio_c_out,"shutdown\n");
+					ret = 0;
 					goto shut;
 					}
 				else
@@ -863,8 +1449,8 @@ re_start:
 				goto shut;
 				}
 			}
-#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_NETWARE)
-		/* Assume Windows/DOS can always write */
+#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_BEOS_R5)
+		/* Assume Windows/DOS/BeOS can always write */
 		else if (!ssl_pending && write_tty)
 #else
 		else if (!ssl_pending && FD_ISSET(fileno(stdout),&writefds))
@@ -873,11 +1459,12 @@ re_start:
 #ifdef CHARSET_EBCDIC
 			ascii2ebcdic(&(sbuf[sbuf_off]),&(sbuf[sbuf_off]),sbuf_len);
 #endif
-			i=write(fileno(stdout),&(sbuf[sbuf_off]),sbuf_len);
+			i=raw_write_stdout(&(sbuf[sbuf_off]),sbuf_len);
 
 			if (i <= 0)
 				{
 				BIO_printf(bio_c_out,"DONE\n");
+				ret = 0;
 				goto shut;
 				/* goto end; */
 				}
@@ -932,10 +1519,12 @@ printf("read=%d pending=%d peek=%d\n",k,SSL_pending(con),SSL_peek(con,zbuf,10240
 				BIO_printf(bio_c_out,"read X BLOCK\n");
 				break;
 			case SSL_ERROR_SYSCALL:
-				BIO_printf(bio_err,"read:errno=%d\n",get_last_socket_error());
+				ret=get_last_socket_error();
+				BIO_printf(bio_err,"read:errno=%d\n",ret);
 				goto shut;
 			case SSL_ERROR_ZERO_RETURN:
 				BIO_printf(bio_c_out,"closed\n");
+				ret=0;
 				goto shut;
 			case SSL_ERROR_SSL:
 				ERR_print_errors(bio_err);
@@ -951,7 +1540,9 @@ printf("read=%d pending=%d peek=%d\n",k,SSL_pending(con),SSL_peek(con,zbuf,10240
 		else if ((_kbhit()) || (WAIT_OBJECT_0 == WaitForSingleObject(GetStdHandle(STD_INPUT_HANDLE), 0)))
 #endif
 #elif defined (OPENSSL_SYS_NETWARE)
-        else if (_kbhit())
+		else if (_kbhit())
+#elif defined(OPENSSL_SYS_BEOS_R5)
+		else if (stdin_set)
 #else
 #ifdef OPENSSL_SYS_VMS
                 else if (FD_ISSET(stdin_sock,&readfds))
@@ -964,11 +1555,7 @@ printf("read=%d pending=%d peek=%d\n",k,SSL_pending(con),SSL_peek(con,zbuf,10240
 				{
 				int j, lf_num;
 
-#ifdef OPENSSL_SYS_VMS
-                                i=recv(stdin_sock,cbuf,BUFSIZZ/2,0);
-#else
-                                i=read(fileno(stdin),cbuf,BUFSIZZ/2);
-#endif
+				i=raw_read_stdin(cbuf,BUFSIZZ/2);
 				lf_num = 0;
 				/* both loops are skipped when i <= 0 */
 				for (j = 0; j < i; j++)
@@ -987,15 +1574,12 @@ printf("read=%d pending=%d peek=%d\n",k,SSL_pending(con),SSL_peek(con,zbuf,10240
 				assert(lf_num == 0);
 				}
 			else
-#ifdef OPENSSL_SYS_VMS
-                                i=recv(stdin_sock,cbuf,BUFSIZZ,0);
-#else
-                                i=read(fileno(stdin),cbuf,BUFSIZZ);
-#endif
+				i=raw_read_stdin(cbuf,BUFSIZZ);
 
 			if ((!c_ign_eof) && ((i <= 0) || (cbuf[0] == 'Q')))
 				{
 				BIO_printf(bio_err,"DONE\n");
+				ret=0;
 				goto shut;
 				}
 
@@ -1018,14 +1602,20 @@ printf("read=%d pending=%d peek=%d\n",k,SSL_pending(con),SSL_peek(con,zbuf,10240
 			read_tty=0;
 			}
 		}
+
+	ret=0;
 shut:
+	if (in_init)
+		print_stuff(bio_c_out,con,full_log);
 	SSL_shutdown(con);
 	SHUTDOWN(SSL_get_fd(con));
-	ret=0;
 end:
-	if(prexit) print_stuff(bio_c_out,con,1);
-	if (con != NULL) SSL_free(con);
-	if (con2 != NULL) SSL_free(con2);
+	if (con != NULL)
+		{
+		if (prexit != 0)
+			print_stuff(bio_c_out,con,1);
+		SSL_free(con);
+		}
 	if (ctx != NULL) SSL_CTX_free(ctx);
 	if (cert)
 		X509_free(cert);
@@ -1053,14 +1643,16 @@ static void print_stuff(BIO *bio, SSL *s, int full)
 	{
 	X509 *peer=NULL;
 	char *p;
-	static char *space="                ";
+	static const char *space="                ";
 	char buf[BUFSIZ];
 	STACK_OF(X509) *sk;
 	STACK_OF(X509_NAME) *sk2;
-	SSL_CIPHER *c;
+	const SSL_CIPHER *c;
 	X509_NAME *xn;
 	int j,i;
+#ifndef OPENSSL_NO_COMP
 	const COMP_METHOD *comp, *expansion;
+#endif
 
 	if (full)
 		{
@@ -1163,17 +1755,50 @@ static void print_stuff(BIO *bio, SSL *s, int full)
 							 EVP_PKEY_bits(pktmp));
 		EVP_PKEY_free(pktmp);
 	}
+	BIO_printf(bio, "Secure Renegotiation IS%s supported\n",
+			SSL_get_secure_renegotiation_support(s) ? "" : " NOT");
+#ifndef OPENSSL_NO_COMP
 	comp=SSL_get_current_compression(s);
 	expansion=SSL_get_current_expansion(s);
 	BIO_printf(bio,"Compression: %s\n",
 		comp ? SSL_COMP_get_name(comp) : "NONE");
 	BIO_printf(bio,"Expansion: %s\n",
 		expansion ? SSL_COMP_get_name(expansion) : "NONE");
+#endif
 	SSL_SESSION_print(bio,SSL_get_session(s));
 	BIO_printf(bio,"---\n");
 	if (peer != NULL)
 		X509_free(peer);
 	/* flush, or debugging output gets mixed with http response */
-	BIO_flush(bio);
+	(void)BIO_flush(bio);
+	}
+
+#ifndef OPENSSL_NO_TLSEXT
+
+static int ocsp_resp_cb(SSL *s, void *arg)
+	{
+	const unsigned char *p;
+	int len;
+	OCSP_RESPONSE *rsp;
+	len = SSL_get_tlsext_status_ocsp_resp(s, &p);
+	BIO_puts(arg, "OCSP response: ");
+	if (!p)
+		{
+		BIO_puts(arg, "no response sent\n");
+		return 1;
+		}
+	rsp = d2i_OCSP_RESPONSE(NULL, &p, len);
+	if (!rsp)
+		{
+		BIO_puts(arg, "response parse error\n");
+		BIO_dump_indent(arg, (char *)p, len, 4);
+		return 0;
+		}
+	BIO_puts(arg, "\n======================================\n");
+	OCSP_RESPONSE_print(arg, rsp, 0);
+	BIO_puts(arg, "======================================\n");
+	OCSP_RESPONSE_free(rsp);
+	return 1;
 	}
 
+#endif
diff --git a/apps/s_server.c b/apps/s_server.c
index 3aae7c3742..57e975b24b 100644
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -56,7 +56,7 @@
  * [including the GNU Public Licence.]
  */
 /* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -113,6 +113,32 @@
  * ECC cipher suite support in OpenSSL originally developed by 
  * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
  */
+/* ====================================================================
+ * Copyright 2005 Nokia. All rights reserved.
+ *
+ * The portions of the attached software ("Contribution") is developed by
+ * Nokia Corporation and is licensed pursuant to the OpenSSL open source
+ * license.
+ *
+ * The Contribution, originally written by Mika Kousa and Pasi Eronen of
+ * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+ * support (see RFC 4279) to OpenSSL.
+ *
+ * No patent licenses or other rights except those expressly stated in
+ * the OpenSSL open source license shall be deemed granted or received
+ * expressly, by implication, estoppel, or otherwise.
+ *
+ * No assurances are provided by Nokia that the Contribution does not
+ * infringe the patent or other intellectual property rights of any third
+ * party or that the license provides you with all the necessary rights
+ * to make use of the Contribution.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+ * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+ * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+ * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+ * OTHERWISE.
+ */
 
 /* Until the key-gen callbacks are modified to use newer prototypes, we allow
  * deprecated functions for openssl-internal code */
@@ -121,11 +147,11 @@
 #endif
 
 #include <assert.h>
+#include <ctype.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
 
-#include <sys/stat.h>
 #include <openssl/e_os2.h>
 #ifdef OPENSSL_NO_STDIO
 #define APPS_WIN16
@@ -153,25 +179,25 @@ typedef unsigned int u_int;
 #include <openssl/x509.h>
 #include <openssl/ssl.h>
 #include <openssl/rand.h>
-#include "s_apps.h"
-
-#ifdef OPENSSL_SYS_VMS
-#include "term_sock.h"
-#endif
-
-#ifdef OPENSSL_SYS_WINCE
-/* Windows CE incorrectly defines fileno as returning void*, so to avoid problems below... */
-#ifdef fileno
-#undef fileno
+#include <openssl/ocsp.h>
+#ifndef OPENSSL_NO_DH
+#include <openssl/dh.h>
 #endif
-#define fileno(a) (int)_fileno(a)
+#ifndef OPENSSL_NO_RSA
+#include <openssl/rsa.h>
 #endif
+#include "s_apps.h"
+#include "timeouts.h"
 
 #if (defined(OPENSSL_SYS_VMS) && __VMS_VER < 70000000)
 /* FIONBIO used as a switch to enable ioctl, and that isn't in VMS < 7.0 */
 #undef FIONBIO
 #endif
 
+#if defined(OPENSSL_SYS_BEOS_R5)
+#include <fcntl.h>
+#endif
+
 #ifndef OPENSSL_NO_RSA
 static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export, int keylength);
 #endif
@@ -183,8 +209,10 @@ static int init_ssl_connection(SSL *s);
 static void print_stats(BIO *bp,SSL_CTX *ctx);
 static int generate_session_id(const SSL *ssl, unsigned char *id,
 				unsigned int *id_len);
+static void init_session_cache_ctx(SSL_CTX *sctx);
+static void free_sessions(void);
 #ifndef OPENSSL_NO_DH
-static DH *load_dh_param(char *dhfile);
+static DH *load_dh_param(const char *dhfile);
 static DH *get_dh512(void);
 #endif
 
@@ -192,14 +220,6 @@ static DH *get_dh512(void);
 static void s_server_init(void);
 #endif
 
-#ifndef S_ISDIR
-# if defined(_S_IFMT) && defined(_S_IFDIR)
-#  define S_ISDIR(a)	(((a) & _S_IFMT) == _S_IFDIR)
-# else
-#  define S_ISDIR(a)	(((a) & S_IFMT) == S_IFDIR)
-# endif
-#endif
-
 #ifndef OPENSSL_NO_DH
 static unsigned char dh512_p[]={
 	0xDA,0x58,0x3C,0x16,0xD9,0x85,0x22,0x89,0xD0,0xE4,0xAF,0x75,
@@ -235,15 +255,21 @@ static int bufsize=BUFSIZZ;
 static int accept_socket= -1;
 
 #define TEST_CERT	"server.pem"
+#ifndef OPENSSL_NO_TLSEXT
+#define TEST_CERT2	"server2.pem"
+#endif
 #undef PROG
 #define PROG		s_server_main
 
-extern int verify_depth;
+extern int verify_depth, verify_return_error;
 
 static char *cipher=NULL;
 static int s_server_verify=SSL_VERIFY_NONE;
 static int s_server_session_id_context = 1; /* anything will do */
-static char *s_cert_file=TEST_CERT,*s_key_file=NULL;
+static const char *s_cert_file=TEST_CERT,*s_key_file=NULL;
+#ifndef OPENSSL_NO_TLSEXT
+static const char *s_cert_file2=TEST_CERT2,*s_key_file2=NULL;
+#endif
 static char *s_dcert_file=NULL,*s_dkey_file=NULL;
 #ifdef FIONBIO
 static int s_nbio=0;
@@ -251,10 +277,18 @@ static int s_nbio=0;
 static int s_nbio_test=0;
 int s_crlf=0;
 static SSL_CTX *ctx=NULL;
+#ifndef OPENSSL_NO_TLSEXT
+static SSL_CTX *ctx2=NULL;
+#endif
 static int www=0;
 
 static BIO *bio_s_out=NULL;
 static int s_debug=0;
+#ifndef OPENSSL_NO_TLSEXT
+static int s_tlsextdebug=0;
+static int s_tlsextstatus=0;
+static int cert_status_cb(SSL *s, void *arg);
+#endif
 static int s_msg=0;
 static int s_quiet=0;
 
@@ -264,6 +298,79 @@ static char *engine_id=NULL;
 #endif
 static const char *session_id_prefix=NULL;
 
+static int enable_timeouts = 0;
+static long socket_mtu;
+#ifndef OPENSSL_NO_DTLS1
+static int cert_chain = 0;
+#endif
+
+#ifndef OPENSSL_NO_PSK
+static char *psk_identity="Client_identity";
+char *psk_key=NULL; /* by default PSK is not used */
+
+static unsigned int psk_server_cb(SSL *ssl, const char *identity,
+	unsigned char *psk, unsigned int max_psk_len)
+	{
+	unsigned int psk_len = 0;
+	int ret;
+	BIGNUM *bn = NULL;
+
+	if (s_debug)
+		BIO_printf(bio_s_out,"psk_server_cb\n");
+	if (!identity)
+		{
+		BIO_printf(bio_err,"Error: client did not send PSK identity\n");
+		goto out_err;
+		}
+	if (s_debug)
+		BIO_printf(bio_s_out,"identity_len=%d identity=%s\n",
+			identity ? (int)strlen(identity) : 0, identity);
+
+	/* here we could lookup the given identity e.g. from a database */
+  	if (strcmp(identity, psk_identity) != 0)
+		{
+                BIO_printf(bio_s_out, "PSK error: client identity not found"
+			   " (got '%s' expected '%s')\n", identity,
+			   psk_identity);
+		goto out_err;
+                }
+	if (s_debug)
+		BIO_printf(bio_s_out, "PSK client identity found\n");
+
+	/* convert the PSK key to binary */
+	ret = BN_hex2bn(&bn, psk_key);
+	if (!ret)
+		{
+		BIO_printf(bio_err,"Could not convert PSK key '%s' to BIGNUM\n", psk_key);
+		if (bn)
+			BN_free(bn);
+		return 0;
+		}
+	if (BN_num_bytes(bn) > (int)max_psk_len)
+		{
+		BIO_printf(bio_err,"psk buffer of callback is too small (%d) for key (%d)\n",
+			max_psk_len, BN_num_bytes(bn));
+		BN_free(bn);
+		return 0;
+		}
+
+	ret = BN_bn2bin(bn, psk);
+	BN_free(bn);
+
+	if (ret < 0)
+		goto out_err;
+	psk_len = (unsigned int)ret;
+
+	if (s_debug)
+		BIO_printf(bio_s_out, "fetched PSK len=%d\n", psk_len);
+        return psk_len;
+ out_err:
+	if (s_debug)
+		BIO_printf(bio_err, "Error in PSK server callback\n");
+	return 0;
+        }
+#endif
+
 #ifdef MONOLITH
 static void s_server_init(void)
 	{
@@ -274,6 +381,11 @@ static void s_server_init(void)
 	s_dkey_file=NULL;
 	s_cert_file=TEST_CERT;
 	s_key_file=NULL;
+#ifndef OPENSSL_NO_TLSEXT
+	s_cert_file2=TEST_CERT2;
+	s_key_file2=NULL;
+	ctx2=NULL;
+#endif
 #ifdef FIONBIO
 	s_nbio=0;
 #endif
@@ -302,6 +414,11 @@ static void sv_usage(void)
 	BIO_printf(bio_err," -Verify arg   - turn on peer certificate verification, must have a cert.\n");
 	BIO_printf(bio_err," -cert arg     - certificate file to use\n");
 	BIO_printf(bio_err,"                 (default is %s)\n",TEST_CERT);
+	BIO_printf(bio_err," -crl_check    - check the peer certificate has not been revoked by its CA.\n" \
+	                   "                 The CRL(s) are appended to the certificate file\n");
+	BIO_printf(bio_err," -crl_check_all - check the peer certificate has not been revoked by its CA\n" \
+	                   "                 or any other CRL in the CA chain. CRL(s) are appened to the\n" \
+	                   "                 the certificate file.\n");
 	BIO_printf(bio_err," -certform arg - certificate format (PEM or DER) PEM default\n");
 	BIO_printf(bio_err," -key arg      - Private Key file to use, in cert file if\n");
 	BIO_printf(bio_err,"                 not specified (default is %s)\n",TEST_CERT);
@@ -317,7 +434,7 @@ static void sv_usage(void)
 #ifndef OPENSSL_NO_ECDH
 	BIO_printf(bio_err," -named_curve arg  - Elliptic curve name to use for ephemeral ECDH keys.\n" \
 	                   "                 Use \"openssl ecparam -list_curves\" for all names\n" \
-	                   "                 (default is sect163r2).\n");
+	                   "                 (default is nistp256).\n");
 #endif
 #ifdef FIONBIO
 	BIO_printf(bio_err," -nbio         - Run with non-blocking IO\n");
@@ -334,12 +451,25 @@ static void sv_usage(void)
 	BIO_printf(bio_err," -serverpref   - Use server's cipher preferences\n");
 	BIO_printf(bio_err," -quiet        - No server output\n");
 	BIO_printf(bio_err," -no_tmp_rsa   - Do not generate a tmp RSA key\n");
+#ifndef OPENSSL_NO_PSK
+	BIO_printf(bio_err," -psk_hint arg - PSK identity hint to use\n");
+	BIO_printf(bio_err," -psk arg      - PSK in hex (without 0x)\n");
+# ifndef OPENSSL_NO_JPAKE
+	BIO_printf(bio_err," -jpake arg    - JPAKE secret to use\n");
+# endif
+#endif
 	BIO_printf(bio_err," -ssl2         - Just talk SSLv2\n");
 	BIO_printf(bio_err," -ssl3         - Just talk SSLv3\n");
+	BIO_printf(bio_err," -tls1_1       - Just talk TLSv1_1\n");
 	BIO_printf(bio_err," -tls1         - Just talk TLSv1\n");
+	BIO_printf(bio_err," -dtls1        - Just talk DTLSv1\n");
+	BIO_printf(bio_err," -timeout      - Enable timeouts\n");
+	BIO_printf(bio_err," -mtu          - Set link layer MTU\n");
+	BIO_printf(bio_err," -chain        - Read a certificate chain\n");
 	BIO_printf(bio_err," -no_ssl2      - Just disable SSLv2\n");
 	BIO_printf(bio_err," -no_ssl3      - Just disable SSLv3\n");
 	BIO_printf(bio_err," -no_tls1      - Just disable TLSv1\n");
+	BIO_printf(bio_err," -no_tls1_1    - Just disable TLSv1.1\n");
 #ifndef OPENSSL_NO_DH
 	BIO_printf(bio_err," -no_dhe       - Disable ephemeral DH\n");
 #endif
@@ -356,6 +486,17 @@ static void sv_usage(void)
 #endif
 	BIO_printf(bio_err," -id_prefix arg - Generate SSL/TLS session IDs prefixed by 'arg'\n");
 	BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
+#ifndef OPENSSL_NO_TLSEXT
+	BIO_printf(bio_err," -servername host - servername for HostName TLS extension\n");
+	BIO_printf(bio_err," -servername_fatal - on mismatch send fatal alert (default warning alert)\n");
+	BIO_printf(bio_err," -cert2 arg    - certificate file to use for servername\n");
+	BIO_printf(bio_err,"                 (default is %s)\n",TEST_CERT2);
+	BIO_printf(bio_err," -key2 arg     - Private Key file to use for servername, in cert file if\n");
+	BIO_printf(bio_err,"                 not specified (default is %s)\n",TEST_CERT2);
+	BIO_printf(bio_err," -tlsextdebug  - hex dump of all TLS extensions received\n");
+	BIO_printf(bio_err," -no_ticket    - disable use of RFC4507bis session tickets\n");
+	BIO_printf(bio_err," -legacy_renegotiation - enable use of legacy renegotiation (dangerous)\n");
+#endif
 	}
 
 static int local_argc=0;
@@ -511,26 +652,211 @@ static int ebcdic_puts(BIO *bp, const char *str)
 }
 #endif
 
+#ifndef OPENSSL_NO_TLSEXT
+
+/* This is a context that we pass to callbacks */
+typedef struct tlsextctx_st {
+   char * servername;
+   BIO * biodebug;
+   int extension_error;
+} tlsextctx;
+
+
+static int MS_CALLBACK ssl_servername_cb(SSL *s, int *ad, void *arg)
+	{
+	tlsextctx * p = (tlsextctx *) arg;
+	const char * servername = SSL_get_servername(s, TLSEXT_NAMETYPE_host_name);
+        if (servername && p->biodebug) 
+		BIO_printf(p->biodebug,"Hostname in TLS extension: \"%s\"\n",servername);
+        
+	if (!p->servername)
+		return SSL_TLSEXT_ERR_NOACK;
+	
+	if (servername)
+		{
+    		if (strcmp(servername,p->servername)) 
+			return p->extension_error;
+		if (ctx2)
+			{
+			BIO_printf(p->biodebug,"Switching server context.\n");
+			SSL_set_SSL_CTX(s,ctx2);
+			}     
+		}
+	return SSL_TLSEXT_ERR_OK;
+}
+
+/* Structure passed to cert status callback */
+
+typedef struct tlsextstatusctx_st {
+   /* Default responder to use */
+   char *host, *path, *port;
+   int use_ssl;
+   int timeout;
+   BIO *err;
+   int verbose;
+} tlsextstatusctx;
+
+static tlsextstatusctx tlscstatp = {NULL, NULL, NULL, 0, -1, NULL, 0};
+
+/* Certificate Status callback. This is called when a client includes a
+ * certificate status request extension.
+ *
+ * This is a simplified version. It examines certificates each time and
+ * makes one OCSP responder query for each request.
+ *
+ * A full version would store details such as the OCSP certificate IDs and
+ * minimise the number of OCSP responses by caching them until they were
+ * considered "expired".
+ */
+
+static int cert_status_cb(SSL *s, void *arg)
+	{
+	tlsextstatusctx *srctx = arg;
+	BIO *err = srctx->err;
+	char *host, *port, *path;
+	int use_ssl;
+	unsigned char *rspder = NULL;
+	int rspderlen;
+	STACK_OF(OPENSSL_STRING) *aia = NULL;
+	X509 *x = NULL;
+	X509_STORE_CTX inctx;
+	X509_OBJECT obj;
+	OCSP_REQUEST *req = NULL;
+	OCSP_RESPONSE *resp = NULL;
+	OCSP_CERTID *id = NULL;
+	STACK_OF(X509_EXTENSION) *exts;
+	int ret = SSL_TLSEXT_ERR_NOACK;
+	int i;
+#if 0
+STACK_OF(OCSP_RESPID) *ids;
+SSL_get_tlsext_status_ids(s, &ids);
+BIO_printf(err, "cert_status: received %d ids\n", sk_OCSP_RESPID_num(ids));
+#endif
+	if (srctx->verbose)
+		BIO_puts(err, "cert_status: callback called\n");
+	/* Build up OCSP query from server certificate */
+	x = SSL_get_certificate(s);
+	aia = X509_get1_ocsp(x);
+	if (aia)
+		{
+		if (!OCSP_parse_url(sk_OPENSSL_STRING_value(aia, 0),
+			&host, &port, &path, &use_ssl))
+			{
+			BIO_puts(err, "cert_status: can't parse AIA URL\n");
+			goto err;
+			}
+		if (srctx->verbose)
+			BIO_printf(err, "cert_status: AIA URL: %s\n",
+					sk_OPENSSL_STRING_value(aia, 0));
+		}
+	else
+		{
+		if (!srctx->host)
+			{
+			BIO_puts(srctx->err, "cert_status: no AIA and no default responder URL\n");
+			goto done;
+			}
+		host = srctx->host;
+		path = srctx->path;
+		port = srctx->port;
+		use_ssl = srctx->use_ssl;
+		}
+		
+	if (!X509_STORE_CTX_init(&inctx,
+				SSL_CTX_get_cert_store(SSL_get_SSL_CTX(s)),
+				NULL, NULL))
+		goto err;
+	if (X509_STORE_get_by_subject(&inctx,X509_LU_X509,
+				X509_get_issuer_name(x),&obj) <= 0)
+		{
+		BIO_puts(err, "cert_status: Can't retrieve issuer certificate.\n");
+		X509_STORE_CTX_cleanup(&inctx);
+		goto done;
+		}
+	req = OCSP_REQUEST_new();
+	if (!req)
+		goto err;
+	id = OCSP_cert_to_id(NULL, x, obj.data.x509);
+	X509_free(obj.data.x509);
+	X509_STORE_CTX_cleanup(&inctx);
+	if (!id)
+		goto err;
+	if (!OCSP_request_add0_id(req, id))
+		goto err;
+	id = NULL;
+	/* Add any extensions to the request */
+	SSL_get_tlsext_status_exts(s, &exts);
+	for (i = 0; i < sk_X509_EXTENSION_num(exts); i++)
+		{
+		X509_EXTENSION *ext = sk_X509_EXTENSION_value(exts, i);
+		if (!OCSP_REQUEST_add_ext(req, ext, -1))
+			goto err;
+		}
+	resp = process_responder(err, req, host, path, port, use_ssl, NULL,
+					srctx->timeout);
+	if (!resp)
+		{
+		BIO_puts(err, "cert_status: error querying responder\n");
+		goto done;
+		}
+	rspderlen = i2d_OCSP_RESPONSE(resp, &rspder);
+	if (rspderlen <= 0)
+		goto err;
+	SSL_set_tlsext_status_ocsp_resp(s, rspder, rspderlen);
+	if (srctx->verbose)
+		{
+		BIO_puts(err, "cert_status: ocsp response sent:\n");
+		OCSP_RESPONSE_print(err, resp, 2);
+		}
+	ret = SSL_TLSEXT_ERR_OK;
+	done:
+	if (ret != SSL_TLSEXT_ERR_OK)
+		ERR_print_errors(err);
+	if (aia)
+		{
+		OPENSSL_free(host);
+		OPENSSL_free(path);
+		OPENSSL_free(port);
+		X509_email_free(aia);
+		}
+	if (id)
+		OCSP_CERTID_free(id);
+	if (req)
+		OCSP_REQUEST_free(req);
+	if (resp)
+		OCSP_RESPONSE_free(resp);
+	return ret;
+	err:
+	ret = SSL_TLSEXT_ERR_ALERT_FATAL;
+	goto done;
+	}
+#endif
+
 int MAIN(int, char **);
 
+#ifndef OPENSSL_NO_JPAKE
+static char *jpake_secret = NULL;
+#endif
+
 int MAIN(int argc, char *argv[])
 	{
-	X509_STORE *store = NULL;
-	int vflags = 0;
+	X509_VERIFY_PARAM *vpm = NULL;
+	int badarg = 0;
 	short port=PORT;
 	char *CApath=NULL,*CAfile=NULL;
-	char *context = NULL;
+	unsigned char *context = NULL;
 	char *dhfile = NULL;
+#ifndef OPENSSL_NO_ECDH
 	char *named_curve = NULL;
+#endif
 	int badop=0,bugs=0;
 	int ret=1;
 	int off=0;
 	int no_tmp_rsa=0,no_dhe=0,no_ecdhe=0,nocert=0;
 	int state=0;
-	SSL_METHOD *meth=NULL;
-#ifndef OPENSSL_NO_ENGINE
+	const SSL_METHOD *meth=NULL;
+	int socket_type=SOCK_STREAM;
 	ENGINE *e=NULL;
-#endif
 	char *inrand=NULL;
 	int s_cert_format = FORMAT_PEM, s_key_format = FORMAT_PEM;
 	char *passarg = NULL, *pass = NULL;
@@ -538,7 +864,18 @@ int MAIN(int argc, char *argv[])
 	int s_dcert_format = FORMAT_PEM, s_dkey_format = FORMAT_PEM;
 	X509 *s_cert = NULL, *s_dcert = NULL;
 	EVP_PKEY *s_key = NULL, *s_dkey = NULL;
-
+	int no_cache = 0, ext_cache = 0;
+#ifndef OPENSSL_NO_TLSEXT
+	EVP_PKEY *s_key2 = NULL;
+	X509 *s_cert2 = NULL;
+#endif
+#ifndef OPENSSL_NO_TLSEXT
+        tlsextctx tlsextcbp = {NULL, NULL, SSL_TLSEXT_ERR_ALERT_WARNING};
+#endif
+#ifndef OPENSSL_NO_PSK
+	/* by default do not send a PSK identity hint */
+	static char *psk_identity_hint=NULL;
+#endif
 #if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
 	meth=SSLv23_server_method();
 #elif !defined(OPENSSL_NO_SSL3)
@@ -597,7 +934,7 @@ int MAIN(int argc, char *argv[])
 		else if	(strcmp(*argv,"-context") == 0)
 			{
 			if (--argc < 1) goto bad;
-			context= *(++argv);
+			context= (unsigned char *)*(++argv);
 			}
 		else if	(strcmp(*argv,"-cert") == 0)
 			{
@@ -670,16 +1007,22 @@ int MAIN(int argc, char *argv[])
 			if (--argc < 1) goto bad;
 			CApath= *(++argv);
 			}
-		else if (strcmp(*argv,"-crl_check") == 0)
-			{
-			vflags |= X509_V_FLAG_CRL_CHECK;
-			}
-		else if (strcmp(*argv,"-crl_check") == 0)
+		else if (strcmp(*argv,"-no_cache") == 0)
+			no_cache = 1;
+		else if (strcmp(*argv,"-ext_cache") == 0)
+			ext_cache = 1;
+		else if (args_verify(&argv, &argc, &badarg, bio_err, &vpm))
 			{
-			vflags |= X509_V_FLAG_CRL_CHECK|X509_V_FLAG_CRL_CHECK_ALL;
+			if (badarg)
+				goto bad;
+			continue;
 			}
+		else if (strcmp(*argv,"-verify_return_error") == 0)
+			verify_return_error = 1;
 		else if	(strcmp(*argv,"-serverpref") == 0)
 			{ off|=SSL_OP_CIPHER_SERVER_PREFERENCE; }
+		else if (strcmp(*argv,"-legacy_renegotiation") == 0)
+			off|=SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION;
 		else if	(strcmp(*argv,"-cipher") == 0)
 			{
 			if (--argc < 1) goto bad;
@@ -703,6 +1046,37 @@ int MAIN(int argc, char *argv[])
 			}
 		else if	(strcmp(*argv,"-debug") == 0)
 			{ s_debug=1; }
+#ifndef OPENSSL_NO_TLSEXT
+		else if	(strcmp(*argv,"-tlsextdebug") == 0)
+			s_tlsextdebug=1;
+		else if	(strcmp(*argv,"-status") == 0)
+			s_tlsextstatus=1;
+		else if	(strcmp(*argv,"-status_verbose") == 0)
+			{
+			s_tlsextstatus=1;
+			tlscstatp.verbose = 1;
+			}
+		else if (!strcmp(*argv, "-status_timeout"))
+			{
+			s_tlsextstatus=1;
+                        if (--argc < 1) goto bad;
+			tlscstatp.timeout = atoi(*(++argv));
+			}
+		else if (!strcmp(*argv, "-status_url"))
+			{
+			s_tlsextstatus=1;
+                        if (--argc < 1) goto bad;
+			if (!OCSP_parse_url(*(++argv),
+					&tlscstatp.host,
+					&tlscstatp.port,
+					&tlscstatp.path,
+					&tlscstatp.use_ssl))
+				{
+				BIO_printf(bio_err, "Error parsing URL\n");
+				goto bad;
+				}
+			}
+#endif
 		else if	(strcmp(*argv,"-msg") == 0)
 			{ s_msg=1; }
 		else if	(strcmp(*argv,"-hack") == 0)
@@ -721,6 +1095,27 @@ int MAIN(int argc, char *argv[])
 			{ no_dhe=1; }
 		else if	(strcmp(*argv,"-no_ecdhe") == 0)
 			{ no_ecdhe=1; }
+#ifndef OPENSSL_NO_PSK
+                else if (strcmp(*argv,"-psk_hint") == 0)
+			{
+                        if (--argc < 1) goto bad;
+                        psk_identity_hint= *(++argv);
+                        }
+                else if (strcmp(*argv,"-psk") == 0)
+			{
+			size_t i;
+
+			if (--argc < 1) goto bad;
+			psk_key=*(++argv);
+			for (i=0; i<strlen(psk_key); i++)
+				{
+				if (isxdigit((int)psk_key[i]))
+					continue;
+				BIO_printf(bio_err,"Not a hex number '%s'\n",*argv);
+				goto bad;
+				}
+			}
+#endif
 		else if	(strcmp(*argv,"-www") == 0)
 			{ www=1; }
 		else if	(strcmp(*argv,"-WWW") == 0)
@@ -731,8 +1126,16 @@ int MAIN(int argc, char *argv[])
 			{ off|=SSL_OP_NO_SSLv2; }
 		else if	(strcmp(*argv,"-no_ssl3") == 0)
 			{ off|=SSL_OP_NO_SSLv3; }
+		else if	(strcmp(*argv,"-no_tls1_1") == 0)
+			{ off|=SSL_OP_NO_TLSv1_1; }
 		else if	(strcmp(*argv,"-no_tls1") == 0)
 			{ off|=SSL_OP_NO_TLSv1; }
+		else if	(strcmp(*argv,"-no_comp") == 0)
+			{ off|=SSL_OP_NO_COMPRESSION; }
+#ifndef OPENSSL_NO_TLSEXT
+		else if	(strcmp(*argv,"-no_ticket") == 0)
+			{ off|=SSL_OP_NO_TICKET; }
+#endif
 #ifndef OPENSSL_NO_SSL2
 		else if	(strcmp(*argv,"-ssl2") == 0)
 			{ meth=SSLv2_server_method(); }
@@ -742,9 +1145,27 @@ int MAIN(int argc, char *argv[])
 			{ meth=SSLv3_server_method(); }
 #endif
 #ifndef OPENSSL_NO_TLS1
+		else if	(strcmp(*argv,"-tls1_1") == 0)
+			{ meth=TLSv1_1_server_method(); }
 		else if	(strcmp(*argv,"-tls1") == 0)
 			{ meth=TLSv1_server_method(); }
 #endif
+#ifndef OPENSSL_NO_DTLS1
+		else if	(strcmp(*argv,"-dtls1") == 0)
+			{ 
+			meth=DTLSv1_server_method();
+			socket_type = SOCK_DGRAM;
+			}
+		else if (strcmp(*argv,"-timeout") == 0)
+			enable_timeouts = 1;
+		else if (strcmp(*argv,"-mtu") == 0)
+			{
+			if (--argc < 1) goto bad;
+			socket_mtu = atol(*(++argv));
+			}
+		else if (strcmp(*argv, "-chain") == 0)
+			cert_chain = 1;
+#endif
 		else if (strcmp(*argv, "-id_prefix") == 0)
 			{
 			if (--argc < 1) goto bad;
@@ -762,6 +1183,33 @@ int MAIN(int argc, char *argv[])
 			if (--argc < 1) goto bad;
 			inrand= *(++argv);
 			}
+#ifndef OPENSSL_NO_TLSEXT
+		else if (strcmp(*argv,"-servername") == 0)
+			{
+			if (--argc < 1) goto bad;
+			tlsextcbp.servername= *(++argv);
+			}
+		else if (strcmp(*argv,"-servername_fatal") == 0)
+			{ tlsextcbp.extension_error = SSL_TLSEXT_ERR_ALERT_FATAL; }
+		else if	(strcmp(*argv,"-cert2") == 0)
+			{
+			if (--argc < 1) goto bad;
+			s_cert_file2= *(++argv);
+			}
+		else if	(strcmp(*argv,"-key2") == 0)
+			{
+			if (--argc < 1) goto bad;
+			s_key_file2= *(++argv);
+			}
+			
+#endif
+#if !defined(OPENSSL_NO_JPAKE) && !defined(OPENSSL_NO_PSK)
+		else if (strcmp(*argv,"-jpake") == 0)
+			{
+			if (--argc < 1) goto bad;
+			jpake_secret = *(++argv);
+			}
+#endif
 		else
 			{
 			BIO_printf(bio_err,"unknown option %s\n",*argv);
@@ -778,6 +1226,26 @@ bad:
 		goto end;
 		}
 
+#if !defined(OPENSSL_NO_JPAKE) && !defined(OPENSSL_NO_PSK)
+	if (jpake_secret)
+		{
+		if (psk_key)
+			{
+			BIO_printf(bio_err,
+				   "Can't use JPAKE and PSK together\n");
+			goto end;
+			}
+		psk_identity = "JPAKE";
+		if (cipher)
+			{
+			BIO_printf(bio_err, "JPAKE sets cipher to PSK\n");
+			goto end;
+			}
+		cipher = "PSK";
+		}
+
+#endif
+
 	SSL_load_error_strings();
 	OpenSSL_add_ssl_algorithms();
 
@@ -794,24 +1262,54 @@ bad:
 
 	if (s_key_file == NULL)
 		s_key_file = s_cert_file;
+#ifndef OPENSSL_NO_TLSEXT
+	if (s_key_file2 == NULL)
+		s_key_file2 = s_cert_file2;
+#endif
 
-	s_key = load_key(bio_err, s_key_file, s_key_format, 0, pass, e,
-		       "server certificate private key file");
-	if (!s_key)
+	if (nocert == 0)
 		{
-		ERR_print_errors(bio_err);
-		goto end;
-		}
+		s_key = load_key(bio_err, s_key_file, s_key_format, 0, pass, e,
+		       "server certificate private key file");
+		if (!s_key)
+			{
+			ERR_print_errors(bio_err);
+			goto end;
+			}
 
-	s_cert = load_cert(bio_err,s_cert_file,s_cert_format,
+		s_cert = load_cert(bio_err,s_cert_file,s_cert_format,
 			NULL, e, "server certificate file");
 
-	if (!s_cert)
-		{
-		ERR_print_errors(bio_err);
-		goto end;
+		if (!s_cert)
+			{
+			ERR_print_errors(bio_err);
+			goto end;
+			}
+
+#ifndef OPENSSL_NO_TLSEXT
+		if (tlsextcbp.servername) 
+			{
+			s_key2 = load_key(bio_err, s_key_file2, s_key_format, 0, pass, e,
+				"second server certificate private key file");
+			if (!s_key2)
+				{
+				ERR_print_errors(bio_err);
+				goto end;
+				}
+			
+			s_cert2 = load_cert(bio_err,s_cert_file2,s_cert_format,
+				NULL, e, "second server certificate file");
+			
+			if (!s_cert2)
+				{
+				ERR_print_errors(bio_err);
+				goto end;
+				}
+			}
+#endif
 		}
 
+
 	if (s_dcert_file)
 		{
 
@@ -868,6 +1366,10 @@ bad:
 		s_key_file=NULL;
 		s_dcert_file=NULL;
 		s_dkey_file=NULL;
+#ifndef OPENSSL_NO_TLSEXT
+		s_cert_file2=NULL;
+		s_key_file2=NULL;
+#endif
 		}
 
 	ctx=SSL_CTX_new(meth);
@@ -896,10 +1398,18 @@ bad:
 	if (bugs) SSL_CTX_set_options(ctx,SSL_OP_ALL);
 	if (hack) SSL_CTX_set_options(ctx,SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG);
 	SSL_CTX_set_options(ctx,off);
+	/* DTLS: partial reads end up discarding unread UDP bytes :-( 
+	 * Setting read ahead solves this problem.
+	 */
+	if (socket_type == SOCK_DGRAM) SSL_CTX_set_read_ahead(ctx, 1);
 
 	if (state) SSL_CTX_set_info_callback(ctx,apps_ssl_info_callback);
-
-	SSL_CTX_sess_set_cache_size(ctx,128);
+	if (no_cache)
+		SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF);
+	else if (ext_cache)
+		init_session_cache_ctx(ctx);
+	else
+		SSL_CTX_sess_set_cache_size(ctx,128);
 
 #if 0
 	if (cipher == NULL) cipher=getenv("SSL_CIPHER");
@@ -920,8 +1430,67 @@ bad:
 		ERR_print_errors(bio_err);
 		/* goto end; */
 		}
-	store = SSL_CTX_get_cert_store(ctx);
-	X509_STORE_set_flags(store, vflags);
+	if (vpm)
+		SSL_CTX_set1_param(ctx, vpm);
+
+#ifndef OPENSSL_NO_TLSEXT
+	if (s_cert2)
+		{
+		ctx2=SSL_CTX_new(meth);
+		if (ctx2 == NULL)
+			{
+			ERR_print_errors(bio_err);
+			goto end;
+			}
+		}
+	
+	if (ctx2)
+		{
+		BIO_printf(bio_s_out,"Setting secondary ctx parameters\n");
+
+		if (session_id_prefix)
+			{
+			if(strlen(session_id_prefix) >= 32)
+				BIO_printf(bio_err,
+					"warning: id_prefix is too long, only one new session will be possible\n");
+			else if(strlen(session_id_prefix) >= 16)
+				BIO_printf(bio_err,
+					"warning: id_prefix is too long if you use SSLv2\n");
+			if(!SSL_CTX_set_generate_session_id(ctx2, generate_session_id))
+				{
+				BIO_printf(bio_err,"error setting 'id_prefix'\n");
+				ERR_print_errors(bio_err);
+				goto end;
+				}
+			BIO_printf(bio_err,"id_prefix '%s' set.\n", session_id_prefix);
+			}
+		SSL_CTX_set_quiet_shutdown(ctx2,1);
+		if (bugs) SSL_CTX_set_options(ctx2,SSL_OP_ALL);
+		if (hack) SSL_CTX_set_options(ctx2,SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG);
+		SSL_CTX_set_options(ctx2,off);
+		/* DTLS: partial reads end up discarding unread UDP bytes :-( 
+		 * Setting read ahead solves this problem.
+		 */
+		if (socket_type == SOCK_DGRAM) SSL_CTX_set_read_ahead(ctx2, 1);
+
+		if (state) SSL_CTX_set_info_callback(ctx2,apps_ssl_info_callback);
+
+		if (no_cache)
+			SSL_CTX_set_session_cache_mode(ctx2,SSL_SESS_CACHE_OFF);
+		else if (ext_cache)
+			init_session_cache_ctx(ctx2);
+		else
+			SSL_CTX_sess_set_cache_size(ctx2,128);
+
+		if ((!SSL_CTX_load_verify_locations(ctx2,CAfile,CApath)) ||
+			(!SSL_CTX_set_default_verify_paths(ctx2)))
+			{
+			ERR_print_errors(bio_err);
+			}
+		if (vpm)
+			SSL_CTX_set1_param(ctx2, vpm);
+		}
+#endif 
 
 #ifndef OPENSSL_NO_DH
 	if (!no_dhe)
@@ -945,6 +1514,24 @@ bad:
 		(void)BIO_flush(bio_s_out);
 
 		SSL_CTX_set_tmp_dh(ctx,dh);
+#ifndef OPENSSL_NO_TLSEXT
+		if (ctx2)
+			{
+			if (!dhfile)
+				{ 
+				DH *dh2=load_dh_param(s_cert_file2);
+				if (dh2 != NULL)
+					{
+					BIO_printf(bio_s_out,"Setting temp DH parameters\n");
+					(void)BIO_flush(bio_s_out);
+
+					DH_free(dh);
+					dh = dh2;
+					}
+				}
+			SSL_CTX_set_tmp_dh(ctx2,dh);
+			}
+#endif
 		DH_free(dh);
 		}
 #endif
@@ -954,13 +1541,6 @@ bad:
 		{
 		EC_KEY *ecdh=NULL;
 
-		ecdh = EC_KEY_new();
-		if (ecdh == NULL)
-			{
-			BIO_printf(bio_err,"Could not create ECDH struct.\n");
-			goto end;
-			}
-
 		if (named_curve)
 			{
 			int nid = OBJ_sn2nid(named_curve);
@@ -971,9 +1551,8 @@ bad:
 					named_curve);
 				goto end;
 				}
-
-			ecdh->group = EC_GROUP_new_by_nid(nid);
-			if (ecdh->group == NULL)
+			ecdh = EC_KEY_new_by_curve_name(nid);
+			if (ecdh == NULL)
 				{
 				BIO_printf(bio_err, "unable to create curve (%s)\n", 
 					named_curve);
@@ -981,29 +1560,37 @@ bad:
 				}
 			}
 
-		if (ecdh->group != NULL)
+		if (ecdh != NULL)
 			{
 			BIO_printf(bio_s_out,"Setting temp ECDH parameters\n");
 			}
 		else
 			{
 			BIO_printf(bio_s_out,"Using default temp ECDH parameters\n");
-			ecdh->group=EC_GROUP_new_by_nid(NID_sect163r2);
-			if (ecdh->group == NULL) 
+			ecdh = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
+			if (ecdh == NULL) 
 				{
-				BIO_printf(bio_err, "unable to create curve (sect163r2)\n");
+				BIO_printf(bio_err, "unable to create curve (nistp256)\n");
 				goto end;
 				}
 			}
 		(void)BIO_flush(bio_s_out);
 
 		SSL_CTX_set_tmp_ecdh(ctx,ecdh);
+#ifndef OPENSSL_NO_TLSEXT
+		if (ctx2) 
+			SSL_CTX_set_tmp_ecdh(ctx2,ecdh);
+#endif
 		EC_KEY_free(ecdh);
 		}
 #endif
 	
 	if (!set_cert_key_stuff(ctx,s_cert,s_key))
 		goto end;
+#ifndef OPENSSL_NO_TLSEXT
+	if (ctx2 && !set_cert_key_stuff(ctx2,s_cert2,s_key2))
+		goto end; 
+#endif
 	if (s_dcert != NULL)
 		{
 		if (!set_cert_key_stuff(ctx,s_dcert,s_dkey))
@@ -1013,7 +1600,13 @@ bad:
 #ifndef OPENSSL_NO_RSA
 #if 1
 	if (!no_tmp_rsa)
+		{
 		SSL_CTX_set_tmp_rsa_callback(ctx,tmp_rsa_cb);
+#ifndef OPENSSL_NO_TLSEXT
+		if (ctx2) 
+			SSL_CTX_set_tmp_rsa_callback(ctx2,tmp_rsa_cb);
+#endif		
+		}
 #else
 	if (!no_tmp_rsa && SSL_CTX_need_tmp_RSA(ctx))
 		{
@@ -1029,30 +1622,97 @@ bad:
 			ERR_print_errors(bio_err);
 			goto end;
 			}
+#ifndef OPENSSL_NO_TLSEXT
+			if (ctx2)
+				{
+				if (!SSL_CTX_set_tmp_rsa(ctx2,rsa))
+					{
+					ERR_print_errors(bio_err);
+					goto end;
+					}
+				}
+#endif
 		RSA_free(rsa);
 		BIO_printf(bio_s_out,"\n");
 		}
 #endif
 #endif
 
-	if (cipher != NULL)
-		if(!SSL_CTX_set_cipher_list(ctx,cipher)) {
-		BIO_printf(bio_err,"error setting cipher list\n");
+#ifndef OPENSSL_NO_PSK
+#ifdef OPENSSL_NO_JPAKE
+	if (psk_key != NULL)
+#else
+	if (psk_key != NULL || jpake_secret)
+#endif
+		{
+		if (s_debug)
+			BIO_printf(bio_s_out, "PSK key given or JPAKE in use, setting server callback\n");
+		SSL_CTX_set_psk_server_callback(ctx, psk_server_cb);
+		}
+
+	if (!SSL_CTX_use_psk_identity_hint(ctx, psk_identity_hint))
+		{
+		BIO_printf(bio_err,"error setting PSK identity hint to context\n");
 		ERR_print_errors(bio_err);
 		goto end;
-	}
+		}
+#endif
+
+	if (cipher != NULL)
+		{
+		if(!SSL_CTX_set_cipher_list(ctx,cipher))
+			{
+			BIO_printf(bio_err,"error setting cipher list\n");
+			ERR_print_errors(bio_err);
+			goto end;
+			}
+#ifndef OPENSSL_NO_TLSEXT
+		if (ctx2 && !SSL_CTX_set_cipher_list(ctx2,cipher))
+			{
+			BIO_printf(bio_err,"error setting cipher list\n");
+			ERR_print_errors(bio_err);
+			goto end;
+			}
+#endif
+		}
 	SSL_CTX_set_verify(ctx,s_server_verify,verify_callback);
 	SSL_CTX_set_session_id_context(ctx,(void*)&s_server_session_id_context,
 		sizeof s_server_session_id_context);
 
+	/* Set DTLS cookie generation and verification callbacks */
+	SSL_CTX_set_cookie_generate_cb(ctx, generate_cookie_callback);
+	SSL_CTX_set_cookie_verify_cb(ctx, verify_cookie_callback);
+
+#ifndef OPENSSL_NO_TLSEXT
+	if (ctx2)
+		{
+		SSL_CTX_set_verify(ctx2,s_server_verify,verify_callback);
+		SSL_CTX_set_session_id_context(ctx2,(void*)&s_server_session_id_context,
+			sizeof s_server_session_id_context);
+
+		tlsextcbp.biodebug = bio_s_out;
+		SSL_CTX_set_tlsext_servername_callback(ctx2, ssl_servername_cb);
+		SSL_CTX_set_tlsext_servername_arg(ctx2, &tlsextcbp);
+		SSL_CTX_set_tlsext_servername_callback(ctx, ssl_servername_cb);
+		SSL_CTX_set_tlsext_servername_arg(ctx, &tlsextcbp);
+		}
+#endif
+
 	if (CAfile != NULL)
-	    SSL_CTX_set_client_CA_list(ctx,SSL_load_client_CA_file(CAfile));
+		{
+		SSL_CTX_set_client_CA_list(ctx,SSL_load_client_CA_file(CAfile));
+#ifndef OPENSSL_NO_TLSEXT
+		if (ctx2) 
+			SSL_CTX_set_client_CA_list(ctx2,SSL_load_client_CA_file(CAfile));
+#endif
+		}
 
 	BIO_printf(bio_s_out,"ACCEPT\n");
+	(void)BIO_flush(bio_s_out);
 	if (www)
-		do_server(port,&accept_socket,www_body, context);
+		do_server(port,socket_type,&accept_socket,www_body, context);
 	else
-		do_server(port,&accept_socket,sv_body, context);
+		do_server(port,socket_type,&accept_socket,sv_body, context);
 	print_stats(bio_s_out,ctx);
 	ret=0;
 end:
@@ -1069,9 +1729,17 @@ end:
 		OPENSSL_free(pass);
 	if (dpass)
 		OPENSSL_free(dpass);
+	free_sessions();
+#ifndef OPENSSL_NO_TLSEXT
+	if (ctx2 != NULL) SSL_CTX_free(ctx2);
+	if (s_cert2)
+		X509_free(s_cert2);
+	if (s_key2)
+		EVP_PKEY_free(s_key2);
+#endif
 	if (bio_s_out != NULL)
 		{
-		BIO_free(bio_s_out);
+        BIO_free(bio_s_out);
 		bio_s_out=NULL;
 		}
 	apps_shutdown();
@@ -1112,8 +1780,11 @@ static int sv_body(char *hostname, int s, unsigned char *context)
 	unsigned long l;
 	SSL *con=NULL;
 	BIO *sbio;
-#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE)
+	struct timeval timeout;
+#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_BEOS_R5)
 	struct timeval tv;
+#else
+	struct timeval *timeoutp;
 #endif
 #ifdef OPENSSL_SYS_VMS
         int stdin_sock;
@@ -1140,6 +1811,19 @@ static int sv_body(char *hostname, int s, unsigned char *context)
 
 	if (con == NULL) {
 		con=SSL_new(ctx);
+#ifndef OPENSSL_NO_TLSEXT
+	if (s_tlsextdebug)
+		{
+		SSL_set_tlsext_debug_callback(con, tlsext_cb);
+		SSL_set_tlsext_debug_arg(con, bio_s_out);
+		}
+	if (s_tlsextstatus)
+		{
+		SSL_CTX_set_tlsext_status_cb(ctx, cert_status_cb);
+		tlscstatp.err = bio_err;
+		SSL_CTX_set_tlsext_status_arg(ctx, &tlscstatp);
+		}
+#endif
 #ifndef OPENSSL_NO_KRB5
 		if ((con->kssl_ctx = kssl_ctx_new()) != NULL)
                         {
@@ -1154,8 +1838,43 @@ static int sv_body(char *hostname, int s, unsigned char *context)
 						 strlen((char *)context));
 	}
 	SSL_clear(con);
+#if 0
+#ifdef TLSEXT_TYPE_opaque_prf_input
+	SSL_set_tlsext_opaque_prf_input(con, "Test server", 11);
+#endif
+#endif
+
+	if (SSL_version(con) == DTLS1_VERSION)
+		{
+
+		sbio=BIO_new_dgram(s,BIO_NOCLOSE);
+
+		if (enable_timeouts)
+			{
+			timeout.tv_sec = 0;
+			timeout.tv_usec = DGRAM_RCV_TIMEOUT;
+			BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_RECV_TIMEOUT, 0, &timeout);
+			
+			timeout.tv_sec = 0;
+			timeout.tv_usec = DGRAM_SND_TIMEOUT;
+			BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_SEND_TIMEOUT, 0, &timeout);
+			}
+
+		if (socket_mtu > 28)
+			{
+			SSL_set_options(con, SSL_OP_NO_QUERY_MTU);
+			SSL_set_mtu(con, socket_mtu - 28);
+			}
+		else
+			/* want to do MTU discovery */
+			BIO_ctrl(sbio, BIO_CTRL_DGRAM_MTU_DISCOVER, 0, NULL);
+
+        /* turn on cookie exchange */
+        SSL_set_options(con, SSL_OP_COOKIE_EXCHANGE);
+		}
+	else
+		sbio=BIO_new_socket(s,BIO_NOCLOSE);
 
-	sbio=BIO_new_socket(s,BIO_NOCLOSE);
 	if (s_nbio_test)
 		{
 		BIO *test;
@@ -1163,6 +1882,11 @@ static int sv_body(char *hostname, int s, unsigned char *context)
 		test=BIO_new(BIO_f_nbio_test());
 		sbio=BIO_push(test,sbio);
 		}
+#ifndef OPENSSL_NO_JPAKE
+	if(jpake_secret)
+		jpake_server_auth(bio_s_out, sbio, jpake_secret);
+#endif
+
 	SSL_set_bio(con,sbio,sbio);
 	SSL_set_accept_state(con);
 	/* SSL_set_fd(con,s); */
@@ -1171,13 +1895,20 @@ static int sv_body(char *hostname, int s, unsigned char *context)
 		{
 		con->debug=1;
 		BIO_set_callback(SSL_get_rbio(con),bio_dump_callback);
-		BIO_set_callback_arg(SSL_get_rbio(con),bio_s_out);
+		BIO_set_callback_arg(SSL_get_rbio(con),(char *)bio_s_out);
 		}
 	if (s_msg)
 		{
 		SSL_set_msg_callback(con, msg_cb);
 		SSL_set_msg_callback_arg(con, bio_s_out);
 		}
+#ifndef OPENSSL_NO_TLSEXT
+	if (s_tlsextdebug)
+		{
+		SSL_set_tlsext_debug_callback(con, tlsext_cb);
+		SSL_set_tlsext_debug_arg(con, bio_s_out);
+		}
+#endif
 
 #ifdef OPENSSL_SYS_VMS
         if (stdin_sock > s)
@@ -1196,16 +1927,10 @@ static int sv_body(char *hostname, int s, unsigned char *context)
 		if (!read_from_sslcon)
 			{
 			FD_ZERO(&readfds);
-#ifndef OPENSSL_SYS_WINDOWS
-#ifdef OPENSSL_SYS_VMS
-                        FD_SET(stdin_sock,&readfds);
-#else
-#if !defined(OPENSSL_SYS_WINDOWS) && !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_NETWARE)
-			FD_SET(fileno(stdin),&readfds);
+#if !defined(OPENSSL_SYS_WINDOWS) && !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_NETWARE) && !defined(OPENSSL_SYS_BEOS_R5)
+			openssl_fdset(fileno(stdin),&readfds);
 #endif
-#endif
-#endif
-			FD_SET(s,&readfds);
+			openssl_fdset(s,&readfds);
 			/* Note: under VMS with SOCKETSHR the second parameter is
 			 * currently of type (int *) whereas under other systems
 			 * it is (void *) if you don't have a cast it will choke
@@ -1224,8 +1949,31 @@ static int sv_body(char *hostname, int s, unsigned char *context)
 			if((i < 0) || (!i && !_kbhit() ) )continue;
 			if(_kbhit())
 				read_from_terminal = 1;
+#elif defined(OPENSSL_SYS_BEOS_R5)
+			/* Under BeOS-R5 the situation is similar to DOS */
+			tv.tv_sec = 1;
+			tv.tv_usec = 0;
+			(void)fcntl(fileno(stdin), F_SETFL, O_NONBLOCK);
+			i=select(width,(void *)&readfds,NULL,NULL,&tv);
+			if ((i < 0) || (!i && read(fileno(stdin), buf, 0) < 0))
+				continue;
+			if (read(fileno(stdin), buf, 0) >= 0)
+				read_from_terminal = 1;
+			(void)fcntl(fileno(stdin), F_SETFL, 0);
 #else
-			i=select(width,(void *)&readfds,NULL,NULL,NULL);
+			if ((SSL_version(con) == DTLS1_VERSION) &&
+				DTLSv1_get_timeout(con, &timeout))
+				timeoutp = &timeout;
+			else
+				timeoutp = NULL;
+
+			i=select(width,(void *)&readfds,NULL,NULL,timeoutp);
+
+			if ((SSL_version(con) == DTLS1_VERSION) && DTLSv1_handle_timeout(con) > 0)
+				{
+				BIO_printf(bio_err,"TIMEOUT occured\n");
+				}
+
 			if (i <= 0) continue;
 #ifdef OPENSSL_SYS_VMS
                         if (FD_ISSET(stdin_sock,&readfds))
@@ -1243,11 +1991,7 @@ static int sv_body(char *hostname, int s, unsigned char *context)
 				{
 				int j, lf_num;
 
-#ifdef OPENSSL_SYS_VMS
-                                i=recv(stdin_sock, buf, bufsize/2, 0);
-#else
-                                i=read(fileno(stdin), buf, bufsize/2);
-#endif
+				i=raw_read_stdin(buf, bufsize/2);
 				lf_num = 0;
 				/* both loops are skipped when i <= 0 */
 				for (j = 0; j < i; j++)
@@ -1266,11 +2010,7 @@ static int sv_body(char *hostname, int s, unsigned char *context)
 				assert(lf_num == 0);
 				}
 			else
-#ifdef OPENSSL_SYS_VMS
-                                i=recv(stdin_sock,buf,bufsize, 0);
-#else
-                                i=read(fileno(stdin),buf,bufsize);
-#endif
+				i=raw_read_stdin(buf,bufsize);
 			if (!s_quiet)
 				{
 				if ((i <= 0) || (buf[0] == 'Q'))
@@ -1284,11 +2024,13 @@ static int sv_body(char *hostname, int s, unsigned char *context)
 				if ((i <= 0) || (buf[0] == 'q'))
 					{
 					BIO_printf(bio_s_out,"DONE\n");
-					SHUTDOWN(s);
+					if (SSL_version(con) != DTLS1_VERSION)
+                        SHUTDOWN(s);
 	/*				close_accept_socket();
 					ret= -11;*/
 					goto err;
 					}
+
 				if ((buf[0] == 'r') && 
 					((buf[1] == '\n') || (buf[1] == '\r')))
 					{
@@ -1313,7 +2055,7 @@ static int sv_body(char *hostname, int s, unsigned char *context)
 					}
 				if (buf[0] == 'P')
 					{
-					static char *str="Lets print some clear text\n";
+					static const char *str="Lets print some clear text\n";
 					BIO_write(SSL_get_wbio(con),str,strlen(str));
 					}
 				if (buf[0] == 'S')
@@ -1385,7 +2127,7 @@ again:
 #ifdef CHARSET_EBCDIC
 					ascii2ebcdic(buf,buf,i);
 #endif
-					write(fileno(stdout),buf,
+					raw_write_stdout(buf,
 						(unsigned int)i);
 					if (SSL_pending(con)) goto again;
 					break;
@@ -1409,13 +2151,16 @@ again:
 			}
 		}
 err:
-	BIO_printf(bio_s_out,"shutting down SSL\n");
+	if (con != NULL)
+		{
+		BIO_printf(bio_s_out,"shutting down SSL\n");
 #if 1
-	SSL_set_shutdown(con,SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
+		SSL_set_shutdown(con,SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
 #else
-	SSL_shutdown(con);
+		SSL_shutdown(con);
 #endif
-	if (con != NULL) SSL_free(con);
+		SSL_free(con);
+		}
 	BIO_printf(bio_s_out,"CONNECTION CLOSED\n");
 	if (buf != NULL)
 		{
@@ -1496,11 +2241,13 @@ static int init_ssl_connection(SSL *con)
 			con->kssl_ctx->client_princ);
 		}
 #endif /* OPENSSL_NO_KRB5 */
+	BIO_printf(bio_s_out, "Secure Renegotiation IS%s supported\n",
+		      SSL_get_secure_renegotiation_support(con) ? "" : " NOT");
 	return(1);
 	}
 
 #ifndef OPENSSL_NO_DH
-static DH *load_dh_param(char *dhfile)
+static DH *load_dh_param(const char *dhfile)
 	{
 	DH *ret=NULL;
 	BIO *bio;
@@ -1540,9 +2287,8 @@ static int www_body(char *hostname, int s, unsigned char *context)
 	char *buf=NULL;
 	int ret=1;
 	int i,j,k,blank,dot;
-	struct stat st_buf;
 	SSL *con;
-	SSL_CIPHER *c;
+	const SSL_CIPHER *c;
 	BIO *io,*ssl_bio,*sbio;
 	long total_bytes;
 
@@ -1568,6 +2314,13 @@ static int www_body(char *hostname, int s, unsigned char *context)
 	if (!BIO_set_write_buffer_size(io,bufsize)) goto err;
 
 	if ((con=SSL_new(ctx)) == NULL) goto err;
+#ifndef OPENSSL_NO_TLSEXT
+		if (s_tlsextdebug)
+			{
+			SSL_set_tlsext_debug_callback(con, tlsext_cb);
+			SSL_set_tlsext_debug_arg(con, bio_s_out);
+			}
+#endif
 #ifndef OPENSSL_NO_KRB5
 	if ((con->kssl_ctx = kssl_ctx_new()) != NULL)
 		{
@@ -1600,7 +2353,7 @@ static int www_body(char *hostname, int s, unsigned char *context)
 		{
 		con->debug=1;
 		BIO_set_callback(SSL_get_rbio(con),bio_dump_callback);
-		BIO_set_callback_arg(SSL_get_rbio(con),bio_s_out);
+		BIO_set_callback_arg(SSL_get_rbio(con),(char *)bio_s_out);
 		}
 	if (s_msg)
 		{
@@ -1668,7 +2421,7 @@ static int www_body(char *hostname, int s, unsigned char *context)
 			char *p;
 			X509 *peer;
 			STACK_OF(SSL_CIPHER) *sk;
-			static char *space="                          ";
+			static const char *space="                          ";
 
 			BIO_puts(io,"HTTP/1.0 200 ok\r\nContent-type: text/html\r\n\r\n");
 			BIO_puts(io,"<HTML><BODY BGCOLOR=\"#ffffff\">\n");
@@ -1748,7 +2501,7 @@ static int www_body(char *hostname, int s, unsigned char *context)
 			{
 			BIO *file;
 			char *p,*e;
-			static char *text="HTTP/1.0 200 ok\r\nContent-type: text/plain\r\n\r\n";
+			static const char *text="HTTP/1.0 200 ok\r\nContent-type: text/plain\r\n\r\n";
 
 			/* skip the '/' */
 			p= &(buf[5]);
@@ -1805,14 +2558,7 @@ static int www_body(char *hostname, int s, unsigned char *context)
 #endif
 
 			/* if a directory, do the index thang */
-			if (stat(p,&st_buf) < 0)
-				{
-				BIO_puts(io,text);
-				BIO_printf(io,"Error accessing '%s'\r\n",p);
-				ERR_print_errors(io);
-				break;
-				}
-			if (S_ISDIR(st_buf.st_mode))
+			if (app_isdir(p)>0)
 				{
 #if 0 /* must check buffer size */
 				strcat(p,"/index.html");
@@ -1975,3 +2721,115 @@ static int generate_session_id(const SSL *ssl, unsigned char *id,
 		return 0;
 	return 1;
 	}
+
+/* By default s_server uses an in-memory cache which caches SSL_SESSION
+ * structures without any serialisation. This hides some bugs which only
+ * become apparent in deployed servers. By implementing a basic external
+ * session cache some issues can be debugged using s_server.
+ */
+
+typedef struct simple_ssl_session_st
+	{
+	unsigned char *id;
+	int idlen;
+	unsigned char *der;
+	int derlen;
+	struct simple_ssl_session_st *next;
+	} simple_ssl_session;
+
+static simple_ssl_session *first = NULL;
+
+static int add_session(SSL *ssl, SSL_SESSION *session)
+	{
+	simple_ssl_session *sess;
+	unsigned char *p;
+
+	sess = OPENSSL_malloc(sizeof(simple_ssl_session));
+
+	sess->idlen = session->session_id_length;
+	sess->derlen = i2d_SSL_SESSION(session, NULL);
+
+	sess->id = BUF_memdup(session->session_id, sess->idlen);
+
+	sess->der = OPENSSL_malloc(sess->derlen);
+	p = sess->der;
+	i2d_SSL_SESSION(session, &p);
+
+	sess->next = first;
+	first = sess;
+	BIO_printf(bio_err, "New session added to external cache\n");
+	return 0;
+	}
+
+static SSL_SESSION *get_session(SSL *ssl, unsigned char *id, int idlen,
+					int *do_copy)
+	{
+	simple_ssl_session *sess;
+	*do_copy = 0;
+	for (sess = first; sess; sess = sess->next)
+		{
+		if (idlen == sess->idlen && !memcmp(sess->id, id, idlen))
+			{
+			const unsigned char *p = sess->der;
+			BIO_printf(bio_err, "Lookup session: cache hit\n");
+			return d2i_SSL_SESSION(NULL, &p, sess->derlen);
+			}
+		}
+	BIO_printf(bio_err, "Lookup session: cache miss\n");
+	return NULL;
+	}
+
+static void del_session(SSL_CTX *sctx, SSL_SESSION *session)
+	{
+	simple_ssl_session *sess, *prev = NULL;
+	unsigned char *id = session->session_id;
+	int idlen = session->session_id_length;
+	for (sess = first; sess; sess = sess->next)
+		{
+		if (idlen == sess->idlen && !memcmp(sess->id, id, idlen))
+			{
+			if(prev)
+				prev->next = sess->next;
+			else
+				first = sess->next;
+			OPENSSL_free(sess->id);
+			OPENSSL_free(sess->der);
+			OPENSSL_free(sess);
+			return;
+			}
+		prev = sess;
+		}
+	}
+
+static void init_session_cache_ctx(SSL_CTX *sctx)
+	{
+	SSL_CTX_set_session_cache_mode(sctx,
+			SSL_SESS_CACHE_NO_INTERNAL|SSL_SESS_CACHE_SERVER);
+	SSL_CTX_sess_set_new_cb(sctx, add_session);
+        SSL_CTX_sess_set_get_cb(sctx, get_session);
+        SSL_CTX_sess_set_remove_cb(sctx, del_session);
+	}
+
+static void free_sessions(void)
+	{
+	simple_ssl_session *sess, *tsess;
+	for (sess = first; sess;)
+		{
+		OPENSSL_free(sess->id);
+		OPENSSL_free(sess->der);
+		tsess = sess;
+		sess = sess->next;
+		OPENSSL_free(tsess);
+		}
+	first = NULL;
+	}
+	
+
+
+
+
+
+
+	
+
+
diff --git a/apps/s_socket.c b/apps/s_socket.c
index 45014fa14d..b5f9db3062 100644
--- a/apps/s_socket.c
+++ b/apps/s_socket.c
@@ -87,14 +87,18 @@ typedef unsigned int u_int;
 
 #ifndef OPENSSL_NO_SOCK
 
+#if defined(OPENSSL_SYS_NETWARE) && defined(NETWARE_BSDSOCK)
+#include "netdb.h"
+#endif
+
 static struct hostent *GetHostByName(char *name);
-#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_NETWARE)
+#if defined(OPENSSL_SYS_WINDOWS) || (defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK))
 static void ssl_sock_cleanup(void);
 #endif
 static int ssl_sock_init(void);
-static int init_client_ip(int *sock,unsigned char ip[4], int port);
-static int init_server(int *sock, int port);
-static int init_server_long(int *sock, int port,char *ip);
+static int init_client_ip(int *sock,unsigned char ip[4], int port, int type);
+static int init_server(int *sock, int port, int type);
+static int init_server_long(int *sock, int port,char *ip, int type);
 static int do_accept(int acc_sock, int *sock, char **host);
 static int host_ip(char *str, unsigned char ip[4]);
 
@@ -104,7 +108,7 @@ static int host_ip(char *str, unsigned char ip[4]);
 #define SOCKET_PROTOCOL	IPPROTO_TCP
 #endif
 
-#ifdef OPENSSL_SYS_NETWARE
+#if defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK)
 static int wsa_init_done=0;
 #endif
 
@@ -156,7 +160,7 @@ static void ssl_sock_cleanup(void)
 		WSACleanup();
 		}
 	}
-#elif defined(OPENSSL_SYS_NETWARE)
+#elif defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK)
 static void sock_cleanup(void)
     {
     if (wsa_init_done)
@@ -199,7 +203,7 @@ static int ssl_sock_init(void)
 		SetWindowLong(topWnd,GWL_WNDPROC,(LONG)lpTopHookProc);
 #endif /* OPENSSL_SYS_WIN16 */
 		}
-#elif defined(OPENSSL_SYS_NETWARE)
+#elif defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK)
    WORD wVerReq;
    WSADATA wsaData;
    int err;
@@ -224,20 +228,18 @@ static int ssl_sock_init(void)
 	return(1);
 	}
 
-int init_client(int *sock, char *host, int port)
+int init_client(int *sock, char *host, int port, int type)
 	{
 	unsigned char ip[4];
-	short p=0;
 
 	if (!host_ip(host,&(ip[0])))
 		{
 		return(0);
 		}
-	if (p != 0) port=p;
-	return(init_client_ip(sock,ip,port));
+	return(init_client_ip(sock,ip,port,type));
 	}
 
-static int init_client_ip(int *sock, unsigned char ip[4], int port)
+static int init_client_ip(int *sock, unsigned char ip[4], int port, int type)
 	{
 	unsigned long addr;
 	struct sockaddr_in them;
@@ -255,45 +257,58 @@ static int init_client_ip(int *sock, unsigned char ip[4], int port)
 		((unsigned long)ip[3]);
 	them.sin_addr.s_addr=htonl(addr);
 
-	s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
+	if (type == SOCK_STREAM)
+		s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
+	else /* ( type == SOCK_DGRAM) */
+		s=socket(AF_INET,SOCK_DGRAM,IPPROTO_UDP);
+			
 	if (s == INVALID_SOCKET) { perror("socket"); return(0); }
 
-#ifndef OPENSSL_SYS_MPE
-	i=0;
-	i=setsockopt(s,SOL_SOCKET,SO_KEEPALIVE,(char *)&i,sizeof(i));
-	if (i < 0) { perror("keepalive"); return(0); }
+#if defined(SO_KEEPALIVE) && !defined(OPENSSL_SYS_MPE)
+	if (type == SOCK_STREAM)
+		{
+		i=0;
+		i=setsockopt(s,SOL_SOCKET,SO_KEEPALIVE,(char *)&i,sizeof(i));
+		if (i < 0) { perror("keepalive"); return(0); }
+		}
 #endif
 
 	if (connect(s,(struct sockaddr *)&them,sizeof(them)) == -1)
-		{ close(s); perror("connect"); return(0); }
+		{ closesocket(s); perror("connect"); return(0); }
 	*sock=s;
 	return(1);
 	}
 
-int do_server(int port, int *ret, int (*cb)(), char *context)
+int do_server(int port, int type, int *ret, int (*cb)(char *hostname, int s, unsigned char *context), unsigned char *context)
 	{
 	int sock;
-	char *name;
-	int accept_socket;
+	char *name = NULL;
+	int accept_socket = 0;
 	int i;
 
-	if (!init_server(&accept_socket,port)) return(0);
+	if (!init_server(&accept_socket,port,type)) return(0);
 
 	if (ret != NULL)
 		{
 		*ret=accept_socket;
 		/* return(1);*/
 		}
-	for (;;)
-		{
-		if (do_accept(accept_socket,&sock,&name) == 0)
+  	for (;;)
+  		{
+		if (type==SOCK_STREAM)
 			{
-			SHUTDOWN(accept_socket);
-			return(0);
+			if (do_accept(accept_socket,&sock,&name) == 0)
+				{
+				SHUTDOWN(accept_socket);
+				return(0);
+				}
 			}
+		else
+			sock = accept_socket;
 		i=(*cb)(name,sock, context);
 		if (name != NULL) OPENSSL_free(name);
-		SHUTDOWN2(sock);
+		if (type==SOCK_STREAM)
+			SHUTDOWN2(sock);
 		if (i < 0)
 			{
 			SHUTDOWN2(accept_socket);
@@ -302,7 +317,7 @@ int do_server(int port, int *ret, int (*cb)(), char *context)
 		}
 	}
 
-static int init_server_long(int *sock, int port, char *ip)
+static int init_server_long(int *sock, int port, char *ip, int type)
 	{
 	int ret=0;
 	struct sockaddr_in server;
@@ -322,7 +337,11 @@ static int init_server_long(int *sock, int port, char *ip)
 #else
 		memcpy(&server.sin_addr,ip,4);
 #endif
-	s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
+	
+		if (type == SOCK_STREAM)
+			s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
+		else /* type == SOCK_DGRAM */
+			s=socket(AF_INET, SOCK_DGRAM,IPPROTO_UDP);
 
 	if (s == INVALID_SOCKET) goto err;
 #if defined SOL_SOCKET && defined SO_REUSEADDR
@@ -340,7 +359,7 @@ static int init_server_long(int *sock, int port, char *ip)
 		goto err;
 		}
 	/* Make it 128 for linux */
-	if (listen(s,128) == -1) goto err;
+	if (type==SOCK_STREAM && listen(s,128) == -1) goto err;
 	i=0;
 	*sock=s;
 	ret=1;
@@ -352,9 +371,9 @@ err:
 	return(ret);
 	}
 
-static int init_server(int *sock, int port)
+static int init_server(int *sock, int port, int type)
 	{
-	return(init_server_long(sock, port, NULL));
+	return(init_server_long(sock, port, NULL, type));
 	}
 
 static int do_accept(int acc_sock, int *sock, char **host)
@@ -381,7 +400,7 @@ redoit:
 	ret=accept(acc_sock,(struct sockaddr *)&from,(void *)&len);
 	if (ret == INVALID_SOCKET)
 		{
-#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_NETWARE)
+#if defined(OPENSSL_SYS_WINDOWS) || (defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK))
 		i=WSAGetLastError();
 		BIO_printf(bio_err,"accept error %d\n",i);
 #else
diff --git a/apps/s_time.c b/apps/s_time.c
index 904945e1a8..b823c33c58 100644
--- a/apps/s_time.c
+++ b/apps/s_time.c
@@ -85,54 +85,6 @@
 #include OPENSSL_UNISTD
 #endif
 
-#if !defined(OPENSSL_SYS_NETWARE) && !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_VXWORKS) && (!defined(OPENSSL_SYS_VMS) || defined(__DECC))
-#define TIMES
-#endif
-
-#ifndef _IRIX
-#include <time.h>
-#endif
-#ifdef TIMES
-#include <sys/types.h>
-#include <sys/times.h>
-#endif
-
-/* Depending on the VMS version, the tms structure is perhaps defined.
-   The __TMS macro will show if it was.  If it wasn't defined, we should
-   undefine TIMES, since that tells the rest of the program how things
-   should be handled.				-- Richard Levitte */
-#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__TMS)
-#undef TIMES
-#endif
-
-#if !defined(TIMES) && !defined(OPENSSL_SYS_VXWORKS) && !defined(OPENSSL_SYS_NETWARE)
-#include <sys/timeb.h>
-#endif
-
-#if defined(sun) || defined(__ultrix)
-#define _POSIX_SOURCE
-#include <limits.h>
-#include <sys/param.h>
-#endif
-
-/* The following if from times(3) man page.  It may need to be changed
-*/
-#ifndef HZ
-# ifdef _SC_CLK_TCK
-#  define HZ ((double)sysconf(_SC_CLK_TCK))
-# else
-#  ifndef CLK_TCK
-#   ifndef _BSD_CLK_TCK_ /* FreeBSD hack */
-#    define HZ	100.0
-#   else /* _BSD_CLK_TCK_ */
-#    define HZ ((double)_BSD_CLK_TCK_)
-#   endif
-#  else /* CLK_TCK */
-#   define HZ ((double)CLK_TCK)
-#  endif
-# endif
-#endif
-
 #undef PROG
 #define PROG s_time_main
 
@@ -177,7 +129,7 @@ static char *tm_cipher=NULL;
 static int tm_verify = SSL_VERIFY_NONE;
 static int maxTime = SECONDS;
 static SSL_CTX *tm_ctx=NULL;
-static SSL_METHOD *s_time_meth=NULL;
+static const SSL_METHOD *s_time_meth=NULL;
 static char *s_www_path=NULL;
 static long bytes_read=0; 
 static int st_bugs=0;
@@ -372,63 +324,8 @@ bad:
 
 static double tm_Time_F(int s)
 	{
-	static double ret;
-#ifdef TIMES
-	static struct tms tstart,tend;
-
-	if(s == START) {
-		times(&tstart);
-		return(0);
-	} else {
-		times(&tend);
-		ret=((double)(tend.tms_utime-tstart.tms_utime))/HZ;
-		return((ret == 0.0)?1e-6:ret);
+	return app_tminterval(s,1);
 	}
-#elif defined(OPENSSL_SYS_NETWARE)
-    static clock_t tstart,tend;
-
-    if (s == START)
-    {
-        tstart=clock();
-        return(0);
-    }
-    else
-    {
-        tend=clock();
-        ret=(double)((double)(tend)-(double)(tstart));
-        return((ret < 0.001)?0.001:ret);
-    }
-#elif defined(OPENSSL_SYS_VXWORKS)
-        {
-	static unsigned long tick_start, tick_end;
-
-	if( s == START )
-		{
-		tick_start = tickGet();
-		return 0;
-		}
-	else
-		{
-		tick_end = tickGet();
-		ret = (double)(tick_end - tick_start) / (double)sysClkRateGet();
-		return((ret == 0.0)?1e-6:ret);
-		}
-        }
-#else /* !times() */
-	static struct timeb tstart,tend;
-	long i;
-
-	if(s == START) {
-		ftime(&tstart);
-		return(0);
-	} else {
-		ftime(&tend);
-		i=(long)tend.millitm-(long)tstart.millitm;
-		ret=((double)(tend.time-tstart.time))+((double)i)/1000.0;
-		return((ret == 0.0)?1e-6:ret);
-	}
-#endif
-}
 
 /***********************************************************************
  * MAIN - main processing area for client
@@ -704,7 +601,7 @@ static SSL *doConnection(SSL *scon)
 			i=SSL_get_fd(serverCon);
 			width=i+1;
 			FD_ZERO(&readfds);
-			FD_SET(i,&readfds);
+			openssl_fdset(i,&readfds);
 			/* Note: under VMS with SOCKETSHR the 2nd parameter
 			 * is currently of type (int *) whereas under other
 			 * systems it is (void *) if you don't have a cast it
diff --git a/apps/sess_id.c b/apps/sess_id.c
index d91d84d220..b99179f276 100644
--- a/apps/sess_id.c
+++ b/apps/sess_id.c
@@ -69,7 +69,7 @@
 #undef PROG
 #define PROG	sess_id_main
 
-static char *sess_id_usage[]={
+static const char *sess_id_usage[]={
 "usage: sess_id args\n",
 "\n",
 " -inform arg     - input format - default PEM (DER or PEM)\n",
@@ -95,7 +95,7 @@ int MAIN(int argc, char **argv)
 	int informat,outformat;
 	char *infile=NULL,*outfile=NULL,*context=NULL;
 	int cert=0,noout=0,text=0;
-	char **pp;
+	const char **pp;
 
 	apps_startup();
 
@@ -241,7 +241,7 @@ bad:
 	if (!noout && !cert)
 		{
 		if 	(outformat == FORMAT_ASN1)
-			i=(int)i2d_SSL_SESSION_bio(out,x);
+			i=i2d_SSL_SESSION_bio(out,x);
 		else if (outformat == FORMAT_PEM)
 			i=PEM_write_bio_SSL_SESSION(out,x);
 		else	{
diff --git a/apps/smime.c b/apps/smime.c
index 57ac6d8a26..c583f8a0e1 100644
--- a/apps/smime.c
+++ b/apps/smime.c
@@ -1,5 +1,5 @@
 /* smime.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project.
  */
 /* ====================================================================
@@ -73,11 +73,14 @@ static int save_certs(char *signerfile, STACK_OF(X509) *signers);
 static int smime_cb(int ok, X509_STORE_CTX *ctx);
 
 #define SMIME_OP	0x10
+#define SMIME_IP	0x20
+#define SMIME_SIGNERS	0x40
 #define SMIME_ENCRYPT	(1 | SMIME_OP)
-#define SMIME_DECRYPT	2
-#define SMIME_SIGN	(3 | SMIME_OP)
-#define SMIME_VERIFY	4
-#define SMIME_PK7OUT	5
+#define SMIME_DECRYPT	(2 | SMIME_IP)
+#define SMIME_SIGN	(3 | SMIME_OP | SMIME_SIGNERS)
+#define SMIME_VERIFY	(4 | SMIME_IP)
+#define SMIME_PK7OUT	(5 | SMIME_IP | SMIME_OP)
+#define SMIME_RESIGN	(6 | SMIME_IP | SMIME_OP | SMIME_SIGNERS)
 
 int MAIN(int, char **);
 
@@ -87,9 +90,10 @@ int MAIN(int argc, char **argv)
 	int operation = 0;
 	int ret = 0;
 	char **args;
-	char *inmode = "r", *outmode = "w";
+	const char *inmode = "r", *outmode = "w";
 	char *infile = NULL, *outfile = NULL;
 	char *signerfile = NULL, *recipfile = NULL;
+	STACK_OF(OPENSSL_STRING) *sksigners = NULL, *skkeys = NULL;
 	char *certfile = NULL, *keyfile = NULL, *contfile=NULL;
 	const EVP_CIPHER *cipher = NULL;
 	PKCS7 *p7 = NULL;
@@ -105,6 +109,8 @@ int MAIN(int argc, char **argv)
 	char *passargin = NULL, *passin = NULL;
 	char *inrand = NULL;
 	int need_rand = 0;
+	int indef = 0;
+	const EVP_MD *sign_md = NULL;
 	int informat = FORMAT_SMIME, outformat = FORMAT_SMIME;
         int keyform = FORMAT_PEM;
 #ifndef OPENSSL_NO_ENGINE
@@ -135,6 +141,8 @@ int MAIN(int argc, char **argv)
 			operation = SMIME_DECRYPT;
 		else if (!strcmp (*args, "-sign"))
 			operation = SMIME_SIGN;
+		else if (!strcmp (*args, "-resign"))
+			operation = SMIME_RESIGN;
 		else if (!strcmp (*args, "-verify"))
 			operation = SMIME_VERIFY;
 		else if (!strcmp (*args, "-pk7out"))
@@ -145,6 +153,10 @@ int MAIN(int argc, char **argv)
 		else if (!strcmp (*args, "-des")) 
 				cipher = EVP_des_cbc();
 #endif
+#ifndef OPENSSL_NO_SEED
+		else if (!strcmp (*args, "-seed")) 
+				cipher = EVP_seed_cbc();
+#endif
 #ifndef OPENSSL_NO_RC2
 		else if (!strcmp (*args, "-rc2-40")) 
 				cipher = EVP_rc2_40_cbc();
@@ -161,6 +173,14 @@ int MAIN(int argc, char **argv)
 		else if (!strcmp(*args,"-aes256"))
 				cipher = EVP_aes_256_cbc();
 #endif
+#ifndef OPENSSL_NO_CAMELLIA
+		else if (!strcmp(*args,"-camellia128"))
+				cipher = EVP_camellia_128_cbc();
+		else if (!strcmp(*args,"-camellia192"))
+				cipher = EVP_camellia_192_cbc();
+		else if (!strcmp(*args,"-camellia256"))
+				cipher = EVP_camellia_256_cbc();
+#endif
 		else if (!strcmp (*args, "-text")) 
 				flags |= PKCS7_TEXT;
 		else if (!strcmp (*args, "-nointern")) 
@@ -181,212 +201,216 @@ int MAIN(int argc, char **argv)
 				flags |= PKCS7_BINARY;
 		else if (!strcmp (*args, "-nosigs"))
 				flags |= PKCS7_NOSIGS;
+		else if (!strcmp (*args, "-stream"))
+				indef = 1;
+		else if (!strcmp (*args, "-indef"))
+				indef = 1;
+		else if (!strcmp (*args, "-noindef"))
+				indef = 0;
 		else if (!strcmp (*args, "-nooldmime"))
 				flags |= PKCS7_NOOLDMIMETYPE;
 		else if (!strcmp (*args, "-crlfeol"))
 				flags |= PKCS7_CRLFEOL;
 		else if (!strcmp(*args,"-rand"))
 			{
-			if (args[1])
-				{
-				args++;
-				inrand = *args;
-				}
-			else
-				badarg = 1;
+			if (!args[1])
+				goto argerr;
+			args++;
+			inrand = *args;
 			need_rand = 1;
 			}
 #ifndef OPENSSL_NO_ENGINE
 		else if (!strcmp(*args,"-engine"))
 			{
-			if (args[1])
-				{
-				args++;
-				engine = *args;
-				}
-			else badarg = 1;
+			if (!args[1])
+				goto argerr;
+			engine = *++args;
 			}
 #endif
 		else if (!strcmp(*args,"-passin"))
 			{
-			if (args[1])
-				{
-				args++;
-				passargin = *args;
-				}
-			else
-				badarg = 1;
+			if (!args[1])
+				goto argerr;
+			passargin = *++args;
 			}
 		else if (!strcmp (*args, "-to"))
 			{
-			if (args[1])
-				{
-				args++;
-				to = *args;
-				}
-			else
-				badarg = 1;
+			if (!args[1])
+				goto argerr;
+			to = *++args;
 			}
 		else if (!strcmp (*args, "-from"))
 			{
-			if (args[1])
-				{
-				args++;
-				from = *args;
-				}
-			else badarg = 1;
+			if (!args[1])
+				goto argerr;
+			from = *++args;
 			}
 		else if (!strcmp (*args, "-subject"))
 			{
-			if (args[1])
-				{
-				args++;
-				subject = *args;
-				}
-			else
-				badarg = 1;
+			if (!args[1])
+				goto argerr;
+			subject = *++args;
 			}
 		else if (!strcmp (*args, "-signer"))
 			{
-			if (args[1])
+			if (!args[1])
+				goto argerr;
+			/* If previous -signer argument add signer to list */
+
+			if (signerfile)
 				{
-				args++;
-				signerfile = *args;
+				if (!sksigners)
+					sksigners = sk_OPENSSL_STRING_new_null();
+				sk_OPENSSL_STRING_push(sksigners, signerfile);
+				if (!keyfile)
+					keyfile = signerfile;
+				if (!skkeys)
+					skkeys = sk_OPENSSL_STRING_new_null();
+				sk_OPENSSL_STRING_push(skkeys, keyfile);
+				keyfile = NULL;
 				}
-			else
-				badarg = 1;
+			signerfile = *++args;
 			}
 		else if (!strcmp (*args, "-recip"))
 			{
-			if (args[1])
+			if (!args[1])
+				goto argerr;
+			recipfile = *++args;
+			}
+		else if (!strcmp (*args, "-md"))
+			{
+			if (!args[1])
+				goto argerr;
+			sign_md = EVP_get_digestbyname(*++args);
+			if (sign_md == NULL)
 				{
-				args++;
-				recipfile = *args;
+				BIO_printf(bio_err, "Unknown digest %s\n",
+							*args);
+				goto argerr;
 				}
-			else badarg = 1;
 			}
 		else if (!strcmp (*args, "-inkey"))
 			{
-			if (args[1])
+			if (!args[1])	
+				goto argerr;
+			/* If previous -inkey arument add signer to list */
+			if (keyfile)
 				{
-				args++;
-				keyfile = *args;
+				if (!signerfile)
+					{
+					BIO_puts(bio_err, "Illegal -inkey without -signer\n");
+					goto argerr;
+					}
+				if (!sksigners)
+					sksigners = sk_OPENSSL_STRING_new_null();
+				sk_OPENSSL_STRING_push(sksigners, signerfile);
+				signerfile = NULL;
+				if (!skkeys)
+					skkeys = sk_OPENSSL_STRING_new_null();
+				sk_OPENSSL_STRING_push(skkeys, keyfile);
 				}
-			else
-				badarg = 1;
-		}
+			keyfile = *++args;
+			}
 		else if (!strcmp (*args, "-keyform"))
 			{
-			if (args[1])
-				{
-				args++;
-				keyform = str2fmt(*args);
-				}
-			else
-				badarg = 1;
+			if (!args[1])
+				goto argerr;
+			keyform = str2fmt(*++args);
 			}
 		else if (!strcmp (*args, "-certfile"))
 			{
-			if (args[1])
-				{
-				args++;
-				certfile = *args;
-				}
-			else
-				badarg = 1;
+			if (!args[1])
+				goto argerr;
+			certfile = *++args;
 			}
 		else if (!strcmp (*args, "-CAfile"))
 			{
-			if (args[1])
-				{
-				args++;
-				CAfile = *args;
-				}
-			else
-				badarg = 1;
+			if (!args[1])
+				goto argerr;
+			CAfile = *++args;
 			}
 		else if (!strcmp (*args, "-CApath"))
 			{
-			if (args[1])
-				{
-				args++;
-				CApath = *args;
-				}
-			else
-				badarg = 1;
+			if (!args[1])
+				goto argerr;
+			CApath = *++args;
 			}
 		else if (!strcmp (*args, "-in"))
 			{
-			if (args[1])
-				{
-				args++;
-				infile = *args;
-				}
-			else
-				badarg = 1;
+			if (!args[1])
+				goto argerr;
+			infile = *++args;
 			}
 		else if (!strcmp (*args, "-inform"))
 			{
-			if (args[1])
-				{
-				args++;
-				informat = str2fmt(*args);
-				}
-			else
-				badarg = 1;
+			if (!args[1])
+				goto argerr;
+			informat = str2fmt(*++args);
 			}
 		else if (!strcmp (*args, "-outform"))
 			{
-			if (args[1])
-				{
-				args++;
-				outformat = str2fmt(*args);
-				}
-			else
-				badarg = 1;
+			if (!args[1])
+				goto argerr;
+			outformat = str2fmt(*++args);
 			}
 		else if (!strcmp (*args, "-out"))
 			{
-			if (args[1])
-				{
-				args++;
-				outfile = *args;
-				}
-			else
-				badarg = 1;
+			if (!args[1])
+				goto argerr;
+			outfile = *++args;
 			}
 		else if (!strcmp (*args, "-content"))
 			{
-			if (args[1])
-				{
-				args++;
-				contfile = *args;
-				}
-			else
-				badarg = 1;
+			if (!args[1])
+				goto argerr;
+			contfile = *++args;
 			}
 		else if (args_verify(&args, NULL, &badarg, bio_err, &vpm))
 			continue;
-		else
+		else if ((cipher = EVP_get_cipherbyname(*args + 1)) == NULL)
 			badarg = 1;
 		args++;
 		}
 
+	if (!(operation & SMIME_SIGNERS) && (skkeys || sksigners))
+		{
+		BIO_puts(bio_err, "Multiple signers or keys not allowed\n");
+		goto argerr;
+		}
 
-	if (operation == SMIME_SIGN)
+	if (operation & SMIME_SIGNERS)
 		{
-		if (!signerfile)
+		/* Check to see if any final signer needs to be appended */
+		if (keyfile && !signerfile)
+			{
+			BIO_puts(bio_err, "Illegal -inkey without -signer\n");
+			goto argerr;
+			}
+		if (signerfile)
+			{
+			if (!sksigners)
+				sksigners = sk_OPENSSL_STRING_new_null();
+			sk_OPENSSL_STRING_push(sksigners, signerfile);
+			if (!skkeys)
+				skkeys = sk_OPENSSL_STRING_new_null();
+			if (!keyfile)
+				keyfile = signerfile;
+			sk_OPENSSL_STRING_push(skkeys, keyfile);
+			}
+		if (!sksigners)
 			{
 			BIO_printf(bio_err, "No signer certificate specified\n");
 			badarg = 1;
 			}
+		signerfile = NULL;
+		keyfile = NULL;
 		need_rand = 1;
 		}
 	else if (operation == SMIME_DECRYPT)
 		{
-		if (!recipfile)
+		if (!recipfile && !keyfile)
 			{
-			BIO_printf(bio_err, "No recipient certificate and key specified\n");
+			BIO_printf(bio_err, "No recipient certificate or key specified\n");
 			badarg = 1;
 			}
 		}
@@ -404,6 +428,7 @@ int MAIN(int argc, char **argv)
 
 	if (badarg)
 		{
+		argerr:
 		BIO_printf (bio_err, "Usage smime [options] cert.pem ...\n");
 		BIO_printf (bio_err, "where options are\n");
 		BIO_printf (bio_err, "-encrypt       encrypt message\n");
@@ -415,6 +440,9 @@ int MAIN(int argc, char **argv)
 		BIO_printf (bio_err, "-des3          encrypt with triple DES\n");
 		BIO_printf (bio_err, "-des           encrypt with DES\n");
 #endif
+#ifndef OPENSSL_NO_SEED
+		BIO_printf (bio_err, "-seed          encrypt with SEED\n");
+#endif
 #ifndef OPENSSL_NO_RC2
 		BIO_printf (bio_err, "-rc2-40        encrypt with RC2-40 (default)\n");
 		BIO_printf (bio_err, "-rc2-64        encrypt with RC2-64\n");
@@ -424,6 +452,10 @@ int MAIN(int argc, char **argv)
 		BIO_printf (bio_err, "-aes128, -aes192, -aes256\n");
 		BIO_printf (bio_err, "               encrypt PEM output with cbc aes\n");
 #endif
+#ifndef OPENSSL_NO_CAMELLIA
+		BIO_printf (bio_err, "-camellia128, -camellia192, -camellia256\n");
+		BIO_printf (bio_err, "               encrypt PEM output with cbc camellia\n");
+#endif
 		BIO_printf (bio_err, "-nointern      don't search certificates in message for signer\n");
 		BIO_printf (bio_err, "-nosigs        don't verify message signature\n");
 		BIO_printf (bio_err, "-noverify      don't verify signers certificate\n");
@@ -480,13 +512,11 @@ int MAIN(int argc, char **argv)
 
 	ret = 2;
 
-	if (operation != SMIME_SIGN)
+	if (!(operation & SMIME_SIGNERS))
 		flags &= ~PKCS7_DETACHED;
 
 	if (operation & SMIME_OP)
 		{
-		if (flags & PKCS7_BINARY)
-			inmode = "rb";
 		if (outformat == FORMAT_ASN1)
 			outmode = "wb";
 		}
@@ -494,9 +524,18 @@ int MAIN(int argc, char **argv)
 		{
 		if (flags & PKCS7_BINARY)
 			outmode = "wb";
+		}
+
+	if (operation & SMIME_IP)
+		{
 		if (informat == FORMAT_ASN1)
 			inmode = "rb";
 		}
+	else
+		{
+		if (flags & PKCS7_BINARY)
+			inmode = "rb";
+		}
 
 	if (operation == SMIME_ENCRYPT)
 		{
@@ -526,26 +565,11 @@ int MAIN(int argc, char **argv)
 			}
 		}
 
-	if (signerfile && (operation == SMIME_SIGN))
-		{
-		if (!(signer = load_cert(bio_err,signerfile,FORMAT_PEM, NULL,
-			e, "signer certificate")))
-			{
-#if 0			/* An appropri message has already been printed */
-			BIO_printf(bio_err, "Can't read signer certificate file %s\n", signerfile);
-#endif
-			goto end;
-			}
-		}
-
 	if (certfile)
 		{
 		if (!(other = load_certs(bio_err,certfile,FORMAT_PEM, NULL,
 			e, "certificate file")))
 			{
-#if 0			/* An appropriate message has already been printed */
-			BIO_printf(bio_err, "Can't read certificate file %s\n", certfile);
-#endif
 			ERR_print_errors(bio_err);
 			goto end;
 			}
@@ -556,9 +580,6 @@ int MAIN(int argc, char **argv)
 		if (!(recip = load_cert(bio_err,recipfile,FORMAT_PEM,NULL,
 			e, "recipient certificate file")))
 			{
-#if 0			/* An appropriate message has alrady been printed */
-			BIO_printf(bio_err, "Can't read recipient certificate file %s\n", recipfile);
-#endif
 			ERR_print_errors(bio_err);
 			goto end;
 			}
@@ -596,6 +617,36 @@ int MAIN(int argc, char **argv)
 	else
 		in = BIO_new_fp(stdin, BIO_NOCLOSE);
 
+	if (operation & SMIME_IP)
+		{
+		if (informat == FORMAT_SMIME) 
+			p7 = SMIME_read_PKCS7(in, &indata);
+		else if (informat == FORMAT_PEM) 
+			p7 = PEM_read_bio_PKCS7(in, NULL, NULL, NULL);
+		else if (informat == FORMAT_ASN1) 
+			p7 = d2i_PKCS7_bio(in, NULL);
+		else
+			{
+			BIO_printf(bio_err, "Bad input format for PKCS#7 file\n");
+			goto end;
+			}
+
+		if (!p7)
+			{
+			BIO_printf(bio_err, "Error reading S/MIME message\n");
+			goto end;
+			}
+		if (contfile)
+			{
+			BIO_free(indata);
+			if (!(indata = BIO_new_file(contfile, "rb")))
+				{
+				BIO_printf(bio_err, "Can't read content file %s\n", contfile);
+				goto end;
+				}
+			}
+		}
+
 	if (outfile)
 		{
 		if (!(out = BIO_new_file(outfile, outmode)))
@@ -620,7 +671,7 @@ int MAIN(int argc, char **argv)
 		{
 		if (!(store = setup_verify(bio_err, CAfile, CApath)))
 			goto end;
-		X509_STORE_set_verify_cb_func(store, smime_cb);
+		X509_STORE_set_verify_cb(store, smime_cb);
 		if (vpm)
 			X509_STORE_set1_param(store, vpm);
 		}
@@ -629,49 +680,58 @@ int MAIN(int argc, char **argv)
 	ret = 3;
 
 	if (operation == SMIME_ENCRYPT)
-		p7 = PKCS7_encrypt(encerts, in, cipher, flags);
-	else if (operation == SMIME_SIGN)
 		{
-		/* If detached data and SMIME output enable partial
-		 * signing.
-		 */
-		if ((flags & PKCS7_DETACHED) && (outformat == FORMAT_SMIME))
+		if (indef)
 			flags |= PKCS7_STREAM;
-		p7 = PKCS7_sign(signer, key, other, in, flags);
-		/* Don't need to rewind for partial signing */
-		if (!(flags & PKCS7_STREAM) && (BIO_reset(in) != 0))
-			{
-			BIO_printf(bio_err, "Can't rewind input file\n");
-			goto end;
-			}
+		p7 = PKCS7_encrypt(encerts, in, cipher, flags);
 		}
-	else
+	else if (operation & SMIME_SIGNERS)
 		{
-		if (informat == FORMAT_SMIME) 
-			p7 = SMIME_read_PKCS7(in, &indata);
-		else if (informat == FORMAT_PEM) 
-			p7 = PEM_read_bio_PKCS7(in, NULL, NULL, NULL);
-		else if (informat == FORMAT_ASN1) 
-			p7 = d2i_PKCS7_bio(in, NULL);
-		else
+		int i;
+		/* If detached data content we only enable streaming if
+		 * S/MIME output format.
+		 */
+		if (operation == SMIME_SIGN)
 			{
-			BIO_printf(bio_err, "Bad input format for PKCS#7 file\n");
-			goto end;
+			if (flags & PKCS7_DETACHED)
+				{
+				if (outformat == FORMAT_SMIME)
+					flags |= PKCS7_STREAM;
+				}
+			else if (indef)
+				flags |= PKCS7_STREAM;
+			flags |= PKCS7_PARTIAL;
+			p7 = PKCS7_sign(NULL, NULL, other, in, flags);
+			if (!p7)
+				goto end;
 			}
-
-		if (!p7)
-			{
-			BIO_printf(bio_err, "Error reading S/MIME message\n");
-			goto end;
+		else
+			flags |= PKCS7_REUSE_DIGEST;
+		for (i = 0; i < sk_OPENSSL_STRING_num(sksigners); i++)
+			{
+			signerfile = sk_OPENSSL_STRING_value(sksigners, i);
+			keyfile = sk_OPENSSL_STRING_value(skkeys, i);
+			signer = load_cert(bio_err, signerfile,FORMAT_PEM, NULL,
+					e, "signer certificate");
+			if (!signer)
+				goto end;
+			key = load_key(bio_err, keyfile, keyform, 0, passin, e,
+			       "signing key file");
+			if (!key)
+				goto end;
+			if (!PKCS7_sign_add_signer(p7, signer, key,
+						sign_md, flags))
+				goto end;
+			X509_free(signer);
+			signer = NULL;
+			EVP_PKEY_free(key);
+			key = NULL;
 			}
-		if (contfile)
+		/* If not streaming or resigning finalize structure */
+		if ((operation == SMIME_SIGN) && !(flags & PKCS7_STREAM))
 			{
-			BIO_free(indata);
-			if (!(indata = BIO_new_file(contfile, "rb")))
-				{
-				BIO_printf(bio_err, "Can't read content file %s\n", contfile);
+			if (!PKCS7_final(p7, in, flags))
 				goto end;
-				}
 			}
 		}
 
@@ -721,11 +781,16 @@ int MAIN(int argc, char **argv)
 		if (subject)
 			BIO_printf(out, "Subject: %s\n", subject);
 		if (outformat == FORMAT_SMIME) 
-			SMIME_write_PKCS7(out, p7, in, flags);
+			{
+			if (operation == SMIME_RESIGN)
+				SMIME_write_PKCS7(out, p7, indata, flags);
+			else
+				SMIME_write_PKCS7(out, p7, in, flags);
+			}
 		else if (outformat == FORMAT_PEM) 
-			PEM_write_bio_PKCS7(out,p7);
+			PEM_write_bio_PKCS7_stream(out, p7, in, flags);
 		else if (outformat == FORMAT_ASN1) 
-			i2d_PKCS7_bio(out,p7);
+			i2d_PKCS7_bio_stream(out,p7, in, flags);
 		else
 			{
 			BIO_printf(bio_err, "Bad output format for PKCS#7 file\n");
@@ -741,6 +806,10 @@ end:
 	sk_X509_pop_free(other, X509_free);
 	if (vpm)
 		X509_VERIFY_PARAM_free(vpm);
+	if (sksigners)
+		sk_OPENSSL_STRING_free(sksigners);
+	if (skkeys)
+		sk_OPENSSL_STRING_free(skkeys);
 	X509_STORE_free(store);
 	X509_free(cert);
 	X509_free(recip);
diff --git a/apps/speed.c b/apps/speed.c
index 5697d3aef4..67a816743e 100644
--- a/apps/speed.c
+++ b/apps/speed.c
@@ -108,53 +108,8 @@
 #include <signal.h>
 #endif
 
-#if defined(__FreeBSD__) || defined(__NetBSD__) || defined(__OpenBSD__) || defined(OPENSSL_SYS_MACOSX)
-# define USE_TOD
-#elif !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_VXWORKS) && (!defined(OPENSSL_SYS_VMS) || defined(__DECC))
-# define TIMES
-#endif
-#if !defined(_UNICOS) && !defined(__OpenBSD__) && !defined(sgi) && !defined(__FreeBSD__) && !(defined(__bsdi) || defined(__bsdi__)) && !defined(_AIX) && !defined(OPENSSL_SYS_MPE) && !defined(__NetBSD__) && !defined(OPENSSL_SYS_VXWORKS) /* FIXME */
-# define TIMEB
-#endif
-
-#if defined(OPENSSL_SYS_NETWARE)
-#undef TIMES
-#undef TIMEB
-#include <time.h>
-#endif
-
-#ifndef _IRIX
-# include <time.h>
-#endif
-#ifdef TIMES
-# include <sys/types.h>
-# include <sys/times.h>
-#endif
-#ifdef USE_TOD
-# include <sys/time.h>
-# include <sys/resource.h>
-#endif
-
-/* Depending on the VMS version, the tms structure is perhaps defined.
-   The __TMS macro will show if it was.  If it wasn't defined, we should
-   undefine TIMES, since that tells the rest of the program how things
-   should be handled.				-- Richard Levitte */
-#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__TMS)
-#undef TIMES
-#endif
-
-#ifdef TIMEB
-#include <sys/timeb.h>
-#endif
-
-#if !defined(TIMES) && !defined(TIMEB) && !defined(USE_TOD) && !defined(OPENSSL_SYS_VXWORKS) && !defined(OPENSSL_SYS_NETWARE)
-#error "It seems neither struct tms nor struct timeb is supported in this platform!"
-#endif
-
-#if defined(sun) || defined(__ultrix)
-#define _POSIX_SOURCE
-#include <limits.h>
-#include <sys/param.h>
+#ifdef _WIN32
+#include <windows.h>
 #endif
 
 #include <openssl/bn.h>
@@ -164,6 +119,9 @@
 #ifndef OPENSSL_NO_AES
 #include <openssl/aes.h>
 #endif
+#ifndef OPENSSL_NO_CAMELLIA
+#include <openssl/camellia.h>
+#endif
 #ifndef OPENSSL_NO_MD2
 #include <openssl/md2.h>
 #endif
@@ -186,6 +144,9 @@
 #ifndef OPENSSL_NO_RIPEMD
 #include <openssl/ripemd.h>
 #endif
+#ifndef OPENSSL_NO_WHIRLPOOL
+#include <openssl/whrlpool.h>
+#endif
 #ifndef OPENSSL_NO_RC4
 #include <openssl/rc4.h>
 #endif
@@ -198,6 +159,9 @@
 #ifndef OPENSSL_NO_IDEA
 #include <openssl/idea.h>
 #endif
+#ifndef OPENSSL_NO_SEED
+#include <openssl/seed.h>
+#endif
 #ifndef OPENSSL_NO_BF
 #include <openssl/blowfish.h>
 #endif
@@ -220,55 +184,31 @@
 #include <openssl/ecdh.h>
 #endif
 
-/*
- * The following "HZ" timing stuff should be sync'd up with the code in
- * crypto/tmdiff.[ch]. That appears to try to do the same job, though I think
- * this code is more up to date than libcrypto's so there may be features to
- * migrate over first. This is used in two places further down AFAICS. 
- * The point is that nothing in openssl actually *uses* that tmdiff stuff, so
- * either speed.c should be using it or it should go because it's obviously not
- * useful enough. Anyone want to do a janitorial job on this?
- */
-
-/* The following if from times(3) man page.  It may need to be changed */
-#ifndef HZ
-# if defined(_SC_CLK_TCK) \
-     && (!defined(OPENSSL_SYS_VMS) || __CTRL_VER >= 70000000)
-#  define HZ sysconf(_SC_CLK_TCK)
-# else
-#  ifndef CLK_TCK
-#   ifndef _BSD_CLK_TCK_ /* FreeBSD hack */
-#    define HZ	100.0
-#   else /* _BSD_CLK_TCK_ */
-#    define HZ ((double)_BSD_CLK_TCK_)
-#   endif
-#  else /* CLK_TCK */
-#   define HZ ((double)CLK_TCK)
-#  endif
-# endif
-#endif
-
-#if !defined(OPENSSL_SYS_VMS) && !defined(OPENSSL_SYS_WINDOWS) && !defined(OPENSSL_SYS_MACINTOSH_CLASSIC) && !defined(OPENSSL_SYS_OS2) && !defined(OPENSSL_SYS_NETWARE)
-# define HAVE_FORK 1
+#if defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MACINTOSH_CLASSIC) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_NETWARE)
+# define NO_FORK 1
+#elif HAVE_FORK
+# undef NO_FORK
+#else
+# define NO_FORK 1
 #endif
 
 #undef BUFSIZE
 #define BUFSIZE	((long)1024*8+1)
 int run=0;
 
-static char ftime_used = 0, times_used = 0, gettimeofday_used = 0, getrusage_used = 0;
 static int mr=0;
 static int usertime=1;
 
 static double Time_F(int s);
 static void print_message(const char *s,long num,int length);
-static void pkey_print_message(char *str,char *str2,long num,int bits,int sec);
+static void pkey_print_message(const char *str, const char *str2,
+	long num, int bits, int sec);
 static void print_result(int alg,int run_no,int count,double time_used);
-#ifdef HAVE_FORK
+#ifndef NO_FORK
 static int do_multi(int multi);
 #endif
 
-#define ALGOR_NUM	21
+#define ALGOR_NUM	29
 #define SIZE_NUM	5
 #define RSA_NUM		4
 #define DSA_NUM		3
@@ -278,16 +218,27 @@ static int do_multi(int multi);
 
 static const char *names[ALGOR_NUM]={
   "md2","mdc2","md4","md5","hmac(md5)","sha1","rmd160","rc4",
-  "des cbc","des ede3","idea cbc",
+  "des cbc","des ede3","idea cbc","seed cbc",
   "rc2 cbc","rc5-32/12 cbc","blowfish cbc","cast cbc",
-  "aes-128 cbc","aes-192 cbc","aes-256 cbc","evp","sha256","sha512"};
+  "aes-128 cbc","aes-192 cbc","aes-256 cbc",
+  "camellia-128 cbc","camellia-192 cbc","camellia-256 cbc",
+  "evp","sha256","sha512","whirlpool",
+  "aes-128 ige","aes-192 ige","aes-256 ige"};
 static double results[ALGOR_NUM][SIZE_NUM];
 static int lengths[SIZE_NUM]={16,64,256,1024,8*1024};
 static double rsa_results[RSA_NUM][2];
 static double dsa_results[DSA_NUM][2];
+#ifndef OPENSSL_NO_ECDSA
 static double ecdsa_results[EC_NUM][2];
+#endif
+#ifndef OPENSSL_NO_ECDH
 static double ecdh_results[EC_NUM][1];
+#endif
 
+#if defined(OPENSSL_NO_DSA) && !(defined(OPENSSL_NO_ECDSA) && defined(OPENSSL_NO_ECDH))
+static const char rnd_seed[] = "string to make the random number generator think it has entropy";
+static int rnd_fake = 0;
+#endif
 
 #ifdef SIGALRM
 #if defined(__STDC__) || defined(sgi) || defined(_AIX)
@@ -310,154 +261,73 @@ static SIGRETTYPE sig_done(int sig)
 #define START	0
 #define STOP	1
 
-#if defined(OPENSSL_SYS_NETWARE)
-
-   /* for NetWare the best we can do is use clock() which returns the
-    * time, in hundredths of a second, since the NLM began executing
-   */
-static double Time_F(int s)
-	{
-	double ret;
+#if defined(_WIN32)
 
-   static clock_t tstart,tend;
-
-   if (s == START)
-   {
-      tstart=clock();
-      return(0);
-   }
-   else
-   {
-      tend=clock();
-      ret=(double)((double)(tend)-(double)(tstart));
-      return((ret < 0.001)?0.001:ret);
-   }
-   }
+#define SIGALRM
+static unsigned int lapse,schlock;
+static void alarm(unsigned int secs) { lapse = secs*1000; }
 
-#else
+static DWORD WINAPI sleepy(VOID *arg)
+	{
+	schlock = 1;
+	Sleep(lapse);
+	run = 0;
+	return 0;
+	}
 
 static double Time_F(int s)
 	{
 	double ret;
+	static HANDLE thr;
 
-#ifdef USE_TOD
-	if(usertime)
+	if (s == START)
 		{
-		static struct rusage tstart,tend;
-
-		getrusage_used = 1;
-		if (s == START)
+		schlock = 0;
+		thr = CreateThread(NULL,4096,sleepy,NULL,0,NULL);
+		if (thr==NULL)
 			{
-			getrusage(RUSAGE_SELF,&tstart);
-			return(0);
-			}
-		else
-			{
-			long i;
-
-			getrusage(RUSAGE_SELF,&tend);
-			i=(long)tend.ru_utime.tv_usec-(long)tstart.ru_utime.tv_usec;
-			ret=((double)(tend.ru_utime.tv_sec-tstart.ru_utime.tv_sec))
-			  +((double)i)/1000000.0;
-			return((ret < 0.001)?0.001:ret);
+			DWORD ret=GetLastError();
+			BIO_printf(bio_err,"unable to CreateThread (%d)",ret);
+			ExitProcess(ret);
 			}
+		while (!schlock) Sleep(0);	/* scheduler spinlock	*/
+		ret = app_tminterval(s,usertime);
 		}
 	else
 		{
-		static struct timeval tstart,tend;
-		long i;
-
-		gettimeofday_used = 1;
-		if (s == START)
-			{
-			gettimeofday(&tstart,NULL);
-			return(0);
-			}
-		else
-			{
-			gettimeofday(&tend,NULL);
-			i=(long)tend.tv_usec-(long)tstart.tv_usec;
-			ret=((double)(tend.tv_sec-tstart.tv_sec))+((double)i)/1000000.0;
-			return((ret < 0.001)?0.001:ret);
-			}
+		ret = app_tminterval(s,usertime);
+		if (run) TerminateThread(thr,0);
+		CloseHandle(thr);
 		}
-#else  /* ndef USE_TOD */
-		
-# ifdef TIMES
-	if (usertime)
-		{
-		static struct tms tstart,tend;
 
-		times_used = 1;
-		if (s == START)
-			{
-			times(&tstart);
-			return(0);
-			}
-		else
-			{
-			times(&tend);
-			ret = HZ;
-			ret=(double)(tend.tms_utime-tstart.tms_utime) / ret;
-			return((ret < 1e-3)?1e-3:ret);
-			}
-		}
-# endif /* times() */
-# if defined(TIMES) && defined(TIMEB)
-	else
-# endif
-# ifdef OPENSSL_SYS_VXWORKS
-                {
-		static unsigned long tick_start, tick_end;
-
-		if( s == START )
-			{
-			tick_start = tickGet();
-			return 0;
-			}
-		else
-			{
-			tick_end = tickGet();
-			ret = (double)(tick_end - tick_start) / (double)sysClkRateGet();
-			return((ret < 0.001)?0.001:ret);
-			}
-                }
-# elif defined(TIMEB)
-		{
-		static struct timeb tstart,tend;
-		long i;
+	return ret;
+	}
+#else
 
-		ftime_used = 1;
-		if (s == START)
-			{
-			ftime(&tstart);
-			return(0);
-			}
-		else
-			{
-			ftime(&tend);
-			i=(long)tend.millitm-(long)tstart.millitm;
-			ret=((double)(tend.time-tstart.time))+((double)i)/1000.0;
-			return((ret < 0.001)?0.001:ret);
-			}
-		}
-# endif
-#endif
+static double Time_F(int s)
+	{
+	double ret = app_tminterval(s,usertime);
+	if (s == STOP) alarm(0);
+	return ret;
 	}
-#endif /* if defined(OPENSSL_SYS_NETWARE) */
+#endif
 
 
+#ifndef OPENSSL_NO_ECDH
 static const int KDF1_SHA1_len = 20;
-static void *KDF1_SHA1(void *in, size_t inlen, void *out, size_t outlen)
+static void *KDF1_SHA1(const void *in, size_t inlen, void *out, size_t *outlen)
 	{
 #ifndef OPENSSL_NO_SHA
-	if (outlen != SHA_DIGEST_LENGTH)
+	if (*outlen < SHA_DIGEST_LENGTH)
 		return NULL;
+	else
+		*outlen = SHA_DIGEST_LENGTH;
 	return SHA1(in, inlen, out);
 #else
 	return NULL;
-#endif
+#endif	/* OPENSSL_NO_SHA */
 	}
+#endif	/* OPENSSL_NO_ECDH */
 
 
 int MAIN(int, char **);
@@ -493,9 +363,16 @@ int MAIN(int argc, char **argv)
 #endif
 #ifndef OPENSSL_NO_SHA
 	unsigned char sha[SHA_DIGEST_LENGTH];
+#ifndef OPENSSL_NO_SHA256
 	unsigned char sha256[SHA256_DIGEST_LENGTH];
+#endif
+#ifndef OPENSSL_NO_SHA512
 	unsigned char sha512[SHA512_DIGEST_LENGTH];
 #endif
+#endif
+#ifndef OPENSSL_NO_WHIRLPOOL
+	unsigned char whirlpool[WHIRLPOOL_DIGEST_LENGTH];
+#endif
 #ifndef OPENSSL_NO_RIPEMD
 	unsigned char rmd160[RIPEMD160_DIGEST_LENGTH];
 #endif
@@ -511,6 +388,9 @@ int MAIN(int argc, char **argv)
 #ifndef OPENSSL_NO_IDEA
 	IDEA_KEY_SCHEDULE idea_ks;
 #endif
+#ifndef OPENSSL_NO_SEED
+	SEED_KEY_SCHEDULE seed_ks;
+#endif
 #ifndef OPENSSL_NO_BF
 	BF_KEY bf_ks;
 #endif
@@ -520,6 +400,7 @@ int MAIN(int argc, char **argv)
 	static const unsigned char key16[16]=
 		{0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,
 		 0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12};
+#ifndef OPENSSL_NO_AES
 	static const unsigned char key24[24]=
 		{0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,
 		 0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,
@@ -529,13 +410,25 @@ int MAIN(int argc, char **argv)
 		 0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,
 		 0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34,
 		 0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34,0x56};
+#endif
+#ifndef OPENSSL_NO_CAMELLIA
+	static const unsigned char ckey24[24]=
+		{0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,
+		 0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,
+		 0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34};
+	static const unsigned char ckey32[32]=
+		{0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,
+		 0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,
+		 0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34,
+		 0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34,0x56};
+#endif
 #ifndef OPENSSL_NO_AES
 #define MAX_BLOCK_SIZE 128
 #else
 #define MAX_BLOCK_SIZE 64
 #endif
 	unsigned char DES_iv[8];
-	unsigned char iv[MAX_BLOCK_SIZE/8];
+	unsigned char iv[2*MAX_BLOCK_SIZE/8];
 #ifndef OPENSSL_NO_DES
 	DES_cblock *buf_as_des_cblock = NULL;
 	static DES_cblock key ={0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0};
@@ -548,6 +441,9 @@ int MAIN(int argc, char **argv)
 #ifndef OPENSSL_NO_AES
 	AES_KEY aes_ks1, aes_ks2, aes_ks3;
 #endif
+#ifndef OPENSSL_NO_CAMELLIA
+	CAMELLIA_KEY camellia_ks1, camellia_ks2, camellia_ks3;
+#endif
 #define	D_MD2		0
 #define	D_MDC2		1
 #define	D_MD4		2
@@ -559,16 +455,24 @@ int MAIN(int argc, char **argv)
 #define	D_CBC_DES	8
 #define	D_EDE3_DES	9
 #define	D_CBC_IDEA	10
-#define	D_CBC_RC2	11
-#define	D_CBC_RC5	12
-#define	D_CBC_BF	13
-#define	D_CBC_CAST	14
-#define D_CBC_128_AES	15
-#define D_CBC_192_AES	16
-#define D_CBC_256_AES	17
-#define D_EVP		18
-#define D_SHA256	19
-#define D_SHA512	20
+#define	D_CBC_SEED	11
+#define	D_CBC_RC2	12
+#define	D_CBC_RC5	13
+#define	D_CBC_BF	14
+#define	D_CBC_CAST	15
+#define D_CBC_128_AES	16
+#define D_CBC_192_AES	17
+#define D_CBC_256_AES	18
+#define D_CBC_128_CML   19 
+#define D_CBC_192_CML   20
+#define D_CBC_256_CML   21 
+#define D_EVP		22
+#define D_SHA256	23	
+#define D_SHA512	24
+#define D_WHIRLPOOL	25
+#define D_IGE_128_AES   26
+#define D_IGE_192_AES   27
+#define D_IGE_256_AES   28
 	double d=0.0;
 	long c[ALGOR_NUM][SIZE_NUM];
 #define	R_DSA_512	0
@@ -638,7 +542,7 @@ int MAIN(int argc, char **argv)
 	NID_sect409r1,
 	NID_sect571r1
 	}; 
-	static char * test_curves_names[EC_NUM] = 
+	static const char * test_curves_names[EC_NUM] = 
 	{
 	/* Prime Curves */
 	"secp160r1",
@@ -669,31 +573,35 @@ int MAIN(int argc, char **argv)
 #endif
 
 #ifndef OPENSSL_NO_ECDSA
-        unsigned char ecdsasig[256];
-        unsigned int ecdsasiglen;
-        EC_KEY *ecdsa[EC_NUM];
-        long ecdsa_c[EC_NUM][2];
+	unsigned char ecdsasig[256];
+	unsigned int ecdsasiglen;
+	EC_KEY *ecdsa[EC_NUM];
+	long ecdsa_c[EC_NUM][2];
 #endif
 
 #ifndef OPENSSL_NO_ECDH
-        EC_KEY *ecdh_a[EC_NUM], *ecdh_b[EC_NUM];
-        unsigned char secret_a[MAX_ECDH_SIZE], secret_b[MAX_ECDH_SIZE];
-        int secret_size_a, secret_size_b;
-        int ecdh_checks = 0;
-        int secret_idx = 0;
-        long ecdh_c[EC_NUM][2];
+	EC_KEY *ecdh_a[EC_NUM], *ecdh_b[EC_NUM];
+	unsigned char secret_a[MAX_ECDH_SIZE], secret_b[MAX_ECDH_SIZE];
+	int secret_size_a, secret_size_b;
+	int ecdh_checks = 0;
+	int secret_idx = 0;
+	long ecdh_c[EC_NUM][2];
 #endif
 
 	int rsa_doit[RSA_NUM];
 	int dsa_doit[DSA_NUM];
+#ifndef OPENSSL_NO_ECDSA
 	int ecdsa_doit[EC_NUM];
+#endif
+#ifndef OPENSSL_NO_ECDH
         int ecdh_doit[EC_NUM];
+#endif
 	int doit[ALGOR_NUM];
 	int pr_header=0;
 	const EVP_CIPHER *evp_cipher=NULL;
 	const EVP_MD *evp_md=NULL;
 	int decrypt=0;
-#ifdef HAVE_FORK
+#ifndef NO_FORK
 	int multi=0;
 #endif
 
@@ -821,7 +729,7 @@ int MAIN(int argc, char **argv)
 			j--;
 			}
 #endif
-#ifdef HAVE_FORK
+#ifndef NO_FORK
 		else if	((argc > 0) && (strcmp(*argv,"-multi") == 0))
 			{
 			argc--;
@@ -875,11 +783,19 @@ int MAIN(int argc, char **argv)
 							doit[D_SHA256]=1,
 							doit[D_SHA512]=1;
 		else
+#ifndef OPENSSL_NO_SHA256
 			if (strcmp(*argv,"sha256") == 0) doit[D_SHA256]=1;
 		else
+#endif
+#ifndef OPENSSL_NO_SHA512
 			if (strcmp(*argv,"sha512") == 0) doit[D_SHA512]=1;
 		else
 #endif
+#endif
+#ifndef OPENSSL_NO_WHIRLPOOL
+			if (strcmp(*argv,"whirlpool") == 0) doit[D_WHIRLPOOL]=1;
+		else
+#endif
 #ifndef OPENSSL_NO_RIPEMD
 			if (strcmp(*argv,"ripemd") == 0) doit[D_RMD160]=1;
 		else
@@ -901,6 +817,15 @@ int MAIN(int argc, char **argv)
 			if (strcmp(*argv,"aes-128-cbc") == 0) doit[D_CBC_128_AES]=1;
 		else	if (strcmp(*argv,"aes-192-cbc") == 0) doit[D_CBC_192_AES]=1;
 		else	if (strcmp(*argv,"aes-256-cbc") == 0) doit[D_CBC_256_AES]=1;
+		else    if (strcmp(*argv,"aes-128-ige") == 0) doit[D_IGE_128_AES]=1;
+		else	if (strcmp(*argv,"aes-192-ige") == 0) doit[D_IGE_192_AES]=1;
+		else	if (strcmp(*argv,"aes-256-ige") == 0) doit[D_IGE_256_AES]=1;
+                else
+#endif
+#ifndef OPENSSL_NO_CAMELLIA
+			if (strcmp(*argv,"camellia-128-cbc") == 0) doit[D_CBC_128_CML]=1;
+		else    if (strcmp(*argv,"camellia-192-cbc") == 0) doit[D_CBC_192_CML]=1;
+		else    if (strcmp(*argv,"camellia-256-cbc") == 0) doit[D_CBC_256_CML]=1;
 		else
 #endif
 #ifndef OPENSSL_NO_RSA
@@ -944,6 +869,11 @@ int MAIN(int argc, char **argv)
 		else if (strcmp(*argv,"idea") == 0) doit[D_CBC_IDEA]=1;
 		else
 #endif
+#ifndef OPENSSL_NO_SEED
+		     if (strcmp(*argv,"seed-cbc") == 0) doit[D_CBC_SEED]=1;
+		else if (strcmp(*argv,"seed") == 0) doit[D_CBC_SEED]=1;
+		else
+#endif
 #ifndef OPENSSL_NO_BF
 		     if (strcmp(*argv,"bf-cbc") == 0) doit[D_CBC_BF]=1;
 		else if (strcmp(*argv,"blowfish") == 0) doit[D_CBC_BF]=1;
@@ -973,6 +903,15 @@ int MAIN(int argc, char **argv)
 			}
 		else
 #endif
+#ifndef OPENSSL_NO_CAMELLIA
+			if (strcmp(*argv,"camellia") == 0)
+			{
+			doit[D_CBC_128_CML]=1;
+			doit[D_CBC_192_CML]=1;
+			doit[D_CBC_256_CML]=1;
+			}
+		else
+#endif
 #ifndef OPENSSL_NO_RSA
 			if (strcmp(*argv,"rsa") == 0)
 			{
@@ -994,6 +933,7 @@ int MAIN(int argc, char **argv)
 #endif
 #ifndef OPENSSL_NO_ECDSA
 		     if (strcmp(*argv,"ecdsap160") == 0) ecdsa_doit[R_EC_P160]=2;
+		else if (strcmp(*argv,"ecdsap192") == 0) ecdsa_doit[R_EC_P192]=2;
 		else if (strcmp(*argv,"ecdsap224") == 0) ecdsa_doit[R_EC_P224]=2;
 		else if (strcmp(*argv,"ecdsap256") == 0) ecdsa_doit[R_EC_P256]=2;
 		else if (strcmp(*argv,"ecdsap384") == 0) ecdsa_doit[R_EC_P384]=2;
@@ -1017,6 +957,7 @@ int MAIN(int argc, char **argv)
 #endif
 #ifndef OPENSSL_NO_ECDH
 		     if (strcmp(*argv,"ecdhp160") == 0) ecdh_doit[R_EC_P160]=2;
+		else if (strcmp(*argv,"ecdhp192") == 0) ecdh_doit[R_EC_P192]=2;
 		else if (strcmp(*argv,"ecdhp224") == 0) ecdh_doit[R_EC_P224]=2;
 		else if (strcmp(*argv,"ecdhp256") == 0) ecdh_doit[R_EC_P256]=2;
 		else if (strcmp(*argv,"ecdhp384") == 0) ecdh_doit[R_EC_P384]=2;
@@ -1059,21 +1000,32 @@ int MAIN(int argc, char **argv)
 #endif
 #ifndef OPENSSL_NO_SHA1
 			BIO_printf(bio_err,"sha1     ");
-			BIO_printf(bio_err,"sha256  ");
-			BIO_printf(bio_err,"sha512  ");
+#endif
+#ifndef OPENSSL_NO_SHA256
+			BIO_printf(bio_err,"sha256   ");
+#endif
+#ifndef OPENSSL_NO_SHA512
+			BIO_printf(bio_err,"sha512   ");
+#endif
+#ifndef OPENSSL_NO_WHIRLPOOL
+			BIO_printf(bio_err,"whirlpool");
 #endif
 #ifndef OPENSSL_NO_RIPEMD160
 			BIO_printf(bio_err,"rmd160");
 #endif
 #if !defined(OPENSSL_NO_MD2) || !defined(OPENSSL_NO_MDC2) || \
     !defined(OPENSSL_NO_MD4) || !defined(OPENSSL_NO_MD5) || \
-    !defined(OPENSSL_NO_SHA1) || !defined(OPENSSL_NO_RIPEMD160)
+    !defined(OPENSSL_NO_SHA1) || !defined(OPENSSL_NO_RIPEMD160) || \
+    !defined(OPENSSL_NO_WHIRLPOOL)
 			BIO_printf(bio_err,"\n");
 #endif
 
 #ifndef OPENSSL_NO_IDEA
 			BIO_printf(bio_err,"idea-cbc ");
 #endif
+#ifndef OPENSSL_NO_SEED
+			BIO_printf(bio_err,"seed-cbc ");
+#endif
 #ifndef OPENSSL_NO_RC2
 			BIO_printf(bio_err,"rc2-cbc  ");
 #endif
@@ -1083,7 +1035,7 @@ int MAIN(int argc, char **argv)
 #ifndef OPENSSL_NO_BF
 			BIO_printf(bio_err,"bf-cbc");
 #endif
-#if !defined(OPENSSL_NO_IDEA) || !defined(OPENSSL_NO_RC2) || \
+#if !defined(OPENSSL_NO_IDEA) || !defined(OPENSSL_NO_SEED) || !defined(OPENSSL_NO_RC2) || \
     !defined(OPENSSL_NO_BF) || !defined(OPENSSL_NO_RC5)
 			BIO_printf(bio_err,"\n");
 #endif
@@ -1092,6 +1044,11 @@ int MAIN(int argc, char **argv)
 #endif
 #ifndef OPENSSL_NO_AES
 			BIO_printf(bio_err,"aes-128-cbc aes-192-cbc aes-256-cbc ");
+			BIO_printf(bio_err,"aes-128-ige aes-192-ige aes-256-ige ");
+#endif
+#ifndef OPENSSL_NO_CAMELLIA
+			BIO_printf(bio_err,"\n");
+			BIO_printf(bio_err,"camellia-128-cbc camellia-192-cbc camellia-256-cbc ");
 #endif
 #ifndef OPENSSL_NO_RC4
 			BIO_printf(bio_err,"rc4");
@@ -1106,13 +1063,13 @@ int MAIN(int argc, char **argv)
 			BIO_printf(bio_err,"dsa512   dsa1024  dsa2048\n");
 #endif
 #ifndef OPENSSL_NO_ECDSA
-			BIO_printf(bio_err,"ecdsap160 ecdsap224 ecdsap256 ecdsap384 ecdsap521\n");
+			BIO_printf(bio_err,"ecdsap160 ecdsap192 ecdsap224 ecdsap256 ecdsap384 ecdsap521\n");
 			BIO_printf(bio_err,"ecdsak163 ecdsak233 ecdsak283 ecdsak409 ecdsak571\n");
 			BIO_printf(bio_err,"ecdsab163 ecdsab233 ecdsab283 ecdsab409 ecdsab571\n");
 			BIO_printf(bio_err,"ecdsa\n");
 #endif
 #ifndef OPENSSL_NO_ECDH
-			BIO_printf(bio_err,"ecdhp160  ecdhp224  ecdhp256  ecdhp384  ecdhp521\n");
+			BIO_printf(bio_err,"ecdhp160  ecdhp192  ecdhp224  ecdhp256  ecdhp384  ecdhp521\n");
 			BIO_printf(bio_err,"ecdhk163  ecdhk233  ecdhk283  ecdhk409  ecdhk571\n");
 			BIO_printf(bio_err,"ecdhb163  ecdhb233  ecdhb283  ecdhb409  ecdhb571\n");
 			BIO_printf(bio_err,"ecdh\n");
@@ -1121,6 +1078,9 @@ int MAIN(int argc, char **argv)
 #ifndef OPENSSL_NO_IDEA
 			BIO_printf(bio_err,"idea     ");
 #endif
+#ifndef OPENSSL_NO_SEED
+			BIO_printf(bio_err,"seed     ");
+#endif
 #ifndef OPENSSL_NO_RC2
 			BIO_printf(bio_err,"rc2      ");
 #endif
@@ -1130,15 +1090,19 @@ int MAIN(int argc, char **argv)
 #ifndef OPENSSL_NO_AES
 			BIO_printf(bio_err,"aes      ");
 #endif
+#ifndef OPENSSL_NO_CAMELLIA
+			BIO_printf(bio_err,"camellia ");
+#endif
 #ifndef OPENSSL_NO_RSA
 			BIO_printf(bio_err,"rsa      ");
 #endif
 #ifndef OPENSSL_NO_BF
 			BIO_printf(bio_err,"blowfish");
 #endif
-#if !defined(OPENSSL_NO_IDEA) || !defined(OPENSSL_NO_RC2) || \
-    !defined(OPENSSL_NO_DES) || !defined(OPENSSL_NO_RSA) || \
-    !defined(OPENSSL_NO_BF) || !defined(OPENSSL_NO_AES)
+#if !defined(OPENSSL_NO_IDEA) || !defined(OPENSSL_NO_SEED) || \
+    !defined(OPENSSL_NO_RC2) || !defined(OPENSSL_NO_DES) || \
+    !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_BF) || \
+    !defined(OPENSSL_NO_AES) || !defined(OPENSSL_NO_CAMELLIA)
 			BIO_printf(bio_err,"\n");
 #endif
 
@@ -1153,7 +1117,7 @@ int MAIN(int argc, char **argv)
 			BIO_printf(bio_err,"-evp e          use EVP e.\n");
 			BIO_printf(bio_err,"-decrypt        time decryption instead of encryption (only EVP).\n");
 			BIO_printf(bio_err,"-mr             produce machine readable output.\n");
-#ifdef HAVE_FORK
+#ifndef NO_FORK
 			BIO_printf(bio_err,"-multi n        run n benchmarks in parallel.\n");
 #endif
 			goto end;
@@ -1163,7 +1127,7 @@ int MAIN(int argc, char **argv)
 		j++;
 		}
 
-#ifdef HAVE_FORK
+#ifndef NO_FORK
 	if(multi && do_multi(multi))
 		goto show_res;
 #endif
@@ -1179,17 +1143,20 @@ int MAIN(int argc, char **argv)
 			rsa_doit[i]=1;
 		for (i=0; i<DSA_NUM; i++)
 			dsa_doit[i]=1;
+#ifndef OPENSSL_NO_ECDSA
+		for (i=0; i<EC_NUM; i++)
+			ecdsa_doit[i]=1;
+#endif
+#ifndef OPENSSL_NO_ECDH
+		for (i=0; i<EC_NUM; i++)
+			ecdh_doit[i]=1;
+#endif
 		}
 	for (i=0; i<ALGOR_NUM; i++)
 		if (doit[i]) pr_header++;
 
 	if (usertime == 0 && !mr)
 		BIO_printf(bio_err,"You have chosen to measure elapsed time instead of user CPU time.\n");
-	if (usertime <= 0 && !mr)
-		{
-		BIO_printf(bio_err,"To get the most accurate results, try to run this\n");
-		BIO_printf(bio_err,"program when this computer is idle.\n");
-		}
 
 #ifndef OPENSSL_NO_RSA
 	for (i=0; i<RSA_NUM; i++)
@@ -1232,9 +1199,17 @@ int MAIN(int argc, char **argv)
 	AES_set_encrypt_key(key24,192,&aes_ks2);
 	AES_set_encrypt_key(key32,256,&aes_ks3);
 #endif
+#ifndef OPENSSL_NO_CAMELLIA
+	Camellia_set_key(key16,128,&camellia_ks1);
+	Camellia_set_key(ckey24,192,&camellia_ks2);
+	Camellia_set_key(ckey32,256,&camellia_ks3);
+#endif
 #ifndef OPENSSL_NO_IDEA
 	idea_set_encrypt_key(key16,&idea_ks);
 #endif
+#ifndef OPENSSL_NO_SEED
+	SEED_set_key(key16,&seed_ks);
+#endif
 #ifndef OPENSSL_NO_RC4
 	RC4_set_key(&rc4_ks,16,key16);
 #endif
@@ -1258,10 +1233,10 @@ int MAIN(int argc, char **argv)
 	BIO_printf(bio_err,"First we calculate the approximate speed ...\n");
 	count=10;
 	do	{
-		long i;
+		long it;
 		count*=2;
 		Time_F(START);
-		for (i=count; i; i--)
+		for (it=count; it; it--)
 			DES_ecb_encrypt(buf_as_des_cblock,buf_as_des_cblock,
 				&sch,DES_ENCRYPT);
 		d=Time_F(STOP);
@@ -1278,6 +1253,7 @@ int MAIN(int argc, char **argv)
 	c[D_CBC_DES][0]=count;
 	c[D_EDE3_DES][0]=count/3;
 	c[D_CBC_IDEA][0]=count;
+	c[D_CBC_SEED][0]=count;
 	c[D_CBC_RC2][0]=count;
 	c[D_CBC_RC5][0]=count;
 	c[D_CBC_BF][0]=count;
@@ -1285,8 +1261,15 @@ int MAIN(int argc, char **argv)
 	c[D_CBC_128_AES][0]=count;
 	c[D_CBC_192_AES][0]=count;
 	c[D_CBC_256_AES][0]=count;
+	c[D_CBC_128_CML][0]=count;
+	c[D_CBC_192_CML][0]=count;
+	c[D_CBC_256_CML][0]=count;
 	c[D_SHA256][0]=count;
 	c[D_SHA512][0]=count;
+	c[D_WHIRLPOOL][0]=count;
+	c[D_IGE_128_AES][0]=count;
+	c[D_IGE_192_AES][0]=count;
+	c[D_IGE_256_AES][0]=count;
 
 	for (i=1; i<SIZE_NUM; i++)
 		{
@@ -1299,6 +1282,7 @@ int MAIN(int argc, char **argv)
 		c[D_RMD160][i]=c[D_RMD160][0]*4*lengths[0]/lengths[i];
 		c[D_SHA256][i]=c[D_SHA256][0]*4*lengths[0]/lengths[i];
 		c[D_SHA512][i]=c[D_SHA512][0]*4*lengths[0]/lengths[i];
+		c[D_WHIRLPOOL][i]=c[D_WHIRLPOOL][0]*4*lengths[0]/lengths[i];
 		}
 	for (i=1; i<SIZE_NUM; i++)
 		{
@@ -1310,6 +1294,7 @@ int MAIN(int argc, char **argv)
 		c[D_CBC_DES][i]=c[D_CBC_DES][i-1]*l0/l1;
 		c[D_EDE3_DES][i]=c[D_EDE3_DES][i-1]*l0/l1;
 		c[D_CBC_IDEA][i]=c[D_CBC_IDEA][i-1]*l0/l1;
+		c[D_CBC_SEED][i]=c[D_CBC_SEED][i-1]*l0/l1;
 		c[D_CBC_RC2][i]=c[D_CBC_RC2][i-1]*l0/l1;
 		c[D_CBC_RC5][i]=c[D_CBC_RC5][i-1]*l0/l1;
 		c[D_CBC_BF][i]=c[D_CBC_BF][i-1]*l0/l1;
@@ -1317,6 +1302,12 @@ int MAIN(int argc, char **argv)
 		c[D_CBC_128_AES][i]=c[D_CBC_128_AES][i-1]*l0/l1;
 		c[D_CBC_192_AES][i]=c[D_CBC_192_AES][i-1]*l0/l1;
 		c[D_CBC_256_AES][i]=c[D_CBC_256_AES][i-1]*l0/l1;
+ 		c[D_CBC_128_CML][i]=c[D_CBC_128_CML][i-1]*l0/l1;
+		c[D_CBC_192_CML][i]=c[D_CBC_192_CML][i-1]*l0/l1;
+		c[D_CBC_256_CML][i]=c[D_CBC_256_CML][i-1]*l0/l1;
+		c[D_IGE_128_AES][i]=c[D_IGE_128_AES][i-1]*l0/l1;
+		c[D_IGE_192_AES][i]=c[D_IGE_192_AES][i-1]*l0/l1;
+		c[D_IGE_256_AES][i]=c[D_IGE_256_AES][i-1]*l0/l1;
 		}
 #ifndef OPENSSL_NO_RSA
 	rsa_c[R_RSA_512][0]=count/2000;
@@ -1361,7 +1352,7 @@ int MAIN(int argc, char **argv)
 #ifndef OPENSSL_NO_ECDSA
 	ecdsa_c[R_EC_P160][0]=count/1000;
 	ecdsa_c[R_EC_P160][1]=count/1000/2;
-	for (i=R_EC_P224; i<=R_EC_P521; i++)
+	for (i=R_EC_P192; i<=R_EC_P521; i++)
 		{
 		ecdsa_c[i][0]=ecdsa_c[i-1][0]/2;
 		ecdsa_c[i][1]=ecdsa_c[i-1][1]/2;
@@ -1415,7 +1406,7 @@ int MAIN(int argc, char **argv)
 #ifndef OPENSSL_NO_ECDH
 	ecdh_c[R_EC_P160][0]=count/1000;
 	ecdh_c[R_EC_P160][1]=count/1000;
-	for (i=R_EC_P224; i<=R_EC_P521; i++)
+	for (i=R_EC_P192; i<=R_EC_P521; i++)
 		{
 		ecdh_c[i][0]=ecdh_c[i-1][0]/2;
 		ecdh_c[i][1]=ecdh_c[i-1][1]/2;
@@ -1473,9 +1464,11 @@ int MAIN(int argc, char **argv)
 # error "You cannot disable DES on systems without SIGALRM."
 #endif /* OPENSSL_NO_DES */
 #else
-#define COND(c)	(run)
+#define COND(c)	(run && count<0x7fffffff)
 #define COUNT(d) (count)
+#ifndef _WIN32
 	signal(SIGALRM,sig_done);
+#endif
 #endif /* SIGALRM */
 
 #ifndef OPENSSL_NO_MD2
@@ -1605,8 +1598,23 @@ int MAIN(int argc, char **argv)
 			}
 		}
 #endif
+#endif
 
+#ifndef OPENSSL_NO_WHIRLPOOL
+	if (doit[D_WHIRLPOOL])
+		{
+		for (j=0; j<SIZE_NUM; j++)
+			{
+			print_message(names[D_WHIRLPOOL],c[D_WHIRLPOOL][j],lengths[j]);
+			Time_F(START);
+			for (count=0,run=1; COND(c[D_WHIRLPOOL][j]); count++)
+				WHIRLPOOL(buf,lengths[j],whirlpool);
+			d=Time_F(STOP);
+			print_result(D_WHIRLPOOL,j,count,d);
+			}
+		}
 #endif
+
 #ifndef OPENSSL_NO_RIPEMD
 	if (doit[D_RMD160])
 		{
@@ -1710,6 +1718,95 @@ int MAIN(int argc, char **argv)
 			}
 		}
 
+	if (doit[D_IGE_128_AES])
+		{
+		for (j=0; j<SIZE_NUM; j++)
+			{
+			print_message(names[D_IGE_128_AES],c[D_IGE_128_AES][j],lengths[j]);
+			Time_F(START);
+			for (count=0,run=1; COND(c[D_IGE_128_AES][j]); count++)
+				AES_ige_encrypt(buf,buf2,
+					(unsigned long)lengths[j],&aes_ks1,
+					iv,AES_ENCRYPT);
+			d=Time_F(STOP);
+			print_result(D_IGE_128_AES,j,count,d);
+			}
+		}
+	if (doit[D_IGE_192_AES])
+		{
+		for (j=0; j<SIZE_NUM; j++)
+			{
+			print_message(names[D_IGE_192_AES],c[D_IGE_192_AES][j],lengths[j]);
+			Time_F(START);
+			for (count=0,run=1; COND(c[D_IGE_192_AES][j]); count++)
+				AES_ige_encrypt(buf,buf2,
+					(unsigned long)lengths[j],&aes_ks2,
+					iv,AES_ENCRYPT);
+			d=Time_F(STOP);
+			print_result(D_IGE_192_AES,j,count,d);
+			}
+		}
+	if (doit[D_IGE_256_AES])
+		{
+		for (j=0; j<SIZE_NUM; j++)
+			{
+			print_message(names[D_IGE_256_AES],c[D_IGE_256_AES][j],lengths[j]);
+			Time_F(START);
+			for (count=0,run=1; COND(c[D_IGE_256_AES][j]); count++)
+				AES_ige_encrypt(buf,buf2,
+					(unsigned long)lengths[j],&aes_ks3,
+					iv,AES_ENCRYPT);
+			d=Time_F(STOP);
+			print_result(D_IGE_256_AES,j,count,d);
+			}
+		}
+
+
+#endif
+#ifndef OPENSSL_NO_CAMELLIA
+	if (doit[D_CBC_128_CML])
+		{
+		for (j=0; j<SIZE_NUM; j++)
+			{
+			print_message(names[D_CBC_128_CML],c[D_CBC_128_CML][j],lengths[j]);
+			Time_F(START);
+			for (count=0,run=1; COND(c[D_CBC_128_CML][j]); count++)
+				Camellia_cbc_encrypt(buf,buf,
+				        (unsigned long)lengths[j],&camellia_ks1,
+				        iv,CAMELLIA_ENCRYPT);
+			d=Time_F(STOP);
+			print_result(D_CBC_128_CML,j,count,d);
+			}
+		}
+	if (doit[D_CBC_192_CML])
+		{
+		for (j=0; j<SIZE_NUM; j++)
+			{
+			print_message(names[D_CBC_192_CML],c[D_CBC_192_CML][j],lengths[j]);
+			Time_F(START);
+			for (count=0,run=1; COND(c[D_CBC_192_CML][j]); count++)
+				Camellia_cbc_encrypt(buf,buf,
+				        (unsigned long)lengths[j],&camellia_ks2,
+				        iv,CAMELLIA_ENCRYPT);
+			d=Time_F(STOP);
+			print_result(D_CBC_192_CML,j,count,d);
+			}
+		}
+	if (doit[D_CBC_256_CML])
+		{
+		for (j=0; j<SIZE_NUM; j++)
+			{
+			print_message(names[D_CBC_256_CML],c[D_CBC_256_CML][j],lengths[j]);
+			Time_F(START);
+			for (count=0,run=1; COND(c[D_CBC_256_CML][j]); count++)
+				Camellia_cbc_encrypt(buf,buf,
+				        (unsigned long)lengths[j],&camellia_ks3,
+				        iv,CAMELLIA_ENCRYPT);
+			d=Time_F(STOP);
+			print_result(D_CBC_256_CML,j,count,d);
+			}
+		}
+
 #endif
 #ifndef OPENSSL_NO_IDEA
 	if (doit[D_CBC_IDEA])
@@ -1727,6 +1824,21 @@ int MAIN(int argc, char **argv)
 			}
 		}
 #endif
+#ifndef OPENSSL_NO_SEED
+	if (doit[D_CBC_SEED])
+		{
+		for (j=0; j<SIZE_NUM; j++)
+			{
+			print_message(names[D_CBC_SEED],c[D_CBC_SEED][j],lengths[j]);
+			Time_F(START);
+			for (count=0,run=1; COND(c[D_CBC_SEED][j]); count++)
+				SEED_cbc_encrypt(buf,buf,
+					(unsigned long)lengths[j],&seed_ks,iv,1);
+			d=Time_F(STOP);
+			print_result(D_CBC_SEED,j,count,d);
+			}
+		}
+#endif
 #ifndef OPENSSL_NO_RC2
 	if (doit[D_CBC_RC2])
 		{
@@ -1904,7 +2016,7 @@ int MAIN(int argc, char **argv)
 				{
 				ret=RSA_verify(NID_md5_sha1, buf,36, buf2,
 					rsa_num, rsa_key[j]);
-				if (ret == 0)
+				if (ret <= 0)
 					{
 					BIO_printf(bio_err,
 						"RSA verify failure\n");
@@ -2035,7 +2147,7 @@ int MAIN(int argc, char **argv)
 		int ret;
 
 		if (!ecdsa_doit[j]) continue; /* Ignore Curve */ 
-		ecdsa[j] = EC_KEY_new();
+		ecdsa[j] = EC_KEY_new_by_curve_name(test_curves[j]);
 		if (ecdsa[j] == NULL) 
 			{
 			BIO_printf(bio_err,"ECDSA failure.\n");
@@ -2044,100 +2156,89 @@ int MAIN(int argc, char **argv)
 			} 
 		else 
 			{
-			ecdsa[j]->group = EC_GROUP_new_by_nid(test_curves[j]);
-			/* Could not obtain group information */
-			if (ecdsa[j]->group == NULL) 
+#if 1
+			EC_KEY_precompute_mult(ecdsa[j], NULL);
+#endif
+			/* Perform ECDSA signature test */
+			EC_KEY_generate_key(ecdsa[j]);
+			ret = ECDSA_sign(0, buf, 20, ecdsasig, 
+				&ecdsasiglen, ecdsa[j]);
+			if (ret == 0) 
 				{
-				BIO_printf(bio_err,"ECDSA failure.Could not obtain group information\n");
+				BIO_printf(bio_err,"ECDSA sign failure.  No ECDSA sign will be done.\n");
 				ERR_print_errors(bio_err);
 				rsa_count=1;
 				} 
 			else 
 				{
-#if 1
-				EC_GROUP_precompute_mult(ecdsa[j]->group, NULL);
-#endif
-				/* Perform ECDSA signature test */
-				EC_KEY_generate_key(ecdsa[j]);
-				ret = ECDSA_sign(0, buf, 20, ecdsasig, 
-					&ecdsasiglen, ecdsa[j]);
-				if (ret == 0) 
-					{
-					BIO_printf(bio_err,"ECDSA sign failure.  No ECDSA sign will be done.\n");
-					ERR_print_errors(bio_err);
-					rsa_count=1;
-					} 
-				else 
+				pkey_print_message("sign","ecdsa",
+					ecdsa_c[j][0], 
+					test_curves_bits[j],
+					ECDSA_SECONDS);
+
+				Time_F(START);
+				for (count=0,run=1; COND(ecdsa_c[j][0]);
+					count++) 
 					{
-					pkey_print_message("sign","ecdsa",
-						ecdsa_c[j][0], 
-						test_curves_bits[j],
-						ECDSA_SECONDS);
-
-					Time_F(START);
-					for (count=0,run=1; COND(ecdsa_c[j][0]);
-						count++) 
+					ret=ECDSA_sign(0, buf, 20, 
+						ecdsasig, &ecdsasiglen,
+						ecdsa[j]);
+					if (ret == 0) 
 						{
-						ret=ECDSA_sign(0, buf, 20, 
-							ecdsasig, &ecdsasiglen,
-							ecdsa[j]);
-						if (ret == 0) 
-							{
-							BIO_printf(bio_err, "ECDSA sign failure\n");
-							ERR_print_errors(bio_err);
-							count=1;
-							break;
-							}
+						BIO_printf(bio_err, "ECDSA sign failure\n");
+						ERR_print_errors(bio_err);
+						count=1;
+						break;
 						}
-						d=Time_F(STOP);
-
-						BIO_printf(bio_err, mr ? "+R5:%ld:%d:%.2f\n" :
-						"%ld %d bit ECDSA signs in %.2fs \n", 
-						count, test_curves_bits[j], d);
-						ecdsa_results[j][0]=d/(double)count;
-						rsa_count=count;
 					}
+				d=Time_F(STOP);
 
-				/* Perform ECDSA verification test */
-				ret=ECDSA_verify(0, buf, 20, ecdsasig, 
-					ecdsasiglen, ecdsa[j]);
-				if (ret != 1) 
-					{
-					BIO_printf(bio_err,"ECDSA verify failure.  No ECDSA verify will be done.\n");
-					ERR_print_errors(bio_err);
-					ecdsa_doit[j] = 0;
-					} 
-				else 
+				BIO_printf(bio_err, mr ? "+R5:%ld:%d:%.2f\n" :
+					"%ld %d bit ECDSA signs in %.2fs \n", 
+					count, test_curves_bits[j], d);
+				ecdsa_results[j][0]=d/(double)count;
+				rsa_count=count;
+				}
+
+			/* Perform ECDSA verification test */
+			ret=ECDSA_verify(0, buf, 20, ecdsasig, 
+				ecdsasiglen, ecdsa[j]);
+			if (ret != 1) 
+				{
+				BIO_printf(bio_err,"ECDSA verify failure.  No ECDSA verify will be done.\n");
+				ERR_print_errors(bio_err);
+				ecdsa_doit[j] = 0;
+				} 
+			else 
+				{
+				pkey_print_message("verify","ecdsa",
+				ecdsa_c[j][1],
+				test_curves_bits[j],
+				ECDSA_SECONDS);
+				Time_F(START);
+				for (count=0,run=1; COND(ecdsa_c[j][1]); count++) 
 					{
-					pkey_print_message("verify","ecdsa",
-					ecdsa_c[j][1],
-					test_curves_bits[j],
-					ECDSA_SECONDS);
-					Time_F(START);
-					for (count=0,run=1; COND(ecdsa_c[j][1]); count++) 
+					ret=ECDSA_verify(0, buf, 20, ecdsasig, ecdsasiglen, ecdsa[j]);
+					if (ret != 1) 
 						{
-						ret=ECDSA_verify(0, buf, 20, ecdsasig, ecdsasiglen, ecdsa[j]);
-						if (ret != 1) 
-							{
-							BIO_printf(bio_err, "ECDSA verify failure\n");
-							ERR_print_errors(bio_err);
-							count=1;
-							break;
-							}
+						BIO_printf(bio_err, "ECDSA verify failure\n");
+						ERR_print_errors(bio_err);
+						count=1;
+						break;
 						}
-						d=Time_F(STOP);
-						BIO_printf(bio_err, mr? "+R6:%ld:%d:%.2f\n"
-							: "%ld %d bit ECDSA verify in %.2fs\n",
-						count, test_curves_bits[j], d);
-						ecdsa_results[j][1]=d/(double)count;
 					}
+				d=Time_F(STOP);
+				BIO_printf(bio_err, mr? "+R6:%ld:%d:%.2f\n"
+						: "%ld %d bit ECDSA verify in %.2fs\n",
+				count, test_curves_bits[j], d);
+				ecdsa_results[j][1]=d/(double)count;
+				}
 
-				if (rsa_count <= 1) 
-					{
-					/* if longer than 10s, don't do any more */
-					for (j++; j<EC_NUM; j++)
-					ecdsa_doit[j]=0;
-					}
+			if (rsa_count <= 1) 
+				{
+				/* if longer than 10s, don't do any more */
+				for (j++; j<EC_NUM; j++)
+				ecdsa_doit[j]=0;
 				}
 			}
 		}
@@ -2153,8 +2254,8 @@ int MAIN(int argc, char **argv)
 	for (j=0; j<EC_NUM; j++)
 		{
 		if (!ecdh_doit[j]) continue;
-		ecdh_a[j] = EC_KEY_new();
-		ecdh_b[j] = EC_KEY_new();
+		ecdh_a[j] = EC_KEY_new_by_curve_name(test_curves[j]);
+		ecdh_b[j] = EC_KEY_new_by_curve_name(test_curves[j]);
 		if ((ecdh_a[j] == NULL) || (ecdh_b[j] == NULL))
 			{
 			BIO_printf(bio_err,"ECDH failure.\n");
@@ -2163,90 +2264,79 @@ int MAIN(int argc, char **argv)
 			}
 		else
 			{
-			ecdh_a[j]->group = EC_GROUP_new_by_nid(test_curves[j]);
-			if (ecdh_a[j]->group == NULL)
+			/* generate two ECDH key pairs */
+			if (!EC_KEY_generate_key(ecdh_a[j]) ||
+				!EC_KEY_generate_key(ecdh_b[j]))
 				{
-				BIO_printf(bio_err,"ECDH failure.\n");
+				BIO_printf(bio_err,"ECDH key generation failure.\n");
 				ERR_print_errors(bio_err);
-				rsa_count=1;
+				rsa_count=1;		
 				}
 			else
 				{
-				ecdh_b[j]->group = EC_GROUP_dup(ecdh_a[j]->group);
-
-				/* generate two ECDH key pairs */
-				if (!EC_KEY_generate_key(ecdh_a[j]) ||
-					!EC_KEY_generate_key(ecdh_b[j]))
+				/* If field size is not more than 24 octets, then use SHA-1 hash of result;
+				 * otherwise, use result (see section 4.8 of draft-ietf-tls-ecc-03.txt).
+				 */
+				int field_size, outlen;
+				void *(*kdf)(const void *in, size_t inlen, void *out, size_t *xoutlen);
+				field_size = EC_GROUP_get_degree(EC_KEY_get0_group(ecdh_a[j]));
+				if (field_size <= 24 * 8)
 					{
-					BIO_printf(bio_err,"ECDH key generation failure.\n");
-					ERR_print_errors(bio_err);
-					rsa_count=1;		
+					outlen = KDF1_SHA1_len;
+					kdf = KDF1_SHA1;
 					}
 				else
 					{
-					/* If field size is not more than 24 octets, then use SHA-1 hash of result;
-					 * otherwise, use result (see section 4.8 of draft-ietf-tls-ecc-03.txt).
-					 */
-					int field_size, outlen;
-					void *(*kdf)(void *in, size_t inlen, void *out, size_t xoutlen);
-					field_size = EC_GROUP_get_degree(ecdh_a[j]->group);
-					if (field_size <= 24 * 8)
-						{
-						outlen = KDF1_SHA1_len;
-						kdf = KDF1_SHA1;
-						}
-					else
-						{
-						outlen = (field_size+7)/8;
-						kdf = NULL;
-						}
-					secret_size_a = ECDH_compute_key(secret_a, outlen,
-						ecdh_b[j]->pub_key,
-						ecdh_a[j], kdf);
-					secret_size_b = ECDH_compute_key(secret_b, outlen,
-						ecdh_a[j]->pub_key,
-						ecdh_b[j], kdf);
-					if (secret_size_a != secret_size_b) 
-						ecdh_checks = 0;
-					else
-						ecdh_checks = 1;
-
-					for (secret_idx = 0; 
-					    (secret_idx < secret_size_a)
-						&& (ecdh_checks == 1);
-					    secret_idx++)
-						{
-						if (secret_a[secret_idx] != secret_b[secret_idx])
-						ecdh_checks = 0;
-						}
+					outlen = (field_size+7)/8;
+					kdf = NULL;
+					}
+				secret_size_a = ECDH_compute_key(secret_a, outlen,
+					EC_KEY_get0_public_key(ecdh_b[j]),
+					ecdh_a[j], kdf);
+				secret_size_b = ECDH_compute_key(secret_b, outlen,
+					EC_KEY_get0_public_key(ecdh_a[j]),
+					ecdh_b[j], kdf);
+				if (secret_size_a != secret_size_b) 
+					ecdh_checks = 0;
+				else
+					ecdh_checks = 1;
 
-					if (ecdh_checks == 0)
-						{
-						BIO_printf(bio_err,"ECDH computations don't match.\n");
-						ERR_print_errors(bio_err);
-						rsa_count=1;		
-						}
+				for (secret_idx = 0; 
+				    (secret_idx < secret_size_a)
+					&& (ecdh_checks == 1);
+				    secret_idx++)
+					{
+					if (secret_a[secret_idx] != secret_b[secret_idx])
+					ecdh_checks = 0;
+					}
 
-					pkey_print_message("","ecdh",
-					ecdh_c[j][0], 
-					test_curves_bits[j],
-					ECDH_SECONDS);
-					Time_F(START);
-					for (count=0,run=1; COND(ecdh_c[j][0]); count++)
-						{
-						ECDH_compute_key(secret_a, outlen,
-						ecdh_b[j]->pub_key,
-						ecdh_a[j], kdf);
-						}
-					d=Time_F(STOP);
-					BIO_printf(bio_err, mr ? "+R7:%ld:%d:%.2f\n" :"%ld %d-bit ECDH ops in %.2fs\n",
-					count, test_curves_bits[j], d);
-					ecdh_results[j][0]=d/(double)count;
-					rsa_count=count;
+				if (ecdh_checks == 0)
+					{
+					BIO_printf(bio_err,"ECDH computations don't match.\n");
+					ERR_print_errors(bio_err);
+					rsa_count=1;		
+					}
+
+				pkey_print_message("","ecdh",
+				ecdh_c[j][0], 
+				test_curves_bits[j],
+				ECDH_SECONDS);
+				Time_F(START);
+				for (count=0,run=1; COND(ecdh_c[j][0]); count++)
+					{
+					ECDH_compute_key(secret_a, outlen,
+					EC_KEY_get0_public_key(ecdh_b[j]),
+					ecdh_a[j], kdf);
 					}
+				d=Time_F(STOP);
+				BIO_printf(bio_err, mr ? "+R7:%ld:%d:%.2f\n" :"%ld %d-bit ECDH ops in %.2fs\n",
+				count, test_curves_bits[j], d);
+				ecdh_results[j][0]=d/(double)count;
+				rsa_count=count;
 				}
 			}
 
+
 		if (rsa_count <= 1)
 			{
 			/* if longer than 10s, don't do any more */
@@ -2256,7 +2346,7 @@ int MAIN(int argc, char **argv)
 		}
 	if (rnd_fake) RAND_cleanup();
 #endif
-#ifdef HAVE_FORK
+#ifndef NO_FORK
 show_res:
 #endif
 	if(!mr)
@@ -2284,35 +2374,6 @@ show_res:
 		printf("%s ",BF_options());
 #endif
 		fprintf(stdout,"\n%s\n",SSLeay_version(SSLEAY_CFLAGS));
-		printf("available timing options: ");
-#ifdef TIMES
-		printf("TIMES ");
-#endif
-#ifdef TIMEB
-		printf("TIMEB ");
-#endif
-#ifdef USE_TOD
-		printf("USE_TOD ");
-#endif
-#ifdef HZ
-#define as_string(s) (#s)
-		{
-		double dbl = HZ;
-		printf("HZ=%g", dbl);
-		}
-# ifdef _SC_CLK_TCK
-		printf(" [sysconf value]");
-# endif
-#endif
-		printf("\n");
-		printf("timing function used: %s%s%s%s%s%s%s\n",
-		       (ftime_used ? "ftime" : ""),
-		       (ftime_used + times_used > 1 ? "," : ""),
-		       (times_used ? "times" : ""),
-		       (ftime_used + times_used + gettimeofday_used > 1 ? "," : ""),
-		       (gettimeofday_used ? "gettimeofday" : ""),
-		       (ftime_used + times_used + gettimeofday_used + getrusage_used > 1 ? "," : ""),
-		       (getrusage_used ? "getrusage" : ""));
 		}
 
 	if (pr_header)
@@ -2360,7 +2421,7 @@ show_res:
 				k,rsa_bits[k],rsa_results[k][0],
 				rsa_results[k][1]);
 		else
-			fprintf(stdout,"rsa %4u bits %8.4fs %8.4fs %8.1f %8.1f\n",
+			fprintf(stdout,"rsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n",
 				rsa_bits[k],rsa_results[k][0],rsa_results[k][1],
 				1.0/rsa_results[k][0],1.0/rsa_results[k][1]);
 		}
@@ -2379,7 +2440,7 @@ show_res:
 			fprintf(stdout,"+F3:%u:%u:%f:%f\n",
 				k,dsa_bits[k],dsa_results[k][0],dsa_results[k][1]);
 		else
-			fprintf(stdout,"dsa %4u bits %8.4fs %8.4fs %8.1f %8.1f\n",
+			fprintf(stdout,"dsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n",
 				dsa_bits[k],dsa_results[k][0],dsa_results[k][1],
 				1.0/dsa_results[k][0],1.0/dsa_results[k][1]);
 		}
@@ -2486,8 +2547,8 @@ static void print_message(const char *s, long num, int length)
 #endif
 	}
 
-static void pkey_print_message(char *str, char *str2, long num, int bits,
-	     int tm)
+static void pkey_print_message(const char *str, const char *str2, long num,
+	int bits, int tm)
 	{
 #ifdef SIGALRM
 	BIO_printf(bio_err,mr ? "+DTP:%d:%s:%s:%d\n"
@@ -2511,6 +2572,7 @@ static void print_result(int alg,int run_no,int count,double time_used)
 	results[alg][run_no]=((double)count)/time_used*lengths[run_no];
 	}
 
+#ifndef NO_FORK
 static char *sstrsep(char **string, const char *delim)
     {
     char isdelim[256];
@@ -2542,7 +2604,6 @@ static char *sstrsep(char **string, const char *delim)
     return token;
     }
 
-#ifdef HAVE_FORK
 static int do_multi(int multi)
 	{
 	int n;
@@ -2554,6 +2615,8 @@ static int do_multi(int multi)
 	for(n=0 ; n < multi ; ++n)
 		{
 		pipe(fd);
+		fflush(stdout);
+		fflush(stderr);
 		if(fork())
 			{
 			close(fd[1]);
@@ -2567,6 +2630,7 @@ static int do_multi(int multi)
 			close(fd[1]);
 			mr=1;
 			usertime=0;
+			free(fds);
 			return 0;
 			}
 		printf("Forked child %d\n",n);
@@ -2715,7 +2779,10 @@ static int do_multi(int multi)
 			else
 				fprintf(stderr,"Unknown type '%s' from child %d\n",buf,n);
 			}
+
+		fclose(f);
 		}
+	free(fds);
 	return 1;
 	}
 #endif
diff --git a/apps/spkac.c b/apps/spkac.c
index 47ee53f1ee..0e01ea9947 100644
--- a/apps/spkac.c
+++ b/apps/spkac.c
@@ -1,6 +1,6 @@
 /* apps/spkac.c */
 
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999. Based on an original idea by Massimiliano Pala
  * (madwolf@openca.org).
  */
@@ -87,7 +87,8 @@ int MAIN(int argc, char **argv)
 	int verify=0,noout=0,pubkey=0;
 	char *infile = NULL,*outfile = NULL,*prog;
 	char *passargin = NULL, *passin = NULL;
-	char *spkac = "SPKAC", *spksect = "default", *spkstr = NULL;
+	const char *spkac = "SPKAC", *spksect = "default";
+	char *spkstr = NULL;
 	char *challenge = NULL, *keyfile = NULL;
 	CONF *conf = NULL;
 	NETSCAPE_SPKI *spki = NULL;
@@ -200,7 +201,7 @@ bad:
 		}
 		spki = NETSCAPE_SPKI_new();
 		if(challenge) ASN1_STRING_set(spki->spkac->challenge,
-						 challenge, strlen(challenge));
+						 challenge, (int)strlen(challenge));
 		NETSCAPE_SPKI_set_pubkey(spki, pkey);
 		NETSCAPE_SPKI_sign(spki, pkey, EVP_md5());
 		spkstr = NETSCAPE_SPKI_b64_encode(spki);
@@ -284,7 +285,7 @@ bad:
 	pkey = NETSCAPE_SPKI_get_pubkey(spki);
 	if(verify) {
 		i = NETSCAPE_SPKI_verify(spki, pkey);
-		if(i) BIO_printf(bio_err, "Signature OK\n");
+		if (i > 0) BIO_printf(bio_err, "Signature OK\n");
 		else {
 			BIO_printf(bio_err, "Signature Failure\n");
 			ERR_print_errors(bio_err);
diff --git a/apps/timeouts.h b/apps/timeouts.h
new file mode 100644
index 0000000000..89b5dc76f6
--- /dev/null
+++ b/apps/timeouts.h
@@ -0,0 +1,67 @@
+/* apps/timeouts.h */
+/* 
+ * DTLS implementation written by Nagendra Modadugu
+ * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.  
+ */
+/* ====================================================================
+ * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef INCLUDED_TIMEOUTS_H
+#define INCLUDED_TIMEOUTS_H
+
+/* numbers in us */
+#define DGRAM_RCV_TIMEOUT         250000
+#define DGRAM_SND_TIMEOUT         250000
+
+#endif /* ! INCLUDED_TIMEOUTS_H */
diff --git a/apps/ts.c b/apps/ts.c
new file mode 100644
index 0000000000..5fa9f7fda0
--- /dev/null
+++ b/apps/ts.c
@@ -0,0 +1,1147 @@
+/* apps/ts.c */
+/* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL
+ * project 2002.
+ */
+/* ====================================================================
+ * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "apps.h"
+#include <openssl/bio.h>
+#include <openssl/err.h>
+#include <openssl/pem.h>
+#include <openssl/rand.h>
+#include <openssl/ts.h>
+#include <openssl/bn.h>
+
+#undef PROG
+#define PROG	ts_main
+
+/* Length of the nonce of the request in bits (must be a multiple of 8). */
+#define	NONCE_LENGTH		64
+
+/* Macro definitions for the configuration file. */
+#define	ENV_OID_FILE		"oid_file"
+
+/* Local function declarations. */
+
+static ASN1_OBJECT *txt2obj(const char *oid);
+static CONF *load_config_file(const char *configfile);
+
+/* Query related functions. */
+static int query_command(const char *data, char *digest,
+			 const EVP_MD *md, const char *policy, int no_nonce, 
+			 int cert, const char *in, const char *out, int text);
+static BIO *BIO_open_with_default(const char *file, const char *mode, 
+				  FILE *default_fp);
+static TS_REQ *create_query(BIO *data_bio, char *digest, const EVP_MD *md,
+			    const char *policy, int no_nonce, int cert);
+static int create_digest(BIO *input, char *digest,
+			 const EVP_MD *md, unsigned char **md_value);
+static ASN1_INTEGER *create_nonce(int bits);
+
+/* Reply related functions. */
+static int reply_command(CONF *conf, char *section, char *engine, 
+			 char *queryfile, char *passin, char *inkey, 
+			 char *signer, char *chain, const char *policy, 
+			 char *in, int token_in, char *out, int token_out,
+			 int text);
+static TS_RESP *read_PKCS7(BIO *in_bio);
+static TS_RESP *create_response(CONF *conf, const char *section, char *engine,
+				char *queryfile, char *passin, char *inkey,
+				char *signer, char *chain, const char *policy);
+static ASN1_INTEGER * MS_CALLBACK serial_cb(TS_RESP_CTX *ctx, void *data);
+static ASN1_INTEGER *next_serial(const char *serialfile);
+static int save_ts_serial(const char *serialfile, ASN1_INTEGER *serial);
+
+/* Verify related functions. */
+static int verify_command(char *data, char *digest, char *queryfile,
+			  char *in, int token_in,
+			  char *ca_path, char *ca_file, char *untrusted);
+static TS_VERIFY_CTX *create_verify_ctx(char *data, char *digest, 
+					char *queryfile, 
+					char *ca_path, char *ca_file,
+					char *untrusted);
+static X509_STORE *create_cert_store(char *ca_path, char *ca_file);
+static int MS_CALLBACK verify_cb(int ok, X509_STORE_CTX *ctx);
+
+/* Main function definition. */
+int MAIN(int, char **);
+
+int MAIN(int argc, char **argv)
+	{
+	int ret = 1;
+	char *configfile = NULL;
+	char *section = NULL;
+	CONF *conf = NULL;
+	enum mode {
+	CMD_NONE, CMD_QUERY, CMD_REPLY, CMD_VERIFY 
+	} mode = CMD_NONE;
+	char *data = NULL;
+	char *digest = NULL;
+	const EVP_MD *md = NULL;
+	char *rnd = NULL;
+	char *policy = NULL;
+	int no_nonce = 0;
+	int cert = 0;
+	char *in = NULL;
+	char *out = NULL;
+	int text = 0;
+	char *queryfile = NULL;
+	char *passin = NULL;	/* Password source. */
+	char *password =NULL;	/* Password itself. */
+	char *inkey = NULL;
+	char *signer = NULL;
+	char *chain = NULL;
+	char *ca_path = NULL;
+	char *ca_file = NULL;
+	char *untrusted = NULL;
+	char *engine = NULL;
+	/* Input is ContentInfo instead of TimeStampResp. */
+	int token_in = 0;	
+	/* Output is ContentInfo instead of TimeStampResp. */
+	int token_out = 0;
+	int free_bio_err = 0;
+
+	ERR_load_crypto_strings();
+	apps_startup();
+
+	if (bio_err == NULL && (bio_err = BIO_new(BIO_s_file())) != NULL)
+		{
+		free_bio_err = 1;
+		BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
+		}
+
+	if (!load_config(bio_err, NULL))
+		goto cleanup;
+
+	for (argc--, argv++; argc > 0; argc--, argv++)
+		{
+		if (strcmp(*argv, "-config") == 0)
+			{
+			if (argc-- < 1) goto usage;
+			configfile = *++argv;
+			}
+		else if (strcmp(*argv, "-section") == 0)
+			{
+			if (argc-- < 1) goto usage;
+			section = *++argv;
+			}
+		else if (strcmp(*argv, "-query") == 0)
+			{
+			if (mode != CMD_NONE) goto usage;
+			mode = CMD_QUERY;
+			}
+		else if (strcmp(*argv, "-data") == 0)
+			{
+			if (argc-- < 1) goto usage;
+			data = *++argv;
+			}
+		else if (strcmp(*argv, "-digest") == 0)
+			{
+			if (argc-- < 1) goto usage;
+			digest = *++argv;
+			}
+		else if (strcmp(*argv, "-rand") == 0)
+			{
+			if (argc-- < 1) goto usage;
+			rnd = *++argv;
+			}
+		else if (strcmp(*argv, "-policy") == 0)
+			{
+			if (argc-- < 1) goto usage;
+			policy = *++argv;
+			}
+		else if (strcmp(*argv, "-no_nonce") == 0)
+			{
+			no_nonce = 1;
+			}
+		else if (strcmp(*argv, "-cert") == 0)
+			{
+			cert = 1;
+			}
+		else if (strcmp(*argv, "-in") == 0)
+			{
+			if (argc-- < 1) goto usage;
+			in = *++argv;
+			}
+		else if (strcmp(*argv, "-token_in") == 0)
+			{
+			token_in = 1;
+			}
+		else if (strcmp(*argv, "-out") == 0)
+			{
+			if (argc-- < 1) goto usage;
+			out = *++argv;
+			}
+		else if (strcmp(*argv, "-token_out") == 0)
+			{
+			token_out = 1;
+			}
+		else if (strcmp(*argv, "-text") == 0)
+			{
+			text = 1;
+			}
+		else if (strcmp(*argv, "-reply") == 0)
+			{
+			if (mode != CMD_NONE) goto usage;
+			mode = CMD_REPLY;
+			}
+		else if (strcmp(*argv, "-queryfile") == 0)
+			{
+			if (argc-- < 1) goto usage;
+			queryfile = *++argv;
+			}
+		else if (strcmp(*argv, "-passin") == 0)
+			{
+			if (argc-- < 1) goto usage;
+			passin = *++argv;
+			}
+		else if (strcmp(*argv, "-inkey") == 0)
+			{
+			if (argc-- < 1) goto usage;
+			inkey = *++argv;
+			}
+		else if (strcmp(*argv, "-signer") == 0)
+			{
+			if (argc-- < 1) goto usage;
+			signer = *++argv;
+			}
+		else if (strcmp(*argv, "-chain") == 0)
+			{
+			if (argc-- < 1) goto usage;
+			chain = *++argv;
+			}
+		else if (strcmp(*argv, "-verify") == 0)
+			{
+			if (mode != CMD_NONE) goto usage;
+			mode = CMD_VERIFY;
+			}
+		else if (strcmp(*argv, "-CApath") == 0)
+			{
+			if (argc-- < 1) goto usage;
+			ca_path = *++argv;
+			}
+		else if (strcmp(*argv, "-CAfile") == 0)
+			{
+			if (argc-- < 1) goto usage;
+			ca_file = *++argv;
+			}
+		else if (strcmp(*argv, "-untrusted") == 0)
+			{
+			if (argc-- < 1) goto usage;
+			untrusted = *++argv;
+			}
+		else if (strcmp(*argv, "-engine") == 0)
+			{
+			if (argc-- < 1) goto usage;
+			engine = *++argv;
+			}
+		else if ((md = EVP_get_digestbyname(*argv + 1)) != NULL)
+			{
+			/* empty. */
+			}
+		else
+			goto usage;
+		}
+	
+	/* Seed the random number generator if it is going to be used. */
+	if (mode == CMD_QUERY && !no_nonce)
+		{
+		if (!app_RAND_load_file(NULL, bio_err, 1) && rnd == NULL)
+			BIO_printf(bio_err, "warning, not much extra random "
+				   "data, consider using the -rand option\n");
+		if (rnd != NULL)
+			BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
+				   app_RAND_load_files(rnd));
+		}
+
+	/* Get the password if required. */
+	if(mode == CMD_REPLY && passin &&
+	   !app_passwd(bio_err, passin, NULL, &password, NULL))
+		{
+		BIO_printf(bio_err,"Error getting password.\n");
+		goto cleanup;
+		}
+
+	/* Check consistency of parameters and execute 
+	   the appropriate function. */
+	switch (mode)
+		{
+	case CMD_NONE:
+		goto usage;
+	case CMD_QUERY:
+		/* Data file and message imprint cannot be specified
+		   at the same time. */
+		ret = data != NULL && digest != NULL;
+		if (ret) goto usage;
+		/* Load the config file for possible policy OIDs. */
+		conf = load_config_file(configfile);
+		ret = !query_command(data, digest, md, policy, no_nonce, cert,
+				     in, out, text);
+		break;
+	case CMD_REPLY:
+		conf = load_config_file(configfile);
+		if (in == NULL)
+			{
+			ret = !(queryfile != NULL && conf != NULL && !token_in);
+			if (ret) goto usage;
+			}
+		else
+			{
+			/* 'in' and 'queryfile' are exclusive. */
+			ret = !(queryfile == NULL);
+			if (ret) goto usage;
+			}
+
+		ret = !reply_command(conf, section, engine, queryfile, 
+				     password, inkey, signer, chain, policy, 
+				     in, token_in, out, token_out, text);
+		break;
+	case CMD_VERIFY:
+		ret = !(((queryfile && !data && !digest)
+			 || (!queryfile && data && !digest)
+			 || (!queryfile && !data && digest))
+			&& in != NULL);
+		if (ret) goto usage;
+
+		ret = !verify_command(data, digest, queryfile, in, token_in,
+				      ca_path, ca_file, untrusted);
+		}
+
+	goto cleanup;
+
+ usage:
+	BIO_printf(bio_err, "usage:\n"
+		   "ts -query [-rand file%cfile%c...] [-config configfile] "
+		   "[-data file_to_hash] [-digest digest_bytes]"
+		   "[-md2|-md4|-md5|-sha|-sha1|-mdc2|-ripemd160] "
+		   "[-policy object_id] [-no_nonce] [-cert] "
+		   "[-in request.tsq] [-out request.tsq] [-text]\n",
+		   LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
+	BIO_printf(bio_err, "or\n"
+		   "ts -reply [-config configfile] [-section tsa_section] "
+		   "[-queryfile request.tsq] [-passin password] "
+		   "[-signer tsa_cert.pem] [-inkey private_key.pem] "
+		   "[-chain certs_file.pem] [-policy object_id] "
+		   "[-in response.tsr] [-token_in] "
+		   "[-out response.tsr] [-token_out] [-text] [-engine id]\n");
+	BIO_printf(bio_err, "or\n"
+		   "ts -verify [-data file_to_hash] [-digest digest_bytes] "
+		   "[-queryfile request.tsq] "
+		   "-in response.tsr [-token_in] "
+		   "-CApath ca_path -CAfile ca_file.pem "
+		   "-untrusted cert_file.pem\n");
+ cleanup:
+	/* Clean up. */
+	app_RAND_write_file(NULL, bio_err);
+	NCONF_free(conf);
+	OPENSSL_free(password);
+	OBJ_cleanup();
+	if (free_bio_err)
+		{
+		BIO_free_all(bio_err);
+		bio_err = NULL;
+		}
+
+	OPENSSL_EXIT(ret);
+	}
+
+/*
+ * Configuration file-related function definitions.
+ */
+
+static ASN1_OBJECT *txt2obj(const char *oid)
+	{
+	ASN1_OBJECT *oid_obj = NULL;
+
+	if (!(oid_obj = OBJ_txt2obj(oid, 0)))
+		BIO_printf(bio_err, "cannot convert %s to OID\n", oid);
+
+	return oid_obj;
+	}
+
+static CONF *load_config_file(const char *configfile)
+	{
+	CONF *conf = NULL;
+	long errorline = -1;
+
+	if (!configfile) configfile = getenv("OPENSSL_CONF");
+	if (!configfile) configfile = getenv("SSLEAY_CONF");
+
+	if (configfile &&
+	    (!(conf = NCONF_new(NULL)) ||
+	     NCONF_load(conf, configfile, &errorline) <= 0))
+		{
+		if (errorline <= 0)
+			BIO_printf(bio_err, "error loading the config file "
+				   "'%s'\n", configfile);
+		else
+			BIO_printf(bio_err, "error on line %ld of config file "
+				   "'%s'\n", errorline, configfile);
+		}
+
+	if (conf != NULL)
+		{
+		const char *p;
+
+		BIO_printf(bio_err,"Using configuration from %s\n", configfile);
+		p = NCONF_get_string(conf, NULL, ENV_OID_FILE);
+		if (p != NULL)
+			{
+			BIO *oid_bio = BIO_new_file(p, "r");
+			if (!oid_bio) 
+				ERR_print_errors(bio_err);
+			else
+				{
+				OBJ_create_objects(oid_bio);
+				BIO_free_all(oid_bio);
+				}
+			}
+		else
+			ERR_clear_error();
+		if(!add_oid_section(bio_err, conf)) 
+			ERR_print_errors(bio_err);
+		}
+	return conf;
+	}
+
+/*
+ * Query-related method definitions.
+ */
+
+static int query_command(const char *data, char *digest, const EVP_MD *md,
+			 const char *policy, int no_nonce, 
+			 int cert, const char *in, const char *out, int text)
+	{
+	int ret = 0;
+	TS_REQ *query = NULL;
+	BIO *in_bio = NULL;
+	BIO *data_bio = NULL;
+	BIO *out_bio = NULL;
+
+	/* Build query object either from file or from scratch. */
+	if (in != NULL)
+		{
+		if ((in_bio = BIO_new_file(in, "rb")) == NULL) goto end;
+		query = d2i_TS_REQ_bio(in_bio, NULL);
+		}
+	else
+		{
+		/* Open the file if no explicit digest bytes were specified. */
+		if (!digest 
+		    && !(data_bio = BIO_open_with_default(data, "rb", stdin)))
+			goto end;
+		/* Creating the query object. */
+		query = create_query(data_bio, digest, md,
+				     policy, no_nonce, cert);
+		/* Saving the random number generator state. */
+		}
+	if (query == NULL) goto end;
+
+	/* Write query either in ASN.1 or in text format. */
+	if ((out_bio = BIO_open_with_default(out, "wb", stdout)) == NULL)
+		goto end;
+	if (text)
+		{
+		/* Text output. */
+		if (!TS_REQ_print_bio(out_bio, query))
+			goto end;
+		}
+	else
+		{
+		/* ASN.1 output. */
+		if (!i2d_TS_REQ_bio(out_bio, query))
+			goto end;
+		}
+
+	ret = 1;
+
+ end:
+	ERR_print_errors(bio_err);
+
+	/* Clean up. */
+	BIO_free_all(in_bio);
+	BIO_free_all(data_bio);
+	BIO_free_all(out_bio);
+	TS_REQ_free(query);
+
+	return ret;
+	}
+
+static BIO *BIO_open_with_default(const char *file, const char *mode, 
+				  FILE *default_fp)
+	{
+	return file == NULL ? 
+		BIO_new_fp(default_fp, BIO_NOCLOSE) 
+		: BIO_new_file(file, mode);
+	}
+
+static TS_REQ *create_query(BIO *data_bio, char *digest, const EVP_MD *md,
+			    const char *policy, int no_nonce, int cert)
+	{
+	int ret = 0;
+	TS_REQ *ts_req = NULL;
+	int len;
+	TS_MSG_IMPRINT *msg_imprint = NULL;
+	X509_ALGOR *algo = NULL;
+	unsigned char *data = NULL;
+	ASN1_OBJECT *policy_obj = NULL;
+	ASN1_INTEGER *nonce_asn1 = NULL;
+
+	/* Setting default message digest. */
+	if (!md && !(md = EVP_get_digestbyname("sha1"))) goto err;
+
+	/* Creating request object. */
+	if (!(ts_req = TS_REQ_new())) goto err;
+
+	/* Setting version. */
+	if (!TS_REQ_set_version(ts_req, 1)) goto err;
+
+	/* Creating and adding MSG_IMPRINT object. */
+	if (!(msg_imprint = TS_MSG_IMPRINT_new())) goto err;
+
+	/* Adding algorithm. */
+	if (!(algo = X509_ALGOR_new())) goto err;
+	if (!(algo->algorithm = OBJ_nid2obj(EVP_MD_type(md)))) goto err;
+	if (!(algo->parameter = ASN1_TYPE_new())) goto err;
+	algo->parameter->type = V_ASN1_NULL;
+	if (!TS_MSG_IMPRINT_set_algo(msg_imprint, algo)) goto err;
+
+	/* Adding message digest. */
+	if ((len = create_digest(data_bio, digest, md, &data)) == 0)
+		goto err;
+	if (!TS_MSG_IMPRINT_set_msg(msg_imprint, data, len)) goto err;
+
+	if (!TS_REQ_set_msg_imprint(ts_req, msg_imprint)) goto err;
+	
+	/* Setting policy if requested. */
+	if (policy && !(policy_obj = txt2obj(policy))) goto err;
+	if (policy_obj && !TS_REQ_set_policy_id(ts_req, policy_obj)) goto err;
+
+	/* Setting nonce if requested. */
+	if (!no_nonce && !(nonce_asn1 = create_nonce(NONCE_LENGTH))) goto err;
+	if (nonce_asn1 && !TS_REQ_set_nonce(ts_req, nonce_asn1)) goto err;
+
+	/* Setting certificate request flag if requested. */
+	if (!TS_REQ_set_cert_req(ts_req, cert)) goto err;
+
+	ret = 1;
+ err:
+	if (!ret)
+		{
+		TS_REQ_free(ts_req);
+		ts_req = NULL;
+		BIO_printf(bio_err, "could not create query\n");
+		}
+	TS_MSG_IMPRINT_free(msg_imprint);
+	X509_ALGOR_free(algo);
+	OPENSSL_free(data);
+	ASN1_OBJECT_free(policy_obj);
+	ASN1_INTEGER_free(nonce_asn1);
+	return ts_req;
+	}
+
+static int create_digest(BIO *input, char *digest, const EVP_MD *md,
+			 unsigned char **md_value)
+	{
+	int md_value_len;
+
+	md_value_len = EVP_MD_size(md);
+	if (md_value_len < 0)
+	    goto err;
+	if (input)
+		{
+		/* Digest must be computed from an input file. */
+		EVP_MD_CTX md_ctx;
+		unsigned char buffer[4096];
+		int length;
+
+		*md_value = OPENSSL_malloc(md_value_len);
+		if (*md_value == 0) goto err;
+
+		EVP_DigestInit(&md_ctx, md);
+		while ((length = BIO_read(input, buffer, sizeof(buffer))) > 0)
+			{
+			EVP_DigestUpdate(&md_ctx, buffer, length);
+			}
+		EVP_DigestFinal(&md_ctx, *md_value, NULL);
+		}
+	else
+		{
+		/* Digest bytes are specified with digest. */
+		long digest_len;
+		*md_value = string_to_hex(digest, &digest_len);
+		if (!*md_value || md_value_len != digest_len)
+			{
+			OPENSSL_free(*md_value);
+			*md_value = NULL;
+			BIO_printf(bio_err, "bad digest, %d bytes "
+				   "must be specified\n", md_value_len);
+			goto err;
+			}
+		}
+
+	return md_value_len;
+ err:
+	return 0;
+	}
+
+static ASN1_INTEGER *create_nonce(int bits)
+	{
+	unsigned char buf[20];
+	ASN1_INTEGER *nonce = NULL;
+	int len = (bits - 1) / 8 + 1;
+	int i;
+
+	/* Generating random byte sequence. */
+	if (len > (int)sizeof(buf)) goto err;
+	if (RAND_bytes(buf, len) <= 0) goto err;
+
+	/* Find the first non-zero byte and creating ASN1_INTEGER object. */
+	for (i = 0; i < len && !buf[i]; ++i);
+	if (!(nonce = ASN1_INTEGER_new())) goto err;
+	OPENSSL_free(nonce->data);
+	/* Allocate at least one byte. */
+	nonce->length = len - i;
+	if (!(nonce->data = OPENSSL_malloc(nonce->length + 1))) goto err;
+	memcpy(nonce->data, buf + i, nonce->length);
+
+	return nonce;
+ err:
+	BIO_printf(bio_err, "could not create nonce\n");
+	ASN1_INTEGER_free(nonce);
+	return NULL;
+	}
+/*
+ * Reply-related method definitions.
+ */
+
+static int reply_command(CONF *conf, char *section, char *engine, 
+			 char *queryfile, char *passin, char *inkey,
+			 char *signer, char *chain, const char *policy, 
+			 char *in, int token_in,
+			 char *out, int token_out, int text)
+	{
+	int ret = 0;
+	TS_RESP *response = NULL;
+	BIO *in_bio = NULL;
+	BIO *query_bio = NULL;
+	BIO *inkey_bio = NULL;
+	BIO *signer_bio = NULL;
+	BIO *out_bio = NULL;
+
+	/* Build response object either from response or query. */
+	if (in != NULL)
+		{
+		if ((in_bio = BIO_new_file(in, "rb")) == NULL) goto end;
+		if (token_in)
+			{
+			/* We have a ContentInfo (PKCS7) object, add
+			   'granted' status info around it. */
+			response = read_PKCS7(in_bio);
+			}
+		else
+			{
+			/* We have a ready-made TS_RESP object. */
+			response = d2i_TS_RESP_bio(in_bio, NULL);
+			}
+		}
+	else
+		{
+		response = create_response(conf, section, engine, queryfile,
+					   passin, inkey, signer, chain,
+					   policy);
+		if (response)
+			BIO_printf(bio_err, "Response has been generated.\n");
+		else
+			BIO_printf(bio_err, "Response is not generated.\n");
+		}
+	if (response == NULL) goto end;
+
+	/* Write response either in ASN.1 or text format. */
+	if ((out_bio = BIO_open_with_default(out, "wb", stdout)) == NULL)
+		goto end;
+	if (text)
+		{
+		/* Text output. */
+		if (token_out)
+			{
+			TS_TST_INFO *tst_info = TS_RESP_get_tst_info(response);
+			if (!TS_TST_INFO_print_bio(out_bio, tst_info)) goto end;
+			}
+		else
+			{
+			if (!TS_RESP_print_bio(out_bio, response)) goto end;
+			}
+		}
+	else
+		{
+		/* ASN.1 DER output. */
+		if (token_out)
+			{
+			PKCS7 *token = TS_RESP_get_token(response);
+			if (!i2d_PKCS7_bio(out_bio, token)) goto end;
+			}
+		else
+			{
+			if (!i2d_TS_RESP_bio(out_bio, response)) goto end;
+			}
+		}
+
+	ret = 1;
+
+ end:
+	ERR_print_errors(bio_err);
+
+	/* Clean up. */
+	BIO_free_all(in_bio);
+	BIO_free_all(query_bio);
+	BIO_free_all(inkey_bio);
+	BIO_free_all(signer_bio);
+	BIO_free_all(out_bio);
+	TS_RESP_free(response);
+
+	return ret;
+	}
+
+/* Reads a PKCS7 token and adds default 'granted' status info to it. */
+static TS_RESP *read_PKCS7(BIO *in_bio)
+	{
+	int ret = 0;
+	PKCS7 *token = NULL;
+	TS_TST_INFO *tst_info = NULL;
+	TS_RESP *resp = NULL;
+	TS_STATUS_INFO *si = NULL;
+
+	/* Read PKCS7 object and extract the signed time stamp info. */
+	if (!(token = d2i_PKCS7_bio(in_bio, NULL))) goto end;
+	if (!(tst_info = PKCS7_to_TS_TST_INFO(token))) goto end;
+
+	/* Creating response object. */
+	if (!(resp = TS_RESP_new())) goto end;
+
+	/* Create granted status info. */
+	if (!(si = TS_STATUS_INFO_new())) goto end;
+	if (!(ASN1_INTEGER_set(si->status, TS_STATUS_GRANTED))) goto end;
+	if (!TS_RESP_set_status_info(resp, si)) goto end;
+
+	/* Setting encapsulated token. */
+	TS_RESP_set_tst_info(resp, token, tst_info);
+	token = NULL;		/* Ownership is lost. */
+	tst_info = NULL;	/* Ownership is lost. */
+
+	ret = 1;
+ end:
+	PKCS7_free(token);
+	TS_TST_INFO_free(tst_info);
+	if (!ret)
+		{
+		TS_RESP_free(resp);
+		resp = NULL;
+		}
+	TS_STATUS_INFO_free(si);
+	return resp;
+	}
+
+static TS_RESP *create_response(CONF *conf, const char *section, char *engine, 
+				char *queryfile, char *passin, char *inkey,
+				char *signer, char *chain, const char *policy)
+	{
+	int ret = 0;
+	TS_RESP *response = NULL;
+	BIO *query_bio = NULL;
+	TS_RESP_CTX *resp_ctx = NULL;
+
+	if (!(query_bio = BIO_new_file(queryfile, "rb")))
+		goto end;
+
+	/* Getting TSA configuration section. */
+	if (!(section = TS_CONF_get_tsa_section(conf, section)))
+		goto end;
+
+	/* Setting up response generation context. */
+	if (!(resp_ctx = TS_RESP_CTX_new())) goto end;
+
+	/* Setting serial number provider callback. */
+	if (!TS_CONF_set_serial(conf, section, serial_cb, resp_ctx)) goto end;
+#ifndef OPENSSL_NO_ENGINE
+	/* Setting default OpenSSL engine. */
+	if (!TS_CONF_set_crypto_device(conf, section, engine)) goto end;
+#endif
+
+	/* Setting TSA signer certificate. */
+	if (!TS_CONF_set_signer_cert(conf, section, signer, resp_ctx)) goto end;
+
+	/* Setting TSA signer certificate chain. */
+	if (!TS_CONF_set_certs(conf, section, chain, resp_ctx)) goto end;
+
+	/* Setting TSA signer private key. */
+	if (!TS_CONF_set_signer_key(conf, section, inkey, passin, resp_ctx))
+		goto end;
+
+	/* Setting default policy OID. */
+	if (!TS_CONF_set_def_policy(conf, section, policy, resp_ctx)) goto end;
+
+	/* Setting acceptable policy OIDs. */
+	if (!TS_CONF_set_policies(conf, section, resp_ctx)) goto end;
+
+	/* Setting the acceptable one-way hash algorithms. */
+	if (!TS_CONF_set_digests(conf, section, resp_ctx)) goto end;
+
+	/* Setting guaranteed time stamp accuracy. */
+	if (!TS_CONF_set_accuracy(conf, section, resp_ctx)) goto end;
+
+	/* Setting the precision of the time. */
+	if (!TS_CONF_set_clock_precision_digits(conf, section, resp_ctx))
+		goto end;
+
+	/* Setting the ordering flaf if requested. */
+	if (!TS_CONF_set_ordering(conf, section, resp_ctx)) goto end;
+
+	/* Setting the TSA name required flag if requested. */
+	if (!TS_CONF_set_tsa_name(conf, section, resp_ctx)) goto end;
+
+	/* Setting the ESS cert id chain flag if requested. */
+	if (!TS_CONF_set_ess_cert_id_chain(conf, section, resp_ctx)) goto end;
+
+	/* Creating the response. */
+	if (!(response = TS_RESP_create_response(resp_ctx, query_bio)))
+		goto end;
+
+	ret = 1;
+ end:
+	if (!ret) 
+		{
+		TS_RESP_free(response);
+		response = NULL;
+		}
+	TS_RESP_CTX_free(resp_ctx);
+	BIO_free_all(query_bio);
+
+	return response;
+	}
+
+static ASN1_INTEGER * MS_CALLBACK serial_cb(TS_RESP_CTX *ctx, void *data)
+	{
+	const char *serial_file = (const char *) data;
+	ASN1_INTEGER *serial = next_serial(serial_file);
+
+	if (!serial)
+		{
+		TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION,
+					    "Error during serial number "
+					    "generation.");
+		TS_RESP_CTX_add_failure_info(ctx,
+					     TS_INFO_ADD_INFO_NOT_AVAILABLE);
+		}
+	else
+		save_ts_serial(serial_file, serial);
+
+	return serial;
+	}
+
+static ASN1_INTEGER *next_serial(const char *serialfile)
+	{
+	int ret = 0;
+	BIO *in = NULL;
+	ASN1_INTEGER *serial = NULL;
+	BIGNUM *bn = NULL;
+
+	if (!(serial = ASN1_INTEGER_new())) goto err;
+
+	if (!(in = BIO_new_file(serialfile, "r"))) 
+		{
+		ERR_clear_error();
+		BIO_printf(bio_err, "Warning: could not open file %s for "
+			   "reading, using serial number: 1\n", serialfile);
+		if (!ASN1_INTEGER_set(serial, 1)) goto err;
+		}
+	else
+		{
+		char buf[1024];
+		if (!a2i_ASN1_INTEGER(in, serial, buf, sizeof(buf)))
+			{
+			BIO_printf(bio_err, "unable to load number from %s\n",
+				   serialfile);
+			goto err;
+			}
+		if (!(bn = ASN1_INTEGER_to_BN(serial, NULL))) goto err;
+		ASN1_INTEGER_free(serial);
+		serial = NULL;
+		if (!BN_add_word(bn, 1)) goto err;
+		if (!(serial = BN_to_ASN1_INTEGER(bn, NULL))) goto err;
+		}
+	ret = 1;
+ err:
+	if (!ret)
+		{
+		ASN1_INTEGER_free(serial);
+		serial = NULL;
+		}
+	BIO_free_all(in);
+	BN_free(bn);
+	return serial;
+	}
+
+static int save_ts_serial(const char *serialfile, ASN1_INTEGER *serial)
+	{
+	int ret = 0;
+	BIO *out = NULL;
+
+	if (!(out = BIO_new_file(serialfile, "w"))) goto err;
+	if (i2a_ASN1_INTEGER(out, serial) <= 0) goto err;
+	if (BIO_puts(out, "\n") <= 0) goto err;
+	ret = 1;
+ err:
+	if (!ret)
+		BIO_printf(bio_err, "could not save serial number to %s\n",
+			   serialfile);
+	BIO_free_all(out);
+	return ret;
+	}
+
+/*
+ * Verify-related method definitions.
+ */
+
+static int verify_command(char *data, char *digest, char *queryfile,
+			  char *in, int token_in,
+			  char *ca_path, char *ca_file, char *untrusted)
+	{
+	BIO *in_bio = NULL;
+	PKCS7 *token = NULL;
+	TS_RESP *response = NULL;
+	TS_VERIFY_CTX *verify_ctx = NULL;
+	int ret = 0;
+
+	/* Decode the token (PKCS7) or response (TS_RESP) files. */
+	if (!(in_bio = BIO_new_file(in, "rb"))) goto end;
+	if (token_in)
+		{
+		if (!(token = d2i_PKCS7_bio(in_bio, NULL))) goto end;
+		}
+	else
+		{
+		if (!(response = d2i_TS_RESP_bio(in_bio, NULL))) goto end;
+		}
+
+	if (!(verify_ctx = create_verify_ctx(data, digest, queryfile, 
+					     ca_path, ca_file, untrusted)))
+		goto end;
+
+	/* Checking the token or response against the request. */
+	ret = token_in ?
+		TS_RESP_verify_token(verify_ctx, token) :
+		TS_RESP_verify_response(verify_ctx, response);
+
+ end:
+	printf("Verification: ");
+	if (ret)
+		printf("OK\n");
+	else
+		{
+		printf("FAILED\n");
+		/* Print errors, if there are any. */
+		ERR_print_errors(bio_err);
+		}
+	
+	/* Clean up. */
+	BIO_free_all(in_bio);
+	PKCS7_free(token);
+	TS_RESP_free(response);
+	TS_VERIFY_CTX_free(verify_ctx);
+	return ret;
+	}
+
+static TS_VERIFY_CTX *create_verify_ctx(char *data, char *digest, 
+					char *queryfile, 
+					char *ca_path, char *ca_file,
+					char *untrusted)
+	{
+	TS_VERIFY_CTX *ctx = NULL;
+	BIO *input = NULL;
+	TS_REQ *request = NULL;
+	int ret = 0;
+
+	if (data != NULL || digest != NULL)
+		{
+		if (!(ctx = TS_VERIFY_CTX_new())) goto err;
+		ctx->flags = TS_VFY_VERSION | TS_VFY_SIGNER;
+		if (data != NULL)
+			{
+			ctx->flags |= TS_VFY_DATA;
+			if (!(ctx->data = BIO_new_file(data, "rb"))) goto err;
+			}
+		else if (digest != NULL)
+			{
+			long imprint_len;
+			ctx->flags |= TS_VFY_IMPRINT;
+			if (!(ctx->imprint = string_to_hex(digest,
+							   &imprint_len)))
+				{
+				BIO_printf(bio_err, "invalid digest string\n");
+				goto err;
+				}
+			ctx->imprint_len = imprint_len;
+			}
+		
+		}
+	else if (queryfile != NULL)
+		{
+		/* The request has just to be read, decoded and converted to
+		   a verify context object. */
+		if (!(input = BIO_new_file(queryfile, "rb"))) goto err;
+		if (!(request = d2i_TS_REQ_bio(input, NULL))) goto err;
+		if (!(ctx = TS_REQ_to_TS_VERIFY_CTX(request, NULL))) goto err;
+		}
+	else
+		return NULL;
+
+	/* Add the signature verification flag and arguments. */
+	ctx->flags |= TS_VFY_SIGNATURE;
+
+	/* Initialising the X509_STORE object. */
+	if (!(ctx->store = create_cert_store(ca_path, ca_file))) goto err;
+
+	/* Loading untrusted certificates. */
+	if (untrusted && !(ctx->certs = TS_CONF_load_certs(untrusted))) 
+		goto err;
+
+	ret = 1;
+ err:
+	if (!ret)
+		{
+		TS_VERIFY_CTX_free(ctx);
+		ctx = NULL;
+		}
+	BIO_free_all(input);
+	TS_REQ_free(request);
+	return ctx;
+	}
+
+static X509_STORE *create_cert_store(char *ca_path, char *ca_file)
+	{
+	X509_STORE *cert_ctx = NULL;
+	X509_LOOKUP *lookup = NULL;
+	int i;
+
+	/* Creating the X509_STORE object. */
+	cert_ctx = X509_STORE_new();
+
+	/* Setting the callback for certificate chain verification. */
+	X509_STORE_set_verify_cb(cert_ctx, verify_cb);
+
+	/* Adding a trusted certificate directory source. */
+	if (ca_path)
+		{
+		lookup = X509_STORE_add_lookup(cert_ctx,
+					       X509_LOOKUP_hash_dir());
+		if (lookup == NULL)
+			{
+			BIO_printf(bio_err, "memory allocation failure\n");
+			goto err;
+			}
+		i = X509_LOOKUP_add_dir(lookup, ca_path, X509_FILETYPE_PEM);
+		if (!i)
+			{
+			BIO_printf(bio_err, "Error loading directory %s\n",
+				   ca_path);
+			goto err;
+			}
+		}
+
+	/* Adding a trusted certificate file source. */
+	if (ca_file)
+		{
+		lookup = X509_STORE_add_lookup(cert_ctx, X509_LOOKUP_file());
+		if (lookup == NULL)
+			{
+			BIO_printf(bio_err, "memory allocation failure\n");
+			goto err;
+			}
+		i = X509_LOOKUP_load_file(lookup, ca_file, X509_FILETYPE_PEM);
+		if (!i)
+			{
+			BIO_printf(bio_err, "Error loading file %s\n", ca_file);
+			goto err;
+			}
+		}
+
+	return cert_ctx;
+ err:
+	X509_STORE_free(cert_ctx);
+	return NULL;
+	}
+
+static int MS_CALLBACK verify_cb(int ok, X509_STORE_CTX *ctx)
+	{
+	/*
+	char buf[256];
+
+	if (!ok)
+		{
+		X509_NAME_oneline(X509_get_subject_name(ctx->current_cert),
+				  buf, sizeof(buf));
+		printf("%s\n", buf);
+		printf("error %d at %d depth lookup: %s\n",
+		       ctx->error, ctx->error_depth,
+			X509_verify_cert_error_string(ctx->error));
+		}
+	*/
+
+	return ok;
+	}
diff --git a/apps/tsget b/apps/tsget
new file mode 100644
index 0000000000..52436811a9
--- /dev/null
+++ b/apps/tsget
@@ -0,0 +1,196 @@
+#!/usr/bin/perl -w
+# Written by Zoltan Glozik <zglozik@stones.com>.
+# Copyright (c) 2002 The OpenTSA Project.  All rights reserved.
+$::version = '$Id: tsget,v 1.3.2.2 2010/01/27 11:14:31 levitte Exp $';
+
+use strict;
+use IO::Handle;
+use Getopt::Std;
+use File::Basename;
+use WWW::Curl::Easy;
+
+use vars qw(%options);
+
+# Callback for reading the body.
+sub read_body {
+    my ($maxlength, $state) = @_;
+    my $return_data = "";
+    my $data_len = length ${$state->{data}};
+    if ($state->{bytes} < $data_len) {
+	$data_len = $data_len - $state->{bytes};
+	$data_len = $maxlength if $data_len > $maxlength;
+	$return_data = substr ${$state->{data}}, $state->{bytes}, $data_len;
+	$state->{bytes} += $data_len;
+    }
+    return $return_data;
+}
+
+# Callback for writing the body into a variable.
+sub write_body {
+    my ($data, $pointer) = @_;
+    ${$pointer} .= $data;
+    return length($data);
+}
+
+# Initialise a new Curl object.
+sub create_curl {
+    my $url = shift;
+
+    # Create Curl object.
+    my $curl = WWW::Curl::Easy::new();
+
+    # Error-handling related options.
+    $curl->setopt(CURLOPT_VERBOSE, 1) if $options{d};
+    $curl->setopt(CURLOPT_FAILONERROR, 1);
+    $curl->setopt(CURLOPT_USERAGENT, "OpenTSA tsget.pl/" . (split / /, $::version)[2]);
+
+    # Options for POST method.
+    $curl->setopt(CURLOPT_UPLOAD, 1);
+    $curl->setopt(CURLOPT_CUSTOMREQUEST, "POST");
+    $curl->setopt(CURLOPT_HTTPHEADER,
+		["Content-Type: application/timestamp-query",
+		"Accept: application/timestamp-reply,application/timestamp-response"]);
+    $curl->setopt(CURLOPT_READFUNCTION, \&read_body);
+    $curl->setopt(CURLOPT_HEADERFUNCTION, sub { return length($_[0]); });
+
+    # Options for getting the result.
+    $curl->setopt(CURLOPT_WRITEFUNCTION, \&write_body);
+
+    # SSL related options.
+    $curl->setopt(CURLOPT_SSLKEYTYPE, "PEM");
+    $curl->setopt(CURLOPT_SSL_VERIFYPEER, 1);	# Verify server's certificate.
+    $curl->setopt(CURLOPT_SSL_VERIFYHOST, 2);	# Check server's CN.
+    $curl->setopt(CURLOPT_SSLKEY, $options{k}) if defined($options{k});
+    $curl->setopt(CURLOPT_SSLKEYPASSWD, $options{p}) if defined($options{p});
+    $curl->setopt(CURLOPT_SSLCERT, $options{c}) if defined($options{c});
+    $curl->setopt(CURLOPT_CAINFO, $options{C}) if defined($options{C});
+    $curl->setopt(CURLOPT_CAPATH, $options{P}) if defined($options{P});
+    $curl->setopt(CURLOPT_RANDOM_FILE, $options{r}) if defined($options{r});
+    $curl->setopt(CURLOPT_EGDSOCKET, $options{g}) if defined($options{g});
+
+    # Setting destination.
+    $curl->setopt(CURLOPT_URL, $url);
+
+    return $curl;
+}
+
+# Send a request and returns the body back.
+sub get_timestamp {
+    my $curl = shift;
+    my $body = shift;
+    my $ts_body;
+    local $::error_buf;
+
+    # Error-handling related options.
+    $curl->setopt(CURLOPT_ERRORBUFFER, "::error_buf");
+
+    # Options for POST method.
+    $curl->setopt(CURLOPT_INFILE, {data => $body, bytes => 0});
+    $curl->setopt(CURLOPT_INFILESIZE, length(${$body}));
+
+    # Options for getting the result.
+    $curl->setopt(CURLOPT_FILE, \$ts_body);
+
+    # Send the request...
+    my $error_code = $curl->perform();
+    my $error_string;
+    if ($error_code != 0) {
+        my $http_code = $curl->getinfo(CURLINFO_HTTP_CODE);
+	$error_string = "could not get timestamp";
+	$error_string .= ", http code: $http_code" unless $http_code == 0;
+	$error_string .= ", curl code: $error_code";
+	$error_string .= " ($::error_buf)" if defined($::error_buf);
+    } else {
+        my $ct = $curl->getinfo(CURLINFO_CONTENT_TYPE);
+	if (lc($ct) ne "application/timestamp-reply"
+	    && lc($ct) ne "application/timestamp-response") {
+	    $error_string = "unexpected content type returned: $ct";
+        }
+    }
+    return ($ts_body, $error_string);
+
+}
+
+# Print usage information and exists.
+sub usage {
+
+    print STDERR "usage: $0 -h <server_url> [-e <extension>] [-o <output>] ";
+    print STDERR "[-v] [-d] [-k <private_key.pem>] [-p <key_password>] ";
+    print STDERR "[-c <client_cert.pem>] [-C <CA_certs.pem>] [-P <CA_path>] ";
+    print STDERR "[-r <file:file...>] [-g <EGD_socket>] [<request>]...\n";
+    exit 1;
+}
+
+# ----------------------------------------------------------------------
+#   Main program
+# ----------------------------------------------------------------------
+
+# Getting command-line options (default comes from TSGET environment variable).
+my $getopt_arg =  "h:e:o:vdk:p:c:C:P:r:g:";
+if (exists $ENV{TSGET}) {
+    my @old_argv = @ARGV;
+    @ARGV = split /\s+/, $ENV{TSGET};
+    getopts($getopt_arg, \%options) or usage;
+    @ARGV = @old_argv;
+}
+getopts($getopt_arg, \%options) or usage;
+
+# Checking argument consistency.
+if (!exists($options{h}) || (@ARGV == 0 && !exists($options{o}))
+    || (@ARGV > 1 && exists($options{o}))) {
+    print STDERR "Inconsistent command line options.\n";
+    usage;
+}
+# Setting defaults.
+@ARGV = ("-") unless @ARGV != 0;
+$options{e} = ".tsr" unless defined($options{e});
+
+# Processing requests.
+my $curl = create_curl $options{h};
+undef $/;   # For reading whole files.
+REQUEST: foreach (@ARGV) {
+    my $input = $_;
+    my ($base, $path) = fileparse($input, '\.[^.]*');
+    my $output_base = $base . $options{e};
+    my $output = defined($options{o}) ? $options{o} : $path . $output_base;
+
+    STDERR->printflush("$input: ") if $options{v};
+    # Read request.
+    my $body;
+    if ($input eq "-") {
+	# Read the request from STDIN;
+	$body = <STDIN>;
+    } else {
+	# Read the request from file.
+        open INPUT, "<" . $input
+	    or warn("$input: could not open input file: $!\n"), next REQUEST;
+        $body = <INPUT>;
+        close INPUT
+	    or warn("$input: could not close input file: $!\n"), next REQUEST;
+    }
+
+    # Send request.
+    STDERR->printflush("sending request") if $options{v};
+
+    my ($ts_body, $error) = get_timestamp $curl, \$body;
+    if (defined($error)) {
+	die "$input: fatal error: $error\n";
+    }
+    STDERR->printflush(", reply received") if $options{v};
+
+    # Write response.
+    if ($output eq "-") {
+	# Write to STDOUT.
+        print $ts_body;
+    } else {
+	# Write to file.
+        open OUTPUT, ">", $output
+	    or warn("$output: could not open output file: $!\n"), next REQUEST;
+        print OUTPUT $ts_body;
+        close OUTPUT
+	    or warn("$output: could not close output file: $!\n"), next REQUEST;
+    }
+    STDERR->printflush(", $output written.\n") if $options{v};
+}
+$curl->cleanup();
+WWW::Curl::Easy::global_cleanup();
diff --git a/apps/verify.c b/apps/verify.c
index 9ff32cb068..9163997e93 100644
--- a/apps/verify.c
+++ b/apps/verify.c
@@ -70,8 +70,9 @@
 #define PROG	verify_main
 
 static int MS_CALLBACK cb(int ok, X509_STORE_CTX *ctx);
-static int check(X509_STORE *ctx, char *file, STACK_OF(X509) *uchain, STACK_OF(X509) *tchain, int purpose, ENGINE *e);
-static STACK_OF(X509) *load_untrusted(char *file);
+static int check(X509_STORE *ctx, char *file,
+		STACK_OF(X509) *uchain, STACK_OF(X509) *tchain,
+		STACK_OF(X509_CRL) *crls, ENGINE *e);
 static int v_verbose=0, vflags = 0;
 
 int MAIN(int, char **);
@@ -80,10 +81,10 @@ int MAIN(int argc, char **argv)
 	{
 	ENGINE *e = NULL;
 	int i,ret=1, badarg = 0;
-	int purpose = -1;
 	char *CApath=NULL,*CAfile=NULL;
-	char *untfile = NULL, *trustfile = NULL;
+	char *untfile = NULL, *trustfile = NULL, *crlfile = NULL;
 	STACK_OF(X509) *untrusted = NULL, *trusted = NULL;
+	STACK_OF(X509_CRL) *crls = NULL;
 	X509_STORE *cert_ctx=NULL;
 	X509_LOOKUP *lookup=NULL;
 	X509_VERIFY_PARAM *vpm = NULL;
@@ -93,7 +94,7 @@ int MAIN(int argc, char **argv)
 
 	cert_ctx=X509_STORE_new();
 	if (cert_ctx == NULL) goto end;
-	X509_STORE_set_verify_cb_func(cert_ctx,cb);
+	X509_STORE_set_verify_cb(cert_ctx,cb);
 
 	ERR_load_crypto_strings();
 
@@ -139,6 +140,11 @@ int MAIN(int argc, char **argv)
 				if (argc-- < 1) goto end;
 				trustfile= *(++argv);
 				}
+			else if (strcmp(*argv,"-CRLfile") == 0)
+				{
+				if (argc-- < 1) goto end;
+				crlfile= *(++argv);
+				}
 #ifndef OPENSSL_NO_ENGINE
 			else if (strcmp(*argv,"-engine") == 0)
 				{
@@ -192,26 +198,34 @@ int MAIN(int argc, char **argv)
 
 	ERR_clear_error();
 
-	if(untfile) {
-		if(!(untrusted = load_untrusted(untfile))) {
-			BIO_printf(bio_err, "Error loading untrusted file %s\n", untfile);
-			ERR_print_errors(bio_err);
+	if(untfile)
+		{
+		untrusted = load_certs(bio_err, untfile, FORMAT_PEM,
+					NULL, e, "untrusted certificates");
+		if(!untrusted)
 			goto end;
 		}
-	}
 
-	if(trustfile) {
-		if(!(trusted = load_untrusted(trustfile))) {
-			BIO_printf(bio_err, "Error loading untrusted file %s\n", trustfile);
-			ERR_print_errors(bio_err);
+	if(trustfile)
+		{
+		trusted = load_certs(bio_err, trustfile, FORMAT_PEM,
+					NULL, e, "trusted certificates");
+		if(!trusted)
 			goto end;
 		}
-	}
 
-	if (argc < 1) check(cert_ctx, NULL, untrusted, trusted, purpose, e);
+	if(crlfile)
+		{
+		crls = load_crls(bio_err, crlfile, FORMAT_PEM,
+					NULL, e, "other CRLs");
+		if(!crls)
+			goto end;
+		}
+
+	if (argc < 1) check(cert_ctx, NULL, untrusted, trusted, crls, e);
 	else
 		for (i=0; i<argc; i++)
-			check(cert_ctx,argv[i], untrusted, trusted, purpose, e);
+			check(cert_ctx,argv[i], untrusted, trusted, crls, e);
 	ret=0;
 end:
 	if (ret == 1) {
@@ -232,11 +246,14 @@ end:
 	if (cert_ctx != NULL) X509_STORE_free(cert_ctx);
 	sk_X509_pop_free(untrusted, X509_free);
 	sk_X509_pop_free(trusted, X509_free);
+	sk_X509_CRL_pop_free(crls, X509_CRL_free);
 	apps_shutdown();
 	OPENSSL_EXIT(ret);
 	}
 
-static int check(X509_STORE *ctx, char *file, STACK_OF(X509) *uchain, STACK_OF(X509) *tchain, int purpose, ENGINE *e)
+static int check(X509_STORE *ctx, char *file,
+		STACK_OF(X509) *uchain, STACK_OF(X509) *tchain,
+		STACK_OF(X509_CRL) *crls, ENGINE *e)
 	{
 	X509 *x=NULL;
 	int i=0,ret=0;
@@ -260,13 +277,14 @@ static int check(X509_STORE *ctx, char *file, STACK_OF(X509) *uchain, STACK_OF(X
 		goto end;
 		}
 	if(tchain) X509_STORE_CTX_trusted_stack(csc, tchain);
-	if(purpose >= 0) X509_STORE_CTX_set_purpose(csc, purpose);
+	if (crls)
+		X509_STORE_CTX_set0_crls(csc, crls);
 	i=X509_verify_cert(csc);
 	X509_STORE_CTX_free(csc);
 
 	ret=0;
 end:
-	if (i)
+	if (i > 0)
 		{
 		fprintf(stdout,"OK\n");
 		ret=1;
@@ -278,93 +296,55 @@ end:
 	return(ret);
 	}
 
-static STACK_OF(X509) *load_untrusted(char *certfile)
-{
-	STACK_OF(X509_INFO) *sk=NULL;
-	STACK_OF(X509) *stack=NULL, *ret=NULL;
-	BIO *in=NULL;
-	X509_INFO *xi;
-
-	if(!(stack = sk_X509_new_null())) {
-		BIO_printf(bio_err,"memory allocation failure\n");
-		goto end;
-	}
-
-	if(!(in=BIO_new_file(certfile, "r"))) {
-		BIO_printf(bio_err,"error opening the file, %s\n",certfile);
-		goto end;
-	}
-
-	/* This loads from a file, a stack of x509/crl/pkey sets */
-	if(!(sk=PEM_X509_INFO_read_bio(in,NULL,NULL,NULL))) {
-		BIO_printf(bio_err,"error reading the file, %s\n",certfile);
-		goto end;
-	}
-
-	/* scan over it and pull out the certs */
-	while (sk_X509_INFO_num(sk))
-		{
-		xi=sk_X509_INFO_shift(sk);
-		if (xi->x509 != NULL)
-			{
-			sk_X509_push(stack,xi->x509);
-			xi->x509=NULL;
-			}
-		X509_INFO_free(xi);
-		}
-	if(!sk_X509_num(stack)) {
-		BIO_printf(bio_err,"no certificates in file, %s\n",certfile);
-		sk_X509_free(stack);
-		goto end;
-	}
-	ret=stack;
-end:
-	BIO_free(in);
-	sk_X509_INFO_free(sk);
-	return(ret);
-	}
-
 static int MS_CALLBACK cb(int ok, X509_STORE_CTX *ctx)
 	{
-	char buf[256];
+	int cert_error = X509_STORE_CTX_get_error(ctx);
+	X509 *current_cert = X509_STORE_CTX_get_current_cert(ctx);
 
 	if (!ok)
 		{
-		if (ctx->current_cert)
+		if (current_cert)
 			{
-			X509_NAME_oneline(
-				X509_get_subject_name(ctx->current_cert),buf,
-				sizeof buf);
-			printf("%s\n",buf);
+			X509_NAME_print_ex_fp(stdout,
+				X509_get_subject_name(current_cert),
+				0, XN_FLAG_ONELINE);
+			printf("\n");
+			}
+		printf("%serror %d at %d depth lookup:%s\n",
+			X509_STORE_CTX_get0_parent_ctx(ctx) ? "[CRL path]" : "",
+			cert_error,
+			X509_STORE_CTX_get_error_depth(ctx),
+			X509_verify_cert_error_string(cert_error));
+		switch(cert_error)
+			{
+			case X509_V_ERR_NO_EXPLICIT_POLICY:
+				policies_print(NULL, ctx);
+			case X509_V_ERR_CERT_HAS_EXPIRED:
+
+			/* since we are just checking the certificates, it is
+			 * ok if they are self signed. But we should still warn
+			 * the user.
+			 */
+
+			case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
+			/* Continue after extension errors too */
+			case X509_V_ERR_INVALID_CA:
+			case X509_V_ERR_INVALID_NON_CA:
+			case X509_V_ERR_PATH_LENGTH_EXCEEDED:
+			case X509_V_ERR_INVALID_PURPOSE:
+			case X509_V_ERR_CRL_HAS_EXPIRED:
+			case X509_V_ERR_CRL_NOT_YET_VALID:
+			case X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION:
+			ok = 1;
+
 			}
-		printf("error %d at %d depth lookup:%s\n",ctx->error,
-			ctx->error_depth,
-			X509_verify_cert_error_string(ctx->error));
-		if (ctx->error == X509_V_ERR_CERT_HAS_EXPIRED) ok=1;
-		/* since we are just checking the certificates, it is
-		 * ok if they are self signed. But we should still warn
-		 * the user.
- 		 */
-		if (ctx->error == X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT) ok=1;
-		/* Continue after extension errors too */
-		if (ctx->error == X509_V_ERR_INVALID_CA) ok=1;
-		if (ctx->error == X509_V_ERR_INVALID_NON_CA) ok=1;
-		if (ctx->error == X509_V_ERR_PATH_LENGTH_EXCEEDED) ok=1;
-		if (ctx->error == X509_V_ERR_INVALID_PURPOSE) ok=1;
-		if (ctx->error == X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT) ok=1;
-		if (ctx->error == X509_V_ERR_CRL_HAS_EXPIRED) ok=1;
-		if (ctx->error == X509_V_ERR_CRL_NOT_YET_VALID) ok=1;
-		if (ctx->error == X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION) ok=1;
 
-		if (ctx->error == X509_V_ERR_NO_EXPLICIT_POLICY)
-			policies_print(NULL, ctx);
 		return ok;
 
 		}
-	if ((ctx->error == X509_V_OK) && (ok == 2))
+	if (cert_error == X509_V_OK && ok == 2)
 		policies_print(NULL, ctx);
 	if (!v_verbose)
 		ERR_clear_error();
 	return(ok);
 	}
-
diff --git a/apps/version.c b/apps/version.c
index 69ef3e1bad..e9555cbde2 100644
--- a/apps/version.c
+++ b/apps/version.c
@@ -167,7 +167,7 @@ int MAIN(int argc, char **argv)
 			date=version=cflags=options=platform=dir=1;
 		else
 			{
-			BIO_printf(bio_err,"usage:version -[avbofp]\n");
+			BIO_printf(bio_err,"usage:version -[avbofpd]\n");
 			ret=1;
 			goto end;
 			}
diff --git a/apps/x509.c b/apps/x509.c
index 294fc69573..e7e46d7b63 100644
--- a/apps/x509.c
+++ b/apps/x509.c
@@ -73,8 +73,12 @@
 #include <openssl/x509v3.h>
 #include <openssl/objects.h>
 #include <openssl/pem.h>
+#ifndef OPENSSL_NO_RSA
 #include <openssl/rsa.h>
+#endif
+#ifndef OPENSSL_NO_DSA
 #include <openssl/dsa.h>
+#endif
 
 #undef PROG
 #define PROG x509_main
@@ -83,7 +87,7 @@
 #define	POSTFIX	".srl"
 #define DEF_DAYS	30
 
-static char *x509_usage[]={
+static const char *x509_usage[]={
 "usage: x509 args\n",
 " -inform arg     - input format - default PEM (one of DER, NET or PEM)\n",
 " -outform arg    - output format - default PEM (one of DER, NET or PEM)\n",
@@ -95,7 +99,13 @@ static char *x509_usage[]={
 " -passin arg     - private key password source\n",
 " -serial         - print serial number value\n",
 " -subject_hash   - print subject hash value\n",
+#ifndef OPENSSL_NO_MD5
+" -subject_hash_old   - print old-style (MD5) subject hash value\n",
+#endif
 " -issuer_hash    - print issuer hash value\n",
+#ifndef OPENSSL_NO_MD5
+" -issuer_hash_old    - print old-style (MD5) issuer hash value\n",
+#endif
 " -hash           - synonym for -subject_hash\n",
 " -subject        - print subject DN\n",
 " -issuer         - print issuer DN\n",
@@ -110,6 +120,7 @@ static char *x509_usage[]={
 " -alias          - output certificate alias\n",
 " -noout          - no certificate output\n",
 " -ocspid         - print OCSP hash values for the subject name and public key\n",
+" -ocsp_uri       - print OCSP Responder URL(s)\n",
 " -trustout       - output a \"trusted\" certificate\n",
 " -clrtrust       - clear all trusted purposes\n",
 " -clrreject      - clear all rejected purposes\n",
@@ -174,17 +185,21 @@ int MAIN(int argc, char **argv)
 	int text=0,serial=0,subject=0,issuer=0,startdate=0,enddate=0;
 	int next_serial=0;
 	int subject_hash=0,issuer_hash=0,ocspid=0;
+#ifndef OPENSSL_NO_MD5
+	int subject_hash_old=0,issuer_hash_old=0;
+#endif
 	int noout=0,sign_flag=0,CA_flag=0,CA_createserial=0,email=0;
+	int ocsp_uri=0;
 	int trustout=0,clrtrust=0,clrreject=0,aliasout=0,clrext=0;
 	int C=0;
 	int x509req=0,days=DEF_DAYS,modulus=0,pubkey=0;
 	int pprint = 0;
-	char **pp;
+	const char **pp;
 	X509_STORE *ctx=NULL;
 	X509_REQ *rq=NULL;
 	int fingerprint=0;
 	char buf[256];
-	const EVP_MD *md_alg,*digest=EVP_md5();
+	const EVP_MD *md_alg,*digest=NULL;
 	CONF *extconf = NULL;
 	char *extsect = NULL, *extfile = NULL, *passin = NULL, *passargin = NULL;
 	int need_rand = 0;
@@ -219,7 +234,7 @@ int MAIN(int argc, char **argv)
 
 	ctx=X509_STORE_new();
 	if (ctx == NULL) goto end;
-	X509_STORE_set_verify_cb_func(ctx,callb);
+	X509_STORE_set_verify_cb(ctx,callb);
 
 	argc--;
 	argv++;
@@ -374,6 +389,8 @@ int MAIN(int argc, char **argv)
 			C= ++num;
 		else if (strcmp(*argv,"-email") == 0)
 			email= ++num;
+		else if (strcmp(*argv,"-ocsp_uri") == 0)
+			ocsp_uri= ++num;
 		else if (strcmp(*argv,"-serial") == 0)
 			serial= ++num;
 		else if (strcmp(*argv,"-next_serial") == 0)
@@ -389,8 +406,16 @@ int MAIN(int argc, char **argv)
 		else if (strcmp(*argv,"-hash") == 0
 			|| strcmp(*argv,"-subject_hash") == 0)
 			subject_hash= ++num;
+#ifndef OPENSSL_NO_MD5
+		else if (strcmp(*argv,"-subject_hash_old") == 0)
+			subject_hash_old= ++num;
+#endif
 		else if (strcmp(*argv,"-issuer_hash") == 0)
 			issuer_hash= ++num;
+#ifndef OPENSSL_NO_MD5
+		else if (strcmp(*argv,"-issuer_hash_old") == 0)
+			issuer_hash_old= ++num;
+#endif
 		else if (strcmp(*argv,"-subject") == 0)
 			subject= ++num;
 		else if (strcmp(*argv,"-issuer") == 0)
@@ -618,7 +643,7 @@ bad:
 		if (!X509_set_subject_name(x,req->req_info->subject)) goto end;
 
 		X509_gmtime_adj(X509_get_notBefore(x),0);
-	        X509_gmtime_adj(X509_get_notAfter(x),(long)60*60*24*days);
+	        X509_time_adj_ex(X509_get_notAfter(x),days, 0, NULL);
 
 		pkey = X509_REQ_get_pubkey(req);
 		X509_set_pubkey(x,pkey);
@@ -727,13 +752,17 @@ bad:
 				ASN1_INTEGER_free(ser);
 				BIO_puts(out, "\n");
 				}
-			else if (email == i) 
+			else if ((email == i) || (ocsp_uri == i))
 				{
 				int j;
-				STACK *emlst;
-				emlst = X509_get1_email(x);
-				for (j = 0; j < sk_num(emlst); j++)
-					BIO_printf(STDout, "%s\n", sk_value(emlst, j));
+				STACK_OF(OPENSSL_STRING) *emlst;
+				if (email == i)
+					emlst = X509_get1_email(x);
+				else
+					emlst = X509_get1_ocsp(x);
+				for (j = 0; j < sk_OPENSSL_STRING_num(emlst); j++)
+					BIO_printf(STDout, "%s\n",
+						   sk_OPENSSL_STRING_value(emlst, j));
 				X509_email_free(emlst);
 				}
 			else if (aliasout == i)
@@ -747,10 +776,22 @@ bad:
 				{
 				BIO_printf(STDout,"%08lx\n",X509_subject_name_hash(x));
 				}
+#ifndef OPENSSL_NO_MD5
+			else if (subject_hash_old == i)
+				{
+				BIO_printf(STDout,"%08lx\n",X509_subject_name_hash_old(x));
+				}
+#endif
 			else if (issuer_hash == i)
 				{
 				BIO_printf(STDout,"%08lx\n",X509_issuer_name_hash(x));
 				}
+#ifndef OPENSSL_NO_MD5
+			else if (issuer_hash_old == i)
+				{
+				BIO_printf(STDout,"%08lx\n",X509_issuer_name_hash_old(x));
+				}
+#endif
 			else if (pprint == i)
 				{
 				X509_PURPOSE *ptmp;
@@ -881,14 +922,18 @@ bad:
 				int j;
 				unsigned int n;
 				unsigned char md[EVP_MAX_MD_SIZE];
+				const EVP_MD *fdig = digest;
 
-				if (!X509_digest(x,digest,md,&n))
+				if (!fdig)
+					fdig = EVP_sha1();
+
+				if (!X509_digest(x,fdig,md,&n))
 					{
 					BIO_printf(bio_err,"out of memory\n");
 					goto end;
 					}
 				BIO_printf(STDout,"%s Fingerprint=",
-						OBJ_nid2sn(EVP_MD_type(digest)));
+						OBJ_nid2sn(EVP_MD_type(fdig)));
 				for (j=0; j<(int)n; j++)
 					{
 					BIO_printf(STDout,"%02X%c",md[j],
@@ -908,14 +953,6 @@ bad:
 						passin, e, "Private key");
 					if (Upkey == NULL) goto end;
 					}
-#ifndef OPENSSL_NO_DSA
-		                if (Upkey->type == EVP_PKEY_DSA)
-		                        digest=EVP_dss1();
-#endif
-#ifndef OPENSSL_NO_ECDSA
-				if (Upkey->type == EVP_PKEY_EC)
-					digest=EVP_ecdsa();
-#endif
 
 				assert(need_rand);
 				if (!sign(x,Upkey,days,clrext,digest,
@@ -932,14 +969,6 @@ bad:
 						"CA Private Key");
 					if (CApkey == NULL) goto end;
 					}
-#ifndef OPENSSL_NO_DSA
-		                if (CApkey->type == EVP_PKEY_DSA)
-		                        digest=EVP_dss1();
-#endif
-#ifndef OPENSSL_NO_ECDSA
-				if (CApkey->type == EVP_PKEY_EC)
-					digest = EVP_ecdsa();
-#endif
 				
 				assert(need_rand);
 				if (!x509_certify(ctx,CAfile,digest,x,xca,
@@ -967,15 +996,6 @@ bad:
 
 				BIO_printf(bio_err,"Generating certificate request\n");
 
-#ifndef OPENSSL_NO_DSA
-		                if (pk->type == EVP_PKEY_DSA)
-		                        digest=EVP_dss1();
-#endif
-#ifndef OPENSSL_NO_ECDSA
-				if (pk->type == EVP_PKEY_EC)
-					digest=EVP_ecdsa();
-#endif
-
 				rq=X509_to_X509_REQ(x,pk,digest);
 				EVP_PKEY_free(pk);
 				if (rq == NULL)
@@ -1029,17 +1049,15 @@ bad:
 		}
 	else if (outformat == FORMAT_NETSCAPE)
 		{
-		ASN1_HEADER ah;
-		ASN1_OCTET_STRING os;
+		NETSCAPE_X509 nx;
+		ASN1_OCTET_STRING hdr;
 
-		os.data=(unsigned char *)NETSCAPE_CERT_HDR;
-		os.length=strlen(NETSCAPE_CERT_HDR);
-		ah.header= &os;
-		ah.data=(char *)x;
-		ah.meth=X509_asn1_meth();
+		hdr.data=(unsigned char *)NETSCAPE_CERT_HDR;
+		hdr.length=strlen(NETSCAPE_CERT_HDR);
+		nx.header= &hdr;
+		nx.cert=x;
 
-		/* no macro for this one yet */
-		i=ASN1_i2d_bio(i2d_ASN1_HEADER,out,(unsigned char *)&ah);
+		i=ASN1_item_i2d_bio(ASN1_ITEM_rptr(NETSCAPE_X509),out,&nx);
 		}
 	else	{
 		BIO_printf(bio_err,"bad output format specified for outfile\n");
@@ -1141,7 +1159,8 @@ static int x509_certify(X509_STORE *ctx, char *CAfile, const EVP_MD *digest,
 	/* NOTE: this certificate can/should be self signed, unless it was
 	 * a certificate request in which case it is not. */
 	X509_STORE_CTX_set_cert(&xsc,x);
-	if (!reqfile && !X509_verify_cert(&xsc))
+	X509_STORE_CTX_set_flags(&xsc, X509_V_FLAG_CHECK_SS_SIGNATURE);
+	if (!reqfile && X509_verify_cert(&xsc) <= 0)
 		goto end;
 
 	if (!X509_check_private_key(xca,pkey))
@@ -1157,7 +1176,7 @@ static int x509_certify(X509_STORE *ctx, char *CAfile, const EVP_MD *digest,
 		goto end;
 
 	/* hardwired expired */
-	if (X509_gmtime_adj(X509_get_notAfter(x),(long)60*60*24*days) == NULL)
+	if (X509_time_adj_ex(X509_get_notAfter(x),days, 0, NULL) == NULL)
 		goto end;
 
 	if (clrext)
diff --git a/bugs/VC16.bug b/bugs/VC16.bug
deleted file mode 100644
index 7815bb5c77..0000000000
--- a/bugs/VC16.bug
+++ /dev/null
@@ -1,18 +0,0 @@
-Microsoft (R) C/C++ Optimizing Compiler Version 8.00c
-
-Compile with /O2 chokes the compiler on these files
-
-crypto\md\md5_dgst.c		warning '@(#)reg86.c:1.26', line 1110
-crypto\des\ofb64ede.c		warning '@(#)grammar.c:1.147', line 168
-crypto\des\ofb64enc.c		warning '@(#)grammar.c:1.147', line 168
-crypto\des\qud_cksm.c		warning '@(#)grammar.c:1.147', line 168
-crypto\rc2\rc2ofb64.c		warning '@(#)grammar.c:1.147', line 168
-crypto\objects\obj_dat.c	warning	'@(#)grammar.c:1.147', line 168
-				fatal	'@(#)grammar.c:1.147', line 168
-crypto\objects\obj_lib.c	warning	'@(#)grammar.c:1.147', line 168
-				fatal	'@(#)grammar.c:1.147', line 168
-ssl\ssl_auth.c			warning	'@(#)grammar.c:1.147', line 168
-				fatal	'@(#)grammar.c:1.147', line 168
-
-Turning on /G3 with build flags that worked fine for /G2 came up with
-divide by zero errors in 'normal' code in speed.c :-(
diff --git a/certs/README.RootCerts b/certs/README.RootCerts
new file mode 100644
index 0000000000..c760b61033
--- /dev/null
+++ b/certs/README.RootCerts
@@ -0,0 +1,4 @@
+The OpenSSL project does not (any longer) include root CA certificates.
+
+Please check out the FAQ:
+  * How can I set up a bundle of commercial root CA certificates?
diff --git a/certs/RegTP-5R.pem b/certs/RegTP-5R.pem
deleted file mode 100644
index 9eb79aa17c..0000000000
--- a/certs/RegTP-5R.pem
+++ /dev/null
@@ -1,19 +0,0 @@
-issuer= CN=5R-CA 1:PN+0.2.262.1.10.7.20=#130131,O=Regulierungsbeh\C3\88orde f\C3\88ur Telekommunikation und Post,C=DE
-notBefore=Mar 22 08:55:51 2000 GMT
-notAfter=Mar 22 08:55:51 2005 GMT
-subject= CN=5R-CA 1:PN+0.2.262.1.10.7.20=#130131,O=Regulierungsbeh\C3\88orde f\C3\88ur Telekommunikation und Post,C=DE
------BEGIN CERTIFICATE-----
-MIICaDCCAdSgAwIBAgIDDIOqMAoGBiskAwMBAgUAMG8xCzAJBgNVBAYTAkRFMT0w
-OwYDVQQKFDRSZWd1bGllcnVuZ3NiZWjIb3JkZSBmyHVyIFRlbGVrb21tdW5pa2F0
-aW9uIHVuZCBQb3N0MSEwDAYHAoIGAQoHFBMBMTARBgNVBAMUCjVSLUNBIDE6UE4w
-IhgPMjAwMDAzMjIwODU1NTFaGA8yMDA1MDMyMjA4NTU1MVowbzELMAkGA1UEBhMC
-REUxPTA7BgNVBAoUNFJlZ3VsaWVydW5nc2JlaMhvcmRlIGbIdXIgVGVsZWtvbW11
-bmlrYXRpb24gdW5kIFBvc3QxITAMBgcCggYBCgcUEwExMBEGA1UEAxQKNVItQ0Eg
-MTpQTjCBoTANBgkqhkiG9w0BAQEFAAOBjwAwgYsCgYEAih5BUycfBpqKhU8RDsaS
-vV5AtzWeXQRColL9CH3t0DKnhjKAlJ8iccFtJNv+d3bh8bb9sh0maRSo647xP7hs
-HTjKgTE4zM5BYNfXvST79OtcMgAzrnDiGjQIIWv8xbfV1MqxxdtZJygrwzRMb9jG
-CAGoJEymoyzAMNG7tSdBWnUCBQDAAAABoxIwEDAOBgNVHQ8BAf8EBAMCAQYwCgYG
-KyQDAwECBQADgYEAOaK8ihVSBUcL2IdVBxZYYUKwMz5m7H3zqhN8W9w+iafWudH6
-b+aahkbENEwzg3C3v5g8nze7v7ssacQze657LHjP+e7ksUDIgcS4R1pU2eN16bjS
-P/qGPF3rhrIEHoK5nJULkjkZYTtNiOvmQ/+G70TXDi3Os/TwLlWRvu+7YLM=
------END CERTIFICATE-----
diff --git a/certs/RegTP-6R.pem b/certs/RegTP-6R.pem
deleted file mode 100644
index 4d79c74e5a..0000000000
--- a/certs/RegTP-6R.pem
+++ /dev/null
@@ -1,19 +0,0 @@
-issuer= CN=6R-Ca 1:PN+0.2.262.1.10.7.20=#130131,O=Regulierungsbeh\C3\88orde f\C3\88ur Telekommunikation und Post,C=DE
-notBefore=Feb  1 09:52:17 2001 GMT
-notAfter=Jun  1 09:52:17 2005 GMT
-subject= CN=6R-Ca 1:PN+0.2.262.1.10.7.20=#130131,O=Regulierungsbeh\C3\88orde f\C3\88ur Telekommunikation und Post,C=DE
------BEGIN CERTIFICATE-----
-MIICaDCCAdSgAwIBAgIDMtGNMAoGBiskAwMBAgUAMG8xCzAJBgNVBAYTAkRFMT0w
-OwYDVQQKFDRSZWd1bGllcnVuZ3NiZWjIb3JkZSBmyHVyIFRlbGVrb21tdW5pa2F0
-aW9uIHVuZCBQb3N0MSEwDAYHAoIGAQoHFBMBMTARBgNVBAMUCjZSLUNhIDE6UE4w
-IhgPMjAwMTAyMDEwOTUyMTdaGA8yMDA1MDYwMTA5NTIxN1owbzELMAkGA1UEBhMC
-REUxPTA7BgNVBAoUNFJlZ3VsaWVydW5nc2JlaMhvcmRlIGbIdXIgVGVsZWtvbW11
-bmlrYXRpb24gdW5kIFBvc3QxITAMBgcCggYBCgcUEwExMBEGA1UEAxQKNlItQ2Eg
-MTpQTjCBoTANBgkqhkiG9w0BAQEFAAOBjwAwgYsCgYEAg6KrFSTNXKqe+2GKGeW2
-wTmbVeflNkp5H/YxA9K1zmEn5XjKm0S0jH4Wfms6ipPlURVaFwTfnB1s++AnJAWf
-mayaE9BP/pdIY6WtZGgW6aZc32VDMCMKPWyBNyagsJVDmzlakIA5cXBVa7Xqqd3P
-ew8i2feMnQXcqHfDv02CW88CBQDAAAABoxIwEDAOBgNVHQ8BAf8EBAMCAQYwCgYG
-KyQDAwECBQADgYEAOkqkUwdaTCt8wcJLA2zLuOwL5ADHMWLhv6gr5zEF+VckA6qe
-IVLVf8e7fYlRmzQd+5OJcGglCQJLGT+ZplI3Mjnrd4plkoTNKV4iOzBcvJD7K4tn
-XPvs9wCFcC7QU7PLvc1FDsAlr7e4wyefZRDL+wbqNfI7QZTSF1ubLd9AzeQ=
------END CERTIFICATE-----
diff --git a/certs/demo/nortelCA.pem b/certs/demo/nortelCA.pem
deleted file mode 100644
index 207f34ab3a..0000000000
--- a/certs/demo/nortelCA.pem
+++ /dev/null
@@ -1,16 +0,0 @@
------BEGIN CERTIFICATE-----
-MIICajCCAdMCBDGA0QUwDQYJKoZIhvcNAQEEBQAwfTELMAkGA1UEBhMCQ2ExDzAN
-BgNVBAcTBk5lcGVhbjEeMBwGA1UECxMVTm8gTGlhYmlsaXR5IEFjY2VwdGVkMR8w
-HQYDVQQKExZGb3IgRGVtbyBQdXJwb3NlcyBPbmx5MRwwGgYDVQQDExNFbnRydXN0
-IERlbW8gV2ViIENBMB4XDTk2MDQyNjEzMzUwMVoXDTA2MDQyNjEzMzUwMVowfTEL
-MAkGA1UEBhMCQ2ExDzANBgNVBAcTBk5lcGVhbjEeMBwGA1UECxMVTm8gTGlhYmls
-aXR5IEFjY2VwdGVkMR8wHQYDVQQKExZGb3IgRGVtbyBQdXJwb3NlcyBPbmx5MRww
-GgYDVQQDExNFbnRydXN0IERlbW8gV2ViIENBMIGdMA0GCSqGSIb3DQEBAQUAA4GL
-ADCBhwKBgQCaroS7O1DA0hm4IefNYU1cx/nqOmzEnk291d1XqznDeF4wEgakbkCc
-zTKxK791yNpXG5RmngqH7cygDRTHZJ6mfCRn0wGC+AI00F2vYTGqPGRQL1N3lZT0
-YDKFC0SQeMMjFIZ1aeQigroFQnHo0VB3zWIMpNkka8PY9lxHZAmWwQIBAzANBgkq
-hkiG9w0BAQQFAAOBgQBAx0UMVA1s54lMQyXjMX5kj99FJN5itb8bK1Rk+cegPQPF
-cWO9SEWyEjjBjIkjjzAwBkaEszFsNGxemxtXvwjIm1xEUMTVlPEWTs2qnDvAUA9W
-YqhWbhH0toGT36236QAsqCZ76rbTRVSSX2BHyJwJMG2tCRv7kRJ//NIgxj3H4w==
------END CERTIFICATE-----
-
diff --git a/certs/demo/timCA.pem b/certs/demo/timCA.pem
deleted file mode 100644
index 9c8d5bf9c6..0000000000
--- a/certs/demo/timCA.pem
+++ /dev/null
@@ -1,16 +0,0 @@
-Tims test GCI CA
-
------BEGIN CERTIFICATE-----
-MIIB8DCCAZoCAQAwDQYJKoZIhvcNAQEEBQAwgYIxCzAJBgNVBAYTAkFVMRMwEQYD
-VQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5
-cHRTb2Z0IFB0eSBMdGQxFDASBgNVBAsTC2RldmVsb3BtZW50MRkwFwYDVQQDExBD
-cnlwdFNvZnQgRGV2IENBMB4XDTk3MDMyMjEzMzQwNFoXDTk4MDMyMjEzMzQwNFow
-gYIxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhC
-cmlzYmFuZTEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxFDASBgNVBAsTC2Rl
-dmVsb3BtZW50MRkwFwYDVQQDExBDcnlwdFNvZnQgRGV2IENBMFwwDQYJKoZIhvcN
-AQEBBQADSwAwSAJBAOAOAqogG5QwAmLhzyO4CoRnx/wVy4NZP4dxJy83O1EnL0rw
-OdsamJKvPOLHgSXo3gDu9uVyvCf/QJmZAmC5ml8CAwEAATANBgkqhkiG9w0BAQQF
-AANBADRRS/GVdd7rAqRW6SdmgLJduOU2yq3avBu99kRqbp9A/dLu6r6jU+eP4oOA
-TfdbFZtAAD2Hx9jUtY3tfdrJOb8= 
------END CERTIFICATE-----
-
diff --git a/certs/demo/tjhCA.pem b/certs/demo/tjhCA.pem
deleted file mode 100644
index 67bee1b200..0000000000
--- a/certs/demo/tjhCA.pem
+++ /dev/null
@@ -1,15 +0,0 @@
------BEGIN CERTIFICATE-----
-MIICVjCCAgACAQAwDQYJKoZIhvcNAQEEBQAwgbUxCzAJBgNVBAYTAkFVMRMwEQYD
-VQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5
-cHRTb2Z0IFB0eSBMdGQxLDAqBgNVBAsTI1dPUlRITEVTUyBDRVJUSUZJQ0FUSU9O
-IEFVVEhPUklUSUVTMTQwMgYDVQQDEytaRVJPIFZBTFVFIENBIC0gREVNT05TVFJB
-VElPTiBQVVJQT1NFUyBPTkxZMB4XDTk3MDQwMzEzMjI1NFoXDTk4MDQwMzEzMjI1
-NFowgbUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQH
-EwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxLDAqBgNVBAsT
-I1dPUlRITEVTUyBDRVJUSUZJQ0FUSU9OIEFVVEhPUklUSUVTMTQwMgYDVQQDEyta
-RVJPIFZBTFVFIENBIC0gREVNT05TVFJBVElPTiBQVVJQT1NFUyBPTkxZMFwwDQYJ
-KoZIhvcNAQEBBQADSwAwSAJBAOZ7T7yqP/tyspcko3yPY1y0Cm2EmwNvzW4QgVXR
-Fjs3HmJ4xtSpXdo6mwcGezL3Abt/aQXaxv9PU8xt+Jr0OFUCAwEAATANBgkqhkiG
-9w0BAQQFAANBAOQpYmGgyCqCy1OljgJhCqQOu627oVlHzK1L+t9vBaMfn40AVUR4
-WzQVWO31KTgi5vTK1U+3h46fgUWqQ0h+6rU=
------END CERTIFICATE-----
diff --git a/certs/demo/vsigntca.pem b/certs/demo/vsigntca.pem
deleted file mode 100644
index 05acf76e66..0000000000
--- a/certs/demo/vsigntca.pem
+++ /dev/null
@@ -1,18 +0,0 @@
-subject=/O=VeriSign, Inc/OU=www.verisign.com/repository/TestCPS Incorp. By Ref. Liab. LTD./OU=For VeriSign authorized testing only. No assurances (C)VS1997
-notBefore=Mar  4 00:00:00 1997 GMT
-notAfter=Mar  4 23:59:59 2025 GMT
------BEGIN CERTIFICATE-----
-MIICTTCCAfcCEEdoCqpuXxnoK27q7d58Qc4wDQYJKoZIhvcNAQEEBQAwgakxFjAU
-BgNVBAoTDVZlcmlTaWduLCBJbmMxRzBFBgNVBAsTPnd3dy52ZXJpc2lnbi5jb20v
-cmVwb3NpdG9yeS9UZXN0Q1BTIEluY29ycC4gQnkgUmVmLiBMaWFiLiBMVEQuMUYw
-RAYDVQQLEz1Gb3IgVmVyaVNpZ24gYXV0aG9yaXplZCB0ZXN0aW5nIG9ubHkuIE5v
-IGFzc3VyYW5jZXMgKEMpVlMxOTk3MB4XDTk3MDMwNDAwMDAwMFoXDTI1MDMwNDIz
-NTk1OVowgakxFjAUBgNVBAoTDVZlcmlTaWduLCBJbmMxRzBFBgNVBAsTPnd3dy52
-ZXJpc2lnbi5jb20vcmVwb3NpdG9yeS9UZXN0Q1BTIEluY29ycC4gQnkgUmVmLiBM
-aWFiLiBMVEQuMUYwRAYDVQQLEz1Gb3IgVmVyaVNpZ24gYXV0aG9yaXplZCB0ZXN0
-aW5nIG9ubHkuIE5vIGFzc3VyYW5jZXMgKEMpVlMxOTk3MFwwDQYJKoZIhvcNAQEB
-BQADSwAwSAJBAMak6xImJx44jMKcbkACy5/CyMA2fqXK4PlzTtCxRq5tFkDzne7s
-cI8oFK/J+gFZNE3bjidDxf07O3JOYG9RGx8CAwEAATANBgkqhkiG9w0BAQQFAANB
-ADT523tENOKrEheZFpsJx1UUjPrG7TwYc/C4NBHrZI4gZJcKVFIfNulftVS6UMYW
-ToLEMaUojc3DuNXHG21PDG8=
------END CERTIFICATE-----
diff --git a/certs/eng1.pem b/certs/eng1.pem
deleted file mode 100644
index 7ed8b1b5e6..0000000000
--- a/certs/eng1.pem
+++ /dev/null
@@ -1,23 +0,0 @@
------BEGIN CERTIFICATE-----
-MIID3TCCAsWgAwIBAgIBADANBgkqhkiG9w0BAQUFADCBqDELMAkGA1UEBhMCQ0Ex
-CzAJBgNVBAgTAk9OMRAwDgYDVQQHEwdUb3JvbnRvMRgwFgYDVQQKEw9CYW5rRW5n
-aW5lIEluYy4xKTAnBgNVBAsTIENlcnRpZmljYXRpb24gQXV0aG9yaXR5IERpdmlz
-aW9uMRMwEQYDVQQDEwpiYW5rZW5naW5lMSAwHgYJKoZIhvcNAQkBFhFjYUBiYW5r
-ZW5naW5lLmNvbTAeFw05ODAxMDEwMDAwMDBaFw0zODAxMTcwMDAwMDBaMIGoMQsw
-CQYDVQQGEwJDQTELMAkGA1UECBMCT04xEDAOBgNVBAcTB1Rvcm9udG8xGDAWBgNV
-BAoTD0JhbmtFbmdpbmUgSW5jLjEpMCcGA1UECxMgQ2VydGlmaWNhdGlvbiBBdXRo
-b3JpdHkgRGl2aXNpb24xEzARBgNVBAMTCmJhbmtlbmdpbmUxIDAeBgkqhkiG9w0B
-CQEWEWNhQGJhbmtlbmdpbmUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
-CgKCAQEA14LoTUAl1/hEy+Kh1kLHiBdW2zD3V4IhM7xxTVKsYsIH56nr69ATTIxU
-P36eRzeZ137qt1AxHFjDCidk3m1Ul6l59ProPexdslLLM2npM3f2cteg+toyiYiS
-EJKjyzIu1xF1j9qzGkymSY/4DsXLZNk9FaczxMk/Ooc6Os1M3AverL4VG4rYIb6f
-eR32cIKJ9Q1fGuyKk7ipq1XQfPW8a8TgZdbHbe7U9Gk3iasGMHHvpR9Ep3mGbgdT
-uQ98SBEuIwe1BUCGg/MXpVy48MNXfAMotBgGw4pl9yqSjMni2FB+E9Q9DHFs2RgX
-MqzKuo8zcPxKx2kZ6Arj8+27dw2clQIDAQABoxAwDjAMBgNVHRMEBTADAQH/MA0G
-CSqGSIb3DQEBBQUAA4IBAQBauupHX9EhpC/r57d6b5kkeWvognxIP9//TO4iw3qb
-zIXEkPXmJmwVzlzoKJWqiya+aw19SP0+G6CzsFOBo/9ehmz+hZ8bhYX4MjlWzX5u
-Tnkhz172j9fOBUmrTVPkcRIs6zjCD5PQAGoBPP1/Zdy2N36lZ0U7lg07Opirj/yJ
-PSJeM2j0fwIFAroiVckvdT0BVwB6S/cPaAQGPghbbr1YGSmYrMriSv825ILJUfxz
-rJYunGR9FiY9Ob7+jwJwiZMS4CxSPktutxr/3hOvr1+ALS7IcVakhhA3PuZAJbdH
-FRclR9qMM8aBnBZmf+Uv3K3uhT+UBzzY654U9Yi1JYnA
------END CERTIFICATE-----
diff --git a/certs/eng2.pem b/certs/eng2.pem
deleted file mode 100644
index 73066309b1..0000000000
--- a/certs/eng2.pem
+++ /dev/null
@@ -1,23 +0,0 @@
------BEGIN CERTIFICATE-----
-MIID3TCCAsWgAwIBAgIBADANBgkqhkiG9w0BAQUFADCBqDELMAkGA1UEBhMCQ0Ex
-CzAJBgNVBAgTAk9OMRAwDgYDVQQHEwdUb3JvbnRvMRgwFgYDVQQKEw9DZXJ0RW5n
-aW5lIEluYy4xKTAnBgNVBAsTIENlcnRpZmljYXRpb24gQXV0aG9yaXR5IERpdmlz
-aW9uMRMwEQYDVQQDEwpjZXJ0ZW5naW5lMSAwHgYJKoZIhvcNAQkBFhFjYUBjZXJ0
-ZW5naW5lLmNvbTAeFw05ODAxMDEwMDAwMDBaFw0zODAxMTcwMDAwMDBaMIGoMQsw
-CQYDVQQGEwJDQTELMAkGA1UECBMCT04xEDAOBgNVBAcTB1Rvcm9udG8xGDAWBgNV
-BAoTD0NlcnRFbmdpbmUgSW5jLjEpMCcGA1UECxMgQ2VydGlmaWNhdGlvbiBBdXRo
-b3JpdHkgRGl2aXNpb24xEzARBgNVBAMTCmNlcnRlbmdpbmUxIDAeBgkqhkiG9w0B
-CQEWEWNhQGNlcnRlbmdpbmUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
-CgKCAQEA7aTXURShaeVt9u/dP3Q2dVib3jTCZvEyc6yfpGgaYWewXWuP4HOSfI4h
-GZblbpl+dzJc6RjhR+pguIRtbT5FJB8SJGjRqoujBEOQOxtVtc2fjM9Dqh0iOvMW
-WS6buxHG55GVrHAQaO5HXEScKQBa9ZyNmpSXPTEBrDMej1OAGOkc524/TZrgFPF4
-AiJLLkxCcP8NuzUKlW3WzNMSSoCtjkUKy4wjSLlAWCFM0T9Df6/+Z8ZUQTzHoKCD
-ncH5Qnynd7DlOwKQ2JwwxRhYGiGVTUN0GUq7qA11kW3+vnbFesKQXoF6o2PVx9s2
-YXviI2NXXUjZ0pVnsnFCc45Pm8XojwIDAQABoxAwDjAMBgNVHRMEBTADAQH/MA0G
-CSqGSIb3DQEBBQUAA4IBAQBP/aHOKJ00Akzc9HWM1X30hlWZFBaQi4pqD4Uhk8+p
-KzzwFP5DRLBOz8TYBbtdXrS6hxVMr2sqWmhVkuyepWhHZazKGyHY/y0FbOXsewAV
-1QxxSyx7ve89pCKv4/w0rQcP916iHc8Y/TCpmz7eITa3GId+8H/XTaBi8GBp9X9O
-w8m25FmEB1NT+eJwefvfdKowjy4tSorKdW/eJspxNuTSRGmUy8G71W5dYvgpAlx6
-mdnHyzxEGvRYNNI2bS0ifXgbEFNWqSas9q34ea5KOpkJu8T/KyXfSb6rPOsBSb0t
-wMowwGtCVH2C4Lw/8zo0EjhMpTOsPaub408PrZ+NQ2bl
------END CERTIFICATE-----
diff --git a/certs/eng3.pem b/certs/eng3.pem
deleted file mode 100644
index 28bcce2dfd..0000000000
--- a/certs/eng3.pem
+++ /dev/null
@@ -1,34 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIF3TCCA8WgAwIBAgIBADANBgkqhkiG9w0BAQUFADCBqDELMAkGA1UEBhMCQ0Ex
-CzAJBgNVBAgTAk9OMRAwDgYDVQQHEwdUb3JvbnRvMRgwFgYDVQQKEw9Gb3J0RW5n
-aW5lIEluYy4xKTAnBgNVBAsTIENlcnRpZmljYXRpb24gQXV0aG9yaXR5IERpdmlz
-aW9uMRMwEQYDVQQDEwpmb3J0ZW5naW5lMSAwHgYJKoZIhvcNAQkBFhFjYUBmb3J0
-ZW5naW5lLmNvbTAeFw05ODAxMDEwMDAwMDBaFw0zODAxMTcwMDAwMDBaMIGoMQsw
-CQYDVQQGEwJDQTELMAkGA1UECBMCT04xEDAOBgNVBAcTB1Rvcm9udG8xGDAWBgNV
-BAoTD0ZvcnRFbmdpbmUgSW5jLjEpMCcGA1UECxMgQ2VydGlmaWNhdGlvbiBBdXRo
-b3JpdHkgRGl2aXNpb24xEzARBgNVBAMTCmZvcnRlbmdpbmUxIDAeBgkqhkiG9w0B
-CQEWEWNhQGZvcnRlbmdpbmUuY29tMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC
-CgKCAgEAyr7GbpwDxx1v3EYbo0gcO+ligEhlDqG2e7u/AbWGoVAqc8+q6auUJUtz
-4i7oh0yNadu1o9kpXW+znkgO0zlrgjGskqqMO1ooppzTJdFy/P8gR6x1Iuv3kWtX
-OuzwPPEjv09LWlhyJsN+oU4ztTVf07I0Q9zYupcoDQ58XKRheI9KdDB2DYSmxywA
-WSLQwIeG0Qa7gvokeQlpkgkEC7viEecJ3752KXBJHnh7As51mxnlpmG6sDy67Eli
-HDw5tHETRqbtnscGBjskGQBqR5xt7+QnnthZrN8HJHDoa9zgGephwizhkL44lXLF
-YK9W5XhFbblw2c+mAcHkokRiwD7CPeIoyD2a/Jcw3n5hegKTlNhd4BFGVF6JR7gF
-OFk2QfHXit5uthsij9Xhl7WAgQUqLgggD9MphqPf4nY66OZUJV9ZsmB+Qfp8UizB
-0WAOegactKVyRqHtRa+KIEXQXNtZgjcmMk9CYkP0nIbKtgKXaH6+9VMHNOryCnFE
-7pSsuPUkypncFWCHGSeiFO3w4w4J4csltxBADQzxfRu5KZnlToQN7bVpI/Q31tVX
-E5bjrJcq6Oj/OTqZ3ID+OqbkUdAg0ggjRKcTgxnLHd/AbMzJ6PsclDDf7cLs0WSl
-xMxQR/z5bNST1rNtT9rsiv2TOhfvCBxO9AOjBioO8PLO032HTNECAwEAAaMQMA4w
-DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAgEAVyBpPWfT2VOyvVpslGKx
-8h0+CWP8cilygGRtZJ5dAJzc//1REAHdvK+TgZ4Foz3dqHhXI+RNN0FpzuWaYMjW
-ZTS0kAmcOQuGY1Oo4PGlPHI21pNz29oFDTJr0ZmLBJ4JKVsE2soJg55jdk9MZHA7
-K//7HH9RsmrWZOE5DZDlrxp6+naixhMwnlPKKisIy9GNZUPqGdUWABMdB/BUVVNl
-NU5TtWpIXUClMd8a+eoKcItBeYXowkHOBpinPkDX3clFDIUfWiw0Ro08s8SrrFqR
-8Szwbrj52Xv1RM56oGqCjnkvJctxihODV7NcpxoAFjIZokDom0q6zPrrTUsLFQov
-Plovc3w5hmALiDMshaTvE1nm3Psn4yQ+FlRE8epTZrQiIGypZkZC6lcz0mYawueW
-cThYWGFhVG4ktQzOjjNRsNxopW+W7cF1zQTxiWUDnxIKSj7gtdQ2jiubxEEhfVag
-r8DMtAccNVTZVURpGi56TptOOuotrTqqC+2GviW4hlxvdvmuQN0OlXlUwzz2Trxc
-FamNnuA54lZw/8arLtxsFmHrcnPw53+1spumLD0S5UkxHNu40h6LIVpZz3H+0rLz
-uFofTfiyMjcfK2AyHQTgUCbsrvgNuLDQUbyFGVchdFUkhztX3DhEVnxnnrpY4BVj
-QdTqWIvw7lGlSuDCjxEQAOc=
------END CERTIFICATE-----
diff --git a/certs/eng4.pem b/certs/eng4.pem
deleted file mode 100644
index 9a7b156226..0000000000
--- a/certs/eng4.pem
+++ /dev/null
@@ -1,23 +0,0 @@
------BEGIN CERTIFICATE-----
-MIID3TCCAsWgAwIBAgIBADANBgkqhkiG9w0BAQUFADCBqDELMAkGA1UEBhMCQ0Ex
-CzAJBgNVBAgTAk9OMRAwDgYDVQQHEwdUb3JvbnRvMRgwFgYDVQQKEw9NYWlsRW5n
-aW5lIEluYy4xKTAnBgNVBAsTIENlcnRpZmljYXRpb24gQXV0aG9yaXR5IERpdmlz
-aW9uMRMwEQYDVQQDEwptYWlsZW5naW5lMSAwHgYJKoZIhvcNAQkBFhFjYUBtYWls
-ZW5naW5lLmNvbTAeFw05ODAxMDEwMDAwMDBaFw0zODAxMTcwMDAwMDBaMIGoMQsw
-CQYDVQQGEwJDQTELMAkGA1UECBMCT04xEDAOBgNVBAcTB1Rvcm9udG8xGDAWBgNV
-BAoTD01haWxFbmdpbmUgSW5jLjEpMCcGA1UECxMgQ2VydGlmaWNhdGlvbiBBdXRo
-b3JpdHkgRGl2aXNpb24xEzARBgNVBAMTCm1haWxlbmdpbmUxIDAeBgkqhkiG9w0B
-CQEWEWNhQG1haWxlbmdpbmUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
-CgKCAQEAqXmfsU+lx+NFmn6tN17RTOyaddHqLnr/3rzEDIyT9TN+tF9TG7jmK7lJ
-Jrj5arQ3nTFaLF8JuND2U1z/cLPw6/TX+1tE3v3CNUDSjaisyUDiUyp3TE8hMMMz
-zfZQn0JsGgNhhWxqyzjhRQGtKL4+xtn8VsF/8zGgZYke7nlmVKz/FslDFTnNoodL
-BAEGiu9JQS9qqpbSs20NdZ6LXPL2A4iTjnsNFBW3jIMVIn/JVVyaycU7ue2oFviD
-vLNpkVZcR7A+jjIdIumOc5VSF0y7y74cQC5YwkR2mLK7UBYDK6NCY3ta/C4M8NsM
-0FpmvRl0+A1ivZtVwqI98dxDtp7HeQIDAQABoxAwDjAMBgNVHRMEBTADAQH/MA0G
-CSqGSIb3DQEBBQUAA4IBAQAjfNn5BCzxylBDakFQGWKE/P43PRibMOEzfd7+DzbY
-WIekoz3i00DwoH3b6j4gwlDJRAOq4dF6/Pt/uBOHDo/op+ef+9ErmKPd+ehXN9h3
-7QbccTgz7DtVwA4iRlDRLru+JuXzT+OsCHuFZMOLJ+KD2JAGh3W68JjdcLkrlcpt
-AU0wc5aOHPPfEBdIah8y8QtNzXRVzoBt8zzvgCARkXxTS2u/9QaXR1hML0JtDgQS
-SdZ6Kd8SN6yzqxD+buYD5sOfJmjBF/n3lqFHNMHnnGXy2TAXZtIAWzffU3A0cGPB
-N6FZ026a86HbF1X4k+xszhbJu/ikczyuWnCJIg3fTYSD
------END CERTIFICATE-----
diff --git a/certs/eng5.pem b/certs/eng5.pem
deleted file mode 100644
index 3416ccad24..0000000000
--- a/certs/eng5.pem
+++ /dev/null
@@ -1,23 +0,0 @@
------BEGIN CERTIFICATE-----
-MIID6TCCAtGgAwIBAgIBADANBgkqhkiG9w0BAQUFADCBrjELMAkGA1UEBhMCQ0Ex
-CzAJBgNVBAgTAk9OMRAwDgYDVQQHEwdUb3JvbnRvMRowGAYDVQQKExFUcmFkZXJF
-bmdpbmUgSW5jLjEpMCcGA1UECxMgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgRGl2
-aXNpb24xFTATBgNVBAMTDHRyYWRlcmVuZ2luZTEiMCAGCSqGSIb3DQEJARYTY2FA
-dHJhZGVyZW5naW5lLmNvbTAeFw05ODAxMDEwMDAwMDBaFw0zODAxMTcwMDAwMDBa
-MIGuMQswCQYDVQQGEwJDQTELMAkGA1UECBMCT04xEDAOBgNVBAcTB1Rvcm9udG8x
-GjAYBgNVBAoTEVRyYWRlckVuZ2luZSBJbmMuMSkwJwYDVQQLEyBDZXJ0aWZpY2F0
-aW9uIEF1dGhvcml0eSBEaXZpc2lvbjEVMBMGA1UEAxMMdHJhZGVyZW5naW5lMSIw
-IAYJKoZIhvcNAQkBFhNjYUB0cmFkZXJlbmdpbmUuY29tMIIBIjANBgkqhkiG9w0B
-AQEFAAOCAQ8AMIIBCgKCAQEAzyX5QE+5SN+zgNn1v3zp9HmP4hQOWW8WuEVItZVP
-9bt/xj5NeJd1kyPL/SqnF2qHcL3o/74r0Ga55aKHniwKYgQTlp5ELGfQ568QQeN9
-xNIHtUXeStI9zCNZyZC+4YqObdMR/ivKA/WsLfUVMl2lV5JzJJz1BOE0gKEYiEyz
-gIq5oLzkP/mOXoHRvWSZD2D0eHYIO7ovV2epVFK7g7p+dC4QoeIUEli+GF/Myg88
-dV/qmi+Sybck2RLPXa8Nh27/ETVQ7kE1Eafmx7EyCqIhG+5lwJAy3HwHUBwAYuzj
-iuZz5lD8aQmr8SKuvy3eOH9SVN5wh3YBlrNGwTStkESVLwIDAQABoxAwDjAMBgNV
-HRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4IBAQAWOPAUhZd3x9EQiFJcuxFTMd9q
-axgcriCzJsM6D96sYGko9xTeLhX/lr1bliVYI5AlupoLXAdMzGHJkOgaTirKjQXr
-F9nymDdUWKe3TmwGob5016nQlH7qRKvGO3hka0rOGRK2U/2JT/4Qp8iH/DFi6cyM
-uP0q8n64SAkxZXLzUuFQXqf7U/SNjzb9XJQEIAdjp7eYd3Qb4jDsDcX0FrKMF1aV
-r0dCDnS7am7WTXPYCDGdSkPgEHEtLYIYH3lZp5sKdVZ9wl4F0WNFkRWRUr7AXPjw
-50uLmUNmKCd8JZLMGA1TRNSTi7U9EcrWt0OkMWm74T2WVnAgNsDv2WrWsGfj
------END CERTIFICATE-----
diff --git a/certs/expired/ICE-CA.pem b/certs/expired/ICE-CA.pem
deleted file mode 100644
index 75652366c2..0000000000
--- a/certs/expired/ICE-CA.pem
+++ /dev/null
@@ -1,59 +0,0 @@
-Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number: 1 (0x1)
-        Signature Algorithm: md5WithRSAEncryption
-        Issuer: O=European ICE-TEL project, OU=V3-Certification Authority
-        Validity
-            Not Before: Apr  2 17:35:53 1997 GMT
-            Not After : Apr  2 17:35:53 1998 GMT
-        Subject: O=European ICE-TEL project, OU=V3-Certification Authority, L=Darmstadt
-        Subject Public Key Info:
-            Public Key Algorithm: rsa
-            RSA Public Key: (512 bit)
-                Modulus (512 bit):
-                    00:82:75:ba:f6:d1:60:b5:f9:15:b3:6a:dd:29:8f:
-                    8b:a4:6f:1a:88:e0:50:43:40:0b:79:41:d5:d3:16:
-                    44:7d:74:65:17:42:06:52:0b:e9:50:c8:10:cd:24:
-                    e2:ae:8d:22:30:73:e6:b4:b7:93:1f:e5:6e:a2:ae:
-                    49:11:a5:c9:45
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            X509v3 Authority Key Identifier: 
-                0.........z.."p......e..
-            X509v3 Subject Key Identifier: 
-                ..~r..:..B.44fu......3
-            X509v3 Key Usage: critical
-                ....
-            X509v3 Certificate Policies: critical
-                0.0...*...
-            X509v3 Subject Alternative Name: 
-                0!..secude-support@darmstadt.gmd.de
-            X509v3 Issuer Alternative Name: 
-                0I..ice-tel-ca@darmstadt.gmd.de.*http://www.darmstadt.gmd.de/ice-tel/euroca
-            X509v3 Basic Constraints: critical
-                0....
-            X509v3 CRL Distribution Points: 
-                0200...,.*http://www.darmstadt.gmd.de/ice-tel/euroca
-    Signature Algorithm: md5WithRSAEncryption
-        17:a2:88:b7:99:5a:05:41:e4:13:34:67:e6:1f:3e:26:ec:4b:
-        69:f9:3e:28:22:be:9d:1c:ab:41:6f:0c:00:85:fe:45:74:f6:
-        98:f0:ce:9b:65:53:4a:50:42:c7:d4:92:bd:d7:a2:a8:3d:98:
-        88:73:cd:60:28:79:a3:fc:48:7a
------BEGIN CERTIFICATE-----
-MIICzDCCAnagAwIBAgIBATANBgkqhkiG9w0BAQQFADBIMSEwHwYDVQQKExhFdXJv
-cGVhbiBJQ0UtVEVMIHByb2plY3QxIzAhBgNVBAsTGlYzLUNlcnRpZmljYXRpb24g
-QXV0aG9yaXR5MB4XDTk3MDQwMjE3MzU1M1oXDTk4MDQwMjE3MzU1M1owXDEhMB8G
-A1UEChMYRXVyb3BlYW4gSUNFLVRFTCBwcm9qZWN0MSMwIQYDVQQLExpWMy1DZXJ0
-aWZpY2F0aW9uIEF1dGhvcml0eTESMBAGA1UEBxMJRGFybXN0YWR0MFkwCgYEVQgB
-AQICAgADSwAwSAJBAIJ1uvbRYLX5FbNq3SmPi6RvGojgUENAC3lB1dMWRH10ZRdC
-BlIL6VDIEM0k4q6NIjBz5rS3kx/lbqKuSRGlyUUCAwEAAaOCATgwggE0MB8GA1Ud
-IwQYMBaAFIr3yNUOx3ro1yJw4AuJ1bbsZbzPMB0GA1UdDgQWBBR+cvL4OoacQog0
-NGZ1w9T80aIRMzAOBgNVHQ8BAf8EBAMCAfYwFAYDVR0gAQH/BAowCDAGBgQqAwQF
-MCoGA1UdEQQjMCGBH3NlY3VkZS1zdXBwb3J0QGRhcm1zdGFkdC5nbWQuZGUwUgYD
-VR0SBEswSYEbaWNlLXRlbC1jYUBkYXJtc3RhZHQuZ21kLmRlhipodHRwOi8vd3d3
-LmRhcm1zdGFkdC5nbWQuZGUvaWNlLXRlbC9ldXJvY2EwDwYDVR0TAQH/BAUwAwEB
-/zA7BgNVHR8ENDAyMDCgLqAshipodHRwOi8vd3d3LmRhcm1zdGFkdC5nbWQuZGUv
-aWNlLXRlbC9ldXJvY2EwDQYJKoZIhvcNAQEEBQADQQAXooi3mVoFQeQTNGfmHz4m
-7Etp+T4oIr6dHKtBbwwAhf5FdPaY8M6bZVNKUELH1JK916KoPZiIc81gKHmj/Eh6
------END CERTIFICATE-----
diff --git a/certs/expired/ICE-root.pem b/certs/expired/ICE-root.pem
deleted file mode 100644
index fa991599c9..0000000000
--- a/certs/expired/ICE-root.pem
+++ /dev/null
@@ -1,48 +0,0 @@
-Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number: 0 (0x0)
-        Signature Algorithm: md5WithRSAEncryption
-        Issuer: O=European ICE-TEL project, OU=V3-Certification Authority
-        Validity
-            Not Before: Apr  2 17:33:36 1997 GMT
-            Not After : Apr  2 17:33:36 1998 GMT
-        Subject: O=European ICE-TEL project, OU=V3-Certification Authority
-        Subject Public Key Info:
-            Public Key Algorithm: rsa
-            RSA Public Key: (512 bit)
-                Modulus (512 bit):
-                    00:80:3e:eb:ae:47:a9:fe:10:54:0b:81:8b:9c:2b:
-                    82:ab:3a:61:36:65:8b:f3:73:9f:ac:ac:7a:15:a7:
-                    13:8f:b4:c4:ba:a3:0f:bc:a5:58:8d:cc:b1:93:31:
-                    9e:81:9e:8c:19:61:86:fa:52:73:54:d1:97:76:22:
-                    e7:c7:9f:41:cd
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            X509v3 Subject Key Identifier: 
-                ........z.."p......e..
-            X509v3 Key Usage: critical
-                ....
-            X509v3 Subject Alternative Name: 
-                0I.*http://www.darmstadt.gmd.de/ice-tel/euroca..ice-tel-ca@darmstadt.gmd.de
-            X509v3 Basic Constraints: critical
-                0....
-    Signature Algorithm: md5WithRSAEncryption
-        76:69:61:db:b7:cf:8b:06:9e:d8:8c:96:53:d2:4d:a8:23:a6:
-        03:44:e8:8f:24:a5:c0:84:a8:4b:77:d4:2d:2b:7d:37:91:67:
-        f2:2c:ce:02:31:4c:6b:cc:ce:f2:68:a6:11:11:ab:7d:88:b8:
-        7e:22:9f:25:06:60:bd:79:30:3d
------BEGIN CERTIFICATE-----
-MIICFjCCAcCgAwIBAgIBADANBgkqhkiG9w0BAQQFADBIMSEwHwYDVQQKExhFdXJv
-cGVhbiBJQ0UtVEVMIHByb2plY3QxIzAhBgNVBAsTGlYzLUNlcnRpZmljYXRpb24g
-QXV0aG9yaXR5MB4XDTk3MDQwMjE3MzMzNloXDTk4MDQwMjE3MzMzNlowSDEhMB8G
-A1UEChMYRXVyb3BlYW4gSUNFLVRFTCBwcm9qZWN0MSMwIQYDVQQLExpWMy1DZXJ0
-aWZpY2F0aW9uIEF1dGhvcml0eTBZMAoGBFUIAQECAgIAA0sAMEgCQQCAPuuuR6n+
-EFQLgYucK4KrOmE2ZYvzc5+srHoVpxOPtMS6ow+8pViNzLGTMZ6BnowZYYb6UnNU
-0Zd2IufHn0HNAgMBAAGjgZcwgZQwHQYDVR0OBBYEFIr3yNUOx3ro1yJw4AuJ1bbs
-ZbzPMA4GA1UdDwEB/wQEAwIB9jBSBgNVHREESzBJhipodHRwOi8vd3d3LmRhcm1z
-dGFkdC5nbWQuZGUvaWNlLXRlbC9ldXJvY2GBG2ljZS10ZWwtY2FAZGFybXN0YWR0
-LmdtZC5kZTAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBBAUAA0EAdmlh27fP
-iwae2IyWU9JNqCOmA0TojySlwISoS3fULSt9N5Fn8izOAjFMa8zO8mimERGrfYi4
-fiKfJQZgvXkwPQ==
------END CERTIFICATE-----
diff --git a/certs/expired/ICE-user.pem b/certs/expired/ICE-user.pem
deleted file mode 100644
index 28065fd37d..0000000000
--- a/certs/expired/ICE-user.pem
+++ /dev/null
@@ -1,63 +0,0 @@
-Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number: 1 (0x1)
-        Signature Algorithm: md5WithRSAEncryption
-        Issuer: O=European ICE-TEL project, OU=V3-Certification Authority, L=Darmstadt
-        Validity
-            Not Before: Apr  2 17:35:59 1997 GMT
-            Not After : Apr  2 17:35:59 1998 GMT
-        Subject: O=European ICE-TEL project, OU=V3-Certification Authority, L=Darmstadt, CN=USER
-        Subject Public Key Info:
-            Public Key Algorithm: rsa
-            RSA Public Key: (512 bit)
-                Modulus (512 bit):
-                    00:a8:a8:53:63:49:1b:93:c3:c3:0b:6c:88:11:55:
-                    de:7e:6a:e2:f9:52:a0:dc:69:25:c4:c8:bf:55:e1:
-                    31:a8:ce:e4:a9:29:85:99:8a:15:9a:de:f6:2f:e1:
-                    b4:50:5f:5e:04:75:a6:f4:76:dc:3c:0e:39:dc:3a:
-                    be:3e:a4:61:8b
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            X509v3 Authority Key Identifier: 
-                0...~r..:..B.44fu......3
-            X509v3 Subject Key Identifier: 
-                ...... .*...1.*.......
-            X509v3 Key Usage: critical
-                ....
-            X509v3 Certificate Policies: critical
-                0.0...*...0.......
-            X509v3 Subject Alternative Name: 
-                0:..user@darmstadt.gmd.de.!http://www.darmstadt.gmd.de/~user
-            X509v3 Issuer Alternative Name: 
-                0....gmdca@gmd.de..http://www.gmd.de..saturn.darmstadt.gmd.de.\1!0...U.
-..European ICE-TEL project1#0!..U....V3-Certification Authority1.0...U....Darmstadt..141.12.62.26
-            X509v3 Basic Constraints: critical
-                0.
-            X509v3 CRL Distribution Points: 
-                0.0.......gmdca@gmd.de
-    Signature Algorithm: md5WithRSAEncryption
-        69:0c:e1:b7:a7:f2:d8:fb:e8:69:c0:13:cd:37:ad:21:06:22:
-        4d:e8:c6:db:f1:04:0b:b7:e0:b3:d6:0c:81:03:ce:c3:6a:3e:
-        c7:e7:24:24:a4:92:64:c2:83:83:06:42:53:0e:6f:09:1e:84:
-        9a:f7:6f:63:9b:94:99:83:d6:a4
------BEGIN CERTIFICATE-----
-MIIDTzCCAvmgAwIBAgIBATANBgkqhkiG9w0BAQQFADBcMSEwHwYDVQQKExhFdXJv
-cGVhbiBJQ0UtVEVMIHByb2plY3QxIzAhBgNVBAsTGlYzLUNlcnRpZmljYXRpb24g
-QXV0aG9yaXR5MRIwEAYDVQQHEwlEYXJtc3RhZHQwHhcNOTcwNDAyMTczNTU5WhcN
-OTgwNDAyMTczNTU5WjBrMSEwHwYDVQQKExhFdXJvcGVhbiBJQ0UtVEVMIHByb2pl
-Y3QxIzAhBgNVBAsTGlYzLUNlcnRpZmljYXRpb24gQXV0aG9yaXR5MRIwEAYDVQQH
-EwlEYXJtc3RhZHQxDTALBgNVBAMTBFVTRVIwWTAKBgRVCAEBAgICAANLADBIAkEA
-qKhTY0kbk8PDC2yIEVXefmri+VKg3GklxMi/VeExqM7kqSmFmYoVmt72L+G0UF9e
-BHWm9HbcPA453Dq+PqRhiwIDAQABo4IBmDCCAZQwHwYDVR0jBBgwFoAUfnLy+DqG
-nEKINDRmdcPU/NGiETMwHQYDVR0OBBYEFJfc4B8gjSoRmLUx4Sq/ucIYiMrPMA4G
-A1UdDwEB/wQEAwIB8DAcBgNVHSABAf8EEjAQMAYGBCoDBAUwBgYECQgHBjBDBgNV
-HREEPDA6gRV1c2VyQGRhcm1zdGFkdC5nbWQuZGWGIWh0dHA6Ly93d3cuZGFybXN0
-YWR0LmdtZC5kZS9+dXNlcjCBsQYDVR0SBIGpMIGmgQxnbWRjYUBnbWQuZGWGEWh0
-dHA6Ly93d3cuZ21kLmRlghdzYXR1cm4uZGFybXN0YWR0LmdtZC5kZaRcMSEwHwYD
-VQQKExhFdXJvcGVhbiBJQ0UtVEVMIHByb2plY3QxIzAhBgNVBAsTGlYzLUNlcnRp
-ZmljYXRpb24gQXV0aG9yaXR5MRIwEAYDVQQHEwlEYXJtc3RhZHSHDDE0MS4xMi42
-Mi4yNjAMBgNVHRMBAf8EAjAAMB0GA1UdHwQWMBQwEqAQoA6BDGdtZGNhQGdtZC5k
-ZTANBgkqhkiG9w0BAQQFAANBAGkM4ben8tj76GnAE803rSEGIk3oxtvxBAu34LPW
-DIEDzsNqPsfnJCSkkmTCg4MGQlMObwkehJr3b2OblJmD1qQ=
------END CERTIFICATE-----
diff --git a/certs/expired/RegTP-4R.pem b/certs/expired/RegTP-4R.pem
deleted file mode 100644
index 6f2c6abccd..0000000000
--- a/certs/expired/RegTP-4R.pem
+++ /dev/null
@@ -1,19 +0,0 @@
-issuer= CN=4R-CA 1:PN+0.2.262.1.10.7.20=#130131,O=Regulierungsbeh\C3\88orde f\C3\88ur Telekommunikation und Post,C=DE
-notBefore=Jan 21 16:04:53 1999 GMT
-notAfter=Jan 21 16:04:53 2004 GMT
-subject= CN=4R-CA 1:PN+0.2.262.1.10.7.20=#130131,O=Regulierungsbeh\C3\88orde f\C3\88ur Telekommunikation und Post,C=DE
------BEGIN CERTIFICATE-----
-MIICZzCCAdOgAwIBAgIEOwVn1DAKBgYrJAMDAQIFADBvMQswCQYDVQQGEwJERTE9
-MDsGA1UEChQ0UmVndWxpZXJ1bmdzYmVoyG9yZGUgZsh1ciBUZWxla29tbXVuaWth
-dGlvbiB1bmQgUG9zdDEhMAwGBwKCBgEKBxQTATEwEQYDVQQDFAo0Ui1DQSAxOlBO
-MCIYDzE5OTkwMTIxMTYwNDUzWhgPMjAwNDAxMjExNjA0NTNaMG8xCzAJBgNVBAYT
-AkRFMT0wOwYDVQQKFDRSZWd1bGllcnVuZ3NiZWjIb3JkZSBmyHVyIFRlbGVrb21t
-dW5pa2F0aW9uIHVuZCBQb3N0MSEwDAYHAoIGAQoHFBMBMTARBgNVBAMUCjRSLUNB
-IDE6UE4wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGAjzHbq2asUlqeWbXTQHso
-aVF6YIPVH3c/B2cbuy9HJ/lnE6x0asOzM2DGDqi47xkdAxPc0LZ0fxO87rkmz7xs
-jJObnVrMXpyUSDSp5Y0wqKJdsFdr6mGFOQZteIti8AJnr8xMkwnWVyuOlEXsFe1h
-5gxwQXrOcPinE6qu1t/3PmECBMAAAAGjEjAQMA4GA1UdDwEB/wQEAwIBBjAKBgYr
-JAMDAQIFAAOBgQA+RdocBmA2VV9E5aKPBcp01tdZAvvW9Tve3docArVKR/4/yvSX
-Z+wvzzk+uu4qBp49HN3nqPYMrzbTmjBFu4ce5fkZ7dHF0W1sSBL0rox5z36Aq2re
-JjfEOEmSnNe0+opuh4FSVOssXblXTE8lEQU0FhhItgDx2ADnWZibaxLG4w==
------END CERTIFICATE-----
diff --git a/certs/expired/factory.pem b/certs/expired/factory.pem
deleted file mode 100644
index 8e28b391b2..0000000000
--- a/certs/expired/factory.pem
+++ /dev/null
@@ -1,15 +0,0 @@
------BEGIN CERTIFICATE-----
-MIICTTCCAbagAwIBAgIBADANBgkqhkiG9w0BAQQFADBMMQswCQYDVQQGEwJHQjEM
-MAoGA1UEChMDVUNMMRgwFgYDVQQLEw9JQ0UtVEVMIFByb2plY3QxFTATBgNVBAMT
-DFRydXN0RmFjdG9yeTAeFw05NzA0MjIxNDM5MTRaFw05ODA0MjIxNDM5MTRaMEwx
-CzAJBgNVBAYTAkdCMQwwCgYDVQQKEwNVQ0wxGDAWBgNVBAsTD0lDRS1URUwgUHJv
-amVjdDEVMBMGA1UEAxMMVHJ1c3RGYWN0b3J5MIGcMAoGBFUIAQECAgQAA4GNADCB
-iQKBgQCEieR8NcXkUW1f0G6aC6u0i8q/98JqS6RxK5YmHIGKCkuTWAUjzLfUa4dt
-U9igGCjTuxaDqlzEim+t/02pmiBZT9HaX++35MjQPUWmsChcYU5WyzGErXi+rQaw
-zlwS73zM8qiPj/97lXYycWhgL0VaiDSPxRXEUdWoaGruom4mNQIDAQABo0IwQDAd
-BgNVHQ4EFgQUHal1LZr7oVg5z6lYzrhTgZRCmcUwDgYDVR0PAQH/BAQDAgH2MA8G
-A1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAfaggfl6FZoioecjv0dq8
-/DXo/u11iMZvXn08gjX/zl2b4wtPbShOSY5FhkSm8GeySasz+/Nwb/uzfnIhokWi
-lfPZHtlCWtXbIy/TN51eJyq04ceDCQDWvLC2enVg9KB+GJ34b5c5VaPRzq8MBxsA
-S7ELuYGtmYgYm9NZOIr7yU0=
------END CERTIFICATE-----
diff --git a/certs/expired/rsa-cca.pem b/certs/expired/rsa-cca.pem
deleted file mode 100644
index 69f5c1c84c..0000000000
--- a/certs/expired/rsa-cca.pem
+++ /dev/null
@@ -1,19 +0,0 @@
-subject=/C=US/O=RSA Data Security, Inc./OU=Commercial Certification Authority
-issuer= /C=US/O=RSA Data Security, Inc./OU=Commercial Certification Authority
-notBefore=941104185834Z
-notAfter =991103185834Z
------BEGIN X509 CERTIFICATE-----
-
-MIICIzCCAZACBQJBAAAWMA0GCSqGSIb3DQEBAgUAMFwxCzAJBgNVBAYTAlVTMSAw
-HgYDVQQKExdSU0EgRGF0YSBTZWN1cml0eSwgSW5jLjErMCkGA1UECxMiQ29tbWVy
-Y2lhbCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NDExMDQxODU4MzRaFw05
-OTExMDMxODU4MzRaMFwxCzAJBgNVBAYTAlVTMSAwHgYDVQQKExdSU0EgRGF0YSBT
-ZWN1cml0eSwgSW5jLjErMCkGA1UECxMiQ29tbWVyY2lhbCBDZXJ0aWZpY2F0aW9u
-IEF1dGhvcml0eTCBmzANBgkqhkiG9w0BAQEFAAOBiQAwgYUCfgCk+4Fie84QJ93o
-975sbsZwmdu41QUDaSiCnHJ/lj+O7Kwpkj+KFPhCdr69XQO5kNTQvAayUTNfxMK/
-touPmbZiImDd298ggrTKoi8tUO2UMt7gVY3UaOLgTNLNBRYulWZcYVI4HlGogqHE
-7yXpCuaLK44xZtn42f29O2nZ6wIDAQABMA0GCSqGSIb3DQEBAgUAA34AdrW2EP4j
-9/dZYkuwX5zBaLxJu7NJbyFHXSudVMQAKD+YufKKg5tgf+tQx6sFEC097TgCwaVI
-0v5loMC86qYjFmZsGySp8+x5NRhPJsjjr1BKx6cxa9B8GJ1Qv6km+iYrRpwUqbtb
-MJhCKLVLU7tDCZJAuqiqWqTGtotXTcU=
------END X509 CERTIFICATE-----
diff --git a/certs/expired/rsa-ssca.pem b/certs/expired/rsa-ssca.pem
deleted file mode 100644
index c9403212d1..0000000000
--- a/certs/expired/rsa-ssca.pem
+++ /dev/null
@@ -1,19 +0,0 @@
-subject=/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority
-issuer= /C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority
-notBefore=941109235417Z
-notAfter =991231235417Z
------BEGIN X509 CERTIFICATE-----
-
-MIICKTCCAZYCBQJBAAABMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMSAw
-HgYDVQQKExdSU0EgRGF0YSBTZWN1cml0eSwgSW5jLjEuMCwGA1UECxMlU2VjdXJl
-IFNlcnZlciBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NDExMDkyMzU0MTda
-Fw05OTEyMzEyMzU0MTdaMF8xCzAJBgNVBAYTAlVTMSAwHgYDVQQKExdSU0EgRGF0
-YSBTZWN1cml0eSwgSW5jLjEuMCwGA1UECxMlU2VjdXJlIFNlcnZlciBDZXJ0aWZp
-Y2F0aW9uIEF1dGhvcml0eTCBmzANBgkqhkiG9w0BAQEFAAOBiQAwgYUCfgCSznrB
-roM+WqqJg1esJQF2DK2ujiw3zus1eGRUA+WEQFHJv48I4oqCCNIWhjdV6bEhAq12
-aIGaBaJLyUslZiJWbIgHj/eBWW2EB2VwE3F2Ppt3TONQiVaYSLkdpykaEy5KEVmc
-HhXVSVQsczppgrGXOZxtcGdI5d0t1sgeewIDAQABMA0GCSqGSIb3DQEBAgUAA34A
-iNHReSHO4ovo+MF9NFM/YYPZtgs4F7boviGNjwC4i1N+RGceIr2XJ+CchcxK9oU7
-suK+ktPlDemvXA4MRpX/oRxePug2WHpzpgr4IhFrwwk4fia7c+8AvQKk8xQNMD9h
-cHsg/jKjn7P0Z1LctO6EjJY2IN6BCINxIYoPnqk=
------END X509 CERTIFICATE-----
diff --git a/certs/expired/vsign2.pem b/certs/expired/vsign2.pem
deleted file mode 100644
index d8bdd8c812..0000000000
--- a/certs/expired/vsign2.pem
+++ /dev/null
@@ -1,18 +0,0 @@
-subject=/C=US/O=VeriSign, Inc./OU=Class 2 Public Primary Certification Authority
-notBefore=Jan 29 00:00:00 1996 GMT
-notAfter=Jan  7 23:59:59 2004 GMT
------BEGIN CERTIFICATE-----
-MIICPTCCAaYCEQC6WslMBTuS1qe2307QU5INMA0GCSqGSIb3DQEBAgUAMF8xCzAJ
-BgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xh
-c3MgMiBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05
-NjAxMjkwMDAwMDBaFw0wNDAxMDcyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRcwFQYD
-VQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMiBQdWJsaWMgUHJp
-bWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCBnzANBgkqhkiG9w0BAQEFAAOB
-jQAwgYkCgYEAtlqLow1qI4OAa885h/QhEzMGTCWi7VUSl8WngLn6g8EgoPovFQ18
-oWBrfnks+gYPOq72G2+x0v8vKFJfg31LxHq3+GYfgFT8t8KOWUoUV0bRmpO+QZED
-uxWAk1zr58wIbD8+s0r8/0tsI9VQgiZEGY4jw3HqGSRHBJ51v8imAB8CAwEAATAN
-BgkqhkiG9w0BAQIFAAOBgQC2AB+TV6QHp0DOZUA/VV7t7/pUSaUw1iF8YYfug5ML
-v7Qz8pisnwa/TqjOFIFMywROWMPPX+5815pvy0GKt3+BuP+EYcYnQ2UdDOyxAArd
-G6S7x3ggKLKi3TaVLuFUT79guXdoEZkj6OpS6KoATmdOu5C1RZtG644W78QzWzM9
-1Q==
------END CERTIFICATE-----
diff --git a/certs/expired/vsign3.pem b/certs/expired/vsign3.pem
deleted file mode 100644
index aa5bb4c1f3..0000000000
--- a/certs/expired/vsign3.pem
+++ /dev/null
@@ -1,18 +0,0 @@
-subject=/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
-notBefore=Jan 29 00:00:00 1996 GMT
-notAfter=Jan  7 23:59:59 2004 GMT
------BEGIN CERTIFICATE-----
-MIICPTCCAaYCEQDknv3zOugOz6URPhmkJAIyMA0GCSqGSIb3DQEBAgUAMF8xCzAJ
-BgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xh
-c3MgMyBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05
-NjAxMjkwMDAwMDBaFw0wNDAxMDcyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRcwFQYD
-VQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMyBQdWJsaWMgUHJp
-bWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCBnzANBgkqhkiG9w0BAQEFAAOB
-jQAwgYkCgYEAyVxZnvIbigEUtBDfBEDb41evakVAj4QMC9Ez2dkRz+4CWB8l9yqo
-RAWq7AMfeH+ek7maAKojfdashaJjRcdyJ8z0TMZ1cdI5709C8HXfCpDGjiBvmA/4
-rCNfcCk2pMmG57GaIMtTpYXnPb59mv4kRTPcdhXtD6JxZExlLoFoRacCAwEAATAN
-BgkqhkiG9w0BAQIFAAOBgQBhcOwvP579K+ZoVCGwZ3kIDCCWMYoNer62Jt95LCJp
-STbjl3diYaIy13pUITa6Ask05yXaRDWw0lyAXbOU+Pms7qRgdSoflUkjsUp89LNH
-ciFbfperVKxi513srpvSybIk+4Kt6WcVS7qqpvCXoPawl1cAyAw8CaCCBLpB2veZ
-pA==
------END CERTIFICATE-----
diff --git a/certs/thawteCb.pem b/certs/thawteCb.pem
deleted file mode 100644
index 27df192f0d..0000000000
--- a/certs/thawteCb.pem
+++ /dev/null
@@ -1,19 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDEzCCAnygAwIBAgIBATANBgkqhkiG9w0BAQQFADCBxDELMAkGA1UEBhMCWkEx
-FTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMR0wGwYD
-VQQKExRUaGF3dGUgQ29uc3VsdGluZyBjYzEoMCYGA1UECxMfQ2VydGlmaWNhdGlv
-biBTZXJ2aWNlcyBEaXZpc2lvbjEZMBcGA1UEAxMQVGhhd3RlIFNlcnZlciBDQTEm
-MCQGCSqGSIb3DQEJARYXc2VydmVyLWNlcnRzQHRoYXd0ZS5jb20wHhcNOTYwODAx
-MDAwMDAwWhcNMjAxMjMxMjM1OTU5WjCBxDELMAkGA1UEBhMCWkExFTATBgNVBAgT
-DFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMR0wGwYDVQQKExRUaGF3
-dGUgQ29uc3VsdGluZyBjYzEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNl
-cyBEaXZpc2lvbjEZMBcGA1UEAxMQVGhhd3RlIFNlcnZlciBDQTEmMCQGCSqGSIb3
-DQEJARYXc2VydmVyLWNlcnRzQHRoYXd0ZS5jb20wgZ8wDQYJKoZIhvcNAQEBBQAD
-gY0AMIGJAoGBANOkUG7I/1Zr5s9dtuoMaHVHoqrC2oQl/Kj0R1HahbUgdJSGHg91
-yekIYfUGbTBuFRkC6VLAYttNmZ7iagxEOM3+vuNkCXDF/rFrKbYvScg71CcEJRCX
-L+eQbcAoQpnXTEPew/UhbVSfXcNY4cDk2VuwuNy0e982OsK1ZiIS1ocNAgMBAAGj
-EzARMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAB/pMaVz7lcxG
-7oWDTSEwjsrZqG9JGubaUeNgcGyEYRGhGshIPllDfU+VPaGLtwtimHp1it2ITk6e
-QNuozDJ0uW8NxuOzRAvZim+aKZuZGCg70eNAKJpaPNW15yAbi8qkq43pUdniTCxZ
-qdq5snUb9kLy78fyGPmJvKP/iiMucEc=
------END CERTIFICATE-----
diff --git a/certs/thawteCp.pem b/certs/thawteCp.pem
deleted file mode 100644
index 51285e33c2..0000000000
--- a/certs/thawteCp.pem
+++ /dev/null
@@ -1,19 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDJzCCApCgAwIBAgIBATANBgkqhkiG9w0BAQQFADCBzjELMAkGA1UEBhMCWkEx
-FTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMR0wGwYD
-VQQKExRUaGF3dGUgQ29uc3VsdGluZyBjYzEoMCYGA1UECxMfQ2VydGlmaWNhdGlv
-biBTZXJ2aWNlcyBEaXZpc2lvbjEhMB8GA1UEAxMYVGhhd3RlIFByZW1pdW0gU2Vy
-dmVyIENBMSgwJgYJKoZIhvcNAQkBFhlwcmVtaXVtLXNlcnZlckB0aGF3dGUuY29t
-MB4XDTk2MDgwMTAwMDAwMFoXDTIwMTIzMTIzNTk1OVowgc4xCzAJBgNVBAYTAlpB
-MRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEdMBsG
-A1UEChMUVGhhd3RlIENvbnN1bHRpbmcgY2MxKDAmBgNVBAsTH0NlcnRpZmljYXRp
-b24gU2VydmljZXMgRGl2aXNpb24xITAfBgNVBAMTGFRoYXd0ZSBQcmVtaXVtIFNl
-cnZlciBDQTEoMCYGCSqGSIb3DQEJARYZcHJlbWl1bS1zZXJ2ZXJAdGhhd3RlLmNv
-bTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA0jY2aovXwlue2oFBYo847kkE
-VdbQ7xwblRZH7xhINTpS9CtqBo87L+pW46+GjZ4X9560ZXUCTe/LCaIhUdib0GfQ
-ug2SBhRz1JPLlyoAnFxODLz6FVL88kRu2hFKbgifLy3j+ao6hnO2RlNYyIkFvYMR
-uHM/qgeN9EJN50CdHDcCAwEAAaMTMBEwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG
-9w0BAQQFAAOBgQAmSCwWwlj66BZ0DKqqX1Q/8tfJeGBeXm43YyJ3Nn6yF8Q0ufUI
-hfzJATj/Tb7yFkJD57taRvvBxhEf8UqwKEbJw8RCfbz6q1lu1bdRiBHjpIUZa4JM
-pAwSremkrj/xw0llmozFyD4lt5SZu5IycQfwhl7tUCemDaYj+bvLpgcUQg==
------END CERTIFICATE-----
diff --git a/certs/vsign1.pem b/certs/vsign1.pem
deleted file mode 100644
index 277894d1ff..0000000000
--- a/certs/vsign1.pem
+++ /dev/null
@@ -1,17 +0,0 @@
-subject=/C=US/O=VeriSign, Inc./OU=Class 1 Public Primary Certification Authority
-notBefore=Jan 29 00:00:00 1996 GMT
-notAfter=Jan  7 23:59:59 2020 GMT
------BEGIN CERTIFICATE-----
-MIICPDCCAaUCEDJQM89Q0VbzXIGtZVxPyCUwDQYJKoZIhvcNAQECBQAwXzELMAkG
-A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFz
-cyAxIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2
-MDEyOTAwMDAwMFoXDTIwMDEwNzIzNTk1OVowXzELMAkGA1UEBhMCVVMxFzAVBgNV
-BAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAxIFB1YmxpYyBQcmlt
-YXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGfMA0GCSqGSIb3DQEBAQUAA4GN
-ADCBiQKBgQDlGb9to1ZhLZlIcfZn3rmN67eehoAKkQ76OCWvRoiC5XOooJskXQ0f
-zGVuDLDQVoQYh5oGmxChc9+0WDlrbsH2FdWoqD+qEgaNMax/sDTXjzRniAnNFBHi
-TkVWaR94AoDa3EeRKbs2yWNcxeDXLYd7obcysHswuiovMaruo2fa2wIDAQABMA0G
-CSqGSIb3DQEBAgUAA4GBAEtEZmBoZOSYG/OwcuaViXzde7OVwB0u2NgZ0C00PcZQ
-mhCGjKo/O6gE/DdSlcPZydvN8oYGxLEb8IKIMEKOF1AcZHq4PplJdJf8rAJD+5YM
-VgQlDHx8h50kp9jwMim1pN9dokzFFjKoQvZFprY2ueC/ZTaTwtLXa9zeWdaiNfhF
------END CERTIFICATE-----
diff --git a/certs/vsign3.pem b/certs/vsign3.pem
deleted file mode 100644
index 4b8c0251cb..0000000000
--- a/certs/vsign3.pem
+++ /dev/null
@@ -1,17 +0,0 @@
-subject=/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
-notBefore=Jan 29 00:00:00 1996 GMT
-notAfter=Aug  1 23:59:59 2028 GMT
------BEGIN CERTIFICATE-----
-MIICPDCCAaUCEHC65B0Q2Sk0tjjKewPMur8wDQYJKoZIhvcNAQECBQAwXzELMAkG
-A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFz
-cyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2
-MDEyOTAwMDAwMFoXDTI4MDgwMTIzNTk1OVowXzELMAkGA1UEBhMCVVMxFzAVBgNV
-BAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAzIFB1YmxpYyBQcmlt
-YXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGfMA0GCSqGSIb3DQEBAQUAA4GN
-ADCBiQKBgQDJXFme8huKARS0EN8EQNvjV69qRUCPhAwL0TPZ2RHP7gJYHyX3KqhE
-BarsAx94f56TuZoAqiN91qyFomNFx3InzPRMxnVx0jnvT0Lwdd8KkMaOIG+YD/is
-I19wKTakyYbnsZogy1Olhec9vn2a/iRFM9x2Fe0PonFkTGUugWhFpwIDAQABMA0G
-CSqGSIb3DQEBAgUAA4GBALtMEivPLCYATxQT3ab7/AoRhIzzKBxnki98tsX63/Do
-lbwdj2wsqFHMc9ikwFPwTtYmwHYBV4GSXiHx0bH/59AhWM1pF+NEHJwZRDmJXNyc
-AA9WjQKZ7aKQRUzkuxCkPfAyAw7xzvjoyVGM5mKf5p/AfbdynMk2OmufTqj/ZA1k
------END CERTIFICATE-----
diff --git a/certs/vsignss.pem b/certs/vsignss.pem
deleted file mode 100644
index 5de48bfcf9..0000000000
--- a/certs/vsignss.pem
+++ /dev/null
@@ -1,17 +0,0 @@
-subject=/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority
-notBefore=Nov  9 00:00:00 1994 GMT
-notAfter=Jan  7 23:59:59 2010 GMT
------BEGIN CERTIFICATE-----
-MIICNDCCAaECEAKtZn5ORf5eV288mBle3cAwDQYJKoZIhvcNAQECBQAwXzELMAkG
-A1UEBhMCVVMxIDAeBgNVBAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYD
-VQQLEyVTZWN1cmUgU2VydmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk0
-MTEwOTAwMDAwMFoXDTEwMDEwNzIzNTk1OVowXzELMAkGA1UEBhMCVVMxIDAeBgNV
-BAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYDVQQLEyVTZWN1cmUgU2Vy
-dmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGbMA0GCSqGSIb3DQEBAQUAA4GJ
-ADCBhQJ+AJLOesGugz5aqomDV6wlAXYMra6OLDfO6zV4ZFQD5YRAUcm/jwjiioII
-0haGN1XpsSECrXZogZoFokvJSyVmIlZsiAeP94FZbYQHZXATcXY+m3dM41CJVphI
-uR2nKRoTLkoRWZweFdVJVCxzOmmCsZc5nG1wZ0jl3S3WyB57AgMBAAEwDQYJKoZI
-hvcNAQECBQADfgBl3X7hsuyw4jrg7HFGmhkRuNPHoLQDQCYCPgmc4RKz0Vr2N6W3
-YQO2WxZpO8ZECAyIUwxrl0nHPjXcbLm7qt9cuzovk2C2qUtN8iD3zV9/ZHuO3ABc
-1/p3yjkWWW8O6tO1g39NTUJWdrTJXwT4OPjr0l91X817/OWOgHz8UA==
------END CERTIFICATE-----
diff --git a/certs/wellsfgo.pem b/certs/wellsfgo.pem
deleted file mode 100644
index 2ba88cdda7..0000000000
--- a/certs/wellsfgo.pem
+++ /dev/null
@@ -1,23 +0,0 @@
------BEGIN CERTIFICATE-----
-MIID5TCCAs2gAwIBAgIEOeSXnjANBgkqhkiG9w0BAQUFADCBgjELMAkGA1UEBhMC
-VVMxFDASBgNVBAoTC1dlbGxzIEZhcmdvMSwwKgYDVQQLEyNXZWxscyBGYXJnbyBD
-ZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEvMC0GA1UEAxMmV2VsbHMgRmFyZ28gUm9v
-dCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwHhcNMDAxMDExMTY0MTI4WhcNMjEwMTE0
-MTY0MTI4WjCBgjELMAkGA1UEBhMCVVMxFDASBgNVBAoTC1dlbGxzIEZhcmdvMSww
-KgYDVQQLEyNXZWxscyBGYXJnbyBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEvMC0G
-A1UEAxMmV2VsbHMgRmFyZ28gUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwggEi
-MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVqDM7Jvk0/82bfuUER84A4n13
-5zHCLielTWi5MbqNQ1mXx3Oqfz1cQJ4F5aHiidlMuD+b+Qy0yGIZLEWukR5zcUHE
-SxP9cMIlrCL1dQu3U+SlK93OvRw6esP3E48mVJwWa2uv+9iWsWCaSOAlIiR5NM4O
-JgALTqv9i86C1y8IcGjBqAr5dE8Hq6T54oN+J3N0Prj5OEL8pahbSCOz6+MlsoCu
-ltQKnMJ4msZoGK43YjdeUXWoWGPAUe5AeH6orxqg4bB4nVCMe+ez/I4jsNtlAHCE
-AQgAFG5Uhpq6zPk3EPbg3oQtnaSFN9OH4xXQwReQfhkhahKpdv0SAulPIV4XAgMB
-AAGjYTBfMA8GA1UdEwEB/wQFMAMBAf8wTAYDVR0gBEUwQzBBBgtghkgBhvt7hwcB
-CzAyMDAGCCsGAQUFBwIBFiRodHRwOi8vd3d3LndlbGxzZmFyZ28uY29tL2NlcnRw
-b2xpY3kwDQYJKoZIhvcNAQEFBQADggEBANIn3ZwKdyu7IvICtUpKkfnRLb7kuxpo
-7w6kAOnu5+/u9vnldKTC2FJYxHT7zmu1Oyl5GFrvm+0fazbuSCUlFLZWohDo7qd/
-0D+j0MNdJu4HzMPBJCGHHt8qElNvQRbn7a6U+oxy+hNH8Dx+rn0ROhPs7fpvcmR7
-nX1/Jv16+yWt6j4pf0zjAFcysLPp7VMX2YuyFA4w6OXVE8Zkr8QA1dhYJPz1j+zx
-x32l2w8n0cbyQIjmH/ZhqPRCyLk306m+LFZ4wnKbWV01QIroTmMatukgalHizqSQ
-33ZwmVxwQ023tqcZZE6St8WRPH9IFmV7Fv3L/PvZ1dZPIWU7Sn9Ho/s=
------END CERTIFICATE-----
diff --git a/config b/config
index 711af61541..98729827c8 100755
--- a/config
+++ b/config
@@ -48,10 +48,10 @@ done
 
 # First get uname entries that we use below
 
-MACHINE=`(uname -m) 2>/dev/null` || MACHINE="unknown"
-RELEASE=`(uname -r) 2>/dev/null` || RELEASE="unknown"
-SYSTEM=`(uname -s) 2>/dev/null`  || SYSTEM="unknown"
-VERSION=`(uname -v) 2>/dev/null` || VERSION="unknown"
+[ "$MACHINE" ] || MACHINE=`(uname -m) 2>/dev/null` || MACHINE="unknown"
+[ "$RELEASE" ] || RELEASE=`(uname -r) 2>/dev/null` || RELEASE="unknown"
+[ "$SYSTEM" ] || SYSTEM=`(uname -s) 2>/dev/null`  || SYSTEM="unknown"
+[ "$BUILD" ] || VERSION=`(uname -v) 2>/dev/null` || VERSION="unknown"
 
 
 # Now test for ISC and SCO, since it is has a braindamaged uname.
@@ -84,7 +84,7 @@ if [ "x$XREL" != "x" ]; then
 	    4.2)
 		echo "whatever-whatever-unixware1"; exit 0
 		;;
-	    5)
+	    5*)
 		case "x${VERSION}" in
 		    # We hardcode i586 in place of ${MACHINE} for the
 		    # following reason. The catch is that even though Pentium
@@ -93,8 +93,7 @@ if [ "x$XREL" != "x" ]; then
 		    # with i386 is that it makes ./config pass 386 to
 		    # ./Configure, which in turn makes make generate
 		    # inefficient SHA-1 (for this moment) code.
-		    x7*)  echo "i586-sco-unixware7";           exit 0 ;;
-		    x8*)  echo "i586-unkn-OpenUNIX${VERSION}"; exit 0 ;;
+		    x[678]*)  echo "i586-sco-unixware7"; exit 0 ;;
 		esac
 		;;
 	esac
@@ -123,6 +122,14 @@ case "${SYSTEM}:${RELEASE}:${VERSION}:${MACHINE}" in
 	echo "${MACHINE}-ibm-aix3"; exit 0
 	;;
 
+    BeOS:*:BePC)
+    if [ -e /boot/develop/headers/be/bone ]; then
+		echo "beos-x86-bone"; exit 0
+	else
+		echo "beos-x86-r5"; exit 0
+	fi
+	;;
+
     dgux:*)
 	echo "${MACHINE}-dg-dgux"; exit 0
 	;;
@@ -271,7 +278,7 @@ case "${SYSTEM}:${RELEASE}:${VERSION}:${MACHINE}" in
 		echo "ppc-apple-darwin${VERSION}"
 		;;
 	    *)
-		echo "i386-apple-darwin${VERSION}"
+		echo "i686-apple-darwin${VERSION}"
 		;;
 	esac
 	exit 0
@@ -337,6 +344,9 @@ case "${SYSTEM}:${RELEASE}:${VERSION}:${MACHINE}" in
 	echo "mips-sony-newsos4"; exit 0;
 	;;
 
+    MINGW*)
+	echo "${MACHINE}-whatever-mingw"; exit 0;
+	;;
     CYGWIN*)
 	case "$RELEASE" in
 	    [bB]*|1.0|1.[12].*)
@@ -397,21 +407,27 @@ exit 0
 # this is where the translation occurs into SSLeay terms
 # ---------------------------------------------------------------------------
 
-# figure out if gcc is available and if so we use it otherwise
-# we fallback to whatever cc does on the system
 GCCVER=`(gcc -dumpversion) 2>/dev/null`
 if [ "$GCCVER" != "" ]; then
-  CC=gcc
   # then strip off whatever prefix egcs prepends the number with...
   # Hopefully, this will work for any future prefixes as well.
-  GCCVER=`echo $GCCVER | sed 's/^[a-zA-Z]*\-//'`
+  GCCVER=`echo $GCCVER | LC_ALL=C sed 's/^[a-zA-Z]*\-//'`
   # Since gcc 3.1 gcc --version behaviour has changed.  gcc -dumpversion
   # does give us what we want though, so we use that.  We just just the
   # major and minor version numbers.
   # peak single digit before and after first dot, e.g. 2.95.1 gives 29
   GCCVER=`echo $GCCVER | sed 's/\([0-9]\)\.\([0-9]\).*/\1\2/'`
-else
-  CC=cc
+fi
+
+# Only set CC if not supplied already
+if [ -z "$CC" ]; then
+# figure out if gcc is available and if so we use it otherwise
+# we fallback to whatever cc does on the system
+  if [ "$GCCVER" != "" ]; then
+    CC=gcc
+  else
+    CC=cc
+  fi
 fi
 GCCVER=${GCCVER:-0}
 if [ "$SYSTEM" = "HP-UX" ];then
@@ -442,15 +458,13 @@ if [ "$SYSTEM" = "SunOS" ]; then
   	egrep -e '^cc: .* C [0-9]\.[0-9]' | \
 	sed 's/.* C \([0-9]\)\.\([0-9]\).*/\1\2/'`
   CCVER=${CCVER:-0}
-  if [ $CCVER -gt 40 ]; then
+  if [ $MACHINE != i86pc -a $CCVER -gt 40 ]; then
     CC=cc	# overrides gcc!!!
     if [ $CCVER -eq 50 ]; then
       echo "WARNING! Detected WorkShop C 5.0. Do make sure you have"
       echo "         patch #107357-01 or later applied."
       sleep 5
     fi
-  elif [ "$CC" = "cc" -a $CCVER -gt 0 ]; then
-    CC=sc3
   fi
 fi
 
@@ -482,6 +496,12 @@ echo Operating system: $GUESSOS
 # script above so we end up with values in vars but that would take
 # more time that I want to waste at the moment
 case "$GUESSOS" in
+  uClinux*64*)
+    OUT=uClinux-dist64
+	;;
+  uClinux*)
+    OUT=uClinux-dist
+	;;
   mips2-sgi-irix)
 	CPU=`(hinv -t cpu) 2>/dev/null | head -1 | sed 's/^CPU:[^R]*R\([0-9]*\).*/\1/'`
 	CPU=${CPU:-0}
@@ -517,8 +537,28 @@ case "$GUESSOS" in
 	OUT="irix-mips3-$CC"
 	;;
   ppc-apple-rhapsody) OUT="rhapsody-ppc-cc" ;;
-  ppc-apple-darwin*) OUT="darwin-ppc-cc" ;;
-  i386-apple-darwin*) OUT="darwin-i386-cc" ;;
+  ppc-apple-darwin*)
+	ISA64=`(sysctl -n hw.optional.64bitops) 2>/dev/null`
+	if [ "$ISA64" = "1" ]; then
+	    echo "WARNING! If you wish to build 64-bit library, then you have to"
+	    echo "         invoke './Configure darwin64-ppc-cc' *manually*."
+	    if [ "$TEST" = "false" -a -t 1 ]; then
+	      echo "         You have about 5 seconds to press Ctrl-C to abort."
+	      (trap "stty `stty -g`" 2 0; stty -icanon min 0 time 50; read waste) <&1
+	    fi
+	fi
+	OUT="darwin-ppc-cc" ;;
+  i?86-apple-darwin*)
+	ISA64=`(sysctl -n hw.optional.x86_64) 2>/dev/null`
+	if [ "$ISA64" = "1" ]; then
+	    echo "WARNING! If you wish to build 64-bit library, then you have to"
+	    echo "         invoke './Configure darwin64-x86_64-cc' *manually*."
+	    if [ "$TEST" = "false" -a -t 1 ]; then
+	      echo "         You have about 5 seconds to press Ctrl-C to abort."
+	      (trap "stty `stty -g`" 2 0; stty -icanon min 0 time 50; read waste) <&1
+	    fi
+	fi
+	OUT="darwin-i386-cc" ;;
   alpha-*-linux2)
         ISA=`awk '/cpu model/{print$4;exit(0);}' /proc/cpuinfo`
 	case ${ISA:-generic} in
@@ -583,25 +623,29 @@ case "$GUESSOS" in
 
 	options="$options -DB_ENDIAN -mschedule=$CPUSCHEDULE -march=$CPUARCH"
 	OUT="linux-generic32" ;;
-  arm*b-*-linux2) OUT="linux-generic32"; options="$options -DB_ENDIAN" ;;
-  arm*l-*-linux2) OUT="linux-generic32"; options="$options -DL_ENDIAN" ;;
-  s390*-*-linux2) OUT="linux-generic32"; options="$options -DB_ENDIAN -DNO_ASM" ;;
+  armv[1-3]*-*-linux2) OUT="linux-generic32" ;;
+  arm*-*-linux2) OUT="linux-armv4" ;;
+  sh*b-*-linux2) OUT="linux-generic32"; options="$options -DB_ENDIAN" ;;
+  sh*-*-linux2)  OUT="linux-generic32"; options="$options -DL_ENDIAN" ;;
+  m68k*-*-linux2) OUT="linux-generic32"; options="$options -DB_ENDIAN" ;;
+  s390-*-linux2) OUT="linux-generic32"; options="$options -DB_ENDIAN" ;;
+  s390x-*-linux2) OUT="linux-s390x" ;;
   x86_64-*-linux?) OUT="linux-x86_64" ;;
   *86-*-linux2) OUT="linux-elf"
 	if [ "$GCCVER" -gt 28 ]; then
           if grep '^model.*Pentium' /proc/cpuinfo >/dev/null ; then
-	    options="$options -mcpu=pentium"
+	    options="$options -march=pentium"
           fi
           if grep '^model.*Pentium Pro' /proc/cpuinfo >/dev/null ; then
-	    options="$options -mcpu=pentiumpro"
+	    options="$options -march=pentiumpro"
           fi
           if grep '^model.*K6' /proc/cpuinfo >/dev/null ; then
-	    options="$options -mcpu=k6"
+	    options="$options -march=k6"
           fi
         fi ;;
   *-*-linux1) OUT="linux-aout" ;;
   *-*-linux2) OUT="linux-generic32" ;;
-  sun4u*-*-solaris2)
+  sun4[uv]*-*-solaris2)
 	OUT="solaris-sparcv9-$CC"
 	ISA64=`(isalist) 2>/dev/null | grep sparcv9`
 	if [ "$ISA64" != "" ]; then
@@ -638,33 +682,49 @@ case "$GUESSOS" in
   sun4m-*-solaris2)	OUT="solaris-sparcv8-$CC" ;;
   sun4d-*-solaris2)	OUT="solaris-sparcv8-$CC" ;;
   sun4*-*-solaris2)	OUT="solaris-sparcv7-$CC" ;;
-  *86*-*-solaris2)	OUT="solaris-x86-$CC" ;;
+  *86*-*-solaris2)
+	ISA64=`(isalist) 2>/dev/null | grep amd64`
+	if [ "$ISA64" != "" ]; then
+	    OUT="solaris64-x86_64-$CC"
+	else
+	    OUT="solaris-x86-$CC"
+	    if [ `uname -r | sed -e 's/5\.//'` -lt 10 ]; then
+		options="$options no-sse2"
+	    fi
+	fi
+	;;
   *-*-sunos4)		OUT="sunos-$CC" ;;
 
-  *86*-*-bsdi4)		OUT="bsdi-elf-gcc" ;;
-  alpha*-*-*bsd*)	OUT="BSD-generic64; options="$options -DL_ENDIAN" ;;
-  powerpc64-*-*bsd*)	OUT="BSD-generic64; options="$options -DB_ENDIAN" ;;
+  *86*-*-bsdi4)		OUT="BSD-x86-elf"; options="$options no-sse2 -ldl" ;;
+  alpha*-*-*bsd*)	OUT="BSD-generic64"; options="$options -DL_ENDIAN" ;;
+  powerpc64-*-*bsd*)	OUT="BSD-generic64"; options="$options -DB_ENDIAN" ;;
   sparc64-*-*bsd*)	OUT="BSD-sparc64" ;;
   ia64-*-*bsd*)		OUT="BSD-ia64" ;;
   amd64-*-*bsd*)	OUT="BSD-x86_64" ;;
-  *86*-*-*bsd*)		case "`(file -L /usr/lib/libc.so.*) 2>/dev/null`" in
+  *86*-*-*bsd*)		# mimic ld behaviour when it's looking for libc...
+			if [ -L /usr/lib/libc.so ]; then	# [Free|Net]BSD
+			    libc=/usr/lib/libc.so
+			else					# OpenBSD
+			    # ld searches for highest libc.so.* and so do we
+			    libc=`(ls /usr/lib/libc.so.* | tail -1) 2>/dev/null`
+			fi
+			case "`(file -L $libc) 2>/dev/null`" in
 			*ELF*)	OUT="BSD-x86-elf" ;;
-			*)	OUT="BSD-x86" ;;
+			*)	OUT="BSD-x86"; options="$options no-sse2" ;;
 			esac ;;
   *-*-*bsd*)		OUT="BSD-generic32" ;;
 
   *-*-osf)		OUT="osf1-alpha-cc" ;;
   *-*-tru64)		OUT="tru64-alpha-cc" ;;
-  *-*-OpenUNIX*)
+  *-*-[Uu]nix[Ww]are7)
 	if [ "$CC" = "gcc" ]; then
-	  OUT="OpenUNIX-8-gcc" 
+	  OUT="unixware-7-gcc" ; options="$options no-sse2"
 	else    
-	  OUT="OpenUNIX-8" 
+	  OUT="unixware-7" ; options="$options no-sse2 -D__i386__"
 	fi
 	;;
-  *-*-[Uu]nix[Ww]are7) OUT="unixware-7" ;;
-  *-*-[Uu]nix[Ww]are20*) OUT="unixware-2.0" ;;
-  *-*-[Uu]nix[Ww]are21*) OUT="unixware-2.1" ;;
+  *-*-[Uu]nix[Ww]are20*) OUT="unixware-2.0"; options="$options no-sse2 no-sha512" ;;
+  *-*-[Uu]nix[Ww]are21*) OUT="unixware-2.1"; options="$options no-sse2 no-sha512" ;;
   *-*-vos)
 	options="$options no-threads no-shared no-asm no-dso"
 	EXE=".pm"
@@ -701,9 +761,9 @@ case "$GUESSOS" in
 		fi
 	     fi
 	elif [ $CPU_VERSION -ge 528 ]; then	# PA-RISC 1.1+ CPU
-	     OUT="hpux-parisc-${CC}
+	     OUT="hpux-parisc-${CC}"
 	elif [ $CPU_VERSION -ge 523 ]; then	# PA-RISC 1.0 CPU
-	     OUT="hpux-parisc-${CC}
+	     OUT="hpux-parisc-${CC}"
 	else					# Motorola(?) CPU
 	     OUT="hpux-$CC"
 	fi
@@ -729,6 +789,11 @@ case "$GUESSOS" in
 		fi
 	    fi
 	fi
+	if (lsattr -E -O -l `lsdev -c processor|awk '{print$1;exit}'` | grep -i powerpc) >/dev/null 2>&1; then
+	    :	# this applies even to Power3 and later, as they return PowerPC_POWER[345]
+	else
+	    options="$options no-asm"
+	fi
 	;;
   # these are all covered by the catchall below
   # *-dgux) OUT="dgux" ;;
@@ -738,6 +803,9 @@ case "$GUESSOS" in
   t3e-cray-unicosmk) OUT="cray-t3e" ;;
   j90-cray-unicos) OUT="cray-j90" ;;
   nsr-tandem-nsk) OUT="tandem-c89" ;;
+  beos-*) OUT="$GUESSOS" ;;
+  x86pc-*-qnx6) OUT="QNX6-i386" ;;
+  *-*-qnx6) OUT="QNX6" ;;
   *) OUT=`echo $GUESSOS | awk -F- '{print $3}'`;;
 esac
 
@@ -753,7 +821,7 @@ esac
 #  options="$options -DATALLA"
 #fi
 
-# gcc < 2.8 does not support -mcpu=ultrasparc
+# gcc < 2.8 does not support -march=ultrasparc
 if [ "$OUT" = solaris-sparcv9-gcc -a $GCCVER -lt 28 ]
 then
   echo "WARNING! Falling down to 'solaris-sparcv8-gcc'."
@@ -773,7 +841,7 @@ case "$GUESSOS" in
   i386-*) options="$options 386" ;;
 esac
 
-for i in bf cast des dh dsa ec hmac idea md2 md5 mdc2 rc2 rc4 rc5 aes ripemd rsa sha
+for i in aes bf camellia cast des dh dsa ec hmac idea md2 md5 mdc2 rc2 rc4 rc5 ripemd rsa seed sha
 do
   if [ ! -d crypto/$i ]
   then
diff --git a/crypto/.cvsignore b/crypto/.cvsignore
index 6b86a0a8dc..337529eece 100644
--- a/crypto/.cvsignore
+++ b/crypto/.cvsignore
@@ -2,3 +2,7 @@ lib
 buildinf.h
 opensslconf.h
 Makefile.save
+*.flc
+semantic.cache
+*cpuid.s
+uplink-cof.s
diff --git a/crypto/LPdir_win.c b/crypto/LPdir_win.c
index 09b475beed..702dbc730f 100644
--- a/crypto/LPdir_win.c
+++ b/crypto/LPdir_win.c
@@ -54,8 +54,6 @@ struct LP_dir_context_st
 
 const char *LP_find_file(LP_DIR_CTX **ctx, const char *directory)
 {
-  struct dirent *direntry = NULL;
-
   if (ctx == NULL || directory == NULL)
     {
       errno = EINVAL;
diff --git a/crypto/Makefile.ssl b/crypto/Makefile.ssl
deleted file mode 100644
index bb9df4a642..0000000000
--- a/crypto/Makefile.ssl
+++ /dev/null
@@ -1,244 +0,0 @@
-#
-# SSLeay/crypto/Makefile
-#
-
-DIR=		crypto
-TOP=		..
-CC=		cc
-INCLUDE=	-I. -I$(TOP) -I../include
-INCLUDES=	-I.. -I../.. -I../../include
-CFLAG=		-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=	/usr/local/ssl
-MAKE=           make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=       Makefile.ssl
-RM=             rm -f
-AR=		ar r
-
-PEX_LIBS=
-EX_LIBS=
- 
-CFLAGS= $(INCLUDE) $(CFLAG)
-ASFLAGS= $(INCLUDE) $(ASFLAG)
-AFLAGS=$(ASFLAGS)
-
-LIBS=
-
-SDIRS=	objects \
-	md2 md4 md5 sha mdc2 hmac ripemd \
-	des rc2 rc4 rc5 idea bf cast \
-	bn ec rsa dsa ecdsa ecdh dh dso engine aes \
-	buffer bio stack lhash rand err \
-	evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5 \
-	store
-
-GENERAL=Makefile README crypto-lib.com install.com
-
-LIB= $(TOP)/libcrypto.a
-SHARED_LIB= libcrypto$(SHLIB_EXT)
-LIBSRC=	cryptlib.c mem.c mem_clr.c mem_dbg.c cversion.c ex_data.c tmdiff.c cpt_err.c ebcdic.c uid.c o_time.c o_str.c o_dir.c
-LIBOBJ= cryptlib.o mem.o mem_clr.o mem_dbg.o cversion.o ex_data.o tmdiff.o cpt_err.o ebcdic.o uid.o o_time.o o_str.o o_dir.o $(CPUID_OBJ)
-
-SRC= $(LIBSRC)
-
-EXHEADER= crypto.h tmdiff.h opensslv.h opensslconf.h ebcdic.h symhacks.h \
-	ossl_typ.h
-HEADER=	cryptlib.h buildinf.h md32_common.h o_time.h o_str.h o_dir.h $(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	@(cd ..; $(MAKE) DIRS=$(DIR) all)
-
-all: shared
-
-buildinf.h: ../Makefile.ssl
-	( echo "#ifndef MK1MF_BUILD"; \
-	echo '  /* auto-generated by crypto/Makefile.ssl for crypto/cversion.c */'; \
-	echo '  #define CFLAGS "$(CC) $(CFLAG)"'; \
-	echo '  #define PLATFORM "$(PLATFORM)"'; \
-	echo "  #define DATE \"`LC_ALL=C LC_TIME=C date`\""; \
-	echo '#endif' ) >buildinf.h
-
-x86cpuid-elf.s:	x86cpuid.pl perlasm/x86asm.pl
-	$(PERL) x86cpuid.pl elf $(CFLAGS) $(PROCESSOR) > $@
-x86cpuid-cof.s: x86cpuid.pl perlasm/x86asm.pl
-	$(PERL) x86cpuid.pl coff $(CFLAGS) $(PROCESSOR) > $@
-x86cpuid-out.s: x86cpuid.pl perlasm/x86asm.pl
-	$(PERL) x86cpuid.pl a.out $(CFLAGS) $(PROCESSOR) > $@
-
-amd64cpuid.s: amd64cpuid.pl
-	$(PERL) amd64cpuid.pl $@
-ia64cpuid.s: ia64cpuid.S
-	$(CC) $(CFLAGS) -E ia64cpuid.S > $@
-
-testapps:
-	if echo ${SDIRS} | fgrep ' des '; \
-	then cd des && $(MAKE) CC='$(CC)' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' des; fi
-	if echo ${SDIRS} | fgrep ' pkcs7 '; \
-	then cd pkcs7 && $(MAKE) CC='$(CC)' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' testapps; fi
-
-subdirs:
-	@for i in $(SDIRS) ;\
-	do \
-	(cd $$i && echo "making all in crypto/$$i..." && \
-	$(MAKE) -e INCLUDES='${INCLUDES}' all ) || exit 1; \
-	done;
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-	@for i in $(SDIRS) ;\
-	do \
-	(cd $$i && echo "making 'files' in crypto/$$i..." && \
-	$(MAKE) PERL='${PERL}' files ); \
-	done;
-
-links:
-	@sh $(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../apps $(APPS)
-	@sh $(TOP)/util/point.sh Makefile.ssl Makefile
-	@for i in $(SDIRS); do \
-	(cd $$i && echo "making links in crypto/$$i..." && \
-	$(MAKE) CC='$(CC)' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' AR='${AR}' PERL='${PERL}' links ); \
-	done;
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-shared: buildinf.h lib subdirs
-	if [ -n "$(SHARED_LIBS)" ]; then \
-		(cd ..; $(MAKE) $(SHARED_LIB)); \
-	fi
-
-libs:
-	@for i in $(SDIRS) ;\
-	do \
-	(cd $$i && echo "making libs in crypto/$$i..." && \
-	$(MAKE) CC='$(CC)' CFLAG='${CFLAG}' INSTALL_PREFIX='${INSTALL_PREFIX}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' AR='${AR}' lib ); \
-	done;
-
-tests:
-	@for i in $(SDIRS) ;\
-	do \
-	(cd $$i && echo "making tests in crypto/$$i..." && \
-	$(MAKE) CC='$(CC)' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' AR='${AR}' tests ); \
-	done;
-
-install:
-	@headerlist="$(EXHEADER)"; for i in $$headerlist ;\
-	do \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-	@for i in $(SDIRS) ;\
-	do \
-	(cd $$i && echo "making install in crypto/$$i..." && \
-	$(MAKE) CC='$(CC)' CFLAG='${CFLAG}' INSTALL_PREFIX='${INSTALL_PREFIX}'  INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' install ); \
-	done;
-
-lint:
-	@for i in $(SDIRS) ;\
-	do \
-	(cd $$i && echo "making lint in crypto/$$i..." && \
-	$(MAKE) CC='$(CC)' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' lint ); \
-	done;
-
-depend:
-	if [ ! -f buildinf.h ]; then touch buildinf.h; fi # fake buildinf.h if it does not exist
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDE) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-	if [ ! -s buildinf.h ]; then rm buildinf.h; fi
-	@for i in $(SDIRS) ;\
-	do \
-	(cd $$i && echo "making depend in crypto/$$i..." && \
-	$(MAKE) MAKEFILE='${MAKEFILE}' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' DEPFLAG='${DEPFLAG}' MAKEDEPPROG='${MAKEDEPPROG}' KRB5_INCLUDES='${KRB5_INCLUDES}' PERL='${PERL}' depend ); \
-	done;
-
-clean:
-	rm -f buildinf.h *.s *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-	@for i in $(SDIRS) ;\
-	do \
-	(cd $$i && echo "making clean in crypto/$$i..." && \
-	$(MAKE) CC='$(CC)' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' clean ); \
-	done;
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-	@for i in $(SDIRS) ;\
-	do \
-	(cd $$i && echo "making dclean in crypto/$$i..." && \
-	$(MAKE) PERL='${PERL}' CC='$(CC)' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' dclean ); \
-	done;
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-cpt_err.o: ../include/openssl/bio.h ../include/openssl/crypto.h
-cpt_err.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-cpt_err.o: ../include/openssl/lhash.h ../include/openssl/opensslconf.h
-cpt_err.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-cpt_err.o: ../include/openssl/safestack.h ../include/openssl/stack.h
-cpt_err.o: ../include/openssl/symhacks.h cpt_err.c
-cryptlib.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h
-cryptlib.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-cryptlib.o: ../include/openssl/err.h ../include/openssl/lhash.h
-cryptlib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-cryptlib.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
-cryptlib.o: ../include/openssl/stack.h ../include/openssl/symhacks.h cryptlib.c
-cryptlib.o: cryptlib.h
-cversion.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h
-cversion.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-cversion.o: ../include/openssl/err.h ../include/openssl/lhash.h
-cversion.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-cversion.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
-cversion.o: ../include/openssl/stack.h ../include/openssl/symhacks.h buildinf.h
-cversion.o: cryptlib.h cversion.c
-ebcdic.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h ebcdic.c
-ex_data.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h
-ex_data.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-ex_data.o: ../include/openssl/err.h ../include/openssl/lhash.h
-ex_data.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-ex_data.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
-ex_data.o: ../include/openssl/stack.h ../include/openssl/symhacks.h cryptlib.h
-ex_data.o: ex_data.c
-mem.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h
-mem.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-mem.o: ../include/openssl/err.h ../include/openssl/lhash.h
-mem.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-mem.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
-mem.o: ../include/openssl/stack.h ../include/openssl/symhacks.h cryptlib.h
-mem.o: mem.c
-mem_clr.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-mem_clr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-mem_clr.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
-mem_clr.o: ../include/openssl/stack.h ../include/openssl/symhacks.h mem_clr.c
-mem_dbg.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h
-mem_dbg.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-mem_dbg.o: ../include/openssl/err.h ../include/openssl/lhash.h
-mem_dbg.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-mem_dbg.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
-mem_dbg.o: ../include/openssl/stack.h ../include/openssl/symhacks.h cryptlib.h
-mem_dbg.o: mem_dbg.c
-o_dir.o: ../e_os.h ../include/openssl/e_os2.h ../include/openssl/opensslconf.h
-o_dir.o: LPdir_unix.c o_dir.c o_dir.h
-o_str.o: ../e_os.h ../include/openssl/e_os2.h ../include/openssl/opensslconf.h
-o_str.o: o_str.c o_str.h
-o_time.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h o_time.c
-o_time.o: o_time.h
-tmdiff.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h
-tmdiff.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-tmdiff.o: ../include/openssl/err.h ../include/openssl/lhash.h
-tmdiff.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-tmdiff.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
-tmdiff.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-tmdiff.o: ../include/openssl/tmdiff.h cryptlib.h tmdiff.c
-uid.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-uid.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-uid.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
-uid.o: ../include/openssl/stack.h ../include/openssl/symhacks.h uid.c
diff --git a/crypto/aes/.cvsignore b/crypto/aes/.cvsignore
index c6d03a9dbc..035489ba78 100644
--- a/crypto/aes/.cvsignore
+++ b/crypto/aes/.cvsignore
@@ -1,2 +1,5 @@
 lib
 Makefile.save
+*.flc
+semantic.cache
+aes-*.s
diff --git a/crypto/aes/Makefile.ssl b/crypto/aes/Makefile.ssl
deleted file mode 100644
index 7f7f141b44..0000000000
--- a/crypto/aes/Makefile.ssl
+++ /dev/null
@@ -1,117 +0,0 @@
-#
-# crypto/aes/Makefile
-#
-
-DIR=	aes
-TOP=	../..
-CC=	cc
-CPP=	$(CC) -E
-INCLUDES=
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=	/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-AES_ASM_OBJ=aes_core.o aes_cbc.o
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-ASFLAGS= $(INCLUDES) $(ASFLAG)
-AFLAGS= $(ASFLAGS)
-
-GENERAL=Makefile
-#TEST=aestest.c
-TEST=
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=aes_core.c aes_misc.c aes_ecb.c aes_cbc.c aes_cfb.c aes_ofb.c aes_ctr.c
-LIBOBJ=aes_misc.o aes_ecb.o aes_cfb.o aes_ofb.o aes_ctr.o $(AES_ASM_OBJ)
-
-SRC= $(LIBSRC)
-
-EXHEADER= aes.h
-HEADER= aes_locl.h $(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-$(LIBOBJ): $(LIBSRC)
-
-aes-ia64.s: asm/aes-ia64.S
-	$(CC) $(CFLAGS) -E asm/aes-ia64.S > $@
-
-ax86-elf.s: asm/aes-586.pl ../perlasm/x86asm.pl
-	(cd asm; $(PERL) aes-586.pl elf $(CFLAGS) $(PROCESSOR) > ../$@)
-ax86-cof.s: asm/aes-586.pl ../perlasm/x86asm.pl
-	(cd asm; $(PERL) aes-586.pl coff $(CFLAGS) $(PROCESSOR) > ../$@)
-ax86-out.s: asm/aes-586.pl ../perlasm/x86asm.pl
-	(cd asm; $(PERL) aes-586.pl a.out $(CFLAGS) $(PROCESSOR) > ../$@)
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@sh $(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install: installs
-
-installs:
-	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-aes_cbc.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h
-aes_cbc.o: ../../include/openssl/opensslconf.h aes_cbc.c aes_locl.h
-aes_cfb.o: ../../e_os.h ../../include/openssl/aes.h
-aes_cfb.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
-aes_cfb.o: aes_cfb.c aes_locl.h
-aes_core.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h
-aes_core.o: ../../include/openssl/opensslconf.h aes_core.c aes_locl.h
-aes_ctr.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h
-aes_ctr.o: ../../include/openssl/opensslconf.h aes_ctr.c aes_locl.h
-aes_ecb.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h
-aes_ecb.o: ../../include/openssl/opensslconf.h aes_ecb.c aes_locl.h
-aes_misc.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h
-aes_misc.o: ../../include/openssl/opensslconf.h
-aes_misc.o: ../../include/openssl/opensslv.h aes_locl.h aes_misc.c
-aes_ofb.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h
-aes_ofb.o: ../../include/openssl/opensslconf.h aes_locl.h aes_ofb.c
diff --git a/crypto/aes/aes.h b/crypto/aes/aes.h
index 9ffcc9ff2a..d2c99730fe 100644
--- a/crypto/aes/aes.h
+++ b/crypto/aes/aes.h
@@ -58,6 +58,8 @@
 #error AES is disabled.
 #endif
 
+#include <stddef.h>
+
 #define AES_ENCRYPT	1
 #define AES_DECRYPT	0
 
@@ -96,28 +98,41 @@ void AES_decrypt(const unsigned char *in, unsigned char *out,
 void AES_ecb_encrypt(const unsigned char *in, unsigned char *out,
 	const AES_KEY *key, const int enc);
 void AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
-	const unsigned long length, const AES_KEY *key,
+	size_t length, const AES_KEY *key,
 	unsigned char *ivec, const int enc);
 void AES_cfb128_encrypt(const unsigned char *in, unsigned char *out,
-	const unsigned long length, const AES_KEY *key,
+	size_t length, const AES_KEY *key,
 	unsigned char *ivec, int *num, const int enc);
 void AES_cfb1_encrypt(const unsigned char *in, unsigned char *out,
-	const unsigned long length, const AES_KEY *key,
+	size_t length, const AES_KEY *key,
 	unsigned char *ivec, int *num, const int enc);
 void AES_cfb8_encrypt(const unsigned char *in, unsigned char *out,
-	const unsigned long length, const AES_KEY *key,
+	size_t length, const AES_KEY *key,
 	unsigned char *ivec, int *num, const int enc);
-void AES_cfbr_encrypt_block(const unsigned char *in,unsigned char *out,
-			    const int nbits,const AES_KEY *key,
-			    unsigned char *ivec,const int enc);
 void AES_ofb128_encrypt(const unsigned char *in, unsigned char *out,
-	const unsigned long length, const AES_KEY *key,
+	size_t length, const AES_KEY *key,
 	unsigned char *ivec, int *num);
 void AES_ctr128_encrypt(const unsigned char *in, unsigned char *out,
-	const unsigned long length, const AES_KEY *key,
+	size_t length, const AES_KEY *key,
 	unsigned char ivec[AES_BLOCK_SIZE],
 	unsigned char ecount_buf[AES_BLOCK_SIZE],
 	unsigned int *num);
+/* NB: the IV is _two_ blocks long */
+void AES_ige_encrypt(const unsigned char *in, unsigned char *out,
+		     size_t length, const AES_KEY *key,
+		     unsigned char *ivec, const int enc);
+/* NB: the IV is _four_ blocks long */
+void AES_bi_ige_encrypt(const unsigned char *in, unsigned char *out,
+			size_t length, const AES_KEY *key,
+			const AES_KEY *key2, const unsigned char *ivec,
+			const int enc);
+
+int AES_wrap_key(AES_KEY *key, const unsigned char *iv,
+		unsigned char *out,
+		const unsigned char *in, unsigned int inlen);
+int AES_unwrap_key(AES_KEY *key, const unsigned char *iv,
+		unsigned char *out,
+		const unsigned char *in, unsigned int inlen);
 
 
 #ifdef  __cplusplus
diff --git a/crypto/aes/aes_cbc.c b/crypto/aes/aes_cbc.c
index d2ba6bcdb4..227f75625d 100644
--- a/crypto/aes/aes_cbc.c
+++ b/crypto/aes/aes_cbc.c
@@ -49,83 +49,15 @@
  *
  */
 
-#ifndef AES_DEBUG
-# ifndef NDEBUG
-#  define NDEBUG
-# endif
-#endif
-#include <assert.h>
-
 #include <openssl/aes.h>
-#include "aes_locl.h"
+#include <openssl/modes.h>
 
 void AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
-		     const unsigned long length, const AES_KEY *key,
+		     size_t len, const AES_KEY *key,
 		     unsigned char *ivec, const int enc) {
 
-	unsigned long n;
-	unsigned long len = length;
-	unsigned char tmp[AES_BLOCK_SIZE];
-	const unsigned char *iv = ivec;
-
-	assert(in && out && key && ivec);
-	assert((AES_ENCRYPT == enc)||(AES_DECRYPT == enc));
-
-	if (AES_ENCRYPT == enc) {
-		while (len >= AES_BLOCK_SIZE) {
-			for(n=0; n < AES_BLOCK_SIZE; ++n)
-				out[n] = in[n] ^ iv[n];
-			AES_encrypt(out, out, key);
-			iv = out;
-			len -= AES_BLOCK_SIZE;
-			in += AES_BLOCK_SIZE;
-			out += AES_BLOCK_SIZE;
-		}
-		if (len) {
-			for(n=0; n < len; ++n)
-				out[n] = in[n] ^ iv[n];
-			for(n=len; n < AES_BLOCK_SIZE; ++n)
-				out[n] = iv[n];
-			AES_encrypt(out, out, key);
-			iv = out;
-		}
-		memcpy(ivec,iv,AES_BLOCK_SIZE);
-	} else if (in != out) {
-		while (len >= AES_BLOCK_SIZE) {
-			AES_decrypt(in, out, key);
-			for(n=0; n < AES_BLOCK_SIZE; ++n)
-				out[n] ^= iv[n];
-			iv = in;
-			len -= AES_BLOCK_SIZE;
-			in  += AES_BLOCK_SIZE;
-			out += AES_BLOCK_SIZE;
-		}
-		if (len) {
-			AES_decrypt(in,tmp,key);
-			for(n=0; n < len; ++n)
-				out[n] = tmp[n] ^ iv[n];
-			iv = in;
-		}
-		memcpy(ivec,iv,AES_BLOCK_SIZE);
-	} else {
-		while (len >= AES_BLOCK_SIZE) {
-			memcpy(tmp, in, AES_BLOCK_SIZE);
-			AES_decrypt(in, out, key);
-			for(n=0; n < AES_BLOCK_SIZE; ++n)
-				out[n] ^= ivec[n];
-			memcpy(ivec, tmp, AES_BLOCK_SIZE);
-			len -= AES_BLOCK_SIZE;
-			in += AES_BLOCK_SIZE;
-			out += AES_BLOCK_SIZE;
-		}
-		if (len) {
-			memcpy(tmp, in, AES_BLOCK_SIZE);
-			AES_decrypt(tmp, out, key);
-			for(n=0; n < len; ++n)
-				out[n] ^= ivec[n];
-			for(n=len; n < AES_BLOCK_SIZE; ++n)
-				out[n] = tmp[n];
-			memcpy(ivec, tmp, AES_BLOCK_SIZE);
-		}
-	}
+	if (enc)
+		CRYPTO_cbc128_encrypt(in,out,len,key,ivec,(block128_f)AES_encrypt);
+	else
+		CRYPTO_cbc128_decrypt(in,out,len,key,ivec,(block128_f)AES_decrypt);
 }
diff --git a/crypto/aes/aes_cfb.c b/crypto/aes/aes_cfb.c
index 49f0411010..0c6d058ce7 100644
--- a/crypto/aes/aes_cfb.c
+++ b/crypto/aes/aes_cfb.c
@@ -1,6 +1,6 @@
 /* crypto/aes/aes_cfb.c -*- mode:C; c-file-style: "eay" -*- */
 /* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 2002-2006 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -48,73 +48,9 @@
  * ====================================================================
  *
  */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef AES_DEBUG
-# ifndef NDEBUG
-#  define NDEBUG
-# endif
-#endif
-#include <assert.h>
 
 #include <openssl/aes.h>
-#include "aes_locl.h"
-#include "e_os.h"
+#include <openssl/modes.h>
 
 /* The input and output encrypted as though 128bit cfb mode is being
  * used.  The extra state information to record how much of the
@@ -122,104 +58,24 @@
  */
 
 void AES_cfb128_encrypt(const unsigned char *in, unsigned char *out,
-	const unsigned long length, const AES_KEY *key,
+	size_t length, const AES_KEY *key,
 	unsigned char *ivec, int *num, const int enc) {
 
-	unsigned int n;
-	unsigned long l = length;
-	unsigned char c;
-
-	assert(in && out && key && ivec && num);
-
-	n = *num;
-
-	if (enc) {
-		while (l--) {
-			if (n == 0) {
-				AES_encrypt(ivec, ivec, key);
-			}
-			ivec[n] = *(out++) = *(in++) ^ ivec[n];
-			n = (n+1) % AES_BLOCK_SIZE;
-		}
-	} else {
-		while (l--) {
-			if (n == 0) {
-				AES_encrypt(ivec, ivec, key);
-			}
-			c = *(in);
-			*(out++) = *(in++) ^ ivec[n];
-			ivec[n] = c;
-			n = (n+1) % AES_BLOCK_SIZE;
-		}
-	}
-
-	*num=n;
+	CRYPTO_cfb128_encrypt(in,out,length,key,ivec,num,enc,(block128_f)AES_encrypt);
 }
 
-/* This expects a single block of size nbits for both in and out. Note that
-   it corrupts any extra bits in the last byte of out */
-void AES_cfbr_encrypt_block(const unsigned char *in,unsigned char *out,
-			    const int nbits,const AES_KEY *key,
-			    unsigned char *ivec,const int enc)
-    {
-    int n,rem,num;
-    unsigned char ovec[AES_BLOCK_SIZE*2];
-
-    if (nbits<=0 || nbits>128) return;
-
-	/* fill in the first half of the new IV with the current IV */
-	memcpy(ovec,ivec,AES_BLOCK_SIZE);
-	/* construct the new IV */
-	AES_encrypt(ivec,ivec,key);
-	num = (nbits+7)/8;
-	if (enc)	/* encrypt the input */
-	    for(n=0 ; n < num ; ++n)
-		out[n] = (ovec[AES_BLOCK_SIZE+n] = in[n] ^ ivec[n]);
-	else		/* decrypt the input */
-	    for(n=0 ; n < num ; ++n)
-		out[n] = (ovec[AES_BLOCK_SIZE+n] = in[n]) ^ ivec[n];
-	/* shift ovec left... */
-	rem = nbits%8;
-	num = nbits/8;
-	if(rem==0)
-	    memcpy(ivec,ovec+num,AES_BLOCK_SIZE);
-	else
-	    for(n=0 ; n < AES_BLOCK_SIZE ; ++n)
-		ivec[n] = ovec[n+num]<<rem | ovec[n+num+1]>>(8-rem);
-
-    /* it is not necessary to cleanse ovec, since the IV is not secret */
-    }
-
 /* N.B. This expects the input to be packed, MS bit first */
 void AES_cfb1_encrypt(const unsigned char *in, unsigned char *out,
-		      const unsigned long length, const AES_KEY *key,
+		      size_t length, const AES_KEY *key,
 		      unsigned char *ivec, int *num, const int enc)
     {
-    unsigned int n;
-    unsigned char c[1],d[1];
-
-    assert(in && out && key && ivec && num);
-    assert(*num == 0);
-
-    memset(out,0,(length+7)/8);
-    for(n=0 ; n < length ; ++n)
-	{
-	c[0]=(in[n/8]&(1 << (7-n%8))) ? 0x80 : 0;
-	AES_cfbr_encrypt_block(c,d,1,key,ivec,enc);
-	out[n/8]=(out[n/8]&~(1 << (7-n%8)))|((d[0]&0x80) >> (n%8));
-	}
+    CRYPTO_cfb128_1_encrypt(in,out,length,key,ivec,num,enc,(block128_f)AES_encrypt);
     }
 
 void AES_cfb8_encrypt(const unsigned char *in, unsigned char *out,
-		      const unsigned long length, const AES_KEY *key,
+		      size_t length, const AES_KEY *key,
 		      unsigned char *ivec, int *num, const int enc)
     {
-    unsigned int n;
-
-    assert(in && out && key && ivec && num);
-    assert(*num == 0);
-
-    for(n=0 ; n < length ; ++n)
-	AES_cfbr_encrypt_block(&in[n],&out[n],8,key,ivec,enc);
+    CRYPTO_cfb128_8_encrypt(in,out,length,key,ivec,num,enc,(block128_f)AES_encrypt);
     }
 
diff --git a/crypto/aes/aes_core.c b/crypto/aes/aes_core.c
index 410ae2e8e8..a7ec54f4da 100644
--- a/crypto/aes/aes_core.c
+++ b/crypto/aes/aes_core.c
@@ -39,27 +39,20 @@
 #include <openssl/aes.h>
 #include "aes_locl.h"
 
+#ifndef AES_ASM
 /*
 Te0[x] = S [x].[02, 01, 01, 03];
 Te1[x] = S [x].[03, 02, 01, 01];
 Te2[x] = S [x].[01, 03, 02, 01];
 Te3[x] = S [x].[01, 01, 03, 02];
-Te4[x] = S [x].[01, 01, 01, 01];
 
 Td0[x] = Si[x].[0e, 09, 0d, 0b];
 Td1[x] = Si[x].[0b, 0e, 09, 0d];
 Td2[x] = Si[x].[0d, 0b, 0e, 09];
 Td3[x] = Si[x].[09, 0d, 0b, 0e];
-Td4[x] = Si[x].[01, 01, 01, 01];
+Td4[x] = Si[x].[01];
 */
 
-#ifdef AES_ASM
-extern const u32 AES_Te[5][256];
-#define Te0 AES_Te[0]
-#define Te1 AES_Te[1]
-#define Te2 AES_Te[2]
-#define Te3 AES_Te[3]
-#else
 static const u32 Te0[256] = {
     0xc66363a5U, 0xf87c7c84U, 0xee777799U, 0xf67b7b8dU,
     0xfff2f20dU, 0xd66b6bbdU, 0xde6f6fb1U, 0x91c5c554U,
@@ -324,81 +317,7 @@ static const u32 Te3[256] = {
     0x4141c382U, 0x9999b029U, 0x2d2d775aU, 0x0f0f111eU,
     0xb0b0cb7bU, 0x5454fca8U, 0xbbbbd66dU, 0x16163a2cU,
 };
-#endif
-static const u32 Te4[256] = {
-    0x63636363U, 0x7c7c7c7cU, 0x77777777U, 0x7b7b7b7bU,
-    0xf2f2f2f2U, 0x6b6b6b6bU, 0x6f6f6f6fU, 0xc5c5c5c5U,
-    0x30303030U, 0x01010101U, 0x67676767U, 0x2b2b2b2bU,
-    0xfefefefeU, 0xd7d7d7d7U, 0xababababU, 0x76767676U,
-    0xcacacacaU, 0x82828282U, 0xc9c9c9c9U, 0x7d7d7d7dU,
-    0xfafafafaU, 0x59595959U, 0x47474747U, 0xf0f0f0f0U,
-    0xadadadadU, 0xd4d4d4d4U, 0xa2a2a2a2U, 0xafafafafU,
-    0x9c9c9c9cU, 0xa4a4a4a4U, 0x72727272U, 0xc0c0c0c0U,
-    0xb7b7b7b7U, 0xfdfdfdfdU, 0x93939393U, 0x26262626U,
-    0x36363636U, 0x3f3f3f3fU, 0xf7f7f7f7U, 0xccccccccU,
-    0x34343434U, 0xa5a5a5a5U, 0xe5e5e5e5U, 0xf1f1f1f1U,
-    0x71717171U, 0xd8d8d8d8U, 0x31313131U, 0x15151515U,
-    0x04040404U, 0xc7c7c7c7U, 0x23232323U, 0xc3c3c3c3U,
-    0x18181818U, 0x96969696U, 0x05050505U, 0x9a9a9a9aU,
-    0x07070707U, 0x12121212U, 0x80808080U, 0xe2e2e2e2U,
-    0xebebebebU, 0x27272727U, 0xb2b2b2b2U, 0x75757575U,
-    0x09090909U, 0x83838383U, 0x2c2c2c2cU, 0x1a1a1a1aU,
-    0x1b1b1b1bU, 0x6e6e6e6eU, 0x5a5a5a5aU, 0xa0a0a0a0U,
-    0x52525252U, 0x3b3b3b3bU, 0xd6d6d6d6U, 0xb3b3b3b3U,
-    0x29292929U, 0xe3e3e3e3U, 0x2f2f2f2fU, 0x84848484U,
-    0x53535353U, 0xd1d1d1d1U, 0x00000000U, 0xededededU,
-    0x20202020U, 0xfcfcfcfcU, 0xb1b1b1b1U, 0x5b5b5b5bU,
-    0x6a6a6a6aU, 0xcbcbcbcbU, 0xbebebebeU, 0x39393939U,
-    0x4a4a4a4aU, 0x4c4c4c4cU, 0x58585858U, 0xcfcfcfcfU,
-    0xd0d0d0d0U, 0xefefefefU, 0xaaaaaaaaU, 0xfbfbfbfbU,
-    0x43434343U, 0x4d4d4d4dU, 0x33333333U, 0x85858585U,
-    0x45454545U, 0xf9f9f9f9U, 0x02020202U, 0x7f7f7f7fU,
-    0x50505050U, 0x3c3c3c3cU, 0x9f9f9f9fU, 0xa8a8a8a8U,
-    0x51515151U, 0xa3a3a3a3U, 0x40404040U, 0x8f8f8f8fU,
-    0x92929292U, 0x9d9d9d9dU, 0x38383838U, 0xf5f5f5f5U,
-    0xbcbcbcbcU, 0xb6b6b6b6U, 0xdadadadaU, 0x21212121U,
-    0x10101010U, 0xffffffffU, 0xf3f3f3f3U, 0xd2d2d2d2U,
-    0xcdcdcdcdU, 0x0c0c0c0cU, 0x13131313U, 0xececececU,
-    0x5f5f5f5fU, 0x97979797U, 0x44444444U, 0x17171717U,
-    0xc4c4c4c4U, 0xa7a7a7a7U, 0x7e7e7e7eU, 0x3d3d3d3dU,
-    0x64646464U, 0x5d5d5d5dU, 0x19191919U, 0x73737373U,
-    0x60606060U, 0x81818181U, 0x4f4f4f4fU, 0xdcdcdcdcU,
-    0x22222222U, 0x2a2a2a2aU, 0x90909090U, 0x88888888U,
-    0x46464646U, 0xeeeeeeeeU, 0xb8b8b8b8U, 0x14141414U,
-    0xdedededeU, 0x5e5e5e5eU, 0x0b0b0b0bU, 0xdbdbdbdbU,
-    0xe0e0e0e0U, 0x32323232U, 0x3a3a3a3aU, 0x0a0a0a0aU,
-    0x49494949U, 0x06060606U, 0x24242424U, 0x5c5c5c5cU,
-    0xc2c2c2c2U, 0xd3d3d3d3U, 0xacacacacU, 0x62626262U,
-    0x91919191U, 0x95959595U, 0xe4e4e4e4U, 0x79797979U,
-    0xe7e7e7e7U, 0xc8c8c8c8U, 0x37373737U, 0x6d6d6d6dU,
-    0x8d8d8d8dU, 0xd5d5d5d5U, 0x4e4e4e4eU, 0xa9a9a9a9U,
-    0x6c6c6c6cU, 0x56565656U, 0xf4f4f4f4U, 0xeaeaeaeaU,
-    0x65656565U, 0x7a7a7a7aU, 0xaeaeaeaeU, 0x08080808U,
-    0xbabababaU, 0x78787878U, 0x25252525U, 0x2e2e2e2eU,
-    0x1c1c1c1cU, 0xa6a6a6a6U, 0xb4b4b4b4U, 0xc6c6c6c6U,
-    0xe8e8e8e8U, 0xddddddddU, 0x74747474U, 0x1f1f1f1fU,
-    0x4b4b4b4bU, 0xbdbdbdbdU, 0x8b8b8b8bU, 0x8a8a8a8aU,
-    0x70707070U, 0x3e3e3e3eU, 0xb5b5b5b5U, 0x66666666U,
-    0x48484848U, 0x03030303U, 0xf6f6f6f6U, 0x0e0e0e0eU,
-    0x61616161U, 0x35353535U, 0x57575757U, 0xb9b9b9b9U,
-    0x86868686U, 0xc1c1c1c1U, 0x1d1d1d1dU, 0x9e9e9e9eU,
-    0xe1e1e1e1U, 0xf8f8f8f8U, 0x98989898U, 0x11111111U,
-    0x69696969U, 0xd9d9d9d9U, 0x8e8e8e8eU, 0x94949494U,
-    0x9b9b9b9bU, 0x1e1e1e1eU, 0x87878787U, 0xe9e9e9e9U,
-    0xcecececeU, 0x55555555U, 0x28282828U, 0xdfdfdfdfU,
-    0x8c8c8c8cU, 0xa1a1a1a1U, 0x89898989U, 0x0d0d0d0dU,
-    0xbfbfbfbfU, 0xe6e6e6e6U, 0x42424242U, 0x68686868U,
-    0x41414141U, 0x99999999U, 0x2d2d2d2dU, 0x0f0f0f0fU,
-    0xb0b0b0b0U, 0x54545454U, 0xbbbbbbbbU, 0x16161616U,
-};
 
-#ifdef AES_ASM
-extern const u32 AES_Td[5][256];
-#define Td0 AES_Td[0]
-#define Td1 AES_Td[1]
-#define Td2 AES_Td[2]
-#define Td3 AES_Td[3]
-#else
 static const u32 Td0[256] = {
     0x51f4a750U, 0x7e416553U, 0x1a17a4c3U, 0x3a275e96U,
     0x3bab6bcbU, 0x1f9d45f1U, 0xacfa58abU, 0x4be30393U,
@@ -663,72 +582,39 @@ static const u32 Td3[256] = {
     0xa8017139U, 0x0cb3de08U, 0xb4e49cd8U, 0x56c19064U,
     0xcb84617bU, 0x32b670d5U, 0x6c5c7448U, 0xb85742d0U,
 };
-#endif
-static const u32 Td4[256] = {
-    0x52525252U, 0x09090909U, 0x6a6a6a6aU, 0xd5d5d5d5U,
-    0x30303030U, 0x36363636U, 0xa5a5a5a5U, 0x38383838U,
-    0xbfbfbfbfU, 0x40404040U, 0xa3a3a3a3U, 0x9e9e9e9eU,
-    0x81818181U, 0xf3f3f3f3U, 0xd7d7d7d7U, 0xfbfbfbfbU,
-    0x7c7c7c7cU, 0xe3e3e3e3U, 0x39393939U, 0x82828282U,
-    0x9b9b9b9bU, 0x2f2f2f2fU, 0xffffffffU, 0x87878787U,
-    0x34343434U, 0x8e8e8e8eU, 0x43434343U, 0x44444444U,
-    0xc4c4c4c4U, 0xdedededeU, 0xe9e9e9e9U, 0xcbcbcbcbU,
-    0x54545454U, 0x7b7b7b7bU, 0x94949494U, 0x32323232U,
-    0xa6a6a6a6U, 0xc2c2c2c2U, 0x23232323U, 0x3d3d3d3dU,
-    0xeeeeeeeeU, 0x4c4c4c4cU, 0x95959595U, 0x0b0b0b0bU,
-    0x42424242U, 0xfafafafaU, 0xc3c3c3c3U, 0x4e4e4e4eU,
-    0x08080808U, 0x2e2e2e2eU, 0xa1a1a1a1U, 0x66666666U,
-    0x28282828U, 0xd9d9d9d9U, 0x24242424U, 0xb2b2b2b2U,
-    0x76767676U, 0x5b5b5b5bU, 0xa2a2a2a2U, 0x49494949U,
-    0x6d6d6d6dU, 0x8b8b8b8bU, 0xd1d1d1d1U, 0x25252525U,
-    0x72727272U, 0xf8f8f8f8U, 0xf6f6f6f6U, 0x64646464U,
-    0x86868686U, 0x68686868U, 0x98989898U, 0x16161616U,
-    0xd4d4d4d4U, 0xa4a4a4a4U, 0x5c5c5c5cU, 0xccccccccU,
-    0x5d5d5d5dU, 0x65656565U, 0xb6b6b6b6U, 0x92929292U,
-    0x6c6c6c6cU, 0x70707070U, 0x48484848U, 0x50505050U,
-    0xfdfdfdfdU, 0xededededU, 0xb9b9b9b9U, 0xdadadadaU,
-    0x5e5e5e5eU, 0x15151515U, 0x46464646U, 0x57575757U,
-    0xa7a7a7a7U, 0x8d8d8d8dU, 0x9d9d9d9dU, 0x84848484U,
-    0x90909090U, 0xd8d8d8d8U, 0xababababU, 0x00000000U,
-    0x8c8c8c8cU, 0xbcbcbcbcU, 0xd3d3d3d3U, 0x0a0a0a0aU,
-    0xf7f7f7f7U, 0xe4e4e4e4U, 0x58585858U, 0x05050505U,
-    0xb8b8b8b8U, 0xb3b3b3b3U, 0x45454545U, 0x06060606U,
-    0xd0d0d0d0U, 0x2c2c2c2cU, 0x1e1e1e1eU, 0x8f8f8f8fU,
-    0xcacacacaU, 0x3f3f3f3fU, 0x0f0f0f0fU, 0x02020202U,
-    0xc1c1c1c1U, 0xafafafafU, 0xbdbdbdbdU, 0x03030303U,
-    0x01010101U, 0x13131313U, 0x8a8a8a8aU, 0x6b6b6b6bU,
-    0x3a3a3a3aU, 0x91919191U, 0x11111111U, 0x41414141U,
-    0x4f4f4f4fU, 0x67676767U, 0xdcdcdcdcU, 0xeaeaeaeaU,
-    0x97979797U, 0xf2f2f2f2U, 0xcfcfcfcfU, 0xcecececeU,
-    0xf0f0f0f0U, 0xb4b4b4b4U, 0xe6e6e6e6U, 0x73737373U,
-    0x96969696U, 0xacacacacU, 0x74747474U, 0x22222222U,
-    0xe7e7e7e7U, 0xadadadadU, 0x35353535U, 0x85858585U,
-    0xe2e2e2e2U, 0xf9f9f9f9U, 0x37373737U, 0xe8e8e8e8U,
-    0x1c1c1c1cU, 0x75757575U, 0xdfdfdfdfU, 0x6e6e6e6eU,
-    0x47474747U, 0xf1f1f1f1U, 0x1a1a1a1aU, 0x71717171U,
-    0x1d1d1d1dU, 0x29292929U, 0xc5c5c5c5U, 0x89898989U,
-    0x6f6f6f6fU, 0xb7b7b7b7U, 0x62626262U, 0x0e0e0e0eU,
-    0xaaaaaaaaU, 0x18181818U, 0xbebebebeU, 0x1b1b1b1bU,
-    0xfcfcfcfcU, 0x56565656U, 0x3e3e3e3eU, 0x4b4b4b4bU,
-    0xc6c6c6c6U, 0xd2d2d2d2U, 0x79797979U, 0x20202020U,
-    0x9a9a9a9aU, 0xdbdbdbdbU, 0xc0c0c0c0U, 0xfefefefeU,
-    0x78787878U, 0xcdcdcdcdU, 0x5a5a5a5aU, 0xf4f4f4f4U,
-    0x1f1f1f1fU, 0xddddddddU, 0xa8a8a8a8U, 0x33333333U,
-    0x88888888U, 0x07070707U, 0xc7c7c7c7U, 0x31313131U,
-    0xb1b1b1b1U, 0x12121212U, 0x10101010U, 0x59595959U,
-    0x27272727U, 0x80808080U, 0xececececU, 0x5f5f5f5fU,
-    0x60606060U, 0x51515151U, 0x7f7f7f7fU, 0xa9a9a9a9U,
-    0x19191919U, 0xb5b5b5b5U, 0x4a4a4a4aU, 0x0d0d0d0dU,
-    0x2d2d2d2dU, 0xe5e5e5e5U, 0x7a7a7a7aU, 0x9f9f9f9fU,
-    0x93939393U, 0xc9c9c9c9U, 0x9c9c9c9cU, 0xefefefefU,
-    0xa0a0a0a0U, 0xe0e0e0e0U, 0x3b3b3b3bU, 0x4d4d4d4dU,
-    0xaeaeaeaeU, 0x2a2a2a2aU, 0xf5f5f5f5U, 0xb0b0b0b0U,
-    0xc8c8c8c8U, 0xebebebebU, 0xbbbbbbbbU, 0x3c3c3c3cU,
-    0x83838383U, 0x53535353U, 0x99999999U, 0x61616161U,
-    0x17171717U, 0x2b2b2b2bU, 0x04040404U, 0x7e7e7e7eU,
-    0xbabababaU, 0x77777777U, 0xd6d6d6d6U, 0x26262626U,
-    0xe1e1e1e1U, 0x69696969U, 0x14141414U, 0x63636363U,
-    0x55555555U, 0x21212121U, 0x0c0c0c0cU, 0x7d7d7d7dU,
+static const u8 Td4[256] = {
+    0x52U, 0x09U, 0x6aU, 0xd5U, 0x30U, 0x36U, 0xa5U, 0x38U,
+    0xbfU, 0x40U, 0xa3U, 0x9eU, 0x81U, 0xf3U, 0xd7U, 0xfbU,
+    0x7cU, 0xe3U, 0x39U, 0x82U, 0x9bU, 0x2fU, 0xffU, 0x87U,
+    0x34U, 0x8eU, 0x43U, 0x44U, 0xc4U, 0xdeU, 0xe9U, 0xcbU,
+    0x54U, 0x7bU, 0x94U, 0x32U, 0xa6U, 0xc2U, 0x23U, 0x3dU,
+    0xeeU, 0x4cU, 0x95U, 0x0bU, 0x42U, 0xfaU, 0xc3U, 0x4eU,
+    0x08U, 0x2eU, 0xa1U, 0x66U, 0x28U, 0xd9U, 0x24U, 0xb2U,
+    0x76U, 0x5bU, 0xa2U, 0x49U, 0x6dU, 0x8bU, 0xd1U, 0x25U,
+    0x72U, 0xf8U, 0xf6U, 0x64U, 0x86U, 0x68U, 0x98U, 0x16U,
+    0xd4U, 0xa4U, 0x5cU, 0xccU, 0x5dU, 0x65U, 0xb6U, 0x92U,
+    0x6cU, 0x70U, 0x48U, 0x50U, 0xfdU, 0xedU, 0xb9U, 0xdaU,
+    0x5eU, 0x15U, 0x46U, 0x57U, 0xa7U, 0x8dU, 0x9dU, 0x84U,
+    0x90U, 0xd8U, 0xabU, 0x00U, 0x8cU, 0xbcU, 0xd3U, 0x0aU,
+    0xf7U, 0xe4U, 0x58U, 0x05U, 0xb8U, 0xb3U, 0x45U, 0x06U,
+    0xd0U, 0x2cU, 0x1eU, 0x8fU, 0xcaU, 0x3fU, 0x0fU, 0x02U,
+    0xc1U, 0xafU, 0xbdU, 0x03U, 0x01U, 0x13U, 0x8aU, 0x6bU,
+    0x3aU, 0x91U, 0x11U, 0x41U, 0x4fU, 0x67U, 0xdcU, 0xeaU,
+    0x97U, 0xf2U, 0xcfU, 0xceU, 0xf0U, 0xb4U, 0xe6U, 0x73U,
+    0x96U, 0xacU, 0x74U, 0x22U, 0xe7U, 0xadU, 0x35U, 0x85U,
+    0xe2U, 0xf9U, 0x37U, 0xe8U, 0x1cU, 0x75U, 0xdfU, 0x6eU,
+    0x47U, 0xf1U, 0x1aU, 0x71U, 0x1dU, 0x29U, 0xc5U, 0x89U,
+    0x6fU, 0xb7U, 0x62U, 0x0eU, 0xaaU, 0x18U, 0xbeU, 0x1bU,
+    0xfcU, 0x56U, 0x3eU, 0x4bU, 0xc6U, 0xd2U, 0x79U, 0x20U,
+    0x9aU, 0xdbU, 0xc0U, 0xfeU, 0x78U, 0xcdU, 0x5aU, 0xf4U,
+    0x1fU, 0xddU, 0xa8U, 0x33U, 0x88U, 0x07U, 0xc7U, 0x31U,
+    0xb1U, 0x12U, 0x10U, 0x59U, 0x27U, 0x80U, 0xecU, 0x5fU,
+    0x60U, 0x51U, 0x7fU, 0xa9U, 0x19U, 0xb5U, 0x4aU, 0x0dU,
+    0x2dU, 0xe5U, 0x7aU, 0x9fU, 0x93U, 0xc9U, 0x9cU, 0xefU,
+    0xa0U, 0xe0U, 0x3bU, 0x4dU, 0xaeU, 0x2aU, 0xf5U, 0xb0U,
+    0xc8U, 0xebU, 0xbbU, 0x3cU, 0x83U, 0x53U, 0x99U, 0x61U,
+    0x17U, 0x2bU, 0x04U, 0x7eU, 0xbaU, 0x77U, 0xd6U, 0x26U,
+    0xe1U, 0x69U, 0x14U, 0x63U, 0x55U, 0x21U, 0x0cU, 0x7dU,
 };
 static const u32 rcon[] = {
 	0x01000000, 0x02000000, 0x04000000, 0x08000000,
@@ -768,10 +654,10 @@ int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
 		while (1) {
 			temp  = rk[3];
 			rk[4] = rk[0] ^
-				(Te4[(temp >> 16) & 0xff] & 0xff000000) ^
-				(Te4[(temp >>  8) & 0xff] & 0x00ff0000) ^
-				(Te4[(temp      ) & 0xff] & 0x0000ff00) ^
-				(Te4[(temp >> 24)       ] & 0x000000ff) ^
+				(Te2[(temp >> 16) & 0xff] & 0xff000000) ^
+				(Te3[(temp >>  8) & 0xff] & 0x00ff0000) ^
+				(Te0[(temp      ) & 0xff] & 0x0000ff00) ^
+				(Te1[(temp >> 24)       ] & 0x000000ff) ^
 				rcon[i];
 			rk[5] = rk[1] ^ rk[4];
 			rk[6] = rk[2] ^ rk[5];
@@ -788,10 +674,10 @@ int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
 		while (1) {
 			temp = rk[ 5];
 			rk[ 6] = rk[ 0] ^
-				(Te4[(temp >> 16) & 0xff] & 0xff000000) ^
-				(Te4[(temp >>  8) & 0xff] & 0x00ff0000) ^
-				(Te4[(temp      ) & 0xff] & 0x0000ff00) ^
-				(Te4[(temp >> 24)       ] & 0x000000ff) ^
+				(Te2[(temp >> 16) & 0xff] & 0xff000000) ^
+				(Te3[(temp >>  8) & 0xff] & 0x00ff0000) ^
+				(Te0[(temp      ) & 0xff] & 0x0000ff00) ^
+				(Te1[(temp >> 24)       ] & 0x000000ff) ^
 				rcon[i];
 			rk[ 7] = rk[ 1] ^ rk[ 6];
 			rk[ 8] = rk[ 2] ^ rk[ 7];
@@ -810,10 +696,10 @@ int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
 		while (1) {
 			temp = rk[ 7];
 			rk[ 8] = rk[ 0] ^
-				(Te4[(temp >> 16) & 0xff] & 0xff000000) ^
-				(Te4[(temp >>  8) & 0xff] & 0x00ff0000) ^
-				(Te4[(temp      ) & 0xff] & 0x0000ff00) ^
-				(Te4[(temp >> 24)       ] & 0x000000ff) ^
+				(Te2[(temp >> 16) & 0xff] & 0xff000000) ^
+				(Te3[(temp >>  8) & 0xff] & 0x00ff0000) ^
+				(Te0[(temp      ) & 0xff] & 0x0000ff00) ^
+				(Te1[(temp >> 24)       ] & 0x000000ff) ^
 				rcon[i];
 			rk[ 9] = rk[ 1] ^ rk[ 8];
 			rk[10] = rk[ 2] ^ rk[ 9];
@@ -823,10 +709,10 @@ int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
 			}
 			temp = rk[11];
 			rk[12] = rk[ 4] ^
-				(Te4[(temp >> 24)       ] & 0xff000000) ^
-				(Te4[(temp >> 16) & 0xff] & 0x00ff0000) ^
-				(Te4[(temp >>  8) & 0xff] & 0x0000ff00) ^
-				(Te4[(temp      ) & 0xff] & 0x000000ff);
+				(Te2[(temp >> 24)       ] & 0xff000000) ^
+				(Te3[(temp >> 16) & 0xff] & 0x00ff0000) ^
+				(Te0[(temp >>  8) & 0xff] & 0x0000ff00) ^
+				(Te1[(temp      ) & 0xff] & 0x000000ff);
 			rk[13] = rk[ 5] ^ rk[12];
 			rk[14] = rk[ 6] ^ rk[13];
 			rk[15] = rk[ 7] ^ rk[14];
@@ -865,30 +751,29 @@ int AES_set_decrypt_key(const unsigned char *userKey, const int bits,
 	for (i = 1; i < (key->rounds); i++) {
 		rk += 4;
 		rk[0] =
-			Td0[Te4[(rk[0] >> 24)       ] & 0xff] ^
-			Td1[Te4[(rk[0] >> 16) & 0xff] & 0xff] ^
-			Td2[Te4[(rk[0] >>  8) & 0xff] & 0xff] ^
-			Td3[Te4[(rk[0]      ) & 0xff] & 0xff];
+			Td0[Te1[(rk[0] >> 24)       ] & 0xff] ^
+			Td1[Te1[(rk[0] >> 16) & 0xff] & 0xff] ^
+			Td2[Te1[(rk[0] >>  8) & 0xff] & 0xff] ^
+			Td3[Te1[(rk[0]      ) & 0xff] & 0xff];
 		rk[1] =
-			Td0[Te4[(rk[1] >> 24)       ] & 0xff] ^
-			Td1[Te4[(rk[1] >> 16) & 0xff] & 0xff] ^
-			Td2[Te4[(rk[1] >>  8) & 0xff] & 0xff] ^
-			Td3[Te4[(rk[1]      ) & 0xff] & 0xff];
+			Td0[Te1[(rk[1] >> 24)       ] & 0xff] ^
+			Td1[Te1[(rk[1] >> 16) & 0xff] & 0xff] ^
+			Td2[Te1[(rk[1] >>  8) & 0xff] & 0xff] ^
+			Td3[Te1[(rk[1]      ) & 0xff] & 0xff];
 		rk[2] =
-			Td0[Te4[(rk[2] >> 24)       ] & 0xff] ^
-			Td1[Te4[(rk[2] >> 16) & 0xff] & 0xff] ^
-			Td2[Te4[(rk[2] >>  8) & 0xff] & 0xff] ^
-			Td3[Te4[(rk[2]      ) & 0xff] & 0xff];
+			Td0[Te1[(rk[2] >> 24)       ] & 0xff] ^
+			Td1[Te1[(rk[2] >> 16) & 0xff] & 0xff] ^
+			Td2[Te1[(rk[2] >>  8) & 0xff] & 0xff] ^
+			Td3[Te1[(rk[2]      ) & 0xff] & 0xff];
 		rk[3] =
-			Td0[Te4[(rk[3] >> 24)       ] & 0xff] ^
-			Td1[Te4[(rk[3] >> 16) & 0xff] & 0xff] ^
-			Td2[Te4[(rk[3] >>  8) & 0xff] & 0xff] ^
-			Td3[Te4[(rk[3]      ) & 0xff] & 0xff];
+			Td0[Te1[(rk[3] >> 24)       ] & 0xff] ^
+			Td1[Te1[(rk[3] >> 16) & 0xff] & 0xff] ^
+			Td2[Te1[(rk[3] >>  8) & 0xff] & 0xff] ^
+			Td3[Te1[(rk[3]      ) & 0xff] & 0xff];
 	}
 	return 0;
 }
 
-#ifndef AES_ASM
 /*
  * Encrypt a single block
  * in and out can overlap
@@ -1051,31 +936,31 @@ void AES_encrypt(const unsigned char *in, unsigned char *out,
 	 * map cipher state to byte array block:
 	 */
 	s0 =
-		(Te4[(t0 >> 24)       ] & 0xff000000) ^
-		(Te4[(t1 >> 16) & 0xff] & 0x00ff0000) ^
-		(Te4[(t2 >>  8) & 0xff] & 0x0000ff00) ^
-		(Te4[(t3      ) & 0xff] & 0x000000ff) ^
+		(Te2[(t0 >> 24)       ] & 0xff000000) ^
+		(Te3[(t1 >> 16) & 0xff] & 0x00ff0000) ^
+		(Te0[(t2 >>  8) & 0xff] & 0x0000ff00) ^
+		(Te1[(t3      ) & 0xff] & 0x000000ff) ^
 		rk[0];
 	PUTU32(out     , s0);
 	s1 =
-		(Te4[(t1 >> 24)       ] & 0xff000000) ^
-		(Te4[(t2 >> 16) & 0xff] & 0x00ff0000) ^
-		(Te4[(t3 >>  8) & 0xff] & 0x0000ff00) ^
-		(Te4[(t0      ) & 0xff] & 0x000000ff) ^
+		(Te2[(t1 >> 24)       ] & 0xff000000) ^
+		(Te3[(t2 >> 16) & 0xff] & 0x00ff0000) ^
+		(Te0[(t3 >>  8) & 0xff] & 0x0000ff00) ^
+		(Te1[(t0      ) & 0xff] & 0x000000ff) ^
 		rk[1];
 	PUTU32(out +  4, s1);
 	s2 =
-		(Te4[(t2 >> 24)       ] & 0xff000000) ^
-		(Te4[(t3 >> 16) & 0xff] & 0x00ff0000) ^
-		(Te4[(t0 >>  8) & 0xff] & 0x0000ff00) ^
-		(Te4[(t1      ) & 0xff] & 0x000000ff) ^
+		(Te2[(t2 >> 24)       ] & 0xff000000) ^
+		(Te3[(t3 >> 16) & 0xff] & 0x00ff0000) ^
+		(Te0[(t0 >>  8) & 0xff] & 0x0000ff00) ^
+		(Te1[(t1      ) & 0xff] & 0x000000ff) ^
 		rk[2];
 	PUTU32(out +  8, s2);
 	s3 =
-		(Te4[(t3 >> 24)       ] & 0xff000000) ^
-		(Te4[(t0 >> 16) & 0xff] & 0x00ff0000) ^
-		(Te4[(t1 >>  8) & 0xff] & 0x0000ff00) ^
-		(Te4[(t2      ) & 0xff] & 0x000000ff) ^
+		(Te2[(t3 >> 24)       ] & 0xff000000) ^
+		(Te3[(t0 >> 16) & 0xff] & 0x00ff0000) ^
+		(Te0[(t1 >>  8) & 0xff] & 0x0000ff00) ^
+		(Te1[(t2      ) & 0xff] & 0x000000ff) ^
 		rk[3];
 	PUTU32(out + 12, s3);
 }
@@ -1242,33 +1127,232 @@ void AES_decrypt(const unsigned char *in, unsigned char *out,
 	 * map cipher state to byte array block:
 	 */
    	s0 =
-   		(Td4[(t0 >> 24)       ] & 0xff000000) ^
-   		(Td4[(t3 >> 16) & 0xff] & 0x00ff0000) ^
-   		(Td4[(t2 >>  8) & 0xff] & 0x0000ff00) ^
-   		(Td4[(t1      ) & 0xff] & 0x000000ff) ^
+   		(Td4[(t0 >> 24)       ] << 24) ^
+   		(Td4[(t3 >> 16) & 0xff] << 16) ^
+   		(Td4[(t2 >>  8) & 0xff] <<  8) ^
+   		(Td4[(t1      ) & 0xff])       ^
    		rk[0];
 	PUTU32(out     , s0);
    	s1 =
-   		(Td4[(t1 >> 24)       ] & 0xff000000) ^
-   		(Td4[(t0 >> 16) & 0xff] & 0x00ff0000) ^
-   		(Td4[(t3 >>  8) & 0xff] & 0x0000ff00) ^
-   		(Td4[(t2      ) & 0xff] & 0x000000ff) ^
+   		(Td4[(t1 >> 24)       ] << 24) ^
+   		(Td4[(t0 >> 16) & 0xff] << 16) ^
+   		(Td4[(t3 >>  8) & 0xff] <<  8) ^
+   		(Td4[(t2      ) & 0xff])       ^
    		rk[1];
 	PUTU32(out +  4, s1);
    	s2 =
-   		(Td4[(t2 >> 24)       ] & 0xff000000) ^
-   		(Td4[(t1 >> 16) & 0xff] & 0x00ff0000) ^
-   		(Td4[(t0 >>  8) & 0xff] & 0x0000ff00) ^
-   		(Td4[(t3      ) & 0xff] & 0x000000ff) ^
+   		(Td4[(t2 >> 24)       ] << 24) ^
+   		(Td4[(t1 >> 16) & 0xff] << 16) ^
+   		(Td4[(t0 >>  8) & 0xff] <<  8) ^
+   		(Td4[(t3      ) & 0xff])       ^
    		rk[2];
 	PUTU32(out +  8, s2);
    	s3 =
-   		(Td4[(t3 >> 24)       ] & 0xff000000) ^
-   		(Td4[(t2 >> 16) & 0xff] & 0x00ff0000) ^
-   		(Td4[(t1 >>  8) & 0xff] & 0x0000ff00) ^
-   		(Td4[(t0      ) & 0xff] & 0x000000ff) ^
+   		(Td4[(t3 >> 24)       ] << 24) ^
+   		(Td4[(t2 >> 16) & 0xff] << 16) ^
+   		(Td4[(t1 >>  8) & 0xff] <<  8) ^
+   		(Td4[(t0      ) & 0xff])       ^
    		rk[3];
 	PUTU32(out + 12, s3);
 }
 
+#else /* AES_ASM */
+
+static const u8 Te4[256] = {
+    0x63U, 0x7cU, 0x77U, 0x7bU, 0xf2U, 0x6bU, 0x6fU, 0xc5U,
+    0x30U, 0x01U, 0x67U, 0x2bU, 0xfeU, 0xd7U, 0xabU, 0x76U,
+    0xcaU, 0x82U, 0xc9U, 0x7dU, 0xfaU, 0x59U, 0x47U, 0xf0U,
+    0xadU, 0xd4U, 0xa2U, 0xafU, 0x9cU, 0xa4U, 0x72U, 0xc0U,
+    0xb7U, 0xfdU, 0x93U, 0x26U, 0x36U, 0x3fU, 0xf7U, 0xccU,
+    0x34U, 0xa5U, 0xe5U, 0xf1U, 0x71U, 0xd8U, 0x31U, 0x15U,
+    0x04U, 0xc7U, 0x23U, 0xc3U, 0x18U, 0x96U, 0x05U, 0x9aU,
+    0x07U, 0x12U, 0x80U, 0xe2U, 0xebU, 0x27U, 0xb2U, 0x75U,
+    0x09U, 0x83U, 0x2cU, 0x1aU, 0x1bU, 0x6eU, 0x5aU, 0xa0U,
+    0x52U, 0x3bU, 0xd6U, 0xb3U, 0x29U, 0xe3U, 0x2fU, 0x84U,
+    0x53U, 0xd1U, 0x00U, 0xedU, 0x20U, 0xfcU, 0xb1U, 0x5bU,
+    0x6aU, 0xcbU, 0xbeU, 0x39U, 0x4aU, 0x4cU, 0x58U, 0xcfU,
+    0xd0U, 0xefU, 0xaaU, 0xfbU, 0x43U, 0x4dU, 0x33U, 0x85U,
+    0x45U, 0xf9U, 0x02U, 0x7fU, 0x50U, 0x3cU, 0x9fU, 0xa8U,
+    0x51U, 0xa3U, 0x40U, 0x8fU, 0x92U, 0x9dU, 0x38U, 0xf5U,
+    0xbcU, 0xb6U, 0xdaU, 0x21U, 0x10U, 0xffU, 0xf3U, 0xd2U,
+    0xcdU, 0x0cU, 0x13U, 0xecU, 0x5fU, 0x97U, 0x44U, 0x17U,
+    0xc4U, 0xa7U, 0x7eU, 0x3dU, 0x64U, 0x5dU, 0x19U, 0x73U,
+    0x60U, 0x81U, 0x4fU, 0xdcU, 0x22U, 0x2aU, 0x90U, 0x88U,
+    0x46U, 0xeeU, 0xb8U, 0x14U, 0xdeU, 0x5eU, 0x0bU, 0xdbU,
+    0xe0U, 0x32U, 0x3aU, 0x0aU, 0x49U, 0x06U, 0x24U, 0x5cU,
+    0xc2U, 0xd3U, 0xacU, 0x62U, 0x91U, 0x95U, 0xe4U, 0x79U,
+    0xe7U, 0xc8U, 0x37U, 0x6dU, 0x8dU, 0xd5U, 0x4eU, 0xa9U,
+    0x6cU, 0x56U, 0xf4U, 0xeaU, 0x65U, 0x7aU, 0xaeU, 0x08U,
+    0xbaU, 0x78U, 0x25U, 0x2eU, 0x1cU, 0xa6U, 0xb4U, 0xc6U,
+    0xe8U, 0xddU, 0x74U, 0x1fU, 0x4bU, 0xbdU, 0x8bU, 0x8aU,
+    0x70U, 0x3eU, 0xb5U, 0x66U, 0x48U, 0x03U, 0xf6U, 0x0eU,
+    0x61U, 0x35U, 0x57U, 0xb9U, 0x86U, 0xc1U, 0x1dU, 0x9eU,
+    0xe1U, 0xf8U, 0x98U, 0x11U, 0x69U, 0xd9U, 0x8eU, 0x94U,
+    0x9bU, 0x1eU, 0x87U, 0xe9U, 0xceU, 0x55U, 0x28U, 0xdfU,
+    0x8cU, 0xa1U, 0x89U, 0x0dU, 0xbfU, 0xe6U, 0x42U, 0x68U,
+    0x41U, 0x99U, 0x2dU, 0x0fU, 0xb0U, 0x54U, 0xbbU, 0x16U
+};
+static const u32 rcon[] = {
+	0x01000000, 0x02000000, 0x04000000, 0x08000000,
+	0x10000000, 0x20000000, 0x40000000, 0x80000000,
+	0x1B000000, 0x36000000, /* for 128-bit blocks, Rijndael never uses more than 10 rcon values */
+};
+
+/**
+ * Expand the cipher key into the encryption key schedule.
+ */
+int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
+			AES_KEY *key) {
+	u32 *rk;
+   	int i = 0;
+	u32 temp;
+
+	if (!userKey || !key)
+		return -1;
+	if (bits != 128 && bits != 192 && bits != 256)
+		return -2;
+
+	rk = key->rd_key;
+
+	if (bits==128)
+		key->rounds = 10;
+	else if (bits==192)
+		key->rounds = 12;
+	else
+		key->rounds = 14;
+
+	rk[0] = GETU32(userKey     );
+	rk[1] = GETU32(userKey +  4);
+	rk[2] = GETU32(userKey +  8);
+	rk[3] = GETU32(userKey + 12);
+	if (bits == 128) {
+		while (1) {
+			temp  = rk[3];
+			rk[4] = rk[0] ^
+				(Te4[(temp >> 16) & 0xff] << 24) ^
+				(Te4[(temp >>  8) & 0xff] << 16) ^
+				(Te4[(temp      ) & 0xff] << 8) ^
+				(Te4[(temp >> 24)       ]) ^
+				rcon[i];
+			rk[5] = rk[1] ^ rk[4];
+			rk[6] = rk[2] ^ rk[5];
+			rk[7] = rk[3] ^ rk[6];
+			if (++i == 10) {
+				return 0;
+			}
+			rk += 4;
+		}
+	}
+	rk[4] = GETU32(userKey + 16);
+	rk[5] = GETU32(userKey + 20);
+	if (bits == 192) {
+		while (1) {
+			temp = rk[ 5];
+			rk[ 6] = rk[ 0] ^
+				(Te4[(temp >> 16) & 0xff] << 24) ^
+				(Te4[(temp >>  8) & 0xff] << 16) ^
+				(Te4[(temp      ) & 0xff] << 8) ^
+				(Te4[(temp >> 24)       ]) ^
+				rcon[i];
+			rk[ 7] = rk[ 1] ^ rk[ 6];
+			rk[ 8] = rk[ 2] ^ rk[ 7];
+			rk[ 9] = rk[ 3] ^ rk[ 8];
+			if (++i == 8) {
+				return 0;
+			}
+			rk[10] = rk[ 4] ^ rk[ 9];
+			rk[11] = rk[ 5] ^ rk[10];
+			rk += 6;
+		}
+	}
+	rk[6] = GETU32(userKey + 24);
+	rk[7] = GETU32(userKey + 28);
+	if (bits == 256) {
+		while (1) {
+			temp = rk[ 7];
+			rk[ 8] = rk[ 0] ^
+				(Te4[(temp >> 16) & 0xff] << 24) ^
+				(Te4[(temp >>  8) & 0xff] << 16) ^
+				(Te4[(temp      ) & 0xff] << 8) ^
+				(Te4[(temp >> 24)       ]) ^
+				rcon[i];
+			rk[ 9] = rk[ 1] ^ rk[ 8];
+			rk[10] = rk[ 2] ^ rk[ 9];
+			rk[11] = rk[ 3] ^ rk[10];
+			if (++i == 7) {
+				return 0;
+			}
+			temp = rk[11];
+			rk[12] = rk[ 4] ^
+				(Te4[(temp >> 24)       ] << 24) ^
+				(Te4[(temp >> 16) & 0xff] << 16) ^
+				(Te4[(temp >>  8) & 0xff] << 8) ^
+				(Te4[(temp      ) & 0xff]);
+			rk[13] = rk[ 5] ^ rk[12];
+			rk[14] = rk[ 6] ^ rk[13];
+			rk[15] = rk[ 7] ^ rk[14];
+
+			rk += 8;
+        	}
+	}
+	return 0;
+}
+
+/**
+ * Expand the cipher key into the decryption key schedule.
+ */
+int AES_set_decrypt_key(const unsigned char *userKey, const int bits,
+			 AES_KEY *key) {
+
+        u32 *rk;
+	int i, j, status;
+	u32 temp;
+
+	/* first, start with an encryption schedule */
+	status = AES_set_encrypt_key(userKey, bits, key);
+	if (status < 0)
+		return status;
+
+	rk = key->rd_key;
+
+	/* invert the order of the round keys: */
+	for (i = 0, j = 4*(key->rounds); i < j; i += 4, j -= 4) {
+		temp = rk[i    ]; rk[i    ] = rk[j    ]; rk[j    ] = temp;
+		temp = rk[i + 1]; rk[i + 1] = rk[j + 1]; rk[j + 1] = temp;
+		temp = rk[i + 2]; rk[i + 2] = rk[j + 2]; rk[j + 2] = temp;
+		temp = rk[i + 3]; rk[i + 3] = rk[j + 3]; rk[j + 3] = temp;
+	}
+	/* apply the inverse MixColumn transform to all round keys but the first and the last: */
+	for (i = 1; i < (key->rounds); i++) {
+		rk += 4;
+		for (j = 0; j < 4; j++) {
+			u32 tp1, tp2, tp4, tp8, tp9, tpb, tpd, tpe, m;
+
+			tp1 = rk[j];
+			m = tp1 & 0x80808080;
+			tp2 = ((tp1 & 0x7f7f7f7f) << 1) ^
+				((m - (m >> 7)) & 0x1b1b1b1b);
+			m = tp2 & 0x80808080;
+			tp4 = ((tp2 & 0x7f7f7f7f) << 1) ^
+				((m - (m >> 7)) & 0x1b1b1b1b);
+			m = tp4 & 0x80808080;
+			tp8 = ((tp4 & 0x7f7f7f7f) << 1) ^
+				((m - (m >> 7)) & 0x1b1b1b1b);
+			tp9 = tp8 ^ tp1;
+			tpb = tp9 ^ tp2;
+			tpd = tp9 ^ tp4;
+			tpe = tp8 ^ tp4 ^ tp2;
+#if defined(ROTATE)
+			rk[j] = tpe ^ ROTATE(tpd,16) ^
+				ROTATE(tp9,24) ^ ROTATE(tpb,8);
+#else
+			rk[j] = tpe ^ (tpd >> 16) ^ (tpd << 16) ^ 
+				(tp9 >> 8) ^ (tp9 << 24) ^
+				(tpb >> 24) ^ (tpb << 8);
+#endif
+		}
+	}
+	return 0;
+}
+
 #endif /* AES_ASM */
diff --git a/crypto/aes/aes_ctr.c b/crypto/aes/aes_ctr.c
index f36982be1e..7c9d165d8a 100644
--- a/crypto/aes/aes_ctr.c
+++ b/crypto/aes/aes_ctr.c
@@ -49,91 +49,13 @@
  *
  */
 
-#ifndef AES_DEBUG
-# ifndef NDEBUG
-#  define NDEBUG
-# endif
-#endif
-#include <assert.h>
-
 #include <openssl/aes.h>
-#include "aes_locl.h"
-
-/* NOTE: the IV/counter CTR mode is big-endian.  The rest of the AES code
- * is endian-neutral. */
-
-/* increment counter (128-bit int) by 1 */
-static void AES_ctr128_inc(unsigned char *counter) {
-	unsigned long c;
-
-	/* Grab bottom dword of counter and increment */
-	c = GETU32(counter + 12);
-	c++;	c &= 0xFFFFFFFF;
-	PUTU32(counter + 12, c);
-
-	/* if no overflow, we're done */
-	if (c)
-		return;
-
-	/* Grab 1st dword of counter and increment */
-	c = GETU32(counter +  8);
-	c++;	c &= 0xFFFFFFFF;
-	PUTU32(counter +  8, c);
-
-	/* if no overflow, we're done */
-	if (c)
-		return;
-
-	/* Grab 2nd dword of counter and increment */
-	c = GETU32(counter +  4);
-	c++;	c &= 0xFFFFFFFF;
-	PUTU32(counter +  4, c);
-
-	/* if no overflow, we're done */
-	if (c)
-		return;
+#include <openssl/modes.h>
 
-	/* Grab top dword of counter and increment */
-	c = GETU32(counter +  0);
-	c++;	c &= 0xFFFFFFFF;
-	PUTU32(counter +  0, c);
-}
-
-/* The input encrypted as though 128bit counter mode is being
- * used.  The extra state information to record how much of the
- * 128bit block we have used is contained in *num, and the
- * encrypted counter is kept in ecount_buf.  Both *num and
- * ecount_buf must be initialised with zeros before the first
- * call to AES_ctr128_encrypt().
- *
- * This algorithm assumes that the counter is in the x lower bits
- * of the IV (ivec), and that the application has full control over
- * overflow and the rest of the IV.  This implementation takes NO
- * responsability for checking that the counter doesn't overflow
- * into the rest of the IV when incremented.
- */
 void AES_ctr128_encrypt(const unsigned char *in, unsigned char *out,
-	const unsigned long length, const AES_KEY *key,
-	unsigned char ivec[AES_BLOCK_SIZE],
-	unsigned char ecount_buf[AES_BLOCK_SIZE],
-	unsigned int *num) {
-
-	unsigned int n;
-	unsigned long l=length;
-
-	assert(in && out && key && counter && num);
-	assert(*num < AES_BLOCK_SIZE);
-
-	n = *num;
-
-	while (l--) {
-		if (n == 0) {
-			AES_encrypt(ivec, ecount_buf, key);
- 			AES_ctr128_inc(ivec);
-		}
-		*(out++) = *(in++) ^ ecount_buf[n];
-		n = (n+1) % AES_BLOCK_SIZE;
-	}
-
-	*num=n;
+			size_t length, const AES_KEY *key,
+			unsigned char ivec[AES_BLOCK_SIZE],
+			unsigned char ecount_buf[AES_BLOCK_SIZE],
+			unsigned int *num) {
+	CRYPTO_ctr128_encrypt(in,out,length,key,ivec,ecount_buf,num,(block128_f)AES_encrypt);
 }
diff --git a/crypto/aes/aes_ige.c b/crypto/aes/aes_ige.c
new file mode 100644
index 0000000000..c161351e65
--- /dev/null
+++ b/crypto/aes/aes_ige.c
@@ -0,0 +1,323 @@
+/* crypto/aes/aes_ige.c -*- mode:C; c-file-style: "eay" -*- */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#include "cryptlib.h"
+
+#include <openssl/aes.h>
+#include "aes_locl.h"
+
+#define N_WORDS (AES_BLOCK_SIZE / sizeof(unsigned long))
+typedef struct {
+        unsigned long data[N_WORDS];
+} aes_block_t;
+
+/* XXX: probably some better way to do this */
+#if defined(__i386__) || defined(__x86_64__)
+#define UNALIGNED_MEMOPS_ARE_FAST 1
+#else
+#define UNALIGNED_MEMOPS_ARE_FAST 0
+#endif
+
+#if UNALIGNED_MEMOPS_ARE_FAST
+#define load_block(d, s)        (d) = *(const aes_block_t *)(s)
+#define store_block(d, s)       *(aes_block_t *)(d) = (s)
+#else
+#define load_block(d, s)        memcpy((d).data, (s), AES_BLOCK_SIZE)
+#define store_block(d, s)       memcpy((d), (s).data, AES_BLOCK_SIZE)
+#endif
+
+/* N.B. The IV for this mode is _twice_ the block size */
+
+void AES_ige_encrypt(const unsigned char *in, unsigned char *out,
+					 size_t length, const AES_KEY *key,
+					 unsigned char *ivec, const int enc)
+	{
+	size_t n;
+	size_t len = length;
+
+	OPENSSL_assert(in && out && key && ivec);
+	OPENSSL_assert((AES_ENCRYPT == enc)||(AES_DECRYPT == enc));
+	OPENSSL_assert((length%AES_BLOCK_SIZE) == 0);
+
+	len = length / AES_BLOCK_SIZE;
+
+	if (AES_ENCRYPT == enc)
+		{
+		if (in != out &&
+		    (UNALIGNED_MEMOPS_ARE_FAST || ((size_t)in|(size_t)out|(size_t)ivec)%sizeof(long)==0))
+			{
+			aes_block_t *ivp = (aes_block_t *)ivec;
+			aes_block_t *iv2p = (aes_block_t *)(ivec + AES_BLOCK_SIZE);
+
+			while (len)
+				{
+				aes_block_t *inp = (aes_block_t *)in;
+				aes_block_t *outp = (aes_block_t *)out;
+
+				for(n=0 ; n < N_WORDS; ++n)
+					outp->data[n] = inp->data[n] ^ ivp->data[n];
+				AES_encrypt((unsigned char *)outp->data, (unsigned char *)outp->data, key);
+				for(n=0 ; n < N_WORDS; ++n)
+					outp->data[n] ^= iv2p->data[n];
+				ivp = outp;
+				iv2p = inp;
+				--len;
+				in += AES_BLOCK_SIZE;
+				out += AES_BLOCK_SIZE;
+				}
+			memcpy(ivec, ivp->data, AES_BLOCK_SIZE);
+			memcpy(ivec + AES_BLOCK_SIZE, iv2p->data, AES_BLOCK_SIZE);
+			}
+		else
+			{
+			aes_block_t tmp, tmp2;
+			aes_block_t iv;
+			aes_block_t iv2;
+
+			load_block(iv, ivec);
+			load_block(iv2, ivec + AES_BLOCK_SIZE);
+
+			while (len)
+				{
+				load_block(tmp, in);
+				for(n=0 ; n < N_WORDS; ++n)
+					tmp2.data[n] = tmp.data[n] ^ iv.data[n];
+				AES_encrypt((unsigned char *)tmp2.data, (unsigned char *)tmp2.data, key);
+				for(n=0 ; n < N_WORDS; ++n)
+					tmp2.data[n] ^= iv2.data[n];
+				store_block(out, tmp2);
+				iv = tmp2;
+				iv2 = tmp;
+				--len;
+				in += AES_BLOCK_SIZE;
+				out += AES_BLOCK_SIZE;
+				}
+			memcpy(ivec, iv.data, AES_BLOCK_SIZE);
+			memcpy(ivec + AES_BLOCK_SIZE, iv2.data, AES_BLOCK_SIZE);
+			}
+		}
+	else
+		{
+		if (in != out &&
+		    (UNALIGNED_MEMOPS_ARE_FAST || ((size_t)in|(size_t)out|(size_t)ivec)%sizeof(long)==0))
+			{
+			aes_block_t *ivp = (aes_block_t *)ivec;
+			aes_block_t *iv2p = (aes_block_t *)(ivec + AES_BLOCK_SIZE);
+
+			while (len)
+				{
+				aes_block_t tmp;
+				aes_block_t *inp = (aes_block_t *)in;
+				aes_block_t *outp = (aes_block_t *)out;
+
+				for(n=0 ; n < N_WORDS; ++n)
+					tmp.data[n] = inp->data[n] ^ iv2p->data[n];
+				AES_decrypt((unsigned char *)tmp.data, (unsigned char *)outp->data, key);
+				for(n=0 ; n < N_WORDS; ++n)
+					outp->data[n] ^= ivp->data[n];
+				ivp = inp;
+				iv2p = outp;
+				--len;
+				in += AES_BLOCK_SIZE;
+				out += AES_BLOCK_SIZE;
+				}
+			memcpy(ivec, ivp->data, AES_BLOCK_SIZE);
+			memcpy(ivec + AES_BLOCK_SIZE, iv2p->data, AES_BLOCK_SIZE);
+			}
+		else
+			{
+			aes_block_t tmp, tmp2;
+			aes_block_t iv;
+			aes_block_t iv2;
+
+			load_block(iv, ivec);
+			load_block(iv2, ivec + AES_BLOCK_SIZE);
+
+			while (len)
+				{
+				load_block(tmp, in);
+				tmp2 = tmp;
+				for(n=0 ; n < N_WORDS; ++n)
+					tmp.data[n] ^= iv2.data[n];
+				AES_decrypt((unsigned char *)tmp.data, (unsigned char *)tmp.data, key);
+				for(n=0 ; n < N_WORDS; ++n)
+					tmp.data[n] ^= iv.data[n];
+				store_block(out, tmp);
+				iv = tmp2;
+				iv2 = tmp;
+				--len;
+				in += AES_BLOCK_SIZE;
+				out += AES_BLOCK_SIZE;
+				}
+			memcpy(ivec, iv.data, AES_BLOCK_SIZE);
+			memcpy(ivec + AES_BLOCK_SIZE, iv2.data, AES_BLOCK_SIZE);
+			}
+		}
+	}
+
+/*
+ * Note that its effectively impossible to do biIGE in anything other
+ * than a single pass, so no provision is made for chaining.
+ */
+
+/* N.B. The IV for this mode is _four times_ the block size */
+
+void AES_bi_ige_encrypt(const unsigned char *in, unsigned char *out,
+						size_t length, const AES_KEY *key,
+						const AES_KEY *key2, const unsigned char *ivec,
+						const int enc)
+	{
+	size_t n;
+	size_t len = length;
+	unsigned char tmp[AES_BLOCK_SIZE];
+	unsigned char tmp2[AES_BLOCK_SIZE];
+	unsigned char tmp3[AES_BLOCK_SIZE];
+	unsigned char prev[AES_BLOCK_SIZE];
+	const unsigned char *iv;
+	const unsigned char *iv2;
+
+	OPENSSL_assert(in && out && key && ivec);
+	OPENSSL_assert((AES_ENCRYPT == enc)||(AES_DECRYPT == enc));
+	OPENSSL_assert((length%AES_BLOCK_SIZE) == 0);
+
+	if (AES_ENCRYPT == enc)
+		{
+		/* XXX: Do a separate case for when in != out (strictly should
+		   check for overlap, too) */
+
+		/* First the forward pass */ 
+		iv = ivec;
+		iv2 = ivec + AES_BLOCK_SIZE;
+		while (len >= AES_BLOCK_SIZE)
+			{
+			for(n=0 ; n < AES_BLOCK_SIZE ; ++n)
+				out[n] = in[n] ^ iv[n];
+			AES_encrypt(out, out, key);
+			for(n=0 ; n < AES_BLOCK_SIZE ; ++n)
+				out[n] ^= iv2[n];
+			iv = out;
+			memcpy(prev, in, AES_BLOCK_SIZE);
+			iv2 = prev;
+			len -= AES_BLOCK_SIZE;
+			in += AES_BLOCK_SIZE;
+			out += AES_BLOCK_SIZE;
+			}
+
+		/* And now backwards */
+		iv = ivec + AES_BLOCK_SIZE*2;
+		iv2 = ivec + AES_BLOCK_SIZE*3;
+		len = length;
+		while(len >= AES_BLOCK_SIZE)
+			{
+			out -= AES_BLOCK_SIZE;
+			/* XXX: reduce copies by alternating between buffers */
+			memcpy(tmp, out, AES_BLOCK_SIZE);
+			for(n=0 ; n < AES_BLOCK_SIZE ; ++n)
+				out[n] ^= iv[n];
+			/*			hexdump(stdout, "out ^ iv", out, AES_BLOCK_SIZE); */
+			AES_encrypt(out, out, key);
+			/*			hexdump(stdout,"enc", out, AES_BLOCK_SIZE); */
+			/*			hexdump(stdout,"iv2", iv2, AES_BLOCK_SIZE); */
+			for(n=0 ; n < AES_BLOCK_SIZE ; ++n)
+				out[n] ^= iv2[n];
+			/*			hexdump(stdout,"out", out, AES_BLOCK_SIZE); */
+			iv = out;
+			memcpy(prev, tmp, AES_BLOCK_SIZE);
+			iv2 = prev;
+			len -= AES_BLOCK_SIZE;
+			}
+		}
+	else
+		{
+		/* First backwards */
+		iv = ivec + AES_BLOCK_SIZE*2;
+		iv2 = ivec + AES_BLOCK_SIZE*3;
+		in += length;
+		out += length;
+		while (len >= AES_BLOCK_SIZE)
+			{
+			in -= AES_BLOCK_SIZE;
+			out -= AES_BLOCK_SIZE;
+			memcpy(tmp, in, AES_BLOCK_SIZE);
+			memcpy(tmp2, in, AES_BLOCK_SIZE);
+			for(n=0 ; n < AES_BLOCK_SIZE ; ++n)
+				tmp[n] ^= iv2[n];
+			AES_decrypt(tmp, out, key);
+			for(n=0 ; n < AES_BLOCK_SIZE ; ++n)
+				out[n] ^= iv[n];
+			memcpy(tmp3, tmp2, AES_BLOCK_SIZE);
+			iv = tmp3;
+			iv2 = out;
+			len -= AES_BLOCK_SIZE;
+			}
+
+		/* And now forwards */
+		iv = ivec;
+		iv2 = ivec + AES_BLOCK_SIZE;
+		len = length;
+		while (len >= AES_BLOCK_SIZE)
+			{
+			memcpy(tmp, out, AES_BLOCK_SIZE);
+			memcpy(tmp2, out, AES_BLOCK_SIZE);
+			for(n=0 ; n < AES_BLOCK_SIZE ; ++n)
+				tmp[n] ^= iv2[n];
+			AES_decrypt(tmp, out, key);
+			for(n=0 ; n < AES_BLOCK_SIZE ; ++n)
+				out[n] ^= iv[n];
+			memcpy(tmp3, tmp2, AES_BLOCK_SIZE);
+			iv = tmp3;
+			iv2 = out;
+			len -= AES_BLOCK_SIZE;
+			in += AES_BLOCK_SIZE;
+			out += AES_BLOCK_SIZE;
+			}
+		}
+	}
diff --git a/crypto/aes/aes_locl.h b/crypto/aes/aes_locl.h
index 183805a15a..054b442d41 100644
--- a/crypto/aes/aes_locl.h
+++ b/crypto/aes/aes_locl.h
@@ -62,7 +62,7 @@
 #include <stdlib.h>
 #include <string.h>
 
-#if defined(_MSC_VER) && !defined(_M_IA64) && !defined(OPENSSL_SYS_WINCE)
+#if defined(_MSC_VER) && (defined(_M_IX86) || defined(_M_AMD64) || defined(_M_X64))
 # define SWAP(x) (_lrotl(x, 8) & 0x00ff00ff | _lrotr(x, 8) & 0xff00ff00)
 # define GETU32(p) SWAP(*((u32 *)(p)))
 # define PUTU32(ct, st) { *((u32 *)(ct)) = SWAP((st)); }
diff --git a/crypto/aes/aes_misc.c b/crypto/aes/aes_misc.c
index 090def25d5..4fead1b4c7 100644
--- a/crypto/aes/aes_misc.c
+++ b/crypto/aes/aes_misc.c
@@ -53,7 +53,7 @@
 #include <openssl/aes.h>
 #include "aes_locl.h"
 
-const char *AES_version="AES" OPENSSL_VERSION_PTEXT;
+const char AES_version[]="AES" OPENSSL_VERSION_PTEXT;
 
 const char *AES_options(void) {
 #ifdef FULL_UNROLL
diff --git a/crypto/aes/aes_ofb.c b/crypto/aes/aes_ofb.c
index f358bb39e2..50bf0b8325 100644
--- a/crypto/aes/aes_ofb.c
+++ b/crypto/aes/aes_ofb.c
@@ -1,6 +1,6 @@
 /* crypto/aes/aes_ofb.c -*- mode:C; c-file-style: "eay" -*- */
 /* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 2002-2006 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -48,95 +48,13 @@
  * ====================================================================
  *
  */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef AES_DEBUG
-# ifndef NDEBUG
-#  define NDEBUG
-# endif
-#endif
-#include <assert.h>
 
 #include <openssl/aes.h>
-#include "aes_locl.h"
+#include <openssl/modes.h>
 
-/* The input and output encrypted as though 128bit ofb mode is being
- * used.  The extra state information to record how much of the
- * 128bit block we have used is contained in *num;
- */
 void AES_ofb128_encrypt(const unsigned char *in, unsigned char *out,
-	const unsigned long length, const AES_KEY *key,
-	unsigned char *ivec, int *num) {
-
-	unsigned int n;
-	unsigned long l=length;
-
-	assert(in && out && key && ivec && num);
-
-	n = *num;
-
-	while (l--) {
-		if (n == 0) {
-			AES_encrypt(ivec, ivec, key);
-		}
-		*(out++) = *(in++) ^ ivec[n];
-		n = (n+1) % AES_BLOCK_SIZE;
-	}
-
-	*num=n;
+	size_t length, const AES_KEY *key,
+	unsigned char *ivec, int *num)
+{
+	CRYPTO_ofb128_encrypt(in,out,length,key,ivec,num,(block128_f)AES_encrypt);
 }
diff --git a/crypto/aes/aes_wrap.c b/crypto/aes/aes_wrap.c
new file mode 100644
index 0000000000..9feacd65d8
--- /dev/null
+++ b/crypto/aes/aes_wrap.c
@@ -0,0 +1,259 @@
+/* crypto/aes/aes_wrap.c */
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project.
+ */
+/* ====================================================================
+ * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+#include "cryptlib.h"
+#include <openssl/aes.h>
+#include <openssl/bio.h>
+
+static const unsigned char default_iv[] = {
+  0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6,
+};
+
+int AES_wrap_key(AES_KEY *key, const unsigned char *iv,
+		unsigned char *out,
+		const unsigned char *in, unsigned int inlen)
+	{
+	unsigned char *A, B[16], *R;
+	unsigned int i, j, t;
+	if ((inlen & 0x7) || (inlen < 8))
+		return -1;
+	A = B;
+	t = 1;
+	memcpy(out + 8, in, inlen);
+	if (!iv)
+		iv = default_iv;
+
+	memcpy(A, iv, 8);
+
+	for (j = 0; j < 6; j++)
+		{
+		R = out + 8;
+		for (i = 0; i < inlen; i += 8, t++, R += 8)
+			{
+			memcpy(B + 8, R, 8);
+			AES_encrypt(B, B, key);
+			A[7] ^= (unsigned char)(t & 0xff);
+			if (t > 0xff)	
+				{
+				A[6] ^= (unsigned char)((t & 0xff) >> 8);
+				A[5] ^= (unsigned char)((t & 0xff) >> 16);
+				A[4] ^= (unsigned char)((t & 0xff) >> 24);
+				}
+			memcpy(R, B + 8, 8);
+			}
+		}
+	memcpy(out, A, 8);
+	return inlen + 8;
+	}
+
+int AES_unwrap_key(AES_KEY *key, const unsigned char *iv,
+		unsigned char *out,
+		const unsigned char *in, unsigned int inlen)
+	{
+	unsigned char *A, B[16], *R;
+	unsigned int i, j, t;
+	inlen -= 8;
+	if (inlen & 0x7)
+		return -1;
+	if (inlen < 8)
+		return -1;
+	A = B;
+	t =  6 * (inlen >> 3);
+	memcpy(A, in, 8);
+	memcpy(out, in + 8, inlen);
+	for (j = 0; j < 6; j++)
+		{
+		R = out + inlen - 8;
+		for (i = 0; i < inlen; i += 8, t--, R -= 8)
+			{
+			A[7] ^= (unsigned char)(t & 0xff);
+			if (t > 0xff)	
+				{
+				A[6] ^= (unsigned char)((t & 0xff) >> 8);
+				A[5] ^= (unsigned char)((t & 0xff) >> 16);
+				A[4] ^= (unsigned char)((t & 0xff) >> 24);
+				}
+			memcpy(B + 8, R, 8);
+			AES_decrypt(B, B, key);
+			memcpy(R, B + 8, 8);
+			}
+		}
+	if (!iv)
+		iv = default_iv;
+	if (memcmp(A, iv, 8))
+		{
+		OPENSSL_cleanse(out, inlen);
+		return 0;
+		}
+	return inlen;
+	}
+
+#ifdef AES_WRAP_TEST
+
+int AES_wrap_unwrap_test(const unsigned char *kek, int keybits,
+			 const unsigned char *iv,
+			 const unsigned char *eout,
+			 const unsigned char *key, int keylen)
+	{
+	unsigned char *otmp = NULL, *ptmp = NULL;
+	int r, ret = 0;
+	AES_KEY wctx;
+	otmp = OPENSSL_malloc(keylen + 8);
+	ptmp = OPENSSL_malloc(keylen);
+	if (!otmp || !ptmp)
+		return 0;
+	if (AES_set_encrypt_key(kek, keybits, &wctx))
+		goto err;
+	r = AES_wrap_key(&wctx, iv, otmp, key, keylen);
+	if (r <= 0)
+		goto err;
+
+	if (eout && memcmp(eout, otmp, keylen))
+		goto err;
+		
+	if (AES_set_decrypt_key(kek, keybits, &wctx))
+		goto err;
+	r = AES_unwrap_key(&wctx, iv, ptmp, otmp, r);
+
+	if (memcmp(key, ptmp, keylen))
+		goto err;
+
+	ret = 1;
+
+	err:
+	if (otmp)
+		OPENSSL_free(otmp);
+	if (ptmp)
+		OPENSSL_free(ptmp);
+
+	return ret;
+
+	}
+
+
+
+int main(int argc, char **argv)
+{
+
+static const unsigned char kek[] = {
+  0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+  0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
+  0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
+  0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f
+};
+
+static const unsigned char key[] = {
+  0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
+  0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff,
+  0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+  0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f
+};
+
+static const unsigned char e1[] = {
+  0x1f, 0xa6, 0x8b, 0x0a, 0x81, 0x12, 0xb4, 0x47,
+  0xae, 0xf3, 0x4b, 0xd8, 0xfb, 0x5a, 0x7b, 0x82,
+  0x9d, 0x3e, 0x86, 0x23, 0x71, 0xd2, 0xcf, 0xe5
+};
+
+static const unsigned char e2[] = {
+  0x96, 0x77, 0x8b, 0x25, 0xae, 0x6c, 0xa4, 0x35,
+  0xf9, 0x2b, 0x5b, 0x97, 0xc0, 0x50, 0xae, 0xd2,
+  0x46, 0x8a, 0xb8, 0xa1, 0x7a, 0xd8, 0x4e, 0x5d
+};
+
+static const unsigned char e3[] = {
+  0x64, 0xe8, 0xc3, 0xf9, 0xce, 0x0f, 0x5b, 0xa2,
+  0x63, 0xe9, 0x77, 0x79, 0x05, 0x81, 0x8a, 0x2a,
+  0x93, 0xc8, 0x19, 0x1e, 0x7d, 0x6e, 0x8a, 0xe7
+};
+
+static const unsigned char e4[] = {
+  0x03, 0x1d, 0x33, 0x26, 0x4e, 0x15, 0xd3, 0x32,
+  0x68, 0xf2, 0x4e, 0xc2, 0x60, 0x74, 0x3e, 0xdc,
+  0xe1, 0xc6, 0xc7, 0xdd, 0xee, 0x72, 0x5a, 0x93,
+  0x6b, 0xa8, 0x14, 0x91, 0x5c, 0x67, 0x62, 0xd2
+};
+
+static const unsigned char e5[] = {
+  0xa8, 0xf9, 0xbc, 0x16, 0x12, 0xc6, 0x8b, 0x3f,
+  0xf6, 0xe6, 0xf4, 0xfb, 0xe3, 0x0e, 0x71, 0xe4,
+  0x76, 0x9c, 0x8b, 0x80, 0xa3, 0x2c, 0xb8, 0x95,
+  0x8c, 0xd5, 0xd1, 0x7d, 0x6b, 0x25, 0x4d, 0xa1
+};
+
+static const unsigned char e6[] = {
+  0x28, 0xc9, 0xf4, 0x04, 0xc4, 0xb8, 0x10, 0xf4,
+  0xcb, 0xcc, 0xb3, 0x5c, 0xfb, 0x87, 0xf8, 0x26,
+  0x3f, 0x57, 0x86, 0xe2, 0xd8, 0x0e, 0xd3, 0x26,
+  0xcb, 0xc7, 0xf0, 0xe7, 0x1a, 0x99, 0xf4, 0x3b,
+  0xfb, 0x98, 0x8b, 0x9b, 0x7a, 0x02, 0xdd, 0x21
+};
+
+	AES_KEY wctx, xctx;
+	int ret;
+	ret = AES_wrap_unwrap_test(kek, 128, NULL, e1, key, 16);
+	fprintf(stderr, "Key test result %d\n", ret);
+	ret = AES_wrap_unwrap_test(kek, 192, NULL, e2, key, 16);
+	fprintf(stderr, "Key test result %d\n", ret);
+	ret = AES_wrap_unwrap_test(kek, 256, NULL, e3, key, 16);
+	fprintf(stderr, "Key test result %d\n", ret);
+	ret = AES_wrap_unwrap_test(kek, 192, NULL, e4, key, 24);
+	fprintf(stderr, "Key test result %d\n", ret);
+	ret = AES_wrap_unwrap_test(kek, 256, NULL, e5, key, 24);
+	fprintf(stderr, "Key test result %d\n", ret);
+	ret = AES_wrap_unwrap_test(kek, 256, NULL, e6, key, 32);
+	fprintf(stderr, "Key test result %d\n", ret);
+}
+	
+	
+#endif
diff --git a/crypto/aes/aes_x86core.c b/crypto/aes/aes_x86core.c
new file mode 100644
index 0000000000..d323e265c0
--- /dev/null
+++ b/crypto/aes/aes_x86core.c
@@ -0,0 +1,1063 @@
+/* crypto/aes/aes_core.c -*- mode:C; c-file-style: "eay" -*- */
+/**
+ * rijndael-alg-fst.c
+ *
+ * @version 3.0 (December 2000)
+ *
+ * Optimised ANSI C code for the Rijndael cipher (now AES)
+ *
+ * @author Vincent Rijmen <vincent.rijmen@esat.kuleuven.ac.be>
+ * @author Antoon Bosselaers <antoon.bosselaers@esat.kuleuven.ac.be>
+ * @author Paulo Barreto <paulo.barreto@terra.com.br>
+ *
+ * This code is hereby placed in the public domain.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS
+ * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
+ * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+ * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
+ * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+ * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * This is experimental x86[_64] derivative. It assumes little-endian
+ * byte order and expects CPU to sustain unaligned memory references.
+ * It is used as playground for cache-time attack mitigations and
+ * serves as reference C implementation for x86[_64] assembler.
+ *
+ *					<appro@fy.chalmers.se>
+ */
+
+
+#ifndef AES_DEBUG
+# ifndef NDEBUG
+#  define NDEBUG
+# endif
+#endif
+#include <assert.h>
+
+#include <stdlib.h>
+#include <openssl/aes.h>
+#include "aes_locl.h"
+
+/*
+ * These two parameters control which table, 256-byte or 2KB, is
+ * referenced in outer and respectively inner rounds.
+ */
+#define AES_COMPACT_IN_OUTER_ROUNDS
+#ifdef  AES_COMPACT_IN_OUTER_ROUNDS
+/* AES_COMPACT_IN_OUTER_ROUNDS costs ~30% in performance, while
+ * adding AES_COMPACT_IN_INNER_ROUNDS reduces benchmark *further*
+ * by factor of ~2. */
+# undef  AES_COMPACT_IN_INNER_ROUNDS
+#endif
+
+#if 1
+static void prefetch256(const void *table)
+{
+	volatile unsigned long *t=(void *)table,ret;
+	unsigned long sum;
+	int i;
+
+	/* 32 is common least cache-line size */
+	for (sum=0,i=0;i<256/sizeof(t[0]);i+=32/sizeof(t[0]))	sum ^= t[i];
+
+	ret = sum;
+}
+#else
+# define prefetch256(t)
+#endif
+
+#undef GETU32
+#define GETU32(p) (*((u32*)(p)))
+
+#if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32__)
+typedef unsigned __int64 u64;
+#define U64(C)	C##UI64
+#elif defined(__arch64__)
+typedef unsigned long u64;
+#define U64(C)	C##UL
+#else
+typedef unsigned long long u64;
+#define U64(C)	C##ULL
+#endif
+
+#undef ROTATE
+#if defined(_MSC_VER) || defined(__ICC)
+# define ROTATE(a,n)	_lrotl(a,n)
+#elif defined(__GNUC__) && __GNUC__>=2
+# if defined(__i386) || defined(__i386__) || defined(__x86_64) || defined(__x86_64__)
+#   define ROTATE(a,n)	({ register unsigned int ret;	\
+				asm (			\
+				"roll %1,%0"		\
+				: "=r"(ret)		\
+				: "I"(n), "0"(a)	\
+				: "cc");		\
+			   ret;				\
+			})
+# endif
+#endif
+/*
+Te [x] = S [x].[02, 01, 01, 03, 02, 01, 01, 03];
+Te0[x] = S [x].[02, 01, 01, 03];
+Te1[x] = S [x].[03, 02, 01, 01];
+Te2[x] = S [x].[01, 03, 02, 01];
+Te3[x] = S [x].[01, 01, 03, 02];
+*/
+#define Te0 (u32)((u64*)((u8*)Te+0))
+#define Te1 (u32)((u64*)((u8*)Te+3))
+#define Te2 (u32)((u64*)((u8*)Te+2))
+#define Te3 (u32)((u64*)((u8*)Te+1))
+/*
+Td [x] = Si[x].[0e, 09, 0d, 0b, 0e, 09, 0d, 0b];
+Td0[x] = Si[x].[0e, 09, 0d, 0b];
+Td1[x] = Si[x].[0b, 0e, 09, 0d];
+Td2[x] = Si[x].[0d, 0b, 0e, 09];
+Td3[x] = Si[x].[09, 0d, 0b, 0e];
+Td4[x] = Si[x].[01];
+*/
+#define Td0 (u32)((u64*)((u8*)Td+0))
+#define Td1 (u32)((u64*)((u8*)Td+3))
+#define Td2 (u32)((u64*)((u8*)Td+2))
+#define Td3 (u32)((u64*)((u8*)Td+1))
+
+static const u64 Te[256] = {
+    U64(0xa56363c6a56363c6), U64(0x847c7cf8847c7cf8),
+    U64(0x997777ee997777ee), U64(0x8d7b7bf68d7b7bf6),
+    U64(0x0df2f2ff0df2f2ff), U64(0xbd6b6bd6bd6b6bd6),
+    U64(0xb16f6fdeb16f6fde), U64(0x54c5c59154c5c591),
+    U64(0x5030306050303060), U64(0x0301010203010102),
+    U64(0xa96767cea96767ce), U64(0x7d2b2b567d2b2b56),
+    U64(0x19fefee719fefee7), U64(0x62d7d7b562d7d7b5),
+    U64(0xe6abab4de6abab4d), U64(0x9a7676ec9a7676ec),
+    U64(0x45caca8f45caca8f), U64(0x9d82821f9d82821f),
+    U64(0x40c9c98940c9c989), U64(0x877d7dfa877d7dfa),
+    U64(0x15fafaef15fafaef), U64(0xeb5959b2eb5959b2),
+    U64(0xc947478ec947478e), U64(0x0bf0f0fb0bf0f0fb),
+    U64(0xecadad41ecadad41), U64(0x67d4d4b367d4d4b3),
+    U64(0xfda2a25ffda2a25f), U64(0xeaafaf45eaafaf45),
+    U64(0xbf9c9c23bf9c9c23), U64(0xf7a4a453f7a4a453),
+    U64(0x967272e4967272e4), U64(0x5bc0c09b5bc0c09b),
+    U64(0xc2b7b775c2b7b775), U64(0x1cfdfde11cfdfde1),
+    U64(0xae93933dae93933d), U64(0x6a26264c6a26264c),
+    U64(0x5a36366c5a36366c), U64(0x413f3f7e413f3f7e),
+    U64(0x02f7f7f502f7f7f5), U64(0x4fcccc834fcccc83),
+    U64(0x5c3434685c343468), U64(0xf4a5a551f4a5a551),
+    U64(0x34e5e5d134e5e5d1), U64(0x08f1f1f908f1f1f9),
+    U64(0x937171e2937171e2), U64(0x73d8d8ab73d8d8ab),
+    U64(0x5331316253313162), U64(0x3f15152a3f15152a),
+    U64(0x0c0404080c040408), U64(0x52c7c79552c7c795),
+    U64(0x6523234665232346), U64(0x5ec3c39d5ec3c39d),
+    U64(0x2818183028181830), U64(0xa1969637a1969637),
+    U64(0x0f05050a0f05050a), U64(0xb59a9a2fb59a9a2f),
+    U64(0x0907070e0907070e), U64(0x3612122436121224),
+    U64(0x9b80801b9b80801b), U64(0x3de2e2df3de2e2df),
+    U64(0x26ebebcd26ebebcd), U64(0x6927274e6927274e),
+    U64(0xcdb2b27fcdb2b27f), U64(0x9f7575ea9f7575ea),
+    U64(0x1b0909121b090912), U64(0x9e83831d9e83831d),
+    U64(0x742c2c58742c2c58), U64(0x2e1a1a342e1a1a34),
+    U64(0x2d1b1b362d1b1b36), U64(0xb26e6edcb26e6edc),
+    U64(0xee5a5ab4ee5a5ab4), U64(0xfba0a05bfba0a05b),
+    U64(0xf65252a4f65252a4), U64(0x4d3b3b764d3b3b76),
+    U64(0x61d6d6b761d6d6b7), U64(0xceb3b37dceb3b37d),
+    U64(0x7b2929527b292952), U64(0x3ee3e3dd3ee3e3dd),
+    U64(0x712f2f5e712f2f5e), U64(0x9784841397848413),
+    U64(0xf55353a6f55353a6), U64(0x68d1d1b968d1d1b9),
+    U64(0x0000000000000000), U64(0x2cededc12cededc1),
+    U64(0x6020204060202040), U64(0x1ffcfce31ffcfce3),
+    U64(0xc8b1b179c8b1b179), U64(0xed5b5bb6ed5b5bb6),
+    U64(0xbe6a6ad4be6a6ad4), U64(0x46cbcb8d46cbcb8d),
+    U64(0xd9bebe67d9bebe67), U64(0x4b3939724b393972),
+    U64(0xde4a4a94de4a4a94), U64(0xd44c4c98d44c4c98),
+    U64(0xe85858b0e85858b0), U64(0x4acfcf854acfcf85),
+    U64(0x6bd0d0bb6bd0d0bb), U64(0x2aefefc52aefefc5),
+    U64(0xe5aaaa4fe5aaaa4f), U64(0x16fbfbed16fbfbed),
+    U64(0xc5434386c5434386), U64(0xd74d4d9ad74d4d9a),
+    U64(0x5533336655333366), U64(0x9485851194858511),
+    U64(0xcf45458acf45458a), U64(0x10f9f9e910f9f9e9),
+    U64(0x0602020406020204), U64(0x817f7ffe817f7ffe),
+    U64(0xf05050a0f05050a0), U64(0x443c3c78443c3c78),
+    U64(0xba9f9f25ba9f9f25), U64(0xe3a8a84be3a8a84b),
+    U64(0xf35151a2f35151a2), U64(0xfea3a35dfea3a35d),
+    U64(0xc0404080c0404080), U64(0x8a8f8f058a8f8f05),
+    U64(0xad92923fad92923f), U64(0xbc9d9d21bc9d9d21),
+    U64(0x4838387048383870), U64(0x04f5f5f104f5f5f1),
+    U64(0xdfbcbc63dfbcbc63), U64(0xc1b6b677c1b6b677),
+    U64(0x75dadaaf75dadaaf), U64(0x6321214263212142),
+    U64(0x3010102030101020), U64(0x1affffe51affffe5),
+    U64(0x0ef3f3fd0ef3f3fd), U64(0x6dd2d2bf6dd2d2bf),
+    U64(0x4ccdcd814ccdcd81), U64(0x140c0c18140c0c18),
+    U64(0x3513132635131326), U64(0x2fececc32fececc3),
+    U64(0xe15f5fbee15f5fbe), U64(0xa2979735a2979735),
+    U64(0xcc444488cc444488), U64(0x3917172e3917172e),
+    U64(0x57c4c49357c4c493), U64(0xf2a7a755f2a7a755),
+    U64(0x827e7efc827e7efc), U64(0x473d3d7a473d3d7a),
+    U64(0xac6464c8ac6464c8), U64(0xe75d5dbae75d5dba),
+    U64(0x2b1919322b191932), U64(0x957373e6957373e6),
+    U64(0xa06060c0a06060c0), U64(0x9881811998818119),
+    U64(0xd14f4f9ed14f4f9e), U64(0x7fdcdca37fdcdca3),
+    U64(0x6622224466222244), U64(0x7e2a2a547e2a2a54),
+    U64(0xab90903bab90903b), U64(0x8388880b8388880b),
+    U64(0xca46468cca46468c), U64(0x29eeeec729eeeec7),
+    U64(0xd3b8b86bd3b8b86b), U64(0x3c1414283c141428),
+    U64(0x79dedea779dedea7), U64(0xe25e5ebce25e5ebc),
+    U64(0x1d0b0b161d0b0b16), U64(0x76dbdbad76dbdbad),
+    U64(0x3be0e0db3be0e0db), U64(0x5632326456323264),
+    U64(0x4e3a3a744e3a3a74), U64(0x1e0a0a141e0a0a14),
+    U64(0xdb494992db494992), U64(0x0a06060c0a06060c),
+    U64(0x6c2424486c242448), U64(0xe45c5cb8e45c5cb8),
+    U64(0x5dc2c29f5dc2c29f), U64(0x6ed3d3bd6ed3d3bd),
+    U64(0xefacac43efacac43), U64(0xa66262c4a66262c4),
+    U64(0xa8919139a8919139), U64(0xa4959531a4959531),
+    U64(0x37e4e4d337e4e4d3), U64(0x8b7979f28b7979f2),
+    U64(0x32e7e7d532e7e7d5), U64(0x43c8c88b43c8c88b),
+    U64(0x5937376e5937376e), U64(0xb76d6ddab76d6dda),
+    U64(0x8c8d8d018c8d8d01), U64(0x64d5d5b164d5d5b1),
+    U64(0xd24e4e9cd24e4e9c), U64(0xe0a9a949e0a9a949),
+    U64(0xb46c6cd8b46c6cd8), U64(0xfa5656acfa5656ac),
+    U64(0x07f4f4f307f4f4f3), U64(0x25eaeacf25eaeacf),
+    U64(0xaf6565caaf6565ca), U64(0x8e7a7af48e7a7af4),
+    U64(0xe9aeae47e9aeae47), U64(0x1808081018080810),
+    U64(0xd5baba6fd5baba6f), U64(0x887878f0887878f0),
+    U64(0x6f25254a6f25254a), U64(0x722e2e5c722e2e5c),
+    U64(0x241c1c38241c1c38), U64(0xf1a6a657f1a6a657),
+    U64(0xc7b4b473c7b4b473), U64(0x51c6c69751c6c697),
+    U64(0x23e8e8cb23e8e8cb), U64(0x7cdddda17cdddda1),
+    U64(0x9c7474e89c7474e8), U64(0x211f1f3e211f1f3e),
+    U64(0xdd4b4b96dd4b4b96), U64(0xdcbdbd61dcbdbd61),
+    U64(0x868b8b0d868b8b0d), U64(0x858a8a0f858a8a0f),
+    U64(0x907070e0907070e0), U64(0x423e3e7c423e3e7c),
+    U64(0xc4b5b571c4b5b571), U64(0xaa6666ccaa6666cc),
+    U64(0xd8484890d8484890), U64(0x0503030605030306),
+    U64(0x01f6f6f701f6f6f7), U64(0x120e0e1c120e0e1c),
+    U64(0xa36161c2a36161c2), U64(0x5f35356a5f35356a),
+    U64(0xf95757aef95757ae), U64(0xd0b9b969d0b9b969),
+    U64(0x9186861791868617), U64(0x58c1c19958c1c199),
+    U64(0x271d1d3a271d1d3a), U64(0xb99e9e27b99e9e27),
+    U64(0x38e1e1d938e1e1d9), U64(0x13f8f8eb13f8f8eb),
+    U64(0xb398982bb398982b), U64(0x3311112233111122),
+    U64(0xbb6969d2bb6969d2), U64(0x70d9d9a970d9d9a9),
+    U64(0x898e8e07898e8e07), U64(0xa7949433a7949433),
+    U64(0xb69b9b2db69b9b2d), U64(0x221e1e3c221e1e3c),
+    U64(0x9287871592878715), U64(0x20e9e9c920e9e9c9),
+    U64(0x49cece8749cece87), U64(0xff5555aaff5555aa),
+    U64(0x7828285078282850), U64(0x7adfdfa57adfdfa5),
+    U64(0x8f8c8c038f8c8c03), U64(0xf8a1a159f8a1a159),
+    U64(0x8089890980898909), U64(0x170d0d1a170d0d1a),
+    U64(0xdabfbf65dabfbf65), U64(0x31e6e6d731e6e6d7),
+    U64(0xc6424284c6424284), U64(0xb86868d0b86868d0),
+    U64(0xc3414182c3414182), U64(0xb0999929b0999929),
+    U64(0x772d2d5a772d2d5a), U64(0x110f0f1e110f0f1e),
+    U64(0xcbb0b07bcbb0b07b), U64(0xfc5454a8fc5454a8),
+    U64(0xd6bbbb6dd6bbbb6d), U64(0x3a16162c3a16162c)
+};
+
+static const u8 Te4[256] = {
+    0x63U, 0x7cU, 0x77U, 0x7bU, 0xf2U, 0x6bU, 0x6fU, 0xc5U,
+    0x30U, 0x01U, 0x67U, 0x2bU, 0xfeU, 0xd7U, 0xabU, 0x76U,
+    0xcaU, 0x82U, 0xc9U, 0x7dU, 0xfaU, 0x59U, 0x47U, 0xf0U,
+    0xadU, 0xd4U, 0xa2U, 0xafU, 0x9cU, 0xa4U, 0x72U, 0xc0U,
+    0xb7U, 0xfdU, 0x93U, 0x26U, 0x36U, 0x3fU, 0xf7U, 0xccU,
+    0x34U, 0xa5U, 0xe5U, 0xf1U, 0x71U, 0xd8U, 0x31U, 0x15U,
+    0x04U, 0xc7U, 0x23U, 0xc3U, 0x18U, 0x96U, 0x05U, 0x9aU,
+    0x07U, 0x12U, 0x80U, 0xe2U, 0xebU, 0x27U, 0xb2U, 0x75U,
+    0x09U, 0x83U, 0x2cU, 0x1aU, 0x1bU, 0x6eU, 0x5aU, 0xa0U,
+    0x52U, 0x3bU, 0xd6U, 0xb3U, 0x29U, 0xe3U, 0x2fU, 0x84U,
+    0x53U, 0xd1U, 0x00U, 0xedU, 0x20U, 0xfcU, 0xb1U, 0x5bU,
+    0x6aU, 0xcbU, 0xbeU, 0x39U, 0x4aU, 0x4cU, 0x58U, 0xcfU,
+    0xd0U, 0xefU, 0xaaU, 0xfbU, 0x43U, 0x4dU, 0x33U, 0x85U,
+    0x45U, 0xf9U, 0x02U, 0x7fU, 0x50U, 0x3cU, 0x9fU, 0xa8U,
+    0x51U, 0xa3U, 0x40U, 0x8fU, 0x92U, 0x9dU, 0x38U, 0xf5U,
+    0xbcU, 0xb6U, 0xdaU, 0x21U, 0x10U, 0xffU, 0xf3U, 0xd2U,
+    0xcdU, 0x0cU, 0x13U, 0xecU, 0x5fU, 0x97U, 0x44U, 0x17U,
+    0xc4U, 0xa7U, 0x7eU, 0x3dU, 0x64U, 0x5dU, 0x19U, 0x73U,
+    0x60U, 0x81U, 0x4fU, 0xdcU, 0x22U, 0x2aU, 0x90U, 0x88U,
+    0x46U, 0xeeU, 0xb8U, 0x14U, 0xdeU, 0x5eU, 0x0bU, 0xdbU,
+    0xe0U, 0x32U, 0x3aU, 0x0aU, 0x49U, 0x06U, 0x24U, 0x5cU,
+    0xc2U, 0xd3U, 0xacU, 0x62U, 0x91U, 0x95U, 0xe4U, 0x79U,
+    0xe7U, 0xc8U, 0x37U, 0x6dU, 0x8dU, 0xd5U, 0x4eU, 0xa9U,
+    0x6cU, 0x56U, 0xf4U, 0xeaU, 0x65U, 0x7aU, 0xaeU, 0x08U,
+    0xbaU, 0x78U, 0x25U, 0x2eU, 0x1cU, 0xa6U, 0xb4U, 0xc6U,
+    0xe8U, 0xddU, 0x74U, 0x1fU, 0x4bU, 0xbdU, 0x8bU, 0x8aU,
+    0x70U, 0x3eU, 0xb5U, 0x66U, 0x48U, 0x03U, 0xf6U, 0x0eU,
+    0x61U, 0x35U, 0x57U, 0xb9U, 0x86U, 0xc1U, 0x1dU, 0x9eU,
+    0xe1U, 0xf8U, 0x98U, 0x11U, 0x69U, 0xd9U, 0x8eU, 0x94U,
+    0x9bU, 0x1eU, 0x87U, 0xe9U, 0xceU, 0x55U, 0x28U, 0xdfU,
+    0x8cU, 0xa1U, 0x89U, 0x0dU, 0xbfU, 0xe6U, 0x42U, 0x68U,
+    0x41U, 0x99U, 0x2dU, 0x0fU, 0xb0U, 0x54U, 0xbbU, 0x16U
+};
+
+static const u64 Td[256] = {
+    U64(0x50a7f45150a7f451), U64(0x5365417e5365417e),
+    U64(0xc3a4171ac3a4171a), U64(0x965e273a965e273a),
+    U64(0xcb6bab3bcb6bab3b), U64(0xf1459d1ff1459d1f),
+    U64(0xab58faacab58faac), U64(0x9303e34b9303e34b),
+    U64(0x55fa302055fa3020), U64(0xf66d76adf66d76ad),
+    U64(0x9176cc889176cc88), U64(0x254c02f5254c02f5),
+    U64(0xfcd7e54ffcd7e54f), U64(0xd7cb2ac5d7cb2ac5),
+    U64(0x8044352680443526), U64(0x8fa362b58fa362b5),
+    U64(0x495ab1de495ab1de), U64(0x671bba25671bba25),
+    U64(0x980eea45980eea45), U64(0xe1c0fe5de1c0fe5d),
+    U64(0x02752fc302752fc3), U64(0x12f04c8112f04c81),
+    U64(0xa397468da397468d), U64(0xc6f9d36bc6f9d36b),
+    U64(0xe75f8f03e75f8f03), U64(0x959c9215959c9215),
+    U64(0xeb7a6dbfeb7a6dbf), U64(0xda595295da595295),
+    U64(0x2d83bed42d83bed4), U64(0xd3217458d3217458),
+    U64(0x2969e0492969e049), U64(0x44c8c98e44c8c98e),
+    U64(0x6a89c2756a89c275), U64(0x78798ef478798ef4),
+    U64(0x6b3e58996b3e5899), U64(0xdd71b927dd71b927),
+    U64(0xb64fe1beb64fe1be), U64(0x17ad88f017ad88f0),
+    U64(0x66ac20c966ac20c9), U64(0xb43ace7db43ace7d),
+    U64(0x184adf63184adf63), U64(0x82311ae582311ae5),
+    U64(0x6033519760335197), U64(0x457f5362457f5362),
+    U64(0xe07764b1e07764b1), U64(0x84ae6bbb84ae6bbb),
+    U64(0x1ca081fe1ca081fe), U64(0x942b08f9942b08f9),
+    U64(0x5868487058684870), U64(0x19fd458f19fd458f),
+    U64(0x876cde94876cde94), U64(0xb7f87b52b7f87b52),
+    U64(0x23d373ab23d373ab), U64(0xe2024b72e2024b72),
+    U64(0x578f1fe3578f1fe3), U64(0x2aab55662aab5566),
+    U64(0x0728ebb20728ebb2), U64(0x03c2b52f03c2b52f),
+    U64(0x9a7bc5869a7bc586), U64(0xa50837d3a50837d3),
+    U64(0xf2872830f2872830), U64(0xb2a5bf23b2a5bf23),
+    U64(0xba6a0302ba6a0302), U64(0x5c8216ed5c8216ed),
+    U64(0x2b1ccf8a2b1ccf8a), U64(0x92b479a792b479a7),
+    U64(0xf0f207f3f0f207f3), U64(0xa1e2694ea1e2694e),
+    U64(0xcdf4da65cdf4da65), U64(0xd5be0506d5be0506),
+    U64(0x1f6234d11f6234d1), U64(0x8afea6c48afea6c4),
+    U64(0x9d532e349d532e34), U64(0xa055f3a2a055f3a2),
+    U64(0x32e18a0532e18a05), U64(0x75ebf6a475ebf6a4),
+    U64(0x39ec830b39ec830b), U64(0xaaef6040aaef6040),
+    U64(0x069f715e069f715e), U64(0x51106ebd51106ebd),
+    U64(0xf98a213ef98a213e), U64(0x3d06dd963d06dd96),
+    U64(0xae053eddae053edd), U64(0x46bde64d46bde64d),
+    U64(0xb58d5491b58d5491), U64(0x055dc471055dc471),
+    U64(0x6fd406046fd40604), U64(0xff155060ff155060),
+    U64(0x24fb981924fb9819), U64(0x97e9bdd697e9bdd6),
+    U64(0xcc434089cc434089), U64(0x779ed967779ed967),
+    U64(0xbd42e8b0bd42e8b0), U64(0x888b8907888b8907),
+    U64(0x385b19e7385b19e7), U64(0xdbeec879dbeec879),
+    U64(0x470a7ca1470a7ca1), U64(0xe90f427ce90f427c),
+    U64(0xc91e84f8c91e84f8), U64(0x0000000000000000),
+    U64(0x8386800983868009), U64(0x48ed2b3248ed2b32),
+    U64(0xac70111eac70111e), U64(0x4e725a6c4e725a6c),
+    U64(0xfbff0efdfbff0efd), U64(0x5638850f5638850f),
+    U64(0x1ed5ae3d1ed5ae3d), U64(0x27392d3627392d36),
+    U64(0x64d90f0a64d90f0a), U64(0x21a65c6821a65c68),
+    U64(0xd1545b9bd1545b9b), U64(0x3a2e36243a2e3624),
+    U64(0xb1670a0cb1670a0c), U64(0x0fe757930fe75793),
+    U64(0xd296eeb4d296eeb4), U64(0x9e919b1b9e919b1b),
+    U64(0x4fc5c0804fc5c080), U64(0xa220dc61a220dc61),
+    U64(0x694b775a694b775a), U64(0x161a121c161a121c),
+    U64(0x0aba93e20aba93e2), U64(0xe52aa0c0e52aa0c0),
+    U64(0x43e0223c43e0223c), U64(0x1d171b121d171b12),
+    U64(0x0b0d090e0b0d090e), U64(0xadc78bf2adc78bf2),
+    U64(0xb9a8b62db9a8b62d), U64(0xc8a91e14c8a91e14),
+    U64(0x8519f1578519f157), U64(0x4c0775af4c0775af),
+    U64(0xbbdd99eebbdd99ee), U64(0xfd607fa3fd607fa3),
+    U64(0x9f2601f79f2601f7), U64(0xbcf5725cbcf5725c),
+    U64(0xc53b6644c53b6644), U64(0x347efb5b347efb5b),
+    U64(0x7629438b7629438b), U64(0xdcc623cbdcc623cb),
+    U64(0x68fcedb668fcedb6), U64(0x63f1e4b863f1e4b8),
+    U64(0xcadc31d7cadc31d7), U64(0x1085634210856342),
+    U64(0x4022971340229713), U64(0x2011c6842011c684),
+    U64(0x7d244a857d244a85), U64(0xf83dbbd2f83dbbd2),
+    U64(0x1132f9ae1132f9ae), U64(0x6da129c76da129c7),
+    U64(0x4b2f9e1d4b2f9e1d), U64(0xf330b2dcf330b2dc),
+    U64(0xec52860dec52860d), U64(0xd0e3c177d0e3c177),
+    U64(0x6c16b32b6c16b32b), U64(0x99b970a999b970a9),
+    U64(0xfa489411fa489411), U64(0x2264e9472264e947),
+    U64(0xc48cfca8c48cfca8), U64(0x1a3ff0a01a3ff0a0),
+    U64(0xd82c7d56d82c7d56), U64(0xef903322ef903322),
+    U64(0xc74e4987c74e4987), U64(0xc1d138d9c1d138d9),
+    U64(0xfea2ca8cfea2ca8c), U64(0x360bd498360bd498),
+    U64(0xcf81f5a6cf81f5a6), U64(0x28de7aa528de7aa5),
+    U64(0x268eb7da268eb7da), U64(0xa4bfad3fa4bfad3f),
+    U64(0xe49d3a2ce49d3a2c), U64(0x0d9278500d927850),
+    U64(0x9bcc5f6a9bcc5f6a), U64(0x62467e5462467e54),
+    U64(0xc2138df6c2138df6), U64(0xe8b8d890e8b8d890),
+    U64(0x5ef7392e5ef7392e), U64(0xf5afc382f5afc382),
+    U64(0xbe805d9fbe805d9f), U64(0x7c93d0697c93d069),
+    U64(0xa92dd56fa92dd56f), U64(0xb31225cfb31225cf),
+    U64(0x3b99acc83b99acc8), U64(0xa77d1810a77d1810),
+    U64(0x6e639ce86e639ce8), U64(0x7bbb3bdb7bbb3bdb),
+    U64(0x097826cd097826cd), U64(0xf418596ef418596e),
+    U64(0x01b79aec01b79aec), U64(0xa89a4f83a89a4f83),
+    U64(0x656e95e6656e95e6), U64(0x7ee6ffaa7ee6ffaa),
+    U64(0x08cfbc2108cfbc21), U64(0xe6e815efe6e815ef),
+    U64(0xd99be7bad99be7ba), U64(0xce366f4ace366f4a),
+    U64(0xd4099fead4099fea), U64(0xd67cb029d67cb029),
+    U64(0xafb2a431afb2a431), U64(0x31233f2a31233f2a),
+    U64(0x3094a5c63094a5c6), U64(0xc066a235c066a235),
+    U64(0x37bc4e7437bc4e74), U64(0xa6ca82fca6ca82fc),
+    U64(0xb0d090e0b0d090e0), U64(0x15d8a73315d8a733),
+    U64(0x4a9804f14a9804f1), U64(0xf7daec41f7daec41),
+    U64(0x0e50cd7f0e50cd7f), U64(0x2ff691172ff69117),
+    U64(0x8dd64d768dd64d76), U64(0x4db0ef434db0ef43),
+    U64(0x544daacc544daacc), U64(0xdf0496e4df0496e4),
+    U64(0xe3b5d19ee3b5d19e), U64(0x1b886a4c1b886a4c),
+    U64(0xb81f2cc1b81f2cc1), U64(0x7f5165467f516546),
+    U64(0x04ea5e9d04ea5e9d), U64(0x5d358c015d358c01),
+    U64(0x737487fa737487fa), U64(0x2e410bfb2e410bfb),
+    U64(0x5a1d67b35a1d67b3), U64(0x52d2db9252d2db92),
+    U64(0x335610e9335610e9), U64(0x1347d66d1347d66d),
+    U64(0x8c61d79a8c61d79a), U64(0x7a0ca1377a0ca137),
+    U64(0x8e14f8598e14f859), U64(0x893c13eb893c13eb),
+    U64(0xee27a9ceee27a9ce), U64(0x35c961b735c961b7),
+    U64(0xede51ce1ede51ce1), U64(0x3cb1477a3cb1477a),
+    U64(0x59dfd29c59dfd29c), U64(0x3f73f2553f73f255),
+    U64(0x79ce141879ce1418), U64(0xbf37c773bf37c773),
+    U64(0xeacdf753eacdf753), U64(0x5baafd5f5baafd5f),
+    U64(0x146f3ddf146f3ddf), U64(0x86db447886db4478),
+    U64(0x81f3afca81f3afca), U64(0x3ec468b93ec468b9),
+    U64(0x2c3424382c342438), U64(0x5f40a3c25f40a3c2),
+    U64(0x72c31d1672c31d16), U64(0x0c25e2bc0c25e2bc),
+    U64(0x8b493c288b493c28), U64(0x41950dff41950dff),
+    U64(0x7101a8397101a839), U64(0xdeb30c08deb30c08),
+    U64(0x9ce4b4d89ce4b4d8), U64(0x90c1566490c15664),
+    U64(0x6184cb7b6184cb7b), U64(0x70b632d570b632d5),
+    U64(0x745c6c48745c6c48), U64(0x4257b8d04257b8d0)
+};
+static const u8 Td4[256] = {
+    0x52U, 0x09U, 0x6aU, 0xd5U, 0x30U, 0x36U, 0xa5U, 0x38U,
+    0xbfU, 0x40U, 0xa3U, 0x9eU, 0x81U, 0xf3U, 0xd7U, 0xfbU,
+    0x7cU, 0xe3U, 0x39U, 0x82U, 0x9bU, 0x2fU, 0xffU, 0x87U,
+    0x34U, 0x8eU, 0x43U, 0x44U, 0xc4U, 0xdeU, 0xe9U, 0xcbU,
+    0x54U, 0x7bU, 0x94U, 0x32U, 0xa6U, 0xc2U, 0x23U, 0x3dU,
+    0xeeU, 0x4cU, 0x95U, 0x0bU, 0x42U, 0xfaU, 0xc3U, 0x4eU,
+    0x08U, 0x2eU, 0xa1U, 0x66U, 0x28U, 0xd9U, 0x24U, 0xb2U,
+    0x76U, 0x5bU, 0xa2U, 0x49U, 0x6dU, 0x8bU, 0xd1U, 0x25U,
+    0x72U, 0xf8U, 0xf6U, 0x64U, 0x86U, 0x68U, 0x98U, 0x16U,
+    0xd4U, 0xa4U, 0x5cU, 0xccU, 0x5dU, 0x65U, 0xb6U, 0x92U,
+    0x6cU, 0x70U, 0x48U, 0x50U, 0xfdU, 0xedU, 0xb9U, 0xdaU,
+    0x5eU, 0x15U, 0x46U, 0x57U, 0xa7U, 0x8dU, 0x9dU, 0x84U,
+    0x90U, 0xd8U, 0xabU, 0x00U, 0x8cU, 0xbcU, 0xd3U, 0x0aU,
+    0xf7U, 0xe4U, 0x58U, 0x05U, 0xb8U, 0xb3U, 0x45U, 0x06U,
+    0xd0U, 0x2cU, 0x1eU, 0x8fU, 0xcaU, 0x3fU, 0x0fU, 0x02U,
+    0xc1U, 0xafU, 0xbdU, 0x03U, 0x01U, 0x13U, 0x8aU, 0x6bU,
+    0x3aU, 0x91U, 0x11U, 0x41U, 0x4fU, 0x67U, 0xdcU, 0xeaU,
+    0x97U, 0xf2U, 0xcfU, 0xceU, 0xf0U, 0xb4U, 0xe6U, 0x73U,
+    0x96U, 0xacU, 0x74U, 0x22U, 0xe7U, 0xadU, 0x35U, 0x85U,
+    0xe2U, 0xf9U, 0x37U, 0xe8U, 0x1cU, 0x75U, 0xdfU, 0x6eU,
+    0x47U, 0xf1U, 0x1aU, 0x71U, 0x1dU, 0x29U, 0xc5U, 0x89U,
+    0x6fU, 0xb7U, 0x62U, 0x0eU, 0xaaU, 0x18U, 0xbeU, 0x1bU,
+    0xfcU, 0x56U, 0x3eU, 0x4bU, 0xc6U, 0xd2U, 0x79U, 0x20U,
+    0x9aU, 0xdbU, 0xc0U, 0xfeU, 0x78U, 0xcdU, 0x5aU, 0xf4U,
+    0x1fU, 0xddU, 0xa8U, 0x33U, 0x88U, 0x07U, 0xc7U, 0x31U,
+    0xb1U, 0x12U, 0x10U, 0x59U, 0x27U, 0x80U, 0xecU, 0x5fU,
+    0x60U, 0x51U, 0x7fU, 0xa9U, 0x19U, 0xb5U, 0x4aU, 0x0dU,
+    0x2dU, 0xe5U, 0x7aU, 0x9fU, 0x93U, 0xc9U, 0x9cU, 0xefU,
+    0xa0U, 0xe0U, 0x3bU, 0x4dU, 0xaeU, 0x2aU, 0xf5U, 0xb0U,
+    0xc8U, 0xebU, 0xbbU, 0x3cU, 0x83U, 0x53U, 0x99U, 0x61U,
+    0x17U, 0x2bU, 0x04U, 0x7eU, 0xbaU, 0x77U, 0xd6U, 0x26U,
+    0xe1U, 0x69U, 0x14U, 0x63U, 0x55U, 0x21U, 0x0cU, 0x7dU
+};
+
+static const u32 rcon[] = {
+    0x00000001U, 0x00000002U, 0x00000004U, 0x00000008U,
+    0x00000010U, 0x00000020U, 0x00000040U, 0x00000080U,
+    0x0000001bU, 0x00000036U, /* for 128-bit blocks, Rijndael never uses more than 10 rcon values */
+};
+
+/**
+ * Expand the cipher key into the encryption key schedule.
+ */
+int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
+			AES_KEY *key) {
+
+	u32 *rk;
+   	int i = 0;
+	u32 temp;
+
+	if (!userKey || !key)
+		return -1;
+	if (bits != 128 && bits != 192 && bits != 256)
+		return -2;
+
+	rk = key->rd_key;
+
+	if (bits==128)
+		key->rounds = 10;
+	else if (bits==192)
+		key->rounds = 12;
+	else
+		key->rounds = 14;
+
+	rk[0] = GETU32(userKey     );
+	rk[1] = GETU32(userKey +  4);
+	rk[2] = GETU32(userKey +  8);
+	rk[3] = GETU32(userKey + 12);
+	if (bits == 128) {
+		while (1) {
+			temp  = rk[3];
+			rk[4] = rk[0] ^
+				(Te4[(temp >>  8) & 0xff]      ) ^
+				(Te4[(temp >> 16) & 0xff] <<  8) ^
+				(Te4[(temp >> 24)       ] << 16) ^
+				(Te4[(temp      ) & 0xff] << 24) ^
+				rcon[i];
+			rk[5] = rk[1] ^ rk[4];
+			rk[6] = rk[2] ^ rk[5];
+			rk[7] = rk[3] ^ rk[6];
+			if (++i == 10) {
+				return 0;
+			}
+			rk += 4;
+		}
+	}
+	rk[4] = GETU32(userKey + 16);
+	rk[5] = GETU32(userKey + 20);
+	if (bits == 192) {
+		while (1) {
+			temp = rk[ 5];
+			rk[ 6] = rk[ 0] ^
+				(Te4[(temp >>  8) & 0xff]      ) ^
+				(Te4[(temp >> 16) & 0xff] <<  8) ^
+				(Te4[(temp >> 24)       ] << 16) ^
+				(Te4[(temp      ) & 0xff] << 24) ^
+				rcon[i];
+			rk[ 7] = rk[ 1] ^ rk[ 6];
+			rk[ 8] = rk[ 2] ^ rk[ 7];
+			rk[ 9] = rk[ 3] ^ rk[ 8];
+			if (++i == 8) {
+				return 0;
+			}
+			rk[10] = rk[ 4] ^ rk[ 9];
+			rk[11] = rk[ 5] ^ rk[10];
+			rk += 6;
+		}
+	}
+	rk[6] = GETU32(userKey + 24);
+	rk[7] = GETU32(userKey + 28);
+	if (bits == 256) {
+		while (1) {
+			temp = rk[ 7];
+			rk[ 8] = rk[ 0] ^
+				(Te4[(temp >>  8) & 0xff]      ) ^
+				(Te4[(temp >> 16) & 0xff] <<  8) ^
+				(Te4[(temp >> 24)       ] << 16) ^
+				(Te4[(temp      ) & 0xff] << 24) ^
+				rcon[i];
+			rk[ 9] = rk[ 1] ^ rk[ 8];
+			rk[10] = rk[ 2] ^ rk[ 9];
+			rk[11] = rk[ 3] ^ rk[10];
+			if (++i == 7) {
+				return 0;
+			}
+			temp = rk[11];
+			rk[12] = rk[ 4] ^
+				(Te4[(temp      ) & 0xff]      ) ^
+				(Te4[(temp >>  8) & 0xff] <<  8) ^
+				(Te4[(temp >> 16) & 0xff] << 16) ^
+				(Te4[(temp >> 24)       ] << 24);
+			rk[13] = rk[ 5] ^ rk[12];
+			rk[14] = rk[ 6] ^ rk[13];
+			rk[15] = rk[ 7] ^ rk[14];
+
+			rk += 8;
+        	}
+	}
+	return 0;
+}
+
+/**
+ * Expand the cipher key into the decryption key schedule.
+ */
+int AES_set_decrypt_key(const unsigned char *userKey, const int bits,
+			 AES_KEY *key) {
+
+        u32 *rk;
+	int i, j, status;
+	u32 temp;
+
+	/* first, start with an encryption schedule */
+	status = AES_set_encrypt_key(userKey, bits, key);
+	if (status < 0)
+		return status;
+
+	rk = key->rd_key;
+
+	/* invert the order of the round keys: */
+	for (i = 0, j = 4*(key->rounds); i < j; i += 4, j -= 4) {
+		temp = rk[i    ]; rk[i    ] = rk[j    ]; rk[j    ] = temp;
+		temp = rk[i + 1]; rk[i + 1] = rk[j + 1]; rk[j + 1] = temp;
+		temp = rk[i + 2]; rk[i + 2] = rk[j + 2]; rk[j + 2] = temp;
+		temp = rk[i + 3]; rk[i + 3] = rk[j + 3]; rk[j + 3] = temp;
+	}
+	/* apply the inverse MixColumn transform to all round keys but the first and the last: */
+	for (i = 1; i < (key->rounds); i++) {
+		rk += 4;
+#if 1
+		for (j = 0; j < 4; j++) {
+			u32 tp1, tp2, tp4, tp8, tp9, tpb, tpd, tpe, m;
+
+			tp1 = rk[j];
+			m = tp1 & 0x80808080;
+			tp2 = ((tp1 & 0x7f7f7f7f) << 1) ^
+				((m - (m >> 7)) & 0x1b1b1b1b);
+			m = tp2 & 0x80808080;
+			tp4 = ((tp2 & 0x7f7f7f7f) << 1) ^
+				((m - (m >> 7)) & 0x1b1b1b1b);
+			m = tp4 & 0x80808080;
+			tp8 = ((tp4 & 0x7f7f7f7f) << 1) ^
+				((m - (m >> 7)) & 0x1b1b1b1b);
+			tp9 = tp8 ^ tp1;
+			tpb = tp9 ^ tp2;
+			tpd = tp9 ^ tp4;
+			tpe = tp8 ^ tp4 ^ tp2;
+#if defined(ROTATE)
+			rk[j] = tpe ^ ROTATE(tpd,16) ^
+				ROTATE(tp9,8) ^ ROTATE(tpb,24);
+#else
+			rk[j] = tpe ^ (tpd >> 16) ^ (tpd << 16) ^ 
+				(tp9 >> 24) ^ (tp9 << 8) ^
+				(tpb >> 8) ^ (tpb << 24);
+#endif
+		}
+#else
+		rk[0] =
+			Td0[Te2[(rk[0]      ) & 0xff] & 0xff] ^
+			Td1[Te2[(rk[0] >>  8) & 0xff] & 0xff] ^
+			Td2[Te2[(rk[0] >> 16) & 0xff] & 0xff] ^
+			Td3[Te2[(rk[0] >> 24)       ] & 0xff];
+		rk[1] =
+			Td0[Te2[(rk[1]      ) & 0xff] & 0xff] ^
+			Td1[Te2[(rk[1] >>  8) & 0xff] & 0xff] ^
+			Td2[Te2[(rk[1] >> 16) & 0xff] & 0xff] ^
+			Td3[Te2[(rk[1] >> 24)       ] & 0xff];
+		rk[2] =
+			Td0[Te2[(rk[2]      ) & 0xff] & 0xff] ^
+			Td1[Te2[(rk[2] >>  8) & 0xff] & 0xff] ^
+			Td2[Te2[(rk[2] >> 16) & 0xff] & 0xff] ^
+			Td3[Te2[(rk[2] >> 24)       ] & 0xff];
+		rk[3] =
+			Td0[Te2[(rk[3]      ) & 0xff] & 0xff] ^
+			Td1[Te2[(rk[3] >>  8) & 0xff] & 0xff] ^
+			Td2[Te2[(rk[3] >> 16) & 0xff] & 0xff] ^
+			Td3[Te2[(rk[3] >> 24)       ] & 0xff];
+#endif
+	}
+	return 0;
+}
+
+/*
+ * Encrypt a single block
+ * in and out can overlap
+ */
+void AES_encrypt(const unsigned char *in, unsigned char *out,
+		 const AES_KEY *key) {
+
+	const u32 *rk;
+	u32 s0, s1, s2, s3, t[4];
+	int r;
+
+	assert(in && out && key);
+	rk = key->rd_key;
+
+	/*
+	 * map byte array block to cipher state
+	 * and add initial round key:
+	 */
+	s0 = GETU32(in     ) ^ rk[0];
+	s1 = GETU32(in +  4) ^ rk[1];
+	s2 = GETU32(in +  8) ^ rk[2];
+	s3 = GETU32(in + 12) ^ rk[3];
+
+#if defined(AES_COMPACT_IN_OUTER_ROUNDS)
+	prefetch256(Te4);
+
+	t[0] =	Te4[(s0      ) & 0xff]       ^
+		Te4[(s1 >>  8) & 0xff] <<  8 ^
+		Te4[(s2 >> 16) & 0xff] << 16 ^
+		Te4[(s3 >> 24)       ] << 24;
+	t[1] =	Te4[(s1      ) & 0xff]       ^
+		Te4[(s2 >>  8) & 0xff] <<  8 ^
+		Te4[(s3 >> 16) & 0xff] << 16 ^
+		Te4[(s0 >> 24)       ] << 24;
+	t[2] =	Te4[(s2      ) & 0xff]       ^
+		Te4[(s3 >>  8) & 0xff] <<  8 ^
+		Te4[(s0 >> 16) & 0xff] << 16 ^
+		Te4[(s1 >> 24)       ] << 24;
+	t[3] =	Te4[(s3      ) & 0xff]       ^
+		Te4[(s0 >>  8) & 0xff] <<  8 ^
+		Te4[(s1 >> 16) & 0xff] << 16 ^
+		Te4[(s2 >> 24)       ] << 24;
+
+	/* now do the linear transform using words */
+	{	int i;
+		u32 r0, r1, r2;
+
+		for (i = 0; i < 4; i++) {
+			r0 = t[i];
+			r1 = r0 & 0x80808080;
+			r2 = ((r0 & 0x7f7f7f7f) << 1) ^
+				((r1 - (r1 >> 7)) & 0x1b1b1b1b);
+#if defined(ROTATE)
+			t[i] = r2 ^ ROTATE(r2,24) ^ ROTATE(r0,24) ^
+				ROTATE(r0,16) ^ ROTATE(r0,8);
+#else
+			t[i] = r2 ^ ((r2 ^ r0) << 24) ^ ((r2 ^ r0) >> 8) ^
+				(r0 << 16) ^ (r0 >> 16) ^
+				(r0 << 8) ^ (r0 >> 24);
+#endif
+			t[i] ^= rk[4+i];
+		}
+	}
+#else
+	t[0] =	Te0[(s0      ) & 0xff] ^
+		Te1[(s1 >>  8) & 0xff] ^
+		Te2[(s2 >> 16) & 0xff] ^
+		Te3[(s3 >> 24)       ] ^
+		rk[4];
+	t[1] =	Te0[(s1      ) & 0xff] ^
+		Te1[(s2 >>  8) & 0xff] ^
+		Te2[(s3 >> 16) & 0xff] ^
+		Te3[(s0 >> 24)       ] ^
+		rk[5];
+	t[2] =	Te0[(s2      ) & 0xff] ^
+		Te1[(s3 >>  8) & 0xff] ^
+		Te2[(s0 >> 16) & 0xff] ^
+		Te3[(s1 >> 24)       ] ^
+		rk[6];
+	t[3] =	Te0[(s3      ) & 0xff] ^
+		Te1[(s0 >>  8) & 0xff] ^
+		Te2[(s1 >> 16) & 0xff] ^
+		Te3[(s2 >> 24)       ] ^
+		rk[7];
+#endif
+	s0 = t[0]; s1 = t[1]; s2 = t[2]; s3 = t[3];
+
+    /*
+     * Nr - 2 full rounds:
+     */
+    for (rk+=8,r=key->rounds-2; r>0; rk+=4,r--) {
+#if defined(AES_COMPACT_IN_INNER_ROUNDS)
+	t[0] =	Te4[(s0      ) & 0xff]       ^
+		Te4[(s1 >>  8) & 0xff] <<  8 ^
+		Te4[(s2 >> 16) & 0xff] << 16 ^
+		Te4[(s3 >> 24)       ] << 24;
+	t[1] =	Te4[(s1      ) & 0xff]       ^
+		Te4[(s2 >>  8) & 0xff] <<  8 ^
+		Te4[(s3 >> 16) & 0xff] << 16 ^
+		Te4[(s0 >> 24)       ] << 24;
+	t[2] =	Te4[(s2      ) & 0xff]       ^
+		Te4[(s3 >>  8) & 0xff] <<  8 ^
+		Te4[(s0 >> 16) & 0xff] << 16 ^
+		Te4[(s1 >> 24)       ] << 24;
+	t[3] =	Te4[(s3      ) & 0xff]       ^
+		Te4[(s0 >>  8) & 0xff] <<  8 ^
+		Te4[(s1 >> 16) & 0xff] << 16 ^
+		Te4[(s2 >> 24)       ] << 24;
+
+	/* now do the linear transform using words */
+	{	int i;
+		u32 r0, r1, r2;
+
+		for (i = 0; i < 4; i++) {
+			r0 = t[i];
+			r1 = r0 & 0x80808080;
+			r2 = ((r0 & 0x7f7f7f7f) << 1) ^
+				((r1 - (r1 >> 7)) & 0x1b1b1b1b);
+#if defined(ROTATE)
+			t[i] = r2 ^ ROTATE(r2,24) ^ ROTATE(r0,24) ^
+				ROTATE(r0,16) ^ ROTATE(r0,8);
+#else
+			t[i] = r2 ^ ((r2 ^ r0) << 24) ^ ((r2 ^ r0) >> 8) ^
+				(r0 << 16) ^ (r0 >> 16) ^
+				(r0 << 8) ^ (r0 >> 24);
+#endif
+			t[i] ^= rk[i];
+		}
+	}
+#else
+	t[0] =	Te0[(s0      ) & 0xff] ^
+		Te1[(s1 >>  8) & 0xff] ^
+		Te2[(s2 >> 16) & 0xff] ^
+		Te3[(s3 >> 24)       ] ^
+		rk[0];
+	t[1] =	Te0[(s1      ) & 0xff] ^
+		Te1[(s2 >>  8) & 0xff] ^
+		Te2[(s3 >> 16) & 0xff] ^
+		Te3[(s0 >> 24)       ] ^
+		rk[1];
+	t[2] =	Te0[(s2      ) & 0xff] ^
+		Te1[(s3 >>  8) & 0xff] ^
+		Te2[(s0 >> 16) & 0xff] ^
+		Te3[(s1 >> 24)       ] ^
+		rk[2];
+	t[3] =	Te0[(s3      ) & 0xff] ^
+		Te1[(s0 >>  8) & 0xff] ^
+		Te2[(s1 >> 16) & 0xff] ^
+		Te3[(s2 >> 24)       ] ^
+		rk[3];
+#endif
+	s0 = t[0]; s1 = t[1]; s2 = t[2]; s3 = t[3];
+    }
+    /*
+	 * apply last round and
+	 * map cipher state to byte array block:
+	 */
+#if defined(AES_COMPACT_IN_OUTER_ROUNDS)
+	prefetch256(Te4);
+
+	*(u32*)(out+0) =
+		Te4[(s0      ) & 0xff]       ^
+		Te4[(s1 >>  8) & 0xff] <<  8 ^
+		Te4[(s2 >> 16) & 0xff] << 16 ^
+		Te4[(s3 >> 24)       ] << 24 ^
+		rk[0];
+	*(u32*)(out+4) =
+		Te4[(s1      ) & 0xff]       ^
+		Te4[(s2 >>  8) & 0xff] <<  8 ^
+		Te4[(s3 >> 16) & 0xff] << 16 ^
+		Te4[(s0 >> 24)       ] << 24 ^
+		rk[1];
+	*(u32*)(out+8) =
+		Te4[(s2      ) & 0xff]       ^
+		Te4[(s3 >>  8) & 0xff] <<  8 ^
+		Te4[(s0 >> 16) & 0xff] << 16 ^
+		Te4[(s1 >> 24)       ] << 24 ^
+		rk[2];
+	*(u32*)(out+12) =
+		Te4[(s3      ) & 0xff]       ^
+		Te4[(s0 >>  8) & 0xff] <<  8 ^
+		Te4[(s1 >> 16) & 0xff] << 16 ^
+		Te4[(s2 >> 24)       ] << 24 ^
+		rk[3];
+#else
+	*(u32*)(out+0) =
+		(Te2[(s0      ) & 0xff] & 0x000000ffU) ^
+		(Te3[(s1 >>  8) & 0xff] & 0x0000ff00U) ^
+		(Te0[(s2 >> 16) & 0xff] & 0x00ff0000U) ^
+		(Te1[(s3 >> 24)       ] & 0xff000000U) ^
+		rk[0];
+	*(u32*)(out+4) =
+		(Te2[(s1      ) & 0xff] & 0x000000ffU) ^
+		(Te3[(s2 >>  8) & 0xff] & 0x0000ff00U) ^
+		(Te0[(s3 >> 16) & 0xff] & 0x00ff0000U) ^
+		(Te1[(s0 >> 24)       ] & 0xff000000U) ^
+		rk[1];
+	*(u32*)(out+8) =
+		(Te2[(s2      ) & 0xff] & 0x000000ffU) ^
+		(Te3[(s3 >>  8) & 0xff] & 0x0000ff00U) ^
+		(Te0[(s0 >> 16) & 0xff] & 0x00ff0000U) ^
+		(Te1[(s1 >> 24)       ] & 0xff000000U) ^
+		rk[2];
+	*(u32*)(out+12) =
+		(Te2[(s3      ) & 0xff] & 0x000000ffU) ^
+		(Te3[(s0 >>  8) & 0xff] & 0x0000ff00U) ^
+		(Te0[(s1 >> 16) & 0xff] & 0x00ff0000U) ^
+		(Te1[(s2 >> 24)       ] & 0xff000000U) ^
+		rk[3];
+#endif
+}
+
+/*
+ * Decrypt a single block
+ * in and out can overlap
+ */
+void AES_decrypt(const unsigned char *in, unsigned char *out,
+		 const AES_KEY *key) {
+
+	const u32 *rk;
+	u32 s0, s1, s2, s3, t[4];
+	int r;
+
+	assert(in && out && key);
+	rk = key->rd_key;
+
+	/*
+	 * map byte array block to cipher state
+	 * and add initial round key:
+	 */
+	s0 = GETU32(in     ) ^ rk[0];
+	s1 = GETU32(in +  4) ^ rk[1];
+	s2 = GETU32(in +  8) ^ rk[2];
+	s3 = GETU32(in + 12) ^ rk[3];
+
+#if defined(AES_COMPACT_IN_OUTER_ROUNDS)
+	prefetch256(Td4);
+
+        t[0] =	Td4[(s0      ) & 0xff]       ^
+		Td4[(s3 >>  8) & 0xff] <<  8 ^
+		Td4[(s2 >> 16) & 0xff] << 16 ^
+		Td4[(s1 >> 24)       ] << 24;
+        t[1] =	Td4[(s1      ) & 0xff]       ^
+		Td4[(s0 >>  8) & 0xff] <<  8 ^
+		Td4[(s3 >> 16) & 0xff] << 16 ^
+		Td4[(s2 >> 24)       ] << 24;
+        t[2] =	Td4[(s2      ) & 0xff]       ^
+		Td4[(s1 >>  8) & 0xff] <<  8 ^
+		Td4[(s0 >> 16) & 0xff] << 16 ^
+		Td4[(s3 >> 24)       ] << 24;
+        t[3] =	Td4[(s3      ) & 0xff]       ^
+		Td4[(s2 >>  8) & 0xff] <<  8 ^
+		Td4[(s1 >> 16) & 0xff] << 16 ^
+		Td4[(s0 >> 24)       ] << 24;
+
+	/* now do the linear transform using words */ 
+	{	int i;
+		u32 tp1, tp2, tp4, tp8, tp9, tpb, tpd, tpe, m;
+
+		for (i = 0; i < 4; i++) {
+			tp1 = t[i];
+			m = tp1 & 0x80808080;
+			tp2 = ((tp1 & 0x7f7f7f7f) << 1) ^
+				((m - (m >> 7)) & 0x1b1b1b1b);
+			m = tp2 & 0x80808080;
+			tp4 = ((tp2 & 0x7f7f7f7f) << 1) ^
+				((m - (m >> 7)) & 0x1b1b1b1b);
+			m = tp4 & 0x80808080;
+			tp8 = ((tp4 & 0x7f7f7f7f) << 1) ^
+				((m - (m >> 7)) & 0x1b1b1b1b);
+			tp9 = tp8 ^ tp1;
+			tpb = tp9 ^ tp2;
+			tpd = tp9 ^ tp4;
+			tpe = tp8 ^ tp4 ^ tp2;
+#if defined(ROTATE)
+			t[i] = tpe ^ ROTATE(tpd,16) ^
+				ROTATE(tp9,8) ^ ROTATE(tpb,24);
+#else
+			t[i] = tpe ^ (tpd >> 16) ^ (tpd << 16) ^ 
+				(tp9 >> 24) ^ (tp9 << 8) ^
+				(tpb >> 8) ^ (tpb << 24);
+#endif
+			t[i] ^= rk[4+i];
+		}
+	}
+#else
+	t[0] =	Td0[(s0      ) & 0xff] ^
+		Td1[(s3 >>  8) & 0xff] ^
+		Td2[(s2 >> 16) & 0xff] ^
+		Td3[(s1 >> 24)       ] ^
+		rk[4];
+	t[1] =	Td0[(s1      ) & 0xff] ^
+		Td1[(s0 >>  8) & 0xff] ^
+		Td2[(s3 >> 16) & 0xff] ^
+		Td3[(s2 >> 24)       ] ^
+		rk[5];
+	t[2] =	Td0[(s2      ) & 0xff] ^
+		Td1[(s1 >>  8) & 0xff] ^
+		Td2[(s0 >> 16) & 0xff] ^
+		Td3[(s3 >> 24)       ] ^
+		rk[6];
+	t[3] =	Td0[(s3      ) & 0xff] ^
+		Td1[(s2 >>  8) & 0xff] ^
+		Td2[(s1 >> 16) & 0xff] ^
+		Td3[(s0 >> 24)       ] ^
+		rk[7];
+#endif
+	s0 = t[0]; s1 = t[1]; s2 = t[2]; s3 = t[3];
+
+    /*
+     * Nr - 2 full rounds:
+     */
+    for (rk+=8,r=key->rounds-2; r>0; rk+=4,r--) {
+#if defined(AES_COMPACT_IN_INNER_ROUNDS)
+        t[0] =	Td4[(s0      ) & 0xff]       ^
+		Td4[(s3 >>  8) & 0xff] <<  8 ^
+		Td4[(s2 >> 16) & 0xff] << 16 ^
+		Td4[(s1 >> 24)       ] << 24;
+        t[1] =	Td4[(s1      ) & 0xff]       ^
+		Td4[(s0 >>  8) & 0xff] <<  8 ^
+		Td4[(s3 >> 16) & 0xff] << 16 ^
+		Td4[(s2 >> 24)       ] << 24;
+        t[2] =	Td4[(s2      ) & 0xff]       ^
+		Td4[(s1 >>  8) & 0xff] <<  8 ^
+		Td4[(s0 >> 16) & 0xff] << 16 ^
+		Td4[(s3 >> 24)       ] << 24;
+        t[3] =	Td4[(s3      ) & 0xff]       ^
+		Td4[(s2 >>  8) & 0xff] <<  8 ^
+		Td4[(s1 >> 16) & 0xff] << 16 ^
+		Td4[(s0 >> 24)       ] << 24;
+
+	/* now do the linear transform using words */ 
+	{	int i;
+		u32 tp1, tp2, tp4, tp8, tp9, tpb, tpd, tpe, m;
+
+		for (i = 0; i < 4; i++) {
+			tp1 = t[i];
+			m = tp1 & 0x80808080;
+			tp2 = ((tp1 & 0x7f7f7f7f) << 1) ^
+				((m - (m >> 7)) & 0x1b1b1b1b);
+			m = tp2 & 0x80808080;
+			tp4 = ((tp2 & 0x7f7f7f7f) << 1) ^
+				((m - (m >> 7)) & 0x1b1b1b1b);
+			m = tp4 & 0x80808080;
+			tp8 = ((tp4 & 0x7f7f7f7f) << 1) ^
+				((m - (m >> 7)) & 0x1b1b1b1b);
+			tp9 = tp8 ^ tp1;
+			tpb = tp9 ^ tp2;
+			tpd = tp9 ^ tp4;
+			tpe = tp8 ^ tp4 ^ tp2;
+#if defined(ROTATE)
+			t[i] = tpe ^ ROTATE(tpd,16) ^
+				ROTATE(tp9,8) ^ ROTATE(tpb,24);
+#else
+			t[i] = tpe ^ (tpd >> 16) ^ (tpd << 16) ^ 
+				(tp9 >> 24) ^ (tp9 << 8) ^
+				(tpb >> 8) ^ (tpb << 24);
+#endif
+			t[i] ^= rk[i];
+		}
+	}
+#else
+	t[0] =	Td0[(s0      ) & 0xff] ^
+		Td1[(s3 >>  8) & 0xff] ^
+		Td2[(s2 >> 16) & 0xff] ^
+		Td3[(s1 >> 24)       ] ^
+		rk[0];
+	t[1] =	Td0[(s1      ) & 0xff] ^
+		Td1[(s0 >>  8) & 0xff] ^
+		Td2[(s3 >> 16) & 0xff] ^
+		Td3[(s2 >> 24)       ] ^
+		rk[1];
+	t[2] =	Td0[(s2      ) & 0xff] ^
+		Td1[(s1 >>  8) & 0xff] ^
+		Td2[(s0 >> 16) & 0xff] ^
+		Td3[(s3 >> 24)       ] ^
+		rk[2];
+	t[3] =	Td0[(s3      ) & 0xff] ^
+		Td1[(s2 >>  8) & 0xff] ^
+		Td2[(s1 >> 16) & 0xff] ^
+		Td3[(s0 >> 24)       ] ^
+		rk[3];
+#endif
+	s0 = t[0]; s1 = t[1]; s2 = t[2]; s3 = t[3];
+    }
+    /*
+	 * apply last round and
+	 * map cipher state to byte array block:
+	 */
+	prefetch256(Td4);
+
+	*(u32*)(out+0) =
+		(Td4[(s0      ) & 0xff])	^
+		(Td4[(s3 >>  8) & 0xff] <<  8) ^
+		(Td4[(s2 >> 16) & 0xff] << 16) ^
+		(Td4[(s1 >> 24)       ] << 24) ^
+		rk[0];
+	*(u32*)(out+4) =
+		(Td4[(s1      ) & 0xff])	 ^
+		(Td4[(s0 >>  8) & 0xff] <<  8) ^
+		(Td4[(s3 >> 16) & 0xff] << 16) ^
+		(Td4[(s2 >> 24)       ] << 24) ^
+		rk[1];
+	*(u32*)(out+8) =
+		(Td4[(s2      ) & 0xff])	 ^
+		(Td4[(s1 >>  8) & 0xff] <<  8) ^
+		(Td4[(s0 >> 16) & 0xff] << 16) ^
+		(Td4[(s3 >> 24)       ] << 24) ^
+		rk[2];
+	*(u32*)(out+12) =
+		(Td4[(s3      ) & 0xff])	 ^
+		(Td4[(s2 >>  8) & 0xff] <<  8) ^
+		(Td4[(s1 >> 16) & 0xff] << 16) ^
+		(Td4[(s0 >> 24)       ] << 24) ^
+		rk[3];
+}
diff --git a/crypto/aes/asm/aes-586.pl b/crypto/aes/asm/aes-586.pl
index ee02ded463..aab40e6f1c 100755
--- a/crypto/aes/asm/aes-586.pl
+++ b/crypto/aes/asm/aes-586.pl
@@ -2,11 +2,12 @@
 #
 # ====================================================================
 # Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
-# project. Rights for redistribution and usage in source and binary
-# forms are granted according to the OpenSSL license.
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
 # ====================================================================
 #
-# Version 3.1.
+# Version 4.3.
 #
 # You might fail to appreciate this module performance from the first
 # try. If compared to "vanilla" linux-ia32-icc target, i.e. considered
@@ -46,33 +47,152 @@
 # Instruction Level Parallelism, and it indeed resulted in up to 15%
 # better performance on most recent µ-archs...
 #
-# Current ECB performance numbers for 128-bit key in CPU cycles per
-# processed byte [measure commonly used by AES benchmarkers] are:
-#
-#		small footprint		fully unrolled
-# P4[-3]	23[24]			22[23]
-# AMD K8	19			18
-# PIII		26			23
-# Pentium	63(*)			52
-#
-# (*)	Performance difference between small footprint code and fully
-#	unrolled in more commonly used CBC mode is not as big, 4% for
-#	for Pentium. PIII's ~13% difference [in both cases in 3rd
-#	version] is considered tolerable...
-#
 # Third version adds AES_cbc_encrypt implementation, which resulted in
 # up to 40% performance imrovement of CBC benchmark results. 40% was
 # observed on P4 core, where "overall" imrovement coefficient, i.e. if
 # compared to PIC generated by GCC and in CBC mode, was observed to be
 # as large as 4x:-) CBC performance is virtually identical to ECB now
-# and on some platforms even better, e.g. 56 "small" cycles/byte on
-# senior Pentium, because certain function prologues and epilogues are
+# and on some platforms even better, e.g. 17.6 "small" cycles/byte on
+# Opteron, because certain function prologues and epilogues are
 # effectively taken out of the loop...
-
-push(@INC,"perlasm","../../perlasm");
+#
+# Version 3.2 implements compressed tables and prefetch of these tables
+# in CBC[!] mode. Former means that 3/4 of table references are now
+# misaligned, which unfortunately has negative impact on elder IA-32
+# implementations, Pentium suffered 30% penalty, PIII - 10%.
+#
+# Version 3.3 avoids L1 cache aliasing between stack frame and
+# S-boxes, and 3.4 - L1 cache aliasing even between key schedule. The
+# latter is achieved by copying the key schedule to controlled place in
+# stack. This unfortunately has rather strong impact on small block CBC
+# performance, ~2x deterioration on 16-byte block if compared to 3.3.
+#
+# Version 3.5 checks if there is L1 cache aliasing between user-supplied
+# key schedule and S-boxes and abstains from copying the former if
+# there is no. This allows end-user to consciously retain small block
+# performance by aligning key schedule in specific manner.
+#
+# Version 3.6 compresses Td4 to 256 bytes and prefetches it in ECB.
+#
+# Current ECB performance numbers for 128-bit key in CPU cycles per
+# processed byte [measure commonly used by AES benchmarkers] are:
+#
+#		small footprint		fully unrolled
+# P4		24			22
+# AMD K8	20			19
+# PIII		25			23
+# Pentium	81			78
+#
+# Version 3.7 reimplements outer rounds as "compact." Meaning that
+# first and last rounds reference compact 256 bytes S-box. This means
+# that first round consumes a lot more CPU cycles and that encrypt
+# and decrypt performance becomes asymmetric. Encrypt performance
+# drops by 10-12%, while decrypt - by 20-25%:-( 256 bytes S-box is
+# aggressively pre-fetched.
+#
+# Version 4.0 effectively rolls back to 3.6 and instead implements
+# additional set of functions, _[x86|sse]_AES_[en|de]crypt_compact,
+# which use exclusively 256 byte S-box. These functions are to be
+# called in modes not concealing plain text, such as ECB, or when
+# we're asked to process smaller amount of data [or unconditionally
+# on hyper-threading CPU]. Currently it's called unconditionally from
+# AES_[en|de]crypt, which affects all modes, but CBC. CBC routine
+# still needs to be modified to switch between slower and faster
+# mode when appropriate... But in either case benchmark landscape
+# changes dramatically and below numbers are CPU cycles per processed
+# byte for 128-bit key.
+#
+#		ECB encrypt	ECB decrypt	CBC large chunk
+# P4		56[60]		84[100]		23
+# AMD K8	48[44]		70[79]		18
+# PIII		41[50]		61[91]		24
+# Core 2	32[38]		45[70]		18.5
+# Pentium	120		160		77
+#
+# Version 4.1 switches to compact S-box even in key schedule setup.
+#
+# Version 4.2 prefetches compact S-box in every SSE round or in other
+# words every cache-line is *guaranteed* to be accessed within ~50
+# cycles window. Why just SSE? Because it's needed on hyper-threading
+# CPU! Which is also why it's prefetched with 64 byte stride. Best
+# part is that it has no negative effect on performance:-)  
+#
+# Version 4.3 implements switch between compact and non-compact block
+# functions in AES_cbc_encrypt depending on how much data was asked
+# to be processed in one stroke.
+#
+######################################################################
+# Timing attacks are classified in two classes: synchronous when
+# attacker consciously initiates cryptographic operation and collects
+# timing data of various character afterwards, and asynchronous when
+# malicious code is executed on same CPU simultaneously with AES,
+# instruments itself and performs statistical analysis of this data.
+#
+# As far as synchronous attacks go the root to the AES timing
+# vulnerability is twofold. Firstly, of 256 S-box elements at most 160
+# are referred to in single 128-bit block operation. Well, in C
+# implementation with 4 distinct tables it's actually as little as 40
+# references per 256 elements table, but anyway... Secondly, even
+# though S-box elements are clustered into smaller amount of cache-
+# lines, smaller than 160 and even 40, it turned out that for certain
+# plain-text pattern[s] or simply put chosen plain-text and given key
+# few cache-lines remain unaccessed during block operation. Now, if
+# attacker can figure out this access pattern, he can deduct the key
+# [or at least part of it]. The natural way to mitigate this kind of
+# attacks is to minimize the amount of cache-lines in S-box and/or
+# prefetch them to ensure that every one is accessed for more uniform
+# timing. But note that *if* plain-text was concealed in such way that
+# input to block function is distributed *uniformly*, then attack
+# wouldn't apply. Now note that some encryption modes, most notably
+# CBC, do mask the plain-text in this exact way [secure cipher output
+# is distributed uniformly]. Yes, one still might find input that
+# would reveal the information about given key, but if amount of
+# candidate inputs to be tried is larger than amount of possible key
+# combinations then attack becomes infeasible. This is why revised
+# AES_cbc_encrypt "dares" to switch to larger S-box when larger chunk
+# of data is to be processed in one stroke. The current size limit of
+# 512 bytes is chosen to provide same [diminishigly low] probability
+# for cache-line to remain untouched in large chunk operation with
+# large S-box as for single block operation with compact S-box and
+# surely needs more careful consideration...
+#
+# As for asynchronous attacks. There are two flavours: attacker code
+# being interleaved with AES on hyper-threading CPU at *instruction*
+# level, and two processes time sharing single core. As for latter.
+# Two vectors. 1. Given that attacker process has higher priority,
+# yield execution to process performing AES just before timer fires
+# off the scheduler, immediately regain control of CPU and analyze the
+# cache state. For this attack to be efficient attacker would have to
+# effectively slow down the operation by several *orders* of magnitute,
+# by ratio of time slice to duration of handful of AES rounds, which
+# unlikely to remain unnoticed. Not to mention that this also means
+# that he would spend correspondigly more time to collect enough
+# statistical data to mount the attack. It's probably appropriate to
+# say that if adeversary reckons that this attack is beneficial and
+# risks to be noticed, you probably have larger problems having him
+# mere opportunity. In other words suggested code design expects you
+# to preclude/mitigate this attack by overall system security design.
+# 2. Attacker manages to make his code interrupt driven. In order for
+# this kind of attack to be feasible, interrupt rate has to be high
+# enough, again comparable to duration of handful of AES rounds. But
+# is there interrupt source of such rate? Hardly, not even 1Gbps NIC
+# generates interrupts at such raging rate...
+#
+# And now back to the former, hyper-threading CPU or more specifically
+# Intel P4. Recall that asynchronous attack implies that malicious
+# code instruments itself. And naturally instrumentation granularity
+# has be noticeably lower than duration of codepath accessing S-box.
+# Given that all cache-lines are accessed during that time that is.
+# Current implementation accesses *all* cache-lines within ~50 cycles
+# window, which is actually *less* than RDTSC latency on Intel P4!
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+push(@INC,"${dir}","${dir}../../perlasm");
 require "x86asm.pl";
 
-&asm_init($ARGV[0],"aes-586.pl",$ARGV[$#ARGV] eq "386");
+&asm_init($ARGV[0],"aes-586.pl",$x86only = $ARGV[$#ARGV] eq "386");
+&static_label("AES_Te");
+&static_label("AES_Td");
 
 $s0="eax";
 $s1="ebx";
@@ -80,15 +200,36 @@ $s2="ecx";
 $s3="edx";
 $key="edi";
 $acc="esi";
-
+$tbl="ebp";
+
+# stack frame layout in _[x86|sse]_AES_* routines, frame is allocated
+# by caller
+$__ra=&DWP(0,"esp");	# return address
+$__s0=&DWP(4,"esp");	# s0 backing store
+$__s1=&DWP(8,"esp");	# s1 backing store
+$__s2=&DWP(12,"esp");	# s2 backing store
+$__s3=&DWP(16,"esp");	# s3 backing store
+$__key=&DWP(20,"esp");	# pointer to key schedule
+$__end=&DWP(24,"esp");	# pointer to end of key schedule
+$__tbl=&DWP(28,"esp");	# %ebp backing store
+
+# stack frame layout in AES_[en|crypt] routines, which differs from
+# above by 4 and overlaps by %ebp backing store
+$_tbl=&DWP(24,"esp");
+$_esp=&DWP(28,"esp");
+
+sub _data_word() { my $i; while(defined($i=shift)) { &data_word($i,$i); } }
+
+$speed_limit=512;	# chunks smaller than $speed_limit are
+			# processed with compact routine in CBC mode
 $small_footprint=1;	# $small_footprint=1 code is ~5% slower [on
 			# recent µ-archs], but ~5 times smaller!
 			# I favor compact code to minimize cache
 			# contention and in hope to "collect" 5% back
 			# in real-life applications...
+
 $vertical_spin=0;	# shift "verticaly" defaults to 0, because of
 			# its proof-of-concept status...
-
 # Note that there is no decvert(), as well as last encryption round is
 # performed with "horizontal" shifts. This is because this "vertical"
 # implementation [one which groups shifts on a given $s[i] to form a
@@ -104,87 +245,554 @@ sub encvert()
   my $v0 = $acc, $v1 = $key;
 
 	&mov	($v0,$s[3]);				# copy s3
-	&mov	(&DWP(0,"esp"),$s[2]);			# save s2
+	&mov	(&DWP(4,"esp"),$s[2]);			# save s2
 	&mov	($v1,$s[0]);				# copy s0
-	&mov	(&DWP(4,"esp"),$s[1]);			# save s1
+	&mov	(&DWP(8,"esp"),$s[1]);			# save s1
 
 	&movz	($s[2],&HB($s[0]));
 	&and	($s[0],0xFF);
-	&mov	($s[0],&DWP(1024*0,$te,$s[0],4));	# s0>>0
+	&mov	($s[0],&DWP(0,$te,$s[0],8));		# s0>>0
 	&shr	($v1,16);
-	&mov	($s[3],&DWP(1024*1,$te,$s[2],4));	# s0>>8
+	&mov	($s[3],&DWP(3,$te,$s[2],8));		# s0>>8
 	&movz	($s[1],&HB($v1));
 	&and	($v1,0xFF);
-	&mov	($s[2],&DWP(1024*2,$te,$v1,4));		# s0>>16
+	&mov	($s[2],&DWP(2,$te,$v1,8));		# s0>>16
 	 &mov	($v1,$v0);
-	&mov	($s[1],&DWP(1024*3,$te,$s[1],4));	# s0>>24
+	&mov	($s[1],&DWP(1,$te,$s[1],8));		# s0>>24
 
 	&and	($v0,0xFF);
-	&xor	($s[3],&DWP(1024*0,$te,$v0,4));		# s3>>0
+	&xor	($s[3],&DWP(0,$te,$v0,8));		# s3>>0
 	&movz	($v0,&HB($v1));
 	&shr	($v1,16);
-	&xor	($s[2],&DWP(1024*1,$te,$v0,4));		# s3>>8
+	&xor	($s[2],&DWP(3,$te,$v0,8));		# s3>>8
 	&movz	($v0,&HB($v1));
 	&and	($v1,0xFF);
-	&xor	($s[1],&DWP(1024*2,$te,$v1,4));		# s3>>16
-	 &mov	($v1,&DWP(0,"esp"));			# restore s2
-	&xor	($s[0],&DWP(1024*3,$te,$v0,4));		# s3>>24
+	&xor	($s[1],&DWP(2,$te,$v1,8));		# s3>>16
+	 &mov	($v1,&DWP(4,"esp"));			# restore s2
+	&xor	($s[0],&DWP(1,$te,$v0,8));		# s3>>24
 
 	&mov	($v0,$v1);
 	&and	($v1,0xFF);
-	&xor	($s[2],&DWP(1024*0,$te,$v1,4));		# s2>>0
+	&xor	($s[2],&DWP(0,$te,$v1,8));		# s2>>0
 	&movz	($v1,&HB($v0));
 	&shr	($v0,16);
-	&xor	($s[1],&DWP(1024*1,$te,$v1,4));		# s2>>8
+	&xor	($s[1],&DWP(3,$te,$v1,8));		# s2>>8
 	&movz	($v1,&HB($v0));
 	&and	($v0,0xFF);
-	&xor	($s[0],&DWP(1024*2,$te,$v0,4));		# s2>>16
-	 &mov	($v0,&DWP(4,"esp"));			# restore s1
-	&xor	($s[3],&DWP(1024*3,$te,$v1,4));		# s2>>24
+	&xor	($s[0],&DWP(2,$te,$v0,8));		# s2>>16
+	 &mov	($v0,&DWP(8,"esp"));			# restore s1
+	&xor	($s[3],&DWP(1,$te,$v1,8));		# s2>>24
 
 	&mov	($v1,$v0);
 	&and	($v0,0xFF);
-	&xor	($s[1],&DWP(1024*0,$te,$v0,4));		# s1>>0
+	&xor	($s[1],&DWP(0,$te,$v0,8));		# s1>>0
 	&movz	($v0,&HB($v1));
 	&shr	($v1,16);
-	&xor	($s[0],&DWP(1024*1,$te,$v0,4));		# s1>>8
+	&xor	($s[0],&DWP(3,$te,$v0,8));		# s1>>8
 	&movz	($v0,&HB($v1));
 	&and	($v1,0xFF);
-	&xor	($s[3],&DWP(1024*2,$te,$v1,4));		# s1>>16
-	 &mov	($key,&DWP(12,"esp"));			# reincarnate v1 as key
-	&xor	($s[2],&DWP(1024*3,$te,$v0,4));		# s1>>24
+	&xor	($s[3],&DWP(2,$te,$v1,8));		# s1>>16
+	 &mov	($key,$__key);				# reincarnate v1 as key
+	&xor	($s[2],&DWP(1,$te,$v0,8));		# s1>>24
+}
+
+# Another experimental routine, which features "horizontal spin," but
+# eliminates one reference to stack. Strangely enough runs slower...
+sub enchoriz()
+{ my $v0 = $key, $v1 = $acc;
+
+	&movz	($v0,&LB($s0));			#  3, 2, 1, 0*
+	&rotr	($s2,8);			#  8,11,10, 9
+	&mov	($v1,&DWP(0,$te,$v0,8));	#  0
+	&movz	($v0,&HB($s1));			#  7, 6, 5*, 4
+	&rotr	($s3,16);			# 13,12,15,14
+	&xor	($v1,&DWP(3,$te,$v0,8));	#  5
+	&movz	($v0,&HB($s2));			#  8,11,10*, 9
+	&rotr	($s0,16);			#  1, 0, 3, 2
+	&xor	($v1,&DWP(2,$te,$v0,8));	# 10
+	&movz	($v0,&HB($s3));			# 13,12,15*,14
+	&xor	($v1,&DWP(1,$te,$v0,8));	# 15, t[0] collected
+	&mov	($__s0,$v1);			# t[0] saved
+
+	&movz	($v0,&LB($s1));			#  7, 6, 5, 4*
+	&shr	($s1,16);			#  -, -, 7, 6
+	&mov	($v1,&DWP(0,$te,$v0,8));	#  4
+	&movz	($v0,&LB($s3));			# 13,12,15,14*
+	&xor	($v1,&DWP(2,$te,$v0,8));	# 14
+	&movz	($v0,&HB($s0));			#  1, 0, 3*, 2
+	&and	($s3,0xffff0000);		# 13,12, -, -
+	&xor	($v1,&DWP(1,$te,$v0,8));	#  3
+	&movz	($v0,&LB($s2));			#  8,11,10, 9*
+	&or	($s3,$s1);			# 13,12, 7, 6
+	&xor	($v1,&DWP(3,$te,$v0,8));	#  9, t[1] collected
+	&mov	($s1,$v1);			#  s[1]=t[1]
+
+	&movz	($v0,&LB($s0));			#  1, 0, 3, 2*
+	&shr	($s2,16);			#  -, -, 8,11
+	&mov	($v1,&DWP(2,$te,$v0,8));	#  2
+	&movz	($v0,&HB($s3));			# 13,12, 7*, 6
+	&xor	($v1,&DWP(1,$te,$v0,8));	#  7
+	&movz	($v0,&HB($s2));			#  -, -, 8*,11
+	&xor	($v1,&DWP(0,$te,$v0,8));	#  8
+	&mov	($v0,$s3);
+	&shr	($v0,24);			# 13
+	&xor	($v1,&DWP(3,$te,$v0,8));	# 13, t[2] collected
+
+	&movz	($v0,&LB($s2));			#  -, -, 8,11*
+	&shr	($s0,24);			#  1*
+	&mov	($s2,&DWP(1,$te,$v0,8));	# 11
+	&xor	($s2,&DWP(3,$te,$s0,8));	#  1
+	&mov	($s0,$__s0);			# s[0]=t[0]
+	&movz	($v0,&LB($s3));			# 13,12, 7, 6*
+	&shr	($s3,16);			#   ,  ,13,12
+	&xor	($s2,&DWP(2,$te,$v0,8));	#  6
+	&mov	($key,$__key);			# reincarnate v0 as key
+	&and	($s3,0xff);			#   ,  ,13,12*
+	&mov	($s3,&DWP(0,$te,$s3,8));	# 12
+	&xor	($s3,$s2);			# s[2]=t[3] collected
+	&mov	($s2,$v1);			# s[2]=t[2]
+}
+
+# More experimental code... SSE one... Even though this one eliminates
+# *all* references to stack, it's not faster...
+sub sse_encbody()
+{
+	&movz	($acc,&LB("eax"));		#  0
+	&mov	("ecx",&DWP(0,$tbl,$acc,8));	#  0
+	&pshufw	("mm2","mm0",0x0d);		#  7, 6, 3, 2
+	&movz	("edx",&HB("eax"));		#  1
+	&mov	("edx",&DWP(3,$tbl,"edx",8));	#  1
+	&shr	("eax",16);			#  5, 4
+
+	&movz	($acc,&LB("ebx"));		# 10
+	&xor	("ecx",&DWP(2,$tbl,$acc,8));	# 10
+	&pshufw	("mm6","mm4",0x08);		# 13,12, 9, 8
+	&movz	($acc,&HB("ebx"));		# 11
+	&xor	("edx",&DWP(1,$tbl,$acc,8));	# 11
+	&shr	("ebx",16);			# 15,14
+
+	&movz	($acc,&HB("eax"));		#  5
+	&xor	("ecx",&DWP(3,$tbl,$acc,8));	#  5
+	&movq	("mm3",QWP(16,$key));
+	&movz	($acc,&HB("ebx"));		# 15
+	&xor	("ecx",&DWP(1,$tbl,$acc,8));	# 15
+	&movd	("mm0","ecx");			# t[0] collected
+
+	&movz	($acc,&LB("eax"));		#  4
+	&mov	("ecx",&DWP(0,$tbl,$acc,8));	#  4
+	&movd	("eax","mm2");			#  7, 6, 3, 2
+	&movz	($acc,&LB("ebx"));		# 14
+	&xor	("ecx",&DWP(2,$tbl,$acc,8));	# 14
+	&movd	("ebx","mm6");			# 13,12, 9, 8
+
+	&movz	($acc,&HB("eax"));		#  3
+	&xor	("ecx",&DWP(1,$tbl,$acc,8));	#  3
+	&movz	($acc,&HB("ebx"));		#  9
+	&xor	("ecx",&DWP(3,$tbl,$acc,8));	#  9
+	&movd	("mm1","ecx");			# t[1] collected
+
+	&movz	($acc,&LB("eax"));		#  2
+	&mov	("ecx",&DWP(2,$tbl,$acc,8));	#  2
+	&shr	("eax",16);			#  7, 6
+	&punpckldq	("mm0","mm1");		# t[0,1] collected
+	&movz	($acc,&LB("ebx"));		#  8
+	&xor	("ecx",&DWP(0,$tbl,$acc,8));	#  8
+	&shr	("ebx",16);			# 13,12
+
+	&movz	($acc,&HB("eax"));		#  7
+	&xor	("ecx",&DWP(1,$tbl,$acc,8));	#  7
+	&pxor	("mm0","mm3");
+	&movz	("eax",&LB("eax"));		#  6
+	&xor	("edx",&DWP(2,$tbl,"eax",8));	#  6
+	&pshufw	("mm1","mm0",0x08);		#  5, 4, 1, 0
+	&movz	($acc,&HB("ebx"));		# 13
+	&xor	("ecx",&DWP(3,$tbl,$acc,8));	# 13
+	&xor	("ecx",&DWP(24,$key));		# t[2]
+	&movd	("mm4","ecx");			# t[2] collected
+	&movz	("ebx",&LB("ebx"));		# 12
+	&xor	("edx",&DWP(0,$tbl,"ebx",8));	# 12
+	&shr	("ecx",16);
+	&movd	("eax","mm1");			#  5, 4, 1, 0
+	&mov	("ebx",&DWP(28,$key));		# t[3]
+	&xor	("ebx","edx");
+	&movd	("mm5","ebx");			# t[3] collected
+	&and	("ebx",0xffff0000);
+	&or	("ebx","ecx");
+
+	&punpckldq	("mm4","mm5");		# t[2,3] collected
+}
+
+######################################################################
+# "Compact" block function
+######################################################################
+
+sub enccompact()
+{ my $Fn = mov;
+  while ($#_>5) { pop(@_); $Fn=sub{}; }
+  my ($i,$te,@s)=@_;
+  my $tmp = $key;
+  my $out = $i==3?$s[0]:$acc;
+
+	# $Fn is used in first compact round and its purpose is to
+	# void restoration of some values from stack, so that after
+	# 4xenccompact with extra argument $key value is left there...
+	if ($i==3)  {	&$Fn	($key,$__key);			}##%edx
+	else        {	&mov	($out,$s[0]);			}
+			&and	($out,0xFF);
+	if ($i==1)  {	&shr	($s[0],16);			}#%ebx[1]
+	if ($i==2)  {	&shr	($s[0],24);			}#%ecx[2]
+			&movz	($out,&BP(-128,$te,$out,1));
+
+	if ($i==3)  {	$tmp=$s[1];				}##%eax
+			&movz	($tmp,&HB($s[1]));
+			&movz	($tmp,&BP(-128,$te,$tmp,1));
+			&shl	($tmp,8);
+			&xor	($out,$tmp);
+
+	if ($i==3)  {	$tmp=$s[2]; &mov ($s[1],$__s0);		}##%ebx
+	else        {	&mov	($tmp,$s[2]);
+			&shr	($tmp,16);			}
+	if ($i==2)  {	&and	($s[1],0xFF);			}#%edx[2]
+			&and	($tmp,0xFF);
+			&movz	($tmp,&BP(-128,$te,$tmp,1));
+			&shl	($tmp,16);
+			&xor	($out,$tmp);
+
+	if ($i==3)  {	$tmp=$s[3]; &mov ($s[2],$__s1);		}##%ecx
+	elsif($i==2){	&movz	($tmp,&HB($s[3]));		}#%ebx[2]
+	else        {	&mov	($tmp,$s[3]);
+			&shr	($tmp,24);			}
+			&movz	($tmp,&BP(-128,$te,$tmp,1));
+			&shl	($tmp,24);
+			&xor	($out,$tmp);
+	if ($i<2)   {	&mov	(&DWP(4+4*$i,"esp"),$out);	}
+	if ($i==3)  {	&mov	($s[3],$acc);			}
+	&comment();
+}
+
+sub enctransform()
+{ my @s = ($s0,$s1,$s2,$s3);
+  my $i = shift;
+  my $tmp = $tbl;
+  my $r2  = $key ;
+
+	&mov	($acc,$s[$i]);
+	&and	($acc,0x80808080);
+	&mov	($tmp,$acc);
+	&shr	($tmp,7);
+	&lea	($r2,&DWP(0,$s[$i],$s[$i]));
+	&sub	($acc,$tmp);
+	&and	($r2,0xfefefefe);
+	&and	($acc,0x1b1b1b1b);
+	&mov	($tmp,$s[$i]);
+	&xor	($acc,$r2);	# r2
+
+	&xor	($s[$i],$acc);	# r0 ^ r2
+	&rotl	($s[$i],24);
+	&xor	($s[$i],$acc)	# ROTATE(r2^r0,24) ^ r2
+	&rotr	($tmp,16);
+	&xor	($s[$i],$tmp);
+	&rotr	($tmp,8);
+	&xor	($s[$i],$tmp);
+}
+
+&function_begin_B("_x86_AES_encrypt_compact");
+	# note that caller is expected to allocate stack frame for me!
+	&mov	($__key,$key);			# save key
+
+	&xor	($s0,&DWP(0,$key));		# xor with key
+	&xor	($s1,&DWP(4,$key));
+	&xor	($s2,&DWP(8,$key));
+	&xor	($s3,&DWP(12,$key));
+
+	&mov	($acc,&DWP(240,$key));		# load key->rounds
+	&lea	($acc,&DWP(-2,$acc,$acc));
+	&lea	($acc,&DWP(0,$key,$acc,8));
+	&mov	($__end,$acc);			# end of key schedule
+
+	# prefetch Te4
+	&mov	($key,&DWP(0-128,$tbl));
+	&mov	($acc,&DWP(32-128,$tbl));
+	&mov	($key,&DWP(64-128,$tbl));
+	&mov	($acc,&DWP(96-128,$tbl));
+	&mov	($key,&DWP(128-128,$tbl));
+	&mov	($acc,&DWP(160-128,$tbl));
+	&mov	($key,&DWP(192-128,$tbl));
+	&mov	($acc,&DWP(224-128,$tbl));
+
+	&set_label("loop",16);
+
+		&enccompact(0,$tbl,$s0,$s1,$s2,$s3,1);
+		&enccompact(1,$tbl,$s1,$s2,$s3,$s0,1);
+		&enccompact(2,$tbl,$s2,$s3,$s0,$s1,1);
+		&enccompact(3,$tbl,$s3,$s0,$s1,$s2,1);
+		&enctransform(2);
+		&enctransform(3);
+		&enctransform(0);
+		&enctransform(1);
+		&mov 	($key,$__key);
+		&mov	($tbl,$__tbl);
+		&add	($key,16);		# advance rd_key
+		&xor	($s0,&DWP(0,$key));
+		&xor	($s1,&DWP(4,$key));
+		&xor	($s2,&DWP(8,$key));
+		&xor	($s3,&DWP(12,$key));
+
+	&cmp	($key,$__end);
+	&mov	($__key,$key);
+	&jb	(&label("loop"));
+
+	&enccompact(0,$tbl,$s0,$s1,$s2,$s3);
+	&enccompact(1,$tbl,$s1,$s2,$s3,$s0);
+	&enccompact(2,$tbl,$s2,$s3,$s0,$s1);
+	&enccompact(3,$tbl,$s3,$s0,$s1,$s2);
+
+	&xor	($s0,&DWP(16,$key));
+	&xor	($s1,&DWP(20,$key));
+	&xor	($s2,&DWP(24,$key));
+	&xor	($s3,&DWP(28,$key));
+
+	&ret	();
+&function_end_B("_x86_AES_encrypt_compact");
+
+######################################################################
+# "Compact" SSE block function.
+######################################################################
+#
+# Performance is not actually extraordinary in comparison to pure
+# x86 code. In particular encrypt performance is virtually the same.
+# Decrypt performance on the other hand is 15-20% better on newer
+# µ-archs [but we're thankful for *any* improvement here], and ~50%
+# better on PIII:-) And additionally on the pros side this code
+# eliminates redundant references to stack and thus relieves/
+# minimizes the pressure on the memory bus.
+#
+# MMX register layout                           lsb
+# +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
+# |          mm4          |          mm0          |
+# +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
+# |     s3    |     s2    |     s1    |     s0    |    
+# +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
+# |15|14|13|12|11|10| 9| 8| 7| 6| 5| 4| 3| 2| 1| 0|
+# +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
+#
+# Indexes translate as s[N/4]>>(8*(N%4)), e.g. 5 means s1>>8.
+# In this terms encryption and decryption "compact" permutation
+# matrices can be depicted as following:
+#
+# encryption              lsb	# decryption              lsb
+# +----++----+----+----+----+	# +----++----+----+----+----+
+# | t0 || 15 | 10 |  5 |  0 |	# | t0 ||  7 | 10 | 13 |  0 |
+# +----++----+----+----+----+	# +----++----+----+----+----+
+# | t1 ||  3 | 14 |  9 |  4 |	# | t1 || 11 | 14 |  1 |  4 |
+# +----++----+----+----+----+	# +----++----+----+----+----+
+# | t2 ||  7 |  2 | 13 |  8 |	# | t2 || 15 |  2 |  5 |  8 |
+# +----++----+----+----+----+	# +----++----+----+----+----+
+# | t3 || 11 |  6 |  1 | 12 |	# | t3 ||  3 |  6 |  9 | 12 |
+# +----++----+----+----+----+	# +----++----+----+----+----+
+#
+######################################################################
+# Why not xmm registers? Short answer. It was actually tested and
+# was not any faster, but *contrary*, most notably on Intel CPUs.
+# Longer answer. Main advantage of using mm registers is that movd
+# latency is lower, especially on Intel P4. While arithmetic
+# instructions are twice as many, they can be scheduled every cycle
+# and not every second one when they are operating on xmm register,
+# so that "arithmetic throughput" remains virtually the same. And
+# finally the code can be executed even on elder SSE-only CPUs:-)
+
+sub sse_enccompact()
+{
+	&pshufw	("mm1","mm0",0x08);		#  5, 4, 1, 0
+	&pshufw	("mm5","mm4",0x0d);		# 15,14,11,10
+	&movd	("eax","mm1");			#  5, 4, 1, 0
+	&movd	("ebx","mm5");			# 15,14,11,10
+
+	&movz	($acc,&LB("eax"));		#  0
+	&movz	("ecx",&BP(-128,$tbl,$acc,1));	#  0
+	&pshufw	("mm2","mm0",0x0d);		#  7, 6, 3, 2
+	&movz	("edx",&HB("eax"));		#  1
+	&movz	("edx",&BP(-128,$tbl,"edx",1));	#  1
+	&shl	("edx",8);			#  1
+	&shr	("eax",16);			#  5, 4
+
+	&movz	($acc,&LB("ebx"));		# 10
+	&movz	($acc,&BP(-128,$tbl,$acc,1));	# 10
+	&shl	($acc,16);			# 10
+	&or	("ecx",$acc);			# 10
+	&pshufw	("mm6","mm4",0x08);		# 13,12, 9, 8
+	&movz	($acc,&HB("ebx"));		# 11
+	&movz	($acc,&BP(-128,$tbl,$acc,1));	# 11
+	&shl	($acc,24);			# 11
+	&or	("edx",$acc);			# 11
+	&shr	("ebx",16);			# 15,14
+
+	&movz	($acc,&HB("eax"));		#  5
+	&movz	($acc,&BP(-128,$tbl,$acc,1));	#  5
+	&shl	($acc,8);			#  5
+	&or	("ecx",$acc);			#  5
+	&movz	($acc,&HB("ebx"));		# 15
+	&movz	($acc,&BP(-128,$tbl,$acc,1));	# 15
+	&shl	($acc,24);			# 15
+	&or	("ecx",$acc);			# 15
+	&movd	("mm0","ecx");			# t[0] collected
+
+	&movz	($acc,&LB("eax"));		#  4
+	&movz	("ecx",&BP(-128,$tbl,$acc,1));	#  4
+	&movd	("eax","mm2");			#  7, 6, 3, 2
+	&movz	($acc,&LB("ebx"));		# 14
+	&movz	($acc,&BP(-128,$tbl,$acc,1));	# 14
+	&shl	($acc,16);			# 14
+	&or	("ecx",$acc);			# 14
+
+	&movd	("ebx","mm6");			# 13,12, 9, 8
+	&movz	($acc,&HB("eax"));		#  3
+	&movz	($acc,&BP(-128,$tbl,$acc,1));	#  3
+	&shl	($acc,24);			#  3
+	&or	("ecx",$acc);			#  3
+	&movz	($acc,&HB("ebx"));		#  9
+	&movz	($acc,&BP(-128,$tbl,$acc,1));	#  9
+	&shl	($acc,8);			#  9
+	&or	("ecx",$acc);			#  9
+	&movd	("mm1","ecx");			# t[1] collected
+
+	&movz	($acc,&LB("ebx"));		#  8
+	&movz	("ecx",&BP(-128,$tbl,$acc,1));	#  8
+	&shr	("ebx",16);			# 13,12
+	&movz	($acc,&LB("eax"));		#  2
+	&movz	($acc,&BP(-128,$tbl,$acc,1));	#  2
+	&shl	($acc,16);			#  2
+	&or	("ecx",$acc);			#  2
+	&shr	("eax",16);			#  7, 6
+
+	&punpckldq	("mm0","mm1");		# t[0,1] collected
+
+	&movz	($acc,&HB("eax"));		#  7
+	&movz	($acc,&BP(-128,$tbl,$acc,1));	#  7
+	&shl	($acc,24);			#  7
+	&or	("ecx",$acc);			#  7
+	&and	("eax",0xff);			#  6
+	&movz	("eax",&BP(-128,$tbl,"eax",1));	#  6
+	&shl	("eax",16);			#  6
+	&or	("edx","eax");			#  6
+	&movz	($acc,&HB("ebx"));		# 13
+	&movz	($acc,&BP(-128,$tbl,$acc,1));	# 13
+	&shl	($acc,8);			# 13
+	&or	("ecx",$acc);			# 13
+	&movd	("mm4","ecx");			# t[2] collected
+	&and	("ebx",0xff);			# 12
+	&movz	("ebx",&BP(-128,$tbl,"ebx",1));	# 12
+	&or	("edx","ebx");			# 12
+	&movd	("mm5","edx");			# t[3] collected
+
+	&punpckldq	("mm4","mm5");		# t[2,3] collected
 }
 
+					if (!$x86only) {
+&function_begin_B("_sse_AES_encrypt_compact");
+	&pxor	("mm0",&QWP(0,$key));	#  7, 6, 5, 4, 3, 2, 1, 0
+	&pxor	("mm4",&QWP(8,$key));	# 15,14,13,12,11,10, 9, 8
+
+	# note that caller is expected to allocate stack frame for me!
+	&mov	($acc,&DWP(240,$key));		# load key->rounds
+	&lea	($acc,&DWP(-2,$acc,$acc));
+	&lea	($acc,&DWP(0,$key,$acc,8));
+	&mov	($__end,$acc);			# end of key schedule
+
+	&mov	($s0,0x1b1b1b1b);		# magic constant
+	&mov	(&DWP(8,"esp"),$s0);
+	&mov	(&DWP(12,"esp"),$s0);
+
+	# prefetch Te4
+	&mov	($s0,&DWP(0-128,$tbl));
+	&mov	($s1,&DWP(32-128,$tbl));
+	&mov	($s2,&DWP(64-128,$tbl));
+	&mov	($s3,&DWP(96-128,$tbl));
+	&mov	($s0,&DWP(128-128,$tbl));
+	&mov	($s1,&DWP(160-128,$tbl));
+	&mov	($s2,&DWP(192-128,$tbl));
+	&mov	($s3,&DWP(224-128,$tbl));
+
+	&set_label("loop",16);
+		&sse_enccompact();
+		&add	($key,16);
+		&cmp	($key,$__end);
+		&ja	(&label("out"));
+
+		&movq	("mm2",&QWP(8,"esp"));
+		&pxor	("mm3","mm3");		&pxor	("mm7","mm7");
+		&movq	("mm1","mm0");		&movq	("mm5","mm4");	# r0
+		&pcmpgtb("mm3","mm0");		&pcmpgtb("mm7","mm4");
+		&pand	("mm3","mm2");		&pand	("mm7","mm2");
+		&pshufw	("mm2","mm0",0xb1);	&pshufw	("mm6","mm4",0xb1);# ROTATE(r0,16)
+		&paddb	("mm0","mm0");		&paddb	("mm4","mm4");
+		&pxor	("mm0","mm3");		&pxor	("mm4","mm7");	# = r2
+		&pshufw	("mm3","mm2",0xb1);	&pshufw	("mm7","mm6",0xb1);# r0
+		&pxor	("mm1","mm0");		&pxor	("mm5","mm4");	# r0^r2
+		&pxor	("mm0","mm2");		&pxor	("mm4","mm6");	# ^= ROTATE(r0,16)
+
+		&movq	("mm2","mm3");		&movq	("mm6","mm7");
+		&pslld	("mm3",8);		&pslld	("mm7",8);
+		&psrld	("mm2",24);		&psrld	("mm6",24);
+		&pxor	("mm0","mm3");		&pxor	("mm4","mm7");	# ^= r0<<8
+		&pxor	("mm0","mm2");		&pxor	("mm4","mm6");	# ^= r0>>24
+
+		&movq	("mm3","mm1");		&movq	("mm7","mm5");
+		&movq	("mm2",&QWP(0,$key));	&movq	("mm6",&QWP(8,$key));
+		&psrld	("mm1",8);		&psrld	("mm5",8);
+		&mov	($s0,&DWP(0-128,$tbl));
+		&pslld	("mm3",24);		&pslld	("mm7",24);
+		&mov	($s1,&DWP(64-128,$tbl));
+		&pxor	("mm0","mm1");		&pxor	("mm4","mm5");	# ^= (r2^r0)<<8
+		&mov	($s2,&DWP(128-128,$tbl));
+		&pxor	("mm0","mm3");		&pxor	("mm4","mm7");	# ^= (r2^r0)>>24
+		&mov	($s3,&DWP(192-128,$tbl));
+
+		&pxor	("mm0","mm2");		&pxor	("mm4","mm6");
+	&jmp	(&label("loop"));
+
+	&set_label("out",16);
+	&pxor	("mm0",&QWP(0,$key));
+	&pxor	("mm4",&QWP(8,$key));
+
+	&ret	();
+&function_end_B("_sse_AES_encrypt_compact");
+					}
+
+######################################################################
+# Vanilla block function.
+######################################################################
+
 sub encstep()
 { my ($i,$te,@s) = @_;
   my $tmp = $key;
   my $out = $i==3?$s[0]:$acc;
 
 	# lines marked with #%e?x[i] denote "reordered" instructions...
-	if ($i==3)  {	&mov	($key,&DWP(12,"esp"));		}##%edx
+	if ($i==3)  {	&mov	($key,$__key);			}##%edx
 	else        {	&mov	($out,$s[0]);
 			&and	($out,0xFF);			}
 	if ($i==1)  {	&shr	($s[0],16);			}#%ebx[1]
 	if ($i==2)  {	&shr	($s[0],24);			}#%ecx[2]
-			&mov	($out,&DWP(1024*0,$te,$out,4));
+			&mov	($out,&DWP(0,$te,$out,8));
 
 	if ($i==3)  {	$tmp=$s[1];				}##%eax
 			&movz	($tmp,&HB($s[1]));
-			&xor	($out,&DWP(1024*1,$te,$tmp,4));
+			&xor	($out,&DWP(3,$te,$tmp,8));
 
-	if ($i==3)  {	$tmp=$s[2]; &mov ($s[1],&DWP(0,"esp"));	}##%ebx
+	if ($i==3)  {	$tmp=$s[2]; &mov ($s[1],$__s0);		}##%ebx
 	else        {	&mov	($tmp,$s[2]);
 			&shr	($tmp,16);			}
 	if ($i==2)  {	&and	($s[1],0xFF);			}#%edx[2]
 			&and	($tmp,0xFF);
-			&xor	($out,&DWP(1024*2,$te,$tmp,4));
+			&xor	($out,&DWP(2,$te,$tmp,8));
 
-	if ($i==3)  {	$tmp=$s[3]; &mov ($s[2],&DWP(4,"esp"));	}##%ecx
+	if ($i==3)  {	$tmp=$s[3]; &mov ($s[2],$__s1);		}##%ecx
 	elsif($i==2){	&movz	($tmp,&HB($s[3]));		}#%ebx[2]
 	else        {	&mov	($tmp,$s[3]); 
 			&shr	($tmp,24)			}
-			&xor	($out,&DWP(1024*3,$te,$tmp,4));
-	if ($i<2)   {	&mov	(&DWP(4*$i,"esp"),$out);	}
+			&xor	($out,&DWP(1,$te,$tmp,8));
+	if ($i<2)   {	&mov	(&DWP(4+4*$i,"esp"),$out);	}
 	if ($i==3)  {	&mov	($s[3],$acc);			}
 			&comment();
 }
@@ -194,41 +802,40 @@ sub enclast()
   my $tmp = $key;
   my $out = $i==3?$s[0]:$acc;
 
-	if ($i==3)  {	&mov	($key,&DWP(12,"esp"));		}##%edx
+	if ($i==3)  {	&mov	($key,$__key);			}##%edx
 	else        {	&mov	($out,$s[0]);			}
 			&and	($out,0xFF);
 	if ($i==1)  {	&shr	($s[0],16);			}#%ebx[1]
 	if ($i==2)  {	&shr	($s[0],24);			}#%ecx[2]
-			&mov	($out,&DWP(1024*4,$te,$out,4));
+			&mov	($out,&DWP(2,$te,$out,8));
 			&and	($out,0x000000ff);
 
 	if ($i==3)  {	$tmp=$s[1];				}##%eax
 			&movz	($tmp,&HB($s[1]));
-			&mov	($tmp,&DWP(1024*4,$te,$tmp,4));
+			&mov	($tmp,&DWP(0,$te,$tmp,8));
 			&and	($tmp,0x0000ff00);
 			&xor	($out,$tmp);
 
-	if ($i==3)  {	$tmp=$s[2]; &mov ($s[1],&DWP(0,"esp"));	}##%ebx
-	else        {	mov	($tmp,$s[2]);
+	if ($i==3)  {	$tmp=$s[2]; &mov ($s[1],$__s0);		}##%ebx
+	else        {	&mov	($tmp,$s[2]);
 			&shr	($tmp,16);			}
 	if ($i==2)  {	&and	($s[1],0xFF);			}#%edx[2]
 			&and	($tmp,0xFF);
-			&mov	($tmp,&DWP(1024*4,$te,$tmp,4));
+			&mov	($tmp,&DWP(0,$te,$tmp,8));
 			&and	($tmp,0x00ff0000);
 			&xor	($out,$tmp);
 
-	if ($i==3)  {	$tmp=$s[3]; &mov ($s[2],&DWP(4,"esp"));	}##%ecx
+	if ($i==3)  {	$tmp=$s[3]; &mov ($s[2],$__s1);		}##%ecx
 	elsif($i==2){	&movz	($tmp,&HB($s[3]));		}#%ebx[2]
 	else        {	&mov	($tmp,$s[3]);
 			&shr	($tmp,24);			}
-			&mov	($tmp,&DWP(1024*4,$te,$tmp,4));
+			&mov	($tmp,&DWP(2,$te,$tmp,8));
 			&and	($tmp,0xff000000);
 			&xor	($out,$tmp);
-	if ($i<2)   {	&mov	(&DWP(4*$i,"esp"),$out);	}
+	if ($i<2)   {	&mov	(&DWP(4+4*$i,"esp"),$out);	}
 	if ($i==3)  {	&mov	($s[3],$acc);			}
 }
 
-&public_label("AES_Te");
 &function_begin_B("_x86_AES_encrypt");
 	if ($vertical_spin) {
 		# I need high parts of volatile registers to be accessible...
@@ -236,13 +843,8 @@ sub enclast()
 		&mov	($s2="esi",$acc="ecx");
 	}
 
-	# allocate aligned stack frame
-	&mov	($acc,"esp");
-	&sub	("esp",20);
-	&and	("esp",-16);
-
-	&mov	(&DWP(12,"esp"),$key);		# save key
-	&mov	(&DWP(16,"esp"),$acc);		# save %esp
+	# note that caller is expected to allocate stack frame for me!
+	&mov	($__key,$key);			# save key
 
 	&xor	($s0,&DWP(0,$key));		# xor with key
 	&xor	($s1,&DWP(4,$key));
@@ -254,24 +856,24 @@ sub enclast()
 	if ($small_footprint) {
 	    &lea	($acc,&DWP(-2,$acc,$acc));
 	    &lea	($acc,&DWP(0,$key,$acc,8));
-	    &mov	(&DWP(8,"esp"),$acc);	# end of key schedule
-	    &align	(4);
-	    &set_label("loop");
+	    &mov	($__end,$acc);		# end of key schedule
+
+	    &set_label("loop",16);
 		if ($vertical_spin) {
-		    &encvert("ebp",$s0,$s1,$s2,$s3);
+		    &encvert($tbl,$s0,$s1,$s2,$s3);
 		} else {
-		    &encstep(0,"ebp",$s0,$s1,$s2,$s3);
-		    &encstep(1,"ebp",$s1,$s2,$s3,$s0);
-		    &encstep(2,"ebp",$s2,$s3,$s0,$s1);
-		    &encstep(3,"ebp",$s3,$s0,$s1,$s2);
+		    &encstep(0,$tbl,$s0,$s1,$s2,$s3);
+		    &encstep(1,$tbl,$s1,$s2,$s3,$s0);
+		    &encstep(2,$tbl,$s2,$s3,$s0,$s1);
+		    &encstep(3,$tbl,$s3,$s0,$s1,$s2);
 		}
-		&add	($key,16);			# advance rd_key
+		&add	($key,16);		# advance rd_key
 		&xor	($s0,&DWP(0,$key));
 		&xor	($s1,&DWP(4,$key));
 		&xor	($s2,&DWP(8,$key));
 		&xor	($s3,&DWP(12,$key));
-	    &cmp	($key,&DWP(8,"esp"));
-	    &mov	(&DWP(12,"esp"),$key);
+	    &cmp	($key,$__end);
+	    &mov	($__key,$key);
 	    &jb		(&label("loop"));
 	}
 	else {
@@ -280,15 +882,15 @@ sub enclast()
 	    &cmp	($acc,12);
 	    &jle	(&label("12rounds"));
 
-	&set_label("14rounds");
+	&set_label("14rounds",4);
 	    for ($i=1;$i<3;$i++) {
 		if ($vertical_spin) {
-		    &encvert("ebp",$s0,$s1,$s2,$s3);
+		    &encvert($tbl,$s0,$s1,$s2,$s3);
 		} else {
-		    &encstep(0,"ebp",$s0,$s1,$s2,$s3);
-		    &encstep(1,"ebp",$s1,$s2,$s3,$s0);
-		    &encstep(2,"ebp",$s2,$s3,$s0,$s1);
-		    &encstep(3,"ebp",$s3,$s0,$s1,$s2);
+		    &encstep(0,$tbl,$s0,$s1,$s2,$s3);
+		    &encstep(1,$tbl,$s1,$s2,$s3,$s0);
+		    &encstep(2,$tbl,$s2,$s3,$s0,$s1);
+		    &encstep(3,$tbl,$s3,$s0,$s1,$s2);
 		}
 		&xor	($s0,&DWP(16*$i+0,$key));
 		&xor	($s1,&DWP(16*$i+4,$key));
@@ -296,16 +898,16 @@ sub enclast()
 		&xor	($s3,&DWP(16*$i+12,$key));
 	    }
 	    &add	($key,32);
-	    &mov	(&DWP(12,"esp"),$key);		# advance rd_key
-	&set_label("12rounds");
+	    &mov	($__key,$key);		# advance rd_key
+	&set_label("12rounds",4);
 	    for ($i=1;$i<3;$i++) {
 		if ($vertical_spin) {
-		    &encvert("ebp",$s0,$s1,$s2,$s3);
+		    &encvert($tbl,$s0,$s1,$s2,$s3);
 		} else {
-		    &encstep(0,"ebp",$s0,$s1,$s2,$s3);
-		    &encstep(1,"ebp",$s1,$s2,$s3,$s0);
-		    &encstep(2,"ebp",$s2,$s3,$s0,$s1);
-		    &encstep(3,"ebp",$s3,$s0,$s1,$s2);
+		    &encstep(0,$tbl,$s0,$s1,$s2,$s3);
+		    &encstep(1,$tbl,$s1,$s2,$s3,$s0);
+		    &encstep(2,$tbl,$s2,$s3,$s0,$s1);
+		    &encstep(3,$tbl,$s3,$s0,$s1,$s2);
 		}
 		&xor	($s0,&DWP(16*$i+0,$key));
 		&xor	($s1,&DWP(16*$i+4,$key));
@@ -313,16 +915,16 @@ sub enclast()
 		&xor	($s3,&DWP(16*$i+12,$key));
 	    }
 	    &add	($key,32);
-	    &mov	(&DWP(12,"esp"),$key);		# advance rd_key
-	&set_label("10rounds");
+	    &mov	($__key,$key);		# advance rd_key
+	&set_label("10rounds",4);
 	    for ($i=1;$i<10;$i++) {
 		if ($vertical_spin) {
-		    &encvert("ebp",$s0,$s1,$s2,$s3);
+		    &encvert($tbl,$s0,$s1,$s2,$s3);
 		} else {
-		    &encstep(0,"ebp",$s0,$s1,$s2,$s3);
-		    &encstep(1,"ebp",$s1,$s2,$s3,$s0);
-		    &encstep(2,"ebp",$s2,$s3,$s0,$s1);
-		    &encstep(3,"ebp",$s3,$s0,$s1,$s2);
+		    &encstep(0,$tbl,$s0,$s1,$s2,$s3);
+		    &encstep(1,$tbl,$s1,$s2,$s3,$s0);
+		    &encstep(2,$tbl,$s2,$s3,$s0,$s1);
+		    &encstep(3,$tbl,$s3,$s0,$s1,$s2);
 		}
 		&xor	($s0,&DWP(16*$i+0,$key));
 		&xor	($s1,&DWP(16*$i+4,$key));
@@ -336,12 +938,11 @@ sub enclast()
 	    &mov	($s1="ebx",$key="edi");
 	    &mov	($s2="ecx",$acc="esi");
 	}
-	&enclast(0,"ebp",$s0,$s1,$s2,$s3);
-	&enclast(1,"ebp",$s1,$s2,$s3,$s0);
-	&enclast(2,"ebp",$s2,$s3,$s0,$s1);
-	&enclast(3,"ebp",$s3,$s0,$s1,$s2);
+	&enclast(0,$tbl,$s0,$s1,$s2,$s3);
+	&enclast(1,$tbl,$s1,$s2,$s3,$s0);
+	&enclast(2,$tbl,$s2,$s3,$s0,$s1);
+	&enclast(3,$tbl,$s3,$s0,$s1,$s2);
 
-	&mov	("esp",&DWP(16,"esp"));		# restore %esp
 	&add	($key,$small_footprint?16:160);
 	&xor	($s0,&DWP(0,$key));
 	&xor	($s1,&DWP(4,$key));
@@ -351,354 +952,262 @@ sub enclast()
 	&ret	();
 
 &set_label("AES_Te",64);	# Yes! I keep it in the code segment!
-	&data_word(0xa56363c6, 0x847c7cf8, 0x997777ee, 0x8d7b7bf6);
-	&data_word(0x0df2f2ff, 0xbd6b6bd6, 0xb16f6fde, 0x54c5c591);
-	&data_word(0x50303060, 0x03010102, 0xa96767ce, 0x7d2b2b56);
-	&data_word(0x19fefee7, 0x62d7d7b5, 0xe6abab4d, 0x9a7676ec);
-	&data_word(0x45caca8f, 0x9d82821f, 0x40c9c989, 0x877d7dfa);
-	&data_word(0x15fafaef, 0xeb5959b2, 0xc947478e, 0x0bf0f0fb);
-	&data_word(0xecadad41, 0x67d4d4b3, 0xfda2a25f, 0xeaafaf45);
-	&data_word(0xbf9c9c23, 0xf7a4a453, 0x967272e4, 0x5bc0c09b);
-	&data_word(0xc2b7b775, 0x1cfdfde1, 0xae93933d, 0x6a26264c);
-	&data_word(0x5a36366c, 0x413f3f7e, 0x02f7f7f5, 0x4fcccc83);
-	&data_word(0x5c343468, 0xf4a5a551, 0x34e5e5d1, 0x08f1f1f9);
-	&data_word(0x937171e2, 0x73d8d8ab, 0x53313162, 0x3f15152a);
-	&data_word(0x0c040408, 0x52c7c795, 0x65232346, 0x5ec3c39d);
-	&data_word(0x28181830, 0xa1969637, 0x0f05050a, 0xb59a9a2f);
-	&data_word(0x0907070e, 0x36121224, 0x9b80801b, 0x3de2e2df);
-	&data_word(0x26ebebcd, 0x6927274e, 0xcdb2b27f, 0x9f7575ea);
-	&data_word(0x1b090912, 0x9e83831d, 0x742c2c58, 0x2e1a1a34);
-	&data_word(0x2d1b1b36, 0xb26e6edc, 0xee5a5ab4, 0xfba0a05b);
-	&data_word(0xf65252a4, 0x4d3b3b76, 0x61d6d6b7, 0xceb3b37d);
-	&data_word(0x7b292952, 0x3ee3e3dd, 0x712f2f5e, 0x97848413);
-	&data_word(0xf55353a6, 0x68d1d1b9, 0x00000000, 0x2cededc1);
-	&data_word(0x60202040, 0x1ffcfce3, 0xc8b1b179, 0xed5b5bb6);
-	&data_word(0xbe6a6ad4, 0x46cbcb8d, 0xd9bebe67, 0x4b393972);
-	&data_word(0xde4a4a94, 0xd44c4c98, 0xe85858b0, 0x4acfcf85);
-	&data_word(0x6bd0d0bb, 0x2aefefc5, 0xe5aaaa4f, 0x16fbfbed);
-	&data_word(0xc5434386, 0xd74d4d9a, 0x55333366, 0x94858511);
-	&data_word(0xcf45458a, 0x10f9f9e9, 0x06020204, 0x817f7ffe);
-	&data_word(0xf05050a0, 0x443c3c78, 0xba9f9f25, 0xe3a8a84b);
-	&data_word(0xf35151a2, 0xfea3a35d, 0xc0404080, 0x8a8f8f05);
-	&data_word(0xad92923f, 0xbc9d9d21, 0x48383870, 0x04f5f5f1);
-	&data_word(0xdfbcbc63, 0xc1b6b677, 0x75dadaaf, 0x63212142);
-	&data_word(0x30101020, 0x1affffe5, 0x0ef3f3fd, 0x6dd2d2bf);
-	&data_word(0x4ccdcd81, 0x140c0c18, 0x35131326, 0x2fececc3);
-	&data_word(0xe15f5fbe, 0xa2979735, 0xcc444488, 0x3917172e);
-	&data_word(0x57c4c493, 0xf2a7a755, 0x827e7efc, 0x473d3d7a);
-	&data_word(0xac6464c8, 0xe75d5dba, 0x2b191932, 0x957373e6);
-	&data_word(0xa06060c0, 0x98818119, 0xd14f4f9e, 0x7fdcdca3);
-	&data_word(0x66222244, 0x7e2a2a54, 0xab90903b, 0x8388880b);
-	&data_word(0xca46468c, 0x29eeeec7, 0xd3b8b86b, 0x3c141428);
-	&data_word(0x79dedea7, 0xe25e5ebc, 0x1d0b0b16, 0x76dbdbad);
-	&data_word(0x3be0e0db, 0x56323264, 0x4e3a3a74, 0x1e0a0a14);
-	&data_word(0xdb494992, 0x0a06060c, 0x6c242448, 0xe45c5cb8);
-	&data_word(0x5dc2c29f, 0x6ed3d3bd, 0xefacac43, 0xa66262c4);
-	&data_word(0xa8919139, 0xa4959531, 0x37e4e4d3, 0x8b7979f2);
-	&data_word(0x32e7e7d5, 0x43c8c88b, 0x5937376e, 0xb76d6dda);
-	&data_word(0x8c8d8d01, 0x64d5d5b1, 0xd24e4e9c, 0xe0a9a949);
-	&data_word(0xb46c6cd8, 0xfa5656ac, 0x07f4f4f3, 0x25eaeacf);
-	&data_word(0xaf6565ca, 0x8e7a7af4, 0xe9aeae47, 0x18080810);
-	&data_word(0xd5baba6f, 0x887878f0, 0x6f25254a, 0x722e2e5c);
-	&data_word(0x241c1c38, 0xf1a6a657, 0xc7b4b473, 0x51c6c697);
-	&data_word(0x23e8e8cb, 0x7cdddda1, 0x9c7474e8, 0x211f1f3e);
-	&data_word(0xdd4b4b96, 0xdcbdbd61, 0x868b8b0d, 0x858a8a0f);
-	&data_word(0x907070e0, 0x423e3e7c, 0xc4b5b571, 0xaa6666cc);
-	&data_word(0xd8484890, 0x05030306, 0x01f6f6f7, 0x120e0e1c);
-	&data_word(0xa36161c2, 0x5f35356a, 0xf95757ae, 0xd0b9b969);
-	&data_word(0x91868617, 0x58c1c199, 0x271d1d3a, 0xb99e9e27);
-	&data_word(0x38e1e1d9, 0x13f8f8eb, 0xb398982b, 0x33111122);
-	&data_word(0xbb6969d2, 0x70d9d9a9, 0x898e8e07, 0xa7949433);
-	&data_word(0xb69b9b2d, 0x221e1e3c, 0x92878715, 0x20e9e9c9);
-	&data_word(0x49cece87, 0xff5555aa, 0x78282850, 0x7adfdfa5);
-	&data_word(0x8f8c8c03, 0xf8a1a159, 0x80898909, 0x170d0d1a);
-	&data_word(0xdabfbf65, 0x31e6e6d7, 0xc6424284, 0xb86868d0);
-	&data_word(0xc3414182, 0xb0999929, 0x772d2d5a, 0x110f0f1e);
-	&data_word(0xcbb0b07b, 0xfc5454a8, 0xd6bbbb6d, 0x3a16162c);
-#Te1:
-	&data_word(0x6363c6a5, 0x7c7cf884, 0x7777ee99, 0x7b7bf68d);
-	&data_word(0xf2f2ff0d, 0x6b6bd6bd, 0x6f6fdeb1, 0xc5c59154);
-	&data_word(0x30306050, 0x01010203, 0x6767cea9, 0x2b2b567d);
-	&data_word(0xfefee719, 0xd7d7b562, 0xabab4de6, 0x7676ec9a);
-	&data_word(0xcaca8f45, 0x82821f9d, 0xc9c98940, 0x7d7dfa87);
-	&data_word(0xfafaef15, 0x5959b2eb, 0x47478ec9, 0xf0f0fb0b);
-	&data_word(0xadad41ec, 0xd4d4b367, 0xa2a25ffd, 0xafaf45ea);
-	&data_word(0x9c9c23bf, 0xa4a453f7, 0x7272e496, 0xc0c09b5b);
-	&data_word(0xb7b775c2, 0xfdfde11c, 0x93933dae, 0x26264c6a);
-	&data_word(0x36366c5a, 0x3f3f7e41, 0xf7f7f502, 0xcccc834f);
-	&data_word(0x3434685c, 0xa5a551f4, 0xe5e5d134, 0xf1f1f908);
-	&data_word(0x7171e293, 0xd8d8ab73, 0x31316253, 0x15152a3f);
-	&data_word(0x0404080c, 0xc7c79552, 0x23234665, 0xc3c39d5e);
-	&data_word(0x18183028, 0x969637a1, 0x05050a0f, 0x9a9a2fb5);
-	&data_word(0x07070e09, 0x12122436, 0x80801b9b, 0xe2e2df3d);
-	&data_word(0xebebcd26, 0x27274e69, 0xb2b27fcd, 0x7575ea9f);
-	&data_word(0x0909121b, 0x83831d9e, 0x2c2c5874, 0x1a1a342e);
-	&data_word(0x1b1b362d, 0x6e6edcb2, 0x5a5ab4ee, 0xa0a05bfb);
-	&data_word(0x5252a4f6, 0x3b3b764d, 0xd6d6b761, 0xb3b37dce);
-	&data_word(0x2929527b, 0xe3e3dd3e, 0x2f2f5e71, 0x84841397);
-	&data_word(0x5353a6f5, 0xd1d1b968, 0x00000000, 0xededc12c);
-	&data_word(0x20204060, 0xfcfce31f, 0xb1b179c8, 0x5b5bb6ed);
-	&data_word(0x6a6ad4be, 0xcbcb8d46, 0xbebe67d9, 0x3939724b);
-	&data_word(0x4a4a94de, 0x4c4c98d4, 0x5858b0e8, 0xcfcf854a);
-	&data_word(0xd0d0bb6b, 0xefefc52a, 0xaaaa4fe5, 0xfbfbed16);
-	&data_word(0x434386c5, 0x4d4d9ad7, 0x33336655, 0x85851194);
-	&data_word(0x45458acf, 0xf9f9e910, 0x02020406, 0x7f7ffe81);
-	&data_word(0x5050a0f0, 0x3c3c7844, 0x9f9f25ba, 0xa8a84be3);
-	&data_word(0x5151a2f3, 0xa3a35dfe, 0x404080c0, 0x8f8f058a);
-	&data_word(0x92923fad, 0x9d9d21bc, 0x38387048, 0xf5f5f104);
-	&data_word(0xbcbc63df, 0xb6b677c1, 0xdadaaf75, 0x21214263);
-	&data_word(0x10102030, 0xffffe51a, 0xf3f3fd0e, 0xd2d2bf6d);
-	&data_word(0xcdcd814c, 0x0c0c1814, 0x13132635, 0xececc32f);
-	&data_word(0x5f5fbee1, 0x979735a2, 0x444488cc, 0x17172e39);
-	&data_word(0xc4c49357, 0xa7a755f2, 0x7e7efc82, 0x3d3d7a47);
-	&data_word(0x6464c8ac, 0x5d5dbae7, 0x1919322b, 0x7373e695);
-	&data_word(0x6060c0a0, 0x81811998, 0x4f4f9ed1, 0xdcdca37f);
-	&data_word(0x22224466, 0x2a2a547e, 0x90903bab, 0x88880b83);
-	&data_word(0x46468cca, 0xeeeec729, 0xb8b86bd3, 0x1414283c);
-	&data_word(0xdedea779, 0x5e5ebce2, 0x0b0b161d, 0xdbdbad76);
-	&data_word(0xe0e0db3b, 0x32326456, 0x3a3a744e, 0x0a0a141e);
-	&data_word(0x494992db, 0x06060c0a, 0x2424486c, 0x5c5cb8e4);
-	&data_word(0xc2c29f5d, 0xd3d3bd6e, 0xacac43ef, 0x6262c4a6);
-	&data_word(0x919139a8, 0x959531a4, 0xe4e4d337, 0x7979f28b);
-	&data_word(0xe7e7d532, 0xc8c88b43, 0x37376e59, 0x6d6ddab7);
-	&data_word(0x8d8d018c, 0xd5d5b164, 0x4e4e9cd2, 0xa9a949e0);
-	&data_word(0x6c6cd8b4, 0x5656acfa, 0xf4f4f307, 0xeaeacf25);
-	&data_word(0x6565caaf, 0x7a7af48e, 0xaeae47e9, 0x08081018);
-	&data_word(0xbaba6fd5, 0x7878f088, 0x25254a6f, 0x2e2e5c72);
-	&data_word(0x1c1c3824, 0xa6a657f1, 0xb4b473c7, 0xc6c69751);
-	&data_word(0xe8e8cb23, 0xdddda17c, 0x7474e89c, 0x1f1f3e21);
-	&data_word(0x4b4b96dd, 0xbdbd61dc, 0x8b8b0d86, 0x8a8a0f85);
-	&data_word(0x7070e090, 0x3e3e7c42, 0xb5b571c4, 0x6666ccaa);
-	&data_word(0x484890d8, 0x03030605, 0xf6f6f701, 0x0e0e1c12);
-	&data_word(0x6161c2a3, 0x35356a5f, 0x5757aef9, 0xb9b969d0);
-	&data_word(0x86861791, 0xc1c19958, 0x1d1d3a27, 0x9e9e27b9);
-	&data_word(0xe1e1d938, 0xf8f8eb13, 0x98982bb3, 0x11112233);
-	&data_word(0x6969d2bb, 0xd9d9a970, 0x8e8e0789, 0x949433a7);
-	&data_word(0x9b9b2db6, 0x1e1e3c22, 0x87871592, 0xe9e9c920);
-	&data_word(0xcece8749, 0x5555aaff, 0x28285078, 0xdfdfa57a);
-	&data_word(0x8c8c038f, 0xa1a159f8, 0x89890980, 0x0d0d1a17);
-	&data_word(0xbfbf65da, 0xe6e6d731, 0x424284c6, 0x6868d0b8);
-	&data_word(0x414182c3, 0x999929b0, 0x2d2d5a77, 0x0f0f1e11);
-	&data_word(0xb0b07bcb, 0x5454a8fc, 0xbbbb6dd6, 0x16162c3a);
-#Te2:
-	&data_word(0x63c6a563, 0x7cf8847c, 0x77ee9977, 0x7bf68d7b);
-	&data_word(0xf2ff0df2, 0x6bd6bd6b, 0x6fdeb16f, 0xc59154c5);
-	&data_word(0x30605030, 0x01020301, 0x67cea967, 0x2b567d2b);
-	&data_word(0xfee719fe, 0xd7b562d7, 0xab4de6ab, 0x76ec9a76);
-	&data_word(0xca8f45ca, 0x821f9d82, 0xc98940c9, 0x7dfa877d);
-	&data_word(0xfaef15fa, 0x59b2eb59, 0x478ec947, 0xf0fb0bf0);
-	&data_word(0xad41ecad, 0xd4b367d4, 0xa25ffda2, 0xaf45eaaf);
-	&data_word(0x9c23bf9c, 0xa453f7a4, 0x72e49672, 0xc09b5bc0);
-	&data_word(0xb775c2b7, 0xfde11cfd, 0x933dae93, 0x264c6a26);
-	&data_word(0x366c5a36, 0x3f7e413f, 0xf7f502f7, 0xcc834fcc);
-	&data_word(0x34685c34, 0xa551f4a5, 0xe5d134e5, 0xf1f908f1);
-	&data_word(0x71e29371, 0xd8ab73d8, 0x31625331, 0x152a3f15);
-	&data_word(0x04080c04, 0xc79552c7, 0x23466523, 0xc39d5ec3);
-	&data_word(0x18302818, 0x9637a196, 0x050a0f05, 0x9a2fb59a);
-	&data_word(0x070e0907, 0x12243612, 0x801b9b80, 0xe2df3de2);
-	&data_word(0xebcd26eb, 0x274e6927, 0xb27fcdb2, 0x75ea9f75);
-	&data_word(0x09121b09, 0x831d9e83, 0x2c58742c, 0x1a342e1a);
-	&data_word(0x1b362d1b, 0x6edcb26e, 0x5ab4ee5a, 0xa05bfba0);
-	&data_word(0x52a4f652, 0x3b764d3b, 0xd6b761d6, 0xb37dceb3);
-	&data_word(0x29527b29, 0xe3dd3ee3, 0x2f5e712f, 0x84139784);
-	&data_word(0x53a6f553, 0xd1b968d1, 0x00000000, 0xedc12ced);
-	&data_word(0x20406020, 0xfce31ffc, 0xb179c8b1, 0x5bb6ed5b);
-	&data_word(0x6ad4be6a, 0xcb8d46cb, 0xbe67d9be, 0x39724b39);
-	&data_word(0x4a94de4a, 0x4c98d44c, 0x58b0e858, 0xcf854acf);
-	&data_word(0xd0bb6bd0, 0xefc52aef, 0xaa4fe5aa, 0xfbed16fb);
-	&data_word(0x4386c543, 0x4d9ad74d, 0x33665533, 0x85119485);
-	&data_word(0x458acf45, 0xf9e910f9, 0x02040602, 0x7ffe817f);
-	&data_word(0x50a0f050, 0x3c78443c, 0x9f25ba9f, 0xa84be3a8);
-	&data_word(0x51a2f351, 0xa35dfea3, 0x4080c040, 0x8f058a8f);
-	&data_word(0x923fad92, 0x9d21bc9d, 0x38704838, 0xf5f104f5);
-	&data_word(0xbc63dfbc, 0xb677c1b6, 0xdaaf75da, 0x21426321);
-	&data_word(0x10203010, 0xffe51aff, 0xf3fd0ef3, 0xd2bf6dd2);
-	&data_word(0xcd814ccd, 0x0c18140c, 0x13263513, 0xecc32fec);
-	&data_word(0x5fbee15f, 0x9735a297, 0x4488cc44, 0x172e3917);
-	&data_word(0xc49357c4, 0xa755f2a7, 0x7efc827e, 0x3d7a473d);
-	&data_word(0x64c8ac64, 0x5dbae75d, 0x19322b19, 0x73e69573);
-	&data_word(0x60c0a060, 0x81199881, 0x4f9ed14f, 0xdca37fdc);
-	&data_word(0x22446622, 0x2a547e2a, 0x903bab90, 0x880b8388);
-	&data_word(0x468cca46, 0xeec729ee, 0xb86bd3b8, 0x14283c14);
-	&data_word(0xdea779de, 0x5ebce25e, 0x0b161d0b, 0xdbad76db);
-	&data_word(0xe0db3be0, 0x32645632, 0x3a744e3a, 0x0a141e0a);
-	&data_word(0x4992db49, 0x060c0a06, 0x24486c24, 0x5cb8e45c);
-	&data_word(0xc29f5dc2, 0xd3bd6ed3, 0xac43efac, 0x62c4a662);
-	&data_word(0x9139a891, 0x9531a495, 0xe4d337e4, 0x79f28b79);
-	&data_word(0xe7d532e7, 0xc88b43c8, 0x376e5937, 0x6ddab76d);
-	&data_word(0x8d018c8d, 0xd5b164d5, 0x4e9cd24e, 0xa949e0a9);
-	&data_word(0x6cd8b46c, 0x56acfa56, 0xf4f307f4, 0xeacf25ea);
-	&data_word(0x65caaf65, 0x7af48e7a, 0xae47e9ae, 0x08101808);
-	&data_word(0xba6fd5ba, 0x78f08878, 0x254a6f25, 0x2e5c722e);
-	&data_word(0x1c38241c, 0xa657f1a6, 0xb473c7b4, 0xc69751c6);
-	&data_word(0xe8cb23e8, 0xdda17cdd, 0x74e89c74, 0x1f3e211f);
-	&data_word(0x4b96dd4b, 0xbd61dcbd, 0x8b0d868b, 0x8a0f858a);
-	&data_word(0x70e09070, 0x3e7c423e, 0xb571c4b5, 0x66ccaa66);
-	&data_word(0x4890d848, 0x03060503, 0xf6f701f6, 0x0e1c120e);
-	&data_word(0x61c2a361, 0x356a5f35, 0x57aef957, 0xb969d0b9);
-	&data_word(0x86179186, 0xc19958c1, 0x1d3a271d, 0x9e27b99e);
-	&data_word(0xe1d938e1, 0xf8eb13f8, 0x982bb398, 0x11223311);
-	&data_word(0x69d2bb69, 0xd9a970d9, 0x8e07898e, 0x9433a794);
-	&data_word(0x9b2db69b, 0x1e3c221e, 0x87159287, 0xe9c920e9);
-	&data_word(0xce8749ce, 0x55aaff55, 0x28507828, 0xdfa57adf);
-	&data_word(0x8c038f8c, 0xa159f8a1, 0x89098089, 0x0d1a170d);
-	&data_word(0xbf65dabf, 0xe6d731e6, 0x4284c642, 0x68d0b868);
-	&data_word(0x4182c341, 0x9929b099, 0x2d5a772d, 0x0f1e110f);
-	&data_word(0xb07bcbb0, 0x54a8fc54, 0xbb6dd6bb, 0x162c3a16);
-#Te3:
-	&data_word(0xc6a56363, 0xf8847c7c, 0xee997777, 0xf68d7b7b);
-	&data_word(0xff0df2f2, 0xd6bd6b6b, 0xdeb16f6f, 0x9154c5c5);
-	&data_word(0x60503030, 0x02030101, 0xcea96767, 0x567d2b2b);
-	&data_word(0xe719fefe, 0xb562d7d7, 0x4de6abab, 0xec9a7676);
-	&data_word(0x8f45caca, 0x1f9d8282, 0x8940c9c9, 0xfa877d7d);
-	&data_word(0xef15fafa, 0xb2eb5959, 0x8ec94747, 0xfb0bf0f0);
-	&data_word(0x41ecadad, 0xb367d4d4, 0x5ffda2a2, 0x45eaafaf);
-	&data_word(0x23bf9c9c, 0x53f7a4a4, 0xe4967272, 0x9b5bc0c0);
-	&data_word(0x75c2b7b7, 0xe11cfdfd, 0x3dae9393, 0x4c6a2626);
-	&data_word(0x6c5a3636, 0x7e413f3f, 0xf502f7f7, 0x834fcccc);
-	&data_word(0x685c3434, 0x51f4a5a5, 0xd134e5e5, 0xf908f1f1);
-	&data_word(0xe2937171, 0xab73d8d8, 0x62533131, 0x2a3f1515);
-	&data_word(0x080c0404, 0x9552c7c7, 0x46652323, 0x9d5ec3c3);
-	&data_word(0x30281818, 0x37a19696, 0x0a0f0505, 0x2fb59a9a);
-	&data_word(0x0e090707, 0x24361212, 0x1b9b8080, 0xdf3de2e2);
-	&data_word(0xcd26ebeb, 0x4e692727, 0x7fcdb2b2, 0xea9f7575);
-	&data_word(0x121b0909, 0x1d9e8383, 0x58742c2c, 0x342e1a1a);
-	&data_word(0x362d1b1b, 0xdcb26e6e, 0xb4ee5a5a, 0x5bfba0a0);
-	&data_word(0xa4f65252, 0x764d3b3b, 0xb761d6d6, 0x7dceb3b3);
-	&data_word(0x527b2929, 0xdd3ee3e3, 0x5e712f2f, 0x13978484);
-	&data_word(0xa6f55353, 0xb968d1d1, 0x00000000, 0xc12ceded);
-	&data_word(0x40602020, 0xe31ffcfc, 0x79c8b1b1, 0xb6ed5b5b);
-	&data_word(0xd4be6a6a, 0x8d46cbcb, 0x67d9bebe, 0x724b3939);
-	&data_word(0x94de4a4a, 0x98d44c4c, 0xb0e85858, 0x854acfcf);
-	&data_word(0xbb6bd0d0, 0xc52aefef, 0x4fe5aaaa, 0xed16fbfb);
-	&data_word(0x86c54343, 0x9ad74d4d, 0x66553333, 0x11948585);
-	&data_word(0x8acf4545, 0xe910f9f9, 0x04060202, 0xfe817f7f);
-	&data_word(0xa0f05050, 0x78443c3c, 0x25ba9f9f, 0x4be3a8a8);
-	&data_word(0xa2f35151, 0x5dfea3a3, 0x80c04040, 0x058a8f8f);
-	&data_word(0x3fad9292, 0x21bc9d9d, 0x70483838, 0xf104f5f5);
-	&data_word(0x63dfbcbc, 0x77c1b6b6, 0xaf75dada, 0x42632121);
-	&data_word(0x20301010, 0xe51affff, 0xfd0ef3f3, 0xbf6dd2d2);
-	&data_word(0x814ccdcd, 0x18140c0c, 0x26351313, 0xc32fecec);
-	&data_word(0xbee15f5f, 0x35a29797, 0x88cc4444, 0x2e391717);
-	&data_word(0x9357c4c4, 0x55f2a7a7, 0xfc827e7e, 0x7a473d3d);
-	&data_word(0xc8ac6464, 0xbae75d5d, 0x322b1919, 0xe6957373);
-	&data_word(0xc0a06060, 0x19988181, 0x9ed14f4f, 0xa37fdcdc);
-	&data_word(0x44662222, 0x547e2a2a, 0x3bab9090, 0x0b838888);
-	&data_word(0x8cca4646, 0xc729eeee, 0x6bd3b8b8, 0x283c1414);
-	&data_word(0xa779dede, 0xbce25e5e, 0x161d0b0b, 0xad76dbdb);
-	&data_word(0xdb3be0e0, 0x64563232, 0x744e3a3a, 0x141e0a0a);
-	&data_word(0x92db4949, 0x0c0a0606, 0x486c2424, 0xb8e45c5c);
-	&data_word(0x9f5dc2c2, 0xbd6ed3d3, 0x43efacac, 0xc4a66262);
-	&data_word(0x39a89191, 0x31a49595, 0xd337e4e4, 0xf28b7979);
-	&data_word(0xd532e7e7, 0x8b43c8c8, 0x6e593737, 0xdab76d6d);
-	&data_word(0x018c8d8d, 0xb164d5d5, 0x9cd24e4e, 0x49e0a9a9);
-	&data_word(0xd8b46c6c, 0xacfa5656, 0xf307f4f4, 0xcf25eaea);
-	&data_word(0xcaaf6565, 0xf48e7a7a, 0x47e9aeae, 0x10180808);
-	&data_word(0x6fd5baba, 0xf0887878, 0x4a6f2525, 0x5c722e2e);
-	&data_word(0x38241c1c, 0x57f1a6a6, 0x73c7b4b4, 0x9751c6c6);
-	&data_word(0xcb23e8e8, 0xa17cdddd, 0xe89c7474, 0x3e211f1f);
-	&data_word(0x96dd4b4b, 0x61dcbdbd, 0x0d868b8b, 0x0f858a8a);
-	&data_word(0xe0907070, 0x7c423e3e, 0x71c4b5b5, 0xccaa6666);
-	&data_word(0x90d84848, 0x06050303, 0xf701f6f6, 0x1c120e0e);
-	&data_word(0xc2a36161, 0x6a5f3535, 0xaef95757, 0x69d0b9b9);
-	&data_word(0x17918686, 0x9958c1c1, 0x3a271d1d, 0x27b99e9e);
-	&data_word(0xd938e1e1, 0xeb13f8f8, 0x2bb39898, 0x22331111);
-	&data_word(0xd2bb6969, 0xa970d9d9, 0x07898e8e, 0x33a79494);
-	&data_word(0x2db69b9b, 0x3c221e1e, 0x15928787, 0xc920e9e9);
-	&data_word(0x8749cece, 0xaaff5555, 0x50782828, 0xa57adfdf);
-	&data_word(0x038f8c8c, 0x59f8a1a1, 0x09808989, 0x1a170d0d);
-	&data_word(0x65dabfbf, 0xd731e6e6, 0x84c64242, 0xd0b86868);
-	&data_word(0x82c34141, 0x29b09999, 0x5a772d2d, 0x1e110f0f);
-	&data_word(0x7bcbb0b0, 0xa8fc5454, 0x6dd6bbbb, 0x2c3a1616);
-#Te4:
-	&data_word(0x63636363, 0x7c7c7c7c, 0x77777777, 0x7b7b7b7b);
-	&data_word(0xf2f2f2f2, 0x6b6b6b6b, 0x6f6f6f6f, 0xc5c5c5c5);
-	&data_word(0x30303030, 0x01010101, 0x67676767, 0x2b2b2b2b);
-	&data_word(0xfefefefe, 0xd7d7d7d7, 0xabababab, 0x76767676);
-	&data_word(0xcacacaca, 0x82828282, 0xc9c9c9c9, 0x7d7d7d7d);
-	&data_word(0xfafafafa, 0x59595959, 0x47474747, 0xf0f0f0f0);
-	&data_word(0xadadadad, 0xd4d4d4d4, 0xa2a2a2a2, 0xafafafaf);
-	&data_word(0x9c9c9c9c, 0xa4a4a4a4, 0x72727272, 0xc0c0c0c0);
-	&data_word(0xb7b7b7b7, 0xfdfdfdfd, 0x93939393, 0x26262626);
-	&data_word(0x36363636, 0x3f3f3f3f, 0xf7f7f7f7, 0xcccccccc);
-	&data_word(0x34343434, 0xa5a5a5a5, 0xe5e5e5e5, 0xf1f1f1f1);
-	&data_word(0x71717171, 0xd8d8d8d8, 0x31313131, 0x15151515);
-	&data_word(0x04040404, 0xc7c7c7c7, 0x23232323, 0xc3c3c3c3);
-	&data_word(0x18181818, 0x96969696, 0x05050505, 0x9a9a9a9a);
-	&data_word(0x07070707, 0x12121212, 0x80808080, 0xe2e2e2e2);
-	&data_word(0xebebebeb, 0x27272727, 0xb2b2b2b2, 0x75757575);
-	&data_word(0x09090909, 0x83838383, 0x2c2c2c2c, 0x1a1a1a1a);
-	&data_word(0x1b1b1b1b, 0x6e6e6e6e, 0x5a5a5a5a, 0xa0a0a0a0);
-	&data_word(0x52525252, 0x3b3b3b3b, 0xd6d6d6d6, 0xb3b3b3b3);
-	&data_word(0x29292929, 0xe3e3e3e3, 0x2f2f2f2f, 0x84848484);
-	&data_word(0x53535353, 0xd1d1d1d1, 0x00000000, 0xedededed);
-	&data_word(0x20202020, 0xfcfcfcfc, 0xb1b1b1b1, 0x5b5b5b5b);
-	&data_word(0x6a6a6a6a, 0xcbcbcbcb, 0xbebebebe, 0x39393939);
-	&data_word(0x4a4a4a4a, 0x4c4c4c4c, 0x58585858, 0xcfcfcfcf);
-	&data_word(0xd0d0d0d0, 0xefefefef, 0xaaaaaaaa, 0xfbfbfbfb);
-	&data_word(0x43434343, 0x4d4d4d4d, 0x33333333, 0x85858585);
-	&data_word(0x45454545, 0xf9f9f9f9, 0x02020202, 0x7f7f7f7f);
-	&data_word(0x50505050, 0x3c3c3c3c, 0x9f9f9f9f, 0xa8a8a8a8);
-	&data_word(0x51515151, 0xa3a3a3a3, 0x40404040, 0x8f8f8f8f);
-	&data_word(0x92929292, 0x9d9d9d9d, 0x38383838, 0xf5f5f5f5);
-	&data_word(0xbcbcbcbc, 0xb6b6b6b6, 0xdadadada, 0x21212121);
-	&data_word(0x10101010, 0xffffffff, 0xf3f3f3f3, 0xd2d2d2d2);
-	&data_word(0xcdcdcdcd, 0x0c0c0c0c, 0x13131313, 0xecececec);
-	&data_word(0x5f5f5f5f, 0x97979797, 0x44444444, 0x17171717);
-	&data_word(0xc4c4c4c4, 0xa7a7a7a7, 0x7e7e7e7e, 0x3d3d3d3d);
-	&data_word(0x64646464, 0x5d5d5d5d, 0x19191919, 0x73737373);
-	&data_word(0x60606060, 0x81818181, 0x4f4f4f4f, 0xdcdcdcdc);
-	&data_word(0x22222222, 0x2a2a2a2a, 0x90909090, 0x88888888);
-	&data_word(0x46464646, 0xeeeeeeee, 0xb8b8b8b8, 0x14141414);
-	&data_word(0xdededede, 0x5e5e5e5e, 0x0b0b0b0b, 0xdbdbdbdb);
-	&data_word(0xe0e0e0e0, 0x32323232, 0x3a3a3a3a, 0x0a0a0a0a);
-	&data_word(0x49494949, 0x06060606, 0x24242424, 0x5c5c5c5c);
-	&data_word(0xc2c2c2c2, 0xd3d3d3d3, 0xacacacac, 0x62626262);
-	&data_word(0x91919191, 0x95959595, 0xe4e4e4e4, 0x79797979);
-	&data_word(0xe7e7e7e7, 0xc8c8c8c8, 0x37373737, 0x6d6d6d6d);
-	&data_word(0x8d8d8d8d, 0xd5d5d5d5, 0x4e4e4e4e, 0xa9a9a9a9);
-	&data_word(0x6c6c6c6c, 0x56565656, 0xf4f4f4f4, 0xeaeaeaea);
-	&data_word(0x65656565, 0x7a7a7a7a, 0xaeaeaeae, 0x08080808);
-	&data_word(0xbabababa, 0x78787878, 0x25252525, 0x2e2e2e2e);
-	&data_word(0x1c1c1c1c, 0xa6a6a6a6, 0xb4b4b4b4, 0xc6c6c6c6);
-	&data_word(0xe8e8e8e8, 0xdddddddd, 0x74747474, 0x1f1f1f1f);
-	&data_word(0x4b4b4b4b, 0xbdbdbdbd, 0x8b8b8b8b, 0x8a8a8a8a);
-	&data_word(0x70707070, 0x3e3e3e3e, 0xb5b5b5b5, 0x66666666);
-	&data_word(0x48484848, 0x03030303, 0xf6f6f6f6, 0x0e0e0e0e);
-	&data_word(0x61616161, 0x35353535, 0x57575757, 0xb9b9b9b9);
-	&data_word(0x86868686, 0xc1c1c1c1, 0x1d1d1d1d, 0x9e9e9e9e);
-	&data_word(0xe1e1e1e1, 0xf8f8f8f8, 0x98989898, 0x11111111);
-	&data_word(0x69696969, 0xd9d9d9d9, 0x8e8e8e8e, 0x94949494);
-	&data_word(0x9b9b9b9b, 0x1e1e1e1e, 0x87878787, 0xe9e9e9e9);
-	&data_word(0xcececece, 0x55555555, 0x28282828, 0xdfdfdfdf);
-	&data_word(0x8c8c8c8c, 0xa1a1a1a1, 0x89898989, 0x0d0d0d0d);
-	&data_word(0xbfbfbfbf, 0xe6e6e6e6, 0x42424242, 0x68686868);
-	&data_word(0x41414141, 0x99999999, 0x2d2d2d2d, 0x0f0f0f0f);
-	&data_word(0xb0b0b0b0, 0x54545454, 0xbbbbbbbb, 0x16161616);
+	&_data_word(0xa56363c6, 0x847c7cf8, 0x997777ee, 0x8d7b7bf6);
+	&_data_word(0x0df2f2ff, 0xbd6b6bd6, 0xb16f6fde, 0x54c5c591);
+	&_data_word(0x50303060, 0x03010102, 0xa96767ce, 0x7d2b2b56);
+	&_data_word(0x19fefee7, 0x62d7d7b5, 0xe6abab4d, 0x9a7676ec);
+	&_data_word(0x45caca8f, 0x9d82821f, 0x40c9c989, 0x877d7dfa);
+	&_data_word(0x15fafaef, 0xeb5959b2, 0xc947478e, 0x0bf0f0fb);
+	&_data_word(0xecadad41, 0x67d4d4b3, 0xfda2a25f, 0xeaafaf45);
+	&_data_word(0xbf9c9c23, 0xf7a4a453, 0x967272e4, 0x5bc0c09b);
+	&_data_word(0xc2b7b775, 0x1cfdfde1, 0xae93933d, 0x6a26264c);
+	&_data_word(0x5a36366c, 0x413f3f7e, 0x02f7f7f5, 0x4fcccc83);
+	&_data_word(0x5c343468, 0xf4a5a551, 0x34e5e5d1, 0x08f1f1f9);
+	&_data_word(0x937171e2, 0x73d8d8ab, 0x53313162, 0x3f15152a);
+	&_data_word(0x0c040408, 0x52c7c795, 0x65232346, 0x5ec3c39d);
+	&_data_word(0x28181830, 0xa1969637, 0x0f05050a, 0xb59a9a2f);
+	&_data_word(0x0907070e, 0x36121224, 0x9b80801b, 0x3de2e2df);
+	&_data_word(0x26ebebcd, 0x6927274e, 0xcdb2b27f, 0x9f7575ea);
+	&_data_word(0x1b090912, 0x9e83831d, 0x742c2c58, 0x2e1a1a34);
+	&_data_word(0x2d1b1b36, 0xb26e6edc, 0xee5a5ab4, 0xfba0a05b);
+	&_data_word(0xf65252a4, 0x4d3b3b76, 0x61d6d6b7, 0xceb3b37d);
+	&_data_word(0x7b292952, 0x3ee3e3dd, 0x712f2f5e, 0x97848413);
+	&_data_word(0xf55353a6, 0x68d1d1b9, 0x00000000, 0x2cededc1);
+	&_data_word(0x60202040, 0x1ffcfce3, 0xc8b1b179, 0xed5b5bb6);
+	&_data_word(0xbe6a6ad4, 0x46cbcb8d, 0xd9bebe67, 0x4b393972);
+	&_data_word(0xde4a4a94, 0xd44c4c98, 0xe85858b0, 0x4acfcf85);
+	&_data_word(0x6bd0d0bb, 0x2aefefc5, 0xe5aaaa4f, 0x16fbfbed);
+	&_data_word(0xc5434386, 0xd74d4d9a, 0x55333366, 0x94858511);
+	&_data_word(0xcf45458a, 0x10f9f9e9, 0x06020204, 0x817f7ffe);
+	&_data_word(0xf05050a0, 0x443c3c78, 0xba9f9f25, 0xe3a8a84b);
+	&_data_word(0xf35151a2, 0xfea3a35d, 0xc0404080, 0x8a8f8f05);
+	&_data_word(0xad92923f, 0xbc9d9d21, 0x48383870, 0x04f5f5f1);
+	&_data_word(0xdfbcbc63, 0xc1b6b677, 0x75dadaaf, 0x63212142);
+	&_data_word(0x30101020, 0x1affffe5, 0x0ef3f3fd, 0x6dd2d2bf);
+	&_data_word(0x4ccdcd81, 0x140c0c18, 0x35131326, 0x2fececc3);
+	&_data_word(0xe15f5fbe, 0xa2979735, 0xcc444488, 0x3917172e);
+	&_data_word(0x57c4c493, 0xf2a7a755, 0x827e7efc, 0x473d3d7a);
+	&_data_word(0xac6464c8, 0xe75d5dba, 0x2b191932, 0x957373e6);
+	&_data_word(0xa06060c0, 0x98818119, 0xd14f4f9e, 0x7fdcdca3);
+	&_data_word(0x66222244, 0x7e2a2a54, 0xab90903b, 0x8388880b);
+	&_data_word(0xca46468c, 0x29eeeec7, 0xd3b8b86b, 0x3c141428);
+	&_data_word(0x79dedea7, 0xe25e5ebc, 0x1d0b0b16, 0x76dbdbad);
+	&_data_word(0x3be0e0db, 0x56323264, 0x4e3a3a74, 0x1e0a0a14);
+	&_data_word(0xdb494992, 0x0a06060c, 0x6c242448, 0xe45c5cb8);
+	&_data_word(0x5dc2c29f, 0x6ed3d3bd, 0xefacac43, 0xa66262c4);
+	&_data_word(0xa8919139, 0xa4959531, 0x37e4e4d3, 0x8b7979f2);
+	&_data_word(0x32e7e7d5, 0x43c8c88b, 0x5937376e, 0xb76d6dda);
+	&_data_word(0x8c8d8d01, 0x64d5d5b1, 0xd24e4e9c, 0xe0a9a949);
+	&_data_word(0xb46c6cd8, 0xfa5656ac, 0x07f4f4f3, 0x25eaeacf);
+	&_data_word(0xaf6565ca, 0x8e7a7af4, 0xe9aeae47, 0x18080810);
+	&_data_word(0xd5baba6f, 0x887878f0, 0x6f25254a, 0x722e2e5c);
+	&_data_word(0x241c1c38, 0xf1a6a657, 0xc7b4b473, 0x51c6c697);
+	&_data_word(0x23e8e8cb, 0x7cdddda1, 0x9c7474e8, 0x211f1f3e);
+	&_data_word(0xdd4b4b96, 0xdcbdbd61, 0x868b8b0d, 0x858a8a0f);
+	&_data_word(0x907070e0, 0x423e3e7c, 0xc4b5b571, 0xaa6666cc);
+	&_data_word(0xd8484890, 0x05030306, 0x01f6f6f7, 0x120e0e1c);
+	&_data_word(0xa36161c2, 0x5f35356a, 0xf95757ae, 0xd0b9b969);
+	&_data_word(0x91868617, 0x58c1c199, 0x271d1d3a, 0xb99e9e27);
+	&_data_word(0x38e1e1d9, 0x13f8f8eb, 0xb398982b, 0x33111122);
+	&_data_word(0xbb6969d2, 0x70d9d9a9, 0x898e8e07, 0xa7949433);
+	&_data_word(0xb69b9b2d, 0x221e1e3c, 0x92878715, 0x20e9e9c9);
+	&_data_word(0x49cece87, 0xff5555aa, 0x78282850, 0x7adfdfa5);
+	&_data_word(0x8f8c8c03, 0xf8a1a159, 0x80898909, 0x170d0d1a);
+	&_data_word(0xdabfbf65, 0x31e6e6d7, 0xc6424284, 0xb86868d0);
+	&_data_word(0xc3414182, 0xb0999929, 0x772d2d5a, 0x110f0f1e);
+	&_data_word(0xcbb0b07b, 0xfc5454a8, 0xd6bbbb6d, 0x3a16162c);
+
+#Te4	# four copies of Te4 to choose from to avoid L1 aliasing
+	&data_byte(0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5);
+	&data_byte(0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76);
+	&data_byte(0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0);
+	&data_byte(0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0);
+	&data_byte(0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc);
+	&data_byte(0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15);
+	&data_byte(0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a);
+	&data_byte(0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75);
+	&data_byte(0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0);
+	&data_byte(0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84);
+	&data_byte(0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b);
+	&data_byte(0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf);
+	&data_byte(0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85);
+	&data_byte(0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8);
+	&data_byte(0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5);
+	&data_byte(0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2);
+	&data_byte(0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17);
+	&data_byte(0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73);
+	&data_byte(0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88);
+	&data_byte(0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb);
+	&data_byte(0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c);
+	&data_byte(0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79);
+	&data_byte(0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9);
+	&data_byte(0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08);
+	&data_byte(0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6);
+	&data_byte(0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a);
+	&data_byte(0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e);
+	&data_byte(0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e);
+	&data_byte(0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94);
+	&data_byte(0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf);
+	&data_byte(0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68);
+	&data_byte(0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16);
+
+	&data_byte(0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5);
+	&data_byte(0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76);
+	&data_byte(0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0);
+	&data_byte(0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0);
+	&data_byte(0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc);
+	&data_byte(0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15);
+	&data_byte(0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a);
+	&data_byte(0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75);
+	&data_byte(0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0);
+	&data_byte(0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84);
+	&data_byte(0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b);
+	&data_byte(0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf);
+	&data_byte(0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85);
+	&data_byte(0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8);
+	&data_byte(0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5);
+	&data_byte(0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2);
+	&data_byte(0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17);
+	&data_byte(0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73);
+	&data_byte(0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88);
+	&data_byte(0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb);
+	&data_byte(0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c);
+	&data_byte(0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79);
+	&data_byte(0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9);
+	&data_byte(0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08);
+	&data_byte(0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6);
+	&data_byte(0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a);
+	&data_byte(0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e);
+	&data_byte(0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e);
+	&data_byte(0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94);
+	&data_byte(0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf);
+	&data_byte(0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68);
+	&data_byte(0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16);
+
+	&data_byte(0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5);
+	&data_byte(0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76);
+	&data_byte(0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0);
+	&data_byte(0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0);
+	&data_byte(0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc);
+	&data_byte(0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15);
+	&data_byte(0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a);
+	&data_byte(0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75);
+	&data_byte(0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0);
+	&data_byte(0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84);
+	&data_byte(0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b);
+	&data_byte(0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf);
+	&data_byte(0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85);
+	&data_byte(0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8);
+	&data_byte(0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5);
+	&data_byte(0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2);
+	&data_byte(0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17);
+	&data_byte(0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73);
+	&data_byte(0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88);
+	&data_byte(0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb);
+	&data_byte(0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c);
+	&data_byte(0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79);
+	&data_byte(0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9);
+	&data_byte(0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08);
+	&data_byte(0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6);
+	&data_byte(0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a);
+	&data_byte(0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e);
+	&data_byte(0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e);
+	&data_byte(0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94);
+	&data_byte(0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf);
+	&data_byte(0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68);
+	&data_byte(0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16);
+
+	&data_byte(0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5);
+	&data_byte(0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76);
+	&data_byte(0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0);
+	&data_byte(0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0);
+	&data_byte(0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc);
+	&data_byte(0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15);
+	&data_byte(0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a);
+	&data_byte(0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75);
+	&data_byte(0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0);
+	&data_byte(0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84);
+	&data_byte(0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b);
+	&data_byte(0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf);
+	&data_byte(0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85);
+	&data_byte(0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8);
+	&data_byte(0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5);
+	&data_byte(0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2);
+	&data_byte(0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17);
+	&data_byte(0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73);
+	&data_byte(0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88);
+	&data_byte(0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb);
+	&data_byte(0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c);
+	&data_byte(0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79);
+	&data_byte(0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9);
+	&data_byte(0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08);
+	&data_byte(0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6);
+	&data_byte(0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a);
+	&data_byte(0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e);
+	&data_byte(0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e);
+	&data_byte(0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94);
+	&data_byte(0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf);
+	&data_byte(0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68);
+	&data_byte(0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16);
 #rcon:
 	&data_word(0x00000001, 0x00000002, 0x00000004, 0x00000008);
-        &data_word(0x00000010, 0x00000020, 0x00000040, 0x00000080);
-        &data_word(0x0000001b, 0x00000036);
+	&data_word(0x00000010, 0x00000020, 0x00000040, 0x00000080);
+	&data_word(0x0000001b, 0x00000036, 0x00000000, 0x00000000);
+	&data_word(0x00000000, 0x00000000, 0x00000000, 0x00000000);
 &function_end_B("_x86_AES_encrypt");
 
 # void AES_encrypt (const void *inp,void *out,const AES_KEY *key);
-&public_label("AES_Te");
 &function_begin("AES_encrypt");
 	&mov	($acc,&wparam(0));		# load inp
 	&mov	($key,&wparam(2));		# load key
 
+	&mov	($s0,"esp");
+	&sub	("esp",36);
+	&and	("esp",-64);			# align to cache-line
+
+	# place stack frame just "above" the key schedule
+	&lea	($s1,&DWP(-64-63,$key));
+	&sub	($s1,"esp");
+	&neg	($s1);
+	&and	($s1,0x3C0);	# modulo 1024, but aligned to cache-line
+	&sub	("esp",$s1);
+	&add	("esp",4);	# 4 is reserved for caller's return address
+	&mov	($_esp,$s0);			# save stack pointer
+
 	&call   (&label("pic_point"));          # make it PIC!
 	&set_label("pic_point");
-	&blindpop("ebp");
-	&lea    ("ebp",&DWP(&label("AES_Te")."-".&label("pic_point"),"ebp"));
-
+	&blindpop($tbl);
+	&picmeup($s0,"OPENSSL_ia32cap_P",$tbl,&label("pic_point")) if (!$x86only);
+	&lea    ($tbl,&DWP(&label("AES_Te")."-".&label("pic_point"),$tbl));
+
+	# pick Te4 copy which can't "overlap" with stack frame or key schedule
+	&lea	($s1,&DWP(768-4,"esp"));
+	&sub	($s1,$tbl);
+	&and	($s1,0x300);
+	&lea	($tbl,&DWP(2048+128,$tbl,$s1));
+
+					if (!$x86only) {
+	&bt	(&DWP(0,$s0),25);	# check for SSE bit
+	&jnc	(&label("x86"));
+
+	&movq	("mm0",&QWP(0,$acc));
+	&movq	("mm4",&QWP(8,$acc));
+	&call	("_sse_AES_encrypt_compact");
+	&mov	("esp",$_esp);			# restore stack pointer
+	&mov	($acc,&wparam(1));		# load out
+	&movq	(&QWP(0,$acc),"mm0");		# write output data
+	&movq	(&QWP(8,$acc),"mm4");
+	&emms	();
+	&function_end_A();
+					}
+	&set_label("x86",16);
+	&mov	($_tbl,$tbl);
 	&mov	($s0,&DWP(0,$acc));		# load input data
 	&mov	($s1,&DWP(4,$acc));
 	&mov	($s2,&DWP(8,$acc));
 	&mov	($s3,&DWP(12,$acc));
-
-	&call	("_x86_AES_encrypt");
-
+	&call	("_x86_AES_encrypt_compact");
+	&mov	("esp",$_esp);			# restore stack pointer
 	&mov	($acc,&wparam(1));		# load out
 	&mov	(&DWP(0,$acc),$s0);		# write output data
 	&mov	(&DWP(4,$acc),$s1);
@@ -706,7 +1215,370 @@ sub enclast()
 	&mov	(&DWP(12,$acc),$s3);
 &function_end("AES_encrypt");
 
-#------------------------------------------------------------------#
+#--------------------------------------------------------------------#
+
+######################################################################
+# "Compact" block function
+######################################################################
+
+sub deccompact()
+{ my $Fn = mov;
+  while ($#_>5) { pop(@_); $Fn=sub{}; }
+  my ($i,$td,@s)=@_;
+  my $tmp = $key;
+  my $out = $i==3?$s[0]:$acc;
+
+	# $Fn is used in first compact round and its purpose is to
+	# void restoration of some values from stack, so that after
+	# 4xdeccompact with extra argument $key, $s0 and $s1 values
+	# are left there...
+	if($i==3)   {	&$Fn	($key,$__key);			}
+	else        {	&mov	($out,$s[0]);			}
+			&and	($out,0xFF);
+			&movz	($out,&BP(-128,$td,$out,1));
+
+	if ($i==3)  {	$tmp=$s[1];				}
+			&movz	($tmp,&HB($s[1]));
+			&movz	($tmp,&BP(-128,$td,$tmp,1));
+			&shl	($tmp,8);
+			&xor	($out,$tmp);
+
+	if ($i==3)  {	$tmp=$s[2]; &mov ($s[1],$acc);		}
+	else        {	mov	($tmp,$s[2]);			}
+			&shr	($tmp,16);
+			&and	($tmp,0xFF);
+			&movz	($tmp,&BP(-128,$td,$tmp,1));
+			&shl	($tmp,16);
+			&xor	($out,$tmp);
+
+	if ($i==3)  {	$tmp=$s[3]; &$Fn ($s[2],$__s1);		}
+	else        {	&mov	($tmp,$s[3]);			}
+			&shr	($tmp,24);
+			&movz	($tmp,&BP(-128,$td,$tmp,1));
+			&shl	($tmp,24);
+			&xor	($out,$tmp);
+	if ($i<2)   {	&mov	(&DWP(4+4*$i,"esp"),$out);	}
+	if ($i==3)  {	&$Fn	($s[3],$__s0);			}
+}
+
+# must be called with 2,3,0,1 as argument sequence!!!
+sub dectransform()
+{ my @s = ($s0,$s1,$s2,$s3);
+  my $i = shift;
+  my $tmp = $key;
+  my $tp2 = @s[($i+2)%4]; $tp2 = @s[2] if ($i==1);
+  my $tp4 = @s[($i+3)%4]; $tp4 = @s[3] if ($i==1);
+  my $tp8 = $tbl;
+
+	&mov	($acc,$s[$i]);
+	&and	($acc,0x80808080);
+	&mov	($tmp,$acc);
+	&shr	($tmp,7);
+	&lea	($tp2,&DWP(0,$s[$i],$s[$i]));
+	&sub	($acc,$tmp);
+	&and	($tp2,0xfefefefe);
+	&and	($acc,0x1b1b1b1b);
+	&xor	($acc,$tp2);
+	&mov	($tp2,$acc);
+
+	&and	($acc,0x80808080);
+	&mov	($tmp,$acc);
+	&shr	($tmp,7);
+	&lea	($tp4,&DWP(0,$tp2,$tp2));
+	&sub	($acc,$tmp);
+	&and	($tp4,0xfefefefe);
+	&and	($acc,0x1b1b1b1b);
+	 &xor	($tp2,$s[$i]);	# tp2^tp1
+	&xor	($acc,$tp4);
+	&mov	($tp4,$acc);
+
+	&and	($acc,0x80808080);
+	&mov	($tmp,$acc);
+	&shr	($tmp,7);
+	&lea	($tp8,&DWP(0,$tp4,$tp4));
+	&sub	($acc,$tmp);
+	&and	($tp8,0xfefefefe);
+	&and	($acc,0x1b1b1b1b);
+	 &xor	($tp4,$s[$i]);	# tp4^tp1
+	 &rotl	($s[$i],8);	# = ROTATE(tp1,8)
+	&xor	($tp8,$acc);
+
+	&xor	($s[$i],$tp2);
+	&xor	($tp2,$tp8);
+	&rotl	($tp2,24);
+	&xor	($s[$i],$tp4);
+	&xor	($tp4,$tp8);
+	&rotl	($tp4,16);
+	&xor	($s[$i],$tp8);	# ^= tp8^(tp4^tp1)^(tp2^tp1)
+	&rotl	($tp8,8);
+	&xor	($s[$i],$tp2);	# ^= ROTATE(tp8^tp2^tp1,24)
+	&xor	($s[$i],$tp4);	# ^= ROTATE(tp8^tp4^tp1,16)
+	 &mov	($s[0],$__s0)			if($i==2); #prefetch $s0
+	 &mov	($s[1],$__s1)			if($i==3); #prefetch $s1
+	 &mov	($s[2],$__s2)			if($i==1);
+	&xor	($s[$i],$tp8);	# ^= ROTATE(tp8,8)
+
+	&mov	($s[3],$__s3)			if($i==1);
+	&mov	(&DWP(4+4*$i,"esp"),$s[$i])	if($i>=2);
+}
+
+&function_begin_B("_x86_AES_decrypt_compact");
+	# note that caller is expected to allocate stack frame for me!
+	&mov	($__key,$key);			# save key
+
+	&xor	($s0,&DWP(0,$key));		# xor with key
+	&xor	($s1,&DWP(4,$key));
+	&xor	($s2,&DWP(8,$key));
+	&xor	($s3,&DWP(12,$key));
+
+	&mov	($acc,&DWP(240,$key));		# load key->rounds
+
+	&lea	($acc,&DWP(-2,$acc,$acc));
+	&lea	($acc,&DWP(0,$key,$acc,8));
+	&mov	($__end,$acc);			# end of key schedule
+
+	# prefetch Td4
+	&mov	($key,&DWP(0-128,$tbl));
+	&mov	($acc,&DWP(32-128,$tbl));
+	&mov	($key,&DWP(64-128,$tbl));
+	&mov	($acc,&DWP(96-128,$tbl));
+	&mov	($key,&DWP(128-128,$tbl));
+	&mov	($acc,&DWP(160-128,$tbl));
+	&mov	($key,&DWP(192-128,$tbl));
+	&mov	($acc,&DWP(224-128,$tbl));
+
+	&set_label("loop",16);
+
+		&deccompact(0,$tbl,$s0,$s3,$s2,$s1,1);
+		&deccompact(1,$tbl,$s1,$s0,$s3,$s2,1);
+		&deccompact(2,$tbl,$s2,$s1,$s0,$s3,1);
+		&deccompact(3,$tbl,$s3,$s2,$s1,$s0,1);
+		&dectransform(2);
+		&dectransform(3);
+		&dectransform(0);
+		&dectransform(1);
+		&mov 	($key,$__key);
+		&mov	($tbl,$__tbl);
+		&add	($key,16);		# advance rd_key
+		&xor	($s0,&DWP(0,$key));
+		&xor	($s1,&DWP(4,$key));
+		&xor	($s2,&DWP(8,$key));
+		&xor	($s3,&DWP(12,$key));
+
+	&cmp	($key,$__end);
+	&mov	($__key,$key);
+	&jb	(&label("loop"));
+
+	&deccompact(0,$tbl,$s0,$s3,$s2,$s1);
+	&deccompact(1,$tbl,$s1,$s0,$s3,$s2);
+	&deccompact(2,$tbl,$s2,$s1,$s0,$s3);
+	&deccompact(3,$tbl,$s3,$s2,$s1,$s0);
+
+	&xor	($s0,&DWP(16,$key));
+	&xor	($s1,&DWP(20,$key));
+	&xor	($s2,&DWP(24,$key));
+	&xor	($s3,&DWP(28,$key));
+
+	&ret	();
+&function_end_B("_x86_AES_decrypt_compact");
+
+######################################################################
+# "Compact" SSE block function.
+######################################################################
+
+sub sse_deccompact()
+{
+	&pshufw	("mm1","mm0",0x0c);		#  7, 6, 1, 0
+	&movd	("eax","mm1");			#  7, 6, 1, 0
+
+	&pshufw	("mm5","mm4",0x09);		# 13,12,11,10
+	&movz	($acc,&LB("eax"));		#  0
+	&movz	("ecx",&BP(-128,$tbl,$acc,1));	#  0
+	&movd	("ebx","mm5");			# 13,12,11,10
+	&movz	("edx",&HB("eax"));		#  1
+	&movz	("edx",&BP(-128,$tbl,"edx",1));	#  1
+	&shl	("edx",8);			#  1
+
+	&pshufw	("mm2","mm0",0x06);		#  3, 2, 5, 4
+	&movz	($acc,&LB("ebx"));		# 10
+	&movz	($acc,&BP(-128,$tbl,$acc,1));	# 10
+	&shl	($acc,16);			# 10
+	&or	("ecx",$acc);			# 10
+	&shr	("eax",16);			#  7, 6
+	&movz	($acc,&HB("ebx"));		# 11
+	&movz	($acc,&BP(-128,$tbl,$acc,1));	# 11
+	&shl	($acc,24);			# 11
+	&or	("edx",$acc);			# 11
+	&shr	("ebx",16);			# 13,12
+
+	&pshufw	("mm6","mm4",0x03);		# 9, 8,15,14
+	&movz	($acc,&HB("eax"));		#  7
+	&movz	($acc,&BP(-128,$tbl,$acc,1));	#  7
+	&shl	($acc,24);			#  7
+	&or	("ecx",$acc);			#  7
+	&movz	($acc,&HB("ebx"));		# 13
+	&movz	($acc,&BP(-128,$tbl,$acc,1));	# 13
+	&shl	($acc,8);			# 13
+	&or	("ecx",$acc);			# 13
+	&movd	("mm0","ecx");			# t[0] collected
+
+	&movz	($acc,&LB("eax"));		#  6
+	&movd	("eax","mm2");			#  3, 2, 5, 4
+	&movz	("ecx",&BP(-128,$tbl,$acc,1));	#  6
+	&shl	("ecx",16);			#  6
+	&movz	($acc,&LB("ebx"));		# 12
+	&movd	("ebx","mm6");			#  9, 8,15,14
+	&movz	($acc,&BP(-128,$tbl,$acc,1));	# 12
+	&or	("ecx",$acc);			# 12
+
+	&movz	($acc,&LB("eax"));		#  4
+	&movz	($acc,&BP(-128,$tbl,$acc,1));	#  4
+	&or	("edx",$acc);			#  4
+	&movz	($acc,&LB("ebx"));		# 14
+	&movz	($acc,&BP(-128,$tbl,$acc,1));	# 14
+	&shl	($acc,16);			# 14
+	&or	("edx",$acc);			# 14
+	&movd	("mm1","edx");			# t[1] collected
+
+	&movz	($acc,&HB("eax"));		#  5
+	&movz	("edx",&BP(-128,$tbl,$acc,1));	#  5
+	&shl	("edx",8);			#  5
+	&movz	($acc,&HB("ebx"));		# 15
+	&shr	("eax",16);			#  3, 2
+	&movz	($acc,&BP(-128,$tbl,$acc,1));	# 15
+	&shl	($acc,24);			# 15
+	&or	("edx",$acc);			# 15
+	&shr	("ebx",16);			#  9, 8
+
+	&punpckldq	("mm0","mm1");		# t[0,1] collected
+
+	&movz	($acc,&HB("ebx"));		#  9
+	&movz	($acc,&BP(-128,$tbl,$acc,1));	#  9
+	&shl	($acc,8);			#  9
+	&or	("ecx",$acc);			#  9
+	&and	("ebx",0xff);			#  8
+	&movz	("ebx",&BP(-128,$tbl,"ebx",1));	#  8
+	&or	("edx","ebx");			#  8
+	&movz	($acc,&LB("eax"));		#  2
+	&movz	($acc,&BP(-128,$tbl,$acc,1));	#  2
+	&shl	($acc,16);			#  2
+	&or	("edx",$acc);			#  2
+	&movd	("mm4","edx");			# t[2] collected
+	&movz	("eax",&HB("eax"));		#  3
+	&movz	("eax",&BP(-128,$tbl,"eax",1));	#  3
+	&shl	("eax",24);			#  3
+	&or	("ecx","eax");			#  3
+	&movd	("mm5","ecx");			# t[3] collected
+
+	&punpckldq	("mm4","mm5");		# t[2,3] collected
+}
+
+					if (!$x86only) {
+&function_begin_B("_sse_AES_decrypt_compact");
+	&pxor	("mm0",&QWP(0,$key));	#  7, 6, 5, 4, 3, 2, 1, 0
+	&pxor	("mm4",&QWP(8,$key));	# 15,14,13,12,11,10, 9, 8
+
+	# note that caller is expected to allocate stack frame for me!
+	&mov	($acc,&DWP(240,$key));		# load key->rounds
+	&lea	($acc,&DWP(-2,$acc,$acc));
+	&lea	($acc,&DWP(0,$key,$acc,8));
+	&mov	($__end,$acc);			# end of key schedule
+
+	&mov	($s0,0x1b1b1b1b);		# magic constant
+	&mov	(&DWP(8,"esp"),$s0);
+	&mov	(&DWP(12,"esp"),$s0);
+
+	# prefetch Td4
+	&mov	($s0,&DWP(0-128,$tbl));
+	&mov	($s1,&DWP(32-128,$tbl));
+	&mov	($s2,&DWP(64-128,$tbl));
+	&mov	($s3,&DWP(96-128,$tbl));
+	&mov	($s0,&DWP(128-128,$tbl));
+	&mov	($s1,&DWP(160-128,$tbl));
+	&mov	($s2,&DWP(192-128,$tbl));
+	&mov	($s3,&DWP(224-128,$tbl));
+
+	&set_label("loop",16);
+		&sse_deccompact();
+		&add	($key,16);
+		&cmp	($key,$__end);
+		&ja	(&label("out"));
+
+		# ROTATE(x^y,N) == ROTATE(x,N)^ROTATE(y,N)
+		&movq	("mm3","mm0");		&movq	("mm7","mm4");
+		&movq	("mm2","mm0",1);	&movq	("mm6","mm4",1);
+		&movq	("mm1","mm0");		&movq	("mm5","mm4");
+		&pshufw	("mm0","mm0",0xb1);	&pshufw	("mm4","mm4",0xb1);# = ROTATE(tp0,16)
+		&pslld	("mm2",8);		&pslld	("mm6",8);
+		&psrld	("mm3",8);		&psrld	("mm7",8);
+		&pxor	("mm0","mm2");		&pxor	("mm4","mm6");	# ^= tp0<<8
+		&pxor	("mm0","mm3");		&pxor	("mm4","mm7");	# ^= tp0>>8
+		&pslld	("mm2",16);		&pslld	("mm6",16);
+		&psrld	("mm3",16);		&psrld	("mm7",16);
+		&pxor	("mm0","mm2");		&pxor	("mm4","mm6");	# ^= tp0<<24
+		&pxor	("mm0","mm3");		&pxor	("mm4","mm7");	# ^= tp0>>24
+
+		&movq	("mm3",&QWP(8,"esp"));
+		&pxor	("mm2","mm2");		&pxor	("mm6","mm6");
+		&pcmpgtb("mm2","mm1");		&pcmpgtb("mm6","mm5");
+		&pand	("mm2","mm3");		&pand	("mm6","mm3");
+		&paddb	("mm1","mm1");		&paddb	("mm5","mm5");
+		&pxor	("mm1","mm2");		&pxor	("mm5","mm6");	# tp2
+		&movq	("mm3","mm1");		&movq	("mm7","mm5");
+		&movq	("mm2","mm1");		&movq	("mm6","mm5");
+		&pxor	("mm0","mm1");		&pxor	("mm4","mm5");	# ^= tp2
+		&pslld	("mm3",24);		&pslld	("mm7",24);
+		&psrld	("mm2",8);		&psrld	("mm6",8);
+		&pxor	("mm0","mm3");		&pxor	("mm4","mm7");	# ^= tp2<<24
+		&pxor	("mm0","mm2");		&pxor	("mm4","mm6");	# ^= tp2>>8
+
+		&movq	("mm2",&QWP(8,"esp"));
+		&pxor	("mm3","mm3");		&pxor	("mm7","mm7");
+		&pcmpgtb("mm3","mm1");		&pcmpgtb("mm7","mm5");
+		&pand	("mm3","mm2");		&pand	("mm7","mm2");
+		&paddb	("mm1","mm1");		&paddb	("mm5","mm5");
+		&pxor	("mm1","mm3");		&pxor	("mm5","mm7");	# tp4
+		&pshufw	("mm3","mm1",0xb1);	&pshufw	("mm7","mm5",0xb1);
+		&pxor	("mm0","mm1");		&pxor	("mm4","mm5");	# ^= tp4
+		&pxor	("mm0","mm3");		&pxor	("mm4","mm7");	# ^= ROTATE(tp4,16)	
+
+		&pxor	("mm3","mm3");		&pxor	("mm7","mm7");
+		&pcmpgtb("mm3","mm1");		&pcmpgtb("mm7","mm5");
+		&pand	("mm3","mm2");		&pand	("mm7","mm2");
+		&paddb	("mm1","mm1");		&paddb	("mm5","mm5");
+		&pxor	("mm1","mm3");		&pxor	("mm5","mm7");	# tp8
+		&pxor	("mm0","mm1");		&pxor	("mm4","mm5");	# ^= tp8
+		&movq	("mm3","mm1");		&movq	("mm7","mm5");
+		&pshufw	("mm2","mm1",0xb1);	&pshufw	("mm6","mm5",0xb1);
+		&pxor	("mm0","mm2");		&pxor	("mm4","mm6");	# ^= ROTATE(tp8,16)
+		&pslld	("mm1",8);		&pslld	("mm5",8);
+		&psrld	("mm3",8);		&psrld	("mm7",8);
+		&movq	("mm2",&QWP(0,$key));	&movq	("mm6",&QWP(8,$key));
+		&pxor	("mm0","mm1");		&pxor	("mm4","mm5");	# ^= tp8<<8
+		&pxor	("mm0","mm3");		&pxor	("mm4","mm7");	# ^= tp8>>8
+		&mov	($s0,&DWP(0-128,$tbl));
+		&pslld	("mm1",16);		&pslld	("mm5",16);
+		&mov	($s1,&DWP(64-128,$tbl));
+		&psrld	("mm3",16);		&psrld	("mm7",16);
+		&mov	($s2,&DWP(128-128,$tbl));
+		&pxor	("mm0","mm1");		&pxor	("mm4","mm5");	# ^= tp8<<24
+		&mov	($s3,&DWP(192-128,$tbl));
+		&pxor	("mm0","mm3");		&pxor	("mm4","mm7");	# ^= tp8>>24
+
+		&pxor	("mm0","mm2");		&pxor	("mm4","mm6");
+	&jmp	(&label("loop"));
+
+	&set_label("out",16);
+	&pxor	("mm0",&QWP(0,$key));
+	&pxor	("mm4",&QWP(8,$key));
+
+	&ret	();
+&function_end_B("_sse_AES_decrypt_compact");
+					}
+
+######################################################################
+# Vanilla block function.
+######################################################################
 
 sub decstep()
 { my ($i,$td,@s) = @_;
@@ -717,27 +1589,27 @@ sub decstep()
 	# optimal... or rather that all attempts to reorder didn't
 	# result in better performance [which by the way is not a
 	# bit lower than ecryption].
-	if($i==3)   {	&mov	($key,&DWP(12,"esp"));		}
+	if($i==3)   {	&mov	($key,$__key);			}
 	else        {	&mov	($out,$s[0]);			}
 			&and	($out,0xFF);
-			&mov	($out,&DWP(1024*0,$td,$out,4));
+			&mov	($out,&DWP(0,$td,$out,8));
 
 	if ($i==3)  {	$tmp=$s[1];				}
 			&movz	($tmp,&HB($s[1]));
-			&xor	($out,&DWP(1024*1,$td,$tmp,4));
+			&xor	($out,&DWP(3,$td,$tmp,8));
 
 	if ($i==3)  {	$tmp=$s[2]; &mov ($s[1],$acc);		}
 	else        {	&mov	($tmp,$s[2]);			}
 			&shr	($tmp,16);
 			&and	($tmp,0xFF);
-			&xor	($out,&DWP(1024*2,$td,$tmp,4));
+			&xor	($out,&DWP(2,$td,$tmp,8));
 
-	if ($i==3)  {	$tmp=$s[3]; &mov ($s[2],&DWP(4,"esp"));	}
+	if ($i==3)  {	$tmp=$s[3]; &mov ($s[2],$__s1);		}
 	else        {	&mov	($tmp,$s[3]);			}
 			&shr	($tmp,24);
-			&xor	($out,&DWP(1024*3,$td,$tmp,4));
-	if ($i<2)   {	&mov	(&DWP(4*$i,"esp"),$out);	}
-	if ($i==3)  {	&mov	($s[3],&DWP(0,"esp"));		}
+			&xor	($out,&DWP(1,$td,$tmp,8));
+	if ($i<2)   {	&mov	(&DWP(4+4*$i,"esp"),$out);	}
+	if ($i==3)  {	&mov	($s[3],$__s0);			}
 			&comment();
 }
 
@@ -746,45 +1618,49 @@ sub declast()
   my $tmp = $key;
   my $out = $i==3?$s[0]:$acc;
 
-	if($i==3)   {	&mov	($key,&DWP(12,"esp"));		}
+	if($i==0)   {	&lea	($td,&DWP(2048+128,$td));
+			&mov	($tmp,&DWP(0-128,$td));
+			&mov	($acc,&DWP(32-128,$td));
+			&mov	($tmp,&DWP(64-128,$td));
+			&mov	($acc,&DWP(96-128,$td));
+			&mov	($tmp,&DWP(128-128,$td));
+			&mov	($acc,&DWP(160-128,$td));
+			&mov	($tmp,&DWP(192-128,$td));
+			&mov	($acc,&DWP(224-128,$td));
+			&lea	($td,&DWP(-128,$td));		}
+	if($i==3)   {	&mov	($key,$__key);			}
 	else        {	&mov	($out,$s[0]);			}
 			&and	($out,0xFF);
-			&mov	($out,&DWP(1024*4,$td,$out,4));
-			&and	($out,0x000000ff);
+			&movz	($out,&BP(0,$td,$out,1));
 
 	if ($i==3)  {	$tmp=$s[1];				}
 			&movz	($tmp,&HB($s[1]));
-			&mov	($tmp,&DWP(1024*4,$td,$tmp,4));
-			&and	($tmp,0x0000ff00);
+			&movz	($tmp,&BP(0,$td,$tmp,1));
+			&shl	($tmp,8);
 			&xor	($out,$tmp);
 
 	if ($i==3)  {	$tmp=$s[2]; &mov ($s[1],$acc);		}
 	else        {	mov	($tmp,$s[2]);			}
 			&shr	($tmp,16);
 			&and	($tmp,0xFF);
-			&mov	($tmp,&DWP(1024*4,$td,$tmp,4));
-			&and	($tmp,0x00ff0000);
+			&movz	($tmp,&BP(0,$td,$tmp,1));
+			&shl	($tmp,16);
 			&xor	($out,$tmp);
 
-	if ($i==3)  {	$tmp=$s[3]; &mov ($s[2],&DWP(4,"esp"));	}
+	if ($i==3)  {	$tmp=$s[3]; &mov ($s[2],$__s1);		}
 	else        {	&mov	($tmp,$s[3]);			}
 			&shr	($tmp,24);
-			&mov	($tmp,&DWP(1024*4,$td,$tmp,4));
-			&and	($tmp,0xff000000);
+			&movz	($tmp,&BP(0,$td,$tmp,1));
+			&shl	($tmp,24);
 			&xor	($out,$tmp);
-	if ($i<2)   {	&mov	(&DWP(4*$i,"esp"),$out);	}
-	if ($i==3)  {	&mov	($s[3],&DWP(0,"esp"));		}
+	if ($i<2)   {	&mov	(&DWP(4+4*$i,"esp"),$out);	}
+	if ($i==3)  {	&mov	($s[3],$__s0);
+			&lea	($td,&DWP(-2048,$td));		}
 }
 
-&public_label("AES_Td");
 &function_begin_B("_x86_AES_decrypt");
-	# allocate aligned stack frame
-	&mov	($acc,"esp");
-	&sub	("esp",20);
-	&and	("esp",-16);
-
-	&mov	(&DWP(12,"esp"),$key);		# save key
-	&mov	(&DWP(16,"esp"),$acc);		# save %esp
+	# note that caller is expected to allocate stack frame for me!
+	&mov	($__key,$key);			# save key
 
 	&xor	($s0,&DWP(0,$key));		# xor with key
 	&xor	($s1,&DWP(4,$key));
@@ -796,20 +1672,19 @@ sub declast()
 	if ($small_footprint) {
 	    &lea	($acc,&DWP(-2,$acc,$acc));
 	    &lea	($acc,&DWP(0,$key,$acc,8));
-	    &mov	(&DWP(8,"esp"),$acc);	# end of key schedule
-	    &align	(4);
-	    &set_label("loop");
-		&decstep(0,"ebp",$s0,$s3,$s2,$s1);
-		&decstep(1,"ebp",$s1,$s0,$s3,$s2);
-		&decstep(2,"ebp",$s2,$s1,$s0,$s3);
-		&decstep(3,"ebp",$s3,$s2,$s1,$s0);
-		&add	($key,16);			# advance rd_key
+	    &mov	($__end,$acc);		# end of key schedule
+	    &set_label("loop",16);
+		&decstep(0,$tbl,$s0,$s3,$s2,$s1);
+		&decstep(1,$tbl,$s1,$s0,$s3,$s2);
+		&decstep(2,$tbl,$s2,$s1,$s0,$s3);
+		&decstep(3,$tbl,$s3,$s2,$s1,$s0);
+		&add	($key,16);		# advance rd_key
 		&xor	($s0,&DWP(0,$key));
 		&xor	($s1,&DWP(4,$key));
 		&xor	($s2,&DWP(8,$key));
 		&xor	($s3,&DWP(12,$key));
-	    &cmp	($key,&DWP(8,"esp"));
-	    &mov	(&DWP(12,"esp"),$key);
+	    &cmp	($key,$__end);
+	    &mov	($__key,$key);
 	    &jb		(&label("loop"));
 	}
 	else {
@@ -818,38 +1693,38 @@ sub declast()
 	    &cmp	($acc,12);
 	    &jle	(&label("12rounds"));
 
-	&set_label("14rounds");
+	&set_label("14rounds",4);
 	    for ($i=1;$i<3;$i++) {
-		&decstep(0,"ebp",$s0,$s3,$s2,$s1);
-		&decstep(1,"ebp",$s1,$s0,$s3,$s2);
-		&decstep(2,"ebp",$s2,$s1,$s0,$s3);
-		&decstep(3,"ebp",$s3,$s2,$s1,$s0);
+		&decstep(0,$tbl,$s0,$s3,$s2,$s1);
+		&decstep(1,$tbl,$s1,$s0,$s3,$s2);
+		&decstep(2,$tbl,$s2,$s1,$s0,$s3);
+		&decstep(3,$tbl,$s3,$s2,$s1,$s0);
 		&xor	($s0,&DWP(16*$i+0,$key));
 		&xor	($s1,&DWP(16*$i+4,$key));
 		&xor	($s2,&DWP(16*$i+8,$key));
 		&xor	($s3,&DWP(16*$i+12,$key));
 	    }
 	    &add	($key,32);
-	    &mov	(&DWP(12,"esp"),$key);		# advance rd_key
-	&set_label("12rounds");
+	    &mov	($__key,$key);		# advance rd_key
+	&set_label("12rounds",4);
 	    for ($i=1;$i<3;$i++) {
-		&decstep(0,"ebp",$s0,$s3,$s2,$s1);
-		&decstep(1,"ebp",$s1,$s0,$s3,$s2);
-		&decstep(2,"ebp",$s2,$s1,$s0,$s3);
-		&decstep(3,"ebp",$s3,$s2,$s1,$s0);
+		&decstep(0,$tbl,$s0,$s3,$s2,$s1);
+		&decstep(1,$tbl,$s1,$s0,$s3,$s2);
+		&decstep(2,$tbl,$s2,$s1,$s0,$s3);
+		&decstep(3,$tbl,$s3,$s2,$s1,$s0);
 		&xor	($s0,&DWP(16*$i+0,$key));
 		&xor	($s1,&DWP(16*$i+4,$key));
 		&xor	($s2,&DWP(16*$i+8,$key));
 		&xor	($s3,&DWP(16*$i+12,$key));
 	    }
 	    &add	($key,32);
-	    &mov	(&DWP(12,"esp"),$key);		# advance rd_key
-	&set_label("10rounds");
+	    &mov	($__key,$key);		# advance rd_key
+	&set_label("10rounds",4);
 	    for ($i=1;$i<10;$i++) {
-		&decstep(0,"ebp",$s0,$s3,$s2,$s1);
-		&decstep(1,"ebp",$s1,$s0,$s3,$s2);
-		&decstep(2,"ebp",$s2,$s1,$s0,$s3);
-		&decstep(3,"ebp",$s3,$s2,$s1,$s0);
+		&decstep(0,$tbl,$s0,$s3,$s2,$s1);
+		&decstep(1,$tbl,$s1,$s0,$s3,$s2);
+		&decstep(2,$tbl,$s2,$s1,$s0,$s3);
+		&decstep(3,$tbl,$s3,$s2,$s1,$s0);
 		&xor	($s0,&DWP(16*$i+0,$key));
 		&xor	($s1,&DWP(16*$i+4,$key));
 		&xor	($s2,&DWP(16*$i+8,$key));
@@ -857,12 +1732,11 @@ sub declast()
 	    }
 	}
 
-	&declast(0,"ebp",$s0,$s3,$s2,$s1);
-	&declast(1,"ebp",$s1,$s0,$s3,$s2);
-	&declast(2,"ebp",$s2,$s1,$s0,$s3);
-	&declast(3,"ebp",$s3,$s2,$s1,$s0);
+	&declast(0,$tbl,$s0,$s3,$s2,$s1);
+	&declast(1,$tbl,$s1,$s0,$s3,$s2);
+	&declast(2,$tbl,$s2,$s1,$s0,$s3);
+	&declast(3,$tbl,$s3,$s2,$s1,$s0);
 
-	&mov	("esp",&DWP(16,"esp"));		# restore %esp
 	&add	($key,$small_footprint?16:160);
 	&xor	($s0,&DWP(0,$key));
 	&xor	($s1,&DWP(4,$key));
@@ -872,350 +1746,257 @@ sub declast()
 	&ret	();
 
 &set_label("AES_Td",64);	# Yes! I keep it in the code segment!
-	&data_word(0x50a7f451, 0x5365417e, 0xc3a4171a, 0x965e273a);
-	&data_word(0xcb6bab3b, 0xf1459d1f, 0xab58faac, 0x9303e34b);
-	&data_word(0x55fa3020, 0xf66d76ad, 0x9176cc88, 0x254c02f5);
-	&data_word(0xfcd7e54f, 0xd7cb2ac5, 0x80443526, 0x8fa362b5);
-	&data_word(0x495ab1de, 0x671bba25, 0x980eea45, 0xe1c0fe5d);
-	&data_word(0x02752fc3, 0x12f04c81, 0xa397468d, 0xc6f9d36b);
-	&data_word(0xe75f8f03, 0x959c9215, 0xeb7a6dbf, 0xda595295);
-	&data_word(0x2d83bed4, 0xd3217458, 0x2969e049, 0x44c8c98e);
-	&data_word(0x6a89c275, 0x78798ef4, 0x6b3e5899, 0xdd71b927);
-	&data_word(0xb64fe1be, 0x17ad88f0, 0x66ac20c9, 0xb43ace7d);
-	&data_word(0x184adf63, 0x82311ae5, 0x60335197, 0x457f5362);
-	&data_word(0xe07764b1, 0x84ae6bbb, 0x1ca081fe, 0x942b08f9);
-	&data_word(0x58684870, 0x19fd458f, 0x876cde94, 0xb7f87b52);
-	&data_word(0x23d373ab, 0xe2024b72, 0x578f1fe3, 0x2aab5566);
-	&data_word(0x0728ebb2, 0x03c2b52f, 0x9a7bc586, 0xa50837d3);
-	&data_word(0xf2872830, 0xb2a5bf23, 0xba6a0302, 0x5c8216ed);
-	&data_word(0x2b1ccf8a, 0x92b479a7, 0xf0f207f3, 0xa1e2694e);
-	&data_word(0xcdf4da65, 0xd5be0506, 0x1f6234d1, 0x8afea6c4);
-	&data_word(0x9d532e34, 0xa055f3a2, 0x32e18a05, 0x75ebf6a4);
-	&data_word(0x39ec830b, 0xaaef6040, 0x069f715e, 0x51106ebd);
-	&data_word(0xf98a213e, 0x3d06dd96, 0xae053edd, 0x46bde64d);
-	&data_word(0xb58d5491, 0x055dc471, 0x6fd40604, 0xff155060);
-	&data_word(0x24fb9819, 0x97e9bdd6, 0xcc434089, 0x779ed967);
-	&data_word(0xbd42e8b0, 0x888b8907, 0x385b19e7, 0xdbeec879);
-	&data_word(0x470a7ca1, 0xe90f427c, 0xc91e84f8, 0x00000000);
-	&data_word(0x83868009, 0x48ed2b32, 0xac70111e, 0x4e725a6c);
-	&data_word(0xfbff0efd, 0x5638850f, 0x1ed5ae3d, 0x27392d36);
-	&data_word(0x64d90f0a, 0x21a65c68, 0xd1545b9b, 0x3a2e3624);
-	&data_word(0xb1670a0c, 0x0fe75793, 0xd296eeb4, 0x9e919b1b);
-	&data_word(0x4fc5c080, 0xa220dc61, 0x694b775a, 0x161a121c);
-	&data_word(0x0aba93e2, 0xe52aa0c0, 0x43e0223c, 0x1d171b12);
-	&data_word(0x0b0d090e, 0xadc78bf2, 0xb9a8b62d, 0xc8a91e14);
-	&data_word(0x8519f157, 0x4c0775af, 0xbbdd99ee, 0xfd607fa3);
-	&data_word(0x9f2601f7, 0xbcf5725c, 0xc53b6644, 0x347efb5b);
-	&data_word(0x7629438b, 0xdcc623cb, 0x68fcedb6, 0x63f1e4b8);
-	&data_word(0xcadc31d7, 0x10856342, 0x40229713, 0x2011c684);
-	&data_word(0x7d244a85, 0xf83dbbd2, 0x1132f9ae, 0x6da129c7);
-	&data_word(0x4b2f9e1d, 0xf330b2dc, 0xec52860d, 0xd0e3c177);
-	&data_word(0x6c16b32b, 0x99b970a9, 0xfa489411, 0x2264e947);
-	&data_word(0xc48cfca8, 0x1a3ff0a0, 0xd82c7d56, 0xef903322);
-	&data_word(0xc74e4987, 0xc1d138d9, 0xfea2ca8c, 0x360bd498);
-	&data_word(0xcf81f5a6, 0x28de7aa5, 0x268eb7da, 0xa4bfad3f);
-	&data_word(0xe49d3a2c, 0x0d927850, 0x9bcc5f6a, 0x62467e54);
-	&data_word(0xc2138df6, 0xe8b8d890, 0x5ef7392e, 0xf5afc382);
-	&data_word(0xbe805d9f, 0x7c93d069, 0xa92dd56f, 0xb31225cf);
-	&data_word(0x3b99acc8, 0xa77d1810, 0x6e639ce8, 0x7bbb3bdb);
-	&data_word(0x097826cd, 0xf418596e, 0x01b79aec, 0xa89a4f83);
-	&data_word(0x656e95e6, 0x7ee6ffaa, 0x08cfbc21, 0xe6e815ef);
-	&data_word(0xd99be7ba, 0xce366f4a, 0xd4099fea, 0xd67cb029);
-	&data_word(0xafb2a431, 0x31233f2a, 0x3094a5c6, 0xc066a235);
-	&data_word(0x37bc4e74, 0xa6ca82fc, 0xb0d090e0, 0x15d8a733);
-	&data_word(0x4a9804f1, 0xf7daec41, 0x0e50cd7f, 0x2ff69117);
-	&data_word(0x8dd64d76, 0x4db0ef43, 0x544daacc, 0xdf0496e4);
-	&data_word(0xe3b5d19e, 0x1b886a4c, 0xb81f2cc1, 0x7f516546);
-	&data_word(0x04ea5e9d, 0x5d358c01, 0x737487fa, 0x2e410bfb);
-	&data_word(0x5a1d67b3, 0x52d2db92, 0x335610e9, 0x1347d66d);
-	&data_word(0x8c61d79a, 0x7a0ca137, 0x8e14f859, 0x893c13eb);
-	&data_word(0xee27a9ce, 0x35c961b7, 0xede51ce1, 0x3cb1477a);
-	&data_word(0x59dfd29c, 0x3f73f255, 0x79ce1418, 0xbf37c773);
-	&data_word(0xeacdf753, 0x5baafd5f, 0x146f3ddf, 0x86db4478);
-	&data_word(0x81f3afca, 0x3ec468b9, 0x2c342438, 0x5f40a3c2);
-	&data_word(0x72c31d16, 0x0c25e2bc, 0x8b493c28, 0x41950dff);
-	&data_word(0x7101a839, 0xdeb30c08, 0x9ce4b4d8, 0x90c15664);
-	&data_word(0x6184cb7b, 0x70b632d5, 0x745c6c48, 0x4257b8d0);
-#Td1:
-	&data_word(0xa7f45150, 0x65417e53, 0xa4171ac3, 0x5e273a96);
-	&data_word(0x6bab3bcb, 0x459d1ff1, 0x58faacab, 0x03e34b93);
-	&data_word(0xfa302055, 0x6d76adf6, 0x76cc8891, 0x4c02f525);
-	&data_word(0xd7e54ffc, 0xcb2ac5d7, 0x44352680, 0xa362b58f);
-	&data_word(0x5ab1de49, 0x1bba2567, 0x0eea4598, 0xc0fe5de1);
-	&data_word(0x752fc302, 0xf04c8112, 0x97468da3, 0xf9d36bc6);
-	&data_word(0x5f8f03e7, 0x9c921595, 0x7a6dbfeb, 0x595295da);
-	&data_word(0x83bed42d, 0x217458d3, 0x69e04929, 0xc8c98e44);
-	&data_word(0x89c2756a, 0x798ef478, 0x3e58996b, 0x71b927dd);
-	&data_word(0x4fe1beb6, 0xad88f017, 0xac20c966, 0x3ace7db4);
-	&data_word(0x4adf6318, 0x311ae582, 0x33519760, 0x7f536245);
-	&data_word(0x7764b1e0, 0xae6bbb84, 0xa081fe1c, 0x2b08f994);
-	&data_word(0x68487058, 0xfd458f19, 0x6cde9487, 0xf87b52b7);
-	&data_word(0xd373ab23, 0x024b72e2, 0x8f1fe357, 0xab55662a);
-	&data_word(0x28ebb207, 0xc2b52f03, 0x7bc5869a, 0x0837d3a5);
-	&data_word(0x872830f2, 0xa5bf23b2, 0x6a0302ba, 0x8216ed5c);
-	&data_word(0x1ccf8a2b, 0xb479a792, 0xf207f3f0, 0xe2694ea1);
-	&data_word(0xf4da65cd, 0xbe0506d5, 0x6234d11f, 0xfea6c48a);
-	&data_word(0x532e349d, 0x55f3a2a0, 0xe18a0532, 0xebf6a475);
-	&data_word(0xec830b39, 0xef6040aa, 0x9f715e06, 0x106ebd51);
-	&data_word(0x8a213ef9, 0x06dd963d, 0x053eddae, 0xbde64d46);
-	&data_word(0x8d5491b5, 0x5dc47105, 0xd406046f, 0x155060ff);
-	&data_word(0xfb981924, 0xe9bdd697, 0x434089cc, 0x9ed96777);
-	&data_word(0x42e8b0bd, 0x8b890788, 0x5b19e738, 0xeec879db);
-	&data_word(0x0a7ca147, 0x0f427ce9, 0x1e84f8c9, 0x00000000);
-	&data_word(0x86800983, 0xed2b3248, 0x70111eac, 0x725a6c4e);
-	&data_word(0xff0efdfb, 0x38850f56, 0xd5ae3d1e, 0x392d3627);
-	&data_word(0xd90f0a64, 0xa65c6821, 0x545b9bd1, 0x2e36243a);
-	&data_word(0x670a0cb1, 0xe757930f, 0x96eeb4d2, 0x919b1b9e);
-	&data_word(0xc5c0804f, 0x20dc61a2, 0x4b775a69, 0x1a121c16);
-	&data_word(0xba93e20a, 0x2aa0c0e5, 0xe0223c43, 0x171b121d);
-	&data_word(0x0d090e0b, 0xc78bf2ad, 0xa8b62db9, 0xa91e14c8);
-	&data_word(0x19f15785, 0x0775af4c, 0xdd99eebb, 0x607fa3fd);
-	&data_word(0x2601f79f, 0xf5725cbc, 0x3b6644c5, 0x7efb5b34);
-	&data_word(0x29438b76, 0xc623cbdc, 0xfcedb668, 0xf1e4b863);
-	&data_word(0xdc31d7ca, 0x85634210, 0x22971340, 0x11c68420);
-	&data_word(0x244a857d, 0x3dbbd2f8, 0x32f9ae11, 0xa129c76d);
-	&data_word(0x2f9e1d4b, 0x30b2dcf3, 0x52860dec, 0xe3c177d0);
-	&data_word(0x16b32b6c, 0xb970a999, 0x489411fa, 0x64e94722);
-	&data_word(0x8cfca8c4, 0x3ff0a01a, 0x2c7d56d8, 0x903322ef);
-	&data_word(0x4e4987c7, 0xd138d9c1, 0xa2ca8cfe, 0x0bd49836);
-	&data_word(0x81f5a6cf, 0xde7aa528, 0x8eb7da26, 0xbfad3fa4);
-	&data_word(0x9d3a2ce4, 0x9278500d, 0xcc5f6a9b, 0x467e5462);
-	&data_word(0x138df6c2, 0xb8d890e8, 0xf7392e5e, 0xafc382f5);
-	&data_word(0x805d9fbe, 0x93d0697c, 0x2dd56fa9, 0x1225cfb3);
-	&data_word(0x99acc83b, 0x7d1810a7, 0x639ce86e, 0xbb3bdb7b);
-	&data_word(0x7826cd09, 0x18596ef4, 0xb79aec01, 0x9a4f83a8);
-	&data_word(0x6e95e665, 0xe6ffaa7e, 0xcfbc2108, 0xe815efe6);
-	&data_word(0x9be7bad9, 0x366f4ace, 0x099fead4, 0x7cb029d6);
-	&data_word(0xb2a431af, 0x233f2a31, 0x94a5c630, 0x66a235c0);
-	&data_word(0xbc4e7437, 0xca82fca6, 0xd090e0b0, 0xd8a73315);
-	&data_word(0x9804f14a, 0xdaec41f7, 0x50cd7f0e, 0xf691172f);
-	&data_word(0xd64d768d, 0xb0ef434d, 0x4daacc54, 0x0496e4df);
-	&data_word(0xb5d19ee3, 0x886a4c1b, 0x1f2cc1b8, 0x5165467f);
-	&data_word(0xea5e9d04, 0x358c015d, 0x7487fa73, 0x410bfb2e);
-	&data_word(0x1d67b35a, 0xd2db9252, 0x5610e933, 0x47d66d13);
-	&data_word(0x61d79a8c, 0x0ca1377a, 0x14f8598e, 0x3c13eb89);
-	&data_word(0x27a9ceee, 0xc961b735, 0xe51ce1ed, 0xb1477a3c);
-	&data_word(0xdfd29c59, 0x73f2553f, 0xce141879, 0x37c773bf);
-	&data_word(0xcdf753ea, 0xaafd5f5b, 0x6f3ddf14, 0xdb447886);
-	&data_word(0xf3afca81, 0xc468b93e, 0x3424382c, 0x40a3c25f);
-	&data_word(0xc31d1672, 0x25e2bc0c, 0x493c288b, 0x950dff41);
-	&data_word(0x01a83971, 0xb30c08de, 0xe4b4d89c, 0xc1566490);
-	&data_word(0x84cb7b61, 0xb632d570, 0x5c6c4874, 0x57b8d042);
-#Td2:
-	&data_word(0xf45150a7, 0x417e5365, 0x171ac3a4, 0x273a965e);
-	&data_word(0xab3bcb6b, 0x9d1ff145, 0xfaacab58, 0xe34b9303);
-	&data_word(0x302055fa, 0x76adf66d, 0xcc889176, 0x02f5254c);
-	&data_word(0xe54ffcd7, 0x2ac5d7cb, 0x35268044, 0x62b58fa3);
-	&data_word(0xb1de495a, 0xba25671b, 0xea45980e, 0xfe5de1c0);
-	&data_word(0x2fc30275, 0x4c8112f0, 0x468da397, 0xd36bc6f9);
-	&data_word(0x8f03e75f, 0x9215959c, 0x6dbfeb7a, 0x5295da59);
-	&data_word(0xbed42d83, 0x7458d321, 0xe0492969, 0xc98e44c8);
-	&data_word(0xc2756a89, 0x8ef47879, 0x58996b3e, 0xb927dd71);
-	&data_word(0xe1beb64f, 0x88f017ad, 0x20c966ac, 0xce7db43a);
-	&data_word(0xdf63184a, 0x1ae58231, 0x51976033, 0x5362457f);
-	&data_word(0x64b1e077, 0x6bbb84ae, 0x81fe1ca0, 0x08f9942b);
-	&data_word(0x48705868, 0x458f19fd, 0xde94876c, 0x7b52b7f8);
-	&data_word(0x73ab23d3, 0x4b72e202, 0x1fe3578f, 0x55662aab);
-	&data_word(0xebb20728, 0xb52f03c2, 0xc5869a7b, 0x37d3a508);
-	&data_word(0x2830f287, 0xbf23b2a5, 0x0302ba6a, 0x16ed5c82);
-	&data_word(0xcf8a2b1c, 0x79a792b4, 0x07f3f0f2, 0x694ea1e2);
-	&data_word(0xda65cdf4, 0x0506d5be, 0x34d11f62, 0xa6c48afe);
-	&data_word(0x2e349d53, 0xf3a2a055, 0x8a0532e1, 0xf6a475eb);
-	&data_word(0x830b39ec, 0x6040aaef, 0x715e069f, 0x6ebd5110);
-	&data_word(0x213ef98a, 0xdd963d06, 0x3eddae05, 0xe64d46bd);
-	&data_word(0x5491b58d, 0xc471055d, 0x06046fd4, 0x5060ff15);
-	&data_word(0x981924fb, 0xbdd697e9, 0x4089cc43, 0xd967779e);
-	&data_word(0xe8b0bd42, 0x8907888b, 0x19e7385b, 0xc879dbee);
-	&data_word(0x7ca1470a, 0x427ce90f, 0x84f8c91e, 0x00000000);
-	&data_word(0x80098386, 0x2b3248ed, 0x111eac70, 0x5a6c4e72);
-	&data_word(0x0efdfbff, 0x850f5638, 0xae3d1ed5, 0x2d362739);
-	&data_word(0x0f0a64d9, 0x5c6821a6, 0x5b9bd154, 0x36243a2e);
-	&data_word(0x0a0cb167, 0x57930fe7, 0xeeb4d296, 0x9b1b9e91);
-	&data_word(0xc0804fc5, 0xdc61a220, 0x775a694b, 0x121c161a);
-	&data_word(0x93e20aba, 0xa0c0e52a, 0x223c43e0, 0x1b121d17);
-	&data_word(0x090e0b0d, 0x8bf2adc7, 0xb62db9a8, 0x1e14c8a9);
-	&data_word(0xf1578519, 0x75af4c07, 0x99eebbdd, 0x7fa3fd60);
-	&data_word(0x01f79f26, 0x725cbcf5, 0x6644c53b, 0xfb5b347e);
-	&data_word(0x438b7629, 0x23cbdcc6, 0xedb668fc, 0xe4b863f1);
-	&data_word(0x31d7cadc, 0x63421085, 0x97134022, 0xc6842011);
-	&data_word(0x4a857d24, 0xbbd2f83d, 0xf9ae1132, 0x29c76da1);
-	&data_word(0x9e1d4b2f, 0xb2dcf330, 0x860dec52, 0xc177d0e3);
-	&data_word(0xb32b6c16, 0x70a999b9, 0x9411fa48, 0xe9472264);
-	&data_word(0xfca8c48c, 0xf0a01a3f, 0x7d56d82c, 0x3322ef90);
-	&data_word(0x4987c74e, 0x38d9c1d1, 0xca8cfea2, 0xd498360b);
-	&data_word(0xf5a6cf81, 0x7aa528de, 0xb7da268e, 0xad3fa4bf);
-	&data_word(0x3a2ce49d, 0x78500d92, 0x5f6a9bcc, 0x7e546246);
-	&data_word(0x8df6c213, 0xd890e8b8, 0x392e5ef7, 0xc382f5af);
-	&data_word(0x5d9fbe80, 0xd0697c93, 0xd56fa92d, 0x25cfb312);
-	&data_word(0xacc83b99, 0x1810a77d, 0x9ce86e63, 0x3bdb7bbb);
-	&data_word(0x26cd0978, 0x596ef418, 0x9aec01b7, 0x4f83a89a);
-	&data_word(0x95e6656e, 0xffaa7ee6, 0xbc2108cf, 0x15efe6e8);
-	&data_word(0xe7bad99b, 0x6f4ace36, 0x9fead409, 0xb029d67c);
-	&data_word(0xa431afb2, 0x3f2a3123, 0xa5c63094, 0xa235c066);
-	&data_word(0x4e7437bc, 0x82fca6ca, 0x90e0b0d0, 0xa73315d8);
-	&data_word(0x04f14a98, 0xec41f7da, 0xcd7f0e50, 0x91172ff6);
-	&data_word(0x4d768dd6, 0xef434db0, 0xaacc544d, 0x96e4df04);
-	&data_word(0xd19ee3b5, 0x6a4c1b88, 0x2cc1b81f, 0x65467f51);
-	&data_word(0x5e9d04ea, 0x8c015d35, 0x87fa7374, 0x0bfb2e41);
-	&data_word(0x67b35a1d, 0xdb9252d2, 0x10e93356, 0xd66d1347);
-	&data_word(0xd79a8c61, 0xa1377a0c, 0xf8598e14, 0x13eb893c);
-	&data_word(0xa9ceee27, 0x61b735c9, 0x1ce1ede5, 0x477a3cb1);
-	&data_word(0xd29c59df, 0xf2553f73, 0x141879ce, 0xc773bf37);
-	&data_word(0xf753eacd, 0xfd5f5baa, 0x3ddf146f, 0x447886db);
-	&data_word(0xafca81f3, 0x68b93ec4, 0x24382c34, 0xa3c25f40);
-	&data_word(0x1d1672c3, 0xe2bc0c25, 0x3c288b49, 0x0dff4195);
-	&data_word(0xa8397101, 0x0c08deb3, 0xb4d89ce4, 0x566490c1);
-	&data_word(0xcb7b6184, 0x32d570b6, 0x6c48745c, 0xb8d04257);
-#Td3:
-	&data_word(0x5150a7f4, 0x7e536541, 0x1ac3a417, 0x3a965e27);
-	&data_word(0x3bcb6bab, 0x1ff1459d, 0xacab58fa, 0x4b9303e3);
-	&data_word(0x2055fa30, 0xadf66d76, 0x889176cc, 0xf5254c02);
-	&data_word(0x4ffcd7e5, 0xc5d7cb2a, 0x26804435, 0xb58fa362);
-	&data_word(0xde495ab1, 0x25671bba, 0x45980eea, 0x5de1c0fe);
-	&data_word(0xc302752f, 0x8112f04c, 0x8da39746, 0x6bc6f9d3);
-	&data_word(0x03e75f8f, 0x15959c92, 0xbfeb7a6d, 0x95da5952);
-	&data_word(0xd42d83be, 0x58d32174, 0x492969e0, 0x8e44c8c9);
-	&data_word(0x756a89c2, 0xf478798e, 0x996b3e58, 0x27dd71b9);
-	&data_word(0xbeb64fe1, 0xf017ad88, 0xc966ac20, 0x7db43ace);
-	&data_word(0x63184adf, 0xe582311a, 0x97603351, 0x62457f53);
-	&data_word(0xb1e07764, 0xbb84ae6b, 0xfe1ca081, 0xf9942b08);
-	&data_word(0x70586848, 0x8f19fd45, 0x94876cde, 0x52b7f87b);
-	&data_word(0xab23d373, 0x72e2024b, 0xe3578f1f, 0x662aab55);
-	&data_word(0xb20728eb, 0x2f03c2b5, 0x869a7bc5, 0xd3a50837);
-	&data_word(0x30f28728, 0x23b2a5bf, 0x02ba6a03, 0xed5c8216);
-	&data_word(0x8a2b1ccf, 0xa792b479, 0xf3f0f207, 0x4ea1e269);
-	&data_word(0x65cdf4da, 0x06d5be05, 0xd11f6234, 0xc48afea6);
-	&data_word(0x349d532e, 0xa2a055f3, 0x0532e18a, 0xa475ebf6);
-	&data_word(0x0b39ec83, 0x40aaef60, 0x5e069f71, 0xbd51106e);
-	&data_word(0x3ef98a21, 0x963d06dd, 0xddae053e, 0x4d46bde6);
-	&data_word(0x91b58d54, 0x71055dc4, 0x046fd406, 0x60ff1550);
-	&data_word(0x1924fb98, 0xd697e9bd, 0x89cc4340, 0x67779ed9);
-	&data_word(0xb0bd42e8, 0x07888b89, 0xe7385b19, 0x79dbeec8);
-	&data_word(0xa1470a7c, 0x7ce90f42, 0xf8c91e84, 0x00000000);
-	&data_word(0x09838680, 0x3248ed2b, 0x1eac7011, 0x6c4e725a);
-	&data_word(0xfdfbff0e, 0x0f563885, 0x3d1ed5ae, 0x3627392d);
-	&data_word(0x0a64d90f, 0x6821a65c, 0x9bd1545b, 0x243a2e36);
-	&data_word(0x0cb1670a, 0x930fe757, 0xb4d296ee, 0x1b9e919b);
-	&data_word(0x804fc5c0, 0x61a220dc, 0x5a694b77, 0x1c161a12);
-	&data_word(0xe20aba93, 0xc0e52aa0, 0x3c43e022, 0x121d171b);
-	&data_word(0x0e0b0d09, 0xf2adc78b, 0x2db9a8b6, 0x14c8a91e);
-	&data_word(0x578519f1, 0xaf4c0775, 0xeebbdd99, 0xa3fd607f);
-	&data_word(0xf79f2601, 0x5cbcf572, 0x44c53b66, 0x5b347efb);
-	&data_word(0x8b762943, 0xcbdcc623, 0xb668fced, 0xb863f1e4);
-	&data_word(0xd7cadc31, 0x42108563, 0x13402297, 0x842011c6);
-	&data_word(0x857d244a, 0xd2f83dbb, 0xae1132f9, 0xc76da129);
-	&data_word(0x1d4b2f9e, 0xdcf330b2, 0x0dec5286, 0x77d0e3c1);
-	&data_word(0x2b6c16b3, 0xa999b970, 0x11fa4894, 0x472264e9);
-	&data_word(0xa8c48cfc, 0xa01a3ff0, 0x56d82c7d, 0x22ef9033);
-	&data_word(0x87c74e49, 0xd9c1d138, 0x8cfea2ca, 0x98360bd4);
-	&data_word(0xa6cf81f5, 0xa528de7a, 0xda268eb7, 0x3fa4bfad);
-	&data_word(0x2ce49d3a, 0x500d9278, 0x6a9bcc5f, 0x5462467e);
-	&data_word(0xf6c2138d, 0x90e8b8d8, 0x2e5ef739, 0x82f5afc3);
-	&data_word(0x9fbe805d, 0x697c93d0, 0x6fa92dd5, 0xcfb31225);
-	&data_word(0xc83b99ac, 0x10a77d18, 0xe86e639c, 0xdb7bbb3b);
-	&data_word(0xcd097826, 0x6ef41859, 0xec01b79a, 0x83a89a4f);
-	&data_word(0xe6656e95, 0xaa7ee6ff, 0x2108cfbc, 0xefe6e815);
-	&data_word(0xbad99be7, 0x4ace366f, 0xead4099f, 0x29d67cb0);
-	&data_word(0x31afb2a4, 0x2a31233f, 0xc63094a5, 0x35c066a2);
-	&data_word(0x7437bc4e, 0xfca6ca82, 0xe0b0d090, 0x3315d8a7);
-	&data_word(0xf14a9804, 0x41f7daec, 0x7f0e50cd, 0x172ff691);
-	&data_word(0x768dd64d, 0x434db0ef, 0xcc544daa, 0xe4df0496);
-	&data_word(0x9ee3b5d1, 0x4c1b886a, 0xc1b81f2c, 0x467f5165);
-	&data_word(0x9d04ea5e, 0x015d358c, 0xfa737487, 0xfb2e410b);
-	&data_word(0xb35a1d67, 0x9252d2db, 0xe9335610, 0x6d1347d6);
-	&data_word(0x9a8c61d7, 0x377a0ca1, 0x598e14f8, 0xeb893c13);
-	&data_word(0xceee27a9, 0xb735c961, 0xe1ede51c, 0x7a3cb147);
-	&data_word(0x9c59dfd2, 0x553f73f2, 0x1879ce14, 0x73bf37c7);
-	&data_word(0x53eacdf7, 0x5f5baafd, 0xdf146f3d, 0x7886db44);
-	&data_word(0xca81f3af, 0xb93ec468, 0x382c3424, 0xc25f40a3);
-	&data_word(0x1672c31d, 0xbc0c25e2, 0x288b493c, 0xff41950d);
-	&data_word(0x397101a8, 0x08deb30c, 0xd89ce4b4, 0x6490c156);
-	&data_word(0x7b6184cb, 0xd570b632, 0x48745c6c, 0xd04257b8);
-#Td4:
-	&data_word(0x52525252, 0x09090909, 0x6a6a6a6a, 0xd5d5d5d5);
-	&data_word(0x30303030, 0x36363636, 0xa5a5a5a5, 0x38383838);
-	&data_word(0xbfbfbfbf, 0x40404040, 0xa3a3a3a3, 0x9e9e9e9e);
-	&data_word(0x81818181, 0xf3f3f3f3, 0xd7d7d7d7, 0xfbfbfbfb);
-	&data_word(0x7c7c7c7c, 0xe3e3e3e3, 0x39393939, 0x82828282);
-	&data_word(0x9b9b9b9b, 0x2f2f2f2f, 0xffffffff, 0x87878787);
-	&data_word(0x34343434, 0x8e8e8e8e, 0x43434343, 0x44444444);
-	&data_word(0xc4c4c4c4, 0xdededede, 0xe9e9e9e9, 0xcbcbcbcb);
-	&data_word(0x54545454, 0x7b7b7b7b, 0x94949494, 0x32323232);
-	&data_word(0xa6a6a6a6, 0xc2c2c2c2, 0x23232323, 0x3d3d3d3d);
-	&data_word(0xeeeeeeee, 0x4c4c4c4c, 0x95959595, 0x0b0b0b0b);
-	&data_word(0x42424242, 0xfafafafa, 0xc3c3c3c3, 0x4e4e4e4e);
-	&data_word(0x08080808, 0x2e2e2e2e, 0xa1a1a1a1, 0x66666666);
-	&data_word(0x28282828, 0xd9d9d9d9, 0x24242424, 0xb2b2b2b2);
-	&data_word(0x76767676, 0x5b5b5b5b, 0xa2a2a2a2, 0x49494949);
-	&data_word(0x6d6d6d6d, 0x8b8b8b8b, 0xd1d1d1d1, 0x25252525);
-	&data_word(0x72727272, 0xf8f8f8f8, 0xf6f6f6f6, 0x64646464);
-	&data_word(0x86868686, 0x68686868, 0x98989898, 0x16161616);
-	&data_word(0xd4d4d4d4, 0xa4a4a4a4, 0x5c5c5c5c, 0xcccccccc);
-	&data_word(0x5d5d5d5d, 0x65656565, 0xb6b6b6b6, 0x92929292);
-	&data_word(0x6c6c6c6c, 0x70707070, 0x48484848, 0x50505050);
-	&data_word(0xfdfdfdfd, 0xedededed, 0xb9b9b9b9, 0xdadadada);
-	&data_word(0x5e5e5e5e, 0x15151515, 0x46464646, 0x57575757);
-	&data_word(0xa7a7a7a7, 0x8d8d8d8d, 0x9d9d9d9d, 0x84848484);
-	&data_word(0x90909090, 0xd8d8d8d8, 0xabababab, 0x00000000);
-	&data_word(0x8c8c8c8c, 0xbcbcbcbc, 0xd3d3d3d3, 0x0a0a0a0a);
-	&data_word(0xf7f7f7f7, 0xe4e4e4e4, 0x58585858, 0x05050505);
-	&data_word(0xb8b8b8b8, 0xb3b3b3b3, 0x45454545, 0x06060606);
-	&data_word(0xd0d0d0d0, 0x2c2c2c2c, 0x1e1e1e1e, 0x8f8f8f8f);
-	&data_word(0xcacacaca, 0x3f3f3f3f, 0x0f0f0f0f, 0x02020202);
-	&data_word(0xc1c1c1c1, 0xafafafaf, 0xbdbdbdbd, 0x03030303);
-	&data_word(0x01010101, 0x13131313, 0x8a8a8a8a, 0x6b6b6b6b);
-	&data_word(0x3a3a3a3a, 0x91919191, 0x11111111, 0x41414141);
-	&data_word(0x4f4f4f4f, 0x67676767, 0xdcdcdcdc, 0xeaeaeaea);
-	&data_word(0x97979797, 0xf2f2f2f2, 0xcfcfcfcf, 0xcececece);
-	&data_word(0xf0f0f0f0, 0xb4b4b4b4, 0xe6e6e6e6, 0x73737373);
-	&data_word(0x96969696, 0xacacacac, 0x74747474, 0x22222222);
-	&data_word(0xe7e7e7e7, 0xadadadad, 0x35353535, 0x85858585);
-	&data_word(0xe2e2e2e2, 0xf9f9f9f9, 0x37373737, 0xe8e8e8e8);
-	&data_word(0x1c1c1c1c, 0x75757575, 0xdfdfdfdf, 0x6e6e6e6e);
-	&data_word(0x47474747, 0xf1f1f1f1, 0x1a1a1a1a, 0x71717171);
-	&data_word(0x1d1d1d1d, 0x29292929, 0xc5c5c5c5, 0x89898989);
-	&data_word(0x6f6f6f6f, 0xb7b7b7b7, 0x62626262, 0x0e0e0e0e);
-	&data_word(0xaaaaaaaa, 0x18181818, 0xbebebebe, 0x1b1b1b1b);
-	&data_word(0xfcfcfcfc, 0x56565656, 0x3e3e3e3e, 0x4b4b4b4b);
-	&data_word(0xc6c6c6c6, 0xd2d2d2d2, 0x79797979, 0x20202020);
-	&data_word(0x9a9a9a9a, 0xdbdbdbdb, 0xc0c0c0c0, 0xfefefefe);
-	&data_word(0x78787878, 0xcdcdcdcd, 0x5a5a5a5a, 0xf4f4f4f4);
-	&data_word(0x1f1f1f1f, 0xdddddddd, 0xa8a8a8a8, 0x33333333);
-	&data_word(0x88888888, 0x07070707, 0xc7c7c7c7, 0x31313131);
-	&data_word(0xb1b1b1b1, 0x12121212, 0x10101010, 0x59595959);
-	&data_word(0x27272727, 0x80808080, 0xecececec, 0x5f5f5f5f);
-	&data_word(0x60606060, 0x51515151, 0x7f7f7f7f, 0xa9a9a9a9);
-	&data_word(0x19191919, 0xb5b5b5b5, 0x4a4a4a4a, 0x0d0d0d0d);
-	&data_word(0x2d2d2d2d, 0xe5e5e5e5, 0x7a7a7a7a, 0x9f9f9f9f);
-	&data_word(0x93939393, 0xc9c9c9c9, 0x9c9c9c9c, 0xefefefef);
-	&data_word(0xa0a0a0a0, 0xe0e0e0e0, 0x3b3b3b3b, 0x4d4d4d4d);
-	&data_word(0xaeaeaeae, 0x2a2a2a2a, 0xf5f5f5f5, 0xb0b0b0b0);
-	&data_word(0xc8c8c8c8, 0xebebebeb, 0xbbbbbbbb, 0x3c3c3c3c);
-	&data_word(0x83838383, 0x53535353, 0x99999999, 0x61616161);
-	&data_word(0x17171717, 0x2b2b2b2b, 0x04040404, 0x7e7e7e7e);
-	&data_word(0xbabababa, 0x77777777, 0xd6d6d6d6, 0x26262626);
-	&data_word(0xe1e1e1e1, 0x69696969, 0x14141414, 0x63636363);
-	&data_word(0x55555555, 0x21212121, 0x0c0c0c0c, 0x7d7d7d7d);
+	&_data_word(0x50a7f451, 0x5365417e, 0xc3a4171a, 0x965e273a);
+	&_data_word(0xcb6bab3b, 0xf1459d1f, 0xab58faac, 0x9303e34b);
+	&_data_word(0x55fa3020, 0xf66d76ad, 0x9176cc88, 0x254c02f5);
+	&_data_word(0xfcd7e54f, 0xd7cb2ac5, 0x80443526, 0x8fa362b5);
+	&_data_word(0x495ab1de, 0x671bba25, 0x980eea45, 0xe1c0fe5d);
+	&_data_word(0x02752fc3, 0x12f04c81, 0xa397468d, 0xc6f9d36b);
+	&_data_word(0xe75f8f03, 0x959c9215, 0xeb7a6dbf, 0xda595295);
+	&_data_word(0x2d83bed4, 0xd3217458, 0x2969e049, 0x44c8c98e);
+	&_data_word(0x6a89c275, 0x78798ef4, 0x6b3e5899, 0xdd71b927);
+	&_data_word(0xb64fe1be, 0x17ad88f0, 0x66ac20c9, 0xb43ace7d);
+	&_data_word(0x184adf63, 0x82311ae5, 0x60335197, 0x457f5362);
+	&_data_word(0xe07764b1, 0x84ae6bbb, 0x1ca081fe, 0x942b08f9);
+	&_data_word(0x58684870, 0x19fd458f, 0x876cde94, 0xb7f87b52);
+	&_data_word(0x23d373ab, 0xe2024b72, 0x578f1fe3, 0x2aab5566);
+	&_data_word(0x0728ebb2, 0x03c2b52f, 0x9a7bc586, 0xa50837d3);
+	&_data_word(0xf2872830, 0xb2a5bf23, 0xba6a0302, 0x5c8216ed);
+	&_data_word(0x2b1ccf8a, 0x92b479a7, 0xf0f207f3, 0xa1e2694e);
+	&_data_word(0xcdf4da65, 0xd5be0506, 0x1f6234d1, 0x8afea6c4);
+	&_data_word(0x9d532e34, 0xa055f3a2, 0x32e18a05, 0x75ebf6a4);
+	&_data_word(0x39ec830b, 0xaaef6040, 0x069f715e, 0x51106ebd);
+	&_data_word(0xf98a213e, 0x3d06dd96, 0xae053edd, 0x46bde64d);
+	&_data_word(0xb58d5491, 0x055dc471, 0x6fd40604, 0xff155060);
+	&_data_word(0x24fb9819, 0x97e9bdd6, 0xcc434089, 0x779ed967);
+	&_data_word(0xbd42e8b0, 0x888b8907, 0x385b19e7, 0xdbeec879);
+	&_data_word(0x470a7ca1, 0xe90f427c, 0xc91e84f8, 0x00000000);
+	&_data_word(0x83868009, 0x48ed2b32, 0xac70111e, 0x4e725a6c);
+	&_data_word(0xfbff0efd, 0x5638850f, 0x1ed5ae3d, 0x27392d36);
+	&_data_word(0x64d90f0a, 0x21a65c68, 0xd1545b9b, 0x3a2e3624);
+	&_data_word(0xb1670a0c, 0x0fe75793, 0xd296eeb4, 0x9e919b1b);
+	&_data_word(0x4fc5c080, 0xa220dc61, 0x694b775a, 0x161a121c);
+	&_data_word(0x0aba93e2, 0xe52aa0c0, 0x43e0223c, 0x1d171b12);
+	&_data_word(0x0b0d090e, 0xadc78bf2, 0xb9a8b62d, 0xc8a91e14);
+	&_data_word(0x8519f157, 0x4c0775af, 0xbbdd99ee, 0xfd607fa3);
+	&_data_word(0x9f2601f7, 0xbcf5725c, 0xc53b6644, 0x347efb5b);
+	&_data_word(0x7629438b, 0xdcc623cb, 0x68fcedb6, 0x63f1e4b8);
+	&_data_word(0xcadc31d7, 0x10856342, 0x40229713, 0x2011c684);
+	&_data_word(0x7d244a85, 0xf83dbbd2, 0x1132f9ae, 0x6da129c7);
+	&_data_word(0x4b2f9e1d, 0xf330b2dc, 0xec52860d, 0xd0e3c177);
+	&_data_word(0x6c16b32b, 0x99b970a9, 0xfa489411, 0x2264e947);
+	&_data_word(0xc48cfca8, 0x1a3ff0a0, 0xd82c7d56, 0xef903322);
+	&_data_word(0xc74e4987, 0xc1d138d9, 0xfea2ca8c, 0x360bd498);
+	&_data_word(0xcf81f5a6, 0x28de7aa5, 0x268eb7da, 0xa4bfad3f);
+	&_data_word(0xe49d3a2c, 0x0d927850, 0x9bcc5f6a, 0x62467e54);
+	&_data_word(0xc2138df6, 0xe8b8d890, 0x5ef7392e, 0xf5afc382);
+	&_data_word(0xbe805d9f, 0x7c93d069, 0xa92dd56f, 0xb31225cf);
+	&_data_word(0x3b99acc8, 0xa77d1810, 0x6e639ce8, 0x7bbb3bdb);
+	&_data_word(0x097826cd, 0xf418596e, 0x01b79aec, 0xa89a4f83);
+	&_data_word(0x656e95e6, 0x7ee6ffaa, 0x08cfbc21, 0xe6e815ef);
+	&_data_word(0xd99be7ba, 0xce366f4a, 0xd4099fea, 0xd67cb029);
+	&_data_word(0xafb2a431, 0x31233f2a, 0x3094a5c6, 0xc066a235);
+	&_data_word(0x37bc4e74, 0xa6ca82fc, 0xb0d090e0, 0x15d8a733);
+	&_data_word(0x4a9804f1, 0xf7daec41, 0x0e50cd7f, 0x2ff69117);
+	&_data_word(0x8dd64d76, 0x4db0ef43, 0x544daacc, 0xdf0496e4);
+	&_data_word(0xe3b5d19e, 0x1b886a4c, 0xb81f2cc1, 0x7f516546);
+	&_data_word(0x04ea5e9d, 0x5d358c01, 0x737487fa, 0x2e410bfb);
+	&_data_word(0x5a1d67b3, 0x52d2db92, 0x335610e9, 0x1347d66d);
+	&_data_word(0x8c61d79a, 0x7a0ca137, 0x8e14f859, 0x893c13eb);
+	&_data_word(0xee27a9ce, 0x35c961b7, 0xede51ce1, 0x3cb1477a);
+	&_data_word(0x59dfd29c, 0x3f73f255, 0x79ce1418, 0xbf37c773);
+	&_data_word(0xeacdf753, 0x5baafd5f, 0x146f3ddf, 0x86db4478);
+	&_data_word(0x81f3afca, 0x3ec468b9, 0x2c342438, 0x5f40a3c2);
+	&_data_word(0x72c31d16, 0x0c25e2bc, 0x8b493c28, 0x41950dff);
+	&_data_word(0x7101a839, 0xdeb30c08, 0x9ce4b4d8, 0x90c15664);
+	&_data_word(0x6184cb7b, 0x70b632d5, 0x745c6c48, 0x4257b8d0);
+
+#Td4:	# four copies of Td4 to choose from to avoid L1 aliasing
+	&data_byte(0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38);
+	&data_byte(0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb);
+	&data_byte(0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87);
+	&data_byte(0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb);
+	&data_byte(0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d);
+	&data_byte(0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e);
+	&data_byte(0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2);
+	&data_byte(0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25);
+	&data_byte(0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16);
+	&data_byte(0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92);
+	&data_byte(0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda);
+	&data_byte(0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84);
+	&data_byte(0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a);
+	&data_byte(0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06);
+	&data_byte(0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02);
+	&data_byte(0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b);
+	&data_byte(0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea);
+	&data_byte(0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73);
+	&data_byte(0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85);
+	&data_byte(0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e);
+	&data_byte(0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89);
+	&data_byte(0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b);
+	&data_byte(0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20);
+	&data_byte(0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4);
+	&data_byte(0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31);
+	&data_byte(0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f);
+	&data_byte(0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d);
+	&data_byte(0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef);
+	&data_byte(0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0);
+	&data_byte(0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61);
+	&data_byte(0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26);
+	&data_byte(0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d);
+
+	&data_byte(0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38);
+	&data_byte(0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb);
+	&data_byte(0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87);
+	&data_byte(0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb);
+	&data_byte(0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d);
+	&data_byte(0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e);
+	&data_byte(0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2);
+	&data_byte(0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25);
+	&data_byte(0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16);
+	&data_byte(0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92);
+	&data_byte(0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda);
+	&data_byte(0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84);
+	&data_byte(0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a);
+	&data_byte(0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06);
+	&data_byte(0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02);
+	&data_byte(0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b);
+	&data_byte(0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea);
+	&data_byte(0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73);
+	&data_byte(0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85);
+	&data_byte(0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e);
+	&data_byte(0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89);
+	&data_byte(0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b);
+	&data_byte(0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20);
+	&data_byte(0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4);
+	&data_byte(0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31);
+	&data_byte(0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f);
+	&data_byte(0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d);
+	&data_byte(0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef);
+	&data_byte(0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0);
+	&data_byte(0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61);
+	&data_byte(0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26);
+	&data_byte(0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d);
+
+	&data_byte(0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38);
+	&data_byte(0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb);
+	&data_byte(0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87);
+	&data_byte(0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb);
+	&data_byte(0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d);
+	&data_byte(0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e);
+	&data_byte(0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2);
+	&data_byte(0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25);
+	&data_byte(0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16);
+	&data_byte(0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92);
+	&data_byte(0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda);
+	&data_byte(0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84);
+	&data_byte(0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a);
+	&data_byte(0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06);
+	&data_byte(0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02);
+	&data_byte(0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b);
+	&data_byte(0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea);
+	&data_byte(0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73);
+	&data_byte(0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85);
+	&data_byte(0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e);
+	&data_byte(0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89);
+	&data_byte(0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b);
+	&data_byte(0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20);
+	&data_byte(0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4);
+	&data_byte(0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31);
+	&data_byte(0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f);
+	&data_byte(0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d);
+	&data_byte(0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef);
+	&data_byte(0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0);
+	&data_byte(0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61);
+	&data_byte(0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26);
+	&data_byte(0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d);
+
+	&data_byte(0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38);
+	&data_byte(0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb);
+	&data_byte(0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87);
+	&data_byte(0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb);
+	&data_byte(0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d);
+	&data_byte(0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e);
+	&data_byte(0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2);
+	&data_byte(0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25);
+	&data_byte(0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16);
+	&data_byte(0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92);
+	&data_byte(0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda);
+	&data_byte(0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84);
+	&data_byte(0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a);
+	&data_byte(0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06);
+	&data_byte(0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02);
+	&data_byte(0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b);
+	&data_byte(0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea);
+	&data_byte(0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73);
+	&data_byte(0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85);
+	&data_byte(0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e);
+	&data_byte(0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89);
+	&data_byte(0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b);
+	&data_byte(0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20);
+	&data_byte(0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4);
+	&data_byte(0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31);
+	&data_byte(0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f);
+	&data_byte(0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d);
+	&data_byte(0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef);
+	&data_byte(0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0);
+	&data_byte(0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61);
+	&data_byte(0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26);
+	&data_byte(0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d);
 &function_end_B("_x86_AES_decrypt");
 
 # void AES_decrypt (const void *inp,void *out,const AES_KEY *key);
-&public_label("AES_Td");
 &function_begin("AES_decrypt");
 	&mov	($acc,&wparam(0));		# load inp
 	&mov	($key,&wparam(2));		# load key
 
+	&mov	($s0,"esp");
+	&sub	("esp",36);
+	&and	("esp",-64);			# align to cache-line
+
+	# place stack frame just "above" the key schedule
+	&lea	($s1,&DWP(-64-63,$key));
+	&sub	($s1,"esp");
+	&neg	($s1);
+	&and	($s1,0x3C0);	# modulo 1024, but aligned to cache-line
+	&sub	("esp",$s1);
+	&add	("esp",4);	# 4 is reserved for caller's return address
+	&mov	($_esp,$s0);	# save stack pointer
+
 	&call   (&label("pic_point"));          # make it PIC!
 	&set_label("pic_point");
-	&blindpop("ebp");
-	&lea    ("ebp",&DWP(&label("AES_Td")."-".&label("pic_point"),"ebp"));
-
+	&blindpop($tbl);
+	&picmeup($s0,"OPENSSL_ia32cap_P",$tbl,&label("pic_point")) if(!$x86only);
+	&lea    ($tbl,&DWP(&label("AES_Td")."-".&label("pic_point"),$tbl));
+
+	# pick Td4 copy which can't "overlap" with stack frame or key schedule
+	&lea	($s1,&DWP(768-4,"esp"));
+	&sub	($s1,$tbl);
+	&and	($s1,0x300);
+	&lea	($tbl,&DWP(2048+128,$tbl,$s1));
+
+					if (!$x86only) {
+	&bt	(&DWP(0,$s0),25);	# check for SSE bit
+	&jnc	(&label("x86"));
+
+	&movq	("mm0",&QWP(0,$acc));
+	&movq	("mm4",&QWP(8,$acc));
+	&call	("_sse_AES_decrypt_compact");
+	&mov	("esp",$_esp);			# restore stack pointer
+	&mov	($acc,&wparam(1));		# load out
+	&movq	(&QWP(0,$acc),"mm0");		# write output data
+	&movq	(&QWP(8,$acc),"mm4");
+	&emms	();
+	&function_end_A();
+					}
+	&set_label("x86",16);
+	&mov	($_tbl,$tbl);
 	&mov	($s0,&DWP(0,$acc));		# load input data
 	&mov	($s1,&DWP(4,$acc));
 	&mov	($s2,&DWP(8,$acc));
 	&mov	($s3,&DWP(12,$acc));
-
-	&call	("_x86_AES_decrypt");
-
+	&call	("_x86_AES_decrypt_compact");
+	&mov	("esp",$_esp);			# restore stack pointer
 	&mov	($acc,&wparam(1));		# load out
 	&mov	(&DWP(0,$acc),$s0);		# write output data
 	&mov	(&DWP(4,$acc),$s1);
@@ -1225,156 +2006,233 @@ sub declast()
 
 # void AES_cbc_encrypt (const void char *inp, unsigned char *out,
 #			size_t length, const AES_KEY *key,
-#			unsigned char *ivp,const int enc); 
-&public_label("AES_Te");
-&public_label("AES_Td");
+#			unsigned char *ivp,const int enc);
+{
+# stack frame layout
+#             -4(%esp)		# return address	 0(%esp)
+#              0(%esp)		# s0 backing store	 4(%esp)	
+#              4(%esp)		# s1 backing store	 8(%esp)
+#              8(%esp)		# s2 backing store	12(%esp)
+#             12(%esp)		# s3 backing store	16(%esp)
+#             16(%esp)		# key backup		20(%esp)
+#             20(%esp)		# end of key schedule	24(%esp)
+#             24(%esp)		# %ebp backup		28(%esp)
+#             28(%esp)		# %esp backup
+my $_inp=&DWP(32,"esp");	# copy of wparam(0)
+my $_out=&DWP(36,"esp");	# copy of wparam(1)
+my $_len=&DWP(40,"esp");	# copy of wparam(2)
+my $_key=&DWP(44,"esp");	# copy of wparam(3)
+my $_ivp=&DWP(48,"esp");	# copy of wparam(4)
+my $_tmp=&DWP(52,"esp");	# volatile variable
+#
+my $ivec=&DWP(60,"esp");	# ivec[16]
+my $aes_key=&DWP(76,"esp");	# copy of aes_key
+my $mark=&DWP(76+240,"esp");	# copy of aes_key->rounds
+
 &function_begin("AES_cbc_encrypt");
 	&mov	($s2 eq "ecx"? $s2 : "",&wparam(2));	# load len
 	&cmp	($s2,0);
-	&je	(&label("enc_out"));
+	&je	(&label("drop_out"));
 
-	&call   (&label("pic_point"));          # make it PIC!
+	&call   (&label("pic_point"));		# make it PIC!
 	&set_label("pic_point");
-	&blindpop("ebp");
+	&blindpop($tbl);
+	&picmeup($s0,"OPENSSL_ia32cap_P",$tbl,&label("pic_point")) if(!$x86only);
 
 	&cmp	(&wparam(5),0);
-	&je	(&label("DECRYPT"));
+	&lea    ($tbl,&DWP(&label("AES_Te")."-".&label("pic_point"),$tbl));
+	&jne	(&label("picked_te"));
+	&lea	($tbl,&DWP(&label("AES_Td")."-".&label("AES_Te"),$tbl));
+	&set_label("picked_te");
 
-	&lea    ("ebp",&DWP(&label("AES_Te")."-".&label("pic_point"),"ebp"));
-
-	&mov	($acc,&wparam(0));		# load inp
-	&mov	($key,&wparam(4));		# load ivp
-
-	&test	($s2,~15);
-	&jz	(&label("enc_tail"));		# short input...
+	# one can argue if this is required
+	&pushf	();
+	&cld	();
 
+	&cmp	($s2,$speed_limit);
+	&jb	(&label("slow_way"));
+	&test	($s2,15);
+	&jnz	(&label("slow_way"));
+					if (!$x86only) {
+	&bt	(&DWP(0,$s0),28);	# check for hyper-threading bit
+	&jc	(&label("slow_way"));
+					}
+	# pre-allocate aligned stack frame...
+	&lea	($acc,&DWP(-80-244,"esp"));
+	&and	($acc,-64);
+
+	# ... and make sure it doesn't alias with $tbl modulo 4096
+	&mov	($s0,$tbl);
+	&lea	($s1,&DWP(2048+256,$tbl));
+	&mov	($s3,$acc);
+	&and	($s0,0xfff);		# s = %ebp&0xfff
+	&and	($s1,0xfff);		# e = (%ebp+2048+256)&0xfff
+	&and	($s3,0xfff);		# p = %esp&0xfff
+
+	&cmp	($s3,$s1);		# if (p>=e) %esp =- (p-e);
+	&jb	(&label("tbl_break_out"));
+	&sub	($s3,$s1);
+	&sub	($acc,$s3);
+	&jmp	(&label("tbl_ok"));
+	&set_label("tbl_break_out",4);	# else %esp -= (p-s)&0xfff + framesz;
+	&sub	($s3,$s0);
+	&and	($s3,0xfff);
+	&add	($s3,384);
+	&sub	($acc,$s3);
+	&set_label("tbl_ok",4);
+
+	&lea	($s3,&wparam(0));	# obtain pointer to parameter block
+	&exch	("esp",$acc);		# allocate stack frame
+	&add	("esp",4);		# reserve for return address!
+	&mov	($_tbl,$tbl);		# save %ebp
+	&mov	($_esp,$acc);		# save %esp
+
+	&mov	($s0,&DWP(0,$s3));	# load inp
+	&mov	($s1,&DWP(4,$s3));	# load out
+	#&mov	($s2,&DWP(8,$s3));	# load len
+	&mov	($key,&DWP(12,$s3));	# load key
+	&mov	($acc,&DWP(16,$s3));	# load ivp
+	&mov	($s3,&DWP(20,$s3));	# load enc flag
+
+	&mov	($_inp,$s0);		# save copy of inp
+	&mov	($_out,$s1);		# save copy of out
+	&mov	($_len,$s2);		# save copy of len
+	&mov	($_key,$key);		# save copy of key
+	&mov	($_ivp,$acc);		# save copy of ivp
+
+	&mov	($mark,0);		# copy of aes_key->rounds = 0;
+	# do we copy key schedule to stack?
+	&mov	($s1 eq "ebx" ? $s1 : "",$key);
+	&mov	($s2 eq "ecx" ? $s2 : "",244/4);
+	&sub	($s1,$tbl);
+	&mov	("esi",$key);
+	&and	($s1,0xfff);
+	&lea	("edi",$aes_key);
+	&cmp	($s1,2048+256);
+	&jb	(&label("do_copy"));
+	&cmp	($s1,4096-244);
+	&jb	(&label("skip_copy"));
+	&set_label("do_copy",4);
+		&mov	($_key,"edi");
+		&data_word(0xA5F3F689);	# rep movsd
+	&set_label("skip_copy");
+
+	&mov	($key,16);
+	&set_label("prefetch_tbl",4);
+		&mov	($s0,&DWP(0,$tbl));
+		&mov	($s1,&DWP(32,$tbl));
+		&mov	($s2,&DWP(64,$tbl));
+		&mov	($acc,&DWP(96,$tbl));
+		&lea	($tbl,&DWP(128,$tbl));
+		&sub	($key,1);
+	&jnz	(&label("prefetch_tbl"));
+	&sub	($tbl,2048);
+
+	&mov	($acc,$_inp);
+	&mov	($key,$_ivp);
+
+	&cmp	($s3,0);
+	&je	(&label("fast_decrypt"));
+
+#----------------------------- ENCRYPT -----------------------------#
 	&mov	($s0,&DWP(0,$key));		# load iv
 	&mov	($s1,&DWP(4,$key));
 
-	&align	(4);
-	&set_label("enc_loop");
+	&set_label("fast_enc_loop",16);
 		&mov	($s2,&DWP(8,$key));
 		&mov	($s3,&DWP(12,$key));
 
-		&xor	($s0,&DWP(0,$acc));		# xor input data
+		&xor	($s0,&DWP(0,$acc));	# xor input data
 		&xor	($s1,&DWP(4,$acc));
 		&xor	($s2,&DWP(8,$acc));
 		&xor	($s3,&DWP(12,$acc));
 
-		&mov	($key,&wparam(3));		# load key
+		&mov	($key,$_key);		# load key
 		&call	("_x86_AES_encrypt");
 
-		&mov	($acc,&wparam(0));		# load inp
-		&mov	($key,&wparam(1));		# load out
+		&mov	($acc,$_inp);		# load inp
+		&mov	($key,$_out);		# load out
 
-		&mov	(&DWP(0,$key),$s0);		# save output data
+		&mov	(&DWP(0,$key),$s0);	# save output data
 		&mov	(&DWP(4,$key),$s1);
 		&mov	(&DWP(8,$key),$s2);
 		&mov	(&DWP(12,$key),$s3);
 
-		&mov	($s2,&wparam(2));		# load len
-
-		&lea	($acc,&DWP(16,$acc));
-		&mov	(&wparam(0),$acc);		# save inp
-
-		&lea	($s3,&DWP(16,$key));
-		&mov	(&wparam(1),$s3);		# save out
-
-		&sub	($s2,16);
-		&test	($s2,~15);
-		&mov	(&wparam(2),$s2);		# save len
-	&jnz	(&label("enc_loop"));
-	&test	($s2,15);
-	&jnz	(&label("enc_tail"));
-	&mov	($acc,&wparam(4));		# load ivp
-	&mov	($s2,&DWP(8,$key));		# restore last dwords
+		&lea	($acc,&DWP(16,$acc));	# advance inp
+		&mov	($s2,$_len);		# load len
+		&mov	($_inp,$acc);		# save inp
+		&lea	($s3,&DWP(16,$key));	# advance out
+		&mov	($_out,$s3);		# save out
+		&sub	($s2,16);		# decrease len
+		&mov	($_len,$s2);		# save len
+	&jnz	(&label("fast_enc_loop"));
+	&mov	($acc,$_ivp);		# load ivp
+	&mov	($s2,&DWP(8,$key));	# restore last 2 dwords
 	&mov	($s3,&DWP(12,$key));
-	&mov	(&DWP(0,$acc),$s0);		# save iv
+	&mov	(&DWP(0,$acc),$s0);	# save ivec
 	&mov	(&DWP(4,$acc),$s1);
 	&mov	(&DWP(8,$acc),$s2);
 	&mov	(&DWP(12,$acc),$s3);
-    &set_label("enc_out");
-	&function_end_A();
 
-    &align	(4);
-    &set_label("enc_tail");
-	&push	($key eq "edi" ? $key : "");	# push ivp
-	&pushf	();
-	&mov	($key,&wparam(1));		# load out
-	&mov	($s1,16);
-	&sub	($s1,$s2);
-	&cmp	($key,$acc);			# compare with inp
-	&je	(&label("enc_in_place"));
-	&data_word(0x90A4F3FC);	# cld; rep movsb; nop	# copy input
-	&jmp	(&label("enc_skip_in_place"));
-    &set_label("enc_in_place");
-	&lea	($key,&DWP(0,$key,$s2));
-    &set_label("enc_skip_in_place");
-	&mov	($s2,$s1);
-	&xor	($s0,$s0);
-	&data_word(0x90AAF3FC);	# cld; rep stosb; nop	# zero tail
+	&cmp	($mark,0);		# was the key schedule copied?
+	&mov	("edi",$_key);
+	&je	(&label("skip_ezero"));
+	# zero copy of key schedule
+	&mov	("ecx",240/4);
+	&xor	("eax","eax");
+	&align	(4);
+	&data_word(0xABF3F689);	# rep stosd
+	&set_label("skip_ezero")
+	&mov	("esp",$_esp);
 	&popf	();
-	&pop	($key);				# pop ivp
-
-	&mov	($acc,&wparam(1));		# output as input
-	&mov	($s0,&DWP(0,$key));
-	&mov	($s1,&DWP(4,$key));
-	&mov	(&wparam(2),16);		# len=16
-	&jmp	(&label("enc_loop"));		# one more spin...
+    &set_label("drop_out");
+	&function_end_A();
+	&pushf	();			# kludge, never executed
 
 #----------------------------- DECRYPT -----------------------------#
-&align	(4);
-&set_label("DECRYPT");
-    &stack_push(5);				# allocate temp + ivp
+&set_label("fast_decrypt",16);
 
-	&lea    ("ebp",&DWP(&label("AES_Td")."-".&label("pic_point"),"ebp"));
+	&cmp	($acc,$_out);
+	&je	(&label("fast_dec_in_place"));	# in-place processing...
 
-	&mov	($acc,&wparam(0));		# load inp
-	&cmp	($acc,&wparam(1));
-	&je	(&label("dec_in_place"));	# in-place processing...
-
-	&mov	($key,&wparam(4));		# load ivp
-	&mov	(&swtmp(4),$key);
+	&mov	($_tmp,$key);
 
 	&align	(4);
-	&set_label("dec_loop");
-		&mov	($s0,&DWP(0,$acc));		# read input
+	&set_label("fast_dec_loop",16);
+		&mov	($s0,&DWP(0,$acc));	# read input
 		&mov	($s1,&DWP(4,$acc));
 		&mov	($s2,&DWP(8,$acc));
 		&mov	($s3,&DWP(12,$acc));
 
-		&mov	($key,&wparam(3));		# load key
+		&mov	($key,$_key);		# load key
 		&call	("_x86_AES_decrypt");
 
-		&mov	($key,&swtmp(4));		# load ivp
-		&mov	($acc,&wparam(2));		# load len
-		&xor	($s0,&DWP(0,$key));		# xor iv
+		&mov	($key,$_tmp);		# load ivp
+		&mov	($acc,$_len);		# load len
+		&xor	($s0,&DWP(0,$key));	# xor iv
 		&xor	($s1,&DWP(4,$key));
 		&xor	($s2,&DWP(8,$key));
 		&xor	($s3,&DWP(12,$key));
 
-		&sub	($acc,16);
-		&jc	(&label("dec_partial"));
-		&mov	(&wparam(2),$acc);		# save len
-		&mov	($acc,&wparam(0));		# load inp
-		&mov	($key,&wparam(1));		# load out
+		&mov	($key,$_out);		# load out
+		&mov	($acc,$_inp);		# load inp
 
-		&mov	(&DWP(0,$key),$s0);		# write output
+		&mov	(&DWP(0,$key),$s0);	# write output
 		&mov	(&DWP(4,$key),$s1);
 		&mov	(&DWP(8,$key),$s2);
 		&mov	(&DWP(12,$key),$s3);
 
-		&mov	(&swtmp(4),$acc);		# save ivp
-		&lea	($acc,&DWP(16,$acc));
-		&mov	(&wparam(0),$acc);		# save inp
-
-		&lea	($key,&DWP(16,$key));
-		&mov	(&wparam(1),$key);		# save out
-
-	&jnz	(&label("dec_loop"));
-	&mov	($key,&swtmp(4));	# load temp ivp
-    &set_label("dec_end");
-	&mov	($acc,&wparam(4));	# load user ivp
+		&mov	($s2,$_len);		# load len
+		&mov	($_tmp,$acc);		# save ivp
+		&lea	($acc,&DWP(16,$acc));	# advance inp
+		&mov	($_inp,$acc);		# save inp
+		&lea	($key,&DWP(16,$key));	# advance out
+		&mov	($_out,$key);		# save out
+		&sub	($s2,16);		# decrease len
+		&mov	($_len,$s2);		# save len
+	&jnz	(&label("fast_dec_loop"));
+	&mov	($key,$_tmp);		# load temp ivp
+	&mov	($acc,$_ivp);		# load user ivp
 	&mov	($s0,&DWP(0,$key));	# load iv
 	&mov	($s1,&DWP(4,$key));
 	&mov	($s2,&DWP(8,$key));
@@ -1383,130 +2241,418 @@ sub declast()
 	&mov	(&DWP(4,$acc),$s1);
 	&mov	(&DWP(8,$acc),$s2);
 	&mov	(&DWP(12,$acc),$s3);
-	&jmp	(&label("dec_out"));
+	&jmp	(&label("fast_dec_out"));
 
-    &align	(4);
-    &set_label("dec_partial");
-	&lea	($key,&swtmp(0));
-	&mov	(&DWP(0,$key),$s0);	# dump output to stack
-	&mov	(&DWP(4,$key),$s1);
-	&mov	(&DWP(8,$key),$s2);
-	&mov	(&DWP(12,$key),$s3);
-	&lea	($s2 eq "ecx" ? $s2 : "",&DWP(16,$acc));
-	&mov	($acc eq "esi" ? $acc : "",$key);
-	&mov	($key eq "edi" ? $key : "",&wparam(1));
-	&pushf	();
-	&data_word(0x90A4F3FC);	# cld; rep movsb; nop	# copy output
-	&popf	();
-	&mov	($key,&wparam(0));	# load temp ivp
-	&jmp	(&label("dec_end"));
-
-    &align	(4);
-    &set_label("dec_in_place");
-	&set_label("dec_in_place_loop");
-		&lea	($key,&swtmp(0));
-		&mov	($s0,&DWP(0,$acc));		# read input
+    &set_label("fast_dec_in_place",16);
+	&set_label("fast_dec_in_place_loop");
+		&mov	($s0,&DWP(0,$acc));	# read input
 		&mov	($s1,&DWP(4,$acc));
 		&mov	($s2,&DWP(8,$acc));
 		&mov	($s3,&DWP(12,$acc));
 
-		&mov	(&DWP(0,$key),$s0);		# copy to temp
+		&lea	($key,$ivec);
+		&mov	(&DWP(0,$key),$s0);	# copy to temp
 		&mov	(&DWP(4,$key),$s1);
 		&mov	(&DWP(8,$key),$s2);
 		&mov	(&DWP(12,$key),$s3);
 
-		&mov	($key,&wparam(3));		# load key
+		&mov	($key,$_key);		# load key
 		&call	("_x86_AES_decrypt");
 
-		&mov	($key,&wparam(4));		# load ivp
-		&mov	($acc,&wparam(1));		# load out
-		&xor	($s0,&DWP(0,$key));		# xor iv
+		&mov	($key,$_ivp);		# load ivp
+		&mov	($acc,$_out);		# load out
+		&xor	($s0,&DWP(0,$key));	# xor iv
 		&xor	($s1,&DWP(4,$key));
 		&xor	($s2,&DWP(8,$key));
 		&xor	($s3,&DWP(12,$key));
 
-		&mov	(&DWP(0,$acc),$s0);		# write output
+		&mov	(&DWP(0,$acc),$s0);	# write output
 		&mov	(&DWP(4,$acc),$s1);
 		&mov	(&DWP(8,$acc),$s2);
 		&mov	(&DWP(12,$acc),$s3);
 
-		&lea	($acc,&DWP(16,$acc));
-		&mov	(&wparam(1),$acc);		# save out
+		&lea	($acc,&DWP(16,$acc));	# advance out
+		&mov	($_out,$acc);		# save out
 
-		&lea	($acc,&swtmp(0));
-		&mov	($s0,&DWP(0,$acc));		# read temp
+		&lea	($acc,$ivec);
+		&mov	($s0,&DWP(0,$acc));	# read temp
 		&mov	($s1,&DWP(4,$acc));
 		&mov	($s2,&DWP(8,$acc));
 		&mov	($s3,&DWP(12,$acc));
 
-		&mov	(&DWP(0,$key),$s0);		# copy iv
+		&mov	(&DWP(0,$key),$s0);	# copy iv
 		&mov	(&DWP(4,$key),$s1);
 		&mov	(&DWP(8,$key),$s2);
 		&mov	(&DWP(12,$key),$s3);
 
-		&mov	($acc,&wparam(0));		# load inp
+		&mov	($acc,$_inp);		# load inp
+		&mov	($s2,$_len);		# load len
+		&lea	($acc,&DWP(16,$acc));	# advance inp
+		&mov	($_inp,$acc);		# save inp
+		&sub	($s2,16);		# decrease len
+		&mov	($_len,$s2);		# save len
+	&jnz	(&label("fast_dec_in_place_loop"));
+
+    &set_label("fast_dec_out",4);
+	&cmp	($mark,0);		# was the key schedule copied?
+	&mov	("edi",$_key);
+	&je	(&label("skip_dzero"));
+	# zero copy of key schedule
+	&mov	("ecx",240/4);
+	&xor	("eax","eax");
+	&align	(4);
+	&data_word(0xABF3F689);	# rep stosd
+	&set_label("skip_dzero")
+	&mov	("esp",$_esp);
+	&popf	();
+	&function_end_A();
+	&pushf	();			# kludge, never executed
+
+#--------------------------- SLOW ROUTINE ---------------------------#
+&set_label("slow_way",16);
+
+	&mov	($s0,&DWP(0,$s0)) if (!$x86only);# load OPENSSL_ia32cap
+	&mov	($key,&wparam(3));	# load key
+
+	# pre-allocate aligned stack frame...
+	&lea	($acc,&DWP(-80,"esp"));
+	&and	($acc,-64);
+
+	# ... and make sure it doesn't alias with $key modulo 1024
+	&lea	($s1,&DWP(-80-63,$key));
+	&sub	($s1,$acc);
+	&neg	($s1);
+	&and	($s1,0x3C0);	# modulo 1024, but aligned to cache-line
+	&sub	($acc,$s1);
+
+	# pick S-box copy which can't overlap with stack frame or $key
+	&lea	($s1,&DWP(768,$acc));
+	&sub	($s1,$tbl);
+	&and	($s1,0x300);
+	&lea	($tbl,&DWP(2048+128,$tbl,$s1));
+
+	&lea	($s3,&wparam(0));	# pointer to parameter block
+
+	&exch	("esp",$acc);
+	&add	("esp",4);		# reserve for return address!
+	&mov	($_tbl,$tbl);		# save %ebp
+	&mov	($_esp,$acc);		# save %esp
+	&mov	($_tmp,$s0);		# save OPENSSL_ia32cap
+
+	&mov	($s0,&DWP(0,$s3));	# load inp
+	&mov	($s1,&DWP(4,$s3));	# load out
+	#&mov	($s2,&DWP(8,$s3));	# load len
+	#&mov	($key,&DWP(12,$s3));	# load key
+	&mov	($acc,&DWP(16,$s3));	# load ivp
+	&mov	($s3,&DWP(20,$s3));	# load enc flag
+
+	&mov	($_inp,$s0);		# save copy of inp
+	&mov	($_out,$s1);		# save copy of out
+	&mov	($_len,$s2);		# save copy of len
+	&mov	($_key,$key);		# save copy of key
+	&mov	($_ivp,$acc);		# save copy of ivp
+
+	&mov	($key,$acc);
+	&mov	($acc,$s0);
+
+	&cmp	($s3,0);
+	&je	(&label("slow_decrypt"));
+
+#--------------------------- SLOW ENCRYPT ---------------------------#
+	&cmp	($s2,16);
+	&mov	($s3,$s1);
+	&jb	(&label("slow_enc_tail"));
+
+					if (!$x86only) {
+	&bt	($_tmp,25);		# check for SSE bit
+	&jnc	(&label("slow_enc_x86"));
+
+	&movq	("mm0",&QWP(0,$key));	# load iv
+	&movq	("mm4",&QWP(8,$key));
+
+	&set_label("slow_enc_loop_sse",16);
+		&pxor	("mm0",&QWP(0,$acc));	# xor input data
+		&pxor	("mm4",&QWP(8,$acc));
+
+		&mov	($key,$_key);
+		&call	("_sse_AES_encrypt_compact");
+
+		&mov	($acc,$_inp);		# load inp
+		&mov	($key,$_out);		# load out
+		&mov	($s2,$_len);		# load len
+
+		&movq	(&QWP(0,$key),"mm0");	# save output data
+		&movq	(&QWP(8,$key),"mm4");
+
+		&lea	($acc,&DWP(16,$acc));	# advance inp
+		&mov	($_inp,$acc);		# save inp
+		&lea	($s3,&DWP(16,$key));	# advance out
+		&mov	($_out,$s3);		# save out
+		&sub	($s2,16);		# decrease len
+		&cmp	($s2,16);
+		&mov	($_len,$s2);		# save len
+	&jae	(&label("slow_enc_loop_sse"));
+	&test	($s2,15);
+	&jnz	(&label("slow_enc_tail"));
+	&mov	($acc,$_ivp);		# load ivp
+	&movq	(&QWP(0,$acc),"mm0");	# save ivec
+	&movq	(&QWP(8,$acc),"mm4");
+	&emms	();
+	&mov	("esp",$_esp);
+	&popf	();
+	&function_end_A();
+	&pushf	();			# kludge, never executed
+					}
+    &set_label("slow_enc_x86",16);
+	&mov	($s0,&DWP(0,$key));	# load iv
+	&mov	($s1,&DWP(4,$key));
+
+	&set_label("slow_enc_loop_x86",4);
+		&mov	($s2,&DWP(8,$key));
+		&mov	($s3,&DWP(12,$key));
+
+		&xor	($s0,&DWP(0,$acc));	# xor input data
+		&xor	($s1,&DWP(4,$acc));
+		&xor	($s2,&DWP(8,$acc));
+		&xor	($s3,&DWP(12,$acc));
+
+		&mov	($key,$_key);		# load key
+		&call	("_x86_AES_encrypt_compact");
+
+		&mov	($acc,$_inp);		# load inp
+		&mov	($key,$_out);		# load out
 
-		&lea	($acc,&DWP(16,$acc));
-		&mov	(&wparam(0),$acc);		# save inp
+		&mov	(&DWP(0,$key),$s0);	# save output data
+		&mov	(&DWP(4,$key),$s1);
+		&mov	(&DWP(8,$key),$s2);
+		&mov	(&DWP(12,$key),$s3);
+
+		&mov	($s2,$_len);		# load len
+		&lea	($acc,&DWP(16,$acc));	# advance inp
+		&mov	($_inp,$acc);		# save inp
+		&lea	($s3,&DWP(16,$key));	# advance out
+		&mov	($_out,$s3);		# save out
+		&sub	($s2,16);		# decrease len
+		&cmp	($s2,16);
+		&mov	($_len,$s2);		# save len
+	&jae	(&label("slow_enc_loop_x86"));
+	&test	($s2,15);
+	&jnz	(&label("slow_enc_tail"));
+	&mov	($acc,$_ivp);		# load ivp
+	&mov	($s2,&DWP(8,$key));	# restore last dwords
+	&mov	($s3,&DWP(12,$key));
+	&mov	(&DWP(0,$acc),$s0);	# save ivec
+	&mov	(&DWP(4,$acc),$s1);
+	&mov	(&DWP(8,$acc),$s2);
+	&mov	(&DWP(12,$acc),$s3);
 
-		&mov	($s2,&wparam(2));		# load len
-		&sub	($s2,16);
-		&jc	(&label("dec_in_place_partial"));
-		&mov	(&wparam(2),$s2);		# save len
-	&jnz	(&label("dec_in_place_loop"));
-	&jmp	(&label("dec_out"));
+	&mov	("esp",$_esp);
+	&popf	();
+	&function_end_A();
+	&pushf	();			# kludge, never executed
 
-    &align	(4);
-    &set_label("dec_in_place_partial");
-	# one can argue if this is actually required...
-	&mov	($key eq "edi" ? $key : "",&wparam(1));
-	&lea	($acc eq "esi" ? $acc : "",&swtmp(0));
+    &set_label("slow_enc_tail",16);
+	&emms	()	if (!$x86only);
+	&mov	($key eq "edi"? $key:"",$s3);	# load out to edi
+	&mov	($s1,16);
+	&sub	($s1,$s2);
+	&cmp	($key,$acc eq "esi"? $acc:"");	# compare with inp
+	&je	(&label("enc_in_place"));
+	&align	(4);
+	&data_word(0xA4F3F689);	# rep movsb	# copy input
+	&jmp	(&label("enc_skip_in_place"));
+    &set_label("enc_in_place");
 	&lea	($key,&DWP(0,$key,$s2));
-	&lea	($acc,&DWP(16,$acc,$s2));
-	&neg	($s2 eq "ecx" ? $s2 : "");
-	&pushf	();
-	&data_word(0x90A4F3FC);	# cld; rep movsb; nop	# restore tail
+    &set_label("enc_skip_in_place");
+	&mov	($s2,$s1);
+	&xor	($s0,$s0);
+	&align	(4);
+	&data_word(0xAAF3F689);	# rep stosb	# zero tail
+
+	&mov	($key,$_ivp);			# restore ivp
+	&mov	($acc,$s3);			# output as input
+	&mov	($s0,&DWP(0,$key));
+	&mov	($s1,&DWP(4,$key));
+	&mov	($_len,16);			# len=16
+	&jmp	(&label("slow_enc_loop_x86"));	# one more spin...
+
+#--------------------------- SLOW DECRYPT ---------------------------#
+&set_label("slow_decrypt",16);
+					if (!$x86only) {
+	&bt	($_tmp,25);		# check for SSE bit
+	&jnc	(&label("slow_dec_loop_x86"));
+
+	&set_label("slow_dec_loop_sse",4);
+		&movq	("mm0",&QWP(0,$acc));	# read input
+		&movq	("mm4",&QWP(8,$acc));
+
+		&mov	($key,$_key);
+		&call	("_sse_AES_decrypt_compact");
+
+		&mov	($acc,$_inp);		# load inp
+		&lea	($s0,$ivec);
+		&mov	($s1,$_out);		# load out
+		&mov	($s2,$_len);		# load len
+		&mov	($key,$_ivp);		# load ivp
+
+		&movq	("mm1",&QWP(0,$acc));	# re-read input
+		&movq	("mm5",&QWP(8,$acc));
+
+		&pxor	("mm0",&QWP(0,$key));	# xor iv
+		&pxor	("mm4",&QWP(8,$key));
+
+		&movq	(&QWP(0,$key),"mm1");	# copy input to iv
+		&movq	(&QWP(8,$key),"mm5");
+
+		&sub	($s2,16);		# decrease len
+		&jc	(&label("slow_dec_partial_sse"));
+
+		&movq	(&QWP(0,$s1),"mm0");	# write output
+		&movq	(&QWP(8,$s1),"mm4");
+
+		&lea	($s1,&DWP(16,$s1));	# advance out
+		&mov	($_out,$s1);		# save out
+		&lea	($acc,&DWP(16,$acc));	# advance inp
+		&mov	($_inp,$acc);		# save inp
+		&mov	($_len,$s2);		# save len
+	&jnz	(&label("slow_dec_loop_sse"));
+	&emms	();
+	&mov	("esp",$_esp);
 	&popf	();
+	&function_end_A();
+	&pushf	();			# kludge, never executed
+
+    &set_label("slow_dec_partial_sse",16);
+	&movq	(&QWP(0,$s0),"mm0");	# save output to temp
+	&movq	(&QWP(8,$s0),"mm4");
+	&emms	();
+
+	&add	($s2 eq "ecx" ? "ecx":"",16);
+	&mov	("edi",$s1);		# out
+	&mov	("esi",$s0);		# temp
+	&align	(4);
+	&data_word(0xA4F3F689);		# rep movsb # copy partial output
+
+	&mov	("esp",$_esp);
+	&popf	();
+	&function_end_A();
+	&pushf	();			# kludge, never executed
+					}
+	&set_label("slow_dec_loop_x86",16);
+		&mov	($s0,&DWP(0,$acc));	# read input
+		&mov	($s1,&DWP(4,$acc));
+		&mov	($s2,&DWP(8,$acc));
+		&mov	($s3,&DWP(12,$acc));
+
+		&lea	($key,$ivec);
+		&mov	(&DWP(0,$key),$s0);	# copy to temp
+		&mov	(&DWP(4,$key),$s1);
+		&mov	(&DWP(8,$key),$s2);
+		&mov	(&DWP(12,$key),$s3);
+
+		&mov	($key,$_key);		# load key
+		&call	("_x86_AES_decrypt_compact");
+
+		&mov	($key,$_ivp);		# load ivp
+		&mov	($acc,$_len);		# load len
+		&xor	($s0,&DWP(0,$key));	# xor iv
+		&xor	($s1,&DWP(4,$key));
+		&xor	($s2,&DWP(8,$key));
+		&xor	($s3,&DWP(12,$key));
+
+		&sub	($acc,16);
+		&jc	(&label("slow_dec_partial_x86"));
+
+		&mov	($_len,$acc);		# save len
+		&mov	($acc,$_out);		# load out
+
+		&mov	(&DWP(0,$acc),$s0);	# write output
+		&mov	(&DWP(4,$acc),$s1);
+		&mov	(&DWP(8,$acc),$s2);
+		&mov	(&DWP(12,$acc),$s3);
+
+		&lea	($acc,&DWP(16,$acc));	# advance out
+		&mov	($_out,$acc);		# save out
+
+		&lea	($acc,$ivec);
+		&mov	($s0,&DWP(0,$acc));	# read temp
+		&mov	($s1,&DWP(4,$acc));
+		&mov	($s2,&DWP(8,$acc));
+		&mov	($s3,&DWP(12,$acc));
 
-    &align	(4);
-    &set_label("dec_out");
-    &stack_pop(5);
+		&mov	(&DWP(0,$key),$s0);	# copy it to iv
+		&mov	(&DWP(4,$key),$s1);
+		&mov	(&DWP(8,$key),$s2);
+		&mov	(&DWP(12,$key),$s3);
+
+		&mov	($acc,$_inp);		# load inp
+		&lea	($acc,&DWP(16,$acc));	# advance inp
+		&mov	($_inp,$acc);		# save inp
+	&jnz	(&label("slow_dec_loop_x86"));
+	&mov	("esp",$_esp);
+	&popf	();
+	&function_end_A();
+	&pushf	();			# kludge, never executed
+
+    &set_label("slow_dec_partial_x86",16);
+	&lea	($acc,$ivec);
+	&mov	(&DWP(0,$acc),$s0);	# save output to temp
+	&mov	(&DWP(4,$acc),$s1);
+	&mov	(&DWP(8,$acc),$s2);
+	&mov	(&DWP(12,$acc),$s3);
+
+	&mov	($acc,$_inp);
+	&mov	($s0,&DWP(0,$acc));	# re-read input
+	&mov	($s1,&DWP(4,$acc));
+	&mov	($s2,&DWP(8,$acc));
+	&mov	($s3,&DWP(12,$acc));
+
+	&mov	(&DWP(0,$key),$s0);	# copy it to iv
+	&mov	(&DWP(4,$key),$s1);
+	&mov	(&DWP(8,$key),$s2);
+	&mov	(&DWP(12,$key),$s3);
+
+	&mov	("ecx",$_len);
+	&mov	("edi",$_out);
+	&lea	("esi",$ivec);
+	&align	(4);
+	&data_word(0xA4F3F689);		# rep movsb # copy partial output
+
+	&mov	("esp",$_esp);
+	&popf	();
 &function_end("AES_cbc_encrypt");
+}
 
 #------------------------------------------------------------------#
 
 sub enckey()
 {
 	&movz	("esi",&LB("edx"));		# rk[i]>>0
-	&mov	("ebx",&DWP(0,"ebp","esi",4));
+	&movz	("ebx",&BP(-128,$tbl,"esi",1));
 	&movz	("esi",&HB("edx"));		# rk[i]>>8
-	&and	("ebx",0xFF000000);
+	&shl	("ebx",24);
 	&xor	("eax","ebx");
 
-	&mov	("ebx",&DWP(0,"ebp","esi",4));
+	&movz	("ebx",&BP(-128,$tbl,"esi",1));
 	&shr	("edx",16);
-	&and	("ebx",0x000000FF);
 	&movz	("esi",&LB("edx"));		# rk[i]>>16
 	&xor	("eax","ebx");
 
-	&mov	("ebx",&DWP(0,"ebp","esi",4));
+	&movz	("ebx",&BP(-128,$tbl,"esi",1));
 	&movz	("esi",&HB("edx"));		# rk[i]>>24
-	&and	("ebx",0x0000FF00);
+	&shl	("ebx",8);
 	&xor	("eax","ebx");
 
-	&mov	("ebx",&DWP(0,"ebp","esi",4));
-	&and	("ebx",0x00FF0000);
+	&movz	("ebx",&BP(-128,$tbl,"esi",1));
+	&shl	("ebx",16);
 	&xor	("eax","ebx");
 
-	&xor	("eax",&DWP(1024,"ebp","ecx",4));	# rcon
+	&xor	("eax",&DWP(1024-128,$tbl,"ecx",4));	# rcon
 }
 
-# int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
-#                        AES_KEY *key)
-&public_label("AES_Te");
-&function_begin("AES_set_encrypt_key");
-	&mov	("esi",&wparam(0));		# user supplied key
-	&mov	("edi",&wparam(2));		# private key schedule
+&function_begin("_x86_AES_set_encrypt_key");
+	&mov	("esi",&wparam(1));		# user supplied key
+	&mov	("edi",&wparam(3));		# private key schedule
 
 	&test	("esi",-1);
 	&jz	(&label("badpointer"));
@@ -1515,11 +2661,21 @@ sub enckey()
 
 	&call	(&label("pic_point"));
 	&set_label("pic_point");
-	&blindpop("ebp");
-	&lea	("ebp",&DWP(&label("AES_Te")."-".&label("pic_point"),"ebp"));
-	&add	("ebp",1024*4);			# skip to Te4
-
-	&mov	("ecx",&wparam(1));		# number of bits in key
+	&blindpop($tbl);
+	&lea	($tbl,&DWP(&label("AES_Te")."-".&label("pic_point"),$tbl));
+	&lea	($tbl,&DWP(2048+128,$tbl));
+
+	# prefetch Te4
+	&mov	("eax",&DWP(0-128,$tbl));
+	&mov	("ebx",&DWP(32-128,$tbl));
+	&mov	("ecx",&DWP(64-128,$tbl));
+	&mov	("edx",&DWP(96-128,$tbl));
+	&mov	("eax",&DWP(128-128,$tbl));
+	&mov	("ebx",&DWP(160-128,$tbl));
+	&mov	("ecx",&DWP(192-128,$tbl));
+	&mov	("edx",&DWP(224-128,$tbl));
+
+	&mov	("ecx",&wparam(2));		# number of bits in key
 	&cmp	("ecx",128);
 	&je	(&label("10rounds"));
 	&cmp	("ecx",192);
@@ -1658,24 +2814,23 @@ sub enckey()
 		&mov	("edx","eax");
 		&mov	("eax",&DWP(16,"edi"));		# rk[4]
 		&movz	("esi",&LB("edx"));		# rk[11]>>0
-		&mov	("ebx",&DWP(0,"ebp","esi",4));
+		&movz	("ebx",&BP(-128,$tbl,"esi",1));
 		&movz	("esi",&HB("edx"));		# rk[11]>>8
-		&and	("ebx",0x000000FF);
 		&xor	("eax","ebx");
 
-		&mov	("ebx",&DWP(0,"ebp","esi",4));
+		&movz	("ebx",&BP(-128,$tbl,"esi",1));
 		&shr	("edx",16);
-		&and	("ebx",0x0000FF00);
+		&shl	("ebx",8);
 		&movz	("esi",&LB("edx"));		# rk[11]>>16
 		&xor	("eax","ebx");
 
-		&mov	("ebx",&DWP(0,"ebp","esi",4));
+		&movz	("ebx",&BP(-128,$tbl,"esi",1));
 		&movz	("esi",&HB("edx"));		# rk[11]>>24
-		&and	("ebx",0x00FF0000);
+		&shl	("ebx",16);
 		&xor	("eax","ebx");
 
-		&mov	("ebx",&DWP(0,"ebp","esi",4));
-		&and	("ebx",0xFF000000);
+		&movz	("ebx",&BP(-128,$tbl,"esi",1));
+		&shl	("ebx",24);
 		&xor	("eax","ebx");
 
 		&mov	(&DWP(48,"edi"),"eax");		# rk[12]
@@ -1697,43 +2852,74 @@ sub enckey()
     &set_label("badpointer");
 	&mov	("eax",-1);
     &set_label("exit");
-&function_end("AES_set_encrypt_key");
+&function_end("_x86_AES_set_encrypt_key");
 
-sub deckey()
-{ my ($i,$ptr,$te4,$td) = @_;
+# int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
+#                        AES_KEY *key)
+&function_begin_B("AES_set_encrypt_key");
+	&call	("_x86_AES_set_encrypt_key");
+	&ret	();
+&function_end_B("AES_set_encrypt_key");
 
-	&mov	("eax",&DWP($i,$ptr));
-	&mov	("edx","eax");
-	&movz	("ebx",&HB("eax"));
-	&shr	("edx",16);
-	&and	("eax",0xFF);
-	&movz	("eax",&BP(0,$te4,"eax",4));
-	&movz	("ebx",&BP(0,$te4,"ebx",4));
-	&mov	("eax",&DWP(1024*0,$td,"eax",4));
-	&xor	("eax",&DWP(1024*1,$td,"ebx",4));
-	&movz	("ebx",&HB("edx"));
-	&and	("edx",0xFF);
-	&movz	("edx",&BP(0,$te4,"edx",4));
-	&movz	("ebx",&BP(0,$te4,"ebx",4));
-	&xor	("eax",&DWP(1024*2,$td,"edx",4));
-	&xor	("eax",&DWP(1024*3,$td,"ebx",4));
-	&mov	(&DWP($i,$ptr),"eax");
+sub deckey()
+{ my ($i,$key,$tp1,$tp2,$tp4,$tp8) = @_;
+  my $tmp = $tbl;
+
+	&mov	($acc,$tp1);
+	&and	($acc,0x80808080);
+	&mov	($tmp,$acc);
+	&shr	($tmp,7);
+	&lea	($tp2,&DWP(0,$tp1,$tp1));
+	&sub	($acc,$tmp);
+	&and	($tp2,0xfefefefe);
+	&and	($acc,0x1b1b1b1b);
+	&xor	($acc,$tp2);
+	&mov	($tp2,$acc);
+
+	&and	($acc,0x80808080);
+	&mov	($tmp,$acc);
+	&shr	($tmp,7);
+	&lea	($tp4,&DWP(0,$tp2,$tp2));
+	&sub	($acc,$tmp);
+	&and	($tp4,0xfefefefe);
+	&and	($acc,0x1b1b1b1b);
+	 &xor	($tp2,$tp1);	# tp2^tp1
+	&xor	($acc,$tp4);
+	&mov	($tp4,$acc);
+
+	&and	($acc,0x80808080);
+	&mov	($tmp,$acc);
+	&shr	($tmp,7);
+	&lea	($tp8,&DWP(0,$tp4,$tp4));
+	 &xor	($tp4,$tp1);	# tp4^tp1
+	&sub	($acc,$tmp);
+	&and	($tp8,0xfefefefe);
+	&and	($acc,0x1b1b1b1b);
+	 &rotl	($tp1,8);	# = ROTATE(tp1,8)
+	&xor	($tp8,$acc);
+
+	&mov	($tmp,&DWP(4*($i+1),$key));	# modulo-scheduled load
+
+	&xor	($tp1,$tp2);
+	&xor	($tp2,$tp8);
+	&xor	($tp1,$tp4);
+	&rotl	($tp2,24);
+	&xor	($tp4,$tp8);
+	&xor	($tp1,$tp8);	# ^= tp8^(tp4^tp1)^(tp2^tp1)
+	&rotl	($tp4,16);
+	&xor	($tp1,$tp2);	# ^= ROTATE(tp8^tp2^tp1,24)
+	&rotl	($tp8,8);
+	&xor	($tp1,$tp4);	# ^= ROTATE(tp8^tp4^tp1,16)
+	&mov	($tp2,$tmp);
+	&xor	($tp1,$tp8);	# ^= ROTATE(tp8,8)
+
+	&mov	(&DWP(4*$i,$key),$tp1);
 }
 
 # int AES_set_decrypt_key(const unsigned char *userKey, const int bits,
 #                        AES_KEY *key)
-&public_label("AES_Td");
-&public_label("AES_Te");
 &function_begin_B("AES_set_decrypt_key");
-	&mov	("eax",&wparam(0));
-	&mov	("ecx",&wparam(1));
-	&mov	("edx",&wparam(2));
-	&sub	("esp",12);
-	&mov	(&DWP(0,"esp"),"eax");
-	&mov	(&DWP(4,"esp"),"ecx");
-	&mov	(&DWP(8,"esp"),"edx");
-	&call	("AES_set_encrypt_key");
-	&add	("esp",12);
+	&call	("_x86_AES_set_encrypt_key");
 	&cmp	("eax",0);
 	&je	(&label("proceed"));
 	&ret	();
@@ -1749,8 +2935,7 @@ sub deckey()
 	&lea	("ecx",&DWP(0,"","ecx",4));
 	&lea	("edi",&DWP(0,"esi","ecx",4));	# pointer to last chunk
 
-	&align	(4);
-	&set_label("invert");			# invert order of chunks
+	&set_label("invert",4);			# invert order of chunks
 		&mov	("eax",&DWP(0,"esi"));
 		&mov	("ebx",&DWP(4,"esi"));
 		&mov	("ecx",&DWP(0,"edi"));
@@ -1772,27 +2957,24 @@ sub deckey()
 		&cmp	("esi","edi");
 	&jne	(&label("invert"));
 
-	&call	(&label("pic_point"));
-	&set_label("pic_point");
-	blindpop("ebp");
-	&lea	("edi",&DWP(&label("AES_Td")."-".&label("pic_point"),"ebp"));
-	&lea	("ebp",&DWP(&label("AES_Te")."-".&label("pic_point"),"ebp"));
-	&add	("ebp",1024*4);			# skip to Te4
-
-	&mov	("esi",&wparam(2));
-	&mov	("ecx",&DWP(240,"esi"));	# pull number of rounds
-	&dec	("ecx");
-	&align	(4);
-	&set_label("permute");			# permute the key schedule
-		&add	("esi",16);
-		&deckey	(0,"esi","ebp","edi");
-		&deckey	(4,"esi","ebp","edi");
-		&deckey	(8,"esi","ebp","edi");
-		&deckey	(12,"esi","ebp","edi");
-		&dec	("ecx");
-	&jnz	(&label("permute"));
+	&mov	($key,&wparam(2));
+	&mov	($acc,&DWP(240,$key));		# pull number of rounds
+	&lea	($acc,&DWP(-2,$acc,$acc));
+	&lea	($acc,&DWP(0,$key,$acc,8));
+	&mov	(&wparam(2),$acc);
+
+	&mov	($s0,&DWP(16,$key));		# modulo-scheduled load
+	&set_label("permute",4);		# permute the key schedule
+		&add	($key,16);
+		&deckey	(0,$key,$s0,$s1,$s2,$s3);
+		&deckey	(1,$key,$s1,$s2,$s3,$s0);
+		&deckey	(2,$key,$s2,$s3,$s0,$s1);
+		&deckey	(3,$key,$s3,$s0,$s1,$s2);
+		&cmp	($key,&wparam(2));
+	&jb	(&label("permute"));
 
 	&xor	("eax","eax");			# return success
 &function_end("AES_set_decrypt_key");
+&asciz("AES for x86, CRYPTOGAMS by <appro\@openssl.org>");
 
 &asm_finish();
diff --git a/crypto/aes/asm/aes-armv4.pl b/crypto/aes/asm/aes-armv4.pl
new file mode 100644
index 0000000000..15742c1ec5
--- /dev/null
+++ b/crypto/aes/asm/aes-armv4.pl
@@ -0,0 +1,1030 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# AES for ARMv4
+
+# January 2007.
+#
+# Code uses single 1K S-box and is >2 times faster than code generated
+# by gcc-3.4.1. This is thanks to unique feature of ARMv4 ISA, which
+# allows to merge logical or arithmetic operation with shift or rotate
+# in one instruction and emit combined result every cycle. The module
+# is endian-neutral. The performance is ~42 cycles/byte for 128-bit
+# key.
+
+# May 2007.
+#
+# AES_set_[en|de]crypt_key is added.
+
+$s0="r0";
+$s1="r1";
+$s2="r2";
+$s3="r3";
+$t1="r4";
+$t2="r5";
+$t3="r6";
+$i1="r7";
+$i2="r8";
+$i3="r9";
+
+$tbl="r10";
+$key="r11";
+$rounds="r12";
+
+$code=<<___;
+.text
+.code	32
+
+.type	AES_Te,%object
+.align	5
+AES_Te:
+.word	0xc66363a5, 0xf87c7c84, 0xee777799, 0xf67b7b8d
+.word	0xfff2f20d, 0xd66b6bbd, 0xde6f6fb1, 0x91c5c554
+.word	0x60303050, 0x02010103, 0xce6767a9, 0x562b2b7d
+.word	0xe7fefe19, 0xb5d7d762, 0x4dababe6, 0xec76769a
+.word	0x8fcaca45, 0x1f82829d, 0x89c9c940, 0xfa7d7d87
+.word	0xeffafa15, 0xb25959eb, 0x8e4747c9, 0xfbf0f00b
+.word	0x41adadec, 0xb3d4d467, 0x5fa2a2fd, 0x45afafea
+.word	0x239c9cbf, 0x53a4a4f7, 0xe4727296, 0x9bc0c05b
+.word	0x75b7b7c2, 0xe1fdfd1c, 0x3d9393ae, 0x4c26266a
+.word	0x6c36365a, 0x7e3f3f41, 0xf5f7f702, 0x83cccc4f
+.word	0x6834345c, 0x51a5a5f4, 0xd1e5e534, 0xf9f1f108
+.word	0xe2717193, 0xabd8d873, 0x62313153, 0x2a15153f
+.word	0x0804040c, 0x95c7c752, 0x46232365, 0x9dc3c35e
+.word	0x30181828, 0x379696a1, 0x0a05050f, 0x2f9a9ab5
+.word	0x0e070709, 0x24121236, 0x1b80809b, 0xdfe2e23d
+.word	0xcdebeb26, 0x4e272769, 0x7fb2b2cd, 0xea75759f
+.word	0x1209091b, 0x1d83839e, 0x582c2c74, 0x341a1a2e
+.word	0x361b1b2d, 0xdc6e6eb2, 0xb45a5aee, 0x5ba0a0fb
+.word	0xa45252f6, 0x763b3b4d, 0xb7d6d661, 0x7db3b3ce
+.word	0x5229297b, 0xdde3e33e, 0x5e2f2f71, 0x13848497
+.word	0xa65353f5, 0xb9d1d168, 0x00000000, 0xc1eded2c
+.word	0x40202060, 0xe3fcfc1f, 0x79b1b1c8, 0xb65b5bed
+.word	0xd46a6abe, 0x8dcbcb46, 0x67bebed9, 0x7239394b
+.word	0x944a4ade, 0x984c4cd4, 0xb05858e8, 0x85cfcf4a
+.word	0xbbd0d06b, 0xc5efef2a, 0x4faaaae5, 0xedfbfb16
+.word	0x864343c5, 0x9a4d4dd7, 0x66333355, 0x11858594
+.word	0x8a4545cf, 0xe9f9f910, 0x04020206, 0xfe7f7f81
+.word	0xa05050f0, 0x783c3c44, 0x259f9fba, 0x4ba8a8e3
+.word	0xa25151f3, 0x5da3a3fe, 0x804040c0, 0x058f8f8a
+.word	0x3f9292ad, 0x219d9dbc, 0x70383848, 0xf1f5f504
+.word	0x63bcbcdf, 0x77b6b6c1, 0xafdada75, 0x42212163
+.word	0x20101030, 0xe5ffff1a, 0xfdf3f30e, 0xbfd2d26d
+.word	0x81cdcd4c, 0x180c0c14, 0x26131335, 0xc3ecec2f
+.word	0xbe5f5fe1, 0x359797a2, 0x884444cc, 0x2e171739
+.word	0x93c4c457, 0x55a7a7f2, 0xfc7e7e82, 0x7a3d3d47
+.word	0xc86464ac, 0xba5d5de7, 0x3219192b, 0xe6737395
+.word	0xc06060a0, 0x19818198, 0x9e4f4fd1, 0xa3dcdc7f
+.word	0x44222266, 0x542a2a7e, 0x3b9090ab, 0x0b888883
+.word	0x8c4646ca, 0xc7eeee29, 0x6bb8b8d3, 0x2814143c
+.word	0xa7dede79, 0xbc5e5ee2, 0x160b0b1d, 0xaddbdb76
+.word	0xdbe0e03b, 0x64323256, 0x743a3a4e, 0x140a0a1e
+.word	0x924949db, 0x0c06060a, 0x4824246c, 0xb85c5ce4
+.word	0x9fc2c25d, 0xbdd3d36e, 0x43acacef, 0xc46262a6
+.word	0x399191a8, 0x319595a4, 0xd3e4e437, 0xf279798b
+.word	0xd5e7e732, 0x8bc8c843, 0x6e373759, 0xda6d6db7
+.word	0x018d8d8c, 0xb1d5d564, 0x9c4e4ed2, 0x49a9a9e0
+.word	0xd86c6cb4, 0xac5656fa, 0xf3f4f407, 0xcfeaea25
+.word	0xca6565af, 0xf47a7a8e, 0x47aeaee9, 0x10080818
+.word	0x6fbabad5, 0xf0787888, 0x4a25256f, 0x5c2e2e72
+.word	0x381c1c24, 0x57a6a6f1, 0x73b4b4c7, 0x97c6c651
+.word	0xcbe8e823, 0xa1dddd7c, 0xe874749c, 0x3e1f1f21
+.word	0x964b4bdd, 0x61bdbddc, 0x0d8b8b86, 0x0f8a8a85
+.word	0xe0707090, 0x7c3e3e42, 0x71b5b5c4, 0xcc6666aa
+.word	0x904848d8, 0x06030305, 0xf7f6f601, 0x1c0e0e12
+.word	0xc26161a3, 0x6a35355f, 0xae5757f9, 0x69b9b9d0
+.word	0x17868691, 0x99c1c158, 0x3a1d1d27, 0x279e9eb9
+.word	0xd9e1e138, 0xebf8f813, 0x2b9898b3, 0x22111133
+.word	0xd26969bb, 0xa9d9d970, 0x078e8e89, 0x339494a7
+.word	0x2d9b9bb6, 0x3c1e1e22, 0x15878792, 0xc9e9e920
+.word	0x87cece49, 0xaa5555ff, 0x50282878, 0xa5dfdf7a
+.word	0x038c8c8f, 0x59a1a1f8, 0x09898980, 0x1a0d0d17
+.word	0x65bfbfda, 0xd7e6e631, 0x844242c6, 0xd06868b8
+.word	0x824141c3, 0x299999b0, 0x5a2d2d77, 0x1e0f0f11
+.word	0x7bb0b0cb, 0xa85454fc, 0x6dbbbbd6, 0x2c16163a
+@ Te4[256]
+.byte	0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5
+.byte	0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76
+.byte	0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0
+.byte	0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0
+.byte	0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc
+.byte	0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15
+.byte	0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a
+.byte	0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75
+.byte	0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0
+.byte	0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84
+.byte	0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b
+.byte	0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf
+.byte	0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85
+.byte	0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8
+.byte	0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5
+.byte	0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2
+.byte	0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17
+.byte	0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73
+.byte	0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88
+.byte	0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb
+.byte	0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c
+.byte	0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79
+.byte	0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9
+.byte	0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08
+.byte	0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6
+.byte	0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a
+.byte	0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e
+.byte	0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e
+.byte	0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94
+.byte	0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf
+.byte	0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68
+.byte	0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16
+@ rcon[]
+.word	0x01000000, 0x02000000, 0x04000000, 0x08000000
+.word	0x10000000, 0x20000000, 0x40000000, 0x80000000
+.word	0x1B000000, 0x36000000, 0, 0, 0, 0, 0, 0
+.size	AES_Te,.-AES_Te
+
+@ void AES_encrypt(const unsigned char *in, unsigned char *out,
+@ 		 const AES_KEY *key) {
+.global AES_encrypt
+.type   AES_encrypt,%function
+.align	5
+AES_encrypt:
+	sub	r3,pc,#8		@ AES_encrypt
+	stmdb   sp!,{r1,r4-r12,lr}
+	mov	$rounds,r0		@ inp
+	mov	$key,r2
+	sub	$tbl,r3,#AES_encrypt-AES_Te	@ Te
+
+	ldrb	$s0,[$rounds,#3]	@ load input data in endian-neutral
+	ldrb	$t1,[$rounds,#2]	@ manner...
+	ldrb	$t2,[$rounds,#1]
+	ldrb	$t3,[$rounds,#0]
+	orr	$s0,$s0,$t1,lsl#8
+	orr	$s0,$s0,$t2,lsl#16
+	orr	$s0,$s0,$t3,lsl#24
+	ldrb	$s1,[$rounds,#7]
+	ldrb	$t1,[$rounds,#6]
+	ldrb	$t2,[$rounds,#5]
+	ldrb	$t3,[$rounds,#4]
+	orr	$s1,$s1,$t1,lsl#8
+	orr	$s1,$s1,$t2,lsl#16
+	orr	$s1,$s1,$t3,lsl#24
+	ldrb	$s2,[$rounds,#11]
+	ldrb	$t1,[$rounds,#10]
+	ldrb	$t2,[$rounds,#9]
+	ldrb	$t3,[$rounds,#8]
+	orr	$s2,$s2,$t1,lsl#8
+	orr	$s2,$s2,$t2,lsl#16
+	orr	$s2,$s2,$t3,lsl#24
+	ldrb	$s3,[$rounds,#15]
+	ldrb	$t1,[$rounds,#14]
+	ldrb	$t2,[$rounds,#13]
+	ldrb	$t3,[$rounds,#12]
+	orr	$s3,$s3,$t1,lsl#8
+	orr	$s3,$s3,$t2,lsl#16
+	orr	$s3,$s3,$t3,lsl#24
+
+	bl	_armv4_AES_encrypt
+
+	ldr	$rounds,[sp],#4		@ pop out
+	mov	$t1,$s0,lsr#24		@ write output in endian-neutral
+	mov	$t2,$s0,lsr#16		@ manner...
+	mov	$t3,$s0,lsr#8
+	strb	$t1,[$rounds,#0]
+	strb	$t2,[$rounds,#1]
+	strb	$t3,[$rounds,#2]
+	strb	$s0,[$rounds,#3]
+	mov	$t1,$s1,lsr#24
+	mov	$t2,$s1,lsr#16
+	mov	$t3,$s1,lsr#8
+	strb	$t1,[$rounds,#4]
+	strb	$t2,[$rounds,#5]
+	strb	$t3,[$rounds,#6]
+	strb	$s1,[$rounds,#7]
+	mov	$t1,$s2,lsr#24
+	mov	$t2,$s2,lsr#16
+	mov	$t3,$s2,lsr#8
+	strb	$t1,[$rounds,#8]
+	strb	$t2,[$rounds,#9]
+	strb	$t3,[$rounds,#10]
+	strb	$s2,[$rounds,#11]
+	mov	$t1,$s3,lsr#24
+	mov	$t2,$s3,lsr#16
+	mov	$t3,$s3,lsr#8
+	strb	$t1,[$rounds,#12]
+	strb	$t2,[$rounds,#13]
+	strb	$t3,[$rounds,#14]
+	strb	$s3,[$rounds,#15]
+
+	ldmia   sp!,{r4-r12,lr}
+	tst	lr,#1
+	moveq	pc,lr			@ be binary compatible with V4, yet
+	bx	lr			@ interoperable with Thumb ISA:-)
+.size	AES_encrypt,.-AES_encrypt
+
+.type   _armv4_AES_encrypt,%function
+.align	2
+_armv4_AES_encrypt:
+	str	lr,[sp,#-4]!		@ push lr
+	ldr	$t1,[$key],#16
+	ldr	$t2,[$key,#-12]
+	ldr	$t3,[$key,#-8]
+	ldr	$i1,[$key,#-4]
+	ldr	$rounds,[$key,#240-16]
+	eor	$s0,$s0,$t1
+	eor	$s1,$s1,$t2
+	eor	$s2,$s2,$t3
+	eor	$s3,$s3,$i1
+	sub	$rounds,$rounds,#1
+	mov	lr,#255
+
+.Lenc_loop:
+	and	$i2,lr,$s0,lsr#8
+	and	$i3,lr,$s0,lsr#16
+	and	$i1,lr,$s0
+	mov	$s0,$s0,lsr#24
+	ldr	$t1,[$tbl,$i1,lsl#2]	@ Te3[s0>>0]
+	ldr	$s0,[$tbl,$s0,lsl#2]	@ Te0[s0>>24]
+	ldr	$t2,[$tbl,$i2,lsl#2]	@ Te2[s0>>8]
+	ldr	$t3,[$tbl,$i3,lsl#2]	@ Te1[s0>>16]
+
+	and	$i1,lr,$s1,lsr#16	@ i0
+	and	$i2,lr,$s1
+	and	$i3,lr,$s1,lsr#8
+	mov	$s1,$s1,lsr#24
+	ldr	$i1,[$tbl,$i1,lsl#2]	@ Te1[s1>>16]
+	ldr	$s1,[$tbl,$s1,lsl#2]	@ Te0[s1>>24]
+	ldr	$i2,[$tbl,$i2,lsl#2]	@ Te3[s1>>0]
+	ldr	$i3,[$tbl,$i3,lsl#2]	@ Te2[s1>>8]
+	eor	$s0,$s0,$i1,ror#8
+	eor	$s1,$s1,$t1,ror#24
+	eor	$t2,$t2,$i2,ror#8
+	eor	$t3,$t3,$i3,ror#8
+
+	and	$i1,lr,$s2,lsr#8	@ i0
+	and	$i2,lr,$s2,lsr#16	@ i1
+	and	$i3,lr,$s2
+	mov	$s2,$s2,lsr#24
+	ldr	$i1,[$tbl,$i1,lsl#2]	@ Te2[s2>>8]
+	ldr	$i2,[$tbl,$i2,lsl#2]	@ Te1[s2>>16]
+	ldr	$s2,[$tbl,$s2,lsl#2]	@ Te0[s2>>24]
+	ldr	$i3,[$tbl,$i3,lsl#2]	@ Te3[s2>>0]
+	eor	$s0,$s0,$i1,ror#16
+	eor	$s1,$s1,$i2,ror#8
+	eor	$s2,$s2,$t2,ror#16
+	eor	$t3,$t3,$i3,ror#16
+
+	and	$i1,lr,$s3		@ i0
+	and	$i2,lr,$s3,lsr#8	@ i1
+	and	$i3,lr,$s3,lsr#16	@ i2
+	mov	$s3,$s3,lsr#24
+	ldr	$i1,[$tbl,$i1,lsl#2]	@ Te3[s3>>0]
+	ldr	$i2,[$tbl,$i2,lsl#2]	@ Te2[s3>>8]
+	ldr	$i3,[$tbl,$i3,lsl#2]	@ Te1[s3>>16]
+	ldr	$s3,[$tbl,$s3,lsl#2]	@ Te0[s3>>24]
+	eor	$s0,$s0,$i1,ror#24
+	eor	$s1,$s1,$i2,ror#16
+	eor	$s2,$s2,$i3,ror#8
+	eor	$s3,$s3,$t3,ror#8
+
+	ldr	$t1,[$key],#16
+	ldr	$t2,[$key,#-12]
+	ldr	$t3,[$key,#-8]
+	ldr	$i1,[$key,#-4]
+	eor	$s0,$s0,$t1
+	eor	$s1,$s1,$t2
+	eor	$s2,$s2,$t3
+	eor	$s3,$s3,$i1
+
+	subs	$rounds,$rounds,#1
+	bne	.Lenc_loop
+
+	add	$tbl,$tbl,#2
+
+	and	$i1,lr,$s0
+	and	$i2,lr,$s0,lsr#8
+	and	$i3,lr,$s0,lsr#16
+	mov	$s0,$s0,lsr#24
+	ldrb	$t1,[$tbl,$i1,lsl#2]	@ Te4[s0>>0]
+	ldrb	$s0,[$tbl,$s0,lsl#2]	@ Te4[s0>>24]
+	ldrb	$t2,[$tbl,$i2,lsl#2]	@ Te4[s0>>8]
+	ldrb	$t3,[$tbl,$i3,lsl#2]	@ Te4[s0>>16]
+
+	and	$i1,lr,$s1,lsr#16	@ i0
+	and	$i2,lr,$s1
+	and	$i3,lr,$s1,lsr#8
+	mov	$s1,$s1,lsr#24
+	ldrb	$i1,[$tbl,$i1,lsl#2]	@ Te4[s1>>16]
+	ldrb	$s1,[$tbl,$s1,lsl#2]	@ Te4[s1>>24]
+	ldrb	$i2,[$tbl,$i2,lsl#2]	@ Te4[s1>>0]
+	ldrb	$i3,[$tbl,$i3,lsl#2]	@ Te4[s1>>8]
+	eor	$s0,$i1,$s0,lsl#8
+	eor	$s1,$t1,$s1,lsl#24
+	eor	$t2,$i2,$t2,lsl#8
+	eor	$t3,$i3,$t3,lsl#8
+
+	and	$i1,lr,$s2,lsr#8	@ i0
+	and	$i2,lr,$s2,lsr#16	@ i1
+	and	$i3,lr,$s2
+	mov	$s2,$s2,lsr#24
+	ldrb	$i1,[$tbl,$i1,lsl#2]	@ Te4[s2>>8]
+	ldrb	$i2,[$tbl,$i2,lsl#2]	@ Te4[s2>>16]
+	ldrb	$s2,[$tbl,$s2,lsl#2]	@ Te4[s2>>24]
+	ldrb	$i3,[$tbl,$i3,lsl#2]	@ Te4[s2>>0]
+	eor	$s0,$i1,$s0,lsl#8
+	eor	$s1,$s1,$i2,lsl#16
+	eor	$s2,$t2,$s2,lsl#24
+	eor	$t3,$i3,$t3,lsl#8
+
+	and	$i1,lr,$s3		@ i0
+	and	$i2,lr,$s3,lsr#8	@ i1
+	and	$i3,lr,$s3,lsr#16	@ i2
+	mov	$s3,$s3,lsr#24
+	ldrb	$i1,[$tbl,$i1,lsl#2]	@ Te4[s3>>0]
+	ldrb	$i2,[$tbl,$i2,lsl#2]	@ Te4[s3>>8]
+	ldrb	$i3,[$tbl,$i3,lsl#2]	@ Te4[s3>>16]
+	ldrb	$s3,[$tbl,$s3,lsl#2]	@ Te4[s3>>24]
+	eor	$s0,$i1,$s0,lsl#8
+	eor	$s1,$s1,$i2,lsl#8
+	eor	$s2,$s2,$i3,lsl#16
+	eor	$s3,$t3,$s3,lsl#24
+
+	ldr	lr,[sp],#4		@ pop lr
+	ldr	$t1,[$key,#0]
+	ldr	$t2,[$key,#4]
+	ldr	$t3,[$key,#8]
+	ldr	$i1,[$key,#12]
+	eor	$s0,$s0,$t1
+	eor	$s1,$s1,$t2
+	eor	$s2,$s2,$t3
+	eor	$s3,$s3,$i1
+
+	sub	$tbl,$tbl,#2
+	mov	pc,lr			@ return
+.size	_armv4_AES_encrypt,.-_armv4_AES_encrypt
+
+.global AES_set_encrypt_key
+.type   AES_set_encrypt_key,%function
+.align	5
+AES_set_encrypt_key:
+	sub	r3,pc,#8		@ AES_set_encrypt_key
+	teq	r0,#0
+	moveq	r0,#-1
+	beq	.Labrt
+	teq	r2,#0
+	moveq	r0,#-1
+	beq	.Labrt
+
+	teq	r1,#128
+	beq	.Lok
+	teq	r1,#192
+	beq	.Lok
+	teq	r1,#256
+	movne	r0,#-1
+	bne	.Labrt
+
+.Lok:	stmdb   sp!,{r4-r12,lr}
+	sub	$tbl,r3,#AES_set_encrypt_key-AES_Te-1024	@ Te4
+
+	mov	$rounds,r0		@ inp
+	mov	lr,r1			@ bits
+	mov	$key,r2			@ key
+
+	ldrb	$s0,[$rounds,#3]	@ load input data in endian-neutral
+	ldrb	$t1,[$rounds,#2]	@ manner...
+	ldrb	$t2,[$rounds,#1]
+	ldrb	$t3,[$rounds,#0]
+	orr	$s0,$s0,$t1,lsl#8
+	orr	$s0,$s0,$t2,lsl#16
+	orr	$s0,$s0,$t3,lsl#24
+	ldrb	$s1,[$rounds,#7]
+	ldrb	$t1,[$rounds,#6]
+	ldrb	$t2,[$rounds,#5]
+	ldrb	$t3,[$rounds,#4]
+	orr	$s1,$s1,$t1,lsl#8
+	orr	$s1,$s1,$t2,lsl#16
+	orr	$s1,$s1,$t3,lsl#24
+	ldrb	$s2,[$rounds,#11]
+	ldrb	$t1,[$rounds,#10]
+	ldrb	$t2,[$rounds,#9]
+	ldrb	$t3,[$rounds,#8]
+	orr	$s2,$s2,$t1,lsl#8
+	orr	$s2,$s2,$t2,lsl#16
+	orr	$s2,$s2,$t3,lsl#24
+	ldrb	$s3,[$rounds,#15]
+	ldrb	$t1,[$rounds,#14]
+	ldrb	$t2,[$rounds,#13]
+	ldrb	$t3,[$rounds,#12]
+	orr	$s3,$s3,$t1,lsl#8
+	orr	$s3,$s3,$t2,lsl#16
+	orr	$s3,$s3,$t3,lsl#24
+	str	$s0,[$key],#16
+	str	$s1,[$key,#-12]
+	str	$s2,[$key,#-8]
+	str	$s3,[$key,#-4]
+
+	teq	lr,#128
+	bne	.Lnot128
+	mov	$rounds,#10
+	str	$rounds,[$key,#240-16]
+	add	$t3,$tbl,#256			@ rcon
+	mov	lr,#255
+
+.L128_loop:
+	and	$t2,lr,$s3,lsr#24
+	and	$i1,lr,$s3,lsr#16
+	and	$i2,lr,$s3,lsr#8
+	and	$i3,lr,$s3
+	ldrb	$t2,[$tbl,$t2]
+	ldrb	$i1,[$tbl,$i1]
+	ldrb	$i2,[$tbl,$i2]
+	ldrb	$i3,[$tbl,$i3]
+	ldr	$t1,[$t3],#4			@ rcon[i++]
+	orr	$t2,$t2,$i1,lsl#24
+	orr	$t2,$t2,$i2,lsl#16
+	orr	$t2,$t2,$i3,lsl#8
+	eor	$t2,$t2,$t1
+	eor	$s0,$s0,$t2			@ rk[4]=rk[0]^...
+	eor	$s1,$s1,$s0			@ rk[5]=rk[1]^rk[4]
+	eor	$s2,$s2,$s1			@ rk[6]=rk[2]^rk[5]
+	eor	$s3,$s3,$s2			@ rk[7]=rk[3]^rk[6]
+	str	$s0,[$key],#16
+	str	$s1,[$key,#-12]
+	str	$s2,[$key,#-8]
+	str	$s3,[$key,#-4]
+
+	subs	$rounds,$rounds,#1
+	bne	.L128_loop
+	sub	r2,$key,#176
+	b	.Ldone
+
+.Lnot128:
+	ldrb	$i2,[$rounds,#19]
+	ldrb	$t1,[$rounds,#18]
+	ldrb	$t2,[$rounds,#17]
+	ldrb	$t3,[$rounds,#16]
+	orr	$i2,$i2,$t1,lsl#8
+	orr	$i2,$i2,$t2,lsl#16
+	orr	$i2,$i2,$t3,lsl#24
+	ldrb	$i3,[$rounds,#23]
+	ldrb	$t1,[$rounds,#22]
+	ldrb	$t2,[$rounds,#21]
+	ldrb	$t3,[$rounds,#20]
+	orr	$i3,$i3,$t1,lsl#8
+	orr	$i3,$i3,$t2,lsl#16
+	orr	$i3,$i3,$t3,lsl#24
+	str	$i2,[$key],#8
+	str	$i3,[$key,#-4]
+
+	teq	lr,#192
+	bne	.Lnot192
+	mov	$rounds,#12
+	str	$rounds,[$key,#240-24]
+	add	$t3,$tbl,#256			@ rcon
+	mov	lr,#255
+	mov	$rounds,#8
+
+.L192_loop:
+	and	$t2,lr,$i3,lsr#24
+	and	$i1,lr,$i3,lsr#16
+	and	$i2,lr,$i3,lsr#8
+	and	$i3,lr,$i3
+	ldrb	$t2,[$tbl,$t2]
+	ldrb	$i1,[$tbl,$i1]
+	ldrb	$i2,[$tbl,$i2]
+	ldrb	$i3,[$tbl,$i3]
+	ldr	$t1,[$t3],#4			@ rcon[i++]
+	orr	$t2,$t2,$i1,lsl#24
+	orr	$t2,$t2,$i2,lsl#16
+	orr	$t2,$t2,$i3,lsl#8
+	eor	$i3,$t2,$t1
+	eor	$s0,$s0,$i3			@ rk[6]=rk[0]^...
+	eor	$s1,$s1,$s0			@ rk[7]=rk[1]^rk[6]
+	eor	$s2,$s2,$s1			@ rk[8]=rk[2]^rk[7]
+	eor	$s3,$s3,$s2			@ rk[9]=rk[3]^rk[8]
+	str	$s0,[$key],#24
+	str	$s1,[$key,#-20]
+	str	$s2,[$key,#-16]
+	str	$s3,[$key,#-12]
+
+	subs	$rounds,$rounds,#1
+	subeq	r2,$key,#216
+	beq	.Ldone
+
+	ldr	$i1,[$key,#-32]
+	ldr	$i2,[$key,#-28]
+	eor	$i1,$i1,$s3			@ rk[10]=rk[4]^rk[9]
+	eor	$i3,$i2,$i1			@ rk[11]=rk[5]^rk[10]
+	str	$i1,[$key,#-8]
+	str	$i3,[$key,#-4]
+	b	.L192_loop
+
+.Lnot192:
+	ldrb	$i2,[$rounds,#27]
+	ldrb	$t1,[$rounds,#26]
+	ldrb	$t2,[$rounds,#25]
+	ldrb	$t3,[$rounds,#24]
+	orr	$i2,$i2,$t1,lsl#8
+	orr	$i2,$i2,$t2,lsl#16
+	orr	$i2,$i2,$t3,lsl#24
+	ldrb	$i3,[$rounds,#31]
+	ldrb	$t1,[$rounds,#30]
+	ldrb	$t2,[$rounds,#29]
+	ldrb	$t3,[$rounds,#28]
+	orr	$i3,$i3,$t1,lsl#8
+	orr	$i3,$i3,$t2,lsl#16
+	orr	$i3,$i3,$t3,lsl#24
+	str	$i2,[$key],#8
+	str	$i3,[$key,#-4]
+
+	mov	$rounds,#14
+	str	$rounds,[$key,#240-32]
+	add	$t3,$tbl,#256			@ rcon
+	mov	lr,#255
+	mov	$rounds,#7
+
+.L256_loop:
+	and	$t2,lr,$i3,lsr#24
+	and	$i1,lr,$i3,lsr#16
+	and	$i2,lr,$i3,lsr#8
+	and	$i3,lr,$i3
+	ldrb	$t2,[$tbl,$t2]
+	ldrb	$i1,[$tbl,$i1]
+	ldrb	$i2,[$tbl,$i2]
+	ldrb	$i3,[$tbl,$i3]
+	ldr	$t1,[$t3],#4			@ rcon[i++]
+	orr	$t2,$t2,$i1,lsl#24
+	orr	$t2,$t2,$i2,lsl#16
+	orr	$t2,$t2,$i3,lsl#8
+	eor	$i3,$t2,$t1
+	eor	$s0,$s0,$i3			@ rk[8]=rk[0]^...
+	eor	$s1,$s1,$s0			@ rk[9]=rk[1]^rk[8]
+	eor	$s2,$s2,$s1			@ rk[10]=rk[2]^rk[9]
+	eor	$s3,$s3,$s2			@ rk[11]=rk[3]^rk[10]
+	str	$s0,[$key],#32
+	str	$s1,[$key,#-28]
+	str	$s2,[$key,#-24]
+	str	$s3,[$key,#-20]
+
+	subs	$rounds,$rounds,#1
+	subeq	r2,$key,#256
+	beq	.Ldone
+
+	and	$t2,lr,$s3
+	and	$i1,lr,$s3,lsr#8
+	and	$i2,lr,$s3,lsr#16
+	and	$i3,lr,$s3,lsr#24
+	ldrb	$t2,[$tbl,$t2]
+	ldrb	$i1,[$tbl,$i1]
+	ldrb	$i2,[$tbl,$i2]
+	ldrb	$i3,[$tbl,$i3]
+	orr	$t2,$t2,$i1,lsl#8
+	orr	$t2,$t2,$i2,lsl#16
+	orr	$t2,$t2,$i3,lsl#24
+
+	ldr	$t1,[$key,#-48]
+	ldr	$i1,[$key,#-44]
+	ldr	$i2,[$key,#-40]
+	ldr	$i3,[$key,#-36]
+	eor	$t1,$t1,$t2			@ rk[12]=rk[4]^...
+	eor	$i1,$i1,$t1			@ rk[13]=rk[5]^rk[12]
+	eor	$i2,$i2,$i1			@ rk[14]=rk[6]^rk[13]
+	eor	$i3,$i3,$i2			@ rk[15]=rk[7]^rk[14]
+	str	$t1,[$key,#-16]
+	str	$i1,[$key,#-12]
+	str	$i2,[$key,#-8]
+	str	$i3,[$key,#-4]
+	b	.L256_loop
+
+.Ldone:	mov	r0,#0
+	ldmia   sp!,{r4-r12,lr}
+.Labrt:	tst	lr,#1
+	moveq	pc,lr			@ be binary compatible with V4, yet
+	bx	lr			@ interoperable with Thumb ISA:-)
+.size	AES_set_encrypt_key,.-AES_set_encrypt_key
+
+.global AES_set_decrypt_key
+.type   AES_set_decrypt_key,%function
+.align	5
+AES_set_decrypt_key:
+	str	lr,[sp,#-4]!            @ push lr
+	bl	AES_set_encrypt_key
+	teq	r0,#0
+	ldrne	lr,[sp],#4              @ pop lr
+	bne	.Labrt
+
+	stmdb   sp!,{r4-r12}
+
+	ldr	$rounds,[r2,#240]	@ AES_set_encrypt_key preserves r2,
+	mov	$key,r2			@ which is AES_KEY *key
+	mov	$i1,r2
+	add	$i2,r2,$rounds,lsl#4
+
+.Linv:	ldr	$s0,[$i1]
+	ldr	$s1,[$i1,#4]
+	ldr	$s2,[$i1,#8]
+	ldr	$s3,[$i1,#12]
+	ldr	$t1,[$i2]
+	ldr	$t2,[$i2,#4]
+	ldr	$t3,[$i2,#8]
+	ldr	$i3,[$i2,#12]
+	str	$s0,[$i2],#-16
+	str	$s1,[$i2,#16+4]
+	str	$s2,[$i2,#16+8]
+	str	$s3,[$i2,#16+12]
+	str	$t1,[$i1],#16
+	str	$t2,[$i1,#-12]
+	str	$t3,[$i1,#-8]
+	str	$i3,[$i1,#-4]
+	teq	$i1,$i2
+	bne	.Linv
+___
+$mask80=$i1;
+$mask1b=$i2;
+$mask7f=$i3;
+$code.=<<___;
+	ldr	$s0,[$key,#16]!		@ prefetch tp1
+	mov	$mask80,#0x80
+	mov	$mask1b,#0x1b
+	orr	$mask80,$mask80,#0x8000
+	orr	$mask1b,$mask1b,#0x1b00
+	orr	$mask80,$mask80,$mask80,lsl#16
+	orr	$mask1b,$mask1b,$mask1b,lsl#16
+	sub	$rounds,$rounds,#1
+	mvn	$mask7f,$mask80
+	mov	$rounds,$rounds,lsl#2	@ (rounds-1)*4
+
+.Lmix:	and	$t1,$s0,$mask80
+	and	$s1,$s0,$mask7f
+	sub	$t1,$t1,$t1,lsr#7
+	and	$t1,$t1,$mask1b
+	eor	$s1,$t1,$s1,lsl#1	@ tp2
+
+	and	$t1,$s1,$mask80
+	and	$s2,$s1,$mask7f
+	sub	$t1,$t1,$t1,lsr#7
+	and	$t1,$t1,$mask1b
+	eor	$s2,$t1,$s2,lsl#1	@ tp4
+
+	and	$t1,$s2,$mask80
+	and	$s3,$s2,$mask7f
+	sub	$t1,$t1,$t1,lsr#7
+	and	$t1,$t1,$mask1b
+	eor	$s3,$t1,$s3,lsl#1	@ tp8
+
+	eor	$t1,$s1,$s2
+	eor	$t2,$s0,$s3		@ tp9
+	eor	$t1,$t1,$s3		@ tpe
+	eor	$t1,$t1,$s1,ror#24
+	eor	$t1,$t1,$t2,ror#24	@ ^= ROTATE(tpb=tp9^tp2,8)
+	eor	$t1,$t1,$s2,ror#16
+	eor	$t1,$t1,$t2,ror#16	@ ^= ROTATE(tpd=tp9^tp4,16)
+	eor	$t1,$t1,$t2,ror#8	@ ^= ROTATE(tp9,24)
+
+	ldr	$s0,[$key,#4]		@ prefetch tp1
+	str	$t1,[$key],#4
+	subs	$rounds,$rounds,#1
+	bne	.Lmix
+
+	mov	r0,#0
+	ldmia   sp!,{r4-r12,lr}
+	tst	lr,#1
+	moveq	pc,lr			@ be binary compatible with V4, yet
+	bx	lr			@ interoperable with Thumb ISA:-)
+.size	AES_set_decrypt_key,.-AES_set_decrypt_key
+
+.type	AES_Td,%object
+.align	5
+AES_Td:
+.word	0x51f4a750, 0x7e416553, 0x1a17a4c3, 0x3a275e96
+.word	0x3bab6bcb, 0x1f9d45f1, 0xacfa58ab, 0x4be30393
+.word	0x2030fa55, 0xad766df6, 0x88cc7691, 0xf5024c25
+.word	0x4fe5d7fc, 0xc52acbd7, 0x26354480, 0xb562a38f
+.word	0xdeb15a49, 0x25ba1b67, 0x45ea0e98, 0x5dfec0e1
+.word	0xc32f7502, 0x814cf012, 0x8d4697a3, 0x6bd3f9c6
+.word	0x038f5fe7, 0x15929c95, 0xbf6d7aeb, 0x955259da
+.word	0xd4be832d, 0x587421d3, 0x49e06929, 0x8ec9c844
+.word	0x75c2896a, 0xf48e7978, 0x99583e6b, 0x27b971dd
+.word	0xbee14fb6, 0xf088ad17, 0xc920ac66, 0x7dce3ab4
+.word	0x63df4a18, 0xe51a3182, 0x97513360, 0x62537f45
+.word	0xb16477e0, 0xbb6bae84, 0xfe81a01c, 0xf9082b94
+.word	0x70486858, 0x8f45fd19, 0x94de6c87, 0x527bf8b7
+.word	0xab73d323, 0x724b02e2, 0xe31f8f57, 0x6655ab2a
+.word	0xb2eb2807, 0x2fb5c203, 0x86c57b9a, 0xd33708a5
+.word	0x302887f2, 0x23bfa5b2, 0x02036aba, 0xed16825c
+.word	0x8acf1c2b, 0xa779b492, 0xf307f2f0, 0x4e69e2a1
+.word	0x65daf4cd, 0x0605bed5, 0xd134621f, 0xc4a6fe8a
+.word	0x342e539d, 0xa2f355a0, 0x058ae132, 0xa4f6eb75
+.word	0x0b83ec39, 0x4060efaa, 0x5e719f06, 0xbd6e1051
+.word	0x3e218af9, 0x96dd063d, 0xdd3e05ae, 0x4de6bd46
+.word	0x91548db5, 0x71c45d05, 0x0406d46f, 0x605015ff
+.word	0x1998fb24, 0xd6bde997, 0x894043cc, 0x67d99e77
+.word	0xb0e842bd, 0x07898b88, 0xe7195b38, 0x79c8eedb
+.word	0xa17c0a47, 0x7c420fe9, 0xf8841ec9, 0x00000000
+.word	0x09808683, 0x322bed48, 0x1e1170ac, 0x6c5a724e
+.word	0xfd0efffb, 0x0f853856, 0x3daed51e, 0x362d3927
+.word	0x0a0fd964, 0x685ca621, 0x9b5b54d1, 0x24362e3a
+.word	0x0c0a67b1, 0x9357e70f, 0xb4ee96d2, 0x1b9b919e
+.word	0x80c0c54f, 0x61dc20a2, 0x5a774b69, 0x1c121a16
+.word	0xe293ba0a, 0xc0a02ae5, 0x3c22e043, 0x121b171d
+.word	0x0e090d0b, 0xf28bc7ad, 0x2db6a8b9, 0x141ea9c8
+.word	0x57f11985, 0xaf75074c, 0xee99ddbb, 0xa37f60fd
+.word	0xf701269f, 0x5c72f5bc, 0x44663bc5, 0x5bfb7e34
+.word	0x8b432976, 0xcb23c6dc, 0xb6edfc68, 0xb8e4f163
+.word	0xd731dcca, 0x42638510, 0x13972240, 0x84c61120
+.word	0x854a247d, 0xd2bb3df8, 0xaef93211, 0xc729a16d
+.word	0x1d9e2f4b, 0xdcb230f3, 0x0d8652ec, 0x77c1e3d0
+.word	0x2bb3166c, 0xa970b999, 0x119448fa, 0x47e96422
+.word	0xa8fc8cc4, 0xa0f03f1a, 0x567d2cd8, 0x223390ef
+.word	0x87494ec7, 0xd938d1c1, 0x8ccaa2fe, 0x98d40b36
+.word	0xa6f581cf, 0xa57ade28, 0xdab78e26, 0x3fadbfa4
+.word	0x2c3a9de4, 0x5078920d, 0x6a5fcc9b, 0x547e4662
+.word	0xf68d13c2, 0x90d8b8e8, 0x2e39f75e, 0x82c3aff5
+.word	0x9f5d80be, 0x69d0937c, 0x6fd52da9, 0xcf2512b3
+.word	0xc8ac993b, 0x10187da7, 0xe89c636e, 0xdb3bbb7b
+.word	0xcd267809, 0x6e5918f4, 0xec9ab701, 0x834f9aa8
+.word	0xe6956e65, 0xaaffe67e, 0x21bccf08, 0xef15e8e6
+.word	0xbae79bd9, 0x4a6f36ce, 0xea9f09d4, 0x29b07cd6
+.word	0x31a4b2af, 0x2a3f2331, 0xc6a59430, 0x35a266c0
+.word	0x744ebc37, 0xfc82caa6, 0xe090d0b0, 0x33a7d815
+.word	0xf104984a, 0x41ecdaf7, 0x7fcd500e, 0x1791f62f
+.word	0x764dd68d, 0x43efb04d, 0xccaa4d54, 0xe49604df
+.word	0x9ed1b5e3, 0x4c6a881b, 0xc12c1fb8, 0x4665517f
+.word	0x9d5eea04, 0x018c355d, 0xfa877473, 0xfb0b412e
+.word	0xb3671d5a, 0x92dbd252, 0xe9105633, 0x6dd64713
+.word	0x9ad7618c, 0x37a10c7a, 0x59f8148e, 0xeb133c89
+.word	0xcea927ee, 0xb761c935, 0xe11ce5ed, 0x7a47b13c
+.word	0x9cd2df59, 0x55f2733f, 0x1814ce79, 0x73c737bf
+.word	0x53f7cdea, 0x5ffdaa5b, 0xdf3d6f14, 0x7844db86
+.word	0xcaaff381, 0xb968c43e, 0x3824342c, 0xc2a3405f
+.word	0x161dc372, 0xbce2250c, 0x283c498b, 0xff0d9541
+.word	0x39a80171, 0x080cb3de, 0xd8b4e49c, 0x6456c190
+.word	0x7bcb8461, 0xd532b670, 0x486c5c74, 0xd0b85742
+@ Td4[256]
+.byte	0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38
+.byte	0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb
+.byte	0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87
+.byte	0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb
+.byte	0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d
+.byte	0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e
+.byte	0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2
+.byte	0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25
+.byte	0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16
+.byte	0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92
+.byte	0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda
+.byte	0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84
+.byte	0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a
+.byte	0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06
+.byte	0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02
+.byte	0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b
+.byte	0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea
+.byte	0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73
+.byte	0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85
+.byte	0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e
+.byte	0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89
+.byte	0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b
+.byte	0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20
+.byte	0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4
+.byte	0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31
+.byte	0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f
+.byte	0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d
+.byte	0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef
+.byte	0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0
+.byte	0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61
+.byte	0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26
+.byte	0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d
+.size	AES_Td,.-AES_Td
+
+@ void AES_decrypt(const unsigned char *in, unsigned char *out,
+@ 		 const AES_KEY *key) {
+.global AES_decrypt
+.type   AES_decrypt,%function
+.align	5
+AES_decrypt:
+	sub	r3,pc,#8		@ AES_decrypt
+	stmdb   sp!,{r1,r4-r12,lr}
+	mov	$rounds,r0		@ inp
+	mov	$key,r2
+	sub	$tbl,r3,#AES_decrypt-AES_Td		@ Td
+
+	ldrb	$s0,[$rounds,#3]	@ load input data in endian-neutral
+	ldrb	$t1,[$rounds,#2]	@ manner...
+	ldrb	$t2,[$rounds,#1]
+	ldrb	$t3,[$rounds,#0]
+	orr	$s0,$s0,$t1,lsl#8
+	orr	$s0,$s0,$t2,lsl#16
+	orr	$s0,$s0,$t3,lsl#24
+	ldrb	$s1,[$rounds,#7]
+	ldrb	$t1,[$rounds,#6]
+	ldrb	$t2,[$rounds,#5]
+	ldrb	$t3,[$rounds,#4]
+	orr	$s1,$s1,$t1,lsl#8
+	orr	$s1,$s1,$t2,lsl#16
+	orr	$s1,$s1,$t3,lsl#24
+	ldrb	$s2,[$rounds,#11]
+	ldrb	$t1,[$rounds,#10]
+	ldrb	$t2,[$rounds,#9]
+	ldrb	$t3,[$rounds,#8]
+	orr	$s2,$s2,$t1,lsl#8
+	orr	$s2,$s2,$t2,lsl#16
+	orr	$s2,$s2,$t3,lsl#24
+	ldrb	$s3,[$rounds,#15]
+	ldrb	$t1,[$rounds,#14]
+	ldrb	$t2,[$rounds,#13]
+	ldrb	$t3,[$rounds,#12]
+	orr	$s3,$s3,$t1,lsl#8
+	orr	$s3,$s3,$t2,lsl#16
+	orr	$s3,$s3,$t3,lsl#24
+
+	bl	_armv4_AES_decrypt
+
+	ldr	$rounds,[sp],#4		@ pop out
+	mov	$t1,$s0,lsr#24		@ write output in endian-neutral
+	mov	$t2,$s0,lsr#16		@ manner...
+	mov	$t3,$s0,lsr#8
+	strb	$t1,[$rounds,#0]
+	strb	$t2,[$rounds,#1]
+	strb	$t3,[$rounds,#2]
+	strb	$s0,[$rounds,#3]
+	mov	$t1,$s1,lsr#24
+	mov	$t2,$s1,lsr#16
+	mov	$t3,$s1,lsr#8
+	strb	$t1,[$rounds,#4]
+	strb	$t2,[$rounds,#5]
+	strb	$t3,[$rounds,#6]
+	strb	$s1,[$rounds,#7]
+	mov	$t1,$s2,lsr#24
+	mov	$t2,$s2,lsr#16
+	mov	$t3,$s2,lsr#8
+	strb	$t1,[$rounds,#8]
+	strb	$t2,[$rounds,#9]
+	strb	$t3,[$rounds,#10]
+	strb	$s2,[$rounds,#11]
+	mov	$t1,$s3,lsr#24
+	mov	$t2,$s3,lsr#16
+	mov	$t3,$s3,lsr#8
+	strb	$t1,[$rounds,#12]
+	strb	$t2,[$rounds,#13]
+	strb	$t3,[$rounds,#14]
+	strb	$s3,[$rounds,#15]
+
+	ldmia   sp!,{r4-r12,lr}
+	tst	lr,#1
+	moveq	pc,lr			@ be binary compatible with V4, yet
+	bx	lr			@ interoperable with Thumb ISA:-)
+.size	AES_decrypt,.-AES_decrypt
+
+.type   _armv4_AES_decrypt,%function
+.align	2
+_armv4_AES_decrypt:
+	str	lr,[sp,#-4]!		@ push lr
+	ldr	$t1,[$key],#16
+	ldr	$t2,[$key,#-12]
+	ldr	$t3,[$key,#-8]
+	ldr	$i1,[$key,#-4]
+	ldr	$rounds,[$key,#240-16]
+	eor	$s0,$s0,$t1
+	eor	$s1,$s1,$t2
+	eor	$s2,$s2,$t3
+	eor	$s3,$s3,$i1
+	sub	$rounds,$rounds,#1
+	mov	lr,#255
+
+.Ldec_loop:
+	and	$i1,lr,$s0,lsr#16
+	and	$i2,lr,$s0,lsr#8
+	and	$i3,lr,$s0
+	mov	$s0,$s0,lsr#24
+	ldr	$t1,[$tbl,$i1,lsl#2]	@ Td1[s0>>16]
+	ldr	$s0,[$tbl,$s0,lsl#2]	@ Td0[s0>>24]
+	ldr	$t2,[$tbl,$i2,lsl#2]	@ Td2[s0>>8]
+	ldr	$t3,[$tbl,$i3,lsl#2]	@ Td3[s0>>0]
+
+	and	$i1,lr,$s1		@ i0
+	and	$i2,lr,$s1,lsr#16
+	and	$i3,lr,$s1,lsr#8
+	mov	$s1,$s1,lsr#24
+	ldr	$i1,[$tbl,$i1,lsl#2]	@ Td3[s1>>0]
+	ldr	$s1,[$tbl,$s1,lsl#2]	@ Td0[s1>>24]
+	ldr	$i2,[$tbl,$i2,lsl#2]	@ Td1[s1>>16]
+	ldr	$i3,[$tbl,$i3,lsl#2]	@ Td2[s1>>8]
+	eor	$s0,$s0,$i1,ror#24
+	eor	$s1,$s1,$t1,ror#8
+	eor	$t2,$i2,$t2,ror#8
+	eor	$t3,$i3,$t3,ror#8
+
+	and	$i1,lr,$s2,lsr#8	@ i0
+	and	$i2,lr,$s2		@ i1
+	and	$i3,lr,$s2,lsr#16
+	mov	$s2,$s2,lsr#24
+	ldr	$i1,[$tbl,$i1,lsl#2]	@ Td2[s2>>8]
+	ldr	$i2,[$tbl,$i2,lsl#2]	@ Td3[s2>>0]
+	ldr	$s2,[$tbl,$s2,lsl#2]	@ Td0[s2>>24]
+	ldr	$i3,[$tbl,$i3,lsl#2]	@ Td1[s2>>16]
+	eor	$s0,$s0,$i1,ror#16
+	eor	$s1,$s1,$i2,ror#24
+	eor	$s2,$s2,$t2,ror#8
+	eor	$t3,$i3,$t3,ror#8
+
+	and	$i1,lr,$s3,lsr#16	@ i0
+	and	$i2,lr,$s3,lsr#8	@ i1
+	and	$i3,lr,$s3		@ i2
+	mov	$s3,$s3,lsr#24
+	ldr	$i1,[$tbl,$i1,lsl#2]	@ Td1[s3>>16]
+	ldr	$i2,[$tbl,$i2,lsl#2]	@ Td2[s3>>8]
+	ldr	$i3,[$tbl,$i3,lsl#2]	@ Td3[s3>>0]
+	ldr	$s3,[$tbl,$s3,lsl#2]	@ Td0[s3>>24]
+	eor	$s0,$s0,$i1,ror#8
+	eor	$s1,$s1,$i2,ror#16
+	eor	$s2,$s2,$i3,ror#24
+	eor	$s3,$s3,$t3,ror#8
+
+	ldr	$t1,[$key],#16
+	ldr	$t2,[$key,#-12]
+	ldr	$t3,[$key,#-8]
+	ldr	$i1,[$key,#-4]
+	eor	$s0,$s0,$t1
+	eor	$s1,$s1,$t2
+	eor	$s2,$s2,$t3
+	eor	$s3,$s3,$i1
+
+	subs	$rounds,$rounds,#1
+	bne	.Ldec_loop
+
+	add	$tbl,$tbl,#1024
+
+	ldr	$t1,[$tbl,#0]		@ prefetch Td4
+	ldr	$t2,[$tbl,#32]
+	ldr	$t3,[$tbl,#64]
+	ldr	$i1,[$tbl,#96]
+	ldr	$i2,[$tbl,#128]
+	ldr	$i3,[$tbl,#160]
+	ldr	$t1,[$tbl,#192]
+	ldr	$t2,[$tbl,#224]
+
+	and	$i1,lr,$s0,lsr#16
+	and	$i2,lr,$s0,lsr#8
+	and	$i3,lr,$s0
+	ldrb	$s0,[$tbl,$s0,lsr#24]	@ Td4[s0>>24]
+	ldrb	$t1,[$tbl,$i1]		@ Td4[s0>>16]
+	ldrb	$t2,[$tbl,$i2]		@ Td4[s0>>8]
+	ldrb	$t3,[$tbl,$i3]		@ Td4[s0>>0]
+
+	and	$i1,lr,$s1		@ i0
+	and	$i2,lr,$s1,lsr#16
+	and	$i3,lr,$s1,lsr#8
+	ldrb	$i1,[$tbl,$i1]		@ Td4[s1>>0]
+	ldrb	$s1,[$tbl,$s1,lsr#24]	@ Td4[s1>>24]
+	ldrb	$i2,[$tbl,$i2]		@ Td4[s1>>16]
+	ldrb	$i3,[$tbl,$i3]		@ Td4[s1>>8]
+	eor	$s0,$i1,$s0,lsl#24
+	eor	$s1,$t1,$s1,lsl#8
+	eor	$t2,$t2,$i2,lsl#8
+	eor	$t3,$t3,$i3,lsl#8
+
+	and	$i1,lr,$s2,lsr#8	@ i0
+	and	$i2,lr,$s2		@ i1
+	and	$i3,lr,$s2,lsr#16
+	ldrb	$i1,[$tbl,$i1]		@ Td4[s2>>8]
+	ldrb	$i2,[$tbl,$i2]		@ Td4[s2>>0]
+	ldrb	$s2,[$tbl,$s2,lsr#24]	@ Td4[s2>>24]
+	ldrb	$i3,[$tbl,$i3]		@ Td4[s2>>16]
+	eor	$s0,$s0,$i1,lsl#8
+	eor	$s1,$i2,$s1,lsl#16
+	eor	$s2,$t2,$s2,lsl#16
+	eor	$t3,$t3,$i3,lsl#16
+
+	and	$i1,lr,$s3,lsr#16	@ i0
+	and	$i2,lr,$s3,lsr#8	@ i1
+	and	$i3,lr,$s3		@ i2
+	ldrb	$i1,[$tbl,$i1]		@ Td4[s3>>16]
+	ldrb	$i2,[$tbl,$i2]		@ Td4[s3>>8]
+	ldrb	$i3,[$tbl,$i3]		@ Td4[s3>>0]
+	ldrb	$s3,[$tbl,$s3,lsr#24]	@ Td4[s3>>24]
+	eor	$s0,$s0,$i1,lsl#16
+	eor	$s1,$s1,$i2,lsl#8
+	eor	$s2,$i3,$s2,lsl#8
+	eor	$s3,$t3,$s3,lsl#24
+
+	ldr	lr,[sp],#4		@ pop lr
+	ldr	$t1,[$key,#0]
+	ldr	$t2,[$key,#4]
+	ldr	$t3,[$key,#8]
+	ldr	$i1,[$key,#12]
+	eor	$s0,$s0,$t1
+	eor	$s1,$s1,$t2
+	eor	$s2,$s2,$t3
+	eor	$s3,$s3,$i1
+
+	sub	$tbl,$tbl,#1024
+	mov	pc,lr			@ return
+.size	_armv4_AES_decrypt,.-_armv4_AES_decrypt
+.asciz	"AES for ARMv4, CRYPTOGAMS by <appro\@openssl.org>"
+___
+
+$code =~ s/\bbx\s+lr\b/.word\t0xe12fff1e/gm;	# make it possible to compile with -march=armv4
+print $code;
diff --git a/crypto/aes/asm/aes-ia64.S b/crypto/aes/asm/aes-ia64.S
index 542cf335e9..7f6c4c3662 100644
--- a/crypto/aes/asm/aes-ia64.S
+++ b/crypto/aes/asm/aes-ia64.S
@@ -17,14 +17,24 @@
 // big-endian input, ECB timing on Itanium 2 is (18 + 13*rounds)
 // ticks per block, or 9.25 CPU cycles per byte for 128 bit key.
 
-.ident	"aes-ia64.S, version 1.1"
+// Version 1.2 mitigates the hazard of cache-timing attacks by
+// a) compressing S-boxes from 8KB to 2KB+256B, b) scheduling
+// references to S-boxes for L2 cache latency, c) prefetching T[ed]4
+// prior last round. As result performance dropped to (26 + 15*rounds)
+// ticks per block or 11 cycles per byte processed with 128-bit key.
+// This is ~16% deterioration. For reference Itanium 2 L1 cache has
+// 64 bytes line size and L2 - 128 bytes...
+
+.ident	"aes-ia64.S, version 1.2"
 .ident	"IA-64 ISA artwork by Andy Polyakov <appro@fy.chalmers.se>"
 .explicit
 .text
 
 rk0=r8;     rk1=r9;
 
-prsave=r10;
+pfssave=r2;
+lcsave=r10;
+prsave=r3;
 maskff=r11;
 twenty4=r14;
 sixteen=r15;
@@ -44,12 +54,21 @@ te0=r40;    te1=r41;    te2=r42;    te3=r43;
 
 #if defined(_HPUX_SOURCE) && !defined(_LP64)
 # define ADDP	addp4
-# define KSZ	4
-# define LDKEY	ld4
 #else
 # define ADDP	add
 #endif
 
+// Offsets from Te0
+#define TE0	0
+#define TE2	2
+#if defined(_HPUX_SOURCE) || defined(B_ENDIAN)
+#define TE1	3
+#define TE3	1
+#else
+#define TE1	1
+#define TE3	3
+#endif
+
 // This implies that AES_KEY comprises 32-bit key schedule elements
 // even on LP64 platforms.
 #ifndef	KSZ
@@ -67,16 +86,19 @@ te0=r40;    te1=r41;    te2=r42;    te3=r43;
 // Clobber:	r16-r31,rk0-rk1,r32-r43
 .align	32
 _ia64_AES_encrypt:
+	.prologue
+	.altrp	b6
+	.body
 { .mmi;	alloc	r16=ar.pfs,12,0,0,8
 	LDKEY	t0=[rk0],2*KSZ
 	mov	pr.rot=1<<16	}
 { .mmi;	LDKEY	t1=[rk1],2*KSZ
-	add	te1=1024,te0
+	add	te1=TE1,te0
 	add	te3=-3,te3	};;
 { .mib;	LDKEY	t2=[rk0],2*KSZ
-	mov	ar.ec=3		}
+	mov	ar.ec=2		}
 { .mib;	LDKEY	t3=[rk1],2*KSZ
-	add	te2=2048,te0
+	add	te2=TE2,te0
 	brp.loop.imp	.Le_top,.Le_end-16	};;
 
 { .mmi;	xor	s0=s0,t0
@@ -84,8 +106,8 @@ _ia64_AES_encrypt:
 	mov	ar.lc=te3	}
 { .mmi;	xor	s2=s2,t2
 	xor	s3=s3,t3
-	add	te3=3072,te0	};;
-
+	add	te3=TE3,te0	};;
+
 .align	32
 .Le_top:
 { .mmi;	(p0)	LDKEY	t0=[rk0],2*KSZ		// 0/0:rk[0]
@@ -95,105 +117,184 @@ _ia64_AES_encrypt:
 	(p0)	and	te30=s0,maskff		// 0/1:s0&0xff
 	(p0)	shr.u	te00=s0,twenty4	};;	// 0/0:s0>>24
 { .mmi;	(p0)	LDKEY	t2=[rk0],2*KSZ		// 1/2:rk[2]
-	(p0)	shladd	te33=te33,2,te3		// 1/0:te0+s0>>24
+	(p0)	shladd	te33=te33,3,te3		// 1/0:te0+s0>>24
 	(p0)	extr.u	te23=s3,8,8	}	// 1/1:s3>>8&0xff
 { .mmi;	(p0)	LDKEY	t3=[rk1],2*KSZ		// 1/3:rk[3]
-	(p0)	shladd	te30=te30,2,te3		// 1/1:te3+s0
+	(p0)	shladd	te30=te30,3,te3		// 1/1:te3+s0
 	(p0)	shr.u	te01=s1,twenty4	};;	// 1/1:s1>>24
 { .mmi;	(p0)	ld4	te33=[te33]		// 2/0:te3[s3&0xff]
-	(p0)	shladd	te22=te22,2,te2		// 2/0:te2+s2>>8&0xff
+	(p0)	shladd	te22=te22,3,te2		// 2/0:te2+s2>>8&0xff
 	(p0)	extr.u	te20=s0,8,8	}	// 2/2:s0>>8&0xff
 { .mmi;	(p0)	ld4	te30=[te30]		// 2/1:te3[s0]
-	(p0)	shladd	te23=te23,2,te2		// 2/1:te2+s3>>8
+	(p0)	shladd	te23=te23,3,te2		// 2/1:te2+s3>>8
 	(p0)	shr.u	te02=s2,twenty4	};;	// 2/2:s2>>24
 { .mmi;	(p0)	ld4	te22=[te22]		// 3/0:te2[s2>>8]
-	(p0)	shladd	te20=te20,2,te2		// 3/2:te2+s0>>8
+	(p0)	shladd	te20=te20,3,te2		// 3/2:te2+s0>>8
 	(p0)	extr.u	te21=s1,8,8	}	// 3/3:s1>>8&0xff
 { .mmi;	(p0)	ld4	te23=[te23]		// 3/1:te2[s3>>8]
-	(p0)	shladd	te00=te00,2,te0		// 3/0:te0+s0>>24
+	(p0)	shladd	te00=te00,3,te0		// 3/0:te0+s0>>24
 	(p0)	shr.u	te03=s3,twenty4	};;	// 3/3:s3>>24
 { .mmi;	(p0)	ld4	te20=[te20]		// 4/2:te2[s0>>8]
-	(p0)	shladd	te21=te21,2,te2		// 4/3:te3+s2
+	(p0)	shladd	te21=te21,3,te2		// 4/3:te3+s2
 	(p0)	extr.u	te11=s1,16,8	}	// 4/0:s1>>16&0xff
 { .mmi;	(p0)	ld4	te00=[te00]		// 4/0:te0[s0>>24]
-	(p0)	shladd	te01=te01,2,te0		// 4/1:te0+s1>>24
+	(p0)	shladd	te01=te01,3,te0		// 4/1:te0+s1>>24
 	(p0)	shr.u	te13=s3,sixteen	};;	// 4/2:s3>>16
 { .mmi;	(p0)	ld4	te21=[te21]		// 5/3:te2[s1>>8]
-	(p0)	shladd	te11=te11,2,te1		// 5/0:te1+s1>>16
+	(p0)	shladd	te11=te11,3,te1		// 5/0:te1+s1>>16
 	(p0)	extr.u	te12=s2,16,8	}	// 5/1:s2>>16&0xff
 { .mmi;	(p0)	ld4	te01=[te01]		// 5/1:te0[s1>>24]
-	(p0)	shladd	te02=te02,2,te0		// 5/2:te0+s2>>24
+	(p0)	shladd	te02=te02,3,te0		// 5/2:te0+s2>>24
 	(p0)	and	te31=s1,maskff	};;	// 5/2:s1&0xff
-
 { .mmi;	(p0)	ld4	te11=[te11]		// 6/0:te1[s1>>16]
-	(p0)	shladd	te12=te12,2,te1		// 6/1:te1+s2>>16
+	(p0)	shladd	te12=te12,3,te1		// 6/1:te1+s2>>16
 	(p0)	extr.u	te10=s0,16,8	}	// 6/3:s0>>16&0xff
 { .mmi;	(p0)	ld4	te02=[te02]		// 6/2:te0[s2>>24]
-	(p0)	shladd	te03=te03,2,te0		// 6/3:te1+s0>>16
+	(p0)	shladd	te03=te03,3,te0		// 6/3:te1+s0>>16
 	(p0)	and	te32=s2,maskff	};;	// 6/3:s2&0xff
+
 { .mmi;	(p0)	ld4	te12=[te12]		// 7/1:te1[s2>>16]
-	(p0)	shladd	te31=te31,2,te3		// 7/2:te3+s1&0xff
+	(p0)	shladd	te31=te31,3,te3		// 7/2:te3+s1&0xff
 	(p0)	and	te13=te13,maskff}	// 7/2:s3>>16&0xff
 { .mmi;	(p0)	ld4	te03=[te03]		// 7/3:te0[s3>>24]
-	(p0)	shladd	te32=te32,2,te3		// 7/3:te3+s2
+	(p0)	shladd	te32=te32,3,te3		// 7/3:te3+s2
 	(p0)	xor	t0=t0,te33	};;	// 7/0:
 { .mmi;	(p0)	ld4	te31=[te31]		// 8/2:te3[s1]
-	(p0)	shladd	te13=te13,2,te1		// 8/2:te1+s3>>16
+	(p0)	shladd	te13=te13,3,te1		// 8/2:te1+s3>>16
 	(p0)	xor	t0=t0,te22	}	// 8/0:
 { .mmi;	(p0)	ld4	te32=[te32]		// 8/3:te3[s2]
-	(p0)	shladd	te10=te10,2,te1		// 8/3:te1+s0>>16
+	(p0)	shladd	te10=te10,3,te1		// 8/3:te1+s0>>16
 	(p0)	xor	t1=t1,te30	};;	// 8/1:
 { .mmi;	(p0)	ld4	te13=[te13]		// 9/2:te1[s3>>16]
-	(p0)	xor	t0=t0,te00		// 9/0:
-	(p0)	xor	t1=t1,te23	}	// 9/1:		
-{ .mmi;	(p0)	ld4	te10=[te10]		// 9/3:te1[s0>>16]
-	(p0)	xor	t2=t2,te20		// 9/2:
-	(p0)	xor	t3=t3,te21	};;	// 9/3:
-{ .mmi;	(p0)	xor	t0=t0,te11		// 10/0:done!
-	(p0)	xor	t1=t1,te01		// 10/1:
-	(p0)	xor	t2=t2,te02	}	// 10/2:
-{ .mmi;	(p0)	xor	t3=t3,te03		// 10/3:
-	(p16)	cmp.eq	p0,p17=r0,r0 	};;	// 10/clear (p17)
-{ .mmi;	(p0)	xor	t1=t1,te12		// 11/1:done!
-	(p0)	xor	t2=t2,te31		// 11/2:
-	(p0)	xor	t3=t3,te32	}	// 11/3:
-{ .mmi;	(p17)	add	te0=4096,te0		// 11/	
-	(p17)	add	te1=4096,te1	};;	// 11/
-{ .mib;	(p0)	xor	t2=t2,te13		// 12/2:done!
-	(p0)	xor	t3=t3,te10	}	// 12/3:done!
-{ .mib;	(p17)	add	te2=4096,te2		// 12/
-	(p17)	add	te3=4096,te3		// 12/
+	(p0)	ld4	te10=[te10]		// 9/3:te1[s0>>16]
+	(p0)	xor	t0=t0,te00	};;	// 9/0:		!L2 scheduling
+{ .mmi;	(p0)	xor	t1=t1,te23		// 10[9]/1:	
+	(p0)	xor	t2=t2,te20		// 10[9]/2:
+	(p0)	xor	t3=t3,te21	};;	// 10[9]/3:
+{ .mmi;	(p0)	xor	t0=t0,te11		// 11[10]/0:done!
+	(p0)	xor	t1=t1,te01		// 11[10]/1:
+	(p0)	xor	t2=t2,te02	};;	// 11[10]/2:	!L2 scheduling
+{ .mmi;	(p0)	xor	t3=t3,te03		// 12[10]/3:
+	(p16)	cmp.eq	p0,p17=r0,r0 	};;	// 12[10]/clear (p17)
+{ .mmi;	(p0)	xor	t1=t1,te12		// 13[11]/1:done!
+	(p0)	xor	t2=t2,te31		// 13[11]/2:
+	(p0)	xor	t3=t3,te32	}	// 13[11]/3:
+{ .mmi;	(p17)	add	te0=2048,te0		// 13[11]/
+	(p17)	add	te1=2048+64-TE1,te1};;	// 13[11]/
+{ .mib;	(p0)	xor	t2=t2,te13		// 14[12]/2:done!
+	(p17)	add	te2=2048+128-TE2,te2}	// 14[12]/
+{ .mib;	(p0)	xor	t3=t3,te10		// 14[12]/3:done!
+	(p17)	add	te3=2048+192-TE3,te3	// 14[12]/
 	br.ctop.sptk	.Le_top		};;
 .Le_end:
-{ .mib;	mov	r16=s0
-	mov	r20=s1			}
-{ .mib;	mov	r24=s2
-	mov	r28=s3
-	br.ret.sptk	b6		};;
+
+
+{ .mmi;	ld8	te12=[te0]		// prefetch Te4
+	ld8	te31=[te1]	}
+{ .mmi;	ld8	te10=[te2]
+	ld8	te32=[te3]	}
+
+{ .mmi;	LDKEY	t0=[rk0],2*KSZ		// 0/0:rk[0]
+	and	te33=s3,maskff		// 0/0:s3&0xff
+	extr.u	te22=s2,8,8	}	// 0/0:s2>>8&0xff
+{ .mmi; LDKEY	t1=[rk1],2*KSZ		// 0/1:rk[1]
+	and	te30=s0,maskff		// 0/1:s0&0xff
+	shr.u	te00=s0,twenty4	};;	// 0/0:s0>>24
+{ .mmi;	LDKEY	t2=[rk0],2*KSZ		// 1/2:rk[2]
+	add	te33=te33,te0		// 1/0:te0+s0>>24
+	extr.u	te23=s3,8,8	}	// 1/1:s3>>8&0xff
+{ .mmi;	LDKEY	t3=[rk1],2*KSZ		// 1/3:rk[3]
+	add	te30=te30,te0		// 1/1:te0+s0
+	shr.u	te01=s1,twenty4	};;	// 1/1:s1>>24
+{ .mmi;	ld1	te33=[te33]		// 2/0:te0[s3&0xff]
+	add	te22=te22,te0		// 2/0:te0+s2>>8&0xff
+	extr.u	te20=s0,8,8	}	// 2/2:s0>>8&0xff
+{ .mmi;	ld1	te30=[te30]		// 2/1:te0[s0]
+	add	te23=te23,te0		// 2/1:te0+s3>>8
+	shr.u	te02=s2,twenty4	};;	// 2/2:s2>>24
+{ .mmi;	ld1	te22=[te22]		// 3/0:te0[s2>>8]
+	add	te20=te20,te0		// 3/2:te0+s0>>8
+	extr.u	te21=s1,8,8	}	// 3/3:s1>>8&0xff
+{ .mmi;	ld1	te23=[te23]		// 3/1:te0[s3>>8]
+	add	te00=te00,te0		// 3/0:te0+s0>>24
+	shr.u	te03=s3,twenty4	};;	// 3/3:s3>>24
+{ .mmi;	ld1	te20=[te20]		// 4/2:te0[s0>>8]
+	add	te21=te21,te0		// 4/3:te0+s2
+	extr.u	te11=s1,16,8	}	// 4/0:s1>>16&0xff
+{ .mmi;	ld1	te00=[te00]		// 4/0:te0[s0>>24]
+	add	te01=te01,te0		// 4/1:te0+s1>>24
+	shr.u	te13=s3,sixteen	};;	// 4/2:s3>>16
+{ .mmi;	ld1	te21=[te21]		// 5/3:te0[s1>>8]
+	add	te11=te11,te0		// 5/0:te0+s1>>16
+	extr.u	te12=s2,16,8	}	// 5/1:s2>>16&0xff
+{ .mmi;	ld1	te01=[te01]		// 5/1:te0[s1>>24]
+	add	te02=te02,te0		// 5/2:te0+s2>>24
+	and	te31=s1,maskff	};;	// 5/2:s1&0xff
+{ .mmi;	ld1	te11=[te11]		// 6/0:te0[s1>>16]
+	add	te12=te12,te0		// 6/1:te0+s2>>16
+	extr.u	te10=s0,16,8	}	// 6/3:s0>>16&0xff
+{ .mmi;	ld1	te02=[te02]		// 6/2:te0[s2>>24]
+	add	te03=te03,te0		// 6/3:te0+s0>>16
+	and	te32=s2,maskff	};;	// 6/3:s2&0xff
+
+{ .mmi;	ld1	te12=[te12]		// 7/1:te0[s2>>16]
+	add	te31=te31,te0		// 7/2:te0+s1&0xff
+	dep	te33=te22,te33,8,8}	// 7/0:
+{ .mmi;	ld1	te03=[te03]		// 7/3:te0[s3>>24]
+	add	te32=te32,te0		// 7/3:te0+s2
+	and	te13=te13,maskff};;	// 7/2:s3>>16&0xff
+{ .mmi;	ld1	te31=[te31]		// 8/2:te0[s1]
+	add	te13=te13,te0		// 8/2:te0+s3>>16
+	dep	te30=te23,te30,8,8}	// 8/1:
+{ .mmi;	ld1	te32=[te32]		// 8/3:te0[s2]
+	add	te10=te10,te0		// 8/3:te0+s0>>16
+	shl	te00=te00,twenty4};;	// 8/0:
+{ .mii;	ld1	te13=[te13]		// 9/2:te0[s3>>16]
+	dep	te33=te11,te33,16,8	// 9/0:
+	shl	te01=te01,twenty4};;	// 9/1:
+{ .mii;	ld1	te10=[te10]		// 10/3:te0[s0>>16]
+	dep	te31=te20,te31,8,8	// 10/2:
+	shl	te02=te02,twenty4};;	// 10/2:
+{ .mii;	xor	t0=t0,te33		// 11/0:
+	dep	te32=te21,te32,8,8	// 11/3:
+	shl	te12=te12,sixteen};;	// 11/1:
+{ .mii;	xor	r16=t0,te00		// 12/0:done!
+	dep	te31=te13,te31,16,8	// 12/2:
+	shl	te03=te03,twenty4};;	// 12/3:
+{ .mmi;	xor	t1=t1,te01		// 13/1:
+	xor	t2=t2,te02		// 13/2:
+	dep	te32=te10,te32,16,8};;	// 13/3:
+{ .mmi;	xor	t1=t1,te30		// 14/1:
+	xor	r24=t2,te31		// 14/2:done!
+	xor	t3=t3,te32	};;	// 14/3:
+{ .mib;	xor	r20=t1,te12		// 15/1:done!
+	xor	r28=t3,te03		// 15/3:done!
+	br.ret.sptk	b6	};;
 .endp	_ia64_AES_encrypt#
 
 // void AES_encrypt (const void *in,void *out,const AES_KEY *key);
 .global	AES_encrypt#
 .proc	AES_encrypt#
 .align	32
-.skip	16
 AES_encrypt:
 	.prologue
-	.fframe	0
-	.save	ar.pfs,r2
-	.save	ar.lc,r3
-{ .mmi;	alloc	r2=ar.pfs,3,0,12,0
-	addl	out8=@ltoff(AES_Te#),gp
-	mov	r3=ar.lc		}
-{ .mmi;	and	out0=3,in0
-	ADDP	in0=0,in0
+	.save	ar.pfs,pfssave
+{ .mmi;	alloc	pfssave=ar.pfs,3,1,12,0
+	and	out0=3,in0
+	mov	r3=ip			}
+{ .mmi;	ADDP	in0=0,in0
+	mov	loc0=psr.um
 	ADDP	out11=KSZ*60,in2	};;	// &AES_KEY->rounds
 
-	.body
-{ .mmi;	ld8	out8=[out8]			// Te0
-	ld4	out11=[out11]			// AES_KEY->rounds
+{ .mmi;	ld4	out11=[out11]			// AES_KEY->rounds
+	add	out8=(AES_Te#-AES_encrypt#),r3	// Te0
+	.save	pr,prsave
 	mov	prsave=pr		}
+{ .mmi;	rum	1<<3				// clear um.ac
+	.save	ar.lc,lcsave
+	mov	lcsave=ar.lc		};;
 
+	.body
 #if defined(_HPUX_SOURCE)	// HPUX is big-endian, cut 15+15 cycles...
 { .mib; cmp.ne	p6,p0=out0,r0
 	add	out0=4,in0
@@ -216,8 +317,9 @@ AES_encrypt:
 	ADDP	in1=0,in1
 (p6)	br.spnt	.Le_o_unaligned		};;
 
-{ .mii;	mov	ar.pfs=r2
-	mov	ar.lc=r3		}
+{ .mii;	mov	psr.um=loc0
+	mov	ar.pfs=pfssave
+	mov	ar.lc=lcsave		};;
 { .mmi;	st4	[in1]=r16,8		// s0
 	st4	[in0]=r20,8		// s1
 	mov	pr=prsave,0x1ffff	};;
@@ -278,13 +380,13 @@ AES_encrypt:
 	shr.u	r23=r20,twenty4		}//;;	// s1
 { .mii;	ADDP	out2=2,in1
 	extr.u	r21=r20,8,8
-	shr.u	r22=r20,sixteen	}//;;
+	shr.u	r22=r20,sixteen		}//;;
 { .mii;	ADDP	out3=3,in1
 	extr.u	r25=r24,8,8			// s2
 	shr.u	r27=r24,twenty4		};;
 { .mii;	st1	[out3]=r16,4
 	extr.u	r26=r24,16,8
-	shr.u	r31=r28,twenty4	}//;;	// s3
+	shr.u	r31=r28,twenty4		}//;;	// s3
 { .mii;	st1	[out2]=r17,4
 	extr.u	r29=r28,8,8
 	shr.u	r30=r28,sixteen		}//;;
@@ -300,12 +402,13 @@ AES_encrypt:
 	mov	pr=prsave,0x1ffff	}//;;
 { .mmi;	st1	[out1]=r26,4
 	st1	[out0]=r27,4
-	mov	ar.pfs=r2		};;
+	mov	ar.pfs=pfssave		};;
 { .mmi;	st1	[out3]=r28
 	st1	[out2]=r29
-	mov	ar.lc=r3		}//;;
-{ .mmb;	st1	[out1]=r30
-	st1	[out0]=r31
+	mov	ar.lc=lcsave		}//;;
+{ .mmi;	st1	[out1]=r30
+	st1	[out0]=r31		}
+{ .mfb;	mov	psr.um=loc0			// restore user mask
 	br.ret.sptk.many	b0	};;
 .endp	AES_encrypt#
 
@@ -360,16 +463,19 @@ while(<>) {
 // Clobber:	r16-r31,rk0-rk1,r32-r43
 .align	32
 _ia64_AES_decrypt:
+	.prologue
+	.altrp	b6
+	.body
 { .mmi;	alloc	r16=ar.pfs,12,0,0,8
 	LDKEY	t0=[rk0],2*KSZ
 	mov	pr.rot=1<<16	}
 { .mmi;	LDKEY	t1=[rk1],2*KSZ
-	add	te1=1024,te0
+	add	te1=TE1,te0
 	add	te3=-3,te3	};;
 { .mib;	LDKEY	t2=[rk0],2*KSZ
-	mov	ar.ec=3		}
+	mov	ar.ec=2		}
 { .mib;	LDKEY	t3=[rk1],2*KSZ
-	add	te2=2048,te0
+	add	te2=TE2,te0
 	brp.loop.imp	.Ld_top,.Ld_end-16	};;
 
 { .mmi;	xor	s0=s0,t0
@@ -377,8 +483,8 @@ _ia64_AES_decrypt:
 	mov	ar.lc=te3	}
 { .mmi;	xor	s2=s2,t2
 	xor	s3=s3,t3
-	add	te3=3072,te0	};;
-
+	add	te3=TE3,te0	};;
+
 .align	32
 .Ld_top:
 { .mmi;	(p0)	LDKEY	t0=[rk0],2*KSZ		// 0/0:rk[0]
@@ -388,105 +494,184 @@ _ia64_AES_decrypt:
 	(p0)	and	te32=s2,maskff		// 0/1:s0&0xff
 	(p0)	shr.u	te00=s0,twenty4	};;	// 0/0:s0>>24
 { .mmi;	(p0)	LDKEY	t2=[rk0],2*KSZ		// 1/2:rk[2]
-	(p0)	shladd	te31=te31,2,te3		// 1/0:te0+s0>>24
+	(p0)	shladd	te31=te31,3,te3		// 1/0:te0+s0>>24
 	(p0)	extr.u	te23=s3,8,8	}	// 1/1:s3>>8&0xff
 { .mmi;	(p0)	LDKEY	t3=[rk1],2*KSZ		// 1/3:rk[3]
-	(p0)	shladd	te32=te32,2,te3		// 1/1:te3+s0
+	(p0)	shladd	te32=te32,3,te3		// 1/1:te3+s0
 	(p0)	shr.u	te01=s1,twenty4	};;	// 1/1:s1>>24
 { .mmi;	(p0)	ld4	te31=[te31]		// 2/0:te3[s3&0xff]
-	(p0)	shladd	te22=te22,2,te2		// 2/0:te2+s2>>8&0xff
+	(p0)	shladd	te22=te22,3,te2		// 2/0:te2+s2>>8&0xff
 	(p0)	extr.u	te20=s0,8,8	}	// 2/2:s0>>8&0xff
 { .mmi;	(p0)	ld4	te32=[te32]		// 2/1:te3[s0]
-	(p0)	shladd	te23=te23,2,te2		// 2/1:te2+s3>>8
+	(p0)	shladd	te23=te23,3,te2		// 2/1:te2+s3>>8
 	(p0)	shr.u	te02=s2,twenty4	};;	// 2/2:s2>>24
 { .mmi;	(p0)	ld4	te22=[te22]		// 3/0:te2[s2>>8]
-	(p0)	shladd	te20=te20,2,te2		// 3/2:te2+s0>>8
+	(p0)	shladd	te20=te20,3,te2		// 3/2:te2+s0>>8
 	(p0)	extr.u	te21=s1,8,8	}	// 3/3:s1>>8&0xff
 { .mmi;	(p0)	ld4	te23=[te23]		// 3/1:te2[s3>>8]
-	(p0)	shladd	te00=te00,2,te0		// 3/0:te0+s0>>24
+	(p0)	shladd	te00=te00,3,te0		// 3/0:te0+s0>>24
 	(p0)	shr.u	te03=s3,twenty4	};;	// 3/3:s3>>24
 { .mmi;	(p0)	ld4	te20=[te20]		// 4/2:te2[s0>>8]
-	(p0)	shladd	te21=te21,2,te2		// 4/3:te3+s2
+	(p0)	shladd	te21=te21,3,te2		// 4/3:te3+s2
 	(p0)	extr.u	te13=s3,16,8	}	// 4/0:s1>>16&0xff
 { .mmi;	(p0)	ld4	te00=[te00]		// 4/0:te0[s0>>24]
-	(p0)	shladd	te01=te01,2,te0		// 4/1:te0+s1>>24
+	(p0)	shladd	te01=te01,3,te0		// 4/1:te0+s1>>24
 	(p0)	shr.u	te11=s1,sixteen	};;	// 4/2:s3>>16
 { .mmi;	(p0)	ld4	te21=[te21]		// 5/3:te2[s1>>8]
-	(p0)	shladd	te13=te13,2,te1		// 5/0:te1+s1>>16
+	(p0)	shladd	te13=te13,3,te1		// 5/0:te1+s1>>16
 	(p0)	extr.u	te10=s0,16,8	}	// 5/1:s2>>16&0xff
 { .mmi;	(p0)	ld4	te01=[te01]		// 5/1:te0[s1>>24]
-	(p0)	shladd	te02=te02,2,te0		// 5/2:te0+s2>>24
+	(p0)	shladd	te02=te02,3,te0		// 5/2:te0+s2>>24
 	(p0)	and	te33=s3,maskff	};;	// 5/2:s1&0xff
-
 { .mmi;	(p0)	ld4	te13=[te13]		// 6/0:te1[s1>>16]
-	(p0)	shladd	te10=te10,2,te1		// 6/1:te1+s2>>16
+	(p0)	shladd	te10=te10,3,te1		// 6/1:te1+s2>>16
 	(p0)	extr.u	te12=s2,16,8	}	// 6/3:s0>>16&0xff
 { .mmi;	(p0)	ld4	te02=[te02]		// 6/2:te0[s2>>24]
-	(p0)	shladd	te03=te03,2,te0		// 6/3:te1+s0>>16
+	(p0)	shladd	te03=te03,3,te0		// 6/3:te1+s0>>16
 	(p0)	and	te30=s0,maskff	};;	// 6/3:s2&0xff
+
 { .mmi;	(p0)	ld4	te10=[te10]		// 7/1:te1[s2>>16]
-	(p0)	shladd	te33=te33,2,te3		// 7/2:te3+s1&0xff
+	(p0)	shladd	te33=te33,3,te3		// 7/2:te3+s1&0xff
 	(p0)	and	te11=te11,maskff}	// 7/2:s3>>16&0xff
 { .mmi;	(p0)	ld4	te03=[te03]		// 7/3:te0[s3>>24]
-	(p0)	shladd	te30=te30,2,te3		// 7/3:te3+s2
+	(p0)	shladd	te30=te30,3,te3		// 7/3:te3+s2
 	(p0)	xor	t0=t0,te31	};;	// 7/0:
 { .mmi;	(p0)	ld4	te33=[te33]		// 8/2:te3[s1]
-	(p0)	shladd	te11=te11,2,te1		// 8/2:te1+s3>>16
+	(p0)	shladd	te11=te11,3,te1		// 8/2:te1+s3>>16
 	(p0)	xor	t0=t0,te22	}	// 8/0:
 { .mmi;	(p0)	ld4	te30=[te30]		// 8/3:te3[s2]
-	(p0)	shladd	te12=te12,2,te1		// 8/3:te1+s0>>16
+	(p0)	shladd	te12=te12,3,te1		// 8/3:te1+s0>>16
 	(p0)	xor	t1=t1,te32	};;	// 8/1:
 { .mmi;	(p0)	ld4	te11=[te11]		// 9/2:te1[s3>>16]
-	(p0)	xor	t0=t0,te00		// 9/0:
-	(p0)	xor	t1=t1,te23	}	// 9/1:		
-{ .mmi;	(p0)	ld4	te12=[te12]		// 9/3:te1[s0>>16]
-	(p0)	xor	t2=t2,te20		// 9/2:
-	(p0)	xor	t3=t3,te21	};;	// 9/3:
-{ .mmi;	(p0)	xor	t0=t0,te13		// 10/0:done!
-	(p0)	xor	t1=t1,te01		// 10/1:
-	(p0)	xor	t2=t2,te02	}	// 10/2:
-{ .mmi;	(p0)	xor	t3=t3,te03		// 10/3:
-	(p16)	cmp.eq	p0,p17=r0,r0 	};;	// 10/clear (p17)
-{ .mmi;	(p0)	xor	t1=t1,te10		// 11/1:done!
-	(p0)	xor	t2=t2,te33		// 11/2:
-	(p0)	xor	t3=t3,te30	}	// 11/3:
-{ .mmi;	(p17)	add	te0=4096,te0		// 11/	
-	(p17)	add	te1=4096,te1	};;	// 11/
-{ .mib;	(p0)	xor	t2=t2,te11		// 12/2:done!
-	(p0)	xor	t3=t3,te12	}	// 12/3:done!
-{ .mib;	(p17)	add	te2=4096,te2		// 12/
-	(p17)	add	te3=4096,te3		// 12/
+	(p0)	ld4	te12=[te12]		// 9/3:te1[s0>>16]
+	(p0)	xor	t0=t0,te00	};;	// 9/0:		!L2 scheduling
+{ .mmi;	(p0)	xor	t1=t1,te23		// 10[9]/1:	
+	(p0)	xor	t2=t2,te20		// 10[9]/2:
+	(p0)	xor	t3=t3,te21	};;	// 10[9]/3:
+{ .mmi;	(p0)	xor	t0=t0,te13		// 11[10]/0:done!
+	(p0)	xor	t1=t1,te01		// 11[10]/1:
+	(p0)	xor	t2=t2,te02	};;	// 11[10]/2:	!L2 scheduling
+{ .mmi;	(p0)	xor	t3=t3,te03		// 12[10]/3:
+	(p16)	cmp.eq	p0,p17=r0,r0 	};;	// 12[10]/clear (p17)
+{ .mmi;	(p0)	xor	t1=t1,te10		// 13[11]/1:done!
+	(p0)	xor	t2=t2,te33		// 13[11]/2:
+	(p0)	xor	t3=t3,te30	}	// 13[11]/3:
+{ .mmi;	(p17)	add	te0=2048,te0		// 13[11]/
+	(p17)	add	te1=2048+64-TE1,te1};;	// 13[11]/
+{ .mib;	(p0)	xor	t2=t2,te11		// 14[12]/2:done!
+	(p17)	add	te2=2048+128-TE2,te2}	// 14[12]/
+{ .mib;	(p0)	xor	t3=t3,te12		// 14[12]/3:done!
+	(p17)	add	te3=2048+192-TE3,te3	// 14[12]/
 	br.ctop.sptk	.Ld_top		};;
 .Ld_end:
-{ .mib;	mov	r16=s0
-	mov	r20=s1			}
-{ .mib;	mov	r24=s2
-	mov	r28=s3
-	br.ret.sptk	b6		};;
+
+
+{ .mmi;	ld8	te10=[te0]		// prefetch Td4
+	ld8	te33=[te1]	}
+{ .mmi;	ld8	te12=[te2]
+	ld8	te30=[te3]	}
+
+{ .mmi;	LDKEY	t0=[rk0],2*KSZ		// 0/0:rk[0]
+	and	te31=s1,maskff		// 0/0:s3&0xff
+	extr.u	te22=s2,8,8	}	// 0/0:s2>>8&0xff
+{ .mmi; LDKEY	t1=[rk1],2*KSZ		// 0/1:rk[1]
+	and	te32=s2,maskff		// 0/1:s0&0xff
+	shr.u	te00=s0,twenty4	};;	// 0/0:s0>>24
+{ .mmi;	LDKEY	t2=[rk0],2*KSZ		// 1/2:rk[2]
+	add	te31=te31,te0		// 1/0:te0+s0>>24
+	extr.u	te23=s3,8,8	}	// 1/1:s3>>8&0xff
+{ .mmi;	LDKEY	t3=[rk1],2*KSZ		// 1/3:rk[3]
+	add	te32=te32,te0		// 1/1:te0+s0
+	shr.u	te01=s1,twenty4	};;	// 1/1:s1>>24
+{ .mmi;	ld1	te31=[te31]		// 2/0:te0[s3&0xff]
+	add	te22=te22,te0		// 2/0:te0+s2>>8&0xff
+	extr.u	te20=s0,8,8	}	// 2/2:s0>>8&0xff
+{ .mmi;	ld1	te32=[te32]		// 2/1:te0[s0]
+	add	te23=te23,te0		// 2/1:te0+s3>>8
+	shr.u	te02=s2,twenty4	};;	// 2/2:s2>>24
+{ .mmi;	ld1	te22=[te22]		// 3/0:te0[s2>>8]
+	add	te20=te20,te0		// 3/2:te0+s0>>8
+	extr.u	te21=s1,8,8	}	// 3/3:s1>>8&0xff
+{ .mmi;	ld1	te23=[te23]		// 3/1:te0[s3>>8]
+	add	te00=te00,te0		// 3/0:te0+s0>>24
+	shr.u	te03=s3,twenty4	};;	// 3/3:s3>>24
+{ .mmi;	ld1	te20=[te20]		// 4/2:te0[s0>>8]
+	add	te21=te21,te0		// 4/3:te0+s2
+	extr.u	te13=s3,16,8	}	// 4/0:s1>>16&0xff
+{ .mmi;	ld1	te00=[te00]		// 4/0:te0[s0>>24]
+	add	te01=te01,te0		// 4/1:te0+s1>>24
+	shr.u	te11=s1,sixteen	};;	// 4/2:s3>>16
+{ .mmi;	ld1	te21=[te21]		// 5/3:te0[s1>>8]
+	add	te13=te13,te0		// 5/0:te0+s1>>16
+	extr.u	te10=s0,16,8	}	// 5/1:s2>>16&0xff
+{ .mmi;	ld1	te01=[te01]		// 5/1:te0[s1>>24]
+	add	te02=te02,te0		// 5/2:te0+s2>>24
+	and	te33=s3,maskff	};;	// 5/2:s1&0xff
+{ .mmi;	ld1	te13=[te13]		// 6/0:te0[s1>>16]
+	add	te10=te10,te0		// 6/1:te0+s2>>16
+	extr.u	te12=s2,16,8	}	// 6/3:s0>>16&0xff
+{ .mmi;	ld1	te02=[te02]		// 6/2:te0[s2>>24]
+	add	te03=te03,te0		// 6/3:te0+s0>>16
+	and	te30=s0,maskff	};;	// 6/3:s2&0xff
+
+{ .mmi;	ld1	te10=[te10]		// 7/1:te0[s2>>16]
+	add	te33=te33,te0		// 7/2:te0+s1&0xff
+	dep	te31=te22,te31,8,8}	// 7/0:
+{ .mmi;	ld1	te03=[te03]		// 7/3:te0[s3>>24]
+	add	te30=te30,te0		// 7/3:te0+s2
+	and	te11=te11,maskff};;	// 7/2:s3>>16&0xff
+{ .mmi;	ld1	te33=[te33]		// 8/2:te0[s1]
+	add	te11=te11,te0		// 8/2:te0+s3>>16
+	dep	te32=te23,te32,8,8}	// 8/1:
+{ .mmi;	ld1	te30=[te30]		// 8/3:te0[s2]
+	add	te12=te12,te0		// 8/3:te0+s0>>16
+	shl	te00=te00,twenty4};;	// 8/0:
+{ .mii;	ld1	te11=[te11]		// 9/2:te0[s3>>16]
+	dep	te31=te13,te31,16,8	// 9/0:
+	shl	te01=te01,twenty4};;	// 9/1:
+{ .mii;	ld1	te12=[te12]		// 10/3:te0[s0>>16]
+	dep	te33=te20,te33,8,8	// 10/2:
+	shl	te02=te02,twenty4};;	// 10/2:
+{ .mii;	xor	t0=t0,te31		// 11/0:
+	dep	te30=te21,te30,8,8	// 11/3:
+	shl	te10=te10,sixteen};;	// 11/1:
+{ .mii;	xor	r16=t0,te00		// 12/0:done!
+	dep	te33=te11,te33,16,8	// 12/2:
+	shl	te03=te03,twenty4};;	// 12/3:
+{ .mmi;	xor	t1=t1,te01		// 13/1:
+	xor	t2=t2,te02		// 13/2:
+	dep	te30=te12,te30,16,8};;	// 13/3:
+{ .mmi;	xor	t1=t1,te32		// 14/1:
+	xor	r24=t2,te33		// 14/2:done!
+	xor	t3=t3,te30	};;	// 14/3:
+{ .mib;	xor	r20=t1,te10		// 15/1:done!
+	xor	r28=t3,te03		// 15/3:done!
+	br.ret.sptk	b6	};;
 .endp	_ia64_AES_decrypt#
 
 // void AES_decrypt (const void *in,void *out,const AES_KEY *key);
 .global	AES_decrypt#
 .proc	AES_decrypt#
 .align	32
-.skip	16
 AES_decrypt:
 	.prologue
-	.fframe	0
-	.save	ar.pfs,r2
-	.save	ar.lc,r3
-{ .mmi;	alloc	r2=ar.pfs,3,0,12,0
-	addl	out8=@ltoff(AES_Td#),gp
-	mov	r3=ar.lc		}
-{ .mmi;	and	out0=3,in0
-	ADDP	in0=0,in0
+	.save	ar.pfs,pfssave
+{ .mmi;	alloc	pfssave=ar.pfs,3,1,12,0
+	and	out0=3,in0
+	mov	r3=ip			}
+{ .mmi;	ADDP	in0=0,in0
+	mov	loc0=psr.um
 	ADDP	out11=KSZ*60,in2	};;	// &AES_KEY->rounds
 
-	.body
-{ .mmi;	ld8	out8=[out8]			// Te0
-	ld4	out11=[out11]			// AES_KEY->rounds
+{ .mmi;	ld4	out11=[out11]			// AES_KEY->rounds
+	add	out8=(AES_Td#-AES_decrypt#),r3	// Te0
+	.save	pr,prsave
 	mov	prsave=pr		}
+{ .mmi;	rum	1<<3				// clear um.ac
+	.save	ar.lc,lcsave
+	mov	lcsave=ar.lc		};;
 
+	.body
 #if defined(_HPUX_SOURCE)	// HPUX is big-endian, cut 15+15 cycles...
 { .mib; cmp.ne	p6,p0=out0,r0
 	add	out0=4,in0
@@ -509,8 +694,9 @@ AES_decrypt:
 	ADDP	in1=0,in1
 (p6)	br.spnt	.Ld_o_unaligned		};;
 
-{ .mii;	mov	ar.pfs=r2
-	mov	ar.lc=r3		}
+{ .mii;	mov	psr.um=loc0
+	mov	ar.pfs=pfssave
+	mov	ar.lc=lcsave		};;
 { .mmi;	st4	[in1]=r16,8		// s0
 	st4	[in0]=r20,8		// s1
 	mov	pr=prsave,0x1ffff	};;
@@ -571,13 +757,13 @@ AES_decrypt:
 	shr.u	r23=r20,twenty4		}//;;	// s1
 { .mii;	ADDP	out2=2,in1
 	extr.u	r21=r20,8,8
-	shr.u	r22=r20,sixteen	}//;;
+	shr.u	r22=r20,sixteen		}//;;
 { .mii;	ADDP	out3=3,in1
 	extr.u	r25=r24,8,8			// s2
 	shr.u	r27=r24,twenty4		};;
 { .mii;	st1	[out3]=r16,4
 	extr.u	r26=r24,16,8
-	shr.u	r31=r28,twenty4	}//;;	// s3
+	shr.u	r31=r28,twenty4		}//;;	// s3
 { .mii;	st1	[out2]=r17,4
 	extr.u	r29=r28,8,8
 	shr.u	r30=r28,sixteen		}//;;
@@ -593,12 +779,13 @@ AES_decrypt:
 	mov	pr=prsave,0x1ffff	}//;;
 { .mmi;	st1	[out1]=r26,4
 	st1	[out0]=r27,4
-	mov	ar.pfs=r2		};;
+	mov	ar.pfs=pfssave		};;
 { .mmi;	st1	[out3]=r28
 	st1	[out2]=r29
-	mov	ar.lc=r3		}//;;
-{ .mmb;	st1	[out1]=r30
-	st1	[out0]=r31
+	mov	ar.lc=lcsave		}//;;
+{ .mmi;	st1	[out1]=r30
+	st1	[out0]=r31		}
+{ .mfb;	mov	psr.um=loc0			// restore user mask
 	br.ret.sptk.many	b0	};;
 .endp	AES_decrypt#
 
@@ -606,1047 +793,331 @@ AES_decrypt:
 .align	64
 .global	AES_Te#
 .type	AES_Te#,@object
-AES_Te:	data4	0xc66363a5, 0xf87c7c84, 0xee777799, 0xf67b7b8d
-	data4	0xfff2f20d, 0xd66b6bbd, 0xde6f6fb1, 0x91c5c554
-	data4	0x60303050, 0x02010103, 0xce6767a9, 0x562b2b7d
-	data4	0xe7fefe19, 0xb5d7d762, 0x4dababe6, 0xec76769a
-	data4	0x8fcaca45, 0x1f82829d, 0x89c9c940, 0xfa7d7d87
-	data4	0xeffafa15, 0xb25959eb, 0x8e4747c9, 0xfbf0f00b
-	data4	0x41adadec, 0xb3d4d467, 0x5fa2a2fd, 0x45afafea
-	data4	0x239c9cbf, 0x53a4a4f7, 0xe4727296, 0x9bc0c05b
-	data4	0x75b7b7c2, 0xe1fdfd1c, 0x3d9393ae, 0x4c26266a
-	data4	0x6c36365a, 0x7e3f3f41, 0xf5f7f702, 0x83cccc4f
-	data4	0x6834345c, 0x51a5a5f4, 0xd1e5e534, 0xf9f1f108
-	data4	0xe2717193, 0xabd8d873, 0x62313153, 0x2a15153f
-	data4	0x0804040c, 0x95c7c752, 0x46232365, 0x9dc3c35e
-	data4	0x30181828, 0x379696a1, 0x0a05050f, 0x2f9a9ab5
-	data4	0x0e070709, 0x24121236, 0x1b80809b, 0xdfe2e23d
-	data4	0xcdebeb26, 0x4e272769, 0x7fb2b2cd, 0xea75759f
-	data4	0x1209091b, 0x1d83839e, 0x582c2c74, 0x341a1a2e
-	data4	0x361b1b2d, 0xdc6e6eb2, 0xb45a5aee, 0x5ba0a0fb
-	data4	0xa45252f6, 0x763b3b4d, 0xb7d6d661, 0x7db3b3ce
-	data4	0x5229297b, 0xdde3e33e, 0x5e2f2f71, 0x13848497
-	data4	0xa65353f5, 0xb9d1d168, 0x00000000, 0xc1eded2c
-	data4	0x40202060, 0xe3fcfc1f, 0x79b1b1c8, 0xb65b5bed
-	data4	0xd46a6abe, 0x8dcbcb46, 0x67bebed9, 0x7239394b
-	data4	0x944a4ade, 0x984c4cd4, 0xb05858e8, 0x85cfcf4a
-	data4	0xbbd0d06b, 0xc5efef2a, 0x4faaaae5, 0xedfbfb16
-	data4	0x864343c5, 0x9a4d4dd7, 0x66333355, 0x11858594
-	data4	0x8a4545cf, 0xe9f9f910, 0x04020206, 0xfe7f7f81
-	data4	0xa05050f0, 0x783c3c44, 0x259f9fba, 0x4ba8a8e3
-	data4	0xa25151f3, 0x5da3a3fe, 0x804040c0, 0x058f8f8a
-	data4	0x3f9292ad, 0x219d9dbc, 0x70383848, 0xf1f5f504
-	data4	0x63bcbcdf, 0x77b6b6c1, 0xafdada75, 0x42212163
-	data4	0x20101030, 0xe5ffff1a, 0xfdf3f30e, 0xbfd2d26d
-	data4	0x81cdcd4c, 0x180c0c14, 0x26131335, 0xc3ecec2f
-	data4	0xbe5f5fe1, 0x359797a2, 0x884444cc, 0x2e171739
-	data4	0x93c4c457, 0x55a7a7f2, 0xfc7e7e82, 0x7a3d3d47
-	data4	0xc86464ac, 0xba5d5de7, 0x3219192b, 0xe6737395
-	data4	0xc06060a0, 0x19818198, 0x9e4f4fd1, 0xa3dcdc7f
-	data4	0x44222266, 0x542a2a7e, 0x3b9090ab, 0x0b888883
-	data4	0x8c4646ca, 0xc7eeee29, 0x6bb8b8d3, 0x2814143c
-	data4	0xa7dede79, 0xbc5e5ee2, 0x160b0b1d, 0xaddbdb76
-	data4	0xdbe0e03b, 0x64323256, 0x743a3a4e, 0x140a0a1e
-	data4	0x924949db, 0x0c06060a, 0x4824246c, 0xb85c5ce4
-	data4	0x9fc2c25d, 0xbdd3d36e, 0x43acacef, 0xc46262a6
-	data4	0x399191a8, 0x319595a4, 0xd3e4e437, 0xf279798b
-	data4	0xd5e7e732, 0x8bc8c843, 0x6e373759, 0xda6d6db7
-	data4	0x018d8d8c, 0xb1d5d564, 0x9c4e4ed2, 0x49a9a9e0
-	data4	0xd86c6cb4, 0xac5656fa, 0xf3f4f407, 0xcfeaea25
-	data4	0xca6565af, 0xf47a7a8e, 0x47aeaee9, 0x10080818
-	data4	0x6fbabad5, 0xf0787888, 0x4a25256f, 0x5c2e2e72
-	data4	0x381c1c24, 0x57a6a6f1, 0x73b4b4c7, 0x97c6c651
-	data4	0xcbe8e823, 0xa1dddd7c, 0xe874749c, 0x3e1f1f21
-	data4	0x964b4bdd, 0x61bdbddc, 0x0d8b8b86, 0x0f8a8a85
-	data4	0xe0707090, 0x7c3e3e42, 0x71b5b5c4, 0xcc6666aa
-	data4	0x904848d8, 0x06030305, 0xf7f6f601, 0x1c0e0e12
-	data4	0xc26161a3, 0x6a35355f, 0xae5757f9, 0x69b9b9d0
-	data4	0x17868691, 0x99c1c158, 0x3a1d1d27, 0x279e9eb9
-	data4	0xd9e1e138, 0xebf8f813, 0x2b9898b3, 0x22111133
-	data4	0xd26969bb, 0xa9d9d970, 0x078e8e89, 0x339494a7
-	data4	0x2d9b9bb6, 0x3c1e1e22, 0x15878792, 0xc9e9e920
-	data4	0x87cece49, 0xaa5555ff, 0x50282878, 0xa5dfdf7a
-	data4	0x038c8c8f, 0x59a1a1f8, 0x09898980, 0x1a0d0d17
-	data4	0x65bfbfda, 0xd7e6e631, 0x844242c6, 0xd06868b8
-	data4	0x824141c3, 0x299999b0, 0x5a2d2d77, 0x1e0f0f11
-	data4	0x7bb0b0cb, 0xa85454fc, 0x6dbbbbd6, 0x2c16163a
-// Te1:
-	data4	0xa5c66363, 0x84f87c7c, 0x99ee7777, 0x8df67b7b
-	data4	0x0dfff2f2, 0xbdd66b6b, 0xb1de6f6f, 0x5491c5c5
-	data4	0x50603030, 0x03020101, 0xa9ce6767, 0x7d562b2b
-	data4	0x19e7fefe, 0x62b5d7d7, 0xe64dabab, 0x9aec7676
-	data4	0x458fcaca, 0x9d1f8282, 0x4089c9c9, 0x87fa7d7d
-	data4	0x15effafa, 0xebb25959, 0xc98e4747, 0x0bfbf0f0
-	data4	0xec41adad, 0x67b3d4d4, 0xfd5fa2a2, 0xea45afaf
-	data4	0xbf239c9c, 0xf753a4a4, 0x96e47272, 0x5b9bc0c0
-	data4	0xc275b7b7, 0x1ce1fdfd, 0xae3d9393, 0x6a4c2626
-	data4	0x5a6c3636, 0x417e3f3f, 0x02f5f7f7, 0x4f83cccc
-	data4	0x5c683434, 0xf451a5a5, 0x34d1e5e5, 0x08f9f1f1
-	data4	0x93e27171, 0x73abd8d8, 0x53623131, 0x3f2a1515
-	data4	0x0c080404, 0x5295c7c7, 0x65462323, 0x5e9dc3c3
-	data4	0x28301818, 0xa1379696, 0x0f0a0505, 0xb52f9a9a
-	data4	0x090e0707, 0x36241212, 0x9b1b8080, 0x3ddfe2e2
-	data4	0x26cdebeb, 0x694e2727, 0xcd7fb2b2, 0x9fea7575
-	data4	0x1b120909, 0x9e1d8383, 0x74582c2c, 0x2e341a1a
-	data4	0x2d361b1b, 0xb2dc6e6e, 0xeeb45a5a, 0xfb5ba0a0
-	data4	0xf6a45252, 0x4d763b3b, 0x61b7d6d6, 0xce7db3b3
-	data4	0x7b522929, 0x3edde3e3, 0x715e2f2f, 0x97138484
-	data4	0xf5a65353, 0x68b9d1d1, 0x00000000, 0x2cc1eded
-	data4	0x60402020, 0x1fe3fcfc, 0xc879b1b1, 0xedb65b5b
-	data4	0xbed46a6a, 0x468dcbcb, 0xd967bebe, 0x4b723939
-	data4	0xde944a4a, 0xd4984c4c, 0xe8b05858, 0x4a85cfcf
-	data4	0x6bbbd0d0, 0x2ac5efef, 0xe54faaaa, 0x16edfbfb
-	data4	0xc5864343, 0xd79a4d4d, 0x55663333, 0x94118585
-	data4	0xcf8a4545, 0x10e9f9f9, 0x06040202, 0x81fe7f7f
-	data4	0xf0a05050, 0x44783c3c, 0xba259f9f, 0xe34ba8a8
-	data4	0xf3a25151, 0xfe5da3a3, 0xc0804040, 0x8a058f8f
-	data4	0xad3f9292, 0xbc219d9d, 0x48703838, 0x04f1f5f5
-	data4	0xdf63bcbc, 0xc177b6b6, 0x75afdada, 0x63422121
-	data4	0x30201010, 0x1ae5ffff, 0x0efdf3f3, 0x6dbfd2d2
-	data4	0x4c81cdcd, 0x14180c0c, 0x35261313, 0x2fc3ecec
-	data4	0xe1be5f5f, 0xa2359797, 0xcc884444, 0x392e1717
-	data4	0x5793c4c4, 0xf255a7a7, 0x82fc7e7e, 0x477a3d3d
-	data4	0xacc86464, 0xe7ba5d5d, 0x2b321919, 0x95e67373
-	data4	0xa0c06060, 0x98198181, 0xd19e4f4f, 0x7fa3dcdc
-	data4	0x66442222, 0x7e542a2a, 0xab3b9090, 0x830b8888
-	data4	0xca8c4646, 0x29c7eeee, 0xd36bb8b8, 0x3c281414
-	data4	0x79a7dede, 0xe2bc5e5e, 0x1d160b0b, 0x76addbdb
-	data4	0x3bdbe0e0, 0x56643232, 0x4e743a3a, 0x1e140a0a
-	data4	0xdb924949, 0x0a0c0606, 0x6c482424, 0xe4b85c5c
-	data4	0x5d9fc2c2, 0x6ebdd3d3, 0xef43acac, 0xa6c46262
-	data4	0xa8399191, 0xa4319595, 0x37d3e4e4, 0x8bf27979
-	data4	0x32d5e7e7, 0x438bc8c8, 0x596e3737, 0xb7da6d6d
-	data4	0x8c018d8d, 0x64b1d5d5, 0xd29c4e4e, 0xe049a9a9
-	data4	0xb4d86c6c, 0xfaac5656, 0x07f3f4f4, 0x25cfeaea
-	data4	0xafca6565, 0x8ef47a7a, 0xe947aeae, 0x18100808
-	data4	0xd56fbaba, 0x88f07878, 0x6f4a2525, 0x725c2e2e
-	data4	0x24381c1c, 0xf157a6a6, 0xc773b4b4, 0x5197c6c6
-	data4	0x23cbe8e8, 0x7ca1dddd, 0x9ce87474, 0x213e1f1f
-	data4	0xdd964b4b, 0xdc61bdbd, 0x860d8b8b, 0x850f8a8a
-	data4	0x90e07070, 0x427c3e3e, 0xc471b5b5, 0xaacc6666
-	data4	0xd8904848, 0x05060303, 0x01f7f6f6, 0x121c0e0e
-	data4	0xa3c26161, 0x5f6a3535, 0xf9ae5757, 0xd069b9b9
-	data4	0x91178686, 0x5899c1c1, 0x273a1d1d, 0xb9279e9e
-	data4	0x38d9e1e1, 0x13ebf8f8, 0xb32b9898, 0x33221111
-	data4	0xbbd26969, 0x70a9d9d9, 0x89078e8e, 0xa7339494
-	data4	0xb62d9b9b, 0x223c1e1e, 0x92158787, 0x20c9e9e9
-	data4	0x4987cece, 0xffaa5555, 0x78502828, 0x7aa5dfdf
-	data4	0x8f038c8c, 0xf859a1a1, 0x80098989, 0x171a0d0d
-	data4	0xda65bfbf, 0x31d7e6e6, 0xc6844242, 0xb8d06868
-	data4	0xc3824141, 0xb0299999, 0x775a2d2d, 0x111e0f0f
-	data4	0xcb7bb0b0, 0xfca85454, 0xd66dbbbb, 0x3a2c1616
-// Te2:
-	data4	0x63a5c663, 0x7c84f87c, 0x7799ee77, 0x7b8df67b
-	data4	0xf20dfff2, 0x6bbdd66b, 0x6fb1de6f, 0xc55491c5
-	data4	0x30506030, 0x01030201, 0x67a9ce67, 0x2b7d562b
-	data4	0xfe19e7fe, 0xd762b5d7, 0xabe64dab, 0x769aec76
-	data4	0xca458fca, 0x829d1f82, 0xc94089c9, 0x7d87fa7d
-	data4	0xfa15effa, 0x59ebb259, 0x47c98e47, 0xf00bfbf0
-	data4	0xadec41ad, 0xd467b3d4, 0xa2fd5fa2, 0xafea45af
-	data4	0x9cbf239c, 0xa4f753a4, 0x7296e472, 0xc05b9bc0
-	data4	0xb7c275b7, 0xfd1ce1fd, 0x93ae3d93, 0x266a4c26
-	data4	0x365a6c36, 0x3f417e3f, 0xf702f5f7, 0xcc4f83cc
-	data4	0x345c6834, 0xa5f451a5, 0xe534d1e5, 0xf108f9f1
-	data4	0x7193e271, 0xd873abd8, 0x31536231, 0x153f2a15
-	data4	0x040c0804, 0xc75295c7, 0x23654623, 0xc35e9dc3
-	data4	0x18283018, 0x96a13796, 0x050f0a05, 0x9ab52f9a
-	data4	0x07090e07, 0x12362412, 0x809b1b80, 0xe23ddfe2
-	data4	0xeb26cdeb, 0x27694e27, 0xb2cd7fb2, 0x759fea75
-	data4	0x091b1209, 0x839e1d83, 0x2c74582c, 0x1a2e341a
-	data4	0x1b2d361b, 0x6eb2dc6e, 0x5aeeb45a, 0xa0fb5ba0
-	data4	0x52f6a452, 0x3b4d763b, 0xd661b7d6, 0xb3ce7db3
-	data4	0x297b5229, 0xe33edde3, 0x2f715e2f, 0x84971384
-	data4	0x53f5a653, 0xd168b9d1, 0x00000000, 0xed2cc1ed
-	data4	0x20604020, 0xfc1fe3fc, 0xb1c879b1, 0x5bedb65b
-	data4	0x6abed46a, 0xcb468dcb, 0xbed967be, 0x394b7239
-	data4	0x4ade944a, 0x4cd4984c, 0x58e8b058, 0xcf4a85cf
-	data4	0xd06bbbd0, 0xef2ac5ef, 0xaae54faa, 0xfb16edfb
-	data4	0x43c58643, 0x4dd79a4d, 0x33556633, 0x85941185
-	data4	0x45cf8a45, 0xf910e9f9, 0x02060402, 0x7f81fe7f
-	data4	0x50f0a050, 0x3c44783c, 0x9fba259f, 0xa8e34ba8
-	data4	0x51f3a251, 0xa3fe5da3, 0x40c08040, 0x8f8a058f
-	data4	0x92ad3f92, 0x9dbc219d, 0x38487038, 0xf504f1f5
-	data4	0xbcdf63bc, 0xb6c177b6, 0xda75afda, 0x21634221
-	data4	0x10302010, 0xff1ae5ff, 0xf30efdf3, 0xd26dbfd2
-	data4	0xcd4c81cd, 0x0c14180c, 0x13352613, 0xec2fc3ec
-	data4	0x5fe1be5f, 0x97a23597, 0x44cc8844, 0x17392e17
-	data4	0xc45793c4, 0xa7f255a7, 0x7e82fc7e, 0x3d477a3d
-	data4	0x64acc864, 0x5de7ba5d, 0x192b3219, 0x7395e673
-	data4	0x60a0c060, 0x81981981, 0x4fd19e4f, 0xdc7fa3dc
-	data4	0x22664422, 0x2a7e542a, 0x90ab3b90, 0x88830b88
-	data4	0x46ca8c46, 0xee29c7ee, 0xb8d36bb8, 0x143c2814
-	data4	0xde79a7de, 0x5ee2bc5e, 0x0b1d160b, 0xdb76addb
-	data4	0xe03bdbe0, 0x32566432, 0x3a4e743a, 0x0a1e140a
-	data4	0x49db9249, 0x060a0c06, 0x246c4824, 0x5ce4b85c
-	data4	0xc25d9fc2, 0xd36ebdd3, 0xacef43ac, 0x62a6c462
-	data4	0x91a83991, 0x95a43195, 0xe437d3e4, 0x798bf279
-	data4	0xe732d5e7, 0xc8438bc8, 0x37596e37, 0x6db7da6d
-	data4	0x8d8c018d, 0xd564b1d5, 0x4ed29c4e, 0xa9e049a9
-	data4	0x6cb4d86c, 0x56faac56, 0xf407f3f4, 0xea25cfea
-	data4	0x65afca65, 0x7a8ef47a, 0xaee947ae, 0x08181008
-	data4	0xbad56fba, 0x7888f078, 0x256f4a25, 0x2e725c2e
-	data4	0x1c24381c, 0xa6f157a6, 0xb4c773b4, 0xc65197c6
-	data4	0xe823cbe8, 0xdd7ca1dd, 0x749ce874, 0x1f213e1f
-	data4	0x4bdd964b, 0xbddc61bd, 0x8b860d8b, 0x8a850f8a
-	data4	0x7090e070, 0x3e427c3e, 0xb5c471b5, 0x66aacc66
-	data4	0x48d89048, 0x03050603, 0xf601f7f6, 0x0e121c0e
-	data4	0x61a3c261, 0x355f6a35, 0x57f9ae57, 0xb9d069b9
-	data4	0x86911786, 0xc15899c1, 0x1d273a1d, 0x9eb9279e
-	data4	0xe138d9e1, 0xf813ebf8, 0x98b32b98, 0x11332211
-	data4	0x69bbd269, 0xd970a9d9, 0x8e89078e, 0x94a73394
-	data4	0x9bb62d9b, 0x1e223c1e, 0x87921587, 0xe920c9e9
-	data4	0xce4987ce, 0x55ffaa55, 0x28785028, 0xdf7aa5df
-	data4	0x8c8f038c, 0xa1f859a1, 0x89800989, 0x0d171a0d
-	data4	0xbfda65bf, 0xe631d7e6, 0x42c68442, 0x68b8d068
-	data4	0x41c38241, 0x99b02999, 0x2d775a2d, 0x0f111e0f
-	data4	0xb0cb7bb0, 0x54fca854, 0xbbd66dbb, 0x163a2c16
-// Te3:
-	data4	0x6363a5c6, 0x7c7c84f8, 0x777799ee, 0x7b7b8df6
-	data4	0xf2f20dff, 0x6b6bbdd6, 0x6f6fb1de, 0xc5c55491
-	data4	0x30305060, 0x01010302, 0x6767a9ce, 0x2b2b7d56
-	data4	0xfefe19e7, 0xd7d762b5, 0xababe64d, 0x76769aec
-	data4	0xcaca458f, 0x82829d1f, 0xc9c94089, 0x7d7d87fa
-	data4	0xfafa15ef, 0x5959ebb2, 0x4747c98e, 0xf0f00bfb
-	data4	0xadadec41, 0xd4d467b3, 0xa2a2fd5f, 0xafafea45
-	data4	0x9c9cbf23, 0xa4a4f753, 0x727296e4, 0xc0c05b9b
-	data4	0xb7b7c275, 0xfdfd1ce1, 0x9393ae3d, 0x26266a4c
-	data4	0x36365a6c, 0x3f3f417e, 0xf7f702f5, 0xcccc4f83
-	data4	0x34345c68, 0xa5a5f451, 0xe5e534d1, 0xf1f108f9
-	data4	0x717193e2, 0xd8d873ab, 0x31315362, 0x15153f2a
-	data4	0x04040c08, 0xc7c75295, 0x23236546, 0xc3c35e9d
-	data4	0x18182830, 0x9696a137, 0x05050f0a, 0x9a9ab52f
-	data4	0x0707090e, 0x12123624, 0x80809b1b, 0xe2e23ddf
-	data4	0xebeb26cd, 0x2727694e, 0xb2b2cd7f, 0x75759fea
-	data4	0x09091b12, 0x83839e1d, 0x2c2c7458, 0x1a1a2e34
-	data4	0x1b1b2d36, 0x6e6eb2dc, 0x5a5aeeb4, 0xa0a0fb5b
-	data4	0x5252f6a4, 0x3b3b4d76, 0xd6d661b7, 0xb3b3ce7d
-	data4	0x29297b52, 0xe3e33edd, 0x2f2f715e, 0x84849713
-	data4	0x5353f5a6, 0xd1d168b9, 0x00000000, 0xeded2cc1
-	data4	0x20206040, 0xfcfc1fe3, 0xb1b1c879, 0x5b5bedb6
-	data4	0x6a6abed4, 0xcbcb468d, 0xbebed967, 0x39394b72
-	data4	0x4a4ade94, 0x4c4cd498, 0x5858e8b0, 0xcfcf4a85
-	data4	0xd0d06bbb, 0xefef2ac5, 0xaaaae54f, 0xfbfb16ed
-	data4	0x4343c586, 0x4d4dd79a, 0x33335566, 0x85859411
-	data4	0x4545cf8a, 0xf9f910e9, 0x02020604, 0x7f7f81fe
-	data4	0x5050f0a0, 0x3c3c4478, 0x9f9fba25, 0xa8a8e34b
-	data4	0x5151f3a2, 0xa3a3fe5d, 0x4040c080, 0x8f8f8a05
-	data4	0x9292ad3f, 0x9d9dbc21, 0x38384870, 0xf5f504f1
-	data4	0xbcbcdf63, 0xb6b6c177, 0xdada75af, 0x21216342
-	data4	0x10103020, 0xffff1ae5, 0xf3f30efd, 0xd2d26dbf
-	data4	0xcdcd4c81, 0x0c0c1418, 0x13133526, 0xecec2fc3
-	data4	0x5f5fe1be, 0x9797a235, 0x4444cc88, 0x1717392e
-	data4	0xc4c45793, 0xa7a7f255, 0x7e7e82fc, 0x3d3d477a
-	data4	0x6464acc8, 0x5d5de7ba, 0x19192b32, 0x737395e6
-	data4	0x6060a0c0, 0x81819819, 0x4f4fd19e, 0xdcdc7fa3
-	data4	0x22226644, 0x2a2a7e54, 0x9090ab3b, 0x8888830b
-	data4	0x4646ca8c, 0xeeee29c7, 0xb8b8d36b, 0x14143c28
-	data4	0xdede79a7, 0x5e5ee2bc, 0x0b0b1d16, 0xdbdb76ad
-	data4	0xe0e03bdb, 0x32325664, 0x3a3a4e74, 0x0a0a1e14
-	data4	0x4949db92, 0x06060a0c, 0x24246c48, 0x5c5ce4b8
-	data4	0xc2c25d9f, 0xd3d36ebd, 0xacacef43, 0x6262a6c4
-	data4	0x9191a839, 0x9595a431, 0xe4e437d3, 0x79798bf2
-	data4	0xe7e732d5, 0xc8c8438b, 0x3737596e, 0x6d6db7da
-	data4	0x8d8d8c01, 0xd5d564b1, 0x4e4ed29c, 0xa9a9e049
-	data4	0x6c6cb4d8, 0x5656faac, 0xf4f407f3, 0xeaea25cf
-	data4	0x6565afca, 0x7a7a8ef4, 0xaeaee947, 0x08081810
-	data4	0xbabad56f, 0x787888f0, 0x25256f4a, 0x2e2e725c
-	data4	0x1c1c2438, 0xa6a6f157, 0xb4b4c773, 0xc6c65197
-	data4	0xe8e823cb, 0xdddd7ca1, 0x74749ce8, 0x1f1f213e
-	data4	0x4b4bdd96, 0xbdbddc61, 0x8b8b860d, 0x8a8a850f
-	data4	0x707090e0, 0x3e3e427c, 0xb5b5c471, 0x6666aacc
-	data4	0x4848d890, 0x03030506, 0xf6f601f7, 0x0e0e121c
-	data4	0x6161a3c2, 0x35355f6a, 0x5757f9ae, 0xb9b9d069
-	data4	0x86869117, 0xc1c15899, 0x1d1d273a, 0x9e9eb927
-	data4	0xe1e138d9, 0xf8f813eb, 0x9898b32b, 0x11113322
-	data4	0x6969bbd2, 0xd9d970a9, 0x8e8e8907, 0x9494a733
-	data4	0x9b9bb62d, 0x1e1e223c, 0x87879215, 0xe9e920c9
-	data4	0xcece4987, 0x5555ffaa, 0x28287850, 0xdfdf7aa5
-	data4	0x8c8c8f03, 0xa1a1f859, 0x89898009, 0x0d0d171a
-	data4	0xbfbfda65, 0xe6e631d7, 0x4242c684, 0x6868b8d0
-	data4	0x4141c382, 0x9999b029, 0x2d2d775a, 0x0f0f111e
-	data4	0xb0b0cb7b, 0x5454fca8, 0xbbbbd66d, 0x16163a2c
+AES_Te:	data4	0xc66363a5,0xc66363a5, 0xf87c7c84,0xf87c7c84
+	data4	0xee777799,0xee777799, 0xf67b7b8d,0xf67b7b8d
+	data4	0xfff2f20d,0xfff2f20d, 0xd66b6bbd,0xd66b6bbd
+	data4	0xde6f6fb1,0xde6f6fb1, 0x91c5c554,0x91c5c554
+	data4	0x60303050,0x60303050, 0x02010103,0x02010103
+	data4	0xce6767a9,0xce6767a9, 0x562b2b7d,0x562b2b7d
+	data4	0xe7fefe19,0xe7fefe19, 0xb5d7d762,0xb5d7d762
+	data4	0x4dababe6,0x4dababe6, 0xec76769a,0xec76769a
+	data4	0x8fcaca45,0x8fcaca45, 0x1f82829d,0x1f82829d
+	data4	0x89c9c940,0x89c9c940, 0xfa7d7d87,0xfa7d7d87
+	data4	0xeffafa15,0xeffafa15, 0xb25959eb,0xb25959eb
+	data4	0x8e4747c9,0x8e4747c9, 0xfbf0f00b,0xfbf0f00b
+	data4	0x41adadec,0x41adadec, 0xb3d4d467,0xb3d4d467
+	data4	0x5fa2a2fd,0x5fa2a2fd, 0x45afafea,0x45afafea
+	data4	0x239c9cbf,0x239c9cbf, 0x53a4a4f7,0x53a4a4f7
+	data4	0xe4727296,0xe4727296, 0x9bc0c05b,0x9bc0c05b
+	data4	0x75b7b7c2,0x75b7b7c2, 0xe1fdfd1c,0xe1fdfd1c
+	data4	0x3d9393ae,0x3d9393ae, 0x4c26266a,0x4c26266a
+	data4	0x6c36365a,0x6c36365a, 0x7e3f3f41,0x7e3f3f41
+	data4	0xf5f7f702,0xf5f7f702, 0x83cccc4f,0x83cccc4f
+	data4	0x6834345c,0x6834345c, 0x51a5a5f4,0x51a5a5f4
+	data4	0xd1e5e534,0xd1e5e534, 0xf9f1f108,0xf9f1f108
+	data4	0xe2717193,0xe2717193, 0xabd8d873,0xabd8d873
+	data4	0x62313153,0x62313153, 0x2a15153f,0x2a15153f
+	data4	0x0804040c,0x0804040c, 0x95c7c752,0x95c7c752
+	data4	0x46232365,0x46232365, 0x9dc3c35e,0x9dc3c35e
+	data4	0x30181828,0x30181828, 0x379696a1,0x379696a1
+	data4	0x0a05050f,0x0a05050f, 0x2f9a9ab5,0x2f9a9ab5
+	data4	0x0e070709,0x0e070709, 0x24121236,0x24121236
+	data4	0x1b80809b,0x1b80809b, 0xdfe2e23d,0xdfe2e23d
+	data4	0xcdebeb26,0xcdebeb26, 0x4e272769,0x4e272769
+	data4	0x7fb2b2cd,0x7fb2b2cd, 0xea75759f,0xea75759f
+	data4	0x1209091b,0x1209091b, 0x1d83839e,0x1d83839e
+	data4	0x582c2c74,0x582c2c74, 0x341a1a2e,0x341a1a2e
+	data4	0x361b1b2d,0x361b1b2d, 0xdc6e6eb2,0xdc6e6eb2
+	data4	0xb45a5aee,0xb45a5aee, 0x5ba0a0fb,0x5ba0a0fb
+	data4	0xa45252f6,0xa45252f6, 0x763b3b4d,0x763b3b4d
+	data4	0xb7d6d661,0xb7d6d661, 0x7db3b3ce,0x7db3b3ce
+	data4	0x5229297b,0x5229297b, 0xdde3e33e,0xdde3e33e
+	data4	0x5e2f2f71,0x5e2f2f71, 0x13848497,0x13848497
+	data4	0xa65353f5,0xa65353f5, 0xb9d1d168,0xb9d1d168
+	data4	0x00000000,0x00000000, 0xc1eded2c,0xc1eded2c
+	data4	0x40202060,0x40202060, 0xe3fcfc1f,0xe3fcfc1f
+	data4	0x79b1b1c8,0x79b1b1c8, 0xb65b5bed,0xb65b5bed
+	data4	0xd46a6abe,0xd46a6abe, 0x8dcbcb46,0x8dcbcb46
+	data4	0x67bebed9,0x67bebed9, 0x7239394b,0x7239394b
+	data4	0x944a4ade,0x944a4ade, 0x984c4cd4,0x984c4cd4
+	data4	0xb05858e8,0xb05858e8, 0x85cfcf4a,0x85cfcf4a
+	data4	0xbbd0d06b,0xbbd0d06b, 0xc5efef2a,0xc5efef2a
+	data4	0x4faaaae5,0x4faaaae5, 0xedfbfb16,0xedfbfb16
+	data4	0x864343c5,0x864343c5, 0x9a4d4dd7,0x9a4d4dd7
+	data4	0x66333355,0x66333355, 0x11858594,0x11858594
+	data4	0x8a4545cf,0x8a4545cf, 0xe9f9f910,0xe9f9f910
+	data4	0x04020206,0x04020206, 0xfe7f7f81,0xfe7f7f81
+	data4	0xa05050f0,0xa05050f0, 0x783c3c44,0x783c3c44
+	data4	0x259f9fba,0x259f9fba, 0x4ba8a8e3,0x4ba8a8e3
+	data4	0xa25151f3,0xa25151f3, 0x5da3a3fe,0x5da3a3fe
+	data4	0x804040c0,0x804040c0, 0x058f8f8a,0x058f8f8a
+	data4	0x3f9292ad,0x3f9292ad, 0x219d9dbc,0x219d9dbc
+	data4	0x70383848,0x70383848, 0xf1f5f504,0xf1f5f504
+	data4	0x63bcbcdf,0x63bcbcdf, 0x77b6b6c1,0x77b6b6c1
+	data4	0xafdada75,0xafdada75, 0x42212163,0x42212163
+	data4	0x20101030,0x20101030, 0xe5ffff1a,0xe5ffff1a
+	data4	0xfdf3f30e,0xfdf3f30e, 0xbfd2d26d,0xbfd2d26d
+	data4	0x81cdcd4c,0x81cdcd4c, 0x180c0c14,0x180c0c14
+	data4	0x26131335,0x26131335, 0xc3ecec2f,0xc3ecec2f
+	data4	0xbe5f5fe1,0xbe5f5fe1, 0x359797a2,0x359797a2
+	data4	0x884444cc,0x884444cc, 0x2e171739,0x2e171739
+	data4	0x93c4c457,0x93c4c457, 0x55a7a7f2,0x55a7a7f2
+	data4	0xfc7e7e82,0xfc7e7e82, 0x7a3d3d47,0x7a3d3d47
+	data4	0xc86464ac,0xc86464ac, 0xba5d5de7,0xba5d5de7
+	data4	0x3219192b,0x3219192b, 0xe6737395,0xe6737395
+	data4	0xc06060a0,0xc06060a0, 0x19818198,0x19818198
+	data4	0x9e4f4fd1,0x9e4f4fd1, 0xa3dcdc7f,0xa3dcdc7f
+	data4	0x44222266,0x44222266, 0x542a2a7e,0x542a2a7e
+	data4	0x3b9090ab,0x3b9090ab, 0x0b888883,0x0b888883
+	data4	0x8c4646ca,0x8c4646ca, 0xc7eeee29,0xc7eeee29
+	data4	0x6bb8b8d3,0x6bb8b8d3, 0x2814143c,0x2814143c
+	data4	0xa7dede79,0xa7dede79, 0xbc5e5ee2,0xbc5e5ee2
+	data4	0x160b0b1d,0x160b0b1d, 0xaddbdb76,0xaddbdb76
+	data4	0xdbe0e03b,0xdbe0e03b, 0x64323256,0x64323256
+	data4	0x743a3a4e,0x743a3a4e, 0x140a0a1e,0x140a0a1e
+	data4	0x924949db,0x924949db, 0x0c06060a,0x0c06060a
+	data4	0x4824246c,0x4824246c, 0xb85c5ce4,0xb85c5ce4
+	data4	0x9fc2c25d,0x9fc2c25d, 0xbdd3d36e,0xbdd3d36e
+	data4	0x43acacef,0x43acacef, 0xc46262a6,0xc46262a6
+	data4	0x399191a8,0x399191a8, 0x319595a4,0x319595a4
+	data4	0xd3e4e437,0xd3e4e437, 0xf279798b,0xf279798b
+	data4	0xd5e7e732,0xd5e7e732, 0x8bc8c843,0x8bc8c843
+	data4	0x6e373759,0x6e373759, 0xda6d6db7,0xda6d6db7
+	data4	0x018d8d8c,0x018d8d8c, 0xb1d5d564,0xb1d5d564
+	data4	0x9c4e4ed2,0x9c4e4ed2, 0x49a9a9e0,0x49a9a9e0
+	data4	0xd86c6cb4,0xd86c6cb4, 0xac5656fa,0xac5656fa
+	data4	0xf3f4f407,0xf3f4f407, 0xcfeaea25,0xcfeaea25
+	data4	0xca6565af,0xca6565af, 0xf47a7a8e,0xf47a7a8e
+	data4	0x47aeaee9,0x47aeaee9, 0x10080818,0x10080818
+	data4	0x6fbabad5,0x6fbabad5, 0xf0787888,0xf0787888
+	data4	0x4a25256f,0x4a25256f, 0x5c2e2e72,0x5c2e2e72
+	data4	0x381c1c24,0x381c1c24, 0x57a6a6f1,0x57a6a6f1
+	data4	0x73b4b4c7,0x73b4b4c7, 0x97c6c651,0x97c6c651
+	data4	0xcbe8e823,0xcbe8e823, 0xa1dddd7c,0xa1dddd7c
+	data4	0xe874749c,0xe874749c, 0x3e1f1f21,0x3e1f1f21
+	data4	0x964b4bdd,0x964b4bdd, 0x61bdbddc,0x61bdbddc
+	data4	0x0d8b8b86,0x0d8b8b86, 0x0f8a8a85,0x0f8a8a85
+	data4	0xe0707090,0xe0707090, 0x7c3e3e42,0x7c3e3e42
+	data4	0x71b5b5c4,0x71b5b5c4, 0xcc6666aa,0xcc6666aa
+	data4	0x904848d8,0x904848d8, 0x06030305,0x06030305
+	data4	0xf7f6f601,0xf7f6f601, 0x1c0e0e12,0x1c0e0e12
+	data4	0xc26161a3,0xc26161a3, 0x6a35355f,0x6a35355f
+	data4	0xae5757f9,0xae5757f9, 0x69b9b9d0,0x69b9b9d0
+	data4	0x17868691,0x17868691, 0x99c1c158,0x99c1c158
+	data4	0x3a1d1d27,0x3a1d1d27, 0x279e9eb9,0x279e9eb9
+	data4	0xd9e1e138,0xd9e1e138, 0xebf8f813,0xebf8f813
+	data4	0x2b9898b3,0x2b9898b3, 0x22111133,0x22111133
+	data4	0xd26969bb,0xd26969bb, 0xa9d9d970,0xa9d9d970
+	data4	0x078e8e89,0x078e8e89, 0x339494a7,0x339494a7
+	data4	0x2d9b9bb6,0x2d9b9bb6, 0x3c1e1e22,0x3c1e1e22
+	data4	0x15878792,0x15878792, 0xc9e9e920,0xc9e9e920
+	data4	0x87cece49,0x87cece49, 0xaa5555ff,0xaa5555ff
+	data4	0x50282878,0x50282878, 0xa5dfdf7a,0xa5dfdf7a
+	data4	0x038c8c8f,0x038c8c8f, 0x59a1a1f8,0x59a1a1f8
+	data4	0x09898980,0x09898980, 0x1a0d0d17,0x1a0d0d17
+	data4	0x65bfbfda,0x65bfbfda, 0xd7e6e631,0xd7e6e631
+	data4	0x844242c6,0x844242c6, 0xd06868b8,0xd06868b8
+	data4	0x824141c3,0x824141c3, 0x299999b0,0x299999b0
+	data4	0x5a2d2d77,0x5a2d2d77, 0x1e0f0f11,0x1e0f0f11
+	data4	0x7bb0b0cb,0x7bb0b0cb, 0xa85454fc,0xa85454fc
+	data4	0x6dbbbbd6,0x6dbbbbd6, 0x2c16163a,0x2c16163a
 // Te4:
-	data4	0x63000000, 0x7c000000, 0x77000000, 0x7b000000
-	data4	0xf2000000, 0x6b000000, 0x6f000000, 0xc5000000
-	data4	0x30000000, 0x01000000, 0x67000000, 0x2b000000
-	data4	0xfe000000, 0xd7000000, 0xab000000, 0x76000000
-	data4	0xca000000, 0x82000000, 0xc9000000, 0x7d000000
-	data4	0xfa000000, 0x59000000, 0x47000000, 0xf0000000
-	data4	0xad000000, 0xd4000000, 0xa2000000, 0xaf000000
-	data4	0x9c000000, 0xa4000000, 0x72000000, 0xc0000000
-	data4	0xb7000000, 0xfd000000, 0x93000000, 0x26000000
-	data4	0x36000000, 0x3f000000, 0xf7000000, 0xcc000000
-	data4	0x34000000, 0xa5000000, 0xe5000000, 0xf1000000
-	data4	0x71000000, 0xd8000000, 0x31000000, 0x15000000
-	data4	0x04000000, 0xc7000000, 0x23000000, 0xc3000000
-	data4	0x18000000, 0x96000000, 0x05000000, 0x9a000000
-	data4	0x07000000, 0x12000000, 0x80000000, 0xe2000000
-	data4	0xeb000000, 0x27000000, 0xb2000000, 0x75000000
-	data4	0x09000000, 0x83000000, 0x2c000000, 0x1a000000
-	data4	0x1b000000, 0x6e000000, 0x5a000000, 0xa0000000
-	data4	0x52000000, 0x3b000000, 0xd6000000, 0xb3000000
-	data4	0x29000000, 0xe3000000, 0x2f000000, 0x84000000
-	data4	0x53000000, 0xd1000000, 0x00000000, 0xed000000
-	data4	0x20000000, 0xfc000000, 0xb1000000, 0x5b000000
-	data4	0x6a000000, 0xcb000000, 0xbe000000, 0x39000000
-	data4	0x4a000000, 0x4c000000, 0x58000000, 0xcf000000
-	data4	0xd0000000, 0xef000000, 0xaa000000, 0xfb000000
-	data4	0x43000000, 0x4d000000, 0x33000000, 0x85000000
-	data4	0x45000000, 0xf9000000, 0x02000000, 0x7f000000
-	data4	0x50000000, 0x3c000000, 0x9f000000, 0xa8000000
-	data4	0x51000000, 0xa3000000, 0x40000000, 0x8f000000
-	data4	0x92000000, 0x9d000000, 0x38000000, 0xf5000000
-	data4	0xbc000000, 0xb6000000, 0xda000000, 0x21000000
-	data4	0x10000000, 0xff000000, 0xf3000000, 0xd2000000
-	data4	0xcd000000, 0x0c000000, 0x13000000, 0xec000000
-	data4	0x5f000000, 0x97000000, 0x44000000, 0x17000000
-	data4	0xc4000000, 0xa7000000, 0x7e000000, 0x3d000000
-	data4	0x64000000, 0x5d000000, 0x19000000, 0x73000000
-	data4	0x60000000, 0x81000000, 0x4f000000, 0xdc000000
-	data4	0x22000000, 0x2a000000, 0x90000000, 0x88000000
-	data4	0x46000000, 0xee000000, 0xb8000000, 0x14000000
-	data4	0xde000000, 0x5e000000, 0x0b000000, 0xdb000000
-	data4	0xe0000000, 0x32000000, 0x3a000000, 0x0a000000
-	data4	0x49000000, 0x06000000, 0x24000000, 0x5c000000
-	data4	0xc2000000, 0xd3000000, 0xac000000, 0x62000000
-	data4	0x91000000, 0x95000000, 0xe4000000, 0x79000000
-	data4	0xe7000000, 0xc8000000, 0x37000000, 0x6d000000
-	data4	0x8d000000, 0xd5000000, 0x4e000000, 0xa9000000
-	data4	0x6c000000, 0x56000000, 0xf4000000, 0xea000000
-	data4	0x65000000, 0x7a000000, 0xae000000, 0x08000000
-	data4	0xba000000, 0x78000000, 0x25000000, 0x2e000000
-	data4	0x1c000000, 0xa6000000, 0xb4000000, 0xc6000000
-	data4	0xe8000000, 0xdd000000, 0x74000000, 0x1f000000
-	data4	0x4b000000, 0xbd000000, 0x8b000000, 0x8a000000
-	data4	0x70000000, 0x3e000000, 0xb5000000, 0x66000000
-	data4	0x48000000, 0x03000000, 0xf6000000, 0x0e000000
-	data4	0x61000000, 0x35000000, 0x57000000, 0xb9000000
-	data4	0x86000000, 0xc1000000, 0x1d000000, 0x9e000000
-	data4	0xe1000000, 0xf8000000, 0x98000000, 0x11000000
-	data4	0x69000000, 0xd9000000, 0x8e000000, 0x94000000
-	data4	0x9b000000, 0x1e000000, 0x87000000, 0xe9000000
-	data4	0xce000000, 0x55000000, 0x28000000, 0xdf000000
-	data4	0x8c000000, 0xa1000000, 0x89000000, 0x0d000000
-	data4	0xbf000000, 0xe6000000, 0x42000000, 0x68000000
-	data4	0x41000000, 0x99000000, 0x2d000000, 0x0f000000
-	data4	0xb0000000, 0x54000000, 0xbb000000, 0x16000000
-// Te5:
-	data4	0x00630000, 0x007c0000, 0x00770000, 0x007b0000
-	data4	0x00f20000, 0x006b0000, 0x006f0000, 0x00c50000
-	data4	0x00300000, 0x00010000, 0x00670000, 0x002b0000
-	data4	0x00fe0000, 0x00d70000, 0x00ab0000, 0x00760000
-	data4	0x00ca0000, 0x00820000, 0x00c90000, 0x007d0000
-	data4	0x00fa0000, 0x00590000, 0x00470000, 0x00f00000
-	data4	0x00ad0000, 0x00d40000, 0x00a20000, 0x00af0000
-	data4	0x009c0000, 0x00a40000, 0x00720000, 0x00c00000
-	data4	0x00b70000, 0x00fd0000, 0x00930000, 0x00260000
-	data4	0x00360000, 0x003f0000, 0x00f70000, 0x00cc0000
-	data4	0x00340000, 0x00a50000, 0x00e50000, 0x00f10000
-	data4	0x00710000, 0x00d80000, 0x00310000, 0x00150000
-	data4	0x00040000, 0x00c70000, 0x00230000, 0x00c30000
-	data4	0x00180000, 0x00960000, 0x00050000, 0x009a0000
-	data4	0x00070000, 0x00120000, 0x00800000, 0x00e20000
-	data4	0x00eb0000, 0x00270000, 0x00b20000, 0x00750000
-	data4	0x00090000, 0x00830000, 0x002c0000, 0x001a0000
-	data4	0x001b0000, 0x006e0000, 0x005a0000, 0x00a00000
-	data4	0x00520000, 0x003b0000, 0x00d60000, 0x00b30000
-	data4	0x00290000, 0x00e30000, 0x002f0000, 0x00840000
-	data4	0x00530000, 0x00d10000, 0x00000000, 0x00ed0000
-	data4	0x00200000, 0x00fc0000, 0x00b10000, 0x005b0000
-	data4	0x006a0000, 0x00cb0000, 0x00be0000, 0x00390000
-	data4	0x004a0000, 0x004c0000, 0x00580000, 0x00cf0000
-	data4	0x00d00000, 0x00ef0000, 0x00aa0000, 0x00fb0000
-	data4	0x00430000, 0x004d0000, 0x00330000, 0x00850000
-	data4	0x00450000, 0x00f90000, 0x00020000, 0x007f0000
-	data4	0x00500000, 0x003c0000, 0x009f0000, 0x00a80000
-	data4	0x00510000, 0x00a30000, 0x00400000, 0x008f0000
-	data4	0x00920000, 0x009d0000, 0x00380000, 0x00f50000
-	data4	0x00bc0000, 0x00b60000, 0x00da0000, 0x00210000
-	data4	0x00100000, 0x00ff0000, 0x00f30000, 0x00d20000
-	data4	0x00cd0000, 0x000c0000, 0x00130000, 0x00ec0000
-	data4	0x005f0000, 0x00970000, 0x00440000, 0x00170000
-	data4	0x00c40000, 0x00a70000, 0x007e0000, 0x003d0000
-	data4	0x00640000, 0x005d0000, 0x00190000, 0x00730000
-	data4	0x00600000, 0x00810000, 0x004f0000, 0x00dc0000
-	data4	0x00220000, 0x002a0000, 0x00900000, 0x00880000
-	data4	0x00460000, 0x00ee0000, 0x00b80000, 0x00140000
-	data4	0x00de0000, 0x005e0000, 0x000b0000, 0x00db0000
-	data4	0x00e00000, 0x00320000, 0x003a0000, 0x000a0000
-	data4	0x00490000, 0x00060000, 0x00240000, 0x005c0000
-	data4	0x00c20000, 0x00d30000, 0x00ac0000, 0x00620000
-	data4	0x00910000, 0x00950000, 0x00e40000, 0x00790000
-	data4	0x00e70000, 0x00c80000, 0x00370000, 0x006d0000
-	data4	0x008d0000, 0x00d50000, 0x004e0000, 0x00a90000
-	data4	0x006c0000, 0x00560000, 0x00f40000, 0x00ea0000
-	data4	0x00650000, 0x007a0000, 0x00ae0000, 0x00080000
-	data4	0x00ba0000, 0x00780000, 0x00250000, 0x002e0000
-	data4	0x001c0000, 0x00a60000, 0x00b40000, 0x00c60000
-	data4	0x00e80000, 0x00dd0000, 0x00740000, 0x001f0000
-	data4	0x004b0000, 0x00bd0000, 0x008b0000, 0x008a0000
-	data4	0x00700000, 0x003e0000, 0x00b50000, 0x00660000
-	data4	0x00480000, 0x00030000, 0x00f60000, 0x000e0000
-	data4	0x00610000, 0x00350000, 0x00570000, 0x00b90000
-	data4	0x00860000, 0x00c10000, 0x001d0000, 0x009e0000
-	data4	0x00e10000, 0x00f80000, 0x00980000, 0x00110000
-	data4	0x00690000, 0x00d90000, 0x008e0000, 0x00940000
-	data4	0x009b0000, 0x001e0000, 0x00870000, 0x00e90000
-	data4	0x00ce0000, 0x00550000, 0x00280000, 0x00df0000
-	data4	0x008c0000, 0x00a10000, 0x00890000, 0x000d0000
-	data4	0x00bf0000, 0x00e60000, 0x00420000, 0x00680000
-	data4	0x00410000, 0x00990000, 0x002d0000, 0x000f0000
-	data4	0x00b00000, 0x00540000, 0x00bb0000, 0x00160000
-// Te6:
-	data4	0x00006300, 0x00007c00, 0x00007700, 0x00007b00
-	data4	0x0000f200, 0x00006b00, 0x00006f00, 0x0000c500
-	data4	0x00003000, 0x00000100, 0x00006700, 0x00002b00
-	data4	0x0000fe00, 0x0000d700, 0x0000ab00, 0x00007600
-	data4	0x0000ca00, 0x00008200, 0x0000c900, 0x00007d00
-	data4	0x0000fa00, 0x00005900, 0x00004700, 0x0000f000
-	data4	0x0000ad00, 0x0000d400, 0x0000a200, 0x0000af00
-	data4	0x00009c00, 0x0000a400, 0x00007200, 0x0000c000
-	data4	0x0000b700, 0x0000fd00, 0x00009300, 0x00002600
-	data4	0x00003600, 0x00003f00, 0x0000f700, 0x0000cc00
-	data4	0x00003400, 0x0000a500, 0x0000e500, 0x0000f100
-	data4	0x00007100, 0x0000d800, 0x00003100, 0x00001500
-	data4	0x00000400, 0x0000c700, 0x00002300, 0x0000c300
-	data4	0x00001800, 0x00009600, 0x00000500, 0x00009a00
-	data4	0x00000700, 0x00001200, 0x00008000, 0x0000e200
-	data4	0x0000eb00, 0x00002700, 0x0000b200, 0x00007500
-	data4	0x00000900, 0x00008300, 0x00002c00, 0x00001a00
-	data4	0x00001b00, 0x00006e00, 0x00005a00, 0x0000a000
-	data4	0x00005200, 0x00003b00, 0x0000d600, 0x0000b300
-	data4	0x00002900, 0x0000e300, 0x00002f00, 0x00008400
-	data4	0x00005300, 0x0000d100, 0x00000000, 0x0000ed00
-	data4	0x00002000, 0x0000fc00, 0x0000b100, 0x00005b00
-	data4	0x00006a00, 0x0000cb00, 0x0000be00, 0x00003900
-	data4	0x00004a00, 0x00004c00, 0x00005800, 0x0000cf00
-	data4	0x0000d000, 0x0000ef00, 0x0000aa00, 0x0000fb00
-	data4	0x00004300, 0x00004d00, 0x00003300, 0x00008500
-	data4	0x00004500, 0x0000f900, 0x00000200, 0x00007f00
-	data4	0x00005000, 0x00003c00, 0x00009f00, 0x0000a800
-	data4	0x00005100, 0x0000a300, 0x00004000, 0x00008f00
-	data4	0x00009200, 0x00009d00, 0x00003800, 0x0000f500
-	data4	0x0000bc00, 0x0000b600, 0x0000da00, 0x00002100
-	data4	0x00001000, 0x0000ff00, 0x0000f300, 0x0000d200
-	data4	0x0000cd00, 0x00000c00, 0x00001300, 0x0000ec00
-	data4	0x00005f00, 0x00009700, 0x00004400, 0x00001700
-	data4	0x0000c400, 0x0000a700, 0x00007e00, 0x00003d00
-	data4	0x00006400, 0x00005d00, 0x00001900, 0x00007300
-	data4	0x00006000, 0x00008100, 0x00004f00, 0x0000dc00
-	data4	0x00002200, 0x00002a00, 0x00009000, 0x00008800
-	data4	0x00004600, 0x0000ee00, 0x0000b800, 0x00001400
-	data4	0x0000de00, 0x00005e00, 0x00000b00, 0x0000db00
-	data4	0x0000e000, 0x00003200, 0x00003a00, 0x00000a00
-	data4	0x00004900, 0x00000600, 0x00002400, 0x00005c00
-	data4	0x0000c200, 0x0000d300, 0x0000ac00, 0x00006200
-	data4	0x00009100, 0x00009500, 0x0000e400, 0x00007900
-	data4	0x0000e700, 0x0000c800, 0x00003700, 0x00006d00
-	data4	0x00008d00, 0x0000d500, 0x00004e00, 0x0000a900
-	data4	0x00006c00, 0x00005600, 0x0000f400, 0x0000ea00
-	data4	0x00006500, 0x00007a00, 0x0000ae00, 0x00000800
-	data4	0x0000ba00, 0x00007800, 0x00002500, 0x00002e00
-	data4	0x00001c00, 0x0000a600, 0x0000b400, 0x0000c600
-	data4	0x0000e800, 0x0000dd00, 0x00007400, 0x00001f00
-	data4	0x00004b00, 0x0000bd00, 0x00008b00, 0x00008a00
-	data4	0x00007000, 0x00003e00, 0x0000b500, 0x00006600
-	data4	0x00004800, 0x00000300, 0x0000f600, 0x00000e00
-	data4	0x00006100, 0x00003500, 0x00005700, 0x0000b900
-	data4	0x00008600, 0x0000c100, 0x00001d00, 0x00009e00
-	data4	0x0000e100, 0x0000f800, 0x00009800, 0x00001100
-	data4	0x00006900, 0x0000d900, 0x00008e00, 0x00009400
-	data4	0x00009b00, 0x00001e00, 0x00008700, 0x0000e900
-	data4	0x0000ce00, 0x00005500, 0x00002800, 0x0000df00
-	data4	0x00008c00, 0x0000a100, 0x00008900, 0x00000d00
-	data4	0x0000bf00, 0x0000e600, 0x00004200, 0x00006800
-	data4	0x00004100, 0x00009900, 0x00002d00, 0x00000f00
-	data4	0x0000b000, 0x00005400, 0x0000bb00, 0x00001600
-// Te7:
-	data4	0x00000063, 0x0000007c, 0x00000077, 0x0000007b
-	data4	0x000000f2, 0x0000006b, 0x0000006f, 0x000000c5
-	data4	0x00000030, 0x00000001, 0x00000067, 0x0000002b
-	data4	0x000000fe, 0x000000d7, 0x000000ab, 0x00000076
-	data4	0x000000ca, 0x00000082, 0x000000c9, 0x0000007d
-	data4	0x000000fa, 0x00000059, 0x00000047, 0x000000f0
-	data4	0x000000ad, 0x000000d4, 0x000000a2, 0x000000af
-	data4	0x0000009c, 0x000000a4, 0x00000072, 0x000000c0
-	data4	0x000000b7, 0x000000fd, 0x00000093, 0x00000026
-	data4	0x00000036, 0x0000003f, 0x000000f7, 0x000000cc
-	data4	0x00000034, 0x000000a5, 0x000000e5, 0x000000f1
-	data4	0x00000071, 0x000000d8, 0x00000031, 0x00000015
-	data4	0x00000004, 0x000000c7, 0x00000023, 0x000000c3
-	data4	0x00000018, 0x00000096, 0x00000005, 0x0000009a
-	data4	0x00000007, 0x00000012, 0x00000080, 0x000000e2
-	data4	0x000000eb, 0x00000027, 0x000000b2, 0x00000075
-	data4	0x00000009, 0x00000083, 0x0000002c, 0x0000001a
-	data4	0x0000001b, 0x0000006e, 0x0000005a, 0x000000a0
-	data4	0x00000052, 0x0000003b, 0x000000d6, 0x000000b3
-	data4	0x00000029, 0x000000e3, 0x0000002f, 0x00000084
-	data4	0x00000053, 0x000000d1, 0x00000000, 0x000000ed
-	data4	0x00000020, 0x000000fc, 0x000000b1, 0x0000005b
-	data4	0x0000006a, 0x000000cb, 0x000000be, 0x00000039
-	data4	0x0000004a, 0x0000004c, 0x00000058, 0x000000cf
-	data4	0x000000d0, 0x000000ef, 0x000000aa, 0x000000fb
-	data4	0x00000043, 0x0000004d, 0x00000033, 0x00000085
-	data4	0x00000045, 0x000000f9, 0x00000002, 0x0000007f
-	data4	0x00000050, 0x0000003c, 0x0000009f, 0x000000a8
-	data4	0x00000051, 0x000000a3, 0x00000040, 0x0000008f
-	data4	0x00000092, 0x0000009d, 0x00000038, 0x000000f5
-	data4	0x000000bc, 0x000000b6, 0x000000da, 0x00000021
-	data4	0x00000010, 0x000000ff, 0x000000f3, 0x000000d2
-	data4	0x000000cd, 0x0000000c, 0x00000013, 0x000000ec
-	data4	0x0000005f, 0x00000097, 0x00000044, 0x00000017
-	data4	0x000000c4, 0x000000a7, 0x0000007e, 0x0000003d
-	data4	0x00000064, 0x0000005d, 0x00000019, 0x00000073
-	data4	0x00000060, 0x00000081, 0x0000004f, 0x000000dc
-	data4	0x00000022, 0x0000002a, 0x00000090, 0x00000088
-	data4	0x00000046, 0x000000ee, 0x000000b8, 0x00000014
-	data4	0x000000de, 0x0000005e, 0x0000000b, 0x000000db
-	data4	0x000000e0, 0x00000032, 0x0000003a, 0x0000000a
-	data4	0x00000049, 0x00000006, 0x00000024, 0x0000005c
-	data4	0x000000c2, 0x000000d3, 0x000000ac, 0x00000062
-	data4	0x00000091, 0x00000095, 0x000000e4, 0x00000079
-	data4	0x000000e7, 0x000000c8, 0x00000037, 0x0000006d
-	data4	0x0000008d, 0x000000d5, 0x0000004e, 0x000000a9
-	data4	0x0000006c, 0x00000056, 0x000000f4, 0x000000ea
-	data4	0x00000065, 0x0000007a, 0x000000ae, 0x00000008
-	data4	0x000000ba, 0x00000078, 0x00000025, 0x0000002e
-	data4	0x0000001c, 0x000000a6, 0x000000b4, 0x000000c6
-	data4	0x000000e8, 0x000000dd, 0x00000074, 0x0000001f
-	data4	0x0000004b, 0x000000bd, 0x0000008b, 0x0000008a
-	data4	0x00000070, 0x0000003e, 0x000000b5, 0x00000066
-	data4	0x00000048, 0x00000003, 0x000000f6, 0x0000000e
-	data4	0x00000061, 0x00000035, 0x00000057, 0x000000b9
-	data4	0x00000086, 0x000000c1, 0x0000001d, 0x0000009e
-	data4	0x000000e1, 0x000000f8, 0x00000098, 0x00000011
-	data4	0x00000069, 0x000000d9, 0x0000008e, 0x00000094
-	data4	0x0000009b, 0x0000001e, 0x00000087, 0x000000e9
-	data4	0x000000ce, 0x00000055, 0x00000028, 0x000000df
-	data4	0x0000008c, 0x000000a1, 0x00000089, 0x0000000d
-	data4	0x000000bf, 0x000000e6, 0x00000042, 0x00000068
-	data4	0x00000041, 0x00000099, 0x0000002d, 0x0000000f
-	data4	0x000000b0, 0x00000054, 0x000000bb, 0x00000016
-.size	AES_Te#,8*256*4	// HP-UX assembler fails to ".-AES_Te#"
+	data1	0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5
+	data1	0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76
+	data1	0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0
+	data1	0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0
+	data1	0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc
+	data1	0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15
+	data1	0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a
+	data1	0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75
+	data1	0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0
+	data1	0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84
+	data1	0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b
+	data1	0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf
+	data1	0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85
+	data1	0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8
+	data1	0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5
+	data1	0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2
+	data1	0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17
+	data1	0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73
+	data1	0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88
+	data1	0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb
+	data1	0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c
+	data1	0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79
+	data1	0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9
+	data1	0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08
+	data1	0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6
+	data1	0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a
+	data1	0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e
+	data1	0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e
+	data1	0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94
+	data1	0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf
+	data1	0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68
+	data1	0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16
+.size	AES_Te#,2048+256	// HP-UX assembler fails to ".-AES_Te#"
 
 .align	64
 .global	AES_Td#
 .type	AES_Td#,@object
-AES_Td:	data4	0x51f4a750, 0x7e416553, 0x1a17a4c3, 0x3a275e96
-	data4	0x3bab6bcb, 0x1f9d45f1, 0xacfa58ab, 0x4be30393
-	data4	0x2030fa55, 0xad766df6, 0x88cc7691, 0xf5024c25
-	data4	0x4fe5d7fc, 0xc52acbd7, 0x26354480, 0xb562a38f
-	data4	0xdeb15a49, 0x25ba1b67, 0x45ea0e98, 0x5dfec0e1
-	data4	0xc32f7502, 0x814cf012, 0x8d4697a3, 0x6bd3f9c6
-	data4	0x038f5fe7, 0x15929c95, 0xbf6d7aeb, 0x955259da
-	data4	0xd4be832d, 0x587421d3, 0x49e06929, 0x8ec9c844
-	data4	0x75c2896a, 0xf48e7978, 0x99583e6b, 0x27b971dd
-	data4	0xbee14fb6, 0xf088ad17, 0xc920ac66, 0x7dce3ab4
-	data4	0x63df4a18, 0xe51a3182, 0x97513360, 0x62537f45
-	data4	0xb16477e0, 0xbb6bae84, 0xfe81a01c, 0xf9082b94
-	data4	0x70486858, 0x8f45fd19, 0x94de6c87, 0x527bf8b7
-	data4	0xab73d323, 0x724b02e2, 0xe31f8f57, 0x6655ab2a
-	data4	0xb2eb2807, 0x2fb5c203, 0x86c57b9a, 0xd33708a5
-	data4	0x302887f2, 0x23bfa5b2, 0x02036aba, 0xed16825c
-	data4	0x8acf1c2b, 0xa779b492, 0xf307f2f0, 0x4e69e2a1
-	data4	0x65daf4cd, 0x0605bed5, 0xd134621f, 0xc4a6fe8a
-	data4	0x342e539d, 0xa2f355a0, 0x058ae132, 0xa4f6eb75
-	data4	0x0b83ec39, 0x4060efaa, 0x5e719f06, 0xbd6e1051
-	data4	0x3e218af9, 0x96dd063d, 0xdd3e05ae, 0x4de6bd46
-	data4	0x91548db5, 0x71c45d05, 0x0406d46f, 0x605015ff
-	data4	0x1998fb24, 0xd6bde997, 0x894043cc, 0x67d99e77
-	data4	0xb0e842bd, 0x07898b88, 0xe7195b38, 0x79c8eedb
-	data4	0xa17c0a47, 0x7c420fe9, 0xf8841ec9, 0x00000000
-	data4	0x09808683, 0x322bed48, 0x1e1170ac, 0x6c5a724e
-	data4	0xfd0efffb, 0x0f853856, 0x3daed51e, 0x362d3927
-	data4	0x0a0fd964, 0x685ca621, 0x9b5b54d1, 0x24362e3a
-	data4	0x0c0a67b1, 0x9357e70f, 0xb4ee96d2, 0x1b9b919e
-	data4	0x80c0c54f, 0x61dc20a2, 0x5a774b69, 0x1c121a16
-	data4	0xe293ba0a, 0xc0a02ae5, 0x3c22e043, 0x121b171d
-	data4	0x0e090d0b, 0xf28bc7ad, 0x2db6a8b9, 0x141ea9c8
-	data4	0x57f11985, 0xaf75074c, 0xee99ddbb, 0xa37f60fd
-	data4	0xf701269f, 0x5c72f5bc, 0x44663bc5, 0x5bfb7e34
-	data4	0x8b432976, 0xcb23c6dc, 0xb6edfc68, 0xb8e4f163
-	data4	0xd731dcca, 0x42638510, 0x13972240, 0x84c61120
-	data4	0x854a247d, 0xd2bb3df8, 0xaef93211, 0xc729a16d
-	data4	0x1d9e2f4b, 0xdcb230f3, 0x0d8652ec, 0x77c1e3d0
-	data4	0x2bb3166c, 0xa970b999, 0x119448fa, 0x47e96422
-	data4	0xa8fc8cc4, 0xa0f03f1a, 0x567d2cd8, 0x223390ef
-	data4	0x87494ec7, 0xd938d1c1, 0x8ccaa2fe, 0x98d40b36
-	data4	0xa6f581cf, 0xa57ade28, 0xdab78e26, 0x3fadbfa4
-	data4	0x2c3a9de4, 0x5078920d, 0x6a5fcc9b, 0x547e4662
-	data4	0xf68d13c2, 0x90d8b8e8, 0x2e39f75e, 0x82c3aff5
-	data4	0x9f5d80be, 0x69d0937c, 0x6fd52da9, 0xcf2512b3
-	data4	0xc8ac993b, 0x10187da7, 0xe89c636e, 0xdb3bbb7b
-	data4	0xcd267809, 0x6e5918f4, 0xec9ab701, 0x834f9aa8
-	data4	0xe6956e65, 0xaaffe67e, 0x21bccf08, 0xef15e8e6
-	data4	0xbae79bd9, 0x4a6f36ce, 0xea9f09d4, 0x29b07cd6
-	data4	0x31a4b2af, 0x2a3f2331, 0xc6a59430, 0x35a266c0
-	data4	0x744ebc37, 0xfc82caa6, 0xe090d0b0, 0x33a7d815
-	data4	0xf104984a, 0x41ecdaf7, 0x7fcd500e, 0x1791f62f
-	data4	0x764dd68d, 0x43efb04d, 0xccaa4d54, 0xe49604df
-	data4	0x9ed1b5e3, 0x4c6a881b, 0xc12c1fb8, 0x4665517f
-	data4	0x9d5eea04, 0x018c355d, 0xfa877473, 0xfb0b412e
-	data4	0xb3671d5a, 0x92dbd252, 0xe9105633, 0x6dd64713
-	data4	0x9ad7618c, 0x37a10c7a, 0x59f8148e, 0xeb133c89
-	data4	0xcea927ee, 0xb761c935, 0xe11ce5ed, 0x7a47b13c
-	data4	0x9cd2df59, 0x55f2733f, 0x1814ce79, 0x73c737bf
-	data4	0x53f7cdea, 0x5ffdaa5b, 0xdf3d6f14, 0x7844db86
-	data4	0xcaaff381, 0xb968c43e, 0x3824342c, 0xc2a3405f
-	data4	0x161dc372, 0xbce2250c, 0x283c498b, 0xff0d9541
-	data4	0x39a80171, 0x080cb3de, 0xd8b4e49c, 0x6456c190
-	data4	0x7bcb8461, 0xd532b670, 0x486c5c74, 0xd0b85742
-// Td1:
-	data4	0x5051f4a7, 0x537e4165, 0xc31a17a4, 0x963a275e
-	data4	0xcb3bab6b, 0xf11f9d45, 0xabacfa58, 0x934be303
-	data4	0x552030fa, 0xf6ad766d, 0x9188cc76, 0x25f5024c
-	data4	0xfc4fe5d7, 0xd7c52acb, 0x80263544, 0x8fb562a3
-	data4	0x49deb15a, 0x6725ba1b, 0x9845ea0e, 0xe15dfec0
-	data4	0x02c32f75, 0x12814cf0, 0xa38d4697, 0xc66bd3f9
-	data4	0xe7038f5f, 0x9515929c, 0xebbf6d7a, 0xda955259
-	data4	0x2dd4be83, 0xd3587421, 0x2949e069, 0x448ec9c8
-	data4	0x6a75c289, 0x78f48e79, 0x6b99583e, 0xdd27b971
-	data4	0xb6bee14f, 0x17f088ad, 0x66c920ac, 0xb47dce3a
-	data4	0x1863df4a, 0x82e51a31, 0x60975133, 0x4562537f
-	data4	0xe0b16477, 0x84bb6bae, 0x1cfe81a0, 0x94f9082b
-	data4	0x58704868, 0x198f45fd, 0x8794de6c, 0xb7527bf8
-	data4	0x23ab73d3, 0xe2724b02, 0x57e31f8f, 0x2a6655ab
-	data4	0x07b2eb28, 0x032fb5c2, 0x9a86c57b, 0xa5d33708
-	data4	0xf2302887, 0xb223bfa5, 0xba02036a, 0x5ced1682
-	data4	0x2b8acf1c, 0x92a779b4, 0xf0f307f2, 0xa14e69e2
-	data4	0xcd65daf4, 0xd50605be, 0x1fd13462, 0x8ac4a6fe
-	data4	0x9d342e53, 0xa0a2f355, 0x32058ae1, 0x75a4f6eb
-	data4	0x390b83ec, 0xaa4060ef, 0x065e719f, 0x51bd6e10
-	data4	0xf93e218a, 0x3d96dd06, 0xaedd3e05, 0x464de6bd
-	data4	0xb591548d, 0x0571c45d, 0x6f0406d4, 0xff605015
-	data4	0x241998fb, 0x97d6bde9, 0xcc894043, 0x7767d99e
-	data4	0xbdb0e842, 0x8807898b, 0x38e7195b, 0xdb79c8ee
-	data4	0x47a17c0a, 0xe97c420f, 0xc9f8841e, 0x00000000
-	data4	0x83098086, 0x48322bed, 0xac1e1170, 0x4e6c5a72
-	data4	0xfbfd0eff, 0x560f8538, 0x1e3daed5, 0x27362d39
-	data4	0x640a0fd9, 0x21685ca6, 0xd19b5b54, 0x3a24362e
-	data4	0xb10c0a67, 0x0f9357e7, 0xd2b4ee96, 0x9e1b9b91
-	data4	0x4f80c0c5, 0xa261dc20, 0x695a774b, 0x161c121a
-	data4	0x0ae293ba, 0xe5c0a02a, 0x433c22e0, 0x1d121b17
-	data4	0x0b0e090d, 0xadf28bc7, 0xb92db6a8, 0xc8141ea9
-	data4	0x8557f119, 0x4caf7507, 0xbbee99dd, 0xfda37f60
-	data4	0x9ff70126, 0xbc5c72f5, 0xc544663b, 0x345bfb7e
-	data4	0x768b4329, 0xdccb23c6, 0x68b6edfc, 0x63b8e4f1
-	data4	0xcad731dc, 0x10426385, 0x40139722, 0x2084c611
-	data4	0x7d854a24, 0xf8d2bb3d, 0x11aef932, 0x6dc729a1
-	data4	0x4b1d9e2f, 0xf3dcb230, 0xec0d8652, 0xd077c1e3
-	data4	0x6c2bb316, 0x99a970b9, 0xfa119448, 0x2247e964
-	data4	0xc4a8fc8c, 0x1aa0f03f, 0xd8567d2c, 0xef223390
-	data4	0xc787494e, 0xc1d938d1, 0xfe8ccaa2, 0x3698d40b
-	data4	0xcfa6f581, 0x28a57ade, 0x26dab78e, 0xa43fadbf
-	data4	0xe42c3a9d, 0x0d507892, 0x9b6a5fcc, 0x62547e46
-	data4	0xc2f68d13, 0xe890d8b8, 0x5e2e39f7, 0xf582c3af
-	data4	0xbe9f5d80, 0x7c69d093, 0xa96fd52d, 0xb3cf2512
-	data4	0x3bc8ac99, 0xa710187d, 0x6ee89c63, 0x7bdb3bbb
-	data4	0x09cd2678, 0xf46e5918, 0x01ec9ab7, 0xa8834f9a
-	data4	0x65e6956e, 0x7eaaffe6, 0x0821bccf, 0xe6ef15e8
-	data4	0xd9bae79b, 0xce4a6f36, 0xd4ea9f09, 0xd629b07c
-	data4	0xaf31a4b2, 0x312a3f23, 0x30c6a594, 0xc035a266
-	data4	0x37744ebc, 0xa6fc82ca, 0xb0e090d0, 0x1533a7d8
-	data4	0x4af10498, 0xf741ecda, 0x0e7fcd50, 0x2f1791f6
-	data4	0x8d764dd6, 0x4d43efb0, 0x54ccaa4d, 0xdfe49604
-	data4	0xe39ed1b5, 0x1b4c6a88, 0xb8c12c1f, 0x7f466551
-	data4	0x049d5eea, 0x5d018c35, 0x73fa8774, 0x2efb0b41
-	data4	0x5ab3671d, 0x5292dbd2, 0x33e91056, 0x136dd647
-	data4	0x8c9ad761, 0x7a37a10c, 0x8e59f814, 0x89eb133c
-	data4	0xeecea927, 0x35b761c9, 0xede11ce5, 0x3c7a47b1
-	data4	0x599cd2df, 0x3f55f273, 0x791814ce, 0xbf73c737
-	data4	0xea53f7cd, 0x5b5ffdaa, 0x14df3d6f, 0x867844db
-	data4	0x81caaff3, 0x3eb968c4, 0x2c382434, 0x5fc2a340
-	data4	0x72161dc3, 0x0cbce225, 0x8b283c49, 0x41ff0d95
-	data4	0x7139a801, 0xde080cb3, 0x9cd8b4e4, 0x906456c1
-	data4	0x617bcb84, 0x70d532b6, 0x74486c5c, 0x42d0b857
-// Td2:
-	data4	0xa75051f4, 0x65537e41, 0xa4c31a17, 0x5e963a27
-	data4	0x6bcb3bab, 0x45f11f9d, 0x58abacfa, 0x03934be3
-	data4	0xfa552030, 0x6df6ad76, 0x769188cc, 0x4c25f502
-	data4	0xd7fc4fe5, 0xcbd7c52a, 0x44802635, 0xa38fb562
-	data4	0x5a49deb1, 0x1b6725ba, 0x0e9845ea, 0xc0e15dfe
-	data4	0x7502c32f, 0xf012814c, 0x97a38d46, 0xf9c66bd3
-	data4	0x5fe7038f, 0x9c951592, 0x7aebbf6d, 0x59da9552
-	data4	0x832dd4be, 0x21d35874, 0x692949e0, 0xc8448ec9
-	data4	0x896a75c2, 0x7978f48e, 0x3e6b9958, 0x71dd27b9
-	data4	0x4fb6bee1, 0xad17f088, 0xac66c920, 0x3ab47dce
-	data4	0x4a1863df, 0x3182e51a, 0x33609751, 0x7f456253
-	data4	0x77e0b164, 0xae84bb6b, 0xa01cfe81, 0x2b94f908
-	data4	0x68587048, 0xfd198f45, 0x6c8794de, 0xf8b7527b
-	data4	0xd323ab73, 0x02e2724b, 0x8f57e31f, 0xab2a6655
-	data4	0x2807b2eb, 0xc2032fb5, 0x7b9a86c5, 0x08a5d337
-	data4	0x87f23028, 0xa5b223bf, 0x6aba0203, 0x825ced16
-	data4	0x1c2b8acf, 0xb492a779, 0xf2f0f307, 0xe2a14e69
-	data4	0xf4cd65da, 0xbed50605, 0x621fd134, 0xfe8ac4a6
-	data4	0x539d342e, 0x55a0a2f3, 0xe132058a, 0xeb75a4f6
-	data4	0xec390b83, 0xefaa4060, 0x9f065e71, 0x1051bd6e
-	data4	0x8af93e21, 0x063d96dd, 0x05aedd3e, 0xbd464de6
-	data4	0x8db59154, 0x5d0571c4, 0xd46f0406, 0x15ff6050
-	data4	0xfb241998, 0xe997d6bd, 0x43cc8940, 0x9e7767d9
-	data4	0x42bdb0e8, 0x8b880789, 0x5b38e719, 0xeedb79c8
-	data4	0x0a47a17c, 0x0fe97c42, 0x1ec9f884, 0x00000000
-	data4	0x86830980, 0xed48322b, 0x70ac1e11, 0x724e6c5a
-	data4	0xfffbfd0e, 0x38560f85, 0xd51e3dae, 0x3927362d
-	data4	0xd9640a0f, 0xa621685c, 0x54d19b5b, 0x2e3a2436
-	data4	0x67b10c0a, 0xe70f9357, 0x96d2b4ee, 0x919e1b9b
-	data4	0xc54f80c0, 0x20a261dc, 0x4b695a77, 0x1a161c12
-	data4	0xba0ae293, 0x2ae5c0a0, 0xe0433c22, 0x171d121b
-	data4	0x0d0b0e09, 0xc7adf28b, 0xa8b92db6, 0xa9c8141e
-	data4	0x198557f1, 0x074caf75, 0xddbbee99, 0x60fda37f
-	data4	0x269ff701, 0xf5bc5c72, 0x3bc54466, 0x7e345bfb
-	data4	0x29768b43, 0xc6dccb23, 0xfc68b6ed, 0xf163b8e4
-	data4	0xdccad731, 0x85104263, 0x22401397, 0x112084c6
-	data4	0x247d854a, 0x3df8d2bb, 0x3211aef9, 0xa16dc729
-	data4	0x2f4b1d9e, 0x30f3dcb2, 0x52ec0d86, 0xe3d077c1
-	data4	0x166c2bb3, 0xb999a970, 0x48fa1194, 0x642247e9
-	data4	0x8cc4a8fc, 0x3f1aa0f0, 0x2cd8567d, 0x90ef2233
-	data4	0x4ec78749, 0xd1c1d938, 0xa2fe8cca, 0x0b3698d4
-	data4	0x81cfa6f5, 0xde28a57a, 0x8e26dab7, 0xbfa43fad
-	data4	0x9de42c3a, 0x920d5078, 0xcc9b6a5f, 0x4662547e
-	data4	0x13c2f68d, 0xb8e890d8, 0xf75e2e39, 0xaff582c3
-	data4	0x80be9f5d, 0x937c69d0, 0x2da96fd5, 0x12b3cf25
-	data4	0x993bc8ac, 0x7da71018, 0x636ee89c, 0xbb7bdb3b
-	data4	0x7809cd26, 0x18f46e59, 0xb701ec9a, 0x9aa8834f
-	data4	0x6e65e695, 0xe67eaaff, 0xcf0821bc, 0xe8e6ef15
-	data4	0x9bd9bae7, 0x36ce4a6f, 0x09d4ea9f, 0x7cd629b0
-	data4	0xb2af31a4, 0x23312a3f, 0x9430c6a5, 0x66c035a2
-	data4	0xbc37744e, 0xcaa6fc82, 0xd0b0e090, 0xd81533a7
-	data4	0x984af104, 0xdaf741ec, 0x500e7fcd, 0xf62f1791
-	data4	0xd68d764d, 0xb04d43ef, 0x4d54ccaa, 0x04dfe496
-	data4	0xb5e39ed1, 0x881b4c6a, 0x1fb8c12c, 0x517f4665
-	data4	0xea049d5e, 0x355d018c, 0x7473fa87, 0x412efb0b
-	data4	0x1d5ab367, 0xd25292db, 0x5633e910, 0x47136dd6
-	data4	0x618c9ad7, 0x0c7a37a1, 0x148e59f8, 0x3c89eb13
-	data4	0x27eecea9, 0xc935b761, 0xe5ede11c, 0xb13c7a47
-	data4	0xdf599cd2, 0x733f55f2, 0xce791814, 0x37bf73c7
-	data4	0xcdea53f7, 0xaa5b5ffd, 0x6f14df3d, 0xdb867844
-	data4	0xf381caaf, 0xc43eb968, 0x342c3824, 0x405fc2a3
-	data4	0xc372161d, 0x250cbce2, 0x498b283c, 0x9541ff0d
-	data4	0x017139a8, 0xb3de080c, 0xe49cd8b4, 0xc1906456
-	data4	0x84617bcb, 0xb670d532, 0x5c74486c, 0x5742d0b8
-// Td3:
-	data4	0xf4a75051, 0x4165537e, 0x17a4c31a, 0x275e963a
-	data4	0xab6bcb3b, 0x9d45f11f, 0xfa58abac, 0xe303934b
-	data4	0x30fa5520, 0x766df6ad, 0xcc769188, 0x024c25f5
-	data4	0xe5d7fc4f, 0x2acbd7c5, 0x35448026, 0x62a38fb5
-	data4	0xb15a49de, 0xba1b6725, 0xea0e9845, 0xfec0e15d
-	data4	0x2f7502c3, 0x4cf01281, 0x4697a38d, 0xd3f9c66b
-	data4	0x8f5fe703, 0x929c9515, 0x6d7aebbf, 0x5259da95
-	data4	0xbe832dd4, 0x7421d358, 0xe0692949, 0xc9c8448e
-	data4	0xc2896a75, 0x8e7978f4, 0x583e6b99, 0xb971dd27
-	data4	0xe14fb6be, 0x88ad17f0, 0x20ac66c9, 0xce3ab47d
-	data4	0xdf4a1863, 0x1a3182e5, 0x51336097, 0x537f4562
-	data4	0x6477e0b1, 0x6bae84bb, 0x81a01cfe, 0x082b94f9
-	data4	0x48685870, 0x45fd198f, 0xde6c8794, 0x7bf8b752
-	data4	0x73d323ab, 0x4b02e272, 0x1f8f57e3, 0x55ab2a66
-	data4	0xeb2807b2, 0xb5c2032f, 0xc57b9a86, 0x3708a5d3
-	data4	0x2887f230, 0xbfa5b223, 0x036aba02, 0x16825ced
-	data4	0xcf1c2b8a, 0x79b492a7, 0x07f2f0f3, 0x69e2a14e
-	data4	0xdaf4cd65, 0x05bed506, 0x34621fd1, 0xa6fe8ac4
-	data4	0x2e539d34, 0xf355a0a2, 0x8ae13205, 0xf6eb75a4
-	data4	0x83ec390b, 0x60efaa40, 0x719f065e, 0x6e1051bd
-	data4	0x218af93e, 0xdd063d96, 0x3e05aedd, 0xe6bd464d
-	data4	0x548db591, 0xc45d0571, 0x06d46f04, 0x5015ff60
-	data4	0x98fb2419, 0xbde997d6, 0x4043cc89, 0xd99e7767
-	data4	0xe842bdb0, 0x898b8807, 0x195b38e7, 0xc8eedb79
-	data4	0x7c0a47a1, 0x420fe97c, 0x841ec9f8, 0x00000000
-	data4	0x80868309, 0x2bed4832, 0x1170ac1e, 0x5a724e6c
-	data4	0x0efffbfd, 0x8538560f, 0xaed51e3d, 0x2d392736
-	data4	0x0fd9640a, 0x5ca62168, 0x5b54d19b, 0x362e3a24
-	data4	0x0a67b10c, 0x57e70f93, 0xee96d2b4, 0x9b919e1b
-	data4	0xc0c54f80, 0xdc20a261, 0x774b695a, 0x121a161c
-	data4	0x93ba0ae2, 0xa02ae5c0, 0x22e0433c, 0x1b171d12
-	data4	0x090d0b0e, 0x8bc7adf2, 0xb6a8b92d, 0x1ea9c814
-	data4	0xf1198557, 0x75074caf, 0x99ddbbee, 0x7f60fda3
-	data4	0x01269ff7, 0x72f5bc5c, 0x663bc544, 0xfb7e345b
-	data4	0x4329768b, 0x23c6dccb, 0xedfc68b6, 0xe4f163b8
-	data4	0x31dccad7, 0x63851042, 0x97224013, 0xc6112084
-	data4	0x4a247d85, 0xbb3df8d2, 0xf93211ae, 0x29a16dc7
-	data4	0x9e2f4b1d, 0xb230f3dc, 0x8652ec0d, 0xc1e3d077
-	data4	0xb3166c2b, 0x70b999a9, 0x9448fa11, 0xe9642247
-	data4	0xfc8cc4a8, 0xf03f1aa0, 0x7d2cd856, 0x3390ef22
-	data4	0x494ec787, 0x38d1c1d9, 0xcaa2fe8c, 0xd40b3698
-	data4	0xf581cfa6, 0x7ade28a5, 0xb78e26da, 0xadbfa43f
-	data4	0x3a9de42c, 0x78920d50, 0x5fcc9b6a, 0x7e466254
-	data4	0x8d13c2f6, 0xd8b8e890, 0x39f75e2e, 0xc3aff582
-	data4	0x5d80be9f, 0xd0937c69, 0xd52da96f, 0x2512b3cf
-	data4	0xac993bc8, 0x187da710, 0x9c636ee8, 0x3bbb7bdb
-	data4	0x267809cd, 0x5918f46e, 0x9ab701ec, 0x4f9aa883
-	data4	0x956e65e6, 0xffe67eaa, 0xbccf0821, 0x15e8e6ef
-	data4	0xe79bd9ba, 0x6f36ce4a, 0x9f09d4ea, 0xb07cd629
-	data4	0xa4b2af31, 0x3f23312a, 0xa59430c6, 0xa266c035
-	data4	0x4ebc3774, 0x82caa6fc, 0x90d0b0e0, 0xa7d81533
-	data4	0x04984af1, 0xecdaf741, 0xcd500e7f, 0x91f62f17
-	data4	0x4dd68d76, 0xefb04d43, 0xaa4d54cc, 0x9604dfe4
-	data4	0xd1b5e39e, 0x6a881b4c, 0x2c1fb8c1, 0x65517f46
-	data4	0x5eea049d, 0x8c355d01, 0x877473fa, 0x0b412efb
-	data4	0x671d5ab3, 0xdbd25292, 0x105633e9, 0xd647136d
-	data4	0xd7618c9a, 0xa10c7a37, 0xf8148e59, 0x133c89eb
-	data4	0xa927eece, 0x61c935b7, 0x1ce5ede1, 0x47b13c7a
-	data4	0xd2df599c, 0xf2733f55, 0x14ce7918, 0xc737bf73
-	data4	0xf7cdea53, 0xfdaa5b5f, 0x3d6f14df, 0x44db8678
-	data4	0xaff381ca, 0x68c43eb9, 0x24342c38, 0xa3405fc2
-	data4	0x1dc37216, 0xe2250cbc, 0x3c498b28, 0x0d9541ff
-	data4	0xa8017139, 0x0cb3de08, 0xb4e49cd8, 0x56c19064
-	data4	0xcb84617b, 0x32b670d5, 0x6c5c7448, 0xb85742d0
+AES_Td:	data4	0x51f4a750,0x51f4a750, 0x7e416553,0x7e416553
+	data4	0x1a17a4c3,0x1a17a4c3, 0x3a275e96,0x3a275e96
+	data4	0x3bab6bcb,0x3bab6bcb, 0x1f9d45f1,0x1f9d45f1
+	data4	0xacfa58ab,0xacfa58ab, 0x4be30393,0x4be30393
+	data4	0x2030fa55,0x2030fa55, 0xad766df6,0xad766df6
+	data4	0x88cc7691,0x88cc7691, 0xf5024c25,0xf5024c25
+	data4	0x4fe5d7fc,0x4fe5d7fc, 0xc52acbd7,0xc52acbd7
+	data4	0x26354480,0x26354480, 0xb562a38f,0xb562a38f
+	data4	0xdeb15a49,0xdeb15a49, 0x25ba1b67,0x25ba1b67
+	data4	0x45ea0e98,0x45ea0e98, 0x5dfec0e1,0x5dfec0e1
+	data4	0xc32f7502,0xc32f7502, 0x814cf012,0x814cf012
+	data4	0x8d4697a3,0x8d4697a3, 0x6bd3f9c6,0x6bd3f9c6
+	data4	0x038f5fe7,0x038f5fe7, 0x15929c95,0x15929c95
+	data4	0xbf6d7aeb,0xbf6d7aeb, 0x955259da,0x955259da
+	data4	0xd4be832d,0xd4be832d, 0x587421d3,0x587421d3
+	data4	0x49e06929,0x49e06929, 0x8ec9c844,0x8ec9c844
+	data4	0x75c2896a,0x75c2896a, 0xf48e7978,0xf48e7978
+	data4	0x99583e6b,0x99583e6b, 0x27b971dd,0x27b971dd
+	data4	0xbee14fb6,0xbee14fb6, 0xf088ad17,0xf088ad17
+	data4	0xc920ac66,0xc920ac66, 0x7dce3ab4,0x7dce3ab4
+	data4	0x63df4a18,0x63df4a18, 0xe51a3182,0xe51a3182
+	data4	0x97513360,0x97513360, 0x62537f45,0x62537f45
+	data4	0xb16477e0,0xb16477e0, 0xbb6bae84,0xbb6bae84
+	data4	0xfe81a01c,0xfe81a01c, 0xf9082b94,0xf9082b94
+	data4	0x70486858,0x70486858, 0x8f45fd19,0x8f45fd19
+	data4	0x94de6c87,0x94de6c87, 0x527bf8b7,0x527bf8b7
+	data4	0xab73d323,0xab73d323, 0x724b02e2,0x724b02e2
+	data4	0xe31f8f57,0xe31f8f57, 0x6655ab2a,0x6655ab2a
+	data4	0xb2eb2807,0xb2eb2807, 0x2fb5c203,0x2fb5c203
+	data4	0x86c57b9a,0x86c57b9a, 0xd33708a5,0xd33708a5
+	data4	0x302887f2,0x302887f2, 0x23bfa5b2,0x23bfa5b2
+	data4	0x02036aba,0x02036aba, 0xed16825c,0xed16825c
+	data4	0x8acf1c2b,0x8acf1c2b, 0xa779b492,0xa779b492
+	data4	0xf307f2f0,0xf307f2f0, 0x4e69e2a1,0x4e69e2a1
+	data4	0x65daf4cd,0x65daf4cd, 0x0605bed5,0x0605bed5
+	data4	0xd134621f,0xd134621f, 0xc4a6fe8a,0xc4a6fe8a
+	data4	0x342e539d,0x342e539d, 0xa2f355a0,0xa2f355a0
+	data4	0x058ae132,0x058ae132, 0xa4f6eb75,0xa4f6eb75
+	data4	0x0b83ec39,0x0b83ec39, 0x4060efaa,0x4060efaa
+	data4	0x5e719f06,0x5e719f06, 0xbd6e1051,0xbd6e1051
+	data4	0x3e218af9,0x3e218af9, 0x96dd063d,0x96dd063d
+	data4	0xdd3e05ae,0xdd3e05ae, 0x4de6bd46,0x4de6bd46
+	data4	0x91548db5,0x91548db5, 0x71c45d05,0x71c45d05
+	data4	0x0406d46f,0x0406d46f, 0x605015ff,0x605015ff
+	data4	0x1998fb24,0x1998fb24, 0xd6bde997,0xd6bde997
+	data4	0x894043cc,0x894043cc, 0x67d99e77,0x67d99e77
+	data4	0xb0e842bd,0xb0e842bd, 0x07898b88,0x07898b88
+	data4	0xe7195b38,0xe7195b38, 0x79c8eedb,0x79c8eedb
+	data4	0xa17c0a47,0xa17c0a47, 0x7c420fe9,0x7c420fe9
+	data4	0xf8841ec9,0xf8841ec9, 0x00000000,0x00000000
+	data4	0x09808683,0x09808683, 0x322bed48,0x322bed48
+	data4	0x1e1170ac,0x1e1170ac, 0x6c5a724e,0x6c5a724e
+	data4	0xfd0efffb,0xfd0efffb, 0x0f853856,0x0f853856
+	data4	0x3daed51e,0x3daed51e, 0x362d3927,0x362d3927
+	data4	0x0a0fd964,0x0a0fd964, 0x685ca621,0x685ca621
+	data4	0x9b5b54d1,0x9b5b54d1, 0x24362e3a,0x24362e3a
+	data4	0x0c0a67b1,0x0c0a67b1, 0x9357e70f,0x9357e70f
+	data4	0xb4ee96d2,0xb4ee96d2, 0x1b9b919e,0x1b9b919e
+	data4	0x80c0c54f,0x80c0c54f, 0x61dc20a2,0x61dc20a2
+	data4	0x5a774b69,0x5a774b69, 0x1c121a16,0x1c121a16
+	data4	0xe293ba0a,0xe293ba0a, 0xc0a02ae5,0xc0a02ae5
+	data4	0x3c22e043,0x3c22e043, 0x121b171d,0x121b171d
+	data4	0x0e090d0b,0x0e090d0b, 0xf28bc7ad,0xf28bc7ad
+	data4	0x2db6a8b9,0x2db6a8b9, 0x141ea9c8,0x141ea9c8
+	data4	0x57f11985,0x57f11985, 0xaf75074c,0xaf75074c
+	data4	0xee99ddbb,0xee99ddbb, 0xa37f60fd,0xa37f60fd
+	data4	0xf701269f,0xf701269f, 0x5c72f5bc,0x5c72f5bc
+	data4	0x44663bc5,0x44663bc5, 0x5bfb7e34,0x5bfb7e34
+	data4	0x8b432976,0x8b432976, 0xcb23c6dc,0xcb23c6dc
+	data4	0xb6edfc68,0xb6edfc68, 0xb8e4f163,0xb8e4f163
+	data4	0xd731dcca,0xd731dcca, 0x42638510,0x42638510
+	data4	0x13972240,0x13972240, 0x84c61120,0x84c61120
+	data4	0x854a247d,0x854a247d, 0xd2bb3df8,0xd2bb3df8
+	data4	0xaef93211,0xaef93211, 0xc729a16d,0xc729a16d
+	data4	0x1d9e2f4b,0x1d9e2f4b, 0xdcb230f3,0xdcb230f3
+	data4	0x0d8652ec,0x0d8652ec, 0x77c1e3d0,0x77c1e3d0
+	data4	0x2bb3166c,0x2bb3166c, 0xa970b999,0xa970b999
+	data4	0x119448fa,0x119448fa, 0x47e96422,0x47e96422
+	data4	0xa8fc8cc4,0xa8fc8cc4, 0xa0f03f1a,0xa0f03f1a
+	data4	0x567d2cd8,0x567d2cd8, 0x223390ef,0x223390ef
+	data4	0x87494ec7,0x87494ec7, 0xd938d1c1,0xd938d1c1
+	data4	0x8ccaa2fe,0x8ccaa2fe, 0x98d40b36,0x98d40b36
+	data4	0xa6f581cf,0xa6f581cf, 0xa57ade28,0xa57ade28
+	data4	0xdab78e26,0xdab78e26, 0x3fadbfa4,0x3fadbfa4
+	data4	0x2c3a9de4,0x2c3a9de4, 0x5078920d,0x5078920d
+	data4	0x6a5fcc9b,0x6a5fcc9b, 0x547e4662,0x547e4662
+	data4	0xf68d13c2,0xf68d13c2, 0x90d8b8e8,0x90d8b8e8
+	data4	0x2e39f75e,0x2e39f75e, 0x82c3aff5,0x82c3aff5
+	data4	0x9f5d80be,0x9f5d80be, 0x69d0937c,0x69d0937c
+	data4	0x6fd52da9,0x6fd52da9, 0xcf2512b3,0xcf2512b3
+	data4	0xc8ac993b,0xc8ac993b, 0x10187da7,0x10187da7
+	data4	0xe89c636e,0xe89c636e, 0xdb3bbb7b,0xdb3bbb7b
+	data4	0xcd267809,0xcd267809, 0x6e5918f4,0x6e5918f4
+	data4	0xec9ab701,0xec9ab701, 0x834f9aa8,0x834f9aa8
+	data4	0xe6956e65,0xe6956e65, 0xaaffe67e,0xaaffe67e
+	data4	0x21bccf08,0x21bccf08, 0xef15e8e6,0xef15e8e6
+	data4	0xbae79bd9,0xbae79bd9, 0x4a6f36ce,0x4a6f36ce
+	data4	0xea9f09d4,0xea9f09d4, 0x29b07cd6,0x29b07cd6
+	data4	0x31a4b2af,0x31a4b2af, 0x2a3f2331,0x2a3f2331
+	data4	0xc6a59430,0xc6a59430, 0x35a266c0,0x35a266c0
+	data4	0x744ebc37,0x744ebc37, 0xfc82caa6,0xfc82caa6
+	data4	0xe090d0b0,0xe090d0b0, 0x33a7d815,0x33a7d815
+	data4	0xf104984a,0xf104984a, 0x41ecdaf7,0x41ecdaf7
+	data4	0x7fcd500e,0x7fcd500e, 0x1791f62f,0x1791f62f
+	data4	0x764dd68d,0x764dd68d, 0x43efb04d,0x43efb04d
+	data4	0xccaa4d54,0xccaa4d54, 0xe49604df,0xe49604df
+	data4	0x9ed1b5e3,0x9ed1b5e3, 0x4c6a881b,0x4c6a881b
+	data4	0xc12c1fb8,0xc12c1fb8, 0x4665517f,0x4665517f
+	data4	0x9d5eea04,0x9d5eea04, 0x018c355d,0x018c355d
+	data4	0xfa877473,0xfa877473, 0xfb0b412e,0xfb0b412e
+	data4	0xb3671d5a,0xb3671d5a, 0x92dbd252,0x92dbd252
+	data4	0xe9105633,0xe9105633, 0x6dd64713,0x6dd64713
+	data4	0x9ad7618c,0x9ad7618c, 0x37a10c7a,0x37a10c7a
+	data4	0x59f8148e,0x59f8148e, 0xeb133c89,0xeb133c89
+	data4	0xcea927ee,0xcea927ee, 0xb761c935,0xb761c935
+	data4	0xe11ce5ed,0xe11ce5ed, 0x7a47b13c,0x7a47b13c
+	data4	0x9cd2df59,0x9cd2df59, 0x55f2733f,0x55f2733f
+	data4	0x1814ce79,0x1814ce79, 0x73c737bf,0x73c737bf
+	data4	0x53f7cdea,0x53f7cdea, 0x5ffdaa5b,0x5ffdaa5b
+	data4	0xdf3d6f14,0xdf3d6f14, 0x7844db86,0x7844db86
+	data4	0xcaaff381,0xcaaff381, 0xb968c43e,0xb968c43e
+	data4	0x3824342c,0x3824342c, 0xc2a3405f,0xc2a3405f
+	data4	0x161dc372,0x161dc372, 0xbce2250c,0xbce2250c
+	data4	0x283c498b,0x283c498b, 0xff0d9541,0xff0d9541
+	data4	0x39a80171,0x39a80171, 0x080cb3de,0x080cb3de
+	data4	0xd8b4e49c,0xd8b4e49c, 0x6456c190,0x6456c190
+	data4	0x7bcb8461,0x7bcb8461, 0xd532b670,0xd532b670
+	data4	0x486c5c74,0x486c5c74, 0xd0b85742,0xd0b85742
 // Td4:
-	data4	0x52000000, 0x09000000, 0x6a000000, 0xd5000000
-	data4	0x30000000, 0x36000000, 0xa5000000, 0x38000000
-	data4	0xbf000000, 0x40000000, 0xa3000000, 0x9e000000
-	data4	0x81000000, 0xf3000000, 0xd7000000, 0xfb000000
-	data4	0x7c000000, 0xe3000000, 0x39000000, 0x82000000
-	data4	0x9b000000, 0x2f000000, 0xff000000, 0x87000000
-	data4	0x34000000, 0x8e000000, 0x43000000, 0x44000000
-	data4	0xc4000000, 0xde000000, 0xe9000000, 0xcb000000
-	data4	0x54000000, 0x7b000000, 0x94000000, 0x32000000
-	data4	0xa6000000, 0xc2000000, 0x23000000, 0x3d000000
-	data4	0xee000000, 0x4c000000, 0x95000000, 0x0b000000
-	data4	0x42000000, 0xfa000000, 0xc3000000, 0x4e000000
-	data4	0x08000000, 0x2e000000, 0xa1000000, 0x66000000
-	data4	0x28000000, 0xd9000000, 0x24000000, 0xb2000000
-	data4	0x76000000, 0x5b000000, 0xa2000000, 0x49000000
-	data4	0x6d000000, 0x8b000000, 0xd1000000, 0x25000000
-	data4	0x72000000, 0xf8000000, 0xf6000000, 0x64000000
-	data4	0x86000000, 0x68000000, 0x98000000, 0x16000000
-	data4	0xd4000000, 0xa4000000, 0x5c000000, 0xcc000000
-	data4	0x5d000000, 0x65000000, 0xb6000000, 0x92000000
-	data4	0x6c000000, 0x70000000, 0x48000000, 0x50000000
-	data4	0xfd000000, 0xed000000, 0xb9000000, 0xda000000
-	data4	0x5e000000, 0x15000000, 0x46000000, 0x57000000
-	data4	0xa7000000, 0x8d000000, 0x9d000000, 0x84000000
-	data4	0x90000000, 0xd8000000, 0xab000000, 0x00000000
-	data4	0x8c000000, 0xbc000000, 0xd3000000, 0x0a000000
-	data4	0xf7000000, 0xe4000000, 0x58000000, 0x05000000
-	data4	0xb8000000, 0xb3000000, 0x45000000, 0x06000000
-	data4	0xd0000000, 0x2c000000, 0x1e000000, 0x8f000000
-	data4	0xca000000, 0x3f000000, 0x0f000000, 0x02000000
-	data4	0xc1000000, 0xaf000000, 0xbd000000, 0x03000000
-	data4	0x01000000, 0x13000000, 0x8a000000, 0x6b000000
-	data4	0x3a000000, 0x91000000, 0x11000000, 0x41000000
-	data4	0x4f000000, 0x67000000, 0xdc000000, 0xea000000
-	data4	0x97000000, 0xf2000000, 0xcf000000, 0xce000000
-	data4	0xf0000000, 0xb4000000, 0xe6000000, 0x73000000
-	data4	0x96000000, 0xac000000, 0x74000000, 0x22000000
-	data4	0xe7000000, 0xad000000, 0x35000000, 0x85000000
-	data4	0xe2000000, 0xf9000000, 0x37000000, 0xe8000000
-	data4	0x1c000000, 0x75000000, 0xdf000000, 0x6e000000
-	data4	0x47000000, 0xf1000000, 0x1a000000, 0x71000000
-	data4	0x1d000000, 0x29000000, 0xc5000000, 0x89000000
-	data4	0x6f000000, 0xb7000000, 0x62000000, 0x0e000000
-	data4	0xaa000000, 0x18000000, 0xbe000000, 0x1b000000
-	data4	0xfc000000, 0x56000000, 0x3e000000, 0x4b000000
-	data4	0xc6000000, 0xd2000000, 0x79000000, 0x20000000
-	data4	0x9a000000, 0xdb000000, 0xc0000000, 0xfe000000
-	data4	0x78000000, 0xcd000000, 0x5a000000, 0xf4000000
-	data4	0x1f000000, 0xdd000000, 0xa8000000, 0x33000000
-	data4	0x88000000, 0x07000000, 0xc7000000, 0x31000000
-	data4	0xb1000000, 0x12000000, 0x10000000, 0x59000000
-	data4	0x27000000, 0x80000000, 0xec000000, 0x5f000000
-	data4	0x60000000, 0x51000000, 0x7f000000, 0xa9000000
-	data4	0x19000000, 0xb5000000, 0x4a000000, 0x0d000000
-	data4	0x2d000000, 0xe5000000, 0x7a000000, 0x9f000000
-	data4	0x93000000, 0xc9000000, 0x9c000000, 0xef000000
-	data4	0xa0000000, 0xe0000000, 0x3b000000, 0x4d000000
-	data4	0xae000000, 0x2a000000, 0xf5000000, 0xb0000000
-	data4	0xc8000000, 0xeb000000, 0xbb000000, 0x3c000000
-	data4	0x83000000, 0x53000000, 0x99000000, 0x61000000
-	data4	0x17000000, 0x2b000000, 0x04000000, 0x7e000000
-	data4	0xba000000, 0x77000000, 0xd6000000, 0x26000000
-	data4	0xe1000000, 0x69000000, 0x14000000, 0x63000000
-	data4	0x55000000, 0x21000000, 0x0c000000, 0x7d000000
-// Td5:
-	data4	0x00520000, 0x00090000, 0x006a0000, 0x00d50000
-	data4	0x00300000, 0x00360000, 0x00a50000, 0x00380000
-	data4	0x00bf0000, 0x00400000, 0x00a30000, 0x009e0000
-	data4	0x00810000, 0x00f30000, 0x00d70000, 0x00fb0000
-	data4	0x007c0000, 0x00e30000, 0x00390000, 0x00820000
-	data4	0x009b0000, 0x002f0000, 0x00ff0000, 0x00870000
-	data4	0x00340000, 0x008e0000, 0x00430000, 0x00440000
-	data4	0x00c40000, 0x00de0000, 0x00e90000, 0x00cb0000
-	data4	0x00540000, 0x007b0000, 0x00940000, 0x00320000
-	data4	0x00a60000, 0x00c20000, 0x00230000, 0x003d0000
-	data4	0x00ee0000, 0x004c0000, 0x00950000, 0x000b0000
-	data4	0x00420000, 0x00fa0000, 0x00c30000, 0x004e0000
-	data4	0x00080000, 0x002e0000, 0x00a10000, 0x00660000
-	data4	0x00280000, 0x00d90000, 0x00240000, 0x00b20000
-	data4	0x00760000, 0x005b0000, 0x00a20000, 0x00490000
-	data4	0x006d0000, 0x008b0000, 0x00d10000, 0x00250000
-	data4	0x00720000, 0x00f80000, 0x00f60000, 0x00640000
-	data4	0x00860000, 0x00680000, 0x00980000, 0x00160000
-	data4	0x00d40000, 0x00a40000, 0x005c0000, 0x00cc0000
-	data4	0x005d0000, 0x00650000, 0x00b60000, 0x00920000
-	data4	0x006c0000, 0x00700000, 0x00480000, 0x00500000
-	data4	0x00fd0000, 0x00ed0000, 0x00b90000, 0x00da0000
-	data4	0x005e0000, 0x00150000, 0x00460000, 0x00570000
-	data4	0x00a70000, 0x008d0000, 0x009d0000, 0x00840000
-	data4	0x00900000, 0x00d80000, 0x00ab0000, 0x00000000
-	data4	0x008c0000, 0x00bc0000, 0x00d30000, 0x000a0000
-	data4	0x00f70000, 0x00e40000, 0x00580000, 0x00050000
-	data4	0x00b80000, 0x00b30000, 0x00450000, 0x00060000
-	data4	0x00d00000, 0x002c0000, 0x001e0000, 0x008f0000
-	data4	0x00ca0000, 0x003f0000, 0x000f0000, 0x00020000
-	data4	0x00c10000, 0x00af0000, 0x00bd0000, 0x00030000
-	data4	0x00010000, 0x00130000, 0x008a0000, 0x006b0000
-	data4	0x003a0000, 0x00910000, 0x00110000, 0x00410000
-	data4	0x004f0000, 0x00670000, 0x00dc0000, 0x00ea0000
-	data4	0x00970000, 0x00f20000, 0x00cf0000, 0x00ce0000
-	data4	0x00f00000, 0x00b40000, 0x00e60000, 0x00730000
-	data4	0x00960000, 0x00ac0000, 0x00740000, 0x00220000
-	data4	0x00e70000, 0x00ad0000, 0x00350000, 0x00850000
-	data4	0x00e20000, 0x00f90000, 0x00370000, 0x00e80000
-	data4	0x001c0000, 0x00750000, 0x00df0000, 0x006e0000
-	data4	0x00470000, 0x00f10000, 0x001a0000, 0x00710000
-	data4	0x001d0000, 0x00290000, 0x00c50000, 0x00890000
-	data4	0x006f0000, 0x00b70000, 0x00620000, 0x000e0000
-	data4	0x00aa0000, 0x00180000, 0x00be0000, 0x001b0000
-	data4	0x00fc0000, 0x00560000, 0x003e0000, 0x004b0000
-	data4	0x00c60000, 0x00d20000, 0x00790000, 0x00200000
-	data4	0x009a0000, 0x00db0000, 0x00c00000, 0x00fe0000
-	data4	0x00780000, 0x00cd0000, 0x005a0000, 0x00f40000
-	data4	0x001f0000, 0x00dd0000, 0x00a80000, 0x00330000
-	data4	0x00880000, 0x00070000, 0x00c70000, 0x00310000
-	data4	0x00b10000, 0x00120000, 0x00100000, 0x00590000
-	data4	0x00270000, 0x00800000, 0x00ec0000, 0x005f0000
-	data4	0x00600000, 0x00510000, 0x007f0000, 0x00a90000
-	data4	0x00190000, 0x00b50000, 0x004a0000, 0x000d0000
-	data4	0x002d0000, 0x00e50000, 0x007a0000, 0x009f0000
-	data4	0x00930000, 0x00c90000, 0x009c0000, 0x00ef0000
-	data4	0x00a00000, 0x00e00000, 0x003b0000, 0x004d0000
-	data4	0x00ae0000, 0x002a0000, 0x00f50000, 0x00b00000
-	data4	0x00c80000, 0x00eb0000, 0x00bb0000, 0x003c0000
-	data4	0x00830000, 0x00530000, 0x00990000, 0x00610000
-	data4	0x00170000, 0x002b0000, 0x00040000, 0x007e0000
-	data4	0x00ba0000, 0x00770000, 0x00d60000, 0x00260000
-	data4	0x00e10000, 0x00690000, 0x00140000, 0x00630000
-	data4	0x00550000, 0x00210000, 0x000c0000, 0x007d0000
-// Td6:
-	data4	0x00005200, 0x00000900, 0x00006a00, 0x0000d500
-	data4	0x00003000, 0x00003600, 0x0000a500, 0x00003800
-	data4	0x0000bf00, 0x00004000, 0x0000a300, 0x00009e00
-	data4	0x00008100, 0x0000f300, 0x0000d700, 0x0000fb00
-	data4	0x00007c00, 0x0000e300, 0x00003900, 0x00008200
-	data4	0x00009b00, 0x00002f00, 0x0000ff00, 0x00008700
-	data4	0x00003400, 0x00008e00, 0x00004300, 0x00004400
-	data4	0x0000c400, 0x0000de00, 0x0000e900, 0x0000cb00
-	data4	0x00005400, 0x00007b00, 0x00009400, 0x00003200
-	data4	0x0000a600, 0x0000c200, 0x00002300, 0x00003d00
-	data4	0x0000ee00, 0x00004c00, 0x00009500, 0x00000b00
-	data4	0x00004200, 0x0000fa00, 0x0000c300, 0x00004e00
-	data4	0x00000800, 0x00002e00, 0x0000a100, 0x00006600
-	data4	0x00002800, 0x0000d900, 0x00002400, 0x0000b200
-	data4	0x00007600, 0x00005b00, 0x0000a200, 0x00004900
-	data4	0x00006d00, 0x00008b00, 0x0000d100, 0x00002500
-	data4	0x00007200, 0x0000f800, 0x0000f600, 0x00006400
-	data4	0x00008600, 0x00006800, 0x00009800, 0x00001600
-	data4	0x0000d400, 0x0000a400, 0x00005c00, 0x0000cc00
-	data4	0x00005d00, 0x00006500, 0x0000b600, 0x00009200
-	data4	0x00006c00, 0x00007000, 0x00004800, 0x00005000
-	data4	0x0000fd00, 0x0000ed00, 0x0000b900, 0x0000da00
-	data4	0x00005e00, 0x00001500, 0x00004600, 0x00005700
-	data4	0x0000a700, 0x00008d00, 0x00009d00, 0x00008400
-	data4	0x00009000, 0x0000d800, 0x0000ab00, 0x00000000
-	data4	0x00008c00, 0x0000bc00, 0x0000d300, 0x00000a00
-	data4	0x0000f700, 0x0000e400, 0x00005800, 0x00000500
-	data4	0x0000b800, 0x0000b300, 0x00004500, 0x00000600
-	data4	0x0000d000, 0x00002c00, 0x00001e00, 0x00008f00
-	data4	0x0000ca00, 0x00003f00, 0x00000f00, 0x00000200
-	data4	0x0000c100, 0x0000af00, 0x0000bd00, 0x00000300
-	data4	0x00000100, 0x00001300, 0x00008a00, 0x00006b00
-	data4	0x00003a00, 0x00009100, 0x00001100, 0x00004100
-	data4	0x00004f00, 0x00006700, 0x0000dc00, 0x0000ea00
-	data4	0x00009700, 0x0000f200, 0x0000cf00, 0x0000ce00
-	data4	0x0000f000, 0x0000b400, 0x0000e600, 0x00007300
-	data4	0x00009600, 0x0000ac00, 0x00007400, 0x00002200
-	data4	0x0000e700, 0x0000ad00, 0x00003500, 0x00008500
-	data4	0x0000e200, 0x0000f900, 0x00003700, 0x0000e800
-	data4	0x00001c00, 0x00007500, 0x0000df00, 0x00006e00
-	data4	0x00004700, 0x0000f100, 0x00001a00, 0x00007100
-	data4	0x00001d00, 0x00002900, 0x0000c500, 0x00008900
-	data4	0x00006f00, 0x0000b700, 0x00006200, 0x00000e00
-	data4	0x0000aa00, 0x00001800, 0x0000be00, 0x00001b00
-	data4	0x0000fc00, 0x00005600, 0x00003e00, 0x00004b00
-	data4	0x0000c600, 0x0000d200, 0x00007900, 0x00002000
-	data4	0x00009a00, 0x0000db00, 0x0000c000, 0x0000fe00
-	data4	0x00007800, 0x0000cd00, 0x00005a00, 0x0000f400
-	data4	0x00001f00, 0x0000dd00, 0x0000a800, 0x00003300
-	data4	0x00008800, 0x00000700, 0x0000c700, 0x00003100
-	data4	0x0000b100, 0x00001200, 0x00001000, 0x00005900
-	data4	0x00002700, 0x00008000, 0x0000ec00, 0x00005f00
-	data4	0x00006000, 0x00005100, 0x00007f00, 0x0000a900
-	data4	0x00001900, 0x0000b500, 0x00004a00, 0x00000d00
-	data4	0x00002d00, 0x0000e500, 0x00007a00, 0x00009f00
-	data4	0x00009300, 0x0000c900, 0x00009c00, 0x0000ef00
-	data4	0x0000a000, 0x0000e000, 0x00003b00, 0x00004d00
-	data4	0x0000ae00, 0x00002a00, 0x0000f500, 0x0000b000
-	data4	0x0000c800, 0x0000eb00, 0x0000bb00, 0x00003c00
-	data4	0x00008300, 0x00005300, 0x00009900, 0x00006100
-	data4	0x00001700, 0x00002b00, 0x00000400, 0x00007e00
-	data4	0x0000ba00, 0x00007700, 0x0000d600, 0x00002600
-	data4	0x0000e100, 0x00006900, 0x00001400, 0x00006300
-	data4	0x00005500, 0x00002100, 0x00000c00, 0x00007d00
-// Td7:
-	data4	0x00000052, 0x00000009, 0x0000006a, 0x000000d5
-	data4	0x00000030, 0x00000036, 0x000000a5, 0x00000038
-	data4	0x000000bf, 0x00000040, 0x000000a3, 0x0000009e
-	data4	0x00000081, 0x000000f3, 0x000000d7, 0x000000fb
-	data4	0x0000007c, 0x000000e3, 0x00000039, 0x00000082
-	data4	0x0000009b, 0x0000002f, 0x000000ff, 0x00000087
-	data4	0x00000034, 0x0000008e, 0x00000043, 0x00000044
-	data4	0x000000c4, 0x000000de, 0x000000e9, 0x000000cb
-	data4	0x00000054, 0x0000007b, 0x00000094, 0x00000032
-	data4	0x000000a6, 0x000000c2, 0x00000023, 0x0000003d
-	data4	0x000000ee, 0x0000004c, 0x00000095, 0x0000000b
-	data4	0x00000042, 0x000000fa, 0x000000c3, 0x0000004e
-	data4	0x00000008, 0x0000002e, 0x000000a1, 0x00000066
-	data4	0x00000028, 0x000000d9, 0x00000024, 0x000000b2
-	data4	0x00000076, 0x0000005b, 0x000000a2, 0x00000049
-	data4	0x0000006d, 0x0000008b, 0x000000d1, 0x00000025
-	data4	0x00000072, 0x000000f8, 0x000000f6, 0x00000064
-	data4	0x00000086, 0x00000068, 0x00000098, 0x00000016
-	data4	0x000000d4, 0x000000a4, 0x0000005c, 0x000000cc
-	data4	0x0000005d, 0x00000065, 0x000000b6, 0x00000092
-	data4	0x0000006c, 0x00000070, 0x00000048, 0x00000050
-	data4	0x000000fd, 0x000000ed, 0x000000b9, 0x000000da
-	data4	0x0000005e, 0x00000015, 0x00000046, 0x00000057
-	data4	0x000000a7, 0x0000008d, 0x0000009d, 0x00000084
-	data4	0x00000090, 0x000000d8, 0x000000ab, 0x00000000
-	data4	0x0000008c, 0x000000bc, 0x000000d3, 0x0000000a
-	data4	0x000000f7, 0x000000e4, 0x00000058, 0x00000005
-	data4	0x000000b8, 0x000000b3, 0x00000045, 0x00000006
-	data4	0x000000d0, 0x0000002c, 0x0000001e, 0x0000008f
-	data4	0x000000ca, 0x0000003f, 0x0000000f, 0x00000002
-	data4	0x000000c1, 0x000000af, 0x000000bd, 0x00000003
-	data4	0x00000001, 0x00000013, 0x0000008a, 0x0000006b
-	data4	0x0000003a, 0x00000091, 0x00000011, 0x00000041
-	data4	0x0000004f, 0x00000067, 0x000000dc, 0x000000ea
-	data4	0x00000097, 0x000000f2, 0x000000cf, 0x000000ce
-	data4	0x000000f0, 0x000000b4, 0x000000e6, 0x00000073
-	data4	0x00000096, 0x000000ac, 0x00000074, 0x00000022
-	data4	0x000000e7, 0x000000ad, 0x00000035, 0x00000085
-	data4	0x000000e2, 0x000000f9, 0x00000037, 0x000000e8
-	data4	0x0000001c, 0x00000075, 0x000000df, 0x0000006e
-	data4	0x00000047, 0x000000f1, 0x0000001a, 0x00000071
-	data4	0x0000001d, 0x00000029, 0x000000c5, 0x00000089
-	data4	0x0000006f, 0x000000b7, 0x00000062, 0x0000000e
-	data4	0x000000aa, 0x00000018, 0x000000be, 0x0000001b
-	data4	0x000000fc, 0x00000056, 0x0000003e, 0x0000004b
-	data4	0x000000c6, 0x000000d2, 0x00000079, 0x00000020
-	data4	0x0000009a, 0x000000db, 0x000000c0, 0x000000fe
-	data4	0x00000078, 0x000000cd, 0x0000005a, 0x000000f4
-	data4	0x0000001f, 0x000000dd, 0x000000a8, 0x00000033
-	data4	0x00000088, 0x00000007, 0x000000c7, 0x00000031
-	data4	0x000000b1, 0x00000012, 0x00000010, 0x00000059
-	data4	0x00000027, 0x00000080, 0x000000ec, 0x0000005f
-	data4	0x00000060, 0x00000051, 0x0000007f, 0x000000a9
-	data4	0x00000019, 0x000000b5, 0x0000004a, 0x0000000d
-	data4	0x0000002d, 0x000000e5, 0x0000007a, 0x0000009f
-	data4	0x00000093, 0x000000c9, 0x0000009c, 0x000000ef
-	data4	0x000000a0, 0x000000e0, 0x0000003b, 0x0000004d
-	data4	0x000000ae, 0x0000002a, 0x000000f5, 0x000000b0
-	data4	0x000000c8, 0x000000eb, 0x000000bb, 0x0000003c
-	data4	0x00000083, 0x00000053, 0x00000099, 0x00000061
-	data4	0x00000017, 0x0000002b, 0x00000004, 0x0000007e
-	data4	0x000000ba, 0x00000077, 0x000000d6, 0x00000026
-	data4	0x000000e1, 0x00000069, 0x00000014, 0x00000063
-	data4	0x00000055, 0x00000021, 0x0000000c, 0x0000007d
-.size	AES_Td#,8*256*4	// HP-UX assembler fails to ".-AES_Td#"
+	data1	0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38
+	data1	0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb
+	data1	0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87
+	data1	0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb
+	data1	0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d
+	data1	0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e
+	data1	0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2
+	data1	0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25
+	data1	0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16
+	data1	0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92
+	data1	0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda
+	data1	0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84
+	data1	0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a
+	data1	0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06
+	data1	0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02
+	data1	0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b
+	data1	0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea
+	data1	0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73
+	data1	0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85
+	data1	0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e
+	data1	0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89
+	data1	0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b
+	data1	0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20
+	data1	0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4
+	data1	0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31
+	data1	0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f
+	data1	0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d
+	data1	0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef
+	data1	0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0
+	data1	0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61
+	data1	0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26
+	data1	0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d
+.size	AES_Td#,2048+256	// HP-UX assembler fails to ".-AES_Td#"
diff --git a/crypto/aes/asm/aes-parisc.pl b/crypto/aes/asm/aes-parisc.pl
new file mode 100644
index 0000000000..c36b6a2270
--- /dev/null
+++ b/crypto/aes/asm/aes-parisc.pl
@@ -0,0 +1,1021 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# AES for PA-RISC.
+#
+# June 2009.
+#
+# The module is mechanical transliteration of aes-sparcv9.pl, but with
+# a twist: S-boxes are compressed even further down to 1K+256B. On
+# PA-7100LC performance is ~40% better than gcc 3.2 generated code and
+# is about 33 cycles per byte processed with 128-bit key. Newer CPUs
+# perform at 16 cycles per byte. It's not faster than code generated
+# by vendor compiler, but recall that it has compressed S-boxes, which
+# requires extra processing.
+#
+# Special thanks to polarhome.com for providing HP-UX account.
+
+$flavour = shift;
+$output = shift;
+open STDOUT,">$output";
+
+if ($flavour =~ /64/) {
+	$LEVEL		="2.0W";
+	$SIZE_T		=8;
+	$FRAME_MARKER	=80;
+	$SAVED_RP	=16;
+	$PUSH		="std";
+	$PUSHMA		="std,ma";
+	$POP		="ldd";
+	$POPMB		="ldd,mb";
+} else {
+	$LEVEL		="1.0";
+	$SIZE_T		=4;
+	$FRAME_MARKER	=48;
+	$SAVED_RP	=20;
+	$PUSH		="stw";
+	$PUSHMA		="stwm";
+	$POP		="ldw";
+	$POPMB		="ldwm";
+}
+
+$FRAME=16*$SIZE_T+$FRAME_MARKER;# 16 saved regs + frame marker
+				#                 [+ argument transfer]
+$inp="%r26";	# arg0
+$out="%r25";	# arg1
+$key="%r24";	# arg2
+
+($s0,$s1,$s2,$s3) = ("%r1","%r2","%r3","%r4");
+($t0,$t1,$t2,$t3) = ("%r5","%r6","%r7","%r8");
+
+($acc0, $acc1, $acc2, $acc3, $acc4, $acc5, $acc6, $acc7,
+ $acc8, $acc9,$acc10,$acc11,$acc12,$acc13,$acc14,$acc15) =
+("%r9","%r10","%r11","%r12","%r13","%r14","%r15","%r16",
+"%r17","%r18","%r19","%r20","%r21","%r22","%r23","%r26");
+
+$tbl="%r28";
+$rounds="%r29";
+
+$code=<<___;
+	.LEVEL	$LEVEL
+	.SPACE	\$TEXT\$
+	.SUBSPA	\$CODE\$,QUAD=0,ALIGN=8,ACCESS=0x2C,CODE_ONLY
+
+	.EXPORT	AES_encrypt,ENTRY,ARGW0=GR,ARGW1=GR,ARGW2=GR
+	.ALIGN	64
+AES_encrypt
+	.PROC
+	.CALLINFO	FRAME=`$FRAME-16*$SIZE_T`,NO_CALLS,SAVE_RP,ENTRY_GR=18
+	.ENTRY
+	$PUSH	%r2,-$SAVED_RP(%sp)	; standard prologue
+	$PUSHMA	%r3,$FRAME(%sp)
+	$PUSH	%r4,`-$FRAME+1*$SIZE_T`(%sp)
+	$PUSH	%r5,`-$FRAME+2*$SIZE_T`(%sp)
+	$PUSH	%r6,`-$FRAME+3*$SIZE_T`(%sp)
+	$PUSH	%r7,`-$FRAME+4*$SIZE_T`(%sp)
+	$PUSH	%r8,`-$FRAME+5*$SIZE_T`(%sp)
+	$PUSH	%r9,`-$FRAME+6*$SIZE_T`(%sp)
+	$PUSH	%r10,`-$FRAME+7*$SIZE_T`(%sp)
+	$PUSH	%r11,`-$FRAME+8*$SIZE_T`(%sp)
+	$PUSH	%r12,`-$FRAME+9*$SIZE_T`(%sp)
+	$PUSH	%r13,`-$FRAME+10*$SIZE_T`(%sp)
+	$PUSH	%r14,`-$FRAME+11*$SIZE_T`(%sp)
+	$PUSH	%r15,`-$FRAME+12*$SIZE_T`(%sp)
+	$PUSH	%r16,`-$FRAME+13*$SIZE_T`(%sp)
+	$PUSH	%r17,`-$FRAME+14*$SIZE_T`(%sp)
+	$PUSH	%r18,`-$FRAME+15*$SIZE_T`(%sp)
+
+	blr	%r0,$tbl
+	ldi	3,$t0
+L\$enc_pic
+	andcm	$tbl,$t0,$tbl
+	ldo	L\$AES_Te-L\$enc_pic($tbl),$tbl
+
+	and	$inp,$t0,$t0
+	sub	$inp,$t0,$inp
+	ldw	0($inp),$s0
+	ldw	4($inp),$s1
+	ldw	8($inp),$s2
+	comib,=	0,$t0,L\$enc_inp_aligned
+	ldw	12($inp),$s3
+
+	sh3addl	$t0,%r0,$t0
+	subi	32,$t0,$t0
+	mtctl	$t0,%cr11
+	ldw	16($inp),$t1
+	vshd	$s0,$s1,$s0
+	vshd	$s1,$s2,$s1
+	vshd	$s2,$s3,$s2
+	vshd	$s3,$t1,$s3
+
+L\$enc_inp_aligned
+	bl	_parisc_AES_encrypt,%r31
+	nop
+
+	extru,<> $out,31,2,%r0
+	b	L\$enc_out_aligned
+	nop
+
+	_srm	$s0,24,$acc0
+	_srm	$s0,16,$acc1
+	stb	$acc0,0($out)
+	_srm	$s0,8,$acc2
+	stb	$acc1,1($out)
+	_srm	$s1,24,$acc4
+	stb	$acc2,2($out)
+	_srm	$s1,16,$acc5
+	stb	$s0,3($out)
+	_srm	$s1,8,$acc6
+	stb	$acc4,4($out)
+	_srm	$s2,24,$acc0
+	stb	$acc5,5($out)
+	_srm	$s2,16,$acc1
+	stb	$acc6,6($out)
+	_srm	$s2,8,$acc2
+	stb	$s1,7($out)
+	_srm	$s3,24,$acc4
+	stb	$acc0,8($out)
+	_srm	$s3,16,$acc5
+	stb	$acc1,9($out)
+	_srm	$s3,8,$acc6
+	stb	$acc2,10($out)
+	stb	$s2,11($out)
+	stb	$acc4,12($out)
+	stb	$acc5,13($out)
+	stb	$acc6,14($out)
+	b	L\$enc_done
+	stb	$s3,15($out)
+
+L\$enc_out_aligned
+	stw	$s0,0($out)
+	stw	$s1,4($out)
+	stw	$s2,8($out)
+	stw	$s3,12($out)
+
+L\$enc_done
+	$POP	`-$FRAME-$SAVED_RP`(%sp),%r2	; standard epilogue
+	$POP	`-$FRAME+1*$SIZE_T`(%sp),%r4
+	$POP	`-$FRAME+2*$SIZE_T`(%sp),%r5
+	$POP	`-$FRAME+3*$SIZE_T`(%sp),%r6
+	$POP	`-$FRAME+4*$SIZE_T`(%sp),%r7
+	$POP	`-$FRAME+5*$SIZE_T`(%sp),%r8
+	$POP	`-$FRAME+6*$SIZE_T`(%sp),%r9
+	$POP	`-$FRAME+7*$SIZE_T`(%sp),%r10
+	$POP	`-$FRAME+8*$SIZE_T`(%sp),%r11
+	$POP	`-$FRAME+9*$SIZE_T`(%sp),%r12
+	$POP	`-$FRAME+10*$SIZE_T`(%sp),%r13
+	$POP	`-$FRAME+11*$SIZE_T`(%sp),%r14
+	$POP	`-$FRAME+12*$SIZE_T`(%sp),%r15
+	$POP	`-$FRAME+13*$SIZE_T`(%sp),%r16
+	$POP	`-$FRAME+14*$SIZE_T`(%sp),%r17
+	$POP	`-$FRAME+15*$SIZE_T`(%sp),%r18
+	bv	(%r2)
+	.EXIT
+	$POPMB	-$FRAME(%sp),%r3
+	.PROCEND
+
+	.ALIGN	16
+_parisc_AES_encrypt
+	.PROC
+	.CALLINFO	MILLICODE
+	.ENTRY
+	ldw	240($key),$rounds
+	ldw	0($key),$t0
+	ldw	4($key),$t1
+	ldw	8($key),$t2
+	_srm	$rounds,1,$rounds
+	xor	$t0,$s0,$s0
+	ldw	12($key),$t3
+	_srm	$s0,24,$acc0
+	xor	$t1,$s1,$s1
+	ldw	16($key),$t0
+	_srm	$s1,16,$acc1
+	xor	$t2,$s2,$s2
+	ldw	20($key),$t1
+	xor	$t3,$s3,$s3
+	ldw	24($key),$t2
+	ldw	28($key),$t3
+L\$enc_loop
+	_srm	$s2,8,$acc2
+	ldwx,s	$acc0($tbl),$acc0
+	_srm	$s3,0,$acc3
+	ldwx,s	$acc1($tbl),$acc1
+	_srm	$s1,24,$acc4
+	ldwx,s	$acc2($tbl),$acc2
+	_srm	$s2,16,$acc5
+	ldwx,s	$acc3($tbl),$acc3
+	_srm	$s3,8,$acc6
+	ldwx,s	$acc4($tbl),$acc4
+	_srm	$s0,0,$acc7
+	ldwx,s	$acc5($tbl),$acc5
+	_srm	$s2,24,$acc8
+	ldwx,s	$acc6($tbl),$acc6
+	_srm	$s3,16,$acc9
+	ldwx,s	$acc7($tbl),$acc7
+	_srm	$s0,8,$acc10
+	ldwx,s	$acc8($tbl),$acc8
+	_srm	$s1,0,$acc11
+	ldwx,s	$acc9($tbl),$acc9
+	_srm	$s3,24,$acc12
+	ldwx,s	$acc10($tbl),$acc10
+	_srm	$s0,16,$acc13
+	ldwx,s	$acc11($tbl),$acc11
+	_srm	$s1,8,$acc14
+	ldwx,s	$acc12($tbl),$acc12
+	_srm	$s2,0,$acc15
+	ldwx,s	$acc13($tbl),$acc13
+	ldwx,s	$acc14($tbl),$acc14
+	ldwx,s	$acc15($tbl),$acc15
+	addib,= -1,$rounds,L\$enc_last
+	ldo	32($key),$key
+
+		_ror	$acc1,8,$acc1
+		xor	$acc0,$t0,$t0
+	ldw	0($key),$s0
+		_ror	$acc2,16,$acc2
+		xor	$acc1,$t0,$t0
+	ldw	4($key),$s1
+		_ror	$acc3,24,$acc3
+		xor	$acc2,$t0,$t0
+	ldw	8($key),$s2
+		_ror	$acc5,8,$acc5
+		xor	$acc3,$t0,$t0
+	ldw	12($key),$s3
+		_ror	$acc6,16,$acc6
+		xor	$acc4,$t1,$t1
+		_ror	$acc7,24,$acc7
+		xor	$acc5,$t1,$t1
+		_ror	$acc9,8,$acc9
+		xor	$acc6,$t1,$t1
+		_ror	$acc10,16,$acc10
+		xor	$acc7,$t1,$t1
+		_ror	$acc11,24,$acc11
+		xor	$acc8,$t2,$t2
+		_ror	$acc13,8,$acc13
+		xor	$acc9,$t2,$t2
+		_ror	$acc14,16,$acc14
+		xor	$acc10,$t2,$t2
+		_ror	$acc15,24,$acc15
+		xor	$acc11,$t2,$t2
+		xor	$acc12,$acc14,$acc14
+		xor	$acc13,$t3,$t3
+	_srm	$t0,24,$acc0
+		xor	$acc14,$t3,$t3
+	_srm	$t1,16,$acc1
+		xor	$acc15,$t3,$t3
+
+	_srm	$t2,8,$acc2
+	ldwx,s	$acc0($tbl),$acc0
+	_srm	$t3,0,$acc3
+	ldwx,s	$acc1($tbl),$acc1
+	_srm	$t1,24,$acc4
+	ldwx,s	$acc2($tbl),$acc2
+	_srm	$t2,16,$acc5
+	ldwx,s	$acc3($tbl),$acc3
+	_srm	$t3,8,$acc6
+	ldwx,s	$acc4($tbl),$acc4
+	_srm	$t0,0,$acc7
+	ldwx,s	$acc5($tbl),$acc5
+	_srm	$t2,24,$acc8
+	ldwx,s	$acc6($tbl),$acc6
+	_srm	$t3,16,$acc9
+	ldwx,s	$acc7($tbl),$acc7
+	_srm	$t0,8,$acc10
+	ldwx,s	$acc8($tbl),$acc8
+	_srm	$t1,0,$acc11
+	ldwx,s	$acc9($tbl),$acc9
+	_srm	$t3,24,$acc12
+	ldwx,s	$acc10($tbl),$acc10
+	_srm	$t0,16,$acc13
+	ldwx,s	$acc11($tbl),$acc11
+	_srm	$t1,8,$acc14
+	ldwx,s	$acc12($tbl),$acc12
+	_srm	$t2,0,$acc15
+	ldwx,s	$acc13($tbl),$acc13
+		_ror	$acc1,8,$acc1
+	ldwx,s	$acc14($tbl),$acc14
+
+		_ror	$acc2,16,$acc2
+		xor	$acc0,$s0,$s0
+	ldwx,s	$acc15($tbl),$acc15
+		_ror	$acc3,24,$acc3
+		xor	$acc1,$s0,$s0
+	ldw	16($key),$t0
+		_ror	$acc5,8,$acc5
+		xor	$acc2,$s0,$s0
+	ldw	20($key),$t1
+		_ror	$acc6,16,$acc6
+		xor	$acc3,$s0,$s0
+	ldw	24($key),$t2
+		_ror	$acc7,24,$acc7
+		xor	$acc4,$s1,$s1
+	ldw	28($key),$t3
+		_ror	$acc9,8,$acc9
+		xor	$acc5,$s1,$s1
+	ldw	1024+0($tbl),%r0		; prefetch te4
+		_ror	$acc10,16,$acc10
+		xor	$acc6,$s1,$s1
+	ldw	1024+32($tbl),%r0		; prefetch te4
+		_ror	$acc11,24,$acc11
+		xor	$acc7,$s1,$s1
+	ldw	1024+64($tbl),%r0		; prefetch te4
+		_ror	$acc13,8,$acc13
+		xor	$acc8,$s2,$s2
+	ldw	1024+96($tbl),%r0		; prefetch te4
+		_ror	$acc14,16,$acc14
+		xor	$acc9,$s2,$s2
+	ldw	1024+128($tbl),%r0		; prefetch te4
+		_ror	$acc15,24,$acc15
+		xor	$acc10,$s2,$s2
+	ldw	1024+160($tbl),%r0		; prefetch te4
+	_srm	$s0,24,$acc0
+		xor	$acc11,$s2,$s2
+	ldw	1024+192($tbl),%r0		; prefetch te4
+		xor	$acc12,$acc14,$acc14
+		xor	$acc13,$s3,$s3
+	ldw	1024+224($tbl),%r0		; prefetch te4
+	_srm	$s1,16,$acc1
+		xor	$acc14,$s3,$s3
+	b	L\$enc_loop
+		xor	$acc15,$s3,$s3
+
+	.ALIGN	16
+L\$enc_last
+	ldo	1024($tbl),$rounds
+		_ror	$acc1,8,$acc1
+		xor	$acc0,$t0,$t0
+	ldw	0($key),$s0
+		_ror	$acc2,16,$acc2
+		xor	$acc1,$t0,$t0
+	ldw	4($key),$s1
+		_ror	$acc3,24,$acc3
+		xor	$acc2,$t0,$t0
+	ldw	8($key),$s2
+		_ror	$acc5,8,$acc5
+		xor	$acc3,$t0,$t0
+	ldw	12($key),$s3
+		_ror	$acc6,16,$acc6
+		xor	$acc4,$t1,$t1
+		_ror	$acc7,24,$acc7
+		xor	$acc5,$t1,$t1
+		_ror	$acc9,8,$acc9
+		xor	$acc6,$t1,$t1
+		_ror	$acc10,16,$acc10
+		xor	$acc7,$t1,$t1
+		_ror	$acc11,24,$acc11
+		xor	$acc8,$t2,$t2
+		_ror	$acc13,8,$acc13
+		xor	$acc9,$t2,$t2
+		_ror	$acc14,16,$acc14
+		xor	$acc10,$t2,$t2
+		_ror	$acc15,24,$acc15
+		xor	$acc11,$t2,$t2
+		xor	$acc12,$acc14,$acc14
+		xor	$acc13,$t3,$t3
+	_srm	$t0,24,$acc0
+		xor	$acc14,$t3,$t3
+	_srm	$t1,16,$acc1
+		xor	$acc15,$t3,$t3
+
+	_srm	$t2,8,$acc2
+	ldbx	$acc0($rounds),$acc0
+	_srm	$t1,24,$acc4
+	ldbx	$acc1($rounds),$acc1
+	_srm	$t2,16,$acc5
+	_srm	$t3,0,$acc3
+	ldbx	$acc2($rounds),$acc2
+	ldbx	$acc3($rounds),$acc3
+	_srm	$t3,8,$acc6
+	ldbx	$acc4($rounds),$acc4
+	_srm	$t2,24,$acc8
+	ldbx	$acc5($rounds),$acc5
+	_srm	$t3,16,$acc9
+	_srm	$t0,0,$acc7
+	ldbx	$acc6($rounds),$acc6
+	ldbx	$acc7($rounds),$acc7
+	_srm	$t0,8,$acc10
+	ldbx	$acc8($rounds),$acc8
+	_srm	$t3,24,$acc12
+	ldbx	$acc9($rounds),$acc9
+	_srm	$t0,16,$acc13
+	_srm	$t1,0,$acc11
+	ldbx	$acc10($rounds),$acc10
+	_srm	$t1,8,$acc14
+	ldbx	$acc11($rounds),$acc11
+	ldbx	$acc12($rounds),$acc12
+	ldbx	$acc13($rounds),$acc13
+	_srm	$t2,0,$acc15
+	ldbx	$acc14($rounds),$acc14
+
+		dep	$acc0,7,8,$acc3
+	ldbx	$acc15($rounds),$acc15
+		dep	$acc4,7,8,$acc7
+		dep	$acc1,15,8,$acc3
+		dep	$acc5,15,8,$acc7
+		dep	$acc2,23,8,$acc3
+		dep	$acc6,23,8,$acc7
+		xor	$acc3,$s0,$s0
+		xor	$acc7,$s1,$s1
+		dep	$acc8,7,8,$acc11
+		dep	$acc12,7,8,$acc15
+		dep	$acc9,15,8,$acc11
+		dep	$acc13,15,8,$acc15
+		dep	$acc10,23,8,$acc11
+		dep	$acc14,23,8,$acc15
+		xor	$acc11,$s2,$s2
+
+	bv	(%r31)
+	.EXIT
+		xor	$acc15,$s3,$s3
+	.PROCEND
+
+	.ALIGN	64
+L\$AES_Te
+	.WORD	0xc66363a5, 0xf87c7c84, 0xee777799, 0xf67b7b8d
+	.WORD	0xfff2f20d, 0xd66b6bbd, 0xde6f6fb1, 0x91c5c554
+	.WORD	0x60303050, 0x02010103, 0xce6767a9, 0x562b2b7d
+	.WORD	0xe7fefe19, 0xb5d7d762, 0x4dababe6, 0xec76769a
+	.WORD	0x8fcaca45, 0x1f82829d, 0x89c9c940, 0xfa7d7d87
+	.WORD	0xeffafa15, 0xb25959eb, 0x8e4747c9, 0xfbf0f00b
+	.WORD	0x41adadec, 0xb3d4d467, 0x5fa2a2fd, 0x45afafea
+	.WORD	0x239c9cbf, 0x53a4a4f7, 0xe4727296, 0x9bc0c05b
+	.WORD	0x75b7b7c2, 0xe1fdfd1c, 0x3d9393ae, 0x4c26266a
+	.WORD	0x6c36365a, 0x7e3f3f41, 0xf5f7f702, 0x83cccc4f
+	.WORD	0x6834345c, 0x51a5a5f4, 0xd1e5e534, 0xf9f1f108
+	.WORD	0xe2717193, 0xabd8d873, 0x62313153, 0x2a15153f
+	.WORD	0x0804040c, 0x95c7c752, 0x46232365, 0x9dc3c35e
+	.WORD	0x30181828, 0x379696a1, 0x0a05050f, 0x2f9a9ab5
+	.WORD	0x0e070709, 0x24121236, 0x1b80809b, 0xdfe2e23d
+	.WORD	0xcdebeb26, 0x4e272769, 0x7fb2b2cd, 0xea75759f
+	.WORD	0x1209091b, 0x1d83839e, 0x582c2c74, 0x341a1a2e
+	.WORD	0x361b1b2d, 0xdc6e6eb2, 0xb45a5aee, 0x5ba0a0fb
+	.WORD	0xa45252f6, 0x763b3b4d, 0xb7d6d661, 0x7db3b3ce
+	.WORD	0x5229297b, 0xdde3e33e, 0x5e2f2f71, 0x13848497
+	.WORD	0xa65353f5, 0xb9d1d168, 0x00000000, 0xc1eded2c
+	.WORD	0x40202060, 0xe3fcfc1f, 0x79b1b1c8, 0xb65b5bed
+	.WORD	0xd46a6abe, 0x8dcbcb46, 0x67bebed9, 0x7239394b
+	.WORD	0x944a4ade, 0x984c4cd4, 0xb05858e8, 0x85cfcf4a
+	.WORD	0xbbd0d06b, 0xc5efef2a, 0x4faaaae5, 0xedfbfb16
+	.WORD	0x864343c5, 0x9a4d4dd7, 0x66333355, 0x11858594
+	.WORD	0x8a4545cf, 0xe9f9f910, 0x04020206, 0xfe7f7f81
+	.WORD	0xa05050f0, 0x783c3c44, 0x259f9fba, 0x4ba8a8e3
+	.WORD	0xa25151f3, 0x5da3a3fe, 0x804040c0, 0x058f8f8a
+	.WORD	0x3f9292ad, 0x219d9dbc, 0x70383848, 0xf1f5f504
+	.WORD	0x63bcbcdf, 0x77b6b6c1, 0xafdada75, 0x42212163
+	.WORD	0x20101030, 0xe5ffff1a, 0xfdf3f30e, 0xbfd2d26d
+	.WORD	0x81cdcd4c, 0x180c0c14, 0x26131335, 0xc3ecec2f
+	.WORD	0xbe5f5fe1, 0x359797a2, 0x884444cc, 0x2e171739
+	.WORD	0x93c4c457, 0x55a7a7f2, 0xfc7e7e82, 0x7a3d3d47
+	.WORD	0xc86464ac, 0xba5d5de7, 0x3219192b, 0xe6737395
+	.WORD	0xc06060a0, 0x19818198, 0x9e4f4fd1, 0xa3dcdc7f
+	.WORD	0x44222266, 0x542a2a7e, 0x3b9090ab, 0x0b888883
+	.WORD	0x8c4646ca, 0xc7eeee29, 0x6bb8b8d3, 0x2814143c
+	.WORD	0xa7dede79, 0xbc5e5ee2, 0x160b0b1d, 0xaddbdb76
+	.WORD	0xdbe0e03b, 0x64323256, 0x743a3a4e, 0x140a0a1e
+	.WORD	0x924949db, 0x0c06060a, 0x4824246c, 0xb85c5ce4
+	.WORD	0x9fc2c25d, 0xbdd3d36e, 0x43acacef, 0xc46262a6
+	.WORD	0x399191a8, 0x319595a4, 0xd3e4e437, 0xf279798b
+	.WORD	0xd5e7e732, 0x8bc8c843, 0x6e373759, 0xda6d6db7
+	.WORD	0x018d8d8c, 0xb1d5d564, 0x9c4e4ed2, 0x49a9a9e0
+	.WORD	0xd86c6cb4, 0xac5656fa, 0xf3f4f407, 0xcfeaea25
+	.WORD	0xca6565af, 0xf47a7a8e, 0x47aeaee9, 0x10080818
+	.WORD	0x6fbabad5, 0xf0787888, 0x4a25256f, 0x5c2e2e72
+	.WORD	0x381c1c24, 0x57a6a6f1, 0x73b4b4c7, 0x97c6c651
+	.WORD	0xcbe8e823, 0xa1dddd7c, 0xe874749c, 0x3e1f1f21
+	.WORD	0x964b4bdd, 0x61bdbddc, 0x0d8b8b86, 0x0f8a8a85
+	.WORD	0xe0707090, 0x7c3e3e42, 0x71b5b5c4, 0xcc6666aa
+	.WORD	0x904848d8, 0x06030305, 0xf7f6f601, 0x1c0e0e12
+	.WORD	0xc26161a3, 0x6a35355f, 0xae5757f9, 0x69b9b9d0
+	.WORD	0x17868691, 0x99c1c158, 0x3a1d1d27, 0x279e9eb9
+	.WORD	0xd9e1e138, 0xebf8f813, 0x2b9898b3, 0x22111133
+	.WORD	0xd26969bb, 0xa9d9d970, 0x078e8e89, 0x339494a7
+	.WORD	0x2d9b9bb6, 0x3c1e1e22, 0x15878792, 0xc9e9e920
+	.WORD	0x87cece49, 0xaa5555ff, 0x50282878, 0xa5dfdf7a
+	.WORD	0x038c8c8f, 0x59a1a1f8, 0x09898980, 0x1a0d0d17
+	.WORD	0x65bfbfda, 0xd7e6e631, 0x844242c6, 0xd06868b8
+	.WORD	0x824141c3, 0x299999b0, 0x5a2d2d77, 0x1e0f0f11
+	.WORD	0x7bb0b0cb, 0xa85454fc, 0x6dbbbbd6, 0x2c16163a
+	.BYTE	0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5
+	.BYTE	0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76
+	.BYTE	0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0
+	.BYTE	0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0
+	.BYTE	0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc
+	.BYTE	0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15
+	.BYTE	0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a
+	.BYTE	0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75
+	.BYTE	0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0
+	.BYTE	0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84
+	.BYTE	0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b
+	.BYTE	0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf
+	.BYTE	0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85
+	.BYTE	0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8
+	.BYTE	0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5
+	.BYTE	0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2
+	.BYTE	0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17
+	.BYTE	0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73
+	.BYTE	0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88
+	.BYTE	0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb
+	.BYTE	0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c
+	.BYTE	0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79
+	.BYTE	0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9
+	.BYTE	0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08
+	.BYTE	0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6
+	.BYTE	0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a
+	.BYTE	0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e
+	.BYTE	0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e
+	.BYTE	0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94
+	.BYTE	0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf
+	.BYTE	0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68
+	.BYTE	0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16
+___
+
+$code.=<<___;
+	.EXPORT	AES_decrypt,ENTRY,ARGW0=GR,ARGW1=GR,ARGW2=GR
+	.ALIGN	16
+AES_decrypt
+	.PROC
+	.CALLINFO	FRAME=`$FRAME-16*$SIZE_T`,NO_CALLS,SAVE_RP,ENTRY_GR=18
+	.ENTRY
+	$PUSH	%r2,-$SAVED_RP(%sp)	; standard prologue
+	$PUSHMA	%r3,$FRAME(%sp)
+	$PUSH	%r4,`-$FRAME+1*$SIZE_T`(%sp)
+	$PUSH	%r5,`-$FRAME+2*$SIZE_T`(%sp)
+	$PUSH	%r6,`-$FRAME+3*$SIZE_T`(%sp)
+	$PUSH	%r7,`-$FRAME+4*$SIZE_T`(%sp)
+	$PUSH	%r8,`-$FRAME+5*$SIZE_T`(%sp)
+	$PUSH	%r9,`-$FRAME+6*$SIZE_T`(%sp)
+	$PUSH	%r10,`-$FRAME+7*$SIZE_T`(%sp)
+	$PUSH	%r11,`-$FRAME+8*$SIZE_T`(%sp)
+	$PUSH	%r12,`-$FRAME+9*$SIZE_T`(%sp)
+	$PUSH	%r13,`-$FRAME+10*$SIZE_T`(%sp)
+	$PUSH	%r14,`-$FRAME+11*$SIZE_T`(%sp)
+	$PUSH	%r15,`-$FRAME+12*$SIZE_T`(%sp)
+	$PUSH	%r16,`-$FRAME+13*$SIZE_T`(%sp)
+	$PUSH	%r17,`-$FRAME+14*$SIZE_T`(%sp)
+	$PUSH	%r18,`-$FRAME+15*$SIZE_T`(%sp)
+
+	blr	%r0,$tbl
+	ldi	3,$t0
+L\$dec_pic
+	andcm	$tbl,$t0,$tbl
+	ldo	L\$AES_Td-L\$dec_pic($tbl),$tbl
+
+	and	$inp,$t0,$t0
+	sub	$inp,$t0,$inp
+	ldw	0($inp),$s0
+	ldw	4($inp),$s1
+	ldw	8($inp),$s2
+	comib,=	0,$t0,L\$dec_inp_aligned
+	ldw	12($inp),$s3
+
+	sh3addl	$t0,%r0,$t0
+	subi	32,$t0,$t0
+	mtctl	$t0,%cr11
+	ldw	16($inp),$t1
+	vshd	$s0,$s1,$s0
+	vshd	$s1,$s2,$s1
+	vshd	$s2,$s3,$s2
+	vshd	$s3,$t1,$s3
+
+L\$dec_inp_aligned
+	bl	_parisc_AES_decrypt,%r31
+	nop
+
+	extru,<> $out,31,2,%r0
+	b	L\$dec_out_aligned
+	nop
+
+	_srm	$s0,24,$acc0
+	_srm	$s0,16,$acc1
+	stb	$acc0,0($out)
+	_srm	$s0,8,$acc2
+	stb	$acc1,1($out)
+	_srm	$s1,24,$acc4
+	stb	$acc2,2($out)
+	_srm	$s1,16,$acc5
+	stb	$s0,3($out)
+	_srm	$s1,8,$acc6
+	stb	$acc4,4($out)
+	_srm	$s2,24,$acc0
+	stb	$acc5,5($out)
+	_srm	$s2,16,$acc1
+	stb	$acc6,6($out)
+	_srm	$s2,8,$acc2
+	stb	$s1,7($out)
+	_srm	$s3,24,$acc4
+	stb	$acc0,8($out)
+	_srm	$s3,16,$acc5
+	stb	$acc1,9($out)
+	_srm	$s3,8,$acc6
+	stb	$acc2,10($out)
+	stb	$s2,11($out)
+	stb	$acc4,12($out)
+	stb	$acc5,13($out)
+	stb	$acc6,14($out)
+	b	L\$dec_done
+	stb	$s3,15($out)
+
+L\$dec_out_aligned
+	stw	$s0,0($out)
+	stw	$s1,4($out)
+	stw	$s2,8($out)
+	stw	$s3,12($out)
+
+L\$dec_done
+	$POP	`-$FRAME-$SAVED_RP`(%sp),%r2	; standard epilogue
+	$POP	`-$FRAME+1*$SIZE_T`(%sp),%r4
+	$POP	`-$FRAME+2*$SIZE_T`(%sp),%r5
+	$POP	`-$FRAME+3*$SIZE_T`(%sp),%r6
+	$POP	`-$FRAME+4*$SIZE_T`(%sp),%r7
+	$POP	`-$FRAME+5*$SIZE_T`(%sp),%r8
+	$POP	`-$FRAME+6*$SIZE_T`(%sp),%r9
+	$POP	`-$FRAME+7*$SIZE_T`(%sp),%r10
+	$POP	`-$FRAME+8*$SIZE_T`(%sp),%r11
+	$POP	`-$FRAME+9*$SIZE_T`(%sp),%r12
+	$POP	`-$FRAME+10*$SIZE_T`(%sp),%r13
+	$POP	`-$FRAME+11*$SIZE_T`(%sp),%r14
+	$POP	`-$FRAME+12*$SIZE_T`(%sp),%r15
+	$POP	`-$FRAME+13*$SIZE_T`(%sp),%r16
+	$POP	`-$FRAME+14*$SIZE_T`(%sp),%r17
+	$POP	`-$FRAME+15*$SIZE_T`(%sp),%r18
+	bv	(%r2)
+	.EXIT
+	$POPMB	-$FRAME(%sp),%r3
+	.PROCEND
+
+	.ALIGN	16
+_parisc_AES_decrypt
+	.PROC
+	.CALLINFO	MILLICODE
+	.ENTRY
+	ldw	240($key),$rounds
+	ldw	0($key),$t0
+	ldw	4($key),$t1
+	ldw	8($key),$t2
+	ldw	12($key),$t3
+	_srm	$rounds,1,$rounds
+	xor	$t0,$s0,$s0
+	ldw	16($key),$t0
+	xor	$t1,$s1,$s1
+	ldw	20($key),$t1
+	_srm	$s0,24,$acc0
+	xor	$t2,$s2,$s2
+	ldw	24($key),$t2
+	xor	$t3,$s3,$s3
+	ldw	28($key),$t3
+	_srm	$s3,16,$acc1
+L\$dec_loop
+	_srm	$s2,8,$acc2
+	ldwx,s	$acc0($tbl),$acc0
+	_srm	$s1,0,$acc3
+	ldwx,s	$acc1($tbl),$acc1
+	_srm	$s1,24,$acc4
+	ldwx,s	$acc2($tbl),$acc2
+	_srm	$s0,16,$acc5
+	ldwx,s	$acc3($tbl),$acc3
+	_srm	$s3,8,$acc6
+	ldwx,s	$acc4($tbl),$acc4
+	_srm	$s2,0,$acc7
+	ldwx,s	$acc5($tbl),$acc5
+	_srm	$s2,24,$acc8
+	ldwx,s	$acc6($tbl),$acc6
+	_srm	$s1,16,$acc9
+	ldwx,s	$acc7($tbl),$acc7
+	_srm	$s0,8,$acc10
+	ldwx,s	$acc8($tbl),$acc8
+	_srm	$s3,0,$acc11
+	ldwx,s	$acc9($tbl),$acc9
+	_srm	$s3,24,$acc12
+	ldwx,s	$acc10($tbl),$acc10
+	_srm	$s2,16,$acc13
+	ldwx,s	$acc11($tbl),$acc11
+	_srm	$s1,8,$acc14
+	ldwx,s	$acc12($tbl),$acc12
+	_srm	$s0,0,$acc15
+	ldwx,s	$acc13($tbl),$acc13
+	ldwx,s	$acc14($tbl),$acc14
+	ldwx,s	$acc15($tbl),$acc15
+	addib,= -1,$rounds,L\$dec_last
+	ldo	32($key),$key
+
+		_ror	$acc1,8,$acc1
+		xor	$acc0,$t0,$t0
+	ldw	0($key),$s0
+		_ror	$acc2,16,$acc2
+		xor	$acc1,$t0,$t0
+	ldw	4($key),$s1
+		_ror	$acc3,24,$acc3
+		xor	$acc2,$t0,$t0
+	ldw	8($key),$s2
+		_ror	$acc5,8,$acc5
+		xor	$acc3,$t0,$t0
+	ldw	12($key),$s3
+		_ror	$acc6,16,$acc6
+		xor	$acc4,$t1,$t1
+		_ror	$acc7,24,$acc7
+		xor	$acc5,$t1,$t1
+		_ror	$acc9,8,$acc9
+		xor	$acc6,$t1,$t1
+		_ror	$acc10,16,$acc10
+		xor	$acc7,$t1,$t1
+		_ror	$acc11,24,$acc11
+		xor	$acc8,$t2,$t2
+		_ror	$acc13,8,$acc13
+		xor	$acc9,$t2,$t2
+		_ror	$acc14,16,$acc14
+		xor	$acc10,$t2,$t2
+		_ror	$acc15,24,$acc15
+		xor	$acc11,$t2,$t2
+		xor	$acc12,$acc14,$acc14
+		xor	$acc13,$t3,$t3
+	_srm	$t0,24,$acc0
+		xor	$acc14,$t3,$t3
+		xor	$acc15,$t3,$t3
+	_srm	$t3,16,$acc1
+
+	_srm	$t2,8,$acc2
+	ldwx,s	$acc0($tbl),$acc0
+	_srm	$t1,0,$acc3
+	ldwx,s	$acc1($tbl),$acc1
+	_srm	$t1,24,$acc4
+	ldwx,s	$acc2($tbl),$acc2
+	_srm	$t0,16,$acc5
+	ldwx,s	$acc3($tbl),$acc3
+	_srm	$t3,8,$acc6
+	ldwx,s	$acc4($tbl),$acc4
+	_srm	$t2,0,$acc7
+	ldwx,s	$acc5($tbl),$acc5
+	_srm	$t2,24,$acc8
+	ldwx,s	$acc6($tbl),$acc6
+	_srm	$t1,16,$acc9
+	ldwx,s	$acc7($tbl),$acc7
+	_srm	$t0,8,$acc10
+	ldwx,s	$acc8($tbl),$acc8
+	_srm	$t3,0,$acc11
+	ldwx,s	$acc9($tbl),$acc9
+	_srm	$t3,24,$acc12
+	ldwx,s	$acc10($tbl),$acc10
+	_srm	$t2,16,$acc13
+	ldwx,s	$acc11($tbl),$acc11
+	_srm	$t1,8,$acc14
+	ldwx,s	$acc12($tbl),$acc12
+	_srm	$t0,0,$acc15
+	ldwx,s	$acc13($tbl),$acc13
+		_ror	$acc1,8,$acc1
+	ldwx,s	$acc14($tbl),$acc14
+
+		_ror	$acc2,16,$acc2
+		xor	$acc0,$s0,$s0
+	ldwx,s	$acc15($tbl),$acc15
+		_ror	$acc3,24,$acc3
+		xor	$acc1,$s0,$s0
+	ldw	16($key),$t0
+		_ror	$acc5,8,$acc5
+		xor	$acc2,$s0,$s0
+	ldw	20($key),$t1
+		_ror	$acc6,16,$acc6
+		xor	$acc3,$s0,$s0
+	ldw	24($key),$t2
+		_ror	$acc7,24,$acc7
+		xor	$acc4,$s1,$s1
+	ldw	28($key),$t3
+		_ror	$acc9,8,$acc9
+		xor	$acc5,$s1,$s1
+	ldw	1024+0($tbl),%r0		; prefetch td4
+		_ror	$acc10,16,$acc10
+		xor	$acc6,$s1,$s1
+	ldw	1024+32($tbl),%r0		; prefetch td4
+		_ror	$acc11,24,$acc11
+		xor	$acc7,$s1,$s1
+	ldw	1024+64($tbl),%r0		; prefetch td4
+		_ror	$acc13,8,$acc13
+		xor	$acc8,$s2,$s2
+	ldw	1024+96($tbl),%r0		; prefetch td4
+		_ror	$acc14,16,$acc14
+		xor	$acc9,$s2,$s2
+	ldw	1024+128($tbl),%r0		; prefetch td4
+		_ror	$acc15,24,$acc15
+		xor	$acc10,$s2,$s2
+	ldw	1024+160($tbl),%r0		; prefetch td4
+	_srm	$s0,24,$acc0
+		xor	$acc11,$s2,$s2
+	ldw	1024+192($tbl),%r0		; prefetch td4
+		xor	$acc12,$acc14,$acc14
+		xor	$acc13,$s3,$s3
+	ldw	1024+224($tbl),%r0		; prefetch td4
+		xor	$acc14,$s3,$s3
+		xor	$acc15,$s3,$s3
+	b	L\$dec_loop
+	_srm	$s3,16,$acc1
+
+	.ALIGN	16
+L\$dec_last
+	ldo	1024($tbl),$rounds
+		_ror	$acc1,8,$acc1
+		xor	$acc0,$t0,$t0
+	ldw	0($key),$s0
+		_ror	$acc2,16,$acc2
+		xor	$acc1,$t0,$t0
+	ldw	4($key),$s1
+		_ror	$acc3,24,$acc3
+		xor	$acc2,$t0,$t0
+	ldw	8($key),$s2
+		_ror	$acc5,8,$acc5
+		xor	$acc3,$t0,$t0
+	ldw	12($key),$s3
+		_ror	$acc6,16,$acc6
+		xor	$acc4,$t1,$t1
+		_ror	$acc7,24,$acc7
+		xor	$acc5,$t1,$t1
+		_ror	$acc9,8,$acc9
+		xor	$acc6,$t1,$t1
+		_ror	$acc10,16,$acc10
+		xor	$acc7,$t1,$t1
+		_ror	$acc11,24,$acc11
+		xor	$acc8,$t2,$t2
+		_ror	$acc13,8,$acc13
+		xor	$acc9,$t2,$t2
+		_ror	$acc14,16,$acc14
+		xor	$acc10,$t2,$t2
+		_ror	$acc15,24,$acc15
+		xor	$acc11,$t2,$t2
+		xor	$acc12,$acc14,$acc14
+		xor	$acc13,$t3,$t3
+	_srm	$t0,24,$acc0
+		xor	$acc14,$t3,$t3
+		xor	$acc15,$t3,$t3
+	_srm	$t3,16,$acc1
+
+	_srm	$t2,8,$acc2
+	ldbx	$acc0($rounds),$acc0
+	_srm	$t1,24,$acc4
+	ldbx	$acc1($rounds),$acc1
+	_srm	$t0,16,$acc5
+	_srm	$t1,0,$acc3
+	ldbx	$acc2($rounds),$acc2
+	ldbx	$acc3($rounds),$acc3
+	_srm	$t3,8,$acc6
+	ldbx	$acc4($rounds),$acc4
+	_srm	$t2,24,$acc8
+	ldbx	$acc5($rounds),$acc5
+	_srm	$t1,16,$acc9
+	_srm	$t2,0,$acc7
+	ldbx	$acc6($rounds),$acc6
+	ldbx	$acc7($rounds),$acc7
+	_srm	$t0,8,$acc10
+	ldbx	$acc8($rounds),$acc8
+	_srm	$t3,24,$acc12
+	ldbx	$acc9($rounds),$acc9
+	_srm	$t2,16,$acc13
+	_srm	$t3,0,$acc11
+	ldbx	$acc10($rounds),$acc10
+	_srm	$t1,8,$acc14
+	ldbx	$acc11($rounds),$acc11
+	ldbx	$acc12($rounds),$acc12
+	ldbx	$acc13($rounds),$acc13
+	_srm	$t0,0,$acc15
+	ldbx	$acc14($rounds),$acc14
+
+		dep	$acc0,7,8,$acc3
+	ldbx	$acc15($rounds),$acc15
+		dep	$acc4,7,8,$acc7
+		dep	$acc1,15,8,$acc3
+		dep	$acc5,15,8,$acc7
+		dep	$acc2,23,8,$acc3
+		dep	$acc6,23,8,$acc7
+		xor	$acc3,$s0,$s0
+		xor	$acc7,$s1,$s1
+		dep	$acc8,7,8,$acc11
+		dep	$acc12,7,8,$acc15
+		dep	$acc9,15,8,$acc11
+		dep	$acc13,15,8,$acc15
+		dep	$acc10,23,8,$acc11
+		dep	$acc14,23,8,$acc15
+		xor	$acc11,$s2,$s2
+
+	bv	(%r31)
+	.EXIT
+		xor	$acc15,$s3,$s3
+	.PROCEND
+
+	.ALIGN	64
+L\$AES_Td
+	.WORD	0x51f4a750, 0x7e416553, 0x1a17a4c3, 0x3a275e96
+	.WORD	0x3bab6bcb, 0x1f9d45f1, 0xacfa58ab, 0x4be30393
+	.WORD	0x2030fa55, 0xad766df6, 0x88cc7691, 0xf5024c25
+	.WORD	0x4fe5d7fc, 0xc52acbd7, 0x26354480, 0xb562a38f
+	.WORD	0xdeb15a49, 0x25ba1b67, 0x45ea0e98, 0x5dfec0e1
+	.WORD	0xc32f7502, 0x814cf012, 0x8d4697a3, 0x6bd3f9c6
+	.WORD	0x038f5fe7, 0x15929c95, 0xbf6d7aeb, 0x955259da
+	.WORD	0xd4be832d, 0x587421d3, 0x49e06929, 0x8ec9c844
+	.WORD	0x75c2896a, 0xf48e7978, 0x99583e6b, 0x27b971dd
+	.WORD	0xbee14fb6, 0xf088ad17, 0xc920ac66, 0x7dce3ab4
+	.WORD	0x63df4a18, 0xe51a3182, 0x97513360, 0x62537f45
+	.WORD	0xb16477e0, 0xbb6bae84, 0xfe81a01c, 0xf9082b94
+	.WORD	0x70486858, 0x8f45fd19, 0x94de6c87, 0x527bf8b7
+	.WORD	0xab73d323, 0x724b02e2, 0xe31f8f57, 0x6655ab2a
+	.WORD	0xb2eb2807, 0x2fb5c203, 0x86c57b9a, 0xd33708a5
+	.WORD	0x302887f2, 0x23bfa5b2, 0x02036aba, 0xed16825c
+	.WORD	0x8acf1c2b, 0xa779b492, 0xf307f2f0, 0x4e69e2a1
+	.WORD	0x65daf4cd, 0x0605bed5, 0xd134621f, 0xc4a6fe8a
+	.WORD	0x342e539d, 0xa2f355a0, 0x058ae132, 0xa4f6eb75
+	.WORD	0x0b83ec39, 0x4060efaa, 0x5e719f06, 0xbd6e1051
+	.WORD	0x3e218af9, 0x96dd063d, 0xdd3e05ae, 0x4de6bd46
+	.WORD	0x91548db5, 0x71c45d05, 0x0406d46f, 0x605015ff
+	.WORD	0x1998fb24, 0xd6bde997, 0x894043cc, 0x67d99e77
+	.WORD	0xb0e842bd, 0x07898b88, 0xe7195b38, 0x79c8eedb
+	.WORD	0xa17c0a47, 0x7c420fe9, 0xf8841ec9, 0x00000000
+	.WORD	0x09808683, 0x322bed48, 0x1e1170ac, 0x6c5a724e
+	.WORD	0xfd0efffb, 0x0f853856, 0x3daed51e, 0x362d3927
+	.WORD	0x0a0fd964, 0x685ca621, 0x9b5b54d1, 0x24362e3a
+	.WORD	0x0c0a67b1, 0x9357e70f, 0xb4ee96d2, 0x1b9b919e
+	.WORD	0x80c0c54f, 0x61dc20a2, 0x5a774b69, 0x1c121a16
+	.WORD	0xe293ba0a, 0xc0a02ae5, 0x3c22e043, 0x121b171d
+	.WORD	0x0e090d0b, 0xf28bc7ad, 0x2db6a8b9, 0x141ea9c8
+	.WORD	0x57f11985, 0xaf75074c, 0xee99ddbb, 0xa37f60fd
+	.WORD	0xf701269f, 0x5c72f5bc, 0x44663bc5, 0x5bfb7e34
+	.WORD	0x8b432976, 0xcb23c6dc, 0xb6edfc68, 0xb8e4f163
+	.WORD	0xd731dcca, 0x42638510, 0x13972240, 0x84c61120
+	.WORD	0x854a247d, 0xd2bb3df8, 0xaef93211, 0xc729a16d
+	.WORD	0x1d9e2f4b, 0xdcb230f3, 0x0d8652ec, 0x77c1e3d0
+	.WORD	0x2bb3166c, 0xa970b999, 0x119448fa, 0x47e96422
+	.WORD	0xa8fc8cc4, 0xa0f03f1a, 0x567d2cd8, 0x223390ef
+	.WORD	0x87494ec7, 0xd938d1c1, 0x8ccaa2fe, 0x98d40b36
+	.WORD	0xa6f581cf, 0xa57ade28, 0xdab78e26, 0x3fadbfa4
+	.WORD	0x2c3a9de4, 0x5078920d, 0x6a5fcc9b, 0x547e4662
+	.WORD	0xf68d13c2, 0x90d8b8e8, 0x2e39f75e, 0x82c3aff5
+	.WORD	0x9f5d80be, 0x69d0937c, 0x6fd52da9, 0xcf2512b3
+	.WORD	0xc8ac993b, 0x10187da7, 0xe89c636e, 0xdb3bbb7b
+	.WORD	0xcd267809, 0x6e5918f4, 0xec9ab701, 0x834f9aa8
+	.WORD	0xe6956e65, 0xaaffe67e, 0x21bccf08, 0xef15e8e6
+	.WORD	0xbae79bd9, 0x4a6f36ce, 0xea9f09d4, 0x29b07cd6
+	.WORD	0x31a4b2af, 0x2a3f2331, 0xc6a59430, 0x35a266c0
+	.WORD	0x744ebc37, 0xfc82caa6, 0xe090d0b0, 0x33a7d815
+	.WORD	0xf104984a, 0x41ecdaf7, 0x7fcd500e, 0x1791f62f
+	.WORD	0x764dd68d, 0x43efb04d, 0xccaa4d54, 0xe49604df
+	.WORD	0x9ed1b5e3, 0x4c6a881b, 0xc12c1fb8, 0x4665517f
+	.WORD	0x9d5eea04, 0x018c355d, 0xfa877473, 0xfb0b412e
+	.WORD	0xb3671d5a, 0x92dbd252, 0xe9105633, 0x6dd64713
+	.WORD	0x9ad7618c, 0x37a10c7a, 0x59f8148e, 0xeb133c89
+	.WORD	0xcea927ee, 0xb761c935, 0xe11ce5ed, 0x7a47b13c
+	.WORD	0x9cd2df59, 0x55f2733f, 0x1814ce79, 0x73c737bf
+	.WORD	0x53f7cdea, 0x5ffdaa5b, 0xdf3d6f14, 0x7844db86
+	.WORD	0xcaaff381, 0xb968c43e, 0x3824342c, 0xc2a3405f
+	.WORD	0x161dc372, 0xbce2250c, 0x283c498b, 0xff0d9541
+	.WORD	0x39a80171, 0x080cb3de, 0xd8b4e49c, 0x6456c190
+	.WORD	0x7bcb8461, 0xd532b670, 0x486c5c74, 0xd0b85742
+	.BYTE	0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38
+	.BYTE	0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb
+	.BYTE	0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87
+	.BYTE	0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb
+	.BYTE	0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d
+	.BYTE	0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e
+	.BYTE	0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2
+	.BYTE	0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25
+	.BYTE	0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16
+	.BYTE	0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92
+	.BYTE	0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda
+	.BYTE	0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84
+	.BYTE	0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a
+	.BYTE	0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06
+	.BYTE	0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02
+	.BYTE	0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b
+	.BYTE	0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea
+	.BYTE	0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73
+	.BYTE	0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85
+	.BYTE	0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e
+	.BYTE	0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89
+	.BYTE	0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b
+	.BYTE	0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20
+	.BYTE	0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4
+	.BYTE	0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31
+	.BYTE	0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f
+	.BYTE	0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d
+	.BYTE	0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef
+	.BYTE	0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0
+	.BYTE	0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61
+	.BYTE	0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26
+	.BYTE	0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d
+	.STRINGZ "AES for PA-RISC, CRYPTOGAMS by <appro\@openssl.org>"
+___
+
+foreach (split("\n",$code)) {
+	s/\`([^\`]*)\`/eval $1/ge;
+
+	# translate made up instructons: _ror, _srm
+	s/_ror(\s+)(%r[0-9]+),/shd$1$2,$2,/				or
+
+	s/_srm(\s+%r[0-9]+),([0-9]+),/
+		$SIZE_T==4 ? sprintf("extru%s,%d,8,",$1,31-$2)
+		:            sprintf("extrd,u%s,%d,8,",$1,63-$2)/e;
+
+	s/,\*/,/ if ($SIZE_T==4);
+	print $_,"\n";
+}
+close STDOUT;
diff --git a/crypto/aes/asm/aes-ppc.pl b/crypto/aes/asm/aes-ppc.pl
new file mode 100644
index 0000000000..ce427655ef
--- /dev/null
+++ b/crypto/aes/asm/aes-ppc.pl
@@ -0,0 +1,1176 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# Needs more work: key setup, page boundaries, CBC routine...
+#
+# ppc_AES_[en|de]crypt perform at 18 cycles per byte processed with
+# 128-bit key, which is ~40% better than 64-bit code generated by gcc
+# 4.0. But these are not the ones currently used! Their "compact"
+# counterparts are, for security reason. ppc_AES_encrypt_compact runs
+# at 1/2 of ppc_AES_encrypt speed, while ppc_AES_decrypt_compact -
+# at 1/3 of ppc_AES_decrypt.
+
+$flavour = shift;
+
+if ($flavour =~ /64/) {
+	$SIZE_T	=8;
+	$STU	="stdu";
+	$POP	="ld";
+	$PUSH	="std";
+} elsif ($flavour =~ /32/) {
+	$SIZE_T	=4;
+	$STU	="stwu";
+	$POP	="lwz";
+	$PUSH	="stw";
+} else { die "nonsense $flavour"; }
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+( $xlate="${dir}ppc-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}../../perlasm/ppc-xlate.pl" and -f $xlate) or
+die "can't locate ppc-xlate.pl";
+
+open STDOUT,"| $^X $xlate $flavour ".shift || die "can't call $xlate: $!";
+
+$FRAME=32*$SIZE_T;
+
+sub _data_word()
+{ my $i;
+    while(defined($i=shift)) { $code.=sprintf"\t.long\t0x%08x,0x%08x\n",$i,$i; }
+}
+
+$sp="r1";
+$toc="r2";
+$inp="r3";
+$out="r4";
+$key="r5";
+
+$Tbl0="r3";
+$Tbl1="r6";
+$Tbl2="r7";
+$Tbl3="r2";
+
+$s0="r8";
+$s1="r9";
+$s2="r10";
+$s3="r11";
+
+$t0="r12";
+$t1="r13";
+$t2="r14";
+$t3="r15";
+
+$acc00="r16";
+$acc01="r17";
+$acc02="r18";
+$acc03="r19";
+
+$acc04="r20";
+$acc05="r21";
+$acc06="r22";
+$acc07="r23";
+
+$acc08="r24";
+$acc09="r25";
+$acc10="r26";
+$acc11="r27";
+
+$acc12="r28";
+$acc13="r29";
+$acc14="r30";
+$acc15="r31";
+
+# stay away from TLS pointer
+if ($SIZE_T==8)	{ die if ($t1 ne "r13");  $t1="r0";		}
+else		{ die if ($Tbl3 ne "r2"); $Tbl3=$t0; $t0="r0";	}
+$mask80=$Tbl2;
+$mask1b=$Tbl3;
+
+$code.=<<___;
+.machine	"any"
+.text
+
+.align	7
+LAES_Te:
+	mflr	r0
+	bcl	20,31,\$+4
+	mflr	$Tbl0	;    vvvvv "distance" between . and 1st data entry
+	addi	$Tbl0,$Tbl0,`128-8`
+	mtlr	r0
+	blr
+	.space	`32-24`
+LAES_Td:
+	mflr	r0
+	bcl	20,31,\$+4
+	mflr	$Tbl0	;    vvvvvvvv "distance" between . and 1st data entry
+	addi	$Tbl0,$Tbl0,`128-8-32+2048+256`
+	mtlr	r0
+	blr
+	.space	`128-32-24`
+___
+&_data_word(
+	0xc66363a5, 0xf87c7c84, 0xee777799, 0xf67b7b8d,
+	0xfff2f20d, 0xd66b6bbd, 0xde6f6fb1, 0x91c5c554,
+	0x60303050, 0x02010103, 0xce6767a9, 0x562b2b7d,
+	0xe7fefe19, 0xb5d7d762, 0x4dababe6, 0xec76769a,
+	0x8fcaca45, 0x1f82829d, 0x89c9c940, 0xfa7d7d87,
+	0xeffafa15, 0xb25959eb, 0x8e4747c9, 0xfbf0f00b,
+	0x41adadec, 0xb3d4d467, 0x5fa2a2fd, 0x45afafea,
+	0x239c9cbf, 0x53a4a4f7, 0xe4727296, 0x9bc0c05b,
+	0x75b7b7c2, 0xe1fdfd1c, 0x3d9393ae, 0x4c26266a,
+	0x6c36365a, 0x7e3f3f41, 0xf5f7f702, 0x83cccc4f,
+	0x6834345c, 0x51a5a5f4, 0xd1e5e534, 0xf9f1f108,
+	0xe2717193, 0xabd8d873, 0x62313153, 0x2a15153f,
+	0x0804040c, 0x95c7c752, 0x46232365, 0x9dc3c35e,
+	0x30181828, 0x379696a1, 0x0a05050f, 0x2f9a9ab5,
+	0x0e070709, 0x24121236, 0x1b80809b, 0xdfe2e23d,
+	0xcdebeb26, 0x4e272769, 0x7fb2b2cd, 0xea75759f,
+	0x1209091b, 0x1d83839e, 0x582c2c74, 0x341a1a2e,
+	0x361b1b2d, 0xdc6e6eb2, 0xb45a5aee, 0x5ba0a0fb,
+	0xa45252f6, 0x763b3b4d, 0xb7d6d661, 0x7db3b3ce,
+	0x5229297b, 0xdde3e33e, 0x5e2f2f71, 0x13848497,
+	0xa65353f5, 0xb9d1d168, 0x00000000, 0xc1eded2c,
+	0x40202060, 0xe3fcfc1f, 0x79b1b1c8, 0xb65b5bed,
+	0xd46a6abe, 0x8dcbcb46, 0x67bebed9, 0x7239394b,
+	0x944a4ade, 0x984c4cd4, 0xb05858e8, 0x85cfcf4a,
+	0xbbd0d06b, 0xc5efef2a, 0x4faaaae5, 0xedfbfb16,
+	0x864343c5, 0x9a4d4dd7, 0x66333355, 0x11858594,
+	0x8a4545cf, 0xe9f9f910, 0x04020206, 0xfe7f7f81,
+	0xa05050f0, 0x783c3c44, 0x259f9fba, 0x4ba8a8e3,
+	0xa25151f3, 0x5da3a3fe, 0x804040c0, 0x058f8f8a,
+	0x3f9292ad, 0x219d9dbc, 0x70383848, 0xf1f5f504,
+	0x63bcbcdf, 0x77b6b6c1, 0xafdada75, 0x42212163,
+	0x20101030, 0xe5ffff1a, 0xfdf3f30e, 0xbfd2d26d,
+	0x81cdcd4c, 0x180c0c14, 0x26131335, 0xc3ecec2f,
+	0xbe5f5fe1, 0x359797a2, 0x884444cc, 0x2e171739,
+	0x93c4c457, 0x55a7a7f2, 0xfc7e7e82, 0x7a3d3d47,
+	0xc86464ac, 0xba5d5de7, 0x3219192b, 0xe6737395,
+	0xc06060a0, 0x19818198, 0x9e4f4fd1, 0xa3dcdc7f,
+	0x44222266, 0x542a2a7e, 0x3b9090ab, 0x0b888883,
+	0x8c4646ca, 0xc7eeee29, 0x6bb8b8d3, 0x2814143c,
+	0xa7dede79, 0xbc5e5ee2, 0x160b0b1d, 0xaddbdb76,
+	0xdbe0e03b, 0x64323256, 0x743a3a4e, 0x140a0a1e,
+	0x924949db, 0x0c06060a, 0x4824246c, 0xb85c5ce4,
+	0x9fc2c25d, 0xbdd3d36e, 0x43acacef, 0xc46262a6,
+	0x399191a8, 0x319595a4, 0xd3e4e437, 0xf279798b,
+	0xd5e7e732, 0x8bc8c843, 0x6e373759, 0xda6d6db7,
+	0x018d8d8c, 0xb1d5d564, 0x9c4e4ed2, 0x49a9a9e0,
+	0xd86c6cb4, 0xac5656fa, 0xf3f4f407, 0xcfeaea25,
+	0xca6565af, 0xf47a7a8e, 0x47aeaee9, 0x10080818,
+	0x6fbabad5, 0xf0787888, 0x4a25256f, 0x5c2e2e72,
+	0x381c1c24, 0x57a6a6f1, 0x73b4b4c7, 0x97c6c651,
+	0xcbe8e823, 0xa1dddd7c, 0xe874749c, 0x3e1f1f21,
+	0x964b4bdd, 0x61bdbddc, 0x0d8b8b86, 0x0f8a8a85,
+	0xe0707090, 0x7c3e3e42, 0x71b5b5c4, 0xcc6666aa,
+	0x904848d8, 0x06030305, 0xf7f6f601, 0x1c0e0e12,
+	0xc26161a3, 0x6a35355f, 0xae5757f9, 0x69b9b9d0,
+	0x17868691, 0x99c1c158, 0x3a1d1d27, 0x279e9eb9,
+	0xd9e1e138, 0xebf8f813, 0x2b9898b3, 0x22111133,
+	0xd26969bb, 0xa9d9d970, 0x078e8e89, 0x339494a7,
+	0x2d9b9bb6, 0x3c1e1e22, 0x15878792, 0xc9e9e920,
+	0x87cece49, 0xaa5555ff, 0x50282878, 0xa5dfdf7a,
+	0x038c8c8f, 0x59a1a1f8, 0x09898980, 0x1a0d0d17,
+	0x65bfbfda, 0xd7e6e631, 0x844242c6, 0xd06868b8,
+	0x824141c3, 0x299999b0, 0x5a2d2d77, 0x1e0f0f11,
+	0x7bb0b0cb, 0xa85454fc, 0x6dbbbbd6, 0x2c16163a);
+$code.=<<___;
+.byte	0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5
+.byte	0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76
+.byte	0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0
+.byte	0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0
+.byte	0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc
+.byte	0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15
+.byte	0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a
+.byte	0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75
+.byte	0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0
+.byte	0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84
+.byte	0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b
+.byte	0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf
+.byte	0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85
+.byte	0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8
+.byte	0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5
+.byte	0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2
+.byte	0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17
+.byte	0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73
+.byte	0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88
+.byte	0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb
+.byte	0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c
+.byte	0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79
+.byte	0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9
+.byte	0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08
+.byte	0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6
+.byte	0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a
+.byte	0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e
+.byte	0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e
+.byte	0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94
+.byte	0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf
+.byte	0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68
+.byte	0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16
+___
+&_data_word(
+	0x51f4a750, 0x7e416553, 0x1a17a4c3, 0x3a275e96,
+	0x3bab6bcb, 0x1f9d45f1, 0xacfa58ab, 0x4be30393,
+	0x2030fa55, 0xad766df6, 0x88cc7691, 0xf5024c25,
+	0x4fe5d7fc, 0xc52acbd7, 0x26354480, 0xb562a38f,
+	0xdeb15a49, 0x25ba1b67, 0x45ea0e98, 0x5dfec0e1,
+	0xc32f7502, 0x814cf012, 0x8d4697a3, 0x6bd3f9c6,
+	0x038f5fe7, 0x15929c95, 0xbf6d7aeb, 0x955259da,
+	0xd4be832d, 0x587421d3, 0x49e06929, 0x8ec9c844,
+	0x75c2896a, 0xf48e7978, 0x99583e6b, 0x27b971dd,
+	0xbee14fb6, 0xf088ad17, 0xc920ac66, 0x7dce3ab4,
+	0x63df4a18, 0xe51a3182, 0x97513360, 0x62537f45,
+	0xb16477e0, 0xbb6bae84, 0xfe81a01c, 0xf9082b94,
+	0x70486858, 0x8f45fd19, 0x94de6c87, 0x527bf8b7,
+	0xab73d323, 0x724b02e2, 0xe31f8f57, 0x6655ab2a,
+	0xb2eb2807, 0x2fb5c203, 0x86c57b9a, 0xd33708a5,
+	0x302887f2, 0x23bfa5b2, 0x02036aba, 0xed16825c,
+	0x8acf1c2b, 0xa779b492, 0xf307f2f0, 0x4e69e2a1,
+	0x65daf4cd, 0x0605bed5, 0xd134621f, 0xc4a6fe8a,
+	0x342e539d, 0xa2f355a0, 0x058ae132, 0xa4f6eb75,
+	0x0b83ec39, 0x4060efaa, 0x5e719f06, 0xbd6e1051,
+	0x3e218af9, 0x96dd063d, 0xdd3e05ae, 0x4de6bd46,
+	0x91548db5, 0x71c45d05, 0x0406d46f, 0x605015ff,
+	0x1998fb24, 0xd6bde997, 0x894043cc, 0x67d99e77,
+	0xb0e842bd, 0x07898b88, 0xe7195b38, 0x79c8eedb,
+	0xa17c0a47, 0x7c420fe9, 0xf8841ec9, 0x00000000,
+	0x09808683, 0x322bed48, 0x1e1170ac, 0x6c5a724e,
+	0xfd0efffb, 0x0f853856, 0x3daed51e, 0x362d3927,
+	0x0a0fd964, 0x685ca621, 0x9b5b54d1, 0x24362e3a,
+	0x0c0a67b1, 0x9357e70f, 0xb4ee96d2, 0x1b9b919e,
+	0x80c0c54f, 0x61dc20a2, 0x5a774b69, 0x1c121a16,
+	0xe293ba0a, 0xc0a02ae5, 0x3c22e043, 0x121b171d,
+	0x0e090d0b, 0xf28bc7ad, 0x2db6a8b9, 0x141ea9c8,
+	0x57f11985, 0xaf75074c, 0xee99ddbb, 0xa37f60fd,
+	0xf701269f, 0x5c72f5bc, 0x44663bc5, 0x5bfb7e34,
+	0x8b432976, 0xcb23c6dc, 0xb6edfc68, 0xb8e4f163,
+	0xd731dcca, 0x42638510, 0x13972240, 0x84c61120,
+	0x854a247d, 0xd2bb3df8, 0xaef93211, 0xc729a16d,
+	0x1d9e2f4b, 0xdcb230f3, 0x0d8652ec, 0x77c1e3d0,
+	0x2bb3166c, 0xa970b999, 0x119448fa, 0x47e96422,
+	0xa8fc8cc4, 0xa0f03f1a, 0x567d2cd8, 0x223390ef,
+	0x87494ec7, 0xd938d1c1, 0x8ccaa2fe, 0x98d40b36,
+	0xa6f581cf, 0xa57ade28, 0xdab78e26, 0x3fadbfa4,
+	0x2c3a9de4, 0x5078920d, 0x6a5fcc9b, 0x547e4662,
+	0xf68d13c2, 0x90d8b8e8, 0x2e39f75e, 0x82c3aff5,
+	0x9f5d80be, 0x69d0937c, 0x6fd52da9, 0xcf2512b3,
+	0xc8ac993b, 0x10187da7, 0xe89c636e, 0xdb3bbb7b,
+	0xcd267809, 0x6e5918f4, 0xec9ab701, 0x834f9aa8,
+	0xe6956e65, 0xaaffe67e, 0x21bccf08, 0xef15e8e6,
+	0xbae79bd9, 0x4a6f36ce, 0xea9f09d4, 0x29b07cd6,
+	0x31a4b2af, 0x2a3f2331, 0xc6a59430, 0x35a266c0,
+	0x744ebc37, 0xfc82caa6, 0xe090d0b0, 0x33a7d815,
+	0xf104984a, 0x41ecdaf7, 0x7fcd500e, 0x1791f62f,
+	0x764dd68d, 0x43efb04d, 0xccaa4d54, 0xe49604df,
+	0x9ed1b5e3, 0x4c6a881b, 0xc12c1fb8, 0x4665517f,
+	0x9d5eea04, 0x018c355d, 0xfa877473, 0xfb0b412e,
+	0xb3671d5a, 0x92dbd252, 0xe9105633, 0x6dd64713,
+	0x9ad7618c, 0x37a10c7a, 0x59f8148e, 0xeb133c89,
+	0xcea927ee, 0xb761c935, 0xe11ce5ed, 0x7a47b13c,
+	0x9cd2df59, 0x55f2733f, 0x1814ce79, 0x73c737bf,
+	0x53f7cdea, 0x5ffdaa5b, 0xdf3d6f14, 0x7844db86,
+	0xcaaff381, 0xb968c43e, 0x3824342c, 0xc2a3405f,
+	0x161dc372, 0xbce2250c, 0x283c498b, 0xff0d9541,
+	0x39a80171, 0x080cb3de, 0xd8b4e49c, 0x6456c190,
+	0x7bcb8461, 0xd532b670, 0x486c5c74, 0xd0b85742);
+$code.=<<___;
+.byte	0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38
+.byte	0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb
+.byte	0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87
+.byte	0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb
+.byte	0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d
+.byte	0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e
+.byte	0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2
+.byte	0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25
+.byte	0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16
+.byte	0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92
+.byte	0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda
+.byte	0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84
+.byte	0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a
+.byte	0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06
+.byte	0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02
+.byte	0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b
+.byte	0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea
+.byte	0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73
+.byte	0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85
+.byte	0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e
+.byte	0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89
+.byte	0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b
+.byte	0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20
+.byte	0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4
+.byte	0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31
+.byte	0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f
+.byte	0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d
+.byte	0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef
+.byte	0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0
+.byte	0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61
+.byte	0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26
+.byte	0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d
+
+
+.globl	.AES_encrypt
+.align	7
+.AES_encrypt:
+	mflr	r0
+	$STU	$sp,-$FRAME($sp)
+
+	$PUSH	r0,`$FRAME-$SIZE_T*21`($sp)
+	$PUSH	$toc,`$FRAME-$SIZE_T*20`($sp)
+	$PUSH	r13,`$FRAME-$SIZE_T*19`($sp)
+	$PUSH	r14,`$FRAME-$SIZE_T*18`($sp)
+	$PUSH	r15,`$FRAME-$SIZE_T*17`($sp)
+	$PUSH	r16,`$FRAME-$SIZE_T*16`($sp)
+	$PUSH	r17,`$FRAME-$SIZE_T*15`($sp)
+	$PUSH	r18,`$FRAME-$SIZE_T*14`($sp)
+	$PUSH	r19,`$FRAME-$SIZE_T*13`($sp)
+	$PUSH	r20,`$FRAME-$SIZE_T*12`($sp)
+	$PUSH	r21,`$FRAME-$SIZE_T*11`($sp)
+	$PUSH	r22,`$FRAME-$SIZE_T*10`($sp)
+	$PUSH	r23,`$FRAME-$SIZE_T*9`($sp)
+	$PUSH	r24,`$FRAME-$SIZE_T*8`($sp)
+	$PUSH	r25,`$FRAME-$SIZE_T*7`($sp)
+	$PUSH	r26,`$FRAME-$SIZE_T*6`($sp)
+	$PUSH	r27,`$FRAME-$SIZE_T*5`($sp)
+	$PUSH	r28,`$FRAME-$SIZE_T*4`($sp)
+	$PUSH	r29,`$FRAME-$SIZE_T*3`($sp)
+	$PUSH	r30,`$FRAME-$SIZE_T*2`($sp)
+	$PUSH	r31,`$FRAME-$SIZE_T*1`($sp)
+
+	lwz	$s0,0($inp)
+	lwz	$s1,4($inp)
+	lwz	$s2,8($inp)
+	lwz	$s3,12($inp)
+	bl	LAES_Te
+	bl	Lppc_AES_encrypt_compact
+	stw	$s0,0($out)
+	stw	$s1,4($out)
+	stw	$s2,8($out)
+	stw	$s3,12($out)
+
+	$POP	r0,`$FRAME-$SIZE_T*21`($sp)
+	$POP	$toc,`$FRAME-$SIZE_T*20`($sp)
+	$POP	r13,`$FRAME-$SIZE_T*19`($sp)
+	$POP	r14,`$FRAME-$SIZE_T*18`($sp)
+	$POP	r15,`$FRAME-$SIZE_T*17`($sp)
+	$POP	r16,`$FRAME-$SIZE_T*16`($sp)
+	$POP	r17,`$FRAME-$SIZE_T*15`($sp)
+	$POP	r18,`$FRAME-$SIZE_T*14`($sp)
+	$POP	r19,`$FRAME-$SIZE_T*13`($sp)
+	$POP	r20,`$FRAME-$SIZE_T*12`($sp)
+	$POP	r21,`$FRAME-$SIZE_T*11`($sp)
+	$POP	r22,`$FRAME-$SIZE_T*10`($sp)
+	$POP	r23,`$FRAME-$SIZE_T*9`($sp)
+	$POP	r24,`$FRAME-$SIZE_T*8`($sp)
+	$POP	r25,`$FRAME-$SIZE_T*7`($sp)
+	$POP	r26,`$FRAME-$SIZE_T*6`($sp)
+	$POP	r27,`$FRAME-$SIZE_T*5`($sp)
+	$POP	r28,`$FRAME-$SIZE_T*4`($sp)
+	$POP	r29,`$FRAME-$SIZE_T*3`($sp)
+	$POP	r30,`$FRAME-$SIZE_T*2`($sp)
+	$POP	r31,`$FRAME-$SIZE_T*1`($sp)
+	mtlr	r0
+	addi	$sp,$sp,$FRAME
+	blr
+
+.align	4
+Lppc_AES_encrypt:
+	lwz	$acc00,240($key)
+	lwz	$t0,0($key)
+	lwz	$t1,4($key)
+	lwz	$t2,8($key)
+	lwz	$t3,12($key)
+	addi	$Tbl1,$Tbl0,3
+	addi	$Tbl2,$Tbl0,2
+	addi	$Tbl3,$Tbl0,1
+	addi	$acc00,$acc00,-1
+	addi	$key,$key,16
+	xor	$s0,$s0,$t0
+	xor	$s1,$s1,$t1
+	xor	$s2,$s2,$t2
+	xor	$s3,$s3,$t3
+	mtctr	$acc00
+.align	4
+Lenc_loop:
+	rlwinm	$acc00,$s0,`32-24+3`,21,28
+	rlwinm	$acc01,$s1,`32-24+3`,21,28
+	lwz	$t0,0($key)
+	lwz	$t1,4($key)
+	rlwinm	$acc02,$s2,`32-24+3`,21,28
+	rlwinm	$acc03,$s3,`32-24+3`,21,28
+	lwz	$t2,8($key)
+	lwz	$t3,12($key)
+	rlwinm	$acc04,$s1,`32-16+3`,21,28
+	rlwinm	$acc05,$s2,`32-16+3`,21,28
+	lwzx	$acc00,$Tbl0,$acc00
+	lwzx	$acc01,$Tbl0,$acc01
+	rlwinm	$acc06,$s3,`32-16+3`,21,28
+	rlwinm	$acc07,$s0,`32-16+3`,21,28
+	lwzx	$acc02,$Tbl0,$acc02
+	lwzx	$acc03,$Tbl0,$acc03
+	rlwinm	$acc08,$s2,`32-8+3`,21,28
+	rlwinm	$acc09,$s3,`32-8+3`,21,28
+	lwzx	$acc04,$Tbl1,$acc04
+	lwzx	$acc05,$Tbl1,$acc05
+	rlwinm	$acc10,$s0,`32-8+3`,21,28
+	rlwinm	$acc11,$s1,`32-8+3`,21,28
+	lwzx	$acc06,$Tbl1,$acc06
+	lwzx	$acc07,$Tbl1,$acc07
+	rlwinm	$acc12,$s3,`0+3`,21,28
+	rlwinm	$acc13,$s0,`0+3`,21,28
+	lwzx	$acc08,$Tbl2,$acc08
+	lwzx	$acc09,$Tbl2,$acc09
+	rlwinm	$acc14,$s1,`0+3`,21,28
+	rlwinm	$acc15,$s2,`0+3`,21,28
+	lwzx	$acc10,$Tbl2,$acc10
+	lwzx	$acc11,$Tbl2,$acc11
+	xor	$t0,$t0,$acc00
+	xor	$t1,$t1,$acc01
+	lwzx	$acc12,$Tbl3,$acc12
+	lwzx	$acc13,$Tbl3,$acc13
+	xor	$t2,$t2,$acc02
+	xor	$t3,$t3,$acc03
+	lwzx	$acc14,$Tbl3,$acc14
+	lwzx	$acc15,$Tbl3,$acc15
+	xor	$t0,$t0,$acc04
+	xor	$t1,$t1,$acc05
+	xor	$t2,$t2,$acc06
+	xor	$t3,$t3,$acc07
+	xor	$t0,$t0,$acc08
+	xor	$t1,$t1,$acc09
+	xor	$t2,$t2,$acc10
+	xor	$t3,$t3,$acc11
+	xor	$s0,$t0,$acc12
+	xor	$s1,$t1,$acc13
+	xor	$s2,$t2,$acc14
+	xor	$s3,$t3,$acc15
+	addi	$key,$key,16
+	bdnz-	Lenc_loop
+
+	addi	$Tbl2,$Tbl0,2048
+	nop
+	lwz	$acc08,`2048+0`($Tbl0)	! prefetch Te4
+	lwz	$acc09,`2048+32`($Tbl0)
+	lwz	$acc10,`2048+64`($Tbl0)
+	lwz	$acc11,`2048+96`($Tbl0)
+	lwz	$acc08,`2048+128`($Tbl0)
+	lwz	$acc09,`2048+160`($Tbl0)
+	lwz	$acc10,`2048+192`($Tbl0)
+	lwz	$acc11,`2048+224`($Tbl0)
+	rlwinm	$acc00,$s0,`32-24`,24,31
+	rlwinm	$acc01,$s1,`32-24`,24,31
+	lwz	$t0,0($key)
+	lwz	$t1,4($key)
+	rlwinm	$acc02,$s2,`32-24`,24,31
+	rlwinm	$acc03,$s3,`32-24`,24,31
+	lwz	$t2,8($key)
+	lwz	$t3,12($key)
+	rlwinm	$acc04,$s1,`32-16`,24,31
+	rlwinm	$acc05,$s2,`32-16`,24,31
+	lbzx	$acc00,$Tbl2,$acc00
+	lbzx	$acc01,$Tbl2,$acc01
+	rlwinm	$acc06,$s3,`32-16`,24,31
+	rlwinm	$acc07,$s0,`32-16`,24,31
+	lbzx	$acc02,$Tbl2,$acc02
+	lbzx	$acc03,$Tbl2,$acc03
+	rlwinm	$acc08,$s2,`32-8`,24,31
+	rlwinm	$acc09,$s3,`32-8`,24,31
+	lbzx	$acc04,$Tbl2,$acc04
+	lbzx	$acc05,$Tbl2,$acc05
+	rlwinm	$acc10,$s0,`32-8`,24,31
+	rlwinm	$acc11,$s1,`32-8`,24,31
+	lbzx	$acc06,$Tbl2,$acc06
+	lbzx	$acc07,$Tbl2,$acc07
+	rlwinm	$acc12,$s3,`0`,24,31
+	rlwinm	$acc13,$s0,`0`,24,31
+	lbzx	$acc08,$Tbl2,$acc08
+	lbzx	$acc09,$Tbl2,$acc09
+	rlwinm	$acc14,$s1,`0`,24,31
+	rlwinm	$acc15,$s2,`0`,24,31
+	lbzx	$acc10,$Tbl2,$acc10
+	lbzx	$acc11,$Tbl2,$acc11
+	rlwinm	$s0,$acc00,24,0,7
+	rlwinm	$s1,$acc01,24,0,7
+	lbzx	$acc12,$Tbl2,$acc12
+	lbzx	$acc13,$Tbl2,$acc13
+	rlwinm	$s2,$acc02,24,0,7
+	rlwinm	$s3,$acc03,24,0,7
+	lbzx	$acc14,$Tbl2,$acc14
+	lbzx	$acc15,$Tbl2,$acc15
+	rlwimi	$s0,$acc04,16,8,15
+	rlwimi	$s1,$acc05,16,8,15
+	rlwimi	$s2,$acc06,16,8,15
+	rlwimi	$s3,$acc07,16,8,15
+	rlwimi	$s0,$acc08,8,16,23
+	rlwimi	$s1,$acc09,8,16,23
+	rlwimi	$s2,$acc10,8,16,23
+	rlwimi	$s3,$acc11,8,16,23
+	or	$s0,$s0,$acc12
+	or	$s1,$s1,$acc13
+	or	$s2,$s2,$acc14
+	or	$s3,$s3,$acc15
+	xor	$s0,$s0,$t0
+	xor	$s1,$s1,$t1
+	xor	$s2,$s2,$t2
+	xor	$s3,$s3,$t3
+	blr
+
+.align	4
+Lppc_AES_encrypt_compact:
+	lwz	$acc00,240($key)
+	lwz	$t0,0($key)
+	lwz	$t1,4($key)
+	lwz	$t2,8($key)
+	lwz	$t3,12($key)
+	addi	$Tbl1,$Tbl0,2048
+	lis	$mask80,0x8080
+	lis	$mask1b,0x1b1b
+	addi	$key,$key,16
+	ori	$mask80,$mask80,0x8080
+	ori	$mask1b,$mask1b,0x1b1b
+	mtctr	$acc00
+.align	4
+Lenc_compact_loop:
+	xor	$s0,$s0,$t0
+	xor	$s1,$s1,$t1
+	xor	$s2,$s2,$t2
+	xor	$s3,$s3,$t3
+	rlwinm	$acc00,$s0,`32-24`,24,31
+	rlwinm	$acc01,$s1,`32-24`,24,31
+	rlwinm	$acc02,$s2,`32-24`,24,31
+	rlwinm	$acc03,$s3,`32-24`,24,31
+	lbzx	$acc00,$Tbl1,$acc00
+	lbzx	$acc01,$Tbl1,$acc01
+	rlwinm	$acc04,$s1,`32-16`,24,31
+	rlwinm	$acc05,$s2,`32-16`,24,31
+	lbzx	$acc02,$Tbl1,$acc02
+	lbzx	$acc03,$Tbl1,$acc03
+	rlwinm	$acc06,$s3,`32-16`,24,31
+	rlwinm	$acc07,$s0,`32-16`,24,31
+	lbzx	$acc04,$Tbl1,$acc04
+	lbzx	$acc05,$Tbl1,$acc05
+	rlwinm	$acc08,$s2,`32-8`,24,31
+	rlwinm	$acc09,$s3,`32-8`,24,31
+	lbzx	$acc06,$Tbl1,$acc06
+	lbzx	$acc07,$Tbl1,$acc07
+	rlwinm	$acc10,$s0,`32-8`,24,31
+	rlwinm	$acc11,$s1,`32-8`,24,31
+	lbzx	$acc08,$Tbl1,$acc08
+	lbzx	$acc09,$Tbl1,$acc09
+	rlwinm	$acc12,$s3,`0`,24,31
+	rlwinm	$acc13,$s0,`0`,24,31
+	lbzx	$acc10,$Tbl1,$acc10
+	lbzx	$acc11,$Tbl1,$acc11
+	rlwinm	$acc14,$s1,`0`,24,31
+	rlwinm	$acc15,$s2,`0`,24,31
+	lbzx	$acc12,$Tbl1,$acc12
+	lbzx	$acc13,$Tbl1,$acc13
+	rlwinm	$s0,$acc00,24,0,7
+	rlwinm	$s1,$acc01,24,0,7
+	lbzx	$acc14,$Tbl1,$acc14
+	lbzx	$acc15,$Tbl1,$acc15
+	rlwinm	$s2,$acc02,24,0,7
+	rlwinm	$s3,$acc03,24,0,7
+	rlwimi	$s0,$acc04,16,8,15
+	rlwimi	$s1,$acc05,16,8,15
+	rlwimi	$s2,$acc06,16,8,15
+	rlwimi	$s3,$acc07,16,8,15
+	rlwimi	$s0,$acc08,8,16,23
+	rlwimi	$s1,$acc09,8,16,23
+	rlwimi	$s2,$acc10,8,16,23
+	rlwimi	$s3,$acc11,8,16,23
+	lwz	$t0,0($key)
+	lwz	$t1,4($key)
+	or	$s0,$s0,$acc12
+	or	$s1,$s1,$acc13
+	lwz	$t2,8($key)
+	lwz	$t3,12($key)
+	or	$s2,$s2,$acc14
+	or	$s3,$s3,$acc15
+
+	addi	$key,$key,16
+	bdz	Lenc_compact_done
+
+	and	$acc00,$s0,$mask80	# r1=r0&0x80808080
+	and	$acc01,$s1,$mask80
+	and	$acc02,$s2,$mask80
+	and	$acc03,$s3,$mask80
+	srwi	$acc04,$acc00,7		# r1>>7
+	srwi	$acc05,$acc01,7
+	srwi	$acc06,$acc02,7
+	srwi	$acc07,$acc03,7
+	andc	$acc08,$s0,$mask80	# r0&0x7f7f7f7f
+	andc	$acc09,$s1,$mask80
+	andc	$acc10,$s2,$mask80
+	andc	$acc11,$s3,$mask80
+	sub	$acc00,$acc00,$acc04	# r1-(r1>>7)
+	sub	$acc01,$acc01,$acc05
+	sub	$acc02,$acc02,$acc06
+	sub	$acc03,$acc03,$acc07
+	add	$acc08,$acc08,$acc08	# (r0&0x7f7f7f7f)<<1
+	add	$acc09,$acc09,$acc09
+	add	$acc10,$acc10,$acc10
+	add	$acc11,$acc11,$acc11
+	and	$acc00,$acc00,$mask1b	# (r1-(r1>>7))&0x1b1b1b1b
+	and	$acc01,$acc01,$mask1b
+	and	$acc02,$acc02,$mask1b
+	and	$acc03,$acc03,$mask1b
+	xor	$acc00,$acc00,$acc08	# r2
+	xor	$acc01,$acc01,$acc09
+	xor	$acc02,$acc02,$acc10
+	xor	$acc03,$acc03,$acc11
+
+	rotlwi	$acc12,$s0,16		# ROTATE(r0,16)
+	rotlwi	$acc13,$s1,16
+	rotlwi	$acc14,$s2,16
+	rotlwi	$acc15,$s3,16
+	xor	$s0,$s0,$acc00		# r0^r2
+	xor	$s1,$s1,$acc01
+	xor	$s2,$s2,$acc02
+	xor	$s3,$s3,$acc03
+	rotrwi	$s0,$s0,24		# ROTATE(r2^r0,24)
+	rotrwi	$s1,$s1,24
+	rotrwi	$s2,$s2,24
+	rotrwi	$s3,$s3,24
+	xor	$s0,$s0,$acc00		# ROTATE(r2^r0,24)^r2
+	xor	$s1,$s1,$acc01
+	xor	$s2,$s2,$acc02
+	xor	$s3,$s3,$acc03
+	rotlwi	$acc08,$acc12,8		# ROTATE(r0,24)
+	rotlwi	$acc09,$acc13,8
+	rotlwi	$acc10,$acc14,8
+	rotlwi	$acc11,$acc15,8
+	xor	$s0,$s0,$acc12		#
+	xor	$s1,$s1,$acc13
+	xor	$s2,$s2,$acc14
+	xor	$s3,$s3,$acc15
+	xor	$s0,$s0,$acc08		#
+	xor	$s1,$s1,$acc09
+	xor	$s2,$s2,$acc10
+	xor	$s3,$s3,$acc11
+
+	b	Lenc_compact_loop
+.align	4
+Lenc_compact_done:
+	xor	$s0,$s0,$t0
+	xor	$s1,$s1,$t1
+	xor	$s2,$s2,$t2
+	xor	$s3,$s3,$t3
+	blr
+
+.globl	.AES_decrypt
+.align	7
+.AES_decrypt:
+	mflr	r0
+	$STU	$sp,-$FRAME($sp)
+
+	$PUSH	r0,`$FRAME-$SIZE_T*21`($sp)
+	$PUSH	$toc,`$FRAME-$SIZE_T*20`($sp)
+	$PUSH	r13,`$FRAME-$SIZE_T*19`($sp)
+	$PUSH	r14,`$FRAME-$SIZE_T*18`($sp)
+	$PUSH	r15,`$FRAME-$SIZE_T*17`($sp)
+	$PUSH	r16,`$FRAME-$SIZE_T*16`($sp)
+	$PUSH	r17,`$FRAME-$SIZE_T*15`($sp)
+	$PUSH	r18,`$FRAME-$SIZE_T*14`($sp)
+	$PUSH	r19,`$FRAME-$SIZE_T*13`($sp)
+	$PUSH	r20,`$FRAME-$SIZE_T*12`($sp)
+	$PUSH	r21,`$FRAME-$SIZE_T*11`($sp)
+	$PUSH	r22,`$FRAME-$SIZE_T*10`($sp)
+	$PUSH	r23,`$FRAME-$SIZE_T*9`($sp)
+	$PUSH	r24,`$FRAME-$SIZE_T*8`($sp)
+	$PUSH	r25,`$FRAME-$SIZE_T*7`($sp)
+	$PUSH	r26,`$FRAME-$SIZE_T*6`($sp)
+	$PUSH	r27,`$FRAME-$SIZE_T*5`($sp)
+	$PUSH	r28,`$FRAME-$SIZE_T*4`($sp)
+	$PUSH	r29,`$FRAME-$SIZE_T*3`($sp)
+	$PUSH	r30,`$FRAME-$SIZE_T*2`($sp)
+	$PUSH	r31,`$FRAME-$SIZE_T*1`($sp)
+
+	lwz	$s0,0($inp)
+	lwz	$s1,4($inp)
+	lwz	$s2,8($inp)
+	lwz	$s3,12($inp)
+	bl	LAES_Td
+	bl	Lppc_AES_decrypt_compact
+	stw	$s0,0($out)
+	stw	$s1,4($out)
+	stw	$s2,8($out)
+	stw	$s3,12($out)
+
+	$POP	r0,`$FRAME-$SIZE_T*21`($sp)
+	$POP	$toc,`$FRAME-$SIZE_T*20`($sp)
+	$POP	r13,`$FRAME-$SIZE_T*19`($sp)
+	$POP	r14,`$FRAME-$SIZE_T*18`($sp)
+	$POP	r15,`$FRAME-$SIZE_T*17`($sp)
+	$POP	r16,`$FRAME-$SIZE_T*16`($sp)
+	$POP	r17,`$FRAME-$SIZE_T*15`($sp)
+	$POP	r18,`$FRAME-$SIZE_T*14`($sp)
+	$POP	r19,`$FRAME-$SIZE_T*13`($sp)
+	$POP	r20,`$FRAME-$SIZE_T*12`($sp)
+	$POP	r21,`$FRAME-$SIZE_T*11`($sp)
+	$POP	r22,`$FRAME-$SIZE_T*10`($sp)
+	$POP	r23,`$FRAME-$SIZE_T*9`($sp)
+	$POP	r24,`$FRAME-$SIZE_T*8`($sp)
+	$POP	r25,`$FRAME-$SIZE_T*7`($sp)
+	$POP	r26,`$FRAME-$SIZE_T*6`($sp)
+	$POP	r27,`$FRAME-$SIZE_T*5`($sp)
+	$POP	r28,`$FRAME-$SIZE_T*4`($sp)
+	$POP	r29,`$FRAME-$SIZE_T*3`($sp)
+	$POP	r30,`$FRAME-$SIZE_T*2`($sp)
+	$POP	r31,`$FRAME-$SIZE_T*1`($sp)
+	mtlr	r0
+	addi	$sp,$sp,$FRAME
+	blr
+
+.align	4
+Lppc_AES_decrypt:
+	lwz	$acc00,240($key)
+	lwz	$t0,0($key)
+	lwz	$t1,4($key)
+	lwz	$t2,8($key)
+	lwz	$t3,12($key)
+	addi	$Tbl1,$Tbl0,3
+	addi	$Tbl2,$Tbl0,2
+	addi	$Tbl3,$Tbl0,1
+	addi	$acc00,$acc00,-1
+	addi	$key,$key,16
+	xor	$s0,$s0,$t0
+	xor	$s1,$s1,$t1
+	xor	$s2,$s2,$t2
+	xor	$s3,$s3,$t3
+	mtctr	$acc00
+.align	4
+Ldec_loop:
+	rlwinm	$acc00,$s0,`32-24+3`,21,28
+	rlwinm	$acc01,$s1,`32-24+3`,21,28
+	lwz	$t0,0($key)
+	lwz	$t1,4($key)
+	rlwinm	$acc02,$s2,`32-24+3`,21,28
+	rlwinm	$acc03,$s3,`32-24+3`,21,28
+	lwz	$t2,8($key)
+	lwz	$t3,12($key)
+	rlwinm	$acc04,$s3,`32-16+3`,21,28
+	rlwinm	$acc05,$s0,`32-16+3`,21,28
+	lwzx	$acc00,$Tbl0,$acc00
+	lwzx	$acc01,$Tbl0,$acc01
+	rlwinm	$acc06,$s1,`32-16+3`,21,28
+	rlwinm	$acc07,$s2,`32-16+3`,21,28
+	lwzx	$acc02,$Tbl0,$acc02
+	lwzx	$acc03,$Tbl0,$acc03
+	rlwinm	$acc08,$s2,`32-8+3`,21,28
+	rlwinm	$acc09,$s3,`32-8+3`,21,28
+	lwzx	$acc04,$Tbl1,$acc04
+	lwzx	$acc05,$Tbl1,$acc05
+	rlwinm	$acc10,$s0,`32-8+3`,21,28
+	rlwinm	$acc11,$s1,`32-8+3`,21,28
+	lwzx	$acc06,$Tbl1,$acc06
+	lwzx	$acc07,$Tbl1,$acc07
+	rlwinm	$acc12,$s1,`0+3`,21,28
+	rlwinm	$acc13,$s2,`0+3`,21,28
+	lwzx	$acc08,$Tbl2,$acc08
+	lwzx	$acc09,$Tbl2,$acc09
+	rlwinm	$acc14,$s3,`0+3`,21,28
+	rlwinm	$acc15,$s0,`0+3`,21,28
+	lwzx	$acc10,$Tbl2,$acc10
+	lwzx	$acc11,$Tbl2,$acc11
+	xor	$t0,$t0,$acc00
+	xor	$t1,$t1,$acc01
+	lwzx	$acc12,$Tbl3,$acc12
+	lwzx	$acc13,$Tbl3,$acc13
+	xor	$t2,$t2,$acc02
+	xor	$t3,$t3,$acc03
+	lwzx	$acc14,$Tbl3,$acc14
+	lwzx	$acc15,$Tbl3,$acc15
+	xor	$t0,$t0,$acc04
+	xor	$t1,$t1,$acc05
+	xor	$t2,$t2,$acc06
+	xor	$t3,$t3,$acc07
+	xor	$t0,$t0,$acc08
+	xor	$t1,$t1,$acc09
+	xor	$t2,$t2,$acc10
+	xor	$t3,$t3,$acc11
+	xor	$s0,$t0,$acc12
+	xor	$s1,$t1,$acc13
+	xor	$s2,$t2,$acc14
+	xor	$s3,$t3,$acc15
+	addi	$key,$key,16
+	bdnz-	Ldec_loop
+
+	addi	$Tbl2,$Tbl0,2048
+	nop
+	lwz	$acc08,`2048+0`($Tbl0)	! prefetch Td4
+	lwz	$acc09,`2048+32`($Tbl0)
+	lwz	$acc10,`2048+64`($Tbl0)
+	lwz	$acc11,`2048+96`($Tbl0)
+	lwz	$acc08,`2048+128`($Tbl0)
+	lwz	$acc09,`2048+160`($Tbl0)
+	lwz	$acc10,`2048+192`($Tbl0)
+	lwz	$acc11,`2048+224`($Tbl0)
+	rlwinm	$acc00,$s0,`32-24`,24,31
+	rlwinm	$acc01,$s1,`32-24`,24,31
+	lwz	$t0,0($key)
+	lwz	$t1,4($key)
+	rlwinm	$acc02,$s2,`32-24`,24,31
+	rlwinm	$acc03,$s3,`32-24`,24,31
+	lwz	$t2,8($key)
+	lwz	$t3,12($key)
+	rlwinm	$acc04,$s3,`32-16`,24,31
+	rlwinm	$acc05,$s0,`32-16`,24,31
+	lbzx	$acc00,$Tbl2,$acc00
+	lbzx	$acc01,$Tbl2,$acc01
+	rlwinm	$acc06,$s1,`32-16`,24,31
+	rlwinm	$acc07,$s2,`32-16`,24,31
+	lbzx	$acc02,$Tbl2,$acc02
+	lbzx	$acc03,$Tbl2,$acc03
+	rlwinm	$acc08,$s2,`32-8`,24,31
+	rlwinm	$acc09,$s3,`32-8`,24,31
+	lbzx	$acc04,$Tbl2,$acc04
+	lbzx	$acc05,$Tbl2,$acc05
+	rlwinm	$acc10,$s0,`32-8`,24,31
+	rlwinm	$acc11,$s1,`32-8`,24,31
+	lbzx	$acc06,$Tbl2,$acc06
+	lbzx	$acc07,$Tbl2,$acc07
+	rlwinm	$acc12,$s1,`0`,24,31
+	rlwinm	$acc13,$s2,`0`,24,31
+	lbzx	$acc08,$Tbl2,$acc08
+	lbzx	$acc09,$Tbl2,$acc09
+	rlwinm	$acc14,$s3,`0`,24,31
+	rlwinm	$acc15,$s0,`0`,24,31
+	lbzx	$acc10,$Tbl2,$acc10
+	lbzx	$acc11,$Tbl2,$acc11
+	rlwinm	$s0,$acc00,24,0,7
+	rlwinm	$s1,$acc01,24,0,7
+	lbzx	$acc12,$Tbl2,$acc12
+	lbzx	$acc13,$Tbl2,$acc13
+	rlwinm	$s2,$acc02,24,0,7
+	rlwinm	$s3,$acc03,24,0,7
+	lbzx	$acc14,$Tbl2,$acc14
+	lbzx	$acc15,$Tbl2,$acc15
+	rlwimi	$s0,$acc04,16,8,15
+	rlwimi	$s1,$acc05,16,8,15
+	rlwimi	$s2,$acc06,16,8,15
+	rlwimi	$s3,$acc07,16,8,15
+	rlwimi	$s0,$acc08,8,16,23
+	rlwimi	$s1,$acc09,8,16,23
+	rlwimi	$s2,$acc10,8,16,23
+	rlwimi	$s3,$acc11,8,16,23
+	or	$s0,$s0,$acc12
+	or	$s1,$s1,$acc13
+	or	$s2,$s2,$acc14
+	or	$s3,$s3,$acc15
+	xor	$s0,$s0,$t0
+	xor	$s1,$s1,$t1
+	xor	$s2,$s2,$t2
+	xor	$s3,$s3,$t3
+	blr
+
+.align	4
+Lppc_AES_decrypt_compact:
+	lwz	$acc00,240($key)
+	lwz	$t0,0($key)
+	lwz	$t1,4($key)
+	lwz	$t2,8($key)
+	lwz	$t3,12($key)
+	addi	$Tbl1,$Tbl0,2048
+	lis	$mask80,0x8080
+	lis	$mask1b,0x1b1b
+	addi	$key,$key,16
+	ori	$mask80,$mask80,0x8080
+	ori	$mask1b,$mask1b,0x1b1b
+___
+$code.=<<___ if ($SIZE_T==8);
+	insrdi	$mask80,$mask80,32,0
+	insrdi	$mask1b,$mask1b,32,0
+___
+$code.=<<___;
+	mtctr	$acc00
+.align	4
+Ldec_compact_loop:
+	xor	$s0,$s0,$t0
+	xor	$s1,$s1,$t1
+	xor	$s2,$s2,$t2
+	xor	$s3,$s3,$t3
+	rlwinm	$acc00,$s0,`32-24`,24,31
+	rlwinm	$acc01,$s1,`32-24`,24,31
+	rlwinm	$acc02,$s2,`32-24`,24,31
+	rlwinm	$acc03,$s3,`32-24`,24,31
+	lbzx	$acc00,$Tbl1,$acc00
+	lbzx	$acc01,$Tbl1,$acc01
+	rlwinm	$acc04,$s3,`32-16`,24,31
+	rlwinm	$acc05,$s0,`32-16`,24,31
+	lbzx	$acc02,$Tbl1,$acc02
+	lbzx	$acc03,$Tbl1,$acc03
+	rlwinm	$acc06,$s1,`32-16`,24,31
+	rlwinm	$acc07,$s2,`32-16`,24,31
+	lbzx	$acc04,$Tbl1,$acc04
+	lbzx	$acc05,$Tbl1,$acc05
+	rlwinm	$acc08,$s2,`32-8`,24,31
+	rlwinm	$acc09,$s3,`32-8`,24,31
+	lbzx	$acc06,$Tbl1,$acc06
+	lbzx	$acc07,$Tbl1,$acc07
+	rlwinm	$acc10,$s0,`32-8`,24,31
+	rlwinm	$acc11,$s1,`32-8`,24,31
+	lbzx	$acc08,$Tbl1,$acc08
+	lbzx	$acc09,$Tbl1,$acc09
+	rlwinm	$acc12,$s1,`0`,24,31
+	rlwinm	$acc13,$s2,`0`,24,31
+	lbzx	$acc10,$Tbl1,$acc10
+	lbzx	$acc11,$Tbl1,$acc11
+	rlwinm	$acc14,$s3,`0`,24,31
+	rlwinm	$acc15,$s0,`0`,24,31
+	lbzx	$acc12,$Tbl1,$acc12
+	lbzx	$acc13,$Tbl1,$acc13
+	rlwinm	$s0,$acc00,24,0,7
+	rlwinm	$s1,$acc01,24,0,7
+	lbzx	$acc14,$Tbl1,$acc14
+	lbzx	$acc15,$Tbl1,$acc15
+	rlwinm	$s2,$acc02,24,0,7
+	rlwinm	$s3,$acc03,24,0,7
+	rlwimi	$s0,$acc04,16,8,15
+	rlwimi	$s1,$acc05,16,8,15
+	rlwimi	$s2,$acc06,16,8,15
+	rlwimi	$s3,$acc07,16,8,15
+	rlwimi	$s0,$acc08,8,16,23
+	rlwimi	$s1,$acc09,8,16,23
+	rlwimi	$s2,$acc10,8,16,23
+	rlwimi	$s3,$acc11,8,16,23
+	lwz	$t0,0($key)
+	lwz	$t1,4($key)
+	or	$s0,$s0,$acc12
+	or	$s1,$s1,$acc13
+	lwz	$t2,8($key)
+	lwz	$t3,12($key)
+	or	$s2,$s2,$acc14
+	or	$s3,$s3,$acc15
+
+	addi	$key,$key,16
+	bdz	Ldec_compact_done
+___
+$code.=<<___ if ($SIZE_T==8);
+	# vectorized permutation improves decrypt performance by 10%
+	insrdi	$s0,$s1,32,0
+	insrdi	$s2,$s3,32,0
+
+	and	$acc00,$s0,$mask80	# r1=r0&0x80808080
+	and	$acc02,$s2,$mask80
+	srdi	$acc04,$acc00,7		# r1>>7
+	srdi	$acc06,$acc02,7
+	andc	$acc08,$s0,$mask80	# r0&0x7f7f7f7f
+	andc	$acc10,$s2,$mask80
+	sub	$acc00,$acc00,$acc04	# r1-(r1>>7)
+	sub	$acc02,$acc02,$acc06
+	add	$acc08,$acc08,$acc08	# (r0&0x7f7f7f7f)<<1
+	add	$acc10,$acc10,$acc10
+	and	$acc00,$acc00,$mask1b	# (r1-(r1>>7))&0x1b1b1b1b
+	and	$acc02,$acc02,$mask1b
+	xor	$acc00,$acc00,$acc08	# r2
+	xor	$acc02,$acc02,$acc10
+
+	and	$acc04,$acc00,$mask80	# r1=r2&0x80808080
+	and	$acc06,$acc02,$mask80
+	srdi	$acc08,$acc04,7		# r1>>7
+	srdi	$acc10,$acc06,7
+	andc	$acc12,$acc00,$mask80	# r2&0x7f7f7f7f
+	andc	$acc14,$acc02,$mask80
+	sub	$acc04,$acc04,$acc08	# r1-(r1>>7)
+	sub	$acc06,$acc06,$acc10
+	add	$acc12,$acc12,$acc12	# (r2&0x7f7f7f7f)<<1
+	add	$acc14,$acc14,$acc14
+	and	$acc04,$acc04,$mask1b	# (r1-(r1>>7))&0x1b1b1b1b
+	and	$acc06,$acc06,$mask1b
+	xor	$acc04,$acc04,$acc12	# r4
+	xor	$acc06,$acc06,$acc14
+
+	and	$acc08,$acc04,$mask80	# r1=r4&0x80808080
+	and	$acc10,$acc06,$mask80
+	srdi	$acc12,$acc08,7		# r1>>7
+	srdi	$acc14,$acc10,7
+	sub	$acc08,$acc08,$acc12	# r1-(r1>>7)
+	sub	$acc10,$acc10,$acc14
+	andc	$acc12,$acc04,$mask80	# r4&0x7f7f7f7f
+	andc	$acc14,$acc06,$mask80
+	add	$acc12,$acc12,$acc12	# (r4&0x7f7f7f7f)<<1
+	add	$acc14,$acc14,$acc14
+	and	$acc08,$acc08,$mask1b	# (r1-(r1>>7))&0x1b1b1b1b
+	and	$acc10,$acc10,$mask1b
+	xor	$acc08,$acc08,$acc12	# r8
+	xor	$acc10,$acc10,$acc14
+
+	xor	$acc00,$acc00,$s0	# r2^r0
+	xor	$acc02,$acc02,$s2
+	xor	$acc04,$acc04,$s0	# r4^r0
+	xor	$acc06,$acc06,$s2
+
+	extrdi	$acc01,$acc00,32,0
+	extrdi	$acc03,$acc02,32,0
+	extrdi	$acc05,$acc04,32,0
+	extrdi	$acc07,$acc06,32,0
+	extrdi	$acc09,$acc08,32,0
+	extrdi	$acc11,$acc10,32,0
+___
+$code.=<<___ if ($SIZE_T==4);
+	and	$acc00,$s0,$mask80	# r1=r0&0x80808080
+	and	$acc01,$s1,$mask80
+	and	$acc02,$s2,$mask80
+	and	$acc03,$s3,$mask80
+	srwi	$acc04,$acc00,7		# r1>>7
+	srwi	$acc05,$acc01,7
+	srwi	$acc06,$acc02,7
+	srwi	$acc07,$acc03,7
+	andc	$acc08,$s0,$mask80	# r0&0x7f7f7f7f
+	andc	$acc09,$s1,$mask80
+	andc	$acc10,$s2,$mask80
+	andc	$acc11,$s3,$mask80
+	sub	$acc00,$acc00,$acc04	# r1-(r1>>7)
+	sub	$acc01,$acc01,$acc05
+	sub	$acc02,$acc02,$acc06
+	sub	$acc03,$acc03,$acc07
+	add	$acc08,$acc08,$acc08	# (r0&0x7f7f7f7f)<<1
+	add	$acc09,$acc09,$acc09
+	add	$acc10,$acc10,$acc10
+	add	$acc11,$acc11,$acc11
+	and	$acc00,$acc00,$mask1b	# (r1-(r1>>7))&0x1b1b1b1b
+	and	$acc01,$acc01,$mask1b
+	and	$acc02,$acc02,$mask1b
+	and	$acc03,$acc03,$mask1b
+	xor	$acc00,$acc00,$acc08	# r2
+	xor	$acc01,$acc01,$acc09
+	xor	$acc02,$acc02,$acc10
+	xor	$acc03,$acc03,$acc11
+
+	and	$acc04,$acc00,$mask80	# r1=r2&0x80808080
+	and	$acc05,$acc01,$mask80
+	and	$acc06,$acc02,$mask80
+	and	$acc07,$acc03,$mask80
+	srwi	$acc08,$acc04,7		# r1>>7
+	srwi	$acc09,$acc05,7
+	srwi	$acc10,$acc06,7
+	srwi	$acc11,$acc07,7
+	andc	$acc12,$acc00,$mask80	# r2&0x7f7f7f7f
+	andc	$acc13,$acc01,$mask80
+	andc	$acc14,$acc02,$mask80
+	andc	$acc15,$acc03,$mask80
+	sub	$acc04,$acc04,$acc08	# r1-(r1>>7)
+	sub	$acc05,$acc05,$acc09
+	sub	$acc06,$acc06,$acc10
+	sub	$acc07,$acc07,$acc11
+	add	$acc12,$acc12,$acc12	# (r2&0x7f7f7f7f)<<1
+	add	$acc13,$acc13,$acc13
+	add	$acc14,$acc14,$acc14
+	add	$acc15,$acc15,$acc15
+	and	$acc04,$acc04,$mask1b	# (r1-(r1>>7))&0x1b1b1b1b
+	and	$acc05,$acc05,$mask1b
+	and	$acc06,$acc06,$mask1b
+	and	$acc07,$acc07,$mask1b
+	xor	$acc04,$acc04,$acc12	# r4
+	xor	$acc05,$acc05,$acc13
+	xor	$acc06,$acc06,$acc14
+	xor	$acc07,$acc07,$acc15
+
+	and	$acc08,$acc04,$mask80	# r1=r4&0x80808080
+	and	$acc09,$acc05,$mask80
+	and	$acc10,$acc06,$mask80
+	and	$acc11,$acc07,$mask80
+	srwi	$acc12,$acc08,7		# r1>>7
+	srwi	$acc13,$acc09,7
+	srwi	$acc14,$acc10,7
+	srwi	$acc15,$acc11,7
+	sub	$acc08,$acc08,$acc12	# r1-(r1>>7)
+	sub	$acc09,$acc09,$acc13
+	sub	$acc10,$acc10,$acc14
+	sub	$acc11,$acc11,$acc15
+	andc	$acc12,$acc04,$mask80	# r4&0x7f7f7f7f
+	andc	$acc13,$acc05,$mask80
+	andc	$acc14,$acc06,$mask80
+	andc	$acc15,$acc07,$mask80
+	add	$acc12,$acc12,$acc12	# (r4&0x7f7f7f7f)<<1
+	add	$acc13,$acc13,$acc13
+	add	$acc14,$acc14,$acc14
+	add	$acc15,$acc15,$acc15
+	and	$acc08,$acc08,$mask1b	# (r1-(r1>>7))&0x1b1b1b1b
+	and	$acc09,$acc09,$mask1b
+	and	$acc10,$acc10,$mask1b
+	and	$acc11,$acc11,$mask1b
+	xor	$acc08,$acc08,$acc12	# r8
+	xor	$acc09,$acc09,$acc13
+	xor	$acc10,$acc10,$acc14
+	xor	$acc11,$acc11,$acc15
+
+	xor	$acc00,$acc00,$s0	# r2^r0
+	xor	$acc01,$acc01,$s1
+	xor	$acc02,$acc02,$s2
+	xor	$acc03,$acc03,$s3
+	xor	$acc04,$acc04,$s0	# r4^r0
+	xor	$acc05,$acc05,$s1
+	xor	$acc06,$acc06,$s2
+	xor	$acc07,$acc07,$s3
+___
+$code.=<<___;
+	rotrwi	$s0,$s0,8		# = ROTATE(r0,8)
+	rotrwi	$s1,$s1,8
+	rotrwi	$s2,$s2,8
+	rotrwi	$s3,$s3,8
+	xor	$s0,$s0,$acc00		# ^= r2^r0
+	xor	$s1,$s1,$acc01
+	xor	$s2,$s2,$acc02
+	xor	$s3,$s3,$acc03
+	xor	$acc00,$acc00,$acc08
+	xor	$acc01,$acc01,$acc09
+	xor	$acc02,$acc02,$acc10
+	xor	$acc03,$acc03,$acc11
+	xor	$s0,$s0,$acc04		# ^= r4^r0
+	xor	$s1,$s1,$acc05
+	xor	$s2,$s2,$acc06
+	xor	$s3,$s3,$acc07
+	rotrwi	$acc00,$acc00,24
+	rotrwi	$acc01,$acc01,24
+	rotrwi	$acc02,$acc02,24
+	rotrwi	$acc03,$acc03,24
+	xor	$acc04,$acc04,$acc08
+	xor	$acc05,$acc05,$acc09
+	xor	$acc06,$acc06,$acc10
+	xor	$acc07,$acc07,$acc11
+	xor	$s0,$s0,$acc08		# ^= r8 [^((r4^r0)^(r2^r0)=r4^r2)]
+	xor	$s1,$s1,$acc09
+	xor	$s2,$s2,$acc10
+	xor	$s3,$s3,$acc11
+	rotrwi	$acc04,$acc04,16
+	rotrwi	$acc05,$acc05,16
+	rotrwi	$acc06,$acc06,16
+	rotrwi	$acc07,$acc07,16
+	xor	$s0,$s0,$acc00		# ^= ROTATE(r8^r2^r0,24)
+	xor	$s1,$s1,$acc01
+	xor	$s2,$s2,$acc02
+	xor	$s3,$s3,$acc03
+	rotrwi	$acc08,$acc08,8
+	rotrwi	$acc09,$acc09,8
+	rotrwi	$acc10,$acc10,8
+	rotrwi	$acc11,$acc11,8
+	xor	$s0,$s0,$acc04		# ^= ROTATE(r8^r4^r0,16)
+	xor	$s1,$s1,$acc05
+	xor	$s2,$s2,$acc06
+	xor	$s3,$s3,$acc07
+	xor	$s0,$s0,$acc08		# ^= ROTATE(r8,8)	
+	xor	$s1,$s1,$acc09	
+	xor	$s2,$s2,$acc10	
+	xor	$s3,$s3,$acc11	
+
+	b	Ldec_compact_loop
+.align	4
+Ldec_compact_done:
+	xor	$s0,$s0,$t0
+	xor	$s1,$s1,$t1
+	xor	$s2,$s2,$t2
+	xor	$s3,$s3,$t3
+	blr
+.long	0
+.asciz	"AES for PPC, CRYPTOGAMS by <appro\@openssl.org>"
+.align	7
+___
+
+$code =~ s/\`([^\`]*)\`/eval $1/gem;
+print $code;
+close STDOUT;
diff --git a/crypto/aes/asm/aes-s390x.pl b/crypto/aes/asm/aes-s390x.pl
new file mode 100644
index 0000000000..7e01889298
--- /dev/null
+++ b/crypto/aes/asm/aes-s390x.pl
@@ -0,0 +1,1339 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# AES for s390x.
+
+# April 2007.
+#
+# Software performance improvement over gcc-generated code is ~70% and
+# in absolute terms is ~73 cycles per byte processed with 128-bit key.
+# You're likely to exclaim "why so slow?" Keep in mind that z-CPUs are
+# *strictly* in-order execution and issued instruction [in this case
+# load value from memory is critical] has to complete before execution
+# flow proceeds. S-boxes are compressed to 2KB[+256B].
+#
+# As for hardware acceleration support. It's basically a "teaser," as
+# it can and should be improved in several ways. Most notably support
+# for CBC is not utilized, nor multiple blocks are ever processed.
+# Then software key schedule can be postponed till hardware support
+# detection... Performance improvement over assembler is reportedly
+# ~2.5x, but can reach >8x [naturally on larger chunks] if proper
+# support is implemented.
+
+# May 2007.
+#
+# Implement AES_set_[en|de]crypt_key. Key schedule setup is avoided
+# for 128-bit keys, if hardware support is detected.
+
+# Januray 2009.
+#
+# Add support for hardware AES192/256 and reschedule instructions to
+# minimize/avoid Address Generation Interlock hazard and to favour
+# dual-issue z10 pipeline. This gave ~25% improvement on z10 and
+# almost 50% on z9. The gain is smaller on z10, because being dual-
+# issue z10 makes it improssible to eliminate the interlock condition:
+# critial path is not long enough. Yet it spends ~24 cycles per byte
+# processed with 128-bit key.
+#
+# Unlike previous version hardware support detection takes place only
+# at the moment of key schedule setup, which is denoted in key->rounds.
+# This is done, because deferred key setup can't be made MT-safe, not
+# for key lengthes longer than 128 bits.
+#
+# Add AES_cbc_encrypt, which gives incredible performance improvement,
+# it was measured to be ~6.6x. It's less than previously mentioned 8x,
+# because software implementation was optimized.
+
+$softonly=0;	# allow hardware support
+
+$t0="%r0";	$mask="%r0";
+$t1="%r1";
+$t2="%r2";	$inp="%r2";
+$t3="%r3";	$out="%r3";	$bits="%r3";
+$key="%r4";
+$i1="%r5";
+$i2="%r6";
+$i3="%r7";
+$s0="%r8";
+$s1="%r9";
+$s2="%r10";
+$s3="%r11";
+$tbl="%r12";
+$rounds="%r13";
+$ra="%r14";
+$sp="%r15";
+
+sub _data_word()
+{ my $i;
+    while(defined($i=shift)) { $code.=sprintf".long\t0x%08x,0x%08x\n",$i,$i; }
+}
+
+$code=<<___;
+.text
+
+.type	AES_Te,\@object
+.align	256
+AES_Te:
+___
+&_data_word(
+	0xc66363a5, 0xf87c7c84, 0xee777799, 0xf67b7b8d,
+	0xfff2f20d, 0xd66b6bbd, 0xde6f6fb1, 0x91c5c554,
+	0x60303050, 0x02010103, 0xce6767a9, 0x562b2b7d,
+	0xe7fefe19, 0xb5d7d762, 0x4dababe6, 0xec76769a,
+	0x8fcaca45, 0x1f82829d, 0x89c9c940, 0xfa7d7d87,
+	0xeffafa15, 0xb25959eb, 0x8e4747c9, 0xfbf0f00b,
+	0x41adadec, 0xb3d4d467, 0x5fa2a2fd, 0x45afafea,
+	0x239c9cbf, 0x53a4a4f7, 0xe4727296, 0x9bc0c05b,
+	0x75b7b7c2, 0xe1fdfd1c, 0x3d9393ae, 0x4c26266a,
+	0x6c36365a, 0x7e3f3f41, 0xf5f7f702, 0x83cccc4f,
+	0x6834345c, 0x51a5a5f4, 0xd1e5e534, 0xf9f1f108,
+	0xe2717193, 0xabd8d873, 0x62313153, 0x2a15153f,
+	0x0804040c, 0x95c7c752, 0x46232365, 0x9dc3c35e,
+	0x30181828, 0x379696a1, 0x0a05050f, 0x2f9a9ab5,
+	0x0e070709, 0x24121236, 0x1b80809b, 0xdfe2e23d,
+	0xcdebeb26, 0x4e272769, 0x7fb2b2cd, 0xea75759f,
+	0x1209091b, 0x1d83839e, 0x582c2c74, 0x341a1a2e,
+	0x361b1b2d, 0xdc6e6eb2, 0xb45a5aee, 0x5ba0a0fb,
+	0xa45252f6, 0x763b3b4d, 0xb7d6d661, 0x7db3b3ce,
+	0x5229297b, 0xdde3e33e, 0x5e2f2f71, 0x13848497,
+	0xa65353f5, 0xb9d1d168, 0x00000000, 0xc1eded2c,
+	0x40202060, 0xe3fcfc1f, 0x79b1b1c8, 0xb65b5bed,
+	0xd46a6abe, 0x8dcbcb46, 0x67bebed9, 0x7239394b,
+	0x944a4ade, 0x984c4cd4, 0xb05858e8, 0x85cfcf4a,
+	0xbbd0d06b, 0xc5efef2a, 0x4faaaae5, 0xedfbfb16,
+	0x864343c5, 0x9a4d4dd7, 0x66333355, 0x11858594,
+	0x8a4545cf, 0xe9f9f910, 0x04020206, 0xfe7f7f81,
+	0xa05050f0, 0x783c3c44, 0x259f9fba, 0x4ba8a8e3,
+	0xa25151f3, 0x5da3a3fe, 0x804040c0, 0x058f8f8a,
+	0x3f9292ad, 0x219d9dbc, 0x70383848, 0xf1f5f504,
+	0x63bcbcdf, 0x77b6b6c1, 0xafdada75, 0x42212163,
+	0x20101030, 0xe5ffff1a, 0xfdf3f30e, 0xbfd2d26d,
+	0x81cdcd4c, 0x180c0c14, 0x26131335, 0xc3ecec2f,
+	0xbe5f5fe1, 0x359797a2, 0x884444cc, 0x2e171739,
+	0x93c4c457, 0x55a7a7f2, 0xfc7e7e82, 0x7a3d3d47,
+	0xc86464ac, 0xba5d5de7, 0x3219192b, 0xe6737395,
+	0xc06060a0, 0x19818198, 0x9e4f4fd1, 0xa3dcdc7f,
+	0x44222266, 0x542a2a7e, 0x3b9090ab, 0x0b888883,
+	0x8c4646ca, 0xc7eeee29, 0x6bb8b8d3, 0x2814143c,
+	0xa7dede79, 0xbc5e5ee2, 0x160b0b1d, 0xaddbdb76,
+	0xdbe0e03b, 0x64323256, 0x743a3a4e, 0x140a0a1e,
+	0x924949db, 0x0c06060a, 0x4824246c, 0xb85c5ce4,
+	0x9fc2c25d, 0xbdd3d36e, 0x43acacef, 0xc46262a6,
+	0x399191a8, 0x319595a4, 0xd3e4e437, 0xf279798b,
+	0xd5e7e732, 0x8bc8c843, 0x6e373759, 0xda6d6db7,
+	0x018d8d8c, 0xb1d5d564, 0x9c4e4ed2, 0x49a9a9e0,
+	0xd86c6cb4, 0xac5656fa, 0xf3f4f407, 0xcfeaea25,
+	0xca6565af, 0xf47a7a8e, 0x47aeaee9, 0x10080818,
+	0x6fbabad5, 0xf0787888, 0x4a25256f, 0x5c2e2e72,
+	0x381c1c24, 0x57a6a6f1, 0x73b4b4c7, 0x97c6c651,
+	0xcbe8e823, 0xa1dddd7c, 0xe874749c, 0x3e1f1f21,
+	0x964b4bdd, 0x61bdbddc, 0x0d8b8b86, 0x0f8a8a85,
+	0xe0707090, 0x7c3e3e42, 0x71b5b5c4, 0xcc6666aa,
+	0x904848d8, 0x06030305, 0xf7f6f601, 0x1c0e0e12,
+	0xc26161a3, 0x6a35355f, 0xae5757f9, 0x69b9b9d0,
+	0x17868691, 0x99c1c158, 0x3a1d1d27, 0x279e9eb9,
+	0xd9e1e138, 0xebf8f813, 0x2b9898b3, 0x22111133,
+	0xd26969bb, 0xa9d9d970, 0x078e8e89, 0x339494a7,
+	0x2d9b9bb6, 0x3c1e1e22, 0x15878792, 0xc9e9e920,
+	0x87cece49, 0xaa5555ff, 0x50282878, 0xa5dfdf7a,
+	0x038c8c8f, 0x59a1a1f8, 0x09898980, 0x1a0d0d17,
+	0x65bfbfda, 0xd7e6e631, 0x844242c6, 0xd06868b8,
+	0x824141c3, 0x299999b0, 0x5a2d2d77, 0x1e0f0f11,
+	0x7bb0b0cb, 0xa85454fc, 0x6dbbbbd6, 0x2c16163a);
+$code.=<<___;
+# Te4[256]
+.byte	0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5
+.byte	0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76
+.byte	0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0
+.byte	0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0
+.byte	0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc
+.byte	0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15
+.byte	0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a
+.byte	0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75
+.byte	0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0
+.byte	0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84
+.byte	0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b
+.byte	0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf
+.byte	0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85
+.byte	0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8
+.byte	0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5
+.byte	0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2
+.byte	0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17
+.byte	0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73
+.byte	0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88
+.byte	0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb
+.byte	0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c
+.byte	0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79
+.byte	0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9
+.byte	0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08
+.byte	0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6
+.byte	0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a
+.byte	0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e
+.byte	0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e
+.byte	0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94
+.byte	0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf
+.byte	0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68
+.byte	0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16
+# rcon[]
+.long	0x01000000, 0x02000000, 0x04000000, 0x08000000
+.long	0x10000000, 0x20000000, 0x40000000, 0x80000000
+.long	0x1B000000, 0x36000000, 0, 0, 0, 0, 0, 0
+.align	256
+.size	AES_Te,.-AES_Te
+
+# void AES_encrypt(const unsigned char *inp, unsigned char *out,
+# 		 const AES_KEY *key) {
+.globl	AES_encrypt
+.type	AES_encrypt,\@function
+AES_encrypt:
+___
+$code.=<<___ if (!$softonly);
+	l	%r0,240($key)
+	lhi	%r1,16
+	clr	%r0,%r1
+	jl	.Lesoft
+
+	la	%r1,0($key)
+	#la	%r2,0($inp)
+	la	%r4,0($out)
+	lghi	%r3,16		# single block length
+	.long	0xb92e0042	# km %r4,%r2
+	brc	1,.-4		# can this happen?
+	br	%r14
+.align	64
+.Lesoft:
+___
+$code.=<<___;
+	stmg	%r3,$ra,24($sp)
+
+	llgf	$s0,0($inp)
+	llgf	$s1,4($inp)
+	llgf	$s2,8($inp)
+	llgf	$s3,12($inp)
+
+	larl	$tbl,AES_Te
+	bras	$ra,_s390x_AES_encrypt
+
+	lg	$out,24($sp)
+	st	$s0,0($out)
+	st	$s1,4($out)
+	st	$s2,8($out)
+	st	$s3,12($out)
+
+	lmg	%r6,$ra,48($sp)
+	br	$ra
+.size	AES_encrypt,.-AES_encrypt
+
+.type   _s390x_AES_encrypt,\@function
+.align	16
+_s390x_AES_encrypt:
+	stg	$ra,152($sp)
+	x	$s0,0($key)
+	x	$s1,4($key)
+	x	$s2,8($key)
+	x	$s3,12($key)
+	l	$rounds,240($key)
+	llill	$mask,`0xff<<3`
+	aghi	$rounds,-1
+	j	.Lenc_loop
+.align	16
+.Lenc_loop:
+	sllg	$t1,$s0,`0+3`
+	srlg	$t2,$s0,`8-3`
+	srlg	$t3,$s0,`16-3`
+	srl	$s0,`24-3`
+	nr	$s0,$mask
+	ngr	$t1,$mask
+	nr	$t2,$mask
+	nr	$t3,$mask
+
+	srlg	$i1,$s1,`16-3`	# i0
+	sllg	$i2,$s1,`0+3`
+	srlg	$i3,$s1,`8-3`
+	srl	$s1,`24-3`
+	nr	$i1,$mask
+	nr	$s1,$mask
+	ngr	$i2,$mask
+	nr	$i3,$mask
+
+	l	$s0,0($s0,$tbl)	# Te0[s0>>24]
+	l	$t1,1($t1,$tbl)	# Te3[s0>>0]
+	l	$t2,2($t2,$tbl) # Te2[s0>>8]
+	l	$t3,3($t3,$tbl)	# Te1[s0>>16]
+
+	x	$s0,3($i1,$tbl)	# Te1[s1>>16]
+	l	$s1,0($s1,$tbl)	# Te0[s1>>24]
+	x	$t2,1($i2,$tbl)	# Te3[s1>>0]
+	x	$t3,2($i3,$tbl)	# Te2[s1>>8]
+
+	srlg	$i1,$s2,`8-3`	# i0
+	srlg	$i2,$s2,`16-3`	# i1
+	nr	$i1,$mask
+	nr	$i2,$mask
+	sllg	$i3,$s2,`0+3`
+	srl	$s2,`24-3`
+	nr	$s2,$mask
+	ngr	$i3,$mask
+
+	xr	$s1,$t1
+	srlg	$ra,$s3,`8-3`	# i1
+	sllg	$t1,$s3,`0+3`	# i0
+	nr	$ra,$mask
+	la	$key,16($key)
+	ngr	$t1,$mask
+
+	x	$s0,2($i1,$tbl)	# Te2[s2>>8]
+	x	$s1,3($i2,$tbl)	# Te1[s2>>16]
+	l	$s2,0($s2,$tbl)	# Te0[s2>>24]
+	x	$t3,1($i3,$tbl)	# Te3[s2>>0]
+
+	srlg	$i3,$s3,`16-3`	# i2
+	xr	$s2,$t2
+	srl	$s3,`24-3`
+	nr	$i3,$mask
+	nr	$s3,$mask
+
+	x	$s0,0($key)
+	x	$s1,4($key)
+	x	$s2,8($key)
+	x	$t3,12($key)
+
+	x	$s0,1($t1,$tbl)	# Te3[s3>>0]
+	x	$s1,2($ra,$tbl)	# Te2[s3>>8]
+	x	$s2,3($i3,$tbl)	# Te1[s3>>16]
+	l	$s3,0($s3,$tbl)	# Te0[s3>>24]
+	xr	$s3,$t3
+
+	brct	$rounds,.Lenc_loop
+	.align	16
+
+	sllg	$t1,$s0,`0+3`
+	srlg	$t2,$s0,`8-3`
+	ngr	$t1,$mask
+	srlg	$t3,$s0,`16-3`
+	srl	$s0,`24-3`
+	nr	$s0,$mask
+	nr	$t2,$mask
+	nr	$t3,$mask
+
+	srlg	$i1,$s1,`16-3`	# i0
+	sllg	$i2,$s1,`0+3`
+	ngr	$i2,$mask
+	srlg	$i3,$s1,`8-3`
+	srl	$s1,`24-3`
+	nr	$i1,$mask
+	nr	$s1,$mask
+	nr	$i3,$mask
+
+	llgc	$s0,2($s0,$tbl)	# Te4[s0>>24]
+	llgc	$t1,2($t1,$tbl)	# Te4[s0>>0]
+	sll	$s0,24
+	llgc	$t2,2($t2,$tbl)	# Te4[s0>>8]
+	llgc	$t3,2($t3,$tbl)	# Te4[s0>>16]
+	sll	$t2,8
+	sll	$t3,16
+
+	llgc	$i1,2($i1,$tbl)	# Te4[s1>>16]
+	llgc	$s1,2($s1,$tbl)	# Te4[s1>>24]
+	llgc	$i2,2($i2,$tbl)	# Te4[s1>>0]
+	llgc	$i3,2($i3,$tbl)	# Te4[s1>>8]
+	sll	$i1,16
+	sll	$s1,24
+	sll	$i3,8
+	or	$s0,$i1
+	or	$s1,$t1
+	or	$t2,$i2
+	or	$t3,$i3
+	
+	srlg	$i1,$s2,`8-3`	# i0
+	srlg	$i2,$s2,`16-3`	# i1
+	nr	$i1,$mask
+	nr	$i2,$mask
+	sllg	$i3,$s2,`0+3`
+	srl	$s2,`24-3`
+	ngr	$i3,$mask
+	nr	$s2,$mask
+
+	sllg	$t1,$s3,`0+3`	# i0
+	srlg	$ra,$s3,`8-3`	# i1
+	ngr	$t1,$mask
+
+	llgc	$i1,2($i1,$tbl)	# Te4[s2>>8]
+	llgc	$i2,2($i2,$tbl)	# Te4[s2>>16]
+	sll	$i1,8
+	llgc	$s2,2($s2,$tbl)	# Te4[s2>>24]
+	llgc	$i3,2($i3,$tbl)	# Te4[s2>>0]
+	sll	$i2,16
+	nr	$ra,$mask
+	sll	$s2,24
+	or	$s0,$i1
+	or	$s1,$i2
+	or	$s2,$t2
+	or	$t3,$i3
+
+	srlg	$i3,$s3,`16-3`	# i2
+	srl	$s3,`24-3`
+	nr	$i3,$mask
+	nr	$s3,$mask
+
+	l	$t0,16($key)
+	l	$t2,20($key)
+
+	llgc	$i1,2($t1,$tbl)	# Te4[s3>>0]
+	llgc	$i2,2($ra,$tbl)	# Te4[s3>>8]
+	llgc	$i3,2($i3,$tbl)	# Te4[s3>>16]
+	llgc	$s3,2($s3,$tbl)	# Te4[s3>>24]
+	sll	$i2,8
+	sll	$i3,16
+	sll	$s3,24
+	or	$s0,$i1
+	or	$s1,$i2
+	or	$s2,$i3
+	or	$s3,$t3
+
+	lg	$ra,152($sp)
+	xr	$s0,$t0
+	xr	$s1,$t2
+	x	$s2,24($key)
+	x	$s3,28($key)
+
+	br	$ra	
+.size	_s390x_AES_encrypt,.-_s390x_AES_encrypt
+___
+
+$code.=<<___;
+.type	AES_Td,\@object
+.align	256
+AES_Td:
+___
+&_data_word(
+	0x51f4a750, 0x7e416553, 0x1a17a4c3, 0x3a275e96,
+	0x3bab6bcb, 0x1f9d45f1, 0xacfa58ab, 0x4be30393,
+	0x2030fa55, 0xad766df6, 0x88cc7691, 0xf5024c25,
+	0x4fe5d7fc, 0xc52acbd7, 0x26354480, 0xb562a38f,
+	0xdeb15a49, 0x25ba1b67, 0x45ea0e98, 0x5dfec0e1,
+	0xc32f7502, 0x814cf012, 0x8d4697a3, 0x6bd3f9c6,
+	0x038f5fe7, 0x15929c95, 0xbf6d7aeb, 0x955259da,
+	0xd4be832d, 0x587421d3, 0x49e06929, 0x8ec9c844,
+	0x75c2896a, 0xf48e7978, 0x99583e6b, 0x27b971dd,
+	0xbee14fb6, 0xf088ad17, 0xc920ac66, 0x7dce3ab4,
+	0x63df4a18, 0xe51a3182, 0x97513360, 0x62537f45,
+	0xb16477e0, 0xbb6bae84, 0xfe81a01c, 0xf9082b94,
+	0x70486858, 0x8f45fd19, 0x94de6c87, 0x527bf8b7,
+	0xab73d323, 0x724b02e2, 0xe31f8f57, 0x6655ab2a,
+	0xb2eb2807, 0x2fb5c203, 0x86c57b9a, 0xd33708a5,
+	0x302887f2, 0x23bfa5b2, 0x02036aba, 0xed16825c,
+	0x8acf1c2b, 0xa779b492, 0xf307f2f0, 0x4e69e2a1,
+	0x65daf4cd, 0x0605bed5, 0xd134621f, 0xc4a6fe8a,
+	0x342e539d, 0xa2f355a0, 0x058ae132, 0xa4f6eb75,
+	0x0b83ec39, 0x4060efaa, 0x5e719f06, 0xbd6e1051,
+	0x3e218af9, 0x96dd063d, 0xdd3e05ae, 0x4de6bd46,
+	0x91548db5, 0x71c45d05, 0x0406d46f, 0x605015ff,
+	0x1998fb24, 0xd6bde997, 0x894043cc, 0x67d99e77,
+	0xb0e842bd, 0x07898b88, 0xe7195b38, 0x79c8eedb,
+	0xa17c0a47, 0x7c420fe9, 0xf8841ec9, 0x00000000,
+	0x09808683, 0x322bed48, 0x1e1170ac, 0x6c5a724e,
+	0xfd0efffb, 0x0f853856, 0x3daed51e, 0x362d3927,
+	0x0a0fd964, 0x685ca621, 0x9b5b54d1, 0x24362e3a,
+	0x0c0a67b1, 0x9357e70f, 0xb4ee96d2, 0x1b9b919e,
+	0x80c0c54f, 0x61dc20a2, 0x5a774b69, 0x1c121a16,
+	0xe293ba0a, 0xc0a02ae5, 0x3c22e043, 0x121b171d,
+	0x0e090d0b, 0xf28bc7ad, 0x2db6a8b9, 0x141ea9c8,
+	0x57f11985, 0xaf75074c, 0xee99ddbb, 0xa37f60fd,
+	0xf701269f, 0x5c72f5bc, 0x44663bc5, 0x5bfb7e34,
+	0x8b432976, 0xcb23c6dc, 0xb6edfc68, 0xb8e4f163,
+	0xd731dcca, 0x42638510, 0x13972240, 0x84c61120,
+	0x854a247d, 0xd2bb3df8, 0xaef93211, 0xc729a16d,
+	0x1d9e2f4b, 0xdcb230f3, 0x0d8652ec, 0x77c1e3d0,
+	0x2bb3166c, 0xa970b999, 0x119448fa, 0x47e96422,
+	0xa8fc8cc4, 0xa0f03f1a, 0x567d2cd8, 0x223390ef,
+	0x87494ec7, 0xd938d1c1, 0x8ccaa2fe, 0x98d40b36,
+	0xa6f581cf, 0xa57ade28, 0xdab78e26, 0x3fadbfa4,
+	0x2c3a9de4, 0x5078920d, 0x6a5fcc9b, 0x547e4662,
+	0xf68d13c2, 0x90d8b8e8, 0x2e39f75e, 0x82c3aff5,
+	0x9f5d80be, 0x69d0937c, 0x6fd52da9, 0xcf2512b3,
+	0xc8ac993b, 0x10187da7, 0xe89c636e, 0xdb3bbb7b,
+	0xcd267809, 0x6e5918f4, 0xec9ab701, 0x834f9aa8,
+	0xe6956e65, 0xaaffe67e, 0x21bccf08, 0xef15e8e6,
+	0xbae79bd9, 0x4a6f36ce, 0xea9f09d4, 0x29b07cd6,
+	0x31a4b2af, 0x2a3f2331, 0xc6a59430, 0x35a266c0,
+	0x744ebc37, 0xfc82caa6, 0xe090d0b0, 0x33a7d815,
+	0xf104984a, 0x41ecdaf7, 0x7fcd500e, 0x1791f62f,
+	0x764dd68d, 0x43efb04d, 0xccaa4d54, 0xe49604df,
+	0x9ed1b5e3, 0x4c6a881b, 0xc12c1fb8, 0x4665517f,
+	0x9d5eea04, 0x018c355d, 0xfa877473, 0xfb0b412e,
+	0xb3671d5a, 0x92dbd252, 0xe9105633, 0x6dd64713,
+	0x9ad7618c, 0x37a10c7a, 0x59f8148e, 0xeb133c89,
+	0xcea927ee, 0xb761c935, 0xe11ce5ed, 0x7a47b13c,
+	0x9cd2df59, 0x55f2733f, 0x1814ce79, 0x73c737bf,
+	0x53f7cdea, 0x5ffdaa5b, 0xdf3d6f14, 0x7844db86,
+	0xcaaff381, 0xb968c43e, 0x3824342c, 0xc2a3405f,
+	0x161dc372, 0xbce2250c, 0x283c498b, 0xff0d9541,
+	0x39a80171, 0x080cb3de, 0xd8b4e49c, 0x6456c190,
+	0x7bcb8461, 0xd532b670, 0x486c5c74, 0xd0b85742);
+$code.=<<___;
+# Td4[256]
+.byte	0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38
+.byte	0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb
+.byte	0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87
+.byte	0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb
+.byte	0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d
+.byte	0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e
+.byte	0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2
+.byte	0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25
+.byte	0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16
+.byte	0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92
+.byte	0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda
+.byte	0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84
+.byte	0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a
+.byte	0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06
+.byte	0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02
+.byte	0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b
+.byte	0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea
+.byte	0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73
+.byte	0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85
+.byte	0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e
+.byte	0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89
+.byte	0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b
+.byte	0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20
+.byte	0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4
+.byte	0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31
+.byte	0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f
+.byte	0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d
+.byte	0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef
+.byte	0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0
+.byte	0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61
+.byte	0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26
+.byte	0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d
+.size	AES_Td,.-AES_Td
+
+# void AES_decrypt(const unsigned char *inp, unsigned char *out,
+# 		 const AES_KEY *key) {
+.globl	AES_decrypt
+.type	AES_decrypt,\@function
+AES_decrypt:
+___
+$code.=<<___ if (!$softonly);
+	l	%r0,240($key)
+	lhi	%r1,16
+	clr	%r0,%r1
+	jl	.Ldsoft
+
+	la	%r1,0($key)
+	#la	%r2,0($inp)
+	la	%r4,0($out)
+	lghi	%r3,16		# single block length
+	.long	0xb92e0042	# km %r4,%r2
+	brc	1,.-4		# can this happen?
+	br	%r14
+.align	64
+.Ldsoft:
+___
+$code.=<<___;
+	stmg	%r3,$ra,24($sp)
+
+	llgf	$s0,0($inp)
+	llgf	$s1,4($inp)
+	llgf	$s2,8($inp)
+	llgf	$s3,12($inp)
+
+	larl	$tbl,AES_Td
+	bras	$ra,_s390x_AES_decrypt
+
+	lg	$out,24($sp)
+	st	$s0,0($out)
+	st	$s1,4($out)
+	st	$s2,8($out)
+	st	$s3,12($out)
+
+	lmg	%r6,$ra,48($sp)
+	br	$ra
+.size	AES_decrypt,.-AES_decrypt
+
+.type   _s390x_AES_decrypt,\@function
+.align	16
+_s390x_AES_decrypt:
+	stg	$ra,152($sp)
+	x	$s0,0($key)
+	x	$s1,4($key)
+	x	$s2,8($key)
+	x	$s3,12($key)
+	l	$rounds,240($key)
+	llill	$mask,`0xff<<3`
+	aghi	$rounds,-1
+	j	.Ldec_loop
+.align	16
+.Ldec_loop:
+	srlg	$t1,$s0,`16-3`
+	srlg	$t2,$s0,`8-3`
+	sllg	$t3,$s0,`0+3`
+	srl	$s0,`24-3`
+	nr	$s0,$mask
+	nr	$t1,$mask
+	nr	$t2,$mask
+	ngr	$t3,$mask
+
+	sllg	$i1,$s1,`0+3`	# i0
+	srlg	$i2,$s1,`16-3`
+	srlg	$i3,$s1,`8-3`
+	srl	$s1,`24-3`
+	ngr	$i1,$mask
+	nr	$s1,$mask
+	nr	$i2,$mask
+	nr	$i3,$mask
+
+	l	$s0,0($s0,$tbl)	# Td0[s0>>24]
+	l	$t1,3($t1,$tbl)	# Td1[s0>>16]
+	l	$t2,2($t2,$tbl)	# Td2[s0>>8]
+	l	$t3,1($t3,$tbl)	# Td3[s0>>0]
+
+	x	$s0,1($i1,$tbl)	# Td3[s1>>0]
+	l	$s1,0($s1,$tbl)	# Td0[s1>>24]
+	x	$t2,3($i2,$tbl)	# Td1[s1>>16]
+	x	$t3,2($i3,$tbl)	# Td2[s1>>8]
+
+	srlg	$i1,$s2,`8-3`	# i0
+	sllg	$i2,$s2,`0+3`	# i1
+	srlg	$i3,$s2,`16-3`
+	srl	$s2,`24-3`
+	nr	$i1,$mask
+	ngr	$i2,$mask
+	nr	$s2,$mask
+	nr	$i3,$mask
+
+	xr	$s1,$t1
+	srlg	$ra,$s3,`8-3`	# i1
+	srlg	$t1,$s3,`16-3`	# i0
+	nr	$ra,$mask
+	la	$key,16($key)
+	nr	$t1,$mask
+
+	x	$s0,2($i1,$tbl)	# Td2[s2>>8]
+	x	$s1,1($i2,$tbl)	# Td3[s2>>0]
+	l	$s2,0($s2,$tbl)	# Td0[s2>>24]
+	x	$t3,3($i3,$tbl)	# Td1[s2>>16]
+
+	sllg	$i3,$s3,`0+3`	# i2
+	srl	$s3,`24-3`
+	ngr	$i3,$mask
+	nr	$s3,$mask
+
+	xr	$s2,$t2
+	x	$s0,0($key)
+	x	$s1,4($key)
+	x	$s2,8($key)
+	x	$t3,12($key)
+
+	x	$s0,3($t1,$tbl)	# Td1[s3>>16]
+	x	$s1,2($ra,$tbl)	# Td2[s3>>8]
+	x	$s2,1($i3,$tbl)	# Td3[s3>>0]
+	l	$s3,0($s3,$tbl)	# Td0[s3>>24]
+	xr	$s3,$t3
+
+	brct	$rounds,.Ldec_loop
+	.align	16
+
+	l	$t1,`2048+0`($tbl)	# prefetch Td4
+	l	$t2,`2048+64`($tbl)
+	l	$t3,`2048+128`($tbl)
+	l	$i1,`2048+192`($tbl)
+	llill	$mask,0xff
+
+	srlg	$i3,$s0,24	# i0
+	srlg	$t1,$s0,16
+	srlg	$t2,$s0,8
+	nr	$s0,$mask	# i3
+	nr	$t1,$mask
+
+	srlg	$i1,$s1,24
+	nr	$t2,$mask
+	srlg	$i2,$s1,16
+	srlg	$ra,$s1,8
+	nr	$s1,$mask	# i0
+	nr	$i2,$mask
+	nr	$ra,$mask
+
+	llgc	$i3,2048($i3,$tbl)	# Td4[s0>>24]
+	llgc	$t1,2048($t1,$tbl)	# Td4[s0>>16]
+	llgc	$t2,2048($t2,$tbl)	# Td4[s0>>8]
+	sll	$t1,16
+	llgc	$t3,2048($s0,$tbl)	# Td4[s0>>0]
+	sllg	$s0,$i3,24
+	sll	$t2,8
+
+	llgc	$s1,2048($s1,$tbl)	# Td4[s1>>0]
+	llgc	$i1,2048($i1,$tbl)	# Td4[s1>>24]
+	llgc	$i2,2048($i2,$tbl)	# Td4[s1>>16]
+	sll	$i1,24
+	llgc	$i3,2048($ra,$tbl)	# Td4[s1>>8]
+	sll	$i2,16
+	sll	$i3,8
+	or	$s0,$s1
+	or	$t1,$i1
+	or	$t2,$i2
+	or	$t3,$i3
+
+	srlg	$i1,$s2,8	# i0
+	srlg	$i2,$s2,24
+	srlg	$i3,$s2,16
+	nr	$s2,$mask	# i1
+	nr	$i1,$mask
+	nr	$i3,$mask
+	llgc	$i1,2048($i1,$tbl)	# Td4[s2>>8]
+	llgc	$s1,2048($s2,$tbl)	# Td4[s2>>0]
+	llgc	$i2,2048($i2,$tbl)	# Td4[s2>>24]
+	llgc	$i3,2048($i3,$tbl)	# Td4[s2>>16]
+	sll	$i1,8
+	sll	$i2,24
+	or	$s0,$i1
+	sll	$i3,16
+	or	$t2,$i2
+	or	$t3,$i3
+
+	srlg	$i1,$s3,16	# i0
+	srlg	$i2,$s3,8	# i1
+	srlg	$i3,$s3,24
+	nr	$s3,$mask	# i2
+	nr	$i1,$mask
+	nr	$i2,$mask
+
+	lg	$ra,152($sp)
+	or	$s1,$t1
+	l	$t0,16($key)
+	l	$t1,20($key)
+
+	llgc	$i1,2048($i1,$tbl)	# Td4[s3>>16]
+	llgc	$i2,2048($i2,$tbl)	# Td4[s3>>8]
+	sll	$i1,16
+	llgc	$s2,2048($s3,$tbl)	# Td4[s3>>0]
+	llgc	$s3,2048($i3,$tbl)	# Td4[s3>>24]
+	sll	$i2,8
+	sll	$s3,24
+	or	$s0,$i1
+	or	$s1,$i2
+	or	$s2,$t2
+	or	$s3,$t3
+
+	xr	$s0,$t0
+	xr	$s1,$t1
+	x	$s2,24($key)
+	x	$s3,28($key)
+
+	br	$ra	
+.size	_s390x_AES_decrypt,.-_s390x_AES_decrypt
+___
+
+$code.=<<___;
+# void AES_set_encrypt_key(const unsigned char *in, int bits,
+# 		 AES_KEY *key) {
+.globl	AES_set_encrypt_key
+.type	AES_set_encrypt_key,\@function
+.align	16
+AES_set_encrypt_key:
+	lghi	$t0,0
+	clgr	$inp,$t0
+	je	.Lminus1
+	clgr	$key,$t0
+	je	.Lminus1
+
+	lghi	$t0,128
+	clr	$bits,$t0
+	je	.Lproceed
+	lghi	$t0,192
+	clr	$bits,$t0
+	je	.Lproceed
+	lghi	$t0,256
+	clr	$bits,$t0
+	je	.Lproceed
+	lghi	%r2,-2
+	br	%r14
+
+.align	16
+.Lproceed:
+___
+$code.=<<___ if (!$softonly);
+	# convert bits to km code, [128,192,256]->[18,19,20]
+	lhi	%r5,-128
+	lhi	%r0,18
+	ar	%r5,$bits
+	srl	%r5,6
+	ar	%r5,%r0
+
+	larl	%r1,OPENSSL_s390xcap_P
+	lg	%r0,0(%r1)
+	tmhl	%r0,0x4000	# check for message-security assist
+	jz	.Lekey_internal
+
+	lghi	%r0,0		# query capability vector
+	la	%r1,16($sp)
+	.long	0xb92f0042	# kmc %r4,%r2
+
+	llihh	%r1,0x8000
+	srlg	%r1,%r1,0(%r5)
+	ng	%r1,16($sp)
+	jz	.Lekey_internal
+
+	lmg	%r0,%r1,0($inp)	# just copy 128 bits...
+	stmg	%r0,%r1,0($key)
+	lhi	%r0,192
+	cr	$bits,%r0
+	jl	1f
+	lg	%r1,16($inp)
+	stg	%r1,16($key)
+	je	1f
+	lg	%r1,24($inp)
+	stg	%r1,24($key)
+1:	st	$bits,236($key)	# save bits
+	st	%r5,240($key)	# save km code
+	lghi	%r2,0
+	br	%r14
+___
+$code.=<<___;
+.align	16
+.Lekey_internal:
+	stmg	%r6,%r13,48($sp)	# all non-volatile regs
+
+	larl	$tbl,AES_Te+2048
+
+	llgf	$s0,0($inp)
+	llgf	$s1,4($inp)
+	llgf	$s2,8($inp)
+	llgf	$s3,12($inp)
+	st	$s0,0($key)
+	st	$s1,4($key)
+	st	$s2,8($key)
+	st	$s3,12($key)
+	lghi	$t0,128
+	cr	$bits,$t0
+	jne	.Lnot128
+
+	llill	$mask,0xff
+	lghi	$t3,0			# i=0
+	lghi	$rounds,10
+	st	$rounds,240($key)
+
+	llgfr	$t2,$s3			# temp=rk[3]
+	srlg	$i1,$s3,8
+	srlg	$i2,$s3,16
+	srlg	$i3,$s3,24
+	nr	$t2,$mask
+	nr	$i1,$mask
+	nr	$i2,$mask
+
+.align	16
+.L128_loop:
+	la	$t2,0($t2,$tbl)
+	la	$i1,0($i1,$tbl)
+	la	$i2,0($i2,$tbl)
+	la	$i3,0($i3,$tbl)
+	icm	$t2,2,0($t2)		# Te4[rk[3]>>0]<<8
+	icm	$t2,4,0($i1)		# Te4[rk[3]>>8]<<16
+	icm	$t2,8,0($i2)		# Te4[rk[3]>>16]<<24
+	icm	$t2,1,0($i3)		# Te4[rk[3]>>24]
+	x	$t2,256($t3,$tbl)	# rcon[i]
+	xr	$s0,$t2			# rk[4]=rk[0]^...
+	xr	$s1,$s0			# rk[5]=rk[1]^rk[4]
+	xr	$s2,$s1			# rk[6]=rk[2]^rk[5]
+	xr	$s3,$s2			# rk[7]=rk[3]^rk[6]
+
+	llgfr	$t2,$s3			# temp=rk[3]
+	srlg	$i1,$s3,8
+	srlg	$i2,$s3,16
+	nr	$t2,$mask
+	nr	$i1,$mask
+	srlg	$i3,$s3,24
+	nr	$i2,$mask
+
+	st	$s0,16($key)
+	st	$s1,20($key)
+	st	$s2,24($key)
+	st	$s3,28($key)
+	la	$key,16($key)		# key+=4
+	la	$t3,4($t3)		# i++
+	brct	$rounds,.L128_loop
+	lghi	%r2,0
+	lmg	%r6,%r13,48($sp)
+	br	$ra
+
+.align	16
+.Lnot128:
+	llgf	$t0,16($inp)
+	llgf	$t1,20($inp)
+	st	$t0,16($key)
+	st	$t1,20($key)
+	lghi	$t0,192
+	cr	$bits,$t0
+	jne	.Lnot192
+
+	llill	$mask,0xff
+	lghi	$t3,0			# i=0
+	lghi	$rounds,12
+	st	$rounds,240($key)
+	lghi	$rounds,8
+
+	srlg	$i1,$t1,8
+	srlg	$i2,$t1,16
+	srlg	$i3,$t1,24
+	nr	$t1,$mask
+	nr	$i1,$mask
+	nr	$i2,$mask
+
+.align	16
+.L192_loop:
+	la	$t1,0($t1,$tbl)
+	la	$i1,0($i1,$tbl)
+	la	$i2,0($i2,$tbl)
+	la	$i3,0($i3,$tbl)
+	icm	$t1,2,0($t1)		# Te4[rk[5]>>0]<<8
+	icm	$t1,4,0($i1)		# Te4[rk[5]>>8]<<16
+	icm	$t1,8,0($i2)		# Te4[rk[5]>>16]<<24
+	icm	$t1,1,0($i3)		# Te4[rk[5]>>24]
+	x	$t1,256($t3,$tbl)	# rcon[i]
+	xr	$s0,$t1			# rk[6]=rk[0]^...
+	xr	$s1,$s0			# rk[7]=rk[1]^rk[6]
+	xr	$s2,$s1			# rk[8]=rk[2]^rk[7]
+	xr	$s3,$s2			# rk[9]=rk[3]^rk[8]
+
+	st	$s0,24($key)
+	st	$s1,28($key)
+	st	$s2,32($key)
+	st	$s3,36($key)
+	brct	$rounds,.L192_continue
+	lghi	%r2,0
+	lmg	%r6,%r13,48($sp)
+	br	$ra
+
+.align	16
+.L192_continue:
+	lgr	$t1,$s3
+	x	$t1,16($key)		# rk[10]=rk[4]^rk[9]
+	st	$t1,40($key)
+	x	$t1,20($key)		# rk[11]=rk[5]^rk[10]
+	st	$t1,44($key)
+
+	srlg	$i1,$t1,8
+	srlg	$i2,$t1,16
+	srlg	$i3,$t1,24
+	nr	$t1,$mask
+	nr	$i1,$mask
+	nr	$i2,$mask
+
+	la	$key,24($key)		# key+=6
+	la	$t3,4($t3)		# i++
+	j	.L192_loop
+
+.align	16
+.Lnot192:
+	llgf	$t0,24($inp)
+	llgf	$t1,28($inp)
+	st	$t0,24($key)
+	st	$t1,28($key)
+	llill	$mask,0xff
+	lghi	$t3,0			# i=0
+	lghi	$rounds,14
+	st	$rounds,240($key)
+	lghi	$rounds,7
+
+	srlg	$i1,$t1,8
+	srlg	$i2,$t1,16
+	srlg	$i3,$t1,24
+	nr	$t1,$mask
+	nr	$i1,$mask
+	nr	$i2,$mask
+
+.align	16
+.L256_loop:
+	la	$t1,0($t1,$tbl)
+	la	$i1,0($i1,$tbl)
+	la	$i2,0($i2,$tbl)
+	la	$i3,0($i3,$tbl)
+	icm	$t1,2,0($t1)		# Te4[rk[7]>>0]<<8
+	icm	$t1,4,0($i1)		# Te4[rk[7]>>8]<<16
+	icm	$t1,8,0($i2)		# Te4[rk[7]>>16]<<24
+	icm	$t1,1,0($i3)		# Te4[rk[7]>>24]
+	x	$t1,256($t3,$tbl)	# rcon[i]
+	xr	$s0,$t1			# rk[8]=rk[0]^...
+	xr	$s1,$s0			# rk[9]=rk[1]^rk[8]
+	xr	$s2,$s1			# rk[10]=rk[2]^rk[9]
+	xr	$s3,$s2			# rk[11]=rk[3]^rk[10]
+	st	$s0,32($key)
+	st	$s1,36($key)
+	st	$s2,40($key)
+	st	$s3,44($key)
+	brct	$rounds,.L256_continue
+	lghi	%r2,0
+	lmg	%r6,%r13,48($sp)
+	br	$ra
+
+.align	16
+.L256_continue:
+	lgr	$t1,$s3			# temp=rk[11]
+	srlg	$i1,$s3,8
+	srlg	$i2,$s3,16
+	srlg	$i3,$s3,24
+	nr	$t1,$mask
+	nr	$i1,$mask
+	nr	$i2,$mask
+	la	$t1,0($t1,$tbl)
+	la	$i1,0($i1,$tbl)
+	la	$i2,0($i2,$tbl)
+	la	$i3,0($i3,$tbl)
+	llgc	$t1,0($t1)		# Te4[rk[11]>>0]
+	icm	$t1,2,0($i1)		# Te4[rk[11]>>8]<<8
+	icm	$t1,4,0($i2)		# Te4[rk[11]>>16]<<16
+	icm	$t1,8,0($i3)		# Te4[rk[11]>>24]<<24
+	x	$t1,16($key)		# rk[12]=rk[4]^...
+	st	$t1,48($key)
+	x	$t1,20($key)		# rk[13]=rk[5]^rk[12]
+	st	$t1,52($key)
+	x	$t1,24($key)		# rk[14]=rk[6]^rk[13]
+	st	$t1,56($key)
+	x	$t1,28($key)		# rk[15]=rk[7]^rk[14]
+	st	$t1,60($key)
+
+	srlg	$i1,$t1,8
+	srlg	$i2,$t1,16
+	srlg	$i3,$t1,24
+	nr	$t1,$mask
+	nr	$i1,$mask
+	nr	$i2,$mask
+
+	la	$key,32($key)		# key+=8
+	la	$t3,4($t3)		# i++
+	j	.L256_loop
+
+.Lminus1:
+	lghi	%r2,-1
+	br	$ra
+.size	AES_set_encrypt_key,.-AES_set_encrypt_key
+
+# void AES_set_decrypt_key(const unsigned char *in, int bits,
+# 		 AES_KEY *key) {
+.globl	AES_set_decrypt_key
+.type	AES_set_decrypt_key,\@function
+.align	16
+AES_set_decrypt_key:
+	stg	$key,32($sp)		# I rely on AES_set_encrypt_key to
+	stg	$ra,112($sp)		# save non-volatile registers!
+	bras	$ra,AES_set_encrypt_key
+	lg	$key,32($sp)
+	lg	$ra,112($sp)
+	ltgr	%r2,%r2
+	bnzr	$ra
+___
+$code.=<<___ if (!$softonly);
+	l	$t0,240($key)
+	lhi	$t1,16
+	cr	$t0,$t1
+	jl	.Lgo
+	oill	$t0,0x80	# set "decrypt" bit
+	st	$t0,240($key)
+	br	$ra
+
+.align	16
+.Ldkey_internal:
+	stg	$key,32($sp)
+	stg	$ra,40($sp)
+	bras	$ra,.Lekey_internal
+	lg	$key,32($sp)
+	lg	$ra,40($sp)
+___
+$code.=<<___;
+
+.Lgo:	llgf	$rounds,240($key)
+	la	$i1,0($key)
+	sllg	$i2,$rounds,4
+	la	$i2,0($i2,$key)
+	srl	$rounds,1
+	lghi	$t1,-16
+
+.align	16
+.Linv:	lmg	$s0,$s1,0($i1)
+	lmg	$s2,$s3,0($i2)
+	stmg	$s0,$s1,0($i2)
+	stmg	$s2,$s3,0($i1)
+	la	$i1,16($i1)
+	la	$i2,0($t1,$i2)
+	brct	$rounds,.Linv
+___
+$mask80=$i1;
+$mask1b=$i2;
+$maskfe=$i3;
+$code.=<<___;
+	llgf	$rounds,240($key)
+	aghi	$rounds,-1
+	sll	$rounds,2	# (rounds-1)*4
+	llilh	$mask80,0x8080
+	llilh	$mask1b,0x1b1b
+	llilh	$maskfe,0xfefe
+	oill	$mask80,0x8080
+	oill	$mask1b,0x1b1b
+	oill	$maskfe,0xfefe
+
+.align	16
+.Lmix:	l	$s0,16($key)	# tp1
+	lr	$s1,$s0
+	ngr	$s1,$mask80
+	srlg	$t1,$s1,7
+	slr	$s1,$t1
+	nr	$s1,$mask1b
+	sllg	$t1,$s0,1
+	nr	$t1,$maskfe
+	xr	$s1,$t1		# tp2
+
+	lr	$s2,$s1
+	ngr	$s2,$mask80
+	srlg	$t1,$s2,7
+	slr	$s2,$t1
+	nr	$s2,$mask1b
+	sllg	$t1,$s1,1
+	nr	$t1,$maskfe
+	xr	$s2,$t1		# tp4
+
+	lr	$s3,$s2
+	ngr	$s3,$mask80
+	srlg	$t1,$s3,7
+	slr	$s3,$t1
+	nr	$s3,$mask1b
+	sllg	$t1,$s2,1
+	nr	$t1,$maskfe
+	xr	$s3,$t1		# tp8
+
+	xr	$s1,$s0		# tp2^tp1
+	xr	$s2,$s0		# tp4^tp1
+	rll	$s0,$s0,24	# = ROTATE(tp1,8)
+	xr	$s2,$s3		# ^=tp8
+	xr	$s0,$s1		# ^=tp2^tp1
+	xr	$s1,$s3		# tp2^tp1^tp8
+	xr	$s0,$s2		# ^=tp4^tp1^tp8
+	rll	$s1,$s1,8
+	rll	$s2,$s2,16
+	xr	$s0,$s1		# ^= ROTATE(tp8^tp2^tp1,24)
+	rll	$s3,$s3,24
+	xr	$s0,$s2    	# ^= ROTATE(tp8^tp4^tp1,16)
+	xr	$s0,$s3		# ^= ROTATE(tp8,8)
+
+	st	$s0,16($key)
+	la	$key,4($key)
+	brct	$rounds,.Lmix
+
+	lmg	%r6,%r13,48($sp)# as was saved by AES_set_encrypt_key!
+	lghi	%r2,0
+	br	$ra
+.size	AES_set_decrypt_key,.-AES_set_decrypt_key
+___
+
+#void AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
+#                     size_t length, const AES_KEY *key,
+#                     unsigned char *ivec, const int enc)
+{
+my $inp="%r2";
+my $out="%r4";	# length and out are swapped
+my $len="%r3";
+my $key="%r5";
+my $ivp="%r6";
+
+$code.=<<___;
+.globl	AES_cbc_encrypt
+.type	AES_cbc_encrypt,\@function
+.align	16
+AES_cbc_encrypt:
+	xgr	%r3,%r4		# flip %r3 and %r4, out and len
+	xgr	%r4,%r3
+	xgr	%r3,%r4
+___
+$code.=<<___ if (!$softonly);
+	lhi	%r0,16
+	cl	%r0,240($key)
+	jh	.Lcbc_software
+
+	lg	%r0,0($ivp)	# copy ivec
+	lg	%r1,8($ivp)
+	stmg	%r0,%r1,16($sp)
+	lmg	%r0,%r1,0($key)	# copy key, cover 256 bit
+	stmg	%r0,%r1,32($sp)
+	lmg	%r0,%r1,16($key)
+	stmg	%r0,%r1,48($sp)
+	l	%r0,240($key)	# load kmc code
+	lghi	$key,15		# res=len%16, len-=res;
+	ngr	$key,$len
+	slgr	$len,$key
+	la	%r1,16($sp)	# parameter block - ivec || key
+	jz	.Lkmc_truncated
+	.long	0xb92f0042	# kmc %r4,%r2
+	brc	1,.-4		# pay attention to "partial completion"
+	ltr	$key,$key
+	jnz	.Lkmc_truncated
+.Lkmc_done:
+	lmg	%r0,%r1,16($sp)	# copy ivec to caller
+	stg	%r0,0($ivp)
+	stg	%r1,8($ivp)
+	br	$ra
+.align	16
+.Lkmc_truncated:
+	ahi	$key,-1		# it's the way it's encoded in mvc
+	tmll	%r0,0x80
+	jnz	.Lkmc_truncated_dec
+	lghi	%r1,0
+	stg	%r1,128($sp)
+	stg	%r1,136($sp)
+	bras	%r1,1f
+	mvc	128(1,$sp),0($inp)
+1:	ex	$key,0(%r1)
+	la	%r1,16($sp)	# restore parameter block
+	la	$inp,128($sp)
+	lghi	$len,16
+	.long	0xb92f0042	# kmc %r4,%r2
+	j	.Lkmc_done
+.align	16
+.Lkmc_truncated_dec:
+	stg	$out,64($sp)
+	la	$out,128($sp)
+	lghi	$len,16
+	.long	0xb92f0042	# kmc %r4,%r2
+	lg	$out,64($sp)
+	bras	%r1,2f
+	mvc	0(1,$out),128($sp)
+2:	ex	$key,0(%r1)
+	j	.Lkmc_done
+.align	16
+.Lcbc_software:
+___
+$code.=<<___;
+	stmg	$key,$ra,40($sp)
+	lhi	%r0,0
+	cl	%r0,164($sp)
+	je	.Lcbc_decrypt
+
+	larl	$tbl,AES_Te
+
+	llgf	$s0,0($ivp)
+	llgf	$s1,4($ivp)
+	llgf	$s2,8($ivp)
+	llgf	$s3,12($ivp)
+
+	lghi	$t0,16
+	slgr	$len,$t0
+	brc	4,.Lcbc_enc_tail	# if borrow
+.Lcbc_enc_loop:
+	stmg	$inp,$out,16($sp)
+	x	$s0,0($inp)
+	x	$s1,4($inp)
+	x	$s2,8($inp)
+	x	$s3,12($inp)
+	lgr	%r4,$key
+
+	bras	$ra,_s390x_AES_encrypt
+
+	lmg	$inp,$key,16($sp)
+	st	$s0,0($out)
+	st	$s1,4($out)
+	st	$s2,8($out)
+	st	$s3,12($out)
+
+	la	$inp,16($inp)
+	la	$out,16($out)
+	lghi	$t0,16
+	ltgr	$len,$len
+	jz	.Lcbc_enc_done
+	slgr	$len,$t0
+	brc	4,.Lcbc_enc_tail	# if borrow
+	j	.Lcbc_enc_loop
+.align	16
+.Lcbc_enc_done:
+	lg	$ivp,48($sp)
+	st	$s0,0($ivp)
+	st	$s1,4($ivp)	
+	st	$s2,8($ivp)
+	st	$s3,12($ivp)
+
+	lmg	%r7,$ra,56($sp)
+	br	$ra
+
+.align	16
+.Lcbc_enc_tail:
+	aghi	$len,15
+	lghi	$t0,0
+	stg	$t0,128($sp)
+	stg	$t0,136($sp)
+	bras	$t1,3f
+	mvc	128(1,$sp),0($inp)
+3:	ex	$len,0($t1)
+	lghi	$len,0
+	la	$inp,128($sp)
+	j	.Lcbc_enc_loop
+
+.align	16
+.Lcbc_decrypt:
+	larl	$tbl,AES_Td
+
+	lg	$t0,0($ivp)
+	lg	$t1,8($ivp)
+	stmg	$t0,$t1,128($sp)
+
+.Lcbc_dec_loop:
+	stmg	$inp,$out,16($sp)
+	llgf	$s0,0($inp)
+	llgf	$s1,4($inp)
+	llgf	$s2,8($inp)
+	llgf	$s3,12($inp)
+	lgr	%r4,$key
+
+	bras	$ra,_s390x_AES_decrypt
+
+	lmg	$inp,$key,16($sp)
+	sllg	$s0,$s0,32
+	sllg	$s2,$s2,32
+	lr	$s0,$s1
+	lr	$s2,$s3
+
+	lg	$t0,0($inp)
+	lg	$t1,8($inp)
+	xg	$s0,128($sp)
+	xg	$s2,136($sp)
+	lghi	$s1,16
+	slgr	$len,$s1
+	brc	4,.Lcbc_dec_tail	# if borrow
+	brc	2,.Lcbc_dec_done	# if zero
+	stg	$s0,0($out)
+	stg	$s2,8($out)
+	stmg	$t0,$t1,128($sp)
+
+	la	$inp,16($inp)
+	la	$out,16($out)
+	j	.Lcbc_dec_loop
+
+.Lcbc_dec_done:
+	stg	$s0,0($out)
+	stg	$s2,8($out)
+.Lcbc_dec_exit:
+	lmg	$ivp,$ra,48($sp)
+	stmg	$t0,$t1,0($ivp)
+
+	br	$ra
+
+.align	16
+.Lcbc_dec_tail:
+	aghi	$len,15
+	stg	$s0,128($sp)
+	stg	$s2,136($sp)
+	bras	$s1,4f
+	mvc	0(1,$out),128($sp)
+4:	ex	$len,0($s1)
+	j	.Lcbc_dec_exit
+.size	AES_cbc_encrypt,.-AES_cbc_encrypt
+.comm  OPENSSL_s390xcap_P,8,8
+___
+}
+$code.=<<___;
+.string	"AES for s390x, CRYPTOGAMS by <appro\@openssl.org>"
+___
+
+$code =~ s/\`([^\`]*)\`/eval $1/gem;
+print $code;
diff --git a/crypto/aes/asm/aes-sparcv9.pl b/crypto/aes/asm/aes-sparcv9.pl
new file mode 100755
index 0000000000..c57b3a2d6d
--- /dev/null
+++ b/crypto/aes/asm/aes-sparcv9.pl
@@ -0,0 +1,1181 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. Rights for redistribution and usage in source and binary
+# forms are granted according to the OpenSSL license.
+# ====================================================================
+#
+# Version 1.1
+#
+# The major reason for undertaken effort was to mitigate the hazard of
+# cache-timing attack. This is [currently and initially!] addressed in
+# two ways. 1. S-boxes are compressed from 5KB to 2KB+256B size each.
+# 2. References to them are scheduled for L2 cache latency, meaning
+# that the tables don't have to reside in L1 cache. Once again, this
+# is an initial draft and one should expect more countermeasures to
+# be implemented...
+#
+# Version 1.1 prefetches T[ed]4 in order to mitigate attack on last
+# round.
+#
+# Even though performance was not the primary goal [on the contrary,
+# extra shifts "induced" by compressed S-box and longer loop epilogue
+# "induced" by scheduling for L2 have negative effect on performance],
+# the code turned out to run in ~23 cycles per processed byte en-/
+# decrypted with 128-bit key. This is pretty good result for code
+# with mentioned qualities and UltraSPARC core. Compared to Sun C
+# generated code my encrypt procedure runs just few percents faster,
+# while decrypt one - whole 50% faster [yes, Sun C failed to generate
+# optimal decrypt procedure]. Compared to GNU C generated code both
+# procedures are more than 60% faster:-)
+
+$bits=32;
+for (@ARGV)	{ $bits=64 if (/\-m64/ || /\-xarch\=v9/); }
+if ($bits==64)	{ $bias=2047; $frame=192; }
+else		{ $bias=0;    $frame=112; }
+$locals=16;
+
+$acc0="%l0";
+$acc1="%o0";
+$acc2="%o1";
+$acc3="%o2";
+
+$acc4="%l1";
+$acc5="%o3";
+$acc6="%o4";
+$acc7="%o5";
+
+$acc8="%l2";
+$acc9="%o7";
+$acc10="%g1";
+$acc11="%g2";
+
+$acc12="%l3";
+$acc13="%g3";
+$acc14="%g4";
+$acc15="%g5";
+
+$t0="%l4";
+$t1="%l5";
+$t2="%l6";
+$t3="%l7";
+
+$s0="%i0";
+$s1="%i1";
+$s2="%i2";
+$s3="%i3";
+$tbl="%i4";
+$key="%i5";
+$rounds="%i7";	# aliases with return address, which is off-loaded to stack
+
+sub _data_word()
+{ my $i;
+    while(defined($i=shift)) { $code.=sprintf"\t.long\t0x%08x,0x%08x\n",$i,$i; }
+}
+
+$code.=<<___ if ($bits==64);
+.register	%g2,#scratch
+.register	%g3,#scratch
+___
+$code.=<<___;
+.section	".text",#alloc,#execinstr
+
+.align	256
+AES_Te:
+___
+&_data_word(
+	0xc66363a5, 0xf87c7c84, 0xee777799, 0xf67b7b8d,
+	0xfff2f20d, 0xd66b6bbd, 0xde6f6fb1, 0x91c5c554,
+	0x60303050, 0x02010103, 0xce6767a9, 0x562b2b7d,
+	0xe7fefe19, 0xb5d7d762, 0x4dababe6, 0xec76769a,
+	0x8fcaca45, 0x1f82829d, 0x89c9c940, 0xfa7d7d87,
+	0xeffafa15, 0xb25959eb, 0x8e4747c9, 0xfbf0f00b,
+	0x41adadec, 0xb3d4d467, 0x5fa2a2fd, 0x45afafea,
+	0x239c9cbf, 0x53a4a4f7, 0xe4727296, 0x9bc0c05b,
+	0x75b7b7c2, 0xe1fdfd1c, 0x3d9393ae, 0x4c26266a,
+	0x6c36365a, 0x7e3f3f41, 0xf5f7f702, 0x83cccc4f,
+	0x6834345c, 0x51a5a5f4, 0xd1e5e534, 0xf9f1f108,
+	0xe2717193, 0xabd8d873, 0x62313153, 0x2a15153f,
+	0x0804040c, 0x95c7c752, 0x46232365, 0x9dc3c35e,
+	0x30181828, 0x379696a1, 0x0a05050f, 0x2f9a9ab5,
+	0x0e070709, 0x24121236, 0x1b80809b, 0xdfe2e23d,
+	0xcdebeb26, 0x4e272769, 0x7fb2b2cd, 0xea75759f,
+	0x1209091b, 0x1d83839e, 0x582c2c74, 0x341a1a2e,
+	0x361b1b2d, 0xdc6e6eb2, 0xb45a5aee, 0x5ba0a0fb,
+	0xa45252f6, 0x763b3b4d, 0xb7d6d661, 0x7db3b3ce,
+	0x5229297b, 0xdde3e33e, 0x5e2f2f71, 0x13848497,
+	0xa65353f5, 0xb9d1d168, 0x00000000, 0xc1eded2c,
+	0x40202060, 0xe3fcfc1f, 0x79b1b1c8, 0xb65b5bed,
+	0xd46a6abe, 0x8dcbcb46, 0x67bebed9, 0x7239394b,
+	0x944a4ade, 0x984c4cd4, 0xb05858e8, 0x85cfcf4a,
+	0xbbd0d06b, 0xc5efef2a, 0x4faaaae5, 0xedfbfb16,
+	0x864343c5, 0x9a4d4dd7, 0x66333355, 0x11858594,
+	0x8a4545cf, 0xe9f9f910, 0x04020206, 0xfe7f7f81,
+	0xa05050f0, 0x783c3c44, 0x259f9fba, 0x4ba8a8e3,
+	0xa25151f3, 0x5da3a3fe, 0x804040c0, 0x058f8f8a,
+	0x3f9292ad, 0x219d9dbc, 0x70383848, 0xf1f5f504,
+	0x63bcbcdf, 0x77b6b6c1, 0xafdada75, 0x42212163,
+	0x20101030, 0xe5ffff1a, 0xfdf3f30e, 0xbfd2d26d,
+	0x81cdcd4c, 0x180c0c14, 0x26131335, 0xc3ecec2f,
+	0xbe5f5fe1, 0x359797a2, 0x884444cc, 0x2e171739,
+	0x93c4c457, 0x55a7a7f2, 0xfc7e7e82, 0x7a3d3d47,
+	0xc86464ac, 0xba5d5de7, 0x3219192b, 0xe6737395,
+	0xc06060a0, 0x19818198, 0x9e4f4fd1, 0xa3dcdc7f,
+	0x44222266, 0x542a2a7e, 0x3b9090ab, 0x0b888883,
+	0x8c4646ca, 0xc7eeee29, 0x6bb8b8d3, 0x2814143c,
+	0xa7dede79, 0xbc5e5ee2, 0x160b0b1d, 0xaddbdb76,
+	0xdbe0e03b, 0x64323256, 0x743a3a4e, 0x140a0a1e,
+	0x924949db, 0x0c06060a, 0x4824246c, 0xb85c5ce4,
+	0x9fc2c25d, 0xbdd3d36e, 0x43acacef, 0xc46262a6,
+	0x399191a8, 0x319595a4, 0xd3e4e437, 0xf279798b,
+	0xd5e7e732, 0x8bc8c843, 0x6e373759, 0xda6d6db7,
+	0x018d8d8c, 0xb1d5d564, 0x9c4e4ed2, 0x49a9a9e0,
+	0xd86c6cb4, 0xac5656fa, 0xf3f4f407, 0xcfeaea25,
+	0xca6565af, 0xf47a7a8e, 0x47aeaee9, 0x10080818,
+	0x6fbabad5, 0xf0787888, 0x4a25256f, 0x5c2e2e72,
+	0x381c1c24, 0x57a6a6f1, 0x73b4b4c7, 0x97c6c651,
+	0xcbe8e823, 0xa1dddd7c, 0xe874749c, 0x3e1f1f21,
+	0x964b4bdd, 0x61bdbddc, 0x0d8b8b86, 0x0f8a8a85,
+	0xe0707090, 0x7c3e3e42, 0x71b5b5c4, 0xcc6666aa,
+	0x904848d8, 0x06030305, 0xf7f6f601, 0x1c0e0e12,
+	0xc26161a3, 0x6a35355f, 0xae5757f9, 0x69b9b9d0,
+	0x17868691, 0x99c1c158, 0x3a1d1d27, 0x279e9eb9,
+	0xd9e1e138, 0xebf8f813, 0x2b9898b3, 0x22111133,
+	0xd26969bb, 0xa9d9d970, 0x078e8e89, 0x339494a7,
+	0x2d9b9bb6, 0x3c1e1e22, 0x15878792, 0xc9e9e920,
+	0x87cece49, 0xaa5555ff, 0x50282878, 0xa5dfdf7a,
+	0x038c8c8f, 0x59a1a1f8, 0x09898980, 0x1a0d0d17,
+	0x65bfbfda, 0xd7e6e631, 0x844242c6, 0xd06868b8,
+	0x824141c3, 0x299999b0, 0x5a2d2d77, 0x1e0f0f11,
+	0x7bb0b0cb, 0xa85454fc, 0x6dbbbbd6, 0x2c16163a);
+$code.=<<___;
+	.byte	0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5
+	.byte	0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76
+	.byte	0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0
+	.byte	0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0
+	.byte	0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc
+	.byte	0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15
+	.byte	0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a
+	.byte	0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75
+	.byte	0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0
+	.byte	0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84
+	.byte	0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b
+	.byte	0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf
+	.byte	0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85
+	.byte	0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8
+	.byte	0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5
+	.byte	0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2
+	.byte	0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17
+	.byte	0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73
+	.byte	0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88
+	.byte	0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb
+	.byte	0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c
+	.byte	0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79
+	.byte	0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9
+	.byte	0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08
+	.byte	0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6
+	.byte	0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a
+	.byte	0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e
+	.byte	0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e
+	.byte	0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94
+	.byte	0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf
+	.byte	0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68
+	.byte	0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16
+.type	AES_Te,#object
+.size	AES_Te,(.-AES_Te)
+
+.align	64
+.skip	16
+_sparcv9_AES_encrypt:
+	save	%sp,-$frame-$locals,%sp
+	stx	%i7,[%sp+$bias+$frame+0]	! off-load return address
+	ld	[$key+240],$rounds
+	ld	[$key+0],$t0
+	ld	[$key+4],$t1			!
+	ld	[$key+8],$t2
+	srl	$rounds,1,$rounds
+	xor	$t0,$s0,$s0
+	ld	[$key+12],$t3
+	srl	$s0,21,$acc0
+	xor	$t1,$s1,$s1
+	ld	[$key+16],$t0
+	srl	$s1,13,$acc1			!
+	xor	$t2,$s2,$s2
+	ld	[$key+20],$t1
+	xor	$t3,$s3,$s3
+	ld	[$key+24],$t2
+	and	$acc0,2040,$acc0
+	ld	[$key+28],$t3
+	nop
+.Lenc_loop:
+	srl	$s2,5,$acc2			!
+	and	$acc1,2040,$acc1
+	ldx	[$tbl+$acc0],$acc0
+	sll	$s3,3,$acc3
+	and	$acc2,2040,$acc2
+	ldx	[$tbl+$acc1],$acc1
+	srl	$s1,21,$acc4
+	and	$acc3,2040,$acc3
+	ldx	[$tbl+$acc2],$acc2		!
+	srl	$s2,13,$acc5
+	and	$acc4,2040,$acc4
+	ldx	[$tbl+$acc3],$acc3
+	srl	$s3,5,$acc6
+	and	$acc5,2040,$acc5
+	ldx	[$tbl+$acc4],$acc4
+	fmovs	%f0,%f0
+	sll	$s0,3,$acc7			!
+	and	$acc6,2040,$acc6
+	ldx	[$tbl+$acc5],$acc5
+	srl	$s2,21,$acc8
+	and	$acc7,2040,$acc7
+	ldx	[$tbl+$acc6],$acc6
+	srl	$s3,13,$acc9
+	and	$acc8,2040,$acc8
+	ldx	[$tbl+$acc7],$acc7		!
+	srl	$s0,5,$acc10
+	and	$acc9,2040,$acc9
+	ldx	[$tbl+$acc8],$acc8
+	sll	$s1,3,$acc11
+	and	$acc10,2040,$acc10
+	ldx	[$tbl+$acc9],$acc9
+	fmovs	%f0,%f0
+	srl	$s3,21,$acc12			!
+	and	$acc11,2040,$acc11
+	ldx	[$tbl+$acc10],$acc10
+	srl	$s0,13,$acc13
+	and	$acc12,2040,$acc12
+	ldx	[$tbl+$acc11],$acc11
+	srl	$s1,5,$acc14
+	and	$acc13,2040,$acc13
+	ldx	[$tbl+$acc12],$acc12		!
+	sll	$s2,3,$acc15
+	and	$acc14,2040,$acc14
+	ldx	[$tbl+$acc13],$acc13
+	and	$acc15,2040,$acc15
+	add	$key,32,$key
+	ldx	[$tbl+$acc14],$acc14
+	fmovs	%f0,%f0
+	subcc	$rounds,1,$rounds		!
+	ldx	[$tbl+$acc15],$acc15
+	bz,a,pn	%icc,.Lenc_last
+	add	$tbl,2048,$rounds
+
+		srlx	$acc1,8,$acc1
+		xor	$acc0,$t0,$t0
+	ld	[$key+0],$s0
+	fmovs	%f0,%f0
+		srlx	$acc2,16,$acc2		!
+		xor	$acc1,$t0,$t0
+	ld	[$key+4],$s1
+		srlx	$acc3,24,$acc3
+		xor	$acc2,$t0,$t0
+	ld	[$key+8],$s2
+		srlx	$acc5,8,$acc5
+		xor	$acc3,$t0,$t0
+	ld	[$key+12],$s3			!
+		srlx	$acc6,16,$acc6
+		xor	$acc4,$t1,$t1
+	fmovs	%f0,%f0
+		srlx	$acc7,24,$acc7
+		xor	$acc5,$t1,$t1
+		srlx	$acc9,8,$acc9
+		xor	$acc6,$t1,$t1
+		srlx	$acc10,16,$acc10	!
+		xor	$acc7,$t1,$t1
+		srlx	$acc11,24,$acc11
+		xor	$acc8,$t2,$t2
+		srlx	$acc13,8,$acc13
+		xor	$acc9,$t2,$t2
+		srlx	$acc14,16,$acc14
+		xor	$acc10,$t2,$t2
+		srlx	$acc15,24,$acc15	!
+		xor	$acc11,$t2,$t2
+		xor	$acc12,$acc14,$acc14
+		xor	$acc13,$t3,$t3
+	srl	$t0,21,$acc0
+		xor	$acc14,$t3,$t3
+	srl	$t1,13,$acc1
+		xor	$acc15,$t3,$t3
+
+	and	$acc0,2040,$acc0		!
+	srl	$t2,5,$acc2
+	and	$acc1,2040,$acc1
+	ldx	[$tbl+$acc0],$acc0
+	sll	$t3,3,$acc3
+	and	$acc2,2040,$acc2
+	ldx	[$tbl+$acc1],$acc1
+	fmovs	%f0,%f0
+	srl	$t1,21,$acc4			!
+	and	$acc3,2040,$acc3
+	ldx	[$tbl+$acc2],$acc2
+	srl	$t2,13,$acc5
+	and	$acc4,2040,$acc4
+	ldx	[$tbl+$acc3],$acc3
+	srl	$t3,5,$acc6
+	and	$acc5,2040,$acc5
+	ldx	[$tbl+$acc4],$acc4		!
+	sll	$t0,3,$acc7
+	and	$acc6,2040,$acc6
+	ldx	[$tbl+$acc5],$acc5
+	srl	$t2,21,$acc8
+	and	$acc7,2040,$acc7
+	ldx	[$tbl+$acc6],$acc6
+	fmovs	%f0,%f0
+	srl	$t3,13,$acc9			!
+	and	$acc8,2040,$acc8
+	ldx	[$tbl+$acc7],$acc7
+	srl	$t0,5,$acc10
+	and	$acc9,2040,$acc9
+	ldx	[$tbl+$acc8],$acc8
+	sll	$t1,3,$acc11
+	and	$acc10,2040,$acc10
+	ldx	[$tbl+$acc9],$acc9		!
+	srl	$t3,21,$acc12
+	and	$acc11,2040,$acc11
+	ldx	[$tbl+$acc10],$acc10
+	srl	$t0,13,$acc13
+	and	$acc12,2040,$acc12
+	ldx	[$tbl+$acc11],$acc11
+	fmovs	%f0,%f0
+	srl	$t1,5,$acc14			!
+	and	$acc13,2040,$acc13
+	ldx	[$tbl+$acc12],$acc12
+	sll	$t2,3,$acc15
+	and	$acc14,2040,$acc14
+	ldx	[$tbl+$acc13],$acc13
+		srlx	$acc1,8,$acc1
+	and	$acc15,2040,$acc15
+	ldx	[$tbl+$acc14],$acc14		!
+
+		srlx	$acc2,16,$acc2
+		xor	$acc0,$s0,$s0
+	ldx	[$tbl+$acc15],$acc15
+		srlx	$acc3,24,$acc3
+		xor	$acc1,$s0,$s0
+	ld	[$key+16],$t0
+	fmovs	%f0,%f0
+		srlx	$acc5,8,$acc5		!
+		xor	$acc2,$s0,$s0
+	ld	[$key+20],$t1
+		srlx	$acc6,16,$acc6
+		xor	$acc3,$s0,$s0
+	ld	[$key+24],$t2
+		srlx	$acc7,24,$acc7
+		xor	$acc4,$s1,$s1
+	ld	[$key+28],$t3			!
+		srlx	$acc9,8,$acc9
+		xor	$acc5,$s1,$s1
+	ldx	[$tbl+2048+0],%g0		! prefetch te4
+		srlx	$acc10,16,$acc10
+		xor	$acc6,$s1,$s1
+	ldx	[$tbl+2048+32],%g0		! prefetch te4
+		srlx	$acc11,24,$acc11
+		xor	$acc7,$s1,$s1
+	ldx	[$tbl+2048+64],%g0		! prefetch te4
+		srlx	$acc13,8,$acc13
+		xor	$acc8,$s2,$s2
+	ldx	[$tbl+2048+96],%g0		! prefetch te4
+		srlx	$acc14,16,$acc14	!
+		xor	$acc9,$s2,$s2
+	ldx	[$tbl+2048+128],%g0		! prefetch te4
+		srlx	$acc15,24,$acc15
+		xor	$acc10,$s2,$s2
+	ldx	[$tbl+2048+160],%g0		! prefetch te4
+	srl	$s0,21,$acc0
+		xor	$acc11,$s2,$s2
+	ldx	[$tbl+2048+192],%g0		! prefetch te4
+		xor	$acc12,$acc14,$acc14
+		xor	$acc13,$s3,$s3
+	ldx	[$tbl+2048+224],%g0		! prefetch te4
+	srl	$s1,13,$acc1			!
+		xor	$acc14,$s3,$s3
+		xor	$acc15,$s3,$s3
+	ba	.Lenc_loop
+	and	$acc0,2040,$acc0
+
+.align	32
+.Lenc_last:
+		srlx	$acc1,8,$acc1		!
+		xor	$acc0,$t0,$t0
+	ld	[$key+0],$s0
+		srlx	$acc2,16,$acc2
+		xor	$acc1,$t0,$t0
+	ld	[$key+4],$s1
+		srlx	$acc3,24,$acc3
+		xor	$acc2,$t0,$t0
+	ld	[$key+8],$s2			!
+		srlx	$acc5,8,$acc5
+		xor	$acc3,$t0,$t0
+	ld	[$key+12],$s3
+		srlx	$acc6,16,$acc6
+		xor	$acc4,$t1,$t1
+		srlx	$acc7,24,$acc7
+		xor	$acc5,$t1,$t1
+		srlx	$acc9,8,$acc9		!
+		xor	$acc6,$t1,$t1
+		srlx	$acc10,16,$acc10
+		xor	$acc7,$t1,$t1
+		srlx	$acc11,24,$acc11
+		xor	$acc8,$t2,$t2
+		srlx	$acc13,8,$acc13
+		xor	$acc9,$t2,$t2
+		srlx	$acc14,16,$acc14	!
+		xor	$acc10,$t2,$t2
+		srlx	$acc15,24,$acc15
+		xor	$acc11,$t2,$t2
+		xor	$acc12,$acc14,$acc14
+		xor	$acc13,$t3,$t3
+	srl	$t0,24,$acc0
+		xor	$acc14,$t3,$t3
+	srl	$t1,16,$acc1			!
+		xor	$acc15,$t3,$t3
+
+	srl	$t2,8,$acc2
+	and	$acc1,255,$acc1
+	ldub	[$rounds+$acc0],$acc0
+	srl	$t1,24,$acc4
+	and	$acc2,255,$acc2
+	ldub	[$rounds+$acc1],$acc1
+	srl	$t2,16,$acc5			!
+	and	$t3,255,$acc3
+	ldub	[$rounds+$acc2],$acc2
+	ldub	[$rounds+$acc3],$acc3
+	srl	$t3,8,$acc6
+	and	$acc5,255,$acc5
+	ldub	[$rounds+$acc4],$acc4
+	fmovs	%f0,%f0
+	srl	$t2,24,$acc8			!
+	and	$acc6,255,$acc6
+	ldub	[$rounds+$acc5],$acc5
+	srl	$t3,16,$acc9
+	and	$t0,255,$acc7
+	ldub	[$rounds+$acc6],$acc6
+	ldub	[$rounds+$acc7],$acc7
+	fmovs	%f0,%f0
+	srl	$t0,8,$acc10			!
+	and	$acc9,255,$acc9
+	ldub	[$rounds+$acc8],$acc8
+	srl	$t3,24,$acc12
+	and	$acc10,255,$acc10
+	ldub	[$rounds+$acc9],$acc9
+	srl	$t0,16,$acc13
+	and	$t1,255,$acc11
+	ldub	[$rounds+$acc10],$acc10		!
+	srl	$t1,8,$acc14
+	and	$acc13,255,$acc13
+	ldub	[$rounds+$acc11],$acc11
+	ldub	[$rounds+$acc12],$acc12
+	and	$acc14,255,$acc14
+	ldub	[$rounds+$acc13],$acc13
+	and	$t2,255,$acc15
+	ldub	[$rounds+$acc14],$acc14		!
+
+		sll	$acc0,24,$acc0
+		xor	$acc3,$s0,$s0
+	ldub	[$rounds+$acc15],$acc15
+		sll	$acc1,16,$acc1
+		xor	$acc0,$s0,$s0
+	ldx	[%sp+$bias+$frame+0],%i7	! restore return address
+	fmovs	%f0,%f0
+		sll	$acc2,8,$acc2		!
+		xor	$acc1,$s0,$s0
+		sll	$acc4,24,$acc4
+		xor	$acc2,$s0,$s0
+		sll	$acc5,16,$acc5
+		xor	$acc7,$s1,$s1
+		sll	$acc6,8,$acc6
+		xor	$acc4,$s1,$s1
+		sll	$acc8,24,$acc8		!
+		xor	$acc5,$s1,$s1
+		sll	$acc9,16,$acc9
+		xor	$acc11,$s2,$s2
+		sll	$acc10,8,$acc10
+		xor	$acc6,$s1,$s1
+		sll	$acc12,24,$acc12
+		xor	$acc8,$s2,$s2
+		sll	$acc13,16,$acc13	!
+		xor	$acc9,$s2,$s2
+		sll	$acc14,8,$acc14
+		xor	$acc10,$s2,$s2
+		xor	$acc12,$acc14,$acc14
+		xor	$acc13,$s3,$s3
+		xor	$acc14,$s3,$s3
+		xor	$acc15,$s3,$s3
+
+	ret
+	restore
+.type	_sparcv9_AES_encrypt,#function
+.size	_sparcv9_AES_encrypt,(.-_sparcv9_AES_encrypt)
+
+.align	32
+.globl	AES_encrypt
+AES_encrypt:
+	or	%o0,%o1,%g1
+	andcc	%g1,3,%g0
+	bnz,pn	%xcc,.Lunaligned_enc
+	save	%sp,-$frame,%sp
+
+	ld	[%i0+0],%o0
+	ld	[%i0+4],%o1
+	ld	[%i0+8],%o2
+	ld	[%i0+12],%o3
+
+1:	call	.+8
+	add	%o7,AES_Te-1b,%o4
+	call	_sparcv9_AES_encrypt
+	mov	%i2,%o5
+
+	st	%o0,[%i1+0]
+	st	%o1,[%i1+4]
+	st	%o2,[%i1+8]
+	st	%o3,[%i1+12]
+
+	ret
+	restore
+
+.align	32
+.Lunaligned_enc:
+	ldub	[%i0+0],%l0
+	ldub	[%i0+1],%l1
+	ldub	[%i0+2],%l2
+
+	sll	%l0,24,%l0
+	ldub	[%i0+3],%l3
+	sll	%l1,16,%l1
+	ldub	[%i0+4],%l4
+	sll	%l2,8,%l2
+	or	%l1,%l0,%l0
+	ldub	[%i0+5],%l5
+	sll	%l4,24,%l4
+	or	%l3,%l2,%l2
+	ldub	[%i0+6],%l6
+	sll	%l5,16,%l5
+	or	%l0,%l2,%o0
+	ldub	[%i0+7],%l7
+
+	sll	%l6,8,%l6
+	or	%l5,%l4,%l4
+	ldub	[%i0+8],%l0
+	or	%l7,%l6,%l6
+	ldub	[%i0+9],%l1
+	or	%l4,%l6,%o1
+	ldub	[%i0+10],%l2
+
+	sll	%l0,24,%l0
+	ldub	[%i0+11],%l3
+	sll	%l1,16,%l1
+	ldub	[%i0+12],%l4
+	sll	%l2,8,%l2
+	or	%l1,%l0,%l0
+	ldub	[%i0+13],%l5
+	sll	%l4,24,%l4
+	or	%l3,%l2,%l2
+	ldub	[%i0+14],%l6
+	sll	%l5,16,%l5
+	or	%l0,%l2,%o2
+	ldub	[%i0+15],%l7
+
+	sll	%l6,8,%l6
+	or	%l5,%l4,%l4
+	or	%l7,%l6,%l6
+	or	%l4,%l6,%o3
+
+1:	call	.+8
+	add	%o7,AES_Te-1b,%o4
+	call	_sparcv9_AES_encrypt
+	mov	%i2,%o5
+
+	srl	%o0,24,%l0
+	srl	%o0,16,%l1
+	stb	%l0,[%i1+0]
+	srl	%o0,8,%l2
+	stb	%l1,[%i1+1]
+	stb	%l2,[%i1+2]
+	srl	%o1,24,%l4
+	stb	%o0,[%i1+3]
+
+	srl	%o1,16,%l5
+	stb	%l4,[%i1+4]
+	srl	%o1,8,%l6
+	stb	%l5,[%i1+5]
+	stb	%l6,[%i1+6]
+	srl	%o2,24,%l0
+	stb	%o1,[%i1+7]
+
+	srl	%o2,16,%l1
+	stb	%l0,[%i1+8]
+	srl	%o2,8,%l2
+	stb	%l1,[%i1+9]
+	stb	%l2,[%i1+10]
+	srl	%o3,24,%l4
+	stb	%o2,[%i1+11]
+
+	srl	%o3,16,%l5
+	stb	%l4,[%i1+12]
+	srl	%o3,8,%l6
+	stb	%l5,[%i1+13]
+	stb	%l6,[%i1+14]
+	stb	%o3,[%i1+15]
+
+	ret
+	restore
+.type	AES_encrypt,#function
+.size	AES_encrypt,(.-AES_encrypt)
+
+___
+
+$code.=<<___;
+.align	256
+AES_Td:
+___
+&_data_word(
+	0x51f4a750, 0x7e416553, 0x1a17a4c3, 0x3a275e96,
+	0x3bab6bcb, 0x1f9d45f1, 0xacfa58ab, 0x4be30393,
+	0x2030fa55, 0xad766df6, 0x88cc7691, 0xf5024c25,
+	0x4fe5d7fc, 0xc52acbd7, 0x26354480, 0xb562a38f,
+	0xdeb15a49, 0x25ba1b67, 0x45ea0e98, 0x5dfec0e1,
+	0xc32f7502, 0x814cf012, 0x8d4697a3, 0x6bd3f9c6,
+	0x038f5fe7, 0x15929c95, 0xbf6d7aeb, 0x955259da,
+	0xd4be832d, 0x587421d3, 0x49e06929, 0x8ec9c844,
+	0x75c2896a, 0xf48e7978, 0x99583e6b, 0x27b971dd,
+	0xbee14fb6, 0xf088ad17, 0xc920ac66, 0x7dce3ab4,
+	0x63df4a18, 0xe51a3182, 0x97513360, 0x62537f45,
+	0xb16477e0, 0xbb6bae84, 0xfe81a01c, 0xf9082b94,
+	0x70486858, 0x8f45fd19, 0x94de6c87, 0x527bf8b7,
+	0xab73d323, 0x724b02e2, 0xe31f8f57, 0x6655ab2a,
+	0xb2eb2807, 0x2fb5c203, 0x86c57b9a, 0xd33708a5,
+	0x302887f2, 0x23bfa5b2, 0x02036aba, 0xed16825c,
+	0x8acf1c2b, 0xa779b492, 0xf307f2f0, 0x4e69e2a1,
+	0x65daf4cd, 0x0605bed5, 0xd134621f, 0xc4a6fe8a,
+	0x342e539d, 0xa2f355a0, 0x058ae132, 0xa4f6eb75,
+	0x0b83ec39, 0x4060efaa, 0x5e719f06, 0xbd6e1051,
+	0x3e218af9, 0x96dd063d, 0xdd3e05ae, 0x4de6bd46,
+	0x91548db5, 0x71c45d05, 0x0406d46f, 0x605015ff,
+	0x1998fb24, 0xd6bde997, 0x894043cc, 0x67d99e77,
+	0xb0e842bd, 0x07898b88, 0xe7195b38, 0x79c8eedb,
+	0xa17c0a47, 0x7c420fe9, 0xf8841ec9, 0x00000000,
+	0x09808683, 0x322bed48, 0x1e1170ac, 0x6c5a724e,
+	0xfd0efffb, 0x0f853856, 0x3daed51e, 0x362d3927,
+	0x0a0fd964, 0x685ca621, 0x9b5b54d1, 0x24362e3a,
+	0x0c0a67b1, 0x9357e70f, 0xb4ee96d2, 0x1b9b919e,
+	0x80c0c54f, 0x61dc20a2, 0x5a774b69, 0x1c121a16,
+	0xe293ba0a, 0xc0a02ae5, 0x3c22e043, 0x121b171d,
+	0x0e090d0b, 0xf28bc7ad, 0x2db6a8b9, 0x141ea9c8,
+	0x57f11985, 0xaf75074c, 0xee99ddbb, 0xa37f60fd,
+	0xf701269f, 0x5c72f5bc, 0x44663bc5, 0x5bfb7e34,
+	0x8b432976, 0xcb23c6dc, 0xb6edfc68, 0xb8e4f163,
+	0xd731dcca, 0x42638510, 0x13972240, 0x84c61120,
+	0x854a247d, 0xd2bb3df8, 0xaef93211, 0xc729a16d,
+	0x1d9e2f4b, 0xdcb230f3, 0x0d8652ec, 0x77c1e3d0,
+	0x2bb3166c, 0xa970b999, 0x119448fa, 0x47e96422,
+	0xa8fc8cc4, 0xa0f03f1a, 0x567d2cd8, 0x223390ef,
+	0x87494ec7, 0xd938d1c1, 0x8ccaa2fe, 0x98d40b36,
+	0xa6f581cf, 0xa57ade28, 0xdab78e26, 0x3fadbfa4,
+	0x2c3a9de4, 0x5078920d, 0x6a5fcc9b, 0x547e4662,
+	0xf68d13c2, 0x90d8b8e8, 0x2e39f75e, 0x82c3aff5,
+	0x9f5d80be, 0x69d0937c, 0x6fd52da9, 0xcf2512b3,
+	0xc8ac993b, 0x10187da7, 0xe89c636e, 0xdb3bbb7b,
+	0xcd267809, 0x6e5918f4, 0xec9ab701, 0x834f9aa8,
+	0xe6956e65, 0xaaffe67e, 0x21bccf08, 0xef15e8e6,
+	0xbae79bd9, 0x4a6f36ce, 0xea9f09d4, 0x29b07cd6,
+	0x31a4b2af, 0x2a3f2331, 0xc6a59430, 0x35a266c0,
+	0x744ebc37, 0xfc82caa6, 0xe090d0b0, 0x33a7d815,
+	0xf104984a, 0x41ecdaf7, 0x7fcd500e, 0x1791f62f,
+	0x764dd68d, 0x43efb04d, 0xccaa4d54, 0xe49604df,
+	0x9ed1b5e3, 0x4c6a881b, 0xc12c1fb8, 0x4665517f,
+	0x9d5eea04, 0x018c355d, 0xfa877473, 0xfb0b412e,
+	0xb3671d5a, 0x92dbd252, 0xe9105633, 0x6dd64713,
+	0x9ad7618c, 0x37a10c7a, 0x59f8148e, 0xeb133c89,
+	0xcea927ee, 0xb761c935, 0xe11ce5ed, 0x7a47b13c,
+	0x9cd2df59, 0x55f2733f, 0x1814ce79, 0x73c737bf,
+	0x53f7cdea, 0x5ffdaa5b, 0xdf3d6f14, 0x7844db86,
+	0xcaaff381, 0xb968c43e, 0x3824342c, 0xc2a3405f,
+	0x161dc372, 0xbce2250c, 0x283c498b, 0xff0d9541,
+	0x39a80171, 0x080cb3de, 0xd8b4e49c, 0x6456c190,
+	0x7bcb8461, 0xd532b670, 0x486c5c74, 0xd0b85742);
+$code.=<<___;
+	.byte	0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38
+	.byte	0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb
+	.byte	0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87
+	.byte	0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb
+	.byte	0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d
+	.byte	0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e
+	.byte	0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2
+	.byte	0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25
+	.byte	0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16
+	.byte	0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92
+	.byte	0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda
+	.byte	0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84
+	.byte	0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a
+	.byte	0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06
+	.byte	0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02
+	.byte	0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b
+	.byte	0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea
+	.byte	0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73
+	.byte	0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85
+	.byte	0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e
+	.byte	0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89
+	.byte	0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b
+	.byte	0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20
+	.byte	0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4
+	.byte	0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31
+	.byte	0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f
+	.byte	0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d
+	.byte	0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef
+	.byte	0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0
+	.byte	0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61
+	.byte	0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26
+	.byte	0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d
+.type	AES_Td,#object
+.size	AES_Td,(.-AES_Td)
+
+.align	64
+.skip	16
+_sparcv9_AES_decrypt:
+	save	%sp,-$frame-$locals,%sp
+	stx	%i7,[%sp+$bias+$frame+0]	! off-load return address
+	ld	[$key+240],$rounds
+	ld	[$key+0],$t0
+	ld	[$key+4],$t1			!
+	ld	[$key+8],$t2
+	ld	[$key+12],$t3
+	srl	$rounds,1,$rounds
+	xor	$t0,$s0,$s0
+	ld	[$key+16],$t0
+	xor	$t1,$s1,$s1
+	ld	[$key+20],$t1
+	srl	$s0,21,$acc0			!
+	xor	$t2,$s2,$s2
+	ld	[$key+24],$t2
+	xor	$t3,$s3,$s3
+	and	$acc0,2040,$acc0
+	ld	[$key+28],$t3
+	srl	$s3,13,$acc1
+	nop
+.Ldec_loop:
+	srl	$s2,5,$acc2			!
+	and	$acc1,2040,$acc1
+	ldx	[$tbl+$acc0],$acc0
+	sll	$s1,3,$acc3
+	and	$acc2,2040,$acc2
+	ldx	[$tbl+$acc1],$acc1
+	srl	$s1,21,$acc4
+	and	$acc3,2040,$acc3
+	ldx	[$tbl+$acc2],$acc2		!
+	srl	$s0,13,$acc5
+	and	$acc4,2040,$acc4
+	ldx	[$tbl+$acc3],$acc3
+	srl	$s3,5,$acc6
+	and	$acc5,2040,$acc5
+	ldx	[$tbl+$acc4],$acc4
+	fmovs	%f0,%f0
+	sll	$s2,3,$acc7			!
+	and	$acc6,2040,$acc6
+	ldx	[$tbl+$acc5],$acc5
+	srl	$s2,21,$acc8
+	and	$acc7,2040,$acc7
+	ldx	[$tbl+$acc6],$acc6
+	srl	$s1,13,$acc9
+	and	$acc8,2040,$acc8
+	ldx	[$tbl+$acc7],$acc7		!
+	srl	$s0,5,$acc10
+	and	$acc9,2040,$acc9
+	ldx	[$tbl+$acc8],$acc8
+	sll	$s3,3,$acc11
+	and	$acc10,2040,$acc10
+	ldx	[$tbl+$acc9],$acc9
+	fmovs	%f0,%f0
+	srl	$s3,21,$acc12			!
+	and	$acc11,2040,$acc11
+	ldx	[$tbl+$acc10],$acc10
+	srl	$s2,13,$acc13
+	and	$acc12,2040,$acc12
+	ldx	[$tbl+$acc11],$acc11
+	srl	$s1,5,$acc14
+	and	$acc13,2040,$acc13
+	ldx	[$tbl+$acc12],$acc12		!
+	sll	$s0,3,$acc15
+	and	$acc14,2040,$acc14
+	ldx	[$tbl+$acc13],$acc13
+	and	$acc15,2040,$acc15
+	add	$key,32,$key
+	ldx	[$tbl+$acc14],$acc14
+	fmovs	%f0,%f0
+	subcc	$rounds,1,$rounds		!
+	ldx	[$tbl+$acc15],$acc15
+	bz,a,pn	%icc,.Ldec_last
+	add	$tbl,2048,$rounds
+
+		srlx	$acc1,8,$acc1
+		xor	$acc0,$t0,$t0
+	ld	[$key+0],$s0
+	fmovs	%f0,%f0
+		srlx	$acc2,16,$acc2		!
+		xor	$acc1,$t0,$t0
+	ld	[$key+4],$s1
+		srlx	$acc3,24,$acc3
+		xor	$acc2,$t0,$t0
+	ld	[$key+8],$s2
+		srlx	$acc5,8,$acc5
+		xor	$acc3,$t0,$t0
+	ld	[$key+12],$s3			!
+		srlx	$acc6,16,$acc6
+		xor	$acc4,$t1,$t1
+	fmovs	%f0,%f0
+		srlx	$acc7,24,$acc7
+		xor	$acc5,$t1,$t1
+		srlx	$acc9,8,$acc9
+		xor	$acc6,$t1,$t1
+		srlx	$acc10,16,$acc10	!
+		xor	$acc7,$t1,$t1
+		srlx	$acc11,24,$acc11
+		xor	$acc8,$t2,$t2
+		srlx	$acc13,8,$acc13
+		xor	$acc9,$t2,$t2
+		srlx	$acc14,16,$acc14
+		xor	$acc10,$t2,$t2
+		srlx	$acc15,24,$acc15	!
+		xor	$acc11,$t2,$t2
+		xor	$acc12,$acc14,$acc14
+		xor	$acc13,$t3,$t3
+	srl	$t0,21,$acc0
+		xor	$acc14,$t3,$t3
+		xor	$acc15,$t3,$t3
+	srl	$t3,13,$acc1
+
+	and	$acc0,2040,$acc0		!
+	srl	$t2,5,$acc2
+	and	$acc1,2040,$acc1
+	ldx	[$tbl+$acc0],$acc0
+	sll	$t1,3,$acc3
+	and	$acc2,2040,$acc2
+	ldx	[$tbl+$acc1],$acc1
+	fmovs	%f0,%f0
+	srl	$t1,21,$acc4			!
+	and	$acc3,2040,$acc3
+	ldx	[$tbl+$acc2],$acc2
+	srl	$t0,13,$acc5
+	and	$acc4,2040,$acc4
+	ldx	[$tbl+$acc3],$acc3
+	srl	$t3,5,$acc6
+	and	$acc5,2040,$acc5
+	ldx	[$tbl+$acc4],$acc4		!
+	sll	$t2,3,$acc7
+	and	$acc6,2040,$acc6
+	ldx	[$tbl+$acc5],$acc5
+	srl	$t2,21,$acc8
+	and	$acc7,2040,$acc7
+	ldx	[$tbl+$acc6],$acc6
+	fmovs	%f0,%f0
+	srl	$t1,13,$acc9			!
+	and	$acc8,2040,$acc8
+	ldx	[$tbl+$acc7],$acc7
+	srl	$t0,5,$acc10
+	and	$acc9,2040,$acc9
+	ldx	[$tbl+$acc8],$acc8
+	sll	$t3,3,$acc11
+	and	$acc10,2040,$acc10
+	ldx	[$tbl+$acc9],$acc9		!
+	srl	$t3,21,$acc12
+	and	$acc11,2040,$acc11
+	ldx	[$tbl+$acc10],$acc10
+	srl	$t2,13,$acc13
+	and	$acc12,2040,$acc12
+	ldx	[$tbl+$acc11],$acc11
+	fmovs	%f0,%f0
+	srl	$t1,5,$acc14			!
+	and	$acc13,2040,$acc13
+	ldx	[$tbl+$acc12],$acc12
+	sll	$t0,3,$acc15
+	and	$acc14,2040,$acc14
+	ldx	[$tbl+$acc13],$acc13
+		srlx	$acc1,8,$acc1
+	and	$acc15,2040,$acc15
+	ldx	[$tbl+$acc14],$acc14		!
+
+		srlx	$acc2,16,$acc2
+		xor	$acc0,$s0,$s0
+	ldx	[$tbl+$acc15],$acc15
+		srlx	$acc3,24,$acc3
+		xor	$acc1,$s0,$s0
+	ld	[$key+16],$t0
+	fmovs	%f0,%f0
+		srlx	$acc5,8,$acc5		!
+		xor	$acc2,$s0,$s0
+	ld	[$key+20],$t1
+		srlx	$acc6,16,$acc6
+		xor	$acc3,$s0,$s0
+	ld	[$key+24],$t2
+		srlx	$acc7,24,$acc7
+		xor	$acc4,$s1,$s1
+	ld	[$key+28],$t3			!
+		srlx	$acc9,8,$acc9
+		xor	$acc5,$s1,$s1
+	ldx	[$tbl+2048+0],%g0		! prefetch td4
+		srlx	$acc10,16,$acc10
+		xor	$acc6,$s1,$s1
+	ldx	[$tbl+2048+32],%g0		! prefetch td4
+		srlx	$acc11,24,$acc11
+		xor	$acc7,$s1,$s1
+	ldx	[$tbl+2048+64],%g0		! prefetch td4
+		srlx	$acc13,8,$acc13
+		xor	$acc8,$s2,$s2
+	ldx	[$tbl+2048+96],%g0		! prefetch td4
+		srlx	$acc14,16,$acc14	!
+		xor	$acc9,$s2,$s2
+	ldx	[$tbl+2048+128],%g0		! prefetch td4
+		srlx	$acc15,24,$acc15
+		xor	$acc10,$s2,$s2
+	ldx	[$tbl+2048+160],%g0		! prefetch td4
+	srl	$s0,21,$acc0
+		xor	$acc11,$s2,$s2
+	ldx	[$tbl+2048+192],%g0		! prefetch td4
+		xor	$acc12,$acc14,$acc14
+		xor	$acc13,$s3,$s3
+	ldx	[$tbl+2048+224],%g0		! prefetch td4
+	and	$acc0,2040,$acc0		!
+		xor	$acc14,$s3,$s3
+		xor	$acc15,$s3,$s3
+	ba	.Ldec_loop
+	srl	$s3,13,$acc1
+
+.align	32
+.Ldec_last:
+		srlx	$acc1,8,$acc1		!
+		xor	$acc0,$t0,$t0
+	ld	[$key+0],$s0
+		srlx	$acc2,16,$acc2
+		xor	$acc1,$t0,$t0
+	ld	[$key+4],$s1
+		srlx	$acc3,24,$acc3
+		xor	$acc2,$t0,$t0
+	ld	[$key+8],$s2			!
+		srlx	$acc5,8,$acc5
+		xor	$acc3,$t0,$t0
+	ld	[$key+12],$s3
+		srlx	$acc6,16,$acc6
+		xor	$acc4,$t1,$t1
+		srlx	$acc7,24,$acc7
+		xor	$acc5,$t1,$t1
+		srlx	$acc9,8,$acc9		!
+		xor	$acc6,$t1,$t1
+		srlx	$acc10,16,$acc10
+		xor	$acc7,$t1,$t1
+		srlx	$acc11,24,$acc11
+		xor	$acc8,$t2,$t2
+		srlx	$acc13,8,$acc13
+		xor	$acc9,$t2,$t2
+		srlx	$acc14,16,$acc14	!
+		xor	$acc10,$t2,$t2
+		srlx	$acc15,24,$acc15
+		xor	$acc11,$t2,$t2
+		xor	$acc12,$acc14,$acc14
+		xor	$acc13,$t3,$t3
+	srl	$t0,24,$acc0
+		xor	$acc14,$t3,$t3
+		xor	$acc15,$t3,$t3		!
+	srl	$t3,16,$acc1
+
+	srl	$t2,8,$acc2
+	and	$acc1,255,$acc1
+	ldub	[$rounds+$acc0],$acc0
+	srl	$t1,24,$acc4
+	and	$acc2,255,$acc2
+	ldub	[$rounds+$acc1],$acc1
+	srl	$t0,16,$acc5			!
+	and	$t1,255,$acc3
+	ldub	[$rounds+$acc2],$acc2
+	ldub	[$rounds+$acc3],$acc3
+	srl	$t3,8,$acc6
+	and	$acc5,255,$acc5
+	ldub	[$rounds+$acc4],$acc4
+	fmovs	%f0,%f0
+	srl	$t2,24,$acc8			!
+	and	$acc6,255,$acc6
+	ldub	[$rounds+$acc5],$acc5
+	srl	$t1,16,$acc9
+	and	$t2,255,$acc7
+	ldub	[$rounds+$acc6],$acc6
+	ldub	[$rounds+$acc7],$acc7
+	fmovs	%f0,%f0
+	srl	$t0,8,$acc10			!
+	and	$acc9,255,$acc9
+	ldub	[$rounds+$acc8],$acc8
+	srl	$t3,24,$acc12
+	and	$acc10,255,$acc10
+	ldub	[$rounds+$acc9],$acc9
+	srl	$t2,16,$acc13
+	and	$t3,255,$acc11
+	ldub	[$rounds+$acc10],$acc10		!
+	srl	$t1,8,$acc14
+	and	$acc13,255,$acc13
+	ldub	[$rounds+$acc11],$acc11
+	ldub	[$rounds+$acc12],$acc12
+	and	$acc14,255,$acc14
+	ldub	[$rounds+$acc13],$acc13
+	and	$t0,255,$acc15
+	ldub	[$rounds+$acc14],$acc14		!
+
+		sll	$acc0,24,$acc0
+		xor	$acc3,$s0,$s0
+	ldub	[$rounds+$acc15],$acc15
+		sll	$acc1,16,$acc1
+		xor	$acc0,$s0,$s0
+	ldx	[%sp+$bias+$frame+0],%i7	! restore return address
+	fmovs	%f0,%f0
+		sll	$acc2,8,$acc2		!
+		xor	$acc1,$s0,$s0
+		sll	$acc4,24,$acc4
+		xor	$acc2,$s0,$s0
+		sll	$acc5,16,$acc5
+		xor	$acc7,$s1,$s1
+		sll	$acc6,8,$acc6
+		xor	$acc4,$s1,$s1
+		sll	$acc8,24,$acc8		!
+		xor	$acc5,$s1,$s1
+		sll	$acc9,16,$acc9
+		xor	$acc11,$s2,$s2
+		sll	$acc10,8,$acc10
+		xor	$acc6,$s1,$s1
+		sll	$acc12,24,$acc12
+		xor	$acc8,$s2,$s2
+		sll	$acc13,16,$acc13	!
+		xor	$acc9,$s2,$s2
+		sll	$acc14,8,$acc14
+		xor	$acc10,$s2,$s2
+		xor	$acc12,$acc14,$acc14
+		xor	$acc13,$s3,$s3
+		xor	$acc14,$s3,$s3
+		xor	$acc15,$s3,$s3
+
+	ret
+	restore
+.type	_sparcv9_AES_decrypt,#function
+.size	_sparcv9_AES_decrypt,(.-_sparcv9_AES_decrypt)
+
+.align	32
+.globl	AES_decrypt
+AES_decrypt:
+	or	%o0,%o1,%g1
+	andcc	%g1,3,%g0
+	bnz,pn	%xcc,.Lunaligned_dec
+	save	%sp,-$frame,%sp
+
+	ld	[%i0+0],%o0
+	ld	[%i0+4],%o1
+	ld	[%i0+8],%o2
+	ld	[%i0+12],%o3
+
+1:	call	.+8
+	add	%o7,AES_Td-1b,%o4
+	call	_sparcv9_AES_decrypt
+	mov	%i2,%o5
+
+	st	%o0,[%i1+0]
+	st	%o1,[%i1+4]
+	st	%o2,[%i1+8]
+	st	%o3,[%i1+12]
+
+	ret
+	restore
+
+.align	32
+.Lunaligned_dec:
+	ldub	[%i0+0],%l0
+	ldub	[%i0+1],%l1
+	ldub	[%i0+2],%l2
+
+	sll	%l0,24,%l0
+	ldub	[%i0+3],%l3
+	sll	%l1,16,%l1
+	ldub	[%i0+4],%l4
+	sll	%l2,8,%l2
+	or	%l1,%l0,%l0
+	ldub	[%i0+5],%l5
+	sll	%l4,24,%l4
+	or	%l3,%l2,%l2
+	ldub	[%i0+6],%l6
+	sll	%l5,16,%l5
+	or	%l0,%l2,%o0
+	ldub	[%i0+7],%l7
+
+	sll	%l6,8,%l6
+	or	%l5,%l4,%l4
+	ldub	[%i0+8],%l0
+	or	%l7,%l6,%l6
+	ldub	[%i0+9],%l1
+	or	%l4,%l6,%o1
+	ldub	[%i0+10],%l2
+
+	sll	%l0,24,%l0
+	ldub	[%i0+11],%l3
+	sll	%l1,16,%l1
+	ldub	[%i0+12],%l4
+	sll	%l2,8,%l2
+	or	%l1,%l0,%l0
+	ldub	[%i0+13],%l5
+	sll	%l4,24,%l4
+	or	%l3,%l2,%l2
+	ldub	[%i0+14],%l6
+	sll	%l5,16,%l5
+	or	%l0,%l2,%o2
+	ldub	[%i0+15],%l7
+
+	sll	%l6,8,%l6
+	or	%l5,%l4,%l4
+	or	%l7,%l6,%l6
+	or	%l4,%l6,%o3
+
+1:	call	.+8
+	add	%o7,AES_Td-1b,%o4
+	call	_sparcv9_AES_decrypt
+	mov	%i2,%o5
+
+	srl	%o0,24,%l0
+	srl	%o0,16,%l1
+	stb	%l0,[%i1+0]
+	srl	%o0,8,%l2
+	stb	%l1,[%i1+1]
+	stb	%l2,[%i1+2]
+	srl	%o1,24,%l4
+	stb	%o0,[%i1+3]
+
+	srl	%o1,16,%l5
+	stb	%l4,[%i1+4]
+	srl	%o1,8,%l6
+	stb	%l5,[%i1+5]
+	stb	%l6,[%i1+6]
+	srl	%o2,24,%l0
+	stb	%o1,[%i1+7]
+
+	srl	%o2,16,%l1
+	stb	%l0,[%i1+8]
+	srl	%o2,8,%l2
+	stb	%l1,[%i1+9]
+	stb	%l2,[%i1+10]
+	srl	%o3,24,%l4
+	stb	%o2,[%i1+11]
+
+	srl	%o3,16,%l5
+	stb	%l4,[%i1+12]
+	srl	%o3,8,%l6
+	stb	%l5,[%i1+13]
+	stb	%l6,[%i1+14]
+	stb	%o3,[%i1+15]
+
+	ret
+	restore
+.type	AES_decrypt,#function
+.size	AES_decrypt,(.-AES_decrypt)
+___
+
+# fmovs instructions substituting for FP nops were originally added
+# to meet specific instruction alignment requirements to maximize ILP.
+# As UltraSPARC T1, a.k.a. Niagara, has shared FPU, FP nops can have
+# undesired effect, so just omit them and sacrifice some portion of
+# percent in performance...
+$code =~ s/fmovs.*$//gem;
+
+print $code;
diff --git a/crypto/aes/asm/aes-x86_64.pl b/crypto/aes/asm/aes-x86_64.pl
new file mode 100755
index 0000000000..a545e892ae
--- /dev/null
+++ b/crypto/aes/asm/aes-x86_64.pl
@@ -0,0 +1,2809 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+#
+# Version 2.1.
+#
+# aes-*-cbc benchmarks are improved by >70% [compared to gcc 3.3.2 on
+# Opteron 240 CPU] plus all the bells-n-whistles from 32-bit version
+# [you'll notice a lot of resemblance], such as compressed S-boxes
+# in little-endian byte order, prefetch of these tables in CBC mode,
+# as well as avoiding L1 cache aliasing between stack frame and key
+# schedule and already mentioned tables, compressed Td4...
+#
+# Performance in number of cycles per processed byte for 128-bit key:
+#
+#		ECB encrypt	ECB decrypt	CBC large chunk
+# AMD64		33		41		13.0
+# EM64T		38		59		18.6(*)
+# Core 2	30		43		14.5(*)
+#
+# (*) with hyper-threading off
+
+$flavour = shift;
+$output  = shift;
+if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
+
+$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
+die "can't locate x86_64-xlate.pl";
+
+open STDOUT,"| $^X $xlate $flavour $output";
+
+$verticalspin=1;	# unlike 32-bit version $verticalspin performs
+			# ~15% better on both AMD and Intel cores
+$speed_limit=512;	# see aes-586.pl for details
+
+$code=".text\n";
+
+$s0="%eax";
+$s1="%ebx";
+$s2="%ecx";
+$s3="%edx";
+$acc0="%esi";	$mask80="%rsi";
+$acc1="%edi";	$maskfe="%rdi";
+$acc2="%ebp";	$mask1b="%rbp";
+$inp="%r8";
+$out="%r9";
+$t0="%r10d";
+$t1="%r11d";
+$t2="%r12d";
+$rnds="%r13d";
+$sbox="%r14";
+$key="%r15";
+
+sub hi() { my $r=shift;	$r =~ s/%[er]([a-d])x/%\1h/;	$r; }
+sub lo() { my $r=shift;	$r =~ s/%[er]([a-d])x/%\1l/;
+			$r =~ s/%[er]([sd]i)/%\1l/;
+			$r =~ s/%(r[0-9]+)[d]?/%\1b/;	$r; }
+sub LO() { my $r=shift; $r =~ s/%r([a-z]+)/%e\1/;
+			$r =~ s/%r([0-9]+)/%r\1d/;	$r; }
+sub _data_word()
+{ my $i;
+    while(defined($i=shift)) { $code.=sprintf".long\t0x%08x,0x%08x\n",$i,$i; }
+}
+sub data_word()
+{ my $i;
+  my $last=pop(@_);
+    $code.=".long\t";
+    while(defined($i=shift)) { $code.=sprintf"0x%08x,",$i; }
+    $code.=sprintf"0x%08x\n",$last;
+}
+
+sub data_byte()
+{ my $i;
+  my $last=pop(@_);
+    $code.=".byte\t";
+    while(defined($i=shift)) { $code.=sprintf"0x%02x,",$i&0xff; }
+    $code.=sprintf"0x%02x\n",$last&0xff;
+}
+
+sub encvert()
+{ my $t3="%r8d";	# zaps $inp!
+
+$code.=<<___;
+	# favor 3-way issue Opteron pipeline...
+	movzb	`&lo("$s0")`,$acc0
+	movzb	`&lo("$s1")`,$acc1
+	movzb	`&lo("$s2")`,$acc2
+	mov	0($sbox,$acc0,8),$t0
+	mov	0($sbox,$acc1,8),$t1
+	mov	0($sbox,$acc2,8),$t2
+
+	movzb	`&hi("$s1")`,$acc0
+	movzb	`&hi("$s2")`,$acc1
+	movzb	`&lo("$s3")`,$acc2
+	xor	3($sbox,$acc0,8),$t0
+	xor	3($sbox,$acc1,8),$t1
+	mov	0($sbox,$acc2,8),$t3
+
+	movzb	`&hi("$s3")`,$acc0
+	shr	\$16,$s2
+	movzb	`&hi("$s0")`,$acc2
+	xor	3($sbox,$acc0,8),$t2
+	shr	\$16,$s3
+	xor	3($sbox,$acc2,8),$t3
+
+	shr	\$16,$s1
+	lea	16($key),$key
+	shr	\$16,$s0
+
+	movzb	`&lo("$s2")`,$acc0
+	movzb	`&lo("$s3")`,$acc1
+	movzb	`&lo("$s0")`,$acc2
+	xor	2($sbox,$acc0,8),$t0
+	xor	2($sbox,$acc1,8),$t1
+	xor	2($sbox,$acc2,8),$t2
+
+	movzb	`&hi("$s3")`,$acc0
+	movzb	`&hi("$s0")`,$acc1
+	movzb	`&lo("$s1")`,$acc2
+	xor	1($sbox,$acc0,8),$t0
+	xor	1($sbox,$acc1,8),$t1
+	xor	2($sbox,$acc2,8),$t3
+
+	mov	12($key),$s3
+	movzb	`&hi("$s1")`,$acc1
+	movzb	`&hi("$s2")`,$acc2
+	mov	0($key),$s0
+	xor	1($sbox,$acc1,8),$t2
+	xor	1($sbox,$acc2,8),$t3
+
+	mov	4($key),$s1
+	mov	8($key),$s2
+	xor	$t0,$s0
+	xor	$t1,$s1
+	xor	$t2,$s2
+	xor	$t3,$s3
+___
+}
+
+sub enclastvert()
+{ my $t3="%r8d";	# zaps $inp!
+
+$code.=<<___;
+	movzb	`&lo("$s0")`,$acc0
+	movzb	`&lo("$s1")`,$acc1
+	movzb	`&lo("$s2")`,$acc2
+	movzb	2($sbox,$acc0,8),$t0
+	movzb	2($sbox,$acc1,8),$t1
+	movzb	2($sbox,$acc2,8),$t2
+
+	movzb	`&lo("$s3")`,$acc0
+	movzb	`&hi("$s1")`,$acc1
+	movzb	`&hi("$s2")`,$acc2
+	movzb	2($sbox,$acc0,8),$t3
+	mov	0($sbox,$acc1,8),$acc1	#$t0
+	mov	0($sbox,$acc2,8),$acc2	#$t1
+
+	and	\$0x0000ff00,$acc1
+	and	\$0x0000ff00,$acc2
+
+	xor	$acc1,$t0
+	xor	$acc2,$t1
+	shr	\$16,$s2
+
+	movzb	`&hi("$s3")`,$acc0
+	movzb	`&hi("$s0")`,$acc1
+	shr	\$16,$s3
+	mov	0($sbox,$acc0,8),$acc0	#$t2
+	mov	0($sbox,$acc1,8),$acc1	#$t3
+
+	and	\$0x0000ff00,$acc0
+	and	\$0x0000ff00,$acc1
+	shr	\$16,$s1
+	xor	$acc0,$t2
+	xor	$acc1,$t3
+	shr	\$16,$s0
+
+	movzb	`&lo("$s2")`,$acc0
+	movzb	`&lo("$s3")`,$acc1
+	movzb	`&lo("$s0")`,$acc2
+	mov	0($sbox,$acc0,8),$acc0	#$t0
+	mov	0($sbox,$acc1,8),$acc1	#$t1
+	mov	0($sbox,$acc2,8),$acc2	#$t2
+
+	and	\$0x00ff0000,$acc0
+	and	\$0x00ff0000,$acc1
+	and	\$0x00ff0000,$acc2
+
+	xor	$acc0,$t0
+	xor	$acc1,$t1
+	xor	$acc2,$t2
+
+	movzb	`&lo("$s1")`,$acc0
+	movzb	`&hi("$s3")`,$acc1
+	movzb	`&hi("$s0")`,$acc2
+	mov	0($sbox,$acc0,8),$acc0	#$t3
+	mov	2($sbox,$acc1,8),$acc1	#$t0
+	mov	2($sbox,$acc2,8),$acc2	#$t1
+
+	and	\$0x00ff0000,$acc0
+	and	\$0xff000000,$acc1
+	and	\$0xff000000,$acc2
+
+	xor	$acc0,$t3
+	xor	$acc1,$t0
+	xor	$acc2,$t1
+
+	movzb	`&hi("$s1")`,$acc0
+	movzb	`&hi("$s2")`,$acc1
+	mov	16+12($key),$s3
+	mov	2($sbox,$acc0,8),$acc0	#$t2
+	mov	2($sbox,$acc1,8),$acc1	#$t3
+	mov	16+0($key),$s0
+
+	and	\$0xff000000,$acc0
+	and	\$0xff000000,$acc1
+
+	xor	$acc0,$t2
+	xor	$acc1,$t3
+
+	mov	16+4($key),$s1
+	mov	16+8($key),$s2
+	xor	$t0,$s0
+	xor	$t1,$s1
+	xor	$t2,$s2
+	xor	$t3,$s3
+___
+}
+
+sub encstep()
+{ my ($i,@s) = @_;
+  my $tmp0=$acc0;
+  my $tmp1=$acc1;
+  my $tmp2=$acc2;
+  my $out=($t0,$t1,$t2,$s[0])[$i];
+
+	if ($i==3) {
+		$tmp0=$s[1];
+		$tmp1=$s[2];
+		$tmp2=$s[3];
+	}
+	$code.="	movzb	".&lo($s[0]).",$out\n";
+	$code.="	mov	$s[2],$tmp1\n"		if ($i!=3);
+	$code.="	lea	16($key),$key\n"	if ($i==0);
+
+	$code.="	movzb	".&hi($s[1]).",$tmp0\n";
+	$code.="	mov	0($sbox,$out,8),$out\n";
+
+	$code.="	shr	\$16,$tmp1\n";
+	$code.="	mov	$s[3],$tmp2\n"		if ($i!=3);
+	$code.="	xor	3($sbox,$tmp0,8),$out\n";
+
+	$code.="	movzb	".&lo($tmp1).",$tmp1\n";
+	$code.="	shr	\$24,$tmp2\n";
+	$code.="	xor	4*$i($key),$out\n";
+
+	$code.="	xor	2($sbox,$tmp1,8),$out\n";
+	$code.="	xor	1($sbox,$tmp2,8),$out\n";
+
+	$code.="	mov	$t0,$s[1]\n"		if ($i==3);
+	$code.="	mov	$t1,$s[2]\n"		if ($i==3);
+	$code.="	mov	$t2,$s[3]\n"		if ($i==3);
+	$code.="\n";
+}
+
+sub enclast()
+{ my ($i,@s)=@_;
+  my $tmp0=$acc0;
+  my $tmp1=$acc1;
+  my $tmp2=$acc2;
+  my $out=($t0,$t1,$t2,$s[0])[$i];
+
+	if ($i==3) {
+		$tmp0=$s[1];
+		$tmp1=$s[2];
+		$tmp2=$s[3];
+	}
+	$code.="	movzb	".&lo($s[0]).",$out\n";
+	$code.="	mov	$s[2],$tmp1\n"		if ($i!=3);
+
+	$code.="	mov	2($sbox,$out,8),$out\n";
+	$code.="	shr	\$16,$tmp1\n";
+	$code.="	mov	$s[3],$tmp2\n"		if ($i!=3);
+
+	$code.="	and	\$0x000000ff,$out\n";
+	$code.="	movzb	".&hi($s[1]).",$tmp0\n";
+	$code.="	movzb	".&lo($tmp1).",$tmp1\n";
+	$code.="	shr	\$24,$tmp2\n";
+
+	$code.="	mov	0($sbox,$tmp0,8),$tmp0\n";
+	$code.="	mov	0($sbox,$tmp1,8),$tmp1\n";
+	$code.="	mov	2($sbox,$tmp2,8),$tmp2\n";
+
+	$code.="	and	\$0x0000ff00,$tmp0\n";
+	$code.="	and	\$0x00ff0000,$tmp1\n";
+	$code.="	and	\$0xff000000,$tmp2\n";
+
+	$code.="	xor	$tmp0,$out\n";
+	$code.="	mov	$t0,$s[1]\n"		if ($i==3);
+	$code.="	xor	$tmp1,$out\n";
+	$code.="	mov	$t1,$s[2]\n"		if ($i==3);
+	$code.="	xor	$tmp2,$out\n";
+	$code.="	mov	$t2,$s[3]\n"		if ($i==3);
+	$code.="\n";
+}
+
+$code.=<<___;
+.type	_x86_64_AES_encrypt,\@abi-omnipotent
+.align	16
+_x86_64_AES_encrypt:
+	xor	0($key),$s0			# xor with key
+	xor	4($key),$s1
+	xor	8($key),$s2
+	xor	12($key),$s3
+
+	mov	240($key),$rnds			# load key->rounds
+	sub	\$1,$rnds
+	jmp	.Lenc_loop
+.align	16
+.Lenc_loop:
+___
+	if ($verticalspin) { &encvert(); }
+	else {	&encstep(0,$s0,$s1,$s2,$s3);
+		&encstep(1,$s1,$s2,$s3,$s0);
+		&encstep(2,$s2,$s3,$s0,$s1);
+		&encstep(3,$s3,$s0,$s1,$s2);
+	}
+$code.=<<___;
+	sub	\$1,$rnds
+	jnz	.Lenc_loop
+___
+	if ($verticalspin) { &enclastvert(); }
+	else {	&enclast(0,$s0,$s1,$s2,$s3);
+		&enclast(1,$s1,$s2,$s3,$s0);
+		&enclast(2,$s2,$s3,$s0,$s1);
+		&enclast(3,$s3,$s0,$s1,$s2);
+		$code.=<<___;
+		xor	16+0($key),$s0		# xor with key
+		xor	16+4($key),$s1
+		xor	16+8($key),$s2
+		xor	16+12($key),$s3
+___
+	}
+$code.=<<___;
+	.byte	0xf3,0xc3			# rep ret
+.size	_x86_64_AES_encrypt,.-_x86_64_AES_encrypt
+___
+
+# it's possible to implement this by shifting tN by 8, filling least
+# significant byte with byte load and finally bswap-ing at the end,
+# but such partial register load kills Core 2...
+sub enccompactvert()
+{ my ($t3,$t4,$t5)=("%r8d","%r9d","%r13d");
+
+$code.=<<___;
+	movzb	`&lo("$s0")`,$t0
+	movzb	`&lo("$s1")`,$t1
+	movzb	`&lo("$s2")`,$t2
+	movzb	($sbox,$t0,1),$t0
+	movzb	($sbox,$t1,1),$t1
+	movzb	($sbox,$t2,1),$t2
+
+	movzb	`&lo("$s3")`,$t3
+	movzb	`&hi("$s1")`,$acc0
+	movzb	`&hi("$s2")`,$acc1
+	movzb	($sbox,$t3,1),$t3
+	movzb	($sbox,$acc0,1),$t4	#$t0
+	movzb	($sbox,$acc1,1),$t5	#$t1
+
+	movzb	`&hi("$s3")`,$acc2
+	movzb	`&hi("$s0")`,$acc0
+	shr	\$16,$s2
+	movzb	($sbox,$acc2,1),$acc2	#$t2
+	movzb	($sbox,$acc0,1),$acc0	#$t3
+	shr	\$16,$s3
+
+	movzb	`&lo("$s2")`,$acc1
+	shl	\$8,$t4
+	shl	\$8,$t5
+	movzb	($sbox,$acc1,1),$acc1	#$t0
+	xor	$t4,$t0
+	xor	$t5,$t1
+
+	movzb	`&lo("$s3")`,$t4
+	shr	\$16,$s0
+	shr	\$16,$s1
+	movzb	`&lo("$s0")`,$t5
+	shl	\$8,$acc2
+	shl	\$8,$acc0
+	movzb	($sbox,$t4,1),$t4	#$t1
+	movzb	($sbox,$t5,1),$t5	#$t2
+	xor	$acc2,$t2
+	xor	$acc0,$t3
+
+	movzb	`&lo("$s1")`,$acc2
+	movzb	`&hi("$s3")`,$acc0
+	shl	\$16,$acc1
+	movzb	($sbox,$acc2,1),$acc2	#$t3
+	movzb	($sbox,$acc0,1),$acc0	#$t0
+	xor	$acc1,$t0
+
+	movzb	`&hi("$s0")`,$acc1
+	shr	\$8,$s2
+	shr	\$8,$s1
+	movzb	($sbox,$acc1,1),$acc1	#$t1
+	movzb	($sbox,$s2,1),$s3	#$t3
+	movzb	($sbox,$s1,1),$s2	#$t2
+	shl	\$16,$t4
+	shl	\$16,$t5
+	shl	\$16,$acc2
+	xor	$t4,$t1
+	xor	$t5,$t2
+	xor	$acc2,$t3
+
+	shl	\$24,$acc0
+	shl	\$24,$acc1
+	shl	\$24,$s3
+	xor	$acc0,$t0
+	shl	\$24,$s2
+	xor	$acc1,$t1
+	mov	$t0,$s0
+	mov	$t1,$s1
+	xor	$t2,$s2
+	xor	$t3,$s3
+___
+}
+
+sub enctransform_ref()
+{ my $sn = shift;
+  my ($acc,$r2,$tmp)=("%r8d","%r9d","%r13d");
+
+$code.=<<___;
+	mov	$sn,$acc
+	and	\$0x80808080,$acc
+	mov	$acc,$tmp
+	shr	\$7,$tmp
+	lea	($sn,$sn),$r2
+	sub	$tmp,$acc
+	and	\$0xfefefefe,$r2
+	and	\$0x1b1b1b1b,$acc
+	mov	$sn,$tmp
+	xor	$acc,$r2
+
+	xor	$r2,$sn
+	rol	\$24,$sn
+	xor	$r2,$sn
+	ror	\$16,$tmp
+	xor	$tmp,$sn
+	ror	\$8,$tmp
+	xor	$tmp,$sn
+___
+}
+
+# unlike decrypt case it does not pay off to parallelize enctransform
+sub enctransform()
+{ my ($t3,$r20,$r21)=($acc2,"%r8d","%r9d");
+
+$code.=<<___;
+	mov	$s0,$acc0
+	mov	$s1,$acc1
+	and	\$0x80808080,$acc0
+	and	\$0x80808080,$acc1
+	mov	$acc0,$t0
+	mov	$acc1,$t1
+	shr	\$7,$t0
+	lea	($s0,$s0),$r20
+	shr	\$7,$t1
+	lea	($s1,$s1),$r21
+	sub	$t0,$acc0
+	sub	$t1,$acc1
+	and	\$0xfefefefe,$r20
+	and	\$0xfefefefe,$r21
+	and	\$0x1b1b1b1b,$acc0
+	and	\$0x1b1b1b1b,$acc1
+	mov	$s0,$t0
+	mov	$s1,$t1
+	xor	$acc0,$r20
+	xor	$acc1,$r21
+
+	xor	$r20,$s0
+	xor	$r21,$s1
+	 mov	$s2,$acc0
+	 mov	$s3,$acc1
+	rol	\$24,$s0
+	rol	\$24,$s1
+	 and	\$0x80808080,$acc0
+	 and	\$0x80808080,$acc1
+	xor	$r20,$s0
+	xor	$r21,$s1
+	 mov	$acc0,$t2
+	 mov	$acc1,$t3
+	ror	\$16,$t0
+	ror	\$16,$t1
+	 shr	\$7,$t2
+	 lea	($s2,$s2),$r20
+	xor	$t0,$s0
+	xor	$t1,$s1
+	 shr	\$7,$t3
+	 lea	($s3,$s3),$r21
+	ror	\$8,$t0
+	ror	\$8,$t1
+	 sub	$t2,$acc0
+	 sub	$t3,$acc1
+	xor	$t0,$s0
+	xor	$t1,$s1
+
+	and	\$0xfefefefe,$r20
+	and	\$0xfefefefe,$r21
+	and	\$0x1b1b1b1b,$acc0
+	and	\$0x1b1b1b1b,$acc1
+	mov	$s2,$t2
+	mov	$s3,$t3
+	xor	$acc0,$r20
+	xor	$acc1,$r21
+
+	xor	$r20,$s2
+	xor	$r21,$s3
+	rol	\$24,$s2
+	rol	\$24,$s3
+	xor	$r20,$s2
+	xor	$r21,$s3
+	mov	0($sbox),$acc0			# prefetch Te4
+	ror	\$16,$t2
+	ror	\$16,$t3
+	mov	64($sbox),$acc1
+	xor	$t2,$s2
+	xor	$t3,$s3
+	mov	128($sbox),$r20
+	ror	\$8,$t2
+	ror	\$8,$t3
+	mov	192($sbox),$r21
+	xor	$t2,$s2
+	xor	$t3,$s3
+___
+}
+
+$code.=<<___;
+.type	_x86_64_AES_encrypt_compact,\@abi-omnipotent
+.align	16
+_x86_64_AES_encrypt_compact:
+	lea	128($sbox),$inp			# size optimization
+	mov	0-128($inp),$acc1		# prefetch Te4
+	mov	32-128($inp),$acc2
+	mov	64-128($inp),$t0
+	mov	96-128($inp),$t1
+	mov	128-128($inp),$acc1
+	mov	160-128($inp),$acc2
+	mov	192-128($inp),$t0
+	mov	224-128($inp),$t1
+	jmp	.Lenc_loop_compact
+.align	16
+.Lenc_loop_compact:
+		xor	0($key),$s0		# xor with key
+		xor	4($key),$s1
+		xor	8($key),$s2
+		xor	12($key),$s3
+		lea	16($key),$key
+___
+		&enccompactvert();
+$code.=<<___;
+		cmp	16(%rsp),$key
+		je	.Lenc_compact_done
+___
+		&enctransform();
+$code.=<<___;
+	jmp	.Lenc_loop_compact
+.align	16
+.Lenc_compact_done:
+	xor	0($key),$s0
+	xor	4($key),$s1
+	xor	8($key),$s2
+	xor	12($key),$s3
+	.byte	0xf3,0xc3			# rep ret
+.size	_x86_64_AES_encrypt_compact,.-_x86_64_AES_encrypt_compact
+___
+
+# void AES_encrypt (const void *inp,void *out,const AES_KEY *key);
+$code.=<<___;
+.globl	AES_encrypt
+.type	AES_encrypt,\@function,3
+.align	16
+AES_encrypt:
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+
+	# allocate frame "above" key schedule
+	mov	%rsp,%r10
+	lea	-63(%rdx),%rcx	# %rdx is key argument
+	and	\$-64,%rsp
+	sub	%rsp,%rcx
+	neg	%rcx
+	and	\$0x3c0,%rcx
+	sub	%rcx,%rsp
+	sub	\$32,%rsp
+
+	mov	%rsi,16(%rsp)	# save out
+	mov	%r10,24(%rsp)	# save real stack pointer
+.Lenc_prologue:
+
+	mov	%rdx,$key
+	mov	240($key),$rnds	# load rounds
+
+	mov	0(%rdi),$s0	# load input vector
+	mov	4(%rdi),$s1
+	mov	8(%rdi),$s2
+	mov	12(%rdi),$s3
+
+	shl	\$4,$rnds
+	lea	($key,$rnds),%rbp
+	mov	$key,(%rsp)	# key schedule
+	mov	%rbp,8(%rsp)	# end of key schedule
+
+	# pick Te4 copy which can't "overlap" with stack frame or key schedule
+	lea	.LAES_Te+2048(%rip),$sbox
+	lea	768(%rsp),%rbp
+	sub	$sbox,%rbp
+	and	\$0x300,%rbp
+	lea	($sbox,%rbp),$sbox
+
+	call	_x86_64_AES_encrypt_compact
+
+	mov	16(%rsp),$out	# restore out
+	mov	24(%rsp),%rsi	# restore saved stack pointer
+	mov	$s0,0($out)	# write output vector
+	mov	$s1,4($out)
+	mov	$s2,8($out)
+	mov	$s3,12($out)
+
+	mov	(%rsi),%r15
+	mov	8(%rsi),%r14
+	mov	16(%rsi),%r13
+	mov	24(%rsi),%r12
+	mov	32(%rsi),%rbp
+	mov	40(%rsi),%rbx
+	lea	48(%rsi),%rsp
+.Lenc_epilogue:
+	ret
+.size	AES_encrypt,.-AES_encrypt
+___
+
+#------------------------------------------------------------------#
+
+sub decvert()
+{ my $t3="%r8d";	# zaps $inp!
+
+$code.=<<___;
+	# favor 3-way issue Opteron pipeline...
+	movzb	`&lo("$s0")`,$acc0
+	movzb	`&lo("$s1")`,$acc1
+	movzb	`&lo("$s2")`,$acc2
+	mov	0($sbox,$acc0,8),$t0
+	mov	0($sbox,$acc1,8),$t1
+	mov	0($sbox,$acc2,8),$t2
+
+	movzb	`&hi("$s3")`,$acc0
+	movzb	`&hi("$s0")`,$acc1
+	movzb	`&lo("$s3")`,$acc2
+	xor	3($sbox,$acc0,8),$t0
+	xor	3($sbox,$acc1,8),$t1
+	mov	0($sbox,$acc2,8),$t3
+
+	movzb	`&hi("$s1")`,$acc0
+	shr	\$16,$s0
+	movzb	`&hi("$s2")`,$acc2
+	xor	3($sbox,$acc0,8),$t2
+	shr	\$16,$s3
+	xor	3($sbox,$acc2,8),$t3
+
+	shr	\$16,$s1
+	lea	16($key),$key
+	shr	\$16,$s2
+
+	movzb	`&lo("$s2")`,$acc0
+	movzb	`&lo("$s3")`,$acc1
+	movzb	`&lo("$s0")`,$acc2
+	xor	2($sbox,$acc0,8),$t0
+	xor	2($sbox,$acc1,8),$t1
+	xor	2($sbox,$acc2,8),$t2
+
+	movzb	`&hi("$s1")`,$acc0
+	movzb	`&hi("$s2")`,$acc1
+	movzb	`&lo("$s1")`,$acc2
+	xor	1($sbox,$acc0,8),$t0
+	xor	1($sbox,$acc1,8),$t1
+	xor	2($sbox,$acc2,8),$t3
+
+	movzb	`&hi("$s3")`,$acc0
+	mov	12($key),$s3
+	movzb	`&hi("$s0")`,$acc2
+	xor	1($sbox,$acc0,8),$t2
+	mov	0($key),$s0
+	xor	1($sbox,$acc2,8),$t3
+
+	xor	$t0,$s0
+	mov	4($key),$s1
+	mov	8($key),$s2
+	xor	$t2,$s2
+	xor	$t1,$s1
+	xor	$t3,$s3
+___
+}
+
+sub declastvert()
+{ my $t3="%r8d";	# zaps $inp!
+
+$code.=<<___;
+	lea	2048($sbox),$sbox	# size optimization
+	movzb	`&lo("$s0")`,$acc0
+	movzb	`&lo("$s1")`,$acc1
+	movzb	`&lo("$s2")`,$acc2
+	movzb	($sbox,$acc0,1),$t0
+	movzb	($sbox,$acc1,1),$t1
+	movzb	($sbox,$acc2,1),$t2
+
+	movzb	`&lo("$s3")`,$acc0
+	movzb	`&hi("$s3")`,$acc1
+	movzb	`&hi("$s0")`,$acc2
+	movzb	($sbox,$acc0,1),$t3
+	movzb	($sbox,$acc1,1),$acc1	#$t0
+	movzb	($sbox,$acc2,1),$acc2	#$t1
+
+	shl	\$8,$acc1
+	shl	\$8,$acc2
+
+	xor	$acc1,$t0
+	xor	$acc2,$t1
+	shr	\$16,$s3
+
+	movzb	`&hi("$s1")`,$acc0
+	movzb	`&hi("$s2")`,$acc1
+	shr	\$16,$s0
+	movzb	($sbox,$acc0,1),$acc0	#$t2
+	movzb	($sbox,$acc1,1),$acc1	#$t3
+
+	shl	\$8,$acc0
+	shl	\$8,$acc1
+	shr	\$16,$s1
+	xor	$acc0,$t2
+	xor	$acc1,$t3
+	shr	\$16,$s2
+
+	movzb	`&lo("$s2")`,$acc0
+	movzb	`&lo("$s3")`,$acc1
+	movzb	`&lo("$s0")`,$acc2
+	movzb	($sbox,$acc0,1),$acc0	#$t0
+	movzb	($sbox,$acc1,1),$acc1	#$t1
+	movzb	($sbox,$acc2,1),$acc2	#$t2
+
+	shl	\$16,$acc0
+	shl	\$16,$acc1
+	shl	\$16,$acc2
+
+	xor	$acc0,$t0
+	xor	$acc1,$t1
+	xor	$acc2,$t2
+
+	movzb	`&lo("$s1")`,$acc0
+	movzb	`&hi("$s1")`,$acc1
+	movzb	`&hi("$s2")`,$acc2
+	movzb	($sbox,$acc0,1),$acc0	#$t3
+	movzb	($sbox,$acc1,1),$acc1	#$t0
+	movzb	($sbox,$acc2,1),$acc2	#$t1
+
+	shl	\$16,$acc0
+	shl	\$24,$acc1
+	shl	\$24,$acc2
+
+	xor	$acc0,$t3
+	xor	$acc1,$t0
+	xor	$acc2,$t1
+
+	movzb	`&hi("$s3")`,$acc0
+	movzb	`&hi("$s0")`,$acc1
+	mov	16+12($key),$s3
+	movzb	($sbox,$acc0,1),$acc0	#$t2
+	movzb	($sbox,$acc1,1),$acc1	#$t3
+	mov	16+0($key),$s0
+
+	shl	\$24,$acc0
+	shl	\$24,$acc1
+
+	xor	$acc0,$t2
+	xor	$acc1,$t3
+
+	mov	16+4($key),$s1
+	mov	16+8($key),$s2
+	lea	-2048($sbox),$sbox
+	xor	$t0,$s0
+	xor	$t1,$s1
+	xor	$t2,$s2
+	xor	$t3,$s3
+___
+}
+
+sub decstep()
+{ my ($i,@s) = @_;
+  my $tmp0=$acc0;
+  my $tmp1=$acc1;
+  my $tmp2=$acc2;
+  my $out=($t0,$t1,$t2,$s[0])[$i];
+
+	$code.="	mov	$s[0],$out\n"		if ($i!=3);
+			$tmp1=$s[2]			if ($i==3);
+	$code.="	mov	$s[2],$tmp1\n"		if ($i!=3);
+	$code.="	and	\$0xFF,$out\n";
+
+	$code.="	mov	0($sbox,$out,8),$out\n";
+	$code.="	shr	\$16,$tmp1\n";
+			$tmp2=$s[3]			if ($i==3);
+	$code.="	mov	$s[3],$tmp2\n"		if ($i!=3);
+
+			$tmp0=$s[1]			if ($i==3);
+	$code.="	movzb	".&hi($s[1]).",$tmp0\n";
+	$code.="	and	\$0xFF,$tmp1\n";
+	$code.="	shr	\$24,$tmp2\n";
+
+	$code.="	xor	3($sbox,$tmp0,8),$out\n";
+	$code.="	xor	2($sbox,$tmp1,8),$out\n";
+	$code.="	xor	1($sbox,$tmp2,8),$out\n";
+
+	$code.="	mov	$t2,$s[1]\n"		if ($i==3);
+	$code.="	mov	$t1,$s[2]\n"		if ($i==3);
+	$code.="	mov	$t0,$s[3]\n"		if ($i==3);
+	$code.="\n";
+}
+
+sub declast()
+{ my ($i,@s)=@_;
+  my $tmp0=$acc0;
+  my $tmp1=$acc1;
+  my $tmp2=$acc2;
+  my $out=($t0,$t1,$t2,$s[0])[$i];
+
+	$code.="	mov	$s[0],$out\n"		if ($i!=3);
+			$tmp1=$s[2]			if ($i==3);
+	$code.="	mov	$s[2],$tmp1\n"		if ($i!=3);
+	$code.="	and	\$0xFF,$out\n";
+
+	$code.="	movzb	2048($sbox,$out,1),$out\n";
+	$code.="	shr	\$16,$tmp1\n";
+			$tmp2=$s[3]			if ($i==3);
+	$code.="	mov	$s[3],$tmp2\n"		if ($i!=3);
+
+			$tmp0=$s[1]			if ($i==3);
+	$code.="	movzb	".&hi($s[1]).",$tmp0\n";
+	$code.="	and	\$0xFF,$tmp1\n";
+	$code.="	shr	\$24,$tmp2\n";
+
+	$code.="	movzb	2048($sbox,$tmp0,1),$tmp0\n";
+	$code.="	movzb	2048($sbox,$tmp1,1),$tmp1\n";
+	$code.="	movzb	2048($sbox,$tmp2,1),$tmp2\n";
+
+	$code.="	shl	\$8,$tmp0\n";
+	$code.="	shl	\$16,$tmp1\n";
+	$code.="	shl	\$24,$tmp2\n";
+
+	$code.="	xor	$tmp0,$out\n";
+	$code.="	mov	$t2,$s[1]\n"		if ($i==3);
+	$code.="	xor	$tmp1,$out\n";
+	$code.="	mov	$t1,$s[2]\n"		if ($i==3);
+	$code.="	xor	$tmp2,$out\n";
+	$code.="	mov	$t0,$s[3]\n"		if ($i==3);
+	$code.="\n";
+}
+
+$code.=<<___;
+.type	_x86_64_AES_decrypt,\@abi-omnipotent
+.align	16
+_x86_64_AES_decrypt:
+	xor	0($key),$s0			# xor with key
+	xor	4($key),$s1
+	xor	8($key),$s2
+	xor	12($key),$s3
+
+	mov	240($key),$rnds			# load key->rounds
+	sub	\$1,$rnds
+	jmp	.Ldec_loop
+.align	16
+.Ldec_loop:
+___
+	if ($verticalspin) { &decvert(); }
+	else {	&decstep(0,$s0,$s3,$s2,$s1);
+		&decstep(1,$s1,$s0,$s3,$s2);
+		&decstep(2,$s2,$s1,$s0,$s3);
+		&decstep(3,$s3,$s2,$s1,$s0);
+		$code.=<<___;
+		lea	16($key),$key
+		xor	0($key),$s0			# xor with key
+		xor	4($key),$s1
+		xor	8($key),$s2
+		xor	12($key),$s3
+___
+	}
+$code.=<<___;
+	sub	\$1,$rnds
+	jnz	.Ldec_loop
+___
+	if ($verticalspin) { &declastvert(); }
+	else {	&declast(0,$s0,$s3,$s2,$s1);
+		&declast(1,$s1,$s0,$s3,$s2);
+		&declast(2,$s2,$s1,$s0,$s3);
+		&declast(3,$s3,$s2,$s1,$s0);
+		$code.=<<___;
+		xor	16+0($key),$s0			# xor with key
+		xor	16+4($key),$s1
+		xor	16+8($key),$s2
+		xor	16+12($key),$s3
+___
+	}
+$code.=<<___;
+	.byte	0xf3,0xc3			# rep ret
+.size	_x86_64_AES_decrypt,.-_x86_64_AES_decrypt
+___
+
+sub deccompactvert()
+{ my ($t3,$t4,$t5)=("%r8d","%r9d","%r13d");
+
+$code.=<<___;
+	movzb	`&lo("$s0")`,$t0
+	movzb	`&lo("$s1")`,$t1
+	movzb	`&lo("$s2")`,$t2
+	movzb	($sbox,$t0,1),$t0
+	movzb	($sbox,$t1,1),$t1
+	movzb	($sbox,$t2,1),$t2
+
+	movzb	`&lo("$s3")`,$t3
+	movzb	`&hi("$s3")`,$acc0
+	movzb	`&hi("$s0")`,$acc1
+	movzb	($sbox,$t3,1),$t3
+	movzb	($sbox,$acc0,1),$t4	#$t0
+	movzb	($sbox,$acc1,1),$t5	#$t1
+
+	movzb	`&hi("$s1")`,$acc2
+	movzb	`&hi("$s2")`,$acc0
+	shr	\$16,$s2
+	movzb	($sbox,$acc2,1),$acc2	#$t2
+	movzb	($sbox,$acc0,1),$acc0	#$t3
+	shr	\$16,$s3
+
+	movzb	`&lo("$s2")`,$acc1
+	shl	\$8,$t4
+	shl	\$8,$t5
+	movzb	($sbox,$acc1,1),$acc1	#$t0
+	xor	$t4,$t0
+	xor	$t5,$t1
+
+	movzb	`&lo("$s3")`,$t4
+	shr	\$16,$s0
+	shr	\$16,$s1
+	movzb	`&lo("$s0")`,$t5
+	shl	\$8,$acc2
+	shl	\$8,$acc0
+	movzb	($sbox,$t4,1),$t4	#$t1
+	movzb	($sbox,$t5,1),$t5	#$t2
+	xor	$acc2,$t2
+	xor	$acc0,$t3
+
+	movzb	`&lo("$s1")`,$acc2
+	movzb	`&hi("$s1")`,$acc0
+	shl	\$16,$acc1
+	movzb	($sbox,$acc2,1),$acc2	#$t3
+	movzb	($sbox,$acc0,1),$acc0	#$t0
+	xor	$acc1,$t0
+
+	movzb	`&hi("$s2")`,$acc1
+	shl	\$16,$t4
+	shl	\$16,$t5
+	movzb	($sbox,$acc1,1),$s1	#$t1
+	xor	$t4,$t1
+	xor	$t5,$t2
+
+	movzb	`&hi("$s3")`,$acc1
+	shr	\$8,$s0
+	shl	\$16,$acc2
+	movzb	($sbox,$acc1,1),$s2	#$t2
+	movzb	($sbox,$s0,1),$s3	#$t3
+	xor	$acc2,$t3
+
+	shl	\$24,$acc0
+	shl	\$24,$s1
+	shl	\$24,$s2
+	xor	$acc0,$t0
+	shl	\$24,$s3
+	xor	$t1,$s1
+	mov	$t0,$s0
+	xor	$t2,$s2
+	xor	$t3,$s3
+___
+}
+
+# parallelized version! input is pair of 64-bit values: %rax=s1.s0
+# and %rcx=s3.s2, output is four 32-bit values in %eax=s0, %ebx=s1,
+# %ecx=s2 and %edx=s3.
+sub dectransform()
+{ my ($tp10,$tp20,$tp40,$tp80,$acc0)=("%rax","%r8", "%r9", "%r10","%rbx");
+  my ($tp18,$tp28,$tp48,$tp88,$acc8)=("%rcx","%r11","%r12","%r13","%rdx");
+  my $prefetch = shift;
+
+$code.=<<___;
+	mov	$tp10,$acc0
+	mov	$tp18,$acc8
+	and	$mask80,$acc0
+	and	$mask80,$acc8
+	mov	$acc0,$tp40
+	mov	$acc8,$tp48
+	shr	\$7,$tp40
+	lea	($tp10,$tp10),$tp20
+	shr	\$7,$tp48
+	lea	($tp18,$tp18),$tp28
+	sub	$tp40,$acc0
+	sub	$tp48,$acc8
+	and	$maskfe,$tp20
+	and	$maskfe,$tp28
+	and	$mask1b,$acc0
+	and	$mask1b,$acc8
+	xor	$tp20,$acc0
+	xor	$tp28,$acc8
+	mov	$acc0,$tp20
+	mov	$acc8,$tp28
+
+	and	$mask80,$acc0
+	and	$mask80,$acc8
+	mov	$acc0,$tp80
+	mov	$acc8,$tp88
+	shr	\$7,$tp80
+	lea	($tp20,$tp20),$tp40
+	shr	\$7,$tp88
+	lea	($tp28,$tp28),$tp48
+	sub	$tp80,$acc0
+	sub	$tp88,$acc8
+	and	$maskfe,$tp40
+	and	$maskfe,$tp48
+	and	$mask1b,$acc0
+	and	$mask1b,$acc8
+	xor	$tp40,$acc0
+	xor	$tp48,$acc8
+	mov	$acc0,$tp40
+	mov	$acc8,$tp48
+
+	and	$mask80,$acc0
+	and	$mask80,$acc8
+	mov	$acc0,$tp80
+	mov	$acc8,$tp88
+	shr	\$7,$tp80
+	 xor	$tp10,$tp20		# tp2^=tp1
+	shr	\$7,$tp88
+	 xor	$tp18,$tp28		# tp2^=tp1
+	sub	$tp80,$acc0
+	sub	$tp88,$acc8
+	lea	($tp40,$tp40),$tp80
+	lea	($tp48,$tp48),$tp88
+	 xor	$tp10,$tp40		# tp4^=tp1
+	 xor	$tp18,$tp48		# tp4^=tp1
+	and	$maskfe,$tp80
+	and	$maskfe,$tp88
+	and	$mask1b,$acc0
+	and	$mask1b,$acc8
+	xor	$acc0,$tp80
+	xor	$acc8,$tp88
+
+	xor	$tp80,$tp10		# tp1^=tp8
+	xor	$tp88,$tp18		# tp1^=tp8
+	xor	$tp80,$tp20		# tp2^tp1^=tp8
+	xor	$tp88,$tp28		# tp2^tp1^=tp8
+	mov	$tp10,$acc0
+	mov	$tp18,$acc8
+	xor	$tp80,$tp40		# tp4^tp1^=tp8
+	xor	$tp88,$tp48		# tp4^tp1^=tp8
+	shr	\$32,$acc0
+	shr	\$32,$acc8
+	xor	$tp20,$tp80		# tp8^=tp8^tp2^tp1=tp2^tp1
+	xor	$tp28,$tp88		# tp8^=tp8^tp2^tp1=tp2^tp1
+	rol	\$8,`&LO("$tp10")`	# ROTATE(tp1^tp8,8)
+	rol	\$8,`&LO("$tp18")`	# ROTATE(tp1^tp8,8)
+	xor	$tp40,$tp80		# tp2^tp1^=tp8^tp4^tp1=tp8^tp4^tp2
+	xor	$tp48,$tp88		# tp2^tp1^=tp8^tp4^tp1=tp8^tp4^tp2
+
+	rol	\$8,`&LO("$acc0")`	# ROTATE(tp1^tp8,8)
+	rol	\$8,`&LO("$acc8")`	# ROTATE(tp1^tp8,8)
+	xor	`&LO("$tp80")`,`&LO("$tp10")`
+	xor	`&LO("$tp88")`,`&LO("$tp18")`
+	shr	\$32,$tp80
+	shr	\$32,$tp88
+	xor	`&LO("$tp80")`,`&LO("$acc0")`
+	xor	`&LO("$tp88")`,`&LO("$acc8")`
+
+	mov	$tp20,$tp80
+	mov	$tp28,$tp88
+	shr	\$32,$tp80
+	shr	\$32,$tp88
+	rol	\$24,`&LO("$tp20")`	# ROTATE(tp2^tp1^tp8,24)
+	rol	\$24,`&LO("$tp28")`	# ROTATE(tp2^tp1^tp8,24)
+	rol	\$24,`&LO("$tp80")`	# ROTATE(tp2^tp1^tp8,24)
+	rol	\$24,`&LO("$tp88")`	# ROTATE(tp2^tp1^tp8,24)
+	xor	`&LO("$tp20")`,`&LO("$tp10")`
+	xor	`&LO("$tp28")`,`&LO("$tp18")`
+	mov	$tp40,$tp20
+	mov	$tp48,$tp28
+	xor	`&LO("$tp80")`,`&LO("$acc0")`
+	xor	`&LO("$tp88")`,`&LO("$acc8")`
+
+	`"mov	0($sbox),$mask80"	if ($prefetch)`
+	shr	\$32,$tp20
+	shr	\$32,$tp28
+	`"mov	64($sbox),$maskfe"	if ($prefetch)`
+	rol	\$16,`&LO("$tp40")`	# ROTATE(tp4^tp1^tp8,16)
+	rol	\$16,`&LO("$tp48")`	# ROTATE(tp4^tp1^tp8,16)
+	`"mov	128($sbox),$mask1b"	if ($prefetch)`
+	rol	\$16,`&LO("$tp20")`	# ROTATE(tp4^tp1^tp8,16)
+	rol	\$16,`&LO("$tp28")`	# ROTATE(tp4^tp1^tp8,16)
+	`"mov	192($sbox),$tp80"	if ($prefetch)`
+	xor	`&LO("$tp40")`,`&LO("$tp10")`
+	xor	`&LO("$tp48")`,`&LO("$tp18")`
+	`"mov	256($sbox),$tp88"	if ($prefetch)`
+	xor	`&LO("$tp20")`,`&LO("$acc0")`
+	xor	`&LO("$tp28")`,`&LO("$acc8")`
+___
+}
+
+$code.=<<___;
+.type	_x86_64_AES_decrypt_compact,\@abi-omnipotent
+.align	16
+_x86_64_AES_decrypt_compact:
+	lea	128($sbox),$inp			# size optimization
+	mov	0-128($inp),$acc1		# prefetch Td4
+	mov	32-128($inp),$acc2
+	mov	64-128($inp),$t0
+	mov	96-128($inp),$t1
+	mov	128-128($inp),$acc1
+	mov	160-128($inp),$acc2
+	mov	192-128($inp),$t0
+	mov	224-128($inp),$t1
+	jmp	.Ldec_loop_compact
+
+.align	16
+.Ldec_loop_compact:
+		xor	0($key),$s0		# xor with key
+		xor	4($key),$s1
+		xor	8($key),$s2
+		xor	12($key),$s3
+		lea	16($key),$key
+___
+		&deccompactvert();
+$code.=<<___;
+		cmp	16(%rsp),$key
+		je	.Ldec_compact_done
+
+		mov	256+0($sbox),$mask80
+		shl	\$32,%rbx
+		shl	\$32,%rdx
+		mov	256+8($sbox),$maskfe
+		or	%rbx,%rax
+		or	%rdx,%rcx
+		mov	256+16($sbox),$mask1b
+___
+		&dectransform(1);
+$code.=<<___;
+	jmp	.Ldec_loop_compact
+.align	16
+.Ldec_compact_done:
+	xor	0($key),$s0
+	xor	4($key),$s1
+	xor	8($key),$s2
+	xor	12($key),$s3
+	.byte	0xf3,0xc3			# rep ret
+.size	_x86_64_AES_decrypt_compact,.-_x86_64_AES_decrypt_compact
+___
+
+# void AES_decrypt (const void *inp,void *out,const AES_KEY *key);
+$code.=<<___;
+.globl	AES_decrypt
+.type	AES_decrypt,\@function,3
+.align	16
+AES_decrypt:
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+
+	# allocate frame "above" key schedule
+	mov	%rsp,%r10
+	lea	-63(%rdx),%rcx	# %rdx is key argument
+	and	\$-64,%rsp
+	sub	%rsp,%rcx
+	neg	%rcx
+	and	\$0x3c0,%rcx
+	sub	%rcx,%rsp
+	sub	\$32,%rsp
+
+	mov	%rsi,16(%rsp)	# save out
+	mov	%r10,24(%rsp)	# save real stack pointer
+.Ldec_prologue:
+
+	mov	%rdx,$key
+	mov	240($key),$rnds	# load rounds
+
+	mov	0(%rdi),$s0	# load input vector
+	mov	4(%rdi),$s1
+	mov	8(%rdi),$s2
+	mov	12(%rdi),$s3
+
+	shl	\$4,$rnds
+	lea	($key,$rnds),%rbp
+	mov	$key,(%rsp)	# key schedule
+	mov	%rbp,8(%rsp)	# end of key schedule
+
+	# pick Td4 copy which can't "overlap" with stack frame or key schedule
+	lea	.LAES_Td+2048(%rip),$sbox
+	lea	768(%rsp),%rbp
+	sub	$sbox,%rbp
+	and	\$0x300,%rbp
+	lea	($sbox,%rbp),$sbox
+	shr	\$3,%rbp	# recall "magic" constants!
+	add	%rbp,$sbox
+
+	call	_x86_64_AES_decrypt_compact
+
+	mov	16(%rsp),$out	# restore out
+	mov	24(%rsp),%rsi	# restore saved stack pointer
+	mov	$s0,0($out)	# write output vector
+	mov	$s1,4($out)
+	mov	$s2,8($out)
+	mov	$s3,12($out)
+
+	mov	(%rsi),%r15
+	mov	8(%rsi),%r14
+	mov	16(%rsi),%r13
+	mov	24(%rsi),%r12
+	mov	32(%rsi),%rbp
+	mov	40(%rsi),%rbx
+	lea	48(%rsi),%rsp
+.Ldec_epilogue:
+	ret
+.size	AES_decrypt,.-AES_decrypt
+___
+#------------------------------------------------------------------#
+
+sub enckey()
+{
+$code.=<<___;
+	movz	%dl,%esi		# rk[i]>>0
+	movzb	-128(%rbp,%rsi),%ebx
+	movz	%dh,%esi		# rk[i]>>8
+	shl	\$24,%ebx
+	xor	%ebx,%eax
+
+	movzb	-128(%rbp,%rsi),%ebx
+	shr	\$16,%edx
+	movz	%dl,%esi		# rk[i]>>16
+	xor	%ebx,%eax
+
+	movzb	-128(%rbp,%rsi),%ebx
+	movz	%dh,%esi		# rk[i]>>24
+	shl	\$8,%ebx
+	xor	%ebx,%eax
+
+	movzb	-128(%rbp,%rsi),%ebx
+	shl	\$16,%ebx
+	xor	%ebx,%eax
+
+	xor	1024-128(%rbp,%rcx,4),%eax		# rcon
+___
+}
+
+# int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
+#                        AES_KEY *key)
+$code.=<<___;
+.globl	AES_set_encrypt_key
+.type	AES_set_encrypt_key,\@function,3
+.align	16
+AES_set_encrypt_key:
+	push	%rbx
+	push	%rbp
+	push	%r12			# redundant, but allows to share 
+	push	%r13			# exception handler...
+	push	%r14
+	push	%r15
+	sub	\$8,%rsp
+.Lenc_key_prologue:
+
+	call	_x86_64_AES_set_encrypt_key
+
+	mov	8(%rsp),%r15
+	mov	16(%rsp),%r14
+	mov	24(%rsp),%r13
+	mov	32(%rsp),%r12
+	mov	40(%rsp),%rbp
+	mov	48(%rsp),%rbx
+	add	\$56,%rsp
+.Lenc_key_epilogue:
+	ret
+.size	AES_set_encrypt_key,.-AES_set_encrypt_key
+
+.type	_x86_64_AES_set_encrypt_key,\@abi-omnipotent
+.align	16
+_x86_64_AES_set_encrypt_key:
+	mov	%esi,%ecx			# %ecx=bits
+	mov	%rdi,%rsi			# %rsi=userKey
+	mov	%rdx,%rdi			# %rdi=key
+
+	test	\$-1,%rsi
+	jz	.Lbadpointer
+	test	\$-1,%rdi
+	jz	.Lbadpointer
+
+	lea	.LAES_Te(%rip),%rbp
+	lea	2048+128(%rbp),%rbp
+
+	# prefetch Te4
+	mov	0-128(%rbp),%eax
+	mov	32-128(%rbp),%ebx
+	mov	64-128(%rbp),%r8d
+	mov	96-128(%rbp),%edx
+	mov	128-128(%rbp),%eax
+	mov	160-128(%rbp),%ebx
+	mov	192-128(%rbp),%r8d
+	mov	224-128(%rbp),%edx
+
+	cmp	\$128,%ecx
+	je	.L10rounds
+	cmp	\$192,%ecx
+	je	.L12rounds
+	cmp	\$256,%ecx
+	je	.L14rounds
+	mov	\$-2,%rax			# invalid number of bits
+	jmp	.Lexit
+
+.L10rounds:
+	mov	0(%rsi),%rax			# copy first 4 dwords
+	mov	8(%rsi),%rdx
+	mov	%rax,0(%rdi)
+	mov	%rdx,8(%rdi)
+
+	shr	\$32,%rdx
+	xor	%ecx,%ecx
+	jmp	.L10shortcut
+.align	4
+.L10loop:
+		mov	0(%rdi),%eax			# rk[0]
+		mov	12(%rdi),%edx			# rk[3]
+.L10shortcut:
+___
+		&enckey	();
+$code.=<<___;
+		mov	%eax,16(%rdi)			# rk[4]
+		xor	4(%rdi),%eax
+		mov	%eax,20(%rdi)			# rk[5]
+		xor	8(%rdi),%eax
+		mov	%eax,24(%rdi)			# rk[6]
+		xor	12(%rdi),%eax
+		mov	%eax,28(%rdi)			# rk[7]
+		add	\$1,%ecx
+		lea	16(%rdi),%rdi
+		cmp	\$10,%ecx
+	jl	.L10loop
+
+	movl	\$10,80(%rdi)			# setup number of rounds
+	xor	%rax,%rax
+	jmp	.Lexit
+
+.L12rounds:
+	mov	0(%rsi),%rax			# copy first 6 dwords
+	mov	8(%rsi),%rbx
+	mov	16(%rsi),%rdx
+	mov	%rax,0(%rdi)
+	mov	%rbx,8(%rdi)
+	mov	%rdx,16(%rdi)
+
+	shr	\$32,%rdx
+	xor	%ecx,%ecx
+	jmp	.L12shortcut
+.align	4
+.L12loop:
+		mov	0(%rdi),%eax			# rk[0]
+		mov	20(%rdi),%edx			# rk[5]
+.L12shortcut:
+___
+		&enckey	();
+$code.=<<___;
+		mov	%eax,24(%rdi)			# rk[6]
+		xor	4(%rdi),%eax
+		mov	%eax,28(%rdi)			# rk[7]
+		xor	8(%rdi),%eax
+		mov	%eax,32(%rdi)			# rk[8]
+		xor	12(%rdi),%eax
+		mov	%eax,36(%rdi)			# rk[9]
+
+		cmp	\$7,%ecx
+		je	.L12break
+		add	\$1,%ecx
+
+		xor	16(%rdi),%eax
+		mov	%eax,40(%rdi)			# rk[10]
+		xor	20(%rdi),%eax
+		mov	%eax,44(%rdi)			# rk[11]
+
+		lea	24(%rdi),%rdi
+	jmp	.L12loop
+.L12break:
+	movl	\$12,72(%rdi)		# setup number of rounds
+	xor	%rax,%rax
+	jmp	.Lexit
+
+.L14rounds:		
+	mov	0(%rsi),%rax			# copy first 8 dwords
+	mov	8(%rsi),%rbx
+	mov	16(%rsi),%rcx
+	mov	24(%rsi),%rdx
+	mov	%rax,0(%rdi)
+	mov	%rbx,8(%rdi)
+	mov	%rcx,16(%rdi)
+	mov	%rdx,24(%rdi)
+
+	shr	\$32,%rdx
+	xor	%ecx,%ecx
+	jmp	.L14shortcut
+.align	4
+.L14loop:
+		mov	0(%rdi),%eax			# rk[0]
+		mov	28(%rdi),%edx			# rk[4]
+.L14shortcut:
+___
+		&enckey	();
+$code.=<<___;
+		mov	%eax,32(%rdi)			# rk[8]
+		xor	4(%rdi),%eax
+		mov	%eax,36(%rdi)			# rk[9]
+		xor	8(%rdi),%eax
+		mov	%eax,40(%rdi)			# rk[10]
+		xor	12(%rdi),%eax
+		mov	%eax,44(%rdi)			# rk[11]
+
+		cmp	\$6,%ecx
+		je	.L14break
+		add	\$1,%ecx
+
+		mov	%eax,%edx
+		mov	16(%rdi),%eax			# rk[4]
+		movz	%dl,%esi			# rk[11]>>0
+		movzb	-128(%rbp,%rsi),%ebx
+		movz	%dh,%esi			# rk[11]>>8
+		xor	%ebx,%eax
+
+		movzb	-128(%rbp,%rsi),%ebx
+		shr	\$16,%edx
+		shl	\$8,%ebx
+		movz	%dl,%esi			# rk[11]>>16
+		xor	%ebx,%eax
+
+		movzb	-128(%rbp,%rsi),%ebx
+		movz	%dh,%esi			# rk[11]>>24
+		shl	\$16,%ebx
+		xor	%ebx,%eax
+
+		movzb	-128(%rbp,%rsi),%ebx
+		shl	\$24,%ebx
+		xor	%ebx,%eax
+
+		mov	%eax,48(%rdi)			# rk[12]
+		xor	20(%rdi),%eax
+		mov	%eax,52(%rdi)			# rk[13]
+		xor	24(%rdi),%eax
+		mov	%eax,56(%rdi)			# rk[14]
+		xor	28(%rdi),%eax
+		mov	%eax,60(%rdi)			# rk[15]
+
+		lea	32(%rdi),%rdi
+	jmp	.L14loop
+.L14break:
+	movl	\$14,48(%rdi)		# setup number of rounds
+	xor	%rax,%rax
+	jmp	.Lexit
+
+.Lbadpointer:
+	mov	\$-1,%rax
+.Lexit:
+	.byte	0xf3,0xc3			# rep ret
+.size	_x86_64_AES_set_encrypt_key,.-_x86_64_AES_set_encrypt_key
+___
+
+sub deckey_ref()
+{ my ($i,$ptr,$te,$td) = @_;
+  my ($tp1,$tp2,$tp4,$tp8,$acc)=("%eax","%ebx","%edi","%edx","%r8d");
+$code.=<<___;
+	mov	$i($ptr),$tp1
+	mov	$tp1,$acc
+	and	\$0x80808080,$acc
+	mov	$acc,$tp4
+	shr	\$7,$tp4
+	lea	0($tp1,$tp1),$tp2
+	sub	$tp4,$acc
+	and	\$0xfefefefe,$tp2
+	and	\$0x1b1b1b1b,$acc
+	xor	$tp2,$acc
+	mov	$acc,$tp2
+
+	and	\$0x80808080,$acc
+	mov	$acc,$tp8
+	shr	\$7,$tp8
+	lea	0($tp2,$tp2),$tp4
+	sub	$tp8,$acc
+	and	\$0xfefefefe,$tp4
+	and	\$0x1b1b1b1b,$acc
+	 xor	$tp1,$tp2		# tp2^tp1
+	xor	$tp4,$acc
+	mov	$acc,$tp4
+
+	and	\$0x80808080,$acc
+	mov	$acc,$tp8
+	shr	\$7,$tp8
+	sub	$tp8,$acc
+	lea	0($tp4,$tp4),$tp8
+	 xor	$tp1,$tp4		# tp4^tp1
+	and	\$0xfefefefe,$tp8
+	and	\$0x1b1b1b1b,$acc
+	xor	$acc,$tp8
+
+	xor	$tp8,$tp1		# tp1^tp8
+	rol	\$8,$tp1		# ROTATE(tp1^tp8,8)
+	xor	$tp8,$tp2		# tp2^tp1^tp8
+	xor	$tp8,$tp4		# tp4^tp1^tp8
+	xor	$tp2,$tp8
+	xor	$tp4,$tp8		# tp8^(tp8^tp4^tp1)^(tp8^tp2^tp1)=tp8^tp4^tp2
+
+	xor	$tp8,$tp1
+	rol	\$24,$tp2		# ROTATE(tp2^tp1^tp8,24)
+	xor	$tp2,$tp1
+	rol	\$16,$tp4		# ROTATE(tp4^tp1^tp8,16)
+	xor	$tp4,$tp1
+
+	mov	$tp1,$i($ptr)
+___
+}
+
+# int AES_set_decrypt_key(const unsigned char *userKey, const int bits,
+#                        AES_KEY *key)
+$code.=<<___;
+.globl	AES_set_decrypt_key
+.type	AES_set_decrypt_key,\@function,3
+.align	16
+AES_set_decrypt_key:
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	push	%rdx			# save key schedule
+.Ldec_key_prologue:
+
+	call	_x86_64_AES_set_encrypt_key
+	mov	(%rsp),%r8		# restore key schedule
+	cmp	\$0,%eax
+	jne	.Labort
+
+	mov	240(%r8),%r14d		# pull number of rounds
+	xor	%rdi,%rdi
+	lea	(%rdi,%r14d,4),%rcx
+	mov	%r8,%rsi
+	lea	(%r8,%rcx,4),%rdi	# pointer to last chunk
+.align	4
+.Linvert:
+		mov	0(%rsi),%rax
+		mov	8(%rsi),%rbx
+		mov	0(%rdi),%rcx
+		mov	8(%rdi),%rdx
+		mov	%rax,0(%rdi)
+		mov	%rbx,8(%rdi)
+		mov	%rcx,0(%rsi)
+		mov	%rdx,8(%rsi)
+		lea	16(%rsi),%rsi
+		lea	-16(%rdi),%rdi
+		cmp	%rsi,%rdi
+	jne	.Linvert
+
+	lea	.LAES_Te+2048+1024(%rip),%rax	# rcon
+
+	mov	40(%rax),$mask80
+	mov	48(%rax),$maskfe
+	mov	56(%rax),$mask1b
+
+	mov	%r8,$key
+	sub	\$1,%r14d
+.align	4
+.Lpermute:
+		lea	16($key),$key
+		mov	0($key),%rax
+		mov	8($key),%rcx
+___
+		&dectransform ();
+$code.=<<___;
+		mov	%eax,0($key)
+		mov	%ebx,4($key)
+		mov	%ecx,8($key)
+		mov	%edx,12($key)
+		sub	\$1,%r14d
+	jnz	.Lpermute
+
+	xor	%rax,%rax
+.Labort:
+	mov	8(%rsp),%r15
+	mov	16(%rsp),%r14
+	mov	24(%rsp),%r13
+	mov	32(%rsp),%r12
+	mov	40(%rsp),%rbp
+	mov	48(%rsp),%rbx
+	add	\$56,%rsp
+.Ldec_key_epilogue:
+	ret
+.size	AES_set_decrypt_key,.-AES_set_decrypt_key
+___
+
+# void AES_cbc_encrypt (const void char *inp, unsigned char *out,
+#			size_t length, const AES_KEY *key,
+#			unsigned char *ivp,const int enc);
+{
+# stack frame layout
+# -8(%rsp)		return address
+my $keyp="0(%rsp)";		# one to pass as $key
+my $keyend="8(%rsp)";		# &(keyp->rd_key[4*keyp->rounds])
+my $_rsp="16(%rsp)";		# saved %rsp
+my $_inp="24(%rsp)";		# copy of 1st parameter, inp
+my $_out="32(%rsp)";		# copy of 2nd parameter, out
+my $_len="40(%rsp)";		# copy of 3rd parameter, length
+my $_key="48(%rsp)";		# copy of 4th parameter, key
+my $_ivp="56(%rsp)";		# copy of 5th parameter, ivp
+my $ivec="64(%rsp)";		# ivec[16]
+my $aes_key="80(%rsp)";		# copy of aes_key
+my $mark="80+240(%rsp)";	# copy of aes_key->rounds
+
+$code.=<<___;
+.globl	AES_cbc_encrypt
+.type	AES_cbc_encrypt,\@function,6
+.align	16
+.extern	OPENSSL_ia32cap_P
+AES_cbc_encrypt:
+	cmp	\$0,%rdx	# check length
+	je	.Lcbc_epilogue
+	pushfq
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+.Lcbc_prologue:
+
+	cld
+	mov	%r9d,%r9d	# clear upper half of enc
+
+	lea	.LAES_Te(%rip),$sbox
+	cmp	\$0,%r9
+	jne	.Lcbc_picked_te
+	lea	.LAES_Td(%rip),$sbox
+.Lcbc_picked_te:
+
+	mov	OPENSSL_ia32cap_P(%rip),%r10d
+	cmp	\$$speed_limit,%rdx
+	jb	.Lcbc_slow_prologue
+	test	\$15,%rdx
+	jnz	.Lcbc_slow_prologue
+	bt	\$28,%r10d
+	jc	.Lcbc_slow_prologue
+
+	# allocate aligned stack frame...
+	lea	-88-248(%rsp),$key
+	and	\$-64,$key
+
+	# ... and make sure it doesn't alias with AES_T[ed] modulo 4096
+	mov	$sbox,%r10
+	lea	2304($sbox),%r11
+	mov	$key,%r12
+	and	\$0xFFF,%r10	# s = $sbox&0xfff
+	and	\$0xFFF,%r11	# e = ($sbox+2048)&0xfff
+	and	\$0xFFF,%r12	# p = %rsp&0xfff
+
+	cmp	%r11,%r12	# if (p=>e) %rsp =- (p-e);
+	jb	.Lcbc_te_break_out
+	sub	%r11,%r12
+	sub	%r12,$key
+	jmp	.Lcbc_te_ok
+.Lcbc_te_break_out:		# else %rsp -= (p-s)&0xfff + framesz
+	sub	%r10,%r12
+	and	\$0xFFF,%r12
+	add	\$320,%r12
+	sub	%r12,$key
+.align	4
+.Lcbc_te_ok:
+
+	xchg	%rsp,$key
+	#add	\$8,%rsp	# reserve for return address!
+	mov	$key,$_rsp	# save %rsp
+.Lcbc_fast_body:
+	mov	%rdi,$_inp	# save copy of inp
+	mov	%rsi,$_out	# save copy of out
+	mov	%rdx,$_len	# save copy of len
+	mov	%rcx,$_key	# save copy of key
+	mov	%r8,$_ivp	# save copy of ivp
+	movl	\$0,$mark	# copy of aes_key->rounds = 0;
+	mov	%r8,%rbp	# rearrange input arguments
+	mov	%r9,%rbx
+	mov	%rsi,$out
+	mov	%rdi,$inp
+	mov	%rcx,$key
+
+	mov	240($key),%eax		# key->rounds
+	# do we copy key schedule to stack?
+	mov	$key,%r10
+	sub	$sbox,%r10
+	and	\$0xfff,%r10
+	cmp	\$2304,%r10
+	jb	.Lcbc_do_ecopy
+	cmp	\$4096-248,%r10
+	jb	.Lcbc_skip_ecopy
+.align	4
+.Lcbc_do_ecopy:
+		mov	$key,%rsi
+		lea	$aes_key,%rdi
+		lea	$aes_key,$key
+		mov	\$240/8,%ecx
+		.long	0x90A548F3	# rep movsq
+		mov	%eax,(%rdi)	# copy aes_key->rounds
+.Lcbc_skip_ecopy:
+	mov	$key,$keyp	# save key pointer
+
+	mov	\$18,%ecx
+.align	4
+.Lcbc_prefetch_te:
+		mov	0($sbox),%r10
+		mov	32($sbox),%r11
+		mov	64($sbox),%r12
+		mov	96($sbox),%r13
+		lea	128($sbox),$sbox
+		sub	\$1,%ecx
+	jnz	.Lcbc_prefetch_te
+	lea	-2304($sbox),$sbox
+
+	cmp	\$0,%rbx
+	je	.LFAST_DECRYPT
+
+#----------------------------- ENCRYPT -----------------------------#
+	mov	0(%rbp),$s0		# load iv
+	mov	4(%rbp),$s1
+	mov	8(%rbp),$s2
+	mov	12(%rbp),$s3
+
+.align	4
+.Lcbc_fast_enc_loop:
+		xor	0($inp),$s0
+		xor	4($inp),$s1
+		xor	8($inp),$s2
+		xor	12($inp),$s3
+		mov	$keyp,$key	# restore key
+		mov	$inp,$_inp	# if ($verticalspin) save inp
+
+		call	_x86_64_AES_encrypt
+
+		mov	$_inp,$inp	# if ($verticalspin) restore inp
+		mov	$_len,%r10
+		mov	$s0,0($out)
+		mov	$s1,4($out)
+		mov	$s2,8($out)
+		mov	$s3,12($out)
+
+		lea	16($inp),$inp
+		lea	16($out),$out
+		sub	\$16,%r10
+		test	\$-16,%r10
+		mov	%r10,$_len
+	jnz	.Lcbc_fast_enc_loop
+	mov	$_ivp,%rbp	# restore ivp
+	mov	$s0,0(%rbp)	# save ivec
+	mov	$s1,4(%rbp)
+	mov	$s2,8(%rbp)
+	mov	$s3,12(%rbp)
+
+	jmp	.Lcbc_fast_cleanup
+
+#----------------------------- DECRYPT -----------------------------#
+.align	16
+.LFAST_DECRYPT:
+	cmp	$inp,$out
+	je	.Lcbc_fast_dec_in_place
+
+	mov	%rbp,$ivec
+.align	4
+.Lcbc_fast_dec_loop:
+		mov	0($inp),$s0	# read input
+		mov	4($inp),$s1
+		mov	8($inp),$s2
+		mov	12($inp),$s3
+		mov	$keyp,$key	# restore key
+		mov	$inp,$_inp	# if ($verticalspin) save inp
+
+		call	_x86_64_AES_decrypt
+
+		mov	$ivec,%rbp	# load ivp
+		mov	$_inp,$inp	# if ($verticalspin) restore inp
+		mov	$_len,%r10	# load len
+		xor	0(%rbp),$s0	# xor iv
+		xor	4(%rbp),$s1
+		xor	8(%rbp),$s2
+		xor	12(%rbp),$s3
+		mov	$inp,%rbp	# current input, next iv
+
+		sub	\$16,%r10
+		mov	%r10,$_len	# update len
+		mov	%rbp,$ivec	# update ivp
+
+		mov	$s0,0($out)	# write output
+		mov	$s1,4($out)
+		mov	$s2,8($out)
+		mov	$s3,12($out)
+
+		lea	16($inp),$inp
+		lea	16($out),$out
+	jnz	.Lcbc_fast_dec_loop
+	mov	$_ivp,%r12		# load user ivp
+	mov	0(%rbp),%r10		# load iv
+	mov	8(%rbp),%r11
+	mov	%r10,0(%r12)		# copy back to user
+	mov	%r11,8(%r12)
+	jmp	.Lcbc_fast_cleanup
+
+.align	16
+.Lcbc_fast_dec_in_place:
+	mov	0(%rbp),%r10		# copy iv to stack
+	mov	8(%rbp),%r11
+	mov	%r10,0+$ivec
+	mov	%r11,8+$ivec
+.align	4
+.Lcbc_fast_dec_in_place_loop:
+		mov	0($inp),$s0	# load input
+		mov	4($inp),$s1
+		mov	8($inp),$s2
+		mov	12($inp),$s3
+		mov	$keyp,$key	# restore key
+		mov	$inp,$_inp	# if ($verticalspin) save inp
+
+		call	_x86_64_AES_decrypt
+
+		mov	$_inp,$inp	# if ($verticalspin) restore inp
+		mov	$_len,%r10
+		xor	0+$ivec,$s0
+		xor	4+$ivec,$s1
+		xor	8+$ivec,$s2
+		xor	12+$ivec,$s3
+
+		mov	0($inp),%r11	# load input
+		mov	8($inp),%r12
+		sub	\$16,%r10
+		jz	.Lcbc_fast_dec_in_place_done
+
+		mov	%r11,0+$ivec	# copy input to iv
+		mov	%r12,8+$ivec
+
+		mov	$s0,0($out)	# save output [zaps input]
+		mov	$s1,4($out)
+		mov	$s2,8($out)
+		mov	$s3,12($out)
+
+		lea	16($inp),$inp
+		lea	16($out),$out
+		mov	%r10,$_len
+	jmp	.Lcbc_fast_dec_in_place_loop
+.Lcbc_fast_dec_in_place_done:
+	mov	$_ivp,%rdi
+	mov	%r11,0(%rdi)	# copy iv back to user
+	mov	%r12,8(%rdi)
+
+	mov	$s0,0($out)	# save output [zaps input]
+	mov	$s1,4($out)
+	mov	$s2,8($out)
+	mov	$s3,12($out)
+
+.align	4
+.Lcbc_fast_cleanup:
+	cmpl	\$0,$mark	# was the key schedule copied?
+	lea	$aes_key,%rdi
+	je	.Lcbc_exit
+		mov	\$240/8,%ecx
+		xor	%rax,%rax
+		.long	0x90AB48F3	# rep stosq
+
+	jmp	.Lcbc_exit
+
+#--------------------------- SLOW ROUTINE ---------------------------#
+.align	16
+.Lcbc_slow_prologue:
+	# allocate aligned stack frame...
+	lea	-88(%rsp),%rbp
+	and	\$-64,%rbp
+	# ... just "above" key schedule
+	lea	-88-63(%rcx),%r10
+	sub	%rbp,%r10
+	neg	%r10
+	and	\$0x3c0,%r10
+	sub	%r10,%rbp
+
+	xchg	%rsp,%rbp
+	#add	\$8,%rsp	# reserve for return address!
+	mov	%rbp,$_rsp	# save %rsp
+.Lcbc_slow_body:
+	#mov	%rdi,$_inp	# save copy of inp
+	#mov	%rsi,$_out	# save copy of out
+	#mov	%rdx,$_len	# save copy of len
+	#mov	%rcx,$_key	# save copy of key
+	mov	%r8,$_ivp	# save copy of ivp
+	mov	%r8,%rbp	# rearrange input arguments
+	mov	%r9,%rbx
+	mov	%rsi,$out
+	mov	%rdi,$inp
+	mov	%rcx,$key
+	mov	%rdx,%r10
+
+	mov	240($key),%eax
+	mov	$key,$keyp	# save key pointer
+	shl	\$4,%eax
+	lea	($key,%rax),%rax
+	mov	%rax,$keyend
+
+	# pick Te4 copy which can't "overlap" with stack frame or key scdedule
+	lea	2048($sbox),$sbox
+	lea	768-8(%rsp),%rax
+	sub	$sbox,%rax
+	and	\$0x300,%rax
+	lea	($sbox,%rax),$sbox
+
+	cmp	\$0,%rbx
+	je	.LSLOW_DECRYPT
+
+#--------------------------- SLOW ENCRYPT ---------------------------#
+	test	\$-16,%r10		# check upon length
+	mov	0(%rbp),$s0		# load iv
+	mov	4(%rbp),$s1
+	mov	8(%rbp),$s2
+	mov	12(%rbp),$s3
+	jz	.Lcbc_slow_enc_tail	# short input...
+
+.align	4
+.Lcbc_slow_enc_loop:
+		xor	0($inp),$s0
+		xor	4($inp),$s1
+		xor	8($inp),$s2
+		xor	12($inp),$s3
+		mov	$keyp,$key	# restore key
+		mov	$inp,$_inp	# save inp
+		mov	$out,$_out	# save out
+		mov	%r10,$_len	# save len
+
+		call	_x86_64_AES_encrypt_compact
+
+		mov	$_inp,$inp	# restore inp
+		mov	$_out,$out	# restore out
+		mov	$_len,%r10	# restore len
+		mov	$s0,0($out)
+		mov	$s1,4($out)
+		mov	$s2,8($out)
+		mov	$s3,12($out)
+
+		lea	16($inp),$inp
+		lea	16($out),$out
+		sub	\$16,%r10
+		test	\$-16,%r10
+	jnz	.Lcbc_slow_enc_loop
+	test	\$15,%r10
+	jnz	.Lcbc_slow_enc_tail
+	mov	$_ivp,%rbp	# restore ivp
+	mov	$s0,0(%rbp)	# save ivec
+	mov	$s1,4(%rbp)
+	mov	$s2,8(%rbp)
+	mov	$s3,12(%rbp)
+
+	jmp	.Lcbc_exit
+
+.align	4
+.Lcbc_slow_enc_tail:
+	mov	%rax,%r11
+	mov	%rcx,%r12
+	mov	%r10,%rcx
+	mov	$inp,%rsi
+	mov	$out,%rdi
+	.long	0x9066A4F3		# rep movsb
+	mov	\$16,%rcx		# zero tail
+	sub	%r10,%rcx
+	xor	%rax,%rax
+	.long	0x9066AAF3		# rep stosb
+	mov	$out,$inp		# this is not a mistake!
+	mov	\$16,%r10		# len=16
+	mov	%r11,%rax
+	mov	%r12,%rcx
+	jmp	.Lcbc_slow_enc_loop	# one more spin...
+#--------------------------- SLOW DECRYPT ---------------------------#
+.align	16
+.LSLOW_DECRYPT:
+	shr	\$3,%rax
+	add	%rax,$sbox		# recall "magic" constants!
+
+	mov	0(%rbp),%r11		# copy iv to stack
+	mov	8(%rbp),%r12
+	mov	%r11,0+$ivec
+	mov	%r12,8+$ivec
+
+.align	4
+.Lcbc_slow_dec_loop:
+		mov	0($inp),$s0	# load input
+		mov	4($inp),$s1
+		mov	8($inp),$s2
+		mov	12($inp),$s3
+		mov	$keyp,$key	# restore key
+		mov	$inp,$_inp	# save inp
+		mov	$out,$_out	# save out
+		mov	%r10,$_len	# save len
+
+		call	_x86_64_AES_decrypt_compact
+
+		mov	$_inp,$inp	# restore inp
+		mov	$_out,$out	# restore out
+		mov	$_len,%r10
+		xor	0+$ivec,$s0
+		xor	4+$ivec,$s1
+		xor	8+$ivec,$s2
+		xor	12+$ivec,$s3
+
+		mov	0($inp),%r11	# load input
+		mov	8($inp),%r12
+		sub	\$16,%r10
+		jc	.Lcbc_slow_dec_partial
+		jz	.Lcbc_slow_dec_done
+
+		mov	%r11,0+$ivec	# copy input to iv
+		mov	%r12,8+$ivec
+
+		mov	$s0,0($out)	# save output [can zap input]
+		mov	$s1,4($out)
+		mov	$s2,8($out)
+		mov	$s3,12($out)
+
+		lea	16($inp),$inp
+		lea	16($out),$out
+	jmp	.Lcbc_slow_dec_loop
+.Lcbc_slow_dec_done:
+	mov	$_ivp,%rdi
+	mov	%r11,0(%rdi)		# copy iv back to user
+	mov	%r12,8(%rdi)
+
+	mov	$s0,0($out)		# save output [can zap input]
+	mov	$s1,4($out)
+	mov	$s2,8($out)
+	mov	$s3,12($out)
+
+	jmp	.Lcbc_exit
+
+.align	4
+.Lcbc_slow_dec_partial:
+	mov	$_ivp,%rdi
+	mov	%r11,0(%rdi)		# copy iv back to user
+	mov	%r12,8(%rdi)
+
+	mov	$s0,0+$ivec		# save output to stack
+	mov	$s1,4+$ivec
+	mov	$s2,8+$ivec
+	mov	$s3,12+$ivec
+
+	mov	$out,%rdi
+	lea	$ivec,%rsi
+	lea	16(%r10),%rcx
+	.long	0x9066A4F3	# rep movsb
+	jmp	.Lcbc_exit
+
+.align	16
+.Lcbc_exit:
+	mov	$_rsp,%rsi
+	mov	(%rsi),%r15
+	mov	8(%rsi),%r14
+	mov	16(%rsi),%r13
+	mov	24(%rsi),%r12
+	mov	32(%rsi),%rbp
+	mov	40(%rsi),%rbx
+	lea	48(%rsi),%rsp
+.Lcbc_popfq:
+	popfq
+.Lcbc_epilogue:
+	ret
+.size	AES_cbc_encrypt,.-AES_cbc_encrypt
+___
+}
+
+$code.=<<___;
+.align	64
+.LAES_Te:
+___
+	&_data_word(0xa56363c6, 0x847c7cf8, 0x997777ee, 0x8d7b7bf6);
+	&_data_word(0x0df2f2ff, 0xbd6b6bd6, 0xb16f6fde, 0x54c5c591);
+	&_data_word(0x50303060, 0x03010102, 0xa96767ce, 0x7d2b2b56);
+	&_data_word(0x19fefee7, 0x62d7d7b5, 0xe6abab4d, 0x9a7676ec);
+	&_data_word(0x45caca8f, 0x9d82821f, 0x40c9c989, 0x877d7dfa);
+	&_data_word(0x15fafaef, 0xeb5959b2, 0xc947478e, 0x0bf0f0fb);
+	&_data_word(0xecadad41, 0x67d4d4b3, 0xfda2a25f, 0xeaafaf45);
+	&_data_word(0xbf9c9c23, 0xf7a4a453, 0x967272e4, 0x5bc0c09b);
+	&_data_word(0xc2b7b775, 0x1cfdfde1, 0xae93933d, 0x6a26264c);
+	&_data_word(0x5a36366c, 0x413f3f7e, 0x02f7f7f5, 0x4fcccc83);
+	&_data_word(0x5c343468, 0xf4a5a551, 0x34e5e5d1, 0x08f1f1f9);
+	&_data_word(0x937171e2, 0x73d8d8ab, 0x53313162, 0x3f15152a);
+	&_data_word(0x0c040408, 0x52c7c795, 0x65232346, 0x5ec3c39d);
+	&_data_word(0x28181830, 0xa1969637, 0x0f05050a, 0xb59a9a2f);
+	&_data_word(0x0907070e, 0x36121224, 0x9b80801b, 0x3de2e2df);
+	&_data_word(0x26ebebcd, 0x6927274e, 0xcdb2b27f, 0x9f7575ea);
+	&_data_word(0x1b090912, 0x9e83831d, 0x742c2c58, 0x2e1a1a34);
+	&_data_word(0x2d1b1b36, 0xb26e6edc, 0xee5a5ab4, 0xfba0a05b);
+	&_data_word(0xf65252a4, 0x4d3b3b76, 0x61d6d6b7, 0xceb3b37d);
+	&_data_word(0x7b292952, 0x3ee3e3dd, 0x712f2f5e, 0x97848413);
+	&_data_word(0xf55353a6, 0x68d1d1b9, 0x00000000, 0x2cededc1);
+	&_data_word(0x60202040, 0x1ffcfce3, 0xc8b1b179, 0xed5b5bb6);
+	&_data_word(0xbe6a6ad4, 0x46cbcb8d, 0xd9bebe67, 0x4b393972);
+	&_data_word(0xde4a4a94, 0xd44c4c98, 0xe85858b0, 0x4acfcf85);
+	&_data_word(0x6bd0d0bb, 0x2aefefc5, 0xe5aaaa4f, 0x16fbfbed);
+	&_data_word(0xc5434386, 0xd74d4d9a, 0x55333366, 0x94858511);
+	&_data_word(0xcf45458a, 0x10f9f9e9, 0x06020204, 0x817f7ffe);
+	&_data_word(0xf05050a0, 0x443c3c78, 0xba9f9f25, 0xe3a8a84b);
+	&_data_word(0xf35151a2, 0xfea3a35d, 0xc0404080, 0x8a8f8f05);
+	&_data_word(0xad92923f, 0xbc9d9d21, 0x48383870, 0x04f5f5f1);
+	&_data_word(0xdfbcbc63, 0xc1b6b677, 0x75dadaaf, 0x63212142);
+	&_data_word(0x30101020, 0x1affffe5, 0x0ef3f3fd, 0x6dd2d2bf);
+	&_data_word(0x4ccdcd81, 0x140c0c18, 0x35131326, 0x2fececc3);
+	&_data_word(0xe15f5fbe, 0xa2979735, 0xcc444488, 0x3917172e);
+	&_data_word(0x57c4c493, 0xf2a7a755, 0x827e7efc, 0x473d3d7a);
+	&_data_word(0xac6464c8, 0xe75d5dba, 0x2b191932, 0x957373e6);
+	&_data_word(0xa06060c0, 0x98818119, 0xd14f4f9e, 0x7fdcdca3);
+	&_data_word(0x66222244, 0x7e2a2a54, 0xab90903b, 0x8388880b);
+	&_data_word(0xca46468c, 0x29eeeec7, 0xd3b8b86b, 0x3c141428);
+	&_data_word(0x79dedea7, 0xe25e5ebc, 0x1d0b0b16, 0x76dbdbad);
+	&_data_word(0x3be0e0db, 0x56323264, 0x4e3a3a74, 0x1e0a0a14);
+	&_data_word(0xdb494992, 0x0a06060c, 0x6c242448, 0xe45c5cb8);
+	&_data_word(0x5dc2c29f, 0x6ed3d3bd, 0xefacac43, 0xa66262c4);
+	&_data_word(0xa8919139, 0xa4959531, 0x37e4e4d3, 0x8b7979f2);
+	&_data_word(0x32e7e7d5, 0x43c8c88b, 0x5937376e, 0xb76d6dda);
+	&_data_word(0x8c8d8d01, 0x64d5d5b1, 0xd24e4e9c, 0xe0a9a949);
+	&_data_word(0xb46c6cd8, 0xfa5656ac, 0x07f4f4f3, 0x25eaeacf);
+	&_data_word(0xaf6565ca, 0x8e7a7af4, 0xe9aeae47, 0x18080810);
+	&_data_word(0xd5baba6f, 0x887878f0, 0x6f25254a, 0x722e2e5c);
+	&_data_word(0x241c1c38, 0xf1a6a657, 0xc7b4b473, 0x51c6c697);
+	&_data_word(0x23e8e8cb, 0x7cdddda1, 0x9c7474e8, 0x211f1f3e);
+	&_data_word(0xdd4b4b96, 0xdcbdbd61, 0x868b8b0d, 0x858a8a0f);
+	&_data_word(0x907070e0, 0x423e3e7c, 0xc4b5b571, 0xaa6666cc);
+	&_data_word(0xd8484890, 0x05030306, 0x01f6f6f7, 0x120e0e1c);
+	&_data_word(0xa36161c2, 0x5f35356a, 0xf95757ae, 0xd0b9b969);
+	&_data_word(0x91868617, 0x58c1c199, 0x271d1d3a, 0xb99e9e27);
+	&_data_word(0x38e1e1d9, 0x13f8f8eb, 0xb398982b, 0x33111122);
+	&_data_word(0xbb6969d2, 0x70d9d9a9, 0x898e8e07, 0xa7949433);
+	&_data_word(0xb69b9b2d, 0x221e1e3c, 0x92878715, 0x20e9e9c9);
+	&_data_word(0x49cece87, 0xff5555aa, 0x78282850, 0x7adfdfa5);
+	&_data_word(0x8f8c8c03, 0xf8a1a159, 0x80898909, 0x170d0d1a);
+	&_data_word(0xdabfbf65, 0x31e6e6d7, 0xc6424284, 0xb86868d0);
+	&_data_word(0xc3414182, 0xb0999929, 0x772d2d5a, 0x110f0f1e);
+	&_data_word(0xcbb0b07b, 0xfc5454a8, 0xd6bbbb6d, 0x3a16162c);
+
+#Te4	# four copies of Te4 to choose from to avoid L1 aliasing
+	&data_byte(0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5);
+	&data_byte(0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76);
+	&data_byte(0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0);
+	&data_byte(0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0);
+	&data_byte(0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc);
+	&data_byte(0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15);
+	&data_byte(0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a);
+	&data_byte(0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75);
+	&data_byte(0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0);
+	&data_byte(0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84);
+	&data_byte(0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b);
+	&data_byte(0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf);
+	&data_byte(0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85);
+	&data_byte(0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8);
+	&data_byte(0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5);
+	&data_byte(0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2);
+	&data_byte(0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17);
+	&data_byte(0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73);
+	&data_byte(0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88);
+	&data_byte(0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb);
+	&data_byte(0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c);
+	&data_byte(0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79);
+	&data_byte(0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9);
+	&data_byte(0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08);
+	&data_byte(0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6);
+	&data_byte(0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a);
+	&data_byte(0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e);
+	&data_byte(0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e);
+	&data_byte(0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94);
+	&data_byte(0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf);
+	&data_byte(0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68);
+	&data_byte(0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16);
+
+	&data_byte(0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5);
+	&data_byte(0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76);
+	&data_byte(0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0);
+	&data_byte(0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0);
+	&data_byte(0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc);
+	&data_byte(0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15);
+	&data_byte(0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a);
+	&data_byte(0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75);
+	&data_byte(0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0);
+	&data_byte(0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84);
+	&data_byte(0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b);
+	&data_byte(0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf);
+	&data_byte(0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85);
+	&data_byte(0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8);
+	&data_byte(0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5);
+	&data_byte(0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2);
+	&data_byte(0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17);
+	&data_byte(0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73);
+	&data_byte(0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88);
+	&data_byte(0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb);
+	&data_byte(0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c);
+	&data_byte(0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79);
+	&data_byte(0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9);
+	&data_byte(0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08);
+	&data_byte(0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6);
+	&data_byte(0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a);
+	&data_byte(0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e);
+	&data_byte(0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e);
+	&data_byte(0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94);
+	&data_byte(0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf);
+	&data_byte(0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68);
+	&data_byte(0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16);
+
+	&data_byte(0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5);
+	&data_byte(0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76);
+	&data_byte(0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0);
+	&data_byte(0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0);
+	&data_byte(0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc);
+	&data_byte(0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15);
+	&data_byte(0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a);
+	&data_byte(0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75);
+	&data_byte(0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0);
+	&data_byte(0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84);
+	&data_byte(0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b);
+	&data_byte(0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf);
+	&data_byte(0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85);
+	&data_byte(0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8);
+	&data_byte(0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5);
+	&data_byte(0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2);
+	&data_byte(0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17);
+	&data_byte(0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73);
+	&data_byte(0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88);
+	&data_byte(0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb);
+	&data_byte(0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c);
+	&data_byte(0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79);
+	&data_byte(0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9);
+	&data_byte(0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08);
+	&data_byte(0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6);
+	&data_byte(0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a);
+	&data_byte(0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e);
+	&data_byte(0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e);
+	&data_byte(0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94);
+	&data_byte(0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf);
+	&data_byte(0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68);
+	&data_byte(0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16);
+
+	&data_byte(0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5);
+	&data_byte(0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76);
+	&data_byte(0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0);
+	&data_byte(0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0);
+	&data_byte(0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc);
+	&data_byte(0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15);
+	&data_byte(0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a);
+	&data_byte(0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75);
+	&data_byte(0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0);
+	&data_byte(0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84);
+	&data_byte(0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b);
+	&data_byte(0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf);
+	&data_byte(0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85);
+	&data_byte(0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8);
+	&data_byte(0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5);
+	&data_byte(0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2);
+	&data_byte(0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17);
+	&data_byte(0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73);
+	&data_byte(0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88);
+	&data_byte(0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb);
+	&data_byte(0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c);
+	&data_byte(0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79);
+	&data_byte(0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9);
+	&data_byte(0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08);
+	&data_byte(0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6);
+	&data_byte(0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a);
+	&data_byte(0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e);
+	&data_byte(0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e);
+	&data_byte(0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94);
+	&data_byte(0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf);
+	&data_byte(0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68);
+	&data_byte(0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16);
+#rcon:
+$code.=<<___;
+	.long	0x00000001, 0x00000002, 0x00000004, 0x00000008
+	.long	0x00000010, 0x00000020, 0x00000040, 0x00000080
+	.long	0x0000001b, 0x00000036, 0x80808080, 0x80808080
+	.long	0xfefefefe, 0xfefefefe, 0x1b1b1b1b, 0x1b1b1b1b
+___
+$code.=<<___;
+.align	64
+.LAES_Td:
+___
+	&_data_word(0x50a7f451, 0x5365417e, 0xc3a4171a, 0x965e273a);
+	&_data_word(0xcb6bab3b, 0xf1459d1f, 0xab58faac, 0x9303e34b);
+	&_data_word(0x55fa3020, 0xf66d76ad, 0x9176cc88, 0x254c02f5);
+	&_data_word(0xfcd7e54f, 0xd7cb2ac5, 0x80443526, 0x8fa362b5);
+	&_data_word(0x495ab1de, 0x671bba25, 0x980eea45, 0xe1c0fe5d);
+	&_data_word(0x02752fc3, 0x12f04c81, 0xa397468d, 0xc6f9d36b);
+	&_data_word(0xe75f8f03, 0x959c9215, 0xeb7a6dbf, 0xda595295);
+	&_data_word(0x2d83bed4, 0xd3217458, 0x2969e049, 0x44c8c98e);
+	&_data_word(0x6a89c275, 0x78798ef4, 0x6b3e5899, 0xdd71b927);
+	&_data_word(0xb64fe1be, 0x17ad88f0, 0x66ac20c9, 0xb43ace7d);
+	&_data_word(0x184adf63, 0x82311ae5, 0x60335197, 0x457f5362);
+	&_data_word(0xe07764b1, 0x84ae6bbb, 0x1ca081fe, 0x942b08f9);
+	&_data_word(0x58684870, 0x19fd458f, 0x876cde94, 0xb7f87b52);
+	&_data_word(0x23d373ab, 0xe2024b72, 0x578f1fe3, 0x2aab5566);
+	&_data_word(0x0728ebb2, 0x03c2b52f, 0x9a7bc586, 0xa50837d3);
+	&_data_word(0xf2872830, 0xb2a5bf23, 0xba6a0302, 0x5c8216ed);
+	&_data_word(0x2b1ccf8a, 0x92b479a7, 0xf0f207f3, 0xa1e2694e);
+	&_data_word(0xcdf4da65, 0xd5be0506, 0x1f6234d1, 0x8afea6c4);
+	&_data_word(0x9d532e34, 0xa055f3a2, 0x32e18a05, 0x75ebf6a4);
+	&_data_word(0x39ec830b, 0xaaef6040, 0x069f715e, 0x51106ebd);
+	&_data_word(0xf98a213e, 0x3d06dd96, 0xae053edd, 0x46bde64d);
+	&_data_word(0xb58d5491, 0x055dc471, 0x6fd40604, 0xff155060);
+	&_data_word(0x24fb9819, 0x97e9bdd6, 0xcc434089, 0x779ed967);
+	&_data_word(0xbd42e8b0, 0x888b8907, 0x385b19e7, 0xdbeec879);
+	&_data_word(0x470a7ca1, 0xe90f427c, 0xc91e84f8, 0x00000000);
+	&_data_word(0x83868009, 0x48ed2b32, 0xac70111e, 0x4e725a6c);
+	&_data_word(0xfbff0efd, 0x5638850f, 0x1ed5ae3d, 0x27392d36);
+	&_data_word(0x64d90f0a, 0x21a65c68, 0xd1545b9b, 0x3a2e3624);
+	&_data_word(0xb1670a0c, 0x0fe75793, 0xd296eeb4, 0x9e919b1b);
+	&_data_word(0x4fc5c080, 0xa220dc61, 0x694b775a, 0x161a121c);
+	&_data_word(0x0aba93e2, 0xe52aa0c0, 0x43e0223c, 0x1d171b12);
+	&_data_word(0x0b0d090e, 0xadc78bf2, 0xb9a8b62d, 0xc8a91e14);
+	&_data_word(0x8519f157, 0x4c0775af, 0xbbdd99ee, 0xfd607fa3);
+	&_data_word(0x9f2601f7, 0xbcf5725c, 0xc53b6644, 0x347efb5b);
+	&_data_word(0x7629438b, 0xdcc623cb, 0x68fcedb6, 0x63f1e4b8);
+	&_data_word(0xcadc31d7, 0x10856342, 0x40229713, 0x2011c684);
+	&_data_word(0x7d244a85, 0xf83dbbd2, 0x1132f9ae, 0x6da129c7);
+	&_data_word(0x4b2f9e1d, 0xf330b2dc, 0xec52860d, 0xd0e3c177);
+	&_data_word(0x6c16b32b, 0x99b970a9, 0xfa489411, 0x2264e947);
+	&_data_word(0xc48cfca8, 0x1a3ff0a0, 0xd82c7d56, 0xef903322);
+	&_data_word(0xc74e4987, 0xc1d138d9, 0xfea2ca8c, 0x360bd498);
+	&_data_word(0xcf81f5a6, 0x28de7aa5, 0x268eb7da, 0xa4bfad3f);
+	&_data_word(0xe49d3a2c, 0x0d927850, 0x9bcc5f6a, 0x62467e54);
+	&_data_word(0xc2138df6, 0xe8b8d890, 0x5ef7392e, 0xf5afc382);
+	&_data_word(0xbe805d9f, 0x7c93d069, 0xa92dd56f, 0xb31225cf);
+	&_data_word(0x3b99acc8, 0xa77d1810, 0x6e639ce8, 0x7bbb3bdb);
+	&_data_word(0x097826cd, 0xf418596e, 0x01b79aec, 0xa89a4f83);
+	&_data_word(0x656e95e6, 0x7ee6ffaa, 0x08cfbc21, 0xe6e815ef);
+	&_data_word(0xd99be7ba, 0xce366f4a, 0xd4099fea, 0xd67cb029);
+	&_data_word(0xafb2a431, 0x31233f2a, 0x3094a5c6, 0xc066a235);
+	&_data_word(0x37bc4e74, 0xa6ca82fc, 0xb0d090e0, 0x15d8a733);
+	&_data_word(0x4a9804f1, 0xf7daec41, 0x0e50cd7f, 0x2ff69117);
+	&_data_word(0x8dd64d76, 0x4db0ef43, 0x544daacc, 0xdf0496e4);
+	&_data_word(0xe3b5d19e, 0x1b886a4c, 0xb81f2cc1, 0x7f516546);
+	&_data_word(0x04ea5e9d, 0x5d358c01, 0x737487fa, 0x2e410bfb);
+	&_data_word(0x5a1d67b3, 0x52d2db92, 0x335610e9, 0x1347d66d);
+	&_data_word(0x8c61d79a, 0x7a0ca137, 0x8e14f859, 0x893c13eb);
+	&_data_word(0xee27a9ce, 0x35c961b7, 0xede51ce1, 0x3cb1477a);
+	&_data_word(0x59dfd29c, 0x3f73f255, 0x79ce1418, 0xbf37c773);
+	&_data_word(0xeacdf753, 0x5baafd5f, 0x146f3ddf, 0x86db4478);
+	&_data_word(0x81f3afca, 0x3ec468b9, 0x2c342438, 0x5f40a3c2);
+	&_data_word(0x72c31d16, 0x0c25e2bc, 0x8b493c28, 0x41950dff);
+	&_data_word(0x7101a839, 0xdeb30c08, 0x9ce4b4d8, 0x90c15664);
+	&_data_word(0x6184cb7b, 0x70b632d5, 0x745c6c48, 0x4257b8d0);
+
+#Td4:	# four copies of Td4 to choose from to avoid L1 aliasing
+	&data_byte(0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38);
+	&data_byte(0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb);
+	&data_byte(0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87);
+	&data_byte(0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb);
+	&data_byte(0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d);
+	&data_byte(0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e);
+	&data_byte(0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2);
+	&data_byte(0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25);
+	&data_byte(0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16);
+	&data_byte(0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92);
+	&data_byte(0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda);
+	&data_byte(0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84);
+	&data_byte(0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a);
+	&data_byte(0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06);
+	&data_byte(0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02);
+	&data_byte(0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b);
+	&data_byte(0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea);
+	&data_byte(0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73);
+	&data_byte(0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85);
+	&data_byte(0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e);
+	&data_byte(0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89);
+	&data_byte(0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b);
+	&data_byte(0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20);
+	&data_byte(0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4);
+	&data_byte(0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31);
+	&data_byte(0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f);
+	&data_byte(0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d);
+	&data_byte(0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef);
+	&data_byte(0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0);
+	&data_byte(0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61);
+	&data_byte(0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26);
+	&data_byte(0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d);
+$code.=<<___;
+	.long	0x80808080, 0x80808080, 0xfefefefe, 0xfefefefe
+	.long	0x1b1b1b1b, 0x1b1b1b1b, 0, 0
+___
+	&data_byte(0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38);
+	&data_byte(0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb);
+	&data_byte(0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87);
+	&data_byte(0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb);
+	&data_byte(0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d);
+	&data_byte(0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e);
+	&data_byte(0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2);
+	&data_byte(0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25);
+	&data_byte(0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16);
+	&data_byte(0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92);
+	&data_byte(0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda);
+	&data_byte(0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84);
+	&data_byte(0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a);
+	&data_byte(0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06);
+	&data_byte(0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02);
+	&data_byte(0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b);
+	&data_byte(0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea);
+	&data_byte(0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73);
+	&data_byte(0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85);
+	&data_byte(0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e);
+	&data_byte(0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89);
+	&data_byte(0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b);
+	&data_byte(0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20);
+	&data_byte(0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4);
+	&data_byte(0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31);
+	&data_byte(0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f);
+	&data_byte(0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d);
+	&data_byte(0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef);
+	&data_byte(0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0);
+	&data_byte(0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61);
+	&data_byte(0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26);
+	&data_byte(0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d);
+$code.=<<___;
+	.long	0x80808080, 0x80808080, 0xfefefefe, 0xfefefefe
+	.long	0x1b1b1b1b, 0x1b1b1b1b, 0, 0
+___
+	&data_byte(0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38);
+	&data_byte(0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb);
+	&data_byte(0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87);
+	&data_byte(0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb);
+	&data_byte(0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d);
+	&data_byte(0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e);
+	&data_byte(0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2);
+	&data_byte(0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25);
+	&data_byte(0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16);
+	&data_byte(0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92);
+	&data_byte(0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda);
+	&data_byte(0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84);
+	&data_byte(0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a);
+	&data_byte(0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06);
+	&data_byte(0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02);
+	&data_byte(0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b);
+	&data_byte(0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea);
+	&data_byte(0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73);
+	&data_byte(0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85);
+	&data_byte(0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e);
+	&data_byte(0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89);
+	&data_byte(0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b);
+	&data_byte(0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20);
+	&data_byte(0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4);
+	&data_byte(0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31);
+	&data_byte(0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f);
+	&data_byte(0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d);
+	&data_byte(0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef);
+	&data_byte(0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0);
+	&data_byte(0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61);
+	&data_byte(0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26);
+	&data_byte(0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d);
+$code.=<<___;
+	.long	0x80808080, 0x80808080, 0xfefefefe, 0xfefefefe
+	.long	0x1b1b1b1b, 0x1b1b1b1b, 0, 0
+___
+	&data_byte(0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38);
+	&data_byte(0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb);
+	&data_byte(0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87);
+	&data_byte(0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb);
+	&data_byte(0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d);
+	&data_byte(0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e);
+	&data_byte(0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2);
+	&data_byte(0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25);
+	&data_byte(0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16);
+	&data_byte(0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92);
+	&data_byte(0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda);
+	&data_byte(0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84);
+	&data_byte(0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a);
+	&data_byte(0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06);
+	&data_byte(0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02);
+	&data_byte(0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b);
+	&data_byte(0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea);
+	&data_byte(0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73);
+	&data_byte(0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85);
+	&data_byte(0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e);
+	&data_byte(0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89);
+	&data_byte(0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b);
+	&data_byte(0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20);
+	&data_byte(0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4);
+	&data_byte(0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31);
+	&data_byte(0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f);
+	&data_byte(0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d);
+	&data_byte(0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef);
+	&data_byte(0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0);
+	&data_byte(0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61);
+	&data_byte(0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26);
+	&data_byte(0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d);
+$code.=<<___;
+	.long	0x80808080, 0x80808080, 0xfefefefe, 0xfefefefe
+	.long	0x1b1b1b1b, 0x1b1b1b1b, 0, 0
+.asciz  "AES for x86_64, CRYPTOGAMS by <appro\@openssl.org>"
+.align	64
+___
+
+# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
+#		CONTEXT *context,DISPATCHER_CONTEXT *disp)
+if ($win64) {
+$rec="%rcx";
+$frame="%rdx";
+$context="%r8";
+$disp="%r9";
+
+$code.=<<___;
+.extern	__imp_RtlVirtualUnwind
+.type	block_se_handler,\@abi-omnipotent
+.align	16
+block_se_handler:
+	push	%rsi
+	push	%rdi
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	pushfq
+	sub	\$64,%rsp
+
+	mov	120($context),%rax	# pull context->Rax
+	mov	248($context),%rbx	# pull context->Rip
+
+	mov	8($disp),%rsi		# disp->ImageBase
+	mov	56($disp),%r11		# disp->HandlerData
+
+	mov	0(%r11),%r10d		# HandlerData[0]
+	lea	(%rsi,%r10),%r10	# prologue label
+	cmp	%r10,%rbx		# context->Rip<prologue label
+	jb	.Lin_block_prologue
+
+	mov	152($context),%rax	# pull context->Rsp
+
+	mov	4(%r11),%r10d		# HandlerData[1]
+	lea	(%rsi,%r10),%r10	# epilogue label
+	cmp	%r10,%rbx		# context->Rip>=epilogue label
+	jae	.Lin_block_prologue
+
+	mov	24(%rax),%rax		# pull saved real stack pointer
+	lea	48(%rax),%rax		# adjust...
+
+	mov	-8(%rax),%rbx
+	mov	-16(%rax),%rbp
+	mov	-24(%rax),%r12
+	mov	-32(%rax),%r13
+	mov	-40(%rax),%r14
+	mov	-48(%rax),%r15
+	mov	%rbx,144($context)	# restore context->Rbx
+	mov	%rbp,160($context)	# restore context->Rbp
+	mov	%r12,216($context)	# restore context->R12
+	mov	%r13,224($context)	# restore context->R13
+	mov	%r14,232($context)	# restore context->R14
+	mov	%r15,240($context)	# restore context->R15
+
+.Lin_block_prologue:
+	mov	8(%rax),%rdi
+	mov	16(%rax),%rsi
+	mov	%rax,152($context)	# restore context->Rsp
+	mov	%rsi,168($context)	# restore context->Rsi
+	mov	%rdi,176($context)	# restore context->Rdi
+
+	jmp	.Lcommon_seh_exit
+.size	block_se_handler,.-block_se_handler
+
+.type	key_se_handler,\@abi-omnipotent
+.align	16
+key_se_handler:
+	push	%rsi
+	push	%rdi
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	pushfq
+	sub	\$64,%rsp
+
+	mov	120($context),%rax	# pull context->Rax
+	mov	248($context),%rbx	# pull context->Rip
+
+	mov	8($disp),%rsi		# disp->ImageBase
+	mov	56($disp),%r11		# disp->HandlerData
+
+	mov	0(%r11),%r10d		# HandlerData[0]
+	lea	(%rsi,%r10),%r10	# prologue label
+	cmp	%r10,%rbx		# context->Rip<prologue label
+	jb	.Lin_key_prologue
+
+	mov	152($context),%rax	# pull context->Rsp
+
+	mov	4(%r11),%r10d		# HandlerData[1]
+	lea	(%rsi,%r10),%r10	# epilogue label
+	cmp	%r10,%rbx		# context->Rip>=epilogue label
+	jae	.Lin_key_prologue
+
+	lea	56(%rax),%rax
+
+	mov	-8(%rax),%rbx
+	mov	-16(%rax),%rbp
+	mov	-24(%rax),%r12
+	mov	-32(%rax),%r13
+	mov	-40(%rax),%r14
+	mov	-48(%rax),%r15
+	mov	%rbx,144($context)	# restore context->Rbx
+	mov	%rbp,160($context)	# restore context->Rbp
+	mov	%r12,216($context)	# restore context->R12
+	mov	%r13,224($context)	# restore context->R13
+	mov	%r14,232($context)	# restore context->R14
+	mov	%r15,240($context)	# restore context->R15
+
+.Lin_key_prologue:
+	mov	8(%rax),%rdi
+	mov	16(%rax),%rsi
+	mov	%rax,152($context)	# restore context->Rsp
+	mov	%rsi,168($context)	# restore context->Rsi
+	mov	%rdi,176($context)	# restore context->Rdi
+
+	jmp	.Lcommon_seh_exit
+.size	key_se_handler,.-key_se_handler
+
+.type	cbc_se_handler,\@abi-omnipotent
+.align	16
+cbc_se_handler:
+	push	%rsi
+	push	%rdi
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	pushfq
+	sub	\$64,%rsp
+
+	mov	120($context),%rax	# pull context->Rax
+	mov	248($context),%rbx	# pull context->Rip
+
+	lea	.Lcbc_prologue(%rip),%r10
+	cmp	%r10,%rbx		# context->Rip<.Lcbc_prologue
+	jb	.Lin_cbc_prologue
+
+	lea	.Lcbc_fast_body(%rip),%r10
+	cmp	%r10,%rbx		# context->Rip<.Lcbc_fast_body
+	jb	.Lin_cbc_frame_setup
+
+	lea	.Lcbc_slow_prologue(%rip),%r10
+	cmp	%r10,%rbx		# context->Rip<.Lcbc_slow_prologue
+	jb	.Lin_cbc_body
+
+	lea	.Lcbc_slow_body(%rip),%r10
+	cmp	%r10,%rbx		# context->Rip<.Lcbc_slow_body
+	jb	.Lin_cbc_frame_setup
+
+.Lin_cbc_body:
+	mov	152($context),%rax	# pull context->Rsp
+
+	lea	.Lcbc_epilogue(%rip),%r10
+	cmp	%r10,%rbx		# context->Rip>=.Lcbc_epilogue
+	jae	.Lin_cbc_prologue
+
+	lea	8(%rax),%rax
+
+	lea	.Lcbc_popfq(%rip),%r10
+	cmp	%r10,%rbx		# context->Rip>=.Lcbc_popfq
+	jae	.Lin_cbc_prologue
+
+	mov	`16-8`(%rax),%rax	# biased $_rsp
+	lea	56(%rax),%rax
+
+.Lin_cbc_frame_setup:
+	mov	-16(%rax),%rbx
+	mov	-24(%rax),%rbp
+	mov	-32(%rax),%r12
+	mov	-40(%rax),%r13
+	mov	-48(%rax),%r14
+	mov	-56(%rax),%r15
+	mov	%rbx,144($context)	# restore context->Rbx
+	mov	%rbp,160($context)	# restore context->Rbp
+	mov	%r12,216($context)	# restore context->R12
+	mov	%r13,224($context)	# restore context->R13
+	mov	%r14,232($context)	# restore context->R14
+	mov	%r15,240($context)	# restore context->R15
+
+.Lin_cbc_prologue:
+	mov	8(%rax),%rdi
+	mov	16(%rax),%rsi
+	mov	%rax,152($context)	# restore context->Rsp
+	mov	%rsi,168($context)	# restore context->Rsi
+	mov	%rdi,176($context)	# restore context->Rdi
+
+.Lcommon_seh_exit:
+
+	mov	40($disp),%rdi		# disp->ContextRecord
+	mov	$context,%rsi		# context
+	mov	\$`1232/8`,%ecx		# sizeof(CONTEXT)
+	.long	0xa548f3fc		# cld; rep movsq
+
+	mov	$disp,%rsi
+	xor	%rcx,%rcx		# arg1, UNW_FLAG_NHANDLER
+	mov	8(%rsi),%rdx		# arg2, disp->ImageBase
+	mov	0(%rsi),%r8		# arg3, disp->ControlPc
+	mov	16(%rsi),%r9		# arg4, disp->FunctionEntry
+	mov	40(%rsi),%r10		# disp->ContextRecord
+	lea	56(%rsi),%r11		# &disp->HandlerData
+	lea	24(%rsi),%r12		# &disp->EstablisherFrame
+	mov	%r10,32(%rsp)		# arg5
+	mov	%r11,40(%rsp)		# arg6
+	mov	%r12,48(%rsp)		# arg7
+	mov	%rcx,56(%rsp)		# arg8, (NULL)
+	call	*__imp_RtlVirtualUnwind(%rip)
+
+	mov	\$1,%eax		# ExceptionContinueSearch
+	add	\$64,%rsp
+	popfq
+	pop	%r15
+	pop	%r14
+	pop	%r13
+	pop	%r12
+	pop	%rbp
+	pop	%rbx
+	pop	%rdi
+	pop	%rsi
+	ret
+.size	cbc_se_handler,.-cbc_se_handler
+
+.section	.pdata
+.align	4
+	.rva	.LSEH_begin_AES_encrypt
+	.rva	.LSEH_end_AES_encrypt
+	.rva	.LSEH_info_AES_encrypt
+
+	.rva	.LSEH_begin_AES_decrypt
+	.rva	.LSEH_end_AES_decrypt
+	.rva	.LSEH_info_AES_decrypt
+
+	.rva	.LSEH_begin_AES_set_encrypt_key
+	.rva	.LSEH_end_AES_set_encrypt_key
+	.rva	.LSEH_info_AES_set_encrypt_key
+
+	.rva	.LSEH_begin_AES_set_decrypt_key
+	.rva	.LSEH_end_AES_set_decrypt_key
+	.rva	.LSEH_info_AES_set_decrypt_key
+
+	.rva	.LSEH_begin_AES_cbc_encrypt
+	.rva	.LSEH_end_AES_cbc_encrypt
+	.rva	.LSEH_info_AES_cbc_encrypt
+
+.section	.xdata
+.align	8
+.LSEH_info_AES_encrypt:
+	.byte	9,0,0,0
+	.rva	block_se_handler
+	.rva	.Lenc_prologue,.Lenc_epilogue	# HandlerData[]
+.LSEH_info_AES_decrypt:
+	.byte	9,0,0,0
+	.rva	block_se_handler
+	.rva	.Ldec_prologue,.Ldec_epilogue	# HandlerData[]
+.LSEH_info_AES_set_encrypt_key:
+	.byte	9,0,0,0
+	.rva	key_se_handler
+	.rva	.Lenc_key_prologue,.Lenc_key_epilogue	# HandlerData[]
+.LSEH_info_AES_set_decrypt_key:
+	.byte	9,0,0,0
+	.rva	key_se_handler
+	.rva	.Ldec_key_prologue,.Ldec_key_epilogue	# HandlerData[]
+.LSEH_info_AES_cbc_encrypt:
+	.byte	9,0,0,0
+	.rva	cbc_se_handler
+___
+}
+
+$code =~ s/\`([^\`]*)\`/eval($1)/gem;
+
+print $code;
+
+close STDOUT;
diff --git a/crypto/aes/asm/aesni-x86.pl b/crypto/aes/asm/aesni-x86.pl
new file mode 100644
index 0000000000..72faa78d1f
--- /dev/null
+++ b/crypto/aes/asm/aesni-x86.pl
@@ -0,0 +1,784 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+#
+# This module implements support for Intel AES-NI extension. In
+# OpenSSL context it's used with Intel engine, but can also be used as
+# drop-in replacement for crypto/aes/asm/aes-586.pl [see below for
+# details].
+
+$PREFIX="aesni";	# if $PREFIX is set to "AES", the script
+			# generates drop-in replacement for
+			# crypto/aes/asm/aes-586.pl:-)
+$inline=1;		# inline _aesni_[en|de]crypt
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+push(@INC,"${dir}","${dir}../../perlasm");
+require "x86asm.pl";
+
+&asm_init($ARGV[0],$0);
+
+$movekey = eval($RREFIX eq "aseni" ? "*movaps" : "*movups");
+
+$len="eax";
+$rounds="ecx";
+$key="edx";
+$inp="esi";
+$out="edi";
+$rounds_="ebx";	# backup copy for $rounds
+$key_="ebp";	# backup copy for $key
+
+$inout0="xmm0";
+$inout1="xmm1";
+$inout2="xmm2";
+$rndkey0="xmm3";
+$rndkey1="xmm4";
+$ivec="xmm5";
+$in0="xmm6";
+$in1="xmm7";	$inout3="xmm7";
+
+# Inline version of internal aesni_[en|de]crypt1
+sub aesni_inline_generate1
+{ my $p=shift;
+
+    &$movekey		($rndkey0,&QWP(0,$key));
+    &$movekey		($rndkey1,&QWP(16,$key));
+    &lea		($key,&DWP(32,$key));
+    &pxor		($inout0,$rndkey0);
+    &set_label("${p}1_loop");
+	eval"&aes${p}	($inout0,$rndkey1)";
+	&dec		($rounds);
+	&$movekey	($rndkey1,&QWP(0,$key));
+	&lea		($key,&DWP(16,$key));
+    &jnz		(&label("${p}1_loop"));
+    eval"&aes${p}last	($inout0,$rndkey1)";
+}
+
+sub aesni_generate1	# fully unrolled loop
+{ my $p=shift;
+
+    &function_begin_B("_aesni_${p}rypt1");
+	&$movekey	($rndkey0,&QWP(0,$key));
+	&$movekey	($rndkey1,&QWP(0x10,$key));
+	&cmp		($rounds,11);
+	&pxor		($inout0,$rndkey0);
+	&$movekey	($rndkey0,&QWP(0x20,$key));
+	&lea		($key,&DWP(0x30,$key));
+	&jb		(&label("${p}128"));
+	&lea		($key,&DWP(0x20,$key));
+	&je		(&label("${p}192"));
+	&lea		($key,&DWP(0x20,$key));
+	eval"&aes${p}	($inout0,$rndkey1)";
+	&$movekey	($rndkey1,&QWP(-0x40,$key));
+	eval"&aes${p}	($inout0,$rndkey0)";
+	&$movekey	($rndkey0,&QWP(-0x30,$key));
+    &set_label("${p}192");
+	eval"&aes${p}	($inout0,$rndkey1)";
+	&$movekey	($rndkey1,&QWP(-0x20,$key));
+	eval"&aes${p}	($inout0,$rndkey0)";
+	&$movekey	($rndkey0,&QWP(-0x10,$key));
+    &set_label("${p}128");
+	eval"&aes${p}	($inout0,$rndkey1)";
+	&$movekey	($rndkey1,&QWP(0,$key));
+	eval"&aes${p}	($inout0,$rndkey0)";
+	&$movekey	($rndkey0,&QWP(0x10,$key));
+	eval"&aes${p}	($inout0,$rndkey1)";
+	&$movekey	($rndkey1,&QWP(0x20,$key));
+	eval"&aes${p}	($inout0,$rndkey0)";
+	&$movekey	($rndkey0,&QWP(0x30,$key));
+	eval"&aes${p}	($inout0,$rndkey1)";
+	&$movekey	($rndkey1,&QWP(0x40,$key));
+	eval"&aes${p}	($inout0,$rndkey0)";
+	&$movekey	($rndkey0,&QWP(0x50,$key));
+	eval"&aes${p}	($inout0,$rndkey1)";
+	&$movekey	($rndkey1,&QWP(0x60,$key));
+	eval"&aes${p}	($inout0,$rndkey0)";
+	&$movekey	($rndkey0,&QWP(0x70,$key));
+	eval"&aes${p}	($inout0,$rndkey1)";
+    eval"&aes${p}last	($inout0,$rndkey0)";
+    &ret();
+    &function_end_B("_aesni_${p}rypt1");
+}
+
+# void $PREFIX_encrypt (const void *inp,void *out,const AES_KEY *key);
+&aesni_generate1("enc") if (!$inline);
+&function_begin_B("${PREFIX}_encrypt");
+	&mov	("eax",&wparam(0));
+	&mov	($key,&wparam(2));
+	&movups	($inout0,&QWP(0,"eax"));
+	&mov	($rounds,&DWP(240,$key));
+	&mov	("eax",&wparam(1));
+	if ($inline)
+	{   &aesni_inline_generate1("enc");	}
+	else
+	{   &call	("_aesni_encrypt1");	}
+	&movups	(&QWP(0,"eax"),$inout0);
+	&ret	();
+&function_end_B("${PREFIX}_encrypt");
+
+# void $PREFIX_decrypt (const void *inp,void *out,const AES_KEY *key);
+&aesni_generate1("dec") if(!$inline);
+&function_begin_B("${PREFIX}_decrypt");
+	&mov	("eax",&wparam(0));
+	&mov	($key,&wparam(2));
+	&movups	($inout0,&QWP(0,"eax"));
+	&mov	($rounds,&DWP(240,$key));
+	&mov	("eax",&wparam(1));
+	if ($inline)
+	{   &aesni_inline_generate1("dec");	}
+	else
+	{   &call	("_aesni_decrypt1");	}
+	&movups	(&QWP(0,"eax"),$inout0);
+	&ret	();
+&function_end_B("${PREFIX}_decrypt");
+
+# _aesni_[en|de]crypt[34] are private interfaces, N denotes interleave
+# factor. Why 3x subroutine is used in loops? Even though aes[enc|dec]
+# latency is 6, it turned out that it can be scheduled only every
+# *second* cycle. Thus 3x interleave is the one providing optimal
+# utilization, i.e. when subroutine's throughput is virtually same as
+# of non-interleaved subroutine [for number of input blocks up to 3].
+# This is why it makes no sense to implement 2x subroutine. As soon
+# as/if Intel improves throughput by making it possible to schedule
+# the instructions in question *every* cycles I would have to
+# implement 6x interleave and use it in loop...
+sub aesni_generate3
+{ my $p=shift;
+
+    &function_begin_B("_aesni_${p}rypt3");
+	&$movekey	($rndkey0,&QWP(0,$key));
+	&shr		($rounds,1);
+	&$movekey	($rndkey1,&QWP(16,$key));
+	&lea		($key,&DWP(32,$key));
+	&pxor		($inout0,$rndkey0);
+	&pxor		($inout1,$rndkey0);
+	&pxor		($inout2,$rndkey0);
+	&jmp		(&label("${p}3_loop"));
+    &set_label("${p}3_loop",16);
+	eval"&aes${p}	($inout0,$rndkey1)";
+	&$movekey	($rndkey0,&QWP(0,$key));
+	eval"&aes${p}	($inout1,$rndkey1)";
+	&dec		($rounds);
+	eval"&aes${p}	($inout2,$rndkey1)";
+	&$movekey	($rndkey1,&QWP(16,$key));
+	eval"&aes${p}	($inout0,$rndkey0)";
+	&lea		($key,&DWP(32,$key));
+	eval"&aes${p}	($inout1,$rndkey0)";
+	eval"&aes${p}	($inout2,$rndkey0)";
+	&jnz		(&label("${p}3_loop"));
+    eval"&aes${p}	($inout0,$rndkey1)";
+    &$movekey		($rndkey0,&QWP(0,$key));
+    eval"&aes${p}	($inout1,$rndkey1)";
+    eval"&aes${p}	($inout2,$rndkey1)";
+    eval"&aes${p}last	($inout0,$rndkey0)";
+    eval"&aes${p}last	($inout1,$rndkey0)";
+    eval"&aes${p}last	($inout2,$rndkey0)";
+    &ret();
+    &function_end_B("_aesni_${p}rypt3");
+}
+
+# 4x interleave is implemented to improve small block performance,
+# most notably [and naturally] 4 block by ~30%. One can argue that one
+# should have implemented 5x as well, but improvement  would be <20%,
+# so it's not worth it...
+sub aesni_generate4
+{ my $p=shift;
+
+    &function_begin_B("_aesni_${p}rypt4");
+	&$movekey	($rndkey0,&QWP(0,$key));
+	&$movekey	($rndkey1,&QWP(16,$key));
+	&shr		($rounds,1);
+	&lea		($key,&DWP(32,$key));
+	&pxor		($inout0,$rndkey0);
+	&pxor		($inout1,$rndkey0);
+	&pxor		($inout2,$rndkey0);
+	&pxor		($inout3,$rndkey0);
+	&jmp		(&label("${p}3_loop"));
+    &set_label("${p}3_loop",16);
+	eval"&aes${p}	($inout0,$rndkey1)";
+	&$movekey	($rndkey0,&QWP(0,$key));
+	eval"&aes${p}	($inout1,$rndkey1)";
+	&dec		($rounds);
+	eval"&aes${p}	($inout2,$rndkey1)";
+	eval"&aes${p}	($inout3,$rndkey1)";
+	&$movekey	($rndkey1,&QWP(16,$key));
+	eval"&aes${p}	($inout0,$rndkey0)";
+	&lea		($key,&DWP(32,$key));
+	eval"&aes${p}	($inout1,$rndkey0)";
+	eval"&aes${p}	($inout2,$rndkey0)";
+	eval"&aes${p}	($inout3,$rndkey0)";
+	&jnz		(&label("${p}3_loop"));
+    eval"&aes${p}	($inout0,$rndkey1)";
+    &$movekey		($rndkey0,&QWP(0,$key));
+    eval"&aes${p}	($inout1,$rndkey1)";
+    eval"&aes${p}	($inout2,$rndkey1)";
+    eval"&aes${p}	($inout3,$rndkey1)";
+    eval"&aes${p}last	($inout0,$rndkey0)";
+    eval"&aes${p}last	($inout1,$rndkey0)";
+    eval"&aes${p}last	($inout2,$rndkey0)";
+    eval"&aes${p}last	($inout3,$rndkey0)";
+    &ret();
+    &function_end_B("_aesni_${p}rypt4");
+}
+&aesni_generate3("enc") if ($PREFIX eq "aesni");
+&aesni_generate3("dec");
+&aesni_generate4("enc") if ($PREFIX eq "aesni");
+&aesni_generate4("dec");
+
+if ($PREFIX eq "aesni") {
+# void aesni_ecb_encrypt (const void *in, void *out,
+#                         size_t length, const AES_KEY *key,
+#                         int enc);
+&function_begin("aesni_ecb_encrypt");
+	&mov	($inp,&wparam(0));
+	&mov	($out,&wparam(1));
+	&mov	($len,&wparam(2));
+	&mov	($key,&wparam(3));
+	&mov	($rounds,&wparam(4));
+	&cmp	($len,16);
+	&jb	(&label("ecb_ret"));
+	&and	($len,-16);
+	&test	($rounds,$rounds)
+	&mov	($rounds,&DWP(240,$key));
+	&mov	($key_,$key);		# backup $key
+	&mov	($rounds_,$rounds);	# backup $rounds
+	&jz	(&label("ecb_decrypt"));
+
+	&sub	($len,0x40);
+	&jbe	(&label("ecb_enc_tail"));
+	&jmp	(&label("ecb_enc_loop3"));
+
+&set_label("ecb_enc_loop3",16);
+	&movups	($inout0,&QWP(0,$inp));
+	&movups	($inout1,&QWP(0x10,$inp));
+	&movups	($inout2,&QWP(0x20,$inp));
+	&call	("_aesni_encrypt3");
+	&sub	($len,0x30);
+	&lea	($inp,&DWP(0x30,$inp));
+	&lea	($out,&DWP(0x30,$out));
+	&movups	(&QWP(-0x30,$out),$inout0);
+	&mov	($key,$key_);		# restore $key
+	&movups	(&QWP(-0x20,$out),$inout1);
+	&mov	($rounds,$rounds_);	# restore $rounds
+	&movups	(&QWP(-0x10,$out),$inout2);
+	&ja	(&label("ecb_enc_loop3"));
+
+&set_label("ecb_enc_tail");
+	&add	($len,0x40);
+	&jz	(&label("ecb_ret"));
+
+	&cmp	($len,0x10);
+	&movups	($inout0,&QWP(0,$inp));
+	&je	(&label("ecb_enc_one"));
+	&cmp	($len,0x20);
+	&movups	($inout1,&QWP(0x10,$inp));
+	&je	(&label("ecb_enc_two"));
+	&cmp	($len,0x30);
+	&movups	($inout2,&QWP(0x20,$inp));
+	&je	(&label("ecb_enc_three"));
+	&movups	($inout3,&QWP(0x30,$inp));
+	&call	("_aesni_encrypt4");
+	&movups	(&QWP(0,$out),$inout0);
+	&movups	(&QWP(0x10,$out),$inout1);
+	&movups	(&QWP(0x20,$out),$inout2);
+	&movups	(&QWP(0x30,$out),$inout3);
+	jmp	(&label("ecb_ret"));
+
+&set_label("ecb_enc_one",16);
+	if ($inline)
+	{   &aesni_inline_generate1("enc");	}
+	else
+	{   &call	("_aesni_encrypt1");	}
+	&movups	(&QWP(0,$out),$inout0);
+	&jmp	(&label("ecb_ret"));
+
+&set_label("ecb_enc_two",16);
+	&call	("_aesni_encrypt3");
+	&movups	(&QWP(0,$out),$inout0);
+	&movups	(&QWP(0x10,$out),$inout1);
+	&jmp	(&label("ecb_ret"));
+
+&set_label("ecb_enc_three",16);
+	&call	("_aesni_encrypt3");
+	&movups	(&QWP(0,$out),$inout0);
+	&movups	(&QWP(0x10,$out),$inout1);
+	&movups	(&QWP(0x20,$out),$inout2);
+	&jmp	(&label("ecb_ret"));
+
+&set_label("ecb_decrypt",16);
+	&sub	($len,0x40);
+	&jbe	(&label("ecb_dec_tail"));
+	&jmp	(&label("ecb_dec_loop3"));
+
+&set_label("ecb_dec_loop3",16);
+	&movups	($inout0,&QWP(0,$inp));
+	&movups	($inout1,&QWP(0x10,$inp));
+	&movups	($inout2,&QWP(0x20,$inp));
+	&call	("_aesni_decrypt3");
+	&sub	($len,0x30);
+	&lea	($inp,&DWP(0x30,$inp));
+	&lea	($out,&DWP(0x30,$out));
+	&movups	(&QWP(-0x30,$out),$inout0);
+	&mov	($key,$key_);		# restore $key
+	&movups	(&QWP(-0x20,$out),$inout1);
+	&mov	($rounds,$rounds_);	# restore $rounds
+	&movups	(&QWP(-0x10,$out),$inout2);
+	&ja	(&label("ecb_dec_loop3"));
+
+&set_label("ecb_dec_tail");
+	&add	($len,0x40);
+	&jz	(&label("ecb_ret"));
+
+	&cmp	($len,0x10);
+	&movups	($inout0,&QWP(0,$inp));
+	&je	(&label("ecb_dec_one"));
+	&cmp	($len,0x20);
+	&movups	($inout1,&QWP(0x10,$inp));
+	&je	(&label("ecb_dec_two"));
+	&cmp	($len,0x30);
+	&movups	($inout2,&QWP(0x20,$inp));
+	&je	(&label("ecb_dec_three"));
+	&movups	($inout3,&QWP(0x30,$inp));
+	&call	("_aesni_decrypt4");
+	&movups	(&QWP(0,$out),$inout0);
+	&movups	(&QWP(0x10,$out),$inout1);
+	&movups	(&QWP(0x20,$out),$inout2);
+	&movups	(&QWP(0x30,$out),$inout3);
+	&jmp	(&label("ecb_ret"));
+
+&set_label("ecb_dec_one",16);
+	if ($inline)
+	{   &aesni_inline_generate1("dec");	}
+	else
+	{   &call	("_aesni_decrypt1");	}
+	&movups	(&QWP(0,$out),$inout0);
+	&jmp	(&label("ecb_ret"));
+
+&set_label("ecb_dec_two",16);
+	&call	("_aesni_decrypt3");
+	&movups	(&QWP(0,$out),$inout0);
+	&movups	(&QWP(0x10,$out),$inout1);
+	&jmp	(&label("ecb_ret"));
+
+&set_label("ecb_dec_three",16);
+	&call	("_aesni_decrypt3");
+	&movups	(&QWP(0,$out),$inout0);
+	&movups	(&QWP(0x10,$out),$inout1);
+	&movups	(&QWP(0x20,$out),$inout2);
+
+&set_label("ecb_ret");
+&function_end("aesni_ecb_encrypt");
+}
+
+# void $PREFIX_cbc_encrypt (const void *inp, void *out,
+#                           size_t length, const AES_KEY *key,
+#                           unsigned char *ivp,const int enc);
+&function_begin("${PREFIX}_cbc_encrypt");
+	&mov	($inp,&wparam(0));
+	&mov	($out,&wparam(1));
+	&mov	($len,&wparam(2));
+	&mov	($key,&wparam(3));
+	&test	($len,$len);
+	&mov	($key_,&wparam(4));
+	&jz	(&label("cbc_ret"));
+
+	&cmp	(&wparam(5),0);
+	&movups	($ivec,&QWP(0,$key_));	# load IV
+	&mov	($rounds,&DWP(240,$key));
+	&mov	($key_,$key);		# backup $key
+	&mov	($rounds_,$rounds);	# backup $rounds
+	&je	(&label("cbc_decrypt"));
+
+	&movaps	($inout0,$ivec);
+	&cmp	($len,16);
+	&jb	(&label("cbc_enc_tail"));
+	&sub	($len,16);
+	&jmp	(&label("cbc_enc_loop"));
+
+&set_label("cbc_enc_loop",16);
+	&movups	($ivec,&QWP(0,$inp));
+	&lea	($inp,&DWP(16,$inp));
+	&pxor	($inout0,$ivec);
+	if ($inline)
+	{   &aesni_inline_generate1("enc");	}
+	else
+	{   &call	("_aesni_encrypt1");	}
+	&sub	($len,16);
+	&lea	($out,&DWP(16,$out));
+	&mov	($rounds,$rounds_);	# restore $rounds
+	&mov	($key,$key_);		# restore $key
+	&movups	(&QWP(-16,$out),$inout0);
+	&jnc	(&label("cbc_enc_loop"));
+	&add	($len,16);
+	&jnz	(&label("cbc_enc_tail"));
+	&movaps	($ivec,$inout0);
+	&jmp	(&label("cbc_ret"));
+
+&set_label("cbc_enc_tail");
+	&mov	("ecx",$len);		# zaps $rounds
+	&data_word(0xA4F3F689);		# rep movsb
+	&mov	("ecx",16);		# zero tail
+	&sub	("ecx",$len);
+	&xor	("eax","eax");		# zaps $len
+	&data_word(0xAAF3F689);		# rep stosb
+	&lea	($out,&DWP(-16,$out));	# rewind $out by 1 block
+	&mov	($rounds,$rounds_);	# restore $rounds
+	&mov	($inp,$out);		# $inp and $out are the same
+	&mov	($key,$key_);		# restore $key
+	&jmp	(&label("cbc_enc_loop"));
+
+&set_label("cbc_decrypt",16);
+	&sub	($len,0x40);
+	&jbe	(&label("cbc_dec_tail"));
+	&jmp	(&label("cbc_dec_loop3"));
+
+&set_label("cbc_dec_loop3",16);
+	&movups	($inout0,&QWP(0,$inp));
+	&movups	($inout1,&QWP(0x10,$inp));
+	&movups	($inout2,&QWP(0x20,$inp));
+	&movaps	($in0,$inout0);
+	&movaps	($in1,$inout1);
+	&call	("_aesni_decrypt3");
+	&sub	($len,0x30);
+	&lea	($inp,&DWP(0x30,$inp));
+	&lea	($out,&DWP(0x30,$out));
+	&pxor	($inout0,$ivec);
+	&pxor	($inout1,$in0);
+	&movups	($ivec,&QWP(-0x10,$inp));
+	&pxor	($inout2,$in1);
+	&movups	(&QWP(-0x30,$out),$inout0);
+	&mov	($rounds,$rounds_)	# restore $rounds
+	&movups	(&QWP(-0x20,$out),$inout1);
+	&mov	($key,$key_);		# restore $key
+	&movups	(&QWP(-0x10,$out),$inout2);
+	&ja	(&label("cbc_dec_loop3"));
+
+&set_label("cbc_dec_tail");
+	&add	($len,0x40);
+	&jz	(&label("cbc_ret"));
+
+	&movups	($inout0,&QWP(0,$inp));
+	&cmp	($len,0x10);
+	&movaps	($in0,$inout0);
+	&jbe	(&label("cbc_dec_one"));
+	&movups	($inout1,&QWP(0x10,$inp));
+	&cmp	($len,0x20);
+	&movaps	($in1,$inout1);
+	&jbe	(&label("cbc_dec_two"));
+	&movups	($inout2,&QWP(0x20,$inp));
+	&cmp	($len,0x30);
+	&jbe	(&label("cbc_dec_three"));
+	&movups	($inout3,&QWP(0x30,$inp));
+	&call	("_aesni_decrypt4");
+	&movups	($rndkey0,&QWP(0x10,$inp));
+	&movups	($rndkey1,&QWP(0x20,$inp));
+	&pxor	($inout0,$ivec);
+	&pxor	($inout1,$in0);
+	&movups	($ivec,&QWP(0x30,$inp));
+	&movups	(&QWP(0,$out),$inout0);
+	&pxor	($inout2,$rndkey0);
+	&pxor	($inout3,$rndkey1);
+	&movups	(&QWP(0x10,$out),$inout1);
+	&movups	(&QWP(0x20,$out),$inout2);
+	&movaps	($inout0,$inout3);
+	&lea	($out,&DWP(0x30,$out));
+	&jmp	(&label("cbc_dec_tail_collected"));
+
+&set_label("cbc_dec_one");
+	if ($inline)
+	{   &aesni_inline_generate1("dec");	}
+	else
+	{   &call	("_aesni_decrypt1");	}
+	&pxor	($inout0,$ivec);
+	&movaps	($ivec,$in0);
+	&jmp	(&label("cbc_dec_tail_collected"));
+
+&set_label("cbc_dec_two");
+	&call	("_aesni_decrypt3");
+	&pxor	($inout0,$ivec);
+	&pxor	($inout1,$in0);
+	&movups	(&QWP(0,$out),$inout0);
+	&movaps	($inout0,$inout1);
+	&movaps	($ivec,$in1);
+	&lea	($out,&DWP(0x10,$out));
+	&jmp	(&label("cbc_dec_tail_collected"));
+
+&set_label("cbc_dec_three");
+	&call	("_aesni_decrypt3");
+	&pxor	($inout0,$ivec);
+	&pxor	($inout1,$in0);
+	&pxor	($inout2,$in1);
+	&movups	(&QWP(0,$out),$inout0);
+	&movups	(&QWP(0x10,$out),$inout1);
+	&movaps	($inout0,$inout2);
+	&movups	($ivec,&QWP(0x20,$inp));
+	&lea	($out,&DWP(0x20,$out));
+
+&set_label("cbc_dec_tail_collected");
+	&and	($len,15);
+	&jnz	(&label("cbc_dec_tail_partial"));
+	&movups	(&QWP(0,$out),$inout0);
+	&jmp	(&label("cbc_ret"));
+
+&set_label("cbc_dec_tail_partial");
+	&mov	($key_,"esp");
+	&sub	("esp",16);
+	&and	("esp",-16);
+	&movaps	(&QWP(0,"esp"),$inout0);
+	&mov	($inp,"esp");
+	&mov	("ecx",$len);
+	&data_word(0xA4F3F689);		# rep movsb
+	&mov	("esp",$key_);
+
+&set_label("cbc_ret");
+	&mov	($key_,&wparam(4));
+	&movups	(&QWP(0,$key_),$ivec);	# output IV
+&function_end("${PREFIX}_cbc_encrypt");
+
+# Mechanical port from aesni-x86_64.pl.
+#
+# _aesni_set_encrypt_key is private interface,
+# input:
+#	"eax"	const unsigned char *userKey
+#	$rounds	int bits
+#	$key	AES_KEY *key
+# output:
+#	"eax"	return code
+#	$round	rounds
+
+&function_begin_B("_aesni_set_encrypt_key");
+	&test	("eax","eax");
+	&jz	(&label("bad_pointer"));
+	&test	($key,$key);
+	&jz	(&label("bad_pointer"));
+
+	&movups	("xmm0",&QWP(0,"eax"));	# pull first 128 bits of *userKey
+	&pxor	("xmm4","xmm4");	# low dword of xmm4 is assumed 0
+	&lea	($key,&DWP(16,$key));
+	&cmp	($rounds,256);
+	&je	(&label("14rounds"));
+	&cmp	($rounds,192);
+	&je	(&label("12rounds"));
+	&cmp	($rounds,128);
+	&jne	(&label("bad_keybits"));
+
+&set_label("10rounds",16);
+	&mov		($rounds,9);
+	&$movekey	(&QWP(-16,$key),"xmm0");	# round 0
+	&aeskeygenassist("xmm1","xmm0",0x01);		# round 1
+	&call		(&label("key_128_cold"));
+	&aeskeygenassist("xmm1","xmm0",0x2);		# round 2
+	&call		(&label("key_128"));
+	&aeskeygenassist("xmm1","xmm0",0x04);		# round 3
+	&call		(&label("key_128"));
+	&aeskeygenassist("xmm1","xmm0",0x08);		# round 4
+	&call		(&label("key_128"));
+	&aeskeygenassist("xmm1","xmm0",0x10);		# round 5
+	&call		(&label("key_128"));
+	&aeskeygenassist("xmm1","xmm0",0x20);		# round 6
+	&call		(&label("key_128"));
+	&aeskeygenassist("xmm1","xmm0",0x40);		# round 7
+	&call		(&label("key_128"));
+	&aeskeygenassist("xmm1","xmm0",0x80);		# round 8
+	&call		(&label("key_128"));
+	&aeskeygenassist("xmm1","xmm0",0x1b);		# round 9
+	&call		(&label("key_128"));
+	&aeskeygenassist("xmm1","xmm0",0x36);		# round 10
+	&call		(&label("key_128"));
+	&$movekey	(&QWP(0,$key),"xmm0");
+	&mov		(&DWP(80,$key),$rounds);
+	&xor		("eax","eax");
+	&ret();
+
+&set_label("key_128",16);
+	&$movekey	(&QWP(0,$key),"xmm0");
+	&lea		($key,&DWP(16,$key));
+&set_label("key_128_cold");
+	&shufps		("xmm4","xmm0",0b00010000);
+	&pxor		("xmm0","xmm4");
+	&shufps		("xmm4","xmm0",0b10001100,);
+	&pxor		("xmm0","xmm4");
+	&pshufd		("xmm1","xmm1",0b11111111);	# critical path
+	&pxor		("xmm0","xmm1");
+	&ret();
+
+&set_label("12rounds",16);
+	&movq		("xmm2",&QWP(16,"eax"));	# remaining 1/3 of *userKey
+	&mov		($rounds,11);
+	&$movekey	(&QWP(-16,$key),"xmm0")		# round 0
+	&aeskeygenassist("xmm1","xmm2",0x01);		# round 1,2
+	&call		(&label("key_192a_cold"));
+	&aeskeygenassist("xmm1","xmm2",0x02);		# round 2,3
+	&call		(&label("key_192b"));
+	&aeskeygenassist("xmm1","xmm2",0x04);		# round 4,5
+	&call		(&label("key_192a"));
+	&aeskeygenassist("xmm1","xmm2",0x08);		# round 5,6
+	&call		(&label("key_192b"));
+	&aeskeygenassist("xmm1","xmm2",0x10);		# round 7,8
+	&call		(&label("key_192a"));
+	&aeskeygenassist("xmm1","xmm2",0x20);		# round 8,9
+	&call		(&label("key_192b"));
+	&aeskeygenassist("xmm1","xmm2",0x40);		# round 10,11
+	&call		(&label("key_192a"));
+	&aeskeygenassist("xmm1","xmm2",0x80);		# round 11,12
+	&call		(&label("key_192b"));
+	&$movekey	(&QWP(0,$key),"xmm0");
+	&mov		(&DWP(48,$key),$rounds);
+	&xor		("eax","eax");
+	&ret();
+
+&set_label("key_192a",16);
+	&$movekey	(&QWP(0,$key),"xmm0");
+	&lea		($key,&DWP(16,$key));
+&set_label("key_192a_cold",16);
+	&movaps		("xmm5","xmm2");
+&set_label("key_192b_warm");
+	&shufps		("xmm4","xmm0",0b00010000);
+	&movaps		("xmm3","xmm2");
+	&pxor		("xmm0","xmm4");
+	&shufps		("xmm4","xmm0",0b10001100);
+	&pslldq		("xmm3",4);
+	&pxor		("xmm0","xmm4");
+	&pshufd		("xmm1","xmm1",0b01010101);	# critical path
+	&pxor		("xmm2","xmm3");
+	&pxor		("xmm0","xmm1");
+	&pshufd		("xmm3","xmm0",0b11111111);
+	&pxor		("xmm2","xmm3");
+	&ret();
+
+&set_label("key_192b",16);
+	&movaps		("xmm3","xmm0");
+	&shufps		("xmm5","xmm0",0b01000100);
+	&$movekey	(&QWP(0,$key),"xmm5");
+	&shufps		("xmm3","xmm2",0b01001110);
+	&$movekey	(&QWP(16,$key),"xmm3");
+	&lea		($key,&DWP(32,$key));
+	&jmp		(&label("key_192b_warm"));
+
+&set_label("14rounds",16);
+	&movups		("xmm2",&QWP(16,"eax"));	# remaining half of *userKey
+	&mov		($rounds,13);
+	&lea		($key,&DWP(16,$key));
+	&$movekey	(&QWP(-32,$key),"xmm0");	# round 0
+	&$movekey	(&QWP(-16,$key),"xmm2");	# round 1
+	&aeskeygenassist("xmm1","xmm2",0x01);		# round 2
+	&call		(&label("key_256a_cold"));
+	&aeskeygenassist("xmm1","xmm0",0x01);		# round 3
+	&call		(&label("key_256b"));
+	&aeskeygenassist("xmm1","xmm2",0x02);		# round 4
+	&call		(&label("key_256a"));
+	&aeskeygenassist("xmm1","xmm0",0x02);		# round 5
+	&call		(&label("key_256b"));
+	&aeskeygenassist("xmm1","xmm2",0x04);		# round 6
+	&call		(&label("key_256a"));
+	&aeskeygenassist("xmm1","xmm0",0x04);		# round 7
+	&call		(&label("key_256b"));
+	&aeskeygenassist("xmm1","xmm2",0x08);		# round 8
+	&call		(&label("key_256a"));
+	&aeskeygenassist("xmm1","xmm0",0x08);		# round 9
+	&call		(&label("key_256b"));
+	&aeskeygenassist("xmm1","xmm2",0x10);		# round 10
+	&call		(&label("key_256a"));
+	&aeskeygenassist("xmm1","xmm0",0x10);		# round 11
+	&call		(&label("key_256b"));
+	&aeskeygenassist("xmm1","xmm2",0x20);		# round 12
+	&call		(&label("key_256a"));
+	&aeskeygenassist("xmm1","xmm0",0x20);		# round 13
+	&call		(&label("key_256b"));
+	&aeskeygenassist("xmm1","xmm2",0x40);		# round 14
+	&call		(&label("key_256a"));
+	&$movekey	(&QWP(0,$key),"xmm0");
+	&mov		(&DWP(16,$key),$rounds);
+	&xor		("eax","eax");
+	&ret();
+
+&set_label("key_256a",16);
+	&$movekey	(&QWP(0,$key),"xmm2");
+	&lea		($key,&DWP(16,$key));
+&set_label("key_256a_cold");
+	&shufps		("xmm4","xmm0",0b00010000);
+	&pxor		("xmm0","xmm4");
+	&shufps		("xmm4","xmm0",0b10001100);
+	&pxor		("xmm0","xmm4");
+	&pshufd		("xmm1","xmm1",0b11111111);	# critical path
+	&pxor		("xmm0","xmm1");
+	&ret();
+
+&set_label("key_256b",16);
+	&$movekey	(&QWP(0,$key),"xmm0");
+	&lea		($key,&DWP(16,$key));
+
+	&shufps		("xmm4","xmm2",0b00010000);
+	&pxor		("xmm2","xmm4");
+	&shufps		("xmm4","xmm2",0b10001100);
+	&pxor		("xmm2","xmm4");
+	&pshufd		("xmm1","xmm1",0b10101010);	# critical path
+	&pxor		("xmm2","xmm1");
+	&ret();
+
+&set_label("bad_pointer",4);
+	&mov	("eax",-1);
+	&ret	();
+&set_label("bad_keybits",4);
+	&mov	("eax",-2);
+	&ret	();
+&function_end_B("_aesni_set_encrypt_key");
+
+# int $PREFIX_set_encrypt_key (const unsigned char *userKey, int bits,
+#                              AES_KEY *key)
+&function_begin_B("${PREFIX}_set_encrypt_key");
+	&mov	("eax",&wparam(0));
+	&mov	($rounds,&wparam(1));
+	&mov	($key,&wparam(2));
+	&call	("_aesni_set_encrypt_key");
+	&ret	();
+&function_end_B("${PREFIX}_set_encrypt_key");
+
+# int $PREFIX_set_decrypt_key (const unsigned char *userKey, int bits,
+#                              AES_KEY *key)
+&function_begin_B("${PREFIX}_set_decrypt_key");
+	&mov	("eax",&wparam(0));
+	&mov	($rounds,&wparam(1));
+	&mov	($key,&wparam(2));
+	&call	("_aesni_set_encrypt_key");
+	&mov	($key,&wparam(2));
+	&shl	($rounds,4)	# rounds-1 after _aesni_set_encrypt_key
+	&test	("eax","eax");
+	&jnz	(&label("dec_key_ret"));
+	&lea	("eax",&DWP(16,$key,$rounds));	# end of key schedule
+
+	&$movekey	("xmm0",&QWP(0,$key));	# just swap
+	&$movekey	("xmm1",&QWP(0,"eax"));
+	&$movekey	(&QWP(0,"eax"),"xmm0");
+	&$movekey	(&QWP(0,$key),"xmm1");
+	&lea		($key,&DWP(16,$key));
+	&lea		("eax",&DWP(-16,"eax"));
+
+&set_label("dec_key_inverse");
+	&$movekey	("xmm0",&QWP(0,$key));	# swap and inverse
+	&$movekey	("xmm1",&QWP(0,"eax"));
+	&aesimc		("xmm0","xmm0");
+	&aesimc		("xmm1","xmm1");
+	&lea		($key,&DWP(16,$key));
+	&lea		("eax",&DWP(-16,"eax"));
+	&cmp		("eax",$key);
+	&$movekey	(&QWP(16,"eax"),"xmm0");
+	&$movekey	(&QWP(-16,$key),"xmm1");
+	&ja		(&label("dec_key_inverse"));
+
+	&$movekey	("xmm0",&QWP(0,$key));	# inverse middle
+	&aesimc		("xmm0","xmm0");
+	&$movekey	(&QWP(0,$key),"xmm0");
+
+	&xor		("eax","eax");		# return success
+&set_label("dec_key_ret");
+	&ret	();
+&function_end_B("${PREFIX}_set_decrypt_key");
+&asciz("AES for Intel AES-NI, CRYPTOGAMS by <appro\@openssl.org>");
+
+&asm_finish();
diff --git a/crypto/aes/asm/aesni-x86_64.pl b/crypto/aes/asm/aesni-x86_64.pl
new file mode 100644
index 0000000000..cdc076e24f
--- /dev/null
+++ b/crypto/aes/asm/aesni-x86_64.pl
@@ -0,0 +1,991 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+#
+# This module implements support for Intel AES-NI extension. In
+# OpenSSL context it's used with Intel engine, but can also be used as
+# drop-in replacement for crypto/aes/asm/aes-x86_64.pl [see below for
+# details].
+
+$PREFIX="aesni";	# if $PREFIX is set to "AES", the script
+			# generates drop-in replacement for
+			# crypto/aes/asm/aes-x86_64.pl:-)
+
+$flavour = shift;
+$output  = shift;
+if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
+
+$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
+die "can't locate x86_64-xlate.pl";
+
+open STDOUT,"| $^X $xlate $flavour $output";
+
+$movkey = $PREFIX eq "aesni" ? "movaps" : "movups";
+@_4args=$win64?	("%rcx","%rdx","%r8", "%r9") :	# Win64 order
+		("%rdi","%rsi","%rdx","%rcx");	# Unix order
+
+$code=".text\n";
+
+$rounds="%eax";	# input to and changed by aesni_[en|de]cryptN !!!
+# this is natural Unix argument order for public $PREFIX_[ecb|cbc]_encrypt ...
+$inp="%rdi";
+$out="%rsi";
+$len="%rdx";
+$key="%rcx";	# input to and changed by aesni_[en|de]cryptN !!!
+$ivp="%r8";	# cbc
+
+$rnds_="%r10d";	# backup copy for $rounds
+$key_="%r11";	# backup copy for $key
+
+# %xmm register layout
+$inout0="%xmm0";	$inout1="%xmm1";
+$inout2="%xmm2";	$inout3="%xmm3";
+$rndkey0="%xmm4";	$rndkey1="%xmm5";
+
+$iv="%xmm6";		$in0="%xmm7";	# used in CBC decrypt
+$in1="%xmm8";		$in2="%xmm9";
+
+# Inline version of internal aesni_[en|de]crypt1.
+#
+# Why folded loop? Because aes[enc|dec] is slow enough to accommodate
+# cycles which take care of loop variables...
+{ my $sn;
+sub aesni_generate1 {
+my ($p,$key,$rounds)=@_;
+++$sn;
+$code.=<<___;
+	$movkey	($key),$rndkey0
+	$movkey	16($key),$rndkey1
+	lea	32($key),$key
+	pxor	$rndkey0,$inout0
+.Loop_${p}1_$sn:
+	aes${p}	$rndkey1,$inout0
+	dec	$rounds
+	$movkey	($key),$rndkey1
+	lea	16($key),$key
+	jnz	.Loop_${p}1_$sn	# loop body is 16 bytes
+	aes${p}last	$rndkey1,$inout0
+___
+}}
+# void $PREFIX_[en|de]crypt (const void *inp,void *out,const AES_KEY *key);
+#
+{ my ($inp,$out,$key) = @_4args;
+
+$code.=<<___;
+.globl	${PREFIX}_encrypt
+.type	${PREFIX}_encrypt,\@abi-omnipotent
+.align	16
+${PREFIX}_encrypt:
+	movups	($inp),$inout0		# load input
+	mov	240($key),$rounds	# pull $rounds
+___
+	&aesni_generate1("enc",$key,$rounds);
+$code.=<<___;
+	movups	$inout0,($out)		# output
+	ret
+.size	${PREFIX}_encrypt,.-${PREFIX}_encrypt
+
+.globl	${PREFIX}_decrypt
+.type	${PREFIX}_decrypt,\@abi-omnipotent
+.align	16
+${PREFIX}_decrypt:
+	movups	($inp),$inout0		# load input
+	mov	240($key),$rounds	# pull $rounds
+___
+	&aesni_generate1("dec",$key,$rounds);
+$code.=<<___;
+	movups	$inout0,($out)		# output
+	ret
+.size	${PREFIX}_decrypt, .-${PREFIX}_decrypt
+___
+}
+
+# _aesni_[en|de]crypt[34] are private interfaces, N denotes interleave
+# factor. Why 3x subroutine is used in loops? Even though aes[enc|dec]
+# latency is 6, it turned out that it can be scheduled only every
+# *second* cycle. Thus 3x interleave is the one providing optimal
+# utilization, i.e. when subroutine's throughput is virtually same as
+# of non-interleaved subroutine [for number of input blocks up to 3].
+# This is why it makes no sense to implement 2x subroutine. As soon
+# as/if Intel improves throughput by making it possible to schedule
+# the instructions in question *every* cycles I would have to
+# implement 6x interleave and use it in loop...
+sub aesni_generate3 {
+my $dir=shift;
+# As already mentioned it takes in $key and $rounds, which are *not*
+# preserved. $inout[0-2] is cipher/clear text...
+$code.=<<___;
+.type	_aesni_${dir}rypt3,\@abi-omnipotent
+.align	16
+_aesni_${dir}rypt3:
+	$movkey	($key),$rndkey0
+	shr	\$1,$rounds
+	$movkey	16($key),$rndkey1
+	lea	32($key),$key
+	pxor	$rndkey0,$inout0
+	pxor	$rndkey0,$inout1
+	pxor	$rndkey0,$inout2
+
+.L${dir}_loop3:
+	aes${dir}	$rndkey1,$inout0
+	$movkey		($key),$rndkey0
+	aes${dir}	$rndkey1,$inout1
+	dec		$rounds
+	aes${dir}	$rndkey1,$inout2
+	aes${dir}	$rndkey0,$inout0
+	$movkey		16($key),$rndkey1
+	aes${dir}	$rndkey0,$inout1
+	lea		32($key),$key
+	aes${dir}	$rndkey0,$inout2
+	jnz		.L${dir}_loop3
+
+	aes${dir}	$rndkey1,$inout0
+	$movkey		($key),$rndkey0
+	aes${dir}	$rndkey1,$inout1
+	aes${dir}	$rndkey1,$inout2
+	aes${dir}last	$rndkey0,$inout0
+	aes${dir}last	$rndkey0,$inout1
+	aes${dir}last	$rndkey0,$inout2
+	ret
+.size	_aesni_${dir}rypt3,.-_aesni_${dir}rypt3
+___
+}
+# 4x interleave is implemented to improve small block performance,
+# most notably [and naturally] 4 block by ~30%. One can argue that one
+# should have implemented 5x as well, but improvement would be <20%,
+# so it's not worth it...
+sub aesni_generate4 {
+my $dir=shift;
+# As already mentioned it takes in $key and $rounds, which are *not*
+# preserved. $inout[0-3] is cipher/clear text...
+$code.=<<___;
+.type	_aesni_${dir}rypt4,\@abi-omnipotent
+.align	16
+_aesni_${dir}rypt4:
+	$movkey	($key),$rndkey0
+	shr	\$1,$rounds
+	$movkey	16($key),$rndkey1
+	lea	32($key),$key
+	pxor	$rndkey0,$inout0
+	pxor	$rndkey0,$inout1
+	pxor	$rndkey0,$inout2
+	pxor	$rndkey0,$inout3
+
+.L${dir}_loop4:
+	aes${dir}	$rndkey1,$inout0
+	$movkey		($key),$rndkey0
+	aes${dir}	$rndkey1,$inout1
+	dec		$rounds
+	aes${dir}	$rndkey1,$inout2
+	aes${dir}	$rndkey1,$inout3
+	aes${dir}	$rndkey0,$inout0
+	$movkey		16($key),$rndkey1
+	aes${dir}	$rndkey0,$inout1
+	lea		32($key),$key
+	aes${dir}	$rndkey0,$inout2
+	aes${dir}	$rndkey0,$inout3
+	jnz		.L${dir}_loop4
+
+	aes${dir}	$rndkey1,$inout0
+	$movkey		($key),$rndkey0
+	aes${dir}	$rndkey1,$inout1
+	aes${dir}	$rndkey1,$inout2
+	aes${dir}	$rndkey1,$inout3
+	aes${dir}last	$rndkey0,$inout0
+	aes${dir}last	$rndkey0,$inout1
+	aes${dir}last	$rndkey0,$inout2
+	aes${dir}last	$rndkey0,$inout3
+	ret
+.size	_aesni_${dir}rypt4,.-_aesni_${dir}rypt4
+___
+}
+&aesni_generate3("enc") if ($PREFIX eq "aesni");
+&aesni_generate3("dec");
+&aesni_generate4("enc") if ($PREFIX eq "aesni");
+&aesni_generate4("dec");
+
+if ($PREFIX eq "aesni") {
+# void aesni_ecb_encrypt (const void *in, void *out,
+#			  size_t length, const AES_KEY *key,
+#			  int enc);
+$code.=<<___;
+.globl	aesni_ecb_encrypt
+.type	aesni_ecb_encrypt,\@function,5
+.align	16
+aesni_ecb_encrypt:
+	cmp	\$16,$len		# check length
+	jb	.Lecb_ret
+
+	mov	240($key),$rounds	# pull $rounds
+	and	\$-16,$len
+	mov	$key,$key_		# backup $key
+	test	%r8d,%r8d		# 5th argument
+	mov	$rounds,$rnds_		# backup $rounds
+	jz	.Lecb_decrypt
+#--------------------------- ECB ENCRYPT ------------------------------#
+	sub	\$0x40,$len
+	jbe	.Lecb_enc_tail
+	jmp	.Lecb_enc_loop3
+.align 16
+.Lecb_enc_loop3:
+	movups	($inp),$inout0
+	movups	0x10($inp),$inout1
+	movups	0x20($inp),$inout2
+	call	_aesni_encrypt3
+	sub	\$0x30,$len
+	lea	0x30($inp),$inp
+	lea	0x30($out),$out
+	movups	$inout0,-0x30($out)
+	mov	$rnds_,$rounds		# restore $rounds
+	movups	$inout1,-0x20($out)
+	mov	$key_,$key		# restore $key
+	movups	$inout2,-0x10($out)
+	ja	.Lecb_enc_loop3
+
+.Lecb_enc_tail:
+	add	\$0x40,$len
+	jz	.Lecb_ret
+
+	cmp	\$0x10,$len
+	movups	($inp),$inout0
+	je	.Lecb_enc_one
+	cmp	\$0x20,$len
+	movups	0x10($inp),$inout1
+	je	.Lecb_enc_two
+	cmp	\$0x30,$len
+	movups	0x20($inp),$inout2
+	je	.Lecb_enc_three
+	movups	0x30($inp),$inout3
+	call	_aesni_encrypt4
+	movups	$inout0,($out)
+	movups	$inout1,0x10($out)
+	movups	$inout2,0x20($out)
+	movups	$inout3,0x30($out)
+	jmp	.Lecb_ret
+.align	16
+.Lecb_enc_one:
+___
+	&aesni_generate1("enc",$key,$rounds);
+$code.=<<___;
+	movups	$inout0,($out)
+	jmp	.Lecb_ret
+.align	16
+.Lecb_enc_two:
+	call	_aesni_encrypt3
+	movups	$inout0,($out)
+	movups	$inout1,0x10($out)
+	jmp	.Lecb_ret
+.align	16
+.Lecb_enc_three:
+	call	_aesni_encrypt3
+	movups	$inout0,($out)
+	movups	$inout1,0x10($out)
+	movups	$inout2,0x20($out)
+	jmp	.Lecb_ret
+#--------------------------- ECB DECRYPT ------------------------------#
+.align	16
+.Lecb_decrypt:
+	sub	\$0x40,$len
+	jbe	.Lecb_dec_tail
+	jmp	.Lecb_dec_loop3
+.align 16
+.Lecb_dec_loop3:
+	movups	($inp),$inout0
+	movups	0x10($inp),$inout1
+	movups	0x20($inp),$inout2
+	call	_aesni_decrypt3
+	sub	\$0x30,$len
+	lea	0x30($inp),$inp
+	lea	0x30($out),$out
+	movups	$inout0,-0x30($out)
+	mov	$rnds_,$rounds		# restore $rounds
+	movups	$inout1,-0x20($out)
+	mov	$key_,$key		# restore $key
+	movups	$inout2,-0x10($out)
+	ja	.Lecb_dec_loop3
+
+.Lecb_dec_tail:
+	add	\$0x40,$len
+	jz	.Lecb_ret
+
+	cmp	\$0x10,$len
+	movups	($inp),$inout0
+	je	.Lecb_dec_one
+	cmp	\$0x20,$len
+	movups	0x10($inp),$inout1
+	je	.Lecb_dec_two
+	cmp	\$0x30,$len
+	movups	0x20($inp),$inout2
+	je	.Lecb_dec_three
+	movups	0x30($inp),$inout3
+	call	_aesni_decrypt4
+	movups	$inout0,($out)
+	movups	$inout1,0x10($out)
+	movups	$inout2,0x20($out)
+	movups	$inout3,0x30($out)
+	jmp	.Lecb_ret
+.align	16
+.Lecb_dec_one:
+___
+	&aesni_generate1("dec",$key,$rounds);
+$code.=<<___;
+	movups	$inout0,($out)
+	jmp	.Lecb_ret
+.align	16
+.Lecb_dec_two:
+	call	_aesni_decrypt3
+	movups	$inout0,($out)
+	movups	$inout1,0x10($out)
+	jmp	.Lecb_ret
+.align	16
+.Lecb_dec_three:
+	call	_aesni_decrypt3
+	movups	$inout0,($out)
+	movups	$inout1,0x10($out)
+	movups	$inout2,0x20($out)
+
+.Lecb_ret:
+	ret
+.size	aesni_ecb_encrypt,.-aesni_ecb_encrypt
+___
+}
+
+# void $PREFIX_cbc_encrypt (const void *inp, void *out,
+#			    size_t length, const AES_KEY *key,
+#			    unsigned char *ivp,const int enc);
+$reserved = $win64?0x40:-0x18;	# used in decrypt
+$code.=<<___;
+.globl	${PREFIX}_cbc_encrypt
+.type	${PREFIX}_cbc_encrypt,\@function,6
+.align	16
+${PREFIX}_cbc_encrypt:
+	test	$len,$len		# check length
+	jz	.Lcbc_ret
+
+	mov	240($key),$rnds_	# pull $rounds
+	mov	$key,$key_		# backup $key
+	test	%r9d,%r9d		# 6th argument
+	jz	.Lcbc_decrypt
+#--------------------------- CBC ENCRYPT ------------------------------#
+	movups	($ivp),$inout0		# load iv as initial state
+	cmp	\$16,$len
+	mov	$rnds_,$rounds
+	jb	.Lcbc_enc_tail
+	sub	\$16,$len
+	jmp	.Lcbc_enc_loop
+.align 16
+.Lcbc_enc_loop:
+	movups	($inp),$inout1		# load input
+	lea	16($inp),$inp
+	pxor	$inout1,$inout0
+___
+	&aesni_generate1("enc",$key,$rounds);
+$code.=<<___;
+	sub	\$16,$len
+	lea	16($out),$out
+	mov	$rnds_,$rounds		# restore $rounds
+	mov	$key_,$key		# restore $key
+	movups	$inout0,-16($out)	# store output
+	jnc	.Lcbc_enc_loop
+	add	\$16,$len
+	jnz	.Lcbc_enc_tail
+	movups	$inout0,($ivp)
+	jmp	.Lcbc_ret
+
+.Lcbc_enc_tail:
+	mov	$len,%rcx	# zaps $key
+	xchg	$inp,$out	# $inp is %rsi and $out is %rdi now
+	.long	0x9066A4F3	# rep movsb
+	mov	\$16,%ecx	# zero tail
+	sub	$len,%rcx
+	xor	%eax,%eax
+	.long	0x9066AAF3	# rep stosb
+	lea	-16(%rdi),%rdi	# rewind $out by 1 block
+	mov	$rnds_,$rounds	# restore $rounds
+	mov	%rdi,%rsi	# $inp and $out are the same
+	mov	$key_,$key	# restore $key
+	xor	$len,$len	# len=16
+	jmp	.Lcbc_enc_loop	# one more spin
+#--------------------------- CBC DECRYPT ------------------------------#
+.align	16
+.Lcbc_decrypt:
+___
+$code.=<<___ if ($win64);
+	lea	-0x58(%rsp),%rsp
+	movaps	%xmm6,(%rsp)
+	movaps	%xmm7,0x10(%rsp)
+	movaps	%xmm8,0x20(%rsp)
+	movaps	%xmm9,0x30(%rsp)
+.Lcbc_decrypt_body:
+___
+$code.=<<___;
+	movups	($ivp),$iv
+	sub	\$0x40,$len
+	mov	$rnds_,$rounds
+	jbe	.Lcbc_dec_tail
+	jmp	.Lcbc_dec_loop3
+.align 16
+.Lcbc_dec_loop3:
+	movups	($inp),$inout0
+	movups	0x10($inp),$inout1
+	movups	0x20($inp),$inout2
+	movaps	$inout0,$in0
+	movaps	$inout1,$in1
+	movaps	$inout2,$in2
+	call	_aesni_decrypt3
+	sub	\$0x30,$len
+	lea	0x30($inp),$inp
+	lea	0x30($out),$out
+	pxor	$iv,$inout0
+	pxor	$in0,$inout1
+	movaps	$in2,$iv
+	pxor	$in1,$inout2
+	movups	$inout0,-0x30($out)
+	mov	$rnds_,$rounds	# restore $rounds
+	movups	$inout1,-0x20($out)
+	mov	$key_,$key	# restore $key
+	movups	$inout2,-0x10($out)
+	ja	.Lcbc_dec_loop3
+
+.Lcbc_dec_tail:
+	add	\$0x40,$len
+	movups	$iv,($ivp)
+	jz	.Lcbc_dec_ret
+
+	movups	($inp),$inout0
+	cmp	\$0x10,$len
+	movaps	$inout0,$in0
+	jbe	.Lcbc_dec_one
+	movups	0x10($inp),$inout1
+	cmp	\$0x20,$len
+	movaps	$inout1,$in1
+	jbe	.Lcbc_dec_two
+	movups	0x20($inp),$inout2
+	cmp	\$0x30,$len
+	movaps	$inout2,$in2
+	jbe	.Lcbc_dec_three
+	movups	0x30($inp),$inout3
+	call	_aesni_decrypt4
+	pxor	$iv,$inout0
+	movups	0x30($inp),$iv
+	pxor	$in0,$inout1
+	movups	$inout0,($out)
+	pxor	$in1,$inout2
+	movups	$inout1,0x10($out)
+	pxor	$in2,$inout3
+	movups	$inout2,0x20($out)
+	movaps	$inout3,$inout0
+	lea	0x30($out),$out
+	jmp	.Lcbc_dec_tail_collected
+.align	16
+.Lcbc_dec_one:
+___
+	&aesni_generate1("dec",$key,$rounds);
+$code.=<<___;
+	pxor	$iv,$inout0
+	movaps	$in0,$iv
+	jmp	.Lcbc_dec_tail_collected
+.align	16
+.Lcbc_dec_two:
+	call	_aesni_decrypt3
+	pxor	$iv,$inout0
+	pxor	$in0,$inout1
+	movups	$inout0,($out)
+	movaps	$in1,$iv
+	movaps	$inout1,$inout0
+	lea	0x10($out),$out
+	jmp	.Lcbc_dec_tail_collected
+.align	16
+.Lcbc_dec_three:
+	call	_aesni_decrypt3
+	pxor	$iv,$inout0
+	pxor	$in0,$inout1
+	movups	$inout0,($out)
+	pxor	$in1,$inout2
+	movups	$inout1,0x10($out)
+	movaps	$in2,$iv
+	movaps	$inout2,$inout0
+	lea	0x20($out),$out
+	jmp	.Lcbc_dec_tail_collected
+.align	16
+.Lcbc_dec_tail_collected:
+	and	\$15,$len
+	movups	$iv,($ivp)
+	jnz	.Lcbc_dec_tail_partial
+	movups	$inout0,($out)
+	jmp	.Lcbc_dec_ret
+.Lcbc_dec_tail_partial:
+	movaps	$inout0,$reserved(%rsp)
+	mov	$out,%rdi
+	mov	$len,%rcx
+	lea	$reserved(%rsp),%rsi
+	.long	0x9066A4F3	# rep movsb
+
+.Lcbc_dec_ret:
+___
+$code.=<<___ if ($win64);
+	movaps	(%rsp),%xmm6
+	movaps	0x10(%rsp),%xmm7
+	movaps	0x20(%rsp),%xmm8
+	movaps	0x30(%rsp),%xmm9
+	lea	0x58(%rsp),%rsp
+___
+$code.=<<___;
+.Lcbc_ret:
+	ret
+.size	${PREFIX}_cbc_encrypt,.-${PREFIX}_cbc_encrypt
+___
+
+# int $PREFIX_set_[en|de]crypt_key (const unsigned char *userKey,
+#				int bits, AES_KEY *key)
+{ my ($inp,$bits,$key) = @_4args;
+  $bits =~ s/%r/%e/;
+
+$code.=<<___;
+.globl	${PREFIX}_set_decrypt_key
+.type	${PREFIX}_set_decrypt_key,\@abi-omnipotent
+.align	16
+${PREFIX}_set_decrypt_key:
+	.byte	0x48,0x83,0xEC,0x08	# sub rsp,8
+	call	_aesni_set_encrypt_key
+	shl	\$4,$bits		# rounds-1 after _aesni_set_encrypt_key
+	test	%eax,%eax
+	jnz	.Ldec_key_ret
+	lea	16($key,$bits),$inp	# points at the end of key schedule
+
+	$movkey	($key),%xmm0		# just swap
+	$movkey	($inp),%xmm1
+	$movkey	%xmm0,($inp)
+	$movkey	%xmm1,($key)
+	lea	16($key),$key
+	lea	-16($inp),$inp
+
+.Ldec_key_inverse:
+	$movkey	($key),%xmm0		# swap and inverse
+	$movkey	($inp),%xmm1
+	aesimc	%xmm0,%xmm0
+	aesimc	%xmm1,%xmm1
+	lea	16($key),$key
+	lea	-16($inp),$inp
+	cmp	$key,$inp
+	$movkey	%xmm0,16($inp)
+	$movkey	%xmm1,-16($key)
+	ja	.Ldec_key_inverse
+
+	$movkey	($key),%xmm0		# inverse middle
+	aesimc	%xmm0,%xmm0
+	$movkey	%xmm0,($inp)
+.Ldec_key_ret:
+	add	\$8,%rsp
+	ret
+.LSEH_end_set_decrypt_key:
+.size	${PREFIX}_set_decrypt_key,.-${PREFIX}_set_decrypt_key
+___
+
+# This is based on submission by
+#
+#	Huang Ying <ying.huang@intel.com>
+#	Vinodh Gopal <vinodh.gopal@intel.com>
+#	Kahraman Akdemir
+#
+# Agressively optimized in respect to aeskeygenassist's critical path
+# and is contained in %xmm0-5 to meet Win64 ABI requirement.
+#
+$code.=<<___;
+.globl	${PREFIX}_set_encrypt_key
+.type	${PREFIX}_set_encrypt_key,\@abi-omnipotent
+.align	16
+${PREFIX}_set_encrypt_key:
+_aesni_set_encrypt_key:
+	.byte	0x48,0x83,0xEC,0x08	# sub rsp,8
+	test	$inp,$inp
+	mov	\$-1,%rax
+	jz	.Lenc_key_ret
+	test	$key,$key
+	jz	.Lenc_key_ret
+
+	movups	($inp),%xmm0		# pull first 128 bits of *userKey
+	pxor	%xmm4,%xmm4		# low dword of xmm4 is assumed 0
+	lea	16($key),%rax
+	cmp	\$256,$bits
+	je	.L14rounds
+	cmp	\$192,$bits
+	je	.L12rounds
+	cmp	\$128,$bits
+	jne	.Lbad_keybits
+
+.L10rounds:
+	mov	\$9,$bits			# 10 rounds for 128-bit key
+	$movkey	%xmm0,($key)			# round 0
+	aeskeygenassist	\$0x1,%xmm0,%xmm1	# round 1
+	call		.Lkey_expansion_128_cold
+	aeskeygenassist	\$0x2,%xmm0,%xmm1	# round 2
+	call		.Lkey_expansion_128
+	aeskeygenassist	\$0x4,%xmm0,%xmm1	# round 3
+	call		.Lkey_expansion_128
+	aeskeygenassist	\$0x8,%xmm0,%xmm1	# round 4
+	call		.Lkey_expansion_128
+	aeskeygenassist	\$0x10,%xmm0,%xmm1	# round 5
+	call		.Lkey_expansion_128
+	aeskeygenassist	\$0x20,%xmm0,%xmm1	# round 6
+	call		.Lkey_expansion_128
+	aeskeygenassist	\$0x40,%xmm0,%xmm1	# round 7
+	call		.Lkey_expansion_128
+	aeskeygenassist	\$0x80,%xmm0,%xmm1	# round 8
+	call		.Lkey_expansion_128
+	aeskeygenassist	\$0x1b,%xmm0,%xmm1	# round 9
+	call		.Lkey_expansion_128
+	aeskeygenassist	\$0x36,%xmm0,%xmm1	# round 10
+	call		.Lkey_expansion_128
+	$movkey	%xmm0,(%rax)
+	mov	$bits,80(%rax)	# 240(%rdx)
+	xor	%eax,%eax
+	jmp	.Lenc_key_ret
+
+.align	16
+.L12rounds:
+	movq	16($inp),%xmm2			# remaining 1/3 of *userKey
+	mov	\$11,$bits			# 12 rounds for 192
+	$movkey	%xmm0,($key)			# round 0
+	aeskeygenassist	\$0x1,%xmm2,%xmm1	# round 1,2
+	call		.Lkey_expansion_192a_cold
+	aeskeygenassist	\$0x2,%xmm2,%xmm1	# round 2,3
+	call		.Lkey_expansion_192b
+	aeskeygenassist	\$0x4,%xmm2,%xmm1	# round 4,5
+	call		.Lkey_expansion_192a
+	aeskeygenassist	\$0x8,%xmm2,%xmm1	# round 5,6
+	call		.Lkey_expansion_192b
+	aeskeygenassist	\$0x10,%xmm2,%xmm1	# round 7,8
+	call		.Lkey_expansion_192a
+	aeskeygenassist	\$0x20,%xmm2,%xmm1	# round 8,9
+	call		.Lkey_expansion_192b
+	aeskeygenassist	\$0x40,%xmm2,%xmm1	# round 10,11
+	call		.Lkey_expansion_192a
+	aeskeygenassist	\$0x80,%xmm2,%xmm1	# round 11,12
+	call		.Lkey_expansion_192b
+	$movkey	%xmm0,(%rax)
+	mov	$bits,48(%rax)	# 240(%rdx)
+	xor	%rax, %rax
+	jmp	.Lenc_key_ret
+
+.align	16
+.L14rounds:
+	movups	16($inp),%xmm2			# remaning half of *userKey
+	mov	\$13,$bits			# 14 rounds for 256
+	lea	16(%rax),%rax
+	$movkey	%xmm0,($key)			# round 0
+	$movkey	%xmm2,16($key)			# round 1
+	aeskeygenassist	\$0x1,%xmm2,%xmm1	# round 2
+	call		.Lkey_expansion_256a_cold
+	aeskeygenassist	\$0x1,%xmm0,%xmm1	# round 3
+	call		.Lkey_expansion_256b
+	aeskeygenassist	\$0x2,%xmm2,%xmm1	# round 4
+	call		.Lkey_expansion_256a
+	aeskeygenassist	\$0x2,%xmm0,%xmm1	# round 5
+	call		.Lkey_expansion_256b
+	aeskeygenassist	\$0x4,%xmm2,%xmm1	# round 6
+	call		.Lkey_expansion_256a
+	aeskeygenassist	\$0x4,%xmm0,%xmm1	# round 7
+	call		.Lkey_expansion_256b
+	aeskeygenassist	\$0x8,%xmm2,%xmm1	# round 8
+	call		.Lkey_expansion_256a
+	aeskeygenassist	\$0x8,%xmm0,%xmm1	# round 9
+	call		.Lkey_expansion_256b
+	aeskeygenassist	\$0x10,%xmm2,%xmm1	# round 10
+	call		.Lkey_expansion_256a
+	aeskeygenassist	\$0x10,%xmm0,%xmm1	# round 11
+	call		.Lkey_expansion_256b
+	aeskeygenassist	\$0x20,%xmm2,%xmm1	# round 12
+	call		.Lkey_expansion_256a
+	aeskeygenassist	\$0x20,%xmm0,%xmm1	# round 13
+	call		.Lkey_expansion_256b
+	aeskeygenassist	\$0x40,%xmm2,%xmm1	# round 14
+	call		.Lkey_expansion_256a
+	$movkey	%xmm0,(%rax)
+	mov	$bits,16(%rax)	# 240(%rdx)
+	xor	%rax,%rax
+	jmp	.Lenc_key_ret
+
+.align	16
+.Lbad_keybits:
+	mov	\$-2,%rax
+.Lenc_key_ret:
+	add	\$8,%rsp
+	ret
+.LSEH_end_set_encrypt_key:
+
+.align	16
+.Lkey_expansion_128:
+	$movkey	%xmm0,(%rax)
+	lea	16(%rax),%rax
+.Lkey_expansion_128_cold:
+	shufps	\$0b00010000,%xmm0,%xmm4
+	pxor	%xmm4, %xmm0
+	shufps	\$0b10001100,%xmm0,%xmm4
+	pxor	%xmm4, %xmm0
+	pshufd	\$0b11111111,%xmm1,%xmm1	# critical path
+	pxor	%xmm1,%xmm0
+	ret
+
+.align 16
+.Lkey_expansion_192a:
+	$movkey	%xmm0,(%rax)
+	lea	16(%rax),%rax
+.Lkey_expansion_192a_cold:
+	movaps	%xmm2, %xmm5
+.Lkey_expansion_192b_warm:
+	shufps	\$0b00010000,%xmm0,%xmm4
+	movaps	%xmm2,%xmm3
+	pxor	%xmm4,%xmm0
+	shufps	\$0b10001100,%xmm0,%xmm4
+	pslldq	\$4,%xmm3
+	pxor	%xmm4,%xmm0
+	pshufd	\$0b01010101,%xmm1,%xmm1	# critical path
+	pxor	%xmm3,%xmm2
+	pxor	%xmm1,%xmm0
+	pshufd	\$0b11111111,%xmm0,%xmm3
+	pxor	%xmm3,%xmm2
+	ret
+
+.align 16
+.Lkey_expansion_192b:
+	movaps	%xmm0,%xmm3
+	shufps	\$0b01000100,%xmm0,%xmm5
+	$movkey	%xmm5,(%rax)
+	shufps	\$0b01001110,%xmm2,%xmm3
+	$movkey	%xmm3,16(%rax)
+	lea	32(%rax),%rax
+	jmp	.Lkey_expansion_192b_warm
+
+.align	16
+.Lkey_expansion_256a:
+	$movkey	%xmm2,(%rax)
+	lea	16(%rax),%rax
+.Lkey_expansion_256a_cold:
+	shufps	\$0b00010000,%xmm0,%xmm4
+	pxor	%xmm4,%xmm0
+	shufps	\$0b10001100,%xmm0,%xmm4
+	pxor	%xmm4,%xmm0
+	pshufd	\$0b11111111,%xmm1,%xmm1	# critical path
+	pxor	%xmm1,%xmm0
+	ret
+
+.align 16
+.Lkey_expansion_256b:
+	$movkey	%xmm0,(%rax)
+	lea	16(%rax),%rax
+
+	shufps	\$0b00010000,%xmm2,%xmm4
+	pxor	%xmm4,%xmm2
+	shufps	\$0b10001100,%xmm2,%xmm4
+	pxor	%xmm4,%xmm2
+	pshufd	\$0b10101010,%xmm1,%xmm1	# critical path
+	pxor	%xmm1,%xmm2
+	ret
+.size	${PREFIX}_set_encrypt_key,.-${PREFIX}_set_encrypt_key
+___
+}
+
+$code.=<<___;
+.asciz  "AES for Intel AES-NI, CRYPTOGAMS by <appro\@openssl.org>"
+.align	64
+___
+
+# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
+#		CONTEXT *context,DISPATCHER_CONTEXT *disp)
+if ($win64) {
+$rec="%rcx";
+$frame="%rdx";
+$context="%r8";
+$disp="%r9";
+
+$code.=<<___;
+.extern	__imp_RtlVirtualUnwind
+.type	cbc_se_handler,\@abi-omnipotent
+.align	16
+cbc_se_handler:
+	push	%rsi
+	push	%rdi
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	pushfq
+	sub	\$64,%rsp
+
+	mov	152($context),%rax	# pull context->Rsp
+	mov	248($context),%rbx	# pull context->Rip
+
+	lea	.Lcbc_decrypt(%rip),%r10
+	cmp	%r10,%rbx		# context->Rip<"prologue" label
+	jb	.Lin_prologue
+
+	lea	.Lcbc_decrypt_body(%rip),%r10
+	cmp	%r10,%rbx		# context->Rip<cbc_decrypt_body
+	jb	.Lrestore_rax
+
+	lea	.Lcbc_ret(%rip),%r10
+	cmp	%r10,%rbx		# context->Rip>="epilogue" label
+	jae	.Lin_prologue
+
+	lea	0(%rax),%rsi		# top of stack
+	lea	512($context),%rdi	# &context.Xmm6
+	mov	\$8,%ecx		# 4*sizeof(%xmm0)/sizeof(%rax)
+	.long	0xa548f3fc		# cld; rep movsq
+	lea	0x58(%rax),%rax		# adjust stack pointer
+	jmp	.Lin_prologue
+
+.Lrestore_rax:
+	mov	120($context),%rax
+.Lin_prologue:
+	mov	8(%rax),%rdi
+	mov	16(%rax),%rsi
+	mov	%rax,152($context)	# restore context->Rsp
+	mov	%rsi,168($context)	# restore context->Rsi
+	mov	%rdi,176($context)	# restore context->Rdi
+
+	jmp	.Lcommon_seh_exit
+.size	cbc_se_handler,.-cbc_se_handler
+
+.type	ecb_se_handler,\@abi-omnipotent
+.align	16
+ecb_se_handler:
+	push	%rsi
+	push	%rdi
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	pushfq
+	sub	\$64,%rsp
+
+	mov	152($context),%rax	# pull context->Rsp
+	mov	8(%rax),%rdi
+	mov	16(%rax),%rsi
+	mov	%rsi,168($context)	# restore context->Rsi
+	mov	%rdi,176($context)	# restore context->Rdi
+
+.Lcommon_seh_exit:
+
+	mov	40($disp),%rdi		# disp->ContextRecord
+	mov	$context,%rsi		# context
+	mov	\$154,%ecx		# sizeof(CONTEXT)
+	.long	0xa548f3fc		# cld; rep movsq
+
+	mov	$disp,%rsi
+	xor	%rcx,%rcx		# arg1, UNW_FLAG_NHANDLER
+	mov	8(%rsi),%rdx		# arg2, disp->ImageBase
+	mov	0(%rsi),%r8		# arg3, disp->ControlPc
+	mov	16(%rsi),%r9		# arg4, disp->FunctionEntry
+	mov	40(%rsi),%r10		# disp->ContextRecord
+	lea	56(%rsi),%r11		# &disp->HandlerData
+	lea	24(%rsi),%r12		# &disp->EstablisherFrame
+	mov	%r10,32(%rsp)		# arg5
+	mov	%r11,40(%rsp)		# arg6
+	mov	%r12,48(%rsp)		# arg7
+	mov	%rcx,56(%rsp)		# arg8, (NULL)
+	call	*__imp_RtlVirtualUnwind(%rip)
+
+	mov	\$1,%eax		# ExceptionContinueSearch
+	add	\$64,%rsp
+	popfq
+	pop	%r15
+	pop	%r14
+	pop	%r13
+	pop	%r12
+	pop	%rbp
+	pop	%rbx
+	pop	%rdi
+	pop	%rsi
+	ret
+.size	cbc_se_handler,.-cbc_se_handler
+
+.section	.pdata
+.align	4
+	.rva	.LSEH_begin_${PREFIX}_ecb_encrypt
+	.rva	.LSEH_end_${PREFIX}_ecb_encrypt
+	.rva	.LSEH_info_ecb
+
+	.rva	.LSEH_begin_${PREFIX}_cbc_encrypt
+	.rva	.LSEH_end_${PREFIX}_cbc_encrypt
+	.rva	.LSEH_info_cbc
+
+	.rva	${PREFIX}_set_decrypt_key
+	.rva	.LSEH_end_set_decrypt_key
+	.rva	.LSEH_info_key
+
+	.rva	${PREFIX}_set_encrypt_key
+	.rva	.LSEH_end_set_encrypt_key
+	.rva	.LSEH_info_key
+.section	.xdata
+.align	8
+.LSEH_info_ecb:
+	.byte	9,0,0,0
+	.rva	ecb_se_handler
+.LSEH_info_cbc:
+	.byte	9,0,0,0
+	.rva	cbc_se_handler
+.LSEH_info_key:
+	.byte	0x01,0x04,0x01,0x00
+	.byte	0x04,0x02,0x00,0x00
+___
+}
+
+sub rex {
+ local *opcode=shift;
+ my ($dst,$src)=@_;
+
+   if ($dst>=8 || $src>=8) {
+	$rex=0x40;
+	$rex|=0x04 if($dst>=8);
+	$rex|=0x01 if($src>=8);
+	push @opcode,$rex;
+   }
+}
+
+sub aesni {
+  my $line=shift;
+  my @opcode=(0x66);
+
+    if ($line=~/(aeskeygenassist)\s+\$([x0-9a-f]+),\s*%xmm([0-9]+),\s*%xmm([0-9]+)/) {
+	rex(\@opcode,$4,$3);
+	push @opcode,0x0f,0x3a,0xdf;
+	push @opcode,0xc0|($3&7)|(($4&7)<<3);	# ModR/M
+	my $c=$2;
+	push @opcode,$c=~/^0/?oct($c):$c;
+	return ".byte\t".join(',',@opcode);
+    }
+    elsif ($line=~/(aes[a-z]+)\s+%xmm([0-9]+),\s*%xmm([0-9]+)/) {
+	my %opcodelet = (
+		"aesimc" => 0xdb,
+		"aesenc" => 0xdc,	"aesenclast" => 0xdd,
+		"aesdec" => 0xde,	"aesdeclast" => 0xdf
+	);
+	return undef if (!defined($opcodelet{$1}));
+	rex(\@opcode,$3,$2);
+	push @opcode,0x0f,0x38,$opcodelet{$1};
+	push @opcode,0xc0|($2&7)|(($3&7)<<3);	# ModR/M
+	return ".byte\t".join(',',@opcode);
+    }
+    return $line;
+}
+
+$code =~ s/\`([^\`]*)\`/eval($1)/gem;
+$code =~ s/\b(aes.*%xmm[0-9]+).*$/aesni($1)/gem;
+
+print $code;
+
+close STDOUT;
diff --git a/crypto/alphacpuid.s b/crypto/alphacpuid.s
new file mode 100644
index 0000000000..3fa77a0ade
--- /dev/null
+++ b/crypto/alphacpuid.s
@@ -0,0 +1,125 @@
+.text
+
+.set	noat
+
+.globl	OPENSSL_cpuid_setup
+.ent	OPENSSL_cpuid_setup
+OPENSSL_cpuid_setup:
+	.frame	$30,0,$26
+	.prologue 0
+	ret	($26)
+.end	OPENSSL_cpuid_setup
+
+.globl	OPENSSL_wipe_cpu
+.ent	OPENSSL_wipe_cpu
+OPENSSL_wipe_cpu:
+	.frame	$30,0,$26
+	.prologue 0
+	clr	$1
+	clr	$2
+	clr	$3
+	clr	$4
+	clr	$5
+	clr	$6
+	clr	$7
+	clr	$8
+	clr	$16
+	clr	$17
+	clr	$18
+	clr	$19
+	clr	$20
+	clr	$21
+	clr	$22
+	clr	$23
+	clr	$24
+	clr	$25
+	clr	$27
+	clr	$at
+	clr	$29
+	fclr	$f0
+	fclr	$f1
+	fclr	$f10
+	fclr	$f11
+	fclr	$f12
+	fclr	$f13
+	fclr	$f14
+	fclr	$f15
+	fclr	$f16
+	fclr	$f17
+	fclr	$f18
+	fclr	$f19
+	fclr	$f20
+	fclr	$f21
+	fclr	$f22
+	fclr	$f23
+	fclr	$f24
+	fclr	$f25
+	fclr	$f26
+	fclr	$f27
+	fclr	$f28
+	fclr	$f29
+	fclr	$f30
+	mov	$sp,$0
+	ret	($26)
+.end	OPENSSL_wipe_cpu
+
+.globl	OPENSSL_atomic_add
+.ent	OPENSSL_atomic_add
+OPENSSL_atomic_add:
+	.frame	$30,0,$26
+	.prologue 0
+1:	ldl_l	$0,($16)
+	addl	$0,$17,$1
+	stl_c	$1,($16)
+	beq	$1,1b
+	addl	$0,$17,$0
+	ret	($26)
+.end	OPENSSL_atomic_add
+
+.globl	OPENSSL_rdtsc
+.ent	OPENSSL_rdtsc
+OPENSSL_rdtsc:
+	.frame	$30,0,$26
+	.prologue 0
+	rpcc	$0
+	ret	($26)
+.end	OPENSSL_rdtsc
+
+.globl	OPENSSL_cleanse
+.ent	OPENSSL_cleanse
+OPENSSL_cleanse:
+	.frame	$30,0,$26
+	.prologue 0
+	beq	$17,.Ldone
+	and	$16,7,$0
+	bic	$17,7,$at
+	beq	$at,.Little
+	beq	$0,.Laligned
+
+.Little:
+	ldq_u	$1,0($16)
+	mov	$16,$2
+.Lalign:
+	mskbl	$1,$16,$1
+	lda	$16,1($16)
+	subq	$17,1,$17
+	subq	$0,1,$0
+	beq	$17,.Lout
+	bne	$0,.Lalign
+.Lout:	stq_u	$1,0($2)
+	beq	$17,.Ldone
+	bic	$17,7,$at
+	mov	$17,$0
+	beq	$at,.Little
+
+.Laligned:
+	stq	$31,0($16)
+	subq	$17,8,$17
+	lda	$16,8($16)
+	bic	$17,7,$at
+	bne	$at,.Laligned
+	beq	$17,.Ldone
+	mov	$17,$0
+	br	.Little
+.Ldone: ret	($26)
+.end	OPENSSL_cleanse
diff --git a/crypto/amd64cpuid.pl b/crypto/amd64cpuid.pl
deleted file mode 100644
index 097f6b8d5c..0000000000
--- a/crypto/amd64cpuid.pl
+++ /dev/null
@@ -1,139 +0,0 @@
-#!/usr/bin/env perl
-
-$output=shift;
-$win64a=1 if ($output =~ /win64a\.[s|asm]/);
-open STDOUT,">$output" || die "can't open $output: $!";
-
-print<<___ if(defined($win64a));
-_TEXT	SEGMENT
-PUBLIC	OPENSSL_rdtsc
-ALIGN	16
-OPENSSL_rdtsc	PROC
-	rdtsc
-	shl	rdx,32
-	or	rax,rdx
-	ret
-OPENSSL_rdtsc	ENDP
-
-PUBLIC	OPENSSL_atomic_add
-ALIGN	16
-OPENSSL_atomic_add	PROC
-	mov	eax,DWORD PTR[rcx]
-\$Lspin:	lea	r8,DWORD PTR[rdx+rax]
-lock	cmpxchg	DWORD PTR[rcx],r8d
-	jne	\$Lspin
-	mov	eax,r8d
-	cdqe    
-	ret
-OPENSSL_atomic_add	ENDP
-
-PUBLIC	OPENSSL_wipe_cpu
-ALIGN	16
-OPENSSL_wipe_cpu	PROC
-	pxor	xmm0,xmm0
-	pxor	xmm1,xmm1
-	pxor	xmm2,xmm2
-	pxor	xmm3,xmm3
-	pxor	xmm4,xmm4
-	pxor	xmm5,xmm5
-	xor	rcx,rcx
-	xor	rdx,rdx
-	xor	r8,r8
-	xor	r9,r9
-	xor	r10,r10
-	xor	r11,r11
-	lea	rax,QWORD PTR[rsp+8]
-	ret
-OPENSSL_wipe_cpu	ENDP
-
-OPENSSL_ia32_cpuid	PROC
-	mov	r8,rbx
-	mov	eax,1
-	cpuid
-	shl	rcx,32
-	mov	eax,edx
-	mov	rbx,r8
-	or	rax,rcx
-	ret
-OPENSSL_ia32_cpuid	ENDP
-_TEXT	ENDS
-
-CRT\$XIU	SEGMENT
-EXTRN	OPENSSL_cpuid_setup:PROC
-DQ	OPENSSL_cpuid_setup
-CRT\$XIU	ENDS
-END
-___
-print<<___ if(!defined($win64a));
-.text
-.globl	OPENSSL_rdtsc
-.align	16
-OPENSSL_rdtsc:
-	rdtsc
-	shl	\$32,%rdx
-	or	%rdx,%rax
-	ret
-.size	OPENSSL_rdtsc,.-OPENSSL_rdtsc
-
-.globl	OPENSSL_atomic_add
-.type	OPENSSL_atomic_add,\@function
-.align	16
-OPENSSL_atomic_add:
-	movl	(%rdi),%eax
-.Lspin:	lea	(%rsi,%rax),%r8
-lock;	cmpxchg	%r8d,(%rdi)
-	jne	.Lspin
-	mov	%r8d,%eax
-	cdqe
-	ret
-.size	OPENSSL_atomic_add,.-OPENSSL_atomic_add
-
-.globl	OPENSSL_wipe_cpu
-.type	OPENSSL_wipe_cpu,\@function
-.align	16
-OPENSSL_wipe_cpu:
-	pxor	%xmm0,%xmm0
-	pxor	%xmm1,%xmm1
-	pxor	%xmm2,%xmm2
-	pxor	%xmm3,%xmm3
-	pxor	%xmm4,%xmm4
-	pxor	%xmm5,%xmm5
-	pxor	%xmm6,%xmm6
-	pxor	%xmm7,%xmm7
-	pxor	%xmm8,%xmm8
-	pxor	%xmm9,%xmm9
-	pxor	%xmm10,%xmm10
-	pxor	%xmm11,%xmm11
-	pxor	%xmm12,%xmm12
-	pxor	%xmm13,%xmm13
-	pxor	%xmm14,%xmm14
-	pxor	%xmm15,%xmm15
-	xor	%rcx,%rcx
-	xor	%rdx,%rdx
-	xor	%rsi,%rsi
-	xor	%rdi,%rdi
-	xor	%r8,%r8
-	xor	%r9,%r9
-	xor	%r10,%r10
-	xor	%r11,%r11
-	lea	8(%rsp),%rax
-	ret
-.size	OPENSSL_wipe_cpu,.-OPENSSL_wipe_cpu
-
-.globl	OPENSSL_ia32_cpuid
-.align	16
-OPENSSL_ia32_cpuid:
-	mov	%rbx,%r8
-	mov	\$1,%eax
-	cpuid
-	shl	\$32,%rcx
-	mov	%edx,%eax
-	mov	%r8,%rbx
-	or	%rcx,%rax
-	ret
-.size	OPENSSL_ia32_cpuid,.-OPENSSL_ia32_cpuid
-
-.section	.init
-	call	OPENSSL_cpuid_setup
-	.align	16
-___
diff --git a/crypto/asn1/.cvsignore b/crypto/asn1/.cvsignore
index c6d03a9dbc..439e6d3eb6 100644
--- a/crypto/asn1/.cvsignore
+++ b/crypto/asn1/.cvsignore
@@ -1,2 +1,4 @@
 lib
 Makefile.save
+*.flc
+semantic.cache
diff --git a/crypto/asn1/Makefile.ssl b/crypto/asn1/Makefile.ssl
deleted file mode 100644
index 18cf975dca..0000000000
--- a/crypto/asn1/Makefile.ssl
+++ /dev/null
@@ -1,873 +0,0 @@
-#
-# SSLeay/crypto/asn1/Makefile
-#
-
-DIR=	asn1
-TOP=	../..
-CC=	cc
-INCLUDES= -I.. -I$(TOP) -I../../include
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile README
-TEST=
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=	a_object.c a_bitstr.c a_utctm.c a_gentm.c a_time.c a_int.c a_octet.c \
-	a_print.c a_type.c a_set.c a_dup.c a_d2i_fp.c a_i2d_fp.c \
-	a_enum.c a_utf8.c a_sign.c a_digest.c a_verify.c a_mbstr.c a_strex.c \
-	x_algor.c x_val.c x_pubkey.c x_sig.c x_req.c x_attrib.c x_bignum.c \
-	x_long.c x_name.c x_x509.c x_x509a.c x_crl.c x_info.c x_spki.c nsseq.c \
-	d2i_pu.c d2i_pr.c i2d_pu.c i2d_pr.c\
-	t_req.c t_x509.c t_x509a.c t_crl.c t_pkey.c t_spki.c t_bitst.c \
-	tasn_new.c tasn_fre.c tasn_enc.c tasn_dec.c tasn_utl.c tasn_typ.c \
-	f_int.c f_string.c n_pkey.c \
-	f_enum.c a_hdr.c x_pkey.c a_bool.c x_exten.c \
-	asn1_gen.c asn1_par.c asn1_lib.c asn1_err.c a_meth.c a_bytes.c a_strnid.c \
-	evp_asn1.c asn_pack.c p5_pbe.c p5_pbev2.c p8_pkey.c asn_moid.c
-LIBOBJ= a_object.o a_bitstr.o a_utctm.o a_gentm.o a_time.o a_int.o a_octet.o \
-	a_print.o a_type.o a_set.o a_dup.o a_d2i_fp.o a_i2d_fp.o \
-	a_enum.o a_utf8.o a_sign.o a_digest.o a_verify.o a_mbstr.o a_strex.o \
-	x_algor.o x_val.o x_pubkey.o x_sig.o x_req.o x_attrib.o x_bignum.o \
-	x_long.o x_name.o x_x509.o x_x509a.o x_crl.o x_info.o x_spki.o nsseq.o \
-	d2i_pu.o d2i_pr.o i2d_pu.o i2d_pr.o \
-	t_req.o t_x509.o t_x509a.o t_crl.o t_pkey.o t_spki.o t_bitst.o \
-	tasn_new.o tasn_fre.o tasn_enc.o tasn_dec.o tasn_utl.o tasn_typ.o \
-	f_int.o f_string.o n_pkey.o \
-	f_enum.o a_hdr.o x_pkey.o a_bool.o x_exten.o \
-	asn1_gen.o asn1_par.o asn1_lib.o asn1_err.o a_meth.o a_bytes.o a_strnid.o \
-	evp_asn1.o asn_pack.o p5_pbe.o p5_pbev2.o p8_pkey.o asn_moid.o
-
-SRC= $(LIBSRC)
-
-EXHEADER=  asn1.h asn1_mac.h asn1t.h
-HEADER=	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-test:	test.c
-	cc -g -I../../include -c test.c
-	cc -g -I../../include -o test test.o -L../.. -lcrypto
-
-pk:	pk.c
-	cc -g -I../../include -c pk.c
-	cc -g -I../../include -o pk pk.o -L../.. -lcrypto
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@sh $(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-a_bitstr.o: ../../e_os.h ../../include/openssl/asn1.h
-a_bitstr.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-a_bitstr.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-a_bitstr.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-a_bitstr.o: ../../include/openssl/opensslconf.h
-a_bitstr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-a_bitstr.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-a_bitstr.o: ../../include/openssl/symhacks.h ../cryptlib.h a_bitstr.c
-a_bool.o: ../../e_os.h ../../include/openssl/asn1.h
-a_bool.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
-a_bool.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-a_bool.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-a_bool.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-a_bool.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-a_bool.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-a_bool.o: ../../include/openssl/symhacks.h ../cryptlib.h a_bool.c
-a_bytes.o: ../../e_os.h ../../include/openssl/asn1.h
-a_bytes.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-a_bytes.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-a_bytes.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-a_bytes.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-a_bytes.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-a_bytes.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-a_bytes.o: ../cryptlib.h a_bytes.c
-a_d2i_fp.o: ../../e_os.h ../../include/openssl/asn1.h
-a_d2i_fp.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h
-a_d2i_fp.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-a_d2i_fp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-a_d2i_fp.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-a_d2i_fp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-a_d2i_fp.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-a_d2i_fp.o: ../../include/openssl/symhacks.h ../cryptlib.h a_d2i_fp.c
-a_digest.o: ../../e_os.h ../../include/openssl/asn1.h
-a_digest.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-a_digest.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-a_digest.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-a_digest.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-a_digest.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-a_digest.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-a_digest.o: ../../include/openssl/opensslconf.h
-a_digest.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-a_digest.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-a_digest.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-a_digest.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-a_digest.o: ../../include/openssl/x509_vfy.h ../cryptlib.h a_digest.c
-a_dup.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-a_dup.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-a_dup.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-a_dup.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-a_dup.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-a_dup.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-a_dup.o: ../../include/openssl/symhacks.h ../cryptlib.h a_dup.c
-a_enum.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-a_enum.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-a_enum.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-a_enum.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-a_enum.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-a_enum.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-a_enum.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-a_enum.o: ../cryptlib.h a_enum.c
-a_gentm.o: ../../e_os.h ../../include/openssl/asn1.h
-a_gentm.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-a_gentm.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-a_gentm.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-a_gentm.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-a_gentm.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-a_gentm.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-a_gentm.o: ../cryptlib.h ../o_time.h a_gentm.c
-a_hdr.o: ../../e_os.h ../../include/openssl/asn1.h
-a_hdr.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h
-a_hdr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-a_hdr.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-a_hdr.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-a_hdr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-a_hdr.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-a_hdr.o: ../../include/openssl/symhacks.h ../cryptlib.h a_hdr.c
-a_i2d_fp.o: ../../e_os.h ../../include/openssl/asn1.h
-a_i2d_fp.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-a_i2d_fp.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-a_i2d_fp.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-a_i2d_fp.o: ../../include/openssl/opensslconf.h
-a_i2d_fp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-a_i2d_fp.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-a_i2d_fp.o: ../../include/openssl/symhacks.h ../cryptlib.h a_i2d_fp.c
-a_int.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-a_int.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-a_int.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-a_int.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-a_int.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-a_int.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-a_int.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-a_int.o: ../cryptlib.h a_int.c
-a_mbstr.o: ../../e_os.h ../../include/openssl/asn1.h
-a_mbstr.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-a_mbstr.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-a_mbstr.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-a_mbstr.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-a_mbstr.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-a_mbstr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-a_mbstr.o: ../cryptlib.h a_mbstr.c
-a_meth.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-a_meth.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-a_meth.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-a_meth.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-a_meth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-a_meth.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-a_meth.o: ../../include/openssl/symhacks.h ../cryptlib.h a_meth.c
-a_object.o: ../../e_os.h ../../include/openssl/asn1.h
-a_object.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-a_object.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-a_object.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-a_object.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-a_object.o: ../../include/openssl/opensslconf.h
-a_object.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-a_object.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-a_object.o: ../../include/openssl/symhacks.h ../cryptlib.h a_object.c
-a_octet.o: ../../e_os.h ../../include/openssl/asn1.h
-a_octet.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-a_octet.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-a_octet.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-a_octet.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-a_octet.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-a_octet.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-a_octet.o: ../cryptlib.h a_octet.c
-a_print.o: ../../e_os.h ../../include/openssl/asn1.h
-a_print.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-a_print.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-a_print.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-a_print.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-a_print.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-a_print.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-a_print.o: ../cryptlib.h a_print.c
-a_set.o: ../../e_os.h ../../include/openssl/asn1.h
-a_set.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h
-a_set.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-a_set.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-a_set.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-a_set.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-a_set.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-a_set.o: ../../include/openssl/symhacks.h ../cryptlib.h a_set.c
-a_sign.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-a_sign.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-a_sign.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-a_sign.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-a_sign.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-a_sign.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-a_sign.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-a_sign.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-a_sign.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-a_sign.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-a_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-a_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-a_sign.o: ../cryptlib.h a_sign.c
-a_strex.o: ../../e_os.h ../../include/openssl/asn1.h
-a_strex.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-a_strex.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-a_strex.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-a_strex.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-a_strex.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-a_strex.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-a_strex.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-a_strex.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-a_strex.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-a_strex.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-a_strex.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-a_strex.o: ../cryptlib.h a_strex.c charmap.h
-a_strnid.o: ../../e_os.h ../../include/openssl/asn1.h
-a_strnid.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-a_strnid.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-a_strnid.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-a_strnid.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-a_strnid.o: ../../include/openssl/opensslconf.h
-a_strnid.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-a_strnid.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-a_strnid.o: ../../include/openssl/symhacks.h ../cryptlib.h a_strnid.c
-a_time.o: ../../e_os.h ../../include/openssl/asn1.h
-a_time.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
-a_time.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-a_time.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-a_time.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-a_time.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-a_time.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-a_time.o: ../../include/openssl/symhacks.h ../cryptlib.h ../o_time.h a_time.c
-a_type.o: ../../e_os.h ../../include/openssl/asn1.h
-a_type.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
-a_type.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-a_type.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-a_type.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-a_type.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-a_type.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-a_type.o: ../../include/openssl/symhacks.h ../cryptlib.h a_type.c
-a_utctm.o: ../../e_os.h ../../include/openssl/asn1.h
-a_utctm.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-a_utctm.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-a_utctm.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-a_utctm.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-a_utctm.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-a_utctm.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-a_utctm.o: ../cryptlib.h ../o_time.h a_utctm.c
-a_utf8.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-a_utf8.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-a_utf8.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-a_utf8.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-a_utf8.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-a_utf8.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-a_utf8.o: ../../include/openssl/symhacks.h ../cryptlib.h a_utf8.c
-a_verify.o: ../../e_os.h ../../include/openssl/asn1.h
-a_verify.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-a_verify.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-a_verify.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-a_verify.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-a_verify.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-a_verify.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-a_verify.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-a_verify.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-a_verify.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-a_verify.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-a_verify.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-a_verify.o: ../../include/openssl/x509_vfy.h ../cryptlib.h a_verify.c
-asn1_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-asn1_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-asn1_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-asn1_err.o: ../../include/openssl/opensslconf.h
-asn1_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-asn1_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-asn1_err.o: ../../include/openssl/symhacks.h asn1_err.c
-asn1_gen.o: ../../e_os.h ../../include/openssl/asn1.h
-asn1_gen.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-asn1_gen.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-asn1_gen.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-asn1_gen.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-asn1_gen.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-asn1_gen.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-asn1_gen.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-asn1_gen.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-asn1_gen.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-asn1_gen.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-asn1_gen.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-asn1_gen.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-asn1_gen.o: ../cryptlib.h asn1_gen.c
-asn1_lib.o: ../../e_os.h ../../include/openssl/asn1.h
-asn1_lib.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h
-asn1_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-asn1_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-asn1_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-asn1_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-asn1_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-asn1_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h asn1_lib.c
-asn1_par.o: ../../e_os.h ../../include/openssl/asn1.h
-asn1_par.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-asn1_par.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-asn1_par.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-asn1_par.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-asn1_par.o: ../../include/openssl/opensslconf.h
-asn1_par.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-asn1_par.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-asn1_par.o: ../../include/openssl/symhacks.h ../cryptlib.h asn1_par.c
-asn_moid.o: ../../e_os.h ../../include/openssl/asn1.h
-asn_moid.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-asn_moid.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-asn_moid.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
-asn_moid.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-asn_moid.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-asn_moid.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-asn_moid.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-asn_moid.o: ../../include/openssl/opensslconf.h
-asn_moid.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-asn_moid.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-asn_moid.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-asn_moid.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-asn_moid.o: ../../include/openssl/x509_vfy.h ../cryptlib.h asn_moid.c
-asn_pack.o: ../../e_os.h ../../include/openssl/asn1.h
-asn_pack.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-asn_pack.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-asn_pack.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-asn_pack.o: ../../include/openssl/opensslconf.h
-asn_pack.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-asn_pack.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-asn_pack.o: ../../include/openssl/symhacks.h ../cryptlib.h asn_pack.c
-d2i_pr.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-d2i_pr.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-d2i_pr.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h
-d2i_pr.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-d2i_pr.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-d2i_pr.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-d2i_pr.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-d2i_pr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-d2i_pr.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-d2i_pr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-d2i_pr.o: ../cryptlib.h d2i_pr.c
-d2i_pu.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-d2i_pu.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-d2i_pu.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h
-d2i_pu.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-d2i_pu.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-d2i_pu.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-d2i_pu.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-d2i_pu.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-d2i_pu.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-d2i_pu.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-d2i_pu.o: ../cryptlib.h d2i_pu.c
-evp_asn1.o: ../../e_os.h ../../include/openssl/asn1.h
-evp_asn1.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h
-evp_asn1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-evp_asn1.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-evp_asn1.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-evp_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-evp_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-evp_asn1.o: ../../include/openssl/symhacks.h ../cryptlib.h evp_asn1.c
-f_enum.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-f_enum.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-f_enum.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-f_enum.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-f_enum.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-f_enum.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-f_enum.o: ../../include/openssl/symhacks.h ../cryptlib.h f_enum.c
-f_int.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-f_int.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-f_int.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-f_int.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-f_int.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-f_int.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-f_int.o: ../../include/openssl/symhacks.h ../cryptlib.h f_int.c
-f_string.o: ../../e_os.h ../../include/openssl/asn1.h
-f_string.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-f_string.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-f_string.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-f_string.o: ../../include/openssl/opensslconf.h
-f_string.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-f_string.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-f_string.o: ../../include/openssl/symhacks.h ../cryptlib.h f_string.c
-i2d_pr.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-i2d_pr.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-i2d_pr.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h
-i2d_pr.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-i2d_pr.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-i2d_pr.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-i2d_pr.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-i2d_pr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-i2d_pr.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-i2d_pr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-i2d_pr.o: ../cryptlib.h i2d_pr.c
-i2d_pu.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-i2d_pu.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-i2d_pu.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h
-i2d_pu.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-i2d_pu.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-i2d_pu.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-i2d_pu.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-i2d_pu.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-i2d_pu.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-i2d_pu.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-i2d_pu.o: ../cryptlib.h i2d_pu.c
-n_pkey.o: ../../e_os.h ../../include/openssl/asn1.h
-n_pkey.o: ../../include/openssl/asn1_mac.h ../../include/openssl/asn1t.h
-n_pkey.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-n_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-n_pkey.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-n_pkey.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-n_pkey.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-n_pkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-n_pkey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-n_pkey.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-n_pkey.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-n_pkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-n_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-n_pkey.o: ../../include/openssl/x509_vfy.h ../cryptlib.h n_pkey.c
-nsseq.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
-nsseq.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-nsseq.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-nsseq.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-nsseq.o: ../../include/openssl/ecdsa.h ../../include/openssl/evp.h
-nsseq.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-nsseq.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-nsseq.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-nsseq.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-nsseq.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-nsseq.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-nsseq.o: ../../include/openssl/x509_vfy.h nsseq.c
-p5_pbe.o: ../../e_os.h ../../include/openssl/asn1.h
-p5_pbe.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
-p5_pbe.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-p5_pbe.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-p5_pbe.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-p5_pbe.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-p5_pbe.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-p5_pbe.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p5_pbe.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-p5_pbe.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
-p5_pbe.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-p5_pbe.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-p5_pbe.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-p5_pbe.o: ../cryptlib.h p5_pbe.c
-p5_pbev2.o: ../../e_os.h ../../include/openssl/asn1.h
-p5_pbev2.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
-p5_pbev2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-p5_pbev2.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-p5_pbev2.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-p5_pbev2.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-p5_pbev2.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-p5_pbev2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p5_pbev2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-p5_pbev2.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
-p5_pbev2.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-p5_pbev2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-p5_pbev2.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-p5_pbev2.o: ../cryptlib.h p5_pbev2.c
-p8_pkey.o: ../../e_os.h ../../include/openssl/asn1.h
-p8_pkey.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
-p8_pkey.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-p8_pkey.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-p8_pkey.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-p8_pkey.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-p8_pkey.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-p8_pkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p8_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-p8_pkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-p8_pkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p8_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p8_pkey.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p8_pkey.c
-t_bitst.o: ../../e_os.h ../../include/openssl/asn1.h
-t_bitst.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-t_bitst.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-t_bitst.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-t_bitst.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-t_bitst.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-t_bitst.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-t_bitst.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-t_bitst.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-t_bitst.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-t_bitst.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-t_bitst.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-t_bitst.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-t_bitst.o: ../cryptlib.h t_bitst.c
-t_crl.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-t_crl.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-t_crl.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-t_crl.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-t_crl.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-t_crl.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-t_crl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-t_crl.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-t_crl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-t_crl.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-t_crl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-t_crl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-t_crl.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-t_crl.o: ../cryptlib.h t_crl.c
-t_pkey.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-t_pkey.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-t_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
-t_pkey.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-t_pkey.o: ../../include/openssl/ec.h ../../include/openssl/err.h
-t_pkey.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-t_pkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-t_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-t_pkey.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-t_pkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-t_pkey.o: ../cryptlib.h t_pkey.c
-t_req.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-t_req.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-t_req.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-t_req.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-t_req.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-t_req.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-t_req.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-t_req.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-t_req.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-t_req.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-t_req.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-t_req.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-t_req.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-t_req.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-t_req.o: ../cryptlib.h t_req.c
-t_spki.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-t_spki.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-t_spki.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h
-t_spki.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-t_spki.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-t_spki.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-t_spki.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-t_spki.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-t_spki.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-t_spki.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
-t_spki.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-t_spki.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-t_spki.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-t_spki.o: ../cryptlib.h t_spki.c
-t_x509.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-t_x509.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-t_x509.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-t_x509.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-t_x509.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-t_x509.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-t_x509.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-t_x509.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-t_x509.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-t_x509.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-t_x509.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-t_x509.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-t_x509.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-t_x509.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-t_x509.o: ../cryptlib.h t_x509.c
-t_x509a.o: ../../e_os.h ../../include/openssl/asn1.h
-t_x509a.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-t_x509a.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-t_x509a.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-t_x509a.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-t_x509a.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-t_x509a.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-t_x509a.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-t_x509a.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-t_x509a.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-t_x509a.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-t_x509a.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-t_x509a.o: ../cryptlib.h t_x509a.c
-tasn_dec.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
-tasn_dec.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-tasn_dec.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-tasn_dec.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-tasn_dec.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-tasn_dec.o: ../../include/openssl/opensslconf.h
-tasn_dec.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-tasn_dec.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-tasn_dec.o: ../../include/openssl/symhacks.h tasn_dec.c
-tasn_enc.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
-tasn_enc.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
-tasn_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/obj_mac.h
-tasn_enc.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-tasn_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-tasn_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-tasn_enc.o: ../../include/openssl/symhacks.h tasn_enc.c
-tasn_fre.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
-tasn_fre.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
-tasn_fre.o: ../../include/openssl/e_os2.h ../../include/openssl/obj_mac.h
-tasn_fre.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-tasn_fre.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-tasn_fre.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-tasn_fre.o: ../../include/openssl/symhacks.h tasn_fre.c
-tasn_new.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
-tasn_new.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
-tasn_new.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-tasn_new.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-tasn_new.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-tasn_new.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-tasn_new.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-tasn_new.o: ../../include/openssl/symhacks.h tasn_new.c
-tasn_typ.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
-tasn_typ.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
-tasn_typ.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
-tasn_typ.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-tasn_typ.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-tasn_typ.o: ../../include/openssl/symhacks.h tasn_typ.c
-tasn_utl.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
-tasn_utl.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
-tasn_utl.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-tasn_utl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-tasn_utl.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-tasn_utl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-tasn_utl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-tasn_utl.o: ../../include/openssl/symhacks.h tasn_utl.c
-x_algor.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
-x_algor.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-x_algor.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-x_algor.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-x_algor.o: ../../include/openssl/ecdsa.h ../../include/openssl/evp.h
-x_algor.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-x_algor.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-x_algor.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-x_algor.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-x_algor.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x_algor.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-x_algor.o: ../../include/openssl/x509_vfy.h x_algor.c
-x_attrib.o: ../../e_os.h ../../include/openssl/asn1.h
-x_attrib.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
-x_attrib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-x_attrib.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-x_attrib.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-x_attrib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x_attrib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-x_attrib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-x_attrib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-x_attrib.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-x_attrib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x_attrib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-x_attrib.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_attrib.c
-x_bignum.o: ../../e_os.h ../../include/openssl/asn1.h
-x_bignum.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
-x_bignum.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-x_bignum.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-x_bignum.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-x_bignum.o: ../../include/openssl/opensslconf.h
-x_bignum.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-x_bignum.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-x_bignum.o: ../../include/openssl/symhacks.h ../cryptlib.h x_bignum.c
-x_crl.o: ../../e_os.h ../../include/openssl/asn1.h
-x_crl.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
-x_crl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-x_crl.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-x_crl.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-x_crl.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x_crl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-x_crl.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-x_crl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-x_crl.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-x_crl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x_crl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-x_crl.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_crl.c
-x_exten.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
-x_exten.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-x_exten.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-x_exten.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-x_exten.o: ../../include/openssl/ecdsa.h ../../include/openssl/evp.h
-x_exten.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-x_exten.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-x_exten.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-x_exten.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-x_exten.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x_exten.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-x_exten.o: ../../include/openssl/x509_vfy.h x_exten.c
-x_info.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-x_info.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-x_info.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-x_info.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-x_info.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x_info.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-x_info.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-x_info.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-x_info.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-x_info.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x_info.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-x_info.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_info.c
-x_long.o: ../../e_os.h ../../include/openssl/asn1.h
-x_long.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
-x_long.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-x_long.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-x_long.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-x_long.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-x_long.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-x_long.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-x_long.o: ../cryptlib.h x_long.c
-x_name.o: ../../e_os.h ../../include/openssl/asn1.h
-x_name.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
-x_name.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-x_name.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-x_name.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-x_name.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x_name.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-x_name.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-x_name.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-x_name.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-x_name.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x_name.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-x_name.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_name.c
-x_pkey.o: ../../e_os.h ../../include/openssl/asn1.h
-x_pkey.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h
-x_pkey.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-x_pkey.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-x_pkey.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-x_pkey.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x_pkey.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-x_pkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-x_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-x_pkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-x_pkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-x_pkey.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_pkey.c
-x_pubkey.o: ../../e_os.h ../../include/openssl/asn1.h
-x_pubkey.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
-x_pubkey.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-x_pubkey.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-x_pubkey.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-x_pubkey.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-x_pubkey.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-x_pubkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x_pubkey.o: ../../include/openssl/opensslconf.h
-x_pubkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-x_pubkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
-x_pubkey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-x_pubkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-x_pubkey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-x_pubkey.o: ../cryptlib.h x_pubkey.c
-x_req.o: ../../e_os.h ../../include/openssl/asn1.h
-x_req.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
-x_req.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-x_req.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-x_req.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-x_req.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x_req.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-x_req.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-x_req.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-x_req.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-x_req.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x_req.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-x_req.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_req.c
-x_sig.o: ../../e_os.h ../../include/openssl/asn1.h
-x_sig.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
-x_sig.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-x_sig.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-x_sig.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-x_sig.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x_sig.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-x_sig.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-x_sig.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-x_sig.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-x_sig.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x_sig.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-x_sig.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_sig.c
-x_spki.o: ../../e_os.h ../../include/openssl/asn1.h
-x_spki.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
-x_spki.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-x_spki.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-x_spki.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-x_spki.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x_spki.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-x_spki.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-x_spki.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-x_spki.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-x_spki.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x_spki.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-x_spki.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_spki.c
-x_val.o: ../../e_os.h ../../include/openssl/asn1.h
-x_val.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
-x_val.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-x_val.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-x_val.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-x_val.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x_val.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-x_val.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-x_val.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-x_val.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-x_val.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x_val.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-x_val.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_val.c
-x_x509.o: ../../e_os.h ../../include/openssl/asn1.h
-x_x509.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
-x_x509.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
-x_x509.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-x_x509.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-x_x509.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-x_x509.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-x_x509.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x_x509.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-x_x509.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-x_x509.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-x_x509.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-x_x509.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-x_x509.o: ../../include/openssl/x509v3.h ../cryptlib.h x_x509.c
-x_x509a.o: ../../e_os.h ../../include/openssl/asn1.h
-x_x509a.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
-x_x509a.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-x_x509a.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-x_x509a.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-x_x509a.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x_x509a.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-x_x509a.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-x_x509a.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-x_x509a.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-x_x509a.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x_x509a.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-x_x509a.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_x509a.c
diff --git a/crypto/asn1/a_bitstr.c b/crypto/asn1/a_bitstr.c
index 6e92ff5a84..34179960b8 100644
--- a/crypto/asn1/a_bitstr.c
+++ b/crypto/asn1/a_bitstr.c
@@ -165,7 +165,7 @@ ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a,
 	*pp=p;
 	return(ret);
 err:
-	ASN1err(ASN1_F_D2I_ASN1_BIT_STRING,i);
+	ASN1err(ASN1_F_C2I_ASN1_BIT_STRING,i);
 	if ((ret != NULL) && ((a == NULL) || (*a != ret)))
 		M_ASN1_BIT_STRING_free(ret);
 	return(NULL);
@@ -183,9 +183,11 @@ int ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value)
 	iv= ~v;
 	if (!value) v=0;
 
+	if (a == NULL)
+		return 0;
+
 	a->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07); /* clear, set on write */
 
-	if (a == NULL) return(0);
 	if ((a->length < (w+1)) || (a->data == NULL))
 		{
 		if (!value) return(1); /* Don't need to set */
@@ -221,3 +223,26 @@ int ASN1_BIT_STRING_get_bit(ASN1_BIT_STRING *a, int n)
 	return((a->data[w]&v) != 0);
 	}
 
+/*
+ * Checks if the given bit string contains only bits specified by 
+ * the flags vector. Returns 0 if there is at least one bit set in 'a'
+ * which is not specified in 'flags', 1 otherwise.
+ * 'len' is the length of 'flags'.
+ */
+int ASN1_BIT_STRING_check(ASN1_BIT_STRING *a,
+			  unsigned char *flags, int flags_len)
+	{
+	int i, ok;
+	/* Check if there is one bit set at all. */
+	if (!a || !a->data) return 1;
+
+	/* Check each byte of the internal representation of the bit string. */
+	ok = 1;
+	for (i = 0; i < a->length && ok; ++i)
+		{
+		unsigned char mask = i < flags_len ? ~flags[i] : 0xff;
+		/* We are done if there is an unneeded bit set. */
+		ok = (a->data[i] & mask) == 0;
+		}
+	return ok;
+	}
diff --git a/crypto/asn1/a_bytes.c b/crypto/asn1/a_bytes.c
index 8d13f9c931..92d630cdba 100644
--- a/crypto/asn1/a_bytes.c
+++ b/crypto/asn1/a_bytes.c
@@ -79,7 +79,7 @@ ASN1_STRING *d2i_ASN1_type_bytes(ASN1_STRING **a, const unsigned char **pp,
 
 	if (tag >= 32)
 		{
-		i=ASN1_R_TAG_VALUE_TOO_HIGH;;
+		i=ASN1_R_TAG_VALUE_TOO_HIGH;
 		goto err;
 		}
 	if (!(ASN1_tag2bit(tag) & type))
diff --git a/crypto/asn1/a_d2i_fp.c b/crypto/asn1/a_d2i_fp.c
index 2e99e4c69a..ece40bc4c0 100644
--- a/crypto/asn1/a_d2i_fp.c
+++ b/crypto/asn1/a_d2i_fp.c
@@ -66,11 +66,10 @@ static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb);
 #ifndef NO_OLD_ASN1
 #ifndef OPENSSL_NO_FP_API
 
-char *ASN1_d2i_fp(char *(*xnew)(), char *(*d2i)(), FILE *in,
-	     unsigned char **x)
+void *ASN1_d2i_fp(void *(*xnew)(void), d2i_of_void *d2i, FILE *in, void **x)
         {
         BIO *b;
-        char *ret;
+        void *ret;
 
         if ((b=BIO_new(BIO_s_file())) == NULL)
 		{
@@ -84,12 +83,11 @@ char *ASN1_d2i_fp(char *(*xnew)(), char *(*d2i)(), FILE *in,
         }
 #endif
 
-char *ASN1_d2i_bio(char *(*xnew)(), char *(*d2i)(), BIO *in,
-	     unsigned char **x)
+void *ASN1_d2i_bio(void *(*xnew)(void), d2i_of_void *d2i, BIO *in, void **x)
 	{
 	BUF_MEM *b = NULL;
-	unsigned char *p;
-	char *ret=NULL;
+	const unsigned char *p;
+	void *ret=NULL;
 	int len;
 
 	len = asn1_d2i_read_bio(in, &b);
@@ -129,7 +127,7 @@ void *ASN1_item_d2i_fp(const ASN1_ITEM *it, FILE *in, void *x)
 
         if ((b=BIO_new(BIO_s_file())) == NULL)
 		{
-		ASN1err(ASN1_F_ASN1_D2I_FP,ERR_R_BUF_LIB);
+		ASN1err(ASN1_F_ASN1_ITEM_D2I_FP,ERR_R_BUF_LIB);
                 return(NULL);
 		}
         BIO_set_fp(b,in,BIO_NOCLOSE);
@@ -160,7 +158,7 @@ static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb)
 	b=BUF_MEM_new();
 	if (b == NULL)
 		{
-		ASN1err(ASN1_F_ASN1_D2I_BIO,ERR_R_MALLOC_FAILURE);
+		ASN1err(ASN1_F_ASN1_D2I_READ_BIO,ERR_R_MALLOC_FAILURE);
 		return -1;
 		}
 
@@ -173,13 +171,13 @@ static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb)
 
 			if (!BUF_MEM_grow_clean(b,len+want))
 				{
-				ASN1err(ASN1_F_ASN1_D2I_BIO,ERR_R_MALLOC_FAILURE);
+				ASN1err(ASN1_F_ASN1_D2I_READ_BIO,ERR_R_MALLOC_FAILURE);
 				goto err;
 				}
 			i=BIO_read(in,&(b->data[len]),want);
 			if ((i < 0) && ((len-off) == 0))
 				{
-				ASN1err(ASN1_F_ASN1_D2I_BIO,ASN1_R_NOT_ENOUGH_DATA);
+				ASN1err(ASN1_F_ASN1_D2I_READ_BIO,ASN1_R_NOT_ENOUGH_DATA);
 				goto err;
 				}
 			if (i > 0)
@@ -199,7 +197,7 @@ static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb)
 			if (e != ASN1_R_TOO_LONG)
 				goto err;
 			else
-				ERR_get_error(); /* clear error */
+				ERR_clear_error(); /* clear error */
 			}
 		i=c.p-p;/* header length */
 		off+=i;	/* end of data */
@@ -228,7 +226,7 @@ static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb)
 				want-=(len-off);
 				if (!BUF_MEM_grow_clean(b,len+want))
 					{
-					ASN1err(ASN1_F_ASN1_D2I_BIO,ERR_R_MALLOC_FAILURE);
+					ASN1err(ASN1_F_ASN1_D2I_READ_BIO,ERR_R_MALLOC_FAILURE);
 					goto err;
 					}
 				while (want > 0)
@@ -236,7 +234,7 @@ static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb)
 					i=BIO_read(in,&(b->data[len]),want);
 					if (i <= 0)
 						{
-						ASN1err(ASN1_F_ASN1_D2I_BIO,
+						ASN1err(ASN1_F_ASN1_D2I_READ_BIO,
 						    ASN1_R_NOT_ENOUGH_DATA);
 						goto err;
 						}
diff --git a/crypto/asn1/a_digest.c b/crypto/asn1/a_digest.c
index 7182e9fa5d..cbdeea6ac0 100644
--- a/crypto/asn1/a_digest.c
+++ b/crypto/asn1/a_digest.c
@@ -72,7 +72,7 @@
 
 #ifndef NO_ASN1_OLD
 
-int ASN1_digest(int (*i2d)(), const EVP_MD *type, char *data,
+int ASN1_digest(i2d_of_void *i2d, const EVP_MD *type, char *data,
 		unsigned char *md, unsigned int *len)
 	{
 	int i;
@@ -87,7 +87,8 @@ int ASN1_digest(int (*i2d)(), const EVP_MD *type, char *data,
 	p=str;
 	i2d(data,&p);
 
-	EVP_Digest(str, i, md, len, type, NULL);
+	if (!EVP_Digest(str, i, md, len, type, NULL))
+		return 0;
 	OPENSSL_free(str);
 	return(1);
 	}
@@ -104,7 +105,8 @@ int ASN1_item_digest(const ASN1_ITEM *it, const EVP_MD *type, void *asn,
 	i=ASN1_item_i2d(asn,&str, it);
 	if (!str) return(0);
 
-	EVP_Digest(str, i, md, len, type, NULL);
+	if (!EVP_Digest(str, i, md, len, type, NULL))
+		return 0;
 	OPENSSL_free(str);
 	return(1);
 	}
diff --git a/crypto/asn1/a_dup.c b/crypto/asn1/a_dup.c
index dc6826ad1b..d98992548a 100644
--- a/crypto/asn1/a_dup.c
+++ b/crypto/asn1/a_dup.c
@@ -62,22 +62,23 @@
 
 #ifndef NO_OLD_ASN1
 
-char *ASN1_dup(int (*i2d)(), char *(*d2i)(), char *x)
+void *ASN1_dup(i2d_of_void *i2d, d2i_of_void *d2i, void *x)
 	{
 	unsigned char *b,*p;
-	long i;
+	const unsigned char *p2;
+	int i;
 	char *ret;
 
 	if (x == NULL) return(NULL);
 
-	i=(long)i2d(x,NULL);
-	b=(unsigned char *)OPENSSL_malloc((unsigned int)i+10);
+	i=i2d(x,NULL);
+	b=OPENSSL_malloc(i+10);
 	if (b == NULL)
 		{ ASN1err(ASN1_F_ASN1_DUP,ERR_R_MALLOC_FAILURE); return(NULL); }
 	p= b;
 	i=i2d(x,&p);
-	p= b;
-	ret=d2i(NULL,&p,i);
+	p2= b;
+	ret=d2i(NULL,&p2,i);
 	OPENSSL_free(b);
 	return(ret);
 	}
@@ -100,7 +101,7 @@ void *ASN1_item_dup(const ASN1_ITEM *it, void *x)
 
 	i=ASN1_item_i2d(x,&b,it);
 	if (b == NULL)
-		{ ASN1err(ASN1_F_ASN1_DUP,ERR_R_MALLOC_FAILURE); return(NULL); }
+		{ ASN1err(ASN1_F_ASN1_ITEM_DUP,ERR_R_MALLOC_FAILURE); return(NULL); }
 	p= b;
 	ret=ASN1_item_d2i(NULL,&p,i, it);
 	OPENSSL_free(b);
diff --git a/crypto/asn1/a_enum.c b/crypto/asn1/a_enum.c
index af9fb9b39e..fe9aa13b9c 100644
--- a/crypto/asn1/a_enum.c
+++ b/crypto/asn1/a_enum.c
@@ -149,7 +149,7 @@ ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(BIGNUM *bn, ASN1_ENUMERATED *ai)
 		ASN1err(ASN1_F_BN_TO_ASN1_ENUMERATED,ERR_R_NESTED_ASN1_ERROR);
 		goto err;
 		}
-	if(BN_get_sign(bn)) ret->type = V_ASN1_NEG_ENUMERATED;
+	if(BN_is_negative(bn)) ret->type = V_ASN1_NEG_ENUMERATED;
 	else ret->type=V_ASN1_ENUMERATED;
 	j=BN_num_bits(bn);
 	len=((j == 0)?0:((j/8)+1));
@@ -177,6 +177,6 @@ BIGNUM *ASN1_ENUMERATED_to_BN(ASN1_ENUMERATED *ai, BIGNUM *bn)
 
 	if ((ret=BN_bin2bn(ai->data,ai->length,bn)) == NULL)
 		ASN1err(ASN1_F_ASN1_ENUMERATED_TO_BN,ASN1_R_BN_LIB);
-	else if(ai->type == V_ASN1_NEG_ENUMERATED) BN_set_sign(ret,1);
+	else if(ai->type == V_ASN1_NEG_ENUMERATED) BN_set_negative(ret,1);
 	return(ret);
 	}
diff --git a/crypto/asn1/a_gentm.c b/crypto/asn1/a_gentm.c
index def79062a5..c79c6f538c 100644
--- a/crypto/asn1/a_gentm.c
+++ b/crypto/asn1/a_gentm.c
@@ -117,8 +117,8 @@ err:
 
 int ASN1_GENERALIZEDTIME_check(ASN1_GENERALIZEDTIME *d)
 	{
-	static int min[9]={ 0, 0, 1, 1, 0, 0, 0, 0, 0};
-	static int max[9]={99, 99,12,31,23,59,59,12,59};
+	static const int min[9]={ 0, 0, 1, 1, 0, 0, 0, 0, 0};
+	static const int max[9]={99, 99,12,31,23,59,59,12,59};
 	char *a;
 	int n,i,l,o;
 
@@ -176,6 +176,11 @@ int ASN1_GENERALIZEDTIME_check(ASN1_GENERALIZEDTIME *d)
 			o++;
 			}
 		}
+	else
+		{
+		/* Missing time zone information. */
+		goto err;
+		}
 	return(o == l);
 err:
 	return(0);
@@ -206,6 +211,12 @@ int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s, const char *str)
 ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,
 	     time_t t)
 	{
+		return ASN1_GENERALIZEDTIME_adj(s, t, 0, 0);
+	}
+
+ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_adj(ASN1_GENERALIZEDTIME *s,
+	     time_t t, int offset_day, long offset_sec)
+	{
 	char *p;
 	struct tm *ts;
 	struct tm data;
@@ -220,13 +231,19 @@ ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,
 	if (ts == NULL)
 		return(NULL);
 
+	if (offset_day || offset_sec)
+		{ 
+		if (!OPENSSL_gmtime_adj(ts, offset_day, offset_sec))
+			return NULL;
+		}
+
 	p=(char *)s->data;
 	if ((p == NULL) || ((size_t)s->length < len))
 		{
 		p=OPENSSL_malloc(len);
 		if (p == NULL)
 			{
-			ASN1err(ASN1_F_ASN1_GENERALIZEDTIME_SET,
+			ASN1err(ASN1_F_ASN1_GENERALIZEDTIME_ADJ,
 				ERR_R_MALLOC_FAILURE);
 			return(NULL);
 			}
diff --git a/crypto/asn1/a_i2d_fp.c b/crypto/asn1/a_i2d_fp.c
index f4f1b73ebe..a3ad76d356 100644
--- a/crypto/asn1/a_i2d_fp.c
+++ b/crypto/asn1/a_i2d_fp.c
@@ -64,7 +64,7 @@
 #ifndef NO_OLD_ASN1
 
 #ifndef OPENSSL_NO_FP_API
-int ASN1_i2d_fp(int (*i2d)(), FILE *out, unsigned char *x)
+int ASN1_i2d_fp(i2d_of_void *i2d, FILE *out, void *x)
         {
         BIO *b;
         int ret;
@@ -81,7 +81,7 @@ int ASN1_i2d_fp(int (*i2d)(), FILE *out, unsigned char *x)
         }
 #endif
 
-int ASN1_i2d_bio(int (*i2d)(), BIO *out, unsigned char *x)
+int ASN1_i2d_bio(i2d_of_void *i2d, BIO *out, unsigned char *x)
 	{
 	char *b;
 	unsigned char *p;
@@ -124,7 +124,7 @@ int ASN1_item_i2d_fp(const ASN1_ITEM *it, FILE *out, void *x)
 
         if ((b=BIO_new(BIO_s_file())) == NULL)
 		{
-		ASN1err(ASN1_F_ASN1_I2D_FP,ERR_R_BUF_LIB);
+		ASN1err(ASN1_F_ASN1_ITEM_I2D_FP,ERR_R_BUF_LIB);
                 return(0);
 		}
         BIO_set_fp(b,out,BIO_NOCLOSE);
@@ -142,7 +142,7 @@ int ASN1_item_i2d_bio(const ASN1_ITEM *it, BIO *out, void *x)
 	n = ASN1_item_i2d(x, &b, it);
 	if (b == NULL)
 		{
-		ASN1err(ASN1_F_ASN1_I2D_BIO,ERR_R_MALLOC_FAILURE);
+		ASN1err(ASN1_F_ASN1_ITEM_I2D_BIO,ERR_R_MALLOC_FAILURE);
 		return(0);
 		}
 
diff --git a/crypto/asn1/a_int.c b/crypto/asn1/a_int.c
index 78a6cb0d29..c6fd204ae3 100644
--- a/crypto/asn1/a_int.c
+++ b/crypto/asn1/a_int.c
@@ -61,10 +61,10 @@
 #include <openssl/asn1.h>
 #include <openssl/bn.h>
 
-ASN1_INTEGER *ASN1_INTEGER_dup(ASN1_INTEGER *x)
+ASN1_INTEGER *ASN1_INTEGER_dup(const ASN1_INTEGER *x)
 { return M_ASN1_INTEGER_dup(x);}
 
-int ASN1_INTEGER_cmp(ASN1_INTEGER *x, ASN1_INTEGER *y)
+int ASN1_INTEGER_cmp(const ASN1_INTEGER *x, const ASN1_INTEGER *y)
 	{ 
 	int neg, ret;
 	/* Compare signs */
@@ -256,7 +256,7 @@ ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a, const unsigned char **pp,
 	*pp=pend;
 	return(ret);
 err:
-	ASN1err(ASN1_F_D2I_ASN1_INTEGER,i);
+	ASN1err(ASN1_F_C2I_ASN1_INTEGER,i);
 	if ((ret != NULL) && ((a == NULL) || (*a != ret)))
 		M_ASN1_INTEGER_free(ret);
 	return(NULL);
@@ -373,7 +373,7 @@ int ASN1_INTEGER_set(ASN1_INTEGER *a, long v)
 	return(1);
 	}
 
-long ASN1_INTEGER_get(ASN1_INTEGER *a)
+long ASN1_INTEGER_get(const ASN1_INTEGER *a)
 	{
 	int neg=0,i;
 	long r=0;
@@ -402,7 +402,7 @@ long ASN1_INTEGER_get(ASN1_INTEGER *a)
 	return(r);
 	}
 
-ASN1_INTEGER *BN_to_ASN1_INTEGER(BIGNUM *bn, ASN1_INTEGER *ai)
+ASN1_INTEGER *BN_to_ASN1_INTEGER(const BIGNUM *bn, ASN1_INTEGER *ai)
 	{
 	ASN1_INTEGER *ret;
 	int len,j;
@@ -416,7 +416,7 @@ ASN1_INTEGER *BN_to_ASN1_INTEGER(BIGNUM *bn, ASN1_INTEGER *ai)
 		ASN1err(ASN1_F_BN_TO_ASN1_INTEGER,ERR_R_NESTED_ASN1_ERROR);
 		goto err;
 		}
-	if (BN_get_sign(bn))
+	if (BN_is_negative(bn))
 		ret->type = V_ASN1_NEG_INTEGER;
 	else ret->type=V_ASN1_INTEGER;
 	j=BN_num_bits(bn);
@@ -444,14 +444,14 @@ err:
 	return(NULL);
 	}
 
-BIGNUM *ASN1_INTEGER_to_BN(ASN1_INTEGER *ai, BIGNUM *bn)
+BIGNUM *ASN1_INTEGER_to_BN(const ASN1_INTEGER *ai, BIGNUM *bn)
 	{
 	BIGNUM *ret;
 
 	if ((ret=BN_bin2bn(ai->data,ai->length,bn)) == NULL)
 		ASN1err(ASN1_F_ASN1_INTEGER_TO_BN,ASN1_R_BN_LIB);
 	else if(ai->type == V_ASN1_NEG_INTEGER)
-		BN_set_sign(ret, 1);
+		BN_set_negative(ret, 1);
 	return(ret);
 	}
 
diff --git a/crypto/asn1/a_mbstr.c b/crypto/asn1/a_mbstr.c
index 208b3ec395..1538e0a4fc 100644
--- a/crypto/asn1/a_mbstr.c
+++ b/crypto/asn1/a_mbstr.c
@@ -1,5 +1,5 @@
 /* a_mbstr.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
 /* ====================================================================
@@ -93,7 +93,7 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len,
 	int str_type;
 	int ret;
 	char free_out;
-	int outform, outlen;
+	int outform, outlen = 0;
 	ASN1_STRING *dest;
 	unsigned char *p;
 	int nchar;
@@ -107,7 +107,7 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len,
 
 		case MBSTRING_BMP:
 		if(len & 1) {
-			ASN1err(ASN1_F_ASN1_MBSTRING_COPY,
+			ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY,
 					 ASN1_R_INVALID_BMPSTRING_LENGTH);
 			return -1;
 		}
@@ -116,7 +116,7 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len,
 
 		case MBSTRING_UNIV:
 		if(len & 3) {
-			ASN1err(ASN1_F_ASN1_MBSTRING_COPY,
+			ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY,
 					 ASN1_R_INVALID_UNIVERSALSTRING_LENGTH);
 			return -1;
 		}
@@ -128,7 +128,7 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len,
 		/* This counts the characters and does utf8 syntax checking */
 		ret = traverse_string(in, len, MBSTRING_UTF8, in_utf8, &nchar);
 		if(ret < 0) {
-			ASN1err(ASN1_F_ASN1_MBSTRING_COPY,
+			ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY,
 						 ASN1_R_INVALID_UTF8STRING);
 			return -1;
 		}
@@ -139,19 +139,19 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len,
 		break;
 
 		default:
-		ASN1err(ASN1_F_ASN1_MBSTRING_COPY, ASN1_R_UNKNOWN_FORMAT);
+		ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, ASN1_R_UNKNOWN_FORMAT);
 		return -1;
 	}
 
 	if((minsize > 0) && (nchar < minsize)) {
-		ASN1err(ASN1_F_ASN1_MBSTRING_COPY, ASN1_R_STRING_TOO_SHORT);
+		ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, ASN1_R_STRING_TOO_SHORT);
 		BIO_snprintf(strbuf, sizeof strbuf, "%ld", minsize);
 		ERR_add_error_data(2, "minsize=", strbuf);
 		return -1;
 	}
 
 	if((maxsize > 0) && (nchar > maxsize)) {
-		ASN1err(ASN1_F_ASN1_MBSTRING_COPY, ASN1_R_STRING_TOO_LONG);
+		ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, ASN1_R_STRING_TOO_LONG);
 		BIO_snprintf(strbuf, sizeof strbuf, "%ld", maxsize);
 		ERR_add_error_data(2, "maxsize=", strbuf);
 		return -1;
@@ -159,7 +159,7 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len,
 
 	/* Now work out minimal type (if any) */
 	if(traverse_string(in, len, inform, type_str, &mask) < 0) {
-		ASN1err(ASN1_F_ASN1_MBSTRING_COPY, ASN1_R_ILLEGAL_CHARACTERS);
+		ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, ASN1_R_ILLEGAL_CHARACTERS);
 		return -1;
 	}
 
@@ -193,7 +193,7 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len,
 		free_out = 1;
 		dest = ASN1_STRING_type_new(str_type);
 		if(!dest) {
-			ASN1err(ASN1_F_ASN1_MBSTRING_COPY,
+			ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY,
 							ERR_R_MALLOC_FAILURE);
 			return -1;
 		}
@@ -202,7 +202,7 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len,
 	/* If both the same type just copy across */
 	if(inform == outform) {
 		if(!ASN1_STRING_set(dest, in, len)) {
-			ASN1err(ASN1_F_ASN1_MBSTRING_COPY,ERR_R_MALLOC_FAILURE);
+			ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY,ERR_R_MALLOC_FAILURE);
 			return -1;
 		}
 		return str_type;
@@ -233,7 +233,7 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len,
 	}
 	if(!(p = OPENSSL_malloc(outlen + 1))) {
 		if(free_out) ASN1_STRING_free(dest);
-		ASN1err(ASN1_F_ASN1_MBSTRING_COPY,ERR_R_MALLOC_FAILURE);
+		ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY,ERR_R_MALLOC_FAILURE);
 		return -1;
 	}
 	dest->length = outlen;
diff --git a/crypto/asn1/a_object.c b/crypto/asn1/a_object.c
index 715042e6eb..bd2d5a2d82 100644
--- a/crypto/asn1/a_object.c
+++ b/crypto/asn1/a_object.c
@@ -57,10 +57,12 @@
  */
 
 #include <stdio.h>
+#include <limits.h>
 #include "cryptlib.h"
 #include <openssl/buffer.h>
 #include <openssl/asn1.h>
 #include <openssl/objects.h>
+#include <openssl/bn.h>
 
 int i2d_ASN1_OBJECT(ASN1_OBJECT *a, unsigned char **pp)
 	{
@@ -83,10 +85,12 @@ int i2d_ASN1_OBJECT(ASN1_OBJECT *a, unsigned char **pp)
 
 int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num)
 	{
-	int i,first,len=0,c;
-	char tmp[24];
+	int i,first,len=0,c, use_bn;
+	char ftmp[24], *tmp = ftmp;
+	int tmpsize = sizeof ftmp;
 	const char *p;
 	unsigned long l;
+	BIGNUM *bl = NULL;
 
 	if (num == 0)
 		return(0);
@@ -98,7 +102,7 @@ int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num)
 	num--;
 	if ((c >= '0') && (c <= '2'))
 		{
-		first=(c-'0')*40;
+		first= c-'0';
 		}
 	else
 		{
@@ -122,6 +126,7 @@ int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num)
 			goto err;
 			}
 		l=0;
+		use_bn = 0;
 		for (;;)
 			{
 			if (num <= 0) break;
@@ -134,7 +139,22 @@ int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num)
 				ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_INVALID_DIGIT);
 				goto err;
 				}
-			l=l*10L+(long)(c-'0');
+			if (!use_bn && l > (ULONG_MAX / 10L))
+				{
+				use_bn = 1;
+				if (!bl)
+					bl = BN_new();
+				if (!bl || !BN_set_word(bl, l))
+					goto err;
+				}
+			if (use_bn)
+				{
+				if (!BN_mul_word(bl, 10L)
+					|| !BN_add_word(bl, c-'0'))
+					goto err;
+				}
+			else
+				l=l*10L+(long)(c-'0');
 			}
 		if (len == 0)
 			{
@@ -143,14 +163,42 @@ int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num)
 				ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_SECOND_NUMBER_TOO_LARGE);
 				goto err;
 				}
-			l+=(long)first;
+			if (use_bn)
+				{
+				if (!BN_add_word(bl, first * 40))
+					goto err;
+				}
+			else
+				l+=(long)first*40;
 			}
 		i=0;
-		for (;;)
+		if (use_bn)
 			{
-			tmp[i++]=(unsigned char)l&0x7f;
-			l>>=7L;
-			if (l == 0L) break;
+			int blsize;
+			blsize = BN_num_bits(bl);
+			blsize = (blsize + 6)/7;
+			if (blsize > tmpsize)
+				{
+				if (tmp != ftmp)
+					OPENSSL_free(tmp);
+				tmpsize = blsize + 32;
+				tmp = OPENSSL_malloc(tmpsize);
+				if (!tmp)
+					goto err;
+				}
+			while(blsize--)
+				tmp[i++] = (unsigned char)BN_div_word(bl, 0x80L);
+			}
+		else
+			{
+					
+			for (;;)
+				{
+				tmp[i++]=(unsigned char)l&0x7f;
+				l>>=7L;
+				if (l == 0L) break;
+				}
+
 			}
 		if (out != NULL)
 			{
@@ -166,8 +214,16 @@ int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num)
 		else
 			len+=i;
 		}
+	if (tmp != ftmp)
+		OPENSSL_free(tmp);
+	if (bl)
+		BN_free(bl);
 	return(len);
 err:
+	if (tmp != ftmp)
+		OPENSSL_free(tmp);
+	if (bl)
+		BN_free(bl);
 	return(0);
 	}
 
@@ -178,14 +234,24 @@ int i2t_ASN1_OBJECT(char *buf, int buf_len, ASN1_OBJECT *a)
 
 int i2a_ASN1_OBJECT(BIO *bp, ASN1_OBJECT *a)
 	{
-	char buf[80];
+	char buf[80], *p = buf;
 	int i;
 
 	if ((a == NULL) || (a->data == NULL))
 		return(BIO_write(bp,"NULL",4));
 	i=i2t_ASN1_OBJECT(buf,sizeof buf,a);
-	if (i > (int)sizeof(buf)) i=sizeof buf;
-	BIO_write(bp,buf,i);
+	if (i > (int)(sizeof(buf) - 1))
+		{
+		p = OPENSSL_malloc(i + 1);
+		if (!p)
+			return -1;
+		i2t_ASN1_OBJECT(p,i + 1,a);
+		}
+	if (i <= 0)
+		return BIO_write(bp, "<INVALID>", 9);
+	BIO_write(bp,p,i);
+	if (p != buf)
+		OPENSSL_free(p);
 	return(i);
 	}
 
@@ -215,8 +281,6 @@ ASN1_OBJECT *d2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp,
 	return ret;
 err:
 	ASN1err(ASN1_F_D2I_ASN1_OBJECT,i);
-	if ((ret != NULL) && ((a == NULL) || (*a != ret)))
-		ASN1_OBJECT_free(ret);
 	return(NULL);
 }
 ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp,
@@ -224,7 +288,19 @@ ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp,
 	{
 	ASN1_OBJECT *ret=NULL;
 	const unsigned char *p;
+	unsigned char *data;
 	int i;
+	/* Sanity check OID encoding: can't have 0x80 in subidentifiers, see:
+	 * X.690 8.19.2
+	 */
+	for (i = 0, p = *pp + 1; i < len - 1; i++, p++)
+		{
+		if (*p == 0x80)
+			{
+			ASN1err(ASN1_F_C2I_ASN1_OBJECT,ASN1_R_INVALID_OBJECT_ENCODING);
+			return NULL;
+			}
+		}
 
 	/* only the ASN1_OBJECTs from the 'table' will have values
 	 * for ->sn or ->ln */
@@ -236,15 +312,22 @@ ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp,
 	else	ret=(*a);
 
 	p= *pp;
-	if ((ret->data == NULL) || (ret->length < len))
+	/* detach data from object */
+	data = (unsigned char *)ret->data;
+	ret->data = NULL;
+	/* once detached we can change it */
+	if ((data == NULL) || (ret->length < len))
 		{
-		if (ret->data != NULL) OPENSSL_free(ret->data);
-		ret->data=(unsigned char *)OPENSSL_malloc(len ? (int)len : 1);
-		ret->flags|=ASN1_OBJECT_FLAG_DYNAMIC_DATA;
-		if (ret->data == NULL)
+		ret->length=0;
+		if (data != NULL) OPENSSL_free(data);
+		data=(unsigned char *)OPENSSL_malloc(len ? (int)len : 1);
+		if (data == NULL)
 			{ i=ERR_R_MALLOC_FAILURE; goto err; }
+		ret->flags|=ASN1_OBJECT_FLAG_DYNAMIC_DATA;
 		}
-	memcpy(ret->data,p,(int)len);
+	memcpy(data,p,(int)len);
+	/* reattach data to object, after which it remains const */
+	ret->data  =data;
 	ret->length=(int)len;
 	ret->sn=NULL;
 	ret->ln=NULL;
@@ -255,7 +338,7 @@ ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp,
 	*pp=p;
 	return(ret);
 err:
-	ASN1err(ASN1_F_D2I_ASN1_OBJECT,i);
+	ASN1err(ASN1_F_C2I_ASN1_OBJECT,i);
 	if ((ret != NULL) && ((a == NULL) || (*a != ret)))
 		ASN1_OBJECT_free(ret);
 	return(NULL);
@@ -293,7 +376,7 @@ void ASN1_OBJECT_free(ASN1_OBJECT *a)
 		}
 	if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_DATA)
 		{
-		if (a->data != NULL) OPENSSL_free(a->data);
+		if (a->data != NULL) OPENSSL_free((void *)a->data);
 		a->data=NULL;
 		a->length=0;
 		}
diff --git a/crypto/asn1/a_octet.c b/crypto/asn1/a_octet.c
index 24fd0f8e5a..e8725e44f1 100644
--- a/crypto/asn1/a_octet.c
+++ b/crypto/asn1/a_octet.c
@@ -60,10 +60,10 @@
 #include "cryptlib.h"
 #include <openssl/asn1.h>
 
-ASN1_OCTET_STRING *ASN1_OCTET_STRING_dup(ASN1_OCTET_STRING *x)
+ASN1_OCTET_STRING *ASN1_OCTET_STRING_dup(const ASN1_OCTET_STRING *x)
 { return M_ASN1_OCTET_STRING_dup(x); }
 
-int ASN1_OCTET_STRING_cmp(ASN1_OCTET_STRING *a, ASN1_OCTET_STRING *b)
+int ASN1_OCTET_STRING_cmp(const ASN1_OCTET_STRING *a, const ASN1_OCTET_STRING *b)
 { return M_ASN1_OCTET_STRING_cmp(a, b); }
 
 int ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *x, const unsigned char *d, int len)
diff --git a/crypto/asn1/a_print.c b/crypto/asn1/a_print.c
index 8035513f04..d18e772320 100644
--- a/crypto/asn1/a_print.c
+++ b/crypto/asn1/a_print.c
@@ -60,7 +60,7 @@
 #include "cryptlib.h"
 #include <openssl/asn1.h>
 
-int ASN1_PRINTABLE_type(unsigned char *s, int len)
+int ASN1_PRINTABLE_type(const unsigned char *s, int len)
 	{
 	int c;
 	int ia5=0;
diff --git a/crypto/asn1/a_set.c b/crypto/asn1/a_set.c
index 3c8d3d5629..d726c8d3a8 100644
--- a/crypto/asn1/a_set.c
+++ b/crypto/asn1/a_set.c
@@ -85,8 +85,9 @@ static int SetBlobCmp(const void *elem1, const void *elem2 )
     }
 
 /* int is_set:  if TRUE, then sort the contents (i.e. it isn't a SEQUENCE)    */
-int i2d_ASN1_SET(STACK *a, unsigned char **pp, int (*func)(), int ex_tag,
-	     int ex_class, int is_set)
+int i2d_ASN1_SET(STACK_OF(OPENSSL_BLOCK) *a, unsigned char **pp,
+		 i2d_of_void *i2d, int ex_tag, int ex_class,
+		 int is_set)
 	{
 	int ret=0,r;
 	int i;
@@ -96,8 +97,8 @@ int i2d_ASN1_SET(STACK *a, unsigned char **pp, int (*func)(), int ex_tag,
         int totSize;
 
 	if (a == NULL) return(0);
-	for (i=sk_num(a)-1; i>=0; i--)
-		ret+=func(sk_value(a,i),NULL);
+	for (i=sk_OPENSSL_BLOCK_num(a)-1; i>=0; i--)
+		ret+=i2d(sk_OPENSSL_BLOCK_value(a,i),NULL);
 	r=ASN1_object_size(1,ret,ex_tag);
 	if (pp == NULL) return(r);
 
@@ -108,10 +109,10 @@ int i2d_ASN1_SET(STACK *a, unsigned char **pp, int (*func)(), int ex_tag,
 	/* And then again by Ben */
 	/* And again by Steve */
 
-	if(!is_set || (sk_num(a) < 2))
+	if(!is_set || (sk_OPENSSL_BLOCK_num(a) < 2))
 		{
-		for (i=0; i<sk_num(a); i++)
-                	func(sk_value(a,i),&p);
+		for (i=0; i<sk_OPENSSL_BLOCK_num(a); i++)
+                	i2d(sk_OPENSSL_BLOCK_value(a,i),&p);
 
 		*pp=p;
 		return(r);
@@ -119,17 +120,17 @@ int i2d_ASN1_SET(STACK *a, unsigned char **pp, int (*func)(), int ex_tag,
 
         pStart  = p; /* Catch the beg of Setblobs*/
 		/* In this array we will store the SET blobs */
-		rgSetBlob = (MYBLOB *)OPENSSL_malloc(sk_num(a) * sizeof(MYBLOB));
+		rgSetBlob = OPENSSL_malloc(sk_OPENSSL_BLOCK_num(a) * sizeof(MYBLOB));
 		if (rgSetBlob == NULL)
 			{
 			ASN1err(ASN1_F_I2D_ASN1_SET,ERR_R_MALLOC_FAILURE);
 			return(0);
 			}
 
-        for (i=0; i<sk_num(a); i++)
+        for (i=0; i<sk_OPENSSL_BLOCK_num(a); i++)
 	        {
                 rgSetBlob[i].pbData = p;  /* catch each set encode blob */
-                func(sk_value(a,i),&p);
+                i2d(sk_OPENSSL_BLOCK_value(a,i),&p);
                 rgSetBlob[i].cbData = p - rgSetBlob[i].pbData; /* Length of this
 SetBlob
 */
@@ -139,7 +140,7 @@ SetBlob
 
  /* Now we have to sort the blobs. I am using a simple algo.
     *Sort ptrs *Copy to temp-mem *Copy from temp-mem to user-mem*/
-        qsort( rgSetBlob, sk_num(a), sizeof(MYBLOB), SetBlobCmp);
+        qsort( rgSetBlob, sk_OPENSSL_BLOCK_num(a), sizeof(MYBLOB), SetBlobCmp);
 		if (!(pTempMem = OPENSSL_malloc(totSize)))
 			{
 			ASN1err(ASN1_F_I2D_ASN1_SET,ERR_R_MALLOC_FAILURE);
@@ -148,7 +149,7 @@ SetBlob
 
 /* Copy to temp mem */
         p = pTempMem;
-        for(i=0; i<sk_num(a); ++i)
+        for(i=0; i<sk_OPENSSL_BLOCK_num(a); ++i)
 		{
                 memcpy(p, rgSetBlob[i].pbData, rgSetBlob[i].cbData);
                 p += rgSetBlob[i].cbData;
@@ -162,15 +163,18 @@ SetBlob
         return(r);
         }
 
-STACK *d2i_ASN1_SET(STACK **a, const unsigned char **pp, long length,
-	     char *(*func)(), void (*free_func)(void *), int ex_tag, int ex_class)
+STACK_OF(OPENSSL_BLOCK) *d2i_ASN1_SET(STACK_OF(OPENSSL_BLOCK) **a,
+			      const unsigned char **pp,
+			      long length, d2i_of_void *d2i,
+			      void (*free_func)(OPENSSL_BLOCK), int ex_tag,
+			      int ex_class)
 	{
 	ASN1_const_CTX c;
-	STACK *ret=NULL;
+	STACK_OF(OPENSSL_BLOCK) *ret=NULL;
 
 	if ((a == NULL) || ((*a) == NULL))
 		{
-		if ((ret=sk_new_null()) == NULL)
+		if ((ret=sk_OPENSSL_BLOCK_new_null()) == NULL)
 			{
 			ASN1err(ASN1_F_D2I_ASN1_SET,ERR_R_MALLOC_FAILURE);
 			goto err;
@@ -210,13 +214,15 @@ STACK *d2i_ASN1_SET(STACK **a, const unsigned char **pp, long length,
 		char *s;
 
 		if (M_ASN1_D2I_end_sequence()) break;
-		if ((s=func(NULL,&c.p,c.slen,c.max-c.p)) == NULL)
+		/* XXX: This was called with 4 arguments, incorrectly, it seems
+		   if ((s=func(NULL,&c.p,c.slen,c.max-c.p)) == NULL) */
+		if ((s=d2i(NULL,&c.p,c.slen)) == NULL)
 			{
 			ASN1err(ASN1_F_D2I_ASN1_SET,ASN1_R_ERROR_PARSING_SET_ELEMENT);
-			asn1_add_error(*pp,(int)(c.q- *pp));
+			asn1_add_error(*pp,(int)(c.p- *pp));
 			goto err;
 			}
-		if (!sk_push(ret,s)) goto err;
+		if (!sk_OPENSSL_BLOCK_push(ret,s)) goto err;
 		}
 	if (a != NULL) (*a)=ret;
 	*pp=c.p;
@@ -225,9 +231,9 @@ err:
 	if ((ret != NULL) && ((a == NULL) || (*a != ret)))
 		{
 		if (free_func != NULL)
-			sk_pop_free(ret,free_func);
+			sk_OPENSSL_BLOCK_pop_free(ret,free_func);
 		else
-			sk_free(ret);
+			sk_OPENSSL_BLOCK_free(ret);
 		}
 	return(NULL);
 	}
diff --git a/crypto/asn1/a_sign.c b/crypto/asn1/a_sign.c
index 37e1e84a11..d96a622d83 100644
--- a/crypto/asn1/a_sign.c
+++ b/crypto/asn1/a_sign.c
@@ -123,12 +123,13 @@
 #include <openssl/x509.h>
 #include <openssl/objects.h>
 #include <openssl/buffer.h>
+#include "asn1_locl.h"
 
 #ifndef NO_ASN1_OLD
 
-int ASN1_sign(int (*i2d)(), X509_ALGOR *algor1, X509_ALGOR *algor2,
-	     ASN1_BIT_STRING *signature, char *data, EVP_PKEY *pkey,
-	     const EVP_MD *type)
+int ASN1_sign(i2d_of_void *i2d, X509_ALGOR *algor1, X509_ALGOR *algor2,
+	      ASN1_BIT_STRING *signature, char *data, EVP_PKEY *pkey,
+	      const EVP_MD *type)
 	{
 	EVP_MD_CTX ctx;
 	unsigned char *p,*buf_in=NULL,*buf_out=NULL;
@@ -183,9 +184,9 @@ int ASN1_sign(int (*i2d)(), X509_ALGOR *algor1, X509_ALGOR *algor2,
 	p=buf_in;
 
 	i2d(data,&p);
-	EVP_SignInit_ex(&ctx,type, NULL);
-	EVP_SignUpdate(&ctx,(unsigned char *)buf_in,inl);
-	if (!EVP_SignFinal(&ctx,(unsigned char *)buf_out,
+	if (!EVP_SignInit_ex(&ctx,type, NULL)
+		|| !EVP_SignUpdate(&ctx,(unsigned char *)buf_in,inl)
+		|| !EVP_SignFinal(&ctx,(unsigned char *)buf_out,
 			(unsigned int *)&outl,pkey))
 		{
 		outl=0;
@@ -218,62 +219,64 @@ int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2,
 	{
 	EVP_MD_CTX ctx;
 	unsigned char *buf_in=NULL,*buf_out=NULL;
-	int i,inl=0,outl=0,outll=0;
-	X509_ALGOR *a;
+	int inl=0,outl=0,outll=0;
+	int signid, paramtype;
 
-	EVP_MD_CTX_init(&ctx);
-	for (i=0; i<2; i++)
+	if (type == NULL)
 		{
-		if (i == 0)
-			a=algor1;
-		else
-			a=algor2;
-		if (a == NULL) continue;
-                if (type->pkey_type == NID_dsaWithSHA1 ||
-			type->pkey_type == NID_ecdsa_with_SHA1)
-			{
-			/* special case: RFC 3279 tells us to omit 'parameters'
-			 * with id-dsa-with-sha1 and ecdsa-with-SHA1 */
-			ASN1_TYPE_free(a->parameter);
-			a->parameter = NULL;
-			}
-		else if ((a->parameter == NULL) || 
-			(a->parameter->type != V_ASN1_NULL))
-			{
-			ASN1_TYPE_free(a->parameter);
-			if ((a->parameter=ASN1_TYPE_new()) == NULL) goto err;
-			a->parameter->type=V_ASN1_NULL;
-			}
-		ASN1_OBJECT_free(a->algorithm);
-		a->algorithm=OBJ_nid2obj(type->pkey_type);
-		if (a->algorithm == NULL)
-			{
-			ASN1err(ASN1_F_ASN1_SIGN,ASN1_R_UNKNOWN_OBJECT_TYPE);
-			goto err;
-			}
-		if (a->algorithm->length == 0)
+		int def_nid;
+		if (EVP_PKEY_get_default_digest_nid(pkey, &def_nid) > 0)
+			type = EVP_get_digestbynid(def_nid);
+		}
+
+	if (type == NULL)
+		{
+		ASN1err(ASN1_F_ASN1_ITEM_SIGN, ASN1_R_NO_DEFAULT_DIGEST);
+		return 0;
+		}
+
+	if (type->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE)
+		{
+		if (!pkey->ameth ||
+			!OBJ_find_sigid_by_algs(&signid, EVP_MD_nid(type),
+						pkey->ameth->pkey_id))
 			{
-			ASN1err(ASN1_F_ASN1_SIGN,ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD);
-			goto err;
+			ASN1err(ASN1_F_ASN1_ITEM_SIGN,
+				ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED);
+			return 0;
 			}
 		}
+	else
+		signid = type->pkey_type;
+
+	if (pkey->ameth->pkey_flags & ASN1_PKEY_SIGPARAM_NULL)
+		paramtype = V_ASN1_NULL;
+	else
+		paramtype = V_ASN1_UNDEF;
+
+	if (algor1)
+		X509_ALGOR_set0(algor1, OBJ_nid2obj(signid), paramtype, NULL);
+	if (algor2)
+		X509_ALGOR_set0(algor2, OBJ_nid2obj(signid), paramtype, NULL);
+
+	EVP_MD_CTX_init(&ctx);
 	inl=ASN1_item_i2d(asn,&buf_in, it);
 	outll=outl=EVP_PKEY_size(pkey);
 	buf_out=(unsigned char *)OPENSSL_malloc((unsigned int)outl);
 	if ((buf_in == NULL) || (buf_out == NULL))
 		{
 		outl=0;
-		ASN1err(ASN1_F_ASN1_SIGN,ERR_R_MALLOC_FAILURE);
+		ASN1err(ASN1_F_ASN1_ITEM_SIGN,ERR_R_MALLOC_FAILURE);
 		goto err;
 		}
 
-	EVP_SignInit_ex(&ctx,type, NULL);
-	EVP_SignUpdate(&ctx,(unsigned char *)buf_in,inl);
-	if (!EVP_SignFinal(&ctx,(unsigned char *)buf_out,
+	if (!EVP_SignInit_ex(&ctx,type, NULL)
+		|| !EVP_SignUpdate(&ctx,(unsigned char *)buf_in,inl)
+		|| !EVP_SignFinal(&ctx,(unsigned char *)buf_out,
 			(unsigned int *)&outl,pkey))
 		{
 		outl=0;
-		ASN1err(ASN1_F_ASN1_SIGN,ERR_R_EVP_LIB);
+		ASN1err(ASN1_F_ASN1_ITEM_SIGN,ERR_R_EVP_LIB);
 		goto err;
 		}
 	if (signature->data != NULL) OPENSSL_free(signature->data);
diff --git a/crypto/asn1/a_strex.c b/crypto/asn1/a_strex.c
index bde666a6ff..7fc14d3296 100644
--- a/crypto/asn1/a_strex.c
+++ b/crypto/asn1/a_strex.c
@@ -1,5 +1,5 @@
 /* a_strex.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2000.
  */
 /* ====================================================================
@@ -58,12 +58,12 @@
 
 #include <stdio.h>
 #include <string.h>
+#include "cryptlib.h"
 #include <openssl/crypto.h>
 #include <openssl/x509.h>
 #include <openssl/asn1.h>
 
 #include "charmap.h"
-#include "cryptlib.h"
 
 /* ASN1_STRING_print_ex() and X509_NAME_print_ex().
  * Enhanced string and name printing routines handling
@@ -170,7 +170,7 @@ static int do_buf(unsigned char *buf, int buflen,
 	q = buf + buflen;
 	outlen = 0;
 	while(p != q) {
-		if(p == buf) orflags = CHARTYPE_FIRST_ESC_2253;
+		if(p == buf && flags & ASN1_STRFLGS_ESC_2253) orflags = CHARTYPE_FIRST_ESC_2253;
 		else orflags = 0;
 		switch(type & BUF_TYPE_WIDTH_MASK) {
 			case 4:
@@ -194,8 +194,10 @@ static int do_buf(unsigned char *buf, int buflen,
 			if(i < 0) return -1;	/* Invalid UTF8String */
 			p += i;
 			break;
+			default:
+			return -1;	/* invalid width */
 		}
-		if (p == q) orflags = CHARTYPE_LAST_ESC_2253;
+		if (p == q && flags & ASN1_STRFLGS_ESC_2253) orflags = CHARTYPE_LAST_ESC_2253;
 		if(type & BUF_TYPE_CONVUTF8) {
 			unsigned char utfbuf[6];
 			int utflen;
@@ -223,7 +225,7 @@ static int do_buf(unsigned char *buf, int buflen,
 
 static int do_hex_dump(char_io *io_ch, void *arg, unsigned char *buf, int buflen)
 {
-	const static char hexdig[] = "0123456789ABCDEF";
+	static const char hexdig[] = "0123456789ABCDEF";
 	unsigned char *p, *q;
 	char hextmp[2];
 	if(arg) {
@@ -279,7 +281,7 @@ static int do_dump(unsigned long lflags, char_io *io_ch, void *arg, ASN1_STRING
  * otherwise it is the number of bytes per character
  */
 
-const static signed char tag2nbyte[] = {
+static const signed char tag2nbyte[] = {
 	-1, -1, -1, -1, -1,	/* 0-4 */
 	-1, -1, -1, -1, -1,	/* 5-9 */
 	-1, -1, 0, -1,		/* 10-13 */
@@ -356,12 +358,13 @@ static int do_print_ex(char_io *io_ch, void *arg, unsigned long lflags, ASN1_STR
 	}
 
 	len = do_buf(str->data, str->length, type, flags, &quotes, io_ch, NULL);
-	if(outlen < 0) return -1;
+	if(len < 0) return -1;
 	outlen += len;
 	if(quotes) outlen += 2;
 	if(!arg) return outlen;
 	if(quotes && !io_ch(arg, "\"", 1)) return -1;
-	do_buf(str->data, str->length, type, flags, NULL, io_ch, arg);
+	if(do_buf(str->data, str->length, type, flags, NULL, io_ch, arg) < 0)
+		return -1;
 	if(quotes && !io_ch(arg, "\"", 1)) return -1;
 	return outlen;
 }
@@ -513,7 +516,7 @@ int X509_NAME_print_ex(BIO *out, X509_NAME *nm, int indent, unsigned long flags)
 	return do_name_ex(send_bio_chars, out, nm, indent, flags);
 }
 
-
+#ifndef OPENSSL_NO_FP_API
 int X509_NAME_print_ex_fp(FILE *fp, X509_NAME *nm, int indent, unsigned long flags)
 {
 	if(flags == XN_FLAG_COMPAT)
@@ -528,17 +531,19 @@ int X509_NAME_print_ex_fp(FILE *fp, X509_NAME *nm, int indent, unsigned long fla
 		}
 	return do_name_ex(send_fp_chars, fp, nm, indent, flags);
 }
+#endif
 
 int ASN1_STRING_print_ex(BIO *out, ASN1_STRING *str, unsigned long flags)
 {
 	return do_print_ex(send_bio_chars, out, flags, str);
 }
 
-
+#ifndef OPENSSL_NO_FP_API
 int ASN1_STRING_print_ex_fp(FILE *fp, ASN1_STRING *str, unsigned long flags)
 {
 	return do_print_ex(send_fp_chars, fp, flags, str);
 }
+#endif
 
 /* Utility function: convert any string type to UTF8, returns number of bytes
  * in output string or a negative error code
diff --git a/crypto/asn1/a_strnid.c b/crypto/asn1/a_strnid.c
index 613bbc4a7d..753021a7a2 100644
--- a/crypto/asn1/a_strnid.c
+++ b/crypto/asn1/a_strnid.c
@@ -1,5 +1,5 @@
 /* a_strnid.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
 /* ====================================================================
@@ -67,7 +67,6 @@ static STACK_OF(ASN1_STRING_TABLE) *stable = NULL;
 static void st_free(ASN1_STRING_TABLE *tbl);
 static int sk_table_cmp(const ASN1_STRING_TABLE * const *a,
 			const ASN1_STRING_TABLE * const *b);
-static int table_cmp(const void *a, const void *b);
 
 
 /* This is the global mask for the mbstring functions: this is use to
@@ -158,7 +157,7 @@ ASN1_STRING *ASN1_STRING_set_by_NID(ASN1_STRING **out, const unsigned char *in,
 
 /* This table must be kept in NID order */
 
-static ASN1_STRING_TABLE tbl_standard[] = {
+static const ASN1_STRING_TABLE tbl_standard[] = {
 {NID_commonName,		1, ub_common_name, DIRSTRING_TYPE, 0},
 {NID_countryName,		2, 2, B_ASN1_PRINTABLESTRING, STABLE_NO_MASK},
 {NID_localityName,		1, ub_locality_name, DIRSTRING_TYPE, 0},
@@ -186,22 +185,23 @@ static int sk_table_cmp(const ASN1_STRING_TABLE * const *a,
 	return (*a)->nid - (*b)->nid;
 }
 
-static int table_cmp(const void *a, const void *b)
+DECLARE_OBJ_BSEARCH_CMP_FN(ASN1_STRING_TABLE, ASN1_STRING_TABLE, table);
+
+static int table_cmp(const ASN1_STRING_TABLE *a, const ASN1_STRING_TABLE *b)
 {
-	const ASN1_STRING_TABLE *sa = a, *sb = b;
-	return sa->nid - sb->nid;
+	return a->nid - b->nid;
 }
 
+IMPLEMENT_OBJ_BSEARCH_CMP_FN(ASN1_STRING_TABLE, ASN1_STRING_TABLE, table);
+
 ASN1_STRING_TABLE *ASN1_STRING_TABLE_get(int nid)
 {
 	int idx;
 	ASN1_STRING_TABLE *ttmp;
 	ASN1_STRING_TABLE fnd;
 	fnd.nid = nid;
-	ttmp = (ASN1_STRING_TABLE *) OBJ_bsearch((char *)&fnd,
-					(char *)tbl_standard, 
-			sizeof(tbl_standard)/sizeof(ASN1_STRING_TABLE),
-			sizeof(ASN1_STRING_TABLE), table_cmp);
+	ttmp = OBJ_bsearch_table(&fnd, tbl_standard, 
+			   sizeof(tbl_standard)/sizeof(ASN1_STRING_TABLE));
 	if(ttmp) return ttmp;
 	if(!stable) return NULL;
 	idx = sk_ASN1_STRING_TABLE_find(stable, &fnd);
diff --git a/crypto/asn1/a_time.c b/crypto/asn1/a_time.c
index 159681fbcb..e2eb9b243e 100644
--- a/crypto/asn1/a_time.c
+++ b/crypto/asn1/a_time.c
@@ -100,18 +100,29 @@ int i2d_ASN1_TIME(ASN1_TIME *a, unsigned char **pp)
 
 ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t t)
 	{
+	return ASN1_TIME_adj(s, t, 0, 0);
+	}
+
+ASN1_TIME *ASN1_TIME_adj(ASN1_TIME *s, time_t t,
+				int offset_day, long offset_sec)
+	{
 	struct tm *ts;
 	struct tm data;
 
 	ts=OPENSSL_gmtime(&t,&data);
 	if (ts == NULL)
 		{
-		ASN1err(ASN1_F_ASN1_TIME_SET, ASN1_R_ERROR_GETTING_TIME);
+		ASN1err(ASN1_F_ASN1_TIME_ADJ, ASN1_R_ERROR_GETTING_TIME);
 		return NULL;
 		}
+	if (offset_day || offset_sec)
+		{ 
+		if (!OPENSSL_gmtime_adj(ts, offset_day, offset_sec))
+			return NULL;
+		}
 	if((ts->tm_year >= 50) && (ts->tm_year < 150))
-					return ASN1_UTCTIME_set(s, t);
-	return ASN1_GENERALIZEDTIME_set(s,t);
+			return ASN1_UTCTIME_adj(s, t, offset_day, offset_sec);
+	return ASN1_GENERALIZEDTIME_adj(s, t, offset_day, offset_sec);
 	}
 
 int ASN1_TIME_check(ASN1_TIME *t)
@@ -162,3 +173,26 @@ ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t, ASN1_GENERALIZE
 
 	return ret;
 	}
+
+int ASN1_TIME_set_string(ASN1_TIME *s, const char *str)
+	{
+	ASN1_TIME t;
+
+	t.length = strlen(str);
+	t.data = (unsigned char *)str;
+	t.flags = 0;
+	
+	t.type = V_ASN1_UTCTIME;
+
+	if (!ASN1_TIME_check(&t))
+		{
+		t.type = V_ASN1_GENERALIZEDTIME;
+		if (!ASN1_TIME_check(&t))
+			return 0;
+		}
+	
+	if (s && !ASN1_STRING_copy((ASN1_STRING *)s, (ASN1_STRING *)&t))
+			return 0;
+
+	return 1;
+	}
diff --git a/crypto/asn1/a_type.c b/crypto/asn1/a_type.c
index 2292d49b93..a45d2f9d12 100644
--- a/crypto/asn1/a_type.c
+++ b/crypto/asn1/a_type.c
@@ -57,8 +57,9 @@
  */
 
 #include <stdio.h>
-#include <openssl/asn1t.h>
 #include "cryptlib.h"
+#include <openssl/asn1t.h>
+#include <openssl/objects.h>
 
 int ASN1_TYPE_get(ASN1_TYPE *a)
 	{
@@ -76,9 +77,83 @@ void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value)
 		ASN1_primitive_free((ASN1_VALUE **)tmp_a, NULL);
 		}
 	a->type=type;
-	a->value.ptr=value;
+	if (type == V_ASN1_BOOLEAN)
+		a->value.boolean = value ? 0xff : 0;
+	else
+		a->value.ptr=value;
 	}
 
+int ASN1_TYPE_set1(ASN1_TYPE *a, int type, const void *value)
+	{
+	if (!value || (type == V_ASN1_BOOLEAN))
+		{
+		void *p = (void *)value;
+		ASN1_TYPE_set(a, type, p);
+		}
+	else if (type == V_ASN1_OBJECT)
+		{
+		ASN1_OBJECT *odup;
+		odup = OBJ_dup(value);
+		if (!odup)
+			return 0;
+		ASN1_TYPE_set(a, type, odup);
+		}
+	else
+		{
+		ASN1_STRING *sdup;
+		sdup = ASN1_STRING_dup(value);
+		if (!sdup)
+			return 0;
+		ASN1_TYPE_set(a, type, sdup);
+		}
+	return 1;
+	}
 
 IMPLEMENT_STACK_OF(ASN1_TYPE)
 IMPLEMENT_ASN1_SET_OF(ASN1_TYPE)
+
+/* Returns 0 if they are equal, != 0 otherwise. */
+int ASN1_TYPE_cmp(ASN1_TYPE *a, ASN1_TYPE *b)
+	{
+	int result = -1;
+
+	if (!a || !b || a->type != b->type) return -1;
+
+	switch (a->type)
+		{
+	case V_ASN1_OBJECT:
+		result = OBJ_cmp(a->value.object, b->value.object);
+		break;
+	case V_ASN1_NULL:
+		result = 0;	/* They do not have content. */
+		break;
+	case V_ASN1_INTEGER:
+	case V_ASN1_NEG_INTEGER:
+	case V_ASN1_ENUMERATED:
+	case V_ASN1_NEG_ENUMERATED:
+	case V_ASN1_BIT_STRING:
+	case V_ASN1_OCTET_STRING:
+	case V_ASN1_SEQUENCE:
+	case V_ASN1_SET:
+	case V_ASN1_NUMERICSTRING:
+	case V_ASN1_PRINTABLESTRING:
+	case V_ASN1_T61STRING:
+	case V_ASN1_VIDEOTEXSTRING:
+	case V_ASN1_IA5STRING:
+	case V_ASN1_UTCTIME:
+	case V_ASN1_GENERALIZEDTIME:
+	case V_ASN1_GRAPHICSTRING:
+	case V_ASN1_VISIBLESTRING:
+	case V_ASN1_GENERALSTRING:
+	case V_ASN1_UNIVERSALSTRING:
+	case V_ASN1_BMPSTRING:
+	case V_ASN1_UTF8STRING:
+	case V_ASN1_OTHER:
+	default:
+		result = ASN1_STRING_cmp((ASN1_STRING *) a->value.ptr,
+					 (ASN1_STRING *) b->value.ptr);
+		break;
+		}
+
+	return result;
+	}
diff --git a/crypto/asn1/a_utctm.c b/crypto/asn1/a_utctm.c
index d31c028193..072e236592 100644
--- a/crypto/asn1/a_utctm.c
+++ b/crypto/asn1/a_utctm.c
@@ -114,8 +114,8 @@ err:
 
 int ASN1_UTCTIME_check(ASN1_UTCTIME *d)
 	{
-	static int min[8]={ 0, 1, 1, 0, 0, 0, 0, 0};
-	static int max[8]={99,12,31,23,59,59,12,59};
+	static const int min[8]={ 0, 1, 1, 0, 0, 0, 0, 0};
+	static const int max[8]={99,12,31,23,59,59,12,59};
 	char *a;
 	int n,i,l,o;
 
@@ -186,6 +186,12 @@ int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, const char *str)
 
 ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t)
 	{
+	return ASN1_UTCTIME_adj(s, t, 0, 0);
+	}
+
+ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t,
+				int offset_day, long offset_sec)
+	{
 	char *p;
 	struct tm *ts;
 	struct tm data;
@@ -200,13 +206,22 @@ ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t)
 	if (ts == NULL)
 		return(NULL);
 
+	if (offset_day || offset_sec)
+		{ 
+		if (!OPENSSL_gmtime_adj(ts, offset_day, offset_sec))
+			return NULL;
+		}
+
+	if((ts->tm_year < 50) || (ts->tm_year >= 150))
+		return NULL;
+
 	p=(char *)s->data;
 	if ((p == NULL) || ((size_t)s->length < len))
 		{
 		p=OPENSSL_malloc(len);
 		if (p == NULL)
 			{
-			ASN1err(ASN1_F_ASN1_UTCTIME_SET,ERR_R_MALLOC_FAILURE);
+			ASN1err(ASN1_F_ASN1_UTCTIME_ADJ,ERR_R_MALLOC_FAILURE);
 			return(NULL);
 			}
 		if (s->data != NULL)
diff --git a/crypto/asn1/a_verify.c b/crypto/asn1/a_verify.c
index b91678a9f6..d9332ee15d 100644
--- a/crypto/asn1/a_verify.c
+++ b/crypto/asn1/a_verify.c
@@ -60,6 +60,7 @@
 #include <time.h>
 
 #include "cryptlib.h"
+#include "asn1_locl.h"
 
 #ifndef NO_SYS_TYPES_H
 # include <sys/types.h>
@@ -73,8 +74,8 @@
 
 #ifndef NO_ASN1_OLD
 
-int ASN1_verify(int (*i2d)(), X509_ALGOR *a, ASN1_BIT_STRING *signature,
-	     char *data, EVP_PKEY *pkey)
+int ASN1_verify(i2d_of_void *i2d, X509_ALGOR *a, ASN1_BIT_STRING *signature,
+		char *data, EVP_PKEY *pkey)
 	{
 	EVP_MD_CTX ctx;
 	const EVP_MD *type;
@@ -100,8 +101,13 @@ int ASN1_verify(int (*i2d)(), X509_ALGOR *a, ASN1_BIT_STRING *signature,
 	p=buf_in;
 
 	i2d(data,&p);
-	EVP_VerifyInit_ex(&ctx,type, NULL);
-	EVP_VerifyUpdate(&ctx,(unsigned char *)buf_in,inl);
+	if (!EVP_VerifyInit_ex(&ctx,type, NULL)
+		|| !EVP_VerifyUpdate(&ctx,(unsigned char *)buf_in,inl))
+		{
+		ASN1err(ASN1_F_ASN1_VERIFY,ERR_R_EVP_LIB);
+		ret=0;
+		goto err;
+		}
 
 	OPENSSL_cleanse(buf_in,(unsigned int)inl);
 	OPENSSL_free(buf_in);
@@ -129,16 +135,38 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, ASN1_BIT_STRING *signat
 	     void *asn, EVP_PKEY *pkey)
 	{
 	EVP_MD_CTX ctx;
-	const EVP_MD *type;
+	const EVP_MD *type = NULL;
 	unsigned char *buf_in=NULL;
-	int ret= -1,i,inl;
+	int ret= -1,inl;
+
+	int mdnid, pknid;
 
 	EVP_MD_CTX_init(&ctx);
-	i=OBJ_obj2nid(a->algorithm);
-	type=EVP_get_digestbyname(OBJ_nid2sn(i));
+
+	/* Convert signature OID into digest and public key OIDs */
+	if (!OBJ_find_sigid_algs(OBJ_obj2nid(a->algorithm), &mdnid, &pknid))
+		{
+		ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM);
+		goto err;
+		}
+	type=EVP_get_digestbynid(mdnid);
 	if (type == NULL)
 		{
-		ASN1err(ASN1_F_ASN1_VERIFY,ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM);
+		ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM);
+		goto err;
+		}
+
+	/* Check public key OID matches public key type */
+	if (EVP_PKEY_type(pknid) != pkey->ameth->pkey_id)
+		{
+		ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ASN1_R_WRONG_PUBLIC_KEY_TYPE);
+		goto err;
+		}
+
+	if (!EVP_VerifyInit_ex(&ctx,type, NULL))
+		{
+		ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ERR_R_EVP_LIB);
+		ret=0;
 		goto err;
 		}
 
@@ -146,17 +174,16 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, ASN1_BIT_STRING *signat
 	
 	if (buf_in == NULL)
 		{
-		ASN1err(ASN1_F_ASN1_VERIFY,ERR_R_MALLOC_FAILURE);
+		ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ERR_R_MALLOC_FAILURE);
 		goto err;
 		}
 
-	if (!EVP_VerifyInit_ex(&ctx,type, NULL))
+	if (!EVP_VerifyUpdate(&ctx,(unsigned char *)buf_in,inl))
 		{
-		ASN1err(ASN1_F_ASN1_VERIFY,ERR_R_EVP_LIB);
+		ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ERR_R_EVP_LIB);
 		ret=0;
 		goto err;
 		}
-	EVP_VerifyUpdate(&ctx,(unsigned char *)buf_in,inl);
 
 	OPENSSL_cleanse(buf_in,(unsigned int)inl);
 	OPENSSL_free(buf_in);
@@ -164,7 +191,7 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, ASN1_BIT_STRING *signat
 	if (EVP_VerifyFinal(&ctx,(unsigned char *)signature->data,
 			(unsigned int)signature->length,pkey) <= 0)
 		{
-		ASN1err(ASN1_F_ASN1_VERIFY,ERR_R_EVP_LIB);
+		ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ERR_R_EVP_LIB);
 		ret=0;
 		goto err;
 		}
diff --git a/crypto/asn1/ameth_lib.c b/crypto/asn1/ameth_lib.c
new file mode 100644
index 0000000000..9a8b6cc222
--- /dev/null
+++ b/crypto/asn1/ameth_lib.c
@@ -0,0 +1,450 @@
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project 2006.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/asn1t.h>
+#include <openssl/x509.h>
+#ifndef OPENSSL_NO_ENGINE
+#include <openssl/engine.h>
+#endif
+#include "asn1_locl.h"
+
+extern const EVP_PKEY_ASN1_METHOD rsa_asn1_meths[];
+extern const EVP_PKEY_ASN1_METHOD dsa_asn1_meths[];
+extern const EVP_PKEY_ASN1_METHOD dh_asn1_meth;
+extern const EVP_PKEY_ASN1_METHOD eckey_asn1_meth;
+extern const EVP_PKEY_ASN1_METHOD hmac_asn1_meth;
+
+/* Keep this sorted in type order !! */
+static const EVP_PKEY_ASN1_METHOD *standard_methods[] = 
+	{
+#ifndef OPENSSL_NO_RSA
+	&rsa_asn1_meths[0],
+	&rsa_asn1_meths[1],
+#endif
+#ifndef OPENSSL_NO_DH
+	&dh_asn1_meth,
+#endif
+#ifndef OPENSSL_NO_DSA
+	&dsa_asn1_meths[0],
+	&dsa_asn1_meths[1],
+	&dsa_asn1_meths[2],
+	&dsa_asn1_meths[3],
+	&dsa_asn1_meths[4],
+#endif
+#ifndef OPENSSL_NO_EC
+	&eckey_asn1_meth,
+#endif
+	&hmac_asn1_meth
+	};
+
+typedef int sk_cmp_fn_type(const char * const *a, const char * const *b);
+DECLARE_STACK_OF(EVP_PKEY_ASN1_METHOD)
+static STACK_OF(EVP_PKEY_ASN1_METHOD) *app_methods = NULL;
+
+
+
+#ifdef TEST
+void main()
+	{
+	int i;
+	for (i = 0;
+		i < sizeof(standard_methods)/sizeof(EVP_PKEY_ASN1_METHOD *);
+		i++)
+		fprintf(stderr, "Number %d id=%d (%s)\n", i,
+			standard_methods[i]->pkey_id,
+			OBJ_nid2sn(standard_methods[i]->pkey_id));
+	}
+#endif
+
+DECLARE_OBJ_BSEARCH_CMP_FN(const EVP_PKEY_ASN1_METHOD *,
+			   const EVP_PKEY_ASN1_METHOD *, ameth);
+
+static int ameth_cmp(const EVP_PKEY_ASN1_METHOD * const *a,
+		     const EVP_PKEY_ASN1_METHOD * const *b)
+	{
+        return ((*a)->pkey_id - (*b)->pkey_id);
+	}
+
+IMPLEMENT_OBJ_BSEARCH_CMP_FN(const EVP_PKEY_ASN1_METHOD *,
+			     const EVP_PKEY_ASN1_METHOD *, ameth);
+
+int EVP_PKEY_asn1_get_count(void)
+	{
+	int num = sizeof(standard_methods)/sizeof(EVP_PKEY_ASN1_METHOD *);
+	if (app_methods)
+		num += sk_EVP_PKEY_ASN1_METHOD_num(app_methods);
+	return num;
+	}
+
+const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_get0(int idx)
+	{
+	int num = sizeof(standard_methods)/sizeof(EVP_PKEY_ASN1_METHOD *);
+	if (idx < 0)
+		return NULL; 
+	if (idx < num)
+		return standard_methods[idx];
+	idx -= num;
+	return sk_EVP_PKEY_ASN1_METHOD_value(app_methods, idx);
+	}
+
+static const EVP_PKEY_ASN1_METHOD *pkey_asn1_find(int type)
+	{
+	EVP_PKEY_ASN1_METHOD tmp;
+	const EVP_PKEY_ASN1_METHOD *t = &tmp, **ret;
+	tmp.pkey_id = type;
+	if (app_methods)
+		{
+		int idx;
+		idx = sk_EVP_PKEY_ASN1_METHOD_find(app_methods, &tmp);
+		if (idx >= 0)
+			return sk_EVP_PKEY_ASN1_METHOD_value(app_methods, idx);
+		}
+	ret = OBJ_bsearch_ameth(&t, standard_methods,
+			  sizeof(standard_methods)
+			  /sizeof(EVP_PKEY_ASN1_METHOD *));
+	if (!ret || !*ret)
+		return NULL;
+	return *ret;
+	}
+
+/* Find an implementation of an ASN1 algorithm. If 'pe' is not NULL
+ * also search through engines and set *pe to a functional reference
+ * to the engine implementing 'type' or NULL if no engine implements 
+ * it.
+ */
+
+const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find(ENGINE **pe, int type)
+	{
+	const EVP_PKEY_ASN1_METHOD *t;
+	ENGINE *e;
+
+	for (;;)
+		{
+		t = pkey_asn1_find(type);
+		if (!t || !(t->pkey_flags & ASN1_PKEY_ALIAS))
+			break;
+		type = t->pkey_base_id;
+		}
+	if (pe)
+		{
+#ifndef OPENSSL_NO_ENGINE
+		/* type will contain the final unaliased type */
+		e = ENGINE_get_pkey_asn1_meth_engine(type);
+		if (e)
+			{
+			*pe = e;
+			return ENGINE_get_pkey_asn1_meth(e, type);
+			}
+#endif
+		*pe = NULL;
+		}
+	return t;
+	}
+
+const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find_str(ENGINE **pe,
+					const char *str, int len)
+	{
+	int i;
+	const EVP_PKEY_ASN1_METHOD *ameth;
+	if (len == -1)
+		len = strlen(str);
+	if (pe)
+		{
+#ifndef OPENSSL_NO_ENGINE
+		ENGINE *e;
+		ameth = ENGINE_pkey_asn1_find_str(&e, str, len);
+		if (ameth)
+			{
+			/* Convert structural into
+			 * functional reference
+			 */
+			if (!ENGINE_init(e))
+				ameth = NULL;
+			ENGINE_free(e);
+			*pe = e;
+			return ameth;
+			}
+#endif
+		*pe = NULL;
+		}
+	for (i = 0; i < EVP_PKEY_asn1_get_count(); i++)
+		{
+		ameth = EVP_PKEY_asn1_get0(i);
+		if (ameth->pkey_flags & ASN1_PKEY_ALIAS)
+			continue;
+		if (((int)strlen(ameth->pem_str) == len) && 
+			!strncasecmp(ameth->pem_str, str, len))
+			return ameth;
+		}
+	return NULL;
+	}
+
+int EVP_PKEY_asn1_add0(const EVP_PKEY_ASN1_METHOD *ameth)
+	{
+	if (app_methods == NULL)
+		{
+		app_methods = sk_EVP_PKEY_ASN1_METHOD_new(ameth_cmp);
+		if (!app_methods)
+			return 0;
+		}
+	if (!sk_EVP_PKEY_ASN1_METHOD_push(app_methods, ameth))
+		return 0;
+	sk_EVP_PKEY_ASN1_METHOD_sort(app_methods);
+	return 1;
+	}
+
+int EVP_PKEY_asn1_add_alias(int to, int from)
+	{
+	EVP_PKEY_ASN1_METHOD *ameth;
+	ameth = EVP_PKEY_asn1_new(from, ASN1_PKEY_ALIAS, NULL, NULL);
+	if (!ameth)
+		return 0;
+	ameth->pkey_base_id = to;
+	return EVP_PKEY_asn1_add0(ameth);
+	}
+
+int EVP_PKEY_asn1_get0_info(int *ppkey_id, int *ppkey_base_id, int *ppkey_flags,
+				const char **pinfo, const char **ppem_str,
+					const EVP_PKEY_ASN1_METHOD *ameth)
+	{
+	if (!ameth)
+		return 0;
+	if (ppkey_id)
+		*ppkey_id = ameth->pkey_id;
+	if (ppkey_base_id)
+		*ppkey_base_id = ameth->pkey_base_id;
+	if (ppkey_flags)
+		*ppkey_flags = ameth->pkey_flags;
+	if (pinfo)
+		*pinfo = ameth->info;
+	if (ppem_str)
+		*ppem_str = ameth->pem_str;
+	return 1;
+	}
+
+const EVP_PKEY_ASN1_METHOD* EVP_PKEY_get0_asn1(EVP_PKEY *pkey)
+	{
+	return pkey->ameth;
+	}
+
+EVP_PKEY_ASN1_METHOD* EVP_PKEY_asn1_new(int id, int flags,
+					const char *pem_str, const char *info)
+	{
+	EVP_PKEY_ASN1_METHOD *ameth;
+	ameth = OPENSSL_malloc(sizeof(EVP_PKEY_ASN1_METHOD));
+	if (!ameth)
+		return NULL;
+
+	ameth->pkey_id = id;
+	ameth->pkey_base_id = id;
+	ameth->pkey_flags = flags | ASN1_PKEY_DYNAMIC;
+
+	if (info)
+		{
+		ameth->info = BUF_strdup(info);
+		if (!ameth->info)
+			goto err;
+		}
+	else
+		ameth->info = NULL;
+
+	if (pem_str)
+		{
+		ameth->pem_str = BUF_strdup(pem_str);
+		if (!ameth->pem_str)
+			goto err;
+		}
+	else
+		ameth->pem_str = NULL;
+
+	ameth->pub_decode = 0;
+	ameth->pub_encode = 0;
+	ameth->pub_cmp = 0;
+	ameth->pub_print = 0;
+
+	ameth->priv_decode = 0;
+	ameth->priv_encode = 0;
+	ameth->priv_print = 0;
+
+	ameth->old_priv_encode = 0;
+	ameth->old_priv_decode = 0;
+
+	ameth->pkey_size = 0;
+	ameth->pkey_bits = 0;
+
+	ameth->param_decode = 0;
+	ameth->param_encode = 0;
+	ameth->param_missing = 0;
+	ameth->param_copy = 0;
+	ameth->param_cmp = 0;
+	ameth->param_print = 0;
+
+	ameth->pkey_free = 0;
+	ameth->pkey_ctrl = 0;
+
+	return ameth;
+
+	err:
+
+	EVP_PKEY_asn1_free(ameth);
+	return NULL;
+
+	}
+
+void EVP_PKEY_asn1_copy(EVP_PKEY_ASN1_METHOD *dst, 
+			const EVP_PKEY_ASN1_METHOD *src)
+	{
+
+	dst->pub_decode = src->pub_decode;
+	dst->pub_encode = src->pub_encode;
+	dst->pub_cmp = src->pub_cmp;
+	dst->pub_print = src->pub_print;
+
+	dst->priv_decode = src->priv_decode;
+	dst->priv_encode = src->priv_encode;
+	dst->priv_print = src->priv_print;
+
+	dst->old_priv_encode = src->old_priv_encode;
+	dst->old_priv_decode = src->old_priv_decode;
+
+	dst->pkey_size = src->pkey_size;
+	dst->pkey_bits = src->pkey_bits;
+
+	dst->param_decode = src->param_decode;
+	dst->param_encode = src->param_encode;
+	dst->param_missing = src->param_missing;
+	dst->param_copy = src->param_copy;
+	dst->param_cmp = src->param_cmp;
+	dst->param_print = src->param_print;
+
+	dst->pkey_free = src->pkey_free;
+	dst->pkey_ctrl = src->pkey_ctrl;
+
+	}
+
+void EVP_PKEY_asn1_free(EVP_PKEY_ASN1_METHOD *ameth)
+	{
+	if (ameth && (ameth->pkey_flags & ASN1_PKEY_DYNAMIC))
+		{
+		if (ameth->pem_str)
+			OPENSSL_free(ameth->pem_str);
+		if (ameth->info)
+			OPENSSL_free(ameth->info);
+		OPENSSL_free(ameth);
+		}
+	}
+
+void EVP_PKEY_asn1_set_public(EVP_PKEY_ASN1_METHOD *ameth,
+		int (*pub_decode)(EVP_PKEY *pk, X509_PUBKEY *pub),
+		int (*pub_encode)(X509_PUBKEY *pub, const EVP_PKEY *pk),
+		int (*pub_cmp)(const EVP_PKEY *a, const EVP_PKEY *b),
+		int (*pub_print)(BIO *out, const EVP_PKEY *pkey, int indent,
+							ASN1_PCTX *pctx),
+		int (*pkey_size)(const EVP_PKEY *pk),
+		int (*pkey_bits)(const EVP_PKEY *pk))
+	{
+	ameth->pub_decode = pub_decode;
+	ameth->pub_encode = pub_encode;
+	ameth->pub_cmp = pub_cmp;
+	ameth->pub_print = pub_print;
+	ameth->pkey_size = pkey_size;
+	ameth->pkey_bits = pkey_bits;
+	}
+
+void EVP_PKEY_asn1_set_private(EVP_PKEY_ASN1_METHOD *ameth,
+		int (*priv_decode)(EVP_PKEY *pk, PKCS8_PRIV_KEY_INFO *p8inf),
+		int (*priv_encode)(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk),
+		int (*priv_print)(BIO *out, const EVP_PKEY *pkey, int indent,
+							ASN1_PCTX *pctx))
+	{
+	ameth->priv_decode = priv_decode;
+	ameth->priv_encode = priv_encode;
+	ameth->priv_print = priv_print;
+	}
+
+void EVP_PKEY_asn1_set_param(EVP_PKEY_ASN1_METHOD *ameth,
+		int (*param_decode)(EVP_PKEY *pkey,
+				const unsigned char **pder, int derlen),
+		int (*param_encode)(const EVP_PKEY *pkey, unsigned char **pder),
+		int (*param_missing)(const EVP_PKEY *pk),
+		int (*param_copy)(EVP_PKEY *to, const EVP_PKEY *from),
+		int (*param_cmp)(const EVP_PKEY *a, const EVP_PKEY *b),
+		int (*param_print)(BIO *out, const EVP_PKEY *pkey, int indent,
+							ASN1_PCTX *pctx))
+	{
+	ameth->param_decode = param_decode;
+	ameth->param_encode = param_encode;
+	ameth->param_missing = param_missing;
+	ameth->param_copy = param_copy;
+	ameth->param_cmp = param_cmp;
+	ameth->param_print = param_print;
+	}
+
+void EVP_PKEY_asn1_set_free(EVP_PKEY_ASN1_METHOD *ameth,
+		void (*pkey_free)(EVP_PKEY *pkey))
+	{
+	ameth->pkey_free = pkey_free;
+	}
+
+void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth,
+		int (*pkey_ctrl)(EVP_PKEY *pkey, int op,
+							long arg1, void *arg2))
+	{
+	ameth->pkey_ctrl = pkey_ctrl;
+	}
diff --git a/crypto/asn1/asn1.h b/crypto/asn1/asn1.h
index aad3dcb23d..4f9f7f605f 100644
--- a/crypto/asn1/asn1.h
+++ b/crypto/asn1/asn1.h
@@ -149,6 +149,7 @@ extern "C" {
 #define B_ASN1_UTF8STRING	0x2000
 #define B_ASN1_UTCTIME		0x4000
 #define B_ASN1_GENERALIZEDTIME	0x8000
+#define B_ASN1_SEQUENCE		0x10000
 
 /* For use with ASN1_mbstring_copy() */
 #define MBSTRING_FLAG		0x1000
@@ -157,7 +158,12 @@ extern "C" {
 #define MBSTRING_BMP		(MBSTRING_FLAG|2)
 #define MBSTRING_UNIV		(MBSTRING_FLAG|4)
 
+#define SMIME_OLDMIME		0x400
+#define SMIME_CRLFEOL		0x800
+#define SMIME_STREAM		0x1000
+
 struct X509_algor_st;
+DECLARE_STACK_OF(X509_ALGOR)
 
 #define DECLARE_ASN1_SET_OF(type) /* filled in by mkstack.pl */
 #define IMPLEMENT_ASN1_SET_OF(type) /* nothing, no longer needed */
@@ -207,7 +213,7 @@ typedef struct asn1_object_st
 	const char *sn,*ln;
 	int nid;
 	int length;
-	unsigned char *data;
+	const unsigned char *data;	/* data remains const after init */
 	int flags;	/* Should we free this one */
 	} ASN1_OBJECT;
 
@@ -217,6 +223,17 @@ typedef struct asn1_object_st
  * be inserted in the memory buffer 
  */
 #define ASN1_STRING_FLAG_NDEF 0x010 
+
+/* This flag is used by the CMS code to indicate that a string is not
+ * complete and is a place holder for content when it had all been 
+ * accessed. The flag will be reset when content has been written to it.
+ */
+
+#define ASN1_STRING_FLAG_CONT 0x020 
+/* This flag is used by ASN1 code to indicate an ASN1_STRING is an MSTRING
+ * type.
+ */
+#define ASN1_STRING_FLAG_MSTRING 0x040 
 /* This is the base type that holds just about everything :-) */
 typedef struct asn1_string_st
 	{
@@ -310,13 +327,41 @@ typedef struct ASN1_VALUE_st ASN1_VALUE;
 	int i2d_##name##_NDEF(name *a, unsigned char **out);
 
 #define DECLARE_ASN1_FUNCTIONS_const(name) \
-	name *name##_new(void); \
-	void name##_free(name *a);
+	DECLARE_ASN1_ALLOC_FUNCTIONS(name) \
+	DECLARE_ASN1_ENCODE_FUNCTIONS_const(name, name)
 
 #define DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, name) \
 	type *name##_new(void); \
 	void name##_free(type *a);
 
+#define DECLARE_ASN1_PRINT_FUNCTION(stname) \
+	DECLARE_ASN1_PRINT_FUNCTION_fname(stname, stname)
+
+#define DECLARE_ASN1_PRINT_FUNCTION_fname(stname, fname) \
+	int fname##_print_ctx(BIO *out, stname *x, int indent, \
+					 const ASN1_PCTX *pctx);
+
+#define D2I_OF(type) type *(*)(type **,const unsigned char **,long)
+#define I2D_OF(type) int (*)(type *,unsigned char **)
+#define I2D_OF_const(type) int (*)(const type *,unsigned char **)
+
+#define CHECKED_D2I_OF(type, d2i) \
+    ((d2i_of_void*) (1 ? d2i : ((D2I_OF(type))0)))
+#define CHECKED_I2D_OF(type, i2d) \
+    ((i2d_of_void*) (1 ? i2d : ((I2D_OF(type))0)))
+#define CHECKED_NEW_OF(type, xnew) \
+    ((void *(*)(void)) (1 ? xnew : ((type *(*)(void))0)))
+#define CHECKED_PTR_OF(type, p) \
+    ((void*) (1 ? p : (type*)0))
+#define CHECKED_PPTR_OF(type, p) \
+    ((void**) (1 ? p : (type**)0))
+
+#define TYPEDEF_D2I_OF(type) typedef type *d2i_of_##type(type **,const unsigned char **,long)
+#define TYPEDEF_I2D_OF(type) typedef int i2d_of_##type(type *,unsigned char **)
+#define TYPEDEF_D2I2D_OF(type) TYPEDEF_D2I_OF(type); TYPEDEF_I2D_OF(type)
+
+TYPEDEF_D2I2D_OF(void);
+
 /* The following macros and typedefs allow an ASN1_ITEM
  * to be embedded in a structure and referenced. Since
  * the ASN1_ITEM pointers need to be globally accessible
@@ -500,27 +545,23 @@ typedef struct asn1_type_st
 		 * contain the set or sequence bytes */
 		ASN1_STRING *		set;
 		ASN1_STRING *		sequence;
+		ASN1_VALUE *		asn1_value;
 		} value;
 	} ASN1_TYPE;
 
 DECLARE_STACK_OF(ASN1_TYPE)
 DECLARE_ASN1_SET_OF(ASN1_TYPE)
 
-typedef struct asn1_method_st
-	{
-	int (*i2d)();
-	char *(*d2i)();
-	char *(*create)();
-	void (*destroy)();
-	} ASN1_METHOD;
-
-/* This is used when parsing some Netscape objects */
-typedef struct asn1_header_st
+typedef STACK_OF(ASN1_TYPE) ASN1_SEQUENCE_ANY;
+
+DECLARE_ASN1_ENCODE_FUNCTIONS_const(ASN1_SEQUENCE_ANY, ASN1_SEQUENCE_ANY)
+DECLARE_ASN1_ENCODE_FUNCTIONS_const(ASN1_SEQUENCE_ANY, ASN1_SET_ANY)
+
+typedef struct NETSCAPE_X509_st
 	{
 	ASN1_OCTET_STRING *header;
-	char *data;
-	ASN1_METHOD *meth;
-	} ASN1_HEADER;
+	X509 *cert;
+	} NETSCAPE_X509;
 
 /* This is used to contain a list of bit names */
 typedef struct BIT_STRING_BITNAME_st {
@@ -540,32 +581,34 @@ typedef struct BIT_STRING_BITNAME_st {
 		ASN1_STRING_type_new(V_ASN1_BIT_STRING)
 #define M_ASN1_BIT_STRING_free(a)	ASN1_STRING_free((ASN1_STRING *)a)
 #define M_ASN1_BIT_STRING_dup(a) (ASN1_BIT_STRING *)\
-		ASN1_STRING_dup((ASN1_STRING *)a)
+		ASN1_STRING_dup((const ASN1_STRING *)a)
 #define M_ASN1_BIT_STRING_cmp(a,b) ASN1_STRING_cmp(\
-		(ASN1_STRING *)a,(ASN1_STRING *)b)
+		(const ASN1_STRING *)a,(const ASN1_STRING *)b)
 #define M_ASN1_BIT_STRING_set(a,b,c) ASN1_STRING_set((ASN1_STRING *)a,b,c)
 
 #define M_ASN1_INTEGER_new()	(ASN1_INTEGER *)\
 		ASN1_STRING_type_new(V_ASN1_INTEGER)
 #define M_ASN1_INTEGER_free(a)		ASN1_STRING_free((ASN1_STRING *)a)
-#define M_ASN1_INTEGER_dup(a) (ASN1_INTEGER *)ASN1_STRING_dup((ASN1_STRING *)a)
+#define M_ASN1_INTEGER_dup(a) (ASN1_INTEGER *)\
+		ASN1_STRING_dup((const ASN1_STRING *)a)
 #define M_ASN1_INTEGER_cmp(a,b)	ASN1_STRING_cmp(\
-		(ASN1_STRING *)a,(ASN1_STRING *)b)
+		(const ASN1_STRING *)a,(const ASN1_STRING *)b)
 
 #define M_ASN1_ENUMERATED_new()	(ASN1_ENUMERATED *)\
 		ASN1_STRING_type_new(V_ASN1_ENUMERATED)
 #define M_ASN1_ENUMERATED_free(a)	ASN1_STRING_free((ASN1_STRING *)a)
-#define M_ASN1_ENUMERATED_dup(a) (ASN1_ENUMERATED *)ASN1_STRING_dup((ASN1_STRING *)a)
+#define M_ASN1_ENUMERATED_dup(a) (ASN1_ENUMERATED *)\
+		ASN1_STRING_dup((const ASN1_STRING *)a)
 #define M_ASN1_ENUMERATED_cmp(a,b)	ASN1_STRING_cmp(\
-		(ASN1_STRING *)a,(ASN1_STRING *)b)
+		(const ASN1_STRING *)a,(const ASN1_STRING *)b)
 
 #define M_ASN1_OCTET_STRING_new()	(ASN1_OCTET_STRING *)\
 		ASN1_STRING_type_new(V_ASN1_OCTET_STRING)
 #define M_ASN1_OCTET_STRING_free(a)	ASN1_STRING_free((ASN1_STRING *)a)
 #define M_ASN1_OCTET_STRING_dup(a) (ASN1_OCTET_STRING *)\
-		ASN1_STRING_dup((ASN1_STRING *)a)
+		ASN1_STRING_dup((const ASN1_STRING *)a)
 #define M_ASN1_OCTET_STRING_cmp(a,b) ASN1_STRING_cmp(\
-		(ASN1_STRING *)a,(ASN1_STRING *)b)
+		(const ASN1_STRING *)a,(const ASN1_STRING *)b)
 #define M_ASN1_OCTET_STRING_set(a,b,c)	ASN1_STRING_set((ASN1_STRING *)a,b,c)
 #define M_ASN1_OCTET_STRING_print(a,b)	ASN1_STRING_print(a,(ASN1_STRING *)b)
 #define M_i2d_ASN1_OCTET_STRING(a,pp) \
@@ -577,6 +620,7 @@ typedef struct BIT_STRING_BITNAME_st {
 			B_ASN1_GENERALIZEDTIME
 
 #define B_ASN1_PRINTABLE \
+			B_ASN1_NUMERICSTRING| \
 			B_ASN1_PRINTABLESTRING| \
 			B_ASN1_T61STRING| \
 			B_ASN1_IA5STRING| \
@@ -584,6 +628,7 @@ typedef struct BIT_STRING_BITNAME_st {
 			B_ASN1_UNIVERSALSTRING|\
 			B_ASN1_BMPSTRING|\
 			B_ASN1_UTF8STRING|\
+			B_ASN1_SEQUENCE|\
 			B_ASN1_UNKNOWN
 
 #define B_ASN1_DIRECTORYSTRING \
@@ -647,7 +692,7 @@ typedef struct BIT_STRING_BITNAME_st {
 		ASN1_STRING_type_new(V_ASN1_IA5STRING)
 #define M_ASN1_IA5STRING_free(a)	ASN1_STRING_free((ASN1_STRING *)a)
 #define M_ASN1_IA5STRING_dup(a)	\
-			(ASN1_IA5STRING *)ASN1_STRING_dup((ASN1_STRING *)a)
+		(ASN1_IA5STRING *)ASN1_STRING_dup((const ASN1_STRING *)a)
 #define M_i2d_ASN1_IA5STRING(a,pp) \
 		i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_IA5STRING,\
 			V_ASN1_UNIVERSAL)
@@ -658,18 +703,20 @@ typedef struct BIT_STRING_BITNAME_st {
 #define M_ASN1_UTCTIME_new()	(ASN1_UTCTIME *)\
 		ASN1_STRING_type_new(V_ASN1_UTCTIME)
 #define M_ASN1_UTCTIME_free(a)	ASN1_STRING_free((ASN1_STRING *)a)
-#define M_ASN1_UTCTIME_dup(a) (ASN1_UTCTIME *)ASN1_STRING_dup((ASN1_STRING *)a)
+#define M_ASN1_UTCTIME_dup(a) (ASN1_UTCTIME *)\
+		ASN1_STRING_dup((const ASN1_STRING *)a)
 
 #define M_ASN1_GENERALIZEDTIME_new()	(ASN1_GENERALIZEDTIME *)\
 		ASN1_STRING_type_new(V_ASN1_GENERALIZEDTIME)
 #define M_ASN1_GENERALIZEDTIME_free(a)	ASN1_STRING_free((ASN1_STRING *)a)
 #define M_ASN1_GENERALIZEDTIME_dup(a) (ASN1_GENERALIZEDTIME *)ASN1_STRING_dup(\
-	(ASN1_STRING *)a)
+	(const ASN1_STRING *)a)
 
 #define M_ASN1_TIME_new()	(ASN1_TIME *)\
 		ASN1_STRING_type_new(V_ASN1_UTCTIME)
 #define M_ASN1_TIME_free(a)	ASN1_STRING_free((ASN1_STRING *)a)
-#define M_ASN1_TIME_dup(a) (ASN1_TIME *)ASN1_STRING_dup((ASN1_STRING *)a)
+#define M_ASN1_TIME_dup(a) (ASN1_TIME *)\
+	ASN1_STRING_dup((const ASN1_STRING *)a)
 
 #define M_ASN1_GENERALSTRING_new()	(ASN1_GENERALSTRING *)\
 		ASN1_STRING_type_new(V_ASN1_GENERALSTRING)
@@ -729,6 +776,8 @@ DECLARE_ASN1_FUNCTIONS_fname(ASN1_TYPE, ASN1_ANY, ASN1_TYPE)
 
 int ASN1_TYPE_get(ASN1_TYPE *a);
 void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value);
+int ASN1_TYPE_set1(ASN1_TYPE *a, int type, const void *value);
+int            ASN1_TYPE_cmp(ASN1_TYPE *a, ASN1_TYPE *b);
 
 ASN1_OBJECT *	ASN1_OBJECT_new(void );
 void		ASN1_OBJECT_free(ASN1_OBJECT *a);
@@ -745,13 +794,15 @@ DECLARE_ASN1_SET_OF(ASN1_OBJECT)
 
 ASN1_STRING *	ASN1_STRING_new(void);
 void		ASN1_STRING_free(ASN1_STRING *a);
-ASN1_STRING *	ASN1_STRING_dup(ASN1_STRING *a);
+int		ASN1_STRING_copy(ASN1_STRING *dst, const ASN1_STRING *str);
+ASN1_STRING *	ASN1_STRING_dup(const ASN1_STRING *a);
 ASN1_STRING *	ASN1_STRING_type_new(int type );
-int 		ASN1_STRING_cmp(ASN1_STRING *a, ASN1_STRING *b);
+int 		ASN1_STRING_cmp(const ASN1_STRING *a, const ASN1_STRING *b);
   /* Since this is used to store all sorts of things, via macros, for now, make
      its data void * */
 int 		ASN1_STRING_set(ASN1_STRING *str, const void *data, int len);
-int ASN1_STRING_length(ASN1_STRING *x);
+void		ASN1_STRING_set0(ASN1_STRING *str, void *data, int len);
+int ASN1_STRING_length(const ASN1_STRING *x);
 void ASN1_STRING_length_set(ASN1_STRING *x, int n);
 int ASN1_STRING_type(ASN1_STRING *x);
 unsigned char * ASN1_STRING_data(ASN1_STRING *x);
@@ -764,6 +815,8 @@ int		ASN1_BIT_STRING_set(ASN1_BIT_STRING *a, unsigned char *d,
 			int length );
 int		ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value);
 int		ASN1_BIT_STRING_get_bit(ASN1_BIT_STRING *a, int n);
+int            ASN1_BIT_STRING_check(ASN1_BIT_STRING *a,
+                                     unsigned char *flags, int flags_len);
 
 #ifndef OPENSSL_NO_BIO
 int ASN1_BIT_STRING_name_print(BIO *out, ASN1_BIT_STRING *bs,
@@ -782,13 +835,15 @@ ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a,const unsigned char **pp,
 			long length);
 ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a,const unsigned char **pp,
 			long length);
-ASN1_INTEGER *	ASN1_INTEGER_dup(ASN1_INTEGER *x);
-int ASN1_INTEGER_cmp(ASN1_INTEGER *x, ASN1_INTEGER *y);
+ASN1_INTEGER *	ASN1_INTEGER_dup(const ASN1_INTEGER *x);
+int ASN1_INTEGER_cmp(const ASN1_INTEGER *x, const ASN1_INTEGER *y);
 
 DECLARE_ASN1_FUNCTIONS(ASN1_ENUMERATED)
 
 int ASN1_UTCTIME_check(ASN1_UTCTIME *a);
 ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s,time_t t);
+ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t,
+				int offset_day, long offset_sec);
 int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, const char *str);
 int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t);
 #if 0
@@ -797,11 +852,13 @@ time_t ASN1_UTCTIME_get(const ASN1_UTCTIME *s);
 
 int ASN1_GENERALIZEDTIME_check(ASN1_GENERALIZEDTIME *a);
 ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,time_t t);
+ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_adj(ASN1_GENERALIZEDTIME *s,
+	     time_t t, int offset_day, long offset_sec);
 int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s, const char *str);
 
 DECLARE_ASN1_FUNCTIONS(ASN1_OCTET_STRING)
-ASN1_OCTET_STRING *	ASN1_OCTET_STRING_dup(ASN1_OCTET_STRING *a);
-int 	ASN1_OCTET_STRING_cmp(ASN1_OCTET_STRING *a, ASN1_OCTET_STRING *b);
+ASN1_OCTET_STRING *	ASN1_OCTET_STRING_dup(const ASN1_OCTET_STRING *a);
+int 	ASN1_OCTET_STRING_cmp(const ASN1_OCTET_STRING *a, const ASN1_OCTET_STRING *b);
 int 	ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *str, const unsigned char *data, int len);
 
 DECLARE_ASN1_FUNCTIONS(ASN1_VISIBLESTRING)
@@ -828,14 +885,20 @@ DECLARE_ASN1_FUNCTIONS(ASN1_TIME)
 DECLARE_ASN1_ITEM(ASN1_OCTET_STRING_NDEF)
 
 ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s,time_t t);
+ASN1_TIME *ASN1_TIME_adj(ASN1_TIME *s,time_t t,
+				int offset_day, long offset_sec);
 int ASN1_TIME_check(ASN1_TIME *t);
 ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t, ASN1_GENERALIZEDTIME **out);
+int ASN1_TIME_set_string(ASN1_TIME *s, const char *str);
 
-int		i2d_ASN1_SET(STACK *a, unsigned char **pp,
-			int (*func)(), int ex_tag, int ex_class, int is_set);
-STACK *		d2i_ASN1_SET(STACK **a, const unsigned char **pp, long length,
-			char *(*func)(), void (*free_func)(void *),
-			int ex_tag, int ex_class);
+int i2d_ASN1_SET(STACK_OF(OPENSSL_BLOCK) *a, unsigned char **pp,
+		 i2d_of_void *i2d, int ex_tag, int ex_class,
+		 int is_set);
+STACK_OF(OPENSSL_BLOCK) *d2i_ASN1_SET(STACK_OF(OPENSSL_BLOCK) **a,
+			      const unsigned char **pp,
+			      long length, d2i_of_void *d2i,
+			      void (*free_func)(OPENSSL_BLOCK), int ex_tag,
+			      int ex_class);
 
 #ifndef OPENSSL_NO_BIO
 int i2a_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *a);
@@ -853,9 +916,9 @@ ASN1_OBJECT *ASN1_OBJECT_create(int nid, unsigned char *data,int len,
 	const char *sn, const char *ln);
 
 int ASN1_INTEGER_set(ASN1_INTEGER *a, long v);
-long ASN1_INTEGER_get(ASN1_INTEGER *a);
-ASN1_INTEGER *BN_to_ASN1_INTEGER(BIGNUM *bn, ASN1_INTEGER *ai);
-BIGNUM *ASN1_INTEGER_to_BN(ASN1_INTEGER *ai,BIGNUM *bn);
+long ASN1_INTEGER_get(const ASN1_INTEGER *a);
+ASN1_INTEGER *BN_to_ASN1_INTEGER(const BIGNUM *bn, ASN1_INTEGER *ai);
+BIGNUM *ASN1_INTEGER_to_BN(const ASN1_INTEGER *ai,BIGNUM *bn);
 
 int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v);
 long ASN1_ENUMERATED_get(ASN1_ENUMERATED *a);
@@ -864,7 +927,7 @@ BIGNUM *ASN1_ENUMERATED_to_BN(ASN1_ENUMERATED *ai,BIGNUM *bn);
 
 /* General */
 /* given a string, return the correct type, max is the maximum length */
-int ASN1_PRINTABLE_type(unsigned char *s, int max);
+int ASN1_PRINTABLE_type(const unsigned char *s, int max);
 
 int i2d_ASN1_bytes(ASN1_STRING *a, unsigned char **pp, int tag, int xclass);
 ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, const unsigned char **pp,
@@ -889,14 +952,48 @@ int ASN1_put_eoc(unsigned char **pp);
 int ASN1_object_size(int constructed, int length, int tag);
 
 /* Used to implement other functions */
-char *ASN1_dup(int (*i2d)(),char *(*d2i)(),char *x);
+void *ASN1_dup(i2d_of_void *i2d, d2i_of_void *d2i, void *x);
+
+#define ASN1_dup_of(type,i2d,d2i,x) \
+    ((type*)ASN1_dup(CHECKED_I2D_OF(type, i2d), \
+		     CHECKED_D2I_OF(type, d2i), \
+		     CHECKED_PTR_OF(type, x)))
+
+#define ASN1_dup_of_const(type,i2d,d2i,x) \
+    ((type*)ASN1_dup(CHECKED_I2D_OF(const type, i2d), \
+		     CHECKED_D2I_OF(type, d2i), \
+		     CHECKED_PTR_OF(const type, x)))
 
 void *ASN1_item_dup(const ASN1_ITEM *it, void *x);
 
+/* ASN1 alloc/free macros for when a type is only used internally */
+
+#define M_ASN1_new_of(type) (type *)ASN1_item_new(ASN1_ITEM_rptr(type))
+#define M_ASN1_free_of(x, type) \
+		ASN1_item_free(CHECKED_PTR_OF(type, x), ASN1_ITEM_rptr(type))
+
 #ifndef OPENSSL_NO_FP_API
-char *ASN1_d2i_fp(char *(*xnew)(),char *(*d2i)(),FILE *fp,unsigned char **x);
+void *ASN1_d2i_fp(void *(*xnew)(void), d2i_of_void *d2i, FILE *in, void **x);
+
+#define ASN1_d2i_fp_of(type,xnew,d2i,in,x) \
+    ((type*)ASN1_d2i_fp(CHECKED_NEW_OF(type, xnew), \
+			CHECKED_D2I_OF(type, d2i), \
+			in, \
+			CHECKED_PPTR_OF(type, x)))
+
 void *ASN1_item_d2i_fp(const ASN1_ITEM *it, FILE *in, void *x);
-int ASN1_i2d_fp(int (*i2d)(),FILE *out,unsigned char *x);
+int ASN1_i2d_fp(i2d_of_void *i2d,FILE *out,void *x);
+
+#define ASN1_i2d_fp_of(type,i2d,out,x) \
+    (ASN1_i2d_fp(CHECKED_I2D_OF(type, i2d), \
+		 out, \
+		 CHECKED_PTR_OF(type, x)))
+
+#define ASN1_i2d_fp_of_const(type,i2d,out,x) \
+    (ASN1_i2d_fp(CHECKED_I2D_OF(const type, i2d), \
+		 out, \
+		 CHECKED_PTR_OF(const type, x)))
+
 int ASN1_item_i2d_fp(const ASN1_ITEM *it, FILE *out, void *x);
 int ASN1_STRING_print_ex_fp(FILE *fp, ASN1_STRING *str, unsigned long flags);
 #endif
@@ -904,33 +1001,45 @@ int ASN1_STRING_print_ex_fp(FILE *fp, ASN1_STRING *str, unsigned long flags);
 int ASN1_STRING_to_UTF8(unsigned char **out, ASN1_STRING *in);
 
 #ifndef OPENSSL_NO_BIO
-char *ASN1_d2i_bio(char *(*xnew)(),char *(*d2i)(),BIO *bp,unsigned char **x);
+void *ASN1_d2i_bio(void *(*xnew)(void), d2i_of_void *d2i, BIO *in, void **x);
+
+#define ASN1_d2i_bio_of(type,xnew,d2i,in,x) \
+    ((type*)ASN1_d2i_bio( CHECKED_NEW_OF(type, xnew), \
+			  CHECKED_D2I_OF(type, d2i), \
+			  in, \
+			  CHECKED_PPTR_OF(type, x)))
+
 void *ASN1_item_d2i_bio(const ASN1_ITEM *it, BIO *in, void *x);
-int ASN1_i2d_bio(int (*i2d)(),BIO *out,unsigned char *x);
+int ASN1_i2d_bio(i2d_of_void *i2d,BIO *out, unsigned char *x);
+
+#define ASN1_i2d_bio_of(type,i2d,out,x) \
+    (ASN1_i2d_bio(CHECKED_I2D_OF(type, i2d), \
+		  out, \
+		  CHECKED_PTR_OF(type, x)))
+
+#define ASN1_i2d_bio_of_const(type,i2d,out,x) \
+    (ASN1_i2d_bio(CHECKED_I2D_OF(const type, i2d), \
+		  out, \
+		  CHECKED_PTR_OF(const type, x)))
+
 int ASN1_item_i2d_bio(const ASN1_ITEM *it, BIO *out, void *x);
-int ASN1_UTCTIME_print(BIO *fp,ASN1_UTCTIME *a);
-int ASN1_GENERALIZEDTIME_print(BIO *fp,ASN1_GENERALIZEDTIME *a);
-int ASN1_TIME_print(BIO *fp,ASN1_TIME *a);
-int ASN1_STRING_print(BIO *bp,ASN1_STRING *v);
+int ASN1_UTCTIME_print(BIO *fp, const ASN1_UTCTIME *a);
+int ASN1_GENERALIZEDTIME_print(BIO *fp, const ASN1_GENERALIZEDTIME *a);
+int ASN1_TIME_print(BIO *fp, const ASN1_TIME *a);
+int ASN1_STRING_print(BIO *bp, const ASN1_STRING *v);
 int ASN1_STRING_print_ex(BIO *out, ASN1_STRING *str, unsigned long flags);
+int ASN1_bn_print(BIO *bp, const char *number, const BIGNUM *num,
+				unsigned char *buf, int off);
 int ASN1_parse(BIO *bp,const unsigned char *pp,long len,int indent);
 int ASN1_parse_dump(BIO *bp,const unsigned char *pp,long len,int indent,int dump);
 #endif
 const char *ASN1_tag2str(int tag);
 
-/* Used to load and write netscape format cert/key */
-int i2d_ASN1_HEADER(ASN1_HEADER *a,unsigned char **pp);
-ASN1_HEADER *d2i_ASN1_HEADER(ASN1_HEADER **a,const unsigned char **pp, long length);
-ASN1_HEADER *ASN1_HEADER_new(void );
-void ASN1_HEADER_free(ASN1_HEADER *a);
+/* Used to load and write netscape format cert */
 
-int ASN1_UNIVERSALSTRING_to_string(ASN1_UNIVERSALSTRING *s);
+DECLARE_ASN1_FUNCTIONS(NETSCAPE_X509)
 
-/* Not used that much at this point, except for the first two */
-ASN1_METHOD *X509_asn1_meth(void);
-ASN1_METHOD *RSAPrivateKey_asn1_meth(void);
-ASN1_METHOD *ASN1_IA5STRING_asn1_meth(void);
-ASN1_METHOD *ASN1_BIT_STRING_asn1_meth(void);
+int ASN1_UNIVERSALSTRING_to_string(ASN1_UNIVERSALSTRING *s);
 
 int ASN1_TYPE_set_octetstring(ASN1_TYPE *a,
 	unsigned char *data, int len);
@@ -941,13 +1050,20 @@ int ASN1_TYPE_set_int_octetstring(ASN1_TYPE *a, long num,
 int ASN1_TYPE_get_int_octetstring(ASN1_TYPE *a,long *num,
 	unsigned char *data, int max_len);
 
-STACK *ASN1_seq_unpack(const unsigned char *buf, int len, char *(*d2i)(),
-						 void (*free_func)(void *) );
-unsigned char *ASN1_seq_pack(STACK *safes, int (*i2d)(), unsigned char **buf,
-			     int *len );
-void *ASN1_unpack_string(ASN1_STRING *oct, char *(*d2i)());
+STACK_OF(OPENSSL_BLOCK) *ASN1_seq_unpack(const unsigned char *buf, int len,
+				 d2i_of_void *d2i, void (*free_func)(OPENSSL_BLOCK));
+unsigned char *ASN1_seq_pack(STACK_OF(OPENSSL_BLOCK) *safes, i2d_of_void *i2d,
+			     unsigned char **buf, int *len );
+void *ASN1_unpack_string(ASN1_STRING *oct, d2i_of_void *d2i);
 void *ASN1_item_unpack(ASN1_STRING *oct, const ASN1_ITEM *it);
-ASN1_STRING *ASN1_pack_string(void *obj, int (*i2d)(), ASN1_OCTET_STRING **oct);
+ASN1_STRING *ASN1_pack_string(void *obj, i2d_of_void *i2d,
+			      ASN1_OCTET_STRING **oct);
+
+#define ASN1_pack_string_of(type,obj,i2d,oct) \
+    (ASN1_pack_string(CHECKED_PTR_OF(type, obj), \
+		      CHECKED_I2D_OF(type, i2d), \
+		      oct))
+
 ASN1_STRING *ASN1_item_pack(void *obj, const ASN1_ITEM *it, ASN1_OCTET_STRING **oct);
 
 void ASN1_STRING_set_default_mask(unsigned long mask);
@@ -978,7 +1094,60 @@ void ASN1_add_oid_module(void);
 
 ASN1_TYPE *ASN1_generate_nconf(char *str, CONF *nconf);
 ASN1_TYPE *ASN1_generate_v3(char *str, X509V3_CTX *cnf);
-	
+
+/* ASN1 Print flags */
+
+/* Indicate missing OPTIONAL fields */
+#define ASN1_PCTX_FLAGS_SHOW_ABSENT		0x001	
+/* Mark start and end of SEQUENCE */
+#define ASN1_PCTX_FLAGS_SHOW_SEQUENCE		0x002
+/* Mark start and end of SEQUENCE/SET OF */
+#define ASN1_PCTX_FLAGS_SHOW_SSOF		0x004
+/* Show the ASN1 type of primitives */
+#define ASN1_PCTX_FLAGS_SHOW_TYPE		0x008
+/* Don't show ASN1 type of ANY */
+#define ASN1_PCTX_FLAGS_NO_ANY_TYPE		0x010
+/* Don't show ASN1 type of MSTRINGs */
+#define ASN1_PCTX_FLAGS_NO_MSTRING_TYPE		0x020
+/* Don't show field names in SEQUENCE */
+#define ASN1_PCTX_FLAGS_NO_FIELD_NAME		0x040
+/* Show structure names of each SEQUENCE field */
+#define ASN1_PCTX_FLAGS_SHOW_FIELD_STRUCT_NAME	0x080
+/* Don't show structure name even at top level */
+#define ASN1_PCTX_FLAGS_NO_STRUCT_NAME		0x100
+
+int ASN1_item_print(BIO *out, ASN1_VALUE *ifld, int indent,
+				const ASN1_ITEM *it, const ASN1_PCTX *pctx);
+ASN1_PCTX *ASN1_PCTX_new(void);
+void ASN1_PCTX_free(ASN1_PCTX *p);
+unsigned long ASN1_PCTX_get_flags(ASN1_PCTX *p);
+void ASN1_PCTX_set_flags(ASN1_PCTX *p, unsigned long flags);
+unsigned long ASN1_PCTX_get_nm_flags(ASN1_PCTX *p);
+void ASN1_PCTX_set_nm_flags(ASN1_PCTX *p, unsigned long flags);
+unsigned long ASN1_PCTX_get_cert_flags(ASN1_PCTX *p);
+void ASN1_PCTX_set_cert_flags(ASN1_PCTX *p, unsigned long flags);
+unsigned long ASN1_PCTX_get_oid_flags(ASN1_PCTX *p);
+void ASN1_PCTX_set_oid_flags(ASN1_PCTX *p, unsigned long flags);
+unsigned long ASN1_PCTX_get_str_flags(ASN1_PCTX *p);
+void ASN1_PCTX_set_str_flags(ASN1_PCTX *p, unsigned long flags);
+
+BIO_METHOD *BIO_f_asn1(void);
+
+BIO *BIO_new_NDEF(BIO *out, ASN1_VALUE *val, const ASN1_ITEM *it);
+
+int i2d_ASN1_bio_stream(BIO *out, ASN1_VALUE *val, BIO *in, int flags,
+				const ASN1_ITEM *it);
+int PEM_write_bio_ASN1_stream(BIO *out, ASN1_VALUE *val, BIO *in, int flags,
+				const char *hdr,
+				const ASN1_ITEM *it);
+int SMIME_write_ASN1(BIO *bio, ASN1_VALUE *val, BIO *data, int flags,
+				int ctype_nid, int econt_nid,
+				STACK_OF(X509_ALGOR) *mdalgs,
+				const ASN1_ITEM *it);
+ASN1_VALUE *SMIME_read_ASN1(BIO *bio, BIO **bcont, const ASN1_ITEM *it);
+int SMIME_crlf_copy(BIO *in, BIO *out, int flags);
+int SMIME_text(BIO *in, BIO *out);
+
 /* BEGIN ERROR CODES */
 /* The following lines are auto generated by the script mkerr.pl. Any changes
  * made after this point may be overwritten when the script is next run.
@@ -992,20 +1161,23 @@ void ERR_load_ASN1_strings(void);
 #define ASN1_F_A2I_ASN1_ENUMERATED			 101
 #define ASN1_F_A2I_ASN1_INTEGER				 102
 #define ASN1_F_A2I_ASN1_STRING				 103
-#define ASN1_F_APPEND_TAG				 176
+#define ASN1_F_APPEND_EXP				 176
 #define ASN1_F_ASN1_BIT_STRING_SET_BIT			 183
 #define ASN1_F_ASN1_CB					 177
 #define ASN1_F_ASN1_CHECK_TLEN				 104
 #define ASN1_F_ASN1_COLLATE_PRIMITIVE			 105
 #define ASN1_F_ASN1_COLLECT				 106
-#define ASN1_F_ASN1_D2I_BIO				 107
 #define ASN1_F_ASN1_D2I_EX_PRIMITIVE			 108
 #define ASN1_F_ASN1_D2I_FP				 109
+#define ASN1_F_ASN1_D2I_READ_BIO			 107
 #define ASN1_F_ASN1_DIGEST				 184
 #define ASN1_F_ASN1_DO_ADB				 110
 #define ASN1_F_ASN1_DUP					 111
 #define ASN1_F_ASN1_ENUMERATED_SET			 112
 #define ASN1_F_ASN1_ENUMERATED_TO_BN			 113
+#define ASN1_F_ASN1_EX_C2I				 204
+#define ASN1_F_ASN1_FIND_END				 190
+#define ASN1_F_ASN1_GENERALIZEDTIME_ADJ			 216
 #define ASN1_F_ASN1_GENERALIZEDTIME_SET			 185
 #define ASN1_F_ASN1_GENERATE_V3				 178
 #define ASN1_F_ASN1_GET_OBJECT				 114
@@ -1014,12 +1186,22 @@ void ERR_load_ASN1_strings(void);
 #define ASN1_F_ASN1_I2D_FP				 117
 #define ASN1_F_ASN1_INTEGER_SET				 118
 #define ASN1_F_ASN1_INTEGER_TO_BN			 119
+#define ASN1_F_ASN1_ITEM_D2I_FP				 206
+#define ASN1_F_ASN1_ITEM_DUP				 191
+#define ASN1_F_ASN1_ITEM_EX_COMBINE_NEW			 121
 #define ASN1_F_ASN1_ITEM_EX_D2I				 120
-#define ASN1_F_ASN1_ITEM_NEW				 121
-#define ASN1_F_ASN1_MBSTRING_COPY			 122
+#define ASN1_F_ASN1_ITEM_I2D_BIO			 192
+#define ASN1_F_ASN1_ITEM_I2D_FP				 193
+#define ASN1_F_ASN1_ITEM_PACK				 198
+#define ASN1_F_ASN1_ITEM_SIGN				 195
+#define ASN1_F_ASN1_ITEM_UNPACK				 199
+#define ASN1_F_ASN1_ITEM_VERIFY				 197
+#define ASN1_F_ASN1_MBSTRING_NCOPY			 122
 #define ASN1_F_ASN1_OBJECT_NEW				 123
+#define ASN1_F_ASN1_OUTPUT_DATA				 214
 #define ASN1_F_ASN1_PACK_STRING				 124
-#define ASN1_F_ASN1_PBE_SET				 125
+#define ASN1_F_ASN1_PCTX_NEW				 205
+#define ASN1_F_ASN1_PKCS5_PBE_SET			 125
 #define ASN1_F_ASN1_SEQ_PACK				 126
 #define ASN1_F_ASN1_SEQ_UNPACK				 127
 #define ASN1_F_ASN1_SIGN				 128
@@ -1027,18 +1209,26 @@ void ERR_load_ASN1_strings(void);
 #define ASN1_F_ASN1_STRING_SET				 186
 #define ASN1_F_ASN1_STRING_TABLE_ADD			 129
 #define ASN1_F_ASN1_STRING_TYPE_NEW			 130
-#define ASN1_F_ASN1_TEMPLATE_D2I			 131
 #define ASN1_F_ASN1_TEMPLATE_EX_D2I			 132
 #define ASN1_F_ASN1_TEMPLATE_NEW			 133
+#define ASN1_F_ASN1_TEMPLATE_NOEXP_D2I			 131
+#define ASN1_F_ASN1_TIME_ADJ				 217
 #define ASN1_F_ASN1_TIME_SET				 175
 #define ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING		 134
 #define ASN1_F_ASN1_TYPE_GET_OCTETSTRING		 135
 #define ASN1_F_ASN1_UNPACK_STRING			 136
+#define ASN1_F_ASN1_UTCTIME_ADJ				 218
 #define ASN1_F_ASN1_UTCTIME_SET				 187
 #define ASN1_F_ASN1_VERIFY				 137
+#define ASN1_F_B64_READ_ASN1				 209
+#define ASN1_F_B64_WRITE_ASN1				 210
+#define ASN1_F_BIO_NEW_NDEF				 208
 #define ASN1_F_BITSTR_CB				 180
 #define ASN1_F_BN_TO_ASN1_ENUMERATED			 138
 #define ASN1_F_BN_TO_ASN1_INTEGER			 139
+#define ASN1_F_C2I_ASN1_BIT_STRING			 189
+#define ASN1_F_C2I_ASN1_INTEGER				 194
+#define ASN1_F_C2I_ASN1_OBJECT				 196
 #define ASN1_F_COLLECT_DATA				 140
 #define ASN1_F_D2I_ASN1_BIT_STRING			 141
 #define ASN1_F_D2I_ASN1_BOOLEAN				 142
@@ -1051,40 +1241,53 @@ void ERR_load_ASN1_strings(void);
 #define ASN1_F_D2I_ASN1_TYPE_BYTES			 149
 #define ASN1_F_D2I_ASN1_UINTEGER			 150
 #define ASN1_F_D2I_ASN1_UTCTIME				 151
+#define ASN1_F_D2I_AUTOPRIVATEKEY			 207
 #define ASN1_F_D2I_NETSCAPE_RSA				 152
 #define ASN1_F_D2I_NETSCAPE_RSA_2			 153
 #define ASN1_F_D2I_PRIVATEKEY				 154
 #define ASN1_F_D2I_PUBLICKEY				 155
+#define ASN1_F_D2I_RSA_NET				 200
+#define ASN1_F_D2I_RSA_NET_2				 201
 #define ASN1_F_D2I_X509					 156
 #define ASN1_F_D2I_X509_CINF				 157
-#define ASN1_F_D2I_X509_NAME				 158
 #define ASN1_F_D2I_X509_PKEY				 159
+#define ASN1_F_I2D_ASN1_BIO_STREAM			 211
 #define ASN1_F_I2D_ASN1_SET				 188
 #define ASN1_F_I2D_ASN1_TIME				 160
 #define ASN1_F_I2D_DSA_PUBKEY				 161
 #define ASN1_F_I2D_EC_PUBKEY				 181
-#define ASN1_F_I2D_NETSCAPE_RSA				 162
 #define ASN1_F_I2D_PRIVATEKEY				 163
 #define ASN1_F_I2D_PUBLICKEY				 164
+#define ASN1_F_I2D_RSA_NET				 162
 #define ASN1_F_I2D_RSA_PUBKEY				 165
 #define ASN1_F_LONG_C2I					 166
 #define ASN1_F_OID_MODULE_INIT				 174
 #define ASN1_F_PARSE_TAGGING				 182
-#define ASN1_F_PKCS5_PBE2_SET				 167
+#define ASN1_F_PKCS5_PBE2_SET_IV			 167
+#define ASN1_F_PKCS5_PBE_SET				 202
+#define ASN1_F_PKCS5_PBE_SET0_ALGOR			 215
+#define ASN1_F_PKCS5_PBKDF2_SET				 219
+#define ASN1_F_SMIME_READ_ASN1				 212
+#define ASN1_F_SMIME_TEXT				 213
 #define ASN1_F_X509_CINF_NEW				 168
 #define ASN1_F_X509_CRL_ADD0_REVOKED			 169
 #define ASN1_F_X509_INFO_NEW				 170
-#define ASN1_F_X509_NAME_NEW				 171
+#define ASN1_F_X509_NAME_ENCODE				 203
+#define ASN1_F_X509_NAME_EX_D2I				 158
+#define ASN1_F_X509_NAME_EX_NEW				 171
 #define ASN1_F_X509_NEW					 172
 #define ASN1_F_X509_PKEY_NEW				 173
 
 /* Reason codes. */
 #define ASN1_R_ADDING_OBJECT				 171
+#define ASN1_R_ASN1_PARSE_ERROR				 203
+#define ASN1_R_ASN1_SIG_PARSE_ERROR			 204
 #define ASN1_R_AUX_ERROR				 100
 #define ASN1_R_BAD_CLASS				 101
 #define ASN1_R_BAD_OBJECT_HEADER			 102
 #define ASN1_R_BAD_PASSWORD_READ			 103
 #define ASN1_R_BAD_TAG					 104
+#define ASN1_R_BMPSTRING_IS_WRONG_LENGTH		 214
 #define ASN1_R_BN_LIB					 105
 #define ASN1_R_BOOLEAN_IS_WRONG_LENGTH			 106
 #define ASN1_R_BUFFER_TOO_SMALL				 107
@@ -1093,6 +1296,7 @@ void ERR_load_ASN1_strings(void);
 #define ASN1_R_DECODE_ERROR				 110
 #define ASN1_R_DECODING_ERROR				 111
 #define ASN1_R_DEPTH_EXCEEDED				 174
+#define ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED	 198
 #define ASN1_R_ENCODE_ERROR				 112
 #define ASN1_R_ERROR_GETTING_TIME			 173
 #define ASN1_R_ERROR_LOADING_SECTION			 172
@@ -1126,8 +1330,10 @@ void ERR_load_ASN1_strings(void);
 #define ASN1_R_INTEGER_TOO_LARGE_FOR_LONG		 128
 #define ASN1_R_INVALID_BMPSTRING_LENGTH			 129
 #define ASN1_R_INVALID_DIGIT				 130
+#define ASN1_R_INVALID_MIME_TYPE			 205
 #define ASN1_R_INVALID_MODIFIER				 186
 #define ASN1_R_INVALID_NUMBER				 187
+#define ASN1_R_INVALID_OBJECT_ENCODING			 216
 #define ASN1_R_INVALID_SEPARATOR			 131
 #define ASN1_R_INVALID_TIME_FORMAT			 132
 #define ASN1_R_INVALID_UNIVERSALSTRING_LENGTH		 133
@@ -1135,15 +1341,24 @@ void ERR_load_ASN1_strings(void);
 #define ASN1_R_IV_TOO_LARGE				 135
 #define ASN1_R_LENGTH_ERROR				 136
 #define ASN1_R_LIST_ERROR				 188
+#define ASN1_R_MIME_NO_CONTENT_TYPE			 206
+#define ASN1_R_MIME_PARSE_ERROR				 207
+#define ASN1_R_MIME_SIG_PARSE_ERROR			 208
 #define ASN1_R_MISSING_EOC				 137
 #define ASN1_R_MISSING_SECOND_NUMBER			 138
 #define ASN1_R_MISSING_VALUE				 189
 #define ASN1_R_MSTRING_NOT_UNIVERSAL			 139
 #define ASN1_R_MSTRING_WRONG_TAG			 140
+#define ASN1_R_NESTED_ASN1_STRING			 197
 #define ASN1_R_NON_HEX_CHARACTERS			 141
 #define ASN1_R_NOT_ASCII_FORMAT				 190
 #define ASN1_R_NOT_ENOUGH_DATA				 142
+#define ASN1_R_NO_CONTENT_TYPE				 209
+#define ASN1_R_NO_DEFAULT_DIGEST			 201
 #define ASN1_R_NO_MATCHING_CHOICE_TYPE			 143
+#define ASN1_R_NO_MULTIPART_BODY_FAILURE		 210
+#define ASN1_R_NO_MULTIPART_BOUNDARY			 211
+#define ASN1_R_NO_SIG_CONTENT_TYPE			 212
 #define ASN1_R_NULL_IS_WRONG_LENGTH			 144
 #define ASN1_R_OBJECT_NOT_ASCII_FORMAT			 191
 #define ASN1_R_ODD_NUMBER_OF_CHARS			 145
@@ -1153,6 +1368,8 @@ void ERR_load_ASN1_strings(void);
 #define ASN1_R_SEQUENCE_NOT_CONSTRUCTED			 149
 #define ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG		 192
 #define ASN1_R_SHORT_LINE				 150
+#define ASN1_R_SIG_INVALID_MIME_TYPE			 213
+#define ASN1_R_STREAMING_NOT_SUPPORTED			 202
 #define ASN1_R_STRING_TOO_LONG				 151
 #define ASN1_R_STRING_TOO_SHORT				 152
 #define ASN1_R_TAG_VALUE_TOO_HIGH			 153
@@ -1163,10 +1380,12 @@ void ERR_load_ASN1_strings(void);
 #define ASN1_R_UNABLE_TO_DECODE_RSA_KEY			 157
 #define ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY		 158
 #define ASN1_R_UNEXPECTED_EOC				 159
+#define ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH		 215
 #define ASN1_R_UNKNOWN_FORMAT				 160
 #define ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM		 161
 #define ASN1_R_UNKNOWN_OBJECT_TYPE			 162
 #define ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE			 163
+#define ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM		 199
 #define ASN1_R_UNKNOWN_TAG				 194
 #define ASN1_R_UNKOWN_FORMAT				 195
 #define ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE		 164
@@ -1174,6 +1393,7 @@ void ERR_load_ASN1_strings(void);
 #define ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM		 166
 #define ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE		 167
 #define ASN1_R_UNSUPPORTED_TYPE				 196
+#define ASN1_R_WRONG_PUBLIC_KEY_TYPE			 200
 #define ASN1_R_WRONG_TAG				 168
 #define ASN1_R_WRONG_TYPE				 169
 
diff --git a/crypto/asn1/asn1_err.c b/crypto/asn1/asn1_err.c
index daffbf2140..570ec38f7a 100644
--- a/crypto/asn1/asn1_err.c
+++ b/crypto/asn1/asn1_err.c
@@ -1,6 +1,6 @@
 /* crypto/asn1/asn1_err.c */
 /* ====================================================================
- * Copyright (c) 1999-2004 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2009 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -64,199 +64,254 @@
 
 /* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
+
+#define ERR_FUNC(func) ERR_PACK(ERR_LIB_ASN1,func,0)
+#define ERR_REASON(reason) ERR_PACK(ERR_LIB_ASN1,0,reason)
+
 static ERR_STRING_DATA ASN1_str_functs[]=
 	{
-{ERR_PACK(0,ASN1_F_A2D_ASN1_OBJECT,0),	"a2d_ASN1_OBJECT"},
-{ERR_PACK(0,ASN1_F_A2I_ASN1_ENUMERATED,0),	"a2i_ASN1_ENUMERATED"},
-{ERR_PACK(0,ASN1_F_A2I_ASN1_INTEGER,0),	"a2i_ASN1_INTEGER"},
-{ERR_PACK(0,ASN1_F_A2I_ASN1_STRING,0),	"a2i_ASN1_STRING"},
-{ERR_PACK(0,ASN1_F_APPEND_TAG,0),	"APPEND_TAG"},
-{ERR_PACK(0,ASN1_F_ASN1_BIT_STRING_SET_BIT,0),	"ASN1_BIT_STRING_set_bit"},
-{ERR_PACK(0,ASN1_F_ASN1_CB,0),	"ASN1_CB"},
-{ERR_PACK(0,ASN1_F_ASN1_CHECK_TLEN,0),	"ASN1_CHECK_TLEN"},
-{ERR_PACK(0,ASN1_F_ASN1_COLLATE_PRIMITIVE,0),	"ASN1_COLLATE_PRIMITIVE"},
-{ERR_PACK(0,ASN1_F_ASN1_COLLECT,0),	"ASN1_COLLECT"},
-{ERR_PACK(0,ASN1_F_ASN1_D2I_BIO,0),	"ASN1_d2i_bio"},
-{ERR_PACK(0,ASN1_F_ASN1_D2I_EX_PRIMITIVE,0),	"ASN1_D2I_EX_PRIMITIVE"},
-{ERR_PACK(0,ASN1_F_ASN1_D2I_FP,0),	"ASN1_d2i_fp"},
-{ERR_PACK(0,ASN1_F_ASN1_DIGEST,0),	"ASN1_digest"},
-{ERR_PACK(0,ASN1_F_ASN1_DO_ADB,0),	"ASN1_DO_ADB"},
-{ERR_PACK(0,ASN1_F_ASN1_DUP,0),	"ASN1_dup"},
-{ERR_PACK(0,ASN1_F_ASN1_ENUMERATED_SET,0),	"ASN1_ENUMERATED_set"},
-{ERR_PACK(0,ASN1_F_ASN1_ENUMERATED_TO_BN,0),	"ASN1_ENUMERATED_to_BN"},
-{ERR_PACK(0,ASN1_F_ASN1_GENERALIZEDTIME_SET,0),	"ASN1_GENERALIZEDTIME_set"},
-{ERR_PACK(0,ASN1_F_ASN1_GENERATE_V3,0),	"ASN1_generate_v3"},
-{ERR_PACK(0,ASN1_F_ASN1_GET_OBJECT,0),	"ASN1_get_object"},
-{ERR_PACK(0,ASN1_F_ASN1_HEADER_NEW,0),	"ASN1_HEADER_new"},
-{ERR_PACK(0,ASN1_F_ASN1_I2D_BIO,0),	"ASN1_i2d_bio"},
-{ERR_PACK(0,ASN1_F_ASN1_I2D_FP,0),	"ASN1_i2d_fp"},
-{ERR_PACK(0,ASN1_F_ASN1_INTEGER_SET,0),	"ASN1_INTEGER_set"},
-{ERR_PACK(0,ASN1_F_ASN1_INTEGER_TO_BN,0),	"ASN1_INTEGER_to_BN"},
-{ERR_PACK(0,ASN1_F_ASN1_ITEM_EX_D2I,0),	"ASN1_ITEM_EX_D2I"},
-{ERR_PACK(0,ASN1_F_ASN1_ITEM_NEW,0),	"ASN1_item_new"},
-{ERR_PACK(0,ASN1_F_ASN1_MBSTRING_COPY,0),	"ASN1_mbstring_copy"},
-{ERR_PACK(0,ASN1_F_ASN1_OBJECT_NEW,0),	"ASN1_OBJECT_new"},
-{ERR_PACK(0,ASN1_F_ASN1_PACK_STRING,0),	"ASN1_pack_string"},
-{ERR_PACK(0,ASN1_F_ASN1_PBE_SET,0),	"ASN1_PBE_SET"},
-{ERR_PACK(0,ASN1_F_ASN1_SEQ_PACK,0),	"ASN1_seq_pack"},
-{ERR_PACK(0,ASN1_F_ASN1_SEQ_UNPACK,0),	"ASN1_seq_unpack"},
-{ERR_PACK(0,ASN1_F_ASN1_SIGN,0),	"ASN1_sign"},
-{ERR_PACK(0,ASN1_F_ASN1_STR2TYPE,0),	"ASN1_STR2TYPE"},
-{ERR_PACK(0,ASN1_F_ASN1_STRING_SET,0),	"ASN1_STRING_set"},
-{ERR_PACK(0,ASN1_F_ASN1_STRING_TABLE_ADD,0),	"ASN1_STRING_TABLE_add"},
-{ERR_PACK(0,ASN1_F_ASN1_STRING_TYPE_NEW,0),	"ASN1_STRING_type_new"},
-{ERR_PACK(0,ASN1_F_ASN1_TEMPLATE_D2I,0),	"ASN1_TEMPLATE_D2I"},
-{ERR_PACK(0,ASN1_F_ASN1_TEMPLATE_EX_D2I,0),	"ASN1_TEMPLATE_EX_D2I"},
-{ERR_PACK(0,ASN1_F_ASN1_TEMPLATE_NEW,0),	"ASN1_TEMPLATE_NEW"},
-{ERR_PACK(0,ASN1_F_ASN1_TIME_SET,0),	"ASN1_TIME_set"},
-{ERR_PACK(0,ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING,0),	"ASN1_TYPE_get_int_octetstring"},
-{ERR_PACK(0,ASN1_F_ASN1_TYPE_GET_OCTETSTRING,0),	"ASN1_TYPE_get_octetstring"},
-{ERR_PACK(0,ASN1_F_ASN1_UNPACK_STRING,0),	"ASN1_unpack_string"},
-{ERR_PACK(0,ASN1_F_ASN1_UTCTIME_SET,0),	"ASN1_UTCTIME_set"},
-{ERR_PACK(0,ASN1_F_ASN1_VERIFY,0),	"ASN1_verify"},
-{ERR_PACK(0,ASN1_F_BITSTR_CB,0),	"BITSTR_CB"},
-{ERR_PACK(0,ASN1_F_BN_TO_ASN1_ENUMERATED,0),	"BN_to_ASN1_ENUMERATED"},
-{ERR_PACK(0,ASN1_F_BN_TO_ASN1_INTEGER,0),	"BN_to_ASN1_INTEGER"},
-{ERR_PACK(0,ASN1_F_COLLECT_DATA,0),	"COLLECT_DATA"},
-{ERR_PACK(0,ASN1_F_D2I_ASN1_BIT_STRING,0),	"D2I_ASN1_BIT_STRING"},
-{ERR_PACK(0,ASN1_F_D2I_ASN1_BOOLEAN,0),	"d2i_ASN1_BOOLEAN"},
-{ERR_PACK(0,ASN1_F_D2I_ASN1_BYTES,0),	"d2i_ASN1_bytes"},
-{ERR_PACK(0,ASN1_F_D2I_ASN1_GENERALIZEDTIME,0),	"D2I_ASN1_GENERALIZEDTIME"},
-{ERR_PACK(0,ASN1_F_D2I_ASN1_HEADER,0),	"d2i_ASN1_HEADER"},
-{ERR_PACK(0,ASN1_F_D2I_ASN1_INTEGER,0),	"D2I_ASN1_INTEGER"},
-{ERR_PACK(0,ASN1_F_D2I_ASN1_OBJECT,0),	"d2i_ASN1_OBJECT"},
-{ERR_PACK(0,ASN1_F_D2I_ASN1_SET,0),	"d2i_ASN1_SET"},
-{ERR_PACK(0,ASN1_F_D2I_ASN1_TYPE_BYTES,0),	"d2i_ASN1_type_bytes"},
-{ERR_PACK(0,ASN1_F_D2I_ASN1_UINTEGER,0),	"d2i_ASN1_UINTEGER"},
-{ERR_PACK(0,ASN1_F_D2I_ASN1_UTCTIME,0),	"D2I_ASN1_UTCTIME"},
-{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_RSA,0),	"d2i_Netscape_RSA"},
-{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_RSA_2,0),	"D2I_NETSCAPE_RSA_2"},
-{ERR_PACK(0,ASN1_F_D2I_PRIVATEKEY,0),	"d2i_PrivateKey"},
-{ERR_PACK(0,ASN1_F_D2I_PUBLICKEY,0),	"d2i_PublicKey"},
-{ERR_PACK(0,ASN1_F_D2I_X509,0),	"D2I_X509"},
-{ERR_PACK(0,ASN1_F_D2I_X509_CINF,0),	"D2I_X509_CINF"},
-{ERR_PACK(0,ASN1_F_D2I_X509_NAME,0),	"D2I_X509_NAME"},
-{ERR_PACK(0,ASN1_F_D2I_X509_PKEY,0),	"d2i_X509_PKEY"},
-{ERR_PACK(0,ASN1_F_I2D_ASN1_SET,0),	"i2d_ASN1_SET"},
-{ERR_PACK(0,ASN1_F_I2D_ASN1_TIME,0),	"I2D_ASN1_TIME"},
-{ERR_PACK(0,ASN1_F_I2D_DSA_PUBKEY,0),	"i2d_DSA_PUBKEY"},
-{ERR_PACK(0,ASN1_F_I2D_EC_PUBKEY,0),	"i2d_EC_PUBKEY"},
-{ERR_PACK(0,ASN1_F_I2D_NETSCAPE_RSA,0),	"i2d_Netscape_RSA"},
-{ERR_PACK(0,ASN1_F_I2D_PRIVATEKEY,0),	"i2d_PrivateKey"},
-{ERR_PACK(0,ASN1_F_I2D_PUBLICKEY,0),	"i2d_PublicKey"},
-{ERR_PACK(0,ASN1_F_I2D_RSA_PUBKEY,0),	"i2d_RSA_PUBKEY"},
-{ERR_PACK(0,ASN1_F_LONG_C2I,0),	"LONG_C2I"},
-{ERR_PACK(0,ASN1_F_OID_MODULE_INIT,0),	"OID_MODULE_INIT"},
-{ERR_PACK(0,ASN1_F_PARSE_TAGGING,0),	"PARSE_TAGGING"},
-{ERR_PACK(0,ASN1_F_PKCS5_PBE2_SET,0),	"PKCS5_pbe2_set"},
-{ERR_PACK(0,ASN1_F_X509_CINF_NEW,0),	"X509_CINF_NEW"},
-{ERR_PACK(0,ASN1_F_X509_CRL_ADD0_REVOKED,0),	"X509_CRL_add0_revoked"},
-{ERR_PACK(0,ASN1_F_X509_INFO_NEW,0),	"X509_INFO_new"},
-{ERR_PACK(0,ASN1_F_X509_NAME_NEW,0),	"X509_NAME_NEW"},
-{ERR_PACK(0,ASN1_F_X509_NEW,0),	"X509_NEW"},
-{ERR_PACK(0,ASN1_F_X509_PKEY_NEW,0),	"X509_PKEY_new"},
+{ERR_FUNC(ASN1_F_A2D_ASN1_OBJECT),	"a2d_ASN1_OBJECT"},
+{ERR_FUNC(ASN1_F_A2I_ASN1_ENUMERATED),	"a2i_ASN1_ENUMERATED"},
+{ERR_FUNC(ASN1_F_A2I_ASN1_INTEGER),	"a2i_ASN1_INTEGER"},
+{ERR_FUNC(ASN1_F_A2I_ASN1_STRING),	"a2i_ASN1_STRING"},
+{ERR_FUNC(ASN1_F_APPEND_EXP),	"APPEND_EXP"},
+{ERR_FUNC(ASN1_F_ASN1_BIT_STRING_SET_BIT),	"ASN1_BIT_STRING_set_bit"},
+{ERR_FUNC(ASN1_F_ASN1_CB),	"ASN1_CB"},
+{ERR_FUNC(ASN1_F_ASN1_CHECK_TLEN),	"ASN1_CHECK_TLEN"},
+{ERR_FUNC(ASN1_F_ASN1_COLLATE_PRIMITIVE),	"ASN1_COLLATE_PRIMITIVE"},
+{ERR_FUNC(ASN1_F_ASN1_COLLECT),	"ASN1_COLLECT"},
+{ERR_FUNC(ASN1_F_ASN1_D2I_EX_PRIMITIVE),	"ASN1_D2I_EX_PRIMITIVE"},
+{ERR_FUNC(ASN1_F_ASN1_D2I_FP),	"ASN1_d2i_fp"},
+{ERR_FUNC(ASN1_F_ASN1_D2I_READ_BIO),	"ASN1_D2I_READ_BIO"},
+{ERR_FUNC(ASN1_F_ASN1_DIGEST),	"ASN1_digest"},
+{ERR_FUNC(ASN1_F_ASN1_DO_ADB),	"ASN1_DO_ADB"},
+{ERR_FUNC(ASN1_F_ASN1_DUP),	"ASN1_dup"},
+{ERR_FUNC(ASN1_F_ASN1_ENUMERATED_SET),	"ASN1_ENUMERATED_set"},
+{ERR_FUNC(ASN1_F_ASN1_ENUMERATED_TO_BN),	"ASN1_ENUMERATED_to_BN"},
+{ERR_FUNC(ASN1_F_ASN1_EX_C2I),	"ASN1_EX_C2I"},
+{ERR_FUNC(ASN1_F_ASN1_FIND_END),	"ASN1_FIND_END"},
+{ERR_FUNC(ASN1_F_ASN1_GENERALIZEDTIME_ADJ),	"ASN1_GENERALIZEDTIME_adj"},
+{ERR_FUNC(ASN1_F_ASN1_GENERALIZEDTIME_SET),	"ASN1_GENERALIZEDTIME_set"},
+{ERR_FUNC(ASN1_F_ASN1_GENERATE_V3),	"ASN1_generate_v3"},
+{ERR_FUNC(ASN1_F_ASN1_GET_OBJECT),	"ASN1_get_object"},
+{ERR_FUNC(ASN1_F_ASN1_HEADER_NEW),	"ASN1_HEADER_NEW"},
+{ERR_FUNC(ASN1_F_ASN1_I2D_BIO),	"ASN1_i2d_bio"},
+{ERR_FUNC(ASN1_F_ASN1_I2D_FP),	"ASN1_i2d_fp"},
+{ERR_FUNC(ASN1_F_ASN1_INTEGER_SET),	"ASN1_INTEGER_set"},
+{ERR_FUNC(ASN1_F_ASN1_INTEGER_TO_BN),	"ASN1_INTEGER_to_BN"},
+{ERR_FUNC(ASN1_F_ASN1_ITEM_D2I_FP),	"ASN1_item_d2i_fp"},
+{ERR_FUNC(ASN1_F_ASN1_ITEM_DUP),	"ASN1_item_dup"},
+{ERR_FUNC(ASN1_F_ASN1_ITEM_EX_COMBINE_NEW),	"ASN1_ITEM_EX_COMBINE_NEW"},
+{ERR_FUNC(ASN1_F_ASN1_ITEM_EX_D2I),	"ASN1_ITEM_EX_D2I"},
+{ERR_FUNC(ASN1_F_ASN1_ITEM_I2D_BIO),	"ASN1_item_i2d_bio"},
+{ERR_FUNC(ASN1_F_ASN1_ITEM_I2D_FP),	"ASN1_item_i2d_fp"},
+{ERR_FUNC(ASN1_F_ASN1_ITEM_PACK),	"ASN1_item_pack"},
+{ERR_FUNC(ASN1_F_ASN1_ITEM_SIGN),	"ASN1_item_sign"},
+{ERR_FUNC(ASN1_F_ASN1_ITEM_UNPACK),	"ASN1_item_unpack"},
+{ERR_FUNC(ASN1_F_ASN1_ITEM_VERIFY),	"ASN1_item_verify"},
+{ERR_FUNC(ASN1_F_ASN1_MBSTRING_NCOPY),	"ASN1_mbstring_ncopy"},
+{ERR_FUNC(ASN1_F_ASN1_OBJECT_NEW),	"ASN1_OBJECT_new"},
+{ERR_FUNC(ASN1_F_ASN1_OUTPUT_DATA),	"ASN1_OUTPUT_DATA"},
+{ERR_FUNC(ASN1_F_ASN1_PACK_STRING),	"ASN1_pack_string"},
+{ERR_FUNC(ASN1_F_ASN1_PCTX_NEW),	"ASN1_PCTX_new"},
+{ERR_FUNC(ASN1_F_ASN1_PKCS5_PBE_SET),	"ASN1_PKCS5_PBE_SET"},
+{ERR_FUNC(ASN1_F_ASN1_SEQ_PACK),	"ASN1_seq_pack"},
+{ERR_FUNC(ASN1_F_ASN1_SEQ_UNPACK),	"ASN1_seq_unpack"},
+{ERR_FUNC(ASN1_F_ASN1_SIGN),	"ASN1_sign"},
+{ERR_FUNC(ASN1_F_ASN1_STR2TYPE),	"ASN1_STR2TYPE"},
+{ERR_FUNC(ASN1_F_ASN1_STRING_SET),	"ASN1_STRING_set"},
+{ERR_FUNC(ASN1_F_ASN1_STRING_TABLE_ADD),	"ASN1_STRING_TABLE_add"},
+{ERR_FUNC(ASN1_F_ASN1_STRING_TYPE_NEW),	"ASN1_STRING_type_new"},
+{ERR_FUNC(ASN1_F_ASN1_TEMPLATE_EX_D2I),	"ASN1_TEMPLATE_EX_D2I"},
+{ERR_FUNC(ASN1_F_ASN1_TEMPLATE_NEW),	"ASN1_TEMPLATE_NEW"},
+{ERR_FUNC(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I),	"ASN1_TEMPLATE_NOEXP_D2I"},
+{ERR_FUNC(ASN1_F_ASN1_TIME_ADJ),	"ASN1_TIME_adj"},
+{ERR_FUNC(ASN1_F_ASN1_TIME_SET),	"ASN1_TIME_set"},
+{ERR_FUNC(ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING),	"ASN1_TYPE_get_int_octetstring"},
+{ERR_FUNC(ASN1_F_ASN1_TYPE_GET_OCTETSTRING),	"ASN1_TYPE_get_octetstring"},
+{ERR_FUNC(ASN1_F_ASN1_UNPACK_STRING),	"ASN1_unpack_string"},
+{ERR_FUNC(ASN1_F_ASN1_UTCTIME_ADJ),	"ASN1_UTCTIME_adj"},
+{ERR_FUNC(ASN1_F_ASN1_UTCTIME_SET),	"ASN1_UTCTIME_set"},
+{ERR_FUNC(ASN1_F_ASN1_VERIFY),	"ASN1_verify"},
+{ERR_FUNC(ASN1_F_B64_READ_ASN1),	"B64_READ_ASN1"},
+{ERR_FUNC(ASN1_F_B64_WRITE_ASN1),	"B64_WRITE_ASN1"},
+{ERR_FUNC(ASN1_F_BIO_NEW_NDEF),	"BIO_new_NDEF"},
+{ERR_FUNC(ASN1_F_BITSTR_CB),	"BITSTR_CB"},
+{ERR_FUNC(ASN1_F_BN_TO_ASN1_ENUMERATED),	"BN_to_ASN1_ENUMERATED"},
+{ERR_FUNC(ASN1_F_BN_TO_ASN1_INTEGER),	"BN_to_ASN1_INTEGER"},
+{ERR_FUNC(ASN1_F_C2I_ASN1_BIT_STRING),	"c2i_ASN1_BIT_STRING"},
+{ERR_FUNC(ASN1_F_C2I_ASN1_INTEGER),	"c2i_ASN1_INTEGER"},
+{ERR_FUNC(ASN1_F_C2I_ASN1_OBJECT),	"c2i_ASN1_OBJECT"},
+{ERR_FUNC(ASN1_F_COLLECT_DATA),	"COLLECT_DATA"},
+{ERR_FUNC(ASN1_F_D2I_ASN1_BIT_STRING),	"D2I_ASN1_BIT_STRING"},
+{ERR_FUNC(ASN1_F_D2I_ASN1_BOOLEAN),	"d2i_ASN1_BOOLEAN"},
+{ERR_FUNC(ASN1_F_D2I_ASN1_BYTES),	"d2i_ASN1_bytes"},
+{ERR_FUNC(ASN1_F_D2I_ASN1_GENERALIZEDTIME),	"D2I_ASN1_GENERALIZEDTIME"},
+{ERR_FUNC(ASN1_F_D2I_ASN1_HEADER),	"D2I_ASN1_HEADER"},
+{ERR_FUNC(ASN1_F_D2I_ASN1_INTEGER),	"D2I_ASN1_INTEGER"},
+{ERR_FUNC(ASN1_F_D2I_ASN1_OBJECT),	"d2i_ASN1_OBJECT"},
+{ERR_FUNC(ASN1_F_D2I_ASN1_SET),	"d2i_ASN1_SET"},
+{ERR_FUNC(ASN1_F_D2I_ASN1_TYPE_BYTES),	"d2i_ASN1_type_bytes"},
+{ERR_FUNC(ASN1_F_D2I_ASN1_UINTEGER),	"d2i_ASN1_UINTEGER"},
+{ERR_FUNC(ASN1_F_D2I_ASN1_UTCTIME),	"D2I_ASN1_UTCTIME"},
+{ERR_FUNC(ASN1_F_D2I_AUTOPRIVATEKEY),	"d2i_AutoPrivateKey"},
+{ERR_FUNC(ASN1_F_D2I_NETSCAPE_RSA),	"d2i_Netscape_RSA"},
+{ERR_FUNC(ASN1_F_D2I_NETSCAPE_RSA_2),	"D2I_NETSCAPE_RSA_2"},
+{ERR_FUNC(ASN1_F_D2I_PRIVATEKEY),	"d2i_PrivateKey"},
+{ERR_FUNC(ASN1_F_D2I_PUBLICKEY),	"d2i_PublicKey"},
+{ERR_FUNC(ASN1_F_D2I_RSA_NET),	"d2i_RSA_NET"},
+{ERR_FUNC(ASN1_F_D2I_RSA_NET_2),	"D2I_RSA_NET_2"},
+{ERR_FUNC(ASN1_F_D2I_X509),	"D2I_X509"},
+{ERR_FUNC(ASN1_F_D2I_X509_CINF),	"D2I_X509_CINF"},
+{ERR_FUNC(ASN1_F_D2I_X509_PKEY),	"d2i_X509_PKEY"},
+{ERR_FUNC(ASN1_F_I2D_ASN1_BIO_STREAM),	"i2d_ASN1_bio_stream"},
+{ERR_FUNC(ASN1_F_I2D_ASN1_SET),	"i2d_ASN1_SET"},
+{ERR_FUNC(ASN1_F_I2D_ASN1_TIME),	"I2D_ASN1_TIME"},
+{ERR_FUNC(ASN1_F_I2D_DSA_PUBKEY),	"i2d_DSA_PUBKEY"},
+{ERR_FUNC(ASN1_F_I2D_EC_PUBKEY),	"i2d_EC_PUBKEY"},
+{ERR_FUNC(ASN1_F_I2D_PRIVATEKEY),	"i2d_PrivateKey"},
+{ERR_FUNC(ASN1_F_I2D_PUBLICKEY),	"i2d_PublicKey"},
+{ERR_FUNC(ASN1_F_I2D_RSA_NET),	"i2d_RSA_NET"},
+{ERR_FUNC(ASN1_F_I2D_RSA_PUBKEY),	"i2d_RSA_PUBKEY"},
+{ERR_FUNC(ASN1_F_LONG_C2I),	"LONG_C2I"},
+{ERR_FUNC(ASN1_F_OID_MODULE_INIT),	"OID_MODULE_INIT"},
+{ERR_FUNC(ASN1_F_PARSE_TAGGING),	"PARSE_TAGGING"},
+{ERR_FUNC(ASN1_F_PKCS5_PBE2_SET_IV),	"PKCS5_pbe2_set_iv"},
+{ERR_FUNC(ASN1_F_PKCS5_PBE_SET),	"PKCS5_pbe_set"},
+{ERR_FUNC(ASN1_F_PKCS5_PBE_SET0_ALGOR),	"PKCS5_pbe_set0_algor"},
+{ERR_FUNC(ASN1_F_PKCS5_PBKDF2_SET),	"PKCS5_pbkdf2_set"},
+{ERR_FUNC(ASN1_F_SMIME_READ_ASN1),	"SMIME_read_ASN1"},
+{ERR_FUNC(ASN1_F_SMIME_TEXT),	"SMIME_text"},
+{ERR_FUNC(ASN1_F_X509_CINF_NEW),	"X509_CINF_NEW"},
+{ERR_FUNC(ASN1_F_X509_CRL_ADD0_REVOKED),	"X509_CRL_add0_revoked"},
+{ERR_FUNC(ASN1_F_X509_INFO_NEW),	"X509_INFO_new"},
+{ERR_FUNC(ASN1_F_X509_NAME_ENCODE),	"X509_NAME_ENCODE"},
+{ERR_FUNC(ASN1_F_X509_NAME_EX_D2I),	"X509_NAME_EX_D2I"},
+{ERR_FUNC(ASN1_F_X509_NAME_EX_NEW),	"X509_NAME_EX_NEW"},
+{ERR_FUNC(ASN1_F_X509_NEW),	"X509_NEW"},
+{ERR_FUNC(ASN1_F_X509_PKEY_NEW),	"X509_PKEY_new"},
 {0,NULL}
 	};
 
 static ERR_STRING_DATA ASN1_str_reasons[]=
 	{
-{ASN1_R_ADDING_OBJECT                    ,"adding object"},
-{ASN1_R_AUX_ERROR                        ,"aux error"},
-{ASN1_R_BAD_CLASS                        ,"bad class"},
-{ASN1_R_BAD_OBJECT_HEADER                ,"bad object header"},
-{ASN1_R_BAD_PASSWORD_READ                ,"bad password read"},
-{ASN1_R_BAD_TAG                          ,"bad tag"},
-{ASN1_R_BN_LIB                           ,"bn lib"},
-{ASN1_R_BOOLEAN_IS_WRONG_LENGTH          ,"boolean is wrong length"},
-{ASN1_R_BUFFER_TOO_SMALL                 ,"buffer too small"},
-{ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER  ,"cipher has no object identifier"},
-{ASN1_R_DATA_IS_WRONG                    ,"data is wrong"},
-{ASN1_R_DECODE_ERROR                     ,"decode error"},
-{ASN1_R_DECODING_ERROR                   ,"decoding error"},
-{ASN1_R_DEPTH_EXCEEDED                   ,"depth exceeded"},
-{ASN1_R_ENCODE_ERROR                     ,"encode error"},
-{ASN1_R_ERROR_GETTING_TIME               ,"error getting time"},
-{ASN1_R_ERROR_LOADING_SECTION            ,"error loading section"},
-{ASN1_R_ERROR_PARSING_SET_ELEMENT        ,"error parsing set element"},
-{ASN1_R_ERROR_SETTING_CIPHER_PARAMS      ,"error setting cipher params"},
-{ASN1_R_EXPECTING_AN_INTEGER             ,"expecting an integer"},
-{ASN1_R_EXPECTING_AN_OBJECT              ,"expecting an object"},
-{ASN1_R_EXPECTING_A_BOOLEAN              ,"expecting a boolean"},
-{ASN1_R_EXPECTING_A_TIME                 ,"expecting a time"},
-{ASN1_R_EXPLICIT_LENGTH_MISMATCH         ,"explicit length mismatch"},
-{ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED     ,"explicit tag not constructed"},
-{ASN1_R_FIELD_MISSING                    ,"field missing"},
-{ASN1_R_FIRST_NUM_TOO_LARGE              ,"first num too large"},
-{ASN1_R_HEADER_TOO_LONG                  ,"header too long"},
-{ASN1_R_ILLEGAL_BITSTRING_FORMAT         ,"illegal bitstring format"},
-{ASN1_R_ILLEGAL_BOOLEAN                  ,"illegal boolean"},
-{ASN1_R_ILLEGAL_CHARACTERS               ,"illegal characters"},
-{ASN1_R_ILLEGAL_FORMAT                   ,"illegal format"},
-{ASN1_R_ILLEGAL_HEX                      ,"illegal hex"},
-{ASN1_R_ILLEGAL_IMPLICIT_TAG             ,"illegal implicit tag"},
-{ASN1_R_ILLEGAL_INTEGER                  ,"illegal integer"},
-{ASN1_R_ILLEGAL_NESTED_TAGGING           ,"illegal nested tagging"},
-{ASN1_R_ILLEGAL_NULL                     ,"illegal null"},
-{ASN1_R_ILLEGAL_NULL_VALUE               ,"illegal null value"},
-{ASN1_R_ILLEGAL_OBJECT                   ,"illegal object"},
-{ASN1_R_ILLEGAL_OPTIONAL_ANY             ,"illegal optional any"},
-{ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE ,"illegal options on item template"},
-{ASN1_R_ILLEGAL_TAGGED_ANY               ,"illegal tagged any"},
-{ASN1_R_ILLEGAL_TIME_VALUE               ,"illegal time value"},
-{ASN1_R_INTEGER_NOT_ASCII_FORMAT         ,"integer not ascii format"},
-{ASN1_R_INTEGER_TOO_LARGE_FOR_LONG       ,"integer too large for long"},
-{ASN1_R_INVALID_BMPSTRING_LENGTH         ,"invalid bmpstring length"},
-{ASN1_R_INVALID_DIGIT                    ,"invalid digit"},
-{ASN1_R_INVALID_MODIFIER                 ,"invalid modifier"},
-{ASN1_R_INVALID_NUMBER                   ,"invalid number"},
-{ASN1_R_INVALID_SEPARATOR                ,"invalid separator"},
-{ASN1_R_INVALID_TIME_FORMAT              ,"invalid time format"},
-{ASN1_R_INVALID_UNIVERSALSTRING_LENGTH   ,"invalid universalstring length"},
-{ASN1_R_INVALID_UTF8STRING               ,"invalid utf8string"},
-{ASN1_R_IV_TOO_LARGE                     ,"iv too large"},
-{ASN1_R_LENGTH_ERROR                     ,"length error"},
-{ASN1_R_LIST_ERROR                       ,"list error"},
-{ASN1_R_MISSING_EOC                      ,"missing eoc"},
-{ASN1_R_MISSING_SECOND_NUMBER            ,"missing second number"},
-{ASN1_R_MISSING_VALUE                    ,"missing value"},
-{ASN1_R_MSTRING_NOT_UNIVERSAL            ,"mstring not universal"},
-{ASN1_R_MSTRING_WRONG_TAG                ,"mstring wrong tag"},
-{ASN1_R_NON_HEX_CHARACTERS               ,"non hex characters"},
-{ASN1_R_NOT_ASCII_FORMAT                 ,"not ascii format"},
-{ASN1_R_NOT_ENOUGH_DATA                  ,"not enough data"},
-{ASN1_R_NO_MATCHING_CHOICE_TYPE          ,"no matching choice type"},
-{ASN1_R_NULL_IS_WRONG_LENGTH             ,"null is wrong length"},
-{ASN1_R_OBJECT_NOT_ASCII_FORMAT          ,"object not ascii format"},
-{ASN1_R_ODD_NUMBER_OF_CHARS              ,"odd number of chars"},
-{ASN1_R_PRIVATE_KEY_HEADER_MISSING       ,"private key header missing"},
-{ASN1_R_SECOND_NUMBER_TOO_LARGE          ,"second number too large"},
-{ASN1_R_SEQUENCE_LENGTH_MISMATCH         ,"sequence length mismatch"},
-{ASN1_R_SEQUENCE_NOT_CONSTRUCTED         ,"sequence not constructed"},
-{ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG     ,"sequence or set needs config"},
-{ASN1_R_SHORT_LINE                       ,"short line"},
-{ASN1_R_STRING_TOO_LONG                  ,"string too long"},
-{ASN1_R_STRING_TOO_SHORT                 ,"string too short"},
-{ASN1_R_TAG_VALUE_TOO_HIGH               ,"tag value too high"},
-{ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD,"the asn1 object identifier is not known for this md"},
-{ASN1_R_TIME_NOT_ASCII_FORMAT            ,"time not ascii format"},
-{ASN1_R_TOO_LONG                         ,"too long"},
-{ASN1_R_TYPE_NOT_CONSTRUCTED             ,"type not constructed"},
-{ASN1_R_UNABLE_TO_DECODE_RSA_KEY         ,"unable to decode rsa key"},
-{ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY ,"unable to decode rsa private key"},
-{ASN1_R_UNEXPECTED_EOC                   ,"unexpected eoc"},
-{ASN1_R_UNKNOWN_FORMAT                   ,"unknown format"},
-{ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM ,"unknown message digest algorithm"},
-{ASN1_R_UNKNOWN_OBJECT_TYPE              ,"unknown object type"},
-{ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE          ,"unknown public key type"},
-{ASN1_R_UNKNOWN_TAG                      ,"unknown tag"},
-{ASN1_R_UNKOWN_FORMAT                    ,"unkown format"},
-{ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE  ,"unsupported any defined by type"},
-{ASN1_R_UNSUPPORTED_CIPHER               ,"unsupported cipher"},
-{ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM ,"unsupported encryption algorithm"},
-{ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE      ,"unsupported public key type"},
-{ASN1_R_UNSUPPORTED_TYPE                 ,"unsupported type"},
-{ASN1_R_WRONG_TAG                        ,"wrong tag"},
-{ASN1_R_WRONG_TYPE                       ,"wrong type"},
+{ERR_REASON(ASN1_R_ADDING_OBJECT)        ,"adding object"},
+{ERR_REASON(ASN1_R_ASN1_PARSE_ERROR)     ,"asn1 parse error"},
+{ERR_REASON(ASN1_R_ASN1_SIG_PARSE_ERROR) ,"asn1 sig parse error"},
+{ERR_REASON(ASN1_R_AUX_ERROR)            ,"aux error"},
+{ERR_REASON(ASN1_R_BAD_CLASS)            ,"bad class"},
+{ERR_REASON(ASN1_R_BAD_OBJECT_HEADER)    ,"bad object header"},
+{ERR_REASON(ASN1_R_BAD_PASSWORD_READ)    ,"bad password read"},
+{ERR_REASON(ASN1_R_BAD_TAG)              ,"bad tag"},
+{ERR_REASON(ASN1_R_BMPSTRING_IS_WRONG_LENGTH),"bmpstring is wrong length"},
+{ERR_REASON(ASN1_R_BN_LIB)               ,"bn lib"},
+{ERR_REASON(ASN1_R_BOOLEAN_IS_WRONG_LENGTH),"boolean is wrong length"},
+{ERR_REASON(ASN1_R_BUFFER_TOO_SMALL)     ,"buffer too small"},
+{ERR_REASON(ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER),"cipher has no object identifier"},
+{ERR_REASON(ASN1_R_DATA_IS_WRONG)        ,"data is wrong"},
+{ERR_REASON(ASN1_R_DECODE_ERROR)         ,"decode error"},
+{ERR_REASON(ASN1_R_DECODING_ERROR)       ,"decoding error"},
+{ERR_REASON(ASN1_R_DEPTH_EXCEEDED)       ,"depth exceeded"},
+{ERR_REASON(ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED),"digest and key type not supported"},
+{ERR_REASON(ASN1_R_ENCODE_ERROR)         ,"encode error"},
+{ERR_REASON(ASN1_R_ERROR_GETTING_TIME)   ,"error getting time"},
+{ERR_REASON(ASN1_R_ERROR_LOADING_SECTION),"error loading section"},
+{ERR_REASON(ASN1_R_ERROR_PARSING_SET_ELEMENT),"error parsing set element"},
+{ERR_REASON(ASN1_R_ERROR_SETTING_CIPHER_PARAMS),"error setting cipher params"},
+{ERR_REASON(ASN1_R_EXPECTING_AN_INTEGER) ,"expecting an integer"},
+{ERR_REASON(ASN1_R_EXPECTING_AN_OBJECT)  ,"expecting an object"},
+{ERR_REASON(ASN1_R_EXPECTING_A_BOOLEAN)  ,"expecting a boolean"},
+{ERR_REASON(ASN1_R_EXPECTING_A_TIME)     ,"expecting a time"},
+{ERR_REASON(ASN1_R_EXPLICIT_LENGTH_MISMATCH),"explicit length mismatch"},
+{ERR_REASON(ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED),"explicit tag not constructed"},
+{ERR_REASON(ASN1_R_FIELD_MISSING)        ,"field missing"},
+{ERR_REASON(ASN1_R_FIRST_NUM_TOO_LARGE)  ,"first num too large"},
+{ERR_REASON(ASN1_R_HEADER_TOO_LONG)      ,"header too long"},
+{ERR_REASON(ASN1_R_ILLEGAL_BITSTRING_FORMAT),"illegal bitstring format"},
+{ERR_REASON(ASN1_R_ILLEGAL_BOOLEAN)      ,"illegal boolean"},
+{ERR_REASON(ASN1_R_ILLEGAL_CHARACTERS)   ,"illegal characters"},
+{ERR_REASON(ASN1_R_ILLEGAL_FORMAT)       ,"illegal format"},
+{ERR_REASON(ASN1_R_ILLEGAL_HEX)          ,"illegal hex"},
+{ERR_REASON(ASN1_R_ILLEGAL_IMPLICIT_TAG) ,"illegal implicit tag"},
+{ERR_REASON(ASN1_R_ILLEGAL_INTEGER)      ,"illegal integer"},
+{ERR_REASON(ASN1_R_ILLEGAL_NESTED_TAGGING),"illegal nested tagging"},
+{ERR_REASON(ASN1_R_ILLEGAL_NULL)         ,"illegal null"},
+{ERR_REASON(ASN1_R_ILLEGAL_NULL_VALUE)   ,"illegal null value"},
+{ERR_REASON(ASN1_R_ILLEGAL_OBJECT)       ,"illegal object"},
+{ERR_REASON(ASN1_R_ILLEGAL_OPTIONAL_ANY) ,"illegal optional any"},
+{ERR_REASON(ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE),"illegal options on item template"},
+{ERR_REASON(ASN1_R_ILLEGAL_TAGGED_ANY)   ,"illegal tagged any"},
+{ERR_REASON(ASN1_R_ILLEGAL_TIME_VALUE)   ,"illegal time value"},
+{ERR_REASON(ASN1_R_INTEGER_NOT_ASCII_FORMAT),"integer not ascii format"},
+{ERR_REASON(ASN1_R_INTEGER_TOO_LARGE_FOR_LONG),"integer too large for long"},
+{ERR_REASON(ASN1_R_INVALID_BMPSTRING_LENGTH),"invalid bmpstring length"},
+{ERR_REASON(ASN1_R_INVALID_DIGIT)        ,"invalid digit"},
+{ERR_REASON(ASN1_R_INVALID_MIME_TYPE)    ,"invalid mime type"},
+{ERR_REASON(ASN1_R_INVALID_MODIFIER)     ,"invalid modifier"},
+{ERR_REASON(ASN1_R_INVALID_NUMBER)       ,"invalid number"},
+{ERR_REASON(ASN1_R_INVALID_OBJECT_ENCODING),"invalid object encoding"},
+{ERR_REASON(ASN1_R_INVALID_SEPARATOR)    ,"invalid separator"},
+{ERR_REASON(ASN1_R_INVALID_TIME_FORMAT)  ,"invalid time format"},
+{ERR_REASON(ASN1_R_INVALID_UNIVERSALSTRING_LENGTH),"invalid universalstring length"},
+{ERR_REASON(ASN1_R_INVALID_UTF8STRING)   ,"invalid utf8string"},
+{ERR_REASON(ASN1_R_IV_TOO_LARGE)         ,"iv too large"},
+{ERR_REASON(ASN1_R_LENGTH_ERROR)         ,"length error"},
+{ERR_REASON(ASN1_R_LIST_ERROR)           ,"list error"},
+{ERR_REASON(ASN1_R_MIME_NO_CONTENT_TYPE) ,"mime no content type"},
+{ERR_REASON(ASN1_R_MIME_PARSE_ERROR)     ,"mime parse error"},
+{ERR_REASON(ASN1_R_MIME_SIG_PARSE_ERROR) ,"mime sig parse error"},
+{ERR_REASON(ASN1_R_MISSING_EOC)          ,"missing eoc"},
+{ERR_REASON(ASN1_R_MISSING_SECOND_NUMBER),"missing second number"},
+{ERR_REASON(ASN1_R_MISSING_VALUE)        ,"missing value"},
+{ERR_REASON(ASN1_R_MSTRING_NOT_UNIVERSAL),"mstring not universal"},
+{ERR_REASON(ASN1_R_MSTRING_WRONG_TAG)    ,"mstring wrong tag"},
+{ERR_REASON(ASN1_R_NESTED_ASN1_STRING)   ,"nested asn1 string"},
+{ERR_REASON(ASN1_R_NON_HEX_CHARACTERS)   ,"non hex characters"},
+{ERR_REASON(ASN1_R_NOT_ASCII_FORMAT)     ,"not ascii format"},
+{ERR_REASON(ASN1_R_NOT_ENOUGH_DATA)      ,"not enough data"},
+{ERR_REASON(ASN1_R_NO_CONTENT_TYPE)      ,"no content type"},
+{ERR_REASON(ASN1_R_NO_DEFAULT_DIGEST)    ,"no default digest"},
+{ERR_REASON(ASN1_R_NO_MATCHING_CHOICE_TYPE),"no matching choice type"},
+{ERR_REASON(ASN1_R_NO_MULTIPART_BODY_FAILURE),"no multipart body failure"},
+{ERR_REASON(ASN1_R_NO_MULTIPART_BOUNDARY),"no multipart boundary"},
+{ERR_REASON(ASN1_R_NO_SIG_CONTENT_TYPE)  ,"no sig content type"},
+{ERR_REASON(ASN1_R_NULL_IS_WRONG_LENGTH) ,"null is wrong length"},
+{ERR_REASON(ASN1_R_OBJECT_NOT_ASCII_FORMAT),"object not ascii format"},
+{ERR_REASON(ASN1_R_ODD_NUMBER_OF_CHARS)  ,"odd number of chars"},
+{ERR_REASON(ASN1_R_PRIVATE_KEY_HEADER_MISSING),"private key header missing"},
+{ERR_REASON(ASN1_R_SECOND_NUMBER_TOO_LARGE),"second number too large"},
+{ERR_REASON(ASN1_R_SEQUENCE_LENGTH_MISMATCH),"sequence length mismatch"},
+{ERR_REASON(ASN1_R_SEQUENCE_NOT_CONSTRUCTED),"sequence not constructed"},
+{ERR_REASON(ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG),"sequence or set needs config"},
+{ERR_REASON(ASN1_R_SHORT_LINE)           ,"short line"},
+{ERR_REASON(ASN1_R_SIG_INVALID_MIME_TYPE),"sig invalid mime type"},
+{ERR_REASON(ASN1_R_STREAMING_NOT_SUPPORTED),"streaming not supported"},
+{ERR_REASON(ASN1_R_STRING_TOO_LONG)      ,"string too long"},
+{ERR_REASON(ASN1_R_STRING_TOO_SHORT)     ,"string too short"},
+{ERR_REASON(ASN1_R_TAG_VALUE_TOO_HIGH)   ,"tag value too high"},
+{ERR_REASON(ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD),"the asn1 object identifier is not known for this md"},
+{ERR_REASON(ASN1_R_TIME_NOT_ASCII_FORMAT),"time not ascii format"},
+{ERR_REASON(ASN1_R_TOO_LONG)             ,"too long"},
+{ERR_REASON(ASN1_R_TYPE_NOT_CONSTRUCTED) ,"type not constructed"},
+{ERR_REASON(ASN1_R_UNABLE_TO_DECODE_RSA_KEY),"unable to decode rsa key"},
+{ERR_REASON(ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY),"unable to decode rsa private key"},
+{ERR_REASON(ASN1_R_UNEXPECTED_EOC)       ,"unexpected eoc"},
+{ERR_REASON(ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH),"universalstring is wrong length"},
+{ERR_REASON(ASN1_R_UNKNOWN_FORMAT)       ,"unknown format"},
+{ERR_REASON(ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM),"unknown message digest algorithm"},
+{ERR_REASON(ASN1_R_UNKNOWN_OBJECT_TYPE)  ,"unknown object type"},
+{ERR_REASON(ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE),"unknown public key type"},
+{ERR_REASON(ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM),"unknown signature algorithm"},
+{ERR_REASON(ASN1_R_UNKNOWN_TAG)          ,"unknown tag"},
+{ERR_REASON(ASN1_R_UNKOWN_FORMAT)        ,"unkown format"},
+{ERR_REASON(ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE),"unsupported any defined by type"},
+{ERR_REASON(ASN1_R_UNSUPPORTED_CIPHER)   ,"unsupported cipher"},
+{ERR_REASON(ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM),"unsupported encryption algorithm"},
+{ERR_REASON(ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE),"unsupported public key type"},
+{ERR_REASON(ASN1_R_UNSUPPORTED_TYPE)     ,"unsupported type"},
+{ERR_REASON(ASN1_R_WRONG_PUBLIC_KEY_TYPE),"wrong public key type"},
+{ERR_REASON(ASN1_R_WRONG_TAG)            ,"wrong tag"},
+{ERR_REASON(ASN1_R_WRONG_TYPE)           ,"wrong type"},
 {0,NULL}
 	};
 
@@ -264,15 +319,12 @@ static ERR_STRING_DATA ASN1_str_reasons[]=
 
 void ERR_load_ASN1_strings(void)
 	{
-	static int init=1;
-
-	if (init)
-		{
-		init=0;
 #ifndef OPENSSL_NO_ERR
-		ERR_load_strings(ERR_LIB_ASN1,ASN1_str_functs);
-		ERR_load_strings(ERR_LIB_ASN1,ASN1_str_reasons);
-#endif
 
+	if (ERR_func_error_string(ASN1_str_functs[0].error) == NULL)
+		{
+		ERR_load_strings(0,ASN1_str_functs);
+		ERR_load_strings(0,ASN1_str_reasons);
 		}
+#endif
 	}
diff --git a/crypto/asn1/asn1_gen.c b/crypto/asn1/asn1_gen.c
index efd80215c2..4fc241908f 100644
--- a/crypto/asn1/asn1_gen.c
+++ b/crypto/asn1/asn1_gen.c
@@ -1,5 +1,5 @@
 /* asn1_gen.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2002.
  */
 /* ====================================================================
@@ -88,7 +88,7 @@
 
 struct tag_name_st
 	{
-	char *strnam;
+	const char *strnam;
 	int len;
 	int tag;
 	};
@@ -227,6 +227,8 @@ ASN1_TYPE *ASN1_generate_v3(char *str, X509V3_CTX *cnf)
 	/* Allocate buffer for new encoding */
 
 	new_der = OPENSSL_malloc(len);
+	if (!new_der)
+		goto err;
 
 	/* Generate tagged encoding */
 
@@ -245,8 +247,14 @@ ASN1_TYPE *ASN1_generate_v3(char *str, X509V3_CTX *cnf)
 	/* If IMPLICIT, output tag */
 
 	if (asn1_tags.imp_tag != -1)
+		{
+		if (asn1_tags.imp_class == V_ASN1_UNIVERSAL 
+		    && (asn1_tags.imp_tag == V_ASN1_SEQUENCE
+		     || asn1_tags.imp_tag == V_ASN1_SET) )
+			hdr_constructed = V_ASN1_CONSTRUCTED;
 		ASN1_put_object(&p, hdr_constructed, hdr_len,
 					asn1_tags.imp_tag, asn1_tags.imp_class);
+		}
 
 	/* Copy across original encoding */
 	memcpy(p, cpy_start, cpy_len);
@@ -439,13 +447,15 @@ static int parse_tagging(const char *vstart, int vlen, int *ptag, int *pclass)
 
 static ASN1_TYPE *asn1_multi(int utype, const char *section, X509V3_CTX *cnf)
 	{
-	ASN1_TYPE *ret = NULL, *typ = NULL;
+	ASN1_TYPE *ret = NULL;
 	STACK_OF(ASN1_TYPE) *sk = NULL;
 	STACK_OF(CONF_VALUE) *sect = NULL;
-	unsigned char *der = NULL, *p;
+	unsigned char *der = NULL;
 	int derlen;
-	int i, is_set;
+	int i;
 	sk = sk_ASN1_TYPE_new_null();
+	if (!sk)
+		goto bad;
 	if (section)
 		{
 		if (!cnf)
@@ -455,26 +465,23 @@ static ASN1_TYPE *asn1_multi(int utype, const char *section, X509V3_CTX *cnf)
 			goto bad;
 		for (i = 0; i < sk_CONF_VALUE_num(sect); i++)
 			{
-			typ = ASN1_generate_v3(sk_CONF_VALUE_value(sect, i)->value, cnf);
+			ASN1_TYPE *typ = ASN1_generate_v3(sk_CONF_VALUE_value(sect, i)->value, cnf);
 			if (!typ)
 				goto bad;
-			sk_ASN1_TYPE_push(sk, typ);
-			typ = NULL;
+			if (!sk_ASN1_TYPE_push(sk, typ))
+				goto bad;
 			}
 		}
 
 	/* Now we has a STACK of the components, convert to the correct form */
 
 	if (utype == V_ASN1_SET)
-		is_set = 1;
+		derlen = i2d_ASN1_SET_ANY(sk, &der);
 	else
-		is_set = 0;
-
+		derlen = i2d_ASN1_SEQUENCE_ANY(sk, &der);
 
-	derlen = i2d_ASN1_SET((STACK *)sk, NULL, i2d_ASN1_TYPE, utype, V_ASN1_UNIVERSAL, is_set);
-	der = OPENSSL_malloc(derlen);
-	p = der;
-	i2d_ASN1_SET((STACK *)sk, &p, i2d_ASN1_TYPE, utype, V_ASN1_UNIVERSAL, is_set);
+	if (derlen < 0)
+		goto bad;
 
 	if (!(ret = ASN1_TYPE_new()))
 		goto bad;
@@ -496,8 +503,6 @@ static ASN1_TYPE *asn1_multi(int utype, const char *section, X509V3_CTX *cnf)
 
 	if (sk)
 		sk_ASN1_TYPE_pop_free(sk, ASN1_TYPE_free);
-	if (typ)
-		ASN1_TYPE_free(typ);
 	if (sect)
 		X509V3_section_free(cnf, sect);
 
@@ -510,13 +515,13 @@ static int append_exp(tag_exp_arg *arg, int exp_tag, int exp_class, int exp_cons
 	/* Can only have IMPLICIT if permitted */
 	if ((arg->imp_tag != -1) && !imp_ok)
 		{
-		ASN1err(ASN1_F_APPEND_TAG, ASN1_R_ILLEGAL_IMPLICIT_TAG);
+		ASN1err(ASN1_F_APPEND_EXP, ASN1_R_ILLEGAL_IMPLICIT_TAG);
 		return 0;
 		}
 
 	if (arg->exp_count == ASN1_FLAG_EXP_MAX)
 		{
-		ASN1err(ASN1_F_APPEND_TAG, ASN1_R_DEPTH_EXCEEDED);
+		ASN1err(ASN1_F_APPEND_EXP, ASN1_R_DEPTH_EXCEEDED);
 		return 0;
 		}
 
@@ -547,7 +552,7 @@ static int append_exp(tag_exp_arg *arg, int exp_tag, int exp_class, int exp_cons
 static int asn1_str2tag(const char *tagstr, int len)
 	{
 	unsigned int i;
-	static struct tag_name_st *tntmp, tnst [] = {
+	static const struct tag_name_st *tntmp, tnst [] = {
 		ASN1_GEN_STR("BOOL", V_ASN1_BOOLEAN),
 		ASN1_GEN_STR("BOOLEAN", V_ASN1_BOOLEAN),
 		ASN1_GEN_STR("NULL", V_ASN1_NULL),
@@ -582,6 +587,8 @@ static int asn1_str2tag(const char *tagstr, int len)
 		ASN1_GEN_STR("TELETEXSTRING", V_ASN1_T61STRING),
 		ASN1_GEN_STR("GeneralString", V_ASN1_GENERALSTRING),
 		ASN1_GEN_STR("GENSTR", V_ASN1_GENERALSTRING),
+		ASN1_GEN_STR("NUMERIC", V_ASN1_NUMERICSTRING),
+		ASN1_GEN_STR("NUMERICSTRING", V_ASN1_NUMERICSTRING),
 
 		/* Special cases */
 		ASN1_GEN_STR("SEQUENCE", V_ASN1_SEQUENCE),
@@ -656,6 +663,8 @@ static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype)
 			ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_NOT_ASCII_FORMAT);
 			goto bad_form;
 			}
+		vtmp.name = NULL;
+		vtmp.section = NULL;
 		vtmp.value = (char *)str;
 		if (!X509V3_get_value_bool(&vtmp, &atmp->value.boolean))
 			{
@@ -725,6 +734,7 @@ static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype)
 		case V_ASN1_VISIBLESTRING:
 		case V_ASN1_UNIVERSALSTRING:
 		case V_ASN1_GENERALSTRING:
+		case V_ASN1_NUMERICSTRING:
 
 		if (format == ASN1_GEN_FORMAT_ASCII)
 			format = MBSTRING_ASC;
diff --git a/crypto/asn1/asn1_lib.c b/crypto/asn1/asn1_lib.c
index bb94257cee..1bcb44aee2 100644
--- a/crypto/asn1/asn1_lib.c
+++ b/crypto/asn1/asn1_lib.c
@@ -64,7 +64,7 @@
 
 static int asn1_get_length(const unsigned char **pp,int *inf,long *rl,int max);
 static void asn1_put_length(unsigned char **pp, int length);
-const char *ASN1_version="ASN.1" OPENSSL_VERSION_PTEXT;
+const char ASN1_version[]="ASN.1" OPENSSL_VERSION_PTEXT;
 
 static int _asn1_check_infinite_end(const unsigned char **p, long len)
 	{
@@ -340,20 +340,31 @@ int asn1_GetSequence(ASN1_const_CTX *c, long *length)
 	return(1);
 	}
 
-ASN1_STRING *ASN1_STRING_dup(ASN1_STRING *str)
+int ASN1_STRING_copy(ASN1_STRING *dst, const ASN1_STRING *str)
 	{
-	ASN1_STRING *ret;
+	if (str == NULL)
+		return 0;
+	dst->type = str->type;
+	if (!ASN1_STRING_set(dst,str->data,str->length))
+		return 0;
+	dst->flags = str->flags;
+	return 1;
+	}
 
-	if (str == NULL) return(NULL);
-	if ((ret=ASN1_STRING_type_new(str->type)) == NULL)
-		return(NULL);
-	if (!ASN1_STRING_set(ret,str->data,str->length))
+ASN1_STRING *ASN1_STRING_dup(const ASN1_STRING *str)
+	{
+	ASN1_STRING *ret;
+	if (!str)
+		 return NULL;
+	ret=ASN1_STRING_new();
+	if (!ret)
+		return NULL;
+	if (!ASN1_STRING_copy(ret,str))
 		{
 		ASN1_STRING_free(ret);
-		return(NULL);
+		return NULL;
 		}
-	ret->flags = str->flags;
-	return(ret);
+	return ret;
 	}
 
 int ASN1_STRING_set(ASN1_STRING *str, const void *_data, int len)
@@ -393,6 +404,14 @@ int ASN1_STRING_set(ASN1_STRING *str, const void *_data, int len)
 	return(1);
 	}
 
+void ASN1_STRING_set0(ASN1_STRING *str, void *data, int len)
+	{
+	if (str->data)
+		OPENSSL_free(str->data);
+	str->data = data;
+	str->length = len;
+	}
+
 ASN1_STRING *ASN1_STRING_new(void)
 	{
 	return(ASN1_STRING_type_new(V_ASN1_OCTET_STRING));
@@ -419,11 +438,12 @@ ASN1_STRING *ASN1_STRING_type_new(int type)
 void ASN1_STRING_free(ASN1_STRING *a)
 	{
 	if (a == NULL) return;
-	if (a->data != NULL) OPENSSL_free(a->data);
+	if (a->data && !(a->flags & ASN1_STRING_FLAG_NDEF))
+		OPENSSL_free(a->data);
 	OPENSSL_free(a);
 	}
 
-int ASN1_STRING_cmp(ASN1_STRING *a, ASN1_STRING *b)
+int ASN1_STRING_cmp(const ASN1_STRING *a, const ASN1_STRING *b)
 	{
 	int i;
 
@@ -449,7 +469,7 @@ void asn1_add_error(const unsigned char *address, int offset)
 	ERR_add_error_data(4,"address=",buf1," offset=",buf2);
 	}
 
-int ASN1_STRING_length(ASN1_STRING *x)
+int ASN1_STRING_length(const ASN1_STRING *x)
 { return M_ASN1_STRING_length(x); }
 
 void ASN1_STRING_length_set(ASN1_STRING *x, int len)
diff --git a/crypto/asn1/asn1_locl.h b/crypto/asn1/asn1_locl.h
new file mode 100644
index 0000000000..5aa65e28f5
--- /dev/null
+++ b/crypto/asn1/asn1_locl.h
@@ -0,0 +1,134 @@
+/* asn1t.h */
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project 2006.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/* Internal ASN1 structures and functions: not for application use */
+
+/* ASN1 print context structure */
+
+struct asn1_pctx_st
+	{
+	unsigned long flags;
+	unsigned long nm_flags;
+	unsigned long cert_flags;
+	unsigned long oid_flags;
+	unsigned long str_flags;
+	} /* ASN1_PCTX */;
+
+/* ASN1 public key method structure */
+
+struct evp_pkey_asn1_method_st
+	{
+	int pkey_id;
+	int pkey_base_id;
+	unsigned long pkey_flags;
+
+	char *pem_str;
+	char *info;
+
+	int (*pub_decode)(EVP_PKEY *pk, X509_PUBKEY *pub);
+	int (*pub_encode)(X509_PUBKEY *pub, const EVP_PKEY *pk);
+	int (*pub_cmp)(const EVP_PKEY *a, const EVP_PKEY *b);
+	int (*pub_print)(BIO *out, const EVP_PKEY *pkey, int indent,
+							ASN1_PCTX *pctx);
+
+	int (*priv_decode)(EVP_PKEY *pk, PKCS8_PRIV_KEY_INFO *p8inf);
+	int (*priv_encode)(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk);
+	int (*priv_print)(BIO *out, const EVP_PKEY *pkey, int indent,
+							ASN1_PCTX *pctx);
+
+	int (*pkey_size)(const EVP_PKEY *pk);
+	int (*pkey_bits)(const EVP_PKEY *pk);
+
+	int (*param_decode)(EVP_PKEY *pkey,
+				const unsigned char **pder, int derlen);
+	int (*param_encode)(const EVP_PKEY *pkey, unsigned char **pder);
+	int (*param_missing)(const EVP_PKEY *pk);
+	int (*param_copy)(EVP_PKEY *to, const EVP_PKEY *from);
+	int (*param_cmp)(const EVP_PKEY *a, const EVP_PKEY *b);
+	int (*param_print)(BIO *out, const EVP_PKEY *pkey, int indent,
+							ASN1_PCTX *pctx);
+
+	void (*pkey_free)(EVP_PKEY *pkey);
+	int (*pkey_ctrl)(EVP_PKEY *pkey, int op, long arg1, void *arg2);
+
+	/* Legacy functions for old PEM */
+
+	int (*old_priv_decode)(EVP_PKEY *pkey,
+				const unsigned char **pder, int derlen);
+	int (*old_priv_encode)(const EVP_PKEY *pkey, unsigned char **pder);
+
+	} /* EVP_PKEY_ASN1_METHOD */;
+
+/* Method to handle CRL access.
+ * In general a CRL could be very large (several Mb) and can consume large
+ * amounts of resources if stored in memory by multiple processes.
+ * This method allows general CRL operations to be redirected to more
+ * efficient callbacks: for example a CRL entry database.
+ */
+
+#define X509_CRL_METHOD_DYNAMIC		1
+
+struct x509_crl_method_st
+	{
+	int flags;
+	int (*crl_init)(X509_CRL *crl);
+	int (*crl_free)(X509_CRL *crl);
+	int (*crl_lookup)(X509_CRL *crl, X509_REVOKED **ret,
+				ASN1_INTEGER *ser, X509_NAME *issuer);
+	int (*crl_verify)(X509_CRL *crl, EVP_PKEY *pk);
+	};
diff --git a/crypto/asn1/asn1_mac.h b/crypto/asn1/asn1_mac.h
index a67fb341ee..87bd0e9e1d 100644
--- a/crypto/asn1/asn1_mac.h
+++ b/crypto/asn1/asn1_mac.h
@@ -126,12 +126,19 @@ err:\
 		(c.eos=ASN1_const_check_infinite_end(&c.p,c.slen)))
 
 /* Don't use this with d2i_ASN1_BOOLEAN() */
-#define M_ASN1_D2I_get(b,func) \
+#define M_ASN1_D2I_get(b, func) \
 	c.q=c.p; \
 	if (func(&(b),&c.p,c.slen) == NULL) \
 		{c.line=__LINE__; goto err; } \
 	c.slen-=(c.p-c.q);
 
+/* Don't use this with d2i_ASN1_BOOLEAN() */
+#define M_ASN1_D2I_get_x(type,b,func) \
+	c.q=c.p; \
+	if (((D2I_OF(type))func)(&(b),&c.p,c.slen) == NULL) \
+		{c.line=__LINE__; goto err; } \
+	c.slen-=(c.p-c.q);
+
 /* use this instead () */
 #define M_ASN1_D2I_get_int(b,func) \
 	c.q=c.p; \
@@ -146,6 +153,13 @@ err:\
 		M_ASN1_D2I_get(b,func); \
 		}
 
+#define M_ASN1_D2I_get_int_opt(b,func,type) \
+	if ((c.slen != 0) && ((M_ASN1_next & (~V_ASN1_CONSTRUCTED)) \
+		== (V_ASN1_UNIVERSAL|(type)))) \
+		{ \
+		M_ASN1_D2I_get_int(b,func); \
+		}
+
 #define M_ASN1_D2I_get_imp(b,func, type) \
 	M_ASN1_next=(_tmp& V_ASN1_CONSTRUCTED)|type; \
 	c.q=c.p; \
diff --git a/crypto/asn1/asn1_par.c b/crypto/asn1/asn1_par.c
index 0e5bf915a0..aaca69aebd 100644
--- a/crypto/asn1/asn1_par.c
+++ b/crypto/asn1/asn1_par.c
@@ -70,9 +70,8 @@ static int asn1_print_info(BIO *bp, int tag, int xclass, int constructed,
 	     int indent)
 	{
 	static const char fmt[]="%-18s";
-	static const char fmt2[]="%2d %-15s";
 	char str[128];
-	const char *p,*p2=NULL;
+	const char *p;
 
 	if (constructed & V_ASN1_CONSTRUCTED)
 		p="cons: ";
@@ -88,16 +87,13 @@ static int asn1_print_info(BIO *bp, int tag, int xclass, int constructed,
 		BIO_snprintf(str,sizeof str,"cont [ %d ]",tag);
 	else if ((xclass & V_ASN1_APPLICATION) == V_ASN1_APPLICATION)
 		BIO_snprintf(str,sizeof str,"appl [ %d ]",tag);
-	else p = ASN1_tag2str(tag);
-
-	if (p2 != NULL)
-		{
-		if (BIO_printf(bp,fmt2,tag,p2) <= 0) goto err;
-		}
+	else if (tag > 30)
+		BIO_snprintf(str,sizeof str,"<ASN1 %d>",tag);
 	else
-		{
-		if (BIO_printf(bp,fmt,p) <= 0) goto err;
-		}
+		p = ASN1_tag2str(tag);
+
+	if (BIO_printf(bp,fmt,p) <= 0)
+		goto err;
 	return(1);
 err:
 	return(0);
@@ -210,12 +206,14 @@ static int asn1_parse2(BIO *bp, const unsigned char **pp, long length, int offse
 				(tag == V_ASN1_T61STRING) ||
 				(tag == V_ASN1_IA5STRING) ||
 				(tag == V_ASN1_VISIBLESTRING) ||
+				(tag == V_ASN1_NUMERICSTRING) ||
+				(tag == V_ASN1_UTF8STRING) ||
 				(tag == V_ASN1_UTCTIME) ||
 				(tag == V_ASN1_GENERALIZEDTIME))
 				{
 				if (BIO_write(bp,":",1) <= 0) goto end;
 				if ((len > 0) &&
-					BIO_write(bp,(char *)p,(int)len)
+					BIO_write(bp,(const char *)p,(int)len)
 					!= (int)len)
 					goto end;
 				}
@@ -241,7 +239,7 @@ static int asn1_parse2(BIO *bp, const unsigned char **pp, long length, int offse
 				ii=d2i_ASN1_BOOLEAN(NULL,&opp,len+hl);
 				if (ii < 0)
 					{
-					if (BIO_write(bp,"Bad boolean\n",12))
+					if (BIO_write(bp,"Bad boolean\n",12) <= 0)
 						goto end;
 					}
 				BIO_printf(bp,":%d",ii);
@@ -278,7 +276,7 @@ static int asn1_parse2(BIO *bp, const unsigned char **pp, long length, int offse
 						{
 						if (BIO_write(bp,":",1) <= 0)
 							goto end;
-						if (BIO_write(bp,(char *)opp,
+						if (BIO_write(bp,(const char *)opp,
 							os->length) <= 0)
 							goto end;
 						}
@@ -303,7 +301,8 @@ static int asn1_parse2(BIO *bp, const unsigned char **pp, long length, int offse
 							if (BIO_write(bp,"\n",1) <= 0)
 								goto end;
 							}
-						if (BIO_dump_indent(bp,(char *)opp,
+						if (BIO_dump_indent(bp,
+							(const char *)opp,
 							((dump == -1 || dump > 
 							os->length)?os->length:dump),
 							dump_indent) <= 0)
@@ -388,7 +387,7 @@ static int asn1_parse2(BIO *bp, const unsigned char **pp, long length, int offse
 					if (BIO_write(bp,"\n",1) <= 0)
 						goto end;
 					}
-				if (BIO_dump_indent(bp,(char *)p,
+				if (BIO_dump_indent(bp,(const char *)p,
 					((dump == -1 || dump > len)?len:dump),
 					dump_indent) <= 0)
 					goto end;
@@ -418,7 +417,7 @@ end:
 
 const char *ASN1_tag2str(int tag)
 {
-	const static char *tag2str[] = {
+	static const char * const tag2str[] = {
 	 "EOC", "BOOLEAN", "INTEGER", "BIT STRING", "OCTET STRING", /* 0-4 */
 	 "NULL", "OBJECT", "OBJECT DESCRIPTOR", "EXTERNAL", "REAL", /* 5-9 */
 	 "ENUMERATED", "<ASN1 11>", "UTF8STRING", "<ASN1 13>", 	    /* 10-13 */
diff --git a/crypto/asn1/asn1t.h b/crypto/asn1/asn1t.h
index a024836834..d230e4bf70 100644
--- a/crypto/asn1/asn1t.h
+++ b/crypto/asn1/asn1t.h
@@ -1,9 +1,9 @@
 /* asn1t.h */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2000.
  */
 /* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 2000-2005 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -99,7 +99,7 @@ extern "C" {
 #define ASN1_ITEM_start(itname) \
 	const ASN1_ITEM * itname##_it(void) \
 	{ \
-		static const ASN1_ITEM local_it = { \
+		static const ASN1_ITEM local_it = { 
 
 #define ASN1_ITEM_end(itname) \
 		}; \
@@ -169,6 +169,9 @@ extern "C" {
 #define ASN1_NDEF_SEQUENCE(tname) \
 	ASN1_SEQUENCE(tname)
 
+#define ASN1_NDEF_SEQUENCE_cb(tname, cb) \
+	ASN1_SEQUENCE_cb(tname, cb)
+
 #define ASN1_SEQUENCE_cb(tname, cb) \
 	static const ASN1_AUX tname##_aux = {NULL, 0, 0, 0, cb, 0}; \
 	ASN1_SEQUENCE(tname)
@@ -215,6 +218,18 @@ extern "C" {
 		#stname \
 	ASN1_ITEM_end(tname)
 
+#define ASN1_NDEF_SEQUENCE_END_cb(stname, tname) \
+	;\
+	ASN1_ITEM_start(tname) \
+		ASN1_ITYPE_NDEF_SEQUENCE,\
+		V_ASN1_SEQUENCE,\
+		tname##_seq_tt,\
+		sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\
+		&tname##_aux,\
+		sizeof(stname),\
+		#stname \
+	ASN1_ITEM_end(tname)
+
 
 /* This pair helps declare a CHOICE type. We can do:
  *
@@ -368,6 +383,10 @@ extern "C" {
 #define ASN1_EXP_SEQUENCE_OF_OPT(stname, field, type, tag) \
 			ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL)
 
+/* EXPLICIT using indefinite length constructed form */
+#define ASN1_NDEF_EXP(stname, field, type, tag) \
+			ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_NDEF)
+
 /* EXPLICIT OPTIONAL using indefinite length constructed form */
 #define ASN1_NDEF_EXP_OPT(stname, field, type, tag) \
 			ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL|ASN1_TFLG_NDEF)
@@ -429,7 +448,7 @@ unsigned long flags;		/* Various flags */
 long tag;			/* tag, not used if no tagging */
 unsigned long offset;		/* Offset of this field in structure */
 #ifndef NO_ASN1_FIELD_NAMES
-char *field_name;		/* Field name */
+const char *field_name;		/* Field name */
 #endif
 ASN1_ITEM_EXP *item;		/* Relevant ASN1_ITEM or ASN1_ADB */
 };
@@ -644,8 +663,13 @@ typedef int ASN1_ex_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM
 typedef int ASN1_ex_new_func(ASN1_VALUE **pval, const ASN1_ITEM *it);
 typedef void ASN1_ex_free_func(ASN1_VALUE **pval, const ASN1_ITEM *it);
 
+typedef int ASN1_ex_print_func(BIO *out, ASN1_VALUE **pval, 
+						int indent, const char *fname, 
+						const ASN1_PCTX *pctx);
+
 typedef int ASN1_primitive_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it);
 typedef int ASN1_primitive_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it);
+typedef int ASN1_primitive_print(BIO *out, ASN1_VALUE **pval, const ASN1_ITEM *it, int indent, const ASN1_PCTX *pctx);
 
 typedef struct ASN1_COMPAT_FUNCS_st {
 	ASN1_new_func *asn1_new;
@@ -661,6 +685,7 @@ typedef struct ASN1_EXTERN_FUNCS_st {
 	ASN1_ex_free_func *asn1_ex_clear;
 	ASN1_ex_d2i *asn1_ex_d2i;
 	ASN1_ex_i2d *asn1_ex_i2d;
+	ASN1_ex_print_func *asn1_ex_print;
 } ASN1_EXTERN_FUNCS;
 
 typedef struct ASN1_PRIMITIVE_FUNCS_st {
@@ -671,6 +696,7 @@ typedef struct ASN1_PRIMITIVE_FUNCS_st {
 	ASN1_ex_free_func *prim_clear;
 	ASN1_primitive_c2i *prim_c2i;
 	ASN1_primitive_i2c *prim_i2c;
+	ASN1_primitive_print *prim_print;
 } ASN1_PRIMITIVE_FUNCS;
 
 /* This is the ASN1_AUX structure: it handles various
@@ -690,7 +716,8 @@ typedef struct ASN1_PRIMITIVE_FUNCS_st {
  * then an external type is more appropriate.
  */
 
-typedef int ASN1_aux_cb(int operation, ASN1_VALUE **in, const ASN1_ITEM *it);
+typedef int ASN1_aux_cb(int operation, ASN1_VALUE **in, const ASN1_ITEM *it,
+				void *exarg);
 
 typedef struct ASN1_AUX_st {
 	void *app_data;
@@ -701,6 +728,23 @@ typedef struct ASN1_AUX_st {
 	int enc_offset;		/* Offset of ASN1_ENCODING structure */
 } ASN1_AUX;
 
+/* For print related callbacks exarg points to this structure */
+typedef struct ASN1_PRINT_ARG_st {
+	BIO *out;
+	int indent;
+	const ASN1_PCTX *pctx;
+} ASN1_PRINT_ARG;
+
+/* For streaming related callbacks exarg points to this structure */
+typedef struct ASN1_STREAM_ARG_st {
+	/* BIO to stream through */
+	BIO *out;
+	/* BIO with filters appended */
+	BIO *ndef_bio;
+	/* Streaming I/O boundary */
+	unsigned char **boundary;
+} ASN1_STREAM_ARG;
+
 /* Flags in ASN1_AUX */
 
 /* Use a reference count */
@@ -720,6 +764,12 @@ typedef struct ASN1_AUX_st {
 #define ASN1_OP_D2I_POST	5
 #define ASN1_OP_I2D_PRE		6
 #define ASN1_OP_I2D_POST	7
+#define ASN1_OP_PRINT_PRE	8
+#define ASN1_OP_PRINT_POST	9
+#define ASN1_OP_STREAM_PRE	10
+#define ASN1_OP_STREAM_POST	11
+#define ASN1_OP_DETACHED_PRE	12
+#define ASN1_OP_DETACHED_POST	13
 
 /* Macro to implement a primitive type */
 #define IMPLEMENT_ASN1_TYPE(stname) IMPLEMENT_ASN1_TYPE_ex(stname, stname, 0)
@@ -775,9 +825,22 @@ typedef struct ASN1_AUX_st {
 #define IMPLEMENT_ASN1_FUNCTIONS_ENCODE_name(stname, itname) \
 			IMPLEMENT_ASN1_FUNCTIONS_ENCODE_fname(stname, itname, itname)
 
+#define IMPLEMENT_STATIC_ASN1_ALLOC_FUNCTIONS(stname) \
+		IMPLEMENT_ASN1_ALLOC_FUNCTIONS_pfname(static, stname, stname, stname)
+
 #define IMPLEMENT_ASN1_ALLOC_FUNCTIONS(stname) \
 		IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, stname, stname)
 
+#define IMPLEMENT_ASN1_ALLOC_FUNCTIONS_pfname(pre, stname, itname, fname) \
+	pre stname *fname##_new(void) \
+	{ \
+		return (stname *)ASN1_item_new(ASN1_ITEM_rptr(itname)); \
+	} \
+	pre void fname##_free(stname *a) \
+	{ \
+		ASN1_item_free((ASN1_VALUE *)a, ASN1_ITEM_rptr(itname)); \
+	}
+
 #define IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname) \
 	stname *fname##_new(void) \
 	{ \
@@ -827,6 +890,17 @@ typedef struct ASN1_AUX_st {
         return ASN1_item_dup(ASN1_ITEM_rptr(stname), x); \
         }
 
+#define IMPLEMENT_ASN1_PRINT_FUNCTION(stname) \
+	IMPLEMENT_ASN1_PRINT_FUNCTION_fname(stname, stname, stname)
+
+#define IMPLEMENT_ASN1_PRINT_FUNCTION_fname(stname, itname, fname) \
+	int fname##_print_ctx(BIO *out, stname *x, int indent, \
+						const ASN1_PCTX *pctx) \
+	{ \
+		return ASN1_item_print(out, (ASN1_VALUE *)x, indent, \
+			ASN1_ITEM_rptr(itname), pctx); \
+	} 
+
 #define IMPLEMENT_ASN1_FUNCTIONS_const(name) \
 		IMPLEMENT_ASN1_FUNCTIONS_const_fname(name, name, name)
 
diff --git a/crypto/asn1/asn_mime.c b/crypto/asn1/asn_mime.c
new file mode 100644
index 0000000000..c1d1b12291
--- /dev/null
+++ b/crypto/asn1/asn_mime.c
@@ -0,0 +1,942 @@
+/* asn_mime.c */
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project.
+ */
+/* ====================================================================
+ * Copyright (c) 1999-2008 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#include <stdio.h>
+#include <ctype.h>
+#include "cryptlib.h"
+#include <openssl/rand.h>
+#include <openssl/x509.h>
+#include <openssl/asn1.h>
+#include <openssl/asn1t.h>
+#include "asn1_locl.h"
+
+/* Generalised MIME like utilities for streaming ASN1. Although many
+ * have a PKCS7/CMS like flavour others are more general purpose.
+ */
+
+/* MIME format structures
+ * Note that all are translated to lower case apart from
+ * parameter values. Quotes are stripped off
+ */
+
+typedef struct {
+char *param_name;			/* Param name e.g. "micalg" */
+char *param_value;			/* Param value e.g. "sha1" */
+} MIME_PARAM;
+
+DECLARE_STACK_OF(MIME_PARAM)
+IMPLEMENT_STACK_OF(MIME_PARAM)
+
+typedef struct {
+char *name;				/* Name of line e.g. "content-type" */
+char *value;				/* Value of line e.g. "text/plain" */
+STACK_OF(MIME_PARAM) *params;		/* Zero or more parameters */
+} MIME_HEADER;
+
+DECLARE_STACK_OF(MIME_HEADER)
+IMPLEMENT_STACK_OF(MIME_HEADER)
+
+static int asn1_output_data(BIO *out, BIO *data, ASN1_VALUE *val, int flags,
+					const ASN1_ITEM *it);
+static char * strip_ends(char *name);
+static char * strip_start(char *name);
+static char * strip_end(char *name);
+static MIME_HEADER *mime_hdr_new(char *name, char *value);
+static int mime_hdr_addparam(MIME_HEADER *mhdr, char *name, char *value);
+static STACK_OF(MIME_HEADER) *mime_parse_hdr(BIO *bio);
+static int mime_hdr_cmp(const MIME_HEADER * const *a,
+			const MIME_HEADER * const *b);
+static int mime_param_cmp(const MIME_PARAM * const *a,
+			const MIME_PARAM * const *b);
+static void mime_param_free(MIME_PARAM *param);
+static int mime_bound_check(char *line, int linelen, char *bound, int blen);
+static int multi_split(BIO *bio, char *bound, STACK_OF(BIO) **ret);
+static int strip_eol(char *linebuf, int *plen);
+static MIME_HEADER *mime_hdr_find(STACK_OF(MIME_HEADER) *hdrs, char *name);
+static MIME_PARAM *mime_param_find(MIME_HEADER *hdr, char *name);
+static void mime_hdr_free(MIME_HEADER *hdr);
+
+#define MAX_SMLEN 1024
+#define mime_debug(x) /* x */
+
+/* Output an ASN1 structure in BER format streaming if necessary */
+
+int i2d_ASN1_bio_stream(BIO *out, ASN1_VALUE *val, BIO *in, int flags,
+				const ASN1_ITEM *it)
+	{
+	/* If streaming create stream BIO and copy all content through it */
+	if (flags & SMIME_STREAM)
+		{
+		BIO *bio, *tbio;
+		bio = BIO_new_NDEF(out, val, it);
+		if (!bio)
+			{
+			ASN1err(ASN1_F_I2D_ASN1_BIO_STREAM,ERR_R_MALLOC_FAILURE);
+			return 0;
+			}
+		SMIME_crlf_copy(in, bio, flags);
+		(void)BIO_flush(bio);
+		/* Free up successive BIOs until we hit the old output BIO */
+		do
+			{
+			tbio = BIO_pop(bio);
+			BIO_free(bio);
+			bio = tbio;
+			} while (bio != out);
+		}
+	/* else just write out ASN1 structure which will have all content
+	 * stored internally
+	 */
+	else
+		ASN1_item_i2d_bio(it, out, val);
+	return 1;
+	}
+
+/* Base 64 read and write of ASN1 structure */
+
+static int B64_write_ASN1(BIO *out, ASN1_VALUE *val, BIO *in, int flags,
+				const ASN1_ITEM *it)
+	{
+	BIO *b64;
+	int r;
+	b64 = BIO_new(BIO_f_base64());
+	if(!b64)
+		{
+		ASN1err(ASN1_F_B64_WRITE_ASN1,ERR_R_MALLOC_FAILURE);
+		return 0;
+		}
+	/* prepend the b64 BIO so all data is base64 encoded.
+	 */
+	out = BIO_push(b64, out);
+	r = i2d_ASN1_bio_stream(out, val, in, flags, it);
+	(void)BIO_flush(out);
+	BIO_pop(out);
+	BIO_free(b64);
+	return r;
+	}
+
+/* Streaming ASN1 PEM write */
+
+int PEM_write_bio_ASN1_stream(BIO *out, ASN1_VALUE *val, BIO *in, int flags,
+				const char *hdr,
+				const ASN1_ITEM *it)
+	{
+	int r;
+	BIO_printf(out, "-----BEGIN %s-----\n", hdr);
+	r = B64_write_ASN1(out, val, in, flags, it);
+	BIO_printf(out, "-----END %s-----\n", hdr);
+	return r;
+	}
+
+static ASN1_VALUE *b64_read_asn1(BIO *bio, const ASN1_ITEM *it)
+{
+	BIO *b64;
+	ASN1_VALUE *val;
+	if(!(b64 = BIO_new(BIO_f_base64()))) {
+		ASN1err(ASN1_F_B64_READ_ASN1,ERR_R_MALLOC_FAILURE);
+		return 0;
+	}
+	bio = BIO_push(b64, bio);
+	val = ASN1_item_d2i_bio(it, bio, NULL);
+	if(!val)
+		ASN1err(ASN1_F_B64_READ_ASN1,ASN1_R_DECODE_ERROR);
+	(void)BIO_flush(bio);
+	bio = BIO_pop(bio);
+	BIO_free(b64);
+	return val;
+}
+
+/* Generate the MIME "micalg" parameter from RFC3851, RFC4490 */
+
+static int asn1_write_micalg(BIO *out, STACK_OF(X509_ALGOR) *mdalgs)
+	{
+	const EVP_MD *md;
+	int i, have_unknown = 0, write_comma, ret = 0, md_nid;
+	have_unknown = 0;
+	write_comma = 0;
+	for (i = 0; i < sk_X509_ALGOR_num(mdalgs); i++)
+		{
+		if (write_comma)
+			BIO_write(out, ",", 1);
+		write_comma = 1;
+		md_nid = OBJ_obj2nid(sk_X509_ALGOR_value(mdalgs, i)->algorithm);
+		md = EVP_get_digestbynid(md_nid);
+		if (md && md->md_ctrl)
+			{
+			int rv;
+			char *micstr;
+			rv = md->md_ctrl(NULL, EVP_MD_CTRL_MICALG, 0, &micstr);
+			if (rv > 0)
+				{
+				BIO_puts(out, micstr);
+				OPENSSL_free(micstr);
+				continue;
+				}
+			if (rv != -2)
+				goto err;
+			}
+		switch(md_nid)
+			{
+			case NID_sha1:
+			BIO_puts(out, "sha1");
+			break;
+
+			case NID_md5:
+			BIO_puts(out, "md5");
+			break;
+
+			case NID_sha256:
+			BIO_puts(out, "sha-256");
+			break;
+
+			case NID_sha384:
+			BIO_puts(out, "sha-384");
+			break;
+
+			case NID_sha512:
+			BIO_puts(out, "sha-512");
+			break;
+
+			case NID_id_GostR3411_94:
+			BIO_puts(out, "gostr3411-94");
+				goto err;
+			break;
+
+			default:
+			if (have_unknown)
+				write_comma = 0;
+			else
+				{
+				BIO_puts(out, "unknown");
+				have_unknown = 1;
+				}
+			break;
+
+			}
+		}
+
+	ret = 1;
+	err:
+
+	return ret;
+
+	}
+
+/* SMIME sender */
+
+int SMIME_write_ASN1(BIO *bio, ASN1_VALUE *val, BIO *data, int flags,
+				int ctype_nid, int econt_nid,
+				STACK_OF(X509_ALGOR) *mdalgs,
+				const ASN1_ITEM *it)
+{
+	char bound[33], c;
+	int i;
+	const char *mime_prefix, *mime_eol, *cname = "smime.p7m";
+	const char *msg_type=NULL;
+	if (flags & SMIME_OLDMIME)
+		mime_prefix = "application/x-pkcs7-";
+	else
+		mime_prefix = "application/pkcs7-";
+
+	if (flags & SMIME_CRLFEOL)
+		mime_eol = "\r\n";
+	else
+		mime_eol = "\n";
+	if((flags & SMIME_DETACHED) && data) {
+	/* We want multipart/signed */
+		/* Generate a random boundary */
+		RAND_pseudo_bytes((unsigned char *)bound, 32);
+		for(i = 0; i < 32; i++) {
+			c = bound[i] & 0xf;
+			if(c < 10) c += '0';
+			else c += 'A' - 10;
+			bound[i] = c;
+		}
+		bound[32] = 0;
+		BIO_printf(bio, "MIME-Version: 1.0%s", mime_eol);
+		BIO_printf(bio, "Content-Type: multipart/signed;");
+		BIO_printf(bio, " protocol=\"%ssignature\";", mime_prefix);
+		BIO_puts(bio, " micalg=\"");
+		asn1_write_micalg(bio, mdalgs);
+		BIO_printf(bio, "\"; boundary=\"----%s\"%s%s",
+						bound, mime_eol, mime_eol);
+		BIO_printf(bio, "This is an S/MIME signed message%s%s",
+						mime_eol, mime_eol);
+		/* Now write out the first part */
+		BIO_printf(bio, "------%s%s", bound, mime_eol);
+		if (!asn1_output_data(bio, data, val, flags, it))
+			return 0;
+		BIO_printf(bio, "%s------%s%s", mime_eol, bound, mime_eol);
+
+		/* Headers for signature */
+
+		BIO_printf(bio, "Content-Type: %ssignature;", mime_prefix); 
+		BIO_printf(bio, " name=\"smime.p7s\"%s", mime_eol);
+		BIO_printf(bio, "Content-Transfer-Encoding: base64%s",
+								mime_eol);
+		BIO_printf(bio, "Content-Disposition: attachment;");
+		BIO_printf(bio, " filename=\"smime.p7s\"%s%s",
+							mime_eol, mime_eol);
+		B64_write_ASN1(bio, val, NULL, 0, it);
+		BIO_printf(bio,"%s------%s--%s%s", mime_eol, bound,
+							mime_eol, mime_eol);
+		return 1;
+	}
+
+	/* Determine smime-type header */
+
+	if (ctype_nid == NID_pkcs7_enveloped)
+		msg_type = "enveloped-data";
+	else if (ctype_nid == NID_pkcs7_signed)
+		{
+		if (econt_nid == NID_id_smime_ct_receipt)
+			msg_type = "signed-receipt";
+		else if (sk_X509_ALGOR_num(mdalgs) >= 0)
+			msg_type = "signed-data";
+		else
+			msg_type = "certs-only";
+		}
+	else if (ctype_nid == NID_id_smime_ct_compressedData)
+		{
+		msg_type = "compressed-data";
+		cname = "smime.p7z";
+		}
+	/* MIME headers */
+	BIO_printf(bio, "MIME-Version: 1.0%s", mime_eol);
+	BIO_printf(bio, "Content-Disposition: attachment;");
+	BIO_printf(bio, " filename=\"%s\"%s", cname, mime_eol);
+	BIO_printf(bio, "Content-Type: %smime;", mime_prefix);
+	if (msg_type)
+		BIO_printf(bio, " smime-type=%s;", msg_type);
+	BIO_printf(bio, " name=\"%s\"%s", cname, mime_eol);
+	BIO_printf(bio, "Content-Transfer-Encoding: base64%s%s",
+						mime_eol, mime_eol);
+	if (!B64_write_ASN1(bio, val, data, flags, it))
+		return 0;
+	BIO_printf(bio, "%s", mime_eol);
+	return 1;
+}
+
+/* Handle output of ASN1 data */
+
+
+static int asn1_output_data(BIO *out, BIO *data, ASN1_VALUE *val, int flags,
+					const ASN1_ITEM *it)
+	{
+	BIO *tmpbio;
+	const ASN1_AUX *aux = it->funcs;
+	ASN1_STREAM_ARG sarg;
+
+	if (!(flags & SMIME_DETACHED))
+		{
+		SMIME_crlf_copy(data, out, flags);
+		return 1;
+		}
+
+	if (!aux || !aux->asn1_cb)
+		{
+		ASN1err(ASN1_F_ASN1_OUTPUT_DATA,
+					ASN1_R_STREAMING_NOT_SUPPORTED);
+		return 0;
+		}
+
+	sarg.out = out;
+	sarg.ndef_bio = NULL;
+	sarg.boundary = NULL;
+
+	/* Let ASN1 code prepend any needed BIOs */
+
+	if (aux->asn1_cb(ASN1_OP_DETACHED_PRE, &val, it, &sarg) <= 0)
+		return 0;
+
+	/* Copy data across, passing through filter BIOs for processing */
+	SMIME_crlf_copy(data, sarg.ndef_bio, flags);
+
+	/* Finalize structure */
+	if (aux->asn1_cb(ASN1_OP_DETACHED_POST, &val, it, &sarg) <= 0)
+		return 0;
+
+	/* Now remove any digests prepended to the BIO */
+
+	while (sarg.ndef_bio != out)
+		{
+		tmpbio = BIO_pop(sarg.ndef_bio);
+		BIO_free(sarg.ndef_bio);
+		sarg.ndef_bio = tmpbio;
+		}
+
+	return 1;
+
+	}
+
+/* SMIME reader: handle multipart/signed and opaque signing.
+ * in multipart case the content is placed in a memory BIO
+ * pointed to by "bcont". In opaque this is set to NULL
+ */
+
+ASN1_VALUE *SMIME_read_ASN1(BIO *bio, BIO **bcont, const ASN1_ITEM *it)
+{
+	BIO *asnin;
+	STACK_OF(MIME_HEADER) *headers = NULL;
+	STACK_OF(BIO) *parts = NULL;
+	MIME_HEADER *hdr;
+	MIME_PARAM *prm;
+	ASN1_VALUE *val;
+	int ret;
+
+	if(bcont) *bcont = NULL;
+
+	if (!(headers = mime_parse_hdr(bio))) {
+		ASN1err(ASN1_F_SMIME_READ_ASN1,ASN1_R_MIME_PARSE_ERROR);
+		return NULL;
+	}
+
+	if(!(hdr = mime_hdr_find(headers, "content-type")) || !hdr->value) {
+		sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
+		ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_NO_CONTENT_TYPE);
+		return NULL;
+	}
+
+	/* Handle multipart/signed */
+
+	if(!strcmp(hdr->value, "multipart/signed")) {
+		/* Split into two parts */
+		prm = mime_param_find(hdr, "boundary");
+		if(!prm || !prm->param_value) {
+			sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
+			ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_NO_MULTIPART_BOUNDARY);
+			return NULL;
+		}
+		ret = multi_split(bio, prm->param_value, &parts);
+		sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
+		if(!ret || (sk_BIO_num(parts) != 2) ) {
+			ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_NO_MULTIPART_BODY_FAILURE);
+			sk_BIO_pop_free(parts, BIO_vfree);
+			return NULL;
+		}
+
+		/* Parse the signature piece */
+		asnin = sk_BIO_value(parts, 1);
+
+		if (!(headers = mime_parse_hdr(asnin))) {
+			ASN1err(ASN1_F_SMIME_READ_ASN1,ASN1_R_MIME_SIG_PARSE_ERROR);
+			sk_BIO_pop_free(parts, BIO_vfree);
+			return NULL;
+		}
+
+		/* Get content type */
+
+		if(!(hdr = mime_hdr_find(headers, "content-type")) ||
+								 !hdr->value) {
+			sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
+			ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_NO_SIG_CONTENT_TYPE);
+			return NULL;
+		}
+
+		if(strcmp(hdr->value, "application/x-pkcs7-signature") &&
+			strcmp(hdr->value, "application/pkcs7-signature")) {
+			sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
+			ASN1err(ASN1_F_SMIME_READ_ASN1,ASN1_R_SIG_INVALID_MIME_TYPE);
+			ERR_add_error_data(2, "type: ", hdr->value);
+			sk_BIO_pop_free(parts, BIO_vfree);
+			return NULL;
+		}
+		sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
+		/* Read in ASN1 */
+		if(!(val = b64_read_asn1(asnin, it))) {
+			ASN1err(ASN1_F_SMIME_READ_ASN1,ASN1_R_ASN1_SIG_PARSE_ERROR);
+			sk_BIO_pop_free(parts, BIO_vfree);
+			return NULL;
+		}
+
+		if(bcont) {
+			*bcont = sk_BIO_value(parts, 0);
+			BIO_free(asnin);
+			sk_BIO_free(parts);
+		} else sk_BIO_pop_free(parts, BIO_vfree);
+		return val;
+	}
+		
+	/* OK, if not multipart/signed try opaque signature */
+
+	if (strcmp (hdr->value, "application/x-pkcs7-mime") &&
+	    strcmp (hdr->value, "application/pkcs7-mime")) {
+		ASN1err(ASN1_F_SMIME_READ_ASN1,ASN1_R_INVALID_MIME_TYPE);
+		ERR_add_error_data(2, "type: ", hdr->value);
+		sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
+		return NULL;
+	}
+
+	sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
+	
+	if(!(val = b64_read_asn1(bio, it))) {
+		ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_ASN1_PARSE_ERROR);
+		return NULL;
+	}
+	return val;
+
+}
+
+/* Copy text from one BIO to another making the output CRLF at EOL */
+int SMIME_crlf_copy(BIO *in, BIO *out, int flags)
+{
+	BIO *bf;
+	char eol;
+	int len;
+	char linebuf[MAX_SMLEN];
+	/* Buffer output so we don't write one line at a time. This is
+	 * useful when streaming as we don't end up with one OCTET STRING
+	 * per line.
+	 */
+	bf = BIO_new(BIO_f_buffer());
+	if (!bf)
+		return 0;
+	out = BIO_push(bf, out);
+	if(flags & SMIME_BINARY)
+		{
+		while((len = BIO_read(in, linebuf, MAX_SMLEN)) > 0)
+						BIO_write(out, linebuf, len);
+		}
+	else
+		{
+		if(flags & SMIME_TEXT)
+			BIO_printf(out, "Content-Type: text/plain\r\n\r\n");
+		while ((len = BIO_gets(in, linebuf, MAX_SMLEN)) > 0)
+			{
+			eol = strip_eol(linebuf, &len);
+			if (len)
+				BIO_write(out, linebuf, len);
+			if(eol) BIO_write(out, "\r\n", 2);
+			}
+		}
+	(void)BIO_flush(out);
+	BIO_pop(out);
+	BIO_free(bf);
+	return 1;
+}
+
+/* Strip off headers if they are text/plain */
+int SMIME_text(BIO *in, BIO *out)
+{
+	char iobuf[4096];
+	int len;
+	STACK_OF(MIME_HEADER) *headers;
+	MIME_HEADER *hdr;
+
+	if (!(headers = mime_parse_hdr(in))) {
+		ASN1err(ASN1_F_SMIME_TEXT,ASN1_R_MIME_PARSE_ERROR);
+		return 0;
+	}
+	if(!(hdr = mime_hdr_find(headers, "content-type")) || !hdr->value) {
+		ASN1err(ASN1_F_SMIME_TEXT,ASN1_R_MIME_NO_CONTENT_TYPE);
+		sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
+		return 0;
+	}
+	if (strcmp (hdr->value, "text/plain")) {
+		ASN1err(ASN1_F_SMIME_TEXT,ASN1_R_INVALID_MIME_TYPE);
+		ERR_add_error_data(2, "type: ", hdr->value);
+		sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
+		return 0;
+	}
+	sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
+	while ((len = BIO_read(in, iobuf, sizeof(iobuf))) > 0)
+						BIO_write(out, iobuf, len);
+	if (len < 0)
+		return 0;
+	return 1;
+}
+
+/* Split a multipart/XXX message body into component parts: result is
+ * canonical parts in a STACK of bios
+ */
+
+static int multi_split(BIO *bio, char *bound, STACK_OF(BIO) **ret)
+{
+	char linebuf[MAX_SMLEN];
+	int len, blen;
+	int eol = 0, next_eol = 0;
+	BIO *bpart = NULL;
+	STACK_OF(BIO) *parts;
+	char state, part, first;
+
+	blen = strlen(bound);
+	part = 0;
+	state = 0;
+	first = 1;
+	parts = sk_BIO_new_null();
+	*ret = parts;
+	while ((len = BIO_gets(bio, linebuf, MAX_SMLEN)) > 0) {
+		state = mime_bound_check(linebuf, len, bound, blen);
+		if(state == 1) {
+			first = 1;
+			part++;
+		} else if(state == 2) {
+			sk_BIO_push(parts, bpart);
+			return 1;
+		} else if(part) {
+			/* Strip CR+LF from linebuf */
+			next_eol = strip_eol(linebuf, &len);
+			if(first) {
+				first = 0;
+				if(bpart) sk_BIO_push(parts, bpart);
+				bpart = BIO_new(BIO_s_mem());
+				BIO_set_mem_eof_return(bpart, 0);
+			} else if (eol)
+				BIO_write(bpart, "\r\n", 2);
+			eol = next_eol;
+			if (len)
+				BIO_write(bpart, linebuf, len);
+		}
+	}
+	return 0;
+}
+
+/* This is the big one: parse MIME header lines up to message body */
+
+#define MIME_INVALID	0
+#define MIME_START	1
+#define MIME_TYPE	2
+#define MIME_NAME	3
+#define MIME_VALUE	4
+#define MIME_QUOTE	5
+#define MIME_COMMENT	6
+
+
+static STACK_OF(MIME_HEADER) *mime_parse_hdr(BIO *bio)
+{
+	char *p, *q, c;
+	char *ntmp;
+	char linebuf[MAX_SMLEN];
+	MIME_HEADER *mhdr = NULL;
+	STACK_OF(MIME_HEADER) *headers;
+	int len, state, save_state = 0;
+
+	headers = sk_MIME_HEADER_new(mime_hdr_cmp);
+	while ((len = BIO_gets(bio, linebuf, MAX_SMLEN)) > 0) {
+	/* If whitespace at line start then continuation line */
+	if(mhdr && isspace((unsigned char)linebuf[0])) state = MIME_NAME;
+	else state = MIME_START;
+	ntmp = NULL;
+	/* Go through all characters */
+	for(p = linebuf, q = linebuf; (c = *p) && (c!='\r') && (c!='\n'); p++) {
+
+	/* State machine to handle MIME headers
+	 * if this looks horrible that's because it *is*
+         */
+
+		switch(state) {
+			case MIME_START:
+			if(c == ':') {
+				state = MIME_TYPE;
+				*p = 0;
+				ntmp = strip_ends(q);
+				q = p + 1;
+			}
+			break;
+
+			case MIME_TYPE:
+			if(c == ';') {
+				mime_debug("Found End Value\n");
+				*p = 0;
+				mhdr = mime_hdr_new(ntmp, strip_ends(q));
+				sk_MIME_HEADER_push(headers, mhdr);
+				ntmp = NULL;
+				q = p + 1;
+				state = MIME_NAME;
+			} else if(c == '(') {
+				save_state = state;
+				state = MIME_COMMENT;
+			}
+			break;
+
+			case MIME_COMMENT:
+			if(c == ')') {
+				state = save_state;
+			}
+			break;
+
+			case MIME_NAME:
+			if(c == '=') {
+				state = MIME_VALUE;
+				*p = 0;
+				ntmp = strip_ends(q);
+				q = p + 1;
+			}
+			break ;
+
+			case MIME_VALUE:
+			if(c == ';') {
+				state = MIME_NAME;
+				*p = 0;
+				mime_hdr_addparam(mhdr, ntmp, strip_ends(q));
+				ntmp = NULL;
+				q = p + 1;
+			} else if (c == '"') {
+				mime_debug("Found Quote\n");
+				state = MIME_QUOTE;
+			} else if(c == '(') {
+				save_state = state;
+				state = MIME_COMMENT;
+			}
+			break;
+
+			case MIME_QUOTE:
+			if(c == '"') {
+				mime_debug("Found Match Quote\n");
+				state = MIME_VALUE;
+			}
+			break;
+		}
+	}
+
+	if(state == MIME_TYPE) {
+		mhdr = mime_hdr_new(ntmp, strip_ends(q));
+		sk_MIME_HEADER_push(headers, mhdr);
+	} else if(state == MIME_VALUE)
+			 mime_hdr_addparam(mhdr, ntmp, strip_ends(q));
+	if(p == linebuf) break;	/* Blank line means end of headers */
+}
+
+return headers;
+
+}
+
+static char *strip_ends(char *name)
+{
+	return strip_end(strip_start(name));
+}
+
+/* Strip a parameter of whitespace from start of param */
+static char *strip_start(char *name)
+{
+	char *p, c;
+	/* Look for first non white space or quote */
+	for(p = name; (c = *p) ;p++) {
+		if(c == '"') {
+			/* Next char is start of string if non null */
+			if(p[1]) return p + 1;
+			/* Else null string */
+			return NULL;
+		}
+		if(!isspace((unsigned char)c)) return p;
+	}
+	return NULL;
+}
+
+/* As above but strip from end of string : maybe should handle brackets? */
+static char *strip_end(char *name)
+{
+	char *p, c;
+	if(!name) return NULL;
+	/* Look for first non white space or quote */
+	for(p = name + strlen(name) - 1; p >= name ;p--) {
+		c = *p;
+		if(c == '"') {
+			if(p - 1 == name) return NULL;
+			*p = 0;
+			return name;
+		}
+		if(isspace((unsigned char)c)) *p = 0;	
+		else return name;
+	}
+	return NULL;
+}
+
+static MIME_HEADER *mime_hdr_new(char *name, char *value)
+{
+	MIME_HEADER *mhdr;
+	char *tmpname, *tmpval, *p;
+	int c;
+	if(name) {
+		if(!(tmpname = BUF_strdup(name))) return NULL;
+		for(p = tmpname ; *p; p++) {
+			c = *p;
+			if(isupper(c)) {
+				c = tolower(c);
+				*p = c;
+			}
+		}
+	} else tmpname = NULL;
+	if(value) {
+		if(!(tmpval = BUF_strdup(value))) return NULL;
+		for(p = tmpval ; *p; p++) {
+			c = *p;
+			if(isupper(c)) {
+				c = tolower(c);
+				*p = c;
+			}
+		}
+	} else tmpval = NULL;
+	mhdr = (MIME_HEADER *) OPENSSL_malloc(sizeof(MIME_HEADER));
+	if(!mhdr) return NULL;
+	mhdr->name = tmpname;
+	mhdr->value = tmpval;
+	if(!(mhdr->params = sk_MIME_PARAM_new(mime_param_cmp))) return NULL;
+	return mhdr;
+}
+		
+static int mime_hdr_addparam(MIME_HEADER *mhdr, char *name, char *value)
+{
+	char *tmpname, *tmpval, *p;
+	int c;
+	MIME_PARAM *mparam;
+	if(name) {
+		tmpname = BUF_strdup(name);
+		if(!tmpname) return 0;
+		for(p = tmpname ; *p; p++) {
+			c = *p;
+			if(isupper(c)) {
+				c = tolower(c);
+				*p = c;
+			}
+		}
+	} else tmpname = NULL;
+	if(value) {
+		tmpval = BUF_strdup(value);
+		if(!tmpval) return 0;
+	} else tmpval = NULL;
+	/* Parameter values are case sensitive so leave as is */
+	mparam = (MIME_PARAM *) OPENSSL_malloc(sizeof(MIME_PARAM));
+	if(!mparam) return 0;
+	mparam->param_name = tmpname;
+	mparam->param_value = tmpval;
+	sk_MIME_PARAM_push(mhdr->params, mparam);
+	return 1;
+}
+
+static int mime_hdr_cmp(const MIME_HEADER * const *a,
+			const MIME_HEADER * const *b)
+{
+	return(strcmp((*a)->name, (*b)->name));
+}
+
+static int mime_param_cmp(const MIME_PARAM * const *a,
+			const MIME_PARAM * const *b)
+{
+	return(strcmp((*a)->param_name, (*b)->param_name));
+}
+
+/* Find a header with a given name (if possible) */
+
+static MIME_HEADER *mime_hdr_find(STACK_OF(MIME_HEADER) *hdrs, char *name)
+{
+	MIME_HEADER htmp;
+	int idx;
+	htmp.name = name;
+	idx = sk_MIME_HEADER_find(hdrs, &htmp);
+	if(idx < 0) return NULL;
+	return sk_MIME_HEADER_value(hdrs, idx);
+}
+
+static MIME_PARAM *mime_param_find(MIME_HEADER *hdr, char *name)
+{
+	MIME_PARAM param;
+	int idx;
+	param.param_name = name;
+	idx = sk_MIME_PARAM_find(hdr->params, &param);
+	if(idx < 0) return NULL;
+	return sk_MIME_PARAM_value(hdr->params, idx);
+}
+
+static void mime_hdr_free(MIME_HEADER *hdr)
+{
+	if(hdr->name) OPENSSL_free(hdr->name);
+	if(hdr->value) OPENSSL_free(hdr->value);
+	if(hdr->params) sk_MIME_PARAM_pop_free(hdr->params, mime_param_free);
+	OPENSSL_free(hdr);
+}
+
+static void mime_param_free(MIME_PARAM *param)
+{
+	if(param->param_name) OPENSSL_free(param->param_name);
+	if(param->param_value) OPENSSL_free(param->param_value);
+	OPENSSL_free(param);
+}
+
+/* Check for a multipart boundary. Returns:
+ * 0 : no boundary
+ * 1 : part boundary
+ * 2 : final boundary
+ */
+static int mime_bound_check(char *line, int linelen, char *bound, int blen)
+{
+	if(linelen == -1) linelen = strlen(line);
+	if(blen == -1) blen = strlen(bound);
+	/* Quickly eliminate if line length too short */
+	if(blen + 2 > linelen) return 0;
+	/* Check for part boundary */
+	if(!strncmp(line, "--", 2) && !strncmp(line + 2, bound, blen)) {
+		if(!strncmp(line + blen + 2, "--", 2)) return 2;
+		else return 1;
+	}
+	return 0;
+}
+
+static int strip_eol(char *linebuf, int *plen)
+	{
+	int len = *plen;
+	char *p, c;
+	int is_eol = 0;
+	p = linebuf + len - 1;
+	for (p = linebuf + len - 1; len > 0; len--, p--)
+		{
+		c = *p;
+		if (c == '\n')
+			is_eol = 1;
+		else if (c != '\r')
+			break;
+		}
+	*plen = len;
+	return is_eol;
+	}
diff --git a/crypto/asn1/asn_moid.c b/crypto/asn1/asn_moid.c
index 72cc1210be..1ea6a59248 100644
--- a/crypto/asn1/asn_moid.c
+++ b/crypto/asn1/asn_moid.c
@@ -1,5 +1,5 @@
 /* asn_moid.c */
-/* Written by Stephen Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Stephen Henson (steve@openssl.org) for the OpenSSL
  * project 2001.
  */
 /* ====================================================================
@@ -149,7 +149,7 @@ static int do_create(char *value, char *name)
 		if (lntmp == NULL)
 			return 0;
 		memcpy(lntmp, ln, p - ln);
-		lntmp[p - ln + 1] = 0;
+		lntmp[p - ln] = 0;
 		oid = OBJ_nid2obj(nid);
 		oid->ln = lntmp;
 		}
diff --git a/crypto/asn1/asn_pack.c b/crypto/asn1/asn_pack.c
index ea56aa6abe..ad738217d7 100644
--- a/crypto/asn1/asn_pack.c
+++ b/crypto/asn1/asn_pack.c
@@ -1,5 +1,5 @@
 /* asn_pack.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
 /* ====================================================================
@@ -66,10 +66,10 @@
 
 /* Turn an ASN1 encoded SEQUENCE OF into a STACK of structures */
 
-STACK *ASN1_seq_unpack(const unsigned char *buf, int len, char *(*d2i)(),
-	     void (*free_func)(void *))
+STACK_OF(OPENSSL_BLOCK) *ASN1_seq_unpack(const unsigned char *buf, int len,
+			 d2i_of_void *d2i, void (*free_func)(OPENSSL_BLOCK))
 {
-    STACK *sk;
+    STACK_OF(OPENSSL_BLOCK) *sk;
     const unsigned char *pbuf;
     pbuf =  buf;
     if (!(sk = d2i_ASN1_SET(NULL, &pbuf, len, d2i, free_func,
@@ -82,8 +82,8 @@ STACK *ASN1_seq_unpack(const unsigned char *buf, int len, char *(*d2i)(),
  * OPENSSL_malloc'ed buffer
  */
 
-unsigned char *ASN1_seq_pack(STACK *safes, int (*i2d)(), unsigned char **buf,
-	     int *len)
+unsigned char *ASN1_seq_pack(STACK_OF(OPENSSL_BLOCK) *safes, i2d_of_void *i2d,
+			     unsigned char **buf, int *len)
 {
 	int safelen;
 	unsigned char *safe, *p;
@@ -106,9 +106,9 @@ unsigned char *ASN1_seq_pack(STACK *safes, int (*i2d)(), unsigned char **buf,
 
 /* Extract an ASN1 object from an ASN1_STRING */
 
-void *ASN1_unpack_string (ASN1_STRING *oct, char *(*d2i)())
+void *ASN1_unpack_string(ASN1_STRING *oct, d2i_of_void *d2i)
 {
-	unsigned char *p;
+	const unsigned char *p;
 	char *ret;
 
 	p = oct->data;
@@ -119,7 +119,7 @@ void *ASN1_unpack_string (ASN1_STRING *oct, char *(*d2i)())
 
 /* Pack an ASN1 object into an ASN1_STRING */
 
-ASN1_STRING *ASN1_pack_string(void *obj, int (*i2d)(), ASN1_STRING **oct)
+ASN1_STRING *ASN1_pack_string(void *obj, i2d_of_void *i2d, ASN1_STRING **oct)
 {
 	unsigned char *p;
 	ASN1_STRING *octmp;
@@ -155,7 +155,7 @@ ASN1_STRING *ASN1_item_pack(void *obj, const ASN1_ITEM *it, ASN1_STRING **oct)
 
 	if (!oct || !*oct) {
 		if (!(octmp = ASN1_STRING_new ())) {
-			ASN1err(ASN1_F_ASN1_PACK_STRING,ERR_R_MALLOC_FAILURE);
+			ASN1err(ASN1_F_ASN1_ITEM_PACK,ERR_R_MALLOC_FAILURE);
 			return NULL;
 		}
 		if (oct) *oct = octmp;
@@ -167,11 +167,11 @@ ASN1_STRING *ASN1_item_pack(void *obj, const ASN1_ITEM *it, ASN1_STRING **oct)
 	}
 		
 	if (!(octmp->length = ASN1_item_i2d(obj, &octmp->data, it))) {
-		ASN1err(ASN1_F_ASN1_PACK_STRING,ASN1_R_ENCODE_ERROR);
+		ASN1err(ASN1_F_ASN1_ITEM_PACK,ASN1_R_ENCODE_ERROR);
 		return NULL;
 	}
 	if (!octmp->data) {
-		ASN1err(ASN1_F_ASN1_PACK_STRING,ERR_R_MALLOC_FAILURE);
+		ASN1err(ASN1_F_ASN1_ITEM_PACK,ERR_R_MALLOC_FAILURE);
 		return NULL;
 	}
 	return octmp;
@@ -186,6 +186,6 @@ void *ASN1_item_unpack(ASN1_STRING *oct, const ASN1_ITEM *it)
 
 	p = oct->data;
 	if(!(ret = ASN1_item_d2i(NULL, &p, oct->length, it)))
-		ASN1err(ASN1_F_ASN1_UNPACK_STRING,ASN1_R_DECODE_ERROR);
+		ASN1err(ASN1_F_ASN1_ITEM_UNPACK,ASN1_R_DECODE_ERROR);
 	return ret;
 }
diff --git a/crypto/asn1/bio_asn1.c b/crypto/asn1/bio_asn1.c
new file mode 100644
index 0000000000..dc7efd551c
--- /dev/null
+++ b/crypto/asn1/bio_asn1.c
@@ -0,0 +1,495 @@
+/* bio_asn1.c */
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/* Experimental ASN1 BIO. When written through the data is converted
+ * to an ASN1 string type: default is OCTET STRING. Additional functions
+ * can be provided to add prefix and suffix data.
+ */
+
+#include <string.h>
+#include <openssl/bio.h>
+#include <openssl/asn1.h>
+
+/* Must be large enough for biggest tag+length */
+#define DEFAULT_ASN1_BUF_SIZE 20
+
+typedef enum 
+	{
+	ASN1_STATE_START,
+	ASN1_STATE_PRE_COPY,
+	ASN1_STATE_HEADER,
+	ASN1_STATE_HEADER_COPY,
+	ASN1_STATE_DATA_COPY,
+	ASN1_STATE_POST_COPY,
+	ASN1_STATE_DONE
+	} asn1_bio_state_t;
+
+typedef struct BIO_ASN1_EX_FUNCS_st
+	{
+	asn1_ps_func	*ex_func;
+	asn1_ps_func	*ex_free_func;
+	} BIO_ASN1_EX_FUNCS;
+
+typedef struct BIO_ASN1_BUF_CTX_t
+	{
+	/* Internal state */
+	asn1_bio_state_t state;
+	/* Internal buffer */
+	unsigned char *buf;
+	/* Size of buffer */
+	int bufsize;
+	/* Current position in buffer */
+	int bufpos;
+	/* Current buffer length */
+	int buflen;
+	/* Amount of data to copy */
+	int copylen;
+	/* Class and tag to use */
+	int asn1_class, asn1_tag;
+	asn1_ps_func *prefix, *prefix_free, *suffix, *suffix_free;
+	/* Extra buffer for prefix and suffix data */
+	unsigned char *ex_buf;
+	int ex_len;
+	int ex_pos;
+	void *ex_arg;
+	} BIO_ASN1_BUF_CTX;
+
+
+static int asn1_bio_write(BIO *h, const char *buf,int num);
+static int asn1_bio_read(BIO *h, char *buf, int size);
+static int asn1_bio_puts(BIO *h, const char *str);
+static int asn1_bio_gets(BIO *h, char *str, int size);
+static long asn1_bio_ctrl(BIO *h, int cmd, long arg1, void *arg2);
+static int asn1_bio_new(BIO *h);
+static int asn1_bio_free(BIO *data);
+static long asn1_bio_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp);
+
+static int asn1_bio_init(BIO_ASN1_BUF_CTX *ctx, int size);
+static int asn1_bio_flush_ex(BIO *b, BIO_ASN1_BUF_CTX *ctx,
+				asn1_ps_func *cleanup, asn1_bio_state_t next);
+static int asn1_bio_setup_ex(BIO *b, BIO_ASN1_BUF_CTX *ctx,
+				asn1_ps_func *setup, 
+				asn1_bio_state_t ex_state,
+				asn1_bio_state_t other_state);
+
+static BIO_METHOD methods_asn1=
+	{
+	BIO_TYPE_ASN1,
+	"asn1",
+	asn1_bio_write,
+	asn1_bio_read,
+	asn1_bio_puts,
+	asn1_bio_gets,
+	asn1_bio_ctrl,
+	asn1_bio_new,
+	asn1_bio_free,
+	asn1_bio_callback_ctrl,
+	};
+
+BIO_METHOD *BIO_f_asn1(void)
+	{
+	return(&methods_asn1);
+	}
+
+
+static int asn1_bio_new(BIO *b)
+	{
+	BIO_ASN1_BUF_CTX *ctx;
+	ctx = OPENSSL_malloc(sizeof(BIO_ASN1_BUF_CTX));
+	if (!ctx)
+		return 0;
+	if (!asn1_bio_init(ctx, DEFAULT_ASN1_BUF_SIZE))
+		return 0;
+	b->init = 1;
+	b->ptr = (char *)ctx;
+	b->flags = 0;
+	return 1;
+	}
+
+static int asn1_bio_init(BIO_ASN1_BUF_CTX *ctx, int size)
+	{
+	ctx->buf = OPENSSL_malloc(size);
+	if (!ctx->buf)
+		return 0;
+	ctx->bufsize = size;
+	ctx->bufpos = 0;
+	ctx->buflen = 0;
+	ctx->copylen = 0;
+	ctx->asn1_class = V_ASN1_UNIVERSAL;
+	ctx->asn1_tag = V_ASN1_OCTET_STRING;
+	ctx->ex_buf = 0;
+	ctx->ex_pos = 0;
+	ctx->ex_len = 0;
+	ctx->state = ASN1_STATE_START;
+	return 1;
+	}
+
+static int asn1_bio_free(BIO *b)
+	{
+	BIO_ASN1_BUF_CTX *ctx;
+	ctx = (BIO_ASN1_BUF_CTX *) b->ptr;
+	if (ctx == NULL)
+		return 0;
+	if (ctx->buf)
+		OPENSSL_free(ctx->buf);
+	OPENSSL_free(ctx);
+	b->init = 0;
+	b->ptr = NULL;
+	b->flags = 0;
+	return 1;
+	}
+
+static int asn1_bio_write(BIO *b, const char *in , int inl)
+	{
+	BIO_ASN1_BUF_CTX *ctx;
+	int wrmax, wrlen, ret;
+	unsigned char *p;
+	if (!in || (inl < 0) || (b->next_bio == NULL))
+		return 0;
+	ctx = (BIO_ASN1_BUF_CTX *) b->ptr;
+	if (ctx == NULL)
+		return 0;
+
+	wrlen = 0;
+	ret = -1;
+
+	for(;;)
+		{
+		switch (ctx->state)
+			{
+
+			/* Setup prefix data, call it */
+			case ASN1_STATE_START:
+			if (!asn1_bio_setup_ex(b, ctx, ctx->prefix,
+				ASN1_STATE_PRE_COPY, ASN1_STATE_HEADER))
+				return 0;
+			break;
+
+			/* Copy any pre data first */
+			case ASN1_STATE_PRE_COPY:
+
+			ret = asn1_bio_flush_ex(b, ctx, ctx->prefix_free,
+							ASN1_STATE_HEADER);
+
+			if (ret <= 0)
+				goto done;
+
+			break;
+
+			case ASN1_STATE_HEADER:
+			ctx->buflen =
+				ASN1_object_size(0, inl, ctx->asn1_tag) - inl;
+			OPENSSL_assert(ctx->buflen <= ctx->bufsize);
+			p = ctx->buf;
+			ASN1_put_object(&p, 0, inl,
+					ctx->asn1_tag, ctx->asn1_class);
+			ctx->copylen = inl;
+			ctx->state = ASN1_STATE_HEADER_COPY;
+
+			break;
+
+			case ASN1_STATE_HEADER_COPY:	
+			ret = BIO_write(b->next_bio,
+					ctx->buf + ctx->bufpos, ctx->buflen);
+			if (ret <= 0)
+				goto done;
+
+			ctx->buflen -= ret;
+			if (ctx->buflen)
+				ctx->bufpos += ret;
+			else
+				{
+				ctx->bufpos = 0;
+				ctx->state = ASN1_STATE_DATA_COPY;
+				}
+
+			break;
+
+			case ASN1_STATE_DATA_COPY:
+
+			if (inl > ctx->copylen)
+				wrmax = ctx->copylen;
+			else
+				wrmax = inl;
+			ret = BIO_write(b->next_bio, in, wrmax);
+			if (ret <= 0)
+				break;
+			wrlen += ret;
+			ctx->copylen -= ret;
+			in += ret;
+			inl -= ret;
+
+			if (ctx->copylen == 0)
+				ctx->state = ASN1_STATE_HEADER;
+
+			if (inl == 0)
+				goto done;
+
+			break;
+
+			default:
+			BIO_clear_retry_flags(b);
+			return 0;
+
+			}
+
+		}
+
+	done:
+	BIO_clear_retry_flags(b);
+	BIO_copy_next_retry(b);
+
+	return (wrlen > 0) ? wrlen : ret;
+
+	}
+
+static int asn1_bio_flush_ex(BIO *b, BIO_ASN1_BUF_CTX *ctx,
+				asn1_ps_func *cleanup, asn1_bio_state_t next)
+	{
+	int ret;
+	if (ctx->ex_len <= 0)
+		return 1;
+	for(;;)
+		{
+		ret = BIO_write(b->next_bio, ctx->ex_buf + ctx->ex_pos,
+								ctx->ex_len);
+		if (ret <= 0)
+			break;
+		ctx->ex_len -= ret;
+		if (ctx->ex_len > 0)
+			ctx->ex_pos += ret;
+		else
+			{
+			if(cleanup)
+				cleanup(b, &ctx->ex_buf, &ctx->ex_len,
+								&ctx->ex_arg);
+			ctx->state = next;
+			ctx->ex_pos = 0;
+			break;
+			}
+		}
+	return ret;
+	}
+
+static int asn1_bio_setup_ex(BIO *b, BIO_ASN1_BUF_CTX *ctx,
+				asn1_ps_func *setup, 
+				asn1_bio_state_t ex_state,
+				asn1_bio_state_t other_state)
+	{
+	if (setup && !setup(b, &ctx->ex_buf, &ctx->ex_len, &ctx->ex_arg))
+		{
+		BIO_clear_retry_flags(b);
+		return 0;
+		}
+	if (ctx->ex_len > 0)
+		ctx->state = ex_state;
+	else
+		ctx->state = other_state;
+	return 1;
+	}
+
+static int asn1_bio_read(BIO *b, char *in , int inl)
+	{
+	if (!b->next_bio)
+		return 0;
+	return BIO_read(b->next_bio, in , inl);
+	}
+
+static int asn1_bio_puts(BIO *b, const char *str)
+	{
+	return asn1_bio_write(b, str, strlen(str));
+	}
+
+static int asn1_bio_gets(BIO *b, char *str, int size)
+	{
+	if (!b->next_bio)
+		return 0;
+	return BIO_gets(b->next_bio, str , size);
+	}
+
+static long asn1_bio_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
+	{
+	if (b->next_bio == NULL) return(0);
+	return BIO_callback_ctrl(b->next_bio,cmd,fp);
+	}
+
+static long asn1_bio_ctrl(BIO *b, int cmd, long arg1, void *arg2)
+	{
+	BIO_ASN1_BUF_CTX *ctx;
+	BIO_ASN1_EX_FUNCS *ex_func;
+	long ret = 1;
+	ctx = (BIO_ASN1_BUF_CTX *) b->ptr;
+	if (ctx == NULL)
+		return 0;
+	switch(cmd)
+		{
+
+		case BIO_C_SET_PREFIX:
+		ex_func = arg2;
+		ctx->prefix  = ex_func->ex_func;
+		ctx->prefix_free  = ex_func->ex_free_func;
+		break;
+
+		case BIO_C_GET_PREFIX:
+		ex_func = arg2;
+		ex_func->ex_func = ctx->prefix;
+		ex_func->ex_free_func = ctx->prefix_free;
+		break;
+
+		case BIO_C_SET_SUFFIX:
+		ex_func = arg2;
+		ctx->suffix  = ex_func->ex_func;
+		ctx->suffix_free  = ex_func->ex_free_func;
+		break;
+
+		case BIO_C_GET_SUFFIX:
+		ex_func = arg2;
+		ex_func->ex_func = ctx->suffix;
+		ex_func->ex_free_func = ctx->suffix_free;
+		break;
+
+		case BIO_C_SET_EX_ARG:
+		ctx->ex_arg = arg2;
+		break;
+
+		case BIO_C_GET_EX_ARG:
+		*(void **)arg2 = ctx->ex_arg;
+		break;
+
+		case BIO_CTRL_FLUSH:
+		if (!b->next_bio)
+			return 0;
+
+		/* Call post function if possible */
+		if (ctx->state == ASN1_STATE_HEADER)
+			{
+			if (!asn1_bio_setup_ex(b, ctx, ctx->suffix,
+				ASN1_STATE_POST_COPY, ASN1_STATE_DONE))
+				return 0;
+			}
+
+		if (ctx->state == ASN1_STATE_POST_COPY)
+			{
+			ret = asn1_bio_flush_ex(b, ctx, ctx->suffix_free,
+							ASN1_STATE_DONE);
+			if (ret <= 0)
+				return ret;
+			}
+
+		if (ctx->state == ASN1_STATE_DONE)
+			return BIO_ctrl(b->next_bio, cmd, arg1, arg2);
+		else
+			{
+			BIO_clear_retry_flags(b);
+			return 0;
+			}
+		break;
+
+
+		default:
+		if (!b->next_bio)
+			return 0;
+		return BIO_ctrl(b->next_bio, cmd, arg1, arg2);
+
+		}
+
+	return ret;
+	}
+
+static int asn1_bio_set_ex(BIO *b, int cmd,
+		asn1_ps_func *ex_func, asn1_ps_func *ex_free_func)
+	{
+	BIO_ASN1_EX_FUNCS extmp;
+	extmp.ex_func = ex_func;
+	extmp.ex_free_func = ex_free_func;
+	return BIO_ctrl(b, cmd, 0, &extmp);
+	}
+
+static int asn1_bio_get_ex(BIO *b, int cmd,
+		asn1_ps_func **ex_func, asn1_ps_func **ex_free_func)
+	{
+	BIO_ASN1_EX_FUNCS extmp;
+	int ret;
+	ret = BIO_ctrl(b, cmd, 0, &extmp);
+	if (ret > 0)
+		{
+		*ex_func = extmp.ex_func;
+		*ex_free_func = extmp.ex_free_func;
+		}
+	return ret;
+	}
+
+int BIO_asn1_set_prefix(BIO *b, asn1_ps_func *prefix, asn1_ps_func *prefix_free)
+	{
+	return asn1_bio_set_ex(b, BIO_C_SET_PREFIX, prefix, prefix_free);
+	}
+
+int BIO_asn1_get_prefix(BIO *b, asn1_ps_func **pprefix, asn1_ps_func **pprefix_free)
+	{
+	return asn1_bio_get_ex(b, BIO_C_GET_PREFIX, pprefix, pprefix_free);
+	}
+
+int BIO_asn1_set_suffix(BIO *b, asn1_ps_func *suffix, asn1_ps_func *suffix_free)
+	{
+	return asn1_bio_set_ex(b, BIO_C_SET_SUFFIX, suffix, suffix_free);
+	}
+
+int BIO_asn1_get_suffix(BIO *b, asn1_ps_func **psuffix, asn1_ps_func **psuffix_free)
+	{
+	return asn1_bio_get_ex(b, BIO_C_GET_SUFFIX, psuffix, psuffix_free);
+	}
diff --git a/crypto/asn1/bio_ndef.c b/crypto/asn1/bio_ndef.c
new file mode 100644
index 0000000000..370389b1e6
--- /dev/null
+++ b/crypto/asn1/bio_ndef.c
@@ -0,0 +1,246 @@
+/* bio_ndef.c */
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project.
+ */
+/* ====================================================================
+ * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#include <openssl/asn1.h>
+#include <openssl/asn1t.h>
+#include <openssl/bio.h>
+#include <openssl/err.h>
+
+#ifndef OPENSSL_SYSNAME_NETWARE
+#include <memory.h>
+#endif
+#include <stdio.h>
+
+/* Experimental NDEF ASN1 BIO support routines */
+
+/* The usage is quite simple, initialize an ASN1 structure,
+ * get a BIO from it then any data written through the BIO
+ * will end up translated to approptiate format on the fly.
+ * The data is streamed out and does *not* need to be
+ * all held in memory at once.
+ *
+ * When the BIO is flushed the output is finalized and any
+ * signatures etc written out.
+ *
+ * The BIO is a 'proper' BIO and can handle non blocking I/O
+ * correctly.
+ *
+ * The usage is simple. The implementation is *not*...
+ */
+
+/* BIO support data stored in the ASN1 BIO ex_arg */
+
+typedef struct ndef_aux_st
+	{
+	/* ASN1 structure this BIO refers to */
+	ASN1_VALUE *val;
+	const ASN1_ITEM *it;
+	/* Top of the BIO chain */
+	BIO *ndef_bio;
+	/* Output BIO */
+	BIO *out;
+	/* Boundary where content is inserted */
+	unsigned char **boundary;
+	/* DER buffer start */
+	unsigned char *derbuf;
+	} NDEF_SUPPORT;
+
+static int ndef_prefix(BIO *b, unsigned char **pbuf, int *plen, void *parg);
+static int ndef_prefix_free(BIO *b, unsigned char **pbuf, int *plen, void *parg);
+static int ndef_suffix(BIO *b, unsigned char **pbuf, int *plen, void *parg);
+static int ndef_suffix_free(BIO *b, unsigned char **pbuf, int *plen, void *parg);
+
+BIO *BIO_new_NDEF(BIO *out, ASN1_VALUE *val, const ASN1_ITEM *it)
+	{
+	NDEF_SUPPORT *ndef_aux = NULL;
+	BIO *asn_bio = NULL;
+	const ASN1_AUX *aux = it->funcs;
+	ASN1_STREAM_ARG sarg;
+
+	if (!aux || !aux->asn1_cb)
+		{
+		ASN1err(ASN1_F_BIO_NEW_NDEF, ASN1_R_STREAMING_NOT_SUPPORTED);
+		return NULL;
+		}
+	ndef_aux = OPENSSL_malloc(sizeof(NDEF_SUPPORT));
+	asn_bio = BIO_new(BIO_f_asn1());
+
+	/* ASN1 bio needs to be next to output BIO */
+
+	out = BIO_push(asn_bio, out);
+
+	if (!ndef_aux || !asn_bio || !out)
+		goto err;
+
+	BIO_asn1_set_prefix(asn_bio, ndef_prefix, ndef_prefix_free);
+	BIO_asn1_set_suffix(asn_bio, ndef_suffix, ndef_suffix_free);
+
+	/* Now let callback prepend any digest, cipher etc BIOs
+	 * ASN1 structure needs.
+	 */
+
+	sarg.out = out;
+	sarg.ndef_bio = NULL;
+	sarg.boundary = NULL;
+
+	if (aux->asn1_cb(ASN1_OP_STREAM_PRE, &val, it, &sarg) <= 0)
+		goto err;
+
+	ndef_aux->val = val;
+	ndef_aux->it = it;
+	ndef_aux->ndef_bio = sarg.ndef_bio;
+	ndef_aux->boundary = sarg.boundary;
+	ndef_aux->out = out;
+
+	BIO_ctrl(asn_bio, BIO_C_SET_EX_ARG, 0, ndef_aux);
+
+	return sarg.ndef_bio;
+
+	err:
+	if (asn_bio)
+		BIO_free(asn_bio);
+	if (ndef_aux)
+		OPENSSL_free(ndef_aux);
+	return NULL;
+	}
+
+static int ndef_prefix(BIO *b, unsigned char **pbuf, int *plen, void *parg)
+	{
+	NDEF_SUPPORT *ndef_aux;
+	unsigned char *p;
+	int derlen;
+
+	if (!parg)
+		return 0;
+
+	ndef_aux = *(NDEF_SUPPORT **)parg;
+
+	derlen = ASN1_item_ndef_i2d(ndef_aux->val, NULL, ndef_aux->it);
+	p = OPENSSL_malloc(derlen);
+	ndef_aux->derbuf = p;
+	*pbuf = p;
+	derlen = ASN1_item_ndef_i2d(ndef_aux->val, &p, ndef_aux->it);
+
+	if (!*ndef_aux->boundary)
+		return 0;
+
+	*plen = *ndef_aux->boundary - *pbuf;
+
+	return 1;
+	}
+
+static int ndef_prefix_free(BIO *b, unsigned char **pbuf, int *plen, void *parg)
+	{
+	NDEF_SUPPORT *ndef_aux;
+
+	if (!parg)
+		return 0;
+
+	ndef_aux = *(NDEF_SUPPORT **)parg;
+
+	if (ndef_aux->derbuf)
+		OPENSSL_free(ndef_aux->derbuf);
+
+	ndef_aux->derbuf = NULL;
+	*pbuf = NULL;
+	*plen = 0;
+	return 1;
+	}
+
+static int ndef_suffix_free(BIO *b, unsigned char **pbuf, int *plen, void *parg)
+	{
+	NDEF_SUPPORT **pndef_aux = (NDEF_SUPPORT **)parg;
+	if (!ndef_prefix_free(b, pbuf, plen, parg))
+		return 0;
+	OPENSSL_free(*pndef_aux);
+	*pndef_aux = NULL;
+	return 1;
+	}
+
+static int ndef_suffix(BIO *b, unsigned char **pbuf, int *plen, void *parg)
+	{
+	NDEF_SUPPORT *ndef_aux;
+	unsigned char *p;
+	int derlen;
+	const ASN1_AUX *aux;
+	ASN1_STREAM_ARG sarg;
+
+	if (!parg)
+		return 0;
+
+	ndef_aux = *(NDEF_SUPPORT **)parg;
+
+	aux = ndef_aux->it->funcs;
+
+	/* Finalize structures */
+	sarg.ndef_bio = ndef_aux->ndef_bio;
+	sarg.out = ndef_aux->out;
+	sarg.boundary = ndef_aux->boundary;
+	if (aux->asn1_cb(ASN1_OP_STREAM_POST,
+				&ndef_aux->val, ndef_aux->it, &sarg) <= 0)
+		return 0;
+
+	derlen = ASN1_item_ndef_i2d(ndef_aux->val, NULL, ndef_aux->it);
+	p = OPENSSL_malloc(derlen);
+	ndef_aux->derbuf = p;
+	*pbuf = p;
+	derlen = ASN1_item_ndef_i2d(ndef_aux->val, &p, ndef_aux->it);
+
+	if (!*ndef_aux->boundary)
+		return 0;
+	*pbuf = *ndef_aux->boundary;
+	*plen = derlen - (*ndef_aux->boundary - ndef_aux->derbuf);
+
+	return 1;
+	}
diff --git a/crypto/asn1/charmap.h b/crypto/asn1/charmap.h
index bd020a9562..b55e638725 100644
--- a/crypto/asn1/charmap.h
+++ b/crypto/asn1/charmap.h
@@ -2,7 +2,7 @@
  * Mask of various character properties
  */
 
-static unsigned char char_type[] = {
+static const unsigned char char_type[] = {
  2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
  2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
 120, 0, 1,40, 0, 0, 0,16,16,16, 0,25,25,16,16,16,
diff --git a/crypto/asn1/d2i_pr.c b/crypto/asn1/d2i_pr.c
index 5f30585142..2828944777 100644
--- a/crypto/asn1/d2i_pr.c
+++ b/crypto/asn1/d2i_pr.c
@@ -61,16 +61,12 @@
 #include <openssl/bn.h>
 #include <openssl/evp.h>
 #include <openssl/objects.h>
-#include <openssl/asn1.h>
-#ifndef OPENSSL_NO_RSA
-#include <openssl/rsa.h>
-#endif
-#ifndef OPENSSL_NO_DSA
-#include <openssl/dsa.h>
-#endif
-#ifndef OPENSSL_NO_EC
-#include <openssl/ec.h>
+#ifndef OPENSSL_NO_ENGINE
+#include <openssl/engine.h>
 #endif
+#include <openssl/x509.h>
+#include <openssl/asn1.h>
+#include "asn1_locl.h"
 
 EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp,
 	     long length)
@@ -85,47 +81,43 @@ EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp,
 			return(NULL);
 			}
 		}
-	else	ret= *a;
-
-	ret->save_type=type;
-	ret->type=EVP_PKEY_type(type);
-	switch (ret->type)
+	else
 		{
-#ifndef OPENSSL_NO_RSA
-	case EVP_PKEY_RSA:
-		if ((ret->pkey.rsa=d2i_RSAPrivateKey(NULL,
-			(const unsigned char **)pp,length)) == NULL) /* TMP UGLY CAST */
+		ret= *a;
+#ifndef OPENSSL_NO_ENGINE
+		if (ret->engine)
 			{
-			ASN1err(ASN1_F_D2I_PRIVATEKEY,ERR_R_ASN1_LIB);
-			goto err;
+			ENGINE_finish(ret->engine);
+			ret->engine = NULL;
 			}
-		break;
 #endif
-#ifndef OPENSSL_NO_DSA
-	case EVP_PKEY_DSA:
-		if ((ret->pkey.dsa=d2i_DSAPrivateKey(NULL,
-			(const unsigned char **)pp,length)) == NULL) /* TMP UGLY CAST */
+		}
+
+	if (!EVP_PKEY_set_type(ret, type))
+		{
+		ASN1err(ASN1_F_D2I_PRIVATEKEY,ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE);
+		goto err;
+		}
+
+	if (!ret->ameth->old_priv_decode ||
+			!ret->ameth->old_priv_decode(ret, pp, length))
+		{
+		if (ret->ameth->priv_decode) 
 			{
-			ASN1err(ASN1_F_D2I_PRIVATEKEY,ERR_R_ASN1_LIB);
-			goto err;
-			}
-		break;
-#endif
-#ifndef OPENSSL_NO_EC
-	case EVP_PKEY_EC:
-		if ((ret->pkey.eckey = d2i_ECPrivateKey(NULL, 
-			(const unsigned char **)pp, length)) == NULL)
+			PKCS8_PRIV_KEY_INFO *p8=NULL;
+			p8=d2i_PKCS8_PRIV_KEY_INFO(NULL,pp,length);
+			if (!p8) goto err;
+			EVP_PKEY_free(ret);
+			ret = EVP_PKCS82PKEY(p8);
+			PKCS8_PRIV_KEY_INFO_free(p8);
+
+			} 
+		else 
 			{
-			ASN1err(ASN1_F_D2I_PRIVATEKEY, ERR_R_ASN1_LIB);
+			ASN1err(ASN1_F_D2I_PRIVATEKEY,ERR_R_ASN1_LIB);
 			goto err;
 			}
-		break;
-#endif
-	default:
-		ASN1err(ASN1_F_D2I_PRIVATEKEY,ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE);
-		goto err;
-		/* break; */
-		}
+		}	
 	if (a != NULL) (*a)=ret;
 	return(ret);
 err:
@@ -146,8 +138,7 @@ EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp,
 	 * by analyzing it we can determine the passed structure: this
 	 * assumes the input is surrounded by an ASN1 SEQUENCE.
 	 */
-	inkey = d2i_ASN1_SET_OF_ASN1_TYPE(NULL, &p, length, d2i_ASN1_TYPE, 
-			ASN1_TYPE_free, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL);
+	inkey = d2i_ASN1_SEQUENCE_ANY(NULL, &p, length);
 	/* Since we only need to discern "traditional format" RSA and DSA
 	 * keys we can just count the elements.
          */
@@ -155,6 +146,24 @@ EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp,
 		keytype = EVP_PKEY_DSA;
 	else if (sk_ASN1_TYPE_num(inkey) == 4)
 		keytype = EVP_PKEY_EC;
+	else if (sk_ASN1_TYPE_num(inkey) == 3)  
+		{ /* This seems to be PKCS8, not traditional format */
+			PKCS8_PRIV_KEY_INFO *p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL,pp,length);
+			EVP_PKEY *ret;
+
+			sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free);
+			if (!p8) 
+				{
+				ASN1err(ASN1_F_D2I_AUTOPRIVATEKEY,ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE);
+				return NULL;
+				}
+			ret = EVP_PKCS82PKEY(p8);
+			PKCS8_PRIV_KEY_INFO_free(p8);
+			if (a) {
+				*a = ret;
+			}	
+			return ret;
+		}
 	else keytype = EVP_PKEY_RSA;
 	sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free);
 	return d2i_PrivateKey(keytype, a, pp, length);
diff --git a/crypto/asn1/d2i_pu.c b/crypto/asn1/d2i_pu.c
index 8a05810eda..c8f39ceb03 100644
--- a/crypto/asn1/d2i_pu.c
+++ b/crypto/asn1/d2i_pu.c
@@ -87,9 +87,13 @@ EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, const unsigned char **pp,
 		}
 	else	ret= *a;
 
-	ret->save_type=type;
-	ret->type=EVP_PKEY_type(type);
-	switch (ret->type)
+	if (!EVP_PKEY_set_type(ret, type))
+		{
+		ASN1err(ASN1_F_D2I_PUBLICKEY,ERR_R_EVP_LIB);
+		goto err;
+		}
+
+	switch (EVP_PKEY_id(ret))
 		{
 #ifndef OPENSSL_NO_RSA
 	case EVP_PKEY_RSA:
@@ -113,7 +117,7 @@ EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, const unsigned char **pp,
 #endif
 #ifndef OPENSSL_NO_EC
 	case EVP_PKEY_EC:
-		if (!o2i_ECPublicKey(&(ret->pkey.eckey),
+		if (!o2i_ECPublicKey(&(ret->pkey.ec),
 				     (const unsigned char **)pp, length))
 			{
 			ASN1err(ASN1_F_D2I_PUBLICKEY, ERR_R_ASN1_LIB);
diff --git a/crypto/asn1/i2d_pr.c b/crypto/asn1/i2d_pr.c
index bbf2a0d2d6..e398b62666 100644
--- a/crypto/asn1/i2d_pr.c
+++ b/crypto/asn1/i2d_pr.c
@@ -58,41 +58,22 @@
 
 #include <stdio.h>
 #include "cryptlib.h"
-#include <openssl/bn.h>
 #include <openssl/evp.h>
-#include <openssl/objects.h>
-#ifndef OPENSSL_NO_RSA
-#include <openssl/rsa.h>
-#endif
-#ifndef OPENSSL_NO_DSA
-#include <openssl/dsa.h>
-#endif
-#ifndef OPENSSL_NO_EC
-#include <openssl/ec.h>
-#endif
+#include <openssl/x509.h>
+#include "asn1_locl.h"
 
 int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp)
 	{
-#ifndef OPENSSL_NO_RSA
-	if (a->type == EVP_PKEY_RSA)
+	if (a->ameth && a->ameth->old_priv_encode)
 		{
-		return(i2d_RSAPrivateKey(a->pkey.rsa,pp));
+		return a->ameth->old_priv_encode(a, pp);
 		}
-	else
-#endif
-#ifndef OPENSSL_NO_DSA
-	if (a->type == EVP_PKEY_DSA)
-		{
-		return(i2d_DSAPrivateKey(a->pkey.dsa,pp));
-		}
-#endif
-#ifndef OPENSSL_NO_EC
-	if (a->type == EVP_PKEY_EC)
-		{
-		return(i2d_ECPrivateKey(a->pkey.eckey, pp));
-		}
-#endif
-
+	if (a->ameth && a->ameth->priv_encode) {
+		PKCS8_PRIV_KEY_INFO *p8 = EVP_PKEY2PKCS8(a);
+		int ret = i2d_PKCS8_PRIV_KEY_INFO(p8,pp);
+		PKCS8_PRIV_KEY_INFO_free(p8);
+		return ret;
+	}	
 	ASN1err(ASN1_F_I2D_PRIVATEKEY,ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE);
 	return(-1);
 	}
diff --git a/crypto/asn1/i2d_pu.c b/crypto/asn1/i2d_pu.c
index 44f186442e..34286dbd35 100644
--- a/crypto/asn1/i2d_pu.c
+++ b/crypto/asn1/i2d_pu.c
@@ -85,7 +85,7 @@ int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp)
 #endif
 #ifndef OPENSSL_NO_EC
 	case EVP_PKEY_EC:
-		return(i2o_ECPublicKey(a->pkey.eckey, pp));
+		return(i2o_ECPublicKey(a->pkey.ec, pp));
 #endif
 	default:
 		ASN1err(ASN1_F_I2D_PUBLICKEY,ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE);
diff --git a/crypto/asn1/n_pkey.c b/crypto/asn1/n_pkey.c
index a5a02e843c..9a41f29e3e 100644
--- a/crypto/asn1/n_pkey.c
+++ b/crypto/asn1/n_pkey.c
@@ -107,14 +107,20 @@ DECLARE_ASN1_ENCODE_FUNCTIONS_const(NETSCAPE_PKEY,NETSCAPE_PKEY)
 IMPLEMENT_ASN1_FUNCTIONS_const(NETSCAPE_PKEY)
 
 static RSA *d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os,
-	     int (*cb)(), int sgckey);
+			  int (*cb)(char *buf, int len, const char *prompt,
+				    int verify),
+			  int sgckey);
 
-int i2d_Netscape_RSA(const RSA *a, unsigned char **pp, int (*cb)())
+int i2d_Netscape_RSA(const RSA *a, unsigned char **pp,
+		     int (*cb)(char *buf, int len, const char *prompt,
+			       int verify))
 {
 	return i2d_RSA_NET(a, pp, cb, 0);
 }
 
-int i2d_RSA_NET(const RSA *a, unsigned char **pp, int (*cb)(), int sgckey)
+int i2d_RSA_NET(const RSA *a, unsigned char **pp,
+		int (*cb)(char *buf, int len, const char *prompt, int verify),
+		int sgckey)
 	{
 	int i, j, ret = 0;
 	int rsalen, pkeylen, olen;
@@ -123,6 +129,7 @@ int i2d_RSA_NET(const RSA *a, unsigned char **pp, int (*cb)(), int sgckey)
 	unsigned char buf[256],*zz;
 	unsigned char key[EVP_MAX_KEY_LENGTH];
 	EVP_CIPHER_CTX ctx;
+	EVP_CIPHER_CTX_init(&ctx);
 
 	if (a == NULL) return(0);
 
@@ -164,7 +171,7 @@ int i2d_RSA_NET(const RSA *a, unsigned char **pp, int (*cb)(), int sgckey)
 	/* Since its RC4 encrypted length is actual length */
 	if ((zz=(unsigned char *)OPENSSL_malloc(rsalen)) == NULL)
 		{
-		ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ERR_R_MALLOC_FAILURE);
+		ASN1err(ASN1_F_I2D_RSA_NET,ERR_R_MALLOC_FAILURE);
 		goto err;
 		}
 
@@ -174,13 +181,13 @@ int i2d_RSA_NET(const RSA *a, unsigned char **pp, int (*cb)(), int sgckey)
 
 	if ((zz=OPENSSL_malloc(pkeylen)) == NULL)
 		{
-		ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ERR_R_MALLOC_FAILURE);
+		ASN1err(ASN1_F_I2D_RSA_NET,ERR_R_MALLOC_FAILURE);
 		goto err;
 		}
 
 	if (!ASN1_STRING_set(enckey->os, "private-key", -1)) 
 		{
-		ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ERR_R_MALLOC_FAILURE);
+		ASN1err(ASN1_F_I2D_RSA_NET,ERR_R_MALLOC_FAILURE);
 		goto err;
 		}
 	enckey->enckey->digest->data = zz;
@@ -191,45 +198,53 @@ int i2d_RSA_NET(const RSA *a, unsigned char **pp, int (*cb)(), int sgckey)
 		
 	if (cb == NULL)
 		cb=EVP_read_pw_string;
-	i=cb(buf,256,"Enter Private Key password:",1);
+	i=cb((char *)buf,256,"Enter Private Key password:",1);
 	if (i != 0)
 		{
-		ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ASN1_R_BAD_PASSWORD_READ);
+		ASN1err(ASN1_F_I2D_RSA_NET,ASN1_R_BAD_PASSWORD_READ);
 		goto err;
 		}
 	i = strlen((char *)buf);
 	/* If the key is used for SGC the algorithm is modified a little. */
 	if(sgckey) {
-		EVP_Digest(buf, i, buf, NULL, EVP_md5(), NULL);
+		if (!EVP_Digest(buf, i, buf, NULL, EVP_md5(), NULL))
+			goto err;
 		memcpy(buf + 16, "SGCKEYSALT", 10);
 		i = 26;
 	}
 
-	EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf,i,1,key,NULL);
+	if (!EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf,i,1,key,NULL))
+		goto err;
 	OPENSSL_cleanse(buf,256);
 
 	/* Encrypt private key in place */
 	zz = enckey->enckey->digest->data;
-	EVP_CIPHER_CTX_init(&ctx);
-	EVP_EncryptInit_ex(&ctx,EVP_rc4(),NULL,key,NULL);
-	EVP_EncryptUpdate(&ctx,zz,&i,zz,pkeylen);
-	EVP_EncryptFinal_ex(&ctx,zz + i,&j);
-	EVP_CIPHER_CTX_cleanup(&ctx);
+	if (!EVP_EncryptInit_ex(&ctx,EVP_rc4(),NULL,key,NULL))
+		goto err;
+	if (!EVP_EncryptUpdate(&ctx,zz,&i,zz,pkeylen))
+		goto err;
+	if (!EVP_EncryptFinal_ex(&ctx,zz + i,&j))
+		goto err;
 
 	ret = i2d_NETSCAPE_ENCRYPTED_PKEY(enckey, pp);
 err:
+	EVP_CIPHER_CTX_cleanup(&ctx);
 	NETSCAPE_ENCRYPTED_PKEY_free(enckey);
 	NETSCAPE_PKEY_free(pkey);
 	return(ret);
 	}
 
 
-RSA *d2i_Netscape_RSA(RSA **a, const unsigned char **pp, long length, int (*cb)())
+RSA *d2i_Netscape_RSA(RSA **a, const unsigned char **pp, long length,
+		      int (*cb)(char *buf, int len, const char *prompt,
+				int verify))
 {
 	return d2i_RSA_NET(a, pp, length, cb, 0);
 }
 
-RSA *d2i_RSA_NET(RSA **a, const unsigned char **pp, long length, int (*cb)(), int sgckey)
+RSA *d2i_RSA_NET(RSA **a, const unsigned char **pp, long length,
+		 int (*cb)(char *buf, int len, const char *prompt, int verify),
+		 int sgckey)
 	{
 	RSA *ret=NULL;
 	const unsigned char *p, *kp;
@@ -239,20 +254,20 @@ RSA *d2i_RSA_NET(RSA **a, const unsigned char **pp, long length, int (*cb)(), in
 
 	enckey = d2i_NETSCAPE_ENCRYPTED_PKEY(NULL, &p, length);
 	if(!enckey) {
-		ASN1err(ASN1_F_D2I_NETSCAPE_RSA,ASN1_R_DECODING_ERROR);
+		ASN1err(ASN1_F_D2I_RSA_NET,ASN1_R_DECODING_ERROR);
 		return NULL;
 	}
 
 	if ((enckey->os->length != 11) || (strncmp("private-key",
 		(char *)enckey->os->data,11) != 0))
 		{
-		ASN1err(ASN1_F_D2I_NETSCAPE_RSA,ASN1_R_PRIVATE_KEY_HEADER_MISSING);
+		ASN1err(ASN1_F_D2I_RSA_NET,ASN1_R_PRIVATE_KEY_HEADER_MISSING);
 		NETSCAPE_ENCRYPTED_PKEY_free(enckey);
 		return NULL;
 		}
 	if (OBJ_obj2nid(enckey->enckey->algor->algorithm) != NID_rc4)
 		{
-		ASN1err(ASN1_F_D2I_NETSCAPE_RSA_2,ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM);
+		ASN1err(ASN1_F_D2I_RSA_NET,ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM);
 		goto err;
 	}
 	kp = enckey->enckey->digest->data;
@@ -269,7 +284,8 @@ RSA *d2i_RSA_NET(RSA **a, const unsigned char **pp, long length, int (*cb)(), in
 	}
 
 static RSA *d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os,
-	     int (*cb)(), int sgckey)
+			  int (*cb)(char *buf, int len, const char *prompt,
+				    int verify), int sgckey)
 	{
 	NETSCAPE_PKEY *pkey=NULL;
 	RSA *ret=NULL;
@@ -278,46 +294,51 @@ static RSA *d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os,
 	const unsigned char *zz;
 	unsigned char key[EVP_MAX_KEY_LENGTH];
 	EVP_CIPHER_CTX ctx;
+	EVP_CIPHER_CTX_init(&ctx);
 
-	i=cb(buf,256,"Enter Private Key password:",0);
+	i=cb((char *)buf,256,"Enter Private Key password:",0);
 	if (i != 0)
 		{
-		ASN1err(ASN1_F_D2I_NETSCAPE_RSA_2,ASN1_R_BAD_PASSWORD_READ);
+		ASN1err(ASN1_F_D2I_RSA_NET_2,ASN1_R_BAD_PASSWORD_READ);
 		goto err;
 		}
 
 	i = strlen((char *)buf);
 	if(sgckey){
-		EVP_Digest(buf, i, buf, NULL, EVP_md5(), NULL);
+		if (!EVP_Digest(buf, i, buf, NULL, EVP_md5(), NULL))
+			goto err;
 		memcpy(buf + 16, "SGCKEYSALT", 10);
 		i = 26;
 	}
 		
-	EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf,i,1,key,NULL);
+	if (!EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf,i,1,key,NULL))
+		goto err;
 	OPENSSL_cleanse(buf,256);
 
-	EVP_CIPHER_CTX_init(&ctx);
-	EVP_DecryptInit_ex(&ctx,EVP_rc4(),NULL, key,NULL);
-	EVP_DecryptUpdate(&ctx,os->data,&i,os->data,os->length);
-	EVP_DecryptFinal_ex(&ctx,&(os->data[i]),&j);
-	EVP_CIPHER_CTX_cleanup(&ctx);
+	if (!EVP_DecryptInit_ex(&ctx,EVP_rc4(),NULL, key,NULL))
+		goto err;
+	if (!EVP_DecryptUpdate(&ctx,os->data,&i,os->data,os->length))
+		goto err;
+	if (!EVP_DecryptFinal_ex(&ctx,&(os->data[i]),&j))
+		goto err;
 	os->length=i+j;
 
 	zz=os->data;
 
 	if ((pkey=d2i_NETSCAPE_PKEY(NULL,&zz,os->length)) == NULL)
 		{
-		ASN1err(ASN1_F_D2I_NETSCAPE_RSA_2,ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY);
+		ASN1err(ASN1_F_D2I_RSA_NET_2,ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY);
 		goto err;
 		}
 		
 	zz=pkey->private_key->data;
 	if ((ret=d2i_RSAPrivateKey(a,&zz,pkey->private_key->length)) == NULL)
 		{
-		ASN1err(ASN1_F_D2I_NETSCAPE_RSA_2,ASN1_R_UNABLE_TO_DECODE_RSA_KEY);
+		ASN1err(ASN1_F_D2I_RSA_NET_2,ASN1_R_UNABLE_TO_DECODE_RSA_KEY);
 		goto err;
 		}
 err:
+	EVP_CIPHER_CTX_cleanup(&ctx);
 	NETSCAPE_PKEY_free(pkey);
 	return(ret);
 	}
diff --git a/crypto/asn1/nsseq.c b/crypto/asn1/nsseq.c
index 50e2d4d07a..b8c4202230 100644
--- a/crypto/asn1/nsseq.c
+++ b/crypto/asn1/nsseq.c
@@ -1,9 +1,9 @@
 /* nsseq.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
 /* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -62,7 +62,8 @@
 #include <openssl/x509.h>
 #include <openssl/objects.h>
 
-static int nsseq_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
+static int nsseq_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
+							void *exarg)
 {
 	if(operation == ASN1_OP_NEW_POST) {
 		NETSCAPE_CERT_SEQUENCE *nsseq;
diff --git a/crypto/asn1/p5_pbe.c b/crypto/asn1/p5_pbe.c
index ec788267e0..94bc38b99f 100644
--- a/crypto/asn1/p5_pbe.c
+++ b/crypto/asn1/p5_pbe.c
@@ -1,5 +1,5 @@
 /* p5_pbe.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
 /* ====================================================================
@@ -71,60 +71,78 @@ ASN1_SEQUENCE(PBEPARAM) = {
 
 IMPLEMENT_ASN1_FUNCTIONS(PBEPARAM)
 
-/* Return an algorithm identifier for a PKCS#5 PBE algorithm */
 
-X509_ALGOR *PKCS5_pbe_set(int alg, int iter, unsigned char *salt,
-	     int saltlen)
-{
+/* Set an algorithm identifier for a PKCS#5 PBE algorithm */
+
+int PKCS5_pbe_set0_algor(X509_ALGOR *algor, int alg, int iter,
+				const unsigned char *salt, int saltlen)
+	{
 	PBEPARAM *pbe=NULL;
-	ASN1_OBJECT *al;
-	X509_ALGOR *algor;
-	ASN1_TYPE *astype=NULL;
+	ASN1_STRING *pbe_str=NULL;
+	unsigned char *sstr;
 
-	if (!(pbe = PBEPARAM_new ())) {
-		ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE);
+	pbe = PBEPARAM_new();
+	if (!pbe)
+		{
+		ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR,ERR_R_MALLOC_FAILURE);
 		goto err;
-	}
-	if(iter <= 0) iter = PKCS5_DEFAULT_ITER;
-	if (!ASN1_INTEGER_set(pbe->iter, iter)) {
-		ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE);
+		}
+	if(iter <= 0)
+		iter = PKCS5_DEFAULT_ITER;
+	if (!ASN1_INTEGER_set(pbe->iter, iter))
+		{
+		ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR,ERR_R_MALLOC_FAILURE);
 		goto err;
-	}
-	if (!saltlen) saltlen = PKCS5_SALT_LEN;
-	if (!(pbe->salt->data = OPENSSL_malloc (saltlen))) {
-		ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE);
+		}
+	if (!saltlen)
+		saltlen = PKCS5_SALT_LEN;
+	if (!ASN1_STRING_set(pbe->salt, NULL, saltlen))
+		{
+		ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR,ERR_R_MALLOC_FAILURE);
 		goto err;
-	}
-	pbe->salt->length = saltlen;
-	if (salt) memcpy (pbe->salt->data, salt, saltlen);
-	else if (RAND_pseudo_bytes (pbe->salt->data, saltlen) < 0)
+		}
+	sstr = ASN1_STRING_data(pbe->salt);
+	if (salt)
+		memcpy(sstr, salt, saltlen);
+	else if (RAND_pseudo_bytes(sstr, saltlen) < 0)
 		goto err;
 
-	if (!(astype = ASN1_TYPE_new())) {
-		ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE);
+	if(!ASN1_item_pack(pbe, ASN1_ITEM_rptr(PBEPARAM), &pbe_str))
+		{
+		ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR,ERR_R_MALLOC_FAILURE);
 		goto err;
-	}
+		}
 
-	astype->type = V_ASN1_SEQUENCE;
-	if(!ASN1_pack_string(pbe, i2d_PBEPARAM, &astype->value.sequence)) {
-		ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-	PBEPARAM_free (pbe);
+	PBEPARAM_free(pbe);
 	pbe = NULL;
-	
-	al = OBJ_nid2obj(alg); /* never need to free al */
-	if (!(algor = X509_ALGOR_new())) {
-		ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-	ASN1_OBJECT_free(algor->algorithm);
-	algor->algorithm = al;
-	algor->parameter = astype;
 
-	return (algor);
+	if (X509_ALGOR_set0(algor, OBJ_nid2obj(alg), V_ASN1_SEQUENCE, pbe_str))
+		return 1;
+
 err:
-	if (pbe != NULL) PBEPARAM_free(pbe);
-	if (astype != NULL) ASN1_TYPE_free(astype);
+	if (pbe != NULL)
+		PBEPARAM_free(pbe);
+	if (pbe_str != NULL)
+		ASN1_STRING_free(pbe_str);
+	return 0;
+	}
+
+/* Return an algorithm identifier for a PKCS#5 PBE algorithm */
+
+X509_ALGOR *PKCS5_pbe_set(int alg, int iter,
+				const unsigned char *salt, int saltlen)
+	{
+	X509_ALGOR *ret;
+	ret = X509_ALGOR_new();
+	if (!ret)
+		{
+		ASN1err(ASN1_F_PKCS5_PBE_SET,ERR_R_MALLOC_FAILURE);
+		return NULL;
+		}
+
+	if (PKCS5_pbe_set0_algor(ret, alg, iter, salt, saltlen)) 
+		return ret;
+
+	X509_ALGOR_free(ret);
 	return NULL;
-}
+	}
diff --git a/crypto/asn1/p5_pbev2.c b/crypto/asn1/p5_pbev2.c
index 1aff49570a..b053a6efc0 100644
--- a/crypto/asn1/p5_pbev2.c
+++ b/crypto/asn1/p5_pbev2.c
@@ -1,5 +1,5 @@
 /* p5_pbev2.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999-2004.
  */
 /* ====================================================================
@@ -82,23 +82,24 @@ IMPLEMENT_ASN1_FUNCTIONS(PBKDF2PARAM)
 
 /* Return an algorithm identifier for a PKCS#5 v2.0 PBE algorithm:
  * yes I know this is horrible!
+ *
+ * Extended version to allow application supplied PRF NID and IV.
  */
 
-X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter,
-				 unsigned char *salt, int saltlen)
+X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter,
+				 unsigned char *salt, int saltlen,
+				 unsigned char *aiv, int prf_nid)
 {
 	X509_ALGOR *scheme = NULL, *kalg = NULL, *ret = NULL;
-	int alg_nid;
+	int alg_nid, keylen;
 	EVP_CIPHER_CTX ctx;
 	unsigned char iv[EVP_MAX_IV_LENGTH];
-	PBKDF2PARAM *kdf = NULL;
 	PBE2PARAM *pbe2 = NULL;
-	ASN1_OCTET_STRING *osalt = NULL;
 	ASN1_OBJECT *obj;
 
 	alg_nid = EVP_CIPHER_type(cipher);
 	if(alg_nid == NID_undef) {
-		ASN1err(ASN1_F_PKCS5_PBE2_SET,
+		ASN1err(ASN1_F_PKCS5_PBE2_SET_IV,
 				ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER);
 		goto err;
 	}
@@ -113,63 +114,49 @@ X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter,
 	if(!(scheme->parameter = ASN1_TYPE_new())) goto merr;
 
 	/* Create random IV */
-	if (EVP_CIPHER_iv_length(cipher) &&
-		RAND_pseudo_bytes(iv, EVP_CIPHER_iv_length(cipher)) < 0)
-  		goto err;
+	if (EVP_CIPHER_iv_length(cipher))
+		{
+		if (aiv)
+			memcpy(iv, aiv, EVP_CIPHER_iv_length(cipher));
+		else if (RAND_pseudo_bytes(iv, EVP_CIPHER_iv_length(cipher)) < 0)
+  			goto err;
+		}
 
 	EVP_CIPHER_CTX_init(&ctx);
 
-	/* Dummy cipherinit to just setup the IV */
-	EVP_CipherInit_ex(&ctx, cipher, NULL, NULL, iv, 0);
+	/* Dummy cipherinit to just setup the IV, and PRF */
+	if (!EVP_CipherInit_ex(&ctx, cipher, NULL, NULL, iv, 0))
+		goto err;
 	if(EVP_CIPHER_param_to_asn1(&ctx, scheme->parameter) < 0) {
-		ASN1err(ASN1_F_PKCS5_PBE2_SET,
+		ASN1err(ASN1_F_PKCS5_PBE2_SET_IV,
 					ASN1_R_ERROR_SETTING_CIPHER_PARAMS);
 		EVP_CIPHER_CTX_cleanup(&ctx);
 		goto err;
 	}
+	/* If prf NID unspecified see if cipher has a preference.
+	 * An error is OK here: just means use default PRF.
+	 */
+	if ((prf_nid == -1) && 
+	EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_PBE_PRF_NID, 0, &prf_nid) <= 0)
+		{
+		ERR_clear_error();
+		prf_nid = NID_hmacWithSHA1;
+		}
 	EVP_CIPHER_CTX_cleanup(&ctx);
 
-	if(!(kdf = PBKDF2PARAM_new())) goto merr;
-	if(!(osalt = M_ASN1_OCTET_STRING_new())) goto merr;
-
-	if (!saltlen) saltlen = PKCS5_SALT_LEN;
-	if (!(osalt->data = OPENSSL_malloc (saltlen))) goto merr;
-	osalt->length = saltlen;
-	if (salt) memcpy (osalt->data, salt, saltlen);
-	else if (RAND_pseudo_bytes (osalt->data, saltlen) < 0) goto merr;
-
-	if(iter <= 0) iter = PKCS5_DEFAULT_ITER;
-	if(!ASN1_INTEGER_set(kdf->iter, iter)) goto merr;
-
-	/* Now include salt in kdf structure */
-	kdf->salt->value.octet_string = osalt;
-	kdf->salt->type = V_ASN1_OCTET_STRING;
-	osalt = NULL;
-
 	/* If its RC2 then we'd better setup the key length */
 
-	if(alg_nid == NID_rc2_cbc) {
-		if(!(kdf->keylength = M_ASN1_INTEGER_new())) goto merr;
-		if(!ASN1_INTEGER_set (kdf->keylength,
-				 EVP_CIPHER_key_length(cipher))) goto merr;
-	}
-
-	/* prf can stay NULL because we are using hmacWithSHA1 */
-
-	/* Now setup the PBE2PARAM keyfunc structure */
+	if(alg_nid == NID_rc2_cbc)
+		keylen = EVP_CIPHER_key_length(cipher);
+	else
+		keylen = -1;
 
-	pbe2->keyfunc->algorithm = OBJ_nid2obj(NID_id_pbkdf2);
-
-	/* Encode PBKDF2PARAM into parameter of pbe2 */
+	/* Setup keyfunc */
 
-	if(!(pbe2->keyfunc->parameter = ASN1_TYPE_new())) goto merr;
+	pbe2->keyfunc = PKCS5_pbkdf2_set(iter, salt, saltlen, prf_nid, keylen);
 
-	if(!ASN1_pack_string(kdf, i2d_PBKDF2PARAM,
-			 &pbe2->keyfunc->parameter->value.sequence)) goto merr;
-	pbe2->keyfunc->parameter->type = V_ASN1_SEQUENCE;
-
-	PBKDF2PARAM_free(kdf);
-	kdf = NULL;
+	if (!pbe2->keyfunc)
+		goto merr;
 
 	/* Now set up top level AlgorithmIdentifier */
 
@@ -180,7 +167,7 @@ X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter,
 
 	/* Encode PBE2PARAM into parameter */
 
-	if(!ASN1_pack_string(pbe2, i2d_PBE2PARAM,
+	if(!ASN1_item_pack(pbe2, ASN1_ITEM_rptr(PBE2PARAM),
 				 &ret->parameter->value.sequence)) goto merr;
 	ret->parameter->type = V_ASN1_SEQUENCE;
 
@@ -190,16 +177,102 @@ X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter,
 	return ret;
 
 	merr:
-	ASN1err(ASN1_F_PKCS5_PBE2_SET,ERR_R_MALLOC_FAILURE);
+	ASN1err(ASN1_F_PKCS5_PBE2_SET_IV,ERR_R_MALLOC_FAILURE);
 
 	err:
 	PBE2PARAM_free(pbe2);
 	/* Note 'scheme' is freed as part of pbe2 */
-	M_ASN1_OCTET_STRING_free(osalt);
-	PBKDF2PARAM_free(kdf);
 	X509_ALGOR_free(kalg);
 	X509_ALGOR_free(ret);
 
 	return NULL;
 
 }
+
+X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter,
+				 unsigned char *salt, int saltlen)
+	{
+	return PKCS5_pbe2_set_iv(cipher, iter, salt, saltlen, NULL, -1);
+	}
+
+X509_ALGOR *PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen,
+				int prf_nid, int keylen)
+	{
+	X509_ALGOR *keyfunc = NULL;
+	PBKDF2PARAM *kdf = NULL;
+	ASN1_OCTET_STRING *osalt = NULL;
+
+	if(!(kdf = PBKDF2PARAM_new()))
+		goto merr;
+	if(!(osalt = M_ASN1_OCTET_STRING_new()))
+		goto merr;
+
+	kdf->salt->value.octet_string = osalt;
+	kdf->salt->type = V_ASN1_OCTET_STRING;
+
+	if (!saltlen)
+		saltlen = PKCS5_SALT_LEN;
+	if (!(osalt->data = OPENSSL_malloc (saltlen)))
+		goto merr;
+
+	osalt->length = saltlen;
+
+	if (salt)
+		memcpy (osalt->data, salt, saltlen);
+	else if (RAND_pseudo_bytes (osalt->data, saltlen) < 0)
+		goto merr;
+
+	if(iter <= 0)
+		iter = PKCS5_DEFAULT_ITER;
+
+	if(!ASN1_INTEGER_set(kdf->iter, iter))
+		goto merr;
+
+	/* If have a key len set it up */
+
+	if(keylen > 0) 
+		{
+		if(!(kdf->keylength = M_ASN1_INTEGER_new()))
+			goto merr;
+		if(!ASN1_INTEGER_set (kdf->keylength, keylen))
+			goto merr;
+		}
+
+	/* prf can stay NULL if we are using hmacWithSHA1 */
+	if (prf_nid > 0 && prf_nid != NID_hmacWithSHA1)
+		{
+		kdf->prf = X509_ALGOR_new();
+		if (!kdf->prf)
+			goto merr;
+		X509_ALGOR_set0(kdf->prf, OBJ_nid2obj(prf_nid),
+					V_ASN1_NULL, NULL);
+		}
+
+	/* Finally setup the keyfunc structure */
+
+	keyfunc = X509_ALGOR_new();
+	if (!keyfunc)
+		goto merr;
+
+	keyfunc->algorithm = OBJ_nid2obj(NID_id_pbkdf2);
+
+	/* Encode PBKDF2PARAM into parameter of pbe2 */
+
+	if(!(keyfunc->parameter = ASN1_TYPE_new()))
+		goto merr;
+
+	if(!ASN1_item_pack(kdf, ASN1_ITEM_rptr(PBKDF2PARAM),
+			 &keyfunc->parameter->value.sequence))
+		goto merr;
+	keyfunc->parameter->type = V_ASN1_SEQUENCE;
+
+	PBKDF2PARAM_free(kdf);
+	return keyfunc;
+
+	merr:
+	ASN1err(ASN1_F_PKCS5_PBKDF2_SET,ERR_R_MALLOC_FAILURE);
+	PBKDF2PARAM_free(kdf);
+	X509_ALGOR_free(keyfunc);
+	return NULL;
+	}
+
diff --git a/crypto/asn1/p8_pkey.c b/crypto/asn1/p8_pkey.c
index 24b409132f..17b68d386d 100644
--- a/crypto/asn1/p8_pkey.c
+++ b/crypto/asn1/p8_pkey.c
@@ -1,9 +1,9 @@
 /* p8_pkey.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
 /* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -62,7 +62,8 @@
 #include <openssl/x509.h>
 
 /* Minor tweak to operation: zero private key data */
-static int pkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
+static int pkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
+							void *exarg)
 {
 	/* Since the structure must still be valid use ASN1_OP_FREE_PRE */
 	if(operation == ASN1_OP_FREE_PRE) {
@@ -82,3 +83,73 @@ ASN1_SEQUENCE_cb(PKCS8_PRIV_KEY_INFO, pkey_cb) = {
 } ASN1_SEQUENCE_END_cb(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO)
 
 IMPLEMENT_ASN1_FUNCTIONS(PKCS8_PRIV_KEY_INFO)
+
+int PKCS8_pkey_set0(PKCS8_PRIV_KEY_INFO *priv, ASN1_OBJECT *aobj,
+					int version,
+					int ptype, void *pval,
+					unsigned char *penc, int penclen)
+	{
+	unsigned char **ppenc = NULL;
+	if (version >= 0)
+		{
+		if (!ASN1_INTEGER_set(priv->version, version))
+			return 0;
+		}
+	if (penc)
+		{
+		int pmtype;
+		ASN1_OCTET_STRING *oct;
+		oct = ASN1_OCTET_STRING_new();
+		if (!oct)
+			return 0;
+		oct->data = penc;
+		ppenc = &oct->data;
+		oct->length = penclen;
+		if (priv->broken == PKCS8_NO_OCTET)
+			pmtype = V_ASN1_SEQUENCE;
+		else
+			pmtype = V_ASN1_OCTET_STRING;
+		ASN1_TYPE_set(priv->pkey, pmtype, oct);
+		}
+	if (!X509_ALGOR_set0(priv->pkeyalg, aobj, ptype, pval))
+		{
+		/* If call fails do not swallow 'enc' */
+		if (ppenc)
+			*ppenc = NULL;
+		return 0;
+		}
+	return 1;
+	}
+
+int PKCS8_pkey_get0(ASN1_OBJECT **ppkalg,
+		const unsigned char **pk, int *ppklen,
+		X509_ALGOR **pa,
+		PKCS8_PRIV_KEY_INFO *p8)
+	{
+	if (ppkalg)
+		*ppkalg = p8->pkeyalg->algorithm;
+	if(p8->pkey->type == V_ASN1_OCTET_STRING)
+		{
+		p8->broken = PKCS8_OK;
+		if (pk)
+			{
+			*pk = p8->pkey->value.octet_string->data;
+			*ppklen = p8->pkey->value.octet_string->length;
+			}
+		}
+	else if (p8->pkey->type == V_ASN1_SEQUENCE)
+		{
+		p8->broken = PKCS8_NO_OCTET;
+		if (pk)
+			{
+			*pk = p8->pkey->value.sequence->data;
+			*ppklen = p8->pkey->value.sequence->length;
+			}
+		}
+	else
+		return 0;
+	if (pa)
+		*pa = p8->pkeyalg;
+	return 1;
+	}
+
diff --git a/crypto/asn1/t_bitst.c b/crypto/asn1/t_bitst.c
index 397332d9b8..2e59a25fa1 100644
--- a/crypto/asn1/t_bitst.c
+++ b/crypto/asn1/t_bitst.c
@@ -1,5 +1,5 @@
 /* t_bitst.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
 /* ====================================================================
diff --git a/crypto/asn1/t_crl.c b/crypto/asn1/t_crl.c
index f183a11b65..bdb244c015 100644
--- a/crypto/asn1/t_crl.c
+++ b/crypto/asn1/t_crl.c
@@ -1,5 +1,5 @@
 /* t_crl.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
 /* ====================================================================
@@ -72,7 +72,7 @@ int X509_CRL_print_fp(FILE *fp, X509_CRL *x)
 
         if ((b=BIO_new(BIO_s_file())) == NULL)
 		{
-		X509err(X509_F_X509_PRINT_FP,ERR_R_BUF_LIB);
+		X509err(X509_F_X509_CRL_PRINT_FP,ERR_R_BUF_LIB);
                 return(0);
 		}
         BIO_set_fp(b,fp,BIO_NOCLOSE);
diff --git a/crypto/asn1/t_pkey.c b/crypto/asn1/t_pkey.c
index 86bd2e04e4..9dd18f6579 100644
--- a/crypto/asn1/t_pkey.c
+++ b/crypto/asn1/t_pkey.c
@@ -55,504 +55,21 @@
  * copied and put under another distribution licence
  * [including the GNU Public Licence.]
  */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * Binary polynomial ECC support in OpenSSL originally developed by 
- * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
- */
 
 #include <stdio.h>
 #include "cryptlib.h"
 #include <openssl/objects.h>
 #include <openssl/buffer.h>
 #include <openssl/bn.h>
-#ifndef OPENSSL_NO_RSA
-#include <openssl/rsa.h>
-#endif
-#ifndef OPENSSL_NO_DH
-#include <openssl/dh.h>
-#endif
-#ifndef OPENSSL_NO_DSA
-#include <openssl/dsa.h>
-#endif
-#ifndef OPENSSL_NO_EC
-#include <openssl/ec.h>
-#endif
-
-static int print(BIO *fp,const char *str,BIGNUM *num,
-		unsigned char *buf,int off);
-static int print_bin(BIO *fp, const char *str, const unsigned char *num,
-		size_t len, int off);
-#ifndef OPENSSL_NO_RSA
-#ifndef OPENSSL_NO_FP_API
-int RSA_print_fp(FILE *fp, const RSA *x, int off)
-	{
-	BIO *b;
-	int ret;
-
-	if ((b=BIO_new(BIO_s_file())) == NULL)
-		{
-		RSAerr(RSA_F_RSA_PRINT_FP,ERR_R_BUF_LIB);
-		return(0);
-		}
-	BIO_set_fp(b,fp,BIO_NOCLOSE);
-	ret=RSA_print(b,x,off);
-	BIO_free(b);
-	return(ret);
-	}
-#endif
-
-int RSA_print(BIO *bp, const RSA *x, int off)
-	{
-	char str[128];
-	const char *s;
-	unsigned char *m=NULL;
-	int ret=0;
-	size_t buf_len=0, i;
-
-	if (x->n)
-		buf_len = (size_t)BN_num_bytes(x->n);
-	if (x->e)
-		if (buf_len < (i = (size_t)BN_num_bytes(x->e)))
-			buf_len = i;
-	if (x->d)
-		if (buf_len < (i = (size_t)BN_num_bytes(x->d)))
-			buf_len = i;
-	if (x->p)
-		if (buf_len < (i = (size_t)BN_num_bytes(x->p)))
-			buf_len = i;
-	if (x->q)
-		if (buf_len < (i = (size_t)BN_num_bytes(x->q)))
-			buf_len = i;
-	if (x->dmp1)
-		if (buf_len < (i = (size_t)BN_num_bytes(x->dmp1)))
-			buf_len = i;
-	if (x->dmq1)
-		if (buf_len < (i = (size_t)BN_num_bytes(x->dmq1)))
-			buf_len = i;
-	if (x->iqmp)
-		if (buf_len < (i = (size_t)BN_num_bytes(x->iqmp)))
-			buf_len = i;
-
-	m=(unsigned char *)OPENSSL_malloc(buf_len+10);
-	if (m == NULL)
-		{
-		RSAerr(RSA_F_RSA_PRINT,ERR_R_MALLOC_FAILURE);
-		goto err;
-		}
-
-	if (x->d != NULL)
-		{
-		if(!BIO_indent(bp,off,128))
-		   goto err;
-		if (BIO_printf(bp,"Private-Key: (%d bit)\n",BN_num_bits(x->n))
-			<= 0) goto err;
-		}
-
-	if (x->d == NULL)
-		BIO_snprintf(str,sizeof str,"Modulus (%d bit):",BN_num_bits(x->n));
-	else
-		BUF_strlcpy(str,"modulus:",sizeof str);
-	if (!print(bp,str,x->n,m,off)) goto err;
-	s=(x->d == NULL)?"Exponent:":"publicExponent:";
-	if (!print(bp,s,x->e,m,off)) goto err;
-	if (!print(bp,"privateExponent:",x->d,m,off)) goto err;
-	if (!print(bp,"prime1:",x->p,m,off)) goto err;
-	if (!print(bp,"prime2:",x->q,m,off)) goto err;
-	if (!print(bp,"exponent1:",x->dmp1,m,off)) goto err;
-	if (!print(bp,"exponent2:",x->dmq1,m,off)) goto err;
-	if (!print(bp,"coefficient:",x->iqmp,m,off)) goto err;
-	ret=1;
-err:
-	if (m != NULL) OPENSSL_free(m);
-	return(ret);
-	}
-#endif /* OPENSSL_NO_RSA */
-
-#ifndef OPENSSL_NO_DSA
-#ifndef OPENSSL_NO_FP_API
-int DSA_print_fp(FILE *fp, const DSA *x, int off)
-	{
-	BIO *b;
-	int ret;
-
-	if ((b=BIO_new(BIO_s_file())) == NULL)
-		{
-		DSAerr(DSA_F_DSA_PRINT_FP,ERR_R_BUF_LIB);
-		return(0);
-		}
-	BIO_set_fp(b,fp,BIO_NOCLOSE);
-	ret=DSA_print(b,x,off);
-	BIO_free(b);
-	return(ret);
-	}
-#endif
-
-int DSA_print(BIO *bp, const DSA *x, int off)
-	{
-	unsigned char *m=NULL;
-	int ret=0;
-	size_t buf_len=0,i;
-
-	if (x->p)
-		buf_len = (size_t)BN_num_bytes(x->p);
-	if (x->q)
-		if (buf_len < (i = (size_t)BN_num_bytes(x->q)))
-			buf_len = i;
-	if (x->g)
-		if (buf_len < (i = (size_t)BN_num_bytes(x->g)))
-			buf_len = i;
-	if (x->priv_key)
-		if (buf_len < (i = (size_t)BN_num_bytes(x->priv_key)))
-			buf_len = i;
-	if (x->pub_key)
-		if (buf_len < (i = (size_t)BN_num_bytes(x->pub_key)))
-			buf_len = i;
-
-	m=(unsigned char *)OPENSSL_malloc(buf_len+10);
-	if (m == NULL)
-		{
-		DSAerr(DSA_F_DSA_PRINT,ERR_R_MALLOC_FAILURE);
-		goto err;
-		}
-
-	if (x->priv_key != NULL)
-		{
-		if(!BIO_indent(bp,off,128))
-		   goto err;
-		if (BIO_printf(bp,"Private-Key: (%d bit)\n",BN_num_bits(x->p))
-			<= 0) goto err;
-		}
-
-	if ((x->priv_key != NULL) && !print(bp,"priv:",x->priv_key,m,off))
-		goto err;
-	if ((x->pub_key  != NULL) && !print(bp,"pub: ",x->pub_key,m,off))
-		goto err;
-	if ((x->p != NULL) && !print(bp,"P:   ",x->p,m,off)) goto err;
-	if ((x->q != NULL) && !print(bp,"Q:   ",x->q,m,off)) goto err;
-	if ((x->g != NULL) && !print(bp,"G:   ",x->g,m,off)) goto err;
-	ret=1;
-err:
-	if (m != NULL) OPENSSL_free(m);
-	return(ret);
-	}
-#endif /* !OPENSSL_NO_DSA */
-
-#ifndef OPENSSL_NO_EC
-#ifndef OPENSSL_NO_FP_API
-int ECPKParameters_print_fp(FILE *fp, const EC_GROUP *x, int off)
-	{
-	BIO *b;
-	int ret;
-
-	if ((b=BIO_new(BIO_s_file())) == NULL)
-		{
-		ECerr(EC_F_ECPKPARAMETERS_PRINT_FP,ERR_R_BUF_LIB);
-		return(0);
-		}
-	BIO_set_fp(b, fp, BIO_NOCLOSE);
-	ret = ECPKParameters_print(b, x, off);
-	BIO_free(b);
-	return(ret);
-	}
-
-int EC_KEY_print_fp(FILE *fp, const EC_KEY *x, int off)
-	{
-	BIO *b;
-	int ret;
- 
-	if ((b=BIO_new(BIO_s_file())) == NULL)
-		{
-		ECerr(EC_F_EC_KEY_PRINT_FP, ERR_R_BIO_LIB);
-		return(0);
-		}
-	BIO_set_fp(b, fp, BIO_NOCLOSE);
-	ret = EC_KEY_print(b, x, off);
-	BIO_free(b);
-	return(ret);
-	}
-#endif
-
-int ECPKParameters_print(BIO *bp, const EC_GROUP *x, int off)
-	{
-	unsigned char *buffer=NULL;
-	size_t	buf_len=0, i;
-	int     ret=0, reason=ERR_R_BIO_LIB;
-	BN_CTX  *ctx=NULL;
-	EC_POINT *point=NULL;
-	BIGNUM	*p=NULL, *a=NULL, *b=NULL, *gen=NULL,
-		*order=NULL, *cofactor=NULL;
-	const unsigned char *seed;
-	size_t	seed_len=0;
-	
-	static const char *gen_compressed = "Generator (compressed):";
-	static const char *gen_uncompressed = "Generator (uncompressed):";
-	static const char *gen_hybrid = "Generator (hybrid):";
- 
-	if (!x)
-		{
-		reason = ERR_R_PASSED_NULL_PARAMETER;
-		goto err;
-		}
-
-	if (EC_GROUP_get_asn1_flag(x))
-		{
-		/* the curve parameter are given by an asn1 OID */
-		int nid;
-
-		if (!BIO_indent(bp, off, 128))
-			goto err;
-
-		nid = EC_GROUP_get_nid(x);
-		if (nid == 0)
-			goto err;
-
-		if (BIO_printf(bp, "ASN1 OID: %s", OBJ_nid2sn(nid)) <= 0)
-			goto err;
-		if (BIO_printf(bp, "\n") <= 0)
-			goto err;
-		}
-	else
-		{
-		/* explicit parameters */
-		int is_char_two = 0;
-		point_conversion_form_t form;
-		int tmp_nid = EC_METHOD_get_field_type(EC_GROUP_method_of(x));
-
-		if (tmp_nid == NID_X9_62_characteristic_two_field)
-			is_char_two = 1;
-
-		if ((p = BN_new()) == NULL || (a = BN_new()) == NULL ||
-			(b = BN_new()) == NULL || (order = BN_new()) == NULL ||
-			(cofactor = BN_new()) == NULL)
-			{
-			reason = ERR_R_MALLOC_FAILURE;
-			goto err;
-			}
-
-		if (is_char_two)
-			{
-			if (!EC_GROUP_get_curve_GF2m(x, p, a, b, ctx))
-				{
-				reason = ERR_R_EC_LIB;
-				goto err;
-				}
-			}
-		else /* prime field */
-			{
-			if (!EC_GROUP_get_curve_GFp(x, p, a, b, ctx))
-				{
-				reason = ERR_R_EC_LIB;
-				goto err;
-				}
-			}
-
-		if ((point = EC_GROUP_get0_generator(x)) == NULL)
-			{
-			reason = ERR_R_EC_LIB;
-			goto err;
-			}
-		if (!EC_GROUP_get_order(x, order, NULL) || 
-            		!EC_GROUP_get_cofactor(x, cofactor, NULL))
-			{
-			reason = ERR_R_EC_LIB;
-			goto err;
-			}
-		
-		form = EC_GROUP_get_point_conversion_form(x);
-
-		if ((gen = EC_POINT_point2bn(x, point, 
-				form, NULL, ctx)) == NULL)
-			{
-			reason = ERR_R_EC_LIB;
-			goto err;
-			}
-
-		buf_len = (size_t)BN_num_bytes(p);
-		if (buf_len < (i = (size_t)BN_num_bytes(a)))
-			buf_len = i;
-		if (buf_len < (i = (size_t)BN_num_bytes(b)))
-			buf_len = i;
-		if (buf_len < (i = (size_t)BN_num_bytes(gen)))
-			buf_len = i;
-		if (buf_len < (i = (size_t)BN_num_bytes(order)))
-			buf_len = i;
-		if (buf_len < (i = (size_t)BN_num_bytes(cofactor))) 
-			buf_len = i;
-
-		if ((seed = EC_GROUP_get0_seed(x)) != NULL)
-			seed_len = EC_GROUP_get_seed_len(x);
-
-		buf_len += 10;
-		if ((buffer = OPENSSL_malloc(buf_len)) == NULL)
-			{
-			reason = ERR_R_MALLOC_FAILURE;
-			goto err;
-			}
-
-		if (!BIO_indent(bp, off, 128))
-			goto err;
-
-		/* print the 'short name' of the field type */
-		if (BIO_printf(bp, "Field Type: %s\n", OBJ_nid2sn(tmp_nid))
-			<= 0)
-			goto err;  
-
-		if (is_char_two)
-			{
-			/* print the 'short name' of the base type OID */
-			int basis_type = EC_GROUP_get_basis_type(x);
-			if (basis_type == 0)
-				goto err;
-
-			if (!BIO_indent(bp, off, 128))
-				goto err;
-
-			if (BIO_printf(bp, "Basis Type: %s\n", 
-				OBJ_nid2sn(basis_type)) <= 0)
-				goto err;
-
-			/* print the polynomial */
-			if ((p != NULL) && !print(bp, "Polynomial:", p, buffer,
-				off))
-				goto err;
-			}
-		else
-			{
-			if ((p != NULL) && !print(bp, "Prime:", p, buffer,off))
-				goto err;
-			}
-		if ((a != NULL) && !print(bp, "A:   ", a, buffer, off)) 
-			goto err;
-		if ((b != NULL) && !print(bp, "B:   ", b, buffer, off))
-			goto err;
-		if (form == POINT_CONVERSION_COMPRESSED)
-			{
-			if ((gen != NULL) && !print(bp, gen_compressed, gen,
-				buffer, off))
-				goto err;
-			}
-		else if (form == POINT_CONVERSION_UNCOMPRESSED)
-			{
-			if ((gen != NULL) && !print(bp, gen_uncompressed, gen,
-				buffer, off))
-				goto err;
-			}
-		else /* form == POINT_CONVERSION_HYBRID */
-			{
-			if ((gen != NULL) && !print(bp, gen_hybrid, gen,
-				buffer, off))
-				goto err;
-			}
-		if ((order != NULL) && !print(bp, "Order: ", order, 
-			buffer, off)) goto err;
-		if ((cofactor != NULL) && !print(bp, "Cofactor: ", cofactor, 
-			buffer, off)) goto err;
-		if (seed && !print_bin(bp, "Seed:", seed, seed_len, off))
-			goto err;
-		}
-	ret=1;
-err:
-	if (!ret)
- 		ECerr(EC_F_ECPKPARAMETERS_PRINT, reason);
-	if (p) 
-		BN_free(p);
-	if (a) 
-		BN_free(a);
-	if (b)
-		BN_free(b);
-	if (gen)
-		BN_free(gen);
-	if (order)
-		BN_free(order);
-	if (cofactor)
-		BN_free(cofactor);
-	if (ctx)
-		BN_CTX_free(ctx);
-	if (buffer != NULL) 
-		OPENSSL_free(buffer);
-	return(ret);	
-	}
 
-int EC_KEY_print(BIO *bp, const EC_KEY *x, int off)
-	{
-	unsigned char *buffer=NULL;
-	size_t	buf_len=0, i;
-	int     ret=0, reason=ERR_R_BIO_LIB;
-	BIGNUM  *pub_key=NULL, *order=NULL;
-	BN_CTX  *ctx=NULL;
- 
-	if (!x || !x->group)
-		{
-		reason = ERR_R_PASSED_NULL_PARAMETER;
-		goto err;
-		}
-
-	if ((pub_key = EC_POINT_point2bn(x->group, x->pub_key,
-		x->conv_form, NULL, ctx)) == NULL)
-		{
-		reason = ERR_R_EC_LIB;
-		goto err;
-		}
-
-	buf_len = (size_t)BN_num_bytes(pub_key);
-	if (x->priv_key)
-		{
-		if ((i = (size_t)BN_num_bytes(x->priv_key)) > buf_len)
-			buf_len = i;
-		}
-
-	buf_len += 10;
-	if ((buffer = OPENSSL_malloc(buf_len)) == NULL)
-		{
-		reason = ERR_R_MALLOC_FAILURE;
-		goto err;
-		}
-
-	if (x->priv_key != NULL)
-		{
-		if (!BIO_indent(bp, off, 128))
-			goto err;
-		if ((order = BN_new()) == NULL)
-			goto err;
-		if (!EC_GROUP_get_order(x->group, order, NULL))
-			goto err;
-		if (BIO_printf(bp, "Private-Key: (%d bit)\n", 
-			BN_num_bits(order)) <= 0) goto err;
-		}
-  
-	if ((x->priv_key != NULL) && !print(bp, "priv:", x->priv_key, 
-		buffer, off))
-		goto err;
-	if ((pub_key != NULL) && !print(bp, "pub: ", pub_key,
-		buffer, off))
-		goto err;
-	if (!ECPKParameters_print(bp, x->group, off))
-		goto err;
-	ret=1;
-err:
-	if (!ret)
- 		ECerr(EC_F_EC_KEY_PRINT, reason);
-	if (pub_key) 
-		BN_free(pub_key);
-	if (order)
-		BN_free(order);
-	if (ctx)
-		BN_CTX_free(ctx);
-	if (buffer != NULL)
-		OPENSSL_free(buffer);
-	return(ret);
-	}
-#endif /* OPENSSL_NO_EC */
-
-static int print(BIO *bp, const char *number, BIGNUM *num, unsigned char *buf,
-	     int off)
+int ASN1_bn_print(BIO *bp, const char *number, const BIGNUM *num,
+			unsigned char *buf, int off)
 	{
 	int n,i;
 	const char *neg;
 
 	if (num == NULL) return(1);
-	neg = (BN_get_sign(num))?"-":"";
+	neg = (BN_is_negative(num))?"-":"";
 	if(!BIO_indent(bp,off,128))
 		return 0;
 	if (BN_is_zero(num))
@@ -595,211 +112,3 @@ static int print(BIO *bp, const char *number, BIGNUM *num, unsigned char *buf,
 		}
 	return(1);
 	}
-
-static int print_bin(BIO *fp, const char *name, const unsigned char *buf,
-		size_t len, int off)
-	{
-	size_t i;
-	char str[128];
-
-	if (buf == NULL)
-		return 1;
-	if (off)
-		{
-		if (off > 128)
-			off=128;
-		memset(str,' ',off);
-		if (BIO_write(fp, str, off) <= 0)
-			return 0;
-		}
-
-	if (BIO_printf(fp,"%s", name) <= 0)
-		return 0;
-
-	for (i=0; i<len; i++)
-		{
-		if ((i%15) == 0)
-			{
-			str[0]='\n';
-			memset(&(str[1]),' ',off+4);
-			if (BIO_write(fp, str, off+1+4) <= 0)
-				return 0;
-			}
-		if (BIO_printf(fp,"%02x%s",buf[i],((i+1) == len)?"":":") <= 0)
-			return 0;
-		}
-	if (BIO_write(fp,"\n",1) <= 0)
-		return 0;
-
-	return 1;
-	}
-
-#ifndef OPENSSL_NO_DH
-#ifndef OPENSSL_NO_FP_API
-int DHparams_print_fp(FILE *fp, const DH *x)
-	{
-	BIO *b;
-	int ret;
-
-	if ((b=BIO_new(BIO_s_file())) == NULL)
-		{
-		DHerr(DH_F_DHPARAMS_PRINT_FP,ERR_R_BUF_LIB);
-		return(0);
-		}
-	BIO_set_fp(b,fp,BIO_NOCLOSE);
-	ret=DHparams_print(b, x);
-	BIO_free(b);
-	return(ret);
-	}
-#endif
-
-int DHparams_print(BIO *bp, const DH *x)
-	{
-	unsigned char *m=NULL;
-	int reason=ERR_R_BUF_LIB,ret=0;
-	size_t buf_len=0, i;
-
-	if (x->p)
-		buf_len = (size_t)BN_num_bytes(x->p);
-	if (x->g)
-		if (buf_len < (i = (size_t)BN_num_bytes(x->g)))
-			buf_len = i;
-	m=(unsigned char *)OPENSSL_malloc(buf_len+10);
-	if (m == NULL)
-		{
-		reason=ERR_R_MALLOC_FAILURE;
-		goto err;
-		}
-
-	if (BIO_printf(bp,"Diffie-Hellman-Parameters: (%d bit)\n",
-		BN_num_bits(x->p)) <= 0)
-		goto err;
-	if (!print(bp,"prime:",x->p,m,4)) goto err;
-	if (!print(bp,"generator:",x->g,m,4)) goto err;
-	if (x->length != 0)
-		{
-		if (BIO_printf(bp,"    recommended-private-length: %d bits\n",
-			(int)x->length) <= 0) goto err;
-		}
-	ret=1;
-	if (0)
-		{
-err:
-		DHerr(DH_F_DHPARAMS_PRINT,reason);
-		}
-	if (m != NULL) OPENSSL_free(m);
-	return(ret);
-	}
-#endif
-
-#ifndef OPENSSL_NO_DSA
-#ifndef OPENSSL_NO_FP_API
-int DSAparams_print_fp(FILE *fp, const DSA *x)
-	{
-	BIO *b;
-	int ret;
-
-	if ((b=BIO_new(BIO_s_file())) == NULL)
-		{
-		DSAerr(DSA_F_DSAPARAMS_PRINT_FP,ERR_R_BUF_LIB);
-		return(0);
-		}
-	BIO_set_fp(b,fp,BIO_NOCLOSE);
-	ret=DSAparams_print(b, x);
-	BIO_free(b);
-	return(ret);
-	}
-#endif
-
-int DSAparams_print(BIO *bp, const DSA *x)
-	{
-	unsigned char *m=NULL;
-	int reason=ERR_R_BUF_LIB,ret=0;
-	size_t buf_len=0,i;
-
-	if (x->p)
-		buf_len = (size_t)BN_num_bytes(x->p);
-	if (x->q)
-		if (buf_len < (i = (size_t)BN_num_bytes(x->q)))
-			buf_len = i;
-	if (x->g)
-		if (buf_len < (i = (size_t)BN_num_bytes(x->g)))
-			buf_len = i;
-	m=(unsigned char *)OPENSSL_malloc(buf_len+10);
-	if (m == NULL)
-		{
-		reason=ERR_R_MALLOC_FAILURE;
-		goto err;
-		}
-
-	if (BIO_printf(bp,"DSA-Parameters: (%d bit)\n",
-		BN_num_bits(x->p)) <= 0)
-		goto err;
-	if (!print(bp,"p:",x->p,m,4)) goto err;
-	if (!print(bp,"q:",x->q,m,4)) goto err;
-	if (!print(bp,"g:",x->g,m,4)) goto err;
-	ret=1;
-err:
-	if (m != NULL) OPENSSL_free(m);
-	DSAerr(DSA_F_DSAPARAMS_PRINT,reason);
-	return(ret);
-	}
-
-#endif /* !OPENSSL_NO_DSA */
-
-#ifndef OPENSSL_NO_EC
-#ifndef OPENSSL_NO_FP_API
-int ECParameters_print_fp(FILE *fp, const EC_KEY *x)
-	{
-	BIO *b;
-	int ret;
- 
-	if ((b=BIO_new(BIO_s_file())) == NULL)
-		{
-		ECerr(EC_F_ECPARAMETERS_PRINT_FP, ERR_R_BIO_LIB);
-		return(0);
-		}
-	BIO_set_fp(b, fp, BIO_NOCLOSE);
-	ret = ECParameters_print(b, x);
-	BIO_free(b);
-	return(ret);
-	}
-#endif
-
-int ECParameters_print(BIO *bp, const EC_KEY *x)
-	{
-	int     reason=ERR_R_EC_LIB, ret=0;
-	BIGNUM	*order=NULL;
- 
-	if (!x || !x->group)
-		{
-		reason = ERR_R_PASSED_NULL_PARAMETER;;
-		goto err;
-		}
-
-	if ((order = BN_new()) == NULL)
-		{
-		reason = ERR_R_MALLOC_FAILURE;
-		goto err;
-		}
-
-	if (!EC_GROUP_get_order(x->group, order, NULL))
-		{
-		reason = ERR_R_EC_LIB;
-		goto err;
-		}
- 
-	if (BIO_printf(bp, "ECDSA-Parameters: (%d bit)\n", 
-		BN_num_bits(order)) <= 0)
-		goto err;
-	if (!ECPKParameters_print(bp, x->group, 4))
-		goto err;
-	ret=1;
-err:
-	if (order)
-		BN_free(order);
-	ECerr(EC_F_ECPARAMETERS_PRINT, reason);
-	return(ret);
-	}
-  
-#endif
diff --git a/crypto/asn1/t_req.c b/crypto/asn1/t_req.c
index 32eef7e78f..ea1794e3e0 100644
--- a/crypto/asn1/t_req.c
+++ b/crypto/asn1/t_req.c
@@ -63,8 +63,12 @@
 #include <openssl/objects.h>
 #include <openssl/x509.h>
 #include <openssl/x509v3.h>
+#ifndef OPENSSL_NO_RSA
 #include <openssl/rsa.h>
+#endif
+#ifndef OPENSSL_NO_DSA
 #include <openssl/dsa.h>
+#endif
 
 #ifndef OPENSSL_NO_FP_API
 int X509_REQ_print_fp(FILE *fp, X509_REQ *x)
@@ -145,34 +149,10 @@ int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflags, unsigned long
 			ERR_print_errors(bp);
 			}
 		else
-#ifndef OPENSSL_NO_RSA
-		if (pkey->type == EVP_PKEY_RSA)
 			{
-			BIO_printf(bp,"%12sRSA Public Key: (%d bit)\n","",
-			BN_num_bits(pkey->pkey.rsa->n));
-			RSA_print(bp,pkey->pkey.rsa,16);
+			EVP_PKEY_print_public(bp, pkey, 16, NULL);
+			EVP_PKEY_free(pkey);
 			}
-		else
-#endif
-#ifndef OPENSSL_NO_DSA
-		if (pkey->type == EVP_PKEY_DSA)
-			{
-			BIO_printf(bp,"%12sDSA Public Key:\n","");
-			DSA_print(bp,pkey->pkey.dsa,16);
-			}
-		else
-#endif
-#ifndef OPENSSL_NO_EC
-		if (pkey->type == EVP_PKEY_EC)
-		{
-			BIO_printf(bp, "%12sEC Public Key: \n","");
-			EC_KEY_print(bp, pkey->pkey.eckey, 16);
-		}
-	else
-#endif
-			BIO_printf(bp,"%12sUnknown Public Key:\n","");
-
-		EVP_PKEY_free(pkey);
 		}
 
 	if(!(cflag & X509_FLAG_NO_ATTRIBUTES))
@@ -240,7 +220,7 @@ get_next:
 				}
 			}
 		}
-	if(!(cflag & X509_FLAG_NO_ATTRIBUTES))
+	if(!(cflag & X509_FLAG_NO_EXTENSIONS))
 		{
 		exts = X509_REQ_get_extensions(x);
 		if(exts)
@@ -258,7 +238,7 @@ get_next:
 				j=X509_EXTENSION_get_critical(ex);
 				if (BIO_printf(bp,": %s\n",j?"critical":"") <= 0)
 					goto err;
-				if(!X509V3_EXT_print(bp, ex, 0, 16))
+				if(!X509V3_EXT_print(bp, ex, cflag, 16))
 					{
 					BIO_printf(bp, "%16s", "");
 					M_ASN1_OCTET_STRING_print(bp,ex->value);
@@ -276,7 +256,7 @@ get_next:
 
 	return(1);
 err:
-	X509err(X509_F_X509_REQ_PRINT,ERR_R_BUF_LIB);
+	X509err(X509_F_X509_REQ_PRINT_EX,ERR_R_BUF_LIB);
 	return(0);
 	}
 
diff --git a/crypto/asn1/t_spki.c b/crypto/asn1/t_spki.c
index e84bae6438..079c081a81 100644
--- a/crypto/asn1/t_spki.c
+++ b/crypto/asn1/t_spki.c
@@ -1,5 +1,5 @@
 /* t_spki.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
 /* ====================================================================
@@ -60,8 +60,12 @@
 #include "cryptlib.h"
 #include <openssl/x509.h>
 #include <openssl/asn1.h>
+#ifndef OPENSSL_NO_RSA
 #include <openssl/rsa.h>
+#endif
+#ifndef OPENSSL_NO_DSA
 #include <openssl/dsa.h>
+#endif
 #include <openssl/bn.h>
 
 /* Print out an SPKI */
@@ -78,36 +82,11 @@ int NETSCAPE_SPKI_print(BIO *out, NETSCAPE_SPKI *spki)
 				(i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i));
 	pkey = X509_PUBKEY_get(spki->spkac->pubkey);
 	if(!pkey) BIO_printf(out, "  Unable to load public key\n");
-	else {
-#ifndef OPENSSL_NO_RSA
-		if (pkey->type == EVP_PKEY_RSA)
-			{
-			BIO_printf(out,"  RSA Public Key: (%d bit)\n",
-				BN_num_bits(pkey->pkey.rsa->n));
-			RSA_print(out,pkey->pkey.rsa,2);
-			}
-		else 
-#endif
-#ifndef OPENSSL_NO_DSA
-		if (pkey->type == EVP_PKEY_DSA)
+	else
 		{
-		BIO_printf(out,"  DSA Public Key:\n");
-		DSA_print(out,pkey->pkey.dsa,2);
-		}
-		else
-#endif
-#ifndef OPENSSL_NO_EC
-		if (pkey->type == EVP_PKEY_EC)
-		{
-			BIO_printf(out, "  EC Public Key:\n");
-			EC_KEY_print(out, pkey->pkey.eckey,2);
-		}
-		else
-#endif
-
-			BIO_printf(out,"  Unknown Public Key:\n");
+		EVP_PKEY_print_public(out, pkey, 4, NULL);
 		EVP_PKEY_free(pkey);
-	}
+		}
 	chal = spki->spkac->challenge;
 	if(chal->length)
 		BIO_printf(out, "  Challenge String: %s\n", chal->data);
diff --git a/crypto/asn1/t_x509.c b/crypto/asn1/t_x509.c
index 36cef4605d..01cf9e427a 100644
--- a/crypto/asn1/t_x509.c
+++ b/crypto/asn1/t_x509.c
@@ -86,7 +86,7 @@ int X509_print_ex_fp(FILE *fp, X509 *x, unsigned long nmflag, unsigned long cfla
 
         if ((b=BIO_new(BIO_s_file())) == NULL)
 		{
-		X509err(X509_F_X509_PRINT_FP,ERR_R_BUF_LIB);
+		X509err(X509_F_X509_PRINT_EX_FP,ERR_R_BUF_LIB);
                 return(0);
 		}
         BIO_set_fp(b,fp,BIO_NOCLOSE);
@@ -111,7 +111,6 @@ int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags, unsigned long cflag)
 	ASN1_INTEGER *bs;
 	EVP_PKEY *pkey=NULL;
 	const char *neg;
-	ASN1_STRING *str=NULL;
 
 	if((nmflags & XN_FLAG_SEP_MASK) == XN_FLAG_SEP_MULTILINE) {
 			mlch = '\n';
@@ -215,34 +214,10 @@ int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags, unsigned long cflag)
 			ERR_print_errors(bp);
 			}
 		else
-#ifndef OPENSSL_NO_RSA
-		if (pkey->type == EVP_PKEY_RSA)
 			{
-			BIO_printf(bp,"%12sRSA Public Key: (%d bit)\n","",
-			BN_num_bits(pkey->pkey.rsa->n));
-			RSA_print(bp,pkey->pkey.rsa,16);
+			EVP_PKEY_print_public(bp, pkey, 16, NULL);
+			EVP_PKEY_free(pkey);
 			}
-		else
-#endif
-#ifndef OPENSSL_NO_DSA
-		if (pkey->type == EVP_PKEY_DSA)
-			{
-			BIO_printf(bp,"%12sDSA Public Key:\n","");
-			DSA_print(bp,pkey->pkey.dsa,16);
-			}
-		else
-#endif
-#ifndef OPENSSL_NO_EC
-		if (pkey->type == EVP_PKEY_EC)
-			{
-			BIO_printf(bp, "%12sEC Public Key:\n","");
-			EC_KEY_print(bp, pkey->pkey.eckey, 16);
-			}
-		else
-#endif
-			BIO_printf(bp,"%12sUnknown Public Key:\n","");
-
-		EVP_PKEY_free(pkey);
 		}
 
 	if (!(cflag & X509_FLAG_NO_EXTENSIONS))
@@ -259,7 +234,6 @@ int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags, unsigned long cflag)
 		}
 	ret=1;
 err:
-	if (str != NULL) ASN1_STRING_free(str);
 	if (m != NULL) OPENSSL_free(m);
 	return(ret);
 	}
@@ -281,7 +255,8 @@ int X509_ocspid_print (BIO *bp, X509 *x)
 		goto err;
 	i2d_X509_NAME(x->cert_info->subject, &dertmp);
 
-	EVP_Digest(der, derlen, SHA1md, NULL, EVP_sha1(), NULL);
+	if (!EVP_Digest(der, derlen, SHA1md, NULL, EVP_sha1(), NULL))
+		goto err;
 	for (i=0; i < SHA_DIGEST_LENGTH; i++)
 		{
 		if (BIO_printf(bp,"%02X",SHA1md[i]) <= 0) goto err;
@@ -294,8 +269,10 @@ int X509_ocspid_print (BIO *bp, X509 *x)
 	if (BIO_printf(bp,"\n        Public key OCSP hash: ") <= 0)
 		goto err;
 
-	EVP_Digest(x->cert_info->key->public_key->data,
-		x->cert_info->key->public_key->length, SHA1md, NULL, EVP_sha1(), NULL);
+	if (!EVP_Digest(x->cert_info->key->public_key->data,
+			x->cert_info->key->public_key->length,
+			SHA1md, NULL, EVP_sha1(), NULL))
+		goto err;
 	for (i=0; i < SHA_DIGEST_LENGTH; i++)
 		{
 		if (BIO_printf(bp,"%02X",SHA1md[i]) <= 0)
@@ -329,14 +306,15 @@ int X509_signature_print(BIO *bp, X509_ALGOR *sigalg, ASN1_STRING *sig)
 	return 1;
 }
 
-int ASN1_STRING_print(BIO *bp, ASN1_STRING *v)
+int ASN1_STRING_print(BIO *bp, const ASN1_STRING *v)
 	{
 	int i,n;
-	char buf[80],*p;;
+	char buf[80];
+	const char *p;
 
 	if (v == NULL) return(0);
 	n=0;
-	p=(char *)v->data;
+	p=(const char *)v->data;
 	for (i=0; i<v->length; i++)
 		{
 		if ((p[i] > '~') || ((p[i] < ' ') &&
@@ -358,7 +336,7 @@ int ASN1_STRING_print(BIO *bp, ASN1_STRING *v)
 	return(1);
 	}
 
-int ASN1_TIME_print(BIO *bp, ASN1_TIME *tm)
+int ASN1_TIME_print(BIO *bp, const ASN1_TIME *tm)
 {
 	if(tm->type == V_ASN1_UTCTIME) return ASN1_UTCTIME_print(bp, tm);
 	if(tm->type == V_ASN1_GENERALIZEDTIME)
@@ -373,12 +351,14 @@ static const char *mon[12]=
     "Jul","Aug","Sep","Oct","Nov","Dec"
     };
 
-int ASN1_GENERALIZEDTIME_print(BIO *bp, ASN1_GENERALIZEDTIME *tm)
+int ASN1_GENERALIZEDTIME_print(BIO *bp, const ASN1_GENERALIZEDTIME *tm)
 	{
 	char *v;
 	int gmt=0;
 	int i;
 	int y=0,M=0,d=0,h=0,m=0,s=0;
+	char *f = NULL;
+	int f_len = 0;
 
 	i=tm->length;
 	v=(char *)tm->data;
@@ -393,12 +373,24 @@ int ASN1_GENERALIZEDTIME_print(BIO *bp, ASN1_GENERALIZEDTIME *tm)
 	d= (v[6]-'0')*10+(v[7]-'0');
 	h= (v[8]-'0')*10+(v[9]-'0');
 	m=  (v[10]-'0')*10+(v[11]-'0');
-	if (	(v[12] >= '0') && (v[12] <= '9') &&
-		(v[13] >= '0') && (v[13] <= '9'))
+	if (tm->length >= 14 &&
+	    (v[12] >= '0') && (v[12] <= '9') &&
+	    (v[13] >= '0') && (v[13] <= '9'))
+		{
 		s=  (v[12]-'0')*10+(v[13]-'0');
+		/* Check for fractions of seconds. */
+		if (tm->length >= 15 && v[14] == '.')
+			{
+			int l = tm->length;
+			f = &v[14];	/* The decimal point. */
+			f_len = 1;
+			while (14 + f_len < l && f[f_len] >= '0' && f[f_len] <= '9')
+				++f_len;
+			}
+		}
 
-	if (BIO_printf(bp,"%s %2d %02d:%02d:%02d %d%s",
-		mon[M-1],d,h,m,s,y,(gmt)?" GMT":"") <= 0)
+	if (BIO_printf(bp,"%s %2d %02d:%02d:%02d%.*s %d%s",
+		mon[M-1],d,h,m,s,f_len,f,y,(gmt)?" GMT":"") <= 0)
 		return(0);
 	else
 		return(1);
@@ -407,15 +399,15 @@ err:
 	return(0);
 	}
 
-int ASN1_UTCTIME_print(BIO *bp, ASN1_UTCTIME *tm)
+int ASN1_UTCTIME_print(BIO *bp, const ASN1_UTCTIME *tm)
 	{
-	char *v;
+	const char *v;
 	int gmt=0;
 	int i;
 	int y=0,M=0,d=0,h=0,m=0,s=0;
 
 	i=tm->length;
-	v=(char *)tm->data;
+	v=(const char *)tm->data;
 
 	if (i < 10) goto err;
 	if (v[i-1] == 'Z') gmt=1;
@@ -428,8 +420,9 @@ int ASN1_UTCTIME_print(BIO *bp, ASN1_UTCTIME *tm)
 	d= (v[4]-'0')*10+(v[5]-'0');
 	h= (v[6]-'0')*10+(v[7]-'0');
 	m=  (v[8]-'0')*10+(v[9]-'0');
-	if (	(v[10] >= '0') && (v[10] <= '9') &&
-		(v[11] >= '0') && (v[11] <= '9'))
+	if (tm->length >=12 &&
+	    (v[10] >= '0') && (v[10] <= '9') &&
+	    (v[11] >= '0') && (v[11] <= '9'))
 		s=  (v[10]-'0')*10+(v[11]-'0');
 
 	if (BIO_printf(bp,"%s %2d %02d:%02d:%02d %d%s",
@@ -445,19 +438,18 @@ err:
 int X509_NAME_print(BIO *bp, X509_NAME *name, int obase)
 	{
 	char *s,*c,*b;
-	int ret=0,l,ll,i,first=1;
+	int ret=0,l,i;
 
-	ll=80-2-obase;
+	l=80-2-obase;
 
-	b=s=X509_NAME_oneline(name,NULL,0);
-	if (!*s)
+	b=X509_NAME_oneline(name,NULL,0);
+	if (!*b)
 		{
 		OPENSSL_free(b);
 		return 1;
 		}
-	s++; /* skip the first slash */
+	s=b+1; /* skip the first slash */
 
-	l=ll;
 	c=s;
 	for (;;)
 		{
@@ -479,20 +471,9 @@ int X509_NAME_print(BIO *bp, X509_NAME *name, int obase)
 			(*s == '\0'))
 #endif
 			{
-			if ((l <= 0) && !first)
-				{
-				first=0;
-				if (BIO_write(bp,"\n",1) != 1) goto err;
-				for (i=0; i<obase; i++)
-					{
-					if (BIO_write(bp," ",1) != 1) goto err;
-					}
-				l=ll;
-				}
 			i=s-c;
 			if (BIO_write(bp,c,i) != i) goto err;
-			c+=i;
-			c++;
+			c=s+1;	/* skip following slash */
 			if (*s != '\0')
 				{
 				if (BIO_write(bp,", ",2) != 2) goto err;
@@ -513,4 +494,3 @@ err:
 	OPENSSL_free(b);
 	return(ret);
 	}
-
diff --git a/crypto/asn1/t_x509a.c b/crypto/asn1/t_x509a.c
index ffbbfb51f4..8b18801a17 100644
--- a/crypto/asn1/t_x509a.c
+++ b/crypto/asn1/t_x509a.c
@@ -1,5 +1,5 @@
 /* t_x509a.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
 /* ====================================================================
diff --git a/crypto/asn1/tasn_dec.c b/crypto/asn1/tasn_dec.c
index 46df79519f..3bee439968 100644
--- a/crypto/asn1/tasn_dec.c
+++ b/crypto/asn1/tasn_dec.c
@@ -1,9 +1,9 @@
 /* tasn_dec.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2000.
  */
 /* ====================================================================
- * Copyright (c) 2000-2004 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 2000-2005 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -66,9 +66,10 @@
 #include <openssl/err.h>
 
 static int asn1_check_eoc(const unsigned char **in, long len);
+static int asn1_find_end(const unsigned char **in, long len, char inf);
 
 static int asn1_collect(BUF_MEM *buf, const unsigned char **in, long len,
-				char inf, int tag, int aclass);
+			char inf, int tag, int aclass, int depth);
 
 static int collect_data(BUF_MEM *buf, const unsigned char **p, long plen);
 
@@ -92,12 +93,12 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval,
 				int tag, int aclass, char opt, ASN1_TLC *ctx);
 
 /* Table to convert tags to bit values, used for MSTRING type */
-static unsigned long tag2bit[32] = {
+static const unsigned long tag2bit[32] = {
 0,	0,	0,	B_ASN1_BIT_STRING,	/* tags  0 -  3 */
 B_ASN1_OCTET_STRING,	0,	0,		B_ASN1_UNKNOWN,/* tags  4- 7 */
 B_ASN1_UNKNOWN,	B_ASN1_UNKNOWN,	B_ASN1_UNKNOWN,	B_ASN1_UNKNOWN,/* tags  8-11 */
 B_ASN1_UTF8STRING,B_ASN1_UNKNOWN,B_ASN1_UNKNOWN,B_ASN1_UNKNOWN,/* tags 12-15 */
-0,	0,	B_ASN1_NUMERICSTRING,B_ASN1_PRINTABLESTRING,   /* tags 16-19 */
+B_ASN1_SEQUENCE,0,B_ASN1_NUMERICSTRING,B_ASN1_PRINTABLESTRING, /* tags 16-19 */
 B_ASN1_T61STRING,B_ASN1_VIDEOTEXSTRING,B_ASN1_IA5STRING,       /* tags 20-22 */
 B_ASN1_UTCTIME, B_ASN1_GENERALIZEDTIME,			       /* tags 23-24 */	
 B_ASN1_GRAPHICSTRING,B_ASN1_ISO64STRING,B_ASN1_GENERALSTRING,  /* tags 25-27 */
@@ -113,6 +114,8 @@ unsigned long ASN1_tag2bit(int tag)
 /* Macro to initialize and invalidate the cache */
 
 #define asn1_tlc_clear(c)	if (c) (c)->valid = 0
+/* Version to avoid compiler warning about 'c' always non-NULL */
+#define asn1_tlc_clear_nc(c)	(c)->valid = 0
 
 /* Decode an ASN1 item, this currently behaves just 
  * like a standard 'd2i' function. 'in' points to 
@@ -129,7 +132,7 @@ ASN1_VALUE *ASN1_item_d2i(ASN1_VALUE **pval,
 	ASN1_VALUE *ptmpval = NULL;
 	if (!pval)
 		pval = &ptmpval;
-	asn1_tlc_clear(&c);
+	asn1_tlc_clear_nc(&c);
 	if (ASN1_item_ex_d2i(pval, in, len, it, -1, 0, 0, &c) > 0) 
 		return *pval;
 	return NULL;
@@ -139,7 +142,7 @@ int ASN1_template_d2i(ASN1_VALUE **pval,
 		const unsigned char **in, long len, const ASN1_TEMPLATE *tt)
 	{
 	ASN1_TLC c;
-	asn1_tlc_clear(&c);
+	asn1_tlc_clear_nc(&c);
 	return asn1_template_ex_d2i(pval, in, len, tt, 0, &c);
 	}
 
@@ -157,7 +160,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
 	const ASN1_EXTERN_FUNCS *ef;
 	const ASN1_AUX *aux = it->funcs;
 	ASN1_aux_cb *asn1_cb;
-	const unsigned char *p, *q;
+	const unsigned char *p = NULL, *q;
 	unsigned char *wp=NULL;	/* BIG FAT WARNING!  BREAKS CONST WHERE USED */
 	unsigned char imphack = 0, oclass;
 	char seq_eoc, seq_nolen, cst, isopt;
@@ -282,6 +285,12 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
 			{
 			wp = *(unsigned char **)in;
 			imphack = *wp;
+			if (p == NULL)
+				{
+				ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
+					ERR_R_NESTED_ASN1_ERROR);
+				goto err;
+				}
 			*wp = (unsigned char)((*p & V_ASN1_CONSTRUCTED)
 								| it->utype);
 			}
@@ -299,7 +308,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
 
 
 		case ASN1_ITYPE_CHOICE:
-		if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it))
+		if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it, NULL))
 				goto auxerr;
 
 		/* Allocate structure */
@@ -349,7 +358,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
 
 		asn1_set_choice_selector(pval, i, it);
 		*in = p;
-		if (asn1_cb && !asn1_cb(ASN1_OP_D2I_POST, pval, it))
+		if (asn1_cb && !asn1_cb(ASN1_OP_D2I_POST, pval, it, NULL))
 				goto auxerr;
 		return 1;
 
@@ -396,7 +405,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
 			goto err;
 			}
 
-		if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it))
+		if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it, NULL))
 				goto auxerr;
 
 		/* Get each field entry */
@@ -498,7 +507,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
 		if (!asn1_enc_save(pval, *in, p - *in, it))
 			goto auxerr;
 		*in = p;
-		if (asn1_cb && !asn1_cb(ASN1_OP_D2I_POST, pval, it))
+		if (asn1_cb && !asn1_cb(ASN1_OP_D2I_POST, pval, it, NULL))
 				goto auxerr;
 		return 1;
 
@@ -578,7 +587,7 @@ static int asn1_template_ex_d2i(ASN1_VALUE **val,
 			/* If NDEF we must have an EOC here */
 			if (!asn1_check_eoc(&p, len))
 				{
-				ASN1err(ASN1_F_ASN1_TEMPLATE_D2I,
+				ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I,
 						ASN1_R_MISSING_EOC);
 				goto err;
 				}
@@ -589,7 +598,7 @@ static int asn1_template_ex_d2i(ASN1_VALUE **val,
 			 * an error */
 			if (len)
 				{
-				ASN1err(ASN1_F_ASN1_TEMPLATE_D2I,
+				ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I,
 					ASN1_R_EXPLICIT_LENGTH_MISMATCH);
 				goto err;
 				}
@@ -604,7 +613,6 @@ static int asn1_template_ex_d2i(ASN1_VALUE **val,
 
 	err:
 	ASN1_template_free(val, tt);
-	*val = NULL;
 	return 0;
 	}
 
@@ -648,7 +656,7 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val,
 					&p, len, sktag, skaclass, opt, ctx);
 		if (!ret)
 			{
-			ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I,
+			ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I,
 						ERR_R_NESTED_ASN1_ERROR);
 			return 0;
 			}
@@ -659,11 +667,12 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val,
 		else
 			{
 			/* We've got a valid STACK: free up any items present */
-			STACK *sktmp = (STACK *)*val;
+			STACK_OF(ASN1_VALUE) *sktmp
+			    = (STACK_OF(ASN1_VALUE) *)*val;
 			ASN1_VALUE *vtmp;
-			while(sk_num(sktmp) > 0)
+			while(sk_ASN1_VALUE_num(sktmp) > 0)
 				{
-				vtmp = (ASN1_VALUE *)sk_pop(sktmp);
+				vtmp = sk_ASN1_VALUE_pop(sktmp);
 				ASN1_item_ex_free(&vtmp,
 						ASN1_ITEM_ptr(tt->item));
 				}
@@ -671,7 +680,7 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val,
 				
 		if (!*val)
 			{
-			ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I,
+			ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I,
 						ERR_R_MALLOC_FAILURE);
 			goto err;
 			}
@@ -686,7 +695,7 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val,
 				{
 				if (!sk_eoc)
 					{
-					ASN1err(ASN1_F_ASN1_TEMPLATE_D2I,
+					ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I,
 							ASN1_R_UNEXPECTED_EOC);
 					goto err;
 					}
@@ -699,21 +708,22 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val,
 						ASN1_ITEM_ptr(tt->item),
 						-1, 0, 0, ctx))
 				{
-				ASN1err(ASN1_F_ASN1_TEMPLATE_D2I,
+				ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I,
 					ERR_R_NESTED_ASN1_ERROR);
 				goto err;
 				}
 			len -= p - q;
-			if (!sk_push((STACK *)*val, (char *)skfield))
+			if (!sk_ASN1_VALUE_push((STACK_OF(ASN1_VALUE) *)*val,
+						skfield))
 				{
-				ASN1err(ASN1_F_ASN1_TEMPLATE_D2I,
+				ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I,
 						ERR_R_MALLOC_FAILURE);
 				goto err;
 				}
 			}
 		if (sk_eoc)
 			{
-			ASN1err(ASN1_F_ASN1_TEMPLATE_D2I, ASN1_R_MISSING_EOC);
+			ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ASN1_R_MISSING_EOC);
 			goto err;
 			}
 		}
@@ -724,7 +734,7 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val,
 			ASN1_ITEM_ptr(tt->item), tt->tag, aclass, opt, ctx);
 		if (!ret)
 			{
-			ASN1err(ASN1_F_ASN1_TEMPLATE_D2I,
+			ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I,
 						ERR_R_NESTED_ASN1_ERROR);
 			goto err;
 			}
@@ -738,7 +748,7 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val,
 							-1, 0, opt, ctx);
 		if (!ret)
 			{
-			ASN1err(ASN1_F_ASN1_TEMPLATE_D2I,
+			ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I,
 					ERR_R_NESTED_ASN1_ERROR);
 			goto err;
 			}
@@ -751,7 +761,6 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val,
 
 	err:
 	ASN1_template_free(val, tt);
-	*val = NULL;
 	return 0;
 	}
 
@@ -825,6 +834,7 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval,
 		}
 	else if (ret == -1)
 		return -1;
+        ret = 0;
 	/* SEQUENCE, SET and "OTHER" are left in encoded form */
 	if ((utype == V_ASN1_SEQUENCE)
 		|| (utype == V_ASN1_SET) || (utype == V_ASN1_OTHER))
@@ -848,7 +858,7 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval,
 		/* If indefinite length constructed find the real end */
 		if (inf)
 			{
-			if (!asn1_collect(NULL, &p, plen, inf, -1, -1))
+			if (!asn1_find_end(&p, plen, inf))
 				 goto err;
 			len = p - cont;
 			}
@@ -870,8 +880,11 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval,
 		 * internally irrespective of the type. So instead just check
 		 * for UNIVERSAL class and ignore the tag.
 		 */
-		if (!asn1_collect(&buf, &p, plen, inf, -1, V_ASN1_UNIVERSAL))
+		if (!asn1_collect(&buf, &p, plen, inf, -1, V_ASN1_UNIVERSAL, 0))
+			{
+			free_cont = 1;
 			goto err;
+			}
 		len = buf.length;
 		/* Append a final null to string */
 		if (!BUF_MEM_grow_clean(&buf, len + 1))
@@ -923,6 +936,8 @@ int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
 		if (!*pval)
 			{
 			typ = ASN1_TYPE_new();
+			if (typ == NULL)
+				goto err;
 			*pval = (ASN1_VALUE *)typ;
 			}
 		else
@@ -931,7 +946,7 @@ int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
 		if (utype != typ->type)
 			ASN1_TYPE_set(typ, utype, NULL);
 		opval = pval;
-		pval = (ASN1_VALUE **)&typ->value.ptr;
+		pval = &typ->value.asn1_value;
 		}
 	switch(utype)
 		{
@@ -943,7 +958,7 @@ int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
 		case V_ASN1_NULL:
 		if (len)
 			{
-			ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE,
+			ASN1err(ASN1_F_ASN1_EX_C2I,
 						ASN1_R_NULL_IS_WRONG_LENGTH);
 			goto err;
 			}
@@ -953,7 +968,7 @@ int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
 		case V_ASN1_BOOLEAN:
 		if (len != 1)
 			{
-			ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE,
+			ASN1err(ASN1_F_ASN1_EX_C2I,
 						ASN1_R_BOOLEAN_IS_WRONG_LENGTH);
 			goto err;
 			}
@@ -999,13 +1014,25 @@ int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
 		case V_ASN1_SET:
 		case V_ASN1_SEQUENCE:
 		default:
+		if (utype == V_ASN1_BMPSTRING && (len & 1))
+			{
+			ASN1err(ASN1_F_ASN1_EX_C2I,
+					ASN1_R_BMPSTRING_IS_WRONG_LENGTH);
+			goto err;
+			}
+		if (utype == V_ASN1_UNIVERSALSTRING && (len & 3))
+			{
+			ASN1err(ASN1_F_ASN1_EX_C2I,
+					ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH);
+			goto err;
+			}
 		/* All based on ASN1_STRING and handled the same */
 		if (!*pval)
 			{
 			stmp = ASN1_STRING_type_new(utype);
 			if (!stmp)
 				{
-				ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE,
+				ASN1err(ASN1_F_ASN1_EX_C2I,
 							ERR_R_MALLOC_FAILURE);
 				goto err;
 				}
@@ -1029,7 +1056,7 @@ int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
 			{
 			if (!ASN1_STRING_set(stmp, cont, len))
 				{
-				ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE,
+				ASN1err(ASN1_F_ASN1_EX_C2I,
 							ERR_R_MALLOC_FAILURE);
 				ASN1_STRING_free(stmp);	
 				*pval = NULL;
@@ -1053,16 +1080,80 @@ int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
 	return ret;
 	}
 
+
+/* This function finds the end of an ASN1 structure when passed its maximum
+ * length, whether it is indefinite length and a pointer to the content.
+ * This is more efficient than calling asn1_collect because it does not
+ * recurse on each indefinite length header.
+ */
+
+static int asn1_find_end(const unsigned char **in, long len, char inf)
+	{
+	int expected_eoc;
+	long plen;
+	const unsigned char *p = *in, *q;
+	/* If not indefinite length constructed just add length */
+	if (inf == 0)
+		{
+		*in += len;
+		return 1;
+		}
+	expected_eoc = 1;
+	/* Indefinite length constructed form. Find the end when enough EOCs
+	 * are found. If more indefinite length constructed headers
+	 * are encountered increment the expected eoc count otherwise just
+	 * skip to the end of the data.
+	 */
+	while (len > 0)
+		{
+		if(asn1_check_eoc(&p, len))
+			{
+			expected_eoc--;
+			if (expected_eoc == 0)
+				break;
+			len -= 2;
+			continue;
+			}
+		q = p;
+		/* Just read in a header: only care about the length */
+		if(!asn1_check_tlen(&plen, NULL, NULL, &inf, NULL, &p, len,
+				-1, 0, 0, NULL))
+			{
+			ASN1err(ASN1_F_ASN1_FIND_END, ERR_R_NESTED_ASN1_ERROR);
+			return 0;
+			}
+		if (inf)
+			expected_eoc++;
+		else
+			p += plen;
+		len -= p - q;
+		}
+	if (expected_eoc)
+		{
+		ASN1err(ASN1_F_ASN1_FIND_END, ASN1_R_MISSING_EOC);
+		return 0;
+		}
+	*in = p;
+	return 1;
+	}
 /* This function collects the asn1 data from a constructred string
  * type into a buffer. The values of 'in' and 'len' should refer
  * to the contents of the constructed type and 'inf' should be set
- * if it is indefinite length. If 'buf' is NULL then we just want
- * to find the end of the current structure: useful for indefinite
- * length constructed stuff.
+ * if it is indefinite length.
  */
 
+#ifndef ASN1_MAX_STRING_NEST
+/* This determines how many levels of recursion are permitted in ASN1
+ * string types. If it is not limited stack overflows can occur. If set
+ * to zero no recursion is allowed at all. Although zero should be adequate
+ * examples exist that require a value of 1. So 5 should be more than enough.
+ */
+#define ASN1_MAX_STRING_NEST 5
+#endif
+
+
 static int asn1_collect(BUF_MEM *buf, const unsigned char **in, long len,
-				char inf, int tag, int aclass)
+			char inf, int tag, int aclass, int depth)
 	{
 	const unsigned char *p, *q;
 	long plen;
@@ -1104,10 +1195,17 @@ static int asn1_collect(BUF_MEM *buf, const unsigned char **in, long len,
 		/* If indefinite length constructed update max length */
 		if (cst)
 			{
-			if (!asn1_collect(buf, &p, plen, ininf, tag, aclass))
+			if (depth >= ASN1_MAX_STRING_NEST)
+				{
+				ASN1err(ASN1_F_ASN1_COLLECT,
+					ASN1_R_NESTED_ASN1_STRING);
+				return 0;
+				}
+			if (!asn1_collect(buf, &p, plen, ininf, tag, aclass,
+						depth + 1))
 				return 0;
 			}
-		else if (!collect_data(buf, &p, plen))
+		else if (plen && !collect_data(buf, &p, plen))
 			return 0;
 		len -= p - q;
 		}
diff --git a/crypto/asn1/tasn_enc.c b/crypto/asn1/tasn_enc.c
index cef398e0fa..936ad1f767 100644
--- a/crypto/asn1/tasn_enc.c
+++ b/crypto/asn1/tasn_enc.c
@@ -1,5 +1,5 @@
 /* tasn_enc.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2000.
  */
 /* ====================================================================
@@ -59,6 +59,7 @@
 
 #include <stddef.h>
 #include <string.h>
+#include "cryptlib.h"
 #include <openssl/asn1.h>
 #include <openssl/asn1t.h>
 #include <openssl/objects.h>
@@ -157,7 +158,7 @@ int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
 		return asn1_i2d_ex_primitive(pval, out, it, -1, aclass);
 
 		case ASN1_ITYPE_CHOICE:
-		if (asn1_cb && !asn1_cb(ASN1_OP_I2D_PRE, pval, it))
+		if (asn1_cb && !asn1_cb(ASN1_OP_I2D_PRE, pval, it, NULL))
 				return 0;
 		i = asn1_get_choice_selector(pval, it);
 		if ((i >= 0) && (i < it->tcount))
@@ -170,7 +171,7 @@ int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
 								-1, aclass);
 			}
 		/* Fixme: error condition if selector out of range */
-		if (asn1_cb && !asn1_cb(ASN1_OP_I2D_POST, pval, it))
+		if (asn1_cb && !asn1_cb(ASN1_OP_I2D_POST, pval, it, NULL))
 				return 0;
 		break;
 
@@ -215,7 +216,7 @@ int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
 			aclass = (aclass & ~ASN1_TFLG_TAG_CLASS)
 					| V_ASN1_UNIVERSAL;
 			}
-		if (asn1_cb && !asn1_cb(ASN1_OP_I2D_PRE, pval, it))
+		if (asn1_cb && !asn1_cb(ASN1_OP_I2D_PRE, pval, it, NULL))
 				return 0;
 		/* First work out sequence content length */
 		for (i = 0, tt = it->templates; i < it->tcount; tt++, i++)
@@ -249,7 +250,7 @@ int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
 			}
 		if (ndef == 2)
 			ASN1_put_eoc(out);
-		if (asn1_cb  && !asn1_cb(ASN1_OP_I2D_POST, pval, it))
+		if (asn1_cb && !asn1_cb(ASN1_OP_I2D_POST, pval, it, NULL))
 				return 0;
 		return seqlen;
 
@@ -493,7 +494,7 @@ static int asn1_set_seq_out(STACK_OF(ASN1_VALUE) *sk, unsigned char **out,
 		{
 		for (i = 0, tder = derlst; i < sk_ASN1_VALUE_num(sk);
 							i++, tder++)
-			sk_ASN1_VALUE_set(sk, i, tder->field);
+			(void)sk_ASN1_VALUE_set(sk, i, tder->field);
 		}
 	OPENSSL_free(derlst);
 	OPENSSL_free(tmpdat);
@@ -568,7 +569,8 @@ int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cout, int *putype,
 	ASN1_STRING *strtmp;
 	ASN1_OBJECT *otmp;
 	int utype;
-	unsigned char *cont, c;
+	const unsigned char *cont;
+	unsigned char c;
 	int len;
 	const ASN1_PRIMITIVE_FUNCS *pf;
 	pf = it->funcs;
@@ -596,7 +598,7 @@ int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cout, int *putype,
 		typ = (ASN1_TYPE *)*pval;
 		utype = typ->type;
 		*putype = utype;
-		pval = (ASN1_VALUE **)&typ->value.ptr;
+		pval = &typ->value.asn1_value;
 		}
 	else utype = *putype;
 
@@ -617,11 +619,14 @@ int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cout, int *putype,
 		tbool = (ASN1_BOOLEAN *)pval;
 		if (*tbool == -1)
 			return -1;
-		/* Default handling if value == size field then omit */
-		if (*tbool && (it->size > 0))
-			return -1;
-		if (!*tbool && !it->size)
-			return -1;
+		if (it->utype != V_ASN1_ANY)
+			{
+			/* Default handling if value == size field then omit */
+			if (*tbool && (it->size > 0))
+				return -1;
+			if (!*tbool && !it->size)
+				return -1;
+			}
 		c = (unsigned char)*tbool;
 		cont = &c;
 		len = 1;
diff --git a/crypto/asn1/tasn_fre.c b/crypto/asn1/tasn_fre.c
index b68b66a23b..77d3092d31 100644
--- a/crypto/asn1/tasn_fre.c
+++ b/crypto/asn1/tasn_fre.c
@@ -1,5 +1,5 @@
 /* tasn_fre.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2000.
  */
 /* ====================================================================
@@ -110,13 +110,11 @@ static void asn1_item_combine_free(ASN1_VALUE **pval, const ASN1_ITEM *it, int c
 		case ASN1_ITYPE_CHOICE:
 		if (asn1_cb)
 			{
-			i = asn1_cb(ASN1_OP_FREE_PRE, pval, it);
+			i = asn1_cb(ASN1_OP_FREE_PRE, pval, it, NULL);
 			if (i == 2)
 				return;
 			}
 		i = asn1_get_choice_selector(pval, it);
-		if (asn1_cb)
-			asn1_cb(ASN1_OP_FREE_PRE, pval, it);
 		if ((i >= 0) && (i < it->tcount))
 			{
 			ASN1_VALUE **pchval;
@@ -125,7 +123,7 @@ static void asn1_item_combine_free(ASN1_VALUE **pval, const ASN1_ITEM *it, int c
 			ASN1_template_free(pchval, tt);
 			}
 		if (asn1_cb)
-			asn1_cb(ASN1_OP_FREE_POST, pval, it);
+			asn1_cb(ASN1_OP_FREE_POST, pval, it, NULL);
 		if (!combine)
 			{
 			OPENSSL_free(*pval);
@@ -151,7 +149,7 @@ static void asn1_item_combine_free(ASN1_VALUE **pval, const ASN1_ITEM *it, int c
 			return;
 		if (asn1_cb)
 			{
-			i = asn1_cb(ASN1_OP_FREE_PRE, pval, it);
+			i = asn1_cb(ASN1_OP_FREE_PRE, pval, it, NULL);
 			if (i == 2)
 				return;
 			}		
@@ -172,7 +170,7 @@ static void asn1_item_combine_free(ASN1_VALUE **pval, const ASN1_ITEM *it, int c
 			ASN1_template_free(pseqval, seqtt);
 			}
 		if (asn1_cb)
-			asn1_cb(ASN1_OP_FREE_POST, pval, it);
+			asn1_cb(ASN1_OP_FREE_POST, pval, it, NULL);
 		if (!combine)
 			{
 			OPENSSL_free(*pval);
@@ -221,7 +219,7 @@ void ASN1_primitive_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
 		{
 		ASN1_TYPE *typ = (ASN1_TYPE *)*pval;
 		utype = typ->type;
-		pval = (ASN1_VALUE **)&typ->value.ptr;
+		pval = &typ->value.asn1_value;
 		if (!*pval)
 			return;
 		}
diff --git a/crypto/asn1/tasn_new.c b/crypto/asn1/tasn_new.c
index 2b9bb997de..0d9e78cc7c 100644
--- a/crypto/asn1/tasn_new.c
+++ b/crypto/asn1/tasn_new.c
@@ -1,5 +1,5 @@
 /* tasn_new.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2000.
  */
 /* ====================================================================
@@ -68,7 +68,7 @@ static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it,
 								int combine);
 static void asn1_item_clear(ASN1_VALUE **pval, const ASN1_ITEM *it);
 static void asn1_template_clear(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt);
-void asn1_primitive_clear(ASN1_VALUE **pval, const ASN1_ITEM *it);
+static void asn1_primitive_clear(ASN1_VALUE **pval, const ASN1_ITEM *it);
 
 ASN1_VALUE *ASN1_item_new(const ASN1_ITEM *it)
 	{
@@ -146,7 +146,7 @@ static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it,
 		case ASN1_ITYPE_CHOICE:
 		if (asn1_cb)
 			{
-			i = asn1_cb(ASN1_OP_NEW_PRE, pval, it);
+			i = asn1_cb(ASN1_OP_NEW_PRE, pval, it, NULL);
 			if (!i)
 				goto auxerr;
 			if (i==2)
@@ -166,7 +166,7 @@ static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it,
 			memset(*pval, 0, it->size);
 			}
 		asn1_set_choice_selector(pval, -1, it);
-		if (asn1_cb && !asn1_cb(ASN1_OP_NEW_POST, pval, it))
+		if (asn1_cb && !asn1_cb(ASN1_OP_NEW_POST, pval, it, NULL))
 				goto auxerr;
 		break;
 
@@ -174,7 +174,7 @@ static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it,
 		case ASN1_ITYPE_SEQUENCE:
 		if (asn1_cb)
 			{
-			i = asn1_cb(ASN1_OP_NEW_PRE, pval, it);
+			i = asn1_cb(ASN1_OP_NEW_PRE, pval, it, NULL);
 			if (!i)
 				goto auxerr;
 			if (i==2)
@@ -201,7 +201,7 @@ static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it,
 			if (!ASN1_template_new(pseqval, tt))
 				goto memerr;
 			}
-		if (asn1_cb && !asn1_cb(ASN1_OP_NEW_POST, pval, it))
+		if (asn1_cb && !asn1_cb(ASN1_OP_NEW_POST, pval, it, NULL))
 				goto auxerr;
 		break;
 	}
@@ -211,14 +211,14 @@ static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it,
 	return 1;
 
 	memerr:
-	ASN1err(ASN1_F_ASN1_ITEM_NEW, ERR_R_MALLOC_FAILURE);
+	ASN1err(ASN1_F_ASN1_ITEM_EX_COMBINE_NEW, ERR_R_MALLOC_FAILURE);
 #ifdef CRYPTO_MDEBUG
 	if (it->sname) CRYPTO_pop_info();
 #endif
 	return 0;
 
 	auxerr:
-	ASN1err(ASN1_F_ASN1_ITEM_NEW, ASN1_R_AUX_ERROR);
+	ASN1err(ASN1_F_ASN1_ITEM_EX_COMBINE_NEW, ASN1_R_AUX_ERROR);
 	ASN1_item_ex_free(pval, it);
 #ifdef CRYPTO_MDEBUG
 	if (it->sname) CRYPTO_pop_info();
@@ -325,12 +325,15 @@ static void asn1_template_clear(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt)
 int ASN1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
 	{
 	ASN1_TYPE *typ;
+	ASN1_STRING *str;
 	int utype;
-	const ASN1_PRIMITIVE_FUNCS *pf;
-	pf = it->funcs;
 
-	if (pf && pf->prim_new)
-		return pf->prim_new(pval, it);
+	if (it && it->funcs)
+		{
+		const ASN1_PRIMITIVE_FUNCS *pf = it->funcs;
+		if (pf->prim_new)
+			return pf->prim_new(pval, it);
+		}
 
 	if (!it || (it->itype == ASN1_ITYPE_MSTRING))
 		utype = -1;
@@ -343,10 +346,7 @@ int ASN1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
 		return 1;
 
 		case V_ASN1_BOOLEAN:
-		if (it)
-			*(ASN1_BOOLEAN *)pval = it->size;
-		else
-			*(ASN1_BOOLEAN *)pval = -1;
+		*(ASN1_BOOLEAN *)pval = it->size;
 		return 1;
 
 		case V_ASN1_NULL:
@@ -363,7 +363,10 @@ int ASN1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
 		break;
 
 		default:
-		*pval = (ASN1_VALUE *)ASN1_STRING_type_new(utype);
+		str = ASN1_STRING_type_new(utype);
+		if (it->itype == ASN1_ITYPE_MSTRING && str)
+			str->flags |= ASN1_STRING_FLAG_MSTRING;
+		*pval = (ASN1_VALUE *)str;
 		break;
 		}
 	if (*pval)
@@ -371,13 +374,12 @@ int ASN1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
 	return 0;
 	}
 
-void asn1_primitive_clear(ASN1_VALUE **pval, const ASN1_ITEM *it)
+static void asn1_primitive_clear(ASN1_VALUE **pval, const ASN1_ITEM *it)
 	{
 	int utype;
-	const ASN1_PRIMITIVE_FUNCS *pf;
-	pf = it->funcs;
-	if (pf)
+	if (it && it->funcs)
 		{
+		const ASN1_PRIMITIVE_FUNCS *pf = it->funcs;
 		if (pf->prim_clear)
 			pf->prim_clear(pval, it);
 		else 
diff --git a/crypto/asn1/tasn_prn.c b/crypto/asn1/tasn_prn.c
index 719639b511..453698012d 100644
--- a/crypto/asn1/tasn_prn.c
+++ b/crypto/asn1/tasn_prn.c
@@ -1,9 +1,9 @@
 /* tasn_prn.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2000.
  */
 /* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 2000,2005 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -58,141 +58,570 @@
 
 
 #include <stddef.h>
+#include "cryptlib.h"
 #include <openssl/asn1.h>
+#include <openssl/asn1t.h>
 #include <openssl/objects.h>
 #include <openssl/buffer.h>
 #include <openssl/err.h>
-#include <openssl/nasn.h>
+#include <openssl/x509v3.h>
+#include "asn1_locl.h"
 
-/* Print routines. Print out a whole structure from a template.
+/* Print routines.
  */
 
-static int asn1_item_print_nm(BIO *out, void *fld, int indent, const ASN1_ITEM *it, const char *name);
+/* ASN1_PCTX routines */
 
-int ASN1_item_print(BIO *out, void *fld, int indent, const ASN1_ITEM *it)
-{
-	return asn1_item_print_nm(out, fld, indent, it, it->sname);
-}
+ASN1_PCTX default_pctx = 
+	{
+	ASN1_PCTX_FLAGS_SHOW_ABSENT,	/* flags */
+	0,	/* nm_flags */
+	0,	/* cert_flags */
+	0,	/* oid_flags */
+	0	/* str_flags */
+	};
+	
 
-static int asn1_item_print_nm(BIO *out, void *fld, int indent, const ASN1_ITEM *it, const char *name)
-{
-	ASN1_STRING *str;
+ASN1_PCTX *ASN1_PCTX_new(void)
+	{
+	ASN1_PCTX *ret;
+	ret = OPENSSL_malloc(sizeof(ASN1_PCTX));
+	if (ret == NULL)
+		{
+		ASN1err(ASN1_F_ASN1_PCTX_NEW, ERR_R_MALLOC_FAILURE);
+		return NULL;
+		}
+	ret->flags = 0;
+	ret->nm_flags = 0;
+	ret->cert_flags = 0;
+	ret->oid_flags = 0;
+	ret->str_flags = 0;
+	return ret;
+	}
+
+void ASN1_PCTX_free(ASN1_PCTX *p)
+	{
+	OPENSSL_free(p);
+	}
+
+unsigned long ASN1_PCTX_get_flags(ASN1_PCTX *p)
+	{
+	return p->flags;
+	}
+
+void ASN1_PCTX_set_flags(ASN1_PCTX *p, unsigned long flags)
+	{
+	p->flags = flags;
+	}
+
+unsigned long ASN1_PCTX_get_nm_flags(ASN1_PCTX *p)
+	{
+	return p->nm_flags;
+	}
+
+void ASN1_PCTX_set_nm_flags(ASN1_PCTX *p, unsigned long flags)
+	{
+	p->nm_flags = flags;
+	}
+
+unsigned long ASN1_PCTX_get_cert_flags(ASN1_PCTX *p)
+	{
+	return p->cert_flags;
+	}
+
+void ASN1_PCTX_set_cert_flags(ASN1_PCTX *p, unsigned long flags)
+	{
+	p->cert_flags = flags;
+	}
+
+unsigned long ASN1_PCTX_get_oid_flags(ASN1_PCTX *p)
+	{
+	return p->oid_flags;
+	}
+
+void ASN1_PCTX_set_oid_flags(ASN1_PCTX *p, unsigned long flags)
+	{
+	p->oid_flags = flags;
+	}
+
+unsigned long ASN1_PCTX_get_str_flags(ASN1_PCTX *p)
+	{
+	return p->str_flags;
+	}
+
+void ASN1_PCTX_set_str_flags(ASN1_PCTX *p, unsigned long flags)
+	{
+	p->str_flags = flags;
+	}
+
+/* Main print routines */
+
+static int asn1_item_print_ctx(BIO *out, ASN1_VALUE **fld, int indent,
+				const ASN1_ITEM *it,
+				const char *fname, const char *sname,
+				int nohdr, const ASN1_PCTX *pctx);
+
+int asn1_template_print_ctx(BIO *out, ASN1_VALUE **fld, int indent,
+				const ASN1_TEMPLATE *tt, const ASN1_PCTX *pctx);
+
+static int asn1_primitive_print(BIO *out, ASN1_VALUE **fld,
+				const ASN1_ITEM *it, int indent,
+				const char *fname, const char *sname,
+				const ASN1_PCTX *pctx);
+
+static int asn1_print_fsname(BIO *out, int indent,
+			const char *fname, const char *sname,
+			const ASN1_PCTX *pctx);
+
+int ASN1_item_print(BIO *out, ASN1_VALUE *ifld, int indent,
+				const ASN1_ITEM *it, const ASN1_PCTX *pctx)
+	{
+	const char *sname;
+	if (pctx == NULL)
+		pctx = &default_pctx;
+	if (pctx->flags & ASN1_PCTX_FLAGS_NO_STRUCT_NAME)
+		sname = NULL;
+	else
+		sname = it->sname;
+	return asn1_item_print_ctx(out, &ifld, indent, it,
+							NULL, sname, 0, pctx);
+	}
+
+static int asn1_item_print_ctx(BIO *out, ASN1_VALUE **fld, int indent,
+				const ASN1_ITEM *it,
+				const char *fname, const char *sname,
+				int nohdr, const ASN1_PCTX *pctx)
+	{
 	const ASN1_TEMPLATE *tt;
-	void *tmpfld;
+	const ASN1_EXTERN_FUNCS *ef;
+	ASN1_VALUE **tmpfld;
+	const ASN1_AUX *aux = it->funcs;
+	ASN1_aux_cb *asn1_cb;
+	ASN1_PRINT_ARG parg;
 	int i;
-	if(!fld) {
-		BIO_printf(out, "%*s%s ABSENT\n", indent, "", name);
+	if (aux && aux->asn1_cb)
+		{
+		parg.out = out;
+		parg.indent = indent;
+		parg.pctx = pctx;
+		asn1_cb = aux->asn1_cb;
+		}
+	else asn1_cb = 0;
+
+	if(*fld == NULL)
+		{
+		if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_ABSENT)
+			{
+			if (!nohdr && !asn1_print_fsname(out, indent,
+							fname, sname, pctx))
+				return 0;
+			if (BIO_puts(out, "<ABSENT>\n") <= 0)
+				return 0;
+			}
 		return 1;
-	}
-	switch(it->itype) {
+		}
 
+	switch(it->itype)
+		{
 		case ASN1_ITYPE_PRIMITIVE:
 		if(it->templates)
-			return ASN1_template_print(out, fld, indent, it->templates);
-		return asn1_primitive_print(out, fld, it->utype, indent, name);
-		break;
-
+			{
+			if (!asn1_template_print_ctx(out, fld, indent,
+							it->templates, pctx))
+				return 0;
+			}
+		/* fall thru */
 		case ASN1_ITYPE_MSTRING:
-		str = fld;
-		return asn1_primitive_print(out, fld, str->type, indent, name);
+		if (!asn1_primitive_print(out, fld, it,
+				indent, fname, sname,pctx))
+			return 0;
+		break;
 
 		case ASN1_ITYPE_EXTERN:
-		BIO_printf(out, "%*s%s:EXTERNAL TYPE %s %s\n", indent, "", name, it->sname, fld ? "" : "ABSENT");
-		return 1;
-		case ASN1_ITYPE_COMPAT:
-		BIO_printf(out, "%*s%s:COMPATIBLE TYPE %s %s\n", indent, "", name, it->sname, fld ? "" : "ABSENT");
-		return 1;
-
+		if (!nohdr && !asn1_print_fsname(out, indent, fname, sname, pctx))
+			return 0;
+		/* Use new style print routine if possible */
+		ef = it->funcs;
+		if (ef && ef->asn1_ex_print)
+			{
+			i = ef->asn1_ex_print(out, fld, indent, "", pctx);
+			if (!i)
+				return 0;
+			if ((i == 2) && (BIO_puts(out, "\n") <= 0))
+				return 0;
+			return 1;
+			}
+		else if (sname && 
+			BIO_printf(out, ":EXTERNAL TYPE %s\n", sname) <= 0)
+			return 0;
+		break;
 
 		case ASN1_ITYPE_CHOICE:
+#if 0
+		if (!nohdr && !asn1_print_fsname(out, indent, fname, sname, pctx))
+			return 0;
+#endif
 		/* CHOICE type, get selector */
 		i = asn1_get_choice_selector(fld, it);
 		/* This should never happen... */
-		if((i < 0) || (i >= it->tcount)) {
-			BIO_printf(out, "%s selector [%d] out of range\n", it->sname, i);
+		if((i < 0) || (i >= it->tcount))
+			{
+			if (BIO_printf(out,
+				"ERROR: selector [%d] invalid\n", i) <= 0)
+				return 0;
 			return 1;
-		}
+			}
 		tt = it->templates + i;
-		tmpfld = asn1_get_field(fld, tt);
-		return ASN1_template_print(out, tmpfld, indent, tt);
+		tmpfld = asn1_get_field_ptr(fld, tt);
+		if (!asn1_template_print_ctx(out, tmpfld, indent, tt, pctx))
+			return 0;
+		break;
 
 		case ASN1_ITYPE_SEQUENCE:
-		BIO_printf(out, "%*s%s {\n", indent, "", name);
-		/* Get each field entry */
-		for(i = 0, tt = it->templates; i < it->tcount; i++, tt++) {
-			tmpfld = asn1_get_field(fld, tt);
-			ASN1_template_print(out, tmpfld, indent + 2, tt);
-		}
-		BIO_printf(out, "%*s}\n", indent, "");
-		return 1;
+		case ASN1_ITYPE_NDEF_SEQUENCE:
+		if (!nohdr && !asn1_print_fsname(out, indent, fname, sname, pctx))
+			return 0;
+		if (fname || sname)
+			{
+			if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_SEQUENCE)
+				{
+				if (BIO_puts(out, " {\n") <= 0)
+					return 0;
+				}
+			else
+				{
+				if (BIO_puts(out, "\n") <= 0)
+					return 0;
+				}
+			}
+
+		if (asn1_cb)
+			{
+			i = asn1_cb(ASN1_OP_PRINT_PRE, fld, it, &parg);
+			if (i == 0)
+				return 0;
+			if (i == 2)
+				return 1;
+			}
+
+		/* Print each field entry */
+		for(i = 0, tt = it->templates; i < it->tcount; i++, tt++)
+			{
+			const ASN1_TEMPLATE *seqtt;
+			seqtt = asn1_do_adb(fld, tt, 1);
+			tmpfld = asn1_get_field_ptr(fld, seqtt);
+			if (!asn1_template_print_ctx(out, tmpfld,
+						indent + 2, seqtt, pctx))
+				return 0;
+			}
+		if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_SEQUENCE)
+			{
+			if (BIO_printf(out, "%*s}\n", indent, "") < 0)
+				return 0;
+			}
+
+		if (asn1_cb)
+			{
+			i = asn1_cb(ASN1_OP_PRINT_POST, fld, it, &parg);
+			if (i == 0)
+				return 0;
+			}
+		break;
 
 		default:
+		BIO_printf(out, "Unprocessed type %d\n", it->itype);
 		return 0;
+		}
+
+	return 1;
 	}
-}
 
-int ASN1_template_print(BIO *out, void *fld, int indent, const ASN1_TEMPLATE *tt)
-{
+int asn1_template_print_ctx(BIO *out, ASN1_VALUE **fld, int indent,
+				const ASN1_TEMPLATE *tt, const ASN1_PCTX *pctx)
+	{
 	int i, flags;
-#if 0
-	if(!fld) return 0; 
-#endif
+	const char *sname, *fname;
 	flags = tt->flags;
-	if(flags & ASN1_TFLG_SK_MASK) {
+	if(pctx->flags & ASN1_PCTX_FLAGS_SHOW_FIELD_STRUCT_NAME)
+		sname = ASN1_ITEM_ptr(tt->item)->sname;
+	else
+		sname = NULL;
+	if(pctx->flags & ASN1_PCTX_FLAGS_NO_FIELD_NAME)
+		fname = NULL;
+	else
+		fname = tt->field_name;
+	if(flags & ASN1_TFLG_SK_MASK)
+		{
 		char *tname;
-		void *skitem;
+		ASN1_VALUE *skitem;
+		STACK_OF(ASN1_VALUE) *stack;
+
 		/* SET OF, SEQUENCE OF */
-		if(flags & ASN1_TFLG_SET_OF) tname = "SET";
-		else tname = "SEQUENCE";
-		if(fld) {
-			BIO_printf(out, "%*s%s OF %s {\n", indent, "", tname, tt->field_name);
-			for(i = 0; i < sk_num(fld); i++) {
-				skitem = sk_value(fld, i);
-				asn1_item_print_nm(out, skitem, indent + 2, tt->item, "");
+		if (fname)
+			{
+			if(pctx->flags & ASN1_PCTX_FLAGS_SHOW_SSOF)
+				{
+				if(flags & ASN1_TFLG_SET_OF)
+					tname = "SET";
+				else
+					tname = "SEQUENCE";
+				if (BIO_printf(out, "%*s%s OF %s {\n",
+					indent, "", tname, tt->field_name) <= 0)
+					return 0;
+				}
+			else if (BIO_printf(out, "%*s%s:\n", indent, "",
+					fname) <= 0)
+				return 0;
+			}
+		stack = (STACK_OF(ASN1_VALUE) *)*fld;
+		for(i = 0; i < sk_ASN1_VALUE_num(stack); i++)
+			{
+			if ((i > 0) && (BIO_puts(out, "\n") <= 0))
+				return 0;
+
+			skitem = sk_ASN1_VALUE_value(stack, i);
+			if (!asn1_item_print_ctx(out, &skitem, indent + 2,
+				ASN1_ITEM_ptr(tt->item), NULL, NULL, 1, pctx))
+				return 0;
+			}
+		if (!i && BIO_printf(out, "%*s<EMPTY>\n", indent + 2, "") <= 0)
+				return 0;
+		if(pctx->flags & ASN1_PCTX_FLAGS_SHOW_SEQUENCE)
+			{
+			if (BIO_printf(out, "%*s}\n", indent, "") <= 0)
+				return 0;
 			}
-			BIO_printf(out, "%*s}\n", indent, "");
-		} else 
-			BIO_printf(out, "%*s%s OF %s ABSENT\n", indent, "", tname, tt->field_name);
 		return 1;
+		}
+	return asn1_item_print_ctx(out, fld, indent, ASN1_ITEM_ptr(tt->item),
+							fname, sname, 0, pctx);
 	}
-	return asn1_item_print_nm(out, fld, indent, tt->item, tt->field_name);
-}
-
-static int asn1_primitive_print(BIO *out, void *fld, long utype, int indent, const char *name)
-{
-	ASN1_STRING *str = fld;
-	if(fld) {
-		if(utype == V_ASN1_BOOLEAN) {
-			int *bool = fld;
-if(*bool == -1) printf("BOOL MISSING\n");
-			BIO_printf(out, "%*s%s:%s", indent, "", "BOOLEAN", *bool ? "TRUE" : "FALSE");
-		} else if((utype == V_ASN1_INTEGER) 
-			  || (utype == V_ASN1_ENUMERATED)) {
-			char *s, *nm;
-			s = i2s_ASN1_INTEGER(NULL, fld);
-			if(utype == V_ASN1_INTEGER) nm = "INTEGER";
-			else nm = "ENUMERATED";
-			BIO_printf(out, "%*s%s:%s", indent, "", nm, s);
-			OPENSSL_free(s);
-		} else if(utype == V_ASN1_NULL) {
-			BIO_printf(out, "%*s%s", indent, "", "NULL");
-		} else if(utype == V_ASN1_UTCTIME) {
-			BIO_printf(out, "%*s%s:%s:", indent, "", name, "UTCTIME");
-			ASN1_UTCTIME_print(out, str);
-		} else if(utype == V_ASN1_GENERALIZEDTIME) {
-			BIO_printf(out, "%*s%s:%s:", indent, "", name, "GENERALIZEDTIME");
-			ASN1_GENERALIZEDTIME_print(out, str);
-		} else if(utype == V_ASN1_OBJECT) {
-			char objbuf[80], *ln;
-			ln = OBJ_nid2ln(OBJ_obj2nid(fld));
-			if(!ln) ln = "";
-			OBJ_obj2txt(objbuf, sizeof objbuf, fld, 1);
-			BIO_printf(out, "%*s%s:%s (%s)", indent, "", "OBJECT", ln, objbuf);
-		} else {
-			BIO_printf(out, "%*s%s:", indent, "", name);
-			ASN1_STRING_print_ex(out, str, ASN1_STRFLGS_DUMP_UNKNOWN|ASN1_STRFLGS_SHOW_TYPE);
+
+static int asn1_print_fsname(BIO *out, int indent,
+			const char *fname, const char *sname,
+			const ASN1_PCTX *pctx)
+	{
+	static char spaces[] = "                    ";
+	const int nspaces = sizeof(spaces) - 1;
+
+#if 0
+	if (!sname && !fname)
+		return 1;
+#endif
+
+	while (indent > nspaces)
+		{
+		if (BIO_write(out, spaces, nspaces) != nspaces)
+			return 0;
+		indent -= nspaces;
+		}
+	if (BIO_write(out, spaces, indent) != indent)
+		return 0;
+	if (pctx->flags & ASN1_PCTX_FLAGS_NO_STRUCT_NAME)
+		sname = NULL;
+	if (pctx->flags & ASN1_PCTX_FLAGS_NO_FIELD_NAME)
+		fname = NULL;
+	if (!sname && !fname)
+		return 1;
+	if (fname)
+		{
+		if (BIO_puts(out, fname) <= 0)
+			return 0;
 		}
-		BIO_printf(out, "\n");
-	} else BIO_printf(out, "%*s%s [ABSENT]\n", indent, "", name);
+	if (sname)
+		{
+		if (fname)
+			{
+			if (BIO_printf(out, " (%s)", sname) <= 0)
+				return 0;
+			}
+		else
+			{
+			if (BIO_puts(out, sname) <= 0)
+				return 0;
+			}
+		}
+	if (BIO_write(out, ": ", 2) != 2)
+		return 0;
 	return 1;
-}
+	}
+
+static int asn1_print_boolean_ctx(BIO *out, const int bool,
+							const ASN1_PCTX *pctx)
+	{
+	const char *str;
+	switch (bool)
+		{
+		case -1:
+		str = "BOOL ABSENT";
+		break;
+
+		case 0:
+		str = "FALSE";
+		break;
+
+		default:
+		str = "TRUE";
+		break;
+
+		}
+
+	if (BIO_puts(out, str) <= 0)
+		return 0;
+	return 1;
+
+	}
+
+static int asn1_print_integer_ctx(BIO *out, ASN1_INTEGER *str,
+						const ASN1_PCTX *pctx)
+	{
+	char *s;
+	int ret = 1;
+	s = i2s_ASN1_INTEGER(NULL, str);
+	if (BIO_puts(out, s) <= 0)
+		ret = 0;
+	OPENSSL_free(s);
+	return ret;
+	}
+
+static int asn1_print_oid_ctx(BIO *out, const ASN1_OBJECT *oid,
+						const ASN1_PCTX *pctx)
+	{
+	char objbuf[80];
+	const char *ln;
+	ln = OBJ_nid2ln(OBJ_obj2nid(oid));
+	if(!ln)
+		ln = "";
+	OBJ_obj2txt(objbuf, sizeof objbuf, oid, 1);
+	if (BIO_printf(out, "%s (%s)", ln, objbuf) <= 0)
+		return 0;
+	return 1;
+	}
+
+static int asn1_print_obstring_ctx(BIO *out, ASN1_STRING *str, int indent,
+						const ASN1_PCTX *pctx)
+	{
+	if (str->type == V_ASN1_BIT_STRING)
+		{
+		if (BIO_printf(out, " (%ld unused bits)\n",
+					str->flags & 0x7) <= 0)
+				return 0;
+		}
+	else if (BIO_puts(out, "\n") <= 0)
+		return 0;
+	if ((str->length > 0)
+		&& BIO_dump_indent(out, (char *)str->data, str->length,
+				indent + 2) <= 0)
+		return 0;
+	return 1;
+	}
+
+static int asn1_primitive_print(BIO *out, ASN1_VALUE **fld,
+				const ASN1_ITEM *it, int indent,
+				const char *fname, const char *sname,
+				const ASN1_PCTX *pctx)
+	{
+	long utype;
+	ASN1_STRING *str;
+	int ret = 1, needlf = 1;
+	const char *pname;
+	const ASN1_PRIMITIVE_FUNCS *pf;
+	pf = it->funcs;
+	if (!asn1_print_fsname(out, indent, fname, sname, pctx))
+			return 0;
+	if (pf && pf->prim_print)
+		return pf->prim_print(out, fld, it, indent, pctx);
+	str = (ASN1_STRING *)*fld;
+	if (it->itype == ASN1_ITYPE_MSTRING)
+		utype = str->type & ~V_ASN1_NEG;
+	else
+		utype = it->utype;
+	if (utype == V_ASN1_ANY)
+		{
+		ASN1_TYPE *atype = (ASN1_TYPE *)*fld;
+		utype = atype->type;
+		fld = &atype->value.asn1_value;
+		str = (ASN1_STRING *)*fld;
+		if (pctx->flags & ASN1_PCTX_FLAGS_NO_ANY_TYPE)
+			pname = NULL;
+		else 
+			pname = ASN1_tag2str(utype);
+		}
+	else
+		{
+		if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_TYPE)
+			pname = ASN1_tag2str(utype);
+		else 
+			pname = NULL;
+		}
+
+	if (utype == V_ASN1_NULL)
+		{
+		if (BIO_puts(out, "NULL\n") <= 0)
+			return 0;
+		return 1;
+		}
+
+	if (pname)
+		{
+		if (BIO_puts(out, pname) <= 0)
+			return 0;
+		if (BIO_puts(out, ":") <= 0)
+			return 0;
+		}
+
+	switch (utype)
+		{
+		case V_ASN1_BOOLEAN:
+			{
+			int bool = *(int *)fld;
+			if (bool == -1)
+				bool = it->size;
+			ret = asn1_print_boolean_ctx(out, bool, pctx);
+			}
+		break;
+
+		case V_ASN1_INTEGER:
+		case V_ASN1_ENUMERATED:
+		ret = asn1_print_integer_ctx(out, str, pctx);
+		break;
+
+		case V_ASN1_UTCTIME:
+		ret = ASN1_UTCTIME_print(out, str);
+		break;
+
+		case V_ASN1_GENERALIZEDTIME:
+		ret = ASN1_GENERALIZEDTIME_print(out, str);
+		break;
+
+		case V_ASN1_OBJECT:
+		ret = asn1_print_oid_ctx(out, (const ASN1_OBJECT *)*fld, pctx);
+		break;
+
+		case V_ASN1_OCTET_STRING:
+		case V_ASN1_BIT_STRING:
+		ret = asn1_print_obstring_ctx(out, str, indent, pctx);
+		needlf = 0;
+		break;
+
+		case V_ASN1_SEQUENCE:
+		case V_ASN1_SET:
+		case V_ASN1_OTHER:
+		if (BIO_puts(out, "\n") <= 0)
+			return 0;
+		if (ASN1_parse_dump(out, str->data, str->length,
+						indent, 0) <= 0)
+			ret = 0;
+		needlf = 0;
+		break;
+
+		default:
+		ret = ASN1_STRING_print_ex(out, str, pctx->str_flags);
+
+		}
+	if (!ret)
+		return 0;
+	if (needlf && BIO_puts(out, "\n") <= 0)
+		return 0;
+	return 1;
+	}
diff --git a/crypto/asn1/tasn_typ.c b/crypto/asn1/tasn_typ.c
index 6f17f1bec7..6fb1c372da 100644
--- a/crypto/asn1/tasn_typ.c
+++ b/crypto/asn1/tasn_typ.c
@@ -1,5 +1,5 @@
 /* tasn_typ.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2000.
  */
 /* ====================================================================
@@ -135,3 +135,14 @@ IMPLEMENT_ASN1_TYPE_ex(ASN1_FBOOLEAN, ASN1_BOOLEAN, 0)
 /* Special, OCTET STRING with indefinite length constructed support */
 
 IMPLEMENT_ASN1_TYPE_ex(ASN1_OCTET_STRING_NDEF, ASN1_OCTET_STRING, ASN1_TFLG_NDEF)
+
+ASN1_ITEM_TEMPLATE(ASN1_SEQUENCE_ANY) = 
+	ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, ASN1_SEQUENCE_ANY, ASN1_ANY)
+ASN1_ITEM_TEMPLATE_END(ASN1_SEQUENCE_ANY)
+
+ASN1_ITEM_TEMPLATE(ASN1_SET_ANY) = 
+	ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SET_OF, 0, ASN1_SET_ANY, ASN1_ANY)
+ASN1_ITEM_TEMPLATE_END(ASN1_SET_ANY)
+
+IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(ASN1_SEQUENCE_ANY, ASN1_SEQUENCE_ANY, ASN1_SEQUENCE_ANY)
+IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(ASN1_SEQUENCE_ANY, ASN1_SET_ANY, ASN1_SET_ANY)
diff --git a/crypto/asn1/tasn_utl.c b/crypto/asn1/tasn_utl.c
index 34d520b180..ca9ec7a32f 100644
--- a/crypto/asn1/tasn_utl.c
+++ b/crypto/asn1/tasn_utl.c
@@ -1,5 +1,5 @@
 /* tasn_utl.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2000.
  */
 /* ====================================================================
diff --git a/crypto/asn1/x_algor.c b/crypto/asn1/x_algor.c
index 00b9ea54a1..99e53429b7 100644
--- a/crypto/asn1/x_algor.c
+++ b/crypto/asn1/x_algor.c
@@ -1,5 +1,5 @@
 /* x_algor.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2000.
  */
 /* ====================================================================
@@ -66,8 +66,65 @@ ASN1_SEQUENCE(X509_ALGOR) = {
 	ASN1_OPT(X509_ALGOR, parameter, ASN1_ANY)
 } ASN1_SEQUENCE_END(X509_ALGOR)
 
+ASN1_ITEM_TEMPLATE(X509_ALGORS) = 
+	ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, algorithms, X509_ALGOR)
+ASN1_ITEM_TEMPLATE_END(X509_ALGORS)
+
 IMPLEMENT_ASN1_FUNCTIONS(X509_ALGOR)
+IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(X509_ALGORS, X509_ALGORS, X509_ALGORS)
 IMPLEMENT_ASN1_DUP_FUNCTION(X509_ALGOR)
 
 IMPLEMENT_STACK_OF(X509_ALGOR)
 IMPLEMENT_ASN1_SET_OF(X509_ALGOR)
+
+int X509_ALGOR_set0(X509_ALGOR *alg, ASN1_OBJECT *aobj, int ptype, void *pval)
+	{
+	if (!alg)
+		return 0;
+	if (ptype != V_ASN1_UNDEF)
+		{
+		if (alg->parameter == NULL)
+			alg->parameter = ASN1_TYPE_new();
+		if (alg->parameter == NULL)
+			return 0;
+		}
+	if (alg)
+		{
+		if (alg->algorithm)
+			ASN1_OBJECT_free(alg->algorithm);
+		alg->algorithm = aobj;
+		}
+	if (ptype == 0)
+		return 1;	
+	if (ptype == V_ASN1_UNDEF)
+		{
+		if (alg->parameter)
+			{
+			ASN1_TYPE_free(alg->parameter);
+			alg->parameter = NULL;
+			}
+		}
+	else
+		ASN1_TYPE_set(alg->parameter, ptype, pval);
+	return 1;
+	}
+
+void X509_ALGOR_get0(ASN1_OBJECT **paobj, int *pptype, void **ppval,
+						X509_ALGOR *algor)
+	{
+	if (paobj)
+		*paobj = algor->algorithm;
+	if (pptype)
+		{
+		if (algor->parameter == NULL)
+			{
+			*pptype = V_ASN1_UNDEF;
+			return;
+			}
+		else
+			*pptype = algor->parameter->type;
+		if (ppval)
+			*ppval = algor->parameter->value.ptr;
+		}
+	}
+
diff --git a/crypto/asn1/x_bignum.c b/crypto/asn1/x_bignum.c
index 869c05d931..9cf3204a1b 100644
--- a/crypto/asn1/x_bignum.c
+++ b/crypto/asn1/x_bignum.c
@@ -1,5 +1,5 @@
 /* x_bignum.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2000.
  */
 /* ====================================================================
diff --git a/crypto/asn1/x_crl.c b/crypto/asn1/x_crl.c
index b99f8fc522..c51c690ba9 100644
--- a/crypto/asn1/x_crl.c
+++ b/crypto/asn1/x_crl.c
@@ -58,11 +58,14 @@
 
 #include <stdio.h>
 #include "cryptlib.h"
+#include "asn1_locl.h"
 #include <openssl/asn1t.h>
 #include <openssl/x509.h>
+#include <openssl/x509v3.h>
 
 static int X509_REVOKED_cmp(const X509_REVOKED * const *a,
 				const X509_REVOKED * const *b);
+static void setup_idp(X509_CRL *crl, ISSUING_DIST_POINT *idp);
 
 ASN1_SEQUENCE(X509_REVOKED) = {
 	ASN1_SIMPLE(X509_REVOKED,serialNumber, ASN1_INTEGER),
@@ -70,11 +73,26 @@ ASN1_SEQUENCE(X509_REVOKED) = {
 	ASN1_SEQUENCE_OF_OPT(X509_REVOKED,extensions, X509_EXTENSION)
 } ASN1_SEQUENCE_END(X509_REVOKED)
 
+static int def_crl_verify(X509_CRL *crl, EVP_PKEY *r);
+static int def_crl_lookup(X509_CRL *crl,
+		X509_REVOKED **ret, ASN1_INTEGER *serial, X509_NAME *issuer);
+
+static X509_CRL_METHOD int_crl_meth =
+	{
+	0,
+	0,0,
+	def_crl_lookup,
+	def_crl_verify
+	};
+
+static const X509_CRL_METHOD *default_crl_method = &int_crl_meth;
+
 /* The X509_CRL_INFO structure needs a bit of customisation.
  * Since we cache the original encoding the signature wont be affected by
  * reordering of the revoked field.
  */
-static int crl_inf_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
+static int crl_inf_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
+								void *exarg)
 {
 	X509_CRL_INFO *a = (X509_CRL_INFO *)*pval;
 
@@ -84,7 +102,7 @@ static int crl_inf_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
 		 * would affect the output of X509_CRL_print().
 		 */
 		case ASN1_OP_D2I_POST:
-		sk_X509_REVOKED_set_cmp_func(a->revoked,X509_REVOKED_cmp);
+		(void)sk_X509_REVOKED_set_cmp_func(a->revoked,X509_REVOKED_cmp);
 		break;
 	}
 	return 1;
@@ -101,7 +119,237 @@ ASN1_SEQUENCE_enc(X509_CRL_INFO, enc, crl_inf_cb) = {
 	ASN1_EXP_SEQUENCE_OF_OPT(X509_CRL_INFO, extensions, X509_EXTENSION, 0)
 } ASN1_SEQUENCE_END_enc(X509_CRL_INFO, X509_CRL_INFO)
 
-ASN1_SEQUENCE_ref(X509_CRL, 0, CRYPTO_LOCK_X509_CRL) = {
+/* Set CRL entry issuer according to CRL certificate issuer extension.
+ * Check for unhandled critical CRL entry extensions.
+ */
+
+static int crl_set_issuers(X509_CRL *crl)
+	{
+
+	int i, j;
+	GENERAL_NAMES *gens, *gtmp;
+	STACK_OF(X509_REVOKED) *revoked;
+
+	revoked = X509_CRL_get_REVOKED(crl);
+
+	gens = NULL;
+	for (i = 0; i < sk_X509_REVOKED_num(revoked); i++)
+		{
+		X509_REVOKED *rev = sk_X509_REVOKED_value(revoked, i);
+		STACK_OF(X509_EXTENSION) *exts;
+		ASN1_ENUMERATED *reason;
+		X509_EXTENSION *ext;
+		gtmp = X509_REVOKED_get_ext_d2i(rev, 
+						NID_certificate_issuer,
+						&j, NULL);
+		if (!gtmp && (j != -1))
+			{
+			crl->flags |= EXFLAG_INVALID;
+			return 1;
+			}
+
+		if (gtmp)
+			{
+			gens = gtmp;
+			if (!crl->issuers)
+				{
+				crl->issuers = sk_GENERAL_NAMES_new_null();
+				if (!crl->issuers)
+					return 0;
+				}
+			if (!sk_GENERAL_NAMES_push(crl->issuers, gtmp))
+				return 0;
+			}
+		rev->issuer = gens;
+
+		reason = X509_REVOKED_get_ext_d2i(rev, NID_crl_reason,
+								&j, NULL);
+		if (!reason && (j != -1))
+			{
+			crl->flags |= EXFLAG_INVALID;
+			return 1;
+			}
+
+		if (reason)
+			{
+			rev->reason = ASN1_ENUMERATED_get(reason);
+			ASN1_ENUMERATED_free(reason);
+			}
+		else
+			rev->reason = CRL_REASON_NONE;	
+
+		/* Check for critical CRL entry extensions */
+
+		exts = rev->extensions;
+
+		for (j = 0; j < sk_X509_EXTENSION_num(exts); j++)
+			{
+			ext = sk_X509_EXTENSION_value(exts, j);
+			if (ext->critical > 0)
+				{
+				if (OBJ_obj2nid(ext->object) ==
+					NID_certificate_issuer)
+					continue;
+				crl->flags |= EXFLAG_CRITICAL;
+				break;
+				}
+			}
+
+
+		}
+
+	return 1;
+
+	}
+
+/* The X509_CRL structure needs a bit of customisation. Cache some extensions
+ * and hash of the whole CRL.
+ */
+static int crl_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
+								void *exarg)
+	{
+	X509_CRL *crl = (X509_CRL *)*pval;
+	STACK_OF(X509_EXTENSION) *exts;
+	X509_EXTENSION *ext;
+	int idx;
+
+	switch(operation)
+		{
+		case ASN1_OP_NEW_POST:
+		crl->idp = NULL;
+		crl->akid = NULL;
+		crl->flags = 0;
+		crl->idp_flags = 0;
+		crl->idp_reasons = CRLDP_ALL_REASONS;
+		crl->meth = default_crl_method;
+		crl->meth_data = NULL;
+		crl->issuers = NULL;
+		crl->crl_number = NULL;
+		crl->base_crl_number = NULL;
+		break;
+
+		case ASN1_OP_D2I_POST:
+#ifndef OPENSSL_NO_SHA
+		X509_CRL_digest(crl, EVP_sha1(), crl->sha1_hash, NULL);
+#endif
+		crl->idp = X509_CRL_get_ext_d2i(crl,
+				NID_issuing_distribution_point, NULL, NULL);
+		if (crl->idp)
+			setup_idp(crl, crl->idp);
+
+		crl->akid = X509_CRL_get_ext_d2i(crl,
+				NID_authority_key_identifier, NULL, NULL);	
+
+		crl->crl_number = X509_CRL_get_ext_d2i(crl,
+				NID_crl_number, NULL, NULL);	
+
+		crl->base_crl_number = X509_CRL_get_ext_d2i(crl,
+				NID_delta_crl, NULL, NULL);	
+		/* Delta CRLs must have CRL number */
+		if (crl->base_crl_number && !crl->crl_number)
+			crl->flags |= EXFLAG_INVALID;
+
+		/* See if we have any unhandled critical CRL extensions and 
+		 * indicate this in a flag. We only currently handle IDP so
+		 * anything else critical sets the flag.
+		 *
+		 * This code accesses the X509_CRL structure directly:
+		 * applications shouldn't do this.
+		 */
+
+		exts = crl->crl->extensions;
+
+		for (idx = 0; idx < sk_X509_EXTENSION_num(exts); idx++)
+			{
+			int nid;
+			ext = sk_X509_EXTENSION_value(exts, idx);
+			nid = OBJ_obj2nid(ext->object);
+			if (nid == NID_freshest_crl)
+				crl->flags |= EXFLAG_FRESHEST;
+			if (ext->critical > 0)
+				{
+				/* We handle IDP and deltas */
+				if ((nid == NID_issuing_distribution_point)
+					|| (nid == NID_delta_crl))
+					break;;
+				crl->flags |= EXFLAG_CRITICAL;
+				break;
+				}
+			}
+
+
+		if (!crl_set_issuers(crl))
+			return 0;
+
+		if (crl->meth->crl_init)
+			{
+			if (crl->meth->crl_init(crl) == 0)
+				return 0;
+			}
+		break;
+
+		case ASN1_OP_FREE_POST:
+		if (crl->meth->crl_free)
+			{
+			if (!crl->meth->crl_free(crl))
+				return 0;
+			}
+		if (crl->akid)
+			AUTHORITY_KEYID_free(crl->akid);
+		if (crl->idp)
+			ISSUING_DIST_POINT_free(crl->idp);
+		ASN1_INTEGER_free(crl->crl_number);
+		ASN1_INTEGER_free(crl->base_crl_number);
+		sk_GENERAL_NAMES_pop_free(crl->issuers, GENERAL_NAMES_free);
+		break;
+		}
+	return 1;
+	}
+
+/* Convert IDP into a more convenient form */
+
+static void setup_idp(X509_CRL *crl, ISSUING_DIST_POINT *idp)
+	{
+	int idp_only = 0;
+	/* Set various flags according to IDP */
+	crl->idp_flags |= IDP_PRESENT;
+	if (idp->onlyuser > 0)
+		{
+		idp_only++;
+		crl->idp_flags |= IDP_ONLYUSER;
+		}
+	if (idp->onlyCA > 0)
+		{
+		idp_only++;
+		crl->idp_flags |= IDP_ONLYCA;
+		}
+	if (idp->onlyattr > 0)
+		{
+		idp_only++;
+		crl->idp_flags |= IDP_ONLYATTR;
+		}
+
+	if (idp_only > 1)
+		crl->idp_flags |= IDP_INVALID;
+
+	if (idp->indirectCRL > 0)
+		crl->idp_flags |= IDP_INDIRECT;
+
+	if (idp->onlysomereasons)
+		{
+		crl->idp_flags |= IDP_REASONS;
+		if (idp->onlysomereasons->length > 0)
+			crl->idp_reasons = idp->onlysomereasons->data[0];
+		if (idp->onlysomereasons->length > 1)
+			crl->idp_reasons |=
+				(idp->onlysomereasons->data[1] << 8);
+		crl->idp_reasons &= CRLDP_ALL_REASONS;
+		}
+
+	DIST_POINT_set_dpname(idp->distpoint, X509_CRL_get_issuer(crl));
+	}
+
+ASN1_SEQUENCE_ref(X509_CRL, crl_cb, CRYPTO_LOCK_X509_CRL) = {
 	ASN1_SIMPLE(X509_CRL, crl, X509_CRL_INFO),
 	ASN1_SIMPLE(X509_CRL, sig_alg, X509_ALGOR),
 	ASN1_SIMPLE(X509_CRL, signature, ASN1_BIT_STRING)
@@ -134,6 +382,145 @@ int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev)
 	return 1;
 }
 
+int X509_CRL_verify(X509_CRL *crl, EVP_PKEY *r)
+	{
+	if (crl->meth->crl_verify)
+		return crl->meth->crl_verify(crl, r);
+	return 0;
+	}
+
+int X509_CRL_get0_by_serial(X509_CRL *crl,
+		X509_REVOKED **ret, ASN1_INTEGER *serial)
+	{
+	if (crl->meth->crl_lookup)
+		return crl->meth->crl_lookup(crl, ret, serial, NULL);
+	return 0;
+	}
+
+int X509_CRL_get0_by_cert(X509_CRL *crl, X509_REVOKED **ret, X509 *x)
+	{
+	if (crl->meth->crl_lookup)
+		return crl->meth->crl_lookup(crl, ret,
+						X509_get_serialNumber(x),
+						X509_get_issuer_name(x));
+	return 0;
+	}
+
+static int def_crl_verify(X509_CRL *crl, EVP_PKEY *r)
+	{
+	return(ASN1_item_verify(ASN1_ITEM_rptr(X509_CRL_INFO),
+		crl->sig_alg, crl->signature,crl->crl,r));
+	}
+
+static int crl_revoked_issuer_match(X509_CRL *crl, X509_NAME *nm,
+						X509_REVOKED *rev)
+	{
+	int i;
+
+	if (!rev->issuer)
+		{
+		if (!nm)
+			return 1;
+		if (!X509_NAME_cmp(nm, X509_CRL_get_issuer(crl)))
+			return 1;
+		return 0;
+		}
+
+	if (!nm)
+		nm = X509_CRL_get_issuer(crl);
+
+	for (i = 0; i < sk_GENERAL_NAME_num(rev->issuer); i++)
+		{
+		GENERAL_NAME *gen = sk_GENERAL_NAME_value(rev->issuer, i);
+		if (gen->type != GEN_DIRNAME)
+			continue;
+		if (!X509_NAME_cmp(nm, gen->d.directoryName))
+			return 1;
+		}
+	return 0;
+
+	}
+
+static int def_crl_lookup(X509_CRL *crl,
+		X509_REVOKED **ret, ASN1_INTEGER *serial, X509_NAME *issuer)
+	{
+	X509_REVOKED rtmp, *rev;
+	int idx;
+	rtmp.serialNumber = serial;
+	/* Sort revoked into serial number order if not already sorted.
+	 * Do this under a lock to avoid race condition.
+ 	 */
+	if (!sk_X509_REVOKED_is_sorted(crl->crl->revoked))
+		{
+		CRYPTO_w_lock(CRYPTO_LOCK_X509_CRL);
+		sk_X509_REVOKED_sort(crl->crl->revoked);
+		CRYPTO_w_unlock(CRYPTO_LOCK_X509_CRL);
+		}
+	idx = sk_X509_REVOKED_find(crl->crl->revoked, &rtmp);
+	if(idx < 0)
+		return 0;
+	/* Need to look for matching name */
+	for(;idx < sk_X509_REVOKED_num(crl->crl->revoked); idx++)
+		{
+		rev = sk_X509_REVOKED_value(crl->crl->revoked, idx);
+		if (ASN1_INTEGER_cmp(rev->serialNumber, serial))
+			return 0;
+		if (crl_revoked_issuer_match(crl, issuer, rev))
+			{
+			if (ret)
+				*ret = rev;
+			if (rev->reason == CRL_REASON_REMOVE_FROM_CRL)
+				return 2;
+			return 1;
+			}
+		}
+	return 0;
+	}
+
+void X509_CRL_set_default_method(const X509_CRL_METHOD *meth)
+	{
+	if (meth == NULL)
+		default_crl_method = &int_crl_meth;
+	else 
+		default_crl_method = meth;
+	}
+
+X509_CRL_METHOD *X509_CRL_METHOD_new(
+	int (*crl_init)(X509_CRL *crl),
+	int (*crl_free)(X509_CRL *crl),
+	int (*crl_lookup)(X509_CRL *crl, X509_REVOKED **ret,
+				ASN1_INTEGER *ser, X509_NAME *issuer),
+	int (*crl_verify)(X509_CRL *crl, EVP_PKEY *pk))
+	{
+	X509_CRL_METHOD *m;
+	m = OPENSSL_malloc(sizeof(X509_CRL_METHOD));
+	if (!m)
+		return NULL;
+	m->crl_init = crl_init;
+	m->crl_free = crl_free;
+	m->crl_lookup = crl_lookup;
+	m->crl_verify = crl_verify;
+	m->flags = X509_CRL_METHOD_DYNAMIC;
+	return m;
+	}
+
+void X509_CRL_METHOD_free(X509_CRL_METHOD *m)
+	{
+	if (!(m->flags & X509_CRL_METHOD_DYNAMIC))
+		return;
+	OPENSSL_free(m);
+	}
+
+void X509_CRL_set_meth_data(X509_CRL *crl, void *dat)
+	{
+	crl->meth_data = dat;
+	}
+
+void *X509_CRL_get_meth_data(X509_CRL *crl)
+	{
+	return crl->meth_data;
+	}
+
 IMPLEMENT_STACK_OF(X509_REVOKED)
 IMPLEMENT_ASN1_SET_OF(X509_REVOKED)
 IMPLEMENT_STACK_OF(X509_CRL)
diff --git a/crypto/asn1/x_exten.c b/crypto/asn1/x_exten.c
index 702421b6c8..3a21239926 100644
--- a/crypto/asn1/x_exten.c
+++ b/crypto/asn1/x_exten.c
@@ -1,5 +1,5 @@
 /* x_exten.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2000.
  */
 /* ====================================================================
@@ -67,5 +67,10 @@ ASN1_SEQUENCE(X509_EXTENSION) = {
 	ASN1_SIMPLE(X509_EXTENSION, value, ASN1_OCTET_STRING)
 } ASN1_SEQUENCE_END(X509_EXTENSION)
 
+ASN1_ITEM_TEMPLATE(X509_EXTENSIONS) = 
+	ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, Extension, X509_EXTENSION)
+ASN1_ITEM_TEMPLATE_END(X509_EXTENSIONS)
+
 IMPLEMENT_ASN1_FUNCTIONS(X509_EXTENSION)
+IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(X509_EXTENSIONS, X509_EXTENSIONS, X509_EXTENSIONS)
 IMPLEMENT_ASN1_DUP_FUNCTION(X509_EXTENSION)
diff --git a/crypto/asn1/x_long.c b/crypto/asn1/x_long.c
index 0db233cb95..75317418e1 100644
--- a/crypto/asn1/x_long.c
+++ b/crypto/asn1/x_long.c
@@ -1,5 +1,5 @@
 /* x_long.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2000.
  */
 /* ====================================================================
@@ -71,6 +71,7 @@ static void long_free(ASN1_VALUE **pval, const ASN1_ITEM *it);
 
 static int long_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it);
 static int long_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it);
+static int long_print(BIO *out, ASN1_VALUE **pval, const ASN1_ITEM *it, int indent, const ASN1_PCTX *pctx);
 
 static ASN1_PRIMITIVE_FUNCS long_pf = {
 	NULL, 0,
@@ -78,7 +79,8 @@ static ASN1_PRIMITIVE_FUNCS long_pf = {
 	long_free,
 	long_free,	/* Clear should set to initial value */
 	long_c2i,
-	long_i2c
+	long_i2c,
+	long_print
 };
 
 ASN1_ITEM_start(LONG)
@@ -169,3 +171,9 @@ static int long_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
 	memcpy(cp, &ltmp, sizeof(long));
 	return 1;
 }
+
+static int long_print(BIO *out, ASN1_VALUE **pval, const ASN1_ITEM *it,
+			int indent, const ASN1_PCTX *pctx)
+	{
+	return BIO_printf(out, "%ld\n", *(long *)pval);
+	}
diff --git a/crypto/asn1/x_name.c b/crypto/asn1/x_name.c
index b4f12a6571..caa4409feb 100644
--- a/crypto/asn1/x_name.c
+++ b/crypto/asn1/x_name.c
@@ -57,18 +57,36 @@
  */
 
 #include <stdio.h>
+#include <ctype.h>
 #include "cryptlib.h"
 #include <openssl/asn1t.h>
 #include <openssl/x509.h>
+#include "asn1_locl.h"
 
-static int x509_name_ex_d2i(ASN1_VALUE **val, const unsigned char **in, long len, const ASN1_ITEM *it,
-					int tag, int aclass, char opt, ASN1_TLC *ctx);
+typedef STACK_OF(X509_NAME_ENTRY) STACK_OF_X509_NAME_ENTRY;
+DECLARE_STACK_OF(STACK_OF_X509_NAME_ENTRY)
 
-static int x509_name_ex_i2d(ASN1_VALUE **val, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass);
+static int x509_name_ex_d2i(ASN1_VALUE **val,
+				const unsigned char **in, long len,
+				const ASN1_ITEM *it,
+				int tag, int aclass, char opt, ASN1_TLC *ctx);
+
+static int x509_name_ex_i2d(ASN1_VALUE **val, unsigned char **out,
+				const ASN1_ITEM *it, int tag, int aclass);
 static int x509_name_ex_new(ASN1_VALUE **val, const ASN1_ITEM *it);
 static void x509_name_ex_free(ASN1_VALUE **val, const ASN1_ITEM *it);
 
 static int x509_name_encode(X509_NAME *a);
+static int x509_name_canon(X509_NAME *a);
+static int asn1_string_canon(ASN1_STRING *out, ASN1_STRING *in);
+static int i2d_name_canon(STACK_OF(STACK_OF_X509_NAME_ENTRY) *intname,
+			  unsigned char **in);
+
+
+static int x509_name_ex_print(BIO *out, ASN1_VALUE **pval,
+						int indent,
+						const char *fname, 
+						const ASN1_PCTX *pctx);
 
 ASN1_SEQUENCE(X509_NAME_ENTRY) = {
 	ASN1_SIMPLE(X509_NAME_ENTRY, object, ASN1_OBJECT),
@@ -102,7 +120,8 @@ const ASN1_EXTERN_FUNCS x509_name_ff = {
 	x509_name_ex_free,
 	0,	/* Default clear behaviour is OK */
 	x509_name_ex_d2i,
-	x509_name_ex_i2d
+	x509_name_ex_i2d,
+	x509_name_ex_print
 };
 
 IMPLEMENT_EXTERN_ASN1(X509_NAME, V_ASN1_SEQUENCE, x509_name_ff) 
@@ -118,12 +137,14 @@ static int x509_name_ex_new(ASN1_VALUE **val, const ASN1_ITEM *it)
 	if ((ret->entries=sk_X509_NAME_ENTRY_new_null()) == NULL)
 		goto memerr;
 	if((ret->bytes = BUF_MEM_new()) == NULL) goto memerr;
+	ret->canon_enc = NULL;
+	ret->canon_enclen = 0;
 	ret->modified=1;
 	*val = (ASN1_VALUE *)ret;
 	return 1;
 
  memerr:
-	ASN1err(ASN1_F_X509_NAME_NEW, ERR_R_MALLOC_FAILURE);
+	ASN1err(ASN1_F_X509_NAME_EX_NEW, ERR_R_MALLOC_FAILURE);
 	if (ret)
 		{
 		if (ret->entries)
@@ -142,62 +163,59 @@ static void x509_name_ex_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
 
 	BUF_MEM_free(a->bytes);
 	sk_X509_NAME_ENTRY_pop_free(a->entries,X509_NAME_ENTRY_free);
+	if (a->canon_enc)
+		OPENSSL_free(a->canon_enc);
 	OPENSSL_free(a);
 	*pval = NULL;
 }
 
-/* Used with sk_pop_free() to free up the internal representation.
- * NB: we only free the STACK and not its contents because it is
- * already present in the X509_NAME structure.
- */
-
-static void sk_internal_free(void *a)
-{
-	sk_free(a);
-}
-
-static int x509_name_ex_d2i(ASN1_VALUE **val, const unsigned char **in, long len, const ASN1_ITEM *it,
-					int tag, int aclass, char opt, ASN1_TLC *ctx)
+static int x509_name_ex_d2i(ASN1_VALUE **val,
+			const unsigned char **in, long len, const ASN1_ITEM *it,
+				int tag, int aclass, char opt, ASN1_TLC *ctx)
 {
 	const unsigned char *p = *in, *q;
-	STACK *intname = NULL, **intname_pp = &intname;
+	union { STACK_OF(STACK_OF_X509_NAME_ENTRY) *s;
+		ASN1_VALUE *a; } intname = {NULL};
+	union { X509_NAME *x; ASN1_VALUE *a; } nm = {NULL};
 	int i, j, ret;
-	X509_NAME *nm = NULL, **nm_pp = &nm;
 	STACK_OF(X509_NAME_ENTRY) *entries;
 	X509_NAME_ENTRY *entry;
 	q = p;
 
 	/* Get internal representation of Name */
-	ret = ASN1_item_ex_d2i((ASN1_VALUE **)intname_pp,
+	ret = ASN1_item_ex_d2i(&intname.a,
 			       &p, len, ASN1_ITEM_rptr(X509_NAME_INTERNAL),
 			       tag, aclass, opt, ctx);
 	
 	if(ret <= 0) return ret;
 
 	if(*val) x509_name_ex_free(val, NULL);
-	if(!x509_name_ex_new((ASN1_VALUE **)nm_pp, NULL)) goto err;
+	if(!x509_name_ex_new(&nm.a, NULL)) goto err;
 	/* We've decoded it: now cache encoding */
-	if(!BUF_MEM_grow(nm->bytes, p - q)) goto err;
-	memcpy(nm->bytes->data, q, p - q);
+	if(!BUF_MEM_grow(nm.x->bytes, p - q)) goto err;
+	memcpy(nm.x->bytes->data, q, p - q);
 
 	/* Convert internal representation to X509_NAME structure */
-	for(i = 0; i < sk_num(intname); i++) {
-		entries = (STACK_OF(X509_NAME_ENTRY) *)sk_value(intname, i);
+	for(i = 0; i < sk_STACK_OF_X509_NAME_ENTRY_num(intname.s); i++) {
+		entries = sk_STACK_OF_X509_NAME_ENTRY_value(intname.s, i);
 		for(j = 0; j < sk_X509_NAME_ENTRY_num(entries); j++) {
 			entry = sk_X509_NAME_ENTRY_value(entries, j);
 			entry->set = i;
-			if(!sk_X509_NAME_ENTRY_push(nm->entries, entry))
+			if(!sk_X509_NAME_ENTRY_push(nm.x->entries, entry))
 				goto err;
 		}
 		sk_X509_NAME_ENTRY_free(entries);
 	}
-	sk_free(intname);
-	nm->modified = 0;
-	*val = (ASN1_VALUE *)nm;
+	sk_STACK_OF_X509_NAME_ENTRY_free(intname.s);
+	ret = x509_name_canon(nm.x);
+	if (!ret)
+		goto err;
+	nm.x->modified = 0;
+	*val = nm.a;
 	*in = p;
 	return ret;
 	err:
-	ASN1err(ASN1_F_D2I_X509_NAME, ERR_R_NESTED_ASN1_ERROR);
+	ASN1err(ASN1_F_X509_NAME_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
 	return 0;
 }
 
@@ -206,8 +224,12 @@ static int x509_name_ex_i2d(ASN1_VALUE **val, unsigned char **out, const ASN1_IT
 	int ret;
 	X509_NAME *a = (X509_NAME *)*val;
 	if(a->modified) {
-		ret = x509_name_encode((X509_NAME *)a);
-		if(ret < 0) return ret;
+		ret = x509_name_encode(a);
+		if(ret < 0)
+			return ret;
+		ret = x509_name_canon(a);
+		if(ret < 0)
+			return ret;
 	}
 	ret = a->bytes->length;
 	if(out != NULL) {
@@ -217,41 +239,261 @@ static int x509_name_ex_i2d(ASN1_VALUE **val, unsigned char **out, const ASN1_IT
 	return ret;
 }
 
+static void local_sk_X509_NAME_ENTRY_free(STACK_OF(X509_NAME_ENTRY) *ne)
+	{
+	sk_X509_NAME_ENTRY_free(ne);
+	}
+
+static void local_sk_X509_NAME_ENTRY_pop_free(STACK_OF(X509_NAME_ENTRY) *ne)
+	{
+	sk_X509_NAME_ENTRY_pop_free(ne, X509_NAME_ENTRY_free);
+	}
+
 static int x509_name_encode(X509_NAME *a)
 {
-	STACK *intname = NULL, **intname_pp = &intname;
+	union { STACK_OF(STACK_OF_X509_NAME_ENTRY) *s;
+		ASN1_VALUE *a; } intname = {NULL};
 	int len;
 	unsigned char *p;
 	STACK_OF(X509_NAME_ENTRY) *entries = NULL;
 	X509_NAME_ENTRY *entry;
 	int i, set = -1;
-	intname = sk_new_null();
-	if(!intname) goto memerr;
+	intname.s = sk_STACK_OF_X509_NAME_ENTRY_new_null();
+	if(!intname.s) goto memerr;
 	for(i = 0; i < sk_X509_NAME_ENTRY_num(a->entries); i++) {
 		entry = sk_X509_NAME_ENTRY_value(a->entries, i);
 		if(entry->set != set) {
 			entries = sk_X509_NAME_ENTRY_new_null();
 			if(!entries) goto memerr;
-			if(!sk_push(intname, (char *)entries)) goto memerr;
+			if(!sk_STACK_OF_X509_NAME_ENTRY_push(intname.s,
+							     entries))
+				goto memerr;
 			set = entry->set;
 		}
 		if(!sk_X509_NAME_ENTRY_push(entries, entry)) goto memerr;
 	}
-	len = ASN1_item_ex_i2d((ASN1_VALUE **)intname_pp, NULL,
+	len = ASN1_item_ex_i2d(&intname.a, NULL,
 			       ASN1_ITEM_rptr(X509_NAME_INTERNAL), -1, -1);
 	if (!BUF_MEM_grow(a->bytes,len)) goto memerr;
 	p=(unsigned char *)a->bytes->data;
-	ASN1_item_ex_i2d((ASN1_VALUE **)intname_pp,
+	ASN1_item_ex_i2d(&intname.a,
 			 &p, ASN1_ITEM_rptr(X509_NAME_INTERNAL), -1, -1);
-	sk_pop_free(intname, sk_internal_free);
+	sk_STACK_OF_X509_NAME_ENTRY_pop_free(intname.s,
+					     local_sk_X509_NAME_ENTRY_free);
 	a->modified = 0;
 	return len;
-	memerr:
-	sk_pop_free(intname, sk_internal_free);
-	ASN1err(ASN1_F_D2I_X509_NAME, ERR_R_MALLOC_FAILURE);
+memerr:
+	sk_STACK_OF_X509_NAME_ENTRY_pop_free(intname.s,
+					     local_sk_X509_NAME_ENTRY_free);
+	ASN1err(ASN1_F_X509_NAME_ENCODE, ERR_R_MALLOC_FAILURE);
 	return -1;
 }
 
+static int x509_name_ex_print(BIO *out, ASN1_VALUE **pval,
+						int indent,
+						const char *fname, 
+						const ASN1_PCTX *pctx)
+	{
+	if (X509_NAME_print_ex(out, (X509_NAME *)*pval,
+					indent, pctx->nm_flags) <= 0)
+		return 0;
+	return 2;
+	}
+
+/* This function generates the canonical encoding of the Name structure.
+ * In it all strings are converted to UTF8, leading, trailing and
+ * multiple spaces collapsed, converted to lower case and the leading
+ * SEQUENCE header removed.
+ *
+ * In future we could also normalize the UTF8 too.
+ *
+ * By doing this comparison of Name structures can be rapidly
+ * perfomed by just using memcmp() of the canonical encoding.
+ * By omitting the leading SEQUENCE name constraints of type
+ * dirName can also be checked with a simple memcmp().
+ */
+
+static int x509_name_canon(X509_NAME *a)
+	{
+	unsigned char *p;
+	STACK_OF(STACK_OF_X509_NAME_ENTRY) *intname = NULL;
+	STACK_OF(X509_NAME_ENTRY) *entries = NULL;
+	X509_NAME_ENTRY *entry, *tmpentry = NULL;
+	int i, set = -1, ret = 0;
+
+	if (a->canon_enc)
+		{
+		OPENSSL_free(a->canon_enc);
+		a->canon_enc = NULL;
+		}
+	/* Special case: empty X509_NAME => null encoding */
+	if (sk_X509_NAME_ENTRY_num(a->entries) == 0)
+		{
+		a->canon_enclen = 0;
+		return 1;
+		}
+	intname = sk_STACK_OF_X509_NAME_ENTRY_new_null();
+	if(!intname)
+		goto err;
+	for(i = 0; i < sk_X509_NAME_ENTRY_num(a->entries); i++)
+		{
+		entry = sk_X509_NAME_ENTRY_value(a->entries, i);
+		if(entry->set != set)
+			{
+			entries = sk_X509_NAME_ENTRY_new_null();
+			if(!entries)
+				goto err;
+			if(!sk_STACK_OF_X509_NAME_ENTRY_push(intname, entries))
+				goto err;
+			set = entry->set;
+			}
+		tmpentry = X509_NAME_ENTRY_new();
+		tmpentry->object = OBJ_dup(entry->object);
+		if (!asn1_string_canon(tmpentry->value, entry->value))
+			goto err;
+		if(!sk_X509_NAME_ENTRY_push(entries, tmpentry))
+			goto err;
+		tmpentry = NULL;
+		}
+
+	/* Finally generate encoding */
+
+	a->canon_enclen = i2d_name_canon(intname, NULL);
+
+	p = OPENSSL_malloc(a->canon_enclen);
+
+	if (!p)
+		goto err;
+
+	a->canon_enc = p;
+
+	i2d_name_canon(intname, &p);
+
+	ret = 1;
+
+	err:
+
+	if (tmpentry)
+		X509_NAME_ENTRY_free(tmpentry);
+	if (intname)
+		sk_STACK_OF_X509_NAME_ENTRY_pop_free(intname,
+					local_sk_X509_NAME_ENTRY_pop_free);
+	return ret;
+	}
+
+/* Bitmap of all the types of string that will be canonicalized. */
+
+#define ASN1_MASK_CANON	\
+	(B_ASN1_UTF8STRING | B_ASN1_BMPSTRING | B_ASN1_UNIVERSALSTRING \
+	| B_ASN1_PRINTABLESTRING | B_ASN1_T61STRING | B_ASN1_IA5STRING \
+	| B_ASN1_VISIBLESTRING)
+	
+
+static int asn1_string_canon(ASN1_STRING *out, ASN1_STRING *in)
+	{
+	unsigned char *to, *from;
+	int len, i;
+
+	/* If type not in bitmask just copy string across */
+	if (!(ASN1_tag2bit(in->type) & ASN1_MASK_CANON))
+		{
+		out->type = in->type;
+		if (!ASN1_STRING_set(out, in->data, in->length))
+			return 0;
+		return 1;
+		}
+
+	out->type = V_ASN1_UTF8STRING;
+	out->length = ASN1_STRING_to_UTF8(&out->data, in);
+	if (out->length == -1)
+		return 0;
+
+	to = out->data;
+	from = to;
+
+	len = out->length;
+
+	/* Convert string in place to canonical form.
+	 * Ultimately we may need to handle a wider range of characters
+	 * but for now ignore anything with MSB set and rely on the
+	 * isspace() and tolower() functions.
+	 */
+
+	/* Ignore leading spaces */
+	while((len > 0) && !(*from & 0x80) && isspace(*from))
+		{
+		from++;
+		len--;
+		}
+
+	to = from + len - 1;
+
+	/* Ignore trailing spaces */
+	while ((len > 0) && !(*to & 0x80) && isspace(*to))
+		{
+		to--;
+		len--;
+		}
+
+	to = out->data;
+
+	i = 0;
+	while(i < len)
+		{
+		/* If MSB set just copy across */
+		if (*from & 0x80)
+			{
+			*to++ = *from++;
+			i++;
+			}
+		/* Collapse multiple spaces */
+		else if (isspace(*from))
+			{
+			/* Copy one space across */
+			*to++ = ' ';
+			/* Ignore subsequent spaces. Note: don't need to
+			 * check len here because we know the last 
+			 * character is a non-space so we can't overflow.
+			 */
+			do
+				{
+				from++;
+				i++;
+				}
+			while(!(*from & 0x80) && isspace(*from));
+			}
+		else
+			{
+			*to++ = tolower(*from++);
+			i++;
+			}
+		}
+
+	out->length = to - out->data;
+
+	return 1;
+
+	}
+
+static int i2d_name_canon(STACK_OF(STACK_OF_X509_NAME_ENTRY) *_intname,
+			  unsigned char **in)
+	{
+	int i, len, ltmp;
+	ASN1_VALUE *v;
+	STACK_OF(ASN1_VALUE) *intname = (STACK_OF(ASN1_VALUE) *)_intname;
+
+	len = 0;
+	for (i = 0; i < sk_ASN1_VALUE_num(intname); i++)
+		{
+		v = sk_ASN1_VALUE_value(intname, i);
+		ltmp = ASN1_item_ex_i2d(&v, in,
+			ASN1_ITEM_rptr(X509_NAME_ENTRIES), -1, -1);
+		if (ltmp < 0)
+			return ltmp;
+		len += ltmp;
+		}
+	return len;
+	}
 
 int X509_NAME_set(X509_NAME **xn, X509_NAME *name)
 	{
diff --git a/crypto/asn1/x_nx509.c b/crypto/asn1/x_nx509.c
new file mode 100644
index 0000000000..fbd9a22db3
--- /dev/null
+++ b/crypto/asn1/x_nx509.c
@@ -0,0 +1,72 @@
+/* x_nx509.c */
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project 2005.
+ */
+/* ====================================================================
+ * Copyright (c) 2005 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stddef.h>
+#include <openssl/x509.h>
+#include <openssl/asn1.h>
+#include <openssl/asn1t.h>
+
+/* Old netscape certificate wrapper format */
+
+ASN1_SEQUENCE(NETSCAPE_X509) = {
+	ASN1_SIMPLE(NETSCAPE_X509, header, ASN1_OCTET_STRING),
+	ASN1_OPT(NETSCAPE_X509, cert, X509)
+} ASN1_SEQUENCE_END(NETSCAPE_X509)
+
+IMPLEMENT_ASN1_FUNCTIONS(NETSCAPE_X509)
+
diff --git a/crypto/asn1/x_pkey.c b/crypto/asn1/x_pkey.c
index c88cfd5932..8453618426 100644
--- a/crypto/asn1/x_pkey.c
+++ b/crypto/asn1/x_pkey.c
@@ -76,8 +76,8 @@ X509_PKEY *d2i_X509_PKEY(X509_PKEY **a, const unsigned char **pp, long length)
 
 	M_ASN1_D2I_Init();
 	M_ASN1_D2I_start_sequence();
-	M_ASN1_D2I_get(ret->enc_algor,d2i_X509_ALGOR);
-	M_ASN1_D2I_get(ret->enc_pkey,d2i_ASN1_OCTET_STRING);
+	M_ASN1_D2I_get_x(X509_ALGOR,ret->enc_algor,d2i_X509_ALGOR);
+	M_ASN1_D2I_get_x(ASN1_OCTET_STRING,ret->enc_pkey,d2i_ASN1_OCTET_STRING);
 
 	ret->cipher.cipher=EVP_get_cipherbyname(
 		OBJ_nid2ln(OBJ_obj2nid(ret->enc_algor->algorithm)));
diff --git a/crypto/asn1/x_pubkey.c b/crypto/asn1/x_pubkey.c
index 2a7f2cab15..d42b6a2c54 100644
--- a/crypto/asn1/x_pubkey.c
+++ b/crypto/asn1/x_pubkey.c
@@ -60,11 +60,17 @@
 #include "cryptlib.h"
 #include <openssl/asn1t.h>
 #include <openssl/x509.h>
+#include "asn1_locl.h"
+#ifndef OPENSSL_NO_RSA
 #include <openssl/rsa.h>
+#endif
+#ifndef OPENSSL_NO_DSA
 #include <openssl/dsa.h>
+#endif
 
 /* Minor tweak to operation: free up EVP_PKEY */
-static int pubkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
+static int pubkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
+			void *exarg)
 	{
 	if (operation == ASN1_OP_FREE_POST)
 		{
@@ -84,167 +90,42 @@ IMPLEMENT_ASN1_FUNCTIONS(X509_PUBKEY)
 int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey)
 	{
 	X509_PUBKEY *pk=NULL;
-	X509_ALGOR *a;
-	ASN1_OBJECT *o;
-	unsigned char *s,*p = NULL;
-	int i;
 
 	if (x == NULL) return(0);
 
-	if ((pk=X509_PUBKEY_new()) == NULL) goto err;
-	a=pk->algor;
-
-	/* set the algorithm id */
-	if ((o=OBJ_nid2obj(pkey->type)) == NULL) goto err;
-	ASN1_OBJECT_free(a->algorithm);
-	a->algorithm=o;
+	if ((pk=X509_PUBKEY_new()) == NULL) goto error;
 
-	/* Set the parameter list */
-	if (!pkey->save_parameters || (pkey->type == EVP_PKEY_RSA))
+	if (pkey->ameth)
 		{
-		if ((a->parameter == NULL) ||
-			(a->parameter->type != V_ASN1_NULL))
+		if (pkey->ameth->pub_encode)
 			{
-			ASN1_TYPE_free(a->parameter);
-			if (!(a->parameter=ASN1_TYPE_new()))
+			if (!pkey->ameth->pub_encode(pk, pkey))
 				{
-				X509err(X509_F_X509_PUBKEY_SET,ERR_R_MALLOC_FAILURE);
-				goto err;
+				X509err(X509_F_X509_PUBKEY_SET,
+					X509_R_PUBLIC_KEY_ENCODE_ERROR);
+				goto error;
 				}
-			a->parameter->type=V_ASN1_NULL;
-			}
-		}
-#ifndef OPENSSL_NO_DSA
-	else if (pkey->type == EVP_PKEY_DSA)
-		{
-		unsigned char *pp;
-		DSA *dsa;
-		
-		dsa=pkey->pkey.dsa;
-		dsa->write_params=0;
-		ASN1_TYPE_free(a->parameter);
-		if ((i=i2d_DSAparams(dsa,NULL)) <= 0)
-			goto err;
-		if (!(p=(unsigned char *)OPENSSL_malloc(i)))
-			{
-			X509err(X509_F_X509_PUBKEY_SET,ERR_R_MALLOC_FAILURE);
-			goto err;
 			}
-		pp=p;
-		i2d_DSAparams(dsa,&pp);
-		if (!(a->parameter=ASN1_TYPE_new()))
+		else
 			{
-			OPENSSL_free(p);
-			X509err(X509_F_X509_PUBKEY_SET,ERR_R_MALLOC_FAILURE);
-			goto err;
+			X509err(X509_F_X509_PUBKEY_SET,
+				X509_R_METHOD_NOT_SUPPORTED);
+			goto error;
 			}
-		a->parameter->type=V_ASN1_SEQUENCE;
-		if (!(a->parameter->value.sequence=ASN1_STRING_new()))
-			{
-			OPENSSL_free(p);
-			X509err(X509_F_X509_PUBKEY_SET,ERR_R_MALLOC_FAILURE);
-			goto err;
-			}
-		if (!ASN1_STRING_set(a->parameter->value.sequence,p,i))
-			{
-			OPENSSL_free(p);
-			X509err(X509_F_X509_PUBKEY_SET,ERR_R_MALLOC_FAILURE);
-			goto err;
-			}
-		OPENSSL_free(p);
 		}
-#endif
-#ifndef OPENSSL_NO_EC
-	else if (pkey->type == EVP_PKEY_EC)
-		{
-		int nid=0;
-		unsigned char *pp;
-		EC_KEY *eckey;
-		
-		eckey = pkey->pkey.eckey;
-		ASN1_TYPE_free(a->parameter);
-
-		if ((a->parameter = ASN1_TYPE_new()) == NULL)
-			{
-			X509err(X509_F_X509_PUBKEY_SET, ERR_R_ASN1_LIB);
-			goto err;
-			}
-
-		if (EC_GROUP_get_asn1_flag(eckey->group)
-                     && (nid = EC_GROUP_get_nid(eckey->group)))
-			{
-			/* just set the OID */
-			a->parameter->type = V_ASN1_OBJECT;
-			a->parameter->value.object = OBJ_nid2obj(nid);
-			}
-		else /* explicit parameters */
-			{
-			if ((i = i2d_ECParameters(eckey, NULL)) == 0)
-				{
-				X509err(X509_F_X509_PUBKEY_SET, ERR_R_EC_LIB);
-				goto err;
-				}
-			if ((p = (unsigned char *) OPENSSL_malloc(i)) == NULL)
-				{
-				X509err(X509_F_X509_PUBKEY_SET, ERR_R_MALLOC_FAILURE);
-				goto err;
-				}	
-			pp = p;
-			if (!i2d_ECParameters(eckey, &pp))
-				{
-				X509err(X509_F_X509_PUBKEY_SET, ERR_R_EC_LIB);
-				OPENSSL_free(p);
-				goto err;
-				}
-			a->parameter->type = V_ASN1_SEQUENCE;
-			if ((a->parameter->value.sequence = ASN1_STRING_new()) == NULL)
-				{
-				X509err(X509_F_X509_PUBKEY_SET, ERR_R_ASN1_LIB);
-				OPENSSL_free(p);
-				goto err;
-				}
-			ASN1_STRING_set(a->parameter->value.sequence, p, i);
-			OPENSSL_free(p);
-			}
-		}
-#endif
-	else if (1)
+	else
 		{
 		X509err(X509_F_X509_PUBKEY_SET,X509_R_UNSUPPORTED_ALGORITHM);
-		goto err;
+		goto error;
 		}
 
-	if ((i=i2d_PublicKey(pkey,NULL)) <= 0) goto err;
-	if ((s=(unsigned char *)OPENSSL_malloc(i+1)) == NULL)
-		{
-		X509err(X509_F_X509_PUBKEY_SET,ERR_R_MALLOC_FAILURE);
-		goto err;
-		}
-	p=s;
-	i2d_PublicKey(pkey,&p);
-	if (!M_ASN1_BIT_STRING_set(pk->public_key,s,i))
-		{
-		X509err(X509_F_X509_PUBKEY_SET,ERR_R_MALLOC_FAILURE);
-		goto err;
-		}
-  	/* Set number of unused bits to zero */
-	pk->public_key->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07);
-	pk->public_key->flags|=ASN1_STRING_FLAG_BITS_LEFT;
-
-	OPENSSL_free(s);
-
-#if 0
-	CRYPTO_add(&pkey->references,1,CRYPTO_LOCK_EVP_PKEY);
-	pk->pkey=pkey;
-#endif
-
 	if (*x != NULL)
 		X509_PUBKEY_free(*x);
 
 	*x=pk;
 
 	return 1;
-err:
+error:
 	if (pk != NULL) X509_PUBKEY_free(pk);
 	return 0;
 	}
@@ -252,115 +133,50 @@ err:
 EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key)
 	{
 	EVP_PKEY *ret=NULL;
-	long j;
-	int type;
-	const unsigned char *p;
-#if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_ECDSA)
-	const unsigned char *cp;
-	X509_ALGOR *a;
-#endif
 
-	if (key == NULL) goto err;
+	if (key == NULL) goto error;
 
 	if (key->pkey != NULL)
 		{
 		CRYPTO_add(&key->pkey->references, 1, CRYPTO_LOCK_EVP_PKEY);
-		return(key->pkey);
+		return key->pkey;
 		}
 
-	if (key->public_key == NULL) goto err;
+	if (key->public_key == NULL) goto error;
 
-	type=OBJ_obj2nid(key->algor->algorithm);
 	if ((ret = EVP_PKEY_new()) == NULL)
 		{
 		X509err(X509_F_X509_PUBKEY_GET, ERR_R_MALLOC_FAILURE);
-		goto err;
+		goto error;
 		}
-	ret->type = EVP_PKEY_type(type);
-
-	/* the parameters must be extracted before the public key (ECDSA!) */
-	
-#if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_ECDSA)
-	a=key->algor;
-#endif
 
-	if (0)
-		;
-#ifndef OPENSSL_NO_DSA
-	else if (ret->type == EVP_PKEY_DSA)
+	if (!EVP_PKEY_set_type(ret, OBJ_obj2nid(key->algor->algorithm)))
 		{
-		if (a->parameter && (a->parameter->type == V_ASN1_SEQUENCE))
-			{
-			if ((ret->pkey.dsa = DSA_new()) == NULL)
-				{
-				X509err(X509_F_X509_PUBKEY_GET, ERR_R_MALLOC_FAILURE);
-				goto err;
-				}
-			ret->pkey.dsa->write_params=0;
-			cp=p=a->parameter->value.sequence->data;
-			j=a->parameter->value.sequence->length;
-			if (!d2i_DSAparams(&ret->pkey.dsa, &cp, (long)j))
-				goto err;
-			}
-		ret->save_parameters=1;
+		X509err(X509_F_X509_PUBKEY_GET,X509_R_UNSUPPORTED_ALGORITHM);
+		goto error;
 		}
-#endif
-#ifndef OPENSSL_NO_EC
-	else if (ret->type == EVP_PKEY_EC)
+
+	if (ret->ameth->pub_decode)
 		{
-		if (a->parameter && (a->parameter->type == V_ASN1_SEQUENCE))
-			{
-			/* type == V_ASN1_SEQUENCE => we have explicit parameters
-                         * (e.g. parameters in the X9_62_EC_PARAMETERS-structure )
-			 */
-			if ((ret->pkey.eckey= EC_KEY_new()) == NULL)
-				{
-				X509err(X509_F_X509_PUBKEY_GET, 
-					ERR_R_MALLOC_FAILURE);
-				goto err;
-				}
-			cp = p = a->parameter->value.sequence->data;
-			j = a->parameter->value.sequence->length;
-			if (!d2i_ECParameters(&ret->pkey.eckey, &cp, (long)j))
-				{
-				X509err(X509_F_X509_PUBKEY_GET, ERR_R_EC_LIB);
-				goto err;
-				}
-			}
-		else if (a->parameter && (a->parameter->type == V_ASN1_OBJECT))
+		if (!ret->ameth->pub_decode(ret, key))
 			{
-			/* type == V_ASN1_OBJECT => the parameters are given
-			 * by an asn1 OID
-			 */
-			EC_KEY *eckey;
-			if (ret->pkey.eckey == NULL)
-				ret->pkey.eckey = EC_KEY_new();
-			eckey = ret->pkey.eckey;
-			if (eckey->group)
-				EC_GROUP_free(eckey->group);
-			if ((eckey->group = EC_GROUP_new_by_nid(
-                             OBJ_obj2nid(a->parameter->value.object))) == NULL)
-				goto err;
-			EC_GROUP_set_asn1_flag(eckey->group, 
-						OPENSSL_EC_NAMED_CURVE);
+			X509err(X509_F_X509_PUBKEY_GET,
+						X509_R_PUBLIC_KEY_DECODE_ERROR);
+			goto error;
 			}
-			/* the case implicitlyCA is currently not implemented */
-		ret->save_parameters = 1;
 		}
-#endif
-
-	p=key->public_key->data;
-        j=key->public_key->length;
-        if (!d2i_PublicKey(type, &ret, &p, (long)j))
+	else
 		{
-		X509err(X509_F_X509_PUBKEY_GET, X509_R_ERR_ASN1_LIB);
-		goto err;
+		X509err(X509_F_X509_PUBKEY_GET, X509_R_METHOD_NOT_SUPPORTED);
+		goto error;
 		}
 
 	key->pkey = ret;
 	CRYPTO_add(&ret->references, 1, CRYPTO_LOCK_EVP_PKEY);
-	return(ret);
-err:
+
+	return ret;
+
+	error:
 	if (ret != NULL)
 		EVP_PKEY_free(ret);
 	return(NULL);
@@ -519,3 +335,39 @@ int i2d_EC_PUBKEY(EC_KEY *a, unsigned char **pp)
 	return(ret);
 	}
 #endif
+
+int X509_PUBKEY_set0_param(X509_PUBKEY *pub, ASN1_OBJECT *aobj,
+					int ptype, void *pval,
+					unsigned char *penc, int penclen)
+	{
+	if (!X509_ALGOR_set0(pub->algor, aobj, ptype, pval))
+		return 0;
+	if (penc)
+		{
+		if (pub->public_key->data)
+			OPENSSL_free(pub->public_key->data);
+		pub->public_key->data = penc;
+		pub->public_key->length = penclen;
+  		/* Set number of unused bits to zero */
+		pub->public_key->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07);
+		pub->public_key->flags|=ASN1_STRING_FLAG_BITS_LEFT;
+		}
+	return 1;
+	}
+
+int X509_PUBKEY_get0_param(ASN1_OBJECT **ppkalg,
+		const unsigned char **pk, int *ppklen,
+		X509_ALGOR **pa,
+		X509_PUBKEY *pub)
+	{
+	if (ppkalg)
+		*ppkalg = pub->algor->algorithm;
+	if (pk)
+		{
+		*pk = pub->public_key->data;
+		*ppklen = pub->public_key->length;
+		}
+	if (pa)
+		*pa = pub->algor;
+	return 1;
+	}
diff --git a/crypto/asn1/x_req.c b/crypto/asn1/x_req.c
index b3f18ebc12..d57555827c 100644
--- a/crypto/asn1/x_req.c
+++ b/crypto/asn1/x_req.c
@@ -79,7 +79,8 @@
  *
  */
 
-static int rinf_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
+static int rinf_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
+							void *exarg)
 {
 	X509_REQ_INFO *rinf = (X509_REQ_INFO *)*pval;
 
@@ -102,7 +103,7 @@ ASN1_SEQUENCE_enc(X509_REQ_INFO, enc, rinf_cb) = {
 
 IMPLEMENT_ASN1_FUNCTIONS(X509_REQ_INFO)
 
-ASN1_SEQUENCE_ref(X509_REQ, 0, CRYPTO_LOCK_X509_INFO) = {
+ASN1_SEQUENCE_ref(X509_REQ, 0, CRYPTO_LOCK_X509_REQ) = {
 	ASN1_SIMPLE(X509_REQ, req_info, X509_REQ_INFO),
 	ASN1_SIMPLE(X509_REQ, sig_alg, X509_ALGOR),
 	ASN1_SIMPLE(X509_REQ, signature, ASN1_BIT_STRING)
diff --git a/crypto/asn1/x_x509.c b/crypto/asn1/x_x509.c
index eff2290c2b..dafd3cc921 100644
--- a/crypto/asn1/x_x509.c
+++ b/crypto/asn1/x_x509.c
@@ -81,7 +81,8 @@ IMPLEMENT_ASN1_FUNCTIONS(X509_CINF)
 
 extern void policy_cache_free(X509_POLICY_CACHE *cache);
 
-static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
+static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
+								void *exarg)
 {
 	X509 *ret = (X509 *)*pval;
 
@@ -94,7 +95,12 @@ static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
 		ret->ex_pathlen = -1;
 		ret->skid = NULL;
 		ret->akid = NULL;
+#ifndef OPENSSL_NO_RFC3779
+		ret->rfc3779_addr = NULL;
+		ret->rfc3779_asid = NULL;
+#endif
 		ret->aux = NULL;
+		ret->crldp = NULL;
 		CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509, ret, &ret->ex_data);
 		break;
 
@@ -108,7 +114,14 @@ static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
 		X509_CERT_AUX_free(ret->aux);
 		ASN1_OCTET_STRING_free(ret->skid);
 		AUTHORITY_KEYID_free(ret->akid);
+		CRL_DIST_POINTS_free(ret->crldp);
 		policy_cache_free(ret->policy_cache);
+		GENERAL_NAMES_free(ret->altname);
+		NAME_CONSTRAINTS_free(ret->nc);
+#ifndef OPENSSL_NO_RFC3779
+		sk_IPAddressFamily_pop_free(ret->rfc3779_addr, IPAddressFamily_free);
+		ASIdentifiers_free(ret->rfc3779_asid);
+#endif
 
 		if (ret->name != NULL) OPENSSL_free(ret->name);
 		break;
@@ -128,17 +141,6 @@ ASN1_SEQUENCE_ref(X509, x509_cb, CRYPTO_LOCK_X509) = {
 IMPLEMENT_ASN1_FUNCTIONS(X509)
 IMPLEMENT_ASN1_DUP_FUNCTION(X509)
 
-static ASN1_METHOD meth={
-	(int (*)())  i2d_X509,
-	(char *(*)())d2i_X509,
-	(char *(*)())X509_new,
-	(void (*)()) X509_free};
-
-ASN1_METHOD *X509_asn1_meth(void)
-	{
-	return(&meth);
-	}
-
 int X509_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
 	     CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
         {
diff --git a/crypto/asn1/x_x509a.c b/crypto/asn1/x_x509a.c
index 13db5fd03f..b603f82de7 100644
--- a/crypto/asn1/x_x509a.c
+++ b/crypto/asn1/x_x509a.c
@@ -1,5 +1,5 @@
 /* a_x509a.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
 /* ====================================================================
diff --git a/crypto/bf/.cvsignore b/crypto/bf/.cvsignore
index c6d03a9dbc..86da787e1b 100644
--- a/crypto/bf/.cvsignore
+++ b/crypto/bf/.cvsignore
@@ -1,2 +1,5 @@
 lib
 Makefile.save
+*.flc
+semantic.cache
+bf-*.s
diff --git a/crypto/bf/Makefile.ssl b/crypto/bf/Makefile.ssl
deleted file mode 100644
index 89894dd035..0000000000
--- a/crypto/bf/Makefile.ssl
+++ /dev/null
@@ -1,111 +0,0 @@
-#
-# SSLeay/crypto/blowfish/Makefile
-#
-
-DIR=	bf
-TOP=	../..
-CC=	cc
-CPP=	$(CC) -E
-INCLUDES=
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-BF_ENC=		bf_enc.o
-# or use
-#DES_ENC=	bx86-elf.o
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-ASFLAGS= $(INCLUDES) $(ASFLAG)
-AFLAGS= $(ASFLAGS)
-
-GENERAL=Makefile
-TEST=bftest.c
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=bf_skey.c bf_ecb.c bf_enc.c bf_cfb64.c bf_ofb64.c 
-LIBOBJ=bf_skey.o bf_ecb.o $(BF_ENC) bf_cfb64.o bf_ofb64.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= blowfish.h
-HEADER=	bf_pi.h bf_locl.h $(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-# ELF
-bx86-elf.s: asm/bf-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
-	(cd asm; $(PERL) bf-586.pl elf $(CFLAGS) $(PROCESSOR) > ../$@)
-# COFF
-bx86-cof.s: asm/bf-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
-	(cd asm; $(PERL) bf-586.pl coff $(CFLAGS) $(PROCESSOR) > ../$@)
-# a.out
-bx86-out.s: asm/bf-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
-	(cd asm; $(PERL) bf-586.pl a.out $(CFLAGS) $(PROCESSOR) > ../$@)
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@sh $(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install: installs
-
-installs:
-	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-bf_cfb64.o: ../../include/openssl/blowfish.h ../../include/openssl/e_os2.h
-bf_cfb64.o: ../../include/openssl/opensslconf.h bf_cfb64.c bf_locl.h
-bf_ecb.o: ../../include/openssl/blowfish.h ../../include/openssl/e_os2.h
-bf_ecb.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-bf_ecb.o: bf_ecb.c bf_locl.h
-bf_enc.o: ../../include/openssl/blowfish.h ../../include/openssl/e_os2.h
-bf_enc.o: ../../include/openssl/opensslconf.h bf_enc.c bf_locl.h
-bf_ofb64.o: ../../include/openssl/blowfish.h ../../include/openssl/e_os2.h
-bf_ofb64.o: ../../include/openssl/opensslconf.h bf_locl.h bf_ofb64.c
-bf_skey.o: ../../include/openssl/blowfish.h ../../include/openssl/e_os2.h
-bf_skey.o: ../../include/openssl/opensslconf.h bf_locl.h bf_pi.h bf_skey.c
diff --git a/crypto/bf/asm/.cvsignore b/crypto/bf/asm/.cvsignore
index 3e14af16d0..0a60dba701 100644
--- a/crypto/bf/asm/.cvsignore
+++ b/crypto/bf/asm/.cvsignore
@@ -1,2 +1,4 @@
 bx86unix.cpp
 bx86-elf.s
+*.flc
+semantic.cache
diff --git a/crypto/bf/asm/bf-586.pl b/crypto/bf/asm/bf-586.pl
index b556642c94..b74cfbafd4 100644
--- a/crypto/bf/asm/bf-586.pl
+++ b/crypto/bf/asm/bf-586.pl
@@ -1,6 +1,7 @@
 #!/usr/local/bin/perl
 
-push(@INC,"perlasm","../../perlasm");
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+push(@INC,"${dir}","${dir}../../perlasm");
 require "x86asm.pl";
 require "cbc.pl";
 
diff --git a/crypto/bf/bf_ecb.c b/crypto/bf/bf_ecb.c
index 341991636f..1607cefa32 100644
--- a/crypto/bf/bf_ecb.c
+++ b/crypto/bf/bf_ecb.c
@@ -65,7 +65,7 @@
  * CAMBRIDGE SECURITY WORKSHOP, CAMBRIDGE, U.K., DECEMBER 9-11, 1993)
  */
 
-const char *BF_version="Blowfish" OPENSSL_VERSION_PTEXT;
+const char BF_version[]="Blowfish" OPENSSL_VERSION_PTEXT;
 
 const char *BF_options(void)
 	{
diff --git a/crypto/bf/bf_enc.c b/crypto/bf/bf_enc.c
index b380acf959..2d21d09f42 100644
--- a/crypto/bf/bf_enc.c
+++ b/crypto/bf/bf_enc.c
@@ -73,7 +73,7 @@ void BF_encrypt(BF_LONG *data, const BF_KEY *key)
 	{
 #ifndef BF_PTR2
 	register BF_LONG l,r;
-    const register BF_LONG *p,*s;
+	register const BF_LONG *p,*s;
 
 	p=key->P;
 	s= &(key->S[0]);
@@ -150,7 +150,7 @@ void BF_decrypt(BF_LONG *data, const BF_KEY *key)
 	{
 #ifndef BF_PTR2
 	register BF_LONG l,r;
-    const register BF_LONG *p,*s;
+	register const BF_LONG *p,*s;
 
 	p=key->P;
 	s= &(key->S[0]);
diff --git a/crypto/bf/blowfish.h b/crypto/bf/blowfish.h
index cd49e85ab2..b97e76f9a3 100644
--- a/crypto/bf/blowfish.h
+++ b/crypto/bf/blowfish.h
@@ -79,7 +79,7 @@ extern "C" {
  * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
  */
 
-#if defined(OPENSSL_SYS_WIN16) || defined(__LP32__)
+#if defined(__LP32__)
 #define BF_LONG unsigned long
 #elif defined(OPENSSL_SYS_CRAY) || defined(__ILP64__)
 #define BF_LONG unsigned long
diff --git a/crypto/bio/.cvsignore b/crypto/bio/.cvsignore
index c6d03a9dbc..439e6d3eb6 100644
--- a/crypto/bio/.cvsignore
+++ b/crypto/bio/.cvsignore
@@ -1,2 +1,4 @@
 lib
 Makefile.save
+*.flc
+semantic.cache
diff --git a/crypto/bio/Makefile.ssl b/crypto/bio/Makefile.ssl
deleted file mode 100644
index 85be2ed010..0000000000
--- a/crypto/bio/Makefile.ssl
+++ /dev/null
@@ -1,217 +0,0 @@
-#
-# SSLeay/crypto/bio/Makefile
-#
-
-DIR=	bio
-TOP=	../..
-CC=	cc
-INCLUDES= -I.. -I$(TOP) -I../../include
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC= bio_lib.c bio_cb.c bio_err.c \
-	bss_mem.c bss_null.c bss_fd.c \
-	bss_file.c bss_sock.c bss_conn.c \
-	bf_null.c bf_buff.c b_print.c b_dump.c \
-	b_sock.c bss_acpt.c bf_nbio.c bss_log.c bss_bio.c
-#	bf_lbuf.c
-LIBOBJ= bio_lib.o bio_cb.o bio_err.o \
-	bss_mem.o bss_null.o bss_fd.o \
-	bss_file.o bss_sock.o bss_conn.o \
-	bf_null.o bf_buff.o b_print.o b_dump.o \
-	b_sock.o bss_acpt.o bf_nbio.o bss_log.o bss_bio.o
-#	bf_lbuf.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= bio.h
-HEADER=	bss_file.c $(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@sh $(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@headerlist="$(EXHEADER)"; for i in $$headerlist; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-b_dump.o: ../../e_os.h ../../include/openssl/bio.h
-b_dump.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-b_dump.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-b_dump.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-b_dump.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-b_dump.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-b_dump.o: ../../include/openssl/symhacks.h ../cryptlib.h b_dump.c
-b_print.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-b_print.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-b_print.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-b_print.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-b_print.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-b_print.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-b_print.o: ../../include/openssl/symhacks.h ../cryptlib.h b_print.c
-b_sock.o: ../../e_os.h ../../include/openssl/bio.h
-b_sock.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-b_sock.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-b_sock.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-b_sock.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-b_sock.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-b_sock.o: ../../include/openssl/symhacks.h ../cryptlib.h b_sock.c
-bf_buff.o: ../../e_os.h ../../include/openssl/bio.h
-bf_buff.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bf_buff.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bf_buff.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bf_buff.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bf_buff.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bf_buff.o: ../../include/openssl/symhacks.h ../cryptlib.h bf_buff.c
-bf_nbio.o: ../../e_os.h ../../include/openssl/bio.h
-bf_nbio.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bf_nbio.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bf_nbio.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bf_nbio.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bf_nbio.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
-bf_nbio.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bf_nbio.o: ../cryptlib.h bf_nbio.c
-bf_null.o: ../../e_os.h ../../include/openssl/bio.h
-bf_null.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bf_null.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bf_null.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bf_null.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bf_null.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bf_null.o: ../../include/openssl/symhacks.h ../cryptlib.h bf_null.c
-bio_cb.o: ../../e_os.h ../../include/openssl/bio.h
-bio_cb.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bio_cb.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bio_cb.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bio_cb.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bio_cb.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bio_cb.o: ../../include/openssl/symhacks.h ../cryptlib.h bio_cb.c
-bio_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
-bio_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bio_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bio_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bio_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bio_err.o: ../../include/openssl/symhacks.h bio_err.c
-bio_lib.o: ../../e_os.h ../../include/openssl/bio.h
-bio_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bio_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bio_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bio_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bio_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bio_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h bio_lib.c
-bss_acpt.o: ../../e_os.h ../../include/openssl/bio.h
-bss_acpt.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bss_acpt.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bss_acpt.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bss_acpt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bss_acpt.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bss_acpt.o: ../../include/openssl/symhacks.h ../cryptlib.h bss_acpt.c
-bss_bio.o: ../../e_os.h ../../include/openssl/bio.h
-bss_bio.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-bss_bio.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-bss_bio.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-bss_bio.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-bss_bio.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bss_bio.o: bss_bio.c
-bss_conn.o: ../../e_os.h ../../include/openssl/bio.h
-bss_conn.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bss_conn.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bss_conn.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bss_conn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bss_conn.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bss_conn.o: ../../include/openssl/symhacks.h ../cryptlib.h bss_conn.c
-bss_fd.o: ../../e_os.h ../../include/openssl/bio.h
-bss_fd.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bss_fd.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bss_fd.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bss_fd.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bss_fd.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bss_fd.o: ../../include/openssl/symhacks.h ../cryptlib.h bss_fd.c
-bss_file.o: ../../e_os.h ../../include/openssl/bio.h
-bss_file.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bss_file.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bss_file.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bss_file.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bss_file.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bss_file.o: ../../include/openssl/symhacks.h ../cryptlib.h bss_file.c
-bss_log.o: ../../e_os.h ../../include/openssl/bio.h
-bss_log.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bss_log.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bss_log.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bss_log.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bss_log.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bss_log.o: ../../include/openssl/symhacks.h ../cryptlib.h bss_log.c
-bss_mem.o: ../../e_os.h ../../include/openssl/bio.h
-bss_mem.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bss_mem.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bss_mem.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bss_mem.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bss_mem.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bss_mem.o: ../../include/openssl/symhacks.h ../cryptlib.h bss_mem.c
-bss_null.o: ../../e_os.h ../../include/openssl/bio.h
-bss_null.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bss_null.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bss_null.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bss_null.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bss_null.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bss_null.o: ../../include/openssl/symhacks.h ../cryptlib.h bss_null.c
-bss_sock.o: ../../e_os.h ../../include/openssl/bio.h
-bss_sock.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bss_sock.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bss_sock.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bss_sock.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bss_sock.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bss_sock.o: ../../include/openssl/symhacks.h ../cryptlib.h bss_sock.c
diff --git a/crypto/bio/b_dump.c b/crypto/bio/b_dump.c
index a07b79437f..c80ecc4295 100644
--- a/crypto/bio/b_dump.c
+++ b/crypto/bio/b_dump.c
@@ -62,7 +62,7 @@
 
 #include <stdio.h>
 #include "cryptlib.h"
-#include <openssl/bio.h>
+#include "bio_lcl.h"
 
 #define TRUNCATE
 #define DUMP_WIDTH	16
@@ -160,7 +160,7 @@ int BIO_dump_indent_cb(int (*cb)(const void *data, size_t len, void *u),
 #ifndef OPENSSL_NO_FP_API
 static int write_fp(const void *data, size_t len, void *fp)
 	{
-	return fwrite(data, len, 1, (FILE *)fp);
+	return UP_fwrite(data, len, 1, fp);
 	}
 int BIO_dump_fp(FILE *fp, const char *s, int len)
 	{
diff --git a/crypto/bio/b_print.c b/crypto/bio/b_print.c
index 47b04396d7..143a7cfefa 100644
--- a/crypto/bio/b_print.c
+++ b/crypto/bio/b_print.c
@@ -79,7 +79,7 @@
 #include <openssl/bn.h>         /* To get BN_LLONG properly defined */
 #include <openssl/bio.h>
 
-#ifdef BN_LLONG
+#if defined(BN_LLONG) || defined(SIXTY_FOUR_BIT)
 # ifndef HAVE_LONG_LONG
 #  define HAVE_LONG_LONG 1
 # endif
@@ -115,9 +115,9 @@
 #define LDOUBLE double
 #endif
 
-#if HAVE_LONG_LONG
-# if defined(OPENSSL_SYS_WIN32) && !defined(__GNUC__)
-# define LLONG _int64
+#ifdef HAVE_LONG_LONG
+# if defined(_WIN32) && !defined(__GNUC__)
+# define LLONG __int64
 # else
 # define LLONG long long
 # endif
@@ -482,7 +482,7 @@ fmtint(
     int flags)
 {
     int signvalue = 0;
-    char *prefix = "";
+    const char *prefix = "";
     unsigned LLONG uvalue;
     char convert[DECIMAL_SIZE(value)+3];
     int place = 0;
@@ -576,7 +576,7 @@ abs_val(LDOUBLE value)
 }
 
 static LDOUBLE
-pow10(int in_exp)
+pow_10(int in_exp)
 {
     LDOUBLE result = 1;
     while (in_exp) {
@@ -640,8 +640,8 @@ fmtfp(
 
     /* we "cheat" by converting the fractional part to integer by
        multiplying by a factor of 10 */
-    max10 = roundv(pow10(max));
-    fracpart = roundv(pow10(max) * (ufvalue - intpart));
+    max10 = roundv(pow_10(max));
+    fracpart = roundv(pow_10(max) * (ufvalue - intpart));
 
     if (fracpart >= max10) {
         intpart++;
diff --git a/crypto/bio/b_sock.c b/crypto/bio/b_sock.c
index c964e40c54..582ce2e05f 100644
--- a/crypto/bio/b_sock.c
+++ b/crypto/bio/b_sock.c
@@ -62,14 +62,19 @@
 #define USE_SOCKETS
 #include "cryptlib.h"
 #include <openssl/bio.h>
+#if defined(OPENSSL_SYS_NETWARE) && defined(NETWARE_BSDSOCK)
+#include <netdb.h>
+#if defined(NETWARE_CLIB)
+#include <sys/ioctl.h>
+NETDB_DEFINE_CONTEXT
+#endif
+#endif
 
 #ifndef OPENSSL_NO_SOCK
 
-#ifdef OPENSSL_SYS_WIN16
-#define SOCKET_PROTOCOL 0 /* more microsoft stupidity */
-#else
+#include <openssl/dso.h>
+
 #define SOCKET_PROTOCOL IPPROTO_TCP
-#endif
 
 #ifdef SO_MAXCONN
 #define MAX_LISTEN  SO_MAXCONN
@@ -79,10 +84,21 @@
 #define MAX_LISTEN  32
 #endif
 
-#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_NETWARE)
+#if defined(OPENSSL_SYS_WINDOWS) || (defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK))
 static int wsa_init_done=0;
 #endif
 
+/*
+ * WSAAPI specifier is required to make indirect calls to run-time
+ * linked WinSock 2 functions used in this module, to be specific
+ * [get|free]addrinfo and getnameinfo. This is because WinSock uses
+ * uses non-C calling convention, __stdcall vs. __cdecl, on x86
+ * Windows. On non-WinSock platforms WSAAPI needs to be void.
+ */
+#ifndef WSAAPI
+#define WSAAPI
+#endif
+
 #if 0
 static unsigned long BIO_ghbn_hits=0L;
 static unsigned long BIO_ghbn_miss=0L;
@@ -203,11 +219,11 @@ int BIO_get_port(const char *str, unsigned short *port_ptr)
 		/* Note: under VMS with SOCKETSHR, it seems like the first
 		 * parameter is 'char *', instead of 'const char *'
 		 */
- 		s=getservbyname(
 #ifndef CONST_STRICT
-		    (char *)
+		s=getservbyname((char *)str,"tcp");
+#else
+		s=getservbyname(str,"tcp");
 #endif
-		    str,"tcp");
 		if(s != NULL)
 			*port_ptr=ntohs((unsigned short)s->s_port);
 		CRYPTO_w_unlock(CRYPTO_LOCK_GETSERVBYNAME);
@@ -247,6 +263,10 @@ int BIO_sock_error(int sock)
 	int j,i;
 	int size;
 		 
+#if defined(OPENSSL_SYS_BEOS_R5)
+	return 0;
+#endif
+		 
 	size=sizeof(int);
 	/* Note: under Windows the third parameter is of type (char *)
 	 * whereas under other systems it is (void *) if you don't have
@@ -385,7 +405,11 @@ struct hostent *BIO_gethostbyname(const char *name)
 #if 1
 	/* Caching gethostbyname() results forever is wrong,
 	 * so we have to let the true gethostbyname() worry about this */
+#if (defined(NETWARE_BSDSOCK) && !defined(__NOVELL_LIBC__))
+	return gethostbyname((char*)name);
+#else
 	return gethostbyname(name);
+#endif
 #else
 	struct hostent *ret;
 	int i,lowi=0,j;
@@ -425,11 +449,11 @@ struct hostent *BIO_gethostbyname(const char *name)
 		/* Note: under VMS with SOCKETSHR, it seems like the first
 		 * parameter is 'char *', instead of 'const char *'
 		 */
-		ret=gethostbyname(
 #  ifndef CONST_STRICT
-		    (char *)
+		ret=gethostbyname((char *)name);
+#  else
+		ret=gethostbyname(name);
 #  endif
-		    name);
 
 		if (ret == NULL)
 			goto end;
@@ -481,12 +505,14 @@ int BIO_sock_init(void)
 		{
 		int err;
 	  
-#ifdef SIGINT
-		signal(SIGINT,(void (*)(int))BIO_sock_cleanup);
-#endif
 		wsa_init_done=1;
 		memset(&wsa_state,0,sizeof(wsa_state));
-		if (WSAStartup(0x0101,&wsa_state)!=0)
+		/* Not making wsa_state available to the rest of the
+		 * code is formally wrong. But the structures we use
+		 * are [beleived to be] invariable among Winsock DLLs,
+		 * while API availability is [expected to be] probed
+		 * at run-time with DSO_global_lookup. */
+		if (WSAStartup(0x0202,&wsa_state)!=0)
 			{
 			err=WSAGetLastError();
 			SYSerr(SYS_F_WSASTARTUP,err);
@@ -502,18 +528,13 @@ int BIO_sock_init(void)
 		return (-1);
 #endif
 
-#if defined(OPENSSL_SYS_NETWARE)
+#if defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK)
     WORD wVerReq;
     WSADATA wsaData;
     int err;
 
     if (!wsa_init_done)
     {
-   
-# ifdef SIGINT
-        signal(SIGINT,(void (*)(int))BIO_sock_cleanup);
-# endif
-
         wsa_init_done=1;
         wVerReq = MAKEWORD( 2, 0 );
         err = WSAStartup(wVerReq,&wsaData);
@@ -535,12 +556,12 @@ void BIO_sock_cleanup(void)
 	if (wsa_init_done)
 		{
 		wsa_init_done=0;
-#ifndef OPENSSL_SYS_WINCE
+#if 0		/* this call is claimed to be non-present in Winsock2 */
 		WSACancelBlockingCall();
 #endif
 		WSACleanup();
 		}
-#elif defined(OPENSSL_SYS_NETWARE)
+#elif defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK)
    if (wsa_init_done)
         {
         wsa_init_done=0;
@@ -610,12 +631,18 @@ static int get_ip(const char *str, unsigned char ip[4])
 int BIO_get_accept_socket(char *host, int bind_mode)
 	{
 	int ret=0;
-	struct sockaddr_in server,client;
-	int s=INVALID_SOCKET,cs;
+	union {
+		struct sockaddr sa;
+		struct sockaddr_in sa_in;
+#if OPENSSL_USE_IPV6
+		struct sockaddr_in6 sa_in6;
+#endif
+	} server,client;
+	int s=INVALID_SOCKET,cs,addrlen;
 	unsigned char ip[4];
 	unsigned short port;
 	char *str=NULL,*e;
-	const char *h,*p;
+	char *h,*p;
 	unsigned long l;
 	int err_num;
 
@@ -629,8 +656,7 @@ int BIO_get_accept_socket(char *host, int bind_mode)
 		{
 		if (*e == ':')
 			{
-			p= &(e[1]);
-			*e='\0';
+			p=e;
 			}
 		else if (*e == '/')
 			{
@@ -638,21 +664,70 @@ int BIO_get_accept_socket(char *host, int bind_mode)
 			break;
 			}
 		}
-
-	if (p == NULL)
+	if (p)	*p++='\0';	/* points at last ':', '::port' is special [see below] */
+	else	p=h,h=NULL;
+
+#ifdef EAI_FAMILY
+	do {
+	static union {	void *p;
+			int (WSAAPI *f)(const char *,const char *,
+				 const struct addrinfo *,
+				 struct addrinfo **);
+			} p_getaddrinfo = {NULL};
+	static union {	void *p;
+			void (WSAAPI *f)(struct addrinfo *);
+			} p_freeaddrinfo = {NULL};
+	struct addrinfo *res,hint;
+
+	if (p_getaddrinfo.p==NULL)
+		{
+		if ((p_getaddrinfo.p=DSO_global_lookup("getaddrinfo"))==NULL ||
+		    (p_freeaddrinfo.p=DSO_global_lookup("freeaddrinfo"))==NULL)
+			p_getaddrinfo.p=(void*)-1;
+		}
+	if (p_getaddrinfo.p==(void *)-1) break;
+
+	/* '::port' enforces IPv6 wildcard listener. Some OSes,
+	 * e.g. Solaris, default to IPv6 without any hint. Also
+	 * note that commonly IPv6 wildchard socket can service
+	 * IPv4 connections just as well...  */
+	memset(&hint,0,sizeof(hint));
+	if (h)
 		{
-		p=h;
-		h="*";
+		if (strchr(h,':'))
+			{
+			if (h[1]=='\0') h=NULL;
+#if OPENSSL_USE_IPV6
+			hint.ai_family = AF_INET6;
+#else
+			h=NULL;
+#endif
+			}
+	    	else if (h[0]=='*' && h[1]=='\0')
+			h=NULL;
 		}
 
+	if ((*p_getaddrinfo.f)(h,p,&hint,&res)) break;
+
+	addrlen = res->ai_addrlen<=sizeof(server) ?
+			res->ai_addrlen :
+			sizeof(server);
+	memcpy(&server, res->ai_addr, addrlen);
+
+	(*p_freeaddrinfo.f)(res);
+	goto again;
+	} while (0);
+#endif
+
 	if (!BIO_get_port(p,&port)) goto err;
 
 	memset((char *)&server,0,sizeof(server));
-	server.sin_family=AF_INET;
-	server.sin_port=htons(port);
+	server.sa_in.sin_family=AF_INET;
+	server.sa_in.sin_port=htons(port);
+	addrlen = sizeof(server.sa_in);
 
-	if (strcmp(h,"*") == 0)
-		server.sin_addr.s_addr=INADDR_ANY;
+	if (h == NULL || strcmp(h,"*") == 0)
+		server.sa_in.sin_addr.s_addr=INADDR_ANY;
 	else
 		{
                 if (!BIO_get_host_ip(h,&(ip[0]))) goto err;
@@ -661,11 +736,11 @@ int BIO_get_accept_socket(char *host, int bind_mode)
 			((unsigned long)ip[1]<<16L)|
 			((unsigned long)ip[2]<< 8L)|
 			((unsigned long)ip[3]);
-		server.sin_addr.s_addr=htonl(l);
+		server.sa_in.sin_addr.s_addr=htonl(l);
 		}
 
 again:
-	s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
+	s=socket(server.sa.sa_family,SOCK_STREAM,SOCKET_PROTOCOL);
 	if (s == INVALID_SOCKET)
 		{
 		SYSerr(SYS_F_SOCKET,get_last_socket_error());
@@ -683,22 +758,35 @@ again:
 		bind_mode=BIO_BIND_NORMAL;
 		}
 #endif
-	if (bind(s,(struct sockaddr *)&server,sizeof(server)) == -1)
+	if (bind(s,&server.sa,addrlen) == -1)
 		{
 #ifdef SO_REUSEADDR
 		err_num=get_last_socket_error();
 		if ((bind_mode == BIO_BIND_REUSEADDR_IF_UNUSED) &&
 			(err_num == EADDRINUSE))
 			{
-			memcpy((char *)&client,(char *)&server,sizeof(server));
-			if (strcmp(h,"*") == 0)
-				client.sin_addr.s_addr=htonl(0x7F000001);
-			cs=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
+			client = server;
+			if (h == NULL || strcmp(h,"*") == 0)
+				{
+#if OPENSSL_USE_IPV6
+				if (client.sa.sa_family == AF_INET6)
+					{
+					memset(&client.sa_in6.sin6_addr,0,sizeof(client.sa_in6.sin6_addr));
+					client.sa_in6.sin6_addr.s6_addr[15]=1;
+					}
+				else
+#endif
+				if (client.sa.sa_family == AF_INET)
+					{
+					client.sa_in.sin_addr.s_addr=htonl(0x7F000001);
+					}
+				else	goto err;
+				}
+			cs=socket(client.sa.sa_family,SOCK_STREAM,SOCKET_PROTOCOL);
 			if (cs != INVALID_SOCKET)
 				{
 				int ii;
-				ii=connect(cs,(struct sockaddr *)&client,
-					sizeof(client));
+				ii=connect(cs,&client.sa,addrlen);
 				closesocket(cs);
 				if (ii == INVALID_SOCKET)
 					{
@@ -737,20 +825,52 @@ err:
 int BIO_accept(int sock, char **addr)
 	{
 	int ret=INVALID_SOCKET;
-	static struct sockaddr_in from;
 	unsigned long l;
 	unsigned short port;
-	int len;
 	char *p;
 
-	memset((char *)&from,0,sizeof(from));
-	len=sizeof(from);
-	/* Note: under VMS with SOCKETSHR the fourth parameter is currently
-	 * of type (int *) whereas under other systems it is (void *) if
-	 * you don't have a cast it will choke the compiler: if you do
-	 * have a cast then you can either go for (int *) or (void *).
+	struct {
+	/*
+	 * As for following union. Trouble is that there are platforms
+	 * that have socklen_t and there are platforms that don't, on
+	 * some platforms socklen_t is int and on some size_t. So what
+	 * one can do? One can cook #ifdef spaghetti, which is nothing
+	 * but masochistic. Or one can do union between int and size_t.
+	 * One naturally does it primarily for 64-bit platforms where
+	 * sizeof(int) != sizeof(size_t). But would it work? Note that
+	 * if size_t member is initialized to 0, then later int member
+	 * assignment naturally does the job on little-endian platforms
+	 * regardless accept's expectations! What about big-endians?
+	 * If accept expects int*, then it works, and if size_t*, then
+	 * length value would appear as unreasonably large. But this
+	 * won't prevent it from filling in the address structure. The
+	 * trouble of course would be if accept returns more data than
+	 * actual buffer can accomodate and overwrite stack... That's
+	 * where early OPENSSL_assert comes into picture. Besides, the
+	 * only 64-bit big-endian platform found so far that expects
+	 * size_t* is HP-UX, where stack grows towards higher address.
+	 * <appro>
 	 */
-	ret=accept(sock,(struct sockaddr *)&from,(void *)&len);
+	union { size_t s; int i; } len;
+	union {
+		struct sockaddr sa;
+		struct sockaddr_in sa_in;
+#if OPENSSL_USE_IPV6
+		struct sockaddr_in6 sa_in6;
+#endif
+		} from;
+	} sa;
+
+	sa.len.s=0;
+	sa.len.i=sizeof(sa.from);
+	memset(&sa.from,0,sizeof(sa.from));
+	ret=accept(sock,&sa.from.sa,(void *)&sa.len);
+	if (sizeof(sa.len.i)!=sizeof(sa.len.s) && sa.len.i==0)
+		{
+		OPENSSL_assert(sa.len.s<=sizeof(sa.from));
+		sa.len.i = (int)sa.len.s;
+		/* use sa.len.i from this point */
+		}
 	if (ret == INVALID_SOCKET)
 		{
 		if(BIO_sock_should_retry(ret)) return -2;
@@ -761,8 +881,46 @@ int BIO_accept(int sock, char **addr)
 
 	if (addr == NULL) goto end;
 
-	l=ntohl(from.sin_addr.s_addr);
-	port=ntohs(from.sin_port);
+#ifdef EAI_FAMILY
+	do {
+	char   h[NI_MAXHOST],s[NI_MAXSERV];
+	size_t nl;
+	static union {	void *p;
+			int (WSAAPI *f)(const struct sockaddr *,size_t/*socklen_t*/,
+				 char *,size_t,char *,size_t,int);
+			} p_getnameinfo = {NULL};
+			/* 2nd argument to getnameinfo is specified to
+			 * be socklen_t. Unfortunately there is a number
+			 * of environments where socklen_t is not defined.
+			 * As it's passed by value, it's safe to pass it
+			 * as size_t... <appro> */
+
+	if (p_getnameinfo.p==NULL)
+		{
+		if ((p_getnameinfo.p=DSO_global_lookup("getnameinfo"))==NULL)
+			p_getnameinfo.p=(void*)-1;
+		}
+	if (p_getnameinfo.p==(void *)-1) break;
+
+	if ((*p_getnameinfo.f)(&sa.from.sa,sa.len.i,h,sizeof(h),s,sizeof(s),
+	    NI_NUMERICHOST|NI_NUMERICSERV)) break;
+	nl = strlen(h)+strlen(s)+2;
+	p = *addr;
+	if (p)	{ *p = '\0'; p = OPENSSL_realloc(p,nl);	}
+	else	{ p = OPENSSL_malloc(nl);		}
+	if (p==NULL)
+		{
+		BIOerr(BIO_F_BIO_ACCEPT,ERR_R_MALLOC_FAILURE);
+		goto end;
+		}
+	*addr = p;
+	BIO_snprintf(*addr,nl,"%s:%s",h,s);
+	goto end;
+	} while(0);
+#endif
+	if (sa.from.sa.sa_family != AF_INET) goto end;
+	l=ntohl(sa.from.sa_in.sin_addr.s_addr);
+	port=ntohs(sa.from.sa_in.sin_port);
 	if (*addr == NULL)
 		{
 		if ((p=OPENSSL_malloc(24)) == NULL)
diff --git a/crypto/bio/bio.h b/crypto/bio/bio.h
index 70e0f4fdcb..f0d4d06692 100644
--- a/crypto/bio/bio.h
+++ b/crypto/bio/bio.h
@@ -94,6 +94,9 @@ extern "C" {
 #define BIO_TYPE_BER		(18|0x0200)		/* BER -> bin filter */
 #define BIO_TYPE_BIO		(19|0x0400)		/* (half a) BIO pair */
 #define BIO_TYPE_LINEBUFFER	(20|0x0200)		/* filter */
+#define BIO_TYPE_DGRAM		(21|0x0400|0x0100)
+#define BIO_TYPE_ASN1 		(22|0x0200)		/* filter */
+#define BIO_TYPE_COMP 		(23|0x0200)		/* filter */
 
 #define BIO_TYPE_DESCRIPTOR	0x0100	/* socket, fd, connect or accept */
 #define BIO_TYPE_FILTER		0x0200
@@ -125,6 +128,41 @@ extern "C" {
 
 #define BIO_CTRL_SET_FILENAME	30	/* BIO_s_file special */
 
+/* dgram BIO stuff */
+#define BIO_CTRL_DGRAM_CONNECT       31  /* BIO dgram special */
+#define BIO_CTRL_DGRAM_SET_CONNECTED 32  /* allow for an externally
+					  * connected socket to be
+					  * passed in */ 
+#define BIO_CTRL_DGRAM_SET_RECV_TIMEOUT 33 /* setsockopt, essentially */
+#define BIO_CTRL_DGRAM_GET_RECV_TIMEOUT 34 /* getsockopt, essentially */
+#define BIO_CTRL_DGRAM_SET_SEND_TIMEOUT 35 /* setsockopt, essentially */
+#define BIO_CTRL_DGRAM_GET_SEND_TIMEOUT 36 /* getsockopt, essentially */
+
+#define BIO_CTRL_DGRAM_GET_RECV_TIMER_EXP 37 /* flag whether the last */
+#define BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP 38 /* I/O operation tiemd out */
+					
+/* #ifdef IP_MTU_DISCOVER */
+#define BIO_CTRL_DGRAM_MTU_DISCOVER       39 /* set DF bit on egress packets */
+/* #endif */
+
+#define BIO_CTRL_DGRAM_QUERY_MTU          40 /* as kernel for current MTU */
+#define BIO_CTRL_DGRAM_GET_MTU            41 /* get cached value for MTU */
+#define BIO_CTRL_DGRAM_SET_MTU            42 /* set cached value for
+					      * MTU. want to use this
+					      * if asking the kernel
+					      * fails */
+
+#define BIO_CTRL_DGRAM_MTU_EXCEEDED       43 /* check whether the MTU
+					      * was exceed in the
+					      * previous write
+					      * operation */
+
+#define BIO_CTRL_DGRAM_GET_PEER           46
+#define BIO_CTRL_DGRAM_SET_PEER           44 /* Destination for the data */
+
+#define BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT   45 /* Next DTLS handshake timeout to
+											  * adjust socket timeouts */
+
 /* modifiers */
 #define BIO_FP_READ		0x02
 #define BIO_FP_WRITE		0x04
@@ -136,6 +174,11 @@ extern "C" {
 #define BIO_FLAGS_IO_SPECIAL	0x04
 #define BIO_FLAGS_RWS (BIO_FLAGS_READ|BIO_FLAGS_WRITE|BIO_FLAGS_IO_SPECIAL)
 #define BIO_FLAGS_SHOULD_RETRY	0x08
+#ifndef	BIO_FLAGS_UPLINK
+/* "UPLINK" flag denotes file descriptors provided by application.
+   It defaults to 0, as most platforms don't require UPLINK interface. */
+#define	BIO_FLAGS_UPLINK	0
+#endif
 
 /* Used in BIO_gethostbyname() */
 #define BIO_GHBN_CTRL_HITS		1
@@ -158,28 +201,32 @@ extern "C" {
  */
 #define BIO_FLAGS_MEM_RDONLY	0x200
 
-#define BIO_set_flags(b,f) ((b)->flags|=(f))
-#define BIO_get_flags(b) ((b)->flags)
+typedef struct bio_st BIO;
+
+void BIO_set_flags(BIO *b, int flags);
+int  BIO_test_flags(const BIO *b, int flags);
+void BIO_clear_flags(BIO *b, int flags);
+
+#define BIO_get_flags(b) BIO_test_flags(b, ~(0x0))
 #define BIO_set_retry_special(b) \
-		((b)->flags|=(BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY))
+		BIO_set_flags(b, (BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY))
 #define BIO_set_retry_read(b) \
-		((b)->flags|=(BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY))
+		BIO_set_flags(b, (BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY))
 #define BIO_set_retry_write(b) \
-		((b)->flags|=(BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY))
+		BIO_set_flags(b, (BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY))
 
 /* These are normally used internally in BIOs */
-#define BIO_clear_flags(b,f) ((b)->flags&= ~(f))
 #define BIO_clear_retry_flags(b) \
-		((b)->flags&= ~(BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY))
+		BIO_clear_flags(b, (BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY))
 #define BIO_get_retry_flags(b) \
-		((b)->flags&(BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY))
+		BIO_test_flags(b, (BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY))
 
 /* These should be used by the application to tell why we should retry */
-#define BIO_should_read(a)		((a)->flags & BIO_FLAGS_READ)
-#define BIO_should_write(a)		((a)->flags & BIO_FLAGS_WRITE)
-#define BIO_should_io_special(a)	((a)->flags & BIO_FLAGS_IO_SPECIAL)
-#define BIO_retry_type(a)		((a)->flags & BIO_FLAGS_RWS)
-#define BIO_should_retry(a)		((a)->flags & BIO_FLAGS_SHOULD_RETRY)
+#define BIO_should_read(a)		BIO_test_flags(a, BIO_FLAGS_READ)
+#define BIO_should_write(a)		BIO_test_flags(a, BIO_FLAGS_WRITE)
+#define BIO_should_io_special(a)	BIO_test_flags(a, BIO_FLAGS_IO_SPECIAL)
+#define BIO_retry_type(a)		BIO_test_flags(a, BIO_FLAGS_RWS)
+#define BIO_should_retry(a)		BIO_test_flags(a, BIO_FLAGS_SHOULD_RETRY)
 
 /* The next three are used in conjunction with the
  * BIO_should_io_special() condition.  After this returns true,
@@ -208,18 +255,17 @@ extern "C" {
 #define BIO_cb_pre(a)	(!((a)&BIO_CB_RETURN))
 #define BIO_cb_post(a)	((a)&BIO_CB_RETURN)
 
-#define BIO_set_callback(b,cb)		((b)->callback=(cb))
-#define BIO_set_callback_arg(b,arg)	((b)->cb_arg=(char *)(arg))
-#define BIO_get_callback_arg(b)		((b)->cb_arg)
-#define BIO_get_callback(b)		((b)->callback)
-#define BIO_method_name(b)		((b)->method->name)
-#define BIO_method_type(b)		((b)->method->type)
+long (*BIO_get_callback(const BIO *b)) (struct bio_st *,int,const char *,int, long,long);
+void BIO_set_callback(BIO *b, 
+	long (*callback)(struct bio_st *,int,const char *,int, long,long));
+char *BIO_get_callback_arg(const BIO *b);
+void BIO_set_callback_arg(BIO *b, char *arg);
 
-typedef struct bio_st BIO;
+const char * BIO_method_name(const BIO *b);
+int BIO_method_type(const BIO *b);
 
 typedef void bio_info_cb(struct bio_st *, int, const char *, int, long, long);
 
-#ifndef OPENSSL_SYS_WIN16
 typedef struct bio_method_st
 	{
 	int type;
@@ -233,21 +279,6 @@ typedef struct bio_method_st
 	int (*destroy)(BIO *);
         long (*callback_ctrl)(BIO *, int, bio_info_cb *);
 	} BIO_METHOD;
-#else
-typedef struct bio_method_st
-	{
-	int type;
-	const char *name;
-	int (_far *bwrite)();
-	int (_far *bread)();
-	int (_far *bputs)();
-	int (_far *bgets)();
-	long (_far *ctrl)();
-	int (_far *create)();
-	int (_far *destroy)();
-	long (_far *callback_ctrl)();
-	} BIO_METHOD;
-#endif
 
 struct bio_st
 	{
@@ -288,6 +319,9 @@ typedef struct bio_f_buffer_ctx_struct
 	int obuf_off;		/* write/read offset */
 	} BIO_F_BUFFER_CTX;
 
+/* Prefix and suffix callback in ASN1 BIO */
+typedef int asn1_ps_func(BIO *b, unsigned char **pbuf, int *plen, void *parg);
+
 /* connect BIO stuff */
 #define BIO_CONN_S_BEFORE		1
 #define BIO_CONN_S_GET_IP		2
@@ -348,7 +382,15 @@ typedef struct bio_f_buffer_ctx_struct
 #define BIO_C_NWRITE0				145
 #define BIO_C_NWRITE				146
 #define BIO_C_RESET_READ_REQUEST		147
+#define BIO_C_SET_MD_CTX			148
+
+#define BIO_C_SET_PREFIX			149
+#define BIO_C_GET_PREFIX			150
+#define BIO_C_SET_SUFFIX			151
+#define BIO_C_GET_SUFFIX			152
 
+#define BIO_C_SET_EX_ARG			153
+#define BIO_C_GET_EX_ARG			154
 
 #define BIO_set_app_data(s,arg)		BIO_set_ex_data(s,0,arg)
 #define BIO_get_app_data(s)		BIO_get_ex_data(s,0)
@@ -361,7 +403,7 @@ typedef struct bio_f_buffer_ctx_struct
 #define BIO_get_conn_hostname(b)  BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,0)
 #define BIO_get_conn_port(b)      BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,1)
 #define BIO_get_conn_ip(b) 		 BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,2)
-#define BIO_get_conn_int_port(b) BIO_int_ctrl(b,BIO_C_GET_CONNECT,3)
+#define BIO_get_conn_int_port(b) BIO_int_ctrl(b,BIO_C_GET_CONNECT,3,0)
 
 
 #define BIO_set_nbio(b,n)	BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL)
@@ -370,7 +412,7 @@ typedef struct bio_f_buffer_ctx_struct
 #define BIO_set_accept_port(b,name) BIO_ctrl(b,BIO_C_SET_ACCEPT,0,(char *)name)
 #define BIO_get_accept_port(b)	BIO_ptr_ctrl(b,BIO_C_GET_ACCEPT,0)
 /* #define BIO_set_nbio(b,n)	BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL) */
-#define BIO_set_nbio_accept(b,n) BIO_ctrl(b,BIO_C_SET_ACCEPT,1,(n)?"a":NULL)
+#define BIO_set_nbio_accept(b,n) BIO_ctrl(b,BIO_C_SET_ACCEPT,1,(n)?(void *)"a":NULL)
 #define BIO_set_accept_bios(b,bio) BIO_ctrl(b,BIO_C_SET_ACCEPT,2,(char *)bio)
 
 #define BIO_BIND_NORMAL			0
@@ -488,6 +530,20 @@ size_t BIO_ctrl_get_write_guarantee(BIO *b);
 size_t BIO_ctrl_get_read_request(BIO *b);
 int BIO_ctrl_reset_read_request(BIO *b);
 
+/* ctrl macros for dgram */
+#define BIO_ctrl_dgram_connect(b,peer)  \
+                     (int)BIO_ctrl(b,BIO_CTRL_DGRAM_CONNECT,0, (char *)peer)
+#define BIO_ctrl_set_connected(b, state, peer) \
+         (int)BIO_ctrl(b, BIO_CTRL_DGRAM_SET_CONNECTED, state, (char *)peer)
+#define BIO_dgram_recv_timedout(b) \
+         (int)BIO_ctrl(b, BIO_CTRL_DGRAM_GET_RECV_TIMER_EXP, 0, NULL)
+#define BIO_dgram_send_timedout(b) \
+         (int)BIO_ctrl(b, BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP, 0, NULL)
+#define BIO_dgram_get_peer(b,peer) \
+         (int)BIO_ctrl(b, BIO_CTRL_DGRAM_GET_PEER, 0, (char *)peer)
+#define BIO_dgram_set_peer(b,peer) \
+         (int)BIO_ctrl(b, BIO_CTRL_DGRAM_SET_PEER, 0, (char *)peer)
+
 /* These two aren't currently implemented */
 /* int BIO_get_ex_num(BIO *bio); */
 /* void BIO_set_ex_free_func(BIO *bio,int idx,void (*cb)()); */
@@ -498,22 +554,21 @@ int BIO_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
 unsigned long BIO_number_read(BIO *bio);
 unsigned long BIO_number_written(BIO *bio);
 
+/* For BIO_f_asn1() */
+int BIO_asn1_set_prefix(BIO *b, asn1_ps_func *prefix,
+					asn1_ps_func *prefix_free);
+int BIO_asn1_get_prefix(BIO *b, asn1_ps_func **pprefix,
+					asn1_ps_func **pprefix_free);
+int BIO_asn1_set_suffix(BIO *b, asn1_ps_func *suffix,
+					asn1_ps_func *suffix_free);
+int BIO_asn1_get_suffix(BIO *b, asn1_ps_func **psuffix,
+					asn1_ps_func **psuffix_free);
+
 # ifndef OPENSSL_NO_FP_API
-#  if defined(OPENSSL_SYS_WIN16) && defined(_WINDLL)
-BIO_METHOD *BIO_s_file_internal(void);
-BIO *BIO_new_file_internal(char *filename, char *mode);
-BIO *BIO_new_fp_internal(FILE *stream, int close_flag);
-#    define BIO_s_file	BIO_s_file_internal
-#    define BIO_new_file	BIO_new_file_internal
-#    define BIO_new_fp	BIO_new_fp_internal
-#  else /* FP_API */
 BIO_METHOD *BIO_s_file(void );
 BIO *BIO_new_file(const char *filename, const char *mode);
 BIO *BIO_new_fp(FILE *stream, int close_flag);
-#    define BIO_s_file_internal		BIO_s_file
-#    define BIO_new_file_internal	BIO_new_file
-#    define BIO_new_fp_internal		BIO_s_file
-#  endif /* FP_API */
+# define BIO_s_file_internal	BIO_s_file
 # endif
 BIO *	BIO_new(BIO_METHOD *type);
 int	BIO_set(BIO *a,BIO_METHOD *type);
@@ -542,13 +597,8 @@ int BIO_nread(BIO *bio, char **buf, int num);
 int BIO_nwrite0(BIO *bio, char **buf);
 int BIO_nwrite(BIO *bio, char **buf, int num);
 
-#ifndef OPENSSL_SYS_WIN16
 long BIO_debug_callback(BIO *bio,int cmd,const char *argp,int argi,
 	long argl,long ret);
-#else
-long _far _loadds BIO_debug_callback(BIO *bio,int cmd,const char *argp,int argi,
-	long argl,long ret);
-#endif
 
 BIO_METHOD *BIO_s_mem(void);
 BIO *BIO_new_mem_buf(void *buf, int len);
@@ -567,10 +617,16 @@ BIO_METHOD *BIO_f_buffer(void);
 BIO_METHOD *BIO_f_linebuffer(void);
 #endif
 BIO_METHOD *BIO_f_nbio_test(void);
+#ifndef OPENSSL_NO_DGRAM
+BIO_METHOD *BIO_s_datagram(void);
+#endif
+
 /* BIO_METHOD *BIO_f_ber(void); */
 
 int BIO_sock_should_retry(int i);
 int BIO_sock_non_fatal_error(int error);
+int BIO_dgram_non_fatal_error(int error);
+
 int BIO_fd_should_retry(int i);
 int BIO_fd_non_fatal_error(int error);
 int BIO_dump_cb(int (*cb)(const void *data, size_t len, void *u),
@@ -623,6 +679,7 @@ void BIO_sock_cleanup(void);
 int BIO_set_tcp_ndelay(int sock,int turn_on);
 
 BIO *BIO_new_socket(int sock, int close_flag);
+BIO *BIO_new_dgram(int fd, int close_flag);
 BIO *BIO_new_fd(int fd, int close_flag);
 BIO *BIO_new_connect(char *host_port);
 BIO *BIO_new_accept(char *host_port);
@@ -638,17 +695,20 @@ void BIO_copy_next_retry(BIO *b);
 
 /*long BIO_ghbn_ctrl(int cmd,int iarg,char *parg);*/
 
-#ifndef __GNUC__
-#define __attribute__(x)
+#ifdef __GNUC__
+#  define __bio_h__attr__ __attribute__
+#else
+#  define __bio_h__attr__(x)
 #endif
 int BIO_printf(BIO *bio, const char *format, ...)
-	__attribute__((__format__(__printf__,2,3)));
+	__bio_h__attr__((__format__(__printf__,2,3)));
 int BIO_vprintf(BIO *bio, const char *format, va_list args)
-	__attribute__((__format__(__printf__,2,0)));
+	__bio_h__attr__((__format__(__printf__,2,0)));
 int BIO_snprintf(char *buf, size_t n, const char *format, ...)
-	__attribute__((__format__(__printf__,3,4)));
+	__bio_h__attr__((__format__(__printf__,3,4)));
 int BIO_vsnprintf(char *buf, size_t n, const char *format, va_list args)
-	__attribute__((__format__(__printf__,3,0)));
+	__bio_h__attr__((__format__(__printf__,3,0)));
+#undef __bio_h__attr__
 
 /* BEGIN ERROR CODES */
 /* The following lines are auto generated by the script mkerr.pl. Any changes
@@ -662,6 +722,7 @@ void ERR_load_BIO_strings(void);
 #define BIO_F_ACPT_STATE				 100
 #define BIO_F_BIO_ACCEPT				 101
 #define BIO_F_BIO_BER_GET_HEADER			 102
+#define BIO_F_BIO_CALLBACK_CTRL				 131
 #define BIO_F_BIO_CTRL					 103
 #define BIO_F_BIO_GETHOSTBYNAME				 120
 #define BIO_F_BIO_GETS					 104
diff --git a/crypto/bio/bio_cb.c b/crypto/bio/bio_cb.c
index 6f4254a114..9bcbc321d9 100644
--- a/crypto/bio/bio_cb.c
+++ b/crypto/bio/bio_cb.c
@@ -85,28 +85,32 @@ long MS_CALLBACK BIO_debug_callback(BIO *bio, int cmd, const char *argp,
 		break;
 	case BIO_CB_READ:
 		if (bio->method->type & BIO_TYPE_DESCRIPTOR)
-			BIO_snprintf(p,p_maxlen,"read(%d,%d) - %s fd=%d\n",
-				 bio->num,argi,bio->method->name,bio->num);
+			BIO_snprintf(p,p_maxlen,"read(%d,%lu) - %s fd=%d\n",
+				 bio->num,(unsigned long)argi,
+				 bio->method->name,bio->num);
 		else
-			BIO_snprintf(p,p_maxlen,"read(%d,%d) - %s\n",
-				 bio->num,argi,bio->method->name);
+			BIO_snprintf(p,p_maxlen,"read(%d,%lu) - %s\n",
+				 bio->num,(unsigned long)argi,
+				 bio->method->name);
 		break;
 	case BIO_CB_WRITE:
 		if (bio->method->type & BIO_TYPE_DESCRIPTOR)
-			BIO_snprintf(p,p_maxlen,"write(%d,%d) - %s fd=%d\n",
-				 bio->num,argi,bio->method->name,bio->num);
+			BIO_snprintf(p,p_maxlen,"write(%d,%lu) - %s fd=%d\n",
+				 bio->num,(unsigned long)argi,
+				 bio->method->name,bio->num);
 		else
-			BIO_snprintf(p,p_maxlen,"write(%d,%d) - %s\n",
-				 bio->num,argi,bio->method->name);
+			BIO_snprintf(p,p_maxlen,"write(%d,%lu) - %s\n",
+				 bio->num,(unsigned long)argi,
+				 bio->method->name);
 		break;
 	case BIO_CB_PUTS:
 		BIO_snprintf(p,p_maxlen,"puts() - %s\n",bio->method->name);
 		break;
 	case BIO_CB_GETS:
-		BIO_snprintf(p,p_maxlen,"gets(%d) - %s\n",argi,bio->method->name);
+		BIO_snprintf(p,p_maxlen,"gets(%lu) - %s\n",(unsigned long)argi,bio->method->name);
 		break;
 	case BIO_CB_CTRL:
-		BIO_snprintf(p,p_maxlen,"ctrl(%d) - %s\n",argi,bio->method->name);
+		BIO_snprintf(p,p_maxlen,"ctrl(%lu) - %s\n",(unsigned long)argi,bio->method->name);
 		break;
 	case BIO_CB_RETURN|BIO_CB_READ:
 		BIO_snprintf(p,p_maxlen,"read return %ld\n",ret);
diff --git a/crypto/bio/bio_err.c b/crypto/bio/bio_err.c
index 5df17ff892..a224edd5a0 100644
--- a/crypto/bio/bio_err.c
+++ b/crypto/bio/bio_err.c
@@ -1,6 +1,6 @@
 /* crypto/bio/bio_err.c */
 /* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2006 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -61,77 +61,81 @@
 #include <stdio.h>
 #include <openssl/err.h>
 #include <openssl/bio.h>
-#include <openssl/opensslconf.h> /* To see if OPENSSL_NO_ERR is defined */
 
 /* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
+
+#define ERR_FUNC(func) ERR_PACK(ERR_LIB_BIO,func,0)
+#define ERR_REASON(reason) ERR_PACK(ERR_LIB_BIO,0,reason)
+
 static ERR_STRING_DATA BIO_str_functs[]=
 	{
-{ERR_PACK(0,BIO_F_ACPT_STATE,0),	"ACPT_STATE"},
-{ERR_PACK(0,BIO_F_BIO_ACCEPT,0),	"BIO_accept"},
-{ERR_PACK(0,BIO_F_BIO_BER_GET_HEADER,0),	"BIO_BER_GET_HEADER"},
-{ERR_PACK(0,BIO_F_BIO_CTRL,0),	"BIO_ctrl"},
-{ERR_PACK(0,BIO_F_BIO_GETHOSTBYNAME,0),	"BIO_gethostbyname"},
-{ERR_PACK(0,BIO_F_BIO_GETS,0),	"BIO_gets"},
-{ERR_PACK(0,BIO_F_BIO_GET_ACCEPT_SOCKET,0),	"BIO_get_accept_socket"},
-{ERR_PACK(0,BIO_F_BIO_GET_HOST_IP,0),	"BIO_get_host_ip"},
-{ERR_PACK(0,BIO_F_BIO_GET_PORT,0),	"BIO_get_port"},
-{ERR_PACK(0,BIO_F_BIO_MAKE_PAIR,0),	"BIO_MAKE_PAIR"},
-{ERR_PACK(0,BIO_F_BIO_NEW,0),	"BIO_new"},
-{ERR_PACK(0,BIO_F_BIO_NEW_FILE,0),	"BIO_new_file"},
-{ERR_PACK(0,BIO_F_BIO_NEW_MEM_BUF,0),	"BIO_new_mem_buf"},
-{ERR_PACK(0,BIO_F_BIO_NREAD,0),	"BIO_nread"},
-{ERR_PACK(0,BIO_F_BIO_NREAD0,0),	"BIO_nread0"},
-{ERR_PACK(0,BIO_F_BIO_NWRITE,0),	"BIO_nwrite"},
-{ERR_PACK(0,BIO_F_BIO_NWRITE0,0),	"BIO_nwrite0"},
-{ERR_PACK(0,BIO_F_BIO_PUTS,0),	"BIO_puts"},
-{ERR_PACK(0,BIO_F_BIO_READ,0),	"BIO_read"},
-{ERR_PACK(0,BIO_F_BIO_SOCK_INIT,0),	"BIO_sock_init"},
-{ERR_PACK(0,BIO_F_BIO_WRITE,0),	"BIO_write"},
-{ERR_PACK(0,BIO_F_BUFFER_CTRL,0),	"BUFFER_CTRL"},
-{ERR_PACK(0,BIO_F_CONN_CTRL,0),	"CONN_CTRL"},
-{ERR_PACK(0,BIO_F_CONN_STATE,0),	"CONN_STATE"},
-{ERR_PACK(0,BIO_F_FILE_CTRL,0),	"FILE_CTRL"},
-{ERR_PACK(0,BIO_F_FILE_READ,0),	"FILE_READ"},
-{ERR_PACK(0,BIO_F_LINEBUFFER_CTRL,0),	"LINEBUFFER_CTRL"},
-{ERR_PACK(0,BIO_F_MEM_READ,0),	"MEM_READ"},
-{ERR_PACK(0,BIO_F_MEM_WRITE,0),	"MEM_WRITE"},
-{ERR_PACK(0,BIO_F_SSL_NEW,0),	"SSL_new"},
-{ERR_PACK(0,BIO_F_WSASTARTUP,0),	"WSASTARTUP"},
+{ERR_FUNC(BIO_F_ACPT_STATE),	"ACPT_STATE"},
+{ERR_FUNC(BIO_F_BIO_ACCEPT),	"BIO_accept"},
+{ERR_FUNC(BIO_F_BIO_BER_GET_HEADER),	"BIO_BER_GET_HEADER"},
+{ERR_FUNC(BIO_F_BIO_CALLBACK_CTRL),	"BIO_callback_ctrl"},
+{ERR_FUNC(BIO_F_BIO_CTRL),	"BIO_ctrl"},
+{ERR_FUNC(BIO_F_BIO_GETHOSTBYNAME),	"BIO_gethostbyname"},
+{ERR_FUNC(BIO_F_BIO_GETS),	"BIO_gets"},
+{ERR_FUNC(BIO_F_BIO_GET_ACCEPT_SOCKET),	"BIO_get_accept_socket"},
+{ERR_FUNC(BIO_F_BIO_GET_HOST_IP),	"BIO_get_host_ip"},
+{ERR_FUNC(BIO_F_BIO_GET_PORT),	"BIO_get_port"},
+{ERR_FUNC(BIO_F_BIO_MAKE_PAIR),	"BIO_MAKE_PAIR"},
+{ERR_FUNC(BIO_F_BIO_NEW),	"BIO_new"},
+{ERR_FUNC(BIO_F_BIO_NEW_FILE),	"BIO_new_file"},
+{ERR_FUNC(BIO_F_BIO_NEW_MEM_BUF),	"BIO_new_mem_buf"},
+{ERR_FUNC(BIO_F_BIO_NREAD),	"BIO_nread"},
+{ERR_FUNC(BIO_F_BIO_NREAD0),	"BIO_nread0"},
+{ERR_FUNC(BIO_F_BIO_NWRITE),	"BIO_nwrite"},
+{ERR_FUNC(BIO_F_BIO_NWRITE0),	"BIO_nwrite0"},
+{ERR_FUNC(BIO_F_BIO_PUTS),	"BIO_puts"},
+{ERR_FUNC(BIO_F_BIO_READ),	"BIO_read"},
+{ERR_FUNC(BIO_F_BIO_SOCK_INIT),	"BIO_sock_init"},
+{ERR_FUNC(BIO_F_BIO_WRITE),	"BIO_write"},
+{ERR_FUNC(BIO_F_BUFFER_CTRL),	"BUFFER_CTRL"},
+{ERR_FUNC(BIO_F_CONN_CTRL),	"CONN_CTRL"},
+{ERR_FUNC(BIO_F_CONN_STATE),	"CONN_STATE"},
+{ERR_FUNC(BIO_F_FILE_CTRL),	"FILE_CTRL"},
+{ERR_FUNC(BIO_F_FILE_READ),	"FILE_READ"},
+{ERR_FUNC(BIO_F_LINEBUFFER_CTRL),	"LINEBUFFER_CTRL"},
+{ERR_FUNC(BIO_F_MEM_READ),	"MEM_READ"},
+{ERR_FUNC(BIO_F_MEM_WRITE),	"MEM_WRITE"},
+{ERR_FUNC(BIO_F_SSL_NEW),	"SSL_new"},
+{ERR_FUNC(BIO_F_WSASTARTUP),	"WSASTARTUP"},
 {0,NULL}
 	};
 
 static ERR_STRING_DATA BIO_str_reasons[]=
 	{
-{BIO_R_ACCEPT_ERROR                      ,"accept error"},
-{BIO_R_BAD_FOPEN_MODE                    ,"bad fopen mode"},
-{BIO_R_BAD_HOSTNAME_LOOKUP               ,"bad hostname lookup"},
-{BIO_R_BROKEN_PIPE                       ,"broken pipe"},
-{BIO_R_CONNECT_ERROR                     ,"connect error"},
-{BIO_R_EOF_ON_MEMORY_BIO                 ,"EOF on memory BIO"},
-{BIO_R_ERROR_SETTING_NBIO                ,"error setting nbio"},
-{BIO_R_ERROR_SETTING_NBIO_ON_ACCEPTED_SOCKET,"error setting nbio on accepted socket"},
-{BIO_R_ERROR_SETTING_NBIO_ON_ACCEPT_SOCKET,"error setting nbio on accept socket"},
-{BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET ,"gethostbyname addr is not af inet"},
-{BIO_R_INVALID_ARGUMENT                  ,"invalid argument"},
-{BIO_R_INVALID_IP_ADDRESS                ,"invalid ip address"},
-{BIO_R_IN_USE                            ,"in use"},
-{BIO_R_KEEPALIVE                         ,"keepalive"},
-{BIO_R_NBIO_CONNECT_ERROR                ,"nbio connect error"},
-{BIO_R_NO_ACCEPT_PORT_SPECIFIED          ,"no accept port specified"},
-{BIO_R_NO_HOSTNAME_SPECIFIED             ,"no hostname specified"},
-{BIO_R_NO_PORT_DEFINED                   ,"no port defined"},
-{BIO_R_NO_PORT_SPECIFIED                 ,"no port specified"},
-{BIO_R_NO_SUCH_FILE                      ,"no such file"},
-{BIO_R_NULL_PARAMETER                    ,"null parameter"},
-{BIO_R_TAG_MISMATCH                      ,"tag mismatch"},
-{BIO_R_UNABLE_TO_BIND_SOCKET             ,"unable to bind socket"},
-{BIO_R_UNABLE_TO_CREATE_SOCKET           ,"unable to create socket"},
-{BIO_R_UNABLE_TO_LISTEN_SOCKET           ,"unable to listen socket"},
-{BIO_R_UNINITIALIZED                     ,"uninitialized"},
-{BIO_R_UNSUPPORTED_METHOD                ,"unsupported method"},
-{BIO_R_WRITE_TO_READ_ONLY_BIO            ,"write to read only BIO"},
-{BIO_R_WSASTARTUP                        ,"WSAStartup"},
+{ERR_REASON(BIO_R_ACCEPT_ERROR)          ,"accept error"},
+{ERR_REASON(BIO_R_BAD_FOPEN_MODE)        ,"bad fopen mode"},
+{ERR_REASON(BIO_R_BAD_HOSTNAME_LOOKUP)   ,"bad hostname lookup"},
+{ERR_REASON(BIO_R_BROKEN_PIPE)           ,"broken pipe"},
+{ERR_REASON(BIO_R_CONNECT_ERROR)         ,"connect error"},
+{ERR_REASON(BIO_R_EOF_ON_MEMORY_BIO)     ,"EOF on memory BIO"},
+{ERR_REASON(BIO_R_ERROR_SETTING_NBIO)    ,"error setting nbio"},
+{ERR_REASON(BIO_R_ERROR_SETTING_NBIO_ON_ACCEPTED_SOCKET),"error setting nbio on accepted socket"},
+{ERR_REASON(BIO_R_ERROR_SETTING_NBIO_ON_ACCEPT_SOCKET),"error setting nbio on accept socket"},
+{ERR_REASON(BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET),"gethostbyname addr is not af inet"},
+{ERR_REASON(BIO_R_INVALID_ARGUMENT)      ,"invalid argument"},
+{ERR_REASON(BIO_R_INVALID_IP_ADDRESS)    ,"invalid ip address"},
+{ERR_REASON(BIO_R_IN_USE)                ,"in use"},
+{ERR_REASON(BIO_R_KEEPALIVE)             ,"keepalive"},
+{ERR_REASON(BIO_R_NBIO_CONNECT_ERROR)    ,"nbio connect error"},
+{ERR_REASON(BIO_R_NO_ACCEPT_PORT_SPECIFIED),"no accept port specified"},
+{ERR_REASON(BIO_R_NO_HOSTNAME_SPECIFIED) ,"no hostname specified"},
+{ERR_REASON(BIO_R_NO_PORT_DEFINED)       ,"no port defined"},
+{ERR_REASON(BIO_R_NO_PORT_SPECIFIED)     ,"no port specified"},
+{ERR_REASON(BIO_R_NO_SUCH_FILE)          ,"no such file"},
+{ERR_REASON(BIO_R_NULL_PARAMETER)        ,"null parameter"},
+{ERR_REASON(BIO_R_TAG_MISMATCH)          ,"tag mismatch"},
+{ERR_REASON(BIO_R_UNABLE_TO_BIND_SOCKET) ,"unable to bind socket"},
+{ERR_REASON(BIO_R_UNABLE_TO_CREATE_SOCKET),"unable to create socket"},
+{ERR_REASON(BIO_R_UNABLE_TO_LISTEN_SOCKET),"unable to listen socket"},
+{ERR_REASON(BIO_R_UNINITIALIZED)         ,"uninitialized"},
+{ERR_REASON(BIO_R_UNSUPPORTED_METHOD)    ,"unsupported method"},
+{ERR_REASON(BIO_R_WRITE_TO_READ_ONLY_BIO),"write to read only BIO"},
+{ERR_REASON(BIO_R_WSASTARTUP)            ,"WSAStartup"},
 {0,NULL}
 	};
 
@@ -139,15 +143,12 @@ static ERR_STRING_DATA BIO_str_reasons[]=
 
 void ERR_load_BIO_strings(void)
 	{
-	static int init=1;
-
-	if (init)
-		{
-		init=0;
 #ifndef OPENSSL_NO_ERR
-		ERR_load_strings(ERR_LIB_BIO,BIO_str_functs);
-		ERR_load_strings(ERR_LIB_BIO,BIO_str_reasons);
-#endif
 
+	if (ERR_func_error_string(BIO_str_functs[0].error) == NULL)
+		{
+		ERR_load_strings(0,BIO_str_functs);
+		ERR_load_strings(0,BIO_str_reasons);
 		}
+#endif
 	}
diff --git a/crypto/bio/bio_lcl.h b/crypto/bio/bio_lcl.h
new file mode 100644
index 0000000000..e7f7ec8d8b
--- /dev/null
+++ b/crypto/bio/bio_lcl.h
@@ -0,0 +1,36 @@
+#include <openssl/bio.h>
+
+#if BIO_FLAGS_UPLINK==0
+/* Shortcut UPLINK calls on most platforms... */
+#define	UP_stdin	stdin
+#define	UP_stdout	stdout
+#define	UP_stderr	stderr
+#define	UP_fprintf	fprintf
+#define	UP_fgets	fgets
+#define	UP_fread	fread
+#define	UP_fwrite	fwrite
+#undef	UP_fsetmod
+#define	UP_feof		feof
+#define	UP_fclose	fclose
+
+#define	UP_fopen	fopen
+#define	UP_fseek	fseek
+#define	UP_ftell	ftell
+#define	UP_fflush	fflush
+#define	UP_ferror	ferror
+#ifdef _WIN32
+#define	UP_fileno	_fileno
+#define	UP_open		_open
+#define	UP_read		_read
+#define	UP_write	_write
+#define	UP_lseek	_lseek
+#define	UP_close	_close
+#else
+#define	UP_fileno	fileno
+#define	UP_open		open
+#define	UP_read		read
+#define	UP_write	write
+#define	UP_lseek	lseek
+#define	UP_close	close
+#endif
+#endif
diff --git a/crypto/bio/bio_lib.c b/crypto/bio/bio_lib.c
index 5e96772ca5..77f4de9c32 100644
--- a/crypto/bio/bio_lib.c
+++ b/crypto/bio/bio_lib.c
@@ -141,6 +141,52 @@ int BIO_free(BIO *a)
 void BIO_vfree(BIO *a)
     { BIO_free(a); }
 
+void BIO_clear_flags(BIO *b, int flags)
+	{
+	b->flags &= ~flags;
+	}
+
+int	BIO_test_flags(const BIO *b, int flags)
+	{
+	return (b->flags & flags);
+	}
+
+void	BIO_set_flags(BIO *b, int flags)
+	{
+	b->flags |= flags;
+	}
+
+long (*BIO_get_callback(const BIO *b))(struct bio_st *,int,const char *,int, long,long)
+	{
+	return b->callback;
+	}
+
+void BIO_set_callback(BIO *b, long (*cb)(struct bio_st *,int,const char *,int, long,long))
+	{
+	b->callback = cb;
+	}
+
+void BIO_set_callback_arg(BIO *b, char *arg)
+	{
+	b->cb_arg = arg;
+	}
+
+char * BIO_get_callback_arg(const BIO *b)
+	{
+	return b->cb_arg;
+	}
+
+const char * BIO_method_name(const BIO *b)
+	{
+	return b->method->name;
+	}
+
+int BIO_method_type(const BIO *b)
+	{
+	return b->method->type;
+	}
+
+
 int BIO_read(BIO *b, void *out, int outl)
 	{
 	int i;
@@ -338,7 +384,7 @@ long BIO_callback_ctrl(BIO *b, int cmd, void (*fp)(struct bio_st *, int, const c
 
 	if ((b->method == NULL) || (b->method->callback_ctrl == NULL))
 		{
-		BIOerr(BIO_F_BIO_CTRL,BIO_R_UNSUPPORTED_METHOD);
+		BIOerr(BIO_F_BIO_CALLBACK_CTRL,BIO_R_UNSUPPORTED_METHOD);
 		return(-2);
 		}
 
@@ -383,7 +429,7 @@ BIO *BIO_push(BIO *b, BIO *bio)
 	if (bio != NULL)
 		bio->prev_bio=lb;
 	/* called to do internal processing */
-	BIO_ctrl(b,BIO_CTRL_PUSH,0,NULL);
+	BIO_ctrl(b,BIO_CTRL_PUSH,0,lb);
 	return(b);
 	}
 
@@ -395,7 +441,7 @@ BIO *BIO_pop(BIO *b)
 	if (b == NULL) return(NULL);
 	ret=b->next_bio;
 
-	BIO_ctrl(b,BIO_CTRL_POP,0,NULL);
+	BIO_ctrl(b,BIO_CTRL_POP,0,b);
 
 	if (b->prev_bio != NULL)
 		b->prev_bio->next_bio=b->next_bio;
diff --git a/crypto/bio/bss_acpt.c b/crypto/bio/bss_acpt.c
index d090b7272f..826f761143 100644
--- a/crypto/bio/bss_acpt.c
+++ b/crypto/bio/bss_acpt.c
@@ -100,8 +100,8 @@ static int acpt_new(BIO *h);
 static int acpt_free(BIO *data);
 static int acpt_state(BIO *b, BIO_ACCEPT *c);
 static void acpt_close_socket(BIO *data);
-BIO_ACCEPT *BIO_ACCEPT_new(void );
-void BIO_ACCEPT_free(BIO_ACCEPT *a);
+static BIO_ACCEPT *BIO_ACCEPT_new(void );
+static void BIO_ACCEPT_free(BIO_ACCEPT *a);
 
 #define ACPT_S_BEFORE			1
 #define ACPT_S_GET_ACCEPT_SOCKET	2
@@ -141,7 +141,7 @@ static int acpt_new(BIO *bi)
 	return(1);
 	}
 
-BIO_ACCEPT *BIO_ACCEPT_new(void)
+static BIO_ACCEPT *BIO_ACCEPT_new(void)
 	{
 	BIO_ACCEPT *ret;
 
@@ -154,7 +154,7 @@ BIO_ACCEPT *BIO_ACCEPT_new(void)
 	return(ret);
 	}
 
-void BIO_ACCEPT_free(BIO_ACCEPT *a)
+static void BIO_ACCEPT_free(BIO_ACCEPT *a)
 	{
 	if(a == NULL)
 	    return;
diff --git a/crypto/bio/bss_bio.c b/crypto/bio/bss_bio.c
index 0f9f0955b4..76bd48e767 100644
--- a/crypto/bio/bss_bio.c
+++ b/crypto/bio/bss_bio.c
@@ -919,6 +919,6 @@ int BIO_nwrite(BIO *bio, char **buf, int num)
 
 	ret = BIO_ctrl(bio, BIO_C_NWRITE, num, buf);
 	if (ret > 0)
-		bio->num_read += ret;
+		bio->num_write += ret;
 	return ret;
 	}
diff --git a/crypto/bio/bss_conn.c b/crypto/bio/bss_conn.c
index 8dc77abc53..51fbd1525c 100644
--- a/crypto/bio/bss_conn.c
+++ b/crypto/bio/bss_conn.c
@@ -535,7 +535,7 @@ static long conn_ctrl(BIO *b, int cmd, long num, void *ptr)
 		break;
 	case BIO_C_DO_STATE_MACHINE:
 		/* use this one to start the connection */
-		if (!data->state != BIO_CONN_S_OK)
+		if (data->state != BIO_CONN_S_OK)
 			ret=(long)conn_state(b,data);
 		else
 			ret=1;
@@ -656,9 +656,9 @@ static long conn_ctrl(BIO *b, int cmd, long num, void *ptr)
 		break;
 	case BIO_CTRL_GET_CALLBACK:
 		{
-		int (**fptr)();
+		int (**fptr)(const BIO *bio,int state,int xret);
 
-		fptr=(int (**)())ptr;
+		fptr=(int (**)(const BIO *bio,int state,int xret))ptr;
 		*fptr=data->info_callback;
 		}
 		break;
diff --git a/crypto/bio/bss_dgram.c b/crypto/bio/bss_dgram.c
new file mode 100644
index 0000000000..eb7e365467
--- /dev/null
+++ b/crypto/bio/bss_dgram.c
@@ -0,0 +1,830 @@
+/* crypto/bio/bio_dgram.c */
+/* 
+ * DTLS implementation written by Nagendra Modadugu
+ * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.  
+ */
+/* ====================================================================
+ * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef OPENSSL_NO_DGRAM
+
+#include <stdio.h>
+#include <errno.h>
+#define USE_SOCKETS
+#include "cryptlib.h"
+
+#include <openssl/bio.h>
+
+#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS)
+#include <sys/timeb.h>
+#endif
+
+#ifdef OPENSSL_SYS_LINUX
+#define IP_MTU      14 /* linux is lame */
+#endif
+
+#ifdef WATT32
+#define sock_write SockWrite  /* Watt-32 uses same names */
+#define sock_read  SockRead
+#define sock_puts  SockPuts
+#endif
+
+static int dgram_write(BIO *h, const char *buf, int num);
+static int dgram_read(BIO *h, char *buf, int size);
+static int dgram_puts(BIO *h, const char *str);
+static long dgram_ctrl(BIO *h, int cmd, long arg1, void *arg2);
+static int dgram_new(BIO *h);
+static int dgram_free(BIO *data);
+static int dgram_clear(BIO *bio);
+
+static int BIO_dgram_should_retry(int s);
+
+static void get_current_time(struct timeval *t);
+
+static BIO_METHOD methods_dgramp=
+	{
+	BIO_TYPE_DGRAM,
+	"datagram socket",
+	dgram_write,
+	dgram_read,
+	dgram_puts,
+	NULL, /* dgram_gets, */
+	dgram_ctrl,
+	dgram_new,
+	dgram_free,
+	NULL,
+	};
+
+typedef struct bio_dgram_data_st
+	{
+	union {
+		struct sockaddr sa;
+		struct sockaddr_in sa_in;
+#if OPENSSL_USE_IPV6
+		struct sockaddr_in6 sa_in6;
+#endif
+	} peer;
+	unsigned int connected;
+	unsigned int _errno;
+	unsigned int mtu;
+	struct timeval next_timeout;
+	struct timeval socket_timeout;
+	} bio_dgram_data;
+
+BIO_METHOD *BIO_s_datagram(void)
+	{
+	return(&methods_dgramp);
+	}
+
+BIO *BIO_new_dgram(int fd, int close_flag)
+	{
+	BIO *ret;
+
+	ret=BIO_new(BIO_s_datagram());
+	if (ret == NULL) return(NULL);
+	BIO_set_fd(ret,fd,close_flag);
+	return(ret);
+	}
+
+static int dgram_new(BIO *bi)
+	{
+	bio_dgram_data *data = NULL;
+
+	bi->init=0;
+	bi->num=0;
+	data = OPENSSL_malloc(sizeof(bio_dgram_data));
+	if (data == NULL)
+		return 0;
+	memset(data, 0x00, sizeof(bio_dgram_data));
+    bi->ptr = data;
+
+	bi->flags=0;
+	return(1);
+	}
+
+static int dgram_free(BIO *a)
+	{
+	bio_dgram_data *data;
+
+	if (a == NULL) return(0);
+	if ( ! dgram_clear(a))
+		return 0;
+
+	data = (bio_dgram_data *)a->ptr;
+	if(data != NULL) OPENSSL_free(data);
+
+	return(1);
+	}
+
+static int dgram_clear(BIO *a)
+	{
+	if (a == NULL) return(0);
+	if (a->shutdown)
+		{
+		if (a->init)
+			{
+			SHUTDOWN2(a->num);
+			}
+		a->init=0;
+		a->flags=0;
+		}
+	return(1);
+	}
+
+static void dgram_adjust_rcv_timeout(BIO *b)
+	{
+#if defined(SO_RCVTIMEO)
+	bio_dgram_data *data = (bio_dgram_data *)b->ptr;
+	int sz = sizeof(int);
+
+	/* Is a timer active? */
+	if (data->next_timeout.tv_sec > 0 || data->next_timeout.tv_usec > 0)
+		{
+		struct timeval timenow, timeleft;
+
+		/* Read current socket timeout */
+#ifdef OPENSSL_SYS_WINDOWS
+		int timeout;
+		if (getsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
+					   (void*)&timeout, &sz) < 0)
+			{ perror("getsockopt"); }
+		else
+			{
+			data->socket_timeout.tv_sec = timeout / 1000;
+			data->socket_timeout.tv_usec = (timeout % 1000) * 1000;
+			}
+#else
+		if ( getsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO, 
+						&(data->socket_timeout), (void *)&sz) < 0)
+			{ perror("getsockopt"); }
+#endif
+
+		/* Get current time */
+		get_current_time(&timenow);
+
+		/* Calculate time left until timer expires */
+		memcpy(&timeleft, &(data->next_timeout), sizeof(struct timeval));
+		timeleft.tv_sec -= timenow.tv_sec;
+		timeleft.tv_usec -= timenow.tv_usec;
+		if (timeleft.tv_usec < 0)
+			{
+			timeleft.tv_sec--;
+			timeleft.tv_usec += 1000000;
+			}
+
+		if (timeleft.tv_sec < 0)
+			{
+			timeleft.tv_sec = 0;
+			timeleft.tv_usec = 1;
+			}
+
+		/* Adjust socket timeout if next handhake message timer
+		 * will expire earlier.
+		 */
+		if ((data->socket_timeout.tv_sec == 0 && data->socket_timeout.tv_usec == 0) ||
+			(data->socket_timeout.tv_sec > timeleft.tv_sec) ||
+			(data->socket_timeout.tv_sec == timeleft.tv_sec &&
+			 data->socket_timeout.tv_usec >= timeleft.tv_usec))
+			{
+#ifdef OPENSSL_SYS_WINDOWS
+			timeout = timeleft.tv_sec * 1000 + timeleft.tv_usec / 1000;
+			if (setsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
+						   (void*)&timeout, sizeof(timeout)) < 0)
+				{ perror("setsockopt"); }
+#else
+			if ( setsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO, &timeleft,
+							sizeof(struct timeval)) < 0)
+				{ perror("setsockopt"); }
+#endif
+			}
+		}
+#endif
+	}
+
+static void dgram_reset_rcv_timeout(BIO *b)
+	{
+#if defined(SO_RCVTIMEO)
+	bio_dgram_data *data = (bio_dgram_data *)b->ptr;
+
+	/* Is a timer active? */
+	if (data->next_timeout.tv_sec > 0 || data->next_timeout.tv_usec > 0)
+		{
+#ifdef OPENSSL_SYS_WINDOWS
+		int timeout = data->socket_timeout.tv_sec * 1000 +
+					  data->socket_timeout.tv_usec / 1000;
+		if (setsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
+					   (void*)&timeout, sizeof(timeout)) < 0)
+			{ perror("setsockopt"); }
+#else
+		if ( setsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO, &(data->socket_timeout),
+						sizeof(struct timeval)) < 0)
+			{ perror("setsockopt"); }
+#endif
+		}
+#endif
+	}
+
+static int dgram_read(BIO *b, char *out, int outl)
+	{
+	int ret=0;
+	bio_dgram_data *data = (bio_dgram_data *)b->ptr;
+
+	struct	{
+	/*
+	 * See commentary in b_sock.c. <appro>
+	 */
+	union	{ size_t s; int i; } len;
+	union	{
+		struct sockaddr sa;
+		struct sockaddr_in sa_in;
+#if OPENSSL_USE_IPV6
+		struct sockaddr_in6 sa_in6;
+#endif
+		} peer;
+	} sa;
+
+	sa.len.s=0;
+	sa.len.i=sizeof(sa.peer);
+
+	if (out != NULL)
+		{
+		clear_socket_error();
+		memset(&sa.peer, 0x00, sizeof(sa.peer));
+		dgram_adjust_rcv_timeout(b);
+		ret=recvfrom(b->num,out,outl,0,&sa.peer.sa,(void *)&sa.len);
+		if (sizeof(sa.len.i)!=sizeof(sa.len.s) && sa.len.i==0)
+			{
+			OPENSSL_assert(sa.len.s<=sizeof(sa.peer));
+			sa.len.i = (int)sa.len.s;
+			}
+		dgram_reset_rcv_timeout(b);
+
+		if ( ! data->connected  && ret >= 0)
+			BIO_ctrl(b, BIO_CTRL_DGRAM_SET_PEER, 0, &sa.peer);
+
+		BIO_clear_retry_flags(b);
+		if (ret < 0)
+			{
+			if (BIO_dgram_should_retry(ret))
+				{
+				BIO_set_retry_read(b);
+				data->_errno = get_last_socket_error();
+				}
+			}
+		}
+	return(ret);
+	}
+
+static int dgram_write(BIO *b, const char *in, int inl)
+	{
+	int ret;
+	bio_dgram_data *data = (bio_dgram_data *)b->ptr;
+	clear_socket_error();
+
+	if ( data->connected )
+		ret=writesocket(b->num,in,inl);
+	else
+		{
+		int peerlen = sizeof(data->peer);
+
+		if (data->peer.sa.sa_family == AF_INET)
+			peerlen = sizeof(data->peer.sa_in);
+#if OPENSSL_USE_IVP6
+		else if (data->peer.sa.sa_family == AF_INET6)
+			peerlen = sizeof(data->peer.sa_in6);
+#endif
+#if defined(NETWARE_CLIB) && defined(NETWARE_BSDSOCK)
+		ret=sendto(b->num, (char *)in, inl, 0, &data->peer.sa, peerlen);
+#else
+		ret=sendto(b->num, in, inl, 0, &data->peer.sa, peerlen);
+#endif
+		}
+
+	BIO_clear_retry_flags(b);
+	if (ret <= 0)
+		{
+		if (BIO_dgram_should_retry(ret))
+			{
+			BIO_set_retry_write(b);  
+			data->_errno = get_last_socket_error();
+
+#if 0 /* higher layers are responsible for querying MTU, if necessary */
+			if ( data->_errno == EMSGSIZE)
+				/* retrieve the new MTU */
+				BIO_ctrl(b, BIO_CTRL_DGRAM_QUERY_MTU, 0, NULL);
+#endif
+			}
+		}
+	return(ret);
+	}
+
+static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr)
+	{
+	long ret=1;
+	int *ip;
+	struct sockaddr *to = NULL;
+	bio_dgram_data *data = NULL;
+#if defined(IP_MTU_DISCOVER) || defined(IP_MTU)
+	long sockopt_val = 0;
+	unsigned int sockopt_len = 0;
+#endif
+#ifdef OPENSSL_SYS_LINUX
+	socklen_t addr_len;
+	union	{
+		struct sockaddr	sa;
+		struct sockaddr_in s4;
+#if OPENSSL_USE_IPV6
+		struct sockaddr_in6 s6;
+#endif
+		} addr;
+#endif
+
+	data = (bio_dgram_data *)b->ptr;
+
+	switch (cmd)
+		{
+	case BIO_CTRL_RESET:
+		num=0;
+	case BIO_C_FILE_SEEK:
+		ret=0;
+		break;
+	case BIO_C_FILE_TELL:
+	case BIO_CTRL_INFO:
+		ret=0;
+		break;
+	case BIO_C_SET_FD:
+		dgram_clear(b);
+		b->num= *((int *)ptr);
+		b->shutdown=(int)num;
+		b->init=1;
+		break;
+	case BIO_C_GET_FD:
+		if (b->init)
+			{
+			ip=(int *)ptr;
+			if (ip != NULL) *ip=b->num;
+			ret=b->num;
+			}
+		else
+			ret= -1;
+		break;
+	case BIO_CTRL_GET_CLOSE:
+		ret=b->shutdown;
+		break;
+	case BIO_CTRL_SET_CLOSE:
+		b->shutdown=(int)num;
+		break;
+	case BIO_CTRL_PENDING:
+	case BIO_CTRL_WPENDING:
+		ret=0;
+		break;
+	case BIO_CTRL_DUP:
+	case BIO_CTRL_FLUSH:
+		ret=1;
+		break;
+	case BIO_CTRL_DGRAM_CONNECT:
+		to = (struct sockaddr *)ptr;
+#if 0
+		if (connect(b->num, to, sizeof(struct sockaddr)) < 0)
+			{ perror("connect"); ret = 0; }
+		else
+			{
+#endif
+			switch (to->sa_family)
+				{
+				case AF_INET:
+					memcpy(&data->peer,to,sizeof(data->peer.sa_in));
+					break;
+#if OPENSSL_USE_IPV6
+				case AF_INET6:
+					memcpy(&data->peer,to,sizeof(data->peer.sa_in6));
+					break;
+#endif
+				default:
+					memcpy(&data->peer,to,sizeof(data->peer.sa));
+					break;
+				}
+#if 0
+			}
+#endif
+		break;
+		/* (Linux)kernel sets DF bit on outgoing IP packets */
+	case BIO_CTRL_DGRAM_MTU_DISCOVER:
+#ifdef OPENSSL_SYS_LINUX
+		addr_len = (socklen_t)sizeof(addr);
+		memset((void *)&addr, 0, sizeof(addr));
+		if (getsockname(b->num, &addr.sa, &addr_len) < 0)
+			{
+			ret = 0;
+			break;
+			}
+		sockopt_len = sizeof(sockopt_val);
+		switch (addr.sa.sa_family)
+			{
+		case AF_INET:
+			sockopt_val = IP_PMTUDISC_DO;
+			if ((ret = setsockopt(b->num, IPPROTO_IP, IP_MTU_DISCOVER,
+				&sockopt_val, sizeof(sockopt_val))) < 0)
+				perror("setsockopt");
+			break;
+#if OPENSSL_USE_IPV6 && defined(IPV6_MTU_DISCOVER)
+		case AF_INET6:
+			sockopt_val = IPV6_PMTUDISC_DO;
+			if ((ret = setsockopt(b->num, IPPROTO_IPV6, IPV6_MTU_DISCOVER,
+				&sockopt_val, sizeof(sockopt_val))) < 0)
+				perror("setsockopt");
+			break;
+#endif
+		default:
+			ret = -1;
+			break;
+			}
+		ret = -1;
+#else
+		break;
+#endif
+	case BIO_CTRL_DGRAM_QUERY_MTU:
+#ifdef OPENSSL_SYS_LINUX
+		addr_len = (socklen_t)sizeof(addr);
+		memset((void *)&addr, 0, sizeof(addr));
+		if (getsockname(b->num, &addr.sa, &addr_len) < 0)
+			{
+			ret = 0;
+			break;
+			}
+		sockopt_len = sizeof(sockopt_val);
+		switch (addr.sa.sa_family)
+			{
+		case AF_INET:
+			if ((ret = getsockopt(b->num, IPPROTO_IP, IP_MTU, (void *)&sockopt_val,
+				&sockopt_len)) < 0 || sockopt_val < 0)
+				{
+				ret = 0;
+				}
+			else
+				{
+				/* we assume that the transport protocol is UDP and no
+				 * IP options are used.
+				 */
+				data->mtu = sockopt_val - 8 - 20;
+				ret = data->mtu;
+				}
+			break;
+#if OPENSSL_USE_IPV6 && defined(IPV6_MTU)
+		case AF_INET6:
+			if ((ret = getsockopt(b->num, IPPROTO_IPV6, IPV6_MTU, (void *)&sockopt_val,
+				&sockopt_len)) < 0 || sockopt_val < 0)
+				{
+				ret = 0;
+				}
+			else
+				{
+				/* we assume that the transport protocol is UDP and no
+				 * IPV6 options are used.
+				 */
+				data->mtu = sockopt_val - 8 - 40;
+				ret = data->mtu;
+				}
+			break;
+#endif
+		default:
+			ret = 0;
+			break;
+			}
+#else
+		ret = 0;
+#endif
+		break;
+	case BIO_CTRL_DGRAM_GET_MTU:
+		return data->mtu;
+		break;
+	case BIO_CTRL_DGRAM_SET_MTU:
+		data->mtu = num;
+		ret = num;
+		break;
+	case BIO_CTRL_DGRAM_SET_CONNECTED:
+		to = (struct sockaddr *)ptr;
+
+		if ( to != NULL)
+			{
+			data->connected = 1;
+			switch (to->sa_family)
+				{
+				case AF_INET:
+					memcpy(&data->peer,to,sizeof(data->peer.sa_in));
+					break;
+#if OPENSSL_USE_IPV6
+				case AF_INET6:
+					memcpy(&data->peer,to,sizeof(data->peer.sa_in6));
+					break;
+#endif
+				default:
+					memcpy(&data->peer,to,sizeof(data->peer.sa));
+					break;
+				}
+			}
+		else
+			{
+			data->connected = 0;
+			memset(&(data->peer), 0x00, sizeof(data->peer));
+			}
+		break;
+	case BIO_CTRL_DGRAM_GET_PEER:
+		switch (data->peer.sa.sa_family)
+			{
+			case AF_INET:
+				ret=sizeof(data->peer.sa_in);
+				break;
+#if OPENSSL_USE_IPV6
+			case AF_INET6:
+				ret=sizeof(data->peer.sa_in6);
+				break;
+#endif
+			default:
+				ret=sizeof(data->peer.sa);
+				break;
+			}
+		if (num==0 || num>ret)
+			num=ret;
+		memcpy(ptr,&data->peer,(ret=num));
+		break;
+	case BIO_CTRL_DGRAM_SET_PEER:
+		to = (struct sockaddr *) ptr;
+		switch (to->sa_family)
+			{
+			case AF_INET:
+				memcpy(&data->peer,to,sizeof(data->peer.sa_in));
+				break;
+#if OPENSSL_USE_IPV6
+			case AF_INET6:
+				memcpy(&data->peer,to,sizeof(data->peer.sa_in6));
+				break;
+#endif
+			default:
+				memcpy(&data->peer,to,sizeof(data->peer.sa));
+				break;
+			}
+		break;
+	case BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT:
+		memcpy(&(data->next_timeout), ptr, sizeof(struct timeval));
+		break;
+#if defined(SO_RCVTIMEO)
+	case BIO_CTRL_DGRAM_SET_RECV_TIMEOUT:
+#ifdef OPENSSL_SYS_WINDOWS
+		{
+		struct timeval *tv = (struct timeval *)ptr;
+		int timeout = tv->tv_sec * 1000 + tv->tv_usec/1000;
+		if (setsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
+			(void*)&timeout, sizeof(timeout)) < 0)
+			{ perror("setsockopt"); ret = -1; }
+		}
+#else
+		if ( setsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO, ptr,
+			sizeof(struct timeval)) < 0)
+			{ perror("setsockopt");	ret = -1; }
+#endif
+		break;
+	case BIO_CTRL_DGRAM_GET_RECV_TIMEOUT:
+#ifdef OPENSSL_SYS_WINDOWS
+		{
+		int timeout, sz = sizeof(timeout);
+		struct timeval *tv = (struct timeval *)ptr;
+		if (getsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
+			(void*)&timeout, &sz) < 0)
+			{ perror("getsockopt"); ret = -1; }
+		else
+			{
+			tv->tv_sec = timeout / 1000;
+			tv->tv_usec = (timeout % 1000) * 1000;
+			ret = sizeof(*tv);
+			}
+		}
+#else
+		if ( getsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO, 
+			ptr, (void *)&ret) < 0)
+			{ perror("getsockopt"); ret = -1; }
+#endif
+		break;
+#endif
+#if defined(SO_SNDTIMEO)
+	case BIO_CTRL_DGRAM_SET_SEND_TIMEOUT:
+#ifdef OPENSSL_SYS_WINDOWS
+		{
+		struct timeval *tv = (struct timeval *)ptr;
+		int timeout = tv->tv_sec * 1000 + tv->tv_usec/1000;
+		if (setsockopt(b->num, SOL_SOCKET, SO_SNDTIMEO,
+			(void*)&timeout, sizeof(timeout)) < 0)
+			{ perror("setsockopt"); ret = -1; }
+		}
+#else
+		if ( setsockopt(b->num, SOL_SOCKET, SO_SNDTIMEO, ptr,
+			sizeof(struct timeval)) < 0)
+			{ perror("setsockopt");	ret = -1; }
+#endif
+		break;
+	case BIO_CTRL_DGRAM_GET_SEND_TIMEOUT:
+#ifdef OPENSSL_SYS_WINDOWS
+		{
+		int timeout, sz = sizeof(timeout);
+		struct timeval *tv = (struct timeval *)ptr;
+		if (getsockopt(b->num, SOL_SOCKET, SO_SNDTIMEO,
+			(void*)&timeout, &sz) < 0)
+			{ perror("getsockopt"); ret = -1; }
+		else
+			{
+			tv->tv_sec = timeout / 1000;
+			tv->tv_usec = (timeout % 1000) * 1000;
+			ret = sizeof(*tv);
+			}
+		}
+#else
+		if ( getsockopt(b->num, SOL_SOCKET, SO_SNDTIMEO, 
+			ptr, (void *)&ret) < 0)
+			{ perror("getsockopt"); ret = -1; }
+#endif
+		break;
+#endif
+	case BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP:
+		/* fall-through */
+	case BIO_CTRL_DGRAM_GET_RECV_TIMER_EXP:
+#ifdef OPENSSL_SYS_WINDOWS
+		if ( data->_errno == WSAETIMEDOUT)
+#else
+		if ( data->_errno == EAGAIN)
+#endif
+			{
+			ret = 1;
+			data->_errno = 0;
+			}
+		else
+			ret = 0;
+		break;
+#ifdef EMSGSIZE
+	case BIO_CTRL_DGRAM_MTU_EXCEEDED:
+		if ( data->_errno == EMSGSIZE)
+			{
+			ret = 1;
+			data->_errno = 0;
+			}
+		else
+			ret = 0;
+		break;
+#endif
+	default:
+		ret=0;
+		break;
+		}
+	return(ret);
+	}
+
+static int dgram_puts(BIO *bp, const char *str)
+	{
+	int n,ret;
+
+	n=strlen(str);
+	ret=dgram_write(bp,str,n);
+	return(ret);
+	}
+
+static int BIO_dgram_should_retry(int i)
+	{
+	int err;
+
+	if ((i == 0) || (i == -1))
+		{
+		err=get_last_socket_error();
+
+#if defined(OPENSSL_SYS_WINDOWS) && 0 /* more microsoft stupidity? perhaps not? Ben 4/1/99 */
+		if ((i == -1) && (err == 0))
+			return(1);
+#endif
+
+		return(BIO_dgram_non_fatal_error(err));
+		}
+	return(0);
+	}
+
+int BIO_dgram_non_fatal_error(int err)
+	{
+	switch (err)
+		{
+#if defined(OPENSSL_SYS_WINDOWS)
+# if defined(WSAEWOULDBLOCK)
+	case WSAEWOULDBLOCK:
+# endif
+
+# if 0 /* This appears to always be an error */
+#  if defined(WSAENOTCONN)
+	case WSAENOTCONN:
+#  endif
+# endif
+#endif
+
+#ifdef EWOULDBLOCK
+# ifdef WSAEWOULDBLOCK
+#  if WSAEWOULDBLOCK != EWOULDBLOCK
+	case EWOULDBLOCK:
+#  endif
+# else
+	case EWOULDBLOCK:
+# endif
+#endif
+
+#ifdef EINTR
+	case EINTR:
+#endif
+
+#ifdef EAGAIN
+#if EWOULDBLOCK != EAGAIN
+	case EAGAIN:
+# endif
+#endif
+
+#ifdef EPROTO
+	case EPROTO:
+#endif
+
+#ifdef EINPROGRESS
+	case EINPROGRESS:
+#endif
+
+#ifdef EALREADY
+	case EALREADY:
+#endif
+
+		return(1);
+		/* break; */
+	default:
+		break;
+		}
+	return(0);
+	}
+#endif
+
+static void get_current_time(struct timeval *t)
+	{
+#ifdef OPENSSL_SYS_WIN32
+	struct _timeb tb;
+	_ftime(&tb);
+	t->tv_sec = (long)tb.time;
+	t->tv_usec = (long)tb.millitm * 1000;
+#elif defined(OPENSSL_SYS_VMS)
+	struct timeb tb;
+	ftime(&tb);
+	t->tv_sec = (long)tb.time;
+	t->tv_usec = (long)tb.millitm * 1000;
+#else
+	gettimeofday(t, NULL);
+#endif
+	}
diff --git a/crypto/bio/bss_fd.c b/crypto/bio/bss_fd.c
index 5e3e187de6..d1bf85aae1 100644
--- a/crypto/bio/bss_fd.c
+++ b/crypto/bio/bss_fd.c
@@ -60,11 +60,31 @@
 #include <errno.h>
 #define USE_SOCKETS
 #include "cryptlib.h"
-#include <openssl/bio.h>
+
+#if defined(OPENSSL_NO_POSIX_IO)
+/*
+ * One can argue that one should implement dummy placeholder for
+ * BIO_s_fd here...
+ */
+#else
+/*
+ * As for unconditional usage of "UPLINK" interface in this module.
+ * Trouble is that unlike Unix file descriptors [which are indexes
+ * in kernel-side per-process table], corresponding descriptors on
+ * platforms which require "UPLINK" interface seem to be indexes
+ * in a user-land, non-global table. Well, in fact they are indexes
+ * in stdio _iob[], and recall that _iob[] was the very reason why
+ * "UPLINK" interface was introduced in first place. But one way on
+ * another. Neither libcrypto or libssl use this BIO meaning that
+ * file descriptors can only be provided by application. Therefore
+ * "UPLINK" calls are due...
+ */
+#include "bio_lcl.h"
 
 static int fd_write(BIO *h, const char *buf, int num);
 static int fd_read(BIO *h, char *buf, int size);
 static int fd_puts(BIO *h, const char *str);
+static int fd_gets(BIO *h, char *buf, int size);
 static long fd_ctrl(BIO *h, int cmd, long arg1, void *arg2);
 static int fd_new(BIO *h);
 static int fd_free(BIO *data);
@@ -76,7 +96,7 @@ static BIO_METHOD methods_fdp=
 	fd_write,
 	fd_read,
 	fd_puts,
-	NULL, /* fd_gets, */
+	fd_gets,
 	fd_ctrl,
 	fd_new,
 	fd_free,
@@ -100,9 +120,9 @@ BIO *BIO_new_fd(int fd,int close_flag)
 static int fd_new(BIO *bi)
 	{
 	bi->init=0;
-	bi->num=0;
+	bi->num=-1;
 	bi->ptr=NULL;
-	bi->flags=0;
+	bi->flags=BIO_FLAGS_UPLINK; /* essentially redundant */
 	return(1);
 	}
 
@@ -113,10 +133,10 @@ static int fd_free(BIO *a)
 		{
 		if (a->init)
 			{
-			close(a->num);
+			UP_close(a->num);
 			}
 		a->init=0;
-		a->flags=0;
+		a->flags=BIO_FLAGS_UPLINK;
 		}
 	return(1);
 	}
@@ -128,7 +148,7 @@ static int fd_read(BIO *b, char *out,int outl)
 	if (out != NULL)
 		{
 		clear_sys_error();
-		ret=read(b->num,out,outl);
+		ret=UP_read(b->num,out,outl);
 		BIO_clear_retry_flags(b);
 		if (ret <= 0)
 			{
@@ -143,7 +163,7 @@ static int fd_write(BIO *b, const char *in, int inl)
 	{
 	int ret;
 	clear_sys_error();
-	ret=write(b->num,in,inl);
+	ret=UP_write(b->num,in,inl);
 	BIO_clear_retry_flags(b);
 	if (ret <= 0)
 		{
@@ -163,11 +183,11 @@ static long fd_ctrl(BIO *b, int cmd, long num, void *ptr)
 	case BIO_CTRL_RESET:
 		num=0;
 	case BIO_C_FILE_SEEK:
-		ret=(long)lseek(b->num,num,0);
+		ret=(long)UP_lseek(b->num,num,0);
 		break;
 	case BIO_C_FILE_TELL:
 	case BIO_CTRL_INFO:
-		ret=(long)lseek(b->num,0,1);
+		ret=(long)UP_lseek(b->num,0,1);
 		break;
 	case BIO_C_SET_FD:
 		fd_free(b);
@@ -215,6 +235,22 @@ static int fd_puts(BIO *bp, const char *str)
 	return(ret);
 	}
 
+static int fd_gets(BIO *bp, char *buf, int size)
+        {
+	int ret=0;
+	char *ptr=buf;
+	char *end=buf+size-1;
+
+	while ( (ptr < end) && (fd_read(bp, ptr, 1) > 0) && (ptr[0] != '\n') )
+		ptr++;
+
+	ptr[0]='\0';
+
+	if (buf[0] != '\0')
+		ret=strlen(buf);
+	return(ret);
+        }
+
 int BIO_fd_should_retry(int i)
 	{
 	int err;
@@ -280,3 +316,4 @@ int BIO_fd_non_fatal_error(int err)
 		}
 	return(0);
 	}
+#endif
diff --git a/crypto/bio/bss_file.c b/crypto/bio/bss_file.c
index 764b7f8372..a85ac209f0 100644
--- a/crypto/bio/bss_file.c
+++ b/crypto/bio/bss_file.c
@@ -65,12 +65,34 @@
 #ifndef HEADER_BSS_FILE_C
 #define HEADER_BSS_FILE_C
 
+#if defined(__linux) || defined(__sun) || defined(__hpux)
+/* Following definition aliases fopen to fopen64 on above mentioned
+ * platforms. This makes it possible to open and sequentially access
+ * files larger than 2GB from 32-bit application. It does not allow to
+ * traverse them beyond 2GB with fseek/ftell, but on the other hand *no*
+ * 32-bit platform permits that, not with fseek/ftell. Not to mention
+ * that breaking 2GB limit for seeking would require surgery to *our*
+ * API. But sequential access suffices for practical cases when you
+ * can run into large files, such as fingerprinting, so we can let API
+ * alone. For reference, the list of 32-bit platforms which allow for
+ * sequential access of large files without extra "magic" comprise *BSD,
+ * Darwin, IRIX...
+ */
+#ifndef _FILE_OFFSET_BITS
+#define _FILE_OFFSET_BITS 64
+#endif
+#endif
+
 #include <stdio.h>
 #include <errno.h>
 #include "cryptlib.h"
-#include <openssl/bio.h>
+#include "bio_lcl.h"
 #include <openssl/err.h>
 
+#if defined(OPENSSL_SYS_NETWARE) && defined(NETWARE_CLIB)
+#include <nwfileio.h>
+#endif
+
 #if !defined(OPENSSL_NO_STDIO)
 
 static int MS_CALLBACK file_write(BIO *h, const char *buf, int num);
@@ -109,9 +131,13 @@ BIO *BIO_new_file(const char *filename, const char *mode)
 			BIOerr(BIO_F_BIO_NEW_FILE,ERR_R_SYS_LIB);
 		return(NULL);
 		}
-	if ((ret=BIO_new(BIO_s_file_internal())) == NULL)
+	if ((ret=BIO_new(BIO_s_file())) == NULL)
+		{
+		fclose(file);
 		return(NULL);
+		}
 
+	BIO_clear_flags(ret,BIO_FLAGS_UPLINK); /* we did fopen -> we disengage UPLINK */
 	BIO_set_fp(ret,file,BIO_CLOSE);
 	return(ret);
 	}
@@ -123,6 +149,7 @@ BIO *BIO_new_fp(FILE *stream, int close_flag)
 	if ((ret=BIO_new(BIO_s_file())) == NULL)
 		return(NULL);
 
+	BIO_set_flags(ret,BIO_FLAGS_UPLINK); /* redundant, left for documentation puposes */
 	BIO_set_fp(ret,stream,close_flag);
 	return(ret);
 	}
@@ -137,6 +164,7 @@ static int MS_CALLBACK file_new(BIO *bi)
 	bi->init=0;
 	bi->num=0;
 	bi->ptr=NULL;
+	bi->flags=BIO_FLAGS_UPLINK; /* default to UPLINK */
 	return(1);
 	}
 
@@ -147,8 +175,12 @@ static int MS_CALLBACK file_free(BIO *a)
 		{
 		if ((a->init) && (a->ptr != NULL))
 			{
-			fclose((FILE *)a->ptr);
+			if (a->flags&BIO_FLAGS_UPLINK)
+				UP_fclose (a->ptr);
+			else
+				fclose (a->ptr);
 			a->ptr=NULL;
+			a->flags=BIO_FLAGS_UPLINK;
 			}
 		a->init=0;
 		}
@@ -161,8 +193,11 @@ static int MS_CALLBACK file_read(BIO *b, char *out, int outl)
 
 	if (b->init && (out != NULL))
 		{
-		ret=fread(out,1,(int)outl,(FILE *)b->ptr);
-		if(ret == 0 && ferror((FILE *)b->ptr))
+		if (b->flags&BIO_FLAGS_UPLINK)
+			ret=UP_fread(out,1,(int)outl,b->ptr);
+		else
+			ret=fread(out,1,(int)outl,(FILE *)b->ptr);
+		if(ret == 0 && (b->flags&BIO_FLAGS_UPLINK)?UP_ferror((FILE *)b->ptr):ferror((FILE *)b->ptr))
 			{
 			SYSerr(SYS_F_FREAD,get_last_sys_error());
 			BIOerr(BIO_F_FILE_READ,ERR_R_SYS_LIB);
@@ -178,7 +213,11 @@ static int MS_CALLBACK file_write(BIO *b, const char *in, int inl)
 
 	if (b->init && (in != NULL))
 		{
-		if (fwrite(in,(int)inl,1,(FILE *)b->ptr))
+		if (b->flags&BIO_FLAGS_UPLINK)
+			ret=UP_fwrite(in,(int)inl,1,b->ptr);
+		else
+			ret=fwrite(in,(int)inl,1,(FILE *)b->ptr);
+		if (ret)
 			ret=inl;
 		/* ret=fwrite(in,1,(int)inl,(FILE *)b->ptr); */
 		/* according to Tim Hudson <tjh@cryptsoft.com>, the commented
@@ -199,35 +238,59 @@ static long MS_CALLBACK file_ctrl(BIO *b, int cmd, long num, void *ptr)
 		{
 	case BIO_C_FILE_SEEK:
 	case BIO_CTRL_RESET:
-		ret=(long)fseek(fp,num,0);
+		if (b->flags&BIO_FLAGS_UPLINK)
+			ret=(long)UP_fseek(b->ptr,num,0);
+		else
+			ret=(long)fseek(fp,num,0);
 		break;
 	case BIO_CTRL_EOF:
-		ret=(long)feof(fp);
+		if (b->flags&BIO_FLAGS_UPLINK)
+			ret=(long)UP_feof(fp);
+		else
+			ret=(long)feof(fp);
 		break;
 	case BIO_C_FILE_TELL:
 	case BIO_CTRL_INFO:
-		ret=ftell(fp);
+		if (b->flags&BIO_FLAGS_UPLINK)
+			ret=UP_ftell(b->ptr);
+		else
+			ret=ftell(fp);
 		break;
 	case BIO_C_SET_FILE_PTR:
 		file_free(b);
 		b->shutdown=(int)num&BIO_CLOSE;
-		b->ptr=(char *)ptr;
+		b->ptr=ptr;
 		b->init=1;
+#if BIO_FLAGS_UPLINK!=0
+#if defined(__MINGW32__) && defined(__MSVCRT__) && !defined(_IOB_ENTRIES)
+#define _IOB_ENTRIES 20
+#endif
+#if defined(_IOB_ENTRIES)
+		/* Safety net to catch purely internal BIO_set_fp calls */
+		if ((size_t)ptr >= (size_t)stdin &&
+		    (size_t)ptr <  (size_t)(stdin+_IOB_ENTRIES))
+			BIO_clear_flags(b,BIO_FLAGS_UPLINK);
+#endif
+#endif
+#ifdef UP_fsetmode
+		if (b->flags&BIO_FLAGS_UPLINK)
+			UP_fsetmode(b->ptr,num&BIO_FP_TEXT?'t':'b');
+		else
+#endif
 		{
 #if defined(OPENSSL_SYS_WINDOWS)
-		int fd = fileno((FILE*)ptr);
+		int fd = _fileno((FILE*)ptr);
 		if (num & BIO_FP_TEXT)
 			_setmode(fd,_O_TEXT);
 		else
 			_setmode(fd,_O_BINARY);
 #elif defined(OPENSSL_SYS_NETWARE) && defined(NETWARE_CLIB)
 		int fd = fileno((FILE*)ptr);
-         /* Under CLib there are differences in file modes
-         */
+		/* Under CLib there are differences in file modes */
 		if (num & BIO_FP_TEXT)
-			_setmode(fd,O_TEXT);
+			setmode(fd,O_TEXT);
 		else
-			_setmode(fd,O_BINARY);
+			setmode(fd,O_BINARY);
 #elif defined(OPENSSL_SYS_MSDOS)
 		int fd = fileno((FILE*)ptr);
 		/* Set correct text/binary mode */
@@ -244,7 +307,7 @@ static long MS_CALLBACK file_ctrl(BIO *b, int cmd, long num, void *ptr)
 			else
 				_setmode(fd,_O_BINARY);
 			}
-#elif defined(OPENSSL_SYS_OS2)
+#elif defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_WIN32_CYGWIN)
 		int fd = fileno((FILE*)ptr);
 		if (num & BIO_FP_TEXT)
 			setmode(fd, O_TEXT);
@@ -286,7 +349,7 @@ static long MS_CALLBACK file_ctrl(BIO *b, int cmd, long num, void *ptr)
 		else
 			strcat(p,"t");
 #endif
-fp=fopen(ptr,p);
+		fp=fopen(ptr,p);
 		if (fp == NULL)
 			{
 			SYSerr(SYS_F_FOPEN,get_last_sys_error());
@@ -295,8 +358,9 @@ fp=fopen(ptr,p);
 			ret=0;
 			break;
 			}
-		b->ptr=(char *)fp;
+		b->ptr=fp;
 		b->init=1;
+		BIO_clear_flags(b,BIO_FLAGS_UPLINK); /* we did fopen -> we disengage UPLINK */
 		break;
 	case BIO_C_GET_FILE_PTR:
 		/* the ptr parameter is actually a FILE ** in this case. */
@@ -313,7 +377,10 @@ fp=fopen(ptr,p);
 		b->shutdown=(int)num;
 		break;
 	case BIO_CTRL_FLUSH:
-		fflush((FILE *)b->ptr);
+		if (b->flags&BIO_FLAGS_UPLINK)
+			UP_fflush(b->ptr);
+		else
+			fflush((FILE *)b->ptr);
 		break;
 	case BIO_CTRL_DUP:
 		ret=1;
@@ -335,9 +402,19 @@ static int MS_CALLBACK file_gets(BIO *bp, char *buf, int size)
 	int ret=0;
 
 	buf[0]='\0';
-	fgets(buf,size,(FILE *)bp->ptr);
+	if (bp->flags&BIO_FLAGS_UPLINK)
+		{
+		if (!UP_fgets(buf,size,bp->ptr))
+			goto err;
+		}
+	else
+		{
+		if (!fgets(buf,size,(FILE *)bp->ptr))
+			goto err;
+		}
 	if (buf[0] != '\0')
 		ret=strlen(buf);
+	err:
 	return(ret);
 	}
 
diff --git a/crypto/bio/bss_log.c b/crypto/bio/bss_log.c
index 5a5de26c9b..ff95d9cd60 100644
--- a/crypto/bio/bss_log.c
+++ b/crypto/bio/bss_log.c
@@ -71,7 +71,6 @@
 
 #if defined(OPENSSL_SYS_WINCE)
 #elif defined(OPENSSL_SYS_WIN32)
-#  include <process.h>
 #elif defined(OPENSSL_SYS_VMS)
 #  include <opcdef.h>
 #  include <descrip.h>
@@ -123,18 +122,6 @@ static int MS_CALLBACK slg_free(BIO *data);
 static void xopenlog(BIO* bp, char* name, int level);
 static void xsyslog(BIO* bp, int priority, const char* string);
 static void xcloselog(BIO* bp);
-#ifdef OPENSSL_SYS_WIN32
-LONG	(WINAPI *go_for_advapi)()	= RegOpenKeyEx;
-HANDLE	(WINAPI *register_event_source)()	= NULL;
-BOOL	(WINAPI *deregister_event_source)()	= NULL;
-BOOL	(WINAPI *report_event)()	= NULL;
-#define DL_PROC(m,f)	(GetProcAddress( m, f ))
-#ifdef UNICODE
-#define DL_PROC_X(m,f) DL_PROC( m, f "W" )
-#else
-#define DL_PROC_X(m,f) DL_PROC( m, f "A" )
-#endif
-#endif
 
 static BIO_METHOD methods_slg=
 	{
@@ -176,7 +163,7 @@ static int MS_CALLBACK slg_write(BIO *b, const char *in, int inl)
 	char* buf;
 	char* pp;
 	int priority, i;
-	static struct
+	static const struct
 		{
 		int strl;
 		char str[10];
@@ -250,35 +237,20 @@ static int MS_CALLBACK slg_puts(BIO *bp, const char *str)
 
 static void xopenlog(BIO* bp, char* name, int level)
 {
-	if ( !register_event_source )
-		{
-		HANDLE	advapi;
-		if ( !(advapi = GetModuleHandle("advapi32")) )
-			return;
-		register_event_source = (HANDLE (WINAPI *)())DL_PROC_X(advapi,
-			"RegisterEventSource" );
-		deregister_event_source = (BOOL (WINAPI *)())DL_PROC(advapi,
-			"DeregisterEventSource");
-		report_event = (BOOL (WINAPI *)())DL_PROC_X(advapi,
-			"ReportEvent" );
-		if ( !(register_event_source && deregister_event_source &&
-				report_event) )
-			{
-			register_event_source = NULL;
-			deregister_event_source = NULL;
-			report_event = NULL;
-			return;
-			}
-		}
-	bp->ptr= (char *)register_event_source(NULL, name);
+	if (GetVersion() < 0x80000000)
+		bp->ptr = RegisterEventSourceA(NULL,name);
+	else
+		bp->ptr = NULL;
 }
 
 static void xsyslog(BIO *bp, int priority, const char *string)
 {
 	LPCSTR lpszStrings[2];
 	WORD evtype= EVENTLOG_ERROR_TYPE;
-	int pid = _getpid();
-	char pidbuf[DECIMAL_SIZE(pid)+4];
+	char pidbuf[DECIMAL_SIZE(DWORD)+4];
+
+	if (bp->ptr == NULL)
+		return;
 
 	switch (priority)
 		{
@@ -302,19 +274,18 @@ static void xsyslog(BIO *bp, int priority, const char *string)
 		break;
 		}
 
-	sprintf(pidbuf, "[%d] ", pid);
+	sprintf(pidbuf, "[%u] ", GetCurrentProcessId());
 	lpszStrings[0] = pidbuf;
 	lpszStrings[1] = string;
 
-	if(report_event && bp->ptr)
-		report_event(bp->ptr, evtype, 0, 1024, NULL, 2, 0,
+	ReportEventA(bp->ptr, evtype, 0, 1024, NULL, 2, 0,
 				lpszStrings, NULL);
 }
 	
 static void xcloselog(BIO* bp)
 {
-	if(deregister_event_source && bp->ptr)
-		deregister_event_source((HANDLE)(bp->ptr));
+	if(bp->ptr)
+		DeregisterEventSource((HANDLE)(bp->ptr));
 	bp->ptr= NULL;
 }
 
diff --git a/crypto/bio/bss_mem.c b/crypto/bio/bss_mem.c
index a4edb711ae..37d4194e4b 100644
--- a/crypto/bio/bss_mem.c
+++ b/crypto/bio/bss_mem.c
@@ -94,16 +94,18 @@ BIO *BIO_new_mem_buf(void *buf, int len)
 {
 	BIO *ret;
 	BUF_MEM *b;
+	size_t sz;
+
 	if (!buf) {
 		BIOerr(BIO_F_BIO_NEW_MEM_BUF,BIO_R_NULL_PARAMETER);
 		return NULL;
 	}
-	if(len == -1) len = strlen(buf);
+	sz = (len<0) ? strlen(buf) : (size_t)len;
 	if(!(ret = BIO_new(BIO_s_mem())) ) return NULL;
 	b = (BUF_MEM *)ret->ptr;
 	b->data = buf;
-	b->length = len;
-	b->max = len;
+	b->length = sz;
+	b->max = sz;
 	ret->flags |= BIO_FLAGS_MEM_RDONLY;
 	/* Since this is static data retrying wont help */
 	ret->num = 0;
@@ -144,22 +146,16 @@ static int mem_read(BIO *b, char *out, int outl)
 	{
 	int ret= -1;
 	BUF_MEM *bm;
-	int i;
-	char *from,*to;
 
 	bm=(BUF_MEM *)b->ptr;
 	BIO_clear_retry_flags(b);
-	ret=(outl > bm->length)?bm->length:outl;
+	ret=(outl >=0 && (size_t)outl > bm->length)?(int)bm->length:outl;
 	if ((out != NULL) && (ret > 0)) {
 		memcpy(out,bm->data,ret);
 		bm->length-=ret;
-		/* memmove(&(bm->data[0]),&(bm->data[ret]), bm->length); */
 		if(b->flags & BIO_FLAGS_MEM_RDONLY) bm->data += ret;
 		else {
-			from=(char *)&(bm->data[ret]);
-			to=(char *)&(bm->data[0]);
-			for (i=0; i<bm->length; i++)
-				to[i]=from[i];
+			memmove(&(bm->data[0]),&(bm->data[ret]),bm->length);
 		}
 	} else if (bm->length == 0)
 		{
@@ -284,6 +280,7 @@ static int mem_gets(BIO *bp, char *buf, int size)
 
 	BIO_clear_retry_flags(bp);
 	j=bm->length;
+	if ((size-1) < j) j=size-1;
 	if (j <= 0)
 		{
 		*buf='\0';
@@ -292,17 +289,18 @@ static int mem_gets(BIO *bp, char *buf, int size)
 	p=bm->data;
 	for (i=0; i<j; i++)
 		{
-		if (p[i] == '\n') break;
-		}
-	if (i == j)
-		{
-		BIO_set_retry_read(bp);
-		/* return(-1);  change the semantics 0.6.6a */ 
+		if (p[i] == '\n')
+			{
+			i++;
+			break;
+			}
 		}
-	else
-		i++;
-	/* i is the max to copy */
-	if ((size-1) < i) i=size-1;
+
+	/*
+	 * i is now the max num of bytes to copy, either j or up to
+	 * and including the first newline
+	 */ 
+
 	i=mem_read(bp,buf,i);
 	if (i > 0) buf[i]='\0';
 	ret=i;
diff --git a/crypto/bio/bss_sock.c b/crypto/bio/bss_sock.c
index a21358bc88..9bf5b3df0b 100644
--- a/crypto/bio/bss_sock.c
+++ b/crypto/bio/bss_sock.c
@@ -61,6 +61,9 @@
 #include <errno.h>
 #define USE_SOCKETS
 #include "cryptlib.h"
+
+#ifndef OPENSSL_NO_SOCK
+
 #include <openssl/bio.h>
 
 /* The following types are required to work in a 64-bit environment on
@@ -375,3 +378,5 @@ int BIO_sock_non_fatal_error(int err)
 		}
 	return(0);
 	}
+
+#endif  /* #ifndef OPENSSL_NO_SOCK */
diff --git a/crypto/bn/.cvsignore b/crypto/bn/.cvsignore
index c6d03a9dbc..ebe4b61bb3 100644
--- a/crypto/bn/.cvsignore
+++ b/crypto/bn/.cvsignore
@@ -1,2 +1,7 @@
 lib
 Makefile.save
+*.flc
+semantic.cache
+co-*.s
+bn-*.s
+*-mont.s
diff --git a/crypto/bn/Makefile.ssl b/crypto/bn/Makefile.ssl
deleted file mode 100644
index 817bfa54cd..0000000000
--- a/crypto/bn/Makefile.ssl
+++ /dev/null
@@ -1,338 +0,0 @@
-#
-# SSLeay/crypto/bn/Makefile
-#
-
-DIR=	bn
-TOP=	../..
-CC=	cc
-CPP=    $(CC) -E
-INCLUDES= -I.. -I$(TOP) -I../../include
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-BN_ASM=		bn_asm.o
-# or use
-#BN_ASM=	bn86-elf.o
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-ASFLAGS= $(INCLUDES) $(ASFLAG)
-AFLAGS= $(ASFLAGS)
-
-GENERAL=Makefile
-TEST=bntest.c exptest.c
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=	bn_add.c bn_div.c bn_exp.c bn_lib.c bn_ctx.c bn_mul.c bn_mod.c \
-	bn_print.c bn_rand.c bn_shift.c bn_word.c bn_blind.c \
-	bn_kron.c bn_sqrt.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_asm.c \
-	bn_recp.c bn_mont.c bn_mpi.c bn_exp2.c bn_gf2m.c bn_nist.c \
-	bn_depr.c
-
-LIBOBJ=	bn_add.o bn_div.o bn_exp.o bn_lib.o bn_ctx.o bn_mul.o bn_mod.o \
-	bn_print.o bn_rand.o bn_shift.o bn_word.o bn_blind.o \
-	bn_kron.o bn_sqrt.o bn_gcd.o bn_prime.o bn_err.o bn_sqr.o $(BN_ASM) \
-	bn_recp.o bn_mont.o bn_mpi.o bn_exp2.o bn_gf2m.o bn_nist.o \
-	bn_depr.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= bn.h
-HEADER=	bn_lcl.h bn_prime.h $(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-bn_prime.h: bn_prime.pl
-	$(PERL) bn_prime.pl >bn_prime.h
-
-divtest: divtest.c ../../libcrypto.a
-	cc -I../../include divtest.c -o divtest ../../libcrypto.a
-
-bnbug: bnbug.c ../../libcrypto.a top
-	cc -g -I../../include bnbug.c -o bnbug ../../libcrypto.a
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-# ELF
-bn86-elf.s:	asm/bn-586.pl ../perlasm/x86asm.pl
-	(cd asm; $(PERL) bn-586.pl elf $(CFLAGS) > ../$@)
-co86-elf.s:	asm/co-586.pl ../perlasm/x86asm.pl
-	(cd asm; $(PERL) co-586.pl elf $(CFLAGS) > ../$@)
-# COFF
-bn86-cof.s: asm/bn-586.pl ../perlasm/x86asm.pl
-	(cd asm; $(PERL) bn-586.pl coff $(CFLAGS) > ../$@)
-co86-cof.s: asm/co-586.pl ../perlasm/x86asm.pl
-	(cd asm; $(PERL) co-586.pl coff $(CFLAGS) > ../$@)
-# a.out
-bn86-out.s: asm/bn-586.pl ../perlasm/x86asm.pl
-	(cd asm; $(PERL) bn-586.pl a.out $(CFLAGS) > ../$@)
-co86-out.s: asm/co-586.pl ../perlasm/x86asm.pl
-	(cd asm; $(PERL) co-586.pl a.out $(CFLAGS) > ../$@)
-
-sparcv8.o:	asm/sparcv8.S
-sparcv8plus.o:	asm/sparcv8plus.S
-mips3.o:	asm/mips3.s
-
-x86_64-gcc.o:	asm/x86_64-gcc.c
-
-bn-ia64.s:	asm/ia64.S
-	$(CC) $(CFLAGS) -E asm/ia64.S > $@
-
-# GNU assembler fails to compile PA-RISC2 modules, insist on calling
-# vendor assembler...
-pa-risc2W.o: asm/pa-risc2W.s
-	/usr/ccs/bin/as -o pa-risc2W.o asm/pa-risc2W.s
-pa-risc2.o: asm/pa-risc2.s
-	/usr/ccs/bin/as -o pa-risc2.o asm/pa-risc2.s
-
-# ppc - AIX, Linux, MacOS X...
-linux_ppc32.s: asm/ppc.pl;	$(PERL) $< $@
-linux_ppc64.s: asm/ppc.pl;	$(PERL) $< $@
-aix_ppc32.s: asm/ppc.pl;	$(PERL) asm/ppc.pl $@
-aix_ppc64.s: asm/ppc.pl;	$(PERL) asm/ppc.pl $@
-osx_ppc32.s: asm/ppc.pl;	$(PERL) $< $@
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@sh $(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-exptest:
-	rm -f exptest
-	gcc -I../../include -g2 -ggdb -o exptest exptest.c ../../libcrypto.a
-
-div:
-	rm -f a.out
-	gcc -I.. -g div.c ../../libcrypto.a
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-bn_add.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_add.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_add.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_add.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_add.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_add.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_add.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_add.c bn_lcl.h
-bn_asm.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_asm.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_asm.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_asm.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_asm.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_asm.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_asm.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_asm.c bn_lcl.h
-bn_blind.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_blind.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_blind.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_blind.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_blind.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_blind.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_blind.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_blind.c bn_lcl.h
-bn_ctx.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_ctx.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_ctx.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_ctx.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_ctx.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_ctx.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_ctx.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_ctx.c bn_lcl.h
-bn_depr.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_depr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_depr.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_depr.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_depr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_depr.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
-bn_depr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bn_depr.o: ../cryptlib.h bn_depr.c bn_lcl.h
-bn_div.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_div.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_div.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_div.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_div.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_div.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_div.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_div.c bn_lcl.h
-bn_err.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-bn_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-bn_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-bn_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-bn_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bn_err.o: bn_err.c
-bn_exp.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_exp.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_exp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_exp.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_exp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_exp.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_exp.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_exp.c bn_lcl.h
-bn_exp2.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_exp2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_exp2.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_exp2.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_exp2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_exp2.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_exp2.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_exp2.c bn_lcl.h
-bn_gcd.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_gcd.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_gcd.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_gcd.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_gcd.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_gcd.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_gcd.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_gcd.c bn_lcl.h
-bn_gf2m.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_gf2m.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_gf2m.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_gf2m.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_gf2m.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_gf2m.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_gf2m.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_gf2m.c bn_lcl.h
-bn_kron.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_kron.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_kron.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_kron.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_kron.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_kron.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_kron.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_kron.c bn_lcl.h
-bn_lib.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_lib.c
-bn_mod.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_mod.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_mod.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_mod.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_mod.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_mod.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_mod.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_mod.c
-bn_mont.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_mont.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_mont.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_mont.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_mont.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_mont.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_mont.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_mont.c
-bn_mpi.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_mpi.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_mpi.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_mpi.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_mpi.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_mpi.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_mpi.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_mpi.c
-bn_mul.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_mul.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_mul.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_mul.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_mul.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_mul.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_mul.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_mul.c
-bn_nist.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_nist.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_nist.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_nist.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_nist.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_nist.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_nist.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_nist.c
-bn_prime.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_prime.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_prime.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_prime.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_prime.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_prime.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
-bn_prime.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bn_prime.o: ../cryptlib.h bn_lcl.h bn_prime.c bn_prime.h
-bn_print.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_print.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_print.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_print.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_print.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_print.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_print.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_print.c
-bn_rand.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_rand.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_rand.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_rand.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_rand.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_rand.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
-bn_rand.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bn_rand.o: ../cryptlib.h bn_lcl.h bn_rand.c
-bn_recp.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_recp.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_recp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_recp.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_recp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_recp.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_recp.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_recp.c
-bn_shift.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_shift.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_shift.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_shift.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_shift.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_shift.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_shift.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_shift.c
-bn_sqr.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_sqr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_sqr.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_sqr.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_sqr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_sqr.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_sqr.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_sqr.c
-bn_sqrt.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_sqrt.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_sqrt.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_sqrt.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_sqrt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_sqrt.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_sqrt.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_sqrt.c
-bn_word.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-bn_word.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bn_word.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bn_word.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-bn_word.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bn_word.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_word.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_word.c
diff --git a/crypto/bn/asm/.cvsignore b/crypto/bn/asm/.cvsignore
index 671eb02019..26475028f5 100644
--- a/crypto/bn/asm/.cvsignore
+++ b/crypto/bn/asm/.cvsignore
@@ -2,3 +2,5 @@ bn86unix.cpp
 co86unix.cpp
 bn86-elf.s
 co86-elf.s
+*.flc
+semantic.cache
diff --git a/crypto/bn/asm/alpha-mont.pl b/crypto/bn/asm/alpha-mont.pl
new file mode 100644
index 0000000000..7a2cc3173b
--- /dev/null
+++ b/crypto/bn/asm/alpha-mont.pl
@@ -0,0 +1,317 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+#
+# On 21264 RSA sign performance improves by 70/35/20/15 percent for
+# 512/1024/2048/4096 bit key lengths. This is against vendor compiler
+# instructed to '-tune host' code with in-line assembler. Other
+# benchmarks improve by 15-20%. To anchor it to something else, the
+# code provides approximately the same performance per GHz as AMD64.
+# I.e. if you compare 1GHz 21264 and 2GHz Opteron, you'll observe ~2x
+# difference.
+
+# int bn_mul_mont(
+$rp="a0";	# BN_ULONG *rp,
+$ap="a1";	# const BN_ULONG *ap,
+$bp="a2";	# const BN_ULONG *bp,
+$np="a3";	# const BN_ULONG *np,
+$n0="a4";	# const BN_ULONG *n0,
+$num="a5";	# int num);
+
+$lo0="t0";
+$hi0="t1";
+$lo1="t2";
+$hi1="t3";
+$aj="t4";
+$bi="t5";
+$nj="t6";
+$tp="t7";
+$alo="t8";
+$ahi="t9";
+$nlo="t10";
+$nhi="t11";
+$tj="t12";
+$i="s3";
+$j="s4";
+$m1="s5";
+
+$code=<<___;
+#include <asm.h>
+#include <regdef.h>
+
+.text
+
+.set	noat
+.set	noreorder
+
+.globl	bn_mul_mont
+.align	5
+.ent	bn_mul_mont
+bn_mul_mont:
+	lda	sp,-40(sp)
+	stq	ra,0(sp)
+	stq	s3,8(sp)
+	stq	s4,16(sp)
+	stq	s5,24(sp)
+	stq	fp,32(sp)
+	mov	sp,fp
+	.mask	0x0400f000,-40
+	.frame	fp,40,ra
+	.prologue 0
+
+	.align	4
+	.set	reorder
+	sextl	$num,$num
+	mov	0,v0
+	cmplt	$num,4,AT
+	bne	AT,.Lexit
+
+	ldq	$hi0,0($ap)	# ap[0]
+	s8addq	$num,16,AT
+	ldq	$aj,8($ap)
+	subq	sp,AT,sp
+	ldq	$bi,0($bp)	# bp[0]
+	mov	-4096,AT
+	ldq	$n0,0($n0)
+	and	sp,AT,sp
+
+	mulq	$hi0,$bi,$lo0
+	ldq	$hi1,0($np)	# np[0]
+	umulh	$hi0,$bi,$hi0
+	ldq	$nj,8($np)
+
+	mulq	$lo0,$n0,$m1
+
+	mulq	$hi1,$m1,$lo1
+	umulh	$hi1,$m1,$hi1
+
+	addq	$lo1,$lo0,$lo1
+	cmpult	$lo1,$lo0,AT
+	addq	$hi1,AT,$hi1
+
+	mulq	$aj,$bi,$alo
+	mov	2,$j
+	umulh	$aj,$bi,$ahi
+	mov	sp,$tp
+
+	mulq	$nj,$m1,$nlo
+	s8addq	$j,$ap,$aj
+	umulh	$nj,$m1,$nhi
+	s8addq	$j,$np,$nj
+.align	4
+.L1st:
+	.set	noreorder
+	ldq	$aj,($aj)
+	addl	$j,1,$j
+	ldq	$nj,($nj)
+	lda	$tp,8($tp)
+
+	addq	$alo,$hi0,$lo0
+	mulq	$aj,$bi,$alo
+	cmpult	$lo0,$hi0,AT
+	addq	$nlo,$hi1,$lo1
+
+	mulq	$nj,$m1,$nlo
+	addq	$ahi,AT,$hi0
+	cmpult	$lo1,$hi1,v0
+	cmplt	$j,$num,$tj
+
+	umulh	$aj,$bi,$ahi
+	addq	$nhi,v0,$hi1
+	addq	$lo1,$lo0,$lo1
+	s8addq	$j,$ap,$aj
+
+	umulh	$nj,$m1,$nhi
+	cmpult	$lo1,$lo0,v0
+	addq	$hi1,v0,$hi1
+	s8addq	$j,$np,$nj
+
+	stq	$lo1,-8($tp)
+	nop
+	unop
+	bne	$tj,.L1st
+	.set	reorder
+
+	addq	$alo,$hi0,$lo0
+	addq	$nlo,$hi1,$lo1
+	cmpult	$lo0,$hi0,AT
+	cmpult	$lo1,$hi1,v0
+	addq	$ahi,AT,$hi0
+	addq	$nhi,v0,$hi1
+
+	addq	$lo1,$lo0,$lo1
+	cmpult	$lo1,$lo0,v0
+	addq	$hi1,v0,$hi1
+
+	stq	$lo1,0($tp)
+
+	addq	$hi1,$hi0,$hi1
+	cmpult	$hi1,$hi0,AT
+	stq	$hi1,8($tp)
+	stq	AT,16($tp)
+
+	mov	1,$i
+.align	4
+.Louter:
+	s8addq	$i,$bp,$bi
+	ldq	$hi0,($ap)
+	ldq	$aj,8($ap)
+	ldq	$bi,($bi)
+	ldq	$hi1,($np)
+	ldq	$nj,8($np)
+	ldq	$tj,(sp)
+
+	mulq	$hi0,$bi,$lo0
+	umulh	$hi0,$bi,$hi0
+
+	addq	$lo0,$tj,$lo0
+	cmpult	$lo0,$tj,AT
+	addq	$hi0,AT,$hi0
+
+	mulq	$lo0,$n0,$m1
+
+	mulq	$hi1,$m1,$lo1
+	umulh	$hi1,$m1,$hi1
+
+	addq	$lo1,$lo0,$lo1
+	cmpult	$lo1,$lo0,AT
+	mov	2,$j
+	addq	$hi1,AT,$hi1
+
+	mulq	$aj,$bi,$alo
+	mov	sp,$tp
+	umulh	$aj,$bi,$ahi
+
+	mulq	$nj,$m1,$nlo
+	s8addq	$j,$ap,$aj
+	umulh	$nj,$m1,$nhi
+.align	4
+.Linner:
+	.set	noreorder
+	ldq	$tj,8($tp)	#L0
+	nop			#U1
+	ldq	$aj,($aj)	#L1
+	s8addq	$j,$np,$nj	#U0
+
+	ldq	$nj,($nj)	#L0
+	nop			#U1
+	addq	$alo,$hi0,$lo0	#L1
+	lda	$tp,8($tp)
+
+	mulq	$aj,$bi,$alo	#U1
+	cmpult	$lo0,$hi0,AT	#L0
+	addq	$nlo,$hi1,$lo1	#L1
+	addl	$j,1,$j
+
+	mulq	$nj,$m1,$nlo	#U1
+	addq	$ahi,AT,$hi0	#L0
+	addq	$lo0,$tj,$lo0	#L1
+	cmpult	$lo1,$hi1,v0	#U0
+
+	umulh	$aj,$bi,$ahi	#U1
+	cmpult	$lo0,$tj,AT	#L0
+	addq	$lo1,$lo0,$lo1	#L1
+	addq	$nhi,v0,$hi1	#U0
+
+	umulh	$nj,$m1,$nhi	#U1
+	s8addq	$j,$ap,$aj	#L0
+	cmpult	$lo1,$lo0,v0	#L1
+	cmplt	$j,$num,$tj	#U0	# borrow $tj
+
+	addq	$hi0,AT,$hi0	#L0
+	addq	$hi1,v0,$hi1	#U1
+	stq	$lo1,-8($tp)	#L1
+	bne	$tj,.Linner	#U0
+	.set	reorder
+
+	ldq	$tj,8($tp)
+	addq	$alo,$hi0,$lo0
+	addq	$nlo,$hi1,$lo1
+	cmpult	$lo0,$hi0,AT
+	cmpult	$lo1,$hi1,v0
+	addq	$ahi,AT,$hi0
+	addq	$nhi,v0,$hi1
+
+	addq	$lo0,$tj,$lo0
+	cmpult	$lo0,$tj,AT
+	addq	$hi0,AT,$hi0
+
+	ldq	$tj,16($tp)
+	addq	$lo1,$lo0,$j
+	cmpult	$j,$lo0,v0
+	addq	$hi1,v0,$hi1
+
+	addq	$hi1,$hi0,$lo1
+	stq	$j,($tp)
+	cmpult	$lo1,$hi0,$hi1
+	addq	$lo1,$tj,$lo1
+	cmpult	$lo1,$tj,AT
+	addl	$i,1,$i
+	addq	$hi1,AT,$hi1
+	stq	$lo1,8($tp)
+	cmplt	$i,$num,$tj	# borrow $tj
+	stq	$hi1,16($tp)
+	bne	$tj,.Louter
+
+	s8addq	$num,sp,$tj	# &tp[num]
+	mov	$rp,$bp		# put rp aside
+	mov	sp,$tp
+	mov	sp,$ap
+	mov	0,$hi0		# clear borrow bit
+
+.align	4
+.Lsub:	ldq	$lo0,($tp)
+	ldq	$lo1,($np)
+	lda	$tp,8($tp)
+	lda	$np,8($np)
+	subq	$lo0,$lo1,$lo1	# tp[i]-np[i]
+	cmpult	$lo0,$lo1,AT
+	subq	$lo1,$hi0,$lo0
+	cmpult	$lo1,$lo0,$hi0
+	or	$hi0,AT,$hi0
+	stq	$lo0,($rp)
+	cmpult	$tp,$tj,v0
+	lda	$rp,8($rp)
+	bne	v0,.Lsub
+
+	subq	$hi1,$hi0,$hi0	# handle upmost overflow bit
+	mov	sp,$tp
+	mov	$bp,$rp		# restore rp
+
+	and	sp,$hi0,$ap
+	bic	$bp,$hi0,$bp
+	bis	$bp,$ap,$ap	# ap=borrow?tp:rp
+
+.align	4
+.Lcopy:	ldq	$aj,($ap)	# copy or in-place refresh
+	lda	$tp,8($tp)
+	lda	$rp,8($rp)
+	lda	$ap,8($ap)
+	stq	zero,-8($tp)	# zap tp
+	cmpult	$tp,$tj,AT
+	stq	$aj,-8($rp)
+	bne	AT,.Lcopy
+	mov	1,v0
+
+.Lexit:
+	.set	noreorder
+	mov	fp,sp
+	/*ldq	ra,0(sp)*/
+	ldq	s3,8(sp)
+	ldq	s4,16(sp)
+	ldq	s5,24(sp)
+	ldq	fp,32(sp)
+	lda	sp,40(sp)
+	ret	(ra)
+.end	bn_mul_mont
+.rdata
+.asciiz	"Montgomery Multiplication for Alpha, CRYPTOGAMS by <appro\@openssl.org>"
+___
+
+print $code;
+close STDOUT;
diff --git a/crypto/bn/asm/armv4-mont.pl b/crypto/bn/asm/armv4-mont.pl
new file mode 100644
index 0000000000..05d5dc1a48
--- /dev/null
+++ b/crypto/bn/asm/armv4-mont.pl
@@ -0,0 +1,200 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# January 2007.
+
+# Montgomery multiplication for ARMv4.
+#
+# Performance improvement naturally varies among CPU implementations
+# and compilers. The code was observed to provide +65-35% improvement
+# [depending on key length, less for longer keys] on ARM920T, and
+# +115-80% on Intel IXP425. This is compared to pre-bn_mul_mont code
+# base and compiler generated code with in-lined umull and even umlal
+# instructions. The latter means that this code didn't really have an 
+# "advantage" of utilizing some "secret" instruction.
+#
+# The code is interoperable with Thumb ISA and is rather compact, less
+# than 1/2KB. Windows CE port would be trivial, as it's exclusively
+# about decorations, ABI and instruction syntax are identical.
+
+$num="r0";	# starts as num argument, but holds &tp[num-1]
+$ap="r1";
+$bp="r2"; $bi="r2"; $rp="r2";
+$np="r3";
+$tp="r4";
+$aj="r5";
+$nj="r6";
+$tj="r7";
+$n0="r8";
+###########	# r9 is reserved by ELF as platform specific, e.g. TLS pointer
+$alo="r10";	# sl, gcc uses it to keep @GOT
+$ahi="r11";	# fp
+$nlo="r12";	# ip
+###########	# r13 is stack pointer
+$nhi="r14";	# lr
+###########	# r15 is program counter
+
+#### argument block layout relative to &tp[num-1], a.k.a. $num
+$_rp="$num,#12*4";
+# ap permanently resides in r1
+$_bp="$num,#13*4";
+# np permanently resides in r3
+$_n0="$num,#14*4";
+$_num="$num,#15*4";	$_bpend=$_num;
+
+$code=<<___;
+.text
+
+.global	bn_mul_mont
+.type	bn_mul_mont,%function
+
+.align	2
+bn_mul_mont:
+	stmdb	sp!,{r0,r2}		@ sp points at argument block
+	ldr	$num,[sp,#3*4]		@ load num
+	cmp	$num,#2
+	movlt	r0,#0
+	addlt	sp,sp,#2*4
+	blt	.Labrt
+
+	stmdb	sp!,{r4-r12,lr}		@ save 10 registers
+
+	mov	$num,$num,lsl#2		@ rescale $num for byte count
+	sub	sp,sp,$num		@ alloca(4*num)
+	sub	sp,sp,#4		@ +extra dword
+	sub	$num,$num,#4		@ "num=num-1"
+	add	$tp,$bp,$num		@ &bp[num-1]
+
+	add	$num,sp,$num		@ $num to point at &tp[num-1]
+	ldr	$n0,[$_n0]		@ &n0
+	ldr	$bi,[$bp]		@ bp[0]
+	ldr	$aj,[$ap],#4		@ ap[0],ap++
+	ldr	$nj,[$np],#4		@ np[0],np++
+	ldr	$n0,[$n0]		@ *n0
+	str	$tp,[$_bpend]		@ save &bp[num]
+
+	umull	$alo,$ahi,$aj,$bi	@ ap[0]*bp[0]
+	str	$n0,[$_n0]		@ save n0 value
+	mul	$n0,$alo,$n0		@ "tp[0]"*n0
+	mov	$nlo,#0
+	umlal	$alo,$nlo,$nj,$n0	@ np[0]*n0+"t[0]"
+	mov	$tp,sp
+
+.L1st:
+	ldr	$aj,[$ap],#4		@ ap[j],ap++
+	mov	$alo,$ahi
+	mov	$ahi,#0
+	umlal	$alo,$ahi,$aj,$bi	@ ap[j]*bp[0]
+	ldr	$nj,[$np],#4		@ np[j],np++
+	mov	$nhi,#0
+	umlal	$nlo,$nhi,$nj,$n0	@ np[j]*n0
+	adds	$nlo,$nlo,$alo
+	str	$nlo,[$tp],#4		@ tp[j-1]=,tp++
+	adc	$nlo,$nhi,#0
+	cmp	$tp,$num
+	bne	.L1st
+
+	adds	$nlo,$nlo,$ahi
+	mov	$nhi,#0
+	adc	$nhi,$nhi,#0
+	ldr	$tp,[$_bp]		@ restore bp
+	str	$nlo,[$num]		@ tp[num-1]=
+	ldr	$n0,[$_n0]		@ restore n0
+	str	$nhi,[$num,#4]		@ tp[num]=
+
+.Louter:
+	sub	$tj,$num,sp		@ "original" $num-1 value
+	sub	$ap,$ap,$tj		@ "rewind" ap to &ap[1]
+	sub	$np,$np,$tj		@ "rewind" np to &np[1]
+	ldr	$bi,[$tp,#4]!		@ *(++bp)
+	ldr	$aj,[$ap,#-4]		@ ap[0]
+	ldr	$nj,[$np,#-4]		@ np[0]
+	ldr	$alo,[sp]		@ tp[0]
+	ldr	$tj,[sp,#4]		@ tp[1]
+
+	mov	$ahi,#0
+	umlal	$alo,$ahi,$aj,$bi	@ ap[0]*bp[i]+tp[0]
+	str	$tp,[$_bp]		@ save bp
+	mul	$n0,$alo,$n0
+	mov	$nlo,#0
+	umlal	$alo,$nlo,$nj,$n0	@ np[0]*n0+"tp[0]"
+	mov	$tp,sp
+
+.Linner:
+	ldr	$aj,[$ap],#4		@ ap[j],ap++
+	adds	$alo,$ahi,$tj		@ +=tp[j]
+	mov	$ahi,#0
+	umlal	$alo,$ahi,$aj,$bi	@ ap[j]*bp[i]
+	ldr	$nj,[$np],#4		@ np[j],np++
+	mov	$nhi,#0
+	umlal	$nlo,$nhi,$nj,$n0	@ np[j]*n0
+	ldr	$tj,[$tp,#8]		@ tp[j+1]
+	adc	$ahi,$ahi,#0
+	adds	$nlo,$nlo,$alo
+	str	$nlo,[$tp],#4		@ tp[j-1]=,tp++
+	adc	$nlo,$nhi,#0
+	cmp	$tp,$num
+	bne	.Linner
+
+	adds	$nlo,$nlo,$ahi
+	mov	$nhi,#0
+	adc	$nhi,$nhi,#0
+	adds	$nlo,$nlo,$tj
+	adc	$nhi,$nhi,#0
+	ldr	$tp,[$_bp]		@ restore bp
+	ldr	$tj,[$_bpend]		@ restore &bp[num]
+	str	$nlo,[$num]		@ tp[num-1]=
+	ldr	$n0,[$_n0]		@ restore n0
+	str	$nhi,[$num,#4]		@ tp[num]=
+
+	cmp	$tp,$tj
+	bne	.Louter
+
+	ldr	$rp,[$_rp]		@ pull rp
+	add	$num,$num,#4		@ $num to point at &tp[num]
+	sub	$aj,$num,sp		@ "original" num value
+	mov	$tp,sp			@ "rewind" $tp
+	mov	$ap,$tp			@ "borrow" $ap
+	sub	$np,$np,$aj		@ "rewind" $np to &np[0]
+
+	subs	$tj,$tj,$tj		@ "clear" carry flag
+.Lsub:	ldr	$tj,[$tp],#4
+	ldr	$nj,[$np],#4
+	sbcs	$tj,$tj,$nj		@ tp[j]-np[j]
+	str	$tj,[$rp],#4		@ rp[j]=
+	teq	$tp,$num		@ preserve carry
+	bne	.Lsub
+	sbcs	$nhi,$nhi,#0		@ upmost carry
+	mov	$tp,sp			@ "rewind" $tp
+	sub	$rp,$rp,$aj		@ "rewind" $rp
+
+	and	$ap,$tp,$nhi
+	bic	$np,$rp,$nhi
+	orr	$ap,$ap,$np		@ ap=borrow?tp:rp
+
+.Lcopy:	ldr	$tj,[$ap],#4		@ copy or in-place refresh
+	str	sp,[$tp],#4		@ zap tp
+	str	$tj,[$rp],#4
+	cmp	$tp,$num
+	bne	.Lcopy
+
+	add	sp,$num,#4		@ skip over tp[num+1]
+	ldmia	sp!,{r4-r12,lr}		@ restore registers
+	add	sp,sp,#2*4		@ skip over {r0,r2}
+	mov	r0,#1
+.Labrt:	tst	lr,#1
+	moveq	pc,lr			@ be binary compatible with V4, yet
+	bx	lr			@ interoperable with Thumb ISA:-)
+.size	bn_mul_mont,.-bn_mul_mont
+.asciz	"Montgomery multiplication for ARMv4, CRYPTOGAMS by <appro\@openssl.org>"
+___
+
+$code =~ s/\bbx\s+lr\b/.word\t0xe12fff1e/gm;	# make it possible to compile with -march=armv4
+print $code;
+close STDOUT;
diff --git a/crypto/bn/asm/bn-586.pl b/crypto/bn/asm/bn-586.pl
index 26c2685a72..332ef3e91d 100644
--- a/crypto/bn/asm/bn-586.pl
+++ b/crypto/bn/asm/bn-586.pl
@@ -1,6 +1,7 @@
 #!/usr/local/bin/perl
 
-push(@INC,"perlasm","../../perlasm");
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+push(@INC,"${dir}","${dir}../../perlasm");
 require "x86asm.pl";
 
 &asm_init($ARGV[0],$0);
@@ -24,38 +25,25 @@ sub bn_mul_add_words
 	{
 	local($name)=@_;
 
-	&function_begin($name,$sse2?"EXTRN\t_OPENSSL_ia32cap_P:DWORD":"");
+	&function_begin_B($name,$sse2?"EXTRN\t_OPENSSL_ia32cap_P:DWORD":"");
 
-	&comment("");
-	$Low="eax";
-	$High="edx";
-	$a="ebx";
-	$w="ebp";
-	$r="edi";
-	$c="esi";
-
-	&xor($c,$c);		# clear carry
-	&mov($r,&wparam(0));	#
-
-	&mov("ecx",&wparam(2));	#
-	&mov($a,&wparam(1));	#
-
-	&and("ecx",0xfffffff8);	# num / 8
-	&mov($w,&wparam(3));	#
-
-	&push("ecx");		# Up the stack for a tmp variable
-
-	&jz(&label("maw_finish"));
+	$r="eax";
+	$a="edx";
+	$c="ecx";
 
 	if ($sse2) {
 		&picmeup("eax","OPENSSL_ia32cap_P");
 		&bt(&DWP(0,"eax"),26);
-		&jnc(&label("maw_loop"));
+		&jnc(&label("maw_non_sse2"));
 
-		&movd("mm0",$w);		# mm0 = w
+		&mov($r,&wparam(0));
+		&mov($a,&wparam(1));
+		&mov($c,&wparam(2));
+		&movd("mm0",&wparam(3));	# mm0 = w
 		&pxor("mm1","mm1");		# mm1 = carry_in
-
-		&set_label("maw_sse2_loop",0);
+		&jmp(&label("maw_sse2_entry"));
+		
+	&set_label("maw_sse2_unrolled",16);
 		&movd("mm3",&DWP(0,$r,"",0));	# mm3 = r[0]
 		&paddq("mm1","mm3");		# mm1 = carry_in + r[0]
 		&movd("mm2",&DWP(0,$a,"",0));	# mm2 = a[0]
@@ -112,42 +100,82 @@ sub bn_mul_add_words
 		&psrlq("mm1",32);		# mm1 = carry6
 		&paddq("mm1","mm3");		# mm1 = carry6 + r[7] + w*a[7]
 		&movd(&DWP(28,$r,"",0),"mm1");
-		&add($r,32);
+		&lea($r,&DWP(32,$r));
 		&psrlq("mm1",32);		# mm1 = carry_out
 
-		&sub("ecx",8);
+		&sub($c,8);
+		&jz(&label("maw_sse2_exit"));
+	&set_label("maw_sse2_entry");
+		&test($c,0xfffffff8);
+		&jnz(&label("maw_sse2_unrolled"));
+
+	&set_label("maw_sse2_loop",4);
+		&movd("mm2",&DWP(0,$a));	# mm2 = a[i]
+		&movd("mm3",&DWP(0,$r));	# mm3 = r[i]
+		&pmuludq("mm2","mm0");		# a[i] *= w
+		&lea($a,&DWP(4,$a));
+		&paddq("mm1","mm3");		# carry += r[i]
+		&paddq("mm1","mm2");		# carry += a[i]*w
+		&movd(&DWP(0,$r),"mm1");	# r[i] = carry_low
+		&sub($c,1);
+		&psrlq("mm1",32);		# carry = carry_high
+		&lea($r,&DWP(4,$r));
 		&jnz(&label("maw_sse2_loop"));
-
-		&movd($c,"mm1");		# c = carry_out
+	&set_label("maw_sse2_exit");
+		&movd("eax","mm1");		# c = carry_out
 		&emms();
+		&ret();
 
-		&jmp(&label("maw_finish"));
+	&set_label("maw_non_sse2",16);
 	}
 
-	&set_label("maw_loop",0);
+	# function_begin prologue
+	&push("ebp");
+	&push("ebx");
+	&push("esi");
+	&push("edi");
+
+	&comment("");
+	$Low="eax";
+	$High="edx";
+	$a="ebx";
+	$w="ebp";
+	$r="edi";
+	$c="esi";
+
+	&xor($c,$c);		# clear carry
+	&mov($r,&wparam(0));	#
+
+	&mov("ecx",&wparam(2));	#
+	&mov($a,&wparam(1));	#
+
+	&and("ecx",0xfffffff8);	# num / 8
+	&mov($w,&wparam(3));	#
 
-	&mov(&swtmp(0),"ecx");	#
+	&push("ecx");		# Up the stack for a tmp variable
+
+	&jz(&label("maw_finish"));
+
+	&set_label("maw_loop",16);
 
 	for ($i=0; $i<32; $i+=4)
 		{
 		&comment("Round $i");
 
-		 &mov("eax",&DWP($i,$a,"",0)); 	# *a
+		 &mov("eax",&DWP($i,$a)); 	# *a
 		&mul($w);			# *a * w
-		&add("eax",$c);		# L(t)+= *r
-		 &mov($c,&DWP($i,$r,"",0));	# L(t)+= *r
+		&add("eax",$c);			# L(t)+= c
 		&adc("edx",0);			# H(t)+=carry
-		 &add("eax",$c);		# L(t)+=c
+		 &add("eax",&DWP($i,$r));	# L(t)+= *r
 		&adc("edx",0);			# H(t)+=carry
-		 &mov(&DWP($i,$r,"",0),"eax");	# *r= L(t);
+		 &mov(&DWP($i,$r),"eax");	# *r= L(t);
 		&mov($c,"edx");			# c=  H(t);
 		}
 
 	&comment("");
-	&mov("ecx",&swtmp(0));	#
-	&add($a,32);
-	&add($r,32);
 	&sub("ecx",8);
+	&lea($a,&DWP(32,$a));
+	&lea($r,&DWP(32,$r));
 	&jnz(&label("maw_loop"));
 
 	&set_label("maw_finish",0);
@@ -160,16 +188,15 @@ sub bn_mul_add_words
 	for ($i=0; $i<7; $i++)
 		{
 		&comment("Tail Round $i");
-		 &mov("eax",&DWP($i*4,$a,"",0));# *a
+		 &mov("eax",&DWP($i*4,$a));	# *a
 		&mul($w);			# *a * w
 		&add("eax",$c);			# L(t)+=c
-		 &mov($c,&DWP($i*4,$r,"",0));	# L(t)+= *r
 		&adc("edx",0);			# H(t)+=carry
-		 &add("eax",$c);
+		 &add("eax",&DWP($i*4,$r));	# L(t)+= *r
 		&adc("edx",0);			# H(t)+=carry
 		 &dec("ecx") if ($i != 7-1);
-		&mov(&DWP($i*4,$r,"",0),"eax");	# *r= L(t);
-		 &mov($c,"edx");			# c=  H(t);
+		&mov(&DWP($i*4,$r),"eax");	# *r= L(t);
+		 &mov($c,"edx");		# c=  H(t);
 		&jz(&label("maw_end")) if ($i != 7-1);
 		}
 	&set_label("maw_end",0);
@@ -184,7 +211,45 @@ sub bn_mul_words
 	{
 	local($name)=@_;
 
-	&function_begin($name,"");
+	&function_begin_B($name,$sse2?"EXTRN\t_OPENSSL_ia32cap_P:DWORD":"");
+
+	$r="eax";
+	$a="edx";
+	$c="ecx";
+
+	if ($sse2) {
+		&picmeup("eax","OPENSSL_ia32cap_P");
+		&bt(&DWP(0,"eax"),26);
+		&jnc(&label("mw_non_sse2"));
+
+		&mov($r,&wparam(0));
+		&mov($a,&wparam(1));
+		&mov($c,&wparam(2));
+		&movd("mm0",&wparam(3));	# mm0 = w
+		&pxor("mm1","mm1");		# mm1 = carry = 0
+
+	&set_label("mw_sse2_loop",16);
+		&movd("mm2",&DWP(0,$a));	# mm2 = a[i]
+		&pmuludq("mm2","mm0");		# a[i] *= w
+		&lea($a,&DWP(4,$a));
+		&paddq("mm1","mm2");		# carry += a[i]*w
+		&movd(&DWP(0,$r),"mm1");	# r[i] = carry_low
+		&sub($c,1);
+		&psrlq("mm1",32);		# carry = carry_high
+		&lea($r,&DWP(4,$r));
+		&jnz(&label("mw_sse2_loop"));
+
+		&movd("eax","mm1");		# return carry
+		&emms();
+		&ret();
+	&set_label("mw_non_sse2",16);
+	}
+
+	# function_begin prologue
+	&push("ebp");
+	&push("ebx");
+	&push("esi");
+	&push("edi");
 
 	&comment("");
 	$Low="eax";
@@ -257,7 +322,40 @@ sub bn_sqr_words
 	{
 	local($name)=@_;
 
-	&function_begin($name,"");
+	&function_begin_B($name,$sse2?"EXTRN\t_OPENSSL_ia32cap_P:DWORD":"");
+
+	$r="eax";
+	$a="edx";
+	$c="ecx";
+
+	if ($sse2) {
+		&picmeup("eax","OPENSSL_ia32cap_P");
+		&bt(&DWP(0,"eax"),26);
+		&jnc(&label("sqr_non_sse2"));
+
+		&mov($r,&wparam(0));
+		&mov($a,&wparam(1));
+		&mov($c,&wparam(2));
+
+	&set_label("sqr_sse2_loop",16);
+		&movd("mm0",&DWP(0,$a));	# mm0 = a[i]
+		&pmuludq("mm0","mm0");		# a[i] *= a[i]
+		&lea($a,&DWP(4,$a));		# a++
+		&movq(&QWP(0,$r),"mm0");	# r[i] = a[i]*a[i]
+		&sub($c,1);
+		&lea($r,&DWP(8,$r));		# r += 2
+		&jnz(&label("sqr_sse2_loop"));
+
+		&emms();
+		&ret();
+	&set_label("sqr_non_sse2",16);
+	}
+
+	# function_begin prologue
+	&push("ebp");
+	&push("ebx");
+	&push("esi");
+	&push("edi");
 
 	&comment("");
 	$r="esi";
@@ -313,12 +411,13 @@ sub bn_div_words
 	{
 	local($name)=@_;
 
-	&function_begin($name,"");
+	&function_begin_B($name,"");
 	&mov("edx",&wparam(0));	#
 	&mov("eax",&wparam(1));	#
-	&mov("ebx",&wparam(2));	#
-	&div("ebx");
-	&function_end($name);
+	&mov("ecx",&wparam(2));	#
+	&div("ecx");
+	&ret();
+	&function_end_B($name);
 	}
 
 sub bn_add_words
diff --git a/crypto/bn/asm/co-586.pl b/crypto/bn/asm/co-586.pl
index 5d962cb957..57101a6bd7 100644
--- a/crypto/bn/asm/co-586.pl
+++ b/crypto/bn/asm/co-586.pl
@@ -1,6 +1,7 @@
 #!/usr/local/bin/perl
 
-push(@INC,"perlasm","../../perlasm");
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+push(@INC,"${dir}","${dir}../../perlasm");
 require "x86asm.pl";
 
 &asm_init($ARGV[0],$0);
diff --git a/crypto/bn/asm/ia64-mont.pl b/crypto/bn/asm/ia64-mont.pl
new file mode 100644
index 0000000000..af903a2bf8
--- /dev/null
+++ b/crypto/bn/asm/ia64-mont.pl
@@ -0,0 +1,764 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# January 2010
+#
+# "Teaser" Montgomery multiplication module for IA-64. There are
+# several possibilities for improvement:
+#
+# - modulo-scheduling outer loop would eliminate quite a number of
+#   stalls after ldf8, xma and getf.sig outside inner loop and
+#   improve shorter key performance;
+# - shorter vector support [with input vectors being fetched only
+#   once] should be added;
+# - 2x unroll with help of n0[1] would make the code scalable on
+#   "wider" IA-64, "wider" than Itanium 2 that is, which is not of
+#   acute interest, because upcoming Tukwila's individual cores are
+#   reportedly based on Itanium 2 design;
+# - dedicated squaring procedure(?);
+#
+# January 2010
+#
+# Shorter vector support is implemented by zero-padding ap and np
+# vectors up to 8 elements, or 512 bits. This means that 256-bit
+# inputs will be processed only 2 times faster than 512-bit inputs,
+# not 4 [as one would expect, because algorithm complexity is n^2].
+# The reason for padding is that inputs shorter than 512 bits won't
+# be processed faster anyway, because minimal critical path of the
+# core loop happens to match 512-bit timing. Either way, it resulted
+# in >100% improvement of 512-bit RSA sign benchmark and 50% - of
+# 1024-bit one [in comparison to original version of *this* module].
+#
+# So far 'openssl speed rsa dsa' output on 900MHz Itanium 2 *with*
+# this module is:
+#                   sign    verify    sign/s verify/s
+# rsa  512 bits 0.000302s 0.000024s   3312.3  41332.2
+# rsa 1024 bits 0.000816s 0.000058s   1225.2  17172.0
+# rsa 2048 bits 0.005908s 0.000148s    169.3   6754.0
+# rsa 4096 bits 0.033456s 0.000469s     29.9   2133.6
+# dsa  512 bits 0.000254s 0.000206s   3944.6   4865.1
+# dsa 1024 bits 0.000585s 0.000607s   1708.4   1647.4
+# dsa 2048 bits 0.001453s 0.001703s    688.1    587.4
+#
+# ... and *without*:
+#
+# rsa  512 bits 0.000670s 0.000041s   1491.8  24145.5
+# rsa 1024 bits 0.001988s 0.000080s    502.9  12499.3
+# rsa 2048 bits 0.008702s 0.000189s    114.9   5293.9
+# rsa 4096 bits 0.043860s 0.000533s     22.8   1875.9
+# dsa  512 bits 0.000441s 0.000427s   2265.3   2340.6
+# dsa 1024 bits 0.000823s 0.000867s   1215.6   1153.2
+# dsa 2048 bits 0.001894s 0.002179s    528.1    458.9
+#
+# As it can be seen, RSA sign performance improves by 120-30%,
+# hereafter less for longer keys, while verify - by 72-13%.
+# DSA performance improves by 100-30%.
+
+if ($^O eq "hpux") {
+    $ADDP="addp4";
+    for (@ARGV) { $ADDP="add" if (/[\+DD|\-mlp]64/); }
+} else { $ADDP="add"; }
+
+$code=<<___;
+.explicit
+.text
+
+// int bn_mul_mont (BN_ULONG *rp,const BN_ULONG *ap,
+//		    const BN_ULONG *bp,const BN_ULONG *np,
+//		    const BN_ULONG *n0p,int num);			
+.global	bn_mul_mont#
+.proc	bn_mul_mont#
+.align	64;;
+bn_mul_mont:
+	.prologue
+	.body
+{ .mmi;	cmp4.le		p6,p7=2,r37;;
+(p6)	cmp4.lt.unc	p8,p9=8,r37
+	mov		ret0=r0		};;
+{ .bbb;
+(p9)	br.cond.dptk.many	bn_mul_mont_8
+(p8)	br.cond.dpnt.many	bn_mul_mont_general
+(p7)	br.ret.spnt.many	b0	};;
+.endp	bn_mul_mont#
+
+prevfs=r2;	prevpr=r3;	prevlc=r10;	prevsp=r11;
+
+rptr=r8;	aptr=r9;	bptr=r14;	nptr=r15;
+tptr=r16;	// &tp[0]
+tp_1=r17;	// &tp[-1]
+num=r18;	len=r19;	lc=r20;
+topbit=r21;	// carry bit from tmp[num]
+
+n0=f6;
+m0=f7;
+bi=f8;
+
+.local	bn_mul_mont_general#
+.proc	bn_mul_mont_general#
+.align	64;;
+bn_mul_mont_general:
+	.prologue
+{ .mmi;	.save	ar.pfs,prevfs
+	alloc	prevfs=ar.pfs,6,2,0,8
+	$ADDP	aptr=0,in1
+	.save	ar.lc,prevlc
+	mov	prevlc=ar.lc		}
+{ .mmi;	.vframe	prevsp
+	mov	prevsp=sp
+	$ADDP	bptr=0,in2
+	.save	pr,prevpr
+	mov	prevpr=pr		};;
+
+	.body
+	.rotf		alo[6],nlo[4],ahi[8],nhi[6]
+	.rotr		a[3],n[3],t[2]
+
+{ .mmi;	ldf8		bi=[bptr],8		// (*bp++)
+	ldf8		alo[4]=[aptr],16	// ap[0]
+	$ADDP		r30=8,in1	};;
+{ .mmi;	ldf8		alo[3]=[r30],16		// ap[1]
+	ldf8		alo[2]=[aptr],16	// ap[2]
+	$ADDP		in4=0,in4	};;
+{ .mmi;	ldf8		alo[1]=[r30]		// ap[3]
+	ldf8		n0=[in4]		// n0
+	$ADDP		rptr=0,in0		}
+{ .mmi;	$ADDP		nptr=0,in3
+	mov		r31=16
+	zxt4		num=in5		};;
+{ .mmi;	ldf8		nlo[2]=[nptr],8		// np[0]
+	shladd		len=num,3,r0
+	shladd		r31=num,3,r31	};;
+{ .mmi;	ldf8		nlo[1]=[nptr],8		// np[1]
+	add		lc=-5,num
+	sub		r31=sp,r31	};;
+{ .mfb;	and		sp=-16,r31		// alloca
+	xmpy.hu		ahi[2]=alo[4],bi	// ap[0]*bp[0]
+	nop.b		0		}
+{ .mfb;	nop.m		0
+	xmpy.lu		alo[4]=alo[4],bi
+	brp.loop.imp	.L1st_ctop,.L1st_cend-16
+					};;
+{ .mfi;	nop.m		0
+	xma.hu		ahi[1]=alo[3],bi,ahi[2]	// ap[1]*bp[0]
+	add		tp_1=8,sp	}
+{ .mfi;	nop.m		0
+	xma.lu		alo[3]=alo[3],bi,ahi[2]
+	mov		pr.rot=0x20001f<<16
+			// ------^----- (p40) at first (p23)
+			// ----------^^ p[16:20]=1
+					};;
+{ .mfi;	nop.m		0
+	xmpy.lu		m0=alo[4],n0		// (ap[0]*bp[0])*n0
+	mov		ar.lc=lc	}
+{ .mfi;	nop.m		0
+	fcvt.fxu.s1	nhi[1]=f0
+	mov		ar.ec=8		};;
+
+.align	32
+.L1st_ctop:
+.pred.rel	"mutex",p40,p42
+{ .mfi;	(p16)	ldf8		alo[0]=[aptr],8		    // *(aptr++)
+	(p18)	xma.hu		ahi[0]=alo[2],bi,ahi[1]
+	(p40)	add		n[2]=n[2],a[2]		}   // (p23)					}
+{ .mfi;	(p18)	ldf8		nlo[0]=[nptr],8		    // *(nptr++)(p16)
+	(p18)	xma.lu		alo[2]=alo[2],bi,ahi[1]
+	(p42)	add		n[2]=n[2],a[2],1	};; // (p23)
+{ .mfi;	(p21)	getf.sig	a[0]=alo[5]
+	(p20)	xma.hu		nhi[0]=nlo[2],m0,nhi[1]
+	(p42)	cmp.leu		p41,p39=n[2],a[2]   	}   // (p23)
+{ .mfi;	(p23)	st8		[tp_1]=n[2],8
+	(p20)	xma.lu		nlo[2]=nlo[2],m0,nhi[1]
+	(p40)	cmp.ltu		p41,p39=n[2],a[2]	}   // (p23)
+{ .mmb;	(p21)	getf.sig	n[0]=nlo[3]
+	(p16)	nop.m		0
+	br.ctop.sptk	.L1st_ctop			};;
+.L1st_cend:
+
+{ .mmi;	getf.sig	a[0]=ahi[6]		// (p24)
+	getf.sig	n[0]=nhi[4]
+	add		num=-1,num	};;	// num--
+{ .mmi;	.pred.rel	"mutex",p40,p42
+(p40)	add		n[0]=n[0],a[0]
+(p42)	add		n[0]=n[0],a[0],1
+	sub		aptr=aptr,len	};;	// rewind
+{ .mmi;	.pred.rel	"mutex",p40,p42
+(p40)	cmp.ltu		p41,p39=n[0],a[0]
+(p42)	cmp.leu		p41,p39=n[0],a[0]
+	sub		nptr=nptr,len	};;
+{ .mmi;	.pred.rel	"mutex",p39,p41
+(p39)	add		topbit=r0,r0
+(p41)	add		topbit=r0,r0,1
+	nop.i		0		}	
+{ .mmi;	st8		[tp_1]=n[0]
+	add		tptr=16,sp
+	add		tp_1=8,sp	};;
+
+.Louter:
+{ .mmi;	ldf8		bi=[bptr],8		// (*bp++)
+	ldf8		ahi[3]=[tptr]		// tp[0]
+	add		r30=8,aptr	};;
+{ .mmi;	ldf8		alo[4]=[aptr],16	// ap[0]
+	ldf8		alo[3]=[r30],16		// ap[1]
+	add		r31=8,nptr	};;
+{ .mfb;	ldf8		alo[2]=[aptr],16	// ap[2]
+	xma.hu		ahi[2]=alo[4],bi,ahi[3]	// ap[0]*bp[i]+tp[0]
+	brp.loop.imp	.Linner_ctop,.Linner_cend-16
+					}
+{ .mfb;	ldf8		alo[1]=[r30]		// ap[3]
+	xma.lu		alo[4]=alo[4],bi,ahi[3]
+	clrrrb.pr			};;
+{ .mfi;	ldf8		nlo[2]=[nptr],16	// np[0]
+	xma.hu		ahi[1]=alo[3],bi,ahi[2]	// ap[1]*bp[i]
+	nop.i		0		}
+{ .mfi;	ldf8		nlo[1]=[r31]		// np[1]
+	xma.lu		alo[3]=alo[3],bi,ahi[2]
+	mov		pr.rot=0x20101f<<16
+			// ------^----- (p40) at first (p23)
+			// --------^--- (p30) at first (p22)
+			// ----------^^ p[16:20]=1
+					};;
+{ .mfi;	st8		[tptr]=r0		// tp[0] is already accounted
+	xmpy.lu		m0=alo[4],n0		// (ap[0]*bp[i]+tp[0])*n0
+	mov		ar.lc=lc	}
+{ .mfi;
+	fcvt.fxu.s1	nhi[1]=f0
+	mov		ar.ec=8		};;
+
+// This loop spins in 4*(n+7) ticks on Itanium 2 and should spin in
+// 7*(n+7) ticks on Itanium (the one codenamed Merced). Factor of 7
+// in latter case accounts for two-tick pipeline stall, which means
+// that its performance would be ~20% lower than optimal one. No
+// attempt was made to address this, because original Itanium is
+// hardly represented out in the wild...
+.align	32
+.Linner_ctop:
+.pred.rel	"mutex",p40,p42
+.pred.rel	"mutex",p30,p32
+{ .mfi;	(p16)	ldf8		alo[0]=[aptr],8		    // *(aptr++)
+	(p18)	xma.hu		ahi[0]=alo[2],bi,ahi[1]
+	(p40)	add		n[2]=n[2],a[2]		}   // (p23)
+{ .mfi;	(p16)	nop.m		0
+	(p18)	xma.lu		alo[2]=alo[2],bi,ahi[1]
+	(p42)	add		n[2]=n[2],a[2],1	};; // (p23)
+{ .mfi;	(p21)	getf.sig	a[0]=alo[5]
+	(p16)	nop.f		0
+	(p40)	cmp.ltu		p41,p39=n[2],a[2]	}   // (p23)
+{ .mfi;	(p21)	ld8		t[0]=[tptr],8
+	(p16)	nop.f		0
+	(p42)	cmp.leu		p41,p39=n[2],a[2]	};; // (p23)
+{ .mfi;	(p18)	ldf8		nlo[0]=[nptr],8		    // *(nptr++)
+	(p20)	xma.hu		nhi[0]=nlo[2],m0,nhi[1]
+	(p30)	add		a[1]=a[1],t[1]		}   // (p22)
+{ .mfi;	(p16)	nop.m		0
+	(p20)	xma.lu		nlo[2]=nlo[2],m0,nhi[1]
+	(p32)	add		a[1]=a[1],t[1],1	};; // (p22)
+{ .mmi;	(p21)	getf.sig	n[0]=nlo[3]
+	(p16)	nop.m		0
+	(p30)	cmp.ltu		p31,p29=a[1],t[1]	}   // (p22)
+{ .mmb;	(p23)	st8		[tp_1]=n[2],8
+	(p32)	cmp.leu		p31,p29=a[1],t[1]	    // (p22)
+	br.ctop.sptk	.Linner_ctop			};;
+.Linner_cend:
+
+{ .mmi;	getf.sig	a[0]=ahi[6]		// (p24)
+	getf.sig	n[0]=nhi[4]
+	nop.i		0		};;
+
+{ .mmi;	.pred.rel	"mutex",p31,p33
+(p31)	add		a[0]=a[0],topbit
+(p33)	add		a[0]=a[0],topbit,1
+	mov		topbit=r0	};;
+{ .mfi; .pred.rel	"mutex",p31,p33
+(p31)	cmp.ltu		p32,p30=a[0],topbit
+(p33)	cmp.leu		p32,p30=a[0],topbit
+					}
+{ .mfi;	.pred.rel	"mutex",p40,p42
+(p40)	add		n[0]=n[0],a[0]
+(p42)	add		n[0]=n[0],a[0],1
+					};;
+{ .mmi;	.pred.rel	"mutex",p44,p46
+(p40)	cmp.ltu		p41,p39=n[0],a[0]
+(p42)	cmp.leu		p41,p39=n[0],a[0]
+(p32)	add		topbit=r0,r0,1	}
+
+{ .mmi;	st8		[tp_1]=n[0],8
+	cmp4.ne		p6,p0=1,num
+	sub		aptr=aptr,len	};;	// rewind
+{ .mmi;	sub		nptr=nptr,len
+(p41)	add		topbit=r0,r0,1
+	add		tptr=16,sp	}
+{ .mmb;	add		tp_1=8,sp
+	add		num=-1,num		// num--
+(p6)	br.cond.sptk.many	.Louter	};;
+
+{ .mbb;	add		lc=4,lc
+	brp.loop.imp	.Lsub_ctop,.Lsub_cend-16
+	clrrrb.pr			};;
+{ .mii;	nop.m		0
+	mov		pr.rot=0x10001<<16
+			// ------^---- (p33) at first (p17)
+	mov		ar.lc=lc	}
+{ .mii;	nop.m		0
+	mov		ar.ec=3
+	nop.i		0		};;
+
+.Lsub_ctop:
+.pred.rel	"mutex",p33,p35
+{ .mfi;	(p16)	ld8		t[0]=[tptr],8		    // t=*(tp++)
+	(p16)	nop.f		0
+	(p33)	sub		n[1]=t[1],n[1]		}   // (p17)
+{ .mfi;	(p16)	ld8		n[0]=[nptr],8		    // n=*(np++)
+	(p16)	nop.f		0
+	(p35)	sub		n[1]=t[1],n[1],1	};; // (p17)
+{ .mib;	(p18)	st8		[rptr]=n[2],8		    // *(rp++)=r
+	(p33)	cmp.gtu		p34,p32=n[1],t[1]	    // (p17)
+	(p18)	nop.b		0			}
+{ .mib;	(p18)	nop.m		0
+	(p35)	cmp.geu		p34,p32=n[1],t[1]	    // (p17)
+	br.ctop.sptk	.Lsub_ctop			};;
+.Lsub_cend:
+
+{ .mmb;	.pred.rel	"mutex",p34,p36
+(p34)	sub	topbit=topbit,r0	// (p19)
+(p36)	sub	topbit=topbit,r0,1
+	brp.loop.imp	.Lcopy_ctop,.Lcopy_cend-16
+					}
+{ .mmb;	sub	rptr=rptr,len		// rewind
+	sub	tptr=tptr,len
+	clrrrb.pr			};;
+{ .mmi;	and	aptr=tptr,topbit
+	andcm	bptr=rptr,topbit
+	mov	pr.rot=1<<16		};;
+{ .mii;	or	nptr=aptr,bptr
+	mov	ar.lc=lc
+	mov	ar.ec=3			};;
+
+.Lcopy_ctop:
+{ .mmb;	(p16)	ld8	n[0]=[nptr],8
+	(p18)	st8	[tptr]=r0,8
+	(p16)	nop.b	0		}
+{ .mmb;	(p16)	nop.m	0
+	(p18)	st8	[rptr]=n[2],8
+	br.ctop.sptk	.Lcopy_ctop	};;
+.Lcopy_cend:
+
+{ .mmi;	mov		ret0=1			// signal "handled"
+	rum		1<<5			// clear um.mfh
+	mov		ar.lc=prevlc	}
+{ .mib;	.restore	sp
+	mov		sp=prevsp
+	mov		pr=prevpr,-2
+	br.ret.sptk.many	b0	};;
+.endp	bn_mul_mont_general#
+
+a1=r16;  a2=r17;  a3=r18;  a4=r19;  a5=r20;  a6=r21;  a7=r22;  a8=r23;
+n1=r24;  n2=r25;  n3=r26;  n4=r27;  n5=r28;  n6=r29;  n7=r30;  n8=r31;
+t0=r15;
+
+ai0=f8;  ai1=f9;  ai2=f10; ai3=f11; ai4=f12; ai5=f13; ai6=f14; ai7=f15;
+ni0=f16; ni1=f17; ni2=f18; ni3=f19; ni4=f20; ni5=f21; ni6=f22; ni7=f23;
+
+.local	bn_mul_mont_8#
+.proc	bn_mul_mont_8#
+.align	64
+.skip	48;;		// aligns loop body
+bn_mul_mont_8:
+	.prologue
+{ .mmi;	.save		ar.pfs,prevfs
+	alloc		prevfs=ar.pfs,6,2,0,8
+	.vframe		prevsp
+	mov		prevsp=sp
+	.save		ar.lc,prevlc
+	mov		prevlc=ar.lc	}
+{ .mmi;	add		r17=-6*16,sp
+	add		sp=-7*16,sp
+	.save		pr,prevpr
+	mov		prevpr=pr	};;
+
+{ .mmi;	.save.gf	0,0x10
+	stf.spill	[sp]=f16,-16
+	.save.gf	0,0x20
+	stf.spill	[r17]=f17,32
+	add		r16=-5*16,prevsp};;
+{ .mmi;	.save.gf	0,0x40
+	stf.spill	[r16]=f18,32
+	.save.gf	0,0x80
+	stf.spill	[r17]=f19,32
+	$ADDP		aptr=0,in1	};;
+{ .mmi;	.save.gf	0,0x100
+	stf.spill	[r16]=f20,32
+	.save.gf	0,0x200
+	stf.spill	[r17]=f21,32
+	$ADDP		r29=8,in1	};;
+{ .mmi;	.save.gf	0,0x400
+	stf.spill	[r16]=f22
+	.save.gf	0,0x800
+	stf.spill	[r17]=f23
+	$ADDP		rptr=0,in0	};;
+
+	.body
+	.rotf		bj[8],mj[2],tf[2],alo[10],ahi[10],nlo[10],nhi[10]
+	.rotr		t[8]
+
+// load input vectors padding them to 8 elements
+{ .mmi;	ldf8		ai0=[aptr],16		// ap[0]
+	ldf8		ai1=[r29],16		// ap[1]
+	$ADDP		bptr=0,in2	}
+{ .mmi;	$ADDP		r30=8,in2
+	$ADDP		nptr=0,in3
+	$ADDP		r31=8,in3	};;
+{ .mmi;	ldf8		bj[7]=[bptr],16		// bp[0]
+	ldf8		bj[6]=[r30],16		// bp[1]
+	cmp4.le		p4,p5=3,in5	}
+{ .mmi;	ldf8		ni0=[nptr],16		// np[0]
+	ldf8		ni1=[r31],16		// np[1]
+	cmp4.le		p6,p7=4,in5	};;
+
+{ .mfi;	(p4)ldf8	ai2=[aptr],16		// ap[2]
+	(p5)fcvt.fxu	ai2=f0
+	cmp4.le		p8,p9=5,in5	}
+{ .mfi;	(p6)ldf8	ai3=[r29],16		// ap[3]
+	(p7)fcvt.fxu	ai3=f0
+	cmp4.le		p10,p11=6,in5	}
+{ .mfi;	(p4)ldf8	bj[5]=[bptr],16		// bp[2]
+	(p5)fcvt.fxu	bj[5]=f0
+	cmp4.le		p12,p13=7,in5	}
+{ .mfi;	(p6)ldf8	bj[4]=[r30],16		// bp[3]
+	(p7)fcvt.fxu	bj[4]=f0
+	cmp4.le		p14,p15=8,in5	}
+{ .mfi;	(p4)ldf8	ni2=[nptr],16		// np[2]
+	(p5)fcvt.fxu	ni2=f0
+	addp4		r28=-1,in5	}
+{ .mfi;	(p6)ldf8	ni3=[r31],16		// np[3]
+	(p7)fcvt.fxu	ni3=f0
+	$ADDP		in4=0,in4	};;
+
+{ .mfi;	ldf8		n0=[in4]
+	fcvt.fxu	tf[1]=f0
+	nop.i		0		}
+
+{ .mfi;	(p8)ldf8	ai4=[aptr],16		// ap[4]
+	(p9)fcvt.fxu	ai4=f0
+	mov		t[0]=r0		}
+{ .mfi;	(p10)ldf8	ai5=[r29],16		// ap[5]
+	(p11)fcvt.fxu	ai5=f0
+	mov		t[1]=r0		}
+{ .mfi;	(p8)ldf8	bj[3]=[bptr],16		// bp[4]
+	(p9)fcvt.fxu	bj[3]=f0
+	mov		t[2]=r0		}
+{ .mfi;	(p10)ldf8	bj[2]=[r30],16		// bp[5]
+	(p11)fcvt.fxu	bj[2]=f0
+	mov		t[3]=r0		}
+{ .mfi;	(p8)ldf8	ni4=[nptr],16		// np[4]
+	(p9)fcvt.fxu	ni4=f0
+	mov		t[4]=r0		}
+{ .mfi;	(p10)ldf8	ni5=[r31],16		// np[5]
+	(p11)fcvt.fxu	ni5=f0
+	mov		t[5]=r0		};;
+
+{ .mfi;	(p12)ldf8	ai6=[aptr],16		// ap[6]
+	(p13)fcvt.fxu	ai6=f0
+	mov		t[6]=r0		}
+{ .mfi;	(p14)ldf8	ai7=[r29],16		// ap[7]
+	(p15)fcvt.fxu	ai7=f0
+	mov		t[7]=r0		}
+{ .mfi;	(p12)ldf8	bj[1]=[bptr],16		// bp[6]
+	(p13)fcvt.fxu	bj[1]=f0
+	mov		ar.lc=r28	}
+{ .mfi;	(p14)ldf8	bj[0]=[r30],16		// bp[7]
+	(p15)fcvt.fxu	bj[0]=f0
+	mov		ar.ec=2		}
+{ .mfi;	(p12)ldf8	ni6=[nptr],16		// np[6]
+	(p13)fcvt.fxu	ni6=f0
+	mov		pr.rot=1<<16	}
+{ .mfb;	(p14)ldf8	ni7=[r31],16		// np[7]
+	(p15)fcvt.fxu	ni7=f0
+	brp.loop.imp	.Louter_8_ctop,.Louter_8_cend-16
+					};;
+
+// The loop is scheduled for 32*(n+1) ticks on Itanium 2. Actual
+// measurement with help of Interval Time Counter indicate that the
+// factor is a tad higher: 33 or 34, if not 35. Exact measurement and
+// addressing the issue is problematic, because I don't have access
+// to platform-specific instruction-level profiler. On Itanium it
+// should run in 56*(n+1) ticks, because of higher xma latency...
+.Louter_8_ctop:
+	.pred.rel		"mutex",p40,p42
+	.pred.rel		"mutex",p48,p50
+{ .mfi;	(p16)	nop.m		0			// 0:
+	(p16)	xma.hu		ahi[0]=ai0,bj[7],tf[1]	//	ap[0]*b[i]+t[0]
+	(p40)	add		a3=a3,n3	}	//	(p17) a3+=n3
+{ .mfi;	(p42)	add		a3=a3,n3,1
+	(p16)	xma.lu		alo[0]=ai0,bj[7],tf[1]
+	(p16)	nop.i		0		};;
+{ .mii;	(p17)	getf.sig	a7=alo[8]		// 1:
+	(p48)	add		t[6]=t[6],a3		//	(p17) t[6]+=a3
+	(p50)	add		t[6]=t[6],a3,1	};;
+{ .mfi;	(p17)	getf.sig	a8=ahi[8]		// 2:
+	(p17)	xma.hu		nhi[7]=ni6,mj[1],nhi[6]	//	np[6]*m0
+	(p40)	cmp.ltu		p43,p41=a3,n3	}
+{ .mfi;	(p42)	cmp.leu		p43,p41=a3,n3
+	(p17)	xma.lu		nlo[7]=ni6,mj[1],nhi[6]
+	(p16)	nop.i		0		};;
+{ .mii;	(p17)	getf.sig	n5=nlo[6]		// 3:
+	(p48)	cmp.ltu		p51,p49=t[6],a3
+	(p50)	cmp.leu		p51,p49=t[6],a3	};;
+	.pred.rel		"mutex",p41,p43
+	.pred.rel		"mutex",p49,p51
+{ .mfi;	(p16)	nop.m		0			// 4:
+	(p16)	xma.hu		ahi[1]=ai1,bj[7],ahi[0]	//	ap[1]*b[i]
+	(p41)	add		a4=a4,n4	}	//	(p17) a4+=n4
+{ .mfi;	(p43)	add		a4=a4,n4,1
+	(p16)	xma.lu		alo[1]=ai1,bj[7],ahi[0]
+	(p16)	nop.i		0		};;
+{ .mfi;	(p49)	add		t[5]=t[5],a4		// 5:	(p17) t[5]+=a4
+	(p16)	xmpy.lu		mj[0]=alo[0],n0		//	(ap[0]*b[i]+t[0])*n0
+	(p51)	add		t[5]=t[5],a4,1	};;
+{ .mfi;	(p16)	nop.m		0			// 6:
+	(p17)	xma.hu		nhi[8]=ni7,mj[1],nhi[7]	//	np[7]*m0
+	(p41)	cmp.ltu		p42,p40=a4,n4	}
+{ .mfi;	(p43)	cmp.leu		p42,p40=a4,n4
+	(p17)	xma.lu		nlo[8]=ni7,mj[1],nhi[7]
+	(p16)	nop.i		0		};;
+{ .mii;	(p17)	getf.sig	n6=nlo[7]		// 7:
+	(p49)	cmp.ltu		p50,p48=t[5],a4
+	(p51)	cmp.leu		p50,p48=t[5],a4	};;
+	.pred.rel		"mutex",p40,p42
+	.pred.rel		"mutex",p48,p50
+{ .mfi;	(p16)	nop.m		0			// 8:
+	(p16)	xma.hu		ahi[2]=ai2,bj[7],ahi[1]	//	ap[2]*b[i]
+	(p40)	add		a5=a5,n5	}	//	(p17) a5+=n5
+{ .mfi;	(p42)	add		a5=a5,n5,1
+	(p16)	xma.lu		alo[2]=ai2,bj[7],ahi[1]
+	(p16)	nop.i		0		};;
+{ .mii;	(p16)	getf.sig	a1=alo[1]		// 9:
+	(p48)	add		t[4]=t[4],a5		//	p(17) t[4]+=a5
+	(p50)	add		t[4]=t[4],a5,1	};;
+{ .mfi;	(p16)	nop.m		0			// 10:
+	(p16)	xma.hu		nhi[0]=ni0,mj[0],alo[0]	//	np[0]*m0
+	(p40)	cmp.ltu		p43,p41=a5,n5	}
+{ .mfi;	(p42)	cmp.leu		p43,p41=a5,n5
+	(p16)	xma.lu		nlo[0]=ni0,mj[0],alo[0]
+	(p16)	nop.i		0		};;
+{ .mii;	(p17)	getf.sig	n7=nlo[8]		// 11:
+	(p48)	cmp.ltu		p51,p49=t[4],a5
+	(p50)	cmp.leu		p51,p49=t[4],a5	};;
+	.pred.rel		"mutex",p41,p43
+	.pred.rel		"mutex",p49,p51
+{ .mfi;	(p17)	getf.sig	n8=nhi[8]		// 12:
+	(p16)	xma.hu		ahi[3]=ai3,bj[7],ahi[2]	//	ap[3]*b[i]
+	(p41)	add		a6=a6,n6	}	//	(p17) a6+=n6
+{ .mfi;	(p43)	add		a6=a6,n6,1
+	(p16)	xma.lu		alo[3]=ai3,bj[7],ahi[2]
+	(p16)	nop.i		0		};;
+{ .mii;	(p16)	getf.sig	a2=alo[2]		// 13:
+	(p49)	add		t[3]=t[3],a6		//	(p17) t[3]+=a6
+	(p51)	add		t[3]=t[3],a6,1	};;
+{ .mfi;	(p16)	nop.m		0			// 14:
+	(p16)	xma.hu		nhi[1]=ni1,mj[0],nhi[0]	//	np[1]*m0
+	(p41)	cmp.ltu		p42,p40=a6,n6	}
+{ .mfi;	(p43)	cmp.leu		p42,p40=a6,n6
+	(p16)	xma.lu		nlo[1]=ni1,mj[0],nhi[0]
+	(p16)	nop.i		0		};;
+{ .mii;	(p16)	nop.m		0			// 15:
+	(p49)	cmp.ltu		p50,p48=t[3],a6
+	(p51)	cmp.leu		p50,p48=t[3],a6	};;
+	.pred.rel		"mutex",p40,p42
+	.pred.rel		"mutex",p48,p50
+{ .mfi;	(p16)	nop.m		0			// 16:
+	(p16)	xma.hu		ahi[4]=ai4,bj[7],ahi[3]	//	ap[4]*b[i]
+	(p40)	add		a7=a7,n7	}	//	(p17) a7+=n7
+{ .mfi;	(p42)	add		a7=a7,n7,1
+	(p16)	xma.lu		alo[4]=ai4,bj[7],ahi[3]
+	(p16)	nop.i		0		};;
+{ .mii;	(p16)	getf.sig	a3=alo[3]		// 17:
+	(p48)	add		t[2]=t[2],a7		//	(p17) t[2]+=a7
+	(p50)	add		t[2]=t[2],a7,1	};;
+{ .mfi;	(p16)	nop.m		0			// 18:
+	(p16)	xma.hu		nhi[2]=ni2,mj[0],nhi[1]	//	np[2]*m0
+	(p40)	cmp.ltu		p43,p41=a7,n7	}
+{ .mfi;	(p42)	cmp.leu		p43,p41=a7,n7
+	(p16)	xma.lu		nlo[2]=ni2,mj[0],nhi[1]
+	(p16)	nop.i		0		};;
+{ .mii;	(p16)	getf.sig	n1=nlo[1]		// 19:
+	(p48)	cmp.ltu		p51,p49=t[2],a7
+	(p50)	cmp.leu		p51,p49=t[2],a7	};;
+	.pred.rel		"mutex",p41,p43
+	.pred.rel		"mutex",p49,p51
+{ .mfi;	(p16)	nop.m		0			// 20:
+	(p16)	xma.hu		ahi[5]=ai5,bj[7],ahi[4]	//	ap[5]*b[i]
+	(p41)	add		a8=a8,n8	}	//	(p17) a8+=n8
+{ .mfi;	(p43)	add		a8=a8,n8,1
+	(p16)	xma.lu		alo[5]=ai5,bj[7],ahi[4]
+	(p16)	nop.i		0		};;
+{ .mii;	(p16)	getf.sig	a4=alo[4]		// 21:
+	(p49)	add		t[1]=t[1],a8		//	(p17) t[1]+=a8
+	(p51)	add		t[1]=t[1],a8,1	};;
+{ .mfi;	(p16)	nop.m		0			// 22:
+	(p16)	xma.hu		nhi[3]=ni3,mj[0],nhi[2]	//	np[3]*m0
+	(p41)	cmp.ltu		p42,p40=a8,n8	}
+{ .mfi;	(p43)	cmp.leu		p42,p40=a8,n8
+	(p16)	xma.lu		nlo[3]=ni3,mj[0],nhi[2]
+	(p16)	nop.i		0		};;
+{ .mii;	(p16)	getf.sig	n2=nlo[2]		// 23:
+	(p49)	cmp.ltu		p50,p48=t[1],a8
+	(p51)	cmp.leu		p50,p48=t[1],a8	};;
+{ .mfi;	(p16)	nop.m		0			// 24:
+	(p16)	xma.hu		ahi[6]=ai6,bj[7],ahi[5]	//	ap[6]*b[i]
+	(p16)	add		a1=a1,n1	}	//	(p16) a1+=n1
+{ .mfi;	(p16)	nop.m		0
+	(p16)	xma.lu		alo[6]=ai6,bj[7],ahi[5]
+	(p17)	mov		t[0]=r0		};;
+{ .mii;	(p16)	getf.sig	a5=alo[5]		// 25:
+	(p16)	add		t0=t[7],a1		//	(p16) t[7]+=a1
+	(p42)	add		t[0]=t[0],r0,1	};;
+{ .mfi;	(p16)	setf.sig	tf[0]=t0		// 26:
+	(p16)	xma.hu		nhi[4]=ni4,mj[0],nhi[3]	//	np[4]*m0
+	(p50)	add		t[0]=t[0],r0,1	}
+{ .mfi;	(p16)	cmp.ltu.unc	p42,p40=a1,n1
+	(p16)	xma.lu		nlo[4]=ni4,mj[0],nhi[3]
+	(p16)	nop.i		0		};;
+{ .mii;	(p16)	getf.sig	n3=nlo[3]		// 27:
+	(p16)	cmp.ltu.unc	p50,p48=t0,a1
+	(p16)	nop.i		0		};;
+	.pred.rel		"mutex",p40,p42
+	.pred.rel		"mutex",p48,p50
+{ .mfi;	(p16)	nop.m		0			// 28:
+	(p16)	xma.hu		ahi[7]=ai7,bj[7],ahi[6]	//	ap[7]*b[i]
+	(p40)	add		a2=a2,n2	}	//	(p16) a2+=n2
+{ .mfi;	(p42)	add		a2=a2,n2,1
+	(p16)	xma.lu		alo[7]=ai7,bj[7],ahi[6]
+	(p16)	nop.i		0		};;
+{ .mii;	(p16)	getf.sig	a6=alo[6]		// 29:
+	(p48)	add		t[6]=t[6],a2		//	(p16) t[6]+=a2
+	(p50)	add		t[6]=t[6],a2,1	};;
+{ .mfi;	(p16)	nop.m		0			// 30:
+	(p16)	xma.hu		nhi[5]=ni5,mj[0],nhi[4]	//	np[5]*m0
+	(p40)	cmp.ltu		p41,p39=a2,n2	}
+{ .mfi;	(p42)	cmp.leu		p41,p39=a2,n2
+	(p16)	xma.lu		nlo[5]=ni5,mj[0],nhi[4]
+	(p16)	nop.i		0		};;
+{ .mfi;	(p16)	getf.sig	n4=nlo[4]		// 31:
+	(p16)	nop.f		0
+	(p48)	cmp.ltu		p49,p47=t[6],a2	}
+{ .mfb;	(p50)	cmp.leu		p49,p47=t[6],a2
+	(p16)	nop.f		0
+	br.ctop.sptk.many	.Louter_8_ctop	};;
+.Louter_8_cend:
+
+// move np[8] to GPR bank and subtract it from carrybit|tmp[8]
+// carrybit|tmp[8] layout upon exit from above loop is:
+//	t[1]|t[2]|t[3]|t[4]|t[5]|t[6]|t[7]|t[0]|t0 (least significant)
+{ .mmi;	getf.sig	n1=ni0
+	getf.sig	n2=ni1
+	add		r16=-7*16,prevsp}
+{ .mmi;	getf.sig	n3=ni2
+	getf.sig	n4=ni3
+	add		r17=-6*16,prevsp};;
+{ .mmi;	getf.sig	n5=ni4
+	getf.sig	n6=ni5
+	add		r18=-5*16,prevsp}
+{ .mmi;	getf.sig	n7=ni6
+	getf.sig	n8=ni7
+	sub		n1=t0,n1	};;
+{ .mmi;	cmp.gtu		p34,p32=n1,t0;;
+	.pred.rel	"mutex",p32,p34
+	(p32)sub	n2=t[0],n2
+	(p34)sub	n2=t[0],n2,1	};;
+{ .mii;	(p32)cmp.gtu	p35,p33=n2,t[0]
+	(p34)cmp.geu	p35,p33=n2,t[0];;
+	.pred.rel	"mutex",p33,p35
+	(p33)sub	n3=t[7],n3	}
+{ .mmi;	(p35)sub	n3=t[7],n3,1;;
+	(p33)cmp.gtu	p34,p32=n3,t[7]
+	(p35)cmp.geu	p34,p32=n3,t[7]	};;
+	.pred.rel	"mutex",p32,p34
+{ .mii;	(p32)sub	n4=t[6],n4
+	(p34)sub	n4=t[6],n4,1;;
+	(p32)cmp.gtu	p35,p33=n4,t[6]	}
+{ .mmi;	(p34)cmp.geu	p35,p33=n4,t[6];;
+	.pred.rel	"mutex",p33,p35
+	(p33)sub	n5=t[5],n5
+	(p35)sub	n5=t[5],n5,1	};;
+{ .mii;	(p33)cmp.gtu	p34,p32=n5,t[5]
+	(p35)cmp.geu	p34,p32=n5,t[5];;
+	.pred.rel	"mutex",p32,p34
+	(p32)sub	n6=t[4],n6	}
+{ .mmi;	(p34)sub	n6=t[4],n6,1;;
+	(p32)cmp.gtu	p35,p33=n6,t[4]
+	(p34)cmp.geu	p35,p33=n6,t[4]	};;
+	.pred.rel	"mutex",p33,p35
+{ .mii;	(p33)sub	n7=t[3],n7
+	(p35)sub	n7=t[3],n7,1;;
+	(p33)cmp.gtu	p34,p32=n7,t[3]	}
+{ .mmi;	(p35)cmp.geu	p34,p32=n7,t[3];;
+	.pred.rel	"mutex",p32,p34
+	(p32)sub	n8=t[2],n8
+	(p34)sub	n8=t[2],n8,1	};;
+{ .mii;	(p32)cmp.gtu	p35,p33=n8,t[2]
+	(p34)cmp.geu	p35,p33=n8,t[2];;
+	.pred.rel	"mutex",p33,p35
+	(p33)sub	a8=t[1],r0	}
+{ .mmi;	(p35)sub	a8=t[1],r0,1;;
+	(p33)cmp.gtu	p34,p32=a8,t[1]
+	(p35)cmp.geu	p34,p32=a8,t[1]	};;
+
+// save the result, either tmp[num] or tmp[num]-np[num]
+	.pred.rel	"mutex",p32,p34
+{ .mmi;	(p32)st8	[rptr]=n1,8
+	(p34)st8	[rptr]=t0,8
+	add		r19=-4*16,prevsp};;
+{ .mmb;	(p32)st8	[rptr]=n2,8
+	(p34)st8	[rptr]=t[0],8
+	(p5)br.cond.dpnt.few	.Ldone	};;
+{ .mmb;	(p32)st8	[rptr]=n3,8
+	(p34)st8	[rptr]=t[7],8
+	(p7)br.cond.dpnt.few	.Ldone	};;
+{ .mmb;	(p32)st8	[rptr]=n4,8
+	(p34)st8	[rptr]=t[6],8
+	(p9)br.cond.dpnt.few	.Ldone	};;
+{ .mmb;	(p32)st8	[rptr]=n5,8
+	(p34)st8	[rptr]=t[5],8
+	(p11)br.cond.dpnt.few	.Ldone	};;
+{ .mmb;	(p32)st8	[rptr]=n6,8
+	(p34)st8	[rptr]=t[4],8
+	(p13)br.cond.dpnt.few	.Ldone	};;
+{ .mmb;	(p32)st8	[rptr]=n7,8
+	(p34)st8	[rptr]=t[3],8
+	(p15)br.cond.dpnt.few	.Ldone	};;
+{ .mmb;	(p32)st8	[rptr]=n8,8
+	(p34)st8	[rptr]=t[2],8
+	nop.b		0		};;
+.Ldone:						// epilogue
+{ .mmi;	ldf.fill	f16=[r16],64
+	ldf.fill	f17=[r17],64
+	nop.i		0		}
+{ .mmi;	ldf.fill	f18=[r18],64
+	ldf.fill	f19=[r19],64
+	mov		pr=prevpr,-2	};;
+{ .mmi;	ldf.fill	f20=[r16]
+	ldf.fill	f21=[r17]
+	mov		ar.lc=prevlc	}
+{ .mmi;	ldf.fill	f22=[r18]
+	ldf.fill	f23=[r19]
+	mov		ret0=1		}	// signal "handled"
+{ .mib;	rum		1<<5
+	.restore	sp
+	mov		sp=prevsp
+	br.ret.sptk.many	b0	};;
+.endp	bn_mul_mont_8#
+
+.type	copyright#,\@object
+copyright:
+stringz	"Montgomery multiplication for IA-64, CRYPTOGAMS by <appro\@openssl.org>"
+___
+
+$output=shift and open STDOUT,">$output";
+print $code;
+close STDOUT;
diff --git a/crypto/bn/asm/ia64.S b/crypto/bn/asm/ia64.S
index 7b82b820e6..951abc53ea 100644
--- a/crypto/bn/asm/ia64.S
+++ b/crypto/bn/asm/ia64.S
@@ -171,21 +171,21 @@
 .skip	32	// makes the loop body aligned at 64-byte boundary
 bn_add_words:
 	.prologue
-	.fframe	0
 	.save	ar.pfs,r2
 { .mii;	alloc		r2=ar.pfs,4,12,0,16
 	cmp4.le		p6,p0=r35,r0	};;
 { .mfb;	mov		r8=r0			// return value
 (p6)	br.ret.spnt.many	b0	};;
 
-	.save	ar.lc,r3
 { .mib;	sub		r10=r35,r0,1
+	.save	ar.lc,r3
 	mov		r3=ar.lc
 	brp.loop.imp	.L_bn_add_words_ctop,.L_bn_add_words_cend-16
 					}
-	.body
 { .mib;	ADDP		r14=0,r32		// rp
+	.save	pr,r9
 	mov		r9=pr		};;
+	.body
 { .mii;	ADDP		r15=0,r33		// ap
 	mov		ar.lc=r10
 	mov		ar.ec=6		}
@@ -224,21 +224,21 @@ bn_add_words:
 .skip	32	// makes the loop body aligned at 64-byte boundary
 bn_sub_words:
 	.prologue
-	.fframe	0
 	.save	ar.pfs,r2
 { .mii;	alloc		r2=ar.pfs,4,12,0,16
 	cmp4.le		p6,p0=r35,r0	};;
 { .mfb;	mov		r8=r0			// return value
 (p6)	br.ret.spnt.many	b0	};;
 
-	.save	ar.lc,r3
 { .mib;	sub		r10=r35,r0,1
+	.save	ar.lc,r3
 	mov		r3=ar.lc
 	brp.loop.imp	.L_bn_sub_words_ctop,.L_bn_sub_words_cend-16
 					}
-	.body
 { .mib;	ADDP		r14=0,r32		// rp
+	.save	pr,r9
 	mov		r9=pr		};;
+	.body
 { .mii;	ADDP		r15=0,r33		// ap
 	mov		ar.lc=r10
 	mov		ar.ec=6		}
@@ -283,7 +283,6 @@ bn_sub_words:
 .skip	32	// makes the loop body aligned at 64-byte boundary
 bn_mul_words:
 	.prologue
-	.fframe	0
 	.save	ar.pfs,r2
 #ifdef XMA_TEMPTATION
 { .mfi;	alloc		r2=ar.pfs,4,0,0,0	};;
@@ -294,9 +293,10 @@ bn_mul_words:
 	cmp4.le		p6,p0=r34,r0
 (p6)	br.ret.spnt.many	b0		};;
 
-	.save	ar.lc,r3
 { .mii;	sub	r10=r34,r0,1
+	.save	ar.lc,r3
 	mov	r3=ar.lc
+	.save	pr,r9
 	mov	r9=pr			};;
 
 	.body
@@ -397,22 +397,21 @@ bn_mul_words:
 .skip	48	// makes the loop body aligned at 64-byte boundary
 bn_mul_add_words:
 	.prologue
-	.fframe	0
 	.save	ar.pfs,r2
-	.save	ar.lc,r3
-	.save	pr,r9
 { .mmi;	alloc		r2=ar.pfs,4,4,0,8
 	cmp4.le		p6,p0=r34,r0
+	.save	ar.lc,r3
 	mov		r3=ar.lc	};;
 { .mib;	mov		r8=r0		// return value
 	sub		r10=r34,r0,1
 (p6)	br.ret.spnt.many	b0	};;
 
-	.body
 { .mib;	setf.sig	f8=r35		// w
+	.save	pr,r9
 	mov		r9=pr
 	brp.loop.imp	.L_bn_mul_add_words_ctop,.L_bn_mul_add_words_cend-16
 					}
+	.body
 { .mmi;	ADDP		r14=0,r32	// rp
 	ADDP		r15=0,r33	// ap
 	mov		ar.lc=r10	}
@@ -466,7 +465,6 @@ bn_mul_add_words:
 .skip	32	// makes the loop body aligned at 64-byte boundary 
 bn_sqr_words:
 	.prologue
-	.fframe	0
 	.save	ar.pfs,r2
 { .mii;	alloc		r2=ar.pfs,3,0,0,0
 	sxt4		r34=r34		};;
@@ -476,9 +474,10 @@ bn_sqr_words:
 	nop.f		0x0
 (p6)	br.ret.spnt.many	b0	};;
 
-	.save	ar.lc,r3
 { .mii;	sub	r10=r34,r0,1
+	.save	ar.lc,r3
 	mov	r3=ar.lc
+	.save	pr,r9
 	mov	r9=pr			};;
 
 	.body
@@ -545,7 +544,6 @@ bn_sqr_words:
 .align	64
 bn_sqr_comba8:
 	.prologue
-	.fframe	0
 	.save	ar.pfs,r2
 #if defined(_HPUX_SOURCE) && !defined(_LP64)
 { .mii;	alloc	r2=ar.pfs,2,1,0,0
@@ -617,7 +615,6 @@ bn_sqr_comba8:
 .align	64
 bn_mul_comba8:
 	.prologue
-	.fframe	0
 	.save	ar.pfs,r2
 #if defined(_HPUX_SOURCE) && !defined(_LP64)
 { .mii;	alloc	r2=ar.pfs,3,0,0,0
@@ -1175,7 +1172,6 @@ bn_mul_comba8:
 .align	64
 bn_sqr_comba4:
 	.prologue
-	.fframe	0
 	.save	ar.pfs,r2
 #if defined(_HPUX_SOURCE) && !defined(_LP64)
 { .mii;	alloc   r2=ar.pfs,2,1,0,0
@@ -1208,7 +1204,6 @@ bn_sqr_comba4:
 .align	64
 bn_mul_comba4:
 	.prologue
-	.fframe	0
 	.save	ar.pfs,r2
 #if defined(_HPUX_SOURCE) && !defined(_LP64)
 { .mii;	alloc   r2=ar.pfs,3,0,0,0
@@ -1411,11 +1406,11 @@ equ=p24
 .align	64
 bn_div_words:
 	.prologue
-	.fframe	0
 	.save	ar.pfs,r2
-	.save	b0,r3
 { .mii;	alloc		r2=ar.pfs,3,5,0,8
+	.save	b0,r3
 	mov		r3=b0
+	.save	pr,r10
 	mov		r10=pr		};;
 { .mmb;	cmp.eq		p6,p0=r34,r0
 	mov		r8=-1
diff --git a/crypto/bn/asm/mips3-mont.pl b/crypto/bn/asm/mips3-mont.pl
new file mode 100644
index 0000000000..8f9156e02a
--- /dev/null
+++ b/crypto/bn/asm/mips3-mont.pl
@@ -0,0 +1,327 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# This module doesn't present direct interest for OpenSSL, because it
+# doesn't provide better performance for longer keys. While 512-bit
+# RSA private key operations are 40% faster, 1024-bit ones are hardly
+# faster at all, while longer key operations are slower by up to 20%.
+# It might be of interest to embedded system developers though, as
+# it's smaller than 1KB, yet offers ~3x improvement over compiler
+# generated code.
+#
+# The module targets N32 and N64 MIPS ABIs and currently is a bit
+# IRIX-centric, i.e. is likely to require adaptation for other OSes.
+
+# int bn_mul_mont(
+$rp="a0";	# BN_ULONG *rp,
+$ap="a1";	# const BN_ULONG *ap,
+$bp="a2";	# const BN_ULONG *bp,
+$np="a3";	# const BN_ULONG *np,
+$n0="a4";	# const BN_ULONG *n0,
+$num="a5";	# int num);
+
+$lo0="a6";
+$hi0="a7";
+$lo1="v0";
+$hi1="v1";
+$aj="t0";
+$bi="t1";
+$nj="t2";
+$tp="t3";
+$alo="s0";
+$ahi="s1";
+$nlo="s2";
+$nhi="s3";
+$tj="s4";
+$i="s5";
+$j="s6";
+$fp="t8";
+$m1="t9";
+
+$FRAME=8*(2+8);
+
+$code=<<___;
+#include <asm.h>
+#include <regdef.h>
+
+.text
+
+.set	noat
+.set	reorder
+
+.align	5
+.globl	bn_mul_mont
+.ent	bn_mul_mont
+bn_mul_mont:
+	.set	noreorder
+	PTR_SUB	sp,64
+	move	$fp,sp
+	.frame	$fp,64,ra
+	slt	AT,$num,4
+	li	v0,0
+	beqzl	AT,.Lproceed
+	nop
+	jr	ra
+	PTR_ADD	sp,$fp,64
+	.set	reorder
+.align	5
+.Lproceed:
+	ld	$n0,0($n0)
+	ld	$bi,0($bp)	# bp[0]
+	ld	$aj,0($ap)	# ap[0]
+	ld	$nj,0($np)	# np[0]
+	PTR_SUB	sp,16		# place for two extra words
+	sll	$num,3
+	li	AT,-4096
+	PTR_SUB	sp,$num
+	and	sp,AT
+
+	sd	s0,0($fp)
+	sd	s1,8($fp)
+	sd	s2,16($fp)
+	sd	s3,24($fp)
+	sd	s4,32($fp)
+	sd	s5,40($fp)
+	sd	s6,48($fp)
+	sd	s7,56($fp)
+
+	dmultu	$aj,$bi
+	ld	$alo,8($ap)
+	ld	$nlo,8($np)
+	mflo	$lo0
+	mfhi	$hi0
+	dmultu	$lo0,$n0
+	mflo	$m1
+
+	dmultu	$alo,$bi
+	mflo	$alo
+	mfhi	$ahi
+
+	dmultu	$nj,$m1
+	mflo	$lo1
+	mfhi	$hi1
+	dmultu	$nlo,$m1
+	daddu	$lo1,$lo0
+	sltu	AT,$lo1,$lo0
+	daddu	$hi1,AT
+	mflo	$nlo
+	mfhi	$nhi
+
+	move	$tp,sp
+	li	$j,16
+.align	4
+.L1st:
+	.set	noreorder
+	PTR_ADD	$aj,$ap,$j
+	ld	$aj,($aj)
+	PTR_ADD	$nj,$np,$j
+	ld	$nj,($nj)
+
+	dmultu	$aj,$bi
+	daddu	$lo0,$alo,$hi0
+	daddu	$lo1,$nlo,$hi1
+	sltu	AT,$lo0,$hi0
+	sltu	s7,$lo1,$hi1
+	daddu	$hi0,$ahi,AT
+	daddu	$hi1,$nhi,s7
+	mflo	$alo
+	mfhi	$ahi
+
+	daddu	$lo1,$lo0
+	sltu	AT,$lo1,$lo0
+	dmultu	$nj,$m1
+	daddu	$hi1,AT
+	addu	$j,8
+	sd	$lo1,($tp)
+	sltu	s7,$j,$num
+	mflo	$nlo
+	mfhi	$nhi
+
+	bnez	s7,.L1st
+	PTR_ADD	$tp,8
+	.set	reorder
+
+	daddu	$lo0,$alo,$hi0
+	sltu	AT,$lo0,$hi0
+	daddu	$hi0,$ahi,AT
+
+	daddu	$lo1,$nlo,$hi1
+	sltu	s7,$lo1,$hi1
+	daddu	$hi1,$nhi,s7
+	daddu	$lo1,$lo0
+	sltu	AT,$lo1,$lo0
+	daddu	$hi1,AT
+
+	sd	$lo1,($tp)
+
+	daddu	$hi1,$hi0
+	sltu	AT,$hi1,$hi0
+	sd	$hi1,8($tp)
+	sd	AT,16($tp)
+
+	li	$i,8
+.align	4
+.Louter:
+	PTR_ADD	$bi,$bp,$i
+	ld	$bi,($bi)
+	ld	$aj,($ap)
+	ld	$alo,8($ap)
+	ld	$tj,(sp)
+
+	dmultu	$aj,$bi
+	ld	$nj,($np)
+	ld	$nlo,8($np)
+	mflo	$lo0
+	mfhi	$hi0
+	daddu	$lo0,$tj
+	dmultu	$lo0,$n0
+	sltu	AT,$lo0,$tj
+	daddu	$hi0,AT
+	mflo	$m1
+
+	dmultu	$alo,$bi
+	mflo	$alo
+	mfhi	$ahi
+
+	dmultu	$nj,$m1
+	mflo	$lo1
+	mfhi	$hi1
+
+	dmultu	$nlo,$m1
+	daddu	$lo1,$lo0
+	sltu	AT,$lo1,$lo0
+	daddu	$hi1,AT
+	mflo	$nlo
+	mfhi	$nhi
+
+	move	$tp,sp
+	li	$j,16
+	ld	$tj,8($tp)
+.align	4
+.Linner:
+	.set	noreorder
+	PTR_ADD	$aj,$ap,$j
+	ld	$aj,($aj)
+	PTR_ADD	$nj,$np,$j
+	ld	$nj,($nj)
+
+	dmultu	$aj,$bi
+	daddu	$lo0,$alo,$hi0
+	daddu	$lo1,$nlo,$hi1
+	sltu	AT,$lo0,$hi0
+	sltu	s7,$lo1,$hi1
+	daddu	$hi0,$ahi,AT
+	daddu	$hi1,$nhi,s7
+	mflo	$alo
+	mfhi	$ahi
+
+	daddu	$lo0,$tj
+	addu	$j,8
+	dmultu	$nj,$m1
+	sltu	AT,$lo0,$tj
+	daddu	$lo1,$lo0
+	daddu	$hi0,AT
+	sltu	s7,$lo1,$lo0
+	ld	$tj,16($tp)
+	daddu	$hi1,s7
+	sltu	AT,$j,$num
+	mflo	$nlo
+	mfhi	$nhi
+	sd	$lo1,($tp)
+	bnez	AT,.Linner
+	PTR_ADD	$tp,8
+	.set	reorder
+
+	daddu	$lo0,$alo,$hi0
+	sltu	AT,$lo0,$hi0
+	daddu	$hi0,$ahi,AT
+	daddu	$lo0,$tj
+	sltu	s7,$lo0,$tj
+	daddu	$hi0,s7
+
+	ld	$tj,16($tp)
+	daddu	$lo1,$nlo,$hi1
+	sltu	AT,$lo1,$hi1
+	daddu	$hi1,$nhi,AT
+	daddu	$lo1,$lo0
+	sltu	s7,$lo1,$lo0
+	daddu	$hi1,s7
+	sd	$lo1,($tp)
+
+	daddu	$lo1,$hi1,$hi0
+	sltu	$hi1,$lo1,$hi0
+	daddu	$lo1,$tj
+	sltu	AT,$lo1,$tj
+	daddu	$hi1,AT
+	sd	$lo1,8($tp)
+	sd	$hi1,16($tp)
+
+	addu	$i,8
+	sltu	s7,$i,$num
+	bnez	s7,.Louter
+
+	.set	noreorder
+	PTR_ADD	$tj,sp,$num	# &tp[num]
+	move	$tp,sp
+	move	$ap,sp
+	li	$hi0,0		# clear borrow bit
+
+.align	4
+.Lsub:	ld	$lo0,($tp)
+	ld	$lo1,($np)
+	PTR_ADD	$tp,8
+	PTR_ADD	$np,8
+	dsubu	$lo1,$lo0,$lo1	# tp[i]-np[i]
+	sgtu	AT,$lo1,$lo0
+	dsubu	$lo0,$lo1,$hi0
+	sgtu	$hi0,$lo0,$lo1
+	sd	$lo0,($rp)
+	or	$hi0,AT
+	sltu	AT,$tp,$tj
+	bnez	AT,.Lsub
+	PTR_ADD	$rp,8
+
+	dsubu	$hi0,$hi1,$hi0	# handle upmost overflow bit
+	move	$tp,sp
+	PTR_SUB	$rp,$num	# restore rp
+	not	$hi1,$hi0
+
+	and	$ap,$hi0,sp
+	and	$bp,$hi1,$rp
+	or	$ap,$ap,$bp	# ap=borrow?tp:rp
+
+.align	4
+.Lcopy:	ld	$aj,($ap)
+	PTR_ADD	$ap,8
+	PTR_ADD	$tp,8
+	sd	zero,-8($tp)
+	sltu	AT,$tp,$tj
+	sd	$aj,($rp)
+	bnez	AT,.Lcopy
+	PTR_ADD	$rp,8
+
+	ld	s0,0($fp)
+	ld	s1,8($fp)
+	ld	s2,16($fp)
+	ld	s3,24($fp)
+	ld	s4,32($fp)
+	ld	s5,40($fp)
+	ld	s6,48($fp)
+	ld	s7,56($fp)
+	li	v0,1
+	jr	ra
+	PTR_ADD	sp,$fp,64
+	.set	reorder
+END(bn_mul_mont)
+.rdata
+.asciiz	"Montgomery Multiplication for MIPS III/IV, CRYPTOGAMS by <appro\@openssl.org>"
+___
+
+print $code;
+close STDOUT;
diff --git a/crypto/bn/asm/parisc-mont.pl b/crypto/bn/asm/parisc-mont.pl
new file mode 100644
index 0000000000..4a766a87fb
--- /dev/null
+++ b/crypto/bn/asm/parisc-mont.pl
@@ -0,0 +1,993 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# On PA-7100LC this module performs ~90-50% better, less for longer
+# keys, than code generated by gcc 3.2 for PA-RISC 1.1. Latter means
+# that compiler utilized xmpyu instruction to perform 32x32=64-bit
+# multiplication, which in turn means that "baseline" performance was
+# optimal in respect to instruction set capabilities. Fair comparison
+# with vendor compiler is problematic, because OpenSSL doesn't define
+# BN_LLONG [presumably] for historical reasons, which drives compiler
+# toward 4 times 16x16=32-bit multiplicatons [plus complementary
+# shifts and additions] instead. This means that you should observe
+# several times improvement over code generated by vendor compiler
+# for PA-RISC 1.1, but the "baseline" is far from optimal. The actual
+# improvement coefficient was never collected on PA-7100LC, or any
+# other 1.1 CPU, because I don't have access to such machine with
+# vendor compiler. But to give you a taste, PA-RISC 1.1 code path
+# reportedly outperformed code generated by cc +DA1.1 +O3 by factor
+# of ~5x on PA-8600.
+#
+# On PA-RISC 2.0 it has to compete with pa-risc2[W].s, which is
+# reportedly ~2x faster than vendor compiler generated code [according
+# to comment in pa-risc2[W].s]. Here comes a catch. Execution core of
+# this implementation is actually 32-bit one, in the sense that it
+# operates on 32-bit values. But pa-risc2[W].s operates on arrays of
+# 64-bit BN_LONGs... How do they interoperate then? No problem. This
+# module picks halves of 64-bit values in reverse order and pretends
+# they were 32-bit BN_LONGs. But can 32-bit core compete with "pure"
+# 64-bit code such as pa-risc2[W].s then? Well, the thing is that
+# 32x32=64-bit multiplication is the best even PA-RISC 2.0 can do,
+# i.e. there is no "wider" multiplication like on most other 64-bit
+# platforms. This means that even being effectively 32-bit, this
+# implementation performs "64-bit" computational task in same amount
+# of arithmetic operations, most notably multiplications. It requires
+# more memory references, most notably to tp[num], but this doesn't
+# seem to exhaust memory port capacity. And indeed, dedicated PA-RISC
+# 2.0 code path, provides virtually same performance as pa-risc2[W].s:
+# it's ~10% better for shortest key length and ~10% worse for longest
+# one.
+#
+# In case it wasn't clear. The module has two distinct code paths:
+# PA-RISC 1.1 and PA-RISC 2.0 ones. Latter features carry-free 64-bit
+# additions and 64-bit integer loads, not to mention specific
+# instruction scheduling. In 64-bit build naturally only 2.0 code path
+# is assembled. In 32-bit application context both code paths are
+# assembled, PA-RISC 2.0 CPU is detected at run-time and proper path
+# is taken automatically. Also, in 32-bit build the module imposes
+# couple of limitations: vector lengths has to be even and vector
+# addresses has to be 64-bit aligned. Normally neither is a problem:
+# most common key lengths are even and vectors are commonly malloc-ed,
+# which ensures alignment.
+#
+# Special thanks to polarhome.com for providing HP-UX account on
+# PA-RISC 1.1 machine, and to correspondent who chose to remain
+# anonymous for testing the code on PA-RISC 2.0 machine.
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+
+$flavour = shift;
+$output = shift;
+
+open STDOUT,">$output";
+
+if ($flavour =~ /64/) {
+	$LEVEL		="2.0W";
+	$SIZE_T		=8;
+	$FRAME_MARKER	=80;
+	$SAVED_RP	=16;
+	$PUSH		="std";
+	$PUSHMA		="std,ma";
+	$POP		="ldd";
+	$POPMB		="ldd,mb";
+	$BN_SZ		=$SIZE_T;
+} else {
+	$LEVEL		="1.1";	#$LEVEL.="\n\t.ALLOW\t2.0";
+	$SIZE_T		=4;
+	$FRAME_MARKER	=48;
+	$SAVED_RP	=20;
+	$PUSH		="stw";
+	$PUSHMA		="stwm";
+	$POP		="ldw";
+	$POPMB		="ldwm";
+	$BN_SZ		=$SIZE_T;
+	if (open CONF,"<${dir}../../opensslconf.h") {
+	    while(<CONF>) {
+		if (m/#\s*define\s+SIXTY_FOUR_BIT/) {
+		    $BN_SZ=8;
+		    $LEVEL="2.0";
+		    last;
+		}
+	    }
+	    close CONF;
+	}
+}
+
+$FRAME=8*$SIZE_T+$FRAME_MARKER;	# 8 saved regs + frame marker
+				#                [+ argument transfer]
+$LOCALS=$FRAME-$FRAME_MARKER;
+$FRAME+=32;			# local variables
+
+$tp="%r31";
+$ti1="%r29";
+$ti0="%r28";
+
+$rp="%r26";
+$ap="%r25";
+$bp="%r24";
+$np="%r23";
+$n0="%r22";	# passed through stack in 32-bit
+$num="%r21";	# passed through stack in 32-bit
+$idx="%r20";
+$arrsz="%r19";
+
+$nm1="%r7";
+$nm0="%r6";
+$ab1="%r5";
+$ab0="%r4";
+
+$fp="%r3";
+$hi1="%r2";
+$hi0="%r1";
+
+$xfer=$n0;	# accomodates [-16..15] offset in fld[dw]s
+
+$fm0="%fr4";	$fti=$fm0;
+$fbi="%fr5L";
+$fn0="%fr5R";
+$fai="%fr6";	$fab0="%fr7";	$fab1="%fr8";
+$fni="%fr9";	$fnm0="%fr10";	$fnm1="%fr11";
+
+$code=<<___;
+	.LEVEL	$LEVEL
+	.SPACE	\$TEXT\$
+	.SUBSPA	\$CODE\$,QUAD=0,ALIGN=8,ACCESS=0x2C,CODE_ONLY
+
+	.EXPORT	bn_mul_mont,ENTRY,ARGW0=GR,ARGW1=GR,ARGW2=GR,ARGW3=GR
+	.ALIGN	64
+bn_mul_mont
+	.PROC
+	.CALLINFO	FRAME=`$FRAME-8*$SIZE_T`,NO_CALLS,SAVE_RP,SAVE_SP,ENTRY_GR=6
+	.ENTRY
+	$PUSH	%r2,-$SAVED_RP(%sp)		; standard prologue
+	$PUSHMA	%r3,$FRAME(%sp)
+	$PUSH	%r4,`-$FRAME+1*$SIZE_T`(%sp)
+	$PUSH	%r5,`-$FRAME+2*$SIZE_T`(%sp)
+	$PUSH	%r6,`-$FRAME+3*$SIZE_T`(%sp)
+	$PUSH	%r7,`-$FRAME+4*$SIZE_T`(%sp)
+	$PUSH	%r8,`-$FRAME+5*$SIZE_T`(%sp)
+	$PUSH	%r9,`-$FRAME+6*$SIZE_T`(%sp)
+	$PUSH	%r10,`-$FRAME+7*$SIZE_T`(%sp)
+	ldo	-$FRAME(%sp),$fp
+___
+$code.=<<___ if ($SIZE_T==4);
+	ldw	`-$FRAME_MARKER-4`($fp),$n0
+	ldw	`-$FRAME_MARKER-8`($fp),$num
+	nop
+	nop					; alignment
+___
+$code.=<<___ if ($BN_SZ==4);
+	comiclr,<=	6,$num,%r0		; are vectors long enough?
+	b		L\$abort
+	ldi		0,%r28			; signal "unhandled"
+	add,ev		%r0,$num,$num		; is $num even?
+	b		L\$abort
+	nop
+	or		$ap,$np,$ti1
+	extru,=		$ti1,31,3,%r0		; are ap and np 64-bit aligned?
+	b		L\$abort
+	nop
+	nop					; alignment
+	nop
+
+	fldws		0($n0),${fn0}
+	fldws,ma	4($bp),${fbi}		; bp[0]
+___
+$code.=<<___ if ($BN_SZ==8);
+	comib,>		3,$num,L\$abort		; are vectors long enough?
+	ldi		0,%r28			; signal "unhandled"
+	addl		$num,$num,$num		; I operate on 32-bit values
+
+	fldws		4($n0),${fn0}		; only low part of n0
+	fldws		4($bp),${fbi}		; bp[0] in flipped word order
+___
+$code.=<<___;
+	fldds		0($ap),${fai}		; ap[0,1]
+	fldds		0($np),${fni}		; np[0,1]
+
+	sh2addl		$num,%r0,$arrsz
+	ldi		31,$hi0
+	ldo		36($arrsz),$hi1		; space for tp[num+1]
+	andcm		$hi1,$hi0,$hi1		; align
+	addl		$hi1,%sp,%sp
+	$PUSH		$fp,-$SIZE_T(%sp)
+
+	ldo		`$LOCALS+16`($fp),$xfer
+	ldo		`$LOCALS+32+4`($fp),$tp
+
+	xmpyu		${fai}L,${fbi},${fab0}	; ap[0]*bp[0]
+	xmpyu		${fai}R,${fbi},${fab1}	; ap[1]*bp[0]
+	xmpyu		${fn0},${fab0}R,${fm0}
+
+	addl		$arrsz,$ap,$ap		; point at the end
+	addl		$arrsz,$np,$np
+	subi		0,$arrsz,$idx		; j=0
+	ldo		8($idx),$idx		; j++++
+
+	xmpyu		${fni}L,${fm0}R,${fnm0}	; np[0]*m
+	xmpyu		${fni}R,${fm0}R,${fnm1}	; np[1]*m
+	fstds		${fab0},-16($xfer)
+	fstds		${fnm0},-8($xfer)
+	fstds		${fab1},0($xfer)
+	fstds		${fnm1},8($xfer)
+	 flddx		$idx($ap),${fai}	; ap[2,3]
+	 flddx		$idx($np),${fni}	; np[2,3]
+___
+$code.=<<___ if ($BN_SZ==4);
+	mtctl		$hi0,%cr11		; $hi0 still holds 31
+	extrd,u,*=	$hi0,%sar,1,$hi0	; executes on PA-RISC 1.0
+	b		L\$parisc11
+	nop
+___
+$code.=<<___;					# PA-RISC 2.0 code-path
+	xmpyu		${fai}L,${fbi},${fab0}	; ap[j]*bp[0]
+	xmpyu		${fni}L,${fm0}R,${fnm0}	; np[j]*m
+	ldd		-16($xfer),$ab0
+	fstds		${fab0},-16($xfer)
+
+	extrd,u		$ab0,31,32,$hi0
+	extrd,u		$ab0,63,32,$ab0
+	ldd		-8($xfer),$nm0
+	fstds		${fnm0},-8($xfer)
+	 ldo		8($idx),$idx		; j++++
+	 addl		$ab0,$nm0,$nm0		; low part is discarded
+	 extrd,u	$nm0,31,32,$hi1
+
+L\$1st
+	xmpyu		${fai}R,${fbi},${fab1}	; ap[j+1]*bp[0]
+	xmpyu		${fni}R,${fm0}R,${fnm1}	; np[j+1]*m
+	ldd		0($xfer),$ab1
+	fstds		${fab1},0($xfer)
+	 addl		$hi0,$ab1,$ab1
+	 extrd,u	$ab1,31,32,$hi0
+	ldd		8($xfer),$nm1
+	fstds		${fnm1},8($xfer)
+	 extrd,u	$ab1,63,32,$ab1
+	 addl		$hi1,$nm1,$nm1
+	flddx		$idx($ap),${fai}	; ap[j,j+1]
+	flddx		$idx($np),${fni}	; np[j,j+1]
+	 addl		$ab1,$nm1,$nm1
+	 extrd,u	$nm1,31,32,$hi1
+
+	xmpyu		${fai}L,${fbi},${fab0}	; ap[j]*bp[0]
+	xmpyu		${fni}L,${fm0}R,${fnm0}	; np[j]*m
+	ldd		-16($xfer),$ab0
+	fstds		${fab0},-16($xfer)
+	 addl		$hi0,$ab0,$ab0
+	 extrd,u	$ab0,31,32,$hi0
+	ldd		-8($xfer),$nm0
+	fstds		${fnm0},-8($xfer)
+	 extrd,u	$ab0,63,32,$ab0
+	 addl		$hi1,$nm0,$nm0
+	stw		$nm1,-4($tp)		; tp[j-1]
+	 addl		$ab0,$nm0,$nm0
+	 stw,ma		$nm0,8($tp)		; tp[j-1]
+	addib,<>	8,$idx,L\$1st		; j++++
+	 extrd,u	$nm0,31,32,$hi1
+
+	xmpyu		${fai}R,${fbi},${fab1}	; ap[j]*bp[0]
+	xmpyu		${fni}R,${fm0}R,${fnm1}	; np[j]*m
+	ldd		0($xfer),$ab1
+	fstds		${fab1},0($xfer)
+	 addl		$hi0,$ab1,$ab1
+	 extrd,u	$ab1,31,32,$hi0
+	ldd		8($xfer),$nm1
+	fstds		${fnm1},8($xfer)
+	 extrd,u	$ab1,63,32,$ab1
+	 addl		$hi1,$nm1,$nm1
+	ldd		-16($xfer),$ab0
+	 addl		$ab1,$nm1,$nm1
+	ldd		-8($xfer),$nm0
+	 extrd,u	$nm1,31,32,$hi1
+
+	 addl		$hi0,$ab0,$ab0
+	 extrd,u	$ab0,31,32,$hi0
+	stw		$nm1,-4($tp)		; tp[j-1]
+	 extrd,u	$ab0,63,32,$ab0
+	 addl		$hi1,$nm0,$nm0
+	ldd		0($xfer),$ab1
+	 addl		$ab0,$nm0,$nm0
+	ldd,mb		8($xfer),$nm1
+	 extrd,u	$nm0,31,32,$hi1
+	stw,ma		$nm0,8($tp)		; tp[j-1]
+
+	ldo		-1($num),$num		; i--
+	subi		0,$arrsz,$idx		; j=0
+___
+$code.=<<___ if ($BN_SZ==4);
+	fldws,ma	4($bp),${fbi}		; bp[1]
+___
+$code.=<<___ if ($BN_SZ==8);
+	fldws		0($bp),${fbi}		; bp[1] in flipped word order
+___
+$code.=<<___;
+	 flddx		$idx($ap),${fai}	; ap[0,1]
+	 flddx		$idx($np),${fni}	; np[0,1]
+	 fldws		8($xfer),${fti}R	; tp[0]
+	addl		$hi0,$ab1,$ab1
+	 extrd,u	$ab1,31,32,$hi0
+	 extrd,u	$ab1,63,32,$ab1
+	 ldo		8($idx),$idx		; j++++
+	 xmpyu		${fai}L,${fbi},${fab0}	; ap[0]*bp[1]
+	 xmpyu		${fai}R,${fbi},${fab1}	; ap[1]*bp[1]
+	addl		$hi1,$nm1,$nm1
+	addl		$ab1,$nm1,$nm1
+	extrd,u		$nm1,31,32,$hi1
+	 fstws,mb	${fab0}L,-8($xfer)	; save high part
+	stw		$nm1,-4($tp)		; tp[j-1]
+
+	 fcpy,sgl	%fr0,${fti}L		; zero high part
+	 fcpy,sgl	%fr0,${fab0}L
+	addl		$hi1,$hi0,$hi0
+	extrd,u		$hi0,31,32,$hi1
+	 fcnvxf,dbl,dbl	${fti},${fti}		; 32-bit unsigned int -> double
+	 fcnvxf,dbl,dbl	${fab0},${fab0}
+	stw		$hi0,0($tp)
+	stw		$hi1,4($tp)
+
+	fadd,dbl	${fti},${fab0},${fab0}	; add tp[0]
+	fcnvfx,dbl,dbl	${fab0},${fab0}		; double -> 33-bit unsigned int
+	xmpyu		${fn0},${fab0}R,${fm0}
+	ldo		`$LOCALS+32+4`($fp),$tp
+L\$outer
+	xmpyu		${fni}L,${fm0}R,${fnm0}	; np[0]*m
+	xmpyu		${fni}R,${fm0}R,${fnm1}	; np[1]*m
+	fstds		${fab0},-16($xfer)	; 33-bit value
+	fstds		${fnm0},-8($xfer)
+	 flddx		$idx($ap),${fai}	; ap[2]
+	 flddx		$idx($np),${fni}	; np[2]
+	 ldo		8($idx),$idx		; j++++
+	ldd		-16($xfer),$ab0		; 33-bit value
+	ldd		-8($xfer),$nm0
+	ldw		0($xfer),$hi0		; high part
+
+	xmpyu		${fai}L,${fbi},${fab0}	; ap[j]*bp[i]
+	xmpyu		${fni}L,${fm0}R,${fnm0}	; np[j]*m
+	 extrd,u	$ab0,31,32,$ti0		; carry bit
+	 extrd,u	$ab0,63,32,$ab0
+	fstds		${fab1},0($xfer)
+	 addl		$ti0,$hi0,$hi0		; account carry bit
+	fstds		${fnm1},8($xfer)
+	 addl		$ab0,$nm0,$nm0		; low part is discarded
+	ldw		0($tp),$ti1		; tp[1]
+	 extrd,u	$nm0,31,32,$hi1
+	fstds		${fab0},-16($xfer)
+	fstds		${fnm0},-8($xfer)
+
+L\$inner
+	xmpyu		${fai}R,${fbi},${fab1}	; ap[j+1]*bp[i]
+	xmpyu		${fni}R,${fm0}R,${fnm1}	; np[j+1]*m
+	ldd		0($xfer),$ab1
+	fstds		${fab1},0($xfer)
+	 addl		$hi0,$ti1,$ti1
+	 addl		$ti1,$ab1,$ab1
+	ldd		8($xfer),$nm1
+	fstds		${fnm1},8($xfer)
+	 extrd,u	$ab1,31,32,$hi0
+	 extrd,u	$ab1,63,32,$ab1
+	flddx		$idx($ap),${fai}	; ap[j,j+1]
+	flddx		$idx($np),${fni}	; np[j,j+1]
+	 addl		$hi1,$nm1,$nm1
+	 addl		$ab1,$nm1,$nm1
+	ldw		4($tp),$ti0		; tp[j]
+	stw		$nm1,-4($tp)		; tp[j-1]
+
+	xmpyu		${fai}L,${fbi},${fab0}	; ap[j]*bp[i]
+	xmpyu		${fni}L,${fm0}R,${fnm0}	; np[j]*m
+	ldd		-16($xfer),$ab0
+	fstds		${fab0},-16($xfer)
+	 addl		$hi0,$ti0,$ti0
+	 addl		$ti0,$ab0,$ab0
+	ldd		-8($xfer),$nm0
+	fstds		${fnm0},-8($xfer)
+	 extrd,u	$ab0,31,32,$hi0
+	 extrd,u	$nm1,31,32,$hi1
+	ldw		8($tp),$ti1		; tp[j]
+	 extrd,u	$ab0,63,32,$ab0
+	 addl		$hi1,$nm0,$nm0
+	 addl		$ab0,$nm0,$nm0
+	 stw,ma		$nm0,8($tp)		; tp[j-1]
+	addib,<>	8,$idx,L\$inner		; j++++
+	 extrd,u	$nm0,31,32,$hi1
+
+	xmpyu		${fai}R,${fbi},${fab1}	; ap[j]*bp[i]
+	xmpyu		${fni}R,${fm0}R,${fnm1}	; np[j]*m
+	ldd		0($xfer),$ab1
+	fstds		${fab1},0($xfer)
+	 addl		$hi0,$ti1,$ti1
+	 addl		$ti1,$ab1,$ab1
+	ldd		8($xfer),$nm1
+	fstds		${fnm1},8($xfer)
+	 extrd,u	$ab1,31,32,$hi0
+	 extrd,u	$ab1,63,32,$ab1
+	ldw		4($tp),$ti0		; tp[j]
+	 addl		$hi1,$nm1,$nm1
+	 addl		$ab1,$nm1,$nm1
+	ldd		-16($xfer),$ab0
+	ldd		-8($xfer),$nm0
+	 extrd,u	$nm1,31,32,$hi1
+
+	addl		$hi0,$ab0,$ab0
+	 addl		$ti0,$ab0,$ab0
+	 stw		$nm1,-4($tp)		; tp[j-1]
+	 extrd,u	$ab0,31,32,$hi0
+	ldw		8($tp),$ti1		; tp[j]
+	 extrd,u	$ab0,63,32,$ab0
+	 addl		$hi1,$nm0,$nm0
+	ldd		0($xfer),$ab1
+	 addl		$ab0,$nm0,$nm0
+	ldd,mb		8($xfer),$nm1
+	 extrd,u	$nm0,31,32,$hi1
+	 stw,ma		$nm0,8($tp)		; tp[j-1]
+
+	addib,=		-1,$num,L\$outerdone	; i--
+	subi		0,$arrsz,$idx		; j=0
+___
+$code.=<<___ if ($BN_SZ==4);
+	fldws,ma	4($bp),${fbi}		; bp[i]
+___
+$code.=<<___ if ($BN_SZ==8);
+	ldi		12,$ti0			; bp[i] in flipped word order
+	addl,ev		%r0,$num,$num
+	ldi		-4,$ti0
+	addl		$ti0,$bp,$bp
+	fldws		0($bp),${fbi}
+___
+$code.=<<___;
+	 flddx		$idx($ap),${fai}	; ap[0]
+	addl		$hi0,$ab1,$ab1
+	 flddx		$idx($np),${fni}	; np[0]
+	 fldws		8($xfer),${fti}R	; tp[0]
+	addl		$ti1,$ab1,$ab1
+	extrd,u		$ab1,31,32,$hi0
+	extrd,u		$ab1,63,32,$ab1
+
+	 ldo		8($idx),$idx		; j++++
+	 xmpyu		${fai}L,${fbi},${fab0}	; ap[0]*bp[i]
+	 xmpyu		${fai}R,${fbi},${fab1}	; ap[1]*bp[i]
+	ldw		4($tp),$ti0		; tp[j]
+
+	addl		$hi1,$nm1,$nm1
+	 fstws,mb	${fab0}L,-8($xfer)	; save high part
+	addl		$ab1,$nm1,$nm1
+	extrd,u		$nm1,31,32,$hi1
+	 fcpy,sgl	%fr0,${fti}L		; zero high part
+	 fcpy,sgl	%fr0,${fab0}L
+	stw		$nm1,-4($tp)		; tp[j-1]
+
+	 fcnvxf,dbl,dbl	${fti},${fti}		; 32-bit unsigned int -> double
+	 fcnvxf,dbl,dbl	${fab0},${fab0}
+	addl		$hi1,$hi0,$hi0
+	 fadd,dbl	${fti},${fab0},${fab0}	; add tp[0]
+	addl		$ti0,$hi0,$hi0
+	extrd,u		$hi0,31,32,$hi1
+	 fcnvfx,dbl,dbl	${fab0},${fab0}		; double -> 33-bit unsigned int
+	stw		$hi0,0($tp)
+	stw		$hi1,4($tp)
+	 xmpyu		${fn0},${fab0}R,${fm0}
+
+	b		L\$outer
+	ldo		`$LOCALS+32+4`($fp),$tp
+
+L\$outerdone
+	addl		$hi0,$ab1,$ab1
+	addl		$ti1,$ab1,$ab1
+	extrd,u		$ab1,31,32,$hi0
+	extrd,u		$ab1,63,32,$ab1
+
+	ldw		4($tp),$ti0		; tp[j]
+
+	addl		$hi1,$nm1,$nm1
+	addl		$ab1,$nm1,$nm1
+	extrd,u		$nm1,31,32,$hi1
+	stw		$nm1,-4($tp)		; tp[j-1]
+
+	addl		$hi1,$hi0,$hi0
+	addl		$ti0,$hi0,$hi0
+	extrd,u		$hi0,31,32,$hi1
+	stw		$hi0,0($tp)
+	stw		$hi1,4($tp)
+
+	ldo		`$LOCALS+32`($fp),$tp
+	sub		%r0,%r0,%r0		; clear borrow
+___
+$code.=<<___ if ($BN_SZ==4);
+	ldws,ma		4($tp),$ti0
+	extru,=		$rp,31,3,%r0		; is rp 64-bit aligned?
+	b		L\$sub_pa11
+	addl		$tp,$arrsz,$tp
+L\$sub
+	ldwx		$idx($np),$hi0
+	subb		$ti0,$hi0,$hi1
+	ldwx		$idx($tp),$ti0
+	addib,<>	4,$idx,L\$sub
+	stws,ma		$hi1,4($rp)
+
+	subb		$ti0,%r0,$hi1
+	ldo		-4($tp),$tp
+___
+$code.=<<___ if ($BN_SZ==8);
+	ldd,ma		8($tp),$ti0
+L\$sub
+	ldd		$idx($np),$hi0
+	shrpd		$ti0,$ti0,32,$ti0	; flip word order
+	std		$ti0,-8($tp)		; save flipped value
+	sub,db		$ti0,$hi0,$hi1
+	ldd,ma		8($tp),$ti0
+	addib,<>	8,$idx,L\$sub
+	std,ma		$hi1,8($rp)
+
+	extrd,u		$ti0,31,32,$ti0		; carry in flipped word order
+	sub,db		$ti0,%r0,$hi1
+	ldo		-8($tp),$tp
+___
+$code.=<<___;
+	and		$tp,$hi1,$ap
+	andcm		$rp,$hi1,$bp
+	or		$ap,$bp,$np
+
+	sub		$rp,$arrsz,$rp		; rewind rp
+	subi		0,$arrsz,$idx
+	ldo		`$LOCALS+32`($fp),$tp
+L\$copy
+	ldd		$idx($np),$hi0
+	std,ma		%r0,8($tp)
+	addib,<>	8,$idx,.-8		; L\$copy
+	std,ma		$hi0,8($rp)	
+___
+
+if ($BN_SZ==4) {				# PA-RISC 1.1 code-path
+$ablo=$ab0;
+$abhi=$ab1;
+$nmlo0=$nm0;
+$nmhi0=$nm1;
+$nmlo1="%r9";
+$nmhi1="%r8";
+
+$code.=<<___;
+	b		L\$done
+	nop
+
+	.ALIGN		8
+L\$parisc11
+	xmpyu		${fai}L,${fbi},${fab0}	; ap[j]*bp[0]
+	xmpyu		${fni}L,${fm0}R,${fnm0}	; np[j]*m
+	ldw		-12($xfer),$ablo
+	ldw		-16($xfer),$hi0
+	ldw		-4($xfer),$nmlo0
+	ldw		-8($xfer),$nmhi0
+	fstds		${fab0},-16($xfer)
+	fstds		${fnm0},-8($xfer)
+
+	 ldo		8($idx),$idx		; j++++
+	 add		$ablo,$nmlo0,$nmlo0	; discarded
+	 addc		%r0,$nmhi0,$hi1
+	ldw		4($xfer),$ablo
+	ldw		0($xfer),$abhi
+	nop
+
+L\$1st_pa11
+	xmpyu		${fai}R,${fbi},${fab1}	; ap[j+1]*bp[0]
+	flddx		$idx($ap),${fai}	; ap[j,j+1]
+	xmpyu		${fni}R,${fm0}R,${fnm1}	; np[j+1]*m
+	flddx		$idx($np),${fni}	; np[j,j+1]
+	 add		$hi0,$ablo,$ablo
+	ldw		12($xfer),$nmlo1
+	 addc		%r0,$abhi,$hi0
+	ldw		8($xfer),$nmhi1
+	 add		$ablo,$nmlo1,$nmlo1
+	fstds		${fab1},0($xfer)
+	 addc		%r0,$nmhi1,$nmhi1
+	fstds		${fnm1},8($xfer)
+	 add		$hi1,$nmlo1,$nmlo1
+	ldw		-12($xfer),$ablo
+	 addc		%r0,$nmhi1,$hi1
+	ldw		-16($xfer),$abhi
+
+	xmpyu		${fai}L,${fbi},${fab0}	; ap[j]*bp[0]
+	ldw		-4($xfer),$nmlo0
+	xmpyu		${fni}L,${fm0}R,${fnm0}	; np[j]*m
+	ldw		-8($xfer),$nmhi0
+	 add		$hi0,$ablo,$ablo
+	stw		$nmlo1,-4($tp)		; tp[j-1]
+	 addc		%r0,$abhi,$hi0
+	fstds		${fab0},-16($xfer)
+	 add		$ablo,$nmlo0,$nmlo0
+	fstds		${fnm0},-8($xfer)
+	 addc		%r0,$nmhi0,$nmhi0
+	ldw		0($xfer),$abhi
+	 add		$hi1,$nmlo0,$nmlo0
+	ldw		4($xfer),$ablo
+	 stws,ma	$nmlo0,8($tp)		; tp[j-1]
+	addib,<>	8,$idx,L\$1st_pa11	; j++++
+	 addc		%r0,$nmhi0,$hi1
+
+	 ldw		8($xfer),$nmhi1
+	 ldw		12($xfer),$nmlo1
+	xmpyu		${fai}R,${fbi},${fab1}	; ap[j]*bp[0]
+	xmpyu		${fni}R,${fm0}R,${fnm1}	; np[j]*m
+	 add		$hi0,$ablo,$ablo
+	fstds		${fab1},0($xfer)
+	 addc		%r0,$abhi,$hi0
+	fstds		${fnm1},8($xfer)
+	 add		$ablo,$nmlo1,$nmlo1
+	ldw		-16($xfer),$abhi
+	 addc		%r0,$nmhi1,$nmhi1
+	ldw		-12($xfer),$ablo
+	 add		$hi1,$nmlo1,$nmlo1
+	ldw		-8($xfer),$nmhi0
+	 addc		%r0,$nmhi1,$hi1
+	ldw		-4($xfer),$nmlo0
+
+	 add		$hi0,$ablo,$ablo
+	stw		$nmlo1,-4($tp)		; tp[j-1]
+	 addc		%r0,$abhi,$hi0
+	ldw		0($xfer),$abhi
+	 add		$ablo,$nmlo0,$nmlo0
+	ldw		4($xfer),$ablo
+	 addc		%r0,$nmhi0,$nmhi0
+	ldws,mb		8($xfer),$nmhi1
+	 add		$hi1,$nmlo0,$nmlo0
+	ldw		4($xfer),$nmlo1
+	 addc		%r0,$nmhi0,$hi1
+	stws,ma		$nmlo0,8($tp)		; tp[j-1]
+
+	ldo		-1($num),$num		; i--
+	subi		0,$arrsz,$idx		; j=0
+
+	 fldws,ma	4($bp),${fbi}		; bp[1]
+	 flddx		$idx($ap),${fai}	; ap[0,1]
+	 flddx		$idx($np),${fni}	; np[0,1]
+	 fldws		8($xfer),${fti}R	; tp[0]
+	add		$hi0,$ablo,$ablo
+	addc		%r0,$abhi,$hi0
+	 ldo		8($idx),$idx		; j++++
+	 xmpyu		${fai}L,${fbi},${fab0}	; ap[0]*bp[1]
+	 xmpyu		${fai}R,${fbi},${fab1}	; ap[1]*bp[1]
+	add		$hi1,$nmlo1,$nmlo1
+	addc		%r0,$nmhi1,$nmhi1
+	add		$ablo,$nmlo1,$nmlo1
+	addc		%r0,$nmhi1,$hi1
+	 fstws,mb	${fab0}L,-8($xfer)	; save high part
+	stw		$nmlo1,-4($tp)		; tp[j-1]
+
+	 fcpy,sgl	%fr0,${fti}L		; zero high part
+	 fcpy,sgl	%fr0,${fab0}L
+	add		$hi1,$hi0,$hi0
+	addc		%r0,%r0,$hi1
+	 fcnvxf,dbl,dbl	${fti},${fti}		; 32-bit unsigned int -> double
+	 fcnvxf,dbl,dbl	${fab0},${fab0}
+	stw		$hi0,0($tp)
+	stw		$hi1,4($tp)
+
+	fadd,dbl	${fti},${fab0},${fab0}	; add tp[0]
+	fcnvfx,dbl,dbl	${fab0},${fab0}		; double -> 33-bit unsigned int
+	xmpyu		${fn0},${fab0}R,${fm0}
+	ldo		`$LOCALS+32+4`($fp),$tp
+L\$outer_pa11
+	xmpyu		${fni}L,${fm0}R,${fnm0}	; np[0]*m
+	xmpyu		${fni}R,${fm0}R,${fnm1}	; np[1]*m
+	fstds		${fab0},-16($xfer)	; 33-bit value
+	fstds		${fnm0},-8($xfer)
+	 flddx		$idx($ap),${fai}	; ap[2,3]
+	 flddx		$idx($np),${fni}	; np[2,3]
+	ldw		-16($xfer),$abhi	; carry bit actually
+	 ldo		8($idx),$idx		; j++++
+	ldw		-12($xfer),$ablo
+	ldw		-8($xfer),$nmhi0
+	ldw		-4($xfer),$nmlo0
+	ldw		0($xfer),$hi0		; high part
+
+	xmpyu		${fai}L,${fbi},${fab0}	; ap[j]*bp[i]
+	xmpyu		${fni}L,${fm0}R,${fnm0}	; np[j]*m
+	fstds		${fab1},0($xfer)
+	 addl		$abhi,$hi0,$hi0		; account carry bit
+	fstds		${fnm1},8($xfer)
+	 add		$ablo,$nmlo0,$nmlo0	; discarded
+	ldw		0($tp),$ti1		; tp[1]
+	 addc		%r0,$nmhi0,$hi1
+	fstds		${fab0},-16($xfer)
+	fstds		${fnm0},-8($xfer)
+	ldw		4($xfer),$ablo
+	ldw		0($xfer),$abhi
+
+L\$inner_pa11
+	xmpyu		${fai}R,${fbi},${fab1}	; ap[j+1]*bp[i]
+	flddx		$idx($ap),${fai}	; ap[j,j+1]
+	xmpyu		${fni}R,${fm0}R,${fnm1}	; np[j+1]*m
+	flddx		$idx($np),${fni}	; np[j,j+1]
+	 add		$hi0,$ablo,$ablo
+	ldw		4($tp),$ti0		; tp[j]
+	 addc		%r0,$abhi,$abhi
+	ldw		12($xfer),$nmlo1
+	 add		$ti1,$ablo,$ablo
+	ldw		8($xfer),$nmhi1
+	 addc		%r0,$abhi,$hi0
+	fstds		${fab1},0($xfer)
+	 add		$ablo,$nmlo1,$nmlo1
+	fstds		${fnm1},8($xfer)
+	 addc		%r0,$nmhi1,$nmhi1
+	ldw		-12($xfer),$ablo
+	 add		$hi1,$nmlo1,$nmlo1
+	ldw		-16($xfer),$abhi
+	 addc		%r0,$nmhi1,$hi1
+
+	xmpyu		${fai}L,${fbi},${fab0}	; ap[j]*bp[i]
+	ldw		8($tp),$ti1		; tp[j]
+	xmpyu		${fni}L,${fm0}R,${fnm0}	; np[j]*m
+	ldw		-4($xfer),$nmlo0
+	 add		$hi0,$ablo,$ablo
+	ldw		-8($xfer),$nmhi0
+	 addc		%r0,$abhi,$abhi
+	stw		$nmlo1,-4($tp)		; tp[j-1]
+	 add		$ti0,$ablo,$ablo
+	fstds		${fab0},-16($xfer)
+	 addc		%r0,$abhi,$hi0
+	fstds		${fnm0},-8($xfer)
+	 add		$ablo,$nmlo0,$nmlo0
+	ldw		4($xfer),$ablo
+	 addc		%r0,$nmhi0,$nmhi0
+	ldw		0($xfer),$abhi
+	 add		$hi1,$nmlo0,$nmlo0
+	 stws,ma	$nmlo0,8($tp)		; tp[j-1]
+	addib,<>	8,$idx,L\$inner_pa11	; j++++
+	 addc		%r0,$nmhi0,$hi1
+
+	xmpyu		${fai}R,${fbi},${fab1}	; ap[j]*bp[i]
+	ldw		12($xfer),$nmlo1
+	xmpyu		${fni}R,${fm0}R,${fnm1}	; np[j]*m
+	ldw		8($xfer),$nmhi1
+	 add		$hi0,$ablo,$ablo
+	ldw		4($tp),$ti0		; tp[j]
+	 addc		%r0,$abhi,$abhi
+	fstds		${fab1},0($xfer)
+	 add		$ti1,$ablo,$ablo
+	fstds		${fnm1},8($xfer)
+	 addc		%r0,$abhi,$hi0
+	ldw		-16($xfer),$abhi
+	 add		$ablo,$nmlo1,$nmlo1
+	ldw		-12($xfer),$ablo
+	 addc		%r0,$nmhi1,$nmhi1
+	ldw		-8($xfer),$nmhi0
+	 add		$hi1,$nmlo1,$nmlo1
+	ldw		-4($xfer),$nmlo0
+	 addc		%r0,$nmhi1,$hi1
+
+	add		$hi0,$ablo,$ablo
+	 stw		$nmlo1,-4($tp)		; tp[j-1]
+	addc		%r0,$abhi,$abhi
+	 add		$ti0,$ablo,$ablo
+	ldw		8($tp),$ti1		; tp[j]
+	 addc		%r0,$abhi,$hi0
+	ldw		0($xfer),$abhi
+	 add		$ablo,$nmlo0,$nmlo0
+	ldw		4($xfer),$ablo
+	 addc		%r0,$nmhi0,$nmhi0
+	ldws,mb		8($xfer),$nmhi1
+	 add		$hi1,$nmlo0,$nmlo0
+	ldw		4($xfer),$nmlo1
+	 addc		%r0,$nmhi0,$hi1
+	 stws,ma	$nmlo0,8($tp)		; tp[j-1]
+
+	addib,=		-1,$num,L\$outerdone_pa11; i--
+	subi		0,$arrsz,$idx		; j=0
+
+	 fldws,ma	4($bp),${fbi}		; bp[i]
+	 flddx		$idx($ap),${fai}	; ap[0]
+	add		$hi0,$ablo,$ablo
+	addc		%r0,$abhi,$abhi
+	 flddx		$idx($np),${fni}	; np[0]
+	 fldws		8($xfer),${fti}R	; tp[0]
+	add		$ti1,$ablo,$ablo
+	addc		%r0,$abhi,$hi0
+
+	 ldo		8($idx),$idx		; j++++
+	 xmpyu		${fai}L,${fbi},${fab0}	; ap[0]*bp[i]
+	 xmpyu		${fai}R,${fbi},${fab1}	; ap[1]*bp[i]
+	ldw		4($tp),$ti0		; tp[j]
+
+	add		$hi1,$nmlo1,$nmlo1
+	addc		%r0,$nmhi1,$nmhi1
+	 fstws,mb	${fab0}L,-8($xfer)	; save high part
+	add		$ablo,$nmlo1,$nmlo1
+	addc		%r0,$nmhi1,$hi1
+	 fcpy,sgl	%fr0,${fti}L		; zero high part
+	 fcpy,sgl	%fr0,${fab0}L
+	stw		$nmlo1,-4($tp)		; tp[j-1]
+
+	 fcnvxf,dbl,dbl	${fti},${fti}		; 32-bit unsigned int -> double
+	 fcnvxf,dbl,dbl	${fab0},${fab0}
+	add		$hi1,$hi0,$hi0
+	addc		%r0,%r0,$hi1
+	 fadd,dbl	${fti},${fab0},${fab0}	; add tp[0]
+	add		$ti0,$hi0,$hi0
+	addc		%r0,$hi1,$hi1
+	 fcnvfx,dbl,dbl	${fab0},${fab0}		; double -> 33-bit unsigned int
+	stw		$hi0,0($tp)
+	stw		$hi1,4($tp)
+	 xmpyu		${fn0},${fab0}R,${fm0}
+
+	b		L\$outer_pa11
+	ldo		`$LOCALS+32+4`($fp),$tp
+
+L\$outerdone_pa11
+	add		$hi0,$ablo,$ablo
+	addc		%r0,$abhi,$abhi
+	add		$ti1,$ablo,$ablo
+	addc		%r0,$abhi,$hi0
+
+	ldw		4($tp),$ti0		; tp[j]
+
+	add		$hi1,$nmlo1,$nmlo1
+	addc		%r0,$nmhi1,$nmhi1
+	add		$ablo,$nmlo1,$nmlo1
+	addc		%r0,$nmhi1,$hi1
+	stw		$nmlo1,-4($tp)		; tp[j-1]
+
+	add		$hi1,$hi0,$hi0
+	addc		%r0,%r0,$hi1
+	add		$ti0,$hi0,$hi0
+	addc		%r0,$hi1,$hi1
+	stw		$hi0,0($tp)
+	stw		$hi1,4($tp)
+
+	ldo		`$LOCALS+32+4`($fp),$tp
+	sub		%r0,%r0,%r0		; clear borrow
+	ldw		-4($tp),$ti0
+	addl		$tp,$arrsz,$tp
+L\$sub_pa11
+	ldwx		$idx($np),$hi0
+	subb		$ti0,$hi0,$hi1
+	ldwx		$idx($tp),$ti0
+	addib,<>	4,$idx,L\$sub_pa11
+	stws,ma		$hi1,4($rp)
+
+	subb		$ti0,%r0,$hi1
+	ldo		-4($tp),$tp
+	and		$tp,$hi1,$ap
+	andcm		$rp,$hi1,$bp
+	or		$ap,$bp,$np
+
+	sub		$rp,$arrsz,$rp		; rewind rp
+	subi		0,$arrsz,$idx
+	ldo		`$LOCALS+32`($fp),$tp
+L\$copy_pa11
+	ldwx		$idx($np),$hi0
+	stws,ma		%r0,4($tp)
+	addib,<>	4,$idx,L\$copy_pa11
+	stws,ma		$hi0,4($rp)	
+
+	nop					; alignment
+L\$done
+___
+}
+
+$code.=<<___;
+	ldi		1,%r28			; signal "handled"
+	ldo		$FRAME($fp),%sp		; destroy tp[num+1]
+
+	$POP	`-$FRAME-$SAVED_RP`(%sp),%r2	; standard epilogue
+	$POP	`-$FRAME+1*$SIZE_T`(%sp),%r4
+	$POP	`-$FRAME+2*$SIZE_T`(%sp),%r5
+	$POP	`-$FRAME+3*$SIZE_T`(%sp),%r6
+	$POP	`-$FRAME+4*$SIZE_T`(%sp),%r7
+	$POP	`-$FRAME+5*$SIZE_T`(%sp),%r8
+	$POP	`-$FRAME+6*$SIZE_T`(%sp),%r9
+	$POP	`-$FRAME+7*$SIZE_T`(%sp),%r10
+L\$abort
+	bv	(%r2)
+	.EXIT
+	$POPMB	-$FRAME(%sp),%r3
+	.PROCEND
+	.STRINGZ "Montgomery Multiplication for PA-RISC, CRYPTOGAMS by <appro\@openssl.org>"
+___
+
+# Explicitly encode PA-RISC 2.0 instructions used in this module, so
+# that it can be compiled with .LEVEL 1.0. It should be noted that I
+# wouldn't have to do this, if GNU assembler understood .ALLOW 2.0
+# directive...
+
+my $ldd = sub {
+  my ($mod,$args) = @_;
+  my $orig = "ldd$mod\t$args";
+
+    if ($args =~ /%r([0-9]+)\(%r([0-9]+)\),%r([0-9]+)/)		# format 4
+    {	my $opcode=(0x03<<26)|($2<<21)|($1<<16)|(3<<6)|$3;
+	sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig;
+    }
+    elsif ($args =~ /(\-?[0-9]+)\(%r([0-9]+)\),%r([0-9]+)/)	# format 5
+    {	my $opcode=(0x03<<26)|($2<<21)|(1<<12)|(3<<6)|$3;
+	$opcode|=(($1&0xF)<<17)|(($1&0x10)<<12);		# encode offset
+	$opcode|=(1<<5)  if ($mod =~ /^,m/);
+	$opcode|=(1<<13) if ($mod =~ /^,mb/);
+	sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig;
+    }
+    else { "\t".$orig; }
+};
+
+my $std = sub {
+  my ($mod,$args) = @_;
+  my $orig = "std$mod\t$args";
+
+    if ($args =~ /%r([0-9]+),(\-?[0-9]+)\(%r([0-9]+)\)/)	# format 6
+    {	my $opcode=(0x03<<26)|($3<<21)|($1<<16)|(1<<12)|(0xB<<6);
+	$opcode|=(($2&0xF)<<1)|(($2&0x10)>>4);			# encode offset
+	$opcode|=(1<<5)  if ($mod =~ /^,m/);
+	$opcode|=(1<<13) if ($mod =~ /^,mb/);
+	sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig;
+    }
+    else { "\t".$orig; }
+};
+
+my $extrd = sub {
+  my ($mod,$args) = @_;
+  my $orig = "extrd$mod\t$args";
+
+    # I only have ",u" completer, it's implicitly encoded...
+    if ($args =~ /%r([0-9]+),([0-9]+),([0-9]+),%r([0-9]+)/)	# format 15
+    {	my $opcode=(0x36<<26)|($1<<21)|($4<<16);
+	my $len=32-$3;
+	$opcode |= (($2&0x20)<<6)|(($2&0x1f)<<5);		# encode pos
+	$opcode |= (($len&0x20)<<7)|($len&0x1f);		# encode len
+	sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig;
+    }
+    elsif ($args =~ /%r([0-9]+),%sar,([0-9]+),%r([0-9]+)/)	# format 12
+    {	my $opcode=(0x34<<26)|($1<<21)|($3<<16)|(2<<11)|(1<<9);
+	my $len=32-$2;
+	$opcode |= (($len&0x20)<<3)|($len&0x1f);		# encode len
+	$opcode |= (1<<13) if ($mod =~ /,\**=/);
+	sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig;
+    }
+    else { "\t".$orig; }
+};
+
+my $shrpd = sub {
+  my ($mod,$args) = @_;
+  my $orig = "shrpd$mod\t$args";
+
+    if ($args =~ /%r([0-9]+),%r([0-9]+),([0-9]+),%r([0-9]+)/)	# format 14
+    {	my $opcode=(0x34<<26)|($2<<21)|($1<<16)|(1<<10)|$4;
+	my $cpos=63-$3;
+	$opcode |= (($cpos&0x20)<<6)|(($cpos&0x1f)<<5);		# encode sa
+	sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig;
+    }
+    else { "\t".$orig; }
+};
+
+my $sub = sub {
+  my ($mod,$args) = @_;
+  my $orig = "sub$mod\t$args";
+
+    if ($mod eq ",db" && $args =~ /%r([0-9]+),%r([0-9]+),%r([0-9]+)/) {
+	my $opcode=(0x02<<26)|($2<<21)|($1<<16)|$3;
+	$opcode|=(1<<10);	# e1
+	$opcode|=(1<<8);	# e2
+	$opcode|=(1<<5);	# d
+	sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig
+    }
+    else { "\t".$orig; }
+};
+
+sub assemble {
+  my ($mnemonic,$mod,$args)=@_;
+  my $opcode = eval("\$$mnemonic");
+
+    ref($opcode) eq 'CODE' ? &$opcode($mod,$args) : "\t$mnemonic$mod\t$args";
+}
+
+foreach (split("\n",$code)) {
+	s/\`([^\`]*)\`/eval $1/ge;
+	# flip word order in 64-bit mode...
+	s/(xmpyu\s+)($fai|$fni)([LR])/$1.$2.($3 eq "L"?"R":"L")/e if ($BN_SZ==8);
+	# assemble 2.0 instructions in 32-bit mode...
+	s/^\s+([a-z]+)([\S]*)\s+([\S]*)/&assemble($1,$2,$3)/e if ($BN_SZ==4);
+
+	print $_,"\n";
+}
+close STDOUT;
diff --git a/crypto/bn/asm/ppc-mont.pl b/crypto/bn/asm/ppc-mont.pl
new file mode 100644
index 0000000000..9257b2cd71
--- /dev/null
+++ b/crypto/bn/asm/ppc-mont.pl
@@ -0,0 +1,328 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# April 2006
+
+# "Teaser" Montgomery multiplication module for PowerPC. It's possible
+# to gain a bit more by modulo-scheduling outer loop, then dedicated
+# squaring procedure should give further 20% and code can be adapted
+# for 32-bit application running on 64-bit CPU. As for the latter.
+# It won't be able to achieve "native" 64-bit performance, because in
+# 32-bit application context every addc instruction will have to be
+# expanded as addc, twice right shift by 32 and finally adde, etc.
+# So far RSA *sign* performance improvement over pre-bn_mul_mont asm
+# for 64-bit application running on PPC970/G5 is:
+#
+# 512-bit	+65%	
+# 1024-bit	+35%
+# 2048-bit	+18%
+# 4096-bit	+4%
+
+$flavour = shift;
+
+if ($flavour =~ /32/) {
+	$BITS=	32;
+	$BNSZ=	$BITS/8;
+	$SIZE_T=4;
+	$RZONE=	224;
+	$FRAME=	$SIZE_T*16;
+
+	$LD=	"lwz";		# load
+	$LDU=	"lwzu";		# load and update
+	$LDX=	"lwzx";		# load indexed
+	$ST=	"stw";		# store
+	$STU=	"stwu";		# store and update
+	$STX=	"stwx";		# store indexed
+	$STUX=	"stwux";	# store indexed and update
+	$UMULL=	"mullw";	# unsigned multiply low
+	$UMULH=	"mulhwu";	# unsigned multiply high
+	$UCMP=	"cmplw";	# unsigned compare
+	$SHRI=	"srwi";		# unsigned shift right by immediate	
+	$PUSH=	$ST;
+	$POP=	$LD;
+} elsif ($flavour =~ /64/) {
+	$BITS=	64;
+	$BNSZ=	$BITS/8;
+	$SIZE_T=8;
+	$RZONE=	288;
+	$FRAME=	$SIZE_T*16;
+
+	# same as above, but 64-bit mnemonics...
+	$LD=	"ld";		# load
+	$LDU=	"ldu";		# load and update
+	$LDX=	"ldx";		# load indexed
+	$ST=	"std";		# store
+	$STU=	"stdu";		# store and update
+	$STX=	"stdx";		# store indexed
+	$STUX=	"stdux";	# store indexed and update
+	$UMULL=	"mulld";	# unsigned multiply low
+	$UMULH=	"mulhdu";	# unsigned multiply high
+	$UCMP=	"cmpld";	# unsigned compare
+	$SHRI=	"srdi";		# unsigned shift right by immediate	
+	$PUSH=	$ST;
+	$POP=	$LD;
+} else { die "nonsense $flavour"; }
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+( $xlate="${dir}ppc-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}../../perlasm/ppc-xlate.pl" and -f $xlate) or
+die "can't locate ppc-xlate.pl";
+
+open STDOUT,"| $^X $xlate $flavour ".shift || die "can't call $xlate: $!";
+
+$sp="r1";
+$toc="r2";
+$rp="r3";	$ovf="r3";
+$ap="r4";
+$bp="r5";
+$np="r6";
+$n0="r7";
+$num="r8";
+$rp="r9";	# $rp is reassigned
+$aj="r10";
+$nj="r11";
+$tj="r12";
+# non-volatile registers
+$i="r14";
+$j="r15";
+$tp="r16";
+$m0="r17";
+$m1="r18";
+$lo0="r19";
+$hi0="r20";
+$lo1="r21";
+$hi1="r22";
+$alo="r23";
+$ahi="r24";
+$nlo="r25";
+#
+$nhi="r0";
+
+$code=<<___;
+.machine "any"
+.text
+
+.globl	.bn_mul_mont_int
+.align	4
+.bn_mul_mont_int:
+	cmpwi	$num,4
+	mr	$rp,r3		; $rp is reassigned
+	li	r3,0
+	bltlr
+___
+$code.=<<___ if ($BNSZ==4);
+	cmpwi	$num,32		; longer key performance is not better
+	bgelr
+___
+$code.=<<___;
+	slwi	$num,$num,`log($BNSZ)/log(2)`
+	li	$tj,-4096
+	addi	$ovf,$num,`$FRAME+$RZONE`
+	subf	$ovf,$ovf,$sp	; $sp-$ovf
+	and	$ovf,$ovf,$tj	; minimize TLB usage
+	subf	$ovf,$sp,$ovf	; $ovf-$sp
+	srwi	$num,$num,`log($BNSZ)/log(2)`
+	$STUX	$sp,$sp,$ovf
+
+	$PUSH	r14,`4*$SIZE_T`($sp)
+	$PUSH	r15,`5*$SIZE_T`($sp)
+	$PUSH	r16,`6*$SIZE_T`($sp)
+	$PUSH	r17,`7*$SIZE_T`($sp)
+	$PUSH	r18,`8*$SIZE_T`($sp)
+	$PUSH	r19,`9*$SIZE_T`($sp)
+	$PUSH	r20,`10*$SIZE_T`($sp)
+	$PUSH	r21,`11*$SIZE_T`($sp)
+	$PUSH	r22,`12*$SIZE_T`($sp)
+	$PUSH	r23,`13*$SIZE_T`($sp)
+	$PUSH	r24,`14*$SIZE_T`($sp)
+	$PUSH	r25,`15*$SIZE_T`($sp)
+
+	$LD	$n0,0($n0)	; pull n0[0] value
+	addi	$num,$num,-2	; adjust $num for counter register
+
+	$LD	$m0,0($bp)	; m0=bp[0]
+	$LD	$aj,0($ap)	; ap[0]
+	addi	$tp,$sp,$FRAME
+	$UMULL	$lo0,$aj,$m0	; ap[0]*bp[0]
+	$UMULH	$hi0,$aj,$m0
+
+	$LD	$aj,$BNSZ($ap)	; ap[1]
+	$LD	$nj,0($np)	; np[0]
+
+	$UMULL	$m1,$lo0,$n0	; "tp[0]"*n0
+
+	$UMULL	$alo,$aj,$m0	; ap[1]*bp[0]
+	$UMULH	$ahi,$aj,$m0
+
+	$UMULL	$lo1,$nj,$m1	; np[0]*m1
+	$UMULH	$hi1,$nj,$m1
+	$LD	$nj,$BNSZ($np)	; np[1]
+	addc	$lo1,$lo1,$lo0
+	addze	$hi1,$hi1
+
+	$UMULL	$nlo,$nj,$m1	; np[1]*m1
+	$UMULH	$nhi,$nj,$m1
+
+	mtctr	$num
+	li	$j,`2*$BNSZ`
+.align	4
+L1st:
+	$LDX	$aj,$ap,$j	; ap[j]
+	addc	$lo0,$alo,$hi0
+	$LDX	$nj,$np,$j	; np[j]
+	addze	$hi0,$ahi
+	$UMULL	$alo,$aj,$m0	; ap[j]*bp[0]
+	addc	$lo1,$nlo,$hi1
+	$UMULH	$ahi,$aj,$m0
+	addze	$hi1,$nhi
+	$UMULL	$nlo,$nj,$m1	; np[j]*m1
+	addc	$lo1,$lo1,$lo0	; np[j]*m1+ap[j]*bp[0]
+	$UMULH	$nhi,$nj,$m1
+	addze	$hi1,$hi1
+	$ST	$lo1,0($tp)	; tp[j-1]
+
+	addi	$j,$j,$BNSZ	; j++
+	addi	$tp,$tp,$BNSZ	; tp++
+	bdnz-	L1st
+;L1st
+	addc	$lo0,$alo,$hi0
+	addze	$hi0,$ahi
+
+	addc	$lo1,$nlo,$hi1
+	addze	$hi1,$nhi
+	addc	$lo1,$lo1,$lo0	; np[j]*m1+ap[j]*bp[0]
+	addze	$hi1,$hi1
+	$ST	$lo1,0($tp)	; tp[j-1]
+
+	li	$ovf,0
+	addc	$hi1,$hi1,$hi0
+	addze	$ovf,$ovf	; upmost overflow bit
+	$ST	$hi1,$BNSZ($tp)
+
+	li	$i,$BNSZ
+.align	4
+Louter:
+	$LDX	$m0,$bp,$i	; m0=bp[i]
+	$LD	$aj,0($ap)	; ap[0]
+	addi	$tp,$sp,$FRAME
+	$LD	$tj,$FRAME($sp)	; tp[0]
+	$UMULL	$lo0,$aj,$m0	; ap[0]*bp[i]
+	$UMULH	$hi0,$aj,$m0
+	$LD	$aj,$BNSZ($ap)	; ap[1]
+	$LD	$nj,0($np)	; np[0]
+	addc	$lo0,$lo0,$tj	; ap[0]*bp[i]+tp[0]
+	$UMULL	$alo,$aj,$m0	; ap[j]*bp[i]
+	addze	$hi0,$hi0
+	$UMULL	$m1,$lo0,$n0	; tp[0]*n0
+	$UMULH	$ahi,$aj,$m0
+	$UMULL	$lo1,$nj,$m1	; np[0]*m1
+	$UMULH	$hi1,$nj,$m1
+	$LD	$nj,$BNSZ($np)	; np[1]
+	addc	$lo1,$lo1,$lo0
+	$UMULL	$nlo,$nj,$m1	; np[1]*m1
+	addze	$hi1,$hi1
+	$UMULH	$nhi,$nj,$m1
+
+	mtctr	$num
+	li	$j,`2*$BNSZ`
+.align	4
+Linner:
+	$LDX	$aj,$ap,$j	; ap[j]
+	addc	$lo0,$alo,$hi0
+	$LD	$tj,$BNSZ($tp)	; tp[j]
+	addze	$hi0,$ahi
+	$LDX	$nj,$np,$j	; np[j]
+	addc	$lo1,$nlo,$hi1
+	$UMULL	$alo,$aj,$m0	; ap[j]*bp[i]
+	addze	$hi1,$nhi
+	$UMULH	$ahi,$aj,$m0
+	addc	$lo0,$lo0,$tj	; ap[j]*bp[i]+tp[j]
+	$UMULL	$nlo,$nj,$m1	; np[j]*m1
+	addze	$hi0,$hi0
+	$UMULH	$nhi,$nj,$m1
+	addc	$lo1,$lo1,$lo0	; np[j]*m1+ap[j]*bp[i]+tp[j]
+	addi	$j,$j,$BNSZ	; j++
+	addze	$hi1,$hi1
+	$ST	$lo1,0($tp)	; tp[j-1]
+	addi	$tp,$tp,$BNSZ	; tp++
+	bdnz-	Linner
+;Linner
+	$LD	$tj,$BNSZ($tp)	; tp[j]
+	addc	$lo0,$alo,$hi0
+	addze	$hi0,$ahi
+	addc	$lo0,$lo0,$tj	; ap[j]*bp[i]+tp[j]
+	addze	$hi0,$hi0
+
+	addc	$lo1,$nlo,$hi1
+	addze	$hi1,$nhi
+	addc	$lo1,$lo1,$lo0	; np[j]*m1+ap[j]*bp[i]+tp[j]
+	addze	$hi1,$hi1
+	$ST	$lo1,0($tp)	; tp[j-1]
+
+	addic	$ovf,$ovf,-1	; move upmost overflow to XER[CA]
+	li	$ovf,0
+	adde	$hi1,$hi1,$hi0
+	addze	$ovf,$ovf
+	$ST	$hi1,$BNSZ($tp)
+;
+	slwi	$tj,$num,`log($BNSZ)/log(2)`
+	$UCMP	$i,$tj
+	addi	$i,$i,$BNSZ
+	ble-	Louter
+
+	addi	$num,$num,2	; restore $num
+	subfc	$j,$j,$j	; j=0 and "clear" XER[CA]
+	addi	$tp,$sp,$FRAME
+	mtctr	$num
+
+.align	4
+Lsub:	$LDX	$tj,$tp,$j
+	$LDX	$nj,$np,$j
+	subfe	$aj,$nj,$tj	; tp[j]-np[j]
+	$STX	$aj,$rp,$j
+	addi	$j,$j,$BNSZ
+	bdnz-	Lsub
+
+	li	$j,0
+	mtctr	$num
+	subfe	$ovf,$j,$ovf	; handle upmost overflow bit
+	and	$ap,$tp,$ovf
+	andc	$np,$rp,$ovf
+	or	$ap,$ap,$np	; ap=borrow?tp:rp
+
+.align	4
+Lcopy:				; copy or in-place refresh
+	$LDX	$tj,$ap,$j
+	$STX	$tj,$rp,$j
+	$STX	$j,$tp,$j	; zap at once
+	addi	$j,$j,$BNSZ
+	bdnz-	Lcopy
+
+	$POP	r14,`4*$SIZE_T`($sp)
+	$POP	r15,`5*$SIZE_T`($sp)
+	$POP	r16,`6*$SIZE_T`($sp)
+	$POP	r17,`7*$SIZE_T`($sp)
+	$POP	r18,`8*$SIZE_T`($sp)
+	$POP	r19,`9*$SIZE_T`($sp)
+	$POP	r20,`10*$SIZE_T`($sp)
+	$POP	r21,`11*$SIZE_T`($sp)
+	$POP	r22,`12*$SIZE_T`($sp)
+	$POP	r23,`13*$SIZE_T`($sp)
+	$POP	r24,`14*$SIZE_T`($sp)
+	$POP	r25,`15*$SIZE_T`($sp)
+	$POP	$sp,0($sp)
+	li	r3,1
+	blr
+	.long	0
+.asciz  "Montgomery Multiplication for PPC, CRYPTOGAMS by <appro\@fy.chalmers.se>"
+___
+
+$code =~ s/\`([^\`]*)\`/eval $1/gem;
+print $code;
+close STDOUT;
diff --git a/crypto/bn/asm/ppc.pl b/crypto/bn/asm/ppc.pl
index 307c7ccb35..37c65d3511 100644
--- a/crypto/bn/asm/ppc.pl
+++ b/crypto/bn/asm/ppc.pl
@@ -100,9 +100,9 @@
 #	me a note at schari@us.ibm.com
 #
 
-$opf = shift;
+$flavour = shift;
 
-if ($opf =~ /32\.s/) {
+if ($flavour =~ /32/) {
 	$BITS=	32;
 	$BNSZ=	$BITS/8;
 	$ISA=	"\"ppc\"";
@@ -116,7 +116,7 @@ if ($opf =~ /32\.s/) {
 	$UDIV=	"divwu";	# unsigned divide
 	$UCMPI=	"cmplwi";	# unsigned compare with immediate
 	$UCMP=	"cmplw";	# unsigned compare
-	$COUNTZ="cntlzw";	# count leading zeros
+	$CNTLZ=	"cntlzw";	# count leading zeros
 	$SHL=	"slw";		# shift left
 	$SHR=	"srw";		# unsigned shift right
 	$SHRI=	"srwi";		# unsigned shift right by immediate	
@@ -124,7 +124,8 @@ if ($opf =~ /32\.s/) {
 	$CLRU=	"clrlwi";	# clear upper bits
 	$INSR=	"insrwi";	# insert right
 	$ROTL=	"rotlwi";	# rotate left by immediate
-} elsif ($opf =~ /64\.s/) {
+	$TR=	"tw";		# conditional trap
+} elsif ($flavour =~ /64/) {
 	$BITS=	64;
 	$BNSZ=	$BITS/8;
 	$ISA=	"\"ppc64\"";
@@ -139,7 +140,7 @@ if ($opf =~ /32\.s/) {
 	$UDIV=	"divdu";	# unsigned divide
 	$UCMPI=	"cmpldi";	# unsigned compare with immediate
 	$UCMP=	"cmpld";	# unsigned compare
-	$COUNTZ="cntlzd";	# count leading zeros
+	$CNTLZ=	"cntlzd";	# count leading zeros
 	$SHL=	"sld";		# shift left
 	$SHR=	"srd";		# unsigned shift right
 	$SHRI=	"srdi";		# unsigned shift right by immediate	
@@ -147,93 +148,17 @@ if ($opf =~ /32\.s/) {
 	$CLRU=	"clrldi";	# clear upper bits
 	$INSR=	"insrdi";	# insert right 
 	$ROTL=	"rotldi";	# rotate left by immediate
-} else { die "nonsense $opf"; }
+	$TR=	"td";		# conditional trap
+} else { die "nonsense $flavour"; }
 
-( defined shift || open STDOUT,">$opf" ) || die "can't open $opf: $!";
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+( $xlate="${dir}ppc-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}../../perlasm/ppc-xlate.pl" and -f $xlate) or
+die "can't locate ppc-xlate.pl";
 
-# function entry points from the AIX code
-#
-# There are other, more elegant, ways to handle this. We (IBM) chose
-# this approach as it plays well with scripts we run to 'namespace'
-# OpenSSL .i.e. we add a prefix to all the public symbols so we can
-# co-exist in the same process with other implementations of OpenSSL.
-# 'cleverer' ways of doing these substitutions tend to hide data we
-# need to be obvious.
-#
-my @items = ("bn_sqr_comba4",
-	     "bn_sqr_comba8",
-	     "bn_mul_comba4",
-	     "bn_mul_comba8",
-	     "bn_sub_words",
-	     "bn_add_words",
-	     "bn_div_words",
-	     "bn_sqr_words",
-	     "bn_mul_words",
-	     "bn_mul_add_words");
+open STDOUT,"| $^X $xlate $flavour ".shift || die "can't call $xlate: $!";
 
-if    ($opf =~ /linux/)	{  do_linux();	}
-elsif ($opf =~ /aix/)	{  do_aix();	}
-elsif ($opf =~ /osx/)	{  do_osx();	}
-else			{  do_bsd();	}
-
-sub do_linux {
-    $d=&data();
-
-    if ($BITS==64) {
-      foreach $t (@items) {
-        $d =~ s/\.$t:/\
-\t.section\t".opd","aw"\
-\t.align\t3\
-\t.globl\t$t\
-$t:\
-\t.quad\t.$t,.TOC.\@tocbase,0\
-\t.size\t$t,24\
-\t.previous\n\
-\t.type\t.$t,\@function\
-\t.globl\t.$t\
-.$t:/g;
-      }
-    }
-    else {
-      foreach $t (@items) {
-        $d=~s/\.$t/$t/g;
-      }
-    }
-    # hide internal labels to avoid pollution of name table...
-    $d=~s/Lppcasm_/.Lppcasm_/gm;
-    print $d;
-}
-
-sub do_aix {
-    # AIX assembler is smart enough to please the linker without
-    # making us do something special...
-    print &data();
-}
-
-# MacOSX 32 bit
-sub do_osx {
-    $d=&data();
-    # Change the bn symbol prefix from '.' to '_'
-    foreach $t (@items) {
-      $d=~s/\.$t/_$t/g;
-    }
-    # Change .machine to something OS X asm will accept
-    $d=~s/\.machine.*/.text/g;
-    $d=~s/\#/;/g; # change comment from '#' to ';'
-    print $d;
-}
-
-# BSD (Untested)
-sub do_bsd {
-    $d=&data();
-    foreach $t (@items) {
-      $d=~s/\.$t/_$t/g;
-    }
-    print $d;
-}
-
-sub data {
-	local($data)=<<EOF;
+$data=<<EOF;
 #--------------------------------------------------------------------
 #
 #
@@ -295,33 +220,20 @@ sub data {
 #
 #	Defines to be used in the assembly code.
 #	
-.set r0,0	# we use it as storage for value of 0
-.set SP,1	# preserved
-.set RTOC,2	# preserved 
-.set r3,3	# 1st argument/return value
-.set r4,4	# 2nd argument/volatile register
-.set r5,5	# 3rd argument/volatile register
-.set r6,6	# ...
-.set r7,7
-.set r8,8
-.set r9,9
-.set r10,10
-.set r11,11
-.set r12,12
-.set r13,13	# not used, nor any other "below" it...
-
-.set BO_IF_NOT,4
-.set BO_IF,12
-.set BO_dCTR_NZERO,16
-.set BO_dCTR_ZERO,18
-.set BO_ALWAYS,20
-.set CR0_LT,0;
-.set CR0_GT,1;
-.set CR0_EQ,2
-.set CR1_FX,4;
-.set CR1_FEX,5;
-.set CR1_VX,6
-.set LR,8
+#.set r0,0	# we use it as storage for value of 0
+#.set SP,1	# preserved
+#.set RTOC,2	# preserved 
+#.set r3,3	# 1st argument/return value
+#.set r4,4	# 2nd argument/volatile register
+#.set r5,5	# 3rd argument/volatile register
+#.set r6,6	# ...
+#.set r7,7
+#.set r8,8
+#.set r9,9
+#.set r10,10
+#.set r11,11
+#.set r12,12
+#.set r13,13	# not used, nor any other "below" it...
 
 #	Declare function names to be global
 #	NOTE:	For gcc these names MUST be changed to remove
@@ -342,7 +254,7 @@ sub data {
 	
 # .text section
 	
-	.machine	$ISA
+	.machine	"any"
 
 #
 #	NOTE:	The following label name should be changed to
@@ -476,7 +388,7 @@ sub data {
 
 	$ST		r9,`6*$BNSZ`(r3)	#r[6]=c1
 	$ST		r10,`7*$BNSZ`(r3)	#r[7]=c2
-	bclr	BO_ALWAYS,CR0_LT
+	blr
 	.long	0x00000000
 
 #
@@ -901,7 +813,7 @@ sub data {
 	$ST		r9, `15*$BNSZ`(r3)	#r[15]=c1;
 
 
-	bclr	BO_ALWAYS,CR0_LT
+	blr
 
 	.long	0x00000000
 
@@ -1053,7 +965,7 @@ sub data {
 
 	$ST	r10,`6*$BNSZ`(r3)	#r[6]=c1
 	$ST	r11,`7*$BNSZ`(r3)	#r[7]=c2
-	bclr	BO_ALWAYS,CR0_LT
+	blr
 	.long	0x00000000
 
 #
@@ -1589,7 +1501,7 @@ sub data {
 	adde	r10,r10,r9
 	$ST	r12,`14*$BNSZ`(r3)	#r[14]=c3;
 	$ST	r10,`15*$BNSZ`(r3)	#r[15]=c1;
-	bclr	BO_ALWAYS,CR0_LT
+	blr
 	.long	0x00000000
 
 #
@@ -1621,7 +1533,7 @@ sub data {
 	subfc.	r7,r0,r6        # If r6 is 0 then result is 0.
 				# if r6 > 0 then result !=0
 				# In either case carry bit is set.
-	bc	BO_IF,CR0_EQ,Lppcasm_sub_adios
+	beq	Lppcasm_sub_adios
 	addi	r4,r4,-$BNSZ
 	addi	r3,r3,-$BNSZ
 	addi	r5,r5,-$BNSZ
@@ -1633,11 +1545,11 @@ Lppcasm_sub_mainloop:
 				# if carry = 1 this is r7-r8. Else it
 				# is r7-r8 -1 as we need.
 	$STU	r6,$BNSZ(r3)
-	bc	BO_dCTR_NZERO,CR0_EQ,Lppcasm_sub_mainloop
+	bdnz-	Lppcasm_sub_mainloop
 Lppcasm_sub_adios:	
 	subfze	r3,r0		# if carry bit is set then r3 = 0 else -1
 	andi.	r3,r3,1         # keep only last bit.
-	bclr	BO_ALWAYS,CR0_LT
+	blr
 	.long	0x00000000
 
 
@@ -1668,7 +1580,7 @@ Lppcasm_sub_adios:
 #	check for r6 = 0. Is this needed?
 #
 	addic.	r6,r6,0		#test r6 and clear carry bit.
-	bc	BO_IF,CR0_EQ,Lppcasm_add_adios
+	beq	Lppcasm_add_adios
 	addi	r4,r4,-$BNSZ
 	addi	r3,r3,-$BNSZ
 	addi	r5,r5,-$BNSZ
@@ -1678,10 +1590,10 @@ Lppcasm_add_mainloop:
 	$LDU	r8,$BNSZ(r5)
 	adde	r8,r7,r8
 	$STU	r8,$BNSZ(r3)
-	bc	BO_dCTR_NZERO,CR0_EQ,Lppcasm_add_mainloop
+	bdnz-	Lppcasm_add_mainloop
 Lppcasm_add_adios:	
 	addze	r3,r0			#return carry bit.
-	bclr	BO_ALWAYS,CR0_LT
+	blr
 	.long	0x00000000
 
 #
@@ -1705,29 +1617,24 @@ Lppcasm_add_adios:
 #	r5 = d
 	
 	$UCMPI	0,r5,0			# compare r5 and 0
-	bc	BO_IF_NOT,CR0_EQ,Lppcasm_div1	# proceed if d!=0
+	bne	Lppcasm_div1		# proceed if d!=0
 	li	r3,-1			# d=0 return -1
-	bclr	BO_ALWAYS,CR0_LT	
+	blr
 Lppcasm_div1:
 	xor	r0,r0,r0		#r0=0
-	$COUNTZ	r7,r5			#r7 = num leading 0s in d.
-	subfic	r8,r7,$BITS		#r8 = BN_num_bits_word(d)
-	cmpi	0,0,r8,$BITS		#
-	bc	BO_IF,CR0_EQ,Lppcasm_div2	#proceed if (r8==$BITS)	
-	li	r9,1			# r9=1
-	$SHL	r10,r9,r8		# r9<<=r8
-	$UCMP	0,r3,r10		#	
-	bc	BO_IF,CR0_GT,Lppcasm_div2	#or if (h > (1<<r8))
-	$UDIV	r3,r3,r0		#if not assert(0) divide by 0!
-					#that's how we signal overflow
-	bclr	BO_ALWAYS,CR0_LT	#return. NEVER REACHED.
+	li	r8,$BITS
+	$CNTLZ.	r7,r5			#r7 = num leading 0s in d.
+	beq	Lppcasm_div2		#proceed if no leading zeros
+	subf	r8,r7,r8		#r8 = BN_num_bits_word(d)
+	$SHR.	r9,r3,r8		#are there any bits above r8'th?
+	$TR	16,r9,r0		#if there're, signal to dump core...
 Lppcasm_div2:
 	$UCMP	0,r3,r5			#h>=d?
-	bc	BO_IF,CR0_LT,Lppcasm_div3	#goto Lppcasm_div3 if not
+	blt	Lppcasm_div3		#goto Lppcasm_div3 if not
 	subf	r3,r5,r3		#h-=d ; 
 Lppcasm_div3:				#r7 = BN_BITS2-i. so r7=i
 	cmpi	0,0,r7,0		# is (i == 0)?
-	bc	BO_IF,CR0_EQ,Lppcasm_div4
+	beq	Lppcasm_div4
 	$SHL	r3,r3,r7		# h = (h<< i)
 	$SHR	r8,r4,r8		# r8 = (l >> BN_BITS2 -i)
 	$SHL	r5,r5,r7		# d<<=i
@@ -1744,7 +1651,7 @@ Lppcasm_divouterloop:
 	$SHRI	r11,r4,`$BITS/2`	#r11= (l&BN_MASK2h)>>BN_BITS4
 					# compute here for innerloop.
 	$UCMP	0,r8,r9			# is (h>>BN_BITS4)==dh
-	bc	BO_IF_NOT,CR0_EQ,Lppcasm_div5	# goto Lppcasm_div5 if not
+	bne	Lppcasm_div5		# goto Lppcasm_div5 if not
 
 	li	r8,-1
 	$CLRU	r8,r8,`$BITS/2`		#q = BN_MASK2l 
@@ -1765,9 +1672,9 @@ Lppcasm_divinnerloop:
 					# the following 2 instructions do that
 	$SHLI	r7,r10,`$BITS/2`	# r7 = (t<<BN_BITS4)
 	or	r7,r7,r11		# r7|=((l&BN_MASK2h)>>BN_BITS4)
-	$UCMP	1,r6,r7			# compare (tl <= r7)
-	bc	BO_IF_NOT,CR0_EQ,Lppcasm_divinnerexit
-	bc	BO_IF_NOT,CR1_FEX,Lppcasm_divinnerexit
+	$UCMP	cr1,r6,r7		# compare (tl <= r7)
+	bne	Lppcasm_divinnerexit
+	ble	cr1,Lppcasm_divinnerexit
 	addi	r8,r8,-1		#q--
 	subf	r12,r9,r12		#th -=dh
 	$CLRU	r10,r5,`$BITS/2`	#r10=dl. t is no longer needed in loop.
@@ -1776,14 +1683,14 @@ Lppcasm_divinnerloop:
 Lppcasm_divinnerexit:
 	$SHRI	r10,r6,`$BITS/2`	#t=(tl>>BN_BITS4)
 	$SHLI	r11,r6,`$BITS/2`	#tl=(tl<<BN_BITS4)&BN_MASK2h;
-	$UCMP	1,r4,r11		# compare l and tl
+	$UCMP	cr1,r4,r11		# compare l and tl
 	add	r12,r12,r10		# th+=t
-	bc	BO_IF_NOT,CR1_FX,Lppcasm_div7  # if (l>=tl) goto Lppcasm_div7
+	bge	cr1,Lppcasm_div7	# if (l>=tl) goto Lppcasm_div7
 	addi	r12,r12,1		# th++
 Lppcasm_div7:
 	subf	r11,r11,r4		#r11=l-tl
-	$UCMP	1,r3,r12		#compare h and th
-	bc	BO_IF_NOT,CR1_FX,Lppcasm_div8	#if (h>=th) goto Lppcasm_div8
+	$UCMP	cr1,r3,r12		#compare h and th
+	bge	cr1,Lppcasm_div8	#if (h>=th) goto Lppcasm_div8
 	addi	r8,r8,-1		# q--
 	add	r3,r5,r3		# h+=d
 Lppcasm_div8:
@@ -1794,12 +1701,12 @@ Lppcasm_div8:
 					# the following 2 instructions will do this.
 	$INSR	r11,r12,`$BITS/2`,`$BITS/2`	# r11 is the value we want rotated $BITS/2.
 	$ROTL	r3,r11,`$BITS/2`	# rotate by $BITS/2 and store in r3
-	bc	BO_dCTR_ZERO,CR0_EQ,Lppcasm_div9#if (count==0) break ;
+	bdz	Lppcasm_div9		#if (count==0) break ;
 	$SHLI	r0,r8,`$BITS/2`		#ret =q<<BN_BITS4
 	b	Lppcasm_divouterloop
 Lppcasm_div9:
 	or	r3,r8,r0
-	bclr	BO_ALWAYS,CR0_LT
+	blr
 	.long	0x00000000
 
 #
@@ -1825,7 +1732,7 @@ Lppcasm_div9:
 #	No unrolling done here. Not performance critical.
 
 	addic.	r5,r5,0			#test r5.
-	bc	BO_IF,CR0_EQ,Lppcasm_sqr_adios
+	beq	Lppcasm_sqr_adios
 	addi	r4,r4,-$BNSZ
 	addi	r3,r3,-$BNSZ
 	mtctr	r5
@@ -1836,9 +1743,9 @@ Lppcasm_sqr_mainloop:
 	$UMULH  r8,r6,r6
 	$STU	r7,$BNSZ(r3)
 	$STU	r8,$BNSZ(r3)
-	bc	BO_dCTR_NZERO,CR0_EQ,Lppcasm_sqr_mainloop
+	bdnz-	Lppcasm_sqr_mainloop
 Lppcasm_sqr_adios:	
-	bclr	BO_ALWAYS,CR0_LT
+	blr
 	.long	0x00000000
 
 
@@ -1861,7 +1768,7 @@ Lppcasm_sqr_adios:
 	xor	r0,r0,r0
 	xor	r12,r12,r12		# used for carry
 	rlwinm.	r7,r5,30,2,31		# num >> 2
-	bc	BO_IF,CR0_EQ,Lppcasm_mw_REM
+	beq	Lppcasm_mw_REM
 	mtctr	r7
 Lppcasm_mw_LOOP:	
 					#mul(rp[0],ap[0],w,c1);
@@ -1899,11 +1806,11 @@ Lppcasm_mw_LOOP:
 	
 	addi	r3,r3,`4*$BNSZ`
 	addi	r4,r4,`4*$BNSZ`
-	bc	BO_dCTR_NZERO,CR0_EQ,Lppcasm_mw_LOOP
+	bdnz-	Lppcasm_mw_LOOP
 
 Lppcasm_mw_REM:
 	andi.	r5,r5,0x3
-	bc	BO_IF,CR0_EQ,Lppcasm_mw_OVER
+	beq	Lppcasm_mw_OVER
 					#mul(rp[0],ap[0],w,c1);
 	$LD	r8,`0*$BNSZ`(r4)
 	$UMULL	r9,r6,r8
@@ -1915,7 +1822,7 @@ Lppcasm_mw_REM:
 	
 	addi	r5,r5,-1
 	cmpli	0,0,r5,0
-	bc	BO_IF,CR0_EQ,Lppcasm_mw_OVER
+	beq	Lppcasm_mw_OVER
 
 	
 					#mul(rp[1],ap[1],w,c1);
@@ -1929,7 +1836,7 @@ Lppcasm_mw_REM:
 	
 	addi	r5,r5,-1
 	cmpli	0,0,r5,0
-	bc	BO_IF,CR0_EQ,Lppcasm_mw_OVER
+	beq	Lppcasm_mw_OVER
 	
 					#mul_add(rp[2],ap[2],w,c1);
 	$LD	r8,`2*$BNSZ`(r4)
@@ -1942,7 +1849,7 @@ Lppcasm_mw_REM:
 		
 Lppcasm_mw_OVER:	
 	addi	r3,r12,0
-	bclr	BO_ALWAYS,CR0_LT
+	blr
 	.long	0x00000000
 
 #
@@ -1967,7 +1874,7 @@ Lppcasm_mw_OVER:
 	xor	r0,r0,r0		#r0 = 0
 	xor	r12,r12,r12  		#r12 = 0 . used for carry		
 	rlwinm.	r7,r5,30,2,31		# num >> 2
-	bc	BO_IF,CR0_EQ,Lppcasm_maw_leftover	# if (num < 4) go LPPCASM_maw_leftover
+	beq	Lppcasm_maw_leftover	# if (num < 4) go LPPCASM_maw_leftover
 	mtctr	r7
 Lppcasm_maw_mainloop:	
 					#mul_add(rp[0],ap[0],w,c1);
@@ -2020,11 +1927,11 @@ Lppcasm_maw_mainloop:
 	$ST	r11,`3*$BNSZ`(r3)
 	addi	r3,r3,`4*$BNSZ`
 	addi	r4,r4,`4*$BNSZ`
-	bc	BO_dCTR_NZERO,CR0_EQ,Lppcasm_maw_mainloop
+	bdnz-	Lppcasm_maw_mainloop
 	
 Lppcasm_maw_leftover:
 	andi.	r5,r5,0x3
-	bc	BO_IF,CR0_EQ,Lppcasm_maw_adios
+	beq	Lppcasm_maw_adios
 	addi	r3,r3,-$BNSZ
 	addi	r4,r4,-$BNSZ
 					#mul_add(rp[0],ap[0],w,c1);
@@ -2039,7 +1946,7 @@ Lppcasm_maw_leftover:
 	addze	r12,r10
 	$ST	r9,0(r3)
 	
-	bc	BO_dCTR_ZERO,CR0_EQ,Lppcasm_maw_adios
+	bdz	Lppcasm_maw_adios
 					#mul_add(rp[1],ap[1],w,c1);
 	$LDU	r8,$BNSZ(r4)	
 	$UMULL	r9,r6,r8
@@ -2051,7 +1958,7 @@ Lppcasm_maw_leftover:
 	addze	r12,r10
 	$ST	r9,0(r3)
 	
-	bc	BO_dCTR_ZERO,CR0_EQ,Lppcasm_maw_adios
+	bdz	Lppcasm_maw_adios
 					#mul_add(rp[2],ap[2],w,c1);
 	$LDU	r8,$BNSZ(r4)
 	$UMULL	r9,r6,r8
@@ -2065,17 +1972,10 @@ Lppcasm_maw_leftover:
 		
 Lppcasm_maw_adios:	
 	addi	r3,r12,0
-	bclr	BO_ALWAYS,CR0_LT
+	blr
 	.long	0x00000000
 	.align	4
 EOF
-	$data =~ s/\`([^\`]*)\`/eval $1/gem;
-
-	# if some assembler chokes on some simplified mnemonic,
-	# this is the spot to fix it up, e.g.:
-	# GNU as doesn't seem to accept cmplw, 32-bit unsigned compare
-	$data =~ s/^(\s*)cmplw(\s+)([^,]+),(.*)/$1cmpl$2$3,0,$4/gm;
-	# assembler X doesn't accept li, load immediate value
-	#$data =~ s/^(\s*)li(\s+)([^,]+),(.*)/$1addi$2$3,0,$4/gm;
-	return($data);
-}
+$data =~ s/\`([^\`]*)\`/eval $1/gem;
+print $data;
+close STDOUT;
diff --git a/crypto/bn/asm/ppc64-mont.pl b/crypto/bn/asm/ppc64-mont.pl
new file mode 100644
index 0000000000..f040466f43
--- /dev/null
+++ b/crypto/bn/asm/ppc64-mont.pl
@@ -0,0 +1,1086 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# December 2007
+
+# The reason for undertaken effort is basically following. Even though
+# Power 6 CPU operates at incredible 4.7GHz clock frequency, its PKI
+# performance was observed to be less than impressive, essentially as
+# fast as 1.8GHz PPC970, or 2.6 times(!) slower than one would hope.
+# Well, it's not surprising that IBM had to make some sacrifices to
+# boost the clock frequency that much, but no overall improvement?
+# Having observed how much difference did switching to FPU make on
+# UltraSPARC, playing same stunt on Power 6 appeared appropriate...
+# Unfortunately the resulting performance improvement is not as
+# impressive, ~30%, and in absolute terms is still very far from what
+# one would expect from 4.7GHz CPU. There is a chance that I'm doing
+# something wrong, but in the lack of assembler level micro-profiling
+# data or at least decent platform guide I can't tell... Or better
+# results might be achieved with VMX... Anyway, this module provides
+# *worse* performance on other PowerPC implementations, ~40-15% slower
+# on PPC970 depending on key length and ~40% slower on Power 5 for all
+# key lengths. As it's obviously inappropriate as "best all-round"
+# alternative, it has to be complemented with run-time CPU family
+# detection. Oh! It should also be noted that unlike other PowerPC
+# implementation IALU ppc-mont.pl module performs *suboptimaly* on
+# >=1024-bit key lengths on Power 6. It should also be noted that
+# *everything* said so far applies to 64-bit builds! As far as 32-bit
+# application executed on 64-bit CPU goes, this module is likely to
+# become preferred choice, because it's easy to adapt it for such
+# case and *is* faster than 32-bit ppc-mont.pl on *all* processors.
+
+# February 2008
+
+# Micro-profiling assisted optimization results in ~15% improvement
+# over original ppc64-mont.pl version, or overall ~50% improvement
+# over ppc.pl module on Power 6. If compared to ppc-mont.pl on same
+# Power 6 CPU, this module is 5-150% faster depending on key length,
+# [hereafter] more for longer keys. But if compared to ppc-mont.pl
+# on 1.8GHz PPC970, it's only 5-55% faster. Still far from impressive
+# in absolute terms, but it's apparently the way Power 6 is...
+
+# December 2009
+
+# Adapted for 32-bit build this module delivers 25-120%, yes, more
+# than *twice* for longer keys, performance improvement over 32-bit
+# ppc-mont.pl on 1.8GHz PPC970. However! This implementation utilizes
+# even 64-bit integer operations and the trouble is that most PPC
+# operating systems don't preserve upper halves of general purpose
+# registers upon 32-bit signal delivery. They do preserve them upon
+# context switch, but not signalling:-( This means that asynchronous
+# signals have to be blocked upon entry to this subroutine. Signal
+# masking (and of course complementary unmasking) has quite an impact
+# on performance, naturally larger for shorter keys. It's so severe
+# that 512-bit key performance can be as low as 1/3 of expected one.
+# This is why this routine can be engaged for longer key operations
+# only on these OSes, see crypto/ppccap.c for further details. MacOS X
+# is an exception from this and doesn't require signal masking, and
+# that's where above improvement coefficients were collected. For
+# others alternative would be to break dependence on upper halves of
+# GPRs by sticking to 32-bit integer operations...
+
+$flavour = shift;
+
+if ($flavour =~ /32/) {
+	$SIZE_T=4;
+	$RZONE=	224;
+	$FRAME=	$SIZE_T*12+8*12;
+	$fname=	"bn_mul_mont_fpu64";
+
+	$STUX=	"stwux";	# store indexed and update
+	$PUSH=	"stw";
+	$POP=	"lwz";
+} elsif ($flavour =~ /64/) {
+	$SIZE_T=8;
+	$RZONE=	288;
+	$FRAME=	$SIZE_T*12+8*12;
+	$fname=	"bn_mul_mont_fpu64";
+
+	# same as above, but 64-bit mnemonics...
+	$STUX=	"stdux";	# store indexed and update
+	$PUSH=	"std";
+	$POP=	"ld";
+} else { die "nonsense $flavour"; }
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+( $xlate="${dir}ppc-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}../../perlasm/ppc-xlate.pl" and -f $xlate) or
+die "can't locate ppc-xlate.pl";
+
+open STDOUT,"| $^X $xlate $flavour ".shift || die "can't call $xlate: $!";
+
+$FRAME=($FRAME+63)&~63;
+$TRANSFER=16*8;
+
+$carry="r0";
+$sp="r1";
+$toc="r2";
+$rp="r3";	$ovf="r3";
+$ap="r4";
+$bp="r5";
+$np="r6";
+$n0="r7";
+$num="r8";
+$rp="r9";	# $rp is reassigned
+$tp="r10";
+$j="r11";
+$i="r12";
+# non-volatile registers
+$nap_d="r14";	# interleaved ap and np in double format
+$a0="r15";	# ap[0]
+$t0="r16";	# temporary registers
+$t1="r17";
+$t2="r18";
+$t3="r19";
+$t4="r20";
+$t5="r21";
+$t6="r22";
+$t7="r23";
+
+# PPC offers enough register bank capacity to unroll inner loops twice
+#
+#     ..A3A2A1A0
+#           dcba
+#    -----------
+#            A0a
+#           A0b
+#          A0c
+#         A0d
+#          A1a
+#         A1b
+#        A1c
+#       A1d
+#        A2a
+#       A2b
+#      A2c
+#     A2d
+#      A3a
+#     A3b
+#    A3c
+#   A3d
+#    ..a
+#   ..b
+#
+$ba="f0";	$bb="f1";	$bc="f2";	$bd="f3";
+$na="f4";	$nb="f5";	$nc="f6";	$nd="f7";
+$dota="f8";	$dotb="f9";
+$A0="f10";	$A1="f11";	$A2="f12";	$A3="f13";
+$N0="f14";	$N1="f15";	$N2="f16";	$N3="f17";
+$T0a="f18";	$T0b="f19";
+$T1a="f20";	$T1b="f21";
+$T2a="f22";	$T2b="f23";
+$T3a="f24";	$T3b="f25";
+
+# sp----------->+-------------------------------+
+#		| saved sp			|
+#		+-------------------------------+
+#		|				|
+#		+-------------------------------+
+#		| 10 saved gpr, r14-r23		|
+#		.				.
+#		.				.
+#   +12*size_t	+-------------------------------+
+#		| 12 saved fpr, f14-f25		|
+#		.				.
+#		.				.
+#   +12*8	+-------------------------------+
+#		| padding to 64 byte boundary	|
+#		.				.
+#   +X		+-------------------------------+
+#		| 16 gpr<->fpr transfer zone	|
+#		.				.
+#		.				.
+#   +16*8	+-------------------------------+
+#		| __int64 tmp[-1]		|
+#		+-------------------------------+
+#		| __int64 tmp[num]		|
+#		.				.
+#		.				.
+#		.				.
+#   +(num+1)*8	+-------------------------------+
+#		| padding to 64 byte boundary	|
+#		.				.
+#   +X		+-------------------------------+
+#		| double nap_d[4*num]		|
+#		.				.
+#		.				.
+#		.				.
+#		+-------------------------------+
+
+$code=<<___;
+.machine "any"
+.text
+
+.globl	.$fname
+.align	5
+.$fname:
+	cmpwi	$num,`3*8/$SIZE_T`
+	mr	$rp,r3		; $rp is reassigned
+	li	r3,0		; possible "not handled" return code
+	bltlr-
+	andi.	r0,$num,`16/$SIZE_T-1`		; $num has to be "even"
+	bnelr-
+
+	slwi	$num,$num,`log($SIZE_T)/log(2)`	; num*=sizeof(BN_LONG)
+	li	$i,-4096
+	slwi	$tp,$num,2	; place for {an}p_{lh}[num], i.e. 4*num
+	add	$tp,$tp,$num	; place for tp[num+1]
+	addi	$tp,$tp,`$FRAME+$TRANSFER+8+64+$RZONE`
+	subf	$tp,$tp,$sp	; $sp-$tp
+	and	$tp,$tp,$i	; minimize TLB usage
+	subf	$tp,$sp,$tp	; $tp-$sp
+	$STUX	$sp,$sp,$tp	; alloca
+
+	$PUSH	r14,`2*$SIZE_T`($sp)
+	$PUSH	r15,`3*$SIZE_T`($sp)
+	$PUSH	r16,`4*$SIZE_T`($sp)
+	$PUSH	r17,`5*$SIZE_T`($sp)
+	$PUSH	r18,`6*$SIZE_T`($sp)
+	$PUSH	r19,`7*$SIZE_T`($sp)
+	$PUSH	r20,`8*$SIZE_T`($sp)
+	$PUSH	r21,`9*$SIZE_T`($sp)
+	$PUSH	r22,`10*$SIZE_T`($sp)
+	$PUSH	r23,`11*$SIZE_T`($sp)
+	stfd	f14,`12*$SIZE_T+0`($sp)
+	stfd	f15,`12*$SIZE_T+8`($sp)
+	stfd	f16,`12*$SIZE_T+16`($sp)
+	stfd	f17,`12*$SIZE_T+24`($sp)
+	stfd	f18,`12*$SIZE_T+32`($sp)
+	stfd	f19,`12*$SIZE_T+40`($sp)
+	stfd	f20,`12*$SIZE_T+48`($sp)
+	stfd	f21,`12*$SIZE_T+56`($sp)
+	stfd	f22,`12*$SIZE_T+64`($sp)
+	stfd	f23,`12*$SIZE_T+72`($sp)
+	stfd	f24,`12*$SIZE_T+80`($sp)
+	stfd	f25,`12*$SIZE_T+88`($sp)
+___
+$code.=<<___ if ($SIZE_T==8);
+	ld	$a0,0($ap)	; pull ap[0] value
+	ld	$n0,0($n0)	; pull n0[0] value
+	ld	$t3,0($bp)	; bp[0]
+___
+$code.=<<___ if ($SIZE_T==4);
+	mr	$t1,$n0
+	lwz	$a0,0($ap)	; pull ap[0,1] value
+	lwz	$t0,4($ap)
+	lwz	$n0,0($t1)	; pull n0[0,1] value
+	lwz	$t1,4($t1)
+	lwz	$t3,0($bp)	; bp[0,1]
+	lwz	$t2,4($bp)
+	insrdi	$a0,$t0,32,0
+	insrdi	$n0,$t1,32,0
+	insrdi	$t3,$t2,32,0
+___
+$code.=<<___;
+	addi	$tp,$sp,`$FRAME+$TRANSFER+8+64`
+	li	$i,-64
+	add	$nap_d,$tp,$num
+	and	$nap_d,$nap_d,$i	; align to 64 bytes
+
+	mulld	$t7,$a0,$t3	; ap[0]*bp[0]
+	; nap_d is off by 1, because it's used with stfdu/lfdu
+	addi	$nap_d,$nap_d,-8
+	srwi	$j,$num,`3+1`	; counter register, num/2
+	mulld	$t7,$t7,$n0	; tp[0]*n0
+	addi	$j,$j,-1
+	addi	$tp,$sp,`$FRAME+$TRANSFER-8`
+	li	$carry,0
+	mtctr	$j
+
+	; transfer bp[0] to FPU as 4x16-bit values
+	extrdi	$t0,$t3,16,48
+	extrdi	$t1,$t3,16,32
+	extrdi	$t2,$t3,16,16
+	extrdi	$t3,$t3,16,0
+	std	$t0,`$FRAME+0`($sp)
+	std	$t1,`$FRAME+8`($sp)
+	std	$t2,`$FRAME+16`($sp)
+	std	$t3,`$FRAME+24`($sp)
+	; transfer (ap[0]*bp[0])*n0 to FPU as 4x16-bit values
+	extrdi	$t4,$t7,16,48
+	extrdi	$t5,$t7,16,32
+	extrdi	$t6,$t7,16,16
+	extrdi	$t7,$t7,16,0
+	std	$t4,`$FRAME+32`($sp)
+	std	$t5,`$FRAME+40`($sp)
+	std	$t6,`$FRAME+48`($sp)
+	std	$t7,`$FRAME+56`($sp)
+___
+$code.=<<___ if ($SIZE_T==8);
+	lwz	$t0,4($ap)		; load a[j] as 32-bit word pair
+	lwz	$t1,0($ap)
+	lwz	$t2,12($ap)		; load a[j+1] as 32-bit word pair
+	lwz	$t3,8($ap)
+	lwz	$t4,4($np)		; load n[j] as 32-bit word pair
+	lwz	$t5,0($np)
+	lwz	$t6,12($np)		; load n[j+1] as 32-bit word pair
+	lwz	$t7,8($np)
+___
+$code.=<<___ if ($SIZE_T==4);
+	lwz	$t0,0($ap)		; load a[j..j+3] as 32-bit word pairs
+	lwz	$t1,4($ap)
+	lwz	$t2,8($ap)
+	lwz	$t3,12($ap)
+	lwz	$t4,0($np)		; load n[j..j+3] as 32-bit word pairs
+	lwz	$t5,4($np)
+	lwz	$t6,8($np)
+	lwz	$t7,12($np)
+___
+$code.=<<___;
+	lfd	$ba,`$FRAME+0`($sp)
+	lfd	$bb,`$FRAME+8`($sp)
+	lfd	$bc,`$FRAME+16`($sp)
+	lfd	$bd,`$FRAME+24`($sp)
+	lfd	$na,`$FRAME+32`($sp)
+	lfd	$nb,`$FRAME+40`($sp)
+	lfd	$nc,`$FRAME+48`($sp)
+	lfd	$nd,`$FRAME+56`($sp)
+	std	$t0,`$FRAME+64`($sp)
+	std	$t1,`$FRAME+72`($sp)
+	std	$t2,`$FRAME+80`($sp)
+	std	$t3,`$FRAME+88`($sp)
+	std	$t4,`$FRAME+96`($sp)
+	std	$t5,`$FRAME+104`($sp)
+	std	$t6,`$FRAME+112`($sp)
+	std	$t7,`$FRAME+120`($sp)
+	fcfid	$ba,$ba
+	fcfid	$bb,$bb
+	fcfid	$bc,$bc
+	fcfid	$bd,$bd
+	fcfid	$na,$na
+	fcfid	$nb,$nb
+	fcfid	$nc,$nc
+	fcfid	$nd,$nd
+
+	lfd	$A0,`$FRAME+64`($sp)
+	lfd	$A1,`$FRAME+72`($sp)
+	lfd	$A2,`$FRAME+80`($sp)
+	lfd	$A3,`$FRAME+88`($sp)
+	lfd	$N0,`$FRAME+96`($sp)
+	lfd	$N1,`$FRAME+104`($sp)
+	lfd	$N2,`$FRAME+112`($sp)
+	lfd	$N3,`$FRAME+120`($sp)
+	fcfid	$A0,$A0
+	fcfid	$A1,$A1
+	fcfid	$A2,$A2
+	fcfid	$A3,$A3
+	fcfid	$N0,$N0
+	fcfid	$N1,$N1
+	fcfid	$N2,$N2
+	fcfid	$N3,$N3
+	addi	$ap,$ap,16
+	addi	$np,$np,16
+
+	fmul	$T1a,$A1,$ba
+	fmul	$T1b,$A1,$bb
+	stfd	$A0,8($nap_d)		; save a[j] in double format
+	stfd	$A1,16($nap_d)
+	fmul	$T2a,$A2,$ba
+	fmul	$T2b,$A2,$bb
+	stfd	$A2,24($nap_d)		; save a[j+1] in double format
+	stfd	$A3,32($nap_d)
+	fmul	$T3a,$A3,$ba
+	fmul	$T3b,$A3,$bb
+	stfd	$N0,40($nap_d)		; save n[j] in double format
+	stfd	$N1,48($nap_d)
+	fmul	$T0a,$A0,$ba
+	fmul	$T0b,$A0,$bb
+	stfd	$N2,56($nap_d)		; save n[j+1] in double format
+	stfdu	$N3,64($nap_d)
+
+	fmadd	$T1a,$A0,$bc,$T1a
+	fmadd	$T1b,$A0,$bd,$T1b
+	fmadd	$T2a,$A1,$bc,$T2a
+	fmadd	$T2b,$A1,$bd,$T2b
+	fmadd	$T3a,$A2,$bc,$T3a
+	fmadd	$T3b,$A2,$bd,$T3b
+	fmul	$dota,$A3,$bc
+	fmul	$dotb,$A3,$bd
+
+	fmadd	$T1a,$N1,$na,$T1a
+	fmadd	$T1b,$N1,$nb,$T1b
+	fmadd	$T2a,$N2,$na,$T2a
+	fmadd	$T2b,$N2,$nb,$T2b
+	fmadd	$T3a,$N3,$na,$T3a
+	fmadd	$T3b,$N3,$nb,$T3b
+	fmadd	$T0a,$N0,$na,$T0a
+	fmadd	$T0b,$N0,$nb,$T0b
+
+	fmadd	$T1a,$N0,$nc,$T1a
+	fmadd	$T1b,$N0,$nd,$T1b
+	fmadd	$T2a,$N1,$nc,$T2a
+	fmadd	$T2b,$N1,$nd,$T2b
+	fmadd	$T3a,$N2,$nc,$T3a
+	fmadd	$T3b,$N2,$nd,$T3b
+	fmadd	$dota,$N3,$nc,$dota
+	fmadd	$dotb,$N3,$nd,$dotb
+
+	fctid	$T0a,$T0a
+	fctid	$T0b,$T0b
+	fctid	$T1a,$T1a
+	fctid	$T1b,$T1b
+	fctid	$T2a,$T2a
+	fctid	$T2b,$T2b
+	fctid	$T3a,$T3a
+	fctid	$T3b,$T3b
+
+	stfd	$T0a,`$FRAME+0`($sp)
+	stfd	$T0b,`$FRAME+8`($sp)
+	stfd	$T1a,`$FRAME+16`($sp)
+	stfd	$T1b,`$FRAME+24`($sp)
+	stfd	$T2a,`$FRAME+32`($sp)
+	stfd	$T2b,`$FRAME+40`($sp)
+	stfd	$T3a,`$FRAME+48`($sp)
+	stfd	$T3b,`$FRAME+56`($sp)
+
+.align	5
+L1st:
+___
+$code.=<<___ if ($SIZE_T==8);
+	lwz	$t0,4($ap)		; load a[j] as 32-bit word pair
+	lwz	$t1,0($ap)
+	lwz	$t2,12($ap)		; load a[j+1] as 32-bit word pair
+	lwz	$t3,8($ap)
+	lwz	$t4,4($np)		; load n[j] as 32-bit word pair
+	lwz	$t5,0($np)
+	lwz	$t6,12($np)		; load n[j+1] as 32-bit word pair
+	lwz	$t7,8($np)
+___
+$code.=<<___ if ($SIZE_T==4);
+	lwz	$t0,0($ap)		; load a[j..j+3] as 32-bit word pairs
+	lwz	$t1,4($ap)
+	lwz	$t2,8($ap)
+	lwz	$t3,12($ap)
+	lwz	$t4,0($np)		; load n[j..j+3] as 32-bit word pairs
+	lwz	$t5,4($np)
+	lwz	$t6,8($np)
+	lwz	$t7,12($np)
+___
+$code.=<<___;
+	std	$t0,`$FRAME+64`($sp)
+	std	$t1,`$FRAME+72`($sp)
+	std	$t2,`$FRAME+80`($sp)
+	std	$t3,`$FRAME+88`($sp)
+	std	$t4,`$FRAME+96`($sp)
+	std	$t5,`$FRAME+104`($sp)
+	std	$t6,`$FRAME+112`($sp)
+	std	$t7,`$FRAME+120`($sp)
+	ld	$t0,`$FRAME+0`($sp)
+	ld	$t1,`$FRAME+8`($sp)
+	ld	$t2,`$FRAME+16`($sp)
+	ld	$t3,`$FRAME+24`($sp)
+	ld	$t4,`$FRAME+32`($sp)
+	ld	$t5,`$FRAME+40`($sp)
+	ld	$t6,`$FRAME+48`($sp)
+	ld	$t7,`$FRAME+56`($sp)
+	lfd	$A0,`$FRAME+64`($sp)
+	lfd	$A1,`$FRAME+72`($sp)
+	lfd	$A2,`$FRAME+80`($sp)
+	lfd	$A3,`$FRAME+88`($sp)
+	lfd	$N0,`$FRAME+96`($sp)
+	lfd	$N1,`$FRAME+104`($sp)
+	lfd	$N2,`$FRAME+112`($sp)
+	lfd	$N3,`$FRAME+120`($sp)
+	fcfid	$A0,$A0
+	fcfid	$A1,$A1
+	fcfid	$A2,$A2
+	fcfid	$A3,$A3
+	fcfid	$N0,$N0
+	fcfid	$N1,$N1
+	fcfid	$N2,$N2
+	fcfid	$N3,$N3
+	addi	$ap,$ap,16
+	addi	$np,$np,16
+
+	fmul	$T1a,$A1,$ba
+	fmul	$T1b,$A1,$bb
+	fmul	$T2a,$A2,$ba
+	fmul	$T2b,$A2,$bb
+	stfd	$A0,8($nap_d)		; save a[j] in double format
+	stfd	$A1,16($nap_d)
+	fmul	$T3a,$A3,$ba
+	fmul	$T3b,$A3,$bb
+	fmadd	$T0a,$A0,$ba,$dota
+	fmadd	$T0b,$A0,$bb,$dotb
+	stfd	$A2,24($nap_d)		; save a[j+1] in double format
+	stfd	$A3,32($nap_d)
+
+	fmadd	$T1a,$A0,$bc,$T1a
+	fmadd	$T1b,$A0,$bd,$T1b
+	fmadd	$T2a,$A1,$bc,$T2a
+	fmadd	$T2b,$A1,$bd,$T2b
+	stfd	$N0,40($nap_d)		; save n[j] in double format
+	stfd	$N1,48($nap_d)
+	fmadd	$T3a,$A2,$bc,$T3a
+	fmadd	$T3b,$A2,$bd,$T3b
+	 add	$t0,$t0,$carry		; can not overflow
+	fmul	$dota,$A3,$bc
+	fmul	$dotb,$A3,$bd
+	stfd	$N2,56($nap_d)		; save n[j+1] in double format
+	stfdu	$N3,64($nap_d)
+	 srdi	$carry,$t0,16
+	 add	$t1,$t1,$carry
+	 srdi	$carry,$t1,16
+
+	fmadd	$T1a,$N1,$na,$T1a
+	fmadd	$T1b,$N1,$nb,$T1b
+	 insrdi	$t0,$t1,16,32
+	fmadd	$T2a,$N2,$na,$T2a
+	fmadd	$T2b,$N2,$nb,$T2b
+	 add	$t2,$t2,$carry
+	fmadd	$T3a,$N3,$na,$T3a
+	fmadd	$T3b,$N3,$nb,$T3b
+	 srdi	$carry,$t2,16
+	fmadd	$T0a,$N0,$na,$T0a
+	fmadd	$T0b,$N0,$nb,$T0b
+	 insrdi	$t0,$t2,16,16
+	 add	$t3,$t3,$carry
+	 srdi	$carry,$t3,16
+
+	fmadd	$T1a,$N0,$nc,$T1a
+	fmadd	$T1b,$N0,$nd,$T1b
+	 insrdi	$t0,$t3,16,0		; 0..63 bits
+	fmadd	$T2a,$N1,$nc,$T2a
+	fmadd	$T2b,$N1,$nd,$T2b
+	 add	$t4,$t4,$carry
+	fmadd	$T3a,$N2,$nc,$T3a
+	fmadd	$T3b,$N2,$nd,$T3b
+	 srdi	$carry,$t4,16
+	fmadd	$dota,$N3,$nc,$dota
+	fmadd	$dotb,$N3,$nd,$dotb
+	 add	$t5,$t5,$carry
+	 srdi	$carry,$t5,16
+	 insrdi	$t4,$t5,16,32
+
+	fctid	$T0a,$T0a
+	fctid	$T0b,$T0b
+	 add	$t6,$t6,$carry
+	fctid	$T1a,$T1a
+	fctid	$T1b,$T1b
+	 srdi	$carry,$t6,16
+	fctid	$T2a,$T2a
+	fctid	$T2b,$T2b
+	 insrdi	$t4,$t6,16,16
+	fctid	$T3a,$T3a
+	fctid	$T3b,$T3b
+	 add	$t7,$t7,$carry
+	 insrdi	$t4,$t7,16,0		; 64..127 bits
+	 srdi	$carry,$t7,16		; upper 33 bits
+
+	stfd	$T0a,`$FRAME+0`($sp)
+	stfd	$T0b,`$FRAME+8`($sp)
+	stfd	$T1a,`$FRAME+16`($sp)
+	stfd	$T1b,`$FRAME+24`($sp)
+	stfd	$T2a,`$FRAME+32`($sp)
+	stfd	$T2b,`$FRAME+40`($sp)
+	stfd	$T3a,`$FRAME+48`($sp)
+	stfd	$T3b,`$FRAME+56`($sp)
+	 std	$t0,8($tp)		; tp[j-1]
+	 stdu	$t4,16($tp)		; tp[j]
+	bdnz-	L1st
+
+	fctid	$dota,$dota
+	fctid	$dotb,$dotb
+
+	ld	$t0,`$FRAME+0`($sp)
+	ld	$t1,`$FRAME+8`($sp)
+	ld	$t2,`$FRAME+16`($sp)
+	ld	$t3,`$FRAME+24`($sp)
+	ld	$t4,`$FRAME+32`($sp)
+	ld	$t5,`$FRAME+40`($sp)
+	ld	$t6,`$FRAME+48`($sp)
+	ld	$t7,`$FRAME+56`($sp)
+	stfd	$dota,`$FRAME+64`($sp)
+	stfd	$dotb,`$FRAME+72`($sp)
+
+	add	$t0,$t0,$carry		; can not overflow
+	srdi	$carry,$t0,16
+	add	$t1,$t1,$carry
+	srdi	$carry,$t1,16
+	insrdi	$t0,$t1,16,32
+	add	$t2,$t2,$carry
+	srdi	$carry,$t2,16
+	insrdi	$t0,$t2,16,16
+	add	$t3,$t3,$carry
+	srdi	$carry,$t3,16
+	insrdi	$t0,$t3,16,0		; 0..63 bits
+	add	$t4,$t4,$carry
+	srdi	$carry,$t4,16
+	add	$t5,$t5,$carry
+	srdi	$carry,$t5,16
+	insrdi	$t4,$t5,16,32
+	add	$t6,$t6,$carry
+	srdi	$carry,$t6,16
+	insrdi	$t4,$t6,16,16
+	add	$t7,$t7,$carry
+	insrdi	$t4,$t7,16,0		; 64..127 bits
+	srdi	$carry,$t7,16		; upper 33 bits
+	ld	$t6,`$FRAME+64`($sp)
+	ld	$t7,`$FRAME+72`($sp)
+
+	std	$t0,8($tp)		; tp[j-1]
+	stdu	$t4,16($tp)		; tp[j]
+
+	add	$t6,$t6,$carry		; can not overflow
+	srdi	$carry,$t6,16
+	add	$t7,$t7,$carry
+	insrdi	$t6,$t7,48,0
+	srdi	$ovf,$t7,48
+	std	$t6,8($tp)		; tp[num-1]
+
+	slwi	$t7,$num,2
+	subf	$nap_d,$t7,$nap_d	; rewind pointer
+
+	li	$i,8			; i=1
+.align	5
+Louter:
+___
+$code.=<<___ if ($SIZE_T==8);
+	ldx	$t3,$bp,$i	; bp[i]
+___
+$code.=<<___ if ($SIZE_T==4);
+	add	$t0,$bp,$i
+	lwz	$t3,0($t0)		; bp[i,i+1]
+	lwz	$t0,4($t0)
+	insrdi	$t3,$t0,32,0
+___
+$code.=<<___;
+	ld	$t6,`$FRAME+$TRANSFER+8`($sp)	; tp[0]
+	mulld	$t7,$a0,$t3	; ap[0]*bp[i]
+
+	addi	$tp,$sp,`$FRAME+$TRANSFER`
+	add	$t7,$t7,$t6	; ap[0]*bp[i]+tp[0]
+	li	$carry,0
+	mulld	$t7,$t7,$n0	; tp[0]*n0
+	mtctr	$j
+
+	; transfer bp[i] to FPU as 4x16-bit values
+	extrdi	$t0,$t3,16,48
+	extrdi	$t1,$t3,16,32
+	extrdi	$t2,$t3,16,16
+	extrdi	$t3,$t3,16,0
+	std	$t0,`$FRAME+0`($sp)
+	std	$t1,`$FRAME+8`($sp)
+	std	$t2,`$FRAME+16`($sp)
+	std	$t3,`$FRAME+24`($sp)
+	; transfer (ap[0]*bp[i]+tp[0])*n0 to FPU as 4x16-bit values
+	extrdi	$t4,$t7,16,48
+	extrdi	$t5,$t7,16,32
+	extrdi	$t6,$t7,16,16
+	extrdi	$t7,$t7,16,0
+	std	$t4,`$FRAME+32`($sp)
+	std	$t5,`$FRAME+40`($sp)
+	std	$t6,`$FRAME+48`($sp)
+	std	$t7,`$FRAME+56`($sp)
+
+	lfd	$A0,8($nap_d)		; load a[j] in double format
+	lfd	$A1,16($nap_d)
+	lfd	$A2,24($nap_d)		; load a[j+1] in double format
+	lfd	$A3,32($nap_d)
+	lfd	$N0,40($nap_d)		; load n[j] in double format
+	lfd	$N1,48($nap_d)
+	lfd	$N2,56($nap_d)		; load n[j+1] in double format
+	lfdu	$N3,64($nap_d)
+
+	lfd	$ba,`$FRAME+0`($sp)
+	lfd	$bb,`$FRAME+8`($sp)
+	lfd	$bc,`$FRAME+16`($sp)
+	lfd	$bd,`$FRAME+24`($sp)
+	lfd	$na,`$FRAME+32`($sp)
+	lfd	$nb,`$FRAME+40`($sp)
+	lfd	$nc,`$FRAME+48`($sp)
+	lfd	$nd,`$FRAME+56`($sp)
+
+	fcfid	$ba,$ba
+	fcfid	$bb,$bb
+	fcfid	$bc,$bc
+	fcfid	$bd,$bd
+	fcfid	$na,$na
+	fcfid	$nb,$nb
+	fcfid	$nc,$nc
+	fcfid	$nd,$nd
+
+	fmul	$T1a,$A1,$ba
+	fmul	$T1b,$A1,$bb
+	fmul	$T2a,$A2,$ba
+	fmul	$T2b,$A2,$bb
+	fmul	$T3a,$A3,$ba
+	fmul	$T3b,$A3,$bb
+	fmul	$T0a,$A0,$ba
+	fmul	$T0b,$A0,$bb
+
+	fmadd	$T1a,$A0,$bc,$T1a
+	fmadd	$T1b,$A0,$bd,$T1b
+	fmadd	$T2a,$A1,$bc,$T2a
+	fmadd	$T2b,$A1,$bd,$T2b
+	fmadd	$T3a,$A2,$bc,$T3a
+	fmadd	$T3b,$A2,$bd,$T3b
+	fmul	$dota,$A3,$bc
+	fmul	$dotb,$A3,$bd
+
+	fmadd	$T1a,$N1,$na,$T1a
+	fmadd	$T1b,$N1,$nb,$T1b
+	 lfd	$A0,8($nap_d)		; load a[j] in double format
+	 lfd	$A1,16($nap_d)
+	fmadd	$T2a,$N2,$na,$T2a
+	fmadd	$T2b,$N2,$nb,$T2b
+	 lfd	$A2,24($nap_d)		; load a[j+1] in double format
+	 lfd	$A3,32($nap_d)
+	fmadd	$T3a,$N3,$na,$T3a
+	fmadd	$T3b,$N3,$nb,$T3b
+	fmadd	$T0a,$N0,$na,$T0a
+	fmadd	$T0b,$N0,$nb,$T0b
+
+	fmadd	$T1a,$N0,$nc,$T1a
+	fmadd	$T1b,$N0,$nd,$T1b
+	fmadd	$T2a,$N1,$nc,$T2a
+	fmadd	$T2b,$N1,$nd,$T2b
+	fmadd	$T3a,$N2,$nc,$T3a
+	fmadd	$T3b,$N2,$nd,$T3b
+	fmadd	$dota,$N3,$nc,$dota
+	fmadd	$dotb,$N3,$nd,$dotb
+
+	fctid	$T0a,$T0a
+	fctid	$T0b,$T0b
+	fctid	$T1a,$T1a
+	fctid	$T1b,$T1b
+	fctid	$T2a,$T2a
+	fctid	$T2b,$T2b
+	fctid	$T3a,$T3a
+	fctid	$T3b,$T3b
+
+	stfd	$T0a,`$FRAME+0`($sp)
+	stfd	$T0b,`$FRAME+8`($sp)
+	stfd	$T1a,`$FRAME+16`($sp)
+	stfd	$T1b,`$FRAME+24`($sp)
+	stfd	$T2a,`$FRAME+32`($sp)
+	stfd	$T2b,`$FRAME+40`($sp)
+	stfd	$T3a,`$FRAME+48`($sp)
+	stfd	$T3b,`$FRAME+56`($sp)
+
+.align	5
+Linner:
+	fmul	$T1a,$A1,$ba
+	fmul	$T1b,$A1,$bb
+	fmul	$T2a,$A2,$ba
+	fmul	$T2b,$A2,$bb
+	lfd	$N0,40($nap_d)		; load n[j] in double format
+	lfd	$N1,48($nap_d)
+	fmul	$T3a,$A3,$ba
+	fmul	$T3b,$A3,$bb
+	fmadd	$T0a,$A0,$ba,$dota
+	fmadd	$T0b,$A0,$bb,$dotb
+	lfd	$N2,56($nap_d)		; load n[j+1] in double format
+	lfdu	$N3,64($nap_d)
+
+	fmadd	$T1a,$A0,$bc,$T1a
+	fmadd	$T1b,$A0,$bd,$T1b
+	fmadd	$T2a,$A1,$bc,$T2a
+	fmadd	$T2b,$A1,$bd,$T2b
+	 lfd	$A0,8($nap_d)		; load a[j] in double format
+	 lfd	$A1,16($nap_d)
+	fmadd	$T3a,$A2,$bc,$T3a
+	fmadd	$T3b,$A2,$bd,$T3b
+	fmul	$dota,$A3,$bc
+	fmul	$dotb,$A3,$bd
+	 lfd	$A2,24($nap_d)		; load a[j+1] in double format
+	 lfd	$A3,32($nap_d)
+
+	fmadd	$T1a,$N1,$na,$T1a
+	fmadd	$T1b,$N1,$nb,$T1b
+	 ld	$t0,`$FRAME+0`($sp)
+	 ld	$t1,`$FRAME+8`($sp)
+	fmadd	$T2a,$N2,$na,$T2a
+	fmadd	$T2b,$N2,$nb,$T2b
+	 ld	$t2,`$FRAME+16`($sp)
+	 ld	$t3,`$FRAME+24`($sp)
+	fmadd	$T3a,$N3,$na,$T3a
+	fmadd	$T3b,$N3,$nb,$T3b
+	 add	$t0,$t0,$carry		; can not overflow
+	 ld	$t4,`$FRAME+32`($sp)
+	 ld	$t5,`$FRAME+40`($sp)
+	fmadd	$T0a,$N0,$na,$T0a
+	fmadd	$T0b,$N0,$nb,$T0b
+	 srdi	$carry,$t0,16
+	 add	$t1,$t1,$carry
+	 srdi	$carry,$t1,16
+	 ld	$t6,`$FRAME+48`($sp)
+	 ld	$t7,`$FRAME+56`($sp)
+
+	fmadd	$T1a,$N0,$nc,$T1a
+	fmadd	$T1b,$N0,$nd,$T1b
+	 insrdi	$t0,$t1,16,32
+	 ld	$t1,8($tp)		; tp[j]
+	fmadd	$T2a,$N1,$nc,$T2a
+	fmadd	$T2b,$N1,$nd,$T2b
+	 add	$t2,$t2,$carry
+	fmadd	$T3a,$N2,$nc,$T3a
+	fmadd	$T3b,$N2,$nd,$T3b
+	 srdi	$carry,$t2,16
+	 insrdi	$t0,$t2,16,16
+	fmadd	$dota,$N3,$nc,$dota
+	fmadd	$dotb,$N3,$nd,$dotb
+	 add	$t3,$t3,$carry
+	 ldu	$t2,16($tp)		; tp[j+1]
+	 srdi	$carry,$t3,16
+	 insrdi	$t0,$t3,16,0		; 0..63 bits
+	 add	$t4,$t4,$carry
+
+	fctid	$T0a,$T0a
+	fctid	$T0b,$T0b
+	 srdi	$carry,$t4,16
+	fctid	$T1a,$T1a
+	fctid	$T1b,$T1b
+	 add	$t5,$t5,$carry
+	fctid	$T2a,$T2a
+	fctid	$T2b,$T2b
+	 srdi	$carry,$t5,16
+	 insrdi	$t4,$t5,16,32
+	fctid	$T3a,$T3a
+	fctid	$T3b,$T3b
+	 add	$t6,$t6,$carry
+	 srdi	$carry,$t6,16
+	 insrdi	$t4,$t6,16,16
+
+	stfd	$T0a,`$FRAME+0`($sp)
+	stfd	$T0b,`$FRAME+8`($sp)
+	 add	$t7,$t7,$carry
+	 addc	$t3,$t0,$t1
+___
+$code.=<<___ if ($SIZE_T==4);		# adjust XER[CA]
+	extrdi	$t0,$t0,32,0
+	extrdi	$t1,$t1,32,0
+	adde	$t0,$t0,$t1
+___
+$code.=<<___;
+	stfd	$T1a,`$FRAME+16`($sp)
+	stfd	$T1b,`$FRAME+24`($sp)
+	 insrdi	$t4,$t7,16,0		; 64..127 bits
+	 srdi	$carry,$t7,16		; upper 33 bits
+	stfd	$T2a,`$FRAME+32`($sp)
+	stfd	$T2b,`$FRAME+40`($sp)
+	 adde	$t5,$t4,$t2
+___
+$code.=<<___ if ($SIZE_T==4);		# adjust XER[CA]
+	extrdi	$t4,$t4,32,0
+	extrdi	$t2,$t2,32,0
+	adde	$t4,$t4,$t2
+___
+$code.=<<___;
+	stfd	$T3a,`$FRAME+48`($sp)
+	stfd	$T3b,`$FRAME+56`($sp)
+	 addze	$carry,$carry
+	 std	$t3,-16($tp)		; tp[j-1]
+	 std	$t5,-8($tp)		; tp[j]
+	bdnz-	Linner
+
+	fctid	$dota,$dota
+	fctid	$dotb,$dotb
+	ld	$t0,`$FRAME+0`($sp)
+	ld	$t1,`$FRAME+8`($sp)
+	ld	$t2,`$FRAME+16`($sp)
+	ld	$t3,`$FRAME+24`($sp)
+	ld	$t4,`$FRAME+32`($sp)
+	ld	$t5,`$FRAME+40`($sp)
+	ld	$t6,`$FRAME+48`($sp)
+	ld	$t7,`$FRAME+56`($sp)
+	stfd	$dota,`$FRAME+64`($sp)
+	stfd	$dotb,`$FRAME+72`($sp)
+
+	add	$t0,$t0,$carry		; can not overflow
+	srdi	$carry,$t0,16
+	add	$t1,$t1,$carry
+	srdi	$carry,$t1,16
+	insrdi	$t0,$t1,16,32
+	add	$t2,$t2,$carry
+	ld	$t1,8($tp)		; tp[j]
+	srdi	$carry,$t2,16
+	insrdi	$t0,$t2,16,16
+	add	$t3,$t3,$carry
+	ldu	$t2,16($tp)		; tp[j+1]
+	srdi	$carry,$t3,16
+	insrdi	$t0,$t3,16,0		; 0..63 bits
+	add	$t4,$t4,$carry
+	srdi	$carry,$t4,16
+	add	$t5,$t5,$carry
+	srdi	$carry,$t5,16
+	insrdi	$t4,$t5,16,32
+	add	$t6,$t6,$carry
+	srdi	$carry,$t6,16
+	insrdi	$t4,$t6,16,16
+	add	$t7,$t7,$carry
+	insrdi	$t4,$t7,16,0		; 64..127 bits
+	srdi	$carry,$t7,16		; upper 33 bits
+	ld	$t6,`$FRAME+64`($sp)
+	ld	$t7,`$FRAME+72`($sp)
+
+	addc	$t3,$t0,$t1
+___
+$code.=<<___ if ($SIZE_T==4);		# adjust XER[CA]
+	extrdi	$t0,$t0,32,0
+	extrdi	$t1,$t1,32,0
+	adde	$t0,$t0,$t1
+___
+$code.=<<___;
+	adde	$t5,$t4,$t2
+___
+$code.=<<___ if ($SIZE_T==4);		# adjust XER[CA]
+	extrdi	$t4,$t4,32,0
+	extrdi	$t2,$t2,32,0
+	adde	$t4,$t4,$t2
+___
+$code.=<<___;
+	addze	$carry,$carry
+
+	std	$t3,-16($tp)		; tp[j-1]
+	std	$t5,-8($tp)		; tp[j]
+
+	add	$carry,$carry,$ovf	; comsume upmost overflow
+	add	$t6,$t6,$carry		; can not overflow
+	srdi	$carry,$t6,16
+	add	$t7,$t7,$carry
+	insrdi	$t6,$t7,48,0
+	srdi	$ovf,$t7,48
+	std	$t6,0($tp)		; tp[num-1]
+
+	slwi	$t7,$num,2
+	addi	$i,$i,8
+	subf	$nap_d,$t7,$nap_d	; rewind pointer
+	cmpw	$i,$num
+	blt-	Louter
+___
+
+$code.=<<___ if ($SIZE_T==8);
+	subf	$np,$num,$np	; rewind np
+	addi	$j,$j,1		; restore counter
+	subfc	$i,$i,$i	; j=0 and "clear" XER[CA]
+	addi	$tp,$sp,`$FRAME+$TRANSFER+8`
+	addi	$t4,$sp,`$FRAME+$TRANSFER+16`
+	addi	$t5,$np,8
+	addi	$t6,$rp,8
+	mtctr	$j
+
+.align	4
+Lsub:	ldx	$t0,$tp,$i
+	ldx	$t1,$np,$i
+	ldx	$t2,$t4,$i
+	ldx	$t3,$t5,$i
+	subfe	$t0,$t1,$t0	; tp[j]-np[j]
+	subfe	$t2,$t3,$t2	; tp[j+1]-np[j+1]
+	stdx	$t0,$rp,$i
+	stdx	$t2,$t6,$i
+	addi	$i,$i,16
+	bdnz-	Lsub
+
+	li	$i,0
+	subfe	$ovf,$i,$ovf	; handle upmost overflow bit
+	and	$ap,$tp,$ovf
+	andc	$np,$rp,$ovf
+	or	$ap,$ap,$np	; ap=borrow?tp:rp
+	addi	$t7,$ap,8
+	mtctr	$j
+
+.align	4
+Lcopy:				; copy or in-place refresh
+	ldx	$t0,$ap,$i
+	ldx	$t1,$t7,$i
+	std	$i,8($nap_d)	; zap nap_d
+	std	$i,16($nap_d)
+	std	$i,24($nap_d)
+	std	$i,32($nap_d)
+	std	$i,40($nap_d)
+	std	$i,48($nap_d)
+	std	$i,56($nap_d)
+	stdu	$i,64($nap_d)
+	stdx	$t0,$rp,$i
+	stdx	$t1,$t6,$i
+	stdx	$i,$tp,$i	; zap tp at once
+	stdx	$i,$t4,$i
+	addi	$i,$i,16
+	bdnz-	Lcopy
+___
+$code.=<<___ if ($SIZE_T==4);
+	subf	$np,$num,$np	; rewind np
+	addi	$j,$j,1		; restore counter
+	subfc	$i,$i,$i	; j=0 and "clear" XER[CA]
+	addi	$tp,$sp,`$FRAME+$TRANSFER`
+	addi	$np,$np,-4
+	addi	$rp,$rp,-4
+	addi	$ap,$sp,`$FRAME+$TRANSFER+4`
+	mtctr	$j
+
+.align	4
+Lsub:	ld	$t0,8($tp)	; load tp[j..j+3] in 64-bit word order
+	ldu	$t2,16($tp)
+	lwz	$t4,4($np)	; load np[j..j+3] in 32-bit word order
+	lwz	$t5,8($np)
+	lwz	$t6,12($np)
+	lwzu	$t7,16($np)
+	extrdi	$t1,$t0,32,0
+	extrdi	$t3,$t2,32,0
+	subfe	$t4,$t4,$t0	; tp[j]-np[j]
+	 stw	$t0,4($ap)	; save tp[j..j+3] in 32-bit word order
+	subfe	$t5,$t5,$t1	; tp[j+1]-np[j+1]
+	 stw	$t1,8($ap)
+	subfe	$t6,$t6,$t2	; tp[j+2]-np[j+2]
+	 stw	$t2,12($ap)
+	subfe	$t7,$t7,$t3	; tp[j+3]-np[j+3]
+	 stwu	$t3,16($ap)
+	stw	$t4,4($rp)
+	stw	$t5,8($rp)
+	stw	$t6,12($rp)
+	stwu	$t7,16($rp)
+	bdnz-	Lsub
+
+	li	$i,0
+	subfe	$ovf,$i,$ovf	; handle upmost overflow bit
+	addi	$tp,$sp,`$FRAME+$TRANSFER+4`
+	subf	$rp,$num,$rp	; rewind rp
+	and	$ap,$tp,$ovf
+	andc	$np,$rp,$ovf
+	or	$ap,$ap,$np	; ap=borrow?tp:rp
+	addi	$tp,$sp,`$FRAME+$TRANSFER`
+	mtctr	$j
+
+.align	4
+Lcopy:				; copy or in-place refresh
+	lwz	$t0,4($ap)
+	lwz	$t1,8($ap)
+	lwz	$t2,12($ap)
+	lwzu	$t3,16($ap)
+	std	$i,8($nap_d)	; zap nap_d
+	std	$i,16($nap_d)
+	std	$i,24($nap_d)
+	std	$i,32($nap_d)
+	std	$i,40($nap_d)
+	std	$i,48($nap_d)
+	std	$i,56($nap_d)
+	stdu	$i,64($nap_d)
+	stw	$t0,4($rp)
+	stw	$t1,8($rp)
+	stw	$t2,12($rp)
+	stwu	$t3,16($rp)
+	std	$i,8($tp)	; zap tp at once
+	stdu	$i,16($tp)
+	bdnz-	Lcopy
+___
+
+$code.=<<___;
+	$POP	r14,`2*$SIZE_T`($sp)
+	$POP	r15,`3*$SIZE_T`($sp)
+	$POP	r16,`4*$SIZE_T`($sp)
+	$POP	r17,`5*$SIZE_T`($sp)
+	$POP	r18,`6*$SIZE_T`($sp)
+	$POP	r19,`7*$SIZE_T`($sp)
+	$POP	r20,`8*$SIZE_T`($sp)
+	$POP	r21,`9*$SIZE_T`($sp)
+	$POP	r22,`10*$SIZE_T`($sp)
+	$POP	r23,`11*$SIZE_T`($sp)
+	lfd	f14,`12*$SIZE_T+0`($sp)
+	lfd	f15,`12*$SIZE_T+8`($sp)
+	lfd	f16,`12*$SIZE_T+16`($sp)
+	lfd	f17,`12*$SIZE_T+24`($sp)
+	lfd	f18,`12*$SIZE_T+32`($sp)
+	lfd	f19,`12*$SIZE_T+40`($sp)
+	lfd	f20,`12*$SIZE_T+48`($sp)
+	lfd	f21,`12*$SIZE_T+56`($sp)
+	lfd	f22,`12*$SIZE_T+64`($sp)
+	lfd	f23,`12*$SIZE_T+72`($sp)
+	lfd	f24,`12*$SIZE_T+80`($sp)
+	lfd	f25,`12*$SIZE_T+88`($sp)
+	$POP	$sp,0($sp)
+	li	r3,1	; signal "handled"
+	blr
+	.long	0
+.asciz  "Montgomery Multiplication for PPC64, CRYPTOGAMS by <appro\@fy.chalmers.se>"
+___
+
+$code =~ s/\`([^\`]*)\`/eval $1/gem;
+print $code;
+close STDOUT;
diff --git a/crypto/bn/asm/s390x-mont.pl b/crypto/bn/asm/s390x-mont.pl
new file mode 100644
index 0000000000..d23251033b
--- /dev/null
+++ b/crypto/bn/asm/s390x-mont.pl
@@ -0,0 +1,225 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# April 2007.
+#
+# Performance improvement over vanilla C code varies from 85% to 45%
+# depending on key length and benchmark. Unfortunately in this context
+# these are not very impressive results [for code that utilizes "wide"
+# 64x64=128-bit multiplication, which is not commonly available to C
+# programmers], at least hand-coded bn_asm.c replacement is known to
+# provide 30-40% better results for longest keys. Well, on a second
+# thought it's not very surprising, because z-CPUs are single-issue
+# and _strictly_ in-order execution, while bn_mul_mont is more or less
+# dependent on CPU ability to pipe-line instructions and have several
+# of them "in-flight" at the same time. I mean while other methods,
+# for example Karatsuba, aim to minimize amount of multiplications at
+# the cost of other operations increase, bn_mul_mont aim to neatly
+# "overlap" multiplications and the other operations [and on most
+# platforms even minimize the amount of the other operations, in
+# particular references to memory]. But it's possible to improve this
+# module performance by implementing dedicated squaring code-path and
+# possibly by unrolling loops...
+
+# January 2009.
+#
+# Reschedule to minimize/avoid Address Generation Interlock hazard,
+# make inner loops counter-based.
+
+$mn0="%r0";
+$num="%r1";
+
+# int bn_mul_mont(
+$rp="%r2";		# BN_ULONG *rp,
+$ap="%r3";		# const BN_ULONG *ap,
+$bp="%r4";		# const BN_ULONG *bp,
+$np="%r5";		# const BN_ULONG *np,
+$n0="%r6";		# const BN_ULONG *n0,
+#$num="160(%r15)"	# int num);
+
+$bi="%r2";	# zaps rp
+$j="%r7";
+
+$ahi="%r8";
+$alo="%r9";
+$nhi="%r10";
+$nlo="%r11";
+$AHI="%r12";
+$NHI="%r13";
+$count="%r14";
+$sp="%r15";
+
+$code.=<<___;
+.text
+.globl	bn_mul_mont
+.type	bn_mul_mont,\@function
+bn_mul_mont:
+	lgf	$num,164($sp)	# pull $num
+	sla	$num,3		# $num to enumerate bytes
+	la	$bp,0($num,$bp)
+
+	stg	%r2,16($sp)
+
+	cghi	$num,16		#
+	lghi	%r2,0		#
+	blr	%r14		# if($num<16) return 0;
+	cghi	$num,128	#
+	bhr	%r14		# if($num>128) return 0;
+
+	stmg	%r3,%r15,24($sp)
+
+	lghi	$rp,-160-8	# leave room for carry bit
+	lcgr	$j,$num		# -$num
+	lgr	%r0,$sp
+	la	$rp,0($rp,$sp)
+	la	$sp,0($j,$rp)	# alloca
+	stg	%r0,0($sp)	# back chain
+
+	sra	$num,3		# restore $num
+	la	$bp,0($j,$bp)	# restore $bp
+	ahi	$num,-1		# adjust $num for inner loop
+	lg	$n0,0($n0)	# pull n0
+
+	lg	$bi,0($bp)
+	lg	$alo,0($ap)
+	mlgr	$ahi,$bi	# ap[0]*bp[0]
+	lgr	$AHI,$ahi
+
+	lgr	$mn0,$alo	# "tp[0]"*n0
+	msgr	$mn0,$n0
+
+	lg	$nlo,0($np)	#
+	mlgr	$nhi,$mn0	# np[0]*m1
+	algr	$nlo,$alo	# +="tp[0]"
+	lghi	$NHI,0
+	alcgr	$NHI,$nhi
+
+	la	$j,8(%r0)	# j=1
+	lr	$count,$num
+
+.align	16
+.L1st:
+	lg	$alo,0($j,$ap)
+	mlgr	$ahi,$bi	# ap[j]*bp[0]
+	algr	$alo,$AHI
+	lghi	$AHI,0
+	alcgr	$AHI,$ahi
+
+	lg	$nlo,0($j,$np)
+	mlgr	$nhi,$mn0	# np[j]*m1
+	algr	$nlo,$NHI
+	lghi	$NHI,0
+	alcgr	$nhi,$NHI	# +="tp[j]"
+	algr	$nlo,$alo
+	alcgr	$NHI,$nhi
+
+	stg	$nlo,160-8($j,$sp)	# tp[j-1]=
+	la	$j,8($j)	# j++
+	brct	$count,.L1st
+
+	algr	$NHI,$AHI
+	lghi	$AHI,0
+	alcgr	$AHI,$AHI	# upmost overflow bit
+	stg	$NHI,160-8($j,$sp)
+	stg	$AHI,160($j,$sp)
+	la	$bp,8($bp)	# bp++
+
+.Louter:
+	lg	$bi,0($bp)	# bp[i]
+	lg	$alo,0($ap)
+	mlgr	$ahi,$bi	# ap[0]*bp[i]
+	alg	$alo,160($sp)	# +=tp[0]
+	lghi	$AHI,0
+	alcgr	$AHI,$ahi
+
+	lgr	$mn0,$alo
+	msgr	$mn0,$n0	# tp[0]*n0
+
+	lg	$nlo,0($np)	# np[0]
+	mlgr	$nhi,$mn0	# np[0]*m1
+	algr	$nlo,$alo	# +="tp[0]"
+	lghi	$NHI,0
+	alcgr	$NHI,$nhi
+
+	la	$j,8(%r0)	# j=1
+	lr	$count,$num
+
+.align	16
+.Linner:
+	lg	$alo,0($j,$ap)
+	mlgr	$ahi,$bi	# ap[j]*bp[i]
+	algr	$alo,$AHI
+	lghi	$AHI,0
+	alcgr	$ahi,$AHI
+	alg	$alo,160($j,$sp)# +=tp[j]
+	alcgr	$AHI,$ahi
+
+	lg	$nlo,0($j,$np)
+	mlgr	$nhi,$mn0	# np[j]*m1
+	algr	$nlo,$NHI
+	lghi	$NHI,0
+	alcgr	$nhi,$NHI
+	algr	$nlo,$alo	# +="tp[j]"
+	alcgr	$NHI,$nhi
+
+	stg	$nlo,160-8($j,$sp)	# tp[j-1]=
+	la	$j,8($j)	# j++
+	brct	$count,.Linner
+
+	algr	$NHI,$AHI
+	lghi	$AHI,0
+	alcgr	$AHI,$AHI
+	alg	$NHI,160($j,$sp)# accumulate previous upmost overflow bit
+	lghi	$ahi,0
+	alcgr	$AHI,$ahi	# new upmost overflow bit
+	stg	$NHI,160-8($j,$sp)
+	stg	$AHI,160($j,$sp)
+
+	la	$bp,8($bp)	# bp++
+	clg	$bp,160+8+32($j,$sp)	# compare to &bp[num]
+	jne	.Louter
+
+	lg	$rp,160+8+16($j,$sp)	# reincarnate rp
+	la	$ap,160($sp)
+	ahi	$num,1		# restore $num, incidentally clears "borrow"
+
+	la	$j,0(%r0)
+	lr	$count,$num
+.Lsub:	lg	$alo,0($j,$ap)
+	slbg	$alo,0($j,$np)
+	stg	$alo,0($j,$rp)
+	la	$j,8($j)
+	brct	$count,.Lsub
+	lghi	$ahi,0
+	slbgr	$AHI,$ahi	# handle upmost carry
+
+	ngr	$ap,$AHI
+	lghi	$np,-1
+	xgr	$np,$AHI
+	ngr	$np,$rp
+	ogr	$ap,$np		# ap=borrow?tp:rp
+
+	la	$j,0(%r0)
+	lgr	$count,$num
+.Lcopy:	lg	$alo,0($j,$ap)	# copy or in-place refresh
+	stg	$j,160($j,$sp)	# zap tp
+	stg	$alo,0($j,$rp)
+	la	$j,8($j)
+	brct	$count,.Lcopy
+
+	la	%r1,160+8+48($j,$sp)
+	lmg	%r6,%r15,0(%r1)
+	lghi	%r2,1		# signal "processed"
+	br	%r14
+.size	bn_mul_mont,.-bn_mul_mont
+.string	"Montgomery Multiplication for s390x, CRYPTOGAMS by <appro\@openssl.org>"
+___
+
+print $code;
+close STDOUT;
diff --git a/crypto/bn/asm/s390x.S b/crypto/bn/asm/s390x.S
new file mode 100755
index 0000000000..8f45f5d513
--- /dev/null
+++ b/crypto/bn/asm/s390x.S
@@ -0,0 +1,678 @@
+.ident "s390x.S, version 1.0"
+// ====================================================================
+// Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+// project.
+//
+// Rights for redistribution and usage in source and binary forms are
+// granted according to the OpenSSL license. Warranty of any kind is
+// disclaimed.
+// ====================================================================
+
+.text
+
+#define zero	%r0
+
+// BN_ULONG bn_mul_add_words(BN_ULONG *r2,BN_ULONG *r3,int r4,BN_ULONG r5);
+.globl	bn_mul_add_words
+.type	bn_mul_add_words,@function
+.align	4
+bn_mul_add_words:
+	lghi	zero,0		// zero = 0
+	la	%r1,0(%r2)	// put rp aside
+	lghi	%r2,0		// i=0;
+	ltgfr	%r4,%r4
+	bler	%r14		// if (len<=0) return 0;
+
+	stmg	%r6,%r10,48(%r15)
+	lghi	%r8,0		// carry = 0
+	srag	%r10,%r4,2	// cnt=len/4
+	jz	.Loop1_madd
+
+.Loop4_madd:
+	lg	%r7,0(%r2,%r3)	// ap[i]
+	mlgr	%r6,%r5		// *=w
+	algr	%r7,%r8		// +=carry
+	alcgr	%r6,zero
+	alg	%r7,0(%r2,%r1)	// +=rp[i]
+	alcgr	%r6,zero
+	stg	%r7,0(%r2,%r1)	// rp[i]=
+
+	lg	%r9,8(%r2,%r3)
+	mlgr	%r8,%r5
+	algr	%r9,%r6
+	alcgr	%r8,zero
+	alg	%r9,8(%r2,%r1)
+	alcgr	%r8,zero
+	stg	%r9,8(%r2,%r1)
+
+	lg	%r7,16(%r2,%r3)
+	mlgr	%r6,%r5
+	algr	%r7,%r8
+	alcgr	%r6,zero
+	alg	%r7,16(%r2,%r1)
+	alcgr	%r6,zero
+	stg	%r7,16(%r2,%r1)
+
+	lg	%r9,24(%r2,%r3)
+	mlgr	%r8,%r5
+	algr	%r9,%r6
+	alcgr	%r8,zero
+	alg	%r9,24(%r2,%r1)
+	alcgr	%r8,zero
+	stg	%r9,24(%r2,%r1)
+
+	la	%r2,32(%r2)	// i+=4
+	brct	%r10,.Loop4_madd
+
+	lghi	%r10,3
+	nr	%r4,%r10	// cnt=len%4
+	jz	.Lend_madd
+
+.Loop1_madd:
+	lg	%r7,0(%r2,%r3)	// ap[i]
+	mlgr	%r6,%r5		// *=w
+	algr	%r7,%r8		// +=carry
+	alcgr	%r6,zero
+	alg	%r7,0(%r2,%r1)	// +=rp[i]
+	alcgr	%r6,zero
+	stg	%r7,0(%r2,%r1)	// rp[i]=
+
+	lgr	%r8,%r6
+	la	%r2,8(%r2)	// i++
+	brct	%r4,.Loop1_madd
+
+.Lend_madd:
+	lgr	%r2,%r8
+	lmg	%r6,%r10,48(%r15)
+	br	%r14
+.size	bn_mul_add_words,.-bn_mul_add_words
+
+// BN_ULONG bn_mul_words(BN_ULONG *r2,BN_ULONG *r3,int r4,BN_ULONG r5);
+.globl	bn_mul_words
+.type	bn_mul_words,@function
+.align	4
+bn_mul_words:
+	lghi	zero,0		// zero = 0
+	la	%r1,0(%r2)	// put rp aside
+	lghi	%r2,0		// i=0;
+	ltgfr	%r4,%r4
+	bler	%r14		// if (len<=0) return 0;
+
+	stmg	%r6,%r10,48(%r15)
+	lghi	%r8,0		// carry = 0
+	srag	%r10,%r4,2	// cnt=len/4
+	jz	.Loop1_mul
+
+.Loop4_mul:
+	lg	%r7,0(%r2,%r3)	// ap[i]
+	mlgr	%r6,%r5		// *=w
+	algr	%r7,%r8		// +=carry
+	alcgr	%r6,zero
+	stg	%r7,0(%r2,%r1)	// rp[i]=
+
+	lg	%r9,8(%r2,%r3)
+	mlgr	%r8,%r5
+	algr	%r9,%r6
+	alcgr	%r8,zero
+	stg	%r9,8(%r2,%r1)
+
+	lg	%r7,16(%r2,%r3)
+	mlgr	%r6,%r5
+	algr	%r7,%r8
+	alcgr	%r6,zero
+	stg	%r7,16(%r2,%r1)
+
+	lg	%r9,24(%r2,%r3)
+	mlgr	%r8,%r5
+	algr	%r9,%r6
+	alcgr	%r8,zero
+	stg	%r9,24(%r2,%r1)
+
+	la	%r2,32(%r2)	// i+=4
+	brct	%r10,.Loop4_mul
+
+	lghi	%r10,3
+	nr	%r4,%r10	// cnt=len%4
+	jz	.Lend_mul
+
+.Loop1_mul:
+	lg	%r7,0(%r2,%r3)	// ap[i]
+	mlgr	%r6,%r5		// *=w
+	algr	%r7,%r8		// +=carry
+	alcgr	%r6,zero
+	stg	%r7,0(%r2,%r1)	// rp[i]=
+
+	lgr	%r8,%r6
+	la	%r2,8(%r2)	// i++
+	brct	%r4,.Loop1_mul
+
+.Lend_mul:
+	lgr	%r2,%r8
+	lmg	%r6,%r10,48(%r15)
+	br	%r14
+.size	bn_mul_words,.-bn_mul_words
+
+// void bn_sqr_words(BN_ULONG *r2,BN_ULONG *r2,int r4)
+.globl	bn_sqr_words
+.type	bn_sqr_words,@function
+.align	4
+bn_sqr_words:
+	ltgfr	%r4,%r4
+	bler	%r14
+
+	stmg	%r6,%r7,48(%r15)
+	srag	%r1,%r4,2	// cnt=len/4
+	jz	.Loop1_sqr
+
+.Loop4_sqr:
+	lg	%r7,0(%r3)
+	mlgr	%r6,%r7
+	stg	%r7,0(%r2)
+	stg	%r6,8(%r2)
+
+	lg	%r7,8(%r3)
+	mlgr	%r6,%r7
+	stg	%r7,16(%r2)
+	stg	%r6,24(%r2)
+
+	lg	%r7,16(%r3)
+	mlgr	%r6,%r7
+	stg	%r7,32(%r2)
+	stg	%r6,40(%r2)
+
+	lg	%r7,24(%r3)
+	mlgr	%r6,%r7
+	stg	%r7,48(%r2)
+	stg	%r6,56(%r2)
+
+	la	%r3,32(%r3)
+	la	%r2,64(%r2)
+	brct	%r1,.Loop4_sqr
+
+	lghi	%r1,3
+	nr	%r4,%r1		// cnt=len%4
+	jz	.Lend_sqr
+
+.Loop1_sqr:
+	lg	%r7,0(%r3)
+	mlgr	%r6,%r7
+	stg	%r7,0(%r2)
+	stg	%r6,8(%r2)
+
+	la	%r3,8(%r3)
+	la	%r2,16(%r2)
+	brct	%r4,.Loop1_sqr
+
+.Lend_sqr:
+	lmg	%r6,%r7,48(%r15)
+	br	%r14
+.size	bn_sqr_words,.-bn_sqr_words
+
+// BN_ULONG bn_div_words(BN_ULONG h,BN_ULONG l,BN_ULONG d);
+.globl	bn_div_words
+.type	bn_div_words,@function
+.align	4
+bn_div_words:
+	dlgr	%r2,%r4
+	lgr	%r2,%r3
+	br	%r14
+.size	bn_div_words,.-bn_div_words
+
+// BN_ULONG bn_add_words(BN_ULONG *r2,BN_ULONG *r3,BN_ULONG *r4,int r5);
+.globl	bn_add_words
+.type	bn_add_words,@function
+.align	4
+bn_add_words:
+	la	%r1,0(%r2)	// put rp aside
+	lghi	%r2,0		// i=0
+	ltgfr	%r5,%r5
+	bler	%r14		// if (len<=0) return 0;
+
+	stg	%r6,48(%r15)
+	lghi	%r6,3
+	nr	%r6,%r5		// len%4
+	sra	%r5,2		// len/4, use sra because it sets condition code
+	jz	.Loop1_add	// carry is incidentally cleared if branch taken
+	algr	%r2,%r2		// clear carry
+
+.Loop4_add:
+	lg	%r0,0(%r2,%r3)
+	alcg	%r0,0(%r2,%r4)
+	stg	%r0,0(%r2,%r1)
+	lg	%r0,8(%r2,%r3)
+	alcg	%r0,8(%r2,%r4)
+	stg	%r0,8(%r2,%r1)
+	lg	%r0,16(%r2,%r3)
+	alcg	%r0,16(%r2,%r4)
+	stg	%r0,16(%r2,%r1)
+	lg	%r0,24(%r2,%r3)
+	alcg	%r0,24(%r2,%r4)
+	stg	%r0,24(%r2,%r1)
+
+	la	%r2,32(%r2)	// i+=4
+	brct	%r5,.Loop4_add
+
+	la	%r6,1(%r6)	// see if len%4 is zero ...
+	brct	%r6,.Loop1_add	// without touching condition code:-)
+
+.Lexit_add:
+	lghi	%r2,0
+	alcgr	%r2,%r2
+	lg	%r6,48(%r15)
+	br	%r14
+
+.Loop1_add:
+	lg	%r0,0(%r2,%r3)
+	alcg	%r0,0(%r2,%r4)
+	stg	%r0,0(%r2,%r1)
+
+	la	%r2,8(%r2)	// i++
+	brct	%r6,.Loop1_add
+
+	j	.Lexit_add
+.size	bn_add_words,.-bn_add_words
+
+// BN_ULONG bn_sub_words(BN_ULONG *r2,BN_ULONG *r3,BN_ULONG *r4,int r5);
+.globl	bn_sub_words
+.type	bn_sub_words,@function
+.align	4
+bn_sub_words:
+	la	%r1,0(%r2)	// put rp aside
+	lghi	%r2,0		// i=0
+	ltgfr	%r5,%r5
+	bler	%r14		// if (len<=0) return 0;
+
+	stg	%r6,48(%r15)
+	lghi	%r6,3
+	nr	%r6,%r5		// len%4
+	sra	%r5,2		// len/4, use sra because it sets condition code
+	jnz	.Loop4_sub	// borrow is incidentally cleared if branch taken
+	slgr	%r2,%r2		// clear borrow
+
+.Loop1_sub:
+	lg	%r0,0(%r2,%r3)
+	slbg	%r0,0(%r2,%r4)
+	stg	%r0,0(%r2,%r1)
+
+	la	%r2,8(%r2)	// i++
+	brct	%r6,.Loop1_sub
+	j	.Lexit_sub
+
+.Loop4_sub:
+	lg	%r0,0(%r2,%r3)
+	slbg	%r0,0(%r2,%r4)
+	stg	%r0,0(%r2,%r1)
+	lg	%r0,8(%r2,%r3)
+	slbg	%r0,8(%r2,%r4)
+	stg	%r0,8(%r2,%r1)
+	lg	%r0,16(%r2,%r3)
+	slbg	%r0,16(%r2,%r4)
+	stg	%r0,16(%r2,%r1)
+	lg	%r0,24(%r2,%r3)
+	slbg	%r0,24(%r2,%r4)
+	stg	%r0,24(%r2,%r1)
+
+	la	%r2,32(%r2)	// i+=4
+	brct	%r5,.Loop4_sub
+
+	la	%r6,1(%r6)	// see if len%4 is zero ...
+	brct	%r6,.Loop1_sub	// without touching condition code:-)
+
+.Lexit_sub:
+	lghi	%r2,0
+	slbgr	%r2,%r2
+	lcgr	%r2,%r2
+	lg	%r6,48(%r15)
+	br	%r14
+.size	bn_sub_words,.-bn_sub_words
+
+#define c1	%r1
+#define c2	%r5
+#define c3	%r8
+
+#define mul_add_c(ai,bi,c1,c2,c3)	\
+	lg	%r7,ai*8(%r3);		\
+	mlg	%r6,bi*8(%r4);		\
+	algr	c1,%r7;			\
+	alcgr	c2,%r6;			\
+	alcgr	c3,zero
+
+// void bn_mul_comba8(BN_ULONG *r2,BN_ULONG *r3,BN_ULONG *r4);
+.globl	bn_mul_comba8
+.type	bn_mul_comba8,@function
+.align	4
+bn_mul_comba8:
+	stmg	%r6,%r8,48(%r15)
+
+	lghi	c1,0
+	lghi	c2,0
+	lghi	c3,0
+	lghi	zero,0
+
+	mul_add_c(0,0,c1,c2,c3);
+	stg	c1,0*8(%r2)
+	lghi	c1,0
+
+	mul_add_c(0,1,c2,c3,c1);
+	mul_add_c(1,0,c2,c3,c1);
+	stg	c2,1*8(%r2)
+	lghi	c2,0
+
+	mul_add_c(2,0,c3,c1,c2);
+	mul_add_c(1,1,c3,c1,c2);
+	mul_add_c(0,2,c3,c1,c2);
+	stg	c3,2*8(%r2)
+	lghi	c3,0
+
+	mul_add_c(0,3,c1,c2,c3);
+	mul_add_c(1,2,c1,c2,c3);
+	mul_add_c(2,1,c1,c2,c3);
+	mul_add_c(3,0,c1,c2,c3);
+	stg	c1,3*8(%r2)
+	lghi	c1,0
+
+	mul_add_c(4,0,c2,c3,c1);
+	mul_add_c(3,1,c2,c3,c1);
+	mul_add_c(2,2,c2,c3,c1);
+	mul_add_c(1,3,c2,c3,c1);
+	mul_add_c(0,4,c2,c3,c1);
+	stg	c2,4*8(%r2)
+	lghi	c2,0
+
+	mul_add_c(0,5,c3,c1,c2);
+	mul_add_c(1,4,c3,c1,c2);
+	mul_add_c(2,3,c3,c1,c2);
+	mul_add_c(3,2,c3,c1,c2);
+	mul_add_c(4,1,c3,c1,c2);
+	mul_add_c(5,0,c3,c1,c2);
+	stg	c3,5*8(%r2)
+	lghi	c3,0
+
+	mul_add_c(6,0,c1,c2,c3);
+	mul_add_c(5,1,c1,c2,c3);
+	mul_add_c(4,2,c1,c2,c3);
+	mul_add_c(3,3,c1,c2,c3);
+	mul_add_c(2,4,c1,c2,c3);
+	mul_add_c(1,5,c1,c2,c3);
+	mul_add_c(0,6,c1,c2,c3);
+	stg	c1,6*8(%r2)
+	lghi	c1,0
+
+	mul_add_c(0,7,c2,c3,c1);
+	mul_add_c(1,6,c2,c3,c1);
+	mul_add_c(2,5,c2,c3,c1);
+	mul_add_c(3,4,c2,c3,c1);
+	mul_add_c(4,3,c2,c3,c1);
+	mul_add_c(5,2,c2,c3,c1);
+	mul_add_c(6,1,c2,c3,c1);
+	mul_add_c(7,0,c2,c3,c1);
+	stg	c2,7*8(%r2)
+	lghi	c2,0
+
+	mul_add_c(7,1,c3,c1,c2);
+	mul_add_c(6,2,c3,c1,c2);
+	mul_add_c(5,3,c3,c1,c2);
+	mul_add_c(4,4,c3,c1,c2);
+	mul_add_c(3,5,c3,c1,c2);
+	mul_add_c(2,6,c3,c1,c2);
+	mul_add_c(1,7,c3,c1,c2);
+	stg	c3,8*8(%r2)
+	lghi	c3,0
+
+	mul_add_c(2,7,c1,c2,c3);
+	mul_add_c(3,6,c1,c2,c3);
+	mul_add_c(4,5,c1,c2,c3);
+	mul_add_c(5,4,c1,c2,c3);
+	mul_add_c(6,3,c1,c2,c3);
+	mul_add_c(7,2,c1,c2,c3);
+	stg	c1,9*8(%r2)
+	lghi	c1,0
+
+	mul_add_c(7,3,c2,c3,c1);
+	mul_add_c(6,4,c2,c3,c1);
+	mul_add_c(5,5,c2,c3,c1);
+	mul_add_c(4,6,c2,c3,c1);
+	mul_add_c(3,7,c2,c3,c1);
+	stg	c2,10*8(%r2)
+	lghi	c2,0
+
+	mul_add_c(4,7,c3,c1,c2);
+	mul_add_c(5,6,c3,c1,c2);
+	mul_add_c(6,5,c3,c1,c2);
+	mul_add_c(7,4,c3,c1,c2);
+	stg	c3,11*8(%r2)
+	lghi	c3,0
+
+	mul_add_c(7,5,c1,c2,c3);
+	mul_add_c(6,6,c1,c2,c3);
+	mul_add_c(5,7,c1,c2,c3);
+	stg	c1,12*8(%r2)
+	lghi	c1,0
+
+
+	mul_add_c(6,7,c2,c3,c1);
+	mul_add_c(7,6,c2,c3,c1);
+	stg	c2,13*8(%r2)
+	lghi	c2,0
+
+	mul_add_c(7,7,c3,c1,c2);
+	stg	c3,14*8(%r2)
+	stg	c1,15*8(%r2)
+
+	lmg	%r6,%r8,48(%r15)
+	br	%r14
+.size	bn_mul_comba8,.-bn_mul_comba8
+
+// void bn_mul_comba4(BN_ULONG *r2,BN_ULONG *r3,BN_ULONG *r4);
+.globl	bn_mul_comba4
+.type	bn_mul_comba4,@function
+.align	4
+bn_mul_comba4:
+	stmg	%r6,%r8,48(%r15)
+
+	lghi	c1,0
+	lghi	c2,0
+	lghi	c3,0
+	lghi	zero,0
+
+	mul_add_c(0,0,c1,c2,c3);
+	stg	c1,0*8(%r3)
+	lghi	c1,0
+
+	mul_add_c(0,1,c2,c3,c1);
+	mul_add_c(1,0,c2,c3,c1);
+	stg	c2,1*8(%r2)
+	lghi	c2,0
+
+	mul_add_c(2,0,c3,c1,c2);
+	mul_add_c(1,1,c3,c1,c2);
+	mul_add_c(0,2,c3,c1,c2);
+	stg	c3,2*8(%r2)
+	lghi	c3,0
+
+	mul_add_c(0,3,c1,c2,c3);
+	mul_add_c(1,2,c1,c2,c3);
+	mul_add_c(2,1,c1,c2,c3);
+	mul_add_c(3,0,c1,c2,c3);
+	stg	c1,3*8(%r2)
+	lghi	c1,0
+
+	mul_add_c(3,1,c2,c3,c1);
+	mul_add_c(2,2,c2,c3,c1);
+	mul_add_c(1,3,c2,c3,c1);
+	stg	c2,4*8(%r2)
+	lghi	c2,0
+
+	mul_add_c(2,3,c3,c1,c2);
+	mul_add_c(3,2,c3,c1,c2);
+	stg	c3,5*8(%r2)
+	lghi	c3,0
+
+	mul_add_c(3,3,c1,c2,c3);
+	stg	c1,6*8(%r2)
+	stg	c2,7*8(%r2)
+
+	stmg	%r6,%r8,48(%r15)
+	br	%r14
+.size	bn_mul_comba4,.-bn_mul_comba4
+
+#define sqr_add_c(ai,c1,c2,c3)		\
+	lg	%r7,ai*8(%r3);		\
+	mlgr	%r6,%r7;		\
+	algr	c1,%r7;			\
+	alcgr	c2,%r6;			\
+	alcgr	c3,zero
+
+#define sqr_add_c2(ai,aj,c1,c2,c3)	\
+	lg	%r7,ai*8(%r3);		\
+	mlg	%r6,aj*8(%r3);		\
+	algr	c1,%r7;			\
+	alcgr	c2,%r6;			\
+	alcgr	c3,zero;		\
+	algr	c1,%r7;			\
+	alcgr	c2,%r6;			\
+	alcgr	c3,zero
+
+// void bn_sqr_comba8(BN_ULONG *r2,BN_ULONG *r3);
+.globl	bn_sqr_comba8
+.type	bn_sqr_comba8,@function
+.align	4
+bn_sqr_comba8:
+	stmg	%r6,%r8,48(%r15)
+
+	lghi	c1,0
+	lghi	c2,0
+	lghi	c3,0
+	lghi	zero,0
+
+	sqr_add_c(0,c1,c2,c3);
+	stg	c1,0*8(%r2)
+	lghi	c1,0
+
+	sqr_add_c2(1,0,c2,c3,c1);
+	stg	c2,1*8(%r2)
+	lghi	c2,0
+
+	sqr_add_c(1,c3,c1,c2);
+	sqr_add_c2(2,0,c3,c1,c2);
+	stg	c3,2*8(%r2)
+	lghi	c3,0
+
+	sqr_add_c2(3,0,c1,c2,c3);
+	sqr_add_c2(2,1,c1,c2,c3);
+	stg	c1,3*8(%r2)
+	lghi	c1,0
+
+	sqr_add_c(2,c2,c3,c1);
+	sqr_add_c2(3,1,c2,c3,c1);
+	sqr_add_c2(4,0,c2,c3,c1);
+	stg	c2,4*8(%r2)
+	lghi	c2,0
+
+	sqr_add_c2(5,0,c3,c1,c2);
+	sqr_add_c2(4,1,c3,c1,c2);
+	sqr_add_c2(3,2,c3,c1,c2);
+	stg	c3,5*8(%r2)
+	lghi	c3,0
+
+	sqr_add_c(3,c1,c2,c3);
+	sqr_add_c2(4,2,c1,c2,c3);
+	sqr_add_c2(5,1,c1,c2,c3);
+	sqr_add_c2(6,0,c1,c2,c3);
+	stg	c1,6*8(%r2)
+	lghi	c1,0
+
+	sqr_add_c2(7,0,c2,c3,c1);
+	sqr_add_c2(6,1,c2,c3,c1);
+	sqr_add_c2(5,2,c2,c3,c1);
+	sqr_add_c2(4,3,c2,c3,c1);
+	stg	c2,7*8(%r2)
+	lghi	c2,0
+
+	sqr_add_c(4,c3,c1,c2);
+	sqr_add_c2(5,3,c3,c1,c2);
+	sqr_add_c2(6,2,c3,c1,c2);
+	sqr_add_c2(7,1,c3,c1,c2);
+	stg	c3,8*8(%r2)
+	lghi	c3,0
+
+	sqr_add_c2(7,2,c1,c2,c3);
+	sqr_add_c2(6,3,c1,c2,c3);
+	sqr_add_c2(5,4,c1,c2,c3);
+	stg	c1,9*8(%r2)
+	lghi	c1,0
+
+	sqr_add_c(5,c2,c3,c1);
+	sqr_add_c2(6,4,c2,c3,c1);
+	sqr_add_c2(7,3,c2,c3,c1);
+	stg	c2,10*8(%r2)
+	lghi	c2,0
+
+	sqr_add_c2(7,4,c3,c1,c2);
+	sqr_add_c2(6,5,c3,c1,c2);
+	stg	c3,11*8(%r2)
+	lghi	c3,0
+
+	sqr_add_c(6,c1,c2,c3);
+	sqr_add_c2(7,5,c1,c2,c3);
+	stg	c1,12*8(%r2)
+	lghi	c1,0
+
+	sqr_add_c2(7,6,c2,c3,c1);
+	stg	c2,13*8(%r2)
+	lghi	c2,0
+
+	sqr_add_c(7,c3,c1,c2);
+	stg	c3,14*8(%r2)
+	stg	c1,15*8(%r2)
+
+	lmg	%r6,%r8,48(%r15)
+	br	%r14
+.size	bn_sqr_comba8,.-bn_sqr_comba8
+
+// void bn_sqr_comba4(BN_ULONG *r2,BN_ULONG *r3);
+.globl bn_sqr_comba4
+.type	bn_sqr_comba4,@function
+.align	4
+bn_sqr_comba4:
+	stmg	%r6,%r8,48(%r15)
+
+	lghi	c1,0
+	lghi	c2,0
+	lghi	c3,0
+	lghi	zero,0
+
+	sqr_add_c(0,c1,c2,c3);
+	stg	c1,0*8(%r2)
+	lghi	c1,0
+
+	sqr_add_c2(1,0,c2,c3,c1);
+	stg	c2,1*8(%r2)
+	lghi	c2,0
+
+	sqr_add_c(1,c3,c1,c2);
+	sqr_add_c2(2,0,c3,c1,c2);
+	stg	c3,2*8(%r2)
+	lghi	c3,0
+
+	sqr_add_c2(3,0,c1,c2,c3);
+	sqr_add_c2(2,1,c1,c2,c3);
+	stg	c1,3*8(%r2)
+	lghi	c1,0
+
+	sqr_add_c(2,c2,c3,c1);
+	sqr_add_c2(3,1,c2,c3,c1);
+	stg	c2,4*8(%r2)
+	lghi	c2,0
+
+	sqr_add_c2(3,2,c3,c1,c2);
+	stg	c3,5*8(%r2)
+	lghi	c3,0
+
+	sqr_add_c(3,c1,c2,c3);
+	stg	c1,6*8(%r2)
+	stg	c2,7*8(%r2)
+
+	lmg	%r6,%r8,48(%r15)
+	br	%r14
+.size	bn_sqr_comba4,.-bn_sqr_comba4
diff --git a/crypto/bn/asm/sparcv8plus.S b/crypto/bn/asm/sparcv8plus.S
index 0074dfdb75..63de1860f2 100644
--- a/crypto/bn/asm/sparcv8plus.S
+++ b/crypto/bn/asm/sparcv8plus.S
@@ -144,6 +144,19 @@
  *	    }
  */
 
+#if defined(__SUNPRO_C) && defined(__sparcv9)
+  /* They've said -xarch=v9 at command line */
+  .register	%g2,#scratch
+  .register	%g3,#scratch
+# define	FRAME_SIZE	-192
+#elif defined(__GNUC__) && defined(__arch64__)
+  /* They've said -m64 at command line */
+  .register	%g2,#scratch
+  .register	%g3,#scratch
+# define	FRAME_SIZE	-192
+#else 
+# define	FRAME_SIZE	-96
+#endif 
 /*
  * GNU assembler can't stand stuw:-(
  */
@@ -162,10 +175,14 @@
  * BN_ULONG w;
  */
 bn_mul_add_words:
+	sra	%o2,%g0,%o2	! signx %o2
 	brgz,a	%o2,.L_bn_mul_add_words_proceed
 	lduw	[%o1],%g2
 	retl
 	clr	%o0
+	nop
+	nop
+	nop
 
 .L_bn_mul_add_words_proceed:
 	srl	%o3,%g0,%o3	! clruw	%o3
@@ -260,10 +277,14 @@ bn_mul_add_words:
  * BN_ULONG w;
  */
 bn_mul_words:
+	sra	%o2,%g0,%o2	! signx %o2
 	brgz,a	%o2,.L_bn_mul_words_proceeed
 	lduw	[%o1],%g2
 	retl
 	clr	%o0
+	nop
+	nop
+	nop
 
 .L_bn_mul_words_proceeed:
 	srl	%o3,%g0,%o3	! clruw	%o3
@@ -344,10 +365,14 @@ bn_mul_words:
  * int n;
  */
 bn_sqr_words:
+	sra	%o2,%g0,%o2	! signx %o2
 	brgz,a	%o2,.L_bn_sqr_words_proceeed
 	lduw	[%o1],%g2
 	retl
 	clr	%o0
+	nop
+	nop
+	nop
 
 .L_bn_sqr_words_proceeed:
 	andcc	%o2,-4,%g0
@@ -445,6 +470,7 @@ bn_div_words:
  * int n;
  */
 bn_add_words:
+	sra	%o3,%g0,%o3	! signx %o3
 	brgz,a	%o3,.L_bn_add_words_proceed
 	lduw	[%o1],%o4
 	retl
@@ -454,7 +480,6 @@ bn_add_words:
 	andcc	%o3,-4,%g0
 	bz,pn	%icc,.L_bn_add_words_tail
 	addcc	%g0,0,%g0	! clear carry flag
-	nop
 
 .L_bn_add_words_loop:		! wow! 32 aligned!
 	dec	4,%o3
@@ -523,6 +548,7 @@ bn_add_words:
  * int n;
  */
 bn_sub_words:
+	sra	%o3,%g0,%o3	! signx %o3
 	brgz,a	%o3,.L_bn_sub_words_proceed
 	lduw	[%o1],%o4
 	retl
@@ -532,7 +558,6 @@ bn_sub_words:
 	andcc	%o3,-4,%g0
 	bz,pn	%icc,.L_bn_sub_words_tail
 	addcc	%g0,0,%g0	! clear carry flag
-	nop
 
 .L_bn_sub_words_loop:		! wow! 32 aligned!
 	dec	4,%o3
@@ -607,8 +632,6 @@ bn_sub_words:
  *							Andy.
  */
 
-#define FRAME_SIZE	-96
-
 /*
  * Here is register usage map for *all* routines below.
  */
diff --git a/crypto/bn/asm/sparcv9-mont.pl b/crypto/bn/asm/sparcv9-mont.pl
new file mode 100644
index 0000000000..b8fb1e8a25
--- /dev/null
+++ b/crypto/bn/asm/sparcv9-mont.pl
@@ -0,0 +1,606 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# December 2005
+#
+# Pure SPARCv9/8+ and IALU-only bn_mul_mont implementation. The reasons
+# for undertaken effort are multiple. First of all, UltraSPARC is not
+# the whole SPARCv9 universe and other VIS-free implementations deserve
+# optimized code as much. Secondly, newly introduced UltraSPARC T1,
+# a.k.a. Niagara, has shared FPU and concurrent FPU-intensive pathes,
+# such as sparcv9a-mont, will simply sink it. Yes, T1 is equipped with
+# several integrated RSA/DSA accelerator circuits accessible through
+# kernel driver [only(*)], but having decent user-land software
+# implementation is important too. Finally, reasons like desire to
+# experiment with dedicated squaring procedure. Yes, this module
+# implements one, because it was easiest to draft it in SPARCv9
+# instructions...
+
+# (*)	Engine accessing the driver in question is on my TODO list.
+#	For reference, acceleator is estimated to give 6 to 10 times
+#	improvement on single-threaded RSA sign. It should be noted
+#	that 6-10x improvement coefficient does not actually mean
+#	something extraordinary in terms of absolute [single-threaded]
+#	performance, as SPARCv9 instruction set is by all means least
+#	suitable for high performance crypto among other 64 bit
+#	platforms. 6-10x factor simply places T1 in same performance
+#	domain as say AMD64 and IA-64. Improvement of RSA verify don't
+#	appear impressive at all, but it's the sign operation which is
+#	far more critical/interesting.
+
+# You might notice that inner loops are modulo-scheduled:-) This has
+# essentially negligible impact on UltraSPARC performance, it's
+# Fujitsu SPARC64 V users who should notice and hopefully appreciate
+# the advantage... Currently this module surpasses sparcv9a-mont.pl
+# by ~20% on UltraSPARC-III and later cores, but recall that sparcv9a
+# module still have hidden potential [see TODO list there], which is
+# estimated to be larger than 20%...
+
+# int bn_mul_mont(
+$rp="%i0";	# BN_ULONG *rp,
+$ap="%i1";	# const BN_ULONG *ap,
+$bp="%i2";	# const BN_ULONG *bp,
+$np="%i3";	# const BN_ULONG *np,
+$n0="%i4";	# const BN_ULONG *n0,
+$num="%i5";	# int num);
+
+$bits=32;
+for (@ARGV)	{ $bits=64 if (/\-m64/ || /\-xarch\=v9/); }
+if ($bits==64)	{ $bias=2047; $frame=192; }
+else		{ $bias=0;    $frame=128; }
+
+$car0="%o0";
+$car1="%o1";
+$car2="%o2";	# 1 bit
+$acc0="%o3";
+$acc1="%o4";
+$mask="%g1";	# 32 bits, what a waste...
+$tmp0="%g4";
+$tmp1="%g5";
+
+$i="%l0";
+$j="%l1";
+$mul0="%l2";
+$mul1="%l3";
+$tp="%l4";
+$apj="%l5";
+$npj="%l6";
+$tpj="%l7";
+
+$fname="bn_mul_mont_int";
+
+$code=<<___;
+.section	".text",#alloc,#execinstr
+
+.global	$fname
+.align	32
+$fname:
+	cmp	%o5,4			! 128 bits minimum
+	bge,pt	%icc,.Lenter
+	sethi	%hi(0xffffffff),$mask
+	retl
+	clr	%o0
+.align	32
+.Lenter:
+	save	%sp,-$frame,%sp
+	sll	$num,2,$num		! num*=4
+	or	$mask,%lo(0xffffffff),$mask
+	ld	[$n0],$n0
+	cmp	$ap,$bp
+	and	$num,$mask,$num
+	ld	[$bp],$mul0		! bp[0]
+	nop
+
+	add	%sp,$bias,%o7		! real top of stack
+	ld	[$ap],$car0		! ap[0] ! redundant in squaring context
+	sub	%o7,$num,%o7
+	ld	[$ap+4],$apj		! ap[1]
+	and	%o7,-1024,%o7
+	ld	[$np],$car1		! np[0]
+	sub	%o7,$bias,%sp		! alloca
+	ld	[$np+4],$npj		! np[1]
+	be,pt	`$bits==32?"%icc":"%xcc"`,.Lbn_sqr_mont
+	mov	12,$j
+
+	mulx	$car0,$mul0,$car0	! ap[0]*bp[0]
+	mulx	$apj,$mul0,$tmp0	!prologue! ap[1]*bp[0]
+	and	$car0,$mask,$acc0
+	add	%sp,$bias+$frame,$tp
+	ld	[$ap+8],$apj		!prologue!
+
+	mulx	$n0,$acc0,$mul1		! "t[0]"*n0
+	and	$mul1,$mask,$mul1
+
+	mulx	$car1,$mul1,$car1	! np[0]*"t[0]"*n0
+	mulx	$npj,$mul1,$acc1	!prologue! np[1]*"t[0]"*n0
+	srlx	$car0,32,$car0
+	add	$acc0,$car1,$car1
+	ld	[$np+8],$npj		!prologue!
+	srlx	$car1,32,$car1
+	mov	$tmp0,$acc0		!prologue!
+
+.L1st:
+	mulx	$apj,$mul0,$tmp0
+	mulx	$npj,$mul1,$tmp1
+	add	$acc0,$car0,$car0
+	ld	[$ap+$j],$apj		! ap[j]
+	and	$car0,$mask,$acc0
+	add	$acc1,$car1,$car1
+	ld	[$np+$j],$npj		! np[j]
+	srlx	$car0,32,$car0
+	add	$acc0,$car1,$car1
+	add	$j,4,$j			! j++
+	mov	$tmp0,$acc0
+	st	$car1,[$tp]
+	cmp	$j,$num
+	mov	$tmp1,$acc1
+	srlx	$car1,32,$car1
+	bl	%icc,.L1st
+	add	$tp,4,$tp		! tp++
+!.L1st
+
+	mulx	$apj,$mul0,$tmp0	!epilogue!
+	mulx	$npj,$mul1,$tmp1
+	add	$acc0,$car0,$car0
+	and	$car0,$mask,$acc0
+	add	$acc1,$car1,$car1
+	srlx	$car0,32,$car0
+	add	$acc0,$car1,$car1
+	st	$car1,[$tp]
+	srlx	$car1,32,$car1
+
+	add	$tmp0,$car0,$car0
+	and	$car0,$mask,$acc0
+	add	$tmp1,$car1,$car1
+	srlx	$car0,32,$car0
+	add	$acc0,$car1,$car1
+	st	$car1,[$tp+4]
+	srlx	$car1,32,$car1
+
+	add	$car0,$car1,$car1
+	st	$car1,[$tp+8]
+	srlx	$car1,32,$car2
+
+	mov	4,$i			! i++
+	ld	[$bp+4],$mul0		! bp[1]
+.Louter:
+	add	%sp,$bias+$frame,$tp
+	ld	[$ap],$car0		! ap[0]
+	ld	[$ap+4],$apj		! ap[1]
+	ld	[$np],$car1		! np[0]
+	ld	[$np+4],$npj		! np[1]
+	ld	[$tp],$tmp1		! tp[0]
+	ld	[$tp+4],$tpj		! tp[1]
+	mov	12,$j
+
+	mulx	$car0,$mul0,$car0
+	mulx	$apj,$mul0,$tmp0	!prologue!
+	add	$tmp1,$car0,$car0
+	ld	[$ap+8],$apj		!prologue!
+	and	$car0,$mask,$acc0
+
+	mulx	$n0,$acc0,$mul1
+	and	$mul1,$mask,$mul1
+
+	mulx	$car1,$mul1,$car1
+	mulx	$npj,$mul1,$acc1	!prologue!
+	srlx	$car0,32,$car0
+	add	$acc0,$car1,$car1
+	ld	[$np+8],$npj		!prologue!
+	srlx	$car1,32,$car1
+	mov	$tmp0,$acc0		!prologue!
+
+.Linner:
+	mulx	$apj,$mul0,$tmp0
+	mulx	$npj,$mul1,$tmp1
+	add	$tpj,$car0,$car0
+	ld	[$ap+$j],$apj		! ap[j]
+	add	$acc0,$car0,$car0
+	add	$acc1,$car1,$car1
+	ld	[$np+$j],$npj		! np[j]
+	and	$car0,$mask,$acc0
+	ld	[$tp+8],$tpj		! tp[j]
+	srlx	$car0,32,$car0
+	add	$acc0,$car1,$car1
+	add	$j,4,$j			! j++
+	mov	$tmp0,$acc0
+	st	$car1,[$tp]		! tp[j-1]
+	srlx	$car1,32,$car1
+	mov	$tmp1,$acc1
+	cmp	$j,$num
+	bl	%icc,.Linner
+	add	$tp,4,$tp		! tp++
+!.Linner
+
+	mulx	$apj,$mul0,$tmp0	!epilogue!
+	mulx	$npj,$mul1,$tmp1
+	add	$tpj,$car0,$car0
+	add	$acc0,$car0,$car0
+	ld	[$tp+8],$tpj		! tp[j]
+	and	$car0,$mask,$acc0
+	add	$acc1,$car1,$car1
+	srlx	$car0,32,$car0
+	add	$acc0,$car1,$car1
+	st	$car1,[$tp]		! tp[j-1]
+	srlx	$car1,32,$car1
+
+	add	$tpj,$car0,$car0
+	add	$tmp0,$car0,$car0
+	and	$car0,$mask,$acc0
+	add	$tmp1,$car1,$car1
+	add	$acc0,$car1,$car1
+	st	$car1,[$tp+4]		! tp[j-1]
+	srlx	$car0,32,$car0
+	add	$i,4,$i			! i++
+	srlx	$car1,32,$car1
+
+	add	$car0,$car1,$car1
+	cmp	$i,$num
+	add	$car2,$car1,$car1
+	st	$car1,[$tp+8]
+
+	srlx	$car1,32,$car2
+	bl,a	%icc,.Louter
+	ld	[$bp+$i],$mul0		! bp[i]
+!.Louter
+
+	add	$tp,12,$tp
+
+.Ltail:
+	add	$np,$num,$np
+	add	$rp,$num,$rp
+	mov	$tp,$ap
+	sub	%g0,$num,%o7		! k=-num
+	ba	.Lsub
+	subcc	%g0,%g0,%g0		! clear %icc.c
+.align	16
+.Lsub:
+	ld	[$tp+%o7],%o0
+	ld	[$np+%o7],%o1
+	subccc	%o0,%o1,%o1		! tp[j]-np[j]
+	add	$rp,%o7,$i
+	add	%o7,4,%o7
+	brnz	%o7,.Lsub
+	st	%o1,[$i]
+	subc	$car2,0,$car2		! handle upmost overflow bit
+	and	$tp,$car2,$ap
+	andn	$rp,$car2,$np
+	or	$ap,$np,$ap
+	sub	%g0,$num,%o7
+
+.Lcopy:
+	ld	[$ap+%o7],%o0		! copy or in-place refresh
+	st	%g0,[$tp+%o7]		! zap tp
+	st	%o0,[$rp+%o7]
+	add	%o7,4,%o7
+	brnz	%o7,.Lcopy
+	nop
+	mov	1,%i0
+	ret
+	restore
+___
+
+########
+######## .Lbn_sqr_mont gives up to 20% *overall* improvement over
+######## code without following dedicated squaring procedure.
+########
+$sbit="%i2";		# re-use $bp!
+
+$code.=<<___;
+.align	32
+.Lbn_sqr_mont:
+	mulx	$mul0,$mul0,$car0		! ap[0]*ap[0]
+	mulx	$apj,$mul0,$tmp0		!prologue!
+	and	$car0,$mask,$acc0
+	add	%sp,$bias+$frame,$tp
+	ld	[$ap+8],$apj			!prologue!
+
+	mulx	$n0,$acc0,$mul1			! "t[0]"*n0
+	srlx	$car0,32,$car0
+	and	$mul1,$mask,$mul1
+
+	mulx	$car1,$mul1,$car1		! np[0]*"t[0]"*n0
+	mulx	$npj,$mul1,$acc1		!prologue!
+	and	$car0,1,$sbit
+	ld	[$np+8],$npj			!prologue!
+	srlx	$car0,1,$car0
+	add	$acc0,$car1,$car1
+	srlx	$car1,32,$car1
+	mov	$tmp0,$acc0			!prologue!
+
+.Lsqr_1st:
+	mulx	$apj,$mul0,$tmp0
+	mulx	$npj,$mul1,$tmp1
+	add	$acc0,$car0,$car0		! ap[j]*a0+c0
+	add	$acc1,$car1,$car1
+	ld	[$ap+$j],$apj			! ap[j]
+	and	$car0,$mask,$acc0
+	ld	[$np+$j],$npj			! np[j]
+	srlx	$car0,32,$car0
+	add	$acc0,$acc0,$acc0
+	or	$sbit,$acc0,$acc0
+	mov	$tmp1,$acc1
+	srlx	$acc0,32,$sbit
+	add	$j,4,$j				! j++
+	and	$acc0,$mask,$acc0
+	cmp	$j,$num
+	add	$acc0,$car1,$car1
+	st	$car1,[$tp]
+	mov	$tmp0,$acc0
+	srlx	$car1,32,$car1
+	bl	%icc,.Lsqr_1st
+	add	$tp,4,$tp			! tp++
+!.Lsqr_1st
+
+	mulx	$apj,$mul0,$tmp0		! epilogue
+	mulx	$npj,$mul1,$tmp1
+	add	$acc0,$car0,$car0		! ap[j]*a0+c0
+	add	$acc1,$car1,$car1
+	and	$car0,$mask,$acc0
+	srlx	$car0,32,$car0
+	add	$acc0,$acc0,$acc0
+	or	$sbit,$acc0,$acc0
+	srlx	$acc0,32,$sbit
+	and	$acc0,$mask,$acc0
+	add	$acc0,$car1,$car1
+	st	$car1,[$tp]
+	srlx	$car1,32,$car1
+
+	add	$tmp0,$car0,$car0		! ap[j]*a0+c0
+	add	$tmp1,$car1,$car1
+	and	$car0,$mask,$acc0
+	srlx	$car0,32,$car0
+	add	$acc0,$acc0,$acc0
+	or	$sbit,$acc0,$acc0
+	srlx	$acc0,32,$sbit
+	and	$acc0,$mask,$acc0
+	add	$acc0,$car1,$car1
+	st	$car1,[$tp+4]
+	srlx	$car1,32,$car1
+
+	add	$car0,$car0,$car0
+	or	$sbit,$car0,$car0
+	add	$car0,$car1,$car1
+	st	$car1,[$tp+8]
+	srlx	$car1,32,$car2
+
+	ld	[%sp+$bias+$frame],$tmp0	! tp[0]
+	ld	[%sp+$bias+$frame+4],$tmp1	! tp[1]
+	ld	[%sp+$bias+$frame+8],$tpj	! tp[2]
+	ld	[$ap+4],$mul0			! ap[1]
+	ld	[$ap+8],$apj			! ap[2]
+	ld	[$np],$car1			! np[0]
+	ld	[$np+4],$npj			! np[1]
+	mulx	$n0,$tmp0,$mul1
+
+	mulx	$mul0,$mul0,$car0
+	and	$mul1,$mask,$mul1
+
+	mulx	$car1,$mul1,$car1
+	mulx	$npj,$mul1,$acc1
+	add	$tmp0,$car1,$car1
+	and	$car0,$mask,$acc0
+	ld	[$np+8],$npj			! np[2]
+	srlx	$car1,32,$car1
+	add	$tmp1,$car1,$car1
+	srlx	$car0,32,$car0
+	add	$acc0,$car1,$car1
+	and	$car0,1,$sbit
+	add	$acc1,$car1,$car1
+	srlx	$car0,1,$car0
+	mov	12,$j
+	st	$car1,[%sp+$bias+$frame]	! tp[0]=
+	srlx	$car1,32,$car1
+	add	%sp,$bias+$frame+4,$tp
+
+.Lsqr_2nd:
+	mulx	$apj,$mul0,$acc0
+	mulx	$npj,$mul1,$acc1
+	add	$acc0,$car0,$car0
+	add	$tpj,$car1,$car1
+	ld	[$ap+$j],$apj			! ap[j]
+	and	$car0,$mask,$acc0
+	ld	[$np+$j],$npj			! np[j]
+	srlx	$car0,32,$car0
+	add	$acc1,$car1,$car1
+	ld	[$tp+8],$tpj			! tp[j]
+	add	$acc0,$acc0,$acc0
+	add	$j,4,$j				! j++
+	or	$sbit,$acc0,$acc0
+	srlx	$acc0,32,$sbit
+	and	$acc0,$mask,$acc0
+	cmp	$j,$num
+	add	$acc0,$car1,$car1
+	st	$car1,[$tp]			! tp[j-1]
+	srlx	$car1,32,$car1
+	bl	%icc,.Lsqr_2nd
+	add	$tp,4,$tp			! tp++
+!.Lsqr_2nd
+
+	mulx	$apj,$mul0,$acc0
+	mulx	$npj,$mul1,$acc1
+	add	$acc0,$car0,$car0
+	add	$tpj,$car1,$car1
+	and	$car0,$mask,$acc0
+	srlx	$car0,32,$car0
+	add	$acc1,$car1,$car1
+	add	$acc0,$acc0,$acc0
+	or	$sbit,$acc0,$acc0
+	srlx	$acc0,32,$sbit
+	and	$acc0,$mask,$acc0
+	add	$acc0,$car1,$car1
+	st	$car1,[$tp]			! tp[j-1]
+	srlx	$car1,32,$car1
+
+	add	$car0,$car0,$car0
+	or	$sbit,$car0,$car0
+	add	$car0,$car1,$car1
+	add	$car2,$car1,$car1
+	st	$car1,[$tp+4]
+	srlx	$car1,32,$car2
+
+	ld	[%sp+$bias+$frame],$tmp1	! tp[0]
+	ld	[%sp+$bias+$frame+4],$tpj	! tp[1]
+	ld	[$ap+8],$mul0			! ap[2]
+	ld	[$np],$car1			! np[0]
+	ld	[$np+4],$npj			! np[1]
+	mulx	$n0,$tmp1,$mul1
+	and	$mul1,$mask,$mul1
+	mov	8,$i
+
+	mulx	$mul0,$mul0,$car0
+	mulx	$car1,$mul1,$car1
+	and	$car0,$mask,$acc0
+	add	$tmp1,$car1,$car1
+	srlx	$car0,32,$car0
+	add	%sp,$bias+$frame,$tp
+	srlx	$car1,32,$car1
+	and	$car0,1,$sbit
+	srlx	$car0,1,$car0
+	mov	4,$j
+
+.Lsqr_outer:
+.Lsqr_inner1:
+	mulx	$npj,$mul1,$acc1
+	add	$tpj,$car1,$car1
+	add	$j,4,$j
+	ld	[$tp+8],$tpj
+	cmp	$j,$i
+	add	$acc1,$car1,$car1
+	ld	[$np+$j],$npj
+	st	$car1,[$tp]
+	srlx	$car1,32,$car1
+	bl	%icc,.Lsqr_inner1
+	add	$tp,4,$tp
+!.Lsqr_inner1
+
+	add	$j,4,$j
+	ld	[$ap+$j],$apj			! ap[j]
+	mulx	$npj,$mul1,$acc1
+	add	$tpj,$car1,$car1
+	ld	[$np+$j],$npj			! np[j]
+	add	$acc0,$car1,$car1
+	ld	[$tp+8],$tpj			! tp[j]
+	add	$acc1,$car1,$car1
+	st	$car1,[$tp]
+	srlx	$car1,32,$car1
+
+	add	$j,4,$j
+	cmp	$j,$num
+	be,pn	%icc,.Lsqr_no_inner2
+	add	$tp,4,$tp
+
+.Lsqr_inner2:
+	mulx	$apj,$mul0,$acc0
+	mulx	$npj,$mul1,$acc1
+	add	$tpj,$car1,$car1
+	add	$acc0,$car0,$car0
+	ld	[$ap+$j],$apj			! ap[j]
+	and	$car0,$mask,$acc0
+	ld	[$np+$j],$npj			! np[j]
+	srlx	$car0,32,$car0
+	add	$acc0,$acc0,$acc0
+	ld	[$tp+8],$tpj			! tp[j]
+	or	$sbit,$acc0,$acc0
+	add	$j,4,$j				! j++
+	srlx	$acc0,32,$sbit
+	and	$acc0,$mask,$acc0
+	cmp	$j,$num
+	add	$acc0,$car1,$car1
+	add	$acc1,$car1,$car1
+	st	$car1,[$tp]			! tp[j-1]
+	srlx	$car1,32,$car1
+	bl	%icc,.Lsqr_inner2
+	add	$tp,4,$tp			! tp++
+
+.Lsqr_no_inner2:
+	mulx	$apj,$mul0,$acc0
+	mulx	$npj,$mul1,$acc1
+	add	$tpj,$car1,$car1
+	add	$acc0,$car0,$car0
+	and	$car0,$mask,$acc0
+	srlx	$car0,32,$car0
+	add	$acc0,$acc0,$acc0
+	or	$sbit,$acc0,$acc0
+	srlx	$acc0,32,$sbit
+	and	$acc0,$mask,$acc0
+	add	$acc0,$car1,$car1
+	add	$acc1,$car1,$car1
+	st	$car1,[$tp]			! tp[j-1]
+	srlx	$car1,32,$car1
+
+	add	$car0,$car0,$car0
+	or	$sbit,$car0,$car0
+	add	$car0,$car1,$car1
+	add	$car2,$car1,$car1
+	st	$car1,[$tp+4]
+	srlx	$car1,32,$car2
+
+	add	$i,4,$i				! i++
+	ld	[%sp+$bias+$frame],$tmp1	! tp[0]
+	ld	[%sp+$bias+$frame+4],$tpj	! tp[1]
+	ld	[$ap+$i],$mul0			! ap[j]
+	ld	[$np],$car1			! np[0]
+	ld	[$np+4],$npj			! np[1]
+	mulx	$n0,$tmp1,$mul1
+	and	$mul1,$mask,$mul1
+	add	$i,4,$tmp0
+
+	mulx	$mul0,$mul0,$car0
+	mulx	$car1,$mul1,$car1
+	and	$car0,$mask,$acc0
+	add	$tmp1,$car1,$car1
+	srlx	$car0,32,$car0
+	add	%sp,$bias+$frame,$tp
+	srlx	$car1,32,$car1
+	and	$car0,1,$sbit
+	srlx	$car0,1,$car0
+
+	cmp	$tmp0,$num			! i<num-1
+	bl	%icc,.Lsqr_outer
+	mov	4,$j
+
+.Lsqr_last:
+	mulx	$npj,$mul1,$acc1
+	add	$tpj,$car1,$car1
+	add	$j,4,$j
+	ld	[$tp+8],$tpj
+	cmp	$j,$i
+	add	$acc1,$car1,$car1
+	ld	[$np+$j],$npj
+	st	$car1,[$tp]
+	srlx	$car1,32,$car1
+	bl	%icc,.Lsqr_last
+	add	$tp,4,$tp
+!.Lsqr_last
+
+	mulx	$npj,$mul1,$acc1
+	add	$tpj,$car1,$car1
+	add	$acc0,$car1,$car1
+	add	$acc1,$car1,$car1
+	st	$car1,[$tp]
+	srlx	$car1,32,$car1
+
+	add	$car0,$car0,$car0		! recover $car0
+	or	$sbit,$car0,$car0
+	add	$car0,$car1,$car1
+	add	$car2,$car1,$car1
+	st	$car1,[$tp+4]
+	srlx	$car1,32,$car2
+
+	ba	.Ltail
+	add	$tp,8,$tp
+.type	$fname,#function
+.size	$fname,(.-$fname)
+.asciz	"Montgomery Multipltication for SPARCv9, CRYPTOGAMS by <appro\@openssl.org>"
+.align	32
+___
+$code =~ s/\`([^\`]*)\`/eval($1)/gem;
+print $code;
+close STDOUT;
diff --git a/crypto/bn/asm/sparcv9a-mont.pl b/crypto/bn/asm/sparcv9a-mont.pl
new file mode 100755
index 0000000000..a14205f2f0
--- /dev/null
+++ b/crypto/bn/asm/sparcv9a-mont.pl
@@ -0,0 +1,882 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# October 2005
+#
+# "Teaser" Montgomery multiplication module for UltraSPARC. Why FPU?
+# Because unlike integer multiplier, which simply stalls whole CPU,
+# FPU is fully pipelined and can effectively emit 48 bit partial
+# product every cycle. Why not blended SPARC v9? One can argue that
+# making this module dependent on UltraSPARC VIS extension limits its
+# binary compatibility. Well yes, it does exclude SPARC64 prior-V(!)
+# implementations from compatibility matrix. But the rest, whole Sun
+# UltraSPARC family and brand new Fujitsu's SPARC64 V, all support
+# VIS extension instructions used in this module. This is considered
+# good enough to not care about HAL SPARC64 users [if any] who have
+# integer-only pure SPARCv9 module to "fall down" to.
+
+# USI&II cores currently exhibit uniform 2x improvement [over pre-
+# bn_mul_mont codebase] for all key lengths and benchmarks. On USIII
+# performance improves few percents for shorter keys and worsens few
+# percents for longer keys. This is because USIII integer multiplier
+# is >3x faster than USI&II one, which is harder to match [but see
+# TODO list below]. It should also be noted that SPARC64 V features
+# out-of-order execution, which *might* mean that integer multiplier
+# is pipelined, which in turn *might* be impossible to match... On
+# additional note, SPARC64 V implements FP Multiply-Add instruction,
+# which is perfectly usable in this context... In other words, as far
+# as Fujitsu SPARC64 V goes, talk to the author:-)
+
+# The implementation implies following "non-natural" limitations on
+# input arguments:
+# - num may not be less than 4;
+# - num has to be even;
+# Failure to meet either condition has no fatal effects, simply
+# doesn't give any performance gain.
+
+# TODO:
+# - modulo-schedule inner loop for better performance (on in-order
+#   execution core such as UltraSPARC this shall result in further
+#   noticeable(!) improvement);
+# - dedicated squaring procedure[?];
+
+######################################################################
+# November 2006
+#
+# Modulo-scheduled inner loops allow to interleave floating point and
+# integer instructions and minimize Read-After-Write penalties. This
+# results in *further* 20-50% perfromance improvement [depending on
+# key length, more for longer keys] on USI&II cores and 30-80% - on
+# USIII&IV.
+
+$fname="bn_mul_mont_fpu";
+$bits=32;
+for (@ARGV) { $bits=64 if (/\-m64/ || /\-xarch\=v9/); }
+
+if ($bits==64) {
+	$bias=2047;
+	$frame=192;
+} else {
+	$bias=0;
+	$frame=128;	# 96 rounded up to largest known cache-line
+}
+$locals=64;
+
+# In order to provide for 32-/64-bit ABI duality, I keep integers wider
+# than 32 bit in %g1-%g4 and %o0-%o5. %l0-%l7 and %i0-%i5 are used
+# exclusively for pointers, indexes and other small values...
+# int bn_mul_mont(
+$rp="%i0";	# BN_ULONG *rp,
+$ap="%i1";	# const BN_ULONG *ap,
+$bp="%i2";	# const BN_ULONG *bp,
+$np="%i3";	# const BN_ULONG *np,
+$n0="%i4";	# const BN_ULONG *n0,
+$num="%i5";	# int num);
+
+$tp="%l0";	# t[num]
+$ap_l="%l1";	# a[num],n[num] are smashed to 32-bit words and saved
+$ap_h="%l2";	# to these four vectors as double-precision FP values.
+$np_l="%l3";	# This way a bunch of fxtods are eliminated in second
+$np_h="%l4";	# loop and L1-cache aliasing is minimized...
+$i="%l5";
+$j="%l6";
+$mask="%l7";	# 16-bit mask, 0xffff
+
+$n0="%g4";	# reassigned(!) to "64-bit" register
+$carry="%i4";	# %i4 reused(!) for a carry bit
+
+# FP register naming chart
+#
+#     ..HILO
+#       dcba
+#   --------
+#        LOa
+#       LOb
+#      LOc
+#     LOd
+#      HIa
+#     HIb
+#    HIc
+#   HId
+#    ..a
+#   ..b
+$ba="%f0";    $bb="%f2";    $bc="%f4";    $bd="%f6";
+$na="%f8";    $nb="%f10";   $nc="%f12";   $nd="%f14";
+$alo="%f16";  $alo_="%f17"; $ahi="%f18";  $ahi_="%f19";
+$nlo="%f20";  $nlo_="%f21"; $nhi="%f22";  $nhi_="%f23";
+
+$dota="%f24"; $dotb="%f26";
+
+$aloa="%f32"; $alob="%f34"; $aloc="%f36"; $alod="%f38";
+$ahia="%f40"; $ahib="%f42"; $ahic="%f44"; $ahid="%f46";
+$nloa="%f48"; $nlob="%f50"; $nloc="%f52"; $nlod="%f54";
+$nhia="%f56"; $nhib="%f58"; $nhic="%f60"; $nhid="%f62";
+
+$ASI_FL16_P=0xD2;	# magic ASI value to engage 16-bit FP load
+
+$code=<<___;
+.section	".text",#alloc,#execinstr
+
+.global $fname
+.align  32
+$fname:
+	save	%sp,-$frame-$locals,%sp
+
+	cmp	$num,4
+	bl,a,pn %icc,.Lret
+	clr	%i0
+	andcc	$num,1,%g0		! $num has to be even...
+	bnz,a,pn %icc,.Lret
+	clr	%i0			! signal "unsupported input value"
+
+	srl	$num,1,$num
+	sethi	%hi(0xffff),$mask
+	ld	[%i4+0],$n0		! $n0 reassigned, remember?
+	or	$mask,%lo(0xffff),$mask
+	ld	[%i4+4],%o0
+	sllx	%o0,32,%o0
+	or	%o0,$n0,$n0		! $n0=n0[1].n0[0]
+
+	sll	$num,3,$num		! num*=8
+
+	add	%sp,$bias,%o0		! real top of stack
+	sll	$num,2,%o1
+	add	%o1,$num,%o1		! %o1=num*5
+	sub	%o0,%o1,%o0
+	and	%o0,-2048,%o0		! optimize TLB utilization
+	sub	%o0,$bias,%sp		! alloca(5*num*8)
+
+	rd	%asi,%o7		! save %asi
+	add	%sp,$bias+$frame+$locals,$tp
+	add	$tp,$num,$ap_l
+	add	$ap_l,$num,$ap_l	! [an]p_[lh] point at the vectors' ends !
+	add	$ap_l,$num,$ap_h
+	add	$ap_h,$num,$np_l
+	add	$np_l,$num,$np_h
+
+	wr	%g0,$ASI_FL16_P,%asi	! setup %asi for 16-bit FP loads
+
+	add	$rp,$num,$rp		! readjust input pointers to point
+	add	$ap,$num,$ap		! at the ends too...
+	add	$bp,$num,$bp
+	add	$np,$num,$np
+
+	stx	%o7,[%sp+$bias+$frame+48]	! save %asi
+
+	sub	%g0,$num,$i		! i=-num
+	sub	%g0,$num,$j		! j=-num
+
+	add	$ap,$j,%o3
+	add	$bp,$i,%o4
+
+	ld	[%o3+4],%g1		! bp[0]
+	ld	[%o3+0],%o0
+	ld	[%o4+4],%g5		! ap[0]
+	sllx	%g1,32,%g1
+	ld	[%o4+0],%o1
+	sllx	%g5,32,%g5
+	or	%g1,%o0,%o0
+	or	%g5,%o1,%o1
+
+	add	$np,$j,%o5
+
+	mulx	%o1,%o0,%o0		! ap[0]*bp[0]
+	mulx	$n0,%o0,%o0		! ap[0]*bp[0]*n0
+	stx	%o0,[%sp+$bias+$frame+0]
+
+	ld	[%o3+0],$alo_	! load a[j] as pair of 32-bit words
+	fzeros	$alo
+	ld	[%o3+4],$ahi_
+	fzeros	$ahi
+	ld	[%o5+0],$nlo_	! load n[j] as pair of 32-bit words
+	fzeros	$nlo
+	ld	[%o5+4],$nhi_
+	fzeros	$nhi
+
+	! transfer b[i] to FPU as 4x16-bit values
+	ldda	[%o4+2]%asi,$ba
+	fxtod	$alo,$alo
+	ldda	[%o4+0]%asi,$bb
+	fxtod	$ahi,$ahi
+	ldda	[%o4+6]%asi,$bc
+	fxtod	$nlo,$nlo
+	ldda	[%o4+4]%asi,$bd
+	fxtod	$nhi,$nhi
+
+	! transfer ap[0]*b[0]*n0 to FPU as 4x16-bit values
+	ldda	[%sp+$bias+$frame+6]%asi,$na
+	fxtod	$ba,$ba
+	ldda	[%sp+$bias+$frame+4]%asi,$nb
+	fxtod	$bb,$bb
+	ldda	[%sp+$bias+$frame+2]%asi,$nc
+	fxtod	$bc,$bc
+	ldda	[%sp+$bias+$frame+0]%asi,$nd
+	fxtod	$bd,$bd
+
+	std	$alo,[$ap_l+$j]		! save smashed ap[j] in double format
+	fxtod	$na,$na
+	std	$ahi,[$ap_h+$j]
+	fxtod	$nb,$nb
+	std	$nlo,[$np_l+$j]		! save smashed np[j] in double format
+	fxtod	$nc,$nc
+	std	$nhi,[$np_h+$j]
+	fxtod	$nd,$nd
+
+		fmuld	$alo,$ba,$aloa
+		fmuld	$nlo,$na,$nloa
+		fmuld	$alo,$bb,$alob
+		fmuld	$nlo,$nb,$nlob
+		fmuld	$alo,$bc,$aloc
+	faddd	$aloa,$nloa,$nloa
+		fmuld	$nlo,$nc,$nloc
+		fmuld	$alo,$bd,$alod
+	faddd	$alob,$nlob,$nlob
+		fmuld	$nlo,$nd,$nlod
+		fmuld	$ahi,$ba,$ahia
+	faddd	$aloc,$nloc,$nloc
+		fmuld	$nhi,$na,$nhia
+		fmuld	$ahi,$bb,$ahib
+	faddd	$alod,$nlod,$nlod
+		fmuld	$nhi,$nb,$nhib
+		fmuld	$ahi,$bc,$ahic
+	faddd	$ahia,$nhia,$nhia
+		fmuld	$nhi,$nc,$nhic
+		fmuld	$ahi,$bd,$ahid
+	faddd	$ahib,$nhib,$nhib
+		fmuld	$nhi,$nd,$nhid
+
+	faddd	$ahic,$nhic,$dota	! $nhic
+	faddd	$ahid,$nhid,$dotb	! $nhid
+
+	faddd	$nloc,$nhia,$nloc
+	faddd	$nlod,$nhib,$nlod
+
+	fdtox	$nloa,$nloa
+	fdtox	$nlob,$nlob
+	fdtox	$nloc,$nloc
+	fdtox	$nlod,$nlod
+
+	std	$nloa,[%sp+$bias+$frame+0]
+	add	$j,8,$j
+	std	$nlob,[%sp+$bias+$frame+8]
+	add	$ap,$j,%o4
+	std	$nloc,[%sp+$bias+$frame+16]
+	add	$np,$j,%o5
+	std	$nlod,[%sp+$bias+$frame+24]
+
+	ld	[%o4+0],$alo_	! load a[j] as pair of 32-bit words
+	fzeros	$alo
+	ld	[%o4+4],$ahi_
+	fzeros	$ahi
+	ld	[%o5+0],$nlo_	! load n[j] as pair of 32-bit words
+	fzeros	$nlo
+	ld	[%o5+4],$nhi_
+	fzeros	$nhi
+
+	fxtod	$alo,$alo
+	fxtod	$ahi,$ahi
+	fxtod	$nlo,$nlo
+	fxtod	$nhi,$nhi
+
+	ldx	[%sp+$bias+$frame+0],%o0
+		fmuld	$alo,$ba,$aloa
+	ldx	[%sp+$bias+$frame+8],%o1
+		fmuld	$nlo,$na,$nloa
+	ldx	[%sp+$bias+$frame+16],%o2
+		fmuld	$alo,$bb,$alob
+	ldx	[%sp+$bias+$frame+24],%o3
+		fmuld	$nlo,$nb,$nlob
+
+	srlx	%o0,16,%o7
+	std	$alo,[$ap_l+$j]		! save smashed ap[j] in double format
+		fmuld	$alo,$bc,$aloc
+	add	%o7,%o1,%o1
+	std	$ahi,[$ap_h+$j]
+		faddd	$aloa,$nloa,$nloa
+		fmuld	$nlo,$nc,$nloc
+	srlx	%o1,16,%o7
+	std	$nlo,[$np_l+$j]		! save smashed np[j] in double format
+		fmuld	$alo,$bd,$alod
+	add	%o7,%o2,%o2
+	std	$nhi,[$np_h+$j]
+		faddd	$alob,$nlob,$nlob
+		fmuld	$nlo,$nd,$nlod
+	srlx	%o2,16,%o7
+		fmuld	$ahi,$ba,$ahia
+	add	%o7,%o3,%o3		! %o3.%o2[0..15].%o1[0..15].%o0[0..15]
+		faddd	$aloc,$nloc,$nloc
+		fmuld	$nhi,$na,$nhia
+	!and	%o0,$mask,%o0
+	!and	%o1,$mask,%o1
+	!and	%o2,$mask,%o2
+	!sllx	%o1,16,%o1
+	!sllx	%o2,32,%o2
+	!sllx	%o3,48,%o7
+	!or	%o1,%o0,%o0
+	!or	%o2,%o0,%o0
+	!or	%o7,%o0,%o0		! 64-bit result
+	srlx	%o3,16,%g1		! 34-bit carry
+		fmuld	$ahi,$bb,$ahib
+
+	faddd	$alod,$nlod,$nlod
+		fmuld	$nhi,$nb,$nhib
+		fmuld	$ahi,$bc,$ahic
+	faddd	$ahia,$nhia,$nhia
+		fmuld	$nhi,$nc,$nhic
+		fmuld	$ahi,$bd,$ahid
+	faddd	$ahib,$nhib,$nhib
+		fmuld	$nhi,$nd,$nhid
+
+	faddd	$dota,$nloa,$nloa
+	faddd	$dotb,$nlob,$nlob
+	faddd	$ahic,$nhic,$dota	! $nhic
+	faddd	$ahid,$nhid,$dotb	! $nhid
+
+	faddd	$nloc,$nhia,$nloc
+	faddd	$nlod,$nhib,$nlod
+
+	fdtox	$nloa,$nloa
+	fdtox	$nlob,$nlob
+	fdtox	$nloc,$nloc
+	fdtox	$nlod,$nlod
+
+	std	$nloa,[%sp+$bias+$frame+0]
+	std	$nlob,[%sp+$bias+$frame+8]
+	addcc	$j,8,$j
+	std	$nloc,[%sp+$bias+$frame+16]
+	bz,pn	%icc,.L1stskip
+	std	$nlod,[%sp+$bias+$frame+24]
+
+.align	32			! incidentally already aligned !
+.L1st:
+	add	$ap,$j,%o4
+	add	$np,$j,%o5
+	ld	[%o4+0],$alo_	! load a[j] as pair of 32-bit words
+	fzeros	$alo
+	ld	[%o4+4],$ahi_
+	fzeros	$ahi
+	ld	[%o5+0],$nlo_	! load n[j] as pair of 32-bit words
+	fzeros	$nlo
+	ld	[%o5+4],$nhi_
+	fzeros	$nhi
+
+	fxtod	$alo,$alo
+	fxtod	$ahi,$ahi
+	fxtod	$nlo,$nlo
+	fxtod	$nhi,$nhi
+
+	ldx	[%sp+$bias+$frame+0],%o0
+		fmuld	$alo,$ba,$aloa
+	ldx	[%sp+$bias+$frame+8],%o1
+		fmuld	$nlo,$na,$nloa
+	ldx	[%sp+$bias+$frame+16],%o2
+		fmuld	$alo,$bb,$alob
+	ldx	[%sp+$bias+$frame+24],%o3
+		fmuld	$nlo,$nb,$nlob
+
+	srlx	%o0,16,%o7
+	std	$alo,[$ap_l+$j]		! save smashed ap[j] in double format
+		fmuld	$alo,$bc,$aloc
+	add	%o7,%o1,%o1
+	std	$ahi,[$ap_h+$j]
+		faddd	$aloa,$nloa,$nloa
+		fmuld	$nlo,$nc,$nloc
+	srlx	%o1,16,%o7
+	std	$nlo,[$np_l+$j]		! save smashed np[j] in double format
+		fmuld	$alo,$bd,$alod
+	add	%o7,%o2,%o2
+	std	$nhi,[$np_h+$j]
+		faddd	$alob,$nlob,$nlob
+		fmuld	$nlo,$nd,$nlod
+	srlx	%o2,16,%o7
+		fmuld	$ahi,$ba,$ahia
+	add	%o7,%o3,%o3		! %o3.%o2[0..15].%o1[0..15].%o0[0..15]
+	and	%o0,$mask,%o0
+		faddd	$aloc,$nloc,$nloc
+		fmuld	$nhi,$na,$nhia
+	and	%o1,$mask,%o1
+	and	%o2,$mask,%o2
+		fmuld	$ahi,$bb,$ahib
+	sllx	%o1,16,%o1
+		faddd	$alod,$nlod,$nlod
+		fmuld	$nhi,$nb,$nhib
+	sllx	%o2,32,%o2
+		fmuld	$ahi,$bc,$ahic
+	sllx	%o3,48,%o7
+	or	%o1,%o0,%o0
+		faddd	$ahia,$nhia,$nhia
+		fmuld	$nhi,$nc,$nhic
+	or	%o2,%o0,%o0
+		fmuld	$ahi,$bd,$ahid
+	or	%o7,%o0,%o0		! 64-bit result
+		faddd	$ahib,$nhib,$nhib
+		fmuld	$nhi,$nd,$nhid
+	addcc	%g1,%o0,%o0
+		faddd	$dota,$nloa,$nloa
+	srlx	%o3,16,%g1		! 34-bit carry
+		faddd	$dotb,$nlob,$nlob
+	bcs,a	%xcc,.+8
+	add	%g1,1,%g1
+
+	stx	%o0,[$tp]		! tp[j-1]=
+
+	faddd	$ahic,$nhic,$dota	! $nhic
+	faddd	$ahid,$nhid,$dotb	! $nhid
+
+	faddd	$nloc,$nhia,$nloc
+	faddd	$nlod,$nhib,$nlod
+
+	fdtox	$nloa,$nloa
+	fdtox	$nlob,$nlob
+	fdtox	$nloc,$nloc
+	fdtox	$nlod,$nlod
+
+	std	$nloa,[%sp+$bias+$frame+0]
+	std	$nlob,[%sp+$bias+$frame+8]
+	std	$nloc,[%sp+$bias+$frame+16]
+	std	$nlod,[%sp+$bias+$frame+24]
+
+	addcc	$j,8,$j
+	bnz,pt	%icc,.L1st
+	add	$tp,8,$tp
+
+.L1stskip:
+	fdtox	$dota,$dota
+	fdtox	$dotb,$dotb
+
+	ldx	[%sp+$bias+$frame+0],%o0
+	ldx	[%sp+$bias+$frame+8],%o1
+	ldx	[%sp+$bias+$frame+16],%o2
+	ldx	[%sp+$bias+$frame+24],%o3
+
+	srlx	%o0,16,%o7
+	std	$dota,[%sp+$bias+$frame+32]
+	add	%o7,%o1,%o1
+	std	$dotb,[%sp+$bias+$frame+40]
+	srlx	%o1,16,%o7
+	add	%o7,%o2,%o2
+	srlx	%o2,16,%o7
+	add	%o7,%o3,%o3		! %o3.%o2[0..15].%o1[0..15].%o0[0..15]
+	and	%o0,$mask,%o0
+	and	%o1,$mask,%o1
+	and	%o2,$mask,%o2
+	sllx	%o1,16,%o1
+	sllx	%o2,32,%o2
+	sllx	%o3,48,%o7
+	or	%o1,%o0,%o0
+	or	%o2,%o0,%o0
+	or	%o7,%o0,%o0		! 64-bit result
+	ldx	[%sp+$bias+$frame+32],%o4
+	addcc	%g1,%o0,%o0
+	ldx	[%sp+$bias+$frame+40],%o5
+	srlx	%o3,16,%g1		! 34-bit carry
+	bcs,a	%xcc,.+8
+	add	%g1,1,%g1
+
+	stx	%o0,[$tp]		! tp[j-1]=
+	add	$tp,8,$tp
+
+	srlx	%o4,16,%o7
+	add	%o7,%o5,%o5
+	and	%o4,$mask,%o4
+	sllx	%o5,16,%o7
+	or	%o7,%o4,%o4
+	addcc	%g1,%o4,%o4
+	srlx	%o5,48,%g1
+	bcs,a	%xcc,.+8
+	add	%g1,1,%g1
+
+	mov	%g1,$carry
+	stx	%o4,[$tp]		! tp[num-1]=
+
+	ba	.Louter
+	add	$i,8,$i
+.align	32
+.Louter:
+	sub	%g0,$num,$j		! j=-num
+	add	%sp,$bias+$frame+$locals,$tp
+
+	add	$ap,$j,%o3
+	add	$bp,$i,%o4
+
+	ld	[%o3+4],%g1		! bp[i]
+	ld	[%o3+0],%o0
+	ld	[%o4+4],%g5		! ap[0]
+	sllx	%g1,32,%g1
+	ld	[%o4+0],%o1
+	sllx	%g5,32,%g5
+	or	%g1,%o0,%o0
+	or	%g5,%o1,%o1
+
+	ldx	[$tp],%o2		! tp[0]
+	mulx	%o1,%o0,%o0
+	addcc	%o2,%o0,%o0
+	mulx	$n0,%o0,%o0		! (ap[0]*bp[i]+t[0])*n0
+	stx	%o0,[%sp+$bias+$frame+0]
+
+	! transfer b[i] to FPU as 4x16-bit values
+	ldda	[%o4+2]%asi,$ba
+	ldda	[%o4+0]%asi,$bb
+	ldda	[%o4+6]%asi,$bc
+	ldda	[%o4+4]%asi,$bd
+
+	! transfer (ap[0]*b[i]+t[0])*n0 to FPU as 4x16-bit values
+	ldda	[%sp+$bias+$frame+6]%asi,$na
+	fxtod	$ba,$ba
+	ldda	[%sp+$bias+$frame+4]%asi,$nb
+	fxtod	$bb,$bb
+	ldda	[%sp+$bias+$frame+2]%asi,$nc
+	fxtod	$bc,$bc
+	ldda	[%sp+$bias+$frame+0]%asi,$nd
+	fxtod	$bd,$bd
+	ldd	[$ap_l+$j],$alo		! load a[j] in double format
+	fxtod	$na,$na
+	ldd	[$ap_h+$j],$ahi
+	fxtod	$nb,$nb
+	ldd	[$np_l+$j],$nlo		! load n[j] in double format
+	fxtod	$nc,$nc
+	ldd	[$np_h+$j],$nhi
+	fxtod	$nd,$nd
+
+		fmuld	$alo,$ba,$aloa
+		fmuld	$nlo,$na,$nloa
+		fmuld	$alo,$bb,$alob
+		fmuld	$nlo,$nb,$nlob
+		fmuld	$alo,$bc,$aloc
+	faddd	$aloa,$nloa,$nloa
+		fmuld	$nlo,$nc,$nloc
+		fmuld	$alo,$bd,$alod
+	faddd	$alob,$nlob,$nlob
+		fmuld	$nlo,$nd,$nlod
+		fmuld	$ahi,$ba,$ahia
+	faddd	$aloc,$nloc,$nloc
+		fmuld	$nhi,$na,$nhia
+		fmuld	$ahi,$bb,$ahib
+	faddd	$alod,$nlod,$nlod
+		fmuld	$nhi,$nb,$nhib
+		fmuld	$ahi,$bc,$ahic
+	faddd	$ahia,$nhia,$nhia
+		fmuld	$nhi,$nc,$nhic
+		fmuld	$ahi,$bd,$ahid
+	faddd	$ahib,$nhib,$nhib
+		fmuld	$nhi,$nd,$nhid
+
+	faddd	$ahic,$nhic,$dota	! $nhic
+	faddd	$ahid,$nhid,$dotb	! $nhid
+
+	faddd	$nloc,$nhia,$nloc
+	faddd	$nlod,$nhib,$nlod
+
+	fdtox	$nloa,$nloa
+	fdtox	$nlob,$nlob
+	fdtox	$nloc,$nloc
+	fdtox	$nlod,$nlod
+
+	std	$nloa,[%sp+$bias+$frame+0]
+	std	$nlob,[%sp+$bias+$frame+8]
+	std	$nloc,[%sp+$bias+$frame+16]
+	add	$j,8,$j
+	std	$nlod,[%sp+$bias+$frame+24]
+
+	ldd	[$ap_l+$j],$alo		! load a[j] in double format
+	ldd	[$ap_h+$j],$ahi
+	ldd	[$np_l+$j],$nlo		! load n[j] in double format
+	ldd	[$np_h+$j],$nhi
+
+		fmuld	$alo,$ba,$aloa
+		fmuld	$nlo,$na,$nloa
+		fmuld	$alo,$bb,$alob
+		fmuld	$nlo,$nb,$nlob
+		fmuld	$alo,$bc,$aloc
+	ldx	[%sp+$bias+$frame+0],%o0
+		faddd	$aloa,$nloa,$nloa
+		fmuld	$nlo,$nc,$nloc
+	ldx	[%sp+$bias+$frame+8],%o1
+		fmuld	$alo,$bd,$alod
+	ldx	[%sp+$bias+$frame+16],%o2
+		faddd	$alob,$nlob,$nlob
+		fmuld	$nlo,$nd,$nlod
+	ldx	[%sp+$bias+$frame+24],%o3
+		fmuld	$ahi,$ba,$ahia
+
+	srlx	%o0,16,%o7
+		faddd	$aloc,$nloc,$nloc
+		fmuld	$nhi,$na,$nhia
+	add	%o7,%o1,%o1
+		fmuld	$ahi,$bb,$ahib
+	srlx	%o1,16,%o7
+		faddd	$alod,$nlod,$nlod
+		fmuld	$nhi,$nb,$nhib
+	add	%o7,%o2,%o2
+		fmuld	$ahi,$bc,$ahic
+	srlx	%o2,16,%o7
+		faddd	$ahia,$nhia,$nhia
+		fmuld	$nhi,$nc,$nhic
+	add	%o7,%o3,%o3		! %o3.%o2[0..15].%o1[0..15].%o0[0..15]
+	! why?
+	and	%o0,$mask,%o0
+		fmuld	$ahi,$bd,$ahid
+	and	%o1,$mask,%o1
+	and	%o2,$mask,%o2
+		faddd	$ahib,$nhib,$nhib
+		fmuld	$nhi,$nd,$nhid
+	sllx	%o1,16,%o1
+		faddd	$dota,$nloa,$nloa
+	sllx	%o2,32,%o2
+		faddd	$dotb,$nlob,$nlob
+	sllx	%o3,48,%o7
+	or	%o1,%o0,%o0
+		faddd	$ahic,$nhic,$dota	! $nhic
+	or	%o2,%o0,%o0
+		faddd	$ahid,$nhid,$dotb	! $nhid
+	or	%o7,%o0,%o0		! 64-bit result
+	ldx	[$tp],%o7
+		faddd	$nloc,$nhia,$nloc
+	addcc	%o7,%o0,%o0
+	! end-of-why?
+		faddd	$nlod,$nhib,$nlod
+	srlx	%o3,16,%g1		! 34-bit carry
+		fdtox	$nloa,$nloa
+	bcs,a	%xcc,.+8
+	add	%g1,1,%g1
+
+	fdtox	$nlob,$nlob
+	fdtox	$nloc,$nloc
+	fdtox	$nlod,$nlod
+
+	std	$nloa,[%sp+$bias+$frame+0]
+	std	$nlob,[%sp+$bias+$frame+8]
+	addcc	$j,8,$j
+	std	$nloc,[%sp+$bias+$frame+16]
+	bz,pn	%icc,.Linnerskip
+	std	$nlod,[%sp+$bias+$frame+24]
+
+	ba	.Linner
+	nop
+.align	32
+.Linner:
+	ldd	[$ap_l+$j],$alo		! load a[j] in double format
+	ldd	[$ap_h+$j],$ahi
+	ldd	[$np_l+$j],$nlo		! load n[j] in double format
+	ldd	[$np_h+$j],$nhi
+
+		fmuld	$alo,$ba,$aloa
+		fmuld	$nlo,$na,$nloa
+		fmuld	$alo,$bb,$alob
+		fmuld	$nlo,$nb,$nlob
+		fmuld	$alo,$bc,$aloc
+	ldx	[%sp+$bias+$frame+0],%o0
+		faddd	$aloa,$nloa,$nloa
+		fmuld	$nlo,$nc,$nloc
+	ldx	[%sp+$bias+$frame+8],%o1
+		fmuld	$alo,$bd,$alod
+	ldx	[%sp+$bias+$frame+16],%o2
+		faddd	$alob,$nlob,$nlob
+		fmuld	$nlo,$nd,$nlod
+	ldx	[%sp+$bias+$frame+24],%o3
+		fmuld	$ahi,$ba,$ahia
+
+	srlx	%o0,16,%o7
+		faddd	$aloc,$nloc,$nloc
+		fmuld	$nhi,$na,$nhia
+	add	%o7,%o1,%o1
+		fmuld	$ahi,$bb,$ahib
+	srlx	%o1,16,%o7
+		faddd	$alod,$nlod,$nlod
+		fmuld	$nhi,$nb,$nhib
+	add	%o7,%o2,%o2
+		fmuld	$ahi,$bc,$ahic
+	srlx	%o2,16,%o7
+		faddd	$ahia,$nhia,$nhia
+		fmuld	$nhi,$nc,$nhic
+	add	%o7,%o3,%o3		! %o3.%o2[0..15].%o1[0..15].%o0[0..15]
+	and	%o0,$mask,%o0
+		fmuld	$ahi,$bd,$ahid
+	and	%o1,$mask,%o1
+	and	%o2,$mask,%o2
+		faddd	$ahib,$nhib,$nhib
+		fmuld	$nhi,$nd,$nhid
+	sllx	%o1,16,%o1
+		faddd	$dota,$nloa,$nloa
+	sllx	%o2,32,%o2
+		faddd	$dotb,$nlob,$nlob
+	sllx	%o3,48,%o7
+	or	%o1,%o0,%o0
+		faddd	$ahic,$nhic,$dota	! $nhic
+	or	%o2,%o0,%o0
+		faddd	$ahid,$nhid,$dotb	! $nhid
+	or	%o7,%o0,%o0		! 64-bit result
+		faddd	$nloc,$nhia,$nloc
+	addcc	%g1,%o0,%o0
+	ldx	[$tp+8],%o7		! tp[j]
+		faddd	$nlod,$nhib,$nlod
+	srlx	%o3,16,%g1		! 34-bit carry
+		fdtox	$nloa,$nloa
+	bcs,a	%xcc,.+8
+	add	%g1,1,%g1
+		fdtox	$nlob,$nlob
+	addcc	%o7,%o0,%o0
+		fdtox	$nloc,$nloc
+	bcs,a	%xcc,.+8
+	add	%g1,1,%g1
+
+	stx	%o0,[$tp]		! tp[j-1]
+		fdtox	$nlod,$nlod
+
+	std	$nloa,[%sp+$bias+$frame+0]
+	std	$nlob,[%sp+$bias+$frame+8]
+	std	$nloc,[%sp+$bias+$frame+16]
+	addcc	$j,8,$j
+	std	$nlod,[%sp+$bias+$frame+24]
+	bnz,pt	%icc,.Linner
+	add	$tp,8,$tp
+
+.Linnerskip:
+	fdtox	$dota,$dota
+	fdtox	$dotb,$dotb
+
+	ldx	[%sp+$bias+$frame+0],%o0
+	ldx	[%sp+$bias+$frame+8],%o1
+	ldx	[%sp+$bias+$frame+16],%o2
+	ldx	[%sp+$bias+$frame+24],%o3
+
+	srlx	%o0,16,%o7
+	std	$dota,[%sp+$bias+$frame+32]
+	add	%o7,%o1,%o1
+	std	$dotb,[%sp+$bias+$frame+40]
+	srlx	%o1,16,%o7
+	add	%o7,%o2,%o2
+	srlx	%o2,16,%o7
+	add	%o7,%o3,%o3		! %o3.%o2[0..15].%o1[0..15].%o0[0..15]
+	and	%o0,$mask,%o0
+	and	%o1,$mask,%o1
+	and	%o2,$mask,%o2
+	sllx	%o1,16,%o1
+	sllx	%o2,32,%o2
+	sllx	%o3,48,%o7
+	or	%o1,%o0,%o0
+	or	%o2,%o0,%o0
+	ldx	[%sp+$bias+$frame+32],%o4
+	or	%o7,%o0,%o0		! 64-bit result
+	ldx	[%sp+$bias+$frame+40],%o5
+	addcc	%g1,%o0,%o0
+	ldx	[$tp+8],%o7		! tp[j]
+	srlx	%o3,16,%g1		! 34-bit carry
+	bcs,a	%xcc,.+8
+	add	%g1,1,%g1
+
+	addcc	%o7,%o0,%o0
+	bcs,a	%xcc,.+8
+	add	%g1,1,%g1
+
+	stx	%o0,[$tp]		! tp[j-1]
+	add	$tp,8,$tp
+
+	srlx	%o4,16,%o7
+	add	%o7,%o5,%o5
+	and	%o4,$mask,%o4
+	sllx	%o5,16,%o7
+	or	%o7,%o4,%o4
+	addcc	%g1,%o4,%o4
+	srlx	%o5,48,%g1
+	bcs,a	%xcc,.+8
+	add	%g1,1,%g1
+
+	addcc	$carry,%o4,%o4
+	stx	%o4,[$tp]		! tp[num-1]
+	mov	%g1,$carry
+	bcs,a	%xcc,.+8
+	add	$carry,1,$carry
+
+	addcc	$i,8,$i
+	bnz	%icc,.Louter
+	nop
+
+	add	$tp,8,$tp		! adjust tp to point at the end
+	orn	%g0,%g0,%g4
+	sub	%g0,$num,%o7		! n=-num
+	ba	.Lsub
+	subcc	%g0,%g0,%g0		! clear %icc.c
+
+.align	32
+.Lsub:
+	ldx	[$tp+%o7],%o0
+	add	$np,%o7,%g1
+	ld	[%g1+0],%o2
+	ld	[%g1+4],%o3
+	srlx	%o0,32,%o1
+	subccc	%o0,%o2,%o2
+	add	$rp,%o7,%g1
+	subccc	%o1,%o3,%o3
+	st	%o2,[%g1+0]
+	add	%o7,8,%o7
+	brnz,pt	%o7,.Lsub
+	st	%o3,[%g1+4]
+	subc	$carry,0,%g4
+	sub	%g0,$num,%o7		! n=-num
+	ba	.Lcopy
+	nop
+
+.align	32
+.Lcopy:
+	ldx	[$tp+%o7],%o0
+	add	$rp,%o7,%g1
+	ld	[%g1+0],%o2
+	ld	[%g1+4],%o3
+	stx	%g0,[$tp+%o7]
+	and	%o0,%g4,%o0
+	srlx	%o0,32,%o1
+	andn	%o2,%g4,%o2
+	andn	%o3,%g4,%o3
+	or	%o2,%o0,%o0
+	or	%o3,%o1,%o1
+	st	%o0,[%g1+0]
+	add	%o7,8,%o7
+	brnz,pt	%o7,.Lcopy
+	st	%o1,[%g1+4]
+	sub	%g0,$num,%o7		! n=-num
+
+.Lzap:
+	stx	%g0,[$ap_l+%o7]
+	stx	%g0,[$ap_h+%o7]
+	stx	%g0,[$np_l+%o7]
+	stx	%g0,[$np_h+%o7]
+	add	%o7,8,%o7
+	brnz,pt	%o7,.Lzap
+	nop
+
+	ldx	[%sp+$bias+$frame+48],%o7
+	wr	%g0,%o7,%asi		! restore %asi
+
+	mov	1,%i0
+.Lret:
+	ret
+	restore
+.type   $fname,#function
+.size	$fname,(.-$fname)
+.asciz	"Montgomery Multipltication for UltraSPARC, CRYPTOGAMS by <appro\@openssl.org>"
+.align	32
+___
+
+$code =~ s/\`([^\`]*)\`/eval($1)/gem;
+
+# Below substitution makes it possible to compile without demanding
+# VIS extentions on command line, e.g. -xarch=v9 vs. -xarch=v9a. I
+# dare to do this, because VIS capability is detected at run-time now
+# and this routine is not called on CPU not capable to execute it. Do
+# note that fzeros is not the only VIS dependency! Another dependency
+# is implicit and is just _a_ numerical value loaded to %asi register,
+# which assembler can't recognize as VIS specific...
+$code =~ s/fzeros\s+%f([0-9]+)/
+	   sprintf(".word\t0x%x\t! fzeros %%f%d",0x81b00c20|($1<<25),$1)
+	  /gem;
+
+print $code;
+# flush
+close STDOUT;
diff --git a/crypto/bn/asm/via-mont.pl b/crypto/bn/asm/via-mont.pl
new file mode 100644
index 0000000000..c046a514c8
--- /dev/null
+++ b/crypto/bn/asm/via-mont.pl
@@ -0,0 +1,242 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+#
+# Wrapper around 'rep montmul', VIA-specific instruction accessing
+# PadLock Montgomery Multiplier. The wrapper is designed as drop-in
+# replacement for OpenSSL bn_mul_mont [first implemented in 0.9.9].
+#
+# Below are interleaved outputs from 'openssl speed rsa dsa' for 4
+# different software configurations on 1.5GHz VIA Esther processor.
+# Lines marked with "software integer" denote performance of hand-
+# coded integer-only assembler found in OpenSSL 0.9.7. "Software SSE2"
+# refers to hand-coded SSE2 Montgomery multiplication procedure found
+# OpenSSL 0.9.9. "Hardware VIA SDK" refers to padlock_pmm routine from
+# Padlock SDK 2.0.1 available for download from VIA, which naturally
+# utilizes the magic 'repz montmul' instruction. And finally "hardware
+# this" refers to *this* implementation which also uses 'repz montmul'
+#
+#                   sign    verify    sign/s verify/s
+# rsa  512 bits 0.001720s 0.000140s    581.4   7149.7	software integer
+# rsa  512 bits 0.000690s 0.000086s   1450.3  11606.0	software SSE2
+# rsa  512 bits 0.006136s 0.000201s    163.0   4974.5	hardware VIA SDK
+# rsa  512 bits 0.000712s 0.000050s   1404.9  19858.5	hardware this
+#
+# rsa 1024 bits 0.008518s 0.000413s    117.4   2420.8	software integer
+# rsa 1024 bits 0.004275s 0.000277s    233.9   3609.7	software SSE2
+# rsa 1024 bits 0.012136s 0.000260s     82.4   3844.5	hardware VIA SDK
+# rsa 1024 bits 0.002522s 0.000116s    396.5   8650.9	hardware this
+#
+# rsa 2048 bits 0.050101s 0.001371s     20.0    729.6	software integer
+# rsa 2048 bits 0.030273s 0.001008s     33.0    991.9	software SSE2
+# rsa 2048 bits 0.030833s 0.000976s     32.4   1025.1	hardware VIA SDK
+# rsa 2048 bits 0.011879s 0.000342s     84.2   2921.7	hardware this
+#
+# rsa 4096 bits 0.327097s 0.004859s      3.1    205.8	software integer
+# rsa 4096 bits 0.229318s 0.003859s      4.4    259.2	software SSE2
+# rsa 4096 bits 0.233953s 0.003274s      4.3    305.4	hardware VIA SDK
+# rsa 4096 bits 0.070493s 0.001166s     14.2    857.6	hardware this
+#
+# dsa  512 bits 0.001342s 0.001651s    745.2    605.7	software integer
+# dsa  512 bits 0.000844s 0.000987s   1185.3   1013.1	software SSE2
+# dsa  512 bits 0.001902s 0.002247s    525.6    444.9	hardware VIA SDK
+# dsa  512 bits 0.000458s 0.000524s   2182.2   1909.1	hardware this
+#
+# dsa 1024 bits 0.003964s 0.004926s    252.3    203.0	software integer
+# dsa 1024 bits 0.002686s 0.003166s    372.3    315.8	software SSE2
+# dsa 1024 bits 0.002397s 0.002823s    417.1    354.3	hardware VIA SDK
+# dsa 1024 bits 0.000978s 0.001170s   1022.2    855.0	hardware this
+#
+# dsa 2048 bits 0.013280s 0.016518s     75.3     60.5	software integer
+# dsa 2048 bits 0.009911s 0.011522s    100.9     86.8	software SSE2
+# dsa 2048 bits 0.009542s 0.011763s    104.8     85.0	hardware VIA SDK
+# dsa 2048 bits 0.002884s 0.003352s    346.8    298.3	hardware this
+#
+# To give you some other reference point here is output for 2.4GHz P4
+# running hand-coded SSE2 bn_mul_mont found in 0.9.9, i.e. "software
+# SSE2" in above terms.
+#
+# rsa  512 bits 0.000407s 0.000047s   2454.2  21137.0
+# rsa 1024 bits 0.002426s 0.000141s    412.1   7100.0
+# rsa 2048 bits 0.015046s 0.000491s     66.5   2034.9
+# rsa 4096 bits 0.109770s 0.002379s      9.1    420.3
+# dsa  512 bits 0.000438s 0.000525s   2281.1   1904.1
+# dsa 1024 bits 0.001346s 0.001595s    742.7    627.0
+# dsa 2048 bits 0.004745s 0.005582s    210.7    179.1
+#
+# Conclusions: 
+# - VIA SDK leaves a *lot* of room for improvement (which this
+#   implementation successfully fills:-);
+# - 'rep montmul' gives up to >3x performance improvement depending on
+#   key length;
+# - in terms of absolute performance it delivers approximately as much
+#   as modern out-of-order 32-bit cores [again, for longer keys].
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+push(@INC,"${dir}","${dir}../../perlasm");
+require "x86asm.pl";
+
+&asm_init($ARGV[0],"via-mont.pl");
+
+# int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, const BN_ULONG *np,const BN_ULONG *n0, int num);
+$func="bn_mul_mont_padlock";
+
+$pad=16*1;	# amount of reserved bytes on top of every vector
+
+# stack layout
+$mZeroPrime=&DWP(0,"esp");		# these are specified by VIA
+$A=&DWP(4,"esp");
+$B=&DWP(8,"esp");
+$T=&DWP(12,"esp");
+$M=&DWP(16,"esp");
+$scratch=&DWP(20,"esp");
+$rp=&DWP(24,"esp");			# these are mine
+$sp=&DWP(28,"esp");
+# &DWP(32,"esp")			# 32 byte scratch area
+# &DWP(64+(4*$num+$pad)*0,"esp")	# padded tp[num]
+# &DWP(64+(4*$num+$pad)*1,"esp")	# padded copy of ap[num]
+# &DWP(64+(4*$num+$pad)*2,"esp")	# padded copy of bp[num]
+# &DWP(64+(4*$num+$pad)*3,"esp")	# padded copy of np[num]
+# Note that SDK suggests to unconditionally allocate 2K per vector. This
+# has quite an impact on performance. It naturally depends on key length,
+# but to give an example 1024 bit private RSA key operations suffer >30%
+# penalty. I allocate only as much as actually required...
+
+&function_begin($func);
+	&xor	("eax","eax");
+	&mov	("ecx",&wparam(5));	# num
+	# meet VIA's limitations for num [note that the specification
+	# expresses them in bits, while we work with amount of 32-bit words]
+	&test	("ecx",3);
+	&jnz	(&label("leave"));	# num % 4 != 0
+	&cmp	("ecx",8);
+	&jb	(&label("leave"));	# num < 8
+	&cmp	("ecx",1024);
+	&ja	(&label("leave"));	# num > 1024
+
+	&pushf	();
+	&cld	();
+
+	&mov	("edi",&wparam(0));	# rp
+	&mov	("eax",&wparam(1));	# ap
+	&mov	("ebx",&wparam(2));	# bp
+	&mov	("edx",&wparam(3));	# np
+	&mov	("esi",&wparam(4));	# n0
+	&mov	("esi",&DWP(0,"esi"));	# *n0
+
+	&lea	("ecx",&DWP($pad,"","ecx",4));	# ecx becomes vector size in bytes
+	&lea	("ebp",&DWP(64,"","ecx",4));	# allocate 4 vectors + 64 bytes
+	&neg	("ebp");
+	&add	("ebp","esp");
+	&and	("ebp",-64);		# align to cache-line
+	&xchg	("ebp","esp");		# alloca
+
+	&mov	($rp,"edi");		# save rp
+	&mov	($sp,"ebp");		# save esp
+
+	&mov	($mZeroPrime,"esi");
+	&lea	("esi",&DWP(64,"esp"));	# tp
+	&mov	($T,"esi");
+	&lea	("edi",&DWP(32,"esp"));	# scratch area
+	&mov	($scratch,"edi");
+	&mov	("esi","eax");
+
+	&lea	("ebp",&DWP(-$pad,"ecx"));
+	&shr	("ebp",2);		# restore original num value in ebp
+
+	&xor	("eax","eax");
+
+	&mov	("ecx","ebp");
+	&lea	("ecx",&DWP((32+$pad)/4,"ecx"));# padded tp + scratch
+	&data_byte(0xf3,0xab);		# rep stosl, bzero
+
+	&mov	("ecx","ebp");
+	&lea	("edi",&DWP(64+$pad,"esp","ecx",4));# pointer to ap copy
+	&mov	($A,"edi");
+	&data_byte(0xf3,0xa5);		# rep movsl, memcpy
+	&mov	("ecx",$pad/4);
+	&data_byte(0xf3,0xab);		# rep stosl, bzero pad
+	# edi points at the end of padded ap copy...
+
+	&mov	("ecx","ebp");
+	&mov	("esi","ebx");
+	&mov	($B,"edi");
+	&data_byte(0xf3,0xa5);		# rep movsl, memcpy
+	&mov	("ecx",$pad/4);
+	&data_byte(0xf3,0xab);		# rep stosl, bzero pad
+	# edi points at the end of padded bp copy...
+
+	&mov	("ecx","ebp");
+	&mov	("esi","edx");
+	&mov	($M,"edi");
+	&data_byte(0xf3,0xa5);		# rep movsl, memcpy
+	&mov	("ecx",$pad/4);
+	&data_byte(0xf3,0xab);		# rep stosl, bzero pad
+	# edi points at the end of padded np copy...
+
+	# let magic happen...
+	&mov	("ecx","ebp");
+	&mov	("esi","esp");
+	&shl	("ecx",5);		# convert word counter to bit counter
+	&align	(4);
+	&data_byte(0xf3,0x0f,0xa6,0xc0);# rep montmul
+
+	&mov	("ecx","ebp");
+	&lea	("esi",&DWP(64,"esp"));		# tp
+	# edi still points at the end of padded np copy...
+	&neg	("ebp");
+	&lea	("ebp",&DWP(-$pad,"edi","ebp",4));	# so just "rewind"
+	&mov	("edi",$rp);			# restore rp
+	&xor	("edx","edx");			# i=0 and clear CF
+
+&set_label("sub",8);
+	&mov	("eax",&DWP(0,"esi","edx",4));
+	&sbb	("eax",&DWP(0,"ebp","edx",4));
+	&mov	(&DWP(0,"edi","edx",4),"eax");	# rp[i]=tp[i]-np[i]
+	&lea	("edx",&DWP(1,"edx"));		# i++
+	&loop	(&label("sub"));		# doesn't affect CF!
+
+	&mov	("eax",&DWP(0,"esi","edx",4));	# upmost overflow bit
+	&sbb	("eax",0);
+	&and	("esi","eax");
+	&not	("eax");
+	&mov	("ebp","edi");
+	&and	("ebp","eax");
+	&or	("esi","ebp");			# tp=carry?tp:rp
+
+	&mov	("ecx","edx");			# num
+	&xor	("edx","edx");			# i=0
+
+&set_label("copy",8);
+	&mov	("eax",&DWP(0,"esi","edx",4));
+	&mov	(&DWP(64,"esp","edx",4),"ecx");	# zap tp
+	&mov	(&DWP(0,"edi","edx",4),"eax");
+	&lea	("edx",&DWP(1,"edx"));		# i++
+	&loop	(&label("copy"));
+
+	&mov	("ebp",$sp);
+	&xor	("eax","eax");
+
+	&mov	("ecx",64/4);
+	&mov	("edi","esp");		# zap frame including scratch area
+	&data_byte(0xf3,0xab);		# rep stosl, bzero
+
+	# zap copies of ap, bp and np
+	&lea	("edi",&DWP(64+$pad,"esp","edx",4));# pointer to ap
+	&lea	("ecx",&DWP(3*$pad/4,"edx","edx",2));
+	&data_byte(0xf3,0xab);		# rep stosl, bzero
+
+	&mov	("esp","ebp");
+	&inc	("eax");		# signal "done"
+	&popf	();
+&set_label("leave");
+&function_end($func);
+
+&asciz("Padlock Montgomery Multiplication, CRYPTOGAMS by <appro\@openssl.org>");
+
+&asm_finish();
diff --git a/crypto/bn/asm/x86-mont.pl b/crypto/bn/asm/x86-mont.pl
new file mode 100755
index 0000000000..5cd3cd2ed5
--- /dev/null
+++ b/crypto/bn/asm/x86-mont.pl
@@ -0,0 +1,591 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# October 2005
+#
+# This is a "teaser" code, as it can be improved in several ways...
+# First of all non-SSE2 path should be implemented (yes, for now it
+# performs Montgomery multiplication/convolution only on SSE2-capable
+# CPUs such as P4, others fall down to original code). Then inner loop
+# can be unrolled and modulo-scheduled to improve ILP and possibly
+# moved to 128-bit XMM register bank (though it would require input
+# rearrangement and/or increase bus bandwidth utilization). Dedicated
+# squaring procedure should give further performance improvement...
+# Yet, for being draft, the code improves rsa512 *sign* benchmark by
+# 110%(!), rsa1024 one - by 70% and rsa4096 - by 20%:-)
+
+# December 2006
+#
+# Modulo-scheduling SSE2 loops results in further 15-20% improvement.
+# Integer-only code [being equipped with dedicated squaring procedure]
+# gives ~40% on rsa512 sign benchmark...
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+push(@INC,"${dir}","${dir}../../perlasm");
+require "x86asm.pl";
+
+&asm_init($ARGV[0],$0);
+
+$sse2=0;
+for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); }
+
+&external_label("OPENSSL_ia32cap_P") if ($sse2);
+
+&function_begin("bn_mul_mont");
+
+$i="edx";
+$j="ecx";
+$ap="esi";	$tp="esi";		# overlapping variables!!!
+$rp="edi";	$bp="edi";		# overlapping variables!!!
+$np="ebp";
+$num="ebx";
+
+$_num=&DWP(4*0,"esp");			# stack top layout
+$_rp=&DWP(4*1,"esp");
+$_ap=&DWP(4*2,"esp");
+$_bp=&DWP(4*3,"esp");
+$_np=&DWP(4*4,"esp");
+$_n0=&DWP(4*5,"esp");	$_n0q=&QWP(4*5,"esp");
+$_sp=&DWP(4*6,"esp");
+$_bpend=&DWP(4*7,"esp");
+$frame=32;				# size of above frame rounded up to 16n
+
+	&xor	("eax","eax");
+	&mov	("edi",&wparam(5));	# int num
+	&cmp	("edi",4);
+	&jl	(&label("just_leave"));
+
+	&lea	("esi",&wparam(0));	# put aside pointer to argument block
+	&lea	("edx",&wparam(1));	# load ap
+	&mov	("ebp","esp");		# saved stack pointer!
+	&add	("edi",2);		# extra two words on top of tp
+	&neg	("edi");
+	&lea	("esp",&DWP(-$frame,"esp","edi",4));	# alloca($frame+4*(num+2))
+	&neg	("edi");
+
+	# minimize cache contention by arraning 2K window between stack
+	# pointer and ap argument [np is also position sensitive vector,
+	# but it's assumed to be near ap, as it's allocated at ~same
+	# time].
+	&mov	("eax","esp");
+	&sub	("eax","edx");
+	&and	("eax",2047);
+	&sub	("esp","eax");		# this aligns sp and ap modulo 2048
+
+	&xor	("edx","esp");
+	&and	("edx",2048);
+	&xor	("edx",2048);
+	&sub	("esp","edx");		# this splits them apart modulo 4096
+
+	&and	("esp",-64);		# align to cache line
+
+	################################# load argument block...
+	&mov	("eax",&DWP(0*4,"esi"));# BN_ULONG *rp
+	&mov	("ebx",&DWP(1*4,"esi"));# const BN_ULONG *ap
+	&mov	("ecx",&DWP(2*4,"esi"));# const BN_ULONG *bp
+	&mov	("edx",&DWP(3*4,"esi"));# const BN_ULONG *np
+	&mov	("esi",&DWP(4*4,"esi"));# const BN_ULONG *n0
+	#&mov	("edi",&DWP(5*4,"esi"));# int num
+
+	&mov	("esi",&DWP(0,"esi"));	# pull n0[0]
+	&mov	($_rp,"eax");		# ... save a copy of argument block
+	&mov	($_ap,"ebx");
+	&mov	($_bp,"ecx");
+	&mov	($_np,"edx");
+	&mov	($_n0,"esi");
+	&lea	($num,&DWP(-3,"edi"));	# num=num-1 to assist modulo-scheduling
+	#&mov	($_num,$num);		# redundant as $num is not reused
+	&mov	($_sp,"ebp");		# saved stack pointer!
+
+if($sse2) {
+$acc0="mm0";	# mmx register bank layout
+$acc1="mm1";
+$car0="mm2";
+$car1="mm3";
+$mul0="mm4";
+$mul1="mm5";
+$temp="mm6";
+$mask="mm7";
+
+	&picmeup("eax","OPENSSL_ia32cap_P");
+	&bt	(&DWP(0,"eax"),26);
+	&jnc	(&label("non_sse2"));
+
+	&mov	("eax",-1);
+	&movd	($mask,"eax");		# mask 32 lower bits
+
+	&mov	($ap,$_ap);		# load input pointers
+	&mov	($bp,$_bp);
+	&mov	($np,$_np);
+
+	&xor	($i,$i);		# i=0
+	&xor	($j,$j);		# j=0
+
+	&movd	($mul0,&DWP(0,$bp));		# bp[0]
+	&movd	($mul1,&DWP(0,$ap));		# ap[0]
+	&movd	($car1,&DWP(0,$np));		# np[0]
+
+	&pmuludq($mul1,$mul0);			# ap[0]*bp[0]
+	&movq	($car0,$mul1);
+	&movq	($acc0,$mul1);			# I wish movd worked for
+	&pand	($acc0,$mask);			# inter-register transfers
+
+	&pmuludq($mul1,$_n0q);			# *=n0
+
+	&pmuludq($car1,$mul1);			# "t[0]"*np[0]*n0
+	&paddq	($car1,$acc0);
+
+	&movd	($acc1,&DWP(4,$np));		# np[1]
+	&movd	($acc0,&DWP(4,$ap));		# ap[1]
+
+	&psrlq	($car0,32);
+	&psrlq	($car1,32);
+
+	&inc	($j);				# j++
+&set_label("1st",16);
+	&pmuludq($acc0,$mul0);			# ap[j]*bp[0]
+	&pmuludq($acc1,$mul1);			# np[j]*m1
+	&paddq	($car0,$acc0);			# +=c0
+	&paddq	($car1,$acc1);			# +=c1
+
+	&movq	($acc0,$car0);
+	&pand	($acc0,$mask);
+	&movd	($acc1,&DWP(4,$np,$j,4));	# np[j+1]
+	&paddq	($car1,$acc0);			# +=ap[j]*bp[0];
+	&movd	($acc0,&DWP(4,$ap,$j,4));	# ap[j+1]
+	&psrlq	($car0,32);
+	&movd	(&DWP($frame-4,"esp",$j,4),$car1);	# tp[j-1]=
+	&psrlq	($car1,32);
+
+	&lea	($j,&DWP(1,$j));
+	&cmp	($j,$num);
+	&jl	(&label("1st"));
+
+	&pmuludq($acc0,$mul0);			# ap[num-1]*bp[0]
+	&pmuludq($acc1,$mul1);			# np[num-1]*m1
+	&paddq	($car0,$acc0);			# +=c0
+	&paddq	($car1,$acc1);			# +=c1
+
+	&movq	($acc0,$car0);
+	&pand	($acc0,$mask);
+	&paddq	($car1,$acc0);			# +=ap[num-1]*bp[0];
+	&movd	(&DWP($frame-4,"esp",$j,4),$car1);	# tp[num-2]=
+
+	&psrlq	($car0,32);
+	&psrlq	($car1,32);
+
+	&paddq	($car1,$car0);
+	&movq	(&QWP($frame,"esp",$num,4),$car1);	# tp[num].tp[num-1]
+
+	&inc	($i);				# i++
+&set_label("outer");
+	&xor	($j,$j);			# j=0
+
+	&movd	($mul0,&DWP(0,$bp,$i,4));	# bp[i]
+	&movd	($mul1,&DWP(0,$ap));		# ap[0]
+	&movd	($temp,&DWP($frame,"esp"));	# tp[0]
+	&movd	($car1,&DWP(0,$np));		# np[0]
+	&pmuludq($mul1,$mul0);			# ap[0]*bp[i]
+
+	&paddq	($mul1,$temp);			# +=tp[0]
+	&movq	($acc0,$mul1);
+	&movq	($car0,$mul1);
+	&pand	($acc0,$mask);
+
+	&pmuludq($mul1,$_n0q);			# *=n0
+
+	&pmuludq($car1,$mul1);
+	&paddq	($car1,$acc0);
+
+	&movd	($temp,&DWP($frame+4,"esp"));	# tp[1]
+	&movd	($acc1,&DWP(4,$np));		# np[1]
+	&movd	($acc0,&DWP(4,$ap));		# ap[1]
+
+	&psrlq	($car0,32);
+	&psrlq	($car1,32);
+	&paddq	($car0,$temp);			# +=tp[1]
+
+	&inc	($j);				# j++
+	&dec	($num);
+&set_label("inner");
+	&pmuludq($acc0,$mul0);			# ap[j]*bp[i]
+	&pmuludq($acc1,$mul1);			# np[j]*m1
+	&paddq	($car0,$acc0);			# +=c0
+	&paddq	($car1,$acc1);			# +=c1
+
+	&movq	($acc0,$car0);
+	&movd	($temp,&DWP($frame+4,"esp",$j,4));# tp[j+1]
+	&pand	($acc0,$mask);
+	&movd	($acc1,&DWP(4,$np,$j,4));	# np[j+1]
+	&paddq	($car1,$acc0);			# +=ap[j]*bp[i]+tp[j]
+	&movd	($acc0,&DWP(4,$ap,$j,4));	# ap[j+1]
+	&psrlq	($car0,32);
+	&movd	(&DWP($frame-4,"esp",$j,4),$car1);# tp[j-1]=
+	&psrlq	($car1,32);
+	&paddq	($car0,$temp);			# +=tp[j+1]
+
+	&dec	($num);
+	&lea	($j,&DWP(1,$j));		# j++
+	&jnz	(&label("inner"));
+
+	&mov	($num,$j);
+	&pmuludq($acc0,$mul0);			# ap[num-1]*bp[i]
+	&pmuludq($acc1,$mul1);			# np[num-1]*m1
+	&paddq	($car0,$acc0);			# +=c0
+	&paddq	($car1,$acc1);			# +=c1
+
+	&movq	($acc0,$car0);
+	&pand	($acc0,$mask);
+	&paddq	($car1,$acc0);			# +=ap[num-1]*bp[i]+tp[num-1]
+	&movd	(&DWP($frame-4,"esp",$j,4),$car1);	# tp[num-2]=
+	&psrlq	($car0,32);
+	&psrlq	($car1,32);
+
+	&movd	($temp,&DWP($frame+4,"esp",$num,4));	# += tp[num]
+	&paddq	($car1,$car0);
+	&paddq	($car1,$temp);
+	&movq	(&QWP($frame,"esp",$num,4),$car1);	# tp[num].tp[num-1]
+
+	&lea	($i,&DWP(1,$i));		# i++
+	&cmp	($i,$num);
+	&jle	(&label("outer"));
+
+	&emms	();				# done with mmx bank
+	&jmp	(&label("common_tail"));
+
+&set_label("non_sse2",16);
+}
+
+if (0) {
+	&mov	("esp",$_sp);
+	&xor	("eax","eax");	# signal "not fast enough [yet]"
+	&jmp	(&label("just_leave"));
+	# While the below code provides competitive performance for
+	# all key lengthes on modern Intel cores, it's still more
+	# than 10% slower for 4096-bit key elsewhere:-( "Competitive"
+	# means compared to the original integer-only assembler.
+	# 512-bit RSA sign is better by ~40%, but that's about all
+	# one can say about all CPUs...
+} else {
+$inp="esi";	# integer path uses these registers differently
+$word="edi";
+$carry="ebp";
+
+	&mov	($inp,$_ap);
+	&lea	($carry,&DWP(1,$num));
+	&mov	($word,$_bp);
+	&xor	($j,$j);				# j=0
+	&mov	("edx",$inp);
+	&and	($carry,1);				# see if num is even
+	&sub	("edx",$word);				# see if ap==bp
+	&lea	("eax",&DWP(4,$word,$num,4));		# &bp[num]
+	&or	($carry,"edx");
+	&mov	($word,&DWP(0,$word));			# bp[0]
+	&jz	(&label("bn_sqr_mont"));
+	&mov	($_bpend,"eax");
+	&mov	("eax",&DWP(0,$inp));
+	&xor	("edx","edx");
+
+&set_label("mull",16);
+	&mov	($carry,"edx");
+	&mul	($word);				# ap[j]*bp[0]
+	&add	($carry,"eax");
+	&lea	($j,&DWP(1,$j));
+	&adc	("edx",0);
+	&mov	("eax",&DWP(0,$inp,$j,4));		# ap[j+1]
+	&cmp	($j,$num);
+	&mov	(&DWP($frame-4,"esp",$j,4),$carry);	# tp[j]=
+	&jl	(&label("mull"));
+
+	&mov	($carry,"edx");
+	&mul	($word);				# ap[num-1]*bp[0]
+	 &mov	($word,$_n0);
+	&add	("eax",$carry);
+	 &mov	($inp,$_np);
+	&adc	("edx",0);
+	 &imul	($word,&DWP($frame,"esp"));		# n0*tp[0]
+
+	&mov	(&DWP($frame,"esp",$num,4),"eax");	# tp[num-1]=
+	&xor	($j,$j);
+	&mov	(&DWP($frame+4,"esp",$num,4),"edx");	# tp[num]=
+	&mov	(&DWP($frame+8,"esp",$num,4),$j);	# tp[num+1]=
+
+	&mov	("eax",&DWP(0,$inp));			# np[0]
+	&mul	($word);				# np[0]*m
+	&add	("eax",&DWP($frame,"esp"));		# +=tp[0]
+	&mov	("eax",&DWP(4,$inp));			# np[1]
+	&adc	("edx",0);
+	&inc	($j);
+
+	&jmp	(&label("2ndmadd"));
+
+&set_label("1stmadd",16);
+	&mov	($carry,"edx");
+	&mul	($word);				# ap[j]*bp[i]
+	&add	($carry,&DWP($frame,"esp",$j,4));	# +=tp[j]
+	&lea	($j,&DWP(1,$j));
+	&adc	("edx",0);
+	&add	($carry,"eax");
+	&mov	("eax",&DWP(0,$inp,$j,4));		# ap[j+1]
+	&adc	("edx",0);
+	&cmp	($j,$num);
+	&mov	(&DWP($frame-4,"esp",$j,4),$carry);	# tp[j]=
+	&jl	(&label("1stmadd"));
+
+	&mov	($carry,"edx");
+	&mul	($word);				# ap[num-1]*bp[i]
+	&add	("eax",&DWP($frame,"esp",$num,4));	# +=tp[num-1]
+	 &mov	($word,$_n0);
+	&adc	("edx",0);
+	 &mov	($inp,$_np);
+	&add	($carry,"eax");
+	&adc	("edx",0);
+	 &imul	($word,&DWP($frame,"esp"));		# n0*tp[0]
+
+	&xor	($j,$j);
+	&add	("edx",&DWP($frame+4,"esp",$num,4));	# carry+=tp[num]
+	&mov	(&DWP($frame,"esp",$num,4),$carry);	# tp[num-1]=
+	&adc	($j,0);
+	 &mov	("eax",&DWP(0,$inp));			# np[0]
+	&mov	(&DWP($frame+4,"esp",$num,4),"edx");	# tp[num]=
+	&mov	(&DWP($frame+8,"esp",$num,4),$j);	# tp[num+1]=
+
+	&mul	($word);				# np[0]*m
+	&add	("eax",&DWP($frame,"esp"));		# +=tp[0]
+	&mov	("eax",&DWP(4,$inp));			# np[1]
+	&adc	("edx",0);
+	&mov	($j,1);
+
+&set_label("2ndmadd",16);
+	&mov	($carry,"edx");
+	&mul	($word);				# np[j]*m
+	&add	($carry,&DWP($frame,"esp",$j,4));	# +=tp[j]
+	&lea	($j,&DWP(1,$j));
+	&adc	("edx",0);
+	&add	($carry,"eax");
+	&mov	("eax",&DWP(0,$inp,$j,4));		# np[j+1]
+	&adc	("edx",0);
+	&cmp	($j,$num);
+	&mov	(&DWP($frame-8,"esp",$j,4),$carry);	# tp[j-1]=
+	&jl	(&label("2ndmadd"));
+
+	&mov	($carry,"edx");
+	&mul	($word);				# np[j]*m
+	&add	($carry,&DWP($frame,"esp",$num,4));	# +=tp[num-1]
+	&adc	("edx",0);
+	&add	($carry,"eax");
+	&adc	("edx",0);
+	&mov	(&DWP($frame-4,"esp",$num,4),$carry);	# tp[num-2]=
+
+	&xor	("eax","eax");
+	 &mov	($j,$_bp);				# &bp[i]
+	&add	("edx",&DWP($frame+4,"esp",$num,4));	# carry+=tp[num]
+	&adc	("eax",&DWP($frame+8,"esp",$num,4));	# +=tp[num+1]
+	 &lea	($j,&DWP(4,$j));
+	&mov	(&DWP($frame,"esp",$num,4),"edx");	# tp[num-1]=
+	 &cmp	($j,$_bpend);
+	&mov	(&DWP($frame+4,"esp",$num,4),"eax");	# tp[num]=
+	&je	(&label("common_tail"));
+
+	&mov	($word,&DWP(0,$j));			# bp[i+1]
+	&mov	($inp,$_ap);
+	&mov	($_bp,$j);				# &bp[++i]
+	&xor	($j,$j);
+	&xor	("edx","edx");
+	&mov	("eax",&DWP(0,$inp));
+	&jmp	(&label("1stmadd"));
+
+&set_label("bn_sqr_mont",16);
+$sbit=$num;
+	&mov	($_num,$num);
+	&mov	($_bp,$j);				# i=0
+
+	&mov	("eax",$word);				# ap[0]
+	&mul	($word);				# ap[0]*ap[0]
+	&mov	(&DWP($frame,"esp"),"eax");		# tp[0]=
+	&mov	($sbit,"edx");
+	&shr	("edx",1);
+	&and	($sbit,1);
+	&inc	($j);
+&set_label("sqr",16);
+	&mov	("eax",&DWP(0,$inp,$j,4));		# ap[j]
+	&mov	($carry,"edx");
+	&mul	($word);				# ap[j]*ap[0]
+	&add	("eax",$carry);
+	&lea	($j,&DWP(1,$j));
+	&adc	("edx",0);
+	&lea	($carry,&DWP(0,$sbit,"eax",2));
+	&shr	("eax",31);
+	&cmp	($j,$_num);
+	&mov	($sbit,"eax");
+	&mov	(&DWP($frame-4,"esp",$j,4),$carry);	# tp[j]=
+	&jl	(&label("sqr"));
+
+	&mov	("eax",&DWP(0,$inp,$j,4));		# ap[num-1]
+	&mov	($carry,"edx");
+	&mul	($word);				# ap[num-1]*ap[0]
+	&add	("eax",$carry);
+	 &mov	($word,$_n0);
+	&adc	("edx",0);
+	 &mov	($inp,$_np);
+	&lea	($carry,&DWP(0,$sbit,"eax",2));
+	 &imul	($word,&DWP($frame,"esp"));		# n0*tp[0]
+	&shr	("eax",31);
+	&mov	(&DWP($frame,"esp",$j,4),$carry);	# tp[num-1]=
+
+	&lea	($carry,&DWP(0,"eax","edx",2));
+	 &mov	("eax",&DWP(0,$inp));			# np[0]
+	&shr	("edx",31);
+	&mov	(&DWP($frame+4,"esp",$j,4),$carry);	# tp[num]=
+	&mov	(&DWP($frame+8,"esp",$j,4),"edx");	# tp[num+1]=
+
+	&mul	($word);				# np[0]*m
+	&add	("eax",&DWP($frame,"esp"));		# +=tp[0]
+	&mov	($num,$j);
+	&adc	("edx",0);
+	&mov	("eax",&DWP(4,$inp));			# np[1]
+	&mov	($j,1);
+
+&set_label("3rdmadd",16);
+	&mov	($carry,"edx");
+	&mul	($word);				# np[j]*m
+	&add	($carry,&DWP($frame,"esp",$j,4));	# +=tp[j]
+	&adc	("edx",0);
+	&add	($carry,"eax");
+	&mov	("eax",&DWP(4,$inp,$j,4));		# np[j+1]
+	&adc	("edx",0);
+	&mov	(&DWP($frame-4,"esp",$j,4),$carry);	# tp[j-1]=
+
+	&mov	($carry,"edx");
+	&mul	($word);				# np[j+1]*m
+	&add	($carry,&DWP($frame+4,"esp",$j,4));	# +=tp[j+1]
+	&lea	($j,&DWP(2,$j));
+	&adc	("edx",0);
+	&add	($carry,"eax");
+	&mov	("eax",&DWP(0,$inp,$j,4));		# np[j+2]
+	&adc	("edx",0);
+	&cmp	($j,$num);
+	&mov	(&DWP($frame-8,"esp",$j,4),$carry);	# tp[j]=
+	&jl	(&label("3rdmadd"));
+
+	&mov	($carry,"edx");
+	&mul	($word);				# np[j]*m
+	&add	($carry,&DWP($frame,"esp",$num,4));	# +=tp[num-1]
+	&adc	("edx",0);
+	&add	($carry,"eax");
+	&adc	("edx",0);
+	&mov	(&DWP($frame-4,"esp",$num,4),$carry);	# tp[num-2]=
+
+	&mov	($j,$_bp);				# i
+	&xor	("eax","eax");
+	&mov	($inp,$_ap);
+	&add	("edx",&DWP($frame+4,"esp",$num,4));	# carry+=tp[num]
+	&adc	("eax",&DWP($frame+8,"esp",$num,4));	# +=tp[num+1]
+	&mov	(&DWP($frame,"esp",$num,4),"edx");	# tp[num-1]=
+	&cmp	($j,$num);
+	&mov	(&DWP($frame+4,"esp",$num,4),"eax");	# tp[num]=
+	&je	(&label("common_tail"));
+
+	&mov	($word,&DWP(4,$inp,$j,4));		# ap[i]
+	&lea	($j,&DWP(1,$j));
+	&mov	("eax",$word);
+	&mov	($_bp,$j);				# ++i
+	&mul	($word);				# ap[i]*ap[i]
+	&add	("eax",&DWP($frame,"esp",$j,4));	# +=tp[i]
+	&adc	("edx",0);
+	&mov	(&DWP($frame,"esp",$j,4),"eax");	# tp[i]=
+	&xor	($carry,$carry);
+	&cmp	($j,$num);
+	&lea	($j,&DWP(1,$j));
+	&je	(&label("sqrlast"));
+
+	&mov	($sbit,"edx");				# zaps $num
+	&shr	("edx",1);
+	&and	($sbit,1);
+&set_label("sqradd",16);
+	&mov	("eax",&DWP(0,$inp,$j,4));		# ap[j]
+	&mov	($carry,"edx");
+	&mul	($word);				# ap[j]*ap[i]
+	&add	("eax",$carry);
+	&lea	($carry,&DWP(0,"eax","eax"));
+	&adc	("edx",0);
+	&shr	("eax",31);
+	&add	($carry,&DWP($frame,"esp",$j,4));	# +=tp[j]
+	&lea	($j,&DWP(1,$j));
+	&adc	("eax",0);
+	&add	($carry,$sbit);
+	&adc	("eax",0);
+	&cmp	($j,$_num);
+	&mov	(&DWP($frame-4,"esp",$j,4),$carry);	# tp[j]=
+	&mov	($sbit,"eax");
+	&jle	(&label("sqradd"));
+
+	&mov	($carry,"edx");
+	&lea	("edx",&DWP(0,$sbit,"edx",2));
+	&shr	($carry,31);
+&set_label("sqrlast");
+	&mov	($word,$_n0);
+	&mov	($inp,$_np);
+	&imul	($word,&DWP($frame,"esp"));		# n0*tp[0]
+
+	&add	("edx",&DWP($frame,"esp",$j,4));	# +=tp[num]
+	&mov	("eax",&DWP(0,$inp));			# np[0]
+	&adc	($carry,0);
+	&mov	(&DWP($frame,"esp",$j,4),"edx");	# tp[num]=
+	&mov	(&DWP($frame+4,"esp",$j,4),$carry);	# tp[num+1]=
+
+	&mul	($word);				# np[0]*m
+	&add	("eax",&DWP($frame,"esp"));		# +=tp[0]
+	&lea	($num,&DWP(-1,$j));
+	&adc	("edx",0);
+	&mov	($j,1);
+	&mov	("eax",&DWP(4,$inp));			# np[1]
+
+	&jmp	(&label("3rdmadd"));
+}
+
+&set_label("common_tail",16);
+	&mov	($np,$_np);			# load modulus pointer
+	&mov	($rp,$_rp);			# load result pointer
+	&lea	($tp,&DWP($frame,"esp"));	# [$ap and $bp are zapped]
+
+	&mov	("eax",&DWP(0,$tp));		# tp[0]
+	&mov	($j,$num);			# j=num-1
+	&xor	($i,$i);			# i=0 and clear CF!
+
+&set_label("sub",16);
+	&sbb	("eax",&DWP(0,$np,$i,4));
+	&mov	(&DWP(0,$rp,$i,4),"eax");	# rp[i]=tp[i]-np[i]
+	&dec	($j);				# doesn't affect CF!
+	&mov	("eax",&DWP(4,$tp,$i,4));	# tp[i+1]
+	&lea	($i,&DWP(1,$i));		# i++
+	&jge	(&label("sub"));
+
+	&sbb	("eax",0);			# handle upmost overflow bit
+	&and	($tp,"eax");
+	&not	("eax");
+	&mov	($np,$rp);
+	&and	($np,"eax");
+	&or	($tp,$np);			# tp=carry?tp:rp
+
+&set_label("copy",16);				# copy or in-place refresh
+	&mov	("eax",&DWP(0,$tp,$num,4));
+	&mov	(&DWP(0,$rp,$num,4),"eax");	# rp[i]=tp[i]
+	&mov	(&DWP($frame,"esp",$num,4),$j);	# zap temporary vector
+	&dec	($num);
+	&jge	(&label("copy"));
+
+	&mov	("esp",$_sp);		# pull saved stack pointer
+	&mov	("eax",1);
+&set_label("just_leave");
+&function_end("bn_mul_mont");
+
+&asciz("Montgomery Multiplication for x86, CRYPTOGAMS by <appro\@openssl.org>");
+
+&asm_finish();
diff --git a/crypto/bn/asm/x86_64-gcc.c b/crypto/bn/asm/x86_64-gcc.c
index d13ec5a468..a0c49ee978 100644
--- a/crypto/bn/asm/x86_64-gcc.c
+++ b/crypto/bn/asm/x86_64-gcc.c
@@ -1,3 +1,7 @@
+#include "../bn_lcl.h"
+#if !(defined(__GNUC__) && __GNUC__>=2)
+# include "../bn_asm.c"	/* kind of dirty hack for Sun Studio */
+#else
 /*
  * x86_64 BIGNUM accelerator version 0.1, December 2002.
  *
@@ -51,7 +55,14 @@
  *    machine.
  */
 
+#ifdef _WIN64
+#define BN_ULONG unsigned long long
+#else
 #define BN_ULONG unsigned long
+#endif
+
+#undef mul
+#undef mul_add
 
 /*
  * "m"(a), "+m"(r)	is the way to favor DirectPath µ-code;
@@ -94,7 +105,7 @@
 		: "a"(a)		\
 		: "cc");
 
-BN_ULONG bn_mul_add_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w)
+BN_ULONG bn_mul_add_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w)
 	{
 	BN_ULONG c1=0;
 
@@ -118,7 +129,7 @@ BN_ULONG bn_mul_add_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w)
 	return(c1);
 	} 
 
-BN_ULONG bn_mul_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w)
+BN_ULONG bn_mul_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w)
 	{
 	BN_ULONG c1=0;
 
@@ -141,7 +152,7 @@ BN_ULONG bn_mul_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w)
 	return(c1);
 	} 
 
-void bn_sqr_words(BN_ULONG *r, BN_ULONG *a, int n)
+void bn_sqr_words(BN_ULONG *r, const BN_ULONG *a, int n)
         {
 	if (n <= 0) return;
 
@@ -172,21 +183,21 @@ BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d)
 	return ret;
 }
 
-BN_ULONG bn_add_words (BN_ULONG *rp, BN_ULONG *ap, BN_ULONG *bp,int n)
+BN_ULONG bn_add_words (BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,int n)
 { BN_ULONG ret=0,i=0;
 
 	if (n <= 0) return 0;
 
 	asm (
 	"	subq	%2,%2		\n"
-	".align 16			\n"
+	".p2align 4			\n"
 	"1:	movq	(%4,%2,8),%0	\n"
 	"	adcq	(%5,%2,8),%0	\n"
 	"	movq	%0,(%3,%2,8)	\n"
 	"	leaq	1(%2),%2	\n"
 	"	loop	1b		\n"
 	"	sbbq	%0,%0		\n"
-		: "+a"(ret),"+c"(n),"+r"(i)
+		: "=&a"(ret),"+c"(n),"=&r"(i)
 		: "r"(rp),"r"(ap),"r"(bp)
 		: "cc"
 	);
@@ -195,21 +206,21 @@ BN_ULONG bn_add_words (BN_ULONG *rp, BN_ULONG *ap, BN_ULONG *bp,int n)
 }
 
 #ifndef SIMICS
-BN_ULONG bn_sub_words (BN_ULONG *rp, BN_ULONG *ap, BN_ULONG *bp,int n)
+BN_ULONG bn_sub_words (BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,int n)
 { BN_ULONG ret=0,i=0;
 
 	if (n <= 0) return 0;
 
 	asm (
 	"	subq	%2,%2		\n"
-	".align 16			\n"
+	".p2align 4			\n"
 	"1:	movq	(%4,%2,8),%0	\n"
 	"	sbbq	(%5,%2,8),%0	\n"
 	"	movq	%0,(%3,%2,8)	\n"
 	"	leaq	1(%2),%2	\n"
 	"	loop	1b		\n"
 	"	sbbq	%0,%0		\n"
-		: "+a"(ret),"+c"(n),"+r"(i)
+		: "=&a"(ret),"+c"(n),"=&r"(i)
 		: "r"(rp),"r"(ap),"r"(bp)
 		: "cc"
 	);
@@ -482,7 +493,7 @@ void bn_mul_comba4(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
 	r[7]=c2;
 	}
 
-void bn_sqr_comba8(BN_ULONG *r, BN_ULONG *a)
+void bn_sqr_comba8(BN_ULONG *r, const BN_ULONG *a)
 	{
 	BN_ULONG t1,t2;
 	BN_ULONG c1,c2,c3;
@@ -558,7 +569,7 @@ void bn_sqr_comba8(BN_ULONG *r, BN_ULONG *a)
 	r[15]=c1;
 	}
 
-void bn_sqr_comba4(BN_ULONG *r, BN_ULONG *a)
+void bn_sqr_comba4(BN_ULONG *r, const BN_ULONG *a)
 	{
 	BN_ULONG t1,t2;
 	BN_ULONG c1,c2,c3;
@@ -591,3 +602,4 @@ void bn_sqr_comba4(BN_ULONG *r, BN_ULONG *a)
 	r[6]=c1;
 	r[7]=c2;
 	}
+#endif
diff --git a/crypto/bn/asm/x86_64-mont.pl b/crypto/bn/asm/x86_64-mont.pl
new file mode 100755
index 0000000000..3b7a6f243f
--- /dev/null
+++ b/crypto/bn/asm/x86_64-mont.pl
@@ -0,0 +1,330 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# October 2005.
+#
+# Montgomery multiplication routine for x86_64. While it gives modest
+# 9% improvement of rsa4096 sign on Opteron, rsa512 sign runs more
+# than twice, >2x, as fast. Most common rsa1024 sign is improved by
+# respectful 50%. It remains to be seen if loop unrolling and
+# dedicated squaring routine can provide further improvement...
+
+$flavour = shift;
+$output  = shift;
+if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
+
+$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
+die "can't locate x86_64-xlate.pl";
+
+open STDOUT,"| $^X $xlate $flavour $output";
+
+# int bn_mul_mont(
+$rp="%rdi";	# BN_ULONG *rp,
+$ap="%rsi";	# const BN_ULONG *ap,
+$bp="%rdx";	# const BN_ULONG *bp,
+$np="%rcx";	# const BN_ULONG *np,
+$n0="%r8";	# const BN_ULONG *n0,
+$num="%r9";	# int num);
+$lo0="%r10";
+$hi0="%r11";
+$bp="%r12";	# reassign $bp
+$hi1="%r13";
+$i="%r14";
+$j="%r15";
+$m0="%rbx";
+$m1="%rbp";
+
+$code=<<___;
+.text
+
+.globl	bn_mul_mont
+.type	bn_mul_mont,\@function,6
+.align	16
+bn_mul_mont:
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+
+	mov	${num}d,${num}d
+	lea	2($num),%r10
+	mov	%rsp,%r11
+	neg	%r10
+	lea	(%rsp,%r10,8),%rsp	# tp=alloca(8*(num+2))
+	and	\$-1024,%rsp		# minimize TLB usage
+
+	mov	%r11,8(%rsp,$num,8)	# tp[num+1]=%rsp
+.Lprologue:
+	mov	%rdx,$bp		# $bp reassigned, remember?
+
+	mov	($n0),$n0		# pull n0[0] value
+
+	xor	$i,$i			# i=0
+	xor	$j,$j			# j=0
+
+	mov	($bp),$m0		# m0=bp[0]
+	mov	($ap),%rax
+	mulq	$m0			# ap[0]*bp[0]
+	mov	%rax,$lo0
+	mov	%rdx,$hi0
+
+	imulq	$n0,%rax		# "tp[0]"*n0
+	mov	%rax,$m1
+
+	mulq	($np)			# np[0]*m1
+	add	$lo0,%rax		# discarded
+	adc	\$0,%rdx
+	mov	%rdx,$hi1
+
+	lea	1($j),$j		# j++
+.L1st:
+	mov	($ap,$j,8),%rax
+	mulq	$m0			# ap[j]*bp[0]
+	add	$hi0,%rax
+	adc	\$0,%rdx
+	mov	%rax,$lo0
+	mov	($np,$j,8),%rax
+	mov	%rdx,$hi0
+
+	mulq	$m1			# np[j]*m1
+	add	$hi1,%rax
+	lea	1($j),$j		# j++
+	adc	\$0,%rdx
+	add	$lo0,%rax		# np[j]*m1+ap[j]*bp[0]
+	adc	\$0,%rdx
+	mov	%rax,-16(%rsp,$j,8)	# tp[j-1]
+	cmp	$num,$j
+	mov	%rdx,$hi1
+	jl	.L1st
+
+	xor	%rdx,%rdx
+	add	$hi0,$hi1
+	adc	\$0,%rdx
+	mov	$hi1,-8(%rsp,$num,8)
+	mov	%rdx,(%rsp,$num,8)	# store upmost overflow bit
+
+	lea	1($i),$i		# i++
+.align	4
+.Louter:
+	xor	$j,$j			# j=0
+
+	mov	($bp,$i,8),$m0		# m0=bp[i]
+	mov	($ap),%rax		# ap[0]
+	mulq	$m0			# ap[0]*bp[i]
+	add	(%rsp),%rax		# ap[0]*bp[i]+tp[0]
+	adc	\$0,%rdx
+	mov	%rax,$lo0
+	mov	%rdx,$hi0
+
+	imulq	$n0,%rax		# tp[0]*n0
+	mov	%rax,$m1
+
+	mulq	($np,$j,8)		# np[0]*m1
+	add	$lo0,%rax		# discarded
+	mov	8(%rsp),$lo0		# tp[1]
+	adc	\$0,%rdx
+	mov	%rdx,$hi1
+
+	lea	1($j),$j		# j++
+.align	4
+.Linner:
+	mov	($ap,$j,8),%rax
+	mulq	$m0			# ap[j]*bp[i]
+	add	$hi0,%rax
+	adc	\$0,%rdx
+	add	%rax,$lo0		# ap[j]*bp[i]+tp[j]
+	mov	($np,$j,8),%rax
+	adc	\$0,%rdx
+	mov	%rdx,$hi0
+
+	mulq	$m1			# np[j]*m1
+	add	$hi1,%rax
+	lea	1($j),$j		# j++
+	adc	\$0,%rdx
+	add	$lo0,%rax		# np[j]*m1+ap[j]*bp[i]+tp[j]
+	adc	\$0,%rdx
+	mov	(%rsp,$j,8),$lo0
+	cmp	$num,$j
+	mov	%rax,-16(%rsp,$j,8)	# tp[j-1]
+	mov	%rdx,$hi1
+	jl	.Linner
+
+	xor	%rdx,%rdx
+	add	$hi0,$hi1
+	adc	\$0,%rdx
+	add	$lo0,$hi1		# pull upmost overflow bit
+	adc	\$0,%rdx
+	mov	$hi1,-8(%rsp,$num,8)
+	mov	%rdx,(%rsp,$num,8)	# store upmost overflow bit
+
+	lea	1($i),$i		# i++
+	cmp	$num,$i
+	jl	.Louter
+
+	lea	(%rsp),$ap		# borrow ap for tp
+	lea	-1($num),$j		# j=num-1
+
+	mov	($ap),%rax		# tp[0]
+	xor	$i,$i			# i=0 and clear CF!
+	jmp	.Lsub
+.align	16
+.Lsub:	sbb	($np,$i,8),%rax
+	mov	%rax,($rp,$i,8)		# rp[i]=tp[i]-np[i]
+	dec	$j			# doesn't affect CF!
+	mov	8($ap,$i,8),%rax	# tp[i+1]
+	lea	1($i),$i		# i++
+	jge	.Lsub
+
+	sbb	\$0,%rax		# handle upmost overflow bit
+	and	%rax,$ap
+	not	%rax
+	mov	$rp,$np
+	and	%rax,$np
+	lea	-1($num),$j
+	or	$np,$ap			# ap=borrow?tp:rp
+.align	16
+.Lcopy:					# copy or in-place refresh
+	mov	($ap,$j,8),%rax
+	mov	%rax,($rp,$j,8)		# rp[i]=tp[i]
+	mov	$i,(%rsp,$j,8)		# zap temporary vector
+	dec	$j
+	jge	.Lcopy
+
+	mov	8(%rsp,$num,8),%rsi	# restore %rsp
+	mov	\$1,%rax
+	mov	(%rsi),%r15
+	mov	8(%rsi),%r14
+	mov	16(%rsi),%r13
+	mov	24(%rsi),%r12
+	mov	32(%rsi),%rbp
+	mov	40(%rsi),%rbx
+	lea	48(%rsi),%rsp
+.Lepilogue:
+	ret
+.size	bn_mul_mont,.-bn_mul_mont
+.asciz	"Montgomery Multiplication for x86_64, CRYPTOGAMS by <appro\@openssl.org>"
+.align	16
+___
+
+# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
+#		CONTEXT *context,DISPATCHER_CONTEXT *disp)
+if ($win64) {
+$rec="%rcx";
+$frame="%rdx";
+$context="%r8";
+$disp="%r9";
+
+$code.=<<___;
+.extern	__imp_RtlVirtualUnwind
+.type	se_handler,\@abi-omnipotent
+.align	16
+se_handler:
+	push	%rsi
+	push	%rdi
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	pushfq
+	sub	\$64,%rsp
+
+	mov	120($context),%rax	# pull context->Rax
+	mov	248($context),%rbx	# pull context->Rip
+
+	lea	.Lprologue(%rip),%r10
+	cmp	%r10,%rbx		# context->Rip<.Lprologue
+	jb	.Lin_prologue
+
+	mov	152($context),%rax	# pull context->Rsp
+
+	lea	.Lepilogue(%rip),%r10
+	cmp	%r10,%rbx		# context->Rip>=.Lepilogue
+	jae	.Lin_prologue
+
+	mov	192($context),%r10	# pull $num
+	mov	8(%rax,%r10,8),%rax	# pull saved stack pointer
+	lea	48(%rax),%rax
+
+	mov	-8(%rax),%rbx
+	mov	-16(%rax),%rbp
+	mov	-24(%rax),%r12
+	mov	-32(%rax),%r13
+	mov	-40(%rax),%r14
+	mov	-48(%rax),%r15
+	mov	%rbx,144($context)	# restore context->Rbx
+	mov	%rbp,160($context)	# restore context->Rbp
+	mov	%r12,216($context)	# restore context->R12
+	mov	%r13,224($context)	# restore context->R13
+	mov	%r14,232($context)	# restore context->R14
+	mov	%r15,240($context)	# restore context->R15
+
+.Lin_prologue:
+	mov	8(%rax),%rdi
+	mov	16(%rax),%rsi
+	mov	%rax,152($context)	# restore context->Rsp
+	mov	%rsi,168($context)	# restore context->Rsi
+	mov	%rdi,176($context)	# restore context->Rdi
+
+	mov	40($disp),%rdi		# disp->ContextRecord
+	mov	$context,%rsi		# context
+	mov	\$154,%ecx		# sizeof(CONTEXT)
+	.long	0xa548f3fc		# cld; rep movsq
+
+	mov	$disp,%rsi
+	xor	%rcx,%rcx		# arg1, UNW_FLAG_NHANDLER
+	mov	8(%rsi),%rdx		# arg2, disp->ImageBase
+	mov	0(%rsi),%r8		# arg3, disp->ControlPc
+	mov	16(%rsi),%r9		# arg4, disp->FunctionEntry
+	mov	40(%rsi),%r10		# disp->ContextRecord
+	lea	56(%rsi),%r11		# &disp->HandlerData
+	lea	24(%rsi),%r12		# &disp->EstablisherFrame
+	mov	%r10,32(%rsp)		# arg5
+	mov	%r11,40(%rsp)		# arg6
+	mov	%r12,48(%rsp)		# arg7
+	mov	%rcx,56(%rsp)		# arg8, (NULL)
+	call	*__imp_RtlVirtualUnwind(%rip)
+
+	mov	\$1,%eax		# ExceptionContinueSearch
+	add	\$64,%rsp
+	popfq
+	pop	%r15
+	pop	%r14
+	pop	%r13
+	pop	%r12
+	pop	%rbp
+	pop	%rbx
+	pop	%rdi
+	pop	%rsi
+	ret
+.size	se_handler,.-se_handler
+
+.section	.pdata
+.align	4
+	.rva	.LSEH_begin_bn_mul_mont
+	.rva	.LSEH_end_bn_mul_mont
+	.rva	.LSEH_info_bn_mul_mont
+
+.section	.xdata
+.align	8
+.LSEH_info_bn_mul_mont:
+	.byte	9,0,0,0
+	.rva	se_handler
+___
+}
+
+print $code;
+close STDOUT;
diff --git a/crypto/bn/bn.h b/crypto/bn/bn.h
index acf48b9784..e484b7fc11 100644
--- a/crypto/bn/bn.h
+++ b/crypto/bn/bn.h
@@ -56,6 +56,59 @@
  * [including the GNU Public Licence.]
  */
 /* ====================================================================
+ * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* ====================================================================
  * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
  *
  * Portions of the attached software ("Contribution") are developed by 
@@ -77,6 +130,7 @@
 #include <stdio.h> /* FILE */
 #endif
 #include <openssl/ossl_typ.h>
+#include <openssl/crypto.h>
 
 #ifdef  __cplusplus
 extern "C" {
@@ -90,21 +144,15 @@ extern "C" {
  * BN_DEBUG - turn on various debugging alterations to the bignum code
  * BN_DEBUG_RAND - uses random poisoning of unused words to trip up
  * mismanagement of bignum internals. You must also define BN_DEBUG.
- * BN_STRICT - disables anything (not already caught by BN_DEBUG) that uses the
- * old ambiguity over zero representation. At some point, this behaviour should
- * become standard.
  */
 /* #define BN_DEBUG */
 /* #define BN_DEBUG_RAND */
-/* #define BN_STRICT */
-
-#ifdef OPENSSL_SYS_VMS
-#undef BN_LLONG /* experimental, so far... */
-#endif
 
+#ifndef OPENSSL_SMALL_FOOTPRINT
 #define BN_MUL_COMBA
 #define BN_SQR_COMBA
 #define BN_RECURSION
+#endif
 
 /* This next option uses the C libraries (2 word)/(1 word) function.
  * If it is not defined, I use my C version (which is slower).
@@ -145,6 +193,8 @@ extern "C" {
 #define BN_DEC_FMT1	"%lu"
 #define BN_DEC_FMT2	"%019lu"
 #define BN_DEC_NUM	19
+#define BN_HEX_FMT1	"%lX"
+#define BN_HEX_FMT2	"%016lX"
 #endif
 
 /* This is where the long long data type is 64 bits, but long is 32.
@@ -170,93 +220,72 @@ extern "C" {
 #define BN_DEC_FMT1	"%llu"
 #define BN_DEC_FMT2	"%019llu"
 #define BN_DEC_NUM	19
+#define BN_HEX_FMT1	"%llX"
+#define BN_HEX_FMT2	"%016llX"
 #endif
 
 #ifdef THIRTY_TWO_BIT
-#if defined(OPENSSL_SYS_WIN32) && !defined(__GNUC__)
-#define BN_ULLONG	unsigned _int64
-#else
-#define BN_ULLONG	unsigned long long
+#ifdef BN_LLONG
+# if defined(_WIN32) && !defined(__GNUC__)
+#  define BN_ULLONG	unsigned __int64
+#  define BN_MASK	(0xffffffffffffffffI64)
+# else
+#  define BN_ULLONG	unsigned long long
+#  define BN_MASK	(0xffffffffffffffffLL)
+# endif
 #endif
-#define BN_ULONG	unsigned long
-#define BN_LONG		long
+#define BN_ULONG	unsigned int
+#define BN_LONG		int
 #define BN_BITS		64
 #define BN_BYTES	4
 #define BN_BITS2	32
 #define BN_BITS4	16
-#ifdef OPENSSL_SYS_WIN32
-/* VC++ doesn't like the LL suffix */
-#define BN_MASK		(0xffffffffffffffffL)
-#else
-#define BN_MASK		(0xffffffffffffffffLL)
-#endif
 #define BN_MASK2	(0xffffffffL)
 #define BN_MASK2l	(0xffff)
 #define BN_MASK2h1	(0xffff8000L)
 #define BN_MASK2h	(0xffff0000L)
 #define BN_TBIT		(0x80000000L)
 #define BN_DEC_CONV	(1000000000L)
-#define BN_DEC_FMT1	"%lu"
-#define BN_DEC_FMT2	"%09lu"
-#define BN_DEC_NUM	9
-#endif
-
-#ifdef SIXTEEN_BIT
-#ifndef BN_DIV2W
-#define BN_DIV2W
-#endif
-#define BN_ULLONG	unsigned long
-#define BN_ULONG	unsigned short
-#define BN_LONG		short
-#define BN_BITS		32
-#define BN_BYTES	2
-#define BN_BITS2	16
-#define BN_BITS4	8
-#define BN_MASK		(0xffffffff)
-#define BN_MASK2	(0xffff)
-#define BN_MASK2l	(0xff)
-#define BN_MASK2h1	(0xff80)
-#define BN_MASK2h	(0xff00)
-#define BN_TBIT		(0x8000)
-#define BN_DEC_CONV	(100000)
-#define BN_DEC_FMT1	"%u"
-#define BN_DEC_FMT2	"%05u"
-#define BN_DEC_NUM	5
-#endif
-
-#ifdef EIGHT_BIT
-#ifndef BN_DIV2W
-#define BN_DIV2W
-#endif
-#define BN_ULLONG	unsigned short
-#define BN_ULONG	unsigned char
-#define BN_LONG		char
-#define BN_BITS		16
-#define BN_BYTES	1
-#define BN_BITS2	8
-#define BN_BITS4	4
-#define BN_MASK		(0xffff)
-#define BN_MASK2	(0xff)
-#define BN_MASK2l	(0xf)
-#define BN_MASK2h1	(0xf8)
-#define BN_MASK2h	(0xf0)
-#define BN_TBIT		(0x80)
-#define BN_DEC_CONV	(100)
 #define BN_DEC_FMT1	"%u"
-#define BN_DEC_FMT2	"%02u"
-#define BN_DEC_NUM	2
+#define BN_DEC_FMT2	"%09u"
+#define BN_DEC_NUM	9
+#define BN_HEX_FMT1	"%X"
+#define BN_HEX_FMT2	"%08X"
 #endif
 
 #define BN_DEFAULT_BITS	1280
 
 #define BN_FLG_MALLOCED		0x01
 #define BN_FLG_STATIC_DATA	0x02
+#define BN_FLG_CONSTTIME	0x04 /* avoid leaking exponent information through timing,
+                                      * BN_mod_exp_mont() will call BN_mod_exp_mont_consttime,
+                                      * BN_div() will call BN_div_no_branch,
+                                      * BN_mod_inverse() will call BN_mod_inverse_no_branch.
+                                      */
+
+#ifndef OPENSSL_NO_DEPRECATED
+#define BN_FLG_EXP_CONSTTIME BN_FLG_CONSTTIME /* deprecated name for the flag */
+                                      /* avoid leaking exponent information through timings
+                                      * (BN_mod_exp_mont() will call BN_mod_exp_mont_consttime) */
+#endif
+
 #ifndef OPENSSL_NO_DEPRECATED
 #define BN_FLG_FREE		0x8000	/* used for debuging */
 #endif
 #define BN_set_flags(b,n)	((b)->flags|=(n))
 #define BN_get_flags(b,n)	((b)->flags&(n))
 
+/* get a clone of a BIGNUM with changed flags, for *temporary* use only
+ * (the two BIGNUMs cannot not be used in parallel!) */
+#define BN_with_flags(dest,b,n)  ((dest)->d=(b)->d, \
+                                  (dest)->top=(b)->top, \
+                                  (dest)->dmax=(b)->dmax, \
+                                  (dest)->neg=(b)->neg, \
+                                  (dest)->flags=(((dest)->flags & BN_FLG_MALLOCED) \
+                                                 |  ((b)->flags & ~BN_FLG_MALLOCED) \
+                                                 |  BN_FLG_STATIC_DATA \
+                                                 |  (n)))
+
 /* Already declared in ossl_typ.h */
 #if 0
 typedef struct bignum_st BIGNUM;
@@ -278,16 +307,6 @@ struct bignum_st
 	int flags;
 	};
 
-struct bn_blinding_st
-	{
-	int init;
-	BIGNUM *A;
-	BIGNUM *Ai;
-	BIGNUM *mod; /* just a reference */
-	unsigned long thread_id; /* added in OpenSSL 0.9.6j and 0.9.7b;
-				  * used only by crypto/rsa/rsa_eay.c, rsa_lib.c */
-	};
-
 /* Used for montgomery multiplication */
 struct bn_mont_ctx_st
 	{
@@ -296,7 +315,8 @@ struct bn_mont_ctx_st
 	BIGNUM N;      /* The modulus */
 	BIGNUM Ni;     /* R*(1/R mod N) - N*Ni = 1
 	                * (Ni is only stored for bignum algorithm) */
-	BN_ULONG n0;   /* least significant word of Ni */
+	BN_ULONG n0[2];/* least significant word(s) of Ni;
+	                  (type changed with 0.9.9, was "BN_ULONG n0;" before) */
 	int flags;
 	};
 
@@ -366,11 +386,7 @@ int BN_GENCB_call(BN_GENCB *cb, int a, int b);
 /* Note that BN_abs_is_word didn't work reliably for w == 0 until 0.9.8 */
 #define BN_abs_is_word(a,w) ((((a)->top == 1) && ((a)->d[0] == (BN_ULONG)(w))) || \
 				(((w) == 0) && ((a)->top == 0)))
-#ifdef BN_STRICT
 #define BN_is_zero(a)       ((a)->top == 0)
-#else
-#define BN_is_zero(a)       BN_abs_is_word(a,0)
-#endif
 #define BN_is_one(a)        (BN_abs_is_word((a),1) && !(a)->neg)
 #define BN_is_word(a,w)     (BN_abs_is_word((a),(w)) && (!(w) || !(a)->neg))
 #define BN_is_odd(a)	    (((a)->top > 0) && ((a)->d[0] & 1))
@@ -387,14 +403,6 @@ int BN_GENCB_call(BN_GENCB *cb, int a, int b);
 #else
 #define BN_zero(a)	(BN_set_word((a),0))
 #endif
-/* BN_set_sign(BIGNUM *, int) sets the sign of a BIGNUM
- * (0 for a non-negative value, 1 for negative) */
-#define BN_set_sign(a,b) ((a)->neg = (b))
-/* BN_get_sign(BIGNUM *) returns the sign of the BIGNUM */
-#define BN_get_sign(a)   ((a)->neg)
-
-/*#define BN_ascii2bn(a)	BN_hex2bn(a) */
-/*#define BN_bn2ascii(a)	BN_bn2hex(a) */
 
 const BIGNUM *BN_value_one(void);
 char *	BN_options(void);
@@ -408,16 +416,14 @@ BIGNUM *BN_CTX_get(BN_CTX *ctx);
 void	BN_CTX_end(BN_CTX *ctx);
 int     BN_rand(BIGNUM *rnd, int bits, int top,int bottom);
 int     BN_pseudo_rand(BIGNUM *rnd, int bits, int top,int bottom);
-int	BN_rand_range(BIGNUM *rnd, BIGNUM *range);
-int	BN_pseudo_rand_range(BIGNUM *rnd, BIGNUM *range);
+int	BN_rand_range(BIGNUM *rnd, const BIGNUM *range);
+int	BN_pseudo_rand_range(BIGNUM *rnd, const BIGNUM *range);
 int	BN_num_bits(const BIGNUM *a);
 int	BN_num_bits_word(BN_ULONG);
 BIGNUM *BN_new(void);
 void	BN_init(BIGNUM *);
 void	BN_clear_free(BIGNUM *a);
 BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b);
-/* BN_ncopy(): like BN_copy() but copies at most the first n BN_ULONGs */
-BIGNUM *BN_ncopy(BIGNUM *a, const BIGNUM *b, size_t n);
 void	BN_swap(BIGNUM *a, BIGNUM *b);
 BIGNUM *BN_bin2bn(const unsigned char *s,int len,BIGNUM *ret);
 int	BN_bn2bin(const BIGNUM *a, unsigned char *to);
@@ -429,6 +435,16 @@ int	BN_uadd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
 int	BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
 int	BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
 int	BN_sqr(BIGNUM *r, const BIGNUM *a,BN_CTX *ctx);
+/** BN_set_negative sets sign of a BIGNUM
+ * \param  b  pointer to the BIGNUM object
+ * \param  n  0 if the BIGNUM b should be positive and a value != 0 otherwise 
+ */
+void	BN_set_negative(BIGNUM *b, int n);
+/** BN_is_negative returns 1 if the BIGNUM is negative
+ * \param  a  pointer to the BIGNUM object
+ * \return 1 if a < 0 and 0 otherwise
+ */
+#define BN_is_negative(a) ((a)->neg != 0)
 
 int	BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d,
 	BN_CTX *ctx);
@@ -465,6 +481,8 @@ int	BN_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 	const BIGNUM *m,BN_CTX *ctx);
 int	BN_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 	const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
+	const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont);
 int	BN_mod_exp_mont_word(BIGNUM *r, BN_ULONG a, const BIGNUM *p,
 	const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
 int	BN_mod_exp2_mont(BIGNUM *r, const BIGNUM *a1, const BIGNUM *p1,
@@ -494,6 +512,7 @@ char *	BN_bn2hex(const BIGNUM *a);
 char *	BN_bn2dec(const BIGNUM *a);
 int 	BN_hex2bn(BIGNUM **a, const char *str);
 int 	BN_dec2bn(BIGNUM **a, const char *str);
+int	BN_asc2bn(BIGNUM **a, const char *str);
 int	BN_gcd(BIGNUM *r,const BIGNUM *a,const BIGNUM *b,BN_CTX *ctx);
 int	BN_kronecker(const BIGNUM *a,const BIGNUM *b,BN_CTX *ctx); /* returns -2 for error */
 BIGNUM *BN_mod_inverse(BIGNUM *ret,
@@ -532,12 +551,32 @@ int BN_from_montgomery(BIGNUM *r,const BIGNUM *a,
 void BN_MONT_CTX_free(BN_MONT_CTX *mont);
 int BN_MONT_CTX_set(BN_MONT_CTX *mont,const BIGNUM *mod,BN_CTX *ctx);
 BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to,BN_MONT_CTX *from);
+BN_MONT_CTX *BN_MONT_CTX_set_locked(BN_MONT_CTX **pmont, int lock,
+					const BIGNUM *mod, BN_CTX *ctx);
 
-BN_BLINDING *BN_BLINDING_new(BIGNUM *A,BIGNUM *Ai,BIGNUM *mod);
+/* BN_BLINDING flags */
+#define	BN_BLINDING_NO_UPDATE	0x00000001
+#define	BN_BLINDING_NO_RECREATE	0x00000002
+
+BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai, BIGNUM *mod);
 void BN_BLINDING_free(BN_BLINDING *b);
 int BN_BLINDING_update(BN_BLINDING *b,BN_CTX *ctx);
-int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *r, BN_CTX *ctx);
+int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
 int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
+int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b, BN_CTX *);
+int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b, BN_CTX *);
+#ifndef OPENSSL_NO_DEPRECATED
+unsigned long BN_BLINDING_get_thread_id(const BN_BLINDING *);
+void BN_BLINDING_set_thread_id(BN_BLINDING *, unsigned long);
+#endif
+CRYPTO_THREADID *BN_BLINDING_thread_id(BN_BLINDING *);
+unsigned long BN_BLINDING_get_flags(const BN_BLINDING *);
+void BN_BLINDING_set_flags(BN_BLINDING *, unsigned long);
+BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b,
+	const BIGNUM *e, BIGNUM *m, BN_CTX *ctx,
+	int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+			  const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx),
+	BN_MONT_CTX *m_ctx);
 
 #ifndef OPENSSL_NO_DEPRECATED
 void BN_set_params(int mul,int high,int low,int mont);
@@ -587,24 +626,24 @@ int	BN_GF2m_mod_solve_quad(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
  *     t^p[0] + t^p[1] + ... + t^p[k]
  * where m = p[0] > p[1] > ... > p[k] = 0.
  */
-int	BN_GF2m_mod_arr(BIGNUM *r, const BIGNUM *a, const unsigned int p[]);
+int	BN_GF2m_mod_arr(BIGNUM *r, const BIGNUM *a, const int p[]);
 	/* r = a mod p */
 int	BN_GF2m_mod_mul_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
-	const unsigned int p[], BN_CTX *ctx); /* r = (a * b) mod p */
-int	BN_GF2m_mod_sqr_arr(BIGNUM *r, const BIGNUM *a, const unsigned int p[],
+	const int p[], BN_CTX *ctx); /* r = (a * b) mod p */
+int	BN_GF2m_mod_sqr_arr(BIGNUM *r, const BIGNUM *a, const int p[],
 	BN_CTX *ctx); /* r = (a * a) mod p */
-int	BN_GF2m_mod_inv_arr(BIGNUM *r, const BIGNUM *b, const unsigned int p[],
+int	BN_GF2m_mod_inv_arr(BIGNUM *r, const BIGNUM *b, const int p[],
 	BN_CTX *ctx); /* r = (1 / b) mod p */
 int	BN_GF2m_mod_div_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
-	const unsigned int p[], BN_CTX *ctx); /* r = (a / b) mod p */
+	const int p[], BN_CTX *ctx); /* r = (a / b) mod p */
 int	BN_GF2m_mod_exp_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
-	const unsigned int p[], BN_CTX *ctx); /* r = (a ^ b) mod p */
+	const int p[], BN_CTX *ctx); /* r = (a ^ b) mod p */
 int	BN_GF2m_mod_sqrt_arr(BIGNUM *r, const BIGNUM *a,
-	const unsigned int p[], BN_CTX *ctx); /* r = sqrt(a) mod p */
+	const int p[], BN_CTX *ctx); /* r = sqrt(a) mod p */
 int	BN_GF2m_mod_solve_quad_arr(BIGNUM *r, const BIGNUM *a,
-	const unsigned int p[], BN_CTX *ctx); /* r^2 + r = a mod p */
-int	BN_GF2m_poly2arr(const BIGNUM *a, unsigned int p[], int max);
-int	BN_GF2m_arr2poly(const unsigned int p[], BIGNUM *a);
+	const int p[], BN_CTX *ctx); /* r^2 + r = a mod p */
+int	BN_GF2m_poly2arr(const BIGNUM *a, int p[], int max);
+int	BN_GF2m_arr2poly(const int p[], BIGNUM *a);
 
 /* faster mod functions for the 'NIST primes' 
  * 0 <= a < p^2 */
@@ -693,9 +732,11 @@ int RAND_pseudo_bytes(unsigned char *buf,int num);
 #define bn_check_top(a) \
 	do { \
 		const BIGNUM *_bnum2 = (a); \
-		assert((_bnum2->top == 0) || \
+		if (_bnum2 != NULL) { \
+			assert((_bnum2->top == 0) || \
 				(_bnum2->d[_bnum2->top - 1] != 0)); \
-		bn_pollute(_bnum2); \
+			bn_pollute(_bnum2); \
+		} \
 	} while(0)
 
 #define bn_fix_top(a)		bn_check_top(a)
@@ -711,10 +752,12 @@ int RAND_pseudo_bytes(unsigned char *buf,int num);
 #define bn_correct_top(a) \
         { \
         BN_ULONG *ftl; \
-	if ((a)->top > 0) \
+	int tmp_top = (a)->top; \
+	if (tmp_top > 0) \
 		{ \
-		for (ftl= &((a)->d[(a)->top-1]); (a)->top > 0; (a)->top--) \
-		if (*(ftl--)) break; \
+		for (ftl= &((a)->d[tmp_top-1]); tmp_top > 0; tmp_top--) \
+			if (*(ftl--)) break; \
+		(a)->top = tmp_top; \
 		} \
 	bn_pollute(a); \
 	}
@@ -726,6 +769,18 @@ BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d);
 BN_ULONG bn_add_words(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,int num);
 BN_ULONG bn_sub_words(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,int num);
 
+/* Primes from RFC 2409 */
+BIGNUM *get_rfc2409_prime_768(BIGNUM *bn);
+BIGNUM *get_rfc2409_prime_1024(BIGNUM *bn);
+
+/* Primes from RFC 3526 */
+BIGNUM *get_rfc3526_prime_1536(BIGNUM *bn);
+BIGNUM *get_rfc3526_prime_2048(BIGNUM *bn);
+BIGNUM *get_rfc3526_prime_3072(BIGNUM *bn);
+BIGNUM *get_rfc3526_prime_4096(BIGNUM *bn);
+BIGNUM *get_rfc3526_prime_6144(BIGNUM *bn);
+BIGNUM *get_rfc3526_prime_8192(BIGNUM *bn);
+
 int BN_bntest_rand(BIGNUM *rnd, int bits, int top,int bottom);
 
 /* BEGIN ERROR CODES */
@@ -737,28 +792,38 @@ void ERR_load_BN_strings(void);
 /* Error codes for the BN functions. */
 
 /* Function codes. */
-#define BN_F_BN_BLINDING_CONVERT			 100
-#define BN_F_BN_BLINDING_INVERT				 101
+#define BN_F_BNRAND					 127
+#define BN_F_BN_BLINDING_CONVERT_EX			 100
+#define BN_F_BN_BLINDING_CREATE_PARAM			 128
+#define BN_F_BN_BLINDING_INVERT_EX			 101
 #define BN_F_BN_BLINDING_NEW				 102
 #define BN_F_BN_BLINDING_UPDATE				 103
 #define BN_F_BN_BN2DEC					 104
 #define BN_F_BN_BN2HEX					 105
 #define BN_F_BN_CTX_GET					 116
 #define BN_F_BN_CTX_NEW					 106
+#define BN_F_BN_CTX_START				 129
 #define BN_F_BN_DIV					 107
+#define BN_F_BN_DIV_NO_BRANCH				 138
+#define BN_F_BN_DIV_RECP				 130
+#define BN_F_BN_EXP					 123
 #define BN_F_BN_EXPAND2					 108
 #define BN_F_BN_EXPAND_INTERNAL				 120
-#define BN_F_BN_GF2M_MOD				 126
-#define BN_F_BN_GF2M_MOD_DIV				 123
-#define BN_F_BN_GF2M_MOD_EXP				 127
-#define BN_F_BN_GF2M_MOD_MUL				 124
-#define BN_F_BN_GF2M_MOD_SOLVE_QUAD			 128
-#define BN_F_BN_GF2M_MOD_SOLVE_QUAD_ARR			 129
-#define BN_F_BN_GF2M_MOD_SQR				 125
+#define BN_F_BN_GF2M_MOD				 131
+#define BN_F_BN_GF2M_MOD_EXP				 132
+#define BN_F_BN_GF2M_MOD_MUL				 133
+#define BN_F_BN_GF2M_MOD_SOLVE_QUAD			 134
+#define BN_F_BN_GF2M_MOD_SOLVE_QUAD_ARR			 135
+#define BN_F_BN_GF2M_MOD_SQR				 136
+#define BN_F_BN_GF2M_MOD_SQRT				 137
 #define BN_F_BN_MOD_EXP2_MONT				 118
 #define BN_F_BN_MOD_EXP_MONT				 109
+#define BN_F_BN_MOD_EXP_MONT_CONSTTIME			 124
 #define BN_F_BN_MOD_EXP_MONT_WORD			 117
+#define BN_F_BN_MOD_EXP_RECP				 125
+#define BN_F_BN_MOD_EXP_SIMPLE				 126
 #define BN_F_BN_MOD_INVERSE				 110
+#define BN_F_BN_MOD_INVERSE_NO_BRANCH			 139
 #define BN_F_BN_MOD_LSHIFT_QUICK			 119
 #define BN_F_BN_MOD_MUL_RECIPROCAL			 111
 #define BN_F_BN_MOD_SQRT				 121
@@ -780,10 +845,9 @@ void ERR_load_BN_strings(void);
 #define BN_R_INVALID_LENGTH				 106
 #define BN_R_INVALID_RANGE				 115
 #define BN_R_NOT_A_SQUARE				 111
-#define BN_R_NOT_IMPLEMENTED				 116
 #define BN_R_NOT_INITIALIZED				 107
 #define BN_R_NO_INVERSE					 108
-#define BN_R_NO_SOLUTION				 117
+#define BN_R_NO_SOLUTION				 116
 #define BN_R_P_IS_NOT_PRIME				 112
 #define BN_R_TOO_MANY_ITERATIONS			 113
 #define BN_R_TOO_MANY_TEMPORARY_VARIABLES		 109
diff --git a/crypto/bn/bn_asm.c b/crypto/bn/bn_asm.c
index be8aa3ffc5..c43c91cc09 100644
--- a/crypto/bn/bn_asm.c
+++ b/crypto/bn/bn_asm.c
@@ -75,6 +75,7 @@ BN_ULONG bn_mul_add_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w)
 	assert(num >= 0);
 	if (num <= 0) return(c1);
 
+#ifndef OPENSSL_SMALL_FOOTPRINT
 	while (num&~3)
 		{
 		mul_add(rp[0],ap[0],w,c1);
@@ -83,11 +84,11 @@ BN_ULONG bn_mul_add_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w)
 		mul_add(rp[3],ap[3],w,c1);
 		ap+=4; rp+=4; num-=4;
 		}
-	if (num)
+#endif
+	while (num)
 		{
-		mul_add(rp[0],ap[0],w,c1); if (--num==0) return c1;
-		mul_add(rp[1],ap[1],w,c1); if (--num==0) return c1;
-		mul_add(rp[2],ap[2],w,c1); return c1;
+		mul_add(rp[0],ap[0],w,c1);
+		ap++; rp++; num--;
 		}
 	
 	return(c1);
@@ -100,6 +101,7 @@ BN_ULONG bn_mul_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w)
 	assert(num >= 0);
 	if (num <= 0) return(c1);
 
+#ifndef OPENSSL_SMALL_FOOTPRINT
 	while (num&~3)
 		{
 		mul(rp[0],ap[0],w,c1);
@@ -108,11 +110,11 @@ BN_ULONG bn_mul_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w)
 		mul(rp[3],ap[3],w,c1);
 		ap+=4; rp+=4; num-=4;
 		}
-	if (num)
+#endif
+	while (num)
 		{
-		mul(rp[0],ap[0],w,c1); if (--num == 0) return c1;
-		mul(rp[1],ap[1],w,c1); if (--num == 0) return c1;
-		mul(rp[2],ap[2],w,c1);
+		mul(rp[0],ap[0],w,c1);
+		ap++; rp++; num--;
 		}
 	return(c1);
 	} 
@@ -121,6 +123,8 @@ void bn_sqr_words(BN_ULONG *r, const BN_ULONG *a, int n)
         {
 	assert(n >= 0);
 	if (n <= 0) return;
+
+#ifndef OPENSSL_SMALL_FOOTPRINT
 	while (n&~3)
 		{
 		sqr(r[0],r[1],a[0]);
@@ -129,11 +133,11 @@ void bn_sqr_words(BN_ULONG *r, const BN_ULONG *a, int n)
 		sqr(r[6],r[7],a[3]);
 		a+=4; r+=8; n-=4;
 		}
-	if (n)
+#endif
+	while (n)
 		{
-		sqr(r[0],r[1],a[0]); if (--n == 0) return;
-		sqr(r[2],r[3],a[1]); if (--n == 0) return;
-		sqr(r[4],r[5],a[2]);
+		sqr(r[0],r[1],a[0]);
+		a++; r+=2; n--;
 		}
 	}
 
@@ -150,18 +154,20 @@ BN_ULONG bn_mul_add_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w)
 	bl=LBITS(w);
 	bh=HBITS(w);
 
-	for (;;)
+#ifndef OPENSSL_SMALL_FOOTPRINT
+	while (num&~3)
 		{
 		mul_add(rp[0],ap[0],bl,bh,c);
-		if (--num == 0) break;
 		mul_add(rp[1],ap[1],bl,bh,c);
-		if (--num == 0) break;
 		mul_add(rp[2],ap[2],bl,bh,c);
-		if (--num == 0) break;
 		mul_add(rp[3],ap[3],bl,bh,c);
-		if (--num == 0) break;
-		ap+=4;
-		rp+=4;
+		ap+=4; rp+=4; num-=4;
+		}
+#endif
+	while (num)
+		{
+		mul_add(rp[0],ap[0],bl,bh,c);
+		ap++; rp++; num--;
 		}
 	return(c);
 	} 
@@ -177,18 +183,20 @@ BN_ULONG bn_mul_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w)
 	bl=LBITS(w);
 	bh=HBITS(w);
 
-	for (;;)
+#ifndef OPENSSL_SMALL_FOOTPRINT
+	while (num&~3)
 		{
 		mul(rp[0],ap[0],bl,bh,carry);
-		if (--num == 0) break;
 		mul(rp[1],ap[1],bl,bh,carry);
-		if (--num == 0) break;
 		mul(rp[2],ap[2],bl,bh,carry);
-		if (--num == 0) break;
 		mul(rp[3],ap[3],bl,bh,carry);
-		if (--num == 0) break;
-		ap+=4;
-		rp+=4;
+		ap+=4; rp+=4; num-=4;
+		}
+#endif
+	while (num)
+		{
+		mul(rp[0],ap[0],bl,bh,carry);
+		ap++; rp++; num--;
 		}
 	return(carry);
 	} 
@@ -197,22 +205,21 @@ void bn_sqr_words(BN_ULONG *r, const BN_ULONG *a, int n)
         {
 	assert(n >= 0);
 	if (n <= 0) return;
-	for (;;)
+
+#ifndef OPENSSL_SMALL_FOOTPRINT
+	while (n&~3)
 		{
 		sqr64(r[0],r[1],a[0]);
-		if (--n == 0) break;
-
 		sqr64(r[2],r[3],a[1]);
-		if (--n == 0) break;
-
 		sqr64(r[4],r[5],a[2]);
-		if (--n == 0) break;
-
 		sqr64(r[6],r[7],a[3]);
-		if (--n == 0) break;
-
-		a+=4;
-		r+=8;
+		a+=4; r+=8; n-=4;
+		}
+#endif
+	while (n)
+		{
+		sqr64(r[0],r[1],a[0]);
+		a++; r+=2; n--;
 		}
 	}
 
@@ -237,7 +244,7 @@ BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d)
 	if (d == 0) return(BN_MASK2);
 
 	i=BN_num_bits_word(d);
-	assert((i == BN_BITS2) || (h > (BN_ULONG)1<<i));
+	assert((i == BN_BITS2) || (h <= (BN_ULONG)1<<i));
 
 	i=BN_BITS2-i;
 	if (h >= d) h-=d;
@@ -303,31 +310,30 @@ BN_ULONG bn_add_words(BN_ULONG *r, const BN_ULONG *a, const BN_ULONG *b, int n)
 	assert(n >= 0);
 	if (n <= 0) return((BN_ULONG)0);
 
-	for (;;)
+#ifndef OPENSSL_SMALL_FOOTPRINT
+	while (n&~3)
 		{
 		ll+=(BN_ULLONG)a[0]+b[0];
 		r[0]=(BN_ULONG)ll&BN_MASK2;
 		ll>>=BN_BITS2;
-		if (--n <= 0) break;
-
 		ll+=(BN_ULLONG)a[1]+b[1];
 		r[1]=(BN_ULONG)ll&BN_MASK2;
 		ll>>=BN_BITS2;
-		if (--n <= 0) break;
-
 		ll+=(BN_ULLONG)a[2]+b[2];
 		r[2]=(BN_ULONG)ll&BN_MASK2;
 		ll>>=BN_BITS2;
-		if (--n <= 0) break;
-
 		ll+=(BN_ULLONG)a[3]+b[3];
 		r[3]=(BN_ULONG)ll&BN_MASK2;
 		ll>>=BN_BITS2;
-		if (--n <= 0) break;
-
-		a+=4;
-		b+=4;
-		r+=4;
+		a+=4; b+=4; r+=4; n-=4;
+		}
+#endif
+	while (n)
+		{
+		ll+=(BN_ULLONG)a[0]+b[0];
+		r[0]=(BN_ULONG)ll&BN_MASK2;
+		ll>>=BN_BITS2;
+		a++; b++; r++; n--;
 		}
 	return((BN_ULONG)ll);
 	}
@@ -340,7 +346,8 @@ BN_ULONG bn_add_words(BN_ULONG *r, const BN_ULONG *a, const BN_ULONG *b, int n)
 	if (n <= 0) return((BN_ULONG)0);
 
 	c=0;
-	for (;;)
+#ifndef OPENSSL_SMALL_FOOTPRINT
+	while (n&~3)
 		{
 		t=a[0];
 		t=(t+c)&BN_MASK2;
@@ -348,35 +355,36 @@ BN_ULONG bn_add_words(BN_ULONG *r, const BN_ULONG *a, const BN_ULONG *b, int n)
 		l=(t+b[0])&BN_MASK2;
 		c+=(l < t);
 		r[0]=l;
-		if (--n <= 0) break;
-
 		t=a[1];
 		t=(t+c)&BN_MASK2;
 		c=(t < c);
 		l=(t+b[1])&BN_MASK2;
 		c+=(l < t);
 		r[1]=l;
-		if (--n <= 0) break;
-
 		t=a[2];
 		t=(t+c)&BN_MASK2;
 		c=(t < c);
 		l=(t+b[2])&BN_MASK2;
 		c+=(l < t);
 		r[2]=l;
-		if (--n <= 0) break;
-
 		t=a[3];
 		t=(t+c)&BN_MASK2;
 		c=(t < c);
 		l=(t+b[3])&BN_MASK2;
 		c+=(l < t);
 		r[3]=l;
-		if (--n <= 0) break;
-
-		a+=4;
-		b+=4;
-		r+=4;
+		a+=4; b+=4; r+=4; n-=4;
+		}
+#endif
+	while(n)
+		{
+		t=a[0];
+		t=(t+c)&BN_MASK2;
+		c=(t < c);
+		l=(t+b[0])&BN_MASK2;
+		c+=(l < t);
+		r[0]=l;
+		a++; b++; r++; n--;
 		}
 	return((BN_ULONG)c);
 	}
@@ -390,36 +398,35 @@ BN_ULONG bn_sub_words(BN_ULONG *r, const BN_ULONG *a, const BN_ULONG *b, int n)
 	assert(n >= 0);
 	if (n <= 0) return((BN_ULONG)0);
 
-	for (;;)
+#ifndef OPENSSL_SMALL_FOOTPRINT
+	while (n&~3)
 		{
 		t1=a[0]; t2=b[0];
 		r[0]=(t1-t2-c)&BN_MASK2;
 		if (t1 != t2) c=(t1 < t2);
-		if (--n <= 0) break;
-
 		t1=a[1]; t2=b[1];
 		r[1]=(t1-t2-c)&BN_MASK2;
 		if (t1 != t2) c=(t1 < t2);
-		if (--n <= 0) break;
-
 		t1=a[2]; t2=b[2];
 		r[2]=(t1-t2-c)&BN_MASK2;
 		if (t1 != t2) c=(t1 < t2);
-		if (--n <= 0) break;
-
 		t1=a[3]; t2=b[3];
 		r[3]=(t1-t2-c)&BN_MASK2;
 		if (t1 != t2) c=(t1 < t2);
-		if (--n <= 0) break;
-
-		a+=4;
-		b+=4;
-		r+=4;
+		a+=4; b+=4; r+=4; n-=4;
+		}
+#endif
+	while (n)
+		{
+		t1=a[0]; t2=b[0];
+		r[0]=(t1-t2-c)&BN_MASK2;
+		if (t1 != t2) c=(t1 < t2);
+		a++; b++; r++; n--;
 		}
 	return(c);
 	}
 
-#ifdef BN_MUL_COMBA
+#if defined(BN_MUL_COMBA) && !defined(OPENSSL_SMALL_FOOTPRINT)
 
 #undef bn_mul_comba8
 #undef bn_mul_comba4
@@ -459,6 +466,34 @@ BN_ULONG bn_sub_words(BN_ULONG *r, const BN_ULONG *a, const BN_ULONG *b, int n)
 #define sqr_add_c2(a,i,j,c0,c1,c2) \
 	mul_add_c2((a)[i],(a)[j],c0,c1,c2)
 
+#elif defined(BN_UMULT_LOHI)
+
+#define mul_add_c(a,b,c0,c1,c2)	{	\
+	BN_ULONG ta=(a),tb=(b);		\
+	BN_UMULT_LOHI(t1,t2,ta,tb);	\
+	c0 += t1; t2 += (c0<t1)?1:0;	\
+	c1 += t2; c2 += (c1<t2)?1:0;	\
+	}
+
+#define mul_add_c2(a,b,c0,c1,c2) {	\
+	BN_ULONG ta=(a),tb=(b),t0;	\
+	BN_UMULT_LOHI(t0,t1,ta,tb);	\
+	t2 = t1+t1; c2 += (t2<t1)?1:0;	\
+	t1 = t0+t0; t2 += (t1<t0)?1:0;	\
+	c0 += t1; t2 += (c0<t1)?1:0;	\
+	c1 += t2; c2 += (c1<t2)?1:0;	\
+	}
+
+#define sqr_add_c(a,i,c0,c1,c2)	{	\
+	BN_ULONG ta=(a)[i];		\
+	BN_UMULT_LOHI(t1,t2,ta,ta);	\
+	c0 += t1; t2 += (c0<t1)?1:0;	\
+	c1 += t2; c2 += (c1<t2)?1:0;	\
+	}
+
+#define sqr_add_c2(a,i,j,c0,c1,c2)	\
+	mul_add_c2((a)[i],(a)[j],c0,c1,c2)
+
 #elif defined(BN_UMULT_HIGH)
 
 #define mul_add_c(a,b,c0,c1,c2)	{	\
@@ -792,18 +827,134 @@ void bn_sqr_comba4(BN_ULONG *r, const BN_ULONG *a)
 	r[6]=c1;
 	r[7]=c2;
 	}
+
+#ifdef OPENSSL_NO_ASM
+#ifdef OPENSSL_BN_ASM_MONT
+#include <alloca.h>
+/*
+ * This is essentially reference implementation, which may or may not
+ * result in performance improvement. E.g. on IA-32 this routine was
+ * observed to give 40% faster rsa1024 private key operations and 10%
+ * faster rsa4096 ones, while on AMD64 it improves rsa1024 sign only
+ * by 10% and *worsens* rsa4096 sign by 15%. Once again, it's a
+ * reference implementation, one to be used as starting point for
+ * platform-specific assembler. Mentioned numbers apply to compiler
+ * generated code compiled with and without -DOPENSSL_BN_ASM_MONT and
+ * can vary not only from platform to platform, but even for compiler
+ * versions. Assembler vs. assembler improvement coefficients can
+ * [and are known to] differ and are to be documented elsewhere.
+ */
+int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, const BN_ULONG *np,const BN_ULONG *n0p, int num)
+	{
+	BN_ULONG c0,c1,ml,*tp,n0;
+#ifdef mul64
+	BN_ULONG mh;
+#endif
+	volatile BN_ULONG *vp;
+	int i=0,j;
+
+#if 0	/* template for platform-specific implementation */
+	if (ap==bp)	return bn_sqr_mont(rp,ap,np,n0p,num);
+#endif
+	vp = tp = alloca((num+2)*sizeof(BN_ULONG));
+
+	n0 = *n0p;
+
+	c0 = 0;
+	ml = bp[0];
+#ifdef mul64
+	mh = HBITS(ml);
+	ml = LBITS(ml);
+	for (j=0;j<num;++j)
+		mul(tp[j],ap[j],ml,mh,c0);
+#else
+	for (j=0;j<num;++j)
+		mul(tp[j],ap[j],ml,c0);
+#endif
+
+	tp[num]   = c0;
+	tp[num+1] = 0;
+	goto enter;
+
+	for(i=0;i<num;i++)
+		{
+		c0 = 0;
+		ml = bp[i];
+#ifdef mul64
+		mh = HBITS(ml);
+		ml = LBITS(ml);
+		for (j=0;j<num;++j)
+			mul_add(tp[j],ap[j],ml,mh,c0);
+#else
+		for (j=0;j<num;++j)
+			mul_add(tp[j],ap[j],ml,c0);
+#endif
+		c1 = (tp[num] + c0)&BN_MASK2;
+		tp[num]   = c1;
+		tp[num+1] = (c1<c0?1:0);
+	enter:
+		c1  = tp[0];
+		ml = (c1*n0)&BN_MASK2;
+		c0 = 0;
+#ifdef mul64
+		mh = HBITS(ml);
+		ml = LBITS(ml);
+		mul_add(c1,np[0],ml,mh,c0);
+#else
+		mul_add(c1,ml,np[0],c0);
+#endif
+		for(j=1;j<num;j++)
+			{
+			c1 = tp[j];
+#ifdef mul64
+			mul_add(c1,np[j],ml,mh,c0);
+#else
+			mul_add(c1,ml,np[j],c0);
+#endif
+			tp[j-1] = c1&BN_MASK2;
+			}
+		c1        = (tp[num] + c0)&BN_MASK2;
+		tp[num-1] = c1;
+		tp[num]   = tp[num+1] + (c1<c0?1:0);
+		}
+
+	if (tp[num]!=0 || tp[num-1]>=np[num-1])
+		{
+		c0 = bn_sub_words(rp,tp,np,num);
+		if (tp[num]!=0 || c0==0)
+			{
+			for(i=0;i<num+2;i++)	vp[i] = 0;
+			return 1;
+			}
+		}
+	for(i=0;i<num;i++)	rp[i] = tp[i],	vp[i] = 0;
+	vp[num]   = 0;
+	vp[num+1] = 0;
+	return 1;
+	}
+#else
+/*
+ * Return value of 0 indicates that multiplication/convolution was not
+ * performed to signal the caller to fall down to alternative/original
+ * code-path.
+ */
+int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, const BN_ULONG *np,const BN_ULONG *n0, int num)
+{	return 0;	}
+#endif /* OPENSSL_BN_ASM_MONT */
+#endif
+
 #else /* !BN_MUL_COMBA */
 
 /* hmm... is it faster just to do a multiply? */
 #undef bn_sqr_comba4
-void bn_sqr_comba4(BN_ULONG *r, BN_ULONG *a)
+void bn_sqr_comba4(BN_ULONG *r, const BN_ULONG *a)
 	{
 	BN_ULONG t[8];
 	bn_sqr_normal(r,a,4,t);
 	}
 
 #undef bn_sqr_comba8
-void bn_sqr_comba8(BN_ULONG *r, BN_ULONG *a)
+void bn_sqr_comba8(BN_ULONG *r, const BN_ULONG *a)
 	{
 	BN_ULONG t[16];
 	bn_sqr_normal(r,a,8,t);
@@ -829,4 +980,51 @@ void bn_mul_comba8(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
 	r[15]=bn_mul_add_words(&(r[7]),a,8,b[7]);
 	}
 
+#ifdef OPENSSL_NO_ASM
+#ifdef OPENSSL_BN_ASM_MONT
+#include <alloca.h>
+int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, const BN_ULONG *np,const BN_ULONG *n0p, int num)
+	{
+	BN_ULONG c0,c1,*tp,n0=*n0p;
+	volatile BN_ULONG *vp;
+	int i=0,j;
+
+	vp = tp = alloca((num+2)*sizeof(BN_ULONG));
+
+	for(i=0;i<=num;i++)	tp[i]=0;
+
+	for(i=0;i<num;i++)
+		{
+		c0         = bn_mul_add_words(tp,ap,num,bp[i]);
+		c1         = (tp[num] + c0)&BN_MASK2;
+		tp[num]    = c1;
+		tp[num+1]  = (c1<c0?1:0);
+
+		c0         = bn_mul_add_words(tp,np,num,tp[0]*n0);
+		c1         = (tp[num] + c0)&BN_MASK2;
+		tp[num]    = c1;
+		tp[num+1] += (c1<c0?1:0);
+		for(j=0;j<=num;j++)	tp[j]=tp[j+1];
+		}
+
+	if (tp[num]!=0 || tp[num-1]>=np[num-1])
+		{
+		c0 = bn_sub_words(rp,tp,np,num);
+		if (tp[num]!=0 || c0==0)
+			{
+			for(i=0;i<num+2;i++)	vp[i] = 0;
+			return 1;
+			}
+		}
+	for(i=0;i<num;i++)	rp[i] = tp[i],	vp[i] = 0;
+	vp[num]   = 0;
+	vp[num+1] = 0;
+	return 1;
+	}
+#else
+int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, const BN_ULONG *np,const BN_ULONG *n0, int num)
+{	return 0;	}
+#endif /* OPENSSL_BN_ASM_MONT */
+#endif
+
 #endif /* !BN_MUL_COMBA */
diff --git a/crypto/bn/bn_blind.c b/crypto/bn/bn_blind.c
index 011d37f1ff..e060592fdc 100644
--- a/crypto/bn/bn_blind.c
+++ b/crypto/bn/bn_blind.c
@@ -1,4 +1,57 @@
 /* crypto/bn/bn_blind.c */
+/* ====================================================================
+ * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -60,11 +113,31 @@
 #include "cryptlib.h"
 #include "bn_lcl.h"
 
-BN_BLINDING *BN_BLINDING_new(BIGNUM *A, BIGNUM *Ai, BIGNUM *mod)
+#define BN_BLINDING_COUNTER	32
+
+struct bn_blinding_st
+	{
+	BIGNUM *A;
+	BIGNUM *Ai;
+	BIGNUM *e;
+	BIGNUM *mod; /* just a reference */
+#ifndef OPENSSL_NO_DEPRECATED
+	unsigned long thread_id; /* added in OpenSSL 0.9.6j and 0.9.7b;
+				  * used only by crypto/rsa/rsa_eay.c, rsa_lib.c */
+#endif
+	CRYPTO_THREADID tid;
+	unsigned int  counter;
+	unsigned long flags;
+	BN_MONT_CTX *m_ctx;
+	int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+			  const BIGNUM *m, BN_CTX *ctx,
+			  BN_MONT_CTX *m_ctx);
+	};
+
+BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai, BIGNUM *mod)
 	{
 	BN_BLINDING *ret=NULL;
 
-	bn_check_top(Ai);
 	bn_check_top(mod);
 
 	if ((ret=(BN_BLINDING *)OPENSSL_malloc(sizeof(BN_BLINDING))) == NULL)
@@ -73,11 +146,22 @@ BN_BLINDING *BN_BLINDING_new(BIGNUM *A, BIGNUM *Ai, BIGNUM *mod)
 		return(NULL);
 		}
 	memset(ret,0,sizeof(BN_BLINDING));
-	if ((ret->A=BN_new()) == NULL) goto err;
-	if ((ret->Ai=BN_new()) == NULL) goto err;
-	if (!BN_copy(ret->A,A)) goto err;
-	if (!BN_copy(ret->Ai,Ai)) goto err;
-	ret->mod=mod;
+	if (A != NULL)
+		{
+		if ((ret->A  = BN_dup(A))  == NULL) goto err;
+		}
+	if (Ai != NULL)
+		{
+		if ((ret->Ai = BN_dup(Ai)) == NULL) goto err;
+		}
+
+	/* save a copy of mod in the BN_BLINDING structure */
+	if ((ret->mod = BN_dup(mod)) == NULL) goto err;
+	if (BN_get_flags(mod, BN_FLG_CONSTTIME) != 0)
+		BN_set_flags(ret->mod, BN_FLG_CONSTTIME);
+
+	ret->counter = BN_BLINDING_COUNTER;
+	CRYPTO_THREADID_current(&ret->tid);
 	return(ret);
 err:
 	if (ret != NULL) BN_BLINDING_free(ret);
@@ -91,6 +175,8 @@ void BN_BLINDING_free(BN_BLINDING *r)
 
 	if (r->A  != NULL) BN_free(r->A );
 	if (r->Ai != NULL) BN_free(r->Ai);
+	if (r->e  != NULL) BN_free(r->e );
+	if (r->mod != NULL) BN_free(r->mod); 
 	OPENSSL_free(r);
 	}
 
@@ -103,38 +189,76 @@ int BN_BLINDING_update(BN_BLINDING *b, BN_CTX *ctx)
 		BNerr(BN_F_BN_BLINDING_UPDATE,BN_R_NOT_INITIALIZED);
 		goto err;
 		}
-		
-	if (!BN_mod_mul(b->A,b->A,b->A,b->mod,ctx)) goto err;
-	if (!BN_mod_mul(b->Ai,b->Ai,b->Ai,b->mod,ctx)) goto err;
+
+	if (--(b->counter) == 0 && b->e != NULL &&
+		!(b->flags & BN_BLINDING_NO_RECREATE))
+		{
+		/* re-create blinding parameters */
+		if (!BN_BLINDING_create_param(b, NULL, NULL, ctx, NULL, NULL))
+			goto err;
+		}
+	else if (!(b->flags & BN_BLINDING_NO_UPDATE))
+		{
+		if (!BN_mod_mul(b->A,b->A,b->A,b->mod,ctx)) goto err;
+		if (!BN_mod_mul(b->Ai,b->Ai,b->Ai,b->mod,ctx)) goto err;
+		}
 
 	ret=1;
 err:
+	if (b->counter == 0)
+		b->counter = BN_BLINDING_COUNTER;
 	return(ret);
 	}
 
 int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx)
 	{
+	return BN_BLINDING_convert_ex(n, NULL, b, ctx);
+	}
+
+int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b, BN_CTX *ctx)
+	{
+	int ret = 1;
+
 	bn_check_top(n);
 
 	if ((b->A == NULL) || (b->Ai == NULL))
 		{
-		BNerr(BN_F_BN_BLINDING_CONVERT,BN_R_NOT_INITIALIZED);
+		BNerr(BN_F_BN_BLINDING_CONVERT_EX,BN_R_NOT_INITIALIZED);
 		return(0);
 		}
-	return(BN_mod_mul(n,n,b->A,b->mod,ctx));
+
+	if (r != NULL)
+		{
+		if (!BN_copy(r, b->Ai)) ret=0;
+		}
+
+	if (!BN_mod_mul(n,n,b->A,b->mod,ctx)) ret=0;
+	
+	return ret;
 	}
 
 int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx)
 	{
+	return BN_BLINDING_invert_ex(n, NULL, b, ctx);
+	}
+
+int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b, BN_CTX *ctx)
+	{
 	int ret;
 
 	bn_check_top(n);
 	if ((b->A == NULL) || (b->Ai == NULL))
 		{
-		BNerr(BN_F_BN_BLINDING_INVERT,BN_R_NOT_INITIALIZED);
+		BNerr(BN_F_BN_BLINDING_INVERT_EX,BN_R_NOT_INITIALIZED);
 		return(0);
 		}
-	if ((ret=BN_mod_mul(n,n,b->Ai,b->mod,ctx)) >= 0)
+
+	if (r != NULL)
+		ret = BN_mod_mul(n, n, r, b->mod, ctx);
+	else
+		ret = BN_mod_mul(n, n, b->Ai, b->mod, ctx);
+
+	if (ret >= 0)
 		{
 		if (!BN_BLINDING_update(b,ctx))
 			return(0);
@@ -143,3 +267,110 @@ int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx)
 	return(ret);
 	}
 
+#ifndef OPENSSL_NO_DEPRECATED
+unsigned long BN_BLINDING_get_thread_id(const BN_BLINDING *b)
+	{
+	return b->thread_id;
+	}
+
+void BN_BLINDING_set_thread_id(BN_BLINDING *b, unsigned long n)
+	{
+	b->thread_id = n;
+	}
+#endif
+
+CRYPTO_THREADID *BN_BLINDING_thread_id(BN_BLINDING *b)
+	{
+	return &b->tid;
+	}
+
+unsigned long BN_BLINDING_get_flags(const BN_BLINDING *b)
+	{
+	return b->flags;
+	}
+
+void BN_BLINDING_set_flags(BN_BLINDING *b, unsigned long flags)
+	{
+	b->flags = flags;
+	}
+
+BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b,
+	const BIGNUM *e, BIGNUM *m, BN_CTX *ctx,
+	int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+			  const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx),
+	BN_MONT_CTX *m_ctx)
+{
+	int    retry_counter = 32;
+	BN_BLINDING *ret = NULL;
+
+	if (b == NULL)
+		ret = BN_BLINDING_new(NULL, NULL, m);
+	else
+		ret = b;
+
+	if (ret == NULL)
+		goto err;
+
+	if (ret->A  == NULL && (ret->A  = BN_new()) == NULL)
+		goto err;
+	if (ret->Ai == NULL && (ret->Ai	= BN_new()) == NULL)
+		goto err;
+
+	if (e != NULL)
+		{
+		if (ret->e != NULL)
+			BN_free(ret->e);
+		ret->e = BN_dup(e);
+		}
+	if (ret->e == NULL)
+		goto err;
+
+	if (bn_mod_exp != NULL)
+		ret->bn_mod_exp = bn_mod_exp;
+	if (m_ctx != NULL)
+		ret->m_ctx = m_ctx;
+
+	do {
+		if (!BN_rand_range(ret->A, ret->mod)) goto err;
+		if (BN_mod_inverse(ret->Ai, ret->A, ret->mod, ctx) == NULL)
+			{
+			/* this should almost never happen for good RSA keys */
+			unsigned long error = ERR_peek_last_error();
+			if (ERR_GET_REASON(error) == BN_R_NO_INVERSE)
+				{
+				if (retry_counter-- == 0)
+				{
+					BNerr(BN_F_BN_BLINDING_CREATE_PARAM,
+						BN_R_TOO_MANY_ITERATIONS);
+					goto err;
+				}
+				ERR_clear_error();
+				}
+			else
+				goto err;
+			}
+		else
+			break;
+	} while (1);
+
+	if (ret->bn_mod_exp != NULL && ret->m_ctx != NULL)
+		{
+		if (!ret->bn_mod_exp(ret->A, ret->A, ret->e, ret->mod, ctx, ret->m_ctx))
+			goto err;
+		}
+	else
+		{
+		if (!BN_mod_exp(ret->A, ret->A, ret->e, ret->mod, ctx))
+			goto err;
+		}
+
+	return ret;
+err:
+	if (b == NULL && ret != NULL)
+		{
+		BN_BLINDING_free(ret);
+		ret = NULL;
+		}
+
+	return ret;
+}
diff --git a/crypto/bn/bn_const.c b/crypto/bn/bn_const.c
new file mode 100755
index 0000000000..eb60a25b3c
--- /dev/null
+++ b/crypto/bn/bn_const.c
@@ -0,0 +1,402 @@
+/* crypto/bn/knownprimes.c */
+/* Insert boilerplate */
+
+#include "bn.h"
+
+/* "First Oakley Default Group" from RFC2409, section 6.1.
+ *
+ * The prime is: 2^768 - 2 ^704 - 1 + 2^64 * { [2^638 pi] + 149686 }
+ *
+ * RFC2409 specifies a generator of 2.
+ * RFC2412 specifies a generator of of 22.
+ */
+
+BIGNUM *get_rfc2409_prime_768(BIGNUM *bn)
+	{
+	static const unsigned char RFC2409_PRIME_768[]={
+		0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,
+		0x21,0x68,0xC2,0x34,0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,
+		0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74,0x02,0x0B,0xBE,0xA6,
+		0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD,
+		0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,
+		0xF2,0x5F,0x14,0x37,0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,
+		0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6,0xF4,0x4C,0x42,0xE9,
+		0xA6,0x3A,0x36,0x20,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
+		};
+	return BN_bin2bn(RFC2409_PRIME_768,sizeof(RFC2409_PRIME_768),bn);
+	}
+
+/* "Second Oakley Default Group" from RFC2409, section 6.2.
+ *
+ * The prime is: 2^1024 - 2^960 - 1 + 2^64 * { [2^894 pi] + 129093 }.
+ *
+ * RFC2409 specifies a generator of 2.
+ * RFC2412 specifies a generator of 22.
+ */
+
+BIGNUM *get_rfc2409_prime_1024(BIGNUM *bn)
+	{
+	static const unsigned char RFC2409_PRIME_1024[]={
+		0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,
+		0x21,0x68,0xC2,0x34,0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,
+		0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74,0x02,0x0B,0xBE,0xA6,
+		0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD,
+		0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,
+		0xF2,0x5F,0x14,0x37,0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,
+		0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6,0xF4,0x4C,0x42,0xE9,
+		0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED,
+		0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,
+		0x7C,0x4B,0x1F,0xE6,0x49,0x28,0x66,0x51,0xEC,0xE6,0x53,0x81,
+		0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
+		};
+	return BN_bin2bn(RFC2409_PRIME_1024,sizeof(RFC2409_PRIME_1024),bn);
+	}
+
+/* "1536-bit MODP Group" from RFC3526, Section 2.
+ *
+ * The prime is: 2^1536 - 2^1472 - 1 + 2^64 * { [2^1406 pi] + 741804 }
+ *
+ * RFC3526 specifies a generator of 2.
+ * RFC2312 specifies a generator of 22.
+ */
+
+BIGNUM *get_rfc3526_prime_1536(BIGNUM *bn)
+	{
+	static const unsigned char RFC3526_PRIME_1536[]={
+		0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,
+		0x21,0x68,0xC2,0x34,0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,
+		0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74,0x02,0x0B,0xBE,0xA6,
+		0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD,
+		0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,
+		0xF2,0x5F,0x14,0x37,0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,
+		0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6,0xF4,0x4C,0x42,0xE9,
+		0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED,
+		0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,
+		0x7C,0x4B,0x1F,0xE6,0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,
+		0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05,0x98,0xDA,0x48,0x36,
+		0x1C,0x55,0xD3,0x9A,0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F,
+		0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,0x1C,0x62,0xF3,0x56,
+		0x20,0x85,0x52,0xBB,0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,
+		0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04,0xF1,0x74,0x6C,0x08,
+		0xCA,0x23,0x73,0x27,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
+		};
+	return BN_bin2bn(RFC3526_PRIME_1536,sizeof(RFC3526_PRIME_1536),bn);
+	}
+
+/* "2048-bit MODP Group" from RFC3526, Section 3.
+ *
+ * The prime is: 2^2048 - 2^1984 - 1 + 2^64 * { [2^1918 pi] + 124476 }
+ *
+ * RFC3526 specifies a generator of 2.
+ */
+
+BIGNUM *get_rfc3526_prime_2048(BIGNUM *bn)
+	{
+	static const unsigned char RFC3526_PRIME_2048[]={
+		0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,
+		0x21,0x68,0xC2,0x34,0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,
+		0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74,0x02,0x0B,0xBE,0xA6,
+		0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD,
+		0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,
+		0xF2,0x5F,0x14,0x37,0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,
+		0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6,0xF4,0x4C,0x42,0xE9,
+		0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED,
+		0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,
+		0x7C,0x4B,0x1F,0xE6,0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,
+		0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05,0x98,0xDA,0x48,0x36,
+		0x1C,0x55,0xD3,0x9A,0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F,
+		0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,0x1C,0x62,0xF3,0x56,
+		0x20,0x85,0x52,0xBB,0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,
+		0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04,0xF1,0x74,0x6C,0x08,
+		0xCA,0x18,0x21,0x7C,0x32,0x90,0x5E,0x46,0x2E,0x36,0xCE,0x3B,
+		0xE3,0x9E,0x77,0x2C,0x18,0x0E,0x86,0x03,0x9B,0x27,0x83,0xA2,
+		0xEC,0x07,0xA2,0x8F,0xB5,0xC5,0x5D,0xF0,0x6F,0x4C,0x52,0xC9,
+		0xDE,0x2B,0xCB,0xF6,0x95,0x58,0x17,0x18,0x39,0x95,0x49,0x7C,
+		0xEA,0x95,0x6A,0xE5,0x15,0xD2,0x26,0x18,0x98,0xFA,0x05,0x10,
+		0x15,0x72,0x8E,0x5A,0x8A,0xAC,0xAA,0x68,0xFF,0xFF,0xFF,0xFF,
+		0xFF,0xFF,0xFF,0xFF,
+		};
+	return BN_bin2bn(RFC3526_PRIME_2048,sizeof(RFC3526_PRIME_2048),bn);
+	}
+
+/* "3072-bit MODP Group" from RFC3526, Section 4.
+ *
+ * The prime is: 2^3072 - 2^3008 - 1 + 2^64 * { [2^2942 pi] + 1690314 }
+ *
+ * RFC3526 specifies a generator of 2.
+ */
+
+BIGNUM *get_rfc3526_prime_3072(BIGNUM *bn)
+	{
+	static const unsigned char RFC3526_PRIME_3072[]={
+		0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,
+		0x21,0x68,0xC2,0x34,0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,
+		0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74,0x02,0x0B,0xBE,0xA6,
+		0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD,
+		0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,
+		0xF2,0x5F,0x14,0x37,0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,
+		0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6,0xF4,0x4C,0x42,0xE9,
+		0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED,
+		0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,
+		0x7C,0x4B,0x1F,0xE6,0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,
+		0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05,0x98,0xDA,0x48,0x36,
+		0x1C,0x55,0xD3,0x9A,0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F,
+		0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,0x1C,0x62,0xF3,0x56,
+		0x20,0x85,0x52,0xBB,0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,
+		0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04,0xF1,0x74,0x6C,0x08,
+		0xCA,0x18,0x21,0x7C,0x32,0x90,0x5E,0x46,0x2E,0x36,0xCE,0x3B,
+		0xE3,0x9E,0x77,0x2C,0x18,0x0E,0x86,0x03,0x9B,0x27,0x83,0xA2,
+		0xEC,0x07,0xA2,0x8F,0xB5,0xC5,0x5D,0xF0,0x6F,0x4C,0x52,0xC9,
+		0xDE,0x2B,0xCB,0xF6,0x95,0x58,0x17,0x18,0x39,0x95,0x49,0x7C,
+		0xEA,0x95,0x6A,0xE5,0x15,0xD2,0x26,0x18,0x98,0xFA,0x05,0x10,
+		0x15,0x72,0x8E,0x5A,0x8A,0xAA,0xC4,0x2D,0xAD,0x33,0x17,0x0D,
+		0x04,0x50,0x7A,0x33,0xA8,0x55,0x21,0xAB,0xDF,0x1C,0xBA,0x64,
+		0xEC,0xFB,0x85,0x04,0x58,0xDB,0xEF,0x0A,0x8A,0xEA,0x71,0x57,
+		0x5D,0x06,0x0C,0x7D,0xB3,0x97,0x0F,0x85,0xA6,0xE1,0xE4,0xC7,
+		0xAB,0xF5,0xAE,0x8C,0xDB,0x09,0x33,0xD7,0x1E,0x8C,0x94,0xE0,
+		0x4A,0x25,0x61,0x9D,0xCE,0xE3,0xD2,0x26,0x1A,0xD2,0xEE,0x6B,
+		0xF1,0x2F,0xFA,0x06,0xD9,0x8A,0x08,0x64,0xD8,0x76,0x02,0x73,
+		0x3E,0xC8,0x6A,0x64,0x52,0x1F,0x2B,0x18,0x17,0x7B,0x20,0x0C,
+		0xBB,0xE1,0x17,0x57,0x7A,0x61,0x5D,0x6C,0x77,0x09,0x88,0xC0,
+		0xBA,0xD9,0x46,0xE2,0x08,0xE2,0x4F,0xA0,0x74,0xE5,0xAB,0x31,
+		0x43,0xDB,0x5B,0xFC,0xE0,0xFD,0x10,0x8E,0x4B,0x82,0xD1,0x20,
+		0xA9,0x3A,0xD2,0xCA,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
+		};
+	return BN_bin2bn(RFC3526_PRIME_3072,sizeof(RFC3526_PRIME_3072),bn);
+	}
+
+/* "4096-bit MODP Group" from RFC3526, Section 5.
+ *
+ * The prime is: 2^4096 - 2^4032 - 1 + 2^64 * { [2^3966 pi] + 240904 }
+ *
+ * RFC3526 specifies a generator of 2.
+ */
+
+BIGNUM *get_rfc3526_prime_4096(BIGNUM *bn)
+	{
+	static const unsigned char RFC3526_PRIME_4096[]={
+		0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,
+		0x21,0x68,0xC2,0x34,0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,
+		0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74,0x02,0x0B,0xBE,0xA6,
+		0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD,
+		0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,
+		0xF2,0x5F,0x14,0x37,0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,
+		0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6,0xF4,0x4C,0x42,0xE9,
+		0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED,
+		0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,
+		0x7C,0x4B,0x1F,0xE6,0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,
+		0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05,0x98,0xDA,0x48,0x36,
+		0x1C,0x55,0xD3,0x9A,0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F,
+		0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,0x1C,0x62,0xF3,0x56,
+		0x20,0x85,0x52,0xBB,0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,
+		0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04,0xF1,0x74,0x6C,0x08,
+		0xCA,0x18,0x21,0x7C,0x32,0x90,0x5E,0x46,0x2E,0x36,0xCE,0x3B,
+		0xE3,0x9E,0x77,0x2C,0x18,0x0E,0x86,0x03,0x9B,0x27,0x83,0xA2,
+		0xEC,0x07,0xA2,0x8F,0xB5,0xC5,0x5D,0xF0,0x6F,0x4C,0x52,0xC9,
+		0xDE,0x2B,0xCB,0xF6,0x95,0x58,0x17,0x18,0x39,0x95,0x49,0x7C,
+		0xEA,0x95,0x6A,0xE5,0x15,0xD2,0x26,0x18,0x98,0xFA,0x05,0x10,
+		0x15,0x72,0x8E,0x5A,0x8A,0xAA,0xC4,0x2D,0xAD,0x33,0x17,0x0D,
+		0x04,0x50,0x7A,0x33,0xA8,0x55,0x21,0xAB,0xDF,0x1C,0xBA,0x64,
+		0xEC,0xFB,0x85,0x04,0x58,0xDB,0xEF,0x0A,0x8A,0xEA,0x71,0x57,
+		0x5D,0x06,0x0C,0x7D,0xB3,0x97,0x0F,0x85,0xA6,0xE1,0xE4,0xC7,
+		0xAB,0xF5,0xAE,0x8C,0xDB,0x09,0x33,0xD7,0x1E,0x8C,0x94,0xE0,
+		0x4A,0x25,0x61,0x9D,0xCE,0xE3,0xD2,0x26,0x1A,0xD2,0xEE,0x6B,
+		0xF1,0x2F,0xFA,0x06,0xD9,0x8A,0x08,0x64,0xD8,0x76,0x02,0x73,
+		0x3E,0xC8,0x6A,0x64,0x52,0x1F,0x2B,0x18,0x17,0x7B,0x20,0x0C,
+		0xBB,0xE1,0x17,0x57,0x7A,0x61,0x5D,0x6C,0x77,0x09,0x88,0xC0,
+		0xBA,0xD9,0x46,0xE2,0x08,0xE2,0x4F,0xA0,0x74,0xE5,0xAB,0x31,
+		0x43,0xDB,0x5B,0xFC,0xE0,0xFD,0x10,0x8E,0x4B,0x82,0xD1,0x20,
+		0xA9,0x21,0x08,0x01,0x1A,0x72,0x3C,0x12,0xA7,0x87,0xE6,0xD7,
+		0x88,0x71,0x9A,0x10,0xBD,0xBA,0x5B,0x26,0x99,0xC3,0x27,0x18,
+		0x6A,0xF4,0xE2,0x3C,0x1A,0x94,0x68,0x34,0xB6,0x15,0x0B,0xDA,
+		0x25,0x83,0xE9,0xCA,0x2A,0xD4,0x4C,0xE8,0xDB,0xBB,0xC2,0xDB,
+		0x04,0xDE,0x8E,0xF9,0x2E,0x8E,0xFC,0x14,0x1F,0xBE,0xCA,0xA6,
+		0x28,0x7C,0x59,0x47,0x4E,0x6B,0xC0,0x5D,0x99,0xB2,0x96,0x4F,
+		0xA0,0x90,0xC3,0xA2,0x23,0x3B,0xA1,0x86,0x51,0x5B,0xE7,0xED,
+		0x1F,0x61,0x29,0x70,0xCE,0xE2,0xD7,0xAF,0xB8,0x1B,0xDD,0x76,
+		0x21,0x70,0x48,0x1C,0xD0,0x06,0x91,0x27,0xD5,0xB0,0x5A,0xA9,
+		0x93,0xB4,0xEA,0x98,0x8D,0x8F,0xDD,0xC1,0x86,0xFF,0xB7,0xDC,
+		0x90,0xA6,0xC0,0x8F,0x4D,0xF4,0x35,0xC9,0x34,0x06,0x31,0x99,
+		0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
+		};
+	return BN_bin2bn(RFC3526_PRIME_4096,sizeof(RFC3526_PRIME_4096),bn);
+	}
+
+/* "6144-bit MODP Group" from RFC3526, Section 6.
+ *
+ * The prime is: 2^6144 - 2^6080 - 1 + 2^64 * { [2^6014 pi] + 929484 }
+ *
+ * RFC3526 specifies a generator of 2.
+ */
+
+BIGNUM *get_rfc3526_prime_6144(BIGNUM *bn)
+	{
+	static const unsigned char RFC3526_PRIME_6144[]={
+		0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,
+		0x21,0x68,0xC2,0x34,0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,
+		0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74,0x02,0x0B,0xBE,0xA6,
+		0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD,
+		0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,
+		0xF2,0x5F,0x14,0x37,0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,
+		0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6,0xF4,0x4C,0x42,0xE9,
+		0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED,
+		0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,
+		0x7C,0x4B,0x1F,0xE6,0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,
+		0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05,0x98,0xDA,0x48,0x36,
+		0x1C,0x55,0xD3,0x9A,0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F,
+		0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,0x1C,0x62,0xF3,0x56,
+		0x20,0x85,0x52,0xBB,0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,
+		0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04,0xF1,0x74,0x6C,0x08,
+		0xCA,0x18,0x21,0x7C,0x32,0x90,0x5E,0x46,0x2E,0x36,0xCE,0x3B,
+		0xE3,0x9E,0x77,0x2C,0x18,0x0E,0x86,0x03,0x9B,0x27,0x83,0xA2,
+		0xEC,0x07,0xA2,0x8F,0xB5,0xC5,0x5D,0xF0,0x6F,0x4C,0x52,0xC9,
+		0xDE,0x2B,0xCB,0xF6,0x95,0x58,0x17,0x18,0x39,0x95,0x49,0x7C,
+		0xEA,0x95,0x6A,0xE5,0x15,0xD2,0x26,0x18,0x98,0xFA,0x05,0x10,
+		0x15,0x72,0x8E,0x5A,0x8A,0xAA,0xC4,0x2D,0xAD,0x33,0x17,0x0D,
+		0x04,0x50,0x7A,0x33,0xA8,0x55,0x21,0xAB,0xDF,0x1C,0xBA,0x64,
+		0xEC,0xFB,0x85,0x04,0x58,0xDB,0xEF,0x0A,0x8A,0xEA,0x71,0x57,
+		0x5D,0x06,0x0C,0x7D,0xB3,0x97,0x0F,0x85,0xA6,0xE1,0xE4,0xC7,
+		0xAB,0xF5,0xAE,0x8C,0xDB,0x09,0x33,0xD7,0x1E,0x8C,0x94,0xE0,
+		0x4A,0x25,0x61,0x9D,0xCE,0xE3,0xD2,0x26,0x1A,0xD2,0xEE,0x6B,
+		0xF1,0x2F,0xFA,0x06,0xD9,0x8A,0x08,0x64,0xD8,0x76,0x02,0x73,
+		0x3E,0xC8,0x6A,0x64,0x52,0x1F,0x2B,0x18,0x17,0x7B,0x20,0x0C,
+		0xBB,0xE1,0x17,0x57,0x7A,0x61,0x5D,0x6C,0x77,0x09,0x88,0xC0,
+		0xBA,0xD9,0x46,0xE2,0x08,0xE2,0x4F,0xA0,0x74,0xE5,0xAB,0x31,
+		0x43,0xDB,0x5B,0xFC,0xE0,0xFD,0x10,0x8E,0x4B,0x82,0xD1,0x20,
+		0xA9,0x21,0x08,0x01,0x1A,0x72,0x3C,0x12,0xA7,0x87,0xE6,0xD7,
+		0x88,0x71,0x9A,0x10,0xBD,0xBA,0x5B,0x26,0x99,0xC3,0x27,0x18,
+		0x6A,0xF4,0xE2,0x3C,0x1A,0x94,0x68,0x34,0xB6,0x15,0x0B,0xDA,
+		0x25,0x83,0xE9,0xCA,0x2A,0xD4,0x4C,0xE8,0xDB,0xBB,0xC2,0xDB,
+		0x04,0xDE,0x8E,0xF9,0x2E,0x8E,0xFC,0x14,0x1F,0xBE,0xCA,0xA6,
+		0x28,0x7C,0x59,0x47,0x4E,0x6B,0xC0,0x5D,0x99,0xB2,0x96,0x4F,
+		0xA0,0x90,0xC3,0xA2,0x23,0x3B,0xA1,0x86,0x51,0x5B,0xE7,0xED,
+		0x1F,0x61,0x29,0x70,0xCE,0xE2,0xD7,0xAF,0xB8,0x1B,0xDD,0x76,
+		0x21,0x70,0x48,0x1C,0xD0,0x06,0x91,0x27,0xD5,0xB0,0x5A,0xA9,
+		0x93,0xB4,0xEA,0x98,0x8D,0x8F,0xDD,0xC1,0x86,0xFF,0xB7,0xDC,
+		0x90,0xA6,0xC0,0x8F,0x4D,0xF4,0x35,0xC9,0x34,0x02,0x84,0x92,
+		0x36,0xC3,0xFA,0xB4,0xD2,0x7C,0x70,0x26,0xC1,0xD4,0xDC,0xB2,
+		0x60,0x26,0x46,0xDE,0xC9,0x75,0x1E,0x76,0x3D,0xBA,0x37,0xBD,
+		0xF8,0xFF,0x94,0x06,0xAD,0x9E,0x53,0x0E,0xE5,0xDB,0x38,0x2F,
+		0x41,0x30,0x01,0xAE,0xB0,0x6A,0x53,0xED,0x90,0x27,0xD8,0x31,
+		0x17,0x97,0x27,0xB0,0x86,0x5A,0x89,0x18,0xDA,0x3E,0xDB,0xEB,
+		0xCF,0x9B,0x14,0xED,0x44,0xCE,0x6C,0xBA,0xCE,0xD4,0xBB,0x1B,
+		0xDB,0x7F,0x14,0x47,0xE6,0xCC,0x25,0x4B,0x33,0x20,0x51,0x51,
+		0x2B,0xD7,0xAF,0x42,0x6F,0xB8,0xF4,0x01,0x37,0x8C,0xD2,0xBF,
+		0x59,0x83,0xCA,0x01,0xC6,0x4B,0x92,0xEC,0xF0,0x32,0xEA,0x15,
+		0xD1,0x72,0x1D,0x03,0xF4,0x82,0xD7,0xCE,0x6E,0x74,0xFE,0xF6,
+		0xD5,0x5E,0x70,0x2F,0x46,0x98,0x0C,0x82,0xB5,0xA8,0x40,0x31,
+		0x90,0x0B,0x1C,0x9E,0x59,0xE7,0xC9,0x7F,0xBE,0xC7,0xE8,0xF3,
+		0x23,0xA9,0x7A,0x7E,0x36,0xCC,0x88,0xBE,0x0F,0x1D,0x45,0xB7,
+		0xFF,0x58,0x5A,0xC5,0x4B,0xD4,0x07,0xB2,0x2B,0x41,0x54,0xAA,
+		0xCC,0x8F,0x6D,0x7E,0xBF,0x48,0xE1,0xD8,0x14,0xCC,0x5E,0xD2,
+		0x0F,0x80,0x37,0xE0,0xA7,0x97,0x15,0xEE,0xF2,0x9B,0xE3,0x28,
+		0x06,0xA1,0xD5,0x8B,0xB7,0xC5,0xDA,0x76,0xF5,0x50,0xAA,0x3D,
+		0x8A,0x1F,0xBF,0xF0,0xEB,0x19,0xCC,0xB1,0xA3,0x13,0xD5,0x5C,
+		0xDA,0x56,0xC9,0xEC,0x2E,0xF2,0x96,0x32,0x38,0x7F,0xE8,0xD7,
+		0x6E,0x3C,0x04,0x68,0x04,0x3E,0x8F,0x66,0x3F,0x48,0x60,0xEE,
+		0x12,0xBF,0x2D,0x5B,0x0B,0x74,0x74,0xD6,0xE6,0x94,0xF9,0x1E,
+		0x6D,0xCC,0x40,0x24,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
+		};
+	return BN_bin2bn(RFC3526_PRIME_6144,sizeof(RFC3526_PRIME_6144),bn);
+	}
+
+/* "8192-bit MODP Group" from RFC3526, Section 7.
+ *
+ * The prime is: 2^8192 - 2^8128 - 1 + 2^64 * { [2^8062 pi] + 4743158 }
+ *
+ * RFC3526 specifies a generator of 2.
+ */
+
+BIGNUM *get_rfc3526_prime_8192(BIGNUM *bn)
+	{
+	static const unsigned char RFC3526_PRIME_8192[]={
+		0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,
+		0x21,0x68,0xC2,0x34,0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,
+		0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74,0x02,0x0B,0xBE,0xA6,
+		0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD,
+		0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,
+		0xF2,0x5F,0x14,0x37,0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,
+		0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6,0xF4,0x4C,0x42,0xE9,
+		0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED,
+		0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,
+		0x7C,0x4B,0x1F,0xE6,0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,
+		0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05,0x98,0xDA,0x48,0x36,
+		0x1C,0x55,0xD3,0x9A,0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F,
+		0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,0x1C,0x62,0xF3,0x56,
+		0x20,0x85,0x52,0xBB,0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,
+		0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04,0xF1,0x74,0x6C,0x08,
+		0xCA,0x18,0x21,0x7C,0x32,0x90,0x5E,0x46,0x2E,0x36,0xCE,0x3B,
+		0xE3,0x9E,0x77,0x2C,0x18,0x0E,0x86,0x03,0x9B,0x27,0x83,0xA2,
+		0xEC,0x07,0xA2,0x8F,0xB5,0xC5,0x5D,0xF0,0x6F,0x4C,0x52,0xC9,
+		0xDE,0x2B,0xCB,0xF6,0x95,0x58,0x17,0x18,0x39,0x95,0x49,0x7C,
+		0xEA,0x95,0x6A,0xE5,0x15,0xD2,0x26,0x18,0x98,0xFA,0x05,0x10,
+		0x15,0x72,0x8E,0x5A,0x8A,0xAA,0xC4,0x2D,0xAD,0x33,0x17,0x0D,
+		0x04,0x50,0x7A,0x33,0xA8,0x55,0x21,0xAB,0xDF,0x1C,0xBA,0x64,
+		0xEC,0xFB,0x85,0x04,0x58,0xDB,0xEF,0x0A,0x8A,0xEA,0x71,0x57,
+		0x5D,0x06,0x0C,0x7D,0xB3,0x97,0x0F,0x85,0xA6,0xE1,0xE4,0xC7,
+		0xAB,0xF5,0xAE,0x8C,0xDB,0x09,0x33,0xD7,0x1E,0x8C,0x94,0xE0,
+		0x4A,0x25,0x61,0x9D,0xCE,0xE3,0xD2,0x26,0x1A,0xD2,0xEE,0x6B,
+		0xF1,0x2F,0xFA,0x06,0xD9,0x8A,0x08,0x64,0xD8,0x76,0x02,0x73,
+		0x3E,0xC8,0x6A,0x64,0x52,0x1F,0x2B,0x18,0x17,0x7B,0x20,0x0C,
+		0xBB,0xE1,0x17,0x57,0x7A,0x61,0x5D,0x6C,0x77,0x09,0x88,0xC0,
+		0xBA,0xD9,0x46,0xE2,0x08,0xE2,0x4F,0xA0,0x74,0xE5,0xAB,0x31,
+		0x43,0xDB,0x5B,0xFC,0xE0,0xFD,0x10,0x8E,0x4B,0x82,0xD1,0x20,
+		0xA9,0x21,0x08,0x01,0x1A,0x72,0x3C,0x12,0xA7,0x87,0xE6,0xD7,
+		0x88,0x71,0x9A,0x10,0xBD,0xBA,0x5B,0x26,0x99,0xC3,0x27,0x18,
+		0x6A,0xF4,0xE2,0x3C,0x1A,0x94,0x68,0x34,0xB6,0x15,0x0B,0xDA,
+		0x25,0x83,0xE9,0xCA,0x2A,0xD4,0x4C,0xE8,0xDB,0xBB,0xC2,0xDB,
+		0x04,0xDE,0x8E,0xF9,0x2E,0x8E,0xFC,0x14,0x1F,0xBE,0xCA,0xA6,
+		0x28,0x7C,0x59,0x47,0x4E,0x6B,0xC0,0x5D,0x99,0xB2,0x96,0x4F,
+		0xA0,0x90,0xC3,0xA2,0x23,0x3B,0xA1,0x86,0x51,0x5B,0xE7,0xED,
+		0x1F,0x61,0x29,0x70,0xCE,0xE2,0xD7,0xAF,0xB8,0x1B,0xDD,0x76,
+		0x21,0x70,0x48,0x1C,0xD0,0x06,0x91,0x27,0xD5,0xB0,0x5A,0xA9,
+		0x93,0xB4,0xEA,0x98,0x8D,0x8F,0xDD,0xC1,0x86,0xFF,0xB7,0xDC,
+		0x90,0xA6,0xC0,0x8F,0x4D,0xF4,0x35,0xC9,0x34,0x02,0x84,0x92,
+		0x36,0xC3,0xFA,0xB4,0xD2,0x7C,0x70,0x26,0xC1,0xD4,0xDC,0xB2,
+		0x60,0x26,0x46,0xDE,0xC9,0x75,0x1E,0x76,0x3D,0xBA,0x37,0xBD,
+		0xF8,0xFF,0x94,0x06,0xAD,0x9E,0x53,0x0E,0xE5,0xDB,0x38,0x2F,
+		0x41,0x30,0x01,0xAE,0xB0,0x6A,0x53,0xED,0x90,0x27,0xD8,0x31,
+		0x17,0x97,0x27,0xB0,0x86,0x5A,0x89,0x18,0xDA,0x3E,0xDB,0xEB,
+		0xCF,0x9B,0x14,0xED,0x44,0xCE,0x6C,0xBA,0xCE,0xD4,0xBB,0x1B,
+		0xDB,0x7F,0x14,0x47,0xE6,0xCC,0x25,0x4B,0x33,0x20,0x51,0x51,
+		0x2B,0xD7,0xAF,0x42,0x6F,0xB8,0xF4,0x01,0x37,0x8C,0xD2,0xBF,
+		0x59,0x83,0xCA,0x01,0xC6,0x4B,0x92,0xEC,0xF0,0x32,0xEA,0x15,
+		0xD1,0x72,0x1D,0x03,0xF4,0x82,0xD7,0xCE,0x6E,0x74,0xFE,0xF6,
+		0xD5,0x5E,0x70,0x2F,0x46,0x98,0x0C,0x82,0xB5,0xA8,0x40,0x31,
+		0x90,0x0B,0x1C,0x9E,0x59,0xE7,0xC9,0x7F,0xBE,0xC7,0xE8,0xF3,
+		0x23,0xA9,0x7A,0x7E,0x36,0xCC,0x88,0xBE,0x0F,0x1D,0x45,0xB7,
+		0xFF,0x58,0x5A,0xC5,0x4B,0xD4,0x07,0xB2,0x2B,0x41,0x54,0xAA,
+		0xCC,0x8F,0x6D,0x7E,0xBF,0x48,0xE1,0xD8,0x14,0xCC,0x5E,0xD2,
+		0x0F,0x80,0x37,0xE0,0xA7,0x97,0x15,0xEE,0xF2,0x9B,0xE3,0x28,
+		0x06,0xA1,0xD5,0x8B,0xB7,0xC5,0xDA,0x76,0xF5,0x50,0xAA,0x3D,
+		0x8A,0x1F,0xBF,0xF0,0xEB,0x19,0xCC,0xB1,0xA3,0x13,0xD5,0x5C,
+		0xDA,0x56,0xC9,0xEC,0x2E,0xF2,0x96,0x32,0x38,0x7F,0xE8,0xD7,
+		0x6E,0x3C,0x04,0x68,0x04,0x3E,0x8F,0x66,0x3F,0x48,0x60,0xEE,
+		0x12,0xBF,0x2D,0x5B,0x0B,0x74,0x74,0xD6,0xE6,0x94,0xF9,0x1E,
+		0x6D,0xBE,0x11,0x59,0x74,0xA3,0x92,0x6F,0x12,0xFE,0xE5,0xE4,
+		0x38,0x77,0x7C,0xB6,0xA9,0x32,0xDF,0x8C,0xD8,0xBE,0xC4,0xD0,
+		0x73,0xB9,0x31,0xBA,0x3B,0xC8,0x32,0xB6,0x8D,0x9D,0xD3,0x00,
+		0x74,0x1F,0xA7,0xBF,0x8A,0xFC,0x47,0xED,0x25,0x76,0xF6,0x93,
+		0x6B,0xA4,0x24,0x66,0x3A,0xAB,0x63,0x9C,0x5A,0xE4,0xF5,0x68,
+		0x34,0x23,0xB4,0x74,0x2B,0xF1,0xC9,0x78,0x23,0x8F,0x16,0xCB,
+		0xE3,0x9D,0x65,0x2D,0xE3,0xFD,0xB8,0xBE,0xFC,0x84,0x8A,0xD9,
+		0x22,0x22,0x2E,0x04,0xA4,0x03,0x7C,0x07,0x13,0xEB,0x57,0xA8,
+		0x1A,0x23,0xF0,0xC7,0x34,0x73,0xFC,0x64,0x6C,0xEA,0x30,0x6B,
+		0x4B,0xCB,0xC8,0x86,0x2F,0x83,0x85,0xDD,0xFA,0x9D,0x4B,0x7F,
+		0xA2,0xC0,0x87,0xE8,0x79,0x68,0x33,0x03,0xED,0x5B,0xDD,0x3A,
+		0x06,0x2B,0x3C,0xF5,0xB3,0xA2,0x78,0xA6,0x6D,0x2A,0x13,0xF8,
+		0x3F,0x44,0xF8,0x2D,0xDF,0x31,0x0E,0xE0,0x74,0xAB,0x6A,0x36,
+		0x45,0x97,0xE8,0x99,0xA0,0x25,0x5D,0xC1,0x64,0xF3,0x1C,0xC5,
+		0x08,0x46,0x85,0x1D,0xF9,0xAB,0x48,0x19,0x5D,0xED,0x7E,0xA1,
+		0xB1,0xD5,0x10,0xBD,0x7E,0xE7,0x4D,0x73,0xFA,0xF3,0x6B,0xC3,
+		0x1E,0xCF,0xA2,0x68,0x35,0x90,0x46,0xF4,0xEB,0x87,0x9F,0x92,
+		0x40,0x09,0x43,0x8B,0x48,0x1C,0x6C,0xD7,0x88,0x9A,0x00,0x2E,
+		0xD5,0xEE,0x38,0x2B,0xC9,0x19,0x0D,0xA6,0xFC,0x02,0x6E,0x47,
+		0x95,0x58,0xE4,0x47,0x56,0x77,0xE9,0xAA,0x9E,0x30,0x50,0xE2,
+		0x76,0x56,0x94,0xDF,0xC8,0x1F,0x56,0xE8,0x80,0xB9,0x6E,0x71,
+		0x60,0xC9,0x80,0xDD,0x98,0xED,0xD3,0xDF,0xFF,0xFF,0xFF,0xFF,
+		0xFF,0xFF,0xFF,0xFF,
+		};
+	return BN_bin2bn(RFC3526_PRIME_8192,sizeof(RFC3526_PRIME_8192),bn);
+	}
+
diff --git a/crypto/bn/bn_ctx.c b/crypto/bn/bn_ctx.c
index 5bd742a97c..3f2256f675 100644
--- a/crypto/bn/bn_ctx.c
+++ b/crypto/bn/bn_ctx.c
@@ -161,7 +161,7 @@ static void ctxdbg(BN_CTX *ctx)
 	fprintf(stderr,"(%08x): ", (unsigned int)ctx);
 	while(bnidx < ctx->used)
 		{
-		fprintf(stderr,"%02x ", item->vals[bnidx++ % BN_CTX_POOL_SIZE].dmax);
+		fprintf(stderr,"%03x ", item->vals[bnidx++ % BN_CTX_POOL_SIZE].dmax);
 		if(!(bnidx % BN_CTX_POOL_SIZE))
 			item = item->next;
 		}
@@ -171,8 +171,8 @@ static void ctxdbg(BN_CTX *ctx)
 	while(fpidx < stack->depth)
 		{
 		while(bnidx++ < stack->indexes[fpidx])
-			fprintf(stderr,"   ");
-		fprintf(stderr,"^^ ");
+			fprintf(stderr,"    ");
+		fprintf(stderr,"^^^ ");
 		bnidx++;
 		fpidx++;
 		}
@@ -230,7 +230,10 @@ BN_CTX *BN_CTX_new(void)
 
 void BN_CTX_free(BN_CTX *ctx)
 	{
+	if (ctx == NULL)
+		return;
 #ifdef BN_CTX_DEBUG
+	{
 	BN_POOL_ITEM *pool = ctx->pool.head;
 	fprintf(stderr,"BN_CTX_free, stack-size=%d, pool-bignums=%d\n",
 		ctx->stack.size, ctx->pool.size);
@@ -242,6 +245,7 @@ void BN_CTX_free(BN_CTX *ctx)
 		pool = pool->next;
 	}
 	fprintf(stderr,"\n");
+	}
 #endif
 	BN_STACK_finish(&ctx->stack);
 	BN_POOL_finish(&ctx->pool);
@@ -257,8 +261,7 @@ void BN_CTX_start(BN_CTX *ctx)
 	/* (Try to) get a new frame pointer */
 	else if(!BN_STACK_push(&ctx->stack, ctx->used))
 		{
-		/* I know this isn't BN_CTX_get, but ... */
-		BNerr(BN_F_BN_CTX_GET,BN_R_TOO_MANY_TEMPORARY_VARIABLES);
+		BNerr(BN_F_BN_CTX_START,BN_R_TOO_MANY_TEMPORARY_VARIABLES);
 		ctx->err_stack++;
 		}
 	CTXDBG_EXIT(ctx);
diff --git a/crypto/bn/bn_div.c b/crypto/bn/bn_div.c
index 3b4392955e..899d07ca24 100644
--- a/crypto/bn/bn_div.c
+++ b/crypto/bn/bn_div.c
@@ -169,13 +169,15 @@ int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d,
 #endif /* OPENSSL_NO_ASM */
 
 
-/* BN_div computes  dv := num / divisor,  rounding towards zero, and sets up
- * rm  such that  dv*divisor + rm = num  holds.
+/* BN_div[_no_branch] computes  dv := num / divisor,  rounding towards
+ * zero, and sets up rm  such that  dv*divisor + rm = num  holds.
  * Thus:
  *     dv->neg == num->neg ^ divisor->neg  (unless the result is zero)
  *     rm->neg == num->neg                 (unless the remainder is zero)
  * If 'dv' or 'rm' is NULL, the respective value is not returned.
  */
+static int BN_div_no_branch(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num,
+        const BIGNUM *divisor, BN_CTX *ctx);
 int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor,
 	   BN_CTX *ctx)
 	{
@@ -185,11 +187,25 @@ int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor,
 	BN_ULONG d0,d1;
 	int num_n,div_n;
 
-	if (dv)
-		bn_check_top(dv);
-	if (rm)
-		bn_check_top(rm);
+	/* Invalid zero-padding would have particularly bad consequences
+	 * in the case of 'num', so don't just rely on bn_check_top() for this one
+	 * (bn_check_top() works only for BN_DEBUG builds) */
+	if (num->top > 0 && num->d[num->top - 1] == 0)
+		{
+		BNerr(BN_F_BN_DIV,BN_R_NOT_INITIALIZED);
+		return 0;
+		}
+
 	bn_check_top(num);
+
+	if ((BN_get_flags(num, BN_FLG_CONSTTIME) != 0) || (BN_get_flags(divisor, BN_FLG_CONSTTIME) != 0))
+		{
+		return BN_div_no_branch(dv, rm, num, divisor, ctx);
+		}
+
+	bn_check_top(dv);
+	bn_check_top(rm);
+	/* bn_check_top(num); */ /* 'num' has been checked already */
 	bn_check_top(divisor);
 
 	if (BN_is_zero(divisor))
@@ -213,7 +229,8 @@ int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor,
 	if (dv == NULL)
 		res=BN_CTX_get(ctx);
 	else	res=dv;
-	if (sdiv == NULL || res == NULL) goto err;
+	if (sdiv == NULL || res == NULL || tmp == NULL || snum == NULL)
+		goto err;
 
 	/* First we normalise the numbers */
 	norm_shift=BN_BITS2-((BN_num_bits(divisor))%BN_BITS2);
@@ -320,7 +337,7 @@ X) -> 0x%08X\n",
 				t2 -= d1;
 				}
 #else /* !BN_LLONG */
-			BN_ULONG t2l,t2h,ql,qh;
+			BN_ULONG t2l,t2h;
 
 			q=bn_div_words(n0,n1,d0);
 #ifdef BN_DEBUG_LEVITTE
@@ -338,9 +355,12 @@ X) -> 0x%08X\n",
 			t2l = d1 * q;
 			t2h = BN_UMULT_HIGH(d1,q);
 #else
+			{
+			BN_ULONG ql, qh;
 			t2l=LBITS(d1); t2h=HBITS(d1);
 			ql =LBITS(q);  qh =HBITS(q);
 			mul64(t2l,t2h,ql,qh); /* t2=(BN_ULLONG)d1*q; */
+			}
 #endif
 
 			for (;;)
@@ -394,8 +414,235 @@ X) -> 0x%08X\n",
 	BN_CTX_end(ctx);
 	return(1);
 err:
-	if (rm)
+	bn_check_top(rm);
+	BN_CTX_end(ctx);
+	return(0);
+	}
+
+
+/* BN_div_no_branch is a special version of BN_div. It does not contain
+ * branches that may leak sensitive information.
+ */
+static int BN_div_no_branch(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, 
+	const BIGNUM *divisor, BN_CTX *ctx)
+	{
+	int norm_shift,i,loop;
+	BIGNUM *tmp,wnum,*snum,*sdiv,*res;
+	BN_ULONG *resp,*wnump;
+	BN_ULONG d0,d1;
+	int num_n,div_n;
+
+	bn_check_top(dv);
+	bn_check_top(rm);
+	/* bn_check_top(num); */ /* 'num' has been checked in BN_div() */
+	bn_check_top(divisor);
+
+	if (BN_is_zero(divisor))
+		{
+		BNerr(BN_F_BN_DIV_NO_BRANCH,BN_R_DIV_BY_ZERO);
+		return(0);
+		}
+
+	BN_CTX_start(ctx);
+	tmp=BN_CTX_get(ctx);
+	snum=BN_CTX_get(ctx);
+	sdiv=BN_CTX_get(ctx);
+	if (dv == NULL)
+		res=BN_CTX_get(ctx);
+	else	res=dv;
+	if (sdiv == NULL || res == NULL) goto err;
+
+	/* First we normalise the numbers */
+	norm_shift=BN_BITS2-((BN_num_bits(divisor))%BN_BITS2);
+	if (!(BN_lshift(sdiv,divisor,norm_shift))) goto err;
+	sdiv->neg=0;
+	norm_shift+=BN_BITS2;
+	if (!(BN_lshift(snum,num,norm_shift))) goto err;
+	snum->neg=0;
+
+	/* Since we don't know whether snum is larger than sdiv,
+	 * we pad snum with enough zeroes without changing its
+	 * value. 
+	 */
+	if (snum->top <= sdiv->top+1) 
+		{
+		if (bn_wexpand(snum, sdiv->top + 2) == NULL) goto err;
+		for (i = snum->top; i < sdiv->top + 2; i++) snum->d[i] = 0;
+		snum->top = sdiv->top + 2;
+		}
+	else
+		{
+		if (bn_wexpand(snum, snum->top + 1) == NULL) goto err;
+		snum->d[snum->top] = 0;
+		snum->top ++;
+		}
+
+	div_n=sdiv->top;
+	num_n=snum->top;
+	loop=num_n-div_n;
+	/* Lets setup a 'window' into snum
+	 * This is the part that corresponds to the current
+	 * 'area' being divided */
+	wnum.neg   = 0;
+	wnum.d     = &(snum->d[loop]);
+	wnum.top   = div_n;
+	/* only needed when BN_ucmp messes up the values between top and max */
+	wnum.dmax  = snum->dmax - loop; /* so we don't step out of bounds */
+
+	/* Get the top 2 words of sdiv */
+	/* div_n=sdiv->top; */
+	d0=sdiv->d[div_n-1];
+	d1=(div_n == 1)?0:sdiv->d[div_n-2];
+
+	/* pointer to the 'top' of snum */
+	wnump= &(snum->d[num_n-1]);
+
+	/* Setup to 'res' */
+	res->neg= (num->neg^divisor->neg);
+	if (!bn_wexpand(res,(loop+1))) goto err;
+	res->top=loop-1;
+	resp= &(res->d[loop-1]);
+
+	/* space for temp */
+	if (!bn_wexpand(tmp,(div_n+1))) goto err;
+
+	/* if res->top == 0 then clear the neg value otherwise decrease
+	 * the resp pointer */
+	if (res->top == 0)
+		res->neg = 0;
+	else
+		resp--;
+
+	for (i=0; i<loop-1; i++, wnump--, resp--)
+		{
+		BN_ULONG q,l0;
+		/* the first part of the loop uses the top two words of
+		 * snum and sdiv to calculate a BN_ULONG q such that
+		 * | wnum - sdiv * q | < sdiv */
+#if defined(BN_DIV3W) && !defined(OPENSSL_NO_ASM)
+		BN_ULONG bn_div_3_words(BN_ULONG*,BN_ULONG,BN_ULONG);
+		q=bn_div_3_words(wnump,d1,d0);
+#else
+		BN_ULONG n0,n1,rem=0;
+
+		n0=wnump[0];
+		n1=wnump[-1];
+		if (n0 == d0)
+			q=BN_MASK2;
+		else 			/* n0 < d0 */
+			{
+#ifdef BN_LLONG
+			BN_ULLONG t2;
+
+#if defined(BN_LLONG) && defined(BN_DIV2W) && !defined(bn_div_words)
+			q=(BN_ULONG)(((((BN_ULLONG)n0)<<BN_BITS2)|n1)/d0);
+#else
+			q=bn_div_words(n0,n1,d0);
+#ifdef BN_DEBUG_LEVITTE
+			fprintf(stderr,"DEBUG: bn_div_words(0x%08X,0x%08X,0x%08\
+X) -> 0x%08X\n",
+				n0, n1, d0, q);
+#endif
+#endif
+
+#ifndef REMAINDER_IS_ALREADY_CALCULATED
+			/*
+			 * rem doesn't have to be BN_ULLONG. The least we
+			 * know it's less that d0, isn't it?
+			 */
+			rem=(n1-q*d0)&BN_MASK2;
+#endif
+			t2=(BN_ULLONG)d1*q;
+
+			for (;;)
+				{
+				if (t2 <= ((((BN_ULLONG)rem)<<BN_BITS2)|wnump[-2]))
+					break;
+				q--;
+				rem += d0;
+				if (rem < d0) break; /* don't let rem overflow */
+				t2 -= d1;
+				}
+#else /* !BN_LLONG */
+			BN_ULONG t2l,t2h;
+
+			q=bn_div_words(n0,n1,d0);
+#ifdef BN_DEBUG_LEVITTE
+			fprintf(stderr,"DEBUG: bn_div_words(0x%08X,0x%08X,0x%08\
+X) -> 0x%08X\n",
+				n0, n1, d0, q);
+#endif
+#ifndef REMAINDER_IS_ALREADY_CALCULATED
+			rem=(n1-q*d0)&BN_MASK2;
+#endif
+
+#if defined(BN_UMULT_LOHI)
+			BN_UMULT_LOHI(t2l,t2h,d1,q);
+#elif defined(BN_UMULT_HIGH)
+			t2l = d1 * q;
+			t2h = BN_UMULT_HIGH(d1,q);
+#else
+			{
+			BN_ULONG ql, qh;
+			t2l=LBITS(d1); t2h=HBITS(d1);
+			ql =LBITS(q);  qh =HBITS(q);
+			mul64(t2l,t2h,ql,qh); /* t2=(BN_ULLONG)d1*q; */
+			}
+#endif
+
+			for (;;)
+				{
+				if ((t2h < rem) ||
+					((t2h == rem) && (t2l <= wnump[-2])))
+					break;
+				q--;
+				rem += d0;
+				if (rem < d0) break; /* don't let rem overflow */
+				if (t2l < d1) t2h--; t2l -= d1;
+				}
+#endif /* !BN_LLONG */
+			}
+#endif /* !BN_DIV3W */
+
+		l0=bn_mul_words(tmp->d,sdiv->d,div_n,q);
+		tmp->d[div_n]=l0;
+		wnum.d--;
+		/* ingore top values of the bignums just sub the two 
+		 * BN_ULONG arrays with bn_sub_words */
+		if (bn_sub_words(wnum.d, wnum.d, tmp->d, div_n+1))
+			{
+			/* Note: As we have considered only the leading
+			 * two BN_ULONGs in the calculation of q, sdiv * q
+			 * might be greater than wnum (but then (q-1) * sdiv
+			 * is less or equal than wnum)
+			 */
+			q--;
+			if (bn_add_words(wnum.d, wnum.d, sdiv->d, div_n))
+				/* we can't have an overflow here (assuming
+				 * that q != 0, but if q == 0 then tmp is
+				 * zero anyway) */
+				(*wnump)++;
+			}
+		/* store part of the result */
+		*resp = q;
+		}
+	bn_correct_top(snum);
+	if (rm != NULL)
+		{
+		/* Keep a copy of the neg flag in num because if rm==num
+		 * BN_rshift() will overwrite it.
+		 */
+		int neg = num->neg;
+		BN_rshift(rm,snum,norm_shift);
+		if (!BN_is_zero(rm))
+			rm->neg = neg;
 		bn_check_top(rm);
+		}
+	bn_correct_top(res);
+	BN_CTX_end(ctx);
+	return(1);
+err:
+	bn_check_top(rm);
 	BN_CTX_end(ctx);
 	return(0);
 	}
diff --git a/crypto/bn/bn_err.c b/crypto/bn/bn_err.c
index b42208ae0b..cfe2eb94a0 100644
--- a/crypto/bn/bn_err.c
+++ b/crypto/bn/bn_err.c
@@ -1,6 +1,6 @@
 /* crypto/bn/bn_err.c */
 /* ====================================================================
- * Copyright (c) 1999-2002 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2007 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -61,65 +61,77 @@
 #include <stdio.h>
 #include <openssl/err.h>
 #include <openssl/bn.h>
-#include <openssl/opensslconf.h> /* To see if OPENSSL_NO_ERR is defined */
 
 /* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
+
+#define ERR_FUNC(func) ERR_PACK(ERR_LIB_BN,func,0)
+#define ERR_REASON(reason) ERR_PACK(ERR_LIB_BN,0,reason)
+
 static ERR_STRING_DATA BN_str_functs[]=
 	{
-{ERR_PACK(0,BN_F_BN_BLINDING_CONVERT,0),	"BN_BLINDING_convert"},
-{ERR_PACK(0,BN_F_BN_BLINDING_INVERT,0),	"BN_BLINDING_invert"},
-{ERR_PACK(0,BN_F_BN_BLINDING_NEW,0),	"BN_BLINDING_new"},
-{ERR_PACK(0,BN_F_BN_BLINDING_UPDATE,0),	"BN_BLINDING_update"},
-{ERR_PACK(0,BN_F_BN_BN2DEC,0),	"BN_bn2dec"},
-{ERR_PACK(0,BN_F_BN_BN2HEX,0),	"BN_bn2hex"},
-{ERR_PACK(0,BN_F_BN_CTX_GET,0),	"BN_CTX_get"},
-{ERR_PACK(0,BN_F_BN_CTX_NEW,0),	"BN_CTX_new"},
-{ERR_PACK(0,BN_F_BN_DIV,0),	"BN_div"},
-{ERR_PACK(0,BN_F_BN_EXPAND2,0),	"bn_expand2"},
-{ERR_PACK(0,BN_F_BN_EXPAND_INTERNAL,0),	"BN_EXPAND_INTERNAL"},
-{ERR_PACK(0,BN_F_BN_GF2M_MOD,0),	"BN_GF2m_mod"},
-{ERR_PACK(0,BN_F_BN_GF2M_MOD_DIV,0),	"BN_GF2m_mod_div"},
-{ERR_PACK(0,BN_F_BN_GF2M_MOD_EXP,0),	"BN_GF2m_mod_exp"},
-{ERR_PACK(0,BN_F_BN_GF2M_MOD_MUL,0),	"BN_GF2m_mod_mul"},
-{ERR_PACK(0,BN_F_BN_GF2M_MOD_SOLVE_QUAD,0),	"BN_GF2m_mod_solve_quad"},
-{ERR_PACK(0,BN_F_BN_GF2M_MOD_SOLVE_QUAD_ARR,0),	"BN_GF2m_mod_solve_quad_arr"},
-{ERR_PACK(0,BN_F_BN_GF2M_MOD_SQR,0),	"BN_GF2m_mod_sqr"},
-{ERR_PACK(0,BN_F_BN_MOD_EXP2_MONT,0),	"BN_mod_exp2_mont"},
-{ERR_PACK(0,BN_F_BN_MOD_EXP_MONT,0),	"BN_mod_exp_mont"},
-{ERR_PACK(0,BN_F_BN_MOD_EXP_MONT_WORD,0),	"BN_mod_exp_mont_word"},
-{ERR_PACK(0,BN_F_BN_MOD_INVERSE,0),	"BN_mod_inverse"},
-{ERR_PACK(0,BN_F_BN_MOD_LSHIFT_QUICK,0),	"BN_mod_lshift_quick"},
-{ERR_PACK(0,BN_F_BN_MOD_MUL_RECIPROCAL,0),	"BN_mod_mul_reciprocal"},
-{ERR_PACK(0,BN_F_BN_MOD_SQRT,0),	"BN_mod_sqrt"},
-{ERR_PACK(0,BN_F_BN_MPI2BN,0),	"BN_mpi2bn"},
-{ERR_PACK(0,BN_F_BN_NEW,0),	"BN_new"},
-{ERR_PACK(0,BN_F_BN_RAND,0),	"BN_rand"},
-{ERR_PACK(0,BN_F_BN_RAND_RANGE,0),	"BN_rand_range"},
-{ERR_PACK(0,BN_F_BN_USUB,0),	"BN_usub"},
+{ERR_FUNC(BN_F_BNRAND),	"BNRAND"},
+{ERR_FUNC(BN_F_BN_BLINDING_CONVERT_EX),	"BN_BLINDING_convert_ex"},
+{ERR_FUNC(BN_F_BN_BLINDING_CREATE_PARAM),	"BN_BLINDING_create_param"},
+{ERR_FUNC(BN_F_BN_BLINDING_INVERT_EX),	"BN_BLINDING_invert_ex"},
+{ERR_FUNC(BN_F_BN_BLINDING_NEW),	"BN_BLINDING_new"},
+{ERR_FUNC(BN_F_BN_BLINDING_UPDATE),	"BN_BLINDING_update"},
+{ERR_FUNC(BN_F_BN_BN2DEC),	"BN_bn2dec"},
+{ERR_FUNC(BN_F_BN_BN2HEX),	"BN_bn2hex"},
+{ERR_FUNC(BN_F_BN_CTX_GET),	"BN_CTX_get"},
+{ERR_FUNC(BN_F_BN_CTX_NEW),	"BN_CTX_new"},
+{ERR_FUNC(BN_F_BN_CTX_START),	"BN_CTX_start"},
+{ERR_FUNC(BN_F_BN_DIV),	"BN_div"},
+{ERR_FUNC(BN_F_BN_DIV_NO_BRANCH),	"BN_div_no_branch"},
+{ERR_FUNC(BN_F_BN_DIV_RECP),	"BN_div_recp"},
+{ERR_FUNC(BN_F_BN_EXP),	"BN_exp"},
+{ERR_FUNC(BN_F_BN_EXPAND2),	"bn_expand2"},
+{ERR_FUNC(BN_F_BN_EXPAND_INTERNAL),	"BN_EXPAND_INTERNAL"},
+{ERR_FUNC(BN_F_BN_GF2M_MOD),	"BN_GF2m_mod"},
+{ERR_FUNC(BN_F_BN_GF2M_MOD_EXP),	"BN_GF2m_mod_exp"},
+{ERR_FUNC(BN_F_BN_GF2M_MOD_MUL),	"BN_GF2m_mod_mul"},
+{ERR_FUNC(BN_F_BN_GF2M_MOD_SOLVE_QUAD),	"BN_GF2m_mod_solve_quad"},
+{ERR_FUNC(BN_F_BN_GF2M_MOD_SOLVE_QUAD_ARR),	"BN_GF2m_mod_solve_quad_arr"},
+{ERR_FUNC(BN_F_BN_GF2M_MOD_SQR),	"BN_GF2m_mod_sqr"},
+{ERR_FUNC(BN_F_BN_GF2M_MOD_SQRT),	"BN_GF2m_mod_sqrt"},
+{ERR_FUNC(BN_F_BN_MOD_EXP2_MONT),	"BN_mod_exp2_mont"},
+{ERR_FUNC(BN_F_BN_MOD_EXP_MONT),	"BN_mod_exp_mont"},
+{ERR_FUNC(BN_F_BN_MOD_EXP_MONT_CONSTTIME),	"BN_mod_exp_mont_consttime"},
+{ERR_FUNC(BN_F_BN_MOD_EXP_MONT_WORD),	"BN_mod_exp_mont_word"},
+{ERR_FUNC(BN_F_BN_MOD_EXP_RECP),	"BN_mod_exp_recp"},
+{ERR_FUNC(BN_F_BN_MOD_EXP_SIMPLE),	"BN_mod_exp_simple"},
+{ERR_FUNC(BN_F_BN_MOD_INVERSE),	"BN_mod_inverse"},
+{ERR_FUNC(BN_F_BN_MOD_INVERSE_NO_BRANCH),	"BN_mod_inverse_no_branch"},
+{ERR_FUNC(BN_F_BN_MOD_LSHIFT_QUICK),	"BN_mod_lshift_quick"},
+{ERR_FUNC(BN_F_BN_MOD_MUL_RECIPROCAL),	"BN_mod_mul_reciprocal"},
+{ERR_FUNC(BN_F_BN_MOD_SQRT),	"BN_mod_sqrt"},
+{ERR_FUNC(BN_F_BN_MPI2BN),	"BN_mpi2bn"},
+{ERR_FUNC(BN_F_BN_NEW),	"BN_new"},
+{ERR_FUNC(BN_F_BN_RAND),	"BN_rand"},
+{ERR_FUNC(BN_F_BN_RAND_RANGE),	"BN_rand_range"},
+{ERR_FUNC(BN_F_BN_USUB),	"BN_usub"},
 {0,NULL}
 	};
 
 static ERR_STRING_DATA BN_str_reasons[]=
 	{
-{BN_R_ARG2_LT_ARG3                       ,"arg2 lt arg3"},
-{BN_R_BAD_RECIPROCAL                     ,"bad reciprocal"},
-{BN_R_BIGNUM_TOO_LONG                    ,"bignum too long"},
-{BN_R_CALLED_WITH_EVEN_MODULUS           ,"called with even modulus"},
-{BN_R_DIV_BY_ZERO                        ,"div by zero"},
-{BN_R_ENCODING_ERROR                     ,"encoding error"},
-{BN_R_EXPAND_ON_STATIC_BIGNUM_DATA       ,"expand on static bignum data"},
-{BN_R_INPUT_NOT_REDUCED                  ,"input not reduced"},
-{BN_R_INVALID_LENGTH                     ,"invalid length"},
-{BN_R_INVALID_RANGE                      ,"invalid range"},
-{BN_R_NOT_A_SQUARE                       ,"not a square"},
-{BN_R_NOT_IMPLEMENTED                    ,"not implemented"},
-{BN_R_NOT_INITIALIZED                    ,"not initialized"},
-{BN_R_NO_INVERSE                         ,"no inverse"},
-{BN_R_NO_SOLUTION                        ,"no solution"},
-{BN_R_P_IS_NOT_PRIME                     ,"p is not prime"},
-{BN_R_TOO_MANY_ITERATIONS                ,"too many iterations"},
-{BN_R_TOO_MANY_TEMPORARY_VARIABLES       ,"too many temporary variables"},
+{ERR_REASON(BN_R_ARG2_LT_ARG3)           ,"arg2 lt arg3"},
+{ERR_REASON(BN_R_BAD_RECIPROCAL)         ,"bad reciprocal"},
+{ERR_REASON(BN_R_BIGNUM_TOO_LONG)        ,"bignum too long"},
+{ERR_REASON(BN_R_CALLED_WITH_EVEN_MODULUS),"called with even modulus"},
+{ERR_REASON(BN_R_DIV_BY_ZERO)            ,"div by zero"},
+{ERR_REASON(BN_R_ENCODING_ERROR)         ,"encoding error"},
+{ERR_REASON(BN_R_EXPAND_ON_STATIC_BIGNUM_DATA),"expand on static bignum data"},
+{ERR_REASON(BN_R_INPUT_NOT_REDUCED)      ,"input not reduced"},
+{ERR_REASON(BN_R_INVALID_LENGTH)         ,"invalid length"},
+{ERR_REASON(BN_R_INVALID_RANGE)          ,"invalid range"},
+{ERR_REASON(BN_R_NOT_A_SQUARE)           ,"not a square"},
+{ERR_REASON(BN_R_NOT_INITIALIZED)        ,"not initialized"},
+{ERR_REASON(BN_R_NO_INVERSE)             ,"no inverse"},
+{ERR_REASON(BN_R_NO_SOLUTION)            ,"no solution"},
+{ERR_REASON(BN_R_P_IS_NOT_PRIME)         ,"p is not prime"},
+{ERR_REASON(BN_R_TOO_MANY_ITERATIONS)    ,"too many iterations"},
+{ERR_REASON(BN_R_TOO_MANY_TEMPORARY_VARIABLES),"too many temporary variables"},
 {0,NULL}
 	};
 
@@ -127,15 +139,12 @@ static ERR_STRING_DATA BN_str_reasons[]=
 
 void ERR_load_BN_strings(void)
 	{
-	static int init=1;
-
-	if (init)
-		{
-		init=0;
 #ifndef OPENSSL_NO_ERR
-		ERR_load_strings(ERR_LIB_BN,BN_str_functs);
-		ERR_load_strings(ERR_LIB_BN,BN_str_reasons);
-#endif
 
+	if (ERR_func_error_string(BN_str_functs[0].error) == NULL)
+		{
+		ERR_load_strings(0,BN_str_functs);
+		ERR_load_strings(0,BN_str_reasons);
 		}
+#endif
 	}
diff --git a/crypto/bn/bn_exp.c b/crypto/bn/bn_exp.c
index d6bb2b4397..d9b6c737fc 100644
--- a/crypto/bn/bn_exp.c
+++ b/crypto/bn/bn_exp.c
@@ -56,7 +56,7 @@
  * [including the GNU Public Licence.]
  */
 /* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1998-2005 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -113,6 +113,7 @@
 #include "cryptlib.h"
 #include "bn_lcl.h"
 
+/* maximum precomputation table size for *variable* sliding windows */
 #define TABLE_SIZE	32
 
 /* this one works - simple but works */
@@ -121,12 +122,20 @@ int BN_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
 	int i,bits,ret=0;
 	BIGNUM *v,*rr;
 
+	if (BN_get_flags(p, BN_FLG_CONSTTIME) != 0)
+		{
+		/* BN_FLG_CONSTTIME only supported by BN_mod_exp_mont() */
+		BNerr(BN_F_BN_EXP,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+		return -1;
+		}
+
 	BN_CTX_start(ctx);
 	if ((r == a) || (r == p))
 		rr = BN_CTX_get(ctx);
 	else
 		rr = r;
-	if ((v = BN_CTX_get(ctx)) == NULL) goto err;
+	v = BN_CTX_get(ctx);
+	if (rr == NULL || v == NULL) goto err;
 
 	if (BN_copy(v,a) == NULL) goto err;
 	bits=BN_num_bits(p);
@@ -205,7 +214,7 @@ int BN_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m,
 	if (BN_is_odd(m))
 		{
 #  ifdef MONT_EXP_WORD
-		if (a->top == 1 && !a->neg)
+		if (a->top == 1 && !a->neg && (BN_get_flags(p, BN_FLG_CONSTTIME) == 0))
 			{
 			BN_ULONG A = a->d[0];
 			ret=BN_mod_exp_mont_word(r,A,p,m,ctx,NULL);
@@ -237,6 +246,13 @@ int BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 	BIGNUM *val[TABLE_SIZE];
 	BN_RECP_CTX recp;
 
+	if (BN_get_flags(p, BN_FLG_CONSTTIME) != 0)
+		{
+		/* BN_FLG_CONSTTIME only supported by BN_mod_exp_mont() */
+		BNerr(BN_F_BN_MOD_EXP_RECP,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+		return -1;
+		}
+
 	bits=BN_num_bits(p);
 
 	if (bits == 0)
@@ -364,6 +380,11 @@ int BN_mod_exp_mont(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
 	BIGNUM *val[TABLE_SIZE];
 	BN_MONT_CTX *mont=NULL;
 
+	if (BN_get_flags(p, BN_FLG_CONSTTIME) != 0)
+		{
+		return BN_mod_exp_mont_consttime(rr, a, p, m, ctx, in_mont);
+		}
+
 	bn_check_top(a);
 	bn_check_top(p);
 	bn_check_top(m);
@@ -495,6 +516,212 @@ err:
 	return(ret);
 	}
 
+
+/* BN_mod_exp_mont_consttime() stores the precomputed powers in a specific layout
+ * so that accessing any of these table values shows the same access pattern as far
+ * as cache lines are concerned.  The following functions are used to transfer a BIGNUM
+ * from/to that table. */
+
+static int MOD_EXP_CTIME_COPY_TO_PREBUF(BIGNUM *b, int top, unsigned char *buf, int idx, int width)
+	{
+	size_t i, j;
+
+	if (bn_wexpand(b, top) == NULL)
+		return 0;
+	while (b->top < top)
+		{
+		b->d[b->top++] = 0;
+		}
+	
+	for (i = 0, j=idx; i < top * sizeof b->d[0]; i++, j+=width)
+		{
+		buf[j] = ((unsigned char*)b->d)[i];
+		}
+
+	bn_correct_top(b);
+	return 1;
+	}
+
+static int MOD_EXP_CTIME_COPY_FROM_PREBUF(BIGNUM *b, int top, unsigned char *buf, int idx, int width)
+	{
+	size_t i, j;
+
+	if (bn_wexpand(b, top) == NULL)
+		return 0;
+
+	for (i=0, j=idx; i < top * sizeof b->d[0]; i++, j+=width)
+		{
+		((unsigned char*)b->d)[i] = buf[j];
+		}
+
+	b->top = top;
+	bn_correct_top(b);
+	return 1;
+	}	
+
+/* Given a pointer value, compute the next address that is a cache line multiple. */
+#define MOD_EXP_CTIME_ALIGN(x_) \
+	((unsigned char*)(x_) + (MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH - (((BN_ULONG)(x_)) & (MOD_EXP_CTIME_MIN_CACHE_LINE_MASK))))
+
+/* This variant of BN_mod_exp_mont() uses fixed windows and the special
+ * precomputation memory layout to limit data-dependency to a minimum
+ * to protect secret exponents (cf. the hyper-threading timing attacks
+ * pointed out by Colin Percival,
+ * http://www.daemonology.net/hyperthreading-considered-harmful/)
+ */
+int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
+		    const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont)
+	{
+	int i,bits,ret=0,idx,window,wvalue;
+	int top;
+ 	BIGNUM *r;
+	const BIGNUM *aa;
+	BN_MONT_CTX *mont=NULL;
+
+	int numPowers;
+	unsigned char *powerbufFree=NULL;
+	int powerbufLen = 0;
+	unsigned char *powerbuf=NULL;
+	BIGNUM *computeTemp=NULL, *am=NULL;
+
+	bn_check_top(a);
+	bn_check_top(p);
+	bn_check_top(m);
+
+	top = m->top;
+
+	if (!(m->d[0] & 1))
+		{
+		BNerr(BN_F_BN_MOD_EXP_MONT_CONSTTIME,BN_R_CALLED_WITH_EVEN_MODULUS);
+		return(0);
+		}
+	bits=BN_num_bits(p);
+	if (bits == 0)
+		{
+		ret = BN_one(rr);
+		return ret;
+		}
+
+ 	/* Initialize BIGNUM context and allocate intermediate result */
+	BN_CTX_start(ctx);
+	r = BN_CTX_get(ctx);
+	if (r == NULL) goto err;
+
+	/* Allocate a montgomery context if it was not supplied by the caller.
+	 * If this is not done, things will break in the montgomery part.
+ 	 */
+	if (in_mont != NULL)
+		mont=in_mont;
+	else
+		{
+		if ((mont=BN_MONT_CTX_new()) == NULL) goto err;
+		if (!BN_MONT_CTX_set(mont,m,ctx)) goto err;
+		}
+
+	/* Get the window size to use with size of p. */
+	window = BN_window_bits_for_ctime_exponent_size(bits);
+
+	/* Allocate a buffer large enough to hold all of the pre-computed
+	 * powers of a.
+	 */
+	numPowers = 1 << window;
+	powerbufLen = sizeof(m->d[0])*top*numPowers;
+	if ((powerbufFree=(unsigned char*)OPENSSL_malloc(powerbufLen+MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH)) == NULL)
+		goto err;
+		
+	powerbuf = MOD_EXP_CTIME_ALIGN(powerbufFree);
+	memset(powerbuf, 0, powerbufLen);
+
+ 	/* Initialize the intermediate result. Do this early to save double conversion,
+	 * once each for a^0 and intermediate result.
+	 */
+ 	if (!BN_to_montgomery(r,BN_value_one(),mont,ctx)) goto err;
+	if (!MOD_EXP_CTIME_COPY_TO_PREBUF(r, top, powerbuf, 0, numPowers)) goto err;
+
+	/* Initialize computeTemp as a^1 with montgomery precalcs */
+	computeTemp = BN_CTX_get(ctx);
+	am = BN_CTX_get(ctx);
+	if (computeTemp==NULL || am==NULL) goto err;
+
+	if (a->neg || BN_ucmp(a,m) >= 0)
+		{
+		if (!BN_mod(am,a,m,ctx))
+			goto err;
+		aa= am;
+		}
+	else
+		aa=a;
+	if (!BN_to_montgomery(am,aa,mont,ctx)) goto err;
+	if (!BN_copy(computeTemp, am)) goto err;
+	if (!MOD_EXP_CTIME_COPY_TO_PREBUF(am, top, powerbuf, 1, numPowers)) goto err;
+
+	/* If the window size is greater than 1, then calculate
+	 * val[i=2..2^winsize-1]. Powers are computed as a*a^(i-1)
+	 * (even powers could instead be computed as (a^(i/2))^2
+	 * to use the slight performance advantage of sqr over mul).
+	 */
+	if (window > 1)
+		{
+		for (i=2; i<numPowers; i++)
+			{
+			/* Calculate a^i = a^(i-1) * a */
+			if (!BN_mod_mul_montgomery(computeTemp,am,computeTemp,mont,ctx))
+				goto err;
+			if (!MOD_EXP_CTIME_COPY_TO_PREBUF(computeTemp, top, powerbuf, i, numPowers)) goto err;
+			}
+		}
+
+ 	/* Adjust the number of bits up to a multiple of the window size.
+ 	 * If the exponent length is not a multiple of the window size, then
+ 	 * this pads the most significant bits with zeros to normalize the
+ 	 * scanning loop to there's no special cases.
+ 	 *
+ 	 * * NOTE: Making the window size a power of two less than the native
+	 * * word size ensures that the padded bits won't go past the last
+ 	 * * word in the internal BIGNUM structure. Going past the end will
+ 	 * * still produce the correct result, but causes a different branch
+ 	 * * to be taken in the BN_is_bit_set function.
+ 	 */
+ 	bits = ((bits+window-1)/window)*window;
+ 	idx=bits-1;	/* The top bit of the window */
+
+ 	/* Scan the exponent one window at a time starting from the most
+ 	 * significant bits.
+ 	 */
+ 	while (idx >= 0)
+  		{
+ 		wvalue=0; /* The 'value' of the window */
+ 		
+ 		/* Scan the window, squaring the result as we go */
+ 		for (i=0; i<window; i++,idx--)
+ 			{
+			if (!BN_mod_mul_montgomery(r,r,r,mont,ctx))	goto err;
+			wvalue = (wvalue<<1)+BN_is_bit_set(p,idx);
+  			}
+ 		
+		/* Fetch the appropriate pre-computed value from the pre-buf */
+		if (!MOD_EXP_CTIME_COPY_FROM_PREBUF(computeTemp, top, powerbuf, wvalue, numPowers)) goto err;
+
+ 		/* Multiply the result into the intermediate result */
+ 		if (!BN_mod_mul_montgomery(r,r,computeTemp,mont,ctx)) goto err;
+  		}
+
+ 	/* Convert the final result from montgomery to standard format */
+	if (!BN_from_montgomery(rr,r,mont,ctx)) goto err;
+	ret=1;
+err:
+	if ((in_mont == NULL) && (mont != NULL)) BN_MONT_CTX_free(mont);
+	if (powerbuf!=NULL)
+		{
+		OPENSSL_cleanse(powerbuf,powerbufLen);
+		OPENSSL_free(powerbufFree);
+		}
+ 	if (am!=NULL) BN_clear(am);
+ 	if (computeTemp!=NULL) BN_clear(computeTemp);
+	BN_CTX_end(ctx);
+	return(ret);
+	}
+
 int BN_mod_exp_mont_word(BIGNUM *rr, BN_ULONG a, const BIGNUM *p,
                          const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont)
 	{
@@ -519,6 +746,13 @@ int BN_mod_exp_mont_word(BIGNUM *rr, BN_ULONG a, const BIGNUM *p,
 #define BN_TO_MONTGOMERY_WORD(r, w, mont) \
 		(BN_set_word(r, (w)) && BN_to_montgomery(r, r, (mont), ctx))
 
+	if (BN_get_flags(p, BN_FLG_CONSTTIME) != 0)
+		{
+		/* BN_FLG_CONSTTIME only supported by BN_mod_exp_mont() */
+		BNerr(BN_F_BN_MOD_EXP_MONT_WORD,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+		return -1;
+		}
+
 	bn_check_top(p);
 	bn_check_top(m);
 
@@ -648,6 +882,13 @@ int BN_mod_exp_simple(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 	/* Table of variables obtained from 'ctx' */
 	BIGNUM *val[TABLE_SIZE];
 
+	if (BN_get_flags(p, BN_FLG_CONSTTIME) != 0)
+		{
+		/* BN_FLG_CONSTTIME only supported by BN_mod_exp_mont() */
+		BNerr(BN_F_BN_MOD_EXP_SIMPLE,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+		return -1;
+		}
+
 	bits=BN_num_bits(p);
 
 	if (bits == 0)
diff --git a/crypto/bn/bn_gcd.c b/crypto/bn/bn_gcd.c
index 0248753f6d..4a352119ba 100644
--- a/crypto/bn/bn_gcd.c
+++ b/crypto/bn/bn_gcd.c
@@ -203,6 +203,8 @@ err:
 
 
 /* solves ax == 1 (mod n) */
+static BIGNUM *BN_mod_inverse_no_branch(BIGNUM *in,
+        const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx);
 BIGNUM *BN_mod_inverse(BIGNUM *in,
 	const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx)
 	{
@@ -210,6 +212,11 @@ BIGNUM *BN_mod_inverse(BIGNUM *in,
 	BIGNUM *ret=NULL;
 	int sign;
 
+	if ((BN_get_flags(a, BN_FLG_CONSTTIME) != 0) || (BN_get_flags(n, BN_FLG_CONSTTIME) != 0))
+		{
+		return BN_mod_inverse_no_branch(in, a, n, ctx);
+		}
+
 	bn_check_top(a);
 	bn_check_top(n);
 
@@ -488,7 +495,160 @@ BIGNUM *BN_mod_inverse(BIGNUM *in,
 err:
 	if ((ret == NULL) && (in == NULL)) BN_free(R);
 	BN_CTX_end(ctx);
-	if (ret)
-		bn_check_top(ret);
+	bn_check_top(ret);
+	return(ret);
+	}
+
+
+/* BN_mod_inverse_no_branch is a special version of BN_mod_inverse. 
+ * It does not contain branches that may leak sensitive information.
+ */
+static BIGNUM *BN_mod_inverse_no_branch(BIGNUM *in,
+	const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx)
+	{
+	BIGNUM *A,*B,*X,*Y,*M,*D,*T,*R=NULL;
+	BIGNUM local_A, local_B;
+	BIGNUM *pA, *pB;
+	BIGNUM *ret=NULL;
+	int sign;
+
+	bn_check_top(a);
+	bn_check_top(n);
+
+	BN_CTX_start(ctx);
+	A = BN_CTX_get(ctx);
+	B = BN_CTX_get(ctx);
+	X = BN_CTX_get(ctx);
+	D = BN_CTX_get(ctx);
+	M = BN_CTX_get(ctx);
+	Y = BN_CTX_get(ctx);
+	T = BN_CTX_get(ctx);
+	if (T == NULL) goto err;
+
+	if (in == NULL)
+		R=BN_new();
+	else
+		R=in;
+	if (R == NULL) goto err;
+
+	BN_one(X);
+	BN_zero(Y);
+	if (BN_copy(B,a) == NULL) goto err;
+	if (BN_copy(A,n) == NULL) goto err;
+	A->neg = 0;
+
+	if (B->neg || (BN_ucmp(B, A) >= 0))
+		{
+		/* Turn BN_FLG_CONSTTIME flag on, so that when BN_div is invoked,
+	 	 * BN_div_no_branch will be called eventually.
+	 	 */
+		pB = &local_B;
+		BN_with_flags(pB, B, BN_FLG_CONSTTIME);	
+		if (!BN_nnmod(B, pB, A, ctx)) goto err;
+		}
+	sign = -1;
+	/* From  B = a mod |n|,  A = |n|  it follows that
+	 *
+	 *      0 <= B < A,
+	 *     -sign*X*a  ==  B   (mod |n|),
+	 *      sign*Y*a  ==  A   (mod |n|).
+	 */
+
+	while (!BN_is_zero(B))
+		{
+		BIGNUM *tmp;
+		
+		/*
+		 *      0 < B < A,
+		 * (*) -sign*X*a  ==  B   (mod |n|),
+		 *      sign*Y*a  ==  A   (mod |n|)
+		 */
+
+		/* Turn BN_FLG_CONSTTIME flag on, so that when BN_div is invoked,
+	 	 * BN_div_no_branch will be called eventually.
+	 	 */
+		pA = &local_A;
+		BN_with_flags(pA, A, BN_FLG_CONSTTIME);	
+		
+		/* (D, M) := (A/B, A%B) ... */		
+		if (!BN_div(D,M,pA,B,ctx)) goto err;
+		
+		/* Now
+		 *      A = D*B + M;
+		 * thus we have
+		 * (**)  sign*Y*a  ==  D*B + M   (mod |n|).
+		 */
+		
+		tmp=A; /* keep the BIGNUM object, the value does not matter */
+		
+		/* (A, B) := (B, A mod B) ... */
+		A=B;
+		B=M;
+		/* ... so we have  0 <= B < A  again */
+		
+		/* Since the former  M  is now  B  and the former  B  is now  A,
+		 * (**) translates into
+		 *       sign*Y*a  ==  D*A + B    (mod |n|),
+		 * i.e.
+		 *       sign*Y*a - D*A  ==  B    (mod |n|).
+		 * Similarly, (*) translates into
+		 *      -sign*X*a  ==  A          (mod |n|).
+		 *
+		 * Thus,
+		 *   sign*Y*a + D*sign*X*a  ==  B  (mod |n|),
+		 * i.e.
+		 *        sign*(Y + D*X)*a  ==  B  (mod |n|).
+		 *
+		 * So if we set  (X, Y, sign) := (Y + D*X, X, -sign),  we arrive back at
+		 *      -sign*X*a  ==  B   (mod |n|),
+		 *       sign*Y*a  ==  A   (mod |n|).
+		 * Note that  X  and  Y  stay non-negative all the time.
+		 */
+			
+		if (!BN_mul(tmp,D,X,ctx)) goto err;
+		if (!BN_add(tmp,tmp,Y)) goto err;
+
+		M=Y; /* keep the BIGNUM object, the value does not matter */
+		Y=X;
+		X=tmp;
+		sign = -sign;
+		}
+		
+	/*
+	 * The while loop (Euclid's algorithm) ends when
+	 *      A == gcd(a,n);
+	 * we have
+	 *       sign*Y*a  ==  A  (mod |n|),
+	 * where  Y  is non-negative.
+	 */
+
+	if (sign < 0)
+		{
+		if (!BN_sub(Y,n,Y)) goto err;
+		}
+	/* Now  Y*a  ==  A  (mod |n|).  */
+
+	if (BN_is_one(A))
+		{
+		/* Y*a == 1  (mod |n|) */
+		if (!Y->neg && BN_ucmp(Y,n) < 0)
+			{
+			if (!BN_copy(R,Y)) goto err;
+			}
+		else
+			{
+			if (!BN_nnmod(R,Y,n,ctx)) goto err;
+			}
+		}
+	else
+		{
+		BNerr(BN_F_BN_MOD_INVERSE_NO_BRANCH,BN_R_NO_INVERSE);
+		goto err;
+		}
+	ret=R;
+err:
+	if ((ret == NULL) && (in == NULL)) BN_free(R);
+	BN_CTX_end(ctx);
+	bn_check_top(ret);
 	return(ret);
 	}
diff --git a/crypto/bn/bn_gf2m.c b/crypto/bn/bn_gf2m.c
index 8a945f043f..f7551dacd9 100644
--- a/crypto/bn/bn_gf2m.c
+++ b/crypto/bn/bn_gf2m.c
@@ -121,74 +121,12 @@ static const BN_ULONG SQR_tb[16] =
     SQR_tb[(w) >> 12 & 0xF] << 24 | SQR_tb[(w) >>  8 & 0xF] << 16 | \
     SQR_tb[(w) >>  4 & 0xF] <<  8 | SQR_tb[(w)       & 0xF]
 #endif
-#ifdef SIXTEEN_BIT
-#define SQR1(w) \
-    SQR_tb[(w) >> 12 & 0xF] <<  8 | SQR_tb[(w) >>  8 & 0xF]
-#define SQR0(w) \
-    SQR_tb[(w) >>  4 & 0xF] <<  8 | SQR_tb[(w)       & 0xF]
-#endif
-#ifdef EIGHT_BIT
-#define SQR1(w) \
-    SQR_tb[(w) >>  4 & 0xF]
-#define SQR0(w) \
-    SQR_tb[(w)       & 15]
-#endif
 
 /* Product of two polynomials a, b each with degree < BN_BITS2 - 1,
  * result is a polynomial r with degree < 2 * BN_BITS - 1
  * The caller MUST ensure that the variables have the right amount
  * of space allocated.
  */
-#ifdef EIGHT_BIT
-static void bn_GF2m_mul_1x1(BN_ULONG *r1, BN_ULONG *r0, const BN_ULONG a, const BN_ULONG b)
-	{
-	register BN_ULONG h, l, s;
-	BN_ULONG tab[4], top1b = a >> 7;
-	register BN_ULONG a1, a2;
-
-	a1 = a & (0x7F); a2 = a1 << 1;
-
-	tab[0] = 0; tab[1] = a1; tab[2] = a2; tab[3] = a1^a2;
-
-	s = tab[b      & 0x3]; l  = s;
-	s = tab[b >> 2 & 0x3]; l ^= s << 2; h  = s >> 6;
-	s = tab[b >> 4 & 0x3]; l ^= s << 4; h ^= s >> 4;
-	s = tab[b >> 6      ]; l ^= s << 6; h ^= s >> 2;
-	
-	/* compensate for the top bit of a */
-
-	if (top1b & 01) { l ^= b << 7; h ^= b >> 1; } 
-
-	*r1 = h; *r0 = l;
-	} 
-#endif
-#ifdef SIXTEEN_BIT
-static void bn_GF2m_mul_1x1(BN_ULONG *r1, BN_ULONG *r0, const BN_ULONG a, const BN_ULONG b)
-	{
-	register BN_ULONG h, l, s;
-	BN_ULONG tab[4], top1b = a >> 15; 
-	register BN_ULONG a1, a2;
-
-	a1 = a & (0x7FFF); a2 = a1 << 1;
-
-	tab[0] = 0; tab[1] = a1; tab[2] = a2; tab[3] = a1^a2;
-
-	s = tab[b      & 0x3]; l  = s;
-	s = tab[b >> 2 & 0x3]; l ^= s <<  2; h  = s >> 14;
-	s = tab[b >> 4 & 0x3]; l ^= s <<  4; h ^= s >> 12;
-	s = tab[b >> 6 & 0x3]; l ^= s <<  6; h ^= s >> 10;
-	s = tab[b >> 8 & 0x3]; l ^= s <<  8; h ^= s >>  8;
-	s = tab[b >>10 & 0x3]; l ^= s << 10; h ^= s >>  6;
-	s = tab[b >>12 & 0x3]; l ^= s << 12; h ^= s >>  4;
-	s = tab[b >>14      ]; l ^= s << 14; h ^= s >>  2;
-
-	/* compensate for the top bit of a */
-
-	if (top1b & 01) { l ^= b << 15; h ^= b >> 1; } 
-
-	*r1 = h; *r0 = l;
-	} 
-#endif
 #ifdef THIRTY_TWO_BIT
 static void bn_GF2m_mul_1x1(BN_ULONG *r1, BN_ULONG *r0, const BN_ULONG a, const BN_ULONG b)
 	{
@@ -320,7 +258,7 @@ int	BN_GF2m_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b)
 
 
 /* Performs modular reduction of a and store result in r.  r could be a. */
-int BN_GF2m_mod_arr(BIGNUM *r, const BIGNUM *a, const unsigned int p[])
+int BN_GF2m_mod_arr(BIGNUM *r, const BIGNUM *a, const int p[])
 	{
 	int j, k;
 	int n, dN, d0, d1;
@@ -384,7 +322,11 @@ int BN_GF2m_mod_arr(BIGNUM *r, const BIGNUM *a, const unsigned int p[])
 		if (zz == 0) break;
 		d1 = BN_BITS2 - d0;
 		
-		if (d0) z[dN] = (z[dN] << d1) >> d1; /* clear up the top d1 bits */
+		/* clear up the top d1 bits */
+		if (d0)
+			z[dN] = (z[dN] << d1) >> d1;
+		else
+			z[dN] = 0;
 		z[0] ^= zz; /* reduction t^0 component */
 
 		for (k = 1; p[k] != 0; k++)
@@ -417,11 +359,11 @@ int BN_GF2m_mod_arr(BIGNUM *r, const BIGNUM *a, const unsigned int p[])
 int	BN_GF2m_mod(BIGNUM *r, const BIGNUM *a, const BIGNUM *p)
 	{
 	int ret = 0;
-	const int max = BN_num_bits(p);
-	unsigned int *arr=NULL;
+	const int max = BN_num_bits(p) + 1;
+	int *arr=NULL;
 	bn_check_top(a);
 	bn_check_top(p);
-	if ((arr = (unsigned int *)OPENSSL_malloc(sizeof(unsigned int) * max)) == NULL) goto err;
+	if ((arr = (int *)OPENSSL_malloc(sizeof(int) * max)) == NULL) goto err;
 	ret = BN_GF2m_poly2arr(p, arr, max);
 	if (!ret || ret > max)
 		{
@@ -439,7 +381,7 @@ err:
 /* Compute the product of two polynomials a and b, reduce modulo p, and store
  * the result in r.  r could be a or b; a could be b.
  */
-int	BN_GF2m_mod_mul_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const unsigned int p[], BN_CTX *ctx)
+int	BN_GF2m_mod_mul_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const int p[], BN_CTX *ctx)
 	{
 	int zlen, i, j, k, ret = 0;
 	BIGNUM *s;
@@ -495,12 +437,12 @@ err:
 int	BN_GF2m_mod_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *p, BN_CTX *ctx)
 	{
 	int ret = 0;
-	const int max = BN_num_bits(p);
-	unsigned int *arr=NULL;
+	const int max = BN_num_bits(p) + 1;
+	int *arr=NULL;
 	bn_check_top(a);
 	bn_check_top(b);
 	bn_check_top(p);
-	if ((arr = (unsigned int *)OPENSSL_malloc(sizeof(unsigned int) * max)) == NULL) goto err;
+	if ((arr = (int *)OPENSSL_malloc(sizeof(int) * max)) == NULL) goto err;
 	ret = BN_GF2m_poly2arr(p, arr, max);
 	if (!ret || ret > max)
 		{
@@ -516,7 +458,7 @@ err:
 
 
 /* Square a, reduce the result mod p, and store it in a.  r could be a. */
-int	BN_GF2m_mod_sqr_arr(BIGNUM *r, const BIGNUM *a, const unsigned int p[], BN_CTX *ctx)
+int	BN_GF2m_mod_sqr_arr(BIGNUM *r, const BIGNUM *a, const int p[], BN_CTX *ctx)
 	{
 	int i, ret = 0;
 	BIGNUM *s;
@@ -551,12 +493,12 @@ err:
 int	BN_GF2m_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
 	{
 	int ret = 0;
-	const int max = BN_num_bits(p);
-	unsigned int *arr=NULL;
+	const int max = BN_num_bits(p) + 1;
+	int *arr=NULL;
 
 	bn_check_top(a);
 	bn_check_top(p);
-	if ((arr = (unsigned int *)OPENSSL_malloc(sizeof(unsigned int) * max)) == NULL) goto err;
+	if ((arr = (int *)OPENSSL_malloc(sizeof(int) * max)) == NULL) goto err;
 	ret = BN_GF2m_poly2arr(p, arr, max);
 	if (!ret || ret > max)
 		{
@@ -638,7 +580,7 @@ err:
  * function is only provided for convenience; for best performance, use the 
  * BN_GF2m_mod_inv function.
  */
-int BN_GF2m_mod_inv_arr(BIGNUM *r, const BIGNUM *xx, const unsigned int p[], BN_CTX *ctx)
+int BN_GF2m_mod_inv_arr(BIGNUM *r, const BIGNUM *xx, const int p[], BN_CTX *ctx)
 	{
 	BIGNUM *field;
 	int ret = 0;
@@ -764,7 +706,7 @@ err:
  * function is only provided for convenience; for best performance, use the 
  * BN_GF2m_mod_div function.
  */
-int BN_GF2m_mod_div_arr(BIGNUM *r, const BIGNUM *yy, const BIGNUM *xx, const unsigned int p[], BN_CTX *ctx)
+int BN_GF2m_mod_div_arr(BIGNUM *r, const BIGNUM *yy, const BIGNUM *xx, const int p[], BN_CTX *ctx)
 	{
 	BIGNUM *field;
 	int ret = 0;
@@ -789,7 +731,7 @@ err:
  * the result in r.  r could be a.
  * Uses simple square-and-multiply algorithm A.5.1 from IEEE P1363.
  */
-int	BN_GF2m_mod_exp_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const unsigned int p[], BN_CTX *ctx)
+int	BN_GF2m_mod_exp_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const int p[], BN_CTX *ctx)
 	{
 	int ret = 0, i, n;
 	BIGNUM *u;
@@ -835,12 +777,12 @@ err:
 int BN_GF2m_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *p, BN_CTX *ctx)
 	{
 	int ret = 0;
-	const int max = BN_num_bits(p);
-	unsigned int *arr=NULL;
+	const int max = BN_num_bits(p) + 1;
+	int *arr=NULL;
 	bn_check_top(a);
 	bn_check_top(b);
 	bn_check_top(p);
-	if ((arr = (unsigned int *)OPENSSL_malloc(sizeof(unsigned int) * max)) == NULL) goto err;
+	if ((arr = (int *)OPENSSL_malloc(sizeof(int) * max)) == NULL) goto err;
 	ret = BN_GF2m_poly2arr(p, arr, max);
 	if (!ret || ret > max)
 		{
@@ -858,7 +800,7 @@ err:
  * the result in r.  r could be a.
  * Uses exponentiation as in algorithm A.4.1 from IEEE P1363.
  */
-int	BN_GF2m_mod_sqrt_arr(BIGNUM *r, const BIGNUM *a, const unsigned int p[], BN_CTX *ctx)
+int	BN_GF2m_mod_sqrt_arr(BIGNUM *r, const BIGNUM *a, const int p[], BN_CTX *ctx)
 	{
 	int ret = 0;
 	BIGNUM *u;
@@ -894,15 +836,15 @@ err:
 int BN_GF2m_mod_sqrt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
 	{
 	int ret = 0;
-	const int max = BN_num_bits(p);
-	unsigned int *arr=NULL;
+	const int max = BN_num_bits(p) + 1;
+	int *arr=NULL;
 	bn_check_top(a);
 	bn_check_top(p);
-	if ((arr = (unsigned int *)OPENSSL_malloc(sizeof(unsigned int) * max)) == NULL) goto err;
+	if ((arr = (int *)OPENSSL_malloc(sizeof(int) * max)) == NULL) goto err;
 	ret = BN_GF2m_poly2arr(p, arr, max);
 	if (!ret || ret > max)
 		{
-		BNerr(BN_F_BN_GF2M_MOD_EXP,BN_R_INVALID_LENGTH);
+		BNerr(BN_F_BN_GF2M_MOD_SQRT,BN_R_INVALID_LENGTH);
 		goto err;
 		}
 	ret = BN_GF2m_mod_sqrt_arr(r, a, arr, ctx);
@@ -915,10 +857,9 @@ err:
 /* Find r such that r^2 + r = a mod p.  r could be a. If no r exists returns 0.
  * Uses algorithms A.4.7 and A.4.6 from IEEE P1363.
  */
-int BN_GF2m_mod_solve_quad_arr(BIGNUM *r, const BIGNUM *a_, const unsigned int p[], BN_CTX *ctx)
+int BN_GF2m_mod_solve_quad_arr(BIGNUM *r, const BIGNUM *a_, const int p[], BN_CTX *ctx)
 	{
-	int ret = 0, count = 0;
-	unsigned int j;
+	int ret = 0, count = 0, j;
 	BIGNUM *a, *z, *rho, *w, *w2, *tmp;
 
 	bn_check_top(a_);
@@ -1013,11 +954,11 @@ err:
 int BN_GF2m_mod_solve_quad(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
 	{
 	int ret = 0;
-	const int max = BN_num_bits(p);
-	unsigned int *arr=NULL;
+	const int max = BN_num_bits(p) + 1;
+	int *arr=NULL;
 	bn_check_top(a);
 	bn_check_top(p);
-	if ((arr = (unsigned int *)OPENSSL_malloc(sizeof(unsigned int) *
+	if ((arr = (int *)OPENSSL_malloc(sizeof(int) *
 						max)) == NULL) goto err;
 	ret = BN_GF2m_poly2arr(p, arr, max);
 	if (!ret || ret > max)
@@ -1033,20 +974,17 @@ err:
 	}
 
 /* Convert the bit-string representation of a polynomial
- * ( \sum_{i=0}^n a_i * x^i , where a_0 is *not* zero) into an array
- * of integers corresponding to the bits with non-zero coefficient.
+ * ( \sum_{i=0}^n a_i * x^i) into an array of integers corresponding 
+ * to the bits with non-zero coefficient.  Array is terminated with -1.
  * Up to max elements of the array will be filled.  Return value is total
- * number of coefficients that would be extracted if array was large enough.
+ * number of array elements that would be filled if array was large enough.
  */
-int BN_GF2m_poly2arr(const BIGNUM *a, unsigned int p[], int max)
+int BN_GF2m_poly2arr(const BIGNUM *a, int p[], int max)
 	{
 	int i, j, k = 0;
 	BN_ULONG mask;
 
-	if (BN_is_zero(a) || !BN_is_bit_set(a, 0))
-		/* a_0 == 0 => return error (the unsigned int array
-		 * must be terminated by 0)
-		 */
+	if (BN_is_zero(a))
 		return 0;
 
 	for (i = a->top - 1; i >= 0; i--)
@@ -1066,23 +1004,28 @@ int BN_GF2m_poly2arr(const BIGNUM *a, unsigned int p[], int max)
 			}
 		}
 
+	if (k < max) {
+		p[k] = -1;
+		k++;
+	}
+
 	return k;
 	}
 
 /* Convert the coefficient array representation of a polynomial to a 
- * bit-string.  The array must be terminated by 0.
+ * bit-string.  The array must be terminated by -1.
  */
-int BN_GF2m_arr2poly(const unsigned int p[], BIGNUM *a)
+int BN_GF2m_arr2poly(const int p[], BIGNUM *a)
 	{
 	int i;
 
 	bn_check_top(a);
 	BN_zero(a);
-	for (i = 0; p[i] != 0; i++)
+	for (i = 0; p[i] != -1; i++)
 		{
-		BN_set_bit(a, p[i]);
+		if (BN_set_bit(a, p[i]) == 0)
+			return 0;
 		}
-	BN_set_bit(a, 0);
 	bn_check_top(a);
 
 	return 1;
diff --git a/crypto/bn/bn_lcl.h b/crypto/bn/bn_lcl.h
index 45e19221aa..d7dff0d90c 100644
--- a/crypto/bn/bn_lcl.h
+++ b/crypto/bn/bn_lcl.h
@@ -163,6 +163,45 @@ extern "C" {
 
 
 
+/* BN_mod_exp_mont_conttime is based on the assumption that the
+ * L1 data cache line width of the target processor is at least
+ * the following value.
+ */
+#define MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH	( 64 )
+#define MOD_EXP_CTIME_MIN_CACHE_LINE_MASK	(MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH - 1)
+
+/* Window sizes optimized for fixed window size modular exponentiation
+ * algorithm (BN_mod_exp_mont_consttime).
+ *
+ * To achieve the security goals of BN_mode_exp_mont_consttime, the
+ * maximum size of the window must not exceed
+ * log_2(MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH). 
+ *
+ * Window size thresholds are defined for cache line sizes of 32 and 64,
+ * cache line sizes where log_2(32)=5 and log_2(64)=6 respectively. A
+ * window size of 7 should only be used on processors that have a 128
+ * byte or greater cache line size.
+ */
+#if MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH == 64
+
+#  define BN_window_bits_for_ctime_exponent_size(b) \
+		((b) > 937 ? 6 : \
+		 (b) > 306 ? 5 : \
+		 (b) >  89 ? 4 : \
+		 (b) >  22 ? 3 : 1)
+#  define BN_MAX_WINDOW_BITS_FOR_CTIME_EXPONENT_SIZE	(6)
+
+#elif MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH == 32
+
+#  define BN_window_bits_for_ctime_exponent_size(b) \
+		((b) > 306 ? 5 : \
+		 (b) >  89 ? 4 : \
+		 (b) >  22 ? 3 : 1)
+#  define BN_MAX_WINDOW_BITS_FOR_CTIME_EXPONENT_SIZE	(5)
+
+#endif
+
+
 /* Pentium pro 16,16,16,32,64 */
 /* Alpha       16,16,16,16.64 */
 #define BN_MULL_SIZE_NORMAL			(16) /* 32 */
@@ -199,7 +238,7 @@ extern "C" {
 #  if defined(__DECC)
 #   include <c_asm.h>
 #   define BN_UMULT_HIGH(a,b)	(BN_ULONG)asm("umulh %a0,%a1,%v0",(a),(b))
-#  elif defined(__GNUC__)
+#  elif defined(__GNUC__) && __GNUC__>=2
 #   define BN_UMULT_HIGH(a,b)	({	\
 	register BN_ULONG ret;		\
 	asm ("umulh	%1,%2,%0"	\
@@ -208,7 +247,7 @@ extern "C" {
 	ret;			})
 #  endif	/* compiler */
 # elif defined(_ARCH_PPC) && defined(__64BIT__) && defined(SIXTY_FOUR_BIT_LONG)
-#  if defined(__GNUC__)
+#  if defined(__GNUC__) && __GNUC__>=2
 #   define BN_UMULT_HIGH(a,b)	({	\
 	register BN_ULONG ret;		\
 	asm ("mulhdu	%0,%1,%2"	\
@@ -216,8 +255,9 @@ extern "C" {
 	     : "r"(a), "r"(b));		\
 	ret;			})
 #  endif	/* compiler */
-# elif defined(__x86_64) && defined(SIXTY_FOUR_BIT_LONG)
-#  if defined(__GNUC__)
+# elif (defined(__x86_64) || defined(__x86_64__)) && \
+       (defined(SIXTY_FOUR_BIT_LONG) || defined(SIXTY_FOUR_BIT))
+#  if defined(__GNUC__) && __GNUC__>=2
 #   define BN_UMULT_HIGH(a,b)	({	\
 	register BN_ULONG ret,discard;	\
 	asm ("mulq	%3"		\
@@ -231,6 +271,28 @@ extern "C" {
 		: "a"(a),"g"(b)		\
 		: "cc");
 #  endif
+# elif (defined(_M_AMD64) || defined(_M_X64)) && defined(SIXTY_FOUR_BIT)
+#  if defined(_MSC_VER) && _MSC_VER>=1400
+    unsigned __int64 __umulh	(unsigned __int64 a,unsigned __int64 b);
+    unsigned __int64 _umul128	(unsigned __int64 a,unsigned __int64 b,
+				 unsigned __int64 *h);
+#   pragma intrinsic(__umulh,_umul128)
+#   define BN_UMULT_HIGH(a,b)		__umulh((a),(b))
+#   define BN_UMULT_LOHI(low,high,a,b)	((low)=_umul128((a),(b),&(high)))
+#  endif
+# elif defined(__mips) && (defined(SIXTY_FOUR_BIT) || defined(SIXTY_FOUR_BIT_LONG))
+#  if defined(__GNUC__) && __GNUC__>=2
+#   define BN_UMULT_HIGH(a,b)	({	\
+	register BN_ULONG ret;		\
+	asm ("dmultu	%1,%2"		\
+	     : "=h"(ret)		\
+	     : "r"(a), "r"(b) : "l");	\
+	ret;			})
+#   define BN_UMULT_LOHI(low,high,a,b)	\
+	asm ("dmultu	%2,%3"		\
+	     : "=l"(low),"=h"(high)	\
+	     : "r"(a), "r"(b));
+#  endif
 # endif		/* cpu */
 #endif		/* OPENSSL_NO_ASM */
 
@@ -274,6 +336,33 @@ extern "C" {
 	(r1)=Hw(t); \
 	}
 
+#elif defined(BN_UMULT_LOHI)
+#define mul_add(r,a,w,c) {		\
+	BN_ULONG high,low,ret,tmp=(a);	\
+	ret =  (r);			\
+	BN_UMULT_LOHI(low,high,w,tmp);	\
+	ret += (c);			\
+	(c) =  (ret<(c))?1:0;		\
+	(c) += high;			\
+	ret += low;			\
+	(c) += (ret<low)?1:0;		\
+	(r) =  ret;			\
+	}
+
+#define mul(r,a,w,c)	{		\
+	BN_ULONG high,low,ret,ta=(a);	\
+	BN_UMULT_LOHI(low,high,w,ta);	\
+	ret =  low + (c);		\
+	(c) =  high;			\
+	(c) += (ret<low)?1:0;		\
+	(r) =  ret;			\
+	}
+
+#define sqr(r0,r1,a)	{		\
+	BN_ULONG tmp=(a);		\
+	BN_UMULT_LOHI(r0,r1,tmp,tmp);	\
+	}
+
 #elif defined(BN_UMULT_HIGH)
 #define mul_add(r,a,w,c) {		\
 	BN_ULONG high,low,ret,tmp=(a);	\
@@ -406,6 +495,7 @@ BN_ULONG bn_add_part_words(BN_ULONG *r, const BN_ULONG *a, const BN_ULONG *b,
 	int cl, int dl);
 BN_ULONG bn_sub_part_words(BN_ULONG *r, const BN_ULONG *a, const BN_ULONG *b,
 	int cl, int dl);
+int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, const BN_ULONG *np,const BN_ULONG *n0, int num);
 
 #ifdef  __cplusplus
 }
diff --git a/crypto/bn/bn_lib.c b/crypto/bn/bn_lib.c
index bbefd80309..5470fbe6ef 100644
--- a/crypto/bn/bn_lib.c
+++ b/crypto/bn/bn_lib.c
@@ -67,7 +67,7 @@
 #include "cryptlib.h"
 #include "bn_lcl.h"
 
-const char *BN_version="Big Number" OPENSSL_VERSION_PTEXT;
+const char BN_version[]="Big Number" OPENSSL_VERSION_PTEXT;
 
 /* This stuff appears to be completely unused, so is deprecated */
 #ifndef OPENSSL_NO_DEPRECATED
@@ -133,8 +133,8 @@ int BN_get_params(int which)
 
 const BIGNUM *BN_value_one(void)
 	{
-	static BN_ULONG data_one=1L;
-	static BIGNUM const_one={&data_one,1,1,0,BN_FLG_STATIC_DATA};
+	static const BN_ULONG data_one=1L;
+	static const BIGNUM const_one={(BN_ULONG *)&data_one,1,1,0,BN_FLG_STATIC_DATA};
 
 	return(&const_one);
 	}
@@ -160,7 +160,7 @@ char *BN_options(void)
 
 int BN_num_bits_word(BN_ULONG l)
 	{
-	static const char bits[256]={
+	static const unsigned char bits[256]={
 		0,1,2,2,3,3,3,3,4,4,4,4,4,4,4,4,
 		5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,
 		6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,
@@ -235,7 +235,7 @@ int BN_num_bits_word(BN_ULONG l)
 		else
 #endif
 			{
-#if defined(SIXTEEN_BIT) || defined(THIRTY_TWO_BIT) || defined(SIXTY_FOUR_BIT) || defined(SIXTY_FOUR_BIT_LONG)
+#if defined(THIRTY_TWO_BIT) || defined(SIXTY_FOUR_BIT) || defined(SIXTY_FOUR_BIT_LONG)
 			if (l & 0xff00L)
 				return(bits[(int)(l>>8)]+8);
 			else	
@@ -531,46 +531,6 @@ BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b)
 	return(a);
 	}
 
-BIGNUM *BN_ncopy(BIGNUM *a, const BIGNUM *b, size_t n)
-	{
-	int i, min;
-	BN_ULONG *A;
-	const BN_ULONG *B;
-
-	bn_check_top(b);
-	if (a == b)
-		return a;
-
-	min = (b->top < (int)n)? b->top: (int)n;
-	if (!min)
-		{
-		BN_zero(a);
-		return a;
-		}
-	if (bn_wexpand(a, min) == NULL)
-		return NULL;
-
-	A=a->d;
-	B=b->d;
-	for (i=min>>2; i>0; i--, A+=4, B+=4)
-		{
-		BN_ULONG a0,a1,a2,a3;
-		a0=B[0]; a1=B[1]; a2=B[2]; a3=B[3];
-		A[0]=a0; A[1]=a1; A[2]=a2; A[3]=a3;
-		}
-	switch (min&3)
-		{
-		case 3: A[2]=B[2];
-		case 2: A[1]=B[1];
-		case 1: A[0]=B[0];
-		case 0: ;
-		}
-	a->top = min;
-	a->neg = b->neg;
-	bn_correct_top(a);
-	return(a);
-	}
-
 void BN_swap(BIGNUM *a, BIGNUM *b)
 	{
 	int flags_old_a, flags_old_b;
@@ -803,7 +763,7 @@ int BN_is_bit_set(const BIGNUM *a, int n)
 	i=n/BN_BITS2;
 	j=n%BN_BITS2;
 	if (a->top <= i) return 0;
-	return((a->d[i]&(((BN_ULONG)1)<<j))?1:0);
+	return (int)(((a->d[i])>>j)&((BN_ULONG)1));
 	}
 
 int BN_mask_bits(BIGNUM *a, int n)
@@ -827,6 +787,14 @@ int BN_mask_bits(BIGNUM *a, int n)
 	return(1);
 	}
 
+void BN_set_negative(BIGNUM *a, int b)
+	{
+	if (b && !BN_is_zero(a))
+		a->neg = 1;
+	else
+		a->neg = 0;
+	}
+
 int bn_cmp_words(const BN_ULONG *a, const BN_ULONG *b, int n)
 	{
 	int i;
diff --git a/crypto/bn/bn_mont.c b/crypto/bn/bn_mont.c
index 61416483cb..7224637ab3 100644
--- a/crypto/bn/bn_mont.c
+++ b/crypto/bn/bn_mont.c
@@ -55,6 +55,59 @@
  * copied and put under another distribution licence
  * [including the GNU Public Licence.]
  */
+/* ====================================================================
+ * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
 
 /*
  * Details about Montgomery multiplication algorithms can be found at
@@ -69,11 +122,30 @@
 
 #define MONT_WORD /* use the faster word-based algorithm */
 
+#ifdef MONT_WORD
+static int BN_from_montgomery_word(BIGNUM *ret, BIGNUM *r, BN_MONT_CTX *mont);
+#endif
+
 int BN_mod_mul_montgomery(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
 			  BN_MONT_CTX *mont, BN_CTX *ctx)
 	{
 	BIGNUM *tmp;
 	int ret=0;
+#if defined(OPENSSL_BN_ASM_MONT) && defined(MONT_WORD)
+	int num = mont->N.top;
+
+	if (num>1 && a->top==num && b->top==num)
+		{
+		if (bn_wexpand(r,num) == NULL) return(0);
+		if (bn_mul_mont(r->d,a->d,b->d,mont->N.d,mont->n0,num))
+			{
+			r->neg = a->neg^b->neg;
+			r->top = num;
+			bn_correct_top(r);
+			return(1);
+			}
+		}
+#endif
 
 	BN_CTX_start(ctx);
 	tmp = BN_CTX_get(ctx);
@@ -89,7 +161,11 @@ int BN_mod_mul_montgomery(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
 		if (!BN_mul(tmp,a,b,ctx)) goto err;
 		}
 	/* reduce from aRR to aR */
+#ifdef MONT_WORD
+	if (!BN_from_montgomery_word(r,tmp,mont)) goto err;
+#else
 	if (!BN_from_montgomery(r,tmp,mont,ctx)) goto err;
+#endif
 	bn_check_top(r);
 	ret=1;
 err:
@@ -97,35 +173,25 @@ err:
 	return(ret);
 	}
 
-int BN_from_montgomery(BIGNUM *ret, const BIGNUM *a, BN_MONT_CTX *mont,
-	     BN_CTX *ctx)
-	{
-	int retn=0;
-
 #ifdef MONT_WORD
-	BIGNUM *n,*r;
+static int BN_from_montgomery_word(BIGNUM *ret, BIGNUM *r, BN_MONT_CTX *mont)
+	{
+	BIGNUM *n;
 	BN_ULONG *ap,*np,*rp,n0,v,*nrp;
 	int al,nl,max,i,x,ri;
 
-	BN_CTX_start(ctx);
-	if ((r = BN_CTX_get(ctx)) == NULL) goto err;
-
-	if (!BN_copy(r,a)) goto err;
 	n= &(mont->N);
-
-	ap=a->d;
 	/* mont->ri is the size of mont->N in bits (rounded up
 	   to the word size) */
 	al=ri=mont->ri/BN_BITS2;
-	
+
 	nl=n->top;
-	if ((al == 0) || (nl == 0)) { r->top=0; return(1); }
+	if ((al == 0) || (nl == 0)) { ret->top=0; return(1); }
 
 	max=(nl+al+1); /* allow for overflow (no?) XXX */
-	if (bn_wexpand(r,max) == NULL) goto err;
-	if (bn_wexpand(ret,max) == NULL) goto err;
+	if (bn_wexpand(r,max) == NULL) return(0);
 
-	r->neg=a->neg^n->neg;
+	r->neg^=n->neg;
 	np=n->d;
 	rp=r->d;
 	nrp= &(r->d[nl]);
@@ -139,10 +205,10 @@ int BN_from_montgomery(BIGNUM *ret, const BIGNUM *a, BN_MONT_CTX *mont,
 #endif
 
 	r->top=max;
-	n0=mont->n0;
+	n0=mont->n0[0];
 
 #ifdef BN_COUNT
-	fprintf(stderr,"word BN_from_montgomery %d * %d\n",nl,nl);
+	fprintf(stderr,"word BN_from_montgomery_word %d * %d\n",nl,nl);
 #endif
 	for (i=0; i<nl; i++)
 		{
@@ -174,20 +240,72 @@ int BN_from_montgomery(BIGNUM *ret, const BIGNUM *a, BN_MONT_CTX *mont,
 			}
 		}
 	bn_correct_top(r);
-	
-	/* mont->ri will be a multiple of the word size */
-#if 0
-	BN_rshift(ret,r,mont->ri);
-#else
-	ret->neg = r->neg;
-	x=ri;
+
+	/* mont->ri will be a multiple of the word size and below code
+	 * is kind of BN_rshift(ret,r,mont->ri) equivalent */
+	if (r->top <= ri)
+		{
+		ret->top=0;
+		return(1);
+		}
+	al=r->top-ri;
+
+#define BRANCH_FREE 1
+#if BRANCH_FREE
+	if (bn_wexpand(ret,ri) == NULL) return(0);
+	x=0-(((al-ri)>>(sizeof(al)*8-1))&1);
+	ret->top=x=(ri&~x)|(al&x);	/* min(ri,al) */
+	ret->neg=r->neg;
+
 	rp=ret->d;
-	ap= &(r->d[x]);
-	if (r->top < x)
-		al=0;
-	else
-		al=r->top-x;
+	ap=&(r->d[ri]);
+
+	{
+	size_t m1,m2;
+
+	v=bn_sub_words(rp,ap,np,ri);
+	/* this ----------------^^ works even in al<ri case
+	 * thanks to zealous zeroing of top of the vector in the
+	 * beginning. */
+
+	/* if (al==ri && !v) || al>ri) nrp=rp; else nrp=ap; */
+	/* in other words if subtraction result is real, then
+	 * trick unconditional memcpy below to perform in-place
+	 * "refresh" instead of actual copy. */
+	m1=0-(size_t)(((al-ri)>>(sizeof(al)*8-1))&1);	/* al<ri */
+	m2=0-(size_t)(((ri-al)>>(sizeof(al)*8-1))&1);	/* al>ri */
+	m1|=m2;			/* (al!=ri) */
+	m1|=(0-(size_t)v);	/* (al!=ri || v) */
+	m1&=~m2;		/* (al!=ri || v) && !al>ri */
+	nrp=(BN_ULONG *)(((size_t)rp&~m1)|((size_t)ap&m1));
+	}
+
+	/* 'i<ri' is chosen to eliminate dependency on input data, even
+	 * though it results in redundant copy in al<ri case. */
+	for (i=0,ri-=4; i<ri; i+=4)
+		{
+		BN_ULONG t1,t2,t3,t4;
+		
+		t1=nrp[i+0];
+		t2=nrp[i+1];
+		t3=nrp[i+2];	ap[i+0]=0;
+		t4=nrp[i+3];	ap[i+1]=0;
+		rp[i+0]=t1;	ap[i+2]=0;
+		rp[i+1]=t2;	ap[i+3]=0;
+		rp[i+2]=t3;
+		rp[i+3]=t4;
+		}
+	for (ri+=4; i<ri; i++)
+		rp[i]=nrp[i], ap[i]=0;
+	bn_correct_top(r);
+	bn_correct_top(ret);
+#else
+	if (bn_wexpand(ret,al) == NULL) return(0);
 	ret->top=al;
+	ret->neg=r->neg;
+
+	rp=ret->d;
+	ap=&(r->d[ri]);
 	al-=4;
 	for (i=0; i<al; i+=4)
 		{
@@ -205,8 +323,30 @@ int BN_from_montgomery(BIGNUM *ret, const BIGNUM *a, BN_MONT_CTX *mont,
 	al+=4;
 	for (; i<al; i++)
 		rp[i]=ap[i];
+
+	if (BN_ucmp(ret, &(mont->N)) >= 0)
+		{
+		if (!BN_usub(ret,ret,&(mont->N))) return(0);
+		}
 #endif
-#else /* !MONT_WORD */ 
+	bn_check_top(ret);
+
+	return(1);
+	}
+#endif	/* MONT_WORD */
+
+int BN_from_montgomery(BIGNUM *ret, const BIGNUM *a, BN_MONT_CTX *mont,
+	     BN_CTX *ctx)
+	{
+	int retn=0;
+#ifdef MONT_WORD
+	BIGNUM *t;
+
+	BN_CTX_start(ctx);
+	if ((t = BN_CTX_get(ctx)) && BN_copy(t,a))
+		retn = BN_from_montgomery_word(ret,t,mont);
+	BN_CTX_end(ctx);
+#else /* !MONT_WORD */
 	BIGNUM *t1,*t2;
 
 	BN_CTX_start(ctx);
@@ -223,7 +363,6 @@ int BN_from_montgomery(BIGNUM *ret, const BIGNUM *a, BN_MONT_CTX *mont,
 	if (!BN_mul(t1,t2,&mont->N,ctx)) goto err;
 	if (!BN_add(t2,a,t1)) goto err;
 	if (!BN_rshift(ret,t2,mont->ri)) goto err;
-#endif /* MONT_WORD */
 
 	if (BN_ucmp(ret, &(mont->N)) >= 0)
 		{
@@ -233,6 +372,7 @@ int BN_from_montgomery(BIGNUM *ret, const BIGNUM *a, BN_MONT_CTX *mont,
 	bn_check_top(ret);
  err:
 	BN_CTX_end(ctx);
+#endif /* MONT_WORD */
 	return(retn);
 	}
 
@@ -254,6 +394,7 @@ void BN_MONT_CTX_init(BN_MONT_CTX *ctx)
 	BN_init(&(ctx->RR));
 	BN_init(&(ctx->N));
 	BN_init(&(ctx->Ni));
+	ctx->n0[0] = ctx->n0[1] = 0;
 	ctx->flags=0;
 	}
 
@@ -285,16 +426,55 @@ int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *mod, BN_CTX *ctx)
 		BIGNUM tmod;
 		BN_ULONG buf[2];
 
+		BN_init(&tmod);
+		tmod.d=buf;
+		tmod.dmax=2;
+		tmod.neg=0;
+
 		mont->ri=(BN_num_bits(mod)+(BN_BITS2-1))/BN_BITS2*BN_BITS2;
+
+#if defined(OPENSSL_BN_ASM_MONT) && (BN_BITS2<=32)
+		/* Only certain BN_BITS2<=32 platforms actually make use of
+		 * n0[1], and we could use the #else case (with a shorter R
+		 * value) for the others.  However, currently only the assembler
+		 * files do know which is which. */
+
+		BN_zero(R);
+		if (!(BN_set_bit(R,2*BN_BITS2))) goto err;
+
+								tmod.top=0;
+		if ((buf[0] = mod->d[0]))			tmod.top=1;
+		if ((buf[1] = mod->top>1 ? mod->d[1] : 0))	tmod.top=2;
+
+		if ((BN_mod_inverse(Ri,R,&tmod,ctx)) == NULL)
+			goto err;
+		if (!BN_lshift(Ri,Ri,2*BN_BITS2)) goto err; /* R*Ri */
+		if (!BN_is_zero(Ri))
+			{
+			if (!BN_sub_word(Ri,1)) goto err;
+			}
+		else /* if N mod word size == 1 */
+			{
+			if (bn_expand(Ri,(int)sizeof(BN_ULONG)*2) == NULL)
+				goto err;
+			/* Ri-- (mod double word size) */
+			Ri->neg=0;
+			Ri->d[0]=BN_MASK2;
+			Ri->d[1]=BN_MASK2;
+			Ri->top=2;
+			}
+		if (!BN_div(Ri,NULL,Ri,&tmod,ctx)) goto err;
+		/* Ni = (R*Ri-1)/N,
+		 * keep only couple of least significant words: */
+		mont->n0[0] = (Ri->top > 0) ? Ri->d[0] : 0;
+		mont->n0[1] = (Ri->top > 1) ? Ri->d[1] : 0;
+#else
 		BN_zero(R);
 		if (!(BN_set_bit(R,BN_BITS2))) goto err;	/* R */
 
 		buf[0]=mod->d[0]; /* tmod = N mod word size */
 		buf[1]=0;
-		tmod.d=buf;
-		tmod.top=1;
-		tmod.dmax=2;
-		tmod.neg=0;
+		tmod.top = buf[0] != 0 ? 1 : 0;
 							/* Ri = R^-1 mod N*/
 		if ((BN_mod_inverse(Ri,R,&tmod,ctx)) == NULL)
 			goto err;
@@ -310,7 +490,9 @@ int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *mod, BN_CTX *ctx)
 		if (!BN_div(Ri,NULL,Ri,&tmod,ctx)) goto err;
 		/* Ni = (R*Ri-1)/N,
 		 * keep only least significant word: */
-		mont->n0 = (Ri->top > 0) ? Ri->d[0] : 0;
+		mont->n0[0] = (Ri->top > 0) ? Ri->d[0] : 0;
+		mont->n0[1] = 0;
+#endif
 		}
 #else /* !MONT_WORD */
 		{ /* bignum version */
@@ -346,7 +528,40 @@ BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to, BN_MONT_CTX *from)
 	if (!BN_copy(&(to->N),&(from->N))) return NULL;
 	if (!BN_copy(&(to->Ni),&(from->Ni))) return NULL;
 	to->ri=from->ri;
-	to->n0=from->n0;
+	to->n0[0]=from->n0[0];
+	to->n0[1]=from->n0[1];
 	return(to);
 	}
 
+BN_MONT_CTX *BN_MONT_CTX_set_locked(BN_MONT_CTX **pmont, int lock,
+					const BIGNUM *mod, BN_CTX *ctx)
+	{
+	int got_write_lock = 0;
+	BN_MONT_CTX *ret;
+
+	CRYPTO_r_lock(lock);
+	if (!*pmont)
+		{
+		CRYPTO_r_unlock(lock);
+		CRYPTO_w_lock(lock);
+		got_write_lock = 1;
+
+		if (!*pmont)
+			{
+			ret = BN_MONT_CTX_new();
+			if (ret && !BN_MONT_CTX_set(ret, mod, ctx))
+				BN_MONT_CTX_free(ret);
+			else
+				*pmont = ret;
+			}
+		}
+	
+	ret = *pmont;
+	
+	if (got_write_lock)
+		CRYPTO_w_unlock(lock);
+	else
+		CRYPTO_r_unlock(lock);
+		
+	return ret;
+	}
diff --git a/crypto/bn/bn_mul.c b/crypto/bn/bn_mul.c
index aec1eafc65..a0e9ec3b46 100644
--- a/crypto/bn/bn_mul.c
+++ b/crypto/bn/bn_mul.c
@@ -389,6 +389,7 @@ BN_ULONG bn_add_part_words(BN_ULONG *r,
  * a[0]*b[0]+a[1]*b[1]+(a[0]-a[1])*(b[1]-b[0])
  * a[1]*b[1]
  */
+/* dnX may not be positive, but n2/2+dnX has to be */
 void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2,
 	int dna, int dnb, BN_ULONG *t)
 	{
@@ -398,7 +399,7 @@ void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2,
 	BN_ULONG ln,lo,*p;
 
 # ifdef BN_COUNT
-	fprintf(stderr," bn_mul_recursive %d * %d\n",n2,n2);
+	fprintf(stderr," bn_mul_recursive %d%+d * %d%+d\n",n2,dna,n2,dnb);
 # endif
 # ifdef BN_MUL_COMBA
 #  if 0
@@ -545,6 +546,7 @@ void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2,
 
 /* n+tn is the word length
  * t needs to be n*4 is size, as does r */
+/* tnX may not be negative but less than n */
 void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n,
 	     int tna, int tnb, BN_ULONG *t)
 	{
@@ -553,8 +555,8 @@ void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n,
 	BN_ULONG ln,lo,*p;
 
 # ifdef BN_COUNT
-	fprintf(stderr," bn_mul_part_recursive (%d+%d) * (%d+%d)\n",
-		tna, n, tnb, n);
+	fprintf(stderr," bn_mul_part_recursive (%d%+d) * (%d%+d)\n",
+		n, tna, n, tnb);
 # endif
 	if (n < 8)
 		{
@@ -655,14 +657,17 @@ void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n,
 				for (;;)
 					{
 					i/=2;
-					if (i < tna && i < tnb)
+					/* these simplified conditions work
+					 * exclusively because difference
+					 * between tna and tnb is 1 or 0 */
+					if (i < tna || i < tnb)
 						{
 						bn_mul_part_recursive(&(r[n2]),
 							&(a[n]),&(b[n]),
 							i,tna-i,tnb-i,p);
 						break;
 						}
-					else if (i <= tna && i <= tnb)
+					else if (i == tna || i == tnb)
 						{
 						bn_mul_recursive(&(r[n2]),
 							&(a[n]),&(b[n]),
@@ -1023,17 +1028,19 @@ int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
 			assert(j <= al || j <= bl);
 			k = j+j;
 			t = BN_CTX_get(ctx);
+			if (t == NULL)
+				goto err;
 			if (al > j || bl > j)
 				{
-				bn_wexpand(t,k*4);
-				bn_wexpand(rr,k*4);
+				if (bn_wexpand(t,k*4) == NULL) goto err;
+				if (bn_wexpand(rr,k*4) == NULL) goto err;
 				bn_mul_part_recursive(rr->d,a->d,b->d,
 					j,al-j,bl-j,t->d);
 				}
 			else	/* al <= j || bl <= j */
 				{
-				bn_wexpand(t,k*2);
-				bn_wexpand(rr,k*2);
+				if (bn_wexpand(t,k*2) == NULL) goto err;
+				if (bn_wexpand(rr,k*2) == NULL) goto err;
 				bn_mul_recursive(rr->d,a->d,b->d,
 					j,al-j,bl-j,t->d);
 				}
diff --git a/crypto/bn/bn_nist.c b/crypto/bn/bn_nist.c
index bbe2cbe749..2ca5b01391 100644
--- a/crypto/bn/bn_nist.c
+++ b/crypto/bn/bn_nist.c
@@ -1,6 +1,9 @@
 /* crypto/bn/bn_nist.c */
+/*
+ * Written by Nils Larsch for the OpenSSL project
+ */
 /* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1998-2005 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -56,795 +59,778 @@
 #include "bn_lcl.h"
 #include "cryptlib.h"
 
+
 #define BN_NIST_192_TOP	(192+BN_BITS2-1)/BN_BITS2
 #define BN_NIST_224_TOP	(224+BN_BITS2-1)/BN_BITS2
 #define BN_NIST_256_TOP	(256+BN_BITS2-1)/BN_BITS2
 #define BN_NIST_384_TOP	(384+BN_BITS2-1)/BN_BITS2
 #define BN_NIST_521_TOP	(521+BN_BITS2-1)/BN_BITS2
 
+/* pre-computed tables are "carry-less" values of modulus*(i+1) */
 #if BN_BITS2 == 64
-const static BN_ULONG _nist_p_192[] =
-	{0xFFFFFFFFFFFFFFFFULL,0xFFFFFFFFFFFFFFFEULL,
-	0xFFFFFFFFFFFFFFFFULL};
-const static BN_ULONG _nist_p_224[] =
+static const BN_ULONG _nist_p_192[][BN_NIST_192_TOP] = {
+	{0xFFFFFFFFFFFFFFFFULL,0xFFFFFFFFFFFFFFFEULL,0xFFFFFFFFFFFFFFFFULL},
+	{0xFFFFFFFFFFFFFFFEULL,0xFFFFFFFFFFFFFFFDULL,0xFFFFFFFFFFFFFFFFULL},
+	{0xFFFFFFFFFFFFFFFDULL,0xFFFFFFFFFFFFFFFCULL,0xFFFFFFFFFFFFFFFFULL}
+	};
+static const BN_ULONG _nist_p_192_sqr[] = {
+	0x0000000000000001ULL,0x0000000000000002ULL,0x0000000000000001ULL,
+	0xFFFFFFFFFFFFFFFEULL,0xFFFFFFFFFFFFFFFDULL,0xFFFFFFFFFFFFFFFFULL
+	};
+static const BN_ULONG _nist_p_224[][BN_NIST_224_TOP] = {
 	{0x0000000000000001ULL,0xFFFFFFFF00000000ULL,
-	0xFFFFFFFFFFFFFFFFULL,0x00000000FFFFFFFFULL};
-const static BN_ULONG _nist_p_256[] =
+	 0xFFFFFFFFFFFFFFFFULL,0x00000000FFFFFFFFULL},
+	{0x0000000000000002ULL,0xFFFFFFFE00000000ULL,
+	 0xFFFFFFFFFFFFFFFFULL,0x00000001FFFFFFFFULL} /* this one is "carry-full" */
+	};
+static const BN_ULONG _nist_p_224_sqr[] = {
+	0x0000000000000001ULL,0xFFFFFFFE00000000ULL,
+	0xFFFFFFFFFFFFFFFFULL,0x0000000200000000ULL,
+	0x0000000000000000ULL,0xFFFFFFFFFFFFFFFEULL,
+	0xFFFFFFFFFFFFFFFFULL
+	};
+static const BN_ULONG _nist_p_256[][BN_NIST_256_TOP] = {
 	{0xFFFFFFFFFFFFFFFFULL,0x00000000FFFFFFFFULL,
-	0x0000000000000000ULL,0xFFFFFFFF00000001ULL};
-const static BN_ULONG _nist_p_384[] =
-	{0x00000000FFFFFFFFULL,0xFFFFFFFF00000000ULL,
-	0xFFFFFFFFFFFFFFFEULL,0xFFFFFFFFFFFFFFFFULL,
-	0xFFFFFFFFFFFFFFFFULL,0xFFFFFFFFFFFFFFFFULL};
-const static BN_ULONG _nist_p_521[] =
+	 0x0000000000000000ULL,0xFFFFFFFF00000001ULL},
+	{0xFFFFFFFFFFFFFFFEULL,0x00000001FFFFFFFFULL,
+	 0x0000000000000000ULL,0xFFFFFFFE00000002ULL},
+	{0xFFFFFFFFFFFFFFFDULL,0x00000002FFFFFFFFULL,
+	 0x0000000000000000ULL,0xFFFFFFFD00000003ULL},
+	{0xFFFFFFFFFFFFFFFCULL,0x00000003FFFFFFFFULL,
+	 0x0000000000000000ULL,0xFFFFFFFC00000004ULL},
+	{0xFFFFFFFFFFFFFFFBULL,0x00000004FFFFFFFFULL,
+	 0x0000000000000000ULL,0xFFFFFFFB00000005ULL},
+	};
+static const BN_ULONG _nist_p_256_sqr[] = {
+	0x0000000000000001ULL,0xFFFFFFFE00000000ULL,
+	0xFFFFFFFFFFFFFFFFULL,0x00000001FFFFFFFEULL,
+	0x00000001FFFFFFFEULL,0x00000001FFFFFFFEULL,
+	0xFFFFFFFE00000001ULL,0xFFFFFFFE00000002ULL
+	};
+static const BN_ULONG _nist_p_384[][BN_NIST_384_TOP] = {
+	{0x00000000FFFFFFFFULL,0xFFFFFFFF00000000ULL,0xFFFFFFFFFFFFFFFEULL,
+	 0xFFFFFFFFFFFFFFFFULL,0xFFFFFFFFFFFFFFFFULL,0xFFFFFFFFFFFFFFFFULL},
+	{0x00000001FFFFFFFEULL,0xFFFFFFFE00000000ULL,0xFFFFFFFFFFFFFFFDULL,
+	 0xFFFFFFFFFFFFFFFFULL,0xFFFFFFFFFFFFFFFFULL,0xFFFFFFFFFFFFFFFFULL},
+	{0x00000002FFFFFFFDULL,0xFFFFFFFD00000000ULL,0xFFFFFFFFFFFFFFFCULL,
+	 0xFFFFFFFFFFFFFFFFULL,0xFFFFFFFFFFFFFFFFULL,0xFFFFFFFFFFFFFFFFULL},
+	{0x00000003FFFFFFFCULL,0xFFFFFFFC00000000ULL,0xFFFFFFFFFFFFFFFBULL,
+	 0xFFFFFFFFFFFFFFFFULL,0xFFFFFFFFFFFFFFFFULL,0xFFFFFFFFFFFFFFFFULL},
+	{0x00000004FFFFFFFBULL,0xFFFFFFFB00000000ULL,0xFFFFFFFFFFFFFFFAULL,
+	 0xFFFFFFFFFFFFFFFFULL,0xFFFFFFFFFFFFFFFFULL,0xFFFFFFFFFFFFFFFFULL},
+	};
+static const BN_ULONG _nist_p_384_sqr[] = {
+	0xFFFFFFFE00000001ULL,0x0000000200000000ULL,0xFFFFFFFE00000000ULL,
+	0x0000000200000000ULL,0x0000000000000001ULL,0x0000000000000000ULL,
+	0x00000001FFFFFFFEULL,0xFFFFFFFE00000000ULL,0xFFFFFFFFFFFFFFFDULL,
+	0xFFFFFFFFFFFFFFFFULL,0xFFFFFFFFFFFFFFFFULL,0xFFFFFFFFFFFFFFFFULL
+	};
+static const BN_ULONG _nist_p_521[] =
 	{0xFFFFFFFFFFFFFFFFULL,0xFFFFFFFFFFFFFFFFULL,
 	0xFFFFFFFFFFFFFFFFULL,0xFFFFFFFFFFFFFFFFULL,
 	0xFFFFFFFFFFFFFFFFULL,0xFFFFFFFFFFFFFFFFULL,
 	0xFFFFFFFFFFFFFFFFULL,0xFFFFFFFFFFFFFFFFULL,
 	0x00000000000001FFULL};
+static const BN_ULONG _nist_p_521_sqr[] = {
+	0x0000000000000001ULL,0x0000000000000000ULL,0x0000000000000000ULL,
+	0x0000000000000000ULL,0x0000000000000000ULL,0x0000000000000000ULL,
+	0x0000000000000000ULL,0x0000000000000000ULL,0xFFFFFFFFFFFFFC00ULL,
+	0xFFFFFFFFFFFFFFFFULL,0xFFFFFFFFFFFFFFFFULL,0xFFFFFFFFFFFFFFFFULL,
+	0xFFFFFFFFFFFFFFFFULL,0xFFFFFFFFFFFFFFFFULL,0xFFFFFFFFFFFFFFFFULL,
+	0xFFFFFFFFFFFFFFFFULL,0x000000000003FFFFULL
+	};
 #elif BN_BITS2 == 32
-const static BN_ULONG _nist_p_192[] = {0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFE,
-	0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFF};
-const static BN_ULONG _nist_p_224[] = {0x00000001,0x00000000,0x00000000,
-	0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFF};
-const static BN_ULONG _nist_p_256[] = {0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFF,
-	0x00000000,0x00000000,0x00000000,0x00000001,0xFFFFFFFF};
-const static BN_ULONG _nist_p_384[] = {0xFFFFFFFF,0x00000000,0x00000000,
-	0xFFFFFFFF,0xFFFFFFFE,0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFF,
-	0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFF};
-const static BN_ULONG _nist_p_521[] = {0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFF,
+static const BN_ULONG _nist_p_192[][BN_NIST_192_TOP] = {
+	{0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFE,0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFF},
+	{0xFFFFFFFE,0xFFFFFFFF,0xFFFFFFFD,0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFF},
+	{0xFFFFFFFD,0xFFFFFFFF,0xFFFFFFFC,0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFF}
+	};
+static const BN_ULONG _nist_p_192_sqr[] = {
+	0x00000001,0x00000000,0x00000002,0x00000000,0x00000001,0x00000000,
+	0xFFFFFFFE,0xFFFFFFFF,0xFFFFFFFD,0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFF
+	};
+static const BN_ULONG _nist_p_224[][BN_NIST_224_TOP] = {
+	{0x00000001,0x00000000,0x00000000,0xFFFFFFFF,
+	 0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFF},
+	{0x00000002,0x00000000,0x00000000,0xFFFFFFFE,
+	 0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFF}
+	};
+static const BN_ULONG _nist_p_224_sqr[] = {
+	0x00000001,0x00000000,0x00000000,0xFFFFFFFE,
+	0xFFFFFFFF,0xFFFFFFFF,0x00000000,0x00000002,
+	0x00000000,0x00000000,0xFFFFFFFE,0xFFFFFFFF,
+	0xFFFFFFFF,0xFFFFFFFF
+	};
+static const BN_ULONG _nist_p_256[][BN_NIST_256_TOP] = {
+	{0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFF,0x00000000,
+	 0x00000000,0x00000000,0x00000001,0xFFFFFFFF},
+	{0xFFFFFFFE,0xFFFFFFFF,0xFFFFFFFF,0x00000001,
+	 0x00000000,0x00000000,0x00000002,0xFFFFFFFE},
+	{0xFFFFFFFD,0xFFFFFFFF,0xFFFFFFFF,0x00000002,
+	 0x00000000,0x00000000,0x00000003,0xFFFFFFFD},
+	{0xFFFFFFFC,0xFFFFFFFF,0xFFFFFFFF,0x00000003,
+	 0x00000000,0x00000000,0x00000004,0xFFFFFFFC},
+	{0xFFFFFFFB,0xFFFFFFFF,0xFFFFFFFF,0x00000004,
+	 0x00000000,0x00000000,0x00000005,0xFFFFFFFB},
+	};
+static const BN_ULONG _nist_p_256_sqr[] = {
+	0x00000001,0x00000000,0x00000000,0xFFFFFFFE,
+	0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFE,0x00000001,
+	0xFFFFFFFE,0x00000001,0xFFFFFFFE,0x00000001,
+	0x00000001,0xFFFFFFFE,0x00000002,0xFFFFFFFE
+	};
+static const BN_ULONG _nist_p_384[][BN_NIST_384_TOP] = {
+	{0xFFFFFFFF,0x00000000,0x00000000,0xFFFFFFFF,0xFFFFFFFE,0xFFFFFFFF,
+	 0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFF},
+	{0xFFFFFFFE,0x00000001,0x00000000,0xFFFFFFFE,0xFFFFFFFD,0xFFFFFFFF,
+	 0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFF},
+	{0xFFFFFFFD,0x00000002,0x00000000,0xFFFFFFFD,0xFFFFFFFC,0xFFFFFFFF,
+	 0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFF},
+	{0xFFFFFFFC,0x00000003,0x00000000,0xFFFFFFFC,0xFFFFFFFB,0xFFFFFFFF,
+	 0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFF},
+	{0xFFFFFFFB,0x00000004,0x00000000,0xFFFFFFFB,0xFFFFFFFA,0xFFFFFFFF,
+	 0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFF},
+	};
+static const BN_ULONG _nist_p_384_sqr[] = {
+	0x00000001,0xFFFFFFFE,0x00000000,0x00000002,0x00000000,0xFFFFFFFE,
+	0x00000000,0x00000002,0x00000001,0x00000000,0x00000000,0x00000000,
+	0xFFFFFFFE,0x00000001,0x00000000,0xFFFFFFFE,0xFFFFFFFD,0xFFFFFFFF,
+	0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFF
+	};
+static const BN_ULONG _nist_p_521[] = {0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFF,
 	0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFF,
 	0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFF,
 	0xFFFFFFFF,0x000001FF};
-#elif BN_BITS2 == 16
-const static BN_ULONG _nist_p_192[] = {0xFFFF,0xFFFF,0xFFFF,0xFFFF,0xFFFE,
-	0xFFFF,0xFFFF,0xFFFF,0xFFFF,0xFFFF,0xFFFF,0xFFFF};
-const static BN_ULONG _nist_p_224[] = {0x0001,0x0000,0x0000,0x0000,0x0000,
-	0x0000,0xFFFF,0xFFFF,0xFFFF,0xFFFF,0xFFFF,0xFFFF,0xFFFF,0xFFFF};
-const static BN_ULONG _nist_p_256[] = {0xFFFF,0xFFFF,0xFFFF,0xFFFF,0xFFFF,
-	0xFFFF,0x0000,0x0000,0x0000,0x0000,0x0000,0x0000,0x0001,0x0000,0xFFFF,
-	0xFFFF};
-const static BN_ULONG _nist_p_384[] = {0xFFFF,0xFFFF,0x0000,0x0000,0x0000,
-	0x0000,0xFFFF,0xFFFF,0xFFFE,0xFFFF,0xFFFF,0xFFFF,0xFFFF,0xFFFF,0xFFFF,
-	0xFFFF,0xFFFF,0xFFFF,0xFFFF,0xFFFF,0xFFFF,0xFFFF,0xFFFF,0xFFFF};
-const static BN_ULONG _nist_p_521[] = {0xFFFF,0xFFFF,0xFFFF,0xFFFF,0xFFFF,
-	0xFFFF,0xFFFF,0xFFFF,0xFFFF,0xFFFF,0xFFFF,0xFFFF,0xFFFF,0xFFFF,0xFFFF,
-	0xFFFF,0xFFFF,0xFFFF,0xFFFF,0xFFFF,0xFFFF,0xFFFF,0xFFFF,0xFFFF,0xFFFF,
-	0xFFFF,0xFFFF,0xFFFF,0xFFFF,0xFFFF,0xFFFF,0xFFFF,0x01FF};
-#elif BN_BITS2 == 8
-const static BN_ULONG _nist_p_192[] = {0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
-	0xFE,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
-	0xFF,0xFF};
-const static BN_ULONG _nist_p_224[] = {0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
-	0x00,0x00,0x00,0x00,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
-	0xFF,0xFF,0xFF,0xFF,0xFF,0xFF};
-const static BN_ULONG _nist_p_256[] = {0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
-	0xFF,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
-	0x00,0x00,0x01,0x00,0x00,0x00,0xFF,0xFF,0xFF,0xFF};
-const static BN_ULONG _nist_p_384[] = {0xFF,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,
-	0x00,0x00,0x00,0x00,0xFF,0xFF,0xFF,0xFF,0xFE,0xFF,0xFF,0xFF,0xFF,0xFF,
-	0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
-	0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF};
-const static BN_ULONG _nist_p_521[] = {0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
-	0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
-	0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
-	0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
-	0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
-	0xFF,0x01};
+static const BN_ULONG _nist_p_521_sqr[] = {
+	0x00000001,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,
+	0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,
+	0x00000000,0x00000000,0x00000000,0x00000000,0xFFFFFC00,0xFFFFFFFF,
+	0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFF,
+	0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFF,
+	0xFFFFFFFF,0xFFFFFFFF,0x0003FFFF
+	};
+#else
+#error "unsupported BN_BITS2"
 #endif
 
+
+static const BIGNUM _bignum_nist_p_192 =
+	{
+	(BN_ULONG *)_nist_p_192[0],
+	BN_NIST_192_TOP,
+	BN_NIST_192_TOP,
+	0,
+	BN_FLG_STATIC_DATA
+	};
+
+static const BIGNUM _bignum_nist_p_224 =
+	{
+	(BN_ULONG *)_nist_p_224[0],
+	BN_NIST_224_TOP,
+	BN_NIST_224_TOP,
+	0,
+	BN_FLG_STATIC_DATA
+	};
+
+static const BIGNUM _bignum_nist_p_256 =
+	{
+	(BN_ULONG *)_nist_p_256[0],
+	BN_NIST_256_TOP,
+	BN_NIST_256_TOP,
+	0,
+	BN_FLG_STATIC_DATA
+	};
+
+static const BIGNUM _bignum_nist_p_384 =
+	{
+	(BN_ULONG *)_nist_p_384[0],
+	BN_NIST_384_TOP,
+	BN_NIST_384_TOP,
+	0,
+	BN_FLG_STATIC_DATA
+	};
+
+static const BIGNUM _bignum_nist_p_521 =
+	{
+	(BN_ULONG *)_nist_p_521,
+	BN_NIST_521_TOP,
+	BN_NIST_521_TOP,
+	0,
+	BN_FLG_STATIC_DATA
+	};
+
+
 const BIGNUM *BN_get0_nist_prime_192(void)
 	{
-	static BIGNUM const_nist_192 = { (BN_ULONG *)_nist_p_192,
-		BN_NIST_192_TOP, BN_NIST_192_TOP, 0, BN_FLG_STATIC_DATA };
-	return &const_nist_192;
+	return &_bignum_nist_p_192;
 	}
 
 const BIGNUM *BN_get0_nist_prime_224(void)
 	{
-	static BIGNUM const_nist_224 = { (BN_ULONG *)_nist_p_224,
-		BN_NIST_224_TOP, BN_NIST_224_TOP, 0, BN_FLG_STATIC_DATA };
-	return &const_nist_224;
+	return &_bignum_nist_p_224;
 	}
 
 const BIGNUM *BN_get0_nist_prime_256(void)
 	{
-	static BIGNUM const_nist_256 = { (BN_ULONG *)_nist_p_256,
-		BN_NIST_256_TOP, BN_NIST_256_TOP, 0, BN_FLG_STATIC_DATA };
-	return &const_nist_256;
+	return &_bignum_nist_p_256;
 	}
 
 const BIGNUM *BN_get0_nist_prime_384(void)
 	{
-	static BIGNUM const_nist_384 = { (BN_ULONG *)_nist_p_384,
-		BN_NIST_384_TOP, BN_NIST_384_TOP, 0, BN_FLG_STATIC_DATA };
-	return &const_nist_384;
+	return &_bignum_nist_p_384;
 	}
 
 const BIGNUM *BN_get0_nist_prime_521(void)
 	{
-	static BIGNUM const_nist_521 = { (BN_ULONG *)_nist_p_521,
-		BN_NIST_521_TOP, BN_NIST_521_TOP, 0, BN_FLG_STATIC_DATA };
-	return &const_nist_521;
+	return &_bignum_nist_p_521;
 	}
 
-/* some misc internal functions */
-static BN_ULONG _256_data[BN_NIST_256_TOP*6];
-static int _is_set_256_data = 0;
-static void _init_256_data(void);
 
-static BN_ULONG _384_data[BN_NIST_384_TOP*8];
-static int _is_set_384_data = 0;
-static void _init_384_data(void);
+static void nist_cp_bn_0(BN_ULONG *buf, BN_ULONG *a, int top, int max)
+	{
+	int i;
+	BN_ULONG *_tmp1 = (buf), *_tmp2 = (a);
+
+#ifdef BN_DEBUG
+	OPENSSL_assert(top <= max);
+#endif
+	for (i = (top); i != 0; i--)
+		*_tmp1++ = *_tmp2++;
+	for (i = (max) - (top); i != 0; i--)
+		*_tmp1++ = (BN_ULONG) 0;
+	}
+
+static void nist_cp_bn(BN_ULONG *buf, BN_ULONG *a, int top)
+	{ 
+	int i;
+	BN_ULONG *_tmp1 = (buf), *_tmp2 = (a);
+	for (i = (top); i != 0; i--)
+		*_tmp1++ = *_tmp2++;
+	}
 
-#define BN_NIST_ADD_ONE(a)	while (!(++(*(a)))) ++(a);
-#define __buf_0			(BN_ULONG)0
-#define __buf_0_1		(BN_ULONG)0
-#define __buf_0_2		(BN_ULONG)0
 #if BN_BITS2 == 64
-#define BN_64_BIT_BUF(n)	BN_ULONG __buf_##n = (BN_ULONG)0;
-#define BN_CP_64_TO_BUF(n)	__buf_##n = (a)[(n)];
-#define BN_CP_64_FROM_BUF(a,n)	*(a)++ = __buf_##n;
-#define BN_CASE_64_BIT(n,a)	case (n): __buf_##n = (a)[(n)];
-#if	UINT_MAX == 4294967295UL
-#define	nist32	unsigned int
-#define BN_32_BIT_BUF(n)	nist32 __buf_##n = (nist32)0;
-#define BN_CP_32_TO_BUF(n)	__buf_##n = ((nist32 *)(a))[(n)];
-#define BN_CP_32_FROM_BUF(a,n)	*((nist32)(a))++ = __buf_##n;
-#define BN_CASE_32_BIT(n,a)	case (n): __buf_##n = ((nist32)(a))[(n)];
-#elif	ULONG_MAX == 4294967295UL
-#define	nist32	unsigned long
-#define BN_32_BIT_BUF(n)	nist32 __buf_##n = (nist32)0;
-#define BN_CP_32_TO_BUF(n)	__buf_##n = ((nist32 *)(a))[(n)];
-#define BN_CP_32_FROM_BUF(a,n)	*((nist32)(a))++ = __buf_##n;
-#define BN_CASE_32_BIT(n,a)	case (n): __buf_##n = ((nist32)(a))[(n)];
+#define bn_cp_64(to, n, from, m)	(to)[n] = (m>=0)?((from)[m]):0;
+#define bn_64_set_0(to, n)		(to)[n] = (BN_ULONG)0;
+/*
+ * two following macros are implemented under assumption that they
+ * are called in a sequence with *ascending* n, i.e. as they are...
+ */
+#define bn_cp_32_naked(to, n, from, m)	(((n)&1)?(to[(n)/2]|=((m)&1)?(from[(m)/2]&BN_MASK2h):(from[(m)/2]<<32))\
+						:(to[(n)/2] =((m)&1)?(from[(m)/2]>>32):(from[(m)/2]&BN_MASK2l)))
+#define bn_32_set_0(to, n)		(((n)&1)?(to[(n)/2]&=BN_MASK2l):(to[(n)/2]=0));
+#define bn_cp_32(to,n,from,m)		((m)>=0)?bn_cp_32_naked(to,n,from,m):bn_32_set_0(to,n)
 #else
-#define	NO_32_BIT_TYPE
-#endif
-#elif BN_BITS2 == 32
-#define BN_64_BIT_BUF(n)	BN_ULONG __buf_##n##_1 = (BN_ULONG)0;\
-				BN_ULONG __buf_##n##_2 = (BN_ULONG)0;
-#define BN_CP_64_TO_BUF(n)	__buf_##n##_2 = (a)[2*(n)+1];\
-				__buf_##n##_1 = (a)[2*(n)];
-#define BN_CP_64_FROM_BUF(a,n)	*(a)++ = __buf_##n##_1;\
-				*(a)++ = __buf_##n##_2;
-#define BN_CASE_64_BIT(n,a)	case 2*(n)+1: __buf_##n##_2 = (a)[2*(n)+1];\
-				case 2*(n):   __buf_##n##_1 = (a)[2*(n)];
-				
-#define BN_32_BIT_BUF(n)	BN_ULONG __buf_##n = (BN_ULONG)0;
-#define BN_CP_32_TO_BUF(n)	__buf_##n = (a)[(n)];
-#define BN_CP_32_FROM_BUF(a,n)	*(a)++ = __buf_##n;
-#define BN_CASE_32_BIT(n,a)	case (n): __buf_##n = (a)[(n)];
-#elif BN_BITS2 == 16
-#define __buf_0_3		(BN_ULONG)0
-#define __buf_0_4		(BN_ULONG)0
-#define BN_64_BIT_BUF(n)	BN_ULONG __buf_##n##_1 = (BN_ULONG)0;\
-				BN_ULONG __buf_##n##_2 = (BN_ULONG)0;\
-				BN_ULONG __buf_##n##_3 = (BN_ULONG)0;\
-				BN_ULONG __buf_##n##_4 = (BN_ULONG)0;
-#define BN_CP_64_TO_BUF(n)	__buf_##n##_4 = (a)[4*(n)+3];\
-				__buf_##n##_3 = (a)[4*(n)+2];\
-				__buf_##n##_2 = (a)[4*(n)+1];\
-				__buf_##n##_1 = (a)[4*(n)];
-#define BN_CP_64_FROM_BUF(a,n)	*(a)++ = __buf_##n##_1;\
-				*(a)++ = __buf_##n##_2;\
-				*(a)++ = __buf_##n##_3;\
-				*(a)++ = __buf_##n##_4;
-#define BN_CASE_64_BIT(n,a)	case 4*(n)+3: __buf_##n##_4 = (a)[4*(n)+3];\
-				case 4*(n)+2: __buf_##n##_3 = (a)[4*(n)+2];\
-				case 4*(n)+1: __buf_##n##_2 = (a)[4*(n)+1];\
-				case 4*(n):   __buf_##n##_1 = (a)[4*(n)];
-#define BN_32_BIT_BUF(n)	BN_ULONG __buf_##n##_1 = (BN_ULONG)0;\
-				BN_ULONG __buf_##n##_2 = (BN_ULONG)0;
-#define BN_CP_32_TO_BUF(n)	__buf_##n##_1 = (a)[2*(n)];\
-				__buf_##n##_2 = (a)[2*(n)+1];
-#define BN_CP_32_FROM_BUF(a,n)	*(a)++ = __buf_##n##_1;\
-				*(a)++ = __buf_##n##_2;
-#define BN_CASE_32_BIT(n,a)	case 2*(n)+1: __buf_##n##_2 = (a)[2*(n)+1];\
-				case 2*(n):   __buf_##n##_1 = (a)[2*(n)];
-#elif BN_BITS2 == 8
-#define __buf_0_3		(BN_ULONG)0
-#define __buf_0_4		(BN_ULONG)0
-#define __buf_0_5		(BN_ULONG)0
-#define __buf_0_6		(BN_ULONG)0
-#define __buf_0_7		(BN_ULONG)0
-#define __buf_0_8		(BN_ULONG)0
-#define BN_64_BIT_BUF(n)	BN_ULONG __buf_##n##_1 = (BN_ULONG)0;\
-				BN_ULONG __buf_##n##_2 = (BN_ULONG)0;\
-				BN_ULONG __buf_##n##_3 = (BN_ULONG)0;\
-				BN_ULONG __buf_##n##_4 = (BN_ULONG)0;\
-				BN_ULONG __buf_##n##_5 = (BN_ULONG)0;\
-				BN_ULONG __buf_##n##_6 = (BN_ULONG)0;\
-				BN_ULONG __buf_##n##_7 = (BN_ULONG)0;\
-				BN_ULONG __buf_##n##_8 = (BN_ULONG)0;
-#define BN_CP_64_TO_BUF(n)	__buf_##n##_8 = (a)[8*(n)+7];\
-				__buf_##n##_7 = (a)[8*(n)+6];\
-				__buf_##n##_6 = (a)[8*(n)+5];\
-				__buf_##n##_5 = (a)[8*(n)+4];\
-				__buf_##n##_4 = (a)[8*(n)+3];\
-				__buf_##n##_3 = (a)[8*(n)+2];\
-				__buf_##n##_2 = (a)[8*(n)+1];\
-				__buf_##n##_1 = (a)[8*(n)];
-#define BN_CP_64_FROM_BUF(a,n)	*(a)++ = __buf_##n##_1;\
-				*(a)++ = __buf_##n##_2;\
-				*(a)++ = __buf_##n##_3;\
-				*(a)++ = __buf_##n##_4;\
-				*(a)++ = __buf_##n##_5;\
-				*(a)++ = __buf_##n##_6;\
-				*(a)++ = __buf_##n##_7;\
-				*(a)++ = __buf_##n##_8;
-#define BN_CASE_64_BIT(n,a)	case 8*(n)+7: __buf_##n##_8 = (a)[8*(n)+7];\
-				case 8*(n)+6: __buf_##n##_7 = (a)[8*(n)+6];\
-				case 8*(n)+5: __buf_##n##_6 = (a)[8*(n)+5];\
-				case 8*(n)+4: __buf_##n##_5 = (a)[8*(n)+4];\
-				case 8*(n)+3: __buf_##n##_4 = (a)[8*(n)+3];\
-				case 8*(n)+2: __buf_##n##_3 = (a)[8*(n)+2];\
-				case 8*(n)+1: __buf_##n##_2 = (a)[8*(n)+1];\
-				case 8*(n):   __buf_##n##_1 = (a)[8*(n)];
-#define BN_32_BIT_BUF(n)	BN_ULONG __buf_##n##_1 = (BN_ULONG)0;\
-				BN_ULONG __buf_##n##_2 = (BN_ULONG)0;\
-				BN_ULONG __buf_##n##_3 = (BN_ULONG)0;\
-				BN_ULONG __buf_##n##_4 = (BN_ULONG)0;
-#define BN_CP_32_TO_BUF(n)	__buf_##n##_1 = (a)[4*(n)];\
-				__buf_##n##_2 = (a)[4*(n)+1];\
-				__buf_##n##_3 = (a)[4*(n)+2];\
-				__buf_##n##_4 = (a)[4*(n)+3];
-#define BN_CP_32_FROM_BUF(a,n)	*(a)++ = __buf_##n##_1;\
-				*(a)++ = __buf_##n##_2;\
-				*(a)++ = __buf_##n##_3;\
-				*(a)++ = __buf_##n##_4;
-#define BN_CASE_32_BIT(n,a)	case 4*(n)+3: __buf_##n##_4 = (a)[4*(n)+3];\
-				case 4*(n)+2: __buf_##n##_3 = (a)[4*(n)+2];\
-				case 4*(n)+1: __buf_##n##_2 = (a)[4*(n)+1];\
-				case 4*(n):   __buf_##n##_1 = (a)[4*(n)];
+#define bn_cp_64(to, n, from, m) \
+	{ \
+	bn_cp_32(to, (n)*2, from, (m)*2); \
+	bn_cp_32(to, (n)*2+1, from, (m)*2+1); \
+	}
+#define bn_64_set_0(to, n) \
+	{ \
+	bn_32_set_0(to, (n)*2); \
+	bn_32_set_0(to, (n)*2+1); \
+	}
+#if BN_BITS2 == 32
+#define bn_cp_32(to, n, from, m)	(to)[n] = (m>=0)?((from)[m]):0;
+#define bn_32_set_0(to, n)		(to)[n] = (BN_ULONG)0;
 #endif
+#endif /* BN_BITS2 != 64 */
 
 
-#define BN_192_SET(d,a1,a2,a3) \
-	{\
-	register BN_ULONG *td = (d);\
-	BN_CP_64_FROM_BUF(td,a3); BN_CP_64_FROM_BUF(td,a2);\
-	BN_CP_64_FROM_BUF(td,a1);\
+#define nist_set_192(to, from, a1, a2, a3) \
+	{ \
+	bn_cp_64(to, 0, from, (a3) - 3) \
+	bn_cp_64(to, 1, from, (a2) - 3) \
+	bn_cp_64(to, 2, from, (a1) - 3) \
 	}
 
 int BN_nist_mod_192(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
 	BN_CTX *ctx)
 	{
-	int      top;
-	BN_ULONG carry = 0;
-	register BN_ULONG *r_d, *a_d;
-	BN_ULONG t_d[BN_NIST_192_TOP];
-	BN_64_BIT_BUF(3)  BN_64_BIT_BUF(4)
-	BN_64_BIT_BUF(5)
-
-	top = BN_ucmp(field, a);
-	if (top == 0)
+	int      top = a->top, i;
+	int      carry;
+	register BN_ULONG *r_d, *a_d = a->d;
+	BN_ULONG t_d[BN_NIST_192_TOP],
+	         buf[BN_NIST_192_TOP],
+		 c_d[BN_NIST_192_TOP],
+		*res;
+	size_t   mask;
+	static const BIGNUM _bignum_nist_p_192_sqr = {
+		(BN_ULONG *)_nist_p_192_sqr,
+		sizeof(_nist_p_192_sqr)/sizeof(_nist_p_192_sqr[0]),
+		sizeof(_nist_p_192_sqr)/sizeof(_nist_p_192_sqr[0]),
+		0,BN_FLG_STATIC_DATA };
+
+	field = &_bignum_nist_p_192; /* just to make sure */
+
+ 	if (BN_is_negative(a) || BN_ucmp(a,&_bignum_nist_p_192_sqr)>=0)
+		return BN_nnmod(r, a, field, ctx);
+
+	i = BN_ucmp(field, a);
+	if (i == 0)
 		{
 		BN_zero(r);
 		return 1;
 		}
-	else if (top > 0)
-		return (r == a)? 1 : (BN_copy(r ,a) != NULL);
+	else if (i > 0)
+		return (r == a) ? 1 : (BN_copy(r ,a) != NULL);
 
 	if (r != a)
-		if (!BN_ncopy(r, a, BN_NIST_192_TOP))
-			return 0;
-
-	r_d = r->d;
-	a_d = a->d;
-	top = a->top-1;
-
-	switch (top)
 		{
-		BN_CASE_64_BIT(5, a_d)
-		BN_CASE_64_BIT(4, a_d)
-		BN_CASE_64_BIT(3, a_d)
-			break;
-		default: /* a->top == field->top */
-			return BN_usub(r, a, field);
+		if (!bn_wexpand(r, BN_NIST_192_TOP))
+			return 0;
+		r_d = r->d;
+		nist_cp_bn(r_d, a_d, BN_NIST_192_TOP);
 		}
+	else
+		r_d = a_d;
 
-	BN_192_SET(t_d,0,3,3)
-	if (bn_add_words(r_d, r_d, t_d, BN_NIST_192_TOP))
-		++carry;
-
-	BN_192_SET(t_d,4,4,0)
-	if (bn_add_words(r_d, r_d, t_d, BN_NIST_192_TOP))
-		++carry;
+	nist_cp_bn_0(buf, a_d + BN_NIST_192_TOP, top - BN_NIST_192_TOP, BN_NIST_192_TOP);
 
-	BN_192_SET(t_d,5,5,5)
-	if (bn_add_words(r_d, r_d, t_d, BN_NIST_192_TOP))
-		++carry;
+	nist_set_192(t_d, buf, 0, 3, 3);
+	carry = (int)bn_add_words(r_d, r_d, t_d, BN_NIST_192_TOP);
+	nist_set_192(t_d, buf, 4, 4, 0);
+	carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_192_TOP);
+	nist_set_192(t_d, buf, 5, 5, 5)
+	carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_192_TOP);
 
-	while (carry)
-		{
-		if (bn_sub_words(r_d, r_d, _nist_p_192, BN_NIST_192_TOP))
-			--carry; 
-		}
+	if (carry > 0)
+		carry = (int)bn_sub_words(r_d,r_d,_nist_p_192[carry-1],BN_NIST_192_TOP);
+	else
+		carry = 1;
+
+	/*
+	 * we need 'if (carry==0 || result>=modulus) result-=modulus;'
+	 * as comparison implies subtraction, we can write
+	 * 'tmp=result-modulus; if (!carry || !borrow) result=tmp;'
+	 * this is what happens below, but without explicit if:-) a.
+	 */
+	mask  = 0-(size_t)bn_sub_words(c_d,r_d,_nist_p_192[0],BN_NIST_192_TOP);
+	mask &= 0-(size_t)carry;
+	res   = (BN_ULONG *)(((size_t)c_d&~mask) | ((size_t)r_d&mask));
+	nist_cp_bn(r_d, res, BN_NIST_192_TOP);
 	r->top = BN_NIST_192_TOP;
 	bn_correct_top(r);
-	if (BN_ucmp(r, field) >= 0)
-		{
-		bn_sub_words(r_d, r_d, _nist_p_192, BN_NIST_192_TOP);
-		bn_correct_top(r);
-		}
 
-	bn_check_top(r);
 	return 1;
 	}
 
-#define BN_224_SET(d,a1,a2,a3,a4,a5,a6,a7) \
-	{\
-	register BN_ULONG *td = (d);\
-	BN_CP_32_FROM_BUF(td,a7); BN_CP_32_FROM_BUF(td,a6);\
-	BN_CP_32_FROM_BUF(td,a5); BN_CP_32_FROM_BUF(td,a4);\
-	BN_CP_32_FROM_BUF(td,a3); BN_CP_32_FROM_BUF(td,a2);\
-	BN_CP_32_FROM_BUF(td,a1);\
+typedef BN_ULONG (*bn_addsub_f)(BN_ULONG *,const BN_ULONG *,const BN_ULONG *,int);
+
+#define nist_set_224(to, from, a1, a2, a3, a4, a5, a6, a7) \
+	{ \
+	bn_cp_32(to, 0, from, (a7) - 7) \
+	bn_cp_32(to, 1, from, (a6) - 7) \
+	bn_cp_32(to, 2, from, (a5) - 7) \
+	bn_cp_32(to, 3, from, (a4) - 7) \
+	bn_cp_32(to, 4, from, (a3) - 7) \
+	bn_cp_32(to, 5, from, (a2) - 7) \
+	bn_cp_32(to, 6, from, (a1) - 7) \
 	}
 
 int BN_nist_mod_224(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
 	BN_CTX *ctx)
 	{
-#ifndef NO_32_BIT_TYPE
-	int	tmp_int;
-	int	carry = 0;
-	BN_ULONG *r_d, *a_d;
-	BN_ULONG t_d[BN_NIST_224_TOP];
-	BN_32_BIT_BUF(7)  BN_32_BIT_BUF(8)
-	BN_32_BIT_BUF(9)  BN_32_BIT_BUF(10)
-	BN_32_BIT_BUF(11) BN_32_BIT_BUF(12)
-	BN_32_BIT_BUF(13)
-
-	tmp_int = BN_ucmp(field, a);
-	if (tmp_int == 0)
+	int	top = a->top, i;
+	int	carry;
+	BN_ULONG *r_d, *a_d = a->d;
+	BN_ULONG t_d[BN_NIST_224_TOP],
+	         buf[BN_NIST_224_TOP],
+		 c_d[BN_NIST_224_TOP],
+		*res;
+	size_t   mask;
+	union { bn_addsub_f f; size_t p; } u;
+	static const BIGNUM _bignum_nist_p_224_sqr = {
+		(BN_ULONG *)_nist_p_224_sqr,
+		sizeof(_nist_p_224_sqr)/sizeof(_nist_p_224_sqr[0]),
+		sizeof(_nist_p_224_sqr)/sizeof(_nist_p_224_sqr[0]),
+		0,BN_FLG_STATIC_DATA };
+
+
+	field = &_bignum_nist_p_224; /* just to make sure */
+
+ 	if (BN_is_negative(a) || BN_ucmp(a,&_bignum_nist_p_224_sqr)>=0)
+		return BN_nnmod(r, a, field, ctx);
+
+	i = BN_ucmp(field, a);
+	if (i == 0)
 		{
 		BN_zero(r);
 		return 1;
 		}
-	else if (tmp_int > 0)
+	else if (i > 0)
 		return (r == a)? 1 : (BN_copy(r ,a) != NULL);
 
 	if (r != a)
-		if (!BN_ncopy(r, a, BN_NIST_224_TOP))
-			return 0;
-
-	r_d = r->d;
-	a_d = a->d;
-
-	tmp_int = a->top-1;
-
-	switch (tmp_int)
 		{
-		BN_CASE_32_BIT(13, a_d)
-		BN_CASE_32_BIT(12, a_d)
-		BN_CASE_32_BIT(11, a_d)
-		BN_CASE_32_BIT(10, a_d)
-		BN_CASE_32_BIT(9,  a_d)
-		BN_CASE_32_BIT(8,  a_d)
-		BN_CASE_32_BIT(7,  a_d)
-			break;
-		default: /* a->top == field->top */
-			return BN_usub(r, a, field);
+		if (!bn_wexpand(r, BN_NIST_224_TOP))
+			return 0;
+		r_d = r->d;
+		nist_cp_bn(r_d, a_d, BN_NIST_224_TOP);
 		}
-
-	BN_224_SET(t_d,10,9,8,7,0,0,0)
-	if (bn_add_words(r_d, r_d, t_d, BN_NIST_224_TOP))
-		++carry;
-	BN_224_SET(t_d,0,13,12,11,0,0,0)
-	if (bn_add_words(r_d, r_d, t_d, BN_NIST_224_TOP))
-		++carry;
-	BN_224_SET(t_d,13,12,11,10,9,8,7)
-	if (bn_sub_words(r_d, r_d, t_d, BN_NIST_224_TOP))
-		--carry;
-	BN_224_SET(t_d,0,0,0,0,13,12,11)
-	if (bn_sub_words(r_d, r_d, t_d, BN_NIST_224_TOP))
-		--carry;
-
+	else
+		r_d = a_d;
+
+#if BN_BITS2==64
+	/* copy upper 256 bits of 448 bit number ... */
+	nist_cp_bn_0(t_d, a_d + (BN_NIST_224_TOP-1), top - (BN_NIST_224_TOP-1), BN_NIST_224_TOP);
+	/* ... and right shift by 32 to obtain upper 224 bits */
+	nist_set_224(buf, t_d, 14, 13, 12, 11, 10, 9, 8);
+	/* truncate lower part to 224 bits too */
+	r_d[BN_NIST_224_TOP-1] &= BN_MASK2l;
+#else
+	nist_cp_bn_0(buf, a_d + BN_NIST_224_TOP, top - BN_NIST_224_TOP, BN_NIST_224_TOP);
+#endif
+	nist_set_224(t_d, buf, 10, 9, 8, 7, 0, 0, 0);
+	carry = (int)bn_add_words(r_d, r_d, t_d, BN_NIST_224_TOP);
+	nist_set_224(t_d, buf, 0, 13, 12, 11, 0, 0, 0);
+	carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_224_TOP);
+	nist_set_224(t_d, buf, 13, 12, 11, 10, 9, 8, 7);
+	carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_224_TOP);
+	nist_set_224(t_d, buf, 0, 0, 0, 0, 13, 12, 11);
+	carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_224_TOP);
+
+#if BN_BITS2==64
+	carry = (int)(r_d[BN_NIST_224_TOP-1]>>32);
+#endif
+	u.f = bn_sub_words;
 	if (carry > 0)
-		while (carry)
-			{
-			if (bn_sub_words(r_d,r_d,_nist_p_224,BN_NIST_224_TOP))
-				--carry;
-			}
-	else if (carry < 0)
-		while (carry)
-			{
-			if (bn_add_words(r_d,r_d,_nist_p_224,BN_NIST_224_TOP))
-				++carry;
-			}
-
-	r->top = BN_NIST_224_TOP;
-	bn_correct_top(r);
-	if (BN_ucmp(r, field) >= 0)
 		{
-		bn_sub_words(r_d, r_d, _nist_p_224, BN_NIST_224_TOP);
-		bn_correct_top(r);
-		}
-	bn_check_top(r);
-	return 1;
-#else
-	return 0;
+		carry = (int)bn_sub_words(r_d,r_d,_nist_p_224[carry-1],BN_NIST_224_TOP);
+#if BN_BITS2==64
+		carry=(int)(~(r_d[BN_NIST_224_TOP-1]>>32))&1;
 #endif
-	}
-
-static void _init_256_data(void)
-	{
-	int	i;
-	BN_ULONG *tmp1 = _256_data;
-	const BN_ULONG *tmp2 = tmp1;
-
-	memcpy(tmp1, _nist_p_256, BN_NIST_256_TOP * sizeof(BN_ULONG));
-	tmp1 += BN_NIST_256_TOP;
-
-	for (i=0; i<5; i++)
+		}
+	else if (carry < 0)
 		{
-		bn_add_words(tmp1, _nist_p_256, tmp2, BN_NIST_256_TOP);
-		tmp2  = tmp1;
-		tmp1 += BN_NIST_256_TOP;
+		/* it's a bit more comlicated logic in this case.
+		 * if bn_add_words yields no carry, then result
+		 * has to be adjusted by unconditionally *adding*
+		 * the modulus. but if it does, then result has
+		 * to be compared to the modulus and conditionally
+		 * adjusted by *subtracting* the latter. */
+		carry = (int)bn_add_words(r_d,r_d,_nist_p_224[-carry-1],BN_NIST_224_TOP);
+		mask = 0-(size_t)carry;
+		u.p = ((size_t)bn_sub_words&mask) | ((size_t)bn_add_words&~mask);
 		}
-	_is_set_256_data = 1;
+	else
+		carry = 1;
+
+	/* otherwise it's effectively same as in BN_nist_mod_192... */
+	mask  = 0-(size_t)(*u.f)(c_d,r_d,_nist_p_224[0],BN_NIST_224_TOP);
+	mask &= 0-(size_t)carry;
+	res   = (BN_ULONG *)(((size_t)c_d&~mask) | ((size_t)r_d&mask));
+	nist_cp_bn(r_d, res, BN_NIST_224_TOP);
+	r->top = BN_NIST_224_TOP;
+	bn_correct_top(r);
+
+	return 1;
 	}
 
-#define BN_256_SET(d,a1,a2,a3,a4,a5,a6,a7,a8) \
-	{\
-	register BN_ULONG *td = (d);\
-	BN_CP_32_FROM_BUF(td,a8); BN_CP_32_FROM_BUF(td,a7);\
-	BN_CP_32_FROM_BUF(td,a6); BN_CP_32_FROM_BUF(td,a5);\
-	BN_CP_32_FROM_BUF(td,a4); BN_CP_32_FROM_BUF(td,a3);\
-	BN_CP_32_FROM_BUF(td,a2); BN_CP_32_FROM_BUF(td,a1);\
+#define nist_set_256(to, from, a1, a2, a3, a4, a5, a6, a7, a8) \
+	{ \
+	bn_cp_32(to, 0, from, (a8) - 8) \
+	bn_cp_32(to, 1, from, (a7) - 8) \
+	bn_cp_32(to, 2, from, (a6) - 8) \
+	bn_cp_32(to, 3, from, (a5) - 8) \
+	bn_cp_32(to, 4, from, (a4) - 8) \
+	bn_cp_32(to, 5, from, (a3) - 8) \
+	bn_cp_32(to, 6, from, (a2) - 8) \
+	bn_cp_32(to, 7, from, (a1) - 8) \
 	}
 
 int BN_nist_mod_256(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
 	BN_CTX *ctx)
 	{
-#ifndef NO_32_BIT_TYPE
-	int	tmp_int;
+	int	i, top = a->top;
 	int	carry = 0;
-	register BN_ULONG *a_d, *r_d;
-	BN_ULONG t_d[BN_NIST_256_TOP];
-	BN_ULONG t_d2[BN_NIST_256_TOP];
-	BN_32_BIT_BUF(8)  BN_32_BIT_BUF(9)
-	BN_32_BIT_BUF(10) BN_32_BIT_BUF(11)
-	BN_32_BIT_BUF(12) BN_32_BIT_BUF(13)
-	BN_32_BIT_BUF(14) BN_32_BIT_BUF(15)
-
-	if (!_is_set_256_data)
-		{
-		CRYPTO_w_lock(CRYPTO_LOCK_BN);
-		
-		if (!_is_set_256_data)
-			_init_256_data();
-		
-		CRYPTO_w_unlock(CRYPTO_LOCK_BN);
-		}
-	
-	tmp_int = BN_ucmp(field, a);
-	if (tmp_int == 0)
+	register BN_ULONG *a_d = a->d, *r_d;
+	BN_ULONG t_d[BN_NIST_256_TOP],
+	         buf[BN_NIST_256_TOP],
+		 c_d[BN_NIST_256_TOP],
+		*res;
+	size_t   mask;
+	union { bn_addsub_f f; size_t p; } u;
+	static const BIGNUM _bignum_nist_p_256_sqr = {
+		(BN_ULONG *)_nist_p_256_sqr,
+		sizeof(_nist_p_256_sqr)/sizeof(_nist_p_256_sqr[0]),
+		sizeof(_nist_p_256_sqr)/sizeof(_nist_p_256_sqr[0]),
+		0,BN_FLG_STATIC_DATA };
+
+	field = &_bignum_nist_p_256; /* just to make sure */
+
+ 	if (BN_is_negative(a) || BN_ucmp(a,&_bignum_nist_p_256_sqr)>=0)
+		return BN_nnmod(r, a, field, ctx);
+
+	i = BN_ucmp(field, a);
+	if (i == 0)
 		{
 		BN_zero(r);
 		return 1;
 		}
-	else if (tmp_int > 0)
+	else if (i > 0)
 		return (r == a)? 1 : (BN_copy(r ,a) != NULL);
 
 	if (r != a)
-		if (!BN_ncopy(r, a, BN_NIST_256_TOP))
-			return 0;
-
-	tmp_int = a->top-1;
-
-	a_d = a->d;
-	r_d = r->d;
-	switch (tmp_int)
 		{
-		BN_CASE_32_BIT(15, a_d)
-		BN_CASE_32_BIT(14, a_d)
-		BN_CASE_32_BIT(13, a_d)
-		BN_CASE_32_BIT(12, a_d)
-		BN_CASE_32_BIT(11, a_d)
-		BN_CASE_32_BIT(10, a_d)
-		BN_CASE_32_BIT(9,  a_d)
-		BN_CASE_32_BIT(8,  a_d)
-			break;
-		default: /* a->top == field->top */
-			return BN_usub(r, a, field);
+		if (!bn_wexpand(r, BN_NIST_256_TOP))
+			return 0;
+		r_d = r->d;
+		nist_cp_bn(r_d, a_d, BN_NIST_256_TOP);
 		}
+	else
+		r_d = a_d;
+
+	nist_cp_bn_0(buf, a_d + BN_NIST_256_TOP, top - BN_NIST_256_TOP, BN_NIST_256_TOP);
 
 	/*S1*/
-	BN_256_SET(t_d,15,14,13,12,11,0,0,0)
+	nist_set_256(t_d, buf, 15, 14, 13, 12, 11, 0, 0, 0);
 	/*S2*/
-	BN_256_SET(t_d2,0,15,14,13,12,0,0,0)
-	if (bn_add_words(t_d, t_d, t_d2, BN_NIST_256_TOP))
-		carry = 2;
+	nist_set_256(c_d, buf, 0, 15, 14, 13, 12, 0, 0, 0);
+	carry = (int)bn_add_words(t_d, t_d, c_d, BN_NIST_256_TOP);
 	/* left shift */
 		{
 		register BN_ULONG *ap,t,c;
 		ap = t_d;
 		c=0;
-		for (tmp_int=BN_NIST_256_TOP; tmp_int != 0; --tmp_int)
+		for (i = BN_NIST_256_TOP; i != 0; --i)
 			{
 			t= *ap;
 			*(ap++)=((t<<1)|c)&BN_MASK2;
 			c=(t & BN_TBIT)?1:0;
 			}
-		if (c)
-			++carry;
+		carry <<= 1;
+		carry  |= c;
 		}
-
-	if (bn_add_words(r_d, r_d, t_d, BN_NIST_256_TOP))
-		++carry;
+	carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_256_TOP);
 	/*S3*/
-	BN_256_SET(t_d,15,14,0,0,0,10,9,8)
-	if (bn_add_words(r_d, r_d, t_d, BN_NIST_256_TOP))
-		++carry;
+	nist_set_256(t_d, buf, 15, 14, 0, 0, 0, 10, 9, 8);
+	carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_256_TOP);
 	/*S4*/
-	BN_256_SET(t_d,8,13,15,14,13,11,10,9)
-	if (bn_add_words(r_d, r_d, t_d, BN_NIST_256_TOP))
-		++carry;
+	nist_set_256(t_d, buf, 8, 13, 15, 14, 13, 11, 10, 9);
+	carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_256_TOP);
 	/*D1*/
-	BN_256_SET(t_d,10,8,0,0,0,13,12,11)
-	if (bn_sub_words(r_d, r_d, t_d, BN_NIST_256_TOP))
-		--carry;
+	nist_set_256(t_d, buf, 10, 8, 0, 0, 0, 13, 12, 11);
+	carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_256_TOP);
 	/*D2*/
-	BN_256_SET(t_d,11,9,0,0,15,14,13,12)
-	if (bn_sub_words(r_d, r_d, t_d, BN_NIST_256_TOP))
-		--carry;
+	nist_set_256(t_d, buf, 11, 9, 0, 0, 15, 14, 13, 12);
+	carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_256_TOP);
 	/*D3*/
-	BN_256_SET(t_d,12,0,10,9,8,15,14,13)
-	if (bn_sub_words(r_d, r_d, t_d, BN_NIST_256_TOP))
-		--carry;
+	nist_set_256(t_d, buf, 12, 0, 10, 9, 8, 15, 14, 13);
+	carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_256_TOP);
 	/*D4*/
-	BN_256_SET(t_d,13,0,11,10,9,0,15,14)
-	if (bn_sub_words(r_d, r_d, t_d, BN_NIST_256_TOP))
-		--carry;
-	
-	if (carry)
+	nist_set_256(t_d, buf, 13, 0, 11, 10, 9, 0, 15, 14);
+	carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_256_TOP);
+
+	/* see BN_nist_mod_224 for explanation */
+	u.f = bn_sub_words;
+	if (carry > 0)
+		carry = (int)bn_sub_words(r_d,r_d,_nist_p_256[carry-1],BN_NIST_256_TOP);
+	else if (carry < 0)
 		{
-		if (carry > 0)
-			bn_sub_words(r_d, r_d, _256_data + BN_NIST_256_TOP *
-				--carry, BN_NIST_256_TOP);
-		else
-			{
-			carry = -carry;
-			bn_add_words(r_d, r_d, _256_data + BN_NIST_256_TOP *
-				--carry, BN_NIST_256_TOP);
-			}
+		carry = (int)bn_add_words(r_d,r_d,_nist_p_256[-carry-1],BN_NIST_256_TOP);
+		mask = 0-(size_t)carry;
+		u.p = ((size_t)bn_sub_words&mask) | ((size_t)bn_add_words&~mask);
 		}
+	else
+		carry = 1;
 
+	mask  = 0-(size_t)(*u.f)(c_d,r_d,_nist_p_256[0],BN_NIST_256_TOP);
+	mask &= 0-(size_t)carry;
+	res   = (BN_ULONG *)(((size_t)c_d&~mask) | ((size_t)r_d&mask));
+	nist_cp_bn(r_d, res, BN_NIST_256_TOP);
 	r->top = BN_NIST_256_TOP;
 	bn_correct_top(r);
-	if (BN_ucmp(r, field) >= 0)
-		{
-		bn_sub_words(r_d, r_d, _nist_p_256, BN_NIST_256_TOP);
-		bn_correct_top(r);
-		}
-	bn_check_top(r);
-	return 1;
-#else
-	return 0;
-#endif
-	}
-
-static void _init_384_data(void)
-	{
-	int	i;
-	BN_ULONG *tmp1 = _384_data;
-	const BN_ULONG *tmp2 = tmp1;
-
-	memcpy(tmp1, _nist_p_384, BN_NIST_384_TOP * sizeof(BN_ULONG));
-	tmp1 += BN_NIST_384_TOP;
 
-	for (i=0; i<7; i++)
-		{
-		bn_add_words(tmp1, _nist_p_384, tmp2, BN_NIST_384_TOP);
-		tmp2  = tmp1;
-		tmp1 += BN_NIST_384_TOP;
-		}
-	_is_set_384_data = 1;
+	return 1;
 	}
 
-#define BN_384_SET(d,a1,a2,a3,a4,a5,a6,a7,a8,a9,a10,a11,a12) \
-	{\
-	register BN_ULONG *td = (d);\
-	BN_CP_32_FROM_BUF(td,a12); BN_CP_32_FROM_BUF(td,a11);\
-	BN_CP_32_FROM_BUF(td,a10); BN_CP_32_FROM_BUF(td,a9);\
-	BN_CP_32_FROM_BUF(td,a8);  BN_CP_32_FROM_BUF(td,a7);\
-	BN_CP_32_FROM_BUF(td,a6);  BN_CP_32_FROM_BUF(td,a5);\
-	BN_CP_32_FROM_BUF(td,a4);  BN_CP_32_FROM_BUF(td,a3);\
-	BN_CP_32_FROM_BUF(td,a2);  BN_CP_32_FROM_BUF(td,a1);\
+#define nist_set_384(to,from,a1,a2,a3,a4,a5,a6,a7,a8,a9,a10,a11,a12) \
+	{ \
+	bn_cp_32(to, 0, from,  (a12) - 12) \
+	bn_cp_32(to, 1, from,  (a11) - 12) \
+	bn_cp_32(to, 2, from,  (a10) - 12) \
+	bn_cp_32(to, 3, from,  (a9) - 12)  \
+	bn_cp_32(to, 4, from,  (a8) - 12)  \
+	bn_cp_32(to, 5, from,  (a7) - 12)  \
+	bn_cp_32(to, 6, from,  (a6) - 12)  \
+	bn_cp_32(to, 7, from,  (a5) - 12)  \
+	bn_cp_32(to, 8, from,  (a4) - 12)  \
+	bn_cp_32(to, 9, from,  (a3) - 12)  \
+	bn_cp_32(to, 10, from, (a2) - 12)  \
+	bn_cp_32(to, 11, from, (a1) - 12)  \
 	}
 
 int BN_nist_mod_384(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
 	BN_CTX *ctx)
 	{
-#ifndef NO_32_BIT_TYPE
-	int	tmp_int;
+	int	i, top = a->top;
 	int	carry = 0;
-	register BN_ULONG *r_d, *a_d;
-	BN_ULONG t_d[BN_NIST_384_TOP];
-	BN_32_BIT_BUF(12) BN_32_BIT_BUF(13)
-	BN_32_BIT_BUF(14) BN_32_BIT_BUF(15)
-	BN_32_BIT_BUF(16) BN_32_BIT_BUF(17)
-	BN_32_BIT_BUF(18) BN_32_BIT_BUF(19)
-	BN_32_BIT_BUF(20) BN_32_BIT_BUF(21)
-	BN_32_BIT_BUF(22) BN_32_BIT_BUF(23)
-
-	if (!_is_set_384_data)
-		{
-		CRYPTO_w_lock(CRYPTO_LOCK_BN);
-		
-		if (!_is_set_384_data)
-			_init_384_data();
-
-		CRYPTO_w_unlock(CRYPTO_LOCK_BN);
-		}
-
-	tmp_int = BN_ucmp(field, a);
-	if (tmp_int == 0)
+	register BN_ULONG *r_d, *a_d = a->d;
+	BN_ULONG t_d[BN_NIST_384_TOP],
+	         buf[BN_NIST_384_TOP],
+		 c_d[BN_NIST_384_TOP],
+		*res;
+	size_t	 mask;
+	union { bn_addsub_f f; size_t p; } u;
+	static const BIGNUM _bignum_nist_p_384_sqr = {
+		(BN_ULONG *)_nist_p_384_sqr,
+		sizeof(_nist_p_384_sqr)/sizeof(_nist_p_384_sqr[0]),
+		sizeof(_nist_p_384_sqr)/sizeof(_nist_p_384_sqr[0]),
+		0,BN_FLG_STATIC_DATA };
+
+
+	field = &_bignum_nist_p_384; /* just to make sure */
+
+ 	if (BN_is_negative(a) || BN_ucmp(a,&_bignum_nist_p_384_sqr)>=0)
+		return BN_nnmod(r, a, field, ctx);
+
+	i = BN_ucmp(field, a);
+	if (i == 0)
 		{
 		BN_zero(r);
 		return 1;
 		}
-	else if (tmp_int > 0)
+	else if (i > 0)
 		return (r == a)? 1 : (BN_copy(r ,a) != NULL);
 
 	if (r != a)
-		if (!BN_ncopy(r, a, BN_NIST_384_TOP))
-			return 0;
-
-	r_d = r->d;
-	a_d = a->d;
-	tmp_int = a->top-1;
-
-	switch (tmp_int)
 		{
-		BN_CASE_32_BIT(23, a_d)
-		BN_CASE_32_BIT(22, a_d)
-		BN_CASE_32_BIT(21, a_d)
-		BN_CASE_32_BIT(20, a_d)
-		BN_CASE_32_BIT(19, a_d)
-		BN_CASE_32_BIT(18, a_d)
-		BN_CASE_32_BIT(17, a_d)
-		BN_CASE_32_BIT(16, a_d)
-		BN_CASE_32_BIT(15, a_d)
-		BN_CASE_32_BIT(14, a_d)
-		BN_CASE_32_BIT(13, a_d)
-		BN_CASE_32_BIT(12, a_d)
-			break;
-		default: /* a->top == field->top */
-			return BN_usub(r, a, field);
+		if (!bn_wexpand(r, BN_NIST_384_TOP))
+			return 0;
+		r_d = r->d;
+		nist_cp_bn(r_d, a_d, BN_NIST_384_TOP);
 		}
+	else
+		r_d = a_d;
+
+	nist_cp_bn_0(buf, a_d + BN_NIST_384_TOP, top - BN_NIST_384_TOP, BN_NIST_384_TOP);
 
 	/*S1*/
-	BN_256_SET(t_d,0,0,0,0,0,23,22,21)
+	nist_set_256(t_d, buf, 0, 0, 0, 0, 0, 23-4, 22-4, 21-4);
 		/* left shift */
 		{
 		register BN_ULONG *ap,t,c;
 		ap = t_d;
 		c=0;
-		for (tmp_int=BN_NIST_256_TOP; tmp_int != 0; --tmp_int)
+		for (i = 3; i != 0; --i)
 			{
 			t= *ap;
 			*(ap++)=((t<<1)|c)&BN_MASK2;
 			c=(t & BN_TBIT)?1:0;
 			}
+		*ap=c;
 		}
-	if (bn_add_words(r_d+(128/BN_BITS2), r_d+(128/BN_BITS2), 
-		t_d, BN_NIST_256_TOP))
-		++carry;
-	/*S2*/
-	BN_384_SET(t_d,23,22,21,20,19,18,17,16,15,14,13,12)
-	if (bn_add_words(r_d, r_d, t_d, BN_NIST_384_TOP))
-		++carry;
+	carry = (int)bn_add_words(r_d+(128/BN_BITS2), r_d+(128/BN_BITS2), 
+		t_d, BN_NIST_256_TOP);
+	/*S2 */
+	carry += (int)bn_add_words(r_d, r_d, buf, BN_NIST_384_TOP);
 	/*S3*/
-	BN_384_SET(t_d,20,19,18,17,16,15,14,13,12,23,22,21)
-	if (bn_add_words(r_d, r_d, t_d, BN_NIST_384_TOP))
-		++carry;
+	nist_set_384(t_d,buf,20,19,18,17,16,15,14,13,12,23,22,21);
+	carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_384_TOP);
 	/*S4*/
-	BN_384_SET(t_d,19,18,17,16,15,14,13,12,20,0,23,0)
-	if (bn_add_words(r_d, r_d, t_d, BN_NIST_384_TOP))
-		++carry;
+	nist_set_384(t_d,buf,19,18,17,16,15,14,13,12,20,0,23,0);
+	carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_384_TOP);
 	/*S5*/
-	BN_256_SET(t_d,0,0,0,0,23,22,21,20)
-	if (bn_add_words(r_d+(128/BN_BITS2), r_d+(128/BN_BITS2), 
-		t_d, BN_NIST_256_TOP))
-		++carry;
+	nist_set_384(t_d, buf,0,0,0,0,23,22,21,20,0,0,0,0);
+	carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_384_TOP);
 	/*S6*/
-	BN_384_SET(t_d,0,0,0,0,0,0,23,22,21,0,0,20)
-	if (bn_add_words(r_d, r_d, t_d, BN_NIST_384_TOP))
-		++carry;
+	nist_set_384(t_d,buf,0,0,0,0,0,0,23,22,21,0,0,20);
+	carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_384_TOP);
 	/*D1*/
-	BN_384_SET(t_d,22,21,20,19,18,17,16,15,14,13,12,23)
-	if (bn_sub_words(r_d, r_d, t_d, BN_NIST_384_TOP))
-		--carry;
+	nist_set_384(t_d,buf,22,21,20,19,18,17,16,15,14,13,12,23);
+	carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_384_TOP);
 	/*D2*/
-	BN_384_SET(t_d,0,0,0,0,0,0,0,23,22,21,20,0)
-	if (bn_sub_words(r_d, r_d, t_d, BN_NIST_384_TOP))
-		--carry;
+	nist_set_384(t_d,buf,0,0,0,0,0,0,0,23,22,21,20,0);
+	carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_384_TOP);
 	/*D3*/
-	BN_384_SET(t_d,0,0,0,0,0,0,0,23,23,0,0,0)
-	if (bn_sub_words(r_d, r_d, t_d, BN_NIST_384_TOP))
-		--carry;
-	
-	if (carry)
+	nist_set_384(t_d,buf,0,0,0,0,0,0,0,23,23,0,0,0);
+	carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_384_TOP);
+
+	/* see BN_nist_mod_224 for explanation */
+	u.f = bn_sub_words;
+	if (carry > 0)
+		carry = (int)bn_sub_words(r_d,r_d,_nist_p_384[carry-1],BN_NIST_384_TOP);
+	else if (carry < 0)
 		{
-		if (carry > 0)
-			bn_sub_words(r_d, r_d, _384_data + BN_NIST_384_TOP *
-				--carry, BN_NIST_384_TOP);
-		else
-			{
-			carry = -carry;
-			bn_add_words(r_d, r_d, _384_data + BN_NIST_384_TOP *
-				--carry, BN_NIST_384_TOP);
-			}
+		carry = (int)bn_add_words(r_d,r_d,_nist_p_384[-carry-1],BN_NIST_384_TOP);
+		mask = 0-(size_t)carry;
+		u.p = ((size_t)bn_sub_words&mask) | ((size_t)bn_add_words&~mask);
 		}
+	else
+		carry = 1;
 
+	mask  = 0-(size_t)(*u.f)(c_d,r_d,_nist_p_384[0],BN_NIST_384_TOP);
+	mask &= 0-(size_t)carry;
+	res   = (BN_ULONG *)(((size_t)c_d&~mask) | ((size_t)r_d&mask));
+	nist_cp_bn(r_d, res, BN_NIST_384_TOP);
 	r->top = BN_NIST_384_TOP;
 	bn_correct_top(r);
-	if (BN_ucmp(r, field) >= 0)
-		{
-		bn_sub_words(r_d, r_d, _nist_p_384, BN_NIST_384_TOP);
-		bn_correct_top(r);
-		}
-	bn_check_top(r);
+
 	return 1;
-#else
-	return 0;
-#endif
 	}
 
+#define BN_NIST_521_RSHIFT	(521%BN_BITS2)
+#define BN_NIST_521_LSHIFT	(BN_BITS2-BN_NIST_521_RSHIFT)
+#define BN_NIST_521_TOP_MASK	((BN_ULONG)BN_MASK2>>BN_NIST_521_LSHIFT)
+
 int BN_nist_mod_521(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
 	BN_CTX *ctx)
 	{
-#if BN_BITS2 == 64
-#define BN_NIST_521_TOP_MASK	(BN_ULONG)0x1FF
-#elif BN_BITS2 == 32
-#define BN_NIST_521_TOP_MASK	(BN_ULONG)0x1FF
-#elif BN_BITS2 == 16
-#define BN_NIST_521_TOP_MASK	(BN_ULONG)0x1FF
-#elif BN_BITS2 == 8
-#define BN_NIST_521_TOP_MASK	(BN_ULONG)0x1
-#endif
-	int	top, ret = 0;
-	BN_ULONG *r_d;
-	BIGNUM	*tmp;
-
-	/* check whether a reduction is necessary */
-	top = a->top;
-	if (top < BN_NIST_521_TOP  || ( top == BN_NIST_521_TOP &&
-           (!(a->d[BN_NIST_521_TOP-1] & ~(BN_NIST_521_TOP_MASK)))))
+	int	top = a->top, i;
+	BN_ULONG *r_d, *a_d = a->d,
+		 t_d[BN_NIST_521_TOP],
+		 val,tmp,*res;
+	size_t	mask;
+	static const BIGNUM _bignum_nist_p_521_sqr = {
+		(BN_ULONG *)_nist_p_521_sqr,
+		sizeof(_nist_p_521_sqr)/sizeof(_nist_p_521_sqr[0]),
+		sizeof(_nist_p_521_sqr)/sizeof(_nist_p_521_sqr[0]),
+		0,BN_FLG_STATIC_DATA };
+
+	field = &_bignum_nist_p_521; /* just to make sure */
+
+ 	if (BN_is_negative(a) || BN_ucmp(a,&_bignum_nist_p_521_sqr)>=0)
+		return BN_nnmod(r, a, field, ctx);
+
+	i = BN_ucmp(field, a);
+	if (i == 0)
+		{
+		BN_zero(r);
+		return 1;
+		}
+	else if (i > 0)
 		return (r == a)? 1 : (BN_copy(r ,a) != NULL);
 
-	BN_CTX_start(ctx);
-	tmp = BN_CTX_get(ctx);
-	if (!tmp)
-		goto err;
-
-	if (!BN_ncopy(tmp, a, BN_NIST_521_TOP))
-		return 0;
-	if (!BN_rshift(r, a, 521))
-		return 0;
-
-	if (tmp->top == BN_NIST_521_TOP)
-		tmp->d[BN_NIST_521_TOP-1]  &= BN_NIST_521_TOP_MASK;
-
-	bn_correct_top(tmp);
-	if (!BN_uadd(r, tmp, r))
-		return 0;
-	top = r->top;
-	r_d = r->d;
-	if (top == BN_NIST_521_TOP  && 
-           (r_d[BN_NIST_521_TOP-1] & ~(BN_NIST_521_TOP_MASK)))
+	if (r != a)
 		{
-		BN_NIST_ADD_ONE(r_d)
-		r_d[BN_NIST_521_TOP-1] &= BN_NIST_521_TOP_MASK; 
+		if (!bn_wexpand(r,BN_NIST_521_TOP))
+			return 0;
+		r_d = r->d;
+		nist_cp_bn(r_d,a_d, BN_NIST_521_TOP);
 		}
-	bn_correct_top(r);
+	else
+		r_d = a_d;
 
-	ret = 1;
-err:
-	BN_CTX_end(ctx);
+	/* upper 521 bits, copy ... */
+	nist_cp_bn_0(t_d,a_d + (BN_NIST_521_TOP-1), top - (BN_NIST_521_TOP-1),BN_NIST_521_TOP);
+	/* ... and right shift */
+	for (val=t_d[0],i=0; i<BN_NIST_521_TOP-1; i++)
+		{
+		tmp = val>>BN_NIST_521_RSHIFT;
+		val = t_d[i+1];
+		t_d[i] = (tmp | val<<BN_NIST_521_LSHIFT) & BN_MASK2;
+		}
+	t_d[i] = val>>BN_NIST_521_RSHIFT;
+	/* lower 521 bits */
+	r_d[i] &= BN_NIST_521_TOP_MASK;
+
+	bn_add_words(r_d,r_d,t_d,BN_NIST_521_TOP);
+	mask = 0-(size_t)bn_sub_words(t_d,r_d,_nist_p_521,BN_NIST_521_TOP);
+	res  = (BN_ULONG *)(((size_t)t_d&~mask) | ((size_t)r_d&mask));
+	nist_cp_bn(r_d,res,BN_NIST_521_TOP);
+	r->top = BN_NIST_521_TOP;
+	bn_correct_top(r);
 
-	bn_check_top(r);
-	return ret;
+	return 1;
 	}
diff --git a/crypto/bn/bn_prime.c b/crypto/bn/bn_prime.c
index d03403a600..7b25979dd1 100644
--- a/crypto/bn/bn_prime.c
+++ b/crypto/bn/bn_prime.c
@@ -258,7 +258,8 @@ int BN_is_prime_fasttest_ex(const BIGNUM *a, int checks, BN_CTX *ctx_passed,
 
 	/* first look for small factors */
 	if (!BN_is_odd(a))
-		return 0;
+		/* a is even => a is prime if and only if a == 2 */
+		return BN_is_word(a, 2);
 	if (do_trial_division)
 		{
 		for (i = 1; i < NUMPRIMES; i++)
@@ -376,14 +377,15 @@ static int witness(BIGNUM *w, const BIGNUM *a, const BIGNUM *a1,
 static int probable_prime(BIGNUM *rnd, int bits)
 	{
 	int i;
-	BN_ULONG mods[NUMPRIMES];
-	BN_ULONG delta,d;
+	prime_t mods[NUMPRIMES];
+	BN_ULONG delta,maxdelta;
 
 again:
 	if (!BN_rand(rnd,bits,1,1)) return(0);
 	/* we now have a random number 'rand' to test. */
 	for (i=1; i<NUMPRIMES; i++)
-		mods[i]=BN_mod_word(rnd,(BN_ULONG)primes[i]);
+		mods[i]=(prime_t)BN_mod_word(rnd,(BN_ULONG)primes[i]);
+	maxdelta=BN_MASK2 - primes[NUMPRIMES-1];
 	delta=0;
 	loop: for (i=1; i<NUMPRIMES; i++)
 		{
@@ -391,12 +393,8 @@ again:
 		 * that gcd(rnd-1,primes) == 1 (except for 2) */
 		if (((mods[i]+delta)%primes[i]) <= 1)
 			{
-			d=delta;
 			delta+=2;
-			/* perhaps need to check for overflow of
-			 * delta (but delta can be up to 2^32)
-			 * 21-May-98 eay - added overflow check */
-			if (delta < d) goto again;
+			if (delta > maxdelta) goto again;
 			goto loop;
 			}
 		}
diff --git a/crypto/bn/bn_prime.h b/crypto/bn/bn_prime.h
index b7cf9a9bfe..51d2194feb 100644
--- a/crypto/bn/bn_prime.h
+++ b/crypto/bn/bn_prime.h
@@ -58,10 +58,12 @@
 
 #ifndef EIGHT_BIT
 #define NUMPRIMES 2048
+typedef unsigned short prime_t;
 #else
 #define NUMPRIMES 54
+typedef unsigned char prime_t;
 #endif
-static const unsigned int primes[NUMPRIMES]=
+static const prime_t primes[NUMPRIMES]=
 	{
 	   2,   3,   5,   7,  11,  13,  17,  19,
 	  23,  29,  31,  37,  41,  43,  47,  53,
diff --git a/crypto/bn/bn_prime.pl b/crypto/bn/bn_prime.pl
index e583d1d53b..3fafb6f3e9 100644
--- a/crypto/bn/bn_prime.pl
+++ b/crypto/bn/bn_prime.pl
@@ -101,10 +101,12 @@ for ($i=0; $i <= $#primes; $i++)
 
 printf "#ifndef EIGHT_BIT\n";
 printf "#define NUMPRIMES %d\n",$num;
+printf "typedef unsigned short prime_t;\n";
 printf "#else\n";
 printf "#define NUMPRIMES %d\n",$eight;
+printf "typedef unsigned char prime_t;\n";
 printf "#endif\n";
-print "static const unsigned int primes[NUMPRIMES]=\n\t{\n\t";
+print "static const prime_t primes[NUMPRIMES]=\n\t{\n\t";
 $init=0;
 for ($i=0; $i <= $#primes; $i++)
 	{
diff --git a/crypto/bn/bn_print.c b/crypto/bn/bn_print.c
index 5fb8473f37..bebb466d08 100644
--- a/crypto/bn/bn_print.c
+++ b/crypto/bn/bn_print.c
@@ -62,7 +62,7 @@
 #include <openssl/buffer.h>
 #include "bn_lcl.h"
 
-static const char *Hex="0123456789ABCDEF";
+static const char Hex[]="0123456789ABCDEF";
 
 /* Must 'OPENSSL_free' the returned data */
 char *BN_bn2hex(const BIGNUM *a)
@@ -134,7 +134,7 @@ char *BN_bn2dec(const BIGNUM *a)
 		}
 	else
 		{
-		if (BN_get_sign(t))
+		if (BN_is_negative(t))
 			*p++ = '-';
 
 		i=0;
@@ -294,6 +294,27 @@ err:
 	return(0);
 	}
 
+int BN_asc2bn(BIGNUM **bn, const char *a)
+	{
+	const char *p = a;
+	if (*p == '-')
+		p++;
+
+	if (p[0] == '0' && (p[1] == 'X' || p[1] == 'x'))
+		{		
+		if (!BN_hex2bn(bn, p + 2))
+			return 0;
+		}
+	else
+		{
+		if (!BN_dec2bn(bn, p))
+			return 0;
+		}
+	if (*a == '-')
+		(*bn)->neg = 1;
+	return 1;
+	}
+
 #ifndef OPENSSL_NO_BIO
 #ifndef OPENSSL_NO_FP_API
 int BN_print_fp(FILE *fp, const BIGNUM *a)
diff --git a/crypto/bn/bn_rand.c b/crypto/bn/bn_rand.c
index 323bfa74bc..b376c28ff3 100644
--- a/crypto/bn/bn_rand.c
+++ b/crypto/bn/bn_rand.c
@@ -134,7 +134,7 @@ static int bnrand(int pseudorand, BIGNUM *rnd, int bits, int top, int bottom)
 	buf=(unsigned char *)OPENSSL_malloc(bytes);
 	if (buf == NULL)
 		{
-		BNerr(BN_F_BN_RAND,ERR_R_MALLOC_FAILURE);
+		BNerr(BN_F_BNRAND,ERR_R_MALLOC_FAILURE);
 		goto err;
 		}
 
@@ -227,7 +227,7 @@ int     BN_bntest_rand(BIGNUM *rnd, int bits, int top, int bottom)
 
 
 /* random number r:  0 <= r < range */
-static int bn_rand_range(int pseudo, BIGNUM *r, BIGNUM *range)
+static int bn_rand_range(int pseudo, BIGNUM *r, const BIGNUM *range)
 	{
 	int (*bn_rand)(BIGNUM *, int, int, int) = pseudo ? BN_pseudo_rand : BN_rand;
 	int n;
@@ -294,12 +294,12 @@ static int bn_rand_range(int pseudo, BIGNUM *r, BIGNUM *range)
 	}
 
 
-int	BN_rand_range(BIGNUM *r, BIGNUM *range)
+int	BN_rand_range(BIGNUM *r, const BIGNUM *range)
 	{
 	return bn_rand_range(0, r, range);
 	}
 
-int	BN_pseudo_rand_range(BIGNUM *r, BIGNUM *range)
+int	BN_pseudo_rand_range(BIGNUM *r, const BIGNUM *range)
 	{
 	return bn_rand_range(1, r, range);
 	}
diff --git a/crypto/bn/bn_recp.c b/crypto/bn/bn_recp.c
index a08489e04a..2e8efb8dae 100644
--- a/crypto/bn/bn_recp.c
+++ b/crypto/bn/bn_recp.c
@@ -191,7 +191,7 @@ int BN_div_recp(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m,
 		{
 		if (j++ > 2)
 			{
-			BNerr(BN_F_BN_MOD_MUL_RECIPROCAL,BN_R_BAD_RECIPROCAL);
+			BNerr(BN_F_BN_DIV_RECP,BN_R_BAD_RECIPROCAL);
 			goto err;
 			}
 		if (!BN_usub(r,r,&(recp->N))) goto err;
@@ -204,8 +204,8 @@ int BN_div_recp(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m,
 	ret=1;
 err:
 	BN_CTX_end(ctx);
-	if(dv) bn_check_top(dv);
-	if(rem) bn_check_top(rem);
+	bn_check_top(dv);
+	bn_check_top(rem);
 	return(ret);
 	} 
 
diff --git a/crypto/bn/bn_shift.c b/crypto/bn/bn_shift.c
index de9312dce2..c4d301afc4 100644
--- a/crypto/bn/bn_shift.c
+++ b/crypto/bn/bn_shift.c
@@ -177,7 +177,7 @@ int BN_rshift(BIGNUM *r, const BIGNUM *a, int n)
 	nw=n/BN_BITS2;
 	rb=n%BN_BITS2;
 	lb=BN_BITS2-rb;
-	if (nw > a->top || a->top == 0)
+	if (nw >= a->top || a->top == 0)
 		{
 		BN_zero(r);
 		return(1);
diff --git a/crypto/bn/bn_sqr.c b/crypto/bn/bn_sqr.c
index 3b4b3f0d38..270d0cd348 100644
--- a/crypto/bn/bn_sqr.c
+++ b/crypto/bn/bn_sqr.c
@@ -148,8 +148,8 @@ int BN_sqr(BIGNUM *r, const BIGNUM *a, BN_CTX *ctx)
 	if (rr != r) BN_copy(r,rr);
 	ret = 1;
  err:
-	if(rr) bn_check_top(rr);
-	if(tmp) bn_check_top(tmp);
+	bn_check_top(rr);
+	bn_check_top(tmp);
 	BN_CTX_end(ctx);
 	return(ret);
 	}
diff --git a/crypto/bn/bn_sqrt.c b/crypto/bn/bn_sqrt.c
index 924ee274df..6beaf9e5e5 100644
--- a/crypto/bn/bn_sqrt.c
+++ b/crypto/bn/bn_sqrt.c
@@ -1,4 +1,4 @@
-/* crypto/bn/bn_mod.c */
+/* crypto/bn/bn_sqrt.c */
 /* Written by Lenka Fibikova <fibikova@exp-math.uni-essen.de>
  * and Bodo Moeller for the OpenSSL project. */
 /* ====================================================================
@@ -83,7 +83,8 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
 				goto end;
 			if (!BN_set_word(ret, BN_is_bit_set(a, 0)))
 				{
-				BN_free(ret);
+				if (ret != in)
+					BN_free(ret);
 				return NULL;
 				}
 			bn_check_top(ret);
@@ -102,7 +103,8 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
 			goto end;
 		if (!BN_set_word(ret, BN_is_one(a)))
 			{
-			BN_free(ret);
+			if (ret != in)
+				BN_free(ret);
 			return NULL;
 			}
 		bn_check_top(ret);
diff --git a/crypto/bn/bn_word.c b/crypto/bn/bn_word.c
index 1bcb37e292..ee7b87c45c 100644
--- a/crypto/bn/bn_word.c
+++ b/crypto/bn/bn_word.c
@@ -69,6 +69,9 @@ BN_ULONG BN_mod_word(const BIGNUM *a, BN_ULONG w)
 #endif
 	int i;
 
+	if (w == 0)
+		return (BN_ULONG)-1;
+
 	bn_check_top(a);
 	w&=BN_MASK2;
 	for (i=a->top-1; i>=0; i--)
@@ -94,7 +97,7 @@ BN_ULONG BN_div_word(BIGNUM *a, BN_ULONG w)
 
 	if (!w)
 		/* actually this an error (division by zero) */
-		return 0;
+		return (BN_ULONG)-1;
 	if (a->top == 0)
 		return 0;
 
@@ -102,7 +105,7 @@ BN_ULONG BN_div_word(BIGNUM *a, BN_ULONG w)
 	j = BN_BITS2 - BN_num_bits_word(w);
 	w <<= j;
 	if (!BN_lshift(a, a, j))
-		return 0;
+		return (BN_ULONG)-1;
 
 	for (i=a->top-1; i>=0; i--)
 		{
@@ -175,7 +178,13 @@ int BN_sub_word(BIGNUM *a, BN_ULONG w)
 	/* degenerate case: w is zero */
 	if (!w) return 1;
 	/* degenerate case: a is zero */
-	if(BN_is_zero(a)) return BN_set_word(a,w);
+	if(BN_is_zero(a))
+		{
+		i = BN_set_word(a,w);
+		if (i != 0)
+			BN_set_negative(a, 1);
+		return i;
+		}
 	/* handle 'a' when negative */
 	if (a->neg)
 		{
diff --git a/crypto/bn/bntest.c b/crypto/bn/bntest.c
index 9169cc8813..0cd99c5b4b 100644
--- a/crypto/bn/bntest.c
+++ b/crypto/bn/bntest.c
@@ -106,6 +106,7 @@ int test_mont(BIO *bp,BN_CTX *ctx);
 int test_mod(BIO *bp,BN_CTX *ctx);
 int test_mod_mul(BIO *bp,BN_CTX *ctx);
 int test_mod_exp(BIO *bp,BN_CTX *ctx);
+int test_mod_exp_mont_consttime(BIO *bp,BN_CTX *ctx);
 int test_exp(BIO *bp,BN_CTX *ctx);
 int test_gf2m_add(BIO *bp);
 int test_gf2m_mod(BIO *bp);
@@ -183,116 +184,120 @@ int main(int argc, char *argv[])
 
 	message(out,"BN_add");
 	if (!test_add(out)) goto err;
-	BIO_flush(out);
+	(void)BIO_flush(out);
 
 	message(out,"BN_sub");
 	if (!test_sub(out)) goto err;
-	BIO_flush(out);
+	(void)BIO_flush(out);
 
 	message(out,"BN_lshift1");
 	if (!test_lshift1(out)) goto err;
-	BIO_flush(out);
+	(void)BIO_flush(out);
 
 	message(out,"BN_lshift (fixed)");
 	if (!test_lshift(out,ctx,BN_bin2bn(lst,sizeof(lst)-1,NULL)))
 	    goto err;
-	BIO_flush(out);
+	(void)BIO_flush(out);
 
 	message(out,"BN_lshift");
 	if (!test_lshift(out,ctx,NULL)) goto err;
-	BIO_flush(out);
+	(void)BIO_flush(out);
 
 	message(out,"BN_rshift1");
 	if (!test_rshift1(out)) goto err;
-	BIO_flush(out);
+	(void)BIO_flush(out);
 
 	message(out,"BN_rshift");
 	if (!test_rshift(out,ctx)) goto err;
-	BIO_flush(out);
+	(void)BIO_flush(out);
 
 	message(out,"BN_sqr");
 	if (!test_sqr(out,ctx)) goto err;
-	BIO_flush(out);
+	(void)BIO_flush(out);
 
 	message(out,"BN_mul");
 	if (!test_mul(out)) goto err;
-	BIO_flush(out);
+	(void)BIO_flush(out);
 
 	message(out,"BN_div");
 	if (!test_div(out,ctx)) goto err;
-	BIO_flush(out);
+	(void)BIO_flush(out);
 
 	message(out,"BN_div_word");
 	if (!test_div_word(out)) goto err;
-	BIO_flush(out);
+	(void)BIO_flush(out);
 
 	message(out,"BN_div_recp");
 	if (!test_div_recp(out,ctx)) goto err;
-	BIO_flush(out);
+	(void)BIO_flush(out);
 
 	message(out,"BN_mod");
 	if (!test_mod(out,ctx)) goto err;
-	BIO_flush(out);
+	(void)BIO_flush(out);
 
 	message(out,"BN_mod_mul");
 	if (!test_mod_mul(out,ctx)) goto err;
-	BIO_flush(out);
+	(void)BIO_flush(out);
 
 	message(out,"BN_mont");
 	if (!test_mont(out,ctx)) goto err;
-	BIO_flush(out);
+	(void)BIO_flush(out);
 
 	message(out,"BN_mod_exp");
 	if (!test_mod_exp(out,ctx)) goto err;
-	BIO_flush(out);
+	(void)BIO_flush(out);
+
+	message(out,"BN_mod_exp_mont_consttime");
+	if (!test_mod_exp_mont_consttime(out,ctx)) goto err;
+	(void)BIO_flush(out);
 
 	message(out,"BN_exp");
 	if (!test_exp(out,ctx)) goto err;
-	BIO_flush(out);
+	(void)BIO_flush(out);
 
 	message(out,"BN_kronecker");
 	if (!test_kron(out,ctx)) goto err;
-	BIO_flush(out);
+	(void)BIO_flush(out);
 
 	message(out,"BN_mod_sqrt");
 	if (!test_sqrt(out,ctx)) goto err;
-	BIO_flush(out);
+	(void)BIO_flush(out);
 
 	message(out,"BN_GF2m_add");
 	if (!test_gf2m_add(out)) goto err;
-	BIO_flush(out);
+	(void)BIO_flush(out);
 
 	message(out,"BN_GF2m_mod");
 	if (!test_gf2m_mod(out)) goto err;
-	BIO_flush(out);
+	(void)BIO_flush(out);
 
 	message(out,"BN_GF2m_mod_mul");
 	if (!test_gf2m_mod_mul(out,ctx)) goto err;
-	BIO_flush(out);
+	(void)BIO_flush(out);
 
 	message(out,"BN_GF2m_mod_sqr");
 	if (!test_gf2m_mod_sqr(out,ctx)) goto err;
-	BIO_flush(out);
+	(void)BIO_flush(out);
 
 	message(out,"BN_GF2m_mod_inv");
 	if (!test_gf2m_mod_inv(out,ctx)) goto err;
-	BIO_flush(out);
+	(void)BIO_flush(out);
 
 	message(out,"BN_GF2m_mod_div");
 	if (!test_gf2m_mod_div(out,ctx)) goto err;
-	BIO_flush(out);
+	(void)BIO_flush(out);
 
 	message(out,"BN_GF2m_mod_exp");
 	if (!test_gf2m_mod_exp(out,ctx)) goto err;
-	BIO_flush(out);
+	(void)BIO_flush(out);
 
 	message(out,"BN_GF2m_mod_sqrt");
 	if (!test_gf2m_mod_sqrt(out,ctx)) goto err;
-	BIO_flush(out);
+	(void)BIO_flush(out);
 
 	message(out,"BN_GF2m_mod_solve_quad");
 	if (!test_gf2m_mod_solve_quad(out,ctx)) goto err;
-	BIO_flush(out);
+	(void)BIO_flush(out);
 
 	BN_CTX_free(ctx);
 	BIO_free(out);
@@ -302,7 +307,7 @@ int main(int argc, char *argv[])
 err:
 	BIO_puts(out,"1\n"); /* make sure the Perl script fed by bc notices
 	                      * the failure, see test_bn in test/Makefile.ssl*/
-	BIO_flush(out);
+	(void)BIO_flush(out);
 	ERR_load_crypto_strings();
 	ERR_print_errors_fp(stderr);
 	EXIT(1);
@@ -481,7 +486,7 @@ static void print_word(BIO *bp,BN_ULONG w)
 		return;
 		}
 #endif
-	BIO_printf(bp,"%lX",w);
+	BIO_printf(bp,BN_HEX_FMT1,w);
 	}
 
 int test_div_word(BIO *bp)
@@ -727,6 +732,8 @@ int test_mont(BIO *bp, BN_CTX *ctx)
 	BN_init(&n);
 
 	mont=BN_MONT_CTX_new();
+	if (mont == NULL)
+		return 0;
 
 	BN_bntest_rand(&a,100,0,0); /**/
 	BN_bntest_rand(&b,100,0,0); /**/
@@ -921,6 +928,57 @@ int test_mod_exp(BIO *bp, BN_CTX *ctx)
 		BN_bntest_rand(b,2+i,0,0); /**/
 
 		if (!BN_mod_exp(d,a,b,c,ctx))
+			return(0);
+
+		if (bp != NULL)
+			{
+			if (!results)
+				{
+				BN_print(bp,a);
+				BIO_puts(bp," ^ ");
+				BN_print(bp,b);
+				BIO_puts(bp," % ");
+				BN_print(bp,c);
+				BIO_puts(bp," - ");
+				}
+			BN_print(bp,d);
+			BIO_puts(bp,"\n");
+			}
+		BN_exp(e,a,b,ctx);
+		BN_sub(e,e,d);
+		BN_div(a,b,e,c,ctx);
+		if(!BN_is_zero(b))
+		    {
+		    fprintf(stderr,"Modulo exponentiation test failed!\n");
+		    return 0;
+		    }
+		}
+	BN_free(a);
+	BN_free(b);
+	BN_free(c);
+	BN_free(d);
+	BN_free(e);
+	return(1);
+	}
+
+int test_mod_exp_mont_consttime(BIO *bp, BN_CTX *ctx)
+	{
+	BIGNUM *a,*b,*c,*d,*e;
+	int i;
+
+	a=BN_new();
+	b=BN_new();
+	c=BN_new();
+	d=BN_new();
+	e=BN_new();
+
+	BN_bntest_rand(c,30,0,1); /* must be odd for montgomery */
+	for (i=0; i<num2; i++)
+		{
+		BN_bntest_rand(a,20+i*5,0,0); /**/
+		BN_bntest_rand(b,2+i,0,0); /**/
+
+		if (!BN_mod_exp_mont_consttime(d,a,b,c,ctx,NULL))
 			return(00);
 
 		if (bp != NULL)
@@ -971,8 +1029,8 @@ int test_exp(BIO *bp, BN_CTX *ctx)
 		BN_bntest_rand(a,20+i*5,0,0); /**/
 		BN_bntest_rand(b,2+i,0,0); /**/
 
-		if (!BN_exp(d,a,b,ctx))
-			return(00);
+		if (BN_exp(d,a,b,ctx) <= 0)
+			return(0);
 
 		if (bp != NULL)
 			{
@@ -1060,8 +1118,8 @@ int test_gf2m_mod(BIO *bp)
 	{
 	BIGNUM *a,*b[2],*c,*d,*e;
 	int i, j, ret = 0;
-	unsigned int p0[] = {163,7,6,3,0};
-	unsigned int p1[] = {193,15,0};
+	int p0[] = {163,7,6,3,0,-1};
+	int p1[] = {193,15,0,-1};
 
 	a=BN_new();
 	b[0]=BN_new();
@@ -1118,8 +1176,8 @@ int test_gf2m_mod_mul(BIO *bp,BN_CTX *ctx)
 	{
 	BIGNUM *a,*b[2],*c,*d,*e,*f,*g,*h;
 	int i, j, ret = 0;
-	unsigned int p0[] = {163,7,6,3,0};
-	unsigned int p1[] = {193,15,0};
+	int p0[] = {163,7,6,3,0,-1};
+	int p1[] = {193,15,0,-1};
 
 	a=BN_new();
 	b[0]=BN_new();
@@ -1189,8 +1247,8 @@ int test_gf2m_mod_sqr(BIO *bp,BN_CTX *ctx)
 	{
 	BIGNUM *a,*b[2],*c,*d;
 	int i, j, ret = 0;
-	unsigned int p0[] = {163,7,6,3,0};
-	unsigned int p1[] = {193,15,0};
+	int p0[] = {163,7,6,3,0,-1};
+	int p1[] = {193,15,0,-1};
 
 	a=BN_new();
 	b[0]=BN_new();
@@ -1248,8 +1306,8 @@ int test_gf2m_mod_inv(BIO *bp,BN_CTX *ctx)
 	{
 	BIGNUM *a,*b[2],*c,*d;
 	int i, j, ret = 0;
-	unsigned int p0[] = {163,7,6,3,0};
-	unsigned int p1[] = {193,15,0};
+	int p0[] = {163,7,6,3,0,-1};
+	int p1[] = {193,15,0,-1};
 
 	a=BN_new();
 	b[0]=BN_new();
@@ -1303,8 +1361,8 @@ int test_gf2m_mod_div(BIO *bp,BN_CTX *ctx)
 	{
 	BIGNUM *a,*b[2],*c,*d,*e,*f;
 	int i, j, ret = 0;
-	unsigned int p0[] = {163,7,6,3,0};
-	unsigned int p1[] = {193,15,0};
+	int p0[] = {163,7,6,3,0,-1};
+	int p1[] = {193,15,0,-1};
 
 	a=BN_new();
 	b[0]=BN_new();
@@ -1366,8 +1424,8 @@ int test_gf2m_mod_exp(BIO *bp,BN_CTX *ctx)
 	{
 	BIGNUM *a,*b[2],*c,*d,*e,*f;
 	int i, j, ret = 0;
-	unsigned int p0[] = {163,7,6,3,0};
-	unsigned int p1[] = {193,15,0};
+	int p0[] = {163,7,6,3,0,-1};
+	int p1[] = {193,15,0,-1};
 
 	a=BN_new();
 	b[0]=BN_new();
@@ -1437,8 +1495,8 @@ int test_gf2m_mod_sqrt(BIO *bp,BN_CTX *ctx)
 	{
 	BIGNUM *a,*b[2],*c,*d,*e,*f;
 	int i, j, ret = 0;
-	unsigned int p0[] = {163,7,6,3,0};
-	unsigned int p1[] = {193,15,0};
+	int p0[] = {163,7,6,3,0,-1};
+	int p1[] = {193,15,0,-1};
 
 	a=BN_new();
 	b[0]=BN_new();
@@ -1496,8 +1554,8 @@ int test_gf2m_mod_solve_quad(BIO *bp,BN_CTX *ctx)
 	{
 	BIGNUM *a,*b[2],*c,*d,*e;
 	int i, j, s = 0, t, ret = 0;
-	unsigned int p0[] = {163,7,6,3,0};
-	unsigned int p1[] = {193,15,0};
+	int p0[] = {163,7,6,3,0,-1};
+	int p1[] = {193,15,0,-1};
 
 	a=BN_new();
 	b[0]=BN_new();
diff --git a/crypto/bn/expspeed.c b/crypto/bn/expspeed.c
index 07a1bcf51c..4d5f221f33 100644
--- a/crypto/bn/expspeed.c
+++ b/crypto/bn/expspeed.c
@@ -321,7 +321,7 @@ void do_mul_exp(BIGNUM *r, BIGNUM *a, BIGNUM *b, BIGNUM *c, BN_CTX *ctx)
 #else /* TEST_SQRT */
 			"2*sqrt [prime == %d (mod 64)] %4d %4d mod %4d"
 #endif
-			" -> %8.3fms %5.1f (%ld)\n",
+			" -> %8.6fms %5.1f (%ld)\n",
 #ifdef TEST_SQRT
 			P_MOD_64,
 #endif
diff --git a/crypto/bn/exptest.c b/crypto/bn/exptest.c
index 37aec55b89..074a8e882a 100644
--- a/crypto/bn/exptest.c
+++ b/crypto/bn/exptest.c
@@ -77,7 +77,7 @@ int main(int argc, char *argv[])
 	BIO *out=NULL;
 	int i,ret;
 	unsigned char c;
-	BIGNUM *r_mont,*r_recp,*r_simple,*a,*b,*m;
+	BIGNUM *r_mont,*r_mont_const,*r_recp,*r_simple,*a,*b,*m;
 
 	RAND_seed(rnd_seed, sizeof rnd_seed); /* or BN_rand may fail, and we don't
 	                                       * even check its return value
@@ -88,6 +88,7 @@ int main(int argc, char *argv[])
 	ctx=BN_CTX_new();
 	if (ctx == NULL) EXIT(1);
 	r_mont=BN_new();
+	r_mont_const=BN_new();
 	r_recp=BN_new();
 	r_simple=BN_new();
 	a=BN_new();
@@ -143,8 +144,17 @@ int main(int argc, char *argv[])
 			EXIT(1);
 			}
 
+		ret=BN_mod_exp_mont_consttime(r_mont_const,a,b,m,ctx,NULL);
+		if (ret <= 0)
+			{
+			printf("BN_mod_exp_mont_consttime() problems\n");
+			ERR_print_errors(out);
+			EXIT(1);
+			}
+
 		if (BN_cmp(r_simple, r_mont) == 0
-		    && BN_cmp(r_simple,r_recp) == 0)
+		    && BN_cmp(r_simple,r_recp) == 0
+			&& BN_cmp(r_simple,r_mont_const) == 0)
 			{
 			printf(".");
 			fflush(stdout);
@@ -153,6 +163,8 @@ int main(int argc, char *argv[])
 		  	{
 			if (BN_cmp(r_simple,r_mont) != 0)
 				printf("\nsimple and mont results differ\n");
+			if (BN_cmp(r_simple,r_mont_const) != 0)
+				printf("\nsimple and mont const time results differ\n");
 			if (BN_cmp(r_simple,r_recp) != 0)
 				printf("\nsimple and recp results differ\n");
 
@@ -162,18 +174,20 @@ int main(int argc, char *argv[])
 			printf("\nsimple   =");	BN_print(out,r_simple);
 			printf("\nrecp     =");	BN_print(out,r_recp);
 			printf("\nmont     ="); BN_print(out,r_mont);
+			printf("\nmont_ct  ="); BN_print(out,r_mont_const);
 			printf("\n");
 			EXIT(1);
 			}
 		}
 	BN_free(r_mont);
+	BN_free(r_mont_const);
 	BN_free(r_recp);
 	BN_free(r_simple);
 	BN_free(a);
 	BN_free(b);
 	BN_free(m);
 	BN_CTX_free(ctx);
-	ERR_remove_state(0);
+	ERR_remove_thread_state(NULL);
 	CRYPTO_mem_leaks(out);
 	BIO_free(out);
 	printf(" done\n");
diff --git a/crypto/buffer/.cvsignore b/crypto/buffer/.cvsignore
index c6d03a9dbc..439e6d3eb6 100644
--- a/crypto/buffer/.cvsignore
+++ b/crypto/buffer/.cvsignore
@@ -1,2 +1,4 @@
 lib
 Makefile.save
+*.flc
+semantic.cache
diff --git a/crypto/buffer/Makefile.ssl b/crypto/buffer/Makefile.ssl
deleted file mode 100644
index 25facaeb05..0000000000
--- a/crypto/buffer/Makefile.ssl
+++ /dev/null
@@ -1,95 +0,0 @@
-#
-# SSLeay/crypto/buffer/Makefile
-#
-
-DIR=	buffer
-TOP=	../..
-CC=	cc
-INCLUDES= -I.. -I$(TOP) -I../../include
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC= buffer.c buf_err.c
-LIBOBJ= buffer.o buf_err.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= buffer.h
-HEADER=	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@sh $(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-buf_err.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-buf_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-buf_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-buf_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-buf_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-buf_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-buf_err.o: buf_err.c
-buffer.o: ../../e_os.h ../../include/openssl/bio.h
-buffer.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-buffer.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-buffer.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-buffer.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-buffer.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-buffer.o: ../../include/openssl/symhacks.h ../cryptlib.h buffer.c
diff --git a/crypto/buffer/buf_err.c b/crypto/buffer/buf_err.c
index 73702f0f10..8f1de6192b 100644
--- a/crypto/buffer/buf_err.c
+++ b/crypto/buffer/buf_err.c
@@ -1,6 +1,6 @@
 /* crypto/buffer/buf_err.c */
 /* ====================================================================
- * Copyright (c) 1999-2003 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2006 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -64,13 +64,18 @@
 
 /* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
+
+#define ERR_FUNC(func) ERR_PACK(ERR_LIB_BUF,func,0)
+#define ERR_REASON(reason) ERR_PACK(ERR_LIB_BUF,0,reason)
+
 static ERR_STRING_DATA BUF_str_functs[]=
 	{
-{ERR_PACK(0,BUF_F_BUF_MEMDUP,0),	"BUF_memdup"},
-{ERR_PACK(0,BUF_F_BUF_MEM_GROW,0),	"BUF_MEM_grow"},
-{ERR_PACK(0,BUF_F_BUF_MEM_NEW,0),	"BUF_MEM_new"},
-{ERR_PACK(0,BUF_F_BUF_STRDUP,0),	"BUF_strdup"},
-{ERR_PACK(0,BUF_F_BUF_STRNDUP,0),	"BUF_strndup"},
+{ERR_FUNC(BUF_F_BUF_MEMDUP),	"BUF_memdup"},
+{ERR_FUNC(BUF_F_BUF_MEM_GROW),	"BUF_MEM_grow"},
+{ERR_FUNC(BUF_F_BUF_MEM_GROW_CLEAN),	"BUF_MEM_grow_clean"},
+{ERR_FUNC(BUF_F_BUF_MEM_NEW),	"BUF_MEM_new"},
+{ERR_FUNC(BUF_F_BUF_STRDUP),	"BUF_strdup"},
+{ERR_FUNC(BUF_F_BUF_STRNDUP),	"BUF_strndup"},
 {0,NULL}
 	};
 
@@ -83,15 +88,12 @@ static ERR_STRING_DATA BUF_str_reasons[]=
 
 void ERR_load_BUF_strings(void)
 	{
-	static int init=1;
-
-	if (init)
-		{
-		init=0;
 #ifndef OPENSSL_NO_ERR
-		ERR_load_strings(ERR_LIB_BUF,BUF_str_functs);
-		ERR_load_strings(ERR_LIB_BUF,BUF_str_reasons);
-#endif
 
+	if (ERR_func_error_string(BUF_str_functs[0].error) == NULL)
+		{
+		ERR_load_strings(0,BUF_str_functs);
+		ERR_load_strings(0,BUF_str_reasons);
 		}
+#endif
 	}
diff --git a/crypto/buffer/buffer.c b/crypto/buffer/buffer.c
index 03ebf23a14..620ea8d536 100644
--- a/crypto/buffer/buffer.c
+++ b/crypto/buffer/buffer.c
@@ -89,10 +89,10 @@ void BUF_MEM_free(BUF_MEM *a)
 	OPENSSL_free(a);
 	}
 
-int BUF_MEM_grow(BUF_MEM *str, int len)
+int BUF_MEM_grow(BUF_MEM *str, size_t len)
 	{
 	char *ret;
-	unsigned int n;
+	size_t n;
 
 	if (str->length >= len)
 		{
@@ -125,10 +125,10 @@ int BUF_MEM_grow(BUF_MEM *str, int len)
 	return(len);
 	}
 
-int BUF_MEM_grow_clean(BUF_MEM *str, int len)
+int BUF_MEM_grow_clean(BUF_MEM *str, size_t len)
 	{
 	char *ret;
-	unsigned int n;
+	size_t n;
 
 	if (str->length >= len)
 		{
@@ -149,7 +149,7 @@ int BUF_MEM_grow_clean(BUF_MEM *str, int len)
 		ret=OPENSSL_realloc_clean(str->data,str->max,n);
 	if (ret == NULL)
 		{
-		BUFerr(BUF_F_BUF_MEM_GROW,ERR_R_MALLOC_FAILURE);
+		BUFerr(BUF_F_BUF_MEM_GROW_CLEAN,ERR_R_MALLOC_FAILURE);
 		len=0;
 		}
 	else
@@ -219,3 +219,26 @@ size_t BUF_strlcat(char *dst, const char *src, size_t size)
 		l++;
 	return l + BUF_strlcpy(dst, src, size);
 	}
+
+void BUF_reverse(unsigned char *out, unsigned char *in, size_t size)
+	{
+	size_t i;
+	if (in)
+		{
+		out += size - 1;
+		for (i = 0; i < size; i++)
+			*in++ = *out--;
+		}
+	else
+		{
+		unsigned char *q;
+		char c;
+		q = out + size - 1;
+		for (i = 0; i < size/2; i++)
+			{
+			c = *q;
+			*q-- = *out;
+			*out++ = c;
+			}
+		}
+	}
diff --git a/crypto/buffer/buffer.h b/crypto/buffer/buffer.h
index 4b8eb7119d..178e418282 100644
--- a/crypto/buffer/buffer.h
+++ b/crypto/buffer/buffer.h
@@ -76,18 +76,19 @@ extern "C" {
 
 struct buf_mem_st
 	{
-	int length;	/* current number of bytes */
+	size_t length;	/* current number of bytes */
 	char *data;
-	int max;	/* size of buffer */
+	size_t max;	/* size of buffer */
 	};
 
 BUF_MEM *BUF_MEM_new(void);
 void	BUF_MEM_free(BUF_MEM *a);
-int	BUF_MEM_grow(BUF_MEM *str, int len);
-int	BUF_MEM_grow_clean(BUF_MEM *str, int len);
+int	BUF_MEM_grow(BUF_MEM *str, size_t len);
+int	BUF_MEM_grow_clean(BUF_MEM *str, size_t len);
 char *	BUF_strdup(const char *str);
 char *	BUF_strndup(const char *str, size_t siz);
 void *	BUF_memdup(const void *data, size_t siz);
+void	BUF_reverse(unsigned char *out, unsigned char *in, size_t siz);
 
 /* safe string functions */
 size_t BUF_strlcpy(char *dst,const char *src,size_t siz);
@@ -105,6 +106,7 @@ void ERR_load_BUF_strings(void);
 /* Function codes. */
 #define BUF_F_BUF_MEMDUP				 103
 #define BUF_F_BUF_MEM_GROW				 100
+#define BUF_F_BUF_MEM_GROW_CLEAN			 105
 #define BUF_F_BUF_MEM_NEW				 101
 #define BUF_F_BUF_STRDUP				 102
 #define BUF_F_BUF_STRNDUP				 104
diff --git a/crypto/camellia/.cvsignore b/crypto/camellia/.cvsignore
new file mode 100644
index 0000000000..b7f68a8535
--- /dev/null
+++ b/crypto/camellia/.cvsignore
@@ -0,0 +1,3 @@
+lib
+Makefile.save
+cmll-*.s
diff --git a/crypto/camellia/Makefile b/crypto/camellia/Makefile
new file mode 100644
index 0000000000..ff5fe4a01d
--- /dev/null
+++ b/crypto/camellia/Makefile
@@ -0,0 +1,103 @@
+#
+# crypto/camellia/Makefile
+#
+
+DIR= camellia
+TOP=	../..
+CC=	cc
+CPP=	$(CC) -E
+INCLUDES=
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CMLL_ENC= camellia.o cmll_misc.o cmll_cbc.o
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+ASFLAGS= $(INCLUDES) $(ASFLAG)
+AFLAGS= $(ASFLAGS)
+
+GENERAL=Makefile
+#TEST=camelliatest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=camellia.c cmll_misc.c cmll_ecb.c cmll_cbc.c cmll_ofb.c \
+	   cmll_cfb.c cmll_ctr.c 
+
+LIBOBJ= cmll_ecb.o cmll_ofb.o cmll_cfb.o cmll_ctr.o $(CMLL_ENC)
+
+SRC= $(LIBSRC)
+
+EXHEADER= camellia.h
+HEADER= cmll_locl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+cmll-x86.s:	asm/cmll-x86.pl ../perlasm/x86asm.pl
+	$(PERL) asm/cmll-x86.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
+cmll-x86_64.s:  asm/cmll-x86_64.pl
+	$(PERL) asm/cmll-x86_64.pl $(PERLASM_SCHEME) > $@
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+camellia.o: ../../include/openssl/opensslconf.h camellia.c camellia.h
+camellia.o: cmll_locl.h
+cmll_cbc.o: ../../include/openssl/camellia.h ../../include/openssl/modes.h
+cmll_cbc.o: ../../include/openssl/opensslconf.h cmll_cbc.c
+cmll_cfb.o: ../../include/openssl/camellia.h ../../include/openssl/modes.h
+cmll_cfb.o: ../../include/openssl/opensslconf.h cmll_cfb.c
+cmll_ctr.o: ../../include/openssl/camellia.h ../../include/openssl/modes.h
+cmll_ctr.o: ../../include/openssl/opensslconf.h cmll_ctr.c
+cmll_ecb.o: ../../include/openssl/camellia.h
+cmll_ecb.o: ../../include/openssl/opensslconf.h cmll_ecb.c cmll_locl.h
+cmll_misc.o: ../../include/openssl/camellia.h
+cmll_misc.o: ../../include/openssl/opensslconf.h
+cmll_misc.o: ../../include/openssl/opensslv.h cmll_locl.h cmll_misc.c
+cmll_ofb.o: ../../include/openssl/camellia.h ../../include/openssl/modes.h
+cmll_ofb.o: ../../include/openssl/opensslconf.h cmll_ofb.c
diff --git a/crypto/camellia/asm/cmll-x86.pl b/crypto/camellia/asm/cmll-x86.pl
new file mode 100644
index 0000000000..027302ac86
--- /dev/null
+++ b/crypto/camellia/asm/cmll-x86.pl
@@ -0,0 +1,1138 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Copyright (c) 2008 Andy Polyakov <appro@openssl.org>
+#
+# This module may be used under the terms of either the GNU General
+# Public License version 2 or later, the GNU Lesser General Public
+# License version 2.1 or later, the Mozilla Public License version
+# 1.1 or the BSD License. The exact terms of either license are
+# distributed along with this module. For further details see
+# http://www.openssl.org/~appro/camellia/.
+# ====================================================================
+
+# Performance in cycles per processed byte (less is better) in
+# 'openssl speed ...' benchmark:
+#
+#			AMD K8	Core2	PIII	P4
+# -evp camellia-128-ecb	21.5	22.8	27.0	28.9
+# + over gcc 3.4.6	+90/11% +70/10%	+53/4%	+160/64%
+# + over icc 8.0	+48/19% +21/15%	+21/17%	+55/37%
+#
+# camellia-128-cbc	17.3	21.1	23.9	25.9
+#
+# 128-bit key setup	196	280	256	240	cycles/key
+# + over gcc 3.4.6	+30/0%	+17/11%	+11/0%	+63/40%
+# + over icc 8.0	+18/3%	+10/0%	+10/3%	+21/10%
+#
+# Pairs of numbers in "+" rows represent performance improvement over
+# compiler generated position-independent code, PIC, and non-PIC
+# respectively. PIC results are of greater relevance, as this module
+# is position-independent, i.e. suitable for a shared library or PIE.
+# Position independence "costs" one register, which is why compilers
+# are so close with non-PIC results, they have an extra register to
+# spare. CBC results are better than ECB ones thanks to "zero-copy"
+# private _x86_* interface, and are ~30-40% better than with compiler
+# generated cmll_cbc.o, and reach ~80-90% of x86_64 performance on
+# same CPU (where applicable).
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+push(@INC,"${dir}","${dir}../../perlasm");
+require "x86asm.pl";
+
+$OPENSSL=1;
+
+&asm_init($ARGV[0],"cmll-586.pl",$ARGV[$#ARGV] eq "386");
+
+@T=("eax","ebx","ecx","edx");
+$idx="esi";
+$key="edi";
+$Tbl="ebp";
+
+# stack frame layout in _x86_Camellia_* routines, frame is allocated
+# by caller
+$__ra=&DWP(0,"esp");	# return address
+$__s0=&DWP(4,"esp");	# s0 backing store
+$__s1=&DWP(8,"esp");	# s1 backing store
+$__s2=&DWP(12,"esp");	# s2 backing store
+$__s3=&DWP(16,"esp");	# s3 backing store
+$__end=&DWP(20,"esp");	# pointer to end/start of key schedule
+
+# stack frame layout in Camellia_[en|crypt] routines, which differs from
+# above by 4 and overlaps by pointer to end/start of key schedule
+$_end=&DWP(16,"esp");
+$_esp=&DWP(20,"esp");
+
+# const unsigned int Camellia_SBOX[4][256];
+# Well, sort of... Camellia_SBOX[0][] is interleaved with [1][],
+# and [2][] - with [3][]. This is done to optimize code size.
+$SBOX1_1110=0;		# Camellia_SBOX[0]
+$SBOX4_4404=4;		# Camellia_SBOX[1]
+$SBOX2_0222=2048;	# Camellia_SBOX[2]
+$SBOX3_3033=2052;	# Camellia_SBOX[3]
+&static_label("Camellia_SIGMA");
+&static_label("Camellia_SBOX");
+
+sub Camellia_Feistel {
+my $i=@_[0];
+my $seed=defined(@_[1])?@_[1]:0;
+my $scale=$seed<0?-8:8;
+my $frame=defined(@_[2])?@_[2]:0;
+my $j=($i&1)*2;
+my $t0=@T[($j)%4],$t1=@T[($j+1)%4],$t2=@T[($j+2)%4],$t3=@T[($j+3)%4];
+
+	&xor	($t0,$idx);				# t0^=key[0]
+	&xor	($t1,&DWP($seed+$i*$scale+4,$key));	# t1^=key[1]
+	&movz	($idx,&HB($t0));			# (t0>>8)&0xff
+	&mov	($t3,&DWP($SBOX3_3033,$Tbl,$idx,8));	# t3=SBOX3_3033[0]
+	&movz	($idx,&LB($t0));			# (t0>>0)&0xff
+	&xor	($t3,&DWP($SBOX4_4404,$Tbl,$idx,8));	# t3^=SBOX4_4404[0]
+	&shr	($t0,16);
+	&movz	($idx,&LB($t1));			# (t1>>0)&0xff
+	&mov	($t2,&DWP($SBOX1_1110,$Tbl,$idx,8));	# t2=SBOX1_1110[1]
+	&movz	($idx,&HB($t0));			# (t0>>24)&0xff
+	&xor	($t3,&DWP($SBOX1_1110,$Tbl,$idx,8));	# t3^=SBOX1_1110[0]
+	&movz	($idx,&HB($t1));			# (t1>>8)&0xff
+	&xor	($t2,&DWP($SBOX4_4404,$Tbl,$idx,8));	# t2^=SBOX4_4404[1]
+	&shr	($t1,16);
+	&movz	($t0,&LB($t0));				# (t0>>16)&0xff
+	&xor	($t3,&DWP($SBOX2_0222,$Tbl,$t0,8));	# t3^=SBOX2_0222[0]
+	&movz	($idx,&HB($t1));			# (t1>>24)&0xff
+	&mov	($t0,&DWP($frame+4*(($j+3)%4),"esp"));	# prefetch "s3"
+	&xor	($t2,$t3);				# t2^=t3
+	&rotr	($t3,8);				# t3=RightRotate(t3,8)
+	&xor	($t2,&DWP($SBOX2_0222,$Tbl,$idx,8));	# t2^=SBOX2_0222[1]
+	&movz	($idx,&LB($t1));			# (t1>>16)&0xff
+	&mov	($t1,&DWP($frame+4*(($j+2)%4),"esp"));	# prefetch "s2"
+	&xor	($t3,$t0);				# t3^=s3
+	&xor	($t2,&DWP($SBOX3_3033,$Tbl,$idx,8));	# t2^=SBOX3_3033[1]
+	&mov	($idx,&DWP($seed+($i+1)*$scale,$key));	# prefetch key[i+1]
+	&xor	($t3,$t2);				# t3^=t2
+	&mov	(&DWP($frame+4*(($j+3)%4),"esp"),$t3);	# s3=t3
+	&xor	($t2,$t1);				# t2^=s2
+	&mov	(&DWP($frame+4*(($j+2)%4),"esp"),$t2);	# s2=t2
+}
+
+# void Camellia_EncryptBlock_Rounds(
+#		int grandRounds,
+#		const Byte plaintext[],
+#		const KEY_TABLE_TYPE keyTable,
+#		Byte ciphertext[])
+&function_begin("Camellia_EncryptBlock_Rounds");
+	&mov	("eax",&wparam(0));	# load grandRounds
+	&mov	($idx,&wparam(1));	# load plaintext pointer
+	&mov	($key,&wparam(2));	# load key schedule pointer
+
+	&mov	("ebx","esp");
+	&sub	("esp",7*4);		# place for s[0-3],keyEnd,esp and ra
+	&and	("esp",-64);
+
+	# place stack frame just "above mod 1024" the key schedule
+	# this ensures that cache associativity of 2 suffices
+	&lea	("ecx",&DWP(-64-63,$key));
+	&sub	("ecx","esp");
+	&neg	("ecx");
+	&and	("ecx",0x3C0);	# modulo 1024, but aligned to cache-line
+	&sub	("esp","ecx");
+	&add	("esp",4);	# 4 is reserved for callee's return address
+
+	&shl	("eax",6);
+	&lea	("eax",&DWP(0,$key,"eax"));
+	&mov	($_esp,"ebx");	# save %esp
+	&mov	($_end,"eax");	# save keyEnd
+
+	&call	(&label("pic_point"));
+	&set_label("pic_point");
+	&blindpop($Tbl);
+	&lea	($Tbl,&DWP(&label("Camellia_SBOX")."-".&label("pic_point"),$Tbl));
+
+	&mov	(@T[0],&DWP(0,$idx));	# load plaintext
+	&mov	(@T[1],&DWP(4,$idx));
+	&mov	(@T[2],&DWP(8,$idx));
+	&bswap	(@T[0]);
+	&mov	(@T[3],&DWP(12,$idx));
+	&bswap	(@T[1]);
+	&bswap	(@T[2]);
+	&bswap	(@T[3]);
+
+	&call	("_x86_Camellia_encrypt");
+
+	&mov	("esp",$_esp);
+	&bswap	(@T[0]);
+	&mov	($idx,&wparam(3));	# load ciphertext pointer
+	&bswap	(@T[1]);
+	&bswap	(@T[2]);
+	&bswap	(@T[3]);
+	&mov	(&DWP(0,$idx),@T[0]);	# write ciphertext
+	&mov	(&DWP(4,$idx),@T[1]);
+	&mov	(&DWP(8,$idx),@T[2]);
+	&mov	(&DWP(12,$idx),@T[3]);
+&function_end("Camellia_EncryptBlock_Rounds");
+# V1.x API
+&function_begin_B("Camellia_EncryptBlock");
+	&mov	("eax",128);
+	&sub	("eax",&wparam(0));	# load keyBitLength
+	&mov	("eax",3);
+	&adc	("eax",0);		# keyBitLength==128?3:4
+	&mov	(&wparam(0),"eax");
+	&jmp	(&label("Camellia_EncryptBlock_Rounds"));
+&function_end_B("Camellia_EncryptBlock");
+
+if ($OPENSSL) {
+# void Camellia_encrypt(
+#		const unsigned char *in,
+#		unsigned char *out,
+#		const CAMELLIA_KEY *key)
+&function_begin("Camellia_encrypt");
+	&mov	($idx,&wparam(0));	# load plaintext pointer
+	&mov	($key,&wparam(2));	# load key schedule pointer
+
+	&mov	("ebx","esp");
+	&sub	("esp",7*4);		# place for s[0-3],keyEnd,esp and ra
+	&and	("esp",-64);
+	&mov	("eax",&DWP(272,$key));	# load grandRounds counter
+
+	# place stack frame just "above mod 1024" the key schedule
+	# this ensures that cache associativity of 2 suffices
+	&lea	("ecx",&DWP(-64-63,$key));
+	&sub	("ecx","esp");
+	&neg	("ecx");
+	&and	("ecx",0x3C0);	# modulo 1024, but aligned to cache-line
+	&sub	("esp","ecx");
+	&add	("esp",4);	# 4 is reserved for callee's return address
+
+	&shl	("eax",6);
+	&lea	("eax",&DWP(0,$key,"eax"));
+	&mov	($_esp,"ebx");	# save %esp
+	&mov	($_end,"eax");	# save keyEnd
+
+	&call	(&label("pic_point"));
+	&set_label("pic_point");
+	&blindpop($Tbl);
+	&lea	($Tbl,&DWP(&label("Camellia_SBOX")."-".&label("pic_point"),$Tbl));
+
+	&mov	(@T[0],&DWP(0,$idx));	# load plaintext
+	&mov	(@T[1],&DWP(4,$idx));
+	&mov	(@T[2],&DWP(8,$idx));
+	&bswap	(@T[0]);
+	&mov	(@T[3],&DWP(12,$idx));
+	&bswap	(@T[1]);
+	&bswap	(@T[2]);
+	&bswap	(@T[3]);
+
+	&call	("_x86_Camellia_encrypt");
+
+	&mov	("esp",$_esp);
+	&bswap	(@T[0]);
+	&mov	($idx,&wparam(1));	# load ciphertext pointer
+	&bswap	(@T[1]);
+	&bswap	(@T[2]);
+	&bswap	(@T[3]);
+	&mov	(&DWP(0,$idx),@T[0]);	# write ciphertext
+	&mov	(&DWP(4,$idx),@T[1]);
+	&mov	(&DWP(8,$idx),@T[2]);
+	&mov	(&DWP(12,$idx),@T[3]);
+&function_end("Camellia_encrypt");
+}
+
+&function_begin_B("_x86_Camellia_encrypt");
+	&xor	(@T[0],&DWP(0,$key));	# ^=key[0-3]
+	&xor	(@T[1],&DWP(4,$key));
+	&xor	(@T[2],&DWP(8,$key));
+	&xor	(@T[3],&DWP(12,$key));
+	&mov	($idx,&DWP(16,$key));	# prefetch key[4]
+
+	&mov	($__s0,@T[0]);		# save s[0-3]
+	&mov	($__s1,@T[1]);
+	&mov	($__s2,@T[2]);
+	&mov	($__s3,@T[3]);
+
+&set_label("loop",16);
+	for ($i=0;$i<6;$i++) { Camellia_Feistel($i,16,4); }
+
+	&add	($key,16*4);
+	&cmp	($key,$__end);
+	&je	(&label("done"));
+
+	# @T[0-1] are preloaded, $idx is preloaded with key[0]
+	&and	($idx,@T[0]);
+	 &mov	 (@T[3],$__s3);
+	&rotl	($idx,1);
+	 &mov	 (@T[2],@T[3]);
+	&xor	(@T[1],$idx);
+	 &or	 (@T[2],&DWP(12,$key));
+	&mov	($__s1,@T[1]);		# s1^=LeftRotate(s0&key[0],1);
+	 &xor	 (@T[2],$__s2);
+
+	&mov	($idx,&DWP(4,$key));
+	 &mov	 ($__s2,@T[2]);		# s2^=s3|key[3];
+	&or	($idx,@T[1]);
+	 &and	 (@T[2],&DWP(8,$key));
+	&xor	(@T[0],$idx);
+	 &rotl	 (@T[2],1);
+	&mov	($__s0,@T[0]);		# s0^=s1|key[1];
+	 &xor	 (@T[3],@T[2]);
+	&mov	($idx,&DWP(16,$key));		# prefetch key[4]
+	 &mov	 ($__s3,@T[3]);		# s3^=LeftRotate(s2&key[2],1);
+	&jmp	(&label("loop"));
+
+&set_label("done",8);
+	&mov	(@T[2],@T[0]);		# SwapHalf
+	&mov	(@T[3],@T[1]);
+	&mov	(@T[0],$__s2);
+	&mov	(@T[1],$__s3);
+	&xor	(@T[0],$idx);		# $idx is preloaded with key[0]
+	&xor	(@T[1],&DWP(4,$key));
+	&xor	(@T[2],&DWP(8,$key));
+	&xor	(@T[3],&DWP(12,$key));
+	&ret	();
+&function_end_B("_x86_Camellia_encrypt");
+
+# void Camellia_DecryptBlock_Rounds(
+#		int grandRounds,
+#		const Byte ciphertext[],
+#		const KEY_TABLE_TYPE keyTable,
+#		Byte plaintext[])
+&function_begin("Camellia_DecryptBlock_Rounds");
+	&mov	("eax",&wparam(0));	# load grandRounds
+	&mov	($idx,&wparam(1));	# load ciphertext pointer
+	&mov	($key,&wparam(2));	# load key schedule pointer
+
+	&mov	("ebx","esp");
+	&sub	("esp",7*4);		# place for s[0-3],keyEnd,esp and ra
+	&and	("esp",-64);
+
+	# place stack frame just "above mod 1024" the key schedule
+	# this ensures that cache associativity of 2 suffices
+	&lea	("ecx",&DWP(-64-63,$key));
+	&sub	("ecx","esp");
+	&neg	("ecx");
+	&and	("ecx",0x3C0);	# modulo 1024, but aligned to cache-line
+	&sub	("esp","ecx");
+	&add	("esp",4);	# 4 is reserved for callee's return address
+
+	&shl	("eax",6);
+	&mov	(&DWP(4*4,"esp"),$key);	# save keyStart
+	&lea	($key,&DWP(0,$key,"eax"));
+	&mov	(&DWP(5*4,"esp"),"ebx");# save %esp
+
+	&call	(&label("pic_point"));
+	&set_label("pic_point");
+	&blindpop($Tbl);
+	&lea	($Tbl,&DWP(&label("Camellia_SBOX")."-".&label("pic_point"),$Tbl));
+
+	&mov	(@T[0],&DWP(0,$idx));	# load ciphertext
+	&mov	(@T[1],&DWP(4,$idx));
+	&mov	(@T[2],&DWP(8,$idx));
+	&bswap	(@T[0]);
+	&mov	(@T[3],&DWP(12,$idx));
+	&bswap	(@T[1]);
+	&bswap	(@T[2]);
+	&bswap	(@T[3]);
+
+	&call	("_x86_Camellia_decrypt");
+
+	&mov	("esp",&DWP(5*4,"esp"));
+	&bswap	(@T[0]);
+	&mov	($idx,&wparam(3));	# load plaintext pointer
+	&bswap	(@T[1]);
+	&bswap	(@T[2]);
+	&bswap	(@T[3]);
+	&mov	(&DWP(0,$idx),@T[0]);	# write plaintext
+	&mov	(&DWP(4,$idx),@T[1]);
+	&mov	(&DWP(8,$idx),@T[2]);
+	&mov	(&DWP(12,$idx),@T[3]);
+&function_end("Camellia_DecryptBlock_Rounds");
+# V1.x API
+&function_begin_B("Camellia_DecryptBlock");
+	&mov	("eax",128);
+	&sub	("eax",&wparam(0));	# load keyBitLength
+	&mov	("eax",3);
+	&adc	("eax",0);		# keyBitLength==128?3:4
+	&mov	(&wparam(0),"eax");
+	&jmp	(&label("Camellia_DecryptBlock_Rounds"));
+&function_end_B("Camellia_DecryptBlock");
+
+if ($OPENSSL) {
+# void Camellia_decrypt(
+#		const unsigned char *in,
+#		unsigned char *out,
+#		const CAMELLIA_KEY *key)
+&function_begin("Camellia_decrypt");
+	&mov	($idx,&wparam(0));	# load ciphertext pointer
+	&mov	($key,&wparam(2));	# load key schedule pointer
+
+	&mov	("ebx","esp");
+	&sub	("esp",7*4);		# place for s[0-3],keyEnd,esp and ra
+	&and	("esp",-64);
+	&mov	("eax",&DWP(272,$key));	# load grandRounds counter
+
+	# place stack frame just "above mod 1024" the key schedule
+	# this ensures that cache associativity of 2 suffices
+	&lea	("ecx",&DWP(-64-63,$key));
+	&sub	("ecx","esp");
+	&neg	("ecx");
+	&and	("ecx",0x3C0);	# modulo 1024, but aligned to cache-line
+	&sub	("esp","ecx");
+	&add	("esp",4);	# 4 is reserved for callee's return address
+
+	&shl	("eax",6);
+	&mov	(&DWP(4*4,"esp"),$key);	# save keyStart
+	&lea	($key,&DWP(0,$key,"eax"));
+	&mov	(&DWP(5*4,"esp"),"ebx");# save %esp
+
+	&call	(&label("pic_point"));
+	&set_label("pic_point");
+	&blindpop($Tbl);
+	&lea	($Tbl,&DWP(&label("Camellia_SBOX")."-".&label("pic_point"),$Tbl));
+
+	&mov	(@T[0],&DWP(0,$idx));	# load ciphertext
+	&mov	(@T[1],&DWP(4,$idx));
+	&mov	(@T[2],&DWP(8,$idx));
+	&bswap	(@T[0]);
+	&mov	(@T[3],&DWP(12,$idx));
+	&bswap	(@T[1]);
+	&bswap	(@T[2]);
+	&bswap	(@T[3]);
+
+	&call	("_x86_Camellia_decrypt");
+
+	&mov	("esp",&DWP(5*4,"esp"));
+	&bswap	(@T[0]);
+	&mov	($idx,&wparam(1));	# load plaintext pointer
+	&bswap	(@T[1]);
+	&bswap	(@T[2]);
+	&bswap	(@T[3]);
+	&mov	(&DWP(0,$idx),@T[0]);	# write plaintext
+	&mov	(&DWP(4,$idx),@T[1]);
+	&mov	(&DWP(8,$idx),@T[2]);
+	&mov	(&DWP(12,$idx),@T[3]);
+&function_end("Camellia_decrypt");
+}
+
+&function_begin_B("_x86_Camellia_decrypt");
+	&xor	(@T[0],&DWP(0,$key));	# ^=key[0-3]
+	&xor	(@T[1],&DWP(4,$key));
+	&xor	(@T[2],&DWP(8,$key));
+	&xor	(@T[3],&DWP(12,$key));
+	&mov	($idx,&DWP(-8,$key));	# prefetch key[-2]
+
+	&mov	($__s0,@T[0]);		# save s[0-3]
+	&mov	($__s1,@T[1]);
+	&mov	($__s2,@T[2]);
+	&mov	($__s3,@T[3]);
+
+&set_label("loop",16);
+	for ($i=0;$i<6;$i++) { Camellia_Feistel($i,-8,4); }
+
+	&sub	($key,16*4);
+	&cmp	($key,$__end);
+	&je	(&label("done"));
+
+	# @T[0-1] are preloaded, $idx is preloaded with key[2]
+	&and	($idx,@T[0]);
+	 &mov	 (@T[3],$__s3);
+	&rotl	($idx,1);
+	 &mov	 (@T[2],@T[3]);
+	&xor	(@T[1],$idx);
+	 &or	 (@T[2],&DWP(4,$key));
+	&mov	($__s1,@T[1]);		# s1^=LeftRotate(s0&key[0],1);
+	 &xor	 (@T[2],$__s2);
+
+	&mov	($idx,&DWP(12,$key));
+	 &mov	 ($__s2,@T[2]);		# s2^=s3|key[3];
+	&or	($idx,@T[1]);
+	 &and	 (@T[2],&DWP(0,$key));
+	&xor	(@T[0],$idx);
+	 &rotl	 (@T[2],1);
+	&mov	($__s0,@T[0]);		# s0^=s1|key[1];
+	 &xor	 (@T[3],@T[2]);
+	&mov	($idx,&DWP(-8,$key));	# prefetch key[4]
+	 &mov	 ($__s3,@T[3]);		# s3^=LeftRotate(s2&key[2],1);
+	&jmp	(&label("loop"));
+
+&set_label("done",8);
+	&mov	(@T[2],@T[0]);		# SwapHalf
+	&mov	(@T[3],@T[1]);
+	&mov	(@T[0],$__s2);
+	&mov	(@T[1],$__s3);
+	&xor	(@T[2],$idx);		# $idx is preloaded with key[2]
+	&xor	(@T[3],&DWP(12,$key));
+	&xor	(@T[0],&DWP(0,$key));
+	&xor	(@T[1],&DWP(4,$key));
+	&ret	();
+&function_end_B("_x86_Camellia_decrypt");
+
+# shld is very slow on Intel P4 family. Even on AMD it limits
+# instruction decode rate [because it's VectorPath] and consequently
+# performance. PIII, PM and Core[2] seem to be the only ones which
+# execute this code ~7% faster...
+sub __rotl128 {
+  my ($i0,$i1,$i2,$i3,$rot,$rnd,@T)=@_;
+
+    $rnd *= 2;
+    if ($rot) {
+	&mov	($idx,$i0);
+	&shld	($i0,$i1,$rot);
+	&shld	($i1,$i2,$rot);
+	&shld	($i2,$i3,$rot);
+	&shld	($i3,$idx,$rot);
+    }
+    &mov	(&DWP(-128+4*$rnd++,$key),shift(@T))	if ($i0 eq @T[0]);
+    &mov	(&DWP(-128+4*$rnd++,$key),shift(@T))	if ($i1 eq @T[0]);
+    &mov	(&DWP(-128+4*$rnd++,$key),shift(@T))	if ($i2 eq @T[0]);
+    &mov	(&DWP(-128+4*$rnd++,$key),shift(@T))	if ($i3 eq @T[0]);
+}
+
+# ... Implementing 128-bit rotate without shld gives >3x performance
+# improvement on P4, only ~7% degradation on other Intel CPUs and
+# not worse performance on AMD. This is therefore preferred.
+sub _rotl128 {
+  my ($i0,$i1,$i2,$i3,$rot,$rnd,@T)=@_;
+
+    $rnd *= 2;
+    if ($rot) {
+	&mov	($Tbl,$i0);
+	&shl	($i0,$rot);
+	&mov	($idx,$i1);
+	&shr	($idx,32-$rot);
+	&shl	($i1,$rot);
+	&or	($i0,$idx);
+	&mov	($idx,$i2);
+	&shl	($i2,$rot);
+	&mov	(&DWP(-128+4*$rnd++,$key),shift(@T))	if ($i0 eq @T[0]);
+	&shr	($idx,32-$rot);
+	&or	($i1,$idx);
+	&shr	($Tbl,32-$rot);
+	&mov	($idx,$i3);
+	&shr	($idx,32-$rot);
+	&mov	(&DWP(-128+4*$rnd++,$key),shift(@T))	if ($i1 eq @T[0]);
+	&shl	($i3,$rot);
+	&or	($i2,$idx);
+	&or	($i3,$Tbl);
+	&mov	(&DWP(-128+4*$rnd++,$key),shift(@T))	if ($i2 eq @T[0]);
+	&mov	(&DWP(-128+4*$rnd++,$key),shift(@T))	if ($i3 eq @T[0]);
+    } else {
+	&mov	(&DWP(-128+4*$rnd++,$key),shift(@T))	if ($i0 eq @T[0]);
+	&mov	(&DWP(-128+4*$rnd++,$key),shift(@T))	if ($i1 eq @T[0]);
+	&mov	(&DWP(-128+4*$rnd++,$key),shift(@T))	if ($i2 eq @T[0]);
+	&mov	(&DWP(-128+4*$rnd++,$key),shift(@T))	if ($i3 eq @T[0]);
+    }
+}
+
+sub _saveround {
+my ($rnd,$key,@T)=@_;
+my $bias=int(@T[0])?shift(@T):0;
+
+	&mov	(&DWP($bias+$rnd*8+0,$key),@T[0]);
+	&mov	(&DWP($bias+$rnd*8+4,$key),@T[1])	if ($#T>=1);
+	&mov	(&DWP($bias+$rnd*8+8,$key),@T[2])	if ($#T>=2);
+	&mov	(&DWP($bias+$rnd*8+12,$key),@T[3])	if ($#T>=3);
+}
+
+sub _loadround {
+my ($rnd,$key,@T)=@_;
+my $bias=int(@T[0])?shift(@T):0;
+
+	&mov	(@T[0],&DWP($bias+$rnd*8+0,$key));
+	&mov	(@T[1],&DWP($bias+$rnd*8+4,$key))	if ($#T>=1);
+	&mov	(@T[2],&DWP($bias+$rnd*8+8,$key))	if ($#T>=2);
+	&mov	(@T[3],&DWP($bias+$rnd*8+12,$key))	if ($#T>=3);
+}
+
+# void Camellia_Ekeygen(
+#		const int keyBitLength,
+#		const Byte *rawKey,
+#		KEY_TABLE_TYPE keyTable)
+&function_begin("Camellia_Ekeygen");
+{ my $step=0;
+
+	&stack_push(4);				# place for s[0-3]
+
+	&mov	($Tbl,&wparam(0));		# load arguments
+	&mov	($idx,&wparam(1));
+	&mov	($key,&wparam(2));
+
+	&mov	(@T[0],&DWP(0,$idx));		# load 0-127 bits
+	&mov	(@T[1],&DWP(4,$idx));
+	&mov	(@T[2],&DWP(8,$idx));
+	&mov	(@T[3],&DWP(12,$idx));
+
+	&bswap	(@T[0]);
+	&bswap	(@T[1]);
+	&bswap	(@T[2]);
+	&bswap	(@T[3]);
+
+	&_saveround	(0,$key,@T);		# KL<<<0
+
+	&cmp	($Tbl,128);
+	&je	(&label("1st128"));
+
+	&mov	(@T[0],&DWP(16,$idx));		# load 128-191 bits
+	&mov	(@T[1],&DWP(20,$idx));
+	&cmp	($Tbl,192);
+	&je	(&label("1st192"));
+	&mov	(@T[2],&DWP(24,$idx));		# load 192-255 bits
+	&mov	(@T[3],&DWP(28,$idx));
+	&jmp	(&label("1st256"));
+&set_label("1st192",4);
+	&mov	(@T[2],@T[0]);
+	&mov	(@T[3],@T[1]);
+	&not	(@T[2]);
+	&not	(@T[3]);
+&set_label("1st256",4);
+	&bswap	(@T[0]);
+	&bswap	(@T[1]);
+	&bswap	(@T[2]);
+	&bswap	(@T[3]);
+
+	&_saveround	(4,$key,@T);		# temporary storage for KR!
+
+	&xor	(@T[0],&DWP(0*8+0,$key));	# KR^KL
+	&xor	(@T[1],&DWP(0*8+4,$key));
+	&xor	(@T[2],&DWP(1*8+0,$key));
+	&xor	(@T[3],&DWP(1*8+4,$key));
+
+&set_label("1st128",4);
+	&call	(&label("pic_point"));
+	&set_label("pic_point");
+	&blindpop($Tbl);
+	&lea	($Tbl,&DWP(&label("Camellia_SBOX")."-".&label("pic_point"),$Tbl));
+	&lea	($key,&DWP(&label("Camellia_SIGMA")."-".&label("Camellia_SBOX"),$Tbl));
+
+	&mov	($idx,&DWP($step*8,$key));	# prefetch SIGMA[0]
+	&mov	(&swtmp(0),@T[0]);		# save s[0-3]
+	&mov	(&swtmp(1),@T[1]);
+	&mov	(&swtmp(2),@T[2]);
+	&mov	(&swtmp(3),@T[3]);
+	&Camellia_Feistel($step++);
+	&Camellia_Feistel($step++);
+	&mov	(@T[2],&swtmp(2));
+	&mov	(@T[3],&swtmp(3));
+
+	&mov	($idx,&wparam(2));
+	&xor	(@T[0],&DWP(0*8+0,$idx));	# ^KL
+	&xor	(@T[1],&DWP(0*8+4,$idx));
+	&xor	(@T[2],&DWP(1*8+0,$idx));
+	&xor	(@T[3],&DWP(1*8+4,$idx));
+
+	&mov	($idx,&DWP($step*8,$key));	# prefetch SIGMA[4]
+	&mov	(&swtmp(0),@T[0]);		# save s[0-3]
+	&mov	(&swtmp(1),@T[1]);
+	&mov	(&swtmp(2),@T[2]);
+	&mov	(&swtmp(3),@T[3]);
+	&Camellia_Feistel($step++);
+	&Camellia_Feistel($step++);
+	&mov	(@T[2],&swtmp(2));
+	&mov	(@T[3],&swtmp(3));
+
+	&mov	($idx,&wparam(0));
+	&cmp	($idx,128);
+	&jne	(&label("2nd256"));
+
+	&mov	($key,&wparam(2));
+	&lea	($key,&DWP(128,$key));		# size optimization
+
+	####### process KA
+	&_saveround	(2,$key,-128,@T);	# KA<<<0
+	&_rotl128	(@T,15,6,@T);		# KA<<<15
+	&_rotl128	(@T,15,8,@T);		# KA<<<(15+15=30)
+	&_rotl128	(@T,15,12,@T[0],@T[1]);	# KA<<<(30+15=45)
+	&_rotl128	(@T,15,14,@T);		# KA<<<(45+15=60)
+	push		(@T,shift(@T));		# rotl128(@T,32);
+	&_rotl128	(@T,2,20,@T);		# KA<<<(60+32+2=94)
+	&_rotl128	(@T,17,24,@T);		# KA<<<(94+17=111)
+
+	####### process KL
+	&_loadround	(0,$key,-128,@T);	# load KL
+	&_rotl128	(@T,15,4,@T);		# KL<<<15
+	&_rotl128	(@T,30,10,@T);		# KL<<<(15+30=45)
+	&_rotl128	(@T,15,13,@T[2],@T[3]);	# KL<<<(45+15=60)
+	&_rotl128	(@T,17,16,@T);		# KL<<<(60+17=77)
+	&_rotl128	(@T,17,18,@T);		# KL<<<(77+17=94)
+	&_rotl128	(@T,17,22,@T);		# KL<<<(94+17=111)
+
+	while (@T[0] ne "eax")			# restore order
+	{   unshift	(@T,pop(@T));   }
+
+	&mov	("eax",3);			# 3 grandRounds
+	&jmp	(&label("done"));
+
+&set_label("2nd256",16);
+	&mov	($idx,&wparam(2));
+	&_saveround	(6,$idx,@T);		# temporary storage for KA!
+
+	&xor	(@T[0],&DWP(4*8+0,$idx));	# KA^KR
+	&xor	(@T[1],&DWP(4*8+4,$idx));
+	&xor	(@T[2],&DWP(5*8+0,$idx));
+	&xor	(@T[3],&DWP(5*8+4,$idx));
+
+	&mov	($idx,&DWP($step*8,$key));	# prefetch SIGMA[8]
+	&mov	(&swtmp(0),@T[0]);		# save s[0-3]
+	&mov	(&swtmp(1),@T[1]);
+	&mov	(&swtmp(2),@T[2]);
+	&mov	(&swtmp(3),@T[3]);
+	&Camellia_Feistel($step++);
+	&Camellia_Feistel($step++);
+	&mov	(@T[2],&swtmp(2));
+	&mov	(@T[3],&swtmp(3));
+
+	&mov	($key,&wparam(2));
+	&lea	($key,&DWP(128,$key));		# size optimization
+
+	####### process KB
+	&_saveround	(2,$key,-128,@T);	# KB<<<0
+	&_rotl128	(@T,30,10,@T);		# KB<<<30
+	&_rotl128	(@T,30,20,@T);		# KB<<<(30+30=60)
+	push		(@T,shift(@T));		# rotl128(@T,32);
+	&_rotl128	(@T,19,32,@T);		# KB<<<(60+32+19=111)
+
+	####### process KR
+	&_loadround	(4,$key,-128,@T);	# load KR
+	&_rotl128	(@T,15,4,@T);		# KR<<<15
+	&_rotl128	(@T,15,8,@T);		# KR<<<(15+15=30)
+	&_rotl128	(@T,30,18,@T);		# KR<<<(30+30=60)
+	push		(@T,shift(@T));		# rotl128(@T,32);
+	&_rotl128	(@T,2,26,@T);		# KR<<<(60+32+2=94)
+
+	####### process KA
+	&_loadround	(6,$key,-128,@T);	# load KA
+	&_rotl128	(@T,15,6,@T);		# KA<<<15
+	&_rotl128	(@T,30,14,@T);		# KA<<<(15+30=45)
+	push		(@T,shift(@T));		# rotl128(@T,32);
+	&_rotl128	(@T,0,24,@T);		# KA<<<(45+32+0=77)
+	&_rotl128	(@T,17,28,@T);		# KA<<<(77+17=94)
+
+	####### process KL
+	&_loadround	(0,$key,-128,@T);	# load KL
+	push		(@T,shift(@T));		# rotl128(@T,32);
+	&_rotl128	(@T,13,12,@T);		# KL<<<(32+13=45)
+	&_rotl128	(@T,15,16,@T);		# KL<<<(45+15=60)
+	&_rotl128	(@T,17,22,@T);		# KL<<<(60+17=77)
+	push		(@T,shift(@T));		# rotl128(@T,32);
+	&_rotl128	(@T,2,30,@T);		# KL<<<(77+32+2=111)
+
+	while (@T[0] ne "eax")			# restore order
+	{   unshift	(@T,pop(@T));   }
+
+	&mov	("eax",4);			# 4 grandRounds
+&set_label("done");
+	&lea	("edx",&DWP(272-128,$key));	# end of key schedule
+	&stack_pop(4);
+}
+&function_end("Camellia_Ekeygen");
+
+if ($OPENSSL) {
+# int Camellia_set_key (
+#		const unsigned char *userKey,
+#		int bits,
+#		CAMELLIA_KEY *key)
+&function_begin_B("Camellia_set_key");
+	&push	("ebx");
+	&mov	("ecx",&wparam(0));	# pull arguments
+	&mov	("ebx",&wparam(1));
+	&mov	("edx",&wparam(2));
+
+	&mov	("eax",-1);
+	&test	("ecx","ecx");
+	&jz	(&label("done"));	# userKey==NULL?
+	&test	("edx","edx");
+	&jz	(&label("done"));	# key==NULL?
+
+	&mov	("eax",-2);
+	&cmp	("ebx",256);
+	&je	(&label("arg_ok"));	# bits==256?
+	&cmp	("ebx",192);
+	&je	(&label("arg_ok"));	# bits==192?
+	&cmp	("ebx",128);
+	&jne	(&label("done"));	# bits!=128?
+&set_label("arg_ok",4);
+
+	&push	("edx");		# push arguments
+	&push	("ecx");
+	&push	("ebx");
+	&call	("Camellia_Ekeygen");
+	&stack_pop(3);
+
+	# eax holds grandRounds and edx points at where to put it
+	&mov	(&DWP(0,"edx"),"eax");
+	&xor	("eax","eax");
+&set_label("done",4);
+	&pop	("ebx");
+	&ret	();
+&function_end_B("Camellia_set_key");
+}
+
+@SBOX=(
+112,130, 44,236,179, 39,192,229,228,133, 87, 53,234, 12,174, 65,
+ 35,239,107,147, 69, 25,165, 33,237, 14, 79, 78, 29,101,146,189,
+134,184,175,143,124,235, 31,206, 62, 48,220, 95, 94,197, 11, 26,
+166,225, 57,202,213, 71, 93, 61,217,  1, 90,214, 81, 86,108, 77,
+139, 13,154,102,251,204,176, 45,116, 18, 43, 32,240,177,132,153,
+223, 76,203,194, 52,126,118,  5,109,183,169, 49,209, 23,  4,215,
+ 20, 88, 58, 97,222, 27, 17, 28, 50, 15,156, 22, 83, 24,242, 34,
+254, 68,207,178,195,181,122,145, 36,  8,232,168, 96,252,105, 80,
+170,208,160,125,161,137, 98,151, 84, 91, 30,149,224,255,100,210,
+ 16,196,  0, 72,163,247,117,219,138,  3,230,218,  9, 63,221,148,
+135, 92,131,  2,205, 74,144, 51,115,103,246,243,157,127,191,226,
+ 82,155,216, 38,200, 55,198, 59,129,150,111, 75, 19,190, 99, 46,
+233,121,167,140,159,110,188,142, 41,245,249,182, 47,253,180, 89,
+120,152,  6,106,231, 70,113,186,212, 37,171, 66,136,162,141,250,
+114,  7,185, 85,248,238,172, 10, 54, 73, 42,104, 60, 56,241,164,
+ 64, 40,211,123,187,201, 67,193, 21,227,173,244,119,199,128,158);
+
+sub S1110 { my $i=shift; $i=@SBOX[$i]; return $i<<24|$i<<16|$i<<8; }
+sub S4404 { my $i=shift; $i=($i<<1|$i>>7)&0xff; $i=@SBOX[$i]; return $i<<24|$i<<16|$i; }	
+sub S0222 { my $i=shift; $i=@SBOX[$i]; $i=($i<<1|$i>>7)&0xff; return $i<<16|$i<<8|$i; }	
+sub S3033 { my $i=shift; $i=@SBOX[$i]; $i=($i>>1|$i<<7)&0xff; return $i<<24|$i<<8|$i; }	
+
+&set_label("Camellia_SIGMA",64);
+&data_word(
+    0xa09e667f, 0x3bcc908b, 0xb67ae858, 0x4caa73b2,
+    0xc6ef372f, 0xe94f82be, 0x54ff53a5, 0xf1d36f1c,
+    0x10e527fa, 0xde682d1d, 0xb05688c2, 0xb3e6c1fd,
+    0,          0,          0,          0);
+&set_label("Camellia_SBOX",64);
+# tables are interleaved, remember?
+for ($i=0;$i<256;$i++) { &data_word(&S1110($i),&S4404($i)); }
+for ($i=0;$i<256;$i++) { &data_word(&S0222($i),&S3033($i)); }
+
+# void Camellia_cbc_encrypt (const void char *inp, unsigned char *out,
+#			size_t length, const CAMELLIA_KEY *key,
+#			unsigned char *ivp,const int enc);
+{
+# stack frame layout
+#             -4(%esp)		# return address	 0(%esp)
+#              0(%esp)		# s0			 4(%esp)
+#              4(%esp)		# s1			 8(%esp)
+#              8(%esp)		# s2			12(%esp)
+#             12(%esp)		# s3			16(%esp)
+#             16(%esp)		# end of key schedule	20(%esp)
+#             20(%esp)		# %esp backup
+my $_inp=&DWP(24,"esp");	#copy of wparam(0)
+my $_out=&DWP(28,"esp");	#copy of wparam(1)
+my $_len=&DWP(32,"esp");	#copy of wparam(2)
+my $_key=&DWP(36,"esp");	#copy of wparam(3)
+my $_ivp=&DWP(40,"esp");	#copy of wparam(4)
+my $ivec=&DWP(44,"esp");	#ivec[16]
+my $_tmp=&DWP(44,"esp");	#volatile variable [yes, aliases with ivec]
+my ($s0,$s1,$s2,$s3) = @T;
+
+&function_begin("Camellia_cbc_encrypt");
+	&mov	($s2 eq "ecx"? $s2 : "",&wparam(2));	# load len
+	&cmp	($s2,0);
+	&je	(&label("enc_out"));
+
+	&pushf	();
+	&cld	();
+
+	&mov	($s0,&wparam(0));	# load inp
+	&mov	($s1,&wparam(1));	# load out
+	#&mov	($s2,&wparam(2));	# load len
+	&mov	($s3,&wparam(3));	# load key
+	&mov	($Tbl,&wparam(4));	# load ivp
+
+	# allocate aligned stack frame...
+	&lea	($idx,&DWP(-64,"esp"));
+	&and	($idx,-64);
+
+	# place stack frame just "above mod 1024" the key schedule
+	# this ensures that cache associativity of 2 suffices
+	&lea	($key,&DWP(-64-63,$s3));
+	&sub	($key,$idx);
+	&neg	($key);
+	&and	($key,0x3C0);	# modulo 1024, but aligned to cache-line
+	&sub	($idx,$key);
+
+	&mov	($key,&wparam(5));	# load enc
+
+	&exch	("esp",$idx);
+	&add	("esp",4);		# reserve for return address!
+	&mov	($_esp,$idx);		# save %esp
+
+	&mov	($_inp,$s0);		# save copy of inp
+	&mov	($_out,$s1);		# save copy of out
+	&mov	($_len,$s2);		# save copy of len
+	&mov	($_key,$s3);		# save copy of key
+	&mov	($_ivp,$Tbl);		# save copy of ivp
+
+	&call   (&label("pic_point"));	# make it PIC!
+	&set_label("pic_point");
+	&blindpop($Tbl);
+	&lea    ($Tbl,&DWP(&label("Camellia_SBOX")."-".&label("pic_point"),$Tbl));
+
+	&mov	($idx,32);
+	&set_label("prefetch_sbox",4);
+		&mov	($s0,&DWP(0,$Tbl));
+		&mov	($s1,&DWP(32,$Tbl));
+		&mov	($s2,&DWP(64,$Tbl));
+		&mov	($s3,&DWP(96,$Tbl));
+		&lea	($Tbl,&DWP(128,$Tbl));
+		&dec	($idx);
+	&jnz	(&label("prefetch_sbox"));
+	&mov	($s0,$_key);
+	&sub	($Tbl,4096);
+	&mov	($idx,$_inp);
+	&mov	($s3,&DWP(272,$s0));		# load grandRounds
+
+	&cmp	($key,0);
+	&je	(&label("DECRYPT"));
+
+	&mov	($s2,$_len);
+	&mov	($key,$_ivp);
+	&shl	($s3,6);
+	&lea	($s3,&DWP(0,$s0,$s3));
+	&mov	($_end,$s3);
+
+	&test	($s2,0xFFFFFFF0);
+	&jz	(&label("enc_tail"));		# short input...
+
+	&mov	($s0,&DWP(0,$key));		# load iv
+	&mov	($s1,&DWP(4,$key));
+
+	&set_label("enc_loop",4);
+		&mov	($s2,&DWP(8,$key));
+		&mov	($s3,&DWP(12,$key));
+
+		&xor	($s0,&DWP(0,$idx));	# xor input data
+		&xor	($s1,&DWP(4,$idx));
+		&xor	($s2,&DWP(8,$idx));
+		&bswap	($s0);
+		&xor	($s3,&DWP(12,$idx));
+		&bswap	($s1);
+		&mov	($key,$_key);		# load key
+		&bswap	($s2);
+		&bswap	($s3);
+
+		&call	("_x86_Camellia_encrypt");
+
+		&mov	($idx,$_inp);		# load inp
+		&mov	($key,$_out);		# load out
+
+		&bswap	($s0);
+		&bswap	($s1);
+		&bswap	($s2);
+		&mov	(&DWP(0,$key),$s0);	# save output data
+		&bswap	($s3);
+		&mov	(&DWP(4,$key),$s1);
+		&mov	(&DWP(8,$key),$s2);
+		&mov	(&DWP(12,$key),$s3);
+
+		&mov	($s2,$_len);		# load len
+
+		&lea	($idx,&DWP(16,$idx));
+		&mov	($_inp,$idx);		# save inp
+
+		&lea	($s3,&DWP(16,$key));
+		&mov	($_out,$s3);		# save out
+
+		&sub	($s2,16);
+		&test	($s2,0xFFFFFFF0);
+		&mov	($_len,$s2);		# save len
+	&jnz	(&label("enc_loop"));
+	&test	($s2,15);
+	&jnz	(&label("enc_tail"));
+	&mov	($idx,$_ivp);		# load ivp
+	&mov	($s2,&DWP(8,$key));	# restore last dwords
+	&mov	($s3,&DWP(12,$key));
+	&mov	(&DWP(0,$idx),$s0);	# save ivec
+	&mov	(&DWP(4,$idx),$s1);
+	&mov	(&DWP(8,$idx),$s2);
+	&mov	(&DWP(12,$idx),$s3);
+
+	&mov	("esp",$_esp);
+	&popf	();
+    &set_label("enc_out");
+	&function_end_A();
+	&pushf	();			# kludge, never executed
+
+    &set_label("enc_tail",4);
+	&mov	($s0,$key eq "edi" ? $key : "");
+	&mov	($key,$_out);			# load out
+	&push	($s0);				# push ivp
+	&mov	($s1,16);
+	&sub	($s1,$s2);
+	&cmp	($key,$idx);			# compare with inp
+	&je	(&label("enc_in_place"));
+	&align	(4);
+	&data_word(0xA4F3F689);	# rep movsb	# copy input
+	&jmp	(&label("enc_skip_in_place"));
+    &set_label("enc_in_place");
+	&lea	($key,&DWP(0,$key,$s2));
+    &set_label("enc_skip_in_place");
+	&mov	($s2,$s1);
+	&xor	($s0,$s0);
+	&align	(4);
+	&data_word(0xAAF3F689);	# rep stosb	# zero tail
+	&pop	($key);				# pop ivp
+
+	&mov	($idx,$_out);			# output as input
+	&mov	($s0,&DWP(0,$key));
+	&mov	($s1,&DWP(4,$key));
+	&mov	($_len,16);			# len=16
+	&jmp	(&label("enc_loop"));		# one more spin...
+
+#----------------------------- DECRYPT -----------------------------#
+&set_label("DECRYPT",16);
+	&shl	($s3,6);
+	&lea	($s3,&DWP(0,$s0,$s3));
+	&mov	($_end,$s0);
+	&mov	($_key,$s3);
+
+	&cmp	($idx,$_out);
+	&je	(&label("dec_in_place"));	# in-place processing...
+
+	&mov	($key,$_ivp);			# load ivp
+	&mov	($_tmp,$key);
+
+	&set_label("dec_loop",4);
+		&mov	($s0,&DWP(0,$idx));	# read input
+		&mov	($s1,&DWP(4,$idx));
+		&mov	($s2,&DWP(8,$idx));
+		&bswap	($s0);
+		&mov	($s3,&DWP(12,$idx));
+		&bswap	($s1);
+		&mov	($key,$_key);		# load key
+		&bswap	($s2);
+		&bswap	($s3);
+
+		&call	("_x86_Camellia_decrypt");
+
+		&mov	($key,$_tmp);		# load ivp
+		&mov	($idx,$_len);		# load len
+
+		&bswap	($s0);
+		&bswap	($s1);
+		&bswap	($s2);
+		&xor	($s0,&DWP(0,$key));	# xor iv
+		&bswap	($s3);
+		&xor	($s1,&DWP(4,$key));
+		&xor	($s2,&DWP(8,$key));
+		&xor	($s3,&DWP(12,$key));
+
+		&sub	($idx,16);
+		&jc	(&label("dec_partial"));
+		&mov	($_len,$idx);		# save len
+		&mov	($idx,$_inp);		# load inp
+		&mov	($key,$_out);		# load out
+
+		&mov	(&DWP(0,$key),$s0);	# write output
+		&mov	(&DWP(4,$key),$s1);
+		&mov	(&DWP(8,$key),$s2);
+		&mov	(&DWP(12,$key),$s3);
+
+		&mov	($_tmp,$idx);		# save ivp
+		&lea	($idx,&DWP(16,$idx));
+		&mov	($_inp,$idx);		# save inp
+
+		&lea	($key,&DWP(16,$key));
+		&mov	($_out,$key);		# save out
+
+	&jnz	(&label("dec_loop"));
+	&mov	($key,$_tmp);		# load temp ivp
+    &set_label("dec_end");
+	&mov	($idx,$_ivp);		# load user ivp
+	&mov	($s0,&DWP(0,$key));	# load iv
+	&mov	($s1,&DWP(4,$key));
+	&mov	($s2,&DWP(8,$key));
+	&mov	($s3,&DWP(12,$key));
+	&mov	(&DWP(0,$idx),$s0);	# copy back to user
+	&mov	(&DWP(4,$idx),$s1);
+	&mov	(&DWP(8,$idx),$s2);
+	&mov	(&DWP(12,$idx),$s3);
+	&jmp	(&label("dec_out"));
+
+    &set_label("dec_partial",4);
+	&lea	($key,$ivec);
+	&mov	(&DWP(0,$key),$s0);	# dump output to stack
+	&mov	(&DWP(4,$key),$s1);
+	&mov	(&DWP(8,$key),$s2);
+	&mov	(&DWP(12,$key),$s3);
+	&lea	($s2 eq "ecx" ? $s2 : "",&DWP(16,$idx));
+	&mov	($idx eq "esi" ? $idx : "",$key);
+	&mov	($key eq "edi" ? $key : "",$_out);	# load out
+	&data_word(0xA4F3F689);	# rep movsb		# copy output
+	&mov	($key,$_inp);				# use inp as temp ivp
+	&jmp	(&label("dec_end"));
+
+    &set_label("dec_in_place",4);
+	&set_label("dec_in_place_loop");
+		&lea	($key,$ivec);
+		&mov	($s0,&DWP(0,$idx));	# read input
+		&mov	($s1,&DWP(4,$idx));
+		&mov	($s2,&DWP(8,$idx));
+		&mov	($s3,&DWP(12,$idx));
+
+		&mov	(&DWP(0,$key),$s0);	# copy to temp
+		&mov	(&DWP(4,$key),$s1);
+		&mov	(&DWP(8,$key),$s2);
+		&bswap	($s0);
+		&mov	(&DWP(12,$key),$s3);
+		&bswap	($s1);
+		&mov	($key,$_key);		# load key
+		&bswap	($s2);
+		&bswap	($s3);
+
+		&call	("_x86_Camellia_decrypt");
+
+		&mov	($key,$_ivp);		# load ivp
+		&mov	($idx,$_out);		# load out
+
+		&bswap	($s0);
+		&bswap	($s1);
+		&bswap	($s2);
+		&xor	($s0,&DWP(0,$key));	# xor iv
+		&bswap	($s3);
+		&xor	($s1,&DWP(4,$key));
+		&xor	($s2,&DWP(8,$key));
+		&xor	($s3,&DWP(12,$key));
+
+		&mov	(&DWP(0,$idx),$s0);	# write output
+		&mov	(&DWP(4,$idx),$s1);
+		&mov	(&DWP(8,$idx),$s2);
+		&mov	(&DWP(12,$idx),$s3);
+
+		&lea	($idx,&DWP(16,$idx));
+		&mov	($_out,$idx);		# save out
+
+		&lea	($idx,$ivec);
+		&mov	($s0,&DWP(0,$idx));	# read temp
+		&mov	($s1,&DWP(4,$idx));
+		&mov	($s2,&DWP(8,$idx));
+		&mov	($s3,&DWP(12,$idx));
+
+		&mov	(&DWP(0,$key),$s0);	# copy iv
+		&mov	(&DWP(4,$key),$s1);
+		&mov	(&DWP(8,$key),$s2);
+		&mov	(&DWP(12,$key),$s3);
+
+		&mov	($idx,$_inp);		# load inp
+
+		&lea	($idx,&DWP(16,$idx));
+		&mov	($_inp,$idx);		# save inp
+
+		&mov	($s2,$_len);		# load len
+		&sub	($s2,16);
+		&jc	(&label("dec_in_place_partial"));
+		&mov	($_len,$s2);		# save len
+	&jnz	(&label("dec_in_place_loop"));
+	&jmp	(&label("dec_out"));
+
+    &set_label("dec_in_place_partial",4);
+	# one can argue if this is actually required...
+	&mov	($key eq "edi" ? $key : "",$_out);
+	&lea	($idx eq "esi" ? $idx : "",$ivec);
+	&lea	($key,&DWP(0,$key,$s2));
+	&lea	($idx,&DWP(16,$idx,$s2));
+	&neg	($s2 eq "ecx" ? $s2 : "");
+	&data_word(0xA4F3F689);	# rep movsb	# restore tail
+
+    &set_label("dec_out",4);
+    &mov	("esp",$_esp);
+    &popf	();
+&function_end("Camellia_cbc_encrypt");
+}
+
+&asciz("Camellia for x86 by <appro\@openssl.org>");
+
+&asm_finish();
diff --git a/crypto/camellia/asm/cmll-x86_64.pl b/crypto/camellia/asm/cmll-x86_64.pl
new file mode 100644
index 0000000000..76955e4726
--- /dev/null
+++ b/crypto/camellia/asm/cmll-x86_64.pl
@@ -0,0 +1,1080 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Copyright (c) 2008 Andy Polyakov <appro@openssl.org>
+#
+# This module may be used under the terms of either the GNU General
+# Public License version 2 or later, the GNU Lesser General Public
+# License version 2.1 or later, the Mozilla Public License version
+# 1.1 or the BSD License. The exact terms of either license are
+# distributed along with this module. For further details see
+# http://www.openssl.org/~appro/camellia/.
+# ====================================================================
+
+# Performance in cycles per processed byte (less is better) in
+# 'openssl speed ...' benchmark:
+#
+#			AMD64	Core2	EM64T
+# -evp camellia-128-ecb	16.7	21.0	22.7
+# + over gcc 3.4.6	+25%	+5%	0%
+#
+# camellia-128-cbc	15.7	20.4	21.1
+#
+# 128-bit key setup	128	216	205	cycles/key
+# + over gcc 3.4.6	+54%	+39%	+15%
+#
+# Numbers in "+" rows represent performance improvement over compiler
+# generated code. Key setup timings are impressive on AMD and Core2
+# thanks to 64-bit operations being covertly deployed. Improvement on
+# EM64T, pre-Core2 Intel x86_64 CPU, is not as impressive, because it
+# apparently emulates some of 64-bit operations in [32-bit] microcode.
+
+$flavour = shift;
+$output  = shift;
+if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
+
+$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
+die "can't locate x86_64-xlate.pl";
+
+open STDOUT,"| $^X $xlate $flavour $output";
+
+sub hi() { my $r=shift; $r =~ s/%[er]([a-d])x/%\1h/;    $r; }
+sub lo() { my $r=shift; $r =~ s/%[er]([a-d])x/%\1l/;
+                        $r =~ s/%[er]([sd]i)/%\1l/;
+                        $r =~ s/%(r[0-9]+)[d]?/%\1b/;   $r; }
+
+$t0="%eax";$t1="%ebx";$t2="%ecx";$t3="%edx";
+@S=("%r8d","%r9d","%r10d","%r11d");
+$i0="%esi";
+$i1="%edi";
+$Tbl="%rbp";	# size optimization
+$inp="%r12";
+$out="%r13";
+$key="%r14";
+$keyend="%r15";
+$arg0d=$win64?"%ecx":"%edi";
+
+# const unsigned int Camellia_SBOX[4][256];
+# Well, sort of... Camellia_SBOX[0][] is interleaved with [1][],
+# and [2][] - with [3][]. This is done to minimize code size.
+$SBOX1_1110=0;		# Camellia_SBOX[0]
+$SBOX4_4404=4;		# Camellia_SBOX[1]
+$SBOX2_0222=2048;	# Camellia_SBOX[2]
+$SBOX3_3033=2052;	# Camellia_SBOX[3]
+
+sub Camellia_Feistel {
+my $i=@_[0];
+my $seed=defined(@_[1])?@_[1]:0;
+my $scale=$seed<0?-8:8;
+my $j=($i&1)*2;
+my $s0=@S[($j)%4],$s1=@S[($j+1)%4],$s2=@S[($j+2)%4],$s3=@S[($j+3)%4];
+
+$code.=<<___;
+	xor	$s0,$t0				# t0^=key[0]
+	xor	$s1,$t1				# t1^=key[1]
+	movz	`&hi("$t0")`,$i0		# (t0>>8)&0xff
+	movz	`&lo("$t1")`,$i1		# (t1>>0)&0xff
+	mov	$SBOX3_3033($Tbl,$i0,8),$t3	# t3=SBOX3_3033[0]
+	mov	$SBOX1_1110($Tbl,$i1,8),$t2	# t2=SBOX1_1110[1]
+	movz	`&lo("$t0")`,$i0		# (t0>>0)&0xff
+	shr	\$16,$t0
+	movz	`&hi("$t1")`,$i1		# (t1>>8)&0xff
+	xor	$SBOX4_4404($Tbl,$i0,8),$t3	# t3^=SBOX4_4404[0]
+	shr	\$16,$t1
+	xor	$SBOX4_4404($Tbl,$i1,8),$t2	# t2^=SBOX4_4404[1]
+	movz	`&hi("$t0")`,$i0		# (t0>>24)&0xff
+	movz	`&lo("$t1")`,$i1		# (t1>>16)&0xff
+	xor	$SBOX1_1110($Tbl,$i0,8),$t3	# t3^=SBOX1_1110[0]
+	xor	$SBOX3_3033($Tbl,$i1,8),$t2	# t2^=SBOX3_3033[1]
+	movz	`&lo("$t0")`,$i0		# (t0>>16)&0xff
+	movz	`&hi("$t1")`,$i1		# (t1>>24)&0xff
+	xor	$SBOX2_0222($Tbl,$i0,8),$t3	# t3^=SBOX2_0222[0]
+	xor	$SBOX2_0222($Tbl,$i1,8),$t2	# t2^=SBOX2_0222[1]
+	mov	`$seed+($i+1)*$scale`($key),$t1	# prefetch key[i+1]
+	mov	`$seed+($i+1)*$scale+4`($key),$t0
+	xor	$t3,$t2				# t2^=t3
+	ror	\$8,$t3				# t3=RightRotate(t3,8)
+	xor	$t2,$s2
+	xor	$t2,$s3
+	xor	$t3,$s3
+___
+}
+
+# void Camellia_EncryptBlock_Rounds(
+#		int grandRounds,
+#		const Byte plaintext[],
+#		const KEY_TABLE_TYPE keyTable,
+#		Byte ciphertext[])
+$code=<<___;
+.text
+
+# V1.x API
+.globl	Camellia_EncryptBlock
+.type	Camellia_EncryptBlock,\@abi-omnipotent
+.align	16
+Camellia_EncryptBlock:
+	movl	\$128,%eax
+	subl	$arg0d,%eax
+	movl	\$3,$arg0d
+	adcl	\$0,$arg0d	# keyBitLength==128?3:4
+	jmp	.Lenc_rounds
+.size	Camellia_EncryptBlock,.-Camellia_EncryptBlock
+# V2
+.globl	Camellia_EncryptBlock_Rounds
+.type	Camellia_EncryptBlock_Rounds,\@function,4
+.align	16
+.Lenc_rounds:
+Camellia_EncryptBlock_Rounds:
+	push	%rbx
+	push	%rbp
+	push	%r13
+	push	%r14
+	push	%r15
+.Lenc_prologue:
+
+	#mov	%rsi,$inp		# put away arguments
+	mov	%rcx,$out
+	mov	%rdx,$key
+
+	shl	\$6,%edi		# process grandRounds
+	lea	.LCamellia_SBOX(%rip),$Tbl
+	lea	($key,%rdi),$keyend
+
+	mov	0(%rsi),@S[0]		# load plaintext
+	mov	4(%rsi),@S[1]
+	mov	8(%rsi),@S[2]
+	bswap	@S[0]
+	mov	12(%rsi),@S[3]
+	bswap	@S[1]
+	bswap	@S[2]
+	bswap	@S[3]
+
+	call	_x86_64_Camellia_encrypt
+
+	bswap	@S[0]
+	bswap	@S[1]
+	bswap	@S[2]
+	mov	@S[0],0($out)
+	bswap	@S[3]
+	mov	@S[1],4($out)
+	mov	@S[2],8($out)
+	mov	@S[3],12($out)
+
+	mov	0(%rsp),%r15
+	mov	8(%rsp),%r14
+	mov	16(%rsp),%r13
+	mov	24(%rsp),%rbp
+	mov	32(%rsp),%rbx
+	lea	40(%rsp),%rsp
+.Lenc_epilogue:
+	ret
+.size	Camellia_EncryptBlock_Rounds,.-Camellia_EncryptBlock_Rounds
+
+.type	_x86_64_Camellia_encrypt,\@abi-omnipotent
+.align	16
+_x86_64_Camellia_encrypt:
+	xor	0($key),@S[1]
+	xor	4($key),@S[0]		# ^=key[0-3]
+	xor	8($key),@S[3]
+	xor	12($key),@S[2]
+.align	16
+.Leloop:
+	mov	16($key),$t1		# prefetch key[4-5]
+	mov	20($key),$t0
+
+___
+	for ($i=0;$i<6;$i++) { Camellia_Feistel($i,16); }
+$code.=<<___;
+	lea	16*4($key),$key
+	cmp	$keyend,$key
+	mov	8($key),$t3		# prefetch key[2-3]
+	mov	12($key),$t2
+	je	.Ledone
+
+	and	@S[0],$t0
+	or	@S[3],$t3
+	rol	\$1,$t0
+	xor	$t3,@S[2]		# s2^=s3|key[3];
+	xor	$t0,@S[1]		# s1^=LeftRotate(s0&key[0],1);
+	and	@S[2],$t2
+	or	@S[1],$t1
+	rol	\$1,$t2
+	xor	$t1,@S[0]		# s0^=s1|key[1];
+	xor	$t2,@S[3]		# s3^=LeftRotate(s2&key[2],1);
+	jmp	.Leloop
+
+.align	16
+.Ledone:
+	xor	@S[2],$t0		# SwapHalf
+	xor	@S[3],$t1
+	xor	@S[0],$t2
+	xor	@S[1],$t3
+
+	mov	$t0,@S[0]
+	mov	$t1,@S[1]
+	mov	$t2,@S[2]
+	mov	$t3,@S[3]
+
+	.byte	0xf3,0xc3		# rep ret
+.size	_x86_64_Camellia_encrypt,.-_x86_64_Camellia_encrypt
+
+# V1.x API
+.globl	Camellia_DecryptBlock
+.type	Camellia_DecryptBlock,\@abi-omnipotent
+.align	16
+Camellia_DecryptBlock:
+	movl	\$128,%eax
+	subl	$arg0d,%eax
+	movl	\$3,$arg0d
+	adcl	\$0,$arg0d	# keyBitLength==128?3:4
+	jmp	.Ldec_rounds
+.size	Camellia_DecryptBlock,.-Camellia_DecryptBlock
+# V2
+.globl	Camellia_DecryptBlock_Rounds
+.type	Camellia_DecryptBlock_Rounds,\@function,4
+.align	16
+.Ldec_rounds:
+Camellia_DecryptBlock_Rounds:
+	push	%rbx
+	push	%rbp
+	push	%r13
+	push	%r14
+	push	%r15
+.Ldec_prologue:
+
+	#mov	%rsi,$inp		# put away arguments
+	mov	%rcx,$out
+	mov	%rdx,$keyend
+
+	shl	\$6,%edi		# process grandRounds
+	lea	.LCamellia_SBOX(%rip),$Tbl
+	lea	($keyend,%rdi),$key
+
+	mov	0(%rsi),@S[0]		# load plaintext
+	mov	4(%rsi),@S[1]
+	mov	8(%rsi),@S[2]
+	bswap	@S[0]
+	mov	12(%rsi),@S[3]
+	bswap	@S[1]
+	bswap	@S[2]
+	bswap	@S[3]
+
+	call	_x86_64_Camellia_decrypt
+
+	bswap	@S[0]
+	bswap	@S[1]
+	bswap	@S[2]
+	mov	@S[0],0($out)
+	bswap	@S[3]
+	mov	@S[1],4($out)
+	mov	@S[2],8($out)
+	mov	@S[3],12($out)
+
+	mov	0(%rsp),%r15
+	mov	8(%rsp),%r14
+	mov	16(%rsp),%r13
+	mov	24(%rsp),%rbp
+	mov	32(%rsp),%rbx
+	lea	40(%rsp),%rsp
+.Ldec_epilogue:
+	ret
+.size	Camellia_DecryptBlock_Rounds,.-Camellia_DecryptBlock_Rounds
+
+.type	_x86_64_Camellia_decrypt,\@abi-omnipotent
+.align	16
+_x86_64_Camellia_decrypt:
+	xor	0($key),@S[1]
+	xor	4($key),@S[0]		# ^=key[0-3]
+	xor	8($key),@S[3]
+	xor	12($key),@S[2]
+.align	16
+.Ldloop:
+	mov	-8($key),$t1		# prefetch key[4-5]
+	mov	-4($key),$t0
+
+___
+	for ($i=0;$i<6;$i++) { Camellia_Feistel($i,-8); }
+$code.=<<___;
+	lea	-16*4($key),$key
+	cmp	$keyend,$key
+	mov	0($key),$t3		# prefetch key[2-3]
+	mov	4($key),$t2
+	je	.Lddone
+
+	and	@S[0],$t0
+	or	@S[3],$t3
+	rol	\$1,$t0
+	xor	$t3,@S[2]		# s2^=s3|key[3];
+	xor	$t0,@S[1]		# s1^=LeftRotate(s0&key[0],1);
+	and	@S[2],$t2
+	or	@S[1],$t1
+	rol	\$1,$t2
+	xor	$t1,@S[0]		# s0^=s1|key[1];
+	xor	$t2,@S[3]		# s3^=LeftRotate(s2&key[2],1);
+
+	jmp	.Ldloop
+
+.align	16
+.Lddone:
+	xor	@S[2],$t2
+	xor	@S[3],$t3
+	xor	@S[0],$t0
+	xor	@S[1],$t1
+
+	mov	$t2,@S[0]		# SwapHalf
+	mov	$t3,@S[1]
+	mov	$t0,@S[2]
+	mov	$t1,@S[3]
+
+	.byte	0xf3,0xc3		# rep ret
+.size	_x86_64_Camellia_decrypt,.-_x86_64_Camellia_decrypt
+___
+
+sub _saveround {
+my ($rnd,$key,@T)=@_;
+my $bias=int(@T[0])?shift(@T):0;
+
+    if ($#T==3) {
+	$code.=<<___;
+	mov	@T[1],`$bias+$rnd*8+0`($key)
+	mov	@T[0],`$bias+$rnd*8+4`($key)
+	mov	@T[3],`$bias+$rnd*8+8`($key)
+	mov	@T[2],`$bias+$rnd*8+12`($key)
+___
+    } else {
+	$code.="	mov	@T[0],`$bias+$rnd*8+0`($key)\n";
+	$code.="	mov	@T[1],`$bias+$rnd*8+8`($key)\n"	if ($#T>=1);
+    }
+}
+
+sub _loadround {
+my ($rnd,$key,@T)=@_;
+my $bias=int(@T[0])?shift(@T):0;
+
+$code.="	mov	`$bias+$rnd*8+0`($key),@T[0]\n";
+$code.="	mov	`$bias+$rnd*8+8`($key),@T[1]\n"	if ($#T>=1);
+}
+
+# shld is very slow on Intel EM64T family. Even on AMD it limits
+# instruction decode rate [because it's VectorPath] and consequently
+# performance...
+sub __rotl128 {
+my ($i0,$i1,$rot)=@_;
+
+    if ($rot) {
+	$code.=<<___;
+	mov	$i0,%r11
+	shld	\$$rot,$i1,$i0
+	shld	\$$rot,%r11,$i1
+___
+    }
+}
+
+# ... Implementing 128-bit rotate without shld gives 80% better
+# performance EM64T, +15% on AMD64 and only ~7% degradation on
+# Core2. This is therefore preferred.
+sub _rotl128 {
+my ($i0,$i1,$rot)=@_;
+
+    if ($rot) {
+	$code.=<<___;
+	mov	$i0,%r11
+	shl	\$$rot,$i0
+	mov	$i1,%r9
+	shr	\$`64-$rot`,%r9
+	shr	\$`64-$rot`,%r11
+	or	%r9,$i0
+	shl	\$$rot,$i1
+	or	%r11,$i1
+___
+    }
+}
+
+{ my $step=0;
+
+$code.=<<___;
+.globl	Camellia_Ekeygen
+.type	Camellia_Ekeygen,\@function,3
+.align	16
+Camellia_Ekeygen:
+	push	%rbx
+	push	%rbp
+	push	%r13
+	push	%r14
+	push	%r15
+.Lkey_prologue:
+
+	mov	%rdi,$keyend		# put away arguments, keyBitLength
+	mov	%rdx,$out		# keyTable
+
+	mov	0(%rsi),@S[0]		# load 0-127 bits
+	mov	4(%rsi),@S[1]
+	mov	8(%rsi),@S[2]
+	mov	12(%rsi),@S[3]
+
+	bswap	@S[0]
+	bswap	@S[1]
+	bswap	@S[2]
+	bswap	@S[3]
+___
+	&_saveround	(0,$out,@S);	# KL<<<0
+$code.=<<___;
+	cmp	\$128,$keyend		# check keyBitLength
+	je	.L1st128
+
+	mov	16(%rsi),@S[0]		# load 128-191 bits
+	mov	20(%rsi),@S[1]
+	cmp	\$192,$keyend
+	je	.L1st192
+	mov	24(%rsi),@S[2]		# load 192-255 bits
+	mov	28(%rsi),@S[3]
+	jmp	.L1st256
+.L1st192:
+	mov	@S[0],@S[2]
+	mov	@S[1],@S[3]
+	not	@S[2]
+	not	@S[3]
+.L1st256:
+	bswap	@S[0]
+	bswap	@S[1]
+	bswap	@S[2]
+	bswap	@S[3]
+___
+	&_saveround	(4,$out,@S);	# temp storage for KR!
+$code.=<<___;
+	xor	0($out),@S[1]		# KR^KL
+	xor	4($out),@S[0]
+	xor	8($out),@S[3]
+	xor	12($out),@S[2]
+
+.L1st128:
+	lea	.LCamellia_SIGMA(%rip),$key
+	lea	.LCamellia_SBOX(%rip),$Tbl
+
+	mov	0($key),$t1
+	mov	4($key),$t0
+___
+	&Camellia_Feistel($step++);
+	&Camellia_Feistel($step++);
+$code.=<<___;
+	xor	0($out),@S[1]		# ^KL
+	xor	4($out),@S[0]
+	xor	8($out),@S[3]
+	xor	12($out),@S[2]
+___
+	&Camellia_Feistel($step++);
+	&Camellia_Feistel($step++);
+$code.=<<___;
+	cmp	\$128,$keyend
+	jne	.L2nd256
+
+	lea	128($out),$out		# size optimization
+	shl	\$32,%r8		# @S[0]||
+	shl	\$32,%r10		# @S[2]||
+	or	%r9,%r8			# ||@S[1]
+	or	%r11,%r10		# ||@S[3]
+___
+	&_loadround	(0,$out,-128,"%rax","%rbx");	# KL
+	&_saveround	(2,$out,-128,"%r8","%r10");	# KA<<<0
+	&_rotl128	("%rax","%rbx",15);
+	&_saveround	(4,$out,-128,"%rax","%rbx");	# KL<<<15
+	&_rotl128	("%r8","%r10",15);
+	&_saveround	(6,$out,-128,"%r8","%r10");	# KA<<<15
+	&_rotl128	("%r8","%r10",15);		# 15+15=30
+	&_saveround	(8,$out,-128,"%r8","%r10");	# KA<<<30
+	&_rotl128	("%rax","%rbx",30);		# 15+30=45
+	&_saveround	(10,$out,-128,"%rax","%rbx");	# KL<<<45
+	&_rotl128	("%r8","%r10",15);		# 30+15=45
+	&_saveround	(12,$out,-128,"%r8");		# KA<<<45
+	&_rotl128	("%rax","%rbx",15);		# 45+15=60
+	&_saveround	(13,$out,-128,"%rbx");		# KL<<<60
+	&_rotl128	("%r8","%r10",15);		# 45+15=60
+	&_saveround	(14,$out,-128,"%r8","%r10");	# KA<<<60
+	&_rotl128	("%rax","%rbx",17);		# 60+17=77
+	&_saveround	(16,$out,-128,"%rax","%rbx");	# KL<<<77
+	&_rotl128	("%rax","%rbx",17);		# 77+17=94
+	&_saveround	(18,$out,-128,"%rax","%rbx");	# KL<<<94
+	&_rotl128	("%r8","%r10",34);		# 60+34=94
+	&_saveround	(20,$out,-128,"%r8","%r10");	# KA<<<94
+	&_rotl128	("%rax","%rbx",17);		# 94+17=111
+	&_saveround	(22,$out,-128,"%rax","%rbx");	# KL<<<111
+	&_rotl128	("%r8","%r10",17);		# 94+17=111
+	&_saveround	(24,$out,-128,"%r8","%r10");	# KA<<<111
+$code.=<<___;
+	mov	\$3,%eax
+	jmp	.Ldone
+.align	16
+.L2nd256:
+___
+	&_saveround	(6,$out,@S);	# temp storage for KA!
+$code.=<<___;
+	xor	`4*8+0`($out),@S[1]	# KA^KR
+	xor	`4*8+4`($out),@S[0]
+	xor	`5*8+0`($out),@S[3]
+	xor	`5*8+4`($out),@S[2]
+___
+	&Camellia_Feistel($step++);
+	&Camellia_Feistel($step++);
+
+	&_loadround	(0,$out,"%rax","%rbx");	# KL
+	&_loadround	(4,$out,"%rcx","%rdx");	# KR
+	&_loadround	(6,$out,"%r14","%r15");	# KA
+$code.=<<___;
+	lea	128($out),$out		# size optimization
+	shl	\$32,%r8		# @S[0]||
+	shl	\$32,%r10		# @S[2]||
+	or	%r9,%r8			# ||@S[1]
+	or	%r11,%r10		# ||@S[3]
+___
+	&_saveround	(2,$out,-128,"%r8","%r10");	# KB<<<0
+	&_rotl128	("%rcx","%rdx",15);
+	&_saveround	(4,$out,-128,"%rcx","%rdx");	# KR<<<15
+	&_rotl128	("%r14","%r15",15);
+	&_saveround	(6,$out,-128,"%r14","%r15");	# KA<<<15
+	&_rotl128	("%rcx","%rdx",15);		# 15+15=30
+	&_saveround	(8,$out,-128,"%rcx","%rdx");	# KR<<<30
+	&_rotl128	("%r8","%r10",30);
+	&_saveround	(10,$out,-128,"%r8","%r10");	# KB<<<30
+	&_rotl128	("%rax","%rbx",45);
+	&_saveround	(12,$out,-128,"%rax","%rbx");	# KL<<<45
+	&_rotl128	("%r14","%r15",30);		# 15+30=45
+	&_saveround	(14,$out,-128,"%r14","%r15");	# KA<<<45
+	&_rotl128	("%rax","%rbx",15);		# 45+15=60
+	&_saveround	(16,$out,-128,"%rax","%rbx");	# KL<<<60
+	&_rotl128	("%rcx","%rdx",30);		# 30+30=60
+	&_saveround	(18,$out,-128,"%rcx","%rdx");	# KR<<<60
+	&_rotl128	("%r8","%r10",30);		# 30+30=60
+	&_saveround	(20,$out,-128,"%r8","%r10");	# KB<<<60
+	&_rotl128	("%rax","%rbx",17);		# 60+17=77
+	&_saveround	(22,$out,-128,"%rax","%rbx");	# KL<<<77
+	&_rotl128	("%r14","%r15",32);		# 45+32=77
+	&_saveround	(24,$out,-128,"%r14","%r15");	# KA<<<77
+	&_rotl128	("%rcx","%rdx",34);		# 60+34=94
+	&_saveround	(26,$out,-128,"%rcx","%rdx");	# KR<<<94
+	&_rotl128	("%r14","%r15",17);		# 77+17=94
+	&_saveround	(28,$out,-128,"%r14","%r15");	# KA<<<77
+	&_rotl128	("%rax","%rbx",34);		# 77+34=111
+	&_saveround	(30,$out,-128,"%rax","%rbx");	# KL<<<111
+	&_rotl128	("%r8","%r10",51);		# 60+51=111
+	&_saveround	(32,$out,-128,"%r8","%r10");	# KB<<<111
+$code.=<<___;
+	mov	\$4,%eax
+.Ldone:
+	mov	0(%rsp),%r15
+	mov	8(%rsp),%r14
+	mov	16(%rsp),%r13
+	mov	24(%rsp),%rbp
+	mov	32(%rsp),%rbx
+	lea	40(%rsp),%rsp
+.Lkey_epilogue:
+	ret
+.size	Camellia_Ekeygen,.-Camellia_Ekeygen
+___
+}
+
+@SBOX=(
+112,130, 44,236,179, 39,192,229,228,133, 87, 53,234, 12,174, 65,
+ 35,239,107,147, 69, 25,165, 33,237, 14, 79, 78, 29,101,146,189,
+134,184,175,143,124,235, 31,206, 62, 48,220, 95, 94,197, 11, 26,
+166,225, 57,202,213, 71, 93, 61,217,  1, 90,214, 81, 86,108, 77,
+139, 13,154,102,251,204,176, 45,116, 18, 43, 32,240,177,132,153,
+223, 76,203,194, 52,126,118,  5,109,183,169, 49,209, 23,  4,215,
+ 20, 88, 58, 97,222, 27, 17, 28, 50, 15,156, 22, 83, 24,242, 34,
+254, 68,207,178,195,181,122,145, 36,  8,232,168, 96,252,105, 80,
+170,208,160,125,161,137, 98,151, 84, 91, 30,149,224,255,100,210,
+ 16,196,  0, 72,163,247,117,219,138,  3,230,218,  9, 63,221,148,
+135, 92,131,  2,205, 74,144, 51,115,103,246,243,157,127,191,226,
+ 82,155,216, 38,200, 55,198, 59,129,150,111, 75, 19,190, 99, 46,
+233,121,167,140,159,110,188,142, 41,245,249,182, 47,253,180, 89,
+120,152,  6,106,231, 70,113,186,212, 37,171, 66,136,162,141,250,
+114,  7,185, 85,248,238,172, 10, 54, 73, 42,104, 60, 56,241,164,
+ 64, 40,211,123,187,201, 67,193, 21,227,173,244,119,199,128,158);
+
+sub S1110 { my $i=shift; $i=@SBOX[$i]; $i=$i<<24|$i<<16|$i<<8; sprintf("0x%08x",$i); }
+sub S4404 { my $i=shift; $i=($i<<1|$i>>7)&0xff; $i=@SBOX[$i]; $i=$i<<24|$i<<16|$i; sprintf("0x%08x",$i); }
+sub S0222 { my $i=shift; $i=@SBOX[$i]; $i=($i<<1|$i>>7)&0xff; $i=$i<<16|$i<<8|$i; sprintf("0x%08x",$i); }
+sub S3033 { my $i=shift; $i=@SBOX[$i]; $i=($i>>1|$i<<7)&0xff; $i=$i<<24|$i<<8|$i; sprintf("0x%08x",$i); }
+
+$code.=<<___;
+.align	64
+.LCamellia_SIGMA:
+.long	0x3bcc908b, 0xa09e667f, 0x4caa73b2, 0xb67ae858
+.long	0xe94f82be, 0xc6ef372f, 0xf1d36f1c, 0x54ff53a5
+.long	0xde682d1d, 0x10e527fa, 0xb3e6c1fd, 0xb05688c2
+.long	0,          0,          0,          0
+.LCamellia_SBOX:
+___
+# tables are interleaved, remember?
+sub data_word { $code.=".long\t".join(',',@_)."\n"; }
+for ($i=0;$i<256;$i++) { &data_word(&S1110($i),&S4404($i)); }
+for ($i=0;$i<256;$i++) { &data_word(&S0222($i),&S3033($i)); }
+
+# void Camellia_cbc_encrypt (const void char *inp, unsigned char *out,
+#			size_t length, const CAMELLIA_KEY *key,
+#			unsigned char *ivp,const int enc);
+{
+$_key="0(%rsp)";
+$_end="8(%rsp)";	# inp+len&~15
+$_res="16(%rsp)";	# len&15
+$ivec="24(%rsp)";
+$_ivp="40(%rsp)";
+$_rsp="48(%rsp)";
+
+$code.=<<___;
+.globl	Camellia_cbc_encrypt
+.type	Camellia_cbc_encrypt,\@function,6
+.align	16
+Camellia_cbc_encrypt:
+	cmp	\$0,%rdx
+	je	.Lcbc_abort
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+.Lcbc_prologue:
+
+	mov	%rsp,%rbp
+	sub	\$64,%rsp
+	and	\$-64,%rsp
+
+	# place stack frame just "above mod 1024" the key schedule,
+	# this ensures that cache associativity suffices
+	lea	-64-63(%rcx),%r10
+	sub	%rsp,%r10
+	neg	%r10
+	and	\$0x3C0,%r10
+	sub	%r10,%rsp
+	#add	\$8,%rsp		# 8 is reserved for callee's ra
+
+	mov	%rdi,$inp		# inp argument
+	mov	%rsi,$out		# out argument
+	mov	%r8,%rbx		# ivp argument
+	mov	%rcx,$key		# key argument
+	mov	272(%rcx),${keyend}d	# grandRounds
+
+	mov	%r8,$_ivp
+	mov	%rbp,$_rsp
+
+.Lcbc_body:
+	lea	.LCamellia_SBOX(%rip),$Tbl
+
+	mov	\$32,%ecx
+.align	4
+.Lcbc_prefetch_sbox:
+	mov	0($Tbl),%rax
+	mov	32($Tbl),%rsi
+	mov	64($Tbl),%rdi
+	mov	96($Tbl),%r11
+	lea	128($Tbl),$Tbl
+	loop	.Lcbc_prefetch_sbox
+	sub	\$4096,$Tbl
+	shl	\$6,$keyend
+	mov	%rdx,%rcx		# len argument
+	lea	($key,$keyend),$keyend
+
+	cmp	\$0,%r9d		# enc argument
+	je	.LCBC_DECRYPT
+
+	and	\$-16,%rdx
+	and	\$15,%rcx		# length residue
+	lea	($inp,%rdx),%rdx
+	mov	$key,$_key
+	mov	%rdx,$_end
+	mov	%rcx,$_res
+
+	cmp	$inp,%rdx
+	mov	0(%rbx),@S[0]		# load IV
+	mov	4(%rbx),@S[1]
+	mov	8(%rbx),@S[2]
+	mov	12(%rbx),@S[3]
+	je	.Lcbc_enc_tail
+	jmp	.Lcbc_eloop
+
+.align	16
+.Lcbc_eloop:
+	xor	0($inp),@S[0]
+	xor	4($inp),@S[1]
+	xor	8($inp),@S[2]
+	bswap	@S[0]
+	xor	12($inp),@S[3]
+	bswap	@S[1]
+	bswap	@S[2]
+	bswap	@S[3]
+
+	call	_x86_64_Camellia_encrypt
+
+	mov	$_key,$key		# "rewind" the key
+	bswap	@S[0]
+	mov	$_end,%rdx
+	bswap	@S[1]
+	mov	$_res,%rcx
+	bswap	@S[2]
+	mov	@S[0],0($out)
+	bswap	@S[3]
+	mov	@S[1],4($out)
+	mov	@S[2],8($out)
+	lea	16($inp),$inp
+	mov	@S[3],12($out)
+	cmp	%rdx,$inp
+	lea	16($out),$out
+	jne	.Lcbc_eloop
+
+	cmp	\$0,%rcx
+	jne	.Lcbc_enc_tail
+
+	mov	$_ivp,$out
+	mov	@S[0],0($out)		# write out IV residue
+	mov	@S[1],4($out)
+	mov	@S[2],8($out)
+	mov	@S[3],12($out)
+	jmp	.Lcbc_done
+
+.align	16
+.Lcbc_enc_tail:
+	xor	%rax,%rax
+	mov	%rax,0+$ivec
+	mov	%rax,8+$ivec
+	mov	%rax,$_res
+
+.Lcbc_enc_pushf:
+	pushfq
+	cld
+	mov	$inp,%rsi
+	lea	8+$ivec,%rdi
+	.long	0x9066A4F3		# rep movsb
+	popfq
+.Lcbc_enc_popf:
+
+	lea	$ivec,$inp
+	lea	16+$ivec,%rax
+	mov	%rax,$_end
+	jmp	.Lcbc_eloop		# one more time
+
+.align	16
+.LCBC_DECRYPT:
+	xchg	$key,$keyend
+	add	\$15,%rdx
+	and	\$15,%rcx		# length residue
+	and	\$-16,%rdx
+	mov	$key,$_key
+	lea	($inp,%rdx),%rdx
+	mov	%rdx,$_end
+	mov	%rcx,$_res
+
+	mov	(%rbx),%rax		# load IV
+	mov	8(%rbx),%rbx
+	jmp	.Lcbc_dloop
+.align	16
+.Lcbc_dloop:
+	mov	0($inp),@S[0]
+	mov	4($inp),@S[1]
+	mov	8($inp),@S[2]
+	bswap	@S[0]
+	mov	12($inp),@S[3]
+	bswap	@S[1]
+	mov	%rax,0+$ivec		# save IV to temporary storage
+	bswap	@S[2]
+	mov	%rbx,8+$ivec
+	bswap	@S[3]
+
+	call	_x86_64_Camellia_decrypt
+
+	mov	$_key,$key		# "rewind" the key
+	mov	$_end,%rdx
+	mov	$_res,%rcx
+
+	bswap	@S[0]
+	mov	($inp),%rax		# load IV for next iteration
+	bswap	@S[1]
+	mov	8($inp),%rbx
+	bswap	@S[2]
+	xor	0+$ivec,@S[0]
+	bswap	@S[3]
+	xor	4+$ivec,@S[1]
+	xor	8+$ivec,@S[2]
+	lea	16($inp),$inp
+	xor	12+$ivec,@S[3]
+	cmp	%rdx,$inp
+	je	.Lcbc_ddone
+
+	mov	@S[0],0($out)
+	mov	@S[1],4($out)
+	mov	@S[2],8($out)
+	mov	@S[3],12($out)
+
+	lea	16($out),$out
+	jmp	.Lcbc_dloop
+
+.align	16
+.Lcbc_ddone:
+	mov	$_ivp,%rdx
+	cmp	\$0,%rcx
+	jne	.Lcbc_dec_tail
+
+	mov	@S[0],0($out)
+	mov	@S[1],4($out)
+	mov	@S[2],8($out)
+	mov	@S[3],12($out)
+
+	mov	%rax,(%rdx)		# write out IV residue
+	mov	%rbx,8(%rdx)
+	jmp	.Lcbc_done
+.align	16
+.Lcbc_dec_tail:
+	mov	@S[0],0+$ivec
+	mov	@S[1],4+$ivec
+	mov	@S[2],8+$ivec
+	mov	@S[3],12+$ivec
+
+.Lcbc_dec_pushf:
+	pushfq
+	cld
+	lea	8+$ivec,%rsi
+	lea	($out),%rdi
+	.long	0x9066A4F3		# rep movsb
+	popfq
+.Lcbc_dec_popf:
+
+	mov	%rax,(%rdx)		# write out IV residue
+	mov	%rbx,8(%rdx)
+	jmp	.Lcbc_done
+
+.align	16
+.Lcbc_done:
+	mov	$_rsp,%rcx
+	mov	0(%rcx),%r15
+	mov	8(%rcx),%r14
+	mov	16(%rcx),%r13
+	mov	24(%rcx),%r12
+	mov	32(%rcx),%rbp
+	mov	40(%rcx),%rbx
+	lea	48(%rcx),%rsp
+.Lcbc_abort:
+	ret
+.size	Camellia_cbc_encrypt,.-Camellia_cbc_encrypt
+
+.asciz	"Camellia for x86_64 by <appro\@openssl.org>"
+___
+}
+
+# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
+#		CONTEXT *context,DISPATCHER_CONTEXT *disp)
+if ($win64) {
+$rec="%rcx";
+$frame="%rdx";
+$context="%r8";
+$disp="%r9";
+
+$code.=<<___;
+.extern	__imp_RtlVirtualUnwind
+.type	common_se_handler,\@abi-omnipotent
+.align	16
+common_se_handler:
+	push	%rsi
+	push	%rdi
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	pushfq
+	lea	-64(%rsp),%rsp
+
+	mov	120($context),%rax	# pull context->Rax
+	mov	248($context),%rbx	# pull context->Rip
+
+	mov	8($disp),%rsi		# disp->ImageBase
+	mov	56($disp),%r11		# disp->HandlerData
+
+	mov	0(%r11),%r10d		# HandlerData[0]
+	lea	(%rsi,%r10),%r10	# prologue label
+	cmp	%r10,%rbx		# context->Rip<prologue label
+	jb	.Lin_prologue
+
+	mov	152($context),%rax	# pull context->Rsp
+
+	mov	4(%r11),%r10d		# HandlerData[1]
+	lea	(%rsi,%r10),%r10	# epilogue label
+	cmp	%r10,%rbx		# context->Rip>=epilogue label
+	jae	.Lin_prologue
+
+	lea	40(%rax),%rax
+	mov	-8(%rax),%rbx
+	mov	-16(%rax),%rbp
+	mov	-24(%rax),%r13
+	mov	-32(%rax),%r14
+	mov	-40(%rax),%r15
+	mov	%rbx,144($context)	# restore context->Rbx
+	mov	%rbp,160($context)	# restore context->Rbp
+	mov	%r13,224($context)	# restore context->R13
+	mov	%r14,232($context)	# restore context->R14
+	mov	%r15,240($context)	# restore context->R15
+
+.Lin_prologue:
+	mov	8(%rax),%rdi
+	mov	16(%rax),%rsi
+	mov	%rax,152($context)	# restore context->Rsp
+	mov	%rsi,168($context)	# restore context->Rsi
+	mov	%rdi,176($context)	# restore context->Rdi
+
+	jmp	.Lcommon_seh_exit
+.size	common_se_handler,.-common_se_handler
+
+.type	cbc_se_handler,\@abi-omnipotent
+.align	16
+cbc_se_handler:
+	push	%rsi
+	push	%rdi
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	pushfq
+	lea	-64(%rsp),%rsp
+
+	mov	120($context),%rax	# pull context->Rax
+	mov	248($context),%rbx	# pull context->Rip
+
+	lea	.Lcbc_prologue(%rip),%r10
+	cmp	%r10,%rbx		# context->Rip<.Lcbc_prologue
+	jb	.Lin_cbc_prologue
+
+	lea	.Lcbc_body(%rip),%r10
+	cmp	%r10,%rbx		# context->Rip<.Lcbc_body
+	jb	.Lin_cbc_frame_setup
+
+	mov	152($context),%rax	# pull context->Rsp
+
+	lea	.Lcbc_abort(%rip),%r10
+	cmp	%r10,%rbx		# context->Rip>=.Lcbc_abort
+	jae	.Lin_cbc_prologue
+
+	# handle pushf/popf in Camellia_cbc_encrypt
+	lea	.Lcbc_enc_pushf(%rip),%r10
+	cmp	%r10,%rbx		# context->Rip<=.Lcbc_enc_pushf
+	jbe	.Lin_cbc_no_flag
+	lea	8(%rax),%rax
+	lea	.Lcbc_enc_popf(%rip),%r10
+	cmp	%r10,%rbx		# context->Rip<.Lcbc_enc_popf
+	jb	.Lin_cbc_no_flag
+	lea	-8(%rax),%rax
+	lea	.Lcbc_dec_pushf(%rip),%r10
+	cmp	%r10,%rbx		# context->Rip<=.Lcbc_dec_pushf
+	jbe	.Lin_cbc_no_flag
+	lea	8(%rax),%rax
+	lea	.Lcbc_dec_popf(%rip),%r10
+	cmp	%r10,%rbx		# context->Rip<.Lcbc_dec_popf
+	jb	.Lin_cbc_no_flag
+	lea	-8(%rax),%rax
+
+.Lin_cbc_no_flag:
+	mov	48(%rax),%rax		# $_rsp
+	lea	48(%rax),%rax
+
+.Lin_cbc_frame_setup:
+	mov	-8(%rax),%rbx
+	mov	-16(%rax),%rbp
+	mov	-24(%rax),%r12
+	mov	-32(%rax),%r13
+	mov	-40(%rax),%r14
+	mov	-48(%rax),%r15
+	mov	%rbx,144($context)	# restore context->Rbx
+	mov	%rbp,160($context)	# restore context->Rbp
+	mov	%r12,216($context)	# restore context->R12
+	mov	%r13,224($context)	# restore context->R13
+	mov	%r14,232($context)	# restore context->R14
+	mov	%r15,240($context)	# restore context->R15
+
+.Lin_cbc_prologue:
+	mov	8(%rax),%rdi
+	mov	16(%rax),%rsi
+	mov	%rax,152($context)	# restore context->Rsp
+	mov	%rsi,168($context)	# restore context->Rsi
+	mov	%rdi,176($context)	# restore context->Rdi
+
+.align	4
+.Lcommon_seh_exit:
+
+	mov	40($disp),%rdi		# disp->ContextRecord
+	mov	$context,%rsi		# context
+	mov	\$`1232/8`,%ecx		# sizeof(CONTEXT)
+	.long	0xa548f3fc		# cld; rep movsq
+
+	mov	$disp,%rsi
+	xor	%rcx,%rcx		# arg1, UNW_FLAG_NHANDLER
+	mov	8(%rsi),%rdx		# arg2, disp->ImageBase
+	mov	0(%rsi),%r8		# arg3, disp->ControlPc
+	mov	16(%rsi),%r9		# arg4, disp->FunctionEntry
+	mov	40(%rsi),%r10		# disp->ContextRecord
+	lea	56(%rsi),%r11		# &disp->HandlerData
+	lea	24(%rsi),%r12		# &disp->EstablisherFrame
+	mov	%r10,32(%rsp)		# arg5
+	mov	%r11,40(%rsp)		# arg6
+	mov	%r12,48(%rsp)		# arg7
+	mov	%rcx,56(%rsp)		# arg8, (NULL)
+	call	*__imp_RtlVirtualUnwind(%rip)
+
+	mov	\$1,%eax		# ExceptionContinueSearch
+	lea	64(%rsp),%rsp
+	popfq
+	pop	%r15
+	pop	%r14
+	pop	%r13
+	pop	%r12
+	pop	%rbp
+	pop	%rbx
+	pop	%rdi
+	pop	%rsi
+	ret
+.size	cbc_se_handler,.-cbc_se_handler
+
+.section	.pdata
+.align	4
+	.rva	.LSEH_begin_Camellia_EncryptBlock_Rounds
+	.rva	.LSEH_end_Camellia_EncryptBlock_Rounds
+	.rva	.LSEH_info_Camellia_EncryptBlock_Rounds
+
+	.rva	.LSEH_begin_Camellia_DecryptBlock_Rounds
+	.rva	.LSEH_end_Camellia_DecryptBlock_Rounds
+	.rva	.LSEH_info_Camellia_DecryptBlock_Rounds
+
+	.rva	.LSEH_begin_Camellia_Ekeygen
+	.rva	.LSEH_end_Camellia_Ekeygen
+	.rva	.LSEH_info_Camellia_Ekeygen
+
+	.rva	.LSEH_begin_Camellia_cbc_encrypt
+	.rva	.LSEH_end_Camellia_cbc_encrypt
+	.rva	.LSEH_info_Camellia_cbc_encrypt
+
+.section	.xdata
+.align	8
+.LSEH_info_Camellia_EncryptBlock_Rounds:
+	.byte	9,0,0,0
+	.rva	common_se_handler
+	.rva	.Lenc_prologue,.Lenc_epilogue	# HandlerData[]
+.LSEH_info_Camellia_DecryptBlock_Rounds:
+	.byte	9,0,0,0
+	.rva	common_se_handler
+	.rva	.Ldec_prologue,.Ldec_epilogue	# HandlerData[]
+.LSEH_info_Camellia_Ekeygen:
+	.byte	9,0,0,0
+	.rva	common_se_handler
+	.rva	.Lkey_prologue,.Lkey_epilogue	# HandlerData[]
+.LSEH_info_Camellia_cbc_encrypt:
+	.byte	9,0,0,0
+	.rva	cbc_se_handler
+___
+}
+
+$code =~ s/\`([^\`]*)\`/eval $1/gem;
+print $code;
+close STDOUT;
diff --git a/crypto/camellia/camellia.c b/crypto/camellia/camellia.c
new file mode 100644
index 0000000000..75fc8991c0
--- /dev/null
+++ b/crypto/camellia/camellia.c
@@ -0,0 +1,582 @@
+/* crypto/camellia/camellia.c -*- mode:C; c-file-style: "eay" -*- */
+/* ====================================================================
+ * Copyright 2006 NTT (Nippon Telegraph and Telephone Corporation) . 
+ * ALL RIGHTS RESERVED.
+ *
+ * Intellectual Property information for Camellia:
+ *     http://info.isl.ntt.co.jp/crypt/eng/info/chiteki.html
+ *
+ * News Release for Announcement of Camellia open source:
+ *     http://www.ntt.co.jp/news/news06e/0604/060413a.html
+ *
+ * The Camellia Code included herein is developed by
+ * NTT (Nippon Telegraph and Telephone Corporation), and is contributed
+ * to the OpenSSL project.
+ *
+ * The Camellia Code is licensed pursuant to the OpenSSL open source
+ * license provided below.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+/* Algorithm Specification 
+   http://info.isl.ntt.co.jp/crypt/eng/camellia/specifications.html
+*/
+ 
+/*
+ * This release balances code size and performance. In particular key
+ * schedule setup is fully unrolled, because doing so *significantly*
+ * reduces amount of instructions per setup round and code increase is
+ * justifiable. In block functions on the other hand only inner loops
+ * are unrolled, as full unroll gives only nominal performance boost,
+ * while code size grows 4 or 7 times. Also, unlike previous versions
+ * this one "encourages" compiler to keep intermediate variables in
+ * registers, which should give better "all round" results, in other
+ * words reasonable performance even with not so modern compilers.
+ */
+
+#include "camellia.h"
+#include "cmll_locl.h"
+#include <string.h>
+#include <stdlib.h>
+
+/* 32-bit rotations */
+#if !defined(PEDANTIC) && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM)
+# if defined(_MSC_VER) && (defined(_M_IX86) || defined(_M_AMD64) || defined(_M_X64))
+#  define RightRotate(x, s) _lrotr(x, s)
+#  define LeftRotate(x, s)  _lrotl(x, s)
+#  if _MSC_VER >= 1400
+#   define SWAP(x) _byteswap_ulong(x)
+#  else
+#   define SWAP(x) (_lrotl(x, 8) & 0x00ff00ff | _lrotr(x, 8) & 0xff00ff00)
+#  endif
+#  define GETU32(p)   SWAP(*((u32 *)(p)))
+#  define PUTU32(p,v) (*((u32 *)(p)) = SWAP((v)))
+# elif defined(__GNUC__) && __GNUC__>=2
+#  if defined(__i386) || defined(__x86_64)
+#   define RightRotate(x,s) ({u32 ret; asm ("rorl %1,%0":"=r"(ret):"I"(s),"0"(x):"cc"); ret; })
+#   define LeftRotate(x,s)  ({u32 ret; asm ("roll %1,%0":"=r"(ret):"I"(s),"0"(x):"cc"); ret; })
+#   if defined(B_ENDIAN) /* stratus.com does it */
+#    define GETU32(p)   (*(u32 *)(p))
+#    define PUTU32(p,v) (*(u32 *)(p)=(v))
+#   else
+#    define GETU32(p)   ({u32 r=*(const u32 *)(p); asm("bswapl %0":"=r"(r):"0"(r)); r; })
+#    define PUTU32(p,v) ({u32 r=(v); asm("bswapl %0":"=r"(r):"0"(r)); *(u32 *)(p)=r; })
+#   endif
+#  elif defined(_ARCH_PPC) || defined(_ARCH_PPC64) || \
+        defined(__powerpc) || defined(__ppc__) || defined(__powerpc64__)
+#   define LeftRotate(x,s)  ({u32 ret; asm ("rlwinm %0,%1,%2,0,31":"=r"(ret):"r"(x),"I"(s)); ret; })
+#   define RightRotate(x,s) LeftRotate(x,(32-s))
+#  elif defined(__s390x__)
+#   define LeftRotate(x,s)  ({u32 ret; asm ("rll %0,%1,%2":"=r"(ret):"r"(x),"I"(s)); ret; })
+#   define RightRotate(x,s) LeftRotate(x,(32-s))
+#   define GETU32(p)   (*(u32 *)(p))
+#   define PUTU32(p,v) (*(u32 *)(p)=(v))
+#  endif
+# endif
+#endif
+
+#if !defined(RightRotate) && !defined(LeftRotate)
+# define RightRotate(x, s) ( ((x) >> (s)) + ((x) << (32 - s)) )
+# define LeftRotate(x, s)  ( ((x) << (s)) + ((x) >> (32 - s)) )
+#endif
+
+#if !defined(GETU32) && !defined(PUTU32)
+# define GETU32(p)   (((u32)(p)[0] << 24) ^ ((u32)(p)[1] << 16) ^ ((u32)(p)[2] <<  8) ^ ((u32)(p)[3]))
+# define PUTU32(p,v) ((p)[0] = (u8)((v) >> 24), (p)[1] = (u8)((v) >> 16), (p)[2] = (u8)((v) >>  8), (p)[3] = (u8)(v))
+#endif
+
+/* S-box data */
+#define SBOX1_1110 Camellia_SBOX[0]
+#define SBOX4_4404 Camellia_SBOX[1]
+#define SBOX2_0222 Camellia_SBOX[2]
+#define SBOX3_3033 Camellia_SBOX[3]
+static const u32 Camellia_SBOX[][256] = {
+{   0x70707000, 0x82828200, 0x2c2c2c00, 0xececec00, 0xb3b3b300, 0x27272700, 
+    0xc0c0c000, 0xe5e5e500, 0xe4e4e400, 0x85858500, 0x57575700, 0x35353500, 
+    0xeaeaea00, 0x0c0c0c00, 0xaeaeae00, 0x41414100, 0x23232300, 0xefefef00, 
+    0x6b6b6b00, 0x93939300, 0x45454500, 0x19191900, 0xa5a5a500, 0x21212100, 
+    0xededed00, 0x0e0e0e00, 0x4f4f4f00, 0x4e4e4e00, 0x1d1d1d00, 0x65656500, 
+    0x92929200, 0xbdbdbd00, 0x86868600, 0xb8b8b800, 0xafafaf00, 0x8f8f8f00, 
+    0x7c7c7c00, 0xebebeb00, 0x1f1f1f00, 0xcecece00, 0x3e3e3e00, 0x30303000, 
+    0xdcdcdc00, 0x5f5f5f00, 0x5e5e5e00, 0xc5c5c500, 0x0b0b0b00, 0x1a1a1a00, 
+    0xa6a6a600, 0xe1e1e100, 0x39393900, 0xcacaca00, 0xd5d5d500, 0x47474700, 
+    0x5d5d5d00, 0x3d3d3d00, 0xd9d9d900, 0x01010100, 0x5a5a5a00, 0xd6d6d600, 
+    0x51515100, 0x56565600, 0x6c6c6c00, 0x4d4d4d00, 0x8b8b8b00, 0x0d0d0d00, 
+    0x9a9a9a00, 0x66666600, 0xfbfbfb00, 0xcccccc00, 0xb0b0b000, 0x2d2d2d00, 
+    0x74747400, 0x12121200, 0x2b2b2b00, 0x20202000, 0xf0f0f000, 0xb1b1b100, 
+    0x84848400, 0x99999900, 0xdfdfdf00, 0x4c4c4c00, 0xcbcbcb00, 0xc2c2c200, 
+    0x34343400, 0x7e7e7e00, 0x76767600, 0x05050500, 0x6d6d6d00, 0xb7b7b700, 
+    0xa9a9a900, 0x31313100, 0xd1d1d100, 0x17171700, 0x04040400, 0xd7d7d700, 
+    0x14141400, 0x58585800, 0x3a3a3a00, 0x61616100, 0xdedede00, 0x1b1b1b00, 
+    0x11111100, 0x1c1c1c00, 0x32323200, 0x0f0f0f00, 0x9c9c9c00, 0x16161600, 
+    0x53535300, 0x18181800, 0xf2f2f200, 0x22222200, 0xfefefe00, 0x44444400, 
+    0xcfcfcf00, 0xb2b2b200, 0xc3c3c300, 0xb5b5b500, 0x7a7a7a00, 0x91919100, 
+    0x24242400, 0x08080800, 0xe8e8e800, 0xa8a8a800, 0x60606000, 0xfcfcfc00, 
+    0x69696900, 0x50505000, 0xaaaaaa00, 0xd0d0d000, 0xa0a0a000, 0x7d7d7d00, 
+    0xa1a1a100, 0x89898900, 0x62626200, 0x97979700, 0x54545400, 0x5b5b5b00, 
+    0x1e1e1e00, 0x95959500, 0xe0e0e000, 0xffffff00, 0x64646400, 0xd2d2d200, 
+    0x10101000, 0xc4c4c400, 0x00000000, 0x48484800, 0xa3a3a300, 0xf7f7f700, 
+    0x75757500, 0xdbdbdb00, 0x8a8a8a00, 0x03030300, 0xe6e6e600, 0xdadada00, 
+    0x09090900, 0x3f3f3f00, 0xdddddd00, 0x94949400, 0x87878700, 0x5c5c5c00, 
+    0x83838300, 0x02020200, 0xcdcdcd00, 0x4a4a4a00, 0x90909000, 0x33333300, 
+    0x73737300, 0x67676700, 0xf6f6f600, 0xf3f3f300, 0x9d9d9d00, 0x7f7f7f00, 
+    0xbfbfbf00, 0xe2e2e200, 0x52525200, 0x9b9b9b00, 0xd8d8d800, 0x26262600, 
+    0xc8c8c800, 0x37373700, 0xc6c6c600, 0x3b3b3b00, 0x81818100, 0x96969600, 
+    0x6f6f6f00, 0x4b4b4b00, 0x13131300, 0xbebebe00, 0x63636300, 0x2e2e2e00, 
+    0xe9e9e900, 0x79797900, 0xa7a7a700, 0x8c8c8c00, 0x9f9f9f00, 0x6e6e6e00, 
+    0xbcbcbc00, 0x8e8e8e00, 0x29292900, 0xf5f5f500, 0xf9f9f900, 0xb6b6b600, 
+    0x2f2f2f00, 0xfdfdfd00, 0xb4b4b400, 0x59595900, 0x78787800, 0x98989800, 
+    0x06060600, 0x6a6a6a00, 0xe7e7e700, 0x46464600, 0x71717100, 0xbababa00, 
+    0xd4d4d400, 0x25252500, 0xababab00, 0x42424200, 0x88888800, 0xa2a2a200, 
+    0x8d8d8d00, 0xfafafa00, 0x72727200, 0x07070700, 0xb9b9b900, 0x55555500, 
+    0xf8f8f800, 0xeeeeee00, 0xacacac00, 0x0a0a0a00, 0x36363600, 0x49494900, 
+    0x2a2a2a00, 0x68686800, 0x3c3c3c00, 0x38383800, 0xf1f1f100, 0xa4a4a400, 
+    0x40404000, 0x28282800, 0xd3d3d300, 0x7b7b7b00, 0xbbbbbb00, 0xc9c9c900, 
+    0x43434300, 0xc1c1c100, 0x15151500, 0xe3e3e300, 0xadadad00, 0xf4f4f400, 
+    0x77777700, 0xc7c7c700, 0x80808000, 0x9e9e9e00 },
+{   0x70700070, 0x2c2c002c, 0xb3b300b3, 0xc0c000c0, 0xe4e400e4, 0x57570057, 
+    0xeaea00ea, 0xaeae00ae, 0x23230023, 0x6b6b006b, 0x45450045, 0xa5a500a5, 
+    0xeded00ed, 0x4f4f004f, 0x1d1d001d, 0x92920092, 0x86860086, 0xafaf00af, 
+    0x7c7c007c, 0x1f1f001f, 0x3e3e003e, 0xdcdc00dc, 0x5e5e005e, 0x0b0b000b, 
+    0xa6a600a6, 0x39390039, 0xd5d500d5, 0x5d5d005d, 0xd9d900d9, 0x5a5a005a, 
+    0x51510051, 0x6c6c006c, 0x8b8b008b, 0x9a9a009a, 0xfbfb00fb, 0xb0b000b0, 
+    0x74740074, 0x2b2b002b, 0xf0f000f0, 0x84840084, 0xdfdf00df, 0xcbcb00cb, 
+    0x34340034, 0x76760076, 0x6d6d006d, 0xa9a900a9, 0xd1d100d1, 0x04040004, 
+    0x14140014, 0x3a3a003a, 0xdede00de, 0x11110011, 0x32320032, 0x9c9c009c, 
+    0x53530053, 0xf2f200f2, 0xfefe00fe, 0xcfcf00cf, 0xc3c300c3, 0x7a7a007a, 
+    0x24240024, 0xe8e800e8, 0x60600060, 0x69690069, 0xaaaa00aa, 0xa0a000a0, 
+    0xa1a100a1, 0x62620062, 0x54540054, 0x1e1e001e, 0xe0e000e0, 0x64640064, 
+    0x10100010, 0x00000000, 0xa3a300a3, 0x75750075, 0x8a8a008a, 0xe6e600e6, 
+    0x09090009, 0xdddd00dd, 0x87870087, 0x83830083, 0xcdcd00cd, 0x90900090, 
+    0x73730073, 0xf6f600f6, 0x9d9d009d, 0xbfbf00bf, 0x52520052, 0xd8d800d8, 
+    0xc8c800c8, 0xc6c600c6, 0x81810081, 0x6f6f006f, 0x13130013, 0x63630063, 
+    0xe9e900e9, 0xa7a700a7, 0x9f9f009f, 0xbcbc00bc, 0x29290029, 0xf9f900f9, 
+    0x2f2f002f, 0xb4b400b4, 0x78780078, 0x06060006, 0xe7e700e7, 0x71710071, 
+    0xd4d400d4, 0xabab00ab, 0x88880088, 0x8d8d008d, 0x72720072, 0xb9b900b9, 
+    0xf8f800f8, 0xacac00ac, 0x36360036, 0x2a2a002a, 0x3c3c003c, 0xf1f100f1, 
+    0x40400040, 0xd3d300d3, 0xbbbb00bb, 0x43430043, 0x15150015, 0xadad00ad, 
+    0x77770077, 0x80800080, 0x82820082, 0xecec00ec, 0x27270027, 0xe5e500e5, 
+    0x85850085, 0x35350035, 0x0c0c000c, 0x41410041, 0xefef00ef, 0x93930093, 
+    0x19190019, 0x21210021, 0x0e0e000e, 0x4e4e004e, 0x65650065, 0xbdbd00bd, 
+    0xb8b800b8, 0x8f8f008f, 0xebeb00eb, 0xcece00ce, 0x30300030, 0x5f5f005f, 
+    0xc5c500c5, 0x1a1a001a, 0xe1e100e1, 0xcaca00ca, 0x47470047, 0x3d3d003d, 
+    0x01010001, 0xd6d600d6, 0x56560056, 0x4d4d004d, 0x0d0d000d, 0x66660066, 
+    0xcccc00cc, 0x2d2d002d, 0x12120012, 0x20200020, 0xb1b100b1, 0x99990099, 
+    0x4c4c004c, 0xc2c200c2, 0x7e7e007e, 0x05050005, 0xb7b700b7, 0x31310031, 
+    0x17170017, 0xd7d700d7, 0x58580058, 0x61610061, 0x1b1b001b, 0x1c1c001c, 
+    0x0f0f000f, 0x16160016, 0x18180018, 0x22220022, 0x44440044, 0xb2b200b2, 
+    0xb5b500b5, 0x91910091, 0x08080008, 0xa8a800a8, 0xfcfc00fc, 0x50500050, 
+    0xd0d000d0, 0x7d7d007d, 0x89890089, 0x97970097, 0x5b5b005b, 0x95950095, 
+    0xffff00ff, 0xd2d200d2, 0xc4c400c4, 0x48480048, 0xf7f700f7, 0xdbdb00db, 
+    0x03030003, 0xdada00da, 0x3f3f003f, 0x94940094, 0x5c5c005c, 0x02020002, 
+    0x4a4a004a, 0x33330033, 0x67670067, 0xf3f300f3, 0x7f7f007f, 0xe2e200e2, 
+    0x9b9b009b, 0x26260026, 0x37370037, 0x3b3b003b, 0x96960096, 0x4b4b004b, 
+    0xbebe00be, 0x2e2e002e, 0x79790079, 0x8c8c008c, 0x6e6e006e, 0x8e8e008e, 
+    0xf5f500f5, 0xb6b600b6, 0xfdfd00fd, 0x59590059, 0x98980098, 0x6a6a006a, 
+    0x46460046, 0xbaba00ba, 0x25250025, 0x42420042, 0xa2a200a2, 0xfafa00fa, 
+    0x07070007, 0x55550055, 0xeeee00ee, 0x0a0a000a, 0x49490049, 0x68680068, 
+    0x38380038, 0xa4a400a4, 0x28280028, 0x7b7b007b, 0xc9c900c9, 0xc1c100c1, 
+    0xe3e300e3, 0xf4f400f4, 0xc7c700c7, 0x9e9e009e },
+{   0x00e0e0e0, 0x00050505, 0x00585858, 0x00d9d9d9, 0x00676767, 0x004e4e4e, 
+    0x00818181, 0x00cbcbcb, 0x00c9c9c9, 0x000b0b0b, 0x00aeaeae, 0x006a6a6a, 
+    0x00d5d5d5, 0x00181818, 0x005d5d5d, 0x00828282, 0x00464646, 0x00dfdfdf, 
+    0x00d6d6d6, 0x00272727, 0x008a8a8a, 0x00323232, 0x004b4b4b, 0x00424242, 
+    0x00dbdbdb, 0x001c1c1c, 0x009e9e9e, 0x009c9c9c, 0x003a3a3a, 0x00cacaca, 
+    0x00252525, 0x007b7b7b, 0x000d0d0d, 0x00717171, 0x005f5f5f, 0x001f1f1f, 
+    0x00f8f8f8, 0x00d7d7d7, 0x003e3e3e, 0x009d9d9d, 0x007c7c7c, 0x00606060, 
+    0x00b9b9b9, 0x00bebebe, 0x00bcbcbc, 0x008b8b8b, 0x00161616, 0x00343434, 
+    0x004d4d4d, 0x00c3c3c3, 0x00727272, 0x00959595, 0x00ababab, 0x008e8e8e, 
+    0x00bababa, 0x007a7a7a, 0x00b3b3b3, 0x00020202, 0x00b4b4b4, 0x00adadad, 
+    0x00a2a2a2, 0x00acacac, 0x00d8d8d8, 0x009a9a9a, 0x00171717, 0x001a1a1a, 
+    0x00353535, 0x00cccccc, 0x00f7f7f7, 0x00999999, 0x00616161, 0x005a5a5a, 
+    0x00e8e8e8, 0x00242424, 0x00565656, 0x00404040, 0x00e1e1e1, 0x00636363, 
+    0x00090909, 0x00333333, 0x00bfbfbf, 0x00989898, 0x00979797, 0x00858585, 
+    0x00686868, 0x00fcfcfc, 0x00ececec, 0x000a0a0a, 0x00dadada, 0x006f6f6f, 
+    0x00535353, 0x00626262, 0x00a3a3a3, 0x002e2e2e, 0x00080808, 0x00afafaf, 
+    0x00282828, 0x00b0b0b0, 0x00747474, 0x00c2c2c2, 0x00bdbdbd, 0x00363636, 
+    0x00222222, 0x00383838, 0x00646464, 0x001e1e1e, 0x00393939, 0x002c2c2c, 
+    0x00a6a6a6, 0x00303030, 0x00e5e5e5, 0x00444444, 0x00fdfdfd, 0x00888888, 
+    0x009f9f9f, 0x00656565, 0x00878787, 0x006b6b6b, 0x00f4f4f4, 0x00232323, 
+    0x00484848, 0x00101010, 0x00d1d1d1, 0x00515151, 0x00c0c0c0, 0x00f9f9f9, 
+    0x00d2d2d2, 0x00a0a0a0, 0x00555555, 0x00a1a1a1, 0x00414141, 0x00fafafa, 
+    0x00434343, 0x00131313, 0x00c4c4c4, 0x002f2f2f, 0x00a8a8a8, 0x00b6b6b6, 
+    0x003c3c3c, 0x002b2b2b, 0x00c1c1c1, 0x00ffffff, 0x00c8c8c8, 0x00a5a5a5, 
+    0x00202020, 0x00898989, 0x00000000, 0x00909090, 0x00474747, 0x00efefef, 
+    0x00eaeaea, 0x00b7b7b7, 0x00151515, 0x00060606, 0x00cdcdcd, 0x00b5b5b5, 
+    0x00121212, 0x007e7e7e, 0x00bbbbbb, 0x00292929, 0x000f0f0f, 0x00b8b8b8, 
+    0x00070707, 0x00040404, 0x009b9b9b, 0x00949494, 0x00212121, 0x00666666, 
+    0x00e6e6e6, 0x00cecece, 0x00ededed, 0x00e7e7e7, 0x003b3b3b, 0x00fefefe, 
+    0x007f7f7f, 0x00c5c5c5, 0x00a4a4a4, 0x00373737, 0x00b1b1b1, 0x004c4c4c, 
+    0x00919191, 0x006e6e6e, 0x008d8d8d, 0x00767676, 0x00030303, 0x002d2d2d, 
+    0x00dedede, 0x00969696, 0x00262626, 0x007d7d7d, 0x00c6c6c6, 0x005c5c5c, 
+    0x00d3d3d3, 0x00f2f2f2, 0x004f4f4f, 0x00191919, 0x003f3f3f, 0x00dcdcdc, 
+    0x00797979, 0x001d1d1d, 0x00525252, 0x00ebebeb, 0x00f3f3f3, 0x006d6d6d, 
+    0x005e5e5e, 0x00fbfbfb, 0x00696969, 0x00b2b2b2, 0x00f0f0f0, 0x00313131, 
+    0x000c0c0c, 0x00d4d4d4, 0x00cfcfcf, 0x008c8c8c, 0x00e2e2e2, 0x00757575, 
+    0x00a9a9a9, 0x004a4a4a, 0x00575757, 0x00848484, 0x00111111, 0x00454545, 
+    0x001b1b1b, 0x00f5f5f5, 0x00e4e4e4, 0x000e0e0e, 0x00737373, 0x00aaaaaa, 
+    0x00f1f1f1, 0x00dddddd, 0x00595959, 0x00141414, 0x006c6c6c, 0x00929292, 
+    0x00545454, 0x00d0d0d0, 0x00787878, 0x00707070, 0x00e3e3e3, 0x00494949, 
+    0x00808080, 0x00505050, 0x00a7a7a7, 0x00f6f6f6, 0x00777777, 0x00939393, 
+    0x00868686, 0x00838383, 0x002a2a2a, 0x00c7c7c7, 0x005b5b5b, 0x00e9e9e9, 
+    0x00eeeeee, 0x008f8f8f, 0x00010101, 0x003d3d3d },
+{   0x38003838, 0x41004141, 0x16001616, 0x76007676, 0xd900d9d9, 0x93009393, 
+    0x60006060, 0xf200f2f2, 0x72007272, 0xc200c2c2, 0xab00abab, 0x9a009a9a, 
+    0x75007575, 0x06000606, 0x57005757, 0xa000a0a0, 0x91009191, 0xf700f7f7, 
+    0xb500b5b5, 0xc900c9c9, 0xa200a2a2, 0x8c008c8c, 0xd200d2d2, 0x90009090, 
+    0xf600f6f6, 0x07000707, 0xa700a7a7, 0x27002727, 0x8e008e8e, 0xb200b2b2, 
+    0x49004949, 0xde00dede, 0x43004343, 0x5c005c5c, 0xd700d7d7, 0xc700c7c7, 
+    0x3e003e3e, 0xf500f5f5, 0x8f008f8f, 0x67006767, 0x1f001f1f, 0x18001818, 
+    0x6e006e6e, 0xaf00afaf, 0x2f002f2f, 0xe200e2e2, 0x85008585, 0x0d000d0d, 
+    0x53005353, 0xf000f0f0, 0x9c009c9c, 0x65006565, 0xea00eaea, 0xa300a3a3, 
+    0xae00aeae, 0x9e009e9e, 0xec00ecec, 0x80008080, 0x2d002d2d, 0x6b006b6b, 
+    0xa800a8a8, 0x2b002b2b, 0x36003636, 0xa600a6a6, 0xc500c5c5, 0x86008686, 
+    0x4d004d4d, 0x33003333, 0xfd00fdfd, 0x66006666, 0x58005858, 0x96009696, 
+    0x3a003a3a, 0x09000909, 0x95009595, 0x10001010, 0x78007878, 0xd800d8d8, 
+    0x42004242, 0xcc00cccc, 0xef00efef, 0x26002626, 0xe500e5e5, 0x61006161, 
+    0x1a001a1a, 0x3f003f3f, 0x3b003b3b, 0x82008282, 0xb600b6b6, 0xdb00dbdb, 
+    0xd400d4d4, 0x98009898, 0xe800e8e8, 0x8b008b8b, 0x02000202, 0xeb00ebeb, 
+    0x0a000a0a, 0x2c002c2c, 0x1d001d1d, 0xb000b0b0, 0x6f006f6f, 0x8d008d8d, 
+    0x88008888, 0x0e000e0e, 0x19001919, 0x87008787, 0x4e004e4e, 0x0b000b0b, 
+    0xa900a9a9, 0x0c000c0c, 0x79007979, 0x11001111, 0x7f007f7f, 0x22002222, 
+    0xe700e7e7, 0x59005959, 0xe100e1e1, 0xda00dada, 0x3d003d3d, 0xc800c8c8, 
+    0x12001212, 0x04000404, 0x74007474, 0x54005454, 0x30003030, 0x7e007e7e, 
+    0xb400b4b4, 0x28002828, 0x55005555, 0x68006868, 0x50005050, 0xbe00bebe, 
+    0xd000d0d0, 0xc400c4c4, 0x31003131, 0xcb00cbcb, 0x2a002a2a, 0xad00adad, 
+    0x0f000f0f, 0xca00caca, 0x70007070, 0xff00ffff, 0x32003232, 0x69006969, 
+    0x08000808, 0x62006262, 0x00000000, 0x24002424, 0xd100d1d1, 0xfb00fbfb, 
+    0xba00baba, 0xed00eded, 0x45004545, 0x81008181, 0x73007373, 0x6d006d6d, 
+    0x84008484, 0x9f009f9f, 0xee00eeee, 0x4a004a4a, 0xc300c3c3, 0x2e002e2e, 
+    0xc100c1c1, 0x01000101, 0xe600e6e6, 0x25002525, 0x48004848, 0x99009999, 
+    0xb900b9b9, 0xb300b3b3, 0x7b007b7b, 0xf900f9f9, 0xce00cece, 0xbf00bfbf, 
+    0xdf00dfdf, 0x71007171, 0x29002929, 0xcd00cdcd, 0x6c006c6c, 0x13001313, 
+    0x64006464, 0x9b009b9b, 0x63006363, 0x9d009d9d, 0xc000c0c0, 0x4b004b4b, 
+    0xb700b7b7, 0xa500a5a5, 0x89008989, 0x5f005f5f, 0xb100b1b1, 0x17001717, 
+    0xf400f4f4, 0xbc00bcbc, 0xd300d3d3, 0x46004646, 0xcf00cfcf, 0x37003737, 
+    0x5e005e5e, 0x47004747, 0x94009494, 0xfa00fafa, 0xfc00fcfc, 0x5b005b5b, 
+    0x97009797, 0xfe00fefe, 0x5a005a5a, 0xac00acac, 0x3c003c3c, 0x4c004c4c, 
+    0x03000303, 0x35003535, 0xf300f3f3, 0x23002323, 0xb800b8b8, 0x5d005d5d, 
+    0x6a006a6a, 0x92009292, 0xd500d5d5, 0x21002121, 0x44004444, 0x51005151, 
+    0xc600c6c6, 0x7d007d7d, 0x39003939, 0x83008383, 0xdc00dcdc, 0xaa00aaaa, 
+    0x7c007c7c, 0x77007777, 0x56005656, 0x05000505, 0x1b001b1b, 0xa400a4a4, 
+    0x15001515, 0x34003434, 0x1e001e1e, 0x1c001c1c, 0xf800f8f8, 0x52005252, 
+    0x20002020, 0x14001414, 0xe900e9e9, 0xbd00bdbd, 0xdd00dddd, 0xe400e4e4, 
+    0xa100a1a1, 0xe000e0e0, 0x8a008a8a, 0xf100f1f1, 0xd600d6d6, 0x7a007a7a, 
+    0xbb00bbbb, 0xe300e3e3, 0x40004040, 0x4f004f4f }
+};
+
+/* Key generation constants */
+static const u32 SIGMA[] = {
+    0xa09e667f, 0x3bcc908b, 0xb67ae858, 0x4caa73b2, 0xc6ef372f, 0xe94f82be,
+    0x54ff53a5, 0xf1d36f1c, 0x10e527fa, 0xde682d1d, 0xb05688c2, 0xb3e6c1fd
+};
+
+/* The phi algorithm given in C.2.7 of the Camellia spec document. */
+/*
+ * This version does not attempt to minimize amount of temporary
+ * variables, but instead explicitly exposes algorithm's parallelism.
+ * It is therefore most appropriate for platforms with not less than
+ * ~16 registers. For platforms with less registers [well, x86 to be
+ * specific] assembler version should be/is provided anyway...
+ */
+#define Camellia_Feistel(_s0,_s1,_s2,_s3,_key) do {\
+	register u32 _t0,_t1,_t2,_t3;\
+\
+	_t0  = _s0 ^ (_key)[0];\
+	_t3  = SBOX4_4404[_t0&0xff];\
+	_t1  = _s1 ^ (_key)[1];\
+	_t3 ^= SBOX3_3033[(_t0 >> 8)&0xff];\
+	_t2  = SBOX1_1110[_t1&0xff];\
+	_t3 ^= SBOX2_0222[(_t0 >> 16)&0xff];\
+	_t2 ^= SBOX4_4404[(_t1 >> 8)&0xff];\
+	_t3 ^= SBOX1_1110[(_t0 >> 24)];\
+	_t2 ^= _t3;\
+	_t3  = RightRotate(_t3,8);\
+	_t2 ^= SBOX3_3033[(_t1 >> 16)&0xff];\
+	_s3 ^= _t3;\
+	_t2 ^= SBOX2_0222[(_t1 >> 24)];\
+	_s2 ^= _t2; \
+	_s3 ^= _t2;\
+} while(0)
+
+/*
+ * Note that n has to be less than 32. Rotations for larger amount
+ * of bits are achieved by "rotating" order of s-elements and
+ * adjusting n accordingly, e.g. RotLeft128(s1,s2,s3,s0,n-32).
+ */
+#define RotLeft128(_s0,_s1,_s2,_s3,_n) do {\
+	u32 _t0=_s0>>(32-_n);\
+	_s0 = (_s0<<_n) | (_s1>>(32-_n));\
+	_s1 = (_s1<<_n) | (_s2>>(32-_n));\
+	_s2 = (_s2<<_n) | (_s3>>(32-_n));\
+	_s3 = (_s3<<_n) | _t0;\
+} while (0)
+
+int Camellia_Ekeygen(int keyBitLength, const u8 *rawKey, KEY_TABLE_TYPE k)
+	{
+	register u32 s0,s1,s2,s3;
+
+	k[0] = s0 = GETU32(rawKey);
+	k[1] = s1 = GETU32(rawKey+4);
+	k[2] = s2 = GETU32(rawKey+8);
+	k[3] = s3 = GETU32(rawKey+12);
+
+	if (keyBitLength != 128)
+		{
+		k[8] = s0 = GETU32(rawKey+16);
+		k[9] = s1 = GETU32(rawKey+20);
+		if (keyBitLength == 192)
+			{
+			k[10] = s2 = ~s0;
+			k[11] = s3 = ~s1;
+			}
+		else
+			{
+			k[10] = s2 = GETU32(rawKey+24);
+			k[11] = s3 = GETU32(rawKey+28);
+			}
+		s0 ^= k[0], s1 ^= k[1], s2 ^= k[2], s3 ^= k[3];
+		}
+
+	/* Use the Feistel routine to scramble the key material */
+	Camellia_Feistel(s0,s1,s2,s3,SIGMA+0);
+	Camellia_Feistel(s2,s3,s0,s1,SIGMA+2);
+
+	s0 ^= k[0], s1 ^= k[1], s2 ^= k[2], s3 ^= k[3];
+	Camellia_Feistel(s0,s1,s2,s3,SIGMA+4);
+	Camellia_Feistel(s2,s3,s0,s1,SIGMA+6);
+
+	/* Fill the keyTable. Requires many block rotations. */
+	if (keyBitLength == 128)
+		{
+		k[ 4] = s0, k[ 5] = s1, k[ 6] = s2, k[ 7] = s3;
+		RotLeft128(s0,s1,s2,s3,15);	/* KA <<< 15 */
+		k[12] = s0, k[13] = s1, k[14] = s2, k[15] = s3;
+		RotLeft128(s0,s1,s2,s3,15);	/* KA <<< 30 */
+		k[16] = s0, k[17] = s1, k[18] = s2, k[19] = s3;
+		RotLeft128(s0,s1,s2,s3,15);	/* KA <<< 45 */
+		k[24] = s0, k[25] = s1;
+		RotLeft128(s0,s1,s2,s3,15);	/* KA <<< 60 */
+		k[28] = s0, k[29] = s1, k[30] = s2, k[31] = s3;
+		RotLeft128(s1,s2,s3,s0,2);	/* KA <<< 94 */
+		k[40] = s1, k[41] = s2, k[42] = s3, k[43] = s0;
+		RotLeft128(s1,s2,s3,s0,17);	/* KA <<<111 */
+		k[48] = s1, k[49] = s2, k[50] = s3, k[51] = s0;
+
+		s0 = k[ 0], s1 = k[ 1], s2 = k[ 2], s3 = k[ 3];
+		RotLeft128(s0,s1,s2,s3,15);	/* KL <<< 15 */
+		k[ 8] = s0, k[ 9] = s1, k[10] = s2, k[11] = s3;
+		RotLeft128(s0,s1,s2,s3,30);	/* KL <<< 45 */
+		k[20] = s0, k[21] = s1, k[22] = s2, k[23] = s3;
+		RotLeft128(s0,s1,s2,s3,15);	/* KL <<< 60 */
+		k[26] = s2, k[27] = s3;
+		RotLeft128(s0,s1,s2,s3,17);	/* KL <<< 77 */
+		k[32] = s0, k[33] = s1, k[34] = s2, k[35] = s3;
+		RotLeft128(s0,s1,s2,s3,17);	/* KL <<< 94 */
+		k[36] = s0, k[37] = s1, k[38] = s2, k[39] = s3;
+		RotLeft128(s0,s1,s2,s3,17);	/* KL <<<111 */
+		k[44] = s0, k[45] = s1, k[46] = s2, k[47] = s3;
+
+		return 3;	/* grand rounds */
+		}
+	else
+		{
+		k[12] = s0, k[13] = s1, k[14] = s2, k[15] = s3;
+		s0 ^= k[8], s1 ^= k[9], s2 ^=k[10], s3 ^=k[11];
+		Camellia_Feistel(s0,s1,s2,s3,(SIGMA+8));
+		Camellia_Feistel(s2,s3,s0,s1,(SIGMA+10));
+
+		k[ 4] = s0, k[ 5] = s1, k[ 6] = s2, k[ 7] = s3;
+		RotLeft128(s0,s1,s2,s3,30);	/* KB <<< 30 */
+		k[20] = s0, k[21] = s1, k[22] = s2, k[23] = s3;
+		RotLeft128(s0,s1,s2,s3,30);	/* KB <<< 60 */
+		k[40] = s0, k[41] = s1, k[42] = s2, k[43] = s3;
+		RotLeft128(s1,s2,s3,s0,19);	/* KB <<<111 */
+		k[64] = s1, k[65] = s2, k[66] = s3, k[67] = s0;
+
+		s0 = k[ 8], s1 = k[ 9], s2 = k[10], s3 = k[11];
+		RotLeft128(s0,s1,s2,s3,15);	/* KR <<< 15 */
+		k[ 8] = s0, k[ 9] = s1, k[10] = s2, k[11] = s3;
+		RotLeft128(s0,s1,s2,s3,15);	/* KR <<< 30 */
+		k[16] = s0, k[17] = s1, k[18] = s2, k[19] = s3;
+		RotLeft128(s0,s1,s2,s3,30);	/* KR <<< 60 */
+		k[36] = s0, k[37] = s1, k[38] = s2, k[39] = s3;
+		RotLeft128(s1,s2,s3,s0,2);	/* KR <<< 94 */
+		k[52] = s1, k[53] = s2, k[54] = s3, k[55] = s0;
+
+		s0 = k[12], s1 = k[13], s2 = k[14], s3 = k[15];
+		RotLeft128(s0,s1,s2,s3,15);	/* KA <<< 15 */
+		k[12] = s0, k[13] = s1, k[14] = s2, k[15] = s3;
+		RotLeft128(s0,s1,s2,s3,30);	/* KA <<< 45 */
+		k[28] = s0, k[29] = s1, k[30] = s2, k[31] = s3;
+						/* KA <<< 77 */
+		k[48] = s1, k[49] = s2, k[50] = s3, k[51] = s0;
+		RotLeft128(s1,s2,s3,s0,17);	/* KA <<< 94 */
+		k[56] = s1, k[57] = s2, k[58] = s3, k[59] = s0;
+
+		s0 = k[ 0], s1 = k[ 1], s2 = k[ 2], s3 = k[ 3];
+		RotLeft128(s1,s2,s3,s0,13);	/* KL <<< 45 */
+		k[24] = s1, k[25] = s2, k[26] = s3, k[27] = s0;
+		RotLeft128(s1,s2,s3,s0,15);	/* KL <<< 60 */
+		k[32] = s1, k[33] = s2, k[34] = s3, k[35] = s0;
+		RotLeft128(s1,s2,s3,s0,17);	/* KL <<< 77 */
+		k[44] = s1, k[45] = s2, k[46] = s3, k[47] = s0;
+		RotLeft128(s2,s3,s0,s1,2);	/* KL <<<111 */
+		k[60] = s2, k[61] = s3, k[62] = s0, k[63] = s1;
+
+		return 4;	/* grand rounds */
+		}
+	/*
+	 * It is possible to perform certain precalculations, which
+	 * would spare few cycles in block procedure. It's not done,
+	 * because it upsets the performance balance between key
+	 * setup and block procedures, negatively affecting overall
+	 * throughput in applications operating on short messages
+	 * and volatile keys.
+	 */ 
+	}
+
+void Camellia_EncryptBlock_Rounds(int grandRounds, const u8 plaintext[], 
+		const KEY_TABLE_TYPE keyTable, u8 ciphertext[])
+	{
+	register u32 s0,s1,s2,s3; 
+	const u32 *k = keyTable,*kend = keyTable+grandRounds*16; 
+
+	s0 = GETU32(plaintext)    ^ k[0];
+	s1 = GETU32(plaintext+4)  ^ k[1];
+	s2 = GETU32(plaintext+8)  ^ k[2];
+	s3 = GETU32(plaintext+12) ^ k[3];
+	k += 4;
+
+	while (1)
+		{
+		/* Camellia makes 6 Feistel rounds */
+		Camellia_Feistel(s0,s1,s2,s3,k+0);
+		Camellia_Feistel(s2,s3,s0,s1,k+2);
+		Camellia_Feistel(s0,s1,s2,s3,k+4);
+		Camellia_Feistel(s2,s3,s0,s1,k+6);
+		Camellia_Feistel(s0,s1,s2,s3,k+8);
+		Camellia_Feistel(s2,s3,s0,s1,k+10);
+		k += 12;
+
+		if (k == kend) break;
+
+		/* This is the same function as the diffusion function D
+		 * of the accompanying documentation. See section 3.2
+		 * for properties of the FLlayer function. */
+		s1 ^= LeftRotate(s0 & k[0], 1);
+		s2 ^= s3 | k[3];
+		s0 ^= s1 | k[1];
+		s3 ^= LeftRotate(s2 & k[2], 1);
+		k += 4;
+		}
+
+	s2 ^= k[0], s3 ^= k[1], s0 ^= k[2], s1 ^= k[3];
+
+	PUTU32(ciphertext,   s2);
+	PUTU32(ciphertext+4, s3);
+	PUTU32(ciphertext+8, s0);
+	PUTU32(ciphertext+12,s1);
+	}
+void Camellia_EncryptBlock(int keyBitLength, const u8 plaintext[], 
+		const KEY_TABLE_TYPE keyTable, u8 ciphertext[])
+	{
+	Camellia_EncryptBlock_Rounds(keyBitLength==128?3:4,
+			plaintext,keyTable,ciphertext);
+	}
+
+void Camellia_DecryptBlock_Rounds(int grandRounds, const u8 ciphertext[], 
+		const KEY_TABLE_TYPE keyTable, u8 plaintext[])
+	{
+	u32 s0,s1,s2,s3; 
+	const u32 *k = keyTable+grandRounds*16,*kend = keyTable+4; 
+
+	s0 = GETU32(ciphertext)    ^ k[0];
+	s1 = GETU32(ciphertext+4)  ^ k[1];
+	s2 = GETU32(ciphertext+8)  ^ k[2];
+	s3 = GETU32(ciphertext+12) ^ k[3];
+
+	while (1)
+		{
+		/* Camellia makes 6 Feistel rounds */
+		k -= 12;
+		Camellia_Feistel(s0,s1,s2,s3,k+10);
+		Camellia_Feistel(s2,s3,s0,s1,k+8);
+		Camellia_Feistel(s0,s1,s2,s3,k+6);
+		Camellia_Feistel(s2,s3,s0,s1,k+4);
+		Camellia_Feistel(s0,s1,s2,s3,k+2);
+		Camellia_Feistel(s2,s3,s0,s1,k+0);
+
+		if (k == kend) break;
+
+		/* This is the same function as the diffusion function D
+		 * of the accompanying documentation. See section 3.2
+		 * for properties of the FLlayer function. */
+		k -= 4;
+		s1 ^= LeftRotate(s0 & k[2], 1);
+		s2 ^= s3 | k[1];
+		s0 ^= s1 | k[3];
+		s3 ^= LeftRotate(s2 & k[0], 1);
+		}
+
+	k -= 4;
+	s2 ^= k[0], s3 ^= k[1], s0 ^= k[2], s1 ^= k[3];
+
+	PUTU32(plaintext,   s2);
+	PUTU32(plaintext+4, s3);
+	PUTU32(plaintext+8, s0);
+	PUTU32(plaintext+12,s1);
+	}
+void Camellia_DecryptBlock(int keyBitLength, const u8 plaintext[], 
+		const KEY_TABLE_TYPE keyTable, u8 ciphertext[])
+	{
+	Camellia_DecryptBlock_Rounds(keyBitLength==128?3:4,
+			plaintext,keyTable,ciphertext);
+	}
diff --git a/crypto/camellia/camellia.h b/crypto/camellia/camellia.h
new file mode 100644
index 0000000000..cf0457dd97
--- /dev/null
+++ b/crypto/camellia/camellia.h
@@ -0,0 +1,126 @@
+/* crypto/camellia/camellia.h -*- mode:C; c-file-style: "eay" -*- */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#ifndef HEADER_CAMELLIA_H
+#define HEADER_CAMELLIA_H
+
+#include <openssl/opensslconf.h>
+
+#ifdef OPENSSL_NO_CAMELLIA
+#error CAMELLIA is disabled.
+#endif
+
+#include <stddef.h>
+
+#define CAMELLIA_ENCRYPT	1
+#define CAMELLIA_DECRYPT	0
+
+/* Because array size can't be a const in C, the following two are macros.
+   Both sizes are in bytes. */
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+/* This should be a hidden type, but EVP requires that the size be known */
+
+#define CAMELLIA_BLOCK_SIZE 16
+#define CAMELLIA_TABLE_BYTE_LEN 272
+#define CAMELLIA_TABLE_WORD_LEN (CAMELLIA_TABLE_BYTE_LEN / 4)
+
+typedef unsigned int KEY_TABLE_TYPE[CAMELLIA_TABLE_WORD_LEN]; /* to match with WORD */
+
+struct camellia_key_st 
+	{
+	union	{
+		double d;	/* ensures 64-bit align */
+		KEY_TABLE_TYPE rd_key;
+		} u;
+	int grand_rounds;
+	};
+typedef struct camellia_key_st CAMELLIA_KEY;
+
+int Camellia_set_key(const unsigned char *userKey, const int bits,
+	CAMELLIA_KEY *key);
+
+void Camellia_encrypt(const unsigned char *in, unsigned char *out,
+	const CAMELLIA_KEY *key);
+void Camellia_decrypt(const unsigned char *in, unsigned char *out,
+	const CAMELLIA_KEY *key);
+
+void Camellia_ecb_encrypt(const unsigned char *in, unsigned char *out,
+	const CAMELLIA_KEY *key, const int enc);
+void Camellia_cbc_encrypt(const unsigned char *in, unsigned char *out,
+	size_t length, const CAMELLIA_KEY *key,
+	unsigned char *ivec, const int enc);
+void Camellia_cfb128_encrypt(const unsigned char *in, unsigned char *out,
+	size_t length, const CAMELLIA_KEY *key,
+	unsigned char *ivec, int *num, const int enc);
+void Camellia_cfb1_encrypt(const unsigned char *in, unsigned char *out,
+	size_t length, const CAMELLIA_KEY *key,
+	unsigned char *ivec, int *num, const int enc);
+void Camellia_cfb8_encrypt(const unsigned char *in, unsigned char *out,
+	size_t length, const CAMELLIA_KEY *key,
+	unsigned char *ivec, int *num, const int enc);
+void Camellia_ofb128_encrypt(const unsigned char *in, unsigned char *out,
+	size_t length, const CAMELLIA_KEY *key,
+	unsigned char *ivec, int *num);
+void Camellia_ctr128_encrypt(const unsigned char *in, unsigned char *out,
+	size_t length, const CAMELLIA_KEY *key,
+	unsigned char ivec[CAMELLIA_BLOCK_SIZE],
+	unsigned char ecount_buf[CAMELLIA_BLOCK_SIZE],
+	unsigned int *num);
+
+#ifdef  __cplusplus
+}
+#endif
+
+#endif /* !HEADER_Camellia_H */
diff --git a/crypto/camellia/cmll_cbc.c b/crypto/camellia/cmll_cbc.c
new file mode 100644
index 0000000000..4c8d455ade
--- /dev/null
+++ b/crypto/camellia/cmll_cbc.c
@@ -0,0 +1,64 @@
+/* crypto/camellia/camellia_cbc.c -*- mode:C; c-file-style: "eay" -*- */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#include <openssl/camellia.h>
+#include <openssl/modes.h>
+
+void Camellia_cbc_encrypt(const unsigned char *in, unsigned char *out,
+	size_t len, const CAMELLIA_KEY *key,
+	unsigned char *ivec, const int enc) 
+	{
+
+	if (enc)
+		CRYPTO_cbc128_encrypt(in,out,len,key,ivec,(block128_f)Camellia_encrypt);
+	else
+		CRYPTO_cbc128_decrypt(in,out,len,key,ivec,(block128_f)Camellia_decrypt);
+	}
diff --git a/crypto/camellia/cmll_cfb.c b/crypto/camellia/cmll_cfb.c
new file mode 100644
index 0000000000..3d81b51d3f
--- /dev/null
+++ b/crypto/camellia/cmll_cfb.c
@@ -0,0 +1,139 @@
+/* crypto/camellia/camellia_cfb.c -*- mode:C; c-file-style: "eay" -*- */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <openssl/camellia.h>
+#include <openssl/modes.h>
+
+
+/* The input and output encrypted as though 128bit cfb mode is being
+ * used.  The extra state information to record how much of the
+ * 128bit block we have used is contained in *num;
+ */
+
+void Camellia_cfb128_encrypt(const unsigned char *in, unsigned char *out,
+	size_t length, const CAMELLIA_KEY *key,
+	unsigned char *ivec, int *num, const int enc)
+	{
+
+	CRYPTO_cfb128_encrypt(in,out,length,key,ivec,num,enc,(block128_f)Camellia_encrypt);
+	}
+
+/* N.B. This expects the input to be packed, MS bit first */
+void Camellia_cfb1_encrypt(const unsigned char *in, unsigned char *out,
+	size_t length, const CAMELLIA_KEY *key,
+	unsigned char *ivec, int *num, const int enc)
+	{
+	CRYPTO_cfb128_1_encrypt(in,out,length,key,ivec,num,enc,(block128_f)Camellia_encrypt);
+	}
+
+void Camellia_cfb8_encrypt(const unsigned char *in, unsigned char *out,
+	size_t length, const CAMELLIA_KEY *key,
+	unsigned char *ivec, int *num, const int enc)
+	{
+	CRYPTO_cfb128_8_encrypt(in,out,length,key,ivec,num,enc,(block128_f)Camellia_encrypt);
+	}
+
diff --git a/crypto/camellia/cmll_ctr.c b/crypto/camellia/cmll_ctr.c
new file mode 100644
index 0000000000..014e621a34
--- /dev/null
+++ b/crypto/camellia/cmll_ctr.c
@@ -0,0 +1,64 @@
+/* crypto/camellia/camellia_ctr.c -*- mode:C; c-file-style: "eay" -*- */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#include <openssl/camellia.h>
+#include <openssl/modes.h>
+
+void Camellia_ctr128_encrypt(const unsigned char *in, unsigned char *out,
+	size_t length, const CAMELLIA_KEY *key,
+	unsigned char ivec[CAMELLIA_BLOCK_SIZE],
+	unsigned char ecount_buf[CAMELLIA_BLOCK_SIZE],
+	unsigned int *num) 
+	{
+
+	CRYPTO_ctr128_encrypt(in,out,length,key,ivec,ecount_buf,num,(block128_f)Camellia_encrypt);
+	}
+
diff --git a/crypto/camellia/cmll_ecb.c b/crypto/camellia/cmll_ecb.c
new file mode 100644
index 0000000000..70dc0e5632
--- /dev/null
+++ b/crypto/camellia/cmll_ecb.c
@@ -0,0 +1,74 @@
+/* crypto/camellia/camellia_ecb.c -*- mode:C; c-file-style: "eay" -*- */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#ifndef CAMELLIA_DEBUG
+# ifndef NDEBUG
+#  define NDEBUG
+# endif
+#endif
+#include <assert.h>
+
+#include <openssl/camellia.h>
+#include "cmll_locl.h"
+
+void Camellia_ecb_encrypt(const unsigned char *in, unsigned char *out,
+	const CAMELLIA_KEY *key, const int enc) 
+	{
+
+	assert(in && out && key);
+	assert((CAMELLIA_ENCRYPT == enc)||(CAMELLIA_DECRYPT == enc));
+
+	if (CAMELLIA_ENCRYPT == enc)
+		Camellia_encrypt(in, out, key);
+	else
+		Camellia_decrypt(in, out, key);
+	}
+
diff --git a/crypto/camellia/cmll_locl.h b/crypto/camellia/cmll_locl.h
new file mode 100644
index 0000000000..4a4d880d16
--- /dev/null
+++ b/crypto/camellia/cmll_locl.h
@@ -0,0 +1,83 @@
+/* crypto/camellia/camellia_locl.h -*- mode:C; c-file-style: "eay" -*- */
+/* ====================================================================
+ * Copyright 2006 NTT (Nippon Telegraph and Telephone Corporation) . 
+ * ALL RIGHTS RESERVED.
+ *
+ * Intellectual Property information for Camellia:
+ *     http://info.isl.ntt.co.jp/crypt/eng/info/chiteki.html
+ *
+ * News Release for Announcement of Camellia open source:
+ *     http://www.ntt.co.jp/news/news06e/0604/060413a.html
+ *
+ * The Camellia Code included herein is developed by
+ * NTT (Nippon Telegraph and Telephone Corporation), and is contributed
+ * to the OpenSSL project.
+ *
+ * The Camellia Code is licensed pursuant to the OpenSSL open source
+ * license provided below.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+#ifndef HEADER_CAMELLIA_LOCL_H
+#define HEADER_CAMELLIA_LOCL_H
+
+typedef unsigned int  u32;
+typedef unsigned char u8;
+
+int Camellia_Ekeygen(int keyBitLength, const u8 *rawKey, KEY_TABLE_TYPE keyTable);
+void Camellia_EncryptBlock_Rounds(int grandRounds, const u8 plaintext[], 
+		const KEY_TABLE_TYPE keyTable, u8 ciphertext[]);
+void Camellia_DecryptBlock_Rounds(int grandRounds, const u8 ciphertext[], 
+		const KEY_TABLE_TYPE keyTable, u8 plaintext[]);
+void Camellia_EncryptBlock(int keyBitLength, const u8 plaintext[], 
+		const KEY_TABLE_TYPE keyTable, u8 ciphertext[]);
+void Camellia_DecryptBlock(int keyBitLength, const u8 ciphertext[], 
+		const KEY_TABLE_TYPE keyTable, u8 plaintext[]);
+#endif /* #ifndef HEADER_CAMELLIA_LOCL_H */
diff --git a/crypto/camellia/cmll_misc.c b/crypto/camellia/cmll_misc.c
new file mode 100644
index 0000000000..f44689124b
--- /dev/null
+++ b/crypto/camellia/cmll_misc.c
@@ -0,0 +1,79 @@
+/* crypto/camellia/camellia_misc.c -*- mode:C; c-file-style: "eay" -*- */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+ 
+#include <openssl/opensslv.h>
+#include <openssl/camellia.h>
+#include "cmll_locl.h"
+
+const char CAMELLIA_version[]="CAMELLIA" OPENSSL_VERSION_PTEXT;
+
+int Camellia_set_key(const unsigned char *userKey, const int bits,
+	CAMELLIA_KEY *key)
+	{
+	if(!userKey || !key)
+		return -1;
+	if(bits != 128 && bits != 192 && bits != 256)
+		return -2;
+	key->grand_rounds = Camellia_Ekeygen(bits , userKey, key->u.rd_key);
+	return 0;
+	}
+
+void Camellia_encrypt(const unsigned char *in, unsigned char *out,
+	const CAMELLIA_KEY *key)
+	{
+	Camellia_EncryptBlock_Rounds(key->grand_rounds, in , key->u.rd_key , out);
+	}
+
+void Camellia_decrypt(const unsigned char *in, unsigned char *out,
+	const CAMELLIA_KEY *key)
+	{
+	Camellia_DecryptBlock_Rounds(key->grand_rounds, in , key->u.rd_key , out);
+	}
diff --git a/crypto/tmdiff.h b/crypto/camellia/cmll_ofb.c
index af5c41c649..a482befc74 100644
--- a/crypto/tmdiff.h
+++ b/crypto/camellia/cmll_ofb.c
@@ -1,4 +1,53 @@
-/* crypto/tmdiff.h */
+/* crypto/camellia/camellia_ofb.c -*- mode:C; c-file-style: "eay" -*- */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -56,38 +105,15 @@
  * [including the GNU Public Licence.]
  */
 
-/* Header for dynamic hash table routines
- * Author - Eric Young
- */
-/* ... erm yeah, "dynamic hash tables" you say?
- * 
- * And what would dynamic hash tables have to do with any of this code *now*?
- * AFAICS, this code is only referenced by crypto/bn/exp.c which is an unused
- * file that I doubt compiles any more. speed.c is the only thing that could
- * use this (and it has nothing to do with hash tables), yet it instead has its
- * own duplication of all this stuff and looks, if anything, more complete. See
- * the corresponding note in apps/speed.c.
- * The Bemused - Geoff
- */
-
-#ifndef HEADER_TMDIFF_H
-#define HEADER_TMDIFF_H
+#include <openssl/camellia.h>
+#include <openssl/modes.h>
 
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-typedef struct ms_tm MS_TM;
-
-MS_TM *ms_time_new(void );
-void ms_time_free(MS_TM *a);
-void ms_time_get(MS_TM *a);
-double ms_time_diff(MS_TM *start, MS_TM *end);
-int ms_time_cmp(const MS_TM *ap, const MS_TM *bp);
-
-#ifdef  __cplusplus
+/* The input and output encrypted as though 128bit ofb mode is being
+ * used.  The extra state information to record how much of the
+ * 128bit block we have used is contained in *num;
+ */
+void Camellia_ofb128_encrypt(const unsigned char *in, unsigned char *out,
+	size_t length, const CAMELLIA_KEY *key,
+	unsigned char *ivec, int *num) {
+	CRYPTO_ofb128_encrypt(in,out,length,key,ivec,num,(block128_f)Camellia_encrypt);
 }
-#endif
-
-#endif
-
diff --git a/crypto/cast/.cvsignore b/crypto/cast/.cvsignore
index c6d03a9dbc..7075b5d663 100644
--- a/crypto/cast/.cvsignore
+++ b/crypto/cast/.cvsignore
@@ -1,2 +1,6 @@
 lib
 Makefile.save
+*.flc
+semantic.cache
+cx86-*.s
+cast-586.s
diff --git a/crypto/cast/Makefile.ssl b/crypto/cast/Makefile.ssl
deleted file mode 100644
index 5ff5b7a715..0000000000
--- a/crypto/cast/Makefile.ssl
+++ /dev/null
@@ -1,111 +0,0 @@
-#
-# SSLeay/crypto/cast/Makefile
-#
-
-DIR=	cast
-TOP=	../..
-CC=	cc
-CPP=	$(CC) -E
-INCLUDES=
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CAST_ENC=c_enc.o
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-ASFLAGS= $(INCLUDES) $(ASFLAG)
-AFLAGS= $(ASFLAGS)
-
-GENERAL=Makefile
-TEST=casttest.c
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=c_skey.c c_ecb.c c_enc.c c_cfb64.c c_ofb64.c 
-LIBOBJ=c_skey.o c_ecb.o $(CAST_ENC) c_cfb64.o c_ofb64.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= cast.h
-HEADER=	cast_s.h cast_lcl.h $(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-# ELF
-cx86-elf.s: asm/cast-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
-	(cd asm; $(PERL) cast-586.pl elf $(CLAGS) $(PROCESSOR) > ../$@)
-# COFF
-cx86-cof.s: asm/cast-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
-	(cd asm; $(PERL) cast-586.pl coff $(CLAGS) $(PROCESSOR) > ../$@)
-# a.out
-cx86-out.s: asm/cast-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
-	(cd asm; $(PERL) cast-586.pl a.out $(CLAGS) $(PROCESSOR) > ../$@)
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@sh $(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-c_cfb64.o: ../../e_os.h ../../include/openssl/cast.h
-c_cfb64.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
-c_cfb64.o: c_cfb64.c cast_lcl.h
-c_ecb.o: ../../e_os.h ../../include/openssl/cast.h
-c_ecb.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
-c_ecb.o: ../../include/openssl/opensslv.h c_ecb.c cast_lcl.h
-c_enc.o: ../../e_os.h ../../include/openssl/cast.h
-c_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
-c_enc.o: c_enc.c cast_lcl.h
-c_ofb64.o: ../../e_os.h ../../include/openssl/cast.h
-c_ofb64.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
-c_ofb64.o: c_ofb64.c cast_lcl.h
-c_skey.o: ../../e_os.h ../../include/openssl/cast.h
-c_skey.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
-c_skey.o: c_skey.c cast_lcl.h cast_s.h
diff --git a/crypto/cast/asm/.cvsignore b/crypto/cast/asm/.cvsignore
index d6bf08ba1b..322fa86f77 100644
--- a/crypto/cast/asm/.cvsignore
+++ b/crypto/cast/asm/.cvsignore
@@ -1,2 +1,4 @@
 cx86unix.cpp
 cx86-elf.s
+*.flc
+semantic.cache
diff --git a/crypto/cast/asm/cast-586.pl b/crypto/cast/asm/cast-586.pl
index 6be0bfe572..bf6810d335 100644
--- a/crypto/cast/asm/cast-586.pl
+++ b/crypto/cast/asm/cast-586.pl
@@ -3,7 +3,8 @@
 # define for pentium pro friendly version
 $ppro=1;
 
-push(@INC,"perlasm","../../perlasm");
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+push(@INC,"${dir}","${dir}../../perlasm");
 require "x86asm.pl";
 require "cbc.pl";
 
diff --git a/crypto/cast/c_cfb64.c b/crypto/cast/c_cfb64.c
index 514c005c32..dcec13a201 100644
--- a/crypto/cast/c_cfb64.c
+++ b/crypto/cast/c_cfb64.c
@@ -65,7 +65,7 @@
  */
 
 void CAST_cfb64_encrypt(const unsigned char *in, unsigned char *out,
-			long length, CAST_KEY *schedule, unsigned char *ivec,
+			long length, const CAST_KEY *schedule, unsigned char *ivec,
 			int *num, int enc)
 	{
 	register CAST_LONG v0,v1,t;
@@ -119,4 +119,3 @@ void CAST_cfb64_encrypt(const unsigned char *in, unsigned char *out,
 	v0=v1=ti[0]=ti[1]=t=c=cc=0;
 	*num=n;
 	}
-
diff --git a/crypto/cast/c_ecb.c b/crypto/cast/c_ecb.c
index 0b3da9ad87..b6a3b1fff9 100644
--- a/crypto/cast/c_ecb.c
+++ b/crypto/cast/c_ecb.c
@@ -60,10 +60,10 @@
 #include "cast_lcl.h"
 #include <openssl/opensslv.h>
 
-const char *CAST_version="CAST" OPENSSL_VERSION_PTEXT;
+const char CAST_version[]="CAST" OPENSSL_VERSION_PTEXT;
 
 void CAST_ecb_encrypt(const unsigned char *in, unsigned char *out,
-		      CAST_KEY *ks, int enc)
+		      const CAST_KEY *ks, int enc)
 	{
 	CAST_LONG l,d[2];
 
@@ -77,4 +77,3 @@ void CAST_ecb_encrypt(const unsigned char *in, unsigned char *out,
 	l=d[1]; l2n(l,out);
 	l=d[0]=d[1]=0;
 	}
-
diff --git a/crypto/cast/c_enc.c b/crypto/cast/c_enc.c
index 0fe2cffecc..357c41ebf0 100644
--- a/crypto/cast/c_enc.c
+++ b/crypto/cast/c_enc.c
@@ -59,9 +59,10 @@
 #include <openssl/cast.h>
 #include "cast_lcl.h"
 
-void CAST_encrypt(CAST_LONG *data, CAST_KEY *key)
+void CAST_encrypt(CAST_LONG *data, const CAST_KEY *key)
 	{
-	register CAST_LONG l,r,*k,t;
+	register CAST_LONG l,r,t;
+	const register CAST_LONG *k;
 
 	k= &(key->data[0]);
 	l=data[0];
@@ -91,9 +92,10 @@ void CAST_encrypt(CAST_LONG *data, CAST_KEY *key)
 	data[0]=r&0xffffffffL;
 	}
 
-void CAST_decrypt(CAST_LONG *data, CAST_KEY *key)
+void CAST_decrypt(CAST_LONG *data, const CAST_KEY *key)
 	{
-	register CAST_LONG l,r,*k,t;
+	register CAST_LONG l,r,t;
+	const register CAST_LONG *k;
 
 	k= &(key->data[0]);
 	l=data[0];
@@ -124,7 +126,7 @@ void CAST_decrypt(CAST_LONG *data, CAST_KEY *key)
 	}
 
 void CAST_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
-	     CAST_KEY *ks, unsigned char *iv, int enc)
+	     const CAST_KEY *ks, unsigned char *iv, int enc)
 	{
 	register CAST_LONG tin0,tin1;
 	register CAST_LONG tout0,tout1,xor0,xor1;
@@ -204,4 +206,3 @@ void CAST_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
 	tin0=tin1=tout0=tout1=xor0=xor1=0;
 	tin[0]=tin[1]=0;
 	}
-
diff --git a/crypto/cast/c_ofb64.c b/crypto/cast/c_ofb64.c
index fd0469a62f..cb3222456c 100644
--- a/crypto/cast/c_ofb64.c
+++ b/crypto/cast/c_ofb64.c
@@ -64,7 +64,7 @@
  * 64bit block we have used is contained in *num;
  */
 void CAST_ofb64_encrypt(const unsigned char *in, unsigned char *out,
-			long length, CAST_KEY *schedule, unsigned char *ivec,
+			long length, const CAST_KEY *schedule, unsigned char *ivec,
 			int *num)
 	{
 	register CAST_LONG v0,v1,t;
@@ -108,4 +108,3 @@ void CAST_ofb64_encrypt(const unsigned char *in, unsigned char *out,
 	t=v0=v1=ti[0]=ti[1]=0;
 	*num=n;
 	}
-
diff --git a/crypto/cast/cast.h b/crypto/cast/cast.h
index 90b45b950a..1a264f8143 100644
--- a/crypto/cast/cast.h
+++ b/crypto/cast/cast.h
@@ -72,7 +72,7 @@ extern "C" {
 #define CAST_ENCRYPT	1
 #define CAST_DECRYPT	0
 
-#define CAST_LONG unsigned long
+#define CAST_LONG unsigned int
 
 #define CAST_BLOCK	8
 #define CAST_KEY_LENGTH	16
@@ -85,17 +85,17 @@ typedef struct cast_key_st
 
  
 void CAST_set_key(CAST_KEY *key, int len, const unsigned char *data);
-void CAST_ecb_encrypt(const unsigned char *in,unsigned char *out,CAST_KEY *key,
+void CAST_ecb_encrypt(const unsigned char *in, unsigned char *out, const CAST_KEY *key,
 		      int enc);
-void CAST_encrypt(CAST_LONG *data,CAST_KEY *key);
-void CAST_decrypt(CAST_LONG *data,CAST_KEY *key);
+void CAST_encrypt(CAST_LONG *data, const CAST_KEY *key);
+void CAST_decrypt(CAST_LONG *data, const CAST_KEY *key);
 void CAST_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
-		      CAST_KEY *ks, unsigned char *iv, int enc);
+		      const CAST_KEY *ks, unsigned char *iv, int enc);
 void CAST_cfb64_encrypt(const unsigned char *in, unsigned char *out,
-			long length, CAST_KEY *schedule, unsigned char *ivec,
+			long length, const CAST_KEY *schedule, unsigned char *ivec,
 			int *num, int enc);
 void CAST_ofb64_encrypt(const unsigned char *in, unsigned char *out, 
-			long length, CAST_KEY *schedule, unsigned char *ivec,
+			long length, const CAST_KEY *schedule, unsigned char *ivec,
 			int *num);
 
 #ifdef  __cplusplus
diff --git a/crypto/cast/cast_lcl.h b/crypto/cast/cast_lcl.h
index 37f41cc6a4..e756021a33 100644
--- a/crypto/cast/cast_lcl.h
+++ b/crypto/cast/cast_lcl.h
@@ -64,11 +64,6 @@
 #endif
 
 
-#ifdef OPENSSL_BUILD_SHLIBCRYPTO
-# undef OPENSSL_EXTERN
-# define OPENSSL_EXTERN OPENSSL_EXPORT
-#endif
-
 #undef c2l
 #define c2l(c,l)	(l =((unsigned long)(*((c)++)))    , \
 			 l|=((unsigned long)(*((c)++)))<< 8L, \
@@ -222,11 +217,11 @@
 	}
 #endif
 
-OPENSSL_EXTERN const CAST_LONG CAST_S_table0[256];
-OPENSSL_EXTERN const CAST_LONG CAST_S_table1[256];
-OPENSSL_EXTERN const CAST_LONG CAST_S_table2[256];
-OPENSSL_EXTERN const CAST_LONG CAST_S_table3[256];
-OPENSSL_EXTERN const CAST_LONG CAST_S_table4[256];
-OPENSSL_EXTERN const CAST_LONG CAST_S_table5[256];
-OPENSSL_EXTERN const CAST_LONG CAST_S_table6[256];
-OPENSSL_EXTERN const CAST_LONG CAST_S_table7[256];
+extern const CAST_LONG CAST_S_table0[256];
+extern const CAST_LONG CAST_S_table1[256];
+extern const CAST_LONG CAST_S_table2[256];
+extern const CAST_LONG CAST_S_table3[256];
+extern const CAST_LONG CAST_S_table4[256];
+extern const CAST_LONG CAST_S_table5[256];
+extern const CAST_LONG CAST_S_table6[256];
+extern const CAST_LONG CAST_S_table7[256];
diff --git a/crypto/cms/.cvsignore b/crypto/cms/.cvsignore
new file mode 100644
index 0000000000..439e6d3eb6
--- /dev/null
+++ b/crypto/cms/.cvsignore
@@ -0,0 +1,4 @@
+lib
+Makefile.save
+*.flc
+semantic.cache
diff --git a/crypto/cms/Makefile b/crypto/cms/Makefile
new file mode 100644
index 0000000000..9820adb212
--- /dev/null
+++ b/crypto/cms/Makefile
@@ -0,0 +1,284 @@
+#
+# OpenSSL/crypto/cms/Makefile
+#
+
+DIR=	cms
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= cms_lib.c cms_asn1.c cms_att.c cms_io.c cms_smime.c cms_err.c \
+	cms_sd.c cms_dd.c cms_cd.c cms_env.c cms_enc.c cms_ess.c \
+	cms_pwri.c
+LIBOBJ= cms_lib.o cms_asn1.o cms_att.o cms_io.o cms_smime.o cms_err.o \
+	cms_sd.o cms_dd.o cms_cd.o cms_env.o cms_enc.o cms_ess.o \
+	cms_pwri.o
+
+SRC= $(LIBSRC)
+
+EXHEADER=  cms.h
+HEADER=	cms_lcl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+test:
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+cms_asn1.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+cms_asn1.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+cms_asn1.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+cms_asn1.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+cms_asn1.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+cms_asn1.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+cms_asn1.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+cms_asn1.o: ../../include/openssl/opensslconf.h
+cms_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+cms_asn1.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+cms_asn1.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+cms_asn1.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+cms_asn1.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+cms_asn1.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+cms_asn1.o: cms.h cms_asn1.c cms_lcl.h
+cms_att.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+cms_att.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+cms_att.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+cms_att.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+cms_att.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+cms_att.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+cms_att.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+cms_att.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+cms_att.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+cms_att.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+cms_att.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+cms_att.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+cms_att.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+cms_att.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+cms_att.o: cms.h cms_att.c cms_lcl.h
+cms_cd.o: ../../e_os.h ../../include/openssl/asn1.h
+cms_cd.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+cms_cd.o: ../../include/openssl/buffer.h ../../include/openssl/cms.h
+cms_cd.o: ../../include/openssl/comp.h ../../include/openssl/conf.h
+cms_cd.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+cms_cd.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+cms_cd.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
+cms_cd.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+cms_cd.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+cms_cd.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+cms_cd.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
+cms_cd.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
+cms_cd.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+cms_cd.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+cms_cd.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+cms_cd.o: ../../include/openssl/x509v3.h ../cryptlib.h cms_cd.c cms_lcl.h
+cms_dd.o: ../../e_os.h ../../include/openssl/asn1.h
+cms_dd.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+cms_dd.o: ../../include/openssl/buffer.h ../../include/openssl/cms.h
+cms_dd.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+cms_dd.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+cms_dd.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+cms_dd.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+cms_dd.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+cms_dd.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+cms_dd.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+cms_dd.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+cms_dd.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+cms_dd.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+cms_dd.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+cms_dd.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+cms_dd.o: ../cryptlib.h cms_dd.c cms_lcl.h
+cms_enc.o: ../../e_os.h ../../include/openssl/asn1.h
+cms_enc.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+cms_enc.o: ../../include/openssl/buffer.h ../../include/openssl/cms.h
+cms_enc.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+cms_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+cms_enc.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+cms_enc.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+cms_enc.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+cms_enc.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+cms_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+cms_enc.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+cms_enc.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+cms_enc.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+cms_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+cms_enc.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+cms_enc.o: ../../include/openssl/x509v3.h ../cryptlib.h cms_enc.c cms_lcl.h
+cms_env.o: ../../e_os.h ../../include/openssl/aes.h
+cms_env.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+cms_env.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+cms_env.o: ../../include/openssl/cms.h ../../include/openssl/conf.h
+cms_env.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+cms_env.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+cms_env.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
+cms_env.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+cms_env.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+cms_env.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+cms_env.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
+cms_env.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
+cms_env.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+cms_env.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+cms_env.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+cms_env.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+cms_env.o: ../asn1/asn1_locl.h ../cryptlib.h cms_env.c cms_lcl.h
+cms_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+cms_err.o: ../../include/openssl/buffer.h ../../include/openssl/cms.h
+cms_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+cms_err.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+cms_err.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
+cms_err.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+cms_err.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+cms_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+cms_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+cms_err.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+cms_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+cms_err.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+cms_err.o: cms_err.c
+cms_ess.o: ../../e_os.h ../../include/openssl/asn1.h
+cms_ess.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+cms_ess.o: ../../include/openssl/buffer.h ../../include/openssl/cms.h
+cms_ess.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+cms_ess.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+cms_ess.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+cms_ess.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+cms_ess.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+cms_ess.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+cms_ess.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+cms_ess.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+cms_ess.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+cms_ess.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+cms_ess.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+cms_ess.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+cms_ess.o: ../../include/openssl/x509v3.h ../cryptlib.h cms_ess.c cms_lcl.h
+cms_io.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+cms_io.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+cms_io.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+cms_io.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+cms_io.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
+cms_io.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+cms_io.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+cms_io.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+cms_io.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
+cms_io.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
+cms_io.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+cms_io.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+cms_io.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h cms.h
+cms_io.o: cms_io.c cms_lcl.h
+cms_lib.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+cms_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+cms_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+cms_lib.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+cms_lib.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
+cms_lib.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+cms_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+cms_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+cms_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
+cms_lib.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
+cms_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+cms_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+cms_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h cms.h
+cms_lib.o: cms_lcl.h cms_lib.c
+cms_pwri.o: ../../e_os.h ../../include/openssl/aes.h
+cms_pwri.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+cms_pwri.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+cms_pwri.o: ../../include/openssl/cms.h ../../include/openssl/conf.h
+cms_pwri.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+cms_pwri.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+cms_pwri.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
+cms_pwri.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+cms_pwri.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+cms_pwri.o: ../../include/openssl/opensslconf.h
+cms_pwri.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+cms_pwri.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+cms_pwri.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+cms_pwri.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+cms_pwri.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+cms_pwri.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+cms_pwri.o: ../../include/openssl/x509v3.h ../asn1/asn1_locl.h ../cryptlib.h
+cms_pwri.o: cms_lcl.h cms_pwri.c
+cms_sd.o: ../../e_os.h ../../include/openssl/asn1.h
+cms_sd.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+cms_sd.o: ../../include/openssl/buffer.h ../../include/openssl/cms.h
+cms_sd.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+cms_sd.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+cms_sd.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+cms_sd.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+cms_sd.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+cms_sd.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+cms_sd.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+cms_sd.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+cms_sd.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+cms_sd.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+cms_sd.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+cms_sd.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+cms_sd.o: ../asn1/asn1_locl.h ../cryptlib.h cms_lcl.h cms_sd.c
+cms_smime.o: ../../e_os.h ../../include/openssl/asn1.h
+cms_smime.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+cms_smime.o: ../../include/openssl/buffer.h ../../include/openssl/cms.h
+cms_smime.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+cms_smime.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+cms_smime.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+cms_smime.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+cms_smime.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+cms_smime.o: ../../include/openssl/objects.h
+cms_smime.o: ../../include/openssl/opensslconf.h
+cms_smime.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+cms_smime.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+cms_smime.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+cms_smime.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+cms_smime.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+cms_smime.o: ../cryptlib.h cms_lcl.h cms_smime.c
diff --git a/crypto/cms/cms.h b/crypto/cms/cms.h
new file mode 100644
index 0000000000..8d230219f7
--- /dev/null
+++ b/crypto/cms/cms.h
@@ -0,0 +1,498 @@
+/* crypto/cms/cms.h */
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project.
+ */
+/* ====================================================================
+ * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+
+#ifndef HEADER_CMS_H
+#define HEADER_CMS_H
+
+#include <openssl/x509.h>
+
+#ifdef OPENSSL_NO_CMS
+#error CMS is disabled.
+#endif
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+
+typedef struct CMS_ContentInfo_st CMS_ContentInfo;
+typedef struct CMS_SignerInfo_st CMS_SignerInfo;
+typedef struct CMS_CertificateChoices CMS_CertificateChoices;
+typedef struct CMS_RevocationInfoChoice_st CMS_RevocationInfoChoice;
+typedef struct CMS_RecipientInfo_st CMS_RecipientInfo;
+typedef struct CMS_ReceiptRequest_st CMS_ReceiptRequest;
+typedef struct CMS_Receipt_st CMS_Receipt;
+
+DECLARE_STACK_OF(CMS_SignerInfo)
+DECLARE_STACK_OF(GENERAL_NAMES)
+DECLARE_ASN1_FUNCTIONS(CMS_ContentInfo)
+DECLARE_ASN1_FUNCTIONS(CMS_ReceiptRequest)
+DECLARE_ASN1_PRINT_FUNCTION(CMS_ContentInfo)
+
+#define CMS_SIGNERINFO_ISSUER_SERIAL	0
+#define CMS_SIGNERINFO_KEYIDENTIFIER	1
+
+#define CMS_RECIPINFO_TRANS		0
+#define CMS_RECIPINFO_AGREE		1
+#define CMS_RECIPINFO_KEK		2
+#define CMS_RECIPINFO_PASS		3
+#define CMS_RECIPINFO_OTHER		4
+
+/* S/MIME related flags */
+
+#define CMS_TEXT			0x1
+#define CMS_NOCERTS			0x2
+#define CMS_NO_CONTENT_VERIFY		0x4
+#define CMS_NO_ATTR_VERIFY		0x8
+#define CMS_NOSIGS			\
+			(CMS_NO_CONTENT_VERIFY|CMS_NO_ATTR_VERIFY)
+#define CMS_NOINTERN			0x10
+#define CMS_NO_SIGNER_CERT_VERIFY	0x20
+#define CMS_NOVERIFY			0x20
+#define CMS_DETACHED			0x40
+#define CMS_BINARY			0x80
+#define CMS_NOATTR			0x100
+#define	CMS_NOSMIMECAP			0x200
+#define CMS_NOOLDMIMETYPE		0x400
+#define CMS_CRLFEOL			0x800
+#define CMS_STREAM			0x1000
+#define CMS_NOCRL			0x2000
+#define CMS_PARTIAL			0x4000
+#define CMS_REUSE_DIGEST		0x8000
+#define CMS_USE_KEYID			0x10000
+
+const ASN1_OBJECT *CMS_get0_type(CMS_ContentInfo *cms);
+
+BIO *CMS_dataInit(CMS_ContentInfo *cms, BIO *icont);
+int CMS_dataFinal(CMS_ContentInfo *cms, BIO *bio);
+
+ASN1_OCTET_STRING **CMS_get0_content(CMS_ContentInfo *cms);
+int CMS_is_detached(CMS_ContentInfo *cms);
+int CMS_set_detached(CMS_ContentInfo *cms, int detached);
+
+#ifdef HEADER_PEM_H
+DECLARE_PEM_rw_const(CMS, CMS_ContentInfo)
+#endif
+
+int CMS_stream(unsigned char ***boundary, CMS_ContentInfo *cms);
+CMS_ContentInfo *d2i_CMS_bio(BIO *bp, CMS_ContentInfo **cms);
+int i2d_CMS_bio(BIO *bp, CMS_ContentInfo *cms);
+
+BIO *BIO_new_CMS(BIO *out, CMS_ContentInfo *cms);
+int i2d_CMS_bio_stream(BIO *out, CMS_ContentInfo *cms, BIO *in, int flags);
+int PEM_write_bio_CMS_stream(BIO *out, CMS_ContentInfo *cms, BIO *in, int flags);
+CMS_ContentInfo *SMIME_read_CMS(BIO *bio, BIO **bcont);
+int SMIME_write_CMS(BIO *bio, CMS_ContentInfo *cms, BIO *data, int flags);
+
+int CMS_final(CMS_ContentInfo *cms, BIO *data, BIO *dcont, unsigned int flags);
+
+CMS_ContentInfo *CMS_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs,
+						BIO *data, unsigned int flags);
+
+CMS_ContentInfo *CMS_sign_receipt(CMS_SignerInfo *si,
+					X509 *signcert, EVP_PKEY *pkey,
+					STACK_OF(X509) *certs,
+					unsigned int flags);
+
+int CMS_data(CMS_ContentInfo *cms, BIO *out, unsigned int flags);
+CMS_ContentInfo *CMS_data_create(BIO *in, unsigned int flags);
+
+int CMS_digest_verify(CMS_ContentInfo *cms, BIO *dcont, BIO *out,
+							unsigned int flags);
+CMS_ContentInfo *CMS_digest_create(BIO *in, const EVP_MD *md,
+							unsigned int flags);
+
+int CMS_EncryptedData_decrypt(CMS_ContentInfo *cms,
+				const unsigned char *key, size_t keylen,
+				BIO *dcont, BIO *out, unsigned int flags);
+
+CMS_ContentInfo *CMS_EncryptedData_encrypt(BIO *in, const EVP_CIPHER *cipher,
+					const unsigned char *key, size_t keylen,
+					unsigned int flags);
+
+int CMS_EncryptedData_set1_key(CMS_ContentInfo *cms, const EVP_CIPHER *ciph,
+				const unsigned char *key, size_t keylen);
+
+int CMS_verify(CMS_ContentInfo *cms, STACK_OF(X509) *certs,
+		 X509_STORE *store, BIO *dcont, BIO *out, unsigned int flags);
+
+int CMS_verify_receipt(CMS_ContentInfo *rcms, CMS_ContentInfo *ocms,
+			STACK_OF(X509) *certs,
+			X509_STORE *store, unsigned int flags);
+
+STACK_OF(X509) *CMS_get0_signers(CMS_ContentInfo *cms);
+
+CMS_ContentInfo *CMS_encrypt(STACK_OF(X509) *certs, BIO *in,
+				const EVP_CIPHER *cipher, unsigned int flags);
+
+int CMS_decrypt(CMS_ContentInfo *cms, EVP_PKEY *pkey, X509 *cert,
+				BIO *dcont, BIO *out,
+				unsigned int flags);
+	
+int CMS_decrypt_set1_pkey(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert);
+int CMS_decrypt_set1_key(CMS_ContentInfo *cms, 
+				unsigned char *key, size_t keylen,
+				unsigned char *id, size_t idlen);
+int CMS_decrypt_set1_password(CMS_ContentInfo *cms, 
+				unsigned char *pass, ssize_t passlen);
+
+STACK_OF(CMS_RecipientInfo) *CMS_get0_RecipientInfos(CMS_ContentInfo *cms);
+int CMS_RecipientInfo_type(CMS_RecipientInfo *ri);
+CMS_ContentInfo *CMS_EnvelopedData_create(const EVP_CIPHER *cipher);
+CMS_RecipientInfo *CMS_add1_recipient_cert(CMS_ContentInfo *cms,
+					X509 *recip, unsigned int flags);
+int CMS_RecipientInfo_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pkey);
+int CMS_RecipientInfo_ktri_cert_cmp(CMS_RecipientInfo *ri, X509 *cert);
+int CMS_RecipientInfo_ktri_get0_algs(CMS_RecipientInfo *ri,
+					EVP_PKEY **pk, X509 **recip,
+					X509_ALGOR **palg);
+int CMS_RecipientInfo_ktri_get0_signer_id(CMS_RecipientInfo *ri,
+					ASN1_OCTET_STRING **keyid,
+					X509_NAME **issuer, ASN1_INTEGER **sno);
+
+CMS_RecipientInfo *CMS_add0_recipient_key(CMS_ContentInfo *cms, int nid,
+					unsigned char *key, size_t keylen,
+					unsigned char *id, size_t idlen,
+					ASN1_GENERALIZEDTIME *date,
+					ASN1_OBJECT *otherTypeId,
+					ASN1_TYPE *otherType);
+
+int CMS_RecipientInfo_kekri_get0_id(CMS_RecipientInfo *ri,
+					X509_ALGOR **palg,
+					ASN1_OCTET_STRING **pid,
+					ASN1_GENERALIZEDTIME **pdate,
+					ASN1_OBJECT **potherid,
+					ASN1_TYPE **pothertype);
+
+int CMS_RecipientInfo_set0_key(CMS_RecipientInfo *ri, 
+				unsigned char *key, size_t keylen);
+
+int CMS_RecipientInfo_kekri_id_cmp(CMS_RecipientInfo *ri, 
+					const unsigned char *id, size_t idlen);
+
+int CMS_RecipientInfo_set0_password(CMS_RecipientInfo *ri, 
+					unsigned char *pass, ssize_t passlen);
+
+CMS_RecipientInfo *CMS_add0_recipient_password(CMS_ContentInfo *cms,
+					int iter, int wrap_nid, int pbe_nid,
+					unsigned char *pass, ssize_t passlen,
+					const EVP_CIPHER *kekciph);
+
+int CMS_RecipientInfo_decrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri);
+	
+int CMS_uncompress(CMS_ContentInfo *cms, BIO *dcont, BIO *out,
+							unsigned int flags);
+CMS_ContentInfo *CMS_compress(BIO *in, int comp_nid, unsigned int flags);
+
+int CMS_set1_eContentType(CMS_ContentInfo *cms, const ASN1_OBJECT *oid);
+const ASN1_OBJECT *CMS_get0_eContentType(CMS_ContentInfo *cms);
+
+CMS_CertificateChoices *CMS_add0_CertificateChoices(CMS_ContentInfo *cms);
+int CMS_add0_cert(CMS_ContentInfo *cms, X509 *cert);
+int CMS_add1_cert(CMS_ContentInfo *cms, X509 *cert);
+STACK_OF(X509) *CMS_get1_certs(CMS_ContentInfo *cms);
+
+CMS_RevocationInfoChoice *CMS_add0_RevocationInfoChoice(CMS_ContentInfo *cms);
+int CMS_add0_crl(CMS_ContentInfo *cms, X509_CRL *crl);
+int CMS_add1_crl(CMS_ContentInfo *cms, X509_CRL *crl);
+STACK_OF(X509_CRL) *CMS_get1_crls(CMS_ContentInfo *cms);
+
+int CMS_SignedData_init(CMS_ContentInfo *cms);
+CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms,
+			X509 *signer, EVP_PKEY *pk, const EVP_MD *md,
+			unsigned int flags);
+STACK_OF(CMS_SignerInfo) *CMS_get0_SignerInfos(CMS_ContentInfo *cms);
+
+void CMS_SignerInfo_set1_signer_cert(CMS_SignerInfo *si, X509 *signer);
+int CMS_SignerInfo_get0_signer_id(CMS_SignerInfo *si,
+					ASN1_OCTET_STRING **keyid,
+					X509_NAME **issuer, ASN1_INTEGER **sno);
+int CMS_SignerInfo_cert_cmp(CMS_SignerInfo *si, X509 *cert);
+int CMS_set1_signers_certs(CMS_ContentInfo *cms, STACK_OF(X509) *certs,
+					unsigned int flags);
+void CMS_SignerInfo_get0_algs(CMS_SignerInfo *si, EVP_PKEY **pk, X509 **signer,
+					X509_ALGOR **pdig, X509_ALGOR **psig);
+int CMS_SignerInfo_sign(CMS_SignerInfo *si);
+int CMS_SignerInfo_verify(CMS_SignerInfo *si);
+int CMS_SignerInfo_verify_content(CMS_SignerInfo *si, BIO *chain);
+
+int CMS_add_smimecap(CMS_SignerInfo *si, STACK_OF(X509_ALGOR) *algs);
+int CMS_add_simple_smimecap(STACK_OF(X509_ALGOR) **algs,
+				int algnid, int keysize);
+int CMS_add_standard_smimecap(STACK_OF(X509_ALGOR) **smcap);
+
+int CMS_signed_get_attr_count(const CMS_SignerInfo *si);
+int CMS_signed_get_attr_by_NID(const CMS_SignerInfo *si, int nid,
+			  int lastpos);
+int CMS_signed_get_attr_by_OBJ(const CMS_SignerInfo *si, ASN1_OBJECT *obj,
+			  int lastpos);
+X509_ATTRIBUTE *CMS_signed_get_attr(const CMS_SignerInfo *si, int loc);
+X509_ATTRIBUTE *CMS_signed_delete_attr(CMS_SignerInfo *si, int loc);
+int CMS_signed_add1_attr(CMS_SignerInfo *si, X509_ATTRIBUTE *attr);
+int CMS_signed_add1_attr_by_OBJ(CMS_SignerInfo *si,
+			const ASN1_OBJECT *obj, int type,
+			const void *bytes, int len);
+int CMS_signed_add1_attr_by_NID(CMS_SignerInfo *si,
+			int nid, int type,
+			const void *bytes, int len);
+int CMS_signed_add1_attr_by_txt(CMS_SignerInfo *si,
+			const char *attrname, int type,
+			const void *bytes, int len);
+void *CMS_signed_get0_data_by_OBJ(CMS_SignerInfo *si, ASN1_OBJECT *oid,
+					int lastpos, int type);
+
+int CMS_unsigned_get_attr_count(const CMS_SignerInfo *si);
+int CMS_unsigned_get_attr_by_NID(const CMS_SignerInfo *si, int nid,
+			  int lastpos);
+int CMS_unsigned_get_attr_by_OBJ(const CMS_SignerInfo *si, ASN1_OBJECT *obj,
+			  int lastpos);
+X509_ATTRIBUTE *CMS_unsigned_get_attr(const CMS_SignerInfo *si, int loc);
+X509_ATTRIBUTE *CMS_unsigned_delete_attr(CMS_SignerInfo *si, int loc);
+int CMS_unsigned_add1_attr(CMS_SignerInfo *si, X509_ATTRIBUTE *attr);
+int CMS_unsigned_add1_attr_by_OBJ(CMS_SignerInfo *si,
+			const ASN1_OBJECT *obj, int type,
+			const void *bytes, int len);
+int CMS_unsigned_add1_attr_by_NID(CMS_SignerInfo *si,
+			int nid, int type,
+			const void *bytes, int len);
+int CMS_unsigned_add1_attr_by_txt(CMS_SignerInfo *si,
+			const char *attrname, int type,
+			const void *bytes, int len);
+void *CMS_unsigned_get0_data_by_OBJ(CMS_SignerInfo *si, ASN1_OBJECT *oid,
+					int lastpos, int type);
+
+#ifdef HEADER_X509V3_H
+
+int CMS_get1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest **prr);
+CMS_ReceiptRequest *CMS_ReceiptRequest_create0(unsigned char *id, int idlen,
+				int allorfirst,
+				STACK_OF(GENERAL_NAMES) *receiptList,
+				STACK_OF(GENERAL_NAMES) *receiptsTo);
+int CMS_add1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest *rr);
+void CMS_ReceiptRequest_get0_values(CMS_ReceiptRequest *rr,
+					ASN1_STRING **pcid,
+					int *pallorfirst,
+					STACK_OF(GENERAL_NAMES) **plist,
+					STACK_OF(GENERAL_NAMES) **prto);
+
+#endif
+
+/* BEGIN ERROR CODES */
+/* The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_CMS_strings(void);
+
+/* Error codes for the CMS functions. */
+
+/* Function codes. */
+#define CMS_F_CHECK_CONTENT				 99
+#define CMS_F_CMS_ADD0_CERT				 164
+#define CMS_F_CMS_ADD0_RECIPIENT_KEY			 100
+#define CMS_F_CMS_ADD0_RECIPIENT_PASSWORD		 165
+#define CMS_F_CMS_ADD1_RECEIPTREQUEST			 158
+#define CMS_F_CMS_ADD1_RECIPIENT_CERT			 101
+#define CMS_F_CMS_ADD1_SIGNER				 102
+#define CMS_F_CMS_ADD1_SIGNINGTIME			 103
+#define CMS_F_CMS_COMPRESS				 104
+#define CMS_F_CMS_COMPRESSEDDATA_CREATE			 105
+#define CMS_F_CMS_COMPRESSEDDATA_INIT_BIO		 106
+#define CMS_F_CMS_COPY_CONTENT				 107
+#define CMS_F_CMS_COPY_MESSAGEDIGEST			 108
+#define CMS_F_CMS_DATA					 109
+#define CMS_F_CMS_DATAFINAL				 110
+#define CMS_F_CMS_DATAINIT				 111
+#define CMS_F_CMS_DECRYPT				 112
+#define CMS_F_CMS_DECRYPT_SET1_KEY			 113
+#define CMS_F_CMS_DECRYPT_SET1_PASSWORD			 166
+#define CMS_F_CMS_DECRYPT_SET1_PKEY			 114
+#define CMS_F_CMS_DIGESTALGORITHM_FIND_CTX		 115
+#define CMS_F_CMS_DIGESTALGORITHM_INIT_BIO		 116
+#define CMS_F_CMS_DIGESTEDDATA_DO_FINAL			 117
+#define CMS_F_CMS_DIGEST_VERIFY				 118
+#define CMS_F_CMS_ENCODE_RECEIPT			 161
+#define CMS_F_CMS_ENCRYPT				 119
+#define CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO		 120
+#define CMS_F_CMS_ENCRYPTEDDATA_DECRYPT			 121
+#define CMS_F_CMS_ENCRYPTEDDATA_ENCRYPT			 122
+#define CMS_F_CMS_ENCRYPTEDDATA_SET1_KEY		 123
+#define CMS_F_CMS_ENVELOPEDDATA_CREATE			 124
+#define CMS_F_CMS_ENVELOPEDDATA_INIT_BIO		 125
+#define CMS_F_CMS_ENVELOPED_DATA_INIT			 126
+#define CMS_F_CMS_FINAL					 127
+#define CMS_F_CMS_GET0_CERTIFICATE_CHOICES		 128
+#define CMS_F_CMS_GET0_CONTENT				 129
+#define CMS_F_CMS_GET0_ECONTENT_TYPE			 130
+#define CMS_F_CMS_GET0_ENVELOPED			 131
+#define CMS_F_CMS_GET0_REVOCATION_CHOICES		 132
+#define CMS_F_CMS_GET0_SIGNED				 133
+#define CMS_F_CMS_MSGSIGDIGEST_ADD1			 162
+#define CMS_F_CMS_RECEIPTREQUEST_CREATE0		 159
+#define CMS_F_CMS_RECEIPT_VERIFY			 160
+#define CMS_F_CMS_RECIPIENTINFO_DECRYPT			 134
+#define CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT		 135
+#define CMS_F_CMS_RECIPIENTINFO_KEKRI_ENCRYPT		 136
+#define CMS_F_CMS_RECIPIENTINFO_KEKRI_GET0_ID		 137
+#define CMS_F_CMS_RECIPIENTINFO_KEKRI_ID_CMP		 138
+#define CMS_F_CMS_RECIPIENTINFO_KTRI_CERT_CMP		 139
+#define CMS_F_CMS_RECIPIENTINFO_KTRI_DECRYPT		 140
+#define CMS_F_CMS_RECIPIENTINFO_KTRI_ENCRYPT		 141
+#define CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_ALGS		 142
+#define CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_SIGNER_ID	 143
+#define CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT		 167
+#define CMS_F_CMS_RECIPIENTINFO_SET0_KEY		 144
+#define CMS_F_CMS_RECIPIENTINFO_SET0_PASSWORD		 168
+#define CMS_F_CMS_RECIPIENTINFO_SET0_PKEY		 145
+#define CMS_F_CMS_SET1_SIGNERIDENTIFIER			 146
+#define CMS_F_CMS_SET_DETACHED				 147
+#define CMS_F_CMS_SIGN					 148
+#define CMS_F_CMS_SIGNED_DATA_INIT			 149
+#define CMS_F_CMS_SIGNERINFO_CONTENT_SIGN		 150
+#define CMS_F_CMS_SIGNERINFO_SIGN			 151
+#define CMS_F_CMS_SIGNERINFO_VERIFY			 152
+#define CMS_F_CMS_SIGNERINFO_VERIFY_CERT		 153
+#define CMS_F_CMS_SIGNERINFO_VERIFY_CONTENT		 154
+#define CMS_F_CMS_SIGN_RECEIPT				 163
+#define CMS_F_CMS_STREAM				 155
+#define CMS_F_CMS_UNCOMPRESS				 156
+#define CMS_F_CMS_VERIFY				 157
+
+/* Reason codes. */
+#define CMS_R_ADD_SIGNER_ERROR				 99
+#define CMS_R_CERTIFICATE_ALREADY_PRESENT		 175
+#define CMS_R_CERTIFICATE_HAS_NO_KEYID			 160
+#define CMS_R_CERTIFICATE_VERIFY_ERROR			 100
+#define CMS_R_CIPHER_INITIALISATION_ERROR		 101
+#define CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR	 102
+#define CMS_R_CMS_DATAFINAL_ERROR			 103
+#define CMS_R_CMS_LIB					 104
+#define CMS_R_CONTENTIDENTIFIER_MISMATCH		 170
+#define CMS_R_CONTENT_NOT_FOUND				 105
+#define CMS_R_CONTENT_TYPE_MISMATCH			 171
+#define CMS_R_CONTENT_TYPE_NOT_COMPRESSED_DATA		 106
+#define CMS_R_CONTENT_TYPE_NOT_ENVELOPED_DATA		 107
+#define CMS_R_CONTENT_TYPE_NOT_SIGNED_DATA		 108
+#define CMS_R_CONTENT_VERIFY_ERROR			 109
+#define CMS_R_CTRL_ERROR				 110
+#define CMS_R_CTRL_FAILURE				 111
+#define CMS_R_DECRYPT_ERROR				 112
+#define CMS_R_DIGEST_ERROR				 161
+#define CMS_R_ERROR_GETTING_PUBLIC_KEY			 113
+#define CMS_R_ERROR_READING_MESSAGEDIGEST_ATTRIBUTE	 114
+#define CMS_R_ERROR_SETTING_KEY				 115
+#define CMS_R_ERROR_SETTING_RECIPIENTINFO		 116
+#define CMS_R_INVALID_ENCRYPTED_KEY_LENGTH		 117
+#define CMS_R_INVALID_KEY_ENCRYPTION_PARAMETER		 176
+#define CMS_R_INVALID_KEY_LENGTH			 118
+#define CMS_R_MD_BIO_INIT_ERROR				 119
+#define CMS_R_MESSAGEDIGEST_ATTRIBUTE_WRONG_LENGTH	 120
+#define CMS_R_MESSAGEDIGEST_WRONG_LENGTH		 121
+#define CMS_R_MSGSIGDIGEST_ERROR			 172
+#define CMS_R_MSGSIGDIGEST_VERIFICATION_FAILURE		 162
+#define CMS_R_MSGSIGDIGEST_WRONG_LENGTH			 163
+#define CMS_R_NEED_ONE_SIGNER				 164
+#define CMS_R_NOT_A_SIGNED_RECEIPT			 165
+#define CMS_R_NOT_ENCRYPTED_DATA			 122
+#define CMS_R_NOT_KEK					 123
+#define CMS_R_NOT_KEY_TRANSPORT				 124
+#define CMS_R_NOT_PWRI					 177
+#define CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE		 125
+#define CMS_R_NO_CIPHER					 126
+#define CMS_R_NO_CONTENT				 127
+#define CMS_R_NO_CONTENT_TYPE				 173
+#define CMS_R_NO_DEFAULT_DIGEST				 128
+#define CMS_R_NO_DIGEST_SET				 129
+#define CMS_R_NO_KEY					 130
+#define CMS_R_NO_KEY_OR_CERT				 174
+#define CMS_R_NO_MATCHING_DIGEST			 131
+#define CMS_R_NO_MATCHING_RECIPIENT			 132
+#define CMS_R_NO_MATCHING_SIGNATURE			 166
+#define CMS_R_NO_MSGSIGDIGEST				 167
+#define CMS_R_NO_PASSWORD				 178
+#define CMS_R_NO_PRIVATE_KEY				 133
+#define CMS_R_NO_PUBLIC_KEY				 134
+#define CMS_R_NO_RECEIPT_REQUEST			 168
+#define CMS_R_NO_SIGNERS				 135
+#define CMS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE	 136
+#define CMS_R_RECEIPT_DECODE_ERROR			 169
+#define CMS_R_RECIPIENT_ERROR				 137
+#define CMS_R_SIGNER_CERTIFICATE_NOT_FOUND		 138
+#define CMS_R_SIGNFINAL_ERROR				 139
+#define CMS_R_SMIME_TEXT_ERROR				 140
+#define CMS_R_STORE_INIT_ERROR				 141
+#define CMS_R_TYPE_NOT_COMPRESSED_DATA			 142
+#define CMS_R_TYPE_NOT_DATA				 143
+#define CMS_R_TYPE_NOT_DIGESTED_DATA			 144
+#define CMS_R_TYPE_NOT_ENCRYPTED_DATA			 145
+#define CMS_R_TYPE_NOT_ENVELOPED_DATA			 146
+#define CMS_R_UNABLE_TO_FINALIZE_CONTEXT		 147
+#define CMS_R_UNKNOWN_CIPHER				 148
+#define CMS_R_UNKNOWN_DIGEST_ALGORIHM			 149
+#define CMS_R_UNKNOWN_ID				 150
+#define CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM		 151
+#define CMS_R_UNSUPPORTED_CONTENT_TYPE			 152
+#define CMS_R_UNSUPPORTED_KEK_ALGORITHM			 153
+#define CMS_R_UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM	 179
+#define CMS_R_UNSUPPORTED_RECIPIENT_TYPE		 154
+#define CMS_R_UNSUPPORTED_RECPIENTINFO_TYPE		 155
+#define CMS_R_UNSUPPORTED_TYPE				 156
+#define CMS_R_UNWRAP_ERROR				 157
+#define CMS_R_UNWRAP_FAILURE				 180
+#define CMS_R_VERIFICATION_FAILURE			 158
+#define CMS_R_WRAP_ERROR				 159
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/crypto/cms/cms_asn1.c b/crypto/cms/cms_asn1.c
new file mode 100644
index 0000000000..835cae4e0b
--- /dev/null
+++ b/crypto/cms/cms_asn1.c
@@ -0,0 +1,389 @@
+/* crypto/cms/cms_asn1.c */
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project.
+ */
+/* ====================================================================
+ * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+#include <openssl/asn1t.h>
+#include <openssl/pem.h>
+#include <openssl/x509v3.h>
+#include "cms.h"
+#include "cms_lcl.h"
+
+
+ASN1_SEQUENCE(CMS_IssuerAndSerialNumber) = {
+	ASN1_SIMPLE(CMS_IssuerAndSerialNumber, issuer, X509_NAME),
+	ASN1_SIMPLE(CMS_IssuerAndSerialNumber, serialNumber, ASN1_INTEGER)
+} ASN1_SEQUENCE_END(CMS_IssuerAndSerialNumber)
+
+ASN1_SEQUENCE(CMS_OtherCertificateFormat) = {
+	ASN1_SIMPLE(CMS_OtherCertificateFormat, otherCertFormat, ASN1_OBJECT),
+	ASN1_OPT(CMS_OtherCertificateFormat, otherCert, ASN1_ANY)
+} ASN1_SEQUENCE_END(CMS_OtherCertificateFormat)
+
+ASN1_CHOICE(CMS_CertificateChoices) = {
+	ASN1_SIMPLE(CMS_CertificateChoices, d.certificate, X509),
+	ASN1_IMP(CMS_CertificateChoices, d.extendedCertificate, ASN1_SEQUENCE, 0),
+	ASN1_IMP(CMS_CertificateChoices, d.v1AttrCert, ASN1_SEQUENCE, 1),
+	ASN1_IMP(CMS_CertificateChoices, d.v2AttrCert, ASN1_SEQUENCE, 2),
+	ASN1_IMP(CMS_CertificateChoices, d.other, CMS_OtherCertificateFormat, 3)
+} ASN1_CHOICE_END(CMS_CertificateChoices)
+
+ASN1_CHOICE(CMS_SignerIdentifier) = {
+	ASN1_SIMPLE(CMS_SignerIdentifier, d.issuerAndSerialNumber, CMS_IssuerAndSerialNumber),
+	ASN1_IMP(CMS_SignerIdentifier, d.subjectKeyIdentifier, ASN1_OCTET_STRING, 0)
+} ASN1_CHOICE_END(CMS_SignerIdentifier)
+
+ASN1_NDEF_SEQUENCE(CMS_EncapsulatedContentInfo) = {
+	ASN1_SIMPLE(CMS_EncapsulatedContentInfo, eContentType, ASN1_OBJECT),
+	ASN1_NDEF_EXP_OPT(CMS_EncapsulatedContentInfo, eContent, ASN1_OCTET_STRING_NDEF, 0)
+} ASN1_NDEF_SEQUENCE_END(CMS_EncapsulatedContentInfo)
+
+/* Minor tweak to operation: free up signer key, cert */
+static int cms_si_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
+							void *exarg)
+	{
+	if(operation == ASN1_OP_FREE_POST)
+		{
+		CMS_SignerInfo *si = (CMS_SignerInfo *)*pval;
+		if (si->pkey)
+			EVP_PKEY_free(si->pkey);
+		if (si->signer)
+			X509_free(si->signer);
+		}
+	return 1;
+	}
+
+ASN1_SEQUENCE_cb(CMS_SignerInfo, cms_si_cb) = {
+	ASN1_SIMPLE(CMS_SignerInfo, version, LONG),
+	ASN1_SIMPLE(CMS_SignerInfo, sid, CMS_SignerIdentifier),
+	ASN1_SIMPLE(CMS_SignerInfo, digestAlgorithm, X509_ALGOR),
+	ASN1_IMP_SET_OF_OPT(CMS_SignerInfo, signedAttrs, X509_ATTRIBUTE, 0),
+	ASN1_SIMPLE(CMS_SignerInfo, signatureAlgorithm, X509_ALGOR),
+	ASN1_SIMPLE(CMS_SignerInfo, signature, ASN1_OCTET_STRING),
+	ASN1_IMP_SET_OF_OPT(CMS_SignerInfo, unsignedAttrs, X509_ATTRIBUTE, 1)
+} ASN1_SEQUENCE_END_cb(CMS_SignerInfo, CMS_SignerInfo)
+
+ASN1_SEQUENCE(CMS_OtherRevocationInfoFormat) = {
+	ASN1_SIMPLE(CMS_OtherRevocationInfoFormat, otherRevInfoFormat, ASN1_OBJECT),
+	ASN1_OPT(CMS_OtherRevocationInfoFormat, otherRevInfo, ASN1_ANY)
+} ASN1_SEQUENCE_END(CMS_OtherRevocationInfoFormat)
+
+ASN1_CHOICE(CMS_RevocationInfoChoice) = {
+	ASN1_SIMPLE(CMS_RevocationInfoChoice, d.crl, X509_CRL),
+	ASN1_IMP(CMS_RevocationInfoChoice, d.other, CMS_OtherRevocationInfoFormat, 1)
+} ASN1_CHOICE_END(CMS_RevocationInfoChoice)
+
+ASN1_NDEF_SEQUENCE(CMS_SignedData) = {
+	ASN1_SIMPLE(CMS_SignedData, version, LONG),
+	ASN1_SET_OF(CMS_SignedData, digestAlgorithms, X509_ALGOR),
+	ASN1_SIMPLE(CMS_SignedData, encapContentInfo, CMS_EncapsulatedContentInfo),
+	ASN1_IMP_SET_OF_OPT(CMS_SignedData, certificates, CMS_CertificateChoices, 0),
+	ASN1_IMP_SET_OF_OPT(CMS_SignedData, crls, CMS_RevocationInfoChoice, 1),
+	ASN1_SET_OF(CMS_SignedData, signerInfos, CMS_SignerInfo)
+} ASN1_NDEF_SEQUENCE_END(CMS_SignedData)
+
+ASN1_SEQUENCE(CMS_OriginatorInfo) = {
+	ASN1_IMP_SET_OF_OPT(CMS_SignedData, certificates, CMS_CertificateChoices, 0),
+	ASN1_IMP_SET_OF_OPT(CMS_SignedData, crls, CMS_RevocationInfoChoice, 1)
+} ASN1_SEQUENCE_END(CMS_OriginatorInfo)
+
+ASN1_NDEF_SEQUENCE(CMS_EncryptedContentInfo) = {
+	ASN1_SIMPLE(CMS_EncryptedContentInfo, contentType, ASN1_OBJECT),
+	ASN1_SIMPLE(CMS_EncryptedContentInfo, contentEncryptionAlgorithm, X509_ALGOR),
+	ASN1_IMP_OPT(CMS_EncryptedContentInfo, encryptedContent, ASN1_OCTET_STRING_NDEF, 0)
+} ASN1_NDEF_SEQUENCE_END(CMS_EncryptedContentInfo)
+
+ASN1_SEQUENCE(CMS_KeyTransRecipientInfo) = {
+	ASN1_SIMPLE(CMS_KeyTransRecipientInfo, version, LONG),
+	ASN1_SIMPLE(CMS_KeyTransRecipientInfo, rid, CMS_SignerIdentifier),
+	ASN1_SIMPLE(CMS_KeyTransRecipientInfo, keyEncryptionAlgorithm, X509_ALGOR),
+	ASN1_SIMPLE(CMS_KeyTransRecipientInfo, encryptedKey, ASN1_OCTET_STRING)
+} ASN1_SEQUENCE_END(CMS_KeyTransRecipientInfo)
+
+ASN1_SEQUENCE(CMS_OtherKeyAttribute) = {
+	ASN1_SIMPLE(CMS_OtherKeyAttribute, keyAttrId, ASN1_OBJECT),
+	ASN1_OPT(CMS_OtherKeyAttribute, keyAttr, ASN1_ANY)
+} ASN1_SEQUENCE_END(CMS_OtherKeyAttribute)
+
+ASN1_SEQUENCE(CMS_RecipientKeyIdentifier) = {
+	ASN1_SIMPLE(CMS_RecipientKeyIdentifier, subjectKeyIdentifier, ASN1_OCTET_STRING),
+	ASN1_OPT(CMS_RecipientKeyIdentifier, date, ASN1_GENERALIZEDTIME),
+	ASN1_OPT(CMS_RecipientKeyIdentifier, other, CMS_OtherKeyAttribute)
+} ASN1_SEQUENCE_END(CMS_RecipientKeyIdentifier)
+
+ASN1_CHOICE(CMS_KeyAgreeRecipientIdentifier) = {
+  ASN1_SIMPLE(CMS_KeyAgreeRecipientIdentifier, d.issuerAndSerialNumber, CMS_IssuerAndSerialNumber),
+  ASN1_IMP(CMS_KeyAgreeRecipientIdentifier, d.rKeyId, CMS_RecipientKeyIdentifier, 0)
+} ASN1_CHOICE_END(CMS_KeyAgreeRecipientIdentifier)
+
+ASN1_SEQUENCE(CMS_RecipientEncryptedKey) = {
+	ASN1_SIMPLE(CMS_RecipientEncryptedKey, rid, CMS_KeyAgreeRecipientIdentifier),
+	ASN1_SIMPLE(CMS_RecipientEncryptedKey, encryptedKey, ASN1_OCTET_STRING)
+} ASN1_SEQUENCE_END(CMS_RecipientEncryptedKey)
+
+ASN1_SEQUENCE(CMS_OriginatorPublicKey) = {
+  ASN1_SIMPLE(CMS_OriginatorPublicKey, algorithm, X509_ALGOR),
+  ASN1_SIMPLE(CMS_OriginatorPublicKey, publicKey, ASN1_BIT_STRING)
+} ASN1_SEQUENCE_END(CMS_OriginatorPublicKey)
+
+ASN1_CHOICE(CMS_OriginatorIdentifierOrKey) = {
+  ASN1_SIMPLE(CMS_OriginatorIdentifierOrKey, d.issuerAndSerialNumber, CMS_IssuerAndSerialNumber),
+  ASN1_IMP(CMS_OriginatorIdentifierOrKey, d.subjectKeyIdentifier, ASN1_OCTET_STRING, 0),
+  ASN1_IMP(CMS_OriginatorIdentifierOrKey, d.originatorKey, CMS_OriginatorPublicKey, 1)
+} ASN1_CHOICE_END(CMS_OriginatorIdentifierOrKey)
+
+ASN1_SEQUENCE(CMS_KeyAgreeRecipientInfo) = {
+	ASN1_SIMPLE(CMS_KeyAgreeRecipientInfo, version, LONG),
+	ASN1_EXP(CMS_KeyAgreeRecipientInfo, originator, CMS_OriginatorIdentifierOrKey, 0),
+	ASN1_EXP_OPT(CMS_KeyAgreeRecipientInfo, ukm, ASN1_OCTET_STRING, 1),
+	ASN1_SIMPLE(CMS_KeyAgreeRecipientInfo, keyEncryptionAlgorithm, X509_ALGOR),
+	ASN1_SEQUENCE_OF(CMS_KeyAgreeRecipientInfo, recipientEncryptedKeys, CMS_RecipientEncryptedKey)
+} ASN1_SEQUENCE_END(CMS_KeyAgreeRecipientInfo)
+
+ASN1_SEQUENCE(CMS_KEKIdentifier) = {
+	ASN1_SIMPLE(CMS_KEKIdentifier, keyIdentifier, ASN1_OCTET_STRING),
+	ASN1_OPT(CMS_KEKIdentifier, date, ASN1_GENERALIZEDTIME),
+	ASN1_OPT(CMS_KEKIdentifier, other, CMS_OtherKeyAttribute)
+} ASN1_SEQUENCE_END(CMS_KEKIdentifier)
+
+ASN1_SEQUENCE(CMS_KEKRecipientInfo) = {
+	ASN1_SIMPLE(CMS_KEKRecipientInfo, version, LONG),
+	ASN1_SIMPLE(CMS_KEKRecipientInfo, kekid, CMS_KEKIdentifier),
+	ASN1_SIMPLE(CMS_KEKRecipientInfo, keyEncryptionAlgorithm, X509_ALGOR),
+	ASN1_SIMPLE(CMS_KEKRecipientInfo, encryptedKey, ASN1_OCTET_STRING)
+} ASN1_SEQUENCE_END(CMS_KEKRecipientInfo)
+
+ASN1_SEQUENCE(CMS_PasswordRecipientInfo) = {
+	ASN1_SIMPLE(CMS_PasswordRecipientInfo, version, LONG),
+	ASN1_IMP_OPT(CMS_PasswordRecipientInfo, keyDerivationAlgorithm, X509_ALGOR, 0),
+	ASN1_SIMPLE(CMS_PasswordRecipientInfo, keyEncryptionAlgorithm, X509_ALGOR),
+	ASN1_SIMPLE(CMS_PasswordRecipientInfo, encryptedKey, ASN1_OCTET_STRING)
+} ASN1_SEQUENCE_END(CMS_PasswordRecipientInfo)
+
+ASN1_SEQUENCE(CMS_OtherRecipientInfo) = {
+  ASN1_SIMPLE(CMS_OtherRecipientInfo, oriType, ASN1_OBJECT),
+  ASN1_OPT(CMS_OtherRecipientInfo, oriValue, ASN1_ANY)
+} ASN1_SEQUENCE_END(CMS_OtherRecipientInfo)
+
+/* Free up RecipientInfo additional data */
+static int cms_ri_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
+							void *exarg)
+	{
+	if(operation == ASN1_OP_FREE_PRE)
+		{
+		CMS_RecipientInfo *ri = (CMS_RecipientInfo *)*pval;
+		if (ri->type == CMS_RECIPINFO_TRANS)
+			{
+			CMS_KeyTransRecipientInfo *ktri = ri->d.ktri;
+			if (ktri->pkey)
+				EVP_PKEY_free(ktri->pkey);
+			if (ktri->recip)
+				X509_free(ktri->recip);
+			}
+		else if (ri->type == CMS_RECIPINFO_KEK)
+			{
+			CMS_KEKRecipientInfo *kekri = ri->d.kekri;
+			if (kekri->key)
+				{
+				OPENSSL_cleanse(kekri->key, kekri->keylen);
+				OPENSSL_free(kekri->key);
+				}
+			}
+		else if (ri->type == CMS_RECIPINFO_PASS)
+			{
+			CMS_PasswordRecipientInfo *pwri = ri->d.pwri;
+			if (pwri->pass)
+				{
+				OPENSSL_cleanse(pwri->pass, pwri->passlen);
+				OPENSSL_free(pwri->pass);
+				}
+			}
+		}
+	return 1;
+	}
+
+ASN1_CHOICE_cb(CMS_RecipientInfo, cms_ri_cb) = {
+	ASN1_SIMPLE(CMS_RecipientInfo, d.ktri, CMS_KeyTransRecipientInfo),
+	ASN1_IMP(CMS_RecipientInfo, d.kari, CMS_KeyAgreeRecipientInfo, 1),
+	ASN1_IMP(CMS_RecipientInfo, d.kekri, CMS_KEKRecipientInfo, 2),
+	ASN1_IMP(CMS_RecipientInfo, d.pwri, CMS_PasswordRecipientInfo, 3),
+	ASN1_IMP(CMS_RecipientInfo, d.ori, CMS_OtherRecipientInfo, 4)
+} ASN1_CHOICE_END_cb(CMS_RecipientInfo, CMS_RecipientInfo, type)
+
+ASN1_NDEF_SEQUENCE(CMS_EnvelopedData) = {
+	ASN1_SIMPLE(CMS_EnvelopedData, version, LONG),
+	ASN1_IMP_OPT(CMS_EnvelopedData, originatorInfo, CMS_OriginatorInfo, 0),
+	ASN1_SET_OF(CMS_EnvelopedData, recipientInfos, CMS_RecipientInfo),
+	ASN1_SIMPLE(CMS_EnvelopedData, encryptedContentInfo, CMS_EncryptedContentInfo),
+	ASN1_IMP_SET_OF_OPT(CMS_EnvelopedData, unprotectedAttrs, X509_ATTRIBUTE, 1)
+} ASN1_NDEF_SEQUENCE_END(CMS_EnvelopedData)
+
+ASN1_NDEF_SEQUENCE(CMS_DigestedData) = {
+	ASN1_SIMPLE(CMS_DigestedData, version, LONG),
+	ASN1_SIMPLE(CMS_DigestedData, digestAlgorithm, X509_ALGOR),
+	ASN1_SIMPLE(CMS_DigestedData, encapContentInfo, CMS_EncapsulatedContentInfo),
+	ASN1_SIMPLE(CMS_DigestedData, digest, ASN1_OCTET_STRING)
+} ASN1_NDEF_SEQUENCE_END(CMS_DigestedData)
+
+ASN1_NDEF_SEQUENCE(CMS_EncryptedData) = {
+	ASN1_SIMPLE(CMS_EncryptedData, version, LONG),
+	ASN1_SIMPLE(CMS_EncryptedData, encryptedContentInfo, CMS_EncryptedContentInfo),
+	ASN1_IMP_SET_OF_OPT(CMS_EncryptedData, unprotectedAttrs, X509_ATTRIBUTE, 1)
+} ASN1_NDEF_SEQUENCE_END(CMS_EncryptedData)
+
+ASN1_NDEF_SEQUENCE(CMS_AuthenticatedData) = {
+	ASN1_SIMPLE(CMS_AuthenticatedData, version, LONG),
+	ASN1_IMP_OPT(CMS_AuthenticatedData, originatorInfo, CMS_OriginatorInfo, 0),
+	ASN1_SET_OF(CMS_AuthenticatedData, recipientInfos, CMS_RecipientInfo),
+	ASN1_SIMPLE(CMS_AuthenticatedData, macAlgorithm, X509_ALGOR),
+	ASN1_IMP(CMS_AuthenticatedData, digestAlgorithm, X509_ALGOR, 1),
+	ASN1_SIMPLE(CMS_AuthenticatedData, encapContentInfo, CMS_EncapsulatedContentInfo),
+	ASN1_IMP_SET_OF_OPT(CMS_AuthenticatedData, authAttrs, X509_ALGOR, 2),
+	ASN1_SIMPLE(CMS_AuthenticatedData, mac, ASN1_OCTET_STRING),
+	ASN1_IMP_SET_OF_OPT(CMS_AuthenticatedData, unauthAttrs, X509_ALGOR, 3)
+} ASN1_NDEF_SEQUENCE_END(CMS_AuthenticatedData)
+
+ASN1_NDEF_SEQUENCE(CMS_CompressedData) = {
+	ASN1_SIMPLE(CMS_CompressedData, version, LONG),
+	ASN1_SIMPLE(CMS_CompressedData, compressionAlgorithm, X509_ALGOR),
+	ASN1_SIMPLE(CMS_CompressedData, encapContentInfo, CMS_EncapsulatedContentInfo),
+} ASN1_NDEF_SEQUENCE_END(CMS_CompressedData)
+
+/* This is the ANY DEFINED BY table for the top level ContentInfo structure */
+
+ASN1_ADB_TEMPLATE(cms_default) = ASN1_EXP(CMS_ContentInfo, d.other, ASN1_ANY, 0);
+
+ASN1_ADB(CMS_ContentInfo) = {
+	ADB_ENTRY(NID_pkcs7_data, ASN1_NDEF_EXP(CMS_ContentInfo, d.data, ASN1_OCTET_STRING_NDEF, 0)),
+	ADB_ENTRY(NID_pkcs7_signed, ASN1_NDEF_EXP(CMS_ContentInfo, d.signedData, CMS_SignedData, 0)),
+	ADB_ENTRY(NID_pkcs7_enveloped, ASN1_NDEF_EXP(CMS_ContentInfo, d.envelopedData, CMS_EnvelopedData, 0)),
+	ADB_ENTRY(NID_pkcs7_digest, ASN1_NDEF_EXP(CMS_ContentInfo, d.digestedData, CMS_DigestedData, 0)),
+	ADB_ENTRY(NID_pkcs7_encrypted, ASN1_NDEF_EXP(CMS_ContentInfo, d.encryptedData, CMS_EncryptedData, 0)),
+	ADB_ENTRY(NID_id_smime_ct_authData, ASN1_NDEF_EXP(CMS_ContentInfo, d.authenticatedData, CMS_AuthenticatedData, 0)),
+	ADB_ENTRY(NID_id_smime_ct_compressedData, ASN1_NDEF_EXP(CMS_ContentInfo, d.compressedData, CMS_CompressedData, 0)),
+} ASN1_ADB_END(CMS_ContentInfo, 0, contentType, 0, &cms_default_tt, NULL);
+
+/* CMS streaming support */
+static int cms_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
+							void *exarg)
+	{
+	ASN1_STREAM_ARG *sarg = exarg;
+	CMS_ContentInfo *cms = NULL;
+	if (pval)
+		cms = (CMS_ContentInfo *)*pval;
+	else
+		return 1;
+	switch(operation)
+		{
+
+		case ASN1_OP_STREAM_PRE:
+		if (CMS_stream(&sarg->boundary, cms) <= 0)
+			return 0;
+		case ASN1_OP_DETACHED_PRE:
+		sarg->ndef_bio = CMS_dataInit(cms, sarg->out);
+		if (!sarg->ndef_bio)
+			return 0;
+		break;
+
+		case ASN1_OP_STREAM_POST:
+		case ASN1_OP_DETACHED_POST:
+		if (CMS_dataFinal(cms, sarg->ndef_bio) <= 0)
+			return 0;
+		break;
+
+		}
+	return 1;
+	}
+
+ASN1_NDEF_SEQUENCE_cb(CMS_ContentInfo, cms_cb) = {
+	ASN1_SIMPLE(CMS_ContentInfo, contentType, ASN1_OBJECT),
+	ASN1_ADB_OBJECT(CMS_ContentInfo)
+} ASN1_NDEF_SEQUENCE_END_cb(CMS_ContentInfo, CMS_ContentInfo)
+
+/* Specials for signed attributes */
+
+/* When signing attributes we want to reorder them to match the sorted
+ * encoding.
+ */
+
+ASN1_ITEM_TEMPLATE(CMS_Attributes_Sign) = 
+	ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SET_ORDER, 0, CMS_ATTRIBUTES, X509_ATTRIBUTE)
+ASN1_ITEM_TEMPLATE_END(CMS_Attributes_Sign)
+
+/* When verifying attributes we need to use the received order. So 
+ * we use SEQUENCE OF and tag it to SET OF
+ */
+
+ASN1_ITEM_TEMPLATE(CMS_Attributes_Verify) = 
+	ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_IMPTAG | ASN1_TFLG_UNIVERSAL,
+				V_ASN1_SET, CMS_ATTRIBUTES, X509_ATTRIBUTE)
+ASN1_ITEM_TEMPLATE_END(CMS_Attributes_Verify)
+
+
+
+ASN1_CHOICE(CMS_ReceiptsFrom) = {
+  ASN1_IMP(CMS_ReceiptsFrom, d.allOrFirstTier, LONG, 0),
+  ASN1_IMP_SEQUENCE_OF(CMS_ReceiptsFrom, d.receiptList, GENERAL_NAMES, 1)
+} ASN1_CHOICE_END(CMS_ReceiptsFrom)
+
+ASN1_SEQUENCE(CMS_ReceiptRequest) = {
+  ASN1_SIMPLE(CMS_ReceiptRequest, signedContentIdentifier, ASN1_OCTET_STRING),
+  ASN1_SIMPLE(CMS_ReceiptRequest, receiptsFrom, CMS_ReceiptsFrom),
+  ASN1_SEQUENCE_OF(CMS_ReceiptRequest, receiptsTo, GENERAL_NAMES)
+} ASN1_SEQUENCE_END(CMS_ReceiptRequest)
+
+ASN1_SEQUENCE(CMS_Receipt) = {
+  ASN1_SIMPLE(CMS_Receipt, version, LONG),
+  ASN1_SIMPLE(CMS_Receipt, contentType, ASN1_OBJECT),
+  ASN1_SIMPLE(CMS_Receipt, signedContentIdentifier, ASN1_OCTET_STRING),
+  ASN1_SIMPLE(CMS_Receipt, originatorSignatureValue, ASN1_OCTET_STRING)
+} ASN1_SEQUENCE_END(CMS_Receipt)
+
diff --git a/crypto/cms/cms_att.c b/crypto/cms/cms_att.c
new file mode 100644
index 0000000000..5b71722ebc
--- /dev/null
+++ b/crypto/cms/cms_att.c
@@ -0,0 +1,195 @@
+/* crypto/cms/cms_att.c */
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project.
+ */
+/* ====================================================================
+ * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+#include <openssl/asn1t.h>
+#include <openssl/pem.h>
+#include <openssl/x509v3.h>
+#include <openssl/err.h>
+#include "cms.h"
+#include "cms_lcl.h"
+
+/* CMS SignedData Attribute utilities */
+
+int CMS_signed_get_attr_count(const CMS_SignerInfo *si)
+{
+	return X509at_get_attr_count(si->signedAttrs);
+}
+
+int CMS_signed_get_attr_by_NID(const CMS_SignerInfo *si, int nid,
+			  int lastpos)
+{
+	return X509at_get_attr_by_NID(si->signedAttrs, nid, lastpos);
+}
+
+int CMS_signed_get_attr_by_OBJ(const CMS_SignerInfo *si, ASN1_OBJECT *obj,
+			  int lastpos)
+{
+	return X509at_get_attr_by_OBJ(si->signedAttrs, obj, lastpos);
+}
+
+X509_ATTRIBUTE *CMS_signed_get_attr(const CMS_SignerInfo *si, int loc)
+{
+	return X509at_get_attr(si->signedAttrs, loc);
+}
+
+X509_ATTRIBUTE *CMS_signed_delete_attr(CMS_SignerInfo *si, int loc)
+{
+	return X509at_delete_attr(si->signedAttrs, loc);
+}
+
+int CMS_signed_add1_attr(CMS_SignerInfo *si, X509_ATTRIBUTE *attr)
+{
+	if(X509at_add1_attr(&si->signedAttrs, attr)) return 1;
+	return 0;
+}
+
+int CMS_signed_add1_attr_by_OBJ(CMS_SignerInfo *si,
+			const ASN1_OBJECT *obj, int type,
+			const void *bytes, int len)
+{
+	if(X509at_add1_attr_by_OBJ(&si->signedAttrs, obj,
+				type, bytes, len)) return 1;
+	return 0;
+}
+
+int CMS_signed_add1_attr_by_NID(CMS_SignerInfo *si,
+			int nid, int type,
+			const void *bytes, int len)
+{
+	if(X509at_add1_attr_by_NID(&si->signedAttrs, nid,
+				type, bytes, len)) return 1;
+	return 0;
+}
+
+int CMS_signed_add1_attr_by_txt(CMS_SignerInfo *si,
+			const char *attrname, int type,
+			const void *bytes, int len)
+{
+	if(X509at_add1_attr_by_txt(&si->signedAttrs, attrname,
+				type, bytes, len)) return 1;
+	return 0;
+}
+
+void *CMS_signed_get0_data_by_OBJ(CMS_SignerInfo *si, ASN1_OBJECT *oid,
+					int lastpos, int type)
+{
+	return X509at_get0_data_by_OBJ(si->signedAttrs, oid, lastpos, type);
+}
+
+int CMS_unsigned_get_attr_count(const CMS_SignerInfo *si)
+{
+	return X509at_get_attr_count(si->unsignedAttrs);
+}
+
+int CMS_unsigned_get_attr_by_NID(const CMS_SignerInfo *si, int nid,
+			  int lastpos)
+{
+	return X509at_get_attr_by_NID(si->unsignedAttrs, nid, lastpos);
+}
+
+int CMS_unsigned_get_attr_by_OBJ(const CMS_SignerInfo *si, ASN1_OBJECT *obj,
+			  int lastpos)
+{
+	return X509at_get_attr_by_OBJ(si->unsignedAttrs, obj, lastpos);
+}
+
+X509_ATTRIBUTE *CMS_unsigned_get_attr(const CMS_SignerInfo *si, int loc)
+{
+	return X509at_get_attr(si->unsignedAttrs, loc);
+}
+
+X509_ATTRIBUTE *CMS_unsigned_delete_attr(CMS_SignerInfo *si, int loc)
+{
+	return X509at_delete_attr(si->unsignedAttrs, loc);
+}
+
+int CMS_unsigned_add1_attr(CMS_SignerInfo *si, X509_ATTRIBUTE *attr)
+{
+	if(X509at_add1_attr(&si->unsignedAttrs, attr)) return 1;
+	return 0;
+}
+
+int CMS_unsigned_add1_attr_by_OBJ(CMS_SignerInfo *si,
+			const ASN1_OBJECT *obj, int type,
+			const void *bytes, int len)
+{
+	if(X509at_add1_attr_by_OBJ(&si->unsignedAttrs, obj,
+				type, bytes, len)) return 1;
+	return 0;
+}
+
+int CMS_unsigned_add1_attr_by_NID(CMS_SignerInfo *si,
+			int nid, int type,
+			const void *bytes, int len)
+{
+	if(X509at_add1_attr_by_NID(&si->unsignedAttrs, nid,
+				type, bytes, len)) return 1;
+	return 0;
+}
+
+int CMS_unsigned_add1_attr_by_txt(CMS_SignerInfo *si,
+			const char *attrname, int type,
+			const void *bytes, int len)
+{
+	if(X509at_add1_attr_by_txt(&si->unsignedAttrs, attrname,
+				type, bytes, len)) return 1;
+	return 0;
+}
+
+void *CMS_unsigned_get0_data_by_OBJ(CMS_SignerInfo *si, ASN1_OBJECT *oid,
+					int lastpos, int type)
+{
+	return X509at_get0_data_by_OBJ(si->unsignedAttrs, oid, lastpos, type);
+}
+
+/* Specific attribute cases */
diff --git a/crypto/cms/cms_cd.c b/crypto/cms/cms_cd.c
new file mode 100644
index 0000000000..a5fc2c4e2b
--- /dev/null
+++ b/crypto/cms/cms_cd.c
@@ -0,0 +1,134 @@
+/* crypto/cms/cms_cd.c */
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project.
+ */
+/* ====================================================================
+ * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+#include "cryptlib.h"
+#include <openssl/asn1t.h>
+#include <openssl/pem.h>
+#include <openssl/x509v3.h>
+#include <openssl/err.h>
+#include <openssl/cms.h>
+#include <openssl/bio.h>
+#include <openssl/comp.h>
+#include "cms_lcl.h"
+
+DECLARE_ASN1_ITEM(CMS_CompressedData)
+
+#ifdef ZLIB
+
+/* CMS CompressedData Utilities */
+
+CMS_ContentInfo *cms_CompressedData_create(int comp_nid)
+	{
+	CMS_ContentInfo *cms;
+	CMS_CompressedData *cd;
+	/* Will need something cleverer if there is ever more than one
+	 * compression algorithm or parameters have some meaning...
+	 */
+	if (comp_nid != NID_zlib_compression)
+		{
+		CMSerr(CMS_F_CMS_COMPRESSEDDATA_CREATE,
+				CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM);
+		return NULL;
+		}
+	cms = CMS_ContentInfo_new();
+	if (!cms)
+		return NULL;
+
+	cd = M_ASN1_new_of(CMS_CompressedData);
+
+	if (!cd)
+		goto err;
+
+	cms->contentType = OBJ_nid2obj(NID_id_smime_ct_compressedData);
+	cms->d.compressedData = cd;
+
+	cd->version = 0;
+
+	X509_ALGOR_set0(cd->compressionAlgorithm,
+			OBJ_nid2obj(NID_zlib_compression),
+			V_ASN1_UNDEF, NULL);
+
+	cd->encapContentInfo->eContentType = OBJ_nid2obj(NID_pkcs7_data);
+
+	return cms;
+
+	err:
+
+	if (cms)
+		CMS_ContentInfo_free(cms);
+
+	return NULL;
+	}
+
+BIO *cms_CompressedData_init_bio(CMS_ContentInfo *cms)
+	{
+	CMS_CompressedData *cd;
+	ASN1_OBJECT *compoid;
+	if (OBJ_obj2nid(cms->contentType) != NID_id_smime_ct_compressedData)
+		{
+		CMSerr(CMS_F_CMS_COMPRESSEDDATA_INIT_BIO,
+				CMS_R_CONTENT_TYPE_NOT_COMPRESSED_DATA);
+		return NULL;
+		}
+	cd = cms->d.compressedData;
+	X509_ALGOR_get0(&compoid, NULL, NULL, cd->compressionAlgorithm);
+	if (OBJ_obj2nid(compoid) != NID_zlib_compression)
+		{
+		CMSerr(CMS_F_CMS_COMPRESSEDDATA_INIT_BIO,
+				CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM);
+		return NULL;
+		}
+	return BIO_new(BIO_f_zlib());
+	}
+
+#endif
diff --git a/crypto/cms/cms_dd.c b/crypto/cms/cms_dd.c
new file mode 100644
index 0000000000..8919c15be1
--- /dev/null
+++ b/crypto/cms/cms_dd.c
@@ -0,0 +1,148 @@
+/* crypto/cms/cms_dd.c */
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project.
+ */
+/* ====================================================================
+ * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+#include "cryptlib.h"
+#include <openssl/asn1t.h>
+#include <openssl/pem.h>
+#include <openssl/x509v3.h>
+#include <openssl/err.h>
+#include <openssl/cms.h>
+#include "cms_lcl.h"
+
+DECLARE_ASN1_ITEM(CMS_DigestedData)
+
+/* CMS DigestedData Utilities */
+
+CMS_ContentInfo *cms_DigestedData_create(const EVP_MD *md)
+	{
+	CMS_ContentInfo *cms;
+	CMS_DigestedData *dd;
+	cms = CMS_ContentInfo_new();
+	if (!cms)
+		return NULL;
+
+	dd = M_ASN1_new_of(CMS_DigestedData);
+
+	if (!dd)
+		goto err;
+
+	cms->contentType = OBJ_nid2obj(NID_pkcs7_digest);
+	cms->d.digestedData = dd;
+
+	dd->version = 0;
+	dd->encapContentInfo->eContentType = OBJ_nid2obj(NID_pkcs7_data);
+
+	cms_DigestAlgorithm_set(dd->digestAlgorithm, md);
+
+	return cms;
+
+	err:
+
+	if (cms)
+		CMS_ContentInfo_free(cms);
+
+	return NULL;
+	}
+
+BIO *cms_DigestedData_init_bio(CMS_ContentInfo *cms)
+	{
+	CMS_DigestedData *dd;
+	dd = cms->d.digestedData;
+	return cms_DigestAlgorithm_init_bio(dd->digestAlgorithm);
+	}
+
+int cms_DigestedData_do_final(CMS_ContentInfo *cms, BIO *chain, int verify)
+	{
+	EVP_MD_CTX mctx;
+	unsigned char md[EVP_MAX_MD_SIZE];
+	unsigned int mdlen;
+	int r = 0;
+	CMS_DigestedData *dd;
+	EVP_MD_CTX_init(&mctx);
+
+	dd = cms->d.digestedData;
+
+	if (!cms_DigestAlgorithm_find_ctx(&mctx, chain, dd->digestAlgorithm))
+		goto err;
+
+	if (EVP_DigestFinal_ex(&mctx, md, &mdlen) <= 0)
+		goto err;
+
+	if (verify)
+		{
+		if (mdlen != (unsigned int)dd->digest->length)
+			{
+			CMSerr(CMS_F_CMS_DIGESTEDDATA_DO_FINAL,
+				CMS_R_MESSAGEDIGEST_WRONG_LENGTH);
+			goto err;
+			}
+
+		if (memcmp(md, dd->digest->data, mdlen))
+			CMSerr(CMS_F_CMS_DIGESTEDDATA_DO_FINAL,
+				CMS_R_VERIFICATION_FAILURE);
+		else
+			r = 1;
+		}
+	else
+		{
+		if (!ASN1_STRING_set(dd->digest, md, mdlen))
+			goto err;
+		r = 1;
+		}
+
+	err:
+	EVP_MD_CTX_cleanup(&mctx);
+
+	return r;
+
+	}
diff --git a/crypto/cms/cms_enc.c b/crypto/cms/cms_enc.c
new file mode 100644
index 0000000000..bab26235bd
--- /dev/null
+++ b/crypto/cms/cms_enc.c
@@ -0,0 +1,262 @@
+/* crypto/cms/cms_enc.c */
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project.
+ */
+/* ====================================================================
+ * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+#include "cryptlib.h"
+#include <openssl/asn1t.h>
+#include <openssl/pem.h>
+#include <openssl/x509v3.h>
+#include <openssl/err.h>
+#include <openssl/cms.h>
+#include <openssl/rand.h>
+#include "cms_lcl.h"
+
+/* CMS EncryptedData Utilities */
+
+DECLARE_ASN1_ITEM(CMS_EncryptedData)
+
+/* Return BIO based on EncryptedContentInfo and key */
+
+BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec)
+	{
+	BIO *b;
+	EVP_CIPHER_CTX *ctx;
+	const EVP_CIPHER *ciph;
+	X509_ALGOR *calg = ec->contentEncryptionAlgorithm;
+	unsigned char iv[EVP_MAX_IV_LENGTH], *piv = NULL;
+
+	int ok = 0;
+
+	int enc, keep_key = 0;
+
+	enc = ec->cipher ? 1 : 0;
+
+	b = BIO_new(BIO_f_cipher());
+	if (!b)
+		{
+		CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
+							ERR_R_MALLOC_FAILURE);
+		return NULL;
+		}
+
+	BIO_get_cipher_ctx(b, &ctx);
+
+	if (enc)
+		{
+		ciph = ec->cipher;
+		/* If not keeping key set cipher to NULL so subsequent calls
+		 * decrypt.
+		 */
+		if (ec->key)
+			ec->cipher = NULL;
+		}
+	else
+		{
+		ciph = EVP_get_cipherbyobj(calg->algorithm);
+
+		if (!ciph)
+			{
+			CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
+							CMS_R_UNKNOWN_CIPHER);
+			goto err;
+			}
+		}
+
+	if (EVP_CipherInit_ex(ctx, ciph, NULL, NULL, NULL, enc) <= 0)
+		{
+		CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
+				CMS_R_CIPHER_INITIALISATION_ERROR);
+		goto err;
+		}
+
+	if (enc)
+		{
+		int ivlen;
+		calg->algorithm = OBJ_nid2obj(EVP_CIPHER_CTX_type(ctx));
+		/* Generate a random IV if we need one */
+		ivlen = EVP_CIPHER_CTX_iv_length(ctx);
+		if (ivlen > 0)
+			{
+			if (RAND_pseudo_bytes(iv, ivlen) <= 0)
+				goto err;
+			piv = iv;
+			}
+		}
+	else if (EVP_CIPHER_asn1_to_param(ctx, calg->parameter) <= 0)
+		{
+		CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
+				CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR);
+		goto err;
+		}
+
+
+	if (enc && !ec->key)
+		{
+		/* Generate random key */
+		if (!ec->keylen)
+			ec->keylen = EVP_CIPHER_CTX_key_length(ctx);
+		ec->key = OPENSSL_malloc(ec->keylen);
+		if (!ec->key)
+			{
+			CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
+							ERR_R_MALLOC_FAILURE);
+			goto err;
+			}
+		if (EVP_CIPHER_CTX_rand_key(ctx, ec->key) <= 0)
+			goto err;
+		keep_key = 1;
+		}
+	else if (ec->keylen != (unsigned int)EVP_CIPHER_CTX_key_length(ctx))
+		{
+		/* If necessary set key length */
+		if (EVP_CIPHER_CTX_set_key_length(ctx, ec->keylen) <= 0)
+			{
+			CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
+				CMS_R_INVALID_KEY_LENGTH);
+			goto err;
+			}
+		}
+
+	if (EVP_CipherInit_ex(ctx, NULL, NULL, ec->key, piv, enc) <= 0)
+		{
+		CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
+				CMS_R_CIPHER_INITIALISATION_ERROR);
+		goto err;
+		}
+
+	if (piv)
+		{
+		calg->parameter = ASN1_TYPE_new();
+		if (!calg->parameter)
+			{
+			CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
+							ERR_R_MALLOC_FAILURE);
+			goto err;
+			}
+		if (EVP_CIPHER_param_to_asn1(ctx, calg->parameter) <= 0)
+			{
+			CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
+				CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR);
+			goto err;
+			}
+		}
+	ok = 1;
+
+	err:
+	if (ec->key && !keep_key)
+		{
+		OPENSSL_cleanse(ec->key, ec->keylen);
+		OPENSSL_free(ec->key);
+		ec->key = NULL;
+		}
+	if (ok)
+		return b;
+	BIO_free(b);
+	return NULL;
+	}
+
+int cms_EncryptedContent_init(CMS_EncryptedContentInfo *ec, 
+				const EVP_CIPHER *cipher,
+				const unsigned char *key, size_t keylen)
+	{
+	ec->cipher = cipher;
+	if (key)
+		{
+		ec->key = OPENSSL_malloc(keylen);
+		if (!ec->key)
+			return 0;
+		memcpy(ec->key, key, keylen);
+		}
+	ec->keylen = keylen;
+	if (cipher)
+		ec->contentType = OBJ_nid2obj(NID_pkcs7_data);
+	return 1;
+	}
+
+int CMS_EncryptedData_set1_key(CMS_ContentInfo *cms, const EVP_CIPHER *ciph,
+				const unsigned char *key, size_t keylen)
+	{
+	CMS_EncryptedContentInfo *ec;
+	if (!key || !keylen)
+		{
+		CMSerr(CMS_F_CMS_ENCRYPTEDDATA_SET1_KEY, CMS_R_NO_KEY);
+		return 0;
+		}
+	if (ciph)
+		{
+		cms->d.encryptedData = M_ASN1_new_of(CMS_EncryptedData);
+		if (!cms->d.encryptedData)
+			{
+			CMSerr(CMS_F_CMS_ENCRYPTEDDATA_SET1_KEY,
+				ERR_R_MALLOC_FAILURE);
+			return 0;
+			}
+		cms->contentType = OBJ_nid2obj(NID_pkcs7_encrypted);
+		cms->d.encryptedData->version = 0;
+		}
+	else if (OBJ_obj2nid(cms->contentType) != NID_pkcs7_encrypted)
+		{
+		CMSerr(CMS_F_CMS_ENCRYPTEDDATA_SET1_KEY,
+						CMS_R_NOT_ENCRYPTED_DATA);
+		return 0;
+		}
+	ec = cms->d.encryptedData->encryptedContentInfo;
+	return cms_EncryptedContent_init(ec, ciph, key, keylen);
+	}
+
+BIO *cms_EncryptedData_init_bio(CMS_ContentInfo *cms)
+	{
+	CMS_EncryptedData *enc = cms->d.encryptedData;
+	if (enc->encryptedContentInfo->cipher && enc->unprotectedAttrs)
+		enc->version = 2;
+	return cms_EncryptedContent_init_bio(enc->encryptedContentInfo);
+	}
diff --git a/crypto/cms/cms_env.c b/crypto/cms/cms_env.c
new file mode 100644
index 0000000000..87d67d33ea
--- /dev/null
+++ b/crypto/cms/cms_env.c
@@ -0,0 +1,868 @@
+/* crypto/cms/cms_env.c */
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project.
+ */
+/* ====================================================================
+ * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+#include "cryptlib.h"
+#include <openssl/asn1t.h>
+#include <openssl/pem.h>
+#include <openssl/x509v3.h>
+#include <openssl/err.h>
+#include <openssl/cms.h>
+#include <openssl/rand.h>
+#include <openssl/aes.h>
+#include "cms_lcl.h"
+#include "asn1_locl.h"
+
+/* CMS EnvelopedData Utilities */
+
+DECLARE_ASN1_ITEM(CMS_EnvelopedData)
+DECLARE_ASN1_ITEM(CMS_KeyTransRecipientInfo)
+DECLARE_ASN1_ITEM(CMS_KEKRecipientInfo)
+DECLARE_ASN1_ITEM(CMS_OtherKeyAttribute)
+
+DECLARE_STACK_OF(CMS_RecipientInfo)
+
+CMS_EnvelopedData *cms_get0_enveloped(CMS_ContentInfo *cms)
+	{
+	if (OBJ_obj2nid(cms->contentType) != NID_pkcs7_enveloped)
+		{
+		CMSerr(CMS_F_CMS_GET0_ENVELOPED,
+				CMS_R_CONTENT_TYPE_NOT_ENVELOPED_DATA);
+		return NULL;
+		}
+	return cms->d.envelopedData;
+	}
+
+static CMS_EnvelopedData *cms_enveloped_data_init(CMS_ContentInfo *cms)
+	{
+	if (cms->d.other == NULL)
+		{
+		cms->d.envelopedData = M_ASN1_new_of(CMS_EnvelopedData);
+		if (!cms->d.envelopedData)
+			{
+			CMSerr(CMS_F_CMS_ENVELOPED_DATA_INIT,
+							ERR_R_MALLOC_FAILURE);
+			return NULL;
+			}
+		cms->d.envelopedData->version = 0;
+		cms->d.envelopedData->encryptedContentInfo->contentType =
+						OBJ_nid2obj(NID_pkcs7_data);
+		ASN1_OBJECT_free(cms->contentType);
+		cms->contentType = OBJ_nid2obj(NID_pkcs7_enveloped);
+		return cms->d.envelopedData;
+		}
+	return cms_get0_enveloped(cms);
+	}
+
+STACK_OF(CMS_RecipientInfo) *CMS_get0_RecipientInfos(CMS_ContentInfo *cms)
+	{
+	CMS_EnvelopedData *env;
+	env = cms_get0_enveloped(cms);
+	if (!env)
+		return NULL;
+	return env->recipientInfos;
+	}
+
+int CMS_RecipientInfo_type(CMS_RecipientInfo *ri)
+	{
+	return ri->type;
+	}
+
+CMS_ContentInfo *CMS_EnvelopedData_create(const EVP_CIPHER *cipher)
+	{
+	CMS_ContentInfo *cms;
+	CMS_EnvelopedData *env;
+	cms = CMS_ContentInfo_new();
+	if (!cms)
+		goto merr;
+	env = cms_enveloped_data_init(cms);
+	if (!env)
+		goto merr;
+	if (!cms_EncryptedContent_init(env->encryptedContentInfo,
+					cipher, NULL, 0))
+		goto merr;
+	return cms;
+	merr:
+	if (cms)
+		CMS_ContentInfo_free(cms);
+	CMSerr(CMS_F_CMS_ENVELOPEDDATA_CREATE, ERR_R_MALLOC_FAILURE);
+	return NULL;
+	}
+
+/* Key Transport Recipient Info (KTRI) routines */
+
+/* Add a recipient certificate. For now only handle key transport.
+ * If we ever handle key agreement will need updating.
+ */
+
+CMS_RecipientInfo *CMS_add1_recipient_cert(CMS_ContentInfo *cms,
+					X509 *recip, unsigned int flags)
+	{
+	CMS_RecipientInfo *ri = NULL;
+	CMS_KeyTransRecipientInfo *ktri;
+	CMS_EnvelopedData *env;
+	EVP_PKEY *pk = NULL;
+	int i, type;
+	env = cms_get0_enveloped(cms);
+	if (!env)
+		goto err;
+
+	/* Initialize recipient info */
+	ri = M_ASN1_new_of(CMS_RecipientInfo);
+	if (!ri)
+		goto merr;
+
+	/* Initialize and add key transport recipient info */
+
+	ri->d.ktri = M_ASN1_new_of(CMS_KeyTransRecipientInfo);
+	if (!ri->d.ktri)
+		goto merr;
+	ri->type = CMS_RECIPINFO_TRANS;
+
+	ktri = ri->d.ktri;
+
+	X509_check_purpose(recip, -1, -1);
+	pk = X509_get_pubkey(recip);
+	if (!pk)
+		{
+		CMSerr(CMS_F_CMS_ADD1_RECIPIENT_CERT,
+				CMS_R_ERROR_GETTING_PUBLIC_KEY);
+		goto err;
+		}
+	CRYPTO_add(&recip->references, 1, CRYPTO_LOCK_X509);
+	ktri->pkey = pk;
+	ktri->recip = recip;
+
+	if (flags & CMS_USE_KEYID)
+		{
+		ktri->version = 2;
+		type = CMS_RECIPINFO_KEYIDENTIFIER;
+		}
+	else
+		{
+		ktri->version = 0;
+		type = CMS_RECIPINFO_ISSUER_SERIAL;
+		}
+
+	/* Not a typo: RecipientIdentifier and SignerIdentifier are the
+	 * same structure.
+	 */
+
+	if (!cms_set1_SignerIdentifier(ktri->rid, recip, type))
+		goto err;
+
+	if (pk->ameth && pk->ameth->pkey_ctrl)
+		{
+		i = pk->ameth->pkey_ctrl(pk, ASN1_PKEY_CTRL_CMS_ENVELOPE,
+						0, ri);
+		if (i == -2)
+			{
+			CMSerr(CMS_F_CMS_ADD1_RECIPIENT_CERT,
+				CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE);
+			goto err;
+			}
+		if (i <= 0)
+			{
+			CMSerr(CMS_F_CMS_ADD1_RECIPIENT_CERT,
+				CMS_R_CTRL_FAILURE);
+			goto err;
+			}
+		}
+
+	if (!sk_CMS_RecipientInfo_push(env->recipientInfos, ri))
+		goto merr;
+
+	return ri;
+
+	merr:
+	CMSerr(CMS_F_CMS_ADD1_RECIPIENT_CERT, ERR_R_MALLOC_FAILURE);
+	err:
+	if (ri)
+		M_ASN1_free_of(ri, CMS_RecipientInfo);
+	return NULL;
+
+	}
+
+int CMS_RecipientInfo_ktri_get0_algs(CMS_RecipientInfo *ri,
+					EVP_PKEY **pk, X509 **recip,
+					X509_ALGOR **palg)
+	{
+	CMS_KeyTransRecipientInfo *ktri;
+	if (ri->type != CMS_RECIPINFO_TRANS)
+		{
+		CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_ALGS,
+			CMS_R_NOT_KEY_TRANSPORT);
+		return 0;
+		}
+
+	ktri = ri->d.ktri;
+
+	if (pk)
+		*pk = ktri->pkey;
+	if (recip)
+		*recip = ktri->recip;
+	if (palg)
+		*palg = ktri->keyEncryptionAlgorithm;
+	return 1;
+	}
+
+int CMS_RecipientInfo_ktri_get0_signer_id(CMS_RecipientInfo *ri,
+					ASN1_OCTET_STRING **keyid,
+					X509_NAME **issuer, ASN1_INTEGER **sno)
+	{
+	CMS_KeyTransRecipientInfo *ktri;
+	if (ri->type != CMS_RECIPINFO_TRANS)
+		{
+		CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_SIGNER_ID,
+			CMS_R_NOT_KEY_TRANSPORT);
+		return 0;
+		}
+	ktri = ri->d.ktri;
+
+	return cms_SignerIdentifier_get0_signer_id(ktri->rid,
+							keyid, issuer, sno);
+	}
+
+int CMS_RecipientInfo_ktri_cert_cmp(CMS_RecipientInfo *ri, X509 *cert)
+	{
+	if (ri->type != CMS_RECIPINFO_TRANS)
+		{
+		CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_CERT_CMP,
+			CMS_R_NOT_KEY_TRANSPORT);
+		return -2;
+		}
+	return cms_SignerIdentifier_cert_cmp(ri->d.ktri->rid, cert);
+	}
+
+int CMS_RecipientInfo_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pkey)
+	{
+	if (ri->type != CMS_RECIPINFO_TRANS)
+		{
+		CMSerr(CMS_F_CMS_RECIPIENTINFO_SET0_PKEY,
+			CMS_R_NOT_KEY_TRANSPORT);
+		return 0;
+		}
+	ri->d.ktri->pkey = pkey;
+	return 1;
+	}
+
+/* Encrypt content key in key transport recipient info */
+
+static int cms_RecipientInfo_ktri_encrypt(CMS_ContentInfo *cms,
+					CMS_RecipientInfo *ri)
+	{
+	CMS_KeyTransRecipientInfo *ktri;
+	CMS_EncryptedContentInfo *ec;
+	EVP_PKEY_CTX *pctx = NULL;
+	unsigned char *ek = NULL;
+	size_t eklen;
+
+	int ret = 0;
+
+	if (ri->type != CMS_RECIPINFO_TRANS)
+		{
+		CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_ENCRYPT,
+			CMS_R_NOT_KEY_TRANSPORT);
+		return 0;
+		}
+	ktri = ri->d.ktri;
+	ec = cms->d.envelopedData->encryptedContentInfo;
+
+	pctx = EVP_PKEY_CTX_new(ktri->pkey, NULL);
+	if (!pctx)
+		return 0;
+
+	if (EVP_PKEY_encrypt_init(pctx) <= 0)
+		goto err;
+
+	if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_ENCRYPT,
+				EVP_PKEY_CTRL_CMS_ENCRYPT, 0, ri) <= 0)
+		{
+		CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_ENCRYPT, CMS_R_CTRL_ERROR);
+		goto err;
+		}
+
+	if (EVP_PKEY_encrypt(pctx, NULL, &eklen, ec->key, ec->keylen) <= 0)
+		goto err;
+
+	ek = OPENSSL_malloc(eklen);
+
+	if (ek == NULL)
+		{
+		CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_ENCRYPT,
+							ERR_R_MALLOC_FAILURE);
+		goto err;
+		}
+
+	if (EVP_PKEY_encrypt(pctx, ek, &eklen, ec->key, ec->keylen) <= 0)
+		goto err;
+
+	ASN1_STRING_set0(ktri->encryptedKey, ek, eklen);
+	ek = NULL;
+
+	ret = 1;
+
+	err:
+	if (pctx)
+		EVP_PKEY_CTX_free(pctx);
+	if (ek)
+		OPENSSL_free(ek);
+	return ret;
+
+	}
+
+/* Decrypt content key from KTRI */
+
+static int cms_RecipientInfo_ktri_decrypt(CMS_ContentInfo *cms,
+							CMS_RecipientInfo *ri)
+	{
+	CMS_KeyTransRecipientInfo *ktri = ri->d.ktri;
+	EVP_PKEY_CTX *pctx = NULL;
+	unsigned char *ek = NULL;
+	size_t eklen;
+	int ret = 0;
+
+	if (ktri->pkey == NULL)
+		{
+		CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_DECRYPT,
+			CMS_R_NO_PRIVATE_KEY);
+		return 0;
+		}
+
+	pctx = EVP_PKEY_CTX_new(ktri->pkey, NULL);
+	if (!pctx)
+		return 0;
+
+	if (EVP_PKEY_decrypt_init(pctx) <= 0)
+		goto err;
+
+	if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DECRYPT,
+				EVP_PKEY_CTRL_CMS_DECRYPT, 0, ri) <= 0)
+		{
+		CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_DECRYPT, CMS_R_CTRL_ERROR);
+		goto err;
+		}
+
+	if (EVP_PKEY_decrypt(pctx, NULL, &eklen,
+				ktri->encryptedKey->data,
+				ktri->encryptedKey->length) <= 0)
+		goto err;
+
+	ek = OPENSSL_malloc(eklen);
+
+	if (ek == NULL)
+		{
+		CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_DECRYPT,
+							ERR_R_MALLOC_FAILURE);
+		goto err;
+		}
+
+	if (EVP_PKEY_decrypt(pctx, ek, &eklen,
+				ktri->encryptedKey->data,
+				ktri->encryptedKey->length) <= 0)
+		{
+		CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_DECRYPT, CMS_R_CMS_LIB);
+		goto err;
+		}
+
+	ret = 1;
+
+	cms->d.envelopedData->encryptedContentInfo->key = ek;
+	cms->d.envelopedData->encryptedContentInfo->keylen = eklen;
+
+	err:
+	if (pctx)
+		EVP_PKEY_CTX_free(pctx);
+	if (!ret && ek)
+		OPENSSL_free(ek);
+
+	return ret;
+	}
+
+/* Key Encrypted Key (KEK) RecipientInfo routines */
+
+int CMS_RecipientInfo_kekri_id_cmp(CMS_RecipientInfo *ri, 
+					const unsigned char *id, size_t idlen)
+	{
+	ASN1_OCTET_STRING tmp_os;
+	CMS_KEKRecipientInfo *kekri;
+	if (ri->type != CMS_RECIPINFO_KEK)
+		{
+		CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_ID_CMP, CMS_R_NOT_KEK);
+		return -2;
+		}
+	kekri = ri->d.kekri;
+	tmp_os.type = V_ASN1_OCTET_STRING;
+	tmp_os.flags = 0;
+	tmp_os.data = (unsigned char *)id;
+	tmp_os.length = (int)idlen;
+	return ASN1_OCTET_STRING_cmp(&tmp_os, kekri->kekid->keyIdentifier);
+	}
+
+/* For now hard code AES key wrap info */
+
+static size_t aes_wrap_keylen(int nid)
+	{
+	switch (nid)
+		{
+		case NID_id_aes128_wrap:
+		return 16;
+
+		case NID_id_aes192_wrap:
+		return  24;
+
+		case NID_id_aes256_wrap:
+		return  32;
+
+		default:
+		return 0;
+		}
+	}
+
+CMS_RecipientInfo *CMS_add0_recipient_key(CMS_ContentInfo *cms, int nid,
+					unsigned char *key, size_t keylen,
+					unsigned char *id, size_t idlen,
+					ASN1_GENERALIZEDTIME *date,
+					ASN1_OBJECT *otherTypeId,
+					ASN1_TYPE *otherType)
+	{
+	CMS_RecipientInfo *ri = NULL;
+	CMS_EnvelopedData *env;
+	CMS_KEKRecipientInfo *kekri;
+	env = cms_get0_enveloped(cms);
+	if (!env)
+		goto err;
+
+	if (nid == NID_undef)
+		{
+		switch (keylen)
+			{
+			case 16:
+			nid = NID_id_aes128_wrap;
+			break;
+
+			case  24:
+			nid = NID_id_aes192_wrap;
+			break;
+
+			case  32:
+			nid = NID_id_aes256_wrap;
+			break;
+
+			default:
+			CMSerr(CMS_F_CMS_ADD0_RECIPIENT_KEY,
+						CMS_R_INVALID_KEY_LENGTH);
+			goto err;
+			}
+
+		}
+	else
+		{
+
+		size_t exp_keylen = aes_wrap_keylen(nid);
+
+		if (!exp_keylen)
+			{
+			CMSerr(CMS_F_CMS_ADD0_RECIPIENT_KEY,
+					CMS_R_UNSUPPORTED_KEK_ALGORITHM);
+			goto err;
+			}
+
+		if (keylen != exp_keylen)
+			{
+			CMSerr(CMS_F_CMS_ADD0_RECIPIENT_KEY,
+					CMS_R_INVALID_KEY_LENGTH);
+			goto err;
+			}
+
+		}
+
+	/* Initialize recipient info */
+	ri = M_ASN1_new_of(CMS_RecipientInfo);
+	if (!ri)
+		goto merr;
+
+	ri->d.kekri = M_ASN1_new_of(CMS_KEKRecipientInfo);
+	if (!ri->d.kekri)
+		goto merr;
+	ri->type = CMS_RECIPINFO_KEK;
+
+	kekri = ri->d.kekri;
+
+	if (otherTypeId)
+		{
+		kekri->kekid->other = M_ASN1_new_of(CMS_OtherKeyAttribute);
+		if (kekri->kekid->other == NULL)
+			goto merr;
+		}
+
+	if (!sk_CMS_RecipientInfo_push(env->recipientInfos, ri))
+		goto merr;
+
+
+	/* After this point no calls can fail */
+
+	kekri->version = 4;
+
+	kekri->key = key;
+	kekri->keylen = keylen;
+
+	ASN1_STRING_set0(kekri->kekid->keyIdentifier, id, idlen);
+
+	kekri->kekid->date = date;
+
+	if (kekri->kekid->other)
+		{
+		kekri->kekid->other->keyAttrId = otherTypeId;
+		kekri->kekid->other->keyAttr = otherType;
+		}
+
+	X509_ALGOR_set0(kekri->keyEncryptionAlgorithm,
+				OBJ_nid2obj(nid), V_ASN1_UNDEF, NULL);
+
+	return ri;
+
+	merr:
+	CMSerr(CMS_F_CMS_ADD0_RECIPIENT_KEY, ERR_R_MALLOC_FAILURE);
+	err:
+	if (ri)
+		M_ASN1_free_of(ri, CMS_RecipientInfo);
+	return NULL;
+
+	}
+
+int CMS_RecipientInfo_kekri_get0_id(CMS_RecipientInfo *ri,
+					X509_ALGOR **palg,
+					ASN1_OCTET_STRING **pid,
+					ASN1_GENERALIZEDTIME **pdate,
+					ASN1_OBJECT **potherid,
+					ASN1_TYPE **pothertype)
+	{
+	CMS_KEKIdentifier *rkid;
+	if (ri->type != CMS_RECIPINFO_KEK)
+		{
+		CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_GET0_ID, CMS_R_NOT_KEK);
+		return 0;
+		}
+	rkid =  ri->d.kekri->kekid;
+	if (palg)
+		*palg = ri->d.kekri->keyEncryptionAlgorithm;
+	if (pid)
+		*pid = rkid->keyIdentifier;
+	if (pdate)
+		*pdate = rkid->date;
+	if (potherid)
+		{
+		if (rkid->other)
+			*potherid = rkid->other->keyAttrId;
+		else
+			*potherid = NULL;
+		}
+	if (pothertype)
+		{
+		if (rkid->other)
+			*pothertype = rkid->other->keyAttr;
+		else
+			*pothertype = NULL;
+		}
+	return 1;
+	}
+
+int CMS_RecipientInfo_set0_key(CMS_RecipientInfo *ri, 
+				unsigned char *key, size_t keylen)
+	{
+	CMS_KEKRecipientInfo *kekri;
+	if (ri->type != CMS_RECIPINFO_KEK)
+		{
+		CMSerr(CMS_F_CMS_RECIPIENTINFO_SET0_KEY, CMS_R_NOT_KEK);
+		return 0;
+		}
+
+	kekri = ri->d.kekri;
+	kekri->key = key;
+	kekri->keylen = keylen;
+	return 1;
+	}
+
+
+/* Encrypt content key in KEK recipient info */
+
+static int cms_RecipientInfo_kekri_encrypt(CMS_ContentInfo *cms,
+					CMS_RecipientInfo *ri)
+	{
+	CMS_EncryptedContentInfo *ec;
+	CMS_KEKRecipientInfo *kekri;
+	AES_KEY actx;
+	unsigned char *wkey = NULL;
+	int wkeylen;
+	int r = 0;
+
+	ec = cms->d.envelopedData->encryptedContentInfo;
+
+	kekri = ri->d.kekri;
+
+	if (!kekri->key)
+		{
+		CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_ENCRYPT, CMS_R_NO_KEY);
+		return 0;
+		}
+
+	if (AES_set_encrypt_key(kekri->key, kekri->keylen << 3, &actx))
+		{ 
+		CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_ENCRYPT,
+						CMS_R_ERROR_SETTING_KEY);
+		goto err;
+		}
+
+	wkey = OPENSSL_malloc(ec->keylen + 8);
+
+	if (!wkey)
+		{ 
+		CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_ENCRYPT,
+						ERR_R_MALLOC_FAILURE);
+		goto err;
+		}
+
+	wkeylen = AES_wrap_key(&actx, NULL, wkey, ec->key, ec->keylen);
+
+	if (wkeylen <= 0)
+		{
+		CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_ENCRYPT, CMS_R_WRAP_ERROR);
+		goto err;
+		}
+
+	ASN1_STRING_set0(kekri->encryptedKey, wkey, wkeylen);
+
+	r = 1;
+
+	err:
+
+	if (!r && wkey)
+		OPENSSL_free(wkey);
+	OPENSSL_cleanse(&actx, sizeof(actx));
+
+	return r;
+
+	}
+
+/* Decrypt content key in KEK recipient info */
+
+static int cms_RecipientInfo_kekri_decrypt(CMS_ContentInfo *cms,
+					CMS_RecipientInfo *ri)
+	{
+	CMS_EncryptedContentInfo *ec;
+	CMS_KEKRecipientInfo *kekri;
+	AES_KEY actx;
+	unsigned char *ukey = NULL;
+	int ukeylen;
+	int r = 0, wrap_nid;
+
+	ec = cms->d.envelopedData->encryptedContentInfo;
+
+	kekri = ri->d.kekri;
+
+	if (!kekri->key)
+		{
+		CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT, CMS_R_NO_KEY);
+		return 0;
+		}
+
+	wrap_nid = OBJ_obj2nid(kekri->keyEncryptionAlgorithm->algorithm);
+	if (aes_wrap_keylen(wrap_nid) != kekri->keylen)
+		{
+		CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT,
+			CMS_R_INVALID_KEY_LENGTH);
+		return 0;
+		}
+
+	/* If encrypted key length is invalid don't bother */
+
+	if (kekri->encryptedKey->length < 16)
+		{ 
+		CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT,
+					CMS_R_INVALID_ENCRYPTED_KEY_LENGTH);
+		goto err;
+		}
+
+	if (AES_set_decrypt_key(kekri->key, kekri->keylen << 3, &actx))
+		{ 
+		CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT,
+						CMS_R_ERROR_SETTING_KEY);
+		goto err;
+		}
+
+	ukey = OPENSSL_malloc(kekri->encryptedKey->length - 8);
+
+	if (!ukey)
+		{ 
+		CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT,
+						ERR_R_MALLOC_FAILURE);
+		goto err;
+		}
+
+	ukeylen = AES_unwrap_key(&actx, NULL, ukey,
+					kekri->encryptedKey->data,
+					kekri->encryptedKey->length);
+
+	if (ukeylen <= 0)
+		{
+		CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT,
+							CMS_R_UNWRAP_ERROR);
+		goto err;
+		}
+
+	ec->key = ukey;
+	ec->keylen = ukeylen;
+
+	r = 1;
+
+	err:
+
+	if (!r && ukey)
+		OPENSSL_free(ukey);
+	OPENSSL_cleanse(&actx, sizeof(actx));
+
+	return r;
+
+	}
+
+int CMS_RecipientInfo_decrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri)
+	{
+	switch(ri->type)
+		{
+		case CMS_RECIPINFO_TRANS:
+		return cms_RecipientInfo_ktri_decrypt(cms, ri);
+
+		case CMS_RECIPINFO_KEK:
+		return cms_RecipientInfo_kekri_decrypt(cms, ri);
+
+		case CMS_RECIPINFO_PASS:
+		return cms_RecipientInfo_pwri_crypt(cms, ri, 0);
+
+		default:
+		CMSerr(CMS_F_CMS_RECIPIENTINFO_DECRYPT,
+			CMS_R_UNSUPPORTED_RECPIENTINFO_TYPE);
+		return 0;
+		}
+	}
+
+BIO *cms_EnvelopedData_init_bio(CMS_ContentInfo *cms)
+	{
+	CMS_EncryptedContentInfo *ec;
+	STACK_OF(CMS_RecipientInfo) *rinfos;
+	CMS_RecipientInfo *ri;
+	int i, r, ok = 0;
+	BIO *ret;
+
+	/* Get BIO first to set up key */
+
+	ec = cms->d.envelopedData->encryptedContentInfo;
+	ret = cms_EncryptedContent_init_bio(ec);
+
+	/* If error or no cipher end of processing */
+
+	if (!ret || !ec->cipher)
+		return ret;
+
+	/* Now encrypt content key according to each RecipientInfo type */
+
+	rinfos = cms->d.envelopedData->recipientInfos;
+
+	for (i = 0; i < sk_CMS_RecipientInfo_num(rinfos); i++)
+		{
+		ri = sk_CMS_RecipientInfo_value(rinfos, i);
+
+		switch (ri->type)
+			{
+			case CMS_RECIPINFO_TRANS:
+			r = cms_RecipientInfo_ktri_encrypt(cms, ri);
+			break;
+
+			case CMS_RECIPINFO_KEK:
+			r = cms_RecipientInfo_kekri_encrypt(cms, ri);
+			break;
+
+			case CMS_RECIPINFO_PASS:
+			r = cms_RecipientInfo_pwri_crypt(cms, ri, 1);
+			break;
+
+			default:
+			CMSerr(CMS_F_CMS_ENVELOPEDDATA_INIT_BIO,
+				CMS_R_UNSUPPORTED_RECIPIENT_TYPE);
+			goto err;
+			}
+
+		if (r <= 0)
+			{
+			CMSerr(CMS_F_CMS_ENVELOPEDDATA_INIT_BIO,
+				CMS_R_ERROR_SETTING_RECIPIENTINFO);
+			goto err;
+			}
+		}
+
+	ok = 1;
+
+	err:
+	ec->cipher = NULL;
+	if (ec->key)
+		{
+		OPENSSL_cleanse(ec->key, ec->keylen);
+		OPENSSL_free(ec->key);
+		ec->key = NULL;
+		ec->keylen = 0;
+		}
+	if (ok)
+		return ret;
+	BIO_free(ret);
+	return NULL;
+
+	}
diff --git a/crypto/cms/cms_err.c b/crypto/cms/cms_err.c
new file mode 100644
index 0000000000..8330ead7ed
--- /dev/null
+++ b/crypto/cms/cms_err.c
@@ -0,0 +1,245 @@
+/* crypto/cms/cms_err.c */
+/* ====================================================================
+ * Copyright (c) 1999-2009 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/* NOTE: this file was auto generated by the mkerr.pl script: any changes
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
+ */
+
+#include <stdio.h>
+#include <openssl/err.h>
+#include <openssl/cms.h>
+
+/* BEGIN ERROR CODES */
+#ifndef OPENSSL_NO_ERR
+
+#define ERR_FUNC(func) ERR_PACK(ERR_LIB_CMS,func,0)
+#define ERR_REASON(reason) ERR_PACK(ERR_LIB_CMS,0,reason)
+
+static ERR_STRING_DATA CMS_str_functs[]=
+	{
+{ERR_FUNC(CMS_F_CHECK_CONTENT),	"CHECK_CONTENT"},
+{ERR_FUNC(CMS_F_CMS_ADD0_CERT),	"CMS_add0_cert"},
+{ERR_FUNC(CMS_F_CMS_ADD0_RECIPIENT_KEY),	"CMS_add0_recipient_key"},
+{ERR_FUNC(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD),	"CMS_add0_recipient_password"},
+{ERR_FUNC(CMS_F_CMS_ADD1_RECEIPTREQUEST),	"CMS_add1_ReceiptRequest"},
+{ERR_FUNC(CMS_F_CMS_ADD1_RECIPIENT_CERT),	"CMS_add1_recipient_cert"},
+{ERR_FUNC(CMS_F_CMS_ADD1_SIGNER),	"CMS_add1_signer"},
+{ERR_FUNC(CMS_F_CMS_ADD1_SIGNINGTIME),	"CMS_ADD1_SIGNINGTIME"},
+{ERR_FUNC(CMS_F_CMS_COMPRESS),	"CMS_compress"},
+{ERR_FUNC(CMS_F_CMS_COMPRESSEDDATA_CREATE),	"cms_CompressedData_create"},
+{ERR_FUNC(CMS_F_CMS_COMPRESSEDDATA_INIT_BIO),	"cms_CompressedData_init_bio"},
+{ERR_FUNC(CMS_F_CMS_COPY_CONTENT),	"CMS_COPY_CONTENT"},
+{ERR_FUNC(CMS_F_CMS_COPY_MESSAGEDIGEST),	"CMS_COPY_MESSAGEDIGEST"},
+{ERR_FUNC(CMS_F_CMS_DATA),	"CMS_data"},
+{ERR_FUNC(CMS_F_CMS_DATAFINAL),	"CMS_dataFinal"},
+{ERR_FUNC(CMS_F_CMS_DATAINIT),	"CMS_dataInit"},
+{ERR_FUNC(CMS_F_CMS_DECRYPT),	"CMS_decrypt"},
+{ERR_FUNC(CMS_F_CMS_DECRYPT_SET1_KEY),	"CMS_decrypt_set1_key"},
+{ERR_FUNC(CMS_F_CMS_DECRYPT_SET1_PASSWORD),	"CMS_decrypt_set1_password"},
+{ERR_FUNC(CMS_F_CMS_DECRYPT_SET1_PKEY),	"CMS_decrypt_set1_pkey"},
+{ERR_FUNC(CMS_F_CMS_DIGESTALGORITHM_FIND_CTX),	"cms_DigestAlgorithm_find_ctx"},
+{ERR_FUNC(CMS_F_CMS_DIGESTALGORITHM_INIT_BIO),	"cms_DigestAlgorithm_init_bio"},
+{ERR_FUNC(CMS_F_CMS_DIGESTEDDATA_DO_FINAL),	"cms_DigestedData_do_final"},
+{ERR_FUNC(CMS_F_CMS_DIGEST_VERIFY),	"CMS_digest_verify"},
+{ERR_FUNC(CMS_F_CMS_ENCODE_RECEIPT),	"cms_encode_Receipt"},
+{ERR_FUNC(CMS_F_CMS_ENCRYPT),	"CMS_encrypt"},
+{ERR_FUNC(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO),	"cms_EncryptedContent_init_bio"},
+{ERR_FUNC(CMS_F_CMS_ENCRYPTEDDATA_DECRYPT),	"CMS_EncryptedData_decrypt"},
+{ERR_FUNC(CMS_F_CMS_ENCRYPTEDDATA_ENCRYPT),	"CMS_EncryptedData_encrypt"},
+{ERR_FUNC(CMS_F_CMS_ENCRYPTEDDATA_SET1_KEY),	"CMS_EncryptedData_set1_key"},
+{ERR_FUNC(CMS_F_CMS_ENVELOPEDDATA_CREATE),	"CMS_EnvelopedData_create"},
+{ERR_FUNC(CMS_F_CMS_ENVELOPEDDATA_INIT_BIO),	"cms_EnvelopedData_init_bio"},
+{ERR_FUNC(CMS_F_CMS_ENVELOPED_DATA_INIT),	"CMS_ENVELOPED_DATA_INIT"},
+{ERR_FUNC(CMS_F_CMS_FINAL),	"CMS_final"},
+{ERR_FUNC(CMS_F_CMS_GET0_CERTIFICATE_CHOICES),	"CMS_GET0_CERTIFICATE_CHOICES"},
+{ERR_FUNC(CMS_F_CMS_GET0_CONTENT),	"CMS_get0_content"},
+{ERR_FUNC(CMS_F_CMS_GET0_ECONTENT_TYPE),	"CMS_GET0_ECONTENT_TYPE"},
+{ERR_FUNC(CMS_F_CMS_GET0_ENVELOPED),	"cms_get0_enveloped"},
+{ERR_FUNC(CMS_F_CMS_GET0_REVOCATION_CHOICES),	"CMS_GET0_REVOCATION_CHOICES"},
+{ERR_FUNC(CMS_F_CMS_GET0_SIGNED),	"CMS_GET0_SIGNED"},
+{ERR_FUNC(CMS_F_CMS_MSGSIGDIGEST_ADD1),	"cms_msgSigDigest_add1"},
+{ERR_FUNC(CMS_F_CMS_RECEIPTREQUEST_CREATE0),	"CMS_ReceiptRequest_create0"},
+{ERR_FUNC(CMS_F_CMS_RECEIPT_VERIFY),	"cms_Receipt_verify"},
+{ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_DECRYPT),	"CMS_RecipientInfo_decrypt"},
+{ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT),	"CMS_RECIPIENTINFO_KEKRI_DECRYPT"},
+{ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KEKRI_ENCRYPT),	"CMS_RECIPIENTINFO_KEKRI_ENCRYPT"},
+{ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KEKRI_GET0_ID),	"CMS_RecipientInfo_kekri_get0_id"},
+{ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KEKRI_ID_CMP),	"CMS_RecipientInfo_kekri_id_cmp"},
+{ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KTRI_CERT_CMP),	"CMS_RecipientInfo_ktri_cert_cmp"},
+{ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KTRI_DECRYPT),	"CMS_RECIPIENTINFO_KTRI_DECRYPT"},
+{ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KTRI_ENCRYPT),	"CMS_RECIPIENTINFO_KTRI_ENCRYPT"},
+{ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_ALGS),	"CMS_RecipientInfo_ktri_get0_algs"},
+{ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_SIGNER_ID),	"CMS_RecipientInfo_ktri_get0_signer_id"},
+{ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT),	"cms_RecipientInfo_pwri_crypt"},
+{ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_SET0_KEY),	"CMS_RecipientInfo_set0_key"},
+{ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_SET0_PASSWORD),	"CMS_RecipientInfo_set0_password"},
+{ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_SET0_PKEY),	"CMS_RecipientInfo_set0_pkey"},
+{ERR_FUNC(CMS_F_CMS_SET1_SIGNERIDENTIFIER),	"cms_set1_SignerIdentifier"},
+{ERR_FUNC(CMS_F_CMS_SET_DETACHED),	"CMS_set_detached"},
+{ERR_FUNC(CMS_F_CMS_SIGN),	"CMS_sign"},
+{ERR_FUNC(CMS_F_CMS_SIGNED_DATA_INIT),	"CMS_SIGNED_DATA_INIT"},
+{ERR_FUNC(CMS_F_CMS_SIGNERINFO_CONTENT_SIGN),	"CMS_SIGNERINFO_CONTENT_SIGN"},
+{ERR_FUNC(CMS_F_CMS_SIGNERINFO_SIGN),	"CMS_SignerInfo_sign"},
+{ERR_FUNC(CMS_F_CMS_SIGNERINFO_VERIFY),	"CMS_SignerInfo_verify"},
+{ERR_FUNC(CMS_F_CMS_SIGNERINFO_VERIFY_CERT),	"CMS_SIGNERINFO_VERIFY_CERT"},
+{ERR_FUNC(CMS_F_CMS_SIGNERINFO_VERIFY_CONTENT),	"CMS_SignerInfo_verify_content"},
+{ERR_FUNC(CMS_F_CMS_SIGN_RECEIPT),	"CMS_sign_receipt"},
+{ERR_FUNC(CMS_F_CMS_STREAM),	"CMS_stream"},
+{ERR_FUNC(CMS_F_CMS_UNCOMPRESS),	"CMS_uncompress"},
+{ERR_FUNC(CMS_F_CMS_VERIFY),	"CMS_verify"},
+{0,NULL}
+	};
+
+static ERR_STRING_DATA CMS_str_reasons[]=
+	{
+{ERR_REASON(CMS_R_ADD_SIGNER_ERROR)      ,"add signer error"},
+{ERR_REASON(CMS_R_CERTIFICATE_ALREADY_PRESENT),"certificate already present"},
+{ERR_REASON(CMS_R_CERTIFICATE_HAS_NO_KEYID),"certificate has no keyid"},
+{ERR_REASON(CMS_R_CERTIFICATE_VERIFY_ERROR),"certificate verify error"},
+{ERR_REASON(CMS_R_CIPHER_INITIALISATION_ERROR),"cipher initialisation error"},
+{ERR_REASON(CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR),"cipher parameter initialisation error"},
+{ERR_REASON(CMS_R_CMS_DATAFINAL_ERROR)   ,"cms datafinal error"},
+{ERR_REASON(CMS_R_CMS_LIB)               ,"cms lib"},
+{ERR_REASON(CMS_R_CONTENTIDENTIFIER_MISMATCH),"contentidentifier mismatch"},
+{ERR_REASON(CMS_R_CONTENT_NOT_FOUND)     ,"content not found"},
+{ERR_REASON(CMS_R_CONTENT_TYPE_MISMATCH) ,"content type mismatch"},
+{ERR_REASON(CMS_R_CONTENT_TYPE_NOT_COMPRESSED_DATA),"content type not compressed data"},
+{ERR_REASON(CMS_R_CONTENT_TYPE_NOT_ENVELOPED_DATA),"content type not enveloped data"},
+{ERR_REASON(CMS_R_CONTENT_TYPE_NOT_SIGNED_DATA),"content type not signed data"},
+{ERR_REASON(CMS_R_CONTENT_VERIFY_ERROR)  ,"content verify error"},
+{ERR_REASON(CMS_R_CTRL_ERROR)            ,"ctrl error"},
+{ERR_REASON(CMS_R_CTRL_FAILURE)          ,"ctrl failure"},
+{ERR_REASON(CMS_R_DECRYPT_ERROR)         ,"decrypt error"},
+{ERR_REASON(CMS_R_DIGEST_ERROR)          ,"digest error"},
+{ERR_REASON(CMS_R_ERROR_GETTING_PUBLIC_KEY),"error getting public key"},
+{ERR_REASON(CMS_R_ERROR_READING_MESSAGEDIGEST_ATTRIBUTE),"error reading messagedigest attribute"},
+{ERR_REASON(CMS_R_ERROR_SETTING_KEY)     ,"error setting key"},
+{ERR_REASON(CMS_R_ERROR_SETTING_RECIPIENTINFO),"error setting recipientinfo"},
+{ERR_REASON(CMS_R_INVALID_ENCRYPTED_KEY_LENGTH),"invalid encrypted key length"},
+{ERR_REASON(CMS_R_INVALID_KEY_ENCRYPTION_PARAMETER),"invalid key encryption parameter"},
+{ERR_REASON(CMS_R_INVALID_KEY_LENGTH)    ,"invalid key length"},
+{ERR_REASON(CMS_R_MD_BIO_INIT_ERROR)     ,"md bio init error"},
+{ERR_REASON(CMS_R_MESSAGEDIGEST_ATTRIBUTE_WRONG_LENGTH),"messagedigest attribute wrong length"},
+{ERR_REASON(CMS_R_MESSAGEDIGEST_WRONG_LENGTH),"messagedigest wrong length"},
+{ERR_REASON(CMS_R_MSGSIGDIGEST_ERROR)    ,"msgsigdigest error"},
+{ERR_REASON(CMS_R_MSGSIGDIGEST_VERIFICATION_FAILURE),"msgsigdigest verification failure"},
+{ERR_REASON(CMS_R_MSGSIGDIGEST_WRONG_LENGTH),"msgsigdigest wrong length"},
+{ERR_REASON(CMS_R_NEED_ONE_SIGNER)       ,"need one signer"},
+{ERR_REASON(CMS_R_NOT_A_SIGNED_RECEIPT)  ,"not a signed receipt"},
+{ERR_REASON(CMS_R_NOT_ENCRYPTED_DATA)    ,"not encrypted data"},
+{ERR_REASON(CMS_R_NOT_KEK)               ,"not kek"},
+{ERR_REASON(CMS_R_NOT_KEY_TRANSPORT)     ,"not key transport"},
+{ERR_REASON(CMS_R_NOT_PWRI)              ,"not pwri"},
+{ERR_REASON(CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE),"not supported for this key type"},
+{ERR_REASON(CMS_R_NO_CIPHER)             ,"no cipher"},
+{ERR_REASON(CMS_R_NO_CONTENT)            ,"no content"},
+{ERR_REASON(CMS_R_NO_CONTENT_TYPE)       ,"no content type"},
+{ERR_REASON(CMS_R_NO_DEFAULT_DIGEST)     ,"no default digest"},
+{ERR_REASON(CMS_R_NO_DIGEST_SET)         ,"no digest set"},
+{ERR_REASON(CMS_R_NO_KEY)                ,"no key"},
+{ERR_REASON(CMS_R_NO_KEY_OR_CERT)        ,"no key or cert"},
+{ERR_REASON(CMS_R_NO_MATCHING_DIGEST)    ,"no matching digest"},
+{ERR_REASON(CMS_R_NO_MATCHING_RECIPIENT) ,"no matching recipient"},
+{ERR_REASON(CMS_R_NO_MATCHING_SIGNATURE) ,"no matching signature"},
+{ERR_REASON(CMS_R_NO_MSGSIGDIGEST)       ,"no msgsigdigest"},
+{ERR_REASON(CMS_R_NO_PASSWORD)           ,"no password"},
+{ERR_REASON(CMS_R_NO_PRIVATE_KEY)        ,"no private key"},
+{ERR_REASON(CMS_R_NO_PUBLIC_KEY)         ,"no public key"},
+{ERR_REASON(CMS_R_NO_RECEIPT_REQUEST)    ,"no receipt request"},
+{ERR_REASON(CMS_R_NO_SIGNERS)            ,"no signers"},
+{ERR_REASON(CMS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE),"private key does not match certificate"},
+{ERR_REASON(CMS_R_RECEIPT_DECODE_ERROR)  ,"receipt decode error"},
+{ERR_REASON(CMS_R_RECIPIENT_ERROR)       ,"recipient error"},
+{ERR_REASON(CMS_R_SIGNER_CERTIFICATE_NOT_FOUND),"signer certificate not found"},
+{ERR_REASON(CMS_R_SIGNFINAL_ERROR)       ,"signfinal error"},
+{ERR_REASON(CMS_R_SMIME_TEXT_ERROR)      ,"smime text error"},
+{ERR_REASON(CMS_R_STORE_INIT_ERROR)      ,"store init error"},
+{ERR_REASON(CMS_R_TYPE_NOT_COMPRESSED_DATA),"type not compressed data"},
+{ERR_REASON(CMS_R_TYPE_NOT_DATA)         ,"type not data"},
+{ERR_REASON(CMS_R_TYPE_NOT_DIGESTED_DATA),"type not digested data"},
+{ERR_REASON(CMS_R_TYPE_NOT_ENCRYPTED_DATA),"type not encrypted data"},
+{ERR_REASON(CMS_R_TYPE_NOT_ENVELOPED_DATA),"type not enveloped data"},
+{ERR_REASON(CMS_R_UNABLE_TO_FINALIZE_CONTEXT),"unable to finalize context"},
+{ERR_REASON(CMS_R_UNKNOWN_CIPHER)        ,"unknown cipher"},
+{ERR_REASON(CMS_R_UNKNOWN_DIGEST_ALGORIHM),"unknown digest algorihm"},
+{ERR_REASON(CMS_R_UNKNOWN_ID)            ,"unknown id"},
+{ERR_REASON(CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM),"unsupported compression algorithm"},
+{ERR_REASON(CMS_R_UNSUPPORTED_CONTENT_TYPE),"unsupported content type"},
+{ERR_REASON(CMS_R_UNSUPPORTED_KEK_ALGORITHM),"unsupported kek algorithm"},
+{ERR_REASON(CMS_R_UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM),"unsupported key encryption algorithm"},
+{ERR_REASON(CMS_R_UNSUPPORTED_RECIPIENT_TYPE),"unsupported recipient type"},
+{ERR_REASON(CMS_R_UNSUPPORTED_RECPIENTINFO_TYPE),"unsupported recpientinfo type"},
+{ERR_REASON(CMS_R_UNSUPPORTED_TYPE)      ,"unsupported type"},
+{ERR_REASON(CMS_R_UNWRAP_ERROR)          ,"unwrap error"},
+{ERR_REASON(CMS_R_UNWRAP_FAILURE)        ,"unwrap failure"},
+{ERR_REASON(CMS_R_VERIFICATION_FAILURE)  ,"verification failure"},
+{ERR_REASON(CMS_R_WRAP_ERROR)            ,"wrap error"},
+{0,NULL}
+	};
+
+#endif
+
+void ERR_load_CMS_strings(void)
+	{
+#ifndef OPENSSL_NO_ERR
+
+	if (ERR_func_error_string(CMS_str_functs[0].error) == NULL)
+		{
+		ERR_load_strings(0,CMS_str_functs);
+		ERR_load_strings(0,CMS_str_reasons);
+		}
+#endif
+	}
diff --git a/crypto/cms/cms_ess.c b/crypto/cms/cms_ess.c
new file mode 100644
index 0000000000..90c0b82fb5
--- /dev/null
+++ b/crypto/cms/cms_ess.c
@@ -0,0 +1,420 @@
+/* crypto/cms/cms_ess.c */
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project.
+ */
+/* ====================================================================
+ * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+#include "cryptlib.h"
+#include <openssl/asn1t.h>
+#include <openssl/pem.h>
+#include <openssl/rand.h>
+#include <openssl/x509v3.h>
+#include <openssl/err.h>
+#include <openssl/cms.h>
+#include "cms_lcl.h"
+
+DECLARE_ASN1_ITEM(CMS_ReceiptRequest)
+DECLARE_ASN1_ITEM(CMS_Receipt)
+
+IMPLEMENT_ASN1_FUNCTIONS(CMS_ReceiptRequest)
+
+/* ESS services: for now just Signed Receipt related */
+
+int CMS_get1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest **prr)
+	{
+	ASN1_STRING *str;
+	CMS_ReceiptRequest *rr = NULL;
+	if (prr)
+		*prr = NULL;
+	str = CMS_signed_get0_data_by_OBJ(si,
+				OBJ_nid2obj(NID_id_smime_aa_receiptRequest),
+					-3, V_ASN1_SEQUENCE);
+	if (!str)
+		return 0;
+
+	rr = ASN1_item_unpack(str, ASN1_ITEM_rptr(CMS_ReceiptRequest));
+	if (!rr)
+		return -1;
+	if (prr)
+		*prr = rr;
+	else
+		CMS_ReceiptRequest_free(rr);
+	return 1;
+	}
+
+CMS_ReceiptRequest *CMS_ReceiptRequest_create0(unsigned char *id, int idlen,
+				int allorfirst,
+				STACK_OF(GENERAL_NAMES) *receiptList,
+				STACK_OF(GENERAL_NAMES) *receiptsTo)
+	{
+	CMS_ReceiptRequest *rr = NULL;
+
+	rr = CMS_ReceiptRequest_new();
+	if (!rr)
+		goto merr;
+	if (id)
+		ASN1_STRING_set0(rr->signedContentIdentifier, id, idlen);
+	else
+		{
+		if (!ASN1_STRING_set(rr->signedContentIdentifier, NULL, 32))
+			goto merr;
+		if (RAND_pseudo_bytes(rr->signedContentIdentifier->data, 32) 
+					<= 0)
+			goto err;
+		}
+
+	sk_GENERAL_NAMES_pop_free(rr->receiptsTo, GENERAL_NAMES_free);
+	rr->receiptsTo = receiptsTo;
+
+	if (receiptList)
+		{
+		rr->receiptsFrom->type = 1;
+		rr->receiptsFrom->d.receiptList = receiptList;
+		}
+	else
+		{
+		rr->receiptsFrom->type = 0;
+		rr->receiptsFrom->d.allOrFirstTier = allorfirst;
+		}
+
+	return rr;
+
+	merr:
+	CMSerr(CMS_F_CMS_RECEIPTREQUEST_CREATE0, ERR_R_MALLOC_FAILURE);
+
+	err:
+	if (rr)
+		CMS_ReceiptRequest_free(rr);
+
+	return NULL;
+	
+	}
+
+int CMS_add1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest *rr)
+	{
+	unsigned char *rrder = NULL;
+	int rrderlen, r = 0;
+
+	rrderlen = i2d_CMS_ReceiptRequest(rr, &rrder);
+	if (rrderlen < 0)
+		goto merr;
+
+	if (!CMS_signed_add1_attr_by_NID(si, NID_id_smime_aa_receiptRequest,
+					V_ASN1_SEQUENCE, rrder, rrderlen))
+		goto merr;
+
+	r = 1;
+
+	merr:
+	if (!r)
+		CMSerr(CMS_F_CMS_ADD1_RECEIPTREQUEST, ERR_R_MALLOC_FAILURE);
+
+	if (rrder)
+		OPENSSL_free(rrder);
+
+	return r;
+	
+	}
+
+void CMS_ReceiptRequest_get0_values(CMS_ReceiptRequest *rr,
+					ASN1_STRING **pcid,
+					int *pallorfirst,
+					STACK_OF(GENERAL_NAMES) **plist,
+					STACK_OF(GENERAL_NAMES) **prto)
+	{
+	if (pcid)
+		*pcid = rr->signedContentIdentifier;
+	if (rr->receiptsFrom->type == 0)
+		{
+		if (pallorfirst)
+			*pallorfirst = (int)rr->receiptsFrom->d.allOrFirstTier;
+		if (plist)
+			*plist = NULL;
+		}
+	else
+		{
+		if (pallorfirst)
+			*pallorfirst = -1;
+		if (plist)
+			*plist = rr->receiptsFrom->d.receiptList;
+		}
+	if (prto)
+		*prto = rr->receiptsTo;
+	}
+
+/* Digest a SignerInfo structure for msgSigDigest attribute processing */
+
+static int cms_msgSigDigest(CMS_SignerInfo *si,
+				unsigned char *dig, unsigned int *diglen)
+	{
+	const EVP_MD *md;
+	md = EVP_get_digestbyobj(si->digestAlgorithm->algorithm);
+	if (md == NULL)
+		return 0;
+	if (!ASN1_item_digest(ASN1_ITEM_rptr(CMS_Attributes_Verify), md,
+						si->signedAttrs, dig, diglen))
+		return 0;
+	return 1;
+	}
+
+/* Add a msgSigDigest attribute to a SignerInfo */
+
+int cms_msgSigDigest_add1(CMS_SignerInfo *dest, CMS_SignerInfo *src)
+	{
+	unsigned char dig[EVP_MAX_MD_SIZE];
+	unsigned int diglen;
+	if (!cms_msgSigDigest(src, dig, &diglen))
+		{
+		CMSerr(CMS_F_CMS_MSGSIGDIGEST_ADD1, CMS_R_MSGSIGDIGEST_ERROR);
+		return 0;
+		}
+	if (!CMS_signed_add1_attr_by_NID(dest, NID_id_smime_aa_msgSigDigest,
+					V_ASN1_OCTET_STRING, dig, diglen))
+		{
+		CMSerr(CMS_F_CMS_MSGSIGDIGEST_ADD1, ERR_R_MALLOC_FAILURE);
+		return 0;
+		}
+	return 1;
+	}
+
+/* Verify signed receipt after it has already passed normal CMS verify */
+
+int cms_Receipt_verify(CMS_ContentInfo *cms, CMS_ContentInfo *req_cms)
+	{
+	int r = 0, i;
+	CMS_ReceiptRequest *rr = NULL;
+	CMS_Receipt *rct = NULL;
+	STACK_OF(CMS_SignerInfo) *sis, *osis;
+	CMS_SignerInfo *si, *osi = NULL;
+	ASN1_OCTET_STRING *msig, **pcont;
+	ASN1_OBJECT *octype;
+	unsigned char dig[EVP_MAX_MD_SIZE];
+	unsigned int diglen;
+
+	/* Get SignerInfos, also checks SignedData content type */
+	osis = CMS_get0_SignerInfos(req_cms);
+	sis = CMS_get0_SignerInfos(cms);
+	if (!osis || !sis)
+		goto err;
+
+	if (sk_CMS_SignerInfo_num(sis) != 1)
+		{
+		CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NEED_ONE_SIGNER);
+		goto err;
+		}
+
+	/* Check receipt content type */
+	if (OBJ_obj2nid(CMS_get0_eContentType(cms)) != NID_id_smime_ct_receipt)
+		{
+		CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NOT_A_SIGNED_RECEIPT);
+		goto err;
+		}
+
+	/* Extract and decode receipt content */
+	pcont = CMS_get0_content(cms);
+	if (!pcont || !*pcont)
+		{
+		CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_CONTENT);
+		goto err;
+		}
+
+	rct = ASN1_item_unpack(*pcont, ASN1_ITEM_rptr(CMS_Receipt));
+
+	if (!rct)	
+		{
+		CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_RECEIPT_DECODE_ERROR);
+		goto err;
+		}
+
+	/* Locate original request */
+
+	for (i = 0; i < sk_CMS_SignerInfo_num(osis); i++)
+		{
+		osi = sk_CMS_SignerInfo_value(osis, i);
+		if (!ASN1_STRING_cmp(osi->signature,
+					rct->originatorSignatureValue))
+			break;
+		}
+
+	if (i == sk_CMS_SignerInfo_num(osis))
+		{
+		CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_MATCHING_SIGNATURE);
+		goto err;
+		}
+
+	si = sk_CMS_SignerInfo_value(sis, 0);
+
+	/* Get msgSigDigest value and compare */
+
+	msig = CMS_signed_get0_data_by_OBJ(si,
+				OBJ_nid2obj(NID_id_smime_aa_msgSigDigest),
+					-3, V_ASN1_OCTET_STRING);
+
+	if (!msig)
+		{
+		CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_MSGSIGDIGEST);
+		goto err;
+		}
+
+	if (!cms_msgSigDigest(osi, dig, &diglen))
+		{
+		CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_MSGSIGDIGEST_ERROR);
+		goto err;
+		}
+
+	if (diglen != (unsigned int)msig->length)
+			{
+			CMSerr(CMS_F_CMS_RECEIPT_VERIFY,
+				CMS_R_MSGSIGDIGEST_WRONG_LENGTH);
+			goto err;
+			}
+
+	if (memcmp(dig, msig->data, diglen))
+			{
+			CMSerr(CMS_F_CMS_RECEIPT_VERIFY,
+				CMS_R_MSGSIGDIGEST_VERIFICATION_FAILURE);
+			goto err;
+			}
+
+	/* Compare content types */
+
+	octype = CMS_signed_get0_data_by_OBJ(osi,
+				OBJ_nid2obj(NID_pkcs9_contentType),
+					-3, V_ASN1_OBJECT);
+	if (!octype)
+		{
+		CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_CONTENT_TYPE);
+		goto err;
+		}
+
+	/* Compare details in receipt request */
+
+	if (OBJ_cmp(octype, rct->contentType))
+		{
+		CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_CONTENT_TYPE_MISMATCH);
+		goto err;
+		}
+
+	/* Get original receipt request details */
+
+	if (CMS_get1_ReceiptRequest(osi, &rr) <= 0)
+		{
+		CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_RECEIPT_REQUEST);
+		goto err;
+		}
+
+	if (ASN1_STRING_cmp(rr->signedContentIdentifier,
+					rct->signedContentIdentifier))
+		{
+		CMSerr(CMS_F_CMS_RECEIPT_VERIFY,
+					CMS_R_CONTENTIDENTIFIER_MISMATCH);
+		goto err;
+		}
+
+	r = 1;
+
+	err:
+	if (rr)
+		CMS_ReceiptRequest_free(rr);
+	if (rct)
+		M_ASN1_free_of(rct, CMS_Receipt);
+
+	return r;
+
+	}
+
+/* Encode a Receipt into an OCTET STRING read for including into content of
+ * a SignedData ContentInfo.
+ */
+
+ASN1_OCTET_STRING *cms_encode_Receipt(CMS_SignerInfo *si)
+	{
+	CMS_Receipt rct;
+	CMS_ReceiptRequest *rr = NULL;
+	ASN1_OBJECT *ctype;
+	ASN1_OCTET_STRING *os = NULL;
+
+	/* Get original receipt request */
+
+	/* Get original receipt request details */
+
+	if (CMS_get1_ReceiptRequest(si, &rr) <= 0)
+		{
+		CMSerr(CMS_F_CMS_ENCODE_RECEIPT, CMS_R_NO_RECEIPT_REQUEST);
+		goto err;
+		}
+
+	/* Get original content type */
+
+	ctype = CMS_signed_get0_data_by_OBJ(si,
+				OBJ_nid2obj(NID_pkcs9_contentType),
+					-3, V_ASN1_OBJECT);
+	if (!ctype)
+		{
+		CMSerr(CMS_F_CMS_ENCODE_RECEIPT, CMS_R_NO_CONTENT_TYPE);
+		goto err;
+		}
+
+	rct.version = 1;
+	rct.contentType = ctype;
+	rct.signedContentIdentifier = rr->signedContentIdentifier;
+	rct.originatorSignatureValue = si->signature;
+
+	os = ASN1_item_pack(&rct, ASN1_ITEM_rptr(CMS_Receipt), NULL);
+
+	err:
+	if (rr)
+		CMS_ReceiptRequest_free(rr);
+
+	return os;
+
+	}
+
+
diff --git a/crypto/cms/cms_io.c b/crypto/cms/cms_io.c
new file mode 100644
index 0000000000..1cb0264cc5
--- /dev/null
+++ b/crypto/cms/cms_io.c
@@ -0,0 +1,133 @@
+/* crypto/cms/cms_io.c */
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project.
+ */
+/* ====================================================================
+ * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+#include <openssl/asn1t.h>
+#include <openssl/x509.h>
+#include <openssl/err.h>
+#include <openssl/pem.h>
+#include "cms.h"
+#include "cms_lcl.h"
+
+int CMS_stream(unsigned char ***boundary, CMS_ContentInfo *cms)
+	{
+	ASN1_OCTET_STRING **pos;
+	pos = CMS_get0_content(cms);
+	if (!pos)
+		return 0;
+	if (!*pos)
+		*pos = ASN1_OCTET_STRING_new();
+	if (*pos)
+		{
+		(*pos)->flags |= ASN1_STRING_FLAG_NDEF;
+		(*pos)->flags &= ~ASN1_STRING_FLAG_CONT;
+		*boundary = &(*pos)->data;
+		return 1;
+		}
+	CMSerr(CMS_F_CMS_STREAM, ERR_R_MALLOC_FAILURE);
+	return 0;
+	}
+
+CMS_ContentInfo *d2i_CMS_bio(BIO *bp, CMS_ContentInfo **cms)
+	{
+	return ASN1_item_d2i_bio(ASN1_ITEM_rptr(CMS_ContentInfo), bp, cms);
+	}
+
+int i2d_CMS_bio(BIO *bp, CMS_ContentInfo *cms)
+	{
+	return ASN1_item_i2d_bio(ASN1_ITEM_rptr(CMS_ContentInfo), bp, cms);
+	}
+
+IMPLEMENT_PEM_rw_const(CMS, CMS_ContentInfo, PEM_STRING_CMS, CMS_ContentInfo)
+
+BIO *BIO_new_CMS(BIO *out, CMS_ContentInfo *cms) 
+	{
+	return BIO_new_NDEF(out, (ASN1_VALUE *)cms,
+				ASN1_ITEM_rptr(CMS_ContentInfo));
+	}
+
+/* CMS wrappers round generalised stream and MIME routines */
+
+int i2d_CMS_bio_stream(BIO *out, CMS_ContentInfo *cms, BIO *in, int flags)
+	{
+	return i2d_ASN1_bio_stream(out, (ASN1_VALUE *)cms, in, flags,
+					ASN1_ITEM_rptr(CMS_ContentInfo));
+	}
+
+int PEM_write_bio_CMS_stream(BIO *out, CMS_ContentInfo *cms, BIO *in, int flags)
+	{
+	return PEM_write_bio_ASN1_stream(out, (ASN1_VALUE *) cms, in, flags,
+					"CMS",
+					ASN1_ITEM_rptr(CMS_ContentInfo));
+	}
+
+int SMIME_write_CMS(BIO *bio, CMS_ContentInfo *cms, BIO *data, int flags)
+	{
+	STACK_OF(X509_ALGOR) *mdalgs;
+	int ctype_nid = OBJ_obj2nid(cms->contentType);
+	int econt_nid = OBJ_obj2nid(CMS_get0_eContentType(cms));
+	if (ctype_nid == NID_pkcs7_signed)
+		mdalgs = cms->d.signedData->digestAlgorithms;
+	else
+		mdalgs = NULL;
+
+	return SMIME_write_ASN1(bio, (ASN1_VALUE *)cms, data, flags,
+					ctype_nid, econt_nid, mdalgs,
+					ASN1_ITEM_rptr(CMS_ContentInfo));	
+	}
+
+CMS_ContentInfo *SMIME_read_CMS(BIO *bio, BIO **bcont)
+	{
+	return (CMS_ContentInfo *)SMIME_read_ASN1(bio, bcont,
+					ASN1_ITEM_rptr(CMS_ContentInfo));
+	}
+
diff --git a/crypto/cms/cms_lcl.h b/crypto/cms/cms_lcl.h
new file mode 100644
index 0000000000..5aea7f837f
--- /dev/null
+++ b/crypto/cms/cms_lcl.h
@@ -0,0 +1,471 @@
+/* crypto/cms/cms_lcl.h */
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project.
+ */
+/* ====================================================================
+ * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+#ifndef HEADER_CMS_LCL_H
+#define HEADER_CMS_LCL_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#include <openssl/x509.h>
+
+/* Cryptographic message syntax (CMS) structures: taken
+ * from RFC3852
+ */
+
+/* Forward references */
+
+typedef struct CMS_IssuerAndSerialNumber_st CMS_IssuerAndSerialNumber;
+typedef struct CMS_EncapsulatedContentInfo_st CMS_EncapsulatedContentInfo;
+typedef struct CMS_SignerIdentifier_st CMS_SignerIdentifier;
+typedef struct CMS_SignedData_st CMS_SignedData;
+typedef struct CMS_OtherRevocationInfoFormat_st CMS_OtherRevocationInfoFormat;
+typedef struct CMS_OriginatorInfo_st CMS_OriginatorInfo;
+typedef struct CMS_EncryptedContentInfo_st CMS_EncryptedContentInfo;
+typedef struct CMS_EnvelopedData_st CMS_EnvelopedData;
+typedef struct CMS_DigestedData_st CMS_DigestedData;
+typedef struct CMS_EncryptedData_st CMS_EncryptedData;
+typedef struct CMS_AuthenticatedData_st CMS_AuthenticatedData;
+typedef struct CMS_CompressedData_st CMS_CompressedData;
+typedef struct CMS_OtherCertificateFormat_st CMS_OtherCertificateFormat;
+typedef struct CMS_KeyTransRecipientInfo_st CMS_KeyTransRecipientInfo;
+typedef struct CMS_OriginatorPublicKey_st CMS_OriginatorPublicKey;
+typedef struct CMS_OriginatorIdentifierOrKey_st CMS_OriginatorIdentifierOrKey;
+typedef struct CMS_KeyAgreeRecipientInfo_st CMS_KeyAgreeRecipientInfo;
+typedef struct CMS_OtherKeyAttribute_st CMS_OtherKeyAttribute;
+typedef struct CMS_RecipientKeyIdentifier_st CMS_RecipientKeyIdentifier;
+typedef struct CMS_KeyAgreeRecipientIdentifier_st CMS_KeyAgreeRecipientIdentifier;
+typedef struct CMS_RecipientEncryptedKey_st CMS_RecipientEncryptedKey;
+typedef struct CMS_KEKIdentifier_st CMS_KEKIdentifier;
+typedef struct CMS_KEKRecipientInfo_st CMS_KEKRecipientInfo;
+typedef struct CMS_PasswordRecipientInfo_st CMS_PasswordRecipientInfo;
+typedef struct CMS_OtherRecipientInfo_st CMS_OtherRecipientInfo;
+typedef struct CMS_ReceiptsFrom_st CMS_ReceiptsFrom;
+
+struct CMS_ContentInfo_st
+	{
+	ASN1_OBJECT *contentType;
+	union	{
+		ASN1_OCTET_STRING *data;
+		CMS_SignedData *signedData;
+		CMS_EnvelopedData *envelopedData;
+		CMS_DigestedData *digestedData;
+		CMS_EncryptedData *encryptedData;
+		CMS_AuthenticatedData *authenticatedData;
+		CMS_CompressedData *compressedData;
+		ASN1_TYPE *other;
+		/* Other types ... */
+		void *otherData;
+		} d;
+	};
+
+struct CMS_SignedData_st
+	{
+	long version;
+	STACK_OF(X509_ALGOR) *digestAlgorithms;
+	CMS_EncapsulatedContentInfo *encapContentInfo;
+	STACK_OF(CMS_CertificateChoices) *certificates;
+	STACK_OF(CMS_RevocationInfoChoice) *crls;
+	STACK_OF(CMS_SignerInfo) *signerInfos;
+	};
+ 
+struct CMS_EncapsulatedContentInfo_st
+	{
+	ASN1_OBJECT *eContentType;
+	ASN1_OCTET_STRING *eContent;
+	/* Set to 1 if incomplete structure only part set up */
+	int partial;
+	};
+
+struct CMS_SignerInfo_st
+	{
+	long version;
+	CMS_SignerIdentifier *sid;
+	X509_ALGOR *digestAlgorithm;
+	STACK_OF(X509_ATTRIBUTE) *signedAttrs;
+	X509_ALGOR *signatureAlgorithm;
+	ASN1_OCTET_STRING *signature;
+	STACK_OF(X509_ATTRIBUTE) *unsignedAttrs;
+	/* Signing certificate and key */
+	X509 *signer;
+	EVP_PKEY *pkey;
+	};
+
+struct CMS_SignerIdentifier_st
+	{
+	int type;
+	union	{
+		CMS_IssuerAndSerialNumber *issuerAndSerialNumber;
+		ASN1_OCTET_STRING *subjectKeyIdentifier;
+		} d;
+	};
+
+struct CMS_EnvelopedData_st
+	{
+	long version;
+	CMS_OriginatorInfo *originatorInfo;
+	STACK_OF(CMS_RecipientInfo) *recipientInfos;
+	CMS_EncryptedContentInfo *encryptedContentInfo;
+	STACK_OF(X509_ATTRIBUTE) *unprotectedAttrs;
+	};
+
+struct CMS_OriginatorInfo_st
+	{
+	STACK_OF(CMS_CertificateChoices) *certificates;
+	STACK_OF(CMS_RevocationInfoChoice) *crls;
+	};
+
+struct CMS_EncryptedContentInfo_st
+	{
+	ASN1_OBJECT *contentType;
+	X509_ALGOR *contentEncryptionAlgorithm;
+	ASN1_OCTET_STRING *encryptedContent;
+	/* Content encryption algorithm and key */
+	const EVP_CIPHER *cipher;
+	unsigned char *key;
+	size_t keylen;
+	};
+
+struct CMS_RecipientInfo_st
+	{
+ 	int type;
+ 	union	{
+  	 	CMS_KeyTransRecipientInfo *ktri;
+   		CMS_KeyAgreeRecipientInfo *kari;
+   		CMS_KEKRecipientInfo *kekri;
+		CMS_PasswordRecipientInfo *pwri;
+		CMS_OtherRecipientInfo *ori;
+		} d;
+	};
+
+typedef CMS_SignerIdentifier CMS_RecipientIdentifier;
+
+struct CMS_KeyTransRecipientInfo_st
+	{
+	long version;
+	CMS_RecipientIdentifier *rid;
+	X509_ALGOR *keyEncryptionAlgorithm;
+	ASN1_OCTET_STRING *encryptedKey;
+	/* Recipient Key and cert */
+	X509 *recip;
+	EVP_PKEY *pkey;
+	};
+
+struct CMS_KeyAgreeRecipientInfo_st
+	{
+	long version;
+	CMS_OriginatorIdentifierOrKey *originator;
+	ASN1_OCTET_STRING *ukm;
+ 	X509_ALGOR *keyEncryptionAlgorithm;
+	STACK_OF(CMS_RecipientEncryptedKey) *recipientEncryptedKeys;
+	};
+
+struct CMS_OriginatorIdentifierOrKey_st
+	{
+	int type;
+	union	{
+		CMS_IssuerAndSerialNumber *issuerAndSerialNumber;
+		ASN1_OCTET_STRING *subjectKeyIdentifier;
+		CMS_OriginatorPublicKey *originatorKey;
+		} d;
+	};
+
+struct CMS_OriginatorPublicKey_st
+	{
+	X509_ALGOR *algorithm;
+	ASN1_BIT_STRING *publicKey;
+	};
+
+struct CMS_RecipientEncryptedKey_st
+	{
+ 	CMS_KeyAgreeRecipientIdentifier *rid;
+ 	ASN1_OCTET_STRING *encryptedKey;
+	};
+
+struct CMS_KeyAgreeRecipientIdentifier_st
+	{
+	int type;
+	union	{
+		CMS_IssuerAndSerialNumber *issuerAndSerialNumber;
+		CMS_RecipientKeyIdentifier *rKeyId;
+		} d;
+	};
+
+struct CMS_RecipientKeyIdentifier_st
+	{
+ 	ASN1_OCTET_STRING *subjectKeyIdentifier;
+ 	ASN1_GENERALIZEDTIME *date;
+ 	CMS_OtherKeyAttribute *other;
+	};
+
+struct CMS_KEKRecipientInfo_st
+	{
+ 	long version;
+ 	CMS_KEKIdentifier *kekid;
+ 	X509_ALGOR *keyEncryptionAlgorithm;
+ 	ASN1_OCTET_STRING *encryptedKey;
+	/* Extra info: symmetric key to use */
+	unsigned char *key;
+	size_t keylen;
+	};
+
+struct CMS_KEKIdentifier_st
+	{
+ 	ASN1_OCTET_STRING *keyIdentifier;
+ 	ASN1_GENERALIZEDTIME *date;
+ 	CMS_OtherKeyAttribute *other;
+	};
+
+struct CMS_PasswordRecipientInfo_st
+	{
+ 	long version;
+ 	X509_ALGOR *keyDerivationAlgorithm;
+ 	X509_ALGOR *keyEncryptionAlgorithm;
+ 	ASN1_OCTET_STRING *encryptedKey;
+	/* Extra info: password to use */
+	unsigned char *pass;
+	size_t passlen;
+	};
+
+struct CMS_OtherRecipientInfo_st
+	{
+ 	ASN1_OBJECT *oriType;
+ 	ASN1_TYPE *oriValue;
+	};
+
+struct CMS_DigestedData_st
+	{
+	long version;
+	X509_ALGOR *digestAlgorithm;
+	CMS_EncapsulatedContentInfo *encapContentInfo;
+	ASN1_OCTET_STRING *digest;
+	};
+
+struct CMS_EncryptedData_st
+	{
+	long version;
+	CMS_EncryptedContentInfo *encryptedContentInfo;
+	STACK_OF(X509_ATTRIBUTE) *unprotectedAttrs;
+	};
+
+struct CMS_AuthenticatedData_st
+	{
+	long version;
+	CMS_OriginatorInfo *originatorInfo;
+	STACK_OF(CMS_RecipientInfo) *recipientInfos;
+	X509_ALGOR *macAlgorithm;
+	X509_ALGOR *digestAlgorithm;
+	CMS_EncapsulatedContentInfo *encapContentInfo;
+	STACK_OF(X509_ATTRIBUTE) *authAttrs;
+	ASN1_OCTET_STRING *mac;
+	STACK_OF(X509_ATTRIBUTE) *unauthAttrs;
+	};
+
+struct CMS_CompressedData_st
+	{
+	long version;
+	X509_ALGOR *compressionAlgorithm;
+	STACK_OF(CMS_RecipientInfo) *recipientInfos;
+	CMS_EncapsulatedContentInfo *encapContentInfo;
+	};
+
+struct CMS_RevocationInfoChoice_st
+	{
+	int type;
+	union	{
+		X509_CRL *crl;
+		CMS_OtherRevocationInfoFormat *other;
+		} d;
+	};
+
+#define CMS_REVCHOICE_CRL		0
+#define CMS_REVCHOICE_OTHER		1
+
+struct CMS_OtherRevocationInfoFormat_st
+	{
+	ASN1_OBJECT *otherRevInfoFormat;
+ 	ASN1_TYPE *otherRevInfo;
+	};
+
+struct CMS_CertificateChoices
+	{
+	int type;
+		union {
+		X509 *certificate;
+		ASN1_STRING *extendedCertificate;	/* Obsolete */
+		ASN1_STRING *v1AttrCert;	/* Left encoded for now */
+		ASN1_STRING *v2AttrCert;	/* Left encoded for now */
+		CMS_OtherCertificateFormat *other;
+		} d;
+	};
+
+#define CMS_CERTCHOICE_CERT		0
+#define CMS_CERTCHOICE_EXCERT		1
+#define CMS_CERTCHOICE_V1ACERT		2
+#define CMS_CERTCHOICE_V2ACERT		3
+#define CMS_CERTCHOICE_OTHER		4
+
+struct CMS_OtherCertificateFormat_st
+	{
+	ASN1_OBJECT *otherCertFormat;
+ 	ASN1_TYPE *otherCert;
+	};
+
+/* This is also defined in pkcs7.h but we duplicate it
+ * to allow the CMS code to be independent of PKCS#7
+ */
+
+struct CMS_IssuerAndSerialNumber_st
+	{
+	X509_NAME *issuer;
+	ASN1_INTEGER *serialNumber;
+	};
+
+struct CMS_OtherKeyAttribute_st
+	{
+	ASN1_OBJECT *keyAttrId;
+ 	ASN1_TYPE *keyAttr;
+	};
+
+/* ESS structures */
+
+#ifdef HEADER_X509V3_H
+
+struct CMS_ReceiptRequest_st
+	{
+	ASN1_OCTET_STRING *signedContentIdentifier;
+	CMS_ReceiptsFrom *receiptsFrom;
+	STACK_OF(GENERAL_NAMES) *receiptsTo;
+	};
+
+
+struct CMS_ReceiptsFrom_st
+	{
+	int type;
+	union
+		{
+		long allOrFirstTier;
+		STACK_OF(GENERAL_NAMES) *receiptList;
+		} d;
+	};
+#endif
+
+struct CMS_Receipt_st
+	{
+	long version;
+	ASN1_OBJECT *contentType;
+	ASN1_OCTET_STRING *signedContentIdentifier;
+	ASN1_OCTET_STRING *originatorSignatureValue;
+	};
+
+DECLARE_ASN1_FUNCTIONS(CMS_ContentInfo)
+DECLARE_ASN1_ITEM(CMS_SignerInfo)
+DECLARE_ASN1_ITEM(CMS_IssuerAndSerialNumber)
+DECLARE_ASN1_ITEM(CMS_Attributes_Sign)
+DECLARE_ASN1_ITEM(CMS_Attributes_Verify)
+DECLARE_ASN1_ITEM(CMS_RecipientInfo)
+DECLARE_ASN1_ITEM(CMS_PasswordRecipientInfo)
+DECLARE_ASN1_ALLOC_FUNCTIONS(CMS_IssuerAndSerialNumber)
+
+#define CMS_SIGNERINFO_ISSUER_SERIAL	0
+#define CMS_SIGNERINFO_KEYIDENTIFIER	1
+
+#define CMS_RECIPINFO_ISSUER_SERIAL	0
+#define CMS_RECIPINFO_KEYIDENTIFIER	1
+
+BIO *cms_content_bio(CMS_ContentInfo *cms);
+
+CMS_ContentInfo *cms_Data_create(void);
+
+CMS_ContentInfo *cms_DigestedData_create(const EVP_MD *md);
+BIO *cms_DigestedData_init_bio(CMS_ContentInfo *cms);
+int cms_DigestedData_do_final(CMS_ContentInfo *cms, BIO *chain, int verify);
+
+BIO *cms_SignedData_init_bio(CMS_ContentInfo *cms);
+int cms_SignedData_final(CMS_ContentInfo *cms, BIO *chain);
+int cms_set1_SignerIdentifier(CMS_SignerIdentifier *sid, X509 *cert, int type);
+int cms_SignerIdentifier_get0_signer_id(CMS_SignerIdentifier *sid,
+					ASN1_OCTET_STRING **keyid,
+					X509_NAME **issuer, ASN1_INTEGER **sno);
+int cms_SignerIdentifier_cert_cmp(CMS_SignerIdentifier *sid, X509 *cert);
+
+CMS_ContentInfo *cms_CompressedData_create(int comp_nid);
+BIO *cms_CompressedData_init_bio(CMS_ContentInfo *cms);
+
+void cms_DigestAlgorithm_set(X509_ALGOR *alg, const EVP_MD *md);
+BIO *cms_DigestAlgorithm_init_bio(X509_ALGOR *digestAlgorithm);
+int cms_DigestAlgorithm_find_ctx(EVP_MD_CTX *mctx, BIO *chain,
+					X509_ALGOR *mdalg);
+
+BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec);
+BIO *cms_EncryptedData_init_bio(CMS_ContentInfo *cms);
+int cms_EncryptedContent_init(CMS_EncryptedContentInfo *ec, 
+				const EVP_CIPHER *cipher,
+				const unsigned char *key, size_t keylen);
+
+int cms_Receipt_verify(CMS_ContentInfo *cms, CMS_ContentInfo *req_cms);
+int cms_msgSigDigest_add1(CMS_SignerInfo *dest, CMS_SignerInfo *src);
+ASN1_OCTET_STRING *cms_encode_Receipt(CMS_SignerInfo *si);
+
+BIO *cms_EnvelopedData_init_bio(CMS_ContentInfo *cms);
+CMS_EnvelopedData *cms_get0_enveloped(CMS_ContentInfo *cms);
+
+/* PWRI routines */
+int cms_RecipientInfo_pwri_crypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri,
+							int en_de);
+	
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/crypto/cms/cms_lib.c b/crypto/cms/cms_lib.c
new file mode 100644
index 0000000000..714b1d9b1c
--- /dev/null
+++ b/crypto/cms/cms_lib.c
@@ -0,0 +1,620 @@
+/* crypto/cms/cms_lib.c */
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project.
+ */
+/* ====================================================================
+ * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+#include <openssl/asn1t.h>
+#include <openssl/x509.h>
+#include <openssl/err.h>
+#include <openssl/pem.h>
+#include <openssl/bio.h>
+#include <openssl/asn1.h>
+#include "cms.h"
+#include "cms_lcl.h"
+
+IMPLEMENT_ASN1_FUNCTIONS(CMS_ContentInfo)
+IMPLEMENT_ASN1_PRINT_FUNCTION(CMS_ContentInfo)
+
+DECLARE_ASN1_ITEM(CMS_CertificateChoices)
+DECLARE_ASN1_ITEM(CMS_RevocationInfoChoice)
+DECLARE_STACK_OF(CMS_CertificateChoices)
+DECLARE_STACK_OF(CMS_RevocationInfoChoice)
+
+const ASN1_OBJECT *CMS_get0_type(CMS_ContentInfo *cms)
+	{
+	return cms->contentType;
+	}
+
+CMS_ContentInfo *cms_Data_create(void)
+	{
+	CMS_ContentInfo *cms;
+	cms = CMS_ContentInfo_new();
+	if (cms)
+		{
+		cms->contentType = OBJ_nid2obj(NID_pkcs7_data);
+		/* Never detached */
+		CMS_set_detached(cms, 0);
+		}
+	return cms;
+	}
+
+BIO *cms_content_bio(CMS_ContentInfo *cms)
+	{
+	ASN1_OCTET_STRING **pos = CMS_get0_content(cms);
+	if (!pos)
+		return NULL;
+	/* If content detached data goes nowhere: create NULL BIO */
+	if (!*pos)
+		return BIO_new(BIO_s_null());
+	/* If content not detached and created return memory BIO
+	 */
+	if (!*pos || ((*pos)->flags == ASN1_STRING_FLAG_CONT))
+		return BIO_new(BIO_s_mem());
+	/* Else content was read in: return read only BIO for it */
+	return BIO_new_mem_buf((*pos)->data, (*pos)->length);
+	}
+
+BIO *CMS_dataInit(CMS_ContentInfo *cms, BIO *icont)
+	{
+	BIO *cmsbio, *cont;
+	if (icont)
+		cont = icont;
+	else
+		cont = cms_content_bio(cms);
+	if (!cont)
+		{
+		CMSerr(CMS_F_CMS_DATAINIT, CMS_R_NO_CONTENT);
+		return NULL;
+		}
+	switch (OBJ_obj2nid(cms->contentType))
+		{
+
+		case NID_pkcs7_data:
+		return cont;
+
+		case NID_pkcs7_signed:
+		cmsbio = cms_SignedData_init_bio(cms);
+		break;
+
+		case NID_pkcs7_digest:
+		cmsbio = cms_DigestedData_init_bio(cms);
+		break;
+#ifdef ZLIB
+		case NID_id_smime_ct_compressedData:
+		cmsbio = cms_CompressedData_init_bio(cms);
+		break;
+#endif
+
+		case NID_pkcs7_encrypted:
+		cmsbio = cms_EncryptedData_init_bio(cms);
+		break;
+
+		case NID_pkcs7_enveloped:
+		cmsbio = cms_EnvelopedData_init_bio(cms);
+		break;
+
+		default:
+		CMSerr(CMS_F_CMS_DATAINIT, CMS_R_UNSUPPORTED_TYPE);
+		return NULL;
+		}
+
+	if (cmsbio)
+		return BIO_push(cmsbio, cont);
+
+	if (!icont)
+		BIO_free(cont);
+	return NULL;
+
+	}
+
+int CMS_dataFinal(CMS_ContentInfo *cms, BIO *cmsbio)
+	{
+	ASN1_OCTET_STRING **pos = CMS_get0_content(cms);
+	if (!pos)
+		return 0;
+	/* If ebmedded content find memory BIO and set content */
+	if (*pos && ((*pos)->flags & ASN1_STRING_FLAG_CONT))
+		{
+		BIO *mbio;
+		unsigned char *cont;
+		long contlen;
+		mbio = BIO_find_type(cmsbio, BIO_TYPE_MEM);
+		if (!mbio)
+			{
+			CMSerr(CMS_F_CMS_DATAFINAL, CMS_R_CONTENT_NOT_FOUND);
+			return 0;
+			}
+		contlen = BIO_get_mem_data(mbio, &cont);
+		/* Set bio as read only so its content can't be clobbered */
+		BIO_set_flags(mbio, BIO_FLAGS_MEM_RDONLY);
+		BIO_set_mem_eof_return(mbio, 0);
+		ASN1_STRING_set0(*pos, cont, contlen);
+		(*pos)->flags &= ~ASN1_STRING_FLAG_CONT;
+		}
+
+	switch (OBJ_obj2nid(cms->contentType))
+		{
+
+		case NID_pkcs7_data:
+		case NID_pkcs7_enveloped:
+		case NID_pkcs7_encrypted:
+		case NID_id_smime_ct_compressedData:
+		/* Nothing to do */
+		return 1;
+
+		case NID_pkcs7_signed:
+		return cms_SignedData_final(cms, cmsbio);
+
+		case NID_pkcs7_digest:
+		return cms_DigestedData_do_final(cms, cmsbio, 0);
+
+		default:
+		CMSerr(CMS_F_CMS_DATAFINAL, CMS_R_UNSUPPORTED_TYPE);
+		return 0;
+		}
+	}
+
+/* Return an OCTET STRING pointer to content. This allows it to
+ * be accessed or set later.
+ */
+
+ASN1_OCTET_STRING **CMS_get0_content(CMS_ContentInfo *cms)
+	{
+	switch (OBJ_obj2nid(cms->contentType))
+		{
+
+		case NID_pkcs7_data:
+		return &cms->d.data;
+
+		case NID_pkcs7_signed:
+		return &cms->d.signedData->encapContentInfo->eContent;
+
+		case NID_pkcs7_enveloped:
+		return &cms->d.envelopedData->encryptedContentInfo->encryptedContent;
+
+		case NID_pkcs7_digest:
+		return &cms->d.digestedData->encapContentInfo->eContent;
+
+		case NID_pkcs7_encrypted:
+		return &cms->d.encryptedData->encryptedContentInfo->encryptedContent;
+
+		case NID_id_smime_ct_authData:
+		return &cms->d.authenticatedData->encapContentInfo->eContent;
+
+		case NID_id_smime_ct_compressedData:
+		return &cms->d.compressedData->encapContentInfo->eContent;
+
+		default:
+		if (cms->d.other->type == V_ASN1_OCTET_STRING)
+			return &cms->d.other->value.octet_string;
+		CMSerr(CMS_F_CMS_GET0_CONTENT, CMS_R_UNSUPPORTED_CONTENT_TYPE);
+		return NULL;
+
+		}
+	}
+
+/* Return an ASN1_OBJECT pointer to content type. This allows it to
+ * be accessed or set later.
+ */
+
+static ASN1_OBJECT **cms_get0_econtent_type(CMS_ContentInfo *cms)
+	{
+	switch (OBJ_obj2nid(cms->contentType))
+		{
+
+		case NID_pkcs7_signed:
+		return &cms->d.signedData->encapContentInfo->eContentType;
+
+		case NID_pkcs7_enveloped:
+		return &cms->d.envelopedData->encryptedContentInfo->contentType;
+
+		case NID_pkcs7_digest:
+		return &cms->d.digestedData->encapContentInfo->eContentType;
+
+		case NID_pkcs7_encrypted:
+		return &cms->d.encryptedData->encryptedContentInfo->contentType;
+
+		case NID_id_smime_ct_authData:
+		return &cms->d.authenticatedData->encapContentInfo->eContentType;
+
+		case NID_id_smime_ct_compressedData:
+		return &cms->d.compressedData->encapContentInfo->eContentType;
+
+		default:
+		CMSerr(CMS_F_CMS_GET0_ECONTENT_TYPE,
+					CMS_R_UNSUPPORTED_CONTENT_TYPE);
+		return NULL;
+
+		}
+	}
+
+const ASN1_OBJECT *CMS_get0_eContentType(CMS_ContentInfo *cms)
+	{
+	ASN1_OBJECT **petype;
+	petype = cms_get0_econtent_type(cms);
+	if (petype)
+		return *petype;
+	return NULL;
+	}
+
+int CMS_set1_eContentType(CMS_ContentInfo *cms, const ASN1_OBJECT *oid)
+	{
+	ASN1_OBJECT **petype, *etype;
+	petype = cms_get0_econtent_type(cms);
+	if (!petype)
+		return 0;
+	if (!oid)
+		return 1;
+	etype = OBJ_dup(oid);
+	if (!etype)
+		return 0;
+	ASN1_OBJECT_free(*petype);
+	*petype = etype;
+	return 1;
+	}
+
+int CMS_is_detached(CMS_ContentInfo *cms)
+	{
+	ASN1_OCTET_STRING **pos;
+	pos = CMS_get0_content(cms);
+	if (!pos)
+		return -1;
+	if (*pos)
+		return 0;
+	return 1;
+	}
+
+int CMS_set_detached(CMS_ContentInfo *cms, int detached)
+	{
+	ASN1_OCTET_STRING **pos;
+	pos = CMS_get0_content(cms);
+	if (!pos)
+		return 0;
+	if (detached)
+		{
+		if (*pos)
+			{
+			ASN1_OCTET_STRING_free(*pos);
+			*pos = NULL;
+			}
+		return 1;
+		}
+	if (!*pos)
+		*pos = ASN1_OCTET_STRING_new();
+	if (*pos)
+		{
+		/* NB: special flag to show content is created and not
+		 * read in.
+		 */
+		(*pos)->flags |= ASN1_STRING_FLAG_CONT;
+		return 1;
+		}
+	CMSerr(CMS_F_CMS_SET_DETACHED, ERR_R_MALLOC_FAILURE);
+	return 0;
+	}
+
+/* Set up an X509_ALGOR DigestAlgorithmIdentifier from an EVP_MD */
+
+void cms_DigestAlgorithm_set(X509_ALGOR *alg, const EVP_MD *md)
+	{
+	int param_type;
+
+	if (md->flags & EVP_MD_FLAG_DIGALGID_ABSENT)
+		param_type = V_ASN1_UNDEF;
+	else
+		param_type = V_ASN1_NULL;
+
+	X509_ALGOR_set0(alg, OBJ_nid2obj(EVP_MD_type(md)), param_type, NULL);
+
+	}
+
+/* Create a digest BIO from an X509_ALGOR structure */
+
+BIO *cms_DigestAlgorithm_init_bio(X509_ALGOR *digestAlgorithm)
+	{
+	BIO *mdbio = NULL;
+	ASN1_OBJECT *digestoid;
+	const EVP_MD *digest;
+	X509_ALGOR_get0(&digestoid, NULL, NULL, digestAlgorithm);
+	digest = EVP_get_digestbyobj(digestoid);
+	if (!digest)
+		{
+		CMSerr(CMS_F_CMS_DIGESTALGORITHM_INIT_BIO,
+				CMS_R_UNKNOWN_DIGEST_ALGORIHM);
+		goto err;	
+		}
+	mdbio = BIO_new(BIO_f_md());
+	if (!mdbio || !BIO_set_md(mdbio, digest))
+		{
+		CMSerr(CMS_F_CMS_DIGESTALGORITHM_INIT_BIO,
+				CMS_R_MD_BIO_INIT_ERROR);
+		goto err;	
+		}
+	return mdbio;
+	err:
+	if (mdbio)
+		BIO_free(mdbio);
+	return NULL;
+	}
+
+/* Locate a message digest content from a BIO chain based on SignerInfo */
+
+int cms_DigestAlgorithm_find_ctx(EVP_MD_CTX *mctx, BIO *chain,
+					X509_ALGOR *mdalg)
+	{
+	int nid;
+	ASN1_OBJECT *mdoid;
+	X509_ALGOR_get0(&mdoid, NULL, NULL, mdalg);
+	nid = OBJ_obj2nid(mdoid);
+	/* Look for digest type to match signature */
+	for (;;)
+		{
+		EVP_MD_CTX *mtmp;
+		chain = BIO_find_type(chain, BIO_TYPE_MD);
+		if (chain == NULL)
+			{
+			CMSerr(CMS_F_CMS_DIGESTALGORITHM_FIND_CTX,
+						CMS_R_NO_MATCHING_DIGEST);
+			return 0;
+			}
+		BIO_get_md_ctx(chain, &mtmp);
+		if (EVP_MD_CTX_type(mtmp) == nid)
+			return EVP_MD_CTX_copy_ex(mctx, mtmp);
+		chain = BIO_next(chain);
+		}
+	}
+
+static STACK_OF(CMS_CertificateChoices) **cms_get0_certificate_choices(CMS_ContentInfo *cms)
+	{
+	switch (OBJ_obj2nid(cms->contentType))
+		{
+
+		case NID_pkcs7_signed:
+		return &cms->d.signedData->certificates;
+
+		case NID_pkcs7_enveloped:
+		return &cms->d.envelopedData->originatorInfo->certificates;
+
+		default:
+		CMSerr(CMS_F_CMS_GET0_CERTIFICATE_CHOICES,
+					CMS_R_UNSUPPORTED_CONTENT_TYPE);
+		return NULL;
+
+		}
+	}
+
+CMS_CertificateChoices *CMS_add0_CertificateChoices(CMS_ContentInfo *cms)
+	{
+	STACK_OF(CMS_CertificateChoices) **pcerts;
+	CMS_CertificateChoices *cch;
+	pcerts = cms_get0_certificate_choices(cms);
+	if (!pcerts)
+		return NULL;
+	if (!*pcerts)
+		*pcerts = sk_CMS_CertificateChoices_new_null();
+	if (!*pcerts)
+		return NULL;
+	cch = M_ASN1_new_of(CMS_CertificateChoices);
+	if (!cch)
+		return NULL;
+	if (!sk_CMS_CertificateChoices_push(*pcerts, cch))
+		{
+		M_ASN1_free_of(cch, CMS_CertificateChoices);
+		return NULL;
+		}
+	return cch;
+	}
+
+int CMS_add0_cert(CMS_ContentInfo *cms, X509 *cert)
+	{
+	CMS_CertificateChoices *cch;
+	STACK_OF(CMS_CertificateChoices) **pcerts;
+	int i;
+	pcerts = cms_get0_certificate_choices(cms);
+	if (!pcerts)
+		return 0;
+	if (!pcerts)
+		return 0;
+	for (i = 0; i < sk_CMS_CertificateChoices_num(*pcerts); i++)
+		{
+		cch = sk_CMS_CertificateChoices_value(*pcerts, i);
+		if (cch->type == CMS_CERTCHOICE_CERT)
+			{
+			if (!X509_cmp(cch->d.certificate, cert))
+				{
+				CMSerr(CMS_F_CMS_ADD0_CERT, 
+					CMS_R_CERTIFICATE_ALREADY_PRESENT);
+				return 0;
+				}
+			}
+		}
+	cch = CMS_add0_CertificateChoices(cms);
+	if (!cch)
+		return 0;
+	cch->type = CMS_CERTCHOICE_CERT;
+	cch->d.certificate = cert;
+	return 1;
+	}
+
+int CMS_add1_cert(CMS_ContentInfo *cms, X509 *cert)
+	{
+	int r;
+	r = CMS_add0_cert(cms, cert);
+	if (r > 0)
+		CRYPTO_add(&cert->references, 1, CRYPTO_LOCK_X509);
+	return r;
+	}
+
+static STACK_OF(CMS_RevocationInfoChoice) **cms_get0_revocation_choices(CMS_ContentInfo *cms)
+	{
+	switch (OBJ_obj2nid(cms->contentType))
+		{
+
+		case NID_pkcs7_signed:
+		return &cms->d.signedData->crls;
+
+		case NID_pkcs7_enveloped:
+		return &cms->d.envelopedData->originatorInfo->crls;
+
+		default:
+		CMSerr(CMS_F_CMS_GET0_REVOCATION_CHOICES,
+					CMS_R_UNSUPPORTED_CONTENT_TYPE);
+		return NULL;
+
+		}
+	}
+
+CMS_RevocationInfoChoice *CMS_add0_RevocationInfoChoice(CMS_ContentInfo *cms)
+	{
+	STACK_OF(CMS_RevocationInfoChoice) **pcrls;
+	CMS_RevocationInfoChoice *rch;
+	pcrls = cms_get0_revocation_choices(cms);
+	if (!pcrls)
+		return NULL;
+	if (!*pcrls)
+		*pcrls = sk_CMS_RevocationInfoChoice_new_null();
+	if (!*pcrls)
+		return NULL;
+	rch = M_ASN1_new_of(CMS_RevocationInfoChoice);
+	if (!rch)
+		return NULL;
+	if (!sk_CMS_RevocationInfoChoice_push(*pcrls, rch))
+		{
+		M_ASN1_free_of(rch, CMS_RevocationInfoChoice);
+		return NULL;
+		}
+	return rch;
+	}
+
+int CMS_add0_crl(CMS_ContentInfo *cms, X509_CRL *crl)
+	{
+	CMS_RevocationInfoChoice *rch;
+	rch = CMS_add0_RevocationInfoChoice(cms);
+	if (!rch)
+		return 0;
+	rch->type = CMS_REVCHOICE_CRL;
+	rch->d.crl = crl;
+	return 1;
+	}
+
+int CMS_add1_crl(CMS_ContentInfo *cms, X509_CRL *crl)
+	{
+	int r;
+	r = CMS_add0_crl(cms, crl);
+	if (r > 0)
+		CRYPTO_add(&crl->references, 1, CRYPTO_LOCK_X509_CRL);
+	return r;
+	}
+
+STACK_OF(X509) *CMS_get1_certs(CMS_ContentInfo *cms)
+	{
+	STACK_OF(X509) *certs = NULL;
+	CMS_CertificateChoices *cch;
+	STACK_OF(CMS_CertificateChoices) **pcerts;
+	int i;
+	pcerts = cms_get0_certificate_choices(cms);
+	if (!pcerts)
+		return NULL;
+	for (i = 0; i < sk_CMS_CertificateChoices_num(*pcerts); i++)
+		{
+		cch = sk_CMS_CertificateChoices_value(*pcerts, i);
+		if (cch->type == 0)
+			{
+			if (!certs)
+				{
+				certs = sk_X509_new_null();
+				if (!certs)
+					return NULL;
+				}
+			if (!sk_X509_push(certs, cch->d.certificate))
+				{
+				sk_X509_pop_free(certs, X509_free);
+				return NULL;
+				}
+			CRYPTO_add(&cch->d.certificate->references,
+						1, CRYPTO_LOCK_X509);
+			}
+		}
+	return certs;
+
+	}
+
+STACK_OF(X509_CRL) *CMS_get1_crls(CMS_ContentInfo *cms)
+	{
+	STACK_OF(X509_CRL) *crls = NULL;
+	STACK_OF(CMS_RevocationInfoChoice) **pcrls;
+	CMS_RevocationInfoChoice *rch;
+	int i;
+	pcrls = cms_get0_revocation_choices(cms);
+	if (!pcrls)
+		return NULL;
+	for (i = 0; i < sk_CMS_RevocationInfoChoice_num(*pcrls); i++)
+		{
+		rch = sk_CMS_RevocationInfoChoice_value(*pcrls, i);
+		if (rch->type == 0)
+			{
+			if (!crls)
+				{
+				crls = sk_X509_CRL_new_null();
+				if (!crls)
+					return NULL;
+				}
+			if (!sk_X509_CRL_push(crls, rch->d.crl))
+				{
+				sk_X509_CRL_pop_free(crls, X509_CRL_free);
+				return NULL;
+				}
+			CRYPTO_add(&rch->d.crl->references,
+						1, CRYPTO_LOCK_X509_CRL);
+			}
+		}
+	return crls;
+	}
diff --git a/crypto/cms/cms_pwri.c b/crypto/cms/cms_pwri.c
new file mode 100644
index 0000000000..5fe7f494bd
--- /dev/null
+++ b/crypto/cms/cms_pwri.c
@@ -0,0 +1,453 @@
+/* crypto/cms/cms_pwri.c */
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project.
+ */
+/* ====================================================================
+ * Copyright (c) 2009 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+#include "cryptlib.h"
+#include <openssl/asn1t.h>
+#include <openssl/pem.h>
+#include <openssl/x509v3.h>
+#include <openssl/err.h>
+#include <openssl/cms.h>
+#include <openssl/rand.h>
+#include <openssl/aes.h>
+#include "cms_lcl.h"
+#include "asn1_locl.h"
+
+int CMS_RecipientInfo_set0_password(CMS_RecipientInfo *ri, 
+				unsigned char *pass, ssize_t passlen)
+	{
+	CMS_PasswordRecipientInfo *pwri;
+	if (ri->type != CMS_RECIPINFO_PASS)
+		{
+		CMSerr(CMS_F_CMS_RECIPIENTINFO_SET0_PASSWORD, CMS_R_NOT_PWRI);
+		return 0;
+		}
+
+	pwri = ri->d.pwri;
+	pwri->pass = pass;
+	if (pass && passlen < 0)
+		passlen = strlen((char *)pass);
+	pwri->passlen = passlen;
+	return 1;
+	}
+
+CMS_RecipientInfo *CMS_add0_recipient_password(CMS_ContentInfo *cms,
+					int iter, int wrap_nid, int pbe_nid,
+					unsigned char *pass, ssize_t passlen,
+					const EVP_CIPHER *kekciph)
+	{
+	CMS_RecipientInfo *ri = NULL;
+	CMS_EnvelopedData *env;
+	CMS_PasswordRecipientInfo *pwri;
+	EVP_CIPHER_CTX ctx;
+	X509_ALGOR *encalg = NULL;
+	unsigned char iv[EVP_MAX_IV_LENGTH];
+	int ivlen;
+	env = cms_get0_enveloped(cms);
+	if (!env)
+		goto err;
+
+	if (wrap_nid <= 0)
+		wrap_nid = NID_id_alg_PWRI_KEK;
+
+	if (pbe_nid <= 0)
+		pbe_nid = NID_id_pbkdf2;
+
+	/* Get from enveloped data */
+	if (kekciph == NULL)
+		kekciph = env->encryptedContentInfo->cipher;
+
+	if (kekciph == NULL)
+		{
+		CMSerr(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD, CMS_R_NO_CIPHER);
+		return NULL;
+		}
+	if (wrap_nid != NID_id_alg_PWRI_KEK)
+		{
+		CMSerr(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD,
+				CMS_R_UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM);
+		return NULL;
+		}
+
+	/* Setup algorithm identifier for cipher */
+	encalg = X509_ALGOR_new();
+	EVP_CIPHER_CTX_init(&ctx);
+
+	if (EVP_EncryptInit_ex(&ctx, kekciph, NULL, NULL, NULL) <= 0)
+		{
+		CMSerr(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD, ERR_R_EVP_LIB);
+		goto err;
+		}
+
+	ivlen = EVP_CIPHER_CTX_iv_length(&ctx);
+
+	if (ivlen > 0)
+		{
+		if (RAND_pseudo_bytes(iv, ivlen) <= 0)
+			goto err;
+		if (EVP_EncryptInit_ex(&ctx, NULL, NULL, NULL, iv) <= 0)
+			{
+			CMSerr(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD,
+							ERR_R_EVP_LIB);
+			goto err;
+			}
+		encalg->parameter = ASN1_TYPE_new();
+		if (!encalg->parameter)
+			{
+			CMSerr(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD,
+							ERR_R_MALLOC_FAILURE);
+			goto err;
+			}
+		if (EVP_CIPHER_param_to_asn1(&ctx, encalg->parameter) <= 0)
+			{
+			CMSerr(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD,
+				CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR);
+			goto err;
+			}
+		}
+
+
+	encalg->algorithm = OBJ_nid2obj(EVP_CIPHER_CTX_type(&ctx));
+
+	EVP_CIPHER_CTX_cleanup(&ctx);
+
+	/* Initialize recipient info */
+	ri = M_ASN1_new_of(CMS_RecipientInfo);
+	if (!ri)
+		goto merr;
+
+	ri->d.pwri = M_ASN1_new_of(CMS_PasswordRecipientInfo);
+	if (!ri->d.pwri)
+		goto merr;
+	ri->type = CMS_RECIPINFO_PASS;
+
+	pwri = ri->d.pwri;
+	/* Since this is overwritten, free up empty structure already there */
+	X509_ALGOR_free(pwri->keyEncryptionAlgorithm);
+	pwri->keyEncryptionAlgorithm = X509_ALGOR_new();
+	if (!pwri->keyEncryptionAlgorithm)
+		goto merr;
+	pwri->keyEncryptionAlgorithm->algorithm = OBJ_nid2obj(wrap_nid);
+	pwri->keyEncryptionAlgorithm->parameter = ASN1_TYPE_new();
+	if (!pwri->keyEncryptionAlgorithm->parameter)
+		goto merr;
+
+        if(!ASN1_item_pack(encalg, ASN1_ITEM_rptr(X509_ALGOR),
+	    &pwri->keyEncryptionAlgorithm->parameter->value.sequence))
+		goto merr;
+        pwri->keyEncryptionAlgorithm->parameter->type = V_ASN1_SEQUENCE;
+
+	X509_ALGOR_free(encalg);
+	encalg = NULL;
+
+	/* Setup PBE algorithm */
+
+	pwri->keyDerivationAlgorithm = PKCS5_pbkdf2_set(iter, NULL, 0, -1, -1);
+
+	if (!pwri->keyDerivationAlgorithm)
+		goto err;
+
+	CMS_RecipientInfo_set0_password(ri, pass, passlen);
+	pwri->version = 0;
+
+	if (!sk_CMS_RecipientInfo_push(env->recipientInfos, ri))
+		goto merr;
+
+	return ri;
+
+	merr:
+	CMSerr(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD, ERR_R_MALLOC_FAILURE);
+	err:
+	EVP_CIPHER_CTX_cleanup(&ctx);
+	if (ri)
+		M_ASN1_free_of(ri, CMS_RecipientInfo);
+	if (encalg)
+		X509_ALGOR_free(encalg);
+	return NULL;
+
+	}
+
+/* This is an implementation of the key wrapping mechanism in RFC3211,
+ * at some point this should go into EVP.
+ */
+
+static int kek_unwrap_key(unsigned char *out, size_t *outlen,
+		const unsigned char *in, size_t inlen, EVP_CIPHER_CTX *ctx)
+	{
+	size_t blocklen = EVP_CIPHER_CTX_block_size(ctx);
+	unsigned char *tmp;
+	int outl, rv = 0;
+	if (inlen < 2 * blocklen)
+		{
+		/* too small */
+		return 0;
+		}
+	if (inlen % blocklen)
+		{
+		/* Invalid size */
+		return 0;
+		}
+	tmp = OPENSSL_malloc(inlen);
+	/* setup IV by decrypting last two blocks */
+	EVP_DecryptUpdate(ctx, tmp + inlen - 2 * blocklen, &outl,
+				in  + inlen - 2 * blocklen, blocklen * 2);
+	/* Do a decrypt of last decrypted block to set IV to correct value
+	 * output it to start of buffer so we don't corrupt decrypted block
+	 * this works because buffer is at least two block lengths long.
+	 */
+	EVP_DecryptUpdate(ctx, tmp, &outl,
+				tmp  + inlen - blocklen, blocklen);
+	/* Can now decrypt first n - 1 blocks */
+	EVP_DecryptUpdate(ctx, tmp, &outl, in, inlen - blocklen);
+
+	/* Reset IV to original value */
+	EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, NULL);
+	/* Decrypt again */
+	EVP_DecryptUpdate(ctx, tmp, &outl, tmp, inlen);
+	/* Check check bytes */
+	if (((tmp[1] ^ tmp[4]) & (tmp[2] ^ tmp[5]) & (tmp[3] ^ tmp[6])) != 0xff)
+		{
+		/* Check byte failure */
+		goto err;
+		}
+	if (inlen < (size_t)(tmp[0] - 4 ))
+		{
+		/* Invalid length value */
+		goto err;
+		}
+	*outlen = (size_t)tmp[0];
+	memcpy(out, tmp + 4, *outlen);
+	rv = 1;
+	err:
+	OPENSSL_cleanse(tmp, inlen);
+	OPENSSL_free(tmp);
+	return rv;
+
+	}
+
+static int kek_wrap_key(unsigned char *out, size_t *outlen,
+		const unsigned char *in, size_t inlen, EVP_CIPHER_CTX *ctx)
+	{
+	size_t blocklen = EVP_CIPHER_CTX_block_size(ctx);
+	size_t olen;
+	int dummy;
+	/* First decide length of output buffer: need header and round up to
+	 * multiple of block length.
+	 */
+	olen = (inlen + 4 + blocklen - 1)/blocklen;
+	olen *= blocklen;
+	if (olen < 2 * blocklen)
+		{
+		/* Key too small */
+		return 0;
+		}
+	if (inlen > 0xFF)
+		{
+		/* Key too large */
+		return 0;
+		}
+	if (out)
+		{
+		/* Set header */
+		out[0] = (unsigned char)inlen;
+		out[1] = in[0] ^ 0xFF;
+		out[2] = in[1] ^ 0xFF;
+		out[3] = in[2] ^ 0xFF;
+		memcpy(out + 4, in, inlen);
+		/* Add random padding to end */
+		if (olen > inlen + 4)
+			RAND_pseudo_bytes(out + 4 + inlen, olen - 4 - inlen);
+		/* Encrypt twice */
+		EVP_EncryptUpdate(ctx, out, &dummy, out, olen);
+		EVP_EncryptUpdate(ctx, out, &dummy, out, olen);
+		}
+
+	*outlen = olen;
+
+	return 1;
+	}
+
+/* Encrypt/Decrypt content key in PWRI recipient info */
+
+int cms_RecipientInfo_pwri_crypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri,
+							int en_de)
+	{
+	CMS_EncryptedContentInfo *ec;
+	CMS_PasswordRecipientInfo *pwri;
+	const unsigned char *p = NULL;
+	int plen;
+	int r = 0;
+	X509_ALGOR *algtmp, *kekalg = NULL;
+	EVP_CIPHER_CTX kekctx;
+	const EVP_CIPHER *kekcipher;
+	unsigned char *key = NULL;
+	size_t keylen;
+
+	ec = cms->d.envelopedData->encryptedContentInfo;
+
+	pwri = ri->d.pwri;
+	EVP_CIPHER_CTX_init(&kekctx);
+
+	if (!pwri->pass)
+		{
+		CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT, CMS_R_NO_PASSWORD);
+		return 0;
+		}
+	algtmp = pwri->keyEncryptionAlgorithm;
+
+	if (!algtmp || OBJ_obj2nid(algtmp->algorithm) != NID_id_alg_PWRI_KEK)
+		{
+		CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT,
+				CMS_R_UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM);
+		return 0;
+		}
+
+	if (algtmp->parameter->type == V_ASN1_SEQUENCE)
+		{
+		p = algtmp->parameter->value.sequence->data;
+		plen = algtmp->parameter->value.sequence->length;
+		kekalg = d2i_X509_ALGOR(NULL, &p, plen);
+		}
+	if (kekalg == NULL)
+		{
+		CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT,
+				CMS_R_INVALID_KEY_ENCRYPTION_PARAMETER);
+		return 0;
+		}
+
+	kekcipher = EVP_get_cipherbyobj(kekalg->algorithm);
+		
+	if(!kekcipher)
+		{
+		CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT,
+				CMS_R_UNKNOWN_CIPHER);
+		goto err;
+		}
+
+	/* Fixup cipher based on AlgorithmIdentifier to set IV etc */
+	if (!EVP_CipherInit_ex(&kekctx, kekcipher, NULL, NULL, NULL, en_de))
+		goto err;
+	EVP_CIPHER_CTX_set_padding(&kekctx, 0);
+	if(EVP_CIPHER_asn1_to_param(&kekctx, kekalg->parameter) < 0)
+		{
+		CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT,
+				CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR);
+		goto err;
+		}
+
+	algtmp = pwri->keyDerivationAlgorithm;
+
+	/* Finish password based key derivation to setup key in "ctx" */
+
+	if (EVP_PBE_CipherInit(algtmp->algorithm,
+				(char *)pwri->pass, pwri->passlen,
+				algtmp->parameter, &kekctx, en_de) < 0)
+		{
+		CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT, ERR_R_EVP_LIB);
+		goto err;
+		}
+
+	/* Finally wrap/unwrap the key */
+
+	if (en_de)
+		{
+
+		if (!kek_wrap_key(NULL, &keylen, ec->key, ec->keylen, &kekctx))
+			goto err;
+
+		key = OPENSSL_malloc(keylen);
+
+		if (!key)
+			goto err;
+
+		if (!kek_wrap_key(key, &keylen, ec->key, ec->keylen, &kekctx))
+			goto err;
+		pwri->encryptedKey->data = key;
+		pwri->encryptedKey->length = keylen;
+		}
+	else
+		{
+		key = OPENSSL_malloc(pwri->encryptedKey->length);
+
+		if (!key)
+			{
+			CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT,
+							ERR_R_MALLOC_FAILURE);
+			goto err;
+			}
+		if (!kek_unwrap_key(key, &keylen,
+					pwri->encryptedKey->data,
+					pwri->encryptedKey->length, &kekctx))
+			{
+			CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT,
+							CMS_R_UNWRAP_FAILURE);
+			goto err;
+			}
+
+		ec->key = key;
+		ec->keylen = keylen;
+
+		}
+
+	r = 1;
+
+	err:
+
+	EVP_CIPHER_CTX_cleanup(&kekctx);
+
+	if (!r && key)
+		OPENSSL_free(key);
+	X509_ALGOR_free(kekalg);
+
+	return r;
+
+	}
diff --git a/crypto/cms/cms_sd.c b/crypto/cms/cms_sd.c
new file mode 100644
index 0000000000..77fbd13596
--- /dev/null
+++ b/crypto/cms/cms_sd.c
@@ -0,0 +1,985 @@
+/* crypto/cms/cms_sd.c */
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project.
+ */
+/* ====================================================================
+ * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+#include "cryptlib.h"
+#include <openssl/asn1t.h>
+#include <openssl/pem.h>
+#include <openssl/x509v3.h>
+#include <openssl/err.h>
+#include <openssl/cms.h>
+#include "cms_lcl.h"
+#include "asn1_locl.h"
+
+/* CMS SignedData Utilities */
+
+DECLARE_ASN1_ITEM(CMS_SignedData)
+
+static CMS_SignedData *cms_get0_signed(CMS_ContentInfo *cms)
+	{
+	if (OBJ_obj2nid(cms->contentType) != NID_pkcs7_signed)
+		{
+		CMSerr(CMS_F_CMS_GET0_SIGNED, CMS_R_CONTENT_TYPE_NOT_SIGNED_DATA);
+		return NULL;
+		}
+	return cms->d.signedData;
+	}
+
+static CMS_SignedData *cms_signed_data_init(CMS_ContentInfo *cms)
+	{
+	if (cms->d.other == NULL)
+		{
+		cms->d.signedData = M_ASN1_new_of(CMS_SignedData);
+		if (!cms->d.signedData)
+			{
+			CMSerr(CMS_F_CMS_SIGNED_DATA_INIT, ERR_R_MALLOC_FAILURE);
+			return NULL;
+			}
+		cms->d.signedData->version = 1;
+		cms->d.signedData->encapContentInfo->eContentType =
+						OBJ_nid2obj(NID_pkcs7_data);
+		cms->d.signedData->encapContentInfo->partial = 1;
+		ASN1_OBJECT_free(cms->contentType);
+		cms->contentType = OBJ_nid2obj(NID_pkcs7_signed);
+		return cms->d.signedData;
+		}
+	return cms_get0_signed(cms);
+	}
+
+/* Just initialize SignedData e.g. for certs only structure */
+
+int CMS_SignedData_init(CMS_ContentInfo *cms)
+	{
+	if (cms_signed_data_init(cms))
+		return 1;
+	else
+		return 0;
+	}
+
+/* Check structures and fixup version numbers (if necessary) */
+
+static void cms_sd_set_version(CMS_SignedData *sd)
+	{
+	int i;
+	CMS_CertificateChoices *cch;
+	CMS_RevocationInfoChoice *rch;
+	CMS_SignerInfo *si;
+
+	for (i = 0; i < sk_CMS_CertificateChoices_num(sd->certificates); i++)
+		{
+		cch = sk_CMS_CertificateChoices_value(sd->certificates, i);
+		if (cch->type == CMS_CERTCHOICE_OTHER)
+			{
+			if (sd->version < 5)
+				sd->version = 5;
+			}
+		else if (cch->type == CMS_CERTCHOICE_V2ACERT)
+			{
+			if (sd->version < 4)
+				sd->version = 4;
+			}
+		else if (cch->type == CMS_CERTCHOICE_V1ACERT)
+			{
+			if (sd->version < 3)
+				sd->version = 3;
+			}
+		}
+
+	for (i = 0; i < sk_CMS_RevocationInfoChoice_num(sd->crls); i++)
+		{
+		rch = sk_CMS_RevocationInfoChoice_value(sd->crls, i);
+		if (rch->type == CMS_REVCHOICE_OTHER)
+			{
+			if (sd->version < 5)
+				sd->version = 5;
+			}
+		}
+
+	if ((OBJ_obj2nid(sd->encapContentInfo->eContentType) != NID_pkcs7_data)
+			&& (sd->version < 3))
+		sd->version = 3;
+
+	for (i = 0; i < sk_CMS_SignerInfo_num(sd->signerInfos); i++)
+		{
+		si = sk_CMS_SignerInfo_value(sd->signerInfos, i);
+		if (si->sid->type == CMS_SIGNERINFO_KEYIDENTIFIER)
+			{
+			if (si->version < 3)
+				si->version = 3;
+			if (sd->version < 3)
+				sd->version = 3;
+			}
+		else
+			sd->version = 1;
+		}
+
+	if (sd->version < 1)
+		sd->version = 1;
+
+	}
+	
+/* Copy an existing messageDigest value */
+
+static int cms_copy_messageDigest(CMS_ContentInfo *cms, CMS_SignerInfo *si)
+	{
+	STACK_OF(CMS_SignerInfo) *sinfos;
+	CMS_SignerInfo *sitmp;
+	int i;
+	sinfos = CMS_get0_SignerInfos(cms);
+	for (i = 0; i < sk_CMS_SignerInfo_num(sinfos); i++)
+		{
+		ASN1_OCTET_STRING *messageDigest;
+		sitmp = sk_CMS_SignerInfo_value(sinfos, i);
+		if (sitmp == si)
+			continue;
+		if (CMS_signed_get_attr_count(sitmp) < 0)
+			continue;
+		if (OBJ_cmp(si->digestAlgorithm->algorithm,
+				sitmp->digestAlgorithm->algorithm))
+			continue;
+		messageDigest = CMS_signed_get0_data_by_OBJ(sitmp,
+					OBJ_nid2obj(NID_pkcs9_messageDigest),
+					-3, V_ASN1_OCTET_STRING);
+		if (!messageDigest)
+			{
+			CMSerr(CMS_F_CMS_COPY_MESSAGEDIGEST,
+				CMS_R_ERROR_READING_MESSAGEDIGEST_ATTRIBUTE);
+			return 0;
+			}
+
+		if (CMS_signed_add1_attr_by_NID(si, NID_pkcs9_messageDigest,
+						V_ASN1_OCTET_STRING,
+						messageDigest, -1))
+			return 1;
+		else
+			return 0;
+		}
+		CMSerr(CMS_F_CMS_COPY_MESSAGEDIGEST, CMS_R_NO_MATCHING_DIGEST);
+		return 0;
+	}
+
+int cms_set1_SignerIdentifier(CMS_SignerIdentifier *sid, X509 *cert, int type)
+	{
+	switch(type)
+		{
+		case CMS_SIGNERINFO_ISSUER_SERIAL:
+		sid->d.issuerAndSerialNumber =
+			M_ASN1_new_of(CMS_IssuerAndSerialNumber);
+		if (!sid->d.issuerAndSerialNumber)
+			goto merr;
+		if (!X509_NAME_set(&sid->d.issuerAndSerialNumber->issuer,
+					X509_get_issuer_name(cert)))
+			goto merr;
+		if (!ASN1_STRING_copy(
+			sid->d.issuerAndSerialNumber->serialNumber,
+				X509_get_serialNumber(cert)))
+			goto merr;
+		break;
+
+		case CMS_SIGNERINFO_KEYIDENTIFIER:
+		if (!cert->skid)
+			{
+			CMSerr(CMS_F_CMS_SET1_SIGNERIDENTIFIER,
+					CMS_R_CERTIFICATE_HAS_NO_KEYID);
+			return 0;
+			}
+		sid->d.subjectKeyIdentifier = ASN1_STRING_dup(cert->skid);
+		if (!sid->d.subjectKeyIdentifier)
+			goto merr;
+		break;
+
+		default:
+		CMSerr(CMS_F_CMS_SET1_SIGNERIDENTIFIER, CMS_R_UNKNOWN_ID);
+		return 0;
+		}
+
+	sid->type = type;
+
+	return 1;
+
+	merr:
+	CMSerr(CMS_F_CMS_SET1_SIGNERIDENTIFIER, ERR_R_MALLOC_FAILURE);
+	return 0;
+
+	}
+
+int cms_SignerIdentifier_get0_signer_id(CMS_SignerIdentifier *sid,
+					ASN1_OCTET_STRING **keyid,
+					X509_NAME **issuer, ASN1_INTEGER **sno)
+	{
+	if (sid->type == CMS_SIGNERINFO_ISSUER_SERIAL)
+		{
+		if (issuer)
+			*issuer = sid->d.issuerAndSerialNumber->issuer;
+		if (sno)
+			*sno = sid->d.issuerAndSerialNumber->serialNumber;
+		}
+	else if (sid->type == CMS_SIGNERINFO_KEYIDENTIFIER)
+		{
+		if (keyid)
+			*keyid = sid->d.subjectKeyIdentifier;
+		}
+	else
+		return 0;
+	return 1;
+	}
+
+int cms_SignerIdentifier_cert_cmp(CMS_SignerIdentifier *sid, X509 *cert)
+	{
+	int ret;
+	if (sid->type == CMS_SIGNERINFO_ISSUER_SERIAL)
+		{
+		ret = X509_NAME_cmp(sid->d.issuerAndSerialNumber->issuer,
+					X509_get_issuer_name(cert));
+		if (ret)
+			return ret;
+		return ASN1_INTEGER_cmp(sid->d.issuerAndSerialNumber->serialNumber,
+					X509_get_serialNumber(cert));
+		}
+	else if (sid->type == CMS_SIGNERINFO_KEYIDENTIFIER)
+		{
+		X509_check_purpose(cert, -1, -1);
+		if (!cert->skid)
+			return -1;
+		return ASN1_OCTET_STRING_cmp(sid->d.subjectKeyIdentifier,
+							cert->skid);
+		}
+	else
+		return -1;
+	}
+
+CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms,
+			X509 *signer, EVP_PKEY *pk, const EVP_MD *md,
+			unsigned int flags)
+	{
+	CMS_SignedData *sd;
+	CMS_SignerInfo *si = NULL;
+	X509_ALGOR *alg;
+	int i, type;
+	if(!X509_check_private_key(signer, pk))
+		{
+		CMSerr(CMS_F_CMS_ADD1_SIGNER,
+			CMS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE);
+                return NULL;
+		}
+	sd = cms_signed_data_init(cms);
+	if (!sd)
+		goto err;
+	si = M_ASN1_new_of(CMS_SignerInfo);
+	if (!si)
+		goto merr;
+	X509_check_purpose(signer, -1, -1);
+
+	CRYPTO_add(&pk->references, 1, CRYPTO_LOCK_EVP_PKEY);
+	CRYPTO_add(&signer->references, 1, CRYPTO_LOCK_X509);
+
+	si->pkey = pk;
+	si->signer = signer;
+
+	if (flags & CMS_USE_KEYID)
+		{
+		si->version = 3;
+		if (sd->version < 3)
+			sd->version = 3;
+		type = CMS_SIGNERINFO_KEYIDENTIFIER;
+		}
+	else
+		{
+		type = CMS_SIGNERINFO_ISSUER_SERIAL;
+		si->version = 1;
+		}
+
+	if (!cms_set1_SignerIdentifier(si->sid, signer, type))
+		goto err;
+
+	if (md == NULL)
+		{
+		int def_nid;
+		if (EVP_PKEY_get_default_digest_nid(pk, &def_nid) <= 0)
+			goto err;
+		md = EVP_get_digestbynid(def_nid);
+		if (md == NULL)
+			{
+			CMSerr(CMS_F_CMS_ADD1_SIGNER, CMS_R_NO_DEFAULT_DIGEST);
+			goto err;
+			}
+		}
+
+	if (!md)
+		{
+		CMSerr(CMS_F_CMS_ADD1_SIGNER, CMS_R_NO_DIGEST_SET);
+		goto err;
+		}
+
+	cms_DigestAlgorithm_set(si->digestAlgorithm, md);
+
+	/* See if digest is present in digestAlgorithms */
+	for (i = 0; i < sk_X509_ALGOR_num(sd->digestAlgorithms); i++)
+		{
+		ASN1_OBJECT *aoid;
+		alg = sk_X509_ALGOR_value(sd->digestAlgorithms, i);
+		X509_ALGOR_get0(&aoid, NULL, NULL, alg);
+		if (OBJ_obj2nid(aoid) == EVP_MD_type(md))
+			break;
+		}
+
+	if (i == sk_X509_ALGOR_num(sd->digestAlgorithms))
+		{
+		alg = X509_ALGOR_new();
+		if (!alg)
+			goto merr;
+		cms_DigestAlgorithm_set(alg, md);
+		if (!sk_X509_ALGOR_push(sd->digestAlgorithms, alg))
+			{
+			X509_ALGOR_free(alg);
+			goto merr;
+			}
+		}
+
+	if (pk->ameth && pk->ameth->pkey_ctrl)
+		{
+		i = pk->ameth->pkey_ctrl(pk, ASN1_PKEY_CTRL_CMS_SIGN,
+						0, si);
+		if (i == -2)
+			{
+			CMSerr(CMS_F_CMS_ADD1_SIGNER,
+				CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE);
+			goto err;
+			}
+		if (i <= 0)
+			{
+			CMSerr(CMS_F_CMS_ADD1_SIGNER, CMS_R_CTRL_FAILURE);
+			goto err;
+			}
+		}
+
+	if (!(flags & CMS_NOATTR))
+		{
+		/* Initialialize signed attributes strutucture so other
+		 * attributes such as signing time etc are added later
+		 * even if we add none here.
+		 */
+		if (!si->signedAttrs)
+			{
+			si->signedAttrs = sk_X509_ATTRIBUTE_new_null();
+			if (!si->signedAttrs)
+				goto merr;
+			}
+
+		if (!(flags & CMS_NOSMIMECAP))
+			{
+			STACK_OF(X509_ALGOR) *smcap = NULL;
+			i = CMS_add_standard_smimecap(&smcap);
+			if (i)
+				i = CMS_add_smimecap(si, smcap);
+			sk_X509_ALGOR_pop_free(smcap, X509_ALGOR_free);
+			if (!i)
+				goto merr;
+			}
+		if (flags & CMS_REUSE_DIGEST)
+			{
+			if (!cms_copy_messageDigest(cms, si))
+				goto err;
+			if (!(flags & CMS_PARTIAL) &&
+					!CMS_SignerInfo_sign(si))
+				goto err;
+			}
+		}
+
+	if (!(flags & CMS_NOCERTS))
+		{
+		/* NB ignore -1 return for duplicate cert */
+		if (!CMS_add1_cert(cms, signer))
+			goto merr;
+		}
+
+	if (!sd->signerInfos)
+		sd->signerInfos = sk_CMS_SignerInfo_new_null();
+	if (!sd->signerInfos ||
+		!sk_CMS_SignerInfo_push(sd->signerInfos, si))
+		goto merr;
+
+	return si;
+
+	merr:
+	CMSerr(CMS_F_CMS_ADD1_SIGNER, ERR_R_MALLOC_FAILURE);
+	err:
+	if (si)
+		M_ASN1_free_of(si, CMS_SignerInfo);
+	return NULL;
+
+	}
+
+static int cms_add1_signingTime(CMS_SignerInfo *si, ASN1_TIME *t)
+	{
+	ASN1_TIME *tt;
+	int r = 0;
+	if (t)
+		tt = t;
+	else
+		tt = X509_gmtime_adj(NULL, 0);
+
+	if (!tt)
+		goto merr;
+
+	if (CMS_signed_add1_attr_by_NID(si, NID_pkcs9_signingTime,
+						tt->type, tt, -1) <= 0)
+		goto merr;
+
+	r = 1;
+
+	merr:
+
+	if (!t)
+		ASN1_TIME_free(tt);
+
+	if (!r)
+		CMSerr(CMS_F_CMS_ADD1_SIGNINGTIME, ERR_R_MALLOC_FAILURE);
+
+	return r;
+
+	}
+
+STACK_OF(CMS_SignerInfo) *CMS_get0_SignerInfos(CMS_ContentInfo *cms)
+	{
+	CMS_SignedData *sd;
+	sd = cms_get0_signed(cms);
+	if (!sd)
+		return NULL;
+	return sd->signerInfos;
+	}
+
+STACK_OF(X509) *CMS_get0_signers(CMS_ContentInfo *cms)
+	{
+	STACK_OF(X509) *signers = NULL;
+	STACK_OF(CMS_SignerInfo) *sinfos;
+	CMS_SignerInfo *si;
+	int i;
+	sinfos = CMS_get0_SignerInfos(cms);
+	for (i = 0; i < sk_CMS_SignerInfo_num(sinfos); i++)
+		{
+		si = sk_CMS_SignerInfo_value(sinfos, i);
+		if (si->signer)
+			{
+			if (!signers)
+				{
+				signers = sk_X509_new_null();
+				if (!signers)
+					return NULL;
+				}
+			if (!sk_X509_push(signers, si->signer))
+				{
+				sk_X509_free(signers);
+				return NULL;
+				}
+			}
+		}
+	return signers;
+	}
+
+void CMS_SignerInfo_set1_signer_cert(CMS_SignerInfo *si, X509 *signer)
+	{
+	if (signer)
+		{
+		CRYPTO_add(&signer->references, 1, CRYPTO_LOCK_X509);
+		if (si->pkey)
+			EVP_PKEY_free(si->pkey);
+		si->pkey = X509_get_pubkey(signer);
+		}
+	if (si->signer)
+		X509_free(si->signer);
+	si->signer = signer;
+	}
+
+int CMS_SignerInfo_get0_signer_id(CMS_SignerInfo *si,
+					ASN1_OCTET_STRING **keyid,
+					X509_NAME **issuer, ASN1_INTEGER **sno)
+	{
+	return cms_SignerIdentifier_get0_signer_id(si->sid, keyid, issuer, sno);
+	}
+
+int CMS_SignerInfo_cert_cmp(CMS_SignerInfo *si, X509 *cert)
+	{
+	return cms_SignerIdentifier_cert_cmp(si->sid, cert);
+	}
+
+int CMS_set1_signers_certs(CMS_ContentInfo *cms, STACK_OF(X509) *scerts,
+				unsigned int flags)
+	{
+	CMS_SignedData *sd;
+	CMS_SignerInfo *si;
+	CMS_CertificateChoices *cch;
+	STACK_OF(CMS_CertificateChoices) *certs;
+	X509 *x;
+	int i, j;
+	int ret = 0;
+	sd = cms_get0_signed(cms);
+	if (!sd)
+		return -1;
+	certs = sd->certificates;
+	for (i = 0; i < sk_CMS_SignerInfo_num(sd->signerInfos); i++)
+		{
+		si = sk_CMS_SignerInfo_value(sd->signerInfos, i);
+		if (si->signer)
+			continue;
+
+		for (j = 0; j < sk_X509_num(scerts); j++)
+			{
+			x = sk_X509_value(scerts, j);
+			if (CMS_SignerInfo_cert_cmp(si, x) == 0)
+				{
+				CMS_SignerInfo_set1_signer_cert(si, x);
+				ret++;
+				break;
+				}
+			}
+
+		if (si->signer || (flags & CMS_NOINTERN))
+			continue;
+
+		for (j = 0; j < sk_CMS_CertificateChoices_num(certs); j++)
+			{
+			cch = sk_CMS_CertificateChoices_value(certs, j);
+			if (cch->type != 0)
+				continue;
+			x = cch->d.certificate;
+			if (CMS_SignerInfo_cert_cmp(si, x) == 0)
+				{
+				CMS_SignerInfo_set1_signer_cert(si, x);
+				ret++;
+				break;
+				}
+			}
+		}
+	return ret;
+	}
+
+void CMS_SignerInfo_get0_algs(CMS_SignerInfo *si, EVP_PKEY **pk, X509 **signer,
+					X509_ALGOR **pdig, X509_ALGOR **psig)
+	{
+	if (pk)
+		*pk = si->pkey;
+	if (signer)
+		*signer = si->signer;
+	if (pdig)
+		*pdig = si->digestAlgorithm;
+	if (psig)
+		*psig = si->signatureAlgorithm;
+	}
+
+static int cms_SignerInfo_content_sign(CMS_ContentInfo *cms,
+					CMS_SignerInfo *si, BIO *chain)
+	{
+	EVP_MD_CTX mctx;
+	int r = 0;
+	EVP_MD_CTX_init(&mctx);
+
+
+	if (!si->pkey)
+		{
+		CMSerr(CMS_F_CMS_SIGNERINFO_CONTENT_SIGN, CMS_R_NO_PRIVATE_KEY);
+		return 0;
+		}
+
+	if (!cms_DigestAlgorithm_find_ctx(&mctx, chain, si->digestAlgorithm))
+		goto err;
+
+	/* If any signed attributes calculate and add messageDigest attribute */
+
+	if (CMS_signed_get_attr_count(si) >= 0)
+		{
+		ASN1_OBJECT *ctype =
+			cms->d.signedData->encapContentInfo->eContentType; 
+		unsigned char md[EVP_MAX_MD_SIZE];
+		unsigned int mdlen;
+		if (!EVP_DigestFinal_ex(&mctx, md, &mdlen))
+			goto err;
+		if (!CMS_signed_add1_attr_by_NID(si, NID_pkcs9_messageDigest,
+						V_ASN1_OCTET_STRING,
+						md, mdlen))
+			goto err;
+		/* Copy content type across */
+		if (CMS_signed_add1_attr_by_NID(si, NID_pkcs9_contentType,
+					V_ASN1_OBJECT, ctype, -1) <= 0)
+			goto err;
+		if (!CMS_SignerInfo_sign(si))
+			goto err;
+		}
+	else
+		{
+		unsigned char *sig;
+		unsigned int siglen;
+		sig = OPENSSL_malloc(EVP_PKEY_size(si->pkey));
+		if (!sig)
+			{
+			CMSerr(CMS_F_CMS_SIGNERINFO_CONTENT_SIGN,
+					ERR_R_MALLOC_FAILURE);
+			goto err;
+			}
+		if (!EVP_SignFinal(&mctx, sig, &siglen, si->pkey))
+			{
+			CMSerr(CMS_F_CMS_SIGNERINFO_CONTENT_SIGN,
+					CMS_R_SIGNFINAL_ERROR);
+			OPENSSL_free(sig);
+			goto err;
+			}
+		ASN1_STRING_set0(si->signature, sig, siglen);
+		}
+
+	r = 1;
+
+	err:
+	EVP_MD_CTX_cleanup(&mctx);
+	return r;
+
+	}
+
+int cms_SignedData_final(CMS_ContentInfo *cms, BIO *chain)
+	{
+	STACK_OF(CMS_SignerInfo) *sinfos;
+	CMS_SignerInfo *si;
+	int i;
+	sinfos = CMS_get0_SignerInfos(cms);
+	for (i = 0; i < sk_CMS_SignerInfo_num(sinfos); i++)
+		{
+		si = sk_CMS_SignerInfo_value(sinfos, i);
+		if (!cms_SignerInfo_content_sign(cms, si, chain))
+			return 0;
+		}
+	cms->d.signedData->encapContentInfo->partial = 0;
+	return 1;
+	}
+
+int CMS_SignerInfo_sign(CMS_SignerInfo *si)
+	{
+	EVP_MD_CTX mctx;
+	EVP_PKEY_CTX *pctx;
+	unsigned char *abuf = NULL;
+	int alen;
+	size_t siglen;
+	const EVP_MD *md = NULL;
+
+	md = EVP_get_digestbyobj(si->digestAlgorithm->algorithm);
+	if (md == NULL)
+		return 0;
+
+	EVP_MD_CTX_init(&mctx);
+
+	if (CMS_signed_get_attr_by_NID(si, NID_pkcs9_signingTime, -1) < 0)
+		{
+		if (!cms_add1_signingTime(si, NULL))
+			goto err;
+		}
+
+	if (EVP_DigestSignInit(&mctx, &pctx, md, NULL, si->pkey) <= 0)
+		goto err;
+
+	if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_SIGN,
+				EVP_PKEY_CTRL_CMS_SIGN, 0, si) <= 0)
+		{
+		CMSerr(CMS_F_CMS_SIGNERINFO_SIGN, CMS_R_CTRL_ERROR);
+		goto err;
+		}
+
+	alen = ASN1_item_i2d((ASN1_VALUE *)si->signedAttrs,&abuf,
+				ASN1_ITEM_rptr(CMS_Attributes_Sign));
+	if(!abuf)
+		goto err;
+	if (EVP_DigestSignUpdate(&mctx, abuf, alen) <= 0)
+		goto err;
+	if (EVP_DigestSignFinal(&mctx, NULL, &siglen) <= 0)
+		goto err;
+	OPENSSL_free(abuf);
+	abuf = OPENSSL_malloc(siglen);
+	if(!abuf)
+		goto err;
+	if (EVP_DigestSignFinal(&mctx, abuf, &siglen) <= 0)
+		goto err;
+
+	if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_SIGN,
+				EVP_PKEY_CTRL_CMS_SIGN, 1, si) <= 0)
+		{
+		CMSerr(CMS_F_CMS_SIGNERINFO_SIGN, CMS_R_CTRL_ERROR);
+		goto err;
+		}
+
+	EVP_MD_CTX_cleanup(&mctx);
+
+	ASN1_STRING_set0(si->signature, abuf, siglen);
+
+	return 1;
+
+	err:
+	if (abuf)
+		OPENSSL_free(abuf);
+	EVP_MD_CTX_cleanup(&mctx);
+	return 0;
+
+	}
+
+int CMS_SignerInfo_verify(CMS_SignerInfo *si)
+	{
+	EVP_MD_CTX mctx;
+	EVP_PKEY_CTX *pctx;
+	unsigned char *abuf = NULL;
+	int alen, r = -1;
+	const EVP_MD *md = NULL;
+
+	if (!si->pkey)
+		{
+		CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY, CMS_R_NO_PUBLIC_KEY);
+		return -1;
+		}
+
+	md = EVP_get_digestbyobj(si->digestAlgorithm->algorithm);
+	if (md == NULL)
+		return -1;
+	EVP_MD_CTX_init(&mctx);
+	if (EVP_DigestVerifyInit(&mctx, &pctx, md, NULL, si->pkey) <= 0)
+		goto err;
+
+	alen = ASN1_item_i2d((ASN1_VALUE *)si->signedAttrs,&abuf,
+				ASN1_ITEM_rptr(CMS_Attributes_Verify));
+	if(!abuf)
+		goto err;
+	r = EVP_DigestVerifyUpdate(&mctx, abuf, alen);
+	OPENSSL_free(abuf);
+	if (r <= 0)
+		{
+		r = -1;
+		goto err;
+		}
+	r = EVP_DigestVerifyFinal(&mctx,
+			si->signature->data, si->signature->length);
+	if (r <= 0)
+		CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY, CMS_R_VERIFICATION_FAILURE);
+	err:
+	EVP_MD_CTX_cleanup(&mctx);
+	return r;
+	}
+
+/* Create a chain of digest BIOs from a CMS ContentInfo */
+
+BIO *cms_SignedData_init_bio(CMS_ContentInfo *cms)
+	{
+	int i;
+	CMS_SignedData *sd;
+	BIO *chain = NULL;
+	sd = cms_get0_signed(cms);
+	if (!sd)
+		return NULL;
+	if (cms->d.signedData->encapContentInfo->partial)
+		cms_sd_set_version(sd);
+	for (i = 0; i < sk_X509_ALGOR_num(sd->digestAlgorithms); i++)
+		{
+		X509_ALGOR *digestAlgorithm;
+		BIO *mdbio;
+		digestAlgorithm = sk_X509_ALGOR_value(sd->digestAlgorithms, i);
+		mdbio = cms_DigestAlgorithm_init_bio(digestAlgorithm);
+		if (!mdbio)
+			goto err;	
+		if (chain)
+			 BIO_push(chain, mdbio);
+		else
+			chain = mdbio;
+		}
+	return chain;
+	err:
+	if (chain)
+		BIO_free_all(chain);
+	return NULL;
+	}
+
+int CMS_SignerInfo_verify_content(CMS_SignerInfo *si, BIO *chain)
+	{
+	ASN1_OCTET_STRING *os = NULL;
+	EVP_MD_CTX mctx;
+	int r = -1;
+	EVP_MD_CTX_init(&mctx);
+	/* If we have any signed attributes look for messageDigest value */
+	if (CMS_signed_get_attr_count(si) >= 0)
+		{
+		os = CMS_signed_get0_data_by_OBJ(si,
+					OBJ_nid2obj(NID_pkcs9_messageDigest),
+					-3, V_ASN1_OCTET_STRING);
+		if (!os)
+			{
+			CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY_CONTENT,
+				CMS_R_ERROR_READING_MESSAGEDIGEST_ATTRIBUTE);
+			goto err;
+			}
+		}
+
+	if (!cms_DigestAlgorithm_find_ctx(&mctx, chain, si->digestAlgorithm))
+		goto err;
+
+	/* If messageDigest found compare it */
+
+	if (os)
+		{
+		unsigned char mval[EVP_MAX_MD_SIZE];
+		unsigned int mlen;
+		if (EVP_DigestFinal_ex(&mctx, mval, &mlen) <= 0)
+			{
+			CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY_CONTENT,
+				CMS_R_UNABLE_TO_FINALIZE_CONTEXT);
+			goto err;
+			}
+		if (mlen != (unsigned int)os->length)
+			{
+			CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY_CONTENT,
+				CMS_R_MESSAGEDIGEST_ATTRIBUTE_WRONG_LENGTH);
+			goto err;
+			}
+
+		if (memcmp(mval, os->data, mlen))
+			{
+			CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY_CONTENT,
+				CMS_R_VERIFICATION_FAILURE);
+			r = 0;
+			}
+		else
+			r = 1;
+		}
+	else
+		{
+		r = EVP_VerifyFinal(&mctx, si->signature->data,
+					si->signature->length, si->pkey);
+		if (r <= 0)
+			{
+			CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY_CONTENT,
+				CMS_R_VERIFICATION_FAILURE);
+			r = 0;
+			}
+		}
+
+	err:
+	EVP_MD_CTX_cleanup(&mctx);
+	return r;
+
+	}
+
+int CMS_add_smimecap(CMS_SignerInfo *si, STACK_OF(X509_ALGOR) *algs)
+	{
+	unsigned char *smder = NULL;
+	int smderlen, r;
+	smderlen = i2d_X509_ALGORS(algs, &smder);
+	if (smderlen <= 0)
+		return 0;
+	r = CMS_signed_add1_attr_by_NID(si, NID_SMIMECapabilities,
+					V_ASN1_SEQUENCE, smder, smderlen);
+	OPENSSL_free(smder);
+	return r;
+	}
+
+int CMS_add_simple_smimecap(STACK_OF(X509_ALGOR) **algs,
+				int algnid, int keysize)
+	{
+	X509_ALGOR *alg;
+	ASN1_INTEGER *key = NULL;
+	if (keysize > 0)
+		{
+		key = ASN1_INTEGER_new();
+		if (!key || !ASN1_INTEGER_set(key, keysize))
+			return 0;
+		}
+	alg = X509_ALGOR_new();
+	if (!alg)
+		{
+		if (key)
+			ASN1_INTEGER_free(key);
+		return 0;
+		}
+		
+	X509_ALGOR_set0(alg, OBJ_nid2obj(algnid),
+				key ? V_ASN1_INTEGER : V_ASN1_UNDEF, key);
+	if (!*algs)
+		*algs = sk_X509_ALGOR_new_null();
+	if (!*algs || !sk_X509_ALGOR_push(*algs, alg))
+		{
+		X509_ALGOR_free(alg);
+		return 0;
+		}
+	return 1;
+	}
+
+/* Check to see if a cipher exists and if so add S/MIME capabilities */
+
+static int cms_add_cipher_smcap(STACK_OF(X509_ALGOR) **sk, int nid, int arg)
+	{
+	if (EVP_get_cipherbynid(nid))
+		return CMS_add_simple_smimecap(sk, nid, arg);
+	return 1;
+	}
+
+static int cms_add_digest_smcap(STACK_OF(X509_ALGOR) **sk, int nid, int arg)
+	{
+	if (EVP_get_digestbynid(nid))
+		return CMS_add_simple_smimecap(sk, nid, arg);
+	return 1;
+	}
+
+int CMS_add_standard_smimecap(STACK_OF(X509_ALGOR) **smcap)
+	{
+	if (!cms_add_cipher_smcap(smcap, NID_aes_256_cbc, -1)
+		|| !cms_add_digest_smcap(smcap, NID_id_GostR3411_94, -1)
+		|| !cms_add_cipher_smcap(smcap, NID_id_Gost28147_89, -1)
+		|| !cms_add_cipher_smcap(smcap, NID_aes_192_cbc, -1)
+		|| !cms_add_cipher_smcap(smcap, NID_aes_128_cbc, -1)
+		|| !cms_add_cipher_smcap(smcap, NID_des_ede3_cbc, -1)
+		|| !cms_add_cipher_smcap(smcap, NID_rc2_cbc, 128)
+		|| !cms_add_cipher_smcap(smcap, NID_rc2_cbc, 64)
+		|| !cms_add_cipher_smcap(smcap, NID_des_cbc, -1)
+		|| !cms_add_cipher_smcap(smcap, NID_rc2_cbc, 40))
+		return 0;
+	return 1;
+	}
diff --git a/crypto/cms/cms_smime.c b/crypto/cms/cms_smime.c
new file mode 100644
index 0000000000..ab38a258e5
--- /dev/null
+++ b/crypto/cms/cms_smime.c
@@ -0,0 +1,821 @@
+/* crypto/cms/cms_smime.c */
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project.
+ */
+/* ====================================================================
+ * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+#include "cryptlib.h"
+#include <openssl/asn1t.h>
+#include <openssl/x509.h>
+#include <openssl/x509v3.h>
+#include <openssl/err.h>
+#include <openssl/cms.h>
+#include "cms_lcl.h"
+
+static int cms_copy_content(BIO *out, BIO *in, unsigned int flags)
+	{
+	unsigned char buf[4096];
+	int r = 0, i;
+	BIO *tmpout = NULL;
+
+	if (out == NULL)
+		tmpout = BIO_new(BIO_s_null());
+	else if (flags & CMS_TEXT)
+		{
+		tmpout = BIO_new(BIO_s_mem());
+		BIO_set_mem_eof_return(tmpout, 0);
+		}
+	else
+		tmpout = out;
+
+	if(!tmpout)
+		{
+		CMSerr(CMS_F_CMS_COPY_CONTENT,ERR_R_MALLOC_FAILURE);
+		goto err;
+		}
+
+	/* Read all content through chain to process digest, decrypt etc */
+	for (;;)
+	{
+		i=BIO_read(in,buf,sizeof(buf));
+		if (i <= 0)
+			{
+			if (BIO_method_type(in) == BIO_TYPE_CIPHER)
+				{
+				if (!BIO_get_cipher_status(in))
+					goto err;
+				}
+			if (i < 0)
+				goto err;
+			break;
+			}
+				
+		if (tmpout && (BIO_write(tmpout, buf, i) != i))
+			goto err;
+	}
+
+	if(flags & CMS_TEXT)
+		{
+		if(!SMIME_text(tmpout, out))
+			{
+			CMSerr(CMS_F_CMS_COPY_CONTENT,CMS_R_SMIME_TEXT_ERROR);
+			goto err;
+			}
+		}
+
+	r = 1;
+
+	err:
+	if (tmpout && (tmpout != out))
+		BIO_free(tmpout);
+	return r;
+
+	}
+
+static int check_content(CMS_ContentInfo *cms)
+	{
+	ASN1_OCTET_STRING **pos = CMS_get0_content(cms);
+	if (!pos || !*pos)
+		{
+		CMSerr(CMS_F_CHECK_CONTENT, CMS_R_NO_CONTENT);
+		return 0;
+		}
+	return 1;
+	}
+
+static void do_free_upto(BIO *f, BIO *upto)
+	{
+	if (upto)
+		{
+		BIO *tbio;
+		do 
+			{
+			tbio = BIO_pop(f);
+			BIO_free(f);
+			f = tbio;
+			}
+		while (f != upto);
+		}
+	else
+		BIO_free_all(f);
+	}
+
+int CMS_data(CMS_ContentInfo *cms, BIO *out, unsigned int flags)
+	{
+	BIO *cont;
+	int r;
+	if (OBJ_obj2nid(CMS_get0_type(cms)) != NID_pkcs7_data)
+		{
+		CMSerr(CMS_F_CMS_DATA, CMS_R_TYPE_NOT_DATA);
+		return 0;
+		}
+	cont = CMS_dataInit(cms, NULL);
+	if (!cont)
+		return 0;
+	r = cms_copy_content(out, cont, flags);
+	BIO_free_all(cont);
+	return r;
+	}
+
+CMS_ContentInfo *CMS_data_create(BIO *in, unsigned int flags)
+	{
+	CMS_ContentInfo *cms;
+	cms = cms_Data_create();
+	if (!cms)
+		return NULL;
+
+	if ((flags & CMS_STREAM) || CMS_final(cms, in, NULL, flags))
+		return cms;
+
+	CMS_ContentInfo_free(cms);
+
+	return NULL;
+	}
+
+int CMS_digest_verify(CMS_ContentInfo *cms, BIO *dcont, BIO *out,
+							unsigned int flags)
+	{
+	BIO *cont;
+	int r;
+	if (OBJ_obj2nid(CMS_get0_type(cms)) != NID_pkcs7_digest)
+		{
+		CMSerr(CMS_F_CMS_DIGEST_VERIFY, CMS_R_TYPE_NOT_DIGESTED_DATA);
+		return 0;
+		}
+
+	if (!dcont && !check_content(cms))
+		return 0;
+
+	cont = CMS_dataInit(cms, dcont);
+	if (!cont)
+		return 0;
+	r = cms_copy_content(out, cont, flags);
+	if (r)
+		r = cms_DigestedData_do_final(cms, cont, 1);
+	do_free_upto(cont, dcont);
+	return r;
+	}
+
+CMS_ContentInfo *CMS_digest_create(BIO *in, const EVP_MD *md,
+					unsigned int flags)
+	{
+	CMS_ContentInfo *cms;
+	if (!md)
+		md = EVP_sha1();
+	cms = cms_DigestedData_create(md);
+	if (!cms)
+		return NULL;
+
+	if(!(flags & CMS_DETACHED))
+		CMS_set_detached(cms, 0);
+
+	if ((flags & CMS_STREAM) || CMS_final(cms, in, NULL, flags))
+		return cms;
+
+	CMS_ContentInfo_free(cms);
+	return NULL;
+	}
+
+int CMS_EncryptedData_decrypt(CMS_ContentInfo *cms,
+				const unsigned char *key, size_t keylen,
+				BIO *dcont, BIO *out, unsigned int flags)
+	{
+	BIO *cont;
+	int r;
+	if (OBJ_obj2nid(CMS_get0_type(cms)) != NID_pkcs7_encrypted)
+		{
+		CMSerr(CMS_F_CMS_ENCRYPTEDDATA_DECRYPT,
+					CMS_R_TYPE_NOT_ENCRYPTED_DATA);
+		return 0;
+		}
+
+	if (!dcont && !check_content(cms))
+		return 0;
+
+	if (CMS_EncryptedData_set1_key(cms, NULL, key, keylen) <= 0)
+		return 0;
+	cont = CMS_dataInit(cms, dcont);
+	if (!cont)
+		return 0;
+	r = cms_copy_content(out, cont, flags);
+	do_free_upto(cont, dcont);
+	return r;
+	}
+
+CMS_ContentInfo *CMS_EncryptedData_encrypt(BIO *in, const EVP_CIPHER *cipher,
+					const unsigned char *key, size_t keylen,
+					unsigned int flags)
+	{
+	CMS_ContentInfo *cms;
+	if (!cipher)
+		{
+		CMSerr(CMS_F_CMS_ENCRYPTEDDATA_ENCRYPT, CMS_R_NO_CIPHER);
+		return NULL;
+		}
+	cms = CMS_ContentInfo_new();
+	if (!cms)
+		return NULL;
+	if (!CMS_EncryptedData_set1_key(cms, cipher, key, keylen))
+		return NULL;
+
+	if(!(flags & CMS_DETACHED))
+		CMS_set_detached(cms, 0);
+
+	if ((flags & (CMS_STREAM|CMS_PARTIAL))
+		|| CMS_final(cms, in, NULL, flags))
+		return cms;
+
+	CMS_ContentInfo_free(cms);
+	return NULL;
+	}
+
+static int cms_signerinfo_verify_cert(CMS_SignerInfo *si,
+					X509_STORE *store,
+					STACK_OF(X509) *certs,
+					STACK_OF(X509_CRL) *crls,
+					unsigned int flags)
+	{
+	X509_STORE_CTX ctx;
+	X509 *signer;
+	int i, j, r = 0;
+	CMS_SignerInfo_get0_algs(si, NULL, &signer, NULL, NULL);
+	if (!X509_STORE_CTX_init(&ctx, store, signer, certs))
+		{
+		CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY_CERT,
+						CMS_R_STORE_INIT_ERROR);
+		goto err;
+		}
+	X509_STORE_CTX_set_default(&ctx, "smime_sign");
+	if (crls)
+		X509_STORE_CTX_set0_crls(&ctx, crls);
+
+	i = X509_verify_cert(&ctx);
+	if (i <= 0)
+		{
+		j = X509_STORE_CTX_get_error(&ctx);
+		CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY_CERT,
+						CMS_R_CERTIFICATE_VERIFY_ERROR);
+		ERR_add_error_data(2, "Verify error:",
+					 X509_verify_cert_error_string(j));
+		goto err;
+		}
+	r = 1;
+	err:
+	X509_STORE_CTX_cleanup(&ctx);
+	return r;
+
+	}
+
+int CMS_verify(CMS_ContentInfo *cms, STACK_OF(X509) *certs,
+		 X509_STORE *store, BIO *dcont, BIO *out, unsigned int flags)
+	{
+	CMS_SignerInfo *si;
+	STACK_OF(CMS_SignerInfo) *sinfos;
+	STACK_OF(X509) *cms_certs = NULL;
+	STACK_OF(X509_CRL) *crls = NULL;
+	X509 *signer;
+	int i, scount = 0, ret = 0;
+	BIO *cmsbio = NULL, *tmpin = NULL;
+
+	if (!dcont && !check_content(cms))
+		return 0;
+
+	/* Attempt to find all signer certificates */
+
+	sinfos = CMS_get0_SignerInfos(cms);
+
+	if (sk_CMS_SignerInfo_num(sinfos) <= 0)
+		{
+		CMSerr(CMS_F_CMS_VERIFY, CMS_R_NO_SIGNERS);
+		goto err;
+		}
+
+	for (i = 0; i < sk_CMS_SignerInfo_num(sinfos); i++)
+		{
+		si = sk_CMS_SignerInfo_value(sinfos, i);
+		CMS_SignerInfo_get0_algs(si, NULL, &signer, NULL, NULL);
+		if (signer)
+			scount++;
+		}
+
+	if (scount != sk_CMS_SignerInfo_num(sinfos))
+		scount += CMS_set1_signers_certs(cms, certs, flags);
+
+	if (scount != sk_CMS_SignerInfo_num(sinfos))
+		{
+		CMSerr(CMS_F_CMS_VERIFY, CMS_R_SIGNER_CERTIFICATE_NOT_FOUND);
+		goto err;
+		}
+
+	/* Attempt to verify all signers certs */
+
+	if (!(flags & CMS_NO_SIGNER_CERT_VERIFY))
+		{
+		cms_certs = CMS_get1_certs(cms);
+		if (!(flags & CMS_NOCRL))
+			crls = CMS_get1_crls(cms);
+		for (i = 0; i < sk_CMS_SignerInfo_num(sinfos); i++)
+			{
+			si = sk_CMS_SignerInfo_value(sinfos, i);
+			if (!cms_signerinfo_verify_cert(si, store,
+							cms_certs, crls, flags))
+				goto err;
+			}
+		}
+
+	/* Attempt to verify all SignerInfo signed attribute signatures */
+
+	if (!(flags & CMS_NO_ATTR_VERIFY))
+		{
+		for (i = 0; i < sk_CMS_SignerInfo_num(sinfos); i++)
+			{
+			si = sk_CMS_SignerInfo_value(sinfos, i);
+			if (CMS_signed_get_attr_count(si) < 0)
+				continue;
+			if (CMS_SignerInfo_verify(si) <= 0)
+				goto err;
+			}
+		}
+
+	/* Performance optimization: if the content is a memory BIO then
+	 * store its contents in a temporary read only memory BIO. This
+	 * avoids potentially large numbers of slow copies of data which will
+	 * occur when reading from a read write memory BIO when signatures
+	 * are calculated.
+	 */
+
+	if (dcont && (BIO_method_type(dcont) == BIO_TYPE_MEM))
+		{
+		char *ptr;
+		long len;
+		len = BIO_get_mem_data(dcont, &ptr);
+		tmpin = BIO_new_mem_buf(ptr, len);
+		if (tmpin == NULL)
+			{
+			CMSerr(CMS_F_CMS_VERIFY,ERR_R_MALLOC_FAILURE);
+			return 0;
+			}
+		}
+	else
+		tmpin = dcont;
+		
+
+	cmsbio=CMS_dataInit(cms, tmpin);
+	if (!cmsbio)
+		goto err;
+
+	if (!cms_copy_content(out, cmsbio, flags))
+		goto err;
+
+	if (!(flags & CMS_NO_CONTENT_VERIFY))
+		{
+		for (i = 0; i < sk_CMS_SignerInfo_num(sinfos); i++)
+			{
+			si = sk_CMS_SignerInfo_value(sinfos, i);
+			if (CMS_SignerInfo_verify_content(si, cmsbio) <= 0)
+				{
+				CMSerr(CMS_F_CMS_VERIFY,
+					CMS_R_CONTENT_VERIFY_ERROR);
+				goto err;
+				}
+			}
+		}
+
+	ret = 1;
+
+	err:
+	
+	if (dcont && (tmpin == dcont))
+		do_free_upto(cmsbio, dcont);
+	else
+		BIO_free_all(cmsbio);
+
+	if (cms_certs)
+		sk_X509_pop_free(cms_certs, X509_free);
+	if (crls)
+		sk_X509_CRL_pop_free(crls, X509_CRL_free);
+
+	return ret;
+	}
+
+int CMS_verify_receipt(CMS_ContentInfo *rcms, CMS_ContentInfo *ocms,
+			STACK_OF(X509) *certs,
+			X509_STORE *store, unsigned int flags)
+	{
+	int r;
+	flags &= ~(CMS_DETACHED|CMS_TEXT);
+	r = CMS_verify(rcms, certs, store, NULL, NULL, flags);
+	if (r <= 0)
+		return r;
+	return cms_Receipt_verify(rcms, ocms);
+	}
+
+CMS_ContentInfo *CMS_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs,
+						BIO *data, unsigned int flags)
+	{
+	CMS_ContentInfo *cms;
+	int i;
+
+	cms = CMS_ContentInfo_new();
+	if (!cms || !CMS_SignedData_init(cms))
+		goto merr;
+
+	if (pkey && !CMS_add1_signer(cms, signcert, pkey, NULL, flags))
+		{
+		CMSerr(CMS_F_CMS_SIGN, CMS_R_ADD_SIGNER_ERROR);
+		goto err;
+		}
+
+	for (i = 0; i < sk_X509_num(certs); i++)
+		{
+		X509 *x = sk_X509_value(certs, i);
+		if (!CMS_add1_cert(cms, x))
+			goto merr;
+		}
+
+	if(!(flags & CMS_DETACHED))
+		CMS_set_detached(cms, 0);
+
+	if ((flags & (CMS_STREAM|CMS_PARTIAL))
+		|| CMS_final(cms, data, NULL, flags))
+		return cms;
+	else
+		goto err;
+
+	merr:
+	CMSerr(CMS_F_CMS_SIGN, ERR_R_MALLOC_FAILURE);
+
+	err:
+	if (cms)
+		CMS_ContentInfo_free(cms);
+	return NULL;
+	}
+
+CMS_ContentInfo *CMS_sign_receipt(CMS_SignerInfo *si,
+					X509 *signcert, EVP_PKEY *pkey,
+					STACK_OF(X509) *certs,
+					unsigned int flags)
+	{
+	CMS_SignerInfo *rct_si;
+	CMS_ContentInfo *cms = NULL;
+	ASN1_OCTET_STRING **pos, *os;
+	BIO *rct_cont = NULL;
+	int r = 0;
+
+	flags &= ~(CMS_STREAM|CMS_TEXT);
+	/* Not really detached but avoids content being allocated */
+	flags |= CMS_PARTIAL|CMS_BINARY|CMS_DETACHED;
+	if (!pkey || !signcert)
+		{
+		CMSerr(CMS_F_CMS_SIGN_RECEIPT, CMS_R_NO_KEY_OR_CERT);
+		return NULL;
+		}
+
+	/* Initialize signed data */
+
+	cms = CMS_sign(NULL, NULL, certs, NULL, flags);
+	if (!cms)
+		goto err;
+
+	/* Set inner content type to signed receipt */
+	if (!CMS_set1_eContentType(cms, OBJ_nid2obj(NID_id_smime_ct_receipt)))
+		goto err;
+
+	rct_si = CMS_add1_signer(cms, signcert, pkey, NULL, flags);
+	if (!rct_si)
+		{
+		CMSerr(CMS_F_CMS_SIGN_RECEIPT, CMS_R_ADD_SIGNER_ERROR);
+		goto err;
+		}
+
+	os = cms_encode_Receipt(si);
+
+	if (!os)
+		goto err;
+
+	/* Set content to digest */
+	rct_cont = BIO_new_mem_buf(os->data, os->length);
+	if (!rct_cont)
+		goto err;
+
+	/* Add msgSigDigest attribute */
+
+	if (!cms_msgSigDigest_add1(rct_si, si))
+		goto err;
+
+	/* Finalize structure */
+	if (!CMS_final(cms, rct_cont, NULL, flags))
+		goto err;
+
+	/* Set embedded content */
+	pos = CMS_get0_content(cms);
+	*pos = os;
+
+	r = 1;
+
+	err:
+	if (rct_cont)
+		BIO_free(rct_cont);
+	if (r)
+		return cms;
+	CMS_ContentInfo_free(cms);
+	return NULL;
+
+	}
+
+CMS_ContentInfo *CMS_encrypt(STACK_OF(X509) *certs, BIO *data,
+				const EVP_CIPHER *cipher, unsigned int flags)
+	{
+	CMS_ContentInfo *cms;
+	int i;
+	X509 *recip;
+	cms = CMS_EnvelopedData_create(cipher);
+	if (!cms)
+		goto merr;
+	for (i = 0; i < sk_X509_num(certs); i++)
+		{
+		recip = sk_X509_value(certs, i);
+		if (!CMS_add1_recipient_cert(cms, recip, flags))
+			{
+			CMSerr(CMS_F_CMS_ENCRYPT, CMS_R_RECIPIENT_ERROR);
+			goto err;
+			}
+		}
+
+	if(!(flags & CMS_DETACHED))
+		CMS_set_detached(cms, 0);
+
+	if ((flags & (CMS_STREAM|CMS_PARTIAL))
+		|| CMS_final(cms, data, NULL, flags))
+		return cms;
+	else
+		goto err;
+
+	merr:
+	CMSerr(CMS_F_CMS_ENCRYPT, ERR_R_MALLOC_FAILURE);
+	err:
+	if (cms)
+		CMS_ContentInfo_free(cms);
+	return NULL;
+	}
+
+int CMS_decrypt_set1_pkey(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert)
+	{
+	STACK_OF(CMS_RecipientInfo) *ris;
+	CMS_RecipientInfo *ri;
+	int i, r;
+	ris = CMS_get0_RecipientInfos(cms);
+	for (i = 0; i < sk_CMS_RecipientInfo_num(ris); i++)
+		{
+		ri = sk_CMS_RecipientInfo_value(ris, i);
+		if (CMS_RecipientInfo_type(ri) != CMS_RECIPINFO_TRANS)
+				continue;
+		/* If we have a cert try matching RecipientInfo
+		 * otherwise try them all.
+		 */
+		if (!cert || (CMS_RecipientInfo_ktri_cert_cmp(ri, cert) == 0))
+			{
+			CMS_RecipientInfo_set0_pkey(ri, pk);
+			r = CMS_RecipientInfo_decrypt(cms, ri);
+			CMS_RecipientInfo_set0_pkey(ri, NULL);
+			if (r > 0)
+				return 1;
+			if (cert)
+				{
+				CMSerr(CMS_F_CMS_DECRYPT_SET1_PKEY,
+						CMS_R_DECRYPT_ERROR);
+				return 0;
+				}
+			ERR_clear_error();
+			}
+		}
+
+	CMSerr(CMS_F_CMS_DECRYPT_SET1_PKEY, CMS_R_NO_MATCHING_RECIPIENT);
+	return 0;
+
+	}
+
+int CMS_decrypt_set1_key(CMS_ContentInfo *cms, 
+				unsigned char *key, size_t keylen,
+				unsigned char *id, size_t idlen)
+	{
+	STACK_OF(CMS_RecipientInfo) *ris;
+	CMS_RecipientInfo *ri;
+	int i, r;
+	ris = CMS_get0_RecipientInfos(cms);
+	for (i = 0; i < sk_CMS_RecipientInfo_num(ris); i++)
+		{
+		ri = sk_CMS_RecipientInfo_value(ris, i);
+		if (CMS_RecipientInfo_type(ri) != CMS_RECIPINFO_KEK)
+				continue;
+
+		/* If we have an id try matching RecipientInfo
+		 * otherwise try them all.
+		 */
+		if (!id || (CMS_RecipientInfo_kekri_id_cmp(ri, id, idlen) == 0))
+			{
+			CMS_RecipientInfo_set0_key(ri, key, keylen);
+			r = CMS_RecipientInfo_decrypt(cms, ri);
+			CMS_RecipientInfo_set0_key(ri, NULL, 0);
+			if (r > 0)
+				return 1;
+			if (id)
+				{
+				CMSerr(CMS_F_CMS_DECRYPT_SET1_KEY,
+						CMS_R_DECRYPT_ERROR);
+				return 0;
+				}
+			ERR_clear_error();
+			}
+		}
+
+	CMSerr(CMS_F_CMS_DECRYPT_SET1_KEY, CMS_R_NO_MATCHING_RECIPIENT);
+	return 0;
+
+	}
+
+int CMS_decrypt_set1_password(CMS_ContentInfo *cms, 
+				unsigned char *pass, ssize_t passlen)
+	{
+	STACK_OF(CMS_RecipientInfo) *ris;
+	CMS_RecipientInfo *ri;
+	int i, r;
+	ris = CMS_get0_RecipientInfos(cms);
+	for (i = 0; i < sk_CMS_RecipientInfo_num(ris); i++)
+		{
+		ri = sk_CMS_RecipientInfo_value(ris, i);
+		if (CMS_RecipientInfo_type(ri) != CMS_RECIPINFO_PASS)
+				continue;
+		CMS_RecipientInfo_set0_password(ri, pass, passlen);
+		r = CMS_RecipientInfo_decrypt(cms, ri);
+		CMS_RecipientInfo_set0_password(ri, NULL, 0);
+		if (r > 0)
+			return 1;
+		}
+
+	CMSerr(CMS_F_CMS_DECRYPT_SET1_PASSWORD, CMS_R_NO_MATCHING_RECIPIENT);
+	return 0;
+
+	}
+	
+int CMS_decrypt(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert,
+				BIO *dcont, BIO *out,
+				unsigned int flags)
+	{
+	int r;
+	BIO *cont;
+	if (OBJ_obj2nid(CMS_get0_type(cms)) != NID_pkcs7_enveloped)
+		{
+		CMSerr(CMS_F_CMS_DECRYPT, CMS_R_TYPE_NOT_ENVELOPED_DATA);
+		return 0;
+		}
+	if (!dcont && !check_content(cms))
+		return 0;
+	if (pk && !CMS_decrypt_set1_pkey(cms, pk, cert))
+		return 0;
+
+	cont = CMS_dataInit(cms, dcont);
+	if (!cont)
+		return 0;
+	r = cms_copy_content(out, cont, flags);
+	do_free_upto(cont, dcont);
+	return r;
+	}
+
+int CMS_final(CMS_ContentInfo *cms, BIO *data, BIO *dcont, unsigned int flags)
+	{
+	BIO *cmsbio;
+	int ret = 0;
+	if (!(cmsbio = CMS_dataInit(cms, dcont)))
+		{
+		CMSerr(CMS_F_CMS_FINAL,ERR_R_MALLOC_FAILURE);
+		return 0;
+		}
+
+	SMIME_crlf_copy(data, cmsbio, flags);
+
+	(void)BIO_flush(cmsbio);
+
+
+        if (!CMS_dataFinal(cms, cmsbio))
+		{
+		CMSerr(CMS_F_CMS_FINAL,CMS_R_CMS_DATAFINAL_ERROR);
+		goto err;
+		}
+
+	ret = 1;
+
+	err:
+	do_free_upto(cmsbio, dcont);
+
+	return ret;
+
+	}
+
+#ifdef ZLIB
+
+int CMS_uncompress(CMS_ContentInfo *cms, BIO *dcont, BIO *out,
+							unsigned int flags)
+	{
+	BIO *cont;
+	int r;
+	if (OBJ_obj2nid(CMS_get0_type(cms)) != NID_id_smime_ct_compressedData)
+		{
+		CMSerr(CMS_F_CMS_UNCOMPRESS,
+					CMS_R_TYPE_NOT_COMPRESSED_DATA);
+		return 0;
+		}
+
+	if (!dcont && !check_content(cms))
+		return 0;
+
+	cont = CMS_dataInit(cms, dcont);
+	if (!cont)
+		return 0;
+	r = cms_copy_content(out, cont, flags);
+	do_free_upto(cont, dcont);
+	return r;
+	}
+
+CMS_ContentInfo *CMS_compress(BIO *in, int comp_nid, unsigned int flags)
+	{
+	CMS_ContentInfo *cms;
+	if (comp_nid <= 0)
+		comp_nid = NID_zlib_compression;
+	cms = cms_CompressedData_create(comp_nid);
+	if (!cms)
+		return NULL;
+
+	if(!(flags & CMS_DETACHED))
+		CMS_set_detached(cms, 0);
+
+	if ((flags & CMS_STREAM) || CMS_final(cms, in, NULL, flags))
+		return cms;
+
+	CMS_ContentInfo_free(cms);
+	return NULL;
+	}
+
+#else
+
+int CMS_uncompress(CMS_ContentInfo *cms, BIO *dcont, BIO *out,
+							unsigned int flags)
+	{
+	CMSerr(CMS_F_CMS_UNCOMPRESS, CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM);
+	return 0;
+	}
+
+CMS_ContentInfo *CMS_compress(BIO *in, int comp_nid, unsigned int flags)
+	{
+	CMSerr(CMS_F_CMS_COMPRESS, CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM);
+	return NULL;
+	}
+
+#endif
diff --git a/crypto/comp/.cvsignore b/crypto/comp/.cvsignore
index c6d03a9dbc..439e6d3eb6 100644
--- a/crypto/comp/.cvsignore
+++ b/crypto/comp/.cvsignore
@@ -1,2 +1,4 @@
 lib
 Makefile.save
+*.flc
+semantic.cache
diff --git a/crypto/comp/Makefile.ssl b/crypto/comp/Makefile.ssl
deleted file mode 100644
index c2950086ce..0000000000
--- a/crypto/comp/Makefile.ssl
+++ /dev/null
@@ -1,113 +0,0 @@
-#
-# SSLeay/crypto/comp/Makefile
-#
-
-DIR=	comp
-TOP=	../..
-CC=	cc
-INCLUDES= -I.. -I$(TOP) -I../../include
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC= comp_lib.c comp_err.c \
-	c_rle.c c_zlib.c
-
-LIBOBJ=	comp_lib.o comp_err.o \
-	c_rle.o c_zlib.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= comp.h
-HEADER=	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@sh $(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-c_rle.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-c_rle.o: ../../include/openssl/comp.h ../../include/openssl/crypto.h
-c_rle.o: ../../include/openssl/e_os2.h ../../include/openssl/obj_mac.h
-c_rle.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-c_rle.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-c_rle.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-c_rle.o: ../../include/openssl/symhacks.h c_rle.c
-c_zlib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-c_zlib.o: ../../include/openssl/comp.h ../../include/openssl/crypto.h
-c_zlib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-c_zlib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-c_zlib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-c_zlib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-c_zlib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-c_zlib.o: ../../include/openssl/symhacks.h c_zlib.c
-comp_err.o: ../../include/openssl/bio.h ../../include/openssl/comp.h
-comp_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-comp_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-comp_err.o: ../../include/openssl/opensslconf.h
-comp_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-comp_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-comp_err.o: ../../include/openssl/symhacks.h comp_err.c
-comp_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-comp_lib.o: ../../include/openssl/comp.h ../../include/openssl/crypto.h
-comp_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/obj_mac.h
-comp_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-comp_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-comp_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-comp_lib.o: ../../include/openssl/symhacks.h comp_lib.c
diff --git a/crypto/comp/c_zlib.c b/crypto/comp/c_zlib.c
index 171fa5b86b..8adf35f3fc 100644
--- a/crypto/comp/c_zlib.c
+++ b/crypto/comp/c_zlib.c
@@ -31,6 +31,24 @@ static int zlib_stateful_compress_block(COMP_CTX *ctx, unsigned char *out,
 static int zlib_stateful_expand_block(COMP_CTX *ctx, unsigned char *out,
 	unsigned int olen, unsigned char *in, unsigned int ilen);
 
+
+/* memory allocations functions for zlib intialization */
+static void* zlib_zalloc(void* opaque, unsigned int no, unsigned int size)
+{
+	void *p;
+	
+	p=OPENSSL_malloc(no*size);
+	if (p)
+		memset(p, 0, no*size);
+	return p;
+}
+
+
+static void zlib_zfree(void* opaque, void* address)
+{
+	OPENSSL_free(address);
+}
+
 #if 0
 static int zlib_compress_block(COMP_CTX *ctx, unsigned char *out,
 	unsigned int olen, unsigned char *in, unsigned int ilen);
@@ -67,45 +85,27 @@ static COMP_METHOD zlib_stateful_method={
  * When OpenSSL is built on Windows, we do not want to require that
  * the ZLIB.DLL be available in order for the OpenSSL DLLs to
  * work.  Therefore, all ZLIB routines are loaded at run time
- * and we do not link to a .LIB file.
+ * and we do not link to a .LIB file when ZLIB_SHARED is set.
  */
 #if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32)
 # include <windows.h>
-
-# define Z_CALLCONV _stdcall
-# define ZLIB_SHARED
-#else
-# define Z_CALLCONV
 #endif /* !(OPENSSL_SYS_WINDOWS || OPENSSL_SYS_WIN32) */
 
 #ifdef ZLIB_SHARED
 #include <openssl/dso.h>
 
-/* Prototypes for built in stubs */
-#if 0
-static int stub_compress(Bytef *dest,uLongf *destLen,
-	const Bytef *source, uLong sourceLen);
-#endif
-static int stub_inflateEnd(z_streamp strm);
-static int stub_inflate(z_streamp strm, int flush);
-static int stub_inflateInit_(z_streamp strm, const char * version,
-	int stream_size);
-static int stub_deflateEnd(z_streamp strm);
-static int stub_deflate(z_streamp strm, int flush);
-static int stub_deflateInit_(z_streamp strm, int level,
-	const char * version, int stream_size);
-
 /* Function pointers */
-typedef int (Z_CALLCONV *compress_ft)(Bytef *dest,uLongf *destLen,
+typedef int (*compress_ft)(Bytef *dest,uLongf *destLen,
 	const Bytef *source, uLong sourceLen);
-typedef int (Z_CALLCONV *inflateEnd_ft)(z_streamp strm);
-typedef int (Z_CALLCONV *inflate_ft)(z_streamp strm, int flush);
-typedef int (Z_CALLCONV *inflateInit__ft)(z_streamp strm,
+typedef int (*inflateEnd_ft)(z_streamp strm);
+typedef int (*inflate_ft)(z_streamp strm, int flush);
+typedef int (*inflateInit__ft)(z_streamp strm,
 	const char * version, int stream_size);
-typedef int (Z_CALLCONV *deflateEnd_ft)(z_streamp strm);
-typedef int (Z_CALLCONV *deflate_ft)(z_streamp strm, int flush);
-typedef int (Z_CALLCONV *deflateInit__ft)(z_streamp strm, int level,
+typedef int (*deflateEnd_ft)(z_streamp strm);
+typedef int (*deflate_ft)(z_streamp strm, int flush);
+typedef int (*deflateInit__ft)(z_streamp strm, int level,
 	const char * version, int stream_size);
+typedef const char * (*zError__ft)(int err);
 static compress_ft	p_compress=NULL;
 static inflateEnd_ft	p_inflateEnd=NULL;
 static inflate_ft	p_inflate=NULL;
@@ -113,17 +113,19 @@ static inflateInit__ft	p_inflateInit_=NULL;
 static deflateEnd_ft	p_deflateEnd=NULL;
 static deflate_ft	p_deflate=NULL;
 static deflateInit__ft	p_deflateInit_=NULL;
+static zError__ft	p_zError=NULL;
 
 static int zlib_loaded = 0;     /* only attempt to init func pts once */
 static DSO *zlib_dso = NULL;
 
-#define compress                stub_compress
-#define inflateEnd              stub_inflateEnd
-#define inflate                 stub_inflate
-#define inflateInit_            stub_inflateInit_
-#define deflateEnd              stub_deflateEnd
-#define deflate                 stub_deflate
-#define deflateInit_            stub_deflateInit_
+#define compress                p_compress
+#define inflateEnd              p_inflateEnd
+#define inflate                 p_inflate
+#define inflateInit_            p_inflateInit_
+#define deflateEnd              p_deflateEnd
+#define deflate                 p_deflate
+#define deflateInit_            p_deflateInit_
+#define zError			p_zError
 #endif /* ZLIB_SHARED */
 
 struct zlib_state
@@ -134,15 +136,6 @@ struct zlib_state
 
 static int zlib_stateful_ex_idx = -1;
 
-static void zlib_stateful_free_ex_data(void *obj, void *item,
-	CRYPTO_EX_DATA *ad, int ind,long argl, void *argp)
-	{
-	struct zlib_state *state = (struct zlib_state *)item;
-	inflateEnd(&state->istream);
-	deflateEnd(&state->ostream);
-	OPENSSL_free(state);
-	}
-
 static int zlib_stateful_init(COMP_CTX *ctx)
 	{
 	int err;
@@ -152,8 +145,8 @@ static int zlib_stateful_init(COMP_CTX *ctx)
 	if (state == NULL)
 		goto err;
 
-	state->istream.zalloc = Z_NULL;
-	state->istream.zfree = Z_NULL;
+	state->istream.zalloc = zlib_zalloc;
+	state->istream.zfree = zlib_zfree;
 	state->istream.opaque = Z_NULL;
 	state->istream.next_in = Z_NULL;
 	state->istream.next_out = Z_NULL;
@@ -164,8 +157,8 @@ static int zlib_stateful_init(COMP_CTX *ctx)
 	if (err != Z_OK)
 		goto err;
 
-	state->ostream.zalloc = Z_NULL;
-	state->ostream.zfree = Z_NULL;
+	state->ostream.zalloc = zlib_zalloc;
+	state->ostream.zfree = zlib_zfree;
 	state->ostream.opaque = Z_NULL;
 	state->ostream.next_in = Z_NULL;
 	state->ostream.next_out = Z_NULL;
@@ -177,17 +170,6 @@ static int zlib_stateful_init(COMP_CTX *ctx)
 		goto err;
 
 	CRYPTO_new_ex_data(CRYPTO_EX_INDEX_COMP,ctx,&ctx->ex_data);
-	if (zlib_stateful_ex_idx == -1)
-		{
-		CRYPTO_w_lock(CRYPTO_LOCK_COMP);
-		if (zlib_stateful_ex_idx == -1)
-			zlib_stateful_ex_idx =
-				CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_COMP,
-					0,NULL,NULL,NULL,zlib_stateful_free_ex_data);
-		CRYPTO_w_unlock(CRYPTO_LOCK_COMP);
-		if (zlib_stateful_ex_idx == -1)
-			goto err;
-		}
 	CRYPTO_set_ex_data(&ctx->ex_data,zlib_stateful_ex_idx,state);
 	return 1;
  err:
@@ -197,6 +179,12 @@ static int zlib_stateful_init(COMP_CTX *ctx)
 
 static void zlib_stateful_finish(COMP_CTX *ctx)
 	{
+	struct zlib_state *state =
+		(struct zlib_state *)CRYPTO_get_ex_data(&ctx->ex_data,
+			zlib_stateful_ex_idx);
+	inflateEnd(&state->istream);
+	deflateEnd(&state->ostream);
+	OPENSSL_free(state);
 	CRYPTO_free_ex_data(CRYPTO_EX_INDEX_COMP,ctx,&ctx->ex_data);
 	}
 
@@ -359,16 +347,6 @@ COMP_METHOD *COMP_zlib(void)
 		{
 #if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32)
 		zlib_dso = DSO_load(NULL, "ZLIB1", NULL, 0);
-		if (!zlib_dso)
-			{
-			zlib_dso = DSO_load(NULL, "ZLIB", NULL, 0);
-			if (zlib_dso)
-				{
-				/* Clear the errors from the first failed
-				   DSO_load() */
-				ERR_clear_error();
-				}
-			}
 #else
 		zlib_dso = DSO_load(NULL, "z", NULL, 0);
 #endif
@@ -395,84 +373,427 @@ COMP_METHOD *COMP_zlib(void)
 			p_deflateInit_
 				= (deflateInit__ft) DSO_bind_func(zlib_dso,
 					"deflateInit_");
-			zlib_loaded++;
+			p_zError
+				= (zError__ft) DSO_bind_func(zlib_dso,
+					"zError");
+
+			if (p_compress && p_inflateEnd && p_inflate
+				&& p_inflateInit_ && p_deflateEnd
+				&& p_deflate && p_deflateInit_ && p_zError)
+				zlib_loaded++;
 			}
 		}
 
 #endif
+#ifdef ZLIB_SHARED
+	if (zlib_loaded)
+#endif
 #if defined(ZLIB) || defined(ZLIB_SHARED)
-	meth = &zlib_stateful_method;
+		{
+		/* init zlib_stateful_ex_idx here so that in a multi-process
+		 * application it's enough to intialize openssl before forking
+		 * (idx will be inherited in all the children) */
+		if (zlib_stateful_ex_idx == -1)
+			{
+			CRYPTO_w_lock(CRYPTO_LOCK_COMP);
+			if (zlib_stateful_ex_idx == -1)
+				zlib_stateful_ex_idx =
+					CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_COMP,
+						0,NULL,NULL,NULL,NULL);
+			CRYPTO_w_unlock(CRYPTO_LOCK_COMP);
+			if (zlib_stateful_ex_idx == -1)
+				goto err;
+			}
+		
+		meth = &zlib_stateful_method;
+		}
+err:	
 #endif
 
 	return(meth);
 	}
 
+void COMP_zlib_cleanup(void)
+	{
 #ifdef ZLIB_SHARED
-#if 0
-/* Stubs for each function to be dynamicly loaded */
-static int 
-stub_compress(Bytef *dest,uLongf *destLen,const Bytef *source, uLong sourceLen)
+	if (zlib_dso)
+		DSO_free(zlib_dso);
+#endif
+	}
+
+#ifdef ZLIB
+
+/* Zlib based compression/decompression filter BIO */
+
+typedef struct
 	{
-	if (p_compress)
-		return(p_compress(dest,destLen,source,sourceLen));
-	else
-		return(Z_MEM_ERROR);
+	unsigned char *ibuf;	/* Input buffer */
+	int ibufsize;		/* Buffer size */
+	z_stream zin;		/* Input decompress context */
+	unsigned char *obuf;	/* Output buffer */
+	int obufsize;		/* Output buffer size */
+	unsigned char *optr;	/* Position in output buffer */
+	int ocount;		/* Amount of data in output buffer */
+	int odone;		/* deflate EOF */
+	int comp_level;		/* Compression level to use */
+	z_stream zout;		/* Output compression context */
+	} BIO_ZLIB_CTX;
+
+#define ZLIB_DEFAULT_BUFSIZE 1024
+
+static int bio_zlib_new(BIO *bi);
+static int bio_zlib_free(BIO *bi);
+static int bio_zlib_read(BIO *b, char *out, int outl);
+static int bio_zlib_write(BIO *b, const char *in, int inl);
+static long bio_zlib_ctrl(BIO *b, int cmd, long num, void *ptr);
+static long bio_zlib_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp);
+
+static BIO_METHOD bio_meth_zlib = 
+	{
+	BIO_TYPE_COMP,
+	"zlib",
+	bio_zlib_write,
+	bio_zlib_read,
+	NULL,
+	NULL,
+	bio_zlib_ctrl,
+	bio_zlib_new,
+	bio_zlib_free,
+	bio_zlib_callback_ctrl
+	};
+
+BIO_METHOD *BIO_f_zlib(void)
+	{
+	return &bio_meth_zlib;
 	}
+
+
+static int bio_zlib_new(BIO *bi)
+	{
+	BIO_ZLIB_CTX *ctx;
+#ifdef ZLIB_SHARED
+	(void)COMP_zlib();
+	if (!zlib_loaded)
+		{
+		COMPerr(COMP_F_BIO_ZLIB_NEW, COMP_R_ZLIB_NOT_SUPPORTED);
+		return 0;
+		}
 #endif
+	ctx = OPENSSL_malloc(sizeof(BIO_ZLIB_CTX));
+	if(!ctx)
+		{
+		COMPerr(COMP_F_BIO_ZLIB_NEW, ERR_R_MALLOC_FAILURE);
+		return 0;
+		}
+	ctx->ibuf = NULL;
+	ctx->obuf = NULL;
+	ctx->ibufsize = ZLIB_DEFAULT_BUFSIZE;
+	ctx->obufsize = ZLIB_DEFAULT_BUFSIZE;
+	ctx->zin.zalloc = Z_NULL;
+	ctx->zin.zfree = Z_NULL;
+	ctx->zin.next_in = NULL;
+	ctx->zin.avail_in = 0;
+	ctx->zin.next_out = NULL;
+	ctx->zin.avail_out = 0;
+	ctx->zout.zalloc = Z_NULL;
+	ctx->zout.zfree = Z_NULL;
+	ctx->zout.next_in = NULL;
+	ctx->zout.avail_in = 0;
+	ctx->zout.next_out = NULL;
+	ctx->zout.avail_out = 0;
+	ctx->odone = 0;
+	ctx->comp_level = Z_DEFAULT_COMPRESSION;
+	bi->init = 1;
+	bi->ptr = (char *)ctx;
+	bi->flags = 0;
+	return 1;
+	}
 
-static int
-stub_inflateEnd(z_streamp strm)
+static int bio_zlib_free(BIO *bi)
 	{
-	if ( p_inflateEnd )
-		return(p_inflateEnd(strm));
-	else
-		return(Z_MEM_ERROR);
+	BIO_ZLIB_CTX *ctx;
+	if(!bi) return 0;
+	ctx = (BIO_ZLIB_CTX *)bi->ptr;
+	if(ctx->ibuf)
+		{
+		/* Destroy decompress context */
+		inflateEnd(&ctx->zin);
+		OPENSSL_free(ctx->ibuf);
+		}
+	if(ctx->obuf)
+		{
+		/* Destroy compress context */
+		deflateEnd(&ctx->zout);
+		OPENSSL_free(ctx->obuf);
+		}
+	OPENSSL_free(ctx);
+	bi->ptr = NULL;
+	bi->init = 0;
+	bi->flags = 0;
+	return 1;
 	}
 
-static int
-stub_inflate(z_streamp strm, int flush)
+static int bio_zlib_read(BIO *b, char *out, int outl)
 	{
-	if ( p_inflate )
-		return(p_inflate(strm,flush));
-	else
-		return(Z_MEM_ERROR);
+	BIO_ZLIB_CTX *ctx;
+	int ret;
+	z_stream *zin;
+	if(!out || !outl) return 0;
+	ctx = (BIO_ZLIB_CTX *)b->ptr;
+	zin = &ctx->zin;
+	BIO_clear_retry_flags(b);
+	if(!ctx->ibuf)
+		{
+		ctx->ibuf = OPENSSL_malloc(ctx->ibufsize);
+		if(!ctx->ibuf)
+			{
+			COMPerr(COMP_F_BIO_ZLIB_READ, ERR_R_MALLOC_FAILURE);
+			return 0;
+			}
+		inflateInit(zin);
+		zin->next_in = ctx->ibuf;
+		zin->avail_in = 0;
+		}
+
+	/* Copy output data directly to supplied buffer */
+	zin->next_out = (unsigned char *)out;
+	zin->avail_out = (unsigned int)outl;
+	for(;;)
+		{
+		/* Decompress while data available */
+		while(zin->avail_in)
+			{
+			ret = inflate(zin, 0);
+			if((ret != Z_OK) && (ret != Z_STREAM_END))
+				{
+				COMPerr(COMP_F_BIO_ZLIB_READ,
+						COMP_R_ZLIB_INFLATE_ERROR);
+				ERR_add_error_data(2, "zlib error:",
+							zError(ret));
+				return 0;
+				}
+			/* If EOF or we've read everything then return */
+			if((ret == Z_STREAM_END) || !zin->avail_out)
+				return outl - zin->avail_out;
+			}
+
+		/* No data in input buffer try to read some in,
+		 * if an error then return the total data read.
+		 */
+		ret = BIO_read(b->next_bio, ctx->ibuf, ctx->ibufsize);
+		if(ret <= 0)
+			{
+			/* Total data read */
+			int tot = outl - zin->avail_out;
+			BIO_copy_next_retry(b);
+			if(ret < 0) return (tot > 0) ? tot : ret;
+			return tot;
+			}
+		zin->avail_in = ret;
+		zin->next_in = ctx->ibuf;
+		}
 	}
 
-static int
-stub_inflateInit_(z_streamp strm, const char * version, int stream_size)
+static int bio_zlib_write(BIO *b, const char *in, int inl)
 	{
-	if ( p_inflateInit_ )
-		return(p_inflateInit_(strm,version,stream_size));
-	else
-		return(Z_MEM_ERROR);
+	BIO_ZLIB_CTX *ctx;
+	int ret;
+	z_stream *zout;
+	if(!in || !inl) return 0;
+	ctx = (BIO_ZLIB_CTX *)b->ptr;
+	if(ctx->odone) return 0;
+	zout = &ctx->zout;
+	BIO_clear_retry_flags(b);
+	if(!ctx->obuf)
+		{
+		ctx->obuf = OPENSSL_malloc(ctx->obufsize);
+		/* Need error here */
+		if(!ctx->obuf)
+			{
+			COMPerr(COMP_F_BIO_ZLIB_WRITE, ERR_R_MALLOC_FAILURE);
+			return 0;
+			}
+		ctx->optr = ctx->obuf;
+		ctx->ocount = 0;
+		deflateInit(zout, ctx->comp_level);
+		zout->next_out = ctx->obuf;
+		zout->avail_out = ctx->obufsize;
+		}
+	/* Obtain input data directly from supplied buffer */
+	zout->next_in = (void *)in;
+	zout->avail_in = inl;
+	for(;;)
+		{
+		/* If data in output buffer write it first */
+		while(ctx->ocount) {
+			ret = BIO_write(b->next_bio, ctx->optr, ctx->ocount);
+			if(ret <= 0)
+				{
+				/* Total data written */
+				int tot = inl - zout->avail_in;
+				BIO_copy_next_retry(b);
+				if(ret < 0) return (tot > 0) ? tot : ret;
+				return tot;
+				}
+			ctx->optr += ret;
+			ctx->ocount -= ret;
+		}
+
+		/* Have we consumed all supplied data? */
+		if(!zout->avail_in)
+			return inl;
+
+		/* Compress some more */
+
+		/* Reset buffer */
+		ctx->optr = ctx->obuf;
+		zout->next_out = ctx->obuf;
+		zout->avail_out = ctx->obufsize;
+		/* Compress some more */
+		ret = deflate(zout, 0);
+		if(ret != Z_OK)
+			{
+			COMPerr(COMP_F_BIO_ZLIB_WRITE,
+						COMP_R_ZLIB_DEFLATE_ERROR);
+			ERR_add_error_data(2, "zlib error:", zError(ret));
+			return 0;
+			}
+		ctx->ocount = ctx->obufsize - zout->avail_out;
+		}
 	}
 
-static int
-stub_deflateEnd(z_streamp strm)
+static int bio_zlib_flush(BIO *b)
 	{
-	if ( p_deflateEnd )
-		return(p_deflateEnd(strm));
-	else
-		return(Z_MEM_ERROR);
+	BIO_ZLIB_CTX *ctx;
+	int ret;
+	z_stream *zout;
+	ctx = (BIO_ZLIB_CTX *)b->ptr;
+	/* If no data written or already flush show success */
+	if(!ctx->obuf || (ctx->odone && !ctx->ocount)) return 1;
+	zout = &ctx->zout;
+	BIO_clear_retry_flags(b);
+	/* No more input data */
+	zout->next_in = NULL;
+	zout->avail_in = 0;
+	for(;;)
+		{
+		/* If data in output buffer write it first */
+		while(ctx->ocount)
+			{
+			ret = BIO_write(b->next_bio, ctx->optr, ctx->ocount);
+			if(ret <= 0)
+				{
+				BIO_copy_next_retry(b);
+				return ret;
+				}
+			ctx->optr += ret;
+			ctx->ocount -= ret;
+			}
+		if(ctx->odone) return 1;
+
+		/* Compress some more */
+
+		/* Reset buffer */
+		ctx->optr = ctx->obuf;
+		zout->next_out = ctx->obuf;
+		zout->avail_out = ctx->obufsize;
+		/* Compress some more */
+		ret = deflate(zout, Z_FINISH);
+		if(ret == Z_STREAM_END) ctx->odone = 1;
+		else if(ret != Z_OK)
+			{
+			COMPerr(COMP_F_BIO_ZLIB_FLUSH,
+						COMP_R_ZLIB_DEFLATE_ERROR);
+			ERR_add_error_data(2, "zlib error:", zError(ret));
+			return 0;
+			}
+		ctx->ocount = ctx->obufsize - zout->avail_out;
+		}
 	}
 
-static int
-stub_deflate(z_streamp strm, int flush)
+static long bio_zlib_ctrl(BIO *b, int cmd, long num, void *ptr)
 	{
-	if ( p_deflate )
-		return(p_deflate(strm,flush));
-	else
-		return(Z_MEM_ERROR);
+	BIO_ZLIB_CTX *ctx;
+	int ret, *ip;
+	int ibs, obs;
+	if(!b->next_bio) return 0;
+	ctx = (BIO_ZLIB_CTX *)b->ptr;
+	switch (cmd)
+		{
+
+	case BIO_CTRL_RESET:
+		ctx->ocount = 0;
+		ctx->odone = 0;
+		ret = 1;
+		break;
+
+	case BIO_CTRL_FLUSH:
+		ret = bio_zlib_flush(b);
+		if (ret > 0)
+			ret = BIO_flush(b->next_bio);
+		break;
+
+	case BIO_C_SET_BUFF_SIZE:
+		ibs = -1;
+		obs = -1;
+		if (ptr != NULL)
+			{
+			ip = ptr;
+			if (*ip == 0)
+				ibs = (int) num;
+			else 
+				obs = (int) num;
+			}
+		else
+			{
+			ibs = (int)num;
+			obs = ibs;
+			}
+
+		if (ibs != -1)
+			{
+			if (ctx->ibuf)
+				{
+				OPENSSL_free(ctx->ibuf);
+				ctx->ibuf = NULL;
+				}
+			ctx->ibufsize = ibs;
+			}
+
+		if (obs != -1)
+			{
+			if (ctx->obuf)
+				{
+				OPENSSL_free(ctx->obuf);
+				ctx->obuf = NULL;
+				}
+			ctx->obufsize = obs;
+			}
+		ret = 1;
+		break;
+
+	case BIO_C_DO_STATE_MACHINE:
+		BIO_clear_retry_flags(b);
+		ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
+		BIO_copy_next_retry(b);
+		break;
+
+	default:
+		ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
+		break;
+
+		}
+
+	return ret;
 	}
 
-static int
-stub_deflateInit_(z_streamp strm, int level,
-	const char * version, int stream_size)
+
+static long bio_zlib_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
 	{
-	if ( p_deflateInit_ )
-		return(p_deflateInit_(strm,level,version,stream_size));
-	else
-		return(Z_MEM_ERROR);
+	if(!b->next_bio)
+		return 0;
+	return
+		BIO_callback_ctrl(b->next_bio, cmd, fp);
 	}
 
-#endif /* ZLIB_SHARED */
+#endif
diff --git a/crypto/comp/comp.h b/crypto/comp/comp.h
index 5d59354a57..4b405c7d49 100644
--- a/crypto/comp/comp.h
+++ b/crypto/comp/comp.h
@@ -47,6 +47,13 @@ int COMP_expand_block(COMP_CTX *ctx, unsigned char *out, int olen,
 	unsigned char *in, int ilen);
 COMP_METHOD *COMP_rle(void );
 COMP_METHOD *COMP_zlib(void );
+void COMP_zlib_cleanup(void);
+
+#ifdef HEADER_BIO_H
+#ifdef ZLIB
+BIO_METHOD *BIO_f_zlib(void);
+#endif
+#endif
 
 /* BEGIN ERROR CODES */
 /* The following lines are auto generated by the script mkerr.pl. Any changes
@@ -57,8 +64,15 @@ void ERR_load_COMP_strings(void);
 /* Error codes for the COMP functions. */
 
 /* Function codes. */
+#define COMP_F_BIO_ZLIB_FLUSH				 99
+#define COMP_F_BIO_ZLIB_NEW				 100
+#define COMP_F_BIO_ZLIB_READ				 101
+#define COMP_F_BIO_ZLIB_WRITE				 102
 
 /* Reason codes. */
+#define COMP_R_ZLIB_DEFLATE_ERROR			 99
+#define COMP_R_ZLIB_INFLATE_ERROR			 100
+#define COMP_R_ZLIB_NOT_SUPPORTED			 101
 
 #ifdef  __cplusplus
 }
diff --git a/crypto/comp/comp_err.c b/crypto/comp/comp_err.c
index 54edbb0e9a..661c94c3a4 100644
--- a/crypto/comp/comp_err.c
+++ b/crypto/comp/comp_err.c
@@ -1,6 +1,6 @@
 /* crypto/comp/comp_err.c */
 /* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2007 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -61,17 +61,27 @@
 #include <stdio.h>
 #include <openssl/err.h>
 #include <openssl/comp.h>
-#include <openssl/opensslconf.h> /* To see if OPENSSL_NO_ERR is defined */
 
 /* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
+
+#define ERR_FUNC(func) ERR_PACK(ERR_LIB_COMP,func,0)
+#define ERR_REASON(reason) ERR_PACK(ERR_LIB_COMP,0,reason)
+
 static ERR_STRING_DATA COMP_str_functs[]=
 	{
+{ERR_FUNC(COMP_F_BIO_ZLIB_FLUSH),	"BIO_ZLIB_FLUSH"},
+{ERR_FUNC(COMP_F_BIO_ZLIB_NEW),	"BIO_ZLIB_NEW"},
+{ERR_FUNC(COMP_F_BIO_ZLIB_READ),	"BIO_ZLIB_READ"},
+{ERR_FUNC(COMP_F_BIO_ZLIB_WRITE),	"BIO_ZLIB_WRITE"},
 {0,NULL}
 	};
 
 static ERR_STRING_DATA COMP_str_reasons[]=
 	{
+{ERR_REASON(COMP_R_ZLIB_DEFLATE_ERROR)   ,"zlib deflate error"},
+{ERR_REASON(COMP_R_ZLIB_INFLATE_ERROR)   ,"zlib inflate error"},
+{ERR_REASON(COMP_R_ZLIB_NOT_SUPPORTED)   ,"zlib not supported"},
 {0,NULL}
 	};
 
@@ -79,15 +89,12 @@ static ERR_STRING_DATA COMP_str_reasons[]=
 
 void ERR_load_COMP_strings(void)
 	{
-	static int init=1;
-
-	if (init)
-		{
-		init=0;
 #ifndef OPENSSL_NO_ERR
-		ERR_load_strings(ERR_LIB_COMP,COMP_str_functs);
-		ERR_load_strings(ERR_LIB_COMP,COMP_str_reasons);
-#endif
 
+	if (ERR_func_error_string(COMP_str_functs[0].error) == NULL)
+		{
+		ERR_load_strings(0,COMP_str_functs);
+		ERR_load_strings(0,COMP_str_reasons);
 		}
+#endif
 	}
diff --git a/crypto/conf/.cvsignore b/crypto/conf/.cvsignore
index c6d03a9dbc..439e6d3eb6 100644
--- a/crypto/conf/.cvsignore
+++ b/crypto/conf/.cvsignore
@@ -1,2 +1,4 @@
 lib
 Makefile.save
+*.flc
+semantic.cache
diff --git a/crypto/conf/Makefile.ssl b/crypto/conf/Makefile.ssl
deleted file mode 100644
index e752678e49..0000000000
--- a/crypto/conf/Makefile.ssl
+++ /dev/null
@@ -1,157 +0,0 @@
-#
-# SSLeay/crypto/conf/Makefile
-#
-
-DIR=	conf
-TOP=	../..
-CC=	cc
-INCLUDES= -I.. -I$(TOP) -I../../include
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC= conf_err.c conf_lib.c conf_api.c conf_def.c conf_mod.c \
-	 conf_mall.c conf_sap.c
-
-LIBOBJ=	conf_err.o conf_lib.o conf_api.o conf_def.o conf_mod.o \
-	conf_mall.o conf_sap.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= conf.h conf_api.h
-HEADER=	conf_def.h $(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@sh $(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-conf_api.o: ../../e_os.h ../../include/openssl/bio.h
-conf_api.o: ../../include/openssl/conf.h ../../include/openssl/conf_api.h
-conf_api.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-conf_api.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-conf_api.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-conf_api.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-conf_api.o: ../../include/openssl/symhacks.h conf_api.c
-conf_def.o: ../../e_os.h ../../include/openssl/bio.h
-conf_def.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
-conf_def.o: ../../include/openssl/conf_api.h ../../include/openssl/crypto.h
-conf_def.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-conf_def.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-conf_def.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-conf_def.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-conf_def.o: ../../include/openssl/symhacks.h ../cryptlib.h conf_def.c
-conf_def.o: conf_def.h
-conf_err.o: ../../include/openssl/bio.h ../../include/openssl/conf.h
-conf_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-conf_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-conf_err.o: ../../include/openssl/opensslconf.h
-conf_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-conf_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-conf_err.o: ../../include/openssl/symhacks.h conf_err.c
-conf_lib.o: ../../include/openssl/bio.h ../../include/openssl/conf.h
-conf_lib.o: ../../include/openssl/conf_api.h ../../include/openssl/crypto.h
-conf_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-conf_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-conf_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-conf_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-conf_lib.o: ../../include/openssl/symhacks.h conf_lib.c
-conf_mall.o: ../../e_os.h ../../include/openssl/asn1.h
-conf_mall.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-conf_mall.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-conf_mall.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
-conf_mall.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-conf_mall.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
-conf_mall.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-conf_mall.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-conf_mall.o: ../../include/openssl/objects.h
-conf_mall.o: ../../include/openssl/opensslconf.h
-conf_mall.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-conf_mall.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-conf_mall.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-conf_mall.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-conf_mall.o: ../../include/openssl/x509_vfy.h ../cryptlib.h conf_mall.c
-conf_mod.o: ../../e_os.h ../../include/openssl/asn1.h
-conf_mod.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-conf_mod.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-conf_mod.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
-conf_mod.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-conf_mod.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-conf_mod.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-conf_mod.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-conf_mod.o: ../../include/openssl/opensslconf.h
-conf_mod.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-conf_mod.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-conf_mod.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-conf_mod.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-conf_mod.o: ../../include/openssl/x509_vfy.h ../cryptlib.h conf_mod.c
-conf_sap.o: ../../e_os.h ../../include/openssl/asn1.h
-conf_sap.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-conf_sap.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-conf_sap.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
-conf_sap.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-conf_sap.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
-conf_sap.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-conf_sap.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-conf_sap.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-conf_sap.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-conf_sap.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-conf_sap.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-conf_sap.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-conf_sap.o: ../../include/openssl/x509_vfy.h ../cryptlib.h conf_sap.c
diff --git a/crypto/conf/README b/crypto/conf/README
index ca58d0240f..96e53b34ed 100644
--- a/crypto/conf/README
+++ b/crypto/conf/README
@@ -1,8 +1,3 @@
-WARNING WARNING WARNING!!!
-
-This stuff is experimental, may change radically or be deleted altogether
-before OpenSSL 0.9.7 release. You have been warned!
-
 Configuration modules. These are a set of modules which can perform
 various configuration functions.
 
@@ -13,7 +8,7 @@ The routines read a configuration file set up like this:
 
 -----
 #default section
-openssl_init=init_section
+openssl_conf=init_section
 
 [init_section]
 
@@ -30,29 +25,27 @@ path=/some/path/to/some/dso.so
 other_stuff=other_value
 ----
 
-When this file is loaded a configuration module with the specified
-string (module* in the above example) is looked up and its init
-function called as:
+When this file is loaded a configuration module with the specified string
+(module* in the above example) is looked up and its init function called as:
 
 int conf_init_func(CONF_IMODULE *md, CONF *cnf);
 
-The function can then take whatever action is appropriate, for example
-further lookups based on the value. Multiple instances of the same 
-config module can be loaded.
+The function can then take whatever action is appropriate, for example further
+lookups based on the value. Multiple instances of the same config module can be
+loaded.
 
-When the application closes down the modules are cleaned up by calling
-an optional finish function:
+When the application closes down the modules are cleaned up by calling an
+optional finish function:
 
 void conf_finish_func(CONF_IMODULE *md);
 
 The finish functions are called in reverse order: that is the last module
 loaded is the first one cleaned up.
 
-If no module exists with a given name then an attempt is made to load
-a DSO with the supplied name. This might mean that "module3" attempts
-to load a DSO called libmodule3.so or module3.dll for example. An explicit
-DSO name can be given by including a separate section as in the module4 example
-above.
+If no module exists with a given name then an attempt is made to load a DSO
+with the supplied name. This might mean that "module3" attempts to load a DSO
+called libmodule3.so or module3.dll for example. An explicit DSO name can be
+given by including a separate section as in the module4 example above.
 
 The DSO is expected to at least contain an initialization function:
 
@@ -64,15 +57,17 @@ void OPENSSL_finish(CONF_IMODULE *md);
 
 Static modules can also be added using,
 
-int CONF_module_add(char *name, dso_mod_init_func *ifunc, dso_mod_finish_func *ffunc);
+int CONF_module_add(char *name, dso_mod_init_func *ifunc, dso_mod_finish_func
+*ffunc);
 
-where "name" is the name in the configuration file this function corresponds to.
+where "name" is the name in the configuration file this function corresponds
+to.
 
-A set of builtin modules (currently only an ASN1 non functional test module) can be 
-added by calling OPENSSL_load_builtin_modules(). 
+A set of builtin modules (currently only an ASN1 non functional test module)
+can be added by calling OPENSSL_load_builtin_modules(). 
 
-The function OPENSSL_config() is intended as a simple configuration function that
-any application can call to perform various default configuration tasks. It uses the
-file openssl.cnf in the usual locations.
+The function OPENSSL_config() is intended as a simple configuration function
+that any application can call to perform various default configuration tasks.
+It uses the file openssl.cnf in the usual locations.
 
 
diff --git a/crypto/conf/conf.h b/crypto/conf/conf.h
index 48695a0642..c2199978a3 100644
--- a/crypto/conf/conf.h
+++ b/crypto/conf/conf.h
@@ -79,8 +79,7 @@ typedef struct
 	} CONF_VALUE;
 
 DECLARE_STACK_OF(CONF_VALUE)
-DECLARE_STACK_OF(CONF_MODULE)
-DECLARE_STACK_OF(CONF_IMODULE)
+DECLARE_LHASH_OF(CONF_VALUE);
 
 struct conf_st;
 struct conf_method_st;
@@ -105,6 +104,9 @@ struct conf_method_st
 typedef struct conf_imodule_st CONF_IMODULE;
 typedef struct conf_module_st CONF_MODULE;
 
+DECLARE_STACK_OF(CONF_MODULE)
+DECLARE_STACK_OF(CONF_IMODULE)
+
 /* DSO module function typedefs */
 typedef int conf_init_func(CONF_IMODULE *md, const CONF *cnf);
 typedef void conf_finish_func(CONF_IMODULE *md);
@@ -114,20 +116,26 @@ typedef void conf_finish_func(CONF_IMODULE *md);
 #define CONF_MFLAGS_SILENT		0x4
 #define CONF_MFLAGS_NO_DSO		0x8
 #define CONF_MFLAGS_IGNORE_MISSING_FILE	0x10
+#define CONF_MFLAGS_DEFAULT_SECTION	0x20
 
 int CONF_set_default_method(CONF_METHOD *meth);
-void CONF_set_nconf(CONF *conf,LHASH *hash);
-LHASH *CONF_load(LHASH *conf,const char *file,long *eline);
+void CONF_set_nconf(CONF *conf,LHASH_OF(CONF_VALUE) *hash);
+LHASH_OF(CONF_VALUE) *CONF_load(LHASH_OF(CONF_VALUE) *conf,const char *file,
+				long *eline);
 #ifndef OPENSSL_NO_FP_API
-LHASH *CONF_load_fp(LHASH *conf, FILE *fp,long *eline);
+LHASH_OF(CONF_VALUE) *CONF_load_fp(LHASH_OF(CONF_VALUE) *conf, FILE *fp,
+				   long *eline);
 #endif
-LHASH *CONF_load_bio(LHASH *conf, BIO *bp,long *eline);
-STACK_OF(CONF_VALUE) *CONF_get_section(LHASH *conf,const char *section);
-char *CONF_get_string(LHASH *conf,const char *group,const char *name);
-long CONF_get_number(LHASH *conf,const char *group,const char *name);
-void CONF_free(LHASH *conf);
-int CONF_dump_fp(LHASH *conf, FILE *out);
-int CONF_dump_bio(LHASH *conf, BIO *out);
+LHASH_OF(CONF_VALUE) *CONF_load_bio(LHASH_OF(CONF_VALUE) *conf, BIO *bp,long *eline);
+STACK_OF(CONF_VALUE) *CONF_get_section(LHASH_OF(CONF_VALUE) *conf,
+				       const char *section);
+char *CONF_get_string(LHASH_OF(CONF_VALUE) *conf,const char *group,
+		      const char *name);
+long CONF_get_number(LHASH_OF(CONF_VALUE) *conf,const char *group,
+		     const char *name);
+void CONF_free(LHASH_OF(CONF_VALUE) *conf);
+int CONF_dump_fp(LHASH_OF(CONF_VALUE) *conf, FILE *out);
+int CONF_dump_bio(LHASH_OF(CONF_VALUE) *conf, BIO *out);
 
 void OPENSSL_config(const char *config_name);
 void OPENSSL_no_config(void);
@@ -139,7 +147,7 @@ struct conf_st
 	{
 	CONF_METHOD *meth;
 	void *meth_data;
-	LHASH *data;
+	LHASH_OF(CONF_VALUE) *data;
 	};
 
 CONF *NCONF_new(CONF_METHOD *meth);
@@ -213,6 +221,9 @@ void ERR_load_CONF_strings(void);
 #define CONF_F_CONF_LOAD_BIO				 102
 #define CONF_F_CONF_LOAD_FP				 103
 #define CONF_F_CONF_MODULES_LOAD			 116
+#define CONF_F_CONF_PARSE_LIST				 119
+#define CONF_F_DEF_LOAD					 120
+#define CONF_F_DEF_LOAD_BIO				 121
 #define CONF_F_MODULE_INIT				 115
 #define CONF_F_MODULE_LOAD_DSO				 117
 #define CONF_F_MODULE_RUN				 118
@@ -230,6 +241,7 @@ void ERR_load_CONF_strings(void);
 
 /* Reason codes. */
 #define CONF_R_ERROR_LOADING_DSO			 110
+#define CONF_R_LIST_CANNOT_BE_NULL			 115
 #define CONF_R_MISSING_CLOSE_SQUARE_BRACKET		 100
 #define CONF_R_MISSING_EQUAL_SIGN			 101
 #define CONF_R_MISSING_FINISH_FUNCTION			 111
diff --git a/crypto/conf/conf_api.c b/crypto/conf/conf_api.c
index 0032baa711..22617e5fa1 100644
--- a/crypto/conf/conf_api.c
+++ b/crypto/conf/conf_api.c
@@ -69,16 +69,12 @@
 #include <openssl/conf_api.h>
 #include "e_os.h"
 
-static void value_free_hash(CONF_VALUE *a, LHASH *conf);
-static void value_free_stack(CONF_VALUE *a,LHASH *conf);
-static IMPLEMENT_LHASH_DOALL_ARG_FN(value_free_hash, CONF_VALUE *, LHASH *)
-static IMPLEMENT_LHASH_DOALL_ARG_FN(value_free_stack, CONF_VALUE *, LHASH *)
-/* We don't use function pointer casting or wrapper functions - but cast each
- * callback parameter inside the callback functions. */
-/* static unsigned long hash(CONF_VALUE *v); */
-static unsigned long hash(const void *v_void);
-/* static int cmp_conf(CONF_VALUE *a,CONF_VALUE *b); */
-static int cmp_conf(const void *a_void,const void *b_void);
+static void value_free_hash_doall_arg(CONF_VALUE *a,
+				      LHASH_OF(CONF_VALUE) *conf);
+static void value_free_stack_doall(CONF_VALUE *a);
+static IMPLEMENT_LHASH_DOALL_ARG_FN(value_free_hash, CONF_VALUE,
+				    LHASH_OF(CONF_VALUE))
+static IMPLEMENT_LHASH_DOALL_FN(value_free_stack, CONF_VALUE)
 
 /* Up until OpenSSL 0.9.5a, this was get_section */
 CONF_VALUE *_CONF_get_section(const CONF *conf, const char *section)
@@ -88,7 +84,7 @@ CONF_VALUE *_CONF_get_section(const CONF *conf, const char *section)
 	if ((conf == NULL) || (section == NULL)) return(NULL);
 	vv.name=NULL;
 	vv.section=(char *)section;
-	v=(CONF_VALUE *)lh_retrieve(conf->data,&vv);
+	v=lh_CONF_VALUE_retrieve(conf->data,&vv);
 	return(v);
 	}
 
@@ -118,10 +114,10 @@ int _CONF_add_string(CONF *conf, CONF_VALUE *section, CONF_VALUE *value)
 		return 0;
 		}
 
-	v = (CONF_VALUE *)lh_insert(conf->data, value);
+	v = lh_CONF_VALUE_insert(conf->data, value);
 	if (v != NULL)
 		{
-		sk_CONF_VALUE_delete_ptr(ts,v);
+		(void)sk_CONF_VALUE_delete_ptr(ts,v);
 		OPENSSL_free(v->name);
 		OPENSSL_free(v->value);
 		OPENSSL_free(v);
@@ -141,24 +137,24 @@ char *_CONF_get_string(const CONF *conf, const char *section, const char *name)
 			{
 			vv.name=(char *)name;
 			vv.section=(char *)section;
-			v=(CONF_VALUE *)lh_retrieve(conf->data,&vv);
+			v=lh_CONF_VALUE_retrieve(conf->data,&vv);
 			if (v != NULL) return(v->value);
 			if (strcmp(section,"ENV") == 0)
 				{
-				p=Getenv(name);
+				p=getenv(name);
 				if (p != NULL) return(p);
 				}
 			}
 		vv.section="default";
 		vv.name=(char *)name;
-		v=(CONF_VALUE *)lh_retrieve(conf->data,&vv);
+		v=lh_CONF_VALUE_retrieve(conf->data,&vv);
 		if (v != NULL)
 			return(v->value);
 		else
 			return(NULL);
 		}
 	else
-		return(Getenv(name));
+		return(getenv(name));
 	}
 
 #if 0 /* There's no way to provide error checking with this function, so
@@ -182,6 +178,34 @@ long _CONF_get_number(CONF *conf, char *section, char *name)
 	}
 #endif
 
+static unsigned long conf_value_hash(const CONF_VALUE *v)
+	{
+	return (lh_strhash(v->section)<<2)^lh_strhash(v->name);
+	}
+static IMPLEMENT_LHASH_HASH_FN(conf_value, CONF_VALUE)
+
+static int conf_value_cmp(const CONF_VALUE *a, const CONF_VALUE *b)
+	{
+	int i;
+
+	if (a->section != b->section)
+		{
+		i=strcmp(a->section,b->section);
+		if (i) return(i);
+		}
+
+	if ((a->name != NULL) && (b->name != NULL))
+		{
+		i=strcmp(a->name,b->name);
+		return(i);
+		}
+	else if (a->name == b->name)
+		return(0);
+	else
+		return((a->name == NULL)?-1:1);
+	}
+static IMPLEMENT_LHASH_COMP_FN(conf_value, CONF_VALUE)
+
 int _CONF_new_data(CONF *conf)
 	{
 	if (conf == NULL)
@@ -189,7 +213,7 @@ int _CONF_new_data(CONF *conf)
 		return 0;
 		}
 	if (conf->data == NULL)
-		if ((conf->data = lh_new(hash, cmp_conf)) == NULL)
+		if ((conf->data = lh_CONF_VALUE_new()) == NULL)
 			{
 			return 0;
 			}
@@ -200,105 +224,73 @@ void _CONF_free_data(CONF *conf)
 	{
 	if (conf == NULL || conf->data == NULL) return;
 
-	conf->data->down_load=0; /* evil thing to make sure the 'OPENSSL_free()'
-				  * works as expected */
-	lh_doall_arg(conf->data, LHASH_DOALL_ARG_FN(value_free_hash),
-			conf->data);
+	lh_CONF_VALUE_down_load(conf->data)=0; /* evil thing to make
+				  * sure the 'OPENSSL_free()' works as
+				  * expected */
+	lh_CONF_VALUE_doall_arg(conf->data,
+				LHASH_DOALL_ARG_FN(value_free_hash),
+				LHASH_OF(CONF_VALUE), conf->data);
 
 	/* We now have only 'section' entries in the hash table.
 	 * Due to problems with */
 
-	lh_doall_arg(conf->data, LHASH_DOALL_ARG_FN(value_free_stack),
-			conf->data);
-	lh_free(conf->data);
+	lh_CONF_VALUE_doall(conf->data, LHASH_DOALL_FN(value_free_stack));
+	lh_CONF_VALUE_free(conf->data);
 	}
 
-static void value_free_hash(CONF_VALUE *a, LHASH *conf)
+static void value_free_hash_doall_arg(CONF_VALUE *a, LHASH_OF(CONF_VALUE) *conf)
 	{
 	if (a->name != NULL)
-		{
-		a=(CONF_VALUE *)lh_delete(conf,a);
-		}
+		(void)lh_CONF_VALUE_delete(conf,a);
 	}
 
-static void value_free_stack(CONF_VALUE *a, LHASH *conf)
+static void value_free_stack_doall(CONF_VALUE *a)
 	{
 	CONF_VALUE *vv;
-	STACK *sk;
+	STACK_OF(CONF_VALUE) *sk;
 	int i;
 
 	if (a->name != NULL) return;
 
-	sk=(STACK *)a->value;
-	for (i=sk_num(sk)-1; i>=0; i--)
+	sk=(STACK_OF(CONF_VALUE) *)a->value;
+	for (i=sk_CONF_VALUE_num(sk)-1; i>=0; i--)
 		{
-		vv=(CONF_VALUE *)sk_value(sk,i);
+		vv=sk_CONF_VALUE_value(sk,i);
 		OPENSSL_free(vv->value);
 		OPENSSL_free(vv->name);
 		OPENSSL_free(vv);
 		}
-	if (sk != NULL) sk_free(sk);
+	if (sk != NULL) sk_CONF_VALUE_free(sk);
 	OPENSSL_free(a->section);
 	OPENSSL_free(a);
 	}
 
-/* static unsigned long hash(CONF_VALUE *v) */
-static unsigned long hash(const void *v_void)
-	{
-	CONF_VALUE *v = (CONF_VALUE *)v_void;
-	return((lh_strhash(v->section)<<2)^lh_strhash(v->name));
-	}
-
-/* static int cmp_conf(CONF_VALUE *a, CONF_VALUE *b) */
-static int cmp_conf(const void *a_void,const  void *b_void)
-	{
-	int i;
-	CONF_VALUE *a = (CONF_VALUE *)a_void;
-	CONF_VALUE *b = (CONF_VALUE *)b_void;
-
-	if (a->section != b->section)
-		{
-		i=strcmp(a->section,b->section);
-		if (i) return(i);
-		}
-
-	if ((a->name != NULL) && (b->name != NULL))
-		{
-		i=strcmp(a->name,b->name);
-		return(i);
-		}
-	else if (a->name == b->name)
-		return(0);
-	else
-		return((a->name == NULL)?-1:1);
-	}
-
 /* Up until OpenSSL 0.9.5a, this was new_section */
 CONF_VALUE *_CONF_new_section(CONF *conf, const char *section)
 	{
-	STACK *sk=NULL;
+	STACK_OF(CONF_VALUE) *sk=NULL;
 	int ok=0,i;
 	CONF_VALUE *v=NULL,*vv;
 
-	if ((sk=sk_new_null()) == NULL)
+	if ((sk=sk_CONF_VALUE_new_null()) == NULL)
 		goto err;
-	if ((v=(CONF_VALUE *)OPENSSL_malloc(sizeof(CONF_VALUE))) == NULL)
+	if ((v=OPENSSL_malloc(sizeof(CONF_VALUE))) == NULL)
 		goto err;
 	i=strlen(section)+1;
-	if ((v->section=(char *)OPENSSL_malloc(i)) == NULL)
+	if ((v->section=OPENSSL_malloc(i)) == NULL)
 		goto err;
 
 	memcpy(v->section,section,i);
 	v->name=NULL;
 	v->value=(char *)sk;
 	
-	vv=(CONF_VALUE *)lh_insert(conf->data,v);
+	vv=lh_CONF_VALUE_insert(conf->data,v);
 	assert(vv == NULL);
 	ok=1;
 err:
 	if (!ok)
 		{
-		if (sk != NULL) sk_free(sk);
+		if (sk != NULL) sk_CONF_VALUE_free(sk);
 		if (v != NULL) OPENSSL_free(v);
 		v=NULL;
 		}
diff --git a/crypto/conf/conf_def.c b/crypto/conf/conf_def.c
index 6966eddba6..fe9dcc13e3 100644
--- a/crypto/conf/conf_def.c
+++ b/crypto/conf/conf_def.c
@@ -60,6 +60,7 @@
 
 #include <stdio.h>
 #include <string.h>
+#include "cryptlib.h"
 #include <openssl/stack.h>
 #include <openssl/lhash.h>
 #include <openssl/conf.h>
@@ -67,7 +68,6 @@
 #include "conf_def.h"
 #include <openssl/buffer.h>
 #include <openssl/err.h>
-#include "cryptlib.h"
 
 static char *eat_ws(CONF *conf, char *p);
 static char *eat_alpha_numeric(CONF *conf, char *p);
@@ -88,7 +88,7 @@ static int def_dump(const CONF *conf, BIO *bp);
 static int def_is_number(const CONF *conf, char c);
 static int def_to_int(const CONF *conf, char c);
 
-const char *CONF_def_version="CONF_def" OPENSSL_VERSION_PTEXT;
+const char CONF_def_version[]="CONF_def" OPENSSL_VERSION_PTEXT;
 
 static CONF_METHOD default_method = {
 	"OpenSSL default",
@@ -129,7 +129,7 @@ static CONF *def_create(CONF_METHOD *meth)
 	{
 	CONF *ret;
 
-	ret = (CONF *)OPENSSL_malloc(sizeof(CONF) + sizeof(unsigned short *));
+	ret = OPENSSL_malloc(sizeof(CONF) + sizeof(unsigned short *));
 	if (ret)
 		if (meth->init(ret) == 0)
 			{
@@ -145,7 +145,7 @@ static int def_init_default(CONF *conf)
 		return 0;
 
 	conf->meth = &default_method;
-	conf->meth_data = (void *)CONF_type_default;
+	conf->meth_data = CONF_type_default;
 	conf->data = NULL;
 
 	return 1;
@@ -194,9 +194,9 @@ static int def_load(CONF *conf, const char *name, long *line)
 	if (in == NULL)
 		{
 		if (ERR_GET_REASON(ERR_peek_last_error()) == BIO_R_NO_SUCH_FILE)
-			CONFerr(CONF_F_CONF_LOAD,CONF_R_NO_SUCH_FILE);
+			CONFerr(CONF_F_DEF_LOAD,CONF_R_NO_SUCH_FILE);
 		else
-			CONFerr(CONF_F_CONF_LOAD,ERR_R_SYS_LIB);
+			CONFerr(CONF_F_DEF_LOAD,ERR_R_SYS_LIB);
 		return 0;
 		}
 
@@ -225,28 +225,28 @@ static int def_load_bio(CONF *conf, BIO *in, long *line)
 
 	if ((buff=BUF_MEM_new()) == NULL)
 		{
-		CONFerr(CONF_F_CONF_LOAD_BIO,ERR_R_BUF_LIB);
+		CONFerr(CONF_F_DEF_LOAD_BIO,ERR_R_BUF_LIB);
 		goto err;
 		}
 
 	section=(char *)OPENSSL_malloc(10);
 	if (section == NULL)
 		{
-		CONFerr(CONF_F_CONF_LOAD_BIO,ERR_R_MALLOC_FAILURE);
+		CONFerr(CONF_F_DEF_LOAD_BIO,ERR_R_MALLOC_FAILURE);
 		goto err;
 		}
 	BUF_strlcpy(section,"default",10);
 
 	if (_CONF_new_data(conf) == 0)
 		{
-		CONFerr(CONF_F_CONF_LOAD_BIO,ERR_R_MALLOC_FAILURE);
+		CONFerr(CONF_F_DEF_LOAD_BIO,ERR_R_MALLOC_FAILURE);
 		goto err;
 		}
 
 	sv=_CONF_new_section(conf,section);
 	if (sv == NULL)
 		{
-		CONFerr(CONF_F_CONF_LOAD_BIO,
+		CONFerr(CONF_F_DEF_LOAD_BIO,
 					CONF_R_UNABLE_TO_CREATE_NEW_SECTION);
 		goto err;
 		}
@@ -258,7 +258,7 @@ static int def_load_bio(CONF *conf, BIO *in, long *line)
 		{
 		if (!BUF_MEM_grow(buff,bufnum+CONFBUFSIZE))
 			{
-			CONFerr(CONF_F_CONF_LOAD_BIO,ERR_R_BUF_LIB);
+			CONFerr(CONF_F_DEF_LOAD_BIO,ERR_R_BUF_LIB);
 			goto err;
 			}
 		p= &(buff->data[bufnum]);
@@ -329,7 +329,7 @@ again:
 					ss=p;
 					goto again;
 					}
-				CONFerr(CONF_F_CONF_LOAD_BIO,
+				CONFerr(CONF_F_DEF_LOAD_BIO,
 					CONF_R_MISSING_CLOSE_SQUARE_BRACKET);
 				goto err;
 				}
@@ -339,7 +339,7 @@ again:
 				sv=_CONF_new_section(conf,section);
 			if (sv == NULL)
 				{
-				CONFerr(CONF_F_CONF_LOAD_BIO,
+				CONFerr(CONF_F_DEF_LOAD_BIO,
 					CONF_R_UNABLE_TO_CREATE_NEW_SECTION);
 				goto err;
 				}
@@ -362,7 +362,7 @@ again:
 			p=eat_ws(conf, end);
 			if (*p != '=')
 				{
-				CONFerr(CONF_F_CONF_LOAD_BIO,
+				CONFerr(CONF_F_DEF_LOAD_BIO,
 						CONF_R_MISSING_EQUAL_SIGN);
 				goto err;
 				}
@@ -379,7 +379,7 @@ again:
 
 			if (!(v=(CONF_VALUE *)OPENSSL_malloc(sizeof(CONF_VALUE))))
 				{
-				CONFerr(CONF_F_CONF_LOAD_BIO,
+				CONFerr(CONF_F_DEF_LOAD_BIO,
 							ERR_R_MALLOC_FAILURE);
 				goto err;
 				}
@@ -388,7 +388,7 @@ again:
 			v->value=NULL;
 			if (v->name == NULL)
 				{
-				CONFerr(CONF_F_CONF_LOAD_BIO,
+				CONFerr(CONF_F_DEF_LOAD_BIO,
 							ERR_R_MALLOC_FAILURE);
 				goto err;
 				}
@@ -402,7 +402,7 @@ again:
 					tv=_CONF_new_section(conf,psection);
 				if (tv == NULL)
 					{
-					CONFerr(CONF_F_CONF_LOAD_BIO,
+					CONFerr(CONF_F_DEF_LOAD_BIO,
 					   CONF_R_UNABLE_TO_CREATE_NEW_SECTION);
 					goto err;
 					}
@@ -416,7 +416,7 @@ again:
 #if 1
 			if (_CONF_add_string(conf, tv, v) == 0)
 				{
-				CONFerr(CONF_F_CONF_LOAD_BIO,
+				CONFerr(CONF_F_DEF_LOAD_BIO,
 							ERR_R_MALLOC_FAILURE);
 				goto err;
 				}
@@ -424,7 +424,7 @@ again:
 			v->section=tv->section;	
 			if (!sk_CONF_VALUE_push(ts,v))
 				{
-				CONFerr(CONF_F_CONF_LOAD_BIO,
+				CONFerr(CONF_F_DEF_LOAD_BIO,
 							ERR_R_MALLOC_FAILURE);
 				goto err;
 				}
@@ -621,13 +621,13 @@ static int str_copy(CONF *conf, char *section, char **pto, char *from)
 				e++;
 				}
 			/* So at this point we have
-			 * ns which is the start of the name string which is
+			 * np which is the start of the name string which is
 			 *   '\0' terminated. 
-			 * cs which is the start of the section string which is
+			 * cp which is the start of the section string which is
 			 *   '\0' terminated.
 			 * e is the 'next point after'.
-			 * r and s are the chars replaced by the '\0'
-			 * rp and sp is where 'r' and 's' came from.
+			 * r and rr are the chars replaced by the '\0'
+			 * rp and rrp is where 'r' and 'rr' came from.
 			 */
 			p=_CONF_get_string(conf,cp,np);
 			if (rrp != NULL) *rrp=rr;
@@ -646,6 +646,11 @@ static int str_copy(CONF *conf, char *section, char **pto, char *from)
 			   points at.  /RL */
 			len -= e-from;
 			from=e;
+
+			/* In case there were no braces or parenthesis around
+			   the variable reference, we have to put back the
+			   character that was replaced with a '\0'.  /RL */
+			*rp = r;
 			}
 		else
 			buf->data[to++]= *(from++);
@@ -725,7 +730,7 @@ static char *scan_dquote(CONF *conf, char *p)
 	return(p);
 	}
 
-static void dump_value(CONF_VALUE *a, BIO *out)
+static void dump_value_doall_arg(CONF_VALUE *a, BIO *out)
 	{
 	if (a->name)
 		BIO_printf(out, "[%s] %s=%s\n", a->section, a->name, a->value);
@@ -733,11 +738,12 @@ static void dump_value(CONF_VALUE *a, BIO *out)
 		BIO_printf(out, "[[%s]]\n", a->section);
 	}
 
-static IMPLEMENT_LHASH_DOALL_ARG_FN(dump_value, CONF_VALUE *, BIO *)
+static IMPLEMENT_LHASH_DOALL_ARG_FN(dump_value, CONF_VALUE, BIO)
 
 static int def_dump(const CONF *conf, BIO *out)
 	{
-	lh_doall_arg(conf->data, LHASH_DOALL_ARG_FN(dump_value), out);
+	lh_CONF_VALUE_doall_arg(conf->data, LHASH_DOALL_ARG_FN(dump_value),
+				BIO, out);
 	return 1;
 	}
 
diff --git a/crypto/conf/conf_err.c b/crypto/conf/conf_err.c
index bc16eeaa57..25bb5dc9aa 100644
--- a/crypto/conf/conf_err.c
+++ b/crypto/conf/conf_err.c
@@ -1,6 +1,6 @@
 /* crypto/conf/conf_err.c */
 /* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2007 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -61,51 +61,58 @@
 #include <stdio.h>
 #include <openssl/err.h>
 #include <openssl/conf.h>
-#include <openssl/opensslconf.h> /* To see if OPENSSL_NO_ERR is defined */
 
 /* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
+
+#define ERR_FUNC(func) ERR_PACK(ERR_LIB_CONF,func,0)
+#define ERR_REASON(reason) ERR_PACK(ERR_LIB_CONF,0,reason)
+
 static ERR_STRING_DATA CONF_str_functs[]=
 	{
-{ERR_PACK(0,CONF_F_CONF_DUMP_FP,0),	"CONF_dump_fp"},
-{ERR_PACK(0,CONF_F_CONF_LOAD,0),	"CONF_load"},
-{ERR_PACK(0,CONF_F_CONF_LOAD_BIO,0),	"CONF_load_bio"},
-{ERR_PACK(0,CONF_F_CONF_LOAD_FP,0),	"CONF_load_fp"},
-{ERR_PACK(0,CONF_F_CONF_MODULES_LOAD,0),	"CONF_modules_load"},
-{ERR_PACK(0,CONF_F_MODULE_INIT,0),	"MODULE_INIT"},
-{ERR_PACK(0,CONF_F_MODULE_LOAD_DSO,0),	"MODULE_LOAD_DSO"},
-{ERR_PACK(0,CONF_F_MODULE_RUN,0),	"MODULE_RUN"},
-{ERR_PACK(0,CONF_F_NCONF_DUMP_BIO,0),	"NCONF_dump_bio"},
-{ERR_PACK(0,CONF_F_NCONF_DUMP_FP,0),	"NCONF_dump_fp"},
-{ERR_PACK(0,CONF_F_NCONF_GET_NUMBER,0),	"NCONF_get_number"},
-{ERR_PACK(0,CONF_F_NCONF_GET_NUMBER_E,0),	"NCONF_get_number_e"},
-{ERR_PACK(0,CONF_F_NCONF_GET_SECTION,0),	"NCONF_get_section"},
-{ERR_PACK(0,CONF_F_NCONF_GET_STRING,0),	"NCONF_get_string"},
-{ERR_PACK(0,CONF_F_NCONF_LOAD,0),	"NCONF_load"},
-{ERR_PACK(0,CONF_F_NCONF_LOAD_BIO,0),	"NCONF_load_bio"},
-{ERR_PACK(0,CONF_F_NCONF_LOAD_FP,0),	"NCONF_load_fp"},
-{ERR_PACK(0,CONF_F_NCONF_NEW,0),	"NCONF_new"},
-{ERR_PACK(0,CONF_F_STR_COPY,0),	"STR_COPY"},
+{ERR_FUNC(CONF_F_CONF_DUMP_FP),	"CONF_dump_fp"},
+{ERR_FUNC(CONF_F_CONF_LOAD),	"CONF_load"},
+{ERR_FUNC(CONF_F_CONF_LOAD_BIO),	"CONF_load_bio"},
+{ERR_FUNC(CONF_F_CONF_LOAD_FP),	"CONF_load_fp"},
+{ERR_FUNC(CONF_F_CONF_MODULES_LOAD),	"CONF_modules_load"},
+{ERR_FUNC(CONF_F_CONF_PARSE_LIST),	"CONF_parse_list"},
+{ERR_FUNC(CONF_F_DEF_LOAD),	"DEF_LOAD"},
+{ERR_FUNC(CONF_F_DEF_LOAD_BIO),	"DEF_LOAD_BIO"},
+{ERR_FUNC(CONF_F_MODULE_INIT),	"MODULE_INIT"},
+{ERR_FUNC(CONF_F_MODULE_LOAD_DSO),	"MODULE_LOAD_DSO"},
+{ERR_FUNC(CONF_F_MODULE_RUN),	"MODULE_RUN"},
+{ERR_FUNC(CONF_F_NCONF_DUMP_BIO),	"NCONF_dump_bio"},
+{ERR_FUNC(CONF_F_NCONF_DUMP_FP),	"NCONF_dump_fp"},
+{ERR_FUNC(CONF_F_NCONF_GET_NUMBER),	"NCONF_get_number"},
+{ERR_FUNC(CONF_F_NCONF_GET_NUMBER_E),	"NCONF_get_number_e"},
+{ERR_FUNC(CONF_F_NCONF_GET_SECTION),	"NCONF_get_section"},
+{ERR_FUNC(CONF_F_NCONF_GET_STRING),	"NCONF_get_string"},
+{ERR_FUNC(CONF_F_NCONF_LOAD),	"NCONF_load"},
+{ERR_FUNC(CONF_F_NCONF_LOAD_BIO),	"NCONF_load_bio"},
+{ERR_FUNC(CONF_F_NCONF_LOAD_FP),	"NCONF_load_fp"},
+{ERR_FUNC(CONF_F_NCONF_NEW),	"NCONF_new"},
+{ERR_FUNC(CONF_F_STR_COPY),	"STR_COPY"},
 {0,NULL}
 	};
 
 static ERR_STRING_DATA CONF_str_reasons[]=
 	{
-{CONF_R_ERROR_LOADING_DSO                ,"error loading dso"},
-{CONF_R_MISSING_CLOSE_SQUARE_BRACKET     ,"missing close square bracket"},
-{CONF_R_MISSING_EQUAL_SIGN               ,"missing equal sign"},
-{CONF_R_MISSING_FINISH_FUNCTION          ,"missing finish function"},
-{CONF_R_MISSING_INIT_FUNCTION            ,"missing init function"},
-{CONF_R_MODULE_INITIALIZATION_ERROR      ,"module initialization error"},
-{CONF_R_NO_CLOSE_BRACE                   ,"no close brace"},
-{CONF_R_NO_CONF                          ,"no conf"},
-{CONF_R_NO_CONF_OR_ENVIRONMENT_VARIABLE  ,"no conf or environment variable"},
-{CONF_R_NO_SECTION                       ,"no section"},
-{CONF_R_NO_SUCH_FILE                     ,"no such file"},
-{CONF_R_NO_VALUE                         ,"no value"},
-{CONF_R_UNABLE_TO_CREATE_NEW_SECTION     ,"unable to create new section"},
-{CONF_R_UNKNOWN_MODULE_NAME              ,"unknown module name"},
-{CONF_R_VARIABLE_HAS_NO_VALUE            ,"variable has no value"},
+{ERR_REASON(CONF_R_ERROR_LOADING_DSO)    ,"error loading dso"},
+{ERR_REASON(CONF_R_LIST_CANNOT_BE_NULL)  ,"list cannot be null"},
+{ERR_REASON(CONF_R_MISSING_CLOSE_SQUARE_BRACKET),"missing close square bracket"},
+{ERR_REASON(CONF_R_MISSING_EQUAL_SIGN)   ,"missing equal sign"},
+{ERR_REASON(CONF_R_MISSING_FINISH_FUNCTION),"missing finish function"},
+{ERR_REASON(CONF_R_MISSING_INIT_FUNCTION),"missing init function"},
+{ERR_REASON(CONF_R_MODULE_INITIALIZATION_ERROR),"module initialization error"},
+{ERR_REASON(CONF_R_NO_CLOSE_BRACE)       ,"no close brace"},
+{ERR_REASON(CONF_R_NO_CONF)              ,"no conf"},
+{ERR_REASON(CONF_R_NO_CONF_OR_ENVIRONMENT_VARIABLE),"no conf or environment variable"},
+{ERR_REASON(CONF_R_NO_SECTION)           ,"no section"},
+{ERR_REASON(CONF_R_NO_SUCH_FILE)         ,"no such file"},
+{ERR_REASON(CONF_R_NO_VALUE)             ,"no value"},
+{ERR_REASON(CONF_R_UNABLE_TO_CREATE_NEW_SECTION),"unable to create new section"},
+{ERR_REASON(CONF_R_UNKNOWN_MODULE_NAME)  ,"unknown module name"},
+{ERR_REASON(CONF_R_VARIABLE_HAS_NO_VALUE),"variable has no value"},
 {0,NULL}
 	};
 
@@ -113,15 +120,12 @@ static ERR_STRING_DATA CONF_str_reasons[]=
 
 void ERR_load_CONF_strings(void)
 	{
-	static int init=1;
-
-	if (init)
-		{
-		init=0;
 #ifndef OPENSSL_NO_ERR
-		ERR_load_strings(ERR_LIB_CONF,CONF_str_functs);
-		ERR_load_strings(ERR_LIB_CONF,CONF_str_reasons);
-#endif
 
+	if (ERR_func_error_string(CONF_str_functs[0].error) == NULL)
+		{
+		ERR_load_strings(0,CONF_str_functs);
+		ERR_load_strings(0,CONF_str_reasons);
 		}
+#endif
 	}
diff --git a/crypto/conf/conf_lib.c b/crypto/conf/conf_lib.c
index 6a3cf109dd..54046defca 100644
--- a/crypto/conf/conf_lib.c
+++ b/crypto/conf/conf_lib.c
@@ -63,13 +63,13 @@
 #include <openssl/conf_api.h>
 #include <openssl/lhash.h>
 
-const char *CONF_version="CONF" OPENSSL_VERSION_PTEXT;
+const char CONF_version[]="CONF" OPENSSL_VERSION_PTEXT;
 
 static CONF_METHOD *default_CONF_method=NULL;
 
 /* Init a 'CONF' structure from an old LHASH */
 
-void CONF_set_nconf(CONF *conf, LHASH *hash)
+void CONF_set_nconf(CONF *conf, LHASH_OF(CONF_VALUE) *hash)
 	{
 	if (default_CONF_method == NULL)
 		default_CONF_method = NCONF_default();
@@ -87,9 +87,10 @@ int CONF_set_default_method(CONF_METHOD *meth)
 	return 1;
 	}
 
-LHASH *CONF_load(LHASH *conf, const char *file, long *eline)
+LHASH_OF(CONF_VALUE) *CONF_load(LHASH_OF(CONF_VALUE) *conf, const char *file,
+				long *eline)
 	{
-	LHASH *ltmp;
+	LHASH_OF(CONF_VALUE) *ltmp;
 	BIO *in=NULL;
 
 #ifdef OPENSSL_SYS_VMS
@@ -110,10 +111,11 @@ LHASH *CONF_load(LHASH *conf, const char *file, long *eline)
 	}
 
 #ifndef OPENSSL_NO_FP_API
-LHASH *CONF_load_fp(LHASH *conf, FILE *fp,long *eline)
+LHASH_OF(CONF_VALUE) *CONF_load_fp(LHASH_OF(CONF_VALUE) *conf, FILE *fp,
+				   long *eline)
 	{
 	BIO *btmp;
-	LHASH *ltmp;
+	LHASH_OF(CONF_VALUE) *ltmp;
 	if(!(btmp = BIO_new_fp(fp, BIO_NOCLOSE))) {
 		CONFerr(CONF_F_CONF_LOAD_FP,ERR_R_BUF_LIB);
 		return NULL;
@@ -124,7 +126,8 @@ LHASH *CONF_load_fp(LHASH *conf, FILE *fp,long *eline)
 	}
 #endif
 
-LHASH *CONF_load_bio(LHASH *conf, BIO *bp,long *eline)
+LHASH_OF(CONF_VALUE) *CONF_load_bio(LHASH_OF(CONF_VALUE) *conf, BIO *bp,
+				    long *eline)
 	{
 	CONF ctmp;
 	int ret;
@@ -137,7 +140,8 @@ LHASH *CONF_load_bio(LHASH *conf, BIO *bp,long *eline)
 	return NULL;
 	}
 
-STACK_OF(CONF_VALUE) *CONF_get_section(LHASH *conf,const char *section)
+STACK_OF(CONF_VALUE) *CONF_get_section(LHASH_OF(CONF_VALUE) *conf,
+				       const char *section)
 	{
 	if (conf == NULL)
 		{
@@ -151,7 +155,8 @@ STACK_OF(CONF_VALUE) *CONF_get_section(LHASH *conf,const char *section)
 		}
 	}
 
-char *CONF_get_string(LHASH *conf,const char *group,const char *name)
+char *CONF_get_string(LHASH_OF(CONF_VALUE) *conf,const char *group,
+		      const char *name)
 	{
 	if (conf == NULL)
 		{
@@ -165,7 +170,8 @@ char *CONF_get_string(LHASH *conf,const char *group,const char *name)
 		}
 	}
 
-long CONF_get_number(LHASH *conf,const char *group,const char *name)
+long CONF_get_number(LHASH_OF(CONF_VALUE) *conf,const char *group,
+		     const char *name)
 	{
 	int status;
 	long result = 0;
@@ -184,12 +190,12 @@ long CONF_get_number(LHASH *conf,const char *group,const char *name)
 	if (status == 0)
 		{
 		/* This function does not believe in errors... */
-		ERR_get_error();
+		ERR_clear_error();
 		}
 	return result;
 	}
 
-void CONF_free(LHASH *conf)
+void CONF_free(LHASH_OF(CONF_VALUE) *conf)
 	{
 	CONF ctmp;
 	CONF_set_nconf(&ctmp, conf);
@@ -197,7 +203,7 @@ void CONF_free(LHASH *conf)
 	}
 
 #ifndef OPENSSL_NO_FP_API
-int CONF_dump_fp(LHASH *conf, FILE *out)
+int CONF_dump_fp(LHASH_OF(CONF_VALUE) *conf, FILE *out)
 	{
 	BIO *btmp;
 	int ret;
@@ -212,7 +218,7 @@ int CONF_dump_fp(LHASH *conf, FILE *out)
 	}
 #endif
 
-int CONF_dump_bio(LHASH *conf, BIO *out)
+int CONF_dump_bio(LHASH_OF(CONF_VALUE) *conf, BIO *out)
 	{
 	CONF ctmp;
 	CONF_set_nconf(&ctmp, conf);
diff --git a/crypto/conf/conf_mall.c b/crypto/conf/conf_mall.c
index 4ba40cf44c..c6f4cb2d55 100644
--- a/crypto/conf/conf_mall.c
+++ b/crypto/conf/conf_mall.c
@@ -1,5 +1,5 @@
 /* conf_mall.c */
-/* Written by Stephen Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Stephen Henson (steve@openssl.org) for the OpenSSL
  * project 2001.
  */
 /* ====================================================================
diff --git a/crypto/conf/conf_mod.c b/crypto/conf/conf_mod.c
index d45adea851..df1642a0a5 100644
--- a/crypto/conf/conf_mod.c
+++ b/crypto/conf/conf_mod.c
@@ -1,5 +1,5 @@
 /* conf_mod.c */
-/* Written by Stephen Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Stephen Henson (steve@openssl.org) for the OpenSSL
  * project 2001.
  */
 /* ====================================================================
@@ -126,17 +126,18 @@ int CONF_modules_load(const CONF *cnf, const char *appname,
 	{
 	STACK_OF(CONF_VALUE) *values;
 	CONF_VALUE *vl;
-	char *vsection;
+	char *vsection = NULL;
 
 	int ret, i;
 
 	if (!cnf)
 		return 1;
 
-	if (appname == NULL)
-		appname = "openssl_conf";
+	if (appname)
+		vsection = NCONF_get_string(cnf, NULL, appname);
 
-	vsection = NCONF_get_string(cnf, NULL, appname); 
+	if (!appname || (!vsection && (flags & CONF_MFLAGS_DEFAULT_SECTION)))
+		vsection = NCONF_get_string(cnf, NULL, "openssl_conf");
 
 	if (!vsection)
 		{
@@ -231,7 +232,7 @@ static int module_run(const CONF *cnf, char *name, char *value,
 		if (!(flags & CONF_MFLAGS_SILENT))
 			{
 			char rcode[DECIMAL_SIZE(ret)+1];
-			CONFerr(CONF_F_CONF_MODULES_LOAD, CONF_R_MODULE_INITIALIZATION_ERROR);
+			CONFerr(CONF_F_MODULE_RUN, CONF_R_MODULE_INITIALIZATION_ERROR);
 			BIO_snprintf(rcode, sizeof rcode, "%-8d", ret);
 			ERR_add_error_data(6, "module=", name, ", value=", value, ", retcode=", rcode);
 			}
@@ -254,7 +255,7 @@ static CONF_MODULE *module_load_dso(const CONF *cnf, char *name, char *value,
 	path = NCONF_get_string(cnf, value, "path");
 	if (!path)
 		{
-		ERR_get_error();
+		ERR_clear_error();
 		path = name;
 		}
 	dso = DSO_load(NULL, path, NULL, 0);
@@ -431,7 +432,7 @@ void CONF_modules_unload(int all)
 		if (((md->links > 0) || !md->dso) && !all)
 			continue;
 		/* Since we're working in reverse this is OK */
-		sk_CONF_MODULE_delete(supported_modules, i);
+		(void)sk_CONF_MODULE_delete(supported_modules, i);
 		module_free(md);
 		}
 	if (sk_CONF_MODULE_num(supported_modules) == 0)
@@ -581,8 +582,14 @@ int CONF_parse_list(const char *list_, int sep, int nospc,
 	{
 	int ret;
 	const char *lstart, *tmpend, *p;
-	lstart = list_;
 
+	if(list_ == NULL)
+		{
+		CONFerr(CONF_F_CONF_PARSE_LIST, CONF_R_LIST_CANNOT_BE_NULL);
+		return 0;
+		}
+
+	lstart = list_;
 	for(;;)
 		{
 		if (nospc)
diff --git a/crypto/conf/conf_sap.c b/crypto/conf/conf_sap.c
index e15c2e5546..760dc2632d 100644
--- a/crypto/conf/conf_sap.c
+++ b/crypto/conf/conf_sap.c
@@ -1,5 +1,5 @@
 /* conf_sap.c */
-/* Written by Stephen Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Stephen Henson (steve@openssl.org) for the OpenSSL
  * project 2001.
  */
 /* ====================================================================
@@ -88,8 +88,8 @@ void OPENSSL_config(const char *config_name)
 
 
 	ERR_clear_error();
-	if (CONF_modules_load_file(NULL, NULL,
-					CONF_MFLAGS_IGNORE_MISSING_FILE) <= 0)
+	if (CONF_modules_load_file(NULL, config_name,
+	CONF_MFLAGS_DEFAULT_SECTION|CONF_MFLAGS_IGNORE_MISSING_FILE) <= 0)
 		{
 		BIO *bio_err;
 		ERR_load_crypto_strings();
diff --git a/crypto/cpt_err.c b/crypto/cpt_err.c
index 1b4a1cb4d4..139b9284e4 100644
--- a/crypto/cpt_err.c
+++ b/crypto/cpt_err.c
@@ -1,6 +1,6 @@
 /* crypto/cpt_err.c */
 /* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2006 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -64,23 +64,27 @@
 
 /* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
+
+#define ERR_FUNC(func) ERR_PACK(ERR_LIB_CRYPTO,func,0)
+#define ERR_REASON(reason) ERR_PACK(ERR_LIB_CRYPTO,0,reason)
+
 static ERR_STRING_DATA CRYPTO_str_functs[]=
 	{
-{ERR_PACK(0,CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX,0),	"CRYPTO_get_ex_new_index"},
-{ERR_PACK(0,CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID,0),	"CRYPTO_get_new_dynlockid"},
-{ERR_PACK(0,CRYPTO_F_CRYPTO_GET_NEW_LOCKID,0),	"CRYPTO_get_new_lockid"},
-{ERR_PACK(0,CRYPTO_F_CRYPTO_SET_EX_DATA,0),	"CRYPTO_set_ex_data"},
-{ERR_PACK(0,CRYPTO_F_DEF_ADD_INDEX,0),	"DEF_ADD_INDEX"},
-{ERR_PACK(0,CRYPTO_F_DEF_GET_CLASS,0),	"DEF_GET_CLASS"},
-{ERR_PACK(0,CRYPTO_F_INT_DUP_EX_DATA,0),	"INT_DUP_EX_DATA"},
-{ERR_PACK(0,CRYPTO_F_INT_FREE_EX_DATA,0),	"INT_FREE_EX_DATA"},
-{ERR_PACK(0,CRYPTO_F_INT_NEW_EX_DATA,0),	"INT_NEW_EX_DATA"},
+{ERR_FUNC(CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX),	"CRYPTO_get_ex_new_index"},
+{ERR_FUNC(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID),	"CRYPTO_get_new_dynlockid"},
+{ERR_FUNC(CRYPTO_F_CRYPTO_GET_NEW_LOCKID),	"CRYPTO_get_new_lockid"},
+{ERR_FUNC(CRYPTO_F_CRYPTO_SET_EX_DATA),	"CRYPTO_set_ex_data"},
+{ERR_FUNC(CRYPTO_F_DEF_ADD_INDEX),	"DEF_ADD_INDEX"},
+{ERR_FUNC(CRYPTO_F_DEF_GET_CLASS),	"DEF_GET_CLASS"},
+{ERR_FUNC(CRYPTO_F_INT_DUP_EX_DATA),	"INT_DUP_EX_DATA"},
+{ERR_FUNC(CRYPTO_F_INT_FREE_EX_DATA),	"INT_FREE_EX_DATA"},
+{ERR_FUNC(CRYPTO_F_INT_NEW_EX_DATA),	"INT_NEW_EX_DATA"},
 {0,NULL}
 	};
 
 static ERR_STRING_DATA CRYPTO_str_reasons[]=
 	{
-{CRYPTO_R_NO_DYNLOCK_CREATE_CALLBACK     ,"no dynlock create callback"},
+{ERR_REASON(CRYPTO_R_NO_DYNLOCK_CREATE_CALLBACK),"no dynlock create callback"},
 {0,NULL}
 	};
 
@@ -88,15 +92,12 @@ static ERR_STRING_DATA CRYPTO_str_reasons[]=
 
 void ERR_load_CRYPTO_strings(void)
 	{
-	static int init=1;
-
-	if (init)
-		{
-		init=0;
 #ifndef OPENSSL_NO_ERR
-		ERR_load_strings(ERR_LIB_CRYPTO,CRYPTO_str_functs);
-		ERR_load_strings(ERR_LIB_CRYPTO,CRYPTO_str_reasons);
-#endif
 
+	if (ERR_func_error_string(CRYPTO_str_functs[0].error) == NULL)
+		{
+		ERR_load_strings(0,CRYPTO_str_functs);
+		ERR_load_strings(0,CRYPTO_str_reasons);
 		}
+#endif
 	}
diff --git a/crypto/cryptlib.c b/crypto/cryptlib.c
index 3cfcb9e602..62bc495d3d 100644
--- a/crypto/cryptlib.c
+++ b/crypto/cryptlib.c
@@ -1,6 +1,6 @@
 /* crypto/cryptlib.c */
 /* ====================================================================
- * Copyright (c) 1998-2003 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -122,10 +122,9 @@ static double SSLeay_MSVC5_hack=0.0; /* and for VC1.5 */
 #endif
 
 DECLARE_STACK_OF(CRYPTO_dynlock)
-IMPLEMENT_STACK_OF(CRYPTO_dynlock)
 
 /* real #defines in crypto.h, keep these upto date */
-static const char* lock_names[CRYPTO_NUM_LOCKS] =
+static const char* const lock_names[CRYPTO_NUM_LOCKS] =
 	{
 	"<<ERROR>>",
 	"err",
@@ -166,14 +165,16 @@ static const char* lock_names[CRYPTO_NUM_LOCKS] =
 	"ec_pre_comp",
 	"store",
 	"comp",
-#if CRYPTO_NUM_LOCKS != 39
+	"fips",
+	"fips2",
+#if CRYPTO_NUM_LOCKS != 41
 # error "Inconsistency between crypto.h and cryptlib.c"
 #endif
 	};
 
 /* This is for applications to allocate new type names in the non-dynamic
    array of lock names.  These are numbered with positive numbers.  */
-static STACK *app_locks=NULL;
+static STACK_OF(OPENSSL_STRING) *app_locks=NULL;
 
 /* For applications that want a more dynamic way of handling threads, the
    following stack is used.  These are externally numbered with negative
@@ -182,16 +183,19 @@ static STACK_OF(CRYPTO_dynlock) *dyn_locks=NULL;
 
 
 static void (MS_FAR *locking_callback)(int mode,int type,
-	const char *file,int line)=NULL;
+	const char *file,int line)=0;
 static int (MS_FAR *add_lock_callback)(int *pointer,int amount,
-	int type,const char *file,int line)=NULL;
-static unsigned long (MS_FAR *id_callback)(void)=NULL;
+	int type,const char *file,int line)=0;
+#ifndef OPENSSL_NO_DEPRECATED
+static unsigned long (MS_FAR *id_callback)(void)=0;
+#endif
+static void (MS_FAR *threadid_callback)(CRYPTO_THREADID *)=0;
 static struct CRYPTO_dynlock_value *(MS_FAR *dynlock_create_callback)
-	(const char *file,int line)=NULL;
+	(const char *file,int line)=0;
 static void (MS_FAR *dynlock_lock_callback)(int mode,
-	struct CRYPTO_dynlock_value *l, const char *file,int line)=NULL;
+	struct CRYPTO_dynlock_value *l, const char *file,int line)=0;
 static void (MS_FAR *dynlock_destroy_callback)(struct CRYPTO_dynlock_value *l,
-	const char *file,int line)=NULL;
+	const char *file,int line)=0;
 
 int CRYPTO_get_new_lockid(char *name)
 	{
@@ -201,12 +205,12 @@ int CRYPTO_get_new_lockid(char *name)
 #if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WIN16)
 	/* A hack to make Visual C++ 5.0 work correctly when linking as
 	 * a DLL using /MT. Without this, the application cannot use
-	 * and floating point printf's.
+	 * any floating point printf's.
 	 * It also seems to be needed for Visual C 1.5 (win16) */
 	SSLeay_MSVC5_hack=(double)name[0]*(double)name[1];
 #endif
 
-	if ((app_locks == NULL) && ((app_locks=sk_new_null()) == NULL))
+	if ((app_locks == NULL) && ((app_locks=sk_OPENSSL_STRING_new_null()) == NULL))
 		{
 		CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_LOCKID,ERR_R_MALLOC_FAILURE);
 		return(0);
@@ -216,7 +220,7 @@ int CRYPTO_get_new_lockid(char *name)
 		CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_LOCKID,ERR_R_MALLOC_FAILURE);
 		return(0);
 		}
-	i=sk_push(app_locks,str);
+	i=sk_OPENSSL_STRING_push(app_locks,str);
 	if (!i)
 		OPENSSL_free(str);
 	else
@@ -277,7 +281,7 @@ int CRYPTO_get_new_dynlockid(void)
 	else
 		/* If we found a place with a NULL pointer, put our pointer
 		   in it.  */
-		sk_CRYPTO_dynlock_set(dyn_locks,i,pointer);
+		(void)sk_CRYPTO_dynlock_set(dyn_locks,i,pointer);
 	CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK);
 
 	if (i == -1)
@@ -319,7 +323,7 @@ void CRYPTO_destroy_dynlockid(int i)
 #endif
 			if (pointer->references <= 0)
 				{
-				sk_CRYPTO_dynlock_set(dyn_locks, i, NULL);
+				(void)sk_CRYPTO_dynlock_set(dyn_locks, i, NULL);
 				}
 			else
 				pointer = NULL;
@@ -414,6 +418,108 @@ void CRYPTO_set_add_lock_callback(int (*func)(int *num,int mount,int type,
 	add_lock_callback=func;
 	}
 
+/* the memset() here and in set_pointer() seem overkill, but for the sake of
+ * CRYPTO_THREADID_cmp() this avoids any platform silliness that might cause two
+ * "equal" THREADID structs to not be memcmp()-identical. */
+void CRYPTO_THREADID_set_numeric(CRYPTO_THREADID *id, unsigned long val)
+	{
+	memset(id, 0, sizeof(*id));
+	id->val = val;
+	}
+
+static const unsigned char hash_coeffs[] = { 3, 5, 7, 11, 13, 17, 19, 23 };
+void CRYPTO_THREADID_set_pointer(CRYPTO_THREADID *id, void *ptr)
+	{
+	unsigned char *dest = (void *)&id->val;
+	unsigned int accum = 0;
+	unsigned char dnum = sizeof(id->val);
+
+	memset(id, 0, sizeof(*id));
+	id->ptr = ptr;
+	if (sizeof(id->val) >= sizeof(id->ptr))
+		{
+		/* 'ptr' can be embedded in 'val' without loss of uniqueness */
+		id->val = (unsigned long)id->ptr;
+		return;
+		}
+	/* hash ptr ==> val. Each byte of 'val' gets the mod-256 total of a
+	 * linear function over the bytes in 'ptr', the co-efficients of which
+	 * are a sequence of low-primes (hash_coeffs is an 8-element cycle) -
+	 * the starting prime for the sequence varies for each byte of 'val'
+	 * (unique polynomials unless pointers are >64-bit). For added spice,
+	 * the totals accumulate rather than restarting from zero, and the index
+	 * of the 'val' byte is added each time (position dependence). If I was
+	 * a black-belt, I'd scan big-endian pointers in reverse to give
+	 * low-order bits more play, but this isn't crypto and I'd prefer nobody
+	 * mistake it as such. Plus I'm lazy. */
+	while (dnum--)
+		{
+		const unsigned char *src = (void *)&id->ptr;
+		unsigned char snum = sizeof(id->ptr);
+		while (snum--)
+			accum += *(src++) * hash_coeffs[(snum + dnum) & 7];
+		accum += dnum;
+		*(dest++) = accum & 255;
+		}
+	}
+
+int CRYPTO_THREADID_set_callback(void (*func)(CRYPTO_THREADID *))
+	{
+	if (threadid_callback)
+		return 0;
+	threadid_callback = func;
+	return 1;
+	}
+
+void (*CRYPTO_THREADID_get_callback(void))(CRYPTO_THREADID *)
+	{
+	return threadid_callback;
+	}
+
+void CRYPTO_THREADID_current(CRYPTO_THREADID *id)
+	{
+	if (threadid_callback)
+		{
+		threadid_callback(id);
+		return;
+		}
+#ifndef OPENSSL_NO_DEPRECATED
+	/* If the deprecated callback was set, fall back to that */
+	if (id_callback)
+		{
+		CRYPTO_THREADID_set_numeric(id, id_callback());
+		return;
+		}
+#endif
+	/* Else pick a backup */
+#ifdef OPENSSL_SYS_WIN16
+	CRYPTO_THREADID_set_numeric(id, (unsigned long)GetCurrentTask());
+#elif defined(OPENSSL_SYS_WIN32)
+	CRYPTO_THREADID_set_numeric(id, (unsigned long)GetCurrentThreadId());
+#elif defined(OPENSSL_SYS_BEOS)
+	CRYPTO_THREADID_set_numeric(id, (unsigned long)find_thread(NULL));
+#else
+	/* For everything else, default to using the address of 'errno' */
+	CRYPTO_THREADID_set_pointer(id, &errno);
+#endif
+	}
+
+int CRYPTO_THREADID_cmp(const CRYPTO_THREADID *a, const CRYPTO_THREADID *b)
+	{
+	return memcmp(a, b, sizeof(*a));
+	}
+
+void CRYPTO_THREADID_cpy(CRYPTO_THREADID *dest, const CRYPTO_THREADID *src)
+	{
+	memcpy(dest, src, sizeof(*src));
+	}
+
+unsigned long CRYPTO_THREADID_hash(const CRYPTO_THREADID *id)
+	{
+	return id->val;
+	}
+
+#ifndef OPENSSL_NO_DEPRECATED
 unsigned long (*CRYPTO_get_id_callback(void))(void)
 	{
 	return(id_callback);
@@ -436,6 +542,8 @@ unsigned long CRYPTO_thread_id(void)
 		ret=(unsigned long)GetCurrentThreadId();
 #elif defined(GETPID_IS_MEANINGLESS)
 		ret=1L;
+#elif defined(OPENSSL_SYS_BEOS)
+		ret=(unsigned long)find_thread(NULL);
 #else
 		ret=(unsigned long)getpid();
 #endif
@@ -444,11 +552,13 @@ unsigned long CRYPTO_thread_id(void)
 		ret=id_callback();
 	return(ret);
 	}
+#endif
 
 void CRYPTO_lock(int mode, int type, const char *file, int line)
 	{
 #ifdef LOCK_DEBUG
 		{
+		CRYPTO_THREADID id;
 		char *rw_text,*operation_text;
 
 		if (mode & CRYPTO_LOCK)
@@ -465,8 +575,9 @@ void CRYPTO_lock(int mode, int type, const char *file, int line)
 		else
 			rw_text="ERROR";
 
+		CRYPTO_THREADID_current(&id);
 		fprintf(stderr,"lock:%08lx:(%s)%s %-18s %s:%d\n",
-			CRYPTO_thread_id(), rw_text, operation_text,
+			CRYPTO_THREADID_hash(&id), rw_text, operation_text,
 			CRYPTO_get_lock_name(type), file, line);
 		}
 #endif
@@ -502,11 +613,14 @@ int CRYPTO_add_lock(int *pointer, int amount, int type, const char *file,
 
 		ret=add_lock_callback(pointer,amount,type,file,line);
 #ifdef LOCK_DEBUG
+		{
+		CRYPTO_THREADID id;
+		CRYPTO_THREADID_current(&id);
 		fprintf(stderr,"ladd:%08lx:%2d+%2d->%2d %-18s %s:%d\n",
-			CRYPTO_thread_id(),
-			before,amount,ret,
+			CRYPTO_THREADID_hash(&id), before,amount,ret,
 			CRYPTO_get_lock_name(type),
 			file,line);
+		}
 #endif
 		}
 	else
@@ -515,11 +629,15 @@ int CRYPTO_add_lock(int *pointer, int amount, int type, const char *file,
 
 		ret= *pointer+amount;
 #ifdef LOCK_DEBUG
+		{
+		CRYPTO_THREADID id;
+		CRYPTO_THREADID_current(&id);
 		fprintf(stderr,"ladd:%08lx:%2d+%2d->%2d %-18s %s:%d\n",
-			CRYPTO_thread_id(),
+			CRYPTO_THREADID_hash(&id),
 			*pointer,amount,ret,
 			CRYPTO_get_lock_name(type),
 			file,line);
+		}
 #endif
 		*pointer=ret;
 		CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_WRITE,type,file,line);
@@ -533,50 +651,68 @@ const char *CRYPTO_get_lock_name(int type)
 		return("dynamic");
 	else if (type < CRYPTO_NUM_LOCKS)
 		return(lock_names[type]);
-	else if (type-CRYPTO_NUM_LOCKS > sk_num(app_locks))
+	else if (type-CRYPTO_NUM_LOCKS > sk_OPENSSL_STRING_num(app_locks))
 		return("ERROR");
 	else
-		return(sk_value(app_locks,type-CRYPTO_NUM_LOCKS));
+		return(sk_OPENSSL_STRING_value(app_locks,type-CRYPTO_NUM_LOCKS));
 	}
 
 #if	defined(__i386)   || defined(__i386__)   || defined(_M_IX86) || \
 	defined(__INTEL__) || \
-	defined(__x86_64) || defined(__x86_64__) || defined(_M_AMD64)
+	defined(__x86_64) || defined(__x86_64__) || defined(_M_AMD64) || defined(_M_X64)
 
-unsigned long  OPENSSL_ia32cap_P=0;
-unsigned long *OPENSSL_ia32cap_loc(void) { return &OPENSSL_ia32cap_P; }
+unsigned int  OPENSSL_ia32cap_P[2];
+unsigned int *OPENSSL_ia32cap_loc(void) { return OPENSSL_ia32cap_P; }
 
 #if defined(OPENSSL_CPUID_OBJ) && !defined(OPENSSL_NO_ASM) && !defined(I386_ONLY)
 #define OPENSSL_CPUID_SETUP
+#if defined(_WIN32)
+typedef unsigned __int64 IA32CAP;
+#else
+typedef unsigned long long IA32CAP;
+#endif
 void OPENSSL_cpuid_setup(void)
 { static int trigger=0;
-  unsigned long OPENSSL_ia32_cpuid(void);
+  IA32CAP OPENSSL_ia32_cpuid(void);
+  IA32CAP vec;
   char *env;
 
     if (trigger)	return;
 
     trigger=1;
     if ((env=getenv("OPENSSL_ia32cap")))
-	OPENSSL_ia32cap_P = strtoul(env,NULL,0)|(1<<10);
+#if defined(_WIN32)
+    {	if (!sscanf(env,"%I64i",&vec)) vec = strtoul(env,NULL,0);   }
+#else
+	vec = strtoull(env,NULL,0);
+#endif
     else
-	OPENSSL_ia32cap_P = OPENSSL_ia32_cpuid()|(1<<10);
+	vec = OPENSSL_ia32_cpuid();
+
     /*
      * |(1<<10) sets a reserved bit to signal that variable
      * was initialized already... This is to avoid interference
      * with cpuid snippets in ELF .init segment.
      */
+    OPENSSL_ia32cap_P[0] = (unsigned int)vec|(1<<10);
+    OPENSSL_ia32cap_P[1] = (unsigned int)(vec>>32);
 }
 #endif
 
+#else
+unsigned int *OPENSSL_ia32cap_loc(void) { return NULL; }
 #endif
-#if !defined(OPENSSL_CPUID_SETUP)
+int OPENSSL_NONPIC_relocated = 0;
+#if !defined(OPENSSL_CPUID_SETUP) && !defined(OPENSSL_CPUID_OBJ)
 void OPENSSL_cpuid_setup(void) {}
 #endif
 
-#if (defined(_WIN32) || defined(__CYGWIN__)) && defined(_DLL)
+#if (defined(_WIN32) || defined(__CYGWIN__)) && defined(_WINDLL)
 #ifdef __CYGWIN__
 /* pick DLL_[PROCESS|THREAD]_[ATTACH|DETACH] definitions */
 #include <windows.h>
+/* this has side-effect of _WIN32 getting defined, which otherwise
+ * is mutually exclusive with __CYGWIN__... */
 #endif
 
 /* All we really need to do is remove the 'error' state when a thread
@@ -589,6 +725,21 @@ BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD fdwReason,
 		{
 	case DLL_PROCESS_ATTACH:
 		OPENSSL_cpuid_setup();
+#if defined(_WIN32_WINNT)
+		{
+		IMAGE_DOS_HEADER *dos_header = (IMAGE_DOS_HEADER *)hinstDLL;
+		IMAGE_NT_HEADERS *nt_headers;
+
+		if (dos_header->e_magic==IMAGE_DOS_SIGNATURE)
+			{
+			nt_headers = (IMAGE_NT_HEADERS *)((char *)dos_header
+						+ dos_header->e_lfanew);
+			if (nt_headers->Signature==IMAGE_NT_SIGNATURE &&
+			    hinstDLL!=(HINSTANCE)(nt_headers->OptionalHeader.ImageBase))
+				OPENSSL_NONPIC_relocated=1;
+			}
+		}
+#endif
 		break;
 	case DLL_THREAD_ATTACH:
 		break;
@@ -602,10 +753,146 @@ BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD fdwReason,
 	}
 #endif
 
+#if defined(_WIN32) && !defined(__CYGWIN__)
+#include <tchar.h>
+#include <signal.h>
+
+#if defined(_WIN32_WINNT) && _WIN32_WINNT>=0x0333
+int OPENSSL_isservice(void)
+{ HWINSTA h;
+  DWORD len;
+  WCHAR *name;
+
+    (void)GetDesktopWindow(); /* return value is ignored */
+
+    h = GetProcessWindowStation();
+    if (h==NULL) return -1;
+
+    if (GetUserObjectInformationW (h,UOI_NAME,NULL,0,&len) ||
+	GetLastError() != ERROR_INSUFFICIENT_BUFFER)
+	return -1;
+
+    if (len>512) return -1;		/* paranoia */
+    len++,len&=~1;			/* paranoia */
+#ifdef _MSC_VER
+    name=(WCHAR *)_alloca(len+sizeof(WCHAR));
+#else
+    name=(WCHAR *)alloca(len+sizeof(WCHAR));
+#endif
+    if (!GetUserObjectInformationW (h,UOI_NAME,name,len,&len))
+	return -1;
+
+    len++,len&=~1;			/* paranoia */
+    name[len/sizeof(WCHAR)]=L'\0';	/* paranoia */
+#if 1
+    /* This doesn't cover "interactive" services [working with real
+     * WinSta0's] nor programs started non-interactively by Task
+     * Scheduler [those are working with SAWinSta]. */
+    if (wcsstr(name,L"Service-0x"))	return 1;
+#else
+    /* This covers all non-interactive programs such as services. */
+    if (!wcsstr(name,L"WinSta0"))	return 1;
+#endif
+    else				return 0;
+}
+#else
+int OPENSSL_isservice(void) { return 0; }
+#endif
+
+void OPENSSL_showfatal (const char *fmta,...)
+{ va_list ap;
+  TCHAR buf[256];
+  const TCHAR *fmt;
+#ifdef STD_ERROR_HANDLE	/* what a dirty trick! */
+  HANDLE h;
+
+    if ((h=GetStdHandle(STD_ERROR_HANDLE)) != NULL &&
+	GetFileType(h)!=FILE_TYPE_UNKNOWN)
+    {	/* must be console application */
+	va_start (ap,fmta);
+	vfprintf (stderr,fmta,ap);
+	va_end (ap);
+	return;
+    }
+#endif
+
+    if (sizeof(TCHAR)==sizeof(char))
+	fmt=(const TCHAR *)fmta;
+    else do
+    { int    keepgoing;
+      size_t len_0=strlen(fmta)+1,i;
+      WCHAR *fmtw;
+
+#ifdef _MSC_VER
+	fmtw = (WCHAR *)_alloca (len_0*sizeof(WCHAR));
+#else
+	fmtw = (WCHAR *)alloca (len_0*sizeof(WCHAR));
+#endif
+	if (fmtw == NULL) { fmt=(const TCHAR *)L"no stack?"; break; }
+
+#ifndef OPENSSL_NO_MULTIBYTE
+	if (!MultiByteToWideChar(CP_ACP,0,fmta,len_0,fmtw,len_0))
+#endif
+	    for (i=0;i<len_0;i++) fmtw[i]=(WCHAR)fmta[i];
+
+	for (i=0;i<len_0;i++)
+	{   if (fmtw[i]==L'%') do
+	    {	keepgoing=0;
+		switch (fmtw[i+1])
+		{   case L'0': case L'1': case L'2': case L'3': case L'4':
+		    case L'5': case L'6': case L'7': case L'8': case L'9':
+		    case L'.': case L'*':
+		    case L'-':	i++; keepgoing=1; break;
+		    case L's':	fmtw[i+1]=L'S';   break;
+		    case L'S':	fmtw[i+1]=L's';   break;
+		    case L'c':	fmtw[i+1]=L'C';   break;
+		    case L'C':	fmtw[i+1]=L'c';   break;
+		}
+	    } while (keepgoing);
+	}
+	fmt = (const TCHAR *)fmtw;
+    } while (0);
+
+    va_start (ap,fmta);
+    _vsntprintf (buf,sizeof(buf)/sizeof(TCHAR)-1,fmt,ap);
+    buf [sizeof(buf)/sizeof(TCHAR)-1] = _T('\0');
+    va_end (ap);
+
+#if defined(_WIN32_WINNT) && _WIN32_WINNT>=0x0333
+    /* this -------------v--- guards NT-specific calls */
+    if (GetVersion() < 0x80000000 && OPENSSL_isservice() > 0)
+    {	HANDLE h = RegisterEventSource(0,_T("OPENSSL"));
+	const TCHAR *pmsg=buf;
+	ReportEvent(h,EVENTLOG_ERROR_TYPE,0,0,0,1,0,&pmsg,0);
+	DeregisterEventSource(h);
+    }
+    else
+#endif
+	MessageBox (NULL,buf,_T("OpenSSL: FATAL"),MB_OK|MB_ICONSTOP);
+}
+#else
+void OPENSSL_showfatal (const char *fmta,...)
+{ va_list ap;
+
+    va_start (ap,fmta);
+    vfprintf (stderr,fmta,ap);
+    va_end (ap);
+}
+int OPENSSL_isservice (void) { return 0; }
+#endif
+
 void OpenSSLDie(const char *file,int line,const char *assertion)
 	{
-	fprintf(stderr,
+	OPENSSL_showfatal(
 		"%s(%d): OpenSSL internal error, assertion failed: %s\n",
 		file,line,assertion);
+#if !defined(_WIN32) || defined(__CYGWIN__)
 	abort();
+#else
+	/* Win32 abort() customarily shows a dialog, but we just did that... */
+	raise(SIGABRT);
+	_exit(3);
+#endif
 	}
+
+void *OPENSSL_stderr(void)	{ return stderr; }
diff --git a/crypto/cryptlib.h b/crypto/cryptlib.h
index 8b0add7e20..1761f6b668 100644
--- a/crypto/cryptlib.h
+++ b/crypto/cryptlib.h
@@ -64,6 +64,11 @@
 
 #include "e_os.h"
 
+#ifdef OPENSSL_USE_APPLINK
+#define BIO_FLAGS_UPLINK 0x8000
+#include "ms/uplink.h"
+#endif
+
 #include <openssl/crypto.h>
 #include <openssl/buffer.h> 
 #include <openssl/bio.h> 
@@ -94,7 +99,10 @@ extern "C" {
 #define HEX_SIZE(type)		(sizeof(type)*2)
 
 void OPENSSL_cpuid_setup(void);
-extern unsigned long OPENSSL_ia32cap_P;
+extern unsigned int OPENSSL_ia32cap_P[];
+void OPENSSL_showfatal(const char *,...);
+void *OPENSSL_stderr(void);
+extern int OPENSSL_NONPIC_relocated;
 
 #ifdef  __cplusplus
 }
diff --git a/crypto/crypto-lib.com b/crypto/crypto-lib.com
index 8f7b1b153c..05f59a043b 100644
--- a/crypto/crypto-lib.com
+++ b/crypto/crypto-lib.com
@@ -6,10 +6,11 @@ $!               A-Com Computing, Inc.
 $!               byer@mail.all-net.net
 $!
 $!  Changes by Richard Levitte <richard@levitte.org>
+$!             Zoltan Arpadffy <arpadffy@polarhome.com>
 $!
 $!  This command files compiles and creates the "[.xxx.EXE.CRYPTO]LIBCRYPTO.OLB" 
-$!  library for OpenSSL.  The "xxx" denotes the machine architecture of AXP
-$!  or VAX.
+$!  library for OpenSSL.  The "xxx" denotes the machine architecture, ALPHA,
+$!  IA64 or VAX.
 $!
 $!  It was re-written so it would try to determine what "C" compiler to use 
 $!  or you can specify which "C" compiler to use.
@@ -17,28 +18,28 @@ $!
 $!  Specify the following as P1 to build just that part or ALL to just
 $!  build everything.
 $!
-$!    		LIBRARY    To just compile the [.xxx.EXE.CRYPTO]LIBCRYPTO.OLB Library.
-$!    		APPS       To just compile the [.xxx.EXE.CRYPTO]*.EXE
-$!		ALL	   To do both LIBRARY and APPS
+$!    	LIBRARY    To just compile the [.xxx.EXE.CRYPTO]LIBCRYPTO.OLB Library.
+$!    	APPS       To just compile the [.xxx.EXE.CRYPTO]*.EXE
+$!	ALL	   To do both LIBRARY and APPS
 $!
 $!  Specify DEBUG or NODEBUG as P2 to compile with or without debugger
 $!  information.
 $!
 $!  Specify which compiler at P3 to try to compile under.
 $!
-$!	   VAXC	 For VAX C.
-$!	   DECC	 For DEC C.
-$!	   GNUC	 For GNU C.
+$!	VAXC	   For VAX C.
+$!	DECC	   For DEC C.
+$!	GNUC	   For GNU C.
 $!
-$!  If you don't speficy a compiler, it will try to determine which
+$!  If you don't specify a compiler, it will try to determine which
 $!  "C" compiler to use.
 $!
 $!  P4, if defined, sets a TCP/IP library to use, through one of the following
 $!  keywords:
 $!
-$!	UCX		for UCX
-$!	TCPIP		for TCPIP (post UCX)
-$!	SOCKETSHR	for SOCKETSHR+NETLIB
+$!	UCX	   For UCX
+$!	TCPIP	   For TCPIP (post UCX)
+$!	SOCKETSHR  For SOCKETSHR+NETLIB
 $!
 $!  P5, if defined, sets the pointer size to build with.  The values can be
 $!  be "32" or "64".  Any other value will default to "32"
@@ -57,36 +58,51 @@ $ TCPIP_LIB = ""
 $!
 $! Check Which Architecture We Are Using.
 $!
-$ IF (F$GETSYI("CPU").GE.128)
+$ IF (F$GETSYI("CPU").LT.128)
 $ THEN
 $!
-$!  The Architecture Is AXP
+$!  The Architecture Is VAX
 $!
-$   ARCH := AXP
+$   ARCH := VAX
 $!
 $! Else...
 $!
 $ ELSE
 $!
-$!  The Architecture Is VAX.
+$!  The Architecture Is Alpha, IA64 or whatever comes in the future.
 $!
-$   ARCH := VAX
+$   ARCH = F$EDIT( F$GETSYI( "ARCH_NAME"), "UPCASE")
+$   IF (ARCH .EQS. "") THEN ARCH = "UNK"
 $!
 $! End The Architecture Check.
 $!
 $ ENDIF
 $!
 $! Define The Different Encryption Types.
+$! NOTE: Some might think this list ugly.  However, it's made this way to
+$! reflect the SDIRS variable in [-]Makefile.org as closely as possible,
+$! thereby making it fairly easy to verify that the lists are the same.
 $!
 $ ENCRYPT_TYPES = "Basic,"+ -
 		  "OBJECTS,"+ -
-		  "MD2,MD4,MD5,SHA,MDC2,HMAC,RIPEMD,"+ -
-		  "DES,RC2,RC4,RC5,IDEA,BF,CAST,"+ -
-		  "BN,EC,RSA,DSA,ECDSA,DH,ECDH,DSO,ENGINE,AES,"+ -
+		  "MD2,MD4,MD5,SHA,MDC2,HMAC,RIPEMD,WHRLPOOL,"+ -
+		  "DES,AES,RC2,RC4,RC5,IDEA,BF,CAST,CAMELLIA,SEED,MODES,"+ -
+		  "BN,EC,RSA,DSA,ECDSA,DH,ECDH,DSO,ENGINE,"+ -
 		  "BUFFER,BIO,STACK,LHASH,RAND,ERR,"+ -
-		  "EVP,EVP_2,ASN1,ASN1_2,PEM,X509,X509V3,"+ -
+		  "EVP,EVP_2,EVP_3,ASN1,ASN1_2,PEM,X509,X509V3,"+ -
 		  "CONF,TXT_DB,PKCS7,PKCS12,COMP,OCSP,UI,KRB5,"+ -
-		  "STORE"
+		  "STORE,CMS,PQUEUE,TS,JPAKE"
+$! Define The OBJ Directory.
+$!
+$ OBJ_DIR := SYS$DISK:[-.'ARCH'.OBJ.CRYPTO]
+$!
+$! Define The EXE Directory.
+$!
+$ EXE_DIR := SYS$DISK:[-.'ARCH'.EXE.CRYPTO]
+$!
+$! Define The LIS Directory.
+$!
+$ LIS_DIR := SYS$DISK:[-.'ARCH'.LIS.CRYPTO]
 $!
 $! Check To Make Sure We Have Valid Command Line Parameters.
 $!
@@ -100,9 +116,6 @@ $! Tell The User What Kind of Machine We Run On.
 $!
 $ WRITE SYS$OUTPUT "Compiling On A ",ARCH," Machine."
 $!
-$! Define The OBJ Directory.
-$!
-$ OBJ_DIR := SYS$DISK:[-.'ARCH'.OBJ.CRYPTO]
 $!
 $! Check To See If The Architecture Specific OBJ Directory Exists.
 $!
@@ -117,10 +130,6 @@ $! End The Architecture Specific OBJ Directory Check.
 $!
 $ ENDIF
 $!
-$! Define The LIS Directory.
-$!
-$ LIS_DIR := SYS$DISK:[-.'ARCH'.LIS.CRYPTO]
-$!
 $! Check To See If The Architecture Specific LIS Directory Exists.
 $!
 $ IF (F$PARSE(LIS_DIR).EQS."")
@@ -134,10 +143,6 @@ $! End The Architecture Specific LIS Directory Check.
 $!
 $ ENDIF
 $!
-$! Define The EXE Directory.
-$!
-$ EXE_DIR := SYS$DISK:[-.'ARCH'.EXE.CRYPTO]
-$!
 $! Check To See If The Architecture Specific Directory Exists.
 $!
 $ IF (F$PARSE(EXE_DIR).EQS."")
@@ -185,14 +190,15 @@ $!
 $ APPS_DES = "DES/DES,CBC3_ENC"
 $ APPS_PKCS7 = "ENC/ENC;DEC/DEC;SIGN/SIGN;VERIFY/VERIFY,EXAMPLE"
 $
-$ LIB_ = "cryptlib,mem,mem_clr,mem_dbg,cversion,ex_data,tmdiff,cpt_err,ebcdic,uid,o_time,o_str,o_dir"
+$ LIB_ = "cryptlib,mem,mem_clr,mem_dbg,cversion,ex_data,cpt_err,ebcdic,uid,o_time,o_str,o_dir"
 $ LIB_MD2 = "md2_dgst,md2_one"
 $ LIB_MD4 = "md4_dgst,md4_one"
 $ LIB_MD5 = "md5_dgst,md5_one"
 $ LIB_SHA = "sha_dgst,sha1dgst,sha_one,sha1_one,sha256,sha512"
 $ LIB_MDC2 = "mdc2dgst,mdc2_one"
-$ LIB_HMAC = "hmac"
+$ LIB_HMAC = "hmac,hm_ameth,hm_pmeth"
 $ LIB_RIPEMD = "rmd_dgst,rmd_one"
+$ LIB_WHRLPOOL = "wp_dgst,wp_block"
 $ LIB_DES = "set_key,ecb_enc,cbc_enc,"+ -
 	"ecb3_enc,cfb64enc,cfb64ede,cfb_enc,ofb64ede,"+ -
 	"enc_read,enc_writ,ofb64enc,"+ -
@@ -206,69 +212,81 @@ $ LIB_RC5 = "rc5_skey,rc5_ecb,rc5_enc,rc5cfb64,rc5ofb64"
 $ LIB_IDEA = "i_cbc,i_cfb64,i_ofb64,i_ecb,i_skey"
 $ LIB_BF = "bf_skey,bf_ecb,bf_enc,bf_cfb64,bf_ofb64"
 $ LIB_CAST = "c_skey,c_ecb,c_enc,c_cfb64,c_ofb64"
+$ LIB_CAMELLIA = "camellia,cmll_misc,cmll_ecb,cmll_cbc,cmll_ofb,"+ -
+	"cmll_cfb,cmll_ctr"
+$ LIB_SEED = "seed,seed_ecb,seed_cbc,seed_cfb,seed_ofb"
+$ LIB_MODES = "cbc128,ctr128,cfb128,ofb128"
 $ LIB_BN_ASM = "[.asm]vms.mar,vms-helper"
-$ IF F$TRNLNM("OPENSSL_NO_ASM").OR.ARCH.EQS."AXP" THEN LIB_BN_ASM = "bn_asm"
+$ IF F$TRNLNM("OPENSSL_NO_ASM") .OR. ARCH .NES. "VAX" THEN -
+     LIB_BN_ASM = "bn_asm"
 $ LIB_BN = "bn_add,bn_div,bn_exp,bn_lib,bn_ctx,bn_mul,bn_mod,"+ -
 	"bn_print,bn_rand,bn_shift,bn_word,bn_blind,"+ -
 	"bn_kron,bn_sqrt,bn_gcd,bn_prime,bn_err,bn_sqr,"+LIB_BN_ASM+","+ -
 	"bn_recp,bn_mont,bn_mpi,bn_exp2,bn_gf2m,bn_nist,"+ -
-	"bn_depr"
-$ LIB_EC = "ec_lib,ecp_smpl,ecp_mont,ecp_recp,ecp_nist,ec_cvt,ec_mult,"+ -
+	"bn_depr,bn_const"
+$ LIB_EC = "ec_lib,ecp_smpl,ecp_mont,ecp_nist,ec_cvt,ec_mult,"+ -
 	"ec_err,ec_curve,ec_check,ec_print,ec_asn1,ec_key,"+ -
-	"ec2_smpl,ec2_mult"
+	"ec2_smpl,ec2_mult,ec_ameth,ec_pmeth,eck_prn"
 $ LIB_RSA = "rsa_eay,rsa_gen,rsa_lib,rsa_sign,rsa_saos,rsa_err,"+ -
 	"rsa_pk1,rsa_ssl,rsa_none,rsa_oaep,rsa_chk,rsa_null,"+ -
-	"rsa_asn1,rsa_depr"
+	"rsa_pss,rsa_x931,rsa_asn1,rsa_depr,rsa_ameth,rsa_prn,"+ -
+	"rsa_pmeth"
 $ LIB_DSA = "dsa_gen,dsa_key,dsa_lib,dsa_asn1,dsa_vrf,dsa_sign,"+ -
-	"dsa_err,dsa_ossl,dsa_depr"
+	"dsa_err,dsa_ossl,dsa_depr,dsa_ameth,dsa_pmeth,dsa_prn"
 $ LIB_ECDSA = "ecs_lib,ecs_asn1,ecs_ossl,ecs_sign,ecs_vrf,ecs_err"
-$ LIB_DH = "dh_asn1,dh_gen,dh_key,dh_lib,dh_check,dh_err,dh_depr"
+$ LIB_DH = "dh_asn1,dh_gen,dh_key,dh_lib,dh_check,dh_err,dh_depr,"+ -
+	"dh_ameth,dh_pmeth,dh_prn"
 $ LIB_ECDH = "ech_lib,ech_ossl,ech_key,ech_err"
 $ LIB_DSO = "dso_dl,dso_dlfcn,dso_err,dso_lib,dso_null,"+ -
-	"dso_openssl,dso_win32,dso_vms"
+	"dso_openssl,dso_win32,dso_vms,dso_beos"
 $ LIB_ENGINE = "eng_err,eng_lib,eng_list,eng_init,eng_ctrl,"+ -
 	"eng_table,eng_pkey,eng_fat,eng_all,"+ -
 	"tb_rsa,tb_dsa,tb_ecdsa,tb_dh,tb_ecdh,tb_rand,tb_store,"+ -
-	"tb_cipher,tb_digest,"+ -
-	"eng_openssl,eng_dyn,eng_cnf,eng_cryptodev,eng_padlock"
-$ LIB_AES = "aes_core,aes_misc,aes_ecb,aes_cbc,aes_cfb,aes_ofb,aes_ctr"
+	"tb_cipher,tb_digest,tb_pkmeth,tb_asnmth,"+ -
+	"eng_openssl,eng_dyn,eng_cnf,eng_cryptodev"+ -
+	"eng_aesni"
+$ LIB_AES = "aes_core,aes_misc,aes_ecb,aes_cbc,aes_cfb,aes_ofb,aes_ctr,"+ -
+	"aes_ige,aes_wrap"
 $ LIB_BUFFER = "buffer,buf_err"
 $ LIB_BIO = "bio_lib,bio_cb,bio_err,"+ -
 	"bss_mem,bss_null,bss_fd,"+ -
 	"bss_file,bss_sock,bss_conn,"+ -
 	"bf_null,bf_buff,b_print,b_dump,"+ -
 	"b_sock,bss_acpt,bf_nbio,bss_rtcp,bss_bio,bss_log,"+ -
+	"bss_dgram,"+ -
 	"bf_lbuf"
 $ LIB_STACK = "stack"
 $ LIB_LHASH = "lhash,lh_stats"
 $ LIB_RAND = "md_rand,randfile,rand_lib,rand_err,rand_egd,"+ -
 	"rand_vms"
 $ LIB_ERR = "err,err_all,err_prn"
-$ LIB_OBJECTS = "o_names,obj_dat,obj_lib,obj_err"
+$ LIB_OBJECTS = "o_names,obj_dat,obj_lib,obj_err,obj_xref"
 $ LIB_EVP = "encode,digest,evp_enc,evp_key,evp_acnf,"+ -
-	"e_des,e_bf,e_idea,e_des3,"+ -
-	"e_rc4,e_aes,names,"+ -
+	"e_des,e_bf,e_idea,e_des3,e_camellia,"+ -
+	"e_rc4,e_aes,names,e_seed,"+ -
 	"e_xcbc_d,e_rc2,e_cast,e_rc5"
-$ LIB_EVP_2 = "m_null,m_md2,m_md4,m_md5,m_sha,m_sha1," + -
+$ LIB_EVP_2 = "m_null,m_md2,m_md4,m_md5,m_sha,m_sha1,m_wp," + -
 	"m_dss,m_dss1,m_mdc2,m_ripemd,m_ecdsa,"+ -
 	"p_open,p_seal,p_sign,p_verify,p_lib,p_enc,p_dec,"+ -
 	"bio_md,bio_b64,bio_enc,evp_err,e_null,"+ -
 	"c_all,c_allc,c_alld,evp_lib,bio_ok,"+-
 	"evp_pkey,evp_pbe,p5_crpt,p5_crpt2"
+$ LIB_EVP_3 = "e_old,pmeth_lib,pmeth_fn,pmeth_gn,m_sigver"
 $ LIB_ASN1 = "a_object,a_bitstr,a_utctm,a_gentm,a_time,a_int,a_octet,"+ -
 	"a_print,a_type,a_set,a_dup,a_d2i_fp,a_i2d_fp,"+ -
 	"a_enum,a_utf8,a_sign,a_digest,a_verify,a_mbstr,a_strex,"+ -
 	"x_algor,x_val,x_pubkey,x_sig,x_req,x_attrib,x_bignum,"+ -
 	"x_long,x_name,x_x509,x_x509a,x_crl,x_info,x_spki,nsseq,"+ -
-	"d2i_pu,d2i_pr,i2d_pu,i2d_pr"
+	"x_nx509,d2i_pu,d2i_pr,i2d_pu,i2d_pr"
 $ LIB_ASN1_2 = "t_req,t_x509,t_x509a,t_crl,t_pkey,t_spki,t_bitst,"+ -
 	"tasn_new,tasn_fre,tasn_enc,tasn_dec,tasn_utl,tasn_typ,"+ -
+	"tasn_prn,ameth_lib,"+ -
 	"f_int,f_string,n_pkey,"+ -
-	"f_enum,a_hdr,x_pkey,a_bool,x_exten,"+ -
-	"asn1_gen,asn1_par,asn1_lib,asn1_err,a_meth,a_bytes,a_strnid,"+ -
+	"f_enum,x_pkey,a_bool,x_exten,bio_asn1,bio_ndef,asn_mime,"+ -
+	"asn1_gen,asn1_par,asn1_lib,asn1_err,a_bytes,a_strnid,"+ -
 	"evp_asn1,asn_pack,p5_pbe,p5_pbev2,p8_pkey,asn_moid"
 $ LIB_PEM = "pem_sign,pem_seal,pem_info,pem_lib,pem_all,pem_err,"+ -
-	"pem_x509,pem_xaux,pem_oth,pem_pk8,pem_pkey"
+	"pem_x509,pem_xaux,pem_oth,pem_pk8,pem_pkey,pvkfmt"
 $ LIB_X509 = "x509_def,x509_d2,x509_r2x,x509_cmp,"+ -
 	"x509_obj,x509_req,x509spki,x509_vfy,"+ -
 	"x509_set,x509cset,x509rset,x509_err,"+ -
@@ -279,11 +297,12 @@ $ LIB_X509V3 = "v3_bcons,v3_bitst,v3_conf,v3_extku,v3_ia5,v3_lib,"+ -
 	"v3_prn,v3_utl,v3err,v3_genn,v3_alt,v3_skey,v3_akey,v3_pku,"+ -
 	"v3_int,v3_enum,v3_sxnet,v3_cpols,v3_crld,v3_purp,v3_info,"+ -
 	"v3_ocsp,v3_akeya,v3_pmaps,v3_pcons,v3_ncons,v3_pcia,v3_pci,"+ -
-	"pcy_cache,pcy_node,pcy_data,pcy_map,pcy_tree,pcy_lib"
+	"pcy_cache,pcy_node,pcy_data,pcy_map,pcy_tree,pcy_lib,"+ -
+	"v3_asid,v3_addr"
 $ LIB_CONF = "conf_err,conf_lib,conf_api,conf_def,conf_mod,conf_mall,conf_sap"
 $ LIB_TXT_DB = "txt_db"
 $ LIB_PKCS7 = "pk7_asn1,pk7_lib,pkcs7err,pk7_doit,pk7_smime,pk7_attr,"+ -
-	"pk7_mime"
+	"pk7_mime,bio_pk7"
 $ LIB_PKCS12 = "p12_add,p12_asn,p12_attr,p12_crpt,p12_crt,p12_decr,"+ -
 	"p12_init,p12_key,p12_kiss,p12_mutl,"+ -
 	"p12_utl,p12_npas,pk12err,p12_p8d,p12_p8e"
@@ -295,13 +314,25 @@ $ LIB_UI_COMPAT = ",ui_compat"
 $ LIB_UI = "ui_err,ui_lib,ui_openssl,ui_util"+LIB_UI_COMPAT
 $ LIB_KRB5 = "krb5_asn"
 $ LIB_STORE = "str_err,str_lib,str_meth,str_mem"
+$ LIB_CMS = "cms_lib,cms_asn1,cms_att,cms_io,cms_smime,cms_err,"+ -
+	"cms_sd,cms_dd,cms_cd,cms_env,cms_enc,cms_ess"
+$ LIB_PQUEUE = "pqueue"
+$ LIB_TS = "ts_err,ts_req_utils,ts_req_print,ts_rsp_utils,ts_rsp_print,"+ -
+	"ts_rsp_sign,ts_rsp_verify,ts_verify_ctx,ts_lib,ts_conf,"+ -
+	"ts_asn1"
+$ LIB_JPAKE = "jpake,jpake_err"
 $!
 $! Setup exceptional compilations
 $!
+$ ! Add definitions for no threads on OpenVMS 7.1 and higher
 $ COMPILEWITH_CC3 = ",bss_rtcp,"
-$ COMPILEWITH_CC4 = ",a_utctm,bss_log,o_time,read_pwd,err,o_dir"
+$ ! Disable the DOLLARID warning
+$ COMPILEWITH_CC4 = ",a_utctm,bss_log,o_time,o_dir"
+$ ! Disable disjoint optimization
 $ COMPILEWITH_CC5 = ",md2_dgst,md4_dgst,md5_dgst,mdc2dgst," + -
-                    "sha_dgst,sha1dgst,rmd_dgst,bf_enc,"
+                    "seed,sha_dgst,sha1dgst,rmd_dgst,bf_enc,"
+$ ! Disable the MIXLINKAGE warning
+$ COMPILEWITH_CC6 = ",enc_read,set_key,"
 $!
 $! Figure Out What Other Modules We Are To Build.
 $!
@@ -342,11 +373,11 @@ $! Create The Library and Apps Module Names.
 $!
 $ LIB_MODULE = "LIB_" + MODULE_NAME
 $ APPS_MODULE = "APPS_" + MODULE_NAME
-$ IF (MODULE_NAME.EQS."ASN1_2")
+$ IF (F$EXTRACT(0,5,MODULE_NAME).EQS."ASN1_")
 $ THEN
 $   MODULE_NAME = "ASN1"
 $ ENDIF
-$ IF (MODULE_NAME.EQS."EVP_2")
+$ IF (F$EXTRACT(0,4,MODULE_NAME).EQS."EVP_")
 $ THEN
 $   MODULE_NAME = "EVP"
 $ ENDIF
@@ -534,7 +565,12 @@ $       IF COMPILEWITH_CC5 - FILE_NAME0 .NES. COMPILEWITH_CC5
 $       THEN
 $         CC5/OBJECT='OBJECT_FILE'/LIST='LIST_FILE'/MACHINE_CODE 'SOURCE_FILE'
 $       ELSE
-$         CC/OBJECT='OBJECT_FILE'/LIST='LIST_FILE'/MACHINE_CODE 'SOURCE_FILE'
+$         IF COMPILEWITH_CC6 - FILE_NAME0 .NES. COMPILEWITH_CC6
+$         THEN
+$           CC6/OBJECT='OBJECT_FILE'/LIST='LIST_FILE'/MACHINE_CODE 'SOURCE_FILE'
+$         ELSE
+$           CC/OBJECT='OBJECT_FILE'/LIST='LIST_FILE'/MACHINE_CODE 'SOURCE_FILE'
+$         ENDIF
 $       ENDIF
 $     ENDIF
 $   ENDIF
@@ -701,7 +737,7 @@ $!
 $   IF (F$SEARCH(OPT_FILE).EQS."")
 $   THEN
 $!
-$!    Figure Out If We Need An AXP Or A VAX Linker Option File.
+$!    Figure Out If We Need A non-VAX Or A VAX Linker Option File.
 $!
 $     IF ARCH .EQS. "VAX"
 $     THEN
@@ -721,19 +757,19 @@ $!    Else...
 $!
 $     ELSE
 $!
-$!      Create The AXP Linker Option File.
+$!      Create The non-VAX Linker Option File.
 $!
 $       CREATE 'OPT_FILE'
 $DECK
 !
-! Default System Options File For AXP To Link Agianst 
+! Default System Options File For non-VAX To Link Agianst 
 ! The Sharable C Runtime Library.
 !
 SYS$SHARE:CMA$OPEN_LIB_SHR/SHARE
 SYS$SHARE:CMA$OPEN_RTL/SHARE
 $EOD
 $!
-$!    End The VAX/AXP DEC C Option File Check.
+$!    End The DEC C Option File Check.
 $!
 $     ENDIF
 $!
@@ -794,8 +830,9 @@ $     WRITE SYS$OUTPUT "    APPS     :  To Compile Just The [.xxx.EXE.CRYPTO]*.E
 $     WRITE SYS$OUTPUT ""
 $     WRITE SYS$OUTPUT " Where 'xxx' Stands For:"
 $     WRITE SYS$OUTPUT ""
-$     WRITE SYS$OUTPUT "        AXP  :  Alpha Architecture."
-$     WRITE SYS$OUTPUT "        VAX  :  VAX Architecture."
+$     WRITE SYS$OUTPUT "    ALPHA    :  Alpha Architecture."
+$     WRITE SYS$OUTPUT "    IA64     :  IA64 Architecture."
+$     WRITE SYS$OUTPUT "    VAX      :  VAX Architecture."
 $     WRITE SYS$OUTPUT ""
 $!
 $!    Time To EXIT.
@@ -920,7 +957,7 @@ $   ELSE
 $!
 $!    Check To See If We Have VAXC Or DECC.
 $!
-$     IF (ARCH.EQS."AXP").OR.(F$TRNLNM("DECC$CC_DEFAULT").NES."")
+$     IF (ARCH.NES."VAX").OR.(F$TRNLNM("DECC$CC_DEFAULT").NES."")
 $     THEN 
 $!
 $!      Looks Like DECC, Set To Use DECC.
@@ -997,7 +1034,7 @@ $ CCDEFS = "TCPIP_TYPE_''P4',DSO_VMS"
 $ IF F$TYPE(USER_CCDEFS) .NES. "" THEN CCDEFS = CCDEFS + "," + USER_CCDEFS
 $ CCEXTRAFLAGS = ""
 $ IF F$TYPE(USER_CCFLAGS) .NES. "" THEN CCEXTRAFLAGS = USER_CCFLAGS
-$ CCDISABLEWARNINGS = "LONGLONGTYPE,LONGLONGSUFX"
+$ CCDISABLEWARNINGS = "LONGLONGTYPE,LONGLONGSUFX,FOUNDCR"
 $ IF F$TYPE(USER_CCDISABLEWARNINGS) .NES. "" THEN -
 	CCDISABLEWARNINGS = CCDISABLEWARNINGS + "," + USER_CCDISABLEWARNINGS
 $!
@@ -1084,12 +1121,12 @@ $     IF ARCH.EQS."VAX" .AND. F$TRNLNM("DECC$CC_DEFAULT").NES."/DECC" -
 	 THEN CC = "CC/DECC"
 $     CC = CC + "/''CC_OPTIMIZE'/''DEBUGGER'/STANDARD=ANSI89" + -
            "/PREFIX=ALL" + -
-	   "/INCLUDE=(SYS$DISK:[],SYS$DISK:[-],SYS$DISK:[.ENGINE.VENDOR_DEFNS],SYS$DISK:[.EVP])" + -
+	   "/INCLUDE=(SYS$DISK:[],SYS$DISK:[.''ARCH'],SYS$DISK:[-],SYS$DISK:[.ENGINE.VENDOR_DEFNS],SYS$DISK:[.EVP],SYS$DISK:[.ASN1])" + -
 	   CCEXTRAFLAGS
 $!
 $!    Define The Linker Options File Name.
 $!
-$     OPT_FILE = "SYS$DISK:[]VAX_DECC_OPTIONS.OPT"
+$     OPT_FILE = "''EXE_DIR'VAX_DECC_OPTIONS.OPT"
 $!
 $!  End DECC Check.
 $!
@@ -1111,14 +1148,14 @@ $!
 $!    Compile Using VAXC.
 $!
 $     CC = "CC"
-$     IF ARCH.EQS."AXP"
+$     IF ARCH.NES."VAX"
 $     THEN
-$	WRITE SYS$OUTPUT "There is no VAX C on Alpha!"
+$	WRITE SYS$OUTPUT "There is no VAX C on ''ARCH'!"
 $	EXIT
 $     ENDIF
 $     IF F$TRNLNM("DECC$CC_DEFAULT").EQS."/DECC" THEN CC = "CC/VAXC"
 $     CC = CC + "/''CC_OPTIMIZE'/''DEBUGGER'" + -
-	   "/INCLUDE=(SYS$DISK:[],SYS$DISK:[-],SYS$DISK:[.ENGINE.VENDOR_DEFNS])" + -
+	   "/INCLUDE=(SYS$DISK:[],SYS$DISK:[.''ARCH'],SYS$DISK:[-],SYS$DISK:[.ENGINE.VENDOR_DEFNS],SYS$DISK:[.EVP],SYS$DISK:[.ASN1])" + -
 	   CCEXTRAFLAGS
 $     CCDEFS = """VAXC""," + CCDEFS
 $!
@@ -1128,7 +1165,7 @@ $     DEFINE/NOLOG SYS SYS$COMMON:[SYSLIB]
 $!
 $!    Define The Linker Options File Name.
 $!
-$     OPT_FILE = "SYS$DISK:[]VAX_VAXC_OPTIONS.OPT"
+$     OPT_FILE = "''EXE_DIR'VAX_VAXC_OPTIONS.OPT"
 $!
 $!  End VAXC Check
 $!
@@ -1150,12 +1187,12 @@ $!
 $!    Use GNU C...
 $!
 $     CC = "GCC/NOCASE_HACK/''GCC_OPTIMIZE'/''DEBUGGER'" + -
-	   "/INCLUDE=(SYS$DISK:[],SYS$DISK:[-],SYS$DISK:[.ENGINE.VENDOR_DEFNS])" + -
+	   "/INCLUDE=(SYS$DISK:[],SYS$DISK:[.''ARCH'],SYS$DISK:[-],SYS$DISK:[.ENGINE.VENDOR_DEFNS],SYS$DISK:[.EVP],SYS$DISK:[.ASN1])" + -
 	   CCEXTRAFLAGS
 $!
 $!    Define The Linker Options File Name.
 $!
-$     OPT_FILE = "SYS$DISK:[]VAX_GNUC_OPTIONS.OPT"
+$     OPT_FILE = "''EXE_DIR'VAX_GNUC_OPTIONS.OPT"
 $!
 $!  End The GNU C Check.
 $!
@@ -1172,14 +1209,18 @@ $   THEN
 $     IF CCDISABLEWARNINGS .EQS. ""
 $     THEN
 $       CC4DISABLEWARNINGS = "DOLLARID"
+$       CC6DISABLEWARNINGS = "MIXLINKAGE"
 $     ELSE
 $       CC4DISABLEWARNINGS = CCDISABLEWARNINGS + ",DOLLARID"
+$       CC6DISABLEWARNINGS = CCDISABLEWARNINGS + ",MIXLINKAGE"
 $       CCDISABLEWARNINGS = "/WARNING=(DISABLE=(" + CCDISABLEWARNINGS + "))"
 $     ENDIF
 $     CC4DISABLEWARNINGS = "/WARNING=(DISABLE=(" + CC4DISABLEWARNINGS + "))"
+$     CC6DISABLEWARNINGS = "/WARNING=(DISABLE=(" + CC6DISABLEWARNINGS + "))"
 $   ELSE
 $     CCDISABLEWARNINGS = ""
 $     CC4DISABLEWARNINGS = ""
+$     CC6DISABLEWARNINGS = ""
 $   ENDIF
 $   CC = CC + QUAL_POINTER_SIZE
 $   CC3 = CC + "/DEFINE=(" + CCDEFS + ISSEVEN + ")" + CCDISABLEWARNINGS
@@ -1191,6 +1232,7 @@ $   ELSE
 $     CC5 = CC + "/NOOPTIMIZE"
 $   ENDIF
 $   CC4 = CC - CCDISABLEWARNINGS + CC4DISABLEWARNINGS
+$   CC6 = CC - CCDISABLEWARNINGS + CC6DISABLEWARNINGS
 $!
 $!  Show user the result
 $!
@@ -1221,7 +1263,7 @@ $!
 $! Build a MACRO command for the architecture at hand
 $!
 $ IF ARCH .EQS. "VAX" THEN MACRO = "MACRO/''DEBUGGER'"
-$ IF ARCH .EQS. "AXP" THEN MACRO = "MACRO/MIGRATION/''DEBUGGER'/''MACRO_OPTIMIZE'"
+$ IF ARCH .NES. "VAX" THEN MACRO = "MACRO/MIGRATION/''DEBUGGER'/''MACRO_OPTIMIZE'"
 $!
 $!  Show user the result
 $!
diff --git a/crypto/crypto.h b/crypto/crypto.h
index a1bd005c3a..5089c65882 100644
--- a/crypto/crypto.h
+++ b/crypto/crypto.h
@@ -1,6 +1,6 @@
 /* crypto/crypto.h */
 /* ====================================================================
- * Copyright (c) 1998-2003 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -219,7 +219,9 @@ typedef struct openssl_item_st
 #define CRYPTO_LOCK_EC_PRE_COMP		36
 #define CRYPTO_LOCK_STORE		37
 #define CRYPTO_LOCK_COMP		38
-#define CRYPTO_NUM_LOCKS		39
+#define CRYPTO_LOCK_FIPS		39
+#define CRYPTO_LOCK_FIPS2		40
+#define CRYPTO_NUM_LOCKS		41
 
 #define CRYPTO_LOCK		1
 #define CRYPTO_UNLOCK		2
@@ -282,9 +284,10 @@ typedef struct bio_st BIO_dummy;
 
 struct crypto_ex_data_st
 	{
-	STACK *sk;
+	STACK_OF(void) *sk;
 	int dummy; /* gcc is screwing up this data structure :-( */
 	};
+DECLARE_STACK_OF(void)
 
 /* This stuff is basically class callback functions
  * The current classes are SSL_CTX, SSL, SSL_SESSION, and a few more */
@@ -363,6 +366,7 @@ int CRYPTO_is_mem_check_on(void);
 #define is_MemCheck_on() CRYPTO_is_mem_check_on()
 
 #define OPENSSL_malloc(num)	CRYPTO_malloc((int)num,__FILE__,__LINE__)
+#define OPENSSL_strdup(str)	CRYPTO_strdup((str),__FILE__,__LINE__)
 #define OPENSSL_realloc(addr,num) \
 	CRYPTO_realloc((char *)addr,(int)num,__FILE__,__LINE__)
 #define OPENSSL_realloc_clean(addr,old_num,num) \
@@ -420,9 +424,28 @@ void CRYPTO_set_add_lock_callback(int (*func)(int *num,int mount,int type,
 					      const char *file, int line));
 int (*CRYPTO_get_add_lock_callback(void))(int *num,int mount,int type,
 					  const char *file,int line);
+
+/* Don't use this structure directly. */
+typedef struct crypto_threadid_st
+	{
+	void *ptr;
+	unsigned long val;
+	} CRYPTO_THREADID;
+/* Only use CRYPTO_THREADID_set_[numeric|pointer]() within callbacks */
+void CRYPTO_THREADID_set_numeric(CRYPTO_THREADID *id, unsigned long val);
+void CRYPTO_THREADID_set_pointer(CRYPTO_THREADID *id, void *ptr);
+int CRYPTO_THREADID_set_callback(void (*threadid_func)(CRYPTO_THREADID *));
+void (*CRYPTO_THREADID_get_callback(void))(CRYPTO_THREADID *);
+void CRYPTO_THREADID_current(CRYPTO_THREADID *id);
+int CRYPTO_THREADID_cmp(const CRYPTO_THREADID *a, const CRYPTO_THREADID *b);
+void CRYPTO_THREADID_cpy(CRYPTO_THREADID *dest, const CRYPTO_THREADID *src);
+unsigned long CRYPTO_THREADID_hash(const CRYPTO_THREADID *id);
+#ifndef OPENSSL_NO_DEPRECATED
 void CRYPTO_set_id_callback(unsigned long (*func)(void));
 unsigned long (*CRYPTO_get_id_callback(void))(void);
 unsigned long CRYPTO_thread_id(void);
+#endif
+
 const char *CRYPTO_get_lock_name(int type);
 int CRYPTO_add_lock(int *pointer,int amount,int type, const char *file,
 		    int line);
@@ -467,6 +490,7 @@ void CRYPTO_get_mem_debug_functions(void (**m)(void *,int,const char *,int,int),
 void *CRYPTO_malloc_locked(int num, const char *file, int line);
 void CRYPTO_free_locked(void *);
 void *CRYPTO_malloc(int num, const char *file, int line);
+char *CRYPTO_strdup(const char *str, const char *file, int line);
 void CRYPTO_free(void *);
 void *CRYPTO_realloc(void *addr,int num, const char *file, int line);
 void *CRYPTO_realloc_clean(void *addr,int old_num,int num,const char *file,
@@ -517,7 +541,11 @@ void CRYPTO_mem_leaks_cb(CRYPTO_MEM_LEAK_CB *cb);
 
 /* die if we have to */
 void OpenSSLDie(const char *file,int line,const char *assertion);
-#define OPENSSL_assert(e)	((e) ? (void)0 : OpenSSLDie(__FILE__, __LINE__, #e))
+#define OPENSSL_assert(e)       (void)((e) ? 0 : (OpenSSLDie(__FILE__, __LINE__, #e),1))
+
+unsigned int *OPENSSL_ia32cap_loc(void);
+#define OPENSSL_ia32cap ((OPENSSL_ia32cap_loc())[0])
+int OPENSSL_isservice(void);
 
 /* BEGIN ERROR CODES */
 /* The following lines are auto generated by the script mkerr.pl. Any changes
@@ -541,9 +569,6 @@ void ERR_load_CRYPTO_strings(void);
 /* Reason codes. */
 #define CRYPTO_R_NO_DYNLOCK_CREATE_CALLBACK		 100
 
-unsigned long *OPENSSL_ia32cap_loc(void);
-#define OPENSSL_ia32cap (*(OPENSSL_ia32cap_loc()))
-
 #ifdef  __cplusplus
 }
 #endif
diff --git a/crypto/des/INSTALL b/crypto/des/INSTALL
index 32457d775c..8aebdfe110 100644
--- a/crypto/des/INSTALL
+++ b/crypto/des/INSTALL
@@ -25,7 +25,7 @@ and then you can use the 'DES_PTR' option.
 
 The file options.txt has the options listed for best speed on quite a
 few systems.  Look and the options (UNROLL, PTR, RISC2 etc) and then
-turn on the relevent option in the Makefile
+turn on the relevant option in the Makefile.
 
 There are some special Makefile targets that make life easier.
 make cc		- standard cc build
diff --git a/crypto/des/Makefile.ssl b/crypto/des/Makefile.ssl
deleted file mode 100644
index a0c1baa8ab..0000000000
--- a/crypto/des/Makefile.ssl
+++ /dev/null
@@ -1,296 +0,0 @@
-#
-# SSLeay/crypto/des/Makefile
-#
-
-DIR=	des
-TOP=	../..
-CC=	cc
-CPP=	$(CC) -E
-INCLUDES=-I$(TOP) -I../../include
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-RANLIB=		ranlib
-DES_ENC=	des_enc.o fcrypt_b.o
-# or use
-#DES_ENC=	dx86-elf.o yx86-elf.o
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-ASFLAGS= $(INCLUDES) $(ASFLAG)
-AFLAGS= $(ASFLAGS)
-
-GENERAL=Makefile
-TEST=destest.c
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=	cbc_cksm.c cbc_enc.c  cfb64enc.c cfb_enc.c  \
-	ecb3_enc.c ecb_enc.c  enc_read.c enc_writ.c \
-	fcrypt.c ofb64enc.c ofb_enc.c  pcbc_enc.c \
-	qud_cksm.c rand_key.c rpc_enc.c  set_key.c  \
-	des_enc.c fcrypt_b.c \
-	xcbc_enc.c \
-	str2key.c  cfb64ede.c ofb64ede.c ede_cbcm_enc.c des_old.c des_old2.c \
-	read2pwd.c
-
-LIBOBJ= set_key.o  ecb_enc.o  cbc_enc.o \
-	ecb3_enc.o cfb64enc.o cfb64ede.o cfb_enc.o  ofb64ede.o \
-	enc_read.o enc_writ.o ofb64enc.o \
-	ofb_enc.o  str2key.o  pcbc_enc.o qud_cksm.o rand_key.o \
-	${DES_ENC} \
-	fcrypt.o xcbc_enc.o rpc_enc.o  cbc_cksm.o \
-	ede_cbcm_enc.o des_old.o des_old2.o read2pwd.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= des.h des_old.h
-HEADER=	des_locl.h rpc_des.h spr.h des_ver.h $(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-des: des.o cbc3_enc.o lib
-	$(CC) $(CFLAGS) -o des des.o cbc3_enc.o $(LIB)
-
-des_enc-sparc.S:	asm/des_enc.m4
-	m4 -B 8192 asm/des_enc.m4 > des_enc-sparc.S
-
-# ELF
-dx86-elf.s:	asm/des-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
-	(cd asm; $(PERL) des-586.pl elf $(CFLAGS) > ../$@)
-yx86-elf.s:	asm/crypt586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
-	(cd asm; $(PERL) crypt586.pl elf $(CFLAGS) > ../$@)
-# COFF
-dx86-cof.s: asm/des-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
-	(cd asm; $(PERL) des-586.pl coff $(CFLAGS) > ../$@)
-yx86-cof.s: asm/crypt586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
-	(cd asm; $(PERL) crypt586.pl coff $(CFLAGS) > ../$@)
-# a.out
-dx86-out.s: asm/des-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
-	(cd asm; $(PERL) des-586.pl a.out $(CFLAGS) > ../$@)
-yx86-out.s: asm/crypt586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
-	(cd asm; $(PERL) crypt586.pl a.out $(CFLAGS) > ../$@)
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@sh $(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install: installs
-
-installs:
-	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.s *.o *.obj des lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-cbc_cksm.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-cbc_cksm.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
-cbc_cksm.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-cbc_cksm.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-cbc_cksm.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-cbc_cksm.o: cbc_cksm.c des_locl.h
-cbc_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-cbc_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
-cbc_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-cbc_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-cbc_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-cbc_enc.o: cbc_enc.c des_locl.h ncbc_enc.c
-cfb64ede.o: ../../e_os.h ../../include/openssl/des.h
-cfb64ede.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
-cfb64ede.o: ../../include/openssl/opensslconf.h
-cfb64ede.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-cfb64ede.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-cfb64ede.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-cfb64ede.o: cfb64ede.c des_locl.h
-cfb64enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-cfb64enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
-cfb64enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-cfb64enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-cfb64enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-cfb64enc.o: cfb64enc.c des_locl.h
-cfb_enc.o: ../../e_os.h ../../include/openssl/des.h
-cfb_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
-cfb_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/ossl_typ.h
-cfb_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-cfb_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-cfb_enc.o: ../../include/openssl/ui_compat.h cfb_enc.c des_locl.h
-des_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-des_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
-des_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-des_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-des_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-des_enc.o: des_enc.c des_locl.h ncbc_enc.c
-des_old.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-des_old.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
-des_old.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
-des_old.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-des_old.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-des_old.o: ../../include/openssl/ui_compat.h des_old.c
-des_old2.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-des_old2.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
-des_old2.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
-des_old2.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-des_old2.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-des_old2.o: ../../include/openssl/ui_compat.h des_old2.c
-ecb3_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-ecb3_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
-ecb3_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-ecb3_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-ecb3_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-ecb3_enc.o: des_locl.h ecb3_enc.c
-ecb_enc.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
-ecb_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-ecb_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
-ecb_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-ecb_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-ecb_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-ecb_enc.o: ../../include/openssl/ui_compat.h des_locl.h des_ver.h ecb_enc.c
-ecb_enc.o: spr.h
-ede_cbcm_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-ede_cbcm_enc.o: ../../include/openssl/e_os2.h
-ede_cbcm_enc.o: ../../include/openssl/opensslconf.h
-ede_cbcm_enc.o: ../../include/openssl/ossl_typ.h
-ede_cbcm_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-ede_cbcm_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-ede_cbcm_enc.o: ../../include/openssl/ui_compat.h des_locl.h ede_cbcm_enc.c
-enc_read.o: ../../e_os.h ../../include/openssl/bio.h
-enc_read.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-enc_read.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-enc_read.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-enc_read.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-enc_read.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-enc_read.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-enc_read.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-enc_read.o: ../../include/openssl/ui_compat.h ../cryptlib.h des_locl.h
-enc_read.o: enc_read.c
-enc_writ.o: ../../e_os.h ../../include/openssl/bio.h
-enc_writ.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-enc_writ.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-enc_writ.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-enc_writ.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-enc_writ.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-enc_writ.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
-enc_writ.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-enc_writ.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-enc_writ.o: ../cryptlib.h des_locl.h enc_writ.c
-fcrypt.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-fcrypt.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
-fcrypt.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-fcrypt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-fcrypt.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-fcrypt.o: des_locl.h fcrypt.c
-fcrypt_b.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-fcrypt_b.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
-fcrypt_b.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-fcrypt_b.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-fcrypt_b.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-fcrypt_b.o: des_locl.h fcrypt_b.c
-ofb64ede.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-ofb64ede.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
-ofb64ede.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-ofb64ede.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-ofb64ede.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-ofb64ede.o: des_locl.h ofb64ede.c
-ofb64enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-ofb64enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
-ofb64enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-ofb64enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-ofb64enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-ofb64enc.o: des_locl.h ofb64enc.c
-ofb_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-ofb_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
-ofb_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-ofb_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-ofb_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-ofb_enc.o: des_locl.h ofb_enc.c
-pcbc_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-pcbc_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
-pcbc_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-pcbc_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-pcbc_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-pcbc_enc.o: des_locl.h pcbc_enc.c
-qud_cksm.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-qud_cksm.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
-qud_cksm.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-qud_cksm.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-qud_cksm.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-qud_cksm.o: des_locl.h qud_cksm.c
-rand_key.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-rand_key.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
-rand_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
-rand_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-rand_key.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-rand_key.o: ../../include/openssl/ui_compat.h rand_key.c
-read2pwd.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-read2pwd.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
-read2pwd.o: ../../include/openssl/opensslconf.h
-read2pwd.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-read2pwd.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-read2pwd.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-read2pwd.o: ../../include/openssl/ui_compat.h read2pwd.c
-rpc_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-rpc_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
-rpc_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-rpc_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-rpc_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-rpc_enc.o: des_locl.h des_ver.h rpc_des.h rpc_enc.c
-set_key.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-set_key.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
-set_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-set_key.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-set_key.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-set_key.o: des_locl.h set_key.c
-str2key.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-str2key.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
-str2key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-str2key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-str2key.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-str2key.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-str2key.o: des_locl.h str2key.c
-xcbc_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-xcbc_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
-xcbc_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-xcbc_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-xcbc_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-xcbc_enc.o: des_locl.h xcbc_enc.c
diff --git a/crypto/des/asm/.cvsignore b/crypto/des/asm/.cvsignore
index c8436379e4..b92f40163e 100644
--- a/crypto/des/asm/.cvsignore
+++ b/crypto/des/asm/.cvsignore
@@ -3,3 +3,5 @@ yx86unix.cpp
 des_enc-sparc.S
 dx86-elf.s
 yx86-elf.s
+*.flc
+semantic.cache
diff --git a/crypto/des/asm/crypt586.pl b/crypto/des/asm/crypt586.pl
index 1d04ed6def..e36f7d44bd 100644
--- a/crypto/des/asm/crypt586.pl
+++ b/crypto/des/asm/crypt586.pl
@@ -6,7 +6,8 @@
 # things perfect.
 #
 
-push(@INC,"perlasm","../../perlasm");
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+push(@INC,"${dir}","${dir}../../perlasm");
 require "x86asm.pl";
 
 &asm_init($ARGV[0],"crypt586.pl");
@@ -22,7 +23,7 @@ sub fcrypt_body
 	{
 	local($name,$do_ip)=@_;
 
-	&function_begin($name,"EXTRN   _DES_SPtrans:DWORD");
+	&function_begin($name);
 
 	&comment("");
 	&comment("Load the 2 words");
diff --git a/crypto/des/asm/des-586.pl b/crypto/des/asm/des-586.pl
index b75d3c6b3a..5b5f39cebd 100644
--- a/crypto/des/asm/des-586.pl
+++ b/crypto/des/asm/des-586.pl
@@ -4,7 +4,8 @@
 # Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk>
 #
 
-push(@INC,"perlasm","../../perlasm");
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+push(@INC,"${dir}","${dir}../../perlasm");
 require "x86asm.pl";
 require "cbc.pl";
 require "desboth.pl";
@@ -18,29 +19,110 @@ require "desboth.pl";
 
 $L="edi";
 $R="esi";
+$trans="ebp";
+$small_footprint=1 if (grep(/\-DOPENSSL_SMALL_FOOTPRINT/,@ARGV));
+# one can discuss setting this variable to 1 unconditionally, as
+# the folded loop is only 3% slower than unrolled, but >7 times smaller
 
-&external_label("DES_SPtrans");
+&public_label("DES_SPtrans");
+
+&DES_encrypt_internal();
+&DES_decrypt_internal();
 &DES_encrypt("DES_encrypt1",1);
 &DES_encrypt("DES_encrypt2",0);
 &DES_encrypt3("DES_encrypt3",1);
 &DES_encrypt3("DES_decrypt3",0);
 &cbc("DES_ncbc_encrypt","DES_encrypt1","DES_encrypt1",0,4,5,3,5,-1);
 &cbc("DES_ede3_cbc_encrypt","DES_encrypt3","DES_decrypt3",0,6,7,3,4,5);
+&DES_SPtrans();
 
 &asm_finish();
 
+sub DES_encrypt_internal()
+	{
+	&function_begin_B("_x86_DES_encrypt");
+
+	if ($small_footprint)
+	    {
+	    &lea("edx",&DWP(128,"ecx"));
+	    &push("edx");
+	    &push("ecx");
+	    &set_label("eloop");
+		&D_ENCRYPT(0,$L,$R,0,$trans,"eax","ebx","ecx","edx",&swtmp(0));
+		&comment("");
+		&D_ENCRYPT(1,$R,$L,2,$trans,"eax","ebx","ecx","edx",&swtmp(0));
+		&comment("");
+		&add("ecx",16);
+		&cmp("ecx",&swtmp(1));
+		&mov(&swtmp(0),"ecx");
+		&jb(&label("eloop"));
+	    &add("esp",8);
+	    }
+	else
+	    {
+	    &push("ecx");
+	    for ($i=0; $i<16; $i+=2)
+		{
+		&comment("Round $i");
+		&D_ENCRYPT($i,$L,$R,$i*2,$trans,"eax","ebx","ecx","edx",&swtmp(0));
+		&comment("Round ".sprintf("%d",$i+1));
+		&D_ENCRYPT($i+1,$R,$L,($i+1)*2,$trans,"eax","ebx","ecx","edx",&swtmp(0));
+		}
+	    &add("esp",4);
+	}
+	&ret();
+
+	&function_end_B("_x86_DES_encrypt");
+	}
+	
+sub DES_decrypt_internal()
+	{
+	&function_begin_B("_x86_DES_decrypt");
+
+	if ($small_footprint)
+	    {
+	    &push("ecx");
+	    &lea("ecx",&DWP(128,"ecx"));
+	    &push("ecx");
+	    &set_label("dloop");
+		&D_ENCRYPT(0,$L,$R,-2,$trans,"eax","ebx","ecx","edx",&swtmp(0));
+		&comment("");
+		&D_ENCRYPT(1,$R,$L,-4,$trans,"eax","ebx","ecx","edx",&swtmp(0));
+		&comment("");
+		&sub("ecx",16);
+		&cmp("ecx",&swtmp(1));
+		&mov(&swtmp(0),"ecx");
+		&ja(&label("dloop"));
+	    &add("esp",8);
+	    }
+	else
+	    {
+	    &push("ecx");
+	    for ($i=15; $i>0; $i-=2)
+		{
+		&comment("Round $i");
+		&D_ENCRYPT(15-$i,$L,$R,$i*2,$trans,"eax","ebx","ecx","edx",&swtmp(0));
+		&comment("Round ".sprintf("%d",$i-1));
+		&D_ENCRYPT(15-$i+1,$R,$L,($i-1)*2,$trans,"eax","ebx","ecx","edx",&swtmp(0));
+		}
+	    &add("esp",4);
+	    }
+	&ret();
+
+	&function_end_B("_x86_DES_decrypt");
+	}
+	
 sub DES_encrypt
 	{
 	local($name,$do_ip)=@_;
 
-	&function_begin_B($name,"EXTRN   _DES_SPtrans:DWORD");
+	&function_begin_B($name);
 
 	&push("esi");
 	&push("edi");
 
 	&comment("");
 	&comment("Load the 2 words");
-	$trans="ebp";
 
 	if ($do_ip)
 		{
@@ -73,39 +155,20 @@ sub DES_encrypt
 		}
 
 	# PIC-ification:-)
-	&picmeup($trans,"DES_SPtrans");
-	#if ($cpp)	{ &picmeup($trans,"DES_SPtrans");   }
-	#else		{ &lea($trans,&DWP("DES_SPtrans")); }
+	&call	(&label("pic_point"));
+	&set_label("pic_point");
+	&blindpop($trans);
+	&lea	($trans,&DWP(&label("DES_SPtrans")."-".&label("pic_point"),$trans));
 
 	&mov(	"ecx",	&wparam(1)	);
-	&cmp("ebx","0");
-	&je(&label("start_decrypt"));
-
-	for ($i=0; $i<16; $i+=2)
-		{
-		&comment("");
-		&comment("Round $i");
-		&D_ENCRYPT($i,$L,$R,$i*2,$trans,"eax","ebx","ecx","edx");
-
-		&comment("");
-		&comment("Round ".sprintf("%d",$i+1));
-		&D_ENCRYPT($i+1,$R,$L,($i+1)*2,$trans,"eax","ebx","ecx","edx");
-		}
-	&jmp(&label("end"));
 
-	&set_label("start_decrypt");
-
-	for ($i=15; $i>0; $i-=2)
-		{
-		&comment("");
-		&comment("Round $i");
-		&D_ENCRYPT(15-$i,$L,$R,$i*2,$trans,"eax","ebx","ecx","edx");
-		&comment("");
-		&comment("Round ".sprintf("%d",$i-1));
-		&D_ENCRYPT(15-$i+1,$R,$L,($i-1)*2,$trans,"eax","ebx","ecx","edx");
-		}
-
-	&set_label("end");
+	&cmp("ebx","0");
+	&je(&label("decrypt"));
+	&call("_x86_DES_encrypt");
+	&jmp(&label("done"));
+	&set_label("decrypt");
+	&call("_x86_DES_decrypt");
+	&set_label("done");
 
 	if ($do_ip)
 		{
@@ -139,7 +202,7 @@ sub DES_encrypt
 
 sub D_ENCRYPT
 	{
-	local($r,$L,$R,$S,$trans,$u,$tmp1,$tmp2,$t)=@_;
+	local($r,$L,$R,$S,$trans,$u,$tmp1,$tmp2,$t,$wp1)=@_;
 
 	 &mov(	$u,		&DWP(&n2a($S*4),$tmp2,"",0));
 	&xor(	$tmp1,		$tmp1);
@@ -166,7 +229,7 @@ sub D_ENCRYPT
 	&and(	$t,		"0xff"	);
 	 &xor(	$L,		&DWP("0x600",$trans,$tmp1,0));
 	 &xor(	$L,		&DWP("0x700",$trans,$tmp2,0));
-	&mov(	$tmp2,		&wparam(1)	);
+	&mov(	$tmp2,		$wp1	);
 	 &xor(	$L,		&DWP("0x400",$trans,$u,0));
 	 &xor(	$L,		&DWP("0x500",$trans,$t,0));
 	}
@@ -249,3 +312,142 @@ sub FP_new
 	&rotr($tt	, 4);
 	}
 
+sub DES_SPtrans
+	{
+	&set_label("DES_SPtrans",64);
+	&data_word(0x02080800, 0x00080000, 0x02000002, 0x02080802);
+	&data_word(0x02000000, 0x00080802, 0x00080002, 0x02000002);
+	&data_word(0x00080802, 0x02080800, 0x02080000, 0x00000802);
+	&data_word(0x02000802, 0x02000000, 0x00000000, 0x00080002);
+	&data_word(0x00080000, 0x00000002, 0x02000800, 0x00080800);
+	&data_word(0x02080802, 0x02080000, 0x00000802, 0x02000800);
+	&data_word(0x00000002, 0x00000800, 0x00080800, 0x02080002);
+	&data_word(0x00000800, 0x02000802, 0x02080002, 0x00000000);
+	&data_word(0x00000000, 0x02080802, 0x02000800, 0x00080002);
+	&data_word(0x02080800, 0x00080000, 0x00000802, 0x02000800);
+	&data_word(0x02080002, 0x00000800, 0x00080800, 0x02000002);
+	&data_word(0x00080802, 0x00000002, 0x02000002, 0x02080000);
+	&data_word(0x02080802, 0x00080800, 0x02080000, 0x02000802);
+	&data_word(0x02000000, 0x00000802, 0x00080002, 0x00000000);
+	&data_word(0x00080000, 0x02000000, 0x02000802, 0x02080800);
+	&data_word(0x00000002, 0x02080002, 0x00000800, 0x00080802);
+	# nibble 1
+	&data_word(0x40108010, 0x00000000, 0x00108000, 0x40100000);
+	&data_word(0x40000010, 0x00008010, 0x40008000, 0x00108000);
+	&data_word(0x00008000, 0x40100010, 0x00000010, 0x40008000);
+	&data_word(0x00100010, 0x40108000, 0x40100000, 0x00000010);
+	&data_word(0x00100000, 0x40008010, 0x40100010, 0x00008000);
+	&data_word(0x00108010, 0x40000000, 0x00000000, 0x00100010);
+	&data_word(0x40008010, 0x00108010, 0x40108000, 0x40000010);
+	&data_word(0x40000000, 0x00100000, 0x00008010, 0x40108010);
+	&data_word(0x00100010, 0x40108000, 0x40008000, 0x00108010);
+	&data_word(0x40108010, 0x00100010, 0x40000010, 0x00000000);
+	&data_word(0x40000000, 0x00008010, 0x00100000, 0x40100010);
+	&data_word(0x00008000, 0x40000000, 0x00108010, 0x40008010);
+	&data_word(0x40108000, 0x00008000, 0x00000000, 0x40000010);
+	&data_word(0x00000010, 0x40108010, 0x00108000, 0x40100000);
+	&data_word(0x40100010, 0x00100000, 0x00008010, 0x40008000);
+	&data_word(0x40008010, 0x00000010, 0x40100000, 0x00108000);
+	# nibble 2
+	&data_word(0x04000001, 0x04040100, 0x00000100, 0x04000101);
+	&data_word(0x00040001, 0x04000000, 0x04000101, 0x00040100);
+	&data_word(0x04000100, 0x00040000, 0x04040000, 0x00000001);
+	&data_word(0x04040101, 0x00000101, 0x00000001, 0x04040001);
+	&data_word(0x00000000, 0x00040001, 0x04040100, 0x00000100);
+	&data_word(0x00000101, 0x04040101, 0x00040000, 0x04000001);
+	&data_word(0x04040001, 0x04000100, 0x00040101, 0x04040000);
+	&data_word(0x00040100, 0x00000000, 0x04000000, 0x00040101);
+	&data_word(0x04040100, 0x00000100, 0x00000001, 0x00040000);
+	&data_word(0x00000101, 0x00040001, 0x04040000, 0x04000101);
+	&data_word(0x00000000, 0x04040100, 0x00040100, 0x04040001);
+	&data_word(0x00040001, 0x04000000, 0x04040101, 0x00000001);
+	&data_word(0x00040101, 0x04000001, 0x04000000, 0x04040101);
+	&data_word(0x00040000, 0x04000100, 0x04000101, 0x00040100);
+	&data_word(0x04000100, 0x00000000, 0x04040001, 0x00000101);
+	&data_word(0x04000001, 0x00040101, 0x00000100, 0x04040000);
+	# nibble 3
+	&data_word(0x00401008, 0x10001000, 0x00000008, 0x10401008);
+	&data_word(0x00000000, 0x10400000, 0x10001008, 0x00400008);
+	&data_word(0x10401000, 0x10000008, 0x10000000, 0x00001008);
+	&data_word(0x10000008, 0x00401008, 0x00400000, 0x10000000);
+	&data_word(0x10400008, 0x00401000, 0x00001000, 0x00000008);
+	&data_word(0x00401000, 0x10001008, 0x10400000, 0x00001000);
+	&data_word(0x00001008, 0x00000000, 0x00400008, 0x10401000);
+	&data_word(0x10001000, 0x10400008, 0x10401008, 0x00400000);
+	&data_word(0x10400008, 0x00001008, 0x00400000, 0x10000008);
+	&data_word(0x00401000, 0x10001000, 0x00000008, 0x10400000);
+	&data_word(0x10001008, 0x00000000, 0x00001000, 0x00400008);
+	&data_word(0x00000000, 0x10400008, 0x10401000, 0x00001000);
+	&data_word(0x10000000, 0x10401008, 0x00401008, 0x00400000);
+	&data_word(0x10401008, 0x00000008, 0x10001000, 0x00401008);
+	&data_word(0x00400008, 0x00401000, 0x10400000, 0x10001008);
+	&data_word(0x00001008, 0x10000000, 0x10000008, 0x10401000);
+	# nibble 4
+	&data_word(0x08000000, 0x00010000, 0x00000400, 0x08010420);
+	&data_word(0x08010020, 0x08000400, 0x00010420, 0x08010000);
+	&data_word(0x00010000, 0x00000020, 0x08000020, 0x00010400);
+	&data_word(0x08000420, 0x08010020, 0x08010400, 0x00000000);
+	&data_word(0x00010400, 0x08000000, 0x00010020, 0x00000420);
+	&data_word(0x08000400, 0x00010420, 0x00000000, 0x08000020);
+	&data_word(0x00000020, 0x08000420, 0x08010420, 0x00010020);
+	&data_word(0x08010000, 0x00000400, 0x00000420, 0x08010400);
+	&data_word(0x08010400, 0x08000420, 0x00010020, 0x08010000);
+	&data_word(0x00010000, 0x00000020, 0x08000020, 0x08000400);
+	&data_word(0x08000000, 0x00010400, 0x08010420, 0x00000000);
+	&data_word(0x00010420, 0x08000000, 0x00000400, 0x00010020);
+	&data_word(0x08000420, 0x00000400, 0x00000000, 0x08010420);
+	&data_word(0x08010020, 0x08010400, 0x00000420, 0x00010000);
+	&data_word(0x00010400, 0x08010020, 0x08000400, 0x00000420);
+	&data_word(0x00000020, 0x00010420, 0x08010000, 0x08000020);
+	# nibble 5
+	&data_word(0x80000040, 0x00200040, 0x00000000, 0x80202000);
+	&data_word(0x00200040, 0x00002000, 0x80002040, 0x00200000);
+	&data_word(0x00002040, 0x80202040, 0x00202000, 0x80000000);
+	&data_word(0x80002000, 0x80000040, 0x80200000, 0x00202040);
+	&data_word(0x00200000, 0x80002040, 0x80200040, 0x00000000);
+	&data_word(0x00002000, 0x00000040, 0x80202000, 0x80200040);
+	&data_word(0x80202040, 0x80200000, 0x80000000, 0x00002040);
+	&data_word(0x00000040, 0x00202000, 0x00202040, 0x80002000);
+	&data_word(0x00002040, 0x80000000, 0x80002000, 0x00202040);
+	&data_word(0x80202000, 0x00200040, 0x00000000, 0x80002000);
+	&data_word(0x80000000, 0x00002000, 0x80200040, 0x00200000);
+	&data_word(0x00200040, 0x80202040, 0x00202000, 0x00000040);
+	&data_word(0x80202040, 0x00202000, 0x00200000, 0x80002040);
+	&data_word(0x80000040, 0x80200000, 0x00202040, 0x00000000);
+	&data_word(0x00002000, 0x80000040, 0x80002040, 0x80202000);
+	&data_word(0x80200000, 0x00002040, 0x00000040, 0x80200040);
+	# nibble 6
+	&data_word(0x00004000, 0x00000200, 0x01000200, 0x01000004);
+	&data_word(0x01004204, 0x00004004, 0x00004200, 0x00000000);
+	&data_word(0x01000000, 0x01000204, 0x00000204, 0x01004000);
+	&data_word(0x00000004, 0x01004200, 0x01004000, 0x00000204);
+	&data_word(0x01000204, 0x00004000, 0x00004004, 0x01004204);
+	&data_word(0x00000000, 0x01000200, 0x01000004, 0x00004200);
+	&data_word(0x01004004, 0x00004204, 0x01004200, 0x00000004);
+	&data_word(0x00004204, 0x01004004, 0x00000200, 0x01000000);
+	&data_word(0x00004204, 0x01004000, 0x01004004, 0x00000204);
+	&data_word(0x00004000, 0x00000200, 0x01000000, 0x01004004);
+	&data_word(0x01000204, 0x00004204, 0x00004200, 0x00000000);
+	&data_word(0x00000200, 0x01000004, 0x00000004, 0x01000200);
+	&data_word(0x00000000, 0x01000204, 0x01000200, 0x00004200);
+	&data_word(0x00000204, 0x00004000, 0x01004204, 0x01000000);
+	&data_word(0x01004200, 0x00000004, 0x00004004, 0x01004204);
+	&data_word(0x01000004, 0x01004200, 0x01004000, 0x00004004);
+	# nibble 7
+	&data_word(0x20800080, 0x20820000, 0x00020080, 0x00000000);
+	&data_word(0x20020000, 0x00800080, 0x20800000, 0x20820080);
+	&data_word(0x00000080, 0x20000000, 0x00820000, 0x00020080);
+	&data_word(0x00820080, 0x20020080, 0x20000080, 0x20800000);
+	&data_word(0x00020000, 0x00820080, 0x00800080, 0x20020000);
+	&data_word(0x20820080, 0x20000080, 0x00000000, 0x00820000);
+	&data_word(0x20000000, 0x00800000, 0x20020080, 0x20800080);
+	&data_word(0x00800000, 0x00020000, 0x20820000, 0x00000080);
+	&data_word(0x00800000, 0x00020000, 0x20000080, 0x20820080);
+	&data_word(0x00020080, 0x20000000, 0x00000000, 0x00820000);
+	&data_word(0x20800080, 0x20020080, 0x20020000, 0x00800080);
+	&data_word(0x20820000, 0x00000080, 0x00800080, 0x20020000);
+	&data_word(0x20820080, 0x00800000, 0x20800000, 0x20000080);
+	&data_word(0x00820000, 0x00020080, 0x20020080, 0x20800000);
+	&data_word(0x00000080, 0x20820000, 0x00820080, 0x00000000);
+	&data_word(0x20000000, 0x20800080, 0x00020000, 0x00820080);
+	}
diff --git a/crypto/des/asm/des686.pl b/crypto/des/asm/des686.pl
deleted file mode 100644
index d3ad5d5edd..0000000000
--- a/crypto/des/asm/des686.pl
+++ /dev/null
@@ -1,230 +0,0 @@
-#!/usr/local/bin/perl
-
-$prog="des686.pl";
-
-# base code is in microsft
-# op dest, source
-# format.
-#
-
-# WILL NOT WORK ANYMORE WITH desboth.pl
-require "desboth.pl";
-
-if (	($ARGV[0] eq "elf"))
-	{ require "x86unix.pl"; }
-elsif (	($ARGV[0] eq "a.out"))
-	{ $aout=1; require "x86unix.pl"; }
-elsif (	($ARGV[0] eq "sol"))
-	{ $sol=1; require "x86unix.pl"; }
-elsif ( ($ARGV[0] eq "cpp"))
-	{ $cpp=1; require "x86unix.pl"; }
-elsif (	($ARGV[0] eq "win32"))
-	{ require "x86ms.pl"; }
-else
-	{
-	print STDERR <<"EOF";
-Pick one target type from
-	elf	- linux, FreeBSD etc
-	a.out	- old linux
-	sol	- x86 solaris
-	cpp	- format so x86unix.cpp can be used
-	win32	- Windows 95/Windows NT
-EOF
-	exit(1);
-	}
-
-&comment("Don't even think of reading this code");
-&comment("It was automatically generated by $prog");
-&comment("Which is a perl program used to generate the x86 assember for");
-&comment("any of elf, a.out, Win32, or Solaris");
-&comment("It can be found in SSLeay 0.6.5+ or in libdes 3.26+");
-&comment("eric <eay\@cryptsoft.com>");
-&comment("");
-
-&file("dx86xxxx");
-
-$L="edi";
-$R="esi";
-
-&DES_encrypt("DES_encrypt1",1);
-&DES_encrypt("DES_encrypt2",0);
-
-&DES_encrypt3("DES_encrypt3",1);
-&DES_encrypt3("DES_decrypt3",0);
-
-&file_end();
-
-sub DES_encrypt
-	{
-	local($name,$do_ip)=@_;
-
-	&function_begin($name,"EXTRN   _DES_SPtrans:DWORD");
-
-	&comment("");
-	&comment("Load the 2 words");
-	&mov("eax",&wparam(0));
-	&mov($L,&DWP(0,"eax","",0));
-	&mov($R,&DWP(4,"eax","",0));
-
-	$ksp=&wparam(1);
-
-	if ($do_ip)
-		{
-		&comment("");
-		&comment("IP");
-		&IP_new($L,$R,"eax");
-		}
-
-	&comment("");
-	&comment("fixup rotate");
-	&rotl($R,3);
-	&rotl($L,3);
-	&exch($L,$R);
-
-	&comment("");
-	&comment("load counter, key_schedule and enc flag");
-	&mov("eax",&wparam(2));	# get encrypt flag
-	&mov("ebp",&wparam(1));	# get ks
-	&cmp("eax","0");
-	&je(&label("start_decrypt"));
-
-	# encrypting part
-
-	for ($i=0; $i<16; $i+=2)
-		{
-		&comment("");
-		&comment("Round $i");
-		&D_ENCRYPT($L,$R,$i*2,"ebp","DES_SPtrans","ecx","edx","eax","ebx");
-
-		&comment("");
-		&comment("Round ".sprintf("%d",$i+1));
-		&D_ENCRYPT($R,$L,($i+1)*2,"ebp","DES_SPtrans","ecx","edx","eax","ebx");
-		}
-	&jmp(&label("end"));
-
-	&set_label("start_decrypt");
-
-	for ($i=15; $i>0; $i-=2)
-		{
-		&comment("");
-		&comment("Round $i");
-		&D_ENCRYPT($L,$R,$i*2,"ebp","DES_SPtrans","ecx","edx","eax","ebx");
-		&comment("");
-		&comment("Round ".sprintf("%d",$i-1));
-		&D_ENCRYPT($R,$L,($i-1)*2,"ebp","DES_SPtrans","ecx","edx","eax","ebx");
-		}
-
-	&set_label("end");
-
-	&comment("");
-	&comment("Fixup");
-	&rotr($L,3);		# r
-	&rotr($R,3);		# l
-
-	if ($do_ip)
-		{
-		&comment("");
-		&comment("FP");
-		&FP_new($R,$L,"eax");
-		}
-
-	&mov("eax",&wparam(0));
-	&mov(&DWP(0,"eax","",0),$L);
-	&mov(&DWP(4,"eax","",0),$R);
-
-	&function_end($name);
-	}
-
-
-# The logic is to load R into 2 registers and operate on both at the same time.
-# We also load the 2 R's into 2 more registers so we can do the 'move word down a byte'
-# while also masking the other copy and doing a lookup.  We then also accumulate the
-# L value in 2 registers then combine them at the end.
-sub D_ENCRYPT
-	{
-	local($L,$R,$S,$ks,$desSP,$u,$t,$tmp1,$tmp2,$tmp3)=@_;
-
-	&mov(	$u,		&DWP(&n2a($S*4),$ks,"",0));
-	&mov(	$t,		&DWP(&n2a(($S+1)*4),$ks,"",0));
-	&xor(	$u,		$R		);
-	&xor(	$t,		$R		);
-	&rotr(	$t,		4		);
-
-	# the numbers at the end of the line are origional instruction order
-	&mov(	$tmp2,		$u		);			# 1 2
-	&mov(	$tmp1,		$t		);			# 1 1
-	&and(	$tmp2,		"0xfc"		);			# 1 4
-	&and(	$tmp1,		"0xfc"		);			# 1 3
-	&shr(	$t,		8		);			# 1 5
-	&xor(	$L,		&DWP("0x100+$desSP",$tmp1,"",0));	# 1 7
-	&shr(	$u,		8		);			# 1 6
-	&mov(	$tmp1,		&DWP("      $desSP",$tmp2,"",0));	# 1 8
-
-	&mov(	$tmp2,		$u		);			# 2 2
-	&xor(	$L,		$tmp1		);			# 1 9
-	&and(	$tmp2,		"0xfc"		);			# 2 4
-	&mov(	$tmp1,		$t		);			# 2 1
-	&and(	$tmp1,		"0xfc"		);			# 2 3
-	&shr(	$t,		8		);			# 2 5
-	&xor(	$L,		&DWP("0x300+$desSP",$tmp1,"",0));	# 2 7
-	&shr(	$u,		8		);			# 2 6
-	&mov(	$tmp1,		&DWP("0x200+$desSP",$tmp2,"",0));	# 2 8
-	&mov(	$tmp2,		$u		);			# 3 2
-
-	&xor(	$L,		$tmp1		);			# 2 9
-	&and(	$tmp2,		"0xfc"		);			# 3 4
-
-	&mov(	$tmp1,		$t		);			# 3 1 
-	&shr(	$u,		8		);			# 3 6
-	&and(	$tmp1,		"0xfc"		);			# 3 3
-	&shr(	$t,		8		);			# 3 5
-	&xor(	$L,		&DWP("0x500+$desSP",$tmp1,"",0));	# 3 7
-	&mov(	$tmp1,		&DWP("0x400+$desSP",$tmp2,"",0));	# 3 8
-
-	&and(	$t,		"0xfc"		);			# 4 1
-	&xor(	$L,		$tmp1		);			# 3 9
-
-	&and(	$u,		"0xfc"		);			# 4 2
-	&xor(	$L,		&DWP("0x700+$desSP",$t,"",0));		# 4 3
-	&xor(	$L,		&DWP("0x600+$desSP",$u,"",0));		# 4 4
-	}
-
-sub PERM_OP
-	{
-	local($a,$b,$tt,$shift,$mask)=@_;
-
-	&mov(	$tt,		$a		);
-	&shr(	$tt,		$shift		);
-	&xor(	$tt,		$b		);
-	&and(	$tt,		$mask		);
-	&xor(	$b,		$tt		);
-	&shl(	$tt,		$shift		);
-	&xor(	$a,		$tt		);
-	}
-
-sub IP_new
-	{
-	local($l,$r,$tt)=@_;
-
-	&PERM_OP($r,$l,$tt, 4,"0x0f0f0f0f");
-	&PERM_OP($l,$r,$tt,16,"0x0000ffff");
-	&PERM_OP($r,$l,$tt, 2,"0x33333333");
-	&PERM_OP($l,$r,$tt, 8,"0x00ff00ff");
-	&PERM_OP($r,$l,$tt, 1,"0x55555555");
-	}
-
-sub FP_new
-	{
-	local($l,$r,$tt)=@_;
-
-	&PERM_OP($l,$r,$tt, 1,"0x55555555");
-        &PERM_OP($r,$l,$tt, 8,"0x00ff00ff");
-        &PERM_OP($l,$r,$tt, 2,"0x33333333");
-        &PERM_OP($r,$l,$tt,16,"0x0000ffff");
-        &PERM_OP($l,$r,$tt, 4,"0x0f0f0f0f");
-	}
-
-sub n2a
-	{
-	sprintf("%d",$_[0]);
-	}
diff --git a/crypto/des/asm/des_enc.m4 b/crypto/des/asm/des_enc.m4
index 8dccf46256..3280595478 100644
--- a/crypto/des/asm/des_enc.m4
+++ b/crypto/des/asm/des_enc.m4
@@ -43,7 +43,8 @@
 !		100% faster than gcc-3.2.1 -m64 -mcpu=ultrasparc -O5
 !
 
-.ident "des_enc.m4 2.0"
+.ident "des_enc.m4 2.1"
+.file  "des_enc-sparc.S"
 
 #if defined(__SUNPRO_C) && defined(__sparcv9)
 # define ABI64  /* They've said -xarch=v9 at command line */
@@ -315,16 +316,16 @@ $4:
 	ld	[global1+local1], local1
 	xor	$2, out1, out1            ! 8642
 	xor	$2, out0, out0            ! 7531
-	fmovs	%f0, %f0                  ! fxor used for alignment
+	! fmovs	%f0, %f0                  ! fxor used for alignment
 
 	srl	out1, 4, local0           ! rotate 4 right
 	and	out0, local5, local3      ! 3
-	fmovs	%f0, %f0
+	! fmovs	%f0, %f0
 
 	ld	[$5+$3*8], local7         ! key 7531 next round
 	srl	local3, 8, local3         ! 3
 	and	local0, 252, local2       ! 2
-	fmovs	%f0, %f0
+	! fmovs	%f0, %f0
 
 	ld	[global3+local3],local3   ! 3
 	sll	out1, 28, out1            ! rotate
@@ -1179,8 +1180,11 @@ DES_encrypt1:
 
 	save	%sp, FRAME, %sp
 
-	call	.PIC.me.up
-	mov	.PIC.me.up-(.-4),out0
+	sethi	%hi(.PIC.DES_SPtrans-1f),global1
+	or	global1,%lo(.PIC.DES_SPtrans-1f),global1
+1:	call	.+8
+	add	%o7,global1,global1
+	sub	global1,.PIC.DES_SPtrans-.des_and,out2
 
 	ld	[in0], in5                ! left
 	cmp	in2, 0                    ! enc
@@ -1237,8 +1241,11 @@ DES_encrypt2:
 
 	save	%sp, FRAME, %sp
 
-	call	.PIC.me.up
-	mov	.PIC.me.up-(.-4),out0
+	sethi	%hi(.PIC.DES_SPtrans-1f),global1
+	or	global1,%lo(.PIC.DES_SPtrans-1f),global1
+1:	call	.+8
+	add	%o7,global1,global1
+	sub	global1,.PIC.DES_SPtrans-.des_and,out2
 
 	! Set sbox address 1 to 6 and rotate halfs 3 left
 	! Errors caught by destest? Yes. Still? *NO*
@@ -1352,8 +1359,11 @@ DES_encrypt3:
 
 	save	%sp, FRAME, %sp
 	
-	call	.PIC.me.up
-	mov	.PIC.me.up-(.-4),out0
+	sethi	%hi(.PIC.DES_SPtrans-1f),global1
+	or	global1,%lo(.PIC.DES_SPtrans-1f),global1
+1:	call	.+8
+	add	%o7,global1,global1
+	sub	global1,.PIC.DES_SPtrans-.des_and,out2
 
 	ld	[in0], in5                ! left
 	add	in2, 120, in4             ! ks2
@@ -1394,8 +1404,11 @@ DES_decrypt3:
 
 	save	%sp, FRAME, %sp
 	
-	call	.PIC.me.up
-	mov	.PIC.me.up-(.-4),out0
+	sethi	%hi(.PIC.DES_SPtrans-1f),global1
+	or	global1,%lo(.PIC.DES_SPtrans-1f),global1
+1:	call	.+8
+	add	%o7,global1,global1
+	sub	global1,.PIC.DES_SPtrans-.des_and,out2
 
 	ld	[in0], in5                ! left
 	add	in3, 120, in4             ! ks3
@@ -1424,99 +1437,6 @@ DES_decrypt3:
 .DES_decrypt3.end:
 	.size	 DES_decrypt3,.DES_decrypt3.end-DES_decrypt3
 
-! input:	out0	offset between .PIC.me.up and caller
-! output:	out0	pointer to .PIC.me.up
-!		out2	pointer to .des_and
-!		global1	pointer to DES_SPtrans
-	.align	32
-.PIC.me.up:
-	add	out0,%o7,out0			! pointer to .PIC.me.up
-
-#ifdef OPENSSL_PIC
-	! In case anybody wonders why this code is same for both ABI.
-	! To start with it is not. Do note LDPTR below. But of course
-	! you must be wondering why the rest of it does not contain
-	! things like %hh, %hm and %lm. Well, those are needed only
-	! if OpenSSL library *itself* will become larger than 4GB,
-	! which is not going to happen any time soon. 
-	sethi	%hi(DES_SPtrans),global1
-	or	global1,%lo(DES_SPtrans),global1
-	sethi	%hi(_GLOBAL_OFFSET_TABLE_-(.PIC.me.up-.)),out2
-	add	global1,out0,global1
-	add	out2,%lo(_GLOBAL_OFFSET_TABLE_-(.PIC.me.up-.)),out2
-	LDPTR	[out2+global1],global1
-#elif 0
-	setn	DES_SPtrans,out2,global1	! synthetic instruction !
-#elif defined(ABI64)
-	sethi	%hh(DES_SPtrans),out2
-	or	out2,%hm(DES_SPtrans),out2
-	sethi	%lm(DES_SPtrans),global1
-	or	global1,%lo(DES_SPtrans),global1
-	sllx	out2,32,out2
-	or	out2,global1,global1
-#else
-	sethi	%hi(DES_SPtrans),global1
-	or	global1,%lo(DES_SPtrans),global1
-#endif
-
-	retl
-	add	out0,.des_and-.PIC.me.up,out2
-
-	.align	256
-	.type	 .des_and,#object
-	.size	 .des_and,284
-
-.des_and:
-
-! This table is used for AND 0xFC when it is known that register
-! bits 8-31 are zero. Makes it possible to do three arithmetic
-! operations in one cycle.
-
-	.byte  0, 0, 0, 0, 4, 4, 4, 4
-	.byte  8, 8, 8, 8, 12, 12, 12, 12
-	.byte  16, 16, 16, 16, 20, 20, 20, 20
-	.byte  24, 24, 24, 24, 28, 28, 28, 28
-	.byte  32, 32, 32, 32, 36, 36, 36, 36
-	.byte  40, 40, 40, 40, 44, 44, 44, 44
-	.byte  48, 48, 48, 48, 52, 52, 52, 52
-	.byte  56, 56, 56, 56, 60, 60, 60, 60
-	.byte  64, 64, 64, 64, 68, 68, 68, 68
-	.byte  72, 72, 72, 72, 76, 76, 76, 76
-	.byte  80, 80, 80, 80, 84, 84, 84, 84
-	.byte  88, 88, 88, 88, 92, 92, 92, 92
-	.byte  96, 96, 96, 96, 100, 100, 100, 100
-	.byte  104, 104, 104, 104, 108, 108, 108, 108
-	.byte  112, 112, 112, 112, 116, 116, 116, 116
-	.byte  120, 120, 120, 120, 124, 124, 124, 124
-	.byte  128, 128, 128, 128, 132, 132, 132, 132
-	.byte  136, 136, 136, 136, 140, 140, 140, 140
-	.byte  144, 144, 144, 144, 148, 148, 148, 148
-	.byte  152, 152, 152, 152, 156, 156, 156, 156
-	.byte  160, 160, 160, 160, 164, 164, 164, 164
-	.byte  168, 168, 168, 168, 172, 172, 172, 172
-	.byte  176, 176, 176, 176, 180, 180, 180, 180
-	.byte  184, 184, 184, 184, 188, 188, 188, 188
-	.byte  192, 192, 192, 192, 196, 196, 196, 196
-	.byte  200, 200, 200, 200, 204, 204, 204, 204
-	.byte  208, 208, 208, 208, 212, 212, 212, 212
-	.byte  216, 216, 216, 216, 220, 220, 220, 220
-	.byte  224, 224, 224, 224, 228, 228, 228, 228
-	.byte  232, 232, 232, 232, 236, 236, 236, 236
-	.byte  240, 240, 240, 240, 244, 244, 244, 244
-	.byte  248, 248, 248, 248, 252, 252, 252, 252
-
-	! 5 numbers for initil/final permutation
-
-	.word   0x0f0f0f0f                ! offset 256
-	.word	0x0000ffff                ! 260
-	.word	0x33333333                ! 264
-	.word	0x00ff00ff                ! 268
-	.word	0x55555555                ! 272
-
-	.word	0                         ! 276
-	.word	LOOPS                     ! 280
-	.word	0x0000FC00                ! 284
-
 ! void DES_ncbc_encrypt(input, output, length, schedule, ivec, enc)
 ! *****************************************************************
 
@@ -1533,8 +1453,11 @@ DES_ncbc_encrypt:
 	define({OUTPUT}, { [%sp+BIAS+ARG0+1*ARGSZ] })
 	define({IVEC},   { [%sp+BIAS+ARG0+4*ARGSZ] })
 
-	call	.PIC.me.up
-	mov	.PIC.me.up-(.-4),out0
+	sethi	%hi(.PIC.DES_SPtrans-1f),global1
+	or	global1,%lo(.PIC.DES_SPtrans-1f),global1
+1:	call	.+8
+	add	%o7,global1,global1
+	sub	global1,.PIC.DES_SPtrans-.des_and,out2
 
 	cmp	in5, 0                    ! enc   
 
@@ -1755,8 +1678,11 @@ DES_ede3_cbc_encrypt:
 	define({KS2}, { [%sp+BIAS+ARG0+4*ARGSZ] })
 	define({KS3}, { [%sp+BIAS+ARG0+5*ARGSZ] })
 
-	call	.PIC.me.up
-	mov	.PIC.me.up-(.-4),out0
+	sethi	%hi(.PIC.DES_SPtrans-1f),global1
+	or	global1,%lo(.PIC.DES_SPtrans-1f),global1
+1:	call	.+8
+	add	%o7,global1,global1
+	sub	global1,.PIC.DES_SPtrans-.des_and,out2
 
 	LDPTR	[%fp+BIAS+ARG0+7*ARGSZ], local3          ! enc
 	LDPTR	[%fp+BIAS+ARG0+6*ARGSZ], local4          ! ivec
@@ -1972,3 +1898,202 @@ DES_ede3_cbc_encrypt:
 
 .DES_ede3_cbc_encrypt.end:
 	.size	 DES_ede3_cbc_encrypt,.DES_ede3_cbc_encrypt.end-DES_ede3_cbc_encrypt
+
+	.align	256
+	.type	 .des_and,#object
+	.size	 .des_and,284
+
+.des_and:
+
+! This table is used for AND 0xFC when it is known that register
+! bits 8-31 are zero. Makes it possible to do three arithmetic
+! operations in one cycle.
+
+	.byte  0, 0, 0, 0, 4, 4, 4, 4
+	.byte  8, 8, 8, 8, 12, 12, 12, 12
+	.byte  16, 16, 16, 16, 20, 20, 20, 20
+	.byte  24, 24, 24, 24, 28, 28, 28, 28
+	.byte  32, 32, 32, 32, 36, 36, 36, 36
+	.byte  40, 40, 40, 40, 44, 44, 44, 44
+	.byte  48, 48, 48, 48, 52, 52, 52, 52
+	.byte  56, 56, 56, 56, 60, 60, 60, 60
+	.byte  64, 64, 64, 64, 68, 68, 68, 68
+	.byte  72, 72, 72, 72, 76, 76, 76, 76
+	.byte  80, 80, 80, 80, 84, 84, 84, 84
+	.byte  88, 88, 88, 88, 92, 92, 92, 92
+	.byte  96, 96, 96, 96, 100, 100, 100, 100
+	.byte  104, 104, 104, 104, 108, 108, 108, 108
+	.byte  112, 112, 112, 112, 116, 116, 116, 116
+	.byte  120, 120, 120, 120, 124, 124, 124, 124
+	.byte  128, 128, 128, 128, 132, 132, 132, 132
+	.byte  136, 136, 136, 136, 140, 140, 140, 140
+	.byte  144, 144, 144, 144, 148, 148, 148, 148
+	.byte  152, 152, 152, 152, 156, 156, 156, 156
+	.byte  160, 160, 160, 160, 164, 164, 164, 164
+	.byte  168, 168, 168, 168, 172, 172, 172, 172
+	.byte  176, 176, 176, 176, 180, 180, 180, 180
+	.byte  184, 184, 184, 184, 188, 188, 188, 188
+	.byte  192, 192, 192, 192, 196, 196, 196, 196
+	.byte  200, 200, 200, 200, 204, 204, 204, 204
+	.byte  208, 208, 208, 208, 212, 212, 212, 212
+	.byte  216, 216, 216, 216, 220, 220, 220, 220
+	.byte  224, 224, 224, 224, 228, 228, 228, 228
+	.byte  232, 232, 232, 232, 236, 236, 236, 236
+	.byte  240, 240, 240, 240, 244, 244, 244, 244
+	.byte  248, 248, 248, 248, 252, 252, 252, 252
+
+	! 5 numbers for initil/final permutation
+
+	.word   0x0f0f0f0f                ! offset 256
+	.word	0x0000ffff                ! 260
+	.word	0x33333333                ! 264
+	.word	0x00ff00ff                ! 268
+	.word	0x55555555                ! 272
+
+	.word	0                         ! 276
+	.word	LOOPS                     ! 280
+	.word	0x0000FC00                ! 284
+
+	.global	DES_SPtrans
+	.type	DES_SPtrans,#object
+	.size	DES_SPtrans,2048
+.align	64
+DES_SPtrans:
+.PIC.DES_SPtrans:
+	! nibble 0
+	.word	0x02080800, 0x00080000, 0x02000002, 0x02080802
+	.word	0x02000000, 0x00080802, 0x00080002, 0x02000002
+	.word	0x00080802, 0x02080800, 0x02080000, 0x00000802
+	.word	0x02000802, 0x02000000, 0x00000000, 0x00080002
+	.word	0x00080000, 0x00000002, 0x02000800, 0x00080800
+	.word	0x02080802, 0x02080000, 0x00000802, 0x02000800
+	.word	0x00000002, 0x00000800, 0x00080800, 0x02080002
+	.word	0x00000800, 0x02000802, 0x02080002, 0x00000000
+	.word	0x00000000, 0x02080802, 0x02000800, 0x00080002
+	.word	0x02080800, 0x00080000, 0x00000802, 0x02000800
+	.word	0x02080002, 0x00000800, 0x00080800, 0x02000002
+	.word	0x00080802, 0x00000002, 0x02000002, 0x02080000
+	.word	0x02080802, 0x00080800, 0x02080000, 0x02000802
+	.word	0x02000000, 0x00000802, 0x00080002, 0x00000000
+	.word	0x00080000, 0x02000000, 0x02000802, 0x02080800
+	.word	0x00000002, 0x02080002, 0x00000800, 0x00080802
+	! nibble 1
+	.word	0x40108010, 0x00000000, 0x00108000, 0x40100000
+	.word	0x40000010, 0x00008010, 0x40008000, 0x00108000
+	.word	0x00008000, 0x40100010, 0x00000010, 0x40008000
+	.word	0x00100010, 0x40108000, 0x40100000, 0x00000010
+	.word	0x00100000, 0x40008010, 0x40100010, 0x00008000
+	.word	0x00108010, 0x40000000, 0x00000000, 0x00100010
+	.word	0x40008010, 0x00108010, 0x40108000, 0x40000010
+	.word	0x40000000, 0x00100000, 0x00008010, 0x40108010
+	.word	0x00100010, 0x40108000, 0x40008000, 0x00108010
+	.word	0x40108010, 0x00100010, 0x40000010, 0x00000000
+	.word	0x40000000, 0x00008010, 0x00100000, 0x40100010
+	.word	0x00008000, 0x40000000, 0x00108010, 0x40008010
+	.word	0x40108000, 0x00008000, 0x00000000, 0x40000010
+	.word	0x00000010, 0x40108010, 0x00108000, 0x40100000
+	.word	0x40100010, 0x00100000, 0x00008010, 0x40008000
+	.word	0x40008010, 0x00000010, 0x40100000, 0x00108000
+	! nibble 2
+	.word	0x04000001, 0x04040100, 0x00000100, 0x04000101
+	.word	0x00040001, 0x04000000, 0x04000101, 0x00040100
+	.word	0x04000100, 0x00040000, 0x04040000, 0x00000001
+	.word	0x04040101, 0x00000101, 0x00000001, 0x04040001
+	.word	0x00000000, 0x00040001, 0x04040100, 0x00000100
+	.word	0x00000101, 0x04040101, 0x00040000, 0x04000001
+	.word	0x04040001, 0x04000100, 0x00040101, 0x04040000
+	.word	0x00040100, 0x00000000, 0x04000000, 0x00040101
+	.word	0x04040100, 0x00000100, 0x00000001, 0x00040000
+	.word	0x00000101, 0x00040001, 0x04040000, 0x04000101
+	.word	0x00000000, 0x04040100, 0x00040100, 0x04040001
+	.word	0x00040001, 0x04000000, 0x04040101, 0x00000001
+	.word	0x00040101, 0x04000001, 0x04000000, 0x04040101
+	.word	0x00040000, 0x04000100, 0x04000101, 0x00040100
+	.word	0x04000100, 0x00000000, 0x04040001, 0x00000101
+	.word	0x04000001, 0x00040101, 0x00000100, 0x04040000
+	! nibble 3
+	.word	0x00401008, 0x10001000, 0x00000008, 0x10401008
+	.word	0x00000000, 0x10400000, 0x10001008, 0x00400008
+	.word	0x10401000, 0x10000008, 0x10000000, 0x00001008
+	.word	0x10000008, 0x00401008, 0x00400000, 0x10000000
+	.word	0x10400008, 0x00401000, 0x00001000, 0x00000008
+	.word	0x00401000, 0x10001008, 0x10400000, 0x00001000
+	.word	0x00001008, 0x00000000, 0x00400008, 0x10401000
+	.word	0x10001000, 0x10400008, 0x10401008, 0x00400000
+	.word	0x10400008, 0x00001008, 0x00400000, 0x10000008
+	.word	0x00401000, 0x10001000, 0x00000008, 0x10400000
+	.word	0x10001008, 0x00000000, 0x00001000, 0x00400008
+	.word	0x00000000, 0x10400008, 0x10401000, 0x00001000
+	.word	0x10000000, 0x10401008, 0x00401008, 0x00400000
+	.word	0x10401008, 0x00000008, 0x10001000, 0x00401008
+	.word	0x00400008, 0x00401000, 0x10400000, 0x10001008
+	.word	0x00001008, 0x10000000, 0x10000008, 0x10401000
+	! nibble 4
+	.word	0x08000000, 0x00010000, 0x00000400, 0x08010420
+	.word	0x08010020, 0x08000400, 0x00010420, 0x08010000
+	.word	0x00010000, 0x00000020, 0x08000020, 0x00010400
+	.word	0x08000420, 0x08010020, 0x08010400, 0x00000000
+	.word	0x00010400, 0x08000000, 0x00010020, 0x00000420
+	.word	0x08000400, 0x00010420, 0x00000000, 0x08000020
+	.word	0x00000020, 0x08000420, 0x08010420, 0x00010020
+	.word	0x08010000, 0x00000400, 0x00000420, 0x08010400
+	.word	0x08010400, 0x08000420, 0x00010020, 0x08010000
+	.word	0x00010000, 0x00000020, 0x08000020, 0x08000400
+	.word	0x08000000, 0x00010400, 0x08010420, 0x00000000
+	.word	0x00010420, 0x08000000, 0x00000400, 0x00010020
+	.word	0x08000420, 0x00000400, 0x00000000, 0x08010420
+	.word	0x08010020, 0x08010400, 0x00000420, 0x00010000
+	.word	0x00010400, 0x08010020, 0x08000400, 0x00000420
+	.word	0x00000020, 0x00010420, 0x08010000, 0x08000020
+	! nibble 5
+	.word	0x80000040, 0x00200040, 0x00000000, 0x80202000
+	.word	0x00200040, 0x00002000, 0x80002040, 0x00200000
+	.word	0x00002040, 0x80202040, 0x00202000, 0x80000000
+	.word	0x80002000, 0x80000040, 0x80200000, 0x00202040
+	.word	0x00200000, 0x80002040, 0x80200040, 0x00000000
+	.word	0x00002000, 0x00000040, 0x80202000, 0x80200040
+	.word	0x80202040, 0x80200000, 0x80000000, 0x00002040
+	.word	0x00000040, 0x00202000, 0x00202040, 0x80002000
+	.word	0x00002040, 0x80000000, 0x80002000, 0x00202040
+	.word	0x80202000, 0x00200040, 0x00000000, 0x80002000
+	.word	0x80000000, 0x00002000, 0x80200040, 0x00200000
+	.word	0x00200040, 0x80202040, 0x00202000, 0x00000040
+	.word	0x80202040, 0x00202000, 0x00200000, 0x80002040
+	.word	0x80000040, 0x80200000, 0x00202040, 0x00000000
+	.word	0x00002000, 0x80000040, 0x80002040, 0x80202000
+	.word	0x80200000, 0x00002040, 0x00000040, 0x80200040
+	! nibble 6
+	.word	0x00004000, 0x00000200, 0x01000200, 0x01000004
+	.word	0x01004204, 0x00004004, 0x00004200, 0x00000000
+	.word	0x01000000, 0x01000204, 0x00000204, 0x01004000
+	.word	0x00000004, 0x01004200, 0x01004000, 0x00000204
+	.word	0x01000204, 0x00004000, 0x00004004, 0x01004204
+	.word	0x00000000, 0x01000200, 0x01000004, 0x00004200
+	.word	0x01004004, 0x00004204, 0x01004200, 0x00000004
+	.word	0x00004204, 0x01004004, 0x00000200, 0x01000000
+	.word	0x00004204, 0x01004000, 0x01004004, 0x00000204
+	.word	0x00004000, 0x00000200, 0x01000000, 0x01004004
+	.word	0x01000204, 0x00004204, 0x00004200, 0x00000000
+	.word	0x00000200, 0x01000004, 0x00000004, 0x01000200
+	.word	0x00000000, 0x01000204, 0x01000200, 0x00004200
+	.word	0x00000204, 0x00004000, 0x01004204, 0x01000000
+	.word	0x01004200, 0x00000004, 0x00004004, 0x01004204
+	.word	0x01000004, 0x01004200, 0x01004000, 0x00004004
+	! nibble 7
+	.word	0x20800080, 0x20820000, 0x00020080, 0x00000000
+	.word	0x20020000, 0x00800080, 0x20800000, 0x20820080
+	.word	0x00000080, 0x20000000, 0x00820000, 0x00020080
+	.word	0x00820080, 0x20020080, 0x20000080, 0x20800000
+	.word	0x00020000, 0x00820080, 0x00800080, 0x20020000
+	.word	0x20820080, 0x20000080, 0x00000000, 0x00820000
+	.word	0x20000000, 0x00800000, 0x20020080, 0x20800080
+	.word	0x00800000, 0x00020000, 0x20820000, 0x00000080
+	.word	0x00800000, 0x00020000, 0x20000080, 0x20820080
+	.word	0x00020080, 0x20000000, 0x00000000, 0x00820000
+	.word	0x20800080, 0x20020080, 0x20020000, 0x00800080
+	.word	0x20820000, 0x00000080, 0x00800080, 0x20020000
+	.word	0x20820080, 0x00800000, 0x20800000, 0x20000080
+	.word	0x00820000, 0x00020080, 0x20020080, 0x20800000
+	.word	0x00000080, 0x20820000, 0x00820080, 0x00000000
+	.word	0x20000000, 0x20800080, 0x00020000, 0x00820080
+
diff --git a/crypto/des/cfb_enc.c b/crypto/des/cfb_enc.c
index 6738e7c0e5..720f29a28e 100644
--- a/crypto/des/cfb_enc.c
+++ b/crypto/des/cfb_enc.c
@@ -125,7 +125,7 @@ void DES_cfb_encrypt(const unsigned char *in, unsigned char *out, int numbits,
 				sh[0]=v0, sh[1]=v1, sh[2]=d0, sh[3]=d1;
 #endif
 				if (rem==0)
-					memcpy(ovec,ovec+num,8);
+					memmove(ovec,ovec+num,8);
 				else
 					for(i=0 ; i < 8 ; ++i)
 						ovec[i]=ovec[i+num]<<rem |
@@ -168,7 +168,7 @@ void DES_cfb_encrypt(const unsigned char *in, unsigned char *out, int numbits,
 				sh[0]=v0, sh[1]=v1, sh[2]=d0, sh[3]=d1;
 #endif
 				if (rem==0)
-					memcpy (ovec,ovec+num,8);
+					memmove(ovec,ovec+num,8);
 				else
 					for(i=0 ; i < 8 ; ++i)
 						ovec[i]=ovec[i+num]<<rem |
diff --git a/crypto/des/des-lib.com b/crypto/des/des-lib.com
index 34be66b808..c715bd2906 100644
--- a/crypto/des/des-lib.com
+++ b/crypto/des/des-lib.com
@@ -9,7 +9,7 @@ $!  Changes by Richard Levitte <richard@levitte.org>
 $!
 $!  This command files compiles and creates the 
 $!  "[.xxx.EXE.CRYPTO.DES]LIBDES.OLB" library.  The "xxx" denotes the machine 
-$!  architecture of AXP or VAX.
+$!  architecture of ALPHA, IA64 or VAX.
 $!
 $!  It was re-written to try to determine which "C" compiler to try to use
 $!  or the user can specify a compiler in P3.
@@ -53,25 +53,38 @@ $!
 $!
 $! Check Which Architecture We Are Using.
 $!
-$ IF (F$GETSYI("CPU").GE.128)
+$ IF (F$GETSYI("CPU").LT.128)
 $ THEN
 $!
-$!  The Architecture Is AXP.
+$!  The Architecture Is VAX
 $!
-$   ARCH := AXP
+$   ARCH := VAX
 $!
 $! Else...
 $!
 $ ELSE
 $!
-$!  The Architecture Is VAX.
+$!  The Architecture Is Alpha, IA64 or whatever comes in the future.
 $!
-$   ARCH := VAX
+$   ARCH = F$EDIT( F$GETSYI( "ARCH_NAME"), "UPCASE")
+$   IF (ARCH .EQS. "") THEN ARCH = "UNK"
 $!
 $! End The Architecture Check.
 $!
 $ ENDIF
 $!
+$! Define The OBJ Directory Name.
+$!
+$ OBJ_DIR := SYS$DISK:[--.'ARCH'.OBJ.CRYPTO.DES]
+$!
+$! Define The LIS Directory Name.
+$!
+$ LIS_DIR := SYS$DISK:[--.'ARCH'.LIS.CRYPTO.DES]
+$!
+$! Define The EXE Directory Name.
+$!
+$ EXE_DIR :== SYS$DISK:[--.'ARCH'.EXE.CRYPTO.DES]
+$!
 $! Check To Make Sure We Have Valid Command Line Parameters.
 $!
 $ GOSUB CHECK_OPTIONS
@@ -80,10 +93,6 @@ $! Tell The User What Kind of Machine We Run On.
 $!
 $ WRITE SYS$OUTPUT "Compiling On A ",ARCH," Machine."
 $!
-$! Define The OBJ Directory Name.
-$!
-$ OBJ_DIR := SYS$DISK:[--.'ARCH'.OBJ.CRYPTO.DES]
-$!
 $! Check To See If The Architecture Specific OBJ Directory Exists.
 $!
 $ IF (F$PARSE(OBJ_DIR).EQS."")
@@ -97,10 +106,6 @@ $! End The Architecture Specific OBJ Directory Check.
 $!
 $ ENDIF
 $!
-$! Define The LIS Directory Name.
-$!
-$ LIS_DIR := SYS$DISK:[--.'ARCH'.LIS.CRYPTO.DES]
-$!
 $! Check To See If The Architecture Specific LIS Directory Exists.
 $!
 $ IF (F$PARSE(LIS_DIR).EQS."")
@@ -114,10 +119,6 @@ $! End The Architecture Specific LIS Directory Check.
 $!
 $ ENDIF
 $!
-$! Define The EXE Directory Name.
-$!
-$ EXE_DIR :== SYS$DISK:[--.'ARCH'.EXE.CRYPTO.DES]
-$!
 $! Check To See If The Architecture Specific Directory Exists.
 $!
 $ IF (F$PARSE(EXE_DIR).EQS."")
@@ -630,7 +631,7 @@ $!
 $   IF (F$SEARCH(OPT_FILE).EQS."")
 $   THEN
 $!
-$!    Figure Out If We Need An AXP Or A VAX Linker Option File.
+$!    Figure Out If We Need An non-VAX Or A VAX Linker Option File.
 $!
 $     IF (F$GETSYI("CPU").LT.128)
 $     THEN
@@ -650,19 +651,19 @@ $!    Else...
 $!
 $     ELSE
 $!
-$!      Create The AXP Linker Option File.
+$!      Create The non-VAX Linker Option File.
 $!
 $       CREATE 'OPT_FILE'
 $DECK
 !
-! Default System Options File For AXP To Link Agianst 
+! Default System Options File For non-VAX To Link Agianst 
 ! The Sharable C Runtime Library.
 !
 SYS$SHARE:CMA$OPEN_LIB_SHR/SHARE
 SYS$SHARE:CMA$OPEN_RTL/SHARE
 $EOD
 $!
-$!    End The VAX/AXP DEC C Option File Check.
+$!    End The DEC C Option File Check.
 $!
 $     ENDIF
 $!
@@ -753,8 +754,9 @@ $     WRITE SYS$OUTPUT "    DES_OPTS :  To Compile Just The [.xxx.EXE.CRYTPO.DES
 $     WRITE SYS$OUTPUT ""
 $     WRITE SYS$OUTPUT " Where 'xxx' Stands For: "
 $     WRITE SYS$OUTPUT ""
-$     WRITE SYS$OUTPUT "        AXP  :  Alpha Architecture."
-$     WRITE SYS$OUTPUT "        VAX  :  VAX Architecture."
+$     WRITE SYS$OUTPUT "    ALPHA    :  Alpha Architecture."
+$     WRITE SYS$OUTPUT "    IA64     :  IA64 Architecture."
+$     WRITE SYS$OUTPUT "    VAX      :  VAX Architecture."
 $     WRITE SYS$OUTPUT ""
 $!
 $!    Time To EXIT.
@@ -883,7 +885,7 @@ $   ELSE
 $!
 $!    Check To See If We Have VAXC Or DECC.
 $!
-$     IF (ARCH.EQS."AXP").OR.(F$TRNLNM("DECC$CC_DEFAULT").NES."")
+$     IF (ARCH.NES."VAX").OR.(F$TRNLNM("DECC$CC_DEFAULT").NES."")
 $     THEN 
 $!
 $!      Looks Like DECC, Set To Use DECC.
@@ -1006,7 +1008,7 @@ $     CC = CC + "/''CC_OPTIMIZE'/''DEBUGGER'/STANDARD=ANSI89" + -
 $!
 $!    Define The Linker Options File Name.
 $!
-$     OPT_FILE = "SYS$DISK:[]VAX_DECC_OPTIONS.OPT"
+$     OPT_FILE = "''EXE_DIR'VAX_DECC_OPTIONS.OPT"
 $!
 $!  End DECC Check.
 $!
@@ -1028,9 +1030,9 @@ $!
 $!    Compile Using VAXC.
 $!
 $     CC = "CC"
-$     IF ARCH.EQS."AXP"
+$     IF ARCH.NES."VAX"
 $     THEN
-$	WRITE SYS$OUTPUT "There is no VAX C on Alpha!"
+$	WRITE SYS$OUTPUT "There is no VAX C on ''ARCH'!"
 $	EXIT
 $     ENDIF
 $     IF F$TRNLNM("DECC$CC_DEFAULT").EQS."/DECC" THEN CC = "CC/VAXC"
@@ -1043,7 +1045,7 @@ $     DEFINE/NOLOG SYS SYS$COMMON:[SYSLIB]
 $!
 $!    Define The Linker Options File Name.
 $!
-$     OPT_FILE = "SYS$DISK:[]VAX_VAXC_OPTIONS.OPT"
+$     OPT_FILE = "''EXE_DIR'VAX_VAXC_OPTIONS.OPT"
 $!
 $!  End VAXC Check
 $!
@@ -1068,7 +1070,7 @@ $     CC = "GCC/NOCASE_HACK/''GCC_OPTIMIZE'/''DEBUGGER'" + CCEXTRAFLAGS
 $!
 $!    Define The Linker Options File Name.
 $!
-$     OPT_FILE = "SYS$DISK:[]VAX_GNUC_OPTIONS.OPT"
+$     OPT_FILE = "''EXE_DIR'VAX_GNUC_OPTIONS.OPT"
 $!
 $!  End The GNU C Check.
 $!
diff --git a/crypto/des/des.h b/crypto/des/des.h
index 3cbc2b568e..92b6663599 100644
--- a/crypto/des/des.h
+++ b/crypto/des/des.h
@@ -195,9 +195,10 @@ void DES_ede3_ofb64_encrypt(const unsigned char *in,unsigned char *out,
 			    long length,DES_key_schedule *ks1,
 			    DES_key_schedule *ks2,DES_key_schedule *ks3,
 			    DES_cblock *ivec,int *num);
-
+#if 0
 void DES_xwhite_in2out(const_DES_cblock *DES_key,const_DES_cblock *in_white,
 		       DES_cblock *out_white);
+#endif
 
 int DES_enc_read(int fd,void *buf,int len,DES_key_schedule *sched,
 		 DES_cblock *iv);
diff --git a/crypto/des/des_enc.c b/crypto/des/des_enc.c
index 1c37ab96d3..828feba208 100644
--- a/crypto/des/des_enc.c
+++ b/crypto/des/des_enc.c
@@ -57,6 +57,7 @@
  */
 
 #include "des_locl.h"
+#include "spr.h"
 
 void DES_encrypt1(DES_LONG *data, DES_key_schedule *ks, int enc)
 	{
@@ -107,12 +108,10 @@ void DES_encrypt1(DES_LONG *data, DES_key_schedule *ks, int enc)
 		D_ENCRYPT(l,r,28); /*  15 */
 		D_ENCRYPT(r,l,30); /*  16 */
 #else
-		for (i=0; i<32; i+=8)
+		for (i=0; i<32; i+=4)
 			{
 			D_ENCRYPT(l,r,i+0); /*  1 */
 			D_ENCRYPT(r,l,i+2); /*  2 */
-			D_ENCRYPT(l,r,i+4); /*  3 */
-			D_ENCRYPT(r,l,i+6); /*  4 */
 			}
 #endif
 		}
@@ -136,12 +135,10 @@ void DES_encrypt1(DES_LONG *data, DES_key_schedule *ks, int enc)
 		D_ENCRYPT(l,r, 2); /*  2 */
 		D_ENCRYPT(r,l, 0); /*  1 */
 #else
-		for (i=30; i>0; i-=8)
+		for (i=30; i>0; i-=4)
 			{
 			D_ENCRYPT(l,r,i-0); /* 16 */
 			D_ENCRYPT(r,l,i-2); /* 15 */
-			D_ENCRYPT(l,r,i-4); /* 14 */
-			D_ENCRYPT(r,l,i-6); /* 13 */
 			}
 #endif
 		}
@@ -203,12 +200,10 @@ void DES_encrypt2(DES_LONG *data, DES_key_schedule *ks, int enc)
 		D_ENCRYPT(l,r,28); /*  15 */
 		D_ENCRYPT(r,l,30); /*  16 */
 #else
-		for (i=0; i<32; i+=8)
+		for (i=0; i<32; i+=4)
 			{
 			D_ENCRYPT(l,r,i+0); /*  1 */
 			D_ENCRYPT(r,l,i+2); /*  2 */
-			D_ENCRYPT(l,r,i+4); /*  3 */
-			D_ENCRYPT(r,l,i+6); /*  4 */
 			}
 #endif
 		}
@@ -232,12 +227,10 @@ void DES_encrypt2(DES_LONG *data, DES_key_schedule *ks, int enc)
 		D_ENCRYPT(l,r, 2); /*  2 */
 		D_ENCRYPT(r,l, 0); /*  1 */
 #else
-		for (i=30; i>0; i-=8)
+		for (i=30; i>0; i-=4)
 			{
 			D_ENCRYPT(l,r,i-0); /* 16 */
 			D_ENCRYPT(r,l,i-2); /* 15 */
-			D_ENCRYPT(l,r,i-4); /* 14 */
-			D_ENCRYPT(r,l,i-6); /* 13 */
 			}
 #endif
 		}
diff --git a/crypto/des/des_locl.h b/crypto/des/des_locl.h
index f992697b08..a3b512e9b0 100644
--- a/crypto/des/des_locl.h
+++ b/crypto/des/des_locl.h
@@ -61,7 +61,7 @@
 
 #include <openssl/e_os2.h>
 
-#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WIN16)
+#if defined(OPENSSL_SYS_WIN32)
 #ifndef OPENSSL_SYS_MSDOS
 #define OPENSSL_SYS_MSDOS
 #endif
@@ -421,8 +421,12 @@
 	PERM_OP(l,r,tt, 4,0x0f0f0f0fL); \
 	}
 
-OPENSSL_EXTERN const DES_LONG DES_SPtrans[8][64];
+extern const DES_LONG DES_SPtrans[8][64];
 
 void fcrypt_body(DES_LONG *out,DES_key_schedule *ks,
 		 DES_LONG Eswap0, DES_LONG Eswap1);
+
+#ifdef OPENSSL_SMALL_FOOTPRINT
+#undef DES_UNROLL
+#endif
 #endif
diff --git a/crypto/des/des_old.c b/crypto/des/des_old.c
index 7e4cd7180d..7c33ed7a93 100644
--- a/crypto/des/des_old.c
+++ b/crypto/des/des_old.c
@@ -169,11 +169,13 @@ void _ossl_old_des_ede3_ofb64_encrypt(unsigned char *in, unsigned char *out,
 		(DES_key_schedule *)ks3, ivec, num);
 	}
 
+#if 0 /* broken code, preserved just in case anyone specifically looks for this */
 void _ossl_old_des_xwhite_in2out(_ossl_old_des_cblock (*des_key), _ossl_old_des_cblock (*in_white),
 	_ossl_old_des_cblock (*out_white))
 	{
 	DES_xwhite_in2out(des_key, in_white, out_white);
 	}
+#endif
 
 int _ossl_old_des_enc_read(int fd,char *buf,int len,des_key_schedule sched,
 	_ossl_old_des_cblock *iv)
diff --git a/crypto/des/des_old.h b/crypto/des/des_old.h
index 8a238d1ce1..2b2c372354 100644
--- a/crypto/des/des_old.h
+++ b/crypto/des/des_old.h
@@ -116,6 +116,10 @@
 extern "C" {
 #endif
 
+#ifdef _
+#undef _
+#endif
+
 typedef unsigned char _ossl_old_des_cblock[8];
 typedef struct _ossl_old_des_ks_struct
 	{
@@ -171,9 +175,9 @@ typedef struct _ossl_old_des_ks_struct
 	DES_enc_write((f),(b),(l),&(k),(iv))
 #define des_fcrypt(b,s,r)\
 	DES_fcrypt((b),(s),(r))
+#if 0
 #define des_crypt(b,s)\
 	DES_crypt((b),(s))
-#if 0
 #if !defined(PERL5) && !defined(__FreeBSD__) && !defined(NeXT) && !defined(__OpenBSD__)
 #define crypt(b,s)\
 	DES_crypt((b),(s))
@@ -360,9 +364,10 @@ void _ossl_old_des_ede3_cfb64_encrypt(unsigned char *in, unsigned char *out,
 void _ossl_old_des_ede3_ofb64_encrypt(unsigned char *in, unsigned char *out,
 	long length, _ossl_old_des_key_schedule ks1, _ossl_old_des_key_schedule ks2,
 	_ossl_old_des_key_schedule ks3, _ossl_old_des_cblock *ivec, int *num);
-
+#if 0
 void _ossl_old_des_xwhite_in2out(_ossl_old_des_cblock (*des_key), _ossl_old_des_cblock (*in_white),
 	_ossl_old_des_cblock (*out_white));
+#endif
 
 int _ossl_old_des_enc_read(int fd,char *buf,int len,_ossl_old_des_key_schedule sched,
 	_ossl_old_des_cblock *iv);
diff --git a/crypto/des/des_ver.h b/crypto/des/des_ver.h
index 379bbadda2..d1ada258a6 100644
--- a/crypto/des/des_ver.h
+++ b/crypto/des/des_ver.h
@@ -67,5 +67,5 @@
 #define DES_version OSSL_DES_version
 #define libdes_version OSSL_libdes_version
 
-OPENSSL_EXTERN const char *OSSL_DES_version;	/* SSLeay version string */
-OPENSSL_EXTERN const char *OSSL_libdes_version;	/* old libdes version string */
+OPENSSL_EXTERN const char OSSL_DES_version[];	/* SSLeay version string */
+OPENSSL_EXTERN const char OSSL_libdes_version[];	/* old libdes version string */
diff --git a/crypto/des/destest.c b/crypto/des/destest.c
index 4584cf3004..64b92a34fe 100644
--- a/crypto/des/destest.c
+++ b/crypto/des/destest.c
@@ -84,7 +84,7 @@ int main(int argc, char *argv[])
 #else
 #include <openssl/des.h>
 
-#define crypt(c,s) (des_crypt((c),(s)))
+#define crypt(c,s) (DES_crypt((c),(s)))
 
 /* tisk tisk - the test keys don't all have odd parity :-( */
 /* test data */
diff --git a/crypto/des/ecb_enc.c b/crypto/des/ecb_enc.c
index 784aa5ba23..0684e769b3 100644
--- a/crypto/des/ecb_enc.c
+++ b/crypto/des/ecb_enc.c
@@ -58,12 +58,11 @@
 
 #include "des_locl.h"
 #include "des_ver.h"
-#include "spr.h"
 #include <openssl/opensslv.h>
 #include <openssl/bio.h>
 
-OPENSSL_GLOBAL const char *libdes_version="libdes" OPENSSL_VERSION_PTEXT;
-OPENSSL_GLOBAL const char *DES_version="DES" OPENSSL_VERSION_PTEXT;
+OPENSSL_GLOBAL const char libdes_version[]="libdes" OPENSSL_VERSION_PTEXT;
+OPENSSL_GLOBAL const char DES_version[]="DES" OPENSSL_VERSION_PTEXT;
 
 const char *DES_options(void)
 	{
@@ -92,7 +91,7 @@ const char *DES_options(void)
 #ifdef DES_UNROLL
 		unroll="16";
 #else
-		unroll="4";
+		unroll="2";
 #endif
 		if (sizeof(DES_LONG) != sizeof(long))
 			size="int";
diff --git a/crypto/des/enc_read.c b/crypto/des/enc_read.c
index c70fb686b8..edb6620d08 100644
--- a/crypto/des/enc_read.c
+++ b/crypto/des/enc_read.c
@@ -63,7 +63,7 @@
 
 /* This has some uglies in it but it works - even over sockets. */
 /*extern int errno;*/
-OPENSSL_IMPLEMENT_GLOBAL(int,DES_rw_mode)=DES_PCBC_MODE;
+OPENSSL_IMPLEMENT_GLOBAL(int,DES_rw_mode,DES_PCBC_MODE)
 
 
 /*
@@ -87,6 +87,9 @@ OPENSSL_IMPLEMENT_GLOBAL(int,DES_rw_mode)=DES_PCBC_MODE;
 int DES_enc_read(int fd, void *buf, int len, DES_key_schedule *sched,
 		 DES_cblock *iv)
 	{
+#if defined(OPENSSL_NO_POSIX_IO)
+	return(0);
+#else
 	/* data to be unencrypted */
 	int net_num=0;
 	static unsigned char *net=NULL;
@@ -147,7 +150,11 @@ int DES_enc_read(int fd, void *buf, int len, DES_key_schedule *sched,
 	/* first - get the length */
 	while (net_num < HDRSIZE) 
 		{
+#ifndef OPENSSL_SYS_WIN32
 		i=read(fd,(void *)&(net[net_num]),HDRSIZE-net_num);
+#else
+		i=_read(fd,(void *)&(net[net_num]),HDRSIZE-net_num);
+#endif
 #ifdef EINTR
 		if ((i == -1) && (errno == EINTR)) continue;
 #endif
@@ -169,7 +176,11 @@ int DES_enc_read(int fd, void *buf, int len, DES_key_schedule *sched,
 	net_num=0;
 	while (net_num < rnum)
 		{
+#ifndef OPENSSL_SYS_WIN32
 		i=read(fd,(void *)&(net[net_num]),rnum-net_num);
+#else
+		i=_read(fd,(void *)&(net[net_num]),rnum-net_num);
+#endif
 #ifdef EINTR
 		if ((i == -1) && (errno == EINTR)) continue;
 #endif
@@ -224,5 +235,6 @@ int DES_enc_read(int fd, void *buf, int len, DES_key_schedule *sched,
 			}
 		}
 	return num;
+#endif /* OPENSSL_NO_POSIX_IO */
 	}
 
diff --git a/crypto/des/enc_writ.c b/crypto/des/enc_writ.c
index af5b8c2349..2353ac1e89 100644
--- a/crypto/des/enc_writ.c
+++ b/crypto/des/enc_writ.c
@@ -80,6 +80,9 @@
 int DES_enc_write(int fd, const void *_buf, int len,
 		  DES_key_schedule *sched, DES_cblock *iv)
 	{
+#if defined(OPENSSL_NO_POSIX_IO)
+	return (-1);
+#else
 #ifdef _LIBC
 	extern unsigned long time();
 	extern int write();
@@ -153,7 +156,11 @@ int DES_enc_write(int fd, const void *_buf, int len,
 		{
 		/* eay 26/08/92 I was not doing writing from where we
 		 * got up to. */
+#ifndef _WIN32
 		i=write(fd,(void *)&(outbuf[j]),outnum-j);
+#else
+		i=_write(fd,(void *)&(outbuf[j]),outnum-j);
+#endif
 		if (i == -1)
 			{
 #ifdef EINTR
@@ -168,4 +175,5 @@ int DES_enc_write(int fd, const void *_buf, int len,
 		}
 
 	return(len);
+#endif /* OPENSSL_NO_POSIX_IO */
 	}
diff --git a/crypto/des/fcrypt_b.c b/crypto/des/fcrypt_b.c
index 1390138787..8822816938 100644
--- a/crypto/des/fcrypt_b.c
+++ b/crypto/des/fcrypt_b.c
@@ -100,12 +100,10 @@ void fcrypt_body(DES_LONG *out, DES_key_schedule *ks, DES_LONG Eswap0,
 #ifndef DES_UNROLL
 		register int i;
 
-		for (i=0; i<32; i+=8)
+		for (i=0; i<32; i+=4)
 			{
 			D_ENCRYPT(l,r,i+0); /*  1 */
 			D_ENCRYPT(r,l,i+2); /*  2 */
-			D_ENCRYPT(l,r,i+4); /*  1 */
-			D_ENCRYPT(r,l,i+6); /*  2 */
 			}
 #else
 		D_ENCRYPT(l,r, 0); /*  1 */
diff --git a/crypto/des/set_key.c b/crypto/des/set_key.c
index 55efe03f42..3004cc3ab3 100644
--- a/crypto/des/set_key.c
+++ b/crypto/des/set_key.c
@@ -65,7 +65,7 @@
  */
 #include "des_locl.h"
 
-OPENSSL_IMPLEMENT_GLOBAL(int,DES_check_key);	/* defaults to false */
+OPENSSL_IMPLEMENT_GLOBAL(int,DES_check_key,0)	/* defaults to false */
 
 static const unsigned char odd_parity[256]={
   1,  1,  2,  2,  4,  4,  7,  7,  8,  8, 11, 11, 13, 13, 14, 14,
@@ -115,7 +115,7 @@ int DES_check_key_parity(const_DES_cblock *key)
  * (and actual cblock values).
  */
 #define NUM_WEAK_KEY	16
-static DES_cblock weak_keys[NUM_WEAK_KEY]={
+static const DES_cblock weak_keys[NUM_WEAK_KEY]={
 	/* weak keys */
 	{0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01},
 	{0xFE,0xFE,0xFE,0xFE,0xFE,0xFE,0xFE,0xFE},
@@ -336,7 +336,7 @@ int DES_set_key_checked(const_DES_cblock *key, DES_key_schedule *schedule)
 
 void DES_set_key_unchecked(const_DES_cblock *key, DES_key_schedule *schedule)
 	{
-	static int shifts2[16]={0,0,1,1,1,1,1,1,0,1,1,1,1,1,1,0};
+	static const int shifts2[16]={0,0,1,1,1,1,1,1,0,1,1,1,1,1,1,0};
 	register DES_LONG c,d,t,s,t2;
 	register const unsigned char *in;
 	register DES_LONG *k;
diff --git a/crypto/des/times/usparc.cc b/crypto/des/times/usparc.cc
index f6ec8e8831..0864285ef6 100644
--- a/crypto/des/times/usparc.cc
+++ b/crypto/des/times/usparc.cc
@@ -2,7 +2,7 @@ solaris 2.5.1 usparc 167mhz?? - SC4.0 cc -fast -Xa -xO5
 
 For the ultra sparc, SunC 4.0 cc -fast -Xa -xO5, running 'des_opts'
 gives a speed of 475,000 des/s while 'speed' gives 417,000 des/s.
-I belive the difference is tied up in optimisation that the compiler
+I believe the difference is tied up in optimisation that the compiler
 is able to perform when the code is 'inlined'.  For 'speed', the DES
 routines are being linked from a library.  I'll record the higher
 speed since if performance is everything, you can always inline
diff --git a/crypto/des/xcbc_enc.c b/crypto/des/xcbc_enc.c
index 47246eb466..058cab6bce 100644
--- a/crypto/des/xcbc_enc.c
+++ b/crypto/des/xcbc_enc.c
@@ -60,7 +60,8 @@
 
 /* RSA's DESX */
 
-static unsigned char desx_white_in2out[256]={
+#if 0 /* broken code, preserved just in case anyone specifically looks for this */
+static const unsigned char desx_white_in2out[256]={
 0xBD,0x56,0xEA,0xF2,0xA2,0xF1,0xAC,0x2A,0xB0,0x93,0xD1,0x9C,0x1B,0x33,0xFD,0xD0,
 0x30,0x04,0xB6,0xDC,0x7D,0xDF,0x32,0x4B,0xF7,0xCB,0x45,0x9B,0x31,0xBB,0x21,0x5A,
 0x41,0x9F,0xE1,0xD9,0x4A,0x4D,0x9E,0xDA,0xA0,0x68,0x2C,0xC3,0x27,0x5F,0x80,0x36,
@@ -98,7 +99,7 @@ void DES_xwhite_in2out(const_DES_cblock *des_key, const_DES_cblock *in_white,
 		}
 
 	out0=out[0];
-	out1=out[i];
+	out1=out[i]; /* BUG: out-of-bounds read */
 	for (i=0; i<8; i++)
 		{
 		out[i]=in[i]^desx_white_in2out[out0^out1];
@@ -106,6 +107,7 @@ void DES_xwhite_in2out(const_DES_cblock *des_key, const_DES_cblock *in_white,
 		out1=(int)out[i&0x07];
 		}
 	}
+#endif
 
 void DES_xcbc_encrypt(const unsigned char *in, unsigned char *out,
 		      long length, DES_key_schedule *schedule,
diff --git a/crypto/dh/.cvsignore b/crypto/dh/.cvsignore
index c6d03a9dbc..439e6d3eb6 100644
--- a/crypto/dh/.cvsignore
+++ b/crypto/dh/.cvsignore
@@ -1,2 +1,4 @@
 lib
 Makefile.save
+*.flc
+semantic.cache
diff --git a/crypto/dh/Makefile.ssl b/crypto/dh/Makefile.ssl
deleted file mode 100644
index fe5c3f4ae5..0000000000
--- a/crypto/dh/Makefile.ssl
+++ /dev/null
@@ -1,138 +0,0 @@
-#
-# SSLeay/crypto/dh/Makefile
-#
-
-DIR=	dh
-TOP=	../..
-CC=	cc
-INCLUDES= -I.. -I$(TOP) -I../../include
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST= dhtest.c
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC= dh_asn1.c dh_gen.c dh_key.c dh_lib.c dh_check.c dh_err.c dh_depr.c
-LIBOBJ= dh_asn1.o dh_gen.o dh_key.o dh_lib.o dh_check.o dh_err.o dh_depr.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= dh.h
-HEADER=	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@sh $(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-dh_asn1.o: ../../e_os.h ../../include/openssl/asn1.h
-dh_asn1.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
-dh_asn1.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-dh_asn1.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
-dh_asn1.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-dh_asn1.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-dh_asn1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-dh_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-dh_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-dh_asn1.o: ../../include/openssl/symhacks.h ../cryptlib.h dh_asn1.c
-dh_check.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-dh_check.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-dh_check.o: ../../include/openssl/dh.h ../../include/openssl/e_os2.h
-dh_check.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-dh_check.o: ../../include/openssl/opensslconf.h
-dh_check.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-dh_check.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-dh_check.o: ../../include/openssl/symhacks.h ../cryptlib.h dh_check.c
-dh_depr.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-dh_depr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-dh_depr.o: ../../include/openssl/dh.h ../../include/openssl/e_os2.h
-dh_depr.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-dh_depr.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-dh_depr.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-dh_depr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-dh_depr.o: ../cryptlib.h dh_depr.c
-dh_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
-dh_err.o: ../../include/openssl/dh.h ../../include/openssl/e_os2.h
-dh_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-dh_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-dh_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-dh_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-dh_err.o: dh_err.c
-dh_gen.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-dh_gen.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-dh_gen.o: ../../include/openssl/dh.h ../../include/openssl/e_os2.h
-dh_gen.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-dh_gen.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-dh_gen.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-dh_gen.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-dh_gen.o: ../cryptlib.h dh_gen.c
-dh_key.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-dh_key.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-dh_key.o: ../../include/openssl/dh.h ../../include/openssl/e_os2.h
-dh_key.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-dh_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-dh_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
-dh_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-dh_key.o: ../../include/openssl/symhacks.h ../cryptlib.h dh_key.c
-dh_lib.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-dh_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-dh_lib.o: ../../include/openssl/dh.h ../../include/openssl/e_os2.h
-dh_lib.o: ../../include/openssl/engine.h ../../include/openssl/err.h
-dh_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-dh_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-dh_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-dh_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h dh_lib.c
diff --git a/crypto/dh/dh.h b/crypto/dh/dh.h
index 312340e9f3..849309a489 100644
--- a/crypto/dh/dh.h
+++ b/crypto/dh/dh.h
@@ -73,7 +73,18 @@
 #include <openssl/bn.h>
 #endif
 	
-#define DH_FLAG_CACHE_MONT_P	0x01
+#ifndef OPENSSL_DH_MAX_MODULUS_BITS
+# define OPENSSL_DH_MAX_MODULUS_BITS	10000
+#endif
+
+#define DH_FLAG_CACHE_MONT_P     0x01
+#define DH_FLAG_NO_EXP_CONSTTIME 0x02 /* new with 0.9.7h; the built-in DH
+                                       * implementation now uses constant time
+                                       * modular exponentiation for secret exponents
+                                       * by default. This flag causes the
+                                       * faster variable sliding window method to
+                                       * be used for all exponents.
+                                       */
 
 #ifdef  __cplusplus
 extern "C" {
@@ -114,7 +125,7 @@ struct dh_st
 	BIGNUM *priv_key;	/* x */
 
 	int flags;
-	char *method_mont_p;
+	BN_MONT_CTX *method_mont_p;
 	/* Place holders if we want to do X9.42 DH */
 	BIGNUM *q;
 	BIGNUM *j;
@@ -138,25 +149,22 @@ struct dh_st
 #define DH_UNABLE_TO_CHECK_GENERATOR	0x04
 #define DH_NOT_SUITABLE_GENERATOR	0x08
 
+/* DH_check_pub_key error codes */
+#define DH_CHECK_PUBKEY_TOO_SMALL	0x01
+#define DH_CHECK_PUBKEY_TOO_LARGE	0x02
+
 /* primes p where (p-1)/2 is prime too are called "safe"; we define
    this for backward compatibility: */
 #define DH_CHECK_P_NOT_STRONG_PRIME	DH_CHECK_P_NOT_SAFE_PRIME
 
-#define DHparams_dup(x) (DH *)ASN1_dup((int (*)())i2d_DHparams, \
-		(char *(*)())d2i_DHparams,(char *)(x))
 #define d2i_DHparams_fp(fp,x) (DH *)ASN1_d2i_fp((char *(*)())DH_new, \
 		(char *(*)())d2i_DHparams,(fp),(unsigned char **)(x))
 #define i2d_DHparams_fp(fp,x) ASN1_i2d_fp(i2d_DHparams,(fp), \
 		(unsigned char *)(x))
-#define d2i_DHparams_bio(bp,x) (DH *)ASN1_d2i_bio((char *(*)())DH_new, \
-		(char *(*)())d2i_DHparams,(bp),(unsigned char **)(x))
-#ifdef  __cplusplus
-#define i2d_DHparams_bio(bp,x) ASN1_i2d_bio((int (*)())i2d_DHparams,(bp), \
-		(unsigned char *)(x))
-#else
-#define i2d_DHparams_bio(bp,x) ASN1_i2d_bio(i2d_DHparams,(bp), \
-		(unsigned char *)(x))
-#endif
+#define d2i_DHparams_bio(bp,x) ASN1_d2i_bio_of(DH,DH_new,d2i_DHparams,bp,x)
+#define i2d_DHparams_bio(bp,x) ASN1_i2d_bio_of_const(DH,i2d_DHparams,bp,x)
+
+DH *DHparams_dup(DH *);
 
 const DH_METHOD *DH_OpenSSL(void);
 
@@ -184,6 +192,7 @@ DH *	DH_generate_parameters(int prime_len,int generator,
 int	DH_generate_parameters_ex(DH *dh, int prime_len,int generator, BN_GENCB *cb);
 
 int	DH_check(const DH *dh,int *codes);
+int	DH_check_pub_key(const DH *dh,const BIGNUM *pub_key, int *codes);
 int	DH_generate_key(DH *dh);
 int	DH_compute_key(unsigned char *key,const BIGNUM *pub_key,DH *dh);
 DH *	d2i_DHparams(DH **a,const unsigned char **pp, long length);
@@ -197,6 +206,18 @@ int	DHparams_print(BIO *bp, const DH *x);
 int	DHparams_print(char *bp, const DH *x);
 #endif
 
+#define EVP_PKEY_CTX_set_dh_paramgen_prime_len(ctx, len) \
+	EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
+			EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN, len, NULL)
+
+#define EVP_PKEY_CTX_set_dh_paramgen_generator(ctx, gen) \
+	EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
+			EVP_PKEY_CTRL_DH_PARAMGEN_GENERATOR, gen, NULL)
+
+#define	EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN	(EVP_PKEY_ALG_CTRL + 1)
+#define	EVP_PKEY_CTRL_DH_PARAMGEN_GENERATOR	(EVP_PKEY_ALG_CTRL + 2)
+		
+
 /* BEGIN ERROR CODES */
 /* The following lines are auto generated by the script mkerr.pl. Any changes
  * made after this point may be overwritten when the script is next run.
@@ -206,16 +227,32 @@ void ERR_load_DH_strings(void);
 /* Error codes for the DH functions. */
 
 /* Function codes. */
-#define DH_F_DHPARAMS_PRINT				 100
+#define DH_F_COMPUTE_KEY				 102
 #define DH_F_DHPARAMS_PRINT_FP				 101
-#define DH_F_DH_COMPUTE_KEY				 102
-#define DH_F_DH_GENERATE_KEY				 103
-#define DH_F_DH_GENERATE_PARAMETERS			 104
+#define DH_F_DH_BUILTIN_GENPARAMS			 106
 #define DH_F_DH_NEW_METHOD				 105
+#define DH_F_DH_PARAM_DECODE				 107
+#define DH_F_DH_PRIV_DECODE				 110
+#define DH_F_DH_PRIV_ENCODE				 111
+#define DH_F_DH_PUB_DECODE				 108
+#define DH_F_DH_PUB_ENCODE				 109
+#define DH_F_DO_DH_PRINT				 100
+#define DH_F_GENERATE_KEY				 103
+#define DH_F_GENERATE_PARAMETERS			 104
+#define DH_F_PKEY_DH_DERIVE				 112
+#define DH_F_PKEY_DH_KEYGEN				 113
 
 /* Reason codes. */
 #define DH_R_BAD_GENERATOR				 101
+#define DH_R_BN_DECODE_ERROR				 109
+#define DH_R_BN_ERROR					 106
+#define DH_R_DECODE_ERROR				 104
+#define DH_R_INVALID_PUBKEY				 102
+#define DH_R_KEYS_NOT_SET				 108
+#define DH_R_MODULUS_TOO_LARGE				 103
+#define DH_R_NO_PARAMETERS_SET				 107
 #define DH_R_NO_PRIVATE_VALUE				 100
+#define DH_R_PARAMETER_ENCODING_ERROR			 105
 
 #ifdef  __cplusplus
 }
diff --git a/crypto/dh/dh_ameth.c b/crypto/dh/dh_ameth.c
new file mode 100644
index 0000000000..377caf96c9
--- /dev/null
+++ b/crypto/dh/dh_ameth.c
@@ -0,0 +1,500 @@
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project 2006.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/x509.h>
+#include <openssl/asn1.h>
+#include <openssl/dh.h>
+#include <openssl/bn.h>
+#include "asn1_locl.h"
+
+static void int_dh_free(EVP_PKEY *pkey)
+	{
+	DH_free(pkey->pkey.dh);
+	}
+
+static int dh_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey)
+	{
+	const unsigned char *p, *pm;
+	int pklen, pmlen;
+	int ptype;
+	void *pval;
+	ASN1_STRING *pstr;
+	X509_ALGOR *palg;
+	ASN1_INTEGER *public_key = NULL;
+
+	DH *dh = NULL;
+
+	if (!X509_PUBKEY_get0_param(NULL, &p, &pklen, &palg, pubkey))
+		return 0;
+	X509_ALGOR_get0(NULL, &ptype, &pval, palg);
+
+	if (ptype != V_ASN1_SEQUENCE)
+		{
+		DHerr(DH_F_DH_PUB_DECODE, DH_R_PARAMETER_ENCODING_ERROR);
+		goto err;
+		}
+
+	pstr = pval;	
+	pm = pstr->data;
+	pmlen = pstr->length;
+
+	if (!(dh = d2i_DHparams(NULL, &pm, pmlen)))
+		{
+		DHerr(DH_F_DH_PUB_DECODE, DH_R_DECODE_ERROR);
+		goto err;
+		}
+
+	if (!(public_key=d2i_ASN1_INTEGER(NULL, &p, pklen)))
+		{
+		DHerr(DH_F_DH_PUB_DECODE, DH_R_DECODE_ERROR);
+		goto err;
+		}
+
+	/* We have parameters now set public key */
+	if (!(dh->pub_key = ASN1_INTEGER_to_BN(public_key, NULL)))
+		{
+		DHerr(DH_F_DH_PUB_DECODE, DH_R_BN_DECODE_ERROR);
+		goto err;
+		}
+
+	ASN1_INTEGER_free(public_key);
+	EVP_PKEY_assign_DH(pkey, dh);
+	return 1;
+
+	err:
+	if (public_key)
+		ASN1_INTEGER_free(public_key);
+	if (dh)
+		DH_free(dh);
+	return 0;
+
+	}
+
+static int dh_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey)
+	{
+	DH *dh;
+	void *pval = NULL;
+	int ptype;
+	unsigned char *penc = NULL;
+	int penclen;
+	ASN1_STRING *str;
+	ASN1_INTEGER *pub_key = NULL;
+
+	dh=pkey->pkey.dh;
+
+	str = ASN1_STRING_new();
+	str->length = i2d_DHparams(dh, &str->data);
+	if (str->length <= 0)
+		{
+		DHerr(DH_F_DH_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
+		goto err;
+		}
+	pval = str;
+	ptype = V_ASN1_SEQUENCE;
+
+	pub_key = BN_to_ASN1_INTEGER(dh->pub_key, NULL);
+	if (!pub_key)
+		goto err;
+
+	penclen = i2d_ASN1_INTEGER(pub_key, &penc);
+
+	ASN1_INTEGER_free(pub_key);
+
+	if (penclen <= 0)
+		{
+		DHerr(DH_F_DH_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
+		goto err;
+		}
+
+	if (X509_PUBKEY_set0_param(pk, OBJ_nid2obj(EVP_PKEY_DH),
+				ptype, pval, penc, penclen))
+		return 1;
+
+	err:
+	if (penc)
+		OPENSSL_free(penc);
+	if (pval)
+		ASN1_STRING_free(pval);
+
+	return 0;
+	}
+
+
+/* PKCS#8 DH is defined in PKCS#11 of all places. It is similar to DH in
+ * that the AlgorithmIdentifier contains the paramaters, the private key
+ * is explcitly included and the pubkey must be recalculated.
+ */
+	
+static int dh_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8)
+	{
+	const unsigned char *p, *pm;
+	int pklen, pmlen;
+	int ptype;
+	void *pval;
+	ASN1_STRING *pstr;
+	X509_ALGOR *palg;
+	ASN1_INTEGER *privkey = NULL;
+
+	DH *dh = NULL;
+
+	if (!PKCS8_pkey_get0(NULL, &p, &pklen, &palg, p8))
+		return 0;
+
+	X509_ALGOR_get0(NULL, &ptype, &pval, palg);
+
+	if (ptype != V_ASN1_SEQUENCE)
+			goto decerr;
+
+	if (!(privkey=d2i_ASN1_INTEGER(NULL, &p, pklen)))
+		goto decerr;
+
+
+	pstr = pval;	
+	pm = pstr->data;
+	pmlen = pstr->length;
+	if (!(dh = d2i_DHparams(NULL, &pm, pmlen)))
+		goto decerr;
+	/* We have parameters now set private key */
+	if (!(dh->priv_key = ASN1_INTEGER_to_BN(privkey, NULL)))
+		{
+		DHerr(DH_F_DH_PRIV_DECODE,DH_R_BN_ERROR);
+		goto dherr;
+		}
+	/* Calculate public key */
+	if (!DH_generate_key(dh))
+		goto dherr;
+
+	EVP_PKEY_assign_DH(pkey, dh);
+
+	ASN1_INTEGER_free(privkey);
+
+	return 1;
+
+	decerr:
+	DHerr(DH_F_DH_PRIV_DECODE, EVP_R_DECODE_ERROR);
+	dherr:
+	DH_free(dh);
+	return 0;
+	}
+
+static int dh_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey)
+{
+	ASN1_STRING *params = NULL;
+	ASN1_INTEGER *prkey = NULL;
+	unsigned char *dp = NULL;
+	int dplen;
+
+	params = ASN1_STRING_new();
+
+	if (!params)
+		{
+		DHerr(DH_F_DH_PRIV_ENCODE,ERR_R_MALLOC_FAILURE);
+		goto err;
+		}
+
+	params->length = i2d_DHparams(pkey->pkey.dh, &params->data);
+	if (params->length <= 0)
+		{
+		DHerr(DH_F_DH_PRIV_ENCODE,ERR_R_MALLOC_FAILURE);
+		goto err;
+		}
+	params->type = V_ASN1_SEQUENCE;
+
+	/* Get private key into integer */
+	prkey = BN_to_ASN1_INTEGER(pkey->pkey.dh->priv_key, NULL);
+
+	if (!prkey)
+		{
+		DHerr(DH_F_DH_PRIV_ENCODE,DH_R_BN_ERROR);
+		goto err;
+		}
+
+	dplen = i2d_ASN1_INTEGER(prkey, &dp);
+
+	ASN1_INTEGER_free(prkey);
+
+	if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(NID_dhKeyAgreement), 0,
+				V_ASN1_SEQUENCE, params, dp, dplen))
+		goto err;
+
+	return 1;
+
+err:
+	if (dp != NULL)
+		OPENSSL_free(dp);
+	if (params != NULL)
+		ASN1_STRING_free(params);
+	if (prkey != NULL)
+		ASN1_INTEGER_free(prkey);
+	return 0;
+}
+
+
+static void update_buflen(const BIGNUM *b, size_t *pbuflen)
+	{
+	size_t i;
+	if (!b)
+		return;
+	if (*pbuflen < (i = (size_t)BN_num_bytes(b)))
+			*pbuflen = i;
+	}
+
+static int dh_param_decode(EVP_PKEY *pkey,
+					const unsigned char **pder, int derlen)
+	{
+	DH *dh;
+	if (!(dh = d2i_DHparams(NULL, pder, derlen)))
+		{
+		DHerr(DH_F_DH_PARAM_DECODE, ERR_R_DH_LIB);
+		return 0;
+		}
+	EVP_PKEY_assign_DH(pkey, dh);
+	return 1;
+	}
+
+static int dh_param_encode(const EVP_PKEY *pkey, unsigned char **pder)
+	{
+	return i2d_DHparams(pkey->pkey.dh, pder);
+	}
+
+static int do_dh_print(BIO *bp, const DH *x, int indent,
+						ASN1_PCTX *ctx, int ptype)
+	{
+	unsigned char *m=NULL;
+	int reason=ERR_R_BUF_LIB,ret=0;
+	size_t buf_len=0;
+
+	const char *ktype = NULL;
+
+	BIGNUM *priv_key, *pub_key;
+
+	if (ptype == 2)
+		priv_key = x->priv_key;
+	else
+		priv_key = NULL;
+
+	if (ptype > 0)
+		pub_key = x->pub_key;
+	else
+		pub_key = NULL;
+
+	update_buflen(x->p, &buf_len);
+
+	if (buf_len == 0)
+		{
+		reason = ERR_R_PASSED_NULL_PARAMETER;
+		goto err;
+		}
+
+	update_buflen(x->g, &buf_len);
+	update_buflen(pub_key, &buf_len);
+	update_buflen(priv_key, &buf_len);
+
+	if (ptype == 2)
+		ktype = "PKCS#3 DH Private-Key";
+	else if (ptype == 1)
+		ktype = "PKCS#3 DH Public-Key";
+	else
+		ktype = "PKCS#3 DH Parameters";
+
+	m= OPENSSL_malloc(buf_len+10);
+	if (m == NULL)
+		{
+		reason=ERR_R_MALLOC_FAILURE;
+		goto err;
+		}
+
+	BIO_indent(bp, indent, 128);
+	if (BIO_printf(bp,"%s: (%d bit)\n", ktype, BN_num_bits(x->p)) <= 0)
+		goto err;
+	indent += 4;
+
+	if (!ASN1_bn_print(bp,"private-key:",priv_key,m,indent)) goto err;
+	if (!ASN1_bn_print(bp,"public-key:",pub_key,m,indent)) goto err;
+
+	if (!ASN1_bn_print(bp,"prime:",x->p,m,indent)) goto err;
+	if (!ASN1_bn_print(bp,"generator:",x->g,m,indent)) goto err;
+	if (x->length != 0)
+		{
+		BIO_indent(bp, indent, 128);
+		if (BIO_printf(bp,"recommended-private-length: %d bits\n",
+			(int)x->length) <= 0) goto err;
+		}
+
+
+	ret=1;
+	if (0)
+		{
+err:
+		DHerr(DH_F_DO_DH_PRINT,reason);
+		}
+	if (m != NULL) OPENSSL_free(m);
+	return(ret);
+	}
+
+static int int_dh_size(const EVP_PKEY *pkey)
+	{
+	return(DH_size(pkey->pkey.dh));
+	}
+
+static int dh_bits(const EVP_PKEY *pkey)
+	{
+	return BN_num_bits(pkey->pkey.dh->p);
+	}
+
+static int dh_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b)
+	{
+	if (	BN_cmp(a->pkey.dh->p,b->pkey.dh->p) ||
+		BN_cmp(a->pkey.dh->g,b->pkey.dh->g))
+		return 0;
+	else
+		return 1;
+	}
+
+static int dh_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from)
+	{
+	BIGNUM *a;
+
+	if ((a=BN_dup(from->pkey.dh->p)) == NULL)
+		return 0;
+	if (to->pkey.dh->p != NULL)
+		BN_free(to->pkey.dh->p);
+	to->pkey.dh->p=a;
+
+	if ((a=BN_dup(from->pkey.dh->g)) == NULL)
+		return 0;
+	if (to->pkey.dh->g != NULL)
+		BN_free(to->pkey.dh->g);
+	to->pkey.dh->g=a;
+
+	return 1;
+	}
+
+static int dh_missing_parameters(const EVP_PKEY *a)
+	{
+	if (!a->pkey.dh->p || !a->pkey.dh->g)
+		return 1;
+	return 0;
+	}
+
+static int dh_pub_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
+	{
+	if (dh_cmp_parameters(a, b) == 0)
+		return 0;
+	if (BN_cmp(b->pkey.dh->pub_key,a->pkey.dh->pub_key) != 0)
+		return 0;
+	else
+		return 1;
+	}
+
+static int dh_param_print(BIO *bp, const EVP_PKEY *pkey, int indent,
+							ASN1_PCTX *ctx)
+	{
+	return do_dh_print(bp, pkey->pkey.dh, indent, ctx, 0);
+	}
+
+static int dh_public_print(BIO *bp, const EVP_PKEY *pkey, int indent,
+							ASN1_PCTX *ctx)
+	{
+	return do_dh_print(bp, pkey->pkey.dh, indent, ctx, 1);
+	}
+
+static int dh_private_print(BIO *bp, const EVP_PKEY *pkey, int indent,
+							ASN1_PCTX *ctx)
+	{
+	return do_dh_print(bp, pkey->pkey.dh, indent, ctx, 2);
+	}
+
+int DHparams_print(BIO *bp, const DH *x)
+	{
+	return do_dh_print(bp, x, 4, NULL, 0);
+	}
+
+const EVP_PKEY_ASN1_METHOD dh_asn1_meth = 
+	{
+	EVP_PKEY_DH,
+	EVP_PKEY_DH,
+	0,
+
+	"DH",
+	"OpenSSL PKCS#3 DH method",
+
+	dh_pub_decode,
+	dh_pub_encode,
+	dh_pub_cmp,
+	dh_public_print,
+
+	dh_priv_decode,
+	dh_priv_encode,
+	dh_private_print,
+
+	int_dh_size,
+	dh_bits,
+
+	dh_param_decode,
+	dh_param_encode,
+	dh_missing_parameters,
+	dh_copy_parameters,
+	dh_cmp_parameters,
+	dh_param_print,
+
+	int_dh_free,
+	0
+	};
+
diff --git a/crypto/dh/dh_asn1.c b/crypto/dh/dh_asn1.c
index 769b5b68c5..0b4357d605 100644
--- a/crypto/dh/dh_asn1.c
+++ b/crypto/dh/dh_asn1.c
@@ -1,9 +1,9 @@
 /* dh_asn1.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2000.
  */
 /* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 2000-2005 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -64,7 +64,8 @@
 #include <openssl/asn1t.h>
 
 /* Override the default free and new methods */
-static int dh_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
+static int dh_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
+						void *exarg)
 {
 	if(operation == ASN1_OP_NEW_PRE) {
 		*pval = (ASN1_VALUE *)DH_new();
@@ -85,3 +86,8 @@ ASN1_SEQUENCE_cb(DHparams, dh_cb) = {
 } ASN1_SEQUENCE_END_cb(DH, DHparams)
 
 IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DH, DHparams, DHparams)
+
+DH *DHparams_dup(DH *dh)
+	{
+	return ASN1_item_dup(ASN1_ITEM_rptr(DHparams), dh);
+	}
diff --git a/crypto/dh/dh_check.c b/crypto/dh/dh_check.c
index bfc9c3ad76..066898174e 100644
--- a/crypto/dh/dh_check.c
+++ b/crypto/dh/dh_check.c
@@ -62,7 +62,7 @@
 #include <openssl/dh.h>
 
 /* Check that p is a safe prime and
- * if g is 2, 3 or 5, check that is is a suitable generator
+ * if g is 2, 3 or 5, check that it is a suitable generator
  * where
  * for 2, p mod 24 == 11
  * for 3, p mod 12 == 5
@@ -118,3 +118,25 @@ err:
 	if (q != NULL) BN_free(q);
 	return(ok);
 	}
+
+int DH_check_pub_key(const DH *dh, const BIGNUM *pub_key, int *ret)
+	{
+	int ok=0;
+	BIGNUM *q=NULL;
+
+	*ret=0;
+	q=BN_new();
+	if (q == NULL) goto err;
+	BN_set_word(q,1);
+	if (BN_cmp(pub_key,q)<=0)
+		*ret|=DH_CHECK_PUBKEY_TOO_SMALL;
+	BN_copy(q,dh->p);
+	BN_sub_word(q,1);
+	if (BN_cmp(pub_key,q)>=0)
+		*ret|=DH_CHECK_PUBKEY_TOO_LARGE;
+
+	ok = 1;
+err:
+	if (q != NULL) BN_free(q);
+	return(ok);
+	}
diff --git a/crypto/dh/dh_err.c b/crypto/dh/dh_err.c
index 443a741da6..d5cf0c22a3 100644
--- a/crypto/dh/dh_err.c
+++ b/crypto/dh/dh_err.c
@@ -1,6 +1,6 @@
 /* crypto/dh/dh_err.c */
 /* ====================================================================
- * Copyright (c) 1999-2002 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2006 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -61,25 +61,44 @@
 #include <stdio.h>
 #include <openssl/err.h>
 #include <openssl/dh.h>
-#include <openssl/opensslconf.h> /* To see if OPENSSL_NO_ERR is defined */
 
 /* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
+
+#define ERR_FUNC(func) ERR_PACK(ERR_LIB_DH,func,0)
+#define ERR_REASON(reason) ERR_PACK(ERR_LIB_DH,0,reason)
+
 static ERR_STRING_DATA DH_str_functs[]=
 	{
-{ERR_PACK(0,DH_F_DHPARAMS_PRINT,0),	"DHparams_print"},
-{ERR_PACK(0,DH_F_DHPARAMS_PRINT_FP,0),	"DHparams_print_fp"},
-{ERR_PACK(0,DH_F_DH_COMPUTE_KEY,0),	"DH_compute_key"},
-{ERR_PACK(0,DH_F_DH_GENERATE_KEY,0),	"DH_generate_key"},
-{ERR_PACK(0,DH_F_DH_GENERATE_PARAMETERS,0),	"DH_generate_parameters"},
-{ERR_PACK(0,DH_F_DH_NEW_METHOD,0),	"DH_new_method"},
+{ERR_FUNC(DH_F_COMPUTE_KEY),	"COMPUTE_KEY"},
+{ERR_FUNC(DH_F_DHPARAMS_PRINT_FP),	"DHparams_print_fp"},
+{ERR_FUNC(DH_F_DH_BUILTIN_GENPARAMS),	"DH_BUILTIN_GENPARAMS"},
+{ERR_FUNC(DH_F_DH_NEW_METHOD),	"DH_new_method"},
+{ERR_FUNC(DH_F_DH_PARAM_DECODE),	"DH_PARAM_DECODE"},
+{ERR_FUNC(DH_F_DH_PRIV_DECODE),	"DH_PRIV_DECODE"},
+{ERR_FUNC(DH_F_DH_PRIV_ENCODE),	"DH_PRIV_ENCODE"},
+{ERR_FUNC(DH_F_DH_PUB_DECODE),	"DH_PUB_DECODE"},
+{ERR_FUNC(DH_F_DH_PUB_ENCODE),	"DH_PUB_ENCODE"},
+{ERR_FUNC(DH_F_DO_DH_PRINT),	"DO_DH_PRINT"},
+{ERR_FUNC(DH_F_GENERATE_KEY),	"GENERATE_KEY"},
+{ERR_FUNC(DH_F_GENERATE_PARAMETERS),	"GENERATE_PARAMETERS"},
+{ERR_FUNC(DH_F_PKEY_DH_DERIVE),	"PKEY_DH_DERIVE"},
+{ERR_FUNC(DH_F_PKEY_DH_KEYGEN),	"PKEY_DH_KEYGEN"},
 {0,NULL}
 	};
 
 static ERR_STRING_DATA DH_str_reasons[]=
 	{
-{DH_R_BAD_GENERATOR                      ,"bad generator"},
-{DH_R_NO_PRIVATE_VALUE                   ,"no private value"},
+{ERR_REASON(DH_R_BAD_GENERATOR)          ,"bad generator"},
+{ERR_REASON(DH_R_BN_DECODE_ERROR)        ,"bn decode error"},
+{ERR_REASON(DH_R_BN_ERROR)               ,"bn error"},
+{ERR_REASON(DH_R_DECODE_ERROR)           ,"decode error"},
+{ERR_REASON(DH_R_INVALID_PUBKEY)         ,"invalid public key"},
+{ERR_REASON(DH_R_KEYS_NOT_SET)           ,"keys not set"},
+{ERR_REASON(DH_R_MODULUS_TOO_LARGE)      ,"modulus too large"},
+{ERR_REASON(DH_R_NO_PARAMETERS_SET)      ,"no parameters set"},
+{ERR_REASON(DH_R_NO_PRIVATE_VALUE)       ,"no private value"},
+{ERR_REASON(DH_R_PARAMETER_ENCODING_ERROR),"parameter encoding error"},
 {0,NULL}
 	};
 
@@ -87,15 +106,12 @@ static ERR_STRING_DATA DH_str_reasons[]=
 
 void ERR_load_DH_strings(void)
 	{
-	static int init=1;
-
-	if (init)
-		{
-		init=0;
 #ifndef OPENSSL_NO_ERR
-		ERR_load_strings(ERR_LIB_DH,DH_str_functs);
-		ERR_load_strings(ERR_LIB_DH,DH_str_reasons);
-#endif
 
+	if (ERR_func_error_string(DH_str_functs[0].error) == NULL)
+		{
+		ERR_load_strings(0,DH_str_functs);
+		ERR_load_strings(0,DH_str_reasons);
 		}
+#endif
 	}
diff --git a/crypto/dh/dh_gen.c b/crypto/dh/dh_gen.c
index 1f805073cf..cfd5b11868 100644
--- a/crypto/dh/dh_gen.c
+++ b/crypto/dh/dh_gen.c
@@ -119,7 +119,7 @@ static int dh_builtin_genparams(DH *ret, int prime_len, int generator, BN_GENCB
 	
 	if (generator <= 1)
 		{
-		DHerr(DH_F_DH_GENERATE_PARAMETERS, DH_R_BAD_GENERATOR);
+		DHerr(DH_F_DH_BUILTIN_GENPARAMS, DH_R_BAD_GENERATOR);
 		goto err;
 		}
 	if (generator == DH_GENERATOR_2)
@@ -162,7 +162,7 @@ static int dh_builtin_genparams(DH *ret, int prime_len, int generator, BN_GENCB
 err:
 	if (ok == -1)
 		{
-		DHerr(DH_F_DH_GENERATE_PARAMETERS,ERR_R_BN_LIB);
+		DHerr(DH_F_DH_BUILTIN_GENPARAMS,ERR_R_BN_LIB);
 		ok=0;
 		}
 
diff --git a/crypto/dh/dh_key.c b/crypto/dh/dh_key.c
index 48e7be45c5..e7db440342 100644
--- a/crypto/dh/dh_key.c
+++ b/crypto/dh/dh_key.c
@@ -104,7 +104,7 @@ static int generate_key(DH *dh)
 	int generate_new_key=0;
 	unsigned l;
 	BN_CTX *ctx;
-	BN_MONT_CTX *mont;
+	BN_MONT_CTX *mont=NULL;
 	BIGNUM *pub_key=NULL,*priv_key=NULL;
 
 	ctx = BN_CTX_new();
@@ -127,28 +127,43 @@ static int generate_key(DH *dh)
 	else
 		pub_key=dh->pub_key;
 
-	if ((dh->method_mont_p == NULL) && (dh->flags & DH_FLAG_CACHE_MONT_P))
+
+	if (dh->flags & DH_FLAG_CACHE_MONT_P)
 		{
-		if ((dh->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL)
-			if (!BN_MONT_CTX_set((BN_MONT_CTX *)dh->method_mont_p,
-				dh->p,ctx)) goto err;
+		mont = BN_MONT_CTX_set_locked(&dh->method_mont_p,
+				CRYPTO_LOCK_DH, dh->p, ctx);
+		if (!mont)
+			goto err;
 		}
-	mont=(BN_MONT_CTX *)dh->method_mont_p;
 
 	if (generate_new_key)
 		{
 		l = dh->length ? dh->length : BN_num_bits(dh->p)-1; /* secret exponent length */
 		if (!BN_rand(priv_key, l, 0, 0)) goto err;
 		}
-	if (!dh->meth->bn_mod_exp(dh, pub_key, dh->g, priv_key,dh->p,ctx,mont))
-		goto err;
+
+	{
+		BIGNUM local_prk;
+		BIGNUM *prk;
+
+		if ((dh->flags & DH_FLAG_NO_EXP_CONSTTIME) == 0)
+			{
+			BN_init(&local_prk);
+			prk = &local_prk;
+			BN_with_flags(prk, priv_key, BN_FLG_CONSTTIME);
+			}
+		else
+			prk = priv_key;
+
+		if (!dh->meth->bn_mod_exp(dh, pub_key, dh->g, prk, dh->p, ctx, mont)) goto err;
+	}
 		
 	dh->pub_key=pub_key;
 	dh->priv_key=priv_key;
 	ok=1;
 err:
 	if (ok != 1)
-		DHerr(DH_F_DH_GENERATE_KEY,ERR_R_BN_LIB);
+		DHerr(DH_F_GENERATE_KEY,ERR_R_BN_LIB);
 
 	if ((pub_key != NULL)  && (dh->pub_key == NULL))  BN_free(pub_key);
 	if ((priv_key != NULL) && (dh->priv_key == NULL)) BN_free(priv_key);
@@ -158,10 +173,17 @@ err:
 
 static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
 	{
-	BN_CTX *ctx;
-	BN_MONT_CTX *mont;
+	BN_CTX *ctx=NULL;
+	BN_MONT_CTX *mont=NULL;
 	BIGNUM *tmp;
 	int ret= -1;
+        int check_result;
+
+	if (BN_num_bits(dh->p) > OPENSSL_DH_MAX_MODULUS_BITS)
+		{
+		DHerr(DH_F_COMPUTE_KEY,DH_R_MODULUS_TOO_LARGE);
+		goto err;
+		}
 
 	ctx = BN_CTX_new();
 	if (ctx == NULL) goto err;
@@ -170,27 +192,42 @@ static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
 	
 	if (dh->priv_key == NULL)
 		{
-		DHerr(DH_F_DH_COMPUTE_KEY,DH_R_NO_PRIVATE_VALUE);
+		DHerr(DH_F_COMPUTE_KEY,DH_R_NO_PRIVATE_VALUE);
 		goto err;
 		}
-	if ((dh->method_mont_p == NULL) && (dh->flags & DH_FLAG_CACHE_MONT_P))
+
+	if (dh->flags & DH_FLAG_CACHE_MONT_P)
+		{
+		mont = BN_MONT_CTX_set_locked(&dh->method_mont_p,
+				CRYPTO_LOCK_DH, dh->p, ctx);
+		if ((dh->flags & DH_FLAG_NO_EXP_CONSTTIME) == 0)
+			{
+			/* XXX */
+			BN_set_flags(dh->priv_key, BN_FLG_CONSTTIME);
+			}
+		if (!mont)
+			goto err;
+		}
+
+        if (!DH_check_pub_key(dh, pub_key, &check_result) || check_result)
 		{
-		if ((dh->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL)
-			if (!BN_MONT_CTX_set((BN_MONT_CTX *)dh->method_mont_p,
-				dh->p,ctx)) goto err;
+		DHerr(DH_F_COMPUTE_KEY,DH_R_INVALID_PUBKEY);
+		goto err;
 		}
 
-	mont=(BN_MONT_CTX *)dh->method_mont_p;
 	if (!dh->meth->bn_mod_exp(dh, tmp, pub_key, dh->priv_key,dh->p,ctx,mont))
 		{
-		DHerr(DH_F_DH_COMPUTE_KEY,ERR_R_BN_LIB);
+		DHerr(DH_F_COMPUTE_KEY,ERR_R_BN_LIB);
 		goto err;
 		}
 
 	ret=BN_bn2bin(tmp,key);
 err:
-	BN_CTX_end(ctx);
-	BN_CTX_free(ctx);
+	if (ctx != NULL)
+		{
+		BN_CTX_end(ctx);
+		BN_CTX_free(ctx);
+		}
 	return(ret);
 	}
 
@@ -199,7 +236,10 @@ static int dh_bn_mod_exp(const DH *dh, BIGNUM *r,
 			const BIGNUM *m, BN_CTX *ctx,
 			BN_MONT_CTX *m_ctx)
 	{
-	if (a->top == 1)
+	/* If a is only one word long and constant time is false, use the faster
+	 * exponenentiation function.
+	 */
+	if (a->top == 1 && ((dh->flags & DH_FLAG_NO_EXP_CONSTTIME) != 0))
 		{
 		BN_ULONG A = a->d[0];
 		return BN_mod_exp_mont_word(r,A,p,m,ctx,m_ctx);
@@ -218,6 +258,6 @@ static int dh_init(DH *dh)
 static int dh_finish(DH *dh)
 	{
 	if(dh->method_mont_p)
-		BN_MONT_CTX_free((BN_MONT_CTX *)dh->method_mont_p);
+		BN_MONT_CTX_free(dh->method_mont_p);
 	return(1);
 	}
diff --git a/crypto/dh/dh_lib.c b/crypto/dh/dh_lib.c
index 09965ee2ea..7aef080e7a 100644
--- a/crypto/dh/dh_lib.c
+++ b/crypto/dh/dh_lib.c
@@ -64,7 +64,7 @@
 #include <openssl/engine.h>
 #endif
 
-const char *DH_version="Diffie-Hellman" OPENSSL_VERSION_PTEXT;
+const char DH_version[]="Diffie-Hellman" OPENSSL_VERSION_PTEXT;
 
 static const DH_METHOD *default_DH_method = NULL;
 
diff --git a/crypto/dh/dh_pmeth.c b/crypto/dh/dh_pmeth.c
new file mode 100644
index 0000000000..5ae72b7d4c
--- /dev/null
+++ b/crypto/dh/dh_pmeth.c
@@ -0,0 +1,254 @@
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project 2006.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/asn1t.h>
+#include <openssl/x509.h>
+#include <openssl/evp.h>
+#include <openssl/dh.h>
+#include <openssl/bn.h>
+#include "evp_locl.h"
+
+/* DH pkey context structure */
+
+typedef struct
+	{
+	/* Parameter gen parameters */
+	int prime_len;
+	int generator;
+	int use_dsa;
+	/* Keygen callback info */
+	int gentmp[2];
+	/* message digest */
+	} DH_PKEY_CTX;
+
+static int pkey_dh_init(EVP_PKEY_CTX *ctx)
+	{
+	DH_PKEY_CTX *dctx;
+	dctx = OPENSSL_malloc(sizeof(DH_PKEY_CTX));
+	if (!dctx)
+		return 0;
+	dctx->prime_len = 1024;
+	dctx->generator = 2;
+	dctx->use_dsa = 0;
+
+	ctx->data = dctx;
+	ctx->keygen_info = dctx->gentmp;
+	ctx->keygen_info_count = 2;
+	
+	return 1;
+	}
+
+static int pkey_dh_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
+	{
+	DH_PKEY_CTX *dctx, *sctx;
+	if (!pkey_dh_init(dst))
+		return 0;
+       	sctx = src->data;
+	dctx = dst->data;
+	dctx->prime_len = sctx->prime_len;
+	dctx->generator = sctx->generator;
+	dctx->use_dsa = sctx->use_dsa;
+	return 1;
+	}
+
+static void pkey_dh_cleanup(EVP_PKEY_CTX *ctx)
+	{
+	DH_PKEY_CTX *dctx = ctx->data;
+	if (dctx)
+		OPENSSL_free(dctx);
+	}
+
+static int pkey_dh_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
+	{
+	DH_PKEY_CTX *dctx = ctx->data;
+	switch (type)
+		{
+		case EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN:
+		if (p1 < 256)
+			return -2;
+		dctx->prime_len = p1;
+		return 1;
+
+		case EVP_PKEY_CTRL_DH_PARAMGEN_GENERATOR:
+		dctx->generator = p1;
+		return 1;
+
+		case EVP_PKEY_CTRL_PEER_KEY:
+		/* Default behaviour is OK */
+		return 1;
+
+		default:
+		return -2;
+
+		}
+	}
+
+			
+static int pkey_dh_ctrl_str(EVP_PKEY_CTX *ctx,
+			const char *type, const char *value)
+	{
+	if (!strcmp(type, "dh_paramgen_prime_len"))
+		{
+		int len;
+		len = atoi(value);
+		return EVP_PKEY_CTX_set_dh_paramgen_prime_len(ctx, len);
+		}
+	if (!strcmp(type, "dh_paramgen_generator"))
+		{
+		int len;
+		len = atoi(value);
+		return EVP_PKEY_CTX_set_dh_paramgen_generator(ctx, len);
+		}
+	return -2;
+	}
+
+static int pkey_dh_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
+	{
+	DH *dh = NULL;
+	DH_PKEY_CTX *dctx = ctx->data;
+	BN_GENCB *pcb, cb;
+	int ret;
+	if (ctx->pkey_gencb)
+		{
+		pcb = &cb;
+		evp_pkey_set_cb_translate(pcb, ctx);
+		}
+	else
+		pcb = NULL;
+	dh = DH_new();
+	if (!dh)
+		return 0;
+	ret = DH_generate_parameters_ex(dh,
+					dctx->prime_len, dctx->generator, pcb);
+	if (ret)
+		EVP_PKEY_assign_DH(pkey, dh);
+	else
+		DH_free(dh);
+	return ret;
+	}
+
+static int pkey_dh_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
+	{
+	DH *dh = NULL;
+	if (ctx->pkey == NULL)
+		{
+		DHerr(DH_F_PKEY_DH_KEYGEN, DH_R_NO_PARAMETERS_SET);
+		return 0;
+		}
+	dh = DH_new();
+	if (!dh)
+		return 0;
+	EVP_PKEY_assign_DH(pkey, dh);
+	/* Note: if error return, pkey is freed by parent routine */
+	if (!EVP_PKEY_copy_parameters(pkey, ctx->pkey))
+		return 0;
+	return DH_generate_key(pkey->pkey.dh);
+	}
+
+static int pkey_dh_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen)
+	{
+	int ret;
+	if (!ctx->pkey || !ctx->peerkey)
+		{
+		DHerr(DH_F_PKEY_DH_DERIVE, DH_R_KEYS_NOT_SET);
+		return 0;
+		}
+	ret = DH_compute_key(key, ctx->peerkey->pkey.dh->pub_key,
+							ctx->pkey->pkey.dh);
+	if (ret < 0)
+		return ret;
+	*keylen = ret;
+	return 1;
+	}
+
+const EVP_PKEY_METHOD dh_pkey_meth = 
+	{
+	EVP_PKEY_DH,
+	EVP_PKEY_FLAG_AUTOARGLEN,
+	pkey_dh_init,
+	pkey_dh_copy,
+	pkey_dh_cleanup,
+
+	0,
+	pkey_dh_paramgen,
+
+	0,
+	pkey_dh_keygen,
+
+	0,
+	0,
+
+	0,
+	0,
+
+	0,0,
+
+	0,0,0,0,
+
+	0,0,
+
+	0,0,
+
+	0,
+	pkey_dh_derive,
+
+	pkey_dh_ctrl,
+	pkey_dh_ctrl_str
+
+	};
diff --git a/crypto/asn1/a_meth.c b/crypto/dh/dh_prn.c
index 63158e9cab..ae58c2ac87 100644
--- a/crypto/asn1/a_meth.c
+++ b/crypto/dh/dh_prn.c
@@ -1,4 +1,4 @@
-/* crypto/asn1/a_meth.c */
+/* crypto/asn1/t_pkey.c */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -58,27 +58,23 @@
 
 #include <stdio.h>
 #include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/asn1.h>
+#include <openssl/evp.h>
+#include <openssl/dh.h>
 
-static  ASN1_METHOD ia5string_meth={
-	(int (*)())	i2d_ASN1_IA5STRING,
-	(char *(*)())	d2i_ASN1_IA5STRING,
-	(char *(*)())	ASN1_STRING_new,
-	(void (*)())	ASN1_STRING_free};
-
-static  ASN1_METHOD bit_string_meth={
-	(int (*)())	i2d_ASN1_BIT_STRING,
-	(char *(*)())	d2i_ASN1_BIT_STRING,
-	(char *(*)())	ASN1_STRING_new,
-	(void (*)())	ASN1_STRING_free};
-
-ASN1_METHOD *ASN1_IA5STRING_asn1_meth(void)
+#ifndef OPENSSL_NO_FP_API
+int DHparams_print_fp(FILE *fp, const DH *x)
 	{
-	return(&ia5string_meth);
-	}
+	BIO *b;
+	int ret;
 
-ASN1_METHOD *ASN1_BIT_STRING_asn1_meth(void)
-	{
-	return(&bit_string_meth);
+	if ((b=BIO_new(BIO_s_file())) == NULL)
+		{
+		DHerr(DH_F_DHPARAMS_PRINT_FP,ERR_R_BUF_LIB);
+		return(0);
+		}
+	BIO_set_fp(b,fp,BIO_NOCLOSE);
+	ret=DHparams_print(b, x);
+	BIO_free(b);
+	return(ret);
 	}
+#endif
diff --git a/crypto/dh/dhtest.c b/crypto/dh/dhtest.c
index 1b193649d3..882f5c310a 100644
--- a/crypto/dh/dhtest.c
+++ b/crypto/dh/dhtest.c
@@ -145,6 +145,10 @@ int main(int argc, char *argv[])
 	b->g=BN_dup(a->g);
 	if ((b->p == NULL) || (b->g == NULL)) goto err;
 
+	/* Set a to run with normal modexp and b to use constant time */
+	a->flags &= ~DH_FLAG_NO_EXP_CONSTTIME;
+	b->flags |= DH_FLAG_NO_EXP_CONSTTIME;
+
 	if (!DH_generate_key(a)) goto err;
 	BIO_puts(out,"pri 1=");
 	BN_print(out,a->priv_key);
diff --git a/crypto/dsa/.cvsignore b/crypto/dsa/.cvsignore
index c6d03a9dbc..439e6d3eb6 100644
--- a/crypto/dsa/.cvsignore
+++ b/crypto/dsa/.cvsignore
@@ -1,2 +1,4 @@
 lib
 Makefile.save
+*.flc
+semantic.cache
diff --git a/crypto/dsa/Makefile.ssl b/crypto/dsa/Makefile.ssl
deleted file mode 100644
index 0ce7445cb9..0000000000
--- a/crypto/dsa/Makefile.ssl
+++ /dev/null
@@ -1,169 +0,0 @@
-#
-# SSLeay/crypto/dsa/Makefile
-#
-
-DIR=	dsa
-TOP=	../..
-CC=	cc
-INCLUDES= -I.. -I$(TOP) -I../../include
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=dsatest.c
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC= dsa_gen.c dsa_key.c dsa_lib.c dsa_asn1.c dsa_vrf.c dsa_sign.c \
-	dsa_err.c dsa_ossl.c dsa_depr.c
-LIBOBJ= dsa_gen.o dsa_key.o dsa_lib.o dsa_asn1.o dsa_vrf.o dsa_sign.o \
-	dsa_err.o dsa_ossl.o dsa_depr.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= dsa.h
-HEADER=	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@sh $(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-dsa_asn1.o: ../../e_os.h ../../include/openssl/asn1.h
-dsa_asn1.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
-dsa_asn1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-dsa_asn1.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-dsa_asn1.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-dsa_asn1.o: ../../include/openssl/opensslconf.h
-dsa_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-dsa_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-dsa_asn1.o: ../../include/openssl/symhacks.h ../cryptlib.h dsa_asn1.c
-dsa_depr.o: ../../e_os.h ../../include/openssl/asn1.h
-dsa_depr.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-dsa_depr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-dsa_depr.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-dsa_depr.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-dsa_depr.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-dsa_depr.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-dsa_depr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-dsa_depr.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
-dsa_depr.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-dsa_depr.o: ../../include/openssl/symhacks.h ../cryptlib.h dsa_depr.c
-dsa_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
-dsa_err.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-dsa_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-dsa_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-dsa_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-dsa_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-dsa_err.o: dsa_err.c
-dsa_gen.o: ../../e_os.h ../../include/openssl/asn1.h
-dsa_gen.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-dsa_gen.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-dsa_gen.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-dsa_gen.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-dsa_gen.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-dsa_gen.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-dsa_gen.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-dsa_gen.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
-dsa_gen.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-dsa_gen.o: ../../include/openssl/symhacks.h ../cryptlib.h dsa_gen.c
-dsa_key.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
-dsa_key.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-dsa_key.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-dsa_key.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-dsa_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-dsa_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
-dsa_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-dsa_key.o: ../../include/openssl/symhacks.h ../cryptlib.h dsa_key.c
-dsa_lib.o: ../../e_os.h ../../include/openssl/asn1.h
-dsa_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-dsa_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-dsa_lib.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-dsa_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
-dsa_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-dsa_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-dsa_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-dsa_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-dsa_lib.o: ../cryptlib.h dsa_lib.c
-dsa_ossl.o: ../../e_os.h ../../include/openssl/asn1.h
-dsa_ossl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-dsa_ossl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-dsa_ossl.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-dsa_ossl.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-dsa_ossl.o: ../../include/openssl/opensslconf.h
-dsa_ossl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-dsa_ossl.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
-dsa_ossl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-dsa_ossl.o: ../cryptlib.h dsa_ossl.c
-dsa_sign.o: ../../e_os.h ../../include/openssl/asn1.h
-dsa_sign.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-dsa_sign.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-dsa_sign.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-dsa_sign.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-dsa_sign.o: ../../include/openssl/opensslconf.h
-dsa_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-dsa_sign.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
-dsa_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-dsa_sign.o: ../cryptlib.h dsa_sign.c
-dsa_vrf.o: ../../e_os.h ../../include/openssl/asn1.h
-dsa_vrf.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h
-dsa_vrf.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-dsa_vrf.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h
-dsa_vrf.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-dsa_vrf.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-dsa_vrf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-dsa_vrf.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
-dsa_vrf.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-dsa_vrf.o: ../cryptlib.h dsa_vrf.c
diff --git a/crypto/dsa/dsa.h b/crypto/dsa/dsa.h
index 068e18cb18..ac50a5c846 100644
--- a/crypto/dsa/dsa.h
+++ b/crypto/dsa/dsa.h
@@ -84,7 +84,18 @@
 #endif
 #endif
 
+#ifndef OPENSSL_DSA_MAX_MODULUS_BITS
+# define OPENSSL_DSA_MAX_MODULUS_BITS	10000
+#endif
+
 #define DSA_FLAG_CACHE_MONT_P	0x01
+#define DSA_FLAG_NO_EXP_CONSTTIME       0x02 /* new with 0.9.7h; the built-in DSA
+                                              * implementation now uses constant time
+                                              * modular exponentiation for secret exponents
+                                              * by default. This flag causes the
+                                              * faster variable sliding window method to
+                                              * be used for all exponents.
+                                              */
 
 #ifdef  __cplusplus
 extern "C" {
@@ -107,7 +118,7 @@ struct dsa_method
 	int (*dsa_sign_setup)(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
 								BIGNUM **rp);
 	int (*dsa_do_verify)(const unsigned char *dgst, int dgst_len,
-							DSA_SIG *sig, DSA *dsa);
+			     DSA_SIG *sig, DSA *dsa);
 	int (*dsa_mod_exp)(DSA *dsa, BIGNUM *rr, BIGNUM *a1, BIGNUM *p1,
 			BIGNUM *a2, BIGNUM *p2, BIGNUM *m, BN_CTX *ctx,
 			BN_MONT_CTX *in_mont);
@@ -120,7 +131,7 @@ struct dsa_method
 	char *app_data;
 	/* If this is non-NULL, it is used to generate DSA parameters */
 	int (*dsa_paramgen)(DSA *dsa, int bits,
-			unsigned char *seed, int seed_len,
+			const unsigned char *seed, int seed_len,
 			int *counter_ret, unsigned long *h_ret,
 			BN_GENCB *cb);
 	/* If this is non-NULL, it is used to generate DSA keys */
@@ -146,7 +157,7 @@ struct dsa_st
 
 	int flags;
 	/* Normally used to cache montgomery values */
-	char *method_mont_p;
+	BN_MONT_CTX *method_mont_p;
 	int references;
 	CRYPTO_EX_DATA ex_data;
 	const DSA_METHOD *meth;
@@ -154,18 +165,15 @@ struct dsa_st
 	ENGINE *engine;
 	};
 
-#define DSAparams_dup(x) (DSA *)ASN1_dup((int (*)())i2d_DSAparams, \
-		(char *(*)())d2i_DSAparams,(char *)(x))
 #define d2i_DSAparams_fp(fp,x) (DSA *)ASN1_d2i_fp((char *(*)())DSA_new, \
 		(char *(*)())d2i_DSAparams,(fp),(unsigned char **)(x))
 #define i2d_DSAparams_fp(fp,x) ASN1_i2d_fp(i2d_DSAparams,(fp), \
 		(unsigned char *)(x))
-#define d2i_DSAparams_bio(bp,x) (DSA *)ASN1_d2i_bio((char *(*)())DSA_new, \
-		(char *(*)())d2i_DSAparams,(bp),(unsigned char **)(x))
-#define i2d_DSAparams_bio(bp,x) ASN1_i2d_bio(i2d_DSAparams,(bp), \
-		(unsigned char *)(x))
+#define d2i_DSAparams_bio(bp,x) ASN1_d2i_bio_of(DSA,DSA_new,d2i_DSAparams,bp,x)
+#define i2d_DSAparams_bio(bp,x) ASN1_i2d_bio_of_const(DSA,i2d_DSAparams,bp,x)
 
 
+DSA *DSAparams_dup(DSA *x);
 DSA_SIG * DSA_SIG_new(void);
 void	DSA_SIG_free(DSA_SIG *a);
 int	i2d_DSA_SIG(const DSA_SIG *a, unsigned char **pp);
@@ -212,7 +220,7 @@ DSA *	DSA_generate_parameters(int bits,
 
 /* New version */
 int	DSA_generate_parameters_ex(DSA *dsa, int bits,
-		unsigned char *seed,int seed_len,
+		const unsigned char *seed,int seed_len,
 		int *counter_ret, unsigned long *h_ret, BN_GENCB *cb);
 
 int	DSA_generate_key(DSA *a);
@@ -241,6 +249,14 @@ int	DSA_print_fp(FILE *bp, const DSA *x, int off);
 DH *DSA_dup_DH(const DSA *r);
 #endif
 
+#define EVP_PKEY_CTX_set_dsa_paramgen_bits(ctx, nbits) \
+	EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DSA, EVP_PKEY_OP_PARAMGEN, \
+				EVP_PKEY_CTRL_DSA_PARAMGEN_BITS, nbits, NULL)
+
+#define	EVP_PKEY_CTRL_DSA_PARAMGEN_BITS		(EVP_PKEY_ALG_CTRL + 1)
+#define	EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS	(EVP_PKEY_ALG_CTRL + 2)
+#define	EVP_PKEY_CTRL_DSA_PARAMGEN_MD		(EVP_PKEY_ALG_CTRL + 3)
+
 /* BEGIN ERROR CODES */
 /* The following lines are auto generated by the script mkerr.pl. Any changes
  * made after this point may be overwritten when the script is next run.
@@ -251,23 +267,39 @@ void ERR_load_DSA_strings(void);
 
 /* Function codes. */
 #define DSA_F_D2I_DSA_SIG				 110
+#define DSA_F_DO_DSA_PRINT				 104
 #define DSA_F_DSAPARAMS_PRINT				 100
 #define DSA_F_DSAPARAMS_PRINT_FP			 101
 #define DSA_F_DSA_DO_SIGN				 112
 #define DSA_F_DSA_DO_VERIFY				 113
 #define DSA_F_DSA_NEW_METHOD				 103
-#define DSA_F_DSA_PRINT					 104
+#define DSA_F_DSA_PARAM_DECODE				 119
 #define DSA_F_DSA_PRINT_FP				 105
+#define DSA_F_DSA_PRIV_DECODE				 115
+#define DSA_F_DSA_PRIV_ENCODE				 116
+#define DSA_F_DSA_PUB_DECODE				 117
+#define DSA_F_DSA_PUB_ENCODE				 118
 #define DSA_F_DSA_SIGN					 106
 #define DSA_F_DSA_SIGN_SETUP				 107
 #define DSA_F_DSA_SIG_NEW				 109
 #define DSA_F_DSA_VERIFY				 108
 #define DSA_F_I2D_DSA_SIG				 111
+#define DSA_F_OLD_DSA_PRIV_DECODE			 122
+#define DSA_F_PKEY_DSA_CTRL				 120
+#define DSA_F_PKEY_DSA_KEYGEN				 121
 #define DSA_F_SIG_CB					 114
 
 /* Reason codes. */
+#define DSA_R_BAD_Q_VALUE				 102
+#define DSA_R_BN_DECODE_ERROR				 108
+#define DSA_R_BN_ERROR					 109
 #define DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE		 100
+#define DSA_R_DECODE_ERROR				 104
+#define DSA_R_INVALID_DIGEST_TYPE			 106
 #define DSA_R_MISSING_PARAMETERS			 101
+#define DSA_R_MODULUS_TOO_LARGE				 103
+#define DSA_R_NO_PARAMETERS_SET				 107
+#define DSA_R_PARAMETER_ENCODING_ERROR			 105
 
 #ifdef  __cplusplus
 }
diff --git a/crypto/dsa/dsa_ameth.c b/crypto/dsa/dsa_ameth.c
new file mode 100644
index 0000000000..5482330c84
--- /dev/null
+++ b/crypto/dsa/dsa_ameth.c
@@ -0,0 +1,657 @@
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project 2006.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/x509.h>
+#include <openssl/asn1.h>
+#include <openssl/dsa.h>
+#include <openssl/bn.h>
+#ifndef OPENSSL_NO_CMS
+#include <openssl/cms.h>
+#endif
+#include "asn1_locl.h"
+
+static int dsa_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey)
+	{
+	const unsigned char *p, *pm;
+	int pklen, pmlen;
+	int ptype;
+	void *pval;
+	ASN1_STRING *pstr;
+	X509_ALGOR *palg;
+	ASN1_INTEGER *public_key = NULL;
+
+	DSA *dsa = NULL;
+
+	if (!X509_PUBKEY_get0_param(NULL, &p, &pklen, &palg, pubkey))
+		return 0;
+	X509_ALGOR_get0(NULL, &ptype, &pval, palg);
+
+
+	if (ptype == V_ASN1_SEQUENCE)
+		{
+		pstr = pval;	
+		pm = pstr->data;
+		pmlen = pstr->length;
+
+		if (!(dsa = d2i_DSAparams(NULL, &pm, pmlen)))
+			{
+			DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_DECODE_ERROR);
+			goto err;
+			}
+
+		}
+	else if ((ptype == V_ASN1_NULL) || (ptype == V_ASN1_UNDEF))
+		{
+		if (!(dsa = DSA_new()))
+			{
+			DSAerr(DSA_F_DSA_PUB_DECODE, ERR_R_MALLOC_FAILURE);
+			goto err;
+			}
+		}
+	else
+		{
+		DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_PARAMETER_ENCODING_ERROR);
+		goto err;
+		}
+
+	if (!(public_key=d2i_ASN1_INTEGER(NULL, &p, pklen)))
+		{
+		DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_DECODE_ERROR);
+		goto err;
+		}
+
+	if (!(dsa->pub_key = ASN1_INTEGER_to_BN(public_key, NULL)))
+		{
+		DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_BN_DECODE_ERROR);
+		goto err;
+		}
+
+	ASN1_INTEGER_free(public_key);
+	EVP_PKEY_assign_DSA(pkey, dsa);
+	return 1;
+
+	err:
+	if (public_key)
+		ASN1_INTEGER_free(public_key);
+	if (dsa)
+		DSA_free(dsa);
+	return 0;
+
+	}
+
+static int dsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey)
+	{
+	DSA *dsa;
+	void *pval = NULL;
+	int ptype;
+	unsigned char *penc = NULL;
+	int penclen;
+
+	dsa=pkey->pkey.dsa;
+	if (pkey->save_parameters && dsa->p && dsa->q && dsa->g)
+		{
+		ASN1_STRING *str;
+		str = ASN1_STRING_new();
+		str->length = i2d_DSAparams(dsa, &str->data);
+		if (str->length <= 0)
+			{
+			DSAerr(DSA_F_DSA_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
+			goto err;
+			}
+		pval = str;
+		ptype = V_ASN1_SEQUENCE;
+		}
+	else
+		ptype = V_ASN1_UNDEF;
+
+	dsa->write_params=0;
+
+	penclen = i2d_DSAPublicKey(dsa, &penc);
+
+	if (penclen <= 0)
+		{
+		DSAerr(DSA_F_DSA_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
+		goto err;
+		}
+
+	if (X509_PUBKEY_set0_param(pk, OBJ_nid2obj(EVP_PKEY_DSA),
+				ptype, pval, penc, penclen))
+		return 1;
+
+	err:
+	if (penc)
+		OPENSSL_free(penc);
+	if (pval)
+		ASN1_STRING_free(pval);
+
+	return 0;
+	}
+
+/* In PKCS#8 DSA: you just get a private key integer and parameters in the
+ * AlgorithmIdentifier the pubkey must be recalculated.
+ */
+	
+static int dsa_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8)
+	{
+	const unsigned char *p, *pm;
+	int pklen, pmlen;
+	int ptype;
+	void *pval;
+	ASN1_STRING *pstr;
+	X509_ALGOR *palg;
+	ASN1_INTEGER *privkey = NULL;
+	BN_CTX *ctx = NULL;
+
+	STACK_OF(ASN1_TYPE) *ndsa = NULL;
+	DSA *dsa = NULL;
+
+	if (!PKCS8_pkey_get0(NULL, &p, &pklen, &palg, p8))
+		return 0;
+	X509_ALGOR_get0(NULL, &ptype, &pval, palg);
+
+	/* Check for broken DSA PKCS#8, UGH! */
+	if (*p == (V_ASN1_SEQUENCE|V_ASN1_CONSTRUCTED))
+		{
+		ASN1_TYPE *t1, *t2;
+	    	if(!(ndsa = d2i_ASN1_SEQUENCE_ANY(NULL, &p, pklen)));
+			goto decerr;
+		if (sk_ASN1_TYPE_num(ndsa) != 2)
+			goto decerr;
+		/* Handle Two broken types:
+	    	 * SEQUENCE {parameters, priv_key}
+		 * SEQUENCE {pub_key, priv_key}
+		 */
+
+		t1 = sk_ASN1_TYPE_value(ndsa, 0);
+		t2 = sk_ASN1_TYPE_value(ndsa, 1);
+		if (t1->type == V_ASN1_SEQUENCE)
+			{
+			p8->broken = PKCS8_EMBEDDED_PARAM;
+			pval = t1->value.ptr;
+			}
+		else if (ptype == V_ASN1_SEQUENCE)
+			p8->broken = PKCS8_NS_DB;
+		else
+			goto decerr;
+
+		if (t2->type != V_ASN1_INTEGER)
+			goto decerr;
+
+		privkey = t2->value.integer;
+		}
+	else
+		{
+		const unsigned char *q = p;
+		if (!(privkey=d2i_ASN1_INTEGER(NULL, &p, pklen)))
+			goto decerr;
+		if (privkey->type == V_ASN1_NEG_INTEGER)
+			{
+			p8->broken = PKCS8_NEG_PRIVKEY;
+			ASN1_INTEGER_free(privkey);
+			if (!(privkey=d2i_ASN1_UINTEGER(NULL, &q, pklen)))
+				goto decerr;
+			}
+		if (ptype != V_ASN1_SEQUENCE)
+			goto decerr;
+		}
+
+	pstr = pval;	
+	pm = pstr->data;
+	pmlen = pstr->length;
+	if (!(dsa = d2i_DSAparams(NULL, &pm, pmlen)))
+		goto decerr;
+	/* We have parameters now set private key */
+	if (!(dsa->priv_key = ASN1_INTEGER_to_BN(privkey, NULL)))
+		{
+		DSAerr(DSA_F_DSA_PRIV_DECODE,DSA_R_BN_ERROR);
+		goto dsaerr;
+		}
+	/* Calculate public key */
+	if (!(dsa->pub_key = BN_new()))
+		{
+		DSAerr(DSA_F_DSA_PRIV_DECODE, ERR_R_MALLOC_FAILURE);
+		goto dsaerr;
+		}
+	if (!(ctx = BN_CTX_new()))
+		{
+		DSAerr(DSA_F_DSA_PRIV_DECODE, ERR_R_MALLOC_FAILURE);
+		goto dsaerr;
+		}
+			
+	if (!BN_mod_exp(dsa->pub_key, dsa->g, dsa->priv_key, dsa->p, ctx))
+		{
+		DSAerr(DSA_F_DSA_PRIV_DECODE,DSA_R_BN_ERROR);
+		goto dsaerr;
+		}
+
+	EVP_PKEY_assign_DSA(pkey, dsa);
+	BN_CTX_free (ctx);
+	if(ndsa)
+		sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
+	else
+		ASN1_INTEGER_free(privkey);
+
+	return 1;
+
+	decerr:
+	DSAerr(DSA_F_DSA_PRIV_DECODE, EVP_R_DECODE_ERROR);
+	dsaerr:
+	BN_CTX_free (ctx);
+	if (privkey)
+		ASN1_INTEGER_free(privkey);
+	sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
+	DSA_free(dsa);
+	return 0;
+	}
+
+static int dsa_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey)
+{
+	ASN1_STRING *params = NULL;
+	ASN1_INTEGER *prkey = NULL;
+	unsigned char *dp = NULL;
+	int dplen;
+
+	params = ASN1_STRING_new();
+
+	if (!params)
+		{
+		DSAerr(DSA_F_DSA_PRIV_ENCODE,ERR_R_MALLOC_FAILURE);
+		goto err;
+		}
+
+	params->length = i2d_DSAparams(pkey->pkey.dsa, &params->data);
+	if (params->length <= 0)
+		{
+		DSAerr(DSA_F_DSA_PRIV_ENCODE,ERR_R_MALLOC_FAILURE);
+		goto err;
+		}
+	params->type = V_ASN1_SEQUENCE;
+
+	/* Get private key into integer */
+	prkey = BN_to_ASN1_INTEGER(pkey->pkey.dsa->priv_key, NULL);
+
+	if (!prkey)
+		{
+		DSAerr(DSA_F_DSA_PRIV_ENCODE,DSA_R_BN_ERROR);
+		goto err;
+		}
+
+	dplen = i2d_ASN1_INTEGER(prkey, &dp);
+
+	ASN1_INTEGER_free(prkey);
+
+	if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(NID_dsa), 0,
+				V_ASN1_SEQUENCE, params, dp, dplen))
+		goto err;
+
+	return 1;
+
+err:
+	if (dp != NULL)
+		OPENSSL_free(dp);
+	if (params != NULL)
+		ASN1_STRING_free(params);
+	if (prkey != NULL)
+		ASN1_INTEGER_free(prkey);
+	return 0;
+}
+
+static int int_dsa_size(const EVP_PKEY *pkey)
+	{
+	return(DSA_size(pkey->pkey.dsa));
+	}
+
+static int dsa_bits(const EVP_PKEY *pkey)
+	{
+	return BN_num_bits(pkey->pkey.dsa->p);
+	}
+
+static int dsa_missing_parameters(const EVP_PKEY *pkey)
+	{
+	DSA *dsa;
+	dsa=pkey->pkey.dsa;
+	if ((dsa->p == NULL) || (dsa->q == NULL) || (dsa->g == NULL))
+			return 1;
+	return 0;
+	}
+
+static int dsa_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from)
+	{
+	BIGNUM *a;
+
+	if ((a=BN_dup(from->pkey.dsa->p)) == NULL)
+		return 0;
+	if (to->pkey.dsa->p != NULL)
+		BN_free(to->pkey.dsa->p);
+	to->pkey.dsa->p=a;
+
+	if ((a=BN_dup(from->pkey.dsa->q)) == NULL)
+		return 0;
+	if (to->pkey.dsa->q != NULL)
+		BN_free(to->pkey.dsa->q);
+	to->pkey.dsa->q=a;
+
+	if ((a=BN_dup(from->pkey.dsa->g)) == NULL)
+		return 0;
+	if (to->pkey.dsa->g != NULL)
+		BN_free(to->pkey.dsa->g);
+	to->pkey.dsa->g=a;
+	return 1;
+	}
+
+static int dsa_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b)
+	{
+	if (	BN_cmp(a->pkey.dsa->p,b->pkey.dsa->p) ||
+		BN_cmp(a->pkey.dsa->q,b->pkey.dsa->q) ||
+		BN_cmp(a->pkey.dsa->g,b->pkey.dsa->g))
+		return 0;
+	else
+		return 1;
+	}
+
+static int dsa_pub_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
+	{
+	if (BN_cmp(b->pkey.dsa->pub_key,a->pkey.dsa->pub_key) != 0)
+		return 0;
+	else
+		return 1;
+	}
+
+static void int_dsa_free(EVP_PKEY *pkey)
+	{
+	DSA_free(pkey->pkey.dsa);
+	}
+
+static void update_buflen(const BIGNUM *b, size_t *pbuflen)
+	{
+	size_t i;
+	if (!b)
+		return;
+	if (*pbuflen < (i = (size_t)BN_num_bytes(b)))
+			*pbuflen = i;
+	}
+
+static int do_dsa_print(BIO *bp, const DSA *x, int off, int ptype)
+	{
+	unsigned char *m=NULL;
+	int ret=0;
+	size_t buf_len=0;
+	const char *ktype = NULL;
+
+	const BIGNUM *priv_key, *pub_key;
+
+	if (ptype == 2)
+		priv_key = x->priv_key;
+	else
+		priv_key = NULL;
+
+	if (ptype > 0)
+		pub_key = x->pub_key;
+	else
+		pub_key = NULL;
+
+	if (ptype == 2)
+		ktype = "Private-Key";
+	else if (ptype == 1)
+		ktype = "Public-Key";
+	else
+		ktype = "DSA-Parameters";
+
+	update_buflen(x->p, &buf_len);
+	update_buflen(x->q, &buf_len);
+	update_buflen(x->g, &buf_len);
+	update_buflen(priv_key, &buf_len);
+	update_buflen(pub_key, &buf_len);
+
+	m=(unsigned char *)OPENSSL_malloc(buf_len+10);
+	if (m == NULL)
+		{
+		DSAerr(DSA_F_DO_DSA_PRINT,ERR_R_MALLOC_FAILURE);
+		goto err;
+		}
+
+	if (priv_key)
+		{
+		if(!BIO_indent(bp,off,128))
+		   goto err;
+		if (BIO_printf(bp,"%s: (%d bit)\n",ktype, BN_num_bits(x->p))
+			<= 0) goto err;
+		}
+
+	if (!ASN1_bn_print(bp,"priv:",priv_key,m,off))
+		goto err;
+	if (!ASN1_bn_print(bp,"pub: ",pub_key,m,off))
+		goto err;
+	if (!ASN1_bn_print(bp,"P:   ",x->p,m,off)) goto err;
+	if (!ASN1_bn_print(bp,"Q:   ",x->q,m,off)) goto err;
+	if (!ASN1_bn_print(bp,"G:   ",x->g,m,off)) goto err;
+	ret=1;
+err:
+	if (m != NULL) OPENSSL_free(m);
+	return(ret);
+	}
+
+static int dsa_param_decode(EVP_PKEY *pkey,
+					const unsigned char **pder, int derlen)
+	{
+	DSA *dsa;
+	if (!(dsa = d2i_DSAparams(NULL, pder, derlen)))
+		{
+		DSAerr(DSA_F_DSA_PARAM_DECODE, ERR_R_DSA_LIB);
+		return 0;
+		}
+	EVP_PKEY_assign_DSA(pkey, dsa);
+	return 1;
+	}
+
+static int dsa_param_encode(const EVP_PKEY *pkey, unsigned char **pder)
+	{
+	return i2d_DSAparams(pkey->pkey.dsa, pder);
+	}
+
+static int dsa_param_print(BIO *bp, const EVP_PKEY *pkey, int indent,
+							ASN1_PCTX *ctx)
+	{
+	return do_dsa_print(bp, pkey->pkey.dsa, indent, 0);
+	}
+
+static int dsa_pub_print(BIO *bp, const EVP_PKEY *pkey, int indent,
+							ASN1_PCTX *ctx)
+	{
+	return do_dsa_print(bp, pkey->pkey.dsa, indent, 1);
+	}
+
+
+static int dsa_priv_print(BIO *bp, const EVP_PKEY *pkey, int indent,
+							ASN1_PCTX *ctx)
+	{
+	return do_dsa_print(bp, pkey->pkey.dsa, indent, 2);
+	}
+
+static int old_dsa_priv_decode(EVP_PKEY *pkey,
+					const unsigned char **pder, int derlen)
+	{
+	DSA *dsa;
+	if (!(dsa = d2i_DSAPrivateKey (NULL, pder, derlen)))
+		{
+		DSAerr(DSA_F_OLD_DSA_PRIV_DECODE, ERR_R_DSA_LIB);
+		return 0;
+		}
+	EVP_PKEY_assign_DSA(pkey, dsa);
+	return 1;
+	}
+
+static int old_dsa_priv_encode(const EVP_PKEY *pkey, unsigned char **pder)
+	{
+	return i2d_DSAPrivateKey(pkey->pkey.dsa, pder);
+	}
+
+static int dsa_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
+	{
+	switch (op)
+		{
+		case ASN1_PKEY_CTRL_PKCS7_SIGN:
+		if (arg1 == 0)
+			{
+			int snid, hnid;
+			X509_ALGOR *alg1, *alg2;
+			PKCS7_SIGNER_INFO_get0_algs(arg2, NULL, &alg1, &alg2);
+			if (alg1 == NULL || alg1->algorithm == NULL)
+				return -1;
+			hnid = OBJ_obj2nid(alg1->algorithm);
+			if (hnid == NID_undef)
+				return -1;
+			if (!OBJ_find_sigid_by_algs(&snid, hnid, EVP_PKEY_id(pkey)))
+				return -1; 
+			X509_ALGOR_set0(alg2, OBJ_nid2obj(snid), V_ASN1_UNDEF, 0);
+			}
+		return 1;
+#ifndef OPENSSL_NO_CMS
+		case ASN1_PKEY_CTRL_CMS_SIGN:
+		if (arg1 == 0)
+			{
+			int snid, hnid;
+			X509_ALGOR *alg1, *alg2;
+			CMS_SignerInfo_get0_algs(arg2, NULL, NULL, &alg1, &alg2);
+			if (alg1 == NULL || alg1->algorithm == NULL)
+				return -1;
+			hnid = OBJ_obj2nid(alg1->algorithm);
+			if (hnid == NID_undef)
+				return -1;
+			if (!OBJ_find_sigid_by_algs(&snid, hnid, EVP_PKEY_id(pkey)))
+				return -1; 
+			X509_ALGOR_set0(alg2, OBJ_nid2obj(snid), V_ASN1_UNDEF, 0);
+			}
+		return 1;
+#endif
+
+		case ASN1_PKEY_CTRL_DEFAULT_MD_NID:
+		*(int *)arg2 = NID_sha1;
+		return 2;
+
+		default:
+		return -2;
+
+		}
+
+	}
+
+/* NB these are sorted in pkey_id order, lowest first */
+
+const EVP_PKEY_ASN1_METHOD dsa_asn1_meths[] = 
+	{
+
+		{
+		EVP_PKEY_DSA2,
+		EVP_PKEY_DSA,
+		ASN1_PKEY_ALIAS
+		},
+
+		{
+		EVP_PKEY_DSA1,
+		EVP_PKEY_DSA,
+		ASN1_PKEY_ALIAS
+		},
+
+		{
+		EVP_PKEY_DSA4,
+		EVP_PKEY_DSA,
+		ASN1_PKEY_ALIAS
+		},
+
+		{
+		EVP_PKEY_DSA3,
+		EVP_PKEY_DSA,
+		ASN1_PKEY_ALIAS
+		},
+
+		{
+		EVP_PKEY_DSA,
+		EVP_PKEY_DSA,
+		0,
+
+		"DSA",
+		"OpenSSL DSA method",
+
+		dsa_pub_decode,
+		dsa_pub_encode,
+		dsa_pub_cmp,
+		dsa_pub_print,
+
+		dsa_priv_decode,
+		dsa_priv_encode,
+		dsa_priv_print,
+
+		int_dsa_size,
+		dsa_bits,
+
+		dsa_param_decode,
+		dsa_param_encode,
+		dsa_missing_parameters,
+		dsa_copy_parameters,
+		dsa_cmp_parameters,
+		dsa_param_print,
+
+		int_dsa_free,
+		dsa_pkey_ctrl,
+		old_dsa_priv_decode,
+		old_dsa_priv_encode
+		}
+	};
+
diff --git a/crypto/dsa/dsa_asn1.c b/crypto/dsa/dsa_asn1.c
index 23fce555aa..c37460b2d6 100644
--- a/crypto/dsa/dsa_asn1.c
+++ b/crypto/dsa/dsa_asn1.c
@@ -1,9 +1,9 @@
 /* dsa_asn1.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2000.
  */
 /* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 2000-2005 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -63,17 +63,21 @@
 #include <openssl/asn1t.h>
 
 /* Override the default new methods */
-static int sig_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
+static int sig_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
+								void *exarg)
 {
 	if(operation == ASN1_OP_NEW_PRE) {
 		DSA_SIG *sig;
 		sig = OPENSSL_malloc(sizeof(DSA_SIG));
+		if (!sig)
+			{
+			DSAerr(DSA_F_SIG_CB, ERR_R_MALLOC_FAILURE);
+			return 0;
+			}
 		sig->r = NULL;
 		sig->s = NULL;
 		*pval = (ASN1_VALUE *)sig;
-		if(sig) return 2;
-		DSAerr(DSA_F_SIG_CB, ERR_R_MALLOC_FAILURE);
-		return 0;
+		return 2;
 	}
 	return 1;
 }
@@ -86,7 +90,8 @@ ASN1_SEQUENCE_cb(DSA_SIG, sig_cb) = {
 IMPLEMENT_ASN1_FUNCTIONS_const(DSA_SIG)
 
 /* Override the default free and new methods */
-static int dsa_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
+static int dsa_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
+							void *exarg)
 {
 	if(operation == ASN1_OP_NEW_PRE) {
 		*pval = (ASN1_VALUE *)DSA_new();
@@ -138,3 +143,8 @@ ASN1_CHOICE_cb(DSAPublicKey, dsa_cb) = {
 } ASN1_CHOICE_END_cb(DSA, DSAPublicKey, write_params)
 
 IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DSA, DSAPublicKey, DSAPublicKey)
+
+DSA *DSAparams_dup(DSA *dsa)
+	{
+	return ASN1_item_dup(ASN1_ITEM_rptr(DSAparams), dsa);
+	}
diff --git a/crypto/dsa/dsa_err.c b/crypto/dsa/dsa_err.c
index b1064f07eb..bba984e92e 100644
--- a/crypto/dsa/dsa_err.c
+++ b/crypto/dsa/dsa_err.c
@@ -1,6 +1,6 @@
 /* crypto/dsa/dsa_err.c */
 /* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2006 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -61,33 +61,52 @@
 #include <stdio.h>
 #include <openssl/err.h>
 #include <openssl/dsa.h>
-#include <openssl/opensslconf.h> /* To see if OPENSSL_NO_ERR is defined */
 
 /* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
+
+#define ERR_FUNC(func) ERR_PACK(ERR_LIB_DSA,func,0)
+#define ERR_REASON(reason) ERR_PACK(ERR_LIB_DSA,0,reason)
+
 static ERR_STRING_DATA DSA_str_functs[]=
 	{
-{ERR_PACK(0,DSA_F_D2I_DSA_SIG,0),	"d2i_DSA_SIG"},
-{ERR_PACK(0,DSA_F_DSAPARAMS_PRINT,0),	"DSAparams_print"},
-{ERR_PACK(0,DSA_F_DSAPARAMS_PRINT_FP,0),	"DSAparams_print_fp"},
-{ERR_PACK(0,DSA_F_DSA_DO_SIGN,0),	"DSA_do_sign"},
-{ERR_PACK(0,DSA_F_DSA_DO_VERIFY,0),	"DSA_do_verify"},
-{ERR_PACK(0,DSA_F_DSA_NEW_METHOD,0),	"DSA_new_method"},
-{ERR_PACK(0,DSA_F_DSA_PRINT,0),	"DSA_print"},
-{ERR_PACK(0,DSA_F_DSA_PRINT_FP,0),	"DSA_print_fp"},
-{ERR_PACK(0,DSA_F_DSA_SIGN,0),	"DSA_sign"},
-{ERR_PACK(0,DSA_F_DSA_SIGN_SETUP,0),	"DSA_sign_setup"},
-{ERR_PACK(0,DSA_F_DSA_SIG_NEW,0),	"DSA_SIG_new"},
-{ERR_PACK(0,DSA_F_DSA_VERIFY,0),	"DSA_verify"},
-{ERR_PACK(0,DSA_F_I2D_DSA_SIG,0),	"i2d_DSA_SIG"},
-{ERR_PACK(0,DSA_F_SIG_CB,0),	"SIG_CB"},
+{ERR_FUNC(DSA_F_D2I_DSA_SIG),	"d2i_DSA_SIG"},
+{ERR_FUNC(DSA_F_DO_DSA_PRINT),	"DO_DSA_PRINT"},
+{ERR_FUNC(DSA_F_DSAPARAMS_PRINT),	"DSAparams_print"},
+{ERR_FUNC(DSA_F_DSAPARAMS_PRINT_FP),	"DSAparams_print_fp"},
+{ERR_FUNC(DSA_F_DSA_DO_SIGN),	"DSA_do_sign"},
+{ERR_FUNC(DSA_F_DSA_DO_VERIFY),	"DSA_do_verify"},
+{ERR_FUNC(DSA_F_DSA_NEW_METHOD),	"DSA_new_method"},
+{ERR_FUNC(DSA_F_DSA_PARAM_DECODE),	"DSA_PARAM_DECODE"},
+{ERR_FUNC(DSA_F_DSA_PRINT_FP),	"DSA_print_fp"},
+{ERR_FUNC(DSA_F_DSA_PRIV_DECODE),	"DSA_PRIV_DECODE"},
+{ERR_FUNC(DSA_F_DSA_PRIV_ENCODE),	"DSA_PRIV_ENCODE"},
+{ERR_FUNC(DSA_F_DSA_PUB_DECODE),	"DSA_PUB_DECODE"},
+{ERR_FUNC(DSA_F_DSA_PUB_ENCODE),	"DSA_PUB_ENCODE"},
+{ERR_FUNC(DSA_F_DSA_SIGN),	"DSA_sign"},
+{ERR_FUNC(DSA_F_DSA_SIGN_SETUP),	"DSA_sign_setup"},
+{ERR_FUNC(DSA_F_DSA_SIG_NEW),	"DSA_SIG_new"},
+{ERR_FUNC(DSA_F_DSA_VERIFY),	"DSA_verify"},
+{ERR_FUNC(DSA_F_I2D_DSA_SIG),	"i2d_DSA_SIG"},
+{ERR_FUNC(DSA_F_OLD_DSA_PRIV_DECODE),	"OLD_DSA_PRIV_DECODE"},
+{ERR_FUNC(DSA_F_PKEY_DSA_CTRL),	"PKEY_DSA_CTRL"},
+{ERR_FUNC(DSA_F_PKEY_DSA_KEYGEN),	"PKEY_DSA_KEYGEN"},
+{ERR_FUNC(DSA_F_SIG_CB),	"SIG_CB"},
 {0,NULL}
 	};
 
 static ERR_STRING_DATA DSA_str_reasons[]=
 	{
-{DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE       ,"data too large for key size"},
-{DSA_R_MISSING_PARAMETERS                ,"missing parameters"},
+{ERR_REASON(DSA_R_BAD_Q_VALUE)           ,"bad q value"},
+{ERR_REASON(DSA_R_BN_DECODE_ERROR)       ,"bn decode error"},
+{ERR_REASON(DSA_R_BN_ERROR)              ,"bn error"},
+{ERR_REASON(DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE),"data too large for key size"},
+{ERR_REASON(DSA_R_DECODE_ERROR)          ,"decode error"},
+{ERR_REASON(DSA_R_INVALID_DIGEST_TYPE)   ,"invalid digest type"},
+{ERR_REASON(DSA_R_MISSING_PARAMETERS)    ,"missing parameters"},
+{ERR_REASON(DSA_R_MODULUS_TOO_LARGE)     ,"modulus too large"},
+{ERR_REASON(DSA_R_NO_PARAMETERS_SET)     ,"no parameters set"},
+{ERR_REASON(DSA_R_PARAMETER_ENCODING_ERROR),"parameter encoding error"},
 {0,NULL}
 	};
 
@@ -95,15 +114,12 @@ static ERR_STRING_DATA DSA_str_reasons[]=
 
 void ERR_load_DSA_strings(void)
 	{
-	static int init=1;
-
-	if (init)
-		{
-		init=0;
 #ifndef OPENSSL_NO_ERR
-		ERR_load_strings(ERR_LIB_DSA,DSA_str_functs);
-		ERR_load_strings(ERR_LIB_DSA,DSA_str_reasons);
-#endif
 
+	if (ERR_func_error_string(DSA_str_functs[0].error) == NULL)
+		{
+		ERR_load_strings(0,DSA_str_functs);
+		ERR_load_strings(0,DSA_str_reasons);
 		}
+#endif
 	}
diff --git a/crypto/dsa/dsa_gen.c b/crypto/dsa/dsa_gen.c
index 74da6becd5..cd6bba3682 100644
--- a/crypto/dsa/dsa_gen.c
+++ b/crypto/dsa/dsa_gen.c
@@ -74,60 +74,88 @@
 #ifndef OPENSSL_NO_SHA
 
 #include <stdio.h>
-#include <time.h>
 #include "cryptlib.h"
 #include <openssl/evp.h>
 #include <openssl/bn.h>
-#include <openssl/dsa.h>
 #include <openssl/rand.h>
 #include <openssl/sha.h>
-
-static int dsa_builtin_paramgen(DSA *ret, int bits,
-		unsigned char *seed_in, int seed_len,
-		int *counter_ret, unsigned long *h_ret, BN_GENCB *cb);
+#include "dsa_locl.h"
 
 int DSA_generate_parameters_ex(DSA *ret, int bits,
-		unsigned char *seed_in, int seed_len,
+		const unsigned char *seed_in, int seed_len,
 		int *counter_ret, unsigned long *h_ret, BN_GENCB *cb)
 	{
 	if(ret->meth->dsa_paramgen)
 		return ret->meth->dsa_paramgen(ret, bits, seed_in, seed_len,
 				counter_ret, h_ret, cb);
-	return dsa_builtin_paramgen(ret, bits, seed_in, seed_len,
-			counter_ret, h_ret, cb);
+	else
+		{
+		const EVP_MD *evpmd;
+		size_t qbits = bits >= 2048 ? 256 : 160;
+
+		if (bits >= 2048)
+			{
+			qbits = 256;
+			evpmd = EVP_sha256();
+			}
+		else
+			{
+			qbits = 160;
+			evpmd = EVP_sha1();
+			}
+
+		return dsa_builtin_paramgen(ret, bits, qbits, evpmd,
+				seed_in, seed_len, counter_ret, h_ret, cb);
+		}
 	}
 
-static int dsa_builtin_paramgen(DSA *ret, int bits,
-		unsigned char *seed_in, int seed_len,
-		int *counter_ret, unsigned long *h_ret, BN_GENCB *cb)
+int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits,
+	const EVP_MD *evpmd, const unsigned char *seed_in, size_t seed_len,
+	int *counter_ret, unsigned long *h_ret, BN_GENCB *cb)
 	{
 	int ok=0;
-	unsigned char seed[SHA_DIGEST_LENGTH];
-	unsigned char md[SHA_DIGEST_LENGTH];
-	unsigned char buf[SHA_DIGEST_LENGTH],buf2[SHA_DIGEST_LENGTH];
+	unsigned char seed[SHA256_DIGEST_LENGTH];
+	unsigned char md[SHA256_DIGEST_LENGTH];
+	unsigned char buf[SHA256_DIGEST_LENGTH],buf2[SHA256_DIGEST_LENGTH];
 	BIGNUM *r0,*W,*X,*c,*test;
 	BIGNUM *g=NULL,*q=NULL,*p=NULL;
 	BN_MONT_CTX *mont=NULL;
-	int k,n=0,i,b,m=0;
+	int i, k,n=0,b,m=0, qsize = qbits >> 3;
 	int counter=0;
 	int r=0;
 	BN_CTX *ctx=NULL;
 	unsigned int h=2;
 
-	if (bits < 512) bits=512;
-	bits=(bits+63)/64*64;
+	if (qsize != SHA_DIGEST_LENGTH && qsize != SHA224_DIGEST_LENGTH &&
+	    qsize != SHA256_DIGEST_LENGTH)
+		/* invalid q size */
+		return 0;
 
-	if (seed_len < 20)
-		seed_in = NULL; /* seed buffer too small -- ignore */
-	if (seed_len > 20) 
-		seed_len = 20; /* App. 2.2 of FIPS PUB 186 allows larger SEED,
-		                * but our internal buffers are restricted to 160 bits*/
-	if ((seed_in != NULL) && (seed_len == 20))
-		memcpy(seed,seed_in,seed_len);
+	if (evpmd == NULL)
+		/* use SHA1 as default */
+		evpmd = EVP_sha1();
 
-	if ((ctx=BN_CTX_new()) == NULL) goto err;
+	if (bits < 512)
+		bits = 512;
 
-	if ((mont=BN_MONT_CTX_new()) == NULL) goto err;
+	bits = (bits+63)/64*64;
+
+	/* NB: seed_len == 0 is special case: copy generated seed to
+ 	 * seed_in if it is not NULL.
+ 	 */
+	if (seed_len && (seed_len < (size_t)qsize))
+		seed_in = NULL;		/* seed buffer too small -- ignore */
+	if (seed_len > (size_t)qsize) 
+		seed_len = qsize;	/* App. 2.2 of FIPS PUB 186 allows larger SEED,
+					 * but our internal buffers are restricted to 160 bits*/
+	if (seed_in != NULL)
+		memcpy(seed, seed_in, seed_len);
+
+	if ((ctx=BN_CTX_new()) == NULL)
+		goto err;
+
+	if ((mont=BN_MONT_CTX_new()) == NULL)
+		goto err;
 
 	BN_CTX_start(ctx);
 	r0 = BN_CTX_get(ctx);
@@ -154,7 +182,7 @@ static int dsa_builtin_paramgen(DSA *ret, int bits,
 
 			if (!seed_len)
 				{
-				RAND_pseudo_bytes(seed,SHA_DIGEST_LENGTH);
+				RAND_pseudo_bytes(seed, qsize);
 				seed_is_random = 1;
 				}
 			else
@@ -162,25 +190,29 @@ static int dsa_builtin_paramgen(DSA *ret, int bits,
 				seed_is_random = 0;
 				seed_len=0; /* use random seed if 'seed_in' turns out to be bad*/
 				}
-			memcpy(buf,seed,SHA_DIGEST_LENGTH);
-			memcpy(buf2,seed,SHA_DIGEST_LENGTH);
+			memcpy(buf , seed, qsize);
+			memcpy(buf2, seed, qsize);
 			/* precompute "SEED + 1" for step 7: */
-			for (i=SHA_DIGEST_LENGTH-1; i >= 0; i--)
+			for (i = qsize-1; i >= 0; i--)
 				{
 				buf[i]++;
-				if (buf[i] != 0) break;
+				if (buf[i] != 0)
+					break;
 				}
 
 			/* step 2 */
-			EVP_Digest(seed,SHA_DIGEST_LENGTH,md,NULL,HASH, NULL);
-			EVP_Digest(buf,SHA_DIGEST_LENGTH,buf2,NULL,HASH, NULL);
-			for (i=0; i<SHA_DIGEST_LENGTH; i++)
+			if (!EVP_Digest(seed, qsize, md,   NULL, evpmd, NULL))
+				goto err;
+			if (!EVP_Digest(buf,  qsize, buf2, NULL, evpmd, NULL))
+				goto err;
+			for (i = 0; i < qsize; i++)
 				md[i]^=buf2[i];
 
 			/* step 3 */
-			md[0]|=0x80;
-			md[SHA_DIGEST_LENGTH-1]|=0x01;
-			if (!BN_bin2bn(md,SHA_DIGEST_LENGTH,q)) goto err;
+			md[0] |= 0x80;
+			md[qsize-1] |= 0x01;
+			if (!BN_bin2bn(md, qsize, q))
+				goto err;
 
 			/* step 4 */
 			r = BN_is_prime_fasttest_ex(q, DSS_prime_checks, ctx,
@@ -210,23 +242,26 @@ static int dsa_builtin_paramgen(DSA *ret, int bits,
 				goto err;
 
 			/* step 7 */
-			if (!BN_zero(W)) goto err;
+			BN_zero(W);
 			/* now 'buf' contains "SEED + offset - 1" */
 			for (k=0; k<=n; k++)
 				{
 				/* obtain "SEED + offset + k" by incrementing: */
-				for (i=SHA_DIGEST_LENGTH-1; i >= 0; i--)
+				for (i = qsize-1; i >= 0; i--)
 					{
 					buf[i]++;
-					if (buf[i] != 0) break;
+					if (buf[i] != 0)
+						break;
 					}
 
-				EVP_Digest(buf,SHA_DIGEST_LENGTH,md,NULL,HASH, NULL);
+				if (!EVP_Digest(buf, qsize, md ,NULL, evpmd,
+									NULL))
+					goto err;
 
 				/* step 8 */
-				if (!BN_bin2bn(md,SHA_DIGEST_LENGTH,r0))
+				if (!BN_bin2bn(md, qsize, r0))
 					goto err;
-				if (!BN_lshift(r0,r0,160*k)) goto err;
+				if (!BN_lshift(r0,r0,(qsize << 3)*k)) goto err;
 				if (!BN_add(W,W,r0)) goto err;
 				}
 
@@ -300,7 +335,6 @@ err:
 			ok=0;
 			goto err;
 			}
-		if ((m > 1) && (seed_in != NULL)) memcpy(seed_in,seed,20);
 		if (counter_ret != NULL) *counter_ret=counter;
 		if (h_ret != NULL) *h_ret=h;
 		}
diff --git a/crypto/dsa/dsa_key.c b/crypto/dsa/dsa_key.c
index 8427b77970..c4aa86bc6d 100644
--- a/crypto/dsa/dsa_key.c
+++ b/crypto/dsa/dsa_key.c
@@ -98,8 +98,22 @@ static int dsa_builtin_keygen(DSA *dsa)
 		}
 	else
 		pub_key=dsa->pub_key;
+	
+	{
+		BIGNUM local_prk;
+		BIGNUM *prk;
+
+		if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0)
+			{
+			BN_init(&local_prk);
+			prk = &local_prk;
+			BN_with_flags(prk, priv_key, BN_FLG_CONSTTIME);
+			}
+		else
+			prk = priv_key;
 
-	if (!BN_mod_exp(pub_key,dsa->g,priv_key,dsa->p,ctx)) goto err;
+		if (!BN_mod_exp(pub_key,dsa->g,prk,dsa->p,ctx)) goto err;
+	}
 
 	dsa->priv_key=priv_key;
 	dsa->pub_key=pub_key;
diff --git a/crypto/dsa/dsa_lib.c b/crypto/dsa/dsa_lib.c
index 3a78082c01..e9b75902db 100644
--- a/crypto/dsa/dsa_lib.c
+++ b/crypto/dsa/dsa_lib.c
@@ -66,9 +66,11 @@
 #ifndef OPENSSL_NO_ENGINE
 #include <openssl/engine.h>
 #endif
+#ifndef OPENSSL_NO_DH
 #include <openssl/dh.h>
+#endif
 
-const char *DSA_version="DSA" OPENSSL_VERSION_PTEXT;
+const char DSA_version[]="DSA" OPENSSL_VERSION_PTEXT;
 
 static const DSA_METHOD *default_DSA_method = NULL;
 
diff --git a/crypto/dsa/dsa_locl.h b/crypto/dsa/dsa_locl.h
new file mode 100644
index 0000000000..2b8cfee3db
--- /dev/null
+++ b/crypto/dsa/dsa_locl.h
@@ -0,0 +1,59 @@
+/* ====================================================================
+ * Copyright (c) 2007 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <openssl/dsa.h>
+
+int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits,
+	const EVP_MD *evpmd, const unsigned char *seed_in, size_t seed_len,
+	int *counter_ret, unsigned long *h_ret, BN_GENCB *cb);
diff --git a/crypto/dsa/dsa_ossl.c b/crypto/dsa/dsa_ossl.c
index c3ad7a14ab..4fead07e80 100644
--- a/crypto/dsa/dsa_ossl.c
+++ b/crypto/dsa/dsa_ossl.c
@@ -61,6 +61,7 @@
 #include <stdio.h>
 #include "cryptlib.h"
 #include <openssl/bn.h>
+#include <openssl/sha.h>
 #include <openssl/dsa.h>
 #include <openssl/rand.h>
 #include <openssl/asn1.h>
@@ -68,7 +69,7 @@
 static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa);
 static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp);
 static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
-		  DSA *dsa);
+			 DSA *dsa);
 static int dsa_init(DSA *dsa);
 static int dsa_finish(DSA *dsa);
 
@@ -133,7 +134,7 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
 	BIGNUM m;
 	BIGNUM xr;
 	BN_CTX *ctx=NULL;
-	int i,reason=ERR_R_BN_LIB;
+	int reason=ERR_R_BN_LIB;
 	DSA_SIG *ret=NULL;
 
 	BN_init(&m);
@@ -148,8 +149,9 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
 	s=BN_new();
 	if (s == NULL) goto err;
 
-	i=BN_num_bytes(dsa->q); /* should be 20 */
-	if ((dlen > i) || (dlen > 50))
+	/* reject a excessive digest length (currently at most
+	 * dsa-with-SHA256 is supported) */
+	if (dlen > SHA256_DIGEST_LENGTH)
 		{
 		reason=DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE;
 		goto err;
@@ -170,7 +172,14 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
 		dsa->r=NULL;
 		}
 
-	if (BN_bin2bn(dgst,dlen,&m) == NULL) goto err;
+	
+	if (dlen > BN_num_bytes(dsa->q))
+		/* if the digest length is greater than the size of q use the
+		 * BN_num_bits(dsa->q) leftmost bits of the digest, see
+		 * fips 186-3, 4.2 */
+		dlen = BN_num_bytes(dsa->q);
+	if (BN_bin2bn(dgst,dlen,&m) == NULL)
+		goto err;
 
 	/* Compute  s = inv(k) (m + xr) mod q */
 	if (!BN_mod_mul(&xr,dsa->priv_key,r,dsa->q,ctx)) goto err;/* s = xr */
@@ -202,7 +211,7 @@ err:
 static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
 	{
 	BN_CTX *ctx;
-	BIGNUM k,*kinv=NULL,*r=NULL;
+	BIGNUM k,kq,*K,*kinv=NULL,*r=NULL;
 	int ret=0;
 
 	if (!dsa->p || !dsa->q || !dsa->g)
@@ -212,6 +221,7 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
 		}
 
 	BN_init(&k);
+	BN_init(&kq);
 
 	if (ctx_in == NULL)
 		{
@@ -221,23 +231,50 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
 		ctx=ctx_in;
 
 	if ((r=BN_new()) == NULL) goto err;
-	kinv=NULL;
 
 	/* Get random k */
 	do
 		if (!BN_rand_range(&k, dsa->q)) goto err;
 	while (BN_is_zero(&k));
+	if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0)
+		{
+		BN_set_flags(&k, BN_FLG_CONSTTIME);
+		}
 
-	if ((dsa->method_mont_p == NULL) && (dsa->flags & DSA_FLAG_CACHE_MONT_P))
+	if (dsa->flags & DSA_FLAG_CACHE_MONT_P)
 		{
-		if ((dsa->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL)
-			if (!BN_MONT_CTX_set((BN_MONT_CTX *)dsa->method_mont_p,
-				dsa->p,ctx)) goto err;
+		if (!BN_MONT_CTX_set_locked(&dsa->method_mont_p,
+						CRYPTO_LOCK_DSA,
+						dsa->p, ctx))
+			goto err;
 		}
 
 	/* Compute r = (g^k mod p) mod q */
-	DSA_BN_MOD_EXP(goto err, dsa, r, dsa->g, &k, dsa->p, ctx,
-			(BN_MONT_CTX *)dsa->method_mont_p);
+
+	if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0)
+		{
+		if (!BN_copy(&kq, &k)) goto err;
+
+		/* We do not want timing information to leak the length of k,
+		 * so we compute g^k using an equivalent exponent of fixed length.
+		 *
+		 * (This is a kludge that we need because the BN_mod_exp_mont()
+		 * does not let us specify the desired timing behaviour.) */
+
+		if (!BN_add(&kq, &kq, dsa->q)) goto err;
+		if (BN_num_bits(&kq) <= BN_num_bits(dsa->q))
+			{
+			if (!BN_add(&kq, &kq, dsa->q)) goto err;
+			}
+
+		K = &kq;
+		}
+	else
+		{
+		K = &k;
+		}
+	DSA_BN_MOD_EXP(goto err, dsa, r, dsa->g, K, dsa->p, ctx,
+			dsa->method_mont_p);
 	if (!BN_mod(r,r,dsa->q,ctx)) goto err;
 
 	/* Compute  part of 's = inv(k) (m + xr) mod q' */
@@ -253,41 +290,63 @@ err:
 	if (!ret)
 		{
 		DSAerr(DSA_F_DSA_SIGN_SETUP,ERR_R_BN_LIB);
-		if (kinv != NULL) BN_clear_free(kinv);
-		if (r != NULL) BN_clear_free(r);
+		if (r != NULL)
+			BN_clear_free(r);
 		}
 	if (ctx_in == NULL) BN_CTX_free(ctx);
-	if (kinv != NULL) BN_clear_free(kinv);
 	BN_clear_free(&k);
+	BN_clear_free(&kq);
 	return(ret);
 	}
 
 static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
-		  DSA *dsa)
+			 DSA *dsa)
 	{
 	BN_CTX *ctx;
 	BIGNUM u1,u2,t1;
 	BN_MONT_CTX *mont=NULL;
-	int ret = -1;
+	int ret = -1, i;
 	if (!dsa->p || !dsa->q || !dsa->g)
 		{
 		DSAerr(DSA_F_DSA_DO_VERIFY,DSA_R_MISSING_PARAMETERS);
 		return -1;
 		}
 
+	i = BN_num_bits(dsa->q);
+	/* fips 186-3 allows only different sizes for q */
+	if (i != 160 && i != 224 && i != 256)
+		{
+		DSAerr(DSA_F_DSA_DO_VERIFY,DSA_R_BAD_Q_VALUE);
+		return -1;
+		}
+
+	if (BN_num_bits(dsa->p) > OPENSSL_DSA_MAX_MODULUS_BITS)
+		{
+		DSAerr(DSA_F_DSA_DO_VERIFY,DSA_R_MODULUS_TOO_LARGE);
+		return -1;
+		}
+
+	/* reject a excessive digest length (currently at most
+	 * dsa-with-SHA256 is supported) */
+	if (dgst_len > SHA256_DIGEST_LENGTH)
+		{
+		DSAerr(DSA_F_DSA_DO_VERIFY,DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
+		return -1;
+		}
+
 	BN_init(&u1);
 	BN_init(&u2);
 	BN_init(&t1);
 
 	if ((ctx=BN_CTX_new()) == NULL) goto err;
 
-	if (BN_is_zero(sig->r) || BN_get_sign(sig->r) ||
+	if (BN_is_zero(sig->r) || BN_is_negative(sig->r) ||
 	    BN_ucmp(sig->r, dsa->q) >= 0)
 		{
 		ret = 0;
 		goto err;
 		}
-	if (BN_is_zero(sig->s) || BN_get_sign(sig->s) ||
+	if (BN_is_zero(sig->s) || BN_is_negative(sig->s) ||
 	    BN_ucmp(sig->s, dsa->q) >= 0)
 		{
 		ret = 0;
@@ -299,6 +358,11 @@ static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
 	if ((BN_mod_inverse(&u2,sig->s,dsa->q,ctx)) == NULL) goto err;
 
 	/* save M in u1 */
+	if (dgst_len > (i >> 3))
+		/* if the digest length is greater than the size of q use the
+		 * BN_num_bits(dsa->q) leftmost bits of the digest, see
+		 * fips 186-3, 4.2 */
+		dgst_len = (i >> 3);
 	if (BN_bin2bn(dgst,dgst_len,&u1) == NULL) goto err;
 
 	/* u1 = M * w mod q */
@@ -307,13 +371,14 @@ static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
 	/* u2 = r * w mod q */
 	if (!BN_mod_mul(&u2,sig->r,&u2,dsa->q,ctx)) goto err;
 
-	if ((dsa->method_mont_p == NULL) && (dsa->flags & DSA_FLAG_CACHE_MONT_P))
+
+	if (dsa->flags & DSA_FLAG_CACHE_MONT_P)
 		{
-		if ((dsa->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL)
-			if (!BN_MONT_CTX_set((BN_MONT_CTX *)dsa->method_mont_p,
-				dsa->p,ctx)) goto err;
+		mont = BN_MONT_CTX_set_locked(&dsa->method_mont_p,
+					CRYPTO_LOCK_DSA, dsa->p, ctx);
+		if (!mont)
+			goto err;
 		}
-	mont=(BN_MONT_CTX *)dsa->method_mont_p;
 
 
 	DSA_MOD_EXP(goto err, dsa, &t1, dsa->g, &u1, dsa->pub_key, &u2, dsa->p, ctx, mont);
@@ -326,6 +391,8 @@ static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
 	ret=(BN_ucmp(&u1, sig->r) == 0);
 
 	err:
+	/* XXX: surely this is wrong - if ret is 0, it just didn't verify;
+	   there is no error in BN. Test should be ret == -1 (Ben) */
 	if (ret != 1) DSAerr(DSA_F_DSA_DO_VERIFY,ERR_R_BN_LIB);
 	if (ctx != NULL) BN_CTX_free(ctx);
 	BN_free(&u1);
@@ -343,7 +410,7 @@ static int dsa_init(DSA *dsa)
 static int dsa_finish(DSA *dsa)
 {
 	if(dsa->method_mont_p)
-		BN_MONT_CTX_free((BN_MONT_CTX *)dsa->method_mont_p);
+		BN_MONT_CTX_free(dsa->method_mont_p);
 	return(1);
 }
 
diff --git a/crypto/dsa/dsa_pmeth.c b/crypto/dsa/dsa_pmeth.c
new file mode 100644
index 0000000000..4ce91e20c6
--- /dev/null
+++ b/crypto/dsa/dsa_pmeth.c
@@ -0,0 +1,315 @@
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project 2006.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/asn1t.h>
+#include <openssl/x509.h>
+#include <openssl/evp.h>
+#include <openssl/bn.h>
+#include "evp_locl.h"
+#include "dsa_locl.h"
+
+/* DSA pkey context structure */
+
+typedef struct
+	{
+	/* Parameter gen parameters */
+	int nbits;		/* size of p in bits (default: 1024) */
+	int qbits;		/* size of q in bits (default: 160)  */
+	const EVP_MD *pmd;	/* MD for parameter generation */
+	/* Keygen callback info */
+	int gentmp[2];
+	/* message digest */
+	const EVP_MD *md;	/* MD for the signature */
+	} DSA_PKEY_CTX;
+
+static int pkey_dsa_init(EVP_PKEY_CTX *ctx)
+	{
+	DSA_PKEY_CTX *dctx;
+	dctx = OPENSSL_malloc(sizeof(DSA_PKEY_CTX));
+	if (!dctx)
+		return 0;
+	dctx->nbits = 1024;
+	dctx->qbits = 160;
+	dctx->pmd = NULL;
+	dctx->md = NULL;
+
+	ctx->data = dctx;
+	ctx->keygen_info = dctx->gentmp;
+	ctx->keygen_info_count = 2;
+	
+	return 1;
+	}
+
+static int pkey_dsa_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
+	{
+	DSA_PKEY_CTX *dctx, *sctx;
+	if (!pkey_dsa_init(dst))
+		return 0;
+       	sctx = src->data;
+	dctx = dst->data;
+	dctx->nbits = sctx->nbits;
+	dctx->qbits = sctx->qbits;
+	dctx->pmd = sctx->pmd;
+	dctx->md  = sctx->md;
+	return 1;
+	}
+
+static void pkey_dsa_cleanup(EVP_PKEY_CTX *ctx)
+	{
+	DSA_PKEY_CTX *dctx = ctx->data;
+	if (dctx)
+		OPENSSL_free(dctx);
+	}
+
+static int pkey_dsa_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+					const unsigned char *tbs, size_t tbslen)
+	{
+	int ret, type;
+	unsigned int sltmp;
+	DSA_PKEY_CTX *dctx = ctx->data;
+	DSA *dsa = ctx->pkey->pkey.dsa;
+
+	if (dctx->md)
+		type = EVP_MD_type(dctx->md);
+	else
+		type = NID_sha1;
+
+	ret = DSA_sign(type, tbs, tbslen, sig, &sltmp, dsa);
+
+	if (ret <= 0)
+		return ret;
+	*siglen = sltmp;
+	return 1;
+	}
+
+static int pkey_dsa_verify(EVP_PKEY_CTX *ctx,
+					const unsigned char *sig, size_t siglen,
+					const unsigned char *tbs, size_t tbslen)
+	{
+	int ret, type;
+	DSA_PKEY_CTX *dctx = ctx->data;
+	DSA *dsa = ctx->pkey->pkey.dsa;
+
+	if (dctx->md)
+		type = EVP_MD_type(dctx->md);
+	else
+		type = NID_sha1;
+
+	ret = DSA_verify(type, tbs, tbslen, sig, siglen, dsa);
+
+	return ret;
+	}
+
+static int pkey_dsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
+	{
+	DSA_PKEY_CTX *dctx = ctx->data;
+	switch (type)
+		{
+		case EVP_PKEY_CTRL_DSA_PARAMGEN_BITS:
+		if (p1 < 256)
+			return -2;
+		dctx->nbits = p1;
+		return 1;
+
+		case EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS:
+		if (p1 != 160 && p1 != 224 && p1 && p1 != 256)
+			return -2;
+		dctx->qbits = p1;
+		return 1;
+
+		case EVP_PKEY_CTRL_DSA_PARAMGEN_MD:
+		if (EVP_MD_type((const EVP_MD *)p2) != NID_sha1   &&
+		    EVP_MD_type((const EVP_MD *)p2) != NID_sha224 &&
+		    EVP_MD_type((const EVP_MD *)p2) != NID_sha256)
+			{
+			DSAerr(DSA_F_PKEY_DSA_CTRL, DSA_R_INVALID_DIGEST_TYPE);
+			return 0;
+			}
+		dctx->md = p2;
+		return 1;
+
+		case EVP_PKEY_CTRL_MD:
+		if (EVP_MD_type((const EVP_MD *)p2) != NID_sha1   &&
+		    EVP_MD_type((const EVP_MD *)p2) != NID_dsa    &&
+		    EVP_MD_type((const EVP_MD *)p2) != NID_sha224 &&
+		    EVP_MD_type((const EVP_MD *)p2) != NID_sha256)
+			{
+			DSAerr(DSA_F_PKEY_DSA_CTRL, DSA_R_INVALID_DIGEST_TYPE);
+			return 0;
+			}
+		dctx->md = p2;
+		return 1;
+
+		case EVP_PKEY_CTRL_DIGESTINIT:
+		case EVP_PKEY_CTRL_PKCS7_SIGN:
+		case EVP_PKEY_CTRL_CMS_SIGN:
+		return 1;
+		
+		case EVP_PKEY_CTRL_PEER_KEY:
+			DSAerr(DSA_F_PKEY_DSA_CTRL,
+			EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+			return -2;	
+		default:
+		return -2;
+
+		}
+	}
+			
+static int pkey_dsa_ctrl_str(EVP_PKEY_CTX *ctx,
+			const char *type, const char *value)
+	{
+	if (!strcmp(type, "dsa_paramgen_bits"))
+		{
+		int nbits;
+		nbits = atoi(value);
+		return EVP_PKEY_CTX_set_dsa_paramgen_bits(ctx, nbits);
+		}
+	if (!strcmp(type, "dsa_paramgen_q_bits"))
+		{
+		int qbits = atoi(value);
+		return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DSA, EVP_PKEY_OP_PARAMGEN,
+		                         EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS, qbits, NULL);
+		}
+	if (!strcmp(type, "dsa_paramgen_md"))
+		{
+		return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DSA, EVP_PKEY_OP_PARAMGEN,
+		                         EVP_PKEY_CTRL_DSA_PARAMGEN_MD, 0, 
+		                         (void *)EVP_get_digestbyname(value));
+		}
+	return -2;
+	}
+
+static int pkey_dsa_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
+	{
+	DSA *dsa = NULL;
+	DSA_PKEY_CTX *dctx = ctx->data;
+	BN_GENCB *pcb, cb;
+	int ret;
+	if (ctx->pkey_gencb)
+		{
+		pcb = &cb;
+		evp_pkey_set_cb_translate(pcb, ctx);
+		}
+	else
+		pcb = NULL;
+	dsa = DSA_new();
+	if (!dsa)
+		return 0;
+	ret = dsa_builtin_paramgen(dsa, dctx->nbits, dctx->qbits, dctx->pmd,
+	                           NULL, 0, NULL, NULL, pcb);
+	if (ret)
+		EVP_PKEY_assign_DSA(pkey, dsa);
+	else
+		DSA_free(dsa);
+	return ret;
+	}
+
+static int pkey_dsa_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
+	{
+	DSA *dsa = NULL;
+	if (ctx->pkey == NULL)
+		{
+		DSAerr(DSA_F_PKEY_DSA_KEYGEN, DSA_R_NO_PARAMETERS_SET);
+		return 0;
+		}
+	dsa = DSA_new();
+	if (!dsa)
+		return 0;
+	EVP_PKEY_assign_DSA(pkey, dsa);
+	/* Note: if error return, pkey is freed by parent routine */
+	if (!EVP_PKEY_copy_parameters(pkey, ctx->pkey))
+		return 0;
+	return DSA_generate_key(pkey->pkey.dsa);
+	}
+
+const EVP_PKEY_METHOD dsa_pkey_meth = 
+	{
+	EVP_PKEY_DSA,
+	EVP_PKEY_FLAG_AUTOARGLEN,
+	pkey_dsa_init,
+	pkey_dsa_copy,
+	pkey_dsa_cleanup,
+
+	0,
+	pkey_dsa_paramgen,
+
+	0,
+	pkey_dsa_keygen,
+
+	0,
+	pkey_dsa_sign,
+
+	0,
+	pkey_dsa_verify,
+
+	0,0,
+
+	0,0,0,0,
+
+	0,0,
+
+	0,0,
+
+	0,0,
+
+	pkey_dsa_ctrl,
+	pkey_dsa_ctrl_str
+
+
+	};
diff --git a/crypto/dsa/dsa_prn.c b/crypto/dsa/dsa_prn.c
new file mode 100644
index 0000000000..6f29f5e240
--- /dev/null
+++ b/crypto/dsa/dsa_prn.c
@@ -0,0 +1,121 @@
+/* crypto/dsa/dsa_prn.c */
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project 2006.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/evp.h>
+#include <openssl/dsa.h>
+
+#ifndef OPENSSL_NO_FP_API
+int DSA_print_fp(FILE *fp, const DSA *x, int off)
+	{
+	BIO *b;
+	int ret;
+
+	if ((b=BIO_new(BIO_s_file())) == NULL)
+		{
+		DSAerr(DSA_F_DSA_PRINT_FP,ERR_R_BUF_LIB);
+		return(0);
+		}
+	BIO_set_fp(b,fp,BIO_NOCLOSE);
+	ret=DSA_print(b,x,off);
+	BIO_free(b);
+	return(ret);
+	}
+
+int DSAparams_print_fp(FILE *fp, const DSA *x)
+	{
+	BIO *b;
+	int ret;
+
+	if ((b=BIO_new(BIO_s_file())) == NULL)
+		{
+		DSAerr(DSA_F_DSAPARAMS_PRINT_FP,ERR_R_BUF_LIB);
+		return(0);
+		}
+	BIO_set_fp(b,fp,BIO_NOCLOSE);
+	ret=DSAparams_print(b, x);
+	BIO_free(b);
+	return(ret);
+	}
+#endif
+
+int DSA_print(BIO *bp, const DSA *x, int off)
+	{
+	EVP_PKEY *pk;
+	int ret;
+	pk = EVP_PKEY_new();
+	if (!pk || !EVP_PKEY_set1_DSA(pk, (DSA *)x))
+		return 0;
+	ret = EVP_PKEY_print_private(bp, pk, off, NULL);
+	EVP_PKEY_free(pk);
+	return ret;
+	}
+
+int DSAparams_print(BIO *bp, const DSA *x)
+	{
+	EVP_PKEY *pk;
+	int ret;
+	pk = EVP_PKEY_new();
+	if (!pk || !EVP_PKEY_set1_DSA(pk, (DSA *)x))
+		return 0;
+	ret = EVP_PKEY_print_params(bp, pk, 4, NULL);
+	EVP_PKEY_free(pk);
+	return ret;
+	}
+
diff --git a/crypto/dsa/dsa_sign.c b/crypto/dsa/dsa_sign.c
index 89205026f0..17555e5892 100644
--- a/crypto/dsa/dsa_sign.c
+++ b/crypto/dsa/dsa_sign.c
@@ -58,12 +58,9 @@
 
 /* Original version from Steven Schoch <schoch@sheba.arc.nasa.gov> */
 
-#include <stdio.h>
 #include "cryptlib.h"
-#include <openssl/bn.h>
 #include <openssl/dsa.h>
 #include <openssl/rand.h>
-#include <openssl/asn1.h>
 
 DSA_SIG * DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
 	{
@@ -74,6 +71,7 @@ int DSA_sign(int type, const unsigned char *dgst, int dlen, unsigned char *sig,
 	     unsigned int *siglen, DSA *dsa)
 	{
 	DSA_SIG *s;
+	RAND_seed(dgst, dlen);
 	s=DSA_do_sign(dgst,dlen,dsa);
 	if (s == NULL)
 		{
diff --git a/crypto/dsa/dsa_vrf.c b/crypto/dsa/dsa_vrf.c
index c4aeddd056..226a75ff3f 100644
--- a/crypto/dsa/dsa_vrf.c
+++ b/crypto/dsa/dsa_vrf.c
@@ -58,13 +58,8 @@
 
 /* Original version from Steven Schoch <schoch@sheba.arc.nasa.gov> */
 
-#include <stdio.h>
 #include "cryptlib.h"
-#include <openssl/bn.h>
 #include <openssl/dsa.h>
-#include <openssl/rand.h>
-#include <openssl/asn1.h>
-#include <openssl/asn1_mac.h>
 
 int DSA_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
 		  DSA *dsa)
diff --git a/crypto/dsa/dsatest.c b/crypto/dsa/dsatest.c
index ccc456eab7..edffd24e6b 100644
--- a/crypto/dsa/dsatest.c
+++ b/crypto/dsa/dsatest.c
@@ -74,6 +74,7 @@
 #include <openssl/rand.h>
 #include <openssl/bio.h>
 #include <openssl/err.h>
+#include <openssl/bn.h>
 
 #ifdef OPENSSL_NO_DSA
 int main(int argc, char *argv[])
@@ -168,7 +169,6 @@ int main(int argc, char **argv)
 		}
 	BIO_printf(bio_err,"\ncounter=%d h=%ld\n",counter,h);
 		
-	if (dsa == NULL) goto end;
 	DSA_print(bio_err,dsa,0);
 	if (counter != 105) 
 		{
@@ -204,16 +204,25 @@ int main(int argc, char **argv)
 		BIO_printf(bio_err,"g value is wrong\n");
 		goto end;
 		}
+
+	dsa->flags |= DSA_FLAG_NO_EXP_CONSTTIME;
 	DSA_generate_key(dsa);
 	DSA_sign(0, str1, 20, sig, &siglen, dsa);
 	if (DSA_verify(0, str1, 20, sig, siglen, dsa) == 1)
 		ret=1;
+
+	dsa->flags &= ~DSA_FLAG_NO_EXP_CONSTTIME;
+	DSA_generate_key(dsa);
+	DSA_sign(0, str1, 20, sig, &siglen, dsa);
+	if (DSA_verify(0, str1, 20, sig, siglen, dsa) == 1)
+		ret=1;
+
 end:
 	if (!ret)
 		ERR_print_errors(bio_err);
 	if (dsa != NULL) DSA_free(dsa);
 	CRYPTO_cleanup_all_ex_data();
-	ERR_remove_state(0);
+	ERR_remove_thread_state(NULL);
 	ERR_free_strings();
 	CRYPTO_mem_leaks(bio_err);
 	if (bio_err != NULL)
diff --git a/crypto/dso/.cvsignore b/crypto/dso/.cvsignore
index c6d03a9dbc..439e6d3eb6 100644
--- a/crypto/dso/.cvsignore
+++ b/crypto/dso/.cvsignore
@@ -1,2 +1,4 @@
 lib
 Makefile.save
+*.flc
+semantic.cache
diff --git a/crypto/dso/Makefile.ssl b/crypto/dso/Makefile.ssl
deleted file mode 100644
index 7478f4c532..0000000000
--- a/crypto/dso/Makefile.ssl
+++ /dev/null
@@ -1,147 +0,0 @@
-#
-# SSLeay/crypto/dso/Makefile
-#
-
-DIR=	dso
-TOP=	../..
-CC=	cc
-INCLUDES= -I.. -I$(TOP) -I../../include
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC= dso_dl.c dso_dlfcn.c dso_err.c dso_lib.c dso_null.c \
-	dso_openssl.c dso_win32.c dso_vms.c
-LIBOBJ= dso_dl.o dso_dlfcn.o dso_err.o dso_lib.o dso_null.o \
-	dso_openssl.o dso_win32.o dso_vms.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= dso.h
-HEADER=	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@sh $(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-dso_dl.o: ../../e_os.h ../../include/openssl/bio.h
-dso_dl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-dso_dl.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
-dso_dl.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-dso_dl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-dso_dl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-dso_dl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-dso_dl.o: ../cryptlib.h dso_dl.c
-dso_dlfcn.o: ../../e_os.h ../../include/openssl/bio.h
-dso_dlfcn.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-dso_dlfcn.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
-dso_dlfcn.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-dso_dlfcn.o: ../../include/openssl/opensslconf.h
-dso_dlfcn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-dso_dlfcn.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-dso_dlfcn.o: ../../include/openssl/symhacks.h ../cryptlib.h dso_dlfcn.c
-dso_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
-dso_err.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
-dso_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-dso_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-dso_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-dso_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-dso_err.o: dso_err.c
-dso_lib.o: ../../e_os.h ../../include/openssl/bio.h
-dso_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-dso_lib.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
-dso_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-dso_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-dso_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-dso_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-dso_lib.o: ../cryptlib.h dso_lib.c
-dso_null.o: ../../e_os.h ../../include/openssl/bio.h
-dso_null.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-dso_null.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
-dso_null.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-dso_null.o: ../../include/openssl/opensslconf.h
-dso_null.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-dso_null.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-dso_null.o: ../../include/openssl/symhacks.h ../cryptlib.h dso_null.c
-dso_openssl.o: ../../e_os.h ../../include/openssl/bio.h
-dso_openssl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-dso_openssl.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
-dso_openssl.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-dso_openssl.o: ../../include/openssl/opensslconf.h
-dso_openssl.o: ../../include/openssl/opensslv.h
-dso_openssl.o: ../../include/openssl/ossl_typ.h
-dso_openssl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-dso_openssl.o: ../../include/openssl/symhacks.h ../cryptlib.h dso_openssl.c
-dso_vms.o: ../../e_os.h ../../include/openssl/bio.h
-dso_vms.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-dso_vms.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
-dso_vms.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-dso_vms.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-dso_vms.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-dso_vms.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-dso_vms.o: ../cryptlib.h dso_vms.c
-dso_win32.o: ../../e_os.h ../../include/openssl/bio.h
-dso_win32.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-dso_win32.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
-dso_win32.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-dso_win32.o: ../../include/openssl/opensslconf.h
-dso_win32.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-dso_win32.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-dso_win32.o: ../../include/openssl/symhacks.h ../cryptlib.h dso_win32.c
diff --git a/crypto/dso/dso.h b/crypto/dso/dso.h
index fccf54f960..839f2e0617 100644
--- a/crypto/dso/dso.h
+++ b/crypto/dso/dso.h
@@ -125,7 +125,7 @@ typedef char* (*DSO_NAME_CONVERTER_FUNC)(DSO *, const char *);
  * file specifications and added together in whatever fashion that is
  * sensible for the DSO method in question.  The only rule that really
  * applies is that if the two specification contain pieces of the same
- * type, the copy from the string string takes priority.  One could see
+ * type, the copy from the first string takes priority.  One could see
  * it as the first specification is the one given by the user and the
  * second being a bunch of defaults to add on if they're missing in the
  * first. */
@@ -170,6 +170,11 @@ typedef struct dso_meth_st
 	/* [De]Initialisation handlers. */
 	int (*init)(DSO *dso);
 	int (*finish)(DSO *dso);
+
+	/* Return pathname of the module containing location */
+	int (*pathbyaddr)(void *addr,char *path,int sz);
+	/* Perform global symbol lookup, i.e. among *all* modules */
+	void *(*globallookup)(const char *symname);
 	} DSO_METHOD;
 
 /**********************************************************************/
@@ -183,7 +188,7 @@ struct dso_st
 	 * for use in the dso_bind handler. All in all, let each
 	 * method control its own destiny. "Handles" and such go in
 	 * a STACK. */
-	STACK *meth_data;
+	STACK_OF(void) *meth_data;
 	int references;
 	int flags;
 	/* For use by applications etc ... use this for your bits'n'pieces,
@@ -296,6 +301,30 @@ DSO_METHOD *DSO_METHOD_win32(void);
 /* If VMS is defined, use shared images. If not, return NULL. */
 DSO_METHOD *DSO_METHOD_vms(void);
 
+/* This function writes null-terminated pathname of DSO module
+ * containing 'addr' into 'sz' large caller-provided 'path' and
+ * returns the number of characters [including trailing zero]
+ * written to it. If 'sz' is 0 or negative, 'path' is ignored and
+ * required amount of charachers [including trailing zero] to
+ * accomodate pathname is returned. If 'addr' is NULL, then
+ * pathname of cryptolib itself is returned. Negative or zero
+ * return value denotes error.
+ */
+int DSO_pathbyaddr(void *addr,char *path,int sz);
+
+/* This function should be used with caution! It looks up symbols in
+ * *all* loaded modules and if module gets unloaded by somebody else
+ * attempt to dereference the pointer is doomed to have fatal
+ * consequences. Primary usage for this function is to probe *core*
+ * system functionality, e.g. check if getnameinfo(3) is available
+ * at run-time without bothering about OS-specific details such as
+ * libc.so.versioning or where does it actually reside: in libc
+ * itself or libsocket. */
+void *DSO_global_lookup(const char *name);
+
+/* If BeOS is defined, use shared images. If not, return NULL. */
+DSO_METHOD *DSO_METHOD_beos(void);
+
 /* BEGIN ERROR CODES */
 /* The following lines are auto generated by the script mkerr.pl. Any changes
  * made after this point may be overwritten when the script is next run.
@@ -305,6 +334,11 @@ void ERR_load_DSO_strings(void);
 /* Error codes for the DSO functions. */
 
 /* Function codes. */
+#define DSO_F_BEOS_BIND_FUNC				 144
+#define DSO_F_BEOS_BIND_VAR				 145
+#define DSO_F_BEOS_LOAD					 146
+#define DSO_F_BEOS_NAME_CONVERTER			 147
+#define DSO_F_BEOS_UNLOAD				 148
 #define DSO_F_DLFCN_BIND_FUNC				 100
 #define DSO_F_DLFCN_BIND_VAR				 101
 #define DSO_F_DLFCN_LOAD				 102
@@ -324,21 +358,30 @@ void ERR_load_DSO_strings(void);
 #define DSO_F_DSO_FREE					 111
 #define DSO_F_DSO_GET_FILENAME				 127
 #define DSO_F_DSO_GET_LOADED_FILENAME			 128
+#define DSO_F_DSO_GLOBAL_LOOKUP				 139
 #define DSO_F_DSO_LOAD					 112
 #define DSO_F_DSO_MERGE					 132
 #define DSO_F_DSO_NEW_METHOD				 113
+#define DSO_F_DSO_PATHBYADDR				 140
 #define DSO_F_DSO_SET_FILENAME				 129
 #define DSO_F_DSO_SET_NAME_CONVERTER			 122
 #define DSO_F_DSO_UP_REF				 114
-#define DSO_F_VMS_BIND_VAR				 115
+#define DSO_F_GLOBAL_LOOKUP_FUNC			 138
+#define DSO_F_PATHBYADDR				 137
+#define DSO_F_VMS_BIND_SYM				 115
 #define DSO_F_VMS_LOAD					 116
 #define DSO_F_VMS_MERGER				 133
 #define DSO_F_VMS_UNLOAD				 117
 #define DSO_F_WIN32_BIND_FUNC				 118
 #define DSO_F_WIN32_BIND_VAR				 119
+#define DSO_F_WIN32_GLOBALLOOKUP			 142
+#define DSO_F_WIN32_GLOBALLOOKUP_FUNC			 143
+#define DSO_F_WIN32_JOINER				 135
 #define DSO_F_WIN32_LOAD				 120
 #define DSO_F_WIN32_MERGER				 134
 #define DSO_F_WIN32_NAME_CONVERTER			 125
+#define DSO_F_WIN32_PATHBYADDR				 141
+#define DSO_F_WIN32_SPLITTER				 136
 #define DSO_F_WIN32_UNLOAD				 121
 
 /* Reason codes. */
diff --git a/crypto/dso/dso_beos.c b/crypto/dso/dso_beos.c
new file mode 100644
index 0000000000..553966e699
--- /dev/null
+++ b/crypto/dso/dso_beos.c
@@ -0,0 +1,270 @@
+/* dso_beos.c */
+/* Written by Marcin Konicki (ahwayakchih@neoni.net) for the OpenSSL
+ * project 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include "cryptlib.h"
+#include <openssl/dso.h>
+
+#if !defined(OPENSSL_SYS_BEOS)
+DSO_METHOD *DSO_METHOD_beos(void)
+	{
+	return NULL;
+	}
+#else
+
+#include <kernel/image.h>
+
+static int beos_load(DSO *dso);
+static int beos_unload(DSO *dso);
+static void *beos_bind_var(DSO *dso, const char *symname);
+static DSO_FUNC_TYPE beos_bind_func(DSO *dso, const char *symname);
+#if 0
+static int beos_unbind_var(DSO *dso, char *symname, void *symptr);
+static int beos_unbind_func(DSO *dso, char *symname, DSO_FUNC_TYPE symptr);
+static int beos_init(DSO *dso);
+static int beos_finish(DSO *dso);
+static long beos_ctrl(DSO *dso, int cmd, long larg, void *parg);
+#endif
+static char *beos_name_converter(DSO *dso, const char *filename);
+
+static DSO_METHOD dso_meth_beos = {
+	"OpenSSL 'beos' shared library method",
+	beos_load,
+	beos_unload,
+	beos_bind_var,
+	beos_bind_func,
+/* For now, "unbind" doesn't exist */
+#if 0
+	NULL, /* unbind_var */
+	NULL, /* unbind_func */
+#endif
+	NULL, /* ctrl */
+	beos_name_converter,
+	NULL, /* init */
+	NULL  /* finish */
+	};
+
+DSO_METHOD *DSO_METHOD_beos(void)
+	{
+	return(&dso_meth_beos);
+	}
+
+/* For this DSO_METHOD, our meth_data STACK will contain;
+ * (i) a pointer to the handle (image_id) returned from
+ *     load_add_on().
+ */
+
+static int beos_load(DSO *dso)
+	{
+	image_id id;
+	/* See applicable comments from dso_dl.c */
+	char *filename = DSO_convert_filename(dso, NULL);
+
+	if(filename == NULL)
+		{
+		DSOerr(DSO_F_BEOS_LOAD,DSO_R_NO_FILENAME);
+		goto err;
+		}
+	id = load_add_on(filename);
+	if(id < 1)
+		{
+		DSOerr(DSO_F_BEOS_LOAD,DSO_R_LOAD_FAILED);
+		ERR_add_error_data(3, "filename(", filename, ")");
+		goto err;
+		}
+	if(!sk_push(dso->meth_data, (char *)id))
+		{
+		DSOerr(DSO_F_BEOS_LOAD,DSO_R_STACK_ERROR);
+		goto err;
+		}
+	/* Success */
+	dso->loaded_filename = filename;
+	return(1);
+err:
+	/* Cleanup !*/
+	if(filename != NULL)
+		OPENSSL_free(filename);
+	if(id > 0)
+		unload_add_on(id);
+	return(0);
+	}
+
+static int beos_unload(DSO *dso)
+	{
+	image_id id;
+	if(dso == NULL)
+		{
+		DSOerr(DSO_F_BEOS_UNLOAD,ERR_R_PASSED_NULL_PARAMETER);
+		return(0);
+		}
+	if(sk_num(dso->meth_data) < 1)
+		return(1);
+	id = (image_id)sk_pop(dso->meth_data);
+	if(id < 1)
+		{
+		DSOerr(DSO_F_BEOS_UNLOAD,DSO_R_NULL_HANDLE);
+		return(0);
+		}
+	if(unload_add_on(id) != B_OK)
+		{
+		DSOerr(DSO_F_BEOS_UNLOAD,DSO_R_UNLOAD_FAILED);
+		/* We should push the value back onto the stack in
+		 * case of a retry. */
+		sk_push(dso->meth_data, (char *)id);
+		return(0);
+		}
+	return(1);
+	}
+
+static void *beos_bind_var(DSO *dso, const char *symname)
+	{
+	image_id id;
+	void *sym;
+
+	if((dso == NULL) || (symname == NULL))
+		{
+		DSOerr(DSO_F_BEOS_BIND_VAR,ERR_R_PASSED_NULL_PARAMETER);
+		return(NULL);
+		}
+	if(sk_num(dso->meth_data) < 1)
+		{
+		DSOerr(DSO_F_BEOS_BIND_VAR,DSO_R_STACK_ERROR);
+		return(NULL);
+		}
+	id = (image_id)sk_value(dso->meth_data, sk_num(dso->meth_data) - 1);
+	if(id < 1)
+		{
+		DSOerr(DSO_F_BEOS_BIND_VAR,DSO_R_NULL_HANDLE);
+		return(NULL);
+		}
+	if(get_image_symbol(id, symname, B_SYMBOL_TYPE_DATA, &sym) != B_OK)
+		{
+		DSOerr(DSO_F_BEOS_BIND_VAR,DSO_R_SYM_FAILURE);
+		ERR_add_error_data(3, "symname(", symname, ")");
+		return(NULL);
+		}
+	return(sym);
+	}
+
+static DSO_FUNC_TYPE beos_bind_func(DSO *dso, const char *symname)
+	{
+	image_id id;
+	void *sym;
+
+	if((dso == NULL) || (symname == NULL))
+		{
+		DSOerr(DSO_F_BEOS_BIND_FUNC,ERR_R_PASSED_NULL_PARAMETER);
+		return(NULL);
+		}
+	if(sk_num(dso->meth_data) < 1)
+		{
+		DSOerr(DSO_F_BEOS_BIND_FUNC,DSO_R_STACK_ERROR);
+		return(NULL);
+		}
+	id = (image_id)sk_value(dso->meth_data, sk_num(dso->meth_data) - 1);
+	if(id < 1)
+		{
+		DSOerr(DSO_F_BEOS_BIND_FUNC,DSO_R_NULL_HANDLE);
+		return(NULL);
+		}
+	if(get_image_symbol(id, symname, B_SYMBOL_TYPE_TEXT, &sym) != B_OK)
+		{
+		DSOerr(DSO_F_BEOS_BIND_FUNC,DSO_R_SYM_FAILURE);
+		ERR_add_error_data(3, "symname(", symname, ")");
+		return(NULL);
+		}
+	return((DSO_FUNC_TYPE)sym);
+	}
+
+/* This one is the same as the one in dlfcn */
+static char *beos_name_converter(DSO *dso, const char *filename)
+	{
+	char *translated;
+	int len, rsize, transform;
+
+	len = strlen(filename);
+	rsize = len + 1;
+	transform = (strstr(filename, "/") == NULL);
+	if(transform)
+		{
+		/* We will convert this to "%s.so" or "lib%s.so" */
+		rsize += 3;	/* The length of ".so" */
+		if ((DSO_flags(dso) & DSO_FLAG_NAME_TRANSLATION_EXT_ONLY) == 0)
+			rsize += 3; /* The length of "lib" */
+		}
+	translated = OPENSSL_malloc(rsize);
+	if(translated == NULL)
+		{
+		DSOerr(DSO_F_BEOS_NAME_CONVERTER,
+				DSO_R_NAME_TRANSLATION_FAILED);
+		return(NULL);
+		}
+	if(transform)
+		{
+		if ((DSO_flags(dso) & DSO_FLAG_NAME_TRANSLATION_EXT_ONLY) == 0)
+			sprintf(translated, "lib%s.so", filename);
+		else
+			sprintf(translated, "%s.so", filename);
+		}
+	else
+		sprintf(translated, "%s", filename);
+	return(translated);
+	}
+
+#endif
diff --git a/crypto/dso/dso_dl.c b/crypto/dso/dso_dl.c
index fd1c758260..fc4236bd9a 100644
--- a/crypto/dso/dso_dl.c
+++ b/crypto/dso/dso_dl.c
@@ -85,6 +85,8 @@ static int dl_ctrl(DSO *dso, int cmd, long larg, void *parg);
 #endif
 static char *dl_name_converter(DSO *dso, const char *filename);
 static char *dl_merger(DSO *dso, const char *filespec1, const char *filespec2);
+static int dl_pathbyaddr(void *addr,char *path,int sz);
+static void *dl_globallookup(const char *name);
 
 static DSO_METHOD dso_meth_dl = {
 	"OpenSSL 'dl' shared library method",
@@ -101,7 +103,9 @@ static DSO_METHOD dso_meth_dl = {
 	dl_name_converter,
 	dl_merger,
 	NULL, /* init */
-	NULL  /* finish */
+	NULL, /* finish */
+	dl_pathbyaddr,
+	dl_globallookup
 	};
 
 DSO_METHOD *DSO_METHOD_dl(void)
@@ -128,7 +132,8 @@ static int dl_load(DSO *dso)
 		DSOerr(DSO_F_DL_LOAD,DSO_R_NO_FILENAME);
 		goto err;
 		}
-	ptr = shl_load(filename, BIND_IMMEDIATE|DYNAMIC_PATH, 0L);
+	ptr = shl_load(filename, BIND_IMMEDIATE |
+		(dso->flags&DSO_FLAG_NO_NAME_TRANSLATION?0:DYNAMIC_PATH), 0L);
 	if(ptr == NULL)
 		{
 		DSOerr(DSO_F_DL_LOAD,DSO_R_LOAD_FAILED);
@@ -349,4 +354,40 @@ static char *dl_name_converter(DSO *dso, const char *filename)
 	return(translated);
 	}
 
+static int dl_pathbyaddr(void *addr,char *path,int sz)
+	{
+	struct shl_descriptor inf;
+	int i,len;
+
+	if (addr == NULL)
+		{
+		union	{ int(*f)(void*,char*,int); void *p; } t =
+			{ dl_pathbyaddr };
+		addr = t.p;
+		}
+
+	for (i=-1;shl_get_r(i,&inf)==0;i++)
+		{
+		if (((size_t)addr >= inf.tstart && (size_t)addr < inf.tend) ||
+		    ((size_t)addr >= inf.dstart && (size_t)addr < inf.dend))
+			{
+			len = (int)strlen(inf.filename);
+			if (sz <= 0) return len+1;
+			if (len >= sz) len=sz-1;
+			memcpy(path,inf.filename,len);
+			path[len++] = 0;
+			return len;
+			}
+		}
+
+	return -1;
+	}
+
+static void *dl_globallookup(const char *name)
+	{
+	void *ret;
+	shl_t h = NULL;
+
+	return shl_findsym(&h,name,TYPE_UNDEFINED,&ret) ? NULL : ret;
+	}
 #endif /* DSO_DL */
diff --git a/crypto/dso/dso_dlfcn.c b/crypto/dso/dso_dlfcn.c
index 2d7534afac..7da3f78928 100644
--- a/crypto/dso/dso_dlfcn.c
+++ b/crypto/dso/dso_dlfcn.c
@@ -56,6 +56,16 @@
  *
  */
 
+/* We need to do this early, because stdio.h includes the header files
+   that handle _GNU_SOURCE and other similar macros.  Defining it later
+   is simply too late, because those headers are protected from re-
+   inclusion.  */
+#ifdef __linux
+# ifndef _GNU_SOURCE
+#  define _GNU_SOURCE	/* make sure dladdr is declared */
+# endif
+#endif
+
 #include <stdio.h>
 #include "cryptlib.h"
 #include <openssl/dso.h>
@@ -68,7 +78,13 @@ DSO_METHOD *DSO_METHOD_dlfcn(void)
 #else
 
 #ifdef HAVE_DLFCN_H
-#include <dlfcn.h>
+# include <dlfcn.h>
+# define HAVE_DLINFO 1
+# if defined(_AIX) || defined(__CYGWIN__) || \
+     defined(__SCO_VERSION__) || defined(_SCO_ELF) || \
+     (defined(__OpenBSD__) && !defined(RTLD_SELF))
+#  undef HAVE_DLINFO
+# endif
 #endif
 
 /* Part of the hack in "dlfcn_load" ... */
@@ -87,6 +103,8 @@ static long dlfcn_ctrl(DSO *dso, int cmd, long larg, void *parg);
 static char *dlfcn_name_converter(DSO *dso, const char *filename);
 static char *dlfcn_merger(DSO *dso, const char *filespec1,
 	const char *filespec2);
+static int dlfcn_pathbyaddr(void *addr,char *path,int sz);
+static void *dlfcn_globallookup(const char *name);
 
 static DSO_METHOD dso_meth_dlfcn = {
 	"OpenSSL 'dlfcn' shared library method",
@@ -103,7 +121,9 @@ static DSO_METHOD dso_meth_dlfcn = {
 	dlfcn_name_converter,
 	dlfcn_merger,
 	NULL, /* init */
-	NULL  /* finish */
+	NULL, /* finish */
+	dlfcn_pathbyaddr,
+	dlfcn_globallookup
 	};
 
 DSO_METHOD *DSO_METHOD_dlfcn(void)
@@ -163,7 +183,7 @@ static int dlfcn_load(DSO *dso)
 		ERR_add_error_data(4, "filename(", filename, "): ", dlerror());
 		goto err;
 		}
-	if(!sk_push(dso->meth_data, (char *)ptr))
+	if(!sk_void_push(dso->meth_data, (char *)ptr))
 		{
 		DSOerr(DSO_F_DLFCN_LOAD,DSO_R_STACK_ERROR);
 		goto err;
@@ -188,15 +208,15 @@ static int dlfcn_unload(DSO *dso)
 		DSOerr(DSO_F_DLFCN_UNLOAD,ERR_R_PASSED_NULL_PARAMETER);
 		return(0);
 		}
-	if(sk_num(dso->meth_data) < 1)
+	if(sk_void_num(dso->meth_data) < 1)
 		return(1);
-	ptr = (void *)sk_pop(dso->meth_data);
+	ptr = sk_void_pop(dso->meth_data);
 	if(ptr == NULL)
 		{
 		DSOerr(DSO_F_DLFCN_UNLOAD,DSO_R_NULL_HANDLE);
 		/* Should push the value back onto the stack in
 		 * case of a retry. */
-		sk_push(dso->meth_data, (char *)ptr);
+		sk_void_push(dso->meth_data, ptr);
 		return(0);
 		}
 	/* For now I'm not aware of any errors associated with dlclose() */
@@ -213,12 +233,12 @@ static void *dlfcn_bind_var(DSO *dso, const char *symname)
 		DSOerr(DSO_F_DLFCN_BIND_VAR,ERR_R_PASSED_NULL_PARAMETER);
 		return(NULL);
 		}
-	if(sk_num(dso->meth_data) < 1)
+	if(sk_void_num(dso->meth_data) < 1)
 		{
 		DSOerr(DSO_F_DLFCN_BIND_VAR,DSO_R_STACK_ERROR);
 		return(NULL);
 		}
-	ptr = (void *)sk_value(dso->meth_data, sk_num(dso->meth_data) - 1);
+	ptr = sk_void_value(dso->meth_data, sk_void_num(dso->meth_data) - 1);
 	if(ptr == NULL)
 		{
 		DSOerr(DSO_F_DLFCN_BIND_VAR,DSO_R_NULL_HANDLE);
@@ -237,32 +257,35 @@ static void *dlfcn_bind_var(DSO *dso, const char *symname)
 static DSO_FUNC_TYPE dlfcn_bind_func(DSO *dso, const char *symname)
 	{
 	void *ptr;
-	DSO_FUNC_TYPE sym;
+	union {
+		DSO_FUNC_TYPE sym;
+		void *dlret;
+	} u;
 
 	if((dso == NULL) || (symname == NULL))
 		{
 		DSOerr(DSO_F_DLFCN_BIND_FUNC,ERR_R_PASSED_NULL_PARAMETER);
 		return(NULL);
 		}
-	if(sk_num(dso->meth_data) < 1)
+	if(sk_void_num(dso->meth_data) < 1)
 		{
 		DSOerr(DSO_F_DLFCN_BIND_FUNC,DSO_R_STACK_ERROR);
 		return(NULL);
 		}
-	ptr = (void *)sk_value(dso->meth_data, sk_num(dso->meth_data) - 1);
+	ptr = sk_void_value(dso->meth_data, sk_void_num(dso->meth_data) - 1);
 	if(ptr == NULL)
 		{
 		DSOerr(DSO_F_DLFCN_BIND_FUNC,DSO_R_NULL_HANDLE);
 		return(NULL);
 		}
-	sym = (DSO_FUNC_TYPE)dlsym(ptr, symname);
-	if(sym == NULL)
+	u.dlret = dlsym(ptr, symname);
+	if(u.dlret == NULL)
 		{
 		DSOerr(DSO_F_DLFCN_BIND_FUNC,DSO_R_SYM_FAILURE);
 		ERR_add_error_data(4, "symname(", symname, "): ", dlerror());
 		return(NULL);
 		}
-	return(sym);
+	return u.sym;
 	}
 
 static char *dlfcn_merger(DSO *dso, const char *filespec1,
@@ -278,13 +301,12 @@ static char *dlfcn_merger(DSO *dso, const char *filespec1,
 		}
 	/* If the first file specification is a rooted path, it rules.
 	   same goes if the second file specification is missing. */
-	if (!filespec2 || filespec1[0] == '/')
+	if (!filespec2 || (filespec1 != NULL && filespec1[0] == '/'))
 		{
 		merged = OPENSSL_malloc(strlen(filespec1) + 1);
 		if(!merged)
 			{
-			DSOerr(DSO_F_DLFCN_MERGER,
-				ERR_R_MALLOC_FAILURE);
+			DSOerr(DSO_F_DLFCN_MERGER, ERR_R_MALLOC_FAILURE);
 			return(NULL);
 			}
 		strcpy(merged, filespec1);
@@ -310,7 +332,7 @@ static char *dlfcn_merger(DSO *dso, const char *filespec1,
 		{
 		int spec2len, len;
 
-		spec2len = (filespec2 ? strlen(filespec2) : 0);
+		spec2len = strlen(filespec2);
 		len = spec2len + (filespec1 ? strlen(filespec1) : 0);
 
 		if(filespec2 && filespec2[spec2len - 1] == '/')
@@ -332,6 +354,15 @@ static char *dlfcn_merger(DSO *dso, const char *filespec1,
 	return(merged);
 	}
 
+#ifdef OPENSSL_SYS_MACOSX
+#define DSO_ext	".dylib"
+#define DSO_extlen 6
+#else
+#define DSO_ext	".so"
+#define DSO_extlen 3
+#endif
+
+
 static char *dlfcn_name_converter(DSO *dso, const char *filename)
 	{
 	char *translated;
@@ -342,8 +373,8 @@ static char *dlfcn_name_converter(DSO *dso, const char *filename)
 	transform = (strstr(filename, "/") == NULL);
 	if(transform)
 		{
-		/* We will convert this to "%s.so" or "lib%s.so" */
-		rsize += 3;	/* The length of ".so" */
+		/* We will convert this to "%s.so" or "lib%s.so" etc */
+		rsize += DSO_extlen;	/* The length of ".so" */
 		if ((DSO_flags(dso) & DSO_FLAG_NAME_TRANSLATION_EXT_ONLY) == 0)
 			rsize += 3; /* The length of "lib" */
 		}
@@ -357,13 +388,92 @@ static char *dlfcn_name_converter(DSO *dso, const char *filename)
 	if(transform)
 		{
 		if ((DSO_flags(dso) & DSO_FLAG_NAME_TRANSLATION_EXT_ONLY) == 0)
-			sprintf(translated, "lib%s.so", filename);
+			sprintf(translated, "lib%s" DSO_ext, filename);
 		else
-			sprintf(translated, "%s.so", filename);
+			sprintf(translated, "%s" DSO_ext, filename);
 		}
 	else
 		sprintf(translated, "%s", filename);
 	return(translated);
 	}
 
+#ifdef __sgi
+/*
+This is a quote from IRIX manual for dladdr(3c):
+
+     <dlfcn.h> does not contain a prototype for dladdr or definition of
+     Dl_info.  The #include <dlfcn.h>  in the SYNOPSIS line is traditional,
+     but contains no dladdr prototype and no IRIX library contains an
+     implementation.  Write your own declaration based on the code below.
+
+     The following code is dependent on internal interfaces that are not
+     part of the IRIX compatibility guarantee; however, there is no future
+     intention to change this interface, so on a practical level, the code
+     below is safe to use on IRIX.
+*/
+#include <rld_interface.h>
+#ifndef _RLD_INTERFACE_DLFCN_H_DLADDR
+#define _RLD_INTERFACE_DLFCN_H_DLADDR
+typedef struct Dl_info {
+    const char * dli_fname;
+    void       * dli_fbase;
+    const char * dli_sname;
+    void       * dli_saddr;
+    int          dli_version;
+    int          dli_reserved1;
+    long         dli_reserved[4];
+} Dl_info;
+#else
+typedef struct Dl_info Dl_info;
+#endif
+#define _RLD_DLADDR             14
+
+static int dladdr(void *address, Dl_info *dl)
+{
+	void *v;
+	v = _rld_new_interface(_RLD_DLADDR,address,dl);
+	return (int)v;
+}
+#endif /* __sgi */
+
+static int dlfcn_pathbyaddr(void *addr,char *path,int sz)
+	{
+#ifdef HAVE_DLINFO
+	Dl_info dli;
+	int len;
+
+	if (addr == NULL)
+		{
+		union	{ int(*f)(void*,char*,int); void *p; } t =
+			{ dlfcn_pathbyaddr };
+		addr = t.p;
+		}
+
+	if (dladdr(addr,&dli))
+		{
+		len = (int)strlen(dli.dli_fname);
+		if (sz <= 0) return len+1;
+		if (len >= sz) len=sz-1;
+		memcpy(path,dli.dli_fname,len);
+		path[len++]=0;
+		return len;
+		}
+
+	ERR_add_error_data(4, "dlfcn_pathbyaddr(): ", dlerror());
+#endif
+	return -1;
+	}
+
+static void *dlfcn_globallookup(const char *name)
+	{
+	void *ret = NULL,*handle = dlopen(NULL,RTLD_LAZY);
+	
+	if (handle)
+		{
+		ret = dlsym(handle,name);
+		dlclose(handle);
+		}
+
+	return ret;
+	}
 #endif /* DSO_DLFCN */
diff --git a/crypto/dso/dso_err.c b/crypto/dso/dso_err.c
index 8ec7ba9f9e..2bb07c2514 100644
--- a/crypto/dso/dso_err.c
+++ b/crypto/dso/dso_err.c
@@ -1,6 +1,6 @@
 /* crypto/dso/dso_err.c */
 /* ====================================================================
- * Copyright (c) 1999-2002 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2006 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -61,69 +61,86 @@
 #include <stdio.h>
 #include <openssl/err.h>
 #include <openssl/dso.h>
-#include <openssl/opensslconf.h> /* To see if OPENSSL_NO_ERR is defined */
 
 /* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
+
+#define ERR_FUNC(func) ERR_PACK(ERR_LIB_DSO,func,0)
+#define ERR_REASON(reason) ERR_PACK(ERR_LIB_DSO,0,reason)
+
 static ERR_STRING_DATA DSO_str_functs[]=
 	{
-{ERR_PACK(0,DSO_F_DLFCN_BIND_FUNC,0),	"DLFCN_BIND_FUNC"},
-{ERR_PACK(0,DSO_F_DLFCN_BIND_VAR,0),	"DLFCN_BIND_VAR"},
-{ERR_PACK(0,DSO_F_DLFCN_LOAD,0),	"DLFCN_LOAD"},
-{ERR_PACK(0,DSO_F_DLFCN_MERGER,0),	"DLFCN_MERGER"},
-{ERR_PACK(0,DSO_F_DLFCN_NAME_CONVERTER,0),	"DLFCN_NAME_CONVERTER"},
-{ERR_PACK(0,DSO_F_DLFCN_UNLOAD,0),	"DLFCN_UNLOAD"},
-{ERR_PACK(0,DSO_F_DL_BIND_FUNC,0),	"DL_BIND_FUNC"},
-{ERR_PACK(0,DSO_F_DL_BIND_VAR,0),	"DL_BIND_VAR"},
-{ERR_PACK(0,DSO_F_DL_LOAD,0),	"DL_LOAD"},
-{ERR_PACK(0,DSO_F_DL_MERGER,0),	"DL_MERGER"},
-{ERR_PACK(0,DSO_F_DL_NAME_CONVERTER,0),	"DL_NAME_CONVERTER"},
-{ERR_PACK(0,DSO_F_DL_UNLOAD,0),	"DL_UNLOAD"},
-{ERR_PACK(0,DSO_F_DSO_BIND_FUNC,0),	"DSO_bind_func"},
-{ERR_PACK(0,DSO_F_DSO_BIND_VAR,0),	"DSO_bind_var"},
-{ERR_PACK(0,DSO_F_DSO_CONVERT_FILENAME,0),	"DSO_convert_filename"},
-{ERR_PACK(0,DSO_F_DSO_CTRL,0),	"DSO_ctrl"},
-{ERR_PACK(0,DSO_F_DSO_FREE,0),	"DSO_free"},
-{ERR_PACK(0,DSO_F_DSO_GET_FILENAME,0),	"DSO_get_filename"},
-{ERR_PACK(0,DSO_F_DSO_GET_LOADED_FILENAME,0),	"DSO_get_loaded_filename"},
-{ERR_PACK(0,DSO_F_DSO_LOAD,0),	"DSO_load"},
-{ERR_PACK(0,DSO_F_DSO_MERGE,0),	"DSO_merge"},
-{ERR_PACK(0,DSO_F_DSO_NEW_METHOD,0),	"DSO_new_method"},
-{ERR_PACK(0,DSO_F_DSO_SET_FILENAME,0),	"DSO_set_filename"},
-{ERR_PACK(0,DSO_F_DSO_SET_NAME_CONVERTER,0),	"DSO_set_name_converter"},
-{ERR_PACK(0,DSO_F_DSO_UP_REF,0),	"DSO_up_ref"},
-{ERR_PACK(0,DSO_F_VMS_BIND_VAR,0),	"VMS_BIND_VAR"},
-{ERR_PACK(0,DSO_F_VMS_LOAD,0),	"VMS_LOAD"},
-{ERR_PACK(0,DSO_F_VMS_MERGER,0),	"VMS_MERGER"},
-{ERR_PACK(0,DSO_F_VMS_UNLOAD,0),	"VMS_UNLOAD"},
-{ERR_PACK(0,DSO_F_WIN32_BIND_FUNC,0),	"WIN32_BIND_FUNC"},
-{ERR_PACK(0,DSO_F_WIN32_BIND_VAR,0),	"WIN32_BIND_VAR"},
-{ERR_PACK(0,DSO_F_WIN32_LOAD,0),	"WIN32_LOAD"},
-{ERR_PACK(0,DSO_F_WIN32_MERGER,0),	"WIN32_MERGER"},
-{ERR_PACK(0,DSO_F_WIN32_NAME_CONVERTER,0),	"WIN32_NAME_CONVERTER"},
-{ERR_PACK(0,DSO_F_WIN32_UNLOAD,0),	"WIN32_UNLOAD"},
+{ERR_FUNC(DSO_F_BEOS_BIND_FUNC),	"BEOS_BIND_FUNC"},
+{ERR_FUNC(DSO_F_BEOS_BIND_VAR),	"BEOS_BIND_VAR"},
+{ERR_FUNC(DSO_F_BEOS_LOAD),	"BEOS_LOAD"},
+{ERR_FUNC(DSO_F_BEOS_NAME_CONVERTER),	"BEOS_NAME_CONVERTER"},
+{ERR_FUNC(DSO_F_BEOS_UNLOAD),	"BEOS_UNLOAD"},
+{ERR_FUNC(DSO_F_DLFCN_BIND_FUNC),	"DLFCN_BIND_FUNC"},
+{ERR_FUNC(DSO_F_DLFCN_BIND_VAR),	"DLFCN_BIND_VAR"},
+{ERR_FUNC(DSO_F_DLFCN_LOAD),	"DLFCN_LOAD"},
+{ERR_FUNC(DSO_F_DLFCN_MERGER),	"DLFCN_MERGER"},
+{ERR_FUNC(DSO_F_DLFCN_NAME_CONVERTER),	"DLFCN_NAME_CONVERTER"},
+{ERR_FUNC(DSO_F_DLFCN_UNLOAD),	"DLFCN_UNLOAD"},
+{ERR_FUNC(DSO_F_DL_BIND_FUNC),	"DL_BIND_FUNC"},
+{ERR_FUNC(DSO_F_DL_BIND_VAR),	"DL_BIND_VAR"},
+{ERR_FUNC(DSO_F_DL_LOAD),	"DL_LOAD"},
+{ERR_FUNC(DSO_F_DL_MERGER),	"DL_MERGER"},
+{ERR_FUNC(DSO_F_DL_NAME_CONVERTER),	"DL_NAME_CONVERTER"},
+{ERR_FUNC(DSO_F_DL_UNLOAD),	"DL_UNLOAD"},
+{ERR_FUNC(DSO_F_DSO_BIND_FUNC),	"DSO_bind_func"},
+{ERR_FUNC(DSO_F_DSO_BIND_VAR),	"DSO_bind_var"},
+{ERR_FUNC(DSO_F_DSO_CONVERT_FILENAME),	"DSO_convert_filename"},
+{ERR_FUNC(DSO_F_DSO_CTRL),	"DSO_ctrl"},
+{ERR_FUNC(DSO_F_DSO_FREE),	"DSO_free"},
+{ERR_FUNC(DSO_F_DSO_GET_FILENAME),	"DSO_get_filename"},
+{ERR_FUNC(DSO_F_DSO_GET_LOADED_FILENAME),	"DSO_get_loaded_filename"},
+{ERR_FUNC(DSO_F_DSO_GLOBAL_LOOKUP),	"DSO_global_lookup"},
+{ERR_FUNC(DSO_F_DSO_LOAD),	"DSO_load"},
+{ERR_FUNC(DSO_F_DSO_MERGE),	"DSO_merge"},
+{ERR_FUNC(DSO_F_DSO_NEW_METHOD),	"DSO_new_method"},
+{ERR_FUNC(DSO_F_DSO_PATHBYADDR),	"DSO_pathbyaddr"},
+{ERR_FUNC(DSO_F_DSO_SET_FILENAME),	"DSO_set_filename"},
+{ERR_FUNC(DSO_F_DSO_SET_NAME_CONVERTER),	"DSO_set_name_converter"},
+{ERR_FUNC(DSO_F_DSO_UP_REF),	"DSO_up_ref"},
+{ERR_FUNC(DSO_F_GLOBAL_LOOKUP_FUNC),	"GLOBAL_LOOKUP_FUNC"},
+{ERR_FUNC(DSO_F_PATHBYADDR),	"PATHBYADDR"},
+{ERR_FUNC(DSO_F_VMS_BIND_SYM),	"VMS_BIND_SYM"},
+{ERR_FUNC(DSO_F_VMS_LOAD),	"VMS_LOAD"},
+{ERR_FUNC(DSO_F_VMS_MERGER),	"VMS_MERGER"},
+{ERR_FUNC(DSO_F_VMS_UNLOAD),	"VMS_UNLOAD"},
+{ERR_FUNC(DSO_F_WIN32_BIND_FUNC),	"WIN32_BIND_FUNC"},
+{ERR_FUNC(DSO_F_WIN32_BIND_VAR),	"WIN32_BIND_VAR"},
+{ERR_FUNC(DSO_F_WIN32_GLOBALLOOKUP),	"WIN32_GLOBALLOOKUP"},
+{ERR_FUNC(DSO_F_WIN32_GLOBALLOOKUP_FUNC),	"WIN32_GLOBALLOOKUP_FUNC"},
+{ERR_FUNC(DSO_F_WIN32_JOINER),	"WIN32_JOINER"},
+{ERR_FUNC(DSO_F_WIN32_LOAD),	"WIN32_LOAD"},
+{ERR_FUNC(DSO_F_WIN32_MERGER),	"WIN32_MERGER"},
+{ERR_FUNC(DSO_F_WIN32_NAME_CONVERTER),	"WIN32_NAME_CONVERTER"},
+{ERR_FUNC(DSO_F_WIN32_PATHBYADDR),	"WIN32_PATHBYADDR"},
+{ERR_FUNC(DSO_F_WIN32_SPLITTER),	"WIN32_SPLITTER"},
+{ERR_FUNC(DSO_F_WIN32_UNLOAD),	"WIN32_UNLOAD"},
 {0,NULL}
 	};
 
 static ERR_STRING_DATA DSO_str_reasons[]=
 	{
-{DSO_R_CTRL_FAILED                       ,"control command failed"},
-{DSO_R_DSO_ALREADY_LOADED                ,"dso already loaded"},
-{DSO_R_EMPTY_FILE_STRUCTURE              ,"empty file structure"},
-{DSO_R_FAILURE                           ,"failure"},
-{DSO_R_FILENAME_TOO_BIG                  ,"filename too big"},
-{DSO_R_FINISH_FAILED                     ,"cleanup method function failed"},
-{DSO_R_INCORRECT_FILE_SYNTAX             ,"incorrect file syntax"},
-{DSO_R_LOAD_FAILED                       ,"could not load the shared library"},
-{DSO_R_NAME_TRANSLATION_FAILED           ,"name translation failed"},
-{DSO_R_NO_FILENAME                       ,"no filename"},
-{DSO_R_NO_FILE_SPECIFICATION             ,"no file specification"},
-{DSO_R_NULL_HANDLE                       ,"a null shared library handle was used"},
-{DSO_R_SET_FILENAME_FAILED               ,"set filename failed"},
-{DSO_R_STACK_ERROR                       ,"the meth_data stack is corrupt"},
-{DSO_R_SYM_FAILURE                       ,"could not bind to the requested symbol name"},
-{DSO_R_UNLOAD_FAILED                     ,"could not unload the shared library"},
-{DSO_R_UNSUPPORTED                       ,"functionality not supported"},
+{ERR_REASON(DSO_R_CTRL_FAILED)           ,"control command failed"},
+{ERR_REASON(DSO_R_DSO_ALREADY_LOADED)    ,"dso already loaded"},
+{ERR_REASON(DSO_R_EMPTY_FILE_STRUCTURE)  ,"empty file structure"},
+{ERR_REASON(DSO_R_FAILURE)               ,"failure"},
+{ERR_REASON(DSO_R_FILENAME_TOO_BIG)      ,"filename too big"},
+{ERR_REASON(DSO_R_FINISH_FAILED)         ,"cleanup method function failed"},
+{ERR_REASON(DSO_R_INCORRECT_FILE_SYNTAX) ,"incorrect file syntax"},
+{ERR_REASON(DSO_R_LOAD_FAILED)           ,"could not load the shared library"},
+{ERR_REASON(DSO_R_NAME_TRANSLATION_FAILED),"name translation failed"},
+{ERR_REASON(DSO_R_NO_FILENAME)           ,"no filename"},
+{ERR_REASON(DSO_R_NO_FILE_SPECIFICATION) ,"no file specification"},
+{ERR_REASON(DSO_R_NULL_HANDLE)           ,"a null shared library handle was used"},
+{ERR_REASON(DSO_R_SET_FILENAME_FAILED)   ,"set filename failed"},
+{ERR_REASON(DSO_R_STACK_ERROR)           ,"the meth_data stack is corrupt"},
+{ERR_REASON(DSO_R_SYM_FAILURE)           ,"could not bind to the requested symbol name"},
+{ERR_REASON(DSO_R_UNLOAD_FAILED)         ,"could not unload the shared library"},
+{ERR_REASON(DSO_R_UNSUPPORTED)           ,"functionality not supported"},
 {0,NULL}
 	};
 
@@ -131,15 +148,12 @@ static ERR_STRING_DATA DSO_str_reasons[]=
 
 void ERR_load_DSO_strings(void)
 	{
-	static int init=1;
-
-	if (init)
-		{
-		init=0;
 #ifndef OPENSSL_NO_ERR
-		ERR_load_strings(ERR_LIB_DSO,DSO_str_functs);
-		ERR_load_strings(ERR_LIB_DSO,DSO_str_reasons);
-#endif
 
+	if (ERR_func_error_string(DSO_str_functs[0].error) == NULL)
+		{
+		ERR_load_strings(0,DSO_str_functs);
+		ERR_load_strings(0,DSO_str_reasons);
 		}
+#endif
 	}
diff --git a/crypto/dso/dso_lib.c b/crypto/dso/dso_lib.c
index 49bdd71309..8a15b794ab 100644
--- a/crypto/dso/dso_lib.c
+++ b/crypto/dso/dso_lib.c
@@ -107,7 +107,7 @@ DSO *DSO_new_method(DSO_METHOD *meth)
 		return(NULL);
 		}
 	memset(ret, 0, sizeof(DSO));
-	ret->meth_data = sk_new_null();
+	ret->meth_data = sk_void_new_null();
 	if(ret->meth_data == NULL)
 		{
 		/* sk_new doesn't generate any errors so we do */
@@ -163,7 +163,7 @@ int DSO_free(DSO *dso)
 		return(0);
 		}
 	
-	sk_free(dso->meth_data);
+	sk_void_free(dso->meth_data);
 	if(dso->filename != NULL)
 		OPENSSL_free(dso->filename);
 	if(dso->loaded_filename != NULL)
@@ -399,13 +399,6 @@ char *DSO_merge(DSO *dso, const char *filespec1, const char *filespec2)
 		DSOerr(DSO_F_DSO_MERGE,ERR_R_PASSED_NULL_PARAMETER);
 		return(NULL);
 		}
-	if(filespec1 == NULL)
-		filespec1 = dso->filename;
-	if(filespec1 == NULL)
-		{
-		DSOerr(DSO_F_DSO_MERGE,DSO_R_NO_FILE_SPECIFICATION);
-		return(NULL);
-		}
 	if((dso->flags & DSO_FLAG_NO_NAME_TRANSLATION) == 0)
 		{
 		if(dso->merger != NULL)
@@ -464,3 +457,27 @@ const char *DSO_get_loaded_filename(DSO *dso)
 		}
 	return(dso->loaded_filename);
 	}
+
+int DSO_pathbyaddr(void *addr,char *path,int sz)
+	{
+	DSO_METHOD *meth = default_DSO_meth;
+	if (meth == NULL) meth = DSO_METHOD_openssl();
+	if (meth->pathbyaddr == NULL)
+		{
+		DSOerr(DSO_F_DSO_PATHBYADDR,DSO_R_UNSUPPORTED);
+		return -1;
+		}
+	return (*meth->pathbyaddr)(addr,path,sz);
+	}
+
+void *DSO_global_lookup(const char *name)
+	{
+	DSO_METHOD *meth = default_DSO_meth;
+	if (meth == NULL) meth = DSO_METHOD_openssl();
+	if (meth->globallookup == NULL)
+		{
+		DSOerr(DSO_F_DSO_GLOBAL_LOOKUP,DSO_R_UNSUPPORTED);
+		return NULL;
+		}
+	return (*meth->globallookup)(name);
+	}
diff --git a/crypto/dso/dso_null.c b/crypto/dso/dso_null.c
index fa13a7cb0f..49d842d1f5 100644
--- a/crypto/dso/dso_null.c
+++ b/crypto/dso/dso_null.c
@@ -75,8 +75,12 @@ static DSO_METHOD dso_meth_null = {
 	NULL, /* unbind_func */
 #endif
 	NULL, /* ctrl */
+	NULL, /* dso_name_converter */
+	NULL, /* dso_merger */
 	NULL, /* init */
-	NULL  /* finish */
+	NULL, /* finish */
+	NULL, /* pathbyaddr */
+	NULL  /* globallookup */
 	};
 
 DSO_METHOD *DSO_METHOD_null(void)
diff --git a/crypto/dso/dso_openssl.c b/crypto/dso/dso_openssl.c
index a4395ebffe..b17e8e8e9e 100644
--- a/crypto/dso/dso_openssl.c
+++ b/crypto/dso/dso_openssl.c
@@ -74,6 +74,8 @@ DSO_METHOD *DSO_METHOD_openssl(void)
 	return(DSO_METHOD_win32());
 #elif defined(DSO_VMS)
 	return(DSO_METHOD_vms());
+#elif defined(DSO_BEOS)
+	return(DSO_METHOD_beos());
 #else
 	return(DSO_METHOD_null());
 #endif
diff --git a/crypto/dso/dso_vms.c b/crypto/dso/dso_vms.c
index 85fb27a108..9c1a371ba8 100644
--- a/crypto/dso/dso_vms.c
+++ b/crypto/dso/dso_vms.c
@@ -160,7 +160,7 @@ static int vms_load(DSO *dso)
 
 	if(filename == NULL)
 		{
-		DSOerr(DSO_F_DLFCN_LOAD,DSO_R_NO_FILENAME);
+		DSOerr(DSO_F_VMS_LOAD,DSO_R_NO_FILENAME);
 		goto err;
 		}
 
@@ -231,7 +231,7 @@ static int vms_load(DSO *dso)
 	p->imagename_dsc.dsc$b_class = DSC$K_CLASS_S;
 	p->imagename_dsc.dsc$a_pointer = (char_32p)p->imagename;  /* changed for 64-bit API*/
 
-	if(!sk_push(dso->meth_data, (char *)p))
+	if(!sk_void_push(dso->meth_data, (char *)p))
 		{
 		DSOerr(DSO_F_VMS_LOAD,DSO_R_STACK_ERROR);
 		goto err;
@@ -261,9 +261,9 @@ static int vms_unload(DSO *dso)
 		DSOerr(DSO_F_VMS_UNLOAD,ERR_R_PASSED_NULL_PARAMETER);
 		return(0);
 		}
-	if(sk_num(dso->meth_data) < 1)
+	if(sk_void_num(dso->meth_data) < 1)
 		return(1);
-	p = (DSO_VMS_INTERNAL *)sk_pop(dso->meth_data);
+	p = (DSO_VMS_INTERNAL *)sk_void_pop(dso->meth_data);
 	if(p == NULL)
 		{
 		DSOerr(DSO_F_VMS_UNLOAD,DSO_R_NULL_HANDLE);
@@ -315,19 +315,19 @@ void vms_bind_sym(DSO *dso, const char *symname, void **sym)
 
 	if((dso == NULL) || (symname == NULL))
 		{
-		DSOerr(DSO_F_VMS_BIND_VAR,ERR_R_PASSED_NULL_PARAMETER);
+		DSOerr(DSO_F_VMS_BIND_SYM,ERR_R_PASSED_NULL_PARAMETER);
 		return;
 		}
-	if(sk_num(dso->meth_data) < 1)
+	if(sk_void_num(dso->meth_data) < 1)
 		{
-		DSOerr(DSO_F_VMS_BIND_VAR,DSO_R_STACK_ERROR);
+		DSOerr(DSO_F_VMS_BIND_SYM,DSO_R_STACK_ERROR);
 		return;
 		}
-	ptr = (DSO_VMS_INTERNAL *)sk_value(dso->meth_data,
-		sk_num(dso->meth_data) - 1);
+	ptr = (DSO_VMS_INTERNAL *)sk_void_value(dso->meth_data,
+		sk_void_num(dso->meth_data) - 1);
 	if(ptr == NULL)
 		{
-		DSOerr(DSO_F_VMS_BIND_VAR,DSO_R_NULL_HANDLE);
+		DSOerr(DSO_F_VMS_BIND_SYM,DSO_R_NULL_HANDLE);
 		return;
 		}
 
@@ -356,7 +356,7 @@ void vms_bind_sym(DSO *dso, const char *symname, void **sym)
 			{
 			errstring[length] = '\0';
 
-			DSOerr(DSO_F_VMS_BIND_VAR,DSO_R_SYM_FAILURE);
+			DSOerr(DSO_F_VMS_BIND_SYM,DSO_R_SYM_FAILURE);
 			if (ptr->imagename_dsc.dsc$w_length)
 				ERR_add_error_data(9,
 					"Symbol ", symname,
diff --git a/crypto/dso/dso_win32.c b/crypto/dso/dso_win32.c
index 02e051595a..6fb6c54181 100644
--- a/crypto/dso/dso_win32.c
+++ b/crypto/dso/dso_win32.c
@@ -61,13 +61,56 @@
 #include "cryptlib.h"
 #include <openssl/dso.h>
 
-#if !defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WINCE)
+#if !defined(DSO_WIN32)
 DSO_METHOD *DSO_METHOD_win32(void)
 	{
 	return NULL;
 	}
 #else
 
+#ifdef _WIN32_WCE
+# if _WIN32_WCE < 300
+static FARPROC GetProcAddressA(HMODULE hModule,LPCSTR lpProcName)
+	{
+	WCHAR lpProcNameW[64];
+	int i;
+
+	for (i=0;lpProcName[i] && i<64;i++)
+		lpProcNameW[i] = (WCHAR)lpProcName[i];
+	if (i==64) return NULL;
+	lpProcNameW[i] = 0;
+
+	return GetProcAddressW(hModule,lpProcNameW);
+	}
+# endif
+# undef GetProcAddress
+# define GetProcAddress GetProcAddressA
+
+static HINSTANCE LoadLibraryA(LPCSTR lpLibFileName)
+	{
+	WCHAR *fnamw;
+	size_t len_0=strlen(lpLibFileName)+1,i;
+
+#ifdef _MSC_VER
+	fnamw = (WCHAR *)_alloca (len_0*sizeof(WCHAR));
+#else
+	fnamw = (WCHAR *)alloca (len_0*sizeof(WCHAR));
+#endif
+	if (fnamw == NULL)
+		{
+		SetLastError(ERROR_NOT_ENOUGH_MEMORY);
+		return NULL;
+		}
+
+#if defined(_WIN32_WCE) && _WIN32_WCE>=101
+	if (!MultiByteToWideChar(CP_ACP,0,lpLibFileName,len_0,fnamw,len_0))
+#endif
+		for (i=0;i<len_0;i++) fnamw[i]=(WCHAR)lpLibFileName[i];
+
+	return LoadLibraryW(fnamw);
+	}
+#endif
+
 /* Part of the hack in "win32_load" ... */
 #define DSO_MAX_TRANSLATED_SIZE 256
 
@@ -85,6 +128,8 @@ static long win32_ctrl(DSO *dso, int cmd, long larg, void *parg);
 static char *win32_name_converter(DSO *dso, const char *filename);
 static char *win32_merger(DSO *dso, const char *filespec1,
 	const char *filespec2);
+static int win32_pathbyaddr(void *addr,char *path,int sz);
+static void *win32_globallookup(const char *name);
 
 static const char *openssl_strnchr(const char *string, int c, size_t len);
 
@@ -103,7 +148,9 @@ static DSO_METHOD dso_meth_win32 = {
 	win32_name_converter,
 	win32_merger,
 	NULL, /* init */
-	NULL  /* finish */
+	NULL, /* finish */
+	win32_pathbyaddr,
+	win32_globallookup
 	};
 
 DSO_METHOD *DSO_METHOD_win32(void)
@@ -127,7 +174,7 @@ static int win32_load(DSO *dso)
 		DSOerr(DSO_F_WIN32_LOAD,DSO_R_NO_FILENAME);
 		goto err;
 		}
-	h = LoadLibrary(filename);
+	h = LoadLibraryA(filename);
 	if(h == NULL)
 		{
 		DSOerr(DSO_F_WIN32_LOAD,DSO_R_LOAD_FAILED);
@@ -141,7 +188,7 @@ static int win32_load(DSO *dso)
 		goto err;
 		}
 	*p = h;
-	if(!sk_push(dso->meth_data, (char *)p))
+	if(!sk_void_push(dso->meth_data, p))
 		{
 		DSOerr(DSO_F_WIN32_LOAD,DSO_R_STACK_ERROR);
 		goto err;
@@ -168,9 +215,9 @@ static int win32_unload(DSO *dso)
 		DSOerr(DSO_F_WIN32_UNLOAD,ERR_R_PASSED_NULL_PARAMETER);
 		return(0);
 		}
-	if(sk_num(dso->meth_data) < 1)
+	if(sk_void_num(dso->meth_data) < 1)
 		return(1);
-	p = (HINSTANCE *)sk_pop(dso->meth_data);
+	p = sk_void_pop(dso->meth_data);
 	if(p == NULL)
 		{
 		DSOerr(DSO_F_WIN32_UNLOAD,DSO_R_NULL_HANDLE);
@@ -181,7 +228,7 @@ static int win32_unload(DSO *dso)
 		DSOerr(DSO_F_WIN32_UNLOAD,DSO_R_UNLOAD_FAILED);
 		/* We should push the value back onto the stack in
 		 * case of a retry. */
-		sk_push(dso->meth_data, (char *)p);
+		sk_void_push(dso->meth_data, p);
 		return(0);
 		}
 	/* Cleanup */
@@ -201,12 +248,12 @@ static void *win32_bind_var(DSO *dso, const char *symname)
 		DSOerr(DSO_F_WIN32_BIND_VAR,ERR_R_PASSED_NULL_PARAMETER);
 		return(NULL);
 		}
-	if(sk_num(dso->meth_data) < 1)
+	if(sk_void_num(dso->meth_data) < 1)
 		{
 		DSOerr(DSO_F_WIN32_BIND_VAR,DSO_R_STACK_ERROR);
 		return(NULL);
 		}
-	ptr = (HINSTANCE *)sk_value(dso->meth_data, sk_num(dso->meth_data) - 1);
+	ptr = sk_void_value(dso->meth_data, sk_void_num(dso->meth_data) - 1);
 	if(ptr == NULL)
 		{
 		DSOerr(DSO_F_WIN32_BIND_VAR,DSO_R_NULL_HANDLE);
@@ -232,12 +279,12 @@ static DSO_FUNC_TYPE win32_bind_func(DSO *dso, const char *symname)
 		DSOerr(DSO_F_WIN32_BIND_FUNC,ERR_R_PASSED_NULL_PARAMETER);
 		return(NULL);
 		}
-	if(sk_num(dso->meth_data) < 1)
+	if(sk_void_num(dso->meth_data) < 1)
 		{
 		DSOerr(DSO_F_WIN32_BIND_FUNC,DSO_R_STACK_ERROR);
 		return(NULL);
 		}
-	ptr = (HINSTANCE *)sk_value(dso->meth_data, sk_num(dso->meth_data) - 1);
+	ptr = sk_void_value(dso->meth_data, sk_void_num(dso->meth_data) - 1);
 	if(ptr == NULL)
 		{
 		DSOerr(DSO_F_WIN32_BIND_FUNC,DSO_R_NULL_HANDLE);
@@ -268,10 +315,11 @@ static struct file_st *win32_splitter(DSO *dso, const char *filename,
 	struct file_st *result = NULL;
 	enum { IN_NODE, IN_DEVICE, IN_FILE } position;
 	const char *start = filename;
+	char last;
 
 	if (!filename)
 		{
-		DSOerr(DSO_F_WIN32_MERGER,DSO_R_NO_FILENAME);
+		DSOerr(DSO_F_WIN32_SPLITTER,DSO_R_NO_FILENAME);
 		/*goto err;*/
 		return(NULL);
 		}
@@ -279,7 +327,7 @@ static struct file_st *win32_splitter(DSO *dso, const char *filename,
 	result = OPENSSL_malloc(sizeof(struct file_st));
 	if(result == NULL)
 		{
-		DSOerr(DSO_F_WIN32_MERGER,
+		DSOerr(DSO_F_WIN32_SPLITTER,
 			ERR_R_MALLOC_FAILURE);
 		return(NULL);
 		}
@@ -287,8 +335,8 @@ static struct file_st *win32_splitter(DSO *dso, const char *filename,
 	memset(result, 0, sizeof(struct file_st));
 	position = IN_DEVICE;
 
-	if(filename[0] == '\\' && filename[1] == '\\'
-		|| filename[0] == '/' && filename[1] == '/')
+	if((filename[0] == '\\' && filename[1] == '\\')
+		|| (filename[0] == '/' && filename[1] == '/'))
 		{
 		position = IN_NODE;
 		filename += 2;
@@ -298,18 +346,20 @@ static struct file_st *win32_splitter(DSO *dso, const char *filename,
 
 	do
 		{
-		switch(filename[0])
+		last = filename[0];
+		switch(last)
 			{
 		case ':':
 			if(position != IN_DEVICE)
 				{
-				DSOerr(DSO_F_WIN32_MERGER,
+				DSOerr(DSO_F_WIN32_SPLITTER,
 					DSO_R_INCORRECT_FILE_SYNTAX);
 				/*goto err;*/
+				OPENSSL_free(result);
 				return(NULL);
 				}
 			result->device = start;
-			result->devicelen = filename - start;
+			result->devicelen = (int)(filename - start);
 			position = IN_FILE;
 			start = ++filename;
 			result->dir = start;
@@ -318,21 +368,30 @@ static struct file_st *win32_splitter(DSO *dso, const char *filename,
 		case '/':
 			if(position == IN_NODE)
 				{
-				result->nodelen = filename - start;
+				result->nodelen = (int)(filename - start);
 				position = IN_FILE;
 				start = ++filename;
 				result->dir = start;
 				}
+			else if(position == IN_DEVICE)
+				{
+				position = IN_FILE;
+				filename++;
+				result->dir = start;
+				result->dirlen = (int)(filename - start);
+				start = filename;
+				}
 			else
 				{
 				filename++;
-				result->dirlen += filename - start;
+				result->dirlen += (int)(filename - start);
+				start = filename;
 				}
 			break;
 		case '\0':
 			if(position == IN_NODE)
 				{
-				result->nodelen = filename - start;
+				result->nodelen = (int)(filename - start);
 				}
 			else
 				{
@@ -340,12 +399,19 @@ static struct file_st *win32_splitter(DSO *dso, const char *filename,
 					{
 					if (assume_last_is_dir)
 						{
-						result->devicelen += filename - start;
+						if (position == IN_DEVICE)
+							{
+							result->dir = start;
+							result->dirlen = 0;
+							}
+						result->dirlen +=
+							(int)(filename - start);
 						}
 					else
 						{
 						result->file = start;
-						result->filelen = filename - start;
+						result->filelen =
+							(int)(filename - start);
 						}
 					}
 				}
@@ -355,7 +421,7 @@ static struct file_st *win32_splitter(DSO *dso, const char *filename,
 			break;
 			}
 		}
-	while(*filename);
+	while(last);
 
 	if(!result->nodelen) result->node = NULL;
 	if(!result->devicelen) result->device = NULL;
@@ -373,7 +439,7 @@ static char *win32_joiner(DSO *dso, const struct file_st *file_split)
 
 	if(!file_split)
 		{
-		DSOerr(DSO_F_WIN32_MERGER,
+		DSOerr(DSO_F_WIN32_JOINER,
 				ERR_R_PASSED_NULL_PARAMETER);
 		return(NULL);
 		}
@@ -401,14 +467,14 @@ static char *win32_joiner(DSO *dso, const struct file_st *file_split)
 
 	if(!len)
 		{
-		DSOerr(DSO_F_WIN32_MERGER, DSO_R_EMPTY_FILE_STRUCTURE);
+		DSOerr(DSO_F_WIN32_JOINER, DSO_R_EMPTY_FILE_STRUCTURE);
 		return(NULL);
 		}
 
 	result = OPENSSL_malloc(len + 1);
 	if (!result)
 		{
-		DSOerr(DSO_F_WIN32_MERGER,
+		DSOerr(DSO_F_WIN32_JOINER,
 			ERR_R_MALLOC_FAILURE);
 		return(NULL);
 		}
@@ -439,14 +505,17 @@ static char *win32_joiner(DSO *dso, const struct file_st *file_split)
 				+ file_split->predirlen
 				- (start - file_split->predir);
 		strncpy(&result[offset], start,
-			end - start); offset += end - start;
+			end - start); offset += (int)(end - start);
 		result[offset] = '\\'; offset++;
 		start = end + 1;
 		}
+#if 0 /* Not needed, since the directory converter above already appeneded
+	 a backslash */
 	if(file_split->predir && (file_split->dir || file_split->file))
 		{
 		result[offset] = '\\'; offset++;
 		}
+#endif
 	start = file_split->dir;
 	while(file_split->dirlen > (start - file_split->dir))
 		{
@@ -457,14 +526,17 @@ static char *win32_joiner(DSO *dso, const struct file_st *file_split)
 				+ file_split->dirlen
 				- (start - file_split->dir);
 		strncpy(&result[offset], start,
-			end - start); offset += end - start;
+			end - start); offset += (int)(end - start);
 		result[offset] = '\\'; offset++;
 		start = end + 1;
 		}
+#if 0 /* Not needed, since the directory converter above already appeneded
+	 a backslash */
 	if(file_split->dir && file_split->file)
 		{
 		result[offset] = '\\'; offset++;
 		}
+#endif
 	strncpy(&result[offset], file_split->file,
 		file_split->filelen); offset += file_split->filelen;
 	result[offset] = '\0';
@@ -507,15 +579,15 @@ static char *win32_merger(DSO *dso, const char *filespec1, const char *filespec2
 		}
 	else
 		{
-		filespec1_split = win32_splitter(dso, filespec1, 1);
+		filespec1_split = win32_splitter(dso, filespec1, 0);
 		if (!filespec1_split)
 			{
 			DSOerr(DSO_F_WIN32_MERGER,
 				ERR_R_MALLOC_FAILURE);
 			return(NULL);
 			}
-		filespec2_split = win32_splitter(dso, filespec2, 0);
-		if (!filespec1_split)
+		filespec2_split = win32_splitter(dso, filespec2, 1);
+		if (!filespec2_split)
 			{
 			DSOerr(DSO_F_WIN32_MERGER,
 				ERR_R_MALLOC_FAILURE);
@@ -550,6 +622,8 @@ static char *win32_merger(DSO *dso, const char *filespec1, const char *filespec2
 
 		merged = win32_joiner(dso, filespec1_split);
 		}
+	OPENSSL_free(filespec1_split);
+	OPENSSL_free(filespec2_split);
 	return(merged);
 	}
 
@@ -593,5 +667,178 @@ static const char *openssl_strnchr(const char *string, int c, size_t len)
 	return NULL;
 	}
 
+#include <tlhelp32.h>
+#ifdef _WIN32_WCE
+# define DLLNAME "TOOLHELP.DLL"
+#else
+# ifdef MODULEENTRY32
+# undef MODULEENTRY32	/* unmask the ASCII version! */
+# endif
+# define DLLNAME "KERNEL32.DLL"
+#endif
+
+typedef HANDLE (WINAPI *CREATETOOLHELP32SNAPSHOT)(DWORD, DWORD);
+typedef BOOL (WINAPI *CLOSETOOLHELP32SNAPSHOT)(HANDLE);
+typedef BOOL (WINAPI *MODULE32)(HANDLE, MODULEENTRY32 *);
+
+static int win32_pathbyaddr(void *addr,char *path,int sz)
+	{
+	HMODULE dll;
+	HANDLE hModuleSnap = INVALID_HANDLE_VALUE; 
+	MODULEENTRY32 me32; 
+	CREATETOOLHELP32SNAPSHOT create_snap;
+	CLOSETOOLHELP32SNAPSHOT  close_snap;
+	MODULE32 module_first, module_next;
+	int len;
+ 
+	if (addr == NULL)
+		{
+		union	{ int(*f)(void*,char*,int); void *p; } t =
+			{ win32_pathbyaddr };
+		addr = t.p;
+		}
 
-#endif /* OPENSSL_SYS_WIN32 */
+	dll = LoadLibrary(TEXT(DLLNAME));
+	if (dll == NULL)
+		{
+		DSOerr(DSO_F_WIN32_PATHBYADDR,DSO_R_UNSUPPORTED);
+		return -1;
+		}
+
+	create_snap = (CREATETOOLHELP32SNAPSHOT)
+		GetProcAddress(dll,"CreateToolhelp32Snapshot");
+	if (create_snap == NULL)
+		{
+		FreeLibrary(dll);
+		DSOerr(DSO_F_WIN32_PATHBYADDR,DSO_R_UNSUPPORTED);
+		return -1;
+		}
+	/* We take the rest for granted... */
+#ifdef _WIN32_WCE
+	close_snap = (CLOSETOOLHELP32SNAPSHOT)
+		GetProcAddress(dll,"CloseToolhelp32Snapshot");
+#else
+	close_snap = (CLOSETOOLHELP32SNAPSHOT)CloseHandle;
+#endif
+	module_first = (MODULE32)GetProcAddress(dll,"Module32First");
+	module_next  = (MODULE32)GetProcAddress(dll,"Module32Next");
+
+	hModuleSnap = (*create_snap)(TH32CS_SNAPMODULE,0); 
+	if( hModuleSnap == INVALID_HANDLE_VALUE ) 
+		{ 
+		FreeLibrary(dll);
+		DSOerr(DSO_F_WIN32_PATHBYADDR,DSO_R_UNSUPPORTED);
+		return -1;
+		} 
+ 
+	me32.dwSize = sizeof(me32); 
+ 
+	if(!(*module_first)(hModuleSnap,&me32)) 
+		{ 
+		(*close_snap)(hModuleSnap);
+		FreeLibrary(dll);
+		DSOerr(DSO_F_WIN32_PATHBYADDR,DSO_R_FAILURE);
+		return -1;
+		}
+ 
+	do	{ 
+		if ((BYTE *)addr >= me32.modBaseAddr &&
+		    (BYTE *)addr <  me32.modBaseAddr+me32.modBaseSize)
+			{
+			(*close_snap)(hModuleSnap);
+			FreeLibrary(dll);
+#ifdef _WIN32_WCE
+# if _WIN32_WCE >= 101
+			return WideCharToMultiByte(CP_ACP,0,me32.szExePath,-1,
+							path,sz,NULL,NULL);
+# else
+			len = (int)wcslen(me32.szExePath);
+			if (sz <= 0) return len+1;
+			if (len >= sz) len=sz-1;
+			for(i=0;i<len;i++)
+				path[i] = (char)me32.szExePath[i];
+			path[len++] = 0;
+			return len;
+# endif
+#else
+			len = (int)strlen(me32.szExePath);
+			if (sz <= 0) return len+1;
+			if (len >= sz) len=sz-1;
+			memcpy(path,me32.szExePath,len);
+			path[len++] = 0;
+			return len;
+#endif
+			} 
+		} while((*module_next)(hModuleSnap, &me32)); 
+ 
+	(*close_snap)(hModuleSnap); 
+	FreeLibrary(dll);
+	return 0;
+	}
+
+static void *win32_globallookup(const char *name)
+	{
+	HMODULE dll;
+	HANDLE hModuleSnap = INVALID_HANDLE_VALUE;
+	MODULEENTRY32 me32;
+	CREATETOOLHELP32SNAPSHOT create_snap;
+	CLOSETOOLHELP32SNAPSHOT  close_snap;
+	MODULE32 module_first, module_next;
+	FARPROC ret=NULL;
+
+	dll = LoadLibrary(TEXT(DLLNAME));
+	if (dll == NULL)
+		{
+		DSOerr(DSO_F_WIN32_GLOBALLOOKUP,DSO_R_UNSUPPORTED);
+		return NULL;
+		}
+
+	create_snap = (CREATETOOLHELP32SNAPSHOT)
+		GetProcAddress(dll,"CreateToolhelp32Snapshot");
+	if (create_snap == NULL)
+		{
+		FreeLibrary(dll);
+		DSOerr(DSO_F_WIN32_GLOBALLOOKUP,DSO_R_UNSUPPORTED);
+		return NULL;
+		}
+	/* We take the rest for granted... */
+#ifdef _WIN32_WCE
+	close_snap = (CLOSETOOLHELP32SNAPSHOT)
+		GetProcAddress(dll,"CloseToolhelp32Snapshot");
+#else
+	close_snap = (CLOSETOOLHELP32SNAPSHOT)CloseHandle;
+#endif
+	module_first = (MODULE32)GetProcAddress(dll,"Module32First");
+	module_next  = (MODULE32)GetProcAddress(dll,"Module32Next");
+
+	hModuleSnap = (*create_snap)(TH32CS_SNAPMODULE,0);
+	if( hModuleSnap == INVALID_HANDLE_VALUE )
+		{
+		FreeLibrary(dll);
+		DSOerr(DSO_F_WIN32_GLOBALLOOKUP,DSO_R_UNSUPPORTED);
+		return NULL;
+		}
+
+	me32.dwSize = sizeof(me32);
+
+	if (!(*module_first)(hModuleSnap,&me32))
+		{
+		(*close_snap)(hModuleSnap);
+		FreeLibrary(dll);
+		return NULL;
+		}
+
+	do	{
+		if ((ret = GetProcAddress(me32.hModule,name)))
+			{
+			(*close_snap)(hModuleSnap);
+			FreeLibrary(dll);
+			return ret;
+			}
+		} while((*module_next)(hModuleSnap,&me32));
+
+	(*close_snap)(hModuleSnap); 
+	FreeLibrary(dll);
+	return NULL;
+	}
+#endif /* DSO_WIN32 */
diff --git a/crypto/ec/.cvsignore b/crypto/ec/.cvsignore
index c6d03a9dbc..439e6d3eb6 100644
--- a/crypto/ec/.cvsignore
+++ b/crypto/ec/.cvsignore
@@ -1,2 +1,4 @@
 lib
 Makefile.save
+*.flc
+semantic.cache
diff --git a/crypto/ec/Makefile.ssl b/crypto/ec/Makefile.ssl
deleted file mode 100644
index f0bb149ae6..0000000000
--- a/crypto/ec/Makefile.ssl
+++ /dev/null
@@ -1,205 +0,0 @@
-#
-# crypto/ec/Makefile
-#
-
-DIR=	ec
-TOP=	../..
-CC=	cc
-INCLUDES= -I.. -I$(TOP) -I../../include
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=ectest.c
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=	ec_lib.c ecp_smpl.c ecp_mont.c ecp_recp.c ecp_nist.c ec_cvt.c ec_mult.c\
-	ec_err.c ec_curve.c ec_check.c ec_print.c ec_asn1.c ec_key.c\
-	ec2_smpl.c ec2_smpt.c ec2_mult.c
-
-LIBOBJ=	ec_lib.o ecp_smpl.o ecp_mont.o ecp_recp.o ecp_nist.o ec_cvt.o ec_mult.o\
-	ec_err.o ec_curve.o ec_check.o ec_print.o ec_asn1.o ec_key.o\
-	ec2_smpl.o ec2_mult.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= ec.h
-HEADER=	ec_lcl.h $(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@sh $(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-ec2_mult.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-ec2_mult.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
-ec2_mult.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-ec2_mult.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-ec2_mult.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h
-ec2_mult.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-ec2_mult.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-ec2_mult.o: ../../include/openssl/symhacks.h ec2_mult.c ec_lcl.h
-ec2_smpl.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-ec2_smpl.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
-ec2_smpl.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-ec2_smpl.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-ec2_smpl.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h
-ec2_smpl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-ec2_smpl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-ec2_smpl.o: ../../include/openssl/symhacks.h ec2_smpl.c ec2_smpt.c ec_lcl.h
-ec2_smpt.o: ec2_smpt.c
-ec_asn1.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
-ec_asn1.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-ec_asn1.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-ec_asn1.o: ../../include/openssl/ec.h ../../include/openssl/err.h
-ec_asn1.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-ec_asn1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-ec_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-ec_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-ec_asn1.o: ../../include/openssl/symhacks.h ec_asn1.c ec_lcl.h
-ec_check.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-ec_check.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
-ec_check.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-ec_check.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-ec_check.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h
-ec_check.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-ec_check.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-ec_check.o: ../../include/openssl/symhacks.h ec_check.c ec_lcl.h
-ec_curve.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-ec_curve.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
-ec_curve.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-ec_curve.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-ec_curve.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h
-ec_curve.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-ec_curve.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-ec_curve.o: ../../include/openssl/symhacks.h ec_curve.c ec_lcl.h
-ec_cvt.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-ec_cvt.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
-ec_cvt.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-ec_cvt.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-ec_cvt.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h
-ec_cvt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-ec_cvt.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-ec_cvt.o: ../../include/openssl/symhacks.h ec_cvt.c ec_lcl.h
-ec_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-ec_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-ec_err.o: ../../include/openssl/ec.h ../../include/openssl/err.h
-ec_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-ec_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-ec_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-ec_err.o: ../../include/openssl/symhacks.h ec_err.c
-ec_key.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-ec_key.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
-ec_key.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-ec_key.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-ec_key.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h
-ec_key.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-ec_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-ec_key.o: ../../include/openssl/symhacks.h ec_key.c ec_lcl.h
-ec_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-ec_lib.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
-ec_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-ec_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-ec_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h
-ec_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-ec_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-ec_lib.o: ../../include/openssl/symhacks.h ec_lcl.h ec_lib.c
-ec_mult.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-ec_mult.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
-ec_mult.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-ec_mult.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-ec_mult.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h
-ec_mult.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-ec_mult.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-ec_mult.o: ../../include/openssl/symhacks.h ec_lcl.h ec_mult.c
-ec_print.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-ec_print.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
-ec_print.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-ec_print.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h
-ec_print.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-ec_print.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-ec_print.o: ../../include/openssl/symhacks.h ec_lcl.h ec_print.c
-ecp_mont.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-ecp_mont.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
-ecp_mont.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-ecp_mont.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-ecp_mont.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h
-ecp_mont.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-ecp_mont.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-ecp_mont.o: ../../include/openssl/symhacks.h ec_lcl.h ecp_mont.c
-ecp_nist.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-ecp_nist.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
-ecp_nist.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-ecp_nist.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-ecp_nist.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h
-ecp_nist.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-ecp_nist.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-ecp_nist.o: ../../include/openssl/symhacks.h ec_lcl.h ecp_nist.c
-ecp_recp.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-ecp_recp.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
-ecp_recp.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-ecp_recp.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h
-ecp_recp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-ecp_recp.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-ecp_recp.o: ../../include/openssl/symhacks.h ec_lcl.h ecp_recp.c
-ecp_smpl.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-ecp_smpl.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
-ecp_smpl.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-ecp_smpl.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-ecp_smpl.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h
-ecp_smpl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-ecp_smpl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-ecp_smpl.o: ../../include/openssl/symhacks.h ec_lcl.h ecp_smpl.c
diff --git a/crypto/ec/ec.h b/crypto/ec/ec.h
index b3267df62b..ee7078130c 100644
--- a/crypto/ec/ec.h
+++ b/crypto/ec/ec.h
@@ -2,8 +2,12 @@
 /*
  * Originally written by Bodo Moeller for the OpenSSL project.
  */
+/**
+ * \file crypto/ec/ec.h Include file for the OpenSSL EC functions
+ * \author Originally written by Bodo Moeller for the OpenSSL project
+ */
 /* ====================================================================
- * Copyright (c) 1998-2003 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1998-2005 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -92,11 +96,21 @@ extern "C" {
 # endif
 #endif
 
+  
+#ifndef OPENSSL_ECC_MAX_FIELD_BITS
+# define OPENSSL_ECC_MAX_FIELD_BITS 661
+#endif
 
+/** Enum for the point conversion form as defined in X9.62 (ECDSA)
+ *  for the encoding of a elliptic curve point (x,y) */
 typedef enum {
-	/* values as defined in X9.62 (ECDSA) and elsewhere */
+	/** the point is encoded as z||x, where the octet z specifies 
+	 *  which solution of the quadratic equation y is  */
 	POINT_CONVERSION_COMPRESSED = 2,
+	/** the point is encoded as z||x||y, where z is the octet 0x02  */
 	POINT_CONVERSION_UNCOMPRESSED = 4,
+	/** the point is encoded as z||x||y, where the octet z specifies
+         *  which solution of the quadratic equation y is  */
 	POINT_CONVERSION_HYBRID = 6
 } point_conversion_form_t;
 
@@ -117,40 +131,129 @@ typedef struct ec_group_st
 typedef struct ec_point_st EC_POINT;
 
 
-/* EC_METHODs for curves over GF(p).
- * EC_GFp_simple_method provides the basis for the optimized methods.
+/********************************************************************/
+/*               EC_METHODs for curves over GF(p)                   */       
+/********************************************************************/
+
+/** Returns the basic GFp ec methods which provides the basis for the
+ *  optimized methods. 
+ *  \return  EC_METHOD object
  */
 const EC_METHOD *EC_GFp_simple_method(void);
+
+/** Returns GFp methods using montgomery multiplication.
+ *  \return  EC_METHOD object
+ */
 const EC_METHOD *EC_GFp_mont_method(void);
+
+/** Returns GFp methods using optimized methods for NIST recommended curves
+ *  \return  EC_METHOD object
+ */
 const EC_METHOD *EC_GFp_nist_method(void);
-#if 0
-const EC_METHOD *EC_GFp_recp_method(void); /* TODO */
-#endif
 
-/* EC_METHOD for curves over GF(2^m).
+
+/********************************************************************/ 
+/*           EC_METHOD for curves over GF(2^m)                      */
+/********************************************************************/
+
+/** Returns the basic GF2m ec method 
+ *  \return  EC_METHOD object
  */
 const EC_METHOD *EC_GF2m_simple_method(void);
 
 
-EC_GROUP *EC_GROUP_new(const EC_METHOD *);
-void EC_GROUP_free(EC_GROUP *);
-void EC_GROUP_clear_free(EC_GROUP *);
-int EC_GROUP_copy(EC_GROUP *, const EC_GROUP *);
-EC_GROUP *EC_GROUP_dup(const EC_GROUP *);
+/********************************************************************/
+/*                   EC_GROUP functions                             */
+/********************************************************************/
 
-const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *);
-int EC_METHOD_get_field_type(const EC_METHOD *);
+/** Creates a new EC_GROUP object
+ *  \param   meth  EC_METHOD to use
+ *  \return  newly created EC_GROUP object or NULL in case of an error.
+ */
+EC_GROUP *EC_GROUP_new(const EC_METHOD *meth);
+
+/** Frees a EC_GROUP object
+ *  \param  group  EC_GROUP object to be freed.
+ */
+void EC_GROUP_free(EC_GROUP *group);
+
+/** Clears and frees a EC_GROUP object
+ *  \param  group  EC_GROUP object to be cleared and freed.
+ */
+void EC_GROUP_clear_free(EC_GROUP *group);
 
-int EC_GROUP_set_generator(EC_GROUP *, const EC_POINT *generator, const BIGNUM *order, const BIGNUM *cofactor);
-EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *);
-int EC_GROUP_get_order(const EC_GROUP *, BIGNUM *order, BN_CTX *);
-int EC_GROUP_get_cofactor(const EC_GROUP *, BIGNUM *cofactor, BN_CTX *);
+/** Copies EC_GROUP objects. Note: both EC_GROUPs must use the same EC_METHOD.
+ *  \param  dst  destination EC_GROUP object
+ *  \param  src  source EC_GROUP object
+ *  \return 1 on success and 0 if an error occurred.
+ */
+int EC_GROUP_copy(EC_GROUP *dst, const EC_GROUP *src);
 
-void EC_GROUP_set_nid(EC_GROUP *, int); /* curve name */
-int EC_GROUP_get_nid(const EC_GROUP *);
+/** Creates a new EC_GROUP object and copies the copies the content
+ *  form src to the newly created EC_KEY object
+ *  \param  src  source EC_GROUP object
+ *  \return newly created EC_GROUP object or NULL in case of an error.
+ */
+EC_GROUP *EC_GROUP_dup(const EC_GROUP *src);
 
-void EC_GROUP_set_asn1_flag(EC_GROUP *, int flag);
-int EC_GROUP_get_asn1_flag(const EC_GROUP *);
+/** Returns the EC_METHOD of the EC_GROUP object.
+ *  \param  group  EC_GROUP object 
+ *  \return EC_METHOD used in this EC_GROUP object.
+ */
+const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *group);
+
+/** Returns the field type of the EC_METHOD.
+ *  \param  meth  EC_METHOD object
+ *  \return NID of the underlying field type OID.
+ */
+int EC_METHOD_get_field_type(const EC_METHOD *meth);
+
+/** Sets the generator and it's order/cofactor of a EC_GROUP object.
+ *  \param  group      EC_GROUP object 
+ *  \param  generator  EC_POINT object with the generator.
+ *  \param  order      the order of the group generated by the generator.
+ *  \param  cofactor   the index of the sub-group generated by the generator
+ *                     in the group of all points on the elliptic curve.
+ *  \return 1 on success and 0 if an error occured
+ */
+int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator, const BIGNUM *order, const BIGNUM *cofactor);
+
+/** Returns the generator of a EC_GROUP object.
+ *  \param  group  EC_GROUP object
+ *  \return the currently used generator (possibly NULL).
+ */
+const EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *group);
+
+/** Gets the order of a EC_GROUP
+ *  \param  group  EC_GROUP object
+ *  \param  order  BIGNUM to which the order is copied
+ *  \param  ctx    BN_CTX object (optional)
+ *  \return 1 on success and 0 if an error occured
+ */
+int EC_GROUP_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx);
+
+/** Gets the cofactor of a EC_GROUP
+ *  \param  group     EC_GROUP object
+ *  \param  cofactor  BIGNUM to which the cofactor is copied
+ *  \param  ctx       BN_CTX object (optional)
+ *  \return 1 on success and 0 if an error occured
+ */
+int EC_GROUP_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor, BN_CTX *ctx);
+
+/** Sets the name of a EC_GROUP object
+ *  \param  group  EC_GROUP object
+ *  \param  nid    NID of the curve name OID
+ */
+void EC_GROUP_set_curve_name(EC_GROUP *group, int nid);
+
+/** Returns the curve name of a EC_GROUP object
+ *  \param  group  EC_GROUP object
+ *  \return NID of the curve name OID or 0 if not set.
+ */
+int EC_GROUP_get_curve_name(const EC_GROUP *group);
+
+void EC_GROUP_set_asn1_flag(EC_GROUP *group, int flag);
+int EC_GROUP_get_asn1_flag(const EC_GROUP *group);
 
 void EC_GROUP_set_point_conversion_form(EC_GROUP *, point_conversion_form_t);
 point_conversion_form_t EC_GROUP_get_point_conversion_form(const EC_GROUP *);
@@ -159,35 +262,114 @@ unsigned char *EC_GROUP_get0_seed(const EC_GROUP *);
 size_t EC_GROUP_get_seed_len(const EC_GROUP *);
 size_t EC_GROUP_set_seed(EC_GROUP *, const unsigned char *, size_t len);
 
-int EC_GROUP_set_curve_GFp(EC_GROUP *, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *);
-int EC_GROUP_get_curve_GFp(const EC_GROUP *, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *);
-int EC_GROUP_set_curve_GF2m(EC_GROUP *, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *);
-int EC_GROUP_get_curve_GF2m(const EC_GROUP *, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *);
+/** Sets the parameter of a ec over GFp defined by y^2 = x^3 + a*x + b
+ *  \param  group  EC_GROUP object
+ *  \param  p      BIGNUM with the prime number
+ *  \param  a      BIGNUM with parameter a of the equation
+ *  \param  b      BIGNUM with parameter b of the equation
+ *  \param  ctx    BN_CTX object (optional)
+ *  \return 1 on success and 0 if an error occured
+ */
+int EC_GROUP_set_curve_GFp(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
+
+/** Gets the parameter of the ec over GFp defined by y^2 = x^3 + a*x + b
+ *  \param  group  EC_GROUP object
+ *  \param  p      BIGNUM for the prime number
+ *  \param  a      BIGNUM for parameter a of the equation
+ *  \param  b      BIGNUM for parameter b of the equation
+ *  \param  ctx    BN_CTX object (optional)
+ *  \return 1 on success and 0 if an error occured
+ */
+int EC_GROUP_get_curve_GFp(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
+
+/** Sets the parameter of a ec over GF2m defined by y^2 + x*y = x^3 + a*x^2 + b
+ *  \param  group  EC_GROUP object
+ *  \param  p      BIGNUM with the polynomial defining the underlying field
+ *  \param  a      BIGNUM with parameter a of the equation
+ *  \param  b      BIGNUM with parameter b of the equation
+ *  \param  ctx    BN_CTX object (optional)
+ *  \return 1 on success and 0 if an error occured
+ */
+int EC_GROUP_set_curve_GF2m(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
+
+/** Gets the parameter of the ec over GF2m defined by y^2 + x*y = x^3 + a*x^2 + b
+ *  \param  group  EC_GROUP object
+ *  \param  p      BIGNUM for the polynomial defining the underlying field
+ *  \param  a      BIGNUM for parameter a of the equation
+ *  \param  b      BIGNUM for parameter b of the equation
+ *  \param  ctx    BN_CTX object (optional)
+ *  \return 1 on success and 0 if an error occured
+ */
+int EC_GROUP_get_curve_GF2m(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
 
-/* returns the number of bits needed to represent a field element */
-int EC_GROUP_get_degree(const EC_GROUP *);
+/** Returns the number of bits needed to represent a field element 
+ *  \param  group  EC_GROUP object
+ *  \return number of bits needed to represent a field element
+ */
+int EC_GROUP_get_degree(const EC_GROUP *group);
 
-/* EC_GROUP_check() returns 1 if 'group' defines a valid group, 0 otherwise */
+/** Checks whether the parameter in the EC_GROUP define a valid ec group
+ *  \param  group  EC_GROUP object
+ *  \param  ctx    BN_CTX object (optional)
+ *  \return 1 if group is a valid ec group and 0 otherwise
+ */
 int EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx);
-/* EC_GROUP_check_discriminant() returns 1 if the discriminant of the
- * elliptic curve is not zero, 0 otherwise */
-int EC_GROUP_check_discriminant(const EC_GROUP *, BN_CTX *);
 
-/* EC_GROUP_cmp() returns 0 if both groups are equal and 1 otherwise */
-int EC_GROUP_cmp(const EC_GROUP *, const EC_GROUP *, BN_CTX *);
+/** Checks whether the discriminant of the elliptic curve is zero or not
+ *  \param  group  EC_GROUP object
+ *  \param  ctx    BN_CTX object (optional)
+ *  \return 1 if the discriminant is not zero and 0 otherwise
+ */
+int EC_GROUP_check_discriminant(const EC_GROUP *group, BN_CTX *ctx);
+
+/** Compares two EC_GROUP objects
+ *  \param  a    first EC_GROUP object
+ *  \param  b    second EC_GROUP object
+ *  \param  ctx  BN_CTX object (optional)
+ *  \return 0 if both groups are equal and 1 otherwise
+ */
+int EC_GROUP_cmp(const EC_GROUP *a, const EC_GROUP *b, BN_CTX *ctx);
 
 /* EC_GROUP_new_GF*() calls EC_GROUP_new() and EC_GROUP_set_GF*()
  * after choosing an appropriate EC_METHOD */
-EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *);
-EC_GROUP *EC_GROUP_new_curve_GF2m(const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *);
 
-/* EC_GROUP_new_by_nid() creates a EC_GROUP structure specified by a NID */
-EC_GROUP *EC_GROUP_new_by_nid(int nid);
-/* handling of internal curves */
+/** Creates a new EC_GROUP object with the specified parameters defined
+ *  over GFp (defined by the equation y^2 = x^3 + a*x + b)
+ *  \param  p    BIGNUM with the prime number
+ *  \param  a    BIGNUM with the parameter a of the equation
+ *  \param  b    BIGNUM with the parameter b of the equation
+ *  \param  ctx  BN_CTX object (optional)
+ *  \return newly created EC_GROUP object with the specified parameters
+ */
+EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
+
+/** Creates a new EC_GROUP object with the specified parameters defined
+ *  over GF2m (defined by the equation y^2 + x*y = x^3 + a*x^2 + b)
+ *  \param  p    BIGNUM with the polynomial defining the underlying field
+ *  \param  a    BIGNUM with the parameter a of the equation
+ *  \param  b    BIGNUM with the parameter b of the equation
+ *  \param  ctx  BN_CTX object (optional)
+ *  \return newly created EC_GROUP object with the specified parameters
+ */
+EC_GROUP *EC_GROUP_new_curve_GF2m(const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
+
+/** Creates a EC_GROUP object with a curve specified by a NID
+ *  \param  nid  NID of the OID of the curve name
+ *  \return newly created EC_GROUP object with specified curve or NULL
+ *          if an error occurred
+ */
+EC_GROUP *EC_GROUP_new_by_curve_name(int nid);
+
+
+/********************************************************************/
+/*               handling of internal curves                        */
+/********************************************************************/
+
 typedef struct { 
 	int nid;
 	const char *comment;
 	} EC_builtin_curve;
+
 /* EC_builtin_curves(EC_builtin_curve *r, size_t size) returns number 
  * of all available curves or zero if a error occurred. 
  * In case r ist not zero nitems EC_builtin_curve structures 
@@ -195,39 +377,168 @@ typedef struct {
 size_t EC_get_builtin_curves(EC_builtin_curve *r, size_t nitems);
 
 
-/* EC_POINT functions */
+/********************************************************************/
+/*                    EC_POINT functions                            */
+/********************************************************************/
 
-EC_POINT *EC_POINT_new(const EC_GROUP *);
-void EC_POINT_free(EC_POINT *);
-void EC_POINT_clear_free(EC_POINT *);
-int EC_POINT_copy(EC_POINT *, const EC_POINT *);
-EC_POINT *EC_POINT_dup(const EC_POINT *, const EC_GROUP *);
+/** Creates a new EC_POINT object for the specified EC_GROUP
+ *  \param  group  EC_GROUP the underlying EC_GROUP object
+ *  \return newly created EC_POINT object or NULL if an error occurred
+ */
+EC_POINT *EC_POINT_new(const EC_GROUP *group);
+
+/** Frees a EC_POINT object
+ *  \param  point  EC_POINT object to be freed
+ */
+void EC_POINT_free(EC_POINT *point);
+
+/** Clears and frees a EC_POINT object
+ *  \param  point  EC_POINT object to be cleared and freed
+ */
+void EC_POINT_clear_free(EC_POINT *point);
+
+/** Copies EC_POINT object
+ *  \param  dst  destination EC_POINT object
+ *  \param  src  source EC_POINT object
+ *  \return 1 on success and 0 if an error occured
+ */
+int EC_POINT_copy(EC_POINT *dst, const EC_POINT *src);
+
+/** Creates a new EC_POINT object and copies the content of the supplied
+ *  EC_POINT
+ *  \param  src    source EC_POINT object
+ *  \param  group  underlying the EC_GROUP object
+ *  \return newly created EC_POINT object or NULL if an error occurred 
+ */
+EC_POINT *EC_POINT_dup(const EC_POINT *src, const EC_GROUP *group);
  
-const EC_METHOD *EC_POINT_method_of(const EC_POINT *);
-
-int EC_POINT_set_to_infinity(const EC_GROUP *, EC_POINT *);
-int EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *, EC_POINT *,
-	const BIGNUM *x, const BIGNUM *y, const BIGNUM *z, BN_CTX *);
-int EC_POINT_get_Jprojective_coordinates_GFp(const EC_GROUP *, const EC_POINT *,
-	BIGNUM *x, BIGNUM *y, BIGNUM *z, BN_CTX *);
-int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *, EC_POINT *,
-	const BIGNUM *x, const BIGNUM *y, BN_CTX *);
-int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *, const EC_POINT *,
-	BIGNUM *x, BIGNUM *y, BN_CTX *);
-int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *, EC_POINT *,
-	const BIGNUM *x, int y_bit, BN_CTX *);
-
-int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *, EC_POINT *,
-	const BIGNUM *x, const BIGNUM *y, BN_CTX *);
-int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *, const EC_POINT *,
-	BIGNUM *x, BIGNUM *y, BN_CTX *);
-int EC_POINT_set_compressed_coordinates_GF2m(const EC_GROUP *, EC_POINT *,
-	const BIGNUM *x, int y_bit, BN_CTX *);
-
-size_t EC_POINT_point2oct(const EC_GROUP *, const EC_POINT *, point_conversion_form_t form,
-        unsigned char *buf, size_t len, BN_CTX *);
-int EC_POINT_oct2point(const EC_GROUP *, EC_POINT *,
-        const unsigned char *buf, size_t len, BN_CTX *);
+/** Returns the EC_METHOD used in EC_POINT object 
+ *  \param  point  EC_POINT object
+ *  \return the EC_METHOD used
+ */
+const EC_METHOD *EC_POINT_method_of(const EC_POINT *point);
+
+/** Sets a point to infinity (neutral element)
+ *  \param  group  underlying EC_GROUP object
+ *  \param  point  EC_POINT to set to infinity
+ *  \return 1 on success and 0 if an error occured
+ */
+int EC_POINT_set_to_infinity(const EC_GROUP *group, EC_POINT *point);
+
+/** Sets the jacobian projective coordinates of a EC_POINT over GFp
+ *  \param  group  underlying EC_GROUP object
+ *  \param  p      EC_POINT object
+ *  \param  x      BIGNUM with the x-coordinate
+ *  \param  y      BIGNUM with the y-coordinate
+ *  \param  z      BIGNUM with the z-coordinate
+ *  \param  ctx    BN_CTX object (optional)
+ *  \return 1 on success and 0 if an error occured
+ */
+int EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
+	const BIGNUM *x, const BIGNUM *y, const BIGNUM *z, BN_CTX *ctx);
+
+/** Gets the jacobian projective coordinates of a EC_POINT over GFp
+ *  \param  group  underlying EC_GROUP object
+ *  \param  p      EC_POINT object
+ *  \param  x      BIGNUM for the x-coordinate
+ *  \param  y      BIGNUM for the y-coordinate
+ *  \param  z      BIGNUM for the z-coordinate
+ *  \param  ctx    BN_CTX object (optional)
+ *  \return 1 on success and 0 if an error occured
+ */
+int EC_POINT_get_Jprojective_coordinates_GFp(const EC_GROUP *group,
+	const EC_POINT *p, BIGNUM *x, BIGNUM *y, BIGNUM *z, BN_CTX *ctx);
+
+/** Sets the affine coordinates of a EC_POINT over GFp
+ *  \param  group  underlying EC_GROUP object
+ *  \param  p      EC_POINT object
+ *  \param  x      BIGNUM with the x-coordinate
+ *  \param  y      BIGNUM with the y-coordinate
+ *  \param  ctx    BN_CTX object (optional)
+ *  \return 1 on success and 0 if an error occured
+ */
+int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
+	const BIGNUM *x, const BIGNUM *y, BN_CTX *ctx);
+
+/** Gets the affine coordinates of a EC_POINT over GFp
+ *  \param  group  underlying EC_GROUP object
+ *  \param  p      EC_POINT object
+ *  \param  x      BIGNUM for the x-coordinate
+ *  \param  y      BIGNUM for the y-coordinate
+ *  \param  ctx    BN_CTX object (optional)
+ *  \return 1 on success and 0 if an error occured
+ */
+int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group,
+	const EC_POINT *p, BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+
+/** Sets the x9.62 compressed coordinates of a EC_POINT over GFp
+ *  \param  group  underlying EC_GROUP object
+ *  \param  p      EC_POINT object
+ *  \param  x      BIGNUM with x-coordinate
+ *  \param  y_bit  integer with the y-Bit (either 0 or 1)
+ *  \param  ctx    BN_CTX object (optional)
+ *  \return 1 on success and 0 if an error occured
+ */
+int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
+	const BIGNUM *x, int y_bit, BN_CTX *ctx);
+
+/** Sets the affine coordinates of a EC_POINT over GF2m
+ *  \param  group  underlying EC_GROUP object
+ *  \param  p      EC_POINT object
+ *  \param  x      BIGNUM with the x-coordinate
+ *  \param  y      BIGNUM with the y-coordinate
+ *  \param  ctx    BN_CTX object (optional)
+ *  \return 1 on success and 0 if an error occured
+ */
+int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *group, EC_POINT *p,
+	const BIGNUM *x, const BIGNUM *y, BN_CTX *ctx);
+
+/** Gets the affine coordinates of a EC_POINT over GF2m
+ *  \param  group  underlying EC_GROUP object
+ *  \param  p      EC_POINT object
+ *  \param  x      BIGNUM for the x-coordinate
+ *  \param  y      BIGNUM for the y-coordinate
+ *  \param  ctx    BN_CTX object (optional)
+ *  \return 1 on success and 0 if an error occured
+ */
+int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *group,
+	const EC_POINT *p, BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+
+/** Sets the x9.62 compressed coordinates of a EC_POINT over GF2m
+ *  \param  group  underlying EC_GROUP object
+ *  \param  p      EC_POINT object
+ *  \param  x      BIGNUM with x-coordinate
+ *  \param  y_bit  integer with the y-Bit (either 0 or 1)
+ *  \param  ctx    BN_CTX object (optional)
+ *  \return 1 on success and 0 if an error occured
+ */
+int EC_POINT_set_compressed_coordinates_GF2m(const EC_GROUP *group, EC_POINT *p,
+	const BIGNUM *x, int y_bit, BN_CTX *ctx);
+
+/** Encodes a EC_POINT object to a octet string
+ *  \param  group  underlying EC_GROUP object
+ *  \param  p      EC_POINT object
+ *  \param  form   point conversion form
+ *  \param  buf    memory buffer for the result. If NULL the function returns
+ *                 required buffer size.
+ *  \param  len    length of the memory buffer
+ *  \param  ctx    BN_CTX object (optional)
+ *  \return the length of the encoded octet string or 0 if an error occurred
+ */
+size_t EC_POINT_point2oct(const EC_GROUP *group, const EC_POINT *p,
+	point_conversion_form_t form,
+        unsigned char *buf, size_t len, BN_CTX *ctx);
+
+/** Decodes a EC_POINT from a octet string
+ *  \param  group  underlying EC_GROUP object
+ *  \param  p      EC_POINT object
+ *  \param  buf    memory buffer with the encoded ec point
+ *  \param  len    length of the encoded ec point
+ *  \param  ctx    BN_CTX object (optional)
+ *  \return 1 on success and 0 if an error occured
+ */
+int EC_POINT_oct2point(const EC_GROUP *group, EC_POINT *p,
+        const unsigned char *buf, size_t len, BN_CTX *ctx);
 
 /* other interfaces to point2oct/oct2point: */
 BIGNUM *EC_POINT_point2bn(const EC_GROUP *, const EC_POINT *,
@@ -239,29 +550,105 @@ char *EC_POINT_point2hex(const EC_GROUP *, const EC_POINT *,
 EC_POINT *EC_POINT_hex2point(const EC_GROUP *, const char *,
 	EC_POINT *, BN_CTX *);
 
-int EC_POINT_add(const EC_GROUP *, EC_POINT *r, const EC_POINT *a, const EC_POINT *b, BN_CTX *);
-int EC_POINT_dbl(const EC_GROUP *, EC_POINT *r, const EC_POINT *a, BN_CTX *);
-int EC_POINT_invert(const EC_GROUP *, EC_POINT *, BN_CTX *);
 
-int EC_POINT_is_at_infinity(const EC_GROUP *, const EC_POINT *);
-int EC_POINT_is_on_curve(const EC_GROUP *, const EC_POINT *, BN_CTX *);
-int EC_POINT_cmp(const EC_GROUP *, const EC_POINT *a, const EC_POINT *b, BN_CTX *);
+/********************************************************************/
+/*         functions for doing EC_POINT arithmetic                  */
+/********************************************************************/
+
+/** Computes the sum of two EC_POINT 
+ *  \param  group  underlying EC_GROUP object
+ *  \param  r      EC_POINT object for the result (r = a + b)
+ *  \param  a      EC_POINT object with the first summand
+ *  \param  b      EC_POINT object with the second summand
+ *  \param  ctx    BN_CTX object (optional)
+ *  \return 1 on success and 0 if an error occured
+ */
+int EC_POINT_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, const EC_POINT *b, BN_CTX *ctx);
+
+/** Computes the double of a EC_POINT
+ *  \param  group  underlying EC_GROUP object
+ *  \param  r      EC_POINT object for the result (r = 2 * a)
+ *  \param  a      EC_POINT object 
+ *  \param  ctx    BN_CTX object (optional)
+ *  \return 1 on success and 0 if an error occured
+ */
+int EC_POINT_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, BN_CTX *ctx);
+
+/** Computes the inverse of a EC_POINT
+ *  \param  group  underlying EC_GROUP object
+ *  \param  a      EC_POINT object to be inverted (it's used for the result as well)
+ *  \param  ctx    BN_CTX object (optional)
+ *  \return 1 on success and 0 if an error occured
+ */
+int EC_POINT_invert(const EC_GROUP *group, EC_POINT *a, BN_CTX *ctx);
+
+/** Checks whether the point is the neutral element of the group
+ *  \param  group  the underlying EC_GROUP object
+ *  \param  p      EC_POINT object
+ *  \return 1 if the point is the neutral element and 0 otherwise
+ */
+int EC_POINT_is_at_infinity(const EC_GROUP *group, const EC_POINT *p);
+
+/** Checks whether the point is on the curve 
+ *  \param  group  underlying EC_GROUP object
+ *  \param  point  EC_POINT object to check
+ *  \param  ctx    BN_CTX object (optional)
+ *  \return 1 if point if on the curve and 0 otherwise
+ */
+int EC_POINT_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_CTX *ctx);
+
+/** Compares two EC_POINTs 
+ *  \param  group  underlying EC_GROUP object
+ *  \param  a      first EC_POINT object
+ *  \param  b      second EC_POINT object
+ *  \param  ctx    BN_CTX object (optional)
+ *  \return 0 if both points are equal and a value != 0 otherwise
+ */
+int EC_POINT_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b, BN_CTX *ctx);
 
 int EC_POINT_make_affine(const EC_GROUP *, EC_POINT *, BN_CTX *);
 int EC_POINTs_make_affine(const EC_GROUP *, size_t num, EC_POINT *[], BN_CTX *);
 
+/** Computes r = generator * n sum_{i=0}^num p[i] * m[i]
+ *  \param  group  underlying EC_GROUP object
+ *  \param  r      EC_POINT object for the result
+ *  \param  n      BIGNUM with the multiplier for the group generator (optional)
+ *  \param  num    number futher summands
+ *  \param  p      array of size num of EC_POINT objects
+ *  \param  m      array of size num of BIGNUM objects
+ *  \param  ctx    BN_CTX object (optional)
+ *  \return 1 on success and 0 if an error occured
+ */
+int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n, size_t num, const EC_POINT *p[], const BIGNUM *m[], BN_CTX *ctx);
+
+/** Computes r = generator * n + q * m
+ *  \param  group  underlying EC_GROUP object
+ *  \param  r      EC_POINT object for the result
+ *  \param  n      BIGNUM with the multiplier for the group generator (optional)
+ *  \param  q      EC_POINT object with the first factor of the second summand
+ *  \param  m      BIGNUM with the second factor of the second summand
+ *  \param  ctx    BN_CTX object (optional)
+ *  \return 1 on success and 0 if an error occured
+ */
+int EC_POINT_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n, const EC_POINT *q, const BIGNUM *m, BN_CTX *ctx);
 
-int EC_POINTs_mul(const EC_GROUP *, EC_POINT *r, const BIGNUM *, size_t num, const EC_POINT *[], const BIGNUM *[], BN_CTX *);
-int EC_POINT_mul(const EC_GROUP *, EC_POINT *r, const BIGNUM *, const EC_POINT *, const BIGNUM *, BN_CTX *);
-
-/* EC_GROUP_precompute_mult() stores multiples of generator for faster point multiplication */
-int EC_GROUP_precompute_mult(EC_GROUP *, BN_CTX *);
-/* EC_GROUP_have_precompute_mult() reports whether such precomputation has been done */
-int EC_GROUP_have_precompute_mult(const EC_GROUP *);
+/** Stores multiples of generator for faster point multiplication
+ *  \param  group  EC_GROUP object
+ *  \param  ctx    BN_CTX object (optional)
+ *  \return 1 on success and 0 if an error occured
+ */
+int EC_GROUP_precompute_mult(EC_GROUP *group, BN_CTX *ctx);
 
+/** Reports whether a precomputation has been done
+ *  \param  group  EC_GROUP object
+ *  \return 1 if a pre-computation has been done and 0 otherwise
+ */
+int EC_GROUP_have_precompute_mult(const EC_GROUP *group);
 
 
-/* ASN1 stuff */
+/********************************************************************/
+/*                       ASN1 stuff                                 */
+/********************************************************************/
 
 /* EC_GROUP_get_basis_type() returns the NID of the basis type
  * used to represent the field elements */
@@ -277,10 +664,8 @@ typedef struct ecpk_parameters_st ECPKPARAMETERS;
 EC_GROUP *d2i_ECPKParameters(EC_GROUP **, const unsigned char **in, long len);
 int i2d_ECPKParameters(const EC_GROUP *, unsigned char **out);
 
-#define d2i_ECPKParameters_bio(bp,x) (EC_GROUP *)ASN1_d2i_bio(NULL, \
-                (char *(*)())d2i_ECPKParameters,(bp),(unsigned char **)(x))
-#define i2d_ECPKParameters_bio(bp,x) ASN1_i2d_bio(i2d_ECPKParameters,(bp), \
-		(unsigned char *)(x))
+#define d2i_ECPKParameters_bio(bp,x) ASN1_d2i_bio_of(EC_GROUP,NULL,d2i_ECPKParameters,bp,x)
+#define i2d_ECPKParameters_bio(bp,x) ASN1_i2d_bio_of_const(EC_GROUP,i2d_ECPKParameters,bp,x)
 #define d2i_ECPKParameters_fp(fp,x) (EC_GROUP *)ASN1_d2i_fp(NULL, \
                 (char *(*)())d2i_ECPKParameters,(fp),(unsigned char **)(x))
 #define i2d_ECPKParameters_fp(fp,x) ASN1_i2d_fp(i2d_ECPKParameters,(fp), \
@@ -293,66 +678,244 @@ int     ECPKParameters_print(BIO *bp, const EC_GROUP *x, int off);
 int     ECPKParameters_print_fp(FILE *fp, const EC_GROUP *x, int off);
 #endif
 
-/* the EC_KEY stuff */
+
+/********************************************************************/
+/*                      EC_KEY functions                            */
+/********************************************************************/
+
 typedef struct ec_key_st EC_KEY;
 
-typedef struct ec_key_meth_data_st {
-	int (*init)(EC_KEY *);
-	void (*finish)(EC_KEY *);
-	} EC_KEY_METH_DATA;
+/* some values for the encoding_flag */
+#define EC_PKEY_NO_PARAMETERS	0x001
+#define EC_PKEY_NO_PUBKEY	0x002
 
-struct ec_key_st {
-	int version;
+/** Creates a new EC_KEY object.
+ *  \return EC_KEY object or NULL if an error occurred.
+ */
+EC_KEY *EC_KEY_new(void);
 
-	EC_GROUP *group;
+/** Creates a new EC_KEY object using a named curve as underlying
+ *  EC_GROUP object.
+ *  \param  nid  NID of the named curve.
+ *  \return EC_KEY object or NULL if an error occurred. 
+ */
+EC_KEY *EC_KEY_new_by_curve_name(int nid);
 
-	EC_POINT *pub_key;
-	BIGNUM	 *priv_key;
+/** Frees a EC_KEY object.
+ *  \param  key  EC_KEY object to be freed.
+ */
+void EC_KEY_free(EC_KEY *key);
 
-	unsigned int enc_flag;
-	point_conversion_form_t conv_form;
+/** Copies a EC_KEY object.
+ *  \param  dst  destination EC_KEY object
+ *  \param  src  src EC_KEY object
+ *  \return dst or NULL if an error occurred.
+ */
+EC_KEY *EC_KEY_copy(EC_KEY *dst, const EC_KEY *src);
 
-	int 	references;
+/** Creates a new EC_KEY object and copies the content from src to it.
+ *  \param  src  the source EC_KEY object
+ *  \return newly created EC_KEY object or NULL if an error occurred.
+ */
+EC_KEY *EC_KEY_dup(const EC_KEY *src);
 
-	EC_KEY_METH_DATA *meth_data;
-	}/* EC_KEY */;
-/* some values for the encoding_flag */
-#define EC_PKEY_NO_PARAMETERS	0x001
-#define EC_PKEY_NO_PUBKEY	0x002
+/** Increases the internal reference count of a EC_KEY object.
+ *  \param  key  EC_KEY object
+ *  \return 1 on success and 0 if an error occurred.
+ */
+int EC_KEY_up_ref(EC_KEY *key);
 
-EC_KEY *EC_KEY_new(void);
-void EC_KEY_free(EC_KEY *);
-EC_KEY *EC_KEY_copy(EC_KEY *, const EC_KEY *);
-EC_KEY *EC_KEY_dup(const EC_KEY *);
-int EC_KEY_up_ref(EC_KEY *);
-
-/* EC_KEY_generate_key() creates a ec private (public) key */
-int EC_KEY_generate_key(EC_KEY *);
-/* EC_KEY_check_key() */
-int EC_KEY_check_key(const EC_KEY *);
-
-/* de- and encoding functions for SEC1 ECPrivateKey */
-EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const unsigned char **in, long len);
-int i2d_ECPrivateKey(EC_KEY *a, unsigned char **out);
-/* de- and encoding functions for EC parameters */
-EC_KEY *d2i_ECParameters(EC_KEY **a, const unsigned char **in, long len);
-int i2d_ECParameters(EC_KEY *a, unsigned char **out);
-/* de- and encoding functions for EC public key
- * (octet string, not DER -- hence 'o2i' and 'i2o') */
-EC_KEY *o2i_ECPublicKey(EC_KEY **a, const unsigned char **in, long len);
-int i2o_ECPublicKey(EC_KEY *a, unsigned char **out);
+/** Returns the EC_GROUP object of a EC_KEY object
+ *  \param  key  EC_KEY object
+ *  \return the EC_GROUP object (possibly NULL).
+ */
+const EC_GROUP *EC_KEY_get0_group(const EC_KEY *key);
+
+/** Sets the EC_GROUP of a EC_KEY object.
+ *  \param  key    EC_KEY object
+ *  \param  group  EC_GROUP to use in the EC_KEY object (note: the EC_KEY
+ *                 object will use an own copy of the EC_GROUP).
+ *  \return 1 on success and 0 if an error occurred.
+ */
+int EC_KEY_set_group(EC_KEY *key, const EC_GROUP *group);
+
+/** Returns the private key of a EC_KEY object.
+ *  \param  key  EC_KEY object
+ *  \return a BIGNUM with the private key (possibly NULL).
+ */
+const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *key);
+
+/** Sets the private key of a EC_KEY object.
+ *  \param  key  EC_KEY object
+ *  \param  prv  BIGNUM with the private key (note: the EC_KEY object
+ *               will use an own copy of the BIGNUM).
+ *  \return 1 on success and 0 if an error occurred.
+ */
+int EC_KEY_set_private_key(EC_KEY *key, const BIGNUM *prv);
+
+/** Returns the public key of a EC_KEY object.
+ *  \param  key  the EC_KEY object
+ *  \return a EC_POINT object with the public key (possibly NULL)
+ */
+const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *key);
+
+/** Sets the public key of a EC_KEY object.
+ *  \param  key  EC_KEY object
+ *  \param  pub  EC_POINT object with the public key (note: the EC_KEY object
+ *               will use an own copy of the EC_POINT object).
+ *  \return 1 on success and 0 if an error occurred.
+ */
+int EC_KEY_set_public_key(EC_KEY *key, const EC_POINT *pub);
+
+unsigned EC_KEY_get_enc_flags(const EC_KEY *key);
+void EC_KEY_set_enc_flags(EC_KEY *, unsigned int);
+point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *);
+void EC_KEY_set_conv_form(EC_KEY *, point_conversion_form_t);
+/* functions to set/get method specific data  */
+void *EC_KEY_get_key_method_data(EC_KEY *, 
+	void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *));
+void EC_KEY_insert_key_method_data(EC_KEY *, void *data,
+	void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *));
+/* wrapper functions for the underlying EC_GROUP object */
+void EC_KEY_set_asn1_flag(EC_KEY *, int);
+
+/** Creates a table of pre-computed multiples of the generator to 
+ *  accelerate further EC_KEY operations.
+ *  \param  key  EC_KEY object
+ *  \param  ctx  BN_CTX object (optional)
+ *  \return 1 on success and 0 if an error occurred.
+ */
+int EC_KEY_precompute_mult(EC_KEY *key, BN_CTX *ctx);
+
+/** Creates a new ec private (and optional a new public) key.
+ *  \param  key  EC_KEY object
+ *  \return 1 on success and 0 if an error occurred.
+ */
+int EC_KEY_generate_key(EC_KEY *key);
+
+/** Verifies that a private and/or public key is valid.
+ *  \param  key  the EC_KEY object
+ *  \return 1 on success and 0 otherwise.
+ */
+int EC_KEY_check_key(const EC_KEY *key);
+
+
+/********************************************************************/
+/*        de- and encoding functions for SEC1 ECPrivateKey          */
+/********************************************************************/
+
+/** Decodes a private key from a memory buffer.
+ *  \param  key  a pointer to a EC_KEY object which should be used (or NULL)
+ *  \param  in   pointer to memory with the DER encoded private key
+ *  \param  len  length of the DER encoded private key
+ *  \return the decoded private key or NULL if an error occurred.
+ */
+EC_KEY *d2i_ECPrivateKey(EC_KEY **key, const unsigned char **in, long len);
+
+/** Encodes a private key object and stores the result in a buffer.
+ *  \param  key  the EC_KEY object to encode
+ *  \param  out  the buffer for the result (if NULL the function returns number
+ *               of bytes needed).
+ *  \return 1 on success and 0 if an error occurred.
+ */
+int i2d_ECPrivateKey(EC_KEY *key, unsigned char **out);
+
+
+/********************************************************************/
+/*        de- and encoding functions for EC parameters              */
+/********************************************************************/
+
+/** Decodes ec parameter from a memory buffer.
+ *  \param  key  a pointer to a EC_KEY object which should be used (or NULL)
+ *  \param  in   pointer to memory with the DER encoded ec parameters
+ *  \param  len  length of the DER encoded ec parameters
+ *  \return a EC_KEY object with the decoded parameters or NULL if an error
+ *          occurred.
+ */
+EC_KEY *d2i_ECParameters(EC_KEY **key, const unsigned char **in, long len);
+
+/** Encodes ec parameter and stores the result in a buffer.
+ *  \param  key  the EC_KEY object with ec paramters to encode
+ *  \param  out  the buffer for the result (if NULL the function returns number
+ *               of bytes needed).
+ *  \return 1 on success and 0 if an error occurred.
+ */
+int i2d_ECParameters(EC_KEY *key, unsigned char **out);
+
+
+/********************************************************************/
+/*         de- and encoding functions for EC public key             */
+/*         (octet string, not DER -- hence 'o2i' and 'i2o')         */
+/********************************************************************/
+
+/** Decodes a ec public key from a octet string.
+ *  \param  key  a pointer to a EC_KEY object which should be used
+ *  \param  in   memory buffer with the encoded public key
+ *  \param  len  length of the encoded public key
+ *  \return EC_KEY object with decoded public key or NULL if an error
+ *          occurred.
+ */
+EC_KEY *o2i_ECPublicKey(EC_KEY **key, const unsigned char **in, long len);
+
+/** Encodes a ec public key in an octet string.
+ *  \param  key  the EC_KEY object with the public key
+ *  \param  out  the buffer for the result (if NULL the function returns number
+ *               of bytes needed).
+ *  \return 1 on success and 0 if an error occurred
+ */
+int i2o_ECPublicKey(EC_KEY *key, unsigned char **out);
 
 #ifndef OPENSSL_NO_BIO
-int	ECParameters_print(BIO *bp, const EC_KEY *x);
-int	EC_KEY_print(BIO *bp, const EC_KEY *x, int off);
+/** Prints out the ec parameters on human readable form.
+ *  \param  bp   BIO object to which the information is printed
+ *  \param  key  EC_KEY object
+ *  \return 1 on success and 0 if an error occurred
+ */
+int	ECParameters_print(BIO *bp, const EC_KEY *key);
+
+/** Prints out the contents of a EC_KEY object
+ *  \param  bp   BIO object to which the information is printed
+ *  \param  key  EC_KEY object
+ *  \param  off  line offset 
+ *  \return 1 on success and 0 if an error occurred
+ */
+int	EC_KEY_print(BIO *bp, const EC_KEY *key, int off);
+
 #endif
 #ifndef OPENSSL_NO_FP_API
-int	ECParameters_print_fp(FILE *fp, const EC_KEY *x);
-int	EC_KEY_print_fp(FILE *fp, const EC_KEY *x, int off);
+/** Prints out the ec parameters on human readable form.
+ *  \param  fp   file descriptor to which the information is printed
+ *  \param  key  EC_KEY object
+ *  \return 1 on success and 0 if an error occurred
+ */
+int	ECParameters_print_fp(FILE *fp, const EC_KEY *key);
+
+/** Prints out the contents of a EC_KEY object
+ *  \param  fp   file descriptor to which the information is printed
+ *  \param  key  EC_KEY object
+ *  \param  off  line offset 
+ *  \return 1 on success and 0 if an error occurred
+ */
+int	EC_KEY_print_fp(FILE *fp, const EC_KEY *key, int off);
+
 #endif
 
-#define ECParameters_dup(x) (EC_KEY *)ASN1_dup((int (*)())i2d_ECParameters,\
-		(char *(*)())d2i_ECParameters,(char *)(x))
+#define ECParameters_dup(x) ASN1_dup_of(EC_KEY,i2d_ECParameters,d2i_ECParameters,x)
+
+#ifndef __cplusplus
+#if defined(__SUNPRO_C)
+#  if __SUNPRO_C >= 0x520
+# pragma error_messages (default,E_ARRAY_OF_INCOMPLETE_NONAME,E_ARRAY_OF_INCOMPLETE)
+#  endif
+# endif
+#endif
+
+#define EVP_PKEY_CTX_set_ec_paramgen_curve_nid(ctx, nid) \
+	EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, EVP_PKEY_OP_PARAMGEN, \
+				EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID, nid, NULL)
+
+
+#define EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID		(EVP_PKEY_ALG_CTRL + 1)
 
 /* BEGIN ERROR CODES */
 /* The following lines are auto generated by the script mkerr.pl. Any changes
@@ -367,6 +930,14 @@ void ERR_load_EC_strings(void);
 #define EC_F_D2I_ECPARAMETERS				 144
 #define EC_F_D2I_ECPKPARAMETERS				 145
 #define EC_F_D2I_ECPRIVATEKEY				 146
+#define EC_F_DO_EC_KEY_PRINT				 221
+#define EC_F_ECKEY_PARAM2TYPE				 223
+#define EC_F_ECKEY_PARAM_DECODE				 212
+#define EC_F_ECKEY_PRIV_DECODE				 213
+#define EC_F_ECKEY_PRIV_ENCODE				 214
+#define EC_F_ECKEY_PUB_DECODE				 215
+#define EC_F_ECKEY_PUB_ENCODE				 216
+#define EC_F_ECKEY_TYPE2PARAM				 220
 #define EC_F_ECPARAMETERS_PRINT				 147
 #define EC_F_ECPARAMETERS_PRINT_FP			 148
 #define EC_F_ECPKPARAMETERS_PRINT			 149
@@ -381,6 +952,8 @@ void ERR_load_EC_strings(void);
 #define EC_F_EC_ASN1_GROUP2PKPARAMETERS			 156
 #define EC_F_EC_ASN1_PARAMETERS2GROUP			 157
 #define EC_F_EC_ASN1_PKPARAMETERS2GROUP			 158
+#define EC_F_EC_EX_DATA_SET_DATA			 211
+#define EC_F_EC_GF2M_MONTGOMERY_POINT_MULTIPLY		 208
 #define EC_F_EC_GF2M_SIMPLE_GROUP_CHECK_DISCRIMINANT	 159
 #define EC_F_EC_GF2M_SIMPLE_GROUP_SET_CURVE		 195
 #define EC_F_EC_GF2M_SIMPLE_OCT2POINT			 160
@@ -391,10 +964,13 @@ void ERR_load_EC_strings(void);
 #define EC_F_EC_GFP_MONT_FIELD_DECODE			 133
 #define EC_F_EC_GFP_MONT_FIELD_ENCODE			 134
 #define EC_F_EC_GFP_MONT_FIELD_MUL			 131
+#define EC_F_EC_GFP_MONT_FIELD_SET_TO_ONE		 209
 #define EC_F_EC_GFP_MONT_FIELD_SQR			 132
+#define EC_F_EC_GFP_MONT_GROUP_SET_CURVE		 189
+#define EC_F_EC_GFP_MONT_GROUP_SET_CURVE_GFP		 135
 #define EC_F_EC_GFP_NIST_FIELD_MUL			 200
 #define EC_F_EC_GFP_NIST_FIELD_SQR			 201
-#define EC_F_EC_GFP_NIST_GROUP_SET_CURVE_GFP		 202
+#define EC_F_EC_GFP_NIST_GROUP_SET_CURVE		 202
 #define EC_F_EC_GFP_SIMPLE_GROUP_CHECK_DISCRIMINANT	 165
 #define EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE		 166
 #define EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE_GFP		 100
@@ -420,9 +996,8 @@ void ERR_load_EC_strings(void);
 #define EC_F_EC_GROUP_GET_ORDER				 141
 #define EC_F_EC_GROUP_GET_PENTANOMIAL_BASIS		 193
 #define EC_F_EC_GROUP_GET_TRINOMIAL_BASIS		 194
-#define EC_F_EC_GROUP_GROUP2NID				 147
 #define EC_F_EC_GROUP_NEW				 108
-#define EC_F_EC_GROUP_NEW_BY_NID			 174
+#define EC_F_EC_GROUP_NEW_BY_CURVE_NAME			 174
 #define EC_F_EC_GROUP_NEW_FROM_DATA			 175
 #define EC_F_EC_GROUP_PRECOMPUTE_MULT			 142
 #define EC_F_EC_GROUP_SET_CURVE_GF2M			 176
@@ -432,11 +1007,10 @@ void ERR_load_EC_strings(void);
 #define EC_F_EC_KEY_CHECK_KEY				 177
 #define EC_F_EC_KEY_COPY				 178
 #define EC_F_EC_KEY_GENERATE_KEY			 179
+#define EC_F_EC_KEY_NEW					 182
 #define EC_F_EC_KEY_PRINT				 180
 #define EC_F_EC_KEY_PRINT_FP				 181
-#define EC_F_EC_NEW					 182
 #define EC_F_EC_POINTS_MAKE_AFFINE			 136
-#define EC_F_EC_POINTS_MUL				 138
 #define EC_F_EC_POINT_ADD				 112
 #define EC_F_EC_POINT_CMP				 113
 #define EC_F_EC_POINT_COPY				 114
@@ -444,6 +1018,7 @@ void ERR_load_EC_strings(void);
 #define EC_F_EC_POINT_GET_AFFINE_COORDINATES_GF2M	 183
 #define EC_F_EC_POINT_GET_AFFINE_COORDINATES_GFP	 116
 #define EC_F_EC_POINT_GET_JPROJECTIVE_COORDINATES_GFP	 117
+#define EC_F_EC_POINT_INVERT				 210
 #define EC_F_EC_POINT_IS_AT_INFINITY			 118
 #define EC_F_EC_POINT_IS_ON_CURVE			 119
 #define EC_F_EC_POINT_MAKE_AFFINE			 120
@@ -458,34 +1033,47 @@ void ERR_load_EC_strings(void);
 #define EC_F_EC_POINT_SET_JPROJECTIVE_COORDINATES_GFP	 126
 #define EC_F_EC_POINT_SET_TO_INFINITY			 127
 #define EC_F_EC_PRE_COMP_DUP				 207
+#define EC_F_EC_PRE_COMP_NEW				 196
 #define EC_F_EC_WNAF_MUL				 187
 #define EC_F_EC_WNAF_PRECOMPUTE_MULT			 188
-#define EC_F_GFP_MONT_GROUP_SET_CURVE			 189
-#define EC_F_GFP_MONT_GROUP_SET_CURVE_GFP		 135
 #define EC_F_I2D_ECPARAMETERS				 190
 #define EC_F_I2D_ECPKPARAMETERS				 191
 #define EC_F_I2D_ECPRIVATEKEY				 192
 #define EC_F_I2O_ECPUBLICKEY				 151
 #define EC_F_O2I_ECPUBLICKEY				 152
+#define EC_F_OLD_EC_PRIV_DECODE				 222
+#define EC_F_PKEY_EC_CTRL				 197
+#define EC_F_PKEY_EC_CTRL_STR				 198
+#define EC_F_PKEY_EC_DERIVE				 217
+#define EC_F_PKEY_EC_KEYGEN				 199
+#define EC_F_PKEY_EC_PARAMGEN				 219
+#define EC_F_PKEY_EC_SIGN				 218
 
 /* Reason codes. */
 #define EC_R_ASN1_ERROR					 115
 #define EC_R_ASN1_UNKNOWN_FIELD				 116
 #define EC_R_BUFFER_TOO_SMALL				 100
 #define EC_R_D2I_ECPKPARAMETERS_FAILURE			 117
+#define EC_R_DECODE_ERROR				 142
 #define EC_R_DISCRIMINANT_IS_ZERO			 118
 #define EC_R_EC_GROUP_NEW_BY_NAME_FAILURE		 119
+#define EC_R_FIELD_TOO_LARGE				 143
 #define EC_R_GROUP2PKPARAMETERS_FAILURE			 120
 #define EC_R_I2D_ECPKPARAMETERS_FAILURE			 121
 #define EC_R_INCOMPATIBLE_OBJECTS			 101
 #define EC_R_INVALID_ARGUMENT				 112
 #define EC_R_INVALID_COMPRESSED_POINT			 110
 #define EC_R_INVALID_COMPRESSION_BIT			 109
+#define EC_R_INVALID_CURVE				 141
+#define EC_R_INVALID_DIGEST_TYPE			 138
 #define EC_R_INVALID_ENCODING				 102
 #define EC_R_INVALID_FIELD				 103
 #define EC_R_INVALID_FORM				 104
 #define EC_R_INVALID_GROUP_ORDER			 122
+#define EC_R_INVALID_PENTANOMIAL_BASIS			 132
 #define EC_R_INVALID_PRIVATE_KEY			 123
+#define EC_R_INVALID_TRINOMIAL_BASIS			 137
+#define EC_R_KEYS_NOT_SET				 140
 #define EC_R_MISSING_PARAMETERS				 124
 #define EC_R_MISSING_PRIVATE_KEY			 125
 #define EC_R_NOT_A_NIST_PRIME				 135
@@ -493,6 +1081,7 @@ void ERR_load_EC_strings(void);
 #define EC_R_NOT_IMPLEMENTED				 126
 #define EC_R_NOT_INITIALIZED				 111
 #define EC_R_NO_FIELD_MOD				 133
+#define EC_R_NO_PARAMETERS_SET				 139
 #define EC_R_PASSED_NULL_PARAMETER			 134
 #define EC_R_PKPARAMETERS2GROUP_FAILURE			 127
 #define EC_R_POINT_AT_INFINITY				 106
@@ -507,9 +1096,5 @@ void ERR_load_EC_strings(void);
 
 #ifdef  __cplusplus
 }
-#elif defined(__SUNPRO_C)
-# if __SUNPRO_C >= 0x520
-# pragma error_messages (default,E_ARRAY_OF_INCOMPLETE_NONAME,E_ARRAY_OF_INCOMPLETE)
-# endif
 #endif
 #endif
diff --git a/crypto/ec/ec2_mult.c b/crypto/ec/ec2_mult.c
index a8ead01d61..ab631a50a2 100644
--- a/crypto/ec/ec2_mult.c
+++ b/crypto/ec/ec2_mult.c
@@ -76,7 +76,7 @@
  * coordinates.
  * Uses algorithm Mdouble in appendix of 
  *     Lopez, J. and Dahab, R.  "Fast multiplication on elliptic curves over 
- *     GF(2^m) without precomputation".
+ *     GF(2^m) without precomputation" (CHES '99, LNCS 1717).
  * modified to not require precomputation of c=b^{2^{m-1}}.
  */
 static int gf2m_Mdouble(const EC_GROUP *group, BIGNUM *x, BIGNUM *z, BN_CTX *ctx)
@@ -107,8 +107,8 @@ static int gf2m_Mdouble(const EC_GROUP *group, BIGNUM *x, BIGNUM *z, BN_CTX *ctx
 /* Compute the x-coordinate x1/z1 for the point (x1/z1)+(x2/x2) in Montgomery 
  * projective coordinates.
  * Uses algorithm Madd in appendix of 
- *     Lopex, J. and Dahab, R.  "Fast multiplication on elliptic curves over 
- *     GF(2^m) without precomputation".
+ *     Lopez, J. and Dahab, R.  "Fast multiplication on elliptic curves over 
+ *     GF(2^m) without precomputation" (CHES '99, LNCS 1717).
  */
 static int gf2m_Madd(const EC_GROUP *group, const BIGNUM *x, BIGNUM *x1, BIGNUM *z1, 
 	const BIGNUM *x2, const BIGNUM *z2, BN_CTX *ctx)
@@ -140,8 +140,8 @@ static int gf2m_Madd(const EC_GROUP *group, const BIGNUM *x, BIGNUM *x1, BIGNUM
 
 /* Compute the x, y affine coordinates from the point (x1, z1) (x2, z2) 
  * using Montgomery point multiplication algorithm Mxy() in appendix of 
- *     Lopex, J. and Dahab, R.  "Fast multiplication on elliptic curves over 
- *     GF(2^m) without precomputation".
+ *     Lopez, J. and Dahab, R.  "Fast multiplication on elliptic curves over 
+ *     GF(2^m) without precomputation" (CHES '99, LNCS 1717).
  * Returns:
  *     0 on error
  *     1 if return value should be the point at infinity
@@ -209,19 +209,19 @@ static int gf2m_Mxy(const EC_GROUP *group, const BIGNUM *x, const BIGNUM *y, BIG
 /* Computes scalar*point and stores the result in r.
  * point can not equal r.
  * Uses algorithm 2P of
- *     Lopex, J. and Dahab, R.  "Fast multiplication on elliptic curves over 
- *     GF(2^m) without precomputation".
+ *     Lopez, J. and Dahab, R.  "Fast multiplication on elliptic curves over 
+ *     GF(2^m) without precomputation" (CHES '99, LNCS 1717).
  */
 static int ec_GF2m_montgomery_point_multiply(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
 	const EC_POINT *point, BN_CTX *ctx)
 	{
 	BIGNUM *x1, *x2, *z1, *z2;
-	int ret = 0, i, j;
-	BN_ULONG mask;
+	int ret = 0, i;
+	BN_ULONG mask,word;
 
 	if (r == point)
 		{
-		ECerr(EC_F_EC_POINT_MUL, EC_R_INVALID_ARGUMENT);
+		ECerr(EC_F_EC_GF2M_MONTGOMERY_POINT_MULTIPLY, EC_R_INVALID_ARGUMENT);
 		return 0;
 		}
 	
@@ -251,22 +251,24 @@ static int ec_GF2m_montgomery_point_multiply(const EC_GROUP *group, EC_POINT *r,
 	if (!BN_GF2m_add(x2, x2, &group->b)) goto err; /* x2 = x^4 + b */
 
 	/* find top most bit and go one past it */
-	i = scalar->top - 1; j = BN_BITS2 - 1;
+	i = scalar->top - 1;
 	mask = BN_TBIT;
-	while (!(scalar->d[i] & mask)) { mask >>= 1; j--; }
-	mask >>= 1; j--;
+	word = scalar->d[i];
+	while (!(word & mask)) mask >>= 1;
+	mask >>= 1;
 	/* if top most bit was at word break, go to next word */
 	if (!mask) 
 		{
-		i--; j = BN_BITS2 - 1;
+		i--;
 		mask = BN_TBIT;
 		}
 
 	for (; i >= 0; i--)
 		{
-		for (; j >= 0; j--)
+		word = scalar->d[i];
+		while (mask)
 			{
-			if (scalar->d[i] & mask)
+			if (word & mask)
 				{
 				if (!gf2m_Madd(group, &point->X, x1, z1, x2, z2, ctx)) goto err;
 				if (!gf2m_Mdouble(group, x2, z2, ctx)) goto err;
@@ -278,7 +280,6 @@ static int ec_GF2m_montgomery_point_multiply(const EC_GROUP *group, EC_POINT *r,
 				}
 			mask >>= 1;
 			}
-		j = BN_BITS2 - 1;
 		mask = BN_TBIT;
 		}
 
@@ -296,8 +297,8 @@ static int ec_GF2m_montgomery_point_multiply(const EC_GROUP *group, EC_POINT *r,
 		}
 
 	/* GF(2^m) field elements should always have BIGNUM::neg = 0 */
-	BN_set_sign(&r->X, 0);
-	BN_set_sign(&r->Y, 0);
+	BN_set_negative(&r->X, 0);
+	BN_set_negative(&r->Y, 0);
 
 	ret = 1;
 
@@ -343,7 +344,7 @@ int ec_GF2m_simple_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
 	if (scalar)
 		{
 		if (!ec_GF2m_montgomery_point_multiply(group, p, scalar, group->generator, ctx)) goto err;
-		if (BN_get_sign(scalar)) 
+		if (BN_is_negative(scalar)) 
 			if (!group->meth->invert(group, p, ctx)) goto err;
 		if (!group->meth->add(group, r, r, p, ctx)) goto err;
 		}
@@ -351,7 +352,7 @@ int ec_GF2m_simple_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
 	for (i = 0; i < num; i++)
 		{
 		if (!ec_GF2m_montgomery_point_multiply(group, p, scalars[i], points[i], ctx)) goto err;
-		if (BN_get_sign(scalars[i]))
+		if (BN_is_negative(scalars[i]))
 			if (!group->meth->invert(group, p, ctx)) goto err;
 		if (!group->meth->add(group, r, r, p, ctx)) goto err;
 		}
diff --git a/crypto/ec/ec2_smpl.c b/crypto/ec/ec2_smpl.c
index 34c3a953a5..01d8483c3a 100644
--- a/crypto/ec/ec2_smpl.c
+++ b/crypto/ec/ec2_smpl.c
@@ -14,7 +14,7 @@
  *
  */
 /* ====================================================================
- * Copyright (c) 1998-2003 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1998-2005 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -157,6 +157,7 @@ void ec_GF2m_simple_group_clear_finish(EC_GROUP *group)
 	group->poly[2] = 0;
 	group->poly[3] = 0;
 	group->poly[4] = 0;
+	group->poly[5] = -1;
 	}
 
 
@@ -174,6 +175,7 @@ int ec_GF2m_simple_group_copy(EC_GROUP *dest, const EC_GROUP *src)
 	dest->poly[2] = src->poly[2];
 	dest->poly[3] = src->poly[3];
 	dest->poly[4] = src->poly[4];
+	dest->poly[5] = src->poly[5];
 	bn_wexpand(&dest->a, (int)(dest->poly[0] + BN_BITS2 - 1) / BN_BITS2);
 	bn_wexpand(&dest->b, (int)(dest->poly[0] + BN_BITS2 - 1) / BN_BITS2);
 	for (i = dest->a.top; i < dest->a.dmax; i++) dest->a.d[i] = 0;
@@ -190,7 +192,7 @@ int ec_GF2m_simple_group_set_curve(EC_GROUP *group,
 
 	/* group->field */
 	if (!BN_copy(&group->field, p)) goto err;
-	i = BN_GF2m_poly2arr(&group->field, group->poly, 5);
+	i = BN_GF2m_poly2arr(&group->field, group->poly, 6) - 1;
 	if ((i != 5) && (i != 3))
 		{
 		ECerr(EC_F_EC_GF2M_SIMPLE_GROUP_SET_CURVE, EC_R_UNSUPPORTED_FIELD);
@@ -281,7 +283,8 @@ int ec_GF2m_simple_group_check_discriminant(const EC_GROUP *group, BN_CTX *ctx)
 	ret = 1;
 
 err:
-	BN_CTX_end(ctx);
+	if (ctx != NULL)
+		BN_CTX_end(ctx);
 	if (new_ctx != NULL)
 		BN_CTX_free(new_ctx);
 	return ret;
@@ -354,11 +357,11 @@ int ec_GF2m_simple_point_set_affine_coordinates(const EC_GROUP *group, EC_POINT
 		}
 
 	if (!BN_copy(&point->X, x)) goto err;
-	BN_set_sign(&point->X, 0);
+	BN_set_negative(&point->X, 0);
 	if (!BN_copy(&point->Y, y)) goto err;
-	BN_set_sign(&point->Y, 0);
+	BN_set_negative(&point->Y, 0);
 	if (!BN_copy(&point->Z, BN_value_one())) goto err;
-	BN_set_sign(&point->Z, 0);
+	BN_set_negative(&point->Z, 0);
 	point->Z_is_one = 1;
 	ret = 1;
 
@@ -389,12 +392,12 @@ int ec_GF2m_simple_point_get_affine_coordinates(const EC_GROUP *group, const EC_
 	if (x != NULL)
 		{
 		if (!BN_copy(x, &point->X)) goto err;
-		BN_set_sign(x, 0);
+		BN_set_negative(x, 0);
 		}
 	if (y != NULL)
 		{
 		if (!BN_copy(y, &point->Y)) goto err;
-		BN_set_sign(y, 0);
+		BN_set_negative(y, 0);
 		}
 	ret = 1;
 		
@@ -403,18 +406,94 @@ int ec_GF2m_simple_point_get_affine_coordinates(const EC_GROUP *group, const EC_
 	}
 
 
-/* Include patented algorithms. */
-#include "ec2_smpt.c"
+/* Calculates and sets the affine coordinates of an EC_POINT from the given
+ * compressed coordinates.  Uses algorithm 2.3.4 of SEC 1. 
+ * Note that the simple implementation only uses affine coordinates.
+ *
+ * The method is from the following publication:
+ * 
+ *     Harper, Menezes, Vanstone:
+ *     "Public-Key Cryptosystems with Very Small Key Lengths",
+ *     EUROCRYPT '92, Springer-Verlag LNCS 658,
+ *     published February 1993
+ *
+ * US Patents 6,141,420 and 6,618,483 (Vanstone, Mullin, Agnew) describe
+ * the same method, but claim no priority date earlier than July 29, 1994
+ * (and additionally fail to cite the EUROCRYPT '92 publication as prior art).
+ */
+int ec_GF2m_simple_set_compressed_coordinates(const EC_GROUP *group, EC_POINT *point,
+	const BIGNUM *x_, int y_bit, BN_CTX *ctx)
+	{
+	BN_CTX *new_ctx = NULL;
+	BIGNUM *tmp, *x, *y, *z;
+	int ret = 0, z0;
+
+	/* clear error queue */
+	ERR_clear_error();
+
+	if (ctx == NULL)
+		{
+		ctx = new_ctx = BN_CTX_new();
+		if (ctx == NULL)
+			return 0;
+		}
+
+	y_bit = (y_bit != 0) ? 1 : 0;
+
+	BN_CTX_start(ctx);
+	tmp = BN_CTX_get(ctx);
+	x = BN_CTX_get(ctx);
+	y = BN_CTX_get(ctx);
+	z = BN_CTX_get(ctx);
+	if (z == NULL) goto err;
+
+	if (!BN_GF2m_mod_arr(x, x_, group->poly)) goto err;
+	if (BN_is_zero(x))
+		{
+		if (!BN_GF2m_mod_sqrt_arr(y, &group->b, group->poly, ctx)) goto err;
+		}
+	else
+		{
+		if (!group->meth->field_sqr(group, tmp, x, ctx)) goto err;
+		if (!group->meth->field_div(group, tmp, &group->b, tmp, ctx)) goto err;
+		if (!BN_GF2m_add(tmp, &group->a, tmp)) goto err;
+		if (!BN_GF2m_add(tmp, x, tmp)) goto err;
+		if (!BN_GF2m_mod_solve_quad_arr(z, tmp, group->poly, ctx))
+			{
+			unsigned long err = ERR_peek_last_error();
+			
+			if (ERR_GET_LIB(err) == ERR_LIB_BN && ERR_GET_REASON(err) == BN_R_NO_SOLUTION)
+				{
+				ERR_clear_error();
+				ECerr(EC_F_EC_GF2M_SIMPLE_SET_COMPRESSED_COORDINATES, EC_R_INVALID_COMPRESSED_POINT);
+				}
+			else
+				ECerr(EC_F_EC_GF2M_SIMPLE_SET_COMPRESSED_COORDINATES, ERR_R_BN_LIB);
+			goto err;
+			}
+		z0 = (BN_is_odd(z)) ? 1 : 0;
+		if (!group->meth->field_mul(group, y, x, z, ctx)) goto err;
+		if (z0 != y_bit)
+			{
+			if (!BN_GF2m_add(y, y, x)) goto err;
+			}
+		}
+
+	if (!EC_POINT_set_affine_coordinates_GF2m(group, point, x, y, ctx)) goto err;
+
+	ret = 1;
+
+ err:
+	BN_CTX_end(ctx);
+	if (new_ctx != NULL)
+		BN_CTX_free(new_ctx);
+	return ret;
+	}
 
 
 /* Converts an EC_POINT to an octet string.  
  * If buf is NULL, the encoded length will be returned.
  * If the length len of buf is smaller than required an error will be returned.
- *
- * The point compression section of this function is patented by Certicom Corp. 
- * under US Patent 6,141,420.  Point compression is disabled by default and can 
- * be enabled by defining the preprocessor macro OPENSSL_EC_BIN_PT_COMP at 
- * Configure-time.
  */
 size_t ec_GF2m_simple_point2oct(const EC_GROUP *group, const EC_POINT *point, point_conversion_form_t form,
 	unsigned char *buf, size_t len, BN_CTX *ctx)
@@ -425,14 +504,6 @@ size_t ec_GF2m_simple_point2oct(const EC_GROUP *group, const EC_POINT *point, po
 	BIGNUM *x, *y, *yxi;
 	size_t field_len, i, skip;
 
-#ifndef OPENSSL_EC_BIN_PT_COMP
-	if ((form == POINT_CONVERSION_COMPRESSED) || (form == POINT_CONVERSION_HYBRID)) 
-		{
-		ECerr(EC_F_EC_GF2M_SIMPLE_POINT2OCT, ERR_R_DISABLED);
-		goto err;
-		}
-#endif
-
 	if ((form != POINT_CONVERSION_COMPRESSED)
 		&& (form != POINT_CONVERSION_UNCOMPRESSED)
 		&& (form != POINT_CONVERSION_HYBRID))
@@ -487,13 +558,11 @@ size_t ec_GF2m_simple_point2oct(const EC_GROUP *group, const EC_POINT *point, po
 		if (!EC_POINT_get_affine_coordinates_GF2m(group, point, x, y, ctx)) goto err;
 
 		buf[0] = form;
-#ifdef OPENSSL_EC_BIN_PT_COMP
 		if ((form != POINT_CONVERSION_UNCOMPRESSED) && !BN_is_zero(x))
 			{
 			if (!group->meth->field_div(group, yxi, y, x, ctx)) goto err;
 			if (BN_is_odd(yxi)) buf[0]++;
 			}
-#endif
 
 		i = 1;
 		
diff --git a/crypto/ec/ec_ameth.c b/crypto/ec/ec_ameth.c
new file mode 100644
index 0000000000..c00f7d746c
--- /dev/null
+++ b/crypto/ec/ec_ameth.c
@@ -0,0 +1,659 @@
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project 2006.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/x509.h>
+#include <openssl/ec.h>
+#include <openssl/bn.h>
+#ifndef OPENSSL_NO_CMS
+#include <openssl/cms.h>
+#endif
+#include "asn1_locl.h"
+
+static int eckey_param2type(int *pptype, void **ppval, EC_KEY *ec_key)
+	{
+	const EC_GROUP  *group;
+	int nid;
+	if (ec_key == NULL || (group = EC_KEY_get0_group(ec_key)) == NULL) 
+	{
+		ECerr(EC_F_ECKEY_PARAM2TYPE, EC_R_MISSING_PARAMETERS);
+		return 0;
+	}
+	if (EC_GROUP_get_asn1_flag(group)
+                     && (nid = EC_GROUP_get_curve_name(group)))
+		/* we have a 'named curve' => just set the OID */
+		{
+		*ppval = OBJ_nid2obj(nid);
+		*pptype = V_ASN1_OBJECT;
+		}
+	else	/* explicit parameters */
+		{
+		ASN1_STRING *pstr = NULL;
+		pstr = ASN1_STRING_new();
+		if (!pstr)
+			return 0;
+		pstr->length = i2d_ECParameters(ec_key, &pstr->data);
+		if (pstr->length < 0)
+			{
+			ASN1_STRING_free(pstr);
+			ECerr(EC_F_ECKEY_PARAM2TYPE, ERR_R_EC_LIB);
+			return 0;
+			}
+		*ppval = pstr;
+		*pptype = V_ASN1_SEQUENCE;
+		}
+	return 1;
+	}
+
+static int eckey_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey)
+	{
+	EC_KEY *ec_key = pkey->pkey.ec;
+	void *pval = NULL;
+	int ptype;
+	unsigned char *penc = NULL, *p;
+	int penclen;
+
+	if (!eckey_param2type(&ptype, &pval, ec_key))
+		{
+		ECerr(EC_F_ECKEY_PUB_ENCODE, ERR_R_EC_LIB);
+		return 0;
+		}
+	penclen = i2o_ECPublicKey(ec_key, NULL);
+	if (penclen <= 0)
+		goto err;
+	penc = OPENSSL_malloc(penclen);
+	if (!penc)
+		goto err;
+	p = penc;
+	penclen = i2o_ECPublicKey(ec_key, &p);
+	if (penclen <= 0)
+		goto err;
+	if (X509_PUBKEY_set0_param(pk, OBJ_nid2obj(EVP_PKEY_EC),
+				ptype, pval, penc, penclen))
+		return 1;
+	err:
+	if (ptype == V_ASN1_OBJECT)
+		ASN1_OBJECT_free(pval);
+	else
+		ASN1_STRING_free(pval);
+	if (penc)
+		OPENSSL_free(penc);
+	return 0;
+	}
+
+static EC_KEY *eckey_type2param(int ptype, void *pval)
+	{
+	EC_KEY *eckey = NULL;
+	if (ptype == V_ASN1_SEQUENCE)
+		{
+		ASN1_STRING *pstr = pval;
+		const unsigned char *pm = NULL;
+		int pmlen;
+		pm = pstr->data;
+		pmlen = pstr->length;
+		if (!(eckey = d2i_ECParameters(NULL, &pm, pmlen)))
+			{
+			ECerr(EC_F_ECKEY_TYPE2PARAM, EC_R_DECODE_ERROR);
+			goto ecerr;
+			}
+		}
+	else if (ptype == V_ASN1_OBJECT)
+		{
+		ASN1_OBJECT *poid = pval;
+		EC_GROUP *group;
+
+		/* type == V_ASN1_OBJECT => the parameters are given
+		 * by an asn1 OID
+		 */
+		if ((eckey = EC_KEY_new()) == NULL)
+			{
+			ECerr(EC_F_ECKEY_TYPE2PARAM, ERR_R_MALLOC_FAILURE);
+			goto ecerr;
+			}
+		group = EC_GROUP_new_by_curve_name(OBJ_obj2nid(poid));
+		if (group == NULL)
+			goto ecerr;
+		EC_GROUP_set_asn1_flag(group, OPENSSL_EC_NAMED_CURVE);
+		if (EC_KEY_set_group(eckey, group) == 0)
+			goto ecerr;
+		EC_GROUP_free(group);
+		}
+	else
+		{
+		ECerr(EC_F_ECKEY_TYPE2PARAM, EC_R_DECODE_ERROR);
+		goto ecerr;
+		}
+
+	return eckey;
+
+	ecerr:
+	if (eckey)
+		EC_KEY_free(eckey);
+	return NULL;
+	}
+
+static int eckey_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey)
+	{
+	const unsigned char *p = NULL;
+	void *pval;
+	int ptype, pklen;
+	EC_KEY *eckey = NULL;
+	X509_ALGOR *palg;
+
+	if (!X509_PUBKEY_get0_param(NULL, &p, &pklen, &palg, pubkey))
+		return 0;
+	X509_ALGOR_get0(NULL, &ptype, &pval, palg);
+
+	eckey = eckey_type2param(ptype, pval);
+
+	if (!eckey)
+		{
+		ECerr(EC_F_ECKEY_PUB_DECODE, ERR_R_EC_LIB);
+		return 0;
+		}
+
+	/* We have parameters now set public key */
+	if (!o2i_ECPublicKey(&eckey, &p, pklen))
+		{
+		ECerr(EC_F_ECKEY_PUB_DECODE, EC_R_DECODE_ERROR);
+		goto ecerr;
+		}
+
+	EVP_PKEY_assign_EC_KEY(pkey, eckey);
+	return 1;
+
+	ecerr:
+	if (eckey)
+		EC_KEY_free(eckey);
+	return 0;
+	}
+
+static int eckey_pub_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
+	{
+	int  r;
+	const EC_GROUP *group = EC_KEY_get0_group(b->pkey.ec);
+	const EC_POINT *pa = EC_KEY_get0_public_key(a->pkey.ec),
+	               *pb = EC_KEY_get0_public_key(b->pkey.ec);
+	r = EC_POINT_cmp(group, pa, pb, NULL);
+	if (r == 0)
+		return 1;
+	if (r == 1)
+		return 0;
+	return -2;
+	}
+
+static int eckey_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8)
+	{
+	const unsigned char *p = NULL;
+	void *pval;
+	int ptype, pklen;
+	EC_KEY *eckey = NULL;
+	X509_ALGOR *palg;
+
+	if (!PKCS8_pkey_get0(NULL, &p, &pklen, &palg, p8))
+		return 0;
+	X509_ALGOR_get0(NULL, &ptype, &pval, palg);
+
+	eckey = eckey_type2param(ptype, pval);
+
+	if (!eckey)
+		goto ecliberr;
+
+	/* We have parameters now set private key */
+	if (!d2i_ECPrivateKey(&eckey, &p, pklen))
+		{
+		ECerr(EC_F_ECKEY_PRIV_DECODE, EC_R_DECODE_ERROR);
+		goto ecerr;
+		}
+
+	/* calculate public key (if necessary) */
+	if (EC_KEY_get0_public_key(eckey) == NULL)
+		{
+		const BIGNUM *priv_key;
+		const EC_GROUP *group;
+		EC_POINT *pub_key;
+		/* the public key was not included in the SEC1 private
+		 * key => calculate the public key */
+		group   = EC_KEY_get0_group(eckey);
+		pub_key = EC_POINT_new(group);
+		if (pub_key == NULL)
+			{
+			ECerr(EC_F_ECKEY_PRIV_DECODE, ERR_R_EC_LIB);
+			goto ecliberr;
+			}
+		if (!EC_POINT_copy(pub_key, EC_GROUP_get0_generator(group)))
+			{
+			EC_POINT_free(pub_key);
+			ECerr(EC_F_ECKEY_PRIV_DECODE, ERR_R_EC_LIB);
+			goto ecliberr;
+			}
+		priv_key = EC_KEY_get0_private_key(eckey);
+		if (!EC_POINT_mul(group, pub_key, priv_key, NULL, NULL, NULL))
+			{
+			EC_POINT_free(pub_key);
+			ECerr(EC_F_ECKEY_PRIV_DECODE, ERR_R_EC_LIB);
+			goto ecliberr;
+			}
+		if (EC_KEY_set_public_key(eckey, pub_key) == 0)
+			{
+			EC_POINT_free(pub_key);
+			ECerr(EC_F_ECKEY_PRIV_DECODE, ERR_R_EC_LIB);
+			goto ecliberr;
+			}
+		EC_POINT_free(pub_key);
+		}
+
+	EVP_PKEY_assign_EC_KEY(pkey, eckey);
+	return 1;
+
+	ecliberr:
+	ECerr(EC_F_ECKEY_PRIV_DECODE, ERR_R_EC_LIB);
+	ecerr:
+	if (eckey)
+		EC_KEY_free(eckey);
+	return 0;
+	}
+
+static int eckey_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey)
+{
+	EC_KEY		*ec_key;
+	unsigned char	*ep, *p;
+	int 		eplen, ptype;
+	void		*pval;
+	unsigned int    tmp_flags, old_flags;
+
+	ec_key = pkey->pkey.ec;
+
+	if (!eckey_param2type(&ptype, &pval, ec_key))
+		{
+		ECerr(EC_F_ECKEY_PRIV_ENCODE, EC_R_DECODE_ERROR);
+		return 0;
+		}
+
+	/* set the private key */
+
+	/* do not include the parameters in the SEC1 private key
+	 * see PKCS#11 12.11 */
+	old_flags = EC_KEY_get_enc_flags(ec_key);
+	tmp_flags = old_flags | EC_PKEY_NO_PARAMETERS;
+	EC_KEY_set_enc_flags(ec_key, tmp_flags);
+	eplen = i2d_ECPrivateKey(ec_key, NULL);
+	if (!eplen)
+	{
+		EC_KEY_set_enc_flags(ec_key, old_flags);
+		ECerr(EC_F_ECKEY_PRIV_ENCODE, ERR_R_EC_LIB);
+		return 0;
+	}
+	ep = (unsigned char *) OPENSSL_malloc(eplen);
+	if (!ep)
+	{
+		EC_KEY_set_enc_flags(ec_key, old_flags);
+		ECerr(EC_F_ECKEY_PRIV_ENCODE, ERR_R_MALLOC_FAILURE);
+		return 0;
+	}
+	p = ep;
+	if (!i2d_ECPrivateKey(ec_key, &p))
+	{
+		EC_KEY_set_enc_flags(ec_key, old_flags);
+		OPENSSL_free(ep);
+		ECerr(EC_F_ECKEY_PRIV_ENCODE, ERR_R_EC_LIB);
+	}
+	/* restore old encoding flags */
+	EC_KEY_set_enc_flags(ec_key, old_flags);
+
+	if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(NID_X9_62_id_ecPublicKey), 0,
+				ptype, pval, ep, eplen))
+		return 0;
+
+	return 1;
+}
+
+static int int_ec_size(const EVP_PKEY *pkey)
+	{
+	return ECDSA_size(pkey->pkey.ec);
+	}
+
+static int ec_bits(const EVP_PKEY *pkey)
+	{
+	BIGNUM *order = BN_new();
+	const EC_GROUP *group;
+	int ret;
+
+	if (!order)
+		{
+		ERR_clear_error();
+		return 0;
+		}
+	group = EC_KEY_get0_group(pkey->pkey.ec);
+	if (!EC_GROUP_get_order(group, order, NULL))
+		{
+		ERR_clear_error();
+		return 0;
+		}
+
+	ret = BN_num_bits(order);
+	BN_free(order);
+	return ret;
+	}
+
+static int ec_missing_parameters(const EVP_PKEY *pkey)
+	{
+	if (EC_KEY_get0_group(pkey->pkey.ec) == NULL)
+		return 1;
+	return 0;
+	}
+
+static int ec_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from)
+	{
+	EC_GROUP *group = EC_GROUP_dup(EC_KEY_get0_group(from->pkey.ec));
+	if (group == NULL)
+		return 0;
+	if (EC_KEY_set_group(to->pkey.ec, group) == 0)
+		return 0;
+	EC_GROUP_free(group);
+	return 1;
+	}
+
+static int ec_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b)
+	{
+	const EC_GROUP *group_a = EC_KEY_get0_group(a->pkey.ec),
+	               *group_b = EC_KEY_get0_group(b->pkey.ec);
+	if (EC_GROUP_cmp(group_a, group_b, NULL))
+		return 0;
+	else
+		return 1;
+	}
+
+static void int_ec_free(EVP_PKEY *pkey)
+	{
+	EC_KEY_free(pkey->pkey.ec);
+	}
+
+static int do_EC_KEY_print(BIO *bp, const EC_KEY *x, int off, int ktype)
+	{
+	unsigned char *buffer=NULL;
+	const char *ecstr;
+	size_t	buf_len=0, i;
+	int     ret=0, reason=ERR_R_BIO_LIB;
+	BIGNUM  *pub_key=NULL, *order=NULL;
+	BN_CTX  *ctx=NULL;
+	const EC_GROUP *group;
+	const EC_POINT *public_key;
+	const BIGNUM *priv_key;
+ 
+	if (x == NULL || (group = EC_KEY_get0_group(x)) == NULL)
+		{
+		reason = ERR_R_PASSED_NULL_PARAMETER;
+		goto err;
+		}
+
+	ctx = BN_CTX_new();
+	if (ctx == NULL)
+		{
+		reason = ERR_R_MALLOC_FAILURE;
+		goto err;
+		}
+
+	if (ktype > 0)
+		{
+		public_key = EC_KEY_get0_public_key(x);
+		if ((pub_key = EC_POINT_point2bn(group, public_key,
+			EC_KEY_get_conv_form(x), NULL, ctx)) == NULL)
+			{
+			reason = ERR_R_EC_LIB;
+			goto err;
+			}
+		if (pub_key)
+			buf_len = (size_t)BN_num_bytes(pub_key);
+		}
+
+	if (ktype == 2)
+		{
+		priv_key = EC_KEY_get0_private_key(x);
+		if (priv_key && (i = (size_t)BN_num_bytes(priv_key)) > buf_len)
+			buf_len = i;
+		}
+	else
+		priv_key = NULL;
+
+	if (ktype > 0)
+		{
+		buf_len += 10;
+		if ((buffer = OPENSSL_malloc(buf_len)) == NULL)
+			{
+			reason = ERR_R_MALLOC_FAILURE;
+			goto err;
+			}
+		}
+	if (ktype == 2)
+		ecstr = "Private-Key";
+	else if (ktype == 1)
+		ecstr = "Public-Key";
+	else
+		ecstr = "ECDSA-Parameters";
+
+	if (!BIO_indent(bp, off, 128))
+		goto err;
+	if ((order = BN_new()) == NULL)
+		goto err;
+	if (!EC_GROUP_get_order(group, order, NULL))
+		goto err;
+	if (BIO_printf(bp, "%s: (%d bit)\n", ecstr,
+		BN_num_bits(order)) <= 0) goto err;
+  
+	if ((priv_key != NULL) && !ASN1_bn_print(bp, "priv:", priv_key, 
+		buffer, off))
+		goto err;
+	if ((pub_key != NULL) && !ASN1_bn_print(bp, "pub: ", pub_key,
+		buffer, off))
+		goto err;
+	if (!ECPKParameters_print(bp, group, off))
+		goto err;
+	ret=1;
+err:
+	if (!ret)
+ 		ECerr(EC_F_DO_EC_KEY_PRINT, reason);
+	if (pub_key) 
+		BN_free(pub_key);
+	if (order)
+		BN_free(order);
+	if (ctx)
+		BN_CTX_free(ctx);
+	if (buffer != NULL)
+		OPENSSL_free(buffer);
+	return(ret);
+	}
+
+static int eckey_param_decode(EVP_PKEY *pkey,
+					const unsigned char **pder, int derlen)
+	{
+	EC_KEY *eckey;
+	if (!(eckey = d2i_ECParameters(NULL, pder, derlen)))
+		{
+		ECerr(EC_F_ECKEY_PARAM_DECODE, ERR_R_EC_LIB);
+		return 0;
+		}
+	EVP_PKEY_assign_EC_KEY(pkey, eckey);
+	return 1;
+	}
+
+static int eckey_param_encode(const EVP_PKEY *pkey, unsigned char **pder)
+	{
+	return i2d_ECParameters(pkey->pkey.ec, pder);
+	}
+
+static int eckey_param_print(BIO *bp, const EVP_PKEY *pkey, int indent,
+							ASN1_PCTX *ctx)
+	{
+	return do_EC_KEY_print(bp, pkey->pkey.ec, indent, 0);
+	}
+
+static int eckey_pub_print(BIO *bp, const EVP_PKEY *pkey, int indent,
+							ASN1_PCTX *ctx)
+	{
+	return do_EC_KEY_print(bp, pkey->pkey.ec, indent, 1);
+	}
+
+
+static int eckey_priv_print(BIO *bp, const EVP_PKEY *pkey, int indent,
+							ASN1_PCTX *ctx)
+	{
+	return do_EC_KEY_print(bp, pkey->pkey.ec, indent, 2);
+	}
+
+static int old_ec_priv_decode(EVP_PKEY *pkey,
+					const unsigned char **pder, int derlen)
+	{
+	EC_KEY *ec;
+	if (!(ec = d2i_ECPrivateKey (NULL, pder, derlen)))
+		{
+		ECerr(EC_F_OLD_EC_PRIV_DECODE, EC_R_DECODE_ERROR);
+		return 0;
+		}
+	EVP_PKEY_assign_EC_KEY(pkey, ec);
+	return 1;
+	}
+
+static int old_ec_priv_encode(const EVP_PKEY *pkey, unsigned char **pder)
+	{
+	return i2d_ECPrivateKey(pkey->pkey.ec, pder);
+	}
+
+static int ec_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
+	{
+	switch (op)
+		{
+		case ASN1_PKEY_CTRL_PKCS7_SIGN:
+		if (arg1 == 0)
+			{
+			int snid, hnid;
+			X509_ALGOR *alg1, *alg2;
+			PKCS7_SIGNER_INFO_get0_algs(arg2, NULL, &alg1, &alg2);
+			if (alg1 == NULL || alg1->algorithm == NULL)
+				return -1;
+			hnid = OBJ_obj2nid(alg1->algorithm);
+			if (hnid == NID_undef)
+				return -1;
+			if (!OBJ_find_sigid_by_algs(&snid, hnid, EVP_PKEY_id(pkey)))
+				return -1; 
+			X509_ALGOR_set0(alg2, OBJ_nid2obj(snid), V_ASN1_UNDEF, 0);
+			}
+		return 1;
+#ifndef OPENSSL_NO_CMS
+		case ASN1_PKEY_CTRL_CMS_SIGN:
+		if (arg1 == 0)
+			{
+			int snid, hnid;
+			X509_ALGOR *alg1, *alg2;
+			CMS_SignerInfo_get0_algs(arg2, NULL, NULL,
+								&alg1, &alg2);
+			if (alg1 == NULL || alg1->algorithm == NULL)
+				return -1;
+			hnid = OBJ_obj2nid(alg1->algorithm);
+			if (hnid == NID_undef)
+				return -1;
+			if (!OBJ_find_sigid_by_algs(&snid, hnid, EVP_PKEY_id(pkey)))
+				return -1; 
+			X509_ALGOR_set0(alg2, OBJ_nid2obj(snid), V_ASN1_UNDEF, 0);
+			}
+		return 1;
+#endif
+
+		case ASN1_PKEY_CTRL_DEFAULT_MD_NID:
+		*(int *)arg2 = NID_sha1;
+		return 2;
+
+		default:
+		return -2;
+
+		}
+
+	}
+
+const EVP_PKEY_ASN1_METHOD eckey_asn1_meth = 
+	{
+	EVP_PKEY_EC,
+	EVP_PKEY_EC,
+	0,
+	"EC",
+	"OpenSSL EC algorithm",
+
+	eckey_pub_decode,
+	eckey_pub_encode,
+	eckey_pub_cmp,
+	eckey_pub_print,
+
+	eckey_priv_decode,
+	eckey_priv_encode,
+	eckey_priv_print,
+
+	int_ec_size,
+	ec_bits,
+
+	eckey_param_decode,
+	eckey_param_encode,
+	ec_missing_parameters,
+	ec_copy_parameters,
+	ec_cmp_parameters,
+	eckey_param_print,
+
+	int_ec_free,
+	ec_pkey_ctrl,
+	old_ec_priv_decode,
+	old_ec_priv_encode
+	};
diff --git a/crypto/ec/ec_asn1.c b/crypto/ec/ec_asn1.c
index bfb6f3c9cc..ae55539859 100644
--- a/crypto/ec/ec_asn1.c
+++ b/crypto/ec/ec_asn1.c
@@ -384,7 +384,7 @@ static int ec_asn1_group2fieldid(const EC_GROUP *group, X9_62_FIELDID *field)
 				}
 			if (!ASN1_INTEGER_set(char_two->p.tpBasis, (long)k))
 				{
-				ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS,
+				ECerr(EC_F_EC_ASN1_GROUP2FIELDID,
 					ERR_R_ASN1_LIB);
 				goto err;
 				}
@@ -529,6 +529,8 @@ static int ec_asn1_group2curve(const EC_GROUP *group, X9_62_CURVE *curve)
 				ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_MALLOC_FAILURE);
 				goto err;
 				}
+		curve->seed->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07);
+		curve->seed->flags |= ASN1_STRING_FLAG_BITS_LEFT;
 		if (!ASN1_BIT_STRING_set(curve->seed, group->seed, 
 		                         (int)group->seed_len))
 			{
@@ -707,7 +709,7 @@ ECPKPARAMETERS *ec_asn1_group2pkparameters(const EC_GROUP *group,
 		/* use the asn1 OID to describe the
 		 * the elliptic curve parameters
 		 */
-		tmp = EC_GROUP_get_nid(group);
+		tmp = EC_GROUP_get_curve_name(group);
 		if (tmp)
 			{
 			ret->type = 0;
@@ -741,6 +743,7 @@ static EC_GROUP *ec_asn1_parameters2group(const ECPARAMETERS *params)
 	EC_GROUP		*ret = NULL;
 	BIGNUM			*p = NULL, *a = NULL, *b = NULL;
 	EC_POINT		*point=NULL;
+	long    		field_bits;
 
 	if (!params->fieldID || !params->fieldID->fieldType || 
 	    !params->fieldID->p.ptr)
@@ -779,6 +782,13 @@ static EC_GROUP *ec_asn1_parameters2group(const ECPARAMETERS *params)
 
 		char_two = params->fieldID->p.char_two;
 
+		field_bits = char_two->m;
+		if (field_bits > OPENSSL_ECC_MAX_FIELD_BITS)
+			{
+			ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_FIELD_TOO_LARGE);
+			goto err;
+			}
+
 		if ((p = BN_new()) == NULL)
 			{
 			ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_MALLOC_FAILURE);
@@ -799,6 +809,13 @@ static EC_GROUP *ec_asn1_parameters2group(const ECPARAMETERS *params)
 				}
 
 			tmp_long = ASN1_INTEGER_get(char_two->p.tpBasis);
+
+			if (!(char_two->m > tmp_long && tmp_long > 0))
+				{
+				ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_INVALID_TRINOMIAL_BASIS);
+				goto err;
+				}
+			
 			/* create the polynomial */
 			if (!BN_set_bit(p, (int)char_two->m))
 				goto err;
@@ -817,6 +834,13 @@ static EC_GROUP *ec_asn1_parameters2group(const ECPARAMETERS *params)
 				ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_ASN1_ERROR);
 				goto err;
 				}
+
+			if (!(char_two->m > penta->k3 && penta->k3 > penta->k2 && penta->k2 > penta->k1 && penta->k1 > 0))
+				{
+				ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_INVALID_PENTANOMIAL_BASIS);
+				goto err;
+				}
+			
 			/* create the polynomial */
 			if (!BN_set_bit(p, (int)char_two->m)) goto err;
 			if (!BN_set_bit(p, (int)penta->k1)) goto err;
@@ -837,11 +861,6 @@ static EC_GROUP *ec_asn1_parameters2group(const ECPARAMETERS *params)
 
 		/* create the EC_GROUP structure */
 		ret = EC_GROUP_new_curve_GF2m(p, a, b, NULL);
-		if (ret == NULL)
-			{
-			ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_EC_LIB);
-			goto err;
-			}
 		}
 	else if (tmp == NID_X9_62_prime_field)
 		{
@@ -858,13 +877,33 @@ static EC_GROUP *ec_asn1_parameters2group(const ECPARAMETERS *params)
 			ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_ASN1_LIB);
 			goto err;
 			}
-		/* create the EC_GROUP structure */
-		ret = EC_GROUP_new_curve_GFp(p, a, b, NULL);
-		if (ret == NULL)
+
+		if (BN_is_negative(p) || BN_is_zero(p))
+			{
+			ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_INVALID_FIELD);
+			goto err;
+			}
+
+		field_bits = BN_num_bits(p);
+		if (field_bits > OPENSSL_ECC_MAX_FIELD_BITS)
 			{
-			ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_EC_LIB);
+			ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_FIELD_TOO_LARGE);
 			goto err;
 			}
+
+		/* create the EC_GROUP structure */
+		ret = EC_GROUP_new_curve_GFp(p, a, b, NULL);
+		}
+	else
+		{
+		ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_INVALID_FIELD);
+		goto err;
+		}
+
+	if (ret == NULL)
+		{
+		ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_EC_LIB);
+		goto err;
 		}
 
 	/* extract seed (optional) */
@@ -909,6 +948,16 @@ static EC_GROUP *ec_asn1_parameters2group(const ECPARAMETERS *params)
 		ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_ASN1_LIB);
 		goto err;
 		}
+	if (BN_is_negative(a) || BN_is_zero(a))
+		{
+		ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_INVALID_GROUP_ORDER);
+		goto err;
+		}
+	if (BN_num_bits(a) > (int)field_bits + 1) /* Hasse bound */
+		{
+		ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_INVALID_GROUP_ORDER);
+		goto err;
+		}
 	
 	/* extract the cofactor (optional) */
 	if (params->cofactor == NULL)
@@ -967,7 +1016,7 @@ EC_GROUP *ec_asn1_pkparameters2group(const ECPKPARAMETERS *params)
 	if (params->type == 0)
 		{ /* the curve is given by an OID */
 		tmp = OBJ_obj2nid(params->value.named_curve);
-		if ((ret = EC_GROUP_new_by_nid(tmp)) == NULL)
+		if ((ret = EC_GROUP_new_by_curve_name(tmp)) == NULL)
 			{
 			ECerr(EC_F_EC_ASN1_PKPARAMETERS2GROUP, 
 			      EC_R_EC_GROUP_NEW_BY_NAME_FAILURE);
@@ -992,7 +1041,7 @@ EC_GROUP *ec_asn1_pkparameters2group(const ECPKPARAMETERS *params)
 		}
 	else
 		{
-		ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_ASN1_ERROR);
+		ECerr(EC_F_EC_ASN1_PKPARAMETERS2GROUP, EC_R_ASN1_ERROR);
 		return NULL;
 		}
 
@@ -1244,6 +1293,8 @@ int	i2d_ECPrivateKey(EC_KEY *a, unsigned char **out)
 			goto err;
 			}
 
+		priv_key->publicKey->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07);
+		priv_key->publicKey->flags |= ASN1_STRING_FLAG_BITS_LEFT;
 		if (!M_ASN1_BIT_STRING_set(priv_key->publicKey, buffer, 
 				buf_len))
 			{
diff --git a/crypto/ec/ec_check.c b/crypto/ec/ec_check.c
index f22c5641a8..0e316b4b3f 100644
--- a/crypto/ec/ec_check.c
+++ b/crypto/ec/ec_check.c
@@ -113,7 +113,8 @@ int EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx)
 	ret = 1;
 
 err:
-	BN_CTX_end(ctx);
+	if (ctx != NULL)
+		BN_CTX_end(ctx);
 	if (new_ctx != NULL)
 		BN_CTX_free(new_ctx);
 	if (point)
diff --git a/crypto/ec/ec_curve.c b/crypto/ec/ec_curve.c
index a523b206c7..23274e4031 100644
--- a/crypto/ec/ec_curve.c
+++ b/crypto/ec/ec_curve.c
@@ -73,926 +73,1690 @@
 #include <openssl/err.h>
 #include <openssl/obj_mac.h>
 
-typedef struct ec_curve_data_st {
-	int	field_type;	/* either NID_X9_62_prime_field or
+typedef struct {
+	int	field_type,	/* either NID_X9_62_prime_field or
 				 * NID_X9_62_characteristic_two_field */
-	const char *p;		/* either a prime number or a polynomial */
-	const char *a;
-	const char *b;
-	const char *x;		/* the x coordinate of the generator */
-	const char *y;		/* the y coordinate of the generator */
-	const char *order;	/* the order of the group generated by the
-				 * generator */
-	const BN_ULONG cofactor;/* the cofactor */
-	const unsigned char *seed;/* the seed (optional) */
-	size_t	seed_len;
-	const char *comment;	/* a short description of the curve */
+		seed_len,
+		param_len;
+	unsigned int cofactor;	/* promoted to BN_ULONG */
 } EC_CURVE_DATA;
 
 /* the nist prime curves */
-static const unsigned char _EC_NIST_PRIME_192_SEED[] = {
-	0x30,0x45,0xAE,0x6F,0xC8,0x42,0x2F,0x64,0xED,0x57,
-	0x95,0x28,0xD3,0x81,0x20,0xEA,0xE1,0x21,0x96,0xD5};
-static const EC_CURVE_DATA _EC_NIST_PRIME_192 = {
-	NID_X9_62_prime_field,
-	"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF",
-	"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC",
-	"64210519E59C80E70FA7E9AB72243049FEB8DEECC146B9B1",
-	"188DA80EB03090F67CBF20EB43A18800F4FF0AFD82FF1012",
-	"07192b95ffc8da78631011ed6b24cdd573f977a11e794811",
-	"FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22831",1,
-	_EC_NIST_PRIME_192_SEED, 20,
-	"NIST/X9.62/SECG curve over a 192 bit prime field"
+static const struct { EC_CURVE_DATA h; unsigned char data[20+24*6]; }
+	_EC_NIST_PRIME_192 = {
+	{ NID_X9_62_prime_field,20,24,1 },
+	{ 0x30,0x45,0xAE,0x6F,0xC8,0x42,0x2F,0x64,0xED,0x57,	/* seed */
+	  0x95,0x28,0xD3,0x81,0x20,0xEA,0xE1,0x21,0x96,0xD5,
+
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,	/* p */
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFE,0xFF,0xFF,0xFF,0xFF,
+	  0xFF,0xFF,0xFF,0xFF,
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,	/* a */
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFE,0xFF,0xFF,0xFF,0xFF,
+	  0xFF,0xFF,0xFF,0xFC,
+	  0x64,0x21,0x05,0x19,0xE5,0x9C,0x80,0xE7,0x0F,0xA7,	/* b */
+	  0xE9,0xAB,0x72,0x24,0x30,0x49,0xFE,0xB8,0xDE,0xEC,
+	  0xC1,0x46,0xB9,0xB1,
+	  0x18,0x8D,0xA8,0x0E,0xB0,0x30,0x90,0xF6,0x7C,0xBF,	/* x */
+	  0x20,0xEB,0x43,0xA1,0x88,0x00,0xF4,0xFF,0x0A,0xFD,
+	  0x82,0xFF,0x10,0x12,
+	  0x07,0x19,0x2b,0x95,0xff,0xc8,0xda,0x78,0x63,0x10,	/* y */
+	  0x11,0xed,0x6b,0x24,0xcd,0xd5,0x73,0xf9,0x77,0xa1,
+	  0x1e,0x79,0x48,0x11,
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,	/* order */
+	  0xFF,0xFF,0x99,0xDE,0xF8,0x36,0x14,0x6B,0xC9,0xB1,
+	  0xB4,0xD2,0x28,0x31 }
 	};
 
-static const unsigned char _EC_NIST_PRIME_224_SEED[] = {
-	0xBD,0x71,0x34,0x47,0x99,0xD5,0xC7,0xFC,0xDC,0x45,
-	0xB5,0x9F,0xA3,0xB9,0xAB,0x8F,0x6A,0x94,0x8B,0xC5};
-static const EC_CURVE_DATA _EC_NIST_PRIME_224 = {
-	NID_X9_62_prime_field,
-	"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001",
-	"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFE",
-	"B4050A850C04B3ABF54132565044B0B7D7BFD8BA270B39432355FFB4",
-	"B70E0CBD6BB4BF7F321390B94A03C1D356C21122343280D6115C1D21",
-	"bd376388b5f723fb4c22dfe6cd4375a05a07476444d5819985007e34",
-	"FFFFFFFFFFFFFFFFFFFFFFFFFFFF16A2E0B8F03E13DD29455C5C2A3D",1,
-	_EC_NIST_PRIME_224_SEED, 20,
-	"NIST/SECG curve over a 224 bit prime field"
+static const struct { EC_CURVE_DATA h; unsigned char data[20+28*6]; }
+	_EC_NIST_PRIME_224 = {
+	{ NID_X9_62_prime_field,20,28,1 },
+	{ 0xBD,0x71,0x34,0x47,0x99,0xD5,0xC7,0xFC,0xDC,0x45,	/* seed */
+	  0xB5,0x9F,0xA3,0xB9,0xAB,0x8F,0x6A,0x94,0x8B,0xC5,
+
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,	/* p */
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,	/* a */
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFE,0xFF,0xFF,0xFF,0xFF,
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFE,
+	  0xB4,0x05,0x0A,0x85,0x0C,0x04,0xB3,0xAB,0xF5,0x41,	/* b */
+	  0x32,0x56,0x50,0x44,0xB0,0xB7,0xD7,0xBF,0xD8,0xBA,
+	  0x27,0x0B,0x39,0x43,0x23,0x55,0xFF,0xB4,
+	  0xB7,0x0E,0x0C,0xBD,0x6B,0xB4,0xBF,0x7F,0x32,0x13,	/* x */
+	  0x90,0xB9,0x4A,0x03,0xC1,0xD3,0x56,0xC2,0x11,0x22,
+	  0x34,0x32,0x80,0xD6,0x11,0x5C,0x1D,0x21,
+	  0xbd,0x37,0x63,0x88,0xb5,0xf7,0x23,0xfb,0x4c,0x22,	/* y */
+	  0xdf,0xe6,0xcd,0x43,0x75,0xa0,0x5a,0x07,0x47,0x64,
+	  0x44,0xd5,0x81,0x99,0x85,0x00,0x7e,0x34,
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,	/* order */
+	  0xFF,0xFF,0xFF,0xFF,0x16,0xA2,0xE0,0xB8,0xF0,0x3E,
+	  0x13,0xDD,0x29,0x45,0x5C,0x5C,0x2A,0x3D }
 	};
 
-static const unsigned char _EC_NIST_PRIME_384_SEED[] = {
-	0xA3,0x35,0x92,0x6A,0xA3,0x19,0xA2,0x7A,0x1D,0x00,
-	0x89,0x6A,0x67,0x73,0xA4,0x82,0x7A,0xCD,0xAC,0x73};
-static const EC_CURVE_DATA _EC_NIST_PRIME_384 = {
-	NID_X9_62_prime_field,
-	"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFF"
-	"FFF0000000000000000FFFFFFFF",
-	"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFF"
-	"FFF0000000000000000FFFFFFFC",
-	"B3312FA7E23EE7E4988E056BE3F82D19181D9C6EFE8141120314088F5013875AC6563"
-	"98D8A2ED19D2A85C8EDD3EC2AEF",
-	"AA87CA22BE8B05378EB1C71EF320AD746E1D3B628BA79B9859F741E082542A385502F"
-	"25DBF55296C3A545E3872760AB7",
-	"3617de4a96262c6f5d9e98bf9292dc29f8f41dbd289a147ce9da3113b5f0b8c00a60b"
-	"1ce1d7e819d7a431d7c90ea0e5f",
-	"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC7634D81F4372DDF581A0"
-	"DB248B0A77AECEC196ACCC52973",1,
-	_EC_NIST_PRIME_384_SEED, 20,
-	"NIST/SECG curve over a 384 bit prime field"
+static const struct { EC_CURVE_DATA h; unsigned char data[20+48*6]; }
+	_EC_NIST_PRIME_384 = {
+	{ NID_X9_62_prime_field,20,48,1 },
+	{ 0xA3,0x35,0x92,0x6A,0xA3,0x19,0xA2,0x7A,0x1D,0x00,	/* seed */
+	  0x89,0x6A,0x67,0x73,0xA4,0x82,0x7A,0xCD,0xAC,0x73,
+
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,	/* p */
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
+	  0xFF,0xFE,0xFF,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0xFF,0xFF,0xFF,0xFF,
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,	/* a */
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
+	  0xFF,0xFE,0xFF,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0xFF,0xFF,0xFF,0xFC,
+	  0xB3,0x31,0x2F,0xA7,0xE2,0x3E,0xE7,0xE4,0x98,0x8E,	/* b */
+	  0x05,0x6B,0xE3,0xF8,0x2D,0x19,0x18,0x1D,0x9C,0x6E,
+	  0xFE,0x81,0x41,0x12,0x03,0x14,0x08,0x8F,0x50,0x13,
+	  0x87,0x5A,0xC6,0x56,0x39,0x8D,0x8A,0x2E,0xD1,0x9D,
+	  0x2A,0x85,0xC8,0xED,0xD3,0xEC,0x2A,0xEF,
+	  0xAA,0x87,0xCA,0x22,0xBE,0x8B,0x05,0x37,0x8E,0xB1,	/* x */
+	  0xC7,0x1E,0xF3,0x20,0xAD,0x74,0x6E,0x1D,0x3B,0x62,
+	  0x8B,0xA7,0x9B,0x98,0x59,0xF7,0x41,0xE0,0x82,0x54,
+	  0x2A,0x38,0x55,0x02,0xF2,0x5D,0xBF,0x55,0x29,0x6C,
+	  0x3A,0x54,0x5E,0x38,0x72,0x76,0x0A,0xB7,
+	  0x36,0x17,0xde,0x4a,0x96,0x26,0x2c,0x6f,0x5d,0x9e,	/* y */
+	  0x98,0xbf,0x92,0x92,0xdc,0x29,0xf8,0xf4,0x1d,0xbd,
+	  0x28,0x9a,0x14,0x7c,0xe9,0xda,0x31,0x13,0xb5,0xf0,
+	  0xb8,0xc0,0x0a,0x60,0xb1,0xce,0x1d,0x7e,0x81,0x9d,
+	  0x7a,0x43,0x1d,0x7c,0x90,0xea,0x0e,0x5f,
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,	/* order */
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
+	  0xFF,0xFF,0xFF,0xFF,0xC7,0x63,0x4D,0x81,0xF4,0x37,
+	  0x2D,0xDF,0x58,0x1A,0x0D,0xB2,0x48,0xB0,0xA7,0x7A,
+	  0xEC,0xEC,0x19,0x6A,0xCC,0xC5,0x29,0x73 }
 	};
 
-static const unsigned char _EC_NIST_PRIME_521_SEED[] = {
-	0xD0,0x9E,0x88,0x00,0x29,0x1C,0xB8,0x53,0x96,0xCC,
-	0x67,0x17,0x39,0x32,0x84,0xAA,0xA0,0xDA,0x64,0xBA};
-static const EC_CURVE_DATA _EC_NIST_PRIME_521 = {
-	NID_X9_62_prime_field,
-	"1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
-	"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF",
-	"1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
-	"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC",
-	"051953EB9618E1C9A1F929A21A0B68540EEA2DA725B99B315F3B8B489918EF109E156"
-	"193951EC7E937B1652C0BD3BB1BF073573DF883D2C34F1EF451FD46B503F00",
-	"C6858E06B70404E9CD9E3ECB662395B4429C648139053FB521F828AF606B4D3DBAA14"
-	"B5E77EFE75928FE1DC127A2FFA8DE3348B3C1856A429BF97E7E31C2E5BD66",
-	"011839296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e662c9"
-	"7ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16650",
-	"1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFA51"
-	"868783BF2F966B7FCC0148F709A5D03BB5C9B8899C47AEBB6FB71E91386409",1,
-	_EC_NIST_PRIME_521_SEED, 20,
-	"NIST/SECG curve over a 521 bit prime field"
+static const struct { EC_CURVE_DATA h; unsigned char data[20+66*6]; }
+	_EC_NIST_PRIME_521 = {
+	{ NID_X9_62_prime_field,20,66,1 },
+	{ 0xD0,0x9E,0x88,0x00,0x29,0x1C,0xB8,0x53,0x96,0xCC,	/* seed */
+	  0x67,0x17,0x39,0x32,0x84,0xAA,0xA0,0xDA,0x64,0xBA,
+
+	  0x01,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,	/* p */
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
+	  0x01,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,	/* a */
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFC,
+	  0x00,0x51,0x95,0x3E,0xB9,0x61,0x8E,0x1C,0x9A,0x1F,	/* b */
+	  0x92,0x9A,0x21,0xA0,0xB6,0x85,0x40,0xEE,0xA2,0xDA,
+	  0x72,0x5B,0x99,0xB3,0x15,0xF3,0xB8,0xB4,0x89,0x91,
+	  0x8E,0xF1,0x09,0xE1,0x56,0x19,0x39,0x51,0xEC,0x7E,
+	  0x93,0x7B,0x16,0x52,0xC0,0xBD,0x3B,0xB1,0xBF,0x07,
+	  0x35,0x73,0xDF,0x88,0x3D,0x2C,0x34,0xF1,0xEF,0x45,
+	  0x1F,0xD4,0x6B,0x50,0x3F,0x00,
+	  0x00,0xC6,0x85,0x8E,0x06,0xB7,0x04,0x04,0xE9,0xCD,	/* x */
+	  0x9E,0x3E,0xCB,0x66,0x23,0x95,0xB4,0x42,0x9C,0x64,
+	  0x81,0x39,0x05,0x3F,0xB5,0x21,0xF8,0x28,0xAF,0x60,
+	  0x6B,0x4D,0x3D,0xBA,0xA1,0x4B,0x5E,0x77,0xEF,0xE7,
+	  0x59,0x28,0xFE,0x1D,0xC1,0x27,0xA2,0xFF,0xA8,0xDE,
+	  0x33,0x48,0xB3,0xC1,0x85,0x6A,0x42,0x9B,0xF9,0x7E,
+	  0x7E,0x31,0xC2,0xE5,0xBD,0x66,
+	  0x01,0x18,0x39,0x29,0x6a,0x78,0x9a,0x3b,0xc0,0x04,	/* y */
+	  0x5c,0x8a,0x5f,0xb4,0x2c,0x7d,0x1b,0xd9,0x98,0xf5,
+	  0x44,0x49,0x57,0x9b,0x44,0x68,0x17,0xaf,0xbd,0x17,
+	  0x27,0x3e,0x66,0x2c,0x97,0xee,0x72,0x99,0x5e,0xf4,
+	  0x26,0x40,0xc5,0x50,0xb9,0x01,0x3f,0xad,0x07,0x61,
+	  0x35,0x3c,0x70,0x86,0xa2,0x72,0xc2,0x40,0x88,0xbe,
+	  0x94,0x76,0x9f,0xd1,0x66,0x50,
+	  0x01,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,	/* order */
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
+	  0xFF,0xFF,0xFF,0xFA,0x51,0x86,0x87,0x83,0xBF,0x2F,
+	  0x96,0x6B,0x7F,0xCC,0x01,0x48,0xF7,0x09,0xA5,0xD0,
+	  0x3B,0xB5,0xC9,0xB8,0x89,0x9C,0x47,0xAE,0xBB,0x6F,
+	  0xB7,0x1E,0x91,0x38,0x64,0x09 }
 	};
+
 /* the x9.62 prime curves (minus the nist prime curves) */
-static const unsigned char _EC_X9_62_PRIME_192V2_SEED[] = {
-	0x31,0xA9,0x2E,0xE2,0x02,0x9F,0xD1,0x0D,0x90,0x1B,
-	0x11,0x3E,0x99,0x07,0x10,0xF0,0xD2,0x1A,0xC6,0xB6};
-static const EC_CURVE_DATA _EC_X9_62_PRIME_192V2 = {
-	NID_X9_62_prime_field,
-	"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF",
-	"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC",
-	"CC22D6DFB95C6B25E49C0D6364A4E5980C393AA21668D953",
-	"EEA2BAE7E1497842F2DE7769CFE9C989C072AD696F48034A",
-	"6574d11d69b6ec7a672bb82a083df2f2b0847de970b2de15",
-	"FFFFFFFFFFFFFFFFFFFFFFFE5FB1A724DC80418648D8DD31",1,
-	_EC_X9_62_PRIME_192V2_SEED, 20,
-	"X9.62 curve over a 192 bit prime field"
+static const struct { EC_CURVE_DATA h; unsigned char data[20+24*6]; }
+	_EC_X9_62_PRIME_192V2 = {
+	{ NID_X9_62_prime_field,20,24,1 },
+	{ 0x31,0xA9,0x2E,0xE2,0x02,0x9F,0xD1,0x0D,0x90,0x1B,	/* seed */
+	  0x11,0x3E,0x99,0x07,0x10,0xF0,0xD2,0x1A,0xC6,0xB6,
+
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,	/* p */
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFE,0xFF,0xFF,0xFF,0xFF,
+	  0xFF,0xFF,0xFF,0xFF,
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,	/* a */
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFE,0xFF,0xFF,0xFF,0xFF,
+	  0xFF,0xFF,0xFF,0xFC,
+	  0xCC,0x22,0xD6,0xDF,0xB9,0x5C,0x6B,0x25,0xE4,0x9C,	/* b */
+	  0x0D,0x63,0x64,0xA4,0xE5,0x98,0x0C,0x39,0x3A,0xA2,
+	  0x16,0x68,0xD9,0x53,
+	  0xEE,0xA2,0xBA,0xE7,0xE1,0x49,0x78,0x42,0xF2,0xDE,	/* x */
+	  0x77,0x69,0xCF,0xE9,0xC9,0x89,0xC0,0x72,0xAD,0x69,
+	  0x6F,0x48,0x03,0x4A,
+	  0x65,0x74,0xd1,0x1d,0x69,0xb6,0xec,0x7a,0x67,0x2b,	/* y */
+	  0xb8,0x2a,0x08,0x3d,0xf2,0xf2,0xb0,0x84,0x7d,0xe9,
+	  0x70,0xb2,0xde,0x15,
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,	/* order */
+	  0xFF,0xFE,0x5F,0xB1,0xA7,0x24,0xDC,0x80,0x41,0x86,
+	  0x48,0xD8,0xDD,0x31 }
 	};
 
-static const unsigned char _EC_X9_62_PRIME_192V3_SEED[] = {
-	0xC4,0x69,0x68,0x44,0x35,0xDE,0xB3,0x78,0xC4,0xB6,
-	0x5C,0xA9,0x59,0x1E,0x2A,0x57,0x63,0x05,0x9A,0x2E};
-static const EC_CURVE_DATA _EC_X9_62_PRIME_192V3 = {
-	NID_X9_62_prime_field,
-	"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF",
-	"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC",
-	"22123DC2395A05CAA7423DAECCC94760A7D462256BD56916",
-	"7D29778100C65A1DA1783716588DCE2B8B4AEE8E228F1896",
-	"38a90f22637337334b49dcb66a6dc8f9978aca7648a943b0",
-	"FFFFFFFFFFFFFFFFFFFFFFFF7A62D031C83F4294F640EC13",1,
-	_EC_X9_62_PRIME_192V3_SEED, 20,
-	"X9.62 curve over a 192 bit prime field"
+static const struct { EC_CURVE_DATA h; unsigned char data[20+24*6]; }
+	_EC_X9_62_PRIME_192V3 = {
+	{ NID_X9_62_prime_field,20,24,1 },
+	{ 0xC4,0x69,0x68,0x44,0x35,0xDE,0xB3,0x78,0xC4,0xB6,	/* seed */
+	  0x5C,0xA9,0x59,0x1E,0x2A,0x57,0x63,0x05,0x9A,0x2E,
+
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,	/* p */
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFE,0xFF,0xFF,0xFF,0xFF,
+	  0xFF,0xFF,0xFF,0xFF,
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,	/* a */
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFE,0xFF,0xFF,0xFF,0xFF,
+	  0xFF,0xFF,0xFF,0xFC,
+	  0x22,0x12,0x3D,0xC2,0x39,0x5A,0x05,0xCA,0xA7,0x42,	/* b */
+	  0x3D,0xAE,0xCC,0xC9,0x47,0x60,0xA7,0xD4,0x62,0x25,
+	  0x6B,0xD5,0x69,0x16,
+	  0x7D,0x29,0x77,0x81,0x00,0xC6,0x5A,0x1D,0xA1,0x78,	/* x */
+	  0x37,0x16,0x58,0x8D,0xCE,0x2B,0x8B,0x4A,0xEE,0x8E,
+	  0x22,0x8F,0x18,0x96,
+	  0x38,0xa9,0x0f,0x22,0x63,0x73,0x37,0x33,0x4b,0x49,	/* y */
+	  0xdc,0xb6,0x6a,0x6d,0xc8,0xf9,0x97,0x8a,0xca,0x76,
+	  0x48,0xa9,0x43,0xb0,
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,	/* order */
+	  0xFF,0xFF,0x7A,0x62,0xD0,0x31,0xC8,0x3F,0x42,0x94,
+	  0xF6,0x40,0xEC,0x13 }
 	};
 
-static const unsigned char _EC_X9_62_PRIME_239V1_SEED[] = {
-	0xE4,0x3B,0xB4,0x60,0xF0,0xB8,0x0C,0xC0,0xC0,0xB0,
-	0x75,0x79,0x8E,0x94,0x80,0x60,0xF8,0x32,0x1B,0x7D};
-static const EC_CURVE_DATA _EC_X9_62_PRIME_239V1 = {
-	NID_X9_62_prime_field,
-	"7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFF",
-	"7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFC",
-	"6B016C3BDCF18941D0D654921475CA71A9DB2FB27D1D37796185C2942C0A",
-	"0FFA963CDCA8816CCC33B8642BEDF905C3D358573D3F27FBBD3B3CB9AAAF",
-	"7debe8e4e90a5dae6e4054ca530ba04654b36818ce226b39fccb7b02f1ae",
-	"7FFFFFFFFFFFFFFFFFFFFFFF7FFFFF9E5E9A9F5D9071FBD1522688909D0B",1,
-	_EC_X9_62_PRIME_239V1_SEED, 20,
-	"X9.62 curve over a 239 bit prime field"
+static const struct { EC_CURVE_DATA h; unsigned char data[20+30*6]; }
+	_EC_X9_62_PRIME_239V1 = {
+	{ NID_X9_62_prime_field,20,30,1 },
+	{ 0xE4,0x3B,0xB4,0x60,0xF0,0xB8,0x0C,0xC0,0xC0,0xB0,	/* seed */
+	  0x75,0x79,0x8E,0x94,0x80,0x60,0xF8,0x32,0x1B,0x7D,
+
+	  0x7F,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,	/* p */
+	  0xFF,0xFF,0x7F,0xFF,0xFF,0xFF,0xFF,0xFF,0x80,0x00,
+	  0x00,0x00,0x00,0x00,0x7F,0xFF,0xFF,0xFF,0xFF,0xFF,
+
+	  0x7F,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,	/* a */
+	  0xFF,0xFF,0x7F,0xFF,0xFF,0xFF,0xFF,0xFF,0x80,0x00,
+	  0x00,0x00,0x00,0x00,0x7F,0xFF,0xFF,0xFF,0xFF,0xFC,
+
+	  0x6B,0x01,0x6C,0x3B,0xDC,0xF1,0x89,0x41,0xD0,0xD6,	/* b */
+	  0x54,0x92,0x14,0x75,0xCA,0x71,0xA9,0xDB,0x2F,0xB2,
+	  0x7D,0x1D,0x37,0x79,0x61,0x85,0xC2,0x94,0x2C,0x0A,
+
+	  0x0F,0xFA,0x96,0x3C,0xDC,0xA8,0x81,0x6C,0xCC,0x33,	/* x */
+	  0xB8,0x64,0x2B,0xED,0xF9,0x05,0xC3,0xD3,0x58,0x57,
+	  0x3D,0x3F,0x27,0xFB,0xBD,0x3B,0x3C,0xB9,0xAA,0xAF,
+
+	  0x7d,0xeb,0xe8,0xe4,0xe9,0x0a,0x5d,0xae,0x6e,0x40,	/* y */
+	  0x54,0xca,0x53,0x0b,0xa0,0x46,0x54,0xb3,0x68,0x18,
+	  0xce,0x22,0x6b,0x39,0xfc,0xcb,0x7b,0x02,0xf1,0xae,
+
+	  0x7F,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,	/* order */
+	  0xFF,0xFF,0x7F,0xFF,0xFF,0x9E,0x5E,0x9A,0x9F,0x5D,
+	  0x90,0x71,0xFB,0xD1,0x52,0x26,0x88,0x90,0x9D,0x0B }
 	};
 
-static const unsigned char _EC_X9_62_PRIME_239V2_SEED[] = {
-	0xE8,0xB4,0x01,0x16,0x04,0x09,0x53,0x03,0xCA,0x3B,
-	0x80,0x99,0x98,0x2B,0xE0,0x9F,0xCB,0x9A,0xE6,0x16};
-static const EC_CURVE_DATA _EC_X9_62_PRIME_239V2 = {
-	NID_X9_62_prime_field,
-	"7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFF",
-	"7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFC",
-	"617FAB6832576CBBFED50D99F0249C3FEE58B94BA0038C7AE84C8C832F2C",
-	"38AF09D98727705120C921BB5E9E26296A3CDCF2F35757A0EAFD87B830E7",
-	"5b0125e4dbea0ec7206da0fc01d9b081329fb555de6ef460237dff8be4ba",
-	"7FFFFFFFFFFFFFFFFFFFFFFF800000CFA7E8594377D414C03821BC582063",1,
-	_EC_X9_62_PRIME_239V2_SEED, 20,
-	"X9.62 curve over a 239 bit prime field"
+static const struct { EC_CURVE_DATA h; unsigned char data[20+30*6]; }
+	_EC_X9_62_PRIME_239V2 = {
+	{ NID_X9_62_prime_field,20,30,1 },
+	{ 0xE8,0xB4,0x01,0x16,0x04,0x09,0x53,0x03,0xCA,0x3B,	/* seed */
+	  0x80,0x99,0x98,0x2B,0xE0,0x9F,0xCB,0x9A,0xE6,0x16,
+
+	  0x7F,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,	/* p */
+	  0xFF,0xFF,0x7F,0xFF,0xFF,0xFF,0xFF,0xFF,0x80,0x00,
+	  0x00,0x00,0x00,0x00,0x7F,0xFF,0xFF,0xFF,0xFF,0xFF,
+
+	  0x7F,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,	/* a */
+	  0xFF,0xFF,0x7F,0xFF,0xFF,0xFF,0xFF,0xFF,0x80,0x00,
+	  0x00,0x00,0x00,0x00,0x7F,0xFF,0xFF,0xFF,0xFF,0xFC,
+
+	  0x61,0x7F,0xAB,0x68,0x32,0x57,0x6C,0xBB,0xFE,0xD5,	/* b */
+	  0x0D,0x99,0xF0,0x24,0x9C,0x3F,0xEE,0x58,0xB9,0x4B,
+	  0xA0,0x03,0x8C,0x7A,0xE8,0x4C,0x8C,0x83,0x2F,0x2C,
+
+	  0x38,0xAF,0x09,0xD9,0x87,0x27,0x70,0x51,0x20,0xC9,	/* x */
+	  0x21,0xBB,0x5E,0x9E,0x26,0x29,0x6A,0x3C,0xDC,0xF2,
+	  0xF3,0x57,0x57,0xA0,0xEA,0xFD,0x87,0xB8,0x30,0xE7,
+
+	  0x5b,0x01,0x25,0xe4,0xdb,0xea,0x0e,0xc7,0x20,0x6d,	/* y */
+	  0xa0,0xfc,0x01,0xd9,0xb0,0x81,0x32,0x9f,0xb5,0x55,
+	  0xde,0x6e,0xf4,0x60,0x23,0x7d,0xff,0x8b,0xe4,0xba,
+
+	  0x7F,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,	/* order */
+	  0xFF,0xFF,0x80,0x00,0x00,0xCF,0xA7,0xE8,0x59,0x43,
+	  0x77,0xD4,0x14,0xC0,0x38,0x21,0xBC,0x58,0x20,0x63 }
 	};
 
-static const unsigned char _EC_X9_62_PRIME_239V3_SEED[] = {
-	0x7D,0x73,0x74,0x16,0x8F,0xFE,0x34,0x71,0xB6,0x0A,
-	0x85,0x76,0x86,0xA1,0x94,0x75,0xD3,0xBF,0xA2,0xFF};
-static const EC_CURVE_DATA _EC_X9_62_PRIME_239V3 = {
-	NID_X9_62_prime_field,
-	"7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFF",
-	"7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFC",
-	"255705FA2A306654B1F4CB03D6A750A30C250102D4988717D9BA15AB6D3E",
-	"6768AE8E18BB92CFCF005C949AA2C6D94853D0E660BBF854B1C9505FE95A",
-	"1607e6898f390c06bc1d552bad226f3b6fcfe48b6e818499af18e3ed6cf3",
-	"7FFFFFFFFFFFFFFFFFFFFFFF7FFFFF975DEB41B3A6057C3C432146526551",1,
-	_EC_X9_62_PRIME_239V3_SEED, 20,
-	"X9.62 curve over a 239 bit prime field"
+static const struct { EC_CURVE_DATA h; unsigned char data[20+30*6]; }
+	_EC_X9_62_PRIME_239V3 = {
+	{ NID_X9_62_prime_field,20,30,1 },
+	{ 0x7D,0x73,0x74,0x16,0x8F,0xFE,0x34,0x71,0xB6,0x0A,	/* seed */
+	  0x85,0x76,0x86,0xA1,0x94,0x75,0xD3,0xBF,0xA2,0xFF,
+
+	  0x7F,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,	/* p */
+	  0xFF,0xFF,0x7F,0xFF,0xFF,0xFF,0xFF,0xFF,0x80,0x00,
+	  0x00,0x00,0x00,0x00,0x7F,0xFF,0xFF,0xFF,0xFF,0xFF,
+
+	  0x7F,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,	/* a */
+	  0xFF,0xFF,0x7F,0xFF,0xFF,0xFF,0xFF,0xFF,0x80,0x00,
+	  0x00,0x00,0x00,0x00,0x7F,0xFF,0xFF,0xFF,0xFF,0xFC,
+
+	  0x25,0x57,0x05,0xFA,0x2A,0x30,0x66,0x54,0xB1,0xF4,	/* b */
+	  0xCB,0x03,0xD6,0xA7,0x50,0xA3,0x0C,0x25,0x01,0x02,
+	  0xD4,0x98,0x87,0x17,0xD9,0xBA,0x15,0xAB,0x6D,0x3E,
+
+	  0x67,0x68,0xAE,0x8E,0x18,0xBB,0x92,0xCF,0xCF,0x00,	/* x */
+	  0x5C,0x94,0x9A,0xA2,0xC6,0xD9,0x48,0x53,0xD0,0xE6,
+	  0x60,0xBB,0xF8,0x54,0xB1,0xC9,0x50,0x5F,0xE9,0x5A,
+
+	  0x16,0x07,0xe6,0x89,0x8f,0x39,0x0c,0x06,0xbc,0x1d,	/* y */
+	  0x55,0x2b,0xad,0x22,0x6f,0x3b,0x6f,0xcf,0xe4,0x8b,
+	  0x6e,0x81,0x84,0x99,0xaf,0x18,0xe3,0xed,0x6c,0xf3,
+
+	  0x7F,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,	/* order */
+	  0xFF,0xFF,0x7F,0xFF,0xFF,0x97,0x5D,0xEB,0x41,0xB3,
+	  0xA6,0x05,0x7C,0x3C,0x43,0x21,0x46,0x52,0x65,0x51 }
 	};
 
-static const unsigned char _EC_X9_62_PRIME_256V1_SEED[] = {
-	0xC4,0x9D,0x36,0x08,0x86,0xE7,0x04,0x93,0x6A,0x66,
-	0x78,0xE1,0x13,0x9D,0x26,0xB7,0x81,0x9F,0x7E,0x90};
-static const EC_CURVE_DATA _EC_X9_62_PRIME_256V1 = {
-	NID_X9_62_prime_field,
-	"FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF",
-	"FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC",
-	"5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B",
-	"6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296",
-	"4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5",
-	"FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551",1,
-	_EC_X9_62_PRIME_256V1_SEED, 20,
-	"X9.62/SECG curve over a 256 bit prime field"
+
+static const struct { EC_CURVE_DATA h; unsigned char data[20+32*6]; }
+	_EC_X9_62_PRIME_256V1 = {
+	{ NID_X9_62_prime_field,20,32,1 },
+	{ 0xC4,0x9D,0x36,0x08,0x86,0xE7,0x04,0x93,0x6A,0x66,	/* seed */
+	  0x78,0xE1,0x13,0x9D,0x26,0xB7,0x81,0x9F,0x7E,0x90,
+
+	  0xFF,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x01,0x00,0x00,	/* p */
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
+	  0xFF,0xFF,
+	  0xFF,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x01,0x00,0x00,	/* a */
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
+	  0xFF,0xFC,
+	  0x5A,0xC6,0x35,0xD8,0xAA,0x3A,0x93,0xE7,0xB3,0xEB,	/* b */
+	  0xBD,0x55,0x76,0x98,0x86,0xBC,0x65,0x1D,0x06,0xB0,
+	  0xCC,0x53,0xB0,0xF6,0x3B,0xCE,0x3C,0x3E,0x27,0xD2,
+	  0x60,0x4B,
+	  0x6B,0x17,0xD1,0xF2,0xE1,0x2C,0x42,0x47,0xF8,0xBC,	/* x */
+	  0xE6,0xE5,0x63,0xA4,0x40,0xF2,0x77,0x03,0x7D,0x81,
+	  0x2D,0xEB,0x33,0xA0,0xF4,0xA1,0x39,0x45,0xD8,0x98,
+	  0xC2,0x96,
+	  0x4f,0xe3,0x42,0xe2,0xfe,0x1a,0x7f,0x9b,0x8e,0xe7,	/* y */
+	  0xeb,0x4a,0x7c,0x0f,0x9e,0x16,0x2b,0xce,0x33,0x57,
+	  0x6b,0x31,0x5e,0xce,0xcb,0xb6,0x40,0x68,0x37,0xbf,
+	  0x51,0xf5,
+	  0xFF,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0xFF,0xFF,	/* order */
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xBC,0xE6,0xFA,0xAD,
+	  0xA7,0x17,0x9E,0x84,0xF3,0xB9,0xCA,0xC2,0xFC,0x63,
+	  0x25,0x51 }
 	};
+
 /* the secg prime curves (minus the nist and x9.62 prime curves) */
-static const unsigned char _EC_SECG_PRIME_112R1_SEED[] = {
-	0x00,0xF5,0x0B,0x02,0x8E,0x4D,0x69,0x6E,0x67,0x68,
-	0x75,0x61,0x51,0x75,0x29,0x04,0x72,0x78,0x3F,0xB1};
-static const EC_CURVE_DATA _EC_SECG_PRIME_112R1 = {
-	NID_X9_62_prime_field,
-	"DB7C2ABF62E35E668076BEAD208B",
-	"DB7C2ABF62E35E668076BEAD2088",
-	"659EF8BA043916EEDE8911702B22",
-	"09487239995A5EE76B55F9C2F098",
-	"a89ce5af8724c0a23e0e0ff77500",
-	"DB7C2ABF62E35E7628DFAC6561C5",1,
-	_EC_SECG_PRIME_112R1_SEED, 20,
-	"SECG/WTLS curve over a 112 bit prime field"
+static const struct { EC_CURVE_DATA h; unsigned char data[20+14*6]; }
+	_EC_SECG_PRIME_112R1 = {
+	{ NID_X9_62_prime_field,20,14,1 },
+	{ 0x00,0xF5,0x0B,0x02,0x8E,0x4D,0x69,0x6E,0x67,0x68,	/* seed */
+	  0x75,0x61,0x51,0x75,0x29,0x04,0x72,0x78,0x3F,0xB1,
+
+	  0xDB,0x7C,0x2A,0xBF,0x62,0xE3,0x5E,0x66,0x80,0x76,	/* p */
+	  0xBE,0xAD,0x20,0x8B,
+	  0xDB,0x7C,0x2A,0xBF,0x62,0xE3,0x5E,0x66,0x80,0x76,	/* a */
+	  0xBE,0xAD,0x20,0x88,
+	  0x65,0x9E,0xF8,0xBA,0x04,0x39,0x16,0xEE,0xDE,0x89,	/* b */
+	  0x11,0x70,0x2B,0x22,
+	  0x09,0x48,0x72,0x39,0x99,0x5A,0x5E,0xE7,0x6B,0x55,	/* x */
+	  0xF9,0xC2,0xF0,0x98,
+	  0xa8,0x9c,0xe5,0xaf,0x87,0x24,0xc0,0xa2,0x3e,0x0e,	/* y */
+	  0x0f,0xf7,0x75,0x00,
+	  0xDB,0x7C,0x2A,0xBF,0x62,0xE3,0x5E,0x76,0x28,0xDF,	/* order */
+	  0xAC,0x65,0x61,0xC5 }
 	};
 
-static const unsigned char _EC_SECG_PRIME_112R2_SEED[] = {
-	0x00,0x27,0x57,0xA1,0x11,0x4D,0x69,0x6E,0x67,0x68,
-	0x75,0x61,0x51,0x75,0x53,0x16,0xC0,0x5E,0x0B,0xD4};
-static const EC_CURVE_DATA _EC_SECG_PRIME_112R2 = {
-	NID_X9_62_prime_field,
-	"DB7C2ABF62E35E668076BEAD208B",
-	"6127C24C05F38A0AAAF65C0EF02C",
-	"51DEF1815DB5ED74FCC34C85D709",
-	"4BA30AB5E892B4E1649DD0928643",
-	"adcd46f5882e3747def36e956e97",
-	"36DF0AAFD8B8D7597CA10520D04B",4, 
-	_EC_SECG_PRIME_112R2_SEED, 20,
-	"SECG curve over a 112 bit prime field"
+static const struct { EC_CURVE_DATA h; unsigned char data[20+14*6]; }
+	_EC_SECG_PRIME_112R2 = {
+	{ NID_X9_62_prime_field,20,14,4 },
+	{ 0x00,0x27,0x57,0xA1,0x11,0x4D,0x69,0x6E,0x67,0x68,	/* seed */
+	  0x75,0x61,0x51,0x75,0x53,0x16,0xC0,0x5E,0x0B,0xD4,
+
+	  0xDB,0x7C,0x2A,0xBF,0x62,0xE3,0x5E,0x66,0x80,0x76,	/* p */
+	  0xBE,0xAD,0x20,0x8B,
+	  0x61,0x27,0xC2,0x4C,0x05,0xF3,0x8A,0x0A,0xAA,0xF6,	/* a */
+	  0x5C,0x0E,0xF0,0x2C,
+	  0x51,0xDE,0xF1,0x81,0x5D,0xB5,0xED,0x74,0xFC,0xC3,	/* b */
+	  0x4C,0x85,0xD7,0x09,
+	  0x4B,0xA3,0x0A,0xB5,0xE8,0x92,0xB4,0xE1,0x64,0x9D,	/* x */
+	  0xD0,0x92,0x86,0x43,
+	  0xad,0xcd,0x46,0xf5,0x88,0x2e,0x37,0x47,0xde,0xf3,	/* y */
+	  0x6e,0x95,0x6e,0x97,
+	  0x36,0xDF,0x0A,0xAF,0xD8,0xB8,0xD7,0x59,0x7C,0xA1,	/* order */
+	  0x05,0x20,0xD0,0x4B }
 	};
 
-static const unsigned char _EC_SECG_PRIME_128R1_SEED[] = {
-	0x00,0x0E,0x0D,0x4D,0x69,0x6E,0x67,0x68,0x75,0x61,
-	0x51,0x75,0x0C,0xC0,0x3A,0x44,0x73,0xD0,0x36,0x79};
-static const EC_CURVE_DATA _EC_SECG_PRIME_128R1 = {
-	NID_X9_62_prime_field,
-	"FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFF",
-	"FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFC",
-	"E87579C11079F43DD824993C2CEE5ED3",
-	"161FF7528B899B2D0C28607CA52C5B86",
-	"cf5ac8395bafeb13c02da292dded7a83",
-	"FFFFFFFE0000000075A30D1B9038A115",1,
-	_EC_SECG_PRIME_128R1_SEED, 20,
-	"SECG curve over a 128 bit prime field"
+static const struct { EC_CURVE_DATA h; unsigned char data[20+16*6]; }
+	_EC_SECG_PRIME_128R1 = {
+	{ NID_X9_62_prime_field,20,16,1 },
+	{ 0x00,0x0E,0x0D,0x4D,0x69,0x6E,0x67,0x68,0x75,0x61,	/* seed */
+	  0x51,0x75,0x0C,0xC0,0x3A,0x44,0x73,0xD0,0x36,0x79,
+
+	  0xFF,0xFF,0xFF,0xFD,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,	/* p */
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
+	  0xFF,0xFF,0xFF,0xFD,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,	/* a */
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFC,
+	  0xE8,0x75,0x79,0xC1,0x10,0x79,0xF4,0x3D,0xD8,0x24,	/* b */
+	  0x99,0x3C,0x2C,0xEE,0x5E,0xD3,
+	  0x16,0x1F,0xF7,0x52,0x8B,0x89,0x9B,0x2D,0x0C,0x28,	/* x */
+	  0x60,0x7C,0xA5,0x2C,0x5B,0x86,
+	  0xcf,0x5a,0xc8,0x39,0x5b,0xaf,0xeb,0x13,0xc0,0x2d,	/* y */
+	  0xa2,0x92,0xdd,0xed,0x7a,0x83,
+	  0xFF,0xFF,0xFF,0xFE,0x00,0x00,0x00,0x00,0x75,0xA3,	/* order */
+	  0x0D,0x1B,0x90,0x38,0xA1,0x15 }
 	};
 
-static const unsigned char _EC_SECG_PRIME_128R2_SEED[] = {
-	0x00,0x4D,0x69,0x6E,0x67,0x68,0x75,0x61,0x51,0x75,
-	0x12,0xD8,0xF0,0x34,0x31,0xFC,0xE6,0x3B,0x88,0xF4};
-static const EC_CURVE_DATA _EC_SECG_PRIME_128R2 = {
-	NID_X9_62_prime_field,
-	"FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFF",
-	"D6031998D1B3BBFEBF59CC9BBFF9AEE1",
-	"5EEEFCA380D02919DC2C6558BB6D8A5D",
-	"7B6AA5D85E572983E6FB32A7CDEBC140",
-	"27b6916a894d3aee7106fe805fc34b44",
-	"3FFFFFFF7FFFFFFFBE0024720613B5A3",4,
-	_EC_SECG_PRIME_128R2_SEED, 20,
-	"SECG curve over a 128 bit prime field"
+static const struct { EC_CURVE_DATA h; unsigned char data[20+16*6]; }
+	_EC_SECG_PRIME_128R2 = {
+	{ NID_X9_62_prime_field,20,16,4 },
+	{ 0x00,0x4D,0x69,0x6E,0x67,0x68,0x75,0x61,0x51,0x75,	/* seed */
+	  0x12,0xD8,0xF0,0x34,0x31,0xFC,0xE6,0x3B,0x88,0xF4,
+
+	  0xFF,0xFF,0xFF,0xFD,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,	/* p */
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
+	  0xD6,0x03,0x19,0x98,0xD1,0xB3,0xBB,0xFE,0xBF,0x59,	/* a */
+	  0xCC,0x9B,0xBF,0xF9,0xAE,0xE1,
+	  0x5E,0xEE,0xFC,0xA3,0x80,0xD0,0x29,0x19,0xDC,0x2C,	/* b */
+	  0x65,0x58,0xBB,0x6D,0x8A,0x5D,
+	  0x7B,0x6A,0xA5,0xD8,0x5E,0x57,0x29,0x83,0xE6,0xFB,	/* x */
+	  0x32,0xA7,0xCD,0xEB,0xC1,0x40,
+	  0x27,0xb6,0x91,0x6a,0x89,0x4d,0x3a,0xee,0x71,0x06,	/* y */
+	  0xfe,0x80,0x5f,0xc3,0x4b,0x44,
+	  0x3F,0xFF,0xFF,0xFF,0x7F,0xFF,0xFF,0xFF,0xBE,0x00,	/* order */
+	  0x24,0x72,0x06,0x13,0xB5,0xA3 }
 	};
 
-static const EC_CURVE_DATA _EC_SECG_PRIME_160K1 = {
-	NID_X9_62_prime_field,
-	"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFAC73",
-	"0",
-	"7",
-	"3B4C382CE37AA192A4019E763036F4F5DD4D7EBB",
-	"938cf935318fdced6bc28286531733c3f03c4fee",
-	"0100000000000000000001B8FA16DFAB9ACA16B6B3",1,
-	NULL, 0,
-	"SECG curve over a 160 bit prime field"
+static const struct { EC_CURVE_DATA h; unsigned char data[0+21*6]; }
+	_EC_SECG_PRIME_160K1 = {
+	{ NID_X9_62_prime_field,0,21,1 },
+	{							/* no seed */
+	  0x00,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,	/* p */
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFE,0xFF,0xFF,0xAC,
+	  0x73,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* a */
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* b */
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x07,
+	  0x00,0x3B,0x4C,0x38,0x2C,0xE3,0x7A,0xA1,0x92,0xA4,	/* x */
+	  0x01,0x9E,0x76,0x30,0x36,0xF4,0xF5,0xDD,0x4D,0x7E,
+	  0xBB,
+	  0x00,0x93,0x8c,0xf9,0x35,0x31,0x8f,0xdc,0xed,0x6b,	/* y */
+	  0xc2,0x82,0x86,0x53,0x17,0x33,0xc3,0xf0,0x3c,0x4f,
+	  0xee,
+	  0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* order */
+	  0x01,0xB8,0xFA,0x16,0xDF,0xAB,0x9A,0xCA,0x16,0xB6,
+	  0xB3 }
 	};
 
-static const unsigned char _EC_SECG_PRIME_160R1_SEED[] = {
-	0x10,0x53,0xCD,0xE4,0x2C,0x14,0xD6,0x96,0xE6,0x76,
-	0x87,0x56,0x15,0x17,0x53,0x3B,0xF3,0xF8,0x33,0x45};
-static const EC_CURVE_DATA _EC_SECG_PRIME_160R1 = {
-	NID_X9_62_prime_field,
-	"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFF",
-	"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFC",
-	"1C97BEFC54BD7A8B65ACF89F81D4D4ADC565FA45",
-	"4A96B5688EF573284664698968C38BB913CBFC82",
-	"23a628553168947d59dcc912042351377ac5fb32",
-	"0100000000000000000001F4C8F927AED3CA752257",1,
-	_EC_SECG_PRIME_160R1_SEED, 20,
-	"SECG curve over a 160 bit prime field"
+static const struct { EC_CURVE_DATA h; unsigned char data[20+21*6]; }
+	_EC_SECG_PRIME_160R1 = {
+	{ NID_X9_62_prime_field,20,21,1 },
+	{ 0x10,0x53,0xCD,0xE4,0x2C,0x14,0xD6,0x96,0xE6,0x76,	/* seed */
+	  0x87,0x56,0x15,0x17,0x53,0x3B,0xF3,0xF8,0x33,0x45,
+
+	  0x00,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,	/* p */
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0x7F,0xFF,0xFF,
+	  0xFF,
+	  0x00,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,	/* a */
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0x7F,0xFF,0xFF,
+	  0xFC,
+	  0x00,0x1C,0x97,0xBE,0xFC,0x54,0xBD,0x7A,0x8B,0x65,	/* b */
+	  0xAC,0xF8,0x9F,0x81,0xD4,0xD4,0xAD,0xC5,0x65,0xFA,
+	  0x45,
+	  0x00,0x4A,0x96,0xB5,0x68,0x8E,0xF5,0x73,0x28,0x46,	/* x */
+	  0x64,0x69,0x89,0x68,0xC3,0x8B,0xB9,0x13,0xCB,0xFC,
+	  0x82,
+	  0x00,0x23,0xa6,0x28,0x55,0x31,0x68,0x94,0x7d,0x59,	/* y */
+	  0xdc,0xc9,0x12,0x04,0x23,0x51,0x37,0x7a,0xc5,0xfb,
+	  0x32,
+	  0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* order */
+	  0x01,0xF4,0xC8,0xF9,0x27,0xAE,0xD3,0xCA,0x75,0x22,
+	  0x57 }
 	};
 
-static const unsigned char _EC_SECG_PRIME_160R2_SEED[] = {
-	0xB9,0x9B,0x99,0xB0,0x99,0xB3,0x23,0xE0,0x27,0x09,
-	0xA4,0xD6,0x96,0xE6,0x76,0x87,0x56,0x15,0x17,0x51};
-static const EC_CURVE_DATA _EC_SECG_PRIME_160R2 = {
-	NID_X9_62_prime_field,
-	"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFAC73",
-	"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFAC70",
-	"B4E134D3FB59EB8BAB57274904664D5AF50388BA",
-	"52DCB034293A117E1F4FF11B30F7199D3144CE6D",
-	"feaffef2e331f296e071fa0df9982cfea7d43f2e",
-	"0100000000000000000000351EE786A818F3A1A16B",1,
-	_EC_SECG_PRIME_160R2_SEED, 20,
-	"SECG/WTLS curve over a 160 bit prime field"
+static const struct { EC_CURVE_DATA h; unsigned char data[20+21*6]; }
+	_EC_SECG_PRIME_160R2 = {
+	{ NID_X9_62_prime_field,20,21,1 },
+	{ 0xB9,0x9B,0x99,0xB0,0x99,0xB3,0x23,0xE0,0x27,0x09,	/* seed */
+	  0xA4,0xD6,0x96,0xE6,0x76,0x87,0x56,0x15,0x17,0x51,
+
+	  0x00,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,	/* p */
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFE,0xFF,0xFF,0xAC,
+	  0x73,
+	  0x00,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,	/* a */
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFE,0xFF,0xFF,0xAC,
+	  0x70,
+	  0x00,0xB4,0xE1,0x34,0xD3,0xFB,0x59,0xEB,0x8B,0xAB,	/* b */
+	  0x57,0x27,0x49,0x04,0x66,0x4D,0x5A,0xF5,0x03,0x88,
+	  0xBA,
+	  0x00,0x52,0xDC,0xB0,0x34,0x29,0x3A,0x11,0x7E,0x1F,	/* x */
+	  0x4F,0xF1,0x1B,0x30,0xF7,0x19,0x9D,0x31,0x44,0xCE,
+	  0x6D,
+	  0x00,0xfe,0xaf,0xfe,0xf2,0xe3,0x31,0xf2,0x96,0xe0,	/* y */
+	  0x71,0xfa,0x0d,0xf9,0x98,0x2c,0xfe,0xa7,0xd4,0x3f,
+	  0x2e,
+	  0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* order */
+	  0x00,0x35,0x1E,0xE7,0x86,0xA8,0x18,0xF3,0xA1,0xA1,
+	  0x6B }
 	};
 
-static const EC_CURVE_DATA _EC_SECG_PRIME_192K1 = {
-	NID_X9_62_prime_field,
-	"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFEE37",
-	"0",
-	"3",
-	"DB4FF10EC057E9AE26B07D0280B7F4341DA5D1B1EAE06C7D",
-	"9b2f2f6d9c5628a7844163d015be86344082aa88d95e2f9d",
-	"FFFFFFFFFFFFFFFFFFFFFFFE26F2FC170F69466A74DEFD8D",1,
-	NULL, 20,
-	"SECG curve over a 192 bit prime field"
+static const struct { EC_CURVE_DATA h; unsigned char data[0+24*6]; }
+	_EC_SECG_PRIME_192K1 = {
+	{ NID_X9_62_prime_field,0,24,1 },
+	{							/* no seed */
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,	/* p */
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFE,
+	  0xFF,0xFF,0xEE,0x37,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* a */
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* b */
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x03,
+	  0xDB,0x4F,0xF1,0x0E,0xC0,0x57,0xE9,0xAE,0x26,0xB0,	/* x */
+	  0x7D,0x02,0x80,0xB7,0xF4,0x34,0x1D,0xA5,0xD1,0xB1,
+	  0xEA,0xE0,0x6C,0x7D,
+	  0x9b,0x2f,0x2f,0x6d,0x9c,0x56,0x28,0xa7,0x84,0x41,	/* y */
+	  0x63,0xd0,0x15,0xbe,0x86,0x34,0x40,0x82,0xaa,0x88,
+	  0xd9,0x5e,0x2f,0x9d,
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,	/* order */
+	  0xFF,0xFE,0x26,0xF2,0xFC,0x17,0x0F,0x69,0x46,0x6A,
+	  0x74,0xDE,0xFD,0x8D }
 	};
 
-static const EC_CURVE_DATA _EC_SECG_PRIME_224K1 = {
-	NID_X9_62_prime_field,
-	"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFE56D",
-	"0",
-	"5",
-	"A1455B334DF099DF30FC28A169A467E9E47075A90F7E650EB6B7A45C",
-	"7e089fed7fba344282cafbd6f7e319f7c0b0bd59e2ca4bdb556d61a5",
-	"010000000000000000000000000001DCE8D2EC6184CAF0A971769FB1F7",1,
-	NULL, 20,
-	"SECG curve over a 224 bit prime field"
+static const struct { EC_CURVE_DATA h; unsigned char data[0+29*6]; }
+	_EC_SECG_PRIME_224K1 = {
+	{ NID_X9_62_prime_field,0,29,1 },
+	{							/* no seed */
+	  0x00,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,	/* p */
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
+	  0xFF,0xFF,0xFF,0xFF,0xFE,0xFF,0xFF,0xE5,0x6D,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* a */
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* b */
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x05,
+	  0x00,0xA1,0x45,0x5B,0x33,0x4D,0xF0,0x99,0xDF,0x30,	/* x */
+	  0xFC,0x28,0xA1,0x69,0xA4,0x67,0xE9,0xE4,0x70,0x75,
+	  0xA9,0x0F,0x7E,0x65,0x0E,0xB6,0xB7,0xA4,0x5C,
+	  0x00,0x7e,0x08,0x9f,0xed,0x7f,0xba,0x34,0x42,0x82,	/* y */
+	  0xca,0xfb,0xd6,0xf7,0xe3,0x19,0xf7,0xc0,0xb0,0xbd,
+	  0x59,0xe2,0xca,0x4b,0xdb,0x55,0x6d,0x61,0xa5,
+	  0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* order */
+	  0x00,0x00,0x00,0x00,0x01,0xDC,0xE8,0xD2,0xEC,0x61,
+	  0x84,0xCA,0xF0,0xA9,0x71,0x76,0x9F,0xB1,0xF7 }
 	};
 
-static const EC_CURVE_DATA _EC_SECG_PRIME_256K1 = {
-	NID_X9_62_prime_field,
-	"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F",
-	"0",
-	"7",
-	"79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798",
-	"483ada7726a3c4655da4fbfc0e1108a8fd17b448a68554199c47d08ffb10d4b8",
-	"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141",1,
-	NULL, 20,
-	"SECG curve over a 256 bit prime field"
+static const struct { EC_CURVE_DATA h; unsigned char data[0+32*6]; }
+	_EC_SECG_PRIME_256K1 = {
+	{ NID_X9_62_prime_field,0,32,1 },
+	{							/* no seed */
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,	/* p */
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFE,0xFF,0xFF,
+	  0xFC,0x2F,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* a */
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* b */
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x07,
+	  0x79,0xBE,0x66,0x7E,0xF9,0xDC,0xBB,0xAC,0x55,0xA0,	/* x */
+	  0x62,0x95,0xCE,0x87,0x0B,0x07,0x02,0x9B,0xFC,0xDB,
+	  0x2D,0xCE,0x28,0xD9,0x59,0xF2,0x81,0x5B,0x16,0xF8,
+	  0x17,0x98,
+	  0x48,0x3a,0xda,0x77,0x26,0xa3,0xc4,0x65,0x5d,0xa4,	/* y */
+	  0xfb,0xfc,0x0e,0x11,0x08,0xa8,0xfd,0x17,0xb4,0x48,
+	  0xa6,0x85,0x54,0x19,0x9c,0x47,0xd0,0x8f,0xfb,0x10,
+	  0xd4,0xb8,
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,	/* order */
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFE,0xBA,0xAE,0xDC,0xE6,
+	  0xAF,0x48,0xA0,0x3B,0xBF,0xD2,0x5E,0x8C,0xD0,0x36,
+	  0x41,0x41 }
 	};
 
 /* some wap/wtls curves */
-static const EC_CURVE_DATA _EC_WTLS_8 = {
-	NID_X9_62_prime_field,
-	"FFFFFFFFFFFFFFFFFFFFFFFFFDE7",
-	"0",
-	"3",
-	"1",
-	"2",
-	"0100000000000001ECEA551AD837E9",1,
-	NULL, 20,
-	"WTLS curve over a 112 bit prime field"
+static const struct { EC_CURVE_DATA h; unsigned char data[0+15*6]; }
+	_EC_WTLS_8 = {
+	{ NID_X9_62_prime_field,0,15,1 },
+	{							/* no seed */
+	  0x00,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,	/* p */
+	  0xFF,0xFF,0xFF,0xFD,0xE7,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* a */
+	  0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* b */
+	  0x00,0x00,0x00,0x00,0x03,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* x */
+	  0x00,0x00,0x00,0x00,0x01,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* y */
+	  0x00,0x00,0x00,0x00,0x02,
+	  0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x01,0xEC,0xEA,	/* order */
+	  0x55,0x1A,0xD8,0x37,0xE9 }
 	};
 
-static const EC_CURVE_DATA _EC_WTLS_9 = {
-	NID_X9_62_prime_field,
-	"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC808F",
-	"0",
-	"3",
-	"1",
-	"2",
-	"0100000000000000000001CDC98AE0E2DE574ABF33",1,
-	NULL, 20,
-	"WTLS curve over a 160 bit prime field"
+static const struct { EC_CURVE_DATA h; unsigned char data[0+21*6]; }
+	_EC_WTLS_9 = {
+	{ NID_X9_62_prime_field,0,21,1 },
+	{							/* no seed */
+	  0x00,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,	/* p */
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFC,0x80,
+	  0x8F,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* a */
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* b */
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x03,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* x */
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x01,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* y */
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x02,
+	  0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* order */
+	  0x01,0xCD,0xC9,0x8A,0xE0,0xE2,0xDE,0x57,0x4A,0xBF,
+	  0x33 }
 	};
 
-static const EC_CURVE_DATA _EC_WTLS_12 = {
-	NID_X9_62_prime_field,
-	"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001",
-	"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFE",
-	"B4050A850C04B3ABF54132565044B0B7D7BFD8BA270B39432355FFB4",
-	"B70E0CBD6BB4BF7F321390B94A03C1D356C21122343280D6115C1D21",
-	"bd376388b5f723fb4c22dfe6cd4375a05a07476444d5819985007e34",
-	"FFFFFFFFFFFFFFFFFFFFFFFFFFFF16A2E0B8F03E13DD29455C5C2A3D", 1,
-	NULL, 0,
-	"WTLS curvs over a 224 bit prime field"
+static const struct { EC_CURVE_DATA h; unsigned char data[0+28*6]; }
+	_EC_WTLS_12 = {
+	{ NID_X9_62_prime_field,0,28,1 },
+	{							/* no seed */
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,	/* p */
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,	/* a */
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFE,0xFF,0xFF,0xFF,0xFF,
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFE,
+	  0xB4,0x05,0x0A,0x85,0x0C,0x04,0xB3,0xAB,0xF5,0x41,	/* b */
+	  0x32,0x56,0x50,0x44,0xB0,0xB7,0xD7,0xBF,0xD8,0xBA,
+	  0x27,0x0B,0x39,0x43,0x23,0x55,0xFF,0xB4,
+	  0xB7,0x0E,0x0C,0xBD,0x6B,0xB4,0xBF,0x7F,0x32,0x13,	/* x */
+	  0x90,0xB9,0x4A,0x03,0xC1,0xD3,0x56,0xC2,0x11,0x22,
+	  0x34,0x32,0x80,0xD6,0x11,0x5C,0x1D,0x21,
+	  0xbd,0x37,0x63,0x88,0xb5,0xf7,0x23,0xfb,0x4c,0x22,	/* y */
+	  0xdf,0xe6,0xcd,0x43,0x75,0xa0,0x5a,0x07,0x47,0x64,
+	  0x44,0xd5,0x81,0x99,0x85,0x00,0x7e,0x34,
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,	/* order */
+	  0xFF,0xFF,0xFF,0xFF,0x16,0xA2,0xE0,0xB8,0xF0,0x3E,
+	  0x13,0xDD,0x29,0x45,0x5C,0x5C,0x2A,0x3D }
 	};
 
 /* characteristic two curves */
-static const unsigned char _EC_SECG_CHAR2_113R1_SEED[] = {
-	0x10,0xE7,0x23,0xAB,0x14,0xD6,0x96,0xE6,0x76,0x87,
-	0x56,0x15,0x17,0x56,0xFE,0xBF,0x8F,0xCB,0x49,0xA9};
-static const EC_CURVE_DATA _EC_SECG_CHAR2_113R1 = {
-	NID_X9_62_characteristic_two_field,
-	"020000000000000000000000000201",
-	"003088250CA6E7C7FE649CE85820F7",
-	"00E8BEE4D3E2260744188BE0E9C723",
-	"009D73616F35F4AB1407D73562C10F",
-	"00A52830277958EE84D1315ED31886",
-	"0100000000000000D9CCEC8A39E56F", 2,
-	_EC_SECG_CHAR2_113R1_SEED, 20,
-	"SECG curve over a 113 bit binary field"
+static const struct { EC_CURVE_DATA h; unsigned char data[20+15*6]; }
+	_EC_SECG_CHAR2_113R1 = {
+	{ NID_X9_62_characteristic_two_field,20,15,2 },
+	{ 0x10,0xE7,0x23,0xAB,0x14,0xD6,0x96,0xE6,0x76,0x87,	/* seed */
+	  0x56,0x15,0x17,0x56,0xFE,0xBF,0x8F,0xCB,0x49,0xA9,
+
+	  0x02,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* p */
+	  0x00,0x00,0x00,0x02,0x01,
+	  0x00,0x30,0x88,0x25,0x0C,0xA6,0xE7,0xC7,0xFE,0x64,	/* a */
+	  0x9C,0xE8,0x58,0x20,0xF7,
+	  0x00,0xE8,0xBE,0xE4,0xD3,0xE2,0x26,0x07,0x44,0x18,	/* b */
+	  0x8B,0xE0,0xE9,0xC7,0x23,
+	  0x00,0x9D,0x73,0x61,0x6F,0x35,0xF4,0xAB,0x14,0x07,	/* x */
+	  0xD7,0x35,0x62,0xC1,0x0F,
+	  0x00,0xA5,0x28,0x30,0x27,0x79,0x58,0xEE,0x84,0xD1,	/* y */
+	  0x31,0x5E,0xD3,0x18,0x86,
+	  0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xD9,0xCC,	/* order */
+	  0xEC,0x8A,0x39,0xE5,0x6F }
 	};
 
-static const unsigned char _EC_SECG_CHAR2_113R2_SEED[] = {
-	0x10,0xC0,0xFB,0x15,0x76,0x08,0x60,0xDE,0xF1,0xEE,
-	0xF4,0xD6,0x96,0xE6,0x76,0x87,0x56,0x15,0x17,0x5D};
-static const EC_CURVE_DATA _EC_SECG_CHAR2_113R2 = {
-	NID_X9_62_characteristic_two_field,
-	"020000000000000000000000000201",
-	"00689918DBEC7E5A0DD6DFC0AA55C7",
-	"0095E9A9EC9B297BD4BF36E059184F",
-	"01A57A6A7B26CA5EF52FCDB8164797",
-	"00B3ADC94ED1FE674C06E695BABA1D",
-	"010000000000000108789B2496AF93", 2,
-	_EC_SECG_CHAR2_113R2_SEED, 20,
-	"SECG curve over a 113 bit binary field"
+static const struct { EC_CURVE_DATA h; unsigned char data[20+15*6]; }
+	_EC_SECG_CHAR2_113R2 = {
+	{ NID_X9_62_characteristic_two_field,20,15,2 },
+	{ 0x10,0xC0,0xFB,0x15,0x76,0x08,0x60,0xDE,0xF1,0xEE,	/* seed */
+	  0xF4,0xD6,0x96,0xE6,0x76,0x87,0x56,0x15,0x17,0x5D,
+
+	  0x02,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* p */
+	  0x00,0x00,0x00,0x02,0x01,
+	  0x00,0x68,0x99,0x18,0xDB,0xEC,0x7E,0x5A,0x0D,0xD6,	/* a */
+	  0xDF,0xC0,0xAA,0x55,0xC7,
+	  0x00,0x95,0xE9,0xA9,0xEC,0x9B,0x29,0x7B,0xD4,0xBF,	/* b */
+	  0x36,0xE0,0x59,0x18,0x4F,
+	  0x01,0xA5,0x7A,0x6A,0x7B,0x26,0xCA,0x5E,0xF5,0x2F,	/* x */
+	  0xCD,0xB8,0x16,0x47,0x97,
+	  0x00,0xB3,0xAD,0xC9,0x4E,0xD1,0xFE,0x67,0x4C,0x06,	/* y */
+	  0xE6,0x95,0xBA,0xBA,0x1D,
+	  0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x01,0x08,0x78,	/* order */
+	  0x9B,0x24,0x96,0xAF,0x93 }
 	};
 
-static const unsigned char _EC_SECG_CHAR2_131R1_SEED[] = {
-	0x4D,0x69,0x6E,0x67,0x68,0x75,0x61,0x51,0x75,0x98,
-	0x5B,0xD3,0xAD,0xBA,0xDA,0x21,0xB4,0x3A,0x97,0xE2};
-static const EC_CURVE_DATA _EC_SECG_CHAR2_131R1 = {
-	NID_X9_62_characteristic_two_field,
-	"080000000000000000000000000000010D",
-	"07A11B09A76B562144418FF3FF8C2570B8",
-	"0217C05610884B63B9C6C7291678F9D341",
-	"0081BAF91FDF9833C40F9C181343638399",
-	"078C6E7EA38C001F73C8134B1B4EF9E150",
-	"0400000000000000023123953A9464B54D", 2,
-	_EC_SECG_CHAR2_131R1_SEED, 20,
-	"SECG/WTLS curve over a 131 bit binary field"
+static const struct { EC_CURVE_DATA h; unsigned char data[20+17*6]; }
+	_EC_SECG_CHAR2_131R1 = {
+	{ NID_X9_62_characteristic_two_field,20,17,2 },
+	{ 0x4D,0x69,0x6E,0x67,0x68,0x75,0x61,0x51,0x75,0x98,	/* seed */
+	  0x5B,0xD3,0xAD,0xBA,0xDA,0x21,0xB4,0x3A,0x97,0xE2,
+
+	  0x08,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* p */
+	  0x00,0x00,0x00,0x00,0x00,0x01,0x0D,
+	  0x07,0xA1,0x1B,0x09,0xA7,0x6B,0x56,0x21,0x44,0x41,	/* a */
+	  0x8F,0xF3,0xFF,0x8C,0x25,0x70,0xB8,
+	  0x02,0x17,0xC0,0x56,0x10,0x88,0x4B,0x63,0xB9,0xC6,	/* b */
+	  0xC7,0x29,0x16,0x78,0xF9,0xD3,0x41,
+	  0x00,0x81,0xBA,0xF9,0x1F,0xDF,0x98,0x33,0xC4,0x0F,	/* x */
+	  0x9C,0x18,0x13,0x43,0x63,0x83,0x99,
+	  0x07,0x8C,0x6E,0x7E,0xA3,0x8C,0x00,0x1F,0x73,0xC8,	/* y */
+	  0x13,0x4B,0x1B,0x4E,0xF9,0xE1,0x50,
+	  0x04,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x02,0x31,	/* order */
+	  0x23,0x95,0x3A,0x94,0x64,0xB5,0x4D }
 	};
 
-static const unsigned char _EC_SECG_CHAR2_131R2_SEED[] = {
-	0x98,0x5B,0xD3,0xAD,0xBA,0xD4,0xD6,0x96,0xE6,0x76,
-	0x87,0x56,0x15,0x17,0x5A,0x21,0xB4,0x3A,0x97,0xE3};
-static const EC_CURVE_DATA _EC_SECG_CHAR2_131R2 = {
-	NID_X9_62_characteristic_two_field,
-	"080000000000000000000000000000010D",
-	"03E5A88919D7CAFCBF415F07C2176573B2",
-	"04B8266A46C55657AC734CE38F018F2192",
-	"0356DCD8F2F95031AD652D23951BB366A8",
-	"0648F06D867940A5366D9E265DE9EB240F",
-	"0400000000000000016954A233049BA98F", 2,
-	_EC_SECG_CHAR2_131R2_SEED, 20,
-	"SECG curve over a 131 bit binary field"
+static const struct { EC_CURVE_DATA h; unsigned char data[20+17*6]; }
+	_EC_SECG_CHAR2_131R2 = {
+	{ NID_X9_62_characteristic_two_field,20,17,2 },
+	{ 0x98,0x5B,0xD3,0xAD,0xBA,0xD4,0xD6,0x96,0xE6,0x76,	/* seed */
+	  0x87,0x56,0x15,0x17,0x5A,0x21,0xB4,0x3A,0x97,0xE3,
+
+	  0x08,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* p */
+	  0x00,0x00,0x00,0x00,0x00,0x01,0x0D,
+	  0x03,0xE5,0xA8,0x89,0x19,0xD7,0xCA,0xFC,0xBF,0x41,	/* a */
+	  0x5F,0x07,0xC2,0x17,0x65,0x73,0xB2,
+	  0x04,0xB8,0x26,0x6A,0x46,0xC5,0x56,0x57,0xAC,0x73,	/* b */
+	  0x4C,0xE3,0x8F,0x01,0x8F,0x21,0x92,
+	  0x03,0x56,0xDC,0xD8,0xF2,0xF9,0x50,0x31,0xAD,0x65,	/* x */
+	  0x2D,0x23,0x95,0x1B,0xB3,0x66,0xA8,
+	  0x06,0x48,0xF0,0x6D,0x86,0x79,0x40,0xA5,0x36,0x6D,	/* y */
+	  0x9E,0x26,0x5D,0xE9,0xEB,0x24,0x0F,
+	  0x04,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,0x69,	/* order */
+	  0x54,0xA2,0x33,0x04,0x9B,0xA9,0x8F }
 	};
 
-static const EC_CURVE_DATA _EC_NIST_CHAR2_163K = {
-	NID_X9_62_characteristic_two_field,
-	"0800000000000000000000000000000000000000C9",
-	"1",
-	"1",
-	"02FE13C0537BBC11ACAA07D793DE4E6D5E5C94EEE8",
-	"0289070FB05D38FF58321F2E800536D538CCDAA3D9",
-	"04000000000000000000020108A2E0CC0D99F8A5EF", 2,
-	NULL, 0,
-	"NIST/SECG/WTLS curve over a 163 bit binary field"
+static const struct { EC_CURVE_DATA h; unsigned char data[0+21*6]; }
+	_EC_NIST_CHAR2_163K = {
+	{ NID_X9_62_characteristic_two_field,0,21,2 },
+	{							/* no seed */
+	  0x08,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* p */
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0xC9,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* a */
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x01,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* b */
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x01,
+	  0x02,0xFE,0x13,0xC0,0x53,0x7B,0xBC,0x11,0xAC,0xAA,	/* x */
+	  0x07,0xD7,0x93,0xDE,0x4E,0x6D,0x5E,0x5C,0x94,0xEE,
+	  0xE8,
+	  0x02,0x89,0x07,0x0F,0xB0,0x5D,0x38,0xFF,0x58,0x32,	/* y */
+	  0x1F,0x2E,0x80,0x05,0x36,0xD5,0x38,0xCC,0xDA,0xA3,
+	  0xD9,
+	  0x04,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* order */
+	  0x02,0x01,0x08,0xA2,0xE0,0xCC,0x0D,0x99,0xF8,0xA5,
+	  0xEF }
 	};
 
-static const unsigned char _EC_SECG_CHAR2_163R1_SEED[] = {
-	0x24,0xB7,0xB1,0x37,0xC8,0xA1,0x4D,0x69,0x6E,0x67,
-	0x68,0x75,0x61,0x51,0x75,0x6F,0xD0,0xDA,0x2E,0x5C};
-static const EC_CURVE_DATA _EC_SECG_CHAR2_163R1 = {
-	NID_X9_62_characteristic_two_field,
-	"0800000000000000000000000000000000000000C9",
-	"07B6882CAAEFA84F9554FF8428BD88E246D2782AE2",
-	"0713612DCDDCB40AAB946BDA29CA91F73AF958AFD9",
-	"0369979697AB43897789566789567F787A7876A654",
-	"00435EDB42EFAFB2989D51FEFCE3C80988F41FF883",
-	"03FFFFFFFFFFFFFFFFFFFF48AAB689C29CA710279B", 2,
+static const struct { EC_CURVE_DATA h; unsigned char data[0+21*6]; }
+	_EC_SECG_CHAR2_163R1 = {
+	{ NID_X9_62_characteristic_two_field,0,21,2 },
+	{							/* no seed */
+#if 0
 /* The algorithm used to derive the curve parameters from
  * the seed used here is slightly different than the
- * algorithm described in X9.62 .
- */
-#if 0
-	_EC_SECG_CHAR2_163R1_SEED, 20,
-#else
-	NULL, 0,
+ * algorithm described in X9.62 . */
+	  0x24,0xB7,0xB1,0x37,0xC8,0xA1,0x4D,0x69,0x6E,0x67,
+	  0x68,0x75,0x61,0x51,0x75,0x6F,0xD0,0xDA,0x2E,0x5C,
 #endif
-	"SECG curve over a 163 bit binary field"
+	  0x08,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* p */
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0xC9,
+	  0x07,0xB6,0x88,0x2C,0xAA,0xEF,0xA8,0x4F,0x95,0x54,	/* a */
+	  0xFF,0x84,0x28,0xBD,0x88,0xE2,0x46,0xD2,0x78,0x2A,
+	  0xE2,
+	  0x07,0x13,0x61,0x2D,0xCD,0xDC,0xB4,0x0A,0xAB,0x94,	/* b */
+	  0x6B,0xDA,0x29,0xCA,0x91,0xF7,0x3A,0xF9,0x58,0xAF,
+	  0xD9,
+	  0x03,0x69,0x97,0x96,0x97,0xAB,0x43,0x89,0x77,0x89,	/* x */
+	  0x56,0x67,0x89,0x56,0x7F,0x78,0x7A,0x78,0x76,0xA6,
+	  0x54,
+	  0x00,0x43,0x5E,0xDB,0x42,0xEF,0xAF,0xB2,0x98,0x9D,	/* y */
+	  0x51,0xFE,0xFC,0xE3,0xC8,0x09,0x88,0xF4,0x1F,0xF8,
+	  0x83,
+	  0x03,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,	/* order */
+	  0xFF,0x48,0xAA,0xB6,0x89,0xC2,0x9C,0xA7,0x10,0x27,
+	  0x9B }
 	};
 
-static const unsigned char _EC_NIST_CHAR2_163B_SEED[] = {
-	0x85,0xE2,0x5B,0xFE,0x5C,0x86,0x22,0x6C,0xDB,0x12,
-	0x01,0x6F,0x75,0x53,0xF9,0xD0,0xE6,0x93,0xA2,0x68};
-static const EC_CURVE_DATA _EC_NIST_CHAR2_163B ={
-	NID_X9_62_characteristic_two_field,
-	"0800000000000000000000000000000000000000C9",
-	"1",
-	"020A601907B8C953CA1481EB10512F78744A3205FD",
-	"03F0EBA16286A2D57EA0991168D4994637E8343E36",
-	"00D51FBC6C71A0094FA2CDD545B11C5C0C797324F1",
-	"040000000000000000000292FE77E70C12A4234C33", 2,
-/* The seed here was used to created the curve parameters in normal
- * basis representation (and not the polynomial representation used here) 
- */
+static const struct { EC_CURVE_DATA h; unsigned char data[0+21*6]; }
+	_EC_NIST_CHAR2_163B = {
+	{ NID_X9_62_characteristic_two_field,0,21,2 },
+	{							/* no seed */
 #if 0
-	_EC_NIST_CHAR2_163B_SEED, 20,
-#else
-	NULL, 0,
+/* The seed here was used to created the curve parameters in normal
+ * basis representation (and not the polynomial representation used here) */
+	  0x85,0xE2,0x5B,0xFE,0x5C,0x86,0x22,0x6C,0xDB,0x12,
+	  0x01,0x6F,0x75,0x53,0xF9,0xD0,0xE6,0x93,0xA2,0x68,
 #endif
-	"NIST/SECG curve over a 163 bit binary field"
+	  0x08,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* p */
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0xC9,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* a */
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x01,
+	  0x02,0x0A,0x60,0x19,0x07,0xB8,0xC9,0x53,0xCA,0x14,	/* b */
+	  0x81,0xEB,0x10,0x51,0x2F,0x78,0x74,0x4A,0x32,0x05,
+	  0xFD,
+	  0x03,0xF0,0xEB,0xA1,0x62,0x86,0xA2,0xD5,0x7E,0xA0,	/* x */
+	  0x99,0x11,0x68,0xD4,0x99,0x46,0x37,0xE8,0x34,0x3E,
+	  0x36,
+	  0x00,0xD5,0x1F,0xBC,0x6C,0x71,0xA0,0x09,0x4F,0xA2,	/* y */
+	  0xCD,0xD5,0x45,0xB1,0x1C,0x5C,0x0C,0x79,0x73,0x24,
+	  0xF1,
+	  0x04,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* order */
+	  0x02,0x92,0xFE,0x77,0xE7,0x0C,0x12,0xA4,0x23,0x4C,
+	  0x33 }
 	};
 
-static const unsigned char _EC_SECG_CHAR2_193R1_SEED[] = {
-	0x10,0x3F,0xAE,0xC7,0x4D,0x69,0x6E,0x67,0x68,0x75,
-	0x61,0x51,0x75,0x77,0x7F,0xC5,0xB1,0x91,0xEF,0x30};
-static const EC_CURVE_DATA _EC_SECG_CHAR2_193R1 = {
-	NID_X9_62_characteristic_two_field,
-	"02000000000000000000000000000000000000000000008001",
-	"0017858FEB7A98975169E171F77B4087DE098AC8A911DF7B01",
-	"00FDFB49BFE6C3A89FACADAA7A1E5BBC7CC1C2E5D831478814",
-	"01F481BC5F0FF84A74AD6CDF6FDEF4BF6179625372D8C0C5E1",
-	"0025E399F2903712CCF3EA9E3A1AD17FB0B3201B6AF7CE1B05",
-	"01000000000000000000000000C7F34A778F443ACC920EBA49", 2,
-	_EC_SECG_CHAR2_193R1_SEED, 20,
-	"SECG curve over a 193 bit binary field"
+static const struct { EC_CURVE_DATA h; unsigned char data[20+25*6]; }
+	_EC_SECG_CHAR2_193R1 = {
+	{ NID_X9_62_characteristic_two_field,20,25,2 },
+	{ 0x10,0x3F,0xAE,0xC7,0x4D,0x69,0x6E,0x67,0x68,0x75,	/* seed */
+	  0x61,0x51,0x75,0x77,0x7F,0xC5,0xB1,0x91,0xEF,0x30,
+
+	  0x02,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* p */
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x80,0x01,
+	  0x00,0x17,0x85,0x8F,0xEB,0x7A,0x98,0x97,0x51,0x69,	/* a */
+	  0xE1,0x71,0xF7,0x7B,0x40,0x87,0xDE,0x09,0x8A,0xC8,
+	  0xA9,0x11,0xDF,0x7B,0x01,
+	  0x00,0xFD,0xFB,0x49,0xBF,0xE6,0xC3,0xA8,0x9F,0xAC,	/* b */
+	  0xAD,0xAA,0x7A,0x1E,0x5B,0xBC,0x7C,0xC1,0xC2,0xE5,
+	  0xD8,0x31,0x47,0x88,0x14,
+	  0x01,0xF4,0x81,0xBC,0x5F,0x0F,0xF8,0x4A,0x74,0xAD,	/* x */
+	  0x6C,0xDF,0x6F,0xDE,0xF4,0xBF,0x61,0x79,0x62,0x53,
+	  0x72,0xD8,0xC0,0xC5,0xE1,
+	  0x00,0x25,0xE3,0x99,0xF2,0x90,0x37,0x12,0xCC,0xF3,	/* y */
+	  0xEA,0x9E,0x3A,0x1A,0xD1,0x7F,0xB0,0xB3,0x20,0x1B,
+	  0x6A,0xF7,0xCE,0x1B,0x05,
+	  0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* order */
+	  0x00,0x00,0x00,0xC7,0xF3,0x4A,0x77,0x8F,0x44,0x3A,
+	  0xCC,0x92,0x0E,0xBA,0x49 }
 	};
 
-static const unsigned char _EC_SECG_CHAR2_193R2_SEED[] = {
-	0x10,0xB7,0xB4,0xD6,0x96,0xE6,0x76,0x87,0x56,0x15,
-	0x17,0x51,0x37,0xC8,0xA1,0x6F,0xD0,0xDA,0x22,0x11};
-static const EC_CURVE_DATA _EC_SECG_CHAR2_193R2 = {
-	NID_X9_62_characteristic_two_field,
-	"02000000000000000000000000000000000000000000008001",
-	"0163F35A5137C2CE3EA6ED8667190B0BC43ECD69977702709B",
-	"00C9BB9E8927D4D64C377E2AB2856A5B16E3EFB7F61D4316AE",
-	"00D9B67D192E0367C803F39E1A7E82CA14A651350AAE617E8F",
-	"01CE94335607C304AC29E7DEFBD9CA01F596F927224CDECF6C",
-	"010000000000000000000000015AAB561B005413CCD4EE99D5", 2,
-	_EC_SECG_CHAR2_193R2_SEED, 20,
-	"SECG curve over a 193 bit binary field"
+static const struct { EC_CURVE_DATA h; unsigned char data[20+25*6]; }
+	_EC_SECG_CHAR2_193R2 = {
+	{ NID_X9_62_characteristic_two_field,20,25,2 },
+	{ 0x10,0xB7,0xB4,0xD6,0x96,0xE6,0x76,0x87,0x56,0x15,	/* seed */
+	  0x17,0x51,0x37,0xC8,0xA1,0x6F,0xD0,0xDA,0x22,0x11,
+
+	  0x02,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* p */
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x80,0x01,
+	  0x01,0x63,0xF3,0x5A,0x51,0x37,0xC2,0xCE,0x3E,0xA6,	/* a */
+	  0xED,0x86,0x67,0x19,0x0B,0x0B,0xC4,0x3E,0xCD,0x69,
+	  0x97,0x77,0x02,0x70,0x9B,
+	  0x00,0xC9,0xBB,0x9E,0x89,0x27,0xD4,0xD6,0x4C,0x37,	/* b */
+	  0x7E,0x2A,0xB2,0x85,0x6A,0x5B,0x16,0xE3,0xEF,0xB7,
+	  0xF6,0x1D,0x43,0x16,0xAE,
+	  0x00,0xD9,0xB6,0x7D,0x19,0x2E,0x03,0x67,0xC8,0x03,	/* x */
+	  0xF3,0x9E,0x1A,0x7E,0x82,0xCA,0x14,0xA6,0x51,0x35,
+	  0x0A,0xAE,0x61,0x7E,0x8F,
+	  0x01,0xCE,0x94,0x33,0x56,0x07,0xC3,0x04,0xAC,0x29,	/* y */
+	  0xE7,0xDE,0xFB,0xD9,0xCA,0x01,0xF5,0x96,0xF9,0x27,
+	  0x22,0x4C,0xDE,0xCF,0x6C,
+	  0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* order */
+	  0x00,0x00,0x01,0x5A,0xAB,0x56,0x1B,0x00,0x54,0x13,
+	  0xCC,0xD4,0xEE,0x99,0xD5 }
 	};
 
-static const EC_CURVE_DATA _EC_NIST_CHAR2_233K = {
-	NID_X9_62_characteristic_two_field,
-	"020000000000000000000000000000000000000004000000000000000001",
-	"0",
-	"1",
-	"017232BA853A7E731AF129F22FF4149563A419C26BF50A4C9D6EEFAD6126",
-	"01DB537DECE819B7F70F555A67C427A8CD9BF18AEB9B56E0C11056FAE6A3",
-	"008000000000000000000000000000069D5BB915BCD46EFB1AD5F173ABDF", 4,
-	NULL, 0,
-	"NIST/SECG/WTLS curve over a 233 bit binary field"
+static const struct { EC_CURVE_DATA h; unsigned char data[0+30*6]; }
+	_EC_NIST_CHAR2_233K = {
+	{ NID_X9_62_characteristic_two_field,0,30,4 },
+	{							/* no seed */
+	  0x02,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x04,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,
+
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* a */
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* b */
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,
+
+	  0x01,0x72,0x32,0xBA,0x85,0x3A,0x7E,0x73,0x1A,0xF1,	/* x */
+	  0x29,0xF2,0x2F,0xF4,0x14,0x95,0x63,0xA4,0x19,0xC2,
+	  0x6B,0xF5,0x0A,0x4C,0x9D,0x6E,0xEF,0xAD,0x61,0x26,
+
+	  0x01,0xDB,0x53,0x7D,0xEC,0xE8,0x19,0xB7,0xF7,0x0F,	/* y */
+	  0x55,0x5A,0x67,0xC4,0x27,0xA8,0xCD,0x9B,0xF1,0x8A,
+	  0xEB,0x9B,0x56,0xE0,0xC1,0x10,0x56,0xFA,0xE6,0xA3,
+
+	  0x00,0x80,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* order */
+	  0x00,0x00,0x00,0x00,0x00,0x06,0x9D,0x5B,0xB9,0x15,
+	  0xBC,0xD4,0x6E,0xFB,0x1A,0xD5,0xF1,0x73,0xAB,0xDF }
 	};
 
-static const unsigned char _EC_NIST_CHAR2_233B_SEED[] = {
-	0x74,0xD5,0x9F,0xF0,0x7F,0x6B,0x41,0x3D,0x0E,0xA1,
-	0x4B,0x34,0x4B,0x20,0xA2,0xDB,0x04,0x9B,0x50,0xC3};
-static const EC_CURVE_DATA _EC_NIST_CHAR2_233B = {
-	NID_X9_62_characteristic_two_field,
-	"020000000000000000000000000000000000000004000000000000000001",
-	"000000000000000000000000000000000000000000000000000000000001",
-	"0066647EDE6C332C7F8C0923BB58213B333B20E9CE4281FE115F7D8F90AD",
-	"00FAC9DFCBAC8313BB2139F1BB755FEF65BC391F8B36F8F8EB7371FD558B",
-	"01006A08A41903350678E58528BEBF8A0BEFF867A7CA36716F7E01F81052",
-	"01000000000000000000000000000013E974E72F8A6922031D2603CFE0D7", 2,
-	_EC_NIST_CHAR2_233B_SEED, 20,
-	"NIST/SECG/WTLS curve over a 233 bit binary field"
+static const struct { EC_CURVE_DATA h; unsigned char data[20+30*6]; }
+	_EC_NIST_CHAR2_233B = {
+	{ NID_X9_62_characteristic_two_field,20,30,2 },
+	{ 0x74,0xD5,0x9F,0xF0,0x7F,0x6B,0x41,0x3D,0x0E,0xA1,	/* seed */
+	  0x4B,0x34,0x4B,0x20,0xA2,0xDB,0x04,0x9B,0x50,0xC3,
+
+	  0x02,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* p */
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x04,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,
+
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* a */
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,
+
+	  0x00,0x66,0x64,0x7E,0xDE,0x6C,0x33,0x2C,0x7F,0x8C,	/* b */
+	  0x09,0x23,0xBB,0x58,0x21,0x3B,0x33,0x3B,0x20,0xE9,
+	  0xCE,0x42,0x81,0xFE,0x11,0x5F,0x7D,0x8F,0x90,0xAD,
+
+	  0x00,0xFA,0xC9,0xDF,0xCB,0xAC,0x83,0x13,0xBB,0x21,	/* x */
+	  0x39,0xF1,0xBB,0x75,0x5F,0xEF,0x65,0xBC,0x39,0x1F,
+	  0x8B,0x36,0xF8,0xF8,0xEB,0x73,0x71,0xFD,0x55,0x8B,
+
+	  0x01,0x00,0x6A,0x08,0xA4,0x19,0x03,0x35,0x06,0x78,	/* y */
+	  0xE5,0x85,0x28,0xBE,0xBF,0x8A,0x0B,0xEF,0xF8,0x67,
+	  0xA7,0xCA,0x36,0x71,0x6F,0x7E,0x01,0xF8,0x10,0x52,
+
+	  0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* order */
+	  0x00,0x00,0x00,0x00,0x00,0x13,0xE9,0x74,0xE7,0x2F,
+	  0x8A,0x69,0x22,0x03,0x1D,0x26,0x03,0xCF,0xE0,0xD7 }
 	};
 
-static const EC_CURVE_DATA _EC_SECG_CHAR2_239K1 = {
-	NID_X9_62_characteristic_two_field,
-	"800000000000000000004000000000000000000000000000000000000001",
-	"0",
-	"1",
-	"29A0B6A887A983E9730988A68727A8B2D126C44CC2CC7B2A6555193035DC",
-	"76310804F12E549BDB011C103089E73510ACB275FC312A5DC6B76553F0CA",
-	"2000000000000000000000000000005A79FEC67CB6E91F1C1DA800E478A5", 4,
-	NULL, 0,
-	"SECG curve over a 239 bit binary field"
+static const struct { EC_CURVE_DATA h; unsigned char data[0+30*6]; }
+	_EC_SECG_CHAR2_239K1 = {
+	{ NID_X9_62_characteristic_two_field,0,30,4 },
+	{							/* no seed */
+	  0x80,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x40,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,
+
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* a */
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* b */
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,
+
+	  0x29,0xA0,0xB6,0xA8,0x87,0xA9,0x83,0xE9,0x73,0x09,	/* x */
+	  0x88,0xA6,0x87,0x27,0xA8,0xB2,0xD1,0x26,0xC4,0x4C,
+	  0xC2,0xCC,0x7B,0x2A,0x65,0x55,0x19,0x30,0x35,0xDC,
+
+	  0x76,0x31,0x08,0x04,0xF1,0x2E,0x54,0x9B,0xDB,0x01,	/* y */
+	  0x1C,0x10,0x30,0x89,0xE7,0x35,0x10,0xAC,0xB2,0x75,
+	  0xFC,0x31,0x2A,0x5D,0xC6,0xB7,0x65,0x53,0xF0,0xCA,
+
+	  0x20,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* order */
+	  0x00,0x00,0x00,0x00,0x00,0x5A,0x79,0xFE,0xC6,0x7C,
+	  0xB6,0xE9,0x1F,0x1C,0x1D,0xA8,0x00,0xE4,0x78,0xA5 }
 	};
 
-static const EC_CURVE_DATA _EC_NIST_CHAR2_283K = {
-	NID_X9_62_characteristic_two_field,
-	"080000000000000000000000000000000000000000000000000000000000000000001"
-	"0A1",
-	"0",
-	"1",
-	"0503213F78CA44883F1A3B8162F188E553CD265F23C1567A16876913B0C2AC2458492"
-	"836",
-	"01CCDA380F1C9E318D90F95D07E5426FE87E45C0E8184698E45962364E34116177DD2"
-	"259",
-	"01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE9AE2ED07577265DFF7F94451E061E163"
-	"C61", 4,
-	NULL, 20,
-	"NIST/SECG curve over a 283 bit binary field"
+static const struct { EC_CURVE_DATA h; unsigned char data[0+36*6]; }
+	_EC_NIST_CHAR2_283K = {
+	{ NID_X9_62_characteristic_two_field,0,36,4 },
+	{							/* no seed */
+	  0x08,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x10,0xA1,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* a */
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* b */
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x01,
+	  0x05,0x03,0x21,0x3F,0x78,0xCA,0x44,0x88,0x3F,0x1A,	/* x */
+	  0x3B,0x81,0x62,0xF1,0x88,0xE5,0x53,0xCD,0x26,0x5F,
+	  0x23,0xC1,0x56,0x7A,0x16,0x87,0x69,0x13,0xB0,0xC2,
+	  0xAC,0x24,0x58,0x49,0x28,0x36,
+	  0x01,0xCC,0xDA,0x38,0x0F,0x1C,0x9E,0x31,0x8D,0x90,	/* y */
+	  0xF9,0x5D,0x07,0xE5,0x42,0x6F,0xE8,0x7E,0x45,0xC0,
+	  0xE8,0x18,0x46,0x98,0xE4,0x59,0x62,0x36,0x4E,0x34,
+	  0x11,0x61,0x77,0xDD,0x22,0x59,
+	  0x01,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,	/* order */
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xE9,0xAE,
+	  0x2E,0xD0,0x75,0x77,0x26,0x5D,0xFF,0x7F,0x94,0x45,
+	  0x1E,0x06,0x1E,0x16,0x3C,0x61 }
 	};
 
-static const unsigned char _EC_NIST_CHAR2_283B_SEED[] = {
-	0x77,0xE2,0xB0,0x73,0x70,0xEB,0x0F,0x83,0x2A,0x6D,
-	0xD5,0xB6,0x2D,0xFC,0x88,0xCD,0x06,0xBB,0x84,0xBE};
-static const EC_CURVE_DATA _EC_NIST_CHAR2_283B = {
-	NID_X9_62_characteristic_two_field,
-	"080000000000000000000000000000000000000000000000000000000000000000001"
-	"0A1",
-	"000000000000000000000000000000000000000000000000000000000000000000000"
-	"001",
-	"027B680AC8B8596DA5A4AF8A19A0303FCA97FD7645309FA2A581485AF6263E313B79A"
-	"2F5",
-	"05F939258DB7DD90E1934F8C70B0DFEC2EED25B8557EAC9C80E2E198F8CDBECD86B12"
-	"053",
-	"03676854FE24141CB98FE6D4B20D02B4516FF702350EDDB0826779C813F0DF45BE811"
-	"2F4",
-	"03FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEF90399660FC938A90165B042A7CEFADB"
-	"307", 2,
-	_EC_NIST_CHAR2_283B_SEED, 20,
-	"NIST/SECG curve over a 283 bit binary field"
+static const struct { EC_CURVE_DATA h; unsigned char data[20+36*6]; }
+	_EC_NIST_CHAR2_283B = {
+	{ NID_X9_62_characteristic_two_field,20,36,2 },
+	{ 0x77,0xE2,0xB0,0x73,0x70,0xEB,0x0F,0x83,0x2A,0x6D,	/* no seed */
+	  0xD5,0xB6,0x2D,0xFC,0x88,0xCD,0x06,0xBB,0x84,0xBE,
+
+	  0x08,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* p */
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x10,0xA1,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* a */
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x01,
+	  0x02,0x7B,0x68,0x0A,0xC8,0xB8,0x59,0x6D,0xA5,0xA4,	/* b */
+	  0xAF,0x8A,0x19,0xA0,0x30,0x3F,0xCA,0x97,0xFD,0x76,
+	  0x45,0x30,0x9F,0xA2,0xA5,0x81,0x48,0x5A,0xF6,0x26,
+	  0x3E,0x31,0x3B,0x79,0xA2,0xF5,
+	  0x05,0xF9,0x39,0x25,0x8D,0xB7,0xDD,0x90,0xE1,0x93,	/* x */
+	  0x4F,0x8C,0x70,0xB0,0xDF,0xEC,0x2E,0xED,0x25,0xB8,
+	  0x55,0x7E,0xAC,0x9C,0x80,0xE2,0xE1,0x98,0xF8,0xCD,
+	  0xBE,0xCD,0x86,0xB1,0x20,0x53,
+	  0x03,0x67,0x68,0x54,0xFE,0x24,0x14,0x1C,0xB9,0x8F,	/* y */
+	  0xE6,0xD4,0xB2,0x0D,0x02,0xB4,0x51,0x6F,0xF7,0x02,
+	  0x35,0x0E,0xDD,0xB0,0x82,0x67,0x79,0xC8,0x13,0xF0,
+	  0xDF,0x45,0xBE,0x81,0x12,0xF4,
+	  0x03,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,	/* order */
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xEF,0x90,
+	  0x39,0x96,0x60,0xFC,0x93,0x8A,0x90,0x16,0x5B,0x04,
+	  0x2A,0x7C,0xEF,0xAD,0xB3,0x07 }
 	};
 
-static const EC_CURVE_DATA _EC_NIST_CHAR2_409K = {
-	NID_X9_62_characteristic_two_field,
-	"020000000000000000000000000000000000000000000000000000000000000000000"
-	"00000000000008000000000000000000001",
-	"0",
-	"1",
-	"0060F05F658F49C1AD3AB1890F7184210EFD0987E307C84C27ACCFB8F9F67CC2C4601"
-	"89EB5AAAA62EE222EB1B35540CFE9023746",
-	"01E369050B7C4E42ACBA1DACBF04299C3460782F918EA427E6325165E9EA10E3DA5F6"
-	"C42E9C55215AA9CA27A5863EC48D8E0286B",
-	"007FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE5F83B2D4EA20400"
-	"EC4557D5ED3E3E7CA5B4B5C83B8E01E5FCF", 4,
-	NULL, 0,
-	"NIST/SECG curve over a 409 bit binary field"
+static const struct { EC_CURVE_DATA h; unsigned char data[0+52*6]; }
+	_EC_NIST_CHAR2_409K = {
+	{ NID_X9_62_characteristic_two_field,0,52,4 },
+	{							/* no seed */
+	  0x02,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* p */
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x80,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x01,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* a */
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* b */
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x01,
+	  0x00,0x60,0xF0,0x5F,0x65,0x8F,0x49,0xC1,0xAD,0x3A,	/* x */
+	  0xB1,0x89,0x0F,0x71,0x84,0x21,0x0E,0xFD,0x09,0x87,
+	  0xE3,0x07,0xC8,0x4C,0x27,0xAC,0xCF,0xB8,0xF9,0xF6,
+	  0x7C,0xC2,0xC4,0x60,0x18,0x9E,0xB5,0xAA,0xAA,0x62,
+	  0xEE,0x22,0x2E,0xB1,0xB3,0x55,0x40,0xCF,0xE9,0x02,
+	  0x37,0x46,
+	  0x01,0xE3,0x69,0x05,0x0B,0x7C,0x4E,0x42,0xAC,0xBA,	/* y */
+	  0x1D,0xAC,0xBF,0x04,0x29,0x9C,0x34,0x60,0x78,0x2F,
+	  0x91,0x8E,0xA4,0x27,0xE6,0x32,0x51,0x65,0xE9,0xEA,
+	  0x10,0xE3,0xDA,0x5F,0x6C,0x42,0xE9,0xC5,0x52,0x15,
+	  0xAA,0x9C,0xA2,0x7A,0x58,0x63,0xEC,0x48,0xD8,0xE0,
+	  0x28,0x6B,
+	  0x00,0x7F,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,	/* order */
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFE,0x5F,0x83,0xB2,
+	  0xD4,0xEA,0x20,0x40,0x0E,0xC4,0x55,0x7D,0x5E,0xD3,
+	  0xE3,0xE7,0xCA,0x5B,0x4B,0x5C,0x83,0xB8,0xE0,0x1E,
+	  0x5F,0xCF }
 	};
 
-static const unsigned char _EC_NIST_CHAR2_409B_SEED[] = {
-	0x40,0x99,0xB5,0xA4,0x57,0xF9,0xD6,0x9F,0x79,0x21,
-	0x3D,0x09,0x4C,0x4B,0xCD,0x4D,0x42,0x62,0x21,0x0B};
-static const EC_CURVE_DATA _EC_NIST_CHAR2_409B = {
-	NID_X9_62_characteristic_two_field,
-	"020000000000000000000000000000000000000000000000000000000000000000000"
-	"00000000000008000000000000000000001",
-	"000000000000000000000000000000000000000000000000000000000000000000000"
-	"00000000000000000000000000000000001",
-	"0021A5C2C8EE9FEB5C4B9A753B7B476B7FD6422EF1F3DD674761FA99D6AC27C8A9A19"
-	"7B272822F6CD57A55AA4F50AE317B13545F",
-	"015D4860D088DDB3496B0C6064756260441CDE4AF1771D4DB01FFE5B34E59703DC255"
-	"A868A1180515603AEAB60794E54BB7996A7",
-	"0061B1CFAB6BE5F32BBFA78324ED106A7636B9C5A7BD198D0158AA4F5488D08F38514"
-	"F1FDF4B4F40D2181B3681C364BA0273C706",
-	"010000000000000000000000000000000000000000000000000001E2AAD6A612F3330"
-	"7BE5FA47C3C9E052F838164CD37D9A21173", 2,
-	_EC_NIST_CHAR2_409B_SEED, 20,
-	"NIST/SECG curve over a 409 bit binary field"
+static const struct { EC_CURVE_DATA h; unsigned char data[20+52*6]; }
+	_EC_NIST_CHAR2_409B = {
+	{ NID_X9_62_characteristic_two_field,20,52,2 },
+	{ 0x40,0x99,0xB5,0xA4,0x57,0xF9,0xD6,0x9F,0x79,0x21,	/* seed */
+	  0x3D,0x09,0x4C,0x4B,0xCD,0x4D,0x42,0x62,0x21,0x0B,
+
+	  0x02,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* p */
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x80,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x01,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* a */
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x01,
+	  0x00,0x21,0xA5,0xC2,0xC8,0xEE,0x9F,0xEB,0x5C,0x4B,	/* b */
+	  0x9A,0x75,0x3B,0x7B,0x47,0x6B,0x7F,0xD6,0x42,0x2E,
+	  0xF1,0xF3,0xDD,0x67,0x47,0x61,0xFA,0x99,0xD6,0xAC,
+	  0x27,0xC8,0xA9,0xA1,0x97,0xB2,0x72,0x82,0x2F,0x6C,
+	  0xD5,0x7A,0x55,0xAA,0x4F,0x50,0xAE,0x31,0x7B,0x13,
+	  0x54,0x5F,
+	  0x01,0x5D,0x48,0x60,0xD0,0x88,0xDD,0xB3,0x49,0x6B,	/* x */
+	  0x0C,0x60,0x64,0x75,0x62,0x60,0x44,0x1C,0xDE,0x4A,
+	  0xF1,0x77,0x1D,0x4D,0xB0,0x1F,0xFE,0x5B,0x34,0xE5,
+	  0x97,0x03,0xDC,0x25,0x5A,0x86,0x8A,0x11,0x80,0x51,
+	  0x56,0x03,0xAE,0xAB,0x60,0x79,0x4E,0x54,0xBB,0x79,
+	  0x96,0xA7,
+	  0x00,0x61,0xB1,0xCF,0xAB,0x6B,0xE5,0xF3,0x2B,0xBF,	/* y */
+	  0xA7,0x83,0x24,0xED,0x10,0x6A,0x76,0x36,0xB9,0xC5,
+	  0xA7,0xBD,0x19,0x8D,0x01,0x58,0xAA,0x4F,0x54,0x88,
+	  0xD0,0x8F,0x38,0x51,0x4F,0x1F,0xDF,0x4B,0x4F,0x40,
+	  0xD2,0x18,0x1B,0x36,0x81,0xC3,0x64,0xBA,0x02,0x73,
+	  0xC7,0x06,
+	  0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* order */
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x01,0xE2,0xAA,0xD6,
+	  0xA6,0x12,0xF3,0x33,0x07,0xBE,0x5F,0xA4,0x7C,0x3C,
+	  0x9E,0x05,0x2F,0x83,0x81,0x64,0xCD,0x37,0xD9,0xA2,
+	  0x11,0x73 }
 	};
 
-static const EC_CURVE_DATA _EC_NIST_CHAR2_571K = {
-	NID_X9_62_characteristic_two_field,
-	"800000000000000000000000000000000000000000000000000000000000000000000"
-	"000000000000000000000000000000000000000000000000000000000000000000000"
-	"00425",
-	"0",
-	"1",
-	"026EB7A859923FBC82189631F8103FE4AC9CA2970012D5D46024804801841CA443709"
-	"58493B205E647DA304DB4CEB08CBBD1BA39494776FB988B47174DCA88C7E2945283A0"
-	"1C8972",
-	"0349DC807F4FBF374F4AEADE3BCA95314DD58CEC9F307A54FFC61EFC006D8A2C9D497"
-	"9C0AC44AEA74FBEBBB9F772AEDCB620B01A7BA7AF1B320430C8591984F601CD4C143E"
-	"F1C7A3",
-	"020000000000000000000000000000000000000000000000000000000000000000000"
-	"000131850E1F19A63E4B391A8DB917F4138B630D84BE5D639381E91DEB45CFE778F63"
-	"7C1001", 4,
-	NULL, 0,
-	"NIST/SECG curve over a 571 bit binary field"
+static const struct { EC_CURVE_DATA h; unsigned char data[0+72*6]; }
+	_EC_NIST_CHAR2_571K = {
+	{ NID_X9_62_characteristic_two_field,0,72,4 },
+	{							/* no seed */
+	  0x08,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* p */
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x04,0x25,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* a */
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* b */
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x01,
+	  0x02,0x6E,0xB7,0xA8,0x59,0x92,0x3F,0xBC,0x82,0x18,	/* x */
+	  0x96,0x31,0xF8,0x10,0x3F,0xE4,0xAC,0x9C,0xA2,0x97,
+	  0x00,0x12,0xD5,0xD4,0x60,0x24,0x80,0x48,0x01,0x84,
+	  0x1C,0xA4,0x43,0x70,0x95,0x84,0x93,0xB2,0x05,0xE6,
+	  0x47,0xDA,0x30,0x4D,0xB4,0xCE,0xB0,0x8C,0xBB,0xD1,
+	  0xBA,0x39,0x49,0x47,0x76,0xFB,0x98,0x8B,0x47,0x17,
+	  0x4D,0xCA,0x88,0xC7,0xE2,0x94,0x52,0x83,0xA0,0x1C,
+	  0x89,0x72,
+	  0x03,0x49,0xDC,0x80,0x7F,0x4F,0xBF,0x37,0x4F,0x4A,	/* y */
+	  0xEA,0xDE,0x3B,0xCA,0x95,0x31,0x4D,0xD5,0x8C,0xEC,
+	  0x9F,0x30,0x7A,0x54,0xFF,0xC6,0x1E,0xFC,0x00,0x6D,
+	  0x8A,0x2C,0x9D,0x49,0x79,0xC0,0xAC,0x44,0xAE,0xA7,
+	  0x4F,0xBE,0xBB,0xB9,0xF7,0x72,0xAE,0xDC,0xB6,0x20,
+	  0xB0,0x1A,0x7B,0xA7,0xAF,0x1B,0x32,0x04,0x30,0xC8,
+	  0x59,0x19,0x84,0xF6,0x01,0xCD,0x4C,0x14,0x3E,0xF1,
+	  0xC7,0xA3,
+	  0x02,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* order */
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x13,0x18,0x50,0xE1,
+	  0xF1,0x9A,0x63,0xE4,0xB3,0x91,0xA8,0xDB,0x91,0x7F,
+	  0x41,0x38,0xB6,0x30,0xD8,0x4B,0xE5,0xD6,0x39,0x38,
+	  0x1E,0x91,0xDE,0xB4,0x5C,0xFE,0x77,0x8F,0x63,0x7C,
+	  0x10,0x01 }
 	};
 
-static const unsigned char _EC_NIST_CHAR2_571B_SEED[] = {
-	0x2A,0xA0,0x58,0xF7,0x3A,0x0E,0x33,0xAB,0x48,0x6B,
-	0x0F,0x61,0x04,0x10,0xC5,0x3A,0x7F,0x13,0x23,0x10};
-static const EC_CURVE_DATA _EC_NIST_CHAR2_571B = {
-	NID_X9_62_characteristic_two_field,
-	"800000000000000000000000000000000000000000000000000000000000000000000"
-	"000000000000000000000000000000000000000000000000000000000000000000000"
-	"00425",
-	"000000000000000000000000000000000000000000000000000000000000000000000"
-	"000000000000000000000000000000000000000000000000000000000000000000000"
-	"000001",
-	"02F40E7E2221F295DE297117B7F3D62F5C6A97FFCB8CEFF1CD6BA8CE4A9A18AD84FFA"
-	"BBD8EFA59332BE7AD6756A66E294AFD185A78FF12AA520E4DE739BACA0C7FFEFF7F29"
-	"55727A",
-	"0303001D34B856296C16C0D40D3CD7750A93D1D2955FA80AA5F40FC8DB7B2ABDBDE53"
-	"950F4C0D293CDD711A35B67FB1499AE60038614F1394ABFA3B4C850D927E1E7769C8E"
-	"EC2D19",
-	"037BF27342DA639B6DCCFFFEB73D69D78C6C27A6009CBBCA1980F8533921E8A684423"
-	"E43BAB08A576291AF8F461BB2A8B3531D2F0485C19B16E2F1516E23DD3C1A4827AF1B"
-	"8AC15B",
-	"03FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
-	"FFFE661CE18FF55987308059B186823851EC7DD9CA1161DE93D5174D66E8382E9BB2F"
-	"E84E47", 2,
-	_EC_NIST_CHAR2_571B_SEED, 20,
-	"NIST/SECG curve over a 571 bit binary field"
+static const struct { EC_CURVE_DATA h; unsigned char data[20+72*6]; }
+	_EC_NIST_CHAR2_571B = {
+	{ NID_X9_62_characteristic_two_field,20,72,2 },
+	{ 0x2A,0xA0,0x58,0xF7,0x3A,0x0E,0x33,0xAB,0x48,0x6B,	/* seed */
+	  0x0F,0x61,0x04,0x10,0xC5,0x3A,0x7F,0x13,0x23,0x10,
+
+	  0x08,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* p */
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x04,0x25,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* a */
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x01,
+	  0x02,0xF4,0x0E,0x7E,0x22,0x21,0xF2,0x95,0xDE,0x29,	/* b */
+	  0x71,0x17,0xB7,0xF3,0xD6,0x2F,0x5C,0x6A,0x97,0xFF,
+	  0xCB,0x8C,0xEF,0xF1,0xCD,0x6B,0xA8,0xCE,0x4A,0x9A,
+	  0x18,0xAD,0x84,0xFF,0xAB,0xBD,0x8E,0xFA,0x59,0x33,
+	  0x2B,0xE7,0xAD,0x67,0x56,0xA6,0x6E,0x29,0x4A,0xFD,
+	  0x18,0x5A,0x78,0xFF,0x12,0xAA,0x52,0x0E,0x4D,0xE7,
+	  0x39,0xBA,0xCA,0x0C,0x7F,0xFE,0xFF,0x7F,0x29,0x55,
+	  0x72,0x7A,
+	  0x03,0x03,0x00,0x1D,0x34,0xB8,0x56,0x29,0x6C,0x16,	/* x */
+	  0xC0,0xD4,0x0D,0x3C,0xD7,0x75,0x0A,0x93,0xD1,0xD2,
+	  0x95,0x5F,0xA8,0x0A,0xA5,0xF4,0x0F,0xC8,0xDB,0x7B,
+	  0x2A,0xBD,0xBD,0xE5,0x39,0x50,0xF4,0xC0,0xD2,0x93,
+	  0xCD,0xD7,0x11,0xA3,0x5B,0x67,0xFB,0x14,0x99,0xAE,
+	  0x60,0x03,0x86,0x14,0xF1,0x39,0x4A,0xBF,0xA3,0xB4,
+	  0xC8,0x50,0xD9,0x27,0xE1,0xE7,0x76,0x9C,0x8E,0xEC,
+	  0x2D,0x19,
+	  0x03,0x7B,0xF2,0x73,0x42,0xDA,0x63,0x9B,0x6D,0xCC,	/* y */
+	  0xFF,0xFE,0xB7,0x3D,0x69,0xD7,0x8C,0x6C,0x27,0xA6,
+	  0x00,0x9C,0xBB,0xCA,0x19,0x80,0xF8,0x53,0x39,0x21,
+	  0xE8,0xA6,0x84,0x42,0x3E,0x43,0xBA,0xB0,0x8A,0x57,
+	  0x62,0x91,0xAF,0x8F,0x46,0x1B,0xB2,0xA8,0xB3,0x53,
+	  0x1D,0x2F,0x04,0x85,0xC1,0x9B,0x16,0xE2,0xF1,0x51,
+	  0x6E,0x23,0xDD,0x3C,0x1A,0x48,0x27,0xAF,0x1B,0x8A,
+	  0xC1,0x5B,
+	  0x03,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,	/* order */
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
+	  0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xE6,0x61,0xCE,0x18,
+	  0xFF,0x55,0x98,0x73,0x08,0x05,0x9B,0x18,0x68,0x23,
+	  0x85,0x1E,0xC7,0xDD,0x9C,0xA1,0x16,0x1D,0xE9,0x3D,
+	  0x51,0x74,0xD6,0x6E,0x83,0x82,0xE9,0xBB,0x2F,0xE8,
+	  0x4E,0x47 }
 	};
 
-static const unsigned char _EC_X9_62_CHAR2_163V1_SEED[] = {
-	0xD2,0xC0,0xFB,0x15,0x76,0x08,0x60,0xDE,0xF1,0xEE,
-	0xF4,0xD6,0x96,0xE6,0x76,0x87,0x56,0x15,0x17,0x54};
-static const EC_CURVE_DATA _EC_X9_62_CHAR2_163V1 = {
-	NID_X9_62_characteristic_two_field,
-	"080000000000000000000000000000000000000107",
-	"072546B5435234A422E0789675F432C89435DE5242",
-	"00C9517D06D5240D3CFF38C74B20B6CD4D6F9DD4D9",
-	"07AF69989546103D79329FCC3D74880F33BBE803CB",
-	"01EC23211B5966ADEA1D3F87F7EA5848AEF0B7CA9F",
-	"0400000000000000000001E60FC8821CC74DAEAFC1", 2,
-	_EC_X9_62_CHAR2_163V1_SEED, 20,
-	"X9.62 curve over a 163 bit binary field"
+static const struct { EC_CURVE_DATA h; unsigned char data[20+21*6]; }
+	_EC_X9_62_CHAR2_163V1 = {
+	{ NID_X9_62_characteristic_two_field,20,21,2 },
+	{ 0xD2,0xC0,0xFB,0x15,0x76,0x08,0x60,0xDE,0xF1,0xEE,
+	  0xF4,0xD6,0x96,0xE6,0x76,0x87,0x56,0x15,0x17,0x54,	/* seed */
+
+	  0x08,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* p */
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,
+	  0x07,
+	  0x07,0x25,0x46,0xB5,0x43,0x52,0x34,0xA4,0x22,0xE0,	/* a */
+	  0x78,0x96,0x75,0xF4,0x32,0xC8,0x94,0x35,0xDE,0x52,
+	  0x42,
+	  0x00,0xC9,0x51,0x7D,0x06,0xD5,0x24,0x0D,0x3C,0xFF,	/* b */
+	  0x38,0xC7,0x4B,0x20,0xB6,0xCD,0x4D,0x6F,0x9D,0xD4,
+	  0xD9,
+	  0x07,0xAF,0x69,0x98,0x95,0x46,0x10,0x3D,0x79,0x32,	/* x */
+	  0x9F,0xCC,0x3D,0x74,0x88,0x0F,0x33,0xBB,0xE8,0x03,
+	  0xCB,
+	  0x01,0xEC,0x23,0x21,0x1B,0x59,0x66,0xAD,0xEA,0x1D,	/* y */
+	  0x3F,0x87,0xF7,0xEA,0x58,0x48,0xAE,0xF0,0xB7,0xCA,
+	  0x9F,
+	  0x04,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* order */
+	  0x01,0xE6,0x0F,0xC8,0x82,0x1C,0xC7,0x4D,0xAE,0xAF,
+	  0xC1 }
 	};
 
-static const unsigned char _EC_X9_62_CHAR2_163V2_SEED[] = {
-	0x53,0x81,0x4C,0x05,0x0D,0x44,0xD6,0x96,0xE6,0x76,
-	0x87,0x56,0x15,0x17,0x58,0x0C,0xA4,0xE2,0x9F,0xFD};
-static const EC_CURVE_DATA _EC_X9_62_CHAR2_163V2 = {
-	NID_X9_62_characteristic_two_field,
- 	"080000000000000000000000000000000000000107",
-	"0108B39E77C4B108BED981ED0E890E117C511CF072",
-	"0667ACEB38AF4E488C407433FFAE4F1C811638DF20",
-	"0024266E4EB5106D0A964D92C4860E2671DB9B6CC5",
-	"079F684DDF6684C5CD258B3890021B2386DFD19FC5",
-	"03FFFFFFFFFFFFFFFFFFFDF64DE1151ADBB78F10A7", 2,
-	_EC_X9_62_CHAR2_163V2_SEED, 20,
-	"X9.62 curve over a 163 bit binary field"
+static const struct { EC_CURVE_DATA h; unsigned char data[20+21*6]; }
+	_EC_X9_62_CHAR2_163V2 = {
+	{ NID_X9_62_characteristic_two_field,20,21,2 },
+	{ 0x53,0x81,0x4C,0x05,0x0D,0x44,0xD6,0x96,0xE6,0x76,	/* seed */
+	  0x87,0x56,0x15,0x17,0x58,0x0C,0xA4,0xE2,0x9F,0xFD,
+
+ 	  0x08,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* p */
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,
+	  0x07,
+	  0x01,0x08,0xB3,0x9E,0x77,0xC4,0xB1,0x08,0xBE,0xD9,	/* a */
+	  0x81,0xED,0x0E,0x89,0x0E,0x11,0x7C,0x51,0x1C,0xF0,
+	  0x72,
+	  0x06,0x67,0xAC,0xEB,0x38,0xAF,0x4E,0x48,0x8C,0x40,	/* b */
+	  0x74,0x33,0xFF,0xAE,0x4F,0x1C,0x81,0x16,0x38,0xDF,
+	  0x20,
+	  0x00,0x24,0x26,0x6E,0x4E,0xB5,0x10,0x6D,0x0A,0x96,	/* x */
+	  0x4D,0x92,0xC4,0x86,0x0E,0x26,0x71,0xDB,0x9B,0x6C,
+	  0xC5,
+	  0x07,0x9F,0x68,0x4D,0xDF,0x66,0x84,0xC5,0xCD,0x25,	/* y */
+	  0x8B,0x38,0x90,0x02,0x1B,0x23,0x86,0xDF,0xD1,0x9F,
+	  0xC5,
+	  0x03,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,	/* order */
+	  0xFD,0xF6,0x4D,0xE1,0x15,0x1A,0xDB,0xB7,0x8F,0x10,
+	  0xA7 }
 	};
 
-static const unsigned char _EC_X9_62_CHAR2_163V3_SEED[] = {
-	0x50,0xCB,0xF1,0xD9,0x5C,0xA9,0x4D,0x69,0x6E,0x67,
-	0x68,0x75,0x61,0x51,0x75,0xF1,0x6A,0x36,0xA3,0xB8};
-static const EC_CURVE_DATA _EC_X9_62_CHAR2_163V3 = {
-	NID_X9_62_characteristic_two_field,
-	"080000000000000000000000000000000000000107",
-	"07A526C63D3E25A256A007699F5447E32AE456B50E",
-	"03F7061798EB99E238FD6F1BF95B48FEEB4854252B",
-	"02F9F87B7C574D0BDECF8A22E6524775F98CDEBDCB",
-	"05B935590C155E17EA48EB3FF3718B893DF59A05D0",
-	"03FFFFFFFFFFFFFFFFFFFE1AEE140F110AFF961309", 2,
-	_EC_X9_62_CHAR2_163V3_SEED, 20,
-	"X9.62 curve over a 163 bit binary field"
+static const struct { EC_CURVE_DATA h; unsigned char data[20+21*6]; }
+	_EC_X9_62_CHAR2_163V3 = {
+	{ NID_X9_62_characteristic_two_field,20,21,2 },
+	{ 0x50,0xCB,0xF1,0xD9,0x5C,0xA9,0x4D,0x69,0x6E,0x67,	/* seed */
+	  0x68,0x75,0x61,0x51,0x75,0xF1,0x6A,0x36,0xA3,0xB8,
+
+	  0x08,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* p */
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,
+	  0x07,
+	  0x07,0xA5,0x26,0xC6,0x3D,0x3E,0x25,0xA2,0x56,0xA0,	/* a */
+	  0x07,0x69,0x9F,0x54,0x47,0xE3,0x2A,0xE4,0x56,0xB5,
+	  0x0E,
+	  0x03,0xF7,0x06,0x17,0x98,0xEB,0x99,0xE2,0x38,0xFD,	/* b */
+	  0x6F,0x1B,0xF9,0x5B,0x48,0xFE,0xEB,0x48,0x54,0x25,
+	  0x2B,
+	  0x02,0xF9,0xF8,0x7B,0x7C,0x57,0x4D,0x0B,0xDE,0xCF,	/* x */
+	  0x8A,0x22,0xE6,0x52,0x47,0x75,0xF9,0x8C,0xDE,0xBD,
+	  0xCB,
+	  0x05,0xB9,0x35,0x59,0x0C,0x15,0x5E,0x17,0xEA,0x48,	/* y */
+	  0xEB,0x3F,0xF3,0x71,0x8B,0x89,0x3D,0xF5,0x9A,0x05,
+	  0xD0,
+	  0x03,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,	/* order */
+	  0xFE,0x1A,0xEE,0x14,0x0F,0x11,0x0A,0xFF,0x96,0x13,
+	  0x09 }
 	};
 
-static const EC_CURVE_DATA _EC_X9_62_CHAR2_176V1 = {
-	NID_X9_62_characteristic_two_field,
-	"0100000000000000000000000000000000080000000007",
-	"E4E6DB2995065C407D9D39B8D0967B96704BA8E9C90B",
-	"5DDA470ABE6414DE8EC133AE28E9BBD7FCEC0AE0FFF2",
-	"8D16C2866798B600F9F08BB4A8E860F3298CE04A5798",
-	"6FA4539C2DADDDD6BAB5167D61B436E1D92BB16A562C",
-	"00010092537397ECA4F6145799D62B0A19CE06FE26AD", 0xFF6E,
-	NULL, 0,
-	"X9.62 curve over a 176 bit binary field"
+static const struct { EC_CURVE_DATA h; unsigned char data[0+23*6]; }
+	_EC_X9_62_CHAR2_176V1 = {
+	{ NID_X9_62_characteristic_two_field,0,23,0xFF6E },
+	{							/* no seed */
+	  0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* p */
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x08,0x00,0x00,
+	  0x00,0x00,0x07,
+	  0x00,0xE4,0xE6,0xDB,0x29,0x95,0x06,0x5C,0x40,0x7D,	/* a */
+	  0x9D,0x39,0xB8,0xD0,0x96,0x7B,0x96,0x70,0x4B,0xA8,
+	  0xE9,0xC9,0x0B,
+	  0x00,0x5D,0xDA,0x47,0x0A,0xBE,0x64,0x14,0xDE,0x8E,	/* b */
+	  0xC1,0x33,0xAE,0x28,0xE9,0xBB,0xD7,0xFC,0xEC,0x0A,
+	  0xE0,0xFF,0xF2,
+	  0x00,0x8D,0x16,0xC2,0x86,0x67,0x98,0xB6,0x00,0xF9,	/* x */
+	  0xF0,0x8B,0xB4,0xA8,0xE8,0x60,0xF3,0x29,0x8C,0xE0,
+	  0x4A,0x57,0x98,
+	  0x00,0x6F,0xA4,0x53,0x9C,0x2D,0xAD,0xDD,0xD6,0xBA,	/* y */
+	  0xB5,0x16,0x7D,0x61,0xB4,0x36,0xE1,0xD9,0x2B,0xB1,
+	  0x6A,0x56,0x2C,
+	  0x00,0x00,0x01,0x00,0x92,0x53,0x73,0x97,0xEC,0xA4,	/* order */
+	  0xF6,0x14,0x57,0x99,0xD6,0x2B,0x0A,0x19,0xCE,0x06,
+	  0xFE,0x26,0xAD }
 	};
 
-static const unsigned char _EC_X9_62_CHAR2_191V1_SEED[] = {
-	0x4E,0x13,0xCA,0x54,0x27,0x44,0xD6,0x96,0xE6,0x76,
-	0x87,0x56,0x15,0x17,0x55,0x2F,0x27,0x9A,0x8C,0x84};
-static const EC_CURVE_DATA _EC_X9_62_CHAR2_191V1 = {
-	NID_X9_62_characteristic_two_field,
-	"800000000000000000000000000000000000000000000201",
-	"2866537B676752636A68F56554E12640276B649EF7526267",
-	"2E45EF571F00786F67B0081B9495A3D95462F5DE0AA185EC",
-	"36B3DAF8A23206F9C4F299D7B21A9C369137F2C84AE1AA0D",
-	"765BE73433B3F95E332932E70EA245CA2418EA0EF98018FB",
-	"40000000000000000000000004A20E90C39067C893BBB9A5", 2,
-	_EC_X9_62_CHAR2_191V1_SEED, 20,
-	"X9.62 curve over a 191 bit binary field"
+static const struct { EC_CURVE_DATA h; unsigned char data[20+24*6]; }
+	_EC_X9_62_CHAR2_191V1 = {
+	{ NID_X9_62_characteristic_two_field,20,24,2 },
+	{ 0x4E,0x13,0xCA,0x54,0x27,0x44,0xD6,0x96,0xE6,0x76,	/* seed */
+	  0x87,0x56,0x15,0x17,0x55,0x2F,0x27,0x9A,0x8C,0x84,
+
+	  0x80,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* p */
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x02,0x01,
+	  0x28,0x66,0x53,0x7B,0x67,0x67,0x52,0x63,0x6A,0x68,	/* a */
+	  0xF5,0x65,0x54,0xE1,0x26,0x40,0x27,0x6B,0x64,0x9E,
+	  0xF7,0x52,0x62,0x67,
+	  0x2E,0x45,0xEF,0x57,0x1F,0x00,0x78,0x6F,0x67,0xB0,	/* b */
+	  0x08,0x1B,0x94,0x95,0xA3,0xD9,0x54,0x62,0xF5,0xDE,
+	  0x0A,0xA1,0x85,0xEC,
+	  0x36,0xB3,0xDA,0xF8,0xA2,0x32,0x06,0xF9,0xC4,0xF2,	/* x */
+	  0x99,0xD7,0xB2,0x1A,0x9C,0x36,0x91,0x37,0xF2,0xC8,
+	  0x4A,0xE1,0xAA,0x0D,
+	  0x76,0x5B,0xE7,0x34,0x33,0xB3,0xF9,0x5E,0x33,0x29,	/* y */
+	  0x32,0xE7,0x0E,0xA2,0x45,0xCA,0x24,0x18,0xEA,0x0E,
+	  0xF9,0x80,0x18,0xFB,
+	  0x40,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* order */
+	  0x00,0x00,0x04,0xA2,0x0E,0x90,0xC3,0x90,0x67,0xC8,
+	  0x93,0xBB,0xB9,0xA5 }
 	};
 
-static const unsigned char _EC_X9_62_CHAR2_191V2_SEED[] = {
-	0x08,0x71,0xEF,0x2F,0xEF,0x24,0xD6,0x96,0xE6,0x76,
-	0x87,0x56,0x15,0x17,0x58,0xBE,0xE0,0xD9,0x5C,0x15};
-static const EC_CURVE_DATA _EC_X9_62_CHAR2_191V2 = {
-	NID_X9_62_characteristic_two_field,
-	"800000000000000000000000000000000000000000000201",
-	"401028774D7777C7B7666D1366EA432071274F89FF01E718",
-	"0620048D28BCBD03B6249C99182B7C8CD19700C362C46A01",
-	"3809B2B7CC1B28CC5A87926AAD83FD28789E81E2C9E3BF10",
-	"17434386626D14F3DBF01760D9213A3E1CF37AEC437D668A",
-	"20000000000000000000000050508CB89F652824E06B8173", 4,
-	_EC_X9_62_CHAR2_191V2_SEED, 20,
-	"X9.62 curve over a 191 bit binary field"
+static const struct { EC_CURVE_DATA h; unsigned char data[20+24*6]; }
+	_EC_X9_62_CHAR2_191V2 = {
+	{ NID_X9_62_characteristic_two_field,20,24,4 },
+	{ 0x08,0x71,0xEF,0x2F,0xEF,0x24,0xD6,0x96,0xE6,0x76,	/* seed */
+	  0x87,0x56,0x15,0x17,0x58,0xBE,0xE0,0xD9,0x5C,0x15,
+
+	  0x80,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* p */
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x02,0x01,
+	  0x40,0x10,0x28,0x77,0x4D,0x77,0x77,0xC7,0xB7,0x66,	/* a */
+	  0x6D,0x13,0x66,0xEA,0x43,0x20,0x71,0x27,0x4F,0x89,
+	  0xFF,0x01,0xE7,0x18,
+	  0x06,0x20,0x04,0x8D,0x28,0xBC,0xBD,0x03,0xB6,0x24,	/* b */
+	  0x9C,0x99,0x18,0x2B,0x7C,0x8C,0xD1,0x97,0x00,0xC3,
+	  0x62,0xC4,0x6A,0x01,
+	  0x38,0x09,0xB2,0xB7,0xCC,0x1B,0x28,0xCC,0x5A,0x87,	/* x */
+	  0x92,0x6A,0xAD,0x83,0xFD,0x28,0x78,0x9E,0x81,0xE2,
+	  0xC9,0xE3,0xBF,0x10,
+	  0x17,0x43,0x43,0x86,0x62,0x6D,0x14,0xF3,0xDB,0xF0,	/* y */
+	  0x17,0x60,0xD9,0x21,0x3A,0x3E,0x1C,0xF3,0x7A,0xEC,
+	  0x43,0x7D,0x66,0x8A,
+	  0x20,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* order */
+	  0x00,0x00,0x50,0x50,0x8C,0xB8,0x9F,0x65,0x28,0x24,
+	  0xE0,0x6B,0x81,0x73 }
 	};
 
-static const unsigned char _EC_X9_62_CHAR2_191V3_SEED[] = {
-	0xE0,0x53,0x51,0x2D,0xC6,0x84,0xD6,0x96,0xE6,0x76,
-	0x87,0x56,0x15,0x17,0x50,0x67,0xAE,0x78,0x6D,0x1F};
-static const EC_CURVE_DATA _EC_X9_62_CHAR2_191V3 = {
-	NID_X9_62_characteristic_two_field,
-	"800000000000000000000000000000000000000000000201",
-	"6C01074756099122221056911C77D77E77A777E7E7E77FCB",
-	"71FE1AF926CF847989EFEF8DB459F66394D90F32AD3F15E8",
-	"375D4CE24FDE434489DE8746E71786015009E66E38A926DD",
-	"545A39176196575D985999366E6AD34CE0A77CD7127B06BE",
-	"155555555555555555555555610C0B196812BFB6288A3EA3", 6,
-	_EC_X9_62_CHAR2_191V3_SEED, 20,
-	"X9.62 curve over a 191 bit binary field"
+static const struct { EC_CURVE_DATA h; unsigned char data[20+24*6]; }
+	_EC_X9_62_CHAR2_191V3 = {
+	{ NID_X9_62_characteristic_two_field,20,24,6 },
+	{ 0xE0,0x53,0x51,0x2D,0xC6,0x84,0xD6,0x96,0xE6,0x76,	/* seed */
+	  0x87,0x56,0x15,0x17,0x50,0x67,0xAE,0x78,0x6D,0x1F,
+
+	  0x80,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* p */
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x02,0x01,
+	  0x6C,0x01,0x07,0x47,0x56,0x09,0x91,0x22,0x22,0x10,	/* a */
+	  0x56,0x91,0x1C,0x77,0xD7,0x7E,0x77,0xA7,0x77,0xE7,
+	  0xE7,0xE7,0x7F,0xCB,
+	  0x71,0xFE,0x1A,0xF9,0x26,0xCF,0x84,0x79,0x89,0xEF,	/* b */
+	  0xEF,0x8D,0xB4,0x59,0xF6,0x63,0x94,0xD9,0x0F,0x32,
+	  0xAD,0x3F,0x15,0xE8,
+	  0x37,0x5D,0x4C,0xE2,0x4F,0xDE,0x43,0x44,0x89,0xDE,	/* x */
+	  0x87,0x46,0xE7,0x17,0x86,0x01,0x50,0x09,0xE6,0x6E,
+	  0x38,0xA9,0x26,0xDD,
+	  0x54,0x5A,0x39,0x17,0x61,0x96,0x57,0x5D,0x98,0x59,	/* y */
+	  0x99,0x36,0x6E,0x6A,0xD3,0x4C,0xE0,0xA7,0x7C,0xD7,
+	  0x12,0x7B,0x06,0xBE,
+	  0x15,0x55,0x55,0x55,0x55,0x55,0x55,0x55,0x55,0x55,	/* order */
+	  0x55,0x55,0x61,0x0C,0x0B,0x19,0x68,0x12,0xBF,0xB6,
+	  0x28,0x8A,0x3E,0xA3 }
 	};
 
-static const EC_CURVE_DATA _EC_X9_62_CHAR2_208W1 = {
-	NID_X9_62_characteristic_two_field,
-	"010000000000000000000000000000000800000000000000000007",
-	"0000000000000000000000000000000000000000000000000000",
-	"C8619ED45A62E6212E1160349E2BFA844439FAFC2A3FD1638F9E",
-	"89FDFBE4ABE193DF9559ECF07AC0CE78554E2784EB8C1ED1A57A",
-	"0F55B51A06E78E9AC38A035FF520D8B01781BEB1A6BB08617DE3",
-	"000101BAF95C9723C57B6C21DA2EFF2D5ED588BDD5717E212F9D", 0xFE48,
-	NULL, 0,
-	"X9.62 curve over a 208 bit binary field"
+static const struct { EC_CURVE_DATA h; unsigned char data[0+27*6]; }
+	_EC_X9_62_CHAR2_208W1 = {
+	{ NID_X9_62_characteristic_two_field,0,27,0xFE48 },
+	{							/* no seed */
+	  0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* p */
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x08,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x07,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* a */
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0xC8,0x61,0x9E,0xD4,0x5A,0x62,0xE6,0x21,0x2E,	/* b */
+	  0x11,0x60,0x34,0x9E,0x2B,0xFA,0x84,0x44,0x39,0xFA,
+	  0xFC,0x2A,0x3F,0xD1,0x63,0x8F,0x9E,
+	  0x00,0x89,0xFD,0xFB,0xE4,0xAB,0xE1,0x93,0xDF,0x95,	/* x */
+	  0x59,0xEC,0xF0,0x7A,0xC0,0xCE,0x78,0x55,0x4E,0x27,
+	  0x84,0xEB,0x8C,0x1E,0xD1,0xA5,0x7A,
+	  0x00,0x0F,0x55,0xB5,0x1A,0x06,0xE7,0x8E,0x9A,0xC3,	/* y */
+	  0x8A,0x03,0x5F,0xF5,0x20,0xD8,0xB0,0x17,0x81,0xBE,
+	  0xB1,0xA6,0xBB,0x08,0x61,0x7D,0xE3,
+	  0x00,0x00,0x01,0x01,0xBA,0xF9,0x5C,0x97,0x23,0xC5,	/* order */
+	  0x7B,0x6C,0x21,0xDA,0x2E,0xFF,0x2D,0x5E,0xD5,0x88,
+	  0xBD,0xD5,0x71,0x7E,0x21,0x2F,0x9D }
 	};
 
-static const unsigned char _EC_X9_62_CHAR2_239V1_SEED[] = {
-	0xD3,0x4B,0x9A,0x4D,0x69,0x6E,0x67,0x68,0x75,0x61,
-	0x51,0x75,0xCA,0x71,0xB9,0x20,0xBF,0xEF,0xB0,0x5D};
-static const EC_CURVE_DATA _EC_X9_62_CHAR2_239V1 = {
-	NID_X9_62_characteristic_two_field,
-	"800000000000000000000000000000000000000000000000001000000001",
-	"32010857077C5431123A46B808906756F543423E8D27877578125778AC76",
-	"790408F2EEDAF392B012EDEFB3392F30F4327C0CA3F31FC383C422AA8C16",
-	"57927098FA932E7C0A96D3FD5B706EF7E5F5C156E16B7E7C86038552E91D",
-	"61D8EE5077C33FECF6F1A16B268DE469C3C7744EA9A971649FC7A9616305",
-	"2000000000000000000000000000000F4D42FFE1492A4993F1CAD666E447", 4,
-	_EC_X9_62_CHAR2_239V1_SEED, 20,
-	"X9.62 curve over a 239 bit binary field"
+static const struct { EC_CURVE_DATA h; unsigned char data[20+30*6]; }
+	_EC_X9_62_CHAR2_239V1 = {
+	{ NID_X9_62_characteristic_two_field,20,30,4 },
+	{ 0xD3,0x4B,0x9A,0x4D,0x69,0x6E,0x67,0x68,0x75,0x61,	/* seed */
+	  0x51,0x75,0xCA,0x71,0xB9,0x20,0xBF,0xEF,0xB0,0x5D,
+
+	  0x80,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* p */
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x01,
+
+	  0x32,0x01,0x08,0x57,0x07,0x7C,0x54,0x31,0x12,0x3A,	/* a */
+	  0x46,0xB8,0x08,0x90,0x67,0x56,0xF5,0x43,0x42,0x3E,
+	  0x8D,0x27,0x87,0x75,0x78,0x12,0x57,0x78,0xAC,0x76,
+
+	  0x79,0x04,0x08,0xF2,0xEE,0xDA,0xF3,0x92,0xB0,0x12,	/* b */
+	  0xED,0xEF,0xB3,0x39,0x2F,0x30,0xF4,0x32,0x7C,0x0C,
+	  0xA3,0xF3,0x1F,0xC3,0x83,0xC4,0x22,0xAA,0x8C,0x16,
+
+	  0x57,0x92,0x70,0x98,0xFA,0x93,0x2E,0x7C,0x0A,0x96,	/* x */
+	  0xD3,0xFD,0x5B,0x70,0x6E,0xF7,0xE5,0xF5,0xC1,0x56,
+	  0xE1,0x6B,0x7E,0x7C,0x86,0x03,0x85,0x52,0xE9,0x1D,
+
+	  0x61,0xD8,0xEE,0x50,0x77,0xC3,0x3F,0xEC,0xF6,0xF1,	/* y */
+	  0xA1,0x6B,0x26,0x8D,0xE4,0x69,0xC3,0xC7,0x74,0x4E,
+	  0xA9,0xA9,0x71,0x64,0x9F,0xC7,0xA9,0x61,0x63,0x05,
+
+	  0x20,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* order */
+	  0x00,0x00,0x00,0x00,0x00,0x0F,0x4D,0x42,0xFF,0xE1,
+	  0x49,0x2A,0x49,0x93,0xF1,0xCA,0xD6,0x66,0xE4,0x47 }
 	};
 
-static const unsigned char _EC_X9_62_CHAR2_239V2_SEED[] = {
-	0x2A,0xA6,0x98,0x2F,0xDF,0xA4,0xD6,0x96,0xE6,0x76,
-	0x87,0x56,0x15,0x17,0x5D,0x26,0x67,0x27,0x27,0x7D};
-static const EC_CURVE_DATA _EC_X9_62_CHAR2_239V2 = {
-	NID_X9_62_characteristic_two_field,
-	"800000000000000000000000000000000000000000000000001000000001",
-	"4230017757A767FAE42398569B746325D45313AF0766266479B75654E65F",
-	"5037EA654196CFF0CD82B2C14A2FCF2E3FF8775285B545722F03EACDB74B",
-	"28F9D04E900069C8DC47A08534FE76D2B900B7D7EF31F5709F200C4CA205",
-	"5667334C45AFF3B5A03BAD9DD75E2C71A99362567D5453F7FA6E227EC833",
-	"1555555555555555555555555555553C6F2885259C31E3FCDF154624522D", 6,
-	_EC_X9_62_CHAR2_239V2_SEED, 20,
-	"X9.62 curve over a 239 bit binary field"
+static const struct { EC_CURVE_DATA h; unsigned char data[20+30*6]; }
+	_EC_X9_62_CHAR2_239V2 = {
+	{ NID_X9_62_characteristic_two_field,20,30,6 },
+	{ 0x2A,0xA6,0x98,0x2F,0xDF,0xA4,0xD6,0x96,0xE6,0x76,	/* seed */
+	  0x87,0x56,0x15,0x17,0x5D,0x26,0x67,0x27,0x27,0x7D,
+
+	  0x80,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* p */
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x01,
+
+	  0x42,0x30,0x01,0x77,0x57,0xA7,0x67,0xFA,0xE4,0x23,	/* a */
+	  0x98,0x56,0x9B,0x74,0x63,0x25,0xD4,0x53,0x13,0xAF,
+	  0x07,0x66,0x26,0x64,0x79,0xB7,0x56,0x54,0xE6,0x5F,
+
+	  0x50,0x37,0xEA,0x65,0x41,0x96,0xCF,0xF0,0xCD,0x82,	/* b */
+	  0xB2,0xC1,0x4A,0x2F,0xCF,0x2E,0x3F,0xF8,0x77,0x52,
+	  0x85,0xB5,0x45,0x72,0x2F,0x03,0xEA,0xCD,0xB7,0x4B,
+
+	  0x28,0xF9,0xD0,0x4E,0x90,0x00,0x69,0xC8,0xDC,0x47,	/* x */
+	  0xA0,0x85,0x34,0xFE,0x76,0xD2,0xB9,0x00,0xB7,0xD7,
+	  0xEF,0x31,0xF5,0x70,0x9F,0x20,0x0C,0x4C,0xA2,0x05,
+
+	  0x56,0x67,0x33,0x4C,0x45,0xAF,0xF3,0xB5,0xA0,0x3B,	/* y */
+	  0xAD,0x9D,0xD7,0x5E,0x2C,0x71,0xA9,0x93,0x62,0x56,
+	  0x7D,0x54,0x53,0xF7,0xFA,0x6E,0x22,0x7E,0xC8,0x33,
+
+	  0x15,0x55,0x55,0x55,0x55,0x55,0x55,0x55,0x55,0x55,	/* order */
+	  0x55,0x55,0x55,0x55,0x55,0x3C,0x6F,0x28,0x85,0x25,
+	  0x9C,0x31,0xE3,0xFC,0xDF,0x15,0x46,0x24,0x52,0x2D }
 	};
 
-static const unsigned char _EC_X9_62_CHAR2_239V3_SEED[] = {
-	0x9E,0x07,0x6F,0x4D,0x69,0x6E,0x67,0x68,0x75,0x61,
-	0x51,0x75,0xE1,0x1E,0x9F,0xDD,0x77,0xF9,0x20,0x41};
-static const EC_CURVE_DATA _EC_X9_62_CHAR2_239V3 = {
-	NID_X9_62_characteristic_two_field,
-	"800000000000000000000000000000000000000000000000001000000001",
-	"01238774666A67766D6676F778E676B66999176666E687666D8766C66A9F",
-	"6A941977BA9F6A435199ACFC51067ED587F519C5ECB541B8E44111DE1D40",
-	"70F6E9D04D289C4E89913CE3530BFDE903977D42B146D539BF1BDE4E9C92",
-	"2E5A0EAF6E5E1305B9004DCE5C0ED7FE59A35608F33837C816D80B79F461",
-	"0CCCCCCCCCCCCCCCCCCCCCCCCCCCCCAC4912D2D9DF903EF9888B8A0E4CFF", 0xA,
-	_EC_X9_62_CHAR2_239V3_SEED, 20,
-	"X9.62 curve over a 239 bit binary field"
+static const struct { EC_CURVE_DATA h; unsigned char data[20+30*6]; }
+	_EC_X9_62_CHAR2_239V3 = {
+	{ NID_X9_62_characteristic_two_field,20,30,0xA },
+	{ 0x9E,0x07,0x6F,0x4D,0x69,0x6E,0x67,0x68,0x75,0x61,	/* seed */
+	  0x51,0x75,0xE1,0x1E,0x9F,0xDD,0x77,0xF9,0x20,0x41,
+
+	  0x80,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* p */
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x01,
+
+	  0x01,0x23,0x87,0x74,0x66,0x6A,0x67,0x76,0x6D,0x66,	/* a */
+	  0x76,0xF7,0x78,0xE6,0x76,0xB6,0x69,0x99,0x17,0x66,
+	  0x66,0xE6,0x87,0x66,0x6D,0x87,0x66,0xC6,0x6A,0x9F,
+
+	  0x6A,0x94,0x19,0x77,0xBA,0x9F,0x6A,0x43,0x51,0x99,	/* b */
+	  0xAC,0xFC,0x51,0x06,0x7E,0xD5,0x87,0xF5,0x19,0xC5,
+	  0xEC,0xB5,0x41,0xB8,0xE4,0x41,0x11,0xDE,0x1D,0x40,
+
+	  0x70,0xF6,0xE9,0xD0,0x4D,0x28,0x9C,0x4E,0x89,0x91,	/* x */
+	  0x3C,0xE3,0x53,0x0B,0xFD,0xE9,0x03,0x97,0x7D,0x42,
+	  0xB1,0x46,0xD5,0x39,0xBF,0x1B,0xDE,0x4E,0x9C,0x92,
+
+	  0x2E,0x5A,0x0E,0xAF,0x6E,0x5E,0x13,0x05,0xB9,0x00,	/* y */
+	  0x4D,0xCE,0x5C,0x0E,0xD7,0xFE,0x59,0xA3,0x56,0x08,
+	  0xF3,0x38,0x37,0xC8,0x16,0xD8,0x0B,0x79,0xF4,0x61,
+
+	  0x0C,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,0xCC,	/* order */
+	  0xCC,0xCC,0xCC,0xCC,0xCC,0xAC,0x49,0x12,0xD2,0xD9,
+	  0xDF,0x90,0x3E,0xF9,0x88,0x8B,0x8A,0x0E,0x4C,0xFF }
 	};
 
-static const EC_CURVE_DATA _EC_X9_62_CHAR2_272W1 = {
-	NID_X9_62_characteristic_two_field,
-	"010000000000000000000000000000000000000000000000000000010000000000000"
-	"B",
-	"91A091F03B5FBA4AB2CCF49C4EDD220FB028712D42BE752B2C40094DBACDB586FB20",
-	"7167EFC92BB2E3CE7C8AAAFF34E12A9C557003D7C73A6FAF003F99F6CC8482E540F7",
-	"6108BABB2CEEBCF787058A056CBE0CFE622D7723A289E08A07AE13EF0D10D171DD8D",
-	"10C7695716851EEF6BA7F6872E6142FBD241B830FF5EFCACECCAB05E02005DDE9D23",
-	"000100FAF51354E0E39E4892DF6E319C72C8161603FA45AA7B998A167B8F1E629521",
-	0xFF06,
-	NULL, 0,
-	"X9.62 curve over a 272 bit binary field"
+static const struct { EC_CURVE_DATA h; unsigned char data[0+35*6]; }
+	_EC_X9_62_CHAR2_272W1 = {
+	{ NID_X9_62_characteristic_two_field,0,35,0xFF06 },
+	{							/* no seed */
+	  0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* p */
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x0B,
+	  0x00,0x91,0xA0,0x91,0xF0,0x3B,0x5F,0xBA,0x4A,0xB2,	/* a */
+	  0xCC,0xF4,0x9C,0x4E,0xDD,0x22,0x0F,0xB0,0x28,0x71,
+	  0x2D,0x42,0xBE,0x75,0x2B,0x2C,0x40,0x09,0x4D,0xBA,
+	  0xCD,0xB5,0x86,0xFB,0x20,
+	  0x00,0x71,0x67,0xEF,0xC9,0x2B,0xB2,0xE3,0xCE,0x7C,	/* b */
+	  0x8A,0xAA,0xFF,0x34,0xE1,0x2A,0x9C,0x55,0x70,0x03,
+	  0xD7,0xC7,0x3A,0x6F,0xAF,0x00,0x3F,0x99,0xF6,0xCC,
+	  0x84,0x82,0xE5,0x40,0xF7,
+	  0x00,0x61,0x08,0xBA,0xBB,0x2C,0xEE,0xBC,0xF7,0x87,	/* x */
+	  0x05,0x8A,0x05,0x6C,0xBE,0x0C,0xFE,0x62,0x2D,0x77,
+	  0x23,0xA2,0x89,0xE0,0x8A,0x07,0xAE,0x13,0xEF,0x0D,
+	  0x10,0xD1,0x71,0xDD,0x8D,
+	  0x00,0x10,0xC7,0x69,0x57,0x16,0x85,0x1E,0xEF,0x6B,	/* y */
+	  0xA7,0xF6,0x87,0x2E,0x61,0x42,0xFB,0xD2,0x41,0xB8,
+	  0x30,0xFF,0x5E,0xFC,0xAC,0xEC,0xCA,0xB0,0x5E,0x02,
+	  0x00,0x5D,0xDE,0x9D,0x23,
+	  0x00,0x00,0x01,0x00,0xFA,0xF5,0x13,0x54,0xE0,0xE3,	/* order */
+	  0x9E,0x48,0x92,0xDF,0x6E,0x31,0x9C,0x72,0xC8,0x16,
+	  0x16,0x03,0xFA,0x45,0xAA,0x7B,0x99,0x8A,0x16,0x7B,
+	  0x8F,0x1E,0x62,0x95,0x21 }
 	};
 
-static const EC_CURVE_DATA _EC_X9_62_CHAR2_304W1 = {
-	NID_X9_62_characteristic_two_field,
-	"010000000000000000000000000000000000000000000000000000000000000000000"
-	"000000807",
-	"FD0D693149A118F651E6DCE6802085377E5F882D1B510B44160074C1288078365A039"
-	"6C8E681",
-	"BDDB97E555A50A908E43B01C798EA5DAA6788F1EA2794EFCF57166B8C14039601E558"
-	"27340BE",
-	"197B07845E9BE2D96ADB0F5F3C7F2CFFBD7A3EB8B6FEC35C7FD67F26DDF6285A644F7"
-	"40A2614",
-	"E19FBEB76E0DA171517ECF401B50289BF014103288527A9B416A105E80260B549FDC1"
-	"B92C03B",
-	"000101D556572AABAC800101D556572AABAC8001022D5C91DD173F8FB561DA6899164"
-	"443051D", 0xFE2E,
-	NULL, 0,
-	"X9.62 curve over a 304 bit binary field"
+static const struct { EC_CURVE_DATA h; unsigned char data[0+39*6]; }
+	_EC_X9_62_CHAR2_304W1 = {
+	{ NID_X9_62_characteristic_two_field,0,39,0xFE2E },
+	{							/* no seed */
+	  0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* p */
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x08,0x07,
+	  0x00,0xFD,0x0D,0x69,0x31,0x49,0xA1,0x18,0xF6,0x51,	/* a */
+	  0xE6,0xDC,0xE6,0x80,0x20,0x85,0x37,0x7E,0x5F,0x88,
+	  0x2D,0x1B,0x51,0x0B,0x44,0x16,0x00,0x74,0xC1,0x28,
+	  0x80,0x78,0x36,0x5A,0x03,0x96,0xC8,0xE6,0x81,
+	  0x00,0xBD,0xDB,0x97,0xE5,0x55,0xA5,0x0A,0x90,0x8E,	/* b */
+	  0x43,0xB0,0x1C,0x79,0x8E,0xA5,0xDA,0xA6,0x78,0x8F,
+	  0x1E,0xA2,0x79,0x4E,0xFC,0xF5,0x71,0x66,0xB8,0xC1,
+	  0x40,0x39,0x60,0x1E,0x55,0x82,0x73,0x40,0xBE,
+	  0x00,0x19,0x7B,0x07,0x84,0x5E,0x9B,0xE2,0xD9,0x6A,	/* x */
+	  0xDB,0x0F,0x5F,0x3C,0x7F,0x2C,0xFF,0xBD,0x7A,0x3E,
+	  0xB8,0xB6,0xFE,0xC3,0x5C,0x7F,0xD6,0x7F,0x26,0xDD,
+	  0xF6,0x28,0x5A,0x64,0x4F,0x74,0x0A,0x26,0x14,
+	  0x00,0xE1,0x9F,0xBE,0xB7,0x6E,0x0D,0xA1,0x71,0x51,	/* y */
+	  0x7E,0xCF,0x40,0x1B,0x50,0x28,0x9B,0xF0,0x14,0x10,
+	  0x32,0x88,0x52,0x7A,0x9B,0x41,0x6A,0x10,0x5E,0x80,
+	  0x26,0x0B,0x54,0x9F,0xDC,0x1B,0x92,0xC0,0x3B,
+	  0x00,0x00,0x01,0x01,0xD5,0x56,0x57,0x2A,0xAB,0xAC,	/* order */
+	  0x80,0x01,0x01,0xD5,0x56,0x57,0x2A,0xAB,0xAC,0x80,
+	  0x01,0x02,0x2D,0x5C,0x91,0xDD,0x17,0x3F,0x8F,0xB5,
+	  0x61,0xDA,0x68,0x99,0x16,0x44,0x43,0x05,0x1D }
 	};
 
-static const unsigned char _EC_X9_62_CHAR2_359V1_SEED[] = {
-	0x2B,0x35,0x49,0x20,0xB7,0x24,0xD6,0x96,0xE6,0x76,
-	0x87,0x56,0x15,0x17,0x58,0x5B,0xA1,0x33,0x2D,0xC6};
-static const EC_CURVE_DATA _EC_X9_62_CHAR2_359V1 = {
-	NID_X9_62_characteristic_two_field,
-	"800000000000000000000000000000000000000000000000000000000000000000000"
-	"000100000000000000001",
-	"5667676A654B20754F356EA92017D946567C46675556F19556A04616B567D223A5E05"
-	"656FB549016A96656A557",
-	"2472E2D0197C49363F1FE7F5B6DB075D52B6947D135D8CA445805D39BC34562608968"
-	"7742B6329E70680231988",
-	"3C258EF3047767E7EDE0F1FDAA79DAEE3841366A132E163ACED4ED2401DF9C6BDCDE9"
-	"8E8E707C07A2239B1B097",
-	"53D7E08529547048121E9C95F3791DD804963948F34FAE7BF44EA82365DC7868FE57E"
-	"4AE2DE211305A407104BD",
-	"01AF286BCA1AF286BCA1AF286BCA1AF286BCA1AF286BC9FB8F6B85C556892C20A7EB9"
-	"64FE7719E74F490758D3B", 0x4C,
-	_EC_X9_62_CHAR2_359V1_SEED, 20,
-	"X9.62 curve over a 359 bit binary field"
+static const struct { EC_CURVE_DATA h; unsigned char data[20+45*6]; }
+	_EC_X9_62_CHAR2_359V1 = {
+	{ NID_X9_62_characteristic_two_field,20,45,0x4C },
+	{ 0x2B,0x35,0x49,0x20,0xB7,0x24,0xD6,0x96,0xE6,0x76,	/* seed */
+	  0x87,0x56,0x15,0x17,0x58,0x5B,0xA1,0x33,0x2D,0xC6,
+
+	  0x80,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* p */
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x01,
+	  0x56,0x67,0x67,0x6A,0x65,0x4B,0x20,0x75,0x4F,0x35,	/* a */
+	  0x6E,0xA9,0x20,0x17,0xD9,0x46,0x56,0x7C,0x46,0x67,
+	  0x55,0x56,0xF1,0x95,0x56,0xA0,0x46,0x16,0xB5,0x67,
+	  0xD2,0x23,0xA5,0xE0,0x56,0x56,0xFB,0x54,0x90,0x16,
+	  0xA9,0x66,0x56,0xA5,0x57,
+	  0x24,0x72,0xE2,0xD0,0x19,0x7C,0x49,0x36,0x3F,0x1F,	/* b */
+	  0xE7,0xF5,0xB6,0xDB,0x07,0x5D,0x52,0xB6,0x94,0x7D,
+	  0x13,0x5D,0x8C,0xA4,0x45,0x80,0x5D,0x39,0xBC,0x34,
+	  0x56,0x26,0x08,0x96,0x87,0x74,0x2B,0x63,0x29,0xE7,
+	  0x06,0x80,0x23,0x19,0x88,
+	  0x3C,0x25,0x8E,0xF3,0x04,0x77,0x67,0xE7,0xED,0xE0,	/* x */
+	  0xF1,0xFD,0xAA,0x79,0xDA,0xEE,0x38,0x41,0x36,0x6A,
+	  0x13,0x2E,0x16,0x3A,0xCE,0xD4,0xED,0x24,0x01,0xDF,
+	  0x9C,0x6B,0xDC,0xDE,0x98,0xE8,0xE7,0x07,0xC0,0x7A,
+	  0x22,0x39,0xB1,0xB0,0x97,
+	  0x53,0xD7,0xE0,0x85,0x29,0x54,0x70,0x48,0x12,0x1E,	/* y */
+	  0x9C,0x95,0xF3,0x79,0x1D,0xD8,0x04,0x96,0x39,0x48,
+	  0xF3,0x4F,0xAE,0x7B,0xF4,0x4E,0xA8,0x23,0x65,0xDC,
+	  0x78,0x68,0xFE,0x57,0xE4,0xAE,0x2D,0xE2,0x11,0x30,
+	  0x5A,0x40,0x71,0x04,0xBD,
+	  0x01,0xAF,0x28,0x6B,0xCA,0x1A,0xF2,0x86,0xBC,0xA1,	/* order */
+	  0xAF,0x28,0x6B,0xCA,0x1A,0xF2,0x86,0xBC,0xA1,0xAF,
+	  0x28,0x6B,0xC9,0xFB,0x8F,0x6B,0x85,0xC5,0x56,0x89,
+	  0x2C,0x20,0xA7,0xEB,0x96,0x4F,0xE7,0x71,0x9E,0x74,
+	  0xF4,0x90,0x75,0x8D,0x3B }
 	};
 
-static const EC_CURVE_DATA _EC_X9_62_CHAR2_368W1 = {
-	NID_X9_62_characteristic_two_field,
-	"010000000000000000000000000000000000000000000000000000000000000000000"
-	"0002000000000000000000007",
-	"E0D2EE25095206F5E2A4F9ED229F1F256E79A0E2B455970D8D0D865BD94778C576D62"
-	"F0AB7519CCD2A1A906AE30D",
-	"FC1217D4320A90452C760A58EDCD30C8DD069B3C34453837A34ED50CB54917E1C2112"
-	"D84D164F444F8F74786046A",
-	"1085E2755381DCCCE3C1557AFA10C2F0C0C2825646C5B34A394CBCFA8BC16B22E7E78"
-	"9E927BE216F02E1FB136A5F",
-	"7B3EB1BDDCBA62D5D8B2059B525797FC73822C59059C623A45FF3843CEE8F87CD1855"
-	"ADAA81E2A0750B80FDA2310",
-	"00010090512DA9AF72B08349D98A5DD4C7B0532ECA51CE03E2D10F3B7AC579BD87E90"
-	"9AE40A6F131E9CFCE5BD967", 0xFF70,
-	NULL, 0,
-	"X9.62 curve over a 368 bit binary field"
+static const struct { EC_CURVE_DATA h; unsigned char data[0+47*6]; }
+	_EC_X9_62_CHAR2_368W1 = {
+	{ NID_X9_62_characteristic_two_field,0,47,0xFF70 },
+	{							/* no seed */
+	  0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* p */
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x20,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x07,
+	  0x00,0xE0,0xD2,0xEE,0x25,0x09,0x52,0x06,0xF5,0xE2,	/* a */
+	  0xA4,0xF9,0xED,0x22,0x9F,0x1F,0x25,0x6E,0x79,0xA0,
+	  0xE2,0xB4,0x55,0x97,0x0D,0x8D,0x0D,0x86,0x5B,0xD9,
+	  0x47,0x78,0xC5,0x76,0xD6,0x2F,0x0A,0xB7,0x51,0x9C,
+	  0xCD,0x2A,0x1A,0x90,0x6A,0xE3,0x0D,
+	  0x00,0xFC,0x12,0x17,0xD4,0x32,0x0A,0x90,0x45,0x2C,	/* b */
+	  0x76,0x0A,0x58,0xED,0xCD,0x30,0xC8,0xDD,0x06,0x9B,
+	  0x3C,0x34,0x45,0x38,0x37,0xA3,0x4E,0xD5,0x0C,0xB5,
+	  0x49,0x17,0xE1,0xC2,0x11,0x2D,0x84,0xD1,0x64,0xF4,
+	  0x44,0xF8,0xF7,0x47,0x86,0x04,0x6A,
+	  0x00,0x10,0x85,0xE2,0x75,0x53,0x81,0xDC,0xCC,0xE3,	/* x */
+	  0xC1,0x55,0x7A,0xFA,0x10,0xC2,0xF0,0xC0,0xC2,0x82,
+	  0x56,0x46,0xC5,0xB3,0x4A,0x39,0x4C,0xBC,0xFA,0x8B,
+	  0xC1,0x6B,0x22,0xE7,0xE7,0x89,0xE9,0x27,0xBE,0x21,
+	  0x6F,0x02,0xE1,0xFB,0x13,0x6A,0x5F,
+	  0x00,0x7B,0x3E,0xB1,0xBD,0xDC,0xBA,0x62,0xD5,0xD8,	/* y */
+	  0xB2,0x05,0x9B,0x52,0x57,0x97,0xFC,0x73,0x82,0x2C,
+	  0x59,0x05,0x9C,0x62,0x3A,0x45,0xFF,0x38,0x43,0xCE,
+	  0xE8,0xF8,0x7C,0xD1,0x85,0x5A,0xDA,0xA8,0x1E,0x2A,
+	  0x07,0x50,0xB8,0x0F,0xDA,0x23,0x10,
+	  0x00,0x00,0x01,0x00,0x90,0x51,0x2D,0xA9,0xAF,0x72,	/* order */
+	  0xB0,0x83,0x49,0xD9,0x8A,0x5D,0xD4,0xC7,0xB0,0x53,
+	  0x2E,0xCA,0x51,0xCE,0x03,0xE2,0xD1,0x0F,0x3B,0x7A,
+	  0xC5,0x79,0xBD,0x87,0xE9,0x09,0xAE,0x40,0xA6,0xF1,
+	  0x31,0xE9,0xCF,0xCE,0x5B,0xD9,0x67 }
 	};
 
-static const EC_CURVE_DATA _EC_X9_62_CHAR2_431R1 = {
-	NID_X9_62_characteristic_two_field,
-	"800000000000000000000000000000000000000000000000000000000000000000000"
-	"000000001000000000000000000000000000001",
-	"1A827EF00DD6FC0E234CAF046C6A5D8A85395B236CC4AD2CF32A0CADBDC9DDF620B0E"
-	"B9906D0957F6C6FEACD615468DF104DE296CD8F",
-	"10D9B4A3D9047D8B154359ABFB1B7F5485B04CEB868237DDC9DEDA982A679A5A919B6"
-	"26D4E50A8DD731B107A9962381FB5D807BF2618",
-	"120FC05D3C67A99DE161D2F4092622FECA701BE4F50F4758714E8A87BBF2A658EF8C2"
-	"1E7C5EFE965361F6C2999C0C247B0DBD70CE6B7",
-	"20D0AF8903A96F8D5FA2C255745D3C451B302C9346D9B7E485E7BCE41F6B591F3E8F6"
-	"ADDCBB0BC4C2F947A7DE1A89B625D6A598B3760",
-	"0340340340340340340340340340340340340340340340340340340323C313FAB5058"
-	"9703B5EC68D3587FEC60D161CC149C1AD4A91", 0x2760,
-	NULL, 0,
-	"X9.62 curve over a 431 bit binary field"
+static const struct { EC_CURVE_DATA h; unsigned char data[0+54*6]; }
+	_EC_X9_62_CHAR2_431R1 = {
+	{ NID_X9_62_characteristic_two_field,0,54,0x2760 },
+	{							/* no seed */
+	  0x80,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* p */
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x01,
+	  0x1A,0x82,0x7E,0xF0,0x0D,0xD6,0xFC,0x0E,0x23,0x4C,	/* a */
+	  0xAF,0x04,0x6C,0x6A,0x5D,0x8A,0x85,0x39,0x5B,0x23,
+	  0x6C,0xC4,0xAD,0x2C,0xF3,0x2A,0x0C,0xAD,0xBD,0xC9,
+	  0xDD,0xF6,0x20,0xB0,0xEB,0x99,0x06,0xD0,0x95,0x7F,
+	  0x6C,0x6F,0xEA,0xCD,0x61,0x54,0x68,0xDF,0x10,0x4D,
+	  0xE2,0x96,0xCD,0x8F,
+	  0x10,0xD9,0xB4,0xA3,0xD9,0x04,0x7D,0x8B,0x15,0x43,	/* b */
+	  0x59,0xAB,0xFB,0x1B,0x7F,0x54,0x85,0xB0,0x4C,0xEB,
+	  0x86,0x82,0x37,0xDD,0xC9,0xDE,0xDA,0x98,0x2A,0x67,
+	  0x9A,0x5A,0x91,0x9B,0x62,0x6D,0x4E,0x50,0xA8,0xDD,
+	  0x73,0x1B,0x10,0x7A,0x99,0x62,0x38,0x1F,0xB5,0xD8,
+	  0x07,0xBF,0x26,0x18,
+	  0x12,0x0F,0xC0,0x5D,0x3C,0x67,0xA9,0x9D,0xE1,0x61,	/* x */
+	  0xD2,0xF4,0x09,0x26,0x22,0xFE,0xCA,0x70,0x1B,0xE4,
+	  0xF5,0x0F,0x47,0x58,0x71,0x4E,0x8A,0x87,0xBB,0xF2,
+	  0xA6,0x58,0xEF,0x8C,0x21,0xE7,0xC5,0xEF,0xE9,0x65,
+	  0x36,0x1F,0x6C,0x29,0x99,0xC0,0xC2,0x47,0xB0,0xDB,
+	  0xD7,0x0C,0xE6,0xB7,
+	  0x20,0xD0,0xAF,0x89,0x03,0xA9,0x6F,0x8D,0x5F,0xA2,	/* y */
+	  0xC2,0x55,0x74,0x5D,0x3C,0x45,0x1B,0x30,0x2C,0x93,
+	  0x46,0xD9,0xB7,0xE4,0x85,0xE7,0xBC,0xE4,0x1F,0x6B,
+	  0x59,0x1F,0x3E,0x8F,0x6A,0xDD,0xCB,0xB0,0xBC,0x4C,
+	  0x2F,0x94,0x7A,0x7D,0xE1,0xA8,0x9B,0x62,0x5D,0x6A,
+	  0x59,0x8B,0x37,0x60,
+	  0x00,0x03,0x40,0x34,0x03,0x40,0x34,0x03,0x40,0x34,	/* order */
+	  0x03,0x40,0x34,0x03,0x40,0x34,0x03,0x40,0x34,0x03,
+	  0x40,0x34,0x03,0x40,0x34,0x03,0x40,0x34,0x03,0x23,
+	  0xC3,0x13,0xFA,0xB5,0x05,0x89,0x70,0x3B,0x5E,0xC6,
+	  0x8D,0x35,0x87,0xFE,0xC6,0x0D,0x16,0x1C,0xC1,0x49,
+	  0xC1,0xAD,0x4A,0x91 }
 	};
 
-static const EC_CURVE_DATA _EC_WTLS_1 = {
-	NID_X9_62_characteristic_two_field,
-	"020000000000000000000000000201",
-	"1",
-	"1",
-	"01667979A40BA497E5D5C270780617",
-	"00F44B4AF1ECC2630E08785CEBCC15",
-	"00FFFFFFFFFFFFFFFDBF91AF6DEA73", 2,
-	NULL, 0,
-	"WTLS curve over a 113 bit binary field"
+static const struct { EC_CURVE_DATA h; unsigned char data[0+15*6]; }
+	_EC_WTLS_1 = {
+	{ NID_X9_62_characteristic_two_field,0,15,2 },
+	{							/* no seed */
+	  0x02,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* p */
+	  0x00,0x00,0x00,0x02,0x01,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* a */
+	  0x00,0x00,0x00,0x00,0x01,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* b */
+	  0x00,0x00,0x00,0x00,0x01,
+	  0x01,0x66,0x79,0x79,0xA4,0x0B,0xA4,0x97,0xE5,0xD5,	/* x */
+	  0xC2,0x70,0x78,0x06,0x17,
+	  0x00,0xF4,0x4B,0x4A,0xF1,0xEC,0xC2,0x63,0x0E,0x08,	/* y */
+	  0x78,0x5C,0xEB,0xCC,0x15,
+	  0x00,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFD,0xBF,	/* order */
+	  0x91,0xAF,0x6D,0xEA,0x73 }
 	};
 
 /* IPSec curves */
@@ -1001,17 +1765,27 @@ static const EC_CURVE_DATA _EC_WTLS_1 = {
  * As the group order is not a prime this curve is not suitable
  * for ECDSA.
  */
-static const EC_CURVE_DATA _EC_IPSEC_155_ID3 = {
-	NID_X9_62_characteristic_two_field,
-	"0800000000000000000000004000000000000001",
-	"0",
-	"07338f",
-	"7b",
-	"1c8",
-	"2AAAAAAAAAAAAAAAAAAC7F3C7881BD0868FA86C",3,
-	NULL, 0,
-	"\n\tIPSec/IKE/Oakley curve #3 over a 155 bit binary field.\n"
-	"\tNot suitable for ECDSA.\n\tQuestionable extension field!"
+static const struct { EC_CURVE_DATA h; unsigned char data[0+20*6]; }
+	_EC_IPSEC_155_ID3 = {
+	{ NID_X9_62_characteristic_two_field,0,20,3 },
+	{							/* no seed */
+	  0x08,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* p */
+	  0x00,0x00,0x40,0x00,0x00,0x00,0x00,0x00,0x00,0x01,
+
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* a */
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* b */
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x07,0x33,0x8f,
+
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* x */
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x7b,
+
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* y */
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,0xc8,
+
+	  0x02,0xAA,0xAA,0xAA,0xAA,0xAA,0xAA,0xAA,0xAA,0xAA,	/* order */
+	  0xC7,0xF3,0xC7,0x88,0x1B,0xD0,0x86,0x8F,0xA8,0x6C }
 	};
 
 /* NOTE: The of curves over a extension field of non prime degree
@@ -1019,105 +1793,118 @@ static const EC_CURVE_DATA _EC_IPSEC_155_ID3 = {
  * As the group order is not a prime this curve is not suitable
  * for ECDSA.
  */
-static const EC_CURVE_DATA _EC_IPSEC_185_ID4 = {
-	NID_X9_62_characteristic_two_field,
-	"020000000000000000000000000000200000000000000001",
-	"0",
-	"1ee9",
-	"18",
-	"0d",
-	"FFFFFFFFFFFFFFFFFFFFFFEDF97C44DB9F2420BAFCA75E",2,
-	NULL, 0,
-	"\n\tIPSec/IKE/Oakley curve #4 over a 185 bit binary field.\n"
-	"\tNot suitable for ECDSA.\n\tQuestionable extension field!"
+static const struct { EC_CURVE_DATA h; unsigned char data[0+24*6]; }
+	_EC_IPSEC_185_ID4 = {
+	{ NID_X9_62_characteristic_two_field,0,24,2 },
+	{							/* no seed */
+	  0x02,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* p */
+	  0x00,0x00,0x00,0x00,0x00,0x20,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x01,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* a */
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* b */
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x1e,0xe9,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* x */
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x18,
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,	/* y */
+	  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	  0x00,0x00,0x00,0x0d,
+	  0x00,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,	/* order */
+	  0xFF,0xFF,0xED,0xF9,0x7C,0x44,0xDB,0x9F,0x24,0x20,
+	  0xBA,0xFC,0xA7,0x5E }
 	};
 
 typedef struct _ec_list_element_st {
 	int	nid;
 	const EC_CURVE_DATA *data;
+	const char *comment;
 	} ec_list_element;
 
 static const ec_list_element curve_list[] = {
 	/* prime field curves */	
 	/* secg curves */
-	{ NID_secp112r1, &_EC_SECG_PRIME_112R1},
-	{ NID_secp112r2, &_EC_SECG_PRIME_112R2},
-	{ NID_secp128r1, &_EC_SECG_PRIME_128R1},
-	{ NID_secp128r2, &_EC_SECG_PRIME_128R2},
-	{ NID_secp160k1, &_EC_SECG_PRIME_160K1},
-	{ NID_secp160r1, &_EC_SECG_PRIME_160R1},
-	{ NID_secp160r2, &_EC_SECG_PRIME_160R2},
+	{ NID_secp112r1, &_EC_SECG_PRIME_112R1.h, "SECG/WTLS curve over a 112 bit prime field"},
+	{ NID_secp112r2, &_EC_SECG_PRIME_112R2.h, "SECG curve over a 112 bit prime field"},
+	{ NID_secp128r1, &_EC_SECG_PRIME_128R1.h, "SECG curve over a 128 bit prime field"},
+	{ NID_secp128r2, &_EC_SECG_PRIME_128R2.h, "SECG curve over a 128 bit prime field"},
+	{ NID_secp160k1, &_EC_SECG_PRIME_160K1.h, "SECG curve over a 160 bit prime field"},
+	{ NID_secp160r1, &_EC_SECG_PRIME_160R1.h, "SECG curve over a 160 bit prime field"},
+	{ NID_secp160r2, &_EC_SECG_PRIME_160R2.h, "SECG/WTLS curve over a 160 bit prime field"},
 	/* SECG secp192r1 is the same as X9.62 prime192v1 and hence omitted */
-	{ NID_secp192k1, &_EC_SECG_PRIME_192K1},
-	{ NID_secp224k1, &_EC_SECG_PRIME_224K1},
-	{ NID_secp224r1, &_EC_NIST_PRIME_224},
-	{ NID_secp256k1, &_EC_SECG_PRIME_256K1},
+	{ NID_secp192k1, &_EC_SECG_PRIME_192K1.h, "SECG curve over a 192 bit prime field"},
+	{ NID_secp224k1, &_EC_SECG_PRIME_224K1.h, "SECG curve over a 224 bit prime field"},
+	{ NID_secp224r1, &_EC_NIST_PRIME_224.h,   "NIST/SECG curve over a 224 bit prime field"},
+	{ NID_secp256k1, &_EC_SECG_PRIME_256K1.h, "SECG curve over a 256 bit prime field"},
 	/* SECG secp256r1 is the same as X9.62 prime256v1 and hence omitted */
-	{ NID_secp384r1, &_EC_NIST_PRIME_384},
-	{ NID_secp521r1, &_EC_NIST_PRIME_521},
+	{ NID_secp384r1, &_EC_NIST_PRIME_384.h, "NIST/SECG curve over a 384 bit prime field"},
+	{ NID_secp521r1, &_EC_NIST_PRIME_521.h, "NIST/SECG curve over a 521 bit prime field"},
 	/* X9.62 curves */
-	{ NID_X9_62_prime192v1, &_EC_NIST_PRIME_192},
-	{ NID_X9_62_prime192v2, &_EC_X9_62_PRIME_192V2},
-	{ NID_X9_62_prime192v3, &_EC_X9_62_PRIME_192V3},
-	{ NID_X9_62_prime239v1, &_EC_X9_62_PRIME_239V1},
-	{ NID_X9_62_prime239v2, &_EC_X9_62_PRIME_239V2},
-	{ NID_X9_62_prime239v3, &_EC_X9_62_PRIME_239V3},
-	{ NID_X9_62_prime256v1, &_EC_X9_62_PRIME_256V1},
+	{ NID_X9_62_prime192v1, &_EC_NIST_PRIME_192.h, "NIST/X9.62/SECG curve over a 192 bit prime field"},
+	{ NID_X9_62_prime192v2, &_EC_X9_62_PRIME_192V2.h, "X9.62 curve over a 192 bit prime field"},
+	{ NID_X9_62_prime192v3, &_EC_X9_62_PRIME_192V3.h, "X9.62 curve over a 192 bit prime field"},
+	{ NID_X9_62_prime239v1, &_EC_X9_62_PRIME_239V1.h, "X9.62 curve over a 239 bit prime field"},
+	{ NID_X9_62_prime239v2, &_EC_X9_62_PRIME_239V2.h, "X9.62 curve over a 239 bit prime field"},
+	{ NID_X9_62_prime239v3, &_EC_X9_62_PRIME_239V3.h, "X9.62 curve over a 239 bit prime field"},
+	{ NID_X9_62_prime256v1, &_EC_X9_62_PRIME_256V1.h, "X9.62/SECG curve over a 256 bit prime field"},
 	/* characteristic two field curves */
 	/* NIST/SECG curves */
-	{ NID_sect113r1, &_EC_SECG_CHAR2_113R1},
-	{ NID_sect113r2, &_EC_SECG_CHAR2_113R2},
-	{ NID_sect131r1, &_EC_SECG_CHAR2_131R1},
-	{ NID_sect131r2, &_EC_SECG_CHAR2_131R2},
-	{ NID_sect163k1, &_EC_NIST_CHAR2_163K },
-	{ NID_sect163r1, &_EC_SECG_CHAR2_163R1},
-	{ NID_sect163r2, &_EC_NIST_CHAR2_163B },
-	{ NID_sect193r1, &_EC_SECG_CHAR2_193R1},
-	{ NID_sect193r2, &_EC_SECG_CHAR2_193R2},
-	{ NID_sect233k1, &_EC_NIST_CHAR2_233K },
-	{ NID_sect233r1, &_EC_NIST_CHAR2_233B },
-	{ NID_sect239k1, &_EC_SECG_CHAR2_239K1},
-	{ NID_sect283k1, &_EC_NIST_CHAR2_283K },
-	{ NID_sect283r1, &_EC_NIST_CHAR2_283B },
-	{ NID_sect409k1, &_EC_NIST_CHAR2_409K },
-	{ NID_sect409r1, &_EC_NIST_CHAR2_409B },
-	{ NID_sect571k1, &_EC_NIST_CHAR2_571K },
-	{ NID_sect571r1, &_EC_NIST_CHAR2_571B },
+	{ NID_sect113r1, &_EC_SECG_CHAR2_113R1.h, "SECG curve over a 113 bit binary field"},
+	{ NID_sect113r2, &_EC_SECG_CHAR2_113R2.h, "SECG curve over a 113 bit binary field"},
+	{ NID_sect131r1, &_EC_SECG_CHAR2_131R1.h, "SECG/WTLS curve over a 131 bit binary field"},
+	{ NID_sect131r2, &_EC_SECG_CHAR2_131R2.h, "SECG curve over a 131 bit binary field"},
+	{ NID_sect163k1, &_EC_NIST_CHAR2_163K.h,  "NIST/SECG/WTLS curve over a 163 bit binary field" },
+	{ NID_sect163r1, &_EC_SECG_CHAR2_163R1.h, "SECG curve over a 163 bit binary field"},
+	{ NID_sect163r2, &_EC_NIST_CHAR2_163B.h,  "NIST/SECG curve over a 163 bit binary field" },
+	{ NID_sect193r1, &_EC_SECG_CHAR2_193R1.h, "SECG curve over a 193 bit binary field"},
+	{ NID_sect193r2, &_EC_SECG_CHAR2_193R2.h, "SECG curve over a 193 bit binary field"},
+	{ NID_sect233k1, &_EC_NIST_CHAR2_233K.h,  "NIST/SECG/WTLS curve over a 233 bit binary field" },
+	{ NID_sect233r1, &_EC_NIST_CHAR2_233B.h,  "NIST/SECG/WTLS curve over a 233 bit binary field" },
+	{ NID_sect239k1, &_EC_SECG_CHAR2_239K1.h, "SECG curve over a 239 bit binary field"},
+	{ NID_sect283k1, &_EC_NIST_CHAR2_283K.h,  "NIST/SECG curve over a 283 bit binary field" },
+	{ NID_sect283r1, &_EC_NIST_CHAR2_283B.h,  "NIST/SECG curve over a 283 bit binary field" },
+	{ NID_sect409k1, &_EC_NIST_CHAR2_409K.h,  "NIST/SECG curve over a 409 bit binary field" },
+	{ NID_sect409r1, &_EC_NIST_CHAR2_409B.h,  "NIST/SECG curve over a 409 bit binary field" },
+	{ NID_sect571k1, &_EC_NIST_CHAR2_571K.h,  "NIST/SECG curve over a 571 bit binary field" },
+	{ NID_sect571r1, &_EC_NIST_CHAR2_571B.h,  "NIST/SECG curve over a 571 bit binary field" },
 	/* X9.62 curves */
-	{ NID_X9_62_c2pnb163v1, &_EC_X9_62_CHAR2_163V1},
-	{ NID_X9_62_c2pnb163v2, &_EC_X9_62_CHAR2_163V2},
-	{ NID_X9_62_c2pnb163v3, &_EC_X9_62_CHAR2_163V3},
-	{ NID_X9_62_c2pnb176v1, &_EC_X9_62_CHAR2_176V1},
-	{ NID_X9_62_c2tnb191v1, &_EC_X9_62_CHAR2_191V1},
-	{ NID_X9_62_c2tnb191v2, &_EC_X9_62_CHAR2_191V2},
-	{ NID_X9_62_c2tnb191v3, &_EC_X9_62_CHAR2_191V3},
-	{ NID_X9_62_c2pnb208w1, &_EC_X9_62_CHAR2_208W1},
-	{ NID_X9_62_c2tnb239v1, &_EC_X9_62_CHAR2_239V1},
-	{ NID_X9_62_c2tnb239v2, &_EC_X9_62_CHAR2_239V2},
-	{ NID_X9_62_c2tnb239v3, &_EC_X9_62_CHAR2_239V3},
-	{ NID_X9_62_c2pnb272w1, &_EC_X9_62_CHAR2_272W1},
-	{ NID_X9_62_c2pnb304w1, &_EC_X9_62_CHAR2_304W1},
-	{ NID_X9_62_c2tnb359v1, &_EC_X9_62_CHAR2_359V1},
-	{ NID_X9_62_c2pnb368w1, &_EC_X9_62_CHAR2_368W1},
-	{ NID_X9_62_c2tnb431r1, &_EC_X9_62_CHAR2_431R1},
-	/* the WAP/WTLS curves */
-	{ NID_wap_wsg_idm_ecid_wtls1, &_EC_WTLS_1},
-	{ NID_wap_wsg_idm_ecid_wtls3, &_EC_NIST_CHAR2_163K},
-	{ NID_wap_wsg_idm_ecid_wtls4, &_EC_SECG_CHAR2_113R1},
-	{ NID_wap_wsg_idm_ecid_wtls5, &_EC_X9_62_CHAR2_163V1},
-	{ NID_wap_wsg_idm_ecid_wtls6, &_EC_SECG_PRIME_112R1},
-	{ NID_wap_wsg_idm_ecid_wtls7, &_EC_SECG_PRIME_160R2},
-	{ NID_wap_wsg_idm_ecid_wtls8, &_EC_WTLS_8},
-	{ NID_wap_wsg_idm_ecid_wtls9, &_EC_WTLS_9 },
-	{ NID_wap_wsg_idm_ecid_wtls10, &_EC_NIST_CHAR2_233K},
-	{ NID_wap_wsg_idm_ecid_wtls11, &_EC_NIST_CHAR2_233B},
-	{ NID_wap_wsg_idm_ecid_wtls12, &_EC_WTLS_12},
+	{ NID_X9_62_c2pnb163v1, &_EC_X9_62_CHAR2_163V1.h, "X9.62 curve over a 163 bit binary field"},
+	{ NID_X9_62_c2pnb163v2, &_EC_X9_62_CHAR2_163V2.h, "X9.62 curve over a 163 bit binary field"},
+	{ NID_X9_62_c2pnb163v3, &_EC_X9_62_CHAR2_163V3.h, "X9.62 curve over a 163 bit binary field"},
+	{ NID_X9_62_c2pnb176v1, &_EC_X9_62_CHAR2_176V1.h, "X9.62 curve over a 176 bit binary field"},
+	{ NID_X9_62_c2tnb191v1, &_EC_X9_62_CHAR2_191V1.h, "X9.62 curve over a 191 bit binary field"},
+	{ NID_X9_62_c2tnb191v2, &_EC_X9_62_CHAR2_191V2.h, "X9.62 curve over a 191 bit binary field"},
+	{ NID_X9_62_c2tnb191v3, &_EC_X9_62_CHAR2_191V3.h, "X9.62 curve over a 191 bit binary field"},
+	{ NID_X9_62_c2pnb208w1, &_EC_X9_62_CHAR2_208W1.h, "X9.62 curve over a 208 bit binary field"},
+	{ NID_X9_62_c2tnb239v1, &_EC_X9_62_CHAR2_239V1.h, "X9.62 curve over a 239 bit binary field"},
+	{ NID_X9_62_c2tnb239v2, &_EC_X9_62_CHAR2_239V2.h, "X9.62 curve over a 239 bit binary field"},
+	{ NID_X9_62_c2tnb239v3, &_EC_X9_62_CHAR2_239V3.h, "X9.62 curve over a 239 bit binary field"},
+	{ NID_X9_62_c2pnb272w1, &_EC_X9_62_CHAR2_272W1.h, "X9.62 curve over a 272 bit binary field"},
+	{ NID_X9_62_c2pnb304w1, &_EC_X9_62_CHAR2_304W1.h, "X9.62 curve over a 304 bit binary field"},
+	{ NID_X9_62_c2tnb359v1, &_EC_X9_62_CHAR2_359V1.h, "X9.62 curve over a 359 bit binary field"},
+	{ NID_X9_62_c2pnb368w1, &_EC_X9_62_CHAR2_368W1.h, "X9.62 curve over a 368 bit binary field"},
+	{ NID_X9_62_c2tnb431r1, &_EC_X9_62_CHAR2_431R1.h, "X9.62 curve over a 431 bit binary field"},
+	/* the WAP/WTLS curves
+	 * [unlike SECG, spec has its own OIDs for curves from X9.62] */
+	{ NID_wap_wsg_idm_ecid_wtls1, &_EC_WTLS_1.h, "WTLS curve over a 113 bit binary field"},
+	{ NID_wap_wsg_idm_ecid_wtls3, &_EC_NIST_CHAR2_163K.h,   "NIST/SECG/WTLS curve over a 163 bit binary field"},
+	{ NID_wap_wsg_idm_ecid_wtls4, &_EC_SECG_CHAR2_113R1.h,  "SECG curve over a 113 bit binary field"},
+	{ NID_wap_wsg_idm_ecid_wtls5, &_EC_X9_62_CHAR2_163V1.h, "X9.62 curve over a 163 bit binary field"},
+	{ NID_wap_wsg_idm_ecid_wtls6, &_EC_SECG_PRIME_112R1.h,  "SECG/WTLS curve over a 112 bit prime field"},
+	{ NID_wap_wsg_idm_ecid_wtls7, &_EC_SECG_PRIME_160R2.h,  "SECG/WTLS curve over a 160 bit prime field"},
+	{ NID_wap_wsg_idm_ecid_wtls8, &_EC_WTLS_8.h, "WTLS curve over a 112 bit prime field"},
+	{ NID_wap_wsg_idm_ecid_wtls9, &_EC_WTLS_9.h, "WTLS curve over a 160 bit prime field" },
+	{ NID_wap_wsg_idm_ecid_wtls10, &_EC_NIST_CHAR2_233K.h, "NIST/SECG/WTLS curve over a 233 bit binary field"},
+	{ NID_wap_wsg_idm_ecid_wtls11, &_EC_NIST_CHAR2_233B.h, "NIST/SECG/WTLS curve over a 233 bit binary field"},
+	{ NID_wap_wsg_idm_ecid_wtls12, &_EC_WTLS_12.h, "WTLS curvs over a 224 bit prime field"},
 	/* IPSec curves */
-	{ NID_ipsec3, &_EC_IPSEC_155_ID3},
-	{ NID_ipsec4, &_EC_IPSEC_185_ID4},
+	{ NID_ipsec3, &_EC_IPSEC_155_ID3.h, "\n\tIPSec/IKE/Oakley curve #3 over a 155 bit binary field.\n""\tNot suitable for ECDSA.\n\tQuestionable extension field!"},
+	{ NID_ipsec4, &_EC_IPSEC_185_ID4.h, "\n\tIPSec/IKE/Oakley curve #4 over a 185 bit binary field.\n""\tNot suitable for ECDSA.\n\tQuestionable extension field!"},
 };
 
-static size_t curve_list_length = sizeof(curve_list)/sizeof(ec_list_element);
+#define curve_list_length (sizeof(curve_list)/sizeof(ec_list_element))
 
 static EC_GROUP *ec_group_new_from_data(const EC_CURVE_DATA *data)
 	{
@@ -1126,22 +1913,23 @@ static EC_GROUP *ec_group_new_from_data(const EC_CURVE_DATA *data)
 	BN_CTX	 *ctx=NULL;
 	BIGNUM 	 *p=NULL, *a=NULL, *b=NULL, *x=NULL, *y=NULL, *order=NULL;
 	int	 ok=0;
+	int	 seed_len,param_len;
+	const unsigned char *params;
 
 	if ((ctx = BN_CTX_new()) == NULL)
 		{
 		ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_MALLOC_FAILURE);
 		goto err;
 		}
-	if ((p = BN_new()) == NULL || (a = BN_new()) == NULL || 
-		(b = BN_new()) == NULL || (x = BN_new()) == NULL ||
-		(y = BN_new()) == NULL || (order = BN_new()) == NULL)
-		{
-		ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_MALLOC_FAILURE);
-		goto err;
-		}
-	
-	if (!BN_hex2bn(&p, data->p) || !BN_hex2bn(&a, data->a)
-		|| !BN_hex2bn(&b, data->b))
+
+	seed_len  = data->seed_len;
+	param_len = data->param_len;
+	params    = (const unsigned char *)(data+1);	/* skip header */
+	params   += seed_len;				/* skip seed   */
+
+	if (!(p = BN_bin2bn(params+0*param_len, param_len, NULL))
+		|| !(a = BN_bin2bn(params+1*param_len, param_len, NULL))
+		|| !(b = BN_bin2bn(params+2*param_len, param_len, NULL)))
 		{
 		ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_BN_LIB);
 		goto err;
@@ -1155,8 +1943,8 @@ static EC_GROUP *ec_group_new_from_data(const EC_CURVE_DATA *data)
 			goto err;
 			}
 		}
-		else
-		{ /* field_type == NID_X9_62_characteristic_two_field */
+	else	/* field_type == NID_X9_62_characteristic_two_field */
+		{
 		if ((group = EC_GROUP_new_curve_GF2m(p, a, b, ctx)) == NULL)
 			{
 			ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB);
@@ -1170,7 +1958,8 @@ static EC_GROUP *ec_group_new_from_data(const EC_CURVE_DATA *data)
 		goto err;
 		}
 	
-	if (!BN_hex2bn(&x, data->x) || !BN_hex2bn(&y, data->y))
+	if (!(x = BN_bin2bn(params+3*param_len, param_len, NULL))
+		|| !(y = BN_bin2bn(params+4*param_len, param_len, NULL)))
 		{
 		ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_BN_LIB);
 		goto err;
@@ -1180,7 +1969,8 @@ static EC_GROUP *ec_group_new_from_data(const EC_CURVE_DATA *data)
 		ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB);
 		goto err;
 		}
-	if (!BN_hex2bn(&order, data->order) || !BN_set_word(x, data->cofactor))
+	if (!(order = BN_bin2bn(params+5*param_len, param_len, NULL))
+		|| !BN_set_word(x, (BN_ULONG)data->cofactor))
 		{
 		ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_BN_LIB);
 		goto err;
@@ -1190,9 +1980,9 @@ static EC_GROUP *ec_group_new_from_data(const EC_CURVE_DATA *data)
 		ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB);
 		goto err;
 		}
-	if (data->seed)
+	if (seed_len)
 		{
-		if (!EC_GROUP_set_seed(group, data->seed, data->seed_len))
+		if (!EC_GROUP_set_seed(group, params-seed_len, seed_len))
 			{
 			ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB);
 			goto err;
@@ -1224,7 +2014,7 @@ err:
 	return group;
 	}
 
-EC_GROUP *EC_GROUP_new_by_nid(int nid)
+EC_GROUP *EC_GROUP_new_by_curve_name(int nid)
 	{
 	size_t i;
 	EC_GROUP *ret = NULL;
@@ -1241,11 +2031,11 @@ EC_GROUP *EC_GROUP_new_by_nid(int nid)
 
 	if (ret == NULL)
 		{
-		ECerr(EC_F_EC_GROUP_NEW_BY_NID, EC_R_UNKNOWN_GROUP);
+		ECerr(EC_F_EC_GROUP_NEW_BY_CURVE_NAME, EC_R_UNKNOWN_GROUP);
 		return NULL;
 		}
 
-	EC_GROUP_set_nid(ret, nid);
+	EC_GROUP_set_curve_name(ret, nid);
 
 	return ret;
 	}
@@ -1262,7 +2052,7 @@ size_t EC_get_builtin_curves(EC_builtin_curve *r, size_t nitems)
 	for (i = 0; i < min; i++)
 		{
 		r[i].nid = curve_list[i].nid;
-		r[i].comment = curve_list[i].data->comment;
+		r[i].comment = curve_list[i].comment;
 		}
 
 	return curve_list_length;
diff --git a/crypto/ec/ec_err.c b/crypto/ec/ec_err.c
index d74ddace58..84b4833371 100644
--- a/crypto/ec/ec_err.c
+++ b/crypto/ec/ec_err.c
@@ -1,6 +1,6 @@
 /* crypto/ec/ec_err.c */
 /* ====================================================================
- * Copyright (c) 1999-2003 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2007 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -64,152 +64,182 @@
 
 /* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
+
+#define ERR_FUNC(func) ERR_PACK(ERR_LIB_EC,func,0)
+#define ERR_REASON(reason) ERR_PACK(ERR_LIB_EC,0,reason)
+
 static ERR_STRING_DATA EC_str_functs[]=
 	{
-{ERR_PACK(0,EC_F_COMPUTE_WNAF,0),	"COMPUTE_WNAF"},
-{ERR_PACK(0,EC_F_D2I_ECPARAMETERS,0),	"d2i_ECParameters"},
-{ERR_PACK(0,EC_F_D2I_ECPKPARAMETERS,0),	"d2i_ECPKParameters"},
-{ERR_PACK(0,EC_F_D2I_ECPRIVATEKEY,0),	"d2i_ECPrivateKey"},
-{ERR_PACK(0,EC_F_ECPARAMETERS_PRINT,0),	"ECParameters_print"},
-{ERR_PACK(0,EC_F_ECPARAMETERS_PRINT_FP,0),	"ECParameters_print_fp"},
-{ERR_PACK(0,EC_F_ECPKPARAMETERS_PRINT,0),	"ECPKParameters_print"},
-{ERR_PACK(0,EC_F_ECPKPARAMETERS_PRINT_FP,0),	"ECPKParameters_print_fp"},
-{ERR_PACK(0,EC_F_ECP_NIST_MOD_192,0),	"ECP_NIST_MOD_192"},
-{ERR_PACK(0,EC_F_ECP_NIST_MOD_224,0),	"ECP_NIST_MOD_224"},
-{ERR_PACK(0,EC_F_ECP_NIST_MOD_256,0),	"ECP_NIST_MOD_256"},
-{ERR_PACK(0,EC_F_ECP_NIST_MOD_521,0),	"ECP_NIST_MOD_521"},
-{ERR_PACK(0,EC_F_EC_ASN1_GROUP2CURVE,0),	"EC_ASN1_GROUP2CURVE"},
-{ERR_PACK(0,EC_F_EC_ASN1_GROUP2FIELDID,0),	"EC_ASN1_GROUP2FIELDID"},
-{ERR_PACK(0,EC_F_EC_ASN1_GROUP2PARAMETERS,0),	"EC_ASN1_GROUP2PARAMETERS"},
-{ERR_PACK(0,EC_F_EC_ASN1_GROUP2PKPARAMETERS,0),	"EC_ASN1_GROUP2PKPARAMETERS"},
-{ERR_PACK(0,EC_F_EC_ASN1_PARAMETERS2GROUP,0),	"EC_ASN1_PARAMETERS2GROUP"},
-{ERR_PACK(0,EC_F_EC_ASN1_PKPARAMETERS2GROUP,0),	"EC_ASN1_PKPARAMETERS2GROUP"},
-{ERR_PACK(0,EC_F_EC_GF2M_SIMPLE_GROUP_CHECK_DISCRIMINANT,0),	"ec_GF2m_simple_group_check_discriminant"},
-{ERR_PACK(0,EC_F_EC_GF2M_SIMPLE_GROUP_SET_CURVE,0),	"ec_GF2m_simple_group_set_curve"},
-{ERR_PACK(0,EC_F_EC_GF2M_SIMPLE_OCT2POINT,0),	"ec_GF2m_simple_oct2point"},
-{ERR_PACK(0,EC_F_EC_GF2M_SIMPLE_POINT2OCT,0),	"ec_GF2m_simple_point2oct"},
-{ERR_PACK(0,EC_F_EC_GF2M_SIMPLE_POINT_GET_AFFINE_COORDINATES,0),	"ec_GF2m_simple_point_get_affine_coordinates"},
-{ERR_PACK(0,EC_F_EC_GF2M_SIMPLE_POINT_SET_AFFINE_COORDINATES,0),	"ec_GF2m_simple_point_set_affine_coordinates"},
-{ERR_PACK(0,EC_F_EC_GF2M_SIMPLE_SET_COMPRESSED_COORDINATES,0),	"ec_GF2m_simple_set_compressed_coordinates"},
-{ERR_PACK(0,EC_F_EC_GFP_MONT_FIELD_DECODE,0),	"ec_GFp_mont_field_decode"},
-{ERR_PACK(0,EC_F_EC_GFP_MONT_FIELD_ENCODE,0),	"ec_GFp_mont_field_encode"},
-{ERR_PACK(0,EC_F_EC_GFP_MONT_FIELD_MUL,0),	"ec_GFp_mont_field_mul"},
-{ERR_PACK(0,EC_F_EC_GFP_MONT_FIELD_SQR,0),	"ec_GFp_mont_field_sqr"},
-{ERR_PACK(0,EC_F_EC_GFP_NIST_FIELD_MUL,0),	"ec_GFp_nist_field_mul"},
-{ERR_PACK(0,EC_F_EC_GFP_NIST_FIELD_SQR,0),	"ec_GFp_nist_field_sqr"},
-{ERR_PACK(0,EC_F_EC_GFP_NIST_GROUP_SET_CURVE_GFP,0),	"EC_GFP_NIST_GROUP_SET_CURVE_GFP"},
-{ERR_PACK(0,EC_F_EC_GFP_SIMPLE_GROUP_CHECK_DISCRIMINANT,0),	"ec_GFp_simple_group_check_discriminant"},
-{ERR_PACK(0,EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE,0),	"ec_GFp_simple_group_set_curve"},
-{ERR_PACK(0,EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE_GFP,0),	"EC_GFP_SIMPLE_GROUP_SET_CURVE_GFP"},
-{ERR_PACK(0,EC_F_EC_GFP_SIMPLE_GROUP_SET_GENERATOR,0),	"EC_GFP_SIMPLE_GROUP_SET_GENERATOR"},
-{ERR_PACK(0,EC_F_EC_GFP_SIMPLE_MAKE_AFFINE,0),	"ec_GFp_simple_make_affine"},
-{ERR_PACK(0,EC_F_EC_GFP_SIMPLE_OCT2POINT,0),	"ec_GFp_simple_oct2point"},
-{ERR_PACK(0,EC_F_EC_GFP_SIMPLE_POINT2OCT,0),	"ec_GFp_simple_point2oct"},
-{ERR_PACK(0,EC_F_EC_GFP_SIMPLE_POINTS_MAKE_AFFINE,0),	"ec_GFp_simple_points_make_affine"},
-{ERR_PACK(0,EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES,0),	"ec_GFp_simple_point_get_affine_coordinates"},
-{ERR_PACK(0,EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES_GFP,0),	"EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES_GFP"},
-{ERR_PACK(0,EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES,0),	"ec_GFp_simple_point_set_affine_coordinates"},
-{ERR_PACK(0,EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES_GFP,0),	"EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES_GFP"},
-{ERR_PACK(0,EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES,0),	"ec_GFp_simple_set_compressed_coordinates"},
-{ERR_PACK(0,EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES_GFP,0),	"EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES_GFP"},
-{ERR_PACK(0,EC_F_EC_GROUP_CHECK,0),	"EC_GROUP_check"},
-{ERR_PACK(0,EC_F_EC_GROUP_CHECK_DISCRIMINANT,0),	"EC_GROUP_check_discriminant"},
-{ERR_PACK(0,EC_F_EC_GROUP_COPY,0),	"EC_GROUP_copy"},
-{ERR_PACK(0,EC_F_EC_GROUP_GET0_GENERATOR,0),	"EC_GROUP_get0_generator"},
-{ERR_PACK(0,EC_F_EC_GROUP_GET_COFACTOR,0),	"EC_GROUP_get_cofactor"},
-{ERR_PACK(0,EC_F_EC_GROUP_GET_CURVE_GF2M,0),	"EC_GROUP_get_curve_GF2m"},
-{ERR_PACK(0,EC_F_EC_GROUP_GET_CURVE_GFP,0),	"EC_GROUP_get_curve_GFp"},
-{ERR_PACK(0,EC_F_EC_GROUP_GET_DEGREE,0),	"EC_GROUP_get_degree"},
-{ERR_PACK(0,EC_F_EC_GROUP_GET_ORDER,0),	"EC_GROUP_get_order"},
-{ERR_PACK(0,EC_F_EC_GROUP_GET_PENTANOMIAL_BASIS,0),	"EC_GROUP_get_pentanomial_basis"},
-{ERR_PACK(0,EC_F_EC_GROUP_GET_TRINOMIAL_BASIS,0),	"EC_GROUP_get_trinomial_basis"},
-{ERR_PACK(0,EC_F_EC_GROUP_GROUP2NID,0),	"EC_GROUP_GROUP2NID"},
-{ERR_PACK(0,EC_F_EC_GROUP_NEW,0),	"EC_GROUP_new"},
-{ERR_PACK(0,EC_F_EC_GROUP_NEW_BY_NID,0),	"EC_GROUP_new_by_nid"},
-{ERR_PACK(0,EC_F_EC_GROUP_NEW_FROM_DATA,0),	"EC_GROUP_NEW_FROM_DATA"},
-{ERR_PACK(0,EC_F_EC_GROUP_PRECOMPUTE_MULT,0),	"EC_GROUP_precompute_mult"},
-{ERR_PACK(0,EC_F_EC_GROUP_SET_CURVE_GF2M,0),	"EC_GROUP_set_curve_GF2m"},
-{ERR_PACK(0,EC_F_EC_GROUP_SET_CURVE_GFP,0),	"EC_GROUP_set_curve_GFp"},
-{ERR_PACK(0,EC_F_EC_GROUP_SET_EXTRA_DATA,0),	"EC_GROUP_set_extra_data"},
-{ERR_PACK(0,EC_F_EC_GROUP_SET_GENERATOR,0),	"EC_GROUP_set_generator"},
-{ERR_PACK(0,EC_F_EC_KEY_CHECK_KEY,0),	"EC_KEY_check_key"},
-{ERR_PACK(0,EC_F_EC_KEY_COPY,0),	"EC_KEY_copy"},
-{ERR_PACK(0,EC_F_EC_KEY_GENERATE_KEY,0),	"EC_KEY_generate_key"},
-{ERR_PACK(0,EC_F_EC_KEY_PRINT,0),	"EC_KEY_print"},
-{ERR_PACK(0,EC_F_EC_KEY_PRINT_FP,0),	"EC_KEY_print_fp"},
-{ERR_PACK(0,EC_F_EC_NEW,0),	"EC_NEW"},
-{ERR_PACK(0,EC_F_EC_POINTS_MAKE_AFFINE,0),	"EC_POINTs_make_affine"},
-{ERR_PACK(0,EC_F_EC_POINTS_MUL,0),	"EC_POINTs_mul"},
-{ERR_PACK(0,EC_F_EC_POINT_ADD,0),	"EC_POINT_add"},
-{ERR_PACK(0,EC_F_EC_POINT_CMP,0),	"EC_POINT_cmp"},
-{ERR_PACK(0,EC_F_EC_POINT_COPY,0),	"EC_POINT_copy"},
-{ERR_PACK(0,EC_F_EC_POINT_DBL,0),	"EC_POINT_dbl"},
-{ERR_PACK(0,EC_F_EC_POINT_GET_AFFINE_COORDINATES_GF2M,0),	"EC_POINT_get_affine_coordinates_GF2m"},
-{ERR_PACK(0,EC_F_EC_POINT_GET_AFFINE_COORDINATES_GFP,0),	"EC_POINT_get_affine_coordinates_GFp"},
-{ERR_PACK(0,EC_F_EC_POINT_GET_JPROJECTIVE_COORDINATES_GFP,0),	"EC_POINT_get_Jprojective_coordinates_GFp"},
-{ERR_PACK(0,EC_F_EC_POINT_IS_AT_INFINITY,0),	"EC_POINT_is_at_infinity"},
-{ERR_PACK(0,EC_F_EC_POINT_IS_ON_CURVE,0),	"EC_POINT_is_on_curve"},
-{ERR_PACK(0,EC_F_EC_POINT_MAKE_AFFINE,0),	"EC_POINT_make_affine"},
-{ERR_PACK(0,EC_F_EC_POINT_MUL,0),	"EC_POINT_mul"},
-{ERR_PACK(0,EC_F_EC_POINT_NEW,0),	"EC_POINT_new"},
-{ERR_PACK(0,EC_F_EC_POINT_OCT2POINT,0),	"EC_POINT_oct2point"},
-{ERR_PACK(0,EC_F_EC_POINT_POINT2OCT,0),	"EC_POINT_point2oct"},
-{ERR_PACK(0,EC_F_EC_POINT_SET_AFFINE_COORDINATES_GF2M,0),	"EC_POINT_set_affine_coordinates_GF2m"},
-{ERR_PACK(0,EC_F_EC_POINT_SET_AFFINE_COORDINATES_GFP,0),	"EC_POINT_set_affine_coordinates_GFp"},
-{ERR_PACK(0,EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GF2M,0),	"EC_POINT_set_compressed_coordinates_GF2m"},
-{ERR_PACK(0,EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GFP,0),	"EC_POINT_set_compressed_coordinates_GFp"},
-{ERR_PACK(0,EC_F_EC_POINT_SET_JPROJECTIVE_COORDINATES_GFP,0),	"EC_POINT_set_Jprojective_coordinates_GFp"},
-{ERR_PACK(0,EC_F_EC_POINT_SET_TO_INFINITY,0),	"EC_POINT_set_to_infinity"},
-{ERR_PACK(0,EC_F_EC_PRE_COMP_DUP,0),	"EC_PRE_COMP_DUP"},
-{ERR_PACK(0,EC_F_EC_WNAF_MUL,0),	"ec_wNAF_mul"},
-{ERR_PACK(0,EC_F_EC_WNAF_PRECOMPUTE_MULT,0),	"ec_wNAF_precompute_mult"},
-{ERR_PACK(0,EC_F_GFP_MONT_GROUP_SET_CURVE,0),	"GFP_MONT_GROUP_SET_CURVE"},
-{ERR_PACK(0,EC_F_GFP_MONT_GROUP_SET_CURVE_GFP,0),	"GFP_MONT_GROUP_SET_CURVE_GFP"},
-{ERR_PACK(0,EC_F_I2D_ECPARAMETERS,0),	"i2d_ECParameters"},
-{ERR_PACK(0,EC_F_I2D_ECPKPARAMETERS,0),	"i2d_ECPKParameters"},
-{ERR_PACK(0,EC_F_I2D_ECPRIVATEKEY,0),	"i2d_ECPrivateKey"},
-{ERR_PACK(0,EC_F_I2O_ECPUBLICKEY,0),	"i2o_ECPublicKey"},
-{ERR_PACK(0,EC_F_O2I_ECPUBLICKEY,0),	"o2i_ECPublicKey"},
+{ERR_FUNC(EC_F_COMPUTE_WNAF),	"COMPUTE_WNAF"},
+{ERR_FUNC(EC_F_D2I_ECPARAMETERS),	"d2i_ECParameters"},
+{ERR_FUNC(EC_F_D2I_ECPKPARAMETERS),	"d2i_ECPKParameters"},
+{ERR_FUNC(EC_F_D2I_ECPRIVATEKEY),	"d2i_ECPrivateKey"},
+{ERR_FUNC(EC_F_DO_EC_KEY_PRINT),	"DO_EC_KEY_PRINT"},
+{ERR_FUNC(EC_F_ECKEY_PARAM2TYPE),	"ECKEY_PARAM2TYPE"},
+{ERR_FUNC(EC_F_ECKEY_PARAM_DECODE),	"ECKEY_PARAM_DECODE"},
+{ERR_FUNC(EC_F_ECKEY_PRIV_DECODE),	"ECKEY_PRIV_DECODE"},
+{ERR_FUNC(EC_F_ECKEY_PRIV_ENCODE),	"ECKEY_PRIV_ENCODE"},
+{ERR_FUNC(EC_F_ECKEY_PUB_DECODE),	"ECKEY_PUB_DECODE"},
+{ERR_FUNC(EC_F_ECKEY_PUB_ENCODE),	"ECKEY_PUB_ENCODE"},
+{ERR_FUNC(EC_F_ECKEY_TYPE2PARAM),	"ECKEY_TYPE2PARAM"},
+{ERR_FUNC(EC_F_ECPARAMETERS_PRINT),	"ECParameters_print"},
+{ERR_FUNC(EC_F_ECPARAMETERS_PRINT_FP),	"ECParameters_print_fp"},
+{ERR_FUNC(EC_F_ECPKPARAMETERS_PRINT),	"ECPKParameters_print"},
+{ERR_FUNC(EC_F_ECPKPARAMETERS_PRINT_FP),	"ECPKParameters_print_fp"},
+{ERR_FUNC(EC_F_ECP_NIST_MOD_192),	"ECP_NIST_MOD_192"},
+{ERR_FUNC(EC_F_ECP_NIST_MOD_224),	"ECP_NIST_MOD_224"},
+{ERR_FUNC(EC_F_ECP_NIST_MOD_256),	"ECP_NIST_MOD_256"},
+{ERR_FUNC(EC_F_ECP_NIST_MOD_521),	"ECP_NIST_MOD_521"},
+{ERR_FUNC(EC_F_EC_ASN1_GROUP2CURVE),	"EC_ASN1_GROUP2CURVE"},
+{ERR_FUNC(EC_F_EC_ASN1_GROUP2FIELDID),	"EC_ASN1_GROUP2FIELDID"},
+{ERR_FUNC(EC_F_EC_ASN1_GROUP2PARAMETERS),	"EC_ASN1_GROUP2PARAMETERS"},
+{ERR_FUNC(EC_F_EC_ASN1_GROUP2PKPARAMETERS),	"EC_ASN1_GROUP2PKPARAMETERS"},
+{ERR_FUNC(EC_F_EC_ASN1_PARAMETERS2GROUP),	"EC_ASN1_PARAMETERS2GROUP"},
+{ERR_FUNC(EC_F_EC_ASN1_PKPARAMETERS2GROUP),	"EC_ASN1_PKPARAMETERS2GROUP"},
+{ERR_FUNC(EC_F_EC_EX_DATA_SET_DATA),	"EC_EX_DATA_set_data"},
+{ERR_FUNC(EC_F_EC_GF2M_MONTGOMERY_POINT_MULTIPLY),	"EC_GF2M_MONTGOMERY_POINT_MULTIPLY"},
+{ERR_FUNC(EC_F_EC_GF2M_SIMPLE_GROUP_CHECK_DISCRIMINANT),	"ec_GF2m_simple_group_check_discriminant"},
+{ERR_FUNC(EC_F_EC_GF2M_SIMPLE_GROUP_SET_CURVE),	"ec_GF2m_simple_group_set_curve"},
+{ERR_FUNC(EC_F_EC_GF2M_SIMPLE_OCT2POINT),	"ec_GF2m_simple_oct2point"},
+{ERR_FUNC(EC_F_EC_GF2M_SIMPLE_POINT2OCT),	"ec_GF2m_simple_point2oct"},
+{ERR_FUNC(EC_F_EC_GF2M_SIMPLE_POINT_GET_AFFINE_COORDINATES),	"ec_GF2m_simple_point_get_affine_coordinates"},
+{ERR_FUNC(EC_F_EC_GF2M_SIMPLE_POINT_SET_AFFINE_COORDINATES),	"ec_GF2m_simple_point_set_affine_coordinates"},
+{ERR_FUNC(EC_F_EC_GF2M_SIMPLE_SET_COMPRESSED_COORDINATES),	"ec_GF2m_simple_set_compressed_coordinates"},
+{ERR_FUNC(EC_F_EC_GFP_MONT_FIELD_DECODE),	"ec_GFp_mont_field_decode"},
+{ERR_FUNC(EC_F_EC_GFP_MONT_FIELD_ENCODE),	"ec_GFp_mont_field_encode"},
+{ERR_FUNC(EC_F_EC_GFP_MONT_FIELD_MUL),	"ec_GFp_mont_field_mul"},
+{ERR_FUNC(EC_F_EC_GFP_MONT_FIELD_SET_TO_ONE),	"ec_GFp_mont_field_set_to_one"},
+{ERR_FUNC(EC_F_EC_GFP_MONT_FIELD_SQR),	"ec_GFp_mont_field_sqr"},
+{ERR_FUNC(EC_F_EC_GFP_MONT_GROUP_SET_CURVE),	"ec_GFp_mont_group_set_curve"},
+{ERR_FUNC(EC_F_EC_GFP_MONT_GROUP_SET_CURVE_GFP),	"EC_GFP_MONT_GROUP_SET_CURVE_GFP"},
+{ERR_FUNC(EC_F_EC_GFP_NIST_FIELD_MUL),	"ec_GFp_nist_field_mul"},
+{ERR_FUNC(EC_F_EC_GFP_NIST_FIELD_SQR),	"ec_GFp_nist_field_sqr"},
+{ERR_FUNC(EC_F_EC_GFP_NIST_GROUP_SET_CURVE),	"ec_GFp_nist_group_set_curve"},
+{ERR_FUNC(EC_F_EC_GFP_SIMPLE_GROUP_CHECK_DISCRIMINANT),	"ec_GFp_simple_group_check_discriminant"},
+{ERR_FUNC(EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE),	"ec_GFp_simple_group_set_curve"},
+{ERR_FUNC(EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE_GFP),	"EC_GFP_SIMPLE_GROUP_SET_CURVE_GFP"},
+{ERR_FUNC(EC_F_EC_GFP_SIMPLE_GROUP_SET_GENERATOR),	"EC_GFP_SIMPLE_GROUP_SET_GENERATOR"},
+{ERR_FUNC(EC_F_EC_GFP_SIMPLE_MAKE_AFFINE),	"ec_GFp_simple_make_affine"},
+{ERR_FUNC(EC_F_EC_GFP_SIMPLE_OCT2POINT),	"ec_GFp_simple_oct2point"},
+{ERR_FUNC(EC_F_EC_GFP_SIMPLE_POINT2OCT),	"ec_GFp_simple_point2oct"},
+{ERR_FUNC(EC_F_EC_GFP_SIMPLE_POINTS_MAKE_AFFINE),	"ec_GFp_simple_points_make_affine"},
+{ERR_FUNC(EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES),	"ec_GFp_simple_point_get_affine_coordinates"},
+{ERR_FUNC(EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES_GFP),	"EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES_GFP"},
+{ERR_FUNC(EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES),	"ec_GFp_simple_point_set_affine_coordinates"},
+{ERR_FUNC(EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES_GFP),	"EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES_GFP"},
+{ERR_FUNC(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES),	"ec_GFp_simple_set_compressed_coordinates"},
+{ERR_FUNC(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES_GFP),	"EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES_GFP"},
+{ERR_FUNC(EC_F_EC_GROUP_CHECK),	"EC_GROUP_check"},
+{ERR_FUNC(EC_F_EC_GROUP_CHECK_DISCRIMINANT),	"EC_GROUP_check_discriminant"},
+{ERR_FUNC(EC_F_EC_GROUP_COPY),	"EC_GROUP_copy"},
+{ERR_FUNC(EC_F_EC_GROUP_GET0_GENERATOR),	"EC_GROUP_get0_generator"},
+{ERR_FUNC(EC_F_EC_GROUP_GET_COFACTOR),	"EC_GROUP_get_cofactor"},
+{ERR_FUNC(EC_F_EC_GROUP_GET_CURVE_GF2M),	"EC_GROUP_get_curve_GF2m"},
+{ERR_FUNC(EC_F_EC_GROUP_GET_CURVE_GFP),	"EC_GROUP_get_curve_GFp"},
+{ERR_FUNC(EC_F_EC_GROUP_GET_DEGREE),	"EC_GROUP_get_degree"},
+{ERR_FUNC(EC_F_EC_GROUP_GET_ORDER),	"EC_GROUP_get_order"},
+{ERR_FUNC(EC_F_EC_GROUP_GET_PENTANOMIAL_BASIS),	"EC_GROUP_get_pentanomial_basis"},
+{ERR_FUNC(EC_F_EC_GROUP_GET_TRINOMIAL_BASIS),	"EC_GROUP_get_trinomial_basis"},
+{ERR_FUNC(EC_F_EC_GROUP_NEW),	"EC_GROUP_new"},
+{ERR_FUNC(EC_F_EC_GROUP_NEW_BY_CURVE_NAME),	"EC_GROUP_new_by_curve_name"},
+{ERR_FUNC(EC_F_EC_GROUP_NEW_FROM_DATA),	"EC_GROUP_NEW_FROM_DATA"},
+{ERR_FUNC(EC_F_EC_GROUP_PRECOMPUTE_MULT),	"EC_GROUP_precompute_mult"},
+{ERR_FUNC(EC_F_EC_GROUP_SET_CURVE_GF2M),	"EC_GROUP_set_curve_GF2m"},
+{ERR_FUNC(EC_F_EC_GROUP_SET_CURVE_GFP),	"EC_GROUP_set_curve_GFp"},
+{ERR_FUNC(EC_F_EC_GROUP_SET_EXTRA_DATA),	"EC_GROUP_SET_EXTRA_DATA"},
+{ERR_FUNC(EC_F_EC_GROUP_SET_GENERATOR),	"EC_GROUP_set_generator"},
+{ERR_FUNC(EC_F_EC_KEY_CHECK_KEY),	"EC_KEY_check_key"},
+{ERR_FUNC(EC_F_EC_KEY_COPY),	"EC_KEY_copy"},
+{ERR_FUNC(EC_F_EC_KEY_GENERATE_KEY),	"EC_KEY_generate_key"},
+{ERR_FUNC(EC_F_EC_KEY_NEW),	"EC_KEY_new"},
+{ERR_FUNC(EC_F_EC_KEY_PRINT),	"EC_KEY_print"},
+{ERR_FUNC(EC_F_EC_KEY_PRINT_FP),	"EC_KEY_print_fp"},
+{ERR_FUNC(EC_F_EC_POINTS_MAKE_AFFINE),	"EC_POINTs_make_affine"},
+{ERR_FUNC(EC_F_EC_POINT_ADD),	"EC_POINT_add"},
+{ERR_FUNC(EC_F_EC_POINT_CMP),	"EC_POINT_cmp"},
+{ERR_FUNC(EC_F_EC_POINT_COPY),	"EC_POINT_copy"},
+{ERR_FUNC(EC_F_EC_POINT_DBL),	"EC_POINT_dbl"},
+{ERR_FUNC(EC_F_EC_POINT_GET_AFFINE_COORDINATES_GF2M),	"EC_POINT_get_affine_coordinates_GF2m"},
+{ERR_FUNC(EC_F_EC_POINT_GET_AFFINE_COORDINATES_GFP),	"EC_POINT_get_affine_coordinates_GFp"},
+{ERR_FUNC(EC_F_EC_POINT_GET_JPROJECTIVE_COORDINATES_GFP),	"EC_POINT_get_Jprojective_coordinates_GFp"},
+{ERR_FUNC(EC_F_EC_POINT_INVERT),	"EC_POINT_invert"},
+{ERR_FUNC(EC_F_EC_POINT_IS_AT_INFINITY),	"EC_POINT_is_at_infinity"},
+{ERR_FUNC(EC_F_EC_POINT_IS_ON_CURVE),	"EC_POINT_is_on_curve"},
+{ERR_FUNC(EC_F_EC_POINT_MAKE_AFFINE),	"EC_POINT_make_affine"},
+{ERR_FUNC(EC_F_EC_POINT_MUL),	"EC_POINT_mul"},
+{ERR_FUNC(EC_F_EC_POINT_NEW),	"EC_POINT_new"},
+{ERR_FUNC(EC_F_EC_POINT_OCT2POINT),	"EC_POINT_oct2point"},
+{ERR_FUNC(EC_F_EC_POINT_POINT2OCT),	"EC_POINT_point2oct"},
+{ERR_FUNC(EC_F_EC_POINT_SET_AFFINE_COORDINATES_GF2M),	"EC_POINT_set_affine_coordinates_GF2m"},
+{ERR_FUNC(EC_F_EC_POINT_SET_AFFINE_COORDINATES_GFP),	"EC_POINT_set_affine_coordinates_GFp"},
+{ERR_FUNC(EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GF2M),	"EC_POINT_set_compressed_coordinates_GF2m"},
+{ERR_FUNC(EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GFP),	"EC_POINT_set_compressed_coordinates_GFp"},
+{ERR_FUNC(EC_F_EC_POINT_SET_JPROJECTIVE_COORDINATES_GFP),	"EC_POINT_set_Jprojective_coordinates_GFp"},
+{ERR_FUNC(EC_F_EC_POINT_SET_TO_INFINITY),	"EC_POINT_set_to_infinity"},
+{ERR_FUNC(EC_F_EC_PRE_COMP_DUP),	"EC_PRE_COMP_DUP"},
+{ERR_FUNC(EC_F_EC_PRE_COMP_NEW),	"EC_PRE_COMP_NEW"},
+{ERR_FUNC(EC_F_EC_WNAF_MUL),	"ec_wNAF_mul"},
+{ERR_FUNC(EC_F_EC_WNAF_PRECOMPUTE_MULT),	"ec_wNAF_precompute_mult"},
+{ERR_FUNC(EC_F_I2D_ECPARAMETERS),	"i2d_ECParameters"},
+{ERR_FUNC(EC_F_I2D_ECPKPARAMETERS),	"i2d_ECPKParameters"},
+{ERR_FUNC(EC_F_I2D_ECPRIVATEKEY),	"i2d_ECPrivateKey"},
+{ERR_FUNC(EC_F_I2O_ECPUBLICKEY),	"i2o_ECPublicKey"},
+{ERR_FUNC(EC_F_O2I_ECPUBLICKEY),	"o2i_ECPublicKey"},
+{ERR_FUNC(EC_F_OLD_EC_PRIV_DECODE),	"OLD_EC_PRIV_DECODE"},
+{ERR_FUNC(EC_F_PKEY_EC_CTRL),	"PKEY_EC_CTRL"},
+{ERR_FUNC(EC_F_PKEY_EC_CTRL_STR),	"PKEY_EC_CTRL_STR"},
+{ERR_FUNC(EC_F_PKEY_EC_DERIVE),	"PKEY_EC_DERIVE"},
+{ERR_FUNC(EC_F_PKEY_EC_KEYGEN),	"PKEY_EC_KEYGEN"},
+{ERR_FUNC(EC_F_PKEY_EC_PARAMGEN),	"PKEY_EC_PARAMGEN"},
+{ERR_FUNC(EC_F_PKEY_EC_SIGN),	"PKEY_EC_SIGN"},
 {0,NULL}
 	};
 
 static ERR_STRING_DATA EC_str_reasons[]=
 	{
-{EC_R_ASN1_ERROR                         ,"asn1 error"},
-{EC_R_ASN1_UNKNOWN_FIELD                 ,"asn1 unknown field"},
-{EC_R_BUFFER_TOO_SMALL                   ,"buffer too small"},
-{EC_R_D2I_ECPKPARAMETERS_FAILURE         ,"d2i ecpkparameters failure"},
-{EC_R_DISCRIMINANT_IS_ZERO               ,"discriminant is zero"},
-{EC_R_EC_GROUP_NEW_BY_NAME_FAILURE       ,"ec group new by name failure"},
-{EC_R_GROUP2PKPARAMETERS_FAILURE         ,"group2pkparameters failure"},
-{EC_R_I2D_ECPKPARAMETERS_FAILURE         ,"i2d ecpkparameters failure"},
-{EC_R_INCOMPATIBLE_OBJECTS               ,"incompatible objects"},
-{EC_R_INVALID_ARGUMENT                   ,"invalid argument"},
-{EC_R_INVALID_COMPRESSED_POINT           ,"invalid compressed point"},
-{EC_R_INVALID_COMPRESSION_BIT            ,"invalid compression bit"},
-{EC_R_INVALID_ENCODING                   ,"invalid encoding"},
-{EC_R_INVALID_FIELD                      ,"invalid field"},
-{EC_R_INVALID_FORM                       ,"invalid form"},
-{EC_R_INVALID_GROUP_ORDER                ,"invalid group order"},
-{EC_R_INVALID_PRIVATE_KEY                ,"invalid private key"},
-{EC_R_MISSING_PARAMETERS                 ,"missing parameters"},
-{EC_R_MISSING_PRIVATE_KEY                ,"missing private key"},
-{EC_R_NOT_A_NIST_PRIME                   ,"not a NIST prime"},
-{EC_R_NOT_A_SUPPORTED_NIST_PRIME         ,"not a supported NIST prime"},
-{EC_R_NOT_IMPLEMENTED                    ,"not implemented"},
-{EC_R_NOT_INITIALIZED                    ,"not initialized"},
-{EC_R_NO_FIELD_MOD                       ,"no field mod"},
-{EC_R_PASSED_NULL_PARAMETER              ,"passed null parameter"},
-{EC_R_PKPARAMETERS2GROUP_FAILURE         ,"pkparameters2group failure"},
-{EC_R_POINT_AT_INFINITY                  ,"point at infinity"},
-{EC_R_POINT_IS_NOT_ON_CURVE              ,"point is not on curve"},
-{EC_R_SLOT_FULL                          ,"slot full"},
-{EC_R_UNDEFINED_GENERATOR                ,"undefined generator"},
-{EC_R_UNDEFINED_ORDER                    ,"undefined order"},
-{EC_R_UNKNOWN_GROUP                      ,"unknown group"},
-{EC_R_UNKNOWN_ORDER                      ,"unknown order"},
-{EC_R_UNSUPPORTED_FIELD                  ,"unsupported field"},
-{EC_R_WRONG_ORDER                        ,"wrong order"},
+{ERR_REASON(EC_R_ASN1_ERROR)             ,"asn1 error"},
+{ERR_REASON(EC_R_ASN1_UNKNOWN_FIELD)     ,"asn1 unknown field"},
+{ERR_REASON(EC_R_BUFFER_TOO_SMALL)       ,"buffer too small"},
+{ERR_REASON(EC_R_D2I_ECPKPARAMETERS_FAILURE),"d2i ecpkparameters failure"},
+{ERR_REASON(EC_R_DECODE_ERROR)           ,"decode error"},
+{ERR_REASON(EC_R_DISCRIMINANT_IS_ZERO)   ,"discriminant is zero"},
+{ERR_REASON(EC_R_EC_GROUP_NEW_BY_NAME_FAILURE),"ec group new by name failure"},
+{ERR_REASON(EC_R_FIELD_TOO_LARGE)        ,"field too large"},
+{ERR_REASON(EC_R_GROUP2PKPARAMETERS_FAILURE),"group2pkparameters failure"},
+{ERR_REASON(EC_R_I2D_ECPKPARAMETERS_FAILURE),"i2d ecpkparameters failure"},
+{ERR_REASON(EC_R_INCOMPATIBLE_OBJECTS)   ,"incompatible objects"},
+{ERR_REASON(EC_R_INVALID_ARGUMENT)       ,"invalid argument"},
+{ERR_REASON(EC_R_INVALID_COMPRESSED_POINT),"invalid compressed point"},
+{ERR_REASON(EC_R_INVALID_COMPRESSION_BIT),"invalid compression bit"},
+{ERR_REASON(EC_R_INVALID_CURVE)          ,"invalid curve"},
+{ERR_REASON(EC_R_INVALID_DIGEST_TYPE)    ,"invalid digest type"},
+{ERR_REASON(EC_R_INVALID_ENCODING)       ,"invalid encoding"},
+{ERR_REASON(EC_R_INVALID_FIELD)          ,"invalid field"},
+{ERR_REASON(EC_R_INVALID_FORM)           ,"invalid form"},
+{ERR_REASON(EC_R_INVALID_GROUP_ORDER)    ,"invalid group order"},
+{ERR_REASON(EC_R_INVALID_PENTANOMIAL_BASIS),"invalid pentanomial basis"},
+{ERR_REASON(EC_R_INVALID_PRIVATE_KEY)    ,"invalid private key"},
+{ERR_REASON(EC_R_INVALID_TRINOMIAL_BASIS),"invalid trinomial basis"},
+{ERR_REASON(EC_R_KEYS_NOT_SET)           ,"keys not set"},
+{ERR_REASON(EC_R_MISSING_PARAMETERS)     ,"missing parameters"},
+{ERR_REASON(EC_R_MISSING_PRIVATE_KEY)    ,"missing private key"},
+{ERR_REASON(EC_R_NOT_A_NIST_PRIME)       ,"not a NIST prime"},
+{ERR_REASON(EC_R_NOT_A_SUPPORTED_NIST_PRIME),"not a supported NIST prime"},
+{ERR_REASON(EC_R_NOT_IMPLEMENTED)        ,"not implemented"},
+{ERR_REASON(EC_R_NOT_INITIALIZED)        ,"not initialized"},
+{ERR_REASON(EC_R_NO_FIELD_MOD)           ,"no field mod"},
+{ERR_REASON(EC_R_NO_PARAMETERS_SET)      ,"no parameters set"},
+{ERR_REASON(EC_R_PASSED_NULL_PARAMETER)  ,"passed null parameter"},
+{ERR_REASON(EC_R_PKPARAMETERS2GROUP_FAILURE),"pkparameters2group failure"},
+{ERR_REASON(EC_R_POINT_AT_INFINITY)      ,"point at infinity"},
+{ERR_REASON(EC_R_POINT_IS_NOT_ON_CURVE)  ,"point is not on curve"},
+{ERR_REASON(EC_R_SLOT_FULL)              ,"slot full"},
+{ERR_REASON(EC_R_UNDEFINED_GENERATOR)    ,"undefined generator"},
+{ERR_REASON(EC_R_UNDEFINED_ORDER)        ,"undefined order"},
+{ERR_REASON(EC_R_UNKNOWN_GROUP)          ,"unknown group"},
+{ERR_REASON(EC_R_UNKNOWN_ORDER)          ,"unknown order"},
+{ERR_REASON(EC_R_UNSUPPORTED_FIELD)      ,"unsupported field"},
+{ERR_REASON(EC_R_WRONG_ORDER)            ,"wrong order"},
 {0,NULL}
 	};
 
@@ -217,15 +247,12 @@ static ERR_STRING_DATA EC_str_reasons[]=
 
 void ERR_load_EC_strings(void)
 	{
-	static int init=1;
-
-	if (init)
-		{
-		init=0;
 #ifndef OPENSSL_NO_ERR
-		ERR_load_strings(ERR_LIB_EC,EC_str_functs);
-		ERR_load_strings(ERR_LIB_EC,EC_str_reasons);
-#endif
 
+	if (ERR_func_error_string(EC_str_functs[0].error) == NULL)
+		{
+		ERR_load_strings(0,EC_str_functs);
+		ERR_load_strings(0,EC_str_reasons);
 		}
+#endif
 	}
diff --git a/crypto/ec/ec_key.c b/crypto/ec/ec_key.c
index aef3934c17..12fb0e6d6d 100644
--- a/crypto/ec/ec_key.c
+++ b/crypto/ec/ec_key.c
@@ -3,7 +3,7 @@
  * Written by Nils Larsch for the OpenSSL project.
  */
 /* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1998-2005 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -73,7 +73,7 @@ EC_KEY *EC_KEY_new(void)
 	ret=(EC_KEY *)OPENSSL_malloc(sizeof(EC_KEY));
 	if (ret == NULL)
 		{
-		ECerr(EC_F_EC_NEW, ERR_R_MALLOC_FAILURE);
+		ECerr(EC_F_EC_KEY_NEW, ERR_R_MALLOC_FAILURE);
 		return(NULL);
 		}
 
@@ -84,10 +84,23 @@ EC_KEY *EC_KEY_new(void)
 	ret->enc_flag= 0; 
 	ret->conv_form = POINT_CONVERSION_UNCOMPRESSED;
 	ret->references= 1;
-	ret->meth_data = NULL;
+	ret->method_data = NULL;
 	return(ret);
 	}
 
+EC_KEY *EC_KEY_new_by_curve_name(int nid)
+	{
+	EC_KEY *ret = EC_KEY_new();
+	if (ret == NULL)
+		return NULL;
+	ret->group = EC_GROUP_new_by_curve_name(nid);
+	if (ret->group == NULL)
+		{
+		EC_KEY_free(ret);
+		return NULL;
+		}
+	return ret;
+	}
 
 void EC_KEY_free(EC_KEY *r)
 	{
@@ -115,8 +128,7 @@ void EC_KEY_free(EC_KEY *r)
 	if (r->priv_key != NULL)
 		BN_clear_free(r->priv_key);
 
-	if (r->meth_data && r->meth_data->finish)
-		r->meth_data->finish(r);
+	EC_EX_DATA_free_all_data(&r->method_data);
 
 	OPENSSL_cleanse((void *)r, sizeof(EC_KEY));
 
@@ -125,6 +137,8 @@ void EC_KEY_free(EC_KEY *r)
 
 EC_KEY *EC_KEY_copy(EC_KEY *dest, const EC_KEY *src)
 	{
+	EC_EXTRA_DATA *d;
+
 	if (dest == NULL || src == NULL)
 		{
 		ECerr(EC_F_EC_KEY_COPY, ERR_R_PASSED_NULL_PARAMETER);
@@ -166,6 +180,19 @@ EC_KEY *EC_KEY_copy(EC_KEY *dest, const EC_KEY *src)
 		if (!BN_copy(dest->priv_key, src->priv_key))
 			return NULL;
 		}
+	/* copy method/extra data */
+	EC_EX_DATA_free_all_data(&dest->method_data);
+
+	for (d = src->method_data; d != NULL; d = d->next)
+		{
+		void *t = d->dup_func(d->data);
+		
+		if (t == NULL)
+			return 0;
+		if (!EC_EX_DATA_set_data(&dest->method_data, t, d->dup_func, d->free_func, d->clear_free_func))
+			return 0;
+		}
+
 	/* copy the rest */
 	dest->enc_flag  = src->enc_flag;
 	dest->conv_form = src->conv_form;
@@ -174,46 +201,16 @@ EC_KEY *EC_KEY_copy(EC_KEY *dest, const EC_KEY *src)
 	return dest;
 	}
 
-EC_KEY *EC_KEY_dup(const EC_KEY *eckey)
+EC_KEY *EC_KEY_dup(const EC_KEY *ec_key)
 	{
-	EC_KEY *ret = NULL;
-	int	ok = 1;
-
-	ret = EC_KEY_new();
+	EC_KEY *ret = EC_KEY_new();
 	if (ret == NULL)
 		return NULL;
-	/* copy the parameters */
-	if (eckey->group)
-		{
-		ret->group = EC_GROUP_dup(eckey->group);
-		if (ret->group == NULL)
-			ok = 0;
-		}
-	/*  copy the public key */
-	if (eckey->pub_key && eckey->group)
-		{
-		ret->pub_key = EC_POINT_dup(eckey->pub_key, eckey->group);
-		if (ret->pub_key == NULL)
-			ok = 0;
-		}
-	/* copy the private key */
-	if (eckey->priv_key)
-		{
-		ret->priv_key = BN_dup(eckey->priv_key);
-		if (ret->priv_key == NULL)
-			ok = 0;
-		}
-	/* copy the rest */
-	ret->enc_flag  = eckey->enc_flag;
-	ret->conv_form = eckey->conv_form;
-	ret->version   = eckey->version;
-
-	if (!ok)
+	if (EC_KEY_copy(ret, ec_key) == NULL)
 		{
 		EC_KEY_free(ret);
-		ret = NULL;
+		return NULL;
 		}
-
 	return ret;
 	}
 
@@ -299,7 +296,7 @@ int EC_KEY_check_key(const EC_KEY *eckey)
 	{
 	int	ok   = 0;
 	BN_CTX	*ctx = NULL;
-	BIGNUM	*order  = NULL;
+	const BIGNUM	*order  = NULL;
 	EC_POINT *point = NULL;
 
 	if (!eckey || !eckey->group || !eckey->pub_key)
@@ -310,8 +307,6 @@ int EC_KEY_check_key(const EC_KEY *eckey)
 	
 	if ((ctx = BN_CTX_new()) == NULL)
 		goto err;
-	if ((order = BN_new()) == NULL)
-		goto err;
 	if ((point = EC_POINT_new(eckey->group)) == NULL)
 		goto err;
 
@@ -322,17 +317,13 @@ int EC_KEY_check_key(const EC_KEY *eckey)
 		goto err;
 		}
 	/* testing whether pub_key * order is the point at infinity */
-	if (!EC_GROUP_get_order(eckey->group, order, ctx))
+	order = &eckey->group->order;
+	if (BN_is_zero(order))
 		{
 		ECerr(EC_F_EC_KEY_CHECK_KEY, EC_R_INVALID_GROUP_ORDER);
 		goto err;
 		}
-	if (!EC_POINT_copy(point, eckey->pub_key))
-		{
-		ECerr(EC_F_EC_KEY_CHECK_KEY, ERR_R_EC_LIB);
-		goto err;
-		}
-	if (!EC_POINT_mul(eckey->group, point, order, NULL, NULL, ctx))
+	if (!EC_POINT_mul(eckey->group, point, NULL, eckey->pub_key, order, ctx))
 		{
 		ECerr(EC_F_EC_KEY_CHECK_KEY, ERR_R_EC_LIB);
 		goto err;
@@ -369,9 +360,98 @@ int EC_KEY_check_key(const EC_KEY *eckey)
 err:
 	if (ctx   != NULL)
 		BN_CTX_free(ctx);
-	if (order != NULL)
-		BN_free(order);
 	if (point != NULL)
 		EC_POINT_free(point);
 	return(ok);
 	}
+
+const EC_GROUP *EC_KEY_get0_group(const EC_KEY *key)
+	{
+	return key->group;
+	}
+
+int EC_KEY_set_group(EC_KEY *key, const EC_GROUP *group)
+	{
+	if (key->group != NULL)
+		EC_GROUP_free(key->group);
+	key->group = EC_GROUP_dup(group);
+	return (key->group == NULL) ? 0 : 1;
+	}
+
+const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *key)
+	{
+	return key->priv_key;
+	}
+
+int EC_KEY_set_private_key(EC_KEY *key, const BIGNUM *priv_key)
+	{
+	if (key->priv_key)
+		BN_clear_free(key->priv_key);
+	key->priv_key = BN_dup(priv_key);
+	return (key->priv_key == NULL) ? 0 : 1;
+	}
+
+const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *key)
+	{
+	return key->pub_key;
+	}
+
+int EC_KEY_set_public_key(EC_KEY *key, const EC_POINT *pub_key)
+	{
+	if (key->pub_key != NULL)
+		EC_POINT_free(key->pub_key);
+	key->pub_key = EC_POINT_dup(pub_key, key->group);
+	return (key->pub_key == NULL) ? 0 : 1;
+	}
+
+unsigned int EC_KEY_get_enc_flags(const EC_KEY *key)
+	{
+	return key->enc_flag;
+	}
+
+void EC_KEY_set_enc_flags(EC_KEY *key, unsigned int flags)
+	{
+	key->enc_flag = flags;
+	}
+
+point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *key)
+	{
+	return key->conv_form;
+	}
+
+void EC_KEY_set_conv_form(EC_KEY *key, point_conversion_form_t cform)
+	{
+	key->conv_form = cform;
+	if (key->group != NULL)
+		EC_GROUP_set_point_conversion_form(key->group, cform);
+	}
+
+void *EC_KEY_get_key_method_data(EC_KEY *key,
+	void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *))
+	{
+	return EC_EX_DATA_get_data(key->method_data, dup_func, free_func, clear_free_func);
+	}
+
+void EC_KEY_insert_key_method_data(EC_KEY *key, void *data,
+	void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *))
+	{
+	EC_EXTRA_DATA *ex_data;
+	CRYPTO_w_lock(CRYPTO_LOCK_EC);
+	ex_data = EC_EX_DATA_get_data(key->method_data, dup_func, free_func, clear_free_func);
+	if (ex_data == NULL)
+		EC_EX_DATA_set_data(&key->method_data, data, dup_func, free_func, clear_free_func);
+	CRYPTO_w_unlock(CRYPTO_LOCK_EC);
+	}
+
+void EC_KEY_set_asn1_flag(EC_KEY *key, int flag)
+	{
+	if (key->group != NULL)
+		EC_GROUP_set_asn1_flag(key->group, flag);
+	}
+
+int EC_KEY_precompute_mult(EC_KEY *key, BN_CTX *ctx)
+	{
+	if (key->group == NULL)
+		return 0;
+	return EC_GROUP_precompute_mult(key->group, ctx);
+	}
diff --git a/crypto/ec/ec_lcl.h b/crypto/ec/ec_lcl.h
index 30632ba915..3e2c34b0bc 100644
--- a/crypto/ec/ec_lcl.h
+++ b/crypto/ec/ec_lcl.h
@@ -205,11 +205,14 @@ struct ec_group_st {
 	               * irreducible polynomial defining the field.
 	               */
 
-	unsigned int poly[5]; /* Field specification for curves over GF(2^m).
-	                       * The irreducible f(t) is then of the form:
-	                       *     t^poly[0] + t^poly[1] + ... + t^poly[k]
-	                       * where m = poly[0] > poly[1] > ... > poly[k] = 0.
-	                       */
+	int poly[6]; /* Field specification for curves over GF(2^m).
+	              * The irreducible f(t) is then of the form:
+	              *     t^poly[0] + t^poly[1] + ... + t^poly[k]
+	              * where m = poly[0] > poly[1] > ... > poly[k] = 0.
+	              * The array is terminated with poly[k+1]=-1.
+	              * All elliptic curve irreducibles have at most 5
+	              * non-zero terms.
+	              */
 
 	BIGNUM a, b; /* Curve coefficients.
 	              * (Here the assumption is that BIGNUMs can be used
@@ -229,22 +232,37 @@ struct ec_group_st {
 	int (*field_mod_func)(BIGNUM *, const BIGNUM *, const BIGNUM *,	BN_CTX *); /* method-specific */
 } /* EC_GROUP */;
 
+struct ec_key_st {
+	int version;
+
+	EC_GROUP *group;
+
+	EC_POINT *pub_key;
+	BIGNUM	 *priv_key;
+
+	unsigned int enc_flag;
+	point_conversion_form_t conv_form;
 
-/* Basically a 'mixin' for extra data, but available for EC_GROUPs only
+	int 	references;
+
+	EC_EXTRA_DATA *method_data;
+} /* EC_KEY */;
+
+/* Basically a 'mixin' for extra data, but available for EC_GROUPs/EC_KEYs only
  * (with visibility limited to 'package' level for now).
  * We use the function pointers as index for retrieval; this obviates
  * global ex_data-style index tables.
  */
-int EC_GROUP_set_extra_data(EC_GROUP *, void *data,
+int EC_EX_DATA_set_data(EC_EXTRA_DATA **, void *data,
 	void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *));
-void *EC_GROUP_get_extra_data(const EC_GROUP *,
+void *EC_EX_DATA_get_data(const EC_EXTRA_DATA *,
 	void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *));
-void EC_GROUP_free_extra_data(EC_GROUP*,
+void EC_EX_DATA_free_data(EC_EXTRA_DATA **,
 	void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *));
-void EC_GROUP_clear_free_extra_data(EC_GROUP*,
+void EC_EX_DATA_clear_free_data(EC_EXTRA_DATA **,
 	void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *));
-void EC_GROUP_free_all_extra_data(EC_GROUP *);
-void EC_GROUP_clear_free_all_extra_data(EC_GROUP *);
+void EC_EX_DATA_free_all_data(EC_EXTRA_DATA **);
+void EC_EX_DATA_clear_free_all_data(EC_EXTRA_DATA **);
 
 
 
@@ -324,16 +342,6 @@ int ec_GFp_mont_field_decode(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, BN_CT
 int ec_GFp_mont_field_set_to_one(const EC_GROUP *, BIGNUM *r, BN_CTX *);
 
 
-/* method functions in ecp_recp.c */
-int ec_GFp_recp_group_init(EC_GROUP *);
-int ec_GFp_recp_group_set_curve(EC_GROUP *, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *);
-void ec_GFp_recp_group_finish(EC_GROUP *);
-void ec_GFp_recp_group_clear_finish(EC_GROUP *);
-int ec_GFp_recp_group_copy(EC_GROUP *, const EC_GROUP *);
-int ec_GFp_recp_field_mul(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *);
-int ec_GFp_recp_field_sqr(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, BN_CTX *);
-
-
 /* method functions in ecp_nist.c */
 int ec_GFp_nist_group_copy(EC_GROUP *dest, const EC_GROUP *src);
 int ec_GFp_nist_group_set_curve(EC_GROUP *, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *);
diff --git a/crypto/ec/ec_lib.c b/crypto/ec/ec_lib.c
index ba5b821c9c..dd7da0fcf9 100644
--- a/crypto/ec/ec_lib.c
+++ b/crypto/ec/ec_lib.c
@@ -79,7 +79,7 @@ EC_GROUP *EC_GROUP_new(const EC_METHOD *meth)
 
 	if (meth == NULL)
 		{
-		ECerr(EC_F_EC_GROUP_NEW, ERR_R_PASSED_NULL_PARAMETER);
+		ECerr(EC_F_EC_GROUP_NEW, EC_R_SLOT_FULL);
 		return NULL;
 		}
 	if (meth->group_init == 0)
@@ -127,7 +127,7 @@ void EC_GROUP_free(EC_GROUP *group)
 	if (group->meth->group_finish != 0)
 		group->meth->group_finish(group);
 
-	EC_GROUP_free_all_extra_data(group);
+	EC_EX_DATA_free_all_data(&group->extra_data);
 
 	if (group->generator != NULL)
 		EC_POINT_free(group->generator);
@@ -147,10 +147,10 @@ void EC_GROUP_clear_free(EC_GROUP *group)
 
 	if (group->meth->group_clear_finish != 0)
 		group->meth->group_clear_finish(group);
-	else if (group->meth != NULL && group->meth->group_finish != 0)
+	else if (group->meth->group_finish != 0)
 		group->meth->group_finish(group);
 
-	EC_GROUP_clear_free_all_extra_data(group);
+	EC_EX_DATA_clear_free_all_data(&group->extra_data);
 
 	if (group->generator != NULL)
 		EC_POINT_clear_free(group->generator);
@@ -185,7 +185,7 @@ int EC_GROUP_copy(EC_GROUP *dest, const EC_GROUP *src)
 	if (dest == src)
 		return 1;
 	
-	EC_GROUP_free_all_extra_data(dest);
+	EC_EX_DATA_free_all_data(&dest->extra_data);
 
 	for (d = src->extra_data; d != NULL; d = d->next)
 		{
@@ -193,7 +193,7 @@ int EC_GROUP_copy(EC_GROUP *dest, const EC_GROUP *src)
 		
 		if (t == NULL)
 			return 0;
-		if (!EC_GROUP_set_extra_data(dest, t, d->dup_func, d->free_func, d->clear_free_func))
+		if (!EC_EX_DATA_set_data(&dest->extra_data, t, d->dup_func, d->free_func, d->clear_free_func))
 			return 0;
 		}
 
@@ -310,7 +310,7 @@ int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator, const BIG
 	}
 
 
-EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *group)
+const EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *group)
 	{
 	return group->generator;
 	}
@@ -334,13 +334,13 @@ int EC_GROUP_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor, BN_CTX *ctx)
 	}
 
 
-void EC_GROUP_set_nid(EC_GROUP *group, int nid)
+void EC_GROUP_set_curve_name(EC_GROUP *group, int nid)
 	{
 	group->curve_name = nid;
 	}
 
 
-int EC_GROUP_get_nid(const EC_GROUP *group)
+int EC_GROUP_get_curve_name(const EC_GROUP *group)
 	{
 	return group->curve_name;
 	}
@@ -481,8 +481,8 @@ int EC_GROUP_cmp(const EC_GROUP *a, const EC_GROUP *b, BN_CTX *ctx)
 	    EC_METHOD_get_field_type(EC_GROUP_method_of(b)))
 		return 1;
 	/* compare the curve name (if present) */
-	if (EC_GROUP_get_nid(a) && EC_GROUP_get_nid(b) &&
-	    EC_GROUP_get_nid(a) == EC_GROUP_get_nid(b))
+	if (EC_GROUP_get_curve_name(a) && EC_GROUP_get_curve_name(b) &&
+	    EC_GROUP_get_curve_name(a) == EC_GROUP_get_curve_name(b))
 		return 0;
 
 	if (!ctx)
@@ -512,7 +512,7 @@ int EC_GROUP_cmp(const EC_GROUP *a, const EC_GROUP *b, BN_CTX *ctx)
 	    !b->meth->group_get_curve(b, b1, b2, b3, ctx))
 		r = 1;
 
-	if (r || BN_cmp(a1, b2) || BN_cmp(a2, b2) || BN_cmp(a3, b3))
+	if (r || BN_cmp(a1, b1) || BN_cmp(a2, b2) || BN_cmp(a3, b3))
 		r = 1;
 
 	/* XXX EC_POINT_cmp() assumes that the methods are equal */
@@ -546,19 +546,19 @@ int EC_GROUP_cmp(const EC_GROUP *a, const EC_GROUP *b, BN_CTX *ctx)
 
 
 /* this has 'package' visibility */
-int EC_GROUP_set_extra_data(EC_GROUP *group, void *data,
+int EC_EX_DATA_set_data(EC_EXTRA_DATA **ex_data, void *data,
 	void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *))
 	{
 	EC_EXTRA_DATA *d;
 
-	if (group == NULL)
+	if (ex_data == NULL)
 		return 0;
 
-	for (d = group->extra_data; d != NULL; d = d->next)
+	for (d = *ex_data; d != NULL; d = d->next)
 		{
 		if (d->dup_func == dup_func && d->free_func == free_func && d->clear_free_func == clear_free_func)
 			{
-			ECerr(EC_F_EC_GROUP_SET_EXTRA_DATA, EC_R_SLOT_FULL);
+			ECerr(EC_F_EC_EX_DATA_SET_DATA, EC_R_SLOT_FULL);
 			return 0;
 			}
 		}
@@ -576,22 +576,19 @@ int EC_GROUP_set_extra_data(EC_GROUP *group, void *data,
 	d->free_func = free_func;
 	d->clear_free_func = clear_free_func;
 
-	d->next = group->extra_data;
-	group->extra_data = d;
+	d->next = *ex_data;
+	*ex_data = d;
 
 	return 1;
 	}
 
 /* this has 'package' visibility */
-void *EC_GROUP_get_extra_data(const EC_GROUP *group,
+void *EC_EX_DATA_get_data(const EC_EXTRA_DATA *ex_data,
 	void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *))
 	{
-	EC_EXTRA_DATA *d;
-
-	if (group == NULL)
-		return NULL;
+	const EC_EXTRA_DATA *d;
 
-	for (d = group->extra_data; d != NULL; d = d->next)
+	for (d = ex_data; d != NULL; d = d->next)
 		{
 		if (d->dup_func == dup_func && d->free_func == free_func && d->clear_free_func == clear_free_func)
 			return d->data;
@@ -601,15 +598,15 @@ void *EC_GROUP_get_extra_data(const EC_GROUP *group,
 	}
 
 /* this has 'package' visibility */
-void EC_GROUP_free_extra_data(EC_GROUP *group,
+void EC_EX_DATA_free_data(EC_EXTRA_DATA **ex_data,
 	void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *))
 	{
 	EC_EXTRA_DATA **p;
 
-	if (group == NULL)
+	if (ex_data == NULL)
 		return;
 
-	for (p = &group->extra_data; *p != NULL; p = &((*p)->next))
+	for (p = ex_data; *p != NULL; p = &((*p)->next))
 		{
 		if ((*p)->dup_func == dup_func && (*p)->free_func == free_func && (*p)->clear_free_func == clear_free_func)
 			{
@@ -625,15 +622,15 @@ void EC_GROUP_free_extra_data(EC_GROUP *group,
 	}
 
 /* this has 'package' visibility */
-void EC_GROUP_clear_free_extra_data(EC_GROUP *group,
+void EC_EX_DATA_clear_free_data(EC_EXTRA_DATA **ex_data,
 	void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *))
 	{
 	EC_EXTRA_DATA **p;
 
-	if (group == NULL)
+	if (ex_data == NULL)
 		return;
 
-	for (p = &group->extra_data; *p != NULL; p = &((*p)->next))
+	for (p = ex_data; *p != NULL; p = &((*p)->next))
 		{
 		if ((*p)->dup_func == dup_func && (*p)->free_func == free_func && (*p)->clear_free_func == clear_free_func)
 			{
@@ -649,14 +646,14 @@ void EC_GROUP_clear_free_extra_data(EC_GROUP *group,
 	}
 
 /* this has 'package' visibility */
-void EC_GROUP_free_all_extra_data(EC_GROUP *group)
+void EC_EX_DATA_free_all_data(EC_EXTRA_DATA **ex_data)
 	{
 	EC_EXTRA_DATA *d;
 
-	if (group == NULL)
+	if (ex_data == NULL)
 		return;
 
-	d = group->extra_data;
+	d = *ex_data;
 	while (d)
 		{
 		EC_EXTRA_DATA *next = d->next;
@@ -666,18 +663,18 @@ void EC_GROUP_free_all_extra_data(EC_GROUP *group)
 		
 		d = next;
 		}
-	group->extra_data = NULL;
+	*ex_data = NULL;
 	}
 
 /* this has 'package' visibility */
-void EC_GROUP_clear_free_all_extra_data(EC_GROUP *group)
+void EC_EX_DATA_clear_free_all_data(EC_EXTRA_DATA **ex_data)
 	{
 	EC_EXTRA_DATA *d;
 
-	if (group == NULL)
+	if (ex_data == NULL)
 		return;
 
-	d = group->extra_data;
+	d = *ex_data;
 	while (d)
 		{
 		EC_EXTRA_DATA *next = d->next;
@@ -687,7 +684,7 @@ void EC_GROUP_clear_free_all_extra_data(EC_GROUP *group)
 		
 		d = next;
 		}
-	group->extra_data = NULL;
+	*ex_data = NULL;
 	}
 
 
@@ -743,7 +740,7 @@ void EC_POINT_clear_free(EC_POINT *point)
 
 	if (point->meth->point_clear_finish != 0)
 		point->meth->point_clear_finish(point);
-	else if (point->meth != NULL && point->meth->point_finish != 0)
+	else if (point->meth->point_finish != 0)
 		point->meth->point_finish(point);
 	OPENSSL_cleanse(point, sizeof *point);
 	OPENSSL_free(point);
@@ -1015,12 +1012,12 @@ int EC_POINT_invert(const EC_GROUP *group, EC_POINT *a, BN_CTX *ctx)
 	{
 	if (group->meth->dbl == 0)
 		{
-		ECerr(EC_F_EC_POINT_DBL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+		ECerr(EC_F_EC_POINT_INVERT, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
 		return 0;
 		}
 	if (group->meth != a->meth)
 		{
-		ECerr(EC_F_EC_POINT_DBL, EC_R_INCOMPATIBLE_OBJECTS);
+		ECerr(EC_F_EC_POINT_INVERT, EC_R_INCOMPATIBLE_OBJECTS);
 		return 0;
 		}
 	return group->meth->invert(group, a, ctx);
diff --git a/crypto/ec/ec_mult.c b/crypto/ec/ec_mult.c
index 236b66c18a..f05df5332e 100644
--- a/crypto/ec/ec_mult.c
+++ b/crypto/ec/ec_mult.c
@@ -3,7 +3,7 @@
  * Originally written by Bodo Moeller and Nils Larsch for the OpenSSL project.
  */
 /* ====================================================================
- * Copyright (c) 1998-2003 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1998-2007 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -104,7 +104,10 @@ static EC_PRE_COMP *ec_pre_comp_new(const EC_GROUP *group)
 
 	ret = (EC_PRE_COMP *)OPENSSL_malloc(sizeof(EC_PRE_COMP));
 	if (!ret)
+		{
+		ECerr(EC_F_EC_PRE_COMP_NEW, ERR_R_MALLOC_FAILURE);
 		return ret;
+		}
 	ret->group = group;
 	ret->blocksize = 8; /* default */
 	ret->numblocks = 0;
@@ -194,6 +197,19 @@ static signed char *compute_wNAF(const BIGNUM *scalar, int w, size_t *ret_len)
 	int bit, next_bit, mask;
 	size_t len = 0, j;
 	
+	if (BN_is_zero(scalar))
+		{
+		r = OPENSSL_malloc(1);
+		if (!r)
+			{
+			ECerr(EC_F_COMPUTE_WNAF, ERR_R_MALLOC_FAILURE);
+			goto err;
+			}
+		r[0] = 0;
+		*ret_len = 1;
+		return r;
+		}
+		
 	if (w <= 0 || w > 7) /* 'signed char' can represent integers with absolute values less than 2^7 */
 		{
 		ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR);
@@ -203,20 +219,24 @@ static signed char *compute_wNAF(const BIGNUM *scalar, int w, size_t *ret_len)
 	next_bit = bit << 1; /* at most 256 */
 	mask = next_bit - 1; /* at most 255 */
 
-	if (BN_get_sign(scalar))
+	if (BN_is_negative(scalar))
 		{
 		sign = -1;
 		}
 
+	if (scalar->d == NULL || scalar->top == 0)
+		{
+		ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR);
+		goto err;
+		}
+
 	len = BN_num_bits(scalar);
 	r = OPENSSL_malloc(len + 1); /* modified wNAF may be one digit longer than binary representation
 	                              * (*ret_len will be set to the actual length, i.e. at most
 	                              * BN_num_bits(scalar) + 1) */
-	if (r == NULL) goto err;
-
-	if (scalar->d == NULL || scalar->top == 0)
+	if (r == NULL)
 		{
-		ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR);
+		ECerr(EC_F_COMPUTE_WNAF, ERR_R_MALLOC_FAILURE);
 		goto err;
 		}
 	window_val = scalar->d[0] & mask;
@@ -325,7 +345,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
 	size_t num, const EC_POINT *points[], const BIGNUM *scalars[], BN_CTX *ctx)
 	{
 	BN_CTX *new_ctx = NULL;
-	EC_POINT *generator = NULL;
+	const EC_POINT *generator = NULL;
 	EC_POINT *tmp = NULL;
 	size_t totalnum;
 	size_t blocksize = 0, numblocks = 0; /* for wNAF splitting */
@@ -385,7 +405,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
 		
 		/* look if we can use precomputed multiples of generator */
 
-		pre_comp = EC_GROUP_get_extra_data(group, ec_pre_comp_dup, ec_pre_comp_free, ec_pre_comp_clear_free);
+		pre_comp = EC_EX_DATA_get_data(group->extra_data, ec_pre_comp_dup, ec_pre_comp_free, ec_pre_comp_clear_free);
 
 		if (pre_comp && pre_comp->numblocks && (EC_POINT_cmp(group, generator, pre_comp->points[0], ctx) == 0))
 			{
@@ -399,7 +419,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
 			if (numblocks > pre_comp->numblocks)
 				numblocks = pre_comp->numblocks;
 
-			pre_points_per_block = 1u << (pre_comp->w - 1);
+			pre_points_per_block = (size_t)1 << (pre_comp->w - 1);
 
 			/* check that pre_comp looks sane */
 			if (pre_comp->num != (pre_comp->numblocks * pre_points_per_block))
@@ -425,7 +445,10 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
 	val_sub  = OPENSSL_malloc(totalnum * sizeof val_sub[0]);
 		 
 	if (!wsize || !wNAF_len || !wNAF || !val_sub)
+		{
+		ECerr(EC_F_EC_WNAF_MUL, ERR_R_MALLOC_FAILURE);
 		goto err;
+		}
 
 	wNAF[0] = NULL;	/* preliminary pivot */
 
@@ -438,7 +461,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
 
 		bits = i < num ? BN_num_bits(scalars[i]) : BN_num_bits(scalar);
 		wsize[i] = EC_window_bits_for_scalar_size(bits);
-		num_val += 1u << (wsize[i] - 1);
+		num_val += (size_t)1 << (wsize[i] - 1);
 		wNAF[i + 1] = NULL; /* make sure we always have a pivot */
 		wNAF[i] = compute_wNAF((i < num ? scalars[i] : scalar), wsize[i], &wNAF_len[i]);
 		if (wNAF[i] == NULL)
@@ -538,6 +561,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
 					wNAF[i] = OPENSSL_malloc(wNAF_len[i]);
 					if (wNAF[i] == NULL)
 						{
+						ECerr(EC_F_EC_WNAF_MUL, ERR_R_MALLOC_FAILURE);
 						OPENSSL_free(tmp_wNAF);
 						goto err;
 						}
@@ -564,7 +588,11 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
 	 * 'val_sub[i]' is a pointer to the subarray for the i-th point,
 	 * or to a subarray of 'pre_comp->points' if we already have precomputation. */
 	val = OPENSSL_malloc((num_val + 1) * sizeof val[0]);
-	if (val == NULL) goto err;
+	if (val == NULL)
+		{
+		ECerr(EC_F_EC_WNAF_MUL, ERR_R_MALLOC_FAILURE);
+		goto err;
+		}
 	val[num_val] = NULL; /* pivot element */
 
 	/* allocate points for precomputation */
@@ -572,7 +600,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
 	for (i = 0; i < num + num_scalar; i++)
 		{
 		val_sub[i] = v;
-		for (j = 0; j < (1u << (wsize[i] - 1)); j++)
+		for (j = 0; j < ((size_t)1 << (wsize[i] - 1)); j++)
 			{
 			*v = EC_POINT_new(group);
 			if (*v == NULL) goto err;
@@ -608,7 +636,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
 		if (wsize[i] > 1)
 			{
 			if (!EC_POINT_dbl(group, tmp, val_sub[i][0], ctx)) goto err;
-			for (j = 1; j < (1u << (wsize[i] - 1)); j++)
+			for (j = 1; j < ((size_t)1 << (wsize[i] - 1)); j++)
 				{
 				if (!EC_POINT_add(group, val_sub[i][j], val_sub[i][j - 1], tmp, ctx)) goto err;
 				}
@@ -744,7 +772,7 @@ int ec_wNAF_precompute_mult(EC_GROUP *group, BN_CTX *ctx)
 	int ret = 0;
 
 	/* if there is an old EC_PRE_COMP object, throw it away */
-	EC_GROUP_free_extra_data(group, ec_pre_comp_dup, ec_pre_comp_free, ec_pre_comp_clear_free);
+	EC_EX_DATA_free_data(&group->extra_data, ec_pre_comp_dup, ec_pre_comp_free, ec_pre_comp_clear_free);
 
 	if ((pre_comp = ec_pre_comp_new(group)) == NULL)
 		return 0;
@@ -792,7 +820,7 @@ int ec_wNAF_precompute_mult(EC_GROUP *group, BN_CTX *ctx)
 
 	numblocks = (bits + blocksize - 1) / blocksize; /* max. number of blocks to use for wNAF splitting */
 	
-	pre_points_per_block = 1u << (w - 1);
+	pre_points_per_block = (size_t)1 << (w - 1);
 	num = pre_points_per_block * numblocks; /* number of points to compute and store */
 
 	points = OPENSSL_malloc(sizeof (EC_POINT*)*(num + 1));
@@ -872,14 +900,15 @@ int ec_wNAF_precompute_mult(EC_GROUP *group, BN_CTX *ctx)
 	points = NULL;
 	pre_comp->num = num;
 
-	if (!EC_GROUP_set_extra_data(group, pre_comp,
+	if (!EC_EX_DATA_set_data(&group->extra_data, pre_comp,
 		ec_pre_comp_dup, ec_pre_comp_free, ec_pre_comp_clear_free))
 		goto err;
 	pre_comp = NULL;
 
 	ret = 1;
  err:
-	BN_CTX_end(ctx);
+	if (ctx != NULL)
+		BN_CTX_end(ctx);
 	if (new_ctx != NULL)
 		BN_CTX_free(new_ctx);
 	if (pre_comp)
@@ -902,7 +931,7 @@ int ec_wNAF_precompute_mult(EC_GROUP *group, BN_CTX *ctx)
 
 int ec_wNAF_have_precompute_mult(const EC_GROUP *group)
 	{
-	if (EC_GROUP_get_extra_data(group, ec_pre_comp_dup, ec_pre_comp_free, ec_pre_comp_clear_free) != NULL)
+	if (EC_EX_DATA_get_data(group->extra_data, ec_pre_comp_dup, ec_pre_comp_free, ec_pre_comp_clear_free) != NULL)
 		return 1;
 	else
 		return 0;
diff --git a/crypto/ec/ec_pmeth.c b/crypto/ec/ec_pmeth.c
new file mode 100644
index 0000000000..f433076ca1
--- /dev/null
+++ b/crypto/ec/ec_pmeth.c
@@ -0,0 +1,340 @@
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project 2006.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/asn1t.h>
+#include <openssl/x509.h>
+#include <openssl/ec.h>
+#include <openssl/ecdsa.h>
+#include <openssl/evp.h>
+#include "evp_locl.h"
+
+/* EC pkey context structure */
+
+typedef struct
+	{
+	/* Key and paramgen group */
+	EC_GROUP *gen_group;
+	/* message digest */
+	const EVP_MD *md;
+	} EC_PKEY_CTX;
+
+static int pkey_ec_init(EVP_PKEY_CTX *ctx)
+	{
+	EC_PKEY_CTX *dctx;
+	dctx = OPENSSL_malloc(sizeof(EC_PKEY_CTX));
+	if (!dctx)
+		return 0;
+	dctx->gen_group = NULL;
+	dctx->md = NULL;
+
+	ctx->data = dctx;
+
+	return 1;
+	}
+
+static int pkey_ec_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
+	{
+	EC_PKEY_CTX *dctx, *sctx;
+	if (!pkey_ec_init(dst))
+		return 0;
+       	sctx = src->data;
+	dctx = dst->data;
+	if (sctx->gen_group)
+		{
+		dctx->gen_group = EC_GROUP_dup(sctx->gen_group);
+		if (!dctx->gen_group)
+			return 0;
+		}
+	dctx->md = sctx->md;
+	return 1;
+	}
+
+static void pkey_ec_cleanup(EVP_PKEY_CTX *ctx)
+	{
+	EC_PKEY_CTX *dctx = ctx->data;
+	if (dctx)
+		{
+		if (dctx->gen_group)
+			EC_GROUP_free(dctx->gen_group);
+		OPENSSL_free(dctx);
+		}
+	}
+
+static int pkey_ec_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+					const unsigned char *tbs, size_t tbslen)
+	{
+	int ret, type;
+	unsigned int sltmp;
+	EC_PKEY_CTX *dctx = ctx->data;
+	EC_KEY *ec = ctx->pkey->pkey.ec;
+
+	if (!sig)
+		{
+		*siglen = ECDSA_size(ec);
+		return 1;
+		}
+	else if(*siglen < (size_t)ECDSA_size(ec))
+		{
+		ECerr(EC_F_PKEY_EC_SIGN, EC_R_BUFFER_TOO_SMALL);
+		return 0;
+		}
+
+	if (dctx->md)
+		type = EVP_MD_type(dctx->md);
+	else
+		type = NID_sha1;
+
+
+	ret = ECDSA_sign(type, tbs, tbslen, sig, &sltmp, ec);
+
+	if (ret <= 0)
+		return ret;
+	*siglen = (size_t)sltmp;
+	return 1;
+	}
+
+static int pkey_ec_verify(EVP_PKEY_CTX *ctx,
+					const unsigned char *sig, size_t siglen,
+					const unsigned char *tbs, size_t tbslen)
+	{
+	int ret, type;
+	EC_PKEY_CTX *dctx = ctx->data;
+	EC_KEY *ec = ctx->pkey->pkey.ec;
+
+	if (dctx->md)
+		type = EVP_MD_type(dctx->md);
+	else
+		type = NID_sha1;
+
+	ret = ECDSA_verify(type, tbs, tbslen, sig, siglen, ec);
+
+	return ret;
+	}
+
+static int pkey_ec_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen)
+	{
+	int ret;
+	size_t outlen;
+	const EC_POINT *pubkey = NULL;
+	if (!ctx->pkey || !ctx->peerkey)
+		{
+		ECerr(EC_F_PKEY_EC_DERIVE, EC_R_KEYS_NOT_SET);
+		return 0;
+		}
+
+	if (!key)
+		{
+		const EC_GROUP *group;
+		group = EC_KEY_get0_group(ctx->pkey->pkey.ec);
+		*keylen = (EC_GROUP_get_degree(group) + 7)/8;
+		return 1;
+		}
+
+	pubkey = EC_KEY_get0_public_key(ctx->peerkey->pkey.ec);
+
+	/* NB: unlike PKS#3 DH, if *outlen is less than maximum size this is
+	 * not an error, the result is truncated.
+	 */
+
+	outlen = *keylen;
+		
+	ret = ECDH_compute_key(key, outlen, pubkey, ctx->pkey->pkey.ec, 0);
+	if (ret < 0)
+		return ret;
+	*keylen = ret;
+	return 1;
+	}
+
+static int pkey_ec_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
+	{
+	EC_PKEY_CTX *dctx = ctx->data;
+	EC_GROUP *group;
+	switch (type)
+		{
+		case EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID:
+		group = EC_GROUP_new_by_curve_name(p1);
+		if (group == NULL)
+			{
+			ECerr(EC_F_PKEY_EC_CTRL, EC_R_INVALID_CURVE);
+			return 0;
+			}
+		if (dctx->gen_group)
+			EC_GROUP_free(dctx->gen_group);
+		dctx->gen_group = group;
+		return 1;
+
+		case EVP_PKEY_CTRL_MD:
+		if (EVP_MD_type((const EVP_MD *)p2) != NID_sha1 &&
+		    EVP_MD_type((const EVP_MD *)p2) != NID_sha224 &&
+		    EVP_MD_type((const EVP_MD *)p2) != NID_sha256 &&
+		    EVP_MD_type((const EVP_MD *)p2) != NID_sha384 &&
+		    EVP_MD_type((const EVP_MD *)p2) != NID_sha512)
+			{
+			ECerr(EC_F_PKEY_EC_CTRL, EC_R_INVALID_DIGEST_TYPE);
+			return 0;
+			}
+		dctx->md = p2;
+		return 1;
+
+		case EVP_PKEY_CTRL_PEER_KEY:
+		/* Default behaviour is OK */
+		case EVP_PKEY_CTRL_DIGESTINIT:
+		case EVP_PKEY_CTRL_PKCS7_SIGN:
+		case EVP_PKEY_CTRL_CMS_SIGN:
+		return 1;
+
+		default:
+		return -2;
+
+		}
+	}
+			
+static int pkey_ec_ctrl_str(EVP_PKEY_CTX *ctx,
+			const char *type, const char *value)
+	{
+	if (!strcmp(type, "ec_paramgen_curve"))
+		{
+		int nid;
+		nid = OBJ_sn2nid(value);
+		if (nid == NID_undef)
+			nid = OBJ_ln2nid(value);
+		if (nid == NID_undef)
+			{
+			ECerr(EC_F_PKEY_EC_CTRL_STR, EC_R_INVALID_CURVE);
+			return 0;
+			}
+		return EVP_PKEY_CTX_set_ec_paramgen_curve_nid(ctx, nid);
+		}
+	return -2;
+	}
+
+static int pkey_ec_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
+	{
+	EC_KEY *ec = NULL;
+	EC_PKEY_CTX *dctx = ctx->data;
+	int ret = 0;
+	if (dctx->gen_group == NULL)
+		{
+		ECerr(EC_F_PKEY_EC_PARAMGEN, EC_R_NO_PARAMETERS_SET);
+		return 0;
+		}
+	ec = EC_KEY_new();
+	if (!ec)
+		return 0;
+	ret = EC_KEY_set_group(ec, dctx->gen_group);
+	if (ret)
+		EVP_PKEY_assign_EC_KEY(pkey, ec);
+	else
+		EC_KEY_free(ec);
+	return ret;
+	}
+
+static int pkey_ec_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
+	{
+	EC_KEY *ec = NULL;
+	if (ctx->pkey == NULL)
+		{
+		ECerr(EC_F_PKEY_EC_KEYGEN, EC_R_NO_PARAMETERS_SET);
+		return 0;
+		}
+	ec = EC_KEY_new();
+	if (!ec)
+		return 0;
+	EVP_PKEY_assign_EC_KEY(pkey, ec);
+	/* Note: if error return, pkey is freed by parent routine */
+	if (!EVP_PKEY_copy_parameters(pkey, ctx->pkey))
+		return 0;
+	return EC_KEY_generate_key(pkey->pkey.ec);
+	}
+
+const EVP_PKEY_METHOD ec_pkey_meth = 
+	{
+	EVP_PKEY_EC,
+	0,
+	pkey_ec_init,
+	pkey_ec_copy,
+	pkey_ec_cleanup,
+
+	0,
+	pkey_ec_paramgen,
+
+	0,
+	pkey_ec_keygen,
+
+	0,
+	pkey_ec_sign,
+
+	0,
+	pkey_ec_verify,
+
+	0,0,
+
+	0,0,0,0,
+
+	0,0,
+
+	0,0,
+
+	0,
+	pkey_ec_derive,
+
+	pkey_ec_ctrl,
+	pkey_ec_ctrl_str
+
+	};
diff --git a/crypto/ec/eck_prn.c b/crypto/ec/eck_prn.c
new file mode 100644
index 0000000000..7d3e175ae7
--- /dev/null
+++ b/crypto/ec/eck_prn.c
@@ -0,0 +1,391 @@
+/* crypto/ec/eck_prn.c */
+/*
+ * Written by Nils Larsch for the OpenSSL project.
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2005 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * Portions originally developed by SUN MICROSYSTEMS, INC., and 
+ * contributed to the OpenSSL project.
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/evp.h>
+#include <openssl/ec.h>
+#include <openssl/bn.h>
+
+#ifndef OPENSSL_NO_FP_API
+int ECPKParameters_print_fp(FILE *fp, const EC_GROUP *x, int off)
+	{
+	BIO *b;
+	int ret;
+
+	if ((b=BIO_new(BIO_s_file())) == NULL)
+		{
+		ECerr(EC_F_ECPKPARAMETERS_PRINT_FP,ERR_R_BUF_LIB);
+		return(0);
+		}
+	BIO_set_fp(b, fp, BIO_NOCLOSE);
+	ret = ECPKParameters_print(b, x, off);
+	BIO_free(b);
+	return(ret);
+	}
+
+int EC_KEY_print_fp(FILE *fp, const EC_KEY *x, int off)
+	{
+	BIO *b;
+	int ret;
+ 
+	if ((b=BIO_new(BIO_s_file())) == NULL)
+		{
+		ECerr(EC_F_EC_KEY_PRINT_FP, ERR_R_BIO_LIB);
+		return(0);
+		}
+	BIO_set_fp(b, fp, BIO_NOCLOSE);
+	ret = EC_KEY_print(b, x, off);
+	BIO_free(b);
+	return(ret);
+	}
+
+int ECParameters_print_fp(FILE *fp, const EC_KEY *x)
+	{
+	BIO *b;
+	int ret;
+ 
+	if ((b=BIO_new(BIO_s_file())) == NULL)
+		{
+		ECerr(EC_F_ECPARAMETERS_PRINT_FP, ERR_R_BIO_LIB);
+		return(0);
+		}
+	BIO_set_fp(b, fp, BIO_NOCLOSE);
+	ret = ECParameters_print(b, x);
+	BIO_free(b);
+	return(ret);
+	}
+#endif
+
+int EC_KEY_print(BIO *bp, const EC_KEY *x, int off)
+	{
+	EVP_PKEY *pk;
+	int ret;
+	pk = EVP_PKEY_new();
+	if (!pk || !EVP_PKEY_set1_EC_KEY(pk, (EC_KEY *)x))
+		return 0;
+	ret = EVP_PKEY_print_private(bp, pk, off, NULL);
+	EVP_PKEY_free(pk);
+	return ret;
+	}
+
+int ECParameters_print(BIO *bp, const EC_KEY *x)
+	{
+	EVP_PKEY *pk;
+	int ret;
+	pk = EVP_PKEY_new();
+	if (!pk || !EVP_PKEY_set1_EC_KEY(pk, (EC_KEY *)x))
+		return 0;
+	ret = EVP_PKEY_print_params(bp, pk, 4, NULL);
+	EVP_PKEY_free(pk);
+	return ret;
+	}
+
+static int print_bin(BIO *fp, const char *str, const unsigned char *num,
+		size_t len, int off);
+
+int ECPKParameters_print(BIO *bp, const EC_GROUP *x, int off)
+	{
+	unsigned char *buffer=NULL;
+	size_t	buf_len=0, i;
+	int     ret=0, reason=ERR_R_BIO_LIB;
+	BN_CTX  *ctx=NULL;
+	const EC_POINT *point=NULL;
+	BIGNUM	*p=NULL, *a=NULL, *b=NULL, *gen=NULL,
+		*order=NULL, *cofactor=NULL;
+	const unsigned char *seed;
+	size_t	seed_len=0;
+	
+	static const char *gen_compressed = "Generator (compressed):";
+	static const char *gen_uncompressed = "Generator (uncompressed):";
+	static const char *gen_hybrid = "Generator (hybrid):";
+ 
+	if (!x)
+		{
+		reason = ERR_R_PASSED_NULL_PARAMETER;
+		goto err;
+		}
+
+	ctx = BN_CTX_new();
+	if (ctx == NULL)
+		{
+		reason = ERR_R_MALLOC_FAILURE;
+		goto err;
+		}
+
+	if (EC_GROUP_get_asn1_flag(x))
+		{
+		/* the curve parameter are given by an asn1 OID */
+		int nid;
+
+		if (!BIO_indent(bp, off, 128))
+			goto err;
+
+		nid = EC_GROUP_get_curve_name(x);
+		if (nid == 0)
+			goto err;
+
+		if (BIO_printf(bp, "ASN1 OID: %s", OBJ_nid2sn(nid)) <= 0)
+			goto err;
+		if (BIO_printf(bp, "\n") <= 0)
+			goto err;
+		}
+	else
+		{
+		/* explicit parameters */
+		int is_char_two = 0;
+		point_conversion_form_t form;
+		int tmp_nid = EC_METHOD_get_field_type(EC_GROUP_method_of(x));
+
+		if (tmp_nid == NID_X9_62_characteristic_two_field)
+			is_char_two = 1;
+
+		if ((p = BN_new()) == NULL || (a = BN_new()) == NULL ||
+			(b = BN_new()) == NULL || (order = BN_new()) == NULL ||
+			(cofactor = BN_new()) == NULL)
+			{
+			reason = ERR_R_MALLOC_FAILURE;
+			goto err;
+			}
+
+		if (is_char_two)
+			{
+			if (!EC_GROUP_get_curve_GF2m(x, p, a, b, ctx))
+				{
+				reason = ERR_R_EC_LIB;
+				goto err;
+				}
+			}
+		else /* prime field */
+			{
+			if (!EC_GROUP_get_curve_GFp(x, p, a, b, ctx))
+				{
+				reason = ERR_R_EC_LIB;
+				goto err;
+				}
+			}
+
+		if ((point = EC_GROUP_get0_generator(x)) == NULL)
+			{
+			reason = ERR_R_EC_LIB;
+			goto err;
+			}
+		if (!EC_GROUP_get_order(x, order, NULL) || 
+            		!EC_GROUP_get_cofactor(x, cofactor, NULL))
+			{
+			reason = ERR_R_EC_LIB;
+			goto err;
+			}
+		
+		form = EC_GROUP_get_point_conversion_form(x);
+
+		if ((gen = EC_POINT_point2bn(x, point, 
+				form, NULL, ctx)) == NULL)
+			{
+			reason = ERR_R_EC_LIB;
+			goto err;
+			}
+
+		buf_len = (size_t)BN_num_bytes(p);
+		if (buf_len < (i = (size_t)BN_num_bytes(a)))
+			buf_len = i;
+		if (buf_len < (i = (size_t)BN_num_bytes(b)))
+			buf_len = i;
+		if (buf_len < (i = (size_t)BN_num_bytes(gen)))
+			buf_len = i;
+		if (buf_len < (i = (size_t)BN_num_bytes(order)))
+			buf_len = i;
+		if (buf_len < (i = (size_t)BN_num_bytes(cofactor))) 
+			buf_len = i;
+
+		if ((seed = EC_GROUP_get0_seed(x)) != NULL)
+			seed_len = EC_GROUP_get_seed_len(x);
+
+		buf_len += 10;
+		if ((buffer = OPENSSL_malloc(buf_len)) == NULL)
+			{
+			reason = ERR_R_MALLOC_FAILURE;
+			goto err;
+			}
+
+		if (!BIO_indent(bp, off, 128))
+			goto err;
+
+		/* print the 'short name' of the field type */
+		if (BIO_printf(bp, "Field Type: %s\n", OBJ_nid2sn(tmp_nid))
+			<= 0)
+			goto err;  
+
+		if (is_char_two)
+			{
+			/* print the 'short name' of the base type OID */
+			int basis_type = EC_GROUP_get_basis_type(x);
+			if (basis_type == 0)
+				goto err;
+
+			if (!BIO_indent(bp, off, 128))
+				goto err;
+
+			if (BIO_printf(bp, "Basis Type: %s\n", 
+				OBJ_nid2sn(basis_type)) <= 0)
+				goto err;
+
+			/* print the polynomial */
+			if ((p != NULL) && !ASN1_bn_print(bp, "Polynomial:", p, buffer,
+				off))
+				goto err;
+			}
+		else
+			{
+			if ((p != NULL) && !ASN1_bn_print(bp, "Prime:", p, buffer,off))
+				goto err;
+			}
+		if ((a != NULL) && !ASN1_bn_print(bp, "A:   ", a, buffer, off)) 
+			goto err;
+		if ((b != NULL) && !ASN1_bn_print(bp, "B:   ", b, buffer, off))
+			goto err;
+		if (form == POINT_CONVERSION_COMPRESSED)
+			{
+			if ((gen != NULL) && !ASN1_bn_print(bp, gen_compressed, gen,
+				buffer, off))
+				goto err;
+			}
+		else if (form == POINT_CONVERSION_UNCOMPRESSED)
+			{
+			if ((gen != NULL) && !ASN1_bn_print(bp, gen_uncompressed, gen,
+				buffer, off))
+				goto err;
+			}
+		else /* form == POINT_CONVERSION_HYBRID */
+			{
+			if ((gen != NULL) && !ASN1_bn_print(bp, gen_hybrid, gen,
+				buffer, off))
+				goto err;
+			}
+		if ((order != NULL) && !ASN1_bn_print(bp, "Order: ", order, 
+			buffer, off)) goto err;
+		if ((cofactor != NULL) && !ASN1_bn_print(bp, "Cofactor: ", cofactor, 
+			buffer, off)) goto err;
+		if (seed && !print_bin(bp, "Seed:", seed, seed_len, off))
+			goto err;
+		}
+	ret=1;
+err:
+	if (!ret)
+ 		ECerr(EC_F_ECPKPARAMETERS_PRINT, reason);
+	if (p) 
+		BN_free(p);
+	if (a) 
+		BN_free(a);
+	if (b)
+		BN_free(b);
+	if (gen)
+		BN_free(gen);
+	if (order)
+		BN_free(order);
+	if (cofactor)
+		BN_free(cofactor);
+	if (ctx)
+		BN_CTX_free(ctx);
+	if (buffer != NULL) 
+		OPENSSL_free(buffer);
+	return(ret);	
+	}
+
+static int print_bin(BIO *fp, const char *name, const unsigned char *buf,
+		size_t len, int off)
+	{
+	size_t i;
+	char str[128];
+
+	if (buf == NULL)
+		return 1;
+	if (off)
+		{
+		if (off > 128)
+			off=128;
+		memset(str,' ',off);
+		if (BIO_write(fp, str, off) <= 0)
+			return 0;
+		}
+
+	if (BIO_printf(fp,"%s", name) <= 0)
+		return 0;
+
+	for (i=0; i<len; i++)
+		{
+		if ((i%15) == 0)
+			{
+			str[0]='\n';
+			memset(&(str[1]),' ',off+4);
+			if (BIO_write(fp, str, off+1+4) <= 0)
+				return 0;
+			}
+		if (BIO_printf(fp,"%02x%s",buf[i],((i+1) == len)?"":":") <= 0)
+			return 0;
+		}
+	if (BIO_write(fp,"\n",1) <= 0)
+		return 0;
+
+	return 1;
+	}
diff --git a/crypto/ec/ecp_mont.c b/crypto/ec/ecp_mont.c
index b64fa68b56..9fc4a466a5 100644
--- a/crypto/ec/ecp_mont.c
+++ b/crypto/ec/ecp_mont.c
@@ -223,7 +223,7 @@ int ec_GFp_mont_group_set_curve(EC_GROUP *group, const BIGNUM *p, const BIGNUM *
 	if (mont == NULL) goto err;
 	if (!BN_MONT_CTX_set(mont, p, ctx))
 		{
-		ECerr(EC_F_GFP_MONT_GROUP_SET_CURVE, ERR_R_BN_LIB);
+		ECerr(EC_F_EC_GFP_MONT_GROUP_SET_CURVE, ERR_R_BN_LIB);
 		goto err;
 		}
 	one = BN_new();
@@ -306,7 +306,7 @@ int ec_GFp_mont_field_set_to_one(const EC_GROUP *group, BIGNUM *r, BN_CTX *ctx)
 	{
 	if (group->field_data2 == NULL)
 		{
-		ECerr(EC_F_EC_GFP_MONT_FIELD_DECODE, EC_R_NOT_INITIALIZED);
+		ECerr(EC_F_EC_GFP_MONT_FIELD_SET_TO_ONE, EC_R_NOT_INITIALIZED);
 		return 0;
 		}
 
diff --git a/crypto/ec/ecp_nist.c b/crypto/ec/ecp_nist.c
index d2dbfe6743..2a5682ea41 100644
--- a/crypto/ec/ecp_nist.c
+++ b/crypto/ec/ecp_nist.c
@@ -61,6 +61,8 @@
  * and contributed to the OpenSSL project.
  */
 
+#include <limits.h>
+
 #include <openssl/err.h>
 #include <openssl/obj_mac.h>
 #include "ec_lcl.h"
@@ -110,10 +112,6 @@ const EC_METHOD *EC_GFp_nist_method(void)
 	return &ret;
 	}
 
-#if BN_BITS2 == 64 && UINT_MAX != 4294967295UL && ULONG_MAX != 4294967295UL
-#define	NO_32_BIT_TYPE
-#endif
-
 int ec_GFp_nist_group_copy(EC_GROUP *dest, const EC_GROUP *src)
 	{
 	dest->field_mod_func = src->field_mod_func;
@@ -137,38 +135,16 @@ int ec_GFp_nist_group_set_curve(EC_GROUP *group, const BIGNUM *p,
 	if (BN_ucmp(BN_get0_nist_prime_192(), p) == 0)
 		group->field_mod_func = BN_nist_mod_192;
 	else if (BN_ucmp(BN_get0_nist_prime_224(), p) == 0)
-		{
-#if !defined(NO_32_BIT_TYPE) || defined(OPENSSL_NO_ASM)
 		group->field_mod_func = BN_nist_mod_224;
-#else
-		ECerr(EC_F_EC_GFP_NIST_GROUP_SET_CURVE_GFP, EC_R_NOT_A_SUPPORTED_NIST_PRIME);
-		goto err;
-#endif
-		}
 	else if (BN_ucmp(BN_get0_nist_prime_256(), p) == 0)
-		{
-#if !defined(NO_32_BIT_TYPE) || defined(OPENSSL_NO_ASM)
 		group->field_mod_func = BN_nist_mod_256;
-#else
-		ECerr(EC_F_EC_GFP_NIST_GROUP_SET_CURVE_GFP, EC_R_NOT_A_SUPPORTED_NIST_PRIME);
-		goto err;
-#endif
-		}
 	else if (BN_ucmp(BN_get0_nist_prime_384(), p) == 0)
-		{
-#if !defined(NO_32_BIT_TYPE) || defined(OPENSSL_NO_ASM)
 		group->field_mod_func = BN_nist_mod_384;
-#else
-		ECerr(EC_F_EC_GFP_NIST_GROUP_SET_CURVE_GFP, EC_R_NOT_A_SUPPORTED_NIST_PRIME);
-		goto err;
-#endif
-		}
 	else if (BN_ucmp(BN_get0_nist_prime_521(), p) == 0)
-		/* this one works in the NO_32_BIT_TYPE case */
 		group->field_mod_func = BN_nist_mod_521;
 	else
 		{
-		ECerr(EC_F_EC_GFP_NIST_GROUP_SET_CURVE_GFP, EC_R_NOT_A_NIST_PRIME);
+		ECerr(EC_F_EC_GFP_NIST_GROUP_SET_CURVE, EC_R_NOT_A_NIST_PRIME);
 		goto err;
 		}
 
diff --git a/crypto/ec/ecp_smpl.c b/crypto/ec/ecp_smpl.c
index 1c0052c5ca..4d26f8bdf6 100644
--- a/crypto/ec/ecp_smpl.c
+++ b/crypto/ec/ecp_smpl.c
@@ -192,7 +192,7 @@ int ec_GFp_simple_group_set_curve(EC_GROUP *group,
 
 	/* group->field */
 	if (!BN_copy(&group->field, p)) goto err;
-	BN_set_sign(&group->field, 0);
+	BN_set_negative(&group->field, 0);
 
 	/* group->a */
 	if (!BN_nnmod(tmp_a, a, p, ctx)) goto err;
@@ -336,7 +336,8 @@ int ec_GFp_simple_group_check_discriminant(const EC_GROUP *group, BN_CTX *ctx)
 	ret = 1;
 
 err:
-	BN_CTX_end(ctx);
+	if (ctx != NULL)
+		BN_CTX_end(ctx);
 	if (new_ctx != NULL)
 		BN_CTX_free(new_ctx);
 	return ret;
diff --git a/crypto/ec/ectest.c b/crypto/ec/ectest.c
index b96feae7f3..7509cb9c7c 100644
--- a/crypto/ec/ectest.c
+++ b/crypto/ec/ectest.c
@@ -95,6 +95,11 @@ int main(int argc, char * argv[]) { puts("Elliptic curves are disabled."); retur
 #include <openssl/rand.h>
 #include <openssl/bn.h>
 
+#if defined(_MSC_VER) && defined(_MIPS_) && (_MSC_VER/100==12)
+/* suppress "too big too optimize" warning */
+#pragma warning(disable:4959)
+#endif
+
 #define ABORT do { \
 	fflush(stdout); \
 	fprintf(stderr, "%s:%d: ABORT\n", __FILE__, __LINE__); \
@@ -226,7 +231,7 @@ void prime_field_tests()
 		EC_GROUP *tmp;
 		tmp = EC_GROUP_new(EC_GROUP_method_of(group));
 		if (!tmp) ABORT;
-		if (!EC_GROUP_copy(tmp, group));
+		if (!EC_GROUP_copy(tmp, group)) ABORT;
 		EC_GROUP_free(group);
 		group = tmp;
 	}
@@ -644,13 +649,15 @@ void prime_field_tests()
 	if (!EC_POINT_is_at_infinity(group, R)) ABORT; /* R = P + 2Q */
 
 	{
-		const EC_POINT *points[3];
-		const BIGNUM *scalars[3];
+		const EC_POINT *points[4];
+		const BIGNUM *scalars[4];
+		BIGNUM scalar3;
 	
 		if (EC_POINT_is_at_infinity(group, Q)) ABORT;
 		points[0] = Q;
 		points[1] = Q;
 		points[2] = Q;
+		points[3] = Q;
 
 		if (!BN_add(y, z, BN_value_one())) ABORT;
 		if (BN_is_odd(y)) ABORT;
@@ -672,7 +679,7 @@ void prime_field_tests()
 
 		if (!BN_pseudo_rand(y, BN_num_bits(y), 0, 0)) ABORT;
 		if (!BN_add(z, z, y)) ABORT;
-		BN_set_sign(z, 1);
+		BN_set_negative(z, 1);
 		scalars[0] = y;
 		scalars[1] = z; /* z = -(order + y) */
 
@@ -684,15 +691,21 @@ void prime_field_tests()
 
 		if (!BN_pseudo_rand(x, BN_num_bits(y) - 1, 0, 0)) ABORT;
 		if (!BN_add(z, x, y)) ABORT;
-		BN_set_sign(z, 1);
+		BN_set_negative(z, 1);
 		scalars[0] = x;
 		scalars[1] = y;
 		scalars[2] = z; /* z = -(x+y) */
 
-		if (!EC_POINTs_mul(group, P, NULL, 3, points, scalars, ctx)) ABORT;
+		BN_init(&scalar3);
+		BN_zero(&scalar3);
+		scalars[3] = &scalar3;
+
+		if (!EC_POINTs_mul(group, P, NULL, 4, points, scalars, ctx)) ABORT;
 		if (!EC_POINT_is_at_infinity(group, P)) ABORT;
 
 		fprintf(stdout, " ok\n\n");
+
+		BN_free(&scalar3);
 	}
 
 
@@ -829,7 +842,7 @@ void char2_field_tests()
 		EC_GROUP *tmp;
 		tmp = EC_GROUP_new(EC_GROUP_method_of(group));
 		if (!tmp) ABORT;
-		if (!EC_GROUP_copy(tmp, group));
+		if (!EC_GROUP_copy(tmp, group)) ABORT;
 		EC_GROUP_free(group);
 		group = tmp;
 	}
@@ -1147,7 +1160,7 @@ void char2_field_tests()
 
 		if (!BN_pseudo_rand(y, BN_num_bits(y), 0, 0)) ABORT;
 		if (!BN_add(z, z, y)) ABORT;
-		BN_set_sign(z, 1);
+		BN_set_negative(z, 1);
 		scalars[0] = y;
 		scalars[1] = z; /* z = -(order + y) */
 
@@ -1159,7 +1172,7 @@ void char2_field_tests()
 
 		if (!BN_pseudo_rand(x, BN_num_bits(y) - 1, 0, 0)) ABORT;
 		if (!BN_add(z, x, y)) ABORT;
-		BN_set_sign(z, 1);
+		BN_set_negative(z, 1);
 		scalars[0] = x;
 		scalars[1] = y;
 		scalars[2] = z; /* z = -(x+y) */
@@ -1252,10 +1265,10 @@ void internal_curve_test(void)
 		{
 		EC_GROUP *group = NULL;
 		int nid = curves[n].nid;
-		if ((group = EC_GROUP_new_by_nid(nid)) == NULL)
+		if ((group = EC_GROUP_new_by_curve_name(nid)) == NULL)
 			{
 			ok = 0;
-			fprintf(stdout, "\nEC_GROUP_new_by_nid() failed with"
+			fprintf(stdout, "\nEC_GROUP_new_curve_name() failed with"
 				" curve %s\n", OBJ_nid2sn(nid));
 			/* try next curve */
 			continue;
@@ -1313,7 +1326,7 @@ int main(int argc, char *argv[])
 #endif
 	CRYPTO_cleanup_all_ex_data();
 	ERR_free_strings();
-	ERR_remove_state(0);
+	ERR_remove_thread_state(NULL);
 	CRYPTO_mem_leaks_fp(stderr);
 	
 	return 0;
diff --git a/crypto/ecdh/.cvsignore b/crypto/ecdh/.cvsignore
index c6d03a9dbc..439e6d3eb6 100644
--- a/crypto/ecdh/.cvsignore
+++ b/crypto/ecdh/.cvsignore
@@ -1,2 +1,4 @@
 lib
 Makefile.save
+*.flc
+semantic.cache
diff --git a/crypto/ecdh/Makefile.ssl b/crypto/ecdh/Makefile.ssl
deleted file mode 100644
index 7e1dfefd85..0000000000
--- a/crypto/ecdh/Makefile.ssl
+++ /dev/null
@@ -1,133 +0,0 @@
-#
-# crypto/ecdh/Makefile
-#
-
-DIR=	ecdh
-TOP=	../..
-CC=	cc
-INCLUDES= -I.. -I$(TOP) -I../../include
-CFLAG=-g -Wall
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=ecdhtest.c
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=	ech_lib.c ech_ossl.c ech_key.c ech_err.c
-
-LIBOBJ=	ech_lib.o ech_ossl.o ech_key.o ech_err.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= ecdh.h
-HEADER=	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@headerlist="$(EXHEADER)"; for i in $$headerlist; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-ech_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-ech_err.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
-ech_err.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-ech_err.o: ../../include/openssl/ecdh.h ../../include/openssl/err.h
-ech_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-ech_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-ech_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-ech_err.o: ../../include/openssl/symhacks.h ech_err.c
-ech_key.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-ech_key.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-ech_key.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
-ech_key.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-ech_key.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-ech_key.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
-ech_key.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-ech_key.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-ech_key.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-ech_key.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-ech_key.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
-ech_key.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-ech_key.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-ech_key.o: ../../include/openssl/store.h ../../include/openssl/symhacks.h
-ech_key.o: ../../include/openssl/ui.h ../../include/openssl/x509.h
-ech_key.o: ../../include/openssl/x509_vfy.h ecdh.h ech_key.c
-ech_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-ech_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-ech_lib.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
-ech_lib.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-ech_lib.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-ech_lib.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
-ech_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-ech_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-ech_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-ech_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-ech_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
-ech_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-ech_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-ech_lib.o: ../../include/openssl/store.h ../../include/openssl/symhacks.h
-ech_lib.o: ../../include/openssl/ui.h ../../include/openssl/x509.h
-ech_lib.o: ../../include/openssl/x509_vfy.h ecdh.h ech_lib.c
-ech_ossl.o: ../../e_os.h ../../include/openssl/asn1.h
-ech_ossl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-ech_ossl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-ech_ossl.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-ech_ossl.o: ../../include/openssl/ecdh.h ../../include/openssl/err.h
-ech_ossl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-ech_ossl.o: ../../include/openssl/opensslconf.h
-ech_ossl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-ech_ossl.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-ech_ossl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-ech_ossl.o: ../cryptlib.h ech_ossl.c
diff --git a/crypto/ecdh/ecdh.h b/crypto/ecdh/ecdh.h
index f9189e09ca..b4b58ee65b 100644
--- a/crypto/ecdh/ecdh.h
+++ b/crypto/ecdh/ecdh.h
@@ -85,41 +85,6 @@
 extern "C" {
 #endif
 
-/* Already defined in ossl_typ.h */
-/* typedef struct ecdh_method ECDH_METHOD; */
-
-struct ecdh_method 
-	{
-	const char *name;
-	int (*compute_key)(void *key, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh,
-	                   void *(*KDF)(void *in, size_t inlen, void *out, size_t outlen));
-#if 0
-	int (*init)(EC_KEY *eckey);
-	int (*finish)(EC_KEY *eckey);
-#endif
-	int flags;
-	char *app_data;
-	};
-
-typedef struct ecdh_data_st {
-	/* EC_KEY_METH_DATA part */
-	int (*init)(EC_KEY *);
-	void (*finish)(EC_KEY *);
-	/* method specific part */
-	ENGINE	*engine;
-	int	flags;
-	const ECDH_METHOD *meth;
-	CRYPTO_EX_DATA ex_data;
-} ECDH_DATA; 
-
-/* ECDH_DATA functions */
-ECDH_DATA *ECDH_DATA_new(void);
-ECDH_DATA *ECDH_DATA_new_method(ENGINE *);
-void ECDH_DATA_free(ECDH_DATA *);
-
-ECDH_DATA *ecdh_check(EC_KEY *);
-
-
 const ECDH_METHOD *ECDH_OpenSSL(void);
 
 void	  ECDH_set_default_method(const ECDH_METHOD *);
@@ -127,7 +92,7 @@ const ECDH_METHOD *ECDH_get_default_method(void);
 int 	  ECDH_set_method(EC_KEY *, const ECDH_METHOD *);
 
 int ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh,
-                     void *(*KDF)(void *in, size_t inlen, void *out, size_t outlen));
+                     void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen));
 
 int 	  ECDH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new 
 		*new_func, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
@@ -145,7 +110,7 @@ void ERR_load_ECDH_strings(void);
 
 /* Function codes. */
 #define ECDH_F_ECDH_COMPUTE_KEY				 100
-#define ECDH_F_ECDH_DATA_NEW				 101
+#define ECDH_F_ECDH_DATA_NEW_METHOD			 101
 
 /* Reason codes. */
 #define ECDH_R_KDF_FAILED				 102
diff --git a/crypto/ecdh/ecdhtest.c b/crypto/ecdh/ecdhtest.c
index f9162b7e8b..212a87efa4 100644
--- a/crypto/ecdh/ecdhtest.c
+++ b/crypto/ecdh/ecdhtest.c
@@ -73,10 +73,10 @@
 
 #include "../e_os.h"
 
+#include <openssl/opensslconf.h>	/* for OPENSSL_NO_ECDH */
 #include <openssl/crypto.h>
 #include <openssl/bio.h>
 #include <openssl/bn.h>
-#include <openssl/ec.h>
 #include <openssl/objects.h>
 #include <openssl/rand.h>
 #include <openssl/sha.h>
@@ -89,6 +89,7 @@ int main(int argc, char *argv[])
     return(0);
 }
 #else
+#include <openssl/ec.h>
 #include <openssl/ecdh.h>
 
 #ifdef OPENSSL_SYS_WIN16
@@ -105,11 +106,13 @@ static const char rnd_seed[] = "string to make the random number generator think
 
 
 static const int KDF1_SHA1_len = 20;
-static void *KDF1_SHA1(void *in, size_t inlen, void *out, size_t outlen)
+static void *KDF1_SHA1(const void *in, size_t inlen, void *out, size_t *outlen)
 	{
 #ifndef OPENSSL_NO_SHA
-	if (outlen != SHA_DIGEST_LENGTH)
+	if (*outlen < SHA_DIGEST_LENGTH)
 		return NULL;
+	else
+		*outlen = SHA_DIGEST_LENGTH;
 	return SHA1(in, inlen, out);
 #else
 	return NULL;
@@ -117,9 +120,7 @@ static void *KDF1_SHA1(void *in, size_t inlen, void *out, size_t outlen)
 	}
 
 
-int test_ecdh_curve(int , char *, BN_CTX *, BIO *);
-
-int test_ecdh_curve(int nid, char *text, BN_CTX *ctx, BIO *out)
+static int test_ecdh_curve(int nid, const char *text, BN_CTX *ctx, BIO *out)
 	{
 	EC_KEY *a=NULL;
 	EC_KEY *b=NULL;
@@ -128,12 +129,14 @@ int test_ecdh_curve(int nid, char *text, BN_CTX *ctx, BIO *out)
 	char buf[12];
 	unsigned char *abuf=NULL,*bbuf=NULL;
 	int i,alen,blen,aout,bout,ret=0;
+	const EC_GROUP *group;
 
-	if ((a=EC_KEY_new()) == NULL) goto err;
-	if ((a->group=EC_GROUP_new_by_nid(nid)) == NULL) goto err;
+	a = EC_KEY_new_by_curve_name(nid);
+	b = EC_KEY_new_by_curve_name(nid);
+	if (a == NULL || b == NULL)
+		goto err;
 
-	if ((b=EC_KEY_new()) == NULL) goto err;
-	b->group = a->group;
+	group = EC_KEY_get0_group(a);
 
 	if ((x_a=BN_new()) == NULL) goto err;
 	if ((y_a=BN_new()) == NULL) goto err;
@@ -145,18 +148,20 @@ int test_ecdh_curve(int nid, char *text, BN_CTX *ctx, BIO *out)
 #ifdef NOISY
 	BIO_puts(out,"\n");
 #else
-	BIO_flush(out);
+	(void)BIO_flush(out);
 #endif
 
 	if (!EC_KEY_generate_key(a)) goto err;
 	
-	if (EC_METHOD_get_field_type(EC_GROUP_method_of(a->group)) == NID_X9_62_prime_field) 
+	if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field) 
 		{
-		if (!EC_POINT_get_affine_coordinates_GFp(a->group, a->pub_key, x_a, y_a, ctx)) goto err;
+		if (!EC_POINT_get_affine_coordinates_GFp(group,
+			EC_KEY_get0_public_key(a), x_a, y_a, ctx)) goto err;
 		}
 	else
 		{
-		if (!EC_POINT_get_affine_coordinates_GF2m(a->group, a->pub_key, x_a, y_a, ctx)) goto err;
+		if (!EC_POINT_get_affine_coordinates_GF2m(group,
+			EC_KEY_get0_public_key(a), x_a, y_a, ctx)) goto err;
 		}
 #ifdef NOISY
 	BIO_puts(out,"  pri 1=");
@@ -168,18 +173,20 @@ int test_ecdh_curve(int nid, char *text, BN_CTX *ctx, BIO *out)
 	BIO_puts(out,"\n");
 #else
 	BIO_printf(out," .");
-	BIO_flush(out);
+	(void)BIO_flush(out);
 #endif
 
 	if (!EC_KEY_generate_key(b)) goto err;
 
-	if (EC_METHOD_get_field_type(EC_GROUP_method_of(b->group)) == NID_X9_62_prime_field) 
+	if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field) 
 		{
-		if (!EC_POINT_get_affine_coordinates_GFp(b->group, b->pub_key, x_b, y_b, ctx)) goto err;
+		if (!EC_POINT_get_affine_coordinates_GFp(group, 
+			EC_KEY_get0_public_key(b), x_b, y_b, ctx)) goto err;
 		}
 	else
 		{
-		if (!EC_POINT_get_affine_coordinates_GF2m(a->group, b->pub_key, x_b, y_b, ctx)) goto err;
+		if (!EC_POINT_get_affine_coordinates_GF2m(group, 
+			EC_KEY_get0_public_key(b), x_b, y_b, ctx)) goto err;
 		}
 
 #ifdef NOISY
@@ -192,12 +199,12 @@ int test_ecdh_curve(int nid, char *text, BN_CTX *ctx, BIO *out)
 	BIO_puts(out,"\n");
 #else
 	BIO_printf(out,".");
-	BIO_flush(out);
+	(void)BIO_flush(out);
 #endif
 
 	alen=KDF1_SHA1_len;
 	abuf=(unsigned char *)OPENSSL_malloc(alen);
-	aout=ECDH_compute_key(abuf,alen,b->pub_key,a,KDF1_SHA1);
+	aout=ECDH_compute_key(abuf,alen,EC_KEY_get0_public_key(b),a,KDF1_SHA1);
 
 #ifdef NOISY
 	BIO_puts(out,"  key1 =");
@@ -209,12 +216,12 @@ int test_ecdh_curve(int nid, char *text, BN_CTX *ctx, BIO *out)
 	BIO_puts(out,"\n");
 #else
 	BIO_printf(out,".");
-	BIO_flush(out);
+	(void)BIO_flush(out);
 #endif
 
 	blen=KDF1_SHA1_len;
 	bbuf=(unsigned char *)OPENSSL_malloc(blen);
-	bout=ECDH_compute_key(bbuf,blen,a->pub_key,b,KDF1_SHA1);
+	bout=ECDH_compute_key(bbuf,blen,EC_KEY_get0_public_key(a),b,KDF1_SHA1);
 
 #ifdef NOISY
 	BIO_puts(out,"  key2 =");
@@ -226,7 +233,7 @@ int test_ecdh_curve(int nid, char *text, BN_CTX *ctx, BIO *out)
 	BIO_puts(out,"\n");
 #else
 	BIO_printf(out,".");
-	BIO_flush(out);
+	(void)BIO_flush(out);
 #endif
 
 	if ((aout < 4) || (bout != aout) || (memcmp(abuf,bbuf,aout) != 0))
@@ -235,7 +242,7 @@ int test_ecdh_curve(int nid, char *text, BN_CTX *ctx, BIO *out)
 		BIO_printf(out, " failed\n\n");
 		BIO_printf(out, "key a:\n");
 		BIO_printf(out, "private key: ");
-		BN_print(out, a->priv_key);
+		BN_print(out, EC_KEY_get0_private_key(a));
 		BIO_printf(out, "\n");
 		BIO_printf(out, "public key (x,y): ");
 		BN_print(out, x_a);
@@ -243,7 +250,7 @@ int test_ecdh_curve(int nid, char *text, BN_CTX *ctx, BIO *out)
 		BN_print(out, y_a);
 		BIO_printf(out, "\nkey b:\n");
 		BIO_printf(out, "private key: ");
-		BN_print(out, b->priv_key);
+		BN_print(out, EC_KEY_get0_private_key(b));
 		BIO_printf(out, "\n");
 		BIO_printf(out, "public key (x,y): ");
 		BN_print(out, x_b);
@@ -284,8 +291,6 @@ err:
 	if (y_a) BN_free(y_a);
 	if (x_b) BN_free(x_b);
 	if (y_b) BN_free(y_b);
-	if (a->group) EC_GROUP_free(a->group);
-	a->group = b->group = NULL;
 	if (b) EC_KEY_free(b);
 	if (a) EC_KEY_free(a);
 	return(ret);
@@ -338,7 +343,7 @@ err:
 	if (ctx) BN_CTX_free(ctx);
 	BIO_free(out);
 	CRYPTO_cleanup_all_ex_data();
-	ERR_remove_state(0);
+	ERR_remove_thread_state(NULL);
 	CRYPTO_mem_leaks_fp(stderr);
 	EXIT(ret);
 	return(ret);
diff --git a/crypto/ecdh/ech_err.c b/crypto/ecdh/ech_err.c
index 76fbe38387..6f4b0c9953 100644
--- a/crypto/ecdh/ech_err.c
+++ b/crypto/ecdh/ech_err.c
@@ -1,6 +1,6 @@
 /* crypto/ecdh/ech_err.c */
 /* ====================================================================
- * Copyright (c) 1999-2002 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2006 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -64,18 +64,22 @@
 
 /* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
+
+#define ERR_FUNC(func) ERR_PACK(ERR_LIB_ECDH,func,0)
+#define ERR_REASON(reason) ERR_PACK(ERR_LIB_ECDH,0,reason)
+
 static ERR_STRING_DATA ECDH_str_functs[]=
 	{
-{ERR_PACK(0,ECDH_F_ECDH_COMPUTE_KEY,0),	"ECDH_compute_key"},
-{ERR_PACK(0,ECDH_F_ECDH_DATA_NEW,0),	"ECDH_DATA_new"},
+{ERR_FUNC(ECDH_F_ECDH_COMPUTE_KEY),	"ECDH_compute_key"},
+{ERR_FUNC(ECDH_F_ECDH_DATA_NEW_METHOD),	"ECDH_DATA_new_method"},
 {0,NULL}
 	};
 
 static ERR_STRING_DATA ECDH_str_reasons[]=
 	{
-{ECDH_R_KDF_FAILED                       ,"KDF failed"},
-{ECDH_R_NO_PRIVATE_VALUE                 ,"no private value"},
-{ECDH_R_POINT_ARITHMETIC_FAILURE         ,"point arithmetic failure"},
+{ERR_REASON(ECDH_R_KDF_FAILED)           ,"KDF failed"},
+{ERR_REASON(ECDH_R_NO_PRIVATE_VALUE)     ,"no private value"},
+{ERR_REASON(ECDH_R_POINT_ARITHMETIC_FAILURE),"point arithmetic failure"},
 {0,NULL}
 	};
 
@@ -83,15 +87,12 @@ static ERR_STRING_DATA ECDH_str_reasons[]=
 
 void ERR_load_ECDH_strings(void)
 	{
-	static int init=1;
-
-	if (init)
-		{
-		init=0;
 #ifndef OPENSSL_NO_ERR
-		ERR_load_strings(ERR_LIB_ECDH,ECDH_str_functs);
-		ERR_load_strings(ERR_LIB_ECDH,ECDH_str_reasons);
-#endif
 
+	if (ERR_func_error_string(ECDH_str_functs[0].error) == NULL)
+		{
+		ERR_load_strings(0,ECDH_str_functs);
+		ERR_load_strings(0,ECDH_str_reasons);
 		}
+#endif
 	}
diff --git a/crypto/ecdh/ech_key.c b/crypto/ecdh/ech_key.c
index 7d1bb32ae0..f44da9298b 100644
--- a/crypto/ecdh/ech_key.c
+++ b/crypto/ecdh/ech_key.c
@@ -67,13 +67,14 @@
  *
  */
 
-#include "ecdh.h"
+#include "ech_locl.h"
 #ifndef OPENSSL_NO_ENGINE
 #include <openssl/engine.h>
 #endif
 
-int ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, EC_KEY *eckey,
-                     void *(*KDF)(void *in, size_t inlen, void *out, size_t outlen))
+int ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
+	EC_KEY *eckey,
+	void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen))
 {
 	ECDH_DATA *ecdh = ecdh_check(eckey);
 	if (ecdh == NULL)
diff --git a/crypto/ecdh/ech_lib.c b/crypto/ecdh/ech_lib.c
index f2abfed510..e89b1d4772 100644
--- a/crypto/ecdh/ech_lib.c
+++ b/crypto/ecdh/ech_lib.c
@@ -67,19 +67,21 @@
  *
  */
 
-#include "ecdh.h"
+#include "ech_locl.h"
 #include <string.h>
 #ifndef OPENSSL_NO_ENGINE
 #include <openssl/engine.h>
 #endif
 #include <openssl/err.h>
 
-const char *ECDH_version="ECDH" OPENSSL_VERSION_PTEXT;
-
-static void ecdh_finish(EC_KEY *);
+const char ECDH_version[]="ECDH" OPENSSL_VERSION_PTEXT;
 
 static const ECDH_METHOD *default_ECDH_method = NULL;
 
+static void *ecdh_data_new(void);
+static void *ecdh_data_dup(void *);
+static void  ecdh_data_free(void *);
+
 void ECDH_set_default_method(const ECDH_METHOD *meth)
 	{
 	default_ECDH_method = meth;
@@ -122,24 +124,18 @@ int ECDH_set_method(EC_KEY *eckey, const ECDH_METHOD *meth)
         return 1;
 	}
 
-ECDH_DATA *ECDH_DATA_new(void)
-	{
-	return ECDH_DATA_new_method(NULL);
-	}
-
-ECDH_DATA *ECDH_DATA_new_method(ENGINE *engine)
+static ECDH_DATA *ECDH_DATA_new_method(ENGINE *engine)
 	{
 	ECDH_DATA *ret;
 
 	ret=(ECDH_DATA *)OPENSSL_malloc(sizeof(ECDH_DATA));
 	if (ret == NULL)
 		{
-		ECDHerr(ECDH_F_ECDH_DATA_NEW, ERR_R_MALLOC_FAILURE);
+		ECDHerr(ECDH_F_ECDH_DATA_NEW_METHOD, ERR_R_MALLOC_FAILURE);
 		return(NULL);
 		}
 
 	ret->init = NULL;
-	ret->finish = ecdh_finish;
 
 	ret->meth = ECDH_get_default_method();
 	ret->engine = engine;
@@ -151,7 +147,7 @@ ECDH_DATA *ECDH_DATA_new_method(ENGINE *engine)
 		ret->meth = ENGINE_get_ECDH(ret->engine);
 		if (!ret->meth)
 			{
-			ECDHerr(ECDH_F_ECDH_DATA_NEW, ERR_R_ENGINE_LIB);
+			ECDHerr(ECDH_F_ECDH_DATA_NEW_METHOD, ERR_R_ENGINE_LIB);
 			ENGINE_finish(ret->engine);
 			OPENSSL_free(ret);
 			return NULL;
@@ -172,12 +168,26 @@ ECDH_DATA *ECDH_DATA_new_method(ENGINE *engine)
 	return(ret);
 	}
 
-void ECDH_DATA_free(ECDH_DATA *r)
+static void *ecdh_data_new(void)
 	{
-#if 0
-	if (r->meth->finish)
-		r->meth->finish(r);
-#endif
+	return (void *)ECDH_DATA_new_method(NULL);
+	}
+
+static void *ecdh_data_dup(void *data)
+{
+	ECDH_DATA *r = (ECDH_DATA *)data;
+
+	/* XXX: dummy operation */
+	if (r == NULL)
+		return NULL;
+
+	return (void *)ecdh_data_new();
+}
+
+void ecdh_data_free(void *data)
+	{
+	ECDH_DATA *r = (ECDH_DATA *)data;
+
 #ifndef OPENSSL_NO_ENGINE
 	if (r->engine)
 		ENGINE_finish(r->engine);
@@ -192,25 +202,24 @@ void ECDH_DATA_free(ECDH_DATA *r)
 
 ECDH_DATA *ecdh_check(EC_KEY *key)
 	{
-	if (key->meth_data)
-		{
-		if (key->meth_data->finish != ecdh_finish)
-			{
-			key->meth_data->finish(key);
-			key->meth_data = (EC_KEY_METH_DATA *)ECDH_DATA_new();
-			}
-		}
-	else
-		key->meth_data = (EC_KEY_METH_DATA *)ECDH_DATA_new();
-	return (ECDH_DATA *)key->meth_data;
-	}
-
-static void ecdh_finish(EC_KEY *key)
+	ECDH_DATA *ecdh_data;
+ 
+	void *data = EC_KEY_get_key_method_data(key, ecdh_data_dup,
+					ecdh_data_free, ecdh_data_free);
+	if (data == NULL)
 	{
-	if (key->meth_data && key->meth_data->finish == ecdh_finish)
-		ECDH_DATA_free((ECDH_DATA *)key->meth_data);
+		ecdh_data = (ECDH_DATA *)ecdh_data_new();
+		if (ecdh_data == NULL)
+			return NULL;
+		EC_KEY_insert_key_method_data(key, (void *)ecdh_data,
+			ecdh_data_dup, ecdh_data_free, ecdh_data_free);
 	}
+	else
+		ecdh_data = (ECDH_DATA *)data;
+	
 
+	return ecdh_data;
+	}
 
 int ECDH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
 	     CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
diff --git a/crypto/ecdh/ech_locl.h b/crypto/ecdh/ech_locl.h
new file mode 100644
index 0000000000..f658526a7e
--- /dev/null
+++ b/crypto/ecdh/ech_locl.h
@@ -0,0 +1,94 @@
+/* crypto/ecdh/ech_locl.h */
+/* ====================================================================
+ * Copyright (c) 2000-2005 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_ECH_LOCL_H
+#define HEADER_ECH_LOCL_H
+
+#include <openssl/ecdh.h>
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+struct ecdh_method 
+	{
+	const char *name;
+	int (*compute_key)(void *key, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh,
+	                   void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen));
+#if 0
+	int (*init)(EC_KEY *eckey);
+	int (*finish)(EC_KEY *eckey);
+#endif
+	int flags;
+	char *app_data;
+	};
+
+typedef struct ecdh_data_st {
+	/* EC_KEY_METH_DATA part */
+	int (*init)(EC_KEY *);
+	/* method specific part */
+	ENGINE	*engine;
+	int	flags;
+	const ECDH_METHOD *meth;
+	CRYPTO_EX_DATA ex_data;
+} ECDH_DATA;
+
+ECDH_DATA *ecdh_check(EC_KEY *);
+
+#ifdef  __cplusplus
+}
+#endif
+
+#endif /* HEADER_ECH_LOCL_H */
diff --git a/crypto/ecdh/ech_ossl.c b/crypto/ecdh/ech_ossl.c
index d61e54f184..2a40ff12df 100644
--- a/crypto/ecdh/ech_ossl.c
+++ b/crypto/ecdh/ech_ossl.c
@@ -73,14 +73,15 @@
 
 #include "cryptlib.h"
 
-#include <openssl/ecdh.h>
+#include "ech_locl.h"
 #include <openssl/err.h>
 #include <openssl/sha.h>
 #include <openssl/obj_mac.h>
 #include <openssl/bn.h>
 
-static int ecdh_compute_key(void *out, size_t len, const EC_POINT *pub_key, EC_KEY *ecdh,
-                            void *(*KDF)(void *in, size_t inlen, void *out, size_t outlen));
+static int ecdh_compute_key(void *out, size_t len, const EC_POINT *pub_key,
+	EC_KEY *ecdh, 
+	void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen));
 
 static ECDH_METHOD openssl_ecdh_meth = {
 	"OpenSSL ECDH method",
@@ -104,12 +105,15 @@ const ECDH_METHOD *ECDH_OpenSSL(void)
  *  - ECSVDP-DH
  * Finally an optional KDF is applied.
  */
-static int ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh,
-                            void *(*KDF)(void *in, size_t inlen, void *out, size_t outlen))
+static int ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
+	EC_KEY *ecdh,
+	void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen))
 	{
 	BN_CTX *ctx;
 	EC_POINT *tmp=NULL;
 	BIGNUM *x=NULL, *y=NULL;
+	const BIGNUM *priv_key;
+	const EC_GROUP* group;
 	int ret= -1;
 	size_t buflen, len;
 	unsigned char *buf=NULL;
@@ -125,27 +129,29 @@ static int ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, E
 	x = BN_CTX_get(ctx);
 	y = BN_CTX_get(ctx);
 	
-	if (ecdh->priv_key == NULL)
+	priv_key = EC_KEY_get0_private_key(ecdh);
+	if (priv_key == NULL)
 		{
 		ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_NO_PRIVATE_VALUE);
 		goto err;
 		}
 
-	if ((tmp=EC_POINT_new(ecdh->group)) == NULL)
+	group = EC_KEY_get0_group(ecdh);
+	if ((tmp=EC_POINT_new(group)) == NULL)
 		{
 		ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_MALLOC_FAILURE);
 		goto err;
 		}
 
-	if (!EC_POINT_mul(ecdh->group, tmp, NULL, pub_key, ecdh->priv_key, ctx)) 
+	if (!EC_POINT_mul(group, tmp, NULL, pub_key, priv_key, ctx)) 
 		{
 		ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_POINT_ARITHMETIC_FAILURE);
 		goto err;
 		}
 		
-	if (EC_METHOD_get_field_type(EC_GROUP_method_of(ecdh->group)) == NID_X9_62_prime_field) 
+	if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field) 
 		{
-		if (!EC_POINT_get_affine_coordinates_GFp(ecdh->group, tmp, x, y, ctx)) 
+		if (!EC_POINT_get_affine_coordinates_GFp(group, tmp, x, y, ctx)) 
 			{
 			ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_POINT_ARITHMETIC_FAILURE);
 			goto err;
@@ -153,14 +159,14 @@ static int ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, E
 		}
 	else
 		{
-		if (!EC_POINT_get_affine_coordinates_GF2m(ecdh->group, tmp, x, y, ctx)) 
+		if (!EC_POINT_get_affine_coordinates_GF2m(group, tmp, x, y, ctx)) 
 			{
 			ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_POINT_ARITHMETIC_FAILURE);
 			goto err;
 			}
 		}
 
-	buflen = (EC_GROUP_get_degree(ecdh->group) + 7)/8;
+	buflen = (EC_GROUP_get_degree(group) + 7)/8;
 	len = BN_num_bytes(x);
 	if (len > buflen)
 		{
@@ -182,7 +188,7 @@ static int ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, E
 
 	if (KDF != 0)
 		{
-		if (KDF(buf, buflen, out, outlen) == NULL)
+		if (KDF(buf, buflen, out, &outlen) == NULL)
 			{
 			ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_KDF_FAILED);
 			goto err;
diff --git a/crypto/ecdsa/Makefile.ssl b/crypto/ecdsa/Makefile.ssl
deleted file mode 100644
index e096a0a90e..0000000000
--- a/crypto/ecdsa/Makefile.ssl
+++ /dev/null
@@ -1,154 +0,0 @@
-#
-# crypto/ecdsa/Makefile
-#
-
-DIR=	ecdsa
-TOP=	../..
-CC=	cc
-INCLUDES= -I.. -I$(TOP) -I../../include
-CFLAG=-g -Wall
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=ecdsatest.c
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=	ecs_lib.c ecs_asn1.c ecs_ossl.c ecs_sign.c ecs_vrf.c ecs_err.c
-
-LIBOBJ=	ecs_lib.o ecs_asn1.o ecs_ossl.o ecs_sign.o ecs_vrf.o ecs_err.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= ecdsa.h
-HEADER=	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@headerlist="$(EXHEADER)"; for i in $$headerlist; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-ecs_asn1.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
-ecs_asn1.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-ecs_asn1.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-ecs_asn1.o: ../../include/openssl/ec.h ../../include/openssl/err.h
-ecs_asn1.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-ecs_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-ecs_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-ecs_asn1.o: ../../include/openssl/symhacks.h ecdsa.h ecs_asn1.c
-ecs_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-ecs_err.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
-ecs_err.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-ecs_err.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-ecs_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-ecs_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-ecs_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-ecs_err.o: ../../include/openssl/symhacks.h ecs_err.c
-ecs_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-ecs_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-ecs_lib.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
-ecs_lib.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-ecs_lib.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-ecs_lib.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
-ecs_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-ecs_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-ecs_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-ecs_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-ecs_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
-ecs_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-ecs_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-ecs_lib.o: ../../include/openssl/store.h ../../include/openssl/symhacks.h
-ecs_lib.o: ../../include/openssl/ui.h ../../include/openssl/x509.h
-ecs_lib.o: ../../include/openssl/x509_vfy.h ecdsa.h ecs_lib.c
-ecs_ossl.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-ecs_ossl.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
-ecs_ossl.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-ecs_ossl.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-ecs_ossl.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h
-ecs_ossl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-ecs_ossl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-ecs_ossl.o: ../../include/openssl/symhacks.h ecdsa.h ecs_ossl.c
-ecs_sign.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-ecs_sign.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-ecs_sign.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
-ecs_sign.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-ecs_sign.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-ecs_sign.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
-ecs_sign.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-ecs_sign.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-ecs_sign.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-ecs_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-ecs_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
-ecs_sign.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-ecs_sign.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-ecs_sign.o: ../../include/openssl/store.h ../../include/openssl/symhacks.h
-ecs_sign.o: ../../include/openssl/ui.h ../../include/openssl/x509.h
-ecs_sign.o: ../../include/openssl/x509_vfy.h ecdsa.h ecs_sign.c
-ecs_vrf.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-ecs_vrf.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-ecs_vrf.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
-ecs_vrf.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-ecs_vrf.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-ecs_vrf.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
-ecs_vrf.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-ecs_vrf.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-ecs_vrf.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-ecs_vrf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-ecs_vrf.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
-ecs_vrf.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-ecs_vrf.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-ecs_vrf.o: ../../include/openssl/store.h ../../include/openssl/symhacks.h
-ecs_vrf.o: ../../include/openssl/ui.h ../../include/openssl/x509.h
-ecs_vrf.o: ../../include/openssl/x509_vfy.h ecdsa.h ecs_vrf.c
diff --git a/crypto/ecdsa/ecdsa.h b/crypto/ecdsa/ecdsa.h
index e6081bb2af..e61c539812 100644
--- a/crypto/ecdsa/ecdsa.h
+++ b/crypto/ecdsa/ecdsa.h
@@ -4,7 +4,7 @@
  * \author Written by Nils Larsch for the OpenSSL project
  */
 /* ====================================================================
- * Copyright (c) 2000-2003 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 2000-2005 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -75,191 +75,149 @@
 extern "C" {
 #endif
 
-/* Already defined in ossl_typ.h */
-/* typedef struct ecdsa_method ECDSA_METHOD; */
-
 typedef struct ECDSA_SIG_st
 	{
 	BIGNUM *r;
 	BIGNUM *s;
 	} ECDSA_SIG;
 
-struct ecdsa_method 
-	{
-	const char *name;
-	ECDSA_SIG *(*ecdsa_do_sign)(const unsigned char *dgst, int dgst_len, 
-			EC_KEY *eckey);
-	int (*ecdsa_sign_setup)(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv, 
-			BIGNUM **r);
-	int (*ecdsa_do_verify)(const unsigned char *dgst, int dgst_len, 
-			ECDSA_SIG *sig, EC_KEY *eckey);
-#if 0
-	int (*init)(EC_KEY *eckey);
-	int (*finish)(EC_KEY *eckey);
-#endif
-	int flags;
-	char *app_data;
-	};
-
-typedef struct ecdsa_data_st {
-	/* EC_KEY_METH_DATA part */
-	int (*init)(EC_KEY *);
-	void (*finish)(EC_KEY *);
-	/* method (ECDSA) specific part */
-	BIGNUM	*kinv;	/* signing pre-calc */
-	BIGNUM	*r;	/* signing pre-calc */
-	ENGINE	*engine;
-	int	flags;
-	const ECDSA_METHOD *meth;
-	CRYPTO_EX_DATA ex_data;
-} ECDSA_DATA; 
-
-/** ECDSA_SIG *ECDSA_SIG_new(void)
- * allocates and initialize a ECDSA_SIG structure
- * \return pointer to a ECDSA_SIG structure or NULL if an error occurred
+/** Allocates and initialize a ECDSA_SIG structure
+ *  \return pointer to a ECDSA_SIG structure or NULL if an error occurred
  */
 ECDSA_SIG *ECDSA_SIG_new(void);
 
-/** ECDSA_SIG_free
- * frees a ECDSA_SIG structure
- * \param a pointer to the ECDSA_SIG structure
- */
-void	  ECDSA_SIG_free(ECDSA_SIG *a);
-
-/** i2d_ECDSA_SIG
- * DER encode content of ECDSA_SIG object (note: this function modifies *pp
- * (*pp += length of the DER encoded signature)).
- * \param a  pointer to the ECDSA_SIG object
- * \param pp pointer to a unsigned char pointer for the output or NULL
- * \return the length of the DER encoded ECDSA_SIG object or 0 
- */
-int	  i2d_ECDSA_SIG(const ECDSA_SIG *a, unsigned char **pp);
-
-/** d2i_ECDSA_SIG
- * decodes a DER encoded ECDSA signature (note: this function changes *pp
- * (*pp += len)). 
- * \param v pointer to ECDSA_SIG pointer (may be NULL)
- * \param pp buffer with the DER encoded signature
- * \param len bufferlength
- * \return pointer to the decoded ECDSA_SIG structure (or NULL)
+/** frees a ECDSA_SIG structure
+ *  \param  sig  pointer to the ECDSA_SIG structure
  */
-ECDSA_SIG *d2i_ECDSA_SIG(ECDSA_SIG **v, const unsigned char **pp, long len);
+void	  ECDSA_SIG_free(ECDSA_SIG *sig);
 
-/** ECDSA_DATA_new
- * creates a new ECDSA_DATA object
- * \return pointer to a newly allocated (and initialized) ECDSA_DATA object
+/** DER encode content of ECDSA_SIG object (note: this function modifies *pp
+ *  (*pp += length of the DER encoded signature)).
+ *  \param  sig  pointer to the ECDSA_SIG object
+ *  \param  pp   pointer to a unsigned char pointer for the output or NULL
+ *  \return the length of the DER encoded ECDSA_SIG object or 0 
  */
-ECDSA_DATA *ECDSA_DATA_new(void);
-
-/** ECDSA_DATA_new_method
- * creates a new ECDSA_DATA object using a specified ENGINE
- * \param eng pointer to a ENGINE structure
- * \return pointer to a newly allocated (and initialized) ECDSA_DATA object
+int	  i2d_ECDSA_SIG(const ECDSA_SIG *sig, unsigned char **pp);
+
+/** Decodes a DER encoded ECDSA signature (note: this function changes *pp
+ *  (*pp += len)). 
+ *  \param  sig  pointer to ECDSA_SIG pointer (may be NULL)
+ *  \param  pp   memory buffer with the DER encoded signature
+ *  \param  len  length of the buffer
+ *  \return pointer to the decoded ECDSA_SIG structure (or NULL)
  */
-ECDSA_DATA *ECDSA_DATA_new_method(ENGINE *eng);
-
-/** ECDSA_DATA_free
- * frees ECDSA_DATA structure
- * \param data pointer to a ECDSA_DATA structure
- */
-void ECDSA_DATA_free(ECDSA_DATA *data);
-
-/** ecdsa_check
- * checks whether ECKEY->meth_data is a pointer to a ECDSA_DATA structure
- * and if not it removes the old meth_data and creates a ECDSA_DATA structure.
- * \param  eckey pointer to a EC_KEY object
- * \return pointer to a ECDSA_DATA structure
- */
-ECDSA_DATA *ecdsa_check(EC_KEY *eckey);
-
-/** ECDSA_do_sign
- * computes the ECDSA signature of the given hash value using
- * the supplied private key and returns the created signature.
- * \param dgst pointer to the hash value
- * \param dgst_len length of the hash value
- * \param eckey pointer to the EC_KEY object containing a private EC key
- * \return pointer to a ECDSA_SIG structure or NULL
+ECDSA_SIG *d2i_ECDSA_SIG(ECDSA_SIG **sig, const unsigned char **pp, long len);
+
+/** Computes the ECDSA signature of the given hash value using
+ *  the supplied private key and returns the created signature.
+ *  \param  dgst      pointer to the hash value
+ *  \param  dgst_len  length of the hash value
+ *  \param  eckey     EC_KEY object containing a private EC key
+ *  \return pointer to a ECDSA_SIG structure or NULL if an error occurred
  */
 ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst,int dgst_len,EC_KEY *eckey);
 
-/** ECDSA_do_verify
- * verifies that the supplied signature is a valid ECDSA
- * signature of the supplied hash value using the supplied public key.
- * \param dgst pointer to the hash value
- * \param dgst_len length of the hash value
- * \param sig  pointer to the ECDSA_SIG structure
- * \param eckey pointer to the EC_KEY object containing a public EC key
- * \return 1 if the signature is valid, 0 if the signature is invalid and -1 on error
+/** Computes ECDSA signature of a given hash value using the supplied
+ *  private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
+ *  \param  dgst     pointer to the hash value to sign
+ *  \param  dgstlen  length of the hash value
+ *  \param  kinv     BIGNUM with a pre-computed inverse k (optional)
+ *  \param  rp       BIGNUM with a pre-computed rp value (optioanl), 
+ *                   see ECDSA_sign_setup
+ *  \param  eckey    EC_KEY object containing a private EC key
+ *  \return pointer to a ECDSA_SIG structure or NULL if an error occurred
+ */
+ECDSA_SIG *ECDSA_do_sign_ex(const unsigned char *dgst, int dgstlen, 
+		const BIGNUM *kinv, const BIGNUM *rp, EC_KEY *eckey);
+
+/** Verifies that the supplied signature is a valid ECDSA
+ *  signature of the supplied hash value using the supplied public key.
+ *  \param  dgst      pointer to the hash value
+ *  \param  dgst_len  length of the hash value
+ *  \param  sig       ECDSA_SIG structure
+ *  \param  eckey     EC_KEY object containing a public EC key
+ *  \return 1 if the signature is valid, 0 if the signature is invalid
+ *          and -1 on error
  */
-int	  ECDSA_do_verify(const unsigned char *dgst, int dgst_len, ECDSA_SIG 
-		*sig, EC_KEY* eckey);
+int	  ECDSA_do_verify(const unsigned char *dgst, int dgst_len,
+		const ECDSA_SIG *sig, EC_KEY* eckey);
 
 const ECDSA_METHOD *ECDSA_OpenSSL(void);
 
-/** ECDSA_set_default_method
- * sets the default ECDSA method
- * \param meth the new default ECDSA_METHOD
+/** Sets the default ECDSA method
+ *  \param  meth  new default ECDSA_METHOD
  */
 void	  ECDSA_set_default_method(const ECDSA_METHOD *meth);
 
-/** ECDSA_get_default_method
- * returns the default ECDSA method
- * \return pointer to ECDSA_METHOD structure containing the default method
+/** Returns the default ECDSA method
+ *  \return pointer to ECDSA_METHOD structure containing the default method
  */
 const ECDSA_METHOD *ECDSA_get_default_method(void);
 
-/** ECDSA_set_method
- * sets method to be used for the ECDSA operations
- * \param eckey pointer to the EC_KEY object
- * \param meth  pointer to the new method
- * \return 1 on success and 0 otherwise 
+/** Sets method to be used for the ECDSA operations
+ *  \param  eckey  EC_KEY object
+ *  \param  meth   new method
+ *  \return 1 on success and 0 otherwise 
  */
 int 	  ECDSA_set_method(EC_KEY *eckey, const ECDSA_METHOD *meth);
 
-/** ECDSA_size
- * returns the maximum length of the DER encoded signature
- * \param  eckey pointer to a EC_KEY object
- * \return numbers of bytes required for the DER encoded signature
+/** Returns the maximum length of the DER encoded signature
+ *  \param  eckey  EC_KEY object
+ *  \return numbers of bytes required for the DER encoded signature
  */
 int	  ECDSA_size(const EC_KEY *eckey);
 
-/** ECDSA_sign_setup
- * precompute parts of the signing operation (the computed values may be
- * passed to ECDSA_DATA->kinv and ECDSA_DATA->r for a later signature
- * computation).
- * \param eckey pointer to the EC_KEY object containing a private EC key
- * \param ctx  pointer to a BN_CTX object (may be NULL)
- * \param kinv pointer to a BIGNUM pointer for the inverse of k
- * \param rp   pointer to a BIGNUM pointer for x coordinate of k * generator
- * \return 1 on success and 0 otherwise
+/** Precompute parts of the signing operation
+ *  \param  eckey  EC_KEY object containing a private EC key
+ *  \param  ctx    BN_CTX object (optional)
+ *  \param  kinv   BIGNUM pointer for the inverse of k
+ *  \param  rp     BIGNUM pointer for x coordinate of k * generator
+ *  \return 1 on success and 0 otherwise
  */
 int 	  ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv, 
 		BIGNUM **rp);
 
-/** ECDSA_sign
- * computes ECDSA signature of a given hash value using the supplied
- * private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
- * \param type this parameter is ignored
- * \param dgst pointer to the hash value to sign
- * \param dgstlen length of the hash value
- * \param sig buffer to hold the DER encoded signature
- * \param siglen pointer to the length of the returned signature
- * \param eckey pointer to the EC_KEY object containing a private EC key
- * \return 1 on success and 0 otherwise
+/** Computes ECDSA signature of a given hash value using the supplied
+ *  private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
+ *  \param  type     this parameter is ignored
+ *  \param  dgst     pointer to the hash value to sign
+ *  \param  dgstlen  length of the hash value
+ *  \param  sig      memory for the DER encoded created signature
+ *  \param  siglen   pointer to the length of the returned signature
+ *  \param  eckey    EC_KEY object containing a private EC key
+ *  \return 1 on success and 0 otherwise
  */
 int	  ECDSA_sign(int type, const unsigned char *dgst, int dgstlen, 
 		unsigned char *sig, unsigned int *siglen, EC_KEY *eckey);
 
-/** ECDSA_verify
- * verifies that the given signature is valid ECDSA signature
- * of the supplied hash value using the specified public key.
- * \param type this parameter is ignored
- * \param dgst pointer to the hash value 
- * \param dgstlen length of the hash value
- * \param sig  pointer to the DER encoded signature
- * \param siglen length of the DER encoded signature
- * \param eckey pointer to the EC_KEY object containing a public EC key
- * \return 1 if the signature is valid, 0 if the signature is invalid and -1 on error
+
+/** Computes ECDSA signature of a given hash value using the supplied
+ *  private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
+ *  \param  type     this parameter is ignored
+ *  \param  dgst     pointer to the hash value to sign
+ *  \param  dgstlen  length of the hash value
+ *  \param  sig      buffer to hold the DER encoded signature
+ *  \param  siglen   pointer to the length of the returned signature
+ *  \param  kinv     BIGNUM with a pre-computed inverse k (optional)
+ *  \param  rp       BIGNUM with a pre-computed rp value (optioanl), 
+ *                   see ECDSA_sign_setup
+ *  \param  eckey    EC_KEY object containing a private EC key
+ *  \return 1 on success and 0 otherwise
+ */
+int	  ECDSA_sign_ex(int type, const unsigned char *dgst, int dgstlen, 
+		unsigned char *sig, unsigned int *siglen, const BIGNUM *kinv,
+		const BIGNUM *rp, EC_KEY *eckey);
+
+/** Verifies that the given signature is valid ECDSA signature
+ *  of the supplied hash value using the specified public key.
+ *  \param  type     this parameter is ignored
+ *  \param  dgst     pointer to the hash value 
+ *  \param  dgstlen  length of the hash value
+ *  \param  sig      pointer to the DER encoded signature
+ *  \param  siglen   length of the DER encoded signature
+ *  \param  eckey    EC_KEY object containing a public EC key
+ *  \return 1 if the signature is valid, 0 if the signature is invalid
+ *          and -1 on error
  */
 int 	  ECDSA_verify(int type, const unsigned char *dgst, int dgstlen, 
 		const unsigned char *sig, int siglen, EC_KEY *eckey);
@@ -280,7 +238,7 @@ void ERR_load_ECDSA_strings(void);
 /* Error codes for the ECDSA functions. */
 
 /* Function codes. */
-#define ECDSA_F_ECDSA_DATA_NEW				 100
+#define ECDSA_F_ECDSA_DATA_NEW_METHOD			 100
 #define ECDSA_F_ECDSA_DO_SIGN				 101
 #define ECDSA_F_ECDSA_DO_VERIFY				 102
 #define ECDSA_F_ECDSA_SIGN_SETUP			 103
@@ -290,6 +248,7 @@ void ERR_load_ECDSA_strings(void);
 #define ECDSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE		 101
 #define ECDSA_R_ERR_EC_LIB				 102
 #define ECDSA_R_MISSING_PARAMETERS			 103
+#define ECDSA_R_NEED_NEW_SETUP_VALUES			 106
 #define ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED		 104
 #define ECDSA_R_SIGNATURE_MALLOC_FAILED			 105
 
diff --git a/crypto/ecdsa/ecdsatest.c b/crypto/ecdsa/ecdsatest.c
index 44321c5ac6..aa4e1481a8 100644
--- a/crypto/ecdsa/ecdsatest.c
+++ b/crypto/ecdsa/ecdsatest.c
@@ -3,7 +3,7 @@
  * Written by Nils Larsch for the OpenSSL project.
  */
 /* ====================================================================
- * Copyright (c) 2000-2002 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 2000-2005 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -69,12 +69,6 @@
  *
  */
 
-/* Until the key-gen callbacks are modified to use newer prototypes, we allow
- * deprecated functions for openssl-internal code */
-#ifdef OPENSSL_NO_DEPRECATED
-#undef OPENSSL_NO_DEPRECATED
-#endif
-
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
@@ -92,8 +86,11 @@ int main(int argc, char * argv[])
 #include <openssl/crypto.h>
 #include <openssl/bio.h>
 #include <openssl/evp.h>
+#include <openssl/bn.h>
 #include <openssl/ecdsa.h>
+#ifndef OPENSSL_NO_ENGINE
 #include <openssl/engine.h>
+#endif
 #include <openssl/err.h>
 #include <openssl/rand.h>
 
@@ -201,20 +198,18 @@ int x9_62_test_internal(BIO *out, int nid, const char *r_in, const char *s_in)
 
 	BIO_printf(out, "testing %s: ", OBJ_nid2sn(nid));
 	/* create the key */
-	if ((key = EC_KEY_new()) == NULL)
-		goto x962_int_err;
-	if ((key->group = EC_GROUP_new_by_nid(nid)) == NULL)
+	if ((key = EC_KEY_new_by_curve_name(nid)) == NULL)
 		goto x962_int_err;
 	if (!EC_KEY_generate_key(key))
 		goto x962_int_err;
 	BIO_printf(out, ".");
-	BIO_flush(out);
+	(void)BIO_flush(out);
 	/* create the signature */
 	signature = ECDSA_do_sign(digest, 20, key);
 	if (signature == NULL)
 		goto x962_int_err;
 	BIO_printf(out, ".");
-	BIO_flush(out);
+	(void)BIO_flush(out);
 	/* compare the created signature with the expected signature */
 	if ((r = BN_new()) == NULL || (s = BN_new()) == NULL)
 		goto x962_int_err;
@@ -224,12 +219,12 @@ int x9_62_test_internal(BIO *out, int nid, const char *r_in, const char *s_in)
 	if (BN_cmp(signature->r ,r) || BN_cmp(signature->s, s))
 		goto x962_int_err;
 	BIO_printf(out, ".");
-	BIO_flush(out);
+	(void)BIO_flush(out);
 	/* verify the signature */
 	if (ECDSA_do_verify(digest, 20, signature, key) != 1)
 		goto x962_int_err;
 	BIO_printf(out, ".");
-	BIO_flush(out);
+	(void)BIO_flush(out);
 
 	BIO_printf(out, " ok\n");
 	ret = 1;
@@ -291,6 +286,7 @@ int test_builtin(BIO *out)
 	EC_builtin_curve *curves = NULL;
 	size_t		crv_len = 0, n = 0;
 	EC_KEY		*eckey = NULL, *wrong_eckey = NULL;
+	EC_GROUP	*group;
 	unsigned char	digest[20], wrong_digest[20];
 	unsigned char	*signature = NULL; 
 	unsigned int	sig_len;
@@ -337,9 +333,13 @@ int test_builtin(BIO *out)
 		/* create new ecdsa key (== EC_KEY) */
 		if ((eckey = EC_KEY_new()) == NULL)
 			goto builtin_err;
-		if ((eckey->group = EC_GROUP_new_by_nid(nid)) == NULL)
+		group = EC_GROUP_new_by_curve_name(nid);
+		if (group == NULL)
 			goto builtin_err;
-		if (EC_GROUP_get_degree(eckey->group) < 160)
+		if (EC_KEY_set_group(eckey, group) == 0)
+			goto builtin_err;
+		EC_GROUP_free(group);
+		if (EC_GROUP_get_degree(EC_KEY_get0_group(eckey)) < 160)
 			/* drop the curve */ 
 			{
 			EC_KEY_free(eckey);
@@ -356,8 +356,12 @@ int test_builtin(BIO *out)
 		/* create second key */
 		if ((wrong_eckey = EC_KEY_new()) == NULL)
 			goto builtin_err;
-		if ((wrong_eckey->group = EC_GROUP_new_by_nid(nid)) == NULL)
+		group = EC_GROUP_new_by_curve_name(nid);
+		if (group == NULL)
+			goto builtin_err;
+		if (EC_KEY_set_group(wrong_eckey, group) == 0)
 			goto builtin_err;
+		EC_GROUP_free(group);
 		if (!EC_KEY_generate_key(wrong_eckey))
 			{
 			BIO_printf(out, " failed\n");
@@ -365,7 +369,7 @@ int test_builtin(BIO *out)
 			}
 
 		BIO_printf(out, ".");
-		BIO_flush(out);
+		(void)BIO_flush(out);
 		/* check key */
 		if (!EC_KEY_check_key(eckey))
 			{
@@ -373,7 +377,7 @@ int test_builtin(BIO *out)
 			goto builtin_err;
 			}
 		BIO_printf(out, ".");
-		BIO_flush(out);
+		(void)BIO_flush(out);
 		/* create signature */
 		sig_len = ECDSA_size(eckey);
 		if ((signature = OPENSSL_malloc(sig_len)) == NULL)
@@ -384,7 +388,7 @@ int test_builtin(BIO *out)
 			goto builtin_err;
 			}
 		BIO_printf(out, ".");
-		BIO_flush(out);
+		(void)BIO_flush(out);
 		/* verify signature */
 		if (ECDSA_verify(0, digest, 20, signature, sig_len, eckey) != 1)
 			{
@@ -392,7 +396,7 @@ int test_builtin(BIO *out)
 			goto builtin_err;
 			}
 		BIO_printf(out, ".");
-		BIO_flush(out);
+		(void)BIO_flush(out);
 		/* verify signature with the wrong key */
 		if (ECDSA_verify(0, digest, 20, signature, sig_len, 
 			wrong_eckey) == 1)
@@ -401,7 +405,7 @@ int test_builtin(BIO *out)
 			goto builtin_err;
 			}
 		BIO_printf(out, ".");
-		BIO_flush(out);
+		(void)BIO_flush(out);
 		/* wrong digest */
 		if (ECDSA_verify(0, wrong_digest, 20, signature, sig_len,
 			eckey) == 1)
@@ -410,7 +414,7 @@ int test_builtin(BIO *out)
 			goto builtin_err;
 			}
 		BIO_printf(out, ".");
-		BIO_flush(out);
+		(void)BIO_flush(out);
 		/* modify a single byte of the signature */
 		offset = signature[10] % sig_len;
 		dirt   = signature[11];
@@ -421,7 +425,7 @@ int test_builtin(BIO *out)
 			goto builtin_err;
 			}
 		BIO_printf(out, ".");
-		BIO_flush(out);
+		(void)BIO_flush(out);
 		
 		BIO_printf(out, " ok\n");
 		/* cleanup */
@@ -439,7 +443,7 @@ builtin_err:
 		EC_KEY_free(eckey);
 	if (wrong_eckey)
 		EC_KEY_free(wrong_eckey);
-	if (signature);
+	if (signature)
 		OPENSSL_free(signature);
 	if (curves)
 		OPENSSL_free(curves);
@@ -486,7 +490,7 @@ err:
 	if (ret)
 		ERR_print_errors(out);
 	CRYPTO_cleanup_all_ex_data();
-	ERR_remove_state(0);
+	ERR_remove_thread_state(NULL);
 	ERR_free_strings();
 	CRYPTO_mem_leaks(out);
 	if (out != NULL)
diff --git a/crypto/ecdsa/ecs_asn1.c b/crypto/ecdsa/ecs_asn1.c
index e9e1c2b51e..b295489400 100644
--- a/crypto/ecdsa/ecs_asn1.c
+++ b/crypto/ecdsa/ecs_asn1.c
@@ -53,7 +53,7 @@
  *
  */
 
-#include "ecdsa.h"
+#include "ecs_locl.h"
 #include <openssl/err.h>
 #include <openssl/asn1t.h>
 
diff --git a/crypto/ecdsa/ecs_err.c b/crypto/ecdsa/ecs_err.c
index c9bed9dd8e..98e38d537f 100644
--- a/crypto/ecdsa/ecs_err.c
+++ b/crypto/ecdsa/ecs_err.c
@@ -1,6 +1,6 @@
 /* crypto/ecdsa/ecs_err.c */
 /* ====================================================================
- * Copyright (c) 1999-2002 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2006 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -61,27 +61,31 @@
 #include <stdio.h>
 #include <openssl/err.h>
 #include <openssl/ecdsa.h>
-#include <openssl/opensslconf.h> /* To see if OPENSSL_NO_ERR is defined */
 
 /* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
+
+#define ERR_FUNC(func) ERR_PACK(ERR_LIB_ECDSA,func,0)
+#define ERR_REASON(reason) ERR_PACK(ERR_LIB_ECDSA,0,reason)
+
 static ERR_STRING_DATA ECDSA_str_functs[]=
 	{
-{ERR_PACK(0,ECDSA_F_ECDSA_DATA_NEW,0),	"ECDSA_DATA_new"},
-{ERR_PACK(0,ECDSA_F_ECDSA_DO_SIGN,0),	"ECDSA_do_sign"},
-{ERR_PACK(0,ECDSA_F_ECDSA_DO_VERIFY,0),	"ECDSA_do_verify"},
-{ERR_PACK(0,ECDSA_F_ECDSA_SIGN_SETUP,0),	"ECDSA_sign_setup"},
+{ERR_FUNC(ECDSA_F_ECDSA_DATA_NEW_METHOD),	"ECDSA_DATA_NEW_METHOD"},
+{ERR_FUNC(ECDSA_F_ECDSA_DO_SIGN),	"ECDSA_do_sign"},
+{ERR_FUNC(ECDSA_F_ECDSA_DO_VERIFY),	"ECDSA_do_verify"},
+{ERR_FUNC(ECDSA_F_ECDSA_SIGN_SETUP),	"ECDSA_sign_setup"},
 {0,NULL}
 	};
 
 static ERR_STRING_DATA ECDSA_str_reasons[]=
 	{
-{ECDSA_R_BAD_SIGNATURE                   ,"bad signature"},
-{ECDSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE     ,"data too large for key size"},
-{ECDSA_R_ERR_EC_LIB                      ,"err ec lib"},
-{ECDSA_R_MISSING_PARAMETERS              ,"missing parameters"},
-{ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED ,"random number generation failed"},
-{ECDSA_R_SIGNATURE_MALLOC_FAILED         ,"signature malloc failed"},
+{ERR_REASON(ECDSA_R_BAD_SIGNATURE)       ,"bad signature"},
+{ERR_REASON(ECDSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE),"data too large for key size"},
+{ERR_REASON(ECDSA_R_ERR_EC_LIB)          ,"err ec lib"},
+{ERR_REASON(ECDSA_R_MISSING_PARAMETERS)  ,"missing parameters"},
+{ERR_REASON(ECDSA_R_NEED_NEW_SETUP_VALUES),"need new setup values"},
+{ERR_REASON(ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED),"random number generation failed"},
+{ERR_REASON(ECDSA_R_SIGNATURE_MALLOC_FAILED),"signature malloc failed"},
 {0,NULL}
 	};
 
@@ -89,15 +93,12 @@ static ERR_STRING_DATA ECDSA_str_reasons[]=
 
 void ERR_load_ECDSA_strings(void)
 	{
-	static int init=1;
-
-	if (init)
-		{
-		init=0;
 #ifndef OPENSSL_NO_ERR
-		ERR_load_strings(ERR_LIB_ECDSA,ECDSA_str_functs);
-		ERR_load_strings(ERR_LIB_ECDSA,ECDSA_str_reasons);
-#endif
 
+	if (ERR_func_error_string(ECDSA_str_functs[0].error) == NULL)
+		{
+		ERR_load_strings(0,ECDSA_str_functs);
+		ERR_load_strings(0,ECDSA_str_reasons);
 		}
+#endif
 	}
diff --git a/crypto/ecdsa/ecs_lib.c b/crypto/ecdsa/ecs_lib.c
index e355a35698..85e8a3a7ed 100644
--- a/crypto/ecdsa/ecs_lib.c
+++ b/crypto/ecdsa/ecs_lib.c
@@ -1,6 +1,6 @@
 /* crypto/ecdsa/ecs_lib.c */
 /* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1998-2005 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -54,19 +54,21 @@
  */
 
 #include <string.h>
-#include "ecdsa.h"
+#include "ecs_locl.h"
 #ifndef OPENSSL_NO_ENGINE
 #include <openssl/engine.h>
 #endif
 #include <openssl/err.h>
 #include <openssl/bn.h>
 
-const char *ECDSA_version="ECDSA" OPENSSL_VERSION_PTEXT;
-
-static void ecdsa_finish(EC_KEY *);
+const char ECDSA_version[]="ECDSA" OPENSSL_VERSION_PTEXT;
 
 static const ECDSA_METHOD *default_ECDSA_method = NULL;
 
+static void *ecdsa_data_new(void);
+static void *ecdsa_data_dup(void *);
+static void  ecdsa_data_free(void *);
+
 void ECDSA_set_default_method(const ECDSA_METHOD *meth)
 {
 	default_ECDSA_method = meth;
@@ -90,10 +92,6 @@ int ECDSA_set_method(EC_KEY *eckey, const ECDSA_METHOD *meth)
 		return 0;
 
         mtmp = ecdsa->meth;
-#if 0
-        if (mtmp->finish)
-		mtmp->finish(eckey);
-#endif
 #ifndef OPENSSL_NO_ENGINE
 	if (ecdsa->engine)
 	{
@@ -102,34 +100,22 @@ int ECDSA_set_method(EC_KEY *eckey, const ECDSA_METHOD *meth)
 	}
 #endif
         ecdsa->meth = meth;
-#if 0
-        if (meth->init) 
-		meth->init(eckey);
-#endif
-        return 1;
-}
 
-ECDSA_DATA *ECDSA_DATA_new(void)
-{
-	return ECDSA_DATA_new_method(NULL);
+        return 1;
 }
 
-ECDSA_DATA *ECDSA_DATA_new_method(ENGINE *engine)
+static ECDSA_DATA *ECDSA_DATA_new_method(ENGINE *engine)
 {
 	ECDSA_DATA *ret;
 
 	ret=(ECDSA_DATA *)OPENSSL_malloc(sizeof(ECDSA_DATA));
 	if (ret == NULL)
 	{
-		ECDSAerr(ECDSA_F_ECDSA_DATA_NEW, ERR_R_MALLOC_FAILURE);
+		ECDSAerr(ECDSA_F_ECDSA_DATA_NEW_METHOD, ERR_R_MALLOC_FAILURE);
 		return(NULL);
 	}
 
 	ret->init = NULL;
-	ret->finish = ecdsa_finish;
-
-	ret->kinv = NULL;
-	ret->r    = NULL;
 
 	ret->meth = ECDSA_get_default_method();
 	ret->engine = engine;
@@ -141,7 +127,7 @@ ECDSA_DATA *ECDSA_DATA_new_method(ENGINE *engine)
 		ret->meth = ENGINE_get_ECDSA(ret->engine);
 		if (!ret->meth)
 		{
-			ECDSAerr(ECDSA_F_ECDSA_DATA_NEW, ERR_R_ENGINE_LIB);
+			ECDSAerr(ECDSA_F_ECDSA_DATA_NEW_METHOD, ERR_R_ENGINE_LIB);
 			ENGINE_finish(ret->engine);
 			OPENSSL_free(ret);
 			return NULL;
@@ -162,22 +148,30 @@ ECDSA_DATA *ECDSA_DATA_new_method(ENGINE *engine)
 	return(ret);
 }
 
-void ECDSA_DATA_free(ECDSA_DATA *r)
+static void *ecdsa_data_new(void)
 {
-	if (r->kinv)
-		BN_clear_free(r->kinv);
-	if (r->r)
-		BN_clear_free(r->r);
+	return (void *)ECDSA_DATA_new_method(NULL);
+}
+
+static void *ecdsa_data_dup(void *data)
+{
+	ECDSA_DATA *r = (ECDSA_DATA *)data;
+
+	/* XXX: dummy operation */
+	if (r == NULL)
+		return NULL;
+
+	return ecdsa_data_new();
+}
+
+static void ecdsa_data_free(void *data)
+{
+	ECDSA_DATA *r = (ECDSA_DATA *)data;
 
-#if 0
-	if (r->meth->finish)
-		r->meth->finish(r);
-#endif
 #ifndef OPENSSL_NO_ENGINE
 	if (r->engine)
 		ENGINE_finish(r->engine);
 #endif
-
 	CRYPTO_free_ex_data(CRYPTO_EX_INDEX_ECDSA, r, &r->ex_data);
 
 	OPENSSL_cleanse((void *)r, sizeof(ECDSA_DATA));
@@ -187,23 +181,23 @@ void ECDSA_DATA_free(ECDSA_DATA *r)
 
 ECDSA_DATA *ecdsa_check(EC_KEY *key)
 {
-	if (key->meth_data)
+	ECDSA_DATA *ecdsa_data;
+ 
+	void *data = EC_KEY_get_key_method_data(key, ecdsa_data_dup,
+					ecdsa_data_free, ecdsa_data_free);
+	if (data == NULL)
 	{
-		if (key->meth_data->finish != ecdsa_finish)
-		{
-			key->meth_data->finish(key);
-			key->meth_data = (EC_KEY_METH_DATA *)ECDSA_DATA_new();
-		}
+		ecdsa_data = (ECDSA_DATA *)ecdsa_data_new();
+		if (ecdsa_data == NULL)
+			return NULL;
+		EC_KEY_insert_key_method_data(key, (void *)ecdsa_data,
+			ecdsa_data_dup, ecdsa_data_free, ecdsa_data_free);
 	}
 	else
-		key->meth_data = (EC_KEY_METH_DATA *)ECDSA_DATA_new();
-	return (ECDSA_DATA *)key->meth_data;
-}
+		ecdsa_data = (ECDSA_DATA *)data;
+	
 
-static void ecdsa_finish(EC_KEY *key)
-{
-	if (key->meth_data && key->meth_data->finish == ecdsa_finish)
-		ECDSA_DATA_free((ECDSA_DATA *)key->meth_data);
+	return ecdsa_data;
 }
 
 int ECDSA_size(const EC_KEY *r)
@@ -212,11 +206,16 @@ int ECDSA_size(const EC_KEY *r)
 	ASN1_INTEGER bs;
 	BIGNUM	*order=NULL;
 	unsigned char buf[4];
+	const EC_GROUP *group;
 
-	if (r == NULL || r->group == NULL)
+	if (r == NULL)
+		return 0;
+	group = EC_KEY_get0_group(r);
+	if (group == NULL)
 		return 0;
+
 	if ((order = BN_new()) == NULL) return 0;
-	if (!EC_GROUP_get_order(r->group,order,NULL))
+	if (!EC_GROUP_get_order(group,order,NULL))
 	{
 		BN_clear_free(order);
 		return 0;
diff --git a/crypto/ecdsa/ecs_ossl.c b/crypto/ecdsa/ecs_ossl.c
index 712f666641..551cf5068f 100644
--- a/crypto/ecdsa/ecs_ossl.c
+++ b/crypto/ecdsa/ecs_ossl.c
@@ -56,17 +56,17 @@
  *
  */
 
-#include "ecdsa.h"
+#include "ecs_locl.h"
 #include <openssl/err.h>
 #include <openssl/obj_mac.h>
 #include <openssl/bn.h>
 
 static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dlen, 
-		EC_KEY *eckey);
+		const BIGNUM *, const BIGNUM *, EC_KEY *eckey);
 static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp, 
 		BIGNUM **rp);
 static int ecdsa_do_verify(const unsigned char *dgst, int dgst_len, 
-		ECDSA_SIG *sig, EC_KEY *eckey);
+		const ECDSA_SIG *sig, EC_KEY *eckey);
 
 static ECDSA_METHOD openssl_ecdsa_meth = {
 	"OpenSSL ECDSA method",
@@ -92,14 +92,14 @@ static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp,
 	BN_CTX   *ctx = NULL;
 	BIGNUM	 *k = NULL, *r = NULL, *order = NULL, *X = NULL;
 	EC_POINT *tmp_point=NULL;
-	EC_GROUP *group;
+	const EC_GROUP *group;
 	int 	 ret = 0;
-	if (!eckey  || !eckey->group || !eckey->pub_key || !eckey->priv_key)
+
+	if (eckey == NULL || (group = EC_KEY_get0_group(eckey)) == NULL)
 	{
 		ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_PASSED_NULL_PARAMETER);
 		return 0;
 	}
-	group = eckey->group;
 
 	if (ctx_in == NULL) 
 	{
@@ -210,24 +210,27 @@ err:
 
 
 static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dgst_len, 
-		EC_KEY *eckey)
+		const BIGNUM *in_kinv, const BIGNUM *in_r, EC_KEY *eckey)
 {
-	int     ok = 0;
-	BIGNUM *kinv=NULL, *r, *s, *m=NULL,*tmp=NULL,*order=NULL;
+	int     ok = 0, i;
+	BIGNUM *kinv=NULL, *s, *m=NULL,*tmp=NULL,*order=NULL;
+	const BIGNUM *ckinv;
 	BN_CTX     *ctx = NULL;
-	EC_GROUP   *group;
+	const EC_GROUP   *group;
 	ECDSA_SIG  *ret;
 	ECDSA_DATA *ecdsa;
+	const BIGNUM *priv_key;
 
-	ecdsa = ecdsa_check(eckey);
-
-	if (!eckey->group || !eckey->pub_key || !eckey->priv_key || !ecdsa)
+	ecdsa    = ecdsa_check(eckey);
+	group    = EC_KEY_get0_group(eckey);
+	priv_key = EC_KEY_get0_private_key(eckey);
+	
+	if (group == NULL || priv_key == NULL || ecdsa == NULL)
 	{
 		ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_PASSED_NULL_PARAMETER);
 		return NULL;
 	}
 
-	group = eckey->group;
 	ret = ECDSA_SIG_new();
 	if (!ret)
 	{
@@ -248,40 +251,45 @@ static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dgst_len,
 		ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB);
 		goto err;
 	}
-	if (dgst_len > BN_num_bytes(order))
+	i = BN_num_bits(order);
+	/* Need to truncate digest if it is too long: first truncate whole
+	 * bytes.
+	 */
+	if (8 * dgst_len > i)
+		dgst_len = (i + 7)/8;
+	if (!BN_bin2bn(dgst, dgst_len, m))
 	{
-		ECDSAerr(ECDSA_F_ECDSA_DO_SIGN,
-			ECDSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
+		ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
 		goto err;
 	}
-
-	if (!BN_bin2bn(dgst, dgst_len, m))
+	/* If still too long truncate remaining bits with a shift */
+	if ((8 * dgst_len > i) && !BN_rshift(m, m, 8 - (i & 0x7)))
 	{
 		ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
 		goto err;
 	}
 	do
 	{
-		if (ecdsa->kinv == NULL || ecdsa->r == NULL)
+		if (in_kinv == NULL || in_r == NULL)
 		{
 			if (!ECDSA_sign_setup(eckey, ctx, &kinv, &ret->r))
 			{
 				ECDSAerr(ECDSA_F_ECDSA_DO_SIGN,ERR_R_ECDSA_LIB);
 				goto err;
 			}
-			r = ret->r;
+			ckinv = kinv;
 		}
 		else
 		{
-			BN_free(ret->r);
-			kinv   = ecdsa->kinv;
-			r      = ecdsa->r;
-			ret->r = r;
-			ecdsa->kinv = NULL;
-			ecdsa->r    = NULL;
+			ckinv  = in_kinv;
+			if (BN_copy(ret->r, in_r) == NULL)
+			{
+				ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE);
+				goto err;
+			}
 		}
 
-		if (!BN_mod_mul(tmp, eckey->priv_key, r, order, ctx))
+		if (!BN_mod_mul(tmp, priv_key, ret->r, order, ctx))
 		{
 			ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
 			goto err;
@@ -291,13 +299,26 @@ static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dgst_len,
 			ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
 			goto err;
 		}
-		if (!BN_mod_mul(s, s, kinv, order, ctx))
+		if (!BN_mod_mul(s, s, ckinv, order, ctx))
 		{
 			ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
 			goto err;
 		}
+		if (BN_is_zero(s))
+		{
+			/* if kinv and r have been supplied by the caller
+			 * don't to generate new kinv and r values */
+			if (in_kinv != NULL && in_r != NULL)
+			{
+				ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ECDSA_R_NEED_NEW_SETUP_VALUES);
+				goto err;
+			}
+		}
+		else
+			/* s != 0 => we have a valid signature */
+			break;
 	}
-	while (BN_is_zero(s));
+	while (1);
 
 	ok = 1;
 err:
@@ -320,22 +341,23 @@ err:
 }
 
 static int ecdsa_do_verify(const unsigned char *dgst, int dgst_len,
-		ECDSA_SIG *sig, EC_KEY *eckey)
+		const ECDSA_SIG *sig, EC_KEY *eckey)
 {
-	int ret = -1;
+	int ret = -1, i;
 	BN_CTX   *ctx;
 	BIGNUM   *order, *u1, *u2, *m, *X;
 	EC_POINT *point = NULL;
-	EC_GROUP *group;
+	const EC_GROUP *group;
+	const EC_POINT *pub_key;
+
 	/* check input values */
-	if (!eckey || !eckey->group || !eckey->pub_key || !sig)
+	if (eckey == NULL || (group = EC_KEY_get0_group(eckey)) == NULL ||
+	    (pub_key = EC_KEY_get0_public_key(eckey)) == NULL || sig == NULL)
 	{
 		ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ECDSA_R_MISSING_PARAMETERS);
 		return -1;
 	}
 
-	group = eckey->group;
-
 	ctx = BN_CTX_new();
 	if (!ctx)
 	{
@@ -360,9 +382,9 @@ static int ecdsa_do_verify(const unsigned char *dgst, int dgst_len,
 		goto err;
 	}
 
-	if (BN_is_zero(sig->r)          || BN_get_sign(sig->r) || 
+	if (BN_is_zero(sig->r)          || BN_is_negative(sig->r) || 
 	    BN_ucmp(sig->r, order) >= 0 || BN_is_zero(sig->s)  ||
-	    BN_get_sign(sig->s)         || BN_ucmp(sig->s, order) >= 0)
+	    BN_is_negative(sig->s)      || BN_ucmp(sig->s, order) >= 0)
 	{
 		ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ECDSA_R_BAD_SIGNATURE);
 		ret = 0;	/* signature is invalid */
@@ -375,11 +397,23 @@ static int ecdsa_do_verify(const unsigned char *dgst, int dgst_len,
 		goto err;
 	}
 	/* digest -> m */
+	i = BN_num_bits(order);
+	/* Need to truncate digest if it is too long: first truncate whole
+	 * bytes.
+	 */
+	if (8 * dgst_len > i)
+		dgst_len = (i + 7)/8;
 	if (!BN_bin2bn(dgst, dgst_len, m))
 	{
 		ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB);
 		goto err;
 	}
+	/* If still too long truncate remaining bits with a shift */
+	if ((8 * dgst_len > i) && !BN_rshift(m, m, 8 - (i & 0x7)))
+	{
+		ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB);
+		goto err;
+	}
 	/* u1 = m * tmp mod order */
 	if (!BN_mod_mul(u1, m, u2, order, ctx))
 	{
@@ -398,7 +432,7 @@ static int ecdsa_do_verify(const unsigned char *dgst, int dgst_len,
 		ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE);
 		goto err;
 	}
-	if (!EC_POINT_mul(group, point, u1, eckey->pub_key, u2, ctx))
+	if (!EC_POINT_mul(group, point, u1, pub_key, u2, ctx))
 	{
 		ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB);
 		goto err;
@@ -408,7 +442,7 @@ static int ecdsa_do_verify(const unsigned char *dgst, int dgst_len,
 		if (!EC_POINT_get_affine_coordinates_GFp(group,
 			point, X, NULL, ctx))
 		{
-			ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_EC_LIB);
+			ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB);
 			goto err;
 		}
 	}
@@ -417,7 +451,7 @@ static int ecdsa_do_verify(const unsigned char *dgst, int dgst_len,
 		if (!EC_POINT_get_affine_coordinates_GF2m(group,
 			point, X, NULL, ctx))
 		{
-			ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_EC_LIB);
+			ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB);
 			goto err;
 		}
 	}
diff --git a/crypto/ecdsa/ecs_sign.c b/crypto/ecdsa/ecs_sign.c
index 4667c8cfcc..353d5af514 100644
--- a/crypto/ecdsa/ecs_sign.c
+++ b/crypto/ecdsa/ecs_sign.c
@@ -53,32 +53,47 @@
  *
  */
 
-#include "ecdsa.h"
+#include "ecs_locl.h"
 #ifndef OPENSSL_NO_ENGINE
 #include <openssl/engine.h>
 #endif
+#include <openssl/rand.h>
 
-ECDSA_SIG * ECDSA_do_sign(const unsigned char *dgst, int dlen, EC_KEY *eckey)
+ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst, int dlen, EC_KEY *eckey)
+{
+	return ECDSA_do_sign_ex(dgst, dlen, NULL, NULL, eckey);
+}
+
+ECDSA_SIG *ECDSA_do_sign_ex(const unsigned char *dgst, int dlen,
+	const BIGNUM *kinv, const BIGNUM *rp, EC_KEY *eckey)
 {
 	ECDSA_DATA *ecdsa = ecdsa_check(eckey);
 	if (ecdsa == NULL)
 		return NULL;
-	return ecdsa->meth->ecdsa_do_sign(dgst, dlen, eckey);
+	return ecdsa->meth->ecdsa_do_sign(dgst, dlen, kinv, rp, eckey);
 }
 
 int ECDSA_sign(int type, const unsigned char *dgst, int dlen, unsigned char 
 		*sig, unsigned int *siglen, EC_KEY *eckey)
 {
+	return ECDSA_sign_ex(type, dgst, dlen, sig, siglen, NULL, NULL, eckey);
+}
+
+int ECDSA_sign_ex(int type, const unsigned char *dgst, int dlen, unsigned char 
+	*sig, unsigned int *siglen, const BIGNUM *kinv, const BIGNUM *r, 
+	EC_KEY *eckey)
+{
 	ECDSA_SIG *s;
-	s=ECDSA_do_sign(dgst,dlen,eckey);
+	RAND_seed(dgst, dlen);
+	s = ECDSA_do_sign_ex(dgst, dlen, kinv, r, eckey);
 	if (s == NULL)
 	{
 		*siglen=0;
-		return(0);
+		return 0;
 	}
-	*siglen=i2d_ECDSA_SIG(s,&sig);
+	*siglen = i2d_ECDSA_SIG(s, &sig);
 	ECDSA_SIG_free(s);
-	return(1);
+	return 1;
 }
 
 int ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp, 
diff --git a/crypto/ecdsa/ecs_vrf.c b/crypto/ecdsa/ecs_vrf.c
index 15a6ab49f9..ef9acf7b61 100644
--- a/crypto/ecdsa/ecs_vrf.c
+++ b/crypto/ecdsa/ecs_vrf.c
@@ -1,4 +1,7 @@
 /* crypto/ecdsa/ecdsa_vrf.c */
+/*
+ * Written by Nils Larsch for the OpenSSL project
+ */
 /* ====================================================================
  * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
  *
@@ -53,7 +56,7 @@
  *
  */
 
-#include "ecdsa.h"
+#include "ecs_locl.h"
 #ifndef OPENSSL_NO_ENGINE
 #include <openssl/engine.h>
 #endif
@@ -64,7 +67,7 @@
  *     -1: error
  */
 int ECDSA_do_verify(const unsigned char *dgst, int dgst_len, 
-		ECDSA_SIG *sig, EC_KEY *eckey)
+		const ECDSA_SIG *sig, EC_KEY *eckey)
 	{
 	ECDSA_DATA *ecdsa = ecdsa_check(eckey);
 	if (ecdsa == NULL)
diff --git a/crypto/engine/.cvsignore b/crypto/engine/.cvsignore
index c6d03a9dbc..439e6d3eb6 100644
--- a/crypto/engine/.cvsignore
+++ b/crypto/engine/.cvsignore
@@ -1,2 +1,4 @@
 lib
 Makefile.save
+*.flc
+semantic.cache
diff --git a/crypto/engine/Makefile.ssl b/crypto/engine/Makefile.ssl
deleted file mode 100644
index f75297fd0c..0000000000
--- a/crypto/engine/Makefile.ssl
+++ /dev/null
@@ -1,292 +0,0 @@
-#
-# OpenSSL/crypto/engine/Makefile
-#
-
-DIR=	engine
-TOP=	../..
-CC=	cc
-INCLUDES= -I.. -I$(TOP) -I../../include
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST= enginetest.c
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC= eng_err.c eng_lib.c eng_list.c eng_init.c eng_ctrl.c \
-	eng_table.c eng_pkey.c eng_fat.c eng_all.c \
-	tb_rsa.c tb_dsa.c tb_ecdsa.c tb_dh.c tb_ecdh.c tb_rand.c tb_store.c \
-	tb_cipher.c tb_digest.c \
-	eng_openssl.c eng_cnf.c eng_dyn.c eng_cryptodev.c eng_padlock.c
-LIBOBJ= eng_err.o eng_lib.o eng_list.o eng_init.o eng_ctrl.o \
-	eng_table.o eng_pkey.o eng_fat.o eng_all.o \
-	tb_rsa.o tb_dsa.o tb_ecdsa.o tb_dh.o tb_ecdh.o tb_rand.o tb_store.o \
-	tb_cipher.o tb_digest.o \
-	eng_openssl.o eng_cnf.o eng_dyn.o eng_cryptodev.o eng_padlock.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= engine.h
-HEADER=	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@sh $(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-eng_all.o: ../../e_os.h ../../include/openssl/bio.h
-eng_all.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-eng_all.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
-eng_all.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-eng_all.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-eng_all.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-eng_all.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-eng_all.o: ../cryptlib.h eng_all.c eng_int.h
-eng_cnf.o: ../../e_os.h ../../include/openssl/bio.h
-eng_cnf.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
-eng_cnf.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-eng_cnf.o: ../../include/openssl/engine.h ../../include/openssl/err.h
-eng_cnf.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-eng_cnf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-eng_cnf.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-eng_cnf.o: ../../include/openssl/symhacks.h ../cryptlib.h eng_cnf.c eng_int.h
-eng_cryptodev.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-eng_cryptodev.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
-eng_cryptodev.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
-eng_cryptodev.o: ../../include/openssl/evp.h ../../include/openssl/obj_mac.h
-eng_cryptodev.o: ../../include/openssl/objects.h
-eng_cryptodev.o: ../../include/openssl/opensslconf.h
-eng_cryptodev.o: ../../include/openssl/opensslv.h
-eng_cryptodev.o: ../../include/openssl/ossl_typ.h
-eng_cryptodev.o: ../../include/openssl/safestack.h
-eng_cryptodev.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-eng_cryptodev.o: eng_cryptodev.c
-eng_ctrl.o: ../../e_os.h ../../include/openssl/bio.h
-eng_ctrl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-eng_ctrl.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
-eng_ctrl.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-eng_ctrl.o: ../../include/openssl/opensslconf.h
-eng_ctrl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-eng_ctrl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-eng_ctrl.o: ../../include/openssl/symhacks.h ../cryptlib.h eng_ctrl.c eng_int.h
-eng_dyn.o: ../../e_os.h ../../include/openssl/bio.h
-eng_dyn.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-eng_dyn.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
-eng_dyn.o: ../../include/openssl/engine.h ../../include/openssl/err.h
-eng_dyn.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-eng_dyn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-eng_dyn.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-eng_dyn.o: ../../include/openssl/symhacks.h ../cryptlib.h eng_dyn.c eng_int.h
-eng_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
-eng_err.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
-eng_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-eng_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-eng_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-eng_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-eng_err.o: eng_err.c
-eng_fat.o: ../../e_os.h ../../include/openssl/bio.h
-eng_fat.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
-eng_fat.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-eng_fat.o: ../../include/openssl/engine.h ../../include/openssl/err.h
-eng_fat.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-eng_fat.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-eng_fat.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-eng_fat.o: ../../include/openssl/symhacks.h ../cryptlib.h eng_fat.c eng_int.h
-eng_init.o: ../../e_os.h ../../include/openssl/bio.h
-eng_init.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-eng_init.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
-eng_init.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-eng_init.o: ../../include/openssl/opensslconf.h
-eng_init.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-eng_init.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-eng_init.o: ../../include/openssl/symhacks.h ../cryptlib.h eng_init.c eng_int.h
-eng_lib.o: ../../e_os.h ../../include/openssl/bio.h
-eng_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-eng_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
-eng_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-eng_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-eng_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
-eng_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-eng_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h eng_int.h eng_lib.c
-eng_list.o: ../../e_os.h ../../include/openssl/bio.h
-eng_list.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-eng_list.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
-eng_list.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-eng_list.o: ../../include/openssl/opensslconf.h
-eng_list.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-eng_list.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-eng_list.o: ../../include/openssl/symhacks.h ../cryptlib.h eng_int.h eng_list.c
-eng_openssl.o: ../../e_os.h ../../include/openssl/asn1.h
-eng_openssl.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-eng_openssl.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
-eng_openssl.o: ../../include/openssl/dsa.h ../../include/openssl/dso.h
-eng_openssl.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-eng_openssl.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-eng_openssl.o: ../../include/openssl/engine.h ../../include/openssl/err.h
-eng_openssl.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-eng_openssl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-eng_openssl.o: ../../include/openssl/opensslconf.h
-eng_openssl.o: ../../include/openssl/opensslv.h
-eng_openssl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
-eng_openssl.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
-eng_openssl.o: ../../include/openssl/rand.h ../../include/openssl/rc4.h
-eng_openssl.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-eng_openssl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-eng_openssl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-eng_openssl.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_openssl.c
-eng_padlock.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
-eng_padlock.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
-eng_padlock.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
-eng_padlock.o: ../../include/openssl/engine.h ../../include/openssl/evp.h
-eng_padlock.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-eng_padlock.o: ../../include/openssl/opensslconf.h
-eng_padlock.o: ../../include/openssl/opensslv.h
-eng_padlock.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
-eng_padlock.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-eng_padlock.o: ../../include/openssl/symhacks.h eng_padlock.c
-eng_pkey.o: ../../e_os.h ../../include/openssl/bio.h
-eng_pkey.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-eng_pkey.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
-eng_pkey.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-eng_pkey.o: ../../include/openssl/opensslconf.h
-eng_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-eng_pkey.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-eng_pkey.o: ../../include/openssl/symhacks.h ../cryptlib.h eng_int.h eng_pkey.c
-eng_table.o: ../../e_os.h ../../include/openssl/asn1.h
-eng_table.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-eng_table.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-eng_table.o: ../../include/openssl/engine.h ../../include/openssl/err.h
-eng_table.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-eng_table.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-eng_table.o: ../../include/openssl/opensslconf.h
-eng_table.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-eng_table.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-eng_table.o: ../../include/openssl/symhacks.h ../cryptlib.h eng_int.h
-eng_table.o: eng_table.c
-tb_cipher.o: ../../e_os.h ../../include/openssl/bio.h
-tb_cipher.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-tb_cipher.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
-tb_cipher.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-tb_cipher.o: ../../include/openssl/opensslconf.h
-tb_cipher.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-tb_cipher.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-tb_cipher.o: ../../include/openssl/symhacks.h ../cryptlib.h eng_int.h
-tb_cipher.o: tb_cipher.c
-tb_dh.o: ../../e_os.h ../../include/openssl/bio.h
-tb_dh.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-tb_dh.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
-tb_dh.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-tb_dh.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-tb_dh.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-tb_dh.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-tb_dh.o: ../cryptlib.h eng_int.h tb_dh.c
-tb_digest.o: ../../e_os.h ../../include/openssl/bio.h
-tb_digest.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-tb_digest.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
-tb_digest.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-tb_digest.o: ../../include/openssl/opensslconf.h
-tb_digest.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-tb_digest.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-tb_digest.o: ../../include/openssl/symhacks.h ../cryptlib.h eng_int.h
-tb_digest.o: tb_digest.c
-tb_dsa.o: ../../e_os.h ../../include/openssl/bio.h
-tb_dsa.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-tb_dsa.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
-tb_dsa.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-tb_dsa.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-tb_dsa.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-tb_dsa.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-tb_dsa.o: ../cryptlib.h eng_int.h tb_dsa.c
-tb_ecdh.o: ../../e_os.h ../../include/openssl/bio.h
-tb_ecdh.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-tb_ecdh.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
-tb_ecdh.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-tb_ecdh.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-tb_ecdh.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-tb_ecdh.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-tb_ecdh.o: ../cryptlib.h eng_int.h tb_ecdh.c
-tb_ecdsa.o: ../../e_os.h ../../include/openssl/bio.h
-tb_ecdsa.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-tb_ecdsa.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
-tb_ecdsa.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-tb_ecdsa.o: ../../include/openssl/opensslconf.h
-tb_ecdsa.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-tb_ecdsa.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-tb_ecdsa.o: ../../include/openssl/symhacks.h ../cryptlib.h eng_int.h tb_ecdsa.c
-tb_rand.o: ../../e_os.h ../../include/openssl/bio.h
-tb_rand.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-tb_rand.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
-tb_rand.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-tb_rand.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-tb_rand.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-tb_rand.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-tb_rand.o: ../cryptlib.h eng_int.h tb_rand.c
-tb_rsa.o: ../../e_os.h ../../include/openssl/bio.h
-tb_rsa.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-tb_rsa.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
-tb_rsa.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-tb_rsa.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-tb_rsa.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-tb_rsa.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-tb_rsa.o: ../cryptlib.h eng_int.h tb_rsa.c
-tb_store.o: ../../e_os.h ../../include/openssl/bio.h
-tb_store.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-tb_store.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
-tb_store.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-tb_store.o: ../../include/openssl/opensslconf.h
-tb_store.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-tb_store.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-tb_store.o: ../../include/openssl/symhacks.h ../cryptlib.h eng_int.h tb_store.c
diff --git a/crypto/engine/eng_aesni.c b/crypto/engine/eng_aesni.c
new file mode 100644
index 0000000000..2a997cae36
--- /dev/null
+++ b/crypto/engine/eng_aesni.c
@@ -0,0 +1,400 @@
+/*
+ * Support for Intel AES-NI intruction set
+ *   Author: Huang Ying <ying.huang@intel.com>
+ *
+ * Intel AES-NI is a new set of Single Instruction Multiple Data
+ * (SIMD) instructions that are going to be introduced in the next
+ * generation of Intel processor, as of 2009. These instructions
+ * enable fast and secure data encryption and decryption, using the
+ * Advanced Encryption Standard (AES), defined by FIPS Publication
+ * number 197.  The architecture introduces six instructions that
+ * offer full hardware support for AES. Four of them support high
+ * performance data encryption and decryption, and the other two
+ * instructions support the AES key expansion procedure.
+ *
+ * The white paper can be downloaded from:
+ *   http://softwarecommunity.intel.com/isn/downloads/intelavx/AES-Instructions-Set_WP.pdf
+ *
+ * This file is based on engines/e_padlock.c
+ */
+
+/* ====================================================================
+ * Copyright (c) 1999-2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+
+#include <openssl/opensslconf.h>
+
+#if !defined(OPENSSL_NO_HW) && !defined(OPENSSL_NO_HW_AES_NI) && !defined(OPENSSL_NO_AES)
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/dso.h>
+#include <openssl/engine.h>
+#include <openssl/evp.h>
+#include <openssl/aes.h>
+#include <openssl/err.h>
+#include <openssl/modes.h>
+
+/* AES-NI is available *ONLY* on some x86 CPUs.  Not only that it
+   doesn't exist elsewhere, but it even can't be compiled on other
+   platforms! */
+#undef COMPILE_HW_AESNI
+#if (defined(__x86_64) || defined(__x86_64__) || \
+     defined(_M_AMD64) || defined(_M_X64) || \
+     defined(OPENSSL_IA32_SSE2)) && !defined(OPENSSL_NO_ASM)
+#define COMPILE_HW_AESNI
+static ENGINE *ENGINE_aesni (void);
+#endif
+
+void ENGINE_load_aesni (void)
+{
+/* On non-x86 CPUs it just returns. */
+#ifdef COMPILE_HW_AESNI
+	ENGINE *toadd = ENGINE_aesni();
+	if (!toadd)
+		return;
+	ENGINE_add (toadd);
+	ENGINE_free (toadd);
+	ERR_clear_error ();
+#endif
+}
+
+#ifdef COMPILE_HW_AESNI
+int aesni_set_encrypt_key(const unsigned char *userKey, int bits,
+			      AES_KEY *key);
+int aesni_set_decrypt_key(const unsigned char *userKey, int bits,
+			      AES_KEY *key);
+
+void aesni_encrypt(const unsigned char *in, unsigned char *out,
+		       const AES_KEY *key);
+void aesni_decrypt(const unsigned char *in, unsigned char *out,
+		       const AES_KEY *key);
+
+void aesni_ecb_encrypt(const unsigned char *in,
+			   unsigned char *out,
+			   size_t length,
+			   const AES_KEY *key,
+			   int enc);
+void aesni_cbc_encrypt(const unsigned char *in,
+			   unsigned char *out,
+			   size_t length,
+			   const AES_KEY *key,
+			   unsigned char *ivec, int enc);
+
+/* Function for ENGINE detection and control */
+static int aesni_init(ENGINE *e);
+
+/* Cipher Stuff */
+static int aesni_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
+				const int **nids, int nid);
+
+#define AESNI_MIN_ALIGN	16
+#define AESNI_ALIGN(x) \
+	((void *)(((unsigned long)(x)+AESNI_MIN_ALIGN-1)&~(AESNI_MIN_ALIGN-1)))
+
+/* Engine names */
+static const char   aesni_id[] = "aesni",
+		    aesni_name[] = "Intel AES-NI engine",
+		    no_aesni_name[] = "Intel AES-NI engine (no-aesni)";
+
+/* ===== Engine "management" functions ===== */
+
+/* Prepare the ENGINE structure for registration */
+static int
+aesni_bind_helper(ENGINE *e)
+{
+	int engage = (OPENSSL_ia32cap_P[1] & (1 << (57-32))) != 0;
+
+	/* Register everything or return with an error */
+	if (!ENGINE_set_id(e, aesni_id) ||
+	    !ENGINE_set_name(e, engage ? aesni_name : no_aesni_name) ||
+
+	    !ENGINE_set_init_function(e, aesni_init) ||
+	    (engage && !ENGINE_set_ciphers (e, aesni_ciphers))
+	    )
+		return 0;
+
+	/* Everything looks good */
+	return 1;
+}
+
+/* Constructor */
+static ENGINE *
+ENGINE_aesni(void)
+{
+	ENGINE *eng = ENGINE_new();
+
+	if (!eng) {
+		return NULL;
+	}
+
+	if (!aesni_bind_helper(eng)) {
+		ENGINE_free(eng);
+		return NULL;
+	}
+
+	return eng;
+}
+
+/* Check availability of the engine */
+static int
+aesni_init(ENGINE *e)
+{
+	return 1;
+}
+
+#if defined(NID_aes_128_cfb128) && ! defined (NID_aes_128_cfb)
+#define NID_aes_128_cfb	NID_aes_128_cfb128
+#endif
+
+#if defined(NID_aes_128_ofb128) && ! defined (NID_aes_128_ofb)
+#define NID_aes_128_ofb	NID_aes_128_ofb128
+#endif
+
+#if defined(NID_aes_192_cfb128) && ! defined (NID_aes_192_cfb)
+#define NID_aes_192_cfb	NID_aes_192_cfb128
+#endif
+
+#if defined(NID_aes_192_ofb128) && ! defined (NID_aes_192_ofb)
+#define NID_aes_192_ofb	NID_aes_192_ofb128
+#endif
+
+#if defined(NID_aes_256_cfb128) && ! defined (NID_aes_256_cfb)
+#define NID_aes_256_cfb	NID_aes_256_cfb128
+#endif
+
+#if defined(NID_aes_256_ofb128) && ! defined (NID_aes_256_ofb)
+#define NID_aes_256_ofb	NID_aes_256_ofb128
+#endif
+
+/* List of supported ciphers. */
+static int aesni_cipher_nids[] = {
+	NID_aes_128_ecb,
+	NID_aes_128_cbc,
+	NID_aes_128_cfb,
+	NID_aes_128_ofb,
+
+	NID_aes_192_ecb,
+	NID_aes_192_cbc,
+	NID_aes_192_cfb,
+	NID_aes_192_ofb,
+
+	NID_aes_256_ecb,
+	NID_aes_256_cbc,
+	NID_aes_256_cfb,
+	NID_aes_256_ofb,
+};
+static int aesni_cipher_nids_num =
+	(sizeof(aesni_cipher_nids)/sizeof(aesni_cipher_nids[0]));
+
+typedef struct
+{
+	AES_KEY ks;
+	unsigned int _pad1[3];
+} AESNI_KEY;
+
+static int
+aesni_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *user_key,
+		    const unsigned char *iv, int enc)
+{
+	int ret;
+	AES_KEY *key = AESNI_ALIGN(ctx->cipher_data);
+
+	if ((ctx->cipher->flags & EVP_CIPH_MODE) == EVP_CIPH_CFB_MODE
+	    || (ctx->cipher->flags & EVP_CIPH_MODE) == EVP_CIPH_OFB_MODE
+	    || enc)
+		ret=aesni_set_encrypt_key(user_key, ctx->key_len * 8, key);
+	else
+		ret=aesni_set_decrypt_key(user_key, ctx->key_len * 8, key);
+
+	if(ret < 0) {
+		EVPerr(EVP_F_AESNI_INIT_KEY,EVP_R_AES_KEY_SETUP_FAILED);
+		return 0;
+	}
+
+	return 1;
+}
+
+static int aesni_cipher_ecb(EVP_CIPHER_CTX *ctx, unsigned char *out,
+		 const unsigned char *in, size_t inl)
+{	AES_KEY *key = AESNI_ALIGN(ctx->cipher_data);
+	aesni_ecb_encrypt(in, out, inl, key, ctx->encrypt);
+	return 1;
+}
+static int aesni_cipher_cbc(EVP_CIPHER_CTX *ctx, unsigned char *out,
+		 const unsigned char *in, size_t inl)
+{	AES_KEY *key = AESNI_ALIGN(ctx->cipher_data);
+	aesni_cbc_encrypt(in, out, inl, key,
+			      ctx->iv, ctx->encrypt);
+	return 1;
+}
+static int aesni_cipher_cfb(EVP_CIPHER_CTX *ctx, unsigned char *out,
+		 const unsigned char *in, size_t inl)
+{	AES_KEY *key = AESNI_ALIGN(ctx->cipher_data);
+	CRYPTO_cfb128_encrypt(in, out, inl, key, ctx->iv,
+				&ctx->num, ctx->encrypt,
+				(block128_f)aesni_encrypt);
+	return 1;
+}
+static int aesni_cipher_ofb(EVP_CIPHER_CTX *ctx, unsigned char *out,
+		 const unsigned char *in, size_t inl)
+{	AES_KEY *key = AESNI_ALIGN(ctx->cipher_data);
+	CRYPTO_ofb128_encrypt(in, out, inl, key, ctx->iv,
+				&ctx->num, (block128_f)aesni_encrypt);
+	return 1;
+}
+
+#define AES_BLOCK_SIZE		16
+
+#define EVP_CIPHER_block_size_ECB	AES_BLOCK_SIZE
+#define EVP_CIPHER_block_size_CBC	AES_BLOCK_SIZE
+#define EVP_CIPHER_block_size_OFB	1
+#define EVP_CIPHER_block_size_CFB	1
+
+/* Declaring so many ciphers by hand would be a pain.
+   Instead introduce a bit of preprocessor magic :-) */
+#define	DECLARE_AES_EVP(ksize,lmode,umode)	\
+static const EVP_CIPHER aesni_##ksize##_##lmode = {	\
+	NID_aes_##ksize##_##lmode,			\
+	EVP_CIPHER_block_size_##umode,			\
+	ksize / 8,					\
+	AES_BLOCK_SIZE,					\
+	0 | EVP_CIPH_##umode##_MODE,			\
+	aesni_init_key,				\
+	aesni_cipher_##lmode,				\
+	NULL,						\
+	sizeof(AESNI_KEY),				\
+	EVP_CIPHER_set_asn1_iv,				\
+	EVP_CIPHER_get_asn1_iv,				\
+	NULL,						\
+	NULL						\
+}
+
+DECLARE_AES_EVP(128,ecb,ECB);
+DECLARE_AES_EVP(128,cbc,CBC);
+DECLARE_AES_EVP(128,cfb,CFB);
+DECLARE_AES_EVP(128,ofb,OFB);
+
+DECLARE_AES_EVP(192,ecb,ECB);
+DECLARE_AES_EVP(192,cbc,CBC);
+DECLARE_AES_EVP(192,cfb,CFB);
+DECLARE_AES_EVP(192,ofb,OFB);
+
+DECLARE_AES_EVP(256,ecb,ECB);
+DECLARE_AES_EVP(256,cbc,CBC);
+DECLARE_AES_EVP(256,cfb,CFB);
+DECLARE_AES_EVP(256,ofb,OFB);
+
+static int
+aesni_ciphers (ENGINE *e, const EVP_CIPHER **cipher,
+		      const int **nids, int nid)
+{
+	/* No specific cipher => return a list of supported nids ... */
+	if (!cipher) {
+		*nids = aesni_cipher_nids;
+		return aesni_cipher_nids_num;
+	}
+
+	/* ... or the requested "cipher" otherwise */
+	switch (nid) {
+	case NID_aes_128_ecb:
+		*cipher = &aesni_128_ecb;
+		break;
+	case NID_aes_128_cbc:
+		*cipher = &aesni_128_cbc;
+		break;
+	case NID_aes_128_cfb:
+		*cipher = &aesni_128_cfb;
+		break;
+	case NID_aes_128_ofb:
+		*cipher = &aesni_128_ofb;
+		break;
+
+	case NID_aes_192_ecb:
+		*cipher = &aesni_192_ecb;
+		break;
+	case NID_aes_192_cbc:
+		*cipher = &aesni_192_cbc;
+		break;
+	case NID_aes_192_cfb:
+		*cipher = &aesni_192_cfb;
+		break;
+	case NID_aes_192_ofb:
+		*cipher = &aesni_192_ofb;
+		break;
+
+	case NID_aes_256_ecb:
+		*cipher = &aesni_256_ecb;
+		break;
+	case NID_aes_256_cbc:
+		*cipher = &aesni_256_cbc;
+		break;
+	case NID_aes_256_cfb:
+		*cipher = &aesni_256_cfb;
+		break;
+	case NID_aes_256_ofb:
+		*cipher = &aesni_256_ofb;
+		break;
+
+	default:
+		/* Sorry, we don't support this NID */
+		*cipher = NULL;
+		return 0;
+	}
+
+	return 1;
+}
+
+#endif /* COMPILE_HW_AESNI */
+#endif /* !defined(OPENSSL_NO_HW) && !defined(OPENSSL_NO_HW_AESNI) && !defined(OPENSSL_NO_AES) */
diff --git a/crypto/engine/eng_all.c b/crypto/engine/eng_all.c
index 93c54d0f6f..623485d3d2 100644
--- a/crypto/engine/eng_all.c
+++ b/crypto/engine/eng_all.c
@@ -61,13 +61,19 @@
 
 void ENGINE_load_builtin_engines(void)
 	{
+#if 0
 	/* There's no longer any need for an "openssl" ENGINE unless, one day,
 	 * it is the *only* way for standard builtin implementations to be be
 	 * accessed (ie. it would be possible to statically link binaries with
 	 * *no* builtin implementations). */
-#if 0
 	ENGINE_load_openssl();
 #endif
+#if defined(__OpenBSD__) || defined(__FreeBSD__)
+	ENGINE_load_cryptodev();
+#endif
+#if !defined(OPENSSL_NO_HW) && !defined(OPENSSL_NO_HW_AESNI)
+	ENGINE_load_aesni();
+#endif
 	ENGINE_load_dynamic();
 #ifndef OPENSSL_NO_STATIC_ENGINE
 #ifndef OPENSSL_NO_HW
@@ -99,12 +105,15 @@ void ENGINE_load_builtin_engines(void)
 	ENGINE_load_padlock();
 #endif
 #endif
-#if defined(__OpenBSD__) || defined(__FreeBSD__)
-	ENGINE_load_cryptodev();
+#ifndef OPENSSL_NO_GOST
+	ENGINE_load_gost();
 #endif
-#if defined(OPENSSL_USE_GMP) && !defined(OPENSSL_NO_HW_GMP)
+#ifndef OPENSSL_NO_GMP
 	ENGINE_load_gmp();
 #endif
+#if defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_NO_CAPIENG)
+	ENGINE_load_capi();
+#endif
 #endif
 	}
 
diff --git a/crypto/engine/eng_cnf.c b/crypto/engine/eng_cnf.c
index 8567f26675..08066cea59 100644
--- a/crypto/engine/eng_cnf.c
+++ b/crypto/engine/eng_cnf.c
@@ -1,5 +1,5 @@
 /* eng_cnf.c */
-/* Written by Stephen Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Stephen Henson (steve@openssl.org) for the OpenSSL
  * project 2001.
  */
 /* ====================================================================
@@ -98,6 +98,8 @@ static int int_engine_configure(char *name, char *value, const CONF *cnf)
 	CONF_VALUE *ecmd;
 	char *ctrlname, *ctrlvalue;
 	ENGINE *e = NULL;
+	int soft = 0;
+
 	name = skip_dot(name);
 #ifdef ENGINE_CONF_DEBUG
 	fprintf(stderr, "Configuring engine %s\n", name);
@@ -125,6 +127,8 @@ static int int_engine_configure(char *name, char *value, const CONF *cnf)
 		/* Override engine name to use */
 		if (!strcmp(ctrlname, "engine_id"))
 			name = ctrlvalue;
+		else if (!strcmp(ctrlname, "soft_load"))
+			soft = 1;
 		/* Load a dynamic ENGINE */
 		else if (!strcmp(ctrlname, "dynamic_path"))
 			{
@@ -147,6 +151,11 @@ static int int_engine_configure(char *name, char *value, const CONF *cnf)
 			if (!e)
 				{
 				e = ENGINE_by_id(name);
+				if (!e && soft)
+					{
+					ERR_clear_error();
+					return 1;
+					}
 				if (!e)
 					return 0;
 				}
@@ -155,7 +164,7 @@ static int int_engine_configure(char *name, char *value, const CONF *cnf)
 		 	 */
 			if (!strcmp(ctrlvalue, "EMPTY"))
 				ctrlvalue = NULL;
-			else if (!strcmp(ctrlname, "init"))
+			if (!strcmp(ctrlname, "init"))
 				{
 				if (!NCONF_get_number_e(cnf, value, "init", &do_init))
 					goto err;
@@ -207,7 +216,7 @@ static int int_engine_module_init(CONF_IMODULE *md, const CONF *cnf)
 
 	if (!elist)
 		{
-		ENGINEerr(ENGINE_F_ENGINE_MODULE_INIT, ENGINE_R_ENGINES_SECTION_ERROR);
+		ENGINEerr(ENGINE_F_INT_ENGINE_MODULE_INIT, ENGINE_R_ENGINES_SECTION_ERROR);
 		return 0;
 		}
 
diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c
index ab38cd52f0..d07068f13f 100644
--- a/crypto/engine/eng_cryptodev.c
+++ b/crypto/engine/eng_cryptodev.c
@@ -32,7 +32,7 @@
 #include <openssl/bn.h>
 
 #if (defined(__unix__) || defined(unix)) && !defined(USG) && \
-	(defined(OpenBSD) || defined(__FreeBSD_version))
+	(defined(OpenBSD) || defined(__FreeBSD__))
 #include <sys/param.h>
 # if (OpenBSD >= 200112) || ((__FreeBSD_version >= 470101 && __FreeBSD_version < 500000) || __FreeBSD_version >= 500041)
 #  define HAVE_CRYPTODEV
@@ -68,6 +68,16 @@ ENGINE_load_cryptodev(void)
 struct dev_crypto_state {
 	struct session_op d_sess;
 	int d_fd;
+
+#ifdef USE_CRYPTODEV_DIGESTS
+	char dummy_mac_key[HASH_MAX_LEN];
+
+	unsigned char digest_res[HASH_MAX_LEN];
+	char *mac_data;
+	int mac_len;
+
+	int copy;
+#endif
 };
 
 static u_int32_t cryptodev_asymfeat = 0;
@@ -75,15 +85,12 @@ static u_int32_t cryptodev_asymfeat = 0;
 static int get_asym_dev_crypto(void);
 static int open_dev_crypto(void);
 static int get_dev_crypto(void);
-static int cryptodev_max_iv(int cipher);
-static int cryptodev_key_length_valid(int cipher, int len);
-static int cipher_nid_to_cryptodev(int nid);
 static int get_cryptodev_ciphers(const int **cnids);
-static int get_cryptodev_digests(const int **cnids);
+/*static int get_cryptodev_digests(const int **cnids);*/
 static int cryptodev_usable_ciphers(const int **nids);
 static int cryptodev_usable_digests(const int **nids);
 static int cryptodev_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-    const unsigned char *in, unsigned int inl);
+    const unsigned char *in, size_t inl);
 static int cryptodev_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
     const unsigned char *iv, int enc);
 static int cryptodev_cleanup(EVP_CIPHER_CTX *ctx);
@@ -100,7 +107,7 @@ static int cryptodev_asym(struct crypt_kop *kop, int rlen, BIGNUM *r,
 static int cryptodev_bn_mod_exp(BIGNUM *r, const BIGNUM *a,
     const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
 static int cryptodev_rsa_nocrt_mod_exp(BIGNUM *r0, const BIGNUM *I,
-    RSA *rsa);
+    RSA *rsa, BN_CTX *ctx);
 static int cryptodev_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx);
 static int cryptodev_dsa_bn_mod_exp(DSA *dsa, BIGNUM *r, BIGNUM *a,
     const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
@@ -117,7 +124,7 @@ static int cryptodev_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a,
 static int cryptodev_dh_compute_key(unsigned char *key,
     const BIGNUM *pub_key, DH *dh);
 static int cryptodev_ctrl(ENGINE *e, int cmd, long i, void *p,
-    void (*f)());
+    void (*f)(void));
 void ENGINE_load_cryptodev(void);
 
 static const ENGINE_CMD_DEFN cryptodev_defns[] = {
@@ -130,27 +137,34 @@ static struct {
 	int	ivmax;
 	int	keylen;
 } ciphers[] = {
+	{ CRYPTO_ARC4,			NID_rc4,		0,	16, },
 	{ CRYPTO_DES_CBC,		NID_des_cbc,		8,	 8, },
 	{ CRYPTO_3DES_CBC,		NID_des_ede3_cbc,	8,	24, },
 	{ CRYPTO_AES_CBC,		NID_aes_128_cbc,	16,	16, },
+	{ CRYPTO_AES_CBC,		NID_aes_192_cbc,	16,	24, },
+	{ CRYPTO_AES_CBC,		NID_aes_256_cbc,	16,	32, },
 	{ CRYPTO_BLF_CBC,		NID_bf_cbc,		8,	16, },
 	{ CRYPTO_CAST_CBC,		NID_cast5_cbc,		8,	16, },
 	{ CRYPTO_SKIPJACK_CBC,		NID_undef,		0,	 0, },
 	{ 0,				NID_undef,		0,	 0, },
 };
 
+#if 0  /* not (yet?) used */
 static struct {
 	int	id;
 	int	nid;
+	int 	keylen;
 } digests[] = {
-	{ CRYPTO_SHA1_HMAC,		NID_hmacWithSHA1,	},
-	{ CRYPTO_RIPEMD160_HMAC,	NID_ripemd160,		},
-	{ CRYPTO_MD5_KPDK,		NID_undef,		},
-	{ CRYPTO_SHA1_KPDK,		NID_undef,		},
-	{ CRYPTO_MD5,			NID_md5,		},
-	{ CRYPTO_SHA1,			NID_undef,		},
-	{ 0,				NID_undef,		},
+	{ CRYPTO_MD5_HMAC,		NID_hmacWithMD5,	16},
+	{ CRYPTO_SHA1_HMAC,		NID_hmacWithSHA1,	20},
+	{ CRYPTO_RIPEMD160_HMAC,	NID_ripemd160,		16/*?*/},
+	{ CRYPTO_MD5_KPDK,		NID_undef,		0},
+	{ CRYPTO_SHA1_KPDK,		NID_undef,		0},
+	{ CRYPTO_MD5,			NID_md5,		16},
+	{ CRYPTO_SHA1,			NID_sha1,		20},
+	{ 0,				NID_undef,		0},
 };
+#endif  /* 0 */
 
 /*
  * Return a fd if /dev/crypto seems usable, 0 otherwise.
@@ -203,50 +217,6 @@ get_asym_dev_crypto(void)
 }
 
 /*
- * XXXX this needs to be set for each alg - and determined from
- * a running card.
- */
-static int
-cryptodev_max_iv(int cipher)
-{
-	int i;
-
-	for (i = 0; ciphers[i].id; i++)
-		if (ciphers[i].id == cipher)
-			return (ciphers[i].ivmax);
-	return (0);
-}
-
-/*
- * XXXX this needs to be set for each alg - and determined from
- * a running card. For now, fake it out - but most of these
- * for real devices should return 1 for the supported key
- * sizes the device can handle.
- */
-static int
-cryptodev_key_length_valid(int cipher, int len)
-{
-	int i;
-
-	for (i = 0; ciphers[i].id; i++)
-		if (ciphers[i].id == cipher)
-			return (ciphers[i].keylen == len);
-	return (0);
-}
-
-/* convert libcrypto nids to cryptodev */
-static int
-cipher_nid_to_cryptodev(int nid)
-{
-	int i;
-
-	for (i = 0; ciphers[i].id; i++)
-		if (ciphers[i].nid == nid)
-			return (ciphers[i].id);
-	return (0);
-}
-
-/*
  * Find out what ciphers /dev/crypto will let us have a session for.
  * XXX note, that some of these openssl doesn't deal with yet!
  * returning them here is harmless, as long as we return NULL
@@ -264,7 +234,7 @@ get_cryptodev_ciphers(const int **cnids)
 		return (0);
 	}
 	memset(&sess, 0, sizeof(sess));
-	sess.key = (caddr_t)"123456781234567812345678";
+	sess.key = (caddr_t)"123456789abcdefghijklmno";
 
 	for (i = 0; ciphers[i].id && count < CRYPTO_ALGORITHM_MAX; i++) {
 		if (ciphers[i].nid == NID_undef)
@@ -291,6 +261,7 @@ get_cryptodev_ciphers(const int **cnids)
  * returning them here is harmless, as long as we return NULL
  * when asked for a handler in the cryptodev_engine_digests routine
  */
+#if 0  /* not (yet?) used */
 static int
 get_cryptodev_digests(const int **cnids)
 {
@@ -303,10 +274,12 @@ get_cryptodev_digests(const int **cnids)
 		return (0);
 	}
 	memset(&sess, 0, sizeof(sess));
+	sess.mackey = (caddr_t)"123456789abcdefghijklmno";
 	for (i = 0; digests[i].id && count < CRYPTO_ALGORITHM_MAX; i++) {
 		if (digests[i].nid == NID_undef)
 			continue;
 		sess.mac = digests[i].id;
+		sess.mackeylen = digests[i].keylen;
 		sess.cipher = 0;
 		if (ioctl(fd, CIOCGSESSION, &sess) != -1 &&
 		    ioctl(fd, CIOCFSESSION, &sess.ses) != -1)
@@ -320,6 +293,7 @@ get_cryptodev_digests(const int **cnids)
 		*cnids = NULL;
 	return (count);
 }
+#endif  /* 0 */
 
 /*
  * Find the useable ciphers|digests from dev/crypto - this is the first
@@ -351,6 +325,9 @@ cryptodev_usable_ciphers(const int **nids)
 static int
 cryptodev_usable_digests(const int **nids)
 {
+#ifdef USE_CRYPTODEV_DIGESTS
+	return (get_cryptodev_digests(nids));
+#else
 	/*
 	 * XXXX just disable all digests for now, because it sucks.
 	 * we need a better way to decide this - i.e. I may not
@@ -365,16 +342,17 @@ cryptodev_usable_digests(const int **nids)
 	 */
 	*nids = NULL;
 	return (0);
+#endif
 }
 
 static int
 cryptodev_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-    const unsigned char *in, unsigned int inl)
+    const unsigned char *in, size_t inl)
 {
 	struct crypt_op cryp;
 	struct dev_crypto_state *state = ctx->cipher_data;
 	struct session_op *sess = &state->d_sess;
-	void *iiv;
+	const void *iiv;
 	unsigned char save_iv[EVP_MAX_IV_LENGTH];
 
 	if (state->d_fd < 0)
@@ -398,7 +376,7 @@ cryptodev_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
 	if (ctx->cipher->iv_len) {
 		cryp.iv = (caddr_t) ctx->iv;
 		if (!ctx->encrypt) {
-			iiv = (void *) in + inl - ctx->cipher->iv_len;
+			iiv = in + inl - ctx->cipher->iv_len;
 			memcpy(save_iv, iiv, ctx->cipher->iv_len);
 		}
 	} else
@@ -413,7 +391,7 @@ cryptodev_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
 
 	if (ctx->cipher->iv_len) {
 		if (ctx->encrypt)
-			iiv = (void *) out + inl - ctx->cipher->iv_len;
+			iiv = out + inl - ctx->cipher->iv_len;
 		else
 			iiv = save_iv;
 		memcpy(ctx->iv, iiv, ctx->cipher->iv_len);
@@ -427,23 +405,27 @@ cryptodev_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
 {
 	struct dev_crypto_state *state = ctx->cipher_data;
 	struct session_op *sess = &state->d_sess;
-	int cipher;
-
-	if ((cipher = cipher_nid_to_cryptodev(ctx->cipher->nid)) == NID_undef)
-		return (0);
+	int cipher = -1, i;
 
-	if (ctx->cipher->iv_len > cryptodev_max_iv(cipher))
-		return (0);
+	for (i = 0; ciphers[i].id; i++)
+		if (ctx->cipher->nid == ciphers[i].nid &&
+		    ctx->cipher->iv_len <= ciphers[i].ivmax &&
+		    ctx->key_len == ciphers[i].keylen) {
+			cipher = ciphers[i].id;
+			break;
+		}
 
-	if (!cryptodev_key_length_valid(cipher, ctx->key_len))
+	if (!ciphers[i].id) {
+		state->d_fd = -1;
 		return (0);
+	}
 
 	memset(sess, 0, sizeof(struct session_op));
 
 	if ((state->d_fd = get_dev_crypto()) < 0)
 		return (0);
 
-	sess->key = (unsigned char *)key;
+	sess->key = (caddr_t)key;
 	sess->keylen = ctx->key_len;
 	sess->cipher = cipher;
 
@@ -496,6 +478,20 @@ cryptodev_cleanup(EVP_CIPHER_CTX *ctx)
  * gets called when libcrypto requests a cipher NID.
  */
 
+/* RC4 */
+const EVP_CIPHER cryptodev_rc4 = {
+	NID_rc4,
+	1, 16, 0,
+	EVP_CIPH_VARIABLE_LENGTH,
+	cryptodev_init_key,
+	cryptodev_cipher,
+	cryptodev_cleanup,
+	sizeof(struct dev_crypto_state),
+	NULL,
+	NULL,
+	NULL
+};
+
 /* DES CBC EVP */
 const EVP_CIPHER cryptodev_des_cbc = {
 	NID_des_cbc,
@@ -563,6 +559,32 @@ const EVP_CIPHER cryptodev_aes_cbc = {
 	NULL
 };
 
+const EVP_CIPHER cryptodev_aes_192_cbc = {
+	NID_aes_192_cbc,
+	16, 24, 16,
+	EVP_CIPH_CBC_MODE,
+	cryptodev_init_key,
+	cryptodev_cipher,
+	cryptodev_cleanup,
+	sizeof(struct dev_crypto_state),
+	EVP_CIPHER_set_asn1_iv,
+	EVP_CIPHER_get_asn1_iv,
+	NULL
+};
+
+const EVP_CIPHER cryptodev_aes_256_cbc = {
+	NID_aes_256_cbc,
+	16, 32, 16,
+	EVP_CIPH_CBC_MODE,
+	cryptodev_init_key,
+	cryptodev_cipher,
+	cryptodev_cleanup,
+	sizeof(struct dev_crypto_state),
+	EVP_CIPHER_set_asn1_iv,
+	EVP_CIPHER_get_asn1_iv,
+	NULL
+};
+
 /*
  * Registered by the ENGINE when used to find out how to deal with
  * a particular NID in the ENGINE. this says what we'll do at the
@@ -576,6 +598,9 @@ cryptodev_engine_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
 		return (cryptodev_usable_ciphers(nids));
 
 	switch (nid) {
+	case NID_rc4:
+		*cipher = &cryptodev_rc4;
+		break;
 	case NID_des_ede3_cbc:
 		*cipher = &cryptodev_3des_cbc;
 		break;
@@ -591,6 +616,12 @@ cryptodev_engine_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
 	case NID_aes_128_cbc:
 		*cipher = &cryptodev_aes_cbc;
 		break;
+	case NID_aes_192_cbc:
+		*cipher = &cryptodev_aes_192_cbc;
+		break;
+	case NID_aes_256_cbc:
+		*cipher = &cryptodev_aes_256_cbc;
+		break;
 	default:
 		*cipher = NULL;
 		break;
@@ -598,6 +629,234 @@ cryptodev_engine_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
 	return (*cipher != NULL);
 }
 
+
+#ifdef USE_CRYPTODEV_DIGESTS
+
+/* convert digest type to cryptodev */
+static int
+digest_nid_to_cryptodev(int nid)
+{
+	int i;
+
+	for (i = 0; digests[i].id; i++)
+		if (digests[i].nid == nid)
+			return (digests[i].id);
+	return (0);
+}
+
+
+static int
+digest_key_length(int nid)
+{
+	int i;
+
+	for (i = 0; digests[i].id; i++)
+		if (digests[i].nid == nid)
+			return digests[i].keylen;
+	return (0);
+}
+
+
+static int cryptodev_digest_init(EVP_MD_CTX *ctx)
+{
+	struct dev_crypto_state *state = ctx->md_data;
+	struct session_op *sess = &state->d_sess;
+	int digest;
+
+	if ((digest = digest_nid_to_cryptodev(ctx->digest->type)) == NID_undef){
+		printf("cryptodev_digest_init: Can't get digest \n");
+		return (0);
+	}
+
+	memset(state, 0, sizeof(struct dev_crypto_state));
+
+	if ((state->d_fd = get_dev_crypto()) < 0) {
+		printf("cryptodev_digest_init: Can't get Dev \n");
+		return (0);
+	}
+
+	sess->mackey = state->dummy_mac_key;
+	sess->mackeylen = digest_key_length(ctx->digest->type);
+	sess->mac = digest;
+
+	if (ioctl(state->d_fd, CIOCGSESSION, sess) < 0) {
+		close(state->d_fd);
+		state->d_fd = -1;
+		printf("cryptodev_digest_init: Open session failed\n");
+		return (0);
+	}
+
+	return (1);
+}
+
+static int cryptodev_digest_update(EVP_MD_CTX *ctx, const void *data,
+		size_t count)
+{
+	struct crypt_op cryp;
+	struct dev_crypto_state *state = ctx->md_data;
+	struct session_op *sess = &state->d_sess;
+
+	if (!data || state->d_fd < 0) {
+		printf("cryptodev_digest_update: illegal inputs \n");
+		return (0);
+	}
+
+	if (!count) {
+		return (0);
+	}
+
+	if (!(ctx->flags & EVP_MD_CTX_FLAG_ONESHOT)) {
+		/* if application doesn't support one buffer */
+		state->mac_data = OPENSSL_realloc(state->mac_data, state->mac_len + count);
+
+		if (!state->mac_data) {
+			printf("cryptodev_digest_update: realloc failed\n");
+			return (0);
+		}
+
+		memcpy(state->mac_data + state->mac_len, data, count);
+   		state->mac_len += count;
+	
+		return (1);
+	}
+
+	memset(&cryp, 0, sizeof(cryp));
+
+	cryp.ses = sess->ses;
+	cryp.flags = 0;
+	cryp.len = count;
+	cryp.src = (caddr_t) data;
+	cryp.dst = NULL;
+	cryp.mac = (caddr_t) state->digest_res;
+	if (ioctl(state->d_fd, CIOCCRYPT, &cryp) < 0) {
+		printf("cryptodev_digest_update: digest failed\n");
+		return (0);
+	}
+	return (1);
+}
+
+
+static int cryptodev_digest_final(EVP_MD_CTX *ctx, unsigned char *md)
+{
+	struct crypt_op cryp;
+	struct dev_crypto_state *state = ctx->md_data;
+	struct session_op *sess = &state->d_sess;
+
+	int ret = 1;
+
+	if (!md || state->d_fd < 0) {
+		printf("cryptodev_digest_final: illegal input\n");
+		return(0);
+	}
+
+	if (! (ctx->flags & EVP_MD_CTX_FLAG_ONESHOT) ) {
+		/* if application doesn't support one buffer */
+		memset(&cryp, 0, sizeof(cryp));
+
+		cryp.ses = sess->ses;
+		cryp.flags = 0;
+		cryp.len = state->mac_len;
+		cryp.src = state->mac_data;
+		cryp.dst = NULL;
+		cryp.mac = (caddr_t)md;
+
+		if (ioctl(state->d_fd, CIOCCRYPT, &cryp) < 0) {
+			printf("cryptodev_digest_final: digest failed\n");
+			return (0);
+		}
+
+		return 1;
+	}
+
+	memcpy(md, state->digest_res, ctx->digest->md_size);
+
+	return (ret);
+}
+
+
+static int cryptodev_digest_cleanup(EVP_MD_CTX *ctx)
+{
+	int ret = 1;
+	struct dev_crypto_state *state = ctx->md_data;
+	struct session_op *sess = &state->d_sess;
+
+	if (state->d_fd < 0) {
+		printf("cryptodev_digest_cleanup: illegal input\n");
+		return (0);
+	}
+
+	if (state->mac_data) {
+		OPENSSL_free(state->mac_data);
+		state->mac_data = NULL;
+		state->mac_len = 0;
+	}
+
+	if (state->copy)
+		return 1;
+
+	if (ioctl(state->d_fd, CIOCFSESSION, &sess->ses) < 0) {
+		printf("cryptodev_digest_cleanup: failed to close session\n");
+		ret = 0;
+	} else {
+		ret = 1;
+	}
+	close(state->d_fd);	
+	state->d_fd = -1;
+
+	return (ret);
+}
+
+static int cryptodev_digest_copy(EVP_MD_CTX *to,const EVP_MD_CTX *from)
+{
+	struct dev_crypto_state *fstate = from->md_data;
+	struct dev_crypto_state *dstate = to->md_data;
+
+	memcpy(dstate, fstate, sizeof(struct dev_crypto_state));
+
+	if (fstate->mac_len != 0) {
+		dstate->mac_data = OPENSSL_malloc(fstate->mac_len);
+		memcpy(dstate->mac_data, fstate->mac_data, fstate->mac_len);
+	}
+
+	dstate->copy = 1;
+
+	return 1;
+}
+
+
+const EVP_MD cryptodev_sha1 = {
+	NID_sha1,
+	NID_undef, 
+	SHA_DIGEST_LENGTH, 
+	EVP_MD_FLAG_ONESHOT,
+	cryptodev_digest_init,
+	cryptodev_digest_update,
+	cryptodev_digest_final,
+	cryptodev_digest_copy,
+	cryptodev_digest_cleanup,
+	EVP_PKEY_NULL_method,
+	SHA_CBLOCK,
+	sizeof(struct dev_crypto_state),
+};
+
+const EVP_MD cryptodev_md5 = {
+	NID_md5,
+	NID_undef, 
+	16 /* MD5_DIGEST_LENGTH */, 
+	EVP_MD_FLAG_ONESHOT,
+	cryptodev_digest_init,
+	cryptodev_digest_update,
+	cryptodev_digest_final,
+	cryptodev_digest_copy,
+	cryptodev_digest_cleanup,
+	EVP_PKEY_NULL_method,
+	64 /* MD5_CBLOCK */,
+	sizeof(struct dev_crypto_state),
+};
+
+#endif /* USE_CRYPTODEV_DIGESTS */
+
+
 static int
 cryptodev_engine_digests(ENGINE *e, const EVP_MD **digest,
     const int **nids, int nid)
@@ -606,10 +865,15 @@ cryptodev_engine_digests(ENGINE *e, const EVP_MD **digest,
 		return (cryptodev_usable_digests(nids));
 
 	switch (nid) {
+#ifdef USE_CRYPTODEV_DIGESTS
 	case NID_md5:
-		*digest = NULL; /* need to make a clean md5 critter */
+		*digest = &cryptodev_md5; 
 		break;
+	case NID_sha1:
+		*digest = &cryptodev_sha1;
+ 		break;
 	default:
+#endif /* USE_CRYPTODEV_DIGESTS */
 		*digest = NULL;
 		break;
 	}
@@ -625,7 +889,7 @@ static int
 bn2crparam(const BIGNUM *a, struct crparam *crp)
 {
 	int i, j, k;
-	ssize_t words, bytes, bits;
+	ssize_t bytes, bits;
 	u_char *b;
 
 	crp->crp_p = NULL;
@@ -637,8 +901,9 @@ bn2crparam(const BIGNUM *a, struct crparam *crp)
 	b = malloc(bytes);
 	if (b == NULL)
 		return (1);
+	memset(b, 0, bytes);
 
-	crp->crp_p = b;
+	crp->crp_p = (caddr_t) b;
 	crp->crp_nbits = bits;
 
 	for (i = 0, j = 0; i < a->top; i++) {
@@ -681,7 +946,7 @@ zapparams(struct crypt_kop *kop)
 {
 	int i;
 
-	for (i = 0; i <= kop->crk_iparams + kop->crk_oparams; i++) {
+	for (i = 0; i < kop->crk_iparams + kop->crk_oparams; i++) {
 		if (kop->crk_param[i].crp_p)
 			free(kop->crk_param[i].crp_p);
 		kop->crk_param[i].crp_p = NULL;
@@ -756,11 +1021,9 @@ err:
 }
 
 static int
-cryptodev_rsa_nocrt_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa)
+cryptodev_rsa_nocrt_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
 {
 	int r;
-	BN_CTX *ctx;
-
 	ctx = BN_CTX_new();
 	r = cryptodev_bn_mod_exp(r0, I, rsa->d, rsa->n, ctx, NULL);
 	BN_CTX_free(ctx);
@@ -994,7 +1257,7 @@ cryptodev_dh_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
 		goto err;
 	kop.crk_iparams = 3;
 
-	kop.crk_param[3].crp_p = key;
+	kop.crk_param[3].crp_p = (caddr_t) key;
 	kop.crk_param[3].crp_nbits = keylen * 8;
 	kop.crk_oparams = 1;
 
@@ -1025,7 +1288,7 @@ static DH_METHOD cryptodev_dh = {
  * but I expect we'll want some options soon.
  */
 static int
-cryptodev_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
+cryptodev_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void))
 {
 #ifdef HAVE_SYSLOG_R
 	struct syslog_data sd = SYSLOG_DATA_INIT;
diff --git a/crypto/engine/eng_ctrl.c b/crypto/engine/eng_ctrl.c
index 18527484ce..5ce25d92ec 100644
--- a/crypto/engine/eng_ctrl.c
+++ b/crypto/engine/eng_ctrl.c
@@ -100,7 +100,8 @@ static int int_ctrl_cmd_by_num(const ENGINE_CMD_DEFN *defn, unsigned int num)
 	return -1;
 	}
 
-static int int_ctrl_helper(ENGINE *e, int cmd, long i, void *p, void (*f)())
+static int int_ctrl_helper(ENGINE *e, int cmd, long i, void *p,
+			   void (*f)(void))
 	{
 	int idx;
 	char *s = (char *)p;
@@ -254,7 +255,7 @@ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
 
 	if((e == NULL) || (cmd_name == NULL))
 		{
-		ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING,
+		ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD,
 			ERR_R_PASSED_NULL_PARAMETER);
 		return 0;
 		}
@@ -279,7 +280,7 @@ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
 		}
 	/* Force the result of the control command to 0 or 1, for the reasons
 	 * mentioned before. */
-        if (ENGINE_ctrl(e, num, i, p, f))
+        if (ENGINE_ctrl(e, num, i, p, f) > 0)
                 return 1;
         return 0;
         }
@@ -344,7 +345,7 @@ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
 		 * usage of these commands is consistent across applications and
 		 * that certain applications don't understand it one way, and
 		 * others another. */
-		if(ENGINE_ctrl(e, num, 0, (void *)arg, NULL))
+		if(ENGINE_ctrl(e, num, 0, (void *)arg, NULL) > 0)
 			return 1;
 		return 0;
 		}
@@ -359,7 +360,7 @@ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
 	if(flags & ENGINE_CMD_FLAG_STRING)
 		{
 		/* Same explanation as above */
-		if(ENGINE_ctrl(e, num, 0, (void *)arg, NULL))
+		if(ENGINE_ctrl(e, num, 0, (void *)arg, NULL) > 0)
 			return 1;
 		return 0;
 		}
@@ -382,7 +383,7 @@ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
 		}
 	/* Force the result of the control command to 0 or 1, for the reasons
 	 * mentioned before. */
-	if(ENGINE_ctrl(e, num, l, NULL, NULL))
+	if(ENGINE_ctrl(e, num, l, NULL, NULL) > 0)
 		return 1;
 	return 0;
 	}
diff --git a/crypto/engine/eng_dyn.c b/crypto/engine/eng_dyn.c
index 290b8bd395..807da7a5eb 100644
--- a/crypto/engine/eng_dyn.c
+++ b/crypto/engine/eng_dyn.c
@@ -146,14 +146,14 @@ struct st_dynamic_data_ctx
 	 * 'dirs' for loading. Default is to use 'dirs' as a fallback. */
 	int dir_load;
 	/* A stack of directories from which ENGINEs could be loaded */
-	STACK *dirs;
+	STACK_OF(OPENSSL_STRING) *dirs;
 	};
 
 /* This is the "ex_data" index we obtain and reserve for use with our context
  * structure. */
 static int dynamic_ex_data_idx = -1;
 
-static void int_free_str(void *s) { OPENSSL_free(s); }
+static void int_free_str(char *s) { OPENSSL_free(s); }
 /* Because our ex_data element may or may not get allocated depending on whether
  * a "first-use" occurs before the ENGINE is freed, we have a memory leak
  * problem to solve. We can't declare a "new" handler for the ex_data as we
@@ -174,7 +174,7 @@ static void dynamic_data_ctx_free_func(void *parent, void *ptr,
 		if(ctx->engine_id)
 			OPENSSL_free((void*)ctx->engine_id);
 		if(ctx->dirs)
-			sk_pop_free(ctx->dirs, int_free_str);
+			sk_OPENSSL_STRING_pop_free(ctx->dirs, int_free_str);
 		OPENSSL_free(ctx);
 		}
 	}
@@ -189,7 +189,7 @@ static int dynamic_set_data_ctx(ENGINE *e, dynamic_data_ctx **ctx)
 	c = OPENSSL_malloc(sizeof(dynamic_data_ctx));
 	if(!c)
 		{
-		ENGINEerr(ENGINE_F_SET_DATA_CTX,ERR_R_MALLOC_FAILURE);
+		ENGINEerr(ENGINE_F_DYNAMIC_SET_DATA_CTX,ERR_R_MALLOC_FAILURE);
 		return 0;
 		}
 	memset(c, 0, sizeof(dynamic_data_ctx));
@@ -203,10 +203,10 @@ static int dynamic_set_data_ctx(ENGINE *e, dynamic_data_ctx **ctx)
 	c->DYNAMIC_F1 = "v_check";
 	c->DYNAMIC_F2 = "bind_engine";
 	c->dir_load = 1;
-	c->dirs = sk_new_null();
+	c->dirs = sk_OPENSSL_STRING_new_null();
 	if(!c->dirs)
 		{
-		ENGINEerr(ENGINE_F_SET_DATA_CTX,ERR_R_MALLOC_FAILURE);
+		ENGINEerr(ENGINE_F_DYNAMIC_SET_DATA_CTX,ERR_R_MALLOC_FAILURE);
 		OPENSSL_free(c);
 		return 0;
 		}
@@ -393,7 +393,7 @@ static int dynamic_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void))
 				ERR_R_MALLOC_FAILURE);
 			return 0;
 			}
-		sk_insert(ctx->dirs, tmp_str, -1);
+		sk_OPENSSL_STRING_insert(ctx->dirs, tmp_str, -1);
 		}
 		return 1;
 	default:
@@ -411,11 +411,11 @@ static int int_load(dynamic_data_ctx *ctx)
 				ctx->DYNAMIC_LIBNAME, NULL, 0)) != NULL)
 		return 1;
 	/* If we're not allowed to use 'dirs' or we have none, fail */
-	if(!ctx->dir_load || ((num = sk_num(ctx->dirs)) < 1))
+	if(!ctx->dir_load || (num = sk_OPENSSL_STRING_num(ctx->dirs)) < 1)
 		return 0;
 	for(loop = 0; loop < num; loop++)
 		{
-		const char *s = sk_value(ctx->dirs, loop);
+		const char *s = sk_OPENSSL_STRING_value(ctx->dirs, loop);
 		char *merge = DSO_merge(ctx->dynamic_dso, ctx->DYNAMIC_LIBNAME, s);
 		if(!merge)
 			return 0;
diff --git a/crypto/engine/eng_err.c b/crypto/engine/eng_err.c
index 814d95ee32..466b8af190 100644
--- a/crypto/engine/eng_err.c
+++ b/crypto/engine/eng_err.c
@@ -1,6 +1,6 @@
 /* crypto/engine/eng_err.c */
 /* ====================================================================
- * Copyright (c) 1999-2002 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2007 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -64,87 +64,96 @@
 
 /* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
+
+#define ERR_FUNC(func) ERR_PACK(ERR_LIB_ENGINE,func,0)
+#define ERR_REASON(reason) ERR_PACK(ERR_LIB_ENGINE,0,reason)
+
 static ERR_STRING_DATA ENGINE_str_functs[]=
 	{
-{ERR_PACK(0,ENGINE_F_DYNAMIC_CTRL,0),	"DYNAMIC_CTRL"},
-{ERR_PACK(0,ENGINE_F_DYNAMIC_GET_DATA_CTX,0),	"DYNAMIC_GET_DATA_CTX"},
-{ERR_PACK(0,ENGINE_F_DYNAMIC_LOAD,0),	"DYNAMIC_LOAD"},
-{ERR_PACK(0,ENGINE_F_ENGINE_ADD,0),	"ENGINE_add"},
-{ERR_PACK(0,ENGINE_F_ENGINE_BY_ID,0),	"ENGINE_by_id"},
-{ERR_PACK(0,ENGINE_F_ENGINE_CMD_IS_EXECUTABLE,0),	"ENGINE_cmd_is_executable"},
-{ERR_PACK(0,ENGINE_F_ENGINE_CTRL,0),	"ENGINE_ctrl"},
-{ERR_PACK(0,ENGINE_F_ENGINE_CTRL_CMD,0),	"ENGINE_ctrl_cmd"},
-{ERR_PACK(0,ENGINE_F_ENGINE_CTRL_CMD_STRING,0),	"ENGINE_ctrl_cmd_string"},
-{ERR_PACK(0,ENGINE_F_ENGINE_FINISH,0),	"ENGINE_finish"},
-{ERR_PACK(0,ENGINE_F_ENGINE_FREE,0),	"ENGINE_free"},
-{ERR_PACK(0,ENGINE_F_ENGINE_GET_CIPHER,0),	"ENGINE_get_cipher"},
-{ERR_PACK(0,ENGINE_F_ENGINE_GET_DEFAULT_TYPE,0),	"ENGINE_GET_DEFAULT_TYPE"},
-{ERR_PACK(0,ENGINE_F_ENGINE_GET_DIGEST,0),	"ENGINE_get_digest"},
-{ERR_PACK(0,ENGINE_F_ENGINE_GET_NEXT,0),	"ENGINE_get_next"},
-{ERR_PACK(0,ENGINE_F_ENGINE_GET_PREV,0),	"ENGINE_get_prev"},
-{ERR_PACK(0,ENGINE_F_ENGINE_INIT,0),	"ENGINE_init"},
-{ERR_PACK(0,ENGINE_F_ENGINE_LIST_ADD,0),	"ENGINE_LIST_ADD"},
-{ERR_PACK(0,ENGINE_F_ENGINE_LIST_REMOVE,0),	"ENGINE_LIST_REMOVE"},
-{ERR_PACK(0,ENGINE_F_ENGINE_LOAD_PRIVATE_KEY,0),	"ENGINE_load_private_key"},
-{ERR_PACK(0,ENGINE_F_ENGINE_LOAD_PUBLIC_KEY,0),	"ENGINE_load_public_key"},
-{ERR_PACK(0,ENGINE_F_ENGINE_MODULE_INIT,0),	"ENGINE_MODULE_INIT"},
-{ERR_PACK(0,ENGINE_F_ENGINE_NEW,0),	"ENGINE_new"},
-{ERR_PACK(0,ENGINE_F_ENGINE_REMOVE,0),	"ENGINE_remove"},
-{ERR_PACK(0,ENGINE_F_ENGINE_SET_DEFAULT_STRING,0),	"ENGINE_set_default_string"},
-{ERR_PACK(0,ENGINE_F_ENGINE_SET_DEFAULT_TYPE,0),	"ENGINE_SET_DEFAULT_TYPE"},
-{ERR_PACK(0,ENGINE_F_ENGINE_SET_ID,0),	"ENGINE_set_id"},
-{ERR_PACK(0,ENGINE_F_ENGINE_SET_NAME,0),	"ENGINE_set_name"},
-{ERR_PACK(0,ENGINE_F_ENGINE_TABLE_REGISTER,0),	"ENGINE_TABLE_REGISTER"},
-{ERR_PACK(0,ENGINE_F_ENGINE_UNLOAD_KEY,0),	"ENGINE_UNLOAD_KEY"},
-{ERR_PACK(0,ENGINE_F_ENGINE_UP_REF,0),	"ENGINE_up_ref"},
-{ERR_PACK(0,ENGINE_F_INT_CTRL_HELPER,0),	"INT_CTRL_HELPER"},
-{ERR_PACK(0,ENGINE_F_INT_ENGINE_CONFIGURE,0),	"INT_ENGINE_CONFIGURE"},
-{ERR_PACK(0,ENGINE_F_LOG_MESSAGE,0),	"LOG_MESSAGE"},
-{ERR_PACK(0,ENGINE_F_SET_DATA_CTX,0),	"SET_DATA_CTX"},
+{ERR_FUNC(ENGINE_F_DYNAMIC_CTRL),	"DYNAMIC_CTRL"},
+{ERR_FUNC(ENGINE_F_DYNAMIC_GET_DATA_CTX),	"DYNAMIC_GET_DATA_CTX"},
+{ERR_FUNC(ENGINE_F_DYNAMIC_LOAD),	"DYNAMIC_LOAD"},
+{ERR_FUNC(ENGINE_F_DYNAMIC_SET_DATA_CTX),	"DYNAMIC_SET_DATA_CTX"},
+{ERR_FUNC(ENGINE_F_ENGINE_ADD),	"ENGINE_add"},
+{ERR_FUNC(ENGINE_F_ENGINE_BY_ID),	"ENGINE_by_id"},
+{ERR_FUNC(ENGINE_F_ENGINE_CMD_IS_EXECUTABLE),	"ENGINE_cmd_is_executable"},
+{ERR_FUNC(ENGINE_F_ENGINE_CTRL),	"ENGINE_ctrl"},
+{ERR_FUNC(ENGINE_F_ENGINE_CTRL_CMD),	"ENGINE_ctrl_cmd"},
+{ERR_FUNC(ENGINE_F_ENGINE_CTRL_CMD_STRING),	"ENGINE_ctrl_cmd_string"},
+{ERR_FUNC(ENGINE_F_ENGINE_FINISH),	"ENGINE_finish"},
+{ERR_FUNC(ENGINE_F_ENGINE_FREE_UTIL),	"ENGINE_FREE_UTIL"},
+{ERR_FUNC(ENGINE_F_ENGINE_GET_CIPHER),	"ENGINE_get_cipher"},
+{ERR_FUNC(ENGINE_F_ENGINE_GET_DEFAULT_TYPE),	"ENGINE_GET_DEFAULT_TYPE"},
+{ERR_FUNC(ENGINE_F_ENGINE_GET_DIGEST),	"ENGINE_get_digest"},
+{ERR_FUNC(ENGINE_F_ENGINE_GET_NEXT),	"ENGINE_get_next"},
+{ERR_FUNC(ENGINE_F_ENGINE_GET_PKEY_ASN1_METH),	"ENGINE_get_pkey_asn1_meth"},
+{ERR_FUNC(ENGINE_F_ENGINE_GET_PKEY_METH),	"ENGINE_get_pkey_meth"},
+{ERR_FUNC(ENGINE_F_ENGINE_GET_PREV),	"ENGINE_get_prev"},
+{ERR_FUNC(ENGINE_F_ENGINE_INIT),	"ENGINE_init"},
+{ERR_FUNC(ENGINE_F_ENGINE_LIST_ADD),	"ENGINE_LIST_ADD"},
+{ERR_FUNC(ENGINE_F_ENGINE_LIST_REMOVE),	"ENGINE_LIST_REMOVE"},
+{ERR_FUNC(ENGINE_F_ENGINE_LOAD_PRIVATE_KEY),	"ENGINE_load_private_key"},
+{ERR_FUNC(ENGINE_F_ENGINE_LOAD_PUBLIC_KEY),	"ENGINE_load_public_key"},
+{ERR_FUNC(ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT),	"ENGINE_load_ssl_client_cert"},
+{ERR_FUNC(ENGINE_F_ENGINE_NEW),	"ENGINE_new"},
+{ERR_FUNC(ENGINE_F_ENGINE_REMOVE),	"ENGINE_remove"},
+{ERR_FUNC(ENGINE_F_ENGINE_SET_DEFAULT_STRING),	"ENGINE_set_default_string"},
+{ERR_FUNC(ENGINE_F_ENGINE_SET_DEFAULT_TYPE),	"ENGINE_SET_DEFAULT_TYPE"},
+{ERR_FUNC(ENGINE_F_ENGINE_SET_ID),	"ENGINE_set_id"},
+{ERR_FUNC(ENGINE_F_ENGINE_SET_NAME),	"ENGINE_set_name"},
+{ERR_FUNC(ENGINE_F_ENGINE_TABLE_REGISTER),	"ENGINE_TABLE_REGISTER"},
+{ERR_FUNC(ENGINE_F_ENGINE_UNLOAD_KEY),	"ENGINE_UNLOAD_KEY"},
+{ERR_FUNC(ENGINE_F_ENGINE_UNLOCKED_FINISH),	"ENGINE_UNLOCKED_FINISH"},
+{ERR_FUNC(ENGINE_F_ENGINE_UP_REF),	"ENGINE_up_ref"},
+{ERR_FUNC(ENGINE_F_INT_CTRL_HELPER),	"INT_CTRL_HELPER"},
+{ERR_FUNC(ENGINE_F_INT_ENGINE_CONFIGURE),	"INT_ENGINE_CONFIGURE"},
+{ERR_FUNC(ENGINE_F_INT_ENGINE_MODULE_INIT),	"INT_ENGINE_MODULE_INIT"},
+{ERR_FUNC(ENGINE_F_LOG_MESSAGE),	"LOG_MESSAGE"},
 {0,NULL}
 	};
 
 static ERR_STRING_DATA ENGINE_str_reasons[]=
 	{
-{ENGINE_R_ALREADY_LOADED                 ,"already loaded"},
-{ENGINE_R_ARGUMENT_IS_NOT_A_NUMBER       ,"argument is not a number"},
-{ENGINE_R_CMD_NOT_EXECUTABLE             ,"cmd not executable"},
-{ENGINE_R_COMMAND_TAKES_INPUT            ,"command takes input"},
-{ENGINE_R_COMMAND_TAKES_NO_INPUT         ,"command takes no input"},
-{ENGINE_R_CONFLICTING_ENGINE_ID          ,"conflicting engine id"},
-{ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED   ,"ctrl command not implemented"},
-{ENGINE_R_DH_NOT_IMPLEMENTED             ,"dh not implemented"},
-{ENGINE_R_DSA_NOT_IMPLEMENTED            ,"dsa not implemented"},
-{ENGINE_R_DSO_FAILURE                    ,"DSO failure"},
-{ENGINE_R_DSO_NOT_FOUND                  ,"dso not found"},
-{ENGINE_R_ENGINES_SECTION_ERROR          ,"engines section error"},
-{ENGINE_R_ENGINE_IS_NOT_IN_LIST          ,"engine is not in the list"},
-{ENGINE_R_ENGINE_SECTION_ERROR           ,"engine section error"},
-{ENGINE_R_FAILED_LOADING_PRIVATE_KEY     ,"failed loading private key"},
-{ENGINE_R_FAILED_LOADING_PUBLIC_KEY      ,"failed loading public key"},
-{ENGINE_R_FINISH_FAILED                  ,"finish failed"},
-{ENGINE_R_GET_HANDLE_FAILED              ,"could not obtain hardware handle"},
-{ENGINE_R_ID_OR_NAME_MISSING             ,"'id' or 'name' missing"},
-{ENGINE_R_INIT_FAILED                    ,"init failed"},
-{ENGINE_R_INTERNAL_LIST_ERROR            ,"internal list error"},
-{ENGINE_R_INVALID_ARGUMENT               ,"invalid argument"},
-{ENGINE_R_INVALID_CMD_NAME               ,"invalid cmd name"},
-{ENGINE_R_INVALID_CMD_NUMBER             ,"invalid cmd number"},
-{ENGINE_R_INVALID_INIT_VALUE             ,"invalid init value"},
-{ENGINE_R_INVALID_STRING                 ,"invalid string"},
-{ENGINE_R_NOT_INITIALISED                ,"not initialised"},
-{ENGINE_R_NOT_LOADED                     ,"not loaded"},
-{ENGINE_R_NO_CONTROL_FUNCTION            ,"no control function"},
-{ENGINE_R_NO_INDEX                       ,"no index"},
-{ENGINE_R_NO_LOAD_FUNCTION               ,"no load function"},
-{ENGINE_R_NO_REFERENCE                   ,"no reference"},
-{ENGINE_R_NO_SUCH_ENGINE                 ,"no such engine"},
-{ENGINE_R_NO_UNLOAD_FUNCTION             ,"no unload function"},
-{ENGINE_R_PROVIDE_PARAMETERS             ,"provide parameters"},
-{ENGINE_R_RSA_NOT_IMPLEMENTED            ,"rsa not implemented"},
-{ENGINE_R_UNIMPLEMENTED_CIPHER           ,"unimplemented cipher"},
-{ENGINE_R_UNIMPLEMENTED_DIGEST           ,"unimplemented digest"},
-{ENGINE_R_VERSION_INCOMPATIBILITY        ,"version incompatibility"},
+{ERR_REASON(ENGINE_R_ALREADY_LOADED)     ,"already loaded"},
+{ERR_REASON(ENGINE_R_ARGUMENT_IS_NOT_A_NUMBER),"argument is not a number"},
+{ERR_REASON(ENGINE_R_CMD_NOT_EXECUTABLE) ,"cmd not executable"},
+{ERR_REASON(ENGINE_R_COMMAND_TAKES_INPUT),"command takes input"},
+{ERR_REASON(ENGINE_R_COMMAND_TAKES_NO_INPUT),"command takes no input"},
+{ERR_REASON(ENGINE_R_CONFLICTING_ENGINE_ID),"conflicting engine id"},
+{ERR_REASON(ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED),"ctrl command not implemented"},
+{ERR_REASON(ENGINE_R_DH_NOT_IMPLEMENTED) ,"dh not implemented"},
+{ERR_REASON(ENGINE_R_DSA_NOT_IMPLEMENTED),"dsa not implemented"},
+{ERR_REASON(ENGINE_R_DSO_FAILURE)        ,"DSO failure"},
+{ERR_REASON(ENGINE_R_DSO_NOT_FOUND)      ,"dso not found"},
+{ERR_REASON(ENGINE_R_ENGINES_SECTION_ERROR),"engines section error"},
+{ERR_REASON(ENGINE_R_ENGINE_IS_NOT_IN_LIST),"engine is not in the list"},
+{ERR_REASON(ENGINE_R_ENGINE_SECTION_ERROR),"engine section error"},
+{ERR_REASON(ENGINE_R_FAILED_LOADING_PRIVATE_KEY),"failed loading private key"},
+{ERR_REASON(ENGINE_R_FAILED_LOADING_PUBLIC_KEY),"failed loading public key"},
+{ERR_REASON(ENGINE_R_FINISH_FAILED)      ,"finish failed"},
+{ERR_REASON(ENGINE_R_GET_HANDLE_FAILED)  ,"could not obtain hardware handle"},
+{ERR_REASON(ENGINE_R_ID_OR_NAME_MISSING) ,"'id' or 'name' missing"},
+{ERR_REASON(ENGINE_R_INIT_FAILED)        ,"init failed"},
+{ERR_REASON(ENGINE_R_INTERNAL_LIST_ERROR),"internal list error"},
+{ERR_REASON(ENGINE_R_INVALID_ARGUMENT)   ,"invalid argument"},
+{ERR_REASON(ENGINE_R_INVALID_CMD_NAME)   ,"invalid cmd name"},
+{ERR_REASON(ENGINE_R_INVALID_CMD_NUMBER) ,"invalid cmd number"},
+{ERR_REASON(ENGINE_R_INVALID_INIT_VALUE) ,"invalid init value"},
+{ERR_REASON(ENGINE_R_INVALID_STRING)     ,"invalid string"},
+{ERR_REASON(ENGINE_R_NOT_INITIALISED)    ,"not initialised"},
+{ERR_REASON(ENGINE_R_NOT_LOADED)         ,"not loaded"},
+{ERR_REASON(ENGINE_R_NO_CONTROL_FUNCTION),"no control function"},
+{ERR_REASON(ENGINE_R_NO_INDEX)           ,"no index"},
+{ERR_REASON(ENGINE_R_NO_LOAD_FUNCTION)   ,"no load function"},
+{ERR_REASON(ENGINE_R_NO_REFERENCE)       ,"no reference"},
+{ERR_REASON(ENGINE_R_NO_SUCH_ENGINE)     ,"no such engine"},
+{ERR_REASON(ENGINE_R_NO_UNLOAD_FUNCTION) ,"no unload function"},
+{ERR_REASON(ENGINE_R_PROVIDE_PARAMETERS) ,"provide parameters"},
+{ERR_REASON(ENGINE_R_RSA_NOT_IMPLEMENTED),"rsa not implemented"},
+{ERR_REASON(ENGINE_R_UNIMPLEMENTED_CIPHER),"unimplemented cipher"},
+{ERR_REASON(ENGINE_R_UNIMPLEMENTED_DIGEST),"unimplemented digest"},
+{ERR_REASON(ENGINE_R_UNIMPLEMENTED_PUBLIC_KEY_METHOD),"unimplemented public key method"},
+{ERR_REASON(ENGINE_R_VERSION_INCOMPATIBILITY),"version incompatibility"},
 {0,NULL}
 	};
 
@@ -152,15 +161,12 @@ static ERR_STRING_DATA ENGINE_str_reasons[]=
 
 void ERR_load_ENGINE_strings(void)
 	{
-	static int init=1;
-
-	if (init)
-		{
-		init=0;
 #ifndef OPENSSL_NO_ERR
-		ERR_load_strings(ERR_LIB_ENGINE,ENGINE_str_functs);
-		ERR_load_strings(ERR_LIB_ENGINE,ENGINE_str_reasons);
-#endif
 
+	if (ERR_func_error_string(ENGINE_str_functs[0].error) == NULL)
+		{
+		ERR_load_strings(0,ENGINE_str_functs);
+		ERR_load_strings(0,ENGINE_str_reasons);
 		}
+#endif
 	}
diff --git a/crypto/engine/eng_fat.c b/crypto/engine/eng_fat.c
index 27c1662f62..db66e62350 100644
--- a/crypto/engine/eng_fat.c
+++ b/crypto/engine/eng_fat.c
@@ -89,6 +89,12 @@ int ENGINE_set_default(ENGINE *e, unsigned int flags)
 #endif
 	if((flags & ENGINE_METHOD_RAND) && !ENGINE_set_default_RAND(e))
 		return 0;
+	if((flags & ENGINE_METHOD_PKEY_METHS)
+				&& !ENGINE_set_default_pkey_meths(e))
+		return 0;
+	if((flags & ENGINE_METHOD_PKEY_ASN1_METHS)
+				&& !ENGINE_set_default_pkey_asn1_meths(e))
+		return 0;
 	return 1;
 	}
 
@@ -115,6 +121,13 @@ static int int_def_cb(const char *alg, int len, void *arg)
 		*pflags |= ENGINE_METHOD_CIPHERS;
 	else if (!strncmp(alg, "DIGESTS", len))
 		*pflags |= ENGINE_METHOD_DIGESTS;
+	else if (!strncmp(alg, "PKEY", len))
+		*pflags |=
+			ENGINE_METHOD_PKEY_METHS|ENGINE_METHOD_PKEY_ASN1_METHS;
+	else if (!strncmp(alg, "PKEY_CRYPTO", len))
+		*pflags |= ENGINE_METHOD_PKEY_METHS;
+	else if (!strncmp(alg, "PKEY_ASN1", len))
+		*pflags |= ENGINE_METHOD_PKEY_ASN1_METHS;
 	else
 		return 0;
 	return 1;
@@ -154,6 +167,7 @@ int ENGINE_register_complete(ENGINE *e)
 	ENGINE_register_ECDSA(e);
 #endif
 	ENGINE_register_RAND(e);
+	ENGINE_register_pkey_meths(e);
 	return 1;
 	}
 
diff --git a/crypto/engine/eng_init.c b/crypto/engine/eng_init.c
index 2843e4f0e4..7633cf5f1d 100644
--- a/crypto/engine/eng_init.c
+++ b/crypto/engine/eng_init.c
@@ -111,7 +111,7 @@ int engine_unlocked_finish(ENGINE *e, int unlock_for_handlers)
 	/* Release the structural reference too */
 	if(!engine_free_util(e, 0))
 		{
-		ENGINEerr(ENGINE_F_ENGINE_FINISH,ENGINE_R_FINISH_FAILED);
+		ENGINEerr(ENGINE_F_ENGINE_UNLOCKED_FINISH,ENGINE_R_FINISH_FAILED);
 		return 0;
 		}
 	return to_return;
diff --git a/crypto/engine/eng_int.h b/crypto/engine/eng_int.h
index a5b1edebf4..451ef8feb8 100644
--- a/crypto/engine/eng_int.h
+++ b/crypto/engine/eng_int.h
@@ -127,6 +127,8 @@ ENGINE *engine_table_select(ENGINE_TABLE **table, int nid);
 ENGINE *engine_table_select_tmp(ENGINE_TABLE **table, int nid, const char *f, int l);
 #define engine_table_select(t,n) engine_table_select_tmp(t,n,__FILE__,__LINE__)
 #endif
+typedef void (engine_table_doall_cb)(int nid, STACK_OF(ENGINE) *sk, ENGINE *def, void *arg);
+void engine_table_doall(ENGINE_TABLE *table, engine_table_doall_cb *cb, void *arg);
 
 /* Internal versions of API functions that have control over locking. These are
  * used between C files when functionality needs to be shared but the caller may
@@ -143,6 +145,11 @@ void engine_set_all_null(ENGINE *e);
 /* NB: Bitwise OR-able values for the "flags" variable in ENGINE are now exposed
  * in engine.h. */
 
+/* Free up dynamically allocated public key methods associated with ENGINE */
+
+void engine_pkey_meths_free(ENGINE *e);
+void engine_pkey_asn1_meths_free(ENGINE *e);
+
 /* This is a structure for storing implementations of various crypto
  * algorithms and functions. */
 struct engine_st
@@ -160,7 +167,10 @@ struct engine_st
 	ENGINE_CIPHERS_PTR ciphers;
 	/* Digest handling is via this callback */
 	ENGINE_DIGESTS_PTR digests;
-
+	/* Public key handling via this callback */
+	ENGINE_PKEY_METHS_PTR pkey_meths;
+	/* ASN1 public key handling via this callback */
+	ENGINE_PKEY_ASN1_METHS_PTR pkey_asn1_meths;
 
 	ENGINE_GEN_INT_FUNC_PTR	destroy;
 
@@ -170,6 +180,8 @@ struct engine_st
 	ENGINE_LOAD_KEY_PTR load_privkey;
 	ENGINE_LOAD_KEY_PTR load_pubkey;
 
+	ENGINE_SSL_CLIENT_CERT_PTR load_ssl_client_cert;
+
 	const ENGINE_CMD_DEFN *cmd_defns;
 	int flags;
 	/* reference count on the structure itself */
diff --git a/crypto/engine/eng_lib.c b/crypto/engine/eng_lib.c
index 7b3686ddc0..18a6664645 100644
--- a/crypto/engine/eng_lib.c
+++ b/crypto/engine/eng_lib.c
@@ -108,7 +108,7 @@ int engine_free_util(ENGINE *e, int locked)
 
 	if(e == NULL)
 		{
-		ENGINEerr(ENGINE_F_ENGINE_FREE,
+		ENGINEerr(ENGINE_F_ENGINE_FREE_UTIL,
 			ERR_R_PASSED_NULL_PARAMETER);
 		return 0;
 		}
@@ -125,6 +125,9 @@ int engine_free_util(ENGINE *e, int locked)
 		abort();
 		}
 #endif
+	/* Free up any dynamically allocated public key methods */
+	engine_pkey_meths_free(e);
+	engine_pkey_asn1_meths_free(e);
 	/* Give the ENGINE a chance to do any structural cleanup corresponding
 	 * to allocation it did in its constructor (eg. unload error strings) */
 	if(e->destroy)
diff --git a/crypto/engine/eng_list.c b/crypto/engine/eng_list.c
index f337e0f3bc..66a52b89e0 100644
--- a/crypto/engine/eng_list.c
+++ b/crypto/engine/eng_list.c
@@ -336,6 +336,7 @@ static void engine_cpy(ENGINE *dest, const ENGINE *src)
 	dest->store_meth = src->store_meth;
 	dest->ciphers = src->ciphers;
 	dest->digests = src->digests;
+	dest->pkey_meths = src->pkey_meths;
 	dest->destroy = src->destroy;
 	dest->init = src->init;
 	dest->finish = src->finish;
@@ -394,19 +395,23 @@ ENGINE *ENGINE_by_id(const char *id)
 #else
 	/* EEK! Experimental code starts */
 	if(iterator) return iterator;
+	/* Prevent infinite recusrion if we're looking for the dynamic engine. */
+	if (strcmp(id, "dynamic"))
+		{
 #ifdef OPENSSL_SYS_VMS
-	if((load_dir = getenv("OPENSSL_ENGINES")) == 0) load_dir = "SSLROOT:[ENGINES]";
+		if((load_dir = getenv("OPENSSL_ENGINES")) == 0) load_dir = "SSLROOT:[ENGINES]";
 #else
-	if((load_dir = getenv("OPENSSL_ENGINES")) == 0) load_dir = ENGINESDIR;
+		if((load_dir = getenv("OPENSSL_ENGINES")) == 0) load_dir = ENGINESDIR;
 #endif
-	iterator = ENGINE_by_id("dynamic");
-	if(!iterator || !ENGINE_ctrl_cmd_string(iterator, "ID", id, 0) ||
-			!ENGINE_ctrl_cmd_string(iterator, "DIR_LOAD", "2", 0) ||
-			!ENGINE_ctrl_cmd_string(iterator, "DIR_ADD",
-				load_dir, 0) ||
-			!ENGINE_ctrl_cmd_string(iterator, "LOAD", NULL, 0))
-		goto notfound;
-	return iterator;
+		iterator = ENGINE_by_id("dynamic");
+		if(!iterator || !ENGINE_ctrl_cmd_string(iterator, "ID", id, 0) ||
+				!ENGINE_ctrl_cmd_string(iterator, "DIR_LOAD", "2", 0) ||
+				!ENGINE_ctrl_cmd_string(iterator, "DIR_ADD",
+					load_dir, 0) ||
+				!ENGINE_ctrl_cmd_string(iterator, "LOAD", NULL, 0))
+				goto notfound;
+		return iterator;
+		}
 notfound:
 	ENGINEerr(ENGINE_F_ENGINE_BY_ID,ENGINE_R_NO_SUCH_ENGINE);
 	ERR_add_error_data(2, "id=", id);
diff --git a/crypto/engine/eng_openssl.c b/crypto/engine/eng_openssl.c
index dd16d3bc6a..9abb95cc22 100644
--- a/crypto/engine/eng_openssl.c
+++ b/crypto/engine/eng_openssl.c
@@ -70,9 +70,15 @@
 #include <openssl/pem.h>
 #include <openssl/evp.h>
 #include <openssl/rand.h>
+#ifndef OPENSSL_NO_RSA
 #include <openssl/rsa.h>
+#endif
+#ifndef OPENSSL_NO_DSA
 #include <openssl/dsa.h>
+#endif
+#ifndef OPENSSL_NO_DH
 #include <openssl/dh.h>
+#endif
 
 /* This testing gunk is implemented (and explained) lower down. It also assumes
  * the application explicitly calls "ENGINE_load_openssl()" because this is no
@@ -232,7 +238,7 @@ static int test_rc4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
 	return 1;
 	}
 static int test_rc4_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-		      const unsigned char *in, unsigned int inl)
+		      const unsigned char *in, size_t inl)
 	{
 #ifdef TEST_ENG_OPENSSL_RC4_P_CIPHER
 	fprintf(stderr, "(TEST_ENG_OPENSSL_RC4) test_cipher() called\n");
@@ -251,6 +257,7 @@ static const EVP_CIPHER test_r4_cipher=
 	sizeof(TEST_RC4_KEY),
 	NULL,
 	NULL,
+	NULL,
 	NULL
 	};
 static const EVP_CIPHER test_r4_40_cipher=
@@ -264,6 +271,7 @@ static const EVP_CIPHER test_r4_40_cipher=
 	sizeof(TEST_RC4_KEY),
 	NULL, 
 	NULL,
+	NULL,
 	NULL
 	};
 static int openssl_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
diff --git a/crypto/engine/eng_pkey.c b/crypto/engine/eng_pkey.c
index bc8b21abec..1dfa2e3664 100644
--- a/crypto/engine/eng_pkey.c
+++ b/crypto/engine/eng_pkey.c
@@ -69,6 +69,13 @@ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f)
 	return 1;
 	}
 
+int ENGINE_set_load_ssl_client_cert_function(ENGINE *e,
+				ENGINE_SSL_CLIENT_CERT_PTR loadssl_f)
+	{
+	e->load_ssl_client_cert = loadssl_f;
+	return 1;
+	}
+
 ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e)
 	{
 	return e->load_privkey;
@@ -79,6 +86,11 @@ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e)
 	return e->load_pubkey;
 	}
 
+ENGINE_SSL_CLIENT_CERT_PTR ENGINE_get_ssl_client_cert_function(const ENGINE *e)
+	{
+	return e->load_ssl_client_cert;
+	}
+
 /* API functions to load public/private keys */
 
 EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
@@ -152,3 +164,33 @@ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
 		}
 	return pkey;
 	}
+
+int ENGINE_load_ssl_client_cert(ENGINE *e, SSL *s,
+	STACK_OF(X509_NAME) *ca_dn, X509 **pcert, EVP_PKEY **ppkey,
+	STACK_OF(X509) **pother, UI_METHOD *ui_method, void *callback_data)
+	{
+
+	if(e == NULL)
+		{
+		ENGINEerr(ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT,
+			ERR_R_PASSED_NULL_PARAMETER);
+		return 0;
+		}
+	CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
+	if(e->funct_ref == 0)
+		{
+		CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
+		ENGINEerr(ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT,
+			ENGINE_R_NOT_INITIALISED);
+		return 0;
+		}
+	CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
+	if (!e->load_ssl_client_cert)
+		{
+		ENGINEerr(ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT,
+			ENGINE_R_NO_LOAD_FUNCTION);
+		return 0;
+		}
+	return e->load_ssl_client_cert(e, s, ca_dn, pcert, ppkey, pother,
+					ui_method, callback_data);
+	}
diff --git a/crypto/engine/eng_table.c b/crypto/engine/eng_table.c
index a83c3899ee..954b4d7970 100644
--- a/crypto/engine/eng_table.c
+++ b/crypto/engine/eng_table.c
@@ -70,12 +70,22 @@ typedef struct st_engine_pile
 	int uptodate;
 	} ENGINE_PILE;
 
+DECLARE_LHASH_OF(ENGINE_PILE);
+
 /* The type exposed in eng_int.h */
 struct st_engine_table
 	{
-	LHASH piles;
+	LHASH_OF(ENGINE_PILE) piles;
 	}; /* ENGINE_TABLE */
 
+
+typedef struct st_engine_pile_doall
+	{
+	engine_table_doall_cb *cb;
+	void *arg;
+	} ENGINE_PILE_DOALL;
+	
+
 /* Global flags (ENGINE_TABLE_FLAG_***). */
 static unsigned int table_flags = 0;
 
@@ -84,6 +94,7 @@ unsigned int ENGINE_get_table_flags(void)
 	{
 	return table_flags;
 	}
+
 void ENGINE_set_table_flags(unsigned int flags)
 	{
 	table_flags = flags;
@@ -94,19 +105,21 @@ static unsigned long engine_pile_hash(const ENGINE_PILE *c)
 	{
 	return c->nid;
 	}
+
 static int engine_pile_cmp(const ENGINE_PILE *a, const ENGINE_PILE *b)
 	{
 	return a->nid - b->nid;
 	}
-static IMPLEMENT_LHASH_HASH_FN(engine_pile_hash, const ENGINE_PILE *)
-static IMPLEMENT_LHASH_COMP_FN(engine_pile_cmp, const ENGINE_PILE *)
+static IMPLEMENT_LHASH_HASH_FN(engine_pile, ENGINE_PILE)
+static IMPLEMENT_LHASH_COMP_FN(engine_pile, ENGINE_PILE)
+
 static int int_table_check(ENGINE_TABLE **t, int create)
 	{
-	LHASH *lh;
+	LHASH_OF(ENGINE_PILE) *lh;
+
 	if(*t) return 1;
 	if(!create) return 0;
-	if((lh = lh_new(LHASH_HASH_FN(engine_pile_hash),
-			LHASH_COMP_FN(engine_pile_cmp))) == NULL)
+	if((lh = lh_ENGINE_PILE_new()) == NULL)
 		return 0;
 	*t = (ENGINE_TABLE *)lh;
 	return 1;
@@ -130,12 +143,12 @@ int engine_table_register(ENGINE_TABLE **table, ENGINE_CLEANUP_CB *cleanup,
 	while(num_nids--)
 		{
 		tmplate.nid = *nids;
-		fnd = lh_retrieve(&(*table)->piles, &tmplate);
+		fnd = lh_ENGINE_PILE_retrieve(&(*table)->piles, &tmplate);
 		if(!fnd)
 			{
 			fnd = OPENSSL_malloc(sizeof(ENGINE_PILE));
 			if(!fnd) goto end;
-			fnd->uptodate = 0;
+			fnd->uptodate = 1;
 			fnd->nid = *nids;
 			fnd->sk = sk_ENGINE_new_null();
 			if(!fnd->sk)
@@ -144,15 +157,15 @@ int engine_table_register(ENGINE_TABLE **table, ENGINE_CLEANUP_CB *cleanup,
 				goto end;
 				}
 			fnd->funct = NULL;
-			lh_insert(&(*table)->piles, fnd);
+			(void)lh_ENGINE_PILE_insert(&(*table)->piles, fnd);
 			}
 		/* A registration shouldn't add duplciate entries */
-		sk_ENGINE_delete_ptr(fnd->sk, e);
+		(void)sk_ENGINE_delete_ptr(fnd->sk, e);
 		/* if 'setdefault', this ENGINE goes to the head of the list */
 		if(!sk_ENGINE_push(fnd->sk, e))
 			goto end;
 		/* "touch" this ENGINE_PILE */
-		fnd->uptodate = 1;
+		fnd->uptodate = 0;
 		if(setdefault)
 			{
 			if(!engine_unlocked_init(e))
@@ -164,6 +177,7 @@ int engine_table_register(ENGINE_TABLE **table, ENGINE_CLEANUP_CB *cleanup,
 			if(fnd->funct)
 				engine_unlocked_finish(fnd->funct, 0);
 			fnd->funct = e;
+			fnd->uptodate = 1;
 			}
 		nids++;
 		}
@@ -172,15 +186,14 @@ end:
 	CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
 	return ret;
 	}
-static void int_unregister_cb(ENGINE_PILE *pile, ENGINE *e)
+static void int_unregister_cb_doall_arg(ENGINE_PILE *pile, ENGINE *e)
 	{
 	int n;
 	/* Iterate the 'c->sk' stack removing any occurance of 'e' */
 	while((n = sk_ENGINE_find(pile->sk, e)) >= 0)
 		{
-		sk_ENGINE_delete(pile->sk, n);
-		/* "touch" this ENGINE_CIPHER */
-		pile->uptodate = 1;
+		(void)sk_ENGINE_delete(pile->sk, n);
+		pile->uptodate = 0;
 		}
 	if(pile->funct == e)
 		{
@@ -188,31 +201,35 @@ static void int_unregister_cb(ENGINE_PILE *pile, ENGINE *e)
 		pile->funct = NULL;
 		}
 	}
-static IMPLEMENT_LHASH_DOALL_ARG_FN(int_unregister_cb,ENGINE_PILE *,ENGINE *)
+static IMPLEMENT_LHASH_DOALL_ARG_FN(int_unregister_cb, ENGINE_PILE, ENGINE)
+
 void engine_table_unregister(ENGINE_TABLE **table, ENGINE *e)
 	{
 	CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
 	if(int_table_check(table, 0))
-		lh_doall_arg(&(*table)->piles,
-			LHASH_DOALL_ARG_FN(int_unregister_cb), e);
+		lh_ENGINE_PILE_doall_arg(&(*table)->piles,
+					 LHASH_DOALL_ARG_FN(int_unregister_cb),
+					 ENGINE, e);
 	CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
 	}
 
-static void int_cleanup_cb(ENGINE_PILE *p)
+static void int_cleanup_cb_doall(ENGINE_PILE *p)
 	{
 	sk_ENGINE_free(p->sk);
 	if(p->funct)
 		engine_unlocked_finish(p->funct, 0);
 	OPENSSL_free(p);
 	}
-static IMPLEMENT_LHASH_DOALL_FN(int_cleanup_cb,ENGINE_PILE *)
+static IMPLEMENT_LHASH_DOALL_FN(int_cleanup_cb, ENGINE_PILE)
+
 void engine_table_cleanup(ENGINE_TABLE **table)
 	{
 	CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
 	if(*table)
 		{
-		lh_doall(&(*table)->piles, LHASH_DOALL_FN(int_cleanup_cb));
-		lh_free(&(*table)->piles);
+		lh_ENGINE_PILE_doall(&(*table)->piles,
+				     LHASH_DOALL_FN(int_cleanup_cb));
+		lh_ENGINE_PILE_free(&(*table)->piles);
 		*table = NULL;
 		}
 	CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
@@ -242,7 +259,7 @@ ENGINE *engine_table_select_tmp(ENGINE_TABLE **table, int nid, const char *f, in
 	 * operations. But don't worry about a fprintf(stderr). */
 	if(!int_table_check(table, 0)) goto end;
 	tmplate.nid = nid;
-	fnd = lh_retrieve(&(*table)->piles, &tmplate);
+	fnd = lh_ENGINE_PILE_retrieve(&(*table)->piles, &tmplate);
 	if(!fnd) goto end;
 	if(fnd->funct && engine_unlocked_init(fnd->funct))
 		{
@@ -313,3 +330,21 @@ end:
 	ERR_clear_error();
 	return ret;
 	}
+
+/* Table enumeration */
+
+static void int_cb_doall_arg(ENGINE_PILE *pile, ENGINE_PILE_DOALL *dall)
+	{
+	dall->cb(pile->nid, pile->sk, pile->funct, dall->arg);
+	}
+static IMPLEMENT_LHASH_DOALL_ARG_FN(int_cb, ENGINE_PILE,ENGINE_PILE_DOALL)
+
+void engine_table_doall(ENGINE_TABLE *table, engine_table_doall_cb *cb,
+								void *arg)
+	{
+	ENGINE_PILE_DOALL dall;
+	dall.cb = cb;
+	dall.arg = arg;
+	lh_ENGINE_PILE_doall_arg(&table->piles, LHASH_DOALL_ARG_FN(int_cb),
+				 ENGINE_PILE_DOALL, &dall);
+	}
diff --git a/crypto/engine/engine.h b/crypto/engine/engine.h
index 14fefea474..f288a38685 100644
--- a/crypto/engine/engine.h
+++ b/crypto/engine/engine.h
@@ -88,7 +88,6 @@
 #include <openssl/ecdsa.h>
 #endif
 #include <openssl/rand.h>
-#include <openssl/store.h>
 #include <openssl/ui.h>
 #include <openssl/err.h>
 #endif
@@ -96,27 +95,12 @@
 #include <openssl/ossl_typ.h>
 #include <openssl/symhacks.h>
 
+#include <openssl/x509.h>
+
 #ifdef  __cplusplus
 extern "C" {
 #endif
 
-/* Fixups for missing algorithms */
-#ifdef OPENSSL_NO_RSA
-typedef void RSA_METHOD;
-#endif
-#ifdef OPENSSL_NO_DSA
-typedef void DSA_METHOD;
-#endif
-#ifdef OPENSSL_NO_DH
-typedef void DH_METHOD;
-#endif
-#ifdef OPENSSL_NO_ECDH
-typedef void ECDH_METHOD;
-#endif
-#ifdef OPENSSL_NO_ECDSA
-typedef void ECDSA_METHOD;
-#endif
-
 /* These flags are used to control combinations of algorithm (methods)
  * by bitwise "OR"ing. */
 #define ENGINE_METHOD_RSA		(unsigned int)0x0001
@@ -128,6 +112,8 @@ typedef void ECDSA_METHOD;
 #define ENGINE_METHOD_CIPHERS		(unsigned int)0x0040
 #define ENGINE_METHOD_DIGESTS		(unsigned int)0x0080
 #define ENGINE_METHOD_STORE		(unsigned int)0x0100
+#define ENGINE_METHOD_PKEY_METHS	(unsigned int)0x0200
+#define ENGINE_METHOD_PKEY_ASN1_METHS	(unsigned int)0x0400
 /* Obvious all-or-nothing cases. */
 #define ENGINE_METHOD_ALL		(unsigned int)0xFFFF
 #define ENGINE_METHOD_NONE		(unsigned int)0x0000
@@ -295,6 +281,9 @@ typedef int (*ENGINE_CTRL_FUNC_PTR)(ENGINE *, int, long, void *, void (*f)(void)
 /* Generic load_key function pointer */
 typedef EVP_PKEY * (*ENGINE_LOAD_KEY_PTR)(ENGINE *, const char *,
 	UI_METHOD *ui_method, void *callback_data);
+typedef int (*ENGINE_SSL_CLIENT_CERT_PTR)(ENGINE *, SSL *ssl,
+	STACK_OF(X509_NAME) *ca_dn, X509 **pcert, EVP_PKEY **pkey,
+	STACK_OF(X509) **pother, UI_METHOD *ui_method, void *callback_data);
 /* These callback types are for an ENGINE's handler for cipher and digest logic.
  * These handlers have these prototypes;
  *   int foo(ENGINE *e, const EVP_CIPHER **cipher, const int **nids, int nid);
@@ -309,7 +298,8 @@ typedef EVP_PKEY * (*ENGINE_LOAD_KEY_PTR)(ENGINE *, const char *,
  * parameter is non-NULL it is set to the size of the returned array. */
 typedef int (*ENGINE_CIPHERS_PTR)(ENGINE *, const EVP_CIPHER **, const int **, int);
 typedef int (*ENGINE_DIGESTS_PTR)(ENGINE *, const EVP_MD **, const int **, int);
-
+typedef int (*ENGINE_PKEY_METHS_PTR)(ENGINE *, EVP_PKEY_METHOD **, const int **, int);
+typedef int (*ENGINE_PKEY_ASN1_METHS_PTR)(ENGINE *, EVP_PKEY_ASN1_METHOD **, const int **, int);
 /* STRUCTURE functions ... all of these functions deal with pointers to ENGINE
  * structures where the pointers have a "structural reference". This means that
  * their reference is to allowed access to the structure but it does not imply
@@ -341,13 +331,20 @@ void ENGINE_load_aep(void);
 void ENGINE_load_atalla(void);
 void ENGINE_load_chil(void);
 void ENGINE_load_cswift(void);
-void ENGINE_load_gmp(void);
 void ENGINE_load_nuron(void);
 void ENGINE_load_sureware(void);
 void ENGINE_load_ubsec(void);
+void ENGINE_load_padlock(void);
+void ENGINE_load_capi(void);
+#ifndef OPENSSL_NO_GMP
+void ENGINE_load_gmp(void);
+#endif
+#ifndef OPENSSL_NO_GOST
+void ENGINE_load_gost(void);
+#endif
 #endif
 void ENGINE_load_cryptodev(void);
-void ENGINE_load_padlock(void);
+void ENGINE_load_aesni(void);
 void ENGINE_load_builtin_engines(void);
 
 /* Get and set global flags (ENGINE_TABLE_FLAG_***) for the implementation
@@ -399,6 +396,14 @@ int ENGINE_register_digests(ENGINE *e);
 void ENGINE_unregister_digests(ENGINE *e);
 void ENGINE_register_all_digests(void);
 
+int ENGINE_register_pkey_meths(ENGINE *e);
+void ENGINE_unregister_pkey_meths(ENGINE *e);
+void ENGINE_register_all_pkey_meths(void);
+
+int ENGINE_register_pkey_asn1_meths(ENGINE *e);
+void ENGINE_unregister_pkey_asn1_meths(ENGINE *e);
+void ENGINE_register_all_pkey_asn1_meths(void);
+
 /* These functions register all support from the above categories. Note, use of
  * these functions can result in static linkage of code your application may not
  * need. If you only need a subset of functionality, consider using more
@@ -474,8 +479,12 @@ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
 int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
 int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
 int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+int ENGINE_set_load_ssl_client_cert_function(ENGINE *e,
+				ENGINE_SSL_CLIENT_CERT_PTR loadssl_f);
 int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
 int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+int ENGINE_set_pkey_meths(ENGINE *e, ENGINE_PKEY_METHS_PTR f);
+int ENGINE_set_pkey_asn1_meths(ENGINE *e, ENGINE_PKEY_ASN1_METHS_PTR f);
 int ENGINE_set_flags(ENGINE *e, int flags);
 int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
 /* These functions allow control over any per-structure ENGINE data. */
@@ -509,10 +518,19 @@ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
 ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
 ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
 ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ENGINE_SSL_CLIENT_CERT_PTR ENGINE_get_ssl_client_cert_function(const ENGINE *e);
 ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
 ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ENGINE_PKEY_METHS_PTR ENGINE_get_pkey_meths(const ENGINE *e);
+ENGINE_PKEY_ASN1_METHS_PTR ENGINE_get_pkey_asn1_meths(const ENGINE *e);
 const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
 const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+const EVP_PKEY_METHOD *ENGINE_get_pkey_meth(ENGINE *e, int nid);
+const EVP_PKEY_ASN1_METHOD *ENGINE_get_pkey_asn1_meth(ENGINE *e, int nid);
+const EVP_PKEY_ASN1_METHOD *ENGINE_get_pkey_asn1_meth_str(ENGINE *e,
+					const char *str, int len);
+const EVP_PKEY_ASN1_METHOD *ENGINE_pkey_asn1_find_str(ENGINE **pe,
+					const char *str, int len);
 const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
 int ENGINE_get_flags(const ENGINE *e);
 
@@ -544,6 +562,10 @@ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
 	UI_METHOD *ui_method, void *callback_data);
 EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
 	UI_METHOD *ui_method, void *callback_data);
+int ENGINE_load_ssl_client_cert(ENGINE *e, SSL *s,
+	STACK_OF(X509_NAME) *ca_dn, X509 **pcert, EVP_PKEY **ppkey,
+	STACK_OF(X509) **pother,
+	UI_METHOD *ui_method, void *callback_data);
 
 /* This returns a pointer for the current ENGINE structure that
  * is (by default) performing any RSA operations. The value returned
@@ -560,6 +582,8 @@ ENGINE *ENGINE_get_default_RAND(void);
  * ciphering or digesting corresponding to "nid". */
 ENGINE *ENGINE_get_cipher_engine(int nid);
 ENGINE *ENGINE_get_digest_engine(int nid);
+ENGINE *ENGINE_get_pkey_meth_engine(int nid);
+ENGINE *ENGINE_get_pkey_asn1_meth_engine(int nid);
 
 /* This sets a new default ENGINE structure for performing RSA
  * operations. If the result is non-zero (success) then the ENGINE
@@ -575,6 +599,8 @@ int ENGINE_set_default_DH(ENGINE *e);
 int ENGINE_set_default_RAND(ENGINE *e);
 int ENGINE_set_default_ciphers(ENGINE *e);
 int ENGINE_set_default_digests(ENGINE *e);
+int ENGINE_set_default_pkey_meths(ENGINE *e);
+int ENGINE_set_default_pkey_asn1_meths(ENGINE *e);
 
 /* The combination "set" - the flags are bitwise "OR"d from the
  * ENGINE_METHOD_*** defines above. As with the "ENGINE_register_complete()"
@@ -652,7 +678,7 @@ typedef struct st_dynamic_fns {
  * can be fully instantiated with IMPLEMENT_DYNAMIC_CHECK_FN(). */
 typedef unsigned long (*dynamic_v_check_fn)(unsigned long ossl_version);
 #define IMPLEMENT_DYNAMIC_CHECK_FN() \
-	unsigned long v_check(unsigned long v) { \
+	OPENSSL_EXPORT unsigned long v_check(unsigned long v) { \
 		if(v >= OSSL_DYNAMIC_OLDEST) return OSSL_DYNAMIC_VERSION; \
 		return 0; }
 
@@ -674,6 +700,7 @@ typedef unsigned long (*dynamic_v_check_fn)(unsigned long ossl_version);
 typedef int (*dynamic_bind_engine)(ENGINE *e, const char *id,
 				const dynamic_fns *fns);
 #define IMPLEMENT_DYNAMIC_BIND_FN(fn) \
+	OPENSSL_EXPORT \
 	int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns) { \
 		if(ENGINE_get_static_state() == fns->static_state) goto skip_cbs; \
 		if(!CRYPTO_set_mem_functions(fns->mem_fns.malloc_cb, \
@@ -718,6 +745,7 @@ void ERR_load_ENGINE_strings(void);
 #define ENGINE_F_DYNAMIC_CTRL				 180
 #define ENGINE_F_DYNAMIC_GET_DATA_CTX			 181
 #define ENGINE_F_DYNAMIC_LOAD				 182
+#define ENGINE_F_DYNAMIC_SET_DATA_CTX			 183
 #define ENGINE_F_ENGINE_ADD				 105
 #define ENGINE_F_ENGINE_BY_ID				 106
 #define ENGINE_F_ENGINE_CMD_IS_EXECUTABLE		 170
@@ -725,18 +753,20 @@ void ERR_load_ENGINE_strings(void);
 #define ENGINE_F_ENGINE_CTRL_CMD			 178
 #define ENGINE_F_ENGINE_CTRL_CMD_STRING			 171
 #define ENGINE_F_ENGINE_FINISH				 107
-#define ENGINE_F_ENGINE_FREE				 108
+#define ENGINE_F_ENGINE_FREE_UTIL			 108
 #define ENGINE_F_ENGINE_GET_CIPHER			 185
 #define ENGINE_F_ENGINE_GET_DEFAULT_TYPE		 177
 #define ENGINE_F_ENGINE_GET_DIGEST			 186
 #define ENGINE_F_ENGINE_GET_NEXT			 115
+#define ENGINE_F_ENGINE_GET_PKEY_ASN1_METH		 193
+#define ENGINE_F_ENGINE_GET_PKEY_METH			 192
 #define ENGINE_F_ENGINE_GET_PREV			 116
 #define ENGINE_F_ENGINE_INIT				 119
 #define ENGINE_F_ENGINE_LIST_ADD			 120
 #define ENGINE_F_ENGINE_LIST_REMOVE			 121
 #define ENGINE_F_ENGINE_LOAD_PRIVATE_KEY		 150
 #define ENGINE_F_ENGINE_LOAD_PUBLIC_KEY			 151
-#define ENGINE_F_ENGINE_MODULE_INIT			 187
+#define ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT		 194
 #define ENGINE_F_ENGINE_NEW				 122
 #define ENGINE_F_ENGINE_REMOVE				 123
 #define ENGINE_F_ENGINE_SET_DEFAULT_STRING		 189
@@ -745,11 +775,12 @@ void ERR_load_ENGINE_strings(void);
 #define ENGINE_F_ENGINE_SET_NAME			 130
 #define ENGINE_F_ENGINE_TABLE_REGISTER			 184
 #define ENGINE_F_ENGINE_UNLOAD_KEY			 152
+#define ENGINE_F_ENGINE_UNLOCKED_FINISH			 191
 #define ENGINE_F_ENGINE_UP_REF				 190
 #define ENGINE_F_INT_CTRL_HELPER			 172
 #define ENGINE_F_INT_ENGINE_CONFIGURE			 188
+#define ENGINE_F_INT_ENGINE_MODULE_INIT			 187
 #define ENGINE_F_LOG_MESSAGE				 141
-#define ENGINE_F_SET_DATA_CTX				 183
 
 /* Reason codes. */
 #define ENGINE_R_ALREADY_LOADED				 100
@@ -790,6 +821,7 @@ void ERR_load_ENGINE_strings(void);
 #define ENGINE_R_RSA_NOT_IMPLEMENTED			 141
 #define ENGINE_R_UNIMPLEMENTED_CIPHER			 146
 #define ENGINE_R_UNIMPLEMENTED_DIGEST			 147
+#define ENGINE_R_UNIMPLEMENTED_PUBLIC_KEY_METHOD	 101
 #define ENGINE_R_VERSION_INCOMPATIBILITY		 145
 
 #ifdef  __cplusplus
diff --git a/crypto/engine/enginetest.c b/crypto/engine/enginetest.c
index c2d0297392..f4d70e7e0a 100644
--- a/crypto/engine/enginetest.c
+++ b/crypto/engine/enginetest.c
@@ -58,6 +58,7 @@
 
 #include <stdio.h>
 #include <string.h>
+#include <openssl/e_os2.h>
 
 #ifdef OPENSSL_NO_ENGINE
 int main(int argc, char *argv[])
@@ -66,13 +67,12 @@ int main(int argc, char *argv[])
     return(0);
 }
 #else
-#include <openssl/e_os2.h>
 #include <openssl/buffer.h>
 #include <openssl/crypto.h>
 #include <openssl/engine.h>
 #include <openssl/err.h>
 
-static void display_engine_list()
+static void display_engine_list(void)
 	{
 	ENGINE *h;
 	int loop;
@@ -276,7 +276,7 @@ end:
 	ENGINE_cleanup();
 	CRYPTO_cleanup_all_ex_data();
 	ERR_free_strings();
-	ERR_remove_state(0);
+	ERR_remove_thread_state(NULL);
 	CRYPTO_mem_leaks_fp(stderr);
 	return to_return;
 	}
diff --git a/crypto/engine/tb_asnmth.c b/crypto/engine/tb_asnmth.c
new file mode 100644
index 0000000000..75090339f7
--- /dev/null
+++ b/crypto/engine/tb_asnmth.c
@@ -0,0 +1,246 @@
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "eng_int.h"
+#include "asn1_locl.h"
+#include <openssl/evp.h>
+
+/* If this symbol is defined then ENGINE_get_pkey_asn1_meth_engine(), the
+ * function that is used by EVP to hook in pkey_asn1_meth code and cache
+ * defaults (etc), will display brief debugging summaries to stderr with the
+ * 'nid'. */
+/* #define ENGINE_PKEY_ASN1_METH_DEBUG */
+
+static ENGINE_TABLE *pkey_asn1_meth_table = NULL;
+
+void ENGINE_unregister_pkey_asn1_meths(ENGINE *e)
+	{
+	engine_table_unregister(&pkey_asn1_meth_table, e);
+	}
+
+static void engine_unregister_all_pkey_asn1_meths(void)
+	{
+	engine_table_cleanup(&pkey_asn1_meth_table);
+	}
+
+int ENGINE_register_pkey_asn1_meths(ENGINE *e)
+	{
+	if(e->pkey_asn1_meths)
+		{
+		const int *nids;
+		int num_nids = e->pkey_asn1_meths(e, NULL, &nids, 0);
+		if(num_nids > 0)
+			return engine_table_register(&pkey_asn1_meth_table,
+				engine_unregister_all_pkey_asn1_meths, e, nids,
+					num_nids, 0);
+		}
+	return 1;
+	}
+
+void ENGINE_register_all_pkey_asn1_meths(void)
+	{
+	ENGINE *e;
+
+	for(e=ENGINE_get_first() ; e ; e=ENGINE_get_next(e))
+		ENGINE_register_pkey_asn1_meths(e);
+	}
+
+int ENGINE_set_default_pkey_asn1_meths(ENGINE *e)
+	{
+	if(e->pkey_asn1_meths)
+		{
+		const int *nids;
+		int num_nids = e->pkey_asn1_meths(e, NULL, &nids, 0);
+		if(num_nids > 0)
+			return engine_table_register(&pkey_asn1_meth_table,
+				engine_unregister_all_pkey_asn1_meths, e, nids,
+					num_nids, 1);
+		}
+	return 1;
+	}
+
+/* Exposed API function to get a functional reference from the implementation
+ * table (ie. try to get a functional reference from the tabled structural
+ * references) for a given pkey_asn1_meth 'nid' */
+ENGINE *ENGINE_get_pkey_asn1_meth_engine(int nid)
+	{
+	return engine_table_select(&pkey_asn1_meth_table, nid);
+	}
+
+/* Obtains a pkey_asn1_meth implementation from an ENGINE functional reference */
+const EVP_PKEY_ASN1_METHOD *ENGINE_get_pkey_asn1_meth(ENGINE *e, int nid)
+	{
+	EVP_PKEY_ASN1_METHOD *ret;
+	ENGINE_PKEY_ASN1_METHS_PTR fn = ENGINE_get_pkey_asn1_meths(e);
+	if(!fn || !fn(e, &ret, NULL, nid))
+		{
+		ENGINEerr(ENGINE_F_ENGINE_GET_PKEY_ASN1_METH,
+				ENGINE_R_UNIMPLEMENTED_PUBLIC_KEY_METHOD);
+		return NULL;
+		}
+	return ret;
+	}
+
+/* Gets the pkey_asn1_meth callback from an ENGINE structure */
+ENGINE_PKEY_ASN1_METHS_PTR ENGINE_get_pkey_asn1_meths(const ENGINE *e)
+	{
+	return e->pkey_asn1_meths;
+	}
+
+/* Sets the pkey_asn1_meth callback in an ENGINE structure */
+int ENGINE_set_pkey_asn1_meths(ENGINE *e, ENGINE_PKEY_ASN1_METHS_PTR f)
+	{
+	e->pkey_asn1_meths = f;
+	return 1;
+	}
+
+/* Internal function to free up EVP_PKEY_ASN1_METHOD structures before an
+ * ENGINE is destroyed
+ */
+
+void engine_pkey_asn1_meths_free(ENGINE *e)
+	{
+	int i;
+	EVP_PKEY_ASN1_METHOD *pkm;
+	if (e->pkey_asn1_meths)
+		{
+		const int *pknids;
+		int npknids;
+		npknids = e->pkey_asn1_meths(e, NULL, &pknids, 0);
+		for (i = 0; i < npknids; i++)
+			{
+			if (e->pkey_asn1_meths(e, &pkm, NULL, pknids[i]))
+				{
+				EVP_PKEY_asn1_free(pkm);
+				}
+			}
+		}
+	}
+
+/* Find a method based on a string. This does a linear search through
+ * all implemented algorithms. This is OK in practice because only
+ * a small number of algorithms are likely to be implemented in an engine
+ * and it is not used for speed critical operations.
+ */
+
+const EVP_PKEY_ASN1_METHOD *ENGINE_get_pkey_asn1_meth_str(ENGINE *e,
+					const char *str, int len)
+	{
+	int i, nidcount;
+	const int *nids;
+	EVP_PKEY_ASN1_METHOD *ameth;
+	if (!e->pkey_asn1_meths)
+		return NULL;
+	if (len == -1)
+		len = strlen(str);
+	nidcount = e->pkey_asn1_meths(e, NULL, &nids, 0);
+	for (i = 0; i < nidcount; i++)
+		{
+		e->pkey_asn1_meths(e, &ameth, NULL, nids[i]);
+		if (((int)strlen(ameth->pem_str) == len) && 
+					!strncasecmp(ameth->pem_str, str, len))
+			return ameth;
+		}
+	return NULL;
+	}
+
+typedef struct 
+	{
+	ENGINE *e;
+	const EVP_PKEY_ASN1_METHOD *ameth;
+	const char *str;
+	int len;
+	} ENGINE_FIND_STR;
+
+static void look_str_cb(int nid, STACK_OF(ENGINE) *sk, ENGINE *def, void *arg)
+	{
+	ENGINE_FIND_STR *lk = arg;
+	int i;
+	if (lk->ameth)
+		return;
+	for (i = 0; i < sk_ENGINE_num(sk); i++)
+		{
+		ENGINE *e = sk_ENGINE_value(sk, i);
+		EVP_PKEY_ASN1_METHOD *ameth;
+		e->pkey_asn1_meths(e, &ameth, NULL, nid);
+		if (((int)strlen(ameth->pem_str) == lk->len) && 
+				!strncasecmp(ameth->pem_str, lk->str, lk->len))
+			{
+			lk->e = e;
+			lk->ameth = ameth;
+			return;
+			}
+		}
+	}
+
+const EVP_PKEY_ASN1_METHOD *ENGINE_pkey_asn1_find_str(ENGINE **pe,
+					const char *str, int len)
+	{
+	ENGINE_FIND_STR fstr;
+	fstr.e = NULL;
+	fstr.ameth = NULL;
+	fstr.str = str;
+	fstr.len = len;
+	CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
+	engine_table_doall(pkey_asn1_meth_table, look_str_cb, &fstr);
+	/* If found obtain a structural reference to engine */
+	if (fstr.e)
+		{
+		fstr.e->struct_ref++;
+		engine_ref_debug(fstr.e, 0, 1)
+		}
+	*pe = fstr.e;
+	CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
+	return fstr.ameth;
+	}
diff --git a/crypto/engine/tb_dsa.c b/crypto/engine/tb_dsa.c
index d326a5f6da..e4674f5f07 100644
--- a/crypto/engine/tb_dsa.c
+++ b/crypto/engine/tb_dsa.c
@@ -92,7 +92,7 @@ int ENGINE_set_default_DSA(ENGINE *e)
 	{
 	if(e->dsa_meth)
 		return engine_table_register(&dsa_table,
-				engine_unregister_all_DSA, e, &dummy_nid, 1, 0);
+				engine_unregister_all_DSA, e, &dummy_nid, 1, 1);
 	return 1;
 	}
 
diff --git a/crypto/engine/tb_ecdh.c b/crypto/engine/tb_ecdh.c
index 59977f7dd0..c8ec7812c5 100644
--- a/crypto/engine/tb_ecdh.c
+++ b/crypto/engine/tb_ecdh.c
@@ -107,7 +107,7 @@ int ENGINE_set_default_ECDH(ENGINE *e)
 	{
 	if(e->ecdh_meth)
 		return engine_table_register(&ecdh_table,
-				engine_unregister_all_ECDH, e, &dummy_nid, 1, 0);
+				engine_unregister_all_ECDH, e, &dummy_nid, 1, 1);
 	return 1;
 	}
 
diff --git a/crypto/engine/tb_ecdsa.c b/crypto/engine/tb_ecdsa.c
index e30b02e8c5..005ecb622c 100644
--- a/crypto/engine/tb_ecdsa.c
+++ b/crypto/engine/tb_ecdsa.c
@@ -92,7 +92,7 @@ int ENGINE_set_default_ECDSA(ENGINE *e)
 	{
 	if(e->ecdsa_meth)
 		return engine_table_register(&ecdsa_table,
-				engine_unregister_all_ECDSA, e, &dummy_nid, 1, 0);
+				engine_unregister_all_ECDSA, e, &dummy_nid, 1, 1);
 	return 1;
 	}
 
diff --git a/crypto/engine/tb_pkmeth.c b/crypto/engine/tb_pkmeth.c
new file mode 100644
index 0000000000..1cdb967f25
--- /dev/null
+++ b/crypto/engine/tb_pkmeth.c
@@ -0,0 +1,167 @@
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "eng_int.h"
+#include <openssl/evp.h>
+
+/* If this symbol is defined then ENGINE_get_pkey_meth_engine(), the function
+ * that is used by EVP to hook in pkey_meth code and cache defaults (etc), will
+ * display brief debugging summaries to stderr with the 'nid'. */
+/* #define ENGINE_PKEY_METH_DEBUG */
+
+static ENGINE_TABLE *pkey_meth_table = NULL;
+
+void ENGINE_unregister_pkey_meths(ENGINE *e)
+	{
+	engine_table_unregister(&pkey_meth_table, e);
+	}
+
+static void engine_unregister_all_pkey_meths(void)
+	{
+	engine_table_cleanup(&pkey_meth_table);
+	}
+
+int ENGINE_register_pkey_meths(ENGINE *e)
+	{
+	if(e->pkey_meths)
+		{
+		const int *nids;
+		int num_nids = e->pkey_meths(e, NULL, &nids, 0);
+		if(num_nids > 0)
+			return engine_table_register(&pkey_meth_table,
+				engine_unregister_all_pkey_meths, e, nids,
+					num_nids, 0);
+		}
+	return 1;
+	}
+
+void ENGINE_register_all_pkey_meths()
+	{
+	ENGINE *e;
+
+	for(e=ENGINE_get_first() ; e ; e=ENGINE_get_next(e))
+		ENGINE_register_pkey_meths(e);
+	}
+
+int ENGINE_set_default_pkey_meths(ENGINE *e)
+	{
+	if(e->pkey_meths)
+		{
+		const int *nids;
+		int num_nids = e->pkey_meths(e, NULL, &nids, 0);
+		if(num_nids > 0)
+			return engine_table_register(&pkey_meth_table,
+				engine_unregister_all_pkey_meths, e, nids,
+					num_nids, 1);
+		}
+	return 1;
+	}
+
+/* Exposed API function to get a functional reference from the implementation
+ * table (ie. try to get a functional reference from the tabled structural
+ * references) for a given pkey_meth 'nid' */
+ENGINE *ENGINE_get_pkey_meth_engine(int nid)
+	{
+	return engine_table_select(&pkey_meth_table, nid);
+	}
+
+/* Obtains a pkey_meth implementation from an ENGINE functional reference */
+const EVP_PKEY_METHOD *ENGINE_get_pkey_meth(ENGINE *e, int nid)
+	{
+	EVP_PKEY_METHOD *ret;
+	ENGINE_PKEY_METHS_PTR fn = ENGINE_get_pkey_meths(e);
+	if(!fn || !fn(e, &ret, NULL, nid))
+		{
+		ENGINEerr(ENGINE_F_ENGINE_GET_PKEY_METH,
+				ENGINE_R_UNIMPLEMENTED_PUBLIC_KEY_METHOD);
+		return NULL;
+		}
+	return ret;
+	}
+
+/* Gets the pkey_meth callback from an ENGINE structure */
+ENGINE_PKEY_METHS_PTR ENGINE_get_pkey_meths(const ENGINE *e)
+	{
+	return e->pkey_meths;
+	}
+
+/* Sets the pkey_meth callback in an ENGINE structure */
+int ENGINE_set_pkey_meths(ENGINE *e, ENGINE_PKEY_METHS_PTR f)
+	{
+	e->pkey_meths = f;
+	return 1;
+	}
+
+/* Internal function to free up EVP_PKEY_METHOD structures before an
+ * ENGINE is destroyed
+ */
+
+void engine_pkey_meths_free(ENGINE *e)
+	{
+	int i;
+	EVP_PKEY_METHOD *pkm;
+	if (e->pkey_meths)
+		{
+		const int *pknids;
+		int npknids;
+		npknids = e->pkey_meths(e, NULL, &pknids, 0);
+		for (i = 0; i < npknids; i++)
+			{
+			if (e->pkey_meths(e, &pkm, NULL, pknids[i]))
+				{
+				EVP_PKEY_meth_free(pkm);
+				}
+			}
+		}
+	}
diff --git a/crypto/err/.cvsignore b/crypto/err/.cvsignore
index c6d03a9dbc..439e6d3eb6 100644
--- a/crypto/err/.cvsignore
+++ b/crypto/err/.cvsignore
@@ -1,2 +1,4 @@
 lib
 Makefile.save
+*.flc
+semantic.cache
diff --git a/crypto/err/Makefile.ssl b/crypto/err/Makefile.ssl
deleted file mode 100644
index 5630819423..0000000000
--- a/crypto/err/Makefile.ssl
+++ /dev/null
@@ -1,114 +0,0 @@
-#
-# SSLeay/crypto/err/Makefile
-#
-
-DIR=	err
-TOP=	../..
-CC=	cc
-INCLUDES= -I.. -I$(TOP) -I../../include
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=err.c err_all.c err_prn.c
-LIBOBJ=err.o err_all.o err_prn.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= err.h
-HEADER=	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@sh $(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-err.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/buffer.h
-err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-err.o: ../cryptlib.h err.c
-err_all.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-err_all.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-err_all.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-err_all.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-err_all.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
-err_all.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-err_all.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
-err_all.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-err_all.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-err_all.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h
-err_all.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-err_all.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem2.h
-err_all.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
-err_all.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
-err_all.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-err_all.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-err_all.o: ../../include/openssl/ui.h ../../include/openssl/x509.h
-err_all.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-err_all.o: err_all.c
-err_prn.o: ../../e_os.h ../../include/openssl/bio.h
-err_prn.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-err_prn.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-err_prn.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-err_prn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-err_prn.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-err_prn.o: ../../include/openssl/symhacks.h ../cryptlib.h err_prn.c
diff --git a/crypto/err/err.c b/crypto/err/err.c
index 439b071ac9..b2f13bf2d2 100644
--- a/crypto/err/err.c
+++ b/crypto/err/err.c
@@ -56,7 +56,7 @@
  * [including the GNU Public Licence.]
  */
 /* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -112,13 +112,16 @@
 #include <stdio.h>
 #include <stdarg.h>
 #include <string.h>
+#include "cryptlib.h"
 #include <openssl/lhash.h>
 #include <openssl/crypto.h>
-#include "cryptlib.h"
 #include <openssl/buffer.h>
 #include <openssl/bio.h>
 #include <openssl/err.h>
 
+DECLARE_LHASH_OF(ERR_STRING_DATA);
+DECLARE_LHASH_OF(ERR_STATE);
+
 static void err_load_strings(int lib, ERR_STRING_DATA *str);
 
 static void ERR_STATE_free(ERR_STATE *s);
@@ -152,8 +155,12 @@ static ERR_STRING_DATA ERR_str_libraries[]=
 {ERR_PACK(ERR_LIB_PKCS12,0,0)		,"PKCS12 routines"},
 {ERR_PACK(ERR_LIB_RAND,0,0)		,"random number generator"},
 {ERR_PACK(ERR_LIB_DSO,0,0)		,"DSO support routines"},
+{ERR_PACK(ERR_LIB_TS,0,0)		,"time stamp routines"},
 {ERR_PACK(ERR_LIB_ENGINE,0,0)		,"engine routines"},
 {ERR_PACK(ERR_LIB_OCSP,0,0)		,"OCSP routines"},
+{ERR_PACK(ERR_LIB_FIPS,0,0)		,"FIPS routines"},
+{ERR_PACK(ERR_LIB_CMS,0,0)		,"CMS routines"},
+{ERR_PACK(ERR_LIB_HMAC,0,0)		,"HMAC routines"},
 {0,NULL},
 	};
 
@@ -200,6 +207,7 @@ static ERR_STRING_DATA ERR_str_reasons[]=
 {ERR_R_DSO_LIB				,"DSO lib"},
 {ERR_R_ENGINE_LIB			,"ENGINE lib"},
 {ERR_R_OCSP_LIB				,"OCSP lib"},
+{ERR_R_TS_LIB				,"TS lib"},
 
 {ERR_R_NESTED_ASN1_ERROR		,"nested asn1 error"},
 {ERR_R_BAD_ASN1_OBJECT_HEADER		,"bad asn1 object header"},
@@ -224,14 +232,14 @@ static ERR_STRING_DATA ERR_str_reasons[]=
 struct st_ERR_FNS
 	{
 	/* Works on the "error_hash" string table */
-	LHASH *(*cb_err_get)(int create);
+	LHASH_OF(ERR_STRING_DATA) *(*cb_err_get)(int create);
 	void (*cb_err_del)(void);
 	ERR_STRING_DATA *(*cb_err_get_item)(const ERR_STRING_DATA *);
 	ERR_STRING_DATA *(*cb_err_set_item)(ERR_STRING_DATA *);
 	ERR_STRING_DATA *(*cb_err_del_item)(ERR_STRING_DATA *);
 	/* Works on the "thread_hash" error-state table */
-	LHASH *(*cb_thread_get)(int create);
-	void (*cb_thread_release)(LHASH **hash);
+	LHASH_OF(ERR_STATE) *(*cb_thread_get)(int create);
+	void (*cb_thread_release)(LHASH_OF(ERR_STATE) **hash);
 	ERR_STATE *(*cb_thread_get_item)(const ERR_STATE *);
 	ERR_STATE *(*cb_thread_set_item)(ERR_STATE *);
 	void (*cb_thread_del_item)(const ERR_STATE *);
@@ -240,13 +248,13 @@ struct st_ERR_FNS
 	};
 
 /* Predeclarations of the "err_defaults" functions */
-static LHASH *int_err_get(int create);
+static LHASH_OF(ERR_STRING_DATA) *int_err_get(int create);
 static void int_err_del(void);
 static ERR_STRING_DATA *int_err_get_item(const ERR_STRING_DATA *);
 static ERR_STRING_DATA *int_err_set_item(ERR_STRING_DATA *);
 static ERR_STRING_DATA *int_err_del_item(ERR_STRING_DATA *);
-static LHASH *int_thread_get(int create);
-static void int_thread_release(LHASH **hash);
+static LHASH_OF(ERR_STATE) *int_thread_get(int create);
+static void int_thread_release(LHASH_OF(ERR_STATE) **hash);
 static ERR_STATE *int_thread_get_item(const ERR_STATE *);
 static ERR_STATE *int_thread_set_item(ERR_STATE *);
 static void int_thread_del_item(const ERR_STATE *);
@@ -278,8 +286,8 @@ static const ERR_FNS *err_fns = NULL;
  * "err_defaults" functions. This way, a linked module can completely defer all
  * ERR state operation (together with requisite locking) to the implementations
  * and state in the loading application. */
-static LHASH *int_error_hash = NULL;
-static LHASH *int_thread_hash = NULL;
+static LHASH_OF(ERR_STRING_DATA) *int_error_hash = NULL;
+static LHASH_OF(ERR_STATE) *int_thread_hash = NULL;
 static int int_thread_hash_references = 0;
 static int int_err_library_number= ERR_LIB_USER;
 
@@ -322,28 +330,37 @@ int ERR_set_implementation(const ERR_FNS *fns)
 /* These are the callbacks provided to "lh_new()" when creating the LHASH tables
  * internal to the "err_defaults" implementation. */
 
-/* static unsigned long err_hash(ERR_STRING_DATA *a); */
-static unsigned long err_hash(const void *a_void);
-/* static int err_cmp(ERR_STRING_DATA *a, ERR_STRING_DATA *b); */
-static int err_cmp(const void *a_void, const void *b_void);
-/* static unsigned long pid_hash(ERR_STATE *pid); */
-static unsigned long pid_hash(const void *pid_void);
-/* static int pid_cmp(ERR_STATE *a,ERR_STATE *pid); */
-static int pid_cmp(const void *a_void,const void *pid_void);
 static unsigned long get_error_values(int inc,int top,const char **file,int *line,
 				      const char **data,int *flags);
 
 /* The internal functions used in the "err_defaults" implementation */
 
-static LHASH *int_err_get(int create)
+static unsigned long err_string_data_hash(const ERR_STRING_DATA *a)
+	{
+	unsigned long ret,l;
+
+	l=a->error;
+	ret=l^ERR_GET_LIB(l)^ERR_GET_FUNC(l);
+	return(ret^ret%19*13);
+	}
+static IMPLEMENT_LHASH_HASH_FN(err_string_data, ERR_STRING_DATA)
+
+static int err_string_data_cmp(const ERR_STRING_DATA *a,
+			       const ERR_STRING_DATA *b)
+	{
+	return (int)(a->error - b->error);
+	}
+static IMPLEMENT_LHASH_COMP_FN(err_string_data, ERR_STRING_DATA)
+
+static LHASH_OF(ERR_STRING_DATA) *int_err_get(int create)
 	{
-	LHASH *ret = NULL;
+	LHASH_OF(ERR_STRING_DATA) *ret = NULL;
 
 	CRYPTO_w_lock(CRYPTO_LOCK_ERR);
 	if (!int_error_hash && create)
 		{
 		CRYPTO_push_info("int_err_get (err.c)");
-		int_error_hash = lh_new(err_hash, err_cmp);
+		int_error_hash = lh_ERR_STRING_DATA_new();
 		CRYPTO_pop_info();
 		}
 	if (int_error_hash)
@@ -358,7 +375,7 @@ static void int_err_del(void)
 	CRYPTO_w_lock(CRYPTO_LOCK_ERR);
 	if (int_error_hash)
 		{
-		lh_free(int_error_hash);
+		lh_ERR_STRING_DATA_free(int_error_hash);
 		int_error_hash = NULL;
 		}
 	CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
@@ -367,7 +384,7 @@ static void int_err_del(void)
 static ERR_STRING_DATA *int_err_get_item(const ERR_STRING_DATA *d)
 	{
 	ERR_STRING_DATA *p;
-	LHASH *hash;
+	LHASH_OF(ERR_STRING_DATA) *hash;
 
 	err_fns_check();
 	hash = ERRFN(err_get)(0);
@@ -375,7 +392,7 @@ static ERR_STRING_DATA *int_err_get_item(const ERR_STRING_DATA *d)
 		return NULL;
 
 	CRYPTO_r_lock(CRYPTO_LOCK_ERR);
-	p = (ERR_STRING_DATA *)lh_retrieve(hash, d);
+	p = lh_ERR_STRING_DATA_retrieve(hash, d);
 	CRYPTO_r_unlock(CRYPTO_LOCK_ERR);
 
 	return p;
@@ -384,7 +401,7 @@ static ERR_STRING_DATA *int_err_get_item(const ERR_STRING_DATA *d)
 static ERR_STRING_DATA *int_err_set_item(ERR_STRING_DATA *d)
 	{
 	ERR_STRING_DATA *p;
-	LHASH *hash;
+	LHASH_OF(ERR_STRING_DATA) *hash;
 
 	err_fns_check();
 	hash = ERRFN(err_get)(1);
@@ -392,7 +409,7 @@ static ERR_STRING_DATA *int_err_set_item(ERR_STRING_DATA *d)
 		return NULL;
 
 	CRYPTO_w_lock(CRYPTO_LOCK_ERR);
-	p = (ERR_STRING_DATA *)lh_insert(hash, d);
+	p = lh_ERR_STRING_DATA_insert(hash, d);
 	CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
 
 	return p;
@@ -401,7 +418,7 @@ static ERR_STRING_DATA *int_err_set_item(ERR_STRING_DATA *d)
 static ERR_STRING_DATA *int_err_del_item(ERR_STRING_DATA *d)
 	{
 	ERR_STRING_DATA *p;
-	LHASH *hash;
+	LHASH_OF(ERR_STRING_DATA) *hash;
 
 	err_fns_check();
 	hash = ERRFN(err_get)(0);
@@ -409,21 +426,33 @@ static ERR_STRING_DATA *int_err_del_item(ERR_STRING_DATA *d)
 		return NULL;
 
 	CRYPTO_w_lock(CRYPTO_LOCK_ERR);
-	p = (ERR_STRING_DATA *)lh_delete(hash, d);
+	p = lh_ERR_STRING_DATA_delete(hash, d);
 	CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
 
 	return p;
 	}
 
-static LHASH *int_thread_get(int create)
+static unsigned long err_state_hash(const ERR_STATE *a)
 	{
-	LHASH *ret = NULL;
+	return CRYPTO_THREADID_hash(&a->tid) * 13;
+	}
+static IMPLEMENT_LHASH_HASH_FN(err_state, ERR_STATE)
+
+static int err_state_cmp(const ERR_STATE *a, const ERR_STATE *b)
+	{
+	return CRYPTO_THREADID_cmp(&a->tid, &b->tid);
+	}
+static IMPLEMENT_LHASH_COMP_FN(err_state, ERR_STATE)
+
+static LHASH_OF(ERR_STATE) *int_thread_get(int create)
+	{
+	LHASH_OF(ERR_STATE) *ret = NULL;
 
 	CRYPTO_w_lock(CRYPTO_LOCK_ERR);
 	if (!int_thread_hash && create)
 		{
 		CRYPTO_push_info("int_thread_get (err.c)");
-		int_thread_hash = lh_new(pid_hash, pid_cmp);
+		int_thread_hash = lh_ERR_STATE_new();
 		CRYPTO_pop_info();
 		}
 	if (int_thread_hash)
@@ -435,7 +464,7 @@ static LHASH *int_thread_get(int create)
 	return ret;
 	}
 
-static void int_thread_release(LHASH **hash)
+static void int_thread_release(LHASH_OF(ERR_STATE) **hash)
 	{
 	int i;
 
@@ -461,7 +490,7 @@ static void int_thread_release(LHASH **hash)
 static ERR_STATE *int_thread_get_item(const ERR_STATE *d)
 	{
 	ERR_STATE *p;
-	LHASH *hash;
+	LHASH_OF(ERR_STATE) *hash;
 
 	err_fns_check();
 	hash = ERRFN(thread_get)(0);
@@ -469,7 +498,7 @@ static ERR_STATE *int_thread_get_item(const ERR_STATE *d)
 		return NULL;
 
 	CRYPTO_r_lock(CRYPTO_LOCK_ERR);
-	p = (ERR_STATE *)lh_retrieve(hash, d);
+	p = lh_ERR_STATE_retrieve(hash, d);
 	CRYPTO_r_unlock(CRYPTO_LOCK_ERR);
 
 	ERRFN(thread_release)(&hash);
@@ -479,7 +508,7 @@ static ERR_STATE *int_thread_get_item(const ERR_STATE *d)
 static ERR_STATE *int_thread_set_item(ERR_STATE *d)
 	{
 	ERR_STATE *p;
-	LHASH *hash;
+	LHASH_OF(ERR_STATE) *hash;
 
 	err_fns_check();
 	hash = ERRFN(thread_get)(1);
@@ -487,7 +516,7 @@ static ERR_STATE *int_thread_set_item(ERR_STATE *d)
 		return NULL;
 
 	CRYPTO_w_lock(CRYPTO_LOCK_ERR);
-	p = (ERR_STATE *)lh_insert(hash, d);
+	p = lh_ERR_STATE_insert(hash, d);
 	CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
 
 	ERRFN(thread_release)(&hash);
@@ -497,7 +526,7 @@ static ERR_STATE *int_thread_set_item(ERR_STATE *d)
 static void int_thread_del_item(const ERR_STATE *d)
 	{
 	ERR_STATE *p;
-	LHASH *hash;
+	LHASH_OF(ERR_STATE) *hash;
 
 	err_fns_check();
 	hash = ERRFN(thread_get)(0);
@@ -505,12 +534,12 @@ static void int_thread_del_item(const ERR_STATE *d)
 		return;
 
 	CRYPTO_w_lock(CRYPTO_LOCK_ERR);
-	p = (ERR_STATE *)lh_delete(hash, d);
+	p = lh_ERR_STATE_delete(hash, d);
 	/* make sure we don't leak memory */
 	if (int_thread_hash_references == 1
-		&& int_thread_hash && (lh_num_items(int_thread_hash) == 0))
+	    && int_thread_hash && lh_ERR_STATE_num_items(int_thread_hash) == 0)
 		{
-		lh_free(int_thread_hash);
+		lh_ERR_STATE_free(int_thread_hash);
 		int_thread_hash = NULL;
 		}
 	CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
@@ -546,16 +575,27 @@ static ERR_STRING_DATA SYS_str_reasons[NUM_SYS_STR_REASONS + 1];
  * will be returned for SYSerr(), which always gets an errno
  * value and never one of those 'standard' reason codes. */
 
-static void build_SYS_str_reasons()
+static void build_SYS_str_reasons(void)
 	{
 	/* OPENSSL_malloc cannot be used here, use static storage instead */
 	static char strerror_tab[NUM_SYS_STR_REASONS][LEN_SYS_STR_REASON];
 	int i;
 	static int init = 1;
 
-	if (!init) return;
-
+	CRYPTO_r_lock(CRYPTO_LOCK_ERR);
+	if (!init)
+		{
+		CRYPTO_r_unlock(CRYPTO_LOCK_ERR);
+		return;
+		}
+	
+	CRYPTO_r_unlock(CRYPTO_LOCK_ERR);
 	CRYPTO_w_lock(CRYPTO_LOCK_ERR);
+	if (!init)
+		{
+		CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
+		return;
+		}
 
 	for (i = 1; i <= NUM_SYS_STR_REASONS; i++)
 		{
@@ -644,7 +684,8 @@ static void err_load_strings(int lib, ERR_STRING_DATA *str)
 	{
 	while (str->error)
 		{
-		str->error|=ERR_PACK(lib,0,0);
+		if (lib)
+			str->error|=ERR_PACK(lib,0,0);
 		ERRFN(err_set_item)(str);
 		str++;
 		}
@@ -660,7 +701,8 @@ void ERR_unload_strings(int lib, ERR_STRING_DATA *str)
 	{
 	while (str->error)
 		{
-		str->error|=ERR_PACK(lib,0,0);
+		if (lib)
+			str->error|=ERR_PACK(lib,0,0);
 		ERRFN(err_del_item)(str);
 		str++;
 		}
@@ -894,19 +936,19 @@ char *ERR_error_string(unsigned long e, char *ret)
 	return ret;
 	}
 
-LHASH *ERR_get_string_table(void)
+LHASH_OF(ERR_STRING_DATA) *ERR_get_string_table(void)
 	{
 	err_fns_check();
 	return ERRFN(err_get)(0);
 	}
 
-LHASH *ERR_get_err_state_table(void)
+LHASH_OF(ERR_STATE) *ERR_get_err_state_table(void)
 	{
 	err_fns_check();
 	return ERRFN(thread_get)(0);
 	}
 
-void ERR_release_err_state_table(LHASH **hash)
+void ERR_release_err_state_table(LHASH_OF(ERR_STATE) **hash)
 	{
 	err_fns_check();
 	ERRFN(thread_release)(hash);
@@ -955,59 +997,37 @@ const char *ERR_reason_error_string(unsigned long e)
 	return((p == NULL)?NULL:p->string);
 	}
 
-/* static unsigned long err_hash(ERR_STRING_DATA *a) */
-static unsigned long err_hash(const void *a_void)
-	{
-	unsigned long ret,l;
-
-	l=((ERR_STRING_DATA *)a_void)->error;
-	ret=l^ERR_GET_LIB(l)^ERR_GET_FUNC(l);
-	return(ret^ret%19*13);
-	}
-
-/* static int err_cmp(ERR_STRING_DATA *a, ERR_STRING_DATA *b) */
-static int err_cmp(const void *a_void, const void *b_void)
-	{
-	return((int)(((ERR_STRING_DATA *)a_void)->error -
-			((ERR_STRING_DATA *)b_void)->error));
-	}
-
-/* static unsigned long pid_hash(ERR_STATE *a) */
-static unsigned long pid_hash(const void *a_void)
-	{
-	return(((ERR_STATE *)a_void)->pid*13);
-	}
-
-/* static int pid_cmp(ERR_STATE *a, ERR_STATE *b) */
-static int pid_cmp(const void *a_void, const void *b_void)
-	{
-	return((int)((long)((ERR_STATE *)a_void)->pid -
-			(long)((ERR_STATE *)b_void)->pid));
-	}
-
-void ERR_remove_state(unsigned long pid)
+void ERR_remove_thread_state(const CRYPTO_THREADID *id)
 	{
 	ERR_STATE tmp;
 
+	if (id)
+		CRYPTO_THREADID_cpy(&tmp.tid, id);
+	else
+		CRYPTO_THREADID_current(&tmp.tid);
 	err_fns_check();
-	if (pid == 0)
-		pid=(unsigned long)CRYPTO_thread_id();
-	tmp.pid=pid;
 	/* thread_del_item automatically destroys the LHASH if the number of
 	 * items reaches zero. */
 	ERRFN(thread_del_item)(&tmp);
 	}
 
+#ifndef OPENSSL_NO_DEPRECATED
+void ERR_remove_state(unsigned long pid)
+	{
+	ERR_remove_thread_state(NULL);
+	}
+#endif
+
 ERR_STATE *ERR_get_state(void)
 	{
 	static ERR_STATE fallback;
 	ERR_STATE *ret,tmp,*tmpp=NULL;
 	int i;
-	unsigned long pid;
+	CRYPTO_THREADID tid;
 
 	err_fns_check();
-	pid=(unsigned long)CRYPTO_thread_id();
-	tmp.pid=pid;
+	CRYPTO_THREADID_current(&tid);
+	CRYPTO_THREADID_cpy(&tmp.tid, &tid);
 	ret=ERRFN(thread_get_item)(&tmp);
 
 	/* ret == the error state, if NULL, make a new one */
@@ -1015,7 +1035,7 @@ ERR_STATE *ERR_get_state(void)
 		{
 		ret=(ERR_STATE *)OPENSSL_malloc(sizeof(ERR_STATE));
 		if (ret == NULL) return(&fallback);
-		ret->pid=pid;
+		CRYPTO_THREADID_cpy(&ret->tid, &tid);
 		ret->top=0;
 		ret->bottom=0;
 		for (i=0; i<ERR_NUM_ERRORS; i++)
@@ -1092,7 +1112,7 @@ void ERR_add_error_data(int num, ...)
 				else
 					str=p;
 				}
-			BUF_strlcat(str,a,s+1);
+			BUF_strlcat(str,a,(size_t)s+1);
 			}
 		}
 	ERR_set_error_data(str,ERR_TXT_MALLOCED|ERR_TXT_STRING);
@@ -1123,7 +1143,7 @@ int ERR_pop_to_mark(void)
 		{
 		err_clear(es,es->top);
 		es->top-=1;
-		if (es->top == -1) es->top=ERR_NUM_ERRORS;
+		if (es->top == -1) es->top=ERR_NUM_ERRORS-1;
 		}
 		
 	if (es->bottom == es->top) return 0;
diff --git a/crypto/err/err.h b/crypto/err/err.h
index b723cd977a..b9f8c16d47 100644
--- a/crypto/err/err.h
+++ b/crypto/err/err.h
@@ -55,6 +55,59 @@
  * copied and put under another distribution licence
  * [including the GNU Public Licence.]
  */
+/* ====================================================================
+ * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
 
 #ifndef HEADER_ERR_H
 #define HEADER_ERR_H
@@ -94,7 +147,7 @@ extern "C" {
 #define ERR_NUM_ERRORS	16
 typedef struct err_state_st
 	{
-	unsigned long pid;
+	CRYPTO_THREADID tid;
 	int err_flags[ERR_NUM_ERRORS];
 	unsigned long err_buffer[ERR_NUM_ERRORS];
 	char *err_data[ERR_NUM_ERRORS];
@@ -140,6 +193,11 @@ typedef struct err_state_st
 #define ERR_LIB_ECDSA		42
 #define ERR_LIB_ECDH		43
 #define ERR_LIB_STORE           44
+#define ERR_LIB_FIPS		45
+#define ERR_LIB_CMS		46
+#define ERR_LIB_TS		47
+#define ERR_LIB_HMAC		48
+#define ERR_LIB_JPAKE		49
 
 #define ERR_LIB_USER		128
 
@@ -171,6 +229,11 @@ typedef struct err_state_st
 #define ECDSAerr(f,r)  ERR_PUT_error(ERR_LIB_ECDSA,(f),(r),__FILE__,__LINE__)
 #define ECDHerr(f,r)  ERR_PUT_error(ERR_LIB_ECDH,(f),(r),__FILE__,__LINE__)
 #define STOREerr(f,r) ERR_PUT_error(ERR_LIB_STORE,(f),(r),__FILE__,__LINE__)
+#define FIPSerr(f,r) ERR_PUT_error(ERR_LIB_FIPS,(f),(r),__FILE__,__LINE__)
+#define CMSerr(f,r) ERR_PUT_error(ERR_LIB_CMS,(f),(r),__FILE__,__LINE__)
+#define TSerr(f,r) ERR_PUT_error(ERR_LIB_TS,(f),(r),__FILE__,__LINE__)
+#define HMACerr(f,r) ERR_PUT_error(ERR_LIB_HMAC,(f),(r),__FILE__,__LINE__)
+#define JPAKEerr(f,r) ERR_PUT_error(ERR_LIB_JPAKE,(f),(r),__FILE__,__LINE__)
 
 /* Borland C seems too stupid to be able to shift and do longs in
  * the pre-processor :-( */
@@ -226,6 +289,7 @@ typedef struct err_state_st
 #define ERR_R_ECDSA_LIB ERR_LIB_ECDSA	 /* 42 */
 #define ERR_R_ECDH_LIB  ERR_LIB_ECDH	 /* 43 */
 #define ERR_R_STORE_LIB ERR_LIB_STORE    /* 44 */
+#define ERR_R_TS_LIB	ERR_LIB_TS       /* 45 */
 
 #define ERR_R_NESTED_ASN1_ERROR			58
 #define ERR_R_BAD_ASN1_OBJECT_HEADER		59
@@ -288,13 +352,16 @@ void ERR_load_ERR_strings(void);
 void ERR_load_crypto_strings(void);
 void ERR_free_strings(void);
 
+void ERR_remove_thread_state(const CRYPTO_THREADID *tid);
+#ifndef OPENSSL_NO_DEPRECATED
 void ERR_remove_state(unsigned long pid); /* if zero we look it up */
+#endif
 ERR_STATE *ERR_get_state(void);
 
 #ifndef OPENSSL_NO_LHASH
-LHASH *ERR_get_string_table(void);
-LHASH *ERR_get_err_state_table(void);
-void ERR_release_err_state_table(LHASH **hash);
+LHASH_OF(ERR_STRING_DATA) *ERR_get_string_table(void);
+LHASH_OF(ERR_STATE) *ERR_get_err_state_table(void);
+void ERR_release_err_state_table(LHASH_OF(ERR_STATE) **hash);
 #endif
 
 int ERR_get_next_error_library(void);
diff --git a/crypto/err/err_all.c b/crypto/err/err_all.c
index bfb4c1ab12..fc049e8e88 100644
--- a/crypto/err/err_all.c
+++ b/crypto/err/err_all.c
@@ -64,6 +64,7 @@
 #endif
 #include <openssl/buffer.h>
 #include <openssl/bio.h>
+#include <openssl/comp.h>
 #ifndef OPENSSL_NO_RSA
 #include <openssl/rsa.h>
 #endif
@@ -94,13 +95,17 @@
 #include <openssl/ui.h>
 #include <openssl/ocsp.h>
 #include <openssl/err.h>
+#include <openssl/ts.h>
+#ifndef OPENSSL_NO_CMS
+#include <openssl/cms.h>
+#endif
+#ifndef OPENSSL_NO_JPAKE
+#include <openssl/jpake.h>
+#endif
+#include <openssl/comp.h>
 
 void ERR_load_crypto_strings(void)
 	{
-	static int done=0;
-
-	if (done) return;
-	done=1;
 #ifndef OPENSSL_NO_ERR
 	ERR_load_ERR_strings(); /* include error strings for SYSerr */
 	ERR_load_BN_strings();
@@ -121,6 +126,7 @@ void ERR_load_crypto_strings(void)
 	ERR_load_ASN1_strings();
 	ERR_load_CONF_strings();
 	ERR_load_CRYPTO_strings();
+	ERR_load_COMP_strings();
 #ifndef OPENSSL_NO_EC
 	ERR_load_EC_strings();
 #endif
@@ -137,10 +143,18 @@ void ERR_load_crypto_strings(void)
 	ERR_load_PKCS12_strings();
 	ERR_load_RAND_strings();
 	ERR_load_DSO_strings();
+	ERR_load_TS_strings();
 #ifndef OPENSSL_NO_ENGINE
 	ERR_load_ENGINE_strings();
 #endif
 	ERR_load_OCSP_strings();
 	ERR_load_UI_strings();
+#ifndef OPENSSL_NO_CMS
+	ERR_load_CMS_strings();
+#endif
+#ifndef OPENSSL_NO_JPAKE
+	ERR_load_JPAKE_strings();
+#endif
+	ERR_load_COMP_strings();
 #endif
 	}
diff --git a/crypto/err/err_prn.c b/crypto/err/err_prn.c
index 81e34bd6ce..de32f332c4 100644
--- a/crypto/err/err_prn.c
+++ b/crypto/err/err_prn.c
@@ -57,9 +57,9 @@
  */
 
 #include <stdio.h>
+#include "cryptlib.h"
 #include <openssl/lhash.h>
 #include <openssl/crypto.h>
-#include "cryptlib.h"
 #include <openssl/buffer.h>
 #include <openssl/err.h>
 
@@ -72,8 +72,10 @@ void ERR_print_errors_cb(int (*cb)(const char *str, size_t len, void *u),
 	const char *file,*data;
 	int line,flags;
 	unsigned long es;
+	CRYPTO_THREADID cur;
 
-	es=CRYPTO_thread_id();
+	CRYPTO_THREADID_current(&cur);
+	es=CRYPTO_THREADID_hash(&cur);
 	while ((l=ERR_get_error_line_data(&file,&line,&data,&flags)) != 0)
 		{
 		ERR_error_string_n(l, buf, sizeof buf);
@@ -86,7 +88,12 @@ void ERR_print_errors_cb(int (*cb)(const char *str, size_t len, void *u),
 #ifndef OPENSSL_NO_FP_API
 static int print_fp(const char *str, size_t len, void *fp)
 	{
-	return fprintf((FILE *)fp, "%s", str);
+	BIO bio;
+
+	BIO_set(&bio,BIO_s_file());
+	BIO_set_fp(&bio,fp,BIO_NOCLOSE);
+
+	return BIO_printf(&bio, "%s", str);
 	}
 void ERR_print_errors_fp(FILE *fp)
 	{
diff --git a/crypto/err/openssl.ec b/crypto/err/openssl.ec
index 64200fceba..e0554b4342 100644
--- a/crypto/err/openssl.ec
+++ b/crypto/err/openssl.ec
@@ -31,10 +31,16 @@ L COMP		crypto/comp/comp.h		crypto/comp/comp_err.c
 L ECDSA		crypto/ecdsa/ecdsa.h		crypto/ecdsa/ecs_err.c
 L ECDH		crypto/ecdh/ecdh.h		crypto/ecdh/ech_err.c
 L STORE		crypto/store/store.h		crypto/store/str_err.c
+L TS		crypto/ts/ts.h			crypto/ts/ts_err.c
+L HMAC		crypto/hmac/hmac.h		crypto/hmac/hmac_err.c
+L CMS		crypto/cms/cms.h		crypto/cms/cms_err.c
+L JPAKE		crypto/jpake/jpake.h		crypto/jpake/jpake_err.c
 
 # additional header files to be scanned for function names
 L NONE		crypto/x509/x509_vfy.h		NONE
 L NONE		crypto/ec/ec_lcl.h		NONE
+L NONE		crypto/asn1/asn_lcl.h		NONE
+L NONE		crypto/cms/cms_lcl.h		NONE
 
 
 F RSAREF_F_RSA_BN2BIN
@@ -67,6 +73,11 @@ R SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY	1071
 R SSL_R_TLSV1_ALERT_INTERNAL_ERROR		1080
 R SSL_R_TLSV1_ALERT_USER_CANCELLED		1090
 R SSL_R_TLSV1_ALERT_NO_RENEGOTIATION		1100
+R SSL_R_TLSV1_UNSUPPORTED_EXTENSION		1110
+R SSL_R_TLSV1_CERTIFICATE_UNOBTAINABLE		1111
+R SSL_R_TLSV1_UNRECOGNIZED_NAME			1112
+R SSL_R_TLSV1_BAD_CERTIFICATE_STATUS_RESPONSE	1113
+R SSL_R_TLSV1_BAD_CERTIFICATE_HASH_VALUE	1114
 
 R RSAREF_R_CONTENT_ENCODING			0x0400
 R RSAREF_R_DATA					0x0401
diff --git a/crypto/evp/.cvsignore b/crypto/evp/.cvsignore
index c6d03a9dbc..439e6d3eb6 100644
--- a/crypto/evp/.cvsignore
+++ b/crypto/evp/.cvsignore
@@ -1,2 +1,4 @@
 lib
 Makefile.save
+*.flc
+semantic.cache
diff --git a/crypto/evp/Makefile.ssl b/crypto/evp/Makefile.ssl
deleted file mode 100644
index 70788962a8..0000000000
--- a/crypto/evp/Makefile.ssl
+++ /dev/null
@@ -1,652 +0,0 @@
-#
-# SSLeay/crypto/evp/Makefile
-#
-
-DIR=	evp
-TOP=	../..
-CC=	cc
-INCLUDES= -I.. -I$(TOP) -I../../include
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=evp_test.c
-TESTDATA=evptests.txt
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC= encode.c digest.c evp_enc.c evp_key.c evp_acnf.c \
-	e_des.c e_bf.c e_idea.c e_des3.c \
-	e_rc4.c e_aes.c names.c \
-	e_xcbc_d.c e_rc2.c e_cast.c e_rc5.c \
-	m_null.c m_md2.c m_md4.c m_md5.c m_sha.c m_sha1.c \
-	m_dss.c m_dss1.c m_mdc2.c m_ripemd.c m_ecdsa.c\
-	p_open.c p_seal.c p_sign.c p_verify.c p_lib.c p_enc.c p_dec.c \
-	bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c \
-	c_all.c c_allc.c c_alld.c evp_lib.c bio_ok.c \
-	evp_pkey.c evp_pbe.c p5_crpt.c p5_crpt2.c \
-	e_old.c
-
-LIBOBJ=	encode.o digest.o evp_enc.o evp_key.o evp_acnf.o \
-	e_des.o e_bf.o e_idea.o e_des3.o \
-	e_rc4.o e_aes.o names.o \
-	e_xcbc_d.o e_rc2.o e_cast.o e_rc5.o \
-	m_null.o m_md2.o m_md4.o m_md5.o m_sha.o m_sha1.o \
-	m_dss.o m_dss1.o m_mdc2.o m_ripemd.o m_ecdsa.o\
-	p_open.o p_seal.o p_sign.o p_verify.o p_lib.o p_enc.o p_dec.o \
-	bio_md.o bio_b64.o bio_enc.o evp_err.o e_null.o \
-	c_all.o c_allc.o c_alld.o evp_lib.o bio_ok.o \
-	evp_pkey.o evp_pbe.o p5_crpt.o p5_crpt2.o \
-	e_old.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= evp.h
-HEADER=	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@sh $(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	cp $(TESTDATA) ../../test
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-bio_b64.o: ../../e_os.h ../../include/openssl/asn1.h
-bio_b64.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-bio_b64.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-bio_b64.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-bio_b64.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-bio_b64.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-bio_b64.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bio_b64.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bio_b64.o: ../../include/openssl/symhacks.h ../cryptlib.h bio_b64.c
-bio_enc.o: ../../e_os.h ../../include/openssl/asn1.h
-bio_enc.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-bio_enc.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-bio_enc.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-bio_enc.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-bio_enc.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-bio_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-bio_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bio_enc.o: ../../include/openssl/symhacks.h ../cryptlib.h bio_enc.c
-bio_md.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-bio_md.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bio_md.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bio_md.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-bio_md.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-bio_md.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-bio_md.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-bio_md.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bio_md.o: ../cryptlib.h bio_md.c
-bio_ok.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-bio_ok.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-bio_ok.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-bio_ok.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-bio_ok.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-bio_ok.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-bio_ok.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
-bio_ok.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bio_ok.o: ../../include/openssl/symhacks.h ../cryptlib.h bio_ok.c
-c_all.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-c_all.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-c_all.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
-c_all.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-c_all.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-c_all.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-c_all.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-c_all.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-c_all.o: ../../include/openssl/symhacks.h ../cryptlib.h c_all.c
-c_allc.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-c_allc.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-c_allc.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-c_allc.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-c_allc.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-c_allc.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-c_allc.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-c_allc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-c_allc.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
-c_allc.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-c_allc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-c_allc.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-c_allc.o: ../cryptlib.h c_allc.c
-c_alld.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-c_alld.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-c_alld.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-c_alld.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-c_alld.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-c_alld.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-c_alld.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-c_alld.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-c_alld.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
-c_alld.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-c_alld.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-c_alld.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-c_alld.o: ../cryptlib.h c_alld.c
-digest.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-digest.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-digest.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
-digest.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-digest.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-digest.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-digest.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-digest.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-digest.o: ../../include/openssl/symhacks.h ../cryptlib.h digest.c
-e_aes.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
-e_aes.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
-e_aes.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-e_aes.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-e_aes.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-e_aes.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-e_aes.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-e_aes.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h e_aes.c
-e_aes.o: evp_locl.h
-e_bf.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-e_bf.o: ../../include/openssl/blowfish.h ../../include/openssl/buffer.h
-e_bf.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-e_bf.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-e_bf.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-e_bf.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-e_bf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-e_bf.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-e_bf.o: ../../include/openssl/symhacks.h ../cryptlib.h e_bf.c evp_locl.h
-e_cast.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-e_cast.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-e_cast.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-e_cast.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-e_cast.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-e_cast.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-e_cast.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-e_cast.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-e_cast.o: ../../include/openssl/symhacks.h ../cryptlib.h e_cast.c evp_locl.h
-e_des.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-e_des.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-e_des.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-e_des.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-e_des.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-e_des.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-e_des.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-e_des.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
-e_des.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-e_des.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-e_des.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_des.c evp_locl.h
-e_des3.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-e_des3.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-e_des3.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-e_des3.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-e_des3.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-e_des3.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-e_des3.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-e_des3.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
-e_des3.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-e_des3.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-e_des3.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_des3.c evp_locl.h
-e_idea.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-e_idea.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-e_idea.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-e_idea.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-e_idea.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-e_idea.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-e_idea.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-e_idea.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-e_idea.o: ../../include/openssl/symhacks.h ../cryptlib.h e_idea.c evp_locl.h
-e_null.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-e_null.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-e_null.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-e_null.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-e_null.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-e_null.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-e_null.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-e_null.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-e_null.o: ../cryptlib.h e_null.c
-e_old.o: e_old.c
-e_rc2.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-e_rc2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-e_rc2.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-e_rc2.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-e_rc2.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-e_rc2.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-e_rc2.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc2.h
-e_rc2.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-e_rc2.o: ../../include/openssl/symhacks.h ../cryptlib.h e_rc2.c evp_locl.h
-e_rc4.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-e_rc4.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-e_rc4.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-e_rc4.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-e_rc4.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-e_rc4.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-e_rc4.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc4.h
-e_rc4.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-e_rc4.o: ../../include/openssl/symhacks.h ../cryptlib.h e_rc4.c
-e_rc5.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-e_rc5.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-e_rc5.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-e_rc5.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-e_rc5.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-e_rc5.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-e_rc5.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc5.h
-e_rc5.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-e_rc5.o: ../../include/openssl/symhacks.h ../cryptlib.h e_rc5.c evp_locl.h
-e_xcbc_d.o: ../../e_os.h ../../include/openssl/asn1.h
-e_xcbc_d.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-e_xcbc_d.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-e_xcbc_d.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
-e_xcbc_d.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-e_xcbc_d.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-e_xcbc_d.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-e_xcbc_d.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-e_xcbc_d.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-e_xcbc_d.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-e_xcbc_d.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_xcbc_d.c
-encode.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-encode.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-encode.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-encode.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-encode.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-encode.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-encode.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-encode.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-encode.o: ../cryptlib.h encode.c
-evp_acnf.o: ../../e_os.h ../../include/openssl/asn1.h
-evp_acnf.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-evp_acnf.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-evp_acnf.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-evp_acnf.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-evp_acnf.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-evp_acnf.o: ../../include/openssl/opensslconf.h
-evp_acnf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-evp_acnf.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-evp_acnf.o: ../../include/openssl/symhacks.h ../cryptlib.h evp_acnf.c
-evp_enc.o: ../../e_os.h ../../include/openssl/asn1.h
-evp_enc.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-evp_enc.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-evp_enc.o: ../../include/openssl/engine.h ../../include/openssl/err.h
-evp_enc.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-evp_enc.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-evp_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-evp_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
-evp_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-evp_enc.o: ../../include/openssl/symhacks.h ../cryptlib.h evp_enc.c evp_locl.h
-evp_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-evp_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-evp_err.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-evp_err.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-evp_err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-evp_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-evp_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-evp_err.o: ../../include/openssl/symhacks.h evp_err.c
-evp_key.o: ../../e_os.h ../../include/openssl/asn1.h
-evp_key.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-evp_key.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-evp_key.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-evp_key.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-evp_key.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-evp_key.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-evp_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-evp_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-evp_key.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-evp_key.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-evp_key.o: ../../include/openssl/ui.h ../../include/openssl/x509.h
-evp_key.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_key.c
-evp_lib.o: ../../e_os.h ../../include/openssl/asn1.h
-evp_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-evp_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-evp_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-evp_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-evp_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-evp_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-evp_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-evp_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h evp_lib.c
-evp_pbe.o: ../../e_os.h ../../include/openssl/asn1.h
-evp_pbe.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-evp_pbe.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-evp_pbe.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-evp_pbe.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-evp_pbe.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-evp_pbe.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-evp_pbe.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-evp_pbe.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-evp_pbe.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-evp_pbe.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-evp_pbe.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-evp_pbe.o: ../cryptlib.h evp_pbe.c
-evp_pkey.o: ../../e_os.h ../../include/openssl/asn1.h
-evp_pkey.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-evp_pkey.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-evp_pkey.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-evp_pkey.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-evp_pkey.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-evp_pkey.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-evp_pkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-evp_pkey.o: ../../include/openssl/opensslconf.h
-evp_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-evp_pkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
-evp_pkey.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-evp_pkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-evp_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-evp_pkey.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_pkey.c
-m_dss.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-m_dss.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-m_dss.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-m_dss.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-m_dss.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-m_dss.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-m_dss.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-m_dss.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-m_dss.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-m_dss.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-m_dss.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-m_dss.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-m_dss.o: ../cryptlib.h m_dss.c
-m_dss1.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-m_dss1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-m_dss1.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-m_dss1.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-m_dss1.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-m_dss1.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-m_dss1.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-m_dss1.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-m_dss1.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-m_dss1.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-m_dss1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-m_dss1.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-m_dss1.o: ../cryptlib.h m_dss1.c
-m_ecdsa.o: ../../e_os.h ../../include/openssl/asn1.h
-m_ecdsa.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-m_ecdsa.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-m_ecdsa.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-m_ecdsa.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-m_ecdsa.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-m_ecdsa.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-m_ecdsa.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-m_ecdsa.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-m_ecdsa.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-m_ecdsa.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-m_ecdsa.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-m_ecdsa.o: ../cryptlib.h m_ecdsa.c
-m_md2.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-m_md2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-m_md2.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-m_md2.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-m_md2.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-m_md2.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-m_md2.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-m_md2.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-m_md2.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-m_md2.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-m_md2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-m_md2.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-m_md2.o: ../../include/openssl/x509_vfy.h ../cryptlib.h m_md2.c
-m_md4.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-m_md4.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-m_md4.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-m_md4.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-m_md4.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-m_md4.o: ../../include/openssl/lhash.h ../../include/openssl/md4.h
-m_md4.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-m_md4.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-m_md4.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-m_md4.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-m_md4.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-m_md4.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-m_md4.o: ../../include/openssl/x509_vfy.h ../cryptlib.h m_md4.c
-m_md5.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-m_md5.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-m_md5.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-m_md5.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-m_md5.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-m_md5.o: ../../include/openssl/lhash.h ../../include/openssl/md5.h
-m_md5.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-m_md5.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-m_md5.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-m_md5.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-m_md5.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-m_md5.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-m_md5.o: ../../include/openssl/x509_vfy.h ../cryptlib.h m_md5.c
-m_mdc2.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-m_mdc2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-m_mdc2.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-m_mdc2.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-m_mdc2.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-m_mdc2.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-m_mdc2.o: ../../include/openssl/lhash.h ../../include/openssl/mdc2.h
-m_mdc2.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-m_mdc2.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-m_mdc2.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-m_mdc2.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-m_mdc2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-m_mdc2.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-m_mdc2.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
-m_mdc2.o: ../../include/openssl/x509_vfy.h ../cryptlib.h m_mdc2.c
-m_null.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-m_null.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-m_null.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-m_null.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-m_null.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-m_null.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-m_null.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-m_null.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-m_null.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-m_null.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-m_null.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-m_null.o: ../../include/openssl/x509_vfy.h ../cryptlib.h m_null.c
-m_ripemd.o: ../../e_os.h ../../include/openssl/asn1.h
-m_ripemd.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-m_ripemd.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-m_ripemd.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-m_ripemd.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-m_ripemd.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-m_ripemd.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-m_ripemd.o: ../../include/openssl/opensslconf.h
-m_ripemd.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-m_ripemd.o: ../../include/openssl/pkcs7.h ../../include/openssl/ripemd.h
-m_ripemd.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-m_ripemd.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-m_ripemd.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-m_ripemd.o: ../../include/openssl/x509_vfy.h ../cryptlib.h m_ripemd.c
-m_sha.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-m_sha.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-m_sha.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-m_sha.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-m_sha.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-m_sha.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-m_sha.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-m_sha.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-m_sha.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
-m_sha.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-m_sha.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-m_sha.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-m_sha.o: ../cryptlib.h m_sha.c
-m_sha1.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-m_sha1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-m_sha1.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-m_sha1.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-m_sha1.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-m_sha1.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-m_sha1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-m_sha1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-m_sha1.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
-m_sha1.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-m_sha1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-m_sha1.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-m_sha1.o: ../cryptlib.h m_sha1.c
-names.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-names.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-names.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-names.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-names.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-names.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-names.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-names.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-names.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-names.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-names.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-names.o: ../../include/openssl/x509_vfy.h ../cryptlib.h names.c
-p5_crpt.o: ../../e_os.h ../../include/openssl/asn1.h
-p5_crpt.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-p5_crpt.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-p5_crpt.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-p5_crpt.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-p5_crpt.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-p5_crpt.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-p5_crpt.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-p5_crpt.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-p5_crpt.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-p5_crpt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-p5_crpt.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-p5_crpt.o: ../cryptlib.h p5_crpt.c
-p5_crpt2.o: ../../e_os.h ../../include/openssl/asn1.h
-p5_crpt2.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-p5_crpt2.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-p5_crpt2.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-p5_crpt2.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-p5_crpt2.o: ../../include/openssl/evp.h ../../include/openssl/hmac.h
-p5_crpt2.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-p5_crpt2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p5_crpt2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-p5_crpt2.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-p5_crpt2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p5_crpt2.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p5_crpt2.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p5_crpt2.c
-p_dec.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-p_dec.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-p_dec.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-p_dec.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-p_dec.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-p_dec.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-p_dec.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p_dec.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-p_dec.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
-p_dec.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-p_dec.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p_dec.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p_dec.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p_dec.c
-p_enc.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-p_enc.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-p_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-p_enc.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-p_enc.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-p_enc.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-p_enc.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-p_enc.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
-p_enc.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-p_enc.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p_enc.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p_enc.c
-p_lib.o: ../../e_os.h ../../include/openssl/asn1.h
-p_lib.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h
-p_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-p_lib.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
-p_lib.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-p_lib.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-p_lib.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-p_lib.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-p_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-p_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-p_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-p_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-p_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p_lib.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p_lib.c
-p_open.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-p_open.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-p_open.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-p_open.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-p_open.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-p_open.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-p_open.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p_open.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-p_open.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
-p_open.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-p_open.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-p_open.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-p_open.o: ../cryptlib.h p_open.c
-p_seal.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-p_seal.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-p_seal.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-p_seal.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-p_seal.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-p_seal.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-p_seal.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p_seal.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-p_seal.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
-p_seal.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-p_seal.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p_seal.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p_seal.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p_seal.c
-p_sign.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-p_sign.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-p_sign.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-p_sign.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-p_sign.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-p_sign.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-p_sign.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-p_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-p_sign.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p_sign.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p_sign.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p_sign.c
-p_verify.o: ../../e_os.h ../../include/openssl/asn1.h
-p_verify.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-p_verify.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-p_verify.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-p_verify.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-p_verify.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-p_verify.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-p_verify.o: ../../include/openssl/opensslconf.h
-p_verify.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-p_verify.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-p_verify.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p_verify.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p_verify.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p_verify.c
diff --git a/crypto/evp/bio_enc.c b/crypto/evp/bio_enc.c
index 183836c85c..afb4d319ce 100644
--- a/crypto/evp/bio_enc.c
+++ b/crypto/evp/bio_enc.c
@@ -71,7 +71,7 @@ static int enc_new(BIO *h);
 static int enc_free(BIO *data);
 static long enc_callback_ctrl(BIO *h, int cmd, bio_info_cb *fps);
 #define ENC_BLOCK_SIZE	(1024*4)
-#define BUF_OFFSET	EVP_MAX_BLOCK_LENGTH
+#define BUF_OFFSET	(EVP_MAX_BLOCK_LENGTH*2)
 
 typedef struct enc_struct
 	{
@@ -198,9 +198,13 @@ static int enc_read(BIO *b, char *out, int outl)
 			}
 		else
 			{
-			EVP_CipherUpdate(&(ctx->cipher),
+			if (!EVP_CipherUpdate(&(ctx->cipher),
 				(unsigned char *)ctx->buf,&ctx->buf_len,
-				(unsigned char *)&(ctx->buf[BUF_OFFSET]),i);
+				(unsigned char *)&(ctx->buf[BUF_OFFSET]),i))
+				{
+				BIO_clear_retry_flags(b);
+				return 0;
+				}	
 			ctx->cont=1;
 			/* Note: it is possible for EVP_CipherUpdate to
 			 * decrypt zero bytes because this is or looks like
@@ -257,9 +261,13 @@ static int enc_write(BIO *b, const char *in, int inl)
 	while (inl > 0)
 		{
 		n=(inl > ENC_BLOCK_SIZE)?ENC_BLOCK_SIZE:inl;
-		EVP_CipherUpdate(&(ctx->cipher),
+		if (!EVP_CipherUpdate(&(ctx->cipher),
 			(unsigned char *)ctx->buf,&ctx->buf_len,
-			(unsigned char *)in,n);
+			(unsigned char *)in,n))
+			{
+			BIO_clear_retry_flags(b);
+			return 0;
+			}
 		inl-=n;
 		in+=n;
 
@@ -298,8 +306,9 @@ static long enc_ctrl(BIO *b, int cmd, long num, void *ptr)
 	case BIO_CTRL_RESET:
 		ctx->ok=1;
 		ctx->finished=0;
-		EVP_CipherInit_ex(&(ctx->cipher),NULL,NULL,NULL,NULL,
-			ctx->cipher.encrypt);
+		if (!EVP_CipherInit_ex(&(ctx->cipher),NULL,NULL,NULL,NULL,
+			ctx->cipher.encrypt))
+			return 0;
 		ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
 		break;
 	case BIO_CTRL_EOF:	/* More to read */
@@ -405,22 +414,24 @@ EVP_CIPHER_ctx *c;
 	}
 */
 
-void BIO_set_cipher(BIO *b, const EVP_CIPHER *c, const unsigned char *k,
+int BIO_set_cipher(BIO *b, const EVP_CIPHER *c, const unsigned char *k,
 	     const unsigned char *i, int e)
 	{
 	BIO_ENC_CTX *ctx;
 
-	if (b == NULL) return;
+	if (b == NULL) return 0;
 
 	if ((b->callback != NULL) &&
 		(b->callback(b,BIO_CB_CTRL,(const char *)c,BIO_CTRL_SET,e,0L) <= 0))
-		return;
+		return 0;
 
 	b->init=1;
 	ctx=(BIO_ENC_CTX *)b->ptr;
-	EVP_CipherInit_ex(&(ctx->cipher),c,NULL, k,i,e);
+	if (!EVP_CipherInit_ex(&(ctx->cipher),c,NULL, k,i,e))
+		return 0;
 	
 	if (b->callback != NULL)
-		b->callback(b,BIO_CB_CTRL,(const char *)c,BIO_CTRL_SET,e,1L);
+		return b->callback(b,BIO_CB_CTRL,(const char *)c,BIO_CTRL_SET,e,1L);
+	return 1;
 	}
 
diff --git a/crypto/evp/bio_md.c b/crypto/evp/bio_md.c
index 27ec62f4b5..144fdfd56a 100644
--- a/crypto/evp/bio_md.c
+++ b/crypto/evp/bio_md.c
@@ -130,8 +130,8 @@ static int md_read(BIO *b, char *out, int outl)
 		{
 		if (ret > 0)
 			{
-			EVP_DigestUpdate(ctx,(unsigned char *)out,
-				(unsigned int)ret);
+			if (EVP_DigestUpdate(ctx,(unsigned char *)out,
+				(unsigned int)ret)<=0) return (-1);
 			}
 		}
 	BIO_clear_retry_flags(b);
@@ -153,12 +153,19 @@ static int md_write(BIO *b, const char *in, int inl)
 		{
 		if (ret > 0)
 			{
-			EVP_DigestUpdate(ctx,(unsigned char *)in,
-				(unsigned int)ret);
+			if (!EVP_DigestUpdate(ctx,(const unsigned char *)in,
+				(unsigned int)ret))
+				{
+				BIO_clear_retry_flags(b);
+				return 0;
+				}
 			}
 		}
-	BIO_clear_retry_flags(b);
-	BIO_copy_next_retry(b);
+	if(b->next_bio != NULL)
+		{
+		BIO_clear_retry_flags(b);
+		BIO_copy_next_retry(b);
+		}
 	return(ret);
 	}
 
@@ -192,11 +199,13 @@ static long md_ctrl(BIO *b, int cmd, long num, void *ptr)
 			ret=0;
 		break;
 	case BIO_C_GET_MD_CTX:
+		pctx=ptr;
+		*pctx=ctx;
+		b->init = 1;
+		break;
+	case BIO_C_SET_MD_CTX:
 		if (b->init)
-			{
-			pctx=ptr;
-			*pctx=ctx;
-			}
+			b->ptr=ptr;
 		else
 			ret=0;
 		break;
@@ -215,7 +224,8 @@ static long md_ctrl(BIO *b, int cmd, long num, void *ptr)
 	case BIO_CTRL_DUP:
 		dbio=ptr;
 		dctx=dbio->ptr;
-		EVP_MD_CTX_copy_ex(dctx,ctx);
+		if (!EVP_MD_CTX_copy_ex(dctx,ctx))
+			return 0;
 		b->init=1;
 		break;
 	default:
@@ -248,7 +258,9 @@ static int md_gets(BIO *bp, char *buf, int size)
 	ctx=bp->ptr;
 	if (size < ctx->digest->md_size)
 		return(0);
-	EVP_DigestFinal_ex(ctx,(unsigned char *)buf,&ret);
+	if (EVP_DigestFinal_ex(ctx,(unsigned char *)buf,&ret)<=0) 
+		return -1;
+		
 	return((int)ret);
 	}
 
diff --git a/crypto/evp/bio_ok.c b/crypto/evp/bio_ok.c
index 98bc1ab409..ad8cad8766 100644
--- a/crypto/evp/bio_ok.c
+++ b/crypto/evp/bio_ok.c
@@ -133,10 +133,10 @@ static int ok_new(BIO *h);
 static int ok_free(BIO *data);
 static long ok_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp);
 
-static void sig_out(BIO* b);
-static void sig_in(BIO* b);
-static void block_out(BIO* b);
-static void block_in(BIO* b);
+static __owur int sig_out(BIO* b);
+static __owur int sig_in(BIO* b);
+static __owur int block_out(BIO* b);
+static __owur int block_in(BIO* b);
 #define OK_BLOCK_SIZE	(1024*4)
 #define OK_BLOCK_BLOCK	4
 #define IOBS		(OK_BLOCK_SIZE+ OK_BLOCK_BLOCK+ 3*EVP_MAX_MD_SIZE)
@@ -266,10 +266,24 @@ static int ok_read(BIO *b, char *out, int outl)
 		ctx->buf_len+= i;
 
 		/* no signature yet -- check if we got one */
-		if (ctx->sigio == 1) sig_in(b);
+		if (ctx->sigio == 1)
+			{
+			if (!sig_in(b))
+				{
+				BIO_clear_retry_flags(b);
+				return 0;
+				}
+			}
 
 		/* signature ok -- check if we got block */
-		if (ctx->sigio == 0) block_in(b);
+		if (ctx->sigio == 0)
+			{
+			if (!block_in(b))
+				{
+				BIO_clear_retry_flags(b);
+				return 0;
+				}
+			}
 
 		/* invalid block -- cancel */
 		if (ctx->cont <= 0) break;
@@ -293,7 +307,8 @@ static int ok_write(BIO *b, const char *in, int inl)
 
 	if ((ctx == NULL) || (b->next_bio == NULL) || (b->init == 0)) return(0);
 
-	if(ctx->sigio) sig_out(b);
+	if(ctx->sigio && !sig_out(b))
+		return 0;
 
 	do{
 		BIO_clear_retry_flags(b);
@@ -332,7 +347,11 @@ static int ok_write(BIO *b, const char *in, int inl)
 
 		if(ctx->buf_len >= OK_BLOCK_SIZE+ OK_BLOCK_BLOCK)
 			{
-			block_out(b);
+			if (!block_out(b))
+				{
+				BIO_clear_retry_flags(b);
+				return 0;
+				}
 			}
 	}while(inl > 0);
 
@@ -379,7 +398,8 @@ static long ok_ctrl(BIO *b, int cmd, long num, void *ptr)
 	case BIO_CTRL_FLUSH:
 		/* do a final write */
 		if(ctx->blockout == 0)
-			block_out(b);
+			if (!block_out(b))
+				return 0;
 
 		while (ctx->blockout)
 			{
@@ -408,7 +428,8 @@ static long ok_ctrl(BIO *b, int cmd, long num, void *ptr)
 		break;
 	case BIO_C_SET_MD:
 		md=ptr;
-		EVP_DigestInit_ex(&ctx->md, md, NULL);
+		if (!EVP_DigestInit_ex(&ctx->md, md, NULL))
+			return 0;
 		b->init=1;
 		break;
 	case BIO_C_GET_MD:
@@ -455,7 +476,7 @@ static void longswap(void *_ptr, size_t len)
 	}
 }
 
-static void sig_out(BIO* b)
+static int sig_out(BIO* b)
 	{
 	BIO_OK_CTX *ctx;
 	EVP_MD_CTX *md;
@@ -463,9 +484,10 @@ static void sig_out(BIO* b)
 	ctx=b->ptr;
 	md=&ctx->md;
 
-	if(ctx->buf_len+ 2* md->digest->md_size > OK_BLOCK_SIZE) return;
+	if(ctx->buf_len+ 2* md->digest->md_size > OK_BLOCK_SIZE) return 1;
 
-	EVP_DigestInit_ex(md, md->digest, NULL);
+	if (!EVP_DigestInit_ex(md, md->digest, NULL))
+		goto berr;
 	/* FIXME: there's absolutely no guarantee this makes any sense at all,
 	 * particularly now EVP_MD_CTX has been restructured.
 	 */
@@ -474,14 +496,20 @@ static void sig_out(BIO* b)
 	longswap(&(ctx->buf[ctx->buf_len]), md->digest->md_size);
 	ctx->buf_len+= md->digest->md_size;
 
-	EVP_DigestUpdate(md, WELLKNOWN, strlen(WELLKNOWN));
-	EVP_DigestFinal_ex(md, &(ctx->buf[ctx->buf_len]), NULL);
+	if (!EVP_DigestUpdate(md, WELLKNOWN, strlen(WELLKNOWN)))
+		goto berr;
+	if (!EVP_DigestFinal_ex(md, &(ctx->buf[ctx->buf_len]), NULL))
+		goto berr;
 	ctx->buf_len+= md->digest->md_size;
 	ctx->blockout= 1;
 	ctx->sigio= 0;
+	return 1;
+	berr:
+	BIO_clear_retry_flags(b);
+	return 0;
 	}
 
-static void sig_in(BIO* b)
+static int sig_in(BIO* b)
 	{
 	BIO_OK_CTX *ctx;
 	EVP_MD_CTX *md;
@@ -491,15 +519,18 @@ static void sig_in(BIO* b)
 	ctx=b->ptr;
 	md=&ctx->md;
 
-	if((int)(ctx->buf_len-ctx->buf_off) < 2*md->digest->md_size) return;
+	if((int)(ctx->buf_len-ctx->buf_off) < 2*md->digest->md_size) return 1;
 
-	EVP_DigestInit_ex(md, md->digest, NULL);
+	if (!EVP_DigestInit_ex(md, md->digest, NULL))
+		goto berr;
 	memcpy(md->md_data, &(ctx->buf[ctx->buf_off]), md->digest->md_size);
 	longswap(md->md_data, md->digest->md_size);
 	ctx->buf_off+= md->digest->md_size;
 
-	EVP_DigestUpdate(md, WELLKNOWN, strlen(WELLKNOWN));
-	EVP_DigestFinal_ex(md, tmp, NULL);
+	if (!EVP_DigestUpdate(md, WELLKNOWN, strlen(WELLKNOWN)))
+		goto berr;
+	if (!EVP_DigestFinal_ex(md, tmp, NULL))
+		goto berr;
 	ret= memcmp(&(ctx->buf[ctx->buf_off]), tmp, md->digest->md_size) == 0;
 	ctx->buf_off+= md->digest->md_size;
 	if(ret == 1)
@@ -516,9 +547,13 @@ static void sig_in(BIO* b)
 		{
 		ctx->cont= 0;
 		}
+	return 1;
+	berr:
+	BIO_clear_retry_flags(b);
+	return 0;
 	}
 
-static void block_out(BIO* b)
+static int block_out(BIO* b)
 	{
 	BIO_OK_CTX *ctx;
 	EVP_MD_CTX *md;
@@ -532,13 +567,20 @@ static void block_out(BIO* b)
 	ctx->buf[1]=(unsigned char)(tl>>16);
 	ctx->buf[2]=(unsigned char)(tl>>8);
 	ctx->buf[3]=(unsigned char)(tl);
-	EVP_DigestUpdate(md, (unsigned char*) &(ctx->buf[OK_BLOCK_BLOCK]), tl);
-	EVP_DigestFinal_ex(md, &(ctx->buf[ctx->buf_len]), NULL);
+	if (!EVP_DigestUpdate(md,
+		(unsigned char*) &(ctx->buf[OK_BLOCK_BLOCK]), tl))
+		goto berr;
+	if (!EVP_DigestFinal_ex(md, &(ctx->buf[ctx->buf_len]), NULL))
+		goto berr;
 	ctx->buf_len+= md->digest->md_size;
 	ctx->blockout= 1;
+	return 1;
+	berr:
+	BIO_clear_retry_flags(b);
+	return 0;
 	}
 
-static void block_in(BIO* b)
+static int block_in(BIO* b)
 	{
 	BIO_OK_CTX *ctx;
 	EVP_MD_CTX *md;
@@ -554,10 +596,13 @@ static void block_in(BIO* b)
 	tl|=ctx->buf[2]; tl<<=8;
 	tl|=ctx->buf[3];
 
-	if (ctx->buf_len < tl+ OK_BLOCK_BLOCK+ md->digest->md_size) return;
+	if (ctx->buf_len < tl+ OK_BLOCK_BLOCK+ md->digest->md_size) return 1;
  
-	EVP_DigestUpdate(md, (unsigned char*) &(ctx->buf[OK_BLOCK_BLOCK]), tl);
-	EVP_DigestFinal_ex(md, tmp, NULL);
+	if (!EVP_DigestUpdate(md,
+			(unsigned char*) &(ctx->buf[OK_BLOCK_BLOCK]), tl))
+		goto berr;
+	if (!EVP_DigestFinal_ex(md, tmp, NULL))
+		goto berr;
 	if(memcmp(&(ctx->buf[tl+ OK_BLOCK_BLOCK]), tmp, md->digest->md_size) == 0)
 		{
 		/* there might be parts from next block lurking around ! */
@@ -571,5 +616,9 @@ static void block_in(BIO* b)
 		{
 		ctx->cont= 0;
 		}
+	return 1;
+	berr:
+	BIO_clear_retry_flags(b);
+	return 0;
 	}
 
diff --git a/crypto/evp/c_allc.c b/crypto/evp/c_allc.c
index fc96812365..c5f9268378 100644
--- a/crypto/evp/c_allc.c
+++ b/crypto/evp/c_allc.c
@@ -71,6 +71,8 @@ void OpenSSL_add_all_ciphers(void)
 	EVP_add_cipher(EVP_des_cfb8());
 	EVP_add_cipher(EVP_des_ede_cfb());
 	EVP_add_cipher(EVP_des_ede3_cfb());
+	EVP_add_cipher(EVP_des_ede3_cfb1());
+	EVP_add_cipher(EVP_des_ede3_cfb8());
 
 	EVP_add_cipher(EVP_des_ofb());
 	EVP_add_cipher(EVP_des_ede_ofb());
@@ -107,6 +109,15 @@ void OpenSSL_add_all_ciphers(void)
 	EVP_add_cipher_alias(SN_idea_cbc,"idea");
 #endif
 
+#ifndef OPENSSL_NO_SEED
+	EVP_add_cipher(EVP_seed_ecb());
+	EVP_add_cipher(EVP_seed_cfb());
+	EVP_add_cipher(EVP_seed_ofb());
+	EVP_add_cipher(EVP_seed_cbc());
+	EVP_add_cipher_alias(SN_seed_cbc,"SEED");
+	EVP_add_cipher_alias(SN_seed_cbc,"seed");
+#endif
+
 #ifndef OPENSSL_NO_RC2
 	EVP_add_cipher(EVP_rc2_ecb());
 	EVP_add_cipher(EVP_rc2_cfb());
@@ -183,6 +194,31 @@ void OpenSSL_add_all_ciphers(void)
 	EVP_add_cipher_alias(SN_aes_256_cbc,"AES256");
 	EVP_add_cipher_alias(SN_aes_256_cbc,"aes256");
 #endif
-	PKCS12_PBE_add();
-	PKCS5_PBE_add();
+
+#ifndef OPENSSL_NO_CAMELLIA
+	EVP_add_cipher(EVP_camellia_128_ecb());
+	EVP_add_cipher(EVP_camellia_128_cbc());
+	EVP_add_cipher(EVP_camellia_128_cfb());
+	EVP_add_cipher(EVP_camellia_128_cfb1());
+	EVP_add_cipher(EVP_camellia_128_cfb8());
+	EVP_add_cipher(EVP_camellia_128_ofb());
+	EVP_add_cipher_alias(SN_camellia_128_cbc,"CAMELLIA128");
+	EVP_add_cipher_alias(SN_camellia_128_cbc,"camellia128");
+	EVP_add_cipher(EVP_camellia_192_ecb());
+	EVP_add_cipher(EVP_camellia_192_cbc());
+	EVP_add_cipher(EVP_camellia_192_cfb());
+	EVP_add_cipher(EVP_camellia_192_cfb1());
+	EVP_add_cipher(EVP_camellia_192_cfb8());
+	EVP_add_cipher(EVP_camellia_192_ofb());
+	EVP_add_cipher_alias(SN_camellia_192_cbc,"CAMELLIA192");
+	EVP_add_cipher_alias(SN_camellia_192_cbc,"camellia192");
+	EVP_add_cipher(EVP_camellia_256_ecb());
+	EVP_add_cipher(EVP_camellia_256_cbc());
+	EVP_add_cipher(EVP_camellia_256_cfb());
+	EVP_add_cipher(EVP_camellia_256_cfb1());
+	EVP_add_cipher(EVP_camellia_256_cfb8());
+	EVP_add_cipher(EVP_camellia_256_ofb());
+	EVP_add_cipher_alias(SN_camellia_256_cbc,"CAMELLIA256");
+	EVP_add_cipher_alias(SN_camellia_256_cbc,"camellia256");
+#endif
 	}
diff --git a/crypto/evp/c_alld.c b/crypto/evp/c_alld.c
index a935aa565e..311e1fe2f8 100644
--- a/crypto/evp/c_alld.c
+++ b/crypto/evp/c_alld.c
@@ -64,9 +64,6 @@
 
 void OpenSSL_add_all_digests(void)
 	{
-#ifndef OPENSSL_NO_MD2
-	EVP_add_digest(EVP_md2());
-#endif
 #ifndef OPENSSL_NO_MD4
 	EVP_add_digest(EVP_md4());
 #endif
@@ -75,13 +72,13 @@ void OpenSSL_add_all_digests(void)
 	EVP_add_digest_alias(SN_md5,"ssl2-md5");
 	EVP_add_digest_alias(SN_md5,"ssl3-md5");
 #endif
-#ifndef OPENSSL_NO_SHA
+#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA0)
 	EVP_add_digest(EVP_sha());
 #ifndef OPENSSL_NO_DSA
 	EVP_add_digest(EVP_dss());
 #endif
 #endif
-#ifndef OPENSSL_NO_SHA
+#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1)
 	EVP_add_digest(EVP_sha1());
 	EVP_add_digest_alias(SN_sha1,"ssl3-sha1");
 	EVP_add_digest_alias(SN_sha1WithRSAEncryption,SN_sha1WithRSA);
@@ -111,4 +108,7 @@ void OpenSSL_add_all_digests(void)
 	EVP_add_digest(EVP_sha384());
 	EVP_add_digest(EVP_sha512());
 #endif
+#ifndef OPENSSL_NO_WHIRLPOOL
+	EVP_add_digest(EVP_whirlpool());
+#endif
 	}
diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c
index 7d8421079b..bd520456b1 100644
--- a/crypto/evp/digest.c
+++ b/crypto/evp/digest.c
@@ -126,7 +126,8 @@ EVP_MD_CTX *EVP_MD_CTX_create(void)
 	{
 	EVP_MD_CTX *ctx=OPENSSL_malloc(sizeof *ctx);
 
-	EVP_MD_CTX_init(ctx);
+	if (ctx)
+		EVP_MD_CTX_init(ctx);
 
 	return ctx;
 	}
@@ -159,7 +160,7 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl)
 			{
 			if (!ENGINE_init(impl))
 				{
-				EVPerr(EVP_F_EVP_DIGESTINIT, EVP_R_INITIALIZATION_ERROR);
+				EVPerr(EVP_F_EVP_DIGESTINIT_EX,EVP_R_INITIALIZATION_ERROR);
 				return 0;
 				}
 			}
@@ -173,7 +174,7 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl)
 			if(!d)
 				{
 				/* Same comment from evp_enc.c */
-				EVPerr(EVP_F_EVP_DIGESTINIT, EVP_R_INITIALIZATION_ERROR);
+				EVPerr(EVP_F_EVP_DIGESTINIT_EX,EVP_R_INITIALIZATION_ERROR);
 				return 0;
 				}
 			/* We'll use the ENGINE's private digest definition */
@@ -189,7 +190,7 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl)
 	else
 	if(!ctx->digest)
 		{
-		EVPerr(EVP_F_EVP_DIGESTINIT, EVP_R_NO_DIGEST_SET);
+		EVPerr(EVP_F_EVP_DIGESTINIT_EX,EVP_R_NO_DIGEST_SET);
 		return 0;
 		}
 #endif
@@ -198,19 +199,37 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl)
 		if (ctx->digest && ctx->digest->ctx_size)
 			OPENSSL_free(ctx->md_data);
 		ctx->digest=type;
-		if (type->ctx_size)
+		if (!(ctx->flags & EVP_MD_CTX_FLAG_NO_INIT) && type->ctx_size)
+			{
+			ctx->update = type->update;
 			ctx->md_data=OPENSSL_malloc(type->ctx_size);
+			if (ctx->md_data == NULL)
+				{
+				EVPerr(EVP_F_EVP_DIGESTINIT_EX,
+							ERR_R_MALLOC_FAILURE);
+				return 0;
+				}
+			}
 		}
 #ifndef OPENSSL_NO_ENGINE
 skip_to_init:
 #endif
+	if (ctx->pctx)
+		{
+		int r;
+		r = EVP_PKEY_CTX_ctrl(ctx->pctx, -1, EVP_PKEY_OP_TYPE_SIG,
+					EVP_PKEY_CTRL_DIGESTINIT, 0, ctx);
+		if (r <= 0 && (r != -2))
+			return 0;
+		}
+	if (ctx->flags & EVP_MD_CTX_FLAG_NO_INIT)
+		return 1;
 	return ctx->digest->init(ctx);
 	}
 
-int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data,
-	     size_t count)
+int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, size_t count)
 	{
-	return ctx->digest->update(ctx,data,count);
+	return ctx->update(ctx,data,count);
 	}
 
 /* The caller can assume that this removes any secret data from the context */
@@ -251,14 +270,14 @@ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in)
 	unsigned char *tmp_buf;
 	if ((in == NULL) || (in->digest == NULL))
 		{
-		EVPerr(EVP_F_EVP_MD_CTX_COPY,EVP_R_INPUT_NOT_INITIALIZED);
+		EVPerr(EVP_F_EVP_MD_CTX_COPY_EX,EVP_R_INPUT_NOT_INITIALIZED);
 		return 0;
 		}
 #ifndef OPENSSL_NO_ENGINE
 	/* Make sure it's safe to copy a digest context using an ENGINE */
 	if (in->engine && !ENGINE_init(in->engine))
 		{
-		EVPerr(EVP_F_EVP_MD_CTX_COPY,ERR_R_ENGINE_LIB);
+		EVPerr(EVP_F_EVP_MD_CTX_COPY_EX,ERR_R_ENGINE_LIB);
 		return 0;
 		}
 #endif
@@ -272,13 +291,34 @@ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in)
 	EVP_MD_CTX_cleanup(out);
 	memcpy(out,in,sizeof *out);
 
-	if (out->digest->ctx_size)
+	if (in->md_data && out->digest->ctx_size)
 		{
-		if (tmp_buf) out->md_data = tmp_buf;
-		else out->md_data=OPENSSL_malloc(out->digest->ctx_size);
+		if (tmp_buf)
+			out->md_data = tmp_buf;
+		else
+			{
+			out->md_data=OPENSSL_malloc(out->digest->ctx_size);
+			if (!out->md_data)
+				{
+				EVPerr(EVP_F_EVP_MD_CTX_COPY_EX,ERR_R_MALLOC_FAILURE);
+				return 0;
+				}
+			}
 		memcpy(out->md_data,in->md_data,out->digest->ctx_size);
 		}
 
+	out->update = in->update;
+
+	if (in->pctx)
+		{
+		out->pctx = EVP_PKEY_CTX_dup(in->pctx);
+		if (!out->pctx)
+			{
+			EVP_MD_CTX_cleanup(out);
+			return 0;
+			}
+		}
+
 	if (out->digest->copy)
 		return out->digest->copy(out,in);
 	
@@ -322,6 +362,8 @@ int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx)
 		OPENSSL_cleanse(ctx->md_data,ctx->digest->ctx_size);
 		OPENSSL_free(ctx->md_data);
 		}
+	if (ctx->pctx)
+		EVP_PKEY_CTX_free(ctx->pctx);
 #ifndef OPENSSL_NO_ENGINE
 	if(ctx->engine)
 		/* The EVP_MD we used belongs to an ENGINE, release the
diff --git a/crypto/ec/ec2_smpt.c b/crypto/evp/e_camellia.c
index 72a8d57051..a7b40d1c60 100644
--- a/crypto/ec/ec2_smpt.c
+++ b/crypto/evp/e_camellia.c
@@ -1,9 +1,6 @@
-/* crypto/ec/ec2_smpt.c */
-/* This code was originally written by Douglas Stebila 
- * <dstebila@student.math.uwaterloo.ca> for the OpenSSL project.
- */
+/* crypto/evp/e_camellia.c -*- mode:C; c-file-style: "eay" -*- */
 /* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -56,86 +53,79 @@
  *
  */
 
+#include <openssl/opensslconf.h>
+#ifndef OPENSSL_NO_CAMELLIA
+#include <openssl/evp.h>
+#include <openssl/err.h>
+#include <string.h>
+#include <assert.h>
+#include <openssl/camellia.h>
+#include "evp_locl.h"
 
-/* Calaculates and sets the affine coordinates of an EC_POINT from the given
- * compressed coordinates.  Uses algorithm 2.3.4 of SEC 1. 
- * Note that the simple implementation only uses affine coordinates.
- *
- * This algorithm is patented by Certicom Corp. under US Patent 6,141,420
- * (for licensing information, contact licensing@certicom.com).
- * This function is disabled by default and can be enabled by defining the 
- * preprocessor macro OPENSSL_EC_BIN_PT_COMP at Configure-time.
- */
-int ec_GF2m_simple_set_compressed_coordinates(const EC_GROUP *group, EC_POINT *point,
-	const BIGNUM *x_, int y_bit, BN_CTX *ctx)
+static int camellia_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+	const unsigned char *iv, int enc);
+
+/* Camellia subkey Structure */
+typedef struct
 	{
-#ifndef OPENSSL_EC_BIN_PT_COMP	
-	ECerr(EC_F_EC_GF2M_SIMPLE_SET_COMPRESSED_COORDINATES, ERR_R_DISABLED);
-	return 0;
-#else
-	BN_CTX *new_ctx = NULL;
-	BIGNUM *tmp, *x, *y, *z;
-	int ret = 0, z0;
+	CAMELLIA_KEY ks;
+	} EVP_CAMELLIA_KEY;
 
-	/* clear error queue */
-	ERR_clear_error();
+/* Attribute operation for Camellia */
+#define data(ctx)	EVP_C_DATA(EVP_CAMELLIA_KEY,ctx)
 
-	if (ctx == NULL)
-		{
-		ctx = new_ctx = BN_CTX_new();
-		if (ctx == NULL)
-			return 0;
-		}
+IMPLEMENT_BLOCK_CIPHER(camellia_128, ks, Camellia, EVP_CAMELLIA_KEY,
+	NID_camellia_128, 16, 16, 16, 128,
+	0, camellia_init_key, NULL, 
+	EVP_CIPHER_set_asn1_iv,
+	EVP_CIPHER_get_asn1_iv,
+	NULL)
+IMPLEMENT_BLOCK_CIPHER(camellia_192, ks, Camellia, EVP_CAMELLIA_KEY,
+	NID_camellia_192, 16, 24, 16, 128,
+	0, camellia_init_key, NULL, 
+	EVP_CIPHER_set_asn1_iv,
+	EVP_CIPHER_get_asn1_iv,
+	NULL)
+IMPLEMENT_BLOCK_CIPHER(camellia_256, ks, Camellia, EVP_CAMELLIA_KEY,
+	NID_camellia_256, 16, 32, 16, 128,
+	0, camellia_init_key, NULL, 
+	EVP_CIPHER_set_asn1_iv,
+	EVP_CIPHER_get_asn1_iv,
+	NULL)
 
-	y_bit = (y_bit != 0) ? 1 : 0;
+#define IMPLEMENT_CAMELLIA_CFBR(ksize,cbits)	IMPLEMENT_CFBR(camellia,Camellia,EVP_CAMELLIA_KEY,ks,ksize,cbits,16)
 
-	BN_CTX_start(ctx);
-	tmp = BN_CTX_get(ctx);
-	x = BN_CTX_get(ctx);
-	y = BN_CTX_get(ctx);
-	z = BN_CTX_get(ctx);
-	if (z == NULL) goto err;
+IMPLEMENT_CAMELLIA_CFBR(128,1)
+IMPLEMENT_CAMELLIA_CFBR(192,1)
+IMPLEMENT_CAMELLIA_CFBR(256,1)
 
-	if (!BN_GF2m_mod_arr(x, x_, group->poly)) goto err;
-	if (BN_is_zero(x))
-		{
-		if (!BN_GF2m_mod_sqrt_arr(y, &group->b, group->poly, ctx)) goto err;
-		}
-	else
+IMPLEMENT_CAMELLIA_CFBR(128,8)
+IMPLEMENT_CAMELLIA_CFBR(192,8)
+IMPLEMENT_CAMELLIA_CFBR(256,8)
+
+
+
+/* The subkey for Camellia is generated. */ 
+static int camellia_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+	const unsigned char *iv, int enc)
+	{
+	int ret;
+
+	ret=Camellia_set_key(key, ctx->key_len * 8, ctx->cipher_data);
+
+	if(ret < 0)
 		{
-		if (!group->meth->field_sqr(group, tmp, x, ctx)) goto err;
-		if (!group->meth->field_div(group, tmp, &group->b, tmp, ctx)) goto err;
-		if (!BN_GF2m_add(tmp, &group->a, tmp)) goto err;
-		if (!BN_GF2m_add(tmp, x, tmp)) goto err;
-		if (!BN_GF2m_mod_solve_quad_arr(z, tmp, group->poly, ctx))
-			{
-			unsigned long err = ERR_peek_last_error();
-			
-			if (ERR_GET_LIB(err) == ERR_LIB_BN && ERR_GET_REASON(err) == BN_R_NO_SOLUTION)
-				{
-				ERR_clear_error();
-				ECerr(EC_F_EC_GF2M_SIMPLE_SET_COMPRESSED_COORDINATES, EC_R_INVALID_COMPRESSED_POINT);
-				}
-			else
-				ECerr(EC_F_EC_GF2M_SIMPLE_SET_COMPRESSED_COORDINATES, ERR_R_BN_LIB);
-			goto err;
-			}
-		z0 = (BN_is_odd(z)) ? 1 : 0;
-		if (!group->meth->field_mul(group, y, x, z, ctx)) goto err;
-		if (z0 != y_bit)
-			{
-			if (!BN_GF2m_add(y, y, x)) goto err;
-			}
+		EVPerr(EVP_F_CAMELLIA_INIT_KEY,EVP_R_CAMELLIA_KEY_SETUP_FAILED);
+		return 0;
 		}
 
-	if (!EC_POINT_set_affine_coordinates_GF2m(group, point, x, y, ctx)) goto err;
+	return 1;
+	}
+
+#else
 
-	ret = 1;
+# ifdef PEDANTIC
+static void *dummy=&dummy;
+# endif
 
- err:
-	BN_CTX_end(ctx);
-	if (new_ctx != NULL)
-		BN_CTX_free(new_ctx);
-	return ret;
 #endif
-	}
diff --git a/crypto/evp/e_des.c b/crypto/evp/e_des.c
index 856323648c..ca009f2c52 100644
--- a/crypto/evp/e_des.c
+++ b/crypto/evp/e_des.c
@@ -72,7 +72,7 @@ static int des_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr);
 /* Because of various casts and different names can't use IMPLEMENT_BLOCK_CIPHER */
 
 static int des_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-			  const unsigned char *in, unsigned int inl)
+			  const unsigned char *in, size_t inl)
 {
 	BLOCK_CIPHER_ecb_loop()
 		DES_ecb_encrypt((DES_cblock *)(in + i), (DES_cblock *)(out + i), ctx->cipher_data, ctx->encrypt);
@@ -80,24 +80,52 @@ static int des_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
 }
 
 static int des_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-			  const unsigned char *in, unsigned int inl)
+			  const unsigned char *in, size_t inl)
 {
-	DES_ofb64_encrypt(in, out, (long)inl, ctx->cipher_data, (DES_cblock *)ctx->iv, &ctx->num);
+	while(inl>=EVP_MAXCHUNK)
+		{
+		DES_ofb64_encrypt(in, out, (long)EVP_MAXCHUNK, ctx->cipher_data,
+				(DES_cblock *)ctx->iv, &ctx->num);
+		inl-=EVP_MAXCHUNK;
+		in +=EVP_MAXCHUNK;
+		out+=EVP_MAXCHUNK;
+		}
+	if (inl)
+		DES_ofb64_encrypt(in, out, (long)inl, ctx->cipher_data,
+				(DES_cblock *)ctx->iv, &ctx->num);
 	return 1;
 }
 
 static int des_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-			  const unsigned char *in, unsigned int inl)
+			  const unsigned char *in, size_t inl)
 {
-	DES_ncbc_encrypt(in, out, (long)inl, ctx->cipher_data,
-			 (DES_cblock *)ctx->iv, ctx->encrypt);
+	while(inl>=EVP_MAXCHUNK)
+		{
+		DES_ncbc_encrypt(in, out, (long)EVP_MAXCHUNK, ctx->cipher_data,
+				(DES_cblock *)ctx->iv, ctx->encrypt);
+		inl-=EVP_MAXCHUNK;
+		in +=EVP_MAXCHUNK;
+		out+=EVP_MAXCHUNK;
+		}
+	if (inl)
+		DES_ncbc_encrypt(in, out, (long)inl, ctx->cipher_data,
+				(DES_cblock *)ctx->iv, ctx->encrypt);
 	return 1;
 }
 
 static int des_cfb64_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-			    const unsigned char *in, unsigned int inl)
+			    const unsigned char *in, size_t inl)
 {
-	DES_cfb64_encrypt(in, out, (long)inl, ctx->cipher_data,
+	while(inl>=EVP_MAXCHUNK)
+		{
+		DES_cfb64_encrypt(in,out, (long)EVP_MAXCHUNK, ctx->cipher_data,
+				(DES_cblock *)ctx->iv, &ctx->num, ctx->encrypt);
+		inl-=EVP_MAXCHUNK;
+		in +=EVP_MAXCHUNK;
+		out+=EVP_MAXCHUNK;
+		}
+	if (inl)
+		DES_cfb64_encrypt(in, out, (long)inl, ctx->cipher_data,
 			  (DES_cblock *)ctx->iv, &ctx->num, ctx->encrypt);
 	return 1;
 }
@@ -105,26 +133,46 @@ static int des_cfb64_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
 /* Although we have a CFB-r implementation for DES, it doesn't pack the right
    way, so wrap it here */
 static int des_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-			   const unsigned char *in, unsigned int inl)
+			   const unsigned char *in, size_t inl)
     {
-    unsigned int n;
+    size_t n,chunk=EVP_MAXCHUNK/8;
     unsigned char c[1],d[1];
 
-    for(n=0 ; n < inl ; ++n)
+    if (inl<chunk) chunk=inl;
+
+    while (inl && inl>=chunk)
 	{
-	c[0]=(in[n/8]&(1 << (7-n%8))) ? 0x80 : 0;
-	DES_cfb_encrypt(c,d,1,1,ctx->cipher_data,(DES_cblock *)ctx->iv,
+	for(n=0 ; n < chunk*8; ++n)
+	    {
+	    c[0]=(in[n/8]&(1 << (7-n%8))) ? 0x80 : 0;
+	    DES_cfb_encrypt(c,d,1,1,ctx->cipher_data,(DES_cblock *)ctx->iv,
 			ctx->encrypt);
-	out[n/8]=(out[n/8]&~(0x80 >> (n%8)))|((d[0]&0x80) >> (n%8));
+	    out[n/8]=(out[n/8]&~(0x80 >> (unsigned int)(n%8))) |
+		     ((d[0]&0x80) >> (unsigned int)(n%8));
+	    }
+	inl-=chunk;
+	in +=chunk;
+	out+=chunk;
+	if (inl<chunk) chunk=inl;
 	}
+
     return 1;
     }
 
 static int des_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-			   const unsigned char *in, unsigned int inl)
+			   const unsigned char *in, size_t inl)
     {
-    DES_cfb_encrypt(in,out,8,inl,ctx->cipher_data,(DES_cblock *)ctx->iv,
-		    ctx->encrypt);
+    while (inl>=EVP_MAXCHUNK)
+	{
+	DES_cfb_encrypt(in,out,8,(long)EVP_MAXCHUNK,ctx->cipher_data,
+			(DES_cblock *)ctx->iv,ctx->encrypt);
+	inl-=EVP_MAXCHUNK;
+	in +=EVP_MAXCHUNK;
+	out+=EVP_MAXCHUNK;
+	}
+    if (inl)
+	DES_cfb_encrypt(in,out,8,(long)inl,ctx->cipher_data,
+			(DES_cblock *)ctx->iv,ctx->encrypt);
     return 1;
     }
 
diff --git a/crypto/evp/e_des3.c b/crypto/evp/e_des3.c
index ac148efab2..3232cfe024 100644
--- a/crypto/evp/e_des3.c
+++ b/crypto/evp/e_des3.c
@@ -85,7 +85,7 @@ typedef struct
 /* Because of various casts and different args can't use IMPLEMENT_BLOCK_CIPHER */
 
 static int des_ede_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-			      const unsigned char *in, unsigned int inl)
+			      const unsigned char *in, size_t inl)
 {
 	BLOCK_CIPHER_ecb_loop()
 		DES_ecb3_encrypt((const_DES_cblock *)(in + i),
@@ -97,16 +97,27 @@ static int des_ede_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
 }
 
 static int des_ede_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-			      const unsigned char *in, unsigned int inl)
+			      const unsigned char *in, size_t inl)
 {
-	DES_ede3_ofb64_encrypt(in, out, (long)inl,
+	if (inl>=EVP_MAXCHUNK)
+		{
+		DES_ede3_ofb64_encrypt(in, out, (long)EVP_MAXCHUNK,
 			       &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3,
 			       (DES_cblock *)ctx->iv, &ctx->num);
+		inl-=EVP_MAXCHUNK;
+		in +=EVP_MAXCHUNK;
+		out+=EVP_MAXCHUNK;
+		}
+	if (inl)
+		DES_ede3_ofb64_encrypt(in, out, (long)inl,
+				&data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3,
+                               (DES_cblock *)ctx->iv, &ctx->num);
+
 	return 1;
 }
 
 static int des_ede_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-			      const unsigned char *in, unsigned int inl)
+			      const unsigned char *in, size_t inl)
 {
 #ifdef KSSL_DEBUG
 	{
@@ -119,27 +130,47 @@ static int des_ede_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
 	printf("\n");
 	}
 #endif    /* KSSL_DEBUG */
-	DES_ede3_cbc_encrypt(in, out, (long)inl,
+	if (inl>=EVP_MAXCHUNK)
+		{
+		DES_ede3_cbc_encrypt(in, out, (long)EVP_MAXCHUNK,
 			     &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3,
 			     (DES_cblock *)ctx->iv, ctx->encrypt);
+		inl-=EVP_MAXCHUNK;
+		in +=EVP_MAXCHUNK;
+		out+=EVP_MAXCHUNK;
+		}
+	if (inl)
+		DES_ede3_cbc_encrypt(in, out, (long)inl,
+			     &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3,
+                             (DES_cblock *)ctx->iv, ctx->encrypt);
 	return 1;
 }
 
 static int des_ede_cfb64_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-			      const unsigned char *in, unsigned int inl)
+			      const unsigned char *in, size_t inl)
 {
-	DES_ede3_cfb64_encrypt(in, out, (long)inl, 
+	if (inl>=EVP_MAXCHUNK)
+		{
+		DES_ede3_cfb64_encrypt(in, out, (long)EVP_MAXCHUNK, 
 			       &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3,
 			       (DES_cblock *)ctx->iv, &ctx->num, ctx->encrypt);
+		inl-=EVP_MAXCHUNK;
+		in +=EVP_MAXCHUNK;
+		out+=EVP_MAXCHUNK;
+		}
+	if (inl)
+		DES_ede3_cfb64_encrypt(in, out, (long)inl,
+			       &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3,
+                               (DES_cblock *)ctx->iv, &ctx->num, ctx->encrypt);
 	return 1;
 }
 
 /* Although we have a CFB-r implementation for 3-DES, it doesn't pack the right
    way, so wrap it here */
 static int des_ede3_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-				const unsigned char *in, unsigned int inl)
+				const unsigned char *in, size_t inl)
     {
-    unsigned int n;
+    size_t n;
     unsigned char c[1],d[1];
 
     for(n=0 ; n < inl ; ++n)
@@ -148,18 +179,29 @@ static int des_ede3_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
 	DES_ede3_cfb_encrypt(c,d,1,1,
 			     &data(ctx)->ks1,&data(ctx)->ks2,&data(ctx)->ks3,
 			     (DES_cblock *)ctx->iv,ctx->encrypt);
-	out[n/8]=(out[n/8]&~(0x80 >> (n%8)))|((d[0]&0x80) >> (n%8));
+	out[n/8]=(out[n/8]&~(0x80 >> (unsigned int)(n%8))) |
+		 ((d[0]&0x80) >> (unsigned int)(n%8));
 	}
 
     return 1;
     }
 
 static int des_ede3_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-				const unsigned char *in, unsigned int inl)
+				const unsigned char *in, size_t inl)
     {
-    DES_ede3_cfb_encrypt(in,out,8,inl,
+    while (inl>=EVP_MAXCHUNK)
+	{
+	DES_ede3_cfb_encrypt(in,out,8,(long)EVP_MAXCHUNK,
 			 &data(ctx)->ks1,&data(ctx)->ks2,&data(ctx)->ks3,
 			 (DES_cblock *)ctx->iv,ctx->encrypt);
+	inl-=EVP_MAXCHUNK;
+	in +=EVP_MAXCHUNK;
+	out+=EVP_MAXCHUNK;
+	}
+    if (inl)
+	DES_ede3_cfb_encrypt(in,out,8,(long)inl,
+			&data(ctx)->ks1,&data(ctx)->ks2,&data(ctx)->ks3,
+			(DES_cblock *)ctx->iv,ctx->encrypt);
     return 1;
     }
 
diff --git a/crypto/evp/e_idea.c b/crypto/evp/e_idea.c
index 48c33a774a..806b080360 100644
--- a/crypto/evp/e_idea.c
+++ b/crypto/evp/e_idea.c
@@ -73,7 +73,7 @@ static int idea_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
  */
 
 static int idea_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-			   const unsigned char *in, unsigned int inl)
+			   const unsigned char *in, size_t inl)
 {
 	BLOCK_CIPHER_ecb_loop()
 		idea_ecb_encrypt(in + i, out + i, ctx->cipher_data);
diff --git a/crypto/evp/e_null.c b/crypto/evp/e_null.c
index 2420d7e5af..7cf50e1416 100644
--- a/crypto/evp/e_null.c
+++ b/crypto/evp/e_null.c
@@ -64,7 +64,7 @@
 static int null_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
 	const unsigned char *iv,int enc);
 static int null_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-	const unsigned char *in, unsigned int inl);
+	const unsigned char *in, size_t inl);
 static const EVP_CIPHER n_cipher=
 	{
 	NID_undef,
@@ -76,6 +76,7 @@ static const EVP_CIPHER n_cipher=
 	0,
 	NULL,
 	NULL,
+	NULL,
 	NULL
 	};
 
@@ -92,10 +93,10 @@ static int null_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
 	}
 
 static int null_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-	     const unsigned char *in, unsigned int inl)
+	     const unsigned char *in, size_t inl)
 	{
 	if (in != out)
-		memcpy((char *)out,(char *)in,(int)inl);
+		memcpy((char *)out,(const char *)in,inl);
 	return 1;
 	}
 
diff --git a/crypto/evp/e_old.c b/crypto/evp/e_old.c
index 66f3bf4276..1642af4869 100644
--- a/crypto/evp/e_old.c
+++ b/crypto/evp/e_old.c
@@ -70,44 +70,55 @@ static void *dummy = &dummy;
 
 #ifndef OPENSSL_NO_BF
 #undef EVP_bf_cfb
+const EVP_CIPHER *EVP_bf_cfb(void);
 const EVP_CIPHER *EVP_bf_cfb(void) { return EVP_bf_cfb64(); }
 #endif
 
 #ifndef OPENSSL_NO_DES
 #undef EVP_des_cfb
+const EVP_CIPHER *EVP_des_cfb(void);
 const EVP_CIPHER *EVP_des_cfb(void) { return EVP_des_cfb64(); }
 #undef EVP_des_ede3_cfb
+const EVP_CIPHER *EVP_des_ede3_cfb(void);
 const EVP_CIPHER *EVP_des_ede3_cfb(void) { return EVP_des_ede3_cfb64(); }
 #undef EVP_des_ede_cfb
+const EVP_CIPHER *EVP_des_ede_cfb(void);
 const EVP_CIPHER *EVP_des_ede_cfb(void) { return EVP_des_ede_cfb64(); }
 #endif
 
 #ifndef OPENSSL_NO_IDEA
 #undef EVP_idea_cfb
+const EVP_CIPHER *EVP_idea_cfb(void);
 const EVP_CIPHER *EVP_idea_cfb(void) { return EVP_idea_cfb64(); }
 #endif
 
 #ifndef OPENSSL_NO_RC2
 #undef EVP_rc2_cfb
+const EVP_CIPHER *EVP_rc2_cfb(void);
 const EVP_CIPHER *EVP_rc2_cfb(void) { return EVP_rc2_cfb64(); }
 #endif
 
-#ifndef OPENSSL_NO_CAST5
+#ifndef OPENSSL_NO_CAST
 #undef EVP_cast5_cfb
+const EVP_CIPHER *EVP_cast5_cfb(void);
 const EVP_CIPHER *EVP_cast5_cfb(void) { return EVP_cast5_cfb64(); }
 #endif
 
 #ifndef OPENSSL_NO_RC5
 #undef EVP_rc5_32_12_16_cfb
+const EVP_CIPHER *EVP_rc5_32_12_16_cfb(void);
 const EVP_CIPHER *EVP_rc5_32_12_16_cfb(void) { return EVP_rc5_32_12_16_cfb64(); }
 #endif
 
 #ifndef OPENSSL_NO_AES
 #undef EVP_aes_128_cfb
+const EVP_CIPHER *EVP_aes_128_cfb(void);
 const EVP_CIPHER *EVP_aes_128_cfb(void) { return EVP_aes_128_cfb128(); }
 #undef EVP_aes_192_cfb
+const EVP_CIPHER *EVP_aes_192_cfb(void);
 const EVP_CIPHER *EVP_aes_192_cfb(void) { return EVP_aes_192_cfb128(); }
 #undef EVP_aes_256_cfb
+const EVP_CIPHER *EVP_aes_256_cfb(void);
 const EVP_CIPHER *EVP_aes_256_cfb(void) { return EVP_aes_256_cfb128(); }
 #endif
 
diff --git a/crypto/evp/e_rc2.c b/crypto/evp/e_rc2.c
index d37726ffae..d4c33b58d4 100644
--- a/crypto/evp/e_rc2.c
+++ b/crypto/evp/e_rc2.c
@@ -183,7 +183,8 @@ static int rc2_get_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
 		key_bits =rc2_magic_to_meth((int)num);
 		if (!key_bits)
 			return(-1);
-		if(i > 0) EVP_CipherInit_ex(c, NULL, NULL, NULL, iv, -1);
+		if(i > 0 && !EVP_CipherInit_ex(c, NULL, NULL, NULL, iv, -1))
+			return -1;
 		EVP_CIPHER_CTX_ctrl(c, EVP_CTRL_SET_RC2_KEY_BITS, key_bits, NULL);
 		EVP_CIPHER_CTX_set_key_length(c, key_bits / 8);
 		}
@@ -223,6 +224,11 @@ static int rc2_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
 			return 1;
 			}
 		return 0;
+#ifdef PBE_PRF_TEST
+	case EVP_CTRL_PBE_PRF_NID:
+		*(int *)ptr = NID_hmacWithMD5;
+		return 1;
+#endif
 
 	default:
 		return -1;
diff --git a/crypto/evp/e_rc4.c b/crypto/evp/e_rc4.c
index eadd8d4274..8b5175e0fd 100644
--- a/crypto/evp/e_rc4.c
+++ b/crypto/evp/e_rc4.c
@@ -78,7 +78,7 @@ typedef struct
 static int rc4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
 			const unsigned char *iv,int enc);
 static int rc4_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-		      const unsigned char *in, unsigned int inl);
+		      const unsigned char *in, size_t inl);
 static const EVP_CIPHER r4_cipher=
 	{
 	NID_rc4,
@@ -90,6 +90,7 @@ static const EVP_CIPHER r4_cipher=
 	sizeof(EVP_RC4_KEY),
 	NULL,
 	NULL,
+	NULL,
 	NULL
 	};
 
@@ -104,6 +105,7 @@ static const EVP_CIPHER r4_40_cipher=
 	sizeof(EVP_RC4_KEY),
 	NULL, 
 	NULL,
+	NULL,
 	NULL
 	};
 
@@ -126,7 +128,7 @@ static int rc4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
 	}
 
 static int rc4_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-		      const unsigned char *in, unsigned int inl)
+		      const unsigned char *in, size_t inl)
 	{
 	RC4(&data(ctx)->ks,inl,in,out);
 	return 1;
diff --git a/crypto/ec/ecp_recp.c b/crypto/evp/e_seed.c
index d454c12fd3..2d1759d276 100644
--- a/crypto/ec/ecp_recp.c
+++ b/crypto/evp/e_seed.c
@@ -1,6 +1,6 @@
-/* crypto/ec/ecp_recp.c */
+/* crypto/evp/e_seed.c -*- mode:C; c-file-style: "eay" -*- */
 /* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 2007 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -52,95 +52,32 @@
  * Hudson (tjh@cryptsoft.com).
  *
  */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * Portions of this software developed by SUN MICROSYSTEMS, INC.,
- * and contributed to the OpenSSL project.
- */
 
-#include "ec_lcl.h"
+#include <openssl/opensslconf.h>
+#ifndef OPENSSL_NO_SEED
+#include <openssl/evp.h>
+#include <openssl/err.h>
+#include <string.h>
+#include <assert.h>
+#include <openssl/seed.h>
+#include "evp_locl.h"
 
-#if 0
-const EC_METHOD *EC_GFp_recp_method(void)
+static int seed_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,	const unsigned char *iv, int enc);
+
+typedef struct
 	{
-	static const EC_METHOD ret = {
-		ec_GFp_recp_group_init,
-		ec_GFp_recp_group_finish,
-		ec_GFp_recp_group_clear_finish,
-		ec_GFp_recp_group_copy,
-		ec_GFp_recp_group_set_curve,
-		ec_GFp_simple_group_get_curve,
-		ec_GFp_simple_group_get_degree,
-		ec_GFp_simple_group_set_generator,
-		ec_GFp_simple_group_get0_generator,
-		ec_GFp_simple_group_get_order,
-		ec_GFp_simple_group_get_cofactor,
-		ec_GFp_simple_group_check_discriminant,
-		ec_GFp_simple_point_init,
-		ec_GFp_simple_point_finish,
-		ec_GFp_simple_point_clear_finish,
-		ec_GFp_simple_point_copy,
-		ec_GFp_simple_point_set_to_infinity,
-		ec_GFp_simple_set_Jprojective_coordinates_GFp,
-		ec_GFp_simple_get_Jprojective_coordinates_GFp,
-		ec_GFp_simple_point_set_affine_coordinates,
-		ec_GFp_simple_point_get_affine_coordinates,
-		ec_GFp_simple_set_compressed_coordinates,
-		ec_GFp_simple_point2oct,
-		ec_GFp_simple_oct2point,
-		ec_GFp_simple_add,
-		ec_GFp_simple_dbl,
-		ec_GFp_simple_invert,
-		ec_GFp_simple_is_at_infinity,
-		ec_GFp_simple_is_on_curve,
-		ec_GFp_simple_cmp,
-		ec_GFp_simple_make_affine,
-		ec_GFp_simple_points_make_affine,
-		0 /* mul */,
-		0 /* precompute_mult */,
-		0 /* have_precompute_mult */,	
-		ec_GFp_recp_field_mul,
-		ec_GFp_recp_field_sqr,
-		0 /* field_div */,
-		0 /* field_encode */,
-		0 /* field_decode */,
-		0 /* field_set_to_one */ };
+	SEED_KEY_SCHEDULE ks;
+	} EVP_SEED_KEY;
 
-	return &ret;
-	}
-#endif
+IMPLEMENT_BLOCK_CIPHER(seed, ks, SEED, EVP_SEED_KEY, NID_seed,
+                       16, 16, 16, 128,
+                       0, seed_init_key, 0, 0, 0, 0)
 
-int ec_GFp_recp_group_init(EC_GROUP *group)
+static int seed_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+                         const unsigned char *iv, int enc)
 	{
-	int ok;
-
-	ok = ec_GFp_simple_group_init(group);
-	group->field_data1 = NULL;
-	return ok;
+	SEED_set_key(key, ctx->cipher_data);
+	return 1;
 	}
 
-/* Avoid "redundant redeclaration" warnings */
-#if 0
-int ec_GFp_recp_group_set_curve(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
-/* TODO */
-
-
-void ec_GFp_recp_group_finish(EC_GROUP *group);
-/* TODO */
-
-
-void ec_GFp_recp_group_clear_finish(EC_GROUP *group);
-/* TODO */
-
-
-int ec_GFp_recp_group_copy(EC_GROUP *dest, const EC_GROUP *src);
-/* TODO */
-
-
-int ec_GFp_recp_field_mul(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
-/* TODO */
-
-
-int ec_GFp_recp_field_sqr(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, BN_CTX *ctx);
-/* TODO */
 #endif
diff --git a/crypto/evp/e_xcbc_d.c b/crypto/evp/e_xcbc_d.c
index cb82815a82..250e88c8c5 100644
--- a/crypto/evp/e_xcbc_d.c
+++ b/crypto/evp/e_xcbc_d.c
@@ -63,12 +63,13 @@
 
 #include <openssl/evp.h>
 #include <openssl/objects.h>
+#include "evp_locl.h"
 #include <openssl/des.h>
 
 static int desx_cbc_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
 			     const unsigned char *iv,int enc);
 static int desx_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-			   const unsigned char *in, unsigned int inl);
+			   const unsigned char *in, size_t inl);
 
 
 typedef struct
@@ -91,6 +92,7 @@ static const EVP_CIPHER d_xcbc_cipher=
 	sizeof(DESX_CBC_KEY),
 	EVP_CIPHER_set_asn1_iv,
 	EVP_CIPHER_get_asn1_iv,
+	NULL,
 	NULL
 	};
 
@@ -112,13 +114,25 @@ static int desx_cbc_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
 	}
 
 static int desx_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-			   const unsigned char *in, unsigned int inl)
+			   const unsigned char *in, size_t inl)
 	{
-	DES_xcbc_encrypt(in,out,inl,&data(ctx)->ks,
+	while (inl>=EVP_MAXCHUNK)
+		{
+		DES_xcbc_encrypt(in,out,(long)EVP_MAXCHUNK,&data(ctx)->ks,
 			 (DES_cblock *)&(ctx->iv[0]),
 			 &data(ctx)->inw,
 			 &data(ctx)->outw,
 			 ctx->encrypt);
+		inl-=EVP_MAXCHUNK;
+		in +=EVP_MAXCHUNK;
+		out+=EVP_MAXCHUNK;
+		}
+	if (inl)
+		DES_xcbc_encrypt(in,out,(long)inl,&data(ctx)->ks,
+			(DES_cblock *)&(ctx->iv[0]),
+			&data(ctx)->inw,
+			&data(ctx)->outw,
+			ctx->encrypt);
 	return 1;
 	}
 #endif
diff --git a/crypto/evp/encode.c b/crypto/evp/encode.c
index 2968f6460a..b42c747249 100644
--- a/crypto/evp/encode.c
+++ b/crypto/evp/encode.c
@@ -85,7 +85,7 @@
 #define CHUNKS_PER_LINE (64/4)
 #define CHAR_PER_LINE   (64+1)
 
-static unsigned char data_bin2ascii[65]="ABCDEFGHIJKLMNOPQRSTUVWXYZ\
+static const unsigned char data_bin2ascii[65]="ABCDEFGHIJKLMNOPQRSTUVWXYZ\
 abcdefghijklmnopqrstuvwxyz0123456789+/";
 
 /* 0xF0 is a EOLN
@@ -102,7 +102,7 @@ abcdefghijklmnopqrstuvwxyz0123456789+/";
 #define B64_ERROR       	0xFF
 #define B64_NOT_BASE64(a)	(((a)|0x13) == 0xF3)
 
-static unsigned char data_ascii2bin[128]={
+static const unsigned char data_ascii2bin[128]={
 	0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
 	0xFF,0xE0,0xF0,0xFF,0xFF,0xF1,0xFF,0xFF,
 	0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
@@ -313,7 +313,7 @@ int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
 			/* There will never be more than two '=' */
 			}
 
-		if ((v == B64_EOF) || (n >= 64))
+		if ((v == B64_EOF && (n&3) == 0) || (n >= 64))
 			{
 			/* This is needed to work correctly on 64 byte input
 			 * lines.  We process the line and then need to
@@ -323,8 +323,8 @@ int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
 			if (n > 0)
 				{
 				v=EVP_DecodeBlock(out,d,n);
-				if (v < 0) { rv=0; goto end; }
 				n=0;
+				if (v < 0) { rv=0; goto end; }
 				ret+=(v-eof);
 				}
 			else
diff --git a/crypto/evp/evp.h b/crypto/evp/evp.h
index 70c79b3464..9064164941 100644
--- a/crypto/evp/evp.h
+++ b/crypto/evp/evp.h
@@ -115,6 +115,7 @@
 #define EVP_PKEY_DSA4	NID_dsaWithSHA1_2
 #define EVP_PKEY_DH	NID_dhKeyAgreement
 #define EVP_PKEY_EC	NID_X9_62_id_ecPublicKey
+#define EVP_PKEY_HMAC	NID_hmac
 
 #ifdef	__cplusplus
 extern "C" {
@@ -128,6 +129,8 @@ struct evp_pkey_st
 	int type;
 	int save_type;
 	int references;
+	const EVP_PKEY_ASN1_METHOD *ameth;
+	ENGINE *engine;
 	union	{
 		char *ptr;
 #ifndef OPENSSL_NO_RSA
@@ -140,7 +143,7 @@ struct evp_pkey_st
 		struct dh_st *dh;	/* DH */
 #endif
 #ifndef OPENSSL_NO_EC
-		struct ec_key_st *eckey;/* ECC */
+		struct ec_key_st *ec;	/* ECC */
 #endif
 		} pkey;
 	int save_parameters;
@@ -152,73 +155,6 @@ struct evp_pkey_st
 #define EVP_PKEY_MO_ENCRYPT	0x0004
 #define EVP_PKEY_MO_DECRYPT	0x0008
 
-#if 0
-/* This structure is required to tie the message digest and signing together.
- * The lookup can be done by md/pkey_method, oid, oid/pkey_method, or
- * oid, md and pkey.
- * This is required because for various smart-card perform the digest and
- * signing/verification on-board.  To handle this case, the specific
- * EVP_MD and EVP_PKEY_METHODs need to be closely associated.
- * When a PKEY is created, it will have a EVP_PKEY_METHOD associated with it.
- * This can either be software or a token to provide the required low level
- * routines.
- */
-typedef struct evp_pkey_md_st
-	{
-	int oid;
-	EVP_MD *md;
-	EVP_PKEY_METHOD *pkey;
-	} EVP_PKEY_MD;
-
-#define EVP_rsa_md2() \
-		EVP_PKEY_MD_add(NID_md2WithRSAEncryption,\
-			EVP_rsa_pkcs1(),EVP_md2())
-#define EVP_rsa_md5() \
-		EVP_PKEY_MD_add(NID_md5WithRSAEncryption,\
-			EVP_rsa_pkcs1(),EVP_md5())
-#define EVP_rsa_sha0() \
-		EVP_PKEY_MD_add(NID_shaWithRSAEncryption,\
-			EVP_rsa_pkcs1(),EVP_sha())
-#define EVP_rsa_sha1() \
-		EVP_PKEY_MD_add(NID_sha1WithRSAEncryption,\
-			EVP_rsa_pkcs1(),EVP_sha1())
-#define EVP_rsa_ripemd160() \
-		EVP_PKEY_MD_add(NID_ripemd160WithRSA,\
-			EVP_rsa_pkcs1(),EVP_ripemd160())
-#define EVP_rsa_mdc2() \
-		EVP_PKEY_MD_add(NID_mdc2WithRSA,\
-			EVP_rsa_octet_string(),EVP_mdc2())
-#define EVP_dsa_sha() \
-		EVP_PKEY_MD_add(NID_dsaWithSHA,\
-			EVP_dsa(),EVP_sha())
-#define EVP_dsa_sha1() \
-		EVP_PKEY_MD_add(NID_dsaWithSHA1,\
-			EVP_dsa(),EVP_sha1())
-
-typedef struct evp_pkey_method_st
-	{
-	char *name;
-	int flags;
-	int type;		/* RSA, DSA, an SSLeay specific constant */
-	int oid;		/* For the pub-key type */
-	int encrypt_oid;	/* pub/priv key encryption */
-
-	int (*sign)();
-	int (*verify)();
-	struct	{
-		int (*set)();	/* get and/or set the underlying type */
-		int (*get)();
-		int (*encrypt)();
-		int (*decrypt)();
-		int (*i2d)();
-		int (*d2i)();
-		int (*dup)();
-		} pub,priv;
-	int (*set_asn1_parameters)();
-	int (*get_asn1_parameters)();
-	} EVP_PKEY_METHOD;
-#endif
-
 #ifndef EVP_MD
 struct env_md_st
 	{
@@ -233,20 +169,67 @@ struct env_md_st
 	int (*cleanup)(EVP_MD_CTX *ctx);
 
 	/* FIXME: prototype these some day */
-	int (*sign)();
-	int (*verify)();
+	int (*sign)(int type, const unsigned char *m, unsigned int m_length,
+		    unsigned char *sigret, unsigned int *siglen, void *key);
+	int (*verify)(int type, const unsigned char *m, unsigned int m_length,
+		      const unsigned char *sigbuf, unsigned int siglen,
+		      void *key);
 	int required_pkey_type[5]; /*EVP_PKEY_xxx */
 	int block_size;
 	int ctx_size; /* how big does the ctx->md_data need to be */
+	/* control function */
+	int (*md_ctrl)(EVP_MD_CTX *ctx, int cmd, int p1, void *p2);
 	} /* EVP_MD */;
 
+typedef int evp_sign_method(int type,const unsigned char *m,
+			    unsigned int m_length,unsigned char *sigret,
+			    unsigned int *siglen, void *key);
+typedef int evp_verify_method(int type,const unsigned char *m,
+			    unsigned int m_length,const unsigned char *sigbuf,
+			    unsigned int siglen, void *key);
+
 #define EVP_MD_FLAG_ONESHOT	0x0001 /* digest can only handle a single
 					* block */
 
+#define EVP_MD_FLAG_PKEY_DIGEST	0x0002 /* digest is a "clone" digest used
+					* which is a copy of an existing
+					* one for a specific public key type.
+					* EVP_dss1() etc */
+
+/* Digest uses EVP_PKEY_METHOD for signing instead of MD specific signing */
+
+#define EVP_MD_FLAG_PKEY_METHOD_SIGNATURE	0x0004
+
+/* DigestAlgorithmIdentifier flags... */
+
+#define EVP_MD_FLAG_DIGALGID_MASK		0x0018
+
+/* NULL or absent parameter accepted. Use NULL */
+
+#define EVP_MD_FLAG_DIGALGID_NULL		0x0000
+
+/* NULL or absent parameter accepted. Use NULL for PKCS#1 otherwise absent */
+
+#define EVP_MD_FLAG_DIGALGID_ABSENT		0x0008
+
+/* Custom handling via ctrl */
+
+#define EVP_MD_FLAG_DIGALGID_CUSTOM		0x0018
+
+/* Digest ctrls */
+
+#define	EVP_MD_CTRL_DIGALGID			0x1
+#define	EVP_MD_CTRL_MICALG			0x2
+
+/* Minimum Algorithm specific ctrl value */
+
+#define	EVP_MD_CTRL_ALG_CTRL			0x1000
+
 #define EVP_PKEY_NULL_method	NULL,NULL,{0,0,0,0}
 
 #ifndef OPENSSL_NO_DSA
-#define EVP_PKEY_DSA_method	DSA_sign,DSA_verify, \
+#define EVP_PKEY_DSA_method	(evp_sign_method *)DSA_sign, \
+				(evp_verify_method *)DSA_verify, \
 				{EVP_PKEY_DSA,EVP_PKEY_DSA2,EVP_PKEY_DSA3, \
 					EVP_PKEY_DSA4,0}
 #else
@@ -254,18 +237,20 @@ struct env_md_st
 #endif
 
 #ifndef OPENSSL_NO_ECDSA
-#define EVP_PKEY_ECDSA_method   ECDSA_sign,ECDSA_verify, \
+#define EVP_PKEY_ECDSA_method   (evp_sign_method *)ECDSA_sign, \
+				(evp_verify_method *)ECDSA_verify, \
                                  {EVP_PKEY_EC,0,0,0}
 #else   
 #define EVP_PKEY_ECDSA_method   EVP_PKEY_NULL_method
 #endif
 
 #ifndef OPENSSL_NO_RSA
-#define EVP_PKEY_RSA_method	RSA_sign,RSA_verify, \
+#define EVP_PKEY_RSA_method	(evp_sign_method *)RSA_sign, \
+				(evp_verify_method *)RSA_verify, \
 				{EVP_PKEY_RSA,EVP_PKEY_RSA2,0,0}
 #define EVP_PKEY_RSA_ASN1_OCTET_STRING_method \
-				RSA_sign_ASN1_OCTET_STRING, \
-				RSA_verify_ASN1_OCTET_STRING, \
+				(evp_sign_method *)RSA_sign_ASN1_OCTET_STRING, \
+				(evp_verify_method *)RSA_verify_ASN1_OCTET_STRING, \
 				{EVP_PKEY_RSA,EVP_PKEY_RSA2,0,0}
 #else
 #define EVP_PKEY_RSA_method	EVP_PKEY_NULL_method
@@ -280,6 +265,10 @@ struct env_md_ctx_st
 	ENGINE *engine; /* functional reference if 'digest' is ENGINE-provided */
 	unsigned long flags;
 	void *md_data;
+	/* Public key context for sign/verify */
+	EVP_PKEY_CTX *pctx;
+	/* Update function: usually copied from EVP_MD */
+	int (*update)(EVP_MD_CTX *ctx,const void *data,size_t count);
 	} /* EVP_MD_CTX */;
 
 /* values for EVP_MD_CTX flags */
@@ -290,6 +279,23 @@ struct env_md_ctx_st
 						* cleaned */
 #define EVP_MD_CTX_FLAG_REUSE		0x0004 /* Don't free up ctx->md_data
 						* in EVP_MD_CTX_cleanup */
+/* FIPS and pad options are ignored in 1.0.0, definitions are here
+ * so we don't accidentally reuse the values for other purposes.
+ */
+
+#define EVP_MD_CTX_FLAG_NON_FIPS_ALLOW	0x0008	/* Allow use of non FIPS digest
+						 * in FIPS mode */
+
+/* The following PAD options are also currently ignored in 1.0.0, digest
+ * parameters are handled through EVP_DigestSign*() and EVP_DigestVerify*()
+ * instead.
+ */
+#define EVP_MD_CTX_FLAG_PAD_MASK	0xF0	/* RSA mode to use */
+#define EVP_MD_CTX_FLAG_PAD_PKCS1	0x00	/* PKCS#1 v1.5 mode */
+#define EVP_MD_CTX_FLAG_PAD_X931	0x10	/* X9.31 mode */
+#define EVP_MD_CTX_FLAG_PAD_PSS		0x20	/* PSS mode */
+
+#define EVP_MD_CTX_FLAG_NO_INIT		0x0100 /* Don't initialize md_data */
 
 struct evp_cipher_st
 	{
@@ -301,7 +307,7 @@ struct evp_cipher_st
 	int (*init)(EVP_CIPHER_CTX *ctx, const unsigned char *key,
 		    const unsigned char *iv, int enc);	/* init key */
 	int (*do_cipher)(EVP_CIPHER_CTX *ctx, unsigned char *out,
-			 const unsigned char *in, unsigned int inl);/* encrypt/decrypt data */
+			 const unsigned char *in, size_t inl);/* encrypt/decrypt data */
 	int (*cleanup)(EVP_CIPHER_CTX *); /* cleanup ctx */
 	int ctx_size;		/* how big ctx->cipher_data needs to be */
 	int (*set_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *); /* Populate a ASN1_TYPE with parameters */
@@ -344,6 +350,7 @@ struct evp_cipher_st
 #define 	EVP_CTRL_GET_RC5_ROUNDS		0x4
 #define 	EVP_CTRL_SET_RC5_ROUNDS		0x5
 #define 	EVP_CTRL_RAND_KEY		0x6
+#define 	EVP_CTRL_PBE_PRF_NID		0x7
 
 typedef struct evp_cipher_info_st
 	{
@@ -416,36 +423,37 @@ typedef int (EVP_PBE_KEYGEN)(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
 #define EVP_get_cipherbynid(a) EVP_get_cipherbyname(OBJ_nid2sn(a))
 #define EVP_get_cipherbyobj(a) EVP_get_cipherbynid(OBJ_obj2nid(a))
 
-#define EVP_MD_type(e)			((e)->type)
+int EVP_MD_type(const EVP_MD *md);
 #define EVP_MD_nid(e)			EVP_MD_type(e)
 #define EVP_MD_name(e)			OBJ_nid2sn(EVP_MD_nid(e))
-#define EVP_MD_pkey_type(e)		((e)->pkey_type)
-#define EVP_MD_size(e)			((e)->md_size)
-#define EVP_MD_block_size(e)		((e)->block_size)
+int EVP_MD_pkey_type(const EVP_MD *md);	
+int EVP_MD_size(const EVP_MD *md);
+int EVP_MD_block_size(const EVP_MD *md);
+unsigned long EVP_MD_flags(const EVP_MD *md);
 
-#define EVP_MD_CTX_md(e)		((e)->digest)
-#define EVP_MD_CTX_size(e)		EVP_MD_size((e)->digest)
-#define EVP_MD_CTX_block_size(e)	EVP_MD_block_size((e)->digest)
-#define EVP_MD_CTX_type(e)		EVP_MD_type((e)->digest)
+const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx);
+#define EVP_MD_CTX_size(e)		EVP_MD_size(EVP_MD_CTX_md(e))
+#define EVP_MD_CTX_block_size(e)	EVP_MD_block_size(EVP_MD_CTX_md(e))
+#define EVP_MD_CTX_type(e)		EVP_MD_type(EVP_MD_CTX_md(e))
 
-#define EVP_CIPHER_nid(e)		((e)->nid)
+int EVP_CIPHER_nid(const EVP_CIPHER *cipher);
 #define EVP_CIPHER_name(e)		OBJ_nid2sn(EVP_CIPHER_nid(e))
-#define EVP_CIPHER_block_size(e)	((e)->block_size)
-#define EVP_CIPHER_key_length(e)	((e)->key_len)
-#define EVP_CIPHER_iv_length(e)		((e)->iv_len)
-#define EVP_CIPHER_flags(e)		((e)->flags)
-#define EVP_CIPHER_mode(e)		(((e)->flags) & EVP_CIPH_MODE)
-
-#define EVP_CIPHER_CTX_cipher(e)	((e)->cipher)
-#define EVP_CIPHER_CTX_nid(e)		((e)->cipher->nid)
-#define EVP_CIPHER_CTX_block_size(e)	((e)->cipher->block_size)
-#define EVP_CIPHER_CTX_key_length(e)	((e)->key_len)
-#define EVP_CIPHER_CTX_iv_length(e)	((e)->cipher->iv_len)
-#define EVP_CIPHER_CTX_get_app_data(e)	((e)->app_data)
-#define EVP_CIPHER_CTX_set_app_data(e,d) ((e)->app_data=(char *)(d))
+int EVP_CIPHER_block_size(const EVP_CIPHER *cipher);
+int EVP_CIPHER_key_length(const EVP_CIPHER *cipher);
+int EVP_CIPHER_iv_length(const EVP_CIPHER *cipher);
+unsigned long EVP_CIPHER_flags(const EVP_CIPHER *cipher);
+#define EVP_CIPHER_mode(e)		(EVP_CIPHER_flags(e) & EVP_CIPH_MODE)
+
+const EVP_CIPHER * EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx);
+int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx);
+int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx);
+int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx);
+int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx);
+void * EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx);
+void EVP_CIPHER_CTX_set_app_data(EVP_CIPHER_CTX *ctx, void *data);
 #define EVP_CIPHER_CTX_type(c)         EVP_CIPHER_type(EVP_CIPHER_CTX_cipher(c))
-#define EVP_CIPHER_CTX_flags(e)		((e)->cipher->flags)
-#define EVP_CIPHER_CTX_mode(e)		((e)->cipher->flags & EVP_CIPH_MODE)
+unsigned long EVP_CIPHER_CTX_flags(const EVP_CIPHER_CTX *ctx);
+#define EVP_CIPHER_CTX_mode(e)		(EVP_CIPHER_CTX_flags(e) & EVP_CIPH_MODE)
 
 #define EVP_ENCODE_LENGTH(l)	(((l+2)/3*4)+(l/48+1)*2+80)
 #define EVP_DECODE_LENGTH(l)	((l+3)/4*3+80)
@@ -458,6 +466,8 @@ typedef int (EVP_PBE_KEYGEN)(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
 #define	EVP_VerifyUpdate(a,b,c)		EVP_DigestUpdate(a,b,c)
 #define EVP_OpenUpdate(a,b,c,d,e)	EVP_DecryptUpdate(a,b,c,d,e)
 #define EVP_SealUpdate(a,b,c,d,e)	EVP_EncryptUpdate(a,b,c,d,e)	
+#define EVP_DigestSignUpdate(a,b,c)	EVP_DigestUpdate(a,b,c)
+#define EVP_DigestVerifyUpdate(a,b,c)	EVP_DigestUpdate(a,b,c)
 
 #ifdef CONST_STRICT
 void BIO_set_md(BIO *,const EVP_MD *md);
@@ -466,10 +476,14 @@ void BIO_set_md(BIO *,const EVP_MD *md);
 #endif
 #define BIO_get_md(b,mdp)		BIO_ctrl(b,BIO_C_GET_MD,0,(char *)mdp)
 #define BIO_get_md_ctx(b,mdcp)     BIO_ctrl(b,BIO_C_GET_MD_CTX,0,(char *)mdcp)
+#define BIO_set_md_ctx(b,mdcp)     BIO_ctrl(b,BIO_C_SET_MD_CTX,0,(char *)mdcp)
 #define BIO_get_cipher_status(b)	BIO_ctrl(b,BIO_C_GET_CIPHER_STATUS,0,NULL)
 #define BIO_get_cipher_ctx(b,c_pp)	BIO_ctrl(b,BIO_C_GET_CIPHER_CTX,0,(char *)c_pp)
 
-#define	EVP_Cipher(c,o,i,l)	(c)->cipher->do_cipher((c),(o),(i),(l))
+__owur int EVP_Cipher(EVP_CIPHER_CTX *c,
+		unsigned char *out,
+		const unsigned char *in,
+		unsigned int inl);
 
 #define EVP_add_cipher_alias(n,alias) \
 	OBJ_NAME_add((alias),OBJ_NAME_TYPE_CIPHER_METH|OBJ_NAME_ALIAS,(n))
@@ -484,73 +498,87 @@ void	EVP_MD_CTX_init(EVP_MD_CTX *ctx);
 int	EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx);
 EVP_MD_CTX *EVP_MD_CTX_create(void);
 void	EVP_MD_CTX_destroy(EVP_MD_CTX *ctx);
-int     EVP_MD_CTX_copy_ex(EVP_MD_CTX *out,const EVP_MD_CTX *in);  
-#define EVP_MD_CTX_set_flags(ctx,flgs) ((ctx)->flags|=(flgs))
-#define EVP_MD_CTX_clear_flags(ctx,flgs) ((ctx)->flags&=~(flgs))
-#define EVP_MD_CTX_test_flags(ctx,flgs) ((ctx)->flags&(flgs))
-int	EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
-int	EVP_DigestUpdate(EVP_MD_CTX *ctx,const void *d,
+__owur int     EVP_MD_CTX_copy_ex(EVP_MD_CTX *out,const EVP_MD_CTX *in);  
+void	EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags);
+void	EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags);
+int 	EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx,int flags);
+__owur int	EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
+__owur int	EVP_DigestUpdate(EVP_MD_CTX *ctx,const void *d,
 			 size_t cnt);
-int	EVP_DigestFinal_ex(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s);
-int	EVP_Digest(const void *data, size_t count,
+__owur int	EVP_DigestFinal_ex(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s);
+__owur int	EVP_Digest(const void *data, size_t count,
 		unsigned char *md, unsigned int *size, const EVP_MD *type, ENGINE *impl);
 
-int     EVP_MD_CTX_copy(EVP_MD_CTX *out,const EVP_MD_CTX *in);  
-int	EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
-int	EVP_DigestFinal(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s);
+__owur int     EVP_MD_CTX_copy(EVP_MD_CTX *out,const EVP_MD_CTX *in);  
+__owur int	EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
+__owur int	EVP_DigestFinal(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s);
 
 int	EVP_read_pw_string(char *buf,int length,const char *prompt,int verify);
 void	EVP_set_pw_prompt(const char *prompt);
 char *	EVP_get_pw_prompt(void);
 
-int	EVP_BytesToKey(const EVP_CIPHER *type,const EVP_MD *md,
+__owur int	EVP_BytesToKey(const EVP_CIPHER *type,const EVP_MD *md,
 		const unsigned char *salt, const unsigned char *data,
 		int datal, int count, unsigned char *key,unsigned char *iv);
 
-int	EVP_EncryptInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher,
+void	EVP_CIPHER_CTX_set_flags(EVP_CIPHER_CTX *ctx, int flags);
+void	EVP_CIPHER_CTX_clear_flags(EVP_CIPHER_CTX *ctx, int flags);
+int 	EVP_CIPHER_CTX_test_flags(const EVP_CIPHER_CTX *ctx,int flags);
+
+__owur int	EVP_EncryptInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher,
 		const unsigned char *key, const unsigned char *iv);
-int	EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, ENGINE *impl,
+__owur int	EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, ENGINE *impl,
 		const unsigned char *key, const unsigned char *iv);
-int	EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+__owur int	EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
 		int *outl, const unsigned char *in, int inl);
-int	EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
-int	EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+__owur int	EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+__owur int	EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
 
-int	EVP_DecryptInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher,
+__owur int	EVP_DecryptInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher,
 		const unsigned char *key, const unsigned char *iv);
-int	EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, ENGINE *impl,
+__owur int	EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, ENGINE *impl,
 		const unsigned char *key, const unsigned char *iv);
-int	EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+__owur int	EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
 		int *outl, const unsigned char *in, int inl);
-int	EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
-int	EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+__owur int	EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+__owur int	EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
 
-int	EVP_CipherInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher,
+__owur int	EVP_CipherInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher,
 		       const unsigned char *key,const unsigned char *iv,
 		       int enc);
-int	EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, ENGINE *impl,
+__owur int	EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, ENGINE *impl,
 		       const unsigned char *key,const unsigned char *iv,
 		       int enc);
-int	EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+__owur int	EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
 		int *outl, const unsigned char *in, int inl);
-int	EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
-int	EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+__owur int	EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+__owur int	EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
 
-int	EVP_SignFinal(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s,
+__owur int	EVP_SignFinal(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s,
 		EVP_PKEY *pkey);
 
-int	EVP_VerifyFinal(EVP_MD_CTX *ctx,const unsigned char *sigbuf,
+__owur int	EVP_VerifyFinal(EVP_MD_CTX *ctx,const unsigned char *sigbuf,
 		unsigned int siglen,EVP_PKEY *pkey);
 
-int	EVP_OpenInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *type,
+__owur int	EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
+			const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey);
+__owur int	EVP_DigestSignFinal(EVP_MD_CTX *ctx,
+			unsigned char *sigret, size_t *siglen);
+
+__owur int	EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
+			const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey);
+__owur int	EVP_DigestVerifyFinal(EVP_MD_CTX *ctx,
+			unsigned char *sig, size_t siglen);
+
+__owur int	EVP_OpenInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *type,
 		const unsigned char *ek, int ekl, const unsigned char *iv,
 		EVP_PKEY *priv);
-int	EVP_OpenFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+__owur int	EVP_OpenFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
 
-int	EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+__owur int	EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
 		 unsigned char **ek, int *ekl, unsigned char *iv,
 		EVP_PKEY **pubk, int npubk);
-int	EVP_SealFinal(EVP_CIPHER_CTX *ctx,unsigned char *out,int *outl);
+__owur int	EVP_SealFinal(EVP_CIPHER_CTX *ctx,unsigned char *out,int *outl);
 
 void	EVP_EncodeInit(EVP_ENCODE_CTX *ctx);
 void	EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx,unsigned char *out,int *outl,
@@ -567,6 +595,8 @@ int	EVP_DecodeBlock(unsigned char *t, const unsigned char *f, int n);
 
 void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *a);
 int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *a);
+EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void);
+void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *a);
 int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen);
 int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *c, int pad);
 int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr);
@@ -577,7 +607,7 @@ BIO_METHOD *BIO_f_md(void);
 BIO_METHOD *BIO_f_base64(void);
 BIO_METHOD *BIO_f_cipher(void);
 BIO_METHOD *BIO_f_reliable(void);
-void BIO_set_cipher(BIO *b,const EVP_CIPHER *c,const unsigned char *k,
+__owur int BIO_set_cipher(BIO *b,const EVP_CIPHER *c,const unsigned char *k,
 		const unsigned char *i, int enc);
 #endif
 
@@ -612,6 +642,9 @@ const EVP_MD *EVP_mdc2(void);
 #ifndef OPENSSL_NO_RIPEMD
 const EVP_MD *EVP_ripemd160(void);
 #endif
+#ifndef OPENSSL_NO_WHIRLPOOL
+const EVP_MD *EVP_whirlpool(void);
+#endif
 const EVP_CIPHER *EVP_enc_null(void);		/* does nothing :-) */
 #ifndef OPENSSL_NO_DES
 const EVP_CIPHER *EVP_des_ecb(void);
@@ -723,6 +756,37 @@ const EVP_CIPHER *EVP_aes_256_ofb(void);
 const EVP_CIPHER *EVP_aes_256_ctr(void);
 #endif
 #endif
+#ifndef OPENSSL_NO_CAMELLIA
+const EVP_CIPHER *EVP_camellia_128_ecb(void);
+const EVP_CIPHER *EVP_camellia_128_cbc(void);
+const EVP_CIPHER *EVP_camellia_128_cfb1(void);
+const EVP_CIPHER *EVP_camellia_128_cfb8(void);
+const EVP_CIPHER *EVP_camellia_128_cfb128(void);
+# define EVP_camellia_128_cfb EVP_camellia_128_cfb128
+const EVP_CIPHER *EVP_camellia_128_ofb(void);
+const EVP_CIPHER *EVP_camellia_192_ecb(void);
+const EVP_CIPHER *EVP_camellia_192_cbc(void);
+const EVP_CIPHER *EVP_camellia_192_cfb1(void);
+const EVP_CIPHER *EVP_camellia_192_cfb8(void);
+const EVP_CIPHER *EVP_camellia_192_cfb128(void);
+# define EVP_camellia_192_cfb EVP_camellia_192_cfb128
+const EVP_CIPHER *EVP_camellia_192_ofb(void);
+const EVP_CIPHER *EVP_camellia_256_ecb(void);
+const EVP_CIPHER *EVP_camellia_256_cbc(void);
+const EVP_CIPHER *EVP_camellia_256_cfb1(void);
+const EVP_CIPHER *EVP_camellia_256_cfb8(void);
+const EVP_CIPHER *EVP_camellia_256_cfb128(void);
+# define EVP_camellia_256_cfb EVP_camellia_256_cfb128
+const EVP_CIPHER *EVP_camellia_256_ofb(void);
+#endif
+
+#ifndef OPENSSL_NO_SEED
+const EVP_CIPHER *EVP_seed_ecb(void);
+const EVP_CIPHER *EVP_seed_cbc(void);
+const EVP_CIPHER *EVP_seed_cfb128(void);
+# define EVP_seed_cfb EVP_seed_cfb128
+const EVP_CIPHER *EVP_seed_ofb(void);
+#endif
 
 void OPENSSL_add_all_algorithms_noconf(void);
 void OPENSSL_add_all_algorithms_conf(void);
@@ -748,16 +812,31 @@ const EVP_CIPHER *EVP_get_cipherbyname(const char *name);
 const EVP_MD *EVP_get_digestbyname(const char *name);
 void EVP_cleanup(void);
 
-int		EVP_PKEY_decrypt(unsigned char *dec_key,
+void EVP_CIPHER_do_all(void (*fn)(const EVP_CIPHER *ciph,
+		const char *from, const char *to, void *x), void *arg);
+void EVP_CIPHER_do_all_sorted(void (*fn)(const EVP_CIPHER *ciph,
+		const char *from, const char *to, void *x), void *arg);
+
+void EVP_MD_do_all(void (*fn)(const EVP_MD *ciph,
+		const char *from, const char *to, void *x), void *arg);
+void EVP_MD_do_all_sorted(void (*fn)(const EVP_MD *ciph,
+		const char *from, const char *to, void *x), void *arg);
+
+int		EVP_PKEY_decrypt_old(unsigned char *dec_key,
 			const unsigned char *enc_key,int enc_key_len,
 			EVP_PKEY *private_key);
-int		EVP_PKEY_encrypt(unsigned char *enc_key,
+int		EVP_PKEY_encrypt_old(unsigned char *enc_key,
 			const unsigned char *key,int key_len,
 			EVP_PKEY *pub_key);
 int		EVP_PKEY_type(int type);
+int		EVP_PKEY_id(const EVP_PKEY *pkey);
+int		EVP_PKEY_base_id(const EVP_PKEY *pkey);
 int		EVP_PKEY_bits(EVP_PKEY *pkey);
 int		EVP_PKEY_size(EVP_PKEY *pkey);
-int 		EVP_PKEY_assign(EVP_PKEY *pkey,int type,char *key);
+int 		EVP_PKEY_set_type(EVP_PKEY *pkey,int type);
+int		EVP_PKEY_set_type_str(EVP_PKEY *pkey, const char *str, int len);
+int 		EVP_PKEY_assign(EVP_PKEY *pkey,int type,void *key);
+void *		EVP_PKEY_get0(EVP_PKEY *pkey);
 
 #ifndef OPENSSL_NO_RSA
 struct rsa_st;
@@ -782,6 +861,7 @@ struct ec_key_st *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey);
 
 EVP_PKEY *	EVP_PKEY_new(void);
 void		EVP_PKEY_free(EVP_PKEY *pkey);
+
 EVP_PKEY *	d2i_PublicKey(int type,EVP_PKEY **a, const unsigned char **pp,
 			long length);
 int		i2d_PublicKey(EVP_PKEY *a, unsigned char **pp);
@@ -799,6 +879,15 @@ int EVP_PKEY_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b);
 
 int EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b);
 
+int EVP_PKEY_print_public(BIO *out, const EVP_PKEY *pkey,
+				int indent, ASN1_PCTX *pctx);
+int EVP_PKEY_print_private(BIO *out, const EVP_PKEY *pkey,
+				int indent, ASN1_PCTX *pctx);
+int EVP_PKEY_print_params(BIO *out, const EVP_PKEY *pkey,
+				int indent, ASN1_PCTX *pctx);
+
+int EVP_PKEY_get_default_digest_nid(EVP_PKEY *pkey, int *pnid);
+
 int EVP_CIPHER_type(const EVP_CIPHER *ctx);
 
 /* calls methods */
@@ -816,6 +905,10 @@ int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
 int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen,
 			   const unsigned char *salt, int saltlen, int iter,
 			   int keylen, unsigned char *out);
+int PKCS5_PBKDF2_HMAC(const char *pass, int passlen,
+			   const unsigned char *salt, int saltlen, int iter,
+			   const EVP_MD *digest,
+		      int keylen, unsigned char *out);
 int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
 			 ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md,
 			 int en_de);
@@ -824,10 +917,261 @@ void PKCS5_PBE_add(void);
 
 int EVP_PBE_CipherInit (ASN1_OBJECT *pbe_obj, const char *pass, int passlen,
 	     ASN1_TYPE *param, EVP_CIPHER_CTX *ctx, int en_de);
+
+/* PBE type */
+
+/* Can appear as the outermost AlgorithmIdentifier */
+#define EVP_PBE_TYPE_OUTER	0x0
+/* Is an PRF type OID */
+#define EVP_PBE_TYPE_PRF	0x1
+
+int EVP_PBE_alg_add_type(int pbe_type, int pbe_nid, int cipher_nid, int md_nid,
+	     EVP_PBE_KEYGEN *keygen);
 int EVP_PBE_alg_add(int nid, const EVP_CIPHER *cipher, const EVP_MD *md,
 		    EVP_PBE_KEYGEN *keygen);
+int EVP_PBE_find(int type, int pbe_nid,
+			int *pcnid, int *pmnid, EVP_PBE_KEYGEN **pkeygen);
 void EVP_PBE_cleanup(void);
 
+#define ASN1_PKEY_ALIAS		0x1
+#define ASN1_PKEY_DYNAMIC	0x2
+#define ASN1_PKEY_SIGPARAM_NULL	0x4
+
+#define ASN1_PKEY_CTRL_PKCS7_SIGN	0x1
+#define ASN1_PKEY_CTRL_PKCS7_ENCRYPT	0x2
+#define ASN1_PKEY_CTRL_DEFAULT_MD_NID	0x3
+#define ASN1_PKEY_CTRL_CMS_SIGN		0x5
+#define ASN1_PKEY_CTRL_CMS_ENVELOPE	0x7
+
+int EVP_PKEY_asn1_get_count(void);
+const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_get0(int idx);
+const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find(ENGINE **pe, int type);
+const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find_str(ENGINE **pe,
+					const char *str, int len);
+int EVP_PKEY_asn1_add0(const EVP_PKEY_ASN1_METHOD *ameth);
+int EVP_PKEY_asn1_add_alias(int to, int from);
+int EVP_PKEY_asn1_get0_info(int *ppkey_id, int *pkey_base_id, int *ppkey_flags,
+				const char **pinfo, const char **ppem_str,
+					const EVP_PKEY_ASN1_METHOD *ameth);
+
+const EVP_PKEY_ASN1_METHOD* EVP_PKEY_get0_asn1(EVP_PKEY *pkey);
+EVP_PKEY_ASN1_METHOD* EVP_PKEY_asn1_new(int id, int flags,
+					const char *pem_str, const char *info);
+void EVP_PKEY_asn1_copy(EVP_PKEY_ASN1_METHOD *dst, 
+			const EVP_PKEY_ASN1_METHOD *src);
+void EVP_PKEY_asn1_free(EVP_PKEY_ASN1_METHOD *ameth);
+void EVP_PKEY_asn1_set_public(EVP_PKEY_ASN1_METHOD *ameth,
+		int (*pub_decode)(EVP_PKEY *pk, X509_PUBKEY *pub),
+		int (*pub_encode)(X509_PUBKEY *pub, const EVP_PKEY *pk),
+		int (*pub_cmp)(const EVP_PKEY *a, const EVP_PKEY *b),
+		int (*pub_print)(BIO *out, const EVP_PKEY *pkey, int indent,
+							ASN1_PCTX *pctx),
+		int (*pkey_size)(const EVP_PKEY *pk),
+		int (*pkey_bits)(const EVP_PKEY *pk));
+void EVP_PKEY_asn1_set_private(EVP_PKEY_ASN1_METHOD *ameth,
+		int (*priv_decode)(EVP_PKEY *pk, PKCS8_PRIV_KEY_INFO *p8inf),
+		int (*priv_encode)(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk),
+		int (*priv_print)(BIO *out, const EVP_PKEY *pkey, int indent,
+							ASN1_PCTX *pctx));
+void EVP_PKEY_asn1_set_param(EVP_PKEY_ASN1_METHOD *ameth,
+		int (*param_decode)(EVP_PKEY *pkey,
+				const unsigned char **pder, int derlen),
+		int (*param_encode)(const EVP_PKEY *pkey, unsigned char **pder),
+		int (*param_missing)(const EVP_PKEY *pk),
+		int (*param_copy)(EVP_PKEY *to, const EVP_PKEY *from),
+		int (*param_cmp)(const EVP_PKEY *a, const EVP_PKEY *b),
+		int (*param_print)(BIO *out, const EVP_PKEY *pkey, int indent,
+							ASN1_PCTX *pctx));
+
+void EVP_PKEY_asn1_set_free(EVP_PKEY_ASN1_METHOD *ameth,
+		void (*pkey_free)(EVP_PKEY *pkey));
+void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth,
+		int (*pkey_ctrl)(EVP_PKEY *pkey, int op,
+							long arg1, void *arg2));
+
+
+#define EVP_PKEY_OP_UNDEFINED		0
+#define EVP_PKEY_OP_PARAMGEN		(1<<1)
+#define EVP_PKEY_OP_KEYGEN		(1<<2)
+#define EVP_PKEY_OP_SIGN		(1<<3)
+#define EVP_PKEY_OP_VERIFY		(1<<4)
+#define EVP_PKEY_OP_VERIFYRECOVER	(1<<5)
+#define EVP_PKEY_OP_SIGNCTX		(1<<6)
+#define EVP_PKEY_OP_VERIFYCTX		(1<<7)
+#define EVP_PKEY_OP_ENCRYPT		(1<<8)
+#define EVP_PKEY_OP_DECRYPT		(1<<9)
+#define EVP_PKEY_OP_DERIVE		(1<<10)
+
+#define EVP_PKEY_OP_TYPE_SIG	\
+	(EVP_PKEY_OP_SIGN | EVP_PKEY_OP_VERIFY | EVP_PKEY_OP_VERIFYRECOVER \
+		| EVP_PKEY_OP_SIGNCTX | EVP_PKEY_OP_VERIFYCTX)
+
+#define EVP_PKEY_OP_TYPE_CRYPT \
+	(EVP_PKEY_OP_ENCRYPT | EVP_PKEY_OP_DECRYPT)
+
+#define EVP_PKEY_OP_TYPE_NOGEN \
+	(EVP_PKEY_OP_SIG | EVP_PKEY_OP_CRYPT | EVP_PKEY_OP_DERIVE)
+
+#define EVP_PKEY_OP_TYPE_GEN \
+		(EVP_PKEY_OP_PARAMGEN | EVP_PKEY_OP_KEYGEN)
+
+#define	 EVP_PKEY_CTX_set_signature_md(ctx, md)	\
+		EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_TYPE_SIG,  \
+					EVP_PKEY_CTRL_MD, 0, (void *)md)
+
+#define EVP_PKEY_CTRL_MD		1
+#define EVP_PKEY_CTRL_PEER_KEY		2
+
+#define EVP_PKEY_CTRL_PKCS7_ENCRYPT	3
+#define EVP_PKEY_CTRL_PKCS7_DECRYPT	4
+
+#define EVP_PKEY_CTRL_PKCS7_SIGN	5
+
+#define EVP_PKEY_CTRL_SET_MAC_KEY	6
+
+#define EVP_PKEY_CTRL_DIGESTINIT	7
+
+/* Used by GOST key encryption in TLS */
+#define EVP_PKEY_CTRL_SET_IV 		8
+
+#define EVP_PKEY_CTRL_CMS_ENCRYPT	9
+#define EVP_PKEY_CTRL_CMS_DECRYPT	10
+#define EVP_PKEY_CTRL_CMS_SIGN		11
+
+#define EVP_PKEY_ALG_CTRL		0x1000
+
+
+#define EVP_PKEY_FLAG_AUTOARGLEN	2
+
+const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type);
+EVP_PKEY_METHOD* EVP_PKEY_meth_new(int id, int flags);
+void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth);
+int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth);
+
+EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e);
+EVP_PKEY_CTX *EVP_PKEY_CTX_new_id(int id, ENGINE *e);
+EVP_PKEY_CTX *EVP_PKEY_CTX_dup(EVP_PKEY_CTX *ctx);
+void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx);
+
+int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
+				int cmd, int p1, void *p2);
+int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
+						const char *value);
+
+int EVP_PKEY_CTX_get_operation(EVP_PKEY_CTX *ctx);
+void EVP_PKEY_CTX_set0_keygen_info(EVP_PKEY_CTX *ctx, int *dat, int datlen);
+
+EVP_PKEY *EVP_PKEY_new_mac_key(int type, ENGINE *e,
+				unsigned char *key, int keylen);
+
+void EVP_PKEY_CTX_set_data(EVP_PKEY_CTX *ctx, void *data);
+void *EVP_PKEY_CTX_get_data(EVP_PKEY_CTX *ctx);
+EVP_PKEY *EVP_PKEY_CTX_get0_pkey(EVP_PKEY_CTX *ctx);
+
+EVP_PKEY *EVP_PKEY_CTX_get0_peerkey(EVP_PKEY_CTX *ctx);
+
+void EVP_PKEY_CTX_set_app_data(EVP_PKEY_CTX *ctx, void *data);
+void *EVP_PKEY_CTX_get_app_data(EVP_PKEY_CTX *ctx);
+
+int EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx);
+int EVP_PKEY_sign(EVP_PKEY_CTX *ctx,
+			unsigned char *sig, size_t *siglen,
+			const unsigned char *tbs, size_t tbslen);
+int EVP_PKEY_verify_init(EVP_PKEY_CTX *ctx);
+int EVP_PKEY_verify(EVP_PKEY_CTX *ctx,
+			const unsigned char *sig, size_t siglen,
+			const unsigned char *tbs, size_t tbslen);
+int EVP_PKEY_verify_recover_init(EVP_PKEY_CTX *ctx);
+int EVP_PKEY_verify_recover(EVP_PKEY_CTX *ctx,
+			unsigned char *rout, size_t *routlen,
+			const unsigned char *sig, size_t siglen);
+int EVP_PKEY_encrypt_init(EVP_PKEY_CTX *ctx);
+int EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx,
+			unsigned char *out, size_t *outlen,
+			const unsigned char *in, size_t inlen);
+int EVP_PKEY_decrypt_init(EVP_PKEY_CTX *ctx);
+int EVP_PKEY_decrypt(EVP_PKEY_CTX *ctx,
+			unsigned char *out, size_t *outlen,
+			const unsigned char *in, size_t inlen);
+
+int EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx);
+int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer);
+int EVP_PKEY_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);
+
+typedef int EVP_PKEY_gen_cb(EVP_PKEY_CTX *ctx);
+
+int EVP_PKEY_paramgen_init(EVP_PKEY_CTX *ctx);
+int EVP_PKEY_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey);
+int EVP_PKEY_keygen_init(EVP_PKEY_CTX *ctx);
+int EVP_PKEY_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey);
+
+void EVP_PKEY_CTX_set_cb(EVP_PKEY_CTX *ctx, EVP_PKEY_gen_cb *cb);
+EVP_PKEY_gen_cb *EVP_PKEY_CTX_get_cb(EVP_PKEY_CTX *ctx);
+
+int EVP_PKEY_CTX_get_keygen_info(EVP_PKEY_CTX *ctx, int idx);
+
+void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
+	int (*init)(EVP_PKEY_CTX *ctx));
+
+void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
+	int (*copy)(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src));
+
+void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
+	void (*cleanup)(EVP_PKEY_CTX *ctx));
+
+void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
+	int (*paramgen_init)(EVP_PKEY_CTX *ctx),
+	int (*paramgen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey));
+
+void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
+	int (*keygen_init)(EVP_PKEY_CTX *ctx),
+	int (*keygen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey));
+
+void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
+	int (*sign_init)(EVP_PKEY_CTX *ctx),
+	int (*sign)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+					const unsigned char *tbs, size_t tbslen));
+
+void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
+	int (*verify_init)(EVP_PKEY_CTX *ctx),
+	int (*verify)(EVP_PKEY_CTX *ctx, const unsigned char *sig, size_t siglen,
+					const unsigned char *tbs, size_t tbslen));
+
+void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
+	int (*verify_recover_init)(EVP_PKEY_CTX *ctx),
+	int (*verify_recover)(EVP_PKEY_CTX *ctx,
+					unsigned char *sig, size_t *siglen,
+					const unsigned char *tbs, size_t tbslen));
+
+void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
+	int (*signctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx),
+	int (*signctx)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+					EVP_MD_CTX *mctx));
+
+void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
+	int (*verifyctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx),
+	int (*verifyctx)(EVP_PKEY_CTX *ctx, const unsigned char *sig,int siglen,
+					EVP_MD_CTX *mctx));
+
+void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
+	int (*encrypt_init)(EVP_PKEY_CTX *ctx),
+	int (*encryptfn)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+					const unsigned char *in, size_t inlen));
+
+void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
+	int (*decrypt_init)(EVP_PKEY_CTX *ctx),
+	int (*decrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+					const unsigned char *in, size_t inlen));
+
+void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
+	int (*derive_init)(EVP_PKEY_CTX *ctx),
+	int (*derive)(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen));
+
+void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
+	int (*ctrl)(EVP_PKEY_CTX *ctx, int type, int p1, void *p2),
+	int (*ctrl_str)(EVP_PKEY_CTX *ctx,
+					const char *type, const char *value));
+
 /* BEGIN ERROR CODES */
 /* The following lines are auto generated by the script mkerr.pl. Any changes
  * made after this point may be overwritten when the script is next run.
@@ -837,37 +1181,68 @@ void ERR_load_EVP_strings(void);
 /* Error codes for the EVP functions. */
 
 /* Function codes. */
+#define EVP_F_AESNI_INIT_KEY				 163
 #define EVP_F_AES_INIT_KEY				 133
+#define EVP_F_CAMELLIA_INIT_KEY				 159
 #define EVP_F_D2I_PKEY					 100
+#define EVP_F_DO_SIGVER_INIT				 161
+#define EVP_F_DSAPKEY2PKCS8				 134
+#define EVP_F_DSA_PKEY2PKCS8				 135
 #define EVP_F_ECDSA_PKEY2PKCS8				 129
-#define EVP_F_EC_KEY_PKEY2PKCS8				 132
-#define EVP_F_EVP_CIPHERINIT				 123
+#define EVP_F_ECKEY_PKEY2PKCS8				 132
+#define EVP_F_EVP_CIPHERINIT_EX				 123
 #define EVP_F_EVP_CIPHER_CTX_CTRL			 124
 #define EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH		 122
-#define EVP_F_EVP_DECRYPTFINAL				 101
-#define EVP_F_EVP_DIGESTINIT				 128
-#define EVP_F_EVP_ENCRYPTFINAL				 127
-#define EVP_F_EVP_MD_CTX_COPY				 110
+#define EVP_F_EVP_DECRYPTFINAL_EX			 101
+#define EVP_F_EVP_DIGESTINIT_EX				 128
+#define EVP_F_EVP_ENCRYPTFINAL_EX			 127
+#define EVP_F_EVP_MD_CTX_COPY_EX			 110
+#define EVP_F_EVP_MD_SIZE				 162
 #define EVP_F_EVP_OPENINIT				 102
 #define EVP_F_EVP_PBE_ALG_ADD				 115
+#define EVP_F_EVP_PBE_ALG_ADD_TYPE			 160
 #define EVP_F_EVP_PBE_CIPHERINIT			 116
 #define EVP_F_EVP_PKCS82PKEY				 111
-#define EVP_F_EVP_PKCS8_SET_BROKEN			 112
-#define EVP_F_EVP_PKEY2PKCS8				 113
+#define EVP_F_EVP_PKCS82PKEY_BROKEN			 136
+#define EVP_F_EVP_PKEY2PKCS8_BROKEN			 113
 #define EVP_F_EVP_PKEY_COPY_PARAMETERS			 103
+#define EVP_F_EVP_PKEY_CTX_CTRL				 137
+#define EVP_F_EVP_PKEY_CTX_CTRL_STR			 150
+#define EVP_F_EVP_PKEY_CTX_DUP				 156
 #define EVP_F_EVP_PKEY_DECRYPT				 104
+#define EVP_F_EVP_PKEY_DECRYPT_INIT			 138
+#define EVP_F_EVP_PKEY_DECRYPT_OLD			 151
+#define EVP_F_EVP_PKEY_DERIVE				 153
+#define EVP_F_EVP_PKEY_DERIVE_INIT			 154
+#define EVP_F_EVP_PKEY_DERIVE_SET_PEER			 155
 #define EVP_F_EVP_PKEY_ENCRYPT				 105
+#define EVP_F_EVP_PKEY_ENCRYPT_INIT			 139
+#define EVP_F_EVP_PKEY_ENCRYPT_OLD			 152
 #define EVP_F_EVP_PKEY_GET1_DH				 119
 #define EVP_F_EVP_PKEY_GET1_DSA				 120
 #define EVP_F_EVP_PKEY_GET1_ECDSA			 130
 #define EVP_F_EVP_PKEY_GET1_EC_KEY			 131
 #define EVP_F_EVP_PKEY_GET1_RSA				 121
+#define EVP_F_EVP_PKEY_KEYGEN				 146
+#define EVP_F_EVP_PKEY_KEYGEN_INIT			 147
 #define EVP_F_EVP_PKEY_NEW				 106
+#define EVP_F_EVP_PKEY_PARAMGEN				 148
+#define EVP_F_EVP_PKEY_PARAMGEN_INIT			 149
+#define EVP_F_EVP_PKEY_SIGN				 140
+#define EVP_F_EVP_PKEY_SIGN_INIT			 141
+#define EVP_F_EVP_PKEY_VERIFY				 142
+#define EVP_F_EVP_PKEY_VERIFY_INIT			 143
+#define EVP_F_EVP_PKEY_VERIFY_RECOVER			 144
+#define EVP_F_EVP_PKEY_VERIFY_RECOVER_INIT		 145
 #define EVP_F_EVP_RIJNDAEL				 126
 #define EVP_F_EVP_SIGNFINAL				 107
 #define EVP_F_EVP_VERIFYFINAL				 108
+#define EVP_F_INT_CTX_NEW				 157
 #define EVP_F_PKCS5_PBE_KEYIVGEN			 117
 #define EVP_F_PKCS5_V2_PBE_KEYIVGEN			 118
+#define EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN			 164
+#define EVP_F_PKCS8_SET_BROKEN				 112
+#define EVP_F_PKEY_SET_TYPE				 158
 #define EVP_F_RC2_MAGIC_TO_METH				 109
 #define EVP_F_RC5_CTRL					 125
 
@@ -879,12 +1254,16 @@ void ERR_load_EVP_strings(void);
 #define EVP_R_BAD_KEY_LENGTH				 137
 #define EVP_R_BN_DECODE_ERROR				 112
 #define EVP_R_BN_PUBKEY_ERROR				 113
+#define EVP_R_BUFFER_TOO_SMALL				 155
+#define EVP_R_CAMELLIA_KEY_SETUP_FAILED			 157
 #define EVP_R_CIPHER_PARAMETER_ERROR			 122
+#define EVP_R_COMMAND_NOT_SUPPORTED			 147
 #define EVP_R_CTRL_NOT_IMPLEMENTED			 132
 #define EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED		 133
 #define EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH		 138
 #define EVP_R_DECODE_ERROR				 114
 #define EVP_R_DIFFERENT_KEY_TYPES			 101
+#define EVP_R_DIFFERENT_PARAMETERS			 153
 #define EVP_R_ENCODE_ERROR				 115
 #define EVP_R_EVP_PBE_CIPHERINIT_ERROR			 119
 #define EVP_R_EXPECTING_AN_RSA_KEY			 127
@@ -894,19 +1273,33 @@ void ERR_load_EVP_strings(void);
 #define EVP_R_EXPECTING_A_EC_KEY			 142
 #define EVP_R_INITIALIZATION_ERROR			 134
 #define EVP_R_INPUT_NOT_INITIALIZED			 111
+#define EVP_R_INVALID_DIGEST				 152
 #define EVP_R_INVALID_KEY_LENGTH			 130
+#define EVP_R_INVALID_OPERATION				 148
 #define EVP_R_IV_TOO_LARGE				 102
 #define EVP_R_KEYGEN_FAILURE				 120
+#define EVP_R_MESSAGE_DIGEST_IS_NULL			 159
+#define EVP_R_METHOD_NOT_SUPPORTED			 144
 #define EVP_R_MISSING_PARAMETERS			 103
 #define EVP_R_NO_CIPHER_SET				 131
+#define EVP_R_NO_DEFAULT_DIGEST				 158
 #define EVP_R_NO_DIGEST_SET				 139
 #define EVP_R_NO_DSA_PARAMETERS				 116
+#define EVP_R_NO_KEY_SET				 154
+#define EVP_R_NO_OPERATION_SET				 149
 #define EVP_R_NO_SIGN_FUNCTION_CONFIGURED		 104
 #define EVP_R_NO_VERIFY_FUNCTION_CONFIGURED		 105
+#define EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE	 150
+#define EVP_R_OPERATON_NOT_INITIALIZED			 151
 #define EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE			 117
+#define EVP_R_PRIVATE_KEY_DECODE_ERROR			 145
+#define EVP_R_PRIVATE_KEY_ENCODE_ERROR			 146
 #define EVP_R_PUBLIC_KEY_NOT_RSA			 106
+#define EVP_R_UNKNOWN_CIPHER				 160
+#define EVP_R_UNKNOWN_DIGEST				 161
 #define EVP_R_UNKNOWN_PBE_ALGORITHM			 121
 #define EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS		 135
+#define EVP_R_UNSUPPORTED_ALGORITHM			 156
 #define EVP_R_UNSUPPORTED_CIPHER			 107
 #define EVP_R_UNSUPPORTED_KEYLENGTH			 123
 #define EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION	 124
diff --git a/crypto/evp/evp_acnf.c b/crypto/evp/evp_acnf.c
index ff3e311cc5..643a1864e8 100644
--- a/crypto/evp/evp_acnf.c
+++ b/crypto/evp/evp_acnf.c
@@ -1,5 +1,5 @@
 /* evp_acnf.c */
-/* Written by Stephen Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Stephen Henson (steve@openssl.org) for the OpenSSL
  * project 2001.
  */
 /* ====================================================================
diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c
index c495200282..6e582c458d 100644
--- a/crypto/evp/evp_enc.c
+++ b/crypto/evp/evp_enc.c
@@ -66,7 +66,7 @@
 #endif
 #include "evp_locl.h"
 
-const char *EVP_version="EVP" OPENSSL_VERSION_PTEXT;
+const char EVP_version[]="EVP" OPENSSL_VERSION_PTEXT;
 
 void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx)
 	{
@@ -74,6 +74,13 @@ void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx)
 	/* ctx->cipher=NULL; */
 	}
 
+EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void)
+	{
+	EVP_CIPHER_CTX *ctx=OPENSSL_malloc(sizeof *ctx);
+	if (ctx)
+		EVP_CIPHER_CTX_init(ctx);
+	return ctx;
+	}
 
 int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
 	     const unsigned char *key, const unsigned char *iv, int enc)
@@ -117,7 +124,7 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *imp
 			{
 			if (!ENGINE_init(impl))
 				{
-				EVPerr(EVP_F_EVP_CIPHERINIT, EVP_R_INITIALIZATION_ERROR);
+				EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_INITIALIZATION_ERROR);
 				return 0;
 				}
 			}
@@ -134,7 +141,7 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *imp
 				 * control history, is that we should at least
 				 * be able to avoid using US mispellings of
 				 * "initialisation"? */
-				EVPerr(EVP_F_EVP_CIPHERINIT, EVP_R_INITIALIZATION_ERROR);
+				EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_INITIALIZATION_ERROR);
 				return 0;
 				}
 			/* We'll use the ENGINE's private cipher definition */
@@ -154,7 +161,7 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *imp
 			ctx->cipher_data=OPENSSL_malloc(ctx->cipher->ctx_size);
 			if (!ctx->cipher_data)
 				{
-				EVPerr(EVP_F_EVP_CIPHERINIT, ERR_R_MALLOC_FAILURE);
+				EVPerr(EVP_F_EVP_CIPHERINIT_EX, ERR_R_MALLOC_FAILURE);
 				return 0;
 				}
 			}
@@ -168,14 +175,14 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *imp
 			{
 			if(!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_INIT, 0, NULL))
 				{
-				EVPerr(EVP_F_EVP_CIPHERINIT, EVP_R_INITIALIZATION_ERROR);
+				EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_INITIALIZATION_ERROR);
 				return 0;
 				}
 			}
 		}
 	else if(!ctx->cipher)
 		{
-		EVPerr(EVP_F_EVP_CIPHERINIT, EVP_R_NO_CIPHER_SET);
+		EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_NO_CIPHER_SET);
 		return 0;
 		}
 #ifndef OPENSSL_NO_ENGINE
@@ -272,7 +279,12 @@ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
 	{
 	int i,j,bl;
 
-	OPENSSL_assert(inl > 0);
+	if (inl <= 0)
+		{
+		*outl = 0;
+		return inl == 0;
+		}
+
 	if(ctx->buf_len == 0 && (inl&(ctx->block_mask)) == 0)
 		{
 		if(ctx->cipher->do_cipher(ctx,out,in,inl))
@@ -349,7 +361,7 @@ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
 		{
 		if(bl)
 			{
-			EVPerr(EVP_F_EVP_ENCRYPTFINAL,EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH);
+			EVPerr(EVP_F_EVP_ENCRYPTFINAL_EX,EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH);
 			return 0;
 			}
 		*outl = 0;
@@ -374,10 +386,10 @@ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
 	int fix_len;
 	unsigned int b;
 
-	if (inl == 0)
+	if (inl <= 0)
 		{
-		*outl=0;
-		return 1;
+		*outl = 0;
+		return inl == 0;
 		}
 
 	if (ctx->flags & EVP_CIPH_NO_PADDING)
@@ -434,7 +446,7 @@ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
 		{
 		if(ctx->buf_len)
 			{
-			EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH);
+			EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH);
 			return 0;
 			}
 		*outl = 0;
@@ -444,21 +456,21 @@ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
 		{
 		if (ctx->buf_len || !ctx->final_used)
 			{
-			EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_WRONG_FINAL_BLOCK_LENGTH);
+			EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,EVP_R_WRONG_FINAL_BLOCK_LENGTH);
 			return(0);
 			}
 		OPENSSL_assert(b <= sizeof ctx->final);
 		n=ctx->final[b-1];
-		if (n > (int)b)
+		if (n == 0 || n > (int)b)
 			{
-			EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_BAD_DECRYPT);
+			EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,EVP_R_BAD_DECRYPT);
 			return(0);
 			}
 		for (i=0; i<n; i++)
 			{
 			if (ctx->final[--b] != n)
 				{
-				EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_BAD_DECRYPT);
+				EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,EVP_R_BAD_DECRYPT);
 				return(0);
 				}
 			}
@@ -472,6 +484,15 @@ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
 	return(1);
 	}
 
+void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx)
+	{
+	if (ctx)
+		{
+		EVP_CIPHER_CTX_cleanup(ctx);
+		OPENSSL_free(ctx);
+		}
+	}
+
 int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c)
 	{
 	if (c->cipher != NULL)
diff --git a/crypto/evp/evp_err.c b/crypto/evp/evp_err.c
index bf37e66516..f200378678 100644
--- a/crypto/evp/evp_err.c
+++ b/crypto/evp/evp_err.c
@@ -1,6 +1,6 @@
 /* crypto/evp/evp_err.c */
 /* ====================================================================
- * Copyright (c) 1999-2003 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2009 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -64,90 +64,143 @@
 
 /* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
+
+#define ERR_FUNC(func) ERR_PACK(ERR_LIB_EVP,func,0)
+#define ERR_REASON(reason) ERR_PACK(ERR_LIB_EVP,0,reason)
+
 static ERR_STRING_DATA EVP_str_functs[]=
 	{
-{ERR_PACK(0,EVP_F_AES_INIT_KEY,0),	"AES_INIT_KEY"},
-{ERR_PACK(0,EVP_F_D2I_PKEY,0),	"D2I_PKEY"},
-{ERR_PACK(0,EVP_F_ECDSA_PKEY2PKCS8,0),	"ECDSA_PKEY2PKCS8"},
-{ERR_PACK(0,EVP_F_EC_KEY_PKEY2PKCS8,0),	"EC_KEY_PKEY2PKCS8"},
-{ERR_PACK(0,EVP_F_EVP_CIPHERINIT,0),	"EVP_CipherInit"},
-{ERR_PACK(0,EVP_F_EVP_CIPHER_CTX_CTRL,0),	"EVP_CIPHER_CTX_ctrl"},
-{ERR_PACK(0,EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH,0),	"EVP_CIPHER_CTX_set_key_length"},
-{ERR_PACK(0,EVP_F_EVP_DECRYPTFINAL,0),	"EVP_DecryptFinal"},
-{ERR_PACK(0,EVP_F_EVP_DIGESTINIT,0),	"EVP_DigestInit"},
-{ERR_PACK(0,EVP_F_EVP_ENCRYPTFINAL,0),	"EVP_EncryptFinal"},
-{ERR_PACK(0,EVP_F_EVP_MD_CTX_COPY,0),	"EVP_MD_CTX_copy"},
-{ERR_PACK(0,EVP_F_EVP_OPENINIT,0),	"EVP_OpenInit"},
-{ERR_PACK(0,EVP_F_EVP_PBE_ALG_ADD,0),	"EVP_PBE_alg_add"},
-{ERR_PACK(0,EVP_F_EVP_PBE_CIPHERINIT,0),	"EVP_PBE_CipherInit"},
-{ERR_PACK(0,EVP_F_EVP_PKCS82PKEY,0),	"EVP_PKCS82PKEY"},
-{ERR_PACK(0,EVP_F_EVP_PKCS8_SET_BROKEN,0),	"EVP_PKCS8_SET_BROKEN"},
-{ERR_PACK(0,EVP_F_EVP_PKEY2PKCS8,0),	"EVP_PKEY2PKCS8"},
-{ERR_PACK(0,EVP_F_EVP_PKEY_COPY_PARAMETERS,0),	"EVP_PKEY_copy_parameters"},
-{ERR_PACK(0,EVP_F_EVP_PKEY_DECRYPT,0),	"EVP_PKEY_decrypt"},
-{ERR_PACK(0,EVP_F_EVP_PKEY_ENCRYPT,0),	"EVP_PKEY_encrypt"},
-{ERR_PACK(0,EVP_F_EVP_PKEY_GET1_DH,0),	"EVP_PKEY_get1_DH"},
-{ERR_PACK(0,EVP_F_EVP_PKEY_GET1_DSA,0),	"EVP_PKEY_get1_DSA"},
-{ERR_PACK(0,EVP_F_EVP_PKEY_GET1_ECDSA,0),	"EVP_PKEY_GET1_ECDSA"},
-{ERR_PACK(0,EVP_F_EVP_PKEY_GET1_EC_KEY,0),	"EVP_PKEY_get1_EC_KEY"},
-{ERR_PACK(0,EVP_F_EVP_PKEY_GET1_RSA,0),	"EVP_PKEY_get1_RSA"},
-{ERR_PACK(0,EVP_F_EVP_PKEY_NEW,0),	"EVP_PKEY_new"},
-{ERR_PACK(0,EVP_F_EVP_RIJNDAEL,0),	"EVP_RIJNDAEL"},
-{ERR_PACK(0,EVP_F_EVP_SIGNFINAL,0),	"EVP_SignFinal"},
-{ERR_PACK(0,EVP_F_EVP_VERIFYFINAL,0),	"EVP_VerifyFinal"},
-{ERR_PACK(0,EVP_F_PKCS5_PBE_KEYIVGEN,0),	"PKCS5_PBE_keyivgen"},
-{ERR_PACK(0,EVP_F_PKCS5_V2_PBE_KEYIVGEN,0),	"PKCS5_v2_PBE_keyivgen"},
-{ERR_PACK(0,EVP_F_RC2_MAGIC_TO_METH,0),	"RC2_MAGIC_TO_METH"},
-{ERR_PACK(0,EVP_F_RC5_CTRL,0),	"RC5_CTRL"},
+{ERR_FUNC(EVP_F_AESNI_INIT_KEY),	"AESNI_INIT_KEY"},
+{ERR_FUNC(EVP_F_AES_INIT_KEY),	"AES_INIT_KEY"},
+{ERR_FUNC(EVP_F_CAMELLIA_INIT_KEY),	"CAMELLIA_INIT_KEY"},
+{ERR_FUNC(EVP_F_D2I_PKEY),	"D2I_PKEY"},
+{ERR_FUNC(EVP_F_DO_SIGVER_INIT),	"DO_SIGVER_INIT"},
+{ERR_FUNC(EVP_F_DSAPKEY2PKCS8),	"DSAPKEY2PKCS8"},
+{ERR_FUNC(EVP_F_DSA_PKEY2PKCS8),	"DSA_PKEY2PKCS8"},
+{ERR_FUNC(EVP_F_ECDSA_PKEY2PKCS8),	"ECDSA_PKEY2PKCS8"},
+{ERR_FUNC(EVP_F_ECKEY_PKEY2PKCS8),	"ECKEY_PKEY2PKCS8"},
+{ERR_FUNC(EVP_F_EVP_CIPHERINIT_EX),	"EVP_CipherInit_ex"},
+{ERR_FUNC(EVP_F_EVP_CIPHER_CTX_CTRL),	"EVP_CIPHER_CTX_ctrl"},
+{ERR_FUNC(EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH),	"EVP_CIPHER_CTX_set_key_length"},
+{ERR_FUNC(EVP_F_EVP_DECRYPTFINAL_EX),	"EVP_DecryptFinal_ex"},
+{ERR_FUNC(EVP_F_EVP_DIGESTINIT_EX),	"EVP_DigestInit_ex"},
+{ERR_FUNC(EVP_F_EVP_ENCRYPTFINAL_EX),	"EVP_EncryptFinal_ex"},
+{ERR_FUNC(EVP_F_EVP_MD_CTX_COPY_EX),	"EVP_MD_CTX_copy_ex"},
+{ERR_FUNC(EVP_F_EVP_MD_SIZE),	"EVP_MD_size"},
+{ERR_FUNC(EVP_F_EVP_OPENINIT),	"EVP_OpenInit"},
+{ERR_FUNC(EVP_F_EVP_PBE_ALG_ADD),	"EVP_PBE_alg_add"},
+{ERR_FUNC(EVP_F_EVP_PBE_ALG_ADD_TYPE),	"EVP_PBE_alg_add_type"},
+{ERR_FUNC(EVP_F_EVP_PBE_CIPHERINIT),	"EVP_PBE_CipherInit"},
+{ERR_FUNC(EVP_F_EVP_PKCS82PKEY),	"EVP_PKCS82PKEY"},
+{ERR_FUNC(EVP_F_EVP_PKCS82PKEY_BROKEN),	"EVP_PKCS82PKEY_BROKEN"},
+{ERR_FUNC(EVP_F_EVP_PKEY2PKCS8_BROKEN),	"EVP_PKEY2PKCS8_broken"},
+{ERR_FUNC(EVP_F_EVP_PKEY_COPY_PARAMETERS),	"EVP_PKEY_copy_parameters"},
+{ERR_FUNC(EVP_F_EVP_PKEY_CTX_CTRL),	"EVP_PKEY_CTX_ctrl"},
+{ERR_FUNC(EVP_F_EVP_PKEY_CTX_CTRL_STR),	"EVP_PKEY_CTX_ctrl_str"},
+{ERR_FUNC(EVP_F_EVP_PKEY_CTX_DUP),	"EVP_PKEY_CTX_dup"},
+{ERR_FUNC(EVP_F_EVP_PKEY_DECRYPT),	"EVP_PKEY_decrypt"},
+{ERR_FUNC(EVP_F_EVP_PKEY_DECRYPT_INIT),	"EVP_PKEY_decrypt_init"},
+{ERR_FUNC(EVP_F_EVP_PKEY_DECRYPT_OLD),	"EVP_PKEY_decrypt_old"},
+{ERR_FUNC(EVP_F_EVP_PKEY_DERIVE),	"EVP_PKEY_derive"},
+{ERR_FUNC(EVP_F_EVP_PKEY_DERIVE_INIT),	"EVP_PKEY_derive_init"},
+{ERR_FUNC(EVP_F_EVP_PKEY_DERIVE_SET_PEER),	"EVP_PKEY_derive_set_peer"},
+{ERR_FUNC(EVP_F_EVP_PKEY_ENCRYPT),	"EVP_PKEY_encrypt"},
+{ERR_FUNC(EVP_F_EVP_PKEY_ENCRYPT_INIT),	"EVP_PKEY_encrypt_init"},
+{ERR_FUNC(EVP_F_EVP_PKEY_ENCRYPT_OLD),	"EVP_PKEY_encrypt_old"},
+{ERR_FUNC(EVP_F_EVP_PKEY_GET1_DH),	"EVP_PKEY_get1_DH"},
+{ERR_FUNC(EVP_F_EVP_PKEY_GET1_DSA),	"EVP_PKEY_get1_DSA"},
+{ERR_FUNC(EVP_F_EVP_PKEY_GET1_ECDSA),	"EVP_PKEY_GET1_ECDSA"},
+{ERR_FUNC(EVP_F_EVP_PKEY_GET1_EC_KEY),	"EVP_PKEY_get1_EC_KEY"},
+{ERR_FUNC(EVP_F_EVP_PKEY_GET1_RSA),	"EVP_PKEY_get1_RSA"},
+{ERR_FUNC(EVP_F_EVP_PKEY_KEYGEN),	"EVP_PKEY_keygen"},
+{ERR_FUNC(EVP_F_EVP_PKEY_KEYGEN_INIT),	"EVP_PKEY_keygen_init"},
+{ERR_FUNC(EVP_F_EVP_PKEY_NEW),	"EVP_PKEY_new"},
+{ERR_FUNC(EVP_F_EVP_PKEY_PARAMGEN),	"EVP_PKEY_paramgen"},
+{ERR_FUNC(EVP_F_EVP_PKEY_PARAMGEN_INIT),	"EVP_PKEY_paramgen_init"},
+{ERR_FUNC(EVP_F_EVP_PKEY_SIGN),	"EVP_PKEY_sign"},
+{ERR_FUNC(EVP_F_EVP_PKEY_SIGN_INIT),	"EVP_PKEY_sign_init"},
+{ERR_FUNC(EVP_F_EVP_PKEY_VERIFY),	"EVP_PKEY_verify"},
+{ERR_FUNC(EVP_F_EVP_PKEY_VERIFY_INIT),	"EVP_PKEY_verify_init"},
+{ERR_FUNC(EVP_F_EVP_PKEY_VERIFY_RECOVER),	"EVP_PKEY_verify_recover"},
+{ERR_FUNC(EVP_F_EVP_PKEY_VERIFY_RECOVER_INIT),	"EVP_PKEY_verify_recover_init"},
+{ERR_FUNC(EVP_F_EVP_RIJNDAEL),	"EVP_RIJNDAEL"},
+{ERR_FUNC(EVP_F_EVP_SIGNFINAL),	"EVP_SignFinal"},
+{ERR_FUNC(EVP_F_EVP_VERIFYFINAL),	"EVP_VerifyFinal"},
+{ERR_FUNC(EVP_F_INT_CTX_NEW),	"INT_CTX_NEW"},
+{ERR_FUNC(EVP_F_PKCS5_PBE_KEYIVGEN),	"PKCS5_PBE_keyivgen"},
+{ERR_FUNC(EVP_F_PKCS5_V2_PBE_KEYIVGEN),	"PKCS5_v2_PBE_keyivgen"},
+{ERR_FUNC(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN),	"PKCS5_V2_PBKDF2_KEYIVGEN"},
+{ERR_FUNC(EVP_F_PKCS8_SET_BROKEN),	"PKCS8_set_broken"},
+{ERR_FUNC(EVP_F_PKEY_SET_TYPE),	"PKEY_SET_TYPE"},
+{ERR_FUNC(EVP_F_RC2_MAGIC_TO_METH),	"RC2_MAGIC_TO_METH"},
+{ERR_FUNC(EVP_F_RC5_CTRL),	"RC5_CTRL"},
 {0,NULL}
 	};
 
 static ERR_STRING_DATA EVP_str_reasons[]=
 	{
-{EVP_R_AES_KEY_SETUP_FAILED              ,"aes key setup failed"},
-{EVP_R_ASN1_LIB                          ,"asn1 lib"},
-{EVP_R_BAD_BLOCK_LENGTH                  ,"bad block length"},
-{EVP_R_BAD_DECRYPT                       ,"bad decrypt"},
-{EVP_R_BAD_KEY_LENGTH                    ,"bad key length"},
-{EVP_R_BN_DECODE_ERROR                   ,"bn decode error"},
-{EVP_R_BN_PUBKEY_ERROR                   ,"bn pubkey error"},
-{EVP_R_CIPHER_PARAMETER_ERROR            ,"cipher parameter error"},
-{EVP_R_CTRL_NOT_IMPLEMENTED              ,"ctrl not implemented"},
-{EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED    ,"ctrl operation not implemented"},
-{EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH ,"data not multiple of block length"},
-{EVP_R_DECODE_ERROR                      ,"decode error"},
-{EVP_R_DIFFERENT_KEY_TYPES               ,"different key types"},
-{EVP_R_ENCODE_ERROR                      ,"encode error"},
-{EVP_R_EVP_PBE_CIPHERINIT_ERROR          ,"evp pbe cipherinit error"},
-{EVP_R_EXPECTING_AN_RSA_KEY              ,"expecting an rsa key"},
-{EVP_R_EXPECTING_A_DH_KEY                ,"expecting a dh key"},
-{EVP_R_EXPECTING_A_DSA_KEY               ,"expecting a dsa key"},
-{EVP_R_EXPECTING_A_ECDSA_KEY             ,"expecting a ecdsa key"},
-{EVP_R_EXPECTING_A_EC_KEY                ,"expecting a ec key"},
-{EVP_R_INITIALIZATION_ERROR              ,"initialization error"},
-{EVP_R_INPUT_NOT_INITIALIZED             ,"input not initialized"},
-{EVP_R_INVALID_KEY_LENGTH                ,"invalid key length"},
-{EVP_R_IV_TOO_LARGE                      ,"iv too large"},
-{EVP_R_KEYGEN_FAILURE                    ,"keygen failure"},
-{EVP_R_MISSING_PARAMETERS                ,"missing parameters"},
-{EVP_R_NO_CIPHER_SET                     ,"no cipher set"},
-{EVP_R_NO_DIGEST_SET                     ,"no digest set"},
-{EVP_R_NO_DSA_PARAMETERS                 ,"no dsa parameters"},
-{EVP_R_NO_SIGN_FUNCTION_CONFIGURED       ,"no sign function configured"},
-{EVP_R_NO_VERIFY_FUNCTION_CONFIGURED     ,"no verify function configured"},
-{EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE         ,"pkcs8 unknown broken type"},
-{EVP_R_PUBLIC_KEY_NOT_RSA                ,"public key not rsa"},
-{EVP_R_UNKNOWN_PBE_ALGORITHM             ,"unknown pbe algorithm"},
-{EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS       ,"unsuported number of rounds"},
-{EVP_R_UNSUPPORTED_CIPHER                ,"unsupported cipher"},
-{EVP_R_UNSUPPORTED_KEYLENGTH             ,"unsupported keylength"},
-{EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION,"unsupported key derivation function"},
-{EVP_R_UNSUPPORTED_KEY_SIZE              ,"unsupported key size"},
-{EVP_R_UNSUPPORTED_PRF                   ,"unsupported prf"},
-{EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM ,"unsupported private key algorithm"},
-{EVP_R_UNSUPPORTED_SALT_TYPE             ,"unsupported salt type"},
-{EVP_R_WRONG_FINAL_BLOCK_LENGTH          ,"wrong final block length"},
-{EVP_R_WRONG_PUBLIC_KEY_TYPE             ,"wrong public key type"},
+{ERR_REASON(EVP_R_AES_KEY_SETUP_FAILED)  ,"aes key setup failed"},
+{ERR_REASON(EVP_R_ASN1_LIB)              ,"asn1 lib"},
+{ERR_REASON(EVP_R_BAD_BLOCK_LENGTH)      ,"bad block length"},
+{ERR_REASON(EVP_R_BAD_DECRYPT)           ,"bad decrypt"},
+{ERR_REASON(EVP_R_BAD_KEY_LENGTH)        ,"bad key length"},
+{ERR_REASON(EVP_R_BN_DECODE_ERROR)       ,"bn decode error"},
+{ERR_REASON(EVP_R_BN_PUBKEY_ERROR)       ,"bn pubkey error"},
+{ERR_REASON(EVP_R_BUFFER_TOO_SMALL)      ,"buffer too small"},
+{ERR_REASON(EVP_R_CAMELLIA_KEY_SETUP_FAILED),"camellia key setup failed"},
+{ERR_REASON(EVP_R_CIPHER_PARAMETER_ERROR),"cipher parameter error"},
+{ERR_REASON(EVP_R_COMMAND_NOT_SUPPORTED) ,"command not supported"},
+{ERR_REASON(EVP_R_CTRL_NOT_IMPLEMENTED)  ,"ctrl not implemented"},
+{ERR_REASON(EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED),"ctrl operation not implemented"},
+{ERR_REASON(EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH),"data not multiple of block length"},
+{ERR_REASON(EVP_R_DECODE_ERROR)          ,"decode error"},
+{ERR_REASON(EVP_R_DIFFERENT_KEY_TYPES)   ,"different key types"},
+{ERR_REASON(EVP_R_DIFFERENT_PARAMETERS)  ,"different parameters"},
+{ERR_REASON(EVP_R_ENCODE_ERROR)          ,"encode error"},
+{ERR_REASON(EVP_R_EVP_PBE_CIPHERINIT_ERROR),"evp pbe cipherinit error"},
+{ERR_REASON(EVP_R_EXPECTING_AN_RSA_KEY)  ,"expecting an rsa key"},
+{ERR_REASON(EVP_R_EXPECTING_A_DH_KEY)    ,"expecting a dh key"},
+{ERR_REASON(EVP_R_EXPECTING_A_DSA_KEY)   ,"expecting a dsa key"},
+{ERR_REASON(EVP_R_EXPECTING_A_ECDSA_KEY) ,"expecting a ecdsa key"},
+{ERR_REASON(EVP_R_EXPECTING_A_EC_KEY)    ,"expecting a ec key"},
+{ERR_REASON(EVP_R_INITIALIZATION_ERROR)  ,"initialization error"},
+{ERR_REASON(EVP_R_INPUT_NOT_INITIALIZED) ,"input not initialized"},
+{ERR_REASON(EVP_R_INVALID_DIGEST)        ,"invalid digest"},
+{ERR_REASON(EVP_R_INVALID_KEY_LENGTH)    ,"invalid key length"},
+{ERR_REASON(EVP_R_INVALID_OPERATION)     ,"invalid operation"},
+{ERR_REASON(EVP_R_IV_TOO_LARGE)          ,"iv too large"},
+{ERR_REASON(EVP_R_KEYGEN_FAILURE)        ,"keygen failure"},
+{ERR_REASON(EVP_R_MESSAGE_DIGEST_IS_NULL),"message digest is null"},
+{ERR_REASON(EVP_R_METHOD_NOT_SUPPORTED)  ,"method not supported"},
+{ERR_REASON(EVP_R_MISSING_PARAMETERS)    ,"missing parameters"},
+{ERR_REASON(EVP_R_NO_CIPHER_SET)         ,"no cipher set"},
+{ERR_REASON(EVP_R_NO_DEFAULT_DIGEST)     ,"no default digest"},
+{ERR_REASON(EVP_R_NO_DIGEST_SET)         ,"no digest set"},
+{ERR_REASON(EVP_R_NO_DSA_PARAMETERS)     ,"no dsa parameters"},
+{ERR_REASON(EVP_R_NO_KEY_SET)            ,"no key set"},
+{ERR_REASON(EVP_R_NO_OPERATION_SET)      ,"no operation set"},
+{ERR_REASON(EVP_R_NO_SIGN_FUNCTION_CONFIGURED),"no sign function configured"},
+{ERR_REASON(EVP_R_NO_VERIFY_FUNCTION_CONFIGURED),"no verify function configured"},
+{ERR_REASON(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE),"operation not supported for this keytype"},
+{ERR_REASON(EVP_R_OPERATON_NOT_INITIALIZED),"operaton not initialized"},
+{ERR_REASON(EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE),"pkcs8 unknown broken type"},
+{ERR_REASON(EVP_R_PRIVATE_KEY_DECODE_ERROR),"private key decode error"},
+{ERR_REASON(EVP_R_PRIVATE_KEY_ENCODE_ERROR),"private key encode error"},
+{ERR_REASON(EVP_R_PUBLIC_KEY_NOT_RSA)    ,"public key not rsa"},
+{ERR_REASON(EVP_R_UNKNOWN_CIPHER)        ,"unknown cipher"},
+{ERR_REASON(EVP_R_UNKNOWN_DIGEST)        ,"unknown digest"},
+{ERR_REASON(EVP_R_UNKNOWN_PBE_ALGORITHM) ,"unknown pbe algorithm"},
+{ERR_REASON(EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS),"unsuported number of rounds"},
+{ERR_REASON(EVP_R_UNSUPPORTED_ALGORITHM) ,"unsupported algorithm"},
+{ERR_REASON(EVP_R_UNSUPPORTED_CIPHER)    ,"unsupported cipher"},
+{ERR_REASON(EVP_R_UNSUPPORTED_KEYLENGTH) ,"unsupported keylength"},
+{ERR_REASON(EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION),"unsupported key derivation function"},
+{ERR_REASON(EVP_R_UNSUPPORTED_KEY_SIZE)  ,"unsupported key size"},
+{ERR_REASON(EVP_R_UNSUPPORTED_PRF)       ,"unsupported prf"},
+{ERR_REASON(EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM),"unsupported private key algorithm"},
+{ERR_REASON(EVP_R_UNSUPPORTED_SALT_TYPE) ,"unsupported salt type"},
+{ERR_REASON(EVP_R_WRONG_FINAL_BLOCK_LENGTH),"wrong final block length"},
+{ERR_REASON(EVP_R_WRONG_PUBLIC_KEY_TYPE) ,"wrong public key type"},
 {0,NULL}
 	};
 
@@ -155,15 +208,12 @@ static ERR_STRING_DATA EVP_str_reasons[]=
 
 void ERR_load_EVP_strings(void)
 	{
-	static int init=1;
-
-	if (init)
-		{
-		init=0;
 #ifndef OPENSSL_NO_ERR
-		ERR_load_strings(ERR_LIB_EVP,EVP_str_functs);
-		ERR_load_strings(ERR_LIB_EVP,EVP_str_reasons);
-#endif
 
+	if (ERR_func_error_string(EVP_str_functs[0].error) == NULL)
+		{
+		ERR_load_strings(0,EVP_str_functs);
+		ERR_load_strings(0,EVP_str_reasons);
 		}
+#endif
 	}
diff --git a/crypto/evp/evp_key.c b/crypto/evp/evp_key.c
index 0a27f496c9..a22fa5036e 100644
--- a/crypto/evp/evp_key.c
+++ b/crypto/evp/evp_key.c
@@ -115,7 +115,7 @@ int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md,
 	unsigned char md_buf[EVP_MAX_MD_SIZE];
 	int niv,nkey,addmd=0;
 	unsigned int mds=0,i;
-
+	int rv = 0;
 	nkey=type->key_len;
 	niv=type->iv_len;
 	OPENSSL_assert(nkey <= EVP_MAX_KEY_LENGTH);
@@ -126,19 +126,27 @@ int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md,
 	EVP_MD_CTX_init(&c);
 	for (;;)
 		{
-		EVP_DigestInit_ex(&c,md, NULL);
+		if (!EVP_DigestInit_ex(&c,md, NULL))
+			return 0;
 		if (addmd++)
-			EVP_DigestUpdate(&c,&(md_buf[0]),mds);
-		EVP_DigestUpdate(&c,data,datal);
+			if (!EVP_DigestUpdate(&c,&(md_buf[0]),mds))
+				goto err;
+		if (!EVP_DigestUpdate(&c,data,datal))
+			goto err;
 		if (salt != NULL)
-			EVP_DigestUpdate(&c,salt,PKCS5_SALT_LEN);
-		EVP_DigestFinal_ex(&c,&(md_buf[0]),&mds);
+			if (!EVP_DigestUpdate(&c,salt,PKCS5_SALT_LEN))
+				goto err;
+		if (!EVP_DigestFinal_ex(&c,&(md_buf[0]),&mds))
+			goto err;
 
 		for (i=1; i<(unsigned int)count; i++)
 			{
-			EVP_DigestInit_ex(&c,md, NULL);
-			EVP_DigestUpdate(&c,&(md_buf[0]),mds);
-			EVP_DigestFinal_ex(&c,&(md_buf[0]),&mds);
+			if (!EVP_DigestInit_ex(&c,md, NULL))
+				goto err;
+			if (!EVP_DigestUpdate(&c,&(md_buf[0]),mds))
+				goto err;
+			if (!EVP_DigestFinal_ex(&c,&(md_buf[0]),&mds))
+				goto err;
 			}
 		i=0;
 		if (nkey)
@@ -167,8 +175,10 @@ int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md,
 			}
 		if ((nkey == 0) && (niv == 0)) break;
 		}
+	rv = type->key_len;
+	err:
 	EVP_MD_CTX_cleanup(&c);
 	OPENSSL_cleanse(&(md_buf[0]),EVP_MAX_MD_SIZE);
-	return(type->key_len);
+	return rv;
 	}
 
diff --git a/crypto/evp/evp_lib.c b/crypto/evp/evp_lib.c
index 36213964dd..40951a04f0 100644
--- a/crypto/evp/evp_lib.c
+++ b/crypto/evp/evp_lib.c
@@ -159,6 +159,12 @@ int EVP_CIPHER_type(const EVP_CIPHER *ctx)
 
 		return NID_des_cfb64;
 
+		case NID_des_ede3_cfb64:
+		case NID_des_ede3_cfb8:
+		case NID_des_ede3_cfb1:
+
+		return NID_des_cfb64;
+
 		default:
 		/* Check it has an OID and it is valid */
 		otmp = OBJ_nid2obj(nid);
@@ -168,3 +174,139 @@ int EVP_CIPHER_type(const EVP_CIPHER *ctx)
 	}
 }
 
+int EVP_CIPHER_block_size(const EVP_CIPHER *e)
+	{
+	return e->block_size;
+	}
+
+int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx)
+	{
+	return ctx->cipher->block_size;
+	}
+
+int EVP_Cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl)
+	{
+	return ctx->cipher->do_cipher(ctx,out,in,inl);
+	}
+
+const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx)
+	{
+	return ctx->cipher;
+	}
+
+unsigned long EVP_CIPHER_flags(const EVP_CIPHER *cipher)
+	{
+	return cipher->flags;
+	}
+
+unsigned long EVP_CIPHER_CTX_flags(const EVP_CIPHER_CTX *ctx)
+	{
+	return ctx->cipher->flags;
+	}
+
+void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx)
+	{
+	return ctx->app_data;
+	}
+
+void EVP_CIPHER_CTX_set_app_data(EVP_CIPHER_CTX *ctx, void *data)
+	{
+	ctx->app_data = data;
+	}
+
+int EVP_CIPHER_iv_length(const EVP_CIPHER *cipher)
+	{
+	return cipher->iv_len;
+	}
+
+int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx)
+	{
+	return ctx->cipher->iv_len;
+	}
+
+int EVP_CIPHER_key_length(const EVP_CIPHER *cipher)
+	{
+	return cipher->key_len;
+	}
+
+int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx)
+	{
+	return ctx->key_len;
+	}
+
+int EVP_CIPHER_nid(const EVP_CIPHER *cipher)
+	{
+	return cipher->nid;
+	}
+
+int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx)
+	{
+	return ctx->cipher->nid;
+	}
+
+int EVP_MD_block_size(const EVP_MD *md) 
+	{
+	return md->block_size;
+	}
+
+int EVP_MD_type(const EVP_MD *md)
+	{
+	return md->type;
+	}
+
+int EVP_MD_pkey_type(const EVP_MD *md)
+	{
+	return md->pkey_type;
+	}
+
+int EVP_MD_size(const EVP_MD *md)
+	{
+	if (!md)
+		{
+		EVPerr(EVP_F_EVP_MD_SIZE, EVP_R_MESSAGE_DIGEST_IS_NULL);
+		return -1;
+		}
+	return md->md_size;
+	}
+
+unsigned long EVP_MD_flags(const EVP_MD *md)
+	{
+	return md->flags;
+	}
+
+const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx)
+	{
+	if (!ctx)
+		return NULL;
+	return ctx->digest;
+	}
+
+void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags)
+	{
+	ctx->flags |= flags;
+	}
+
+void EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags)
+	{
+	ctx->flags &= ~flags;
+	}
+
+int EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx, int flags)
+	{
+	return (ctx->flags & flags);
+	}
+
+void EVP_CIPHER_CTX_set_flags(EVP_CIPHER_CTX *ctx, int flags)
+	{
+	ctx->flags |= flags;
+	}
+
+void EVP_CIPHER_CTX_clear_flags(EVP_CIPHER_CTX *ctx, int flags)
+	{
+	ctx->flags &= ~flags;
+	}
+
+int EVP_CIPHER_CTX_test_flags(const EVP_CIPHER_CTX *ctx, int flags)
+	{
+	return (ctx->flags & flags);
+	}
diff --git a/crypto/evp/evp_locl.h b/crypto/evp/evp_locl.h
index 2204e345ad..4cb80fbde0 100644
--- a/crypto/evp/evp_locl.h
+++ b/crypto/evp/evp_locl.h
@@ -1,5 +1,5 @@
 /* evp_locl.h */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2000.
  */
 /* ====================================================================
@@ -61,38 +61,66 @@
 /* Wrapper functions for each cipher mode */
 
 #define BLOCK_CIPHER_ecb_loop() \
-	unsigned int i, bl; \
+	size_t i, bl; \
 	bl = ctx->cipher->block_size;\
 	if(inl < bl) return 1;\
 	inl -= bl; \
-	for(i=0; i <= inl; i+=bl) \
+	for(i=0; i <= inl; i+=bl) 
 
 #define BLOCK_CIPHER_func_ecb(cname, cprefix, kstruct, ksched) \
-static int cname##_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \
+static int cname##_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \
 {\
 	BLOCK_CIPHER_ecb_loop() \
 		cprefix##_ecb_encrypt(in + i, out + i, &((kstruct *)ctx->cipher_data)->ksched, ctx->encrypt);\
 	return 1;\
 }
 
+#define EVP_MAXCHUNK ((size_t)1<<(sizeof(long)*8-2))
+
 #define BLOCK_CIPHER_func_ofb(cname, cprefix, cbits, kstruct, ksched) \
-static int cname##_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \
+static int cname##_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \
 {\
-	cprefix##_ofb##cbits##_encrypt(in, out, (long)inl, &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num);\
+	while(inl>=EVP_MAXCHUNK)\
+	    {\
+	    cprefix##_ofb##cbits##_encrypt(in, out, (long)EVP_MAXCHUNK, &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num);\
+	    inl-=EVP_MAXCHUNK;\
+	    in +=EVP_MAXCHUNK;\
+	    out+=EVP_MAXCHUNK;\
+	    }\
+	if (inl)\
+	    cprefix##_ofb##cbits##_encrypt(in, out, (long)inl, &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num);\
 	return 1;\
 }
 
 #define BLOCK_CIPHER_func_cbc(cname, cprefix, kstruct, ksched) \
-static int cname##_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \
+static int cname##_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \
 {\
-	cprefix##_cbc_encrypt(in, out, (long)inl, &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, ctx->encrypt);\
+	while(inl>=EVP_MAXCHUNK) \
+	    {\
+	    cprefix##_cbc_encrypt(in, out, (long)EVP_MAXCHUNK, &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, ctx->encrypt);\
+	    inl-=EVP_MAXCHUNK;\
+	    in +=EVP_MAXCHUNK;\
+	    out+=EVP_MAXCHUNK;\
+	    }\
+	if (inl)\
+	    cprefix##_cbc_encrypt(in, out, (long)inl, &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, ctx->encrypt);\
 	return 1;\
 }
 
 #define BLOCK_CIPHER_func_cfb(cname, cprefix, cbits, kstruct, ksched) \
-static int cname##_cfb##cbits##_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \
+static int cname##_cfb##cbits##_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \
 {\
-	cprefix##_cfb##cbits##_encrypt(in, out, (long)inl, &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num, ctx->encrypt);\
+	size_t chunk=EVP_MAXCHUNK;\
+	if (cbits==1)  chunk>>=3;\
+	if (inl<chunk) chunk=inl;\
+	while(inl && inl>=chunk)\
+	    {\
+	    cprefix##_cfb##cbits##_encrypt(in, out, (long)(cbits==1?chunk*8:chunk), &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num, ctx->encrypt);\
+	    inl-=chunk;\
+	    in +=chunk;\
+	    out+=chunk;\
+	    if(inl<chunk) chunk=inl;\
+	    }\
 	return 1;\
 }
 
@@ -234,3 +262,88 @@ const EVP_CIPHER *EVP_##cname##_ecb(void) { return &cname##_ecb; }
 			     EVP_CIPHER_set_asn1_iv, \
 			     EVP_CIPHER_get_asn1_iv, \
 			     NULL)
+
+struct evp_pkey_ctx_st
+	{
+	/* Method associated with this operation */
+	const EVP_PKEY_METHOD *pmeth;
+	/* Engine that implements this method or NULL if builtin */
+	ENGINE *engine;
+	/* Key: may be NULL */
+	EVP_PKEY *pkey;
+	/* Peer key for key agreement, may be NULL */
+	EVP_PKEY *peerkey;
+	/* Actual operation */
+	int operation;
+	/* Algorithm specific data */
+	void *data;
+	/* Application specific data */
+	void *app_data;
+	/* Keygen callback */
+	EVP_PKEY_gen_cb *pkey_gencb;
+	/* implementation specific keygen data */
+	int *keygen_info;
+	int keygen_info_count;
+	} /* EVP_PKEY_CTX */;
+
+#define EVP_PKEY_FLAG_DYNAMIC	1
+
+struct evp_pkey_method_st
+	{
+	int pkey_id;
+	int flags;
+
+	int (*init)(EVP_PKEY_CTX *ctx);
+	int (*copy)(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src);
+	void (*cleanup)(EVP_PKEY_CTX *ctx);
+
+	int (*paramgen_init)(EVP_PKEY_CTX *ctx);
+	int (*paramgen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);
+
+	int (*keygen_init)(EVP_PKEY_CTX *ctx);
+	int (*keygen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);
+
+	int (*sign_init)(EVP_PKEY_CTX *ctx);
+	int (*sign)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+				const unsigned char *tbs, size_t tbslen);
+
+	int (*verify_init)(EVP_PKEY_CTX *ctx);
+	int (*verify)(EVP_PKEY_CTX *ctx,
+				const unsigned char *sig, size_t siglen,
+				const unsigned char *tbs, size_t tbslen);
+
+	int (*verify_recover_init)(EVP_PKEY_CTX *ctx);
+	int (*verify_recover)(EVP_PKEY_CTX *ctx,
+				unsigned char *rout, size_t *routlen,
+				const unsigned char *sig, size_t siglen);
+
+	int (*signctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+	int (*signctx)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+					EVP_MD_CTX *mctx);
+
+	int (*verifyctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+	int (*verifyctx)(EVP_PKEY_CTX *ctx, const unsigned char *sig,int siglen,
+					EVP_MD_CTX *mctx);
+
+	int (*encrypt_init)(EVP_PKEY_CTX *ctx);
+	int (*encrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+					const unsigned char *in, size_t inlen);
+
+	int (*decrypt_init)(EVP_PKEY_CTX *ctx);
+	int (*decrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+					const unsigned char *in, size_t inlen);
+
+	int (*derive_init)(EVP_PKEY_CTX *ctx);
+	int (*derive)(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);
+
+	int (*ctrl)(EVP_PKEY_CTX *ctx, int type, int p1, void *p2);
+	int (*ctrl_str)(EVP_PKEY_CTX *ctx, const char *type, const char *value);
+
+
+	} /* EVP_PKEY_METHOD */;
+
+void evp_pkey_set_cb_translate(BN_GENCB *cb, EVP_PKEY_CTX *ctx);
+
+int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
+                         ASN1_TYPE *param,
+			 const EVP_CIPHER *c, const EVP_MD *md, int en_de);
diff --git a/crypto/evp/evp_pbe.c b/crypto/evp/evp_pbe.c
index 91e545a141..f8c32d825e 100644
--- a/crypto/evp/evp_pbe.c
+++ b/crypto/evp/evp_pbe.c
@@ -1,9 +1,9 @@
 /* evp_pbe.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
 /* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2006 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -59,78 +59,258 @@
 #include <stdio.h>
 #include "cryptlib.h"
 #include <openssl/evp.h>
+#include <openssl/pkcs12.h>
 #include <openssl/x509.h>
+#include "evp_locl.h"
 
 /* Password based encryption (PBE) functions */
 
-static STACK *pbe_algs;
+DECLARE_STACK_OF(EVP_PBE_CTL)
+static STACK_OF(EVP_PBE_CTL) *pbe_algs;
 
 /* Setup a cipher context from a PBE algorithm */
 
-typedef struct {
-int pbe_nid;
-const EVP_CIPHER *cipher;
-const EVP_MD *md;
-EVP_PBE_KEYGEN *keygen;
-} EVP_PBE_CTL;
+typedef struct
+	{
+	int pbe_type;
+	int pbe_nid;
+	int cipher_nid;
+	int md_nid;
+	EVP_PBE_KEYGEN *keygen;
+	} EVP_PBE_CTL;
 
-int EVP_PBE_CipherInit (ASN1_OBJECT *pbe_obj, const char *pass, int passlen,
-	     ASN1_TYPE *param, EVP_CIPHER_CTX *ctx, int en_de)
-{
+static const EVP_PBE_CTL builtin_pbe[] = 
+	{
+	{EVP_PBE_TYPE_OUTER, NID_pbeWithMD2AndDES_CBC,
+			NID_des_cbc, NID_md2, PKCS5_PBE_keyivgen},
+	{EVP_PBE_TYPE_OUTER, NID_pbeWithMD5AndDES_CBC,
+			NID_des_cbc, NID_md5, PKCS5_PBE_keyivgen},
+	{EVP_PBE_TYPE_OUTER, NID_pbeWithSHA1AndRC2_CBC,
+			NID_rc2_64_cbc, NID_sha1, PKCS5_PBE_keyivgen},
 
-	EVP_PBE_CTL *pbetmp, pbelu;
-	int i;
-	pbelu.pbe_nid = OBJ_obj2nid(pbe_obj);
-	if (pbelu.pbe_nid != NID_undef) i = sk_find(pbe_algs, (char *)&pbelu);
-	else i = -1;
+#ifndef OPENSSL_NO_HMAC
+	{EVP_PBE_TYPE_OUTER, NID_id_pbkdf2, -1, -1, PKCS5_v2_PBKDF2_keyivgen},
+#endif
+
+	{EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And128BitRC4,
+			NID_rc4, NID_sha1, PKCS12_PBE_keyivgen},
+	{EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And40BitRC4,
+			NID_rc4_40, NID_sha1, PKCS12_PBE_keyivgen},
+	{EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And3_Key_TripleDES_CBC,
+		 	NID_des_ede3_cbc, NID_sha1, PKCS12_PBE_keyivgen},
+	{EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And2_Key_TripleDES_CBC, 
+			NID_des_ede_cbc, NID_sha1, PKCS12_PBE_keyivgen},
+	{EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And128BitRC2_CBC,
+			NID_rc2_cbc, NID_sha1, PKCS12_PBE_keyivgen},
+	{EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And40BitRC2_CBC,
+			NID_rc2_40_cbc, NID_sha1, PKCS12_PBE_keyivgen},
+
+#ifndef OPENSSL_NO_HMAC
+	{EVP_PBE_TYPE_OUTER, NID_pbes2, -1, -1, PKCS5_v2_PBE_keyivgen},
+#endif
+	{EVP_PBE_TYPE_OUTER, NID_pbeWithMD2AndRC2_CBC,
+			NID_rc2_64_cbc, NID_md2, PKCS5_PBE_keyivgen},
+	{EVP_PBE_TYPE_OUTER, NID_pbeWithMD5AndRC2_CBC,
+			NID_rc2_64_cbc, NID_md5, PKCS5_PBE_keyivgen},
+	{EVP_PBE_TYPE_OUTER, NID_pbeWithSHA1AndDES_CBC,
+			NID_des_cbc, NID_sha1, PKCS5_PBE_keyivgen},
+
+
+	{EVP_PBE_TYPE_PRF, NID_hmacWithSHA1, -1, NID_sha1, 0},
+	{EVP_PBE_TYPE_PRF, NID_hmacWithMD5, -1, NID_md5, 0},
+	{EVP_PBE_TYPE_PRF, NID_hmacWithSHA224, -1, NID_sha224, 0},
+	{EVP_PBE_TYPE_PRF, NID_hmacWithSHA256, -1, NID_sha256, 0},
+	{EVP_PBE_TYPE_PRF, NID_hmacWithSHA384, -1, NID_sha384, 0},
+	{EVP_PBE_TYPE_PRF, NID_hmacWithSHA512, -1, NID_sha512, 0},
+	{EVP_PBE_TYPE_PRF, NID_id_HMACGostR3411_94, -1, NID_id_GostR3411_94, 0},
+	};
+
+#ifdef TEST
+int main(int argc, char **argv)
+	{
+	int i, nid_md, nid_cipher;
+	EVP_PBE_CTL *tpbe, *tpbe2;
+	/*OpenSSL_add_all_algorithms();*/
+
+	for (i = 0; i < sizeof(builtin_pbe)/sizeof(EVP_PBE_CTL); i++)
+		{
+		tpbe = builtin_pbe + i;
+		fprintf(stderr, "%d %d %s ", tpbe->pbe_type, tpbe->pbe_nid,
+						OBJ_nid2sn(tpbe->pbe_nid));
+		if (EVP_PBE_find(tpbe->pbe_type, tpbe->pbe_nid,
+					&nid_cipher ,&nid_md,0))
+			fprintf(stderr, "Found %s %s\n",
+					OBJ_nid2sn(nid_cipher),
+					OBJ_nid2sn(nid_md));
+		else
+			fprintf(stderr, "Find ERROR!!\n");
+		}
+
+	return 0;
+	}
+#endif
+		
+
+
+int EVP_PBE_CipherInit(ASN1_OBJECT *pbe_obj, const char *pass, int passlen,
+		       ASN1_TYPE *param, EVP_CIPHER_CTX *ctx, int en_de)
+	{
+	const EVP_CIPHER *cipher;
+	const EVP_MD *md;
+	int cipher_nid, md_nid;
+	EVP_PBE_KEYGEN *keygen;
 
-	if (i == -1) {
+	if (!EVP_PBE_find(EVP_PBE_TYPE_OUTER, OBJ_obj2nid(pbe_obj),
+					&cipher_nid, &md_nid, &keygen))
+		{
 		char obj_tmp[80];
 		EVPerr(EVP_F_EVP_PBE_CIPHERINIT,EVP_R_UNKNOWN_PBE_ALGORITHM);
 		if (!pbe_obj) BUF_strlcpy (obj_tmp, "NULL", sizeof obj_tmp);
 		else i2t_ASN1_OBJECT(obj_tmp, sizeof obj_tmp, pbe_obj);
 		ERR_add_error_data(2, "TYPE=", obj_tmp);
 		return 0;
-	}
-	if(!pass) passlen = 0;
-	else if (passlen == -1) passlen = strlen(pass);
-	pbetmp = (EVP_PBE_CTL *)sk_value (pbe_algs, i);
-	i = (*pbetmp->keygen)(ctx, pass, passlen, param, pbetmp->cipher,
-						 pbetmp->md, en_de);
-	if (!i) {
+		}
+
+	if(!pass)
+		passlen = 0;
+	else if (passlen == -1)
+		passlen = strlen(pass);
+
+	if (cipher_nid == -1)
+		cipher = NULL;
+	else
+		{
+		cipher = EVP_get_cipherbynid(cipher_nid);
+		if (!cipher)
+			{
+			EVPerr(EVP_F_EVP_PBE_CIPHERINIT,EVP_R_UNKNOWN_CIPHER);
+			return 0;
+			}
+		}
+
+	if (md_nid == -1)
+		md = NULL;
+	else
+		{
+		md = EVP_get_digestbynid(md_nid);
+		if (!md)
+			{
+			EVPerr(EVP_F_EVP_PBE_CIPHERINIT,EVP_R_UNKNOWN_DIGEST);
+			return 0;
+			}
+		}
+
+	if (!keygen(ctx, pass, passlen, param, cipher, md, en_de))
+		{
 		EVPerr(EVP_F_EVP_PBE_CIPHERINIT,EVP_R_KEYGEN_FAILURE);
 		return 0;
-	}
+		}
 	return 1;	
 }
 
-static int pbe_cmp(const char * const *a, const char * const *b)
-{
-	EVP_PBE_CTL **pbe1 = (EVP_PBE_CTL **) a,  **pbe2 = (EVP_PBE_CTL **)b;
-	return ((*pbe1)->pbe_nid - (*pbe2)->pbe_nid);
-}
+DECLARE_OBJ_BSEARCH_CMP_FN(EVP_PBE_CTL, EVP_PBE_CTL, pbe2);
+
+static int pbe2_cmp(const EVP_PBE_CTL *pbe1, const EVP_PBE_CTL *pbe2)
+	{
+	int ret = pbe1->pbe_type - pbe2->pbe_type;
+	if (ret)
+		return ret;
+	else
+		return pbe1->pbe_nid - pbe2->pbe_nid;
+	}
+
+IMPLEMENT_OBJ_BSEARCH_CMP_FN(EVP_PBE_CTL, EVP_PBE_CTL, pbe2);
+
+static int pbe_cmp(const EVP_PBE_CTL * const *a, const EVP_PBE_CTL * const *b)
+	{
+	int ret = (*a)->pbe_type - (*b)->pbe_type;
+	if (ret)
+		return ret;
+	else
+		return (*a)->pbe_nid - (*b)->pbe_nid;
+	}
 
 /* Add a PBE algorithm */
 
-int EVP_PBE_alg_add(int nid, const EVP_CIPHER *cipher, const EVP_MD *md,
-	     EVP_PBE_KEYGEN *keygen)
-{
+int EVP_PBE_alg_add_type(int pbe_type, int pbe_nid, int cipher_nid, int md_nid,
+			 EVP_PBE_KEYGEN *keygen)
+	{
 	EVP_PBE_CTL *pbe_tmp;
-	if (!pbe_algs) pbe_algs = sk_new(pbe_cmp);
-	if (!(pbe_tmp = (EVP_PBE_CTL*) OPENSSL_malloc (sizeof(EVP_PBE_CTL)))) {
-		EVPerr(EVP_F_EVP_PBE_ALG_ADD,ERR_R_MALLOC_FAILURE);
+	if (!pbe_algs)
+		pbe_algs = sk_EVP_PBE_CTL_new(pbe_cmp);
+	if (!(pbe_tmp = (EVP_PBE_CTL*) OPENSSL_malloc (sizeof(EVP_PBE_CTL))))
+		{
+		EVPerr(EVP_F_EVP_PBE_ALG_ADD_TYPE,ERR_R_MALLOC_FAILURE);
 		return 0;
-	}
-	pbe_tmp->pbe_nid = nid;
-	pbe_tmp->cipher = cipher;
-	pbe_tmp->md = md;
+		}
+	pbe_tmp->pbe_type = pbe_type;
+	pbe_tmp->pbe_nid = pbe_nid;
+	pbe_tmp->cipher_nid = cipher_nid;
+	pbe_tmp->md_nid = md_nid;
 	pbe_tmp->keygen = keygen;
-	sk_push (pbe_algs, (char *)pbe_tmp);
+
+
+	sk_EVP_PBE_CTL_push (pbe_algs, pbe_tmp);
 	return 1;
-}
+	}
+
+int EVP_PBE_alg_add(int nid, const EVP_CIPHER *cipher, const EVP_MD *md,
+		    EVP_PBE_KEYGEN *keygen)
+	{
+	int cipher_nid, md_nid;
+	if (cipher)
+		cipher_nid = EVP_CIPHER_type(cipher);
+	else
+		cipher_nid = -1;
+	if (md)
+		md_nid = EVP_MD_type(md);
+	else
+		md_nid = -1;
+
+	return EVP_PBE_alg_add_type(EVP_PBE_TYPE_OUTER, nid,
+					cipher_nid, md_nid, keygen);
+	}
+
+int EVP_PBE_find(int type, int pbe_nid,
+		 int *pcnid, int *pmnid, EVP_PBE_KEYGEN **pkeygen)
+	{
+	EVP_PBE_CTL *pbetmp = NULL, pbelu;
+	int i;
+	if (pbe_nid == NID_undef)
+		return 0;
+
+	pbelu.pbe_type = type;
+	pbelu.pbe_nid = pbe_nid;
+
+	if (pbe_algs)
+		{
+		i = sk_EVP_PBE_CTL_find(pbe_algs, &pbelu);
+		if (i != -1)
+			pbetmp = sk_EVP_PBE_CTL_value (pbe_algs, i);
+		}
+	if (pbetmp == NULL)
+		{
+		pbetmp = OBJ_bsearch_pbe2(&pbelu, builtin_pbe,
+				     sizeof(builtin_pbe)/sizeof(EVP_PBE_CTL));
+		}
+	if (pbetmp == NULL)
+		return 0;
+	if (pcnid)
+		*pcnid = pbetmp->cipher_nid;
+	if (pmnid)
+		*pmnid = pbetmp->md_nid;
+	if (pkeygen)
+		*pkeygen = pbetmp->keygen;
+	return 1;
+	}
+
+static void free_evp_pbe_ctl(EVP_PBE_CTL *pbe)
+	 {
+	 OPENSSL_freeFunc(pbe);
+	 }
 
 void EVP_PBE_cleanup(void)
-{
-	sk_pop_free(pbe_algs, OPENSSL_freeFunc);
+	{
+	sk_EVP_PBE_CTL_pop_free(pbe_algs, free_evp_pbe_ctl);
 	pbe_algs = NULL;
-}
+	}
diff --git a/crypto/evp/evp_pkey.c b/crypto/evp/evp_pkey.c
index e752c2073a..ceebf69284 100644
--- a/crypto/evp/evp_pkey.c
+++ b/crypto/evp/evp_pkey.c
@@ -1,9 +1,9 @@
 /* evp_pkey.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
 /* ====================================================================
- * Copyright (c) 1999-2002 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -61,268 +61,52 @@
 #include "cryptlib.h"
 #include <openssl/x509.h>
 #include <openssl/rand.h>
-#include <openssl/rsa.h>
-#include <openssl/dsa.h>
-#include <openssl/bn.h>
-
-#ifndef OPENSSL_NO_DSA
-static int dsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8inf, EVP_PKEY *pkey);
-#endif
-#ifndef OPENSSL_NO_EC
-static int eckey_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8inf, EVP_PKEY *pkey);
-#endif
+#include "asn1_locl.h"
 
 /* Extract a private key from a PKCS8 structure */
 
-EVP_PKEY *EVP_PKCS82PKEY (PKCS8_PRIV_KEY_INFO *p8)
+EVP_PKEY *EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8)
 {
 	EVP_PKEY *pkey = NULL;
-#ifndef OPENSSL_NO_RSA
-	RSA *rsa = NULL;
-#endif
-#ifndef OPENSSL_NO_DSA
-	DSA *dsa = NULL;
-	ASN1_TYPE *t1, *t2;
-	ASN1_INTEGER *privkey;
-	STACK_OF(ASN1_TYPE) *ndsa = NULL;
-#endif
-#ifndef OPENSSL_NO_EC
-	EC_KEY *eckey = NULL;
-	const unsigned char *p_tmp;
-#endif
-#if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_EC)
-	ASN1_TYPE    *param = NULL;	
-	BN_CTX *ctx = NULL;
-	int plen;
-#endif
-	X509_ALGOR *a;
-	const unsigned char *p;
-	const unsigned char *cp;
-	int pkeylen;
-	int  nid;
+	ASN1_OBJECT *algoid;
 	char obj_tmp[80];
 
-	if(p8->pkey->type == V_ASN1_OCTET_STRING) {
-		p8->broken = PKCS8_OK;
-		p = p8->pkey->value.octet_string->data;
-		pkeylen = p8->pkey->value.octet_string->length;
-	} else {
-		p8->broken = PKCS8_NO_OCTET;
-		p = p8->pkey->value.sequence->data;
-		pkeylen = p8->pkey->value.sequence->length;
-	}
+	if (!PKCS8_pkey_get0(&algoid, NULL, NULL, NULL, p8))
+		return NULL;
+
 	if (!(pkey = EVP_PKEY_new())) {
 		EVPerr(EVP_F_EVP_PKCS82PKEY,ERR_R_MALLOC_FAILURE);
 		return NULL;
 	}
-	a = p8->pkeyalg;
-	nid = OBJ_obj2nid(a->algorithm);
-	switch(nid)
-	{
-#ifndef OPENSSL_NO_RSA
-		case NID_rsaEncryption:
-		cp = p;
-		if (!(rsa = d2i_RSAPrivateKey (NULL,&cp, pkeylen))) {
-			EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
-			return NULL;
-		}
-		EVP_PKEY_assign_RSA (pkey, rsa);
-		break;
-#endif
-#ifndef OPENSSL_NO_DSA
-		case NID_dsa:
-		/* PKCS#8 DSA is weird: you just get a private key integer
-	         * and parameters in the AlgorithmIdentifier the pubkey must
-		 * be recalculated.
-		 */
-	
-		/* Check for broken DSA PKCS#8, UGH! */
-		if(*p == (V_ASN1_SEQUENCE|V_ASN1_CONSTRUCTED)) {
-		    if(!(ndsa = ASN1_seq_unpack_ASN1_TYPE(p, pkeylen, 
-							  d2i_ASN1_TYPE,
-							  ASN1_TYPE_free))) {
-			EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
-			goto dsaerr;
-		    }
-		    if(sk_ASN1_TYPE_num(ndsa) != 2 ) {
-			EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
-			goto dsaerr;
-		    }
-		    /* Handle Two broken types:
-		     * SEQUENCE {parameters, priv_key}
-		     * SEQUENCE {pub_key, priv_key}
-		     */
-
-		    t1 = sk_ASN1_TYPE_value(ndsa, 0);
-		    t2 = sk_ASN1_TYPE_value(ndsa, 1);
-		    if(t1->type == V_ASN1_SEQUENCE) {
-			p8->broken = PKCS8_EMBEDDED_PARAM;
-			param = t1;
-		    } else if(a->parameter->type == V_ASN1_SEQUENCE) {
-			p8->broken = PKCS8_NS_DB;
-			param = a->parameter;
-		    } else {
-			EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
-			goto dsaerr;
-		    }
-
-		    if(t2->type != V_ASN1_INTEGER) {
-			EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
-			goto dsaerr;
-		    }
-		    privkey = t2->value.integer;
-		} else {
-			if (!(privkey=d2i_ASN1_INTEGER (NULL, &p, pkeylen))) {
-				EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
-				goto dsaerr;
-			}
-			param = p8->pkeyalg->parameter;
-		}
-		if (!param || (param->type != V_ASN1_SEQUENCE)) {
-			EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
-			goto dsaerr;
-		}
-		cp = p = param->value.sequence->data;
-		plen = param->value.sequence->length;
-		if (!(dsa = d2i_DSAparams (NULL, &cp, plen))) {
-			EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
-			goto dsaerr;
-		}
-		/* We have parameters now set private key */
-		if (!(dsa->priv_key = ASN1_INTEGER_to_BN(privkey, NULL))) {
-			EVPerr(EVP_F_EVP_PKCS82PKEY,EVP_R_BN_DECODE_ERROR);
-			goto dsaerr;
-		}
-		/* Calculate public key (ouch!) */
-		if (!(dsa->pub_key = BN_new())) {
-			EVPerr(EVP_F_EVP_PKCS82PKEY,ERR_R_MALLOC_FAILURE);
-			goto dsaerr;
-		}
-		if (!(ctx = BN_CTX_new())) {
-			EVPerr(EVP_F_EVP_PKCS82PKEY,ERR_R_MALLOC_FAILURE);
-			goto dsaerr;
-		}
-			
-		if (!BN_mod_exp(dsa->pub_key, dsa->g,
-						 dsa->priv_key, dsa->p, ctx)) {
-			
-			EVPerr(EVP_F_EVP_PKCS82PKEY,EVP_R_BN_PUBKEY_ERROR);
-			goto dsaerr;
-		}
-
-		EVP_PKEY_assign_DSA(pkey, dsa);
-		BN_CTX_free (ctx);
-		if(ndsa) sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
-		else ASN1_INTEGER_free(privkey);
-		break;
-		dsaerr:
-		BN_CTX_free (ctx);
-		sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
-		DSA_free(dsa);
-		EVP_PKEY_free(pkey);
-		return NULL;
-		break;
-#endif
-#ifndef OPENSSL_NO_EC
-		case NID_X9_62_id_ecPublicKey:
-		p_tmp = p;
-		/* extract the ec parameters */
-		param = p8->pkeyalg->parameter;
 
-		if (!param || ((param->type != V_ASN1_SEQUENCE) &&
-		    (param->type != V_ASN1_OBJECT)))
+	if (!EVP_PKEY_set_type(pkey, OBJ_obj2nid(algoid)))
 		{
-			EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
-			goto ecerr;
+		EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM);
+		i2t_ASN1_OBJECT(obj_tmp, 80, algoid);
+		ERR_add_error_data(2, "TYPE=", obj_tmp);
+		goto error;
 		}
 
-		if (param->type == V_ASN1_SEQUENCE)
-		{
-			cp = p = param->value.sequence->data;
-			plen = param->value.sequence->length;
-
-			if (!(eckey = d2i_ECParameters(NULL, &cp, plen)))
-			{
-				EVPerr(EVP_F_EVP_PKCS82PKEY,
-					EVP_R_DECODE_ERROR);
-				goto ecerr;
-			}
-		}
-		else
+	if (pkey->ameth->priv_decode)
 		{
-			cp = p = param->value.object->data;
-			plen = param->value.object->length;
-
-			/* type == V_ASN1_OBJECT => the parameters are given
-			 * by an asn1 OID
-			 */
-			if ((eckey = EC_KEY_new()) == NULL)
+		if (!pkey->ameth->priv_decode(pkey, p8))
 			{
-				EVPerr(EVP_F_EVP_PKCS82PKEY,
-					ERR_R_MALLOC_FAILURE);
-				goto ecerr;
+			EVPerr(EVP_F_EVP_PKCS82PKEY,
+					EVP_R_PRIVATE_KEY_DECODE_ERROR);
+			goto error;
 			}
-			if ((eckey->group = EC_GROUP_new_by_nid(
-                             OBJ_obj2nid(a->parameter->value.object))) == NULL)
-				goto ecerr;
-			EC_GROUP_set_asn1_flag(eckey->group, 
-						OPENSSL_EC_NAMED_CURVE);
 		}
-
-		/* We have parameters now set private key */
-		if (!d2i_ECPrivateKey(&eckey, &p_tmp, pkeylen))
+	else
 		{
-			EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
-			goto ecerr;
+		EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_METHOD_NOT_SUPPORTED);
+		goto error;
 		}
 
-		/* calculate public key (if necessary) */
-		if (!eckey->pub_key)
-		{
-			/* the public key was not included in the SEC1 private
-			 * key => calculate the public key */
-			eckey->pub_key = EC_POINT_new(eckey->group);
-			if (!eckey->pub_key)
-			{
-				EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_EC_LIB);
-				goto ecerr;
-			}
-			if (!EC_POINT_copy(eckey->pub_key, 
-				EC_GROUP_get0_generator(eckey->group)))
-			{
-				EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_EC_LIB);
-				goto ecerr;
-			}
-			if (!EC_POINT_mul(eckey->group, eckey->pub_key, 
-				eckey->priv_key, NULL, NULL, ctx))
-			{
-				EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_EC_LIB);
-				goto ecerr;
-			}
-		}
-
-		EVP_PKEY_assign_EC_KEY(pkey, eckey);
-		if (ctx)
-			BN_CTX_free(ctx);
-		break;
-ecerr:
-		if (ctx)
-			BN_CTX_free(ctx);
-		if (eckey)
-			EC_KEY_free(eckey);
-		if (pkey)
-			EVP_PKEY_free(pkey);
-		return NULL;
-#endif
-		default:
-		EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM);
-		if (!a->algorithm) BUF_strlcpy (obj_tmp, "NULL", sizeof obj_tmp);
-		else i2t_ASN1_OBJECT(obj_tmp, 80, a->algorithm);
-		ERR_add_error_data(2, "TYPE=", obj_tmp);
-		EVP_PKEY_free (pkey);
-		return NULL;
-	}
 	return pkey;
+
+	error:
+	EVP_PKEY_free (pkey);
+	return NULL;
 }
 
 PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey)
@@ -337,63 +121,41 @@ PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8_broken(EVP_PKEY *pkey, int broken)
 	PKCS8_PRIV_KEY_INFO *p8;
 
 	if (!(p8 = PKCS8_PRIV_KEY_INFO_new())) {	
-		EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
+		EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN,ERR_R_MALLOC_FAILURE);
 		return NULL;
 	}
 	p8->broken = broken;
-	if (!ASN1_INTEGER_set(p8->version, 0)) {
-		EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
-		PKCS8_PRIV_KEY_INFO_free (p8);
-		return NULL;
-	}
-	if (!(p8->pkeyalg->parameter = ASN1_TYPE_new ())) {
-		EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
-		PKCS8_PRIV_KEY_INFO_free (p8);
-		return NULL;
-	}
-	p8->pkey->type = V_ASN1_OCTET_STRING;
-	switch (EVP_PKEY_type(pkey->type)) {
-#ifndef OPENSSL_NO_RSA
-		case EVP_PKEY_RSA:
 
-		if(p8->broken == PKCS8_NO_OCTET) p8->pkey->type = V_ASN1_SEQUENCE;
-
-		p8->pkeyalg->algorithm = OBJ_nid2obj(NID_rsaEncryption);
-		p8->pkeyalg->parameter->type = V_ASN1_NULL;
-		if (!ASN1_pack_string ((char *)pkey, i2d_PrivateKey,
-					 &p8->pkey->value.octet_string)) {
-			EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
-			PKCS8_PRIV_KEY_INFO_free (p8);
-			return NULL;
-		}
-		break;
-#endif
-#ifndef OPENSSL_NO_DSA
-		case EVP_PKEY_DSA:
-		if(!dsa_pkey2pkcs8(p8, pkey)) {
-			PKCS8_PRIV_KEY_INFO_free (p8);
-			return NULL;
+	if (pkey->ameth)
+		{
+		if (pkey->ameth->priv_encode)
+			{
+			if (!pkey->ameth->priv_encode(p8, pkey))
+				{
+				EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN,
+					EVP_R_PRIVATE_KEY_ENCODE_ERROR);
+				goto error;
+				}
+			}
+		else
+			{
+			EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN,
+					EVP_R_METHOD_NOT_SUPPORTED);
+			goto error;
+			}
 		}
-
-		break;
-#endif
-#ifndef OPENSSL_NO_EC
-		case EVP_PKEY_EC:
-		if (!eckey_pkey2pkcs8(p8, pkey))
+	else
 		{
-			PKCS8_PRIV_KEY_INFO_free(p8);
-			return(NULL);
+		EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN,
+				EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM);
+		goto error;
 		}
-		break;
-#endif
-		default:
-		EVPerr(EVP_F_EVP_PKEY2PKCS8, EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM);
-		PKCS8_PRIV_KEY_INFO_free (p8);
-		return NULL;
-	}
 	RAND_add(p8->pkey->value.octet_string->data,
 		 p8->pkey->value.octet_string->length, 0.0);
 	return p8;
+	error:
+	PKCS8_PRIV_KEY_INFO_free(p8);
+	return NULL;
 }
 
 PKCS8_PRIV_KEY_INFO *PKCS8_set_broken(PKCS8_PRIV_KEY_INFO *p8, int broken)
@@ -412,302 +174,69 @@ PKCS8_PRIV_KEY_INFO *PKCS8_set_broken(PKCS8_PRIV_KEY_INFO *p8, int broken)
 		break;
 
 		default:
-		EVPerr(EVP_F_EVP_PKCS8_SET_BROKEN,EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE);
+		EVPerr(EVP_F_PKCS8_SET_BROKEN,EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE);
 		return NULL;
-		break;
-		
 	}
 }
 
-#ifndef OPENSSL_NO_DSA
-static int dsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey)
-{
-	ASN1_STRING *params = NULL;
-	ASN1_INTEGER *prkey = NULL;
-	ASN1_TYPE *ttmp = NULL;
-	STACK_OF(ASN1_TYPE) *ndsa = NULL;
-	unsigned char *p = NULL, *q;
-	int len;
-
-	p8->pkeyalg->algorithm = OBJ_nid2obj(NID_dsa);
-	len = i2d_DSAparams (pkey->pkey.dsa, NULL);
-	if (!(p = OPENSSL_malloc(len))) {
-		EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-	q = p;
-	i2d_DSAparams (pkey->pkey.dsa, &q);
-	if (!(params = ASN1_STRING_new())) {
-		EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-	if (!ASN1_STRING_set(params, p, len)) {
-		EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-	OPENSSL_free(p);
-	p = NULL;
-	/* Get private key into integer */
-	if (!(prkey = BN_to_ASN1_INTEGER (pkey->pkey.dsa->priv_key, NULL))) {
-		EVPerr(EVP_F_EVP_PKEY2PKCS8,EVP_R_ENCODE_ERROR);
-		goto err;
-	}
-
-	switch(p8->broken) {
-
-		case PKCS8_OK:
-		case PKCS8_NO_OCTET:
+/* EVP_PKEY attribute functions */
 
-		if (!ASN1_pack_string((char *)prkey, i2d_ASN1_INTEGER,
-					 &p8->pkey->value.octet_string)) {
-			EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-
-		M_ASN1_INTEGER_free (prkey);
-		prkey = NULL;
-		p8->pkeyalg->parameter->value.sequence = params;
-		params = NULL;
-		p8->pkeyalg->parameter->type = V_ASN1_SEQUENCE;
-
-		break;
-
-		case PKCS8_NS_DB:
-
-		p8->pkeyalg->parameter->value.sequence = params;
-		params = NULL;
-		p8->pkeyalg->parameter->type = V_ASN1_SEQUENCE;
-		if (!(ndsa = sk_ASN1_TYPE_new_null())) {
-			EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-		if (!(ttmp = ASN1_TYPE_new())) {
-			EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-		if (!(ttmp->value.integer =
-			BN_to_ASN1_INTEGER(pkey->pkey.dsa->pub_key, NULL))) {
-			EVPerr(EVP_F_EVP_PKEY2PKCS8,EVP_R_ENCODE_ERROR);
-			goto err;
-		}
-		ttmp->type = V_ASN1_INTEGER;
-		if (!sk_ASN1_TYPE_push(ndsa, ttmp)) {
-			EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-
-		if (!(ttmp = ASN1_TYPE_new())) {
-			EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-		ttmp->value.integer = prkey;
-		prkey = NULL;
-		ttmp->type = V_ASN1_INTEGER;
-		if (!sk_ASN1_TYPE_push(ndsa, ttmp)) {
-			EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-		ttmp = NULL;
-
-		if (!(p8->pkey->value.octet_string = ASN1_OCTET_STRING_new())) {
-			EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-
-		if (!ASN1_seq_pack_ASN1_TYPE(ndsa, i2d_ASN1_TYPE,
-					 &p8->pkey->value.octet_string->data,
-					 &p8->pkey->value.octet_string->length)) {
-
-			EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-		sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
-		break;
-
-		case PKCS8_EMBEDDED_PARAM:
+int EVP_PKEY_get_attr_count(const EVP_PKEY *key)
+{
+	return X509at_get_attr_count(key->attributes);
+}
 
-		p8->pkeyalg->parameter->type = V_ASN1_NULL;
-		if (!(ndsa = sk_ASN1_TYPE_new_null())) {
-			EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-		if (!(ttmp = ASN1_TYPE_new())) {
-			EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-		ttmp->value.sequence = params;
-		params = NULL;
-		ttmp->type = V_ASN1_SEQUENCE;
-		if (!sk_ASN1_TYPE_push(ndsa, ttmp)) {
-			EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
+int EVP_PKEY_get_attr_by_NID(const EVP_PKEY *key, int nid,
+			  int lastpos)
+{
+	return X509at_get_attr_by_NID(key->attributes, nid, lastpos);
+}
 
-		if (!(ttmp = ASN1_TYPE_new())) {
-			EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-		ttmp->value.integer = prkey;
-		prkey = NULL;
-		ttmp->type = V_ASN1_INTEGER;
-		if (!sk_ASN1_TYPE_push(ndsa, ttmp)) {
-			EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-		ttmp = NULL;
+int EVP_PKEY_get_attr_by_OBJ(const EVP_PKEY *key, ASN1_OBJECT *obj,
+			  int lastpos)
+{
+	return X509at_get_attr_by_OBJ(key->attributes, obj, lastpos);
+}
 
-		if (!(p8->pkey->value.octet_string = ASN1_OCTET_STRING_new())) {
-			EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
+X509_ATTRIBUTE *EVP_PKEY_get_attr(const EVP_PKEY *key, int loc)
+{
+	return X509at_get_attr(key->attributes, loc);
+}
 
-		if (!ASN1_seq_pack_ASN1_TYPE(ndsa, i2d_ASN1_TYPE,
-					 &p8->pkey->value.octet_string->data,
-					 &p8->pkey->value.octet_string->length)) {
+X509_ATTRIBUTE *EVP_PKEY_delete_attr(EVP_PKEY *key, int loc)
+{
+	return X509at_delete_attr(key->attributes, loc);
+}
 
-			EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-		sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
-		break;
-	}
-	return 1;
-err:
-	if (p != NULL) OPENSSL_free(p);
-	if (params != NULL) ASN1_STRING_free(params);
-	if (prkey != NULL) M_ASN1_INTEGER_free(prkey);
-	if (ttmp != NULL) ASN1_TYPE_free(ttmp);
-	if (ndsa != NULL) sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
+int EVP_PKEY_add1_attr(EVP_PKEY *key, X509_ATTRIBUTE *attr)
+{
+	if(X509at_add1_attr(&key->attributes, attr)) return 1;
 	return 0;
 }
-#endif
 
-#ifndef OPENSSL_NO_EC
-static int eckey_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey)
+int EVP_PKEY_add1_attr_by_OBJ(EVP_PKEY *key,
+			const ASN1_OBJECT *obj, int type,
+			const unsigned char *bytes, int len)
 {
-	EC_KEY		*eckey;
-	unsigned char	*p, *pp;
-	int 		nid, i, ret = 0;
-	unsigned int    tmp_flags;
-
-	if (pkey->pkey.eckey == NULL || pkey->pkey.eckey->group == NULL)
-	{
-		EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, EVP_R_MISSING_PARAMETERS);
-		return 0;
-	}
-	eckey = pkey->pkey.eckey;
-
-	/* set the ec parameters OID */
-	if (p8->pkeyalg->algorithm)
-		ASN1_OBJECT_free(p8->pkeyalg->algorithm);
-
-	p8->pkeyalg->algorithm = OBJ_nid2obj(NID_X9_62_id_ecPublicKey);
-
-	/* set the ec parameters */
-
-	if (p8->pkeyalg->parameter)
-	{
-		ASN1_TYPE_free(p8->pkeyalg->parameter);
-		p8->pkeyalg->parameter = NULL;
-	}
-
-	if ((p8->pkeyalg->parameter = ASN1_TYPE_new()) == NULL)
-	{
-		EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	
-	if (EC_GROUP_get_asn1_flag(eckey->group)
-                     && (nid = EC_GROUP_get_nid(eckey->group)))
-	{
-		/* we have a 'named curve' => just set the OID */
-		p8->pkeyalg->parameter->type = V_ASN1_OBJECT;
-		p8->pkeyalg->parameter->value.object = OBJ_nid2obj(nid);
-	}
-	else	/* explicit parameters */
-	{
-		if ((i = i2d_ECParameters(eckey, NULL)) == 0)
-		{
-			EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_EC_LIB);
-			return 0;
-		}
-		if ((p = (unsigned char *) OPENSSL_malloc(i)) == NULL)
-		{
-			EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE);
-			return 0;
-		}	
-		pp = p;
-		if (!i2d_ECParameters(eckey, &pp))
-		{
-			EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_EC_LIB);
-			OPENSSL_free(p);
-			return 0;
-		}
-		p8->pkeyalg->parameter->type = V_ASN1_SEQUENCE;
-		if ((p8->pkeyalg->parameter->value.sequence 
-			= ASN1_STRING_new()) == NULL)
-		{
-			EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_ASN1_LIB);
-			OPENSSL_free(p);
-			return 0;
-		}
-		ASN1_STRING_set(p8->pkeyalg->parameter->value.sequence, p, i);
-		OPENSSL_free(p);
-	}
-
-	/* set the private key */
-
-	/* do not include the parameters in the SEC1 private key
-	 * see PKCS#11 12.11 */
-	tmp_flags  = pkey->pkey.eckey->enc_flag;
-	pkey->pkey.eckey->enc_flag |= EC_PKEY_NO_PARAMETERS;
-	i = i2d_ECPrivateKey(pkey->pkey.eckey, NULL);
-	if (!i)
-	{
-		pkey->pkey.eckey->enc_flag = tmp_flags;
-		EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_EC_LIB);
-		return 0;
-	}
-	p = (unsigned char *) OPENSSL_malloc(i);
-	if (!p)
-	{
-		pkey->pkey.eckey->enc_flag = tmp_flags;
-		EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	pp = p;
-	if (!i2d_ECPrivateKey(pkey->pkey.eckey, &pp))
-	{
-		pkey->pkey.eckey->enc_flag = tmp_flags;
-		EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_EC_LIB);
-		OPENSSL_free(p);
-		return 0;
-	}
-	/* restore old encoding flags */
-	pkey->pkey.eckey->enc_flag = tmp_flags;
-
-	switch(p8->broken) {
+	if(X509at_add1_attr_by_OBJ(&key->attributes, obj,
+				type, bytes, len)) return 1;
+	return 0;
+}
 
-		case PKCS8_OK:
-		p8->pkey->value.octet_string = ASN1_OCTET_STRING_new();
-		if (!p8->pkey->value.octet_string ||
-		    !M_ASN1_OCTET_STRING_set(p8->pkey->value.octet_string,
-		    (const void *)p, i))
+int EVP_PKEY_add1_attr_by_NID(EVP_PKEY *key,
+			int nid, int type,
+			const unsigned char *bytes, int len)
+{
+	if(X509at_add1_attr_by_NID(&key->attributes, nid,
+				type, bytes, len)) return 1;
+	return 0;
+}
 
-		{
-			EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE);
-		}
-		else
-			ret = 1;
-		break;
-		case PKCS8_NO_OCTET:		/* RSA specific */
-		case PKCS8_NS_DB:		/* DSA specific */
-		case PKCS8_EMBEDDED_PARAM:	/* DSA specific */
-		default:
-			EVPerr(EVP_F_EVP_PKEY2PKCS8,EVP_R_ENCODE_ERROR);
-	}
-	OPENSSL_cleanse(p, (size_t)i);
-	OPENSSL_free(p);
-	return ret;
+int EVP_PKEY_add1_attr_by_txt(EVP_PKEY *key,
+			const char *attrname, int type,
+			const unsigned char *bytes, int len)
+{
+	if(X509at_add1_attr_by_txt(&key->attributes, attrname,
+				type, bytes, len)) return 1;
+	return 0;
 }
-#endif
diff --git a/crypto/evp/evp_test.c b/crypto/evp/evp_test.c
index 2dc8b8c158..902efac975 100644
--- a/crypto/evp/evp_test.c
+++ b/crypto/evp/evp_test.c
@@ -52,6 +52,7 @@
 
 #include "../e_os.h"
 
+#include <openssl/opensslconf.h>
 #include <openssl/evp.h>
 #ifndef OPENSSL_NO_ENGINE
 #include <openssl/engine.h>
@@ -152,8 +153,8 @@ static void test1(const EVP_CIPHER *c,const unsigned char *key,int kn,
     
     if(kn != c->key_len)
 	{
-	fprintf(stderr,"Key length doesn't match, got %d expected %d\n",kn,
-		c->key_len);
+	fprintf(stderr,"Key length doesn't match, got %d expected %lu\n",kn,
+		(unsigned long)c->key_len);
 	test1_exit(5);
 	}
     EVP_CIPHER_CTX_init(&ctx);
@@ -219,18 +220,18 @@ static void test1(const EVP_CIPHER *c,const unsigned char *key,int kn,
 	    test1_exit(7);
 	    }
 
-	if(outl+outl2 != cn)
+	if(outl+outl2 != pn)
 	    {
 	    fprintf(stderr,"Plaintext length mismatch got %d expected %d\n",
-		    outl+outl2,cn);
+		    outl+outl2,pn);
 	    test1_exit(8);
 	    }
 
-	if(memcmp(out,plaintext,cn))
+	if(memcmp(out,plaintext,pn))
 	    {
 	    fprintf(stderr,"Plaintext mismatch\n");
-	    hexdump(stderr,"Got",out,cn);
-	    hexdump(stderr,"Expected",plaintext,cn);
+	    hexdump(stderr,"Got",out,pn);
+	    hexdump(stderr,"Expected",plaintext,pn);
 	    test1_exit(9);
 	    }
 	}
@@ -395,6 +396,41 @@ int main(int argc,char **argv)
 	if(!test_cipher(cipher,key,kn,iv,in,plaintext,pn,ciphertext,cn,encdec)
 	   && !test_digest(cipher,plaintext,pn,ciphertext,cn))
 	    {
+#ifdef OPENSSL_NO_AES
+	    if (strstr(cipher, "AES") == cipher)
+		{
+		fprintf(stdout, "Cipher disabled, skipping %s\n", cipher); 
+		continue;
+		}
+#endif
+#ifdef OPENSSL_NO_DES
+	    if (strstr(cipher, "DES") == cipher)
+		{
+		fprintf(stdout, "Cipher disabled, skipping %s\n", cipher); 
+		continue;
+		}
+#endif
+#ifdef OPENSSL_NO_RC4
+	    if (strstr(cipher, "RC4") == cipher)
+		{
+		fprintf(stdout, "Cipher disabled, skipping %s\n", cipher); 
+		continue;
+		}
+#endif
+#ifdef OPENSSL_NO_CAMELLIA
+	    if (strstr(cipher, "CAMELLIA") == cipher)
+		{
+		fprintf(stdout, "Cipher disabled, skipping %s\n", cipher); 
+		continue;
+		}
+#endif
+#ifdef OPENSSL_NO_SEED
+	    if (strstr(cipher, "SEED") == cipher)
+		{
+		fprintf(stdout, "Cipher disabled, skipping %s\n", cipher); 
+		continue;
+		}
+#endif
 	    fprintf(stderr,"Can't find %s\n",cipher);
 	    EXIT(3);
 	    }
@@ -405,7 +441,7 @@ int main(int argc,char **argv)
 #endif
     EVP_cleanup();
     CRYPTO_cleanup_all_ex_data();
-    ERR_remove_state(0);
+    ERR_remove_thread_state(NULL);
     ERR_free_strings();
     CRYPTO_mem_leaks_fp(stderr);
 
diff --git a/crypto/evp/evptests.txt b/crypto/evp/evptests.txt
index 80bd9c7765..beb12144b6 100644
--- a/crypto/evp/evptests.txt
+++ b/crypto/evp/evptests.txt
@@ -181,3 +181,141 @@ RC4:00000000000000000000000000000000::0000000000000000:de188941a3375d3a
 RC4:ef012345ef012345ef012345ef012345::0000000000000000000000000000000000000000:d6a141a7ec3c38dfbd615a1162e1c7ba36b67858
 RC4:0123456789abcdef0123456789abcdef::123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012345678:66a0949f8af7d6891f7f832ba833c00c892ebe30143ce28740011ecf
 RC4:ef012345ef012345ef012345ef012345::00000000000000000000:d6a141a7ec3c38dfbd61
+
+
+# Camellia tests from RFC3713
+# For all ECB encrypts and decrypts, the transformed sequence is
+#   CAMELLIA-bits-ECB:key::plaintext:ciphertext:encdec
+CAMELLIA-128-ECB:0123456789abcdeffedcba9876543210::0123456789abcdeffedcba9876543210:67673138549669730857065648eabe43
+CAMELLIA-192-ECB:0123456789abcdeffedcba98765432100011223344556677::0123456789abcdeffedcba9876543210:b4993401b3e996f84ee5cee7d79b09b9
+CAMELLIA-256-ECB:0123456789abcdeffedcba987654321000112233445566778899aabbccddeeff::0123456789abcdeffedcba9876543210:9acc237dff16d76c20ef7c919e3a7509
+
+# ECB-CAMELLIA128.Encrypt
+CAMELLIA-128-ECB:000102030405060708090A0B0C0D0E0F::00112233445566778899AABBCCDDEEFF:77CF412067AF8270613529149919546F:1
+CAMELLIA-192-ECB:000102030405060708090A0B0C0D0E0F1011121314151617::00112233445566778899AABBCCDDEEFF:B22F3C36B72D31329EEE8ADDC2906C68:1
+CAMELLIA-256-ECB:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F::00112233445566778899AABBCCDDEEFF:2EDF1F3418D53B88841FC8985FB1ECF2:1
+
+# ECB-CAMELLIA128.Encrypt and ECB-CAMELLIA128.Decrypt 
+CAMELLIA-128-ECB:2B7E151628AED2A6ABF7158809CF4F3C::6BC1BEE22E409F96E93D7E117393172A:432FC5DCD628115B7C388D770B270C96
+CAMELLIA-128-ECB:2B7E151628AED2A6ABF7158809CF4F3C::AE2D8A571E03AC9C9EB76FAC45AF8E51:0BE1F14023782A22E8384C5ABB7FAB2B
+CAMELLIA-128-ECB:2B7E151628AED2A6ABF7158809CF4F3C::30C81C46A35CE411E5FBC1191A0A52EF:A0A1ABCD1893AB6FE0FE5B65DF5F8636
+CAMELLIA-128-ECB:2B7E151628AED2A6ABF7158809CF4F3C::F69F2445DF4F9B17AD2B417BE66C3710:E61925E0D5DFAA9BB29F815B3076E51A
+
+# ECB-CAMELLIA192.Encrypt and ECB-CAMELLIA192.Decrypt 
+CAMELLIA-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::6BC1BEE22E409F96E93D7E117393172A:CCCC6C4E138B45848514D48D0D3439D3
+CAMELLIA-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::AE2D8A571E03AC9C9EB76FAC45AF8E51:5713C62C14B2EC0F8393B6AFD6F5785A
+CAMELLIA-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::30C81C46A35CE411E5FBC1191A0A52EF:B40ED2B60EB54D09D030CF511FEEF366
+CAMELLIA-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::F69F2445DF4F9B17AD2B417BE66C3710:909DBD95799096748CB27357E73E1D26
+
+# ECB-CAMELLIA256.Encrypt and ECB-CAMELLIA256.Decrypt 
+CAMELLIA-256-ECB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4::6BC1BEE22E409F96E93D7E117393172A:BEFD219B112FA00098919CD101C9CCFA
+CAMELLIA-256-ECB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4::AE2D8A571E03AC9C9EB76FAC45AF8E51:C91D3A8F1AEA08A9386CF4B66C0169EA
+CAMELLIA-256-ECB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4::30C81C46A35CE411E5FBC1191A0A52EF:A623D711DC5F25A51BB8A80D56397D28
+CAMELLIA-256-ECB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4::F69F2445DF4F9B17AD2B417BE66C3710:7960109FB6DC42947FCFE59EA3C5EB6B
+
+# For all CBC encrypts and decrypts, the transformed sequence is
+#   CAMELLIA-bits-CBC:key:IV/ciphertext':plaintext:ciphertext:encdec
+# CBC-CAMELLIA128.Encrypt and CBC-CAMELLIA128.Decrypt 
+CAMELLIA-128-CBC:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:1607CF494B36BBF00DAEB0B503C831AB
+CAMELLIA-128-CBC:2B7E151628AED2A6ABF7158809CF4F3C:1607CF494B36BBF00DAEB0B503C831AB:AE2D8A571E03AC9C9EB76FAC45AF8E51:A2F2CF671629EF7840C5A5DFB5074887
+CAMELLIA-128-CBC:2B7E151628AED2A6ABF7158809CF4F3C:A2F2CF671629EF7840C5A5DFB5074887:30C81C46A35CE411E5FBC1191A0A52EF:0F06165008CF8B8B5A63586362543E54
+CAMELLIA-128-CBC:2B7E151628AED2A6ABF7158809CF4F3C:36A84CDAFD5F9A85ADA0F0A993D6D577:F69F2445DF4F9B17AD2B417BE66C3710:74C64268CDB8B8FAF5B34E8AF3732980
+
+# CBC-CAMELLIA192.Encrypt and CBC-CAMELLIA192.Decrypt 
+CAMELLIA-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:2A4830AB5AC4A1A2405955FD2195CF93
+CAMELLIA-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:2A4830AB5AC4A1A2405955FD2195CF93:AE2D8A571E03AC9C9EB76FAC45AF8E51:5D5A869BD14CE54264F892A6DD2EC3D5
+CAMELLIA-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:5D5A869BD14CE54264F892A6DD2EC3D5:30C81C46A35CE411E5FBC1191A0A52EF:37D359C3349836D884E310ADDF68C449
+CAMELLIA-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:37D359C3349836D884E310ADDF68C449:F69F2445DF4F9B17AD2B417BE66C3710:01FAAA930B4AB9916E9668E1428C6B08
+
+# CBC-CAMELLIA256.Encrypt and CBC-CAMELLIA256.Decrypt 
+CAMELLIA-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:E6CFA35FC02B134A4D2C0B6737AC3EDA
+CAMELLIA-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:E6CFA35FC02B134A4D2C0B6737AC3EDA:AE2D8A571E03AC9C9EB76FAC45AF8E51:36CBEB73BD504B4070B1B7DE2B21EB50
+CAMELLIA-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:36CBEB73BD504B4070B1B7DE2B21EB50:30C81C46A35CE411E5FBC1191A0A52EF:E31A6055297D96CA3330CDF1B1860A83
+CAMELLIA-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:E31A6055297D96CA3330CDF1B1860A83:F69F2445DF4F9B17AD2B417BE66C3710:5D563F6D1CCCF236051C0C5C1C58F28F
+
+# We don't support CFB{1,8}-CAMELLIAxxx.{En,De}crypt
+# For all CFB128 encrypts and decrypts, the transformed sequence is
+#   CAMELLIA-bits-CFB:key:IV/ciphertext':plaintext:ciphertext:encdec
+# CFB128-CAMELLIA128.Encrypt 
+CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:14F7646187817EB586599146B82BD719:1
+CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:14F7646187817EB586599146B82BD719:AE2D8A571E03AC9C9EB76FAC45AF8E51:A53D28BB82DF741103EA4F921A44880B:1
+CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:A53D28BB82DF741103EA4F921A44880B:30C81C46A35CE411E5FBC1191A0A52EF:9C2157A664626D1DEF9EA420FDE69B96:1
+CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:9C2157A664626D1DEF9EA420FDE69B96:F69F2445DF4F9B17AD2B417BE66C3710:742A25F0542340C7BAEF24CA8482BB09:1
+
+# CFB128-CAMELLIA128.Decrypt 
+CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:14F7646187817EB586599146B82BD719:0
+CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:14F7646187817EB586599146B82BD719:AE2D8A571E03AC9C9EB76FAC45AF8E51:A53D28BB82DF741103EA4F921A44880B:0
+CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:A53D28BB82DF741103EA4F921A44880B:30C81C46A35CE411E5FBC1191A0A52EF:9C2157A664626D1DEF9EA420FDE69B96:0
+CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:9C2157A664626D1DEF9EA420FDE69B96:F69F2445DF4F9B17AD2B417BE66C3710:742A25F0542340C7BAEF24CA8482BB09:0
+
+# CFB128-CAMELLIA192.Encrypt
+CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:C832BB9780677DAA82D9B6860DCD565E:1
+CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:C832BB9780677DAA82D9B6860DCD565E:AE2D8A571E03AC9C9EB76FAC45AF8E51:86F8491627906D780C7A6D46EA331F98:1
+CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:86F8491627906D780C7A6D46EA331F98:30C81C46A35CE411E5FBC1191A0A52EF:69511CCE594CF710CB98BB63D7221F01:1
+CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:69511CCE594CF710CB98BB63D7221F01:F69F2445DF4F9B17AD2B417BE66C3710:D5B5378A3ABED55803F25565D8907B84:1
+
+# CFB128-CAMELLIA192.Decrypt
+CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:C832BB9780677DAA82D9B6860DCD565E:0
+CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:C832BB9780677DAA82D9B6860DCD565E:AE2D8A571E03AC9C9EB76FAC45AF8E51:86F8491627906D780C7A6D46EA331F98:0
+CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:86F8491627906D780C7A6D46EA331F98:30C81C46A35CE411E5FBC1191A0A52EF:69511CCE594CF710CB98BB63D7221F01:0
+CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:69511CCE594CF710CB98BB63D7221F01:F69F2445DF4F9B17AD2B417BE66C3710:D5B5378A3ABED55803F25565D8907B84:0
+
+# CFB128-CAMELLIA256.Encrypt 
+CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:CF6107BB0CEA7D7FB1BD31F5E7B06C93:1
+CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:CF6107BB0CEA7D7FB1BD31F5E7B06C93:AE2D8A571E03AC9C9EB76FAC45AF8E51:89BEDB4CCDD864EA11BA4CBE849B5E2B:1
+CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:89BEDB4CCDD864EA11BA4CBE849B5E2B:30C81C46A35CE411E5FBC1191A0A52EF:555FC3F34BDD2D54C62D9E3BF338C1C4:1
+CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:555FC3F34BDD2D54C62D9E3BF338C1C4:F69F2445DF4F9B17AD2B417BE66C3710:5953ADCE14DB8C7F39F1BD39F359BFFA:1
+
+# CFB128-CAMELLIA256.Decrypt 
+CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:CF6107BB0CEA7D7FB1BD31F5E7B06C93:0
+CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:CF6107BB0CEA7D7FB1BD31F5E7B06C93:AE2D8A571E03AC9C9EB76FAC45AF8E51:89BEDB4CCDD864EA11BA4CBE849B5E2B:0
+CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:89BEDB4CCDD864EA11BA4CBE849B5E2B:30C81C46A35CE411E5FBC1191A0A52EF:555FC3F34BDD2D54C62D9E3BF338C1C4:0
+CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:555FC3F34BDD2D54C62D9E3BF338C1C4:F69F2445DF4F9B17AD2B417BE66C3710:5953ADCE14DB8C7F39F1BD39F359BFFA:0
+
+# For all OFB encrypts and decrypts, the transformed sequence is
+#   CAMELLIA-bits-OFB:key:IV/output':plaintext:ciphertext:encdec
+# OFB-CAMELLIA128.Encrypt 
+CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:14F7646187817EB586599146B82BD719:1
+CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:50FE67CC996D32B6DA0937E99BAFEC60:AE2D8A571E03AC9C9EB76FAC45AF8E51:25623DB569CA51E01482649977E28D84:1
+CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:D9A4DADA0892239F6B8B3D7680E15674:30C81C46A35CE411E5FBC1191A0A52EF:C776634A60729DC657D12B9FCA801E98:1
+CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:A78819583F0308E7A6BF36B1386ABF23:F69F2445DF4F9B17AD2B417BE66C3710:D776379BE0E50825E681DA1A4C980E8E:1
+
+# OFB-CAMELLIA128.Decrypt 
+CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:14F7646187817EB586599146B82BD719:0
+CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:50FE67CC996D32B6DA0937E99BAFEC60:AE2D8A571E03AC9C9EB76FAC45AF8E51:25623DB569CA51E01482649977E28D84:0
+CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:D9A4DADA0892239F6B8B3D7680E15674:30C81C46A35CE411E5FBC1191A0A52EF:C776634A60729DC657D12B9FCA801E98:0
+CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:A78819583F0308E7A6BF36B1386ABF23:F69F2445DF4F9B17AD2B417BE66C3710:D776379BE0E50825E681DA1A4C980E8E:0
+
+# OFB-CAMELLIA192.Encrypt 
+CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:C832BB9780677DAA82D9B6860DCD565E:1
+CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:A609B38DF3B1133DDDFF2718BA09565E:AE2D8A571E03AC9C9EB76FAC45AF8E51:8ECEB7D0350D72C7F78562AEBDF99339:1
+CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:52EF01DA52602FE0975F78AC84BF8A50:30C81C46A35CE411E5FBC1191A0A52EF:BDD62DBBB9700846C53B507F544696F0:1
+CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:BD5286AC63AABD7EB067AC54B553F71D:F69F2445DF4F9B17AD2B417BE66C3710:E28014E046B802F385C4C2E13EAD4A72:1
+
+# OFB-CAMELLIA192.Decrypt 
+CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:C832BB9780677DAA82D9B6860DCD565E:0
+CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:A609B38DF3B1133DDDFF2718BA09565E:AE2D8A571E03AC9C9EB76FAC45AF8E51:8ECEB7D0350D72C7F78562AEBDF99339:0
+CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:52EF01DA52602FE0975F78AC84BF8A50:30C81C46A35CE411E5FBC1191A0A52EF:BDD62DBBB9700846C53B507F544696F0:0
+CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:BD5286AC63AABD7EB067AC54B553F71D:F69F2445DF4F9B17AD2B417BE66C3710:E28014E046B802F385C4C2E13EAD4A72:0
+
+# OFB-CAMELLIA256.Encrypt 
+CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:CF6107BB0CEA7D7FB1BD31F5E7B06C93:1
+CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:B7BF3A5DF43989DD97F0FA97EBCE2F4A:AE2D8A571E03AC9C9EB76FAC45AF8E51:127AD97E8E3994E4820027D7BA109368:1
+CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:E1C656305ED1A7A6563805746FE03EDC:30C81C46A35CE411E5FBC1191A0A52EF:6BFF6265A6A6B7A535BC65A80B17214E:1
+CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:41635BE625B48AFC1666DD42A09D96E7:F69F2445DF4F9B17AD2B417BE66C3710:0A4A0404E26AA78A27CB271E8BF3CF20:1
+
+# OFB-CAMELLIA256.Decrypt 
+CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:CF6107BB0CEA7D7FB1BD31F5E7B06C93:0
+CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:B7BF3A5DF43989DD97F0FA97EBCE2F4A:AE2D8A571E03AC9C9EB76FAC45AF8E51:127AD97E8E3994E4820027D7BA109368:0
+CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:E1C656305ED1A7A6563805746FE03EDC:30C81C46A35CE411E5FBC1191A0A52EF:6BFF6265A6A6B7A535BC65A80B17214E:0
+CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:41635BE625B48AFC1666DD42A09D96E7:F69F2445DF4F9B17AD2B417BE66C3710:0A4A0404E26AA78A27CB271E8BF3CF20:0
+
+# SEED test vectors from RFC4269
+SEED-ECB:00000000000000000000000000000000::000102030405060708090A0B0C0D0E0F:5EBAC6E0054E166819AFF1CC6D346CDB:0
+SEED-ECB:000102030405060708090A0B0C0D0E0F::00000000000000000000000000000000:C11F22F20140505084483597E4370F43:0
+SEED-ECB:4706480851E61BE85D74BFB3FD956185::83A2F8A288641FB9A4E9A5CC2F131C7D:EE54D13EBCAE706D226BC3142CD40D4A:0
+SEED-ECB:28DBC3BC49FFD87DCFA509B11D422BE7::B41E6BE2EBA84A148E2EED84593C5EC7:9B9B7BFCD1813CB95D0B3618F40F5122:0
+SEED-ECB:00000000000000000000000000000000::000102030405060708090A0B0C0D0E0F:5EBAC6E0054E166819AFF1CC6D346CDB:1
+SEED-ECB:000102030405060708090A0B0C0D0E0F::00000000000000000000000000000000:C11F22F20140505084483597E4370F43:1
+SEED-ECB:4706480851E61BE85D74BFB3FD956185::83A2F8A288641FB9A4E9A5CC2F131C7D:EE54D13EBCAE706D226BC3142CD40D4A:1
+SEED-ECB:28DBC3BC49FFD87DCFA509B11D422BE7::B41E6BE2EBA84A148E2EED84593C5EC7:9B9B7BFCD1813CB95D0B3618F40F5122:1
diff --git a/crypto/evp/m_dss.c b/crypto/evp/m_dss.c
index 020f19c44b..48c2689504 100644
--- a/crypto/evp/m_dss.c
+++ b/crypto/evp/m_dss.c
@@ -61,9 +61,12 @@
 #include <openssl/evp.h>
 #include <openssl/objects.h>
 #include <openssl/x509.h>
+#ifndef OPENSSL_NO_DSA
 #include <openssl/dsa.h>
+#endif
 
 #ifndef OPENSSL_NO_SHA
+
 static int init(EVP_MD_CTX *ctx)
 	{ return SHA1_Init(ctx->md_data); }
 
@@ -78,7 +81,7 @@ static const EVP_MD dsa_md=
 	NID_dsaWithSHA,
 	NID_dsaWithSHA,
 	SHA_DIGEST_LENGTH,
-	0,
+	EVP_MD_FLAG_PKEY_DIGEST,
 	init,
 	update,
 	final,
diff --git a/crypto/evp/m_dss1.c b/crypto/evp/m_dss1.c
index a20056f04b..4f03fb70e0 100644
--- a/crypto/evp/m_dss1.c
+++ b/crypto/evp/m_dss1.c
@@ -64,7 +64,9 @@
 #include <openssl/evp.h>
 #include <openssl/objects.h>
 #include <openssl/x509.h>
+#ifndef OPENSSL_NO_DSA
 #include <openssl/dsa.h>
+#endif
 
 static int init(EVP_MD_CTX *ctx)
 	{ return SHA1_Init(ctx->md_data); }
@@ -80,7 +82,7 @@ static const EVP_MD dss1_md=
 	NID_dsa,
 	NID_dsaWithSHA1,
 	SHA_DIGEST_LENGTH,
-	0,
+	EVP_MD_FLAG_PKEY_DIGEST,
 	init,
 	update,
 	final,
diff --git a/crypto/evp/m_ecdsa.c b/crypto/evp/m_ecdsa.c
index fad270faca..8d87a49ebe 100644
--- a/crypto/evp/m_ecdsa.c
+++ b/crypto/evp/m_ecdsa.c
@@ -130,7 +130,7 @@ static const EVP_MD ecdsa_md=
 	NID_ecdsa_with_SHA1,
 	NID_ecdsa_with_SHA1,
 	SHA_DIGEST_LENGTH,
-	0,
+	EVP_MD_FLAG_PKEY_DIGEST,
 	init,
 	update,
 	final,
diff --git a/crypto/evp/m_md2.c b/crypto/evp/m_md2.c
index 1eae4ed38c..5ce849f161 100644
--- a/crypto/evp/m_md2.c
+++ b/crypto/evp/m_md2.c
@@ -65,7 +65,9 @@
 #include <openssl/objects.h>
 #include <openssl/x509.h>
 #include <openssl/md2.h>
+#ifndef OPENSSL_NO_RSA
 #include <openssl/rsa.h>
+#endif
 
 static int init(EVP_MD_CTX *ctx)
 	{ return MD2_Init(ctx->md_data); }
diff --git a/crypto/evp/m_md4.c b/crypto/evp/m_md4.c
index 0fb84b6d1e..1e0b7c5b42 100644
--- a/crypto/evp/m_md4.c
+++ b/crypto/evp/m_md4.c
@@ -65,7 +65,9 @@
 #include <openssl/objects.h>
 #include <openssl/x509.h>
 #include <openssl/md4.h>
+#ifndef OPENSSL_NO_RSA
 #include <openssl/rsa.h>
+#endif
 
 static int init(EVP_MD_CTX *ctx)
 	{ return MD4_Init(ctx->md_data); }
diff --git a/crypto/evp/m_md5.c b/crypto/evp/m_md5.c
index 21288ee636..63c142119e 100644
--- a/crypto/evp/m_md5.c
+++ b/crypto/evp/m_md5.c
@@ -65,7 +65,9 @@
 #include <openssl/objects.h>
 #include <openssl/x509.h>
 #include <openssl/md5.h>
+#ifndef OPENSSL_NO_RSA
 #include <openssl/rsa.h>
+#endif
 
 static int init(EVP_MD_CTX *ctx)
 	{ return MD5_Init(ctx->md_data); }
diff --git a/crypto/evp/m_ripemd.c b/crypto/evp/m_ripemd.c
index 087ad2d30a..a1d60ee78d 100644
--- a/crypto/evp/m_ripemd.c
+++ b/crypto/evp/m_ripemd.c
@@ -65,7 +65,9 @@
 #include <openssl/evp.h>
 #include <openssl/objects.h>
 #include <openssl/x509.h>
+#ifndef OPENSSL_NO_RSA
 #include <openssl/rsa.h>
+#endif
 
 static int init(EVP_MD_CTX *ctx)
 	{ return RIPEMD160_Init(ctx->md_data); }
diff --git a/crypto/evp/m_sha.c b/crypto/evp/m_sha.c
index 64b397fa03..acccc8f92d 100644
--- a/crypto/evp/m_sha.c
+++ b/crypto/evp/m_sha.c
@@ -59,12 +59,14 @@
 #include <stdio.h>
 #include "cryptlib.h"
 
-#ifndef OPENSSL_NO_SHA
+#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA0)
 
 #include <openssl/evp.h>
 #include <openssl/objects.h>
 #include <openssl/x509.h>
+#ifndef OPENSSL_NO_RSA
 #include <openssl/rsa.h>
+#endif
 
 static int init(EVP_MD_CTX *ctx)
 	{ return SHA_Init(ctx->md_data); }
diff --git a/crypto/evp/m_sha1.c b/crypto/evp/m_sha1.c
index daf6db6ebe..9a2790fdea 100644
--- a/crypto/evp/m_sha1.c
+++ b/crypto/evp/m_sha1.c
@@ -64,7 +64,9 @@
 #include <openssl/evp.h>
 #include <openssl/objects.h>
 #include <openssl/x509.h>
+#ifndef OPENSSL_NO_RSA
 #include <openssl/rsa.h>
+#endif
 
 static int init(EVP_MD_CTX *ctx)
 	{ return SHA1_Init(ctx->md_data); }
@@ -80,7 +82,7 @@ static const EVP_MD sha1_md=
 	NID_sha1,
 	NID_sha1WithRSAEncryption,
 	SHA_DIGEST_LENGTH,
-	0,
+	EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|EVP_MD_FLAG_DIGALGID_ABSENT,
 	init,
 	update,
 	final,
@@ -117,7 +119,7 @@ static const EVP_MD sha224_md=
 	NID_sha224,
 	NID_sha224WithRSAEncryption,
 	SHA224_DIGEST_LENGTH,
-	0,
+	EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|EVP_MD_FLAG_DIGALGID_ABSENT,
 	init224,
 	update256,
 	final256,
@@ -136,7 +138,7 @@ static const EVP_MD sha256_md=
 	NID_sha256,
 	NID_sha256WithRSAEncryption,
 	SHA256_DIGEST_LENGTH,
-	0,
+	EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|EVP_MD_FLAG_DIGALGID_ABSENT,
 	init256,
 	update256,
 	final256,
@@ -167,7 +169,7 @@ static const EVP_MD sha384_md=
 	NID_sha384,
 	NID_sha384WithRSAEncryption,
 	SHA384_DIGEST_LENGTH,
-	0,
+	EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|EVP_MD_FLAG_DIGALGID_ABSENT,
 	init384,
 	update512,
 	final512,
@@ -186,7 +188,7 @@ static const EVP_MD sha512_md=
 	NID_sha512,
 	NID_sha512WithRSAEncryption,
 	SHA512_DIGEST_LENGTH,
-	0,
+	EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|EVP_MD_FLAG_DIGALGID_ABSENT,
 	init512,
 	update512,
 	final512,
diff --git a/crypto/evp/m_sigver.c b/crypto/evp/m_sigver.c
new file mode 100644
index 0000000000..f0b7f95059
--- /dev/null
+++ b/crypto/evp/m_sigver.c
@@ -0,0 +1,200 @@
+/* m_sigver.c */
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project 2006.
+ */
+/* ====================================================================
+ * Copyright (c) 2006,2007 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/evp.h>
+#include <openssl/objects.h>
+#include <openssl/x509.h>
+#include "evp_locl.h"
+
+static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
+			  const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey,
+			  int ver)
+	{
+	if (ctx->pctx == NULL)
+		ctx->pctx = EVP_PKEY_CTX_new(pkey, e);
+	if (ctx->pctx == NULL)
+		return 0;
+
+	if (type == NULL)
+		{
+		int def_nid;
+		if (EVP_PKEY_get_default_digest_nid(pkey, &def_nid) > 0)
+			type = EVP_get_digestbynid(def_nid);
+		}
+
+	if (type == NULL)
+		{
+		EVPerr(EVP_F_DO_SIGVER_INIT, EVP_R_NO_DEFAULT_DIGEST);
+		return 0;
+		}
+
+	if (ver)
+		{
+		if (ctx->pctx->pmeth->verifyctx_init)
+			{
+			if (ctx->pctx->pmeth->verifyctx_init(ctx->pctx, ctx) <=0)
+				return 0;
+			ctx->pctx->operation = EVP_PKEY_OP_VERIFYCTX;
+			}
+		else if (EVP_PKEY_verify_init(ctx->pctx) <= 0)
+			return 0;
+		}
+	else
+		{
+		if (ctx->pctx->pmeth->signctx_init)
+			{
+			if (ctx->pctx->pmeth->signctx_init(ctx->pctx, ctx) <= 0)
+				return 0;
+			ctx->pctx->operation = EVP_PKEY_OP_SIGNCTX;
+			}
+		else if (EVP_PKEY_sign_init(ctx->pctx) <= 0)
+			return 0;
+		}
+	if (EVP_PKEY_CTX_set_signature_md(ctx->pctx, type) <= 0)
+		return 0;
+	if (pctx)
+		*pctx = ctx->pctx;
+	if (!EVP_DigestInit_ex(ctx, type, e))
+		return 0;
+	return 1;
+	}
+
+int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
+			const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey)
+	{
+	return do_sigver_init(ctx, pctx, type, e, pkey, 0);
+	}
+
+int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
+			const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey)
+	{
+	return do_sigver_init(ctx, pctx, type, e, pkey, 1);
+	}
+
+int EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, size_t *siglen)
+	{
+	int sctx, r = 0;
+	if (ctx->pctx->pmeth->signctx)
+		sctx = 1;
+	else
+		sctx = 0;
+	if (sigret)
+		{
+		MS_STATIC EVP_MD_CTX tmp_ctx;
+		unsigned char md[EVP_MAX_MD_SIZE];
+		unsigned int mdlen;
+		EVP_MD_CTX_init(&tmp_ctx);
+		if (!EVP_MD_CTX_copy_ex(&tmp_ctx,ctx))
+		     	return 0;
+		if (sctx)
+			r = tmp_ctx.pctx->pmeth->signctx(tmp_ctx.pctx,
+					sigret, siglen, &tmp_ctx);
+		else
+			r = EVP_DigestFinal_ex(&tmp_ctx,md,&mdlen);
+		EVP_MD_CTX_cleanup(&tmp_ctx);
+		if (sctx || !r)
+			return r;
+		if (EVP_PKEY_sign(ctx->pctx, sigret, siglen, md, mdlen) <= 0)
+			return 0;
+		}
+	else
+		{
+		if (sctx)
+			{
+			if (ctx->pctx->pmeth->signctx(ctx->pctx, sigret, siglen, ctx) <= 0)
+				return 0;
+			}
+		else
+			{
+			int s = EVP_MD_size(ctx->digest);
+			if (s < 0 || EVP_PKEY_sign(ctx->pctx, sigret, siglen, NULL, s) <= 0)
+				return 0;
+			}
+		}
+	return 1;
+	}
+
+int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, unsigned char *sig, size_t siglen)
+	{
+	MS_STATIC EVP_MD_CTX tmp_ctx;
+	unsigned char md[EVP_MAX_MD_SIZE];
+	int r;
+	unsigned int mdlen;
+	int vctx;
+
+	if (ctx->pctx->pmeth->verifyctx)
+		vctx = 1;
+	else
+		vctx = 0;
+	EVP_MD_CTX_init(&tmp_ctx);
+	if (!EVP_MD_CTX_copy_ex(&tmp_ctx,ctx))
+		return -1;	
+	if (vctx)
+		{
+		r = tmp_ctx.pctx->pmeth->verifyctx(tmp_ctx.pctx,
+					sig, siglen, &tmp_ctx);
+		}
+	else
+		r = EVP_DigestFinal_ex(&tmp_ctx,md,&mdlen);
+	EVP_MD_CTX_cleanup(&tmp_ctx);
+	if (vctx || !r)
+		return r;
+	return EVP_PKEY_verify(ctx->pctx, sig, siglen, md, mdlen);
+	}
diff --git a/crypto/evp/m_wp.c b/crypto/evp/m_wp.c
new file mode 100644
index 0000000000..1ce47c040b
--- /dev/null
+++ b/crypto/evp/m_wp.c
@@ -0,0 +1,42 @@
+/* crypto/evp/m_wp.c */
+
+#include <stdio.h>
+#include "cryptlib.h"
+
+#ifndef OPENSSL_NO_WHIRLPOOL
+
+#include <openssl/evp.h>
+#include <openssl/objects.h>
+#include <openssl/x509.h>
+#include <openssl/whrlpool.h>
+
+static int init(EVP_MD_CTX *ctx)
+	{ return WHIRLPOOL_Init(ctx->md_data); }
+
+static int update(EVP_MD_CTX *ctx,const void *data,size_t count)
+	{ return WHIRLPOOL_Update(ctx->md_data,data,count); }
+
+static int final(EVP_MD_CTX *ctx,unsigned char *md)
+	{ return WHIRLPOOL_Final(md,ctx->md_data); }
+
+static const EVP_MD whirlpool_md=
+	{
+	NID_whirlpool,
+	0,
+	WHIRLPOOL_DIGEST_LENGTH,
+	0,
+	init,
+	update,
+	final,
+	NULL,
+	NULL,
+	EVP_PKEY_NULL_method,
+	WHIRLPOOL_BBLOCK/8,
+	sizeof(EVP_MD *)+sizeof(WHIRLPOOL_CTX),
+	};
+
+const EVP_MD *EVP_whirlpool(void)
+	{
+	return(&whirlpool_md);
+	}
+#endif
diff --git a/crypto/evp/names.c b/crypto/evp/names.c
index eb9f4329cd..7e4d742a66 100644
--- a/crypto/evp/names.c
+++ b/crypto/evp/names.c
@@ -66,21 +66,24 @@ int EVP_add_cipher(const EVP_CIPHER *c)
 	{
 	int r;
 
-	r=OBJ_NAME_add(OBJ_nid2sn(c->nid),OBJ_NAME_TYPE_CIPHER_METH,(char *)c);
+	r=OBJ_NAME_add(OBJ_nid2sn(c->nid),OBJ_NAME_TYPE_CIPHER_METH,(const char *)c);
 	if (r == 0) return(0);
-	r=OBJ_NAME_add(OBJ_nid2ln(c->nid),OBJ_NAME_TYPE_CIPHER_METH,(char *)c);
+	check_defer(c->nid);
+	r=OBJ_NAME_add(OBJ_nid2ln(c->nid),OBJ_NAME_TYPE_CIPHER_METH,(const char *)c);
 	return(r);
 	}
 
+
 int EVP_add_digest(const EVP_MD *md)
 	{
 	int r;
 	const char *name;
 
 	name=OBJ_nid2sn(md->type);
-	r=OBJ_NAME_add(name,OBJ_NAME_TYPE_MD_METH,(char *)md);
+	r=OBJ_NAME_add(name,OBJ_NAME_TYPE_MD_METH,(const char *)md);
 	if (r == 0) return(0);
-	r=OBJ_NAME_add(OBJ_nid2ln(md->type),OBJ_NAME_TYPE_MD_METH,(char *)md);
+	check_defer(md->type);
+	r=OBJ_NAME_add(OBJ_nid2ln(md->type),OBJ_NAME_TYPE_MD_METH,(const char *)md);
 	if (r == 0) return(0);
 
 	if (md->type != md->pkey_type)
@@ -88,6 +91,7 @@ int EVP_add_digest(const EVP_MD *md)
 		r=OBJ_NAME_add(OBJ_nid2sn(md->pkey_type),
 			OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS,name);
 		if (r == 0) return(0);
+		check_defer(md->pkey_type);
 		r=OBJ_NAME_add(OBJ_nid2ln(md->pkey_type),
 			OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS,name);
 		}
@@ -120,4 +124,78 @@ void EVP_cleanup(void)
 	OBJ_NAME_cleanup(-1);
 
 	EVP_PBE_cleanup();
+	if (obj_cleanup_defer == 2)
+		{
+		obj_cleanup_defer = 0;
+		OBJ_cleanup();
+		}
+	OBJ_sigid_free();
+	}
+
+struct doall_cipher
+	{
+	void *arg;
+	void (*fn)(const EVP_CIPHER *ciph,
+			const char *from, const char *to, void *arg);
+	};
+
+static void do_all_cipher_fn(const OBJ_NAME *nm, void *arg)
+	{
+	struct doall_cipher *dc = arg;
+	if (nm->alias)
+		dc->fn(NULL, nm->name, nm->data, dc->arg);
+	else
+		dc->fn((const EVP_CIPHER *)nm->data, nm->name, NULL, dc->arg);
+	}
+
+void EVP_CIPHER_do_all(void (*fn)(const EVP_CIPHER *ciph,
+		const char *from, const char *to, void *x), void *arg)
+	{
+	struct doall_cipher dc;
+	dc.fn = fn;
+	dc.arg = arg;
+	OBJ_NAME_do_all(OBJ_NAME_TYPE_CIPHER_METH, do_all_cipher_fn, &dc);
+	}
+
+void EVP_CIPHER_do_all_sorted(void (*fn)(const EVP_CIPHER *ciph,
+		const char *from, const char *to, void *x), void *arg)
+	{
+	struct doall_cipher dc;
+	dc.fn = fn;
+	dc.arg = arg;
+	OBJ_NAME_do_all_sorted(OBJ_NAME_TYPE_CIPHER_METH, do_all_cipher_fn,&dc);
+	}
+
+struct doall_md
+	{
+	void *arg;
+	void (*fn)(const EVP_MD *ciph,
+			const char *from, const char *to, void *arg);
+	};
+
+static void do_all_md_fn(const OBJ_NAME *nm, void *arg)
+	{
+	struct doall_md *dc = arg;
+	if (nm->alias)
+		dc->fn(NULL, nm->name, nm->data, dc->arg);
+	else
+		dc->fn((const EVP_MD *)nm->data, nm->name, NULL, dc->arg);
+	}
+
+void EVP_MD_do_all(void (*fn)(const EVP_MD *md,
+		const char *from, const char *to, void *x), void *arg)
+	{
+	struct doall_md dc;
+	dc.fn = fn;
+	dc.arg = arg;
+	OBJ_NAME_do_all(OBJ_NAME_TYPE_MD_METH, do_all_md_fn, &dc);
+	}
+
+void EVP_MD_do_all_sorted(void (*fn)(const EVP_MD *md,
+		const char *from, const char *to, void *x), void *arg)
+	{
+	struct doall_md dc;
+	dc.fn = fn;
+	dc.arg = arg;
+	OBJ_NAME_do_all_sorted(OBJ_NAME_TYPE_MD_METH, do_all_md_fn, &dc);
 	}
diff --git a/crypto/evp/p5_crpt.c b/crypto/evp/p5_crpt.c
index c0dfb7de37..7d9c1f0123 100644
--- a/crypto/evp/p5_crpt.c
+++ b/crypto/evp/p5_crpt.c
@@ -1,5 +1,5 @@
 /* p5_crpt.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
 /* ====================================================================
@@ -62,42 +62,11 @@
 #include <openssl/x509.h>
 #include <openssl/evp.h>
 
-/* PKCS#5 v1.5 compatible PBE functions: see PKCS#5 v2.0 for more info.
+/* Doesn't do anything now: Builtin PBE algorithms in static table.
  */
 
 void PKCS5_PBE_add(void)
 {
-#ifndef OPENSSL_NO_DES
-#  ifndef OPENSSL_NO_MD5
-EVP_PBE_alg_add(NID_pbeWithMD5AndDES_CBC, EVP_des_cbc(), EVP_md5(),
-							 PKCS5_PBE_keyivgen);
-#  endif
-#  ifndef OPENSSL_NO_MD2
-EVP_PBE_alg_add(NID_pbeWithMD2AndDES_CBC, EVP_des_cbc(), EVP_md2(),
-							 PKCS5_PBE_keyivgen);
-#  endif
-#  ifndef OPENSSL_NO_SHA
-EVP_PBE_alg_add(NID_pbeWithSHA1AndDES_CBC, EVP_des_cbc(), EVP_sha1(),
-							 PKCS5_PBE_keyivgen);
-#  endif
-#endif
-#ifndef OPENSSL_NO_RC2
-#  ifndef OPENSSL_NO_MD5
-EVP_PBE_alg_add(NID_pbeWithMD5AndRC2_CBC, EVP_rc2_64_cbc(), EVP_md5(),
-							 PKCS5_PBE_keyivgen);
-#  endif
-#  ifndef OPENSSL_NO_MD2
-EVP_PBE_alg_add(NID_pbeWithMD2AndRC2_CBC, EVP_rc2_64_cbc(), EVP_md2(),
-							 PKCS5_PBE_keyivgen);
-#  endif
-#  ifndef OPENSSL_NO_SHA
-EVP_PBE_alg_add(NID_pbeWithSHA1AndRC2_CBC, EVP_rc2_64_cbc(), EVP_sha1(),
-							 PKCS5_PBE_keyivgen);
-#  endif
-#endif
-#ifndef OPENSSL_NO_HMAC
-EVP_PBE_alg_add(NID_pbes2, NULL, NULL, PKCS5_v2_PBE_keyivgen);
-#endif
 }
 
 int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen,
@@ -112,11 +81,19 @@ int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen,
 	int saltlen, iter;
 	unsigned char *salt;
 	const unsigned char *pbuf;
+	int mdsize;
+	int rv = 0;
+	EVP_MD_CTX_init(&ctx);
 
 	/* Extract useful info from parameter */
+	if (param == NULL || param->type != V_ASN1_SEQUENCE ||
+	    param->value.sequence == NULL) {
+		EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN,EVP_R_DECODE_ERROR);
+		return 0;
+	}
+
 	pbuf = param->value.sequence->data;
-	if (!param || (param->type != V_ASN1_SEQUENCE) ||
-	   !(pbe = d2i_PBEPARAM (NULL, &pbuf, param->value.sequence->length))) {
+	if (!(pbe = d2i_PBEPARAM(NULL, &pbuf, param->value.sequence->length))) {
 		EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN,EVP_R_DECODE_ERROR);
 		return 0;
 	}
@@ -129,26 +106,37 @@ int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen,
 	if(!pass) passlen = 0;
 	else if(passlen == -1) passlen = strlen(pass);
 
-	EVP_MD_CTX_init(&ctx);
-	EVP_DigestInit_ex(&ctx, md, NULL);
-	EVP_DigestUpdate(&ctx, pass, passlen);
-	EVP_DigestUpdate(&ctx, salt, saltlen);
+	if (!EVP_DigestInit_ex(&ctx, md, NULL))
+		goto err;
+	if (!EVP_DigestUpdate(&ctx, pass, passlen))
+		goto err;
+	if (!EVP_DigestUpdate(&ctx, salt, saltlen))
+		goto err;
 	PBEPARAM_free(pbe);
-	EVP_DigestFinal_ex(&ctx, md_tmp, NULL);
+	if (!EVP_DigestFinal_ex(&ctx, md_tmp, NULL))
+		goto err;
+	mdsize = EVP_MD_size(md);
+	if (mdsize < 0)
+	    return 0;
 	for (i = 1; i < iter; i++) {
-		EVP_DigestInit_ex(&ctx, md, NULL);
-		EVP_DigestUpdate(&ctx, md_tmp, EVP_MD_size(md));
-		EVP_DigestFinal_ex (&ctx, md_tmp, NULL);
+		if (!EVP_DigestInit_ex(&ctx, md, NULL))
+			goto err;
+		if (!EVP_DigestUpdate(&ctx, md_tmp, mdsize))
+			goto err;
+		if (!EVP_DigestFinal_ex (&ctx, md_tmp, NULL))
+			goto err;
 	}
-	EVP_MD_CTX_cleanup(&ctx);
 	OPENSSL_assert(EVP_CIPHER_key_length(cipher) <= (int)sizeof(md_tmp));
 	memcpy(key, md_tmp, EVP_CIPHER_key_length(cipher));
 	OPENSSL_assert(EVP_CIPHER_iv_length(cipher) <= 16);
 	memcpy(iv, md_tmp + (16 - EVP_CIPHER_iv_length(cipher)),
 						 EVP_CIPHER_iv_length(cipher));
-	EVP_CipherInit_ex(cctx, cipher, NULL, key, iv, en_de);
+	if (!EVP_CipherInit_ex(cctx, cipher, NULL, key, iv, en_de))
+		goto err;
 	OPENSSL_cleanse(md_tmp, EVP_MAX_MD_SIZE);
 	OPENSSL_cleanse(key, EVP_MAX_KEY_LENGTH);
 	OPENSSL_cleanse(iv, EVP_MAX_IV_LENGTH);
-	return 1;
+	rv = 1;
+	err:
+	return rv;
 }
diff --git a/crypto/evp/p5_crpt2.c b/crypto/evp/p5_crpt2.c
index f2e143d2a6..176e93eabc 100644
--- a/crypto/evp/p5_crpt2.c
+++ b/crypto/evp/p5_crpt2.c
@@ -1,9 +1,9 @@
 /* p5_crpt2.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
 /* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2006 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -62,6 +62,7 @@
 #include <openssl/x509.h>
 #include <openssl/evp.h>
 #include <openssl/hmac.h>
+#include "evp_locl.h"
 
 /* set this to print out info about the keygen algorithm */
 /* #define DEBUG_PKCS5V2 */
@@ -71,28 +72,38 @@
 #endif
 
 /* This is an implementation of PKCS#5 v2.0 password based encryption key
- * derivation function PBKDF2 using the only currently defined function HMAC
- * with SHA1. Verified against test vectors posted by Peter Gutmann
+ * derivation function PBKDF2.
+ * SHA1 version verified against test vectors posted by Peter Gutmann
  * <pgut001@cs.auckland.ac.nz> to the PKCS-TNG <pkcs-tng@rsa.com> mailing list.
  */
 
-int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen,
+int PKCS5_PBKDF2_HMAC(const char *pass, int passlen,
 			   const unsigned char *salt, int saltlen, int iter,
+			   const EVP_MD *digest,
 			   int keylen, unsigned char *out)
-{
-	unsigned char digtmp[SHA_DIGEST_LENGTH], *p, itmp[4];
-	int cplen, j, k, tkeylen;
+	{
+	unsigned char digtmp[EVP_MAX_MD_SIZE], *p, itmp[4];
+	int cplen, j, k, tkeylen, mdlen;
 	unsigned long i = 1;
 	HMAC_CTX hctx;
 
+	mdlen = EVP_MD_size(digest);
+	if (mdlen < 0)
+		return 0;
+
 	HMAC_CTX_init(&hctx);
 	p = out;
 	tkeylen = keylen;
-	if(!pass) passlen = 0;
-	else if(passlen == -1) passlen = strlen(pass);
-	while(tkeylen) {
-		if(tkeylen > SHA_DIGEST_LENGTH) cplen = SHA_DIGEST_LENGTH;
-		else cplen = tkeylen;
+	if(!pass)
+		passlen = 0;
+	else if(passlen == -1)
+		passlen = strlen(pass);
+	while(tkeylen)
+		{
+		if(tkeylen > mdlen)
+			cplen = mdlen;
+		else
+			cplen = tkeylen;
 		/* We are unlikely to ever use more than 256 blocks (5120 bits!)
 		 * but just in case...
 		 */
@@ -100,20 +111,26 @@ int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen,
 		itmp[1] = (unsigned char)((i >> 16) & 0xff);
 		itmp[2] = (unsigned char)((i >> 8) & 0xff);
 		itmp[3] = (unsigned char)(i & 0xff);
-		HMAC_Init_ex(&hctx, pass, passlen, EVP_sha1(), NULL);
-		HMAC_Update(&hctx, salt, saltlen);
-		HMAC_Update(&hctx, itmp, 4);
-		HMAC_Final(&hctx, digtmp, NULL);
+		if (!HMAC_Init_ex(&hctx, pass, passlen, digest, NULL)
+			|| !HMAC_Update(&hctx, salt, saltlen)
+			|| !HMAC_Update(&hctx, itmp, 4)
+			|| !HMAC_Final(&hctx, digtmp, NULL))
+			{
+			HMAC_CTX_cleanup(&hctx);
+			return 0;
+			}
 		memcpy(p, digtmp, cplen);
-		for(j = 1; j < iter; j++) {
-			HMAC(EVP_sha1(), pass, passlen,
-				 digtmp, SHA_DIGEST_LENGTH, digtmp, NULL);
-			for(k = 0; k < cplen; k++) p[k] ^= digtmp[k];
-		}
+		for(j = 1; j < iter; j++)
+			{
+			HMAC(digest, pass, passlen,
+				 digtmp, mdlen, digtmp, NULL);
+			for(k = 0; k < cplen; k++)
+				p[k] ^= digtmp[k];
+			}
 		tkeylen-= cplen;
 		i++;
 		p+= cplen;
-	}
+		}
 	HMAC_CTX_cleanup(&hctx);
 #ifdef DEBUG_PKCS5V2
 	fprintf(stderr, "Password:\n");
@@ -125,7 +142,15 @@ int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen,
 	h__dump (out, keylen);
 #endif
 	return 1;
-}
+	}
+
+int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen,
+			   const unsigned char *salt, int saltlen, int iter,
+			   int keylen, unsigned char *out)
+	{
+	return PKCS5_PBKDF2_HMAC(pass, passlen, salt, saltlen, iter, EVP_sha1(),
+					keylen, out);
+	}
 
 #ifdef DO_TEST
 main()
@@ -148,20 +173,24 @@ int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
                          ASN1_TYPE *param, const EVP_CIPHER *c, const EVP_MD *md,
                          int en_de)
 {
-	unsigned char *salt, key[EVP_MAX_KEY_LENGTH];
 	const unsigned char *pbuf;
-	int saltlen, iter, plen;
-	unsigned int keylen;
+	int plen;
 	PBE2PARAM *pbe2 = NULL;
 	const EVP_CIPHER *cipher;
-	PBKDF2PARAM *kdf = NULL;
+
+	int rv = 0;
+
+	if (param == NULL || param->type != V_ASN1_SEQUENCE ||
+	    param->value.sequence == NULL) {
+		EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,EVP_R_DECODE_ERROR);
+		goto err;
+	}
 
 	pbuf = param->value.sequence->data;
 	plen = param->value.sequence->length;
-	if(!param || (param->type != V_ASN1_SEQUENCE) ||
-				   !(pbe2 = d2i_PBE2PARAM(NULL, &pbuf, plen))) {
+	if(!(pbe2 = d2i_PBE2PARAM(NULL, &pbuf, plen))) {
 		EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,EVP_R_DECODE_ERROR);
-		return 0;
+		goto err;
 	}
 
 	/* See if we recognise the key derivation function */
@@ -175,8 +204,7 @@ int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
 	/* lets see if we recognise the encryption algorithm.
 	 */
 
-	cipher = EVP_get_cipherbyname(
-			OBJ_nid2sn(OBJ_obj2nid(pbe2->encryption->algorithm)));
+	cipher = EVP_get_cipherbyobj(pbe2->encryption->algorithm);
 
 	if(!cipher) {
 		EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,
@@ -185,44 +213,87 @@ int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
 	}
 
 	/* Fixup cipher based on AlgorithmIdentifier */
-	EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, en_de);
+	if (!EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, en_de))
+		goto err;
 	if(EVP_CIPHER_asn1_to_param(ctx, pbe2->encryption->parameter) < 0) {
 		EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,
 					EVP_R_CIPHER_PARAMETER_ERROR);
 		goto err;
 	}
+	rv = PKCS5_v2_PBKDF2_keyivgen(ctx, pass, passlen,
+					pbe2->keyfunc->parameter, c, md, en_de);
+	err:
+	PBE2PARAM_free(pbe2);
+	return rv;
+}
+
+int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
+                         ASN1_TYPE *param,
+			 const EVP_CIPHER *c, const EVP_MD *md, int en_de)
+{
+	unsigned char *salt, key[EVP_MAX_KEY_LENGTH];
+	const unsigned char *pbuf;
+	int saltlen, iter, plen;
+	int rv = 0;
+	unsigned int keylen;
+	int prf_nid, hmac_md_nid;
+	PBKDF2PARAM *kdf = NULL;
+	const EVP_MD *prfmd;
+
+	if (EVP_CIPHER_CTX_cipher(ctx) == NULL)
+		{
+		EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN,EVP_R_NO_CIPHER_SET);
+		goto err;
+		}
 	keylen = EVP_CIPHER_CTX_key_length(ctx);
 	OPENSSL_assert(keylen <= sizeof key);
 
-	/* Now decode key derivation function */
+	/* Decode parameter */
 
-	pbuf = pbe2->keyfunc->parameter->value.sequence->data;
-	plen = pbe2->keyfunc->parameter->value.sequence->length;
-	if(!pbe2->keyfunc->parameter ||
-		 (pbe2->keyfunc->parameter->type != V_ASN1_SEQUENCE) ||
-				!(kdf = d2i_PBKDF2PARAM(NULL, &pbuf, plen)) ) {
-		EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,EVP_R_DECODE_ERROR);
+	if(!param || (param->type != V_ASN1_SEQUENCE))
+		{
+		EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN,EVP_R_DECODE_ERROR);
+		goto err;
+		}
+
+	pbuf = param->value.sequence->data;
+	plen = param->value.sequence->length;
+
+	if(!(kdf = d2i_PBKDF2PARAM(NULL, &pbuf, plen)) ) {
+		EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN,EVP_R_DECODE_ERROR);
 		goto err;
 	}
 
-	PBE2PARAM_free(pbe2);
-	pbe2 = NULL;
+	keylen = EVP_CIPHER_CTX_key_length(ctx);
 
 	/* Now check the parameters of the kdf */
 
 	if(kdf->keylength && (ASN1_INTEGER_get(kdf->keylength) != (int)keylen)){
-		EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,
+		EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN,
 						EVP_R_UNSUPPORTED_KEYLENGTH);
 		goto err;
 	}
 
-	if(kdf->prf && (OBJ_obj2nid(kdf->prf->algorithm) != NID_hmacWithSHA1)) {
-		EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, EVP_R_UNSUPPORTED_PRF);
+	if (kdf->prf)
+		prf_nid = OBJ_obj2nid(kdf->prf->algorithm);
+	else
+		prf_nid = NID_hmacWithSHA1;
+
+	if (!EVP_PBE_find(EVP_PBE_TYPE_PRF, prf_nid, NULL, &hmac_md_nid, 0))
+		{
+		EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_UNSUPPORTED_PRF);
 		goto err;
-	}
+		}
+
+	prfmd = EVP_get_digestbynid(hmac_md_nid);
+	if (prfmd == NULL)
+		{
+		EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_UNSUPPORTED_PRF);
+		goto err;
+		}
 
 	if(kdf->salt->type != V_ASN1_OCTET_STRING) {
-		EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,
+		EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN,
 						EVP_R_UNSUPPORTED_SALT_TYPE);
 		goto err;
 	}
@@ -231,16 +302,14 @@ int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
 	salt = kdf->salt->value.octet_string->data;
 	saltlen = kdf->salt->value.octet_string->length;
 	iter = ASN1_INTEGER_get(kdf->iter);
-	PKCS5_PBKDF2_HMAC_SHA1(pass, passlen, salt, saltlen, iter, keylen, key);
-	EVP_CipherInit_ex(ctx, NULL, NULL, key, NULL, en_de);
-	OPENSSL_cleanse(key, keylen);
-	PBKDF2PARAM_free(kdf);
-	return 1;
-
+	if(!PKCS5_PBKDF2_HMAC(pass, passlen, salt, saltlen, iter, prfmd,
+						   keylen, key))
+		goto err;
+	rv = EVP_CipherInit_ex(ctx, NULL, NULL, key, NULL, en_de);
 	err:
-	PBE2PARAM_free(pbe2);
+	OPENSSL_cleanse(key, keylen);
 	PBKDF2PARAM_free(kdf);
-	return 0;
+	return rv;
 }
 
 #ifdef DEBUG_PKCS5V2
diff --git a/crypto/evp/p_dec.c b/crypto/evp/p_dec.c
index f64901f653..4201dcbad9 100644
--- a/crypto/evp/p_dec.c
+++ b/crypto/evp/p_dec.c
@@ -66,7 +66,7 @@
 #include <openssl/objects.h>
 #include <openssl/x509.h>
 
-int EVP_PKEY_decrypt(unsigned char *key, const unsigned char *ek, int ekl,
+int EVP_PKEY_decrypt_old(unsigned char *key, const unsigned char *ek, int ekl,
 	     EVP_PKEY *priv)
 	{
 	int ret= -1;
@@ -75,7 +75,7 @@ int EVP_PKEY_decrypt(unsigned char *key, const unsigned char *ek, int ekl,
 	if (priv->type != EVP_PKEY_RSA)
 		{
 #endif
-		EVPerr(EVP_F_EVP_PKEY_DECRYPT,EVP_R_PUBLIC_KEY_NOT_RSA);
+		EVPerr(EVP_F_EVP_PKEY_DECRYPT_OLD,EVP_R_PUBLIC_KEY_NOT_RSA);
 #ifndef OPENSSL_NO_RSA
 		goto err;
                 }
diff --git a/crypto/evp/p_enc.c b/crypto/evp/p_enc.c
index c2dfdc52ad..b5a3a84c41 100644
--- a/crypto/evp/p_enc.c
+++ b/crypto/evp/p_enc.c
@@ -66,7 +66,7 @@
 #include <openssl/objects.h>
 #include <openssl/x509.h>
 
-int EVP_PKEY_encrypt(unsigned char *ek, const unsigned char *key, int key_len,
+int EVP_PKEY_encrypt_old(unsigned char *ek, const unsigned char *key, int key_len,
 	     EVP_PKEY *pubk)
 	{
 	int ret=0;
@@ -75,7 +75,7 @@ int EVP_PKEY_encrypt(unsigned char *ek, const unsigned char *key, int key_len,
 	if (pubk->type != EVP_PKEY_RSA)
 		{
 #endif
-		EVPerr(EVP_F_EVP_PKEY_ENCRYPT,EVP_R_PUBLIC_KEY_NOT_RSA);
+		EVPerr(EVP_F_EVP_PKEY_ENCRYPT_OLD,EVP_R_PUBLIC_KEY_NOT_RSA);
 #ifndef OPENSSL_NO_RSA
 		goto err;
 		}
diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c
index 934f8ff8be..1916c61699 100644
--- a/crypto/evp/p_lib.c
+++ b/crypto/evp/p_lib.c
@@ -64,68 +64,36 @@
 #include <openssl/evp.h>
 #include <openssl/asn1_mac.h>
 #include <openssl/x509.h>
+#ifndef OPENSSL_NO_RSA
 #include <openssl/rsa.h>
+#endif
+#ifndef OPENSSL_NO_DSA
 #include <openssl/dsa.h>
+#endif
+#ifndef OPENSSL_NO_DH
 #include <openssl/dh.h>
+#endif
+
+#ifndef OPENSSL_NO_ENGINE
+#include <openssl/engine.h>
+#endif
+
+#include "asn1_locl.h"
 
 static void EVP_PKEY_free_it(EVP_PKEY *x);
 
 int EVP_PKEY_bits(EVP_PKEY *pkey)
 	{
-	if (0)
-		return 0;
-#ifndef OPENSSL_NO_RSA
-	else if (pkey->type == EVP_PKEY_RSA)
-		return(BN_num_bits(pkey->pkey.rsa->n));
-#endif
-#ifndef OPENSSL_NO_DSA
-	else if (pkey->type == EVP_PKEY_DSA)
-		return(BN_num_bits(pkey->pkey.dsa->p));
-#endif
-#ifndef OPENSSL_NO_EC
-	else if (pkey->type == EVP_PKEY_EC)
-		{
-		BIGNUM *order = BN_new();
-		int ret;
-
-		if (!order)
-			{
-			ERR_clear_error();
-			return 0;
-			}
-		if (!EC_GROUP_get_order(pkey->pkey.eckey->group, order, NULL))
-			{
-			ERR_clear_error();
-			return 0;
-			}
-
-		ret = BN_num_bits(order);
-		BN_free(order);
-		return ret;
-		}
-#endif
-	return(0);
+	if (pkey && pkey->ameth && pkey->ameth->pkey_bits)
+		return pkey->ameth->pkey_bits(pkey);
+	return 0;
 	}
 
 int EVP_PKEY_size(EVP_PKEY *pkey)
 	{
-	if (pkey == NULL)
-		return(0);
-#ifndef OPENSSL_NO_RSA
-	if (pkey->type == EVP_PKEY_RSA)
-		return(RSA_size(pkey->pkey.rsa));
-	else
-#endif
-#ifndef OPENSSL_NO_DSA
-		if (pkey->type == EVP_PKEY_DSA)
-		return(DSA_size(pkey->pkey.dsa));
-#endif
-#ifndef OPENSSL_NO_ECDSA
-		if (pkey->type == EVP_PKEY_EC)
-		return(ECDSA_size(pkey->pkey.eckey));
-#endif
-
-	return(0);
+	if (pkey && pkey->ameth && pkey->ameth->pkey_size)
+		return pkey->ameth->pkey_size(pkey);
+	return 0;
 	}
 
 int EVP_PKEY_save_parameters(EVP_PKEY *pkey, int mode)
@@ -166,87 +134,26 @@ int EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from)
 		EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS,EVP_R_MISSING_PARAMETERS);
 		goto err;
 		}
-#ifndef OPENSSL_NO_DSA
-	if (to->type == EVP_PKEY_DSA)
-		{
-		BIGNUM *a;
-
-		if ((a=BN_dup(from->pkey.dsa->p)) == NULL) goto err;
-		if (to->pkey.dsa->p != NULL) BN_free(to->pkey.dsa->p);
-		to->pkey.dsa->p=a;
-
-		if ((a=BN_dup(from->pkey.dsa->q)) == NULL) goto err;
-		if (to->pkey.dsa->q != NULL) BN_free(to->pkey.dsa->q);
-		to->pkey.dsa->q=a;
-
-		if ((a=BN_dup(from->pkey.dsa->g)) == NULL) goto err;
-		if (to->pkey.dsa->g != NULL) BN_free(to->pkey.dsa->g);
-		to->pkey.dsa->g=a;
-		}
-#endif
-#ifndef OPENSSL_NO_EC
-	if (to->type == EVP_PKEY_EC)
-		{
-		if (to->pkey.eckey->group != NULL)
-			EC_GROUP_free(to->pkey.eckey->group);
-		if ((to->pkey.eckey->group = EC_GROUP_new(
-			EC_GROUP_method_of(from->pkey.eckey->group))) == NULL) 
-			goto err;
-		if (!EC_GROUP_copy(to->pkey.eckey->group,
-			from->pkey.eckey->group)) goto err;
-		}
-#endif
-	return(1);
+	if (from->ameth && from->ameth->param_copy)
+		return from->ameth->param_copy(to, from);
 err:
-	return(0);
+	return 0;
 	}
 
 int EVP_PKEY_missing_parameters(const EVP_PKEY *pkey)
 	{
-#ifndef OPENSSL_NO_DSA
-	if (pkey->type == EVP_PKEY_DSA)
-		{
-		DSA *dsa;
-
-		dsa=pkey->pkey.dsa;
-		if ((dsa->p == NULL) || (dsa->q == NULL) || (dsa->g == NULL))
-			return(1);
-		}
-#endif
-#ifndef OPENSSL_NO_EC
-	if (pkey->type == EVP_PKEY_EC)
-		{
-		if (pkey->pkey.eckey->group == NULL)
-			return(1);
-		}
-#endif
-
-	return(0);
+	if (pkey->ameth && pkey->ameth->param_missing)
+		return pkey->ameth->param_missing(pkey);
+	return 0;
 	}
 
 int EVP_PKEY_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b)
 	{
-#ifndef OPENSSL_NO_DSA
-	if ((a->type == EVP_PKEY_DSA) && (b->type == EVP_PKEY_DSA))
-		{
-		if (	BN_cmp(a->pkey.dsa->p,b->pkey.dsa->p) ||
-			BN_cmp(a->pkey.dsa->q,b->pkey.dsa->q) ||
-			BN_cmp(a->pkey.dsa->g,b->pkey.dsa->g))
-			return(0);
-		else
-			return(1);
-		}
-#endif
-#ifndef OPENSSL_NO_EC
-	if (a->type == EVP_PKEY_EC && b->type == EVP_PKEY_EC)
-		{
-		if (EC_GROUP_cmp(a->pkey.eckey->group, b->pkey.eckey->group, NULL))
-			return 0;
-		else
-			return 1;
-		}
-#endif
-	return(-1);
+	if (a->type != b->type)
+		return -1;
+	if (a->ameth && a->ameth->param_cmp)
+		return a->ameth->param_cmp(a, b);
+	return -2;
 	}
 
 int EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
@@ -254,48 +161,22 @@ int EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
 	if (a->type != b->type)
 		return -1;
 
-	if (EVP_PKEY_cmp_parameters(a, b) == 0)
-		return 0;
-
-	switch (a->type)
-		{
-#ifndef OPENSSL_NO_RSA
-	case EVP_PKEY_RSA:
-		if (BN_cmp(b->pkey.rsa->n,a->pkey.rsa->n) != 0
-			|| BN_cmp(b->pkey.rsa->e,a->pkey.rsa->e) != 0)
-			return 0;
-		break;
-#endif
-#ifndef OPENSSL_NO_DSA
-	case EVP_PKEY_DSA:
-		if (BN_cmp(b->pkey.dsa->pub_key,a->pkey.dsa->pub_key) != 0)
-			return 0;
-		break;
-#endif
-#ifndef OPENSSL_NO_EC
-	case EVP_PKEY_EC:
+	if (a->ameth)
 		{
-		int  r = EC_POINT_cmp(b->pkey.eckey->group, 
-			b->pkey.eckey->pub_key,a->pkey.eckey->pub_key,NULL);
-		if (r != 0)
+		int ret;
+		/* Compare parameters if the algorithm has them */
+		if (a->ameth->param_cmp)
 			{
-			if (r == 1)
-				return 0;
-			else
-				return -2;
+			ret = a->ameth->param_cmp(a, b);
+			if (ret <= 0)
+				return ret;
 			}
-		}
- 		break;
-#endif
-#ifndef OPENSSL_NO_DH
-	case EVP_PKEY_DH:
-		return -2;
-#endif
-	default:
-		return -2;
+
+		if (a->ameth->pub_cmp)
+			return a->ameth->pub_cmp(a, b);
 		}
 
-	return 1;
+	return -2;
 	}
 
 EVP_PKEY *EVP_PKEY_new(void)
@@ -309,22 +190,87 @@ EVP_PKEY *EVP_PKEY_new(void)
 		return(NULL);
 		}
 	ret->type=EVP_PKEY_NONE;
+	ret->save_type=EVP_PKEY_NONE;
 	ret->references=1;
+	ret->ameth=NULL;
+	ret->engine=NULL;
 	ret->pkey.ptr=NULL;
 	ret->attributes=NULL;
 	ret->save_parameters=1;
 	return(ret);
 	}
 
-int EVP_PKEY_assign(EVP_PKEY *pkey, int type, char *key)
+/* Setup a public key ASN1 method and ENGINE from a NID or a string.
+ * If pkey is NULL just return 1 or 0 if the algorithm exists.
+ */
+
+static int pkey_set_type(EVP_PKEY *pkey, int type, const char *str, int len)
 	{
-	if (pkey == NULL) return(0);
-	if (pkey->pkey.ptr != NULL)
-		EVP_PKEY_free_it(pkey);
-	pkey->type=EVP_PKEY_type(type);
-	pkey->save_type=type;
+	const EVP_PKEY_ASN1_METHOD *ameth;
+	ENGINE *e = NULL;
+	if (pkey)
+		{
+		if (pkey->pkey.ptr)
+			EVP_PKEY_free_it(pkey);
+		/* If key type matches and a method exists then this
+		 * lookup has succeeded once so just indicate success.
+		 */
+		if ((type == pkey->save_type) && pkey->ameth)
+			return 1;
+#ifndef OPENSSL_NO_ENGINE
+		/* If we have an ENGINE release it */
+		if (pkey->engine)
+			{
+			ENGINE_finish(pkey->engine);
+			pkey->engine = NULL;
+			}
+#endif
+		}
+	if (str)
+		ameth = EVP_PKEY_asn1_find_str(&e, str, len);
+	else
+		ameth = EVP_PKEY_asn1_find(&e, type);
+#ifndef OPENSSL_NO_ENGINE
+	if (!pkey && e)
+		ENGINE_finish(e);
+#endif
+	if (!ameth)
+		{
+		EVPerr(EVP_F_PKEY_SET_TYPE, EVP_R_UNSUPPORTED_ALGORITHM);
+		return 0;
+		}
+	if (pkey)
+		{
+		pkey->ameth = ameth;
+		pkey->engine = e;
+
+		pkey->type = pkey->ameth->pkey_id;
+		pkey->save_type=type;
+		}
+	return 1;
+	}
+
+int EVP_PKEY_set_type(EVP_PKEY *pkey, int type)
+	{
+	return pkey_set_type(pkey, type, NULL, -1);
+	}
+
+int EVP_PKEY_set_type_str(EVP_PKEY *pkey, const char *str, int len)
+	{
+	return pkey_set_type(pkey, EVP_PKEY_NONE, str, len);
+	}
+
+int EVP_PKEY_assign(EVP_PKEY *pkey, int type, void *key)
+	{
+	if (!EVP_PKEY_set_type(pkey, type))
+		return 0;
 	pkey->pkey.ptr=key;
-	return(key != NULL);
+	return (key != NULL);
+	}
+
+void *EVP_PKEY_get0(EVP_PKEY *pkey)
+	{
+	return pkey->pkey.ptr;
 	}
 
 #ifndef OPENSSL_NO_RSA
@@ -372,8 +318,9 @@ DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey)
 int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key)
 {
 	int ret = EVP_PKEY_assign_EC_KEY(pkey,key);
-	if (ret) CRYPTO_add(&key->references, 1, CRYPTO_LOCK_EC);
-		return ret;
+	if (ret)
+		EC_KEY_up_ref(key);
+	return ret;
 }
 
 EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey)
@@ -383,8 +330,8 @@ EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey)
 		EVPerr(EVP_F_EVP_PKEY_GET1_EC_KEY, EVP_R_EXPECTING_A_EC_KEY);
 		return NULL;
 	}
-	CRYPTO_add(&pkey->pkey.eckey->references, 1, CRYPTO_LOCK_EC);
-	return pkey->pkey.eckey;
+	EC_KEY_up_ref(pkey->pkey.ec);
+	return pkey->pkey.ec;
 }
 #endif
 
@@ -412,24 +359,29 @@ DH *EVP_PKEY_get1_DH(EVP_PKEY *pkey)
 
 int EVP_PKEY_type(int type)
 	{
-	switch (type)
-		{
-	case EVP_PKEY_RSA:
-	case EVP_PKEY_RSA2:
-		return(EVP_PKEY_RSA);
-	case EVP_PKEY_DSA:
-	case EVP_PKEY_DSA1:
-	case EVP_PKEY_DSA2:
-	case EVP_PKEY_DSA3:
-	case EVP_PKEY_DSA4:
-		return(EVP_PKEY_DSA);
-	case EVP_PKEY_DH:
-		return(EVP_PKEY_DH);
-	case EVP_PKEY_EC:
-		return(EVP_PKEY_EC);
-	default:
-		return(NID_undef);
-		}
+	int ret;
+	const EVP_PKEY_ASN1_METHOD *ameth;
+	ENGINE *e;
+	ameth = EVP_PKEY_asn1_find(&e, type);
+	if (ameth)
+		ret = ameth->pkey_id;
+	else
+		ret = NID_undef;
+#ifndef OPENSSL_NO_ENGINE
+	if (e)
+		ENGINE_finish(e);
+#endif
+	return ret;
+	}
+
+int EVP_PKEY_id(const EVP_PKEY *pkey)
+	{
+	return pkey->type;
+	}
+
+int EVP_PKEY_base_id(const EVP_PKEY *pkey)
+	{
+	return EVP_PKEY_type(pkey->type);
 	}
 
 void EVP_PKEY_free(EVP_PKEY *x)
@@ -451,37 +403,64 @@ void EVP_PKEY_free(EVP_PKEY *x)
 		}
 #endif
 	EVP_PKEY_free_it(x);
+	if (x->attributes)
+		sk_X509_ATTRIBUTE_pop_free(x->attributes, X509_ATTRIBUTE_free);
 	OPENSSL_free(x);
 	}
 
 static void EVP_PKEY_free_it(EVP_PKEY *x)
 	{
-	switch (x->type)
+	if (x->ameth && x->ameth->pkey_free)
+		x->ameth->pkey_free(x);
+#ifndef OPENSSL_NO_ENGINE
+	if (x->engine)
 		{
-#ifndef OPENSSL_NO_RSA
-	case EVP_PKEY_RSA:
-	case EVP_PKEY_RSA2:
-		RSA_free(x->pkey.rsa);
-		break;
-#endif
-#ifndef OPENSSL_NO_DSA
-	case EVP_PKEY_DSA:
-	case EVP_PKEY_DSA2:
-	case EVP_PKEY_DSA3:
-	case EVP_PKEY_DSA4:
-		DSA_free(x->pkey.dsa);
-		break;
-#endif
-#ifndef OPENSSL_NO_EC
-	case EVP_PKEY_EC:
-		EC_KEY_free(x->pkey.eckey);
-		break;
-#endif
-#ifndef OPENSSL_NO_DH
-	case EVP_PKEY_DH:
-		DH_free(x->pkey.dh);
-		break;
-#endif
+		ENGINE_finish(x->engine);
+		x->engine = NULL;
 		}
+#endif
+	}
+
+static int unsup_alg(BIO *out, const EVP_PKEY *pkey, int indent,
+				const char *kstr)
+	{
+	BIO_indent(out, indent, 128);
+	BIO_printf(out, "%s algorithm \"%s\" unsupported\n",
+						kstr, OBJ_nid2ln(pkey->type));
+	return 1;
+	}
+
+int EVP_PKEY_print_public(BIO *out, const EVP_PKEY *pkey,
+				int indent, ASN1_PCTX *pctx)
+	{
+	if (pkey->ameth && pkey->ameth->pub_print)
+		return pkey->ameth->pub_print(out, pkey, indent, pctx);
+	
+	return unsup_alg(out, pkey, indent, "Public Key");
+	}
+
+int EVP_PKEY_print_private(BIO *out, const EVP_PKEY *pkey,
+				int indent, ASN1_PCTX *pctx)
+	{
+	if (pkey->ameth && pkey->ameth->priv_print)
+		return pkey->ameth->priv_print(out, pkey, indent, pctx);
+	
+	return unsup_alg(out, pkey, indent, "Private Key");
+	}
+
+int EVP_PKEY_print_params(BIO *out, const EVP_PKEY *pkey,
+				int indent, ASN1_PCTX *pctx)
+	{
+	if (pkey->ameth && pkey->ameth->param_print)
+		return pkey->ameth->param_print(out, pkey, indent, pctx);
+	return unsup_alg(out, pkey, indent, "Parameters");
+	}
+
+int EVP_PKEY_get_default_digest_nid(EVP_PKEY *pkey, int *pnid)
+	{
+	if (!pkey->ameth || !pkey->ameth->pkey_ctrl)
+		return -2;
+	return pkey->ameth->pkey_ctrl(pkey, ASN1_PKEY_CTRL_DEFAULT_MD_NID,
+						0, pnid);
 	}
 
diff --git a/crypto/evp/p_open.c b/crypto/evp/p_open.c
index 9935206d0f..c748fbea87 100644
--- a/crypto/evp/p_open.c
+++ b/crypto/evp/p_open.c
@@ -95,7 +95,7 @@ int EVP_OpenInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
 		goto err;
 		}
 
-	i=EVP_PKEY_decrypt(key,ek,ekl,priv);
+	i=EVP_PKEY_decrypt_old(key,ek,ekl,priv);
 	if ((i <= 0) || !EVP_CIPHER_CTX_set_key_length(ctx, i))
 		{
 		/* ERROR */
@@ -115,7 +115,8 @@ int EVP_OpenFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
 	int i;
 
 	i=EVP_DecryptFinal_ex(ctx,out,outl);
-	EVP_DecryptInit_ex(ctx,NULL,NULL,NULL,NULL);
+	if (i)
+		i = EVP_DecryptInit_ex(ctx,NULL,NULL,NULL,NULL);
 	return(i);
 	}
 #else /* !OPENSSL_NO_RSA */
diff --git a/crypto/evp/p_seal.c b/crypto/evp/p_seal.c
index 8cc8fcb0bd..e5919b0fbf 100644
--- a/crypto/evp/p_seal.c
+++ b/crypto/evp/p_seal.c
@@ -87,7 +87,7 @@ int EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, unsigned char **ek
 
 	for (i=0; i<npubk; i++)
 		{
-		ekl[i]=EVP_PKEY_encrypt(ek[i],key,EVP_CIPHER_CTX_key_length(ctx),
+		ekl[i]=EVP_PKEY_encrypt_old(ek[i],key,EVP_CIPHER_CTX_key_length(ctx),
 			pubk[i]);
 		if (ekl[i] <= 0) return(-1);
 		}
@@ -110,6 +110,7 @@ int EVP_SealFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
 	{
 	int i;
 	i = EVP_EncryptFinal_ex(ctx,out,outl);
-	EVP_EncryptInit_ex(ctx,NULL,NULL,NULL,NULL);
+	if (i) 
+		i = EVP_EncryptInit_ex(ctx,NULL,NULL,NULL,NULL);
 	return i;
 	}
diff --git a/crypto/evp/p_sign.c b/crypto/evp/p_sign.c
index e4ae5906f5..65bb474213 100644
--- a/crypto/evp/p_sign.c
+++ b/crypto/evp/p_sign.c
@@ -85,9 +85,33 @@ int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, unsigned int *siglen,
 
 	*siglen=0;
 	EVP_MD_CTX_init(&tmp_ctx);
-	EVP_MD_CTX_copy_ex(&tmp_ctx,ctx);   
-	EVP_DigestFinal_ex(&tmp_ctx,&(m[0]),&m_len);
+	if (!EVP_MD_CTX_copy_ex(&tmp_ctx,ctx))
+		goto err;  
+	if (!EVP_DigestFinal_ex(&tmp_ctx,&(m[0]),&m_len))
+		goto err;
 	EVP_MD_CTX_cleanup(&tmp_ctx);
+
+	if (ctx->digest->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE)
+		{
+		EVP_PKEY_CTX *pkctx = NULL;
+		size_t sltmp = (size_t)EVP_PKEY_size(pkey);
+		i = 0;
+		pkctx = EVP_PKEY_CTX_new(pkey, NULL);
+		if (!pkctx)
+			goto err;
+		if (EVP_PKEY_sign_init(pkctx) <= 0)
+			goto err;
+		if (EVP_PKEY_CTX_set_signature_md(pkctx, ctx->digest) <= 0)
+			goto err;
+		if (EVP_PKEY_sign(pkctx, sigret, &sltmp, m, m_len) <= 0)
+			goto err;
+		*siglen = sltmp;
+		i = 1;
+		err:
+		EVP_PKEY_CTX_free(pkctx);
+		return i;
+		}
+
 	for (i=0; i<4; i++)
 		{
 		v=ctx->digest->required_pkey_type[i];
@@ -103,6 +127,7 @@ int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, unsigned int *siglen,
 		EVPerr(EVP_F_EVP_SIGNFINAL,EVP_R_WRONG_PUBLIC_KEY_TYPE);
 		return(0);
 		}
+
 	if (ctx->digest->sign == NULL)
 		{
 		EVPerr(EVP_F_EVP_SIGNFINAL,EVP_R_NO_SIGN_FUNCTION_CONFIGURED);
diff --git a/crypto/evp/p_verify.c b/crypto/evp/p_verify.c
index 21a40a375e..6e2e70b382 100644
--- a/crypto/evp/p_verify.c
+++ b/crypto/evp/p_verify.c
@@ -70,6 +70,30 @@ int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf,
 	int i,ok=0,v;
 	MS_STATIC EVP_MD_CTX tmp_ctx;
 
+	EVP_MD_CTX_init(&tmp_ctx);
+	if (!EVP_MD_CTX_copy_ex(&tmp_ctx,ctx))
+		goto err;    
+	if (!EVP_DigestFinal_ex(&tmp_ctx,&(m[0]),&m_len))
+		goto err;
+	EVP_MD_CTX_cleanup(&tmp_ctx);
+
+	if (ctx->digest->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE)
+		{
+		EVP_PKEY_CTX *pkctx = NULL;
+		i = -1;
+		pkctx = EVP_PKEY_CTX_new(pkey, NULL);
+		if (!pkctx)
+			goto err;
+		if (EVP_PKEY_verify_init(pkctx) <= 0)
+			goto err;
+		if (EVP_PKEY_CTX_set_signature_md(pkctx, ctx->digest) <= 0)
+			goto err;
+		i = EVP_PKEY_verify(pkctx, sigbuf, siglen, m, m_len);
+		err:
+		EVP_PKEY_CTX_free(pkctx);
+		return i;
+		}
+
 	for (i=0; i<4; i++)
 		{
 		v=ctx->digest->required_pkey_type[i];
@@ -85,10 +109,6 @@ int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf,
 		EVPerr(EVP_F_EVP_VERIFYFINAL,EVP_R_WRONG_PUBLIC_KEY_TYPE);
 		return(-1);
 		}
-	EVP_MD_CTX_init(&tmp_ctx);
-	EVP_MD_CTX_copy_ex(&tmp_ctx,ctx);     
-	EVP_DigestFinal_ex(&tmp_ctx,&(m[0]),&m_len);
-	EVP_MD_CTX_cleanup(&tmp_ctx);
         if (ctx->digest->verify == NULL)
                 {
 		EVPerr(EVP_F_EVP_VERIFYFINAL,EVP_R_NO_VERIFY_FUNCTION_CONFIGURED);
diff --git a/crypto/evp/pmeth_fn.c b/crypto/evp/pmeth_fn.c
new file mode 100644
index 0000000000..c4676f2f8d
--- /dev/null
+++ b/crypto/evp/pmeth_fn.c
@@ -0,0 +1,368 @@
+/* pmeth_fn.c */
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project 2006.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "cryptlib.h"
+#include <openssl/objects.h>
+#include <openssl/evp.h>
+#include "evp_locl.h"
+
+#define M_check_autoarg(ctx, arg, arglen, err) \
+	if (ctx->pmeth->flags & EVP_PKEY_FLAG_AUTOARGLEN) \
+		{ \
+		size_t pksize = (size_t)EVP_PKEY_size(ctx->pkey); \
+		if (!arg) \
+			{ \
+			*arglen = pksize; \
+			return 1; \
+			} \
+		else if (*arglen < pksize) \
+			{ \
+			EVPerr(err, EVP_R_BUFFER_TOO_SMALL); /*ckerr_ignore*/\
+			return 0; \
+			} \
+		}
+
+int EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx)
+	{
+	int ret;
+	if (!ctx || !ctx->pmeth || !ctx->pmeth->sign)
+		{
+		EVPerr(EVP_F_EVP_PKEY_SIGN_INIT,
+			EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+		return -2;
+		}
+	ctx->operation = EVP_PKEY_OP_SIGN;
+	if (!ctx->pmeth->sign_init)
+		return 1;
+	ret = ctx->pmeth->sign_init(ctx);
+	if (ret <= 0)
+		ctx->operation = EVP_PKEY_OP_UNDEFINED;
+	return ret;
+	}
+
+int EVP_PKEY_sign(EVP_PKEY_CTX *ctx,
+			unsigned char *sig, size_t *siglen,
+			const unsigned char *tbs, size_t tbslen)
+	{
+	if (!ctx || !ctx->pmeth || !ctx->pmeth->sign)
+		{
+		EVPerr(EVP_F_EVP_PKEY_SIGN,
+			EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+		return -2;
+		}
+	if (ctx->operation != EVP_PKEY_OP_SIGN)
+		{
+		EVPerr(EVP_F_EVP_PKEY_SIGN, EVP_R_OPERATON_NOT_INITIALIZED);
+		return -1;
+		}
+	M_check_autoarg(ctx, sig, siglen, EVP_F_EVP_PKEY_SIGN)
+	return ctx->pmeth->sign(ctx, sig, siglen, tbs, tbslen);
+	}
+
+int EVP_PKEY_verify_init(EVP_PKEY_CTX *ctx)
+	{
+	int ret;
+	if (!ctx || !ctx->pmeth || !ctx->pmeth->verify)
+		{
+		EVPerr(EVP_F_EVP_PKEY_VERIFY_INIT,
+			EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+		return -2;
+		}
+	ctx->operation = EVP_PKEY_OP_VERIFY;
+	if (!ctx->pmeth->verify_init)
+		return 1;
+	ret = ctx->pmeth->verify_init(ctx);
+	if (ret <= 0)
+		ctx->operation = EVP_PKEY_OP_UNDEFINED;
+	return ret;
+	}
+
+int EVP_PKEY_verify(EVP_PKEY_CTX *ctx,
+			const unsigned char *sig, size_t siglen,
+			const unsigned char *tbs, size_t tbslen)
+	{
+	if (!ctx || !ctx->pmeth || !ctx->pmeth->verify)
+		{
+		EVPerr(EVP_F_EVP_PKEY_VERIFY,
+			EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+		return -2;
+		}
+	if (ctx->operation != EVP_PKEY_OP_VERIFY)
+		{
+		EVPerr(EVP_F_EVP_PKEY_VERIFY, EVP_R_OPERATON_NOT_INITIALIZED);
+		return -1;
+		}
+	return ctx->pmeth->verify(ctx, sig, siglen, tbs, tbslen);
+	}
+
+int EVP_PKEY_verify_recover_init(EVP_PKEY_CTX *ctx)
+	{
+	int ret;
+	if (!ctx || !ctx->pmeth || !ctx->pmeth->verify_recover)
+		{
+		EVPerr(EVP_F_EVP_PKEY_VERIFY_RECOVER_INIT,
+			EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+		return -2;
+		}
+	ctx->operation = EVP_PKEY_OP_VERIFYRECOVER;
+	if (!ctx->pmeth->verify_recover_init)
+		return 1;
+	ret = ctx->pmeth->verify_recover_init(ctx);
+	if (ret <= 0)
+		ctx->operation = EVP_PKEY_OP_UNDEFINED;
+	return ret;
+	}
+
+int EVP_PKEY_verify_recover(EVP_PKEY_CTX *ctx,
+			unsigned char *rout, size_t *routlen,
+			const unsigned char *sig, size_t siglen)
+	{
+	if (!ctx || !ctx->pmeth || !ctx->pmeth->verify_recover)
+		{
+		EVPerr(EVP_F_EVP_PKEY_VERIFY_RECOVER,
+			EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+		return -2;
+		}
+	if (ctx->operation != EVP_PKEY_OP_VERIFYRECOVER)
+		{
+		EVPerr(EVP_F_EVP_PKEY_VERIFY_RECOVER, EVP_R_OPERATON_NOT_INITIALIZED);
+		return -1;
+		}
+	M_check_autoarg(ctx, rout, routlen, EVP_F_EVP_PKEY_VERIFY_RECOVER)
+	return ctx->pmeth->verify_recover(ctx, rout, routlen, sig, siglen);
+	}
+
+int EVP_PKEY_encrypt_init(EVP_PKEY_CTX *ctx)
+	{
+	int ret;
+	if (!ctx || !ctx->pmeth || !ctx->pmeth->encrypt)
+		{
+		EVPerr(EVP_F_EVP_PKEY_ENCRYPT_INIT,
+			EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+		return -2;
+		}
+	ctx->operation = EVP_PKEY_OP_ENCRYPT;
+	if (!ctx->pmeth->encrypt_init)
+		return 1;
+	ret = ctx->pmeth->encrypt_init(ctx);
+	if (ret <= 0)
+		ctx->operation = EVP_PKEY_OP_UNDEFINED;
+	return ret;
+	}
+
+int EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx,
+			unsigned char *out, size_t *outlen,
+			const unsigned char *in, size_t inlen)
+	{
+	if (!ctx || !ctx->pmeth || !ctx->pmeth->encrypt)
+		{
+		EVPerr(EVP_F_EVP_PKEY_ENCRYPT,
+			EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+		return -2;
+		}
+	if (ctx->operation != EVP_PKEY_OP_ENCRYPT)
+		{
+		EVPerr(EVP_F_EVP_PKEY_ENCRYPT, EVP_R_OPERATON_NOT_INITIALIZED);
+		return -1;
+		}
+	M_check_autoarg(ctx, out, outlen, EVP_F_EVP_PKEY_ENCRYPT)
+	return ctx->pmeth->encrypt(ctx, out, outlen, in, inlen);
+	}
+
+int EVP_PKEY_decrypt_init(EVP_PKEY_CTX *ctx)
+	{
+	int ret;
+	if (!ctx || !ctx->pmeth || !ctx->pmeth->decrypt)
+		{
+		EVPerr(EVP_F_EVP_PKEY_DECRYPT_INIT,
+			EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+		return -2;
+		}
+	ctx->operation = EVP_PKEY_OP_DECRYPT;
+	if (!ctx->pmeth->decrypt_init)
+		return 1;
+	ret = ctx->pmeth->decrypt_init(ctx);
+	if (ret <= 0)
+		ctx->operation = EVP_PKEY_OP_UNDEFINED;
+	return ret;
+	}
+
+int EVP_PKEY_decrypt(EVP_PKEY_CTX *ctx,
+			unsigned char *out, size_t *outlen,
+			const unsigned char *in, size_t inlen)
+	{
+	if (!ctx || !ctx->pmeth || !ctx->pmeth->decrypt)
+		{
+		EVPerr(EVP_F_EVP_PKEY_DECRYPT,
+			EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+		return -2;
+		}
+	if (ctx->operation != EVP_PKEY_OP_DECRYPT)
+		{
+		EVPerr(EVP_F_EVP_PKEY_DECRYPT, EVP_R_OPERATON_NOT_INITIALIZED);
+		return -1;
+		}
+	M_check_autoarg(ctx, out, outlen, EVP_F_EVP_PKEY_DECRYPT)
+	return ctx->pmeth->decrypt(ctx, out, outlen, in, inlen);
+	}
+
+
+int EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx)
+	{
+	int ret;
+	if (!ctx || !ctx->pmeth || !ctx->pmeth->derive)
+		{
+		EVPerr(EVP_F_EVP_PKEY_DERIVE_INIT,
+			EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+		return -2;
+		}
+	ctx->operation = EVP_PKEY_OP_DERIVE;
+	if (!ctx->pmeth->derive_init)
+		return 1;
+	ret = ctx->pmeth->derive_init(ctx);
+	if (ret <= 0)
+		ctx->operation = EVP_PKEY_OP_UNDEFINED;
+	return ret;
+	}
+
+int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer)
+	{
+	int ret;
+	if (!ctx || !ctx->pmeth || !(ctx->pmeth->derive||ctx->pmeth->encrypt||ctx->pmeth->decrypt) || !ctx->pmeth->ctrl)
+		{
+		EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER,
+			EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+		return -2;
+		}
+	if (ctx->operation != EVP_PKEY_OP_DERIVE && ctx->operation != EVP_PKEY_OP_ENCRYPT && ctx->operation != EVP_PKEY_OP_DECRYPT)
+		{
+		EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER,
+					EVP_R_OPERATON_NOT_INITIALIZED);
+		return -1;
+		}
+
+	ret = ctx->pmeth->ctrl(ctx, EVP_PKEY_CTRL_PEER_KEY, 0, peer);
+
+	if (ret <= 0)
+		return ret;
+
+	if (ret == 2)
+		return 1;
+
+	if (!ctx->pkey)
+		{
+		EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER, EVP_R_NO_KEY_SET);
+		return -1;
+		}
+
+	if (ctx->pkey->type != peer->type)
+		{
+		EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER,
+						EVP_R_DIFFERENT_KEY_TYPES);
+		return -1;
+		}
+
+	/* ran@cryptocom.ru: For clarity.  The error is if parameters in peer are
+	 * present (!missing) but don't match.  EVP_PKEY_cmp_parameters may return
+	 * 1 (match), 0 (don't match) and -2 (comparison is not defined).  -1
+	 * (different key types) is impossible here because it is checked earlier.
+	 * -2 is OK for us here, as well as 1, so we can check for 0 only. */
+	if (!EVP_PKEY_missing_parameters(peer) &&
+		!EVP_PKEY_cmp_parameters(ctx->pkey, peer))
+		{
+		EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER,
+						EVP_R_DIFFERENT_PARAMETERS);
+		return -1;
+		}
+
+	if (ctx->peerkey)
+		EVP_PKEY_free(ctx->peerkey);
+	ctx->peerkey = peer;
+
+	ret = ctx->pmeth->ctrl(ctx, EVP_PKEY_CTRL_PEER_KEY, 1, peer);
+
+	if (ret <= 0)
+		{
+		ctx->peerkey = NULL;
+		return ret;
+		}
+
+	CRYPTO_add(&peer->references,1,CRYPTO_LOCK_EVP_PKEY);
+	return 1;
+	}
+
+
+int EVP_PKEY_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *pkeylen)
+	{
+	if (!ctx || !ctx->pmeth || !ctx->pmeth->derive)
+		{
+		EVPerr(EVP_F_EVP_PKEY_DERIVE,
+			EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+		return -2;
+		}
+	if (ctx->operation != EVP_PKEY_OP_DERIVE)
+		{
+		EVPerr(EVP_F_EVP_PKEY_DERIVE, EVP_R_OPERATON_NOT_INITIALIZED);
+		return -1;
+		}
+	M_check_autoarg(ctx, key, pkeylen, EVP_F_EVP_PKEY_DERIVE)
+	return ctx->pmeth->derive(ctx, key, pkeylen);
+	}
+
diff --git a/crypto/evp/pmeth_gn.c b/crypto/evp/pmeth_gn.c
new file mode 100644
index 0000000000..5d74161a09
--- /dev/null
+++ b/crypto/evp/pmeth_gn.c
@@ -0,0 +1,220 @@
+/* pmeth_gn.c */
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project 2006.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "cryptlib.h"
+#include <openssl/objects.h>
+#include <openssl/evp.h>
+#include <openssl/bn.h>
+#include "evp_locl.h"
+
+int EVP_PKEY_paramgen_init(EVP_PKEY_CTX *ctx)
+	{
+	int ret;
+	if (!ctx || !ctx->pmeth || !ctx->pmeth->paramgen)
+		{
+		EVPerr(EVP_F_EVP_PKEY_PARAMGEN_INIT,
+			EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+		return -2;
+		}
+	ctx->operation = EVP_PKEY_OP_PARAMGEN;
+	if (!ctx->pmeth->paramgen_init)
+		return 1;
+	ret = ctx->pmeth->paramgen_init(ctx);
+	if (ret <= 0)
+		ctx->operation = EVP_PKEY_OP_UNDEFINED;
+	return ret;
+	}
+
+int EVP_PKEY_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey)
+	{
+	int ret;
+	if (!ctx || !ctx->pmeth || !ctx->pmeth->paramgen)
+		{
+		EVPerr(EVP_F_EVP_PKEY_PARAMGEN,
+			EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+		return -2;
+		}
+
+	if (ctx->operation != EVP_PKEY_OP_PARAMGEN)
+		{
+		EVPerr(EVP_F_EVP_PKEY_PARAMGEN, EVP_R_OPERATON_NOT_INITIALIZED);
+		return -1;
+		}
+
+	if (!ppkey)
+		return -1;
+
+	if (!*ppkey)
+		*ppkey = EVP_PKEY_new();
+
+	ret = ctx->pmeth->paramgen(ctx, *ppkey);
+	if (ret <= 0)
+		{
+		EVP_PKEY_free(*ppkey);
+		*ppkey = NULL;
+		}
+	return ret;
+	}
+
+int EVP_PKEY_keygen_init(EVP_PKEY_CTX *ctx)
+	{
+	int ret;
+	if (!ctx || !ctx->pmeth || !ctx->pmeth->keygen)
+		{
+		EVPerr(EVP_F_EVP_PKEY_KEYGEN_INIT,
+			EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+		return -2;
+		}
+	ctx->operation = EVP_PKEY_OP_KEYGEN;
+	if (!ctx->pmeth->keygen_init)
+		return 1;
+	ret = ctx->pmeth->keygen_init(ctx);
+	if (ret <= 0)
+		ctx->operation = EVP_PKEY_OP_UNDEFINED;
+	return ret;
+	}
+
+int EVP_PKEY_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey)
+	{
+	int ret;
+
+	if (!ctx || !ctx->pmeth || !ctx->pmeth->keygen)
+		{
+		EVPerr(EVP_F_EVP_PKEY_KEYGEN,
+			EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+		return -2;
+		}
+	if (ctx->operation != EVP_PKEY_OP_KEYGEN)
+		{
+		EVPerr(EVP_F_EVP_PKEY_KEYGEN, EVP_R_OPERATON_NOT_INITIALIZED);
+		return -1;
+		}
+
+	if (!ppkey)
+		return -1;
+
+	if (!*ppkey)
+		*ppkey = EVP_PKEY_new();
+
+	ret = ctx->pmeth->keygen(ctx, *ppkey);
+	if (ret <= 0)
+		{
+		EVP_PKEY_free(*ppkey);
+		*ppkey = NULL;
+		}
+	return ret;
+	}
+
+void EVP_PKEY_CTX_set_cb(EVP_PKEY_CTX *ctx, EVP_PKEY_gen_cb *cb)
+	{
+	ctx->pkey_gencb = cb;
+	}
+
+EVP_PKEY_gen_cb *EVP_PKEY_CTX_get_cb(EVP_PKEY_CTX *ctx)
+	{
+	return ctx->pkey_gencb;
+	}
+
+/* "translation callback" to call EVP_PKEY_CTX callbacks using BN_GENCB
+ * style callbacks.
+ */
+
+static int trans_cb(int a, int b, BN_GENCB *gcb)
+	{
+	EVP_PKEY_CTX *ctx = gcb->arg;
+	ctx->keygen_info[0] = a;
+	ctx->keygen_info[1] = b;
+	return ctx->pkey_gencb(ctx);
+	}	
+
+void evp_pkey_set_cb_translate(BN_GENCB *cb, EVP_PKEY_CTX *ctx)
+	{
+	BN_GENCB_set(cb, trans_cb, ctx)
+	}
+
+int EVP_PKEY_CTX_get_keygen_info(EVP_PKEY_CTX *ctx, int idx)
+	{
+	if (idx == -1)
+		return ctx->keygen_info_count; 
+	if (idx < 0 || idx > ctx->keygen_info_count)
+		return 0;
+	return ctx->keygen_info[idx];
+	}
+
+EVP_PKEY *EVP_PKEY_new_mac_key(int type, ENGINE *e,
+				unsigned char *key, int keylen)
+	{
+	EVP_PKEY_CTX *mac_ctx = NULL;
+	EVP_PKEY *mac_key = NULL;
+	mac_ctx = EVP_PKEY_CTX_new_id(type, e);
+	if (!mac_ctx)
+		return NULL;
+	if (EVP_PKEY_keygen_init(mac_ctx) <= 0)
+		goto merr;
+	if (EVP_PKEY_CTX_ctrl(mac_ctx, -1, EVP_PKEY_OP_KEYGEN,
+				EVP_PKEY_CTRL_SET_MAC_KEY, keylen, key) <= 0)
+		goto merr;
+	if (EVP_PKEY_keygen(mac_ctx, &mac_key) <= 0)
+		goto merr;
+	merr:
+	if (mac_ctx)
+		EVP_PKEY_CTX_free(mac_ctx);
+	return mac_key;
+	}
diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c
new file mode 100644
index 0000000000..4a05f0b135
--- /dev/null
+++ b/crypto/evp/pmeth_lib.c
@@ -0,0 +1,537 @@
+/* pmeth_lib.c */
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project 2006.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "cryptlib.h"
+#include <openssl/objects.h>
+#include <openssl/evp.h>
+#ifndef OPENSSL_NO_ENGINE
+#include <openssl/engine.h>
+#endif
+#include "asn1_locl.h"
+#include "evp_locl.h"
+
+typedef int sk_cmp_fn_type(const char * const *a, const char * const *b);
+
+DECLARE_STACK_OF(EVP_PKEY_METHOD)
+STACK_OF(EVP_PKEY_METHOD) *app_pkey_methods = NULL;
+
+extern const EVP_PKEY_METHOD rsa_pkey_meth, dh_pkey_meth, dsa_pkey_meth;
+extern const EVP_PKEY_METHOD ec_pkey_meth, hmac_pkey_meth;
+
+static const EVP_PKEY_METHOD *standard_methods[] =
+	{
+#ifndef OPENSSL_NO_RSA
+	&rsa_pkey_meth,
+#endif
+#ifndef OPENSSL_NO_DH
+	&dh_pkey_meth,
+#endif
+#ifndef OPENSSL_NO_DSA
+	&dsa_pkey_meth,
+#endif
+#ifndef OPENSSL_NO_EC
+	&ec_pkey_meth,
+#endif
+	&hmac_pkey_meth,
+	};
+
+DECLARE_OBJ_BSEARCH_CMP_FN(const EVP_PKEY_METHOD *, const EVP_PKEY_METHOD *,
+			   pmeth);
+
+static int pmeth_cmp(const EVP_PKEY_METHOD * const *a,
+		     const EVP_PKEY_METHOD * const *b)
+	{
+        return ((*a)->pkey_id - (*b)->pkey_id);
+	}
+
+IMPLEMENT_OBJ_BSEARCH_CMP_FN(const EVP_PKEY_METHOD *, const EVP_PKEY_METHOD *,
+			     pmeth);
+
+const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type)
+	{
+	EVP_PKEY_METHOD tmp;
+	const EVP_PKEY_METHOD *t = &tmp, **ret;
+	tmp.pkey_id = type;
+	if (app_pkey_methods)
+		{
+		int idx;
+		idx = sk_EVP_PKEY_METHOD_find(app_pkey_methods, &tmp);
+		if (idx >= 0)
+			return sk_EVP_PKEY_METHOD_value(app_pkey_methods, idx);
+		}
+	ret = OBJ_bsearch_pmeth(&t, standard_methods,
+			  sizeof(standard_methods)/sizeof(EVP_PKEY_METHOD *));
+	if (!ret || !*ret)
+		return NULL;
+	return *ret;
+	}
+
+static EVP_PKEY_CTX *int_ctx_new(EVP_PKEY *pkey, ENGINE *e, int id)
+	{
+	EVP_PKEY_CTX *ret;
+	const EVP_PKEY_METHOD *pmeth;
+	if (id == -1)
+		{
+		if (!pkey || !pkey->ameth)
+			return NULL;
+		id = pkey->ameth->pkey_id;
+		}
+#ifndef OPENSSL_NO_ENGINE
+	/* Try to find an ENGINE which implements this method */
+	if (e)
+		{
+		if (!ENGINE_init(e))
+			{
+			EVPerr(EVP_F_INT_CTX_NEW,ERR_R_ENGINE_LIB);
+			return NULL;
+			}
+		}
+	else
+		e = ENGINE_get_pkey_meth_engine(id);
+
+	/* If an ENGINE handled this method look it up. Othewise
+	 * use internal tables.
+	 */
+
+	if (e)
+		pmeth = ENGINE_get_pkey_meth(e, id);
+	else
+#endif
+		pmeth = EVP_PKEY_meth_find(id);
+
+	if (pmeth == NULL)
+		{
+		EVPerr(EVP_F_INT_CTX_NEW,EVP_R_UNSUPPORTED_ALGORITHM);
+		return NULL;
+		}
+
+	ret = OPENSSL_malloc(sizeof(EVP_PKEY_CTX));
+	if (!ret)
+		{
+#ifndef OPENSSL_NO_ENGINE
+		if (e)
+			ENGINE_finish(e);
+#endif
+		EVPerr(EVP_F_INT_CTX_NEW,ERR_R_MALLOC_FAILURE);
+		return NULL;
+		}
+	ret->engine = e;
+	ret->pmeth = pmeth;
+	ret->operation = EVP_PKEY_OP_UNDEFINED;
+	ret->pkey = pkey;
+	ret->peerkey = NULL;
+	if (pkey)
+		CRYPTO_add(&pkey->references,1,CRYPTO_LOCK_EVP_PKEY);
+	ret->data = NULL;
+
+	if (pmeth->init)
+		{
+		if (pmeth->init(ret) <= 0)
+			{
+			EVP_PKEY_CTX_free(ret);
+			return NULL;
+			}
+		}
+
+	return ret;
+	}
+
+EVP_PKEY_METHOD* EVP_PKEY_meth_new(int id, int flags)
+	{
+	EVP_PKEY_METHOD *pmeth;
+	pmeth = OPENSSL_malloc(sizeof(EVP_PKEY_METHOD));
+	if (!pmeth)
+		return NULL;
+
+	pmeth->pkey_id = id;
+	pmeth->flags = flags | EVP_PKEY_FLAG_DYNAMIC;
+
+	pmeth->init = 0;
+	pmeth->copy = 0;
+	pmeth->cleanup = 0;
+	pmeth->paramgen_init = 0;
+	pmeth->paramgen = 0;
+	pmeth->keygen_init = 0;
+	pmeth->keygen = 0;
+	pmeth->sign_init = 0;
+	pmeth->sign = 0;
+	pmeth->verify_init = 0;
+	pmeth->verify = 0;
+	pmeth->verify_recover_init = 0;
+	pmeth->verify_recover = 0;
+	pmeth->signctx_init = 0;
+	pmeth->signctx = 0;
+	pmeth->verifyctx_init = 0;
+	pmeth->verifyctx = 0;
+	pmeth->encrypt_init = 0;
+	pmeth->encrypt = 0;
+	pmeth->decrypt_init = 0;
+	pmeth->decrypt = 0;
+	pmeth->derive_init = 0;
+	pmeth->derive = 0;
+	pmeth->ctrl = 0;
+	pmeth->ctrl_str = 0;
+
+	return pmeth;
+	}
+
+void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth)
+	{
+	if (pmeth && (pmeth->flags & EVP_PKEY_FLAG_DYNAMIC))
+		OPENSSL_free(pmeth);
+	}
+
+EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e)
+	{
+	return int_ctx_new(pkey, e, -1);
+	}
+
+EVP_PKEY_CTX *EVP_PKEY_CTX_new_id(int id, ENGINE *e)
+	{
+	return int_ctx_new(NULL, e, id);
+	}
+
+EVP_PKEY_CTX *EVP_PKEY_CTX_dup(EVP_PKEY_CTX *pctx)
+	{
+	EVP_PKEY_CTX *rctx;
+	if (!pctx->pmeth || !pctx->pmeth->copy)
+		return NULL;
+#ifndef OPENSSL_NO_ENGINE
+	/* Make sure it's safe to copy a pkey context using an ENGINE */
+	if (pctx->engine && !ENGINE_init(pctx->engine))
+		{
+		EVPerr(EVP_F_EVP_PKEY_CTX_DUP,ERR_R_ENGINE_LIB);
+		return 0;
+		}
+#endif
+	rctx = OPENSSL_malloc(sizeof(EVP_PKEY_CTX));
+	if (!rctx)
+		return NULL;
+
+	rctx->pmeth = pctx->pmeth;
+#ifndef OPENSSL_NO_ENGINE
+	rctx->engine = pctx->engine;
+#endif
+
+	if (pctx->pkey)
+		CRYPTO_add(&pctx->pkey->references,1,CRYPTO_LOCK_EVP_PKEY);
+
+	rctx->pkey = pctx->pkey;
+
+	if (pctx->peerkey)
+		CRYPTO_add(&pctx->peerkey->references,1,CRYPTO_LOCK_EVP_PKEY);
+
+	rctx->peerkey = pctx->peerkey;
+
+	rctx->data = NULL;
+	rctx->app_data = NULL;
+	rctx->operation = pctx->operation;
+
+	if (pctx->pmeth->copy(rctx, pctx) > 0)
+		return rctx;
+
+	EVP_PKEY_CTX_free(rctx);
+	return NULL;
+
+	}
+
+int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth)
+	{
+	if (app_pkey_methods == NULL)
+		{
+		app_pkey_methods = sk_EVP_PKEY_METHOD_new(pmeth_cmp);
+		if (!app_pkey_methods)
+			return 0;
+		}
+	if (!sk_EVP_PKEY_METHOD_push(app_pkey_methods, pmeth))
+		return 0;
+	sk_EVP_PKEY_METHOD_sort(app_pkey_methods);
+	return 1;
+	}
+
+void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx)
+	{
+	if (ctx == NULL)
+		return;
+	if (ctx->pmeth && ctx->pmeth->cleanup)
+		ctx->pmeth->cleanup(ctx);
+	if (ctx->pkey)
+		EVP_PKEY_free(ctx->pkey);
+	if (ctx->peerkey)
+		EVP_PKEY_free(ctx->peerkey);
+#ifndef OPENSSL_NO_ENGINE
+	if(ctx->engine)
+		/* The EVP_PKEY_CTX we used belongs to an ENGINE, release the
+		 * functional reference we held for this reason. */
+		ENGINE_finish(ctx->engine);
+#endif
+	OPENSSL_free(ctx);
+	}
+
+int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
+				int cmd, int p1, void *p2)
+	{
+	int ret;
+	if (!ctx || !ctx->pmeth || !ctx->pmeth->ctrl)
+		{
+		EVPerr(EVP_F_EVP_PKEY_CTX_CTRL, EVP_R_COMMAND_NOT_SUPPORTED);
+		return -2;
+		}
+	if ((keytype != -1) && (ctx->pmeth->pkey_id != keytype))
+		return -1;
+
+	if (ctx->operation == EVP_PKEY_OP_UNDEFINED)
+		{
+		EVPerr(EVP_F_EVP_PKEY_CTX_CTRL, EVP_R_NO_OPERATION_SET);
+		return -1;
+		}
+
+	if ((optype != -1) && !(ctx->operation & optype))
+		{
+		EVPerr(EVP_F_EVP_PKEY_CTX_CTRL, EVP_R_INVALID_OPERATION);
+		return -1;
+		}
+
+	ret = ctx->pmeth->ctrl(ctx, cmd, p1, p2);
+
+	if (ret == -2)
+		EVPerr(EVP_F_EVP_PKEY_CTX_CTRL, EVP_R_COMMAND_NOT_SUPPORTED);
+
+	return ret;
+
+	}
+
+int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx,
+					const char *name, const char *value)
+	{
+	if (!ctx || !ctx->pmeth || !ctx->pmeth->ctrl_str)
+		{
+		EVPerr(EVP_F_EVP_PKEY_CTX_CTRL_STR,
+						EVP_R_COMMAND_NOT_SUPPORTED);
+		return -2;
+		}
+	if (!strcmp(name, "digest"))
+		{
+		const EVP_MD *md;
+		if (!value || !(md = EVP_get_digestbyname(value)))
+			{
+			EVPerr(EVP_F_EVP_PKEY_CTX_CTRL_STR,
+						EVP_R_INVALID_DIGEST);
+			return 0;
+			}
+		return EVP_PKEY_CTX_set_signature_md(ctx, md);
+		}
+	return ctx->pmeth->ctrl_str(ctx, name, value);
+	}
+
+int EVP_PKEY_CTX_get_operation(EVP_PKEY_CTX *ctx)
+	{
+	return ctx->operation;
+	}
+
+void EVP_PKEY_CTX_set0_keygen_info(EVP_PKEY_CTX *ctx, int *dat, int datlen)
+	{
+	ctx->keygen_info = dat;
+	ctx->keygen_info_count = datlen;
+	}
+
+void EVP_PKEY_CTX_set_data(EVP_PKEY_CTX *ctx, void *data)
+	{
+	ctx->data = data;
+	}
+
+void *EVP_PKEY_CTX_get_data(EVP_PKEY_CTX *ctx)
+	{
+	return ctx->data;
+	}
+
+EVP_PKEY *EVP_PKEY_CTX_get0_pkey(EVP_PKEY_CTX *ctx)
+	{
+	return ctx->pkey;
+	}
+
+EVP_PKEY *EVP_PKEY_CTX_get0_peerkey(EVP_PKEY_CTX *ctx)
+	{
+	return ctx->peerkey;
+	}
+	
+void EVP_PKEY_CTX_set_app_data(EVP_PKEY_CTX *ctx, void *data)
+	{
+	ctx->app_data = data;
+	}
+
+void *EVP_PKEY_CTX_get_app_data(EVP_PKEY_CTX *ctx)
+	{
+	return ctx->app_data;
+	}
+
+void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
+	int (*init)(EVP_PKEY_CTX *ctx))
+	{
+	pmeth->init = init;
+	}
+
+void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
+	int (*copy)(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src))
+	{
+	pmeth->copy = copy;
+	}
+
+void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
+	void (*cleanup)(EVP_PKEY_CTX *ctx))
+	{
+	pmeth->cleanup = cleanup;
+	}
+
+void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
+	int (*paramgen_init)(EVP_PKEY_CTX *ctx),
+	int (*paramgen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey))
+	{
+	pmeth->paramgen_init = paramgen_init;
+	pmeth->paramgen = paramgen;
+	}
+
+void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
+	int (*keygen_init)(EVP_PKEY_CTX *ctx),
+	int (*keygen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey))
+	{
+	pmeth->keygen_init = keygen_init;
+	pmeth->keygen = keygen;
+	}
+
+void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
+	int (*sign_init)(EVP_PKEY_CTX *ctx),
+	int (*sign)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+					const unsigned char *tbs, size_t tbslen))
+	{
+	pmeth->sign_init = sign_init;
+	pmeth->sign = sign;
+	}
+
+void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
+	int (*verify_init)(EVP_PKEY_CTX *ctx),
+	int (*verify)(EVP_PKEY_CTX *ctx, const unsigned char *sig, size_t siglen,
+					const unsigned char *tbs, size_t tbslen))
+	{
+	pmeth->verify_init = verify_init;
+	pmeth->verify = verify;
+	}
+
+void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
+	int (*verify_recover_init)(EVP_PKEY_CTX *ctx),
+	int (*verify_recover)(EVP_PKEY_CTX *ctx,
+					unsigned char *sig, size_t *siglen,
+					const unsigned char *tbs, size_t tbslen))
+	{
+	pmeth->verify_recover_init = verify_recover_init;
+	pmeth->verify_recover = verify_recover;
+	}
+
+void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
+	int (*signctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx),
+	int (*signctx)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+					EVP_MD_CTX *mctx))
+	{
+	pmeth->signctx_init = signctx_init;
+	pmeth->signctx = signctx;
+	}
+
+void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
+	int (*verifyctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx),
+	int (*verifyctx)(EVP_PKEY_CTX *ctx, const unsigned char *sig,int siglen,
+					EVP_MD_CTX *mctx))
+	{
+	pmeth->verifyctx_init = verifyctx_init;
+	pmeth->verifyctx = verifyctx;
+	}
+
+void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
+	int (*encrypt_init)(EVP_PKEY_CTX *ctx),
+	int (*encryptfn)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+					const unsigned char *in, size_t inlen))
+	{
+	pmeth->encrypt_init = encrypt_init;
+	pmeth->encrypt = encryptfn;
+	}
+
+void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
+	int (*decrypt_init)(EVP_PKEY_CTX *ctx),
+	int (*decrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+					const unsigned char *in, size_t inlen))
+	{
+	pmeth->decrypt_init = decrypt_init;
+	pmeth->decrypt = decrypt;
+	}
+
+void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
+	int (*derive_init)(EVP_PKEY_CTX *ctx),
+	int (*derive)(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen))
+	{
+	pmeth->derive_init = derive_init;
+	pmeth->derive = derive;
+	}
+
+void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
+	int (*ctrl)(EVP_PKEY_CTX *ctx, int type, int p1, void *p2),
+	int (*ctrl_str)(EVP_PKEY_CTX *ctx, const char *type, const char *value))
+	{
+	pmeth->ctrl = ctrl;
+	pmeth->ctrl_str = ctrl_str;
+	}
diff --git a/crypto/ex_data.c b/crypto/ex_data.c
index 8914218fe8..e2bc8298d0 100644
--- a/crypto/ex_data.c
+++ b/crypto/ex_data.c
@@ -245,18 +245,21 @@ typedef struct st_ex_class_item {
 static int ex_class = CRYPTO_EX_INDEX_USER;
 
 /* The global hash table of EX_CLASS_ITEM items */
-static LHASH *ex_data = NULL;
+DECLARE_LHASH_OF(EX_CLASS_ITEM);
+static LHASH_OF(EX_CLASS_ITEM) *ex_data = NULL;
 
 /* The callbacks required in the "ex_data" hash table */
-static unsigned long ex_hash_cb(const void *a_void)
+static unsigned long ex_class_item_hash(const EX_CLASS_ITEM *a)
 	{
-	return ((const EX_CLASS_ITEM *)a_void)->class_index;
+	return a->class_index;
 	}
-static int ex_cmp_cb(const void *a_void, const void *b_void)
+static IMPLEMENT_LHASH_HASH_FN(ex_class_item, EX_CLASS_ITEM)
+
+static int ex_class_item_cmp(const EX_CLASS_ITEM *a, const EX_CLASS_ITEM *b)
 	{
-	return (((const EX_CLASS_ITEM *)a_void)->class_index -
-		((const EX_CLASS_ITEM *)b_void)->class_index);
+	return a->class_index - b->class_index;
 	}
+static IMPLEMENT_LHASH_COMP_FN(ex_class_item, EX_CLASS_ITEM)
 
 /* Internal functions used by the "impl_default" implementation to access the
  * state */
@@ -265,7 +268,8 @@ static int ex_data_check(void)
 	{
 	int toret = 1;
 	CRYPTO_w_lock(CRYPTO_LOCK_EX_DATA);
-	if(!ex_data && ((ex_data = lh_new(ex_hash_cb, ex_cmp_cb)) == NULL))
+	if(!ex_data
+	   && (ex_data = lh_EX_CLASS_ITEM_new()) == NULL)
 		toret = 0;
 	CRYPTO_w_unlock(CRYPTO_LOCK_EX_DATA);
 	return toret;
@@ -298,7 +302,7 @@ static EX_CLASS_ITEM *def_get_class(int class_index)
 	EX_DATA_CHECK(return NULL;)
 	d.class_index = class_index;
 	CRYPTO_w_lock(CRYPTO_LOCK_EX_DATA);
-	p = lh_retrieve(ex_data, &d);
+	p = lh_EX_CLASS_ITEM_retrieve(ex_data, &d);
 	if(!p)
 		{
 		gen = OPENSSL_malloc(sizeof(EX_CLASS_ITEM));
@@ -313,7 +317,7 @@ static EX_CLASS_ITEM *def_get_class(int class_index)
 				{
 				/* Because we're inside the ex_data lock, the
 				 * return value from the insert will be NULL */
-				lh_insert(ex_data, gen);
+				(void)lh_EX_CLASS_ITEM_insert(ex_data, gen);
 				p = gen;
 				}
 			}
@@ -354,7 +358,7 @@ static int def_add_index(EX_CLASS_ITEM *item, long argl, void *argp,
 			}
 		}
 	toret = item->meth_num++;
-	sk_CRYPTO_EX_DATA_FUNCS_set(item->meth, toret, a);
+	(void)sk_CRYPTO_EX_DATA_FUNCS_set(item->meth, toret, a);
 err:
 	CRYPTO_w_unlock(CRYPTO_LOCK_EX_DATA);
 	return toret;
@@ -375,8 +379,8 @@ static int int_new_class(void)
 static void int_cleanup(void)
 	{
 	EX_DATA_CHECK(return;)
-	lh_doall(ex_data, def_cleanup_cb);
-	lh_free(ex_data);
+	lh_EX_CLASS_ITEM_doall(ex_data, def_cleanup_cb);
+	lh_EX_CLASS_ITEM_free(ex_data);
 	ex_data = NULL;
 	impl = NULL;
 	}
@@ -452,7 +456,7 @@ static int int_dup_ex_data(int class_index, CRYPTO_EX_DATA *to,
 		return 0;
 	CRYPTO_r_lock(CRYPTO_LOCK_EX_DATA);
 	mx = sk_CRYPTO_EX_DATA_FUNCS_num(item->meth);
-	j = sk_num(from->sk);
+	j = sk_void_num(from->sk);
 	if(j < mx)
 		mx = j;
 	if(mx > 0)
@@ -523,7 +527,7 @@ skip:
 		OPENSSL_free(storage);
 	if(ad->sk)
 		{
-		sk_free(ad->sk);
+		sk_void_free(ad->sk);
 		ad->sk=NULL;
 		}
 	}
@@ -596,24 +600,24 @@ int CRYPTO_set_ex_data(CRYPTO_EX_DATA *ad, int idx, void *val)
 
 	if (ad->sk == NULL)
 		{
-		if ((ad->sk=sk_new_null()) == NULL)
+		if ((ad->sk=sk_void_new_null()) == NULL)
 			{
 			CRYPTOerr(CRYPTO_F_CRYPTO_SET_EX_DATA,ERR_R_MALLOC_FAILURE);
 			return(0);
 			}
 		}
-	i=sk_num(ad->sk);
+	i=sk_void_num(ad->sk);
 
 	while (i <= idx)
 		{
-		if (!sk_push(ad->sk,NULL))
+		if (!sk_void_push(ad->sk,NULL))
 			{
 			CRYPTOerr(CRYPTO_F_CRYPTO_SET_EX_DATA,ERR_R_MALLOC_FAILURE);
 			return(0);
 			}
 		i++;
 		}
-	sk_set(ad->sk,idx,val);
+	sk_void_set(ad->sk,idx,val);
 	return(1);
 	}
 
@@ -623,10 +627,10 @@ void *CRYPTO_get_ex_data(const CRYPTO_EX_DATA *ad, int idx)
 	{
 	if (ad->sk == NULL)
 		return(0);
-	else if (idx >= sk_num(ad->sk))
+	else if (idx >= sk_void_num(ad->sk))
 		return(0);
 	else
-		return(sk_value(ad->sk,idx));
+		return(sk_void_value(ad->sk,idx));
 	}
 
 IMPLEMENT_STACK_OF(CRYPTO_EX_DATA_FUNCS)
diff --git a/crypto/hmac/.cvsignore b/crypto/hmac/.cvsignore
index c6d03a9dbc..439e6d3eb6 100644
--- a/crypto/hmac/.cvsignore
+++ b/crypto/hmac/.cvsignore
@@ -1,2 +1,4 @@
 lib
 Makefile.save
+*.flc
+semantic.cache
diff --git a/crypto/hmac/Makefile.ssl b/crypto/hmac/Makefile.ssl
deleted file mode 100644
index 6b6d9c3ba9..0000000000
--- a/crypto/hmac/Makefile.ssl
+++ /dev/null
@@ -1,90 +0,0 @@
-#
-# SSLeay/crypto/md/Makefile
-#
-
-DIR=	hmac
-TOP=	../..
-CC=	cc
-INCLUDES=
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=hmactest.c
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=hmac.c
-LIBOBJ=hmac.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= hmac.h
-HEADER=	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@sh $(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-hmac.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-hmac.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-hmac.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-hmac.o: ../../include/openssl/evp.h ../../include/openssl/hmac.h
-hmac.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-hmac.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-hmac.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-hmac.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-hmac.o: ../../include/openssl/symhacks.h ../cryptlib.h hmac.c
diff --git a/crypto/hmac/hm_ameth.c b/crypto/hmac/hm_ameth.c
new file mode 100644
index 0000000000..6d8a89149e
--- /dev/null
+++ b/crypto/hmac/hm_ameth.c
@@ -0,0 +1,167 @@
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project 2007.
+ */
+/* ====================================================================
+ * Copyright (c) 2007 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/evp.h>
+#include "asn1_locl.h"
+
+#define HMAC_TEST_PRIVATE_KEY_FORMAT
+
+/* HMAC "ASN1" method. This is just here to indicate the
+ * maximum HMAC output length and to free up an HMAC
+ * key.
+ */
+
+static int hmac_size(const EVP_PKEY *pkey)
+	{
+	return EVP_MAX_MD_SIZE;
+	}
+
+static void hmac_key_free(EVP_PKEY *pkey)
+	{
+	ASN1_OCTET_STRING *os = (ASN1_OCTET_STRING *)pkey->pkey.ptr;
+	if (os)
+		{
+		if (os->data)
+			OPENSSL_cleanse(os->data, os->length);
+		ASN1_OCTET_STRING_free(os);
+		}
+	}
+
+
+static int hmac_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
+	{
+	switch (op)
+		{
+		case ASN1_PKEY_CTRL_DEFAULT_MD_NID:
+		*(int *)arg2 = NID_sha1;
+		return 1;
+
+		default:
+		return -2;
+		}
+	}
+
+#ifdef HMAC_TEST_PRIVATE_KEY_FORMAT
+/* A bogus private key format for test purposes. This is simply the
+ * HMAC key with "HMAC PRIVATE KEY" in the headers. When enabled the
+ * genpkey utility can be used to "generate" HMAC keys.
+ */
+
+static int old_hmac_decode(EVP_PKEY *pkey,
+					const unsigned char **pder, int derlen)
+	{
+	ASN1_OCTET_STRING *os;
+	os = ASN1_OCTET_STRING_new();
+	if (!os || !ASN1_OCTET_STRING_set(os, *pder, derlen))
+		return 0;
+	EVP_PKEY_assign(pkey, EVP_PKEY_HMAC, os);
+	return 1;
+	}
+
+static int old_hmac_encode(const EVP_PKEY *pkey, unsigned char **pder)
+	{
+	int inc;
+	ASN1_OCTET_STRING *os = (ASN1_OCTET_STRING *)pkey->pkey.ptr;
+	if (pder)
+		{
+		if (!*pder)
+			{
+			*pder = OPENSSL_malloc(os->length);
+			inc = 0;
+			}
+		else inc = 1;
+
+		memcpy(*pder, os->data, os->length);
+
+		if (inc)
+			*pder += os->length;
+		}
+			
+	return os->length;
+	}
+
+#endif
+
+const EVP_PKEY_ASN1_METHOD hmac_asn1_meth = 
+	{
+	EVP_PKEY_HMAC,
+	EVP_PKEY_HMAC,
+	0,
+
+	"HMAC",
+	"OpenSSL HMAC method",
+
+	0,0,0,0,
+
+	0,0,0,
+
+	hmac_size,
+	0,
+	0,0,0,0,0,0,
+
+	hmac_key_free,
+	hmac_pkey_ctrl,
+#ifdef HMAC_TEST_PRIVATE_KEY_FORMAT
+	old_hmac_decode,
+	old_hmac_encode
+#else
+	0,0
+#endif
+	};
+
diff --git a/crypto/hmac/hm_pmeth.c b/crypto/hmac/hm_pmeth.c
new file mode 100644
index 0000000000..050db82ba8
--- /dev/null
+++ b/crypto/hmac/hm_pmeth.c
@@ -0,0 +1,269 @@
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project 2007.
+ */
+/* ====================================================================
+ * Copyright (c) 2007 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/x509.h>
+#include <openssl/x509v3.h>
+#include <openssl/evp.h>
+#include <openssl/hmac.h>
+#include "evp_locl.h"
+
+/* HMAC pkey context structure */
+
+typedef struct
+	{
+	const EVP_MD *md;	/* MD for HMAC use */
+	ASN1_OCTET_STRING ktmp; /* Temp storage for key */
+	HMAC_CTX ctx;
+	} HMAC_PKEY_CTX;
+
+static int pkey_hmac_init(EVP_PKEY_CTX *ctx)
+	{
+	HMAC_PKEY_CTX *hctx;
+	hctx = OPENSSL_malloc(sizeof(HMAC_PKEY_CTX));
+	if (!hctx)
+		return 0;
+	hctx->md = NULL;
+	hctx->ktmp.data = NULL;
+	hctx->ktmp.length = 0;
+	hctx->ktmp.flags = 0;
+	hctx->ktmp.type = V_ASN1_OCTET_STRING;
+	HMAC_CTX_init(&hctx->ctx);
+
+	ctx->data = hctx;
+	ctx->keygen_info_count = 0;
+
+	return 1;
+	}
+
+static int pkey_hmac_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
+	{
+	HMAC_PKEY_CTX *sctx, *dctx;
+	if (!pkey_hmac_init(dst))
+		return 0;
+       	sctx = src->data;
+	dctx = dst->data;
+	dctx->md = sctx->md;
+	HMAC_CTX_init(&dctx->ctx);
+	if (!HMAC_CTX_copy(&dctx->ctx, &sctx->ctx))
+		return 0;
+	if (sctx->ktmp.data)
+		{
+		if (!ASN1_OCTET_STRING_set(&dctx->ktmp,
+					sctx->ktmp.data, sctx->ktmp.length))
+			return 0;
+		}
+	return 1;
+	}
+
+static void pkey_hmac_cleanup(EVP_PKEY_CTX *ctx)
+	{
+	HMAC_PKEY_CTX *hctx = ctx->data;
+	HMAC_CTX_cleanup(&hctx->ctx);
+	if (hctx->ktmp.data)
+		{
+		if (hctx->ktmp.length)
+			OPENSSL_cleanse(hctx->ktmp.data, hctx->ktmp.length);
+		OPENSSL_free(hctx->ktmp.data);
+		hctx->ktmp.data = NULL;
+		}
+	OPENSSL_free(hctx);
+	}
+
+static int pkey_hmac_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
+	{
+	ASN1_OCTET_STRING *hkey = NULL;
+	HMAC_PKEY_CTX *hctx = ctx->data;
+	if (!hctx->ktmp.data)
+		return 0;
+	hkey = ASN1_OCTET_STRING_dup(&hctx->ktmp);
+	if (!hkey)
+		return 0;
+	EVP_PKEY_assign(pkey, EVP_PKEY_HMAC, hkey);
+	
+	return 1;
+	}
+
+static int int_update(EVP_MD_CTX *ctx,const void *data,size_t count)
+	{
+	HMAC_PKEY_CTX *hctx = ctx->pctx->data;
+	if (!HMAC_Update(&hctx->ctx, data, count))
+		return 0;
+	return 1;
+	}
+
+static int hmac_signctx_init(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx)
+	{
+	EVP_MD_CTX_set_flags(mctx, EVP_MD_CTX_FLAG_NO_INIT);
+	mctx->update = int_update;
+	return 1;
+	}
+
+static int hmac_signctx(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+					EVP_MD_CTX *mctx)
+	{
+	unsigned int hlen;
+	HMAC_PKEY_CTX *hctx = ctx->data;
+	int l = EVP_MD_CTX_size(mctx);
+
+	if (l < 0)
+		return 0;
+	*siglen = l;
+	if (!sig)
+		return 1;
+
+	if (!HMAC_Final(&hctx->ctx, sig, &hlen))
+		return 0;
+	*siglen = (size_t)hlen;
+	return 1;
+	}
+
+static int pkey_hmac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
+	{
+	HMAC_PKEY_CTX *hctx = ctx->data;
+	ASN1_OCTET_STRING *key;
+	switch (type)
+		{
+
+		case EVP_PKEY_CTRL_SET_MAC_KEY:
+		if ((!p2 && p1 > 0) || (p1 < -1))
+			return 0;
+		if (!ASN1_OCTET_STRING_set(&hctx->ktmp, p2, p1))
+			return 0;
+		break;
+
+		case EVP_PKEY_CTRL_MD:
+		hctx->md = p2;
+		break;
+
+		case EVP_PKEY_CTRL_DIGESTINIT:
+		key = (ASN1_OCTET_STRING *)ctx->pkey->pkey.ptr;
+		if (!HMAC_Init_ex(&hctx->ctx, key->data, key->length, hctx->md,
+				ctx->engine))
+			return 0;
+		break;
+
+		default:
+		return -2;
+
+		}
+	return 1;
+	}
+
+static int pkey_hmac_ctrl_str(EVP_PKEY_CTX *ctx,
+			const char *type, const char *value)
+	{
+	if (!value)
+		{
+		return 0;
+		}
+	if (!strcmp(type, "key"))
+		{
+		void *p = (void *)value;
+		return pkey_hmac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY,
+				-1, p);
+		}
+	if (!strcmp(type, "hexkey"))
+		{
+		unsigned char *key;
+		int r;
+		long keylen;
+		key = string_to_hex(value, &keylen);
+		if (!key)
+			return 0;
+		r = pkey_hmac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY, keylen, key);
+		OPENSSL_free(key);
+		return r;
+		}
+	return -2;
+	}
+
+const EVP_PKEY_METHOD hmac_pkey_meth = 
+	{
+	EVP_PKEY_HMAC,
+	0,
+	pkey_hmac_init,
+	pkey_hmac_copy,
+	pkey_hmac_cleanup,
+
+	0, 0,
+
+	0,
+	pkey_hmac_keygen,
+
+	0, 0,
+
+	0, 0,
+
+	0,0,
+
+	hmac_signctx_init,
+	hmac_signctx,
+
+	0,0,
+
+	0,0,
+
+	0,0,
+
+	0,0,
+
+	pkey_hmac_ctrl,
+	pkey_hmac_ctrl_str
+
+	};
diff --git a/crypto/hmac/hmac.c b/crypto/hmac/hmac.c
index 16d95e08d5..45015fe754 100644
--- a/crypto/hmac/hmac.c
+++ b/crypto/hmac/hmac.c
@@ -58,10 +58,10 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
-#include <openssl/hmac.h>
 #include "cryptlib.h"
+#include <openssl/hmac.h>
 
-void HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
+int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
 		  const EVP_MD *md, ENGINE *impl)
 	{
 	int i,j,reset=0;
@@ -82,10 +82,13 @@ void HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
 		OPENSSL_assert(j <= (int)sizeof(ctx->key));
 		if (j < len)
 			{
-			EVP_DigestInit_ex(&ctx->md_ctx,md, impl);
-			EVP_DigestUpdate(&ctx->md_ctx,key,len);
-			EVP_DigestFinal_ex(&(ctx->md_ctx),ctx->key,
-				&ctx->key_length);
+			if (!EVP_DigestInit_ex(&ctx->md_ctx,md, impl))
+				goto err;
+			if (!EVP_DigestUpdate(&ctx->md_ctx,key,len))
+				goto err;
+			if (!EVP_DigestFinal_ex(&(ctx->md_ctx),ctx->key,
+				&ctx->key_length))
+				goto err;
 			}
 		else
 			{
@@ -102,31 +105,38 @@ void HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
 		{
 		for (i=0; i<HMAC_MAX_MD_CBLOCK; i++)
 			pad[i]=0x36^ctx->key[i];
-		EVP_DigestInit_ex(&ctx->i_ctx,md, impl);
-		EVP_DigestUpdate(&ctx->i_ctx,pad,EVP_MD_block_size(md));
+		if (!EVP_DigestInit_ex(&ctx->i_ctx,md, impl))
+			goto err;
+		if (!EVP_DigestUpdate(&ctx->i_ctx,pad,EVP_MD_block_size(md)))
+			goto err;
 
 		for (i=0; i<HMAC_MAX_MD_CBLOCK; i++)
 			pad[i]=0x5c^ctx->key[i];
-		EVP_DigestInit_ex(&ctx->o_ctx,md, impl);
-		EVP_DigestUpdate(&ctx->o_ctx,pad,EVP_MD_block_size(md));
+		if (!EVP_DigestInit_ex(&ctx->o_ctx,md, impl))
+			goto err;
+		if (!EVP_DigestUpdate(&ctx->o_ctx,pad,EVP_MD_block_size(md)))
+			goto err;
 		}
-	EVP_MD_CTX_copy_ex(&ctx->md_ctx,&ctx->i_ctx);
+	if (!EVP_MD_CTX_copy_ex(&ctx->md_ctx,&ctx->i_ctx))
+			goto err;
+	return 1;
+	err:
+	return 0;
 	}
 
-void HMAC_Init(HMAC_CTX *ctx, const void *key, int len,
-	       const EVP_MD *md)
+int HMAC_Init(HMAC_CTX *ctx, const void *key, int len, const EVP_MD *md)
 	{
 	if(key && md)
 	    HMAC_CTX_init(ctx);
-	HMAC_Init_ex(ctx,key,len,md, NULL);
+	return HMAC_Init_ex(ctx,key,len,md, NULL);
 	}
 
-void HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, size_t len)
+int HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, size_t len)
 	{
-	EVP_DigestUpdate(&ctx->md_ctx,data,len);
+	return EVP_DigestUpdate(&ctx->md_ctx,data,len);
 	}
 
-void HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len)
+int HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len)
 	{
 	int j;
 	unsigned int i;
@@ -134,10 +144,17 @@ void HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len)
 
 	j=EVP_MD_block_size(ctx->md);
 
-	EVP_DigestFinal_ex(&ctx->md_ctx,buf,&i);
-	EVP_MD_CTX_copy_ex(&ctx->md_ctx,&ctx->o_ctx);
-	EVP_DigestUpdate(&ctx->md_ctx,buf,i);
-	EVP_DigestFinal_ex(&ctx->md_ctx,md,len);
+	if (!EVP_DigestFinal_ex(&ctx->md_ctx,buf,&i))
+		goto err;
+	if (!EVP_MD_CTX_copy_ex(&ctx->md_ctx,&ctx->o_ctx))
+		goto err;
+	if (!EVP_DigestUpdate(&ctx->md_ctx,buf,i))
+		goto err;
+	if (!EVP_DigestFinal_ex(&ctx->md_ctx,md,len))
+		goto err;
+	return 1;
+	err:
+	return 0;
 	}
 
 void HMAC_CTX_init(HMAC_CTX *ctx)
@@ -147,6 +164,22 @@ void HMAC_CTX_init(HMAC_CTX *ctx)
 	EVP_MD_CTX_init(&ctx->md_ctx);
 	}
 
+int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx)
+	{
+	if (!EVP_MD_CTX_copy(&dctx->i_ctx, &sctx->i_ctx))
+		goto err;
+	if (!EVP_MD_CTX_copy(&dctx->o_ctx, &sctx->o_ctx))
+		goto err;
+	if (!EVP_MD_CTX_copy(&dctx->md_ctx, &sctx->md_ctx))
+		goto err;
+	memcpy(dctx->key, sctx->key, HMAC_MAX_MD_CBLOCK);
+	dctx->key_length = sctx->key_length;
+	dctx->md = sctx->md;
+	return 1;
+	err:
+	return 0;
+	}
+
 void HMAC_CTX_cleanup(HMAC_CTX *ctx)
 	{
 	EVP_MD_CTX_cleanup(&ctx->i_ctx);
@@ -164,10 +197,21 @@ unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len,
 
 	if (md == NULL) md=m;
 	HMAC_CTX_init(&c);
-	HMAC_Init(&c,key,key_len,evp_md);
-	HMAC_Update(&c,d,n);
-	HMAC_Final(&c,md,md_len);
+	if (!HMAC_Init(&c,key,key_len,evp_md))
+		goto err;
+	if (!HMAC_Update(&c,d,n))
+		goto err;
+	if (!HMAC_Final(&c,md,md_len))
+		goto err;
 	HMAC_CTX_cleanup(&c);
-	return(md);
+	return md;
+	err:
+	return NULL;
 	}
 
+void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags)
+	{
+	EVP_MD_CTX_set_flags(&ctx->i_ctx, flags);
+	EVP_MD_CTX_set_flags(&ctx->o_ctx, flags);
+	EVP_MD_CTX_set_flags(&ctx->md_ctx, flags);
+	}
diff --git a/crypto/hmac/hmac.h b/crypto/hmac/hmac.h
index 719fc408ac..eedf0a574d 100644
--- a/crypto/hmac/hmac.h
+++ b/crypto/hmac/hmac.h
@@ -90,16 +90,18 @@ void HMAC_CTX_cleanup(HMAC_CTX *ctx);
 
 #define HMAC_cleanup(ctx) HMAC_CTX_cleanup(ctx) /* deprecated */
 
-void HMAC_Init(HMAC_CTX *ctx, const void *key, int len,
+__owur int HMAC_Init(HMAC_CTX *ctx, const void *key, int len,
 	       const EVP_MD *md); /* deprecated */
-void HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
+__owur int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
 		  const EVP_MD *md, ENGINE *impl);
-void HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, size_t len);
-void HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len);
+__owur int HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, size_t len);
+__owur int HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len);
 unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len,
 		    const unsigned char *d, size_t n, unsigned char *md,
 		    unsigned int *md_len);
+__owur int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx);
 
+void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags);
 
 #ifdef  __cplusplus
 }
diff --git a/crypto/ia64cpuid.S b/crypto/ia64cpuid.S
index a800527a58..d705fff7ee 100644
--- a/crypto/ia64cpuid.S
+++ b/crypto/ia64cpuid.S
@@ -1,9 +1,167 @@
 // Works on all IA-64 platforms: Linux, HP-UX, Win64i...
 // On Win64i compile with ias.exe.
 .text
+
+.global	OPENSSL_cpuid_setup#
+.proc	OPENSSL_cpuid_setup#
+OPENSSL_cpuid_setup:
+{ .mib;	br.ret.sptk.many	b0		};;
+.endp	OPENSSL_cpuid_setup#
+
 .global	OPENSSL_rdtsc#
 .proc	OPENSSL_rdtsc#
 OPENSSL_rdtsc:
-	mov	r8=ar.itc
-	br.ret	b0
+{ .mib;	mov			r8=ar.itc
+	br.ret.sptk.many	b0		};;
 .endp   OPENSSL_rdtsc#
+
+.global	OPENSSL_atomic_add#
+.proc	OPENSSL_atomic_add#
+.align	32
+OPENSSL_atomic_add:
+{ .mii;	ld4		r2=[r32]
+	nop.i		0
+	nop.i		0		};;
+.Lspin:
+{ .mii;	mov		ar.ccv=r2
+	add		r8=r2,r33
+	mov		r3=r2		};;
+{ .mmi;	mf
+	cmpxchg4.acq	r2=[r32],r8,ar.ccv
+	nop.i		0		};;
+{ .mib;	cmp.ne		p6,p0=r2,r3
+	nop.i		0
+(p6)	br.dpnt		.Lspin		};;
+{ .mib;	nop.m		0
+	sxt4		r8=r8
+	br.ret.sptk.many	b0	};;
+.endp	OPENSSL_atomic_add#
+
+// Returns a structure comprising pointer to the top of stack of
+// the caller and pointer beyond backing storage for the current
+// register frame. The latter is required, because it might be
+// insufficient to wipe backing storage for the current frame
+// (as this procedure does), one might have to go further, toward
+// higher addresses to reach for whole "retroactively" saved
+// context...
+.global	OPENSSL_wipe_cpu#
+.proc	OPENSSL_wipe_cpu#
+.align	32
+OPENSSL_wipe_cpu:
+	.prologue
+	.fframe	0
+	.save	ar.pfs,r2
+	.save	ar.lc,r3
+{ .mib;	alloc		r2=ar.pfs,0,96,0,96
+	mov		r3=ar.lc
+	brp.loop.imp	.L_wipe_top,.L_wipe_end-16
+					};;
+{ .mii;	mov		r9=ar.bsp
+	mov		r8=pr
+	mov		ar.lc=96	};;
+	.body
+{ .mii;	add		r9=96*8-8,r9
+	mov		ar.ec=1		};;
+
+// One can sweep double as fast, but then we can't quarantee
+// that backing storage is wiped...
+.L_wipe_top:
+{ .mfi;	st8		[r9]=r0,-8
+	mov		f127=f0
+	mov		r127=r0		}
+{ .mfb;	nop.m		0
+	nop.f		0
+	br.ctop.sptk	.L_wipe_top	};;
+.L_wipe_end:
+
+{ .mfi;	mov		r11=r0
+	mov		f6=f0
+	mov		r14=r0		}
+{ .mfi;	mov		r15=r0
+	mov		f7=f0
+	mov		r16=r0		}
+{ .mfi;	mov		r17=r0
+	mov		f8=f0
+	mov		r18=r0		}
+{ .mfi;	mov		r19=r0
+	mov		f9=f0
+	mov		r20=r0		}
+{ .mfi;	mov		r21=r0
+	mov		f10=f0
+	mov		r22=r0		}
+{ .mfi;	mov		r23=r0
+	mov		f11=f0
+	mov		r24=r0		}
+{ .mfi;	mov		r25=r0
+	mov		f12=f0
+	mov		r26=r0		}
+{ .mfi;	mov		r27=r0
+	mov		f13=f0
+	mov		r28=r0		}
+{ .mfi;	mov		r29=r0
+	mov		f14=f0
+	mov		r30=r0		}
+{ .mfi;	mov		r31=r0
+	mov		f15=f0
+	nop.i		0		}
+{ .mfi;	mov		f16=f0		}
+{ .mfi;	mov		f17=f0		}
+{ .mfi;	mov		f18=f0		}
+{ .mfi;	mov		f19=f0		}
+{ .mfi;	mov		f20=f0		}
+{ .mfi;	mov		f21=f0		}
+{ .mfi;	mov		f22=f0		}
+{ .mfi;	mov		f23=f0		}
+{ .mfi;	mov		f24=f0		}
+{ .mfi;	mov		f25=f0		}
+{ .mfi;	mov		f26=f0		}
+{ .mfi;	mov		f27=f0		}
+{ .mfi;	mov		f28=f0		}
+{ .mfi;	mov		f29=f0		}
+{ .mfi;	mov		f30=f0		}
+{ .mfi;	add		r9=96*8+8,r9
+	mov		f31=f0
+	mov		pr=r8,0x1ffff	}
+{ .mib;	mov		r8=sp
+	mov		ar.lc=r3
+	br.ret.sptk	b0		};;
+.endp	OPENSSL_wipe_cpu#
+
+.global	OPENSSL_cleanse#
+.proc	OPENSSL_cleanse#
+OPENSSL_cleanse:
+{ .mib;	cmp.eq		p6,p0=0,r33	    // len==0
+#if defined(_HPUX_SOURCE) && !defined(_LP64)
+	addp4		r32=0,r32
+#endif
+(p6)	br.ret.spnt	b0		};;
+{ .mib;	and		r2=7,r32
+	cmp.leu		p6,p0=15,r33	    // len>=15
+(p6)	br.cond.dptk	.Lot		};;
+
+.Little:
+{ .mib;	st1		[r32]=r0,1
+	cmp.ltu		p6,p7=1,r33	}  // len>1
+{ .mbb;	add		r33=-1,r33	   // len--
+(p6)	br.cond.dptk	.Little
+(p7)	br.ret.sptk.many	b0	};;
+
+.Lot:
+{ .mib;	cmp.eq		p6,p0=0,r2
+(p6)	br.cond.dptk	.Laligned	};;
+{ .mmi;	st1		[r32]=r0,1;;
+	and		r2=7,r32	}
+{ .mib;	add		r33=-1,r33
+	br		.Lot		};;
+
+.Laligned:
+{ .mmi;	st8		[r32]=r0,8
+	and		r2=-8,r33	    // len&~7
+	add		r33=-8,r33	};; // len-=8
+{ .mib;	cmp.ltu		p6,p0=8,r2	    // ((len+8)&~7)>8
+(p6)	br.cond.dptk	.Laligned	};;
+
+{ .mbb;	cmp.eq		p6,p7=r0,r33
+(p7)	br.cond.dpnt	.Little
+(p6)	br.ret.sptk.many	b0	};;
+.endp	OPENSSL_cleanse#
diff --git a/crypto/idea/.cvsignore b/crypto/idea/.cvsignore
index c6d03a9dbc..439e6d3eb6 100644
--- a/crypto/idea/.cvsignore
+++ b/crypto/idea/.cvsignore
@@ -1,2 +1,4 @@
 lib
 Makefile.save
+*.flc
+semantic.cache
diff --git a/crypto/idea/Makefile.ssl b/crypto/idea/Makefile.ssl
deleted file mode 100644
index 4ceb095151..0000000000
--- a/crypto/idea/Makefile.ssl
+++ /dev/null
@@ -1,91 +0,0 @@
-#
-# SSLeay/crypto/idea/Makefile
-#
-
-DIR=	idea
-TOP=	../..
-CC=	cc
-INCLUDES=
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=ideatest.c
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=i_cbc.c i_cfb64.c i_ofb64.c i_ecb.c i_skey.c
-LIBOBJ=i_cbc.o i_cfb64.o i_ofb64.o i_ecb.o i_skey.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= idea.h
-HEADER=	idea_lcl.h $(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@sh $(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-i_cbc.o: ../../include/openssl/idea.h ../../include/openssl/opensslconf.h
-i_cbc.o: i_cbc.c idea_lcl.h
-i_cfb64.o: ../../include/openssl/idea.h ../../include/openssl/opensslconf.h
-i_cfb64.o: i_cfb64.c idea_lcl.h
-i_ecb.o: ../../include/openssl/idea.h ../../include/openssl/opensslconf.h
-i_ecb.o: ../../include/openssl/opensslv.h i_ecb.c idea_lcl.h
-i_ofb64.o: ../../include/openssl/idea.h ../../include/openssl/opensslconf.h
-i_ofb64.o: i_ofb64.c idea_lcl.h
-i_skey.o: ../../include/openssl/idea.h ../../include/openssl/opensslconf.h
-i_skey.o: i_skey.c idea_lcl.h
diff --git a/crypto/idea/i_ecb.c b/crypto/idea/i_ecb.c
index fb613db595..fef38230a7 100644
--- a/crypto/idea/i_ecb.c
+++ b/crypto/idea/i_ecb.c
@@ -60,7 +60,7 @@
 #include "idea_lcl.h"
 #include <openssl/opensslv.h>
 
-const char *IDEA_version="IDEA" OPENSSL_VERSION_PTEXT;
+const char IDEA_version[]="IDEA" OPENSSL_VERSION_PTEXT;
 
 const char *idea_options(void)
 	{
diff --git a/crypto/idea/idea_lcl.h b/crypto/idea/idea_lcl.h
index 463aa36ce9..f3dbfa67e9 100644
--- a/crypto/idea/idea_lcl.h
+++ b/crypto/idea/idea_lcl.h
@@ -67,7 +67,7 @@ if (ul != 0) \
 	r-=((r)>>16); \
 	} \
 else \
-	r=(-(int)a-b+1); /* assuming a or b is 0 and in range */ \
+	r=(-(int)a-b+1); /* assuming a or b is 0 and in range */ 
 
 #ifdef undef
 #define idea_mul(r,a,b,ul,sl) \
diff --git a/crypto/install.com b/crypto/install.com
index 0ca4f845f7..9aa1783233 100644
--- a/crypto/install.com
+++ b/crypto/install.com
@@ -3,6 +3,8 @@ $!
 $! Author: Richard Levitte <richard@levitte.org>
 $! Time of creation: 22-MAY-1998 10:13
 $!
+$! Changes by Zoltan Arpadffy <zoli@polarhome.com>
+$!
 $! P1	root of the directory tree
 $! P2	prefix for certain file (this is really for Compaq, who need to
 $!	use the SSL$ prefix)
@@ -10,7 +12,8 @@ $!
 $	IF P1 .EQS. ""
 $	THEN
 $	    WRITE SYS$OUTPUT "First argument missing."
-$	    WRITE SYS$OUTPUT "Should be the directory where you want things installed."
+$	    WRITE SYS$OUTPUT -
+		  "It should be the directory where you want things installed."
 $	    EXIT
 $	ENDIF
 $
@@ -21,6 +24,14 @@ $	ELSE
 $	    FILE_PREFIX = ""
 $	ENDIF
 $
+$	IF (F$GETSYI("CPU").LT.128)
+$	THEN
+$	    ARCH := VAX
+$	ELSE
+$	    ARCH = F$EDIT( F$GETSYI( "ARCH_NAME"), "UPCASE")
+$	    IF (ARCH .EQS. "") THEN ARCH = "UNK"
+$	ENDIF
+$
 $	ROOT = F$PARSE(P1,"[]A.;0",,,"SYNTAX_ONLY,NO_CONCEAL") - "A.;0"
 $	ROOT_DEV = F$PARSE(ROOT,,,"DEVICE","SYNTAX_ONLY")
 $	ROOT_DIR = F$PARSE(ROOT,,,"DIRECTORY","SYNTAX_ONLY") -
@@ -28,30 +39,27 @@ $	ROOT_DIR = F$PARSE(ROOT,,,"DIRECTORY","SYNTAX_ONLY") -
 $	ROOT = ROOT_DEV + "[" + ROOT_DIR
 $
 $	DEFINE/NOLOG WRK_SSLROOT 'ROOT'.] /TRANS=CONC
-$	DEFINE/NOLOG WRK_SSLVLIB WRK_SSLROOT:[VAX_LIB]
-$	DEFINE/NOLOG WRK_SSLALIB WRK_SSLROOT:[ALPHA_LIB]
+$	DEFINE/NOLOG WRK_SSLLIB WRK_SSLROOT:['ARCH'_LIB]
 $	DEFINE/NOLOG WRK_SSLINCLUDE WRK_SSLROOT:[INCLUDE]
 $
 $	IF F$PARSE("WRK_SSLROOT:[000000]") .EQS. "" THEN -
 	   CREATE/DIR/LOG WRK_SSLROOT:[000000]
-$	IF F$PARSE("WRK_SSLVLIB:") .EQS. "" THEN -
-	   CREATE/DIR/LOG WRK_SSLVLIB:
-$	IF F$PARSE("WRK_SSLALIB:") .EQS. "" THEN -
-	   CREATE/DIR/LOG WRK_SSLALIB:
+$	IF F$PARSE("WRK_SSLLIB:") .EQS. "" THEN -
+	   CREATE/DIR/LOG WRK_SSLLIB:
 $	IF F$PARSE("WRK_SSLINCLUDE:") .EQS. "" THEN -
 	   CREATE/DIR/LOG WRK_SSLINCLUDE:
 $
 $	SDIRS := ,-
 		 OBJECTS,-
-		 MD2,MD4,MD5,SHA,MDC2,HMAC,RIPEMD,-
-		 DES,RC2,RC4,RC5,IDEA,BF,CAST,-
-		 BN,EC,RSA,DSA,ECDSA,DH,ECDH,DSO,ENGINE,AES,-
+		 MD2,MD4,MD5,SHA,MDC2,HMAC,RIPEMD,WHRLPOOL,-
+		 DES,AES,RC2,RC4,RC5,IDEA,BF,CAST,CAMELLIA,SEED,-
+		 BN,EC,RSA,DSA,ECDSA,DH,ECDH,DSO,ENGINE,-
 		 BUFFER,BIO,STACK,LHASH,RAND,ERR,-
 		 EVP,ASN1,PEM,X509,X509V3,CONF,TXT_DB,PKCS7,PKCS12,COMP,OCSP,-
 		 UI,KRB5,-
-		 STORE
-$	EXHEADER_ := crypto.h,tmdiff.h,opensslv.h,opensslconf.h,ebcdic.h,-
-		symhacks.h,ossl_typ.h
+		 STORE,CMS,PQUEUE,TS,JPAKE
+$	EXHEADER_ := crypto.h,opensslv.h,opensslconf.h,ebcdic.h,symhacks.h,-
+		ossl_typ.h
 $	EXHEADER_OBJECTS := objects.h,obj_mac.h
 $	EXHEADER_MD2 := md2.h
 $	EXHEADER_MD4 := md4.h
@@ -60,13 +68,18 @@ $	EXHEADER_SHA := sha.h
 $	EXHEADER_MDC2 := mdc2.h
 $	EXHEADER_HMAC := hmac.h
 $	EXHEADER_RIPEMD := ripemd.h
+$	EXHEADER_WHRLPOOL := whrlpool.h
 $	EXHEADER_DES := des.h,des_old.h
+$	EXHEADER_AES := aes.h
 $	EXHEADER_RC2 := rc2.h
 $	EXHEADER_RC4 := rc4.h
 $	EXHEADER_RC5 := rc5.h
 $	EXHEADER_IDEA := idea.h
 $	EXHEADER_BF := blowfish.h
 $	EXHEADER_CAST := cast.h
+$	EXHEADER_CAMELLIA := camellia.h
+$	EXHEADER_SEED := seed.h
+$	EXHEADER_MODES := modes.h
 $	EXHEADER_BN := bn.h
 $	EXHEADER_EC := ec.h
 $	EXHEADER_RSA := rsa.h
@@ -76,7 +89,6 @@ $	EXHEADER_DH := dh.h
 $	EXHEADER_ECDH := ecdh.h
 $	EXHEADER_DSO := dso.h
 $	EXHEADER_ENGINE := engine.h
-$	EXHEADER_AES := aes.h
 $	EXHEADER_BUFFER := buffer.h
 $	EXHEADER_BIO := bio.h
 $	EXHEADER_STACK := stack.h,safestack.h
@@ -98,6 +110,10 @@ $	EXHEADER_UI := ui.h,ui_compat.h
 $	EXHEADER_KRB5 := krb5_asn.h
 $!	EXHEADER_STORE := store.h,str_compat.h
 $	EXHEADER_STORE := store.h
+$	EXHEADER_CMS := cms.h
+$	EXHEADER_PQUEUE := pqueue.h
+$	EXHEADER_TS := ts.h
+$	EXHEADER_JPAKE := jpake.h
 $!
 $! We can combine the .OLBs and .EXEs under LIBS
 $! since the two pieces of LOOP_* code are smart
@@ -107,8 +123,7 @@ $!
 $	LIBS := LIBCRYPTO32,LIBCRYPTO64,LIBCRYPTO,-
 		LIBCRYPTO_SHR32,LIBCRYPTO_SHR64,LIBCRYPTO_SHR
 $
-$	VEXE_DIR := [-.VAX.EXE.CRYPTO]
-$	AEXE_DIR := [-.AXP.EXE.CRYPTO]
+$	EXE_DIR := [-.'ARCH'.EXE.CRYPTO]
 $
 $	I = 0
 $ LOOP_SDIRS: 
@@ -132,27 +147,16 @@ $	E = F$EDIT(F$ELEMENT(I, ",", LIBS),"TRIM")
 $	I = I + 1
 $	IF E .EQS. "," THEN GOTO LOOP_LIB_END
 $	SET NOON
-$	IF F$SEARCH(VEXE_DIR+E+".OLB") .NES. ""
-$	THEN
-$	  COPY 'VEXE_DIR''E'.OLB WRK_SSLVLIB:'E'.OLB/log
-$	  SET FILE/PROT=W:RE WRK_SSLVLIB:'E'.OLB
-$	ENDIF
-$	! Preparing for the time when we have shareable images
-$	IF F$SEARCH(VEXE_DIR+E+".EXE") .NES. ""
-$	THEN
-$	  COPY 'VEXE_DIR''E'.EXE WRK_SSLVLIB:'FILE_PREFIX''E'.EXE/log
-$	  SET FILE/PROT=W:RE WRK_SSLVLIB:'FILE_PREFIX''E'.EXE
-$	ENDIF
-$	IF F$SEARCH(AEXE_DIR+E+".OLB") .NES. ""
+$	IF F$SEARCH(EXE_DIR+E+".OLB") .NES. ""
 $	THEN
-$	  COPY 'AEXE_DIR''E'.OLB WRK_SSLALIB:'E'.OLB/log
-$	  SET FILE/PROT=W:RE WRK_SSLALIB:'E'.OLB
+$	  COPY 'EXE_DIR''E'.OLB WRK_SSLLIB:'E'.OLB/log
+$	  SET FILE/PROT=W:RE WRK_SSLLIB:'E'.OLB
 $	ENDIF
 $	! Preparing for the time when we have shareable images
-$	IF F$SEARCH(AEXE_DIR+E+".EXE") .NES. ""
+$	IF F$SEARCH(EXE_DIR+E+".EXE") .NES. ""
 $	THEN
-$	  COPY 'AEXE_DIR''E'.EXE WRK_SSLALIB:'FILE_PREFIX''E'.EXE/log
-$	  SET FILE/PROT=W:RE WRK_SSLALIB:'FILE_PREFIX''E'.EXE
+$	  COPY 'EXE_DIR''E'.EXE WRK_SSLLIB:'FILE_PREFIX''E'.EXE/log
+$	  SET FILE/PROT=W:RE WRK_SSLLIB:'FILE_PREFIX''E'.EXE
 $	ENDIF
 $	SET ON
 $	GOTO LOOP_LIB
diff --git a/crypto/jpake/.cvsignore b/crypto/jpake/.cvsignore
new file mode 100644
index 0000000000..33ac838236
--- /dev/null
+++ b/crypto/jpake/.cvsignore
@@ -0,0 +1,3 @@
+lib
+Makefile.save
+
diff --git a/crypto/jpake/Makefile b/crypto/jpake/Makefile
new file mode 100644
index 0000000000..110c49ce0b
--- /dev/null
+++ b/crypto/jpake/Makefile
@@ -0,0 +1,64 @@
+DIR=jpake
+TOP=../..
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+LIB=$(TOP)/libcrypto.a
+LIBOBJ=jpake.o jpake_err.o
+LIBSRC=jpake.c jpake_err.c
+
+EXHEADER=jpake.h
+TEST=jpaketest.c
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.s *.o *.obj des lib tags core .pure .nfs* *.old *.bak fluff
+
+jpaketest: top jpaketest.c $(LIB)
+	$(CC) $(CFLAGS) -Wall -Werror -g -o jpaketest jpaketest.c $(LIB)
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+jpake.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+jpake.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+jpake.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+jpake.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+jpake.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+jpake.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+jpake.o: ../../include/openssl/symhacks.h jpake.c jpake.h
+jpake_err.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+jpake_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+jpake_err.o: ../../include/openssl/err.h ../../include/openssl/jpake.h
+jpake_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+jpake_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+jpake_err.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+jpake_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+jpake_err.o: jpake_err.c
diff --git a/crypto/jpake/jpake.c b/crypto/jpake/jpake.c
new file mode 100644
index 0000000000..086d9f47e0
--- /dev/null
+++ b/crypto/jpake/jpake.c
@@ -0,0 +1,482 @@
+#include "jpake.h"
+
+#include <openssl/crypto.h>
+#include <openssl/sha.h>
+#include <openssl/err.h>
+#include <memory.h>
+
+/*
+ * In the definition, (xa, xb, xc, xd) are Alice's (x1, x2, x3, x4) or
+ * Bob's (x3, x4, x1, x2). If you see what I mean.
+ */
+
+typedef struct
+    {
+    char *name;  /* Must be unique */
+    char *peer_name;
+    BIGNUM *p;
+    BIGNUM *g;
+    BIGNUM *q;
+    BIGNUM *gxc; /* Alice's g^{x3} or Bob's g^{x1} */
+    BIGNUM *gxd; /* Alice's g^{x4} or Bob's g^{x2} */
+    } JPAKE_CTX_PUBLIC;
+
+struct JPAKE_CTX
+    {
+    JPAKE_CTX_PUBLIC p;
+    BIGNUM *secret;   /* The shared secret */
+    BN_CTX *ctx;
+    BIGNUM *xa;       /* Alice's x1 or Bob's x3 */
+    BIGNUM *xb;       /* Alice's x2 or Bob's x4 */
+    BIGNUM *key;      /* The calculated (shared) key */
+    };
+
+static void JPAKE_ZKP_init(JPAKE_ZKP *zkp)
+    {
+    zkp->gr = BN_new();
+    zkp->b = BN_new();
+    }
+
+static void JPAKE_ZKP_release(JPAKE_ZKP *zkp)
+    {
+    BN_free(zkp->b);
+    BN_free(zkp->gr);
+    }
+
+/* Two birds with one stone - make the global name as expected */
+#define JPAKE_STEP_PART_init	JPAKE_STEP2_init
+#define JPAKE_STEP_PART_release	JPAKE_STEP2_release
+
+void JPAKE_STEP_PART_init(JPAKE_STEP_PART *p)
+    {
+    p->gx = BN_new();
+    JPAKE_ZKP_init(&p->zkpx);
+    }
+
+void JPAKE_STEP_PART_release(JPAKE_STEP_PART *p)
+    {
+    JPAKE_ZKP_release(&p->zkpx);
+    BN_free(p->gx);
+    }
+
+void JPAKE_STEP1_init(JPAKE_STEP1 *s1)
+    {
+    JPAKE_STEP_PART_init(&s1->p1);
+    JPAKE_STEP_PART_init(&s1->p2);
+    }
+
+void JPAKE_STEP1_release(JPAKE_STEP1 *s1)
+    {
+    JPAKE_STEP_PART_release(&s1->p2);
+    JPAKE_STEP_PART_release(&s1->p1);
+    }
+
+static void JPAKE_CTX_init(JPAKE_CTX *ctx, const char *name,
+			   const char *peer_name, const BIGNUM *p,
+			   const BIGNUM *g, const BIGNUM *q,
+			   const BIGNUM *secret)
+    {
+    ctx->p.name = OPENSSL_strdup(name);
+    ctx->p.peer_name = OPENSSL_strdup(peer_name);
+    ctx->p.p = BN_dup(p);
+    ctx->p.g = BN_dup(g);
+    ctx->p.q = BN_dup(q);
+    ctx->secret = BN_dup(secret);
+
+    ctx->p.gxc = BN_new();
+    ctx->p.gxd = BN_new();
+
+    ctx->xa = BN_new();
+    ctx->xb = BN_new();
+    ctx->key = BN_new();
+    ctx->ctx = BN_CTX_new();
+    }
+    
+static void JPAKE_CTX_release(JPAKE_CTX *ctx)
+    {
+    BN_CTX_free(ctx->ctx);
+    BN_clear_free(ctx->key);
+    BN_clear_free(ctx->xb);
+    BN_clear_free(ctx->xa);
+
+    BN_free(ctx->p.gxd);
+    BN_free(ctx->p.gxc);
+
+    BN_clear_free(ctx->secret);
+    BN_free(ctx->p.q);
+    BN_free(ctx->p.g);
+    BN_free(ctx->p.p);
+    OPENSSL_free(ctx->p.peer_name);
+    OPENSSL_free(ctx->p.name);
+
+    memset(ctx, '\0', sizeof *ctx);
+    }
+    
+JPAKE_CTX *JPAKE_CTX_new(const char *name, const char *peer_name,
+			 const BIGNUM *p, const BIGNUM *g, const BIGNUM *q,
+			 const BIGNUM *secret)
+    {
+    JPAKE_CTX *ctx = OPENSSL_malloc(sizeof *ctx);
+
+    JPAKE_CTX_init(ctx, name, peer_name, p, g, q, secret);
+
+    return ctx;
+    }
+
+void JPAKE_CTX_free(JPAKE_CTX *ctx)
+    {
+    JPAKE_CTX_release(ctx);
+    OPENSSL_free(ctx);
+    }
+
+static void hashlength(SHA_CTX *sha, size_t l)
+    {
+    unsigned char b[2];
+
+    OPENSSL_assert(l <= 0xffff);
+    b[0] = l >> 8;
+    b[1] = l&0xff;
+    SHA1_Update(sha, b, 2);
+    }
+
+static void hashstring(SHA_CTX *sha, const char *string)
+    {
+    size_t l = strlen(string);
+
+    hashlength(sha, l);
+    SHA1_Update(sha, string, l);
+    }
+
+static void hashbn(SHA_CTX *sha, const BIGNUM *bn)
+    {
+    size_t l = BN_num_bytes(bn);
+    unsigned char *bin = OPENSSL_malloc(l);
+
+    hashlength(sha, l);
+    BN_bn2bin(bn, bin);
+    SHA1_Update(sha, bin, l);
+    OPENSSL_free(bin);
+    }
+
+/* h=hash(g, g^r, g^x, name) */
+static void zkp_hash(BIGNUM *h, const BIGNUM *zkpg, const JPAKE_STEP_PART *p,
+		     const char *proof_name)
+    {
+    unsigned char md[SHA_DIGEST_LENGTH];
+    SHA_CTX sha;
+
+   /*
+    * XXX: hash should not allow moving of the boundaries - Java code
+    * is flawed in this respect. Length encoding seems simplest.
+    */
+    SHA1_Init(&sha);
+    hashbn(&sha, zkpg);
+    OPENSSL_assert(!BN_is_zero(p->zkpx.gr));
+    hashbn(&sha, p->zkpx.gr);
+    hashbn(&sha, p->gx);
+    hashstring(&sha, proof_name);
+    SHA1_Final(md, &sha);
+    BN_bin2bn(md, SHA_DIGEST_LENGTH, h);
+    }
+
+/*
+ * Prove knowledge of x
+ * Note that p->gx has already been calculated
+ */
+static void generate_zkp(JPAKE_STEP_PART *p, const BIGNUM *x,
+			 const BIGNUM *zkpg, JPAKE_CTX *ctx)
+    {
+    BIGNUM *r = BN_new();
+    BIGNUM *h = BN_new();
+    BIGNUM *t = BN_new();
+
+   /*
+    * r in [0,q)
+    * XXX: Java chooses r in [0, 2^160) - i.e. distribution not uniform
+    */
+    BN_rand_range(r, ctx->p.q);
+   /* g^r */
+    BN_mod_exp(p->zkpx.gr, zkpg, r, ctx->p.p, ctx->ctx);
+
+   /* h=hash... */
+    zkp_hash(h, zkpg, p, ctx->p.name);
+
+   /* b = r - x*h */
+    BN_mod_mul(t, x, h, ctx->p.q, ctx->ctx);
+    BN_mod_sub(p->zkpx.b, r, t, ctx->p.q, ctx->ctx);
+
+   /* cleanup */
+    BN_free(t);
+    BN_free(h);
+    BN_free(r);
+    }
+
+static int verify_zkp(const JPAKE_STEP_PART *p, const BIGNUM *zkpg,
+		      JPAKE_CTX *ctx)
+    {
+    BIGNUM *h = BN_new();
+    BIGNUM *t1 = BN_new();
+    BIGNUM *t2 = BN_new();
+    BIGNUM *t3 = BN_new();
+    int ret = 0;
+
+    zkp_hash(h, zkpg, p, ctx->p.peer_name);
+
+   /* t1 = g^b */
+    BN_mod_exp(t1, zkpg, p->zkpx.b, ctx->p.p, ctx->ctx);
+   /* t2 = (g^x)^h = g^{hx} */
+    BN_mod_exp(t2, p->gx, h, ctx->p.p, ctx->ctx);
+   /* t3 = t1 * t2 = g^{hx} * g^b = g^{hx+b} = g^r (allegedly) */
+    BN_mod_mul(t3, t1, t2, ctx->p.p, ctx->ctx);
+
+   /* verify t3 == g^r */
+    if(BN_cmp(t3, p->zkpx.gr) == 0)
+	ret = 1;
+    else
+	JPAKEerr(JPAKE_F_VERIFY_ZKP, JPAKE_R_ZKP_VERIFY_FAILED);
+
+   /* cleanup */
+    BN_free(t3);
+    BN_free(t2);
+    BN_free(t1);
+    BN_free(h);
+
+    return ret;
+    }    
+
+static void generate_step_part(JPAKE_STEP_PART *p, const BIGNUM *x,
+			       const BIGNUM *g, JPAKE_CTX *ctx)
+    {
+    BN_mod_exp(p->gx, g, x, ctx->p.p, ctx->ctx);
+    generate_zkp(p, x, g, ctx);
+    }
+
+/* Generate each party's random numbers. xa is in [0, q), xb is in [1, q). */
+static void genrand(JPAKE_CTX *ctx)
+    {
+    BIGNUM *qm1;
+
+   /* xa in [0, q) */
+    BN_rand_range(ctx->xa, ctx->p.q);
+
+   /* q-1 */
+    qm1 = BN_new();
+    BN_copy(qm1, ctx->p.q);
+    BN_sub_word(qm1, 1);
+
+   /* ... and xb in [0, q-1) */
+    BN_rand_range(ctx->xb, qm1);
+   /* [1, q) */
+    BN_add_word(ctx->xb, 1);
+
+   /* cleanup */
+    BN_free(qm1);
+    }
+
+int JPAKE_STEP1_generate(JPAKE_STEP1 *send, JPAKE_CTX *ctx)
+    {
+    genrand(ctx);
+    generate_step_part(&send->p1, ctx->xa, ctx->p.g, ctx);
+    generate_step_part(&send->p2, ctx->xb, ctx->p.g, ctx);
+
+    return 1;
+    }
+
+int JPAKE_STEP1_process(JPAKE_CTX *ctx, const JPAKE_STEP1 *received)
+    {
+   /* verify their ZKP(xc) */
+    if(!verify_zkp(&received->p1, ctx->p.g, ctx))
+	{
+	JPAKEerr(JPAKE_F_JPAKE_STEP1_PROCESS, JPAKE_R_VERIFY_X3_FAILED);
+	return 0;
+	}
+
+   /* verify their ZKP(xd) */
+    if(!verify_zkp(&received->p2, ctx->p.g, ctx))
+	{
+	JPAKEerr(JPAKE_F_JPAKE_STEP1_PROCESS, JPAKE_R_VERIFY_X4_FAILED);
+	return 0;
+	}
+
+   /* g^xd != 1 */
+    if(BN_is_one(received->p2.gx))
+	{
+	JPAKEerr(JPAKE_F_JPAKE_STEP1_PROCESS, JPAKE_R_G_TO_THE_X4_IS_ONE);
+	return 0;
+	}
+
+   /* Save the bits we need for later */
+    BN_copy(ctx->p.gxc, received->p1.gx);
+    BN_copy(ctx->p.gxd, received->p2.gx);
+
+    return 1;
+    }
+
+
+int JPAKE_STEP2_generate(JPAKE_STEP2 *send, JPAKE_CTX *ctx)
+    {
+    BIGNUM *t1 = BN_new();
+    BIGNUM *t2 = BN_new();
+
+   /*
+    * X = g^{(xa + xc + xd) * xb * s}
+    * t1 = g^xa
+    */
+    BN_mod_exp(t1, ctx->p.g, ctx->xa, ctx->p.p, ctx->ctx);
+   /* t2 = t1 * g^{xc} = g^{xa} * g^{xc} = g^{xa + xc} */
+    BN_mod_mul(t2, t1, ctx->p.gxc, ctx->p.p, ctx->ctx);
+   /* t1 = t2 * g^{xd} = g^{xa + xc + xd} */
+    BN_mod_mul(t1, t2, ctx->p.gxd, ctx->p.p, ctx->ctx);
+   /* t2 = xb * s */
+    BN_mod_mul(t2, ctx->xb, ctx->secret, ctx->p.q, ctx->ctx);
+
+   /*
+    * ZKP(xb * s)
+    * XXX: this is kinda funky, because we're using
+    *
+    * g' = g^{xa + xc + xd}
+    *
+    * as the generator, which means X is g'^{xb * s}
+    * X = t1^{t2} = t1^{xb * s} = g^{(xa + xc + xd) * xb * s}
+    */
+    generate_step_part(send, t2, t1, ctx);
+
+   /* cleanup */
+    BN_free(t1);
+    BN_free(t2);
+
+    return 1;
+    }
+
+/* gx = g^{xc + xa + xb} * xd * s */
+static int compute_key(JPAKE_CTX *ctx, const BIGNUM *gx)
+    {
+    BIGNUM *t1 = BN_new();
+    BIGNUM *t2 = BN_new();
+    BIGNUM *t3 = BN_new();
+
+   /*
+    * K = (gx/g^{xb * xd * s})^{xb}
+    *   = (g^{(xc + xa + xb) * xd * s - xb * xd *s})^{xb}
+    *   = (g^{(xa + xc) * xd * s})^{xb}
+    *   = g^{(xa + xc) * xb * xd * s}
+    * [which is the same regardless of who calculates it]
+    */
+
+   /* t1 = (g^{xd})^{xb} = g^{xb * xd} */
+    BN_mod_exp(t1, ctx->p.gxd, ctx->xb, ctx->p.p, ctx->ctx);
+   /* t2 = -s = q-s */
+    BN_sub(t2, ctx->p.q, ctx->secret);
+   /* t3 = t1^t2 = g^{-xb * xd * s} */
+    BN_mod_exp(t3, t1, t2, ctx->p.p, ctx->ctx);
+   /* t1 = gx * t3 = X/g^{xb * xd * s} */
+    BN_mod_mul(t1, gx, t3, ctx->p.p, ctx->ctx);
+   /* K = t1^{xb} */
+    BN_mod_exp(ctx->key, t1, ctx->xb, ctx->p.p, ctx->ctx);
+
+   /* cleanup */
+    BN_free(t3);
+    BN_free(t2);
+    BN_free(t1);
+
+    return 1;
+    }
+
+int JPAKE_STEP2_process(JPAKE_CTX *ctx, const JPAKE_STEP2 *received)
+    {
+    BIGNUM *t1 = BN_new();
+    BIGNUM *t2 = BN_new();
+    int ret = 0;
+
+   /*
+    * g' = g^{xc + xa + xb} [from our POV]
+    * t1 = xa + xb
+    */
+    BN_mod_add(t1, ctx->xa, ctx->xb, ctx->p.q, ctx->ctx);
+   /* t2 = g^{t1} = g^{xa+xb} */
+    BN_mod_exp(t2, ctx->p.g, t1, ctx->p.p, ctx->ctx);
+   /* t1 = g^{xc} * t2 = g^{xc + xa + xb} */
+    BN_mod_mul(t1, ctx->p.gxc, t2, ctx->p.p, ctx->ctx);
+
+    if(verify_zkp(received, t1, ctx))
+	ret = 1;
+    else
+	JPAKEerr(JPAKE_F_JPAKE_STEP2_PROCESS, JPAKE_R_VERIFY_B_FAILED);
+
+    compute_key(ctx, received->gx);
+
+   /* cleanup */
+    BN_free(t2);
+    BN_free(t1);
+
+    return ret;
+    }
+
+static void quickhashbn(unsigned char *md, const BIGNUM *bn)
+    {
+    SHA_CTX sha;
+
+    SHA1_Init(&sha);
+    hashbn(&sha, bn);
+    SHA1_Final(md, &sha);
+    }
+
+void JPAKE_STEP3A_init(JPAKE_STEP3A *s3a)
+    {}
+
+int JPAKE_STEP3A_generate(JPAKE_STEP3A *send, JPAKE_CTX *ctx)
+    {
+    quickhashbn(send->hhk, ctx->key);
+    SHA1(send->hhk, sizeof send->hhk, send->hhk);
+
+    return 1;
+    }
+
+int JPAKE_STEP3A_process(JPAKE_CTX *ctx, const JPAKE_STEP3A *received)
+    {
+    unsigned char hhk[SHA_DIGEST_LENGTH];
+
+    quickhashbn(hhk, ctx->key);
+    SHA1(hhk, sizeof hhk, hhk);
+    if(memcmp(hhk, received->hhk, sizeof hhk))
+	{
+	JPAKEerr(JPAKE_F_JPAKE_STEP3A_PROCESS, JPAKE_R_HASH_OF_HASH_OF_KEY_MISMATCH);
+	return 0;
+	}
+    return 1;
+    }
+
+void JPAKE_STEP3A_release(JPAKE_STEP3A *s3a)
+    {}
+
+void JPAKE_STEP3B_init(JPAKE_STEP3B *s3b)
+    {}
+
+int JPAKE_STEP3B_generate(JPAKE_STEP3B *send, JPAKE_CTX *ctx)
+    {
+    quickhashbn(send->hk, ctx->key);
+
+    return 1;
+    }
+
+int JPAKE_STEP3B_process(JPAKE_CTX *ctx, const JPAKE_STEP3B *received)
+    {
+    unsigned char hk[SHA_DIGEST_LENGTH];
+
+    quickhashbn(hk, ctx->key);
+    if(memcmp(hk, received->hk, sizeof hk))
+	{
+	JPAKEerr(JPAKE_F_JPAKE_STEP3B_PROCESS, JPAKE_R_HASH_OF_KEY_MISMATCH);
+	return 0;
+	}
+    return 1;
+    }
+
+void JPAKE_STEP3B_release(JPAKE_STEP3B *s3b)
+    {}
+
+const BIGNUM *JPAKE_get_shared_key(JPAKE_CTX *ctx)
+    {
+    return ctx->key;
+    }
+
diff --git a/crypto/jpake/jpake.h b/crypto/jpake/jpake.h
new file mode 100644
index 0000000000..693ea188cb
--- /dev/null
+++ b/crypto/jpake/jpake.h
@@ -0,0 +1,129 @@
+/*
+ * Implement J-PAKE, as described in
+ * http://grouper.ieee.org/groups/1363/Research/contributions/hao-ryan-2008.pdf
+ * 
+ * With hints from http://www.cl.cam.ac.uk/~fh240/software/JPAKE2.java.
+ */
+
+#ifndef HEADER_JPAKE_H
+#define HEADER_JPAKE_H
+
+#include <openssl/opensslconf.h>
+
+#ifdef OPENSSL_NO_JPAKE
+#error JPAKE is disabled.
+#endif
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+#include <openssl/bn.h>
+#include <openssl/sha.h>
+
+typedef struct JPAKE_CTX JPAKE_CTX;
+
+/* Note that "g" in the ZKPs is not necessarily the J-PAKE g. */
+typedef struct
+    {
+    BIGNUM *gr; /* g^r (r random) */
+    BIGNUM *b;  /* b = r - x*h, h=hash(g, g^r, g^x, name) */
+    } JPAKE_ZKP;
+
+typedef struct
+    {
+    BIGNUM *gx;       /* g^x in step 1, g^(xa + xc + xd) * xb * s in step 2 */
+    JPAKE_ZKP zkpx;   /* ZKP(x) or ZKP(xb * s) */
+    } JPAKE_STEP_PART;
+
+typedef struct
+    {
+    JPAKE_STEP_PART p1;   /* g^x3, ZKP(x3) or g^x1, ZKP(x1) */
+    JPAKE_STEP_PART p2;   /* g^x4, ZKP(x4) or g^x2, ZKP(x2) */
+    } JPAKE_STEP1;
+
+typedef JPAKE_STEP_PART JPAKE_STEP2;
+
+typedef struct
+    {
+    unsigned char hhk[SHA_DIGEST_LENGTH];
+    } JPAKE_STEP3A;
+
+typedef struct
+    {
+    unsigned char hk[SHA_DIGEST_LENGTH];
+    } JPAKE_STEP3B;
+
+/* Parameters are copied */
+JPAKE_CTX *JPAKE_CTX_new(const char *name, const char *peer_name,
+			 const BIGNUM *p, const BIGNUM *g, const BIGNUM *q,
+			 const BIGNUM *secret);
+void JPAKE_CTX_free(JPAKE_CTX *ctx);
+
+/*
+ * Note that JPAKE_STEP1 can be used multiple times before release
+ * without another init.
+ */
+void JPAKE_STEP1_init(JPAKE_STEP1 *s1);
+int JPAKE_STEP1_generate(JPAKE_STEP1 *send, JPAKE_CTX *ctx);
+int JPAKE_STEP1_process(JPAKE_CTX *ctx, const JPAKE_STEP1 *received);
+void JPAKE_STEP1_release(JPAKE_STEP1 *s1);
+
+/*
+ * Note that JPAKE_STEP2 can be used multiple times before release
+ * without another init.
+ */
+void JPAKE_STEP2_init(JPAKE_STEP2 *s2);
+int JPAKE_STEP2_generate(JPAKE_STEP2 *send, JPAKE_CTX *ctx);
+int JPAKE_STEP2_process(JPAKE_CTX *ctx, const JPAKE_STEP2 *received);
+void JPAKE_STEP2_release(JPAKE_STEP2 *s2);
+
+/*
+ * Optionally verify the shared key. If the shared secrets do not
+ * match, the two ends will disagree about the shared key, but
+ * otherwise the protocol will succeed.
+ */
+void JPAKE_STEP3A_init(JPAKE_STEP3A *s3a);
+int JPAKE_STEP3A_generate(JPAKE_STEP3A *send, JPAKE_CTX *ctx);
+int JPAKE_STEP3A_process(JPAKE_CTX *ctx, const JPAKE_STEP3A *received);
+void JPAKE_STEP3A_release(JPAKE_STEP3A *s3a);
+
+void JPAKE_STEP3B_init(JPAKE_STEP3B *s3b);
+int JPAKE_STEP3B_generate(JPAKE_STEP3B *send, JPAKE_CTX *ctx);
+int JPAKE_STEP3B_process(JPAKE_CTX *ctx, const JPAKE_STEP3B *received);
+void JPAKE_STEP3B_release(JPAKE_STEP3B *s3b);
+
+/*
+ * the return value belongs to the library and will be released when
+ * ctx is released, and will change when a new handshake is performed.
+ */
+const BIGNUM *JPAKE_get_shared_key(JPAKE_CTX *ctx);
+
+/* BEGIN ERROR CODES */
+/* The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_JPAKE_strings(void);
+
+/* Error codes for the JPAKE functions. */
+
+/* Function codes. */
+#define JPAKE_F_JPAKE_STEP1_PROCESS			 101
+#define JPAKE_F_JPAKE_STEP2_PROCESS			 102
+#define JPAKE_F_JPAKE_STEP3A_PROCESS			 103
+#define JPAKE_F_JPAKE_STEP3B_PROCESS			 104
+#define JPAKE_F_VERIFY_ZKP				 100
+
+/* Reason codes. */
+#define JPAKE_R_G_TO_THE_X4_IS_ONE			 105
+#define JPAKE_R_HASH_OF_HASH_OF_KEY_MISMATCH		 106
+#define JPAKE_R_HASH_OF_KEY_MISMATCH			 107
+#define JPAKE_R_VERIFY_B_FAILED				 102
+#define JPAKE_R_VERIFY_X3_FAILED			 103
+#define JPAKE_R_VERIFY_X4_FAILED			 104
+#define JPAKE_R_ZKP_VERIFY_FAILED			 100
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/crypto/jpake/jpake_err.c b/crypto/jpake/jpake_err.c
new file mode 100644
index 0000000000..1b95067967
--- /dev/null
+++ b/crypto/jpake/jpake_err.c
@@ -0,0 +1,105 @@
+/* crypto/jpake/jpake_err.c */
+/* ====================================================================
+ * Copyright (c) 1999-2008 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/* NOTE: this file was auto generated by the mkerr.pl script: any changes
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
+ */
+
+#include <stdio.h>
+#include <openssl/err.h>
+#include <openssl/jpake.h>
+
+/* BEGIN ERROR CODES */
+#ifndef OPENSSL_NO_ERR
+
+#define ERR_FUNC(func) ERR_PACK(ERR_LIB_JPAKE,func,0)
+#define ERR_REASON(reason) ERR_PACK(ERR_LIB_JPAKE,0,reason)
+
+static ERR_STRING_DATA JPAKE_str_functs[]=
+	{
+{ERR_FUNC(JPAKE_F_JPAKE_STEP1_PROCESS),	"JPAKE_STEP1_process"},
+{ERR_FUNC(JPAKE_F_JPAKE_STEP2_PROCESS),	"JPAKE_STEP2_process"},
+{ERR_FUNC(JPAKE_F_JPAKE_STEP3A_PROCESS),	"JPAKE_STEP3A_process"},
+{ERR_FUNC(JPAKE_F_JPAKE_STEP3B_PROCESS),	"JPAKE_STEP3B_process"},
+{ERR_FUNC(JPAKE_F_VERIFY_ZKP),	"VERIFY_ZKP"},
+{0,NULL}
+	};
+
+static ERR_STRING_DATA JPAKE_str_reasons[]=
+	{
+{ERR_REASON(JPAKE_R_G_TO_THE_X4_IS_ONE)  ,"g to the x4 is one"},
+{ERR_REASON(JPAKE_R_HASH_OF_HASH_OF_KEY_MISMATCH),"hash of hash of key mismatch"},
+{ERR_REASON(JPAKE_R_HASH_OF_KEY_MISMATCH),"hash of key mismatch"},
+{ERR_REASON(JPAKE_R_VERIFY_B_FAILED)     ,"verify b failed"},
+{ERR_REASON(JPAKE_R_VERIFY_X3_FAILED)    ,"verify x3 failed"},
+{ERR_REASON(JPAKE_R_VERIFY_X4_FAILED)    ,"verify x4 failed"},
+{ERR_REASON(JPAKE_R_ZKP_VERIFY_FAILED)   ,"zkp verify failed"},
+{0,NULL}
+	};
+
+#endif
+
+void ERR_load_JPAKE_strings(void)
+	{
+#ifndef OPENSSL_NO_ERR
+
+	if (ERR_func_error_string(JPAKE_str_functs[0].error) == NULL)
+		{
+		ERR_load_strings(0,JPAKE_str_functs);
+		ERR_load_strings(0,JPAKE_str_reasons);
+		}
+#endif
+	}
diff --git a/crypto/jpake/jpaketest.c b/crypto/jpake/jpaketest.c
new file mode 100644
index 0000000000..eaba75ed8a
--- /dev/null
+++ b/crypto/jpake/jpaketest.c
@@ -0,0 +1,192 @@
+#include <openssl/opensslconf.h>
+
+#ifdef OPENSSL_NO_JPAKE
+
+#include <stdio.h>
+
+int main(int argc, char *argv[])
+{
+    printf("No J-PAKE support\n");
+    return(0);
+}
+
+#else
+
+#include <openssl/jpake.h>
+#include <openssl/err.h>
+
+static void showbn(const char *name, const BIGNUM *bn)
+    {
+    fputs(name, stdout);
+    fputs(" = ", stdout);
+    BN_print_fp(stdout, bn);
+    putc('\n', stdout);
+    }
+
+static int run_jpake(JPAKE_CTX *alice, JPAKE_CTX *bob)
+    {
+    JPAKE_STEP1 alice_s1;
+    JPAKE_STEP1 bob_s1;
+    JPAKE_STEP2 alice_s2;
+    JPAKE_STEP2 bob_s2;
+    JPAKE_STEP3A alice_s3a;
+    JPAKE_STEP3B bob_s3b;
+
+   /* Alice -> Bob: step 1 */
+    puts("A->B s1");
+    JPAKE_STEP1_init(&alice_s1);
+    JPAKE_STEP1_generate(&alice_s1, alice);
+    if(!JPAKE_STEP1_process(bob, &alice_s1))
+	{
+	printf("Bob fails to process Alice's step 1\n");
+	ERR_print_errors_fp(stdout);
+	return 1;
+	}
+    JPAKE_STEP1_release(&alice_s1);
+
+   /* Bob -> Alice: step 1 */
+    puts("B->A s1");
+    JPAKE_STEP1_init(&bob_s1);
+    JPAKE_STEP1_generate(&bob_s1, bob);
+    if(!JPAKE_STEP1_process(alice, &bob_s1))
+	{
+	printf("Alice fails to process Bob's step 1\n");
+	ERR_print_errors_fp(stdout);
+	return 2;
+	}
+    JPAKE_STEP1_release(&bob_s1);
+
+   /* Alice -> Bob: step 2 */
+    puts("A->B s2");
+    JPAKE_STEP2_init(&alice_s2);
+    JPAKE_STEP2_generate(&alice_s2, alice);
+    if(!JPAKE_STEP2_process(bob, &alice_s2))
+	{
+	printf("Bob fails to process Alice's step 2\n");
+	ERR_print_errors_fp(stdout);
+	return 3;
+	}
+    JPAKE_STEP2_release(&alice_s2);
+
+   /* Bob -> Alice: step 2 */
+    puts("B->A s2");
+    JPAKE_STEP2_init(&bob_s2);
+    JPAKE_STEP2_generate(&bob_s2, bob);
+    if(!JPAKE_STEP2_process(alice, &bob_s2))
+	{
+	printf("Alice fails to process Bob's step 2\n");
+	ERR_print_errors_fp(stdout);
+	return 4;
+	}
+    JPAKE_STEP2_release(&bob_s2);
+
+    showbn("Alice's key", JPAKE_get_shared_key(alice));
+    showbn("Bob's key  ", JPAKE_get_shared_key(bob));
+
+   /* Alice -> Bob: step 3a */
+    puts("A->B s3a");
+    JPAKE_STEP3A_init(&alice_s3a);
+    JPAKE_STEP3A_generate(&alice_s3a, alice);
+    if(!JPAKE_STEP3A_process(bob, &alice_s3a))
+	{
+	printf("Bob fails to process Alice's step 3a\n");
+	ERR_print_errors_fp(stdout);
+	return 5;
+	}
+    JPAKE_STEP3A_release(&alice_s3a);
+    
+   /* Bob -> Alice: step 3b */
+    puts("B->A s3b");
+    JPAKE_STEP3B_init(&bob_s3b);
+    JPAKE_STEP3B_generate(&bob_s3b, bob);
+    if(!JPAKE_STEP3B_process(alice, &bob_s3b))
+	{
+	printf("Alice fails to process Bob's step 3b\n");
+	ERR_print_errors_fp(stdout);
+	return 6;
+	}
+    JPAKE_STEP3B_release(&bob_s3b);
+
+    return 0;
+    }
+
+int main(int argc, char **argv)
+    {
+    JPAKE_CTX *alice;
+    JPAKE_CTX *bob;
+    BIGNUM *p = NULL;
+    BIGNUM *g = NULL;
+    BIGNUM *q = NULL;
+    BIGNUM *secret = BN_new();
+    BIO *bio_err;
+
+    bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
+
+    CRYPTO_malloc_debug_init();
+    CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
+    CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
+
+    ERR_load_crypto_strings();
+
+    /*
+    BN_hex2bn(&p, "fd7f53811d75122952df4a9c2eece4e7f611b7523cef4400c31e3f80b6512669455d402251fb593d8d58fabfc5f5ba30f6cb9b556cd7813b801d346ff26660b76b9950a5a49f9fe8047b1022c24fbba9d7feb7c61bf83b57e7c6a8a6150f04fb83f6d3c51ec3023554135a169132f675f3ae2b61d72aeff22203199dd14801c7");
+    BN_hex2bn(&g, "f7e1a085d69b3ddecbbcab5c36b857b97994afbbfa3aea82f9574c0b3d0782675159578ebad4594fe67107108180b449167123e84c281613b7cf09328cc8a6e13c167a8b547c8d28e0a3ae1e2bb3a675916ea37f0bfa213562f1fb627a01243bcca4f1bea8519089a883dfe15ae59f06928b665e807b552564014c3bfecf492a");
+    BN_hex2bn(&q, "9760508f15230bccb292b982a2eb840bf0581cf5");
+    */
+    /*
+    p = BN_new();
+    BN_generate_prime(p, 1024, 1, NULL, NULL, NULL, NULL);
+    */
+   /* Use a safe prime for p (that we found earlier) */
+    BN_hex2bn(&p, "F9E5B365665EA7A05A9C534502780FEE6F1AB5BD4F49947FD036DBD7E905269AF46EF28B0FC07487EE4F5D20FB3C0AF8E700F3A2FA3414970CBED44FEDFF80CE78D800F184BB82435D137AADA2C6C16523247930A63B85661D1FC817A51ACD96168E95898A1F83A79FFB529368AA7833ABD1B0C3AEDDB14D2E1A2F71D99F763F");
+    showbn("p", p);
+    g = BN_new();
+    BN_set_word(g, 2);
+    showbn("g", g);
+    q = BN_new();
+    BN_rshift1(q, p);
+    showbn("q", q);
+
+    BN_rand(secret, 32, -1, 0);
+
+   /* A normal run, expect this to work... */
+    alice = JPAKE_CTX_new("Alice", "Bob", p, g, q, secret);
+    bob = JPAKE_CTX_new("Bob", "Alice", p, g, q, secret);
+
+    if(run_jpake(alice, bob) != 0)
+	{
+	fprintf(stderr, "Plain JPAKE run failed\n");
+	return 1;
+	}
+
+    JPAKE_CTX_free(bob);
+    JPAKE_CTX_free(alice);
+
+   /* Now give Alice and Bob different secrets */
+    alice = JPAKE_CTX_new("Alice", "Bob", p, g, q, secret);
+    BN_add_word(secret, 1);
+    bob = JPAKE_CTX_new("Bob", "Alice", p, g, q, secret);
+
+    if(run_jpake(alice, bob) != 5)
+	{
+	fprintf(stderr, "Mismatched secret JPAKE run failed\n");
+	return 1;
+	}
+
+    JPAKE_CTX_free(bob);
+    JPAKE_CTX_free(alice);
+
+    BN_free(secret);
+    BN_free(q);
+    BN_free(g);
+    BN_free(p);
+
+    CRYPTO_cleanup_all_ex_data();
+    ERR_remove_thread_state(NULL);
+    ERR_free_strings();
+    CRYPTO_mem_leaks(bio_err);
+
+    return 0;
+    }
+
+#endif
diff --git a/crypto/krb5/.cvsignore b/crypto/krb5/.cvsignore
index c6d03a9dbc..439e6d3eb6 100644
--- a/crypto/krb5/.cvsignore
+++ b/crypto/krb5/.cvsignore
@@ -1,2 +1,4 @@
 lib
 Makefile.save
+*.flc
+semantic.cache
diff --git a/crypto/krb5/Makefile.ssl b/crypto/krb5/Makefile.ssl
deleted file mode 100644
index 98be630fb6..0000000000
--- a/crypto/krb5/Makefile.ssl
+++ /dev/null
@@ -1,89 +0,0 @@
-#
-# OpenSSL/krb5/Makefile.ssl
-#
-
-DIR=	krb5
-TOP=	../..
-CC=	cc
-INCLUDES= -I.. -I$(TOP) -I../../include
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile README
-TEST=
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC= krb5_asn.c
-
-LIBOBJ= krb5_asn.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= krb5_asn.h
-HEADER=	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@sh $(TOP)/util/point.sh Makefile.ssl Makefile ;
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-krb5_asn.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
-krb5_asn.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
-krb5_asn.o: ../../include/openssl/e_os2.h ../../include/openssl/krb5_asn.h
-krb5_asn.o: ../../include/openssl/opensslconf.h
-krb5_asn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-krb5_asn.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-krb5_asn.o: ../../include/openssl/symhacks.h krb5_asn.c
diff --git a/crypto/lhash/.cvsignore b/crypto/lhash/.cvsignore
index c6d03a9dbc..439e6d3eb6 100644
--- a/crypto/lhash/.cvsignore
+++ b/crypto/lhash/.cvsignore
@@ -1,2 +1,4 @@
 lib
 Makefile.save
+*.flc
+semantic.cache
diff --git a/crypto/lhash/Makefile.ssl b/crypto/lhash/Makefile.ssl
deleted file mode 100644
index 426cdb25a2..0000000000
--- a/crypto/lhash/Makefile.ssl
+++ /dev/null
@@ -1,93 +0,0 @@
-#
-# SSLeay/crypto/lhash/Makefile
-#
-
-DIR=	lhash
-TOP=	../..
-CC=	cc
-INCLUDES=
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=lhash.c lh_stats.c
-LIBOBJ=lhash.o lh_stats.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= lhash.h
-HEADER=	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@sh $(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-lh_stats.o: ../../e_os.h ../../include/openssl/bio.h
-lh_stats.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-lh_stats.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-lh_stats.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-lh_stats.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-lh_stats.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-lh_stats.o: ../../include/openssl/symhacks.h ../cryptlib.h lh_stats.c
-lhash.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
-lhash.o: ../../include/openssl/e_os2.h ../../include/openssl/lhash.h
-lhash.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-lhash.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-lhash.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h lhash.c
diff --git a/crypto/lhash/lh_stats.c b/crypto/lhash/lh_stats.c
index 5aa7766aa6..815615e338 100644
--- a/crypto/lhash/lh_stats.c
+++ b/crypto/lhash/lh_stats.c
@@ -139,7 +139,7 @@ void lh_node_usage_stats(LHASH *lh, FILE *out)
 #else
 
 #ifndef OPENSSL_NO_FP_API
-void lh_stats(const LHASH *lh, FILE *fp)
+void lh_stats(const _LHASH *lh, FILE *fp)
 	{
 	BIO *bp;
 
@@ -151,7 +151,7 @@ void lh_stats(const LHASH *lh, FILE *fp)
 end:;
 	}
 
-void lh_node_stats(const LHASH *lh, FILE *fp)
+void lh_node_stats(const _LHASH *lh, FILE *fp)
 	{
 	BIO *bp;
 
@@ -163,7 +163,7 @@ void lh_node_stats(const LHASH *lh, FILE *fp)
 end:;
 	}
 
-void lh_node_usage_stats(const LHASH *lh, FILE *fp)
+void lh_node_usage_stats(const _LHASH *lh, FILE *fp)
 	{
 	BIO *bp;
 
@@ -177,7 +177,7 @@ end:;
 
 #endif
 
-void lh_stats_bio(const LHASH *lh, BIO *out)
+void lh_stats_bio(const _LHASH *lh, BIO *out)
 	{
 	BIO_printf(out,"num_items             = %lu\n",lh->num_items);
 	BIO_printf(out,"num_nodes             = %u\n",lh->num_nodes);
@@ -205,7 +205,7 @@ void lh_stats_bio(const LHASH *lh, BIO *out)
 #endif
 	}
 
-void lh_node_stats_bio(const LHASH *lh, BIO *out)
+void lh_node_stats_bio(const _LHASH *lh, BIO *out)
 	{
 	LHASH_NODE *n;
 	unsigned int i,num;
@@ -218,7 +218,7 @@ void lh_node_stats_bio(const LHASH *lh, BIO *out)
 		}
 	}
 
-void lh_node_usage_stats_bio(const LHASH *lh, BIO *out)
+void lh_node_usage_stats_bio(const _LHASH *lh, BIO *out)
 	{
 	LHASH_NODE *n;
 	unsigned long num;
diff --git a/crypto/lhash/lhash.c b/crypto/lhash/lhash.c
index 9856c26d43..47f748081b 100644
--- a/crypto/lhash/lhash.c
+++ b/crypto/lhash/lhash.c
@@ -100,25 +100,25 @@
 #include <openssl/crypto.h>
 #include <openssl/lhash.h>
 
-const char *lh_version="lhash" OPENSSL_VERSION_PTEXT;
+const char lh_version[]="lhash" OPENSSL_VERSION_PTEXT;
 
 #undef MIN_NODES 
 #define MIN_NODES	16
 #define UP_LOAD		(2*LH_LOAD_MULT) /* load times 256  (default 2) */
 #define DOWN_LOAD	(LH_LOAD_MULT)   /* load times 256  (default 1) */
 
-static void expand(LHASH *lh);
-static void contract(LHASH *lh);
-static LHASH_NODE **getrn(LHASH *lh, const void *data, unsigned long *rhash);
+static void expand(_LHASH *lh);
+static void contract(_LHASH *lh);
+static LHASH_NODE **getrn(_LHASH *lh, const void *data, unsigned long *rhash);
 
-LHASH *lh_new(LHASH_HASH_FN_TYPE h, LHASH_COMP_FN_TYPE c)
+_LHASH *lh_new(LHASH_HASH_FN_TYPE h, LHASH_COMP_FN_TYPE c)
 	{
-	LHASH *ret;
+	_LHASH *ret;
 	int i;
 
-	if ((ret=(LHASH *)OPENSSL_malloc(sizeof(LHASH))) == NULL)
+	if ((ret=OPENSSL_malloc(sizeof(_LHASH))) == NULL)
 		goto err0;
-	if ((ret->b=(LHASH_NODE **)OPENSSL_malloc(sizeof(LHASH_NODE *)*MIN_NODES)) == NULL)
+	if ((ret->b=OPENSSL_malloc(sizeof(LHASH_NODE *)*MIN_NODES)) == NULL)
 		goto err1;
 	for (i=0; i<MIN_NODES; i++)
 		ret->b[i]=NULL;
@@ -154,7 +154,7 @@ err0:
 	return(NULL);
 	}
 
-void lh_free(LHASH *lh)
+void lh_free(_LHASH *lh)
 	{
 	unsigned int i;
 	LHASH_NODE *n,*nn;
@@ -176,11 +176,11 @@ void lh_free(LHASH *lh)
 	OPENSSL_free(lh);
 	}
 
-void *lh_insert(LHASH *lh, void *data)
+void *lh_insert(_LHASH *lh, void *data)
 	{
 	unsigned long hash;
 	LHASH_NODE *nn,**rn;
-	const void *ret;
+	void *ret;
 
 	lh->error=0;
 	if (lh->up_load <= (lh->num_items*LH_LOAD_MULT/lh->num_nodes))
@@ -211,14 +211,14 @@ void *lh_insert(LHASH *lh, void *data)
 		(*rn)->data=data;
 		lh->num_replace++;
 		}
-	return((void *)ret);
+	return(ret);
 	}
 
-void *lh_delete(LHASH *lh, const void *data)
+void *lh_delete(_LHASH *lh, const void *data)
 	{
 	unsigned long hash;
 	LHASH_NODE *nn,**rn;
-	const void *ret;
+	void *ret;
 
 	lh->error=0;
 	rn=getrn(lh,data,&hash);
@@ -242,14 +242,14 @@ void *lh_delete(LHASH *lh, const void *data)
 		(lh->down_load >= (lh->num_items*LH_LOAD_MULT/lh->num_nodes)))
 		contract(lh);
 
-	return((void *)ret);
+	return(ret);
 	}
 
-void *lh_retrieve(LHASH *lh, const void *data)
+void *lh_retrieve(_LHASH *lh, const void *data)
 	{
 	unsigned long hash;
 	LHASH_NODE **rn;
-	const void *ret;
+	void *ret;
 
 	lh->error=0;
 	rn=getrn(lh,data,&hash);
@@ -264,15 +264,18 @@ void *lh_retrieve(LHASH *lh, const void *data)
 		ret= (*rn)->data;
 		lh->num_retrieve++;
 		}
-	return((void *)ret);
+	return(ret);
 	}
 
-static void doall_util_fn(LHASH *lh, int use_arg, LHASH_DOALL_FN_TYPE func,
+static void doall_util_fn(_LHASH *lh, int use_arg, LHASH_DOALL_FN_TYPE func,
 			  LHASH_DOALL_ARG_FN_TYPE func_arg, void *arg)
 	{
 	int i;
 	LHASH_NODE *a,*n;
 
+	if (lh == NULL)
+		return;
+
 	/* reverse the order so we search from 'top to bottom'
 	 * We were having memory leaks otherwise */
 	for (i=lh->num_nodes-1; i>=0; i--)
@@ -282,6 +285,8 @@ static void doall_util_fn(LHASH *lh, int use_arg, LHASH_DOALL_FN_TYPE func,
 			{
 			/* 28/05/91 - eay - n added so items can be deleted
 			 * via lh_doall */
+			/* 22/05/08 - ben - eh? since a is not passed,
+			 * this should not be needed */
 			n=a->next;
 			if(use_arg)
 				func_arg(a->data,arg);
@@ -292,17 +297,17 @@ static void doall_util_fn(LHASH *lh, int use_arg, LHASH_DOALL_FN_TYPE func,
 		}
 	}
 
-void lh_doall(LHASH *lh, LHASH_DOALL_FN_TYPE func)
+void lh_doall(_LHASH *lh, LHASH_DOALL_FN_TYPE func)
 	{
 	doall_util_fn(lh, 0, func, (LHASH_DOALL_ARG_FN_TYPE)0, NULL);
 	}
 
-void lh_doall_arg(LHASH *lh, LHASH_DOALL_ARG_FN_TYPE func, void *arg)
+void lh_doall_arg(_LHASH *lh, LHASH_DOALL_ARG_FN_TYPE func, void *arg)
 	{
 	doall_util_fn(lh, 1, (LHASH_DOALL_FN_TYPE)0, func, arg);
 	}
 
-static void expand(LHASH *lh)
+static void expand(_LHASH *lh)
 	{
 	LHASH_NODE **n,**n1,**n2,*np;
 	unsigned int p,i,j;
@@ -339,7 +344,7 @@ static void expand(LHASH *lh)
 		{
 		j=(int)lh->num_alloc_nodes*2;
 		n=(LHASH_NODE **)OPENSSL_realloc(lh->b,
-			(unsigned int)sizeof(LHASH_NODE *)*j);
+			(int)(sizeof(LHASH_NODE *)*j));
 		if (n == NULL)
 			{
 /*			fputs("realloc error in lhash",stderr); */
@@ -358,7 +363,7 @@ static void expand(LHASH *lh)
 		}
 	}
 
-static void contract(LHASH *lh)
+static void contract(_LHASH *lh)
 	{
 	LHASH_NODE **n,*n1,*np;
 
@@ -397,11 +402,11 @@ static void contract(LHASH *lh)
 		}
 	}
 
-static LHASH_NODE **getrn(LHASH *lh, const void *data, unsigned long *rhash)
+static LHASH_NODE **getrn(_LHASH *lh, const void *data, unsigned long *rhash)
 	{
 	LHASH_NODE **ret,*n1;
 	unsigned long hash,nn;
-	int (*cf)();
+	LHASH_COMP_FN_TYPE cf;
 
 	hash=(*(lh->hash))(data);
 	lh->num_hash_calls++;
@@ -464,7 +469,7 @@ unsigned long lh_strhash(const char *c)
 	return((ret>>16)^ret);
 	}
 
-unsigned long lh_num_items(const LHASH *lh)
+unsigned long lh_num_items(const _LHASH *lh)
 	{
 	return lh ? lh->num_items : 0;
 	}
diff --git a/crypto/lhash/lhash.h b/crypto/lhash/lhash.h
index d392d0cd80..e7d8763591 100644
--- a/crypto/lhash/lhash.h
+++ b/crypto/lhash/lhash.h
@@ -98,42 +98,42 @@ typedef void (*LHASH_DOALL_ARG_FN_TYPE)(void *, void *);
  * macros if the functions are strictly internal. */
 
 /* First: "hash" functions */
-#define DECLARE_LHASH_HASH_FN(f_name,o_type) \
-	unsigned long f_name##_LHASH_HASH(const void *);
-#define IMPLEMENT_LHASH_HASH_FN(f_name,o_type) \
-	unsigned long f_name##_LHASH_HASH(const void *arg) { \
-		o_type a = (o_type)arg; \
-		return f_name(a); }
-#define LHASH_HASH_FN(f_name) f_name##_LHASH_HASH
+#define DECLARE_LHASH_HASH_FN(name, o_type) \
+	unsigned long name##_LHASH_HASH(const void *);
+#define IMPLEMENT_LHASH_HASH_FN(name, o_type) \
+	unsigned long name##_LHASH_HASH(const void *arg) { \
+		const o_type *a = arg; \
+		return name##_hash(a); }
+#define LHASH_HASH_FN(name) name##_LHASH_HASH
 
 /* Second: "compare" functions */
-#define DECLARE_LHASH_COMP_FN(f_name,o_type) \
-	int f_name##_LHASH_COMP(const void *, const void *);
-#define IMPLEMENT_LHASH_COMP_FN(f_name,o_type) \
-	int f_name##_LHASH_COMP(const void *arg1, const void *arg2) { \
-		o_type a = (o_type)arg1; \
-		o_type b = (o_type)arg2; \
-		return f_name(a,b); }
-#define LHASH_COMP_FN(f_name) f_name##_LHASH_COMP
+#define DECLARE_LHASH_COMP_FN(name, o_type) \
+	int name##_LHASH_COMP(const void *, const void *);
+#define IMPLEMENT_LHASH_COMP_FN(name, o_type) \
+	int name##_LHASH_COMP(const void *arg1, const void *arg2) { \
+		const o_type *a = arg1;		    \
+		const o_type *b = arg2; \
+		return name##_cmp(a,b); }
+#define LHASH_COMP_FN(name) name##_LHASH_COMP
 
 /* Third: "doall" functions */
-#define DECLARE_LHASH_DOALL_FN(f_name,o_type) \
-	void f_name##_LHASH_DOALL(void *);
-#define IMPLEMENT_LHASH_DOALL_FN(f_name,o_type) \
-	void f_name##_LHASH_DOALL(void *arg) { \
-		o_type a = (o_type)arg; \
-		f_name(a); }
-#define LHASH_DOALL_FN(f_name) f_name##_LHASH_DOALL
+#define DECLARE_LHASH_DOALL_FN(name, o_type) \
+	void name##_LHASH_DOALL(void *);
+#define IMPLEMENT_LHASH_DOALL_FN(name, o_type) \
+	void name##_LHASH_DOALL(void *arg) { \
+		o_type *a = arg; \
+		name##_doall(a); }
+#define LHASH_DOALL_FN(name) name##_LHASH_DOALL
 
 /* Fourth: "doall_arg" functions */
-#define DECLARE_LHASH_DOALL_ARG_FN(f_name,o_type,a_type) \
-	void f_name##_LHASH_DOALL_ARG(void *, void *);
-#define IMPLEMENT_LHASH_DOALL_ARG_FN(f_name,o_type,a_type) \
-	void f_name##_LHASH_DOALL_ARG(void *arg1, void *arg2) { \
-		o_type a = (o_type)arg1; \
-		a_type b = (a_type)arg2; \
-		f_name(a,b); }
-#define LHASH_DOALL_ARG_FN(f_name) f_name##_LHASH_DOALL_ARG
+#define DECLARE_LHASH_DOALL_ARG_FN(name, o_type, a_type) \
+	void name##_LHASH_DOALL_ARG(void *, void *);
+#define IMPLEMENT_LHASH_DOALL_ARG_FN(name, o_type, a_type) \
+	void name##_LHASH_DOALL_ARG(void *arg1, void *arg2) { \
+		o_type *a = arg1; \
+		a_type *b = arg2; \
+		name##_doall_arg(a, b); }
+#define LHASH_DOALL_ARG_FN(name) name##_LHASH_DOALL_ARG
 
 typedef struct lhash_st
 	{
@@ -163,7 +163,8 @@ typedef struct lhash_st
 	unsigned long num_hash_comps;
 
 	int error;
-	} LHASH;
+	} _LHASH;	/* Do not use _LHASH directly, use LHASH_OF
+			 * and friends */
 
 #define LH_LOAD_MULT	256
 
@@ -171,27 +172,67 @@ typedef struct lhash_st
  * in lh_insert(). */
 #define lh_error(lh)	((lh)->error)
 
-LHASH *lh_new(LHASH_HASH_FN_TYPE h, LHASH_COMP_FN_TYPE c);
-void lh_free(LHASH *lh);
-void *lh_insert(LHASH *lh, void *data);
-void *lh_delete(LHASH *lh, const void *data);
-void *lh_retrieve(LHASH *lh, const void *data);
-void lh_doall(LHASH *lh, LHASH_DOALL_FN_TYPE func);
-void lh_doall_arg(LHASH *lh, LHASH_DOALL_ARG_FN_TYPE func, void *arg);
+_LHASH *lh_new(LHASH_HASH_FN_TYPE h, LHASH_COMP_FN_TYPE c);
+void lh_free(_LHASH *lh);
+void *lh_insert(_LHASH *lh, void *data);
+void *lh_delete(_LHASH *lh, const void *data);
+void *lh_retrieve(_LHASH *lh, const void *data);
+void lh_doall(_LHASH *lh, LHASH_DOALL_FN_TYPE func);
+void lh_doall_arg(_LHASH *lh, LHASH_DOALL_ARG_FN_TYPE func, void *arg);
 unsigned long lh_strhash(const char *c);
-unsigned long lh_num_items(const LHASH *lh);
+unsigned long lh_num_items(const _LHASH *lh);
 
 #ifndef OPENSSL_NO_FP_API
-void lh_stats(const LHASH *lh, FILE *out);
-void lh_node_stats(const LHASH *lh, FILE *out);
-void lh_node_usage_stats(const LHASH *lh, FILE *out);
+void lh_stats(const _LHASH *lh, FILE *out);
+void lh_node_stats(const _LHASH *lh, FILE *out);
+void lh_node_usage_stats(const _LHASH *lh, FILE *out);
 #endif
 
 #ifndef OPENSSL_NO_BIO
-void lh_stats_bio(const LHASH *lh, BIO *out);
-void lh_node_stats_bio(const LHASH *lh, BIO *out);
-void lh_node_usage_stats_bio(const LHASH *lh, BIO *out);
+void lh_stats_bio(const _LHASH *lh, BIO *out);
+void lh_node_stats_bio(const _LHASH *lh, BIO *out);
+void lh_node_usage_stats_bio(const _LHASH *lh, BIO *out);
 #endif
+
+/* Type checking... */
+
+#define LHASH_OF(type) struct lhash_st_##type
+
+#define DECLARE_LHASH_OF(type) LHASH_OF(type) { int dummy; }
+
+#define CHECKED_LHASH_OF(type,lh) \
+  ((_LHASH *)CHECKED_PTR_OF(LHASH_OF(type),lh))
+
+/* Define wrapper functions. */
+#define LHM_lh_new(type, name) \
+  ((LHASH_OF(type) *)lh_new(LHASH_HASH_FN(name), LHASH_COMP_FN(name)))
+#define LHM_lh_error(type, lh) \
+  lh_error(CHECKED_LHASH_OF(type,lh))
+#define LHM_lh_insert(type, lh, inst) \
+  ((type *)lh_insert(CHECKED_LHASH_OF(type, lh), \
+		     CHECKED_PTR_OF(type, inst)))
+#define LHM_lh_retrieve(type, lh, inst) \
+  ((type *)lh_retrieve(CHECKED_LHASH_OF(type, lh), \
+		       CHECKED_PTR_OF(type, inst)))
+#define LHM_lh_delete(type, lh, inst) \
+  ((type *)lh_delete(CHECKED_LHASH_OF(type, lh),			\
+		     CHECKED_PTR_OF(type, inst)))
+#define LHM_lh_doall(type, lh,fn) lh_doall(CHECKED_LHASH_OF(type, lh), fn)
+#define LHM_lh_doall_arg(type, lh, fn, arg_type, arg) \
+  lh_doall_arg(CHECKED_LHASH_OF(type, lh), fn, CHECKED_PTR_OF(arg_type, arg))
+#define LHM_lh_num_items(type, lh) lh_num_items(CHECKED_LHASH_OF(type, lh))
+#define LHM_lh_down_load(type, lh) (CHECKED_LHASH_OF(type, lh)->down_load)
+#define LHM_lh_node_stats_bio(type, lh, out) \
+  lh_node_stats_bio(CHECKED_LHASH_OF(type, lh), out)
+#define LHM_lh_node_usage_stats_bio(type, lh, out) \
+  lh_node_usage_stats_bio(CHECKED_LHASH_OF(type, lh), out)
+#define LHM_lh_stats_bio(type, lh, out) \
+  lh_stats_bio(CHECKED_LHASH_OF(type, lh), out)
+#define LHM_lh_free(type, lh) lh_free(CHECKED_LHASH_OF(type, lh))
+
+DECLARE_LHASH_OF(OPENSSL_STRING);
+DECLARE_LHASH_OF(OPENSSL_CSTRING);
+
 #ifdef  __cplusplus
 }
 #endif
diff --git a/crypto/md2/.cvsignore b/crypto/md2/.cvsignore
index c6d03a9dbc..439e6d3eb6 100644
--- a/crypto/md2/.cvsignore
+++ b/crypto/md2/.cvsignore
@@ -1,2 +1,4 @@
 lib
 Makefile.save
+*.flc
+semantic.cache
diff --git a/crypto/md2/Makefile.ssl b/crypto/md2/Makefile.ssl
deleted file mode 100644
index 213ed2932c..0000000000
--- a/crypto/md2/Makefile.ssl
+++ /dev/null
@@ -1,94 +0,0 @@
-#
-# SSLeay/crypto/md/Makefile
-#
-
-DIR=	md2
-TOP=	../..
-CC=	cc
-INCLUDES=
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=md2test.c
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=md2_dgst.c md2_one.c
-LIBOBJ=md2_dgst.o md2_one.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= md2.h
-HEADER=	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@sh $(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-md2_dgst.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-md2_dgst.o: ../../include/openssl/md2.h ../../include/openssl/opensslconf.h
-md2_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-md2_dgst.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-md2_dgst.o: ../../include/openssl/symhacks.h md2_dgst.c
-md2_one.o: ../../e_os.h ../../include/openssl/bio.h
-md2_one.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-md2_one.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-md2_one.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-md2_one.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-md2_one.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-md2_one.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-md2_one.o: ../cryptlib.h md2_one.c
diff --git a/crypto/md2/md2.h b/crypto/md2/md2.h
index 5b71855cb2..a46120e7d4 100644
--- a/crypto/md2/md2.h
+++ b/crypto/md2/md2.h
@@ -63,6 +63,7 @@
 #ifdef OPENSSL_NO_MD2
 #error MD2 is disabled.
 #endif
+#include <stddef.h>
 
 #define MD2_DIGEST_LENGTH	16
 #define MD2_BLOCK       	16
diff --git a/crypto/md2/md2_dgst.c b/crypto/md2/md2_dgst.c
index 15e77d60be..c57b3da288 100644
--- a/crypto/md2/md2_dgst.c
+++ b/crypto/md2/md2_dgst.c
@@ -63,7 +63,7 @@
 #include <openssl/opensslv.h>
 #include <openssl/crypto.h>
 
-const char *MD2_version="MD2" OPENSSL_VERSION_PTEXT;
+const char MD2_version[]="MD2" OPENSSL_VERSION_PTEXT;
 
 /* Implemented from RFC1319 The MD2 Message-Digest Algorithm
  */
@@ -73,7 +73,7 @@ const char *MD2_version="MD2" OPENSSL_VERSION_PTEXT;
 static void md2_block(MD2_CTX *c, const unsigned char *d);
 /* The magic S table - I have converted it to hex since it is
  * basically just a random byte string. */
-static MD2_INT S[256]={
+static const MD2_INT S[256]={
 	0x29, 0x2E, 0x43, 0xC9, 0xA2, 0xD8, 0x7C, 0x01,
 	0x3D, 0x36, 0x54, 0xA1, 0xEC, 0xF0, 0x06, 0x13,
 	0x62, 0xA7, 0x05, 0xF3, 0xC0, 0xC7, 0x73, 0x8C,
diff --git a/crypto/md2/md2_one.c b/crypto/md2/md2_one.c
index dab35071ac..f7fef5cc0a 100644
--- a/crypto/md2/md2_one.c
+++ b/crypto/md2/md2_one.c
@@ -69,7 +69,8 @@ unsigned char *MD2(const unsigned char *d, size_t n, unsigned char *md)
 	static unsigned char m[MD2_DIGEST_LENGTH];
 
 	if (md == NULL) md=m;
-	MD2_Init(&c);
+	if (!MD2_Init(&c))
+		return NULL;
 #ifndef CHARSET_EBCDIC
 	MD2_Update(&c,d,n);
 #else
diff --git a/crypto/md2/md2test.c b/crypto/md2/md2test.c
index 21b381c351..db5f5bc6d2 100644
--- a/crypto/md2/md2test.c
+++ b/crypto/md2/md2test.c
@@ -128,6 +128,7 @@ int main(int argc, char *argv[])
     if (err) printf("ERROR: %d\n", err);
 #endif
 	EXIT(err);
+	return err;
 	}
 
 static char *pt(unsigned char *md)
diff --git a/crypto/md32_common.h b/crypto/md32_common.h
index 0cbcfaf8a2..279916fa59 100644
--- a/crypto/md32_common.h
+++ b/crypto/md32_common.h
@@ -1,6 +1,6 @@
 /* crypto/md32_common.h */
 /* ====================================================================
- * Copyright (c) 1999-2002 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2007 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -47,10 +47,6 @@
  * OF THE POSSIBILITY OF SUCH DAMAGE.
  * ====================================================================
  *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
  */
 
 /*
@@ -76,40 +72,27 @@
  *		typedef struct {
  *			...
  *			HASH_LONG	Nl,Nh;
+ *			either {
  *			HASH_LONG	data[HASH_LBLOCK];
+ *			unsigned char	data[HASH_CBLOCK];
+ *			};
  *			unsigned int	num;
  *			...
  *			} HASH_CTX;
+ *	data[] vector is expected to be zeroed upon first call to
+ *	HASH_UPDATE.
  * HASH_UPDATE
  *	name of "Update" function, implemented here.
  * HASH_TRANSFORM
  *	name of "Transform" function, implemented here.
  * HASH_FINAL
  *	name of "Final" function, implemented here.
- * HASH_BLOCK_HOST_ORDER
- *	name of "block" function treating *aligned* input message
- *	in host byte order, implemented externally.
  * HASH_BLOCK_DATA_ORDER
- *	name of "block" function treating *unaligned* input message
- *	in original (data) byte order, implemented externally (it
- *	actually is optional if data and host are of the same
- *	"endianess").
+ *	name of "block" function capable of treating *unaligned* input
+ *	message in original (data) byte order, implemented externally.
  * HASH_MAKE_STRING
  *	macro convering context variables to an ASCII hash string.
  *
- * Optional macros:
- *
- * B_ENDIAN or L_ENDIAN
- *	defines host byte-order.
- * HASH_LONG_LOG2
- *	defaults to 2 if not states otherwise.
- * HASH_LBLOCK
- *	assumed to be HASH_CBLOCK/4 if not stated otherwise.
- * HASH_BLOCK_DATA_ORDER_ALIGNED
- *	alternative "block" function capable of treating
- *	aligned input message in original (data) order,
- *	implemented externally.
- *
  * MD5 example:
  *
  *	#define DATA_ORDER_IS_LITTLE_ENDIAN
@@ -118,11 +101,9 @@
  *	#define HASH_LONG_LOG2		MD5_LONG_LOG2
  *	#define HASH_CTX		MD5_CTX
  *	#define HASH_CBLOCK		MD5_CBLOCK
- *	#define HASH_LBLOCK		MD5_LBLOCK
  *	#define HASH_UPDATE		MD5_Update
  *	#define HASH_TRANSFORM		MD5_Transform
  *	#define HASH_FINAL		MD5_Final
- *	#define HASH_BLOCK_HOST_ORDER	md5_block_host_order
  *	#define HASH_BLOCK_DATA_ORDER	md5_block_data_order
  *
  *					<appro@fy.chalmers.se>
@@ -152,27 +133,9 @@
 #error "HASH_FINAL must be defined!"
 #endif
 
-#ifndef HASH_BLOCK_HOST_ORDER
-#error "HASH_BLOCK_HOST_ORDER must be defined!"
-#endif
-
-#if 0
-/*
- * Moved below as it's required only if HASH_BLOCK_DATA_ORDER_ALIGNED
- * isn't defined.
- */
 #ifndef HASH_BLOCK_DATA_ORDER
 #error "HASH_BLOCK_DATA_ORDER must be defined!"
 #endif
-#endif
-
-#ifndef HASH_LBLOCK
-#define HASH_LBLOCK	(HASH_CBLOCK/4)
-#endif
-
-#ifndef HASH_LONG_LOG2
-#define HASH_LONG_LOG2	2
-#endif
 
 /*
  * Engage compiler specific rotate intrinsic function if available.
@@ -206,7 +169,8 @@
 				: "cc");		\
 			   ret;				\
 			})
-#  elif defined(__powerpc) || defined(__ppc__) || defined(__powerpc64__)
+#  elif defined(_ARCH_PPC) || defined(_ARCH_PPC64) || \
+	defined(__powerpc) || defined(__ppc__) || defined(__powerpc64__)
 #   define ROTATE(a,n)	({ register unsigned int ret;	\
 				asm (			\
 				"rlwinm %0,%1,%2,0,31"	\
@@ -214,79 +178,28 @@
 				: "r"(a), "I"(n));	\
 			   ret;				\
 			})
+#  elif defined(__s390x__)
+#   define ROTATE(a,n) ({ register unsigned int ret;	\
+				asm ("rll %0,%1,%2"	\
+				: "=r"(ret)		\
+				: "r"(a), "I"(n));	\
+			  ret;				\
+			})
 #  endif
 # endif
 #endif /* PEDANTIC */
 
-#if HASH_LONG_LOG2==2	/* Engage only if sizeof(HASH_LONG)== 4 */
-/* A nice byte order reversal from Wei Dai <weidai@eskimo.com> */
-#ifdef ROTATE
-/* 5 instructions with rotate instruction, else 9 */
-#define REVERSE_FETCH32(a,l)	(					\
-		l=*(const HASH_LONG *)(a),				\
-		((ROTATE(l,8)&0x00FF00FF)|(ROTATE((l&0x00FF00FF),24)))	\
-				)
-#else
-/* 6 instructions with rotate instruction, else 8 */
-#define REVERSE_FETCH32(a,l)	(				\
-		l=*(const HASH_LONG *)(a),			\
-		l=(((l>>8)&0x00FF00FF)|((l&0x00FF00FF)<<8)),	\
-		ROTATE(l,16)					\
-				)
-/*
- * Originally the middle line started with l=(((l&0xFF00FF00)>>8)|...
- * It's rewritten as above for two reasons:
- *	- RISCs aren't good at long constants and have to explicitely
- *	  compose 'em with several (well, usually 2) instructions in a
- *	  register before performing the actual operation and (as you
- *	  already realized:-) having same constant should inspire the
- *	  compiler to permanently allocate the only register for it;
- *	- most modern CPUs have two ALUs, but usually only one has
- *	  circuitry for shifts:-( this minor tweak inspires compiler
- *	  to schedule shift instructions in a better way...
- *
- *				<appro@fy.chalmers.se>
- */
-#endif
-#endif
-
 #ifndef ROTATE
 #define ROTATE(a,n)     (((a)<<(n))|(((a)&0xffffffff)>>(32-(n))))
 #endif
 
-/*
- * Make some obvious choices. E.g., HASH_BLOCK_DATA_ORDER_ALIGNED
- * and HASH_BLOCK_HOST_ORDER ought to be the same if input data
- * and host are of the same "endianess". It's possible to mask
- * this with blank #define HASH_BLOCK_DATA_ORDER though...
- *
- *				<appro@fy.chalmers.se>
- */
-#if defined(B_ENDIAN)
-#  if defined(DATA_ORDER_IS_BIG_ENDIAN)
-#    if !defined(HASH_BLOCK_DATA_ORDER_ALIGNED) && HASH_LONG_LOG2==2
-#      define HASH_BLOCK_DATA_ORDER_ALIGNED	HASH_BLOCK_HOST_ORDER
-#    endif
-#  endif
-#elif defined(L_ENDIAN)
-#  if defined(DATA_ORDER_IS_LITTLE_ENDIAN)
-#    if !defined(HASH_BLOCK_DATA_ORDER_ALIGNED) && HASH_LONG_LOG2==2
-#      define HASH_BLOCK_DATA_ORDER_ALIGNED	HASH_BLOCK_HOST_ORDER
-#    endif
-#  endif
-#endif
-
-#if !defined(HASH_BLOCK_DATA_ORDER_ALIGNED)
-#ifndef HASH_BLOCK_DATA_ORDER
-#error "HASH_BLOCK_DATA_ORDER must be defined!"
-#endif
-#endif
-
 #if defined(DATA_ORDER_IS_BIG_ENDIAN)
 
 #ifndef PEDANTIC
 # if defined(__GNUC__) && __GNUC__>=2 && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM)
-#  if defined(__i386) || defined(__i386__) || defined(__x86_64) || defined(__x86_64__)
+#  if ((defined(__i386) || defined(__i386__)) && !defined(I386_ONLY)) || \
+      (defined(__x86_64) || defined(__x86_64__))
+#   if !defined(B_ENDIAN)
     /*
      * This gives ~30-40% performance improvement in SHA-256 compiled
      * with gcc [on P4]. Well, first macro to be frank. We can pull
@@ -299,9 +212,14 @@
 #   define HOST_l2c(l,c)	({ unsigned int r=(l);			\
 				   asm ("bswapl %0":"=r"(r):"0"(r));	\
 				   *((unsigned int *)(c))=r; (c)+=4; r;	})
+#   endif
 #  endif
 # endif
 #endif
+#if defined(__s390__) || defined(__s390x__)
+# define HOST_c2l(c,l) ((l)=*((const unsigned int *)(c)), (c)+=4, (l))
+# define HOST_l2c(l,c) (*((unsigned int *)(c))=(l), (c)+=4, (l))
+#endif
 
 #ifndef HOST_c2l
 #define HOST_c2l(c,l)	(l =(((unsigned long)(*((c)++)))<<24),		\
@@ -310,29 +228,6 @@
 			 l|=(((unsigned long)(*((c)++)))    ),		\
 			 l)
 #endif
-#define HOST_p_c2l(c,l,n)	{					\
-			switch (n) {					\
-			case 0: l =((unsigned long)(*((c)++)))<<24;	\
-			case 1: l|=((unsigned long)(*((c)++)))<<16;	\
-			case 2: l|=((unsigned long)(*((c)++)))<< 8;	\
-			case 3: l|=((unsigned long)(*((c)++)));		\
-				} }
-#define HOST_p_c2l_p(c,l,sc,len) {					\
-			switch (sc) {					\
-			case 0: l =((unsigned long)(*((c)++)))<<24;	\
-				if (--len == 0) break;			\
-			case 1: l|=((unsigned long)(*((c)++)))<<16;	\
-				if (--len == 0) break;			\
-			case 2: l|=((unsigned long)(*((c)++)))<< 8;	\
-				} }
-/* NOTE the pointer is not incremented at the end of this */
-#define HOST_c2l_p(c,l,n)	{					\
-			l=0; (c)+=n;					\
-			switch (n) {					\
-			case 3: l =((unsigned long)(*(--(c))))<< 8;	\
-			case 2: l|=((unsigned long)(*(--(c))))<<16;	\
-			case 1: l|=((unsigned long)(*(--(c))))<<24;	\
-				} }
 #ifndef HOST_l2c
 #define HOST_l2c(l,c)	(*((c)++)=(unsigned char)(((l)>>24)&0xff),	\
 			 *((c)++)=(unsigned char)(((l)>>16)&0xff),	\
@@ -343,10 +238,24 @@
 
 #elif defined(DATA_ORDER_IS_LITTLE_ENDIAN)
 
+#ifndef PEDANTIC
+# if defined(__GNUC__) && __GNUC__>=2 && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM)
+#  if defined(__s390x__)
+#   define HOST_c2l(c,l)	({ asm ("lrv	%0,0(%1)"		\
+					:"=r"(l) : "r"(c));		\
+				   (c)+=4; (l);				})
+#   define HOST_l2c(l,c)	({ asm ("strv	%0,0(%1)"		\
+					: : "r"(l),"r"(c) : "memory");	\
+				   (c)+=4; (l);				})
+#  endif
+# endif
+#endif
 #if defined(__i386) || defined(__i386__) || defined(__x86_64) || defined(__x86_64__)
-  /* See comment in DATA_ORDER_IS_BIG_ENDIAN section. */
-# define HOST_c2l(c,l)	((l)=*((const unsigned int *)(c)), (c)+=4, l)
-# define HOST_l2c(l,c)	(*((unsigned int *)(c))=(l), (c)+=4, l)
+# ifndef B_ENDIAN
+   /* See comment in DATA_ORDER_IS_BIG_ENDIAN section. */
+#  define HOST_c2l(c,l)	((l)=*((const unsigned int *)(c)), (c)+=4, l)
+#  define HOST_l2c(l,c)	(*((unsigned int *)(c))=(l), (c)+=4, l)
+# endif
 #endif
 
 #ifndef HOST_c2l
@@ -356,29 +265,6 @@
 			 l|=(((unsigned long)(*((c)++)))<<24),		\
 			 l)
 #endif
-#define HOST_p_c2l(c,l,n)	{					\
-			switch (n) {					\
-			case 0: l =((unsigned long)(*((c)++)));		\
-			case 1: l|=((unsigned long)(*((c)++)))<< 8;	\
-			case 2: l|=((unsigned long)(*((c)++)))<<16;	\
-			case 3: l|=((unsigned long)(*((c)++)))<<24;	\
-				} }
-#define HOST_p_c2l_p(c,l,sc,len) {					\
-			switch (sc) {					\
-			case 0: l =((unsigned long)(*((c)++)));		\
-				if (--len == 0) break;			\
-			case 1: l|=((unsigned long)(*((c)++)))<< 8;	\
-				if (--len == 0) break;			\
-			case 2: l|=((unsigned long)(*((c)++)))<<16;	\
-				} }
-/* NOTE the pointer is not incremented at the end of this */
-#define HOST_c2l_p(c,l,n)	{					\
-			l=0; (c)+=n;					\
-			switch (n) {					\
-			case 3: l =((unsigned long)(*(--(c))))<<16;	\
-			case 2: l|=((unsigned long)(*(--(c))))<< 8;	\
-			case 1: l|=((unsigned long)(*(--(c))));		\
-				} }
 #ifndef HOST_l2c
 #define HOST_l2c(l,c)	(*((c)++)=(unsigned char)(((l)    )&0xff),	\
 			 *((c)++)=(unsigned char)(((l)>> 8)&0xff),	\
@@ -396,9 +282,9 @@
 int HASH_UPDATE (HASH_CTX *c, const void *data_, size_t len)
 	{
 	const unsigned char *data=data_;
-	register HASH_LONG * p;
-	register HASH_LONG l;
-	size_t sw,sc,ew,ec;
+	unsigned char *p;
+	HASH_LONG l;
+	size_t n;
 
 	if (len==0) return 1;
 
@@ -407,104 +293,46 @@ int HASH_UPDATE (HASH_CTX *c, const void *data_, size_t len)
 	 * Wei Dai <weidai@eskimo.com> for pointing it out. */
 	if (l < c->Nl) /* overflow */
 		c->Nh++;
-	c->Nh+=(len>>29);	/* might cause compiler warning on 16-bit */
+	c->Nh+=(HASH_LONG)(len>>29);	/* might cause compiler warning on 16-bit */
 	c->Nl=l;
 
-	if (c->num != 0)
+	n = c->num;
+	if (n != 0)
 		{
-		p=c->data;
-		sw=c->num>>2;
-		sc=c->num&0x03;
+		p=(unsigned char *)c->data;
 
-		if ((c->num+len) >= HASH_CBLOCK)
+		if (len >= HASH_CBLOCK || len+n >= HASH_CBLOCK)
 			{
-			l=p[sw]; HOST_p_c2l(data,l,sc); p[sw++]=l;
-			for (; sw<HASH_LBLOCK; sw++)
-				{
-				HOST_c2l(data,l); p[sw]=l;
-				}
-			HASH_BLOCK_HOST_ORDER (c,p,1);
-			len-=(HASH_CBLOCK-c->num);
-			c->num=0;
-			/* drop through and do the rest */
+			memcpy (p+n,data,HASH_CBLOCK-n);
+			HASH_BLOCK_DATA_ORDER (c,p,1);
+			n      = HASH_CBLOCK-n;
+			data  += n;
+			len   -= n;
+			c->num = 0;
+			memset (p,0,HASH_CBLOCK);	/* keep it zeroed */
 			}
 		else
 			{
-			c->num+=(unsigned int)len;
-			if ((sc+len) < 4) /* ugly, add char's to a word */
-				{
-				l=p[sw]; HOST_p_c2l_p(data,l,sc,len); p[sw]=l;
-				}
-			else
-				{
-				ew=(c->num>>2);
-				ec=(c->num&0x03);
-				if (sc)
-					l=p[sw];
-				HOST_p_c2l(data,l,sc);
-				p[sw++]=l;
-				for (; sw < ew; sw++)
-					{
-					HOST_c2l(data,l); p[sw]=l;
-					}
-				if (ec)
-					{
-					HOST_c2l_p(data,l,ec); p[sw]=l;
-					}
-				}
+			memcpy (p+n,data,len);
+			c->num += (unsigned int)len;
 			return 1;
 			}
 		}
 
-	sw=len/HASH_CBLOCK;
-	if (sw > 0)
+	n = len/HASH_CBLOCK;
+	if (n > 0)
 		{
-#if defined(HASH_BLOCK_DATA_ORDER_ALIGNED)
-		/*
-		 * Note that HASH_BLOCK_DATA_ORDER_ALIGNED gets defined
-		 * only if sizeof(HASH_LONG)==4.
-		 */
-		if ((((size_t)data)%4) == 0)
-			{
-			/* data is properly aligned so that we can cast it: */
-			HASH_BLOCK_DATA_ORDER_ALIGNED (c,(const HASH_LONG *)data,sw);
-			sw*=HASH_CBLOCK;
-			data+=sw;
-			len-=sw;
-			}
-		else
-#if !defined(HASH_BLOCK_DATA_ORDER)
-			while (sw--)
-				{
-				memcpy (p=c->data,data,HASH_CBLOCK);
-				HASH_BLOCK_DATA_ORDER_ALIGNED(c,p,1);
-				data+=HASH_CBLOCK;
-				len-=HASH_CBLOCK;
-				}
-#endif
-#endif
-#if defined(HASH_BLOCK_DATA_ORDER)
-			{
-			HASH_BLOCK_DATA_ORDER(c,data,sw);
-			sw*=HASH_CBLOCK;
-			data+=sw;
-			len-=sw;
-			}
-#endif
+		HASH_BLOCK_DATA_ORDER (c,data,n);
+		n    *= HASH_CBLOCK;
+		data += n;
+		len  -= n;
 		}
 
-	if (len!=0)
+	if (len != 0)
 		{
-		p = c->data;
-		c->num = len;
-		ew=len>>2;	/* words to copy */
-		ec=len&0x03;
-		for (; ew; ew--,p++)
-			{
-			HOST_c2l(data,l); *p=l;
-			}
-		HOST_c2l_p(data,l,ec);
-		*p=l;
+		p = (unsigned char *)c->data;
+		c->num = (unsigned int)len;
+		memcpy (p,data,len);
 		}
 	return 1;
 	}
@@ -512,73 +340,38 @@ int HASH_UPDATE (HASH_CTX *c, const void *data_, size_t len)
 
 void HASH_TRANSFORM (HASH_CTX *c, const unsigned char *data)
 	{
-#if defined(HASH_BLOCK_DATA_ORDER_ALIGNED)
-	if ((((size_t)data)%4) == 0)
-		/* data is properly aligned so that we can cast it: */
-		HASH_BLOCK_DATA_ORDER_ALIGNED (c,(const HASH_LONG *)data,1);
-	else
-#if !defined(HASH_BLOCK_DATA_ORDER)
-		{
-		memcpy (c->data,data,HASH_CBLOCK);
-		HASH_BLOCK_DATA_ORDER_ALIGNED (c,c->data,1);
-		}
-#endif
-#endif
-#if defined(HASH_BLOCK_DATA_ORDER)
 	HASH_BLOCK_DATA_ORDER (c,data,1);
-#endif
 	}
 
 
 int HASH_FINAL (unsigned char *md, HASH_CTX *c)
 	{
-	register HASH_LONG *p;
-	register unsigned long l;
-	register int i,j;
-	static const unsigned char end[4]={0x80,0x00,0x00,0x00};
-	const unsigned char *cp=end;
-
-	/* c->num should definitly have room for at least one more byte. */
-	p=c->data;
-	i=c->num>>2;
-	j=c->num&0x03;
-
-#if 0
-	/* purify often complains about the following line as an
-	 * Uninitialized Memory Read.  While this can be true, the
-	 * following p_c2l macro will reset l when that case is true.
-	 * This is because j&0x03 contains the number of 'valid' bytes
-	 * already in p[i].  If and only if j&0x03 == 0, the UMR will
-	 * occur but this is also the only time p_c2l will do
-	 * l= *(cp++) instead of l|= *(cp++)
-	 * Many thanks to Alex Tang <altitude@cic.net> for pickup this
-	 * 'potential bug' */
-#ifdef PURIFY
-	if (j==0) p[i]=0; /* Yeah, but that's not the way to fix it:-) */
-#endif
-	l=p[i];
-#else
-	l = (j==0) ? 0 : p[i];
-#endif
-	HOST_p_c2l(cp,l,j); p[i++]=l; /* i is the next 'undefined word' */
+	unsigned char *p = (unsigned char *)c->data;
+	size_t n = c->num;
+
+	p[n] = 0x80; /* there is always room for one */
+	n++;
 
-	if (i>(HASH_LBLOCK-2)) /* save room for Nl and Nh */
+	if (n > (HASH_CBLOCK-8))
 		{
-		if (i<HASH_LBLOCK) p[i]=0;
-		HASH_BLOCK_HOST_ORDER (c,p,1);
-		i=0;
+		memset (p+n,0,HASH_CBLOCK-n);
+		n=0;
+		HASH_BLOCK_DATA_ORDER (c,p,1);
 		}
-	for (; i<(HASH_LBLOCK-2); i++)
-		p[i]=0;
+	memset (p+n,0,HASH_CBLOCK-8-n);
 
+	p += HASH_CBLOCK-8;
 #if   defined(DATA_ORDER_IS_BIG_ENDIAN)
-	p[HASH_LBLOCK-2]=c->Nh;
-	p[HASH_LBLOCK-1]=c->Nl;
+	(void)HOST_l2c(c->Nh,p);
+	(void)HOST_l2c(c->Nl,p);
 #elif defined(DATA_ORDER_IS_LITTLE_ENDIAN)
-	p[HASH_LBLOCK-2]=c->Nl;
-	p[HASH_LBLOCK-1]=c->Nh;
+	(void)HOST_l2c(c->Nl,p);
+	(void)HOST_l2c(c->Nh,p);
 #endif
-	HASH_BLOCK_HOST_ORDER (c,p,1);
+	p -= HASH_CBLOCK;
+	HASH_BLOCK_DATA_ORDER (c,p,1);
+	c->num=0;
+	memset (p,0,HASH_CBLOCK);
 
 #ifndef HASH_MAKE_STRING
 #error "HASH_MAKE_STRING must be defined!"
@@ -586,11 +379,6 @@ int HASH_FINAL (unsigned char *md, HASH_CTX *c)
 	HASH_MAKE_STRING(c,md);
 #endif
 
-	c->num=0;
-	/* clear stuff, HASH_BLOCK may be leaving some stuff on the stack
-	 * but I'm not worried :-)
-	OPENSSL_cleanse((void *)c,sizeof(HASH_CTX));
-	 */
 	return 1;
 	}
 
diff --git a/crypto/md4/.cvsignore b/crypto/md4/.cvsignore
index c6d03a9dbc..439e6d3eb6 100644
--- a/crypto/md4/.cvsignore
+++ b/crypto/md4/.cvsignore
@@ -1,2 +1,4 @@
 lib
 Makefile.save
+*.flc
+semantic.cache
diff --git a/crypto/md4/Makefile.ssl b/crypto/md4/Makefile.ssl
deleted file mode 100644
index d1eb9519f9..0000000000
--- a/crypto/md4/Makefile.ssl
+++ /dev/null
@@ -1,91 +0,0 @@
-#
-# SSLeay/crypto/md4/Makefile
-#
-
-DIR=    md4
-TOP=    ../..
-CC=     cc
-CPP=    $(CC) -E
-INCLUDES=
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=           make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=       Makefile.ssl
-AR=             ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=md4test.c
-APPS=md4.c
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=md4_dgst.c md4_one.c
-LIBOBJ=md4_dgst.o md4_one.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= md4.h
-HEADER= md4_locl.h $(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:    lib
-
-lib:    $(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@sh $(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f asm/mx86unix.cpp *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-md4_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/md4.h
-md4_dgst.o: ../../include/openssl/opensslconf.h
-md4_dgst.o: ../../include/openssl/opensslv.h ../md32_common.h md4_dgst.c
-md4_dgst.o: md4_locl.h
-md4_one.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-md4_one.o: ../../include/openssl/md4.h ../../include/openssl/opensslconf.h
-md4_one.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-md4_one.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-md4_one.o: ../../include/openssl/symhacks.h md4_one.c
diff --git a/crypto/md4/md4.h b/crypto/md4/md4.h
index b080cbdc21..c3ed9b3f75 100644
--- a/crypto/md4/md4.h
+++ b/crypto/md4/md4.h
@@ -60,6 +60,7 @@
 #define HEADER_MD4_H
 
 #include <openssl/e_os2.h>
+#include <stddef.h>
 
 #ifdef  __cplusplus
 extern "C" {
@@ -76,7 +77,7 @@ extern "C" {
  * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
  */
 
-#if defined(OPENSSL_SYS_WIN16) || defined(__LP32__)
+#if defined(__LP32__)
 #define MD4_LONG unsigned long
 #elif defined(OPENSSL_SYS_CRAY) || defined(__ILP64__)
 #define MD4_LONG unsigned long
diff --git a/crypto/md4/md4_dgst.c b/crypto/md4/md4_dgst.c
index d4c7057f13..e0c42e8596 100644
--- a/crypto/md4/md4_dgst.c
+++ b/crypto/md4/md4_dgst.c
@@ -60,7 +60,7 @@
 #include "md4_locl.h"
 #include <openssl/opensslv.h>
 
-const char *MD4_version="MD4" OPENSSL_VERSION_PTEXT;
+const char MD4_version[]="MD4" OPENSSL_VERSION_PTEXT;
 
 /* Implemented from RFC1186 The MD4 Message-Digest Algorithm
  */
@@ -72,89 +72,14 @@ const char *MD4_version="MD4" OPENSSL_VERSION_PTEXT;
 
 int MD4_Init(MD4_CTX *c)
 	{
+	memset (c,0,sizeof(*c));
 	c->A=INIT_DATA_A;
 	c->B=INIT_DATA_B;
 	c->C=INIT_DATA_C;
 	c->D=INIT_DATA_D;
-	c->Nl=0;
-	c->Nh=0;
-	c->num=0;
 	return 1;
 	}
 
-#ifndef md4_block_host_order
-void md4_block_host_order (MD4_CTX *c, const void *data, size_t num)
-	{
-	const MD4_LONG *X=data;
-	register unsigned MD32_REG_T A,B,C,D;
-
-	A=c->A;
-	B=c->B;
-	C=c->C;
-	D=c->D;
-
-	for (;num--;X+=HASH_LBLOCK)
-		{
-	/* Round 0 */
-	R0(A,B,C,D,X[ 0], 3,0);
-	R0(D,A,B,C,X[ 1], 7,0);
-	R0(C,D,A,B,X[ 2],11,0);
-	R0(B,C,D,A,X[ 3],19,0);
-	R0(A,B,C,D,X[ 4], 3,0);
-	R0(D,A,B,C,X[ 5], 7,0);
-	R0(C,D,A,B,X[ 6],11,0);
-	R0(B,C,D,A,X[ 7],19,0);
-	R0(A,B,C,D,X[ 8], 3,0);
-	R0(D,A,B,C,X[ 9], 7,0);
-	R0(C,D,A,B,X[10],11,0);
-	R0(B,C,D,A,X[11],19,0);
-	R0(A,B,C,D,X[12], 3,0);
-	R0(D,A,B,C,X[13], 7,0);
-	R0(C,D,A,B,X[14],11,0);
-	R0(B,C,D,A,X[15],19,0);
-	/* Round 1 */
-	R1(A,B,C,D,X[ 0], 3,0x5A827999L);
-	R1(D,A,B,C,X[ 4], 5,0x5A827999L);
-	R1(C,D,A,B,X[ 8], 9,0x5A827999L);
-	R1(B,C,D,A,X[12],13,0x5A827999L);
-	R1(A,B,C,D,X[ 1], 3,0x5A827999L);
-	R1(D,A,B,C,X[ 5], 5,0x5A827999L);
-	R1(C,D,A,B,X[ 9], 9,0x5A827999L);
-	R1(B,C,D,A,X[13],13,0x5A827999L);
-	R1(A,B,C,D,X[ 2], 3,0x5A827999L);
-	R1(D,A,B,C,X[ 6], 5,0x5A827999L);
-	R1(C,D,A,B,X[10], 9,0x5A827999L);
-	R1(B,C,D,A,X[14],13,0x5A827999L);
-	R1(A,B,C,D,X[ 3], 3,0x5A827999L);
-	R1(D,A,B,C,X[ 7], 5,0x5A827999L);
-	R1(C,D,A,B,X[11], 9,0x5A827999L);
-	R1(B,C,D,A,X[15],13,0x5A827999L);
-	/* Round 2 */
-	R2(A,B,C,D,X[ 0], 3,0x6ED9EBA1);
-	R2(D,A,B,C,X[ 8], 9,0x6ED9EBA1);
-	R2(C,D,A,B,X[ 4],11,0x6ED9EBA1);
-	R2(B,C,D,A,X[12],15,0x6ED9EBA1);
-	R2(A,B,C,D,X[ 2], 3,0x6ED9EBA1);
-	R2(D,A,B,C,X[10], 9,0x6ED9EBA1);
-	R2(C,D,A,B,X[ 6],11,0x6ED9EBA1);
-	R2(B,C,D,A,X[14],15,0x6ED9EBA1);
-	R2(A,B,C,D,X[ 1], 3,0x6ED9EBA1);
-	R2(D,A,B,C,X[ 9], 9,0x6ED9EBA1);
-	R2(C,D,A,B,X[ 5],11,0x6ED9EBA1);
-	R2(B,C,D,A,X[13],15,0x6ED9EBA1);
-	R2(A,B,C,D,X[ 3], 3,0x6ED9EBA1);
-	R2(D,A,B,C,X[11], 9,0x6ED9EBA1);
-	R2(C,D,A,B,X[ 7],11,0x6ED9EBA1);
-	R2(B,C,D,A,X[15],15,0x6ED9EBA1);
-
-	A = c->A += A;
-	B = c->B += B;
-	C = c->C += C;
-	D = c->D += D;
-		}
-	}
-#endif
-
 #ifndef md4_block_data_order
 #ifdef X
 #undef X
@@ -240,19 +165,3 @@ void md4_block_data_order (MD4_CTX *c, const void *data_, size_t num)
 		}
 	}
 #endif
-
-#ifdef undef
-int printit(unsigned long *l)
-	{
-	int i,ii;
-
-	for (i=0; i<2; i++)
-		{
-		for (ii=0; ii<8; ii++)
-			{
-			fprintf(stderr,"%08lx ",l[i*8+ii]);
-			}
-		fprintf(stderr,"\n");
-		}
-	}
-#endif
diff --git a/crypto/md4/md4_locl.h b/crypto/md4/md4_locl.h
index 7e219b17ea..c8085b0ead 100644
--- a/crypto/md4/md4_locl.h
+++ b/crypto/md4/md4_locl.h
@@ -65,41 +65,13 @@
 #define MD4_LONG_LOG2 2 /* default to 32 bits */
 #endif
 
-void md4_block_host_order (MD4_CTX *c, const void *p,size_t num);
 void md4_block_data_order (MD4_CTX *c, const void *p,size_t num);
 
-#if defined(__i386) || defined(__i386__) || defined(_M_IX86) || defined(__INTEL__)
-/*
- * *_block_host_order is expected to handle aligned data while
- * *_block_data_order - unaligned. As algorithm and host (x86)
- * are in this case of the same "endianness" these two are
- * otherwise indistinguishable. But normally you don't want to
- * call the same function because unaligned access in places
- * where alignment is expected is usually a "Bad Thing". Indeed,
- * on RISCs you get punished with BUS ERROR signal or *severe*
- * performance degradation. Intel CPUs are in turn perfectly
- * capable of loading unaligned data without such drastic side
- * effect. Yes, they say it's slower than aligned load, but no
- * exception is generated and therefore performance degradation
- * is *incomparable* with RISCs. What we should weight here is
- * costs of unaligned access against costs of aligning data.
- * According to my measurements allowing unaligned access results
- * in ~9% performance improvement on Pentium II operating at
- * 266MHz. I won't be surprised if the difference will be higher
- * on faster systems:-)
- *
- *				<appro@fy.chalmers.se>
- */
-#define md4_block_data_order md4_block_host_order
-#endif
-
 #define DATA_ORDER_IS_LITTLE_ENDIAN
 
 #define HASH_LONG		MD4_LONG
-#define HASH_LONG_LOG2		MD4_LONG_LOG2
 #define HASH_CTX		MD4_CTX
 #define HASH_CBLOCK		MD4_CBLOCK
-#define HASH_LBLOCK		MD4_LBLOCK
 #define HASH_UPDATE		MD4_Update
 #define HASH_TRANSFORM		MD4_Transform
 #define HASH_FINAL		MD4_Final
@@ -110,21 +82,7 @@ void md4_block_data_order (MD4_CTX *c, const void *p,size_t num);
 	ll=(c)->C; HOST_l2c(ll,(s));	\
 	ll=(c)->D; HOST_l2c(ll,(s));	\
 	} while (0)
-#define HASH_BLOCK_HOST_ORDER	md4_block_host_order
-#if !defined(L_ENDIAN) || defined(md4_block_data_order)
 #define	HASH_BLOCK_DATA_ORDER	md4_block_data_order
-/*
- * Little-endians (Intel and Alpha) feel better without this.
- * It looks like memcpy does better job than generic
- * md4_block_data_order on copying-n-aligning input data.
- * But frankly speaking I didn't expect such result on Alpha.
- * On the other hand I've got this with egcs-1.0.2 and if
- * program is compiled with another (better?) compiler it
- * might turn out other way around.
- *
- *				<appro@fy.chalmers.se>
- */
-#endif
 
 #include "md32_common.h"
 
diff --git a/crypto/md4/md4_one.c b/crypto/md4/md4_one.c
index 64601b62df..bb64362638 100644
--- a/crypto/md4/md4_one.c
+++ b/crypto/md4/md4_one.c
@@ -71,7 +71,8 @@ unsigned char *MD4(const unsigned char *d, size_t n, unsigned char *md)
 	static unsigned char m[MD4_DIGEST_LENGTH];
 
 	if (md == NULL) md=m;
-	MD4_Init(&c);
+	if (!MD4_Init(&c))
+		return NULL;
 #ifndef CHARSET_EBCDIC
 	MD4_Update(&c,d,n);
 #else
diff --git a/crypto/md4/md4test.c b/crypto/md4/md4test.c
index 5da53382c9..56591728a1 100644
--- a/crypto/md4/md4test.c
+++ b/crypto/md4/md4test.c
@@ -97,12 +97,12 @@ static char *pt(unsigned char *md);
 int main(int argc, char *argv[])
 	{
 	int i,err=0;
-	unsigned char **P,**R;
+	char **P,**R;
 	char *p;
 	unsigned char md[MD4_DIGEST_LENGTH];
 
-	P=(unsigned char **)test;
-	R=(unsigned char **)ret;
+	P=test;
+	R=ret;
 	i=1;
 	while (*P != NULL)
 		{
diff --git a/crypto/md5/.cvsignore b/crypto/md5/.cvsignore
index c6d03a9dbc..e7bf5ddce4 100644
--- a/crypto/md5/.cvsignore
+++ b/crypto/md5/.cvsignore
@@ -1,2 +1,5 @@
 lib
 Makefile.save
+*.flc
+semantic.cache
+md5-*.s
diff --git a/crypto/md5/Makefile.ssl b/crypto/md5/Makefile.ssl
deleted file mode 100644
index 5d1a29f6ab..0000000000
--- a/crypto/md5/Makefile.ssl
+++ /dev/null
@@ -1,123 +0,0 @@
-#
-# SSLeay/crypto/md5/Makefile
-#
-
-DIR=    md5
-TOP=    ../..
-CC=     cc
-CPP=    $(CC) -E
-INCLUDES=-I.. -I$(TOP) -I../../include
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=           make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=       Makefile.ssl
-AR=             ar r
-
-MD5_ASM_OBJ=
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-ASFLAGS= $(INCLUDES) $(ASFLAG)
-AFLAGS= $(ASFLAGS)
-
-GENERAL=Makefile
-TEST=md5test.c
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=md5_dgst.c md5_one.c
-LIBOBJ=md5_dgst.o md5_one.o $(MD5_ASM_OBJ)
-
-SRC= $(LIBSRC)
-
-EXHEADER= md5.h
-HEADER= md5_locl.h $(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:    lib
-
-lib:    $(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-# ELF
-mx86-elf.s: asm/md5-586.pl ../perlasm/x86asm.pl
-	(cd asm; $(PERL) md5-586.pl elf $(CFLAGS) > ../$@)
-# COFF
-mx86-cof.s: asm/md5-586.pl ../perlasm/x86asm.pl
-	(cd asm; $(PERL) md5-586.pl coff $(CFLAGS) > ../$@)
-# a.out
-mx86-out.s: asm/md5-586.pl ../perlasm/x86asm.pl
-	(cd asm; $(PERL) md5-586.pl a.out $(CFLAGS) > ../$@)
-
-md5-sparcv8plus.o: asm/md5-sparcv9.S
-	$(CC) $(ASFLAGS) -DMD5_BLOCK_DATA_ORDER -c \
-		-o md5-sparcv8plus.o asm/md5-sparcv9.S
-
-# Old GNU assembler doesn't understand V9 instructions, so we
-# hire /usr/ccs/bin/as to do the job. Note that option is called
-# *-gcc27, but even gcc 2>=8 users may experience similar problem
-# if they didn't bother to upgrade GNU assembler. Such users should
-# not choose this option, but be adviced to *remove* GNU assembler
-# or upgrade it.
-md5-sparcv8plus-gcc27.o: asm/md5-sparcv9.S
-	$(CC) $(ASFLAGS) -DMD5_BLOCK_DATA_ORDER -E asm/md5-sparcv9.S | \
-		/usr/ccs/bin/as -xarch=v8plus - -o md5-sparcv8plus-gcc27.o
-
-md5-sparcv9.o: asm/md5-sparcv9.S
-	$(CC) $(ASFLAGS) -DMD5_BLOCK_DATA_ORDER -c \
-		-o md5-sparcv9.o asm/md5-sparcv9.S
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@sh $(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-md5_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/md5.h
-md5_dgst.o: ../../include/openssl/opensslconf.h
-md5_dgst.o: ../../include/openssl/opensslv.h ../md32_common.h md5_dgst.c
-md5_dgst.o: md5_locl.h
-md5_one.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-md5_one.o: ../../include/openssl/md5.h ../../include/openssl/opensslconf.h
-md5_one.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-md5_one.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-md5_one.o: ../../include/openssl/symhacks.h md5_one.c
diff --git a/crypto/md5/asm/.cvsignore b/crypto/md5/asm/.cvsignore
index 5dd0091ca7..52659220f2 100644
--- a/crypto/md5/asm/.cvsignore
+++ b/crypto/md5/asm/.cvsignore
@@ -1,2 +1,4 @@
 mx86unix.cpp
 mx86-elf.s
+*.flc
+semantic.cache
diff --git a/crypto/md5/asm/md5-586.pl b/crypto/md5/asm/md5-586.pl
index fa3fa3bed5..6cb66bb499 100644
--- a/crypto/md5/asm/md5-586.pl
+++ b/crypto/md5/asm/md5-586.pl
@@ -7,7 +7,8 @@
 
 $normal=0;
 
-push(@INC,"perlasm","../../perlasm");
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+push(@INC,"${dir}","${dir}../../perlasm");
 require "x86asm.pl";
 
 &asm_init($ARGV[0],$0);
@@ -29,7 +30,7 @@ $X="esi";
  0, 7, 14, 5, 12, 3, 10, 1, 8, 15, 6, 13, 4, 11, 2, 9,	# R3
  );
 
-&md5_block("md5_block_asm_host_order");
+&md5_block("md5_block_asm_data_order");
 &asm_finish();
 
 sub Np
diff --git a/crypto/md5/asm/md5-ia64.S b/crypto/md5/asm/md5-ia64.S
new file mode 100644
index 0000000000..2f9818aec2
--- /dev/null
+++ b/crypto/md5/asm/md5-ia64.S
@@ -0,0 +1,992 @@
+/* Copyright (c) 2005 Hewlett-Packard Development Company, L.P.
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.  */
+
+//	Common registers are assigned as follows:
+//
+//	COMMON
+//
+//	t0		Const Tbl Ptr	TPtr
+//	t1		Round Constant	TRound
+//	t4		Block residual	LenResid
+//	t5		Residual Data	DTmp
+//
+//	{in,out}0	Block 0 Cycle	RotateM0
+//	{in,out}1	Block Value 12	M12
+//	{in,out}2	Block Value 8	M8
+//	{in,out}3	Block Value 4	M4
+//	{in,out}4	Block Value 0	M0
+//	{in,out}5	Block 1 Cycle	RotateM1
+//	{in,out}6	Block Value 13	M13
+//	{in,out}7	Block Value 9	M9
+//	{in,out}8	Block Value 5	M5
+//	{in,out}9	Block Value 1	M1
+//	{in,out}10	Block 2 Cycle	RotateM2
+//	{in,out}11	Block Value 14	M14
+//	{in,out}12	Block Value 10	M10
+//	{in,out}13	Block Value 6	M6
+//	{in,out}14	Block Value 2	M2
+//	{in,out}15	Block 3 Cycle	RotateM3
+//	{in,out}16	Block Value 15	M15
+//	{in,out}17	Block Value 11	M11
+//	{in,out}18	Block Value 7	M7
+//	{in,out}19	Block Value 3	M3
+//	{in,out}20	Scratch			Z
+//	{in,out}21	Scratch			Y
+//	{in,out}22	Scratch			X
+//	{in,out}23	Scratch			W
+//	{in,out}24	Digest A		A
+//	{in,out}25	Digest B		B
+//	{in,out}26	Digest C		C
+//	{in,out}27	Digest D		D
+//	{in,out}28	Active Data Ptr	DPtr
+//	in28		Dummy Value		-
+//	out28		Dummy Value		-
+//	bt0			Coroutine Link	QUICK_RTN
+//
+///	These predicates are used for computing the padding block(s) and
+///	are shared between the driver and digest co-routines
+//
+//	pt0			Extra Pad Block	pExtra
+//	pt1			Load next word	pLoad
+//	pt2			Skip next word	pSkip
+//	pt3			Search for Pad	pNoPad
+//	pt4			Pad Word 0		pPad0
+//	pt5			Pad Word 1		pPad1
+//	pt6			Pad Word 2		pPad2
+//	pt7			Pad Word 3		pPad3
+
+#define	DTmp		r19
+#define	LenResid	r18
+#define	QUICK_RTN	b6
+#define	TPtr		r14
+#define	TRound		r15
+#define	pExtra		p6
+#define	pLoad		p7
+#define	pNoPad		p9
+#define	pPad0		p10
+#define	pPad1		p11
+#define	pPad2		p12
+#define	pPad3		p13
+#define	pSkip		p8
+
+#define	A_		out24
+#define	B_		out25
+#define	C_		out26
+#define	D_		out27
+#define	DPtr_		out28
+#define	M0_		out4
+#define	M1_		out9
+#define	M10_		out12
+#define	M11_		out17
+#define	M12_		out1
+#define	M13_		out6
+#define	M14_		out11
+#define	M15_		out16
+#define	M2_		out14
+#define	M3_		out19
+#define	M4_		out3
+#define	M5_		out8
+#define	M6_		out13
+#define	M7_		out18
+#define	M8_		out2
+#define	M9_		out7
+#define	RotateM0_	out0
+#define	RotateM1_	out5
+#define	RotateM2_	out10
+#define	RotateM3_	out15
+#define	W_		out23
+#define	X_		out22
+#define	Y_		out21
+#define	Z_		out20
+
+#define	A		in24
+#define	B		in25
+#define	C		in26
+#define	D		in27
+#define	DPtr		in28
+#define	M0		in4
+#define	M1		in9
+#define	M10		in12
+#define	M11		in17
+#define	M12		in1
+#define	M13		in6
+#define	M14		in11
+#define	M15		in16
+#define	M2		in14
+#define	M3		in19
+#define	M4		in3
+#define	M5		in8
+#define	M6		in13
+#define	M7		in18
+#define	M8		in2
+#define	M9		in7
+#define	RotateM0	in0
+#define	RotateM1	in5
+#define	RotateM2	in10
+#define	RotateM3	in15
+#define	W		in23
+#define	X		in22
+#define	Y		in21
+#define	Z		in20
+
+/* register stack configuration for md5_block_asm_data_order(): */
+#define	MD5_NINP	3
+#define	MD5_NLOC	0
+#define MD5_NOUT	29
+#define MD5_NROT	0
+
+/* register stack configuration for helpers: */
+#define	_NINPUTS	MD5_NOUT
+#define	_NLOCALS	0
+#define _NOUTPUT	0
+#define	_NROTATE	24	/* this must be <= _NINPUTS */
+
+#if defined(_HPUX_SOURCE) && !defined(_LP64)
+#define	ADDP	addp4
+#else
+#define	ADDP	add
+#endif
+
+#if defined(_HPUX_SOURCE) || defined(B_ENDIAN)
+#define HOST_IS_BIG_ENDIAN
+#endif
+
+//	Macros for getting the left and right portions of little-endian words
+
+#define	GETLW(dst, src, align)	dep.z dst = src, 32 - 8 * align, 8 * align
+#define	GETRW(dst, src, align)	extr.u dst = src, 8 * align, 32 - 8 * align
+
+//	MD5 driver
+//
+//		Reads an input block, then calls the digest block
+//		subroutine and adds the results to the accumulated
+//		digest.  It allocates 32 outs which the subroutine
+//		uses as it's inputs and rotating
+//		registers. Initializes the round constant pointer and
+//		takes care of saving/restoring ar.lc
+//
+///	INPUT
+//
+//	in0		Context Ptr		CtxPtr0
+//	in1		Input Data Ptr		DPtrIn
+//	in2		Integral Blocks		BlockCount
+//	rp		Return Address		-
+//
+///	CODE
+//
+//	v2		Input Align		InAlign
+//	t0		Shared w/digest		-
+//	t1		Shared w/digest		-
+//	t2		Shared w/digest		-
+//	t3		Shared w/digest		-
+//	t4		Shared w/digest		-
+//	t5		Shared w/digest		-
+//	t6		PFS Save		PFSSave
+//	t7		ar.lc Save		LCSave
+//	t8		Saved PR		PRSave
+//	t9		2nd CtxPtr		CtxPtr1
+//	t10		Table Base		CTable
+//	t11		Table[0]		CTable0
+//	t13		Accumulator A		AccumA
+//	t14		Accumulator B		AccumB
+//	t15		Accumulator C		AccumC
+//	t16		Accumulator D		AccumD
+//	pt0		Shared w/digest		-
+//	pt1		Shared w/digest		-
+//	pt2		Shared w/digest		-
+//	pt3		Shared w/digest		-
+//	pt4		Shared w/digest		-
+//	pt5		Shared w/digest		-
+//	pt6		Shared w/digest		-
+//	pt7		Shared w/digest		-
+//	pt8		Not Aligned		pOff
+//	pt8		Blocks Left		pAgain
+
+#define	AccumA		r27
+#define	AccumB		r28
+#define	AccumC		r29
+#define	AccumD		r30
+#define	CTable		r24
+#define	CTable0		r25
+#define	CtxPtr0		in0
+#define	CtxPtr1		r23
+#define	DPtrIn		in1
+#define	BlockCount	in2
+#define	InAlign		r10
+#define	LCSave		r21
+#define	PFSSave		r20
+#define	PRSave		r22
+#define	pAgain		p63
+#define	pOff		p63
+
+	.text
+
+/* md5_block_asm_data_order(MD5_CTX *c, const void *data, size_t num)
+
+     where:
+      c: a pointer to a structure of this type:
+
+	   typedef struct MD5state_st
+	     {
+	       MD5_LONG A,B,C,D;
+	       MD5_LONG Nl,Nh;
+	       MD5_LONG data[MD5_LBLOCK];
+	       unsigned int num;
+	     }
+	   MD5_CTX;
+
+      data: a pointer to the input data (may be misaligned)
+      num:  the number of 16-byte blocks to hash (i.e., the length
+            of DATA is 16*NUM.
+
+   */
+
+	.type	md5_block_asm_data_order, @function
+	.global	md5_block_asm_data_order
+	.align	32
+	.proc	md5_block_asm_data_order
+md5_block_asm_data_order:
+.md5_block:
+	.prologue
+{	.mmi
+	.save	ar.pfs, PFSSave
+	alloc	PFSSave = ar.pfs, MD5_NINP, MD5_NLOC, MD5_NOUT, MD5_NROT
+	ADDP	CtxPtr1 = 8, CtxPtr0
+	mov	CTable = ip
+}
+{	.mmi
+	ADDP	DPtrIn = 0, DPtrIn
+	ADDP	CtxPtr0 = 0, CtxPtr0
+	.save	ar.lc, LCSave
+	mov	LCSave = ar.lc
+}
+;;
+{	.mmi
+	add	CTable = .md5_tbl_data_order#-.md5_block#, CTable
+	and	InAlign = 0x3, DPtrIn
+}
+
+{	.mmi
+	ld4	AccumA = [CtxPtr0], 4
+	ld4	AccumC = [CtxPtr1], 4
+	.save pr, PRSave
+	mov	PRSave = pr
+	.body
+}
+;;
+{	.mmi
+	ld4	AccumB = [CtxPtr0]
+	ld4	AccumD = [CtxPtr1]
+	dep	DPtr_ = 0, DPtrIn, 0, 2
+} ;;
+#ifdef HOST_IS_BIG_ENDIAN
+	rum	psr.be;;	// switch to little-endian
+#endif
+{	.mmb
+	ld4	CTable0 = [CTable], 4
+	cmp.ne	pOff, p0 = 0, InAlign
+(pOff)	br.cond.spnt.many .md5_unaligned
+} ;;
+
+//	The FF load/compute loop rotates values three times, so that
+//	loading into M12 here produces the M0 value, M13 -> M1, etc.
+
+.md5_block_loop0:
+{	.mmi
+	ld4	M12_ = [DPtr_], 4
+	mov	TPtr = CTable
+	mov	TRound = CTable0
+} ;;
+{	.mmi
+	ld4	M13_ = [DPtr_], 4
+	mov	A_ = AccumA
+	mov	B_ = AccumB
+} ;;
+{	.mmi
+	ld4	M14_ = [DPtr_], 4
+	mov	C_ = AccumC
+	mov	D_ = AccumD
+} ;;
+{	.mmb
+	ld4	M15_ = [DPtr_], 4
+	add	BlockCount = -1, BlockCount
+	br.call.sptk.many QUICK_RTN = md5_digest_block0
+} ;;
+
+//	Now, we add the new digest values and do some clean-up
+//	before checking if there's another full block to process
+
+{	.mmi
+	add	AccumA = AccumA, A_
+	add	AccumB = AccumB, B_
+	cmp.ne	pAgain, p0 = 0, BlockCount
+}
+{	.mib
+	add	AccumC = AccumC, C_
+	add	AccumD = AccumD, D_
+(pAgain) br.cond.dptk.many .md5_block_loop0
+} ;;
+
+.md5_exit:
+#ifdef HOST_IS_BIG_ENDIAN
+	sum	psr.be;;	// switch back to big-endian mode
+#endif
+{	.mmi
+	st4	[CtxPtr0] = AccumB, -4
+	st4	[CtxPtr1] = AccumD, -4
+	mov	pr = PRSave, 0x1ffff ;;
+}
+{	.mmi
+	st4	[CtxPtr0] = AccumA
+	st4	[CtxPtr1] = AccumC
+	mov	ar.lc = LCSave
+} ;;
+{	.mib
+	mov	ar.pfs = PFSSave
+	br.ret.sptk.few	rp
+} ;;
+
+#define	MD5UNALIGNED(offset)						\
+.md5_process##offset:							\
+{	.mib ;								\
+	nop	0x0	;						\
+	GETRW(DTmp, DTmp, offset) ;					\
+} ;;									\
+.md5_block_loop##offset:						\
+{	.mmi ;								\
+	ld4	Y_ = [DPtr_], 4 ;					\
+	mov	TPtr = CTable ;						\
+	mov	TRound = CTable0 ;					\
+} ;;									\
+{	.mmi ;								\
+	ld4	M13_ = [DPtr_], 4 ;					\
+	mov	A_ = AccumA ;						\
+	mov	B_ = AccumB ;						\
+} ;;									\
+{	.mii ;								\
+	ld4	M14_ = [DPtr_], 4 ;					\
+	GETLW(W_, Y_, offset) ;						\
+	mov	C_ = AccumC ;						\
+}									\
+{	.mmi ;								\
+	mov	D_ = AccumD ;;						\
+	or	M12_ = W_, DTmp ;					\
+	GETRW(DTmp, Y_, offset) ;					\
+}									\
+{	.mib ;								\
+	ld4	M15_ = [DPtr_], 4 ;					\
+	add	BlockCount = -1, BlockCount ;				\
+	br.call.sptk.many QUICK_RTN = md5_digest_block##offset;		\
+} ;;									\
+{	.mmi ;								\
+	add	AccumA = AccumA, A_ ;					\
+	add	AccumB = AccumB, B_ ;					\
+	cmp.ne	pAgain, p0 = 0, BlockCount ;				\
+}									\
+{	.mib ;								\
+	add	AccumC = AccumC, C_ ;					\
+	add	AccumD = AccumD, D_ ;					\
+(pAgain) br.cond.dptk.many .md5_block_loop##offset ;			\
+} ;;									\
+{	.mib ;								\
+	nop	0x0 ;							\
+	nop	0x0 ;							\
+	br.cond.sptk.many .md5_exit ;					\
+} ;;
+
+	.align	32
+.md5_unaligned:
+//
+//	Because variable shifts are expensive, we special case each of
+//	the four alignements. In practice, this won't hurt too much
+//	since only one working set of code will be loaded.
+//
+{	.mib
+	ld4	DTmp = [DPtr_], 4
+	cmp.eq	pOff, p0 = 1, InAlign
+(pOff)	br.cond.dpnt.many .md5_process1
+} ;;
+{	.mib
+	cmp.eq	pOff, p0 = 2, InAlign
+	nop	0x0
+(pOff)	br.cond.dpnt.many .md5_process2
+} ;;
+	MD5UNALIGNED(3)
+	MD5UNALIGNED(1)
+	MD5UNALIGNED(2)
+
+	.endp md5_block_asm_data_order
+
+
+// MD5 Perform the F function and load
+//
+// Passed the first 4 words (M0 - M3) and initial (A, B, C, D) values,
+// computes the FF() round of functions, then branches to the common
+// digest code to finish up with GG(), HH, and II().
+//
+// INPUT
+//
+// rp Return Address -
+//
+// CODE
+//
+// v0 PFS bit bucket PFS
+// v1 Loop Trip Count LTrip
+// pt0 Load next word pMore
+
+/* For F round: */
+#define LTrip	r9
+#define PFS	r8
+#define pMore	p6
+
+/* For GHI rounds: */
+#define T	r9
+#define U	r10
+#define V	r11
+
+#define COMPUTE(a, b, s, M, R)			\
+{						\
+	.mii ;					\
+	ld4 TRound = [TPtr], 4 ;		\
+	dep.z Y = Z, 32, 32 ;;			\
+	shrp Z = Z, Y, 64 - s ;			\
+} ;;						\
+{						\
+	.mmi ;					\
+	add a = Z, b ;				\
+	mov R = M ;				\
+	nop 0x0 ;				\
+} ;;
+
+#define LOOP(a, b, s, M, R, label)		\
+{	.mii ;					\
+	ld4 TRound = [TPtr], 4 ;		\
+	dep.z Y = Z, 32, 32 ;;			\
+	shrp Z = Z, Y, 64 - s ;			\
+} ;;						\
+{	.mib ;					\
+	add a = Z, b ;				\
+	mov R = M ;				\
+	br.ctop.sptk.many label ;		\
+} ;;
+
+// G(B, C, D) = (B & D) | (C & ~D)
+
+#define G(a, b, c, d, M)			\
+{	.mmi ;					\
+	add Z = M, TRound ;			\
+	and Y = b, d ;				\
+	andcm X = c, d ;			\
+} ;;						\
+{	.mii ;					\
+	add Z = Z, a ;				\
+	or Y = Y, X ;;				\
+	add Z = Z, Y ;				\
+} ;;
+
+// H(B, C, D) = B ^ C ^ D
+
+#define H(a, b, c, d, M)			\
+{	.mmi ;					\
+	add Z = M, TRound ;			\
+	xor Y = b, c ;				\
+	nop 0x0 ;				\
+} ;;						\
+{	.mii ;					\
+	add Z = Z, a ;				\
+	xor Y = Y, d ;;				\
+	add Z = Z, Y ;				\
+} ;;
+
+// I(B, C, D) = C ^ (B | ~D)
+//
+// However, since we have an andcm operator, we use the fact that
+//
+// Y ^ Z == ~Y ^ ~Z
+//
+// to rewrite the expression as
+//
+// I(B, C, D) = ~C ^ (~B & D)
+
+#define I(a, b, c, d, M)			\
+{	.mmi ;					\
+	add Z = M, TRound ;			\
+	andcm Y = d, b ;			\
+	andcm X = -1, c ;			\
+} ;;						\
+{	.mii ;					\
+	add Z = Z, a ;				\
+	xor Y = Y, X ;;				\
+	add Z = Z, Y ;				\
+} ;;
+
+#define GG4(label)				\
+	G(A, B, C, D, M0)			\
+	COMPUTE(A, B, 5, M0, RotateM0)		\
+	G(D, A, B, C, M1)			\
+	COMPUTE(D, A, 9, M1, RotateM1)		\
+	G(C, D, A, B, M2)			\
+	COMPUTE(C, D, 14, M2, RotateM2)		\
+	G(B, C, D, A, M3)			\
+	LOOP(B, C, 20, M3, RotateM3, label)
+
+#define HH4(label)				\
+	H(A, B, C, D, M0)			\
+	COMPUTE(A, B, 4, M0, RotateM0)		\
+	H(D, A, B, C, M1)			\
+	COMPUTE(D, A, 11, M1, RotateM1)		\
+	H(C, D, A, B, M2)			\
+	COMPUTE(C, D, 16, M2, RotateM2)		\
+	H(B, C, D, A, M3)			\
+	LOOP(B, C, 23, M3, RotateM3, label)
+
+#define II4(label)				\
+	I(A, B, C, D, M0)			\
+	COMPUTE(A, B, 6, M0, RotateM0)		\
+	I(D, A, B, C, M1)			\
+	COMPUTE(D, A, 10, M1, RotateM1)		\
+	I(C, D, A, B, M2)			\
+	COMPUTE(C, D, 15, M2, RotateM2)		\
+	I(B, C, D, A, M3)			\
+	LOOP(B, C, 21, M3, RotateM3, label)
+
+#define FFLOAD(a, b, c, d, M, N, s)		\
+{	.mii ;					\
+(pMore) ld4 N = [DPtr], 4 ;			\
+	add Z = M, TRound ;			\
+	and Y = c, b ;				\
+}						\
+{	.mmi ;					\
+	andcm X = d, b ;;			\
+	add Z = Z, a ;				\
+	or Y = Y, X ;				\
+} ;;						\
+{	.mii ;					\
+	ld4 TRound = [TPtr], 4 ;		\
+	add Z = Z, Y ;;				\
+	dep.z Y = Z, 32, 32 ;			\
+} ;;						\
+{	.mii ;					\
+	nop 0x0 ;				\
+	shrp Z = Z, Y, 64 - s ;;		\
+	add a = Z, b ;				\
+} ;;
+
+#define FFLOOP(a, b, c, d, M, N, s, dest)	\
+{	.mii ;					\
+(pMore)	ld4 N = [DPtr], 4 ;			\
+	add Z = M, TRound ;			\
+	and Y = c, b ;				\
+}						\
+{	.mmi ;					\
+	andcm X = d, b ;;			\
+	add Z = Z, a ;				\
+	or Y = Y, X ;				\
+} ;;						\
+{	.mii ;					\
+	ld4 TRound = [TPtr], 4 ;		\
+	add Z = Z, Y ;;				\
+	dep.z Y = Z, 32, 32 ;			\
+} ;;						\
+{	.mii ;					\
+	nop 0x0 ;				\
+	shrp Z = Z, Y, 64 - s ;;		\
+	add a = Z, b ;				\
+}						\
+{	.mib ;					\
+	cmp.ne pMore, p0 = 0, LTrip ;		\
+	add LTrip = -1, LTrip ;			\
+	br.ctop.dptk.many dest ;		\
+} ;;
+
+	.type md5_digest_block0, @function
+	.align 32
+
+	.proc md5_digest_block0
+	.prologue
+md5_digest_block0:
+	.altrp QUICK_RTN
+	.body
+{	.mmi
+	alloc PFS = ar.pfs, _NINPUTS, _NLOCALS, _NOUTPUT, _NROTATE
+	mov LTrip = 2
+	mov ar.lc = 3
+} ;;
+{	.mii
+	cmp.eq pMore, p0 = r0, r0
+	mov ar.ec = 0
+	nop 0x0
+} ;;
+
+.md5_FF_round0:
+	FFLOAD(A, B, C, D, M12, RotateM0, 7)
+	FFLOAD(D, A, B, C, M13, RotateM1, 12)
+	FFLOAD(C, D, A, B, M14, RotateM2, 17)
+	FFLOOP(B, C, D, A, M15, RotateM3, 22, .md5_FF_round0)
+	//
+	// !!! Fall through to md5_digest_GHI
+	//
+	.endp md5_digest_block0
+
+	.type md5_digest_GHI, @function
+	.align 32
+
+	.proc md5_digest_GHI
+	.prologue
+	.regstk _NINPUTS, _NLOCALS, _NOUTPUT, _NROTATE
+md5_digest_GHI:
+	.altrp QUICK_RTN
+	.body
+//
+// The following sequence shuffles the block counstants round for the
+// next round:
+//
+// 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
+// 1 6 11 0 5 10 14 4 9 14 3 8 13 2 7 12
+//
+{	.mmi
+	mov Z = M0
+	mov Y = M15
+	mov ar.lc = 3
+}
+{	.mmi
+	mov X = M2
+	mov W = M9
+	mov V = M4
+} ;;
+
+{	.mmi
+	mov M0 = M1
+	mov M15 = M12
+	mov ar.ec = 1
+}
+{	.mmi
+	mov M2 = M11
+	mov M9 = M14
+	mov M4 = M5
+} ;;
+
+{	.mmi
+	mov M1 = M6
+	mov M12 = M13
+	mov U = M3
+}
+{	.mmi
+	mov M11 = M8
+	mov M14 = M7
+	mov M5 = M10
+} ;;
+
+{	.mmi
+	mov M6 = Y
+	mov M13 = X
+	mov M3 = Z
+}
+{	.mmi
+	mov M8 = W
+	mov M7 = V
+	mov M10 = U
+} ;;
+
+.md5_GG_round:
+	GG4(.md5_GG_round)
+
+// The following sequence shuffles the block constants round for the
+// next round:
+//
+// 1 6 11 0 5 10 14 4 9 14 3 8 13 2 7 12
+// 5 8 11 14 1 4 7 10 13 0 3 6 9 12 15 2
+
+{	.mmi
+	mov Z = M0
+	mov Y = M1
+	mov ar.lc = 3
+}
+{	.mmi
+	mov X = M3
+	mov W = M5
+	mov V = M6
+} ;;
+
+{	.mmi
+	mov M0 = M4
+	mov M1 = M11
+	mov ar.ec = 1
+}
+{	.mmi
+	mov M3 = M9
+	mov U = M8
+	mov T = M13
+} ;;
+
+{	.mmi
+	mov M4 = Z
+	mov M11 = Y
+	mov M5 = M7
+}
+{	.mmi
+	mov M6 = M14
+	mov M8 = M12
+	mov M13 = M15
+} ;;
+
+{	.mmi
+	mov M7 = W
+	mov M14 = V
+	nop 0x0
+}
+{	.mmi
+	mov M9 = X
+	mov M12 = U
+	mov M15 = T
+} ;;
+
+.md5_HH_round:
+	HH4(.md5_HH_round)
+
+// The following sequence shuffles the block constants round for the
+// next round:
+//
+// 5 8 11 14 1 4 7 10 13 0 3 6 9 12 15 2
+// 0 7 14 5 12 3 10 1 8 15 6 13 4 11 2 9
+
+{	.mmi
+	mov Z = M0
+	mov Y = M15
+	mov ar.lc = 3
+}
+{	.mmi
+	mov X = M10
+	mov W = M1
+	mov V = M4
+} ;;
+
+{	.mmi
+	mov M0 = M9
+	mov M15 = M12
+	mov ar.ec = 1
+}
+{	.mmi
+	mov M10 = M11
+	mov M1 = M6
+	mov M4 = M13
+} ;;
+
+{	.mmi
+	mov M9 = M14
+	mov M12 = M5
+	mov U = M3
+}
+{	.mmi
+	mov M11 = M8
+	mov M6 = M7
+	mov M13 = M2
+} ;;
+
+{	.mmi
+	mov M14 = Y
+	mov M5 = X
+	mov M3 = Z
+}
+{	.mmi
+	mov M8 = W
+	mov M7 = V
+	mov M2 = U
+} ;;
+
+.md5_II_round:
+	II4(.md5_II_round)
+
+{	.mib
+	nop 0x0
+	nop 0x0
+	br.ret.sptk.many QUICK_RTN
+} ;;
+
+	.endp md5_digest_GHI
+
+#define FFLOADU(a, b, c, d, M, P, N, s, offset)	\
+{	.mii ;					\
+(pMore) ld4 N = [DPtr], 4 ;			\
+	add Z = M, TRound ;			\
+	and Y = c, b ;				\
+}						\
+{	.mmi ;					\
+	andcm X = d, b ;;			\
+	add Z = Z, a ;				\
+	or Y = Y, X ;				\
+} ;;						\
+{	.mii ;					\
+	ld4 TRound = [TPtr], 4 ;		\
+	GETLW(W, P, offset) ;			\
+	add Z = Z, Y ;				\
+} ;;						\
+{	.mii ;					\
+	or W = W, DTmp ;			\
+	dep.z Y = Z, 32, 32 ;;			\
+	shrp Z = Z, Y, 64 - s ;			\
+} ;;						\
+{	.mii ;					\
+	add a = Z, b ;				\
+	GETRW(DTmp, P, offset) ;		\
+	mov P = W ;				\
+} ;;
+
+#define FFLOOPU(a, b, c, d, M, P, N, s, offset)		\
+{	.mii ;						\
+(pMore) ld4 N = [DPtr], 4 ;				\
+	add Z = M, TRound ;				\
+	and Y = c, b ;					\
+}							\
+{	.mmi ;						\
+	andcm X = d, b ;;				\
+	add Z = Z, a ;					\
+	or Y = Y, X ;					\
+} ;;							\
+{	.mii ;						\
+	ld4 TRound = [TPtr], 4 ;			\
+(pMore) GETLW(W, P, offset) 	;			\
+	add Z = Z, Y ;					\
+} ;;							\
+{	.mii ;						\
+(pMore) or W = W, DTmp ;				\
+	dep.z Y = Z, 32, 32 ;;				\
+	shrp Z = Z, Y, 64 - s ;				\
+} ;;							\
+{	.mii ;						\
+	add a = Z, b ;					\
+(pMore) GETRW(DTmp, P, offset) 	;			\
+(pMore) mov P = W ;					\
+}							\
+{	.mib ;						\
+	cmp.ne pMore, p0 = 0, LTrip ;			\
+	add LTrip = -1, LTrip ;				\
+	br.ctop.sptk.many .md5_FF_round##offset ;	\
+} ;;
+
+#define MD5FBLOCK(offset)						\
+	.type md5_digest_block##offset, @function ;			\
+									\
+	.align 32 ;							\
+	.proc md5_digest_block##offset ;				\
+	.prologue ;							\
+	.altrp QUICK_RTN ;						\
+	.body ;								\
+md5_digest_block##offset:						\
+{	.mmi ;								\
+	alloc PFS = ar.pfs, _NINPUTS, _NLOCALS, _NOUTPUT, _NROTATE ;	\
+	mov LTrip = 2 ;							\
+	mov ar.lc = 3 ;							\
+} ;;									\
+{	.mii ;								\
+	cmp.eq pMore, p0 = r0, r0 ;					\
+	mov ar.ec = 0 ;							\
+	nop 0x0 ;							\
+} ;;									\
+									\
+	.pred.rel "mutex", pLoad, pSkip ;				\
+.md5_FF_round##offset:							\
+	FFLOADU(A, B, C, D, M12, M13, RotateM0, 7, offset)		\
+	FFLOADU(D, A, B, C, M13, M14, RotateM1, 12, offset)		\
+	FFLOADU(C, D, A, B, M14, M15, RotateM2, 17, offset)		\
+	FFLOOPU(B, C, D, A, M15, RotateM0, RotateM3, 22, offset)	\
+									\
+{	.mib ;								\
+	nop 0x0 ;							\
+	nop 0x0 ;							\
+	br.cond.sptk.many md5_digest_GHI ;				\
+} ;;									\
+	.endp md5digestBlock ## offset
+
+MD5FBLOCK(1)
+MD5FBLOCK(2)
+MD5FBLOCK(3)
+
+	.align 64
+	.type md5_constants, @object
+md5_constants:
+.md5_tbl_data_order:			// To ensure little-endian data
+					// order, code as bytes.
+	data1 0x78, 0xa4, 0x6a, 0xd7	//     0
+	data1 0x56, 0xb7, 0xc7, 0xe8	//     1
+	data1 0xdb, 0x70, 0x20, 0x24	//     2
+	data1 0xee, 0xce, 0xbd, 0xc1	//     3
+	data1 0xaf, 0x0f, 0x7c, 0xf5	//     4
+	data1 0x2a, 0xc6, 0x87, 0x47	//     5
+	data1 0x13, 0x46, 0x30, 0xa8	//     6
+	data1 0x01, 0x95, 0x46, 0xfd	//     7
+	data1 0xd8, 0x98, 0x80, 0x69	//     8
+	data1 0xaf, 0xf7, 0x44, 0x8b	//     9
+	data1 0xb1, 0x5b, 0xff, 0xff	//    10
+	data1 0xbe, 0xd7, 0x5c, 0x89	//    11
+	data1 0x22, 0x11, 0x90, 0x6b	//    12
+	data1 0x93, 0x71, 0x98, 0xfd	//    13
+	data1 0x8e, 0x43, 0x79, 0xa6	//    14
+	data1 0x21, 0x08, 0xb4, 0x49	//    15
+	data1 0x62, 0x25, 0x1e, 0xf6	//    16
+	data1 0x40, 0xb3, 0x40, 0xc0	//    17
+	data1 0x51, 0x5a, 0x5e, 0x26	//    18
+	data1 0xaa, 0xc7, 0xb6, 0xe9	//    19
+	data1 0x5d, 0x10, 0x2f, 0xd6	//    20
+	data1 0x53, 0x14, 0x44, 0x02	//    21
+	data1 0x81, 0xe6, 0xa1, 0xd8	//    22
+	data1 0xc8, 0xfb, 0xd3, 0xe7	//    23
+	data1 0xe6, 0xcd, 0xe1, 0x21	//    24
+	data1 0xd6, 0x07, 0x37, 0xc3	//    25
+	data1 0x87, 0x0d, 0xd5, 0xf4	//    26
+	data1 0xed, 0x14, 0x5a, 0x45	//    27
+	data1 0x05, 0xe9, 0xe3, 0xa9	//    28
+	data1 0xf8, 0xa3, 0xef, 0xfc	//    29
+	data1 0xd9, 0x02, 0x6f, 0x67	//    30
+	data1 0x8a, 0x4c, 0x2a, 0x8d	//    31
+	data1 0x42, 0x39, 0xfa, 0xff	//    32
+	data1 0x81, 0xf6, 0x71, 0x87	//    33
+	data1 0x22, 0x61, 0x9d, 0x6d	//    34
+	data1 0x0c, 0x38, 0xe5, 0xfd	//    35
+	data1 0x44, 0xea, 0xbe, 0xa4	//    36
+	data1 0xa9, 0xcf, 0xde, 0x4b	//    37
+	data1 0x60, 0x4b, 0xbb, 0xf6	//    38
+	data1 0x70, 0xbc, 0xbf, 0xbe	//    39
+	data1 0xc6, 0x7e, 0x9b, 0x28	//    40
+	data1 0xfa, 0x27, 0xa1, 0xea	//    41
+	data1 0x85, 0x30, 0xef, 0xd4	//    42
+	data1 0x05, 0x1d, 0x88, 0x04	//    43
+	data1 0x39, 0xd0, 0xd4, 0xd9	//    44
+	data1 0xe5, 0x99, 0xdb, 0xe6	//    45
+	data1 0xf8, 0x7c, 0xa2, 0x1f	//    46
+	data1 0x65, 0x56, 0xac, 0xc4	//    47
+	data1 0x44, 0x22, 0x29, 0xf4	//    48
+	data1 0x97, 0xff, 0x2a, 0x43	//    49
+	data1 0xa7, 0x23, 0x94, 0xab	//    50
+	data1 0x39, 0xa0, 0x93, 0xfc	//    51
+	data1 0xc3, 0x59, 0x5b, 0x65	//    52
+	data1 0x92, 0xcc, 0x0c, 0x8f	//    53
+	data1 0x7d, 0xf4, 0xef, 0xff	//    54
+	data1 0xd1, 0x5d, 0x84, 0x85	//    55
+	data1 0x4f, 0x7e, 0xa8, 0x6f	//    56
+	data1 0xe0, 0xe6, 0x2c, 0xfe	//    57
+	data1 0x14, 0x43, 0x01, 0xa3	//    58
+	data1 0xa1, 0x11, 0x08, 0x4e	//    59
+	data1 0x82, 0x7e, 0x53, 0xf7	//    60
+	data1 0x35, 0xf2, 0x3a, 0xbd	//    61
+	data1 0xbb, 0xd2, 0xd7, 0x2a	//    62
+	data1 0x91, 0xd3, 0x86, 0xeb	//    63
+.size	md5_constants#,64*4
diff --git a/crypto/md5/asm/md5-sparcv9.S b/crypto/md5/asm/md5-sparcv9.S
deleted file mode 100644
index db45aa4c97..0000000000
--- a/crypto/md5/asm/md5-sparcv9.S
+++ /dev/null
@@ -1,1031 +0,0 @@
-.ident	"md5-sparcv9.S, Version 1.0"
-.ident	"SPARC V9 ISA artwork by Andy Polyakov <appro@fy.chalmers.se>"
-.file	"md5-sparcv9.S"
-
-/*
- * ====================================================================
- * Copyright (c) 1999 Andy Polyakov <appro@fy.chalmers.se>.
- *
- * Rights for redistribution and usage in source and binary forms are
- * granted as long as above copyright notices are retained. Warranty
- * of any kind is (of course:-) disclaimed.
- * ====================================================================
- */
-
-/*
- * This is my modest contribution to OpenSSL project (see
- * http://www.openssl.org/ for more information about it) and is an
- * assembler implementation of MD5 block hash function. I've hand-coded
- * this for the sole reason to reach UltraSPARC-specific "load in
- * little-endian byte order" instruction. This gives up to 15%
- * performance improvement for cases when input message is aligned at
- * 32 bits boundary. The module was tested under both 32 *and* 64 bit
- * kernels. For updates see http://fy.chalmers.se/~appro/hpe/.
- *
- * To compile with SC4.x/SC5.x:
- *
- *	cc -xarch=v[9|8plus] -DOPENSSL_SYSNAME_ULTRASPARC -DMD5_BLOCK_DATA_ORDER \
- *		-c md5-sparcv9.S
- *
- * and with gcc:
- *
- *	gcc -mcpu=ultrasparc -DOPENSSL_SYSNAME_ULTRASPARC -DMD5_BLOCK_DATA_ORDER \
- *		-c md5-sparcv9.S
- *
- * or if above fails (it does if you have gas):
- *
- *	gcc -E -DOPENSSL_SYSNAMEULTRASPARC -DMD5_BLOCK_DATA_ORDER md5_block.sparc.S | \
- *		as -xarch=v8plus /dev/fd/0 -o md5-sparcv9.o
- */
-
-#include <openssl/e_os2.h>
-
-#define	A	%o0
-#define B	%o1
-#define	C	%o2
-#define	D	%o3
-#define	T1	%o4
-#define	T2	%o5
-
-#define	R0	%l0
-#define	R1	%l1
-#define	R2	%l2
-#define	R3	%l3
-#define	R4	%l4
-#define	R5	%l5
-#define	R6	%l6
-#define	R7	%l7
-#define	R8	%i3
-#define	R9	%i4
-#define	R10	%i5
-#define	R11	%g1
-#define R12	%g2
-#define	R13	%g3
-#define RX	%g4
-
-#define Aptr	%i0+0
-#define Bptr	%i0+4
-#define Cptr	%i0+8
-#define Dptr	%i0+12
-
-#define Aval	R5	/* those not used at the end of the last round */
-#define Bval	R6
-#define Cval	R7
-#define Dval	R8
-
-#if defined(MD5_BLOCK_DATA_ORDER)
-# if defined(OPENSSL_SYSNAME_ULTRASPARC)
-#  define	LOAD			lda
-#  define	X(i)			[%i1+i*4]%asi
-#  define	md5_block		md5_block_asm_data_order_aligned
-#  define	ASI_PRIMARY_LITTLE	0x88
-# else
-#  error "MD5_BLOCK_DATA_ORDER is supported only on UltraSPARC!"
-# endif
-#else
-# define	LOAD			ld
-# define	X(i)			[%i1+i*4]
-# define	md5_block		md5_block_asm_host_order
-#endif
-
-.section        ".text",#alloc,#execinstr
-
-#if defined(__SUNPRO_C) && defined(__sparcv9)
-  /* They've said -xarch=v9 at command line */
-  .register	%g2,#scratch
-  .register	%g3,#scratch
-# define	FRAME	-192
-#elif defined(__GNUC__) && defined(__arch64__)
-  /* They've said -m64 at command line */
-  .register     %g2,#scratch
-  .register     %g3,#scratch
-# define        FRAME   -192
-#else
-# define	FRAME	-96
-#endif
-
-.align  32
-
-.global md5_block
-md5_block:
-	save	%sp,FRAME,%sp
-
-	ld	[Dptr],D
-	ld	[Cptr],C
-	ld	[Bptr],B
-	ld	[Aptr],A
-#ifdef ASI_PRIMARY_LITTLE
-	rd	%asi,%o7	! How dare I? Well, I just do:-)
-	wr	%g0,ASI_PRIMARY_LITTLE,%asi
-#endif
-	LOAD	X(0),R0
-
-.Lmd5_block_loop:
-
-!!!!!!!!Round 0
-
-	xor	C,D,T1
-	sethi	%hi(0xd76aa478),T2
-	and	T1,B,T1
-	or	T2,%lo(0xd76aa478),T2	!=
-	xor	T1,D,T1
-	add	T1,R0,T1
-	LOAD	X(1),R1
-	add	T1,T2,T1		!=
-	add	A,T1,A
-	sll	A,7,T2
-	srl	A,32-7,A
-	or	A,T2,A			!=
-	 xor	 B,C,T1
-	add	A,B,A
-
-	sethi	%hi(0xe8c7b756),T2
-	and	T1,A,T1			!=
-	or	T2,%lo(0xe8c7b756),T2
-	xor	T1,C,T1
-	LOAD	X(2),R2
-	add	T1,R1,T1		!=
-	add	T1,T2,T1
-	add	D,T1,D
-	sll	D,12,T2
-	srl	D,32-12,D		!=
-	or	D,T2,D
-	 xor	 A,B,T1
-	add	D,A,D
-
-	sethi	%hi(0x242070db),T2	!=
-	and	T1,D,T1
-	or	T2,%lo(0x242070db),T2
-	xor	T1,B,T1
-	add	T1,R2,T1		!=
-	LOAD	X(3),R3
-	add	T1,T2,T1
-	add	C,T1,C
-	sll	C,17,T2			!=
-	srl	C,32-17,C
-	or	C,T2,C
-	 xor	 D,A,T1
-	add	C,D,C			!=
-
-	sethi	%hi(0xc1bdceee),T2
-	and	T1,C,T1
-	or	T2,%lo(0xc1bdceee),T2
-	xor	T1,A,T1			!=
-	add	T1,R3,T1
-	LOAD	X(4),R4
-	add	T1,T2,T1
-	add	B,T1,B			!=
-	sll	B,22,T2
-	srl	B,32-22,B
-	or	B,T2,B
-	 xor	 C,D,T1			!=
-	add	B,C,B
-
-	sethi	%hi(0xf57c0faf),T2
-	and	T1,B,T1
-	or	T2,%lo(0xf57c0faf),T2	!=
-	xor	T1,D,T1
-	add	T1,R4,T1
-	LOAD	X(5),R5
-	add	T1,T2,T1		!=
-	add	A,T1,A
-	sll	A,7,T2
-	srl	A,32-7,A
-	or	A,T2,A			!=
-	 xor	 B,C,T1
-	add	A,B,A
-
-	sethi	%hi(0x4787c62a),T2
-	and	T1,A,T1			!=
-	or	T2,%lo(0x4787c62a),T2
-	xor	T1,C,T1
-	LOAD	X(6),R6
-	add	T1,R5,T1		!=
-	add	T1,T2,T1
-	add	D,T1,D
-	sll	D,12,T2
-	srl	D,32-12,D		!=
-	or	D,T2,D
-	 xor	 A,B,T1
-	add	D,A,D
-
-	sethi	%hi(0xa8304613),T2	!=
-	and	T1,D,T1
-	or	T2,%lo(0xa8304613),T2
-	xor	T1,B,T1
-	add	T1,R6,T1		!=
-	LOAD	X(7),R7
-	add	T1,T2,T1
-	add	C,T1,C
-	sll	C,17,T2			!=
-	srl	C,32-17,C
-	or	C,T2,C
-	 xor	 D,A,T1
-	add	C,D,C			!=
-
-	sethi	%hi(0xfd469501),T2
-	and	T1,C,T1
-	or	T2,%lo(0xfd469501),T2
-	xor	T1,A,T1			!=
-	add	T1,R7,T1
-	LOAD	X(8),R8
-	add	T1,T2,T1
-	add	B,T1,B			!=
-	sll	B,22,T2
-	srl	B,32-22,B
-	or	B,T2,B
-	 xor	 C,D,T1			!=
-	add	B,C,B
-
-	sethi	%hi(0x698098d8),T2
-	and	T1,B,T1
-	or	T2,%lo(0x698098d8),T2	!=
-	xor	T1,D,T1
-	add	T1,R8,T1
-	LOAD	X(9),R9
-	add	T1,T2,T1		!=
-	add	A,T1,A
-	sll	A,7,T2
-	srl	A,32-7,A
-	or	A,T2,A			!=
-	 xor	 B,C,T1
-	add	A,B,A
-
-	sethi	%hi(0x8b44f7af),T2
-	and	T1,A,T1			!=
-	or	T2,%lo(0x8b44f7af),T2
-	xor	T1,C,T1
-	LOAD	X(10),R10
-	add	T1,R9,T1		!=
-	add	T1,T2,T1
-	add	D,T1,D
-	sll	D,12,T2
-	srl	D,32-12,D		!=
-	or	D,T2,D
-	 xor	 A,B,T1
-	add	D,A,D
-
-	sethi	%hi(0xffff5bb1),T2	!=
-	and	T1,D,T1
-	or	T2,%lo(0xffff5bb1),T2
-	xor	T1,B,T1
-	add	T1,R10,T1		!=
-	LOAD	X(11),R11
-	add	T1,T2,T1
-	add	C,T1,C
-	sll	C,17,T2			!=
-	srl	C,32-17,C
-	or	C,T2,C
-	 xor	 D,A,T1
-	add	C,D,C			!=
-
-	sethi	%hi(0x895cd7be),T2
-	and	T1,C,T1
-	or	T2,%lo(0x895cd7be),T2
-	xor	T1,A,T1			!=
-	add	T1,R11,T1
-	LOAD	X(12),R12
-	add	T1,T2,T1
-	add	B,T1,B			!=
-	sll	B,22,T2
-	srl	B,32-22,B
-	or	B,T2,B
-	 xor	 C,D,T1			!=
-	add	B,C,B
-
-	sethi	%hi(0x6b901122),T2
-	and	T1,B,T1
-	or	T2,%lo(0x6b901122),T2	!=
-	xor	T1,D,T1
-	add	T1,R12,T1
-	LOAD	X(13),R13
-	add	T1,T2,T1		!=
-	add	A,T1,A
-	sll	A,7,T2
-	srl	A,32-7,A
-	or	A,T2,A			!=
-	 xor	 B,C,T1
-	add	A,B,A
-
-	sethi	%hi(0xfd987193),T2
-	and	T1,A,T1			!=
-	or	T2,%lo(0xfd987193),T2
-	xor	T1,C,T1
-	LOAD	X(14),RX
-	add	T1,R13,T1		!=
-	add	T1,T2,T1
-	add	D,T1,D
-	sll	D,12,T2
-	srl	D,32-12,D		!=
-	or	D,T2,D
-	 xor	 A,B,T1
-	add	D,A,D
-
-	sethi	%hi(0xa679438e),T2	!=
-	and	T1,D,T1
-	or	T2,%lo(0xa679438e),T2
-	xor	T1,B,T1
-	add	T1,RX,T1		!=
-	LOAD	X(15),RX
-	add	T1,T2,T1
-	add	C,T1,C
-	sll	C,17,T2			!=
-	srl	C,32-17,C
-	or	C,T2,C
-	 xor	 D,A,T1
-	add	C,D,C			!=
-
-	sethi	%hi(0x49b40821),T2
-	and	T1,C,T1
-	or	T2,%lo(0x49b40821),T2
-	xor	T1,A,T1			!=
-	add	T1,RX,T1
-	!pre-LOADed	X(1),R1
-	add	T1,T2,T1
-	add	B,T1,B
-	sll	B,22,T2			!=
-	srl	B,32-22,B
-	or	B,T2,B
-	add	B,C,B
-
-!!!!!!!!Round 1
-
-	xor	B,C,T1			!=
-	sethi	%hi(0xf61e2562),T2
-	and	T1,D,T1
-	or	T2,%lo(0xf61e2562),T2
-	xor	T1,C,T1			!=
-	add	T1,R1,T1
-	!pre-LOADed	X(6),R6
-	add	T1,T2,T1
-	add	A,T1,A
-	sll	A,5,T2			!=
-	srl	A,32-5,A
-	or	A,T2,A
-	add	A,B,A
-
-	xor	A,B,T1			!=
-	sethi	%hi(0xc040b340),T2
-	and	T1,C,T1
-	or	T2,%lo(0xc040b340),T2
-	xor	T1,B,T1			!=
-	add	T1,R6,T1
-	!pre-LOADed	X(11),R11
-	add	T1,T2,T1
-	add	D,T1,D
-	sll	D,9,T2			!=
-	srl	D,32-9,D
-	or	D,T2,D
-	add	D,A,D
-
-	xor	D,A,T1			!=
-	sethi	%hi(0x265e5a51),T2
-	and	T1,B,T1
-	or	T2,%lo(0x265e5a51),T2
-	xor	T1,A,T1			!=
-	add	T1,R11,T1
-	!pre-LOADed	X(0),R0
-	add	T1,T2,T1
-	add	C,T1,C
-	sll	C,14,T2			!=
-	srl	C,32-14,C
-	or	C,T2,C
-	add	C,D,C
-
-	xor	C,D,T1			!=
-	sethi	%hi(0xe9b6c7aa),T2
-	and	T1,A,T1
-	or	T2,%lo(0xe9b6c7aa),T2
-	xor	T1,D,T1			!=
-	add	T1,R0,T1
-	!pre-LOADed	X(5),R5
-	add	T1,T2,T1
-	add	B,T1,B
-	sll	B,20,T2			!=
-	srl	B,32-20,B
-	or	B,T2,B
-	add	B,C,B
-
-	xor	B,C,T1			!=
-	sethi	%hi(0xd62f105d),T2
-	and	T1,D,T1
-	or	T2,%lo(0xd62f105d),T2
-	xor	T1,C,T1			!=
-	add	T1,R5,T1
-	!pre-LOADed	X(10),R10
-	add	T1,T2,T1
-	add	A,T1,A
-	sll	A,5,T2			!=
-	srl	A,32-5,A
-	or	A,T2,A
-	add	A,B,A
-
-	xor	A,B,T1			!=
-	sethi	%hi(0x02441453),T2
-	and	T1,C,T1
-	or	T2,%lo(0x02441453),T2
-	xor	T1,B,T1			!=
-	add	T1,R10,T1
-	LOAD	X(15),RX
-	add	T1,T2,T1
-	add	D,T1,D			!=
-	sll	D,9,T2
-	srl	D,32-9,D
-	or	D,T2,D
-	add	D,A,D			!=
-
-	xor	D,A,T1
-	sethi	%hi(0xd8a1e681),T2
-	and	T1,B,T1
-	or	T2,%lo(0xd8a1e681),T2	!=
-	xor	T1,A,T1
-	add	T1,RX,T1
-	!pre-LOADed	X(4),R4
-	add	T1,T2,T1
-	add	C,T1,C			!=
-	sll	C,14,T2
-	srl	C,32-14,C
-	or	C,T2,C
-	add	C,D,C			!=
-
-	xor	C,D,T1
-	sethi	%hi(0xe7d3fbc8),T2
-	and	T1,A,T1
-	or	T2,%lo(0xe7d3fbc8),T2	!=
-	xor	T1,D,T1
-	add	T1,R4,T1
-	!pre-LOADed	X(9),R9
-	add	T1,T2,T1
-	add	B,T1,B			!=
-	sll	B,20,T2
-	srl	B,32-20,B
-	or	B,T2,B
-	add	B,C,B			!=
-
-	xor	B,C,T1
-	sethi	%hi(0x21e1cde6),T2
-	and	T1,D,T1
-	or	T2,%lo(0x21e1cde6),T2	!=
-	xor	T1,C,T1
-	add	T1,R9,T1
-	LOAD	X(14),RX
-	add	T1,T2,T1		!=
-	add	A,T1,A
-	sll	A,5,T2
-	srl	A,32-5,A
-	or	A,T2,A			!=
-	add	A,B,A
-
-	xor	A,B,T1
-	sethi	%hi(0xc33707d6),T2
-	and	T1,C,T1			!=
-	or	T2,%lo(0xc33707d6),T2
-	xor	T1,B,T1
-	add	T1,RX,T1
-	!pre-LOADed	X(3),R3
-	add	T1,T2,T1		!=
-	add	D,T1,D
-	sll	D,9,T2
-	srl	D,32-9,D
-	or	D,T2,D			!=
-	add	D,A,D
-
-	xor	D,A,T1
-	sethi	%hi(0xf4d50d87),T2
-	and	T1,B,T1			!=
-	or	T2,%lo(0xf4d50d87),T2
-	xor	T1,A,T1
-	add	T1,R3,T1
-	!pre-LOADed	X(8),R8
-	add	T1,T2,T1		!=
-	add	C,T1,C
-	sll	C,14,T2
-	srl	C,32-14,C
-	or	C,T2,C			!=
-	add	C,D,C
-
-	xor	C,D,T1
-	sethi	%hi(0x455a14ed),T2
-	and	T1,A,T1			!=
-	or	T2,%lo(0x455a14ed),T2
-	xor	T1,D,T1
-	add	T1,R8,T1
-	!pre-LOADed	X(13),R13
-	add	T1,T2,T1		!=
-	add	B,T1,B
-	sll	B,20,T2
-	srl	B,32-20,B
-	or	B,T2,B			!=
-	add	B,C,B
-
-	xor	B,C,T1
-	sethi	%hi(0xa9e3e905),T2
-	and	T1,D,T1			!=
-	or	T2,%lo(0xa9e3e905),T2
-	xor	T1,C,T1
-	add	T1,R13,T1
-	!pre-LOADed	X(2),R2
-	add	T1,T2,T1		!=
-	add	A,T1,A
-	sll	A,5,T2
-	srl	A,32-5,A
-	or	A,T2,A			!=
-	add	A,B,A
-
-	xor	A,B,T1
-	sethi	%hi(0xfcefa3f8),T2
-	and	T1,C,T1			!=
-	or	T2,%lo(0xfcefa3f8),T2
-	xor	T1,B,T1
-	add	T1,R2,T1
-	!pre-LOADed	X(7),R7
-	add	T1,T2,T1		!=
-	add	D,T1,D
-	sll	D,9,T2
-	srl	D,32-9,D
-	or	D,T2,D			!=
-	add	D,A,D
-
-	xor	D,A,T1
-	sethi	%hi(0x676f02d9),T2
-	and	T1,B,T1			!=
-	or	T2,%lo(0x676f02d9),T2
-	xor	T1,A,T1
-	add	T1,R7,T1
-	!pre-LOADed	X(12),R12
-	add	T1,T2,T1		!=
-	add	C,T1,C
-	sll	C,14,T2
-	srl	C,32-14,C
-	or	C,T2,C			!=
-	add	C,D,C
-
-	xor	C,D,T1
-	sethi	%hi(0x8d2a4c8a),T2
-	and	T1,A,T1			!=
-	or	T2,%lo(0x8d2a4c8a),T2
-	xor	T1,D,T1
-	add	T1,R12,T1
-	!pre-LOADed	X(5),R5
-	add	T1,T2,T1		!=
-	add	B,T1,B
-	sll	B,20,T2
-	srl	B,32-20,B
-	or	B,T2,B			!=
-	add	B,C,B
-
-!!!!!!!!Round 2
-
-	xor	B,C,T1
-	sethi	%hi(0xfffa3942),T2
-	xor	T1,D,T1			!=
-	or	T2,%lo(0xfffa3942),T2
-	add	T1,R5,T1
-	!pre-LOADed	X(8),R8
-	add	T1,T2,T1
-	add	A,T1,A			!=
-	sll	A,4,T2
-	srl	A,32-4,A
-	or	A,T2,A
-	add	A,B,A			!=
-
-	xor	A,B,T1
-	sethi	%hi(0x8771f681),T2
-	xor	T1,C,T1
-	or	T2,%lo(0x8771f681),T2	!=
-	add	T1,R8,T1
-	!pre-LOADed	X(11),R11
-	add	T1,T2,T1
-	add	D,T1,D
-	sll	D,11,T2			!=
-	srl	D,32-11,D
-	or	D,T2,D
-	add	D,A,D
-
-	xor	D,A,T1			!=
-	sethi	%hi(0x6d9d6122),T2
-	xor	T1,B,T1
-	or	T2,%lo(0x6d9d6122),T2
-	add	T1,R11,T1		!=
-	LOAD	X(14),RX
-	add	T1,T2,T1
-	add	C,T1,C
-	sll	C,16,T2			!=
-	srl	C,32-16,C
-	or	C,T2,C
-	add	C,D,C
-
-	xor	C,D,T1			!=
-	sethi	%hi(0xfde5380c),T2
-	xor	T1,A,T1
-	or	T2,%lo(0xfde5380c),T2
-	add	T1,RX,T1		!=
-	!pre-LOADed	X(1),R1
-	add	T1,T2,T1
-	add	B,T1,B
-	sll	B,23,T2
-	srl	B,32-23,B		!=
-	or	B,T2,B
-	add	B,C,B
-
-	xor	B,C,T1
-	sethi	%hi(0xa4beea44),T2	!=
-	xor	T1,D,T1
-	or	T2,%lo(0xa4beea44),T2
-	add	T1,R1,T1
-	!pre-LOADed	X(4),R4
-	add	T1,T2,T1		!=
-	add	A,T1,A
-	sll	A,4,T2
-	srl	A,32-4,A
-	or	A,T2,A			!=
-	add	A,B,A
-
-	xor	A,B,T1
-	sethi	%hi(0x4bdecfa9),T2
-	xor	T1,C,T1			!=
-	or	T2,%lo(0x4bdecfa9),T2
-	add	T1,R4,T1
-	!pre-LOADed	X(7),R7
-	add	T1,T2,T1
-	add	D,T1,D			!=
-	sll	D,11,T2
-	srl	D,32-11,D
-	or	D,T2,D
-	add	D,A,D			!=
-
-	xor	D,A,T1
-	sethi	%hi(0xf6bb4b60),T2
-	xor	T1,B,T1
-	or	T2,%lo(0xf6bb4b60),T2	!=
-	add	T1,R7,T1
-	!pre-LOADed	X(10),R10
-	add	T1,T2,T1
-	add	C,T1,C
-	sll	C,16,T2			!=
-	srl	C,32-16,C
-	or	C,T2,C
-	add	C,D,C
-
-	xor	C,D,T1			!=
-	sethi	%hi(0xbebfbc70),T2
-	xor	T1,A,T1
-	or	T2,%lo(0xbebfbc70),T2
-	add	T1,R10,T1		!=
-	!pre-LOADed	X(13),R13
-	add	T1,T2,T1
-	add	B,T1,B
-	sll	B,23,T2
-	srl	B,32-23,B		!=
-	or	B,T2,B
-	add	B,C,B
-
-	xor	B,C,T1
-	sethi	%hi(0x289b7ec6),T2	!=
-	xor	T1,D,T1
-	or	T2,%lo(0x289b7ec6),T2
-	add	T1,R13,T1
-	!pre-LOADed	X(0),R0
-	add	T1,T2,T1		!=
-	add	A,T1,A
-	sll	A,4,T2
-	srl	A,32-4,A
-	or	A,T2,A			!=
-	add	A,B,A
-
-	xor	A,B,T1
-	sethi	%hi(0xeaa127fa),T2
-	xor	T1,C,T1			!=
-	or	T2,%lo(0xeaa127fa),T2
-	add	T1,R0,T1
-	!pre-LOADed	X(3),R3
-	add	T1,T2,T1
-	add	D,T1,D			!=
-	sll	D,11,T2
-	srl	D,32-11,D
-	or	D,T2,D
-	add	D,A,D			!=
-
-	xor	D,A,T1
-	sethi	%hi(0xd4ef3085),T2
-	xor	T1,B,T1
-	or	T2,%lo(0xd4ef3085),T2	!=
-	add	T1,R3,T1
-	!pre-LOADed	X(6),R6
-	add	T1,T2,T1
-	add	C,T1,C
-	sll	C,16,T2			!=
-	srl	C,32-16,C
-	or	C,T2,C
-	add	C,D,C
-
-	xor	C,D,T1			!=
-	sethi	%hi(0x04881d05),T2
-	xor	T1,A,T1
-	or	T2,%lo(0x04881d05),T2
-	add	T1,R6,T1		!=
-	!pre-LOADed	X(9),R9
-	add	T1,T2,T1
-	add	B,T1,B
-	sll	B,23,T2
-	srl	B,32-23,B		!=
-	or	B,T2,B
-	add	B,C,B
-
-	xor	B,C,T1
-	sethi	%hi(0xd9d4d039),T2	!=
-	xor	T1,D,T1
-	or	T2,%lo(0xd9d4d039),T2
-	add	T1,R9,T1
-	!pre-LOADed	X(12),R12
-	add	T1,T2,T1		!=
-	add	A,T1,A
-	sll	A,4,T2
-	srl	A,32-4,A
-	or	A,T2,A			!=
-	add	A,B,A
-
-	xor	A,B,T1
-	sethi	%hi(0xe6db99e5),T2
-	xor	T1,C,T1			!=
-	or	T2,%lo(0xe6db99e5),T2
-	add	T1,R12,T1
-	LOAD	X(15),RX
-	add	T1,T2,T1		!=
-	add	D,T1,D
-	sll	D,11,T2
-	srl	D,32-11,D
-	or	D,T2,D			!=
-	add	D,A,D
-
-	xor	D,A,T1
-	sethi	%hi(0x1fa27cf8),T2
-	xor	T1,B,T1			!=
-	or	T2,%lo(0x1fa27cf8),T2
-	add	T1,RX,T1
-	!pre-LOADed	X(2),R2
-	add	T1,T2,T1
-	add	C,T1,C			!=
-	sll	C,16,T2
-	srl	C,32-16,C
-	or	C,T2,C
-	add	C,D,C			!=
-
-	xor	C,D,T1
-	sethi	%hi(0xc4ac5665),T2
-	xor	T1,A,T1
-	or	T2,%lo(0xc4ac5665),T2	!=
-	add	T1,R2,T1
-	!pre-LOADed	X(0),R0
-	add	T1,T2,T1
-	add	B,T1,B
-	sll	B,23,T2			!=
-	srl	B,32-23,B
-	or	B,T2,B
-	add	B,C,B
-
-!!!!!!!!Round 3
-
-	orn	B,D,T1			!=
-	sethi	%hi(0xf4292244),T2
-	xor	T1,C,T1
-	or	T2,%lo(0xf4292244),T2
-	add	T1,R0,T1		!=
-	!pre-LOADed	X(7),R7
-	add	T1,T2,T1
-	add	A,T1,A
-	sll	A,6,T2
-	srl	A,32-6,A		!=
-	or	A,T2,A
-	add	A,B,A
-
-	orn	A,C,T1
-	sethi	%hi(0x432aff97),T2	!=
-	xor	T1,B,T1
-	or	T2,%lo(0x432aff97),T2
-	LOAD	X(14),RX
-	add	T1,R7,T1		!=
-	add	T1,T2,T1
-	add	D,T1,D
-	sll	D,10,T2
-	srl	D,32-10,D		!=
-	or	D,T2,D
-	add	D,A,D
-
-	orn	D,B,T1
-	sethi	%hi(0xab9423a7),T2	!=
-	xor	T1,A,T1
-	or	T2,%lo(0xab9423a7),T2
-	add	T1,RX,T1
-	!pre-LOADed	X(5),R5
-	add	T1,T2,T1		!=
-	add	C,T1,C
-	sll	C,15,T2
-	srl	C,32-15,C
-	or	C,T2,C			!=
-	add	C,D,C
-
-	orn	C,A,T1
-	sethi	%hi(0xfc93a039),T2
-	xor	T1,D,T1			!=
-	or	T2,%lo(0xfc93a039),T2
-	add	T1,R5,T1
-	!pre-LOADed	X(12),R12
-	add	T1,T2,T1
-	add	B,T1,B			!=
-	sll	B,21,T2
-	srl	B,32-21,B
-	or	B,T2,B
-	add	B,C,B			!=
-
-	orn	B,D,T1
-	sethi	%hi(0x655b59c3),T2
-	xor	T1,C,T1
-	or	T2,%lo(0x655b59c3),T2	!=
-	add	T1,R12,T1
-	!pre-LOADed	X(3),R3
-	add	T1,T2,T1
-	add	A,T1,A
-	sll	A,6,T2			!=
-	srl	A,32-6,A
-	or	A,T2,A
-	add	A,B,A
-
-	orn	A,C,T1			!=
-	sethi	%hi(0x8f0ccc92),T2
-	xor	T1,B,T1
-	or	T2,%lo(0x8f0ccc92),T2
-	add	T1,R3,T1		!=
-	!pre-LOADed	X(10),R10
-	add	T1,T2,T1
-	add	D,T1,D
-	sll	D,10,T2
-	srl	D,32-10,D		!=
-	or	D,T2,D
-	add	D,A,D
-
-	orn	D,B,T1
-	sethi	%hi(0xffeff47d),T2	!=
-	xor	T1,A,T1
-	or	T2,%lo(0xffeff47d),T2
-	add	T1,R10,T1
-	!pre-LOADed	X(1),R1
-	add	T1,T2,T1		!=
-	add	C,T1,C
-	sll	C,15,T2
-	srl	C,32-15,C
-	or	C,T2,C			!=
-	add	C,D,C
-
-	orn	C,A,T1
-	sethi	%hi(0x85845dd1),T2
-	xor	T1,D,T1			!=
-	or	T2,%lo(0x85845dd1),T2
-	add	T1,R1,T1
-	!pre-LOADed	X(8),R8
-	add	T1,T2,T1
-	add	B,T1,B			!=
-	sll	B,21,T2
-	srl	B,32-21,B
-	or	B,T2,B
-	add	B,C,B			!=
-
-	orn	B,D,T1
-	sethi	%hi(0x6fa87e4f),T2
-	xor	T1,C,T1
-	or	T2,%lo(0x6fa87e4f),T2	!=
-	add	T1,R8,T1
-	LOAD	X(15),RX
-	add	T1,T2,T1
-	add	A,T1,A			!=
-	sll	A,6,T2
-	srl	A,32-6,A
-	or	A,T2,A
-	add	A,B,A			!=
-
-	orn	A,C,T1
-	sethi	%hi(0xfe2ce6e0),T2
-	xor	T1,B,T1
-	or	T2,%lo(0xfe2ce6e0),T2	!=
-	add	T1,RX,T1
-	!pre-LOADed	X(6),R6
-	add	T1,T2,T1
-	add	D,T1,D
-	sll	D,10,T2			!=
-	srl	D,32-10,D
-	or	D,T2,D
-	add	D,A,D
-
-	orn	D,B,T1			!=
-	sethi	%hi(0xa3014314),T2
-	xor	T1,A,T1
-	or	T2,%lo(0xa3014314),T2
-	add	T1,R6,T1		!=
-	!pre-LOADed	X(13),R13
-	add	T1,T2,T1
-	add	C,T1,C
-	sll	C,15,T2
-	srl	C,32-15,C		!=
-	or	C,T2,C
-	add	C,D,C
-
-	orn	C,A,T1
-	sethi	%hi(0x4e0811a1),T2	!=
-	xor	T1,D,T1
-	or	T2,%lo(0x4e0811a1),T2
-	!pre-LOADed	X(4),R4
-	 ld	 [Aptr],Aval
-	add	T1,R13,T1		!=
-	add	T1,T2,T1
-	add	B,T1,B
-	sll	B,21,T2
-	srl	B,32-21,B		!=
-	or	B,T2,B
-	add	B,C,B
-
-	orn	B,D,T1
-	sethi	%hi(0xf7537e82),T2	!=
-	xor	T1,C,T1
-	or	T2,%lo(0xf7537e82),T2
-	!pre-LOADed	X(11),R11
-	 ld	 [Dptr],Dval
-	add	T1,R4,T1		!=
-	add	T1,T2,T1
-	add	A,T1,A
-	sll	A,6,T2
-	srl	A,32-6,A		!=
-	or	A,T2,A
-	add	A,B,A
-
-	orn	A,C,T1
-	sethi	%hi(0xbd3af235),T2	!=
-	xor	T1,B,T1
-	or	T2,%lo(0xbd3af235),T2
-	!pre-LOADed	X(2),R2
-	 ld	 [Cptr],Cval
-	add	T1,R11,T1		!=
-	add	T1,T2,T1
-	add	D,T1,D
-	sll	D,10,T2
-	srl	D,32-10,D		!=
-	or	D,T2,D
-	add	D,A,D
-
-	orn	D,B,T1
-	sethi	%hi(0x2ad7d2bb),T2	!=
-	xor	T1,A,T1
-	or	T2,%lo(0x2ad7d2bb),T2
-	!pre-LOADed	X(9),R9
-	 ld	 [Bptr],Bval
-	add	T1,R2,T1		!=
-	 add	 Aval,A,Aval
-	add	T1,T2,T1
-	 st	 Aval,[Aptr]
-	add	C,T1,C			!=
-	sll	C,15,T2
-	 add	 Dval,D,Dval
-	srl	C,32-15,C
-	or	C,T2,C			!=
-	 st	 Dval,[Dptr]
-	add	C,D,C
-
-	orn	C,A,T1
-	sethi	%hi(0xeb86d391),T2	!=
-	xor	T1,D,T1
-	or	T2,%lo(0xeb86d391),T2
-	add	T1,R9,T1
-	!pre-LOADed	X(0),R0
-	 mov	 Aval,A			!=
-	add	T1,T2,T1
-	 mov	 Dval,D
-	add	B,T1,B
-	sll	B,21,T2			!=
-	 add	 Cval,C,Cval
-	srl	B,32-21,B
-	 st	 Cval,[Cptr]
-	or	B,T2,B			!=
-	add	B,C,B
-
-	deccc	%i2
-	mov	Cval,C
-	add	B,Bval,B		!=
-	inc	64,%i1
-	nop
-	st	B,[Bptr]
-	nop				!=
-
-#ifdef	OPENSSL_SYSNAME_ULTRASPARC
-	bg,a,pt	%icc,.Lmd5_block_loop
-#else
-	bg,a	.Lmd5_block_loop
-#endif
-	LOAD	X(0),R0
-
-#ifdef ASI_PRIMARY_LITTLE
-	wr	%g0,%o7,%asi
-#endif
-	ret
-	restore	%g0,0,%o0
-
-.type	md5_block,#function
-.size	md5_block,(.-md5_block)
diff --git a/crypto/md5/asm/md5-x86_64.pl b/crypto/md5/asm/md5-x86_64.pl
new file mode 100755
index 0000000000..867885435e
--- /dev/null
+++ b/crypto/md5/asm/md5-x86_64.pl
@@ -0,0 +1,369 @@
+#!/usr/bin/perl -w
+#
+# MD5 optimized for AMD64.
+#
+# Author: Marc Bevand <bevand_m (at) epita.fr>
+# Licence: I hereby disclaim the copyright on this code and place it
+# in the public domain.
+#
+
+use strict;
+
+my $code;
+
+# round1_step() does:
+#   dst = x + ((dst + F(x,y,z) + X[k] + T_i) <<< s)
+#   %r10d = X[k_next]
+#   %r11d = z' (copy of z for the next step)
+# Each round1_step() takes about 5.3 clocks (9 instructions, 1.7 IPC)
+sub round1_step
+{
+    my ($pos, $dst, $x, $y, $z, $k_next, $T_i, $s) = @_;
+    $code .= " mov	0*4(%rsi),	%r10d		/* (NEXT STEP) X[0] */\n" if ($pos == -1);
+    $code .= " mov	%edx,		%r11d		/* (NEXT STEP) z' = %edx */\n" if ($pos == -1);
+    $code .= <<EOF;
+	xor	$y,		%r11d		/* y ^ ... */
+	lea	$T_i($dst,%r10d),$dst		/* Const + dst + ... */
+	and	$x,		%r11d		/* x & ... */
+	xor	$z,		%r11d		/* z ^ ... */
+	mov	$k_next*4(%rsi),%r10d		/* (NEXT STEP) X[$k_next] */
+	add	%r11d,		$dst		/* dst += ... */
+	rol	\$$s,		$dst		/* dst <<< s */
+	mov	$y,		%r11d		/* (NEXT STEP) z' = $y */
+	add	$x,		$dst		/* dst += x */
+EOF
+}
+
+# round2_step() does:
+#   dst = x + ((dst + G(x,y,z) + X[k] + T_i) <<< s)
+#   %r10d = X[k_next]
+#   %r11d = z' (copy of z for the next step)
+#   %r12d = z' (copy of z for the next step)
+# Each round2_step() takes about 5.4 clocks (11 instructions, 2.0 IPC)
+sub round2_step
+{
+    my ($pos, $dst, $x, $y, $z, $k_next, $T_i, $s) = @_;
+    $code .= " mov	1*4(%rsi),	%r10d		/* (NEXT STEP) X[1] */\n" if ($pos == -1);
+    $code .= " mov	%edx,		%r11d		/* (NEXT STEP) z' = %edx */\n" if ($pos == -1);
+    $code .= " mov	%edx,		%r12d		/* (NEXT STEP) z' = %edx */\n" if ($pos == -1);
+    $code .= <<EOF;
+	not	%r11d				/* not z */
+	lea	$T_i($dst,%r10d),$dst		/* Const + dst + ... */
+	and	$x,		%r12d		/* x & z */
+	and	$y,		%r11d		/* y & (not z) */
+	mov	$k_next*4(%rsi),%r10d		/* (NEXT STEP) X[$k_next] */
+	or	%r11d,		%r12d		/* (y & (not z)) | (x & z) */
+	mov	$y,		%r11d		/* (NEXT STEP) z' = $y */
+	add	%r12d,		$dst		/* dst += ... */
+	mov	$y,		%r12d		/* (NEXT STEP) z' = $y */
+	rol	\$$s,		$dst		/* dst <<< s */
+	add	$x,		$dst		/* dst += x */
+EOF
+}
+
+# round3_step() does:
+#   dst = x + ((dst + H(x,y,z) + X[k] + T_i) <<< s)
+#   %r10d = X[k_next]
+#   %r11d = y' (copy of y for the next step)
+# Each round3_step() takes about 4.2 clocks (8 instructions, 1.9 IPC)
+sub round3_step
+{
+    my ($pos, $dst, $x, $y, $z, $k_next, $T_i, $s) = @_;
+    $code .= " mov	5*4(%rsi),	%r10d		/* (NEXT STEP) X[5] */\n" if ($pos == -1);
+    $code .= " mov	%ecx,		%r11d		/* (NEXT STEP) y' = %ecx */\n" if ($pos == -1);
+    $code .= <<EOF;
+	lea	$T_i($dst,%r10d),$dst		/* Const + dst + ... */
+	mov	$k_next*4(%rsi),%r10d		/* (NEXT STEP) X[$k_next] */
+	xor	$z,		%r11d		/* z ^ ... */
+	xor	$x,		%r11d		/* x ^ ... */
+	add	%r11d,		$dst		/* dst += ... */
+	rol	\$$s,		$dst		/* dst <<< s */
+	mov	$x,		%r11d		/* (NEXT STEP) y' = $x */
+	add	$x,		$dst		/* dst += x */
+EOF
+}
+
+# round4_step() does:
+#   dst = x + ((dst + I(x,y,z) + X[k] + T_i) <<< s)
+#   %r10d = X[k_next]
+#   %r11d = not z' (copy of not z for the next step)
+# Each round4_step() takes about 5.2 clocks (9 instructions, 1.7 IPC)
+sub round4_step
+{
+    my ($pos, $dst, $x, $y, $z, $k_next, $T_i, $s) = @_;
+    $code .= " mov	0*4(%rsi),	%r10d		/* (NEXT STEP) X[0] */\n" if ($pos == -1);
+    $code .= " mov	\$0xffffffff,	%r11d\n" if ($pos == -1);
+    $code .= " xor	%edx,		%r11d		/* (NEXT STEP) not z' = not %edx*/\n"
+    if ($pos == -1);
+    $code .= <<EOF;
+	lea	$T_i($dst,%r10d),$dst		/* Const + dst + ... */
+	or	$x,		%r11d		/* x | ... */
+	xor	$y,		%r11d		/* y ^ ... */
+	add	%r11d,		$dst		/* dst += ... */
+	mov	$k_next*4(%rsi),%r10d		/* (NEXT STEP) X[$k_next] */
+	mov	\$0xffffffff,	%r11d
+	rol	\$$s,		$dst		/* dst <<< s */
+	xor	$y,		%r11d		/* (NEXT STEP) not z' = not $y */
+	add	$x,		$dst		/* dst += x */
+EOF
+}
+
+my $flavour = shift;
+my $output  = shift;
+if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
+
+my $win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; my $dir=$1; my $xlate;
+( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
+die "can't locate x86_64-xlate.pl";
+
+no warnings qw(uninitialized);
+open STDOUT,"| $^X $xlate $flavour $output";
+
+$code .= <<EOF;
+.text
+.align 16
+
+.globl md5_block_asm_data_order
+.type md5_block_asm_data_order,\@function,3
+md5_block_asm_data_order:
+	push	%rbp
+	push	%rbx
+	push	%r12
+	push	%r14
+	push	%r15
+.Lprologue:
+
+	# rdi = arg #1 (ctx, MD5_CTX pointer)
+	# rsi = arg #2 (ptr, data pointer)
+	# rdx = arg #3 (nbr, number of 16-word blocks to process)
+	mov	%rdi,		%rbp	# rbp = ctx
+	shl	\$6,		%rdx	# rdx = nbr in bytes
+	lea	(%rsi,%rdx),	%rdi	# rdi = end
+	mov	0*4(%rbp),	%eax	# eax = ctx->A
+	mov	1*4(%rbp),	%ebx	# ebx = ctx->B
+	mov	2*4(%rbp),	%ecx	# ecx = ctx->C
+	mov	3*4(%rbp),	%edx	# edx = ctx->D
+	# end is 'rdi'
+	# ptr is 'rsi'
+	# A is 'eax'
+	# B is 'ebx'
+	# C is 'ecx'
+	# D is 'edx'
+
+	cmp	%rdi,		%rsi		# cmp end with ptr
+	je	.Lend				# jmp if ptr == end
+
+	# BEGIN of loop over 16-word blocks
+.Lloop:	# save old values of A, B, C, D
+	mov	%eax,		%r8d
+	mov	%ebx,		%r9d
+	mov	%ecx,		%r14d
+	mov	%edx,		%r15d
+EOF
+round1_step(-1,'%eax','%ebx','%ecx','%edx', '1','0xd76aa478', '7');
+round1_step( 0,'%edx','%eax','%ebx','%ecx', '2','0xe8c7b756','12');
+round1_step( 0,'%ecx','%edx','%eax','%ebx', '3','0x242070db','17');
+round1_step( 0,'%ebx','%ecx','%edx','%eax', '4','0xc1bdceee','22');
+round1_step( 0,'%eax','%ebx','%ecx','%edx', '5','0xf57c0faf', '7');
+round1_step( 0,'%edx','%eax','%ebx','%ecx', '6','0x4787c62a','12');
+round1_step( 0,'%ecx','%edx','%eax','%ebx', '7','0xa8304613','17');
+round1_step( 0,'%ebx','%ecx','%edx','%eax', '8','0xfd469501','22');
+round1_step( 0,'%eax','%ebx','%ecx','%edx', '9','0x698098d8', '7');
+round1_step( 0,'%edx','%eax','%ebx','%ecx','10','0x8b44f7af','12');
+round1_step( 0,'%ecx','%edx','%eax','%ebx','11','0xffff5bb1','17');
+round1_step( 0,'%ebx','%ecx','%edx','%eax','12','0x895cd7be','22');
+round1_step( 0,'%eax','%ebx','%ecx','%edx','13','0x6b901122', '7');
+round1_step( 0,'%edx','%eax','%ebx','%ecx','14','0xfd987193','12');
+round1_step( 0,'%ecx','%edx','%eax','%ebx','15','0xa679438e','17');
+round1_step( 1,'%ebx','%ecx','%edx','%eax', '0','0x49b40821','22');
+
+round2_step(-1,'%eax','%ebx','%ecx','%edx', '6','0xf61e2562', '5');
+round2_step( 0,'%edx','%eax','%ebx','%ecx','11','0xc040b340', '9');
+round2_step( 0,'%ecx','%edx','%eax','%ebx', '0','0x265e5a51','14');
+round2_step( 0,'%ebx','%ecx','%edx','%eax', '5','0xe9b6c7aa','20');
+round2_step( 0,'%eax','%ebx','%ecx','%edx','10','0xd62f105d', '5');
+round2_step( 0,'%edx','%eax','%ebx','%ecx','15', '0x2441453', '9');
+round2_step( 0,'%ecx','%edx','%eax','%ebx', '4','0xd8a1e681','14');
+round2_step( 0,'%ebx','%ecx','%edx','%eax', '9','0xe7d3fbc8','20');
+round2_step( 0,'%eax','%ebx','%ecx','%edx','14','0x21e1cde6', '5');
+round2_step( 0,'%edx','%eax','%ebx','%ecx', '3','0xc33707d6', '9');
+round2_step( 0,'%ecx','%edx','%eax','%ebx', '8','0xf4d50d87','14');
+round2_step( 0,'%ebx','%ecx','%edx','%eax','13','0x455a14ed','20');
+round2_step( 0,'%eax','%ebx','%ecx','%edx', '2','0xa9e3e905', '5');
+round2_step( 0,'%edx','%eax','%ebx','%ecx', '7','0xfcefa3f8', '9');
+round2_step( 0,'%ecx','%edx','%eax','%ebx','12','0x676f02d9','14');
+round2_step( 1,'%ebx','%ecx','%edx','%eax', '0','0x8d2a4c8a','20');
+
+round3_step(-1,'%eax','%ebx','%ecx','%edx', '8','0xfffa3942', '4');
+round3_step( 0,'%edx','%eax','%ebx','%ecx','11','0x8771f681','11');
+round3_step( 0,'%ecx','%edx','%eax','%ebx','14','0x6d9d6122','16');
+round3_step( 0,'%ebx','%ecx','%edx','%eax', '1','0xfde5380c','23');
+round3_step( 0,'%eax','%ebx','%ecx','%edx', '4','0xa4beea44', '4');
+round3_step( 0,'%edx','%eax','%ebx','%ecx', '7','0x4bdecfa9','11');
+round3_step( 0,'%ecx','%edx','%eax','%ebx','10','0xf6bb4b60','16');
+round3_step( 0,'%ebx','%ecx','%edx','%eax','13','0xbebfbc70','23');
+round3_step( 0,'%eax','%ebx','%ecx','%edx', '0','0x289b7ec6', '4');
+round3_step( 0,'%edx','%eax','%ebx','%ecx', '3','0xeaa127fa','11');
+round3_step( 0,'%ecx','%edx','%eax','%ebx', '6','0xd4ef3085','16');
+round3_step( 0,'%ebx','%ecx','%edx','%eax', '9', '0x4881d05','23');
+round3_step( 0,'%eax','%ebx','%ecx','%edx','12','0xd9d4d039', '4');
+round3_step( 0,'%edx','%eax','%ebx','%ecx','15','0xe6db99e5','11');
+round3_step( 0,'%ecx','%edx','%eax','%ebx', '2','0x1fa27cf8','16');
+round3_step( 1,'%ebx','%ecx','%edx','%eax', '0','0xc4ac5665','23');
+
+round4_step(-1,'%eax','%ebx','%ecx','%edx', '7','0xf4292244', '6');
+round4_step( 0,'%edx','%eax','%ebx','%ecx','14','0x432aff97','10');
+round4_step( 0,'%ecx','%edx','%eax','%ebx', '5','0xab9423a7','15');
+round4_step( 0,'%ebx','%ecx','%edx','%eax','12','0xfc93a039','21');
+round4_step( 0,'%eax','%ebx','%ecx','%edx', '3','0x655b59c3', '6');
+round4_step( 0,'%edx','%eax','%ebx','%ecx','10','0x8f0ccc92','10');
+round4_step( 0,'%ecx','%edx','%eax','%ebx', '1','0xffeff47d','15');
+round4_step( 0,'%ebx','%ecx','%edx','%eax', '8','0x85845dd1','21');
+round4_step( 0,'%eax','%ebx','%ecx','%edx','15','0x6fa87e4f', '6');
+round4_step( 0,'%edx','%eax','%ebx','%ecx', '6','0xfe2ce6e0','10');
+round4_step( 0,'%ecx','%edx','%eax','%ebx','13','0xa3014314','15');
+round4_step( 0,'%ebx','%ecx','%edx','%eax', '4','0x4e0811a1','21');
+round4_step( 0,'%eax','%ebx','%ecx','%edx','11','0xf7537e82', '6');
+round4_step( 0,'%edx','%eax','%ebx','%ecx', '2','0xbd3af235','10');
+round4_step( 0,'%ecx','%edx','%eax','%ebx', '9','0x2ad7d2bb','15');
+round4_step( 1,'%ebx','%ecx','%edx','%eax', '0','0xeb86d391','21');
+$code .= <<EOF;
+	# add old values of A, B, C, D
+	add	%r8d,	%eax
+	add	%r9d,	%ebx
+	add	%r14d,	%ecx
+	add	%r15d,	%edx
+
+	# loop control
+	add	\$64,		%rsi		# ptr += 64
+	cmp	%rdi,		%rsi		# cmp end with ptr
+	jb	.Lloop				# jmp if ptr < end
+	# END of loop over 16-word blocks
+
+.Lend:
+	mov	%eax,		0*4(%rbp)	# ctx->A = A
+	mov	%ebx,		1*4(%rbp)	# ctx->B = B
+	mov	%ecx,		2*4(%rbp)	# ctx->C = C
+	mov	%edx,		3*4(%rbp)	# ctx->D = D
+
+	mov	(%rsp),%r15
+	mov	8(%rsp),%r14
+	mov	16(%rsp),%r12
+	mov	24(%rsp),%rbx
+	mov	32(%rsp),%rbp
+	add	\$40,%rsp
+.Lepilogue:
+	ret
+.size md5_block_asm_data_order,.-md5_block_asm_data_order
+EOF
+
+# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
+#		CONTEXT *context,DISPATCHER_CONTEXT *disp)
+if ($win64) {
+my $rec="%rcx";
+my $frame="%rdx";
+my $context="%r8";
+my $disp="%r9";
+
+$code.=<<___;
+.extern	__imp_RtlVirtualUnwind
+.type	se_handler,\@abi-omnipotent
+.align	16
+se_handler:
+	push	%rsi
+	push	%rdi
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	pushfq
+	sub	\$64,%rsp
+
+	mov	120($context),%rax	# pull context->Rax
+	mov	248($context),%rbx	# pull context->Rip
+
+	lea	.Lprologue(%rip),%r10
+	cmp	%r10,%rbx		# context->Rip<.Lprologue
+	jb	.Lin_prologue
+
+	mov	152($context),%rax	# pull context->Rsp
+
+	lea	.Lepilogue(%rip),%r10
+	cmp	%r10,%rbx		# context->Rip>=.Lepilogue
+	jae	.Lin_prologue
+
+	lea	40(%rax),%rax
+
+	mov	-8(%rax),%rbp
+	mov	-16(%rax),%rbx
+	mov	-24(%rax),%r12
+	mov	-32(%rax),%r14
+	mov	-40(%rax),%r15
+	mov	%rbx,144($context)	# restore context->Rbx
+	mov	%rbp,160($context)	# restore context->Rbp
+	mov	%r12,216($context)	# restore context->R12
+	mov	%r14,232($context)	# restore context->R14
+	mov	%r15,240($context)	# restore context->R15
+
+.Lin_prologue:
+	mov	8(%rax),%rdi
+	mov	16(%rax),%rsi
+	mov	%rax,152($context)	# restore context->Rsp
+	mov	%rsi,168($context)	# restore context->Rsi
+	mov	%rdi,176($context)	# restore context->Rdi
+
+	mov	40($disp),%rdi		# disp->ContextRecord
+	mov	$context,%rsi		# context
+	mov	\$154,%ecx		# sizeof(CONTEXT)
+	.long	0xa548f3fc		# cld; rep movsq
+
+	mov	$disp,%rsi
+	xor	%rcx,%rcx		# arg1, UNW_FLAG_NHANDLER
+	mov	8(%rsi),%rdx		# arg2, disp->ImageBase
+	mov	0(%rsi),%r8		# arg3, disp->ControlPc
+	mov	16(%rsi),%r9		# arg4, disp->FunctionEntry
+	mov	40(%rsi),%r10		# disp->ContextRecord
+	lea	56(%rsi),%r11		# &disp->HandlerData
+	lea	24(%rsi),%r12		# &disp->EstablisherFrame
+	mov	%r10,32(%rsp)		# arg5
+	mov	%r11,40(%rsp)		# arg6
+	mov	%r12,48(%rsp)		# arg7
+	mov	%rcx,56(%rsp)		# arg8, (NULL)
+	call	*__imp_RtlVirtualUnwind(%rip)
+
+	mov	\$1,%eax		# ExceptionContinueSearch
+	add	\$64,%rsp
+	popfq
+	pop	%r15
+	pop	%r14
+	pop	%r13
+	pop	%r12
+	pop	%rbp
+	pop	%rbx
+	pop	%rdi
+	pop	%rsi
+	ret
+.size	se_handler,.-se_handler
+
+.section	.pdata
+.align	4
+	.rva	.LSEH_begin_md5_block_asm_data_order
+	.rva	.LSEH_end_md5_block_asm_data_order
+	.rva	.LSEH_info_md5_block_asm_data_order
+
+.section	.xdata
+.align	8
+.LSEH_info_md5_block_asm_data_order:
+	.byte	9,0,0,0
+	.rva	se_handler
+___
+}
+
+print $code;
+
+close STDOUT;
diff --git a/crypto/md5/md5.h b/crypto/md5/md5.h
index 6d283fe9da..4cbf84386b 100644
--- a/crypto/md5/md5.h
+++ b/crypto/md5/md5.h
@@ -60,6 +60,7 @@
 #define HEADER_MD5_H
 
 #include <openssl/e_os2.h>
+#include <stddef.h>
 
 #ifdef  __cplusplus
 extern "C" {
@@ -76,7 +77,7 @@ extern "C" {
  * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
  */
 
-#if defined(OPENSSL_SYS_WIN16) || defined(__LP32__)
+#if defined(__LP32__)
 #define MD5_LONG unsigned long
 #elif defined(OPENSSL_SYS_CRAY) || defined(__ILP64__)
 #define MD5_LONG unsigned long
diff --git a/crypto/md5/md5_dgst.c b/crypto/md5/md5_dgst.c
index f97f48e55b..beace632e3 100644
--- a/crypto/md5/md5_dgst.c
+++ b/crypto/md5/md5_dgst.c
@@ -60,7 +60,7 @@
 #include "md5_locl.h"
 #include <openssl/opensslv.h>
 
-const char *MD5_version="MD5" OPENSSL_VERSION_PTEXT;
+const char MD5_version[]="MD5" OPENSSL_VERSION_PTEXT;
 
 /* Implemented from RFC1321 The MD5 Message-Digest Algorithm
  */
@@ -72,106 +72,14 @@ const char *MD5_version="MD5" OPENSSL_VERSION_PTEXT;
 
 int MD5_Init(MD5_CTX *c)
 	{
+	memset (c,0,sizeof(*c));
 	c->A=INIT_DATA_A;
 	c->B=INIT_DATA_B;
 	c->C=INIT_DATA_C;
 	c->D=INIT_DATA_D;
-	c->Nl=0;
-	c->Nh=0;
-	c->num=0;
 	return 1;
 	}
 
-#ifndef md5_block_host_order
-void md5_block_host_order (MD5_CTX *c, const void *data, size_t num)
-	{
-	const MD5_LONG *X=data;
-	register unsigned MD32_REG_T A,B,C,D;
-
-	A=c->A;
-	B=c->B;
-	C=c->C;
-	D=c->D;
-
-	for (;num--;X+=HASH_LBLOCK)
-		{
-	/* Round 0 */
-	R0(A,B,C,D,X[ 0], 7,0xd76aa478L);
-	R0(D,A,B,C,X[ 1],12,0xe8c7b756L);
-	R0(C,D,A,B,X[ 2],17,0x242070dbL);
-	R0(B,C,D,A,X[ 3],22,0xc1bdceeeL);
-	R0(A,B,C,D,X[ 4], 7,0xf57c0fafL);
-	R0(D,A,B,C,X[ 5],12,0x4787c62aL);
-	R0(C,D,A,B,X[ 6],17,0xa8304613L);
-	R0(B,C,D,A,X[ 7],22,0xfd469501L);
-	R0(A,B,C,D,X[ 8], 7,0x698098d8L);
-	R0(D,A,B,C,X[ 9],12,0x8b44f7afL);
-	R0(C,D,A,B,X[10],17,0xffff5bb1L);
-	R0(B,C,D,A,X[11],22,0x895cd7beL);
-	R0(A,B,C,D,X[12], 7,0x6b901122L);
-	R0(D,A,B,C,X[13],12,0xfd987193L);
-	R0(C,D,A,B,X[14],17,0xa679438eL);
-	R0(B,C,D,A,X[15],22,0x49b40821L);
-	/* Round 1 */
-	R1(A,B,C,D,X[ 1], 5,0xf61e2562L);
-	R1(D,A,B,C,X[ 6], 9,0xc040b340L);
-	R1(C,D,A,B,X[11],14,0x265e5a51L);
-	R1(B,C,D,A,X[ 0],20,0xe9b6c7aaL);
-	R1(A,B,C,D,X[ 5], 5,0xd62f105dL);
-	R1(D,A,B,C,X[10], 9,0x02441453L);
-	R1(C,D,A,B,X[15],14,0xd8a1e681L);
-	R1(B,C,D,A,X[ 4],20,0xe7d3fbc8L);
-	R1(A,B,C,D,X[ 9], 5,0x21e1cde6L);
-	R1(D,A,B,C,X[14], 9,0xc33707d6L);
-	R1(C,D,A,B,X[ 3],14,0xf4d50d87L);
-	R1(B,C,D,A,X[ 8],20,0x455a14edL);
-	R1(A,B,C,D,X[13], 5,0xa9e3e905L);
-	R1(D,A,B,C,X[ 2], 9,0xfcefa3f8L);
-	R1(C,D,A,B,X[ 7],14,0x676f02d9L);
-	R1(B,C,D,A,X[12],20,0x8d2a4c8aL);
-	/* Round 2 */
-	R2(A,B,C,D,X[ 5], 4,0xfffa3942L);
-	R2(D,A,B,C,X[ 8],11,0x8771f681L);
-	R2(C,D,A,B,X[11],16,0x6d9d6122L);
-	R2(B,C,D,A,X[14],23,0xfde5380cL);
-	R2(A,B,C,D,X[ 1], 4,0xa4beea44L);
-	R2(D,A,B,C,X[ 4],11,0x4bdecfa9L);
-	R2(C,D,A,B,X[ 7],16,0xf6bb4b60L);
-	R2(B,C,D,A,X[10],23,0xbebfbc70L);
-	R2(A,B,C,D,X[13], 4,0x289b7ec6L);
-	R2(D,A,B,C,X[ 0],11,0xeaa127faL);
-	R2(C,D,A,B,X[ 3],16,0xd4ef3085L);
-	R2(B,C,D,A,X[ 6],23,0x04881d05L);
-	R2(A,B,C,D,X[ 9], 4,0xd9d4d039L);
-	R2(D,A,B,C,X[12],11,0xe6db99e5L);
-	R2(C,D,A,B,X[15],16,0x1fa27cf8L);
-	R2(B,C,D,A,X[ 2],23,0xc4ac5665L);
-	/* Round 3 */
-	R3(A,B,C,D,X[ 0], 6,0xf4292244L);
-	R3(D,A,B,C,X[ 7],10,0x432aff97L);
-	R3(C,D,A,B,X[14],15,0xab9423a7L);
-	R3(B,C,D,A,X[ 5],21,0xfc93a039L);
-	R3(A,B,C,D,X[12], 6,0x655b59c3L);
-	R3(D,A,B,C,X[ 3],10,0x8f0ccc92L);
-	R3(C,D,A,B,X[10],15,0xffeff47dL);
-	R3(B,C,D,A,X[ 1],21,0x85845dd1L);
-	R3(A,B,C,D,X[ 8], 6,0x6fa87e4fL);
-	R3(D,A,B,C,X[15],10,0xfe2ce6e0L);
-	R3(C,D,A,B,X[ 6],15,0xa3014314L);
-	R3(B,C,D,A,X[13],21,0x4e0811a1L);
-	R3(A,B,C,D,X[ 4], 6,0xf7537e82L);
-	R3(D,A,B,C,X[11],10,0xbd3af235L);
-	R3(C,D,A,B,X[ 2],15,0x2ad7d2bbL);
-	R3(B,C,D,A,X[ 9],21,0xeb86d391L);
-
-	A = c->A += A;
-	B = c->B += B;
-	C = c->C += C;
-	D = c->D += D;
-		}
-	}
-#endif
-
 #ifndef md5_block_data_order
 #ifdef X
 #undef X
@@ -274,19 +182,3 @@ void md5_block_data_order (MD5_CTX *c, const void *data_, size_t num)
 		}
 	}
 #endif
-
-#ifdef undef
-int printit(unsigned long *l)
-	{
-	int i,ii;
-
-	for (i=0; i<2; i++)
-		{
-		for (ii=0; ii<8; ii++)
-			{
-			fprintf(stderr,"%08lx ",l[i*8+ii]);
-			}
-		fprintf(stderr,"\n");
-		}
-	}
-#endif
diff --git a/crypto/md5/md5_locl.h b/crypto/md5/md5_locl.h
index b29f0de7e3..968d577995 100644
--- a/crypto/md5/md5_locl.h
+++ b/crypto/md5/md5_locl.h
@@ -66,49 +66,21 @@
 #endif
 
 #ifdef MD5_ASM
-# if defined(__i386) || defined(__i386__) || defined(_M_IX86) || defined(__INTEL__)
-#  define md5_block_host_order md5_block_asm_host_order
-# elif defined(__sparc) && defined(OPENSSL_SYS_ULTRASPARC)
-   void md5_block_asm_data_order_aligned (MD5_CTX *c, const MD5_LONG *p,size_t num);
-#  define HASH_BLOCK_DATA_ORDER_ALIGNED md5_block_asm_data_order_aligned
+# if defined(__i386) || defined(__i386__) || defined(_M_IX86) || defined(__INTEL__) || \
+     defined(__x86_64) || defined(__x86_64__) || defined(_M_AMD64) || defined(_M_X64)
+#  define md5_block_data_order md5_block_asm_data_order
+# elif defined(__ia64) || defined(__ia64__) || defined(_M_IA64)
+#  define md5_block_data_order md5_block_asm_data_order
 # endif
 #endif
 
-void md5_block_host_order (MD5_CTX *c, const void *p,size_t num);
 void md5_block_data_order (MD5_CTX *c, const void *p,size_t num);
 
-#if defined(__i386) || defined(__i386__) || defined(_M_IX86) || defined(__INTEL__)
-/*
- * *_block_host_order is expected to handle aligned data while
- * *_block_data_order - unaligned. As algorithm and host (x86)
- * are in this case of the same "endianness" these two are
- * otherwise indistinguishable. But normally you don't want to
- * call the same function because unaligned access in places
- * where alignment is expected is usually a "Bad Thing". Indeed,
- * on RISCs you get punished with BUS ERROR signal or *severe*
- * performance degradation. Intel CPUs are in turn perfectly
- * capable of loading unaligned data without such drastic side
- * effect. Yes, they say it's slower than aligned load, but no
- * exception is generated and therefore performance degradation
- * is *incomparable* with RISCs. What we should weight here is
- * costs of unaligned access against costs of aligning data.
- * According to my measurements allowing unaligned access results
- * in ~9% performance improvement on Pentium II operating at
- * 266MHz. I won't be surprised if the difference will be higher
- * on faster systems:-)
- *
- *				<appro@fy.chalmers.se>
- */
-#define md5_block_data_order md5_block_host_order
-#endif
-
 #define DATA_ORDER_IS_LITTLE_ENDIAN
 
 #define HASH_LONG		MD5_LONG
-#define HASH_LONG_LOG2		MD5_LONG_LOG2
 #define HASH_CTX		MD5_CTX
 #define HASH_CBLOCK		MD5_CBLOCK
-#define HASH_LBLOCK		MD5_LBLOCK
 #define HASH_UPDATE		MD5_Update
 #define HASH_TRANSFORM		MD5_Transform
 #define HASH_FINAL		MD5_Final
@@ -119,21 +91,7 @@ void md5_block_data_order (MD5_CTX *c, const void *p,size_t num);
 	ll=(c)->C; HOST_l2c(ll,(s));	\
 	ll=(c)->D; HOST_l2c(ll,(s));	\
 	} while (0)
-#define HASH_BLOCK_HOST_ORDER	md5_block_host_order
-#if !defined(L_ENDIAN) || defined(md5_block_data_order)
 #define	HASH_BLOCK_DATA_ORDER	md5_block_data_order
-/*
- * Little-endians (Intel and Alpha) feel better without this.
- * It looks like memcpy does better job than generic
- * md5_block_data_order on copying-n-aligning input data.
- * But frankly speaking I didn't expect such result on Alpha.
- * On the other hand I've got this with egcs-1.0.2 and if
- * program is compiled with another (better?) compiler it
- * might turn out other way around.
- *
- *				<appro@fy.chalmers.se>
- */
-#endif
 
 #include "md32_common.h"
 
diff --git a/crypto/md5/md5_one.c b/crypto/md5/md5_one.c
index 9918243ea2..43fee89379 100644
--- a/crypto/md5/md5_one.c
+++ b/crypto/md5/md5_one.c
@@ -71,7 +71,8 @@ unsigned char *MD5(const unsigned char *d, size_t n, unsigned char *md)
 	static unsigned char m[MD5_DIGEST_LENGTH];
 
 	if (md == NULL) md=m;
-	MD5_Init(&c);
+	if (!MD5_Init(&c))
+		return NULL;
 #ifndef CHARSET_EBCDIC
 	MD5_Update(&c,d,n);
 #else
diff --git a/crypto/md5/md5test.c b/crypto/md5/md5test.c
index 0628053fa7..2b37190e32 100644
--- a/crypto/md5/md5test.c
+++ b/crypto/md5/md5test.c
@@ -97,12 +97,12 @@ static char *pt(unsigned char *md);
 int main(int argc, char *argv[])
 	{
 	int i,err=0;
-	unsigned char **P,**R;
+	char **P,**R;
 	char *p;
 	unsigned char md[MD5_DIGEST_LENGTH];
 
-	P=(unsigned char **)test;
-	R=(unsigned char **)ret;
+	P=test;
+	R=ret;
 	i=1;
 	while (*P != NULL)
 		{
diff --git a/crypto/mdc2/.cvsignore b/crypto/mdc2/.cvsignore
index c6d03a9dbc..439e6d3eb6 100644
--- a/crypto/mdc2/.cvsignore
+++ b/crypto/mdc2/.cvsignore
@@ -1,2 +1,4 @@
 lib
 Makefile.save
+*.flc
+semantic.cache
diff --git a/crypto/mdc2/Makefile.ssl b/crypto/mdc2/Makefile.ssl
deleted file mode 100644
index 8ce78cac5c..0000000000
--- a/crypto/mdc2/Makefile.ssl
+++ /dev/null
@@ -1,98 +0,0 @@
-#
-# SSLeay/crypto/mdc2/Makefile
-#
-
-DIR=	mdc2
-TOP=	../..
-CC=	cc
-INCLUDES=
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST= mdc2test.c
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=mdc2dgst.c mdc2_one.c
-LIBOBJ=mdc2dgst.o mdc2_one.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= mdc2.h
-HEADER=	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@sh $(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-mdc2_one.o: ../../e_os.h ../../include/openssl/bio.h
-mdc2_one.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-mdc2_one.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-mdc2_one.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-mdc2_one.o: ../../include/openssl/lhash.h ../../include/openssl/mdc2.h
-mdc2_one.o: ../../include/openssl/opensslconf.h
-mdc2_one.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-mdc2_one.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-mdc2_one.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-mdc2_one.o: ../../include/openssl/ui_compat.h ../cryptlib.h mdc2_one.c
-mdc2dgst.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-mdc2dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/mdc2.h
-mdc2dgst.o: ../../include/openssl/opensslconf.h
-mdc2dgst.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-mdc2dgst.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-mdc2dgst.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-mdc2dgst.o: mdc2dgst.c
diff --git a/crypto/mdc2/mdc2_one.c b/crypto/mdc2/mdc2_one.c
index cd569aa865..72647f67ed 100644
--- a/crypto/mdc2/mdc2_one.c
+++ b/crypto/mdc2/mdc2_one.c
@@ -66,7 +66,8 @@ unsigned char *MDC2(const unsigned char *d, size_t n, unsigned char *md)
 	static unsigned char m[MDC2_DIGEST_LENGTH];
 
 	if (md == NULL) md=m;
-	MDC2_Init(&c);
+	if (!MDC2_Init(&c))
+		return NULL;
 	MDC2_Update(&c,d,n);
         MDC2_Final(md,&c);
 	OPENSSL_cleanse(&c,sizeof(c)); /* security consideration */
diff --git a/crypto/mem.c b/crypto/mem.c
index 1bb1b74450..424429e559 100644
--- a/crypto/mem.c
+++ b/crypto/mem.c
@@ -263,7 +263,6 @@ void CRYPTO_get_mem_debug_functions(void (**m)(void *,int,const char *,int,int),
 void *CRYPTO_malloc_locked(int num, const char *file, int line)
 	{
 	void *ret = NULL;
-	extern unsigned char cleanse_ctr;
 
 	if (num <= 0) return NULL;
 
@@ -280,11 +279,15 @@ void *CRYPTO_malloc_locked(int num, const char *file, int line)
 	if (malloc_debug_func != NULL)
 		malloc_debug_func(ret, num, file, line, 1);
 
+#ifndef OPENSSL_CPUID_OBJ
         /* Create a dependency on the value of 'cleanse_ctr' so our memory
          * sanitisation function can't be optimised out. NB: We only do
          * this for >2Kb so the overhead doesn't bother us. */
         if(ret && (num > 2048))
+	{	extern unsigned char cleanse_ctr;
 		((unsigned char *)ret)[0] = cleanse_ctr;
+	}
+#endif
 
 	return ret;
 	}
@@ -304,7 +307,6 @@ void CRYPTO_free_locked(void *str)
 void *CRYPTO_malloc(int num, const char *file, int line)
 	{
 	void *ret = NULL;
-	extern unsigned char cleanse_ctr;
 
 	if (num <= 0) return NULL;
 
@@ -321,12 +323,23 @@ void *CRYPTO_malloc(int num, const char *file, int line)
 	if (malloc_debug_func != NULL)
 		malloc_debug_func(ret, num, file, line, 1);
 
+#ifndef OPENSSL_CPUID_OBJ
         /* Create a dependency on the value of 'cleanse_ctr' so our memory
          * sanitisation function can't be optimised out. NB: We only do
          * this for >2Kb so the overhead doesn't bother us. */
         if(ret && (num > 2048))
+	{	extern unsigned char cleanse_ctr;
                 ((unsigned char *)ret)[0] = cleanse_ctr;
+	}
+#endif
+
+	return ret;
+	}
+char *CRYPTO_strdup(const char *str, const char *file, int line)
+	{
+	char *ret = CRYPTO_malloc(strlen(str)+1, file, line);
 
+	strcpy(ret, str);
 	return ret;
 	}
 
diff --git a/crypto/mem_clr.c b/crypto/mem_clr.c
index e4b7f540b0..add1f78020 100644
--- a/crypto/mem_clr.c
+++ b/crypto/mem_clr.c
@@ -64,12 +64,14 @@ unsigned char cleanse_ctr = 0;
 void OPENSSL_cleanse(void *ptr, size_t len)
 	{
 	unsigned char *p = ptr;
-	size_t loop = len;
+	size_t loop = len, ctr = cleanse_ctr;
 	while(loop--)
 		{
-		*(p++) = cleanse_ctr;
-		cleanse_ctr += (17 + (unsigned char)((int)p & 0xF));
+		*(p++) = (unsigned char)ctr;
+		ctr += (17 + ((size_t)p & 0xF));
 		}
-	if(memchr(ptr, cleanse_ctr, len))
-		cleanse_ctr += 63;
+	p=memchr(ptr, (unsigned char)ctr, len);
+	if(p)
+		ctr += (63 + (size_t)p);
+	cleanse_ctr = (unsigned char)ctr;
 	}
diff --git a/crypto/mem_dbg.c b/crypto/mem_dbg.c
index e212de27e4..ac793397f1 100644
--- a/crypto/mem_dbg.c
+++ b/crypto/mem_dbg.c
@@ -55,15 +55,68 @@
  * copied and put under another distribution licence
  * [including the GNU Public Licence.]
  */
+/* ====================================================================
+ * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
 
 #include <stdio.h>
 #include <stdlib.h>
 #include <time.h>	
+#include "cryptlib.h"
 #include <openssl/crypto.h>
 #include <openssl/buffer.h>
 #include <openssl/bio.h>
 #include <openssl/lhash.h>
-#include "cryptlib.h"
 
 static int mh_mode=CRYPTO_MEM_CHECK_OFF;
 /* The state changes to CRYPTO_MEM_CHECK_ON | CRYPTO_MEM_CHECK_ENABLE
@@ -81,8 +134,11 @@ static int mh_mode=CRYPTO_MEM_CHECK_OFF;
  */
 
 static unsigned long order = 0; /* number of memory requests */
-static LHASH *mh=NULL; /* hash-table of memory requests (address as key);
-                        * access requires MALLOC2 lock */
+
+DECLARE_LHASH_OF(MEM);
+static LHASH_OF(MEM) *mh=NULL; /* hash-table of memory requests
+				* (address as key); access requires
+				* MALLOC2 lock */
 
 
 typedef struct app_mem_info_st
@@ -93,8 +149,8 @@ typedef struct app_mem_info_st
  *   CRYPTO_pop_info()           to pop an entry,
  *   CRYPTO_remove_all_info()    to pop all entries.
  */
-	{	
-	unsigned long thread;
+	{
+	CRYPTO_THREADID threadid;
 	const char *file;
 	int line;
 	const char *info;
@@ -104,10 +160,13 @@ typedef struct app_mem_info_st
 
 static void app_info_free(APP_INFO *);
 
-static LHASH *amih=NULL; /* hash-table with those app_mem_info_st's
-                          * that are at the top of their thread's stack
-                          * (with `thread' as key);
-                          * access requires MALLOC2 lock */
+DECLARE_LHASH_OF(APP_INFO);
+static LHASH_OF(APP_INFO) *amih=NULL; /* hash-table with those
+				       * app_mem_info_st's that are at
+				       * the top of their thread's
+				       * stack (with `thread' as key);
+				       * access requires MALLOC2
+				       * lock */
 
 typedef struct mem_st
 /* memory-block description */
@@ -116,7 +175,7 @@ typedef struct mem_st
 	int num;
 	const char *file;
 	int line;
-	unsigned long thread;
+	CRYPTO_THREADID threadid;
 	unsigned long order;
 	time_t time;
 	APP_INFO *app_info;
@@ -136,11 +195,11 @@ static unsigned int num_disable = 0; /* num_disable > 0
                                       *     iff
                                       * mh_mode == CRYPTO_MEM_CHECK_ON (w/o ..._ENABLE)
                                       */
-static unsigned long disabling_thread = 0; /* Valid iff num_disable > 0.
-                                            * CRYPTO_LOCK_MALLOC2 is locked
-                                            * exactly in this case (by the
-                                            * thread named in disabling_thread).
-                                            */
+
+/* Valid iff num_disable > 0.  CRYPTO_LOCK_MALLOC2 is locked exactly in this
+ * case (by the thread named in disabling_thread).
+ */
+static CRYPTO_THREADID disabling_threadid;
 
 static void app_info_free(APP_INFO *inf)
 	{
@@ -177,7 +236,9 @@ int CRYPTO_mem_ctrl(int mode)
 	case CRYPTO_MEM_CHECK_DISABLE: /* aka MemCheck_off() */
 		if (mh_mode & CRYPTO_MEM_CHECK_ON)
 			{
-			if (!num_disable || (disabling_thread != CRYPTO_thread_id())) /* otherwise we already have the MALLOC2 lock */
+			CRYPTO_THREADID cur;
+			CRYPTO_THREADID_current(&cur);
+			if (!num_disable || CRYPTO_THREADID_cmp(&disabling_threadid, &cur)) /* otherwise we already have the MALLOC2 lock */
 				{
 				/* Long-time lock CRYPTO_LOCK_MALLOC2 must not be claimed while
 				 * we're holding CRYPTO_LOCK_MALLOC, or we'll deadlock if
@@ -195,7 +256,7 @@ int CRYPTO_mem_ctrl(int mode)
 				CRYPTO_w_lock(CRYPTO_LOCK_MALLOC2);
 				CRYPTO_w_lock(CRYPTO_LOCK_MALLOC);
 				mh_mode &= ~CRYPTO_MEM_CHECK_ENABLE;
-				disabling_thread=CRYPTO_thread_id();
+				CRYPTO_THREADID_cpy(&disabling_threadid, &cur);
 				}
 			num_disable++;
 			}
@@ -228,10 +289,12 @@ int CRYPTO_is_mem_check_on(void)
 
 	if (mh_mode & CRYPTO_MEM_CHECK_ON)
 		{
+		CRYPTO_THREADID cur;
+		CRYPTO_THREADID_current(&cur);
 		CRYPTO_r_lock(CRYPTO_LOCK_MALLOC);
 
 		ret = (mh_mode & CRYPTO_MEM_CHECK_ENABLE)
-			|| (disabling_thread != CRYPTO_thread_id());
+		        || CRYPTO_THREADID_cmp(&disabling_threadid, &cur);
 
 		CRYPTO_r_unlock(CRYPTO_LOCK_MALLOC);
 		}
@@ -249,41 +312,49 @@ long CRYPTO_dbg_get_options(void)
 	return options;
 	}
 
-/* static int mem_cmp(MEM *a, MEM *b) */
-static int mem_cmp(const void *a_void, const void *b_void)
+static int mem_cmp(const MEM *a, const MEM *b)
 	{
-	return((const char *)((const MEM *)a_void)->addr
-		- (const char *)((const MEM *)b_void)->addr);
+#ifdef _WIN64
+	const char *ap=(const char *)a->addr,
+		   *bp=(const char *)b->addr;
+	if (ap==bp)	return 0;
+	else if (ap>bp)	return 1;
+	else		return -1;
+#else
+	return (const char *)a->addr - (const char *)b->addr;
+#endif
 	}
+static IMPLEMENT_LHASH_COMP_FN(mem, MEM)
 
-/* static unsigned long mem_hash(MEM *a) */
-static unsigned long mem_hash(const void *a_void)
+static unsigned long mem_hash(const MEM *a)
 	{
 	unsigned long ret;
 
-	ret=(unsigned long)((const MEM *)a_void)->addr;
+	ret=(unsigned long)a->addr;
 
 	ret=ret*17851+(ret>>14)*7+(ret>>4)*251;
 	return(ret);
 	}
+static IMPLEMENT_LHASH_HASH_FN(mem, MEM)
 
 /* static int app_info_cmp(APP_INFO *a, APP_INFO *b) */
 static int app_info_cmp(const void *a_void, const void *b_void)
 	{
-	return(((const APP_INFO *)a_void)->thread
-		!= ((const APP_INFO *)b_void)->thread);
+	return CRYPTO_THREADID_cmp(&((const APP_INFO *)a_void)->threadid,
+				&((const APP_INFO *)b_void)->threadid);
 	}
+static IMPLEMENT_LHASH_COMP_FN(app_info, APP_INFO)
 
-/* static unsigned long app_info_hash(APP_INFO *a) */
-static unsigned long app_info_hash(const void *a_void)
+static unsigned long app_info_hash(const APP_INFO *a)
 	{
 	unsigned long ret;
 
-	ret=(unsigned long)((const APP_INFO *)a_void)->thread;
-
+	ret = CRYPTO_THREADID_hash(&a->threadid);
+	/* This is left in as a "who am I to question legacy?" measure */
 	ret=ret*17851+(ret>>14)*7+(ret>>4)*251;
 	return(ret);
 	}
+static IMPLEMENT_LHASH_HASH_FN(app_info, APP_INFO)
 
 static APP_INFO *pop_info(void)
 	{
@@ -292,21 +363,22 @@ static APP_INFO *pop_info(void)
 
 	if (amih != NULL)
 		{
-		tmp.thread=CRYPTO_thread_id();
-		if ((ret=(APP_INFO *)lh_delete(amih,&tmp)) != NULL)
+		CRYPTO_THREADID_current(&tmp.threadid);
+		if ((ret=lh_APP_INFO_delete(amih,&tmp)) != NULL)
 			{
 			APP_INFO *next=ret->next;
 
 			if (next != NULL)
 				{
 				next->references++;
-				lh_insert(amih,(char *)next);
+				(void)lh_APP_INFO_insert(amih,next);
 				}
 #ifdef LEVITTE_DEBUG_MEM
-			if (ret->thread != tmp.thread)
+			if (CRYPTO_THREADID_cmp(&ret->threadid, &tmp.threadid))
 				{
 				fprintf(stderr, "pop_info(): deleted info has other thread ID (%lu) than the current thread (%lu)!!!!\n",
-					ret->thread, tmp.thread);
+					CRYPTO_THREADID_hash(&ret->threadid),
+					CRYPTO_THREADID_hash(&tmp.threadid));
 				abort();
 				}
 #endif
@@ -338,7 +410,7 @@ int CRYPTO_push_info_(const char *info, const char *file, int line)
 			}
 		if (amih == NULL)
 			{
-			if ((amih=lh_new(app_info_hash, app_info_cmp)) == NULL)
+			if ((amih=lh_APP_INFO_new()) == NULL)
 				{
 				OPENSSL_free(ami);
 				ret=0;
@@ -346,20 +418,21 @@ int CRYPTO_push_info_(const char *info, const char *file, int line)
 				}
 			}
 
-		ami->thread=CRYPTO_thread_id();
+		CRYPTO_THREADID_current(&ami->threadid);
 		ami->file=file;
 		ami->line=line;
 		ami->info=info;
 		ami->references=1;
 		ami->next=NULL;
 
-		if ((amim=(APP_INFO *)lh_insert(amih,(char *)ami)) != NULL)
+		if ((amim=lh_APP_INFO_insert(amih,ami)) != NULL)
 			{
 #ifdef LEVITTE_DEBUG_MEM
-			if (ami->thread != amim->thread)
+			if (CRYPTO_THREADID_cmp(&ami->threadid, &amim->threadid))
 				{
 				fprintf(stderr, "CRYPTO_push_info(): previous info has other thread ID (%lu) than the current thread (%lu)!!!!\n",
-					amim->thread, ami->thread);
+					CRYPTO_THREADID_hash(&amim->threadid),
+					CRYPTO_THREADID_hash(&ami->threadid));
 				abort();
 				}
 #endif
@@ -431,7 +504,7 @@ void CRYPTO_dbg_malloc(void *addr, int num, const char *file, int line,
 				}
 			if (mh == NULL)
 				{
-				if ((mh=lh_new(mem_hash, mem_cmp)) == NULL)
+				if ((mh=lh_MEM_new()) == NULL)
 					{
 					OPENSSL_free(addr);
 					OPENSSL_free(m);
@@ -445,9 +518,9 @@ void CRYPTO_dbg_malloc(void *addr, int num, const char *file, int line,
 			m->line=line;
 			m->num=num;
 			if (options & V_CRYPTO_MDEBUG_THREAD)
-				m->thread=CRYPTO_thread_id();
+				CRYPTO_THREADID_current(&m->threadid);
 			else
-				m->thread=0;
+				memset(&m->threadid, 0, sizeof(m->threadid));
 
 			if (order == break_order_num)
 				{
@@ -456,7 +529,7 @@ void CRYPTO_dbg_malloc(void *addr, int num, const char *file, int line,
 				}
 			m->order=order++;
 #ifdef LEVITTE_DEBUG_MEM
-			fprintf(stderr, "LEVITTE_DEBUG_MEM: [%5d] %c 0x%p (%d)\n",
+			fprintf(stderr, "LEVITTE_DEBUG_MEM: [%5ld] %c 0x%p (%d)\n",
 				m->order,
 				(before_p & 128) ? '*' : '+',
 				m->addr, m->num);
@@ -466,16 +539,16 @@ void CRYPTO_dbg_malloc(void *addr, int num, const char *file, int line,
 			else
 				m->time=0;
 
-			tmp.thread=CRYPTO_thread_id();
+			CRYPTO_THREADID_current(&tmp.threadid);
 			m->app_info=NULL;
 			if (amih != NULL
-				&& (amim=(APP_INFO *)lh_retrieve(amih,(char *)&tmp)) != NULL)
+			    && (amim=lh_APP_INFO_retrieve(amih,&tmp)) != NULL)
 				{
 				m->app_info = amim;
 				amim->references++;
 				}
 
-			if ((mm=(MEM *)lh_insert(mh,(char *)m)) != NULL)
+			if ((mm=lh_MEM_insert(mh, m)) != NULL)
 				{
 				/* Not good, but don't sweat it */
 				if (mm->app_info != NULL)
@@ -508,11 +581,11 @@ void CRYPTO_dbg_free(void *addr, int before_p)
 			MemCheck_off(); /* make sure we hold MALLOC2 lock */
 
 			m.addr=addr;
-			mp=(MEM *)lh_delete(mh,(char *)&m);
+			mp=lh_MEM_delete(mh,&m);
 			if (mp != NULL)
 				{
 #ifdef LEVITTE_DEBUG_MEM
-			fprintf(stderr, "LEVITTE_DEBUG_MEM: [%5d] - 0x%p (%d)\n",
+			fprintf(stderr, "LEVITTE_DEBUG_MEM: [%5ld] - 0x%p (%d)\n",
 				mp->order, mp->addr, mp->num);
 #endif
 				if (mp->app_info != NULL)
@@ -558,18 +631,18 @@ void CRYPTO_dbg_realloc(void *addr1, void *addr2, int num,
 			MemCheck_off(); /* make sure we hold MALLOC2 lock */
 
 			m.addr=addr1;
-			mp=(MEM *)lh_delete(mh,(char *)&m);
+			mp=lh_MEM_delete(mh,&m);
 			if (mp != NULL)
 				{
 #ifdef LEVITTE_DEBUG_MEM
-				fprintf(stderr, "LEVITTE_DEBUG_MEM: [%5d] * 0x%p (%d) -> 0x%p (%d)\n",
+				fprintf(stderr, "LEVITTE_DEBUG_MEM: [%5ld] * 0x%p (%d) -> 0x%p (%d)\n",
 					mp->order,
 					mp->addr, mp->num,
 					addr2, num);
 #endif
 				mp->addr=addr2;
 				mp->num=num;
-				lh_insert(mh,(char *)mp);
+				(void)lh_MEM_insert(mh,mp);
 				}
 
 			MemCheck_on(); /* release MALLOC2 lock
@@ -588,14 +661,14 @@ typedef struct mem_leak_st
 	long bytes;
 	} MEM_LEAK;
 
-static void print_leak(const MEM *m, MEM_LEAK *l)
+static void print_leak_doall_arg(const MEM *m, MEM_LEAK *l)
 	{
 	char buf[1024];
 	char *bufp = buf;
 	APP_INFO *amip;
 	int ami_cnt;
 	struct tm *lcl = NULL;
-	unsigned long ti;
+	CRYPTO_THREADID ti;
 
 #define BUF_REMAIN (sizeof buf - (size_t)(bufp - buf))
 
@@ -617,7 +690,8 @@ static void print_leak(const MEM *m, MEM_LEAK *l)
 
 	if (options & V_CRYPTO_MDEBUG_THREAD)
 		{
-		BIO_snprintf(bufp, BUF_REMAIN, "thread=%lu, ", m->thread);
+		BIO_snprintf(bufp, BUF_REMAIN, "thread=%lu, ",
+			CRYPTO_THREADID_hash(&m->threadid));
 		bufp += strlen(bufp);
 		}
 
@@ -634,8 +708,8 @@ static void print_leak(const MEM *m, MEM_LEAK *l)
 	ami_cnt=0;
 	if (!amip)
 		return;
-	ti=amip->thread;
-	
+	CRYPTO_THREADID_cpy(&ti, &amip->threadid);
+
 	do
 		{
 		int buf_len;
@@ -645,7 +719,8 @@ static void print_leak(const MEM *m, MEM_LEAK *l)
 		memset(buf,'>',ami_cnt);
 		BIO_snprintf(buf + ami_cnt, sizeof buf - ami_cnt,
 			" thread=%lu, file=%s, line=%d, info=\"",
-			amip->thread, amip->file, amip->line);
+			CRYPTO_THREADID_hash(&amip->threadid), amip->file,
+			amip->line);
 		buf_len=strlen(buf);
 		info_len=strlen(amip->info);
 		if (128 - buf_len - 3 < info_len)
@@ -665,8 +740,8 @@ static void print_leak(const MEM *m, MEM_LEAK *l)
 
 		amip = amip->next;
 		}
-	while(amip && amip->thread == ti);
-		
+	while(amip && !CRYPTO_THREADID_cmp(&amip->threadid, &ti));
+
 #ifdef LEVITTE_DEBUG_MEM
 	if (amip)
 		{
@@ -676,7 +751,7 @@ static void print_leak(const MEM *m, MEM_LEAK *l)
 #endif
 	}
 
-static IMPLEMENT_LHASH_DOALL_ARG_FN(print_leak, const MEM *, MEM_LEAK *)
+static IMPLEMENT_LHASH_DOALL_ARG_FN(print_leak, const MEM, MEM_LEAK)
 
 void CRYPTO_mem_leaks(BIO *b)
 	{
@@ -691,12 +766,15 @@ void CRYPTO_mem_leaks(BIO *b)
 	ml.bytes=0;
 	ml.chunks=0;
 	if (mh != NULL)
-		lh_doall_arg(mh, LHASH_DOALL_ARG_FN(print_leak),
-				(char *)&ml);
+		lh_MEM_doall_arg(mh, LHASH_DOALL_ARG_FN(print_leak), MEM_LEAK,
+				 &ml);
 	if (ml.chunks != 0)
 		{
 		BIO_printf(b,"%ld bytes leaked in %d chunks\n",
 			   ml.bytes,ml.chunks);
+#ifdef CRYPTO_MDEBUG_ABORT
+		abort();
+#endif
 		}
 	else
 		{
@@ -709,7 +787,7 @@ void CRYPTO_mem_leaks(BIO *b)
 		 * XXX    This should be in CRYPTO_mem_leaks_cb,
 		 * and CRYPTO_mem_leaks should be implemented by
 		 * using CRYPTO_mem_leaks_cb.
-		 * (Also their should be a variant of lh_doall_arg
+		 * (Also there should be a variant of lh_doall_arg
 		 * that takes a function pointer instead of a void *;
 		 * this would obviate the ugly and illegal
 		 * void_fn_to_char kludge in CRYPTO_mem_leaks_cb.
@@ -726,14 +804,14 @@ void CRYPTO_mem_leaks(BIO *b)
 
 		if (mh != NULL)
 			{
-			lh_free(mh);
+			lh_MEM_free(mh);
 			mh = NULL;
 			}
 		if (amih != NULL)
 			{
-			if (lh_num_items(amih) == 0) 
+			if (lh_APP_INFO_num_items(amih) == 0) 
 				{
-				lh_free(amih);
+				lh_APP_INFO_free(amih);
 				amih = NULL;
 				}
 			}
@@ -771,17 +849,26 @@ void CRYPTO_mem_leaks_fp(FILE *fp)
 /* NB: The prototypes have been typedef'd to CRYPTO_MEM_LEAK_CB inside crypto.h
  * If this code is restructured, remove the callback type if it is no longer
  * needed. -- Geoff Thorpe */
-static void cb_leak(const MEM *m, CRYPTO_MEM_LEAK_CB **cb)
+
+/* Can't pass CRYPTO_MEM_LEAK_CB directly to lh_MEM_doall_arg because it
+ * is a function pointer and conversion to void * is prohibited. Instead
+ * pass its address
+ */
+
+typedef CRYPTO_MEM_LEAK_CB *PCRYPTO_MEM_LEAK_CB;
+
+static void cb_leak_doall_arg(const MEM *m, PCRYPTO_MEM_LEAK_CB *cb)
 	{
-	(**cb)(m->order,m->file,m->line,m->num,m->addr);
+	(*cb)(m->order,m->file,m->line,m->num,m->addr);
 	}
 
-static IMPLEMENT_LHASH_DOALL_ARG_FN(cb_leak, const MEM *, CRYPTO_MEM_LEAK_CB **)
+static IMPLEMENT_LHASH_DOALL_ARG_FN(cb_leak, const MEM, PCRYPTO_MEM_LEAK_CB)
 
 void CRYPTO_mem_leaks_cb(CRYPTO_MEM_LEAK_CB *cb)
 	{
 	if (mh == NULL) return;
 	CRYPTO_w_lock(CRYPTO_LOCK_MALLOC2);
-	lh_doall_arg(mh, LHASH_DOALL_ARG_FN(cb_leak), &cb);
+	lh_MEM_doall_arg(mh, LHASH_DOALL_ARG_FN(cb_leak), PCRYPTO_MEM_LEAK_CB,
+			 &cb);
 	CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC2);
 	}
diff --git a/crypto/modes/.cvsignore b/crypto/modes/.cvsignore
new file mode 100644
index 0000000000..439e6d3eb6
--- /dev/null
+++ b/crypto/modes/.cvsignore
@@ -0,0 +1,4 @@
+lib
+Makefile.save
+*.flc
+semantic.cache
diff --git a/crypto/modes/Makefile b/crypto/modes/Makefile
new file mode 100644
index 0000000000..6c85861b6c
--- /dev/null
+++ b/crypto/modes/Makefile
@@ -0,0 +1,82 @@
+#
+# OpenSSL/crypto/modes/Makefile
+#
+
+DIR=	modes
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= cbc128.c ctr128.c cts128.c cfb128.c ofb128.c
+LIBOBJ= cbc128.o ctr128.o cts128.o cfb128.o ofb128.o
+
+SRC= $(LIBSRC)
+
+#EXHEADER= store.h str_compat.h
+EXHEADER= modes.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+cbc128.o: cbc128.c modes.h
+cfb128.o: cfb128.c modes.h
+ctr128.o: ctr128.c modes.h
+cts128.o: cts128.c modes.h
+ofb128.o: modes.h ofb128.c
diff --git a/crypto/modes/cbc128.c b/crypto/modes/cbc128.c
new file mode 100644
index 0000000000..8f8bd563b9
--- /dev/null
+++ b/crypto/modes/cbc128.c
@@ -0,0 +1,206 @@
+/* ====================================================================
+ * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#include "modes.h"
+#include <string.h>
+
+#ifndef MODES_DEBUG
+# ifndef NDEBUG
+#  define NDEBUG
+# endif
+#endif
+#include <assert.h>
+
+#define STRICT_ALIGNMENT 1
+#if defined(__i386) || defined(__i386__) || \
+    defined(__x86_64) || defined(__x86_64__) || \
+    defined(_M_IX86) || defined(_M_AMD64) || defined(_M_X64) || \
+    defined(__s390__) || defined(__s390x__)
+#  undef STRICT_ALIGNMENT
+#  define STRICT_ALIGNMENT 0
+#endif
+
+void CRYPTO_cbc128_encrypt(const unsigned char *in, unsigned char *out,
+			size_t len, const void *key,
+			unsigned char ivec[16], block128_f block)
+{
+	size_t n;
+	const unsigned char *iv = ivec;
+
+	assert(in && out && key && ivec);
+
+#if !defined(OPENSSL_SMALL_FOOTPRINT)
+	if (STRICT_ALIGNMENT &&
+	    ((size_t)in|(size_t)out|(size_t)ivec)%sizeof(size_t) != 0) {
+		while (len>=16) {
+			for(n=0; n<16; ++n)
+				out[n] = in[n] ^ iv[n];
+			(*block)(out, out, key);
+			iv = out;
+			len -= 16;
+			in  += 16;
+			out += 16;
+		}
+	} else {
+		while (len>=16) {
+			for(n=0; n<16; n+=sizeof(size_t))
+				*(size_t*)(out+n) =
+				*(size_t*)(in+n) ^ *(size_t*)(iv+n);
+			(*block)(out, out, key);
+			iv = out;
+			len -= 16;
+			in  += 16;
+			out += 16;
+		}
+	}
+#endif
+	while (len) {
+		for(n=0; n<16 && n<len; ++n)
+			out[n] = in[n] ^ iv[n];
+		for(; n<16; ++n)
+			out[n] = iv[n];
+		(*block)(out, out, key);
+		iv = out;
+		if (len<=16) break;
+		len -= 16;
+		in  += 16;
+		out += 16;
+	}
+	memcpy(ivec,iv,16);
+}
+
+void CRYPTO_cbc128_decrypt(const unsigned char *in, unsigned char *out,
+			size_t len, const void *key,
+			unsigned char ivec[16], block128_f block)
+{
+	size_t n;
+	union { size_t align; unsigned char c[16]; } tmp;
+
+	assert(in && out && key && ivec);
+
+#if !defined(OPENSSL_SMALL_FOOTPRINT)
+	if (in != out) {
+		const unsigned char *iv = ivec;
+
+		if (STRICT_ALIGNMENT &&
+		    ((size_t)in|(size_t)out|(size_t)ivec)%sizeof(size_t) != 0) {
+			while (len>=16) {
+				(*block)(in, out, key);
+				for(n=0; n<16; ++n)
+					out[n] ^= iv[n];
+				iv = in;
+				len -= 16;
+				in  += 16;
+				out += 16;
+			}
+		}
+		else {
+			while (len>=16) {
+				(*block)(in, out, key);
+				for(n=0; n<16; n+=sizeof(size_t))
+					*(size_t *)(out+n) ^= *(size_t *)(iv+n);
+				iv = in;
+				len -= 16;
+				in  += 16;
+				out += 16;
+			}
+		}
+		memcpy(ivec,iv,16);
+	} else {
+		if (STRICT_ALIGNMENT &&
+		    ((size_t)in|(size_t)out|(size_t)ivec)%sizeof(size_t) != 0) {
+			unsigned char c;
+			while (len>=16) {
+				(*block)(in, tmp.c, key);
+				for(n=0; n<16; ++n) {
+					c = in[n];
+					out[n] = tmp.c[n] ^ ivec[n];
+					ivec[n] = c;
+				}
+				len -= 16;
+				in  += 16;
+				out += 16;
+			}
+		}
+		else {
+			size_t c;
+			while (len>=16) {
+				(*block)(in, tmp.c, key);
+				for(n=0; n<16; n+=sizeof(size_t)) {
+					c = *(size_t *)(in+n);
+					*(size_t *)(out+n) =
+					*(size_t *)(tmp.c+n) ^ *(size_t *)(ivec+n);
+					*(size_t *)(ivec+n) = c;
+				}
+				len -= 16;
+				in  += 16;
+				out += 16;
+			}
+		}
+	}
+#endif
+	while (len) {
+		unsigned char c;
+		(*block)(in, tmp.c, key);
+		for(n=0; n<16 && n<len; ++n) {
+			c = in[n];
+			out[n] = tmp.c[n] ^ ivec[n];
+			ivec[n] = c;
+		}
+		if (len<=16) {
+			for (; n<16; ++n)
+				ivec[n] = in[n];
+			break;
+		}
+		len -= 16;
+		in  += 16;
+		out += 16;
+	}
+}
diff --git a/crypto/modes/cfb128.c b/crypto/modes/cfb128.c
new file mode 100644
index 0000000000..b6d1e886b9
--- /dev/null
+++ b/crypto/modes/cfb128.c
@@ -0,0 +1,250 @@
+/* ====================================================================
+ * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#include "modes.h"
+#include <string.h>
+
+#ifndef MODES_DEBUG
+# ifndef NDEBUG
+#  define NDEBUG
+# endif
+#endif
+#include <assert.h>
+
+#define STRICT_ALIGNMENT
+#if defined(__i386) || defined(__i386__) || \
+    defined(__x86_64) || defined(__x86_64__) || \
+    defined(_M_IX86) || defined(_M_AMD64) || defined(_M_X64) || \
+    defined(__s390__) || defined(__s390x__)
+#  undef STRICT_ALIGNMENT
+#endif
+
+/* The input and output encrypted as though 128bit cfb mode is being
+ * used.  The extra state information to record how much of the
+ * 128bit block we have used is contained in *num;
+ */
+void CRYPTO_cfb128_encrypt(const unsigned char *in, unsigned char *out,
+			size_t len, const void *key,
+			unsigned char ivec[16], int *num,
+			int enc, block128_f block)
+{
+    unsigned int n;
+    size_t l = 0;
+
+    assert(in && out && key && ivec && num);
+
+    n = *num;
+
+    if (enc) {
+#if !defined(OPENSSL_SMALL_FOOTPRINT)
+	if (16%sizeof(size_t) == 0) do {	/* always true actually */
+		while (n && len) {
+			*(out++) = ivec[n] ^= *(in++);
+			--len;
+			n = (n+1) % 16;
+		}
+#if defined(STRICT_ALIGNMENT)
+		if (((size_t)in|(size_t)out|(size_t)ivec)%sizeof(size_t) != 0)
+			break;
+#endif
+		while (len>=16) {
+			(*block)(ivec, ivec, key);
+			for (n=0; n<16; n+=sizeof(size_t)) {
+				*(size_t*)(out+n) =
+				*(size_t*)(ivec+n) ^= *(size_t*)(in+n);
+			}
+			len -= 16;
+			out += 16;
+			in  += 16;
+		}
+		n = 0;
+		if (len) {
+			(*block)(ivec, ivec, key);
+			while (len--) {
+				out[n] = ivec[n] ^= in[n];
+				++n;
+			}
+		}
+		*num = n;
+		return;
+	} while (0);
+	/* the rest would be commonly eliminated by x86* compiler */
+#endif
+	while (l<len) {
+		if (n == 0) {
+			(*block)(ivec, ivec, key);
+		}
+		out[l] = ivec[n] ^= in[l];
+		++l;
+		n = (n+1) % 16;
+	}
+	*num = n;
+    } else {
+#if !defined(OPENSSL_SMALL_FOOTPRINT)
+	if (16%sizeof(size_t) == 0) do {	/* always true actually */
+		while (n && len) {
+			unsigned char c;
+			*(out++) = ivec[n] ^ (c = *(in++)); ivec[n] = c;
+			--len;
+			n = (n+1) % 16;
+ 		}
+#if defined(STRICT_ALIGNMENT)
+		if (((size_t)in|(size_t)out|(size_t)ivec)%sizeof(size_t) != 0)
+			break;
+#endif
+		while (len>=16) {
+			(*block)(ivec, ivec, key);
+			for (n=0; n<16; n+=sizeof(size_t)) {
+				size_t t = *(size_t*)(in+n);
+				*(size_t*)(out+n) = *(size_t*)(ivec+n) ^ t;
+				*(size_t*)(ivec+n) = t;
+			}
+			len -= 16;
+			out += 16;
+			in  += 16;
+		}
+		n = 0;
+		if (len) {
+			(*block)(ivec, ivec, key);
+			while (len--) {
+				unsigned char c;
+				out[n] = ivec[n] ^ (c = in[n]); ivec[n] = c;
+				++n;
+			}
+ 		}
+		*num = n;
+		return;
+	} while (0);
+	/* the rest would be commonly eliminated by x86* compiler */
+#endif
+	while (l<len) {
+		unsigned char c;
+		if (n == 0) {
+			(*block)(ivec, ivec, key);
+		}
+		out[l] = ivec[n] ^ (c = in[l]); ivec[n] = c;
+		++l;
+		n = (n+1) % 16;
+	}
+	*num=n;
+    }
+}
+
+/* This expects a single block of size nbits for both in and out. Note that
+   it corrupts any extra bits in the last byte of out */
+static void cfbr_encrypt_block(const unsigned char *in,unsigned char *out,
+			    int nbits,const void *key,
+			    unsigned char ivec[16],int enc,
+			    block128_f block)
+{
+    int n,rem,num;
+    unsigned char ovec[16*2 + 1];  /* +1 because we dererefence (but don't use) one byte off the end */
+
+    if (nbits<=0 || nbits>128) return;
+
+	/* fill in the first half of the new IV with the current IV */
+	memcpy(ovec,ivec,16);
+	/* construct the new IV */
+	(*block)(ivec,ivec,key);
+	num = (nbits+7)/8;
+	if (enc)	/* encrypt the input */
+	    for(n=0 ; n < num ; ++n)
+		out[n] = (ovec[16+n] = in[n] ^ ivec[n]);
+	else		/* decrypt the input */
+	    for(n=0 ; n < num ; ++n)
+		out[n] = (ovec[16+n] = in[n]) ^ ivec[n];
+	/* shift ovec left... */
+	rem = nbits%8;
+	num = nbits/8;
+	if(rem==0)
+	    memcpy(ivec,ovec+num,16);
+	else
+	    for(n=0 ; n < 16 ; ++n)
+		ivec[n] = ovec[n+num]<<rem | ovec[n+num+1]>>(8-rem);
+
+    /* it is not necessary to cleanse ovec, since the IV is not secret */
+}
+
+/* N.B. This expects the input to be packed, MS bit first */
+void CRYPTO_cfb128_1_encrypt(const unsigned char *in, unsigned char *out,
+		 	size_t bits, const void *key,
+			unsigned char ivec[16], int *num,
+			int enc, block128_f block)
+{
+    size_t n;
+    unsigned char c[1],d[1];
+
+    assert(in && out && key && ivec && num);
+    assert(*num == 0);
+
+    memset(out,0,(bits+7)/8);
+    for(n=0 ; n<bits ; ++n)
+	{
+	c[0]=(in[n/8]&(1 << (7-n%8))) ? 0x80 : 0;
+	cfbr_encrypt_block(c,d,1,key,ivec,enc,block);
+	out[n/8]=(out[n/8]&~(1 << (unsigned int)(7-n%8))) |
+		 ((d[0]&0x80) >> (unsigned int)(n%8));
+	}
+}
+
+void CRYPTO_cfb128_8_encrypt(const unsigned char *in, unsigned char *out,
+			size_t length, const void *key,
+			unsigned char ivec[16], int *num,
+			int enc, block128_f block)
+{
+    size_t n;
+
+    assert(in && out && key && ivec && num);
+    assert(*num == 0);
+
+    for(n=0 ; n<length ; ++n)
+	cfbr_encrypt_block(&in[n],&out[n],8,key,ivec,enc,block);
+}
+
diff --git a/crypto/modes/ctr128.c b/crypto/modes/ctr128.c
new file mode 100644
index 0000000000..bd84f41528
--- /dev/null
+++ b/crypto/modes/ctr128.c
@@ -0,0 +1,186 @@
+/* ====================================================================
+ * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#include "modes.h"
+#include <string.h>
+
+#ifndef MODES_DEBUG
+# ifndef NDEBUG
+#  define NDEBUG
+# endif
+#endif
+#include <assert.h>
+
+typedef unsigned int u32;
+typedef unsigned char u8;
+
+# define GETU32(pt) (((u32)(pt)[0] << 24) ^ ((u32)(pt)[1] << 16) ^ ((u32)(pt)[2] <<  8) ^ ((u32)(pt)[3]))
+# define PUTU32(ct, st) { (ct)[0] = (u8)((st) >> 24); (ct)[1] = (u8)((st) >> 16); (ct)[2] = (u8)((st) >>  8); (ct)[3] = (u8)(st); }
+
+#define STRICT_ALIGNMENT
+#if defined(__i386) || defined(__i386__) || \
+    defined(__x86_64) || defined(__x86_64__) || \
+    defined(_M_IX86) || defined(_M_AMD64) || defined(_M_X64) || \
+    defined(__s390__) || defined(__s390x__)
+#  undef STRICT_ALIGNMENT
+#endif
+
+/* NOTE: the IV/counter CTR mode is big-endian.  The code itself
+ * is endian-neutral. */
+
+/* increment counter (128-bit int) by 1 */
+static void ctr128_inc(unsigned char *counter) {
+	u32 c,n=16;
+
+	do {
+		n -= 4;
+		c = GETU32(counter+n);
+		++c;	c &= 0xFFFFFFFF;
+		PUTU32(counter + n, c);
+		if (c) return;
+	} while (n);
+}
+
+#if !defined(OPENSSL_SMALL_FOORPRINT)
+static void ctr128_inc_aligned(unsigned char *counter) {
+	size_t *data,c,n;
+	const union { long one; char little; } is_endian = {1};
+
+	if (is_endian.little) {
+		ctr128_inc(counter);
+		return;
+	}
+
+	data = (size_t *)counter;
+	n = 16/sizeof(size_t);
+	do {
+		--n;
+		c = data[n];
+		++c;
+		data[n] = c;
+		if (c) return;
+	} while (n);
+}
+#endif
+
+/* The input encrypted as though 128bit counter mode is being
+ * used.  The extra state information to record how much of the
+ * 128bit block we have used is contained in *num, and the
+ * encrypted counter is kept in ecount_buf.  Both *num and
+ * ecount_buf must be initialised with zeros before the first
+ * call to CRYPTO_ctr128_encrypt().
+ *
+ * This algorithm assumes that the counter is in the x lower bits
+ * of the IV (ivec), and that the application has full control over
+ * overflow and the rest of the IV.  This implementation takes NO
+ * responsability for checking that the counter doesn't overflow
+ * into the rest of the IV when incremented.
+ */
+void CRYPTO_ctr128_encrypt(const unsigned char *in, unsigned char *out,
+			size_t len, const void *key,
+			unsigned char ivec[16], unsigned char ecount_buf[16],
+			unsigned int *num, block128_f block)
+{
+	unsigned int n;
+	size_t l=0;
+
+	assert(in && out && key && ecount_buf && num);
+	assert(*num < 16);
+
+	n = *num;
+
+#if !defined(OPENSSL_SMALL_FOOTPRINT)
+	if (16%sizeof(size_t) == 0) do { /* always true actually */
+		while (n && len) {
+			*(out++) = *(in++) ^ ecount_buf[n];
+			--len;
+			n = (n+1) % 16;
+		}
+
+#if defined(STRICT_ALIGNMENT)
+		if (((size_t)in|(size_t)out|(size_t)ivec)%sizeof(size_t) != 0)
+			break;
+#endif
+		while (len>=16) {
+			(*block)(ivec, ecount_buf, key);
+			ctr128_inc_aligned(ivec);
+			for (n=0; n<16; n+=sizeof(size_t))
+				*(size_t *)(out+n) =
+				*(size_t *)(in+n) ^ *(size_t *)(ecount_buf+n);
+			len -= 16;
+			out += 16;
+			in  += 16;
+		}
+		n = 0;
+		if (len) {
+			(*block)(ivec, ecount_buf, key);
+ 			ctr128_inc_aligned(ivec);
+			while (len--) {
+				out[n] = in[n] ^ ecount_buf[n];
+				++n;
+			}
+		}
+		*num = n;
+		return;
+	} while(0);
+	/* the rest would be commonly eliminated by x86* compiler */
+#endif
+	while (l<len) {
+		if (n==0) {
+			(*block)(ivec, ecount_buf, key);
+ 			ctr128_inc(ivec);
+		}
+		out[l] = in[l] ^ ecount_buf[n];
+		++l;
+		n = (n+1) % 16;
+	}
+
+	*num=n;
+}
diff --git a/crypto/modes/cts128.c b/crypto/modes/cts128.c
new file mode 100644
index 0000000000..e0430f9fdc
--- /dev/null
+++ b/crypto/modes/cts128.c
@@ -0,0 +1,259 @@
+/* ====================================================================
+ * Copyright (c) 2008 The OpenSSL Project. All rights reserved.
+ *
+ * Rights for redistribution and usage in source and binary
+ * forms are granted according to the OpenSSL license.
+ */
+
+#include "modes.h"
+#include <string.h>
+
+#ifndef MODES_DEBUG
+# ifndef NDEBUG
+#  define NDEBUG
+# endif
+#endif
+#include <assert.h>
+
+/*
+ * Trouble with Ciphertext Stealing, CTS, mode is that there is no
+ * common official specification, but couple of cipher/application
+ * specific ones: RFC2040 and RFC3962. Then there is 'Proposal to
+ * Extend CBC Mode By "Ciphertext Stealing"' at NIST site, which
+ * deviates from mentioned RFCs. Most notably it allows input to be
+ * of block length and it doesn't flip the order of the last two
+ * blocks. CTS is being discussed even in ECB context, but it's not
+ * adopted for any known application. This implementation complies
+ * with mentioned RFCs and [as such] extends CBC mode.
+ */
+
+size_t CRYPTO_cts128_encrypt_block(const unsigned char *in, unsigned char *out,
+			size_t len, const void *key,
+			unsigned char ivec[16], block128_f block)
+{	size_t residue, n;
+
+	assert (in && out && key && ivec);
+
+	if (len <= 16) return 0;
+
+	if ((residue=len%16) == 0) residue = 16;
+
+	len -= residue;
+
+	CRYPTO_cbc128_encrypt(in,out,len,key,ivec,block);
+
+	in  += len;
+	out += len;
+
+	for (n=0; n<residue; ++n)
+		ivec[n] ^= in[n];
+	(*block)(ivec,ivec,key);
+	memcpy(out,out-16,residue);
+	memcpy(out-16,ivec,16); 
+
+	return len+residue;
+}
+
+size_t CRYPTO_cts128_encrypt(const unsigned char *in, unsigned char *out,
+			size_t len, const void *key,
+			unsigned char ivec[16], cbc128_f cbc)
+{	size_t residue;
+	union { size_t align; unsigned char c[16]; } tmp;
+
+	assert (in && out && key && ivec);
+
+	if (len <= 16) return 0;
+
+	if ((residue=len%16) == 0) residue = 16;
+
+	len -= residue;
+
+	(*cbc)(in,out,len,key,ivec,1);
+
+	in  += len;
+	out += len;
+
+#if defined(CBC_HANDLES_TRUNCATED_IO)
+	memcpy(tmp.c,out-16,16);
+	(*cbc)(in,out-16,residue,key,ivec,1);
+	memcpy(out,tmp.c,residue);
+#else
+	{
+	size_t n;
+	for (n=0; n<16; n+=sizeof(size_t))
+		*(size_t *)(tmp.c+n) = 0;
+	memcpy(tmp.c,in,residue);
+	}
+	memcpy(out,out-16,residue);
+	(*cbc)(tmp.c,out-16,16,key,ivec,1);
+#endif
+	return len+residue;
+}
+
+size_t CRYPTO_cts128_decrypt_block(const unsigned char *in, unsigned char *out,
+			size_t len, const void *key,
+			unsigned char ivec[16], block128_f block)
+{	size_t residue, n;
+	union { size_t align; unsigned char c[32]; } tmp;
+
+	assert (in && out && key && ivec);
+
+	if (len<=16) return 0;
+
+	if ((residue=len%16) == 0) residue = 16;
+
+	len -= 16+residue;
+
+	if (len) {
+		CRYPTO_cbc128_decrypt(in,out,len,key,ivec,block);
+		in  += len;
+		out += len;
+	}
+
+	(*block)(in,tmp.c+16,key);
+
+	for (n=0; n<16; n+=sizeof(size_t))
+		*(size_t *)(tmp.c+n) = *(size_t *)(tmp.c+16+n);
+	memcpy(tmp.c,in+16,residue);
+	(*block)(tmp.c,tmp.c,key);
+
+	for(n=0; n<16; ++n) {
+		unsigned char c = in[n];
+		out[n] = tmp.c[n] ^ ivec[n];
+		ivec[n] = c;
+	}
+	for(residue+=16; n<residue; ++n)
+		out[n] = tmp.c[n] ^ in[n];
+
+	return len+residue-16;
+}
+
+size_t CRYPTO_cts128_decrypt(const unsigned char *in, unsigned char *out,
+			size_t len, const void *key,
+			unsigned char ivec[16], cbc128_f cbc)
+{	size_t residue, n;
+	union { size_t align; unsigned char c[32]; } tmp;
+
+	assert (in && out && key && ivec);
+
+	if (len<=16) return 0;
+
+	if ((residue=len%16) == 0) residue = 16;
+
+	len -= 16+residue;
+
+	if (len) {
+		(*cbc)(in,out,len,key,ivec,0);
+		in  += len;
+		out += len;
+	}
+
+	for (n=16; n<32; n+=sizeof(size_t))
+		*(size_t *)(tmp.c+n) = 0;
+	/* this places in[16] at &tmp.c[16] and decrypted block at &tmp.c[0] */
+	(*cbc)(in,tmp.c,16,key,tmp.c+16,0);
+
+	memcpy(tmp.c,in+16,residue);
+#if defined(CBC_HANDLES_TRUNCATED_IO)
+	(*cbc)(tmp.c,out,16+residue,key,ivec,0);
+#else
+	(*cbc)(tmp.c,tmp.c,32,key,ivec,0);
+	memcpy(out,tmp.c,16+residue);
+#endif
+	return len+residue;
+}
+
+#if defined(SELFTEST)
+#include <stdio.h>
+#include <openssl/aes.h>
+
+/* test vectors from RFC 3962 */
+static const unsigned char test_key[16] = "chicken teriyaki";
+static const unsigned char test_input[64] =
+		"I would like the" " General Gau's C"
+		"hicken, please, " "and wonton soup.";
+static const unsigned char test_iv[16] = {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0};
+
+static const unsigned char vector_17[17] =
+{0xc6,0x35,0x35,0x68,0xf2,0xbf,0x8c,0xb4, 0xd8,0xa5,0x80,0x36,0x2d,0xa7,0xff,0x7f,
+ 0x97};
+static const unsigned char vector_31[31] =
+{0xfc,0x00,0x78,0x3e,0x0e,0xfd,0xb2,0xc1, 0xd4,0x45,0xd4,0xc8,0xef,0xf7,0xed,0x22,
+ 0x97,0x68,0x72,0x68,0xd6,0xec,0xcc,0xc0, 0xc0,0x7b,0x25,0xe2,0x5e,0xcf,0xe5};
+static const unsigned char vector_32[32] =
+{0x39,0x31,0x25,0x23,0xa7,0x86,0x62,0xd5, 0xbe,0x7f,0xcb,0xcc,0x98,0xeb,0xf5,0xa8,
+ 0x97,0x68,0x72,0x68,0xd6,0xec,0xcc,0xc0, 0xc0,0x7b,0x25,0xe2,0x5e,0xcf,0xe5,0x84};
+static const unsigned char vector_47[47] =
+{0x97,0x68,0x72,0x68,0xd6,0xec,0xcc,0xc0, 0xc0,0x7b,0x25,0xe2,0x5e,0xcf,0xe5,0x84,
+ 0xb3,0xff,0xfd,0x94,0x0c,0x16,0xa1,0x8c, 0x1b,0x55,0x49,0xd2,0xf8,0x38,0x02,0x9e,
+ 0x39,0x31,0x25,0x23,0xa7,0x86,0x62,0xd5, 0xbe,0x7f,0xcb,0xcc,0x98,0xeb,0xf5};
+static const unsigned char vector_48[48] =
+{0x97,0x68,0x72,0x68,0xd6,0xec,0xcc,0xc0, 0xc0,0x7b,0x25,0xe2,0x5e,0xcf,0xe5,0x84,
+ 0x9d,0xad,0x8b,0xbb,0x96,0xc4,0xcd,0xc0, 0x3b,0xc1,0x03,0xe1,0xa1,0x94,0xbb,0xd8,
+ 0x39,0x31,0x25,0x23,0xa7,0x86,0x62,0xd5, 0xbe,0x7f,0xcb,0xcc,0x98,0xeb,0xf5,0xa8};
+static const unsigned char vector_64[64] =
+{0x97,0x68,0x72,0x68,0xd6,0xec,0xcc,0xc0, 0xc0,0x7b,0x25,0xe2,0x5e,0xcf,0xe5,0x84,
+ 0x39,0x31,0x25,0x23,0xa7,0x86,0x62,0xd5, 0xbe,0x7f,0xcb,0xcc,0x98,0xeb,0xf5,0xa8,
+ 0x48,0x07,0xef,0xe8,0x36,0xee,0x89,0xa5, 0x26,0x73,0x0d,0xbc,0x2f,0x7b,0xc8,0x40,
+ 0x9d,0xad,0x8b,0xbb,0x96,0xc4,0xcd,0xc0, 0x3b,0xc1,0x03,0xe1,0xa1,0x94,0xbb,0xd8};
+
+static AES_KEY encks, decks;
+
+void test_vector(const unsigned char *vector,size_t len)
+{	unsigned char cleartext[64];
+	unsigned char iv[sizeof(test_iv)];
+	unsigned char ciphertext[64];
+	size_t tail;
+
+	printf("vector_%d\n",len); fflush(stdout);
+
+	if ((tail=len%16) == 0) tail = 16;
+	tail += 16;
+
+	/* test block-based encryption */
+	memcpy(iv,test_iv,sizeof(test_iv));
+	CRYPTO_cts128_encrypt_block(test_input,ciphertext,len,&encks,iv,(block128_f)AES_encrypt);
+	if (memcmp(ciphertext,vector,len))
+		fprintf(stderr,"output_%d mismatch\n",len), exit(1);
+	if (memcmp(iv,vector+len-tail,sizeof(iv)))
+		fprintf(stderr,"iv_%d mismatch\n",len), exit(1);
+
+	/* test block-based decryption */
+	memcpy(iv,test_iv,sizeof(test_iv));
+	CRYPTO_cts128_decrypt_block(ciphertext,cleartext,len,&decks,iv,(block128_f)AES_decrypt);
+	if (memcmp(cleartext,test_input,len))
+		fprintf(stderr,"input_%d mismatch\n",len), exit(2);
+	if (memcmp(iv,vector+len-tail,sizeof(iv)))
+		fprintf(stderr,"iv_%d mismatch\n",len), exit(2);
+
+	/* test streamed encryption */
+	memcpy(iv,test_iv,sizeof(test_iv));
+	CRYPTO_cts128_encrypt(test_input,ciphertext,len,&encks,iv,(cbc128_f)AES_cbc_encrypt);
+	if (memcmp(ciphertext,vector,len))
+		fprintf(stderr,"output_%d mismatch\n",len), exit(3);
+	if (memcmp(iv,vector+len-tail,sizeof(iv)))
+		fprintf(stderr,"iv_%d mismatch\n",len), exit(3);
+
+	/* test streamed decryption */
+	memcpy(iv,test_iv,sizeof(test_iv));
+	CRYPTO_cts128_decrypt(ciphertext,cleartext,len,&decks,iv,(cbc128_f)AES_cbc_encrypt);
+	if (memcmp(cleartext,test_input,len))
+		fprintf(stderr,"input_%d mismatch\n",len), exit(4);
+	if (memcmp(iv,vector+len-tail,sizeof(iv)))
+		fprintf(stderr,"iv_%d mismatch\n",len), exit(4);
+}
+
+main()
+{
+	AES_set_encrypt_key(test_key,128,&encks);
+	AES_set_decrypt_key(test_key,128,&decks);
+
+	test_vector(vector_17,sizeof(vector_17));
+	test_vector(vector_31,sizeof(vector_31));
+	test_vector(vector_32,sizeof(vector_32));
+	test_vector(vector_47,sizeof(vector_47));
+	test_vector(vector_48,sizeof(vector_48));
+	test_vector(vector_64,sizeof(vector_64));
+	exit(0);
+}
+#endif
diff --git a/crypto/modes/modes.h b/crypto/modes/modes.h
new file mode 100644
index 0000000000..af8d97d795
--- /dev/null
+++ b/crypto/modes/modes.h
@@ -0,0 +1,59 @@
+/* ====================================================================
+ * Copyright (c) 2008 The OpenSSL Project. All rights reserved.
+ *
+ * Rights for redistribution and usage in source and binary
+ * forms are granted according to the OpenSSL license.
+ */
+
+#include <stddef.h>
+
+typedef void (*block128_f)(const unsigned char in[16],
+			unsigned char out[16],
+			const void *key);
+
+typedef void (*cbc128_f)(const unsigned char *in, unsigned char *out,
+			size_t len, const void *key,
+			unsigned char ivec[16], int enc);
+
+void CRYPTO_cbc128_encrypt(const unsigned char *in, unsigned char *out,
+			size_t len, const void *key,
+			unsigned char ivec[16], block128_f block);
+void CRYPTO_cbc128_decrypt(const unsigned char *in, unsigned char *out,
+			size_t len, const void *key,
+			unsigned char ivec[16], block128_f block);
+
+void CRYPTO_ctr128_encrypt(const unsigned char *in, unsigned char *out,
+			size_t len, const void *key,
+			unsigned char ivec[16], unsigned char ecount_buf[16],
+			unsigned int *num, block128_f block);
+
+void CRYPTO_ofb128_encrypt(const unsigned char *in, unsigned char *out,
+			size_t len, const void *key,
+			unsigned char ivec[16], int *num,
+			block128_f block);
+
+void CRYPTO_cfb128_encrypt(const unsigned char *in, unsigned char *out,
+			size_t len, const void *key,
+			unsigned char ivec[16], int *num,
+			int enc, block128_f block);
+void CRYPTO_cfb128_8_encrypt(const unsigned char *in, unsigned char *out,
+			size_t length, const void *key,
+			unsigned char ivec[16], int *num,
+			int enc, block128_f block);
+void CRYPTO_cfb128_1_encrypt(const unsigned char *in, unsigned char *out,
+			size_t bits, const void *key,
+			unsigned char ivec[16], int *num,
+			int enc, block128_f block);
+
+size_t CRYPTO_cts128_encrypt_block(const unsigned char *in, unsigned char *out,
+			size_t len, const void *key,
+			unsigned char ivec[16], block128_f block);
+size_t CRYPTO_cts128_encrypt(const unsigned char *in, unsigned char *out,
+			size_t len, const void *key,
+			unsigned char ivec[16], cbc128_f cbc);
+size_t CRYPTO_cts128_decrypt_block(const unsigned char *in, unsigned char *out,
+			size_t len, const void *key,
+			unsigned char ivec[16], block128_f block);
+size_t CRYPTO_cts128_decrypt(const unsigned char *in, unsigned char *out,
+			size_t len, const void *key,
+			unsigned char ivec[16], cbc128_f cbc);
diff --git a/crypto/modes/ofb128.c b/crypto/modes/ofb128.c
new file mode 100644
index 0000000000..09b3430034
--- /dev/null
+++ b/crypto/modes/ofb128.c
@@ -0,0 +1,128 @@
+/* ====================================================================
+ * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#include "modes.h"
+#include <string.h>
+
+#ifndef MODES_DEBUG
+# ifndef NDEBUG
+#  define NDEBUG
+# endif
+#endif
+#include <assert.h>
+
+#define STRICT_ALIGNMENT
+#if defined(__i386) || defined(__i386__) || \
+    defined(__x86_64) || defined(__x86_64__) || \
+    defined(_M_IX86) || defined(_M_AMD64) || defined(_M_X64) || \
+    defined(__s390__) || defined(__s390x__)
+#  undef STRICT_ALIGNMENT
+#endif
+
+/* The input and output encrypted as though 128bit ofb mode is being
+ * used.  The extra state information to record how much of the
+ * 128bit block we have used is contained in *num;
+ */
+void CRYPTO_ofb128_encrypt(const unsigned char *in, unsigned char *out,
+			size_t len, const void *key,
+			unsigned char ivec[16], int *num,
+			block128_f block)
+{
+	unsigned int n;
+	size_t l=0;
+
+	assert(in && out && key && ivec && num);
+
+	n = *num;
+
+#if !defined(OPENSSL_SMALL_FOOTPRINT)
+	if (16%sizeof(size_t) == 0) do { /* always true actually */
+		while (n && len) {
+			*(out++) = *(in++) ^ ivec[n];
+			--len;
+			n = (n+1) % 16;
+		}
+#if defined(STRICT_ALIGNMENT)
+		if (((size_t)in|(size_t)out|(size_t)ivec)%sizeof(size_t) != 0)
+			break;
+#endif
+		while (len>=16) {
+			(*block)(ivec, ivec, key);
+			for (n=0; n<16; n+=sizeof(size_t))
+				*(size_t*)(out+n) =
+				*(size_t*)(in+n) ^ *(size_t*)(ivec+n);
+			len -= 16;
+			out += 16;
+			in  += 16;
+		}
+		n = 0;
+		if (len) {
+			(*block)(ivec, ivec, key);
+			while (len--) {
+				out[n] = in[n] ^ ivec[n];
+				++n;
+			}
+		}
+		*num = n;
+		return;
+	} while(0);
+	/* the rest would be commonly eliminated by x86* compiler */
+#endif
+	while (l<len) {
+		if (n==0) {
+			(*block)(ivec, ivec, key);
+		}
+		out[l] = in[l] ^ ivec[n];
+		++l;
+		n = (n+1) % 16;
+	}
+
+	*num=n;
+}
diff --git a/crypto/o_str.c b/crypto/o_str.c
index da8860491d..56104a6c34 100644
--- a/crypto/o_str.c
+++ b/crypto/o_str.c
@@ -60,6 +60,12 @@
 #include <e_os.h>
 #include "o_str.h"
 
+#if !defined(OPENSSL_IMPLEMENTS_strncasecmp) && \
+    !defined(OPENSSL_SYSNAME_WIN32) && \
+    !defined(NETWARE_CLIB)
+# include <strings.h>
+#endif
+
 int OPENSSL_strncasecmp(const char *str1, const char *str2, size_t n)
 	{
 #if defined(OPENSSL_IMPLEMENTS_strncasecmp)
@@ -94,3 +100,12 @@ int OPENSSL_strcasecmp(const char *str1, const char *str2)
 #endif
 	}
 
+int OPENSSL_memcmp(const void *v1,const void *v2,size_t n)
+	{
+	const unsigned char *c1=v1,*c2=v2;
+	int ret=0;
+
+	while(n && (ret=*c1-*c2)==0) n--,c1++,c2++;
+
+	return ret;
+	}
diff --git a/crypto/o_str.h b/crypto/o_str.h
index 4a70a9e00b..dfc98494c6 100644
--- a/crypto/o_str.h
+++ b/crypto/o_str.h
@@ -63,5 +63,6 @@
 
 int OPENSSL_strcasecmp(const char *str1, const char *str2);
 int OPENSSL_strncasecmp(const char *str1, const char *str2, size_t n);
+int OPENSSL_memcmp(const void *p1,const void *p2,size_t n);
 
 #endif
diff --git a/crypto/o_time.c b/crypto/o_time.c
index e29091d650..eecbdd19f0 100644
--- a/crypto/o_time.c
+++ b/crypto/o_time.c
@@ -2,6 +2,9 @@
 /* Written by Richard Levitte (richard@levitte.org) for the OpenSSL
  * project 2001.
  */
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project 2008.
+ */
 /* ====================================================================
  * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
  *
@@ -73,7 +76,7 @@ struct tm *OPENSSL_gmtime(const time_t *timer, struct tm *result)
 	{
 	struct tm *ts = NULL;
 
-#if defined(OPENSSL_THREADS) && !defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_SYS_OS2) && !defined(__CYGWIN32__) && (!defined(OPENSSL_SYS_VMS) || defined(gmtime_r)) && !defined(OPENSSL_SYS_MACOSX) && !defined(OPENSSL_SYS_SUNOS)
+#if defined(OPENSSL_THREADS) && !defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_SYS_OS2) && (!defined(OPENSSL_SYS_VMS) || defined(gmtime_r)) && !defined(OPENSSL_SYS_MACOSX) && !defined(OPENSSL_SYS_SUNOS)
 	/* should return &data, but doesn't on some systems,
 	   so we don't even look at the return value */
 	gmtime_r(timer,result);
@@ -214,4 +217,150 @@ struct tm *OPENSSL_gmtime(const time_t *timer, struct tm *result)
 		}
 #endif
 	return ts;
-	}	
+	}
+
+/* Take a tm structure and add an offset to it. This avoids any OS issues
+ * with restricted date types and overflows which cause the year 2038
+ * problem.
+ */
+
+#define SECS_PER_DAY (24 * 60 * 60)
+
+static long date_to_julian(int y, int m, int d);
+static void julian_to_date(long jd, int *y, int *m, int *d);
+
+int OPENSSL_gmtime_adj(struct tm *tm, int off_day, long offset_sec)
+	{
+	int offset_hms, offset_day;
+	long time_jd;
+	int time_year, time_month, time_day;
+	/* split offset into days and day seconds */
+	offset_day = offset_sec / SECS_PER_DAY;
+	/* Avoid sign issues with % operator */
+	offset_hms  = offset_sec - (offset_day * SECS_PER_DAY);
+	offset_day += off_day;
+	/* Add current time seconds to offset */
+	offset_hms += tm->tm_hour * 3600 + tm->tm_min * 60 + tm->tm_sec;
+	/* Adjust day seconds if overflow */
+	if (offset_hms >= SECS_PER_DAY)
+		{
+		offset_day++;
+		offset_hms -= SECS_PER_DAY;
+		}
+	else if (offset_hms < 0)
+		{
+		offset_day--;
+		offset_hms += SECS_PER_DAY;
+		}
+
+	/* Convert date of time structure into a Julian day number.
+	 */
+
+	time_year = tm->tm_year + 1900;
+	time_month = tm->tm_mon + 1;
+	time_day = tm->tm_mday;
+
+	time_jd = date_to_julian(time_year, time_month, time_day);
+
+	/* Work out Julian day of new date */
+	time_jd += offset_day;
+
+	if (time_jd < 0)
+		return 0;
+
+	/* Convert Julian day back to date */
+
+	julian_to_date(time_jd, &time_year, &time_month, &time_day);
+
+	if (time_year < 1900 || time_year > 9999)
+		return 0;
+
+	/* Update tm structure */
+
+	tm->tm_year = time_year - 1900;
+	tm->tm_mon = time_month - 1;
+	tm->tm_mday = time_day;
+
+	tm->tm_hour = offset_hms / 3600;
+	tm->tm_min = (offset_hms / 60) % 60;
+	tm->tm_sec = offset_hms % 60;
+
+	return 1;
+		
+}
+
+/* Convert date to and from julian day
+ * Uses Fliegel & Van Flandern algorithm
+ */
+static long date_to_julian(int y, int m, int d)
+{
+	return (1461 * (y + 4800 + (m - 14) / 12)) / 4 +
+		(367 * (m - 2 - 12 * ((m - 14) / 12))) / 12 -
+		(3 * ((y + 4900 + (m - 14) / 12) / 100)) / 4 +
+		d - 32075;
+}
+
+static void julian_to_date(long jd, int *y, int *m, int *d)
+	{
+	long  L = jd + 68569;
+	long  n = (4 * L) / 146097;
+	long  i, j;
+
+	L = L - (146097 * n + 3) / 4;
+	i = (4000 * (L + 1)) / 1461001;
+	L = L - (1461 * i) / 4 + 31;
+	j = (80 * L) / 2447;
+	*d = L - (2447 * j) / 80;
+	L = j / 11;
+	*m = j + 2 - (12 * L);
+	*y = 100 * (n - 49) + i + L;
+	}
+
+#ifdef OPENSSL_TIME_TEST
+
+#include <stdio.h>
+
+/* Time checking test code. Check times are identical for a wide range of
+ * offsets. This should be run on a machine with 64 bit time_t or it will
+ * trigger the very errors the routines fix.
+ */
+
+int main(int argc, char **argv)
+	{
+	long offset;
+	for (offset = 0; offset < 1000000; offset++)
+		{
+		check_time(offset);
+		check_time(-offset);
+		check_time(offset * 1000);
+		check_time(-offset * 1000);
+		}
+	}
+
+int check_time(long offset)
+	{
+	struct tm tm1, tm2;
+	time_t t1, t2;
+	time(&t1);
+	t2 = t1 + offset;
+	OPENSSL_gmtime(&t2, &tm2);
+	OPENSSL_gmtime(&t1, &tm1);
+	OPENSSL_gmtime_adj(&tm1, 0, offset);
+	if ((tm1.tm_year == tm2.tm_year) &&
+	    (tm1.tm_mon == tm2.tm_mon) &&
+	    (tm1.tm_mday == tm2.tm_mday) &&
+	    (tm1.tm_hour == tm2.tm_hour) &&
+	    (tm1.tm_min == tm2.tm_min) &&
+	    (tm1.tm_sec == tm2.tm_sec))
+		return 1;
+	fprintf(stderr, "TIME ERROR!!\n");
+	fprintf(stderr, "Time1: %d/%d/%d, %d:%02d:%02d\n",
+			tm2.tm_mday, tm2.tm_mon + 1, tm2.tm_year + 1900,
+			tm2.tm_hour, tm2.tm_min, tm2.tm_sec);
+	fprintf(stderr, "Time2: %d/%d/%d, %d:%02d:%02d\n",
+			tm1.tm_mday, tm1.tm_mon + 1, tm1.tm_year + 1900,
+			tm1.tm_hour, tm1.tm_min, tm1.tm_sec);
+	return 0;
+	}
+
+#endif
diff --git a/crypto/o_time.h b/crypto/o_time.h
index e66044626d..e391da7508 100644
--- a/crypto/o_time.h
+++ b/crypto/o_time.h
@@ -62,5 +62,6 @@
 #include <time.h>
 
 struct tm *OPENSSL_gmtime(const time_t *timer, struct tm *result);
+int OPENSSL_gmtime_adj(struct tm *tm, int offset_day, long offset_sec);
 
 #endif
diff --git a/crypto/objects/Makefile.ssl b/crypto/objects/Makefile.ssl
deleted file mode 100644
index 00f9ee34d2..0000000000
--- a/crypto/objects/Makefile.ssl
+++ /dev/null
@@ -1,123 +0,0 @@
-#
-# SSLeay/crypto/objects/Makefile
-#
-
-DIR=	objects
-TOP=	../..
-CC=	cc
-INCLUDES= -I.. -I$(TOP) -I../../include
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-PERL=		perl
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile README
-TEST=
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=	o_names.c obj_dat.c obj_lib.c obj_err.c
-LIBOBJ= o_names.o obj_dat.o obj_lib.o obj_err.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= objects.h obj_mac.h
-HEADER=	$(EXHEADER) obj_dat.h
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	obj_dat.h lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-obj_dat.h: obj_dat.pl obj_mac.h
-	$(PERL) obj_dat.pl obj_mac.h obj_dat.h
-
-# objects.pl both reads and writes obj_mac.num
-obj_mac.h: objects.pl objects.txt obj_mac.num
-	$(PERL) objects.pl objects.txt obj_mac.num obj_mac.h
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@sh $(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-o_names.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-o_names.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-o_names.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-o_names.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-o_names.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-o_names.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-o_names.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-o_names.o: o_names.c
-obj_dat.o: ../../e_os.h ../../include/openssl/asn1.h
-obj_dat.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-obj_dat.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-obj_dat.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-obj_dat.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-obj_dat.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-obj_dat.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-obj_dat.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-obj_dat.o: ../cryptlib.h obj_dat.c obj_dat.h
-obj_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-obj_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-obj_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-obj_err.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-obj_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-obj_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-obj_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-obj_err.o: obj_err.c
-obj_lib.o: ../../e_os.h ../../include/openssl/asn1.h
-obj_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-obj_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-obj_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-obj_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-obj_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-obj_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-obj_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-obj_lib.o: ../cryptlib.h obj_lib.c
diff --git a/crypto/objects/o_names.c b/crypto/objects/o_names.c
index 28c9370ca3..84380a96a9 100644
--- a/crypto/objects/o_names.c
+++ b/crypto/objects/o_names.c
@@ -22,7 +22,8 @@
 /* I use the ex_data stuff to manage the identifiers for the obj_name_types
  * that applications may define.  I only really use the free function field.
  */
-static LHASH *names_lh=NULL;
+DECLARE_LHASH_OF(OBJ_NAME);
+static LHASH_OF(OBJ_NAME) *names_lh=NULL;
 static int names_type_num=OBJ_NAME_TYPE_NUM;
 
 typedef struct name_funcs_st
@@ -46,11 +47,14 @@ static unsigned long obj_name_hash(const void *a_void);
 /* static int obj_name_cmp(OBJ_NAME *a,OBJ_NAME *b); */
 static int obj_name_cmp(const void *a_void,const void *b_void);
 
+static IMPLEMENT_LHASH_HASH_FN(obj_name, OBJ_NAME)
+static IMPLEMENT_LHASH_COMP_FN(obj_name, OBJ_NAME)
+
 int OBJ_NAME_init(void)
 	{
 	if (names_lh != NULL) return(1);
 	MemCheck_off();
-	names_lh=lh_new(obj_name_hash, obj_name_cmp);
+	names_lh=lh_OBJ_NAME_new();
 	MemCheck_on();
 	return(names_lh != NULL);
 	}
@@ -111,8 +115,8 @@ int OBJ_NAME_new_index(unsigned long (*hash_func)(const char *),
 static int obj_name_cmp(const void *a_void, const void *b_void)
 	{
 	int ret;
-	OBJ_NAME *a = (OBJ_NAME *)a_void;
-	OBJ_NAME *b = (OBJ_NAME *)b_void;
+	const OBJ_NAME *a = (const OBJ_NAME *)a_void;
+	const OBJ_NAME *b = (const OBJ_NAME *)b_void;
 
 	ret=a->type-b->type;
 	if (ret == 0)
@@ -133,7 +137,7 @@ static int obj_name_cmp(const void *a_void, const void *b_void)
 static unsigned long obj_name_hash(const void *a_void)
 	{
 	unsigned long ret;
-	OBJ_NAME *a = (OBJ_NAME *)a_void;
+	const OBJ_NAME *a = (const OBJ_NAME *)a_void;
 
 	if ((name_funcs_stack != NULL) && (sk_NAME_FUNCS_num(name_funcs_stack) > a->type))
 		{
@@ -164,7 +168,7 @@ const char *OBJ_NAME_get(const char *name, int type)
 
 	for (;;)
 	{
-		ret=(OBJ_NAME *)lh_retrieve(names_lh,&on);
+		ret=lh_OBJ_NAME_retrieve(names_lh,&on);
 		if (ret == NULL) return(NULL);
 		if ((ret->alias) && !alias)
 			{
@@ -200,7 +204,7 @@ int OBJ_NAME_add(const char *name, int type, const char *data)
 	onp->type=type;
 	onp->data=data;
 
-	ret=(OBJ_NAME *)lh_insert(names_lh,onp);
+	ret=lh_OBJ_NAME_insert(names_lh,onp);
 	if (ret != NULL)
 		{
 		/* free things */
@@ -217,7 +221,7 @@ int OBJ_NAME_add(const char *name, int type, const char *data)
 		}
 	else
 		{
-		if (lh_error(names_lh))
+		if (lh_OBJ_NAME_error(names_lh))
 			{
 			/* ERROR */
 			return(0);
@@ -235,7 +239,7 @@ int OBJ_NAME_remove(const char *name, int type)
 	type&= ~OBJ_NAME_ALIAS;
 	on.name=name;
 	on.type=type;
-	ret=(OBJ_NAME *)lh_delete(names_lh,&on);
+	ret=lh_OBJ_NAME_delete(names_lh,&on);
 	if (ret != NULL)
 		{
 		/* free things */
@@ -262,13 +266,13 @@ struct doall
 	void *arg;
 	};
 
-static void do_all_fn(const OBJ_NAME *name,struct doall *d)
+static void do_all_fn_doall_arg(const OBJ_NAME *name,struct doall *d)
 	{
 	if(name->type == d->type)
 		d->fn(name,d->arg);
 	}
 
-static IMPLEMENT_LHASH_DOALL_ARG_FN(do_all_fn, const OBJ_NAME *, struct doall *)
+static IMPLEMENT_LHASH_DOALL_ARG_FN(do_all_fn, const OBJ_NAME, struct doall)
 
 void OBJ_NAME_do_all(int type,void (*fn)(const OBJ_NAME *,void *arg),void *arg)
 	{
@@ -278,7 +282,8 @@ void OBJ_NAME_do_all(int type,void (*fn)(const OBJ_NAME *,void *arg),void *arg)
 	d.fn=fn;
 	d.arg=arg;
 
-	lh_doall_arg(names_lh,LHASH_DOALL_ARG_FN(do_all_fn),&d);
+	lh_OBJ_NAME_doall_arg(names_lh, LHASH_DOALL_ARG_FN(do_all_fn),
+			      struct doall, &d);
 	}
 
 struct doall_sorted
@@ -313,7 +318,7 @@ void OBJ_NAME_do_all_sorted(int type,void (*fn)(const OBJ_NAME *,void *arg),
 	int n;
 
 	d.type=type;
-	d.names=OPENSSL_malloc(lh_num_items(names_lh)*sizeof *d.names);
+	d.names=OPENSSL_malloc(lh_OBJ_NAME_num_items(names_lh)*sizeof *d.names);
 	d.n=0;
 	OBJ_NAME_do_all(type,do_all_sorted_fn,&d);
 
@@ -327,18 +332,16 @@ void OBJ_NAME_do_all_sorted(int type,void (*fn)(const OBJ_NAME *,void *arg),
 
 static int free_type;
 
-static void names_lh_free(OBJ_NAME *onp)
-{
-	if(onp == NULL)
+static void names_lh_free_doall(OBJ_NAME *onp)
+	{
+	if (onp == NULL)
 		return;
 
-	if ((free_type < 0) || (free_type == onp->type))
-		{
+	if (free_type < 0 || free_type == onp->type)
 		OBJ_NAME_remove(onp->name,onp->type);
-		}
 	}
 
-static IMPLEMENT_LHASH_DOALL_FN(names_lh_free, OBJ_NAME *)
+static IMPLEMENT_LHASH_DOALL_FN(names_lh_free, OBJ_NAME)
 
 static void name_funcs_free(NAME_FUNCS *ptr)
 	{
@@ -352,18 +355,18 @@ void OBJ_NAME_cleanup(int type)
 	if (names_lh == NULL) return;
 
 	free_type=type;
-	down_load=names_lh->down_load;
-	names_lh->down_load=0;
+	down_load=lh_OBJ_NAME_down_load(names_lh);
+	lh_OBJ_NAME_down_load(names_lh)=0;
 
-	lh_doall(names_lh,LHASH_DOALL_FN(names_lh_free));
+	lh_OBJ_NAME_doall(names_lh,LHASH_DOALL_FN(names_lh_free));
 	if (type < 0)
 		{
-		lh_free(names_lh);
+		lh_OBJ_NAME_free(names_lh);
 		sk_NAME_FUNCS_pop_free(name_funcs_stack,name_funcs_free);
 		names_lh=NULL;
 		name_funcs_stack = NULL;
 		}
 	else
-		names_lh->down_load=down_load;
+		lh_OBJ_NAME_down_load(names_lh)=down_load;
 	}
 
diff --git a/crypto/objects/obj_dat.c b/crypto/objects/obj_dat.c
index 15f813a489..8a342ba3eb 100644
--- a/crypto/objects/obj_dat.c
+++ b/crypto/objects/obj_dat.c
@@ -58,10 +58,12 @@
 
 #include <stdio.h>
 #include <ctype.h>
+#include <limits.h>
 #include "cryptlib.h"
 #include <openssl/lhash.h>
 #include <openssl/asn1.h>
 #include <openssl/objects.h>
+#include <openssl/bn.h>
 
 /* obj_dat.h is generated from objects.h by obj_dat.pl */
 #ifndef OPENSSL_NO_OBJECT
@@ -72,16 +74,17 @@
 #define NUM_SN 0
 #define NUM_LN 0
 #define NUM_OBJ 0
-static unsigned char lvalues[1];
-static ASN1_OBJECT nid_objs[1];
-static ASN1_OBJECT *sn_objs[1];
-static ASN1_OBJECT *ln_objs[1];
-static ASN1_OBJECT *obj_objs[1];
+static const unsigned char lvalues[1];
+static const ASN1_OBJECT nid_objs[1];
+static const unsigned int sn_objs[1];
+static const unsigned int ln_objs[1];
+static const unsigned int obj_objs[1];
 #endif
 
-static int sn_cmp(const void *a, const void *b);
-static int ln_cmp(const void *a, const void *b);
-static int obj_cmp(const void *a, const void *b);
+DECLARE_OBJ_BSEARCH_CMP_FN(const ASN1_OBJECT *, unsigned int, sn);
+DECLARE_OBJ_BSEARCH_CMP_FN(const ASN1_OBJECT *, unsigned int, ln);
+DECLARE_OBJ_BSEARCH_CMP_FN(const ASN1_OBJECT *, unsigned int, obj);
+
 #define ADDED_DATA	0
 #define ADDED_SNAME	1
 #define ADDED_LNAME	2
@@ -92,30 +95,27 @@ typedef struct added_obj_st
 	int type;
 	ASN1_OBJECT *obj;
 	} ADDED_OBJ;
+DECLARE_LHASH_OF(ADDED_OBJ);
 
 static int new_nid=NUM_NID;
-static LHASH *added=NULL;
+static LHASH_OF(ADDED_OBJ) *added=NULL;
 
-static int sn_cmp(const void *a, const void *b)
-	{
-	const ASN1_OBJECT * const *ap = a, * const *bp = b;
-	return(strcmp((*ap)->sn,(*bp)->sn));
-	}
+static int sn_cmp(const ASN1_OBJECT * const *a, const unsigned int *b)
+	{ return(strcmp((*a)->sn,nid_objs[*b].sn)); }
 
-static int ln_cmp(const void *a, const void *b)
-	{ 
-	const ASN1_OBJECT * const *ap = a, * const *bp = b;
-	return(strcmp((*ap)->ln,(*bp)->ln));
-	}
+IMPLEMENT_OBJ_BSEARCH_CMP_FN(const ASN1_OBJECT *, unsigned int, sn);
+
+static int ln_cmp(const ASN1_OBJECT * const *a, const unsigned int *b)
+	{ return(strcmp((*a)->ln,nid_objs[*b].ln)); }
+
+IMPLEMENT_OBJ_BSEARCH_CMP_FN(const ASN1_OBJECT *, unsigned int, ln);
 
-/* static unsigned long add_hash(ADDED_OBJ *ca) */
-static unsigned long add_hash(const void *ca_void)
+static unsigned long added_obj_hash(const ADDED_OBJ *ca)
 	{
 	const ASN1_OBJECT *a;
 	int i;
 	unsigned long ret=0;
 	unsigned char *p;
-	ADDED_OBJ *ca = (ADDED_OBJ *)ca_void;
 
 	a=ca->obj;
 	switch (ca->type)
@@ -143,14 +143,12 @@ static unsigned long add_hash(const void *ca_void)
 	ret|=ca->type<<30L;
 	return(ret);
 	}
+static IMPLEMENT_LHASH_HASH_FN(added_obj, ADDED_OBJ)
 
-/* static int add_cmp(ADDED_OBJ *ca, ADDED_OBJ *cb) */
-static int add_cmp(const void *ca_void, const void *cb_void)
+static int added_obj_cmp(const ADDED_OBJ *ca, const ADDED_OBJ *cb)
 	{
 	ASN1_OBJECT *a,*b;
 	int i;
-	ADDED_OBJ *ca = (ADDED_OBJ *)ca_void;
-	ADDED_OBJ *cb = (ADDED_OBJ *)cb_void;
 
 	i=ca->type-cb->type;
 	if (i) return(i);
@@ -161,7 +159,7 @@ static int add_cmp(const void *ca_void, const void *cb_void)
 	case ADDED_DATA:
 		i=(a->length - b->length);
 		if (i) return(i);
-		return(memcmp(a->data,b->data,a->length));
+		return(memcmp(a->data,b->data,(size_t)a->length));
 	case ADDED_SNAME:
 		if (a->sn == NULL) return(-1);
 		else if (b->sn == NULL) return(1);
@@ -177,15 +175,16 @@ static int add_cmp(const void *ca_void, const void *cb_void)
 		return 0;
 		}
 	}
+static IMPLEMENT_LHASH_COMP_FN(added_obj, ADDED_OBJ)
 
 static int init_added(void)
 	{
 	if (added != NULL) return(1);
-	added=lh_new(add_hash,add_cmp);
+	added=lh_ADDED_OBJ_new();
 	return(added != NULL);
 	}
 
-static void cleanup1(ADDED_OBJ *a)
+static void cleanup1_doall(ADDED_OBJ *a)
 	{
 	a->obj->nid=0;
 	a->obj->flags|=ASN1_OBJECT_FLAG_DYNAMIC|
@@ -193,28 +192,46 @@ static void cleanup1(ADDED_OBJ *a)
 			ASN1_OBJECT_FLAG_DYNAMIC_DATA;
 	}
 
-static void cleanup2(ADDED_OBJ *a)
+static void cleanup2_doall(ADDED_OBJ *a)
 	{ a->obj->nid++; }
 
-static void cleanup3(ADDED_OBJ *a)
+static void cleanup3_doall(ADDED_OBJ *a)
 	{
 	if (--a->obj->nid == 0)
 		ASN1_OBJECT_free(a->obj);
 	OPENSSL_free(a);
 	}
 
-static IMPLEMENT_LHASH_DOALL_FN(cleanup1, ADDED_OBJ *)
-static IMPLEMENT_LHASH_DOALL_FN(cleanup2, ADDED_OBJ *)
-static IMPLEMENT_LHASH_DOALL_FN(cleanup3, ADDED_OBJ *)
+static IMPLEMENT_LHASH_DOALL_FN(cleanup1, ADDED_OBJ)
+static IMPLEMENT_LHASH_DOALL_FN(cleanup2, ADDED_OBJ)
+static IMPLEMENT_LHASH_DOALL_FN(cleanup3, ADDED_OBJ)
+
+/* The purpose of obj_cleanup_defer is to avoid EVP_cleanup() attempting
+ * to use freed up OIDs. If neccessary the actual freeing up of OIDs is
+ * delayed.
+ */
+
+int obj_cleanup_defer = 0;
+
+void check_defer(int nid)
+	{
+	if (!obj_cleanup_defer && nid >= NUM_NID)
+			obj_cleanup_defer = 1;
+	}
 
 void OBJ_cleanup(void)
 	{
+	if (obj_cleanup_defer)
+		{
+		obj_cleanup_defer = 2;
+		return ;
+		}
 	if (added == NULL) return;
-	added->down_load=0;
-	lh_doall(added,LHASH_DOALL_FN(cleanup1)); /* zero counters */
-	lh_doall(added,LHASH_DOALL_FN(cleanup2)); /* set counters */
-	lh_doall(added,LHASH_DOALL_FN(cleanup3)); /* free objects */
-	lh_free(added);
+	lh_ADDED_OBJ_down_load(added) = 0;
+	lh_ADDED_OBJ_doall(added,LHASH_DOALL_FN(cleanup1)); /* zero counters */
+	lh_ADDED_OBJ_doall(added,LHASH_DOALL_FN(cleanup2)); /* set counters */
+	lh_ADDED_OBJ_doall(added,LHASH_DOALL_FN(cleanup3)); /* free objects */
+	lh_ADDED_OBJ_free(added);
 	added=NULL;
 	}
 
@@ -250,7 +267,7 @@ int OBJ_add_object(const ASN1_OBJECT *obj)
 			{
 			ao[i]->type=i;
 			ao[i]->obj=o;
-			aop=(ADDED_OBJ *)lh_insert(added,ao[i]);
+			aop=lh_ADDED_OBJ_insert(added,ao[i]);
 			/* memory leak, buit should not normally matter */
 			if (aop != NULL)
 				OPENSSL_free(aop);
@@ -290,7 +307,7 @@ ASN1_OBJECT *OBJ_nid2obj(int n)
 		ad.type=ADDED_NID;
 		ad.obj= &ob;
 		ob.nid=n;
-		adp=(ADDED_OBJ *)lh_retrieve(added,&ad);
+		adp=lh_ADDED_OBJ_retrieve(added,&ad);
 		if (adp != NULL)
 			return(adp->obj);
 		else
@@ -322,7 +339,7 @@ const char *OBJ_nid2sn(int n)
 		ad.type=ADDED_NID;
 		ad.obj= &ob;
 		ob.nid=n;
-		adp=(ADDED_OBJ *)lh_retrieve(added,&ad);
+		adp=lh_ADDED_OBJ_retrieve(added,&ad);
 		if (adp != NULL)
 			return(adp->obj->sn);
 		else
@@ -354,7 +371,7 @@ const char *OBJ_nid2ln(int n)
 		ad.type=ADDED_NID;
 		ad.obj= &ob;
 		ob.nid=n;
-		adp=(ADDED_OBJ *)lh_retrieve(added,&ad);
+		adp=lh_ADDED_OBJ_retrieve(added,&ad);
 		if (adp != NULL)
 			return(adp->obj->ln);
 		else
@@ -365,9 +382,22 @@ const char *OBJ_nid2ln(int n)
 		}
 	}
 
+static int obj_cmp(const ASN1_OBJECT * const *ap, const unsigned int *bp)
+	{
+	int j;
+	const ASN1_OBJECT *a= *ap;
+	const ASN1_OBJECT *b= &nid_objs[*bp];
+
+	j=(a->length - b->length);
+        if (j) return(j);
+	return(memcmp(a->data,b->data,a->length));
+	}
+
+IMPLEMENT_OBJ_BSEARCH_CMP_FN(const ASN1_OBJECT *, unsigned int, obj);
+
 int OBJ_obj2nid(const ASN1_OBJECT *a)
 	{
-	ASN1_OBJECT **op;
+	const unsigned int *op;
 	ADDED_OBJ ad,*adp;
 
 	if (a == NULL)
@@ -379,14 +409,13 @@ int OBJ_obj2nid(const ASN1_OBJECT *a)
 		{
 		ad.type=ADDED_DATA;
 		ad.obj=(ASN1_OBJECT *)a; /* XXX: ugly but harmless */
-		adp=(ADDED_OBJ *)lh_retrieve(added,&ad);
+		adp=lh_ADDED_OBJ_retrieve(added,&ad);
 		if (adp != NULL) return (adp->obj->nid);
 		}
-	op=(ASN1_OBJECT **)OBJ_bsearch((char *)&a,(char *)obj_objs,NUM_OBJ,
-		sizeof(ASN1_OBJECT *),obj_cmp);
+	op=OBJ_bsearch_obj(&a, obj_objs, NUM_OBJ);
 	if (op == NULL)
 		return(NID_undef);
-	return((*op)->nid);
+	return(nid_objs[*op].nid);
 	}
 
 /* Convert an object name into an ASN1_OBJECT
@@ -413,8 +442,8 @@ ASN1_OBJECT *OBJ_txt2obj(const char *s, int no_name)
 	/* Work out size of content octets */
 	i=a2d_ASN1_OBJECT(NULL,0,s,-1);
 	if (i <= 0) {
-		/* Clear the error */
-		ERR_get_error();
+		/* Don't clear the error */
+		/*ERR_clear_error();*/
 		return NULL;
 	}
 	/* Work out total size */
@@ -436,66 +465,164 @@ ASN1_OBJECT *OBJ_txt2obj(const char *s, int no_name)
 
 int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name)
 {
-	int i,idx=0,n=0,len,nid;
+	int i,n=0,len,nid, first, use_bn;
+	BIGNUM *bl;
 	unsigned long l;
-	unsigned char *p;
-	const char *s;
+	const unsigned char *p;
 	char tbuf[DECIMAL_SIZE(i)+DECIMAL_SIZE(l)+2];
 
-	if (buf_len <= 0) return(0);
-
 	if ((a == NULL) || (a->data == NULL)) {
 		buf[0]='\0';
 		return(0);
 	}
 
-	if (no_name || (nid=OBJ_obj2nid(a)) == NID_undef) {
-		len=a->length;
-		p=a->data;
 
-		idx=0;
-		l=0;
-		while (idx < a->length) {
-			l|=(p[idx]&0x7f);
-			if (!(p[idx] & 0x80)) break;
-			l<<=7L;
-			idx++;
+	if (!no_name && (nid=OBJ_obj2nid(a)) != NID_undef)
+		{
+		const char *s;
+		s=OBJ_nid2ln(nid);
+		if (s == NULL)
+			s=OBJ_nid2sn(nid);
+		if (s)
+			{
+			if (buf)
+				BUF_strlcpy(buf,s,buf_len);
+			n=strlen(s);
+			return n;
+			}
 		}
-		idx++;
-		i=(int)(l/40);
-		if (i > 2) i=2;
-		l-=(long)(i*40);
-
-		BIO_snprintf(tbuf,sizeof tbuf,"%d.%lu",i,l);
-		i=strlen(tbuf);
-		BUF_strlcpy(buf,tbuf,buf_len);
-		buf_len-=i;
-		buf+=i;
-		n+=i;
 
+
+	len=a->length;
+	p=a->data;
+
+	first = 1;
+	bl = NULL;
+
+	while (len > 0)
+		{
 		l=0;
-		for (; idx<len; idx++) {
-			l|=p[idx]&0x7f;
-			if (!(p[idx] & 0x80)) {
-				BIO_snprintf(tbuf,sizeof tbuf,".%lu",l);
-				i=strlen(tbuf);
+		use_bn = 0;
+		for (;;)
+			{
+			unsigned char c = *p++;
+			len--;
+			if ((len == 0) && (c & 0x80))
+				goto err;
+			if (use_bn)
+				{
+				if (!BN_add_word(bl, c & 0x7f))
+					goto err;
+				}
+			else
+				l |= c  & 0x7f;
+			if (!(c & 0x80))
+				break;
+			if (!use_bn && (l > (ULONG_MAX >> 7L)))
+				{
+				if (!bl && !(bl = BN_new()))
+					goto err;
+				if (!BN_set_word(bl, l))
+					goto err;
+				use_bn = 1;
+				}
+			if (use_bn)
+				{
+				if (!BN_lshift(bl, bl, 7))
+					goto err;
+				}
+			else
+				l<<=7L;
+			}
+
+		if (first)
+			{
+			first = 0;
+			if (l >= 80)
+				{
+				i = 2;
+				if (use_bn)
+					{
+					if (!BN_sub_word(bl, 80))
+						goto err;
+					}
+				else
+					l -= 80;
+				}
+			else
+				{
+				i=(int)(l/40);
+				l-=(long)(i*40);
+				}
+			if (buf && (buf_len > 0))
+				{
+				*buf++ = i + '0';
+				buf_len--;
+				}
+			n++;
+			}
+
+		if (use_bn)
+			{
+			char *bndec;
+			bndec = BN_bn2dec(bl);
+			if (!bndec)
+				goto err;
+			i = strlen(bndec);
+			if (buf)
+				{
 				if (buf_len > 0)
-					BUF_strlcpy(buf,tbuf,buf_len);
-				buf_len-=i;
-				buf+=i;
-				n+=i;
-				l=0;
+					{
+					*buf++ = '.';
+					buf_len--;
+					}
+				BUF_strlcpy(buf,bndec,buf_len);
+				if (i > buf_len)
+					{
+					buf += buf_len;
+					buf_len = 0;
+					}
+				else
+					{
+					buf+=i;
+					buf_len-=i;
+					}
+				}
+			n++;
+			n += i;
+			OPENSSL_free(bndec);
+			}
+		else
+			{
+			BIO_snprintf(tbuf,sizeof tbuf,".%lu",l);
+			i=strlen(tbuf);
+			if (buf && (buf_len > 0))
+				{
+				BUF_strlcpy(buf,tbuf,buf_len);
+				if (i > buf_len)
+					{
+					buf += buf_len;
+					buf_len = 0;
+					}
+				else
+					{
+					buf+=i;
+					buf_len-=i;
+					}
+				}
+			n+=i;
+			l=0;
 			}
-			l<<=7L;
 		}
-	} else {
-		s=OBJ_nid2ln(nid);
-		if (s == NULL)
-			s=OBJ_nid2sn(nid);
-		BUF_strlcpy(buf,s,buf_len);
-		n=strlen(s);
-	}
-	return(n);
+
+	if (bl)
+		BN_free(bl);
+	return n;
+
+	err:
+	if (bl)
+		BN_free(bl);
+	return -1;
 }
 
 int OBJ_txt2nid(const char *s)
@@ -510,62 +637,56 @@ int OBJ_txt2nid(const char *s)
 
 int OBJ_ln2nid(const char *s)
 	{
-	ASN1_OBJECT o,*oo= &o,**op;
+	ASN1_OBJECT o;
+	const ASN1_OBJECT *oo= &o;
 	ADDED_OBJ ad,*adp;
+	const unsigned int *op;
 
 	o.ln=s;
 	if (added != NULL)
 		{
 		ad.type=ADDED_LNAME;
 		ad.obj= &o;
-		adp=(ADDED_OBJ *)lh_retrieve(added,&ad);
+		adp=lh_ADDED_OBJ_retrieve(added,&ad);
 		if (adp != NULL) return (adp->obj->nid);
 		}
-	op=(ASN1_OBJECT **)OBJ_bsearch((char *)&oo,(char *)ln_objs,NUM_LN,
-		sizeof(ASN1_OBJECT *),ln_cmp);
+	op=OBJ_bsearch_ln(&oo, ln_objs, NUM_LN);
 	if (op == NULL) return(NID_undef);
-	return((*op)->nid);
+	return(nid_objs[*op].nid);
 	}
 
 int OBJ_sn2nid(const char *s)
 	{
-	ASN1_OBJECT o,*oo= &o,**op;
+	ASN1_OBJECT o;
+	const ASN1_OBJECT *oo= &o;
 	ADDED_OBJ ad,*adp;
+	const unsigned int *op;
 
 	o.sn=s;
 	if (added != NULL)
 		{
 		ad.type=ADDED_SNAME;
 		ad.obj= &o;
-		adp=(ADDED_OBJ *)lh_retrieve(added,&ad);
+		adp=lh_ADDED_OBJ_retrieve(added,&ad);
 		if (adp != NULL) return (adp->obj->nid);
 		}
-	op=(ASN1_OBJECT **)OBJ_bsearch((char *)&oo,(char *)sn_objs,NUM_SN,
-		sizeof(ASN1_OBJECT *),sn_cmp);
+	op=OBJ_bsearch_sn(&oo, sn_objs, NUM_SN);
 	if (op == NULL) return(NID_undef);
-	return((*op)->nid);
+	return(nid_objs[*op].nid);
 	}
 
-static int obj_cmp(const void *ap, const void *bp)
-	{
-	int j;
-	ASN1_OBJECT *a= *(ASN1_OBJECT **)ap;
-	ASN1_OBJECT *b= *(ASN1_OBJECT **)bp;
-
-	j=(a->length - b->length);
-        if (j) return(j);
-	return(memcmp(a->data,b->data,a->length));
-        }
-
-const char *OBJ_bsearch(const char *key, const char *base, int num, int size,
-	int (*cmp)(const void *, const void *))
+const void *OBJ_bsearch_(const void *key, const void *base, int num, int size,
+			 int (*cmp)(const void *, const void *))
 	{
-	return OBJ_bsearch_ex(key, base, num, size, cmp, 0);
+	return OBJ_bsearch_ex_(key, base, num, size, cmp, 0);
 	}
 
-const char *OBJ_bsearch_ex(const char *key, const char *base, int num,
-	int size, int (*cmp)(const void *, const void *), int flags)
+const void *OBJ_bsearch_ex_(const void *key, const void *base_, int num,
+			    int size,
+			    int (*cmp)(const void *, const void *),
+			    int flags)
 	{
+	const char *base=base_;
 	int l,h,i=0,c=0;
 	const char *p = NULL;
 
diff --git a/crypto/objects/obj_dat.h b/crypto/objects/obj_dat.h
index c2a707a984..cbccf5afd6 100644
--- a/crypto/objects/obj_dat.h
+++ b/crypto/objects/obj_dat.h
@@ -62,12 +62,12 @@
  * [including the GNU Public Licence.]
  */
 
-#define NUM_NID 751
-#define NUM_SN 747
-#define NUM_LN 747
-#define NUM_OBJ 709
+#define NUM_NID 894
+#define NUM_SN 887
+#define NUM_LN 887
+#define NUM_OBJ 841
 
-static unsigned char lvalues[5002]={
+static const unsigned char lvalues[5835]={
 0x00,                                        /* [  0] OBJ_undef */
 0x2A,0x86,0x48,0x86,0xF7,0x0D,               /* [  1] OBJ_rsadsi */
 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,          /* [  7] OBJ_pkcs */
@@ -166,620 +166,752 @@ static unsigned char lvalues[5002]={
 0x2B,0x24,0x03,0x03,0x01,0x02,               /* [603] OBJ_ripemd160WithRSA */
 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x08,     /* [609] OBJ_rc5_cbc */
 0x29,0x01,0x01,0x85,0x1A,0x01,               /* [617] OBJ_rle_compression */
-0x29,0x01,0x01,0x85,0x1A,0x02,               /* [623] OBJ_zlib_compression */
-0x55,0x1D,0x25,                              /* [629] OBJ_ext_key_usage */
-0x2B,0x06,0x01,0x05,0x05,0x07,               /* [632] OBJ_id_pkix */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,          /* [638] OBJ_id_kp */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x01,     /* [645] OBJ_server_auth */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x02,     /* [653] OBJ_client_auth */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x03,     /* [661] OBJ_code_sign */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x04,     /* [669] OBJ_email_protect */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x08,     /* [677] OBJ_time_stamp */
-0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x02,0x01,0x15,/* [685] OBJ_ms_code_ind */
-0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x02,0x01,0x16,/* [695] OBJ_ms_code_com */
-0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x0A,0x03,0x01,/* [705] OBJ_ms_ctl_sign */
-0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x0A,0x03,0x03,/* [715] OBJ_ms_sgc */
-0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x0A,0x03,0x04,/* [725] OBJ_ms_efs */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x04,0x01,/* [735] OBJ_ns_sgc */
-0x55,0x1D,0x1B,                              /* [744] OBJ_delta_crl */
-0x55,0x1D,0x15,                              /* [747] OBJ_crl_reason */
-0x55,0x1D,0x18,                              /* [750] OBJ_invalidity_date */
-0x2B,0x65,0x01,0x04,0x01,                    /* [753] OBJ_sxnet */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x01,/* [758] OBJ_pbe_WithSHA1And128BitRC4 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x02,/* [768] OBJ_pbe_WithSHA1And40BitRC4 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x03,/* [778] OBJ_pbe_WithSHA1And3_Key_TripleDES_CBC */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x04,/* [788] OBJ_pbe_WithSHA1And2_Key_TripleDES_CBC */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x05,/* [798] OBJ_pbe_WithSHA1And128BitRC2_CBC */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x06,/* [808] OBJ_pbe_WithSHA1And40BitRC2_CBC */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x01,/* [818] OBJ_keyBag */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x02,/* [829] OBJ_pkcs8ShroudedKeyBag */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x03,/* [840] OBJ_certBag */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x04,/* [851] OBJ_crlBag */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x05,/* [862] OBJ_secretBag */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x06,/* [873] OBJ_safeContentsBag */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x14,/* [884] OBJ_friendlyName */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x15,/* [893] OBJ_localKeyID */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x16,0x01,/* [902] OBJ_x509Certificate */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x16,0x02,/* [912] OBJ_sdsiCertificate */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x17,0x01,/* [922] OBJ_x509Crl */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0D,/* [932] OBJ_pbes2 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0E,/* [941] OBJ_pbmac1 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x07,     /* [950] OBJ_hmacWithSHA1 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x01,     /* [958] OBJ_id_qt_cps */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x02,     /* [966] OBJ_id_qt_unotice */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x0F,/* [974] OBJ_SMIMECapabilities */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x04,/* [983] OBJ_pbeWithMD2AndRC2_CBC */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x06,/* [992] OBJ_pbeWithMD5AndRC2_CBC */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0A,/* [1001] OBJ_pbeWithSHA1AndDES_CBC */
-0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x02,0x01,0x0E,/* [1010] OBJ_ms_ext_req */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x0E,/* [1020] OBJ_ext_req */
-0x55,0x04,0x29,                              /* [1029] OBJ_name */
-0x55,0x04,0x2E,                              /* [1032] OBJ_dnQualifier */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,          /* [1035] OBJ_id_pe */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,          /* [1042] OBJ_id_ad */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x01,     /* [1049] OBJ_info_access */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,     /* [1057] OBJ_ad_OCSP */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x02,     /* [1065] OBJ_ad_ca_issuers */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x09,     /* [1073] OBJ_OCSP_sign */
-0x28,                                        /* [1081] OBJ_iso */
-0x2A,                                        /* [1082] OBJ_member_body */
-0x2A,0x86,0x48,                              /* [1083] OBJ_ISO_US */
-0x2A,0x86,0x48,0xCE,0x38,                    /* [1086] OBJ_X9_57 */
-0x2A,0x86,0x48,0xCE,0x38,0x04,               /* [1091] OBJ_X9cm */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,     /* [1097] OBJ_pkcs1 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,     /* [1105] OBJ_pkcs5 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,/* [1113] OBJ_SMIME */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,/* [1122] OBJ_id_smime_mod */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,/* [1132] OBJ_id_smime_ct */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,/* [1142] OBJ_id_smime_aa */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,/* [1152] OBJ_id_smime_alg */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x04,/* [1162] OBJ_id_smime_cd */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x05,/* [1172] OBJ_id_smime_spq */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,/* [1182] OBJ_id_smime_cti */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x01,/* [1192] OBJ_id_smime_mod_cms */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x02,/* [1203] OBJ_id_smime_mod_ess */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x03,/* [1214] OBJ_id_smime_mod_oid */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x04,/* [1225] OBJ_id_smime_mod_msg_v3 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x05,/* [1236] OBJ_id_smime_mod_ets_eSignature_88 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x06,/* [1247] OBJ_id_smime_mod_ets_eSignature_97 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x07,/* [1258] OBJ_id_smime_mod_ets_eSigPolicy_88 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x08,/* [1269] OBJ_id_smime_mod_ets_eSigPolicy_97 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x01,/* [1280] OBJ_id_smime_ct_receipt */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x02,/* [1291] OBJ_id_smime_ct_authData */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x03,/* [1302] OBJ_id_smime_ct_publishCert */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x04,/* [1313] OBJ_id_smime_ct_TSTInfo */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x05,/* [1324] OBJ_id_smime_ct_TDTInfo */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x06,/* [1335] OBJ_id_smime_ct_contentInfo */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x07,/* [1346] OBJ_id_smime_ct_DVCSRequestData */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x08,/* [1357] OBJ_id_smime_ct_DVCSResponseData */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x01,/* [1368] OBJ_id_smime_aa_receiptRequest */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x02,/* [1379] OBJ_id_smime_aa_securityLabel */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x03,/* [1390] OBJ_id_smime_aa_mlExpandHistory */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x04,/* [1401] OBJ_id_smime_aa_contentHint */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x05,/* [1412] OBJ_id_smime_aa_msgSigDigest */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x06,/* [1423] OBJ_id_smime_aa_encapContentType */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x07,/* [1434] OBJ_id_smime_aa_contentIdentifier */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x08,/* [1445] OBJ_id_smime_aa_macValue */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x09,/* [1456] OBJ_id_smime_aa_equivalentLabels */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0A,/* [1467] OBJ_id_smime_aa_contentReference */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0B,/* [1478] OBJ_id_smime_aa_encrypKeyPref */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0C,/* [1489] OBJ_id_smime_aa_signingCertificate */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0D,/* [1500] OBJ_id_smime_aa_smimeEncryptCerts */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0E,/* [1511] OBJ_id_smime_aa_timeStampToken */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0F,/* [1522] OBJ_id_smime_aa_ets_sigPolicyId */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x10,/* [1533] OBJ_id_smime_aa_ets_commitmentType */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x11,/* [1544] OBJ_id_smime_aa_ets_signerLocation */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x12,/* [1555] OBJ_id_smime_aa_ets_signerAttr */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x13,/* [1566] OBJ_id_smime_aa_ets_otherSigCert */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x14,/* [1577] OBJ_id_smime_aa_ets_contentTimestamp */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x15,/* [1588] OBJ_id_smime_aa_ets_CertificateRefs */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x16,/* [1599] OBJ_id_smime_aa_ets_RevocationRefs */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x17,/* [1610] OBJ_id_smime_aa_ets_certValues */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x18,/* [1621] OBJ_id_smime_aa_ets_revocationValues */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x19,/* [1632] OBJ_id_smime_aa_ets_escTimeStamp */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1A,/* [1643] OBJ_id_smime_aa_ets_certCRLTimestamp */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1B,/* [1654] OBJ_id_smime_aa_ets_archiveTimeStamp */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1C,/* [1665] OBJ_id_smime_aa_signatureType */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1D,/* [1676] OBJ_id_smime_aa_dvcs_dvc */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x01,/* [1687] OBJ_id_smime_alg_ESDHwith3DES */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x02,/* [1698] OBJ_id_smime_alg_ESDHwithRC2 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x03,/* [1709] OBJ_id_smime_alg_3DESwrap */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x04,/* [1720] OBJ_id_smime_alg_RC2wrap */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x05,/* [1731] OBJ_id_smime_alg_ESDH */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x06,/* [1742] OBJ_id_smime_alg_CMS3DESwrap */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x07,/* [1753] OBJ_id_smime_alg_CMSRC2wrap */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x04,0x01,/* [1764] OBJ_id_smime_cd_ldap */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x05,0x01,/* [1775] OBJ_id_smime_spq_ets_sqt_uri */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x05,0x02,/* [1786] OBJ_id_smime_spq_ets_sqt_unotice */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x01,/* [1797] OBJ_id_smime_cti_ets_proofOfOrigin */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x02,/* [1808] OBJ_id_smime_cti_ets_proofOfReceipt */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x03,/* [1819] OBJ_id_smime_cti_ets_proofOfDelivery */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x04,/* [1830] OBJ_id_smime_cti_ets_proofOfSender */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x05,/* [1841] OBJ_id_smime_cti_ets_proofOfApproval */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x06,/* [1852] OBJ_id_smime_cti_ets_proofOfCreation */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x04,     /* [1863] OBJ_md4 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,          /* [1871] OBJ_id_pkix_mod */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x02,          /* [1878] OBJ_id_qt */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,          /* [1885] OBJ_id_it */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05,          /* [1892] OBJ_id_pkip */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x06,          /* [1899] OBJ_id_alg */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,          /* [1906] OBJ_id_cmc */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x08,          /* [1913] OBJ_id_on */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x09,          /* [1920] OBJ_id_pda */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,          /* [1927] OBJ_id_aca */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0B,          /* [1934] OBJ_id_qcs */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0C,          /* [1941] OBJ_id_cct */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x01,     /* [1948] OBJ_id_pkix1_explicit_88 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x02,     /* [1956] OBJ_id_pkix1_implicit_88 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x03,     /* [1964] OBJ_id_pkix1_explicit_93 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x04,     /* [1972] OBJ_id_pkix1_implicit_93 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x05,     /* [1980] OBJ_id_mod_crmf */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x06,     /* [1988] OBJ_id_mod_cmc */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x07,     /* [1996] OBJ_id_mod_kea_profile_88 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x08,     /* [2004] OBJ_id_mod_kea_profile_93 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x09,     /* [2012] OBJ_id_mod_cmp */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0A,     /* [2020] OBJ_id_mod_qualified_cert_88 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0B,     /* [2028] OBJ_id_mod_qualified_cert_93 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0C,     /* [2036] OBJ_id_mod_attribute_cert */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0D,     /* [2044] OBJ_id_mod_timestamp_protocol */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0E,     /* [2052] OBJ_id_mod_ocsp */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0F,     /* [2060] OBJ_id_mod_dvcs */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x10,     /* [2068] OBJ_id_mod_cmp2000 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x02,     /* [2076] OBJ_biometricInfo */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x03,     /* [2084] OBJ_qcStatements */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x04,     /* [2092] OBJ_ac_auditEntity */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x05,     /* [2100] OBJ_ac_targeting */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x06,     /* [2108] OBJ_aaControls */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x07,     /* [2116] OBJ_sbqp_ipAddrBlock */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x08,     /* [2124] OBJ_sbqp_autonomousSysNum */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x09,     /* [2132] OBJ_sbqp_routerIdentifier */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x03,     /* [2140] OBJ_textNotice */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x05,     /* [2148] OBJ_ipsecEndSystem */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x06,     /* [2156] OBJ_ipsecTunnel */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x07,     /* [2164] OBJ_ipsecUser */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x0A,     /* [2172] OBJ_dvcs */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x01,     /* [2180] OBJ_id_it_caProtEncCert */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x02,     /* [2188] OBJ_id_it_signKeyPairTypes */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x03,     /* [2196] OBJ_id_it_encKeyPairTypes */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x04,     /* [2204] OBJ_id_it_preferredSymmAlg */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x05,     /* [2212] OBJ_id_it_caKeyUpdateInfo */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x06,     /* [2220] OBJ_id_it_currentCRL */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x07,     /* [2228] OBJ_id_it_unsupportedOIDs */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x08,     /* [2236] OBJ_id_it_subscriptionRequest */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x09,     /* [2244] OBJ_id_it_subscriptionResponse */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0A,     /* [2252] OBJ_id_it_keyPairParamReq */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0B,     /* [2260] OBJ_id_it_keyPairParamRep */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0C,     /* [2268] OBJ_id_it_revPassphrase */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0D,     /* [2276] OBJ_id_it_implicitConfirm */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0E,     /* [2284] OBJ_id_it_confirmWaitTime */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0F,     /* [2292] OBJ_id_it_origPKIMessage */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,     /* [2300] OBJ_id_regCtrl */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x02,     /* [2308] OBJ_id_regInfo */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x01,/* [2316] OBJ_id_regCtrl_regToken */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x02,/* [2325] OBJ_id_regCtrl_authenticator */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x03,/* [2334] OBJ_id_regCtrl_pkiPublicationInfo */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x04,/* [2343] OBJ_id_regCtrl_pkiArchiveOptions */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x05,/* [2352] OBJ_id_regCtrl_oldCertID */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x06,/* [2361] OBJ_id_regCtrl_protocolEncrKey */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x02,0x01,/* [2370] OBJ_id_regInfo_utf8Pairs */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x02,0x02,/* [2379] OBJ_id_regInfo_certReq */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x01,     /* [2388] OBJ_id_alg_des40 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x02,     /* [2396] OBJ_id_alg_noSignature */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x03,     /* [2404] OBJ_id_alg_dh_sig_hmac_sha1 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x04,     /* [2412] OBJ_id_alg_dh_pop */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x01,     /* [2420] OBJ_id_cmc_statusInfo */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x02,     /* [2428] OBJ_id_cmc_identification */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x03,     /* [2436] OBJ_id_cmc_identityProof */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x04,     /* [2444] OBJ_id_cmc_dataReturn */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x05,     /* [2452] OBJ_id_cmc_transactionId */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x06,     /* [2460] OBJ_id_cmc_senderNonce */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x07,     /* [2468] OBJ_id_cmc_recipientNonce */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x08,     /* [2476] OBJ_id_cmc_addExtensions */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x09,     /* [2484] OBJ_id_cmc_encryptedPOP */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x0A,     /* [2492] OBJ_id_cmc_decryptedPOP */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x0B,     /* [2500] OBJ_id_cmc_lraPOPWitness */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x0F,     /* [2508] OBJ_id_cmc_getCert */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x10,     /* [2516] OBJ_id_cmc_getCRL */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x11,     /* [2524] OBJ_id_cmc_revokeRequest */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x12,     /* [2532] OBJ_id_cmc_regInfo */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x13,     /* [2540] OBJ_id_cmc_responseInfo */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x15,     /* [2548] OBJ_id_cmc_queryPending */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x16,     /* [2556] OBJ_id_cmc_popLinkRandom */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x17,     /* [2564] OBJ_id_cmc_popLinkWitness */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x18,     /* [2572] OBJ_id_cmc_confirmCertAcceptance */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x08,0x01,     /* [2580] OBJ_id_on_personalData */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x01,     /* [2588] OBJ_id_pda_dateOfBirth */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x02,     /* [2596] OBJ_id_pda_placeOfBirth */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x03,     /* [2604] OBJ_id_pda_gender */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x04,     /* [2612] OBJ_id_pda_countryOfCitizenship */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x05,     /* [2620] OBJ_id_pda_countryOfResidence */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x01,     /* [2628] OBJ_id_aca_authenticationInfo */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x02,     /* [2636] OBJ_id_aca_accessIdentity */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x03,     /* [2644] OBJ_id_aca_chargingIdentity */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x04,     /* [2652] OBJ_id_aca_group */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x05,     /* [2660] OBJ_id_aca_role */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0B,0x01,     /* [2668] OBJ_id_qcs_pkixQCSyntax_v1 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0C,0x01,     /* [2676] OBJ_id_cct_crs */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0C,0x02,     /* [2684] OBJ_id_cct_PKIData */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0C,0x03,     /* [2692] OBJ_id_cct_PKIResponse */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x03,     /* [2700] OBJ_ad_timeStamping */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x04,     /* [2708] OBJ_ad_dvcs */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x01,/* [2716] OBJ_id_pkix_OCSP_basic */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x02,/* [2725] OBJ_id_pkix_OCSP_Nonce */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x03,/* [2734] OBJ_id_pkix_OCSP_CrlID */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x04,/* [2743] OBJ_id_pkix_OCSP_acceptableResponses */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x05,/* [2752] OBJ_id_pkix_OCSP_noCheck */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x06,/* [2761] OBJ_id_pkix_OCSP_archiveCutoff */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x07,/* [2770] OBJ_id_pkix_OCSP_serviceLocator */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x08,/* [2779] OBJ_id_pkix_OCSP_extendedStatus */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x09,/* [2788] OBJ_id_pkix_OCSP_valid */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x0A,/* [2797] OBJ_id_pkix_OCSP_path */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x0B,/* [2806] OBJ_id_pkix_OCSP_trustRoot */
-0x2B,0x0E,0x03,0x02,                         /* [2815] OBJ_algorithm */
-0x2B,0x0E,0x03,0x02,0x0B,                    /* [2819] OBJ_rsaSignature */
-0x55,0x08,                                   /* [2824] OBJ_X500algorithms */
-0x2B,                                        /* [2826] OBJ_org */
-0x2B,0x06,                                   /* [2827] OBJ_dod */
-0x2B,0x06,0x01,                              /* [2829] OBJ_iana */
-0x2B,0x06,0x01,0x01,                         /* [2832] OBJ_Directory */
-0x2B,0x06,0x01,0x02,                         /* [2836] OBJ_Management */
-0x2B,0x06,0x01,0x03,                         /* [2840] OBJ_Experimental */
-0x2B,0x06,0x01,0x04,                         /* [2844] OBJ_Private */
-0x2B,0x06,0x01,0x05,                         /* [2848] OBJ_Security */
-0x2B,0x06,0x01,0x06,                         /* [2852] OBJ_SNMPv2 */
-0x2B,0x06,0x01,0x07,                         /* [2856] OBJ_Mail */
-0x2B,0x06,0x01,0x04,0x01,                    /* [2860] OBJ_Enterprises */
-0x2B,0x06,0x01,0x04,0x01,0x8B,0x3A,0x82,0x58,/* [2865] OBJ_dcObject */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x19,/* [2874] OBJ_domainComponent */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x0D,/* [2884] OBJ_Domain */
-0x00,                                        /* [2894] OBJ_joint_iso_ccitt */
-0x55,0x01,0x05,                              /* [2895] OBJ_selected_attribute_types */
-0x55,0x01,0x05,0x37,                         /* [2898] OBJ_clearance */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x03,/* [2902] OBJ_md4WithRSAEncryption */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x0A,     /* [2911] OBJ_ac_proxying */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x0B,     /* [2919] OBJ_sinfo_access */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x06,     /* [2927] OBJ_id_aca_encAttrs */
-0x55,0x04,0x48,                              /* [2935] OBJ_role */
-0x55,0x1D,0x24,                              /* [2938] OBJ_policy_constraints */
-0x55,0x1D,0x37,                              /* [2941] OBJ_target_information */
-0x55,0x1D,0x38,                              /* [2944] OBJ_no_rev_avail */
-0x00,                                        /* [2947] OBJ_ccitt */
-0x2A,0x86,0x48,0xCE,0x3D,                    /* [2948] OBJ_ansi_X9_62 */
-0x2A,0x86,0x48,0xCE,0x3D,0x01,0x01,          /* [2953] OBJ_X9_62_prime_field */
-0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,          /* [2960] OBJ_X9_62_characteristic_two_field */
-0x2A,0x86,0x48,0xCE,0x3D,0x02,0x01,          /* [2967] OBJ_X9_62_id_ecPublicKey */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x01,     /* [2974] OBJ_X9_62_prime192v1 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x02,     /* [2982] OBJ_X9_62_prime192v2 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x03,     /* [2990] OBJ_X9_62_prime192v3 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x04,     /* [2998] OBJ_X9_62_prime239v1 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x05,     /* [3006] OBJ_X9_62_prime239v2 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x06,     /* [3014] OBJ_X9_62_prime239v3 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x07,     /* [3022] OBJ_X9_62_prime256v1 */
-0x2A,0x86,0x48,0xCE,0x3D,0x04,0x01,          /* [3030] OBJ_ecdsa_with_SHA1 */
-0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x11,0x01,/* [3037] OBJ_ms_csp_name */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x01,/* [3046] OBJ_aes_128_ecb */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x02,/* [3055] OBJ_aes_128_cbc */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x03,/* [3064] OBJ_aes_128_ofb128 */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x04,/* [3073] OBJ_aes_128_cfb128 */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x15,/* [3082] OBJ_aes_192_ecb */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x16,/* [3091] OBJ_aes_192_cbc */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x17,/* [3100] OBJ_aes_192_ofb128 */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x18,/* [3109] OBJ_aes_192_cfb128 */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x29,/* [3118] OBJ_aes_256_ecb */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2A,/* [3127] OBJ_aes_256_cbc */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2B,/* [3136] OBJ_aes_256_ofb128 */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2C,/* [3145] OBJ_aes_256_cfb128 */
-0x55,0x1D,0x17,                              /* [3154] OBJ_hold_instruction_code */
-0x2A,0x86,0x48,0xCE,0x38,0x02,0x01,          /* [3157] OBJ_hold_instruction_none */
-0x2A,0x86,0x48,0xCE,0x38,0x02,0x02,          /* [3164] OBJ_hold_instruction_call_issuer */
-0x2A,0x86,0x48,0xCE,0x38,0x02,0x03,          /* [3171] OBJ_hold_instruction_reject */
-0x09,                                        /* [3178] OBJ_data */
-0x09,0x92,0x26,                              /* [3179] OBJ_pss */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,          /* [3182] OBJ_ucl */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,     /* [3189] OBJ_pilot */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,/* [3197] OBJ_pilotAttributeType */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x03,/* [3206] OBJ_pilotAttributeSyntax */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,/* [3215] OBJ_pilotObjectClass */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x0A,/* [3224] OBJ_pilotGroups */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x03,0x04,/* [3233] OBJ_iA5StringSyntax */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x03,0x05,/* [3243] OBJ_caseIgnoreIA5StringSyntax */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x03,/* [3253] OBJ_pilotObject */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x04,/* [3263] OBJ_pilotPerson */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x05,/* [3273] OBJ_account */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x06,/* [3283] OBJ_document */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x07,/* [3293] OBJ_room */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x09,/* [3303] OBJ_documentSeries */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x0E,/* [3313] OBJ_rFC822localPart */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x0F,/* [3323] OBJ_dNSDomain */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x11,/* [3333] OBJ_domainRelatedObject */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x12,/* [3343] OBJ_friendlyCountry */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x13,/* [3353] OBJ_simpleSecurityObject */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x14,/* [3363] OBJ_pilotOrganization */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x15,/* [3373] OBJ_pilotDSA */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x16,/* [3383] OBJ_qualityLabelledData */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x01,/* [3393] OBJ_userId */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x02,/* [3403] OBJ_textEncodedORAddress */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x03,/* [3413] OBJ_rfc822Mailbox */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x04,/* [3423] OBJ_info */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x05,/* [3433] OBJ_favouriteDrink */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x06,/* [3443] OBJ_roomNumber */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x07,/* [3453] OBJ_photo */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x08,/* [3463] OBJ_userClass */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x09,/* [3473] OBJ_host */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0A,/* [3483] OBJ_manager */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0B,/* [3493] OBJ_documentIdentifier */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0C,/* [3503] OBJ_documentTitle */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0D,/* [3513] OBJ_documentVersion */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0E,/* [3523] OBJ_documentAuthor */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0F,/* [3533] OBJ_documentLocation */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x14,/* [3543] OBJ_homeTelephoneNumber */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x15,/* [3553] OBJ_secretary */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x16,/* [3563] OBJ_otherMailbox */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x17,/* [3573] OBJ_lastModifiedTime */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x18,/* [3583] OBJ_lastModifiedBy */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1A,/* [3593] OBJ_aRecord */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1B,/* [3603] OBJ_pilotAttributeType27 */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1C,/* [3613] OBJ_mXRecord */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1D,/* [3623] OBJ_nSRecord */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1E,/* [3633] OBJ_sOARecord */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1F,/* [3643] OBJ_cNAMERecord */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x25,/* [3653] OBJ_associatedDomain */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x26,/* [3663] OBJ_associatedName */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x27,/* [3673] OBJ_homePostalAddress */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x28,/* [3683] OBJ_personalTitle */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x29,/* [3693] OBJ_mobileTelephoneNumber */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2A,/* [3703] OBJ_pagerTelephoneNumber */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2B,/* [3713] OBJ_friendlyCountryName */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2D,/* [3723] OBJ_organizationalStatus */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2E,/* [3733] OBJ_janetMailbox */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2F,/* [3743] OBJ_mailPreferenceOption */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x30,/* [3753] OBJ_buildingName */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x31,/* [3763] OBJ_dSAQuality */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x32,/* [3773] OBJ_singleLevelQuality */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x33,/* [3783] OBJ_subtreeMinimumQuality */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x34,/* [3793] OBJ_subtreeMaximumQuality */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x35,/* [3803] OBJ_personalSignature */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x36,/* [3813] OBJ_dITRedirect */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x37,/* [3823] OBJ_audio */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x38,/* [3833] OBJ_documentPublisher */
-0x55,0x04,0x2D,                              /* [3843] OBJ_x500UniqueIdentifier */
-0x2B,0x06,0x01,0x07,0x01,                    /* [3846] OBJ_mime_mhs */
-0x2B,0x06,0x01,0x07,0x01,0x01,               /* [3851] OBJ_mime_mhs_headings */
-0x2B,0x06,0x01,0x07,0x01,0x02,               /* [3857] OBJ_mime_mhs_bodies */
-0x2B,0x06,0x01,0x07,0x01,0x01,0x01,          /* [3863] OBJ_id_hex_partial_message */
-0x2B,0x06,0x01,0x07,0x01,0x01,0x02,          /* [3870] OBJ_id_hex_multipart_message */
-0x55,0x04,0x2C,                              /* [3877] OBJ_generationQualifier */
-0x55,0x04,0x41,                              /* [3880] OBJ_pseudonym */
-0x67,0x2A,                                   /* [3883] OBJ_id_set */
-0x67,0x2A,0x00,                              /* [3885] OBJ_set_ctype */
-0x67,0x2A,0x01,                              /* [3888] OBJ_set_msgExt */
-0x67,0x2A,0x03,                              /* [3891] OBJ_set_attr */
-0x67,0x2A,0x05,                              /* [3894] OBJ_set_policy */
-0x67,0x2A,0x07,                              /* [3897] OBJ_set_certExt */
-0x67,0x2A,0x08,                              /* [3900] OBJ_set_brand */
-0x67,0x2A,0x00,0x00,                         /* [3903] OBJ_setct_PANData */
-0x67,0x2A,0x00,0x01,                         /* [3907] OBJ_setct_PANToken */
-0x67,0x2A,0x00,0x02,                         /* [3911] OBJ_setct_PANOnly */
-0x67,0x2A,0x00,0x03,                         /* [3915] OBJ_setct_OIData */
-0x67,0x2A,0x00,0x04,                         /* [3919] OBJ_setct_PI */
-0x67,0x2A,0x00,0x05,                         /* [3923] OBJ_setct_PIData */
-0x67,0x2A,0x00,0x06,                         /* [3927] OBJ_setct_PIDataUnsigned */
-0x67,0x2A,0x00,0x07,                         /* [3931] OBJ_setct_HODInput */
-0x67,0x2A,0x00,0x08,                         /* [3935] OBJ_setct_AuthResBaggage */
-0x67,0x2A,0x00,0x09,                         /* [3939] OBJ_setct_AuthRevReqBaggage */
-0x67,0x2A,0x00,0x0A,                         /* [3943] OBJ_setct_AuthRevResBaggage */
-0x67,0x2A,0x00,0x0B,                         /* [3947] OBJ_setct_CapTokenSeq */
-0x67,0x2A,0x00,0x0C,                         /* [3951] OBJ_setct_PInitResData */
-0x67,0x2A,0x00,0x0D,                         /* [3955] OBJ_setct_PI_TBS */
-0x67,0x2A,0x00,0x0E,                         /* [3959] OBJ_setct_PResData */
-0x67,0x2A,0x00,0x10,                         /* [3963] OBJ_setct_AuthReqTBS */
-0x67,0x2A,0x00,0x11,                         /* [3967] OBJ_setct_AuthResTBS */
-0x67,0x2A,0x00,0x12,                         /* [3971] OBJ_setct_AuthResTBSX */
-0x67,0x2A,0x00,0x13,                         /* [3975] OBJ_setct_AuthTokenTBS */
-0x67,0x2A,0x00,0x14,                         /* [3979] OBJ_setct_CapTokenData */
-0x67,0x2A,0x00,0x15,                         /* [3983] OBJ_setct_CapTokenTBS */
-0x67,0x2A,0x00,0x16,                         /* [3987] OBJ_setct_AcqCardCodeMsg */
-0x67,0x2A,0x00,0x17,                         /* [3991] OBJ_setct_AuthRevReqTBS */
-0x67,0x2A,0x00,0x18,                         /* [3995] OBJ_setct_AuthRevResData */
-0x67,0x2A,0x00,0x19,                         /* [3999] OBJ_setct_AuthRevResTBS */
-0x67,0x2A,0x00,0x1A,                         /* [4003] OBJ_setct_CapReqTBS */
-0x67,0x2A,0x00,0x1B,                         /* [4007] OBJ_setct_CapReqTBSX */
-0x67,0x2A,0x00,0x1C,                         /* [4011] OBJ_setct_CapResData */
-0x67,0x2A,0x00,0x1D,                         /* [4015] OBJ_setct_CapRevReqTBS */
-0x67,0x2A,0x00,0x1E,                         /* [4019] OBJ_setct_CapRevReqTBSX */
-0x67,0x2A,0x00,0x1F,                         /* [4023] OBJ_setct_CapRevResData */
-0x67,0x2A,0x00,0x20,                         /* [4027] OBJ_setct_CredReqTBS */
-0x67,0x2A,0x00,0x21,                         /* [4031] OBJ_setct_CredReqTBSX */
-0x67,0x2A,0x00,0x22,                         /* [4035] OBJ_setct_CredResData */
-0x67,0x2A,0x00,0x23,                         /* [4039] OBJ_setct_CredRevReqTBS */
-0x67,0x2A,0x00,0x24,                         /* [4043] OBJ_setct_CredRevReqTBSX */
-0x67,0x2A,0x00,0x25,                         /* [4047] OBJ_setct_CredRevResData */
-0x67,0x2A,0x00,0x26,                         /* [4051] OBJ_setct_PCertReqData */
-0x67,0x2A,0x00,0x27,                         /* [4055] OBJ_setct_PCertResTBS */
-0x67,0x2A,0x00,0x28,                         /* [4059] OBJ_setct_BatchAdminReqData */
-0x67,0x2A,0x00,0x29,                         /* [4063] OBJ_setct_BatchAdminResData */
-0x67,0x2A,0x00,0x2A,                         /* [4067] OBJ_setct_CardCInitResTBS */
-0x67,0x2A,0x00,0x2B,                         /* [4071] OBJ_setct_MeAqCInitResTBS */
-0x67,0x2A,0x00,0x2C,                         /* [4075] OBJ_setct_RegFormResTBS */
-0x67,0x2A,0x00,0x2D,                         /* [4079] OBJ_setct_CertReqData */
-0x67,0x2A,0x00,0x2E,                         /* [4083] OBJ_setct_CertReqTBS */
-0x67,0x2A,0x00,0x2F,                         /* [4087] OBJ_setct_CertResData */
-0x67,0x2A,0x00,0x30,                         /* [4091] OBJ_setct_CertInqReqTBS */
-0x67,0x2A,0x00,0x31,                         /* [4095] OBJ_setct_ErrorTBS */
-0x67,0x2A,0x00,0x32,                         /* [4099] OBJ_setct_PIDualSignedTBE */
-0x67,0x2A,0x00,0x33,                         /* [4103] OBJ_setct_PIUnsignedTBE */
-0x67,0x2A,0x00,0x34,                         /* [4107] OBJ_setct_AuthReqTBE */
-0x67,0x2A,0x00,0x35,                         /* [4111] OBJ_setct_AuthResTBE */
-0x67,0x2A,0x00,0x36,                         /* [4115] OBJ_setct_AuthResTBEX */
-0x67,0x2A,0x00,0x37,                         /* [4119] OBJ_setct_AuthTokenTBE */
-0x67,0x2A,0x00,0x38,                         /* [4123] OBJ_setct_CapTokenTBE */
-0x67,0x2A,0x00,0x39,                         /* [4127] OBJ_setct_CapTokenTBEX */
-0x67,0x2A,0x00,0x3A,                         /* [4131] OBJ_setct_AcqCardCodeMsgTBE */
-0x67,0x2A,0x00,0x3B,                         /* [4135] OBJ_setct_AuthRevReqTBE */
-0x67,0x2A,0x00,0x3C,                         /* [4139] OBJ_setct_AuthRevResTBE */
-0x67,0x2A,0x00,0x3D,                         /* [4143] OBJ_setct_AuthRevResTBEB */
-0x67,0x2A,0x00,0x3E,                         /* [4147] OBJ_setct_CapReqTBE */
-0x67,0x2A,0x00,0x3F,                         /* [4151] OBJ_setct_CapReqTBEX */
-0x67,0x2A,0x00,0x40,                         /* [4155] OBJ_setct_CapResTBE */
-0x67,0x2A,0x00,0x41,                         /* [4159] OBJ_setct_CapRevReqTBE */
-0x67,0x2A,0x00,0x42,                         /* [4163] OBJ_setct_CapRevReqTBEX */
-0x67,0x2A,0x00,0x43,                         /* [4167] OBJ_setct_CapRevResTBE */
-0x67,0x2A,0x00,0x44,                         /* [4171] OBJ_setct_CredReqTBE */
-0x67,0x2A,0x00,0x45,                         /* [4175] OBJ_setct_CredReqTBEX */
-0x67,0x2A,0x00,0x46,                         /* [4179] OBJ_setct_CredResTBE */
-0x67,0x2A,0x00,0x47,                         /* [4183] OBJ_setct_CredRevReqTBE */
-0x67,0x2A,0x00,0x48,                         /* [4187] OBJ_setct_CredRevReqTBEX */
-0x67,0x2A,0x00,0x49,                         /* [4191] OBJ_setct_CredRevResTBE */
-0x67,0x2A,0x00,0x4A,                         /* [4195] OBJ_setct_BatchAdminReqTBE */
-0x67,0x2A,0x00,0x4B,                         /* [4199] OBJ_setct_BatchAdminResTBE */
-0x67,0x2A,0x00,0x4C,                         /* [4203] OBJ_setct_RegFormReqTBE */
-0x67,0x2A,0x00,0x4D,                         /* [4207] OBJ_setct_CertReqTBE */
-0x67,0x2A,0x00,0x4E,                         /* [4211] OBJ_setct_CertReqTBEX */
-0x67,0x2A,0x00,0x4F,                         /* [4215] OBJ_setct_CertResTBE */
-0x67,0x2A,0x00,0x50,                         /* [4219] OBJ_setct_CRLNotificationTBS */
-0x67,0x2A,0x00,0x51,                         /* [4223] OBJ_setct_CRLNotificationResTBS */
-0x67,0x2A,0x00,0x52,                         /* [4227] OBJ_setct_BCIDistributionTBS */
-0x67,0x2A,0x01,0x01,                         /* [4231] OBJ_setext_genCrypt */
-0x67,0x2A,0x01,0x03,                         /* [4235] OBJ_setext_miAuth */
-0x67,0x2A,0x01,0x04,                         /* [4239] OBJ_setext_pinSecure */
-0x67,0x2A,0x01,0x05,                         /* [4243] OBJ_setext_pinAny */
-0x67,0x2A,0x01,0x07,                         /* [4247] OBJ_setext_track2 */
-0x67,0x2A,0x01,0x08,                         /* [4251] OBJ_setext_cv */
-0x67,0x2A,0x05,0x00,                         /* [4255] OBJ_set_policy_root */
-0x67,0x2A,0x07,0x00,                         /* [4259] OBJ_setCext_hashedRoot */
-0x67,0x2A,0x07,0x01,                         /* [4263] OBJ_setCext_certType */
-0x67,0x2A,0x07,0x02,                         /* [4267] OBJ_setCext_merchData */
-0x67,0x2A,0x07,0x03,                         /* [4271] OBJ_setCext_cCertRequired */
-0x67,0x2A,0x07,0x04,                         /* [4275] OBJ_setCext_tunneling */
-0x67,0x2A,0x07,0x05,                         /* [4279] OBJ_setCext_setExt */
-0x67,0x2A,0x07,0x06,                         /* [4283] OBJ_setCext_setQualf */
-0x67,0x2A,0x07,0x07,                         /* [4287] OBJ_setCext_PGWYcapabilities */
-0x67,0x2A,0x07,0x08,                         /* [4291] OBJ_setCext_TokenIdentifier */
-0x67,0x2A,0x07,0x09,                         /* [4295] OBJ_setCext_Track2Data */
-0x67,0x2A,0x07,0x0A,                         /* [4299] OBJ_setCext_TokenType */
-0x67,0x2A,0x07,0x0B,                         /* [4303] OBJ_setCext_IssuerCapabilities */
-0x67,0x2A,0x03,0x00,                         /* [4307] OBJ_setAttr_Cert */
-0x67,0x2A,0x03,0x01,                         /* [4311] OBJ_setAttr_PGWYcap */
-0x67,0x2A,0x03,0x02,                         /* [4315] OBJ_setAttr_TokenType */
-0x67,0x2A,0x03,0x03,                         /* [4319] OBJ_setAttr_IssCap */
-0x67,0x2A,0x03,0x00,0x00,                    /* [4323] OBJ_set_rootKeyThumb */
-0x67,0x2A,0x03,0x00,0x01,                    /* [4328] OBJ_set_addPolicy */
-0x67,0x2A,0x03,0x02,0x01,                    /* [4333] OBJ_setAttr_Token_EMV */
-0x67,0x2A,0x03,0x02,0x02,                    /* [4338] OBJ_setAttr_Token_B0Prime */
-0x67,0x2A,0x03,0x03,0x03,                    /* [4343] OBJ_setAttr_IssCap_CVM */
-0x67,0x2A,0x03,0x03,0x04,                    /* [4348] OBJ_setAttr_IssCap_T2 */
-0x67,0x2A,0x03,0x03,0x05,                    /* [4353] OBJ_setAttr_IssCap_Sig */
-0x67,0x2A,0x03,0x03,0x03,0x01,               /* [4358] OBJ_setAttr_GenCryptgrm */
-0x67,0x2A,0x03,0x03,0x04,0x01,               /* [4364] OBJ_setAttr_T2Enc */
-0x67,0x2A,0x03,0x03,0x04,0x02,               /* [4370] OBJ_setAttr_T2cleartxt */
-0x67,0x2A,0x03,0x03,0x05,0x01,               /* [4376] OBJ_setAttr_TokICCsig */
-0x67,0x2A,0x03,0x03,0x05,0x02,               /* [4382] OBJ_setAttr_SecDevSig */
-0x67,0x2A,0x08,0x01,                         /* [4388] OBJ_set_brand_IATA_ATA */
-0x67,0x2A,0x08,0x1E,                         /* [4392] OBJ_set_brand_Diners */
-0x67,0x2A,0x08,0x22,                         /* [4396] OBJ_set_brand_AmericanExpress */
-0x67,0x2A,0x08,0x23,                         /* [4400] OBJ_set_brand_JCB */
-0x67,0x2A,0x08,0x04,                         /* [4404] OBJ_set_brand_Visa */
-0x67,0x2A,0x08,0x05,                         /* [4408] OBJ_set_brand_MasterCard */
-0x67,0x2A,0x08,0xAE,0x7B,                    /* [4412] OBJ_set_brand_Novus */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x0A,     /* [4417] OBJ_des_cdmf */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x06,/* [4425] OBJ_rsaOAEPEncryptionSET */
-0x00,                                        /* [4434] OBJ_itu_t */
-0x50,                                        /* [4435] OBJ_joint_iso_itu_t */
-0x67,                                        /* [4436] OBJ_international_organizations */
-0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x14,0x02,0x02,/* [4437] OBJ_ms_smartcard_login */
-0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x14,0x02,0x03,/* [4447] OBJ_ms_upn */
-0x55,0x04,0x09,                              /* [4457] OBJ_streetAddress */
-0x55,0x04,0x11,                              /* [4460] OBJ_postalCode */
-0x2B,                                        /* [4463] OBJ_identified_organization */
-0x2B,0x81,0x04,                              /* [4464] OBJ_certicom_arc */
-0x67,0x2B,                                   /* [4467] OBJ_wap */
-0x67,0x2B,0x0D,                              /* [4469] OBJ_wap_wsg */
-0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03,     /* [4472] OBJ_X9_62_id_characteristic_two_basis */
-0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03,0x01,/* [4480] OBJ_X9_62_onBasis */
-0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03,0x02,/* [4489] OBJ_X9_62_tpBasis */
-0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03,0x03,/* [4498] OBJ_X9_62_ppBasis */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x01,     /* [4507] OBJ_X9_62_c2pnb163v1 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x02,     /* [4515] OBJ_X9_62_c2pnb163v2 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x03,     /* [4523] OBJ_X9_62_c2pnb163v3 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x04,     /* [4531] OBJ_X9_62_c2pnb176v1 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x05,     /* [4539] OBJ_X9_62_c2tnb191v1 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x06,     /* [4547] OBJ_X9_62_c2tnb191v2 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x07,     /* [4555] OBJ_X9_62_c2tnb191v3 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x08,     /* [4563] OBJ_X9_62_c2onb191v4 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x09,     /* [4571] OBJ_X9_62_c2onb191v5 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0A,     /* [4579] OBJ_X9_62_c2pnb208w1 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0B,     /* [4587] OBJ_X9_62_c2tnb239v1 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0C,     /* [4595] OBJ_X9_62_c2tnb239v2 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0D,     /* [4603] OBJ_X9_62_c2tnb239v3 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0E,     /* [4611] OBJ_X9_62_c2onb239v4 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0F,     /* [4619] OBJ_X9_62_c2onb239v5 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x10,     /* [4627] OBJ_X9_62_c2pnb272w1 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x11,     /* [4635] OBJ_X9_62_c2pnb304w1 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x12,     /* [4643] OBJ_X9_62_c2tnb359v1 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x13,     /* [4651] OBJ_X9_62_c2pnb368w1 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x14,     /* [4659] OBJ_X9_62_c2tnb431r1 */
-0x2B,0x81,0x04,0x00,0x06,                    /* [4667] OBJ_secp112r1 */
-0x2B,0x81,0x04,0x00,0x07,                    /* [4672] OBJ_secp112r2 */
-0x2B,0x81,0x04,0x00,0x1C,                    /* [4677] OBJ_secp128r1 */
-0x2B,0x81,0x04,0x00,0x1D,                    /* [4682] OBJ_secp128r2 */
-0x2B,0x81,0x04,0x00,0x09,                    /* [4687] OBJ_secp160k1 */
-0x2B,0x81,0x04,0x00,0x08,                    /* [4692] OBJ_secp160r1 */
-0x2B,0x81,0x04,0x00,0x1E,                    /* [4697] OBJ_secp160r2 */
-0x2B,0x81,0x04,0x00,0x1F,                    /* [4702] OBJ_secp192k1 */
-0x2B,0x81,0x04,0x00,0x20,                    /* [4707] OBJ_secp224k1 */
-0x2B,0x81,0x04,0x00,0x21,                    /* [4712] OBJ_secp224r1 */
-0x2B,0x81,0x04,0x00,0x0A,                    /* [4717] OBJ_secp256k1 */
-0x2B,0x81,0x04,0x00,0x22,                    /* [4722] OBJ_secp384r1 */
-0x2B,0x81,0x04,0x00,0x23,                    /* [4727] OBJ_secp521r1 */
-0x2B,0x81,0x04,0x00,0x04,                    /* [4732] OBJ_sect113r1 */
-0x2B,0x81,0x04,0x00,0x05,                    /* [4737] OBJ_sect113r2 */
-0x2B,0x81,0x04,0x00,0x16,                    /* [4742] OBJ_sect131r1 */
-0x2B,0x81,0x04,0x00,0x17,                    /* [4747] OBJ_sect131r2 */
-0x2B,0x81,0x04,0x00,0x01,                    /* [4752] OBJ_sect163k1 */
-0x2B,0x81,0x04,0x00,0x02,                    /* [4757] OBJ_sect163r1 */
-0x2B,0x81,0x04,0x00,0x0F,                    /* [4762] OBJ_sect163r2 */
-0x2B,0x81,0x04,0x00,0x18,                    /* [4767] OBJ_sect193r1 */
-0x2B,0x81,0x04,0x00,0x19,                    /* [4772] OBJ_sect193r2 */
-0x2B,0x81,0x04,0x00,0x1A,                    /* [4777] OBJ_sect233k1 */
-0x2B,0x81,0x04,0x00,0x1B,                    /* [4782] OBJ_sect233r1 */
-0x2B,0x81,0x04,0x00,0x03,                    /* [4787] OBJ_sect239k1 */
-0x2B,0x81,0x04,0x00,0x10,                    /* [4792] OBJ_sect283k1 */
-0x2B,0x81,0x04,0x00,0x11,                    /* [4797] OBJ_sect283r1 */
-0x2B,0x81,0x04,0x00,0x24,                    /* [4802] OBJ_sect409k1 */
-0x2B,0x81,0x04,0x00,0x25,                    /* [4807] OBJ_sect409r1 */
-0x2B,0x81,0x04,0x00,0x26,                    /* [4812] OBJ_sect571k1 */
-0x2B,0x81,0x04,0x00,0x27,                    /* [4817] OBJ_sect571r1 */
-0x67,0x2B,0x0D,0x04,0x01,                    /* [4822] OBJ_wap_wsg_idm_ecid_wtls1 */
-0x67,0x2B,0x0D,0x04,0x03,                    /* [4827] OBJ_wap_wsg_idm_ecid_wtls3 */
-0x67,0x2B,0x0D,0x04,0x04,                    /* [4832] OBJ_wap_wsg_idm_ecid_wtls4 */
-0x67,0x2B,0x0D,0x04,0x05,                    /* [4837] OBJ_wap_wsg_idm_ecid_wtls5 */
-0x67,0x2B,0x0D,0x04,0x06,                    /* [4842] OBJ_wap_wsg_idm_ecid_wtls6 */
-0x67,0x2B,0x0D,0x04,0x07,                    /* [4847] OBJ_wap_wsg_idm_ecid_wtls7 */
-0x67,0x2B,0x0D,0x04,0x08,                    /* [4852] OBJ_wap_wsg_idm_ecid_wtls8 */
-0x67,0x2B,0x0D,0x04,0x09,                    /* [4857] OBJ_wap_wsg_idm_ecid_wtls9 */
-0x67,0x2B,0x0D,0x04,0x0A,                    /* [4862] OBJ_wap_wsg_idm_ecid_wtls10 */
-0x67,0x2B,0x0D,0x04,0x0B,                    /* [4867] OBJ_wap_wsg_idm_ecid_wtls11 */
-0x67,0x2B,0x0D,0x04,0x0C,                    /* [4872] OBJ_wap_wsg_idm_ecid_wtls12 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0B,/* [4877] OBJ_sha256WithRSAEncryption */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0C,/* [4886] OBJ_sha384WithRSAEncryption */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0D,/* [4895] OBJ_sha512WithRSAEncryption */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0E,/* [4904] OBJ_sha224WithRSAEncryption */
-0x55,0x1D,0x1E,                              /* [4913] OBJ_name_constraints */
-0x55,0x1D,0x20,0x00,                         /* [4916] OBJ_any_policy */
-0x55,0x1D,0x21,                              /* [4920] OBJ_policy_mappings */
-0x55,0x1D,0x36,                              /* [4923] OBJ_inhibit_any_policy */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x01,/* [4926] OBJ_sha256 */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x02,/* [4935] OBJ_sha384 */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x03,/* [4944] OBJ_sha512 */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x04,/* [4953] OBJ_sha224 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x15,          /* [4962] OBJ_id_ppl */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x0E,     /* [4969] OBJ_proxyCertInfo */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x00,     /* [4977] OBJ_id_ppl_anyLanguage */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x01,     /* [4985] OBJ_id_ppl_inheritAll */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x02,     /* [4993] OBJ_Independent */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x08,/* [623] OBJ_zlib_compression */
+0x55,0x1D,0x25,                              /* [634] OBJ_ext_key_usage */
+0x2B,0x06,0x01,0x05,0x05,0x07,               /* [637] OBJ_id_pkix */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x03,          /* [643] OBJ_id_kp */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x01,     /* [650] OBJ_server_auth */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x02,     /* [658] OBJ_client_auth */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x03,     /* [666] OBJ_code_sign */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x04,     /* [674] OBJ_email_protect */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x08,     /* [682] OBJ_time_stamp */
+0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x02,0x01,0x15,/* [690] OBJ_ms_code_ind */
+0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x02,0x01,0x16,/* [700] OBJ_ms_code_com */
+0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x0A,0x03,0x01,/* [710] OBJ_ms_ctl_sign */
+0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x0A,0x03,0x03,/* [720] OBJ_ms_sgc */
+0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x0A,0x03,0x04,/* [730] OBJ_ms_efs */
+0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x04,0x01,/* [740] OBJ_ns_sgc */
+0x55,0x1D,0x1B,                              /* [749] OBJ_delta_crl */
+0x55,0x1D,0x15,                              /* [752] OBJ_crl_reason */
+0x55,0x1D,0x18,                              /* [755] OBJ_invalidity_date */
+0x2B,0x65,0x01,0x04,0x01,                    /* [758] OBJ_sxnet */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x01,/* [763] OBJ_pbe_WithSHA1And128BitRC4 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x02,/* [773] OBJ_pbe_WithSHA1And40BitRC4 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x03,/* [783] OBJ_pbe_WithSHA1And3_Key_TripleDES_CBC */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x04,/* [793] OBJ_pbe_WithSHA1And2_Key_TripleDES_CBC */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x05,/* [803] OBJ_pbe_WithSHA1And128BitRC2_CBC */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x06,/* [813] OBJ_pbe_WithSHA1And40BitRC2_CBC */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x01,/* [823] OBJ_keyBag */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x02,/* [834] OBJ_pkcs8ShroudedKeyBag */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x03,/* [845] OBJ_certBag */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x04,/* [856] OBJ_crlBag */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x05,/* [867] OBJ_secretBag */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x06,/* [878] OBJ_safeContentsBag */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x14,/* [889] OBJ_friendlyName */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x15,/* [898] OBJ_localKeyID */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x16,0x01,/* [907] OBJ_x509Certificate */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x16,0x02,/* [917] OBJ_sdsiCertificate */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x17,0x01,/* [927] OBJ_x509Crl */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0D,/* [937] OBJ_pbes2 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0E,/* [946] OBJ_pbmac1 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x07,     /* [955] OBJ_hmacWithSHA1 */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x01,     /* [963] OBJ_id_qt_cps */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x02,     /* [971] OBJ_id_qt_unotice */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x0F,/* [979] OBJ_SMIMECapabilities */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x04,/* [988] OBJ_pbeWithMD2AndRC2_CBC */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x06,/* [997] OBJ_pbeWithMD5AndRC2_CBC */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0A,/* [1006] OBJ_pbeWithSHA1AndDES_CBC */
+0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x02,0x01,0x0E,/* [1015] OBJ_ms_ext_req */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x0E,/* [1025] OBJ_ext_req */
+0x55,0x04,0x29,                              /* [1034] OBJ_name */
+0x55,0x04,0x2E,                              /* [1037] OBJ_dnQualifier */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x01,          /* [1040] OBJ_id_pe */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x30,          /* [1047] OBJ_id_ad */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x01,     /* [1054] OBJ_info_access */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,     /* [1062] OBJ_ad_OCSP */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x02,     /* [1070] OBJ_ad_ca_issuers */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x09,     /* [1078] OBJ_OCSP_sign */
+0x28,                                        /* [1086] OBJ_iso */
+0x2A,                                        /* [1087] OBJ_member_body */
+0x2A,0x86,0x48,                              /* [1088] OBJ_ISO_US */
+0x2A,0x86,0x48,0xCE,0x38,                    /* [1091] OBJ_X9_57 */
+0x2A,0x86,0x48,0xCE,0x38,0x04,               /* [1096] OBJ_X9cm */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,     /* [1102] OBJ_pkcs1 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,     /* [1110] OBJ_pkcs5 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,/* [1118] OBJ_SMIME */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,/* [1127] OBJ_id_smime_mod */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,/* [1137] OBJ_id_smime_ct */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,/* [1147] OBJ_id_smime_aa */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,/* [1157] OBJ_id_smime_alg */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x04,/* [1167] OBJ_id_smime_cd */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x05,/* [1177] OBJ_id_smime_spq */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,/* [1187] OBJ_id_smime_cti */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x01,/* [1197] OBJ_id_smime_mod_cms */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x02,/* [1208] OBJ_id_smime_mod_ess */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x03,/* [1219] OBJ_id_smime_mod_oid */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x04,/* [1230] OBJ_id_smime_mod_msg_v3 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x05,/* [1241] OBJ_id_smime_mod_ets_eSignature_88 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x06,/* [1252] OBJ_id_smime_mod_ets_eSignature_97 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x07,/* [1263] OBJ_id_smime_mod_ets_eSigPolicy_88 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x08,/* [1274] OBJ_id_smime_mod_ets_eSigPolicy_97 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x01,/* [1285] OBJ_id_smime_ct_receipt */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x02,/* [1296] OBJ_id_smime_ct_authData */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x03,/* [1307] OBJ_id_smime_ct_publishCert */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x04,/* [1318] OBJ_id_smime_ct_TSTInfo */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x05,/* [1329] OBJ_id_smime_ct_TDTInfo */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x06,/* [1340] OBJ_id_smime_ct_contentInfo */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x07,/* [1351] OBJ_id_smime_ct_DVCSRequestData */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x08,/* [1362] OBJ_id_smime_ct_DVCSResponseData */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x01,/* [1373] OBJ_id_smime_aa_receiptRequest */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x02,/* [1384] OBJ_id_smime_aa_securityLabel */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x03,/* [1395] OBJ_id_smime_aa_mlExpandHistory */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x04,/* [1406] OBJ_id_smime_aa_contentHint */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x05,/* [1417] OBJ_id_smime_aa_msgSigDigest */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x06,/* [1428] OBJ_id_smime_aa_encapContentType */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x07,/* [1439] OBJ_id_smime_aa_contentIdentifier */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x08,/* [1450] OBJ_id_smime_aa_macValue */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x09,/* [1461] OBJ_id_smime_aa_equivalentLabels */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0A,/* [1472] OBJ_id_smime_aa_contentReference */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0B,/* [1483] OBJ_id_smime_aa_encrypKeyPref */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0C,/* [1494] OBJ_id_smime_aa_signingCertificate */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0D,/* [1505] OBJ_id_smime_aa_smimeEncryptCerts */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0E,/* [1516] OBJ_id_smime_aa_timeStampToken */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0F,/* [1527] OBJ_id_smime_aa_ets_sigPolicyId */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x10,/* [1538] OBJ_id_smime_aa_ets_commitmentType */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x11,/* [1549] OBJ_id_smime_aa_ets_signerLocation */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x12,/* [1560] OBJ_id_smime_aa_ets_signerAttr */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x13,/* [1571] OBJ_id_smime_aa_ets_otherSigCert */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x14,/* [1582] OBJ_id_smime_aa_ets_contentTimestamp */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x15,/* [1593] OBJ_id_smime_aa_ets_CertificateRefs */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x16,/* [1604] OBJ_id_smime_aa_ets_RevocationRefs */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x17,/* [1615] OBJ_id_smime_aa_ets_certValues */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x18,/* [1626] OBJ_id_smime_aa_ets_revocationValues */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x19,/* [1637] OBJ_id_smime_aa_ets_escTimeStamp */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1A,/* [1648] OBJ_id_smime_aa_ets_certCRLTimestamp */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1B,/* [1659] OBJ_id_smime_aa_ets_archiveTimeStamp */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1C,/* [1670] OBJ_id_smime_aa_signatureType */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1D,/* [1681] OBJ_id_smime_aa_dvcs_dvc */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x01,/* [1692] OBJ_id_smime_alg_ESDHwith3DES */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x02,/* [1703] OBJ_id_smime_alg_ESDHwithRC2 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x03,/* [1714] OBJ_id_smime_alg_3DESwrap */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x04,/* [1725] OBJ_id_smime_alg_RC2wrap */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x05,/* [1736] OBJ_id_smime_alg_ESDH */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x06,/* [1747] OBJ_id_smime_alg_CMS3DESwrap */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x07,/* [1758] OBJ_id_smime_alg_CMSRC2wrap */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x04,0x01,/* [1769] OBJ_id_smime_cd_ldap */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x05,0x01,/* [1780] OBJ_id_smime_spq_ets_sqt_uri */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x05,0x02,/* [1791] OBJ_id_smime_spq_ets_sqt_unotice */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x01,/* [1802] OBJ_id_smime_cti_ets_proofOfOrigin */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x02,/* [1813] OBJ_id_smime_cti_ets_proofOfReceipt */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x03,/* [1824] OBJ_id_smime_cti_ets_proofOfDelivery */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x04,/* [1835] OBJ_id_smime_cti_ets_proofOfSender */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x05,/* [1846] OBJ_id_smime_cti_ets_proofOfApproval */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x06,/* [1857] OBJ_id_smime_cti_ets_proofOfCreation */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x04,     /* [1868] OBJ_md4 */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x00,          /* [1876] OBJ_id_pkix_mod */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x02,          /* [1883] OBJ_id_qt */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x04,          /* [1890] OBJ_id_it */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x05,          /* [1897] OBJ_id_pkip */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x06,          /* [1904] OBJ_id_alg */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x07,          /* [1911] OBJ_id_cmc */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x08,          /* [1918] OBJ_id_on */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x09,          /* [1925] OBJ_id_pda */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,          /* [1932] OBJ_id_aca */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x0B,          /* [1939] OBJ_id_qcs */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x0C,          /* [1946] OBJ_id_cct */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x01,     /* [1953] OBJ_id_pkix1_explicit_88 */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x02,     /* [1961] OBJ_id_pkix1_implicit_88 */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x03,     /* [1969] OBJ_id_pkix1_explicit_93 */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x04,     /* [1977] OBJ_id_pkix1_implicit_93 */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x05,     /* [1985] OBJ_id_mod_crmf */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x06,     /* [1993] OBJ_id_mod_cmc */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x07,     /* [2001] OBJ_id_mod_kea_profile_88 */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x08,     /* [2009] OBJ_id_mod_kea_profile_93 */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x09,     /* [2017] OBJ_id_mod_cmp */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0A,     /* [2025] OBJ_id_mod_qualified_cert_88 */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0B,     /* [2033] OBJ_id_mod_qualified_cert_93 */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0C,     /* [2041] OBJ_id_mod_attribute_cert */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0D,     /* [2049] OBJ_id_mod_timestamp_protocol */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0E,     /* [2057] OBJ_id_mod_ocsp */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0F,     /* [2065] OBJ_id_mod_dvcs */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x10,     /* [2073] OBJ_id_mod_cmp2000 */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x02,     /* [2081] OBJ_biometricInfo */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x03,     /* [2089] OBJ_qcStatements */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x04,     /* [2097] OBJ_ac_auditEntity */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x05,     /* [2105] OBJ_ac_targeting */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x06,     /* [2113] OBJ_aaControls */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x07,     /* [2121] OBJ_sbgp_ipAddrBlock */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x08,     /* [2129] OBJ_sbgp_autonomousSysNum */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x09,     /* [2137] OBJ_sbgp_routerIdentifier */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x03,     /* [2145] OBJ_textNotice */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x05,     /* [2153] OBJ_ipsecEndSystem */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x06,     /* [2161] OBJ_ipsecTunnel */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x07,     /* [2169] OBJ_ipsecUser */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x0A,     /* [2177] OBJ_dvcs */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x01,     /* [2185] OBJ_id_it_caProtEncCert */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x02,     /* [2193] OBJ_id_it_signKeyPairTypes */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x03,     /* [2201] OBJ_id_it_encKeyPairTypes */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x04,     /* [2209] OBJ_id_it_preferredSymmAlg */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x05,     /* [2217] OBJ_id_it_caKeyUpdateInfo */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x06,     /* [2225] OBJ_id_it_currentCRL */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x07,     /* [2233] OBJ_id_it_unsupportedOIDs */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x08,     /* [2241] OBJ_id_it_subscriptionRequest */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x09,     /* [2249] OBJ_id_it_subscriptionResponse */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0A,     /* [2257] OBJ_id_it_keyPairParamReq */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0B,     /* [2265] OBJ_id_it_keyPairParamRep */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0C,     /* [2273] OBJ_id_it_revPassphrase */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0D,     /* [2281] OBJ_id_it_implicitConfirm */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0E,     /* [2289] OBJ_id_it_confirmWaitTime */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0F,     /* [2297] OBJ_id_it_origPKIMessage */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,     /* [2305] OBJ_id_regCtrl */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x02,     /* [2313] OBJ_id_regInfo */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x01,/* [2321] OBJ_id_regCtrl_regToken */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x02,/* [2330] OBJ_id_regCtrl_authenticator */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x03,/* [2339] OBJ_id_regCtrl_pkiPublicationInfo */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x04,/* [2348] OBJ_id_regCtrl_pkiArchiveOptions */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x05,/* [2357] OBJ_id_regCtrl_oldCertID */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x06,/* [2366] OBJ_id_regCtrl_protocolEncrKey */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x02,0x01,/* [2375] OBJ_id_regInfo_utf8Pairs */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x02,0x02,/* [2384] OBJ_id_regInfo_certReq */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x01,     /* [2393] OBJ_id_alg_des40 */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x02,     /* [2401] OBJ_id_alg_noSignature */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x03,     /* [2409] OBJ_id_alg_dh_sig_hmac_sha1 */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x04,     /* [2417] OBJ_id_alg_dh_pop */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x01,     /* [2425] OBJ_id_cmc_statusInfo */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x02,     /* [2433] OBJ_id_cmc_identification */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x03,     /* [2441] OBJ_id_cmc_identityProof */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x04,     /* [2449] OBJ_id_cmc_dataReturn */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x05,     /* [2457] OBJ_id_cmc_transactionId */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x06,     /* [2465] OBJ_id_cmc_senderNonce */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x07,     /* [2473] OBJ_id_cmc_recipientNonce */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x08,     /* [2481] OBJ_id_cmc_addExtensions */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x09,     /* [2489] OBJ_id_cmc_encryptedPOP */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x0A,     /* [2497] OBJ_id_cmc_decryptedPOP */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x0B,     /* [2505] OBJ_id_cmc_lraPOPWitness */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x0F,     /* [2513] OBJ_id_cmc_getCert */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x10,     /* [2521] OBJ_id_cmc_getCRL */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x11,     /* [2529] OBJ_id_cmc_revokeRequest */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x12,     /* [2537] OBJ_id_cmc_regInfo */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x13,     /* [2545] OBJ_id_cmc_responseInfo */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x15,     /* [2553] OBJ_id_cmc_queryPending */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x16,     /* [2561] OBJ_id_cmc_popLinkRandom */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x17,     /* [2569] OBJ_id_cmc_popLinkWitness */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x18,     /* [2577] OBJ_id_cmc_confirmCertAcceptance */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x08,0x01,     /* [2585] OBJ_id_on_personalData */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x01,     /* [2593] OBJ_id_pda_dateOfBirth */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x02,     /* [2601] OBJ_id_pda_placeOfBirth */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x03,     /* [2609] OBJ_id_pda_gender */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x04,     /* [2617] OBJ_id_pda_countryOfCitizenship */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x05,     /* [2625] OBJ_id_pda_countryOfResidence */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x01,     /* [2633] OBJ_id_aca_authenticationInfo */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x02,     /* [2641] OBJ_id_aca_accessIdentity */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x03,     /* [2649] OBJ_id_aca_chargingIdentity */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x04,     /* [2657] OBJ_id_aca_group */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x05,     /* [2665] OBJ_id_aca_role */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x0B,0x01,     /* [2673] OBJ_id_qcs_pkixQCSyntax_v1 */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x0C,0x01,     /* [2681] OBJ_id_cct_crs */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x0C,0x02,     /* [2689] OBJ_id_cct_PKIData */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x0C,0x03,     /* [2697] OBJ_id_cct_PKIResponse */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x03,     /* [2705] OBJ_ad_timeStamping */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x04,     /* [2713] OBJ_ad_dvcs */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x01,/* [2721] OBJ_id_pkix_OCSP_basic */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x02,/* [2730] OBJ_id_pkix_OCSP_Nonce */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x03,/* [2739] OBJ_id_pkix_OCSP_CrlID */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x04,/* [2748] OBJ_id_pkix_OCSP_acceptableResponses */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x05,/* [2757] OBJ_id_pkix_OCSP_noCheck */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x06,/* [2766] OBJ_id_pkix_OCSP_archiveCutoff */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x07,/* [2775] OBJ_id_pkix_OCSP_serviceLocator */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x08,/* [2784] OBJ_id_pkix_OCSP_extendedStatus */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x09,/* [2793] OBJ_id_pkix_OCSP_valid */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x0A,/* [2802] OBJ_id_pkix_OCSP_path */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x0B,/* [2811] OBJ_id_pkix_OCSP_trustRoot */
+0x2B,0x0E,0x03,0x02,                         /* [2820] OBJ_algorithm */
+0x2B,0x0E,0x03,0x02,0x0B,                    /* [2824] OBJ_rsaSignature */
+0x55,0x08,                                   /* [2829] OBJ_X500algorithms */
+0x2B,                                        /* [2831] OBJ_org */
+0x2B,0x06,                                   /* [2832] OBJ_dod */
+0x2B,0x06,0x01,                              /* [2834] OBJ_iana */
+0x2B,0x06,0x01,0x01,                         /* [2837] OBJ_Directory */
+0x2B,0x06,0x01,0x02,                         /* [2841] OBJ_Management */
+0x2B,0x06,0x01,0x03,                         /* [2845] OBJ_Experimental */
+0x2B,0x06,0x01,0x04,                         /* [2849] OBJ_Private */
+0x2B,0x06,0x01,0x05,                         /* [2853] OBJ_Security */
+0x2B,0x06,0x01,0x06,                         /* [2857] OBJ_SNMPv2 */
+0x2B,0x06,0x01,0x07,                         /* [2861] OBJ_Mail */
+0x2B,0x06,0x01,0x04,0x01,                    /* [2865] OBJ_Enterprises */
+0x2B,0x06,0x01,0x04,0x01,0x8B,0x3A,0x82,0x58,/* [2870] OBJ_dcObject */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x19,/* [2879] OBJ_domainComponent */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x0D,/* [2889] OBJ_Domain */
+0x00,                                        /* [2899] OBJ_joint_iso_ccitt */
+0x55,0x01,0x05,                              /* [2900] OBJ_selected_attribute_types */
+0x55,0x01,0x05,0x37,                         /* [2903] OBJ_clearance */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x03,/* [2907] OBJ_md4WithRSAEncryption */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x0A,     /* [2916] OBJ_ac_proxying */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x0B,     /* [2924] OBJ_sinfo_access */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x06,     /* [2932] OBJ_id_aca_encAttrs */
+0x55,0x04,0x48,                              /* [2940] OBJ_role */
+0x55,0x1D,0x24,                              /* [2943] OBJ_policy_constraints */
+0x55,0x1D,0x37,                              /* [2946] OBJ_target_information */
+0x55,0x1D,0x38,                              /* [2949] OBJ_no_rev_avail */
+0x00,                                        /* [2952] OBJ_ccitt */
+0x2A,0x86,0x48,0xCE,0x3D,                    /* [2953] OBJ_ansi_X9_62 */
+0x2A,0x86,0x48,0xCE,0x3D,0x01,0x01,          /* [2958] OBJ_X9_62_prime_field */
+0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,          /* [2965] OBJ_X9_62_characteristic_two_field */
+0x2A,0x86,0x48,0xCE,0x3D,0x02,0x01,          /* [2972] OBJ_X9_62_id_ecPublicKey */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x01,     /* [2979] OBJ_X9_62_prime192v1 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x02,     /* [2987] OBJ_X9_62_prime192v2 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x03,     /* [2995] OBJ_X9_62_prime192v3 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x04,     /* [3003] OBJ_X9_62_prime239v1 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x05,     /* [3011] OBJ_X9_62_prime239v2 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x06,     /* [3019] OBJ_X9_62_prime239v3 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x07,     /* [3027] OBJ_X9_62_prime256v1 */
+0x2A,0x86,0x48,0xCE,0x3D,0x04,0x01,          /* [3035] OBJ_ecdsa_with_SHA1 */
+0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x11,0x01,/* [3042] OBJ_ms_csp_name */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x01,/* [3051] OBJ_aes_128_ecb */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x02,/* [3060] OBJ_aes_128_cbc */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x03,/* [3069] OBJ_aes_128_ofb128 */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x04,/* [3078] OBJ_aes_128_cfb128 */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x15,/* [3087] OBJ_aes_192_ecb */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x16,/* [3096] OBJ_aes_192_cbc */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x17,/* [3105] OBJ_aes_192_ofb128 */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x18,/* [3114] OBJ_aes_192_cfb128 */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x29,/* [3123] OBJ_aes_256_ecb */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2A,/* [3132] OBJ_aes_256_cbc */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2B,/* [3141] OBJ_aes_256_ofb128 */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2C,/* [3150] OBJ_aes_256_cfb128 */
+0x55,0x1D,0x17,                              /* [3159] OBJ_hold_instruction_code */
+0x2A,0x86,0x48,0xCE,0x38,0x02,0x01,          /* [3162] OBJ_hold_instruction_none */
+0x2A,0x86,0x48,0xCE,0x38,0x02,0x02,          /* [3169] OBJ_hold_instruction_call_issuer */
+0x2A,0x86,0x48,0xCE,0x38,0x02,0x03,          /* [3176] OBJ_hold_instruction_reject */
+0x09,                                        /* [3183] OBJ_data */
+0x09,0x92,0x26,                              /* [3184] OBJ_pss */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,          /* [3187] OBJ_ucl */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,     /* [3194] OBJ_pilot */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,/* [3202] OBJ_pilotAttributeType */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x03,/* [3211] OBJ_pilotAttributeSyntax */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,/* [3220] OBJ_pilotObjectClass */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x0A,/* [3229] OBJ_pilotGroups */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x03,0x04,/* [3238] OBJ_iA5StringSyntax */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x03,0x05,/* [3248] OBJ_caseIgnoreIA5StringSyntax */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x03,/* [3258] OBJ_pilotObject */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x04,/* [3268] OBJ_pilotPerson */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x05,/* [3278] OBJ_account */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x06,/* [3288] OBJ_document */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x07,/* [3298] OBJ_room */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x09,/* [3308] OBJ_documentSeries */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x0E,/* [3318] OBJ_rFC822localPart */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x0F,/* [3328] OBJ_dNSDomain */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x11,/* [3338] OBJ_domainRelatedObject */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x12,/* [3348] OBJ_friendlyCountry */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x13,/* [3358] OBJ_simpleSecurityObject */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x14,/* [3368] OBJ_pilotOrganization */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x15,/* [3378] OBJ_pilotDSA */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x16,/* [3388] OBJ_qualityLabelledData */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x01,/* [3398] OBJ_userId */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x02,/* [3408] OBJ_textEncodedORAddress */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x03,/* [3418] OBJ_rfc822Mailbox */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x04,/* [3428] OBJ_info */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x05,/* [3438] OBJ_favouriteDrink */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x06,/* [3448] OBJ_roomNumber */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x07,/* [3458] OBJ_photo */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x08,/* [3468] OBJ_userClass */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x09,/* [3478] OBJ_host */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0A,/* [3488] OBJ_manager */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0B,/* [3498] OBJ_documentIdentifier */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0C,/* [3508] OBJ_documentTitle */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0D,/* [3518] OBJ_documentVersion */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0E,/* [3528] OBJ_documentAuthor */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0F,/* [3538] OBJ_documentLocation */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x14,/* [3548] OBJ_homeTelephoneNumber */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x15,/* [3558] OBJ_secretary */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x16,/* [3568] OBJ_otherMailbox */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x17,/* [3578] OBJ_lastModifiedTime */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x18,/* [3588] OBJ_lastModifiedBy */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1A,/* [3598] OBJ_aRecord */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1B,/* [3608] OBJ_pilotAttributeType27 */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1C,/* [3618] OBJ_mXRecord */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1D,/* [3628] OBJ_nSRecord */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1E,/* [3638] OBJ_sOARecord */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1F,/* [3648] OBJ_cNAMERecord */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x25,/* [3658] OBJ_associatedDomain */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x26,/* [3668] OBJ_associatedName */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x27,/* [3678] OBJ_homePostalAddress */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x28,/* [3688] OBJ_personalTitle */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x29,/* [3698] OBJ_mobileTelephoneNumber */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2A,/* [3708] OBJ_pagerTelephoneNumber */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2B,/* [3718] OBJ_friendlyCountryName */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2D,/* [3728] OBJ_organizationalStatus */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2E,/* [3738] OBJ_janetMailbox */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2F,/* [3748] OBJ_mailPreferenceOption */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x30,/* [3758] OBJ_buildingName */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x31,/* [3768] OBJ_dSAQuality */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x32,/* [3778] OBJ_singleLevelQuality */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x33,/* [3788] OBJ_subtreeMinimumQuality */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x34,/* [3798] OBJ_subtreeMaximumQuality */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x35,/* [3808] OBJ_personalSignature */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x36,/* [3818] OBJ_dITRedirect */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x37,/* [3828] OBJ_audio */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x38,/* [3838] OBJ_documentPublisher */
+0x55,0x04,0x2D,                              /* [3848] OBJ_x500UniqueIdentifier */
+0x2B,0x06,0x01,0x07,0x01,                    /* [3851] OBJ_mime_mhs */
+0x2B,0x06,0x01,0x07,0x01,0x01,               /* [3856] OBJ_mime_mhs_headings */
+0x2B,0x06,0x01,0x07,0x01,0x02,               /* [3862] OBJ_mime_mhs_bodies */
+0x2B,0x06,0x01,0x07,0x01,0x01,0x01,          /* [3868] OBJ_id_hex_partial_message */
+0x2B,0x06,0x01,0x07,0x01,0x01,0x02,          /* [3875] OBJ_id_hex_multipart_message */
+0x55,0x04,0x2C,                              /* [3882] OBJ_generationQualifier */
+0x55,0x04,0x41,                              /* [3885] OBJ_pseudonym */
+0x67,0x2A,                                   /* [3888] OBJ_id_set */
+0x67,0x2A,0x00,                              /* [3890] OBJ_set_ctype */
+0x67,0x2A,0x01,                              /* [3893] OBJ_set_msgExt */
+0x67,0x2A,0x03,                              /* [3896] OBJ_set_attr */
+0x67,0x2A,0x05,                              /* [3899] OBJ_set_policy */
+0x67,0x2A,0x07,                              /* [3902] OBJ_set_certExt */
+0x67,0x2A,0x08,                              /* [3905] OBJ_set_brand */
+0x67,0x2A,0x00,0x00,                         /* [3908] OBJ_setct_PANData */
+0x67,0x2A,0x00,0x01,                         /* [3912] OBJ_setct_PANToken */
+0x67,0x2A,0x00,0x02,                         /* [3916] OBJ_setct_PANOnly */
+0x67,0x2A,0x00,0x03,                         /* [3920] OBJ_setct_OIData */
+0x67,0x2A,0x00,0x04,                         /* [3924] OBJ_setct_PI */
+0x67,0x2A,0x00,0x05,                         /* [3928] OBJ_setct_PIData */
+0x67,0x2A,0x00,0x06,                         /* [3932] OBJ_setct_PIDataUnsigned */
+0x67,0x2A,0x00,0x07,                         /* [3936] OBJ_setct_HODInput */
+0x67,0x2A,0x00,0x08,                         /* [3940] OBJ_setct_AuthResBaggage */
+0x67,0x2A,0x00,0x09,                         /* [3944] OBJ_setct_AuthRevReqBaggage */
+0x67,0x2A,0x00,0x0A,                         /* [3948] OBJ_setct_AuthRevResBaggage */
+0x67,0x2A,0x00,0x0B,                         /* [3952] OBJ_setct_CapTokenSeq */
+0x67,0x2A,0x00,0x0C,                         /* [3956] OBJ_setct_PInitResData */
+0x67,0x2A,0x00,0x0D,                         /* [3960] OBJ_setct_PI_TBS */
+0x67,0x2A,0x00,0x0E,                         /* [3964] OBJ_setct_PResData */
+0x67,0x2A,0x00,0x10,                         /* [3968] OBJ_setct_AuthReqTBS */
+0x67,0x2A,0x00,0x11,                         /* [3972] OBJ_setct_AuthResTBS */
+0x67,0x2A,0x00,0x12,                         /* [3976] OBJ_setct_AuthResTBSX */
+0x67,0x2A,0x00,0x13,                         /* [3980] OBJ_setct_AuthTokenTBS */
+0x67,0x2A,0x00,0x14,                         /* [3984] OBJ_setct_CapTokenData */
+0x67,0x2A,0x00,0x15,                         /* [3988] OBJ_setct_CapTokenTBS */
+0x67,0x2A,0x00,0x16,                         /* [3992] OBJ_setct_AcqCardCodeMsg */
+0x67,0x2A,0x00,0x17,                         /* [3996] OBJ_setct_AuthRevReqTBS */
+0x67,0x2A,0x00,0x18,                         /* [4000] OBJ_setct_AuthRevResData */
+0x67,0x2A,0x00,0x19,                         /* [4004] OBJ_setct_AuthRevResTBS */
+0x67,0x2A,0x00,0x1A,                         /* [4008] OBJ_setct_CapReqTBS */
+0x67,0x2A,0x00,0x1B,                         /* [4012] OBJ_setct_CapReqTBSX */
+0x67,0x2A,0x00,0x1C,                         /* [4016] OBJ_setct_CapResData */
+0x67,0x2A,0x00,0x1D,                         /* [4020] OBJ_setct_CapRevReqTBS */
+0x67,0x2A,0x00,0x1E,                         /* [4024] OBJ_setct_CapRevReqTBSX */
+0x67,0x2A,0x00,0x1F,                         /* [4028] OBJ_setct_CapRevResData */
+0x67,0x2A,0x00,0x20,                         /* [4032] OBJ_setct_CredReqTBS */
+0x67,0x2A,0x00,0x21,                         /* [4036] OBJ_setct_CredReqTBSX */
+0x67,0x2A,0x00,0x22,                         /* [4040] OBJ_setct_CredResData */
+0x67,0x2A,0x00,0x23,                         /* [4044] OBJ_setct_CredRevReqTBS */
+0x67,0x2A,0x00,0x24,                         /* [4048] OBJ_setct_CredRevReqTBSX */
+0x67,0x2A,0x00,0x25,                         /* [4052] OBJ_setct_CredRevResData */
+0x67,0x2A,0x00,0x26,                         /* [4056] OBJ_setct_PCertReqData */
+0x67,0x2A,0x00,0x27,                         /* [4060] OBJ_setct_PCertResTBS */
+0x67,0x2A,0x00,0x28,                         /* [4064] OBJ_setct_BatchAdminReqData */
+0x67,0x2A,0x00,0x29,                         /* [4068] OBJ_setct_BatchAdminResData */
+0x67,0x2A,0x00,0x2A,                         /* [4072] OBJ_setct_CardCInitResTBS */
+0x67,0x2A,0x00,0x2B,                         /* [4076] OBJ_setct_MeAqCInitResTBS */
+0x67,0x2A,0x00,0x2C,                         /* [4080] OBJ_setct_RegFormResTBS */
+0x67,0x2A,0x00,0x2D,                         /* [4084] OBJ_setct_CertReqData */
+0x67,0x2A,0x00,0x2E,                         /* [4088] OBJ_setct_CertReqTBS */
+0x67,0x2A,0x00,0x2F,                         /* [4092] OBJ_setct_CertResData */
+0x67,0x2A,0x00,0x30,                         /* [4096] OBJ_setct_CertInqReqTBS */
+0x67,0x2A,0x00,0x31,                         /* [4100] OBJ_setct_ErrorTBS */
+0x67,0x2A,0x00,0x32,                         /* [4104] OBJ_setct_PIDualSignedTBE */
+0x67,0x2A,0x00,0x33,                         /* [4108] OBJ_setct_PIUnsignedTBE */
+0x67,0x2A,0x00,0x34,                         /* [4112] OBJ_setct_AuthReqTBE */
+0x67,0x2A,0x00,0x35,                         /* [4116] OBJ_setct_AuthResTBE */
+0x67,0x2A,0x00,0x36,                         /* [4120] OBJ_setct_AuthResTBEX */
+0x67,0x2A,0x00,0x37,                         /* [4124] OBJ_setct_AuthTokenTBE */
+0x67,0x2A,0x00,0x38,                         /* [4128] OBJ_setct_CapTokenTBE */
+0x67,0x2A,0x00,0x39,                         /* [4132] OBJ_setct_CapTokenTBEX */
+0x67,0x2A,0x00,0x3A,                         /* [4136] OBJ_setct_AcqCardCodeMsgTBE */
+0x67,0x2A,0x00,0x3B,                         /* [4140] OBJ_setct_AuthRevReqTBE */
+0x67,0x2A,0x00,0x3C,                         /* [4144] OBJ_setct_AuthRevResTBE */
+0x67,0x2A,0x00,0x3D,                         /* [4148] OBJ_setct_AuthRevResTBEB */
+0x67,0x2A,0x00,0x3E,                         /* [4152] OBJ_setct_CapReqTBE */
+0x67,0x2A,0x00,0x3F,                         /* [4156] OBJ_setct_CapReqTBEX */
+0x67,0x2A,0x00,0x40,                         /* [4160] OBJ_setct_CapResTBE */
+0x67,0x2A,0x00,0x41,                         /* [4164] OBJ_setct_CapRevReqTBE */
+0x67,0x2A,0x00,0x42,                         /* [4168] OBJ_setct_CapRevReqTBEX */
+0x67,0x2A,0x00,0x43,                         /* [4172] OBJ_setct_CapRevResTBE */
+0x67,0x2A,0x00,0x44,                         /* [4176] OBJ_setct_CredReqTBE */
+0x67,0x2A,0x00,0x45,                         /* [4180] OBJ_setct_CredReqTBEX */
+0x67,0x2A,0x00,0x46,                         /* [4184] OBJ_setct_CredResTBE */
+0x67,0x2A,0x00,0x47,                         /* [4188] OBJ_setct_CredRevReqTBE */
+0x67,0x2A,0x00,0x48,                         /* [4192] OBJ_setct_CredRevReqTBEX */
+0x67,0x2A,0x00,0x49,                         /* [4196] OBJ_setct_CredRevResTBE */
+0x67,0x2A,0x00,0x4A,                         /* [4200] OBJ_setct_BatchAdminReqTBE */
+0x67,0x2A,0x00,0x4B,                         /* [4204] OBJ_setct_BatchAdminResTBE */
+0x67,0x2A,0x00,0x4C,                         /* [4208] OBJ_setct_RegFormReqTBE */
+0x67,0x2A,0x00,0x4D,                         /* [4212] OBJ_setct_CertReqTBE */
+0x67,0x2A,0x00,0x4E,                         /* [4216] OBJ_setct_CertReqTBEX */
+0x67,0x2A,0x00,0x4F,                         /* [4220] OBJ_setct_CertResTBE */
+0x67,0x2A,0x00,0x50,                         /* [4224] OBJ_setct_CRLNotificationTBS */
+0x67,0x2A,0x00,0x51,                         /* [4228] OBJ_setct_CRLNotificationResTBS */
+0x67,0x2A,0x00,0x52,                         /* [4232] OBJ_setct_BCIDistributionTBS */
+0x67,0x2A,0x01,0x01,                         /* [4236] OBJ_setext_genCrypt */
+0x67,0x2A,0x01,0x03,                         /* [4240] OBJ_setext_miAuth */
+0x67,0x2A,0x01,0x04,                         /* [4244] OBJ_setext_pinSecure */
+0x67,0x2A,0x01,0x05,                         /* [4248] OBJ_setext_pinAny */
+0x67,0x2A,0x01,0x07,                         /* [4252] OBJ_setext_track2 */
+0x67,0x2A,0x01,0x08,                         /* [4256] OBJ_setext_cv */
+0x67,0x2A,0x05,0x00,                         /* [4260] OBJ_set_policy_root */
+0x67,0x2A,0x07,0x00,                         /* [4264] OBJ_setCext_hashedRoot */
+0x67,0x2A,0x07,0x01,                         /* [4268] OBJ_setCext_certType */
+0x67,0x2A,0x07,0x02,                         /* [4272] OBJ_setCext_merchData */
+0x67,0x2A,0x07,0x03,                         /* [4276] OBJ_setCext_cCertRequired */
+0x67,0x2A,0x07,0x04,                         /* [4280] OBJ_setCext_tunneling */
+0x67,0x2A,0x07,0x05,                         /* [4284] OBJ_setCext_setExt */
+0x67,0x2A,0x07,0x06,                         /* [4288] OBJ_setCext_setQualf */
+0x67,0x2A,0x07,0x07,                         /* [4292] OBJ_setCext_PGWYcapabilities */
+0x67,0x2A,0x07,0x08,                         /* [4296] OBJ_setCext_TokenIdentifier */
+0x67,0x2A,0x07,0x09,                         /* [4300] OBJ_setCext_Track2Data */
+0x67,0x2A,0x07,0x0A,                         /* [4304] OBJ_setCext_TokenType */
+0x67,0x2A,0x07,0x0B,                         /* [4308] OBJ_setCext_IssuerCapabilities */
+0x67,0x2A,0x03,0x00,                         /* [4312] OBJ_setAttr_Cert */
+0x67,0x2A,0x03,0x01,                         /* [4316] OBJ_setAttr_PGWYcap */
+0x67,0x2A,0x03,0x02,                         /* [4320] OBJ_setAttr_TokenType */
+0x67,0x2A,0x03,0x03,                         /* [4324] OBJ_setAttr_IssCap */
+0x67,0x2A,0x03,0x00,0x00,                    /* [4328] OBJ_set_rootKeyThumb */
+0x67,0x2A,0x03,0x00,0x01,                    /* [4333] OBJ_set_addPolicy */
+0x67,0x2A,0x03,0x02,0x01,                    /* [4338] OBJ_setAttr_Token_EMV */
+0x67,0x2A,0x03,0x02,0x02,                    /* [4343] OBJ_setAttr_Token_B0Prime */
+0x67,0x2A,0x03,0x03,0x03,                    /* [4348] OBJ_setAttr_IssCap_CVM */
+0x67,0x2A,0x03,0x03,0x04,                    /* [4353] OBJ_setAttr_IssCap_T2 */
+0x67,0x2A,0x03,0x03,0x05,                    /* [4358] OBJ_setAttr_IssCap_Sig */
+0x67,0x2A,0x03,0x03,0x03,0x01,               /* [4363] OBJ_setAttr_GenCryptgrm */
+0x67,0x2A,0x03,0x03,0x04,0x01,               /* [4369] OBJ_setAttr_T2Enc */
+0x67,0x2A,0x03,0x03,0x04,0x02,               /* [4375] OBJ_setAttr_T2cleartxt */
+0x67,0x2A,0x03,0x03,0x05,0x01,               /* [4381] OBJ_setAttr_TokICCsig */
+0x67,0x2A,0x03,0x03,0x05,0x02,               /* [4387] OBJ_setAttr_SecDevSig */
+0x67,0x2A,0x08,0x01,                         /* [4393] OBJ_set_brand_IATA_ATA */
+0x67,0x2A,0x08,0x1E,                         /* [4397] OBJ_set_brand_Diners */
+0x67,0x2A,0x08,0x22,                         /* [4401] OBJ_set_brand_AmericanExpress */
+0x67,0x2A,0x08,0x23,                         /* [4405] OBJ_set_brand_JCB */
+0x67,0x2A,0x08,0x04,                         /* [4409] OBJ_set_brand_Visa */
+0x67,0x2A,0x08,0x05,                         /* [4413] OBJ_set_brand_MasterCard */
+0x67,0x2A,0x08,0xAE,0x7B,                    /* [4417] OBJ_set_brand_Novus */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x0A,     /* [4422] OBJ_des_cdmf */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x06,/* [4430] OBJ_rsaOAEPEncryptionSET */
+0x00,                                        /* [4439] OBJ_itu_t */
+0x50,                                        /* [4440] OBJ_joint_iso_itu_t */
+0x67,                                        /* [4441] OBJ_international_organizations */
+0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x14,0x02,0x02,/* [4442] OBJ_ms_smartcard_login */
+0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x14,0x02,0x03,/* [4452] OBJ_ms_upn */
+0x55,0x04,0x09,                              /* [4462] OBJ_streetAddress */
+0x55,0x04,0x11,                              /* [4465] OBJ_postalCode */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x15,          /* [4468] OBJ_id_ppl */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x0E,     /* [4475] OBJ_proxyCertInfo */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x00,     /* [4483] OBJ_id_ppl_anyLanguage */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x01,     /* [4491] OBJ_id_ppl_inheritAll */
+0x55,0x1D,0x1E,                              /* [4499] OBJ_name_constraints */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x02,     /* [4502] OBJ_Independent */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0B,/* [4510] OBJ_sha256WithRSAEncryption */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0C,/* [4519] OBJ_sha384WithRSAEncryption */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0D,/* [4528] OBJ_sha512WithRSAEncryption */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0E,/* [4537] OBJ_sha224WithRSAEncryption */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x01,/* [4546] OBJ_sha256 */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x02,/* [4555] OBJ_sha384 */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x03,/* [4564] OBJ_sha512 */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x04,/* [4573] OBJ_sha224 */
+0x2B,                                        /* [4582] OBJ_identified_organization */
+0x2B,0x81,0x04,                              /* [4583] OBJ_certicom_arc */
+0x67,0x2B,                                   /* [4586] OBJ_wap */
+0x67,0x2B,0x01,                              /* [4588] OBJ_wap_wsg */
+0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03,     /* [4591] OBJ_X9_62_id_characteristic_two_basis */
+0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03,0x01,/* [4599] OBJ_X9_62_onBasis */
+0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03,0x02,/* [4608] OBJ_X9_62_tpBasis */
+0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03,0x03,/* [4617] OBJ_X9_62_ppBasis */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x01,     /* [4626] OBJ_X9_62_c2pnb163v1 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x02,     /* [4634] OBJ_X9_62_c2pnb163v2 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x03,     /* [4642] OBJ_X9_62_c2pnb163v3 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x04,     /* [4650] OBJ_X9_62_c2pnb176v1 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x05,     /* [4658] OBJ_X9_62_c2tnb191v1 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x06,     /* [4666] OBJ_X9_62_c2tnb191v2 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x07,     /* [4674] OBJ_X9_62_c2tnb191v3 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x08,     /* [4682] OBJ_X9_62_c2onb191v4 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x09,     /* [4690] OBJ_X9_62_c2onb191v5 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0A,     /* [4698] OBJ_X9_62_c2pnb208w1 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0B,     /* [4706] OBJ_X9_62_c2tnb239v1 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0C,     /* [4714] OBJ_X9_62_c2tnb239v2 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0D,     /* [4722] OBJ_X9_62_c2tnb239v3 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0E,     /* [4730] OBJ_X9_62_c2onb239v4 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0F,     /* [4738] OBJ_X9_62_c2onb239v5 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x10,     /* [4746] OBJ_X9_62_c2pnb272w1 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x11,     /* [4754] OBJ_X9_62_c2pnb304w1 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x12,     /* [4762] OBJ_X9_62_c2tnb359v1 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x13,     /* [4770] OBJ_X9_62_c2pnb368w1 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x14,     /* [4778] OBJ_X9_62_c2tnb431r1 */
+0x2B,0x81,0x04,0x00,0x06,                    /* [4786] OBJ_secp112r1 */
+0x2B,0x81,0x04,0x00,0x07,                    /* [4791] OBJ_secp112r2 */
+0x2B,0x81,0x04,0x00,0x1C,                    /* [4796] OBJ_secp128r1 */
+0x2B,0x81,0x04,0x00,0x1D,                    /* [4801] OBJ_secp128r2 */
+0x2B,0x81,0x04,0x00,0x09,                    /* [4806] OBJ_secp160k1 */
+0x2B,0x81,0x04,0x00,0x08,                    /* [4811] OBJ_secp160r1 */
+0x2B,0x81,0x04,0x00,0x1E,                    /* [4816] OBJ_secp160r2 */
+0x2B,0x81,0x04,0x00,0x1F,                    /* [4821] OBJ_secp192k1 */
+0x2B,0x81,0x04,0x00,0x20,                    /* [4826] OBJ_secp224k1 */
+0x2B,0x81,0x04,0x00,0x21,                    /* [4831] OBJ_secp224r1 */
+0x2B,0x81,0x04,0x00,0x0A,                    /* [4836] OBJ_secp256k1 */
+0x2B,0x81,0x04,0x00,0x22,                    /* [4841] OBJ_secp384r1 */
+0x2B,0x81,0x04,0x00,0x23,                    /* [4846] OBJ_secp521r1 */
+0x2B,0x81,0x04,0x00,0x04,                    /* [4851] OBJ_sect113r1 */
+0x2B,0x81,0x04,0x00,0x05,                    /* [4856] OBJ_sect113r2 */
+0x2B,0x81,0x04,0x00,0x16,                    /* [4861] OBJ_sect131r1 */
+0x2B,0x81,0x04,0x00,0x17,                    /* [4866] OBJ_sect131r2 */
+0x2B,0x81,0x04,0x00,0x01,                    /* [4871] OBJ_sect163k1 */
+0x2B,0x81,0x04,0x00,0x02,                    /* [4876] OBJ_sect163r1 */
+0x2B,0x81,0x04,0x00,0x0F,                    /* [4881] OBJ_sect163r2 */
+0x2B,0x81,0x04,0x00,0x18,                    /* [4886] OBJ_sect193r1 */
+0x2B,0x81,0x04,0x00,0x19,                    /* [4891] OBJ_sect193r2 */
+0x2B,0x81,0x04,0x00,0x1A,                    /* [4896] OBJ_sect233k1 */
+0x2B,0x81,0x04,0x00,0x1B,                    /* [4901] OBJ_sect233r1 */
+0x2B,0x81,0x04,0x00,0x03,                    /* [4906] OBJ_sect239k1 */
+0x2B,0x81,0x04,0x00,0x10,                    /* [4911] OBJ_sect283k1 */
+0x2B,0x81,0x04,0x00,0x11,                    /* [4916] OBJ_sect283r1 */
+0x2B,0x81,0x04,0x00,0x24,                    /* [4921] OBJ_sect409k1 */
+0x2B,0x81,0x04,0x00,0x25,                    /* [4926] OBJ_sect409r1 */
+0x2B,0x81,0x04,0x00,0x26,                    /* [4931] OBJ_sect571k1 */
+0x2B,0x81,0x04,0x00,0x27,                    /* [4936] OBJ_sect571r1 */
+0x67,0x2B,0x01,0x04,0x01,                    /* [4941] OBJ_wap_wsg_idm_ecid_wtls1 */
+0x67,0x2B,0x01,0x04,0x03,                    /* [4946] OBJ_wap_wsg_idm_ecid_wtls3 */
+0x67,0x2B,0x01,0x04,0x04,                    /* [4951] OBJ_wap_wsg_idm_ecid_wtls4 */
+0x67,0x2B,0x01,0x04,0x05,                    /* [4956] OBJ_wap_wsg_idm_ecid_wtls5 */
+0x67,0x2B,0x01,0x04,0x06,                    /* [4961] OBJ_wap_wsg_idm_ecid_wtls6 */
+0x67,0x2B,0x01,0x04,0x07,                    /* [4966] OBJ_wap_wsg_idm_ecid_wtls7 */
+0x67,0x2B,0x01,0x04,0x08,                    /* [4971] OBJ_wap_wsg_idm_ecid_wtls8 */
+0x67,0x2B,0x01,0x04,0x09,                    /* [4976] OBJ_wap_wsg_idm_ecid_wtls9 */
+0x67,0x2B,0x01,0x04,0x0A,                    /* [4981] OBJ_wap_wsg_idm_ecid_wtls10 */
+0x67,0x2B,0x01,0x04,0x0B,                    /* [4986] OBJ_wap_wsg_idm_ecid_wtls11 */
+0x67,0x2B,0x01,0x04,0x0C,                    /* [4991] OBJ_wap_wsg_idm_ecid_wtls12 */
+0x55,0x1D,0x20,0x00,                         /* [4996] OBJ_any_policy */
+0x55,0x1D,0x21,                              /* [5000] OBJ_policy_mappings */
+0x55,0x1D,0x36,                              /* [5003] OBJ_inhibit_any_policy */
+0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x01,0x02,/* [5006] OBJ_camellia_128_cbc */
+0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x01,0x03,/* [5017] OBJ_camellia_192_cbc */
+0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x01,0x04,/* [5028] OBJ_camellia_256_cbc */
+0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x01,     /* [5039] OBJ_camellia_128_ecb */
+0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x15,     /* [5047] OBJ_camellia_192_ecb */
+0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x29,     /* [5055] OBJ_camellia_256_ecb */
+0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x04,     /* [5063] OBJ_camellia_128_cfb128 */
+0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x18,     /* [5071] OBJ_camellia_192_cfb128 */
+0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x2C,     /* [5079] OBJ_camellia_256_cfb128 */
+0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x03,     /* [5087] OBJ_camellia_128_ofb128 */
+0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x17,     /* [5095] OBJ_camellia_192_ofb128 */
+0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x2B,     /* [5103] OBJ_camellia_256_ofb128 */
+0x55,0x1D,0x09,                              /* [5111] OBJ_subject_directory_attributes */
+0x55,0x1D,0x1C,                              /* [5114] OBJ_issuing_distribution_point */
+0x55,0x1D,0x1D,                              /* [5117] OBJ_certificate_issuer */
+0x2A,0x83,0x1A,0x8C,0x9A,0x44,               /* [5120] OBJ_kisa */
+0x2A,0x83,0x1A,0x8C,0x9A,0x44,0x01,0x03,     /* [5126] OBJ_seed_ecb */
+0x2A,0x83,0x1A,0x8C,0x9A,0x44,0x01,0x04,     /* [5134] OBJ_seed_cbc */
+0x2A,0x83,0x1A,0x8C,0x9A,0x44,0x01,0x06,     /* [5142] OBJ_seed_ofb128 */
+0x2A,0x83,0x1A,0x8C,0x9A,0x44,0x01,0x05,     /* [5150] OBJ_seed_cfb128 */
+0x2B,0x06,0x01,0x05,0x05,0x08,0x01,0x01,     /* [5158] OBJ_hmac_md5 */
+0x2B,0x06,0x01,0x05,0x05,0x08,0x01,0x02,     /* [5166] OBJ_hmac_sha1 */
+0x2A,0x86,0x48,0x86,0xF6,0x7D,0x07,0x42,0x0D,/* [5174] OBJ_id_PasswordBasedMAC */
+0x2A,0x86,0x48,0x86,0xF6,0x7D,0x07,0x42,0x1E,/* [5183] OBJ_id_DHBasedMac */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x10,     /* [5192] OBJ_id_it_suppLangTags */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x05,     /* [5200] OBJ_caRepository */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x09,/* [5208] OBJ_id_smime_ct_compressedData */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x1B,/* [5219] OBJ_id_ct_asciiTextWithCRLF */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x05,/* [5230] OBJ_id_aes128_wrap */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x19,/* [5239] OBJ_id_aes192_wrap */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2D,/* [5248] OBJ_id_aes256_wrap */
+0x2A,0x86,0x48,0xCE,0x3D,0x04,0x02,          /* [5257] OBJ_ecdsa_with_Recommended */
+0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03,          /* [5264] OBJ_ecdsa_with_Specified */
+0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03,0x01,     /* [5271] OBJ_ecdsa_with_SHA224 */
+0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03,0x02,     /* [5279] OBJ_ecdsa_with_SHA256 */
+0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03,0x03,     /* [5287] OBJ_ecdsa_with_SHA384 */
+0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03,0x04,     /* [5295] OBJ_ecdsa_with_SHA512 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x06,     /* [5303] OBJ_hmacWithMD5 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x08,     /* [5311] OBJ_hmacWithSHA224 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x09,     /* [5319] OBJ_hmacWithSHA256 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x0A,     /* [5327] OBJ_hmacWithSHA384 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x0B,     /* [5335] OBJ_hmacWithSHA512 */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x03,0x01,/* [5343] OBJ_dsa_with_SHA224 */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x03,0x02,/* [5352] OBJ_dsa_with_SHA256 */
+0x28,0xCF,0x06,0x03,0x00,0x37,               /* [5361] OBJ_whirlpool */
+0x2A,0x85,0x03,0x02,0x02,                    /* [5367] OBJ_cryptopro */
+0x2A,0x85,0x03,0x02,0x09,                    /* [5372] OBJ_cryptocom */
+0x2A,0x85,0x03,0x02,0x02,0x03,               /* [5377] OBJ_id_GostR3411_94_with_GostR3410_2001 */
+0x2A,0x85,0x03,0x02,0x02,0x04,               /* [5383] OBJ_id_GostR3411_94_with_GostR3410_94 */
+0x2A,0x85,0x03,0x02,0x02,0x09,               /* [5389] OBJ_id_GostR3411_94 */
+0x2A,0x85,0x03,0x02,0x02,0x0A,               /* [5395] OBJ_id_HMACGostR3411_94 */
+0x2A,0x85,0x03,0x02,0x02,0x13,               /* [5401] OBJ_id_GostR3410_2001 */
+0x2A,0x85,0x03,0x02,0x02,0x14,               /* [5407] OBJ_id_GostR3410_94 */
+0x2A,0x85,0x03,0x02,0x02,0x15,               /* [5413] OBJ_id_Gost28147_89 */
+0x2A,0x85,0x03,0x02,0x02,0x16,               /* [5419] OBJ_id_Gost28147_89_MAC */
+0x2A,0x85,0x03,0x02,0x02,0x17,               /* [5425] OBJ_id_GostR3411_94_prf */
+0x2A,0x85,0x03,0x02,0x02,0x62,               /* [5431] OBJ_id_GostR3410_2001DH */
+0x2A,0x85,0x03,0x02,0x02,0x63,               /* [5437] OBJ_id_GostR3410_94DH */
+0x2A,0x85,0x03,0x02,0x02,0x0E,0x01,          /* [5443] OBJ_id_Gost28147_89_CryptoPro_KeyMeshing */
+0x2A,0x85,0x03,0x02,0x02,0x0E,0x00,          /* [5450] OBJ_id_Gost28147_89_None_KeyMeshing */
+0x2A,0x85,0x03,0x02,0x02,0x1E,0x00,          /* [5457] OBJ_id_GostR3411_94_TestParamSet */
+0x2A,0x85,0x03,0x02,0x02,0x1E,0x01,          /* [5464] OBJ_id_GostR3411_94_CryptoProParamSet */
+0x2A,0x85,0x03,0x02,0x02,0x1F,0x00,          /* [5471] OBJ_id_Gost28147_89_TestParamSet */
+0x2A,0x85,0x03,0x02,0x02,0x1F,0x01,          /* [5478] OBJ_id_Gost28147_89_CryptoPro_A_ParamSet */
+0x2A,0x85,0x03,0x02,0x02,0x1F,0x02,          /* [5485] OBJ_id_Gost28147_89_CryptoPro_B_ParamSet */
+0x2A,0x85,0x03,0x02,0x02,0x1F,0x03,          /* [5492] OBJ_id_Gost28147_89_CryptoPro_C_ParamSet */
+0x2A,0x85,0x03,0x02,0x02,0x1F,0x04,          /* [5499] OBJ_id_Gost28147_89_CryptoPro_D_ParamSet */
+0x2A,0x85,0x03,0x02,0x02,0x1F,0x05,          /* [5506] OBJ_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet */
+0x2A,0x85,0x03,0x02,0x02,0x1F,0x06,          /* [5513] OBJ_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet */
+0x2A,0x85,0x03,0x02,0x02,0x1F,0x07,          /* [5520] OBJ_id_Gost28147_89_CryptoPro_RIC_1_ParamSet */
+0x2A,0x85,0x03,0x02,0x02,0x20,0x00,          /* [5527] OBJ_id_GostR3410_94_TestParamSet */
+0x2A,0x85,0x03,0x02,0x02,0x20,0x02,          /* [5534] OBJ_id_GostR3410_94_CryptoPro_A_ParamSet */
+0x2A,0x85,0x03,0x02,0x02,0x20,0x03,          /* [5541] OBJ_id_GostR3410_94_CryptoPro_B_ParamSet */
+0x2A,0x85,0x03,0x02,0x02,0x20,0x04,          /* [5548] OBJ_id_GostR3410_94_CryptoPro_C_ParamSet */
+0x2A,0x85,0x03,0x02,0x02,0x20,0x05,          /* [5555] OBJ_id_GostR3410_94_CryptoPro_D_ParamSet */
+0x2A,0x85,0x03,0x02,0x02,0x21,0x01,          /* [5562] OBJ_id_GostR3410_94_CryptoPro_XchA_ParamSet */
+0x2A,0x85,0x03,0x02,0x02,0x21,0x02,          /* [5569] OBJ_id_GostR3410_94_CryptoPro_XchB_ParamSet */
+0x2A,0x85,0x03,0x02,0x02,0x21,0x03,          /* [5576] OBJ_id_GostR3410_94_CryptoPro_XchC_ParamSet */
+0x2A,0x85,0x03,0x02,0x02,0x23,0x00,          /* [5583] OBJ_id_GostR3410_2001_TestParamSet */
+0x2A,0x85,0x03,0x02,0x02,0x23,0x01,          /* [5590] OBJ_id_GostR3410_2001_CryptoPro_A_ParamSet */
+0x2A,0x85,0x03,0x02,0x02,0x23,0x02,          /* [5597] OBJ_id_GostR3410_2001_CryptoPro_B_ParamSet */
+0x2A,0x85,0x03,0x02,0x02,0x23,0x03,          /* [5604] OBJ_id_GostR3410_2001_CryptoPro_C_ParamSet */
+0x2A,0x85,0x03,0x02,0x02,0x24,0x00,          /* [5611] OBJ_id_GostR3410_2001_CryptoPro_XchA_ParamSet */
+0x2A,0x85,0x03,0x02,0x02,0x24,0x01,          /* [5618] OBJ_id_GostR3410_2001_CryptoPro_XchB_ParamSet */
+0x2A,0x85,0x03,0x02,0x02,0x14,0x01,          /* [5625] OBJ_id_GostR3410_94_a */
+0x2A,0x85,0x03,0x02,0x02,0x14,0x02,          /* [5632] OBJ_id_GostR3410_94_aBis */
+0x2A,0x85,0x03,0x02,0x02,0x14,0x03,          /* [5639] OBJ_id_GostR3410_94_b */
+0x2A,0x85,0x03,0x02,0x02,0x14,0x04,          /* [5646] OBJ_id_GostR3410_94_bBis */
+0x2A,0x85,0x03,0x02,0x09,0x01,0x06,0x01,     /* [5653] OBJ_id_Gost28147_89_cc */
+0x2A,0x85,0x03,0x02,0x09,0x01,0x05,0x03,     /* [5661] OBJ_id_GostR3410_94_cc */
+0x2A,0x85,0x03,0x02,0x09,0x01,0x05,0x04,     /* [5669] OBJ_id_GostR3410_2001_cc */
+0x2A,0x85,0x03,0x02,0x09,0x01,0x03,0x03,     /* [5677] OBJ_id_GostR3411_94_with_GostR3410_94_cc */
+0x2A,0x85,0x03,0x02,0x09,0x01,0x03,0x04,     /* [5685] OBJ_id_GostR3411_94_with_GostR3410_2001_cc */
+0x2A,0x85,0x03,0x02,0x09,0x01,0x08,0x01,     /* [5693] OBJ_id_GostR3410_2001_ParamSet_cc */
+0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x11,0x02,/* [5701] OBJ_LocalKeySet */
+0x55,0x1D,0x2E,                              /* [5710] OBJ_freshest_crl */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x08,0x03,     /* [5713] OBJ_id_on_permanentIdentifier */
+0x55,0x04,0x0E,                              /* [5721] OBJ_searchGuide */
+0x55,0x04,0x0F,                              /* [5724] OBJ_businessCategory */
+0x55,0x04,0x10,                              /* [5727] OBJ_postalAddress */
+0x55,0x04,0x12,                              /* [5730] OBJ_postOfficeBox */
+0x55,0x04,0x13,                              /* [5733] OBJ_physicalDeliveryOfficeName */
+0x55,0x04,0x14,                              /* [5736] OBJ_telephoneNumber */
+0x55,0x04,0x15,                              /* [5739] OBJ_telexNumber */
+0x55,0x04,0x16,                              /* [5742] OBJ_teletexTerminalIdentifier */
+0x55,0x04,0x17,                              /* [5745] OBJ_facsimileTelephoneNumber */
+0x55,0x04,0x18,                              /* [5748] OBJ_x121Address */
+0x55,0x04,0x19,                              /* [5751] OBJ_internationaliSDNNumber */
+0x55,0x04,0x1A,                              /* [5754] OBJ_registeredAddress */
+0x55,0x04,0x1B,                              /* [5757] OBJ_destinationIndicator */
+0x55,0x04,0x1C,                              /* [5760] OBJ_preferredDeliveryMethod */
+0x55,0x04,0x1D,                              /* [5763] OBJ_presentationAddress */
+0x55,0x04,0x1E,                              /* [5766] OBJ_supportedApplicationContext */
+0x55,0x04,0x1F,                              /* [5769] OBJ_member */
+0x55,0x04,0x20,                              /* [5772] OBJ_owner */
+0x55,0x04,0x21,                              /* [5775] OBJ_roleOccupant */
+0x55,0x04,0x22,                              /* [5778] OBJ_seeAlso */
+0x55,0x04,0x23,                              /* [5781] OBJ_userPassword */
+0x55,0x04,0x24,                              /* [5784] OBJ_userCertificate */
+0x55,0x04,0x25,                              /* [5787] OBJ_cACertificate */
+0x55,0x04,0x26,                              /* [5790] OBJ_authorityRevocationList */
+0x55,0x04,0x27,                              /* [5793] OBJ_certificateRevocationList */
+0x55,0x04,0x28,                              /* [5796] OBJ_crossCertificatePair */
+0x55,0x04,0x2F,                              /* [5799] OBJ_enhancedSearchGuide */
+0x55,0x04,0x30,                              /* [5802] OBJ_protocolInformation */
+0x55,0x04,0x31,                              /* [5805] OBJ_distinguishedName */
+0x55,0x04,0x32,                              /* [5808] OBJ_uniqueMember */
+0x55,0x04,0x33,                              /* [5811] OBJ_houseIdentifier */
+0x55,0x04,0x34,                              /* [5814] OBJ_supportedAlgorithms */
+0x55,0x04,0x35,                              /* [5817] OBJ_deltaRevocationList */
+0x55,0x04,0x36,                              /* [5820] OBJ_dmdName */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x09,/* [5823] OBJ_id_alg_PWRI_KEK */
 };
 
-static ASN1_OBJECT nid_objs[NUM_NID]={
+static const ASN1_OBJECT nid_objs[NUM_NID]={
 {"UNDEF","undefined",NID_undef,1,&(lvalues[0]),0},
 {"rsadsi","RSA Data Security, Inc.",NID_rsadsi,6,&(lvalues[1]),0},
 {"pkcs","RSA Data Security, Inc. PKCS",NID_pkcs,7,&(lvalues[7]),0},
@@ -824,21 +956,21 @@ static ASN1_OBJECT nid_objs[NUM_NID]={
 {"DES-CFB","des-cfb",NID_des_cfb64,5,&(lvalues[192]),0},
 {"DES-CBC","des-cbc",NID_des_cbc,5,&(lvalues[197]),0},
 {"DES-EDE","des-ede",NID_des_ede_ecb,5,&(lvalues[202]),0},
-{"DES-EDE3","des-ede3",NID_des_ede3_ecb,0,NULL},
+{"DES-EDE3","des-ede3",NID_des_ede3_ecb,0,NULL,0},
 {"IDEA-CBC","idea-cbc",NID_idea_cbc,11,&(lvalues[207]),0},
-{"IDEA-CFB","idea-cfb",NID_idea_cfb64,0,NULL},
-{"IDEA-ECB","idea-ecb",NID_idea_ecb,0,NULL},
+{"IDEA-CFB","idea-cfb",NID_idea_cfb64,0,NULL,0},
+{"IDEA-ECB","idea-ecb",NID_idea_ecb,0,NULL,0},
 {"RC2-CBC","rc2-cbc",NID_rc2_cbc,8,&(lvalues[218]),0},
-{"RC2-ECB","rc2-ecb",NID_rc2_ecb,0,NULL},
-{"RC2-CFB","rc2-cfb",NID_rc2_cfb64,0,NULL},
-{"RC2-OFB","rc2-ofb",NID_rc2_ofb64,0,NULL},
+{"RC2-ECB","rc2-ecb",NID_rc2_ecb,0,NULL,0},
+{"RC2-CFB","rc2-cfb",NID_rc2_cfb64,0,NULL,0},
+{"RC2-OFB","rc2-ofb",NID_rc2_ofb64,0,NULL,0},
 {"SHA","sha",NID_sha,5,&(lvalues[226]),0},
 {"RSA-SHA","shaWithRSAEncryption",NID_shaWithRSAEncryption,5,
 	&(lvalues[231]),0},
-{"DES-EDE-CBC","des-ede-cbc",NID_des_ede_cbc,0,NULL},
+{"DES-EDE-CBC","des-ede-cbc",NID_des_ede_cbc,0,NULL,0},
 {"DES-EDE3-CBC","des-ede3-cbc",NID_des_ede3_cbc,8,&(lvalues[236]),0},
 {"DES-OFB","des-ofb",NID_des_ofb64,5,&(lvalues[244]),0},
-{"IDEA-OFB","idea-ofb",NID_idea_ofb64,0,NULL},
+{"IDEA-OFB","idea-ofb",NID_idea_ofb64,0,NULL,0},
 {"pkcs9","pkcs9",NID_pkcs9,8,&(lvalues[249]),0},
 {"emailAddress","emailAddress",NID_pkcs9_emailAddress,9,
 	&(lvalues[257]),0},
@@ -862,10 +994,10 @@ static ASN1_OBJECT nid_objs[NUM_NID]={
 	NID_netscape_cert_extension,8,&(lvalues[345]),0},
 {"nsDataType","Netscape Data Type",NID_netscape_data_type,8,
 	&(lvalues[353]),0},
-{"DES-EDE-CFB","des-ede-cfb",NID_des_ede_cfb64,0,NULL},
-{"DES-EDE3-CFB","des-ede3-cfb",NID_des_ede3_cfb64,0,NULL},
-{"DES-EDE-OFB","des-ede-ofb",NID_des_ede_ofb64,0,NULL},
-{"DES-EDE3-OFB","des-ede3-ofb",NID_des_ede3_ofb64,0,NULL},
+{"DES-EDE-CFB","des-ede-cfb",NID_des_ede_cfb64,0,NULL,0},
+{"DES-EDE3-CFB","des-ede3-cfb",NID_des_ede3_cfb64,0,NULL,0},
+{"DES-EDE-OFB","des-ede-ofb",NID_des_ede_ofb64,0,NULL,0},
+{"DES-EDE3-OFB","des-ede3-ofb",NID_des_ede3_ofb64,0,NULL,0},
 {"SHA1","sha1",NID_sha1,5,&(lvalues[361]),0},
 {"RSA-SHA1","sha1WithRSAEncryption",NID_sha1WithRSAEncryption,9,
 	&(lvalues[366]),0},
@@ -892,7 +1024,7 @@ static ASN1_OBJECT nid_objs[NUM_NID]={
 {"nsComment","Netscape Comment",NID_netscape_comment,9,&(lvalues[471]),0},
 {"nsCertSequence","Netscape Certificate Sequence",
 	NID_netscape_cert_sequence,9,&(lvalues[480]),0},
-{"DESX-CBC","desx-cbc",NID_desx_cbc,0,NULL},
+{"DESX-CBC","desx-cbc",NID_desx_cbc,0,NULL,0},
 {"id-ce","id-ce",NID_id_ce,2,&(lvalues[489]),0},
 {"subjectKeyIdentifier","X509v3 Subject Key Identifier",
 	NID_subject_key_identifier,3,&(lvalues[491]),0},
@@ -911,17 +1043,17 @@ static ASN1_OBJECT nid_objs[NUM_NID]={
 {"authorityKeyIdentifier","X509v3 Authority Key Identifier",
 	NID_authority_key_identifier,3,&(lvalues[515]),0},
 {"BF-CBC","bf-cbc",NID_bf_cbc,9,&(lvalues[518]),0},
-{"BF-ECB","bf-ecb",NID_bf_ecb,0,NULL},
-{"BF-CFB","bf-cfb",NID_bf_cfb64,0,NULL},
-{"BF-OFB","bf-ofb",NID_bf_ofb64,0,NULL},
+{"BF-ECB","bf-ecb",NID_bf_ecb,0,NULL,0},
+{"BF-CFB","bf-cfb",NID_bf_cfb64,0,NULL,0},
+{"BF-OFB","bf-ofb",NID_bf_ofb64,0,NULL,0},
 {"MDC2","mdc2",NID_mdc2,4,&(lvalues[527]),0},
 {"RSA-MDC2","mdc2WithRSA",NID_mdc2WithRSA,4,&(lvalues[531]),0},
-{"RC4-40","rc4-40",NID_rc4_40,0,NULL},
-{"RC2-40-CBC","rc2-40-cbc",NID_rc2_40_cbc,0,NULL},
+{"RC4-40","rc4-40",NID_rc4_40,0,NULL,0},
+{"RC2-40-CBC","rc2-40-cbc",NID_rc2_40_cbc,0,NULL,0},
 {"GN","givenName",NID_givenName,3,&(lvalues[535]),0},
 {"SN","surname",NID_surname,3,&(lvalues[538]),0},
 {"initials","initials",NID_initials,3,&(lvalues[541]),0},
-{NULL,NULL,NID_undef,0,NULL},
+{NULL,NULL,NID_undef,0,NULL,0},
 {"crlDistributionPoints","X509v3 CRL Distribution Points",
 	NID_crl_distribution_points,3,&(lvalues[544]),0},
 {"RSA-NP-MD5","md5WithRSA",NID_md5WithRSA,5,&(lvalues[547]),0},
@@ -929,3233 +1061,3922 @@ static ASN1_OBJECT nid_objs[NUM_NID]={
 {"title","title",NID_title,3,&(lvalues[555]),0},
 {"description","description",NID_description,3,&(lvalues[558]),0},
 {"CAST5-CBC","cast5-cbc",NID_cast5_cbc,9,&(lvalues[561]),0},
-{"CAST5-ECB","cast5-ecb",NID_cast5_ecb,0,NULL},
-{"CAST5-CFB","cast5-cfb",NID_cast5_cfb64,0,NULL},
-{"CAST5-OFB","cast5-ofb",NID_cast5_ofb64,0,NULL},
+{"CAST5-ECB","cast5-ecb",NID_cast5_ecb,0,NULL,0},
+{"CAST5-CFB","cast5-cfb",NID_cast5_cfb64,0,NULL,0},
+{"CAST5-OFB","cast5-ofb",NID_cast5_ofb64,0,NULL,0},
 {"pbeWithMD5AndCast5CBC","pbeWithMD5AndCast5CBC",
 	NID_pbeWithMD5AndCast5_CBC,9,&(lvalues[570]),0},
 {"DSA-SHA1","dsaWithSHA1",NID_dsaWithSHA1,7,&(lvalues[579]),0},
-{"MD5-SHA1","md5-sha1",NID_md5_sha1,0,NULL},
+{"MD5-SHA1","md5-sha1",NID_md5_sha1,0,NULL,0},
 {"RSA-SHA1-2","sha1WithRSA",NID_sha1WithRSA,5,&(lvalues[586]),0},
 {"DSA","dsaEncryption",NID_dsa,7,&(lvalues[591]),0},
 {"RIPEMD160","ripemd160",NID_ripemd160,5,&(lvalues[598]),0},
-{NULL,NULL,NID_undef,0,NULL},
+{NULL,NULL,NID_undef,0,NULL,0},
 {"RSA-RIPEMD160","ripemd160WithRSA",NID_ripemd160WithRSA,6,
 	&(lvalues[603]),0},
 {"RC5-CBC","rc5-cbc",NID_rc5_cbc,8,&(lvalues[609]),0},
-{"RC5-ECB","rc5-ecb",NID_rc5_ecb,0,NULL},
-{"RC5-CFB","rc5-cfb",NID_rc5_cfb64,0,NULL},
-{"RC5-OFB","rc5-ofb",NID_rc5_ofb64,0,NULL},
+{"RC5-ECB","rc5-ecb",NID_rc5_ecb,0,NULL,0},
+{"RC5-CFB","rc5-cfb",NID_rc5_cfb64,0,NULL,0},
+{"RC5-OFB","rc5-ofb",NID_rc5_ofb64,0,NULL,0},
 {"RLE","run length compression",NID_rle_compression,6,&(lvalues[617]),0},
-{"ZLIB","zlib compression",NID_zlib_compression,6,&(lvalues[623]),0},
+{"ZLIB","zlib compression",NID_zlib_compression,11,&(lvalues[623]),0},
 {"extendedKeyUsage","X509v3 Extended Key Usage",NID_ext_key_usage,3,
-	&(lvalues[629]),0},
-{"PKIX","PKIX",NID_id_pkix,6,&(lvalues[632]),0},
-{"id-kp","id-kp",NID_id_kp,7,&(lvalues[638]),0},
+	&(lvalues[634]),0},
+{"PKIX","PKIX",NID_id_pkix,6,&(lvalues[637]),0},
+{"id-kp","id-kp",NID_id_kp,7,&(lvalues[643]),0},
 {"serverAuth","TLS Web Server Authentication",NID_server_auth,8,
-	&(lvalues[645]),0},
+	&(lvalues[650]),0},
 {"clientAuth","TLS Web Client Authentication",NID_client_auth,8,
-	&(lvalues[653]),0},
-{"codeSigning","Code Signing",NID_code_sign,8,&(lvalues[661]),0},
+	&(lvalues[658]),0},
+{"codeSigning","Code Signing",NID_code_sign,8,&(lvalues[666]),0},
 {"emailProtection","E-mail Protection",NID_email_protect,8,
-	&(lvalues[669]),0},
-{"timeStamping","Time Stamping",NID_time_stamp,8,&(lvalues[677]),0},
+	&(lvalues[674]),0},
+{"timeStamping","Time Stamping",NID_time_stamp,8,&(lvalues[682]),0},
 {"msCodeInd","Microsoft Individual Code Signing",NID_ms_code_ind,10,
-	&(lvalues[685]),0},
+	&(lvalues[690]),0},
 {"msCodeCom","Microsoft Commercial Code Signing",NID_ms_code_com,10,
-	&(lvalues[695]),0},
+	&(lvalues[700]),0},
 {"msCTLSign","Microsoft Trust List Signing",NID_ms_ctl_sign,10,
-	&(lvalues[705]),0},
-{"msSGC","Microsoft Server Gated Crypto",NID_ms_sgc,10,&(lvalues[715]),0},
+	&(lvalues[710]),0},
+{"msSGC","Microsoft Server Gated Crypto",NID_ms_sgc,10,&(lvalues[720]),0},
 {"msEFS","Microsoft Encrypted File System",NID_ms_efs,10,
-	&(lvalues[725]),0},
-{"nsSGC","Netscape Server Gated Crypto",NID_ns_sgc,9,&(lvalues[735]),0},
+	&(lvalues[730]),0},
+{"nsSGC","Netscape Server Gated Crypto",NID_ns_sgc,9,&(lvalues[740]),0},
 {"deltaCRL","X509v3 Delta CRL Indicator",NID_delta_crl,3,
-	&(lvalues[744]),0},
-{"CRLReason","X509v3 CRL Reason Code",NID_crl_reason,3,&(lvalues[747]),0},
+	&(lvalues[749]),0},
+{"CRLReason","X509v3 CRL Reason Code",NID_crl_reason,3,&(lvalues[752]),0},
 {"invalidityDate","Invalidity Date",NID_invalidity_date,3,
-	&(lvalues[750]),0},
-{"SXNetID","Strong Extranet ID",NID_sxnet,5,&(lvalues[753]),0},
+	&(lvalues[755]),0},
+{"SXNetID","Strong Extranet ID",NID_sxnet,5,&(lvalues[758]),0},
 {"PBE-SHA1-RC4-128","pbeWithSHA1And128BitRC4",
-	NID_pbe_WithSHA1And128BitRC4,10,&(lvalues[758]),0},
+	NID_pbe_WithSHA1And128BitRC4,10,&(lvalues[763]),0},
 {"PBE-SHA1-RC4-40","pbeWithSHA1And40BitRC4",
-	NID_pbe_WithSHA1And40BitRC4,10,&(lvalues[768]),0},
+	NID_pbe_WithSHA1And40BitRC4,10,&(lvalues[773]),0},
 {"PBE-SHA1-3DES","pbeWithSHA1And3-KeyTripleDES-CBC",
-	NID_pbe_WithSHA1And3_Key_TripleDES_CBC,10,&(lvalues[778]),0},
+	NID_pbe_WithSHA1And3_Key_TripleDES_CBC,10,&(lvalues[783]),0},
 {"PBE-SHA1-2DES","pbeWithSHA1And2-KeyTripleDES-CBC",
-	NID_pbe_WithSHA1And2_Key_TripleDES_CBC,10,&(lvalues[788]),0},
+	NID_pbe_WithSHA1And2_Key_TripleDES_CBC,10,&(lvalues[793]),0},
 {"PBE-SHA1-RC2-128","pbeWithSHA1And128BitRC2-CBC",
-	NID_pbe_WithSHA1And128BitRC2_CBC,10,&(lvalues[798]),0},
+	NID_pbe_WithSHA1And128BitRC2_CBC,10,&(lvalues[803]),0},
 {"PBE-SHA1-RC2-40","pbeWithSHA1And40BitRC2-CBC",
-	NID_pbe_WithSHA1And40BitRC2_CBC,10,&(lvalues[808]),0},
-{"keyBag","keyBag",NID_keyBag,11,&(lvalues[818]),0},
+	NID_pbe_WithSHA1And40BitRC2_CBC,10,&(lvalues[813]),0},
+{"keyBag","keyBag",NID_keyBag,11,&(lvalues[823]),0},
 {"pkcs8ShroudedKeyBag","pkcs8ShroudedKeyBag",NID_pkcs8ShroudedKeyBag,
-	11,&(lvalues[829]),0},
-{"certBag","certBag",NID_certBag,11,&(lvalues[840]),0},
-{"crlBag","crlBag",NID_crlBag,11,&(lvalues[851]),0},
-{"secretBag","secretBag",NID_secretBag,11,&(lvalues[862]),0},
+	11,&(lvalues[834]),0},
+{"certBag","certBag",NID_certBag,11,&(lvalues[845]),0},
+{"crlBag","crlBag",NID_crlBag,11,&(lvalues[856]),0},
+{"secretBag","secretBag",NID_secretBag,11,&(lvalues[867]),0},
 {"safeContentsBag","safeContentsBag",NID_safeContentsBag,11,
-	&(lvalues[873]),0},
-{"friendlyName","friendlyName",NID_friendlyName,9,&(lvalues[884]),0},
-{"localKeyID","localKeyID",NID_localKeyID,9,&(lvalues[893]),0},
+	&(lvalues[878]),0},
+{"friendlyName","friendlyName",NID_friendlyName,9,&(lvalues[889]),0},
+{"localKeyID","localKeyID",NID_localKeyID,9,&(lvalues[898]),0},
 {"x509Certificate","x509Certificate",NID_x509Certificate,10,
-	&(lvalues[902]),0},
+	&(lvalues[907]),0},
 {"sdsiCertificate","sdsiCertificate",NID_sdsiCertificate,10,
-	&(lvalues[912]),0},
-{"x509Crl","x509Crl",NID_x509Crl,10,&(lvalues[922]),0},
-{"PBES2","PBES2",NID_pbes2,9,&(lvalues[932]),0},
-{"PBMAC1","PBMAC1",NID_pbmac1,9,&(lvalues[941]),0},
-{"hmacWithSHA1","hmacWithSHA1",NID_hmacWithSHA1,8,&(lvalues[950]),0},
-{"id-qt-cps","Policy Qualifier CPS",NID_id_qt_cps,8,&(lvalues[958]),0},
+	&(lvalues[917]),0},
+{"x509Crl","x509Crl",NID_x509Crl,10,&(lvalues[927]),0},
+{"PBES2","PBES2",NID_pbes2,9,&(lvalues[937]),0},
+{"PBMAC1","PBMAC1",NID_pbmac1,9,&(lvalues[946]),0},
+{"hmacWithSHA1","hmacWithSHA1",NID_hmacWithSHA1,8,&(lvalues[955]),0},
+{"id-qt-cps","Policy Qualifier CPS",NID_id_qt_cps,8,&(lvalues[963]),0},
 {"id-qt-unotice","Policy Qualifier User Notice",NID_id_qt_unotice,8,
-	&(lvalues[966]),0},
-{"RC2-64-CBC","rc2-64-cbc",NID_rc2_64_cbc,0,NULL},
+	&(lvalues[971]),0},
+{"RC2-64-CBC","rc2-64-cbc",NID_rc2_64_cbc,0,NULL,0},
 {"SMIME-CAPS","S/MIME Capabilities",NID_SMIMECapabilities,9,
-	&(lvalues[974]),0},
+	&(lvalues[979]),0},
 {"PBE-MD2-RC2-64","pbeWithMD2AndRC2-CBC",NID_pbeWithMD2AndRC2_CBC,9,
-	&(lvalues[983]),0},
+	&(lvalues[988]),0},
 {"PBE-MD5-RC2-64","pbeWithMD5AndRC2-CBC",NID_pbeWithMD5AndRC2_CBC,9,
-	&(lvalues[992]),0},
+	&(lvalues[997]),0},
 {"PBE-SHA1-DES","pbeWithSHA1AndDES-CBC",NID_pbeWithSHA1AndDES_CBC,9,
-	&(lvalues[1001]),0},
+	&(lvalues[1006]),0},
 {"msExtReq","Microsoft Extension Request",NID_ms_ext_req,10,
-	&(lvalues[1010]),0},
-{"extReq","Extension Request",NID_ext_req,9,&(lvalues[1020]),0},
-{"name","name",NID_name,3,&(lvalues[1029]),0},
-{"dnQualifier","dnQualifier",NID_dnQualifier,3,&(lvalues[1032]),0},
-{"id-pe","id-pe",NID_id_pe,7,&(lvalues[1035]),0},
-{"id-ad","id-ad",NID_id_ad,7,&(lvalues[1042]),0},
+	&(lvalues[1015]),0},
+{"extReq","Extension Request",NID_ext_req,9,&(lvalues[1025]),0},
+{"name","name",NID_name,3,&(lvalues[1034]),0},
+{"dnQualifier","dnQualifier",NID_dnQualifier,3,&(lvalues[1037]),0},
+{"id-pe","id-pe",NID_id_pe,7,&(lvalues[1040]),0},
+{"id-ad","id-ad",NID_id_ad,7,&(lvalues[1047]),0},
 {"authorityInfoAccess","Authority Information Access",NID_info_access,
-	8,&(lvalues[1049]),0},
-{"OCSP","OCSP",NID_ad_OCSP,8,&(lvalues[1057]),0},
-{"caIssuers","CA Issuers",NID_ad_ca_issuers,8,&(lvalues[1065]),0},
-{"OCSPSigning","OCSP Signing",NID_OCSP_sign,8,&(lvalues[1073]),0},
-{"ISO","iso",NID_iso,1,&(lvalues[1081]),0},
-{"member-body","ISO Member Body",NID_member_body,1,&(lvalues[1082]),0},
-{"ISO-US","ISO US Member Body",NID_ISO_US,3,&(lvalues[1083]),0},
-{"X9-57","X9.57",NID_X9_57,5,&(lvalues[1086]),0},
-{"X9cm","X9.57 CM ?",NID_X9cm,6,&(lvalues[1091]),0},
-{"pkcs1","pkcs1",NID_pkcs1,8,&(lvalues[1097]),0},
-{"pkcs5","pkcs5",NID_pkcs5,8,&(lvalues[1105]),0},
-{"SMIME","S/MIME",NID_SMIME,9,&(lvalues[1113]),0},
-{"id-smime-mod","id-smime-mod",NID_id_smime_mod,10,&(lvalues[1122]),0},
-{"id-smime-ct","id-smime-ct",NID_id_smime_ct,10,&(lvalues[1132]),0},
-{"id-smime-aa","id-smime-aa",NID_id_smime_aa,10,&(lvalues[1142]),0},
-{"id-smime-alg","id-smime-alg",NID_id_smime_alg,10,&(lvalues[1152]),0},
-{"id-smime-cd","id-smime-cd",NID_id_smime_cd,10,&(lvalues[1162]),0},
-{"id-smime-spq","id-smime-spq",NID_id_smime_spq,10,&(lvalues[1172]),0},
-{"id-smime-cti","id-smime-cti",NID_id_smime_cti,10,&(lvalues[1182]),0},
+	8,&(lvalues[1054]),0},
+{"OCSP","OCSP",NID_ad_OCSP,8,&(lvalues[1062]),0},
+{"caIssuers","CA Issuers",NID_ad_ca_issuers,8,&(lvalues[1070]),0},
+{"OCSPSigning","OCSP Signing",NID_OCSP_sign,8,&(lvalues[1078]),0},
+{"ISO","iso",NID_iso,1,&(lvalues[1086]),0},
+{"member-body","ISO Member Body",NID_member_body,1,&(lvalues[1087]),0},
+{"ISO-US","ISO US Member Body",NID_ISO_US,3,&(lvalues[1088]),0},
+{"X9-57","X9.57",NID_X9_57,5,&(lvalues[1091]),0},
+{"X9cm","X9.57 CM ?",NID_X9cm,6,&(lvalues[1096]),0},
+{"pkcs1","pkcs1",NID_pkcs1,8,&(lvalues[1102]),0},
+{"pkcs5","pkcs5",NID_pkcs5,8,&(lvalues[1110]),0},
+{"SMIME","S/MIME",NID_SMIME,9,&(lvalues[1118]),0},
+{"id-smime-mod","id-smime-mod",NID_id_smime_mod,10,&(lvalues[1127]),0},
+{"id-smime-ct","id-smime-ct",NID_id_smime_ct,10,&(lvalues[1137]),0},
+{"id-smime-aa","id-smime-aa",NID_id_smime_aa,10,&(lvalues[1147]),0},
+{"id-smime-alg","id-smime-alg",NID_id_smime_alg,10,&(lvalues[1157]),0},
+{"id-smime-cd","id-smime-cd",NID_id_smime_cd,10,&(lvalues[1167]),0},
+{"id-smime-spq","id-smime-spq",NID_id_smime_spq,10,&(lvalues[1177]),0},
+{"id-smime-cti","id-smime-cti",NID_id_smime_cti,10,&(lvalues[1187]),0},
 {"id-smime-mod-cms","id-smime-mod-cms",NID_id_smime_mod_cms,11,
-	&(lvalues[1192]),0},
+	&(lvalues[1197]),0},
 {"id-smime-mod-ess","id-smime-mod-ess",NID_id_smime_mod_ess,11,
-	&(lvalues[1203]),0},
+	&(lvalues[1208]),0},
 {"id-smime-mod-oid","id-smime-mod-oid",NID_id_smime_mod_oid,11,
-	&(lvalues[1214]),0},
+	&(lvalues[1219]),0},
 {"id-smime-mod-msg-v3","id-smime-mod-msg-v3",NID_id_smime_mod_msg_v3,
-	11,&(lvalues[1225]),0},
+	11,&(lvalues[1230]),0},
 {"id-smime-mod-ets-eSignature-88","id-smime-mod-ets-eSignature-88",
-	NID_id_smime_mod_ets_eSignature_88,11,&(lvalues[1236]),0},
+	NID_id_smime_mod_ets_eSignature_88,11,&(lvalues[1241]),0},
 {"id-smime-mod-ets-eSignature-97","id-smime-mod-ets-eSignature-97",
-	NID_id_smime_mod_ets_eSignature_97,11,&(lvalues[1247]),0},
+	NID_id_smime_mod_ets_eSignature_97,11,&(lvalues[1252]),0},
 {"id-smime-mod-ets-eSigPolicy-88","id-smime-mod-ets-eSigPolicy-88",
-	NID_id_smime_mod_ets_eSigPolicy_88,11,&(lvalues[1258]),0},
+	NID_id_smime_mod_ets_eSigPolicy_88,11,&(lvalues[1263]),0},
 {"id-smime-mod-ets-eSigPolicy-97","id-smime-mod-ets-eSigPolicy-97",
-	NID_id_smime_mod_ets_eSigPolicy_97,11,&(lvalues[1269]),0},
+	NID_id_smime_mod_ets_eSigPolicy_97,11,&(lvalues[1274]),0},
 {"id-smime-ct-receipt","id-smime-ct-receipt",NID_id_smime_ct_receipt,
-	11,&(lvalues[1280]),0},
+	11,&(lvalues[1285]),0},
 {"id-smime-ct-authData","id-smime-ct-authData",
-	NID_id_smime_ct_authData,11,&(lvalues[1291]),0},
+	NID_id_smime_ct_authData,11,&(lvalues[1296]),0},
 {"id-smime-ct-publishCert","id-smime-ct-publishCert",
-	NID_id_smime_ct_publishCert,11,&(lvalues[1302]),0},
+	NID_id_smime_ct_publishCert,11,&(lvalues[1307]),0},
 {"id-smime-ct-TSTInfo","id-smime-ct-TSTInfo",NID_id_smime_ct_TSTInfo,
-	11,&(lvalues[1313]),0},
+	11,&(lvalues[1318]),0},
 {"id-smime-ct-TDTInfo","id-smime-ct-TDTInfo",NID_id_smime_ct_TDTInfo,
-	11,&(lvalues[1324]),0},
+	11,&(lvalues[1329]),0},
 {"id-smime-ct-contentInfo","id-smime-ct-contentInfo",
-	NID_id_smime_ct_contentInfo,11,&(lvalues[1335]),0},
+	NID_id_smime_ct_contentInfo,11,&(lvalues[1340]),0},
 {"id-smime-ct-DVCSRequestData","id-smime-ct-DVCSRequestData",
-	NID_id_smime_ct_DVCSRequestData,11,&(lvalues[1346]),0},
+	NID_id_smime_ct_DVCSRequestData,11,&(lvalues[1351]),0},
 {"id-smime-ct-DVCSResponseData","id-smime-ct-DVCSResponseData",
-	NID_id_smime_ct_DVCSResponseData,11,&(lvalues[1357]),0},
+	NID_id_smime_ct_DVCSResponseData,11,&(lvalues[1362]),0},
 {"id-smime-aa-receiptRequest","id-smime-aa-receiptRequest",
-	NID_id_smime_aa_receiptRequest,11,&(lvalues[1368]),0},
+	NID_id_smime_aa_receiptRequest,11,&(lvalues[1373]),0},
 {"id-smime-aa-securityLabel","id-smime-aa-securityLabel",
-	NID_id_smime_aa_securityLabel,11,&(lvalues[1379]),0},
+	NID_id_smime_aa_securityLabel,11,&(lvalues[1384]),0},
 {"id-smime-aa-mlExpandHistory","id-smime-aa-mlExpandHistory",
-	NID_id_smime_aa_mlExpandHistory,11,&(lvalues[1390]),0},
+	NID_id_smime_aa_mlExpandHistory,11,&(lvalues[1395]),0},
 {"id-smime-aa-contentHint","id-smime-aa-contentHint",
-	NID_id_smime_aa_contentHint,11,&(lvalues[1401]),0},
+	NID_id_smime_aa_contentHint,11,&(lvalues[1406]),0},
 {"id-smime-aa-msgSigDigest","id-smime-aa-msgSigDigest",
-	NID_id_smime_aa_msgSigDigest,11,&(lvalues[1412]),0},
+	NID_id_smime_aa_msgSigDigest,11,&(lvalues[1417]),0},
 {"id-smime-aa-encapContentType","id-smime-aa-encapContentType",
-	NID_id_smime_aa_encapContentType,11,&(lvalues[1423]),0},
+	NID_id_smime_aa_encapContentType,11,&(lvalues[1428]),0},
 {"id-smime-aa-contentIdentifier","id-smime-aa-contentIdentifier",
-	NID_id_smime_aa_contentIdentifier,11,&(lvalues[1434]),0},
+	NID_id_smime_aa_contentIdentifier,11,&(lvalues[1439]),0},
 {"id-smime-aa-macValue","id-smime-aa-macValue",
-	NID_id_smime_aa_macValue,11,&(lvalues[1445]),0},
+	NID_id_smime_aa_macValue,11,&(lvalues[1450]),0},
 {"id-smime-aa-equivalentLabels","id-smime-aa-equivalentLabels",
-	NID_id_smime_aa_equivalentLabels,11,&(lvalues[1456]),0},
+	NID_id_smime_aa_equivalentLabels,11,&(lvalues[1461]),0},
 {"id-smime-aa-contentReference","id-smime-aa-contentReference",
-	NID_id_smime_aa_contentReference,11,&(lvalues[1467]),0},
+	NID_id_smime_aa_contentReference,11,&(lvalues[1472]),0},
 {"id-smime-aa-encrypKeyPref","id-smime-aa-encrypKeyPref",
-	NID_id_smime_aa_encrypKeyPref,11,&(lvalues[1478]),0},
+	NID_id_smime_aa_encrypKeyPref,11,&(lvalues[1483]),0},
 {"id-smime-aa-signingCertificate","id-smime-aa-signingCertificate",
-	NID_id_smime_aa_signingCertificate,11,&(lvalues[1489]),0},
+	NID_id_smime_aa_signingCertificate,11,&(lvalues[1494]),0},
 {"id-smime-aa-smimeEncryptCerts","id-smime-aa-smimeEncryptCerts",
-	NID_id_smime_aa_smimeEncryptCerts,11,&(lvalues[1500]),0},
+	NID_id_smime_aa_smimeEncryptCerts,11,&(lvalues[1505]),0},
 {"id-smime-aa-timeStampToken","id-smime-aa-timeStampToken",
-	NID_id_smime_aa_timeStampToken,11,&(lvalues[1511]),0},
+	NID_id_smime_aa_timeStampToken,11,&(lvalues[1516]),0},
 {"id-smime-aa-ets-sigPolicyId","id-smime-aa-ets-sigPolicyId",
-	NID_id_smime_aa_ets_sigPolicyId,11,&(lvalues[1522]),0},
+	NID_id_smime_aa_ets_sigPolicyId,11,&(lvalues[1527]),0},
 {"id-smime-aa-ets-commitmentType","id-smime-aa-ets-commitmentType",
-	NID_id_smime_aa_ets_commitmentType,11,&(lvalues[1533]),0},
+	NID_id_smime_aa_ets_commitmentType,11,&(lvalues[1538]),0},
 {"id-smime-aa-ets-signerLocation","id-smime-aa-ets-signerLocation",
-	NID_id_smime_aa_ets_signerLocation,11,&(lvalues[1544]),0},
+	NID_id_smime_aa_ets_signerLocation,11,&(lvalues[1549]),0},
 {"id-smime-aa-ets-signerAttr","id-smime-aa-ets-signerAttr",
-	NID_id_smime_aa_ets_signerAttr,11,&(lvalues[1555]),0},
+	NID_id_smime_aa_ets_signerAttr,11,&(lvalues[1560]),0},
 {"id-smime-aa-ets-otherSigCert","id-smime-aa-ets-otherSigCert",
-	NID_id_smime_aa_ets_otherSigCert,11,&(lvalues[1566]),0},
+	NID_id_smime_aa_ets_otherSigCert,11,&(lvalues[1571]),0},
 {"id-smime-aa-ets-contentTimestamp",
 	"id-smime-aa-ets-contentTimestamp",
-	NID_id_smime_aa_ets_contentTimestamp,11,&(lvalues[1577]),0},
+	NID_id_smime_aa_ets_contentTimestamp,11,&(lvalues[1582]),0},
 {"id-smime-aa-ets-CertificateRefs","id-smime-aa-ets-CertificateRefs",
-	NID_id_smime_aa_ets_CertificateRefs,11,&(lvalues[1588]),0},
+	NID_id_smime_aa_ets_CertificateRefs,11,&(lvalues[1593]),0},
 {"id-smime-aa-ets-RevocationRefs","id-smime-aa-ets-RevocationRefs",
-	NID_id_smime_aa_ets_RevocationRefs,11,&(lvalues[1599]),0},
+	NID_id_smime_aa_ets_RevocationRefs,11,&(lvalues[1604]),0},
 {"id-smime-aa-ets-certValues","id-smime-aa-ets-certValues",
-	NID_id_smime_aa_ets_certValues,11,&(lvalues[1610]),0},
+	NID_id_smime_aa_ets_certValues,11,&(lvalues[1615]),0},
 {"id-smime-aa-ets-revocationValues",
 	"id-smime-aa-ets-revocationValues",
-	NID_id_smime_aa_ets_revocationValues,11,&(lvalues[1621]),0},
+	NID_id_smime_aa_ets_revocationValues,11,&(lvalues[1626]),0},
 {"id-smime-aa-ets-escTimeStamp","id-smime-aa-ets-escTimeStamp",
-	NID_id_smime_aa_ets_escTimeStamp,11,&(lvalues[1632]),0},
+	NID_id_smime_aa_ets_escTimeStamp,11,&(lvalues[1637]),0},
 {"id-smime-aa-ets-certCRLTimestamp",
 	"id-smime-aa-ets-certCRLTimestamp",
-	NID_id_smime_aa_ets_certCRLTimestamp,11,&(lvalues[1643]),0},
+	NID_id_smime_aa_ets_certCRLTimestamp,11,&(lvalues[1648]),0},
 {"id-smime-aa-ets-archiveTimeStamp",
 	"id-smime-aa-ets-archiveTimeStamp",
-	NID_id_smime_aa_ets_archiveTimeStamp,11,&(lvalues[1654]),0},
+	NID_id_smime_aa_ets_archiveTimeStamp,11,&(lvalues[1659]),0},
 {"id-smime-aa-signatureType","id-smime-aa-signatureType",
-	NID_id_smime_aa_signatureType,11,&(lvalues[1665]),0},
+	NID_id_smime_aa_signatureType,11,&(lvalues[1670]),0},
 {"id-smime-aa-dvcs-dvc","id-smime-aa-dvcs-dvc",
-	NID_id_smime_aa_dvcs_dvc,11,&(lvalues[1676]),0},
+	NID_id_smime_aa_dvcs_dvc,11,&(lvalues[1681]),0},
 {"id-smime-alg-ESDHwith3DES","id-smime-alg-ESDHwith3DES",
-	NID_id_smime_alg_ESDHwith3DES,11,&(lvalues[1687]),0},
+	NID_id_smime_alg_ESDHwith3DES,11,&(lvalues[1692]),0},
 {"id-smime-alg-ESDHwithRC2","id-smime-alg-ESDHwithRC2",
-	NID_id_smime_alg_ESDHwithRC2,11,&(lvalues[1698]),0},
+	NID_id_smime_alg_ESDHwithRC2,11,&(lvalues[1703]),0},
 {"id-smime-alg-3DESwrap","id-smime-alg-3DESwrap",
-	NID_id_smime_alg_3DESwrap,11,&(lvalues[1709]),0},
+	NID_id_smime_alg_3DESwrap,11,&(lvalues[1714]),0},
 {"id-smime-alg-RC2wrap","id-smime-alg-RC2wrap",
-	NID_id_smime_alg_RC2wrap,11,&(lvalues[1720]),0},
+	NID_id_smime_alg_RC2wrap,11,&(lvalues[1725]),0},
 {"id-smime-alg-ESDH","id-smime-alg-ESDH",NID_id_smime_alg_ESDH,11,
-	&(lvalues[1731]),0},
+	&(lvalues[1736]),0},
 {"id-smime-alg-CMS3DESwrap","id-smime-alg-CMS3DESwrap",
-	NID_id_smime_alg_CMS3DESwrap,11,&(lvalues[1742]),0},
+	NID_id_smime_alg_CMS3DESwrap,11,&(lvalues[1747]),0},
 {"id-smime-alg-CMSRC2wrap","id-smime-alg-CMSRC2wrap",
-	NID_id_smime_alg_CMSRC2wrap,11,&(lvalues[1753]),0},
+	NID_id_smime_alg_CMSRC2wrap,11,&(lvalues[1758]),0},
 {"id-smime-cd-ldap","id-smime-cd-ldap",NID_id_smime_cd_ldap,11,
-	&(lvalues[1764]),0},
+	&(lvalues[1769]),0},
 {"id-smime-spq-ets-sqt-uri","id-smime-spq-ets-sqt-uri",
-	NID_id_smime_spq_ets_sqt_uri,11,&(lvalues[1775]),0},
+	NID_id_smime_spq_ets_sqt_uri,11,&(lvalues[1780]),0},
 {"id-smime-spq-ets-sqt-unotice","id-smime-spq-ets-sqt-unotice",
-	NID_id_smime_spq_ets_sqt_unotice,11,&(lvalues[1786]),0},
+	NID_id_smime_spq_ets_sqt_unotice,11,&(lvalues[1791]),0},
 {"id-smime-cti-ets-proofOfOrigin","id-smime-cti-ets-proofOfOrigin",
-	NID_id_smime_cti_ets_proofOfOrigin,11,&(lvalues[1797]),0},
+	NID_id_smime_cti_ets_proofOfOrigin,11,&(lvalues[1802]),0},
 {"id-smime-cti-ets-proofOfReceipt","id-smime-cti-ets-proofOfReceipt",
-	NID_id_smime_cti_ets_proofOfReceipt,11,&(lvalues[1808]),0},
+	NID_id_smime_cti_ets_proofOfReceipt,11,&(lvalues[1813]),0},
 {"id-smime-cti-ets-proofOfDelivery",
 	"id-smime-cti-ets-proofOfDelivery",
-	NID_id_smime_cti_ets_proofOfDelivery,11,&(lvalues[1819]),0},
+	NID_id_smime_cti_ets_proofOfDelivery,11,&(lvalues[1824]),0},
 {"id-smime-cti-ets-proofOfSender","id-smime-cti-ets-proofOfSender",
-	NID_id_smime_cti_ets_proofOfSender,11,&(lvalues[1830]),0},
+	NID_id_smime_cti_ets_proofOfSender,11,&(lvalues[1835]),0},
 {"id-smime-cti-ets-proofOfApproval",
 	"id-smime-cti-ets-proofOfApproval",
-	NID_id_smime_cti_ets_proofOfApproval,11,&(lvalues[1841]),0},
+	NID_id_smime_cti_ets_proofOfApproval,11,&(lvalues[1846]),0},
 {"id-smime-cti-ets-proofOfCreation",
 	"id-smime-cti-ets-proofOfCreation",
-	NID_id_smime_cti_ets_proofOfCreation,11,&(lvalues[1852]),0},
-{"MD4","md4",NID_md4,8,&(lvalues[1863]),0},
-{"id-pkix-mod","id-pkix-mod",NID_id_pkix_mod,7,&(lvalues[1871]),0},
-{"id-qt","id-qt",NID_id_qt,7,&(lvalues[1878]),0},
-{"id-it","id-it",NID_id_it,7,&(lvalues[1885]),0},
-{"id-pkip","id-pkip",NID_id_pkip,7,&(lvalues[1892]),0},
-{"id-alg","id-alg",NID_id_alg,7,&(lvalues[1899]),0},
-{"id-cmc","id-cmc",NID_id_cmc,7,&(lvalues[1906]),0},
-{"id-on","id-on",NID_id_on,7,&(lvalues[1913]),0},
-{"id-pda","id-pda",NID_id_pda,7,&(lvalues[1920]),0},
-{"id-aca","id-aca",NID_id_aca,7,&(lvalues[1927]),0},
-{"id-qcs","id-qcs",NID_id_qcs,7,&(lvalues[1934]),0},
-{"id-cct","id-cct",NID_id_cct,7,&(lvalues[1941]),0},
+	NID_id_smime_cti_ets_proofOfCreation,11,&(lvalues[1857]),0},
+{"MD4","md4",NID_md4,8,&(lvalues[1868]),0},
+{"id-pkix-mod","id-pkix-mod",NID_id_pkix_mod,7,&(lvalues[1876]),0},
+{"id-qt","id-qt",NID_id_qt,7,&(lvalues[1883]),0},
+{"id-it","id-it",NID_id_it,7,&(lvalues[1890]),0},
+{"id-pkip","id-pkip",NID_id_pkip,7,&(lvalues[1897]),0},
+{"id-alg","id-alg",NID_id_alg,7,&(lvalues[1904]),0},
+{"id-cmc","id-cmc",NID_id_cmc,7,&(lvalues[1911]),0},
+{"id-on","id-on",NID_id_on,7,&(lvalues[1918]),0},
+{"id-pda","id-pda",NID_id_pda,7,&(lvalues[1925]),0},
+{"id-aca","id-aca",NID_id_aca,7,&(lvalues[1932]),0},
+{"id-qcs","id-qcs",NID_id_qcs,7,&(lvalues[1939]),0},
+{"id-cct","id-cct",NID_id_cct,7,&(lvalues[1946]),0},
 {"id-pkix1-explicit-88","id-pkix1-explicit-88",
-	NID_id_pkix1_explicit_88,8,&(lvalues[1948]),0},
+	NID_id_pkix1_explicit_88,8,&(lvalues[1953]),0},
 {"id-pkix1-implicit-88","id-pkix1-implicit-88",
-	NID_id_pkix1_implicit_88,8,&(lvalues[1956]),0},
+	NID_id_pkix1_implicit_88,8,&(lvalues[1961]),0},
 {"id-pkix1-explicit-93","id-pkix1-explicit-93",
-	NID_id_pkix1_explicit_93,8,&(lvalues[1964]),0},
+	NID_id_pkix1_explicit_93,8,&(lvalues[1969]),0},
 {"id-pkix1-implicit-93","id-pkix1-implicit-93",
-	NID_id_pkix1_implicit_93,8,&(lvalues[1972]),0},
-{"id-mod-crmf","id-mod-crmf",NID_id_mod_crmf,8,&(lvalues[1980]),0},
-{"id-mod-cmc","id-mod-cmc",NID_id_mod_cmc,8,&(lvalues[1988]),0},
+	NID_id_pkix1_implicit_93,8,&(lvalues[1977]),0},
+{"id-mod-crmf","id-mod-crmf",NID_id_mod_crmf,8,&(lvalues[1985]),0},
+{"id-mod-cmc","id-mod-cmc",NID_id_mod_cmc,8,&(lvalues[1993]),0},
 {"id-mod-kea-profile-88","id-mod-kea-profile-88",
-	NID_id_mod_kea_profile_88,8,&(lvalues[1996]),0},
+	NID_id_mod_kea_profile_88,8,&(lvalues[2001]),0},
 {"id-mod-kea-profile-93","id-mod-kea-profile-93",
-	NID_id_mod_kea_profile_93,8,&(lvalues[2004]),0},
-{"id-mod-cmp","id-mod-cmp",NID_id_mod_cmp,8,&(lvalues[2012]),0},
+	NID_id_mod_kea_profile_93,8,&(lvalues[2009]),0},
+{"id-mod-cmp","id-mod-cmp",NID_id_mod_cmp,8,&(lvalues[2017]),0},
 {"id-mod-qualified-cert-88","id-mod-qualified-cert-88",
-	NID_id_mod_qualified_cert_88,8,&(lvalues[2020]),0},
+	NID_id_mod_qualified_cert_88,8,&(lvalues[2025]),0},
 {"id-mod-qualified-cert-93","id-mod-qualified-cert-93",
-	NID_id_mod_qualified_cert_93,8,&(lvalues[2028]),0},
+	NID_id_mod_qualified_cert_93,8,&(lvalues[2033]),0},
 {"id-mod-attribute-cert","id-mod-attribute-cert",
-	NID_id_mod_attribute_cert,8,&(lvalues[2036]),0},
+	NID_id_mod_attribute_cert,8,&(lvalues[2041]),0},
 {"id-mod-timestamp-protocol","id-mod-timestamp-protocol",
-	NID_id_mod_timestamp_protocol,8,&(lvalues[2044]),0},
-{"id-mod-ocsp","id-mod-ocsp",NID_id_mod_ocsp,8,&(lvalues[2052]),0},
-{"id-mod-dvcs","id-mod-dvcs",NID_id_mod_dvcs,8,&(lvalues[2060]),0},
+	NID_id_mod_timestamp_protocol,8,&(lvalues[2049]),0},
+{"id-mod-ocsp","id-mod-ocsp",NID_id_mod_ocsp,8,&(lvalues[2057]),0},
+{"id-mod-dvcs","id-mod-dvcs",NID_id_mod_dvcs,8,&(lvalues[2065]),0},
 {"id-mod-cmp2000","id-mod-cmp2000",NID_id_mod_cmp2000,8,
-	&(lvalues[2068]),0},
-{"biometricInfo","Biometric Info",NID_biometricInfo,8,&(lvalues[2076]),0},
-{"qcStatements","qcStatements",NID_qcStatements,8,&(lvalues[2084]),0},
+	&(lvalues[2073]),0},
+{"biometricInfo","Biometric Info",NID_biometricInfo,8,&(lvalues[2081]),0},
+{"qcStatements","qcStatements",NID_qcStatements,8,&(lvalues[2089]),0},
 {"ac-auditEntity","ac-auditEntity",NID_ac_auditEntity,8,
-	&(lvalues[2092]),0},
-{"ac-targeting","ac-targeting",NID_ac_targeting,8,&(lvalues[2100]),0},
-{"aaControls","aaControls",NID_aaControls,8,&(lvalues[2108]),0},
-{"sbqp-ipAddrBlock","sbqp-ipAddrBlock",NID_sbqp_ipAddrBlock,8,
-	&(lvalues[2116]),0},
-{"sbqp-autonomousSysNum","sbqp-autonomousSysNum",
-	NID_sbqp_autonomousSysNum,8,&(lvalues[2124]),0},
-{"sbqp-routerIdentifier","sbqp-routerIdentifier",
-	NID_sbqp_routerIdentifier,8,&(lvalues[2132]),0},
-{"textNotice","textNotice",NID_textNotice,8,&(lvalues[2140]),0},
+	&(lvalues[2097]),0},
+{"ac-targeting","ac-targeting",NID_ac_targeting,8,&(lvalues[2105]),0},
+{"aaControls","aaControls",NID_aaControls,8,&(lvalues[2113]),0},
+{"sbgp-ipAddrBlock","sbgp-ipAddrBlock",NID_sbgp_ipAddrBlock,8,
+	&(lvalues[2121]),0},
+{"sbgp-autonomousSysNum","sbgp-autonomousSysNum",
+	NID_sbgp_autonomousSysNum,8,&(lvalues[2129]),0},
+{"sbgp-routerIdentifier","sbgp-routerIdentifier",
+	NID_sbgp_routerIdentifier,8,&(lvalues[2137]),0},
+{"textNotice","textNotice",NID_textNotice,8,&(lvalues[2145]),0},
 {"ipsecEndSystem","IPSec End System",NID_ipsecEndSystem,8,
-	&(lvalues[2148]),0},
-{"ipsecTunnel","IPSec Tunnel",NID_ipsecTunnel,8,&(lvalues[2156]),0},
-{"ipsecUser","IPSec User",NID_ipsecUser,8,&(lvalues[2164]),0},
-{"DVCS","dvcs",NID_dvcs,8,&(lvalues[2172]),0},
+	&(lvalues[2153]),0},
+{"ipsecTunnel","IPSec Tunnel",NID_ipsecTunnel,8,&(lvalues[2161]),0},
+{"ipsecUser","IPSec User",NID_ipsecUser,8,&(lvalues[2169]),0},
+{"DVCS","dvcs",NID_dvcs,8,&(lvalues[2177]),0},
 {"id-it-caProtEncCert","id-it-caProtEncCert",NID_id_it_caProtEncCert,
-	8,&(lvalues[2180]),0},
+	8,&(lvalues[2185]),0},
 {"id-it-signKeyPairTypes","id-it-signKeyPairTypes",
-	NID_id_it_signKeyPairTypes,8,&(lvalues[2188]),0},
+	NID_id_it_signKeyPairTypes,8,&(lvalues[2193]),0},
 {"id-it-encKeyPairTypes","id-it-encKeyPairTypes",
-	NID_id_it_encKeyPairTypes,8,&(lvalues[2196]),0},
+	NID_id_it_encKeyPairTypes,8,&(lvalues[2201]),0},
 {"id-it-preferredSymmAlg","id-it-preferredSymmAlg",
-	NID_id_it_preferredSymmAlg,8,&(lvalues[2204]),0},
+	NID_id_it_preferredSymmAlg,8,&(lvalues[2209]),0},
 {"id-it-caKeyUpdateInfo","id-it-caKeyUpdateInfo",
-	NID_id_it_caKeyUpdateInfo,8,&(lvalues[2212]),0},
+	NID_id_it_caKeyUpdateInfo,8,&(lvalues[2217]),0},
 {"id-it-currentCRL","id-it-currentCRL",NID_id_it_currentCRL,8,
-	&(lvalues[2220]),0},
+	&(lvalues[2225]),0},
 {"id-it-unsupportedOIDs","id-it-unsupportedOIDs",
-	NID_id_it_unsupportedOIDs,8,&(lvalues[2228]),0},
+	NID_id_it_unsupportedOIDs,8,&(lvalues[2233]),0},
 {"id-it-subscriptionRequest","id-it-subscriptionRequest",
-	NID_id_it_subscriptionRequest,8,&(lvalues[2236]),0},
+	NID_id_it_subscriptionRequest,8,&(lvalues[2241]),0},
 {"id-it-subscriptionResponse","id-it-subscriptionResponse",
-	NID_id_it_subscriptionResponse,8,&(lvalues[2244]),0},
+	NID_id_it_subscriptionResponse,8,&(lvalues[2249]),0},
 {"id-it-keyPairParamReq","id-it-keyPairParamReq",
-	NID_id_it_keyPairParamReq,8,&(lvalues[2252]),0},
+	NID_id_it_keyPairParamReq,8,&(lvalues[2257]),0},
 {"id-it-keyPairParamRep","id-it-keyPairParamRep",
-	NID_id_it_keyPairParamRep,8,&(lvalues[2260]),0},
+	NID_id_it_keyPairParamRep,8,&(lvalues[2265]),0},
 {"id-it-revPassphrase","id-it-revPassphrase",NID_id_it_revPassphrase,
-	8,&(lvalues[2268]),0},
+	8,&(lvalues[2273]),0},
 {"id-it-implicitConfirm","id-it-implicitConfirm",
-	NID_id_it_implicitConfirm,8,&(lvalues[2276]),0},
+	NID_id_it_implicitConfirm,8,&(lvalues[2281]),0},
 {"id-it-confirmWaitTime","id-it-confirmWaitTime",
-	NID_id_it_confirmWaitTime,8,&(lvalues[2284]),0},
+	NID_id_it_confirmWaitTime,8,&(lvalues[2289]),0},
 {"id-it-origPKIMessage","id-it-origPKIMessage",
-	NID_id_it_origPKIMessage,8,&(lvalues[2292]),0},
-{"id-regCtrl","id-regCtrl",NID_id_regCtrl,8,&(lvalues[2300]),0},
-{"id-regInfo","id-regInfo",NID_id_regInfo,8,&(lvalues[2308]),0},
+	NID_id_it_origPKIMessage,8,&(lvalues[2297]),0},
+{"id-regCtrl","id-regCtrl",NID_id_regCtrl,8,&(lvalues[2305]),0},
+{"id-regInfo","id-regInfo",NID_id_regInfo,8,&(lvalues[2313]),0},
 {"id-regCtrl-regToken","id-regCtrl-regToken",NID_id_regCtrl_regToken,
-	9,&(lvalues[2316]),0},
+	9,&(lvalues[2321]),0},
 {"id-regCtrl-authenticator","id-regCtrl-authenticator",
-	NID_id_regCtrl_authenticator,9,&(lvalues[2325]),0},
+	NID_id_regCtrl_authenticator,9,&(lvalues[2330]),0},
 {"id-regCtrl-pkiPublicationInfo","id-regCtrl-pkiPublicationInfo",
-	NID_id_regCtrl_pkiPublicationInfo,9,&(lvalues[2334]),0},
+	NID_id_regCtrl_pkiPublicationInfo,9,&(lvalues[2339]),0},
 {"id-regCtrl-pkiArchiveOptions","id-regCtrl-pkiArchiveOptions",
-	NID_id_regCtrl_pkiArchiveOptions,9,&(lvalues[2343]),0},
+	NID_id_regCtrl_pkiArchiveOptions,9,&(lvalues[2348]),0},
 {"id-regCtrl-oldCertID","id-regCtrl-oldCertID",
-	NID_id_regCtrl_oldCertID,9,&(lvalues[2352]),0},
+	NID_id_regCtrl_oldCertID,9,&(lvalues[2357]),0},
 {"id-regCtrl-protocolEncrKey","id-regCtrl-protocolEncrKey",
-	NID_id_regCtrl_protocolEncrKey,9,&(lvalues[2361]),0},
+	NID_id_regCtrl_protocolEncrKey,9,&(lvalues[2366]),0},
 {"id-regInfo-utf8Pairs","id-regInfo-utf8Pairs",
-	NID_id_regInfo_utf8Pairs,9,&(lvalues[2370]),0},
+	NID_id_regInfo_utf8Pairs,9,&(lvalues[2375]),0},
 {"id-regInfo-certReq","id-regInfo-certReq",NID_id_regInfo_certReq,9,
-	&(lvalues[2379]),0},
-{"id-alg-des40","id-alg-des40",NID_id_alg_des40,8,&(lvalues[2388]),0},
+	&(lvalues[2384]),0},
+{"id-alg-des40","id-alg-des40",NID_id_alg_des40,8,&(lvalues[2393]),0},
 {"id-alg-noSignature","id-alg-noSignature",NID_id_alg_noSignature,8,
-	&(lvalues[2396]),0},
+	&(lvalues[2401]),0},
 {"id-alg-dh-sig-hmac-sha1","id-alg-dh-sig-hmac-sha1",
-	NID_id_alg_dh_sig_hmac_sha1,8,&(lvalues[2404]),0},
-{"id-alg-dh-pop","id-alg-dh-pop",NID_id_alg_dh_pop,8,&(lvalues[2412]),0},
+	NID_id_alg_dh_sig_hmac_sha1,8,&(lvalues[2409]),0},
+{"id-alg-dh-pop","id-alg-dh-pop",NID_id_alg_dh_pop,8,&(lvalues[2417]),0},
 {"id-cmc-statusInfo","id-cmc-statusInfo",NID_id_cmc_statusInfo,8,
-	&(lvalues[2420]),0},
+	&(lvalues[2425]),0},
 {"id-cmc-identification","id-cmc-identification",
-	NID_id_cmc_identification,8,&(lvalues[2428]),0},
+	NID_id_cmc_identification,8,&(lvalues[2433]),0},
 {"id-cmc-identityProof","id-cmc-identityProof",
-	NID_id_cmc_identityProof,8,&(lvalues[2436]),0},
+	NID_id_cmc_identityProof,8,&(lvalues[2441]),0},
 {"id-cmc-dataReturn","id-cmc-dataReturn",NID_id_cmc_dataReturn,8,
-	&(lvalues[2444]),0},
+	&(lvalues[2449]),0},
 {"id-cmc-transactionId","id-cmc-transactionId",
-	NID_id_cmc_transactionId,8,&(lvalues[2452]),0},
+	NID_id_cmc_transactionId,8,&(lvalues[2457]),0},
 {"id-cmc-senderNonce","id-cmc-senderNonce",NID_id_cmc_senderNonce,8,
-	&(lvalues[2460]),0},
+	&(lvalues[2465]),0},
 {"id-cmc-recipientNonce","id-cmc-recipientNonce",
-	NID_id_cmc_recipientNonce,8,&(lvalues[2468]),0},
+	NID_id_cmc_recipientNonce,8,&(lvalues[2473]),0},
 {"id-cmc-addExtensions","id-cmc-addExtensions",
-	NID_id_cmc_addExtensions,8,&(lvalues[2476]),0},
+	NID_id_cmc_addExtensions,8,&(lvalues[2481]),0},
 {"id-cmc-encryptedPOP","id-cmc-encryptedPOP",NID_id_cmc_encryptedPOP,
-	8,&(lvalues[2484]),0},
+	8,&(lvalues[2489]),0},
 {"id-cmc-decryptedPOP","id-cmc-decryptedPOP",NID_id_cmc_decryptedPOP,
-	8,&(lvalues[2492]),0},
+	8,&(lvalues[2497]),0},
 {"id-cmc-lraPOPWitness","id-cmc-lraPOPWitness",
-	NID_id_cmc_lraPOPWitness,8,&(lvalues[2500]),0},
+	NID_id_cmc_lraPOPWitness,8,&(lvalues[2505]),0},
 {"id-cmc-getCert","id-cmc-getCert",NID_id_cmc_getCert,8,
-	&(lvalues[2508]),0},
-{"id-cmc-getCRL","id-cmc-getCRL",NID_id_cmc_getCRL,8,&(lvalues[2516]),0},
+	&(lvalues[2513]),0},
+{"id-cmc-getCRL","id-cmc-getCRL",NID_id_cmc_getCRL,8,&(lvalues[2521]),0},
 {"id-cmc-revokeRequest","id-cmc-revokeRequest",
-	NID_id_cmc_revokeRequest,8,&(lvalues[2524]),0},
+	NID_id_cmc_revokeRequest,8,&(lvalues[2529]),0},
 {"id-cmc-regInfo","id-cmc-regInfo",NID_id_cmc_regInfo,8,
-	&(lvalues[2532]),0},
+	&(lvalues[2537]),0},
 {"id-cmc-responseInfo","id-cmc-responseInfo",NID_id_cmc_responseInfo,
-	8,&(lvalues[2540]),0},
+	8,&(lvalues[2545]),0},
 {"id-cmc-queryPending","id-cmc-queryPending",NID_id_cmc_queryPending,
-	8,&(lvalues[2548]),0},
+	8,&(lvalues[2553]),0},
 {"id-cmc-popLinkRandom","id-cmc-popLinkRandom",
-	NID_id_cmc_popLinkRandom,8,&(lvalues[2556]),0},
+	NID_id_cmc_popLinkRandom,8,&(lvalues[2561]),0},
 {"id-cmc-popLinkWitness","id-cmc-popLinkWitness",
-	NID_id_cmc_popLinkWitness,8,&(lvalues[2564]),0},
+	NID_id_cmc_popLinkWitness,8,&(lvalues[2569]),0},
 {"id-cmc-confirmCertAcceptance","id-cmc-confirmCertAcceptance",
-	NID_id_cmc_confirmCertAcceptance,8,&(lvalues[2572]),0},
+	NID_id_cmc_confirmCertAcceptance,8,&(lvalues[2577]),0},
 {"id-on-personalData","id-on-personalData",NID_id_on_personalData,8,
-	&(lvalues[2580]),0},
+	&(lvalues[2585]),0},
 {"id-pda-dateOfBirth","id-pda-dateOfBirth",NID_id_pda_dateOfBirth,8,
-	&(lvalues[2588]),0},
+	&(lvalues[2593]),0},
 {"id-pda-placeOfBirth","id-pda-placeOfBirth",NID_id_pda_placeOfBirth,
-	8,&(lvalues[2596]),0},
-{NULL,NULL,NID_undef,0,NULL},
-{"id-pda-gender","id-pda-gender",NID_id_pda_gender,8,&(lvalues[2604]),0},
+	8,&(lvalues[2601]),0},
+{NULL,NULL,NID_undef,0,NULL,0},
+{"id-pda-gender","id-pda-gender",NID_id_pda_gender,8,&(lvalues[2609]),0},
 {"id-pda-countryOfCitizenship","id-pda-countryOfCitizenship",
-	NID_id_pda_countryOfCitizenship,8,&(lvalues[2612]),0},
+	NID_id_pda_countryOfCitizenship,8,&(lvalues[2617]),0},
 {"id-pda-countryOfResidence","id-pda-countryOfResidence",
-	NID_id_pda_countryOfResidence,8,&(lvalues[2620]),0},
+	NID_id_pda_countryOfResidence,8,&(lvalues[2625]),0},
 {"id-aca-authenticationInfo","id-aca-authenticationInfo",
-	NID_id_aca_authenticationInfo,8,&(lvalues[2628]),0},
+	NID_id_aca_authenticationInfo,8,&(lvalues[2633]),0},
 {"id-aca-accessIdentity","id-aca-accessIdentity",
-	NID_id_aca_accessIdentity,8,&(lvalues[2636]),0},
+	NID_id_aca_accessIdentity,8,&(lvalues[2641]),0},
 {"id-aca-chargingIdentity","id-aca-chargingIdentity",
-	NID_id_aca_chargingIdentity,8,&(lvalues[2644]),0},
-{"id-aca-group","id-aca-group",NID_id_aca_group,8,&(lvalues[2652]),0},
-{"id-aca-role","id-aca-role",NID_id_aca_role,8,&(lvalues[2660]),0},
+	NID_id_aca_chargingIdentity,8,&(lvalues[2649]),0},
+{"id-aca-group","id-aca-group",NID_id_aca_group,8,&(lvalues[2657]),0},
+{"id-aca-role","id-aca-role",NID_id_aca_role,8,&(lvalues[2665]),0},
 {"id-qcs-pkixQCSyntax-v1","id-qcs-pkixQCSyntax-v1",
-	NID_id_qcs_pkixQCSyntax_v1,8,&(lvalues[2668]),0},
-{"id-cct-crs","id-cct-crs",NID_id_cct_crs,8,&(lvalues[2676]),0},
+	NID_id_qcs_pkixQCSyntax_v1,8,&(lvalues[2673]),0},
+{"id-cct-crs","id-cct-crs",NID_id_cct_crs,8,&(lvalues[2681]),0},
 {"id-cct-PKIData","id-cct-PKIData",NID_id_cct_PKIData,8,
-	&(lvalues[2684]),0},
+	&(lvalues[2689]),0},
 {"id-cct-PKIResponse","id-cct-PKIResponse",NID_id_cct_PKIResponse,8,
-	&(lvalues[2692]),0},
+	&(lvalues[2697]),0},
 {"ad_timestamping","AD Time Stamping",NID_ad_timeStamping,8,
-	&(lvalues[2700]),0},
-{"AD_DVCS","ad dvcs",NID_ad_dvcs,8,&(lvalues[2708]),0},
+	&(lvalues[2705]),0},
+{"AD_DVCS","ad dvcs",NID_ad_dvcs,8,&(lvalues[2713]),0},
 {"basicOCSPResponse","Basic OCSP Response",NID_id_pkix_OCSP_basic,9,
-	&(lvalues[2716]),0},
-{"Nonce","OCSP Nonce",NID_id_pkix_OCSP_Nonce,9,&(lvalues[2725]),0},
-{"CrlID","OCSP CRL ID",NID_id_pkix_OCSP_CrlID,9,&(lvalues[2734]),0},
+	&(lvalues[2721]),0},
+{"Nonce","OCSP Nonce",NID_id_pkix_OCSP_Nonce,9,&(lvalues[2730]),0},
+{"CrlID","OCSP CRL ID",NID_id_pkix_OCSP_CrlID,9,&(lvalues[2739]),0},
 {"acceptableResponses","Acceptable OCSP Responses",
-	NID_id_pkix_OCSP_acceptableResponses,9,&(lvalues[2743]),0},
-{"noCheck","OCSP No Check",NID_id_pkix_OCSP_noCheck,9,&(lvalues[2752]),0},
+	NID_id_pkix_OCSP_acceptableResponses,9,&(lvalues[2748]),0},
+{"noCheck","OCSP No Check",NID_id_pkix_OCSP_noCheck,9,&(lvalues[2757]),0},
 {"archiveCutoff","OCSP Archive Cutoff",NID_id_pkix_OCSP_archiveCutoff,
-	9,&(lvalues[2761]),0},
+	9,&(lvalues[2766]),0},
 {"serviceLocator","OCSP Service Locator",
-	NID_id_pkix_OCSP_serviceLocator,9,&(lvalues[2770]),0},
+	NID_id_pkix_OCSP_serviceLocator,9,&(lvalues[2775]),0},
 {"extendedStatus","Extended OCSP Status",
-	NID_id_pkix_OCSP_extendedStatus,9,&(lvalues[2779]),0},
-{"valid","valid",NID_id_pkix_OCSP_valid,9,&(lvalues[2788]),0},
-{"path","path",NID_id_pkix_OCSP_path,9,&(lvalues[2797]),0},
+	NID_id_pkix_OCSP_extendedStatus,9,&(lvalues[2784]),0},
+{"valid","valid",NID_id_pkix_OCSP_valid,9,&(lvalues[2793]),0},
+{"path","path",NID_id_pkix_OCSP_path,9,&(lvalues[2802]),0},
 {"trustRoot","Trust Root",NID_id_pkix_OCSP_trustRoot,9,
-	&(lvalues[2806]),0},
-{"algorithm","algorithm",NID_algorithm,4,&(lvalues[2815]),0},
-{"rsaSignature","rsaSignature",NID_rsaSignature,5,&(lvalues[2819]),0},
+	&(lvalues[2811]),0},
+{"algorithm","algorithm",NID_algorithm,4,&(lvalues[2820]),0},
+{"rsaSignature","rsaSignature",NID_rsaSignature,5,&(lvalues[2824]),0},
 {"X500algorithms","directory services - algorithms",
-	NID_X500algorithms,2,&(lvalues[2824]),0},
-{"ORG","org",NID_org,1,&(lvalues[2826]),0},
-{"DOD","dod",NID_dod,2,&(lvalues[2827]),0},
-{"IANA","iana",NID_iana,3,&(lvalues[2829]),0},
-{"directory","Directory",NID_Directory,4,&(lvalues[2832]),0},
-{"mgmt","Management",NID_Management,4,&(lvalues[2836]),0},
-{"experimental","Experimental",NID_Experimental,4,&(lvalues[2840]),0},
-{"private","Private",NID_Private,4,&(lvalues[2844]),0},
-{"security","Security",NID_Security,4,&(lvalues[2848]),0},
-{"snmpv2","SNMPv2",NID_SNMPv2,4,&(lvalues[2852]),0},
-{"Mail","Mail",NID_Mail,4,&(lvalues[2856]),0},
-{"enterprises","Enterprises",NID_Enterprises,5,&(lvalues[2860]),0},
-{"dcobject","dcObject",NID_dcObject,9,&(lvalues[2865]),0},
-{"DC","domainComponent",NID_domainComponent,10,&(lvalues[2874]),0},
-{"domain","Domain",NID_Domain,10,&(lvalues[2884]),0},
-{"NULL","NULL",NID_joint_iso_ccitt,1,&(lvalues[2894]),0},
+	NID_X500algorithms,2,&(lvalues[2829]),0},
+{"ORG","org",NID_org,1,&(lvalues[2831]),0},
+{"DOD","dod",NID_dod,2,&(lvalues[2832]),0},
+{"IANA","iana",NID_iana,3,&(lvalues[2834]),0},
+{"directory","Directory",NID_Directory,4,&(lvalues[2837]),0},
+{"mgmt","Management",NID_Management,4,&(lvalues[2841]),0},
+{"experimental","Experimental",NID_Experimental,4,&(lvalues[2845]),0},
+{"private","Private",NID_Private,4,&(lvalues[2849]),0},
+{"security","Security",NID_Security,4,&(lvalues[2853]),0},
+{"snmpv2","SNMPv2",NID_SNMPv2,4,&(lvalues[2857]),0},
+{"Mail","Mail",NID_Mail,4,&(lvalues[2861]),0},
+{"enterprises","Enterprises",NID_Enterprises,5,&(lvalues[2865]),0},
+{"dcobject","dcObject",NID_dcObject,9,&(lvalues[2870]),0},
+{"DC","domainComponent",NID_domainComponent,10,&(lvalues[2879]),0},
+{"domain","Domain",NID_Domain,10,&(lvalues[2889]),0},
+{"NULL","NULL",NID_joint_iso_ccitt,1,&(lvalues[2899]),0},
 {"selected-attribute-types","Selected Attribute Types",
-	NID_selected_attribute_types,3,&(lvalues[2895]),0},
-{"clearance","clearance",NID_clearance,4,&(lvalues[2898]),0},
+	NID_selected_attribute_types,3,&(lvalues[2900]),0},
+{"clearance","clearance",NID_clearance,4,&(lvalues[2903]),0},
 {"RSA-MD4","md4WithRSAEncryption",NID_md4WithRSAEncryption,9,
-	&(lvalues[2902]),0},
-{"ac-proxying","ac-proxying",NID_ac_proxying,8,&(lvalues[2911]),0},
+	&(lvalues[2907]),0},
+{"ac-proxying","ac-proxying",NID_ac_proxying,8,&(lvalues[2916]),0},
 {"subjectInfoAccess","Subject Information Access",NID_sinfo_access,8,
-	&(lvalues[2919]),0},
+	&(lvalues[2924]),0},
 {"id-aca-encAttrs","id-aca-encAttrs",NID_id_aca_encAttrs,8,
-	&(lvalues[2927]),0},
-{"role","role",NID_role,3,&(lvalues[2935]),0},
+	&(lvalues[2932]),0},
+{"role","role",NID_role,3,&(lvalues[2940]),0},
 {"policyConstraints","X509v3 Policy Constraints",
-	NID_policy_constraints,3,&(lvalues[2938]),0},
+	NID_policy_constraints,3,&(lvalues[2943]),0},
 {"targetInformation","X509v3 AC Targeting",NID_target_information,3,
-	&(lvalues[2941]),0},
+	&(lvalues[2946]),0},
 {"noRevAvail","X509v3 No Revocation Available",NID_no_rev_avail,3,
-	&(lvalues[2944]),0},
-{"NULL","NULL",NID_ccitt,1,&(lvalues[2947]),0},
-{"ansi-X9-62","ANSI X9.62",NID_ansi_X9_62,5,&(lvalues[2948]),0},
-{"prime-field","prime-field",NID_X9_62_prime_field,7,&(lvalues[2953]),0},
+	&(lvalues[2949]),0},
+{"NULL","NULL",NID_ccitt,1,&(lvalues[2952]),0},
+{"ansi-X9-62","ANSI X9.62",NID_ansi_X9_62,5,&(lvalues[2953]),0},
+{"prime-field","prime-field",NID_X9_62_prime_field,7,&(lvalues[2958]),0},
 {"characteristic-two-field","characteristic-two-field",
-	NID_X9_62_characteristic_two_field,7,&(lvalues[2960]),0},
+	NID_X9_62_characteristic_two_field,7,&(lvalues[2965]),0},
 {"id-ecPublicKey","id-ecPublicKey",NID_X9_62_id_ecPublicKey,7,
-	&(lvalues[2967]),0},
-{"prime192v1","prime192v1",NID_X9_62_prime192v1,8,&(lvalues[2974]),0},
-{"prime192v2","prime192v2",NID_X9_62_prime192v2,8,&(lvalues[2982]),0},
-{"prime192v3","prime192v3",NID_X9_62_prime192v3,8,&(lvalues[2990]),0},
-{"prime239v1","prime239v1",NID_X9_62_prime239v1,8,&(lvalues[2998]),0},
-{"prime239v2","prime239v2",NID_X9_62_prime239v2,8,&(lvalues[3006]),0},
-{"prime239v3","prime239v3",NID_X9_62_prime239v3,8,&(lvalues[3014]),0},
-{"prime256v1","prime256v1",NID_X9_62_prime256v1,8,&(lvalues[3022]),0},
+	&(lvalues[2972]),0},
+{"prime192v1","prime192v1",NID_X9_62_prime192v1,8,&(lvalues[2979]),0},
+{"prime192v2","prime192v2",NID_X9_62_prime192v2,8,&(lvalues[2987]),0},
+{"prime192v3","prime192v3",NID_X9_62_prime192v3,8,&(lvalues[2995]),0},
+{"prime239v1","prime239v1",NID_X9_62_prime239v1,8,&(lvalues[3003]),0},
+{"prime239v2","prime239v2",NID_X9_62_prime239v2,8,&(lvalues[3011]),0},
+{"prime239v3","prime239v3",NID_X9_62_prime239v3,8,&(lvalues[3019]),0},
+{"prime256v1","prime256v1",NID_X9_62_prime256v1,8,&(lvalues[3027]),0},
 {"ecdsa-with-SHA1","ecdsa-with-SHA1",NID_ecdsa_with_SHA1,7,
-	&(lvalues[3030]),0},
-{"CSPName","Microsoft CSP Name",NID_ms_csp_name,9,&(lvalues[3037]),0},
-{"AES-128-ECB","aes-128-ecb",NID_aes_128_ecb,9,&(lvalues[3046]),0},
-{"AES-128-CBC","aes-128-cbc",NID_aes_128_cbc,9,&(lvalues[3055]),0},
-{"AES-128-OFB","aes-128-ofb",NID_aes_128_ofb128,9,&(lvalues[3064]),0},
-{"AES-128-CFB","aes-128-cfb",NID_aes_128_cfb128,9,&(lvalues[3073]),0},
-{"AES-192-ECB","aes-192-ecb",NID_aes_192_ecb,9,&(lvalues[3082]),0},
-{"AES-192-CBC","aes-192-cbc",NID_aes_192_cbc,9,&(lvalues[3091]),0},
-{"AES-192-OFB","aes-192-ofb",NID_aes_192_ofb128,9,&(lvalues[3100]),0},
-{"AES-192-CFB","aes-192-cfb",NID_aes_192_cfb128,9,&(lvalues[3109]),0},
-{"AES-256-ECB","aes-256-ecb",NID_aes_256_ecb,9,&(lvalues[3118]),0},
-{"AES-256-CBC","aes-256-cbc",NID_aes_256_cbc,9,&(lvalues[3127]),0},
-{"AES-256-OFB","aes-256-ofb",NID_aes_256_ofb128,9,&(lvalues[3136]),0},
-{"AES-256-CFB","aes-256-cfb",NID_aes_256_cfb128,9,&(lvalues[3145]),0},
+	&(lvalues[3035]),0},
+{"CSPName","Microsoft CSP Name",NID_ms_csp_name,9,&(lvalues[3042]),0},
+{"AES-128-ECB","aes-128-ecb",NID_aes_128_ecb,9,&(lvalues[3051]),0},
+{"AES-128-CBC","aes-128-cbc",NID_aes_128_cbc,9,&(lvalues[3060]),0},
+{"AES-128-OFB","aes-128-ofb",NID_aes_128_ofb128,9,&(lvalues[3069]),0},
+{"AES-128-CFB","aes-128-cfb",NID_aes_128_cfb128,9,&(lvalues[3078]),0},
+{"AES-192-ECB","aes-192-ecb",NID_aes_192_ecb,9,&(lvalues[3087]),0},
+{"AES-192-CBC","aes-192-cbc",NID_aes_192_cbc,9,&(lvalues[3096]),0},
+{"AES-192-OFB","aes-192-ofb",NID_aes_192_ofb128,9,&(lvalues[3105]),0},
+{"AES-192-CFB","aes-192-cfb",NID_aes_192_cfb128,9,&(lvalues[3114]),0},
+{"AES-256-ECB","aes-256-ecb",NID_aes_256_ecb,9,&(lvalues[3123]),0},
+{"AES-256-CBC","aes-256-cbc",NID_aes_256_cbc,9,&(lvalues[3132]),0},
+{"AES-256-OFB","aes-256-ofb",NID_aes_256_ofb128,9,&(lvalues[3141]),0},
+{"AES-256-CFB","aes-256-cfb",NID_aes_256_cfb128,9,&(lvalues[3150]),0},
 {"holdInstructionCode","Hold Instruction Code",
-	NID_hold_instruction_code,3,&(lvalues[3154]),0},
+	NID_hold_instruction_code,3,&(lvalues[3159]),0},
 {"holdInstructionNone","Hold Instruction None",
-	NID_hold_instruction_none,7,&(lvalues[3157]),0},
+	NID_hold_instruction_none,7,&(lvalues[3162]),0},
 {"holdInstructionCallIssuer","Hold Instruction Call Issuer",
-	NID_hold_instruction_call_issuer,7,&(lvalues[3164]),0},
+	NID_hold_instruction_call_issuer,7,&(lvalues[3169]),0},
 {"holdInstructionReject","Hold Instruction Reject",
-	NID_hold_instruction_reject,7,&(lvalues[3171]),0},
-{"data","data",NID_data,1,&(lvalues[3178]),0},
-{"pss","pss",NID_pss,3,&(lvalues[3179]),0},
-{"ucl","ucl",NID_ucl,7,&(lvalues[3182]),0},
-{"pilot","pilot",NID_pilot,8,&(lvalues[3189]),0},
+	NID_hold_instruction_reject,7,&(lvalues[3176]),0},
+{"data","data",NID_data,1,&(lvalues[3183]),0},
+{"pss","pss",NID_pss,3,&(lvalues[3184]),0},
+{"ucl","ucl",NID_ucl,7,&(lvalues[3187]),0},
+{"pilot","pilot",NID_pilot,8,&(lvalues[3194]),0},
 {"pilotAttributeType","pilotAttributeType",NID_pilotAttributeType,9,
-	&(lvalues[3197]),0},
+	&(lvalues[3202]),0},
 {"pilotAttributeSyntax","pilotAttributeSyntax",
-	NID_pilotAttributeSyntax,9,&(lvalues[3206]),0},
+	NID_pilotAttributeSyntax,9,&(lvalues[3211]),0},
 {"pilotObjectClass","pilotObjectClass",NID_pilotObjectClass,9,
-	&(lvalues[3215]),0},
-{"pilotGroups","pilotGroups",NID_pilotGroups,9,&(lvalues[3224]),0},
+	&(lvalues[3220]),0},
+{"pilotGroups","pilotGroups",NID_pilotGroups,9,&(lvalues[3229]),0},
 {"iA5StringSyntax","iA5StringSyntax",NID_iA5StringSyntax,10,
-	&(lvalues[3233]),0},
+	&(lvalues[3238]),0},
 {"caseIgnoreIA5StringSyntax","caseIgnoreIA5StringSyntax",
-	NID_caseIgnoreIA5StringSyntax,10,&(lvalues[3243]),0},
-{"pilotObject","pilotObject",NID_pilotObject,10,&(lvalues[3253]),0},
-{"pilotPerson","pilotPerson",NID_pilotPerson,10,&(lvalues[3263]),0},
-{"account","account",NID_account,10,&(lvalues[3273]),0},
-{"document","document",NID_document,10,&(lvalues[3283]),0},
-{"room","room",NID_room,10,&(lvalues[3293]),0},
+	NID_caseIgnoreIA5StringSyntax,10,&(lvalues[3248]),0},
+{"pilotObject","pilotObject",NID_pilotObject,10,&(lvalues[3258]),0},
+{"pilotPerson","pilotPerson",NID_pilotPerson,10,&(lvalues[3268]),0},
+{"account","account",NID_account,10,&(lvalues[3278]),0},
+{"document","document",NID_document,10,&(lvalues[3288]),0},
+{"room","room",NID_room,10,&(lvalues[3298]),0},
 {"documentSeries","documentSeries",NID_documentSeries,10,
-	&(lvalues[3303]),0},
+	&(lvalues[3308]),0},
 {"rFC822localPart","rFC822localPart",NID_rFC822localPart,10,
-	&(lvalues[3313]),0},
-{"dNSDomain","dNSDomain",NID_dNSDomain,10,&(lvalues[3323]),0},
+	&(lvalues[3318]),0},
+{"dNSDomain","dNSDomain",NID_dNSDomain,10,&(lvalues[3328]),0},
 {"domainRelatedObject","domainRelatedObject",NID_domainRelatedObject,
-	10,&(lvalues[3333]),0},
+	10,&(lvalues[3338]),0},
 {"friendlyCountry","friendlyCountry",NID_friendlyCountry,10,
-	&(lvalues[3343]),0},
+	&(lvalues[3348]),0},
 {"simpleSecurityObject","simpleSecurityObject",
-	NID_simpleSecurityObject,10,&(lvalues[3353]),0},
+	NID_simpleSecurityObject,10,&(lvalues[3358]),0},
 {"pilotOrganization","pilotOrganization",NID_pilotOrganization,10,
-	&(lvalues[3363]),0},
-{"pilotDSA","pilotDSA",NID_pilotDSA,10,&(lvalues[3373]),0},
+	&(lvalues[3368]),0},
+{"pilotDSA","pilotDSA",NID_pilotDSA,10,&(lvalues[3378]),0},
 {"qualityLabelledData","qualityLabelledData",NID_qualityLabelledData,
-	10,&(lvalues[3383]),0},
-{"UID","userId",NID_userId,10,&(lvalues[3393]),0},
+	10,&(lvalues[3388]),0},
+{"UID","userId",NID_userId,10,&(lvalues[3398]),0},
 {"textEncodedORAddress","textEncodedORAddress",
-	NID_textEncodedORAddress,10,&(lvalues[3403]),0},
-{"mail","rfc822Mailbox",NID_rfc822Mailbox,10,&(lvalues[3413]),0},
-{"info","info",NID_info,10,&(lvalues[3423]),0},
+	NID_textEncodedORAddress,10,&(lvalues[3408]),0},
+{"mail","rfc822Mailbox",NID_rfc822Mailbox,10,&(lvalues[3418]),0},
+{"info","info",NID_info,10,&(lvalues[3428]),0},
 {"favouriteDrink","favouriteDrink",NID_favouriteDrink,10,
-	&(lvalues[3433]),0},
-{"roomNumber","roomNumber",NID_roomNumber,10,&(lvalues[3443]),0},
-{"photo","photo",NID_photo,10,&(lvalues[3453]),0},
-{"userClass","userClass",NID_userClass,10,&(lvalues[3463]),0},
-{"host","host",NID_host,10,&(lvalues[3473]),0},
-{"manager","manager",NID_manager,10,&(lvalues[3483]),0},
+	&(lvalues[3438]),0},
+{"roomNumber","roomNumber",NID_roomNumber,10,&(lvalues[3448]),0},
+{"photo","photo",NID_photo,10,&(lvalues[3458]),0},
+{"userClass","userClass",NID_userClass,10,&(lvalues[3468]),0},
+{"host","host",NID_host,10,&(lvalues[3478]),0},
+{"manager","manager",NID_manager,10,&(lvalues[3488]),0},
 {"documentIdentifier","documentIdentifier",NID_documentIdentifier,10,
-	&(lvalues[3493]),0},
-{"documentTitle","documentTitle",NID_documentTitle,10,&(lvalues[3503]),0},
+	&(lvalues[3498]),0},
+{"documentTitle","documentTitle",NID_documentTitle,10,&(lvalues[3508]),0},
 {"documentVersion","documentVersion",NID_documentVersion,10,
-	&(lvalues[3513]),0},
+	&(lvalues[3518]),0},
 {"documentAuthor","documentAuthor",NID_documentAuthor,10,
-	&(lvalues[3523]),0},
+	&(lvalues[3528]),0},
 {"documentLocation","documentLocation",NID_documentLocation,10,
-	&(lvalues[3533]),0},
+	&(lvalues[3538]),0},
 {"homeTelephoneNumber","homeTelephoneNumber",NID_homeTelephoneNumber,
-	10,&(lvalues[3543]),0},
-{"secretary","secretary",NID_secretary,10,&(lvalues[3553]),0},
-{"otherMailbox","otherMailbox",NID_otherMailbox,10,&(lvalues[3563]),0},
+	10,&(lvalues[3548]),0},
+{"secretary","secretary",NID_secretary,10,&(lvalues[3558]),0},
+{"otherMailbox","otherMailbox",NID_otherMailbox,10,&(lvalues[3568]),0},
 {"lastModifiedTime","lastModifiedTime",NID_lastModifiedTime,10,
-	&(lvalues[3573]),0},
+	&(lvalues[3578]),0},
 {"lastModifiedBy","lastModifiedBy",NID_lastModifiedBy,10,
-	&(lvalues[3583]),0},
-{"aRecord","aRecord",NID_aRecord,10,&(lvalues[3593]),0},
+	&(lvalues[3588]),0},
+{"aRecord","aRecord",NID_aRecord,10,&(lvalues[3598]),0},
 {"pilotAttributeType27","pilotAttributeType27",
-	NID_pilotAttributeType27,10,&(lvalues[3603]),0},
-{"mXRecord","mXRecord",NID_mXRecord,10,&(lvalues[3613]),0},
-{"nSRecord","nSRecord",NID_nSRecord,10,&(lvalues[3623]),0},
-{"sOARecord","sOARecord",NID_sOARecord,10,&(lvalues[3633]),0},
-{"cNAMERecord","cNAMERecord",NID_cNAMERecord,10,&(lvalues[3643]),0},
+	NID_pilotAttributeType27,10,&(lvalues[3608]),0},
+{"mXRecord","mXRecord",NID_mXRecord,10,&(lvalues[3618]),0},
+{"nSRecord","nSRecord",NID_nSRecord,10,&(lvalues[3628]),0},
+{"sOARecord","sOARecord",NID_sOARecord,10,&(lvalues[3638]),0},
+{"cNAMERecord","cNAMERecord",NID_cNAMERecord,10,&(lvalues[3648]),0},
 {"associatedDomain","associatedDomain",NID_associatedDomain,10,
-	&(lvalues[3653]),0},
+	&(lvalues[3658]),0},
 {"associatedName","associatedName",NID_associatedName,10,
-	&(lvalues[3663]),0},
+	&(lvalues[3668]),0},
 {"homePostalAddress","homePostalAddress",NID_homePostalAddress,10,
-	&(lvalues[3673]),0},
-{"personalTitle","personalTitle",NID_personalTitle,10,&(lvalues[3683]),0},
+	&(lvalues[3678]),0},
+{"personalTitle","personalTitle",NID_personalTitle,10,&(lvalues[3688]),0},
 {"mobileTelephoneNumber","mobileTelephoneNumber",
-	NID_mobileTelephoneNumber,10,&(lvalues[3693]),0},
+	NID_mobileTelephoneNumber,10,&(lvalues[3698]),0},
 {"pagerTelephoneNumber","pagerTelephoneNumber",
-	NID_pagerTelephoneNumber,10,&(lvalues[3703]),0},
+	NID_pagerTelephoneNumber,10,&(lvalues[3708]),0},
 {"friendlyCountryName","friendlyCountryName",NID_friendlyCountryName,
-	10,&(lvalues[3713]),0},
+	10,&(lvalues[3718]),0},
 {"organizationalStatus","organizationalStatus",
-	NID_organizationalStatus,10,&(lvalues[3723]),0},
-{"janetMailbox","janetMailbox",NID_janetMailbox,10,&(lvalues[3733]),0},
+	NID_organizationalStatus,10,&(lvalues[3728]),0},
+{"janetMailbox","janetMailbox",NID_janetMailbox,10,&(lvalues[3738]),0},
 {"mailPreferenceOption","mailPreferenceOption",
-	NID_mailPreferenceOption,10,&(lvalues[3743]),0},
-{"buildingName","buildingName",NID_buildingName,10,&(lvalues[3753]),0},
-{"dSAQuality","dSAQuality",NID_dSAQuality,10,&(lvalues[3763]),0},
+	NID_mailPreferenceOption,10,&(lvalues[3748]),0},
+{"buildingName","buildingName",NID_buildingName,10,&(lvalues[3758]),0},
+{"dSAQuality","dSAQuality",NID_dSAQuality,10,&(lvalues[3768]),0},
 {"singleLevelQuality","singleLevelQuality",NID_singleLevelQuality,10,
-	&(lvalues[3773]),0},
+	&(lvalues[3778]),0},
 {"subtreeMinimumQuality","subtreeMinimumQuality",
-	NID_subtreeMinimumQuality,10,&(lvalues[3783]),0},
+	NID_subtreeMinimumQuality,10,&(lvalues[3788]),0},
 {"subtreeMaximumQuality","subtreeMaximumQuality",
-	NID_subtreeMaximumQuality,10,&(lvalues[3793]),0},
+	NID_subtreeMaximumQuality,10,&(lvalues[3798]),0},
 {"personalSignature","personalSignature",NID_personalSignature,10,
-	&(lvalues[3803]),0},
-{"dITRedirect","dITRedirect",NID_dITRedirect,10,&(lvalues[3813]),0},
-{"audio","audio",NID_audio,10,&(lvalues[3823]),0},
+	&(lvalues[3808]),0},
+{"dITRedirect","dITRedirect",NID_dITRedirect,10,&(lvalues[3818]),0},
+{"audio","audio",NID_audio,10,&(lvalues[3828]),0},
 {"documentPublisher","documentPublisher",NID_documentPublisher,10,
-	&(lvalues[3833]),0},
+	&(lvalues[3838]),0},
 {"x500UniqueIdentifier","x500UniqueIdentifier",
-	NID_x500UniqueIdentifier,3,&(lvalues[3843]),0},
-{"mime-mhs","MIME MHS",NID_mime_mhs,5,&(lvalues[3846]),0},
+	NID_x500UniqueIdentifier,3,&(lvalues[3848]),0},
+{"mime-mhs","MIME MHS",NID_mime_mhs,5,&(lvalues[3851]),0},
 {"mime-mhs-headings","mime-mhs-headings",NID_mime_mhs_headings,6,
-	&(lvalues[3851]),0},
+	&(lvalues[3856]),0},
 {"mime-mhs-bodies","mime-mhs-bodies",NID_mime_mhs_bodies,6,
-	&(lvalues[3857]),0},
+	&(lvalues[3862]),0},
 {"id-hex-partial-message","id-hex-partial-message",
-	NID_id_hex_partial_message,7,&(lvalues[3863]),0},
+	NID_id_hex_partial_message,7,&(lvalues[3868]),0},
 {"id-hex-multipart-message","id-hex-multipart-message",
-	NID_id_hex_multipart_message,7,&(lvalues[3870]),0},
+	NID_id_hex_multipart_message,7,&(lvalues[3875]),0},
 {"generationQualifier","generationQualifier",NID_generationQualifier,
-	3,&(lvalues[3877]),0},
-{"pseudonym","pseudonym",NID_pseudonym,3,&(lvalues[3880]),0},
-{NULL,NULL,NID_undef,0,NULL},
+	3,&(lvalues[3882]),0},
+{"pseudonym","pseudonym",NID_pseudonym,3,&(lvalues[3885]),0},
+{NULL,NULL,NID_undef,0,NULL,0},
 {"id-set","Secure Electronic Transactions",NID_id_set,2,
-	&(lvalues[3883]),0},
-{"set-ctype","content types",NID_set_ctype,3,&(lvalues[3885]),0},
-{"set-msgExt","message extensions",NID_set_msgExt,3,&(lvalues[3888]),0},
-{"set-attr","set-attr",NID_set_attr,3,&(lvalues[3891]),0},
-{"set-policy","set-policy",NID_set_policy,3,&(lvalues[3894]),0},
+	&(lvalues[3888]),0},
+{"set-ctype","content types",NID_set_ctype,3,&(lvalues[3890]),0},
+{"set-msgExt","message extensions",NID_set_msgExt,3,&(lvalues[3893]),0},
+{"set-attr","set-attr",NID_set_attr,3,&(lvalues[3896]),0},
+{"set-policy","set-policy",NID_set_policy,3,&(lvalues[3899]),0},
 {"set-certExt","certificate extensions",NID_set_certExt,3,
-	&(lvalues[3897]),0},
-{"set-brand","set-brand",NID_set_brand,3,&(lvalues[3900]),0},
-{"setct-PANData","setct-PANData",NID_setct_PANData,4,&(lvalues[3903]),0},
+	&(lvalues[3902]),0},
+{"set-brand","set-brand",NID_set_brand,3,&(lvalues[3905]),0},
+{"setct-PANData","setct-PANData",NID_setct_PANData,4,&(lvalues[3908]),0},
 {"setct-PANToken","setct-PANToken",NID_setct_PANToken,4,
-	&(lvalues[3907]),0},
-{"setct-PANOnly","setct-PANOnly",NID_setct_PANOnly,4,&(lvalues[3911]),0},
-{"setct-OIData","setct-OIData",NID_setct_OIData,4,&(lvalues[3915]),0},
-{"setct-PI","setct-PI",NID_setct_PI,4,&(lvalues[3919]),0},
-{"setct-PIData","setct-PIData",NID_setct_PIData,4,&(lvalues[3923]),0},
+	&(lvalues[3912]),0},
+{"setct-PANOnly","setct-PANOnly",NID_setct_PANOnly,4,&(lvalues[3916]),0},
+{"setct-OIData","setct-OIData",NID_setct_OIData,4,&(lvalues[3920]),0},
+{"setct-PI","setct-PI",NID_setct_PI,4,&(lvalues[3924]),0},
+{"setct-PIData","setct-PIData",NID_setct_PIData,4,&(lvalues[3928]),0},
 {"setct-PIDataUnsigned","setct-PIDataUnsigned",
-	NID_setct_PIDataUnsigned,4,&(lvalues[3927]),0},
+	NID_setct_PIDataUnsigned,4,&(lvalues[3932]),0},
 {"setct-HODInput","setct-HODInput",NID_setct_HODInput,4,
-	&(lvalues[3931]),0},
+	&(lvalues[3936]),0},
 {"setct-AuthResBaggage","setct-AuthResBaggage",
-	NID_setct_AuthResBaggage,4,&(lvalues[3935]),0},
+	NID_setct_AuthResBaggage,4,&(lvalues[3940]),0},
 {"setct-AuthRevReqBaggage","setct-AuthRevReqBaggage",
-	NID_setct_AuthRevReqBaggage,4,&(lvalues[3939]),0},
+	NID_setct_AuthRevReqBaggage,4,&(lvalues[3944]),0},
 {"setct-AuthRevResBaggage","setct-AuthRevResBaggage",
-	NID_setct_AuthRevResBaggage,4,&(lvalues[3943]),0},
+	NID_setct_AuthRevResBaggage,4,&(lvalues[3948]),0},
 {"setct-CapTokenSeq","setct-CapTokenSeq",NID_setct_CapTokenSeq,4,
-	&(lvalues[3947]),0},
+	&(lvalues[3952]),0},
 {"setct-PInitResData","setct-PInitResData",NID_setct_PInitResData,4,
-	&(lvalues[3951]),0},
-{"setct-PI-TBS","setct-PI-TBS",NID_setct_PI_TBS,4,&(lvalues[3955]),0},
+	&(lvalues[3956]),0},
+{"setct-PI-TBS","setct-PI-TBS",NID_setct_PI_TBS,4,&(lvalues[3960]),0},
 {"setct-PResData","setct-PResData",NID_setct_PResData,4,
-	&(lvalues[3959]),0},
+	&(lvalues[3964]),0},
 {"setct-AuthReqTBS","setct-AuthReqTBS",NID_setct_AuthReqTBS,4,
-	&(lvalues[3963]),0},
+	&(lvalues[3968]),0},
 {"setct-AuthResTBS","setct-AuthResTBS",NID_setct_AuthResTBS,4,
-	&(lvalues[3967]),0},
+	&(lvalues[3972]),0},
 {"setct-AuthResTBSX","setct-AuthResTBSX",NID_setct_AuthResTBSX,4,
-	&(lvalues[3971]),0},
+	&(lvalues[3976]),0},
 {"setct-AuthTokenTBS","setct-AuthTokenTBS",NID_setct_AuthTokenTBS,4,
-	&(lvalues[3975]),0},
+	&(lvalues[3980]),0},
 {"setct-CapTokenData","setct-CapTokenData",NID_setct_CapTokenData,4,
-	&(lvalues[3979]),0},
+	&(lvalues[3984]),0},
 {"setct-CapTokenTBS","setct-CapTokenTBS",NID_setct_CapTokenTBS,4,
-	&(lvalues[3983]),0},
+	&(lvalues[3988]),0},
 {"setct-AcqCardCodeMsg","setct-AcqCardCodeMsg",
-	NID_setct_AcqCardCodeMsg,4,&(lvalues[3987]),0},
+	NID_setct_AcqCardCodeMsg,4,&(lvalues[3992]),0},
 {"setct-AuthRevReqTBS","setct-AuthRevReqTBS",NID_setct_AuthRevReqTBS,
-	4,&(lvalues[3991]),0},
+	4,&(lvalues[3996]),0},
 {"setct-AuthRevResData","setct-AuthRevResData",
-	NID_setct_AuthRevResData,4,&(lvalues[3995]),0},
+	NID_setct_AuthRevResData,4,&(lvalues[4000]),0},
 {"setct-AuthRevResTBS","setct-AuthRevResTBS",NID_setct_AuthRevResTBS,
-	4,&(lvalues[3999]),0},
+	4,&(lvalues[4004]),0},
 {"setct-CapReqTBS","setct-CapReqTBS",NID_setct_CapReqTBS,4,
-	&(lvalues[4003]),0},
+	&(lvalues[4008]),0},
 {"setct-CapReqTBSX","setct-CapReqTBSX",NID_setct_CapReqTBSX,4,
-	&(lvalues[4007]),0},
+	&(lvalues[4012]),0},
 {"setct-CapResData","setct-CapResData",NID_setct_CapResData,4,
-	&(lvalues[4011]),0},
+	&(lvalues[4016]),0},
 {"setct-CapRevReqTBS","setct-CapRevReqTBS",NID_setct_CapRevReqTBS,4,
-	&(lvalues[4015]),0},
+	&(lvalues[4020]),0},
 {"setct-CapRevReqTBSX","setct-CapRevReqTBSX",NID_setct_CapRevReqTBSX,
-	4,&(lvalues[4019]),0},
+	4,&(lvalues[4024]),0},
 {"setct-CapRevResData","setct-CapRevResData",NID_setct_CapRevResData,
-	4,&(lvalues[4023]),0},
+	4,&(lvalues[4028]),0},
 {"setct-CredReqTBS","setct-CredReqTBS",NID_setct_CredReqTBS,4,
-	&(lvalues[4027]),0},
+	&(lvalues[4032]),0},
 {"setct-CredReqTBSX","setct-CredReqTBSX",NID_setct_CredReqTBSX,4,
-	&(lvalues[4031]),0},
+	&(lvalues[4036]),0},
 {"setct-CredResData","setct-CredResData",NID_setct_CredResData,4,
-	&(lvalues[4035]),0},
+	&(lvalues[4040]),0},
 {"setct-CredRevReqTBS","setct-CredRevReqTBS",NID_setct_CredRevReqTBS,
-	4,&(lvalues[4039]),0},
+	4,&(lvalues[4044]),0},
 {"setct-CredRevReqTBSX","setct-CredRevReqTBSX",
-	NID_setct_CredRevReqTBSX,4,&(lvalues[4043]),0},
+	NID_setct_CredRevReqTBSX,4,&(lvalues[4048]),0},
 {"setct-CredRevResData","setct-CredRevResData",
-	NID_setct_CredRevResData,4,&(lvalues[4047]),0},
+	NID_setct_CredRevResData,4,&(lvalues[4052]),0},
 {"setct-PCertReqData","setct-PCertReqData",NID_setct_PCertReqData,4,
-	&(lvalues[4051]),0},
+	&(lvalues[4056]),0},
 {"setct-PCertResTBS","setct-PCertResTBS",NID_setct_PCertResTBS,4,
-	&(lvalues[4055]),0},
+	&(lvalues[4060]),0},
 {"setct-BatchAdminReqData","setct-BatchAdminReqData",
-	NID_setct_BatchAdminReqData,4,&(lvalues[4059]),0},
+	NID_setct_BatchAdminReqData,4,&(lvalues[4064]),0},
 {"setct-BatchAdminResData","setct-BatchAdminResData",
-	NID_setct_BatchAdminResData,4,&(lvalues[4063]),0},
+	NID_setct_BatchAdminResData,4,&(lvalues[4068]),0},
 {"setct-CardCInitResTBS","setct-CardCInitResTBS",
-	NID_setct_CardCInitResTBS,4,&(lvalues[4067]),0},
+	NID_setct_CardCInitResTBS,4,&(lvalues[4072]),0},
 {"setct-MeAqCInitResTBS","setct-MeAqCInitResTBS",
-	NID_setct_MeAqCInitResTBS,4,&(lvalues[4071]),0},
+	NID_setct_MeAqCInitResTBS,4,&(lvalues[4076]),0},
 {"setct-RegFormResTBS","setct-RegFormResTBS",NID_setct_RegFormResTBS,
-	4,&(lvalues[4075]),0},
+	4,&(lvalues[4080]),0},
 {"setct-CertReqData","setct-CertReqData",NID_setct_CertReqData,4,
-	&(lvalues[4079]),0},
+	&(lvalues[4084]),0},
 {"setct-CertReqTBS","setct-CertReqTBS",NID_setct_CertReqTBS,4,
-	&(lvalues[4083]),0},
+	&(lvalues[4088]),0},
 {"setct-CertResData","setct-CertResData",NID_setct_CertResData,4,
-	&(lvalues[4087]),0},
+	&(lvalues[4092]),0},
 {"setct-CertInqReqTBS","setct-CertInqReqTBS",NID_setct_CertInqReqTBS,
-	4,&(lvalues[4091]),0},
+	4,&(lvalues[4096]),0},
 {"setct-ErrorTBS","setct-ErrorTBS",NID_setct_ErrorTBS,4,
-	&(lvalues[4095]),0},
+	&(lvalues[4100]),0},
 {"setct-PIDualSignedTBE","setct-PIDualSignedTBE",
-	NID_setct_PIDualSignedTBE,4,&(lvalues[4099]),0},
+	NID_setct_PIDualSignedTBE,4,&(lvalues[4104]),0},
 {"setct-PIUnsignedTBE","setct-PIUnsignedTBE",NID_setct_PIUnsignedTBE,
-	4,&(lvalues[4103]),0},
+	4,&(lvalues[4108]),0},
 {"setct-AuthReqTBE","setct-AuthReqTBE",NID_setct_AuthReqTBE,4,
-	&(lvalues[4107]),0},
+	&(lvalues[4112]),0},
 {"setct-AuthResTBE","setct-AuthResTBE",NID_setct_AuthResTBE,4,
-	&(lvalues[4111]),0},
+	&(lvalues[4116]),0},
 {"setct-AuthResTBEX","setct-AuthResTBEX",NID_setct_AuthResTBEX,4,
-	&(lvalues[4115]),0},
+	&(lvalues[4120]),0},
 {"setct-AuthTokenTBE","setct-AuthTokenTBE",NID_setct_AuthTokenTBE,4,
-	&(lvalues[4119]),0},
+	&(lvalues[4124]),0},
 {"setct-CapTokenTBE","setct-CapTokenTBE",NID_setct_CapTokenTBE,4,
-	&(lvalues[4123]),0},
+	&(lvalues[4128]),0},
 {"setct-CapTokenTBEX","setct-CapTokenTBEX",NID_setct_CapTokenTBEX,4,
-	&(lvalues[4127]),0},
+	&(lvalues[4132]),0},
 {"setct-AcqCardCodeMsgTBE","setct-AcqCardCodeMsgTBE",
-	NID_setct_AcqCardCodeMsgTBE,4,&(lvalues[4131]),0},
+	NID_setct_AcqCardCodeMsgTBE,4,&(lvalues[4136]),0},
 {"setct-AuthRevReqTBE","setct-AuthRevReqTBE",NID_setct_AuthRevReqTBE,
-	4,&(lvalues[4135]),0},
+	4,&(lvalues[4140]),0},
 {"setct-AuthRevResTBE","setct-AuthRevResTBE",NID_setct_AuthRevResTBE,
-	4,&(lvalues[4139]),0},
+	4,&(lvalues[4144]),0},
 {"setct-AuthRevResTBEB","setct-AuthRevResTBEB",
-	NID_setct_AuthRevResTBEB,4,&(lvalues[4143]),0},
+	NID_setct_AuthRevResTBEB,4,&(lvalues[4148]),0},
 {"setct-CapReqTBE","setct-CapReqTBE",NID_setct_CapReqTBE,4,
-	&(lvalues[4147]),0},
+	&(lvalues[4152]),0},
 {"setct-CapReqTBEX","setct-CapReqTBEX",NID_setct_CapReqTBEX,4,
-	&(lvalues[4151]),0},
+	&(lvalues[4156]),0},
 {"setct-CapResTBE","setct-CapResTBE",NID_setct_CapResTBE,4,
-	&(lvalues[4155]),0},
+	&(lvalues[4160]),0},
 {"setct-CapRevReqTBE","setct-CapRevReqTBE",NID_setct_CapRevReqTBE,4,
-	&(lvalues[4159]),0},
+	&(lvalues[4164]),0},
 {"setct-CapRevReqTBEX","setct-CapRevReqTBEX",NID_setct_CapRevReqTBEX,
-	4,&(lvalues[4163]),0},
+	4,&(lvalues[4168]),0},
 {"setct-CapRevResTBE","setct-CapRevResTBE",NID_setct_CapRevResTBE,4,
-	&(lvalues[4167]),0},
+	&(lvalues[4172]),0},
 {"setct-CredReqTBE","setct-CredReqTBE",NID_setct_CredReqTBE,4,
-	&(lvalues[4171]),0},
+	&(lvalues[4176]),0},
 {"setct-CredReqTBEX","setct-CredReqTBEX",NID_setct_CredReqTBEX,4,
-	&(lvalues[4175]),0},
+	&(lvalues[4180]),0},
 {"setct-CredResTBE","setct-CredResTBE",NID_setct_CredResTBE,4,
-	&(lvalues[4179]),0},
+	&(lvalues[4184]),0},
 {"setct-CredRevReqTBE","setct-CredRevReqTBE",NID_setct_CredRevReqTBE,
-	4,&(lvalues[4183]),0},
+	4,&(lvalues[4188]),0},
 {"setct-CredRevReqTBEX","setct-CredRevReqTBEX",
-	NID_setct_CredRevReqTBEX,4,&(lvalues[4187]),0},
+	NID_setct_CredRevReqTBEX,4,&(lvalues[4192]),0},
 {"setct-CredRevResTBE","setct-CredRevResTBE",NID_setct_CredRevResTBE,
-	4,&(lvalues[4191]),0},
+	4,&(lvalues[4196]),0},
 {"setct-BatchAdminReqTBE","setct-BatchAdminReqTBE",
-	NID_setct_BatchAdminReqTBE,4,&(lvalues[4195]),0},
+	NID_setct_BatchAdminReqTBE,4,&(lvalues[4200]),0},
 {"setct-BatchAdminResTBE","setct-BatchAdminResTBE",
-	NID_setct_BatchAdminResTBE,4,&(lvalues[4199]),0},
+	NID_setct_BatchAdminResTBE,4,&(lvalues[4204]),0},
 {"setct-RegFormReqTBE","setct-RegFormReqTBE",NID_setct_RegFormReqTBE,
-	4,&(lvalues[4203]),0},
+	4,&(lvalues[4208]),0},
 {"setct-CertReqTBE","setct-CertReqTBE",NID_setct_CertReqTBE,4,
-	&(lvalues[4207]),0},
+	&(lvalues[4212]),0},
 {"setct-CertReqTBEX","setct-CertReqTBEX",NID_setct_CertReqTBEX,4,
-	&(lvalues[4211]),0},
+	&(lvalues[4216]),0},
 {"setct-CertResTBE","setct-CertResTBE",NID_setct_CertResTBE,4,
-	&(lvalues[4215]),0},
+	&(lvalues[4220]),0},
 {"setct-CRLNotificationTBS","setct-CRLNotificationTBS",
-	NID_setct_CRLNotificationTBS,4,&(lvalues[4219]),0},
+	NID_setct_CRLNotificationTBS,4,&(lvalues[4224]),0},
 {"setct-CRLNotificationResTBS","setct-CRLNotificationResTBS",
-	NID_setct_CRLNotificationResTBS,4,&(lvalues[4223]),0},
+	NID_setct_CRLNotificationResTBS,4,&(lvalues[4228]),0},
 {"setct-BCIDistributionTBS","setct-BCIDistributionTBS",
-	NID_setct_BCIDistributionTBS,4,&(lvalues[4227]),0},
+	NID_setct_BCIDistributionTBS,4,&(lvalues[4232]),0},
 {"setext-genCrypt","generic cryptogram",NID_setext_genCrypt,4,
-	&(lvalues[4231]),0},
+	&(lvalues[4236]),0},
 {"setext-miAuth","merchant initiated auth",NID_setext_miAuth,4,
-	&(lvalues[4235]),0},
+	&(lvalues[4240]),0},
 {"setext-pinSecure","setext-pinSecure",NID_setext_pinSecure,4,
-	&(lvalues[4239]),0},
-{"setext-pinAny","setext-pinAny",NID_setext_pinAny,4,&(lvalues[4243]),0},
-{"setext-track2","setext-track2",NID_setext_track2,4,&(lvalues[4247]),0},
+	&(lvalues[4244]),0},
+{"setext-pinAny","setext-pinAny",NID_setext_pinAny,4,&(lvalues[4248]),0},
+{"setext-track2","setext-track2",NID_setext_track2,4,&(lvalues[4252]),0},
 {"setext-cv","additional verification",NID_setext_cv,4,
-	&(lvalues[4251]),0},
+	&(lvalues[4256]),0},
 {"set-policy-root","set-policy-root",NID_set_policy_root,4,
-	&(lvalues[4255]),0},
+	&(lvalues[4260]),0},
 {"setCext-hashedRoot","setCext-hashedRoot",NID_setCext_hashedRoot,4,
-	&(lvalues[4259]),0},
+	&(lvalues[4264]),0},
 {"setCext-certType","setCext-certType",NID_setCext_certType,4,
-	&(lvalues[4263]),0},
+	&(lvalues[4268]),0},
 {"setCext-merchData","setCext-merchData",NID_setCext_merchData,4,
-	&(lvalues[4267]),0},
+	&(lvalues[4272]),0},
 {"setCext-cCertRequired","setCext-cCertRequired",
-	NID_setCext_cCertRequired,4,&(lvalues[4271]),0},
+	NID_setCext_cCertRequired,4,&(lvalues[4276]),0},
 {"setCext-tunneling","setCext-tunneling",NID_setCext_tunneling,4,
-	&(lvalues[4275]),0},
+	&(lvalues[4280]),0},
 {"setCext-setExt","setCext-setExt",NID_setCext_setExt,4,
-	&(lvalues[4279]),0},
+	&(lvalues[4284]),0},
 {"setCext-setQualf","setCext-setQualf",NID_setCext_setQualf,4,
-	&(lvalues[4283]),0},
+	&(lvalues[4288]),0},
 {"setCext-PGWYcapabilities","setCext-PGWYcapabilities",
-	NID_setCext_PGWYcapabilities,4,&(lvalues[4287]),0},
+	NID_setCext_PGWYcapabilities,4,&(lvalues[4292]),0},
 {"setCext-TokenIdentifier","setCext-TokenIdentifier",
-	NID_setCext_TokenIdentifier,4,&(lvalues[4291]),0},
+	NID_setCext_TokenIdentifier,4,&(lvalues[4296]),0},
 {"setCext-Track2Data","setCext-Track2Data",NID_setCext_Track2Data,4,
-	&(lvalues[4295]),0},
+	&(lvalues[4300]),0},
 {"setCext-TokenType","setCext-TokenType",NID_setCext_TokenType,4,
-	&(lvalues[4299]),0},
+	&(lvalues[4304]),0},
 {"setCext-IssuerCapabilities","setCext-IssuerCapabilities",
-	NID_setCext_IssuerCapabilities,4,&(lvalues[4303]),0},
-{"setAttr-Cert","setAttr-Cert",NID_setAttr_Cert,4,&(lvalues[4307]),0},
+	NID_setCext_IssuerCapabilities,4,&(lvalues[4308]),0},
+{"setAttr-Cert","setAttr-Cert",NID_setAttr_Cert,4,&(lvalues[4312]),0},
 {"setAttr-PGWYcap","payment gateway capabilities",NID_setAttr_PGWYcap,
-	4,&(lvalues[4311]),0},
+	4,&(lvalues[4316]),0},
 {"setAttr-TokenType","setAttr-TokenType",NID_setAttr_TokenType,4,
-	&(lvalues[4315]),0},
+	&(lvalues[4320]),0},
 {"setAttr-IssCap","issuer capabilities",NID_setAttr_IssCap,4,
-	&(lvalues[4319]),0},
+	&(lvalues[4324]),0},
 {"set-rootKeyThumb","set-rootKeyThumb",NID_set_rootKeyThumb,5,
-	&(lvalues[4323]),0},
-{"set-addPolicy","set-addPolicy",NID_set_addPolicy,5,&(lvalues[4328]),0},
+	&(lvalues[4328]),0},
+{"set-addPolicy","set-addPolicy",NID_set_addPolicy,5,&(lvalues[4333]),0},
 {"setAttr-Token-EMV","setAttr-Token-EMV",NID_setAttr_Token_EMV,5,
-	&(lvalues[4333]),0},
+	&(lvalues[4338]),0},
 {"setAttr-Token-B0Prime","setAttr-Token-B0Prime",
-	NID_setAttr_Token_B0Prime,5,&(lvalues[4338]),0},
+	NID_setAttr_Token_B0Prime,5,&(lvalues[4343]),0},
 {"setAttr-IssCap-CVM","setAttr-IssCap-CVM",NID_setAttr_IssCap_CVM,5,
-	&(lvalues[4343]),0},
-{"setAttr-IssCap-T2","setAttr-IssCap-T2",NID_setAttr_IssCap_T2,5,
 	&(lvalues[4348]),0},
-{"setAttr-IssCap-Sig","setAttr-IssCap-Sig",NID_setAttr_IssCap_Sig,5,
+{"setAttr-IssCap-T2","setAttr-IssCap-T2",NID_setAttr_IssCap_T2,5,
 	&(lvalues[4353]),0},
+{"setAttr-IssCap-Sig","setAttr-IssCap-Sig",NID_setAttr_IssCap_Sig,5,
+	&(lvalues[4358]),0},
 {"setAttr-GenCryptgrm","generate cryptogram",NID_setAttr_GenCryptgrm,
-	6,&(lvalues[4358]),0},
+	6,&(lvalues[4363]),0},
 {"setAttr-T2Enc","encrypted track 2",NID_setAttr_T2Enc,6,
-	&(lvalues[4364]),0},
+	&(lvalues[4369]),0},
 {"setAttr-T2cleartxt","cleartext track 2",NID_setAttr_T2cleartxt,6,
-	&(lvalues[4370]),0},
+	&(lvalues[4375]),0},
 {"setAttr-TokICCsig","ICC or token signature",NID_setAttr_TokICCsig,6,
-	&(lvalues[4376]),0},
+	&(lvalues[4381]),0},
 {"setAttr-SecDevSig","secure device signature",NID_setAttr_SecDevSig,
-	6,&(lvalues[4382]),0},
+	6,&(lvalues[4387]),0},
 {"set-brand-IATA-ATA","set-brand-IATA-ATA",NID_set_brand_IATA_ATA,4,
-	&(lvalues[4388]),0},
+	&(lvalues[4393]),0},
 {"set-brand-Diners","set-brand-Diners",NID_set_brand_Diners,4,
-	&(lvalues[4392]),0},
+	&(lvalues[4397]),0},
 {"set-brand-AmericanExpress","set-brand-AmericanExpress",
-	NID_set_brand_AmericanExpress,4,&(lvalues[4396]),0},
-{"set-brand-JCB","set-brand-JCB",NID_set_brand_JCB,4,&(lvalues[4400]),0},
+	NID_set_brand_AmericanExpress,4,&(lvalues[4401]),0},
+{"set-brand-JCB","set-brand-JCB",NID_set_brand_JCB,4,&(lvalues[4405]),0},
 {"set-brand-Visa","set-brand-Visa",NID_set_brand_Visa,4,
-	&(lvalues[4404]),0},
+	&(lvalues[4409]),0},
 {"set-brand-MasterCard","set-brand-MasterCard",
-	NID_set_brand_MasterCard,4,&(lvalues[4408]),0},
+	NID_set_brand_MasterCard,4,&(lvalues[4413]),0},
 {"set-brand-Novus","set-brand-Novus",NID_set_brand_Novus,5,
-	&(lvalues[4412]),0},
-{"DES-CDMF","des-cdmf",NID_des_cdmf,8,&(lvalues[4417]),0},
+	&(lvalues[4417]),0},
+{"DES-CDMF","des-cdmf",NID_des_cdmf,8,&(lvalues[4422]),0},
 {"rsaOAEPEncryptionSET","rsaOAEPEncryptionSET",
-	NID_rsaOAEPEncryptionSET,9,&(lvalues[4425]),0},
-{"ITU-T","itu-t",NID_itu_t,1,&(lvalues[4434]),0},
+	NID_rsaOAEPEncryptionSET,9,&(lvalues[4430]),0},
+{"ITU-T","itu-t",NID_itu_t,1,&(lvalues[4439]),0},
 {"JOINT-ISO-ITU-T","joint-iso-itu-t",NID_joint_iso_itu_t,1,
-	&(lvalues[4435]),0},
+	&(lvalues[4440]),0},
 {"international-organizations","International Organizations",
-	NID_international_organizations,1,&(lvalues[4436]),0},
+	NID_international_organizations,1,&(lvalues[4441]),0},
 {"msSmartcardLogin","Microsoft Smartcardlogin",NID_ms_smartcard_login,
-	10,&(lvalues[4437]),0},
+	10,&(lvalues[4442]),0},
 {"msUPN","Microsoft Universal Principal Name",NID_ms_upn,10,
-	&(lvalues[4447]),0},
-{"AES-128-CFB1","aes-128-cfb1",NID_aes_128_cfb1,0,NULL},
-{"AES-192-CFB1","aes-192-cfb1",NID_aes_192_cfb1,0,NULL},
-{"AES-256-CFB1","aes-256-cfb1",NID_aes_256_cfb1,0,NULL},
-{"AES-128-CFB8","aes-128-cfb8",NID_aes_128_cfb8,0,NULL},
-{"AES-192-CFB8","aes-192-cfb8",NID_aes_192_cfb8,0,NULL},
-{"AES-256-CFB8","aes-256-cfb8",NID_aes_256_cfb8,0,NULL},
-{"DES-CFB1","des-cfb1",NID_des_cfb1,0,NULL},
-{"DES-CFB8","des-cfb8",NID_des_cfb8,0,NULL},
-{"DES-EDE3-CFB1","des-ede3-cfb1",NID_des_ede3_cfb1,0,NULL},
-{"DES-EDE3-CFB8","des-ede3-cfb8",NID_des_ede3_cfb8,0,NULL},
-{"streetAddress","streetAddress",NID_streetAddress,3,&(lvalues[4457]),0},
-{"postalCode","postalCode",NID_postalCode,3,&(lvalues[4460]),0},
+	&(lvalues[4452]),0},
+{"AES-128-CFB1","aes-128-cfb1",NID_aes_128_cfb1,0,NULL,0},
+{"AES-192-CFB1","aes-192-cfb1",NID_aes_192_cfb1,0,NULL,0},
+{"AES-256-CFB1","aes-256-cfb1",NID_aes_256_cfb1,0,NULL,0},
+{"AES-128-CFB8","aes-128-cfb8",NID_aes_128_cfb8,0,NULL,0},
+{"AES-192-CFB8","aes-192-cfb8",NID_aes_192_cfb8,0,NULL,0},
+{"AES-256-CFB8","aes-256-cfb8",NID_aes_256_cfb8,0,NULL,0},
+{"DES-CFB1","des-cfb1",NID_des_cfb1,0,NULL,0},
+{"DES-CFB8","des-cfb8",NID_des_cfb8,0,NULL,0},
+{"DES-EDE3-CFB1","des-ede3-cfb1",NID_des_ede3_cfb1,0,NULL,0},
+{"DES-EDE3-CFB8","des-ede3-cfb8",NID_des_ede3_cfb8,0,NULL,0},
+{"street","streetAddress",NID_streetAddress,3,&(lvalues[4462]),0},
+{"postalCode","postalCode",NID_postalCode,3,&(lvalues[4465]),0},
+{"id-ppl","id-ppl",NID_id_ppl,7,&(lvalues[4468]),0},
+{"proxyCertInfo","Proxy Certificate Information",NID_proxyCertInfo,8,
+	&(lvalues[4475]),0},
+{"id-ppl-anyLanguage","Any language",NID_id_ppl_anyLanguage,8,
+	&(lvalues[4483]),0},
+{"id-ppl-inheritAll","Inherit all",NID_id_ppl_inheritAll,8,
+	&(lvalues[4491]),0},
+{"nameConstraints","X509v3 Name Constraints",NID_name_constraints,3,
+	&(lvalues[4499]),0},
+{"id-ppl-independent","Independent",NID_Independent,8,&(lvalues[4502]),0},
+{"RSA-SHA256","sha256WithRSAEncryption",NID_sha256WithRSAEncryption,9,
+	&(lvalues[4510]),0},
+{"RSA-SHA384","sha384WithRSAEncryption",NID_sha384WithRSAEncryption,9,
+	&(lvalues[4519]),0},
+{"RSA-SHA512","sha512WithRSAEncryption",NID_sha512WithRSAEncryption,9,
+	&(lvalues[4528]),0},
+{"RSA-SHA224","sha224WithRSAEncryption",NID_sha224WithRSAEncryption,9,
+	&(lvalues[4537]),0},
+{"SHA256","sha256",NID_sha256,9,&(lvalues[4546]),0},
+{"SHA384","sha384",NID_sha384,9,&(lvalues[4555]),0},
+{"SHA512","sha512",NID_sha512,9,&(lvalues[4564]),0},
+{"SHA224","sha224",NID_sha224,9,&(lvalues[4573]),0},
 {"identified-organization","identified-organization",
-	NID_identified_organization,1,&(lvalues[4463]),0},
-{"certicom-arc","certicom-arc",NID_certicom_arc,3,&(lvalues[4464]),0},
-{"wap","wap",NID_wap,2,&(lvalues[4467]),0},
-{"wap-wsg","wap-wsg",NID_wap_wsg,3,&(lvalues[4469]),0},
+	NID_identified_organization,1,&(lvalues[4582]),0},
+{"certicom-arc","certicom-arc",NID_certicom_arc,3,&(lvalues[4583]),0},
+{"wap","wap",NID_wap,2,&(lvalues[4586]),0},
+{"wap-wsg","wap-wsg",NID_wap_wsg,3,&(lvalues[4588]),0},
 {"id-characteristic-two-basis","id-characteristic-two-basis",
-	NID_X9_62_id_characteristic_two_basis,8,&(lvalues[4472]),0},
-{"onBasis","onBasis",NID_X9_62_onBasis,9,&(lvalues[4480]),0},
-{"tpBasis","tpBasis",NID_X9_62_tpBasis,9,&(lvalues[4489]),0},
-{"ppBasis","ppBasis",NID_X9_62_ppBasis,9,&(lvalues[4498]),0},
-{"c2pnb163v1","c2pnb163v1",NID_X9_62_c2pnb163v1,8,&(lvalues[4507]),0},
-{"c2pnb163v2","c2pnb163v2",NID_X9_62_c2pnb163v2,8,&(lvalues[4515]),0},
-{"c2pnb163v3","c2pnb163v3",NID_X9_62_c2pnb163v3,8,&(lvalues[4523]),0},
-{"c2pnb176v1","c2pnb176v1",NID_X9_62_c2pnb176v1,8,&(lvalues[4531]),0},
-{"c2tnb191v1","c2tnb191v1",NID_X9_62_c2tnb191v1,8,&(lvalues[4539]),0},
-{"c2tnb191v2","c2tnb191v2",NID_X9_62_c2tnb191v2,8,&(lvalues[4547]),0},
-{"c2tnb191v3","c2tnb191v3",NID_X9_62_c2tnb191v3,8,&(lvalues[4555]),0},
-{"c2onb191v4","c2onb191v4",NID_X9_62_c2onb191v4,8,&(lvalues[4563]),0},
-{"c2onb191v5","c2onb191v5",NID_X9_62_c2onb191v5,8,&(lvalues[4571]),0},
-{"c2pnb208w1","c2pnb208w1",NID_X9_62_c2pnb208w1,8,&(lvalues[4579]),0},
-{"c2tnb239v1","c2tnb239v1",NID_X9_62_c2tnb239v1,8,&(lvalues[4587]),0},
-{"c2tnb239v2","c2tnb239v2",NID_X9_62_c2tnb239v2,8,&(lvalues[4595]),0},
-{"c2tnb239v3","c2tnb239v3",NID_X9_62_c2tnb239v3,8,&(lvalues[4603]),0},
-{"c2onb239v4","c2onb239v4",NID_X9_62_c2onb239v4,8,&(lvalues[4611]),0},
-{"c2onb239v5","c2onb239v5",NID_X9_62_c2onb239v5,8,&(lvalues[4619]),0},
-{"c2pnb272w1","c2pnb272w1",NID_X9_62_c2pnb272w1,8,&(lvalues[4627]),0},
-{"c2pnb304w1","c2pnb304w1",NID_X9_62_c2pnb304w1,8,&(lvalues[4635]),0},
-{"c2tnb359v1","c2tnb359v1",NID_X9_62_c2tnb359v1,8,&(lvalues[4643]),0},
-{"c2pnb368w1","c2pnb368w1",NID_X9_62_c2pnb368w1,8,&(lvalues[4651]),0},
-{"c2tnb431r1","c2tnb431r1",NID_X9_62_c2tnb431r1,8,&(lvalues[4659]),0},
-{"secp112r1","secp112r1",NID_secp112r1,5,&(lvalues[4667]),0},
-{"secp112r2","secp112r2",NID_secp112r2,5,&(lvalues[4672]),0},
-{"secp128r1","secp128r1",NID_secp128r1,5,&(lvalues[4677]),0},
-{"secp128r2","secp128r2",NID_secp128r2,5,&(lvalues[4682]),0},
-{"secp160k1","secp160k1",NID_secp160k1,5,&(lvalues[4687]),0},
-{"secp160r1","secp160r1",NID_secp160r1,5,&(lvalues[4692]),0},
-{"secp160r2","secp160r2",NID_secp160r2,5,&(lvalues[4697]),0},
-{"secp192k1","secp192k1",NID_secp192k1,5,&(lvalues[4702]),0},
-{"secp224k1","secp224k1",NID_secp224k1,5,&(lvalues[4707]),0},
-{"secp224r1","secp224r1",NID_secp224r1,5,&(lvalues[4712]),0},
-{"secp256k1","secp256k1",NID_secp256k1,5,&(lvalues[4717]),0},
-{"secp384r1","secp384r1",NID_secp384r1,5,&(lvalues[4722]),0},
-{"secp521r1","secp521r1",NID_secp521r1,5,&(lvalues[4727]),0},
-{"sect113r1","sect113r1",NID_sect113r1,5,&(lvalues[4732]),0},
-{"sect113r2","sect113r2",NID_sect113r2,5,&(lvalues[4737]),0},
-{"sect131r1","sect131r1",NID_sect131r1,5,&(lvalues[4742]),0},
-{"sect131r2","sect131r2",NID_sect131r2,5,&(lvalues[4747]),0},
-{"sect163k1","sect163k1",NID_sect163k1,5,&(lvalues[4752]),0},
-{"sect163r1","sect163r1",NID_sect163r1,5,&(lvalues[4757]),0},
-{"sect163r2","sect163r2",NID_sect163r2,5,&(lvalues[4762]),0},
-{"sect193r1","sect193r1",NID_sect193r1,5,&(lvalues[4767]),0},
-{"sect193r2","sect193r2",NID_sect193r2,5,&(lvalues[4772]),0},
-{"sect233k1","sect233k1",NID_sect233k1,5,&(lvalues[4777]),0},
-{"sect233r1","sect233r1",NID_sect233r1,5,&(lvalues[4782]),0},
-{"sect239k1","sect239k1",NID_sect239k1,5,&(lvalues[4787]),0},
-{"sect283k1","sect283k1",NID_sect283k1,5,&(lvalues[4792]),0},
-{"sect283r1","sect283r1",NID_sect283r1,5,&(lvalues[4797]),0},
-{"sect409k1","sect409k1",NID_sect409k1,5,&(lvalues[4802]),0},
-{"sect409r1","sect409r1",NID_sect409r1,5,&(lvalues[4807]),0},
-{"sect571k1","sect571k1",NID_sect571k1,5,&(lvalues[4812]),0},
-{"sect571r1","sect571r1",NID_sect571r1,5,&(lvalues[4817]),0},
+	NID_X9_62_id_characteristic_two_basis,8,&(lvalues[4591]),0},
+{"onBasis","onBasis",NID_X9_62_onBasis,9,&(lvalues[4599]),0},
+{"tpBasis","tpBasis",NID_X9_62_tpBasis,9,&(lvalues[4608]),0},
+{"ppBasis","ppBasis",NID_X9_62_ppBasis,9,&(lvalues[4617]),0},
+{"c2pnb163v1","c2pnb163v1",NID_X9_62_c2pnb163v1,8,&(lvalues[4626]),0},
+{"c2pnb163v2","c2pnb163v2",NID_X9_62_c2pnb163v2,8,&(lvalues[4634]),0},
+{"c2pnb163v3","c2pnb163v3",NID_X9_62_c2pnb163v3,8,&(lvalues[4642]),0},
+{"c2pnb176v1","c2pnb176v1",NID_X9_62_c2pnb176v1,8,&(lvalues[4650]),0},
+{"c2tnb191v1","c2tnb191v1",NID_X9_62_c2tnb191v1,8,&(lvalues[4658]),0},
+{"c2tnb191v2","c2tnb191v2",NID_X9_62_c2tnb191v2,8,&(lvalues[4666]),0},
+{"c2tnb191v3","c2tnb191v3",NID_X9_62_c2tnb191v3,8,&(lvalues[4674]),0},
+{"c2onb191v4","c2onb191v4",NID_X9_62_c2onb191v4,8,&(lvalues[4682]),0},
+{"c2onb191v5","c2onb191v5",NID_X9_62_c2onb191v5,8,&(lvalues[4690]),0},
+{"c2pnb208w1","c2pnb208w1",NID_X9_62_c2pnb208w1,8,&(lvalues[4698]),0},
+{"c2tnb239v1","c2tnb239v1",NID_X9_62_c2tnb239v1,8,&(lvalues[4706]),0},
+{"c2tnb239v2","c2tnb239v2",NID_X9_62_c2tnb239v2,8,&(lvalues[4714]),0},
+{"c2tnb239v3","c2tnb239v3",NID_X9_62_c2tnb239v3,8,&(lvalues[4722]),0},
+{"c2onb239v4","c2onb239v4",NID_X9_62_c2onb239v4,8,&(lvalues[4730]),0},
+{"c2onb239v5","c2onb239v5",NID_X9_62_c2onb239v5,8,&(lvalues[4738]),0},
+{"c2pnb272w1","c2pnb272w1",NID_X9_62_c2pnb272w1,8,&(lvalues[4746]),0},
+{"c2pnb304w1","c2pnb304w1",NID_X9_62_c2pnb304w1,8,&(lvalues[4754]),0},
+{"c2tnb359v1","c2tnb359v1",NID_X9_62_c2tnb359v1,8,&(lvalues[4762]),0},
+{"c2pnb368w1","c2pnb368w1",NID_X9_62_c2pnb368w1,8,&(lvalues[4770]),0},
+{"c2tnb431r1","c2tnb431r1",NID_X9_62_c2tnb431r1,8,&(lvalues[4778]),0},
+{"secp112r1","secp112r1",NID_secp112r1,5,&(lvalues[4786]),0},
+{"secp112r2","secp112r2",NID_secp112r2,5,&(lvalues[4791]),0},
+{"secp128r1","secp128r1",NID_secp128r1,5,&(lvalues[4796]),0},
+{"secp128r2","secp128r2",NID_secp128r2,5,&(lvalues[4801]),0},
+{"secp160k1","secp160k1",NID_secp160k1,5,&(lvalues[4806]),0},
+{"secp160r1","secp160r1",NID_secp160r1,5,&(lvalues[4811]),0},
+{"secp160r2","secp160r2",NID_secp160r2,5,&(lvalues[4816]),0},
+{"secp192k1","secp192k1",NID_secp192k1,5,&(lvalues[4821]),0},
+{"secp224k1","secp224k1",NID_secp224k1,5,&(lvalues[4826]),0},
+{"secp224r1","secp224r1",NID_secp224r1,5,&(lvalues[4831]),0},
+{"secp256k1","secp256k1",NID_secp256k1,5,&(lvalues[4836]),0},
+{"secp384r1","secp384r1",NID_secp384r1,5,&(lvalues[4841]),0},
+{"secp521r1","secp521r1",NID_secp521r1,5,&(lvalues[4846]),0},
+{"sect113r1","sect113r1",NID_sect113r1,5,&(lvalues[4851]),0},
+{"sect113r2","sect113r2",NID_sect113r2,5,&(lvalues[4856]),0},
+{"sect131r1","sect131r1",NID_sect131r1,5,&(lvalues[4861]),0},
+{"sect131r2","sect131r2",NID_sect131r2,5,&(lvalues[4866]),0},
+{"sect163k1","sect163k1",NID_sect163k1,5,&(lvalues[4871]),0},
+{"sect163r1","sect163r1",NID_sect163r1,5,&(lvalues[4876]),0},
+{"sect163r2","sect163r2",NID_sect163r2,5,&(lvalues[4881]),0},
+{"sect193r1","sect193r1",NID_sect193r1,5,&(lvalues[4886]),0},
+{"sect193r2","sect193r2",NID_sect193r2,5,&(lvalues[4891]),0},
+{"sect233k1","sect233k1",NID_sect233k1,5,&(lvalues[4896]),0},
+{"sect233r1","sect233r1",NID_sect233r1,5,&(lvalues[4901]),0},
+{"sect239k1","sect239k1",NID_sect239k1,5,&(lvalues[4906]),0},
+{"sect283k1","sect283k1",NID_sect283k1,5,&(lvalues[4911]),0},
+{"sect283r1","sect283r1",NID_sect283r1,5,&(lvalues[4916]),0},
+{"sect409k1","sect409k1",NID_sect409k1,5,&(lvalues[4921]),0},
+{"sect409r1","sect409r1",NID_sect409r1,5,&(lvalues[4926]),0},
+{"sect571k1","sect571k1",NID_sect571k1,5,&(lvalues[4931]),0},
+{"sect571r1","sect571r1",NID_sect571r1,5,&(lvalues[4936]),0},
 {"wap-wsg-idm-ecid-wtls1","wap-wsg-idm-ecid-wtls1",
-	NID_wap_wsg_idm_ecid_wtls1,5,&(lvalues[4822]),0},
+	NID_wap_wsg_idm_ecid_wtls1,5,&(lvalues[4941]),0},
 {"wap-wsg-idm-ecid-wtls3","wap-wsg-idm-ecid-wtls3",
-	NID_wap_wsg_idm_ecid_wtls3,5,&(lvalues[4827]),0},
+	NID_wap_wsg_idm_ecid_wtls3,5,&(lvalues[4946]),0},
 {"wap-wsg-idm-ecid-wtls4","wap-wsg-idm-ecid-wtls4",
-	NID_wap_wsg_idm_ecid_wtls4,5,&(lvalues[4832]),0},
+	NID_wap_wsg_idm_ecid_wtls4,5,&(lvalues[4951]),0},
 {"wap-wsg-idm-ecid-wtls5","wap-wsg-idm-ecid-wtls5",
-	NID_wap_wsg_idm_ecid_wtls5,5,&(lvalues[4837]),0},
+	NID_wap_wsg_idm_ecid_wtls5,5,&(lvalues[4956]),0},
 {"wap-wsg-idm-ecid-wtls6","wap-wsg-idm-ecid-wtls6",
-	NID_wap_wsg_idm_ecid_wtls6,5,&(lvalues[4842]),0},
+	NID_wap_wsg_idm_ecid_wtls6,5,&(lvalues[4961]),0},
 {"wap-wsg-idm-ecid-wtls7","wap-wsg-idm-ecid-wtls7",
-	NID_wap_wsg_idm_ecid_wtls7,5,&(lvalues[4847]),0},
+	NID_wap_wsg_idm_ecid_wtls7,5,&(lvalues[4966]),0},
 {"wap-wsg-idm-ecid-wtls8","wap-wsg-idm-ecid-wtls8",
-	NID_wap_wsg_idm_ecid_wtls8,5,&(lvalues[4852]),0},
+	NID_wap_wsg_idm_ecid_wtls8,5,&(lvalues[4971]),0},
 {"wap-wsg-idm-ecid-wtls9","wap-wsg-idm-ecid-wtls9",
-	NID_wap_wsg_idm_ecid_wtls9,5,&(lvalues[4857]),0},
+	NID_wap_wsg_idm_ecid_wtls9,5,&(lvalues[4976]),0},
 {"wap-wsg-idm-ecid-wtls10","wap-wsg-idm-ecid-wtls10",
-	NID_wap_wsg_idm_ecid_wtls10,5,&(lvalues[4862]),0},
+	NID_wap_wsg_idm_ecid_wtls10,5,&(lvalues[4981]),0},
 {"wap-wsg-idm-ecid-wtls11","wap-wsg-idm-ecid-wtls11",
-	NID_wap_wsg_idm_ecid_wtls11,5,&(lvalues[4867]),0},
+	NID_wap_wsg_idm_ecid_wtls11,5,&(lvalues[4986]),0},
 {"wap-wsg-idm-ecid-wtls12","wap-wsg-idm-ecid-wtls12",
-	NID_wap_wsg_idm_ecid_wtls12,5,&(lvalues[4872]),0},
-{"RSA-SHA256","sha256WithRSAEncryption",NID_sha256WithRSAEncryption,9,
-	&(lvalues[4877]),0},
-{"RSA-SHA384","sha384WithRSAEncryption",NID_sha384WithRSAEncryption,9,
-	&(lvalues[4886]),0},
-{"RSA-SHA512","sha512WithRSAEncryption",NID_sha512WithRSAEncryption,9,
-	&(lvalues[4895]),0},
-{"RSA-SHA224","sha224WithRSAEncryption",NID_sha224WithRSAEncryption,9,
-	&(lvalues[4904]),0},
-{"nameConstraints","X509v3 Name Constraints",NID_name_constraints,3,
-	&(lvalues[4913]),0},
-{"anyPolicy","X509v3 Any Policy",NID_any_policy,4,&(lvalues[4916]),0},
+	NID_wap_wsg_idm_ecid_wtls12,5,&(lvalues[4991]),0},
+{"anyPolicy","X509v3 Any Policy",NID_any_policy,4,&(lvalues[4996]),0},
 {"policyMappings","X509v3 Policy Mappings",NID_policy_mappings,3,
-	&(lvalues[4920]),0},
+	&(lvalues[5000]),0},
 {"inhibitAnyPolicy","X509v3 Inhibit Any Policy",
-	NID_inhibit_any_policy,3,&(lvalues[4923]),0},
-{"SHA256","sha256",NID_sha256,9,&(lvalues[4926]),0},
-{"SHA384","sha384",NID_sha384,9,&(lvalues[4935]),0},
-{"SHA512","sha512",NID_sha512,9,&(lvalues[4944]),0},
-{"SHA224","sha224",NID_sha224,9,&(lvalues[4953]),0},
-{"Oakley-EC2N-3","ipsec3",NID_ipsec3,0,NULL},
-{"Oakley-EC2N-4","ipsec4",NID_ipsec4,0,NULL},
-{"id-ppl","id-ppl",NID_id_ppl,7,&(lvalues[4962]),0},
-{"proxyCertInfo","Proxy Certificate Information",NID_proxyCertInfo,8,
-	&(lvalues[4969]),0},
-{"id-ppl-anyLanguage","Any language",NID_id_ppl_anyLanguage,8,
-	&(lvalues[4977]),0},
-{"id-ppl-inheritAll","Inherit all",NID_id_ppl_inheritAll,8,
-	&(lvalues[4985]),0},
-{"id-ppl-independent","Independent",NID_Independent,8,&(lvalues[4993]),0},
+	NID_inhibit_any_policy,3,&(lvalues[5003]),0},
+{"Oakley-EC2N-3","ipsec3",NID_ipsec3,0,NULL,0},
+{"Oakley-EC2N-4","ipsec4",NID_ipsec4,0,NULL,0},
+{"CAMELLIA-128-CBC","camellia-128-cbc",NID_camellia_128_cbc,11,
+	&(lvalues[5006]),0},
+{"CAMELLIA-192-CBC","camellia-192-cbc",NID_camellia_192_cbc,11,
+	&(lvalues[5017]),0},
+{"CAMELLIA-256-CBC","camellia-256-cbc",NID_camellia_256_cbc,11,
+	&(lvalues[5028]),0},
+{"CAMELLIA-128-ECB","camellia-128-ecb",NID_camellia_128_ecb,8,
+	&(lvalues[5039]),0},
+{"CAMELLIA-192-ECB","camellia-192-ecb",NID_camellia_192_ecb,8,
+	&(lvalues[5047]),0},
+{"CAMELLIA-256-ECB","camellia-256-ecb",NID_camellia_256_ecb,8,
+	&(lvalues[5055]),0},
+{"CAMELLIA-128-CFB","camellia-128-cfb",NID_camellia_128_cfb128,8,
+	&(lvalues[5063]),0},
+{"CAMELLIA-192-CFB","camellia-192-cfb",NID_camellia_192_cfb128,8,
+	&(lvalues[5071]),0},
+{"CAMELLIA-256-CFB","camellia-256-cfb",NID_camellia_256_cfb128,8,
+	&(lvalues[5079]),0},
+{"CAMELLIA-128-CFB1","camellia-128-cfb1",NID_camellia_128_cfb1,0,NULL,0},
+{"CAMELLIA-192-CFB1","camellia-192-cfb1",NID_camellia_192_cfb1,0,NULL,0},
+{"CAMELLIA-256-CFB1","camellia-256-cfb1",NID_camellia_256_cfb1,0,NULL,0},
+{"CAMELLIA-128-CFB8","camellia-128-cfb8",NID_camellia_128_cfb8,0,NULL,0},
+{"CAMELLIA-192-CFB8","camellia-192-cfb8",NID_camellia_192_cfb8,0,NULL,0},
+{"CAMELLIA-256-CFB8","camellia-256-cfb8",NID_camellia_256_cfb8,0,NULL,0},
+{"CAMELLIA-128-OFB","camellia-128-ofb",NID_camellia_128_ofb128,8,
+	&(lvalues[5087]),0},
+{"CAMELLIA-192-OFB","camellia-192-ofb",NID_camellia_192_ofb128,8,
+	&(lvalues[5095]),0},
+{"CAMELLIA-256-OFB","camellia-256-ofb",NID_camellia_256_ofb128,8,
+	&(lvalues[5103]),0},
+{"subjectDirectoryAttributes","X509v3 Subject Directory Attributes",
+	NID_subject_directory_attributes,3,&(lvalues[5111]),0},
+{"issuingDistributionPoint","X509v3 Issuing Distrubution Point",
+	NID_issuing_distribution_point,3,&(lvalues[5114]),0},
+{"certificateIssuer","X509v3 Certificate Issuer",
+	NID_certificate_issuer,3,&(lvalues[5117]),0},
+{NULL,NULL,NID_undef,0,NULL,0},
+{"KISA","kisa",NID_kisa,6,&(lvalues[5120]),0},
+{NULL,NULL,NID_undef,0,NULL,0},
+{NULL,NULL,NID_undef,0,NULL,0},
+{"SEED-ECB","seed-ecb",NID_seed_ecb,8,&(lvalues[5126]),0},
+{"SEED-CBC","seed-cbc",NID_seed_cbc,8,&(lvalues[5134]),0},
+{"SEED-OFB","seed-ofb",NID_seed_ofb128,8,&(lvalues[5142]),0},
+{"SEED-CFB","seed-cfb",NID_seed_cfb128,8,&(lvalues[5150]),0},
+{"HMAC-MD5","hmac-md5",NID_hmac_md5,8,&(lvalues[5158]),0},
+{"HMAC-SHA1","hmac-sha1",NID_hmac_sha1,8,&(lvalues[5166]),0},
+{"id-PasswordBasedMAC","password based MAC",NID_id_PasswordBasedMAC,9,
+	&(lvalues[5174]),0},
+{"id-DHBasedMac","Diffie-Hellman based MAC",NID_id_DHBasedMac,9,
+	&(lvalues[5183]),0},
+{"id-it-suppLangTags","id-it-suppLangTags",NID_id_it_suppLangTags,8,
+	&(lvalues[5192]),0},
+{"caRepository","CA Repository",NID_caRepository,8,&(lvalues[5200]),0},
+{"id-smime-ct-compressedData","id-smime-ct-compressedData",
+	NID_id_smime_ct_compressedData,11,&(lvalues[5208]),0},
+{"id-ct-asciiTextWithCRLF","id-ct-asciiTextWithCRLF",
+	NID_id_ct_asciiTextWithCRLF,11,&(lvalues[5219]),0},
+{"id-aes128-wrap","id-aes128-wrap",NID_id_aes128_wrap,9,
+	&(lvalues[5230]),0},
+{"id-aes192-wrap","id-aes192-wrap",NID_id_aes192_wrap,9,
+	&(lvalues[5239]),0},
+{"id-aes256-wrap","id-aes256-wrap",NID_id_aes256_wrap,9,
+	&(lvalues[5248]),0},
+{"ecdsa-with-Recommended","ecdsa-with-Recommended",
+	NID_ecdsa_with_Recommended,7,&(lvalues[5257]),0},
+{"ecdsa-with-Specified","ecdsa-with-Specified",
+	NID_ecdsa_with_Specified,7,&(lvalues[5264]),0},
+{"ecdsa-with-SHA224","ecdsa-with-SHA224",NID_ecdsa_with_SHA224,8,
+	&(lvalues[5271]),0},
+{"ecdsa-with-SHA256","ecdsa-with-SHA256",NID_ecdsa_with_SHA256,8,
+	&(lvalues[5279]),0},
+{"ecdsa-with-SHA384","ecdsa-with-SHA384",NID_ecdsa_with_SHA384,8,
+	&(lvalues[5287]),0},
+{"ecdsa-with-SHA512","ecdsa-with-SHA512",NID_ecdsa_with_SHA512,8,
+	&(lvalues[5295]),0},
+{"hmacWithMD5","hmacWithMD5",NID_hmacWithMD5,8,&(lvalues[5303]),0},
+{"hmacWithSHA224","hmacWithSHA224",NID_hmacWithSHA224,8,
+	&(lvalues[5311]),0},
+{"hmacWithSHA256","hmacWithSHA256",NID_hmacWithSHA256,8,
+	&(lvalues[5319]),0},
+{"hmacWithSHA384","hmacWithSHA384",NID_hmacWithSHA384,8,
+	&(lvalues[5327]),0},
+{"hmacWithSHA512","hmacWithSHA512",NID_hmacWithSHA512,8,
+	&(lvalues[5335]),0},
+{"dsa_with_SHA224","dsa_with_SHA224",NID_dsa_with_SHA224,9,
+	&(lvalues[5343]),0},
+{"dsa_with_SHA256","dsa_with_SHA256",NID_dsa_with_SHA256,9,
+	&(lvalues[5352]),0},
+{"whirlpool","whirlpool",NID_whirlpool,6,&(lvalues[5361]),0},
+{"cryptopro","cryptopro",NID_cryptopro,5,&(lvalues[5367]),0},
+{"cryptocom","cryptocom",NID_cryptocom,5,&(lvalues[5372]),0},
+{"id-GostR3411-94-with-GostR3410-2001",
+	"GOST R 34.11-94 with GOST R 34.10-2001",
+	NID_id_GostR3411_94_with_GostR3410_2001,6,&(lvalues[5377]),0},
+{"id-GostR3411-94-with-GostR3410-94",
+	"GOST R 34.11-94 with GOST R 34.10-94",
+	NID_id_GostR3411_94_with_GostR3410_94,6,&(lvalues[5383]),0},
+{"md_gost94","GOST R 34.11-94",NID_id_GostR3411_94,6,&(lvalues[5389]),0},
+{"id-HMACGostR3411-94","HMAC GOST 34.11-94",NID_id_HMACGostR3411_94,6,
+	&(lvalues[5395]),0},
+{"gost2001","GOST R 34.10-2001",NID_id_GostR3410_2001,6,
+	&(lvalues[5401]),0},
+{"gost94","GOST R 34.10-94",NID_id_GostR3410_94,6,&(lvalues[5407]),0},
+{"gost89","GOST 28147-89",NID_id_Gost28147_89,6,&(lvalues[5413]),0},
+{"gost89-cnt","gost89-cnt",NID_gost89_cnt,0,NULL,0},
+{"gost-mac","GOST 28147-89 MAC",NID_id_Gost28147_89_MAC,6,
+	&(lvalues[5419]),0},
+{"prf-gostr3411-94","GOST R 34.11-94 PRF",NID_id_GostR3411_94_prf,6,
+	&(lvalues[5425]),0},
+{"id-GostR3410-2001DH","GOST R 34.10-2001 DH",NID_id_GostR3410_2001DH,
+	6,&(lvalues[5431]),0},
+{"id-GostR3410-94DH","GOST R 34.10-94 DH",NID_id_GostR3410_94DH,6,
+	&(lvalues[5437]),0},
+{"id-Gost28147-89-CryptoPro-KeyMeshing",
+	"id-Gost28147-89-CryptoPro-KeyMeshing",
+	NID_id_Gost28147_89_CryptoPro_KeyMeshing,7,&(lvalues[5443]),0},
+{"id-Gost28147-89-None-KeyMeshing","id-Gost28147-89-None-KeyMeshing",
+	NID_id_Gost28147_89_None_KeyMeshing,7,&(lvalues[5450]),0},
+{"id-GostR3411-94-TestParamSet","id-GostR3411-94-TestParamSet",
+	NID_id_GostR3411_94_TestParamSet,7,&(lvalues[5457]),0},
+{"id-GostR3411-94-CryptoProParamSet",
+	"id-GostR3411-94-CryptoProParamSet",
+	NID_id_GostR3411_94_CryptoProParamSet,7,&(lvalues[5464]),0},
+{"id-Gost28147-89-TestParamSet","id-Gost28147-89-TestParamSet",
+	NID_id_Gost28147_89_TestParamSet,7,&(lvalues[5471]),0},
+{"id-Gost28147-89-CryptoPro-A-ParamSet",
+	"id-Gost28147-89-CryptoPro-A-ParamSet",
+	NID_id_Gost28147_89_CryptoPro_A_ParamSet,7,&(lvalues[5478]),0},
+{"id-Gost28147-89-CryptoPro-B-ParamSet",
+	"id-Gost28147-89-CryptoPro-B-ParamSet",
+	NID_id_Gost28147_89_CryptoPro_B_ParamSet,7,&(lvalues[5485]),0},
+{"id-Gost28147-89-CryptoPro-C-ParamSet",
+	"id-Gost28147-89-CryptoPro-C-ParamSet",
+	NID_id_Gost28147_89_CryptoPro_C_ParamSet,7,&(lvalues[5492]),0},
+{"id-Gost28147-89-CryptoPro-D-ParamSet",
+	"id-Gost28147-89-CryptoPro-D-ParamSet",
+	NID_id_Gost28147_89_CryptoPro_D_ParamSet,7,&(lvalues[5499]),0},
+{"id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet",
+	"id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet",
+	NID_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet,7,&(lvalues[5506]),
+	0},
+{"id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet",
+	"id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet",
+	NID_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet,7,&(lvalues[5513]),
+	0},
+{"id-Gost28147-89-CryptoPro-RIC-1-ParamSet",
+	"id-Gost28147-89-CryptoPro-RIC-1-ParamSet",
+	NID_id_Gost28147_89_CryptoPro_RIC_1_ParamSet,7,&(lvalues[5520]),0},
+{"id-GostR3410-94-TestParamSet","id-GostR3410-94-TestParamSet",
+	NID_id_GostR3410_94_TestParamSet,7,&(lvalues[5527]),0},
+{"id-GostR3410-94-CryptoPro-A-ParamSet",
+	"id-GostR3410-94-CryptoPro-A-ParamSet",
+	NID_id_GostR3410_94_CryptoPro_A_ParamSet,7,&(lvalues[5534]),0},
+{"id-GostR3410-94-CryptoPro-B-ParamSet",
+	"id-GostR3410-94-CryptoPro-B-ParamSet",
+	NID_id_GostR3410_94_CryptoPro_B_ParamSet,7,&(lvalues[5541]),0},
+{"id-GostR3410-94-CryptoPro-C-ParamSet",
+	"id-GostR3410-94-CryptoPro-C-ParamSet",
+	NID_id_GostR3410_94_CryptoPro_C_ParamSet,7,&(lvalues[5548]),0},
+{"id-GostR3410-94-CryptoPro-D-ParamSet",
+	"id-GostR3410-94-CryptoPro-D-ParamSet",
+	NID_id_GostR3410_94_CryptoPro_D_ParamSet,7,&(lvalues[5555]),0},
+{"id-GostR3410-94-CryptoPro-XchA-ParamSet",
+	"id-GostR3410-94-CryptoPro-XchA-ParamSet",
+	NID_id_GostR3410_94_CryptoPro_XchA_ParamSet,7,&(lvalues[5562]),0},
+{"id-GostR3410-94-CryptoPro-XchB-ParamSet",
+	"id-GostR3410-94-CryptoPro-XchB-ParamSet",
+	NID_id_GostR3410_94_CryptoPro_XchB_ParamSet,7,&(lvalues[5569]),0},
+{"id-GostR3410-94-CryptoPro-XchC-ParamSet",
+	"id-GostR3410-94-CryptoPro-XchC-ParamSet",
+	NID_id_GostR3410_94_CryptoPro_XchC_ParamSet,7,&(lvalues[5576]),0},
+{"id-GostR3410-2001-TestParamSet","id-GostR3410-2001-TestParamSet",
+	NID_id_GostR3410_2001_TestParamSet,7,&(lvalues[5583]),0},
+{"id-GostR3410-2001-CryptoPro-A-ParamSet",
+	"id-GostR3410-2001-CryptoPro-A-ParamSet",
+	NID_id_GostR3410_2001_CryptoPro_A_ParamSet,7,&(lvalues[5590]),0},
+{"id-GostR3410-2001-CryptoPro-B-ParamSet",
+	"id-GostR3410-2001-CryptoPro-B-ParamSet",
+	NID_id_GostR3410_2001_CryptoPro_B_ParamSet,7,&(lvalues[5597]),0},
+{"id-GostR3410-2001-CryptoPro-C-ParamSet",
+	"id-GostR3410-2001-CryptoPro-C-ParamSet",
+	NID_id_GostR3410_2001_CryptoPro_C_ParamSet,7,&(lvalues[5604]),0},
+{"id-GostR3410-2001-CryptoPro-XchA-ParamSet",
+	"id-GostR3410-2001-CryptoPro-XchA-ParamSet",
+	NID_id_GostR3410_2001_CryptoPro_XchA_ParamSet,7,&(lvalues[5611]),0},
+	
+{"id-GostR3410-2001-CryptoPro-XchB-ParamSet",
+	"id-GostR3410-2001-CryptoPro-XchB-ParamSet",
+	NID_id_GostR3410_2001_CryptoPro_XchB_ParamSet,7,&(lvalues[5618]),0},
+	
+{"id-GostR3410-94-a","id-GostR3410-94-a",NID_id_GostR3410_94_a,7,
+	&(lvalues[5625]),0},
+{"id-GostR3410-94-aBis","id-GostR3410-94-aBis",
+	NID_id_GostR3410_94_aBis,7,&(lvalues[5632]),0},
+{"id-GostR3410-94-b","id-GostR3410-94-b",NID_id_GostR3410_94_b,7,
+	&(lvalues[5639]),0},
+{"id-GostR3410-94-bBis","id-GostR3410-94-bBis",
+	NID_id_GostR3410_94_bBis,7,&(lvalues[5646]),0},
+{"id-Gost28147-89-cc","GOST 28147-89 Cryptocom ParamSet",
+	NID_id_Gost28147_89_cc,8,&(lvalues[5653]),0},
+{"gost94cc","GOST 34.10-94 Cryptocom",NID_id_GostR3410_94_cc,8,
+	&(lvalues[5661]),0},
+{"gost2001cc","GOST 34.10-2001 Cryptocom",NID_id_GostR3410_2001_cc,8,
+	&(lvalues[5669]),0},
+{"id-GostR3411-94-with-GostR3410-94-cc",
+	"GOST R 34.11-94 with GOST R 34.10-94 Cryptocom",
+	NID_id_GostR3411_94_with_GostR3410_94_cc,8,&(lvalues[5677]),0},
+{"id-GostR3411-94-with-GostR3410-2001-cc",
+	"GOST R 34.11-94 with GOST R 34.10-2001 Cryptocom",
+	NID_id_GostR3411_94_with_GostR3410_2001_cc,8,&(lvalues[5685]),0},
+{"id-GostR3410-2001-ParamSet-cc",
+	"GOST R 3410-2001 Parameter Set Cryptocom",
+	NID_id_GostR3410_2001_ParamSet_cc,8,&(lvalues[5693]),0},
+{"HMAC","hmac",NID_hmac,0,NULL,0},
+{"LocalKeySet","Microsoft Local Key set",NID_LocalKeySet,9,
+	&(lvalues[5701]),0},
+{"freshestCRL","X509v3 Freshest CRL",NID_freshest_crl,3,
+	&(lvalues[5710]),0},
+{"id-on-permanentIdentifier","Permanent Identifier",
+	NID_id_on_permanentIdentifier,8,&(lvalues[5713]),0},
+{"searchGuide","searchGuide",NID_searchGuide,3,&(lvalues[5721]),0},
+{"businessCategory","businessCategory",NID_businessCategory,3,
+	&(lvalues[5724]),0},
+{"postalAddress","postalAddress",NID_postalAddress,3,&(lvalues[5727]),0},
+{"postOfficeBox","postOfficeBox",NID_postOfficeBox,3,&(lvalues[5730]),0},
+{"physicalDeliveryOfficeName","physicalDeliveryOfficeName",
+	NID_physicalDeliveryOfficeName,3,&(lvalues[5733]),0},
+{"telephoneNumber","telephoneNumber",NID_telephoneNumber,3,
+	&(lvalues[5736]),0},
+{"telexNumber","telexNumber",NID_telexNumber,3,&(lvalues[5739]),0},
+{"teletexTerminalIdentifier","teletexTerminalIdentifier",
+	NID_teletexTerminalIdentifier,3,&(lvalues[5742]),0},
+{"facsimileTelephoneNumber","facsimileTelephoneNumber",
+	NID_facsimileTelephoneNumber,3,&(lvalues[5745]),0},
+{"x121Address","x121Address",NID_x121Address,3,&(lvalues[5748]),0},
+{"internationaliSDNNumber","internationaliSDNNumber",
+	NID_internationaliSDNNumber,3,&(lvalues[5751]),0},
+{"registeredAddress","registeredAddress",NID_registeredAddress,3,
+	&(lvalues[5754]),0},
+{"destinationIndicator","destinationIndicator",
+	NID_destinationIndicator,3,&(lvalues[5757]),0},
+{"preferredDeliveryMethod","preferredDeliveryMethod",
+	NID_preferredDeliveryMethod,3,&(lvalues[5760]),0},
+{"presentationAddress","presentationAddress",NID_presentationAddress,
+	3,&(lvalues[5763]),0},
+{"supportedApplicationContext","supportedApplicationContext",
+	NID_supportedApplicationContext,3,&(lvalues[5766]),0},
+{"member","member",NID_member,3,&(lvalues[5769]),0},
+{"owner","owner",NID_owner,3,&(lvalues[5772]),0},
+{"roleOccupant","roleOccupant",NID_roleOccupant,3,&(lvalues[5775]),0},
+{"seeAlso","seeAlso",NID_seeAlso,3,&(lvalues[5778]),0},
+{"userPassword","userPassword",NID_userPassword,3,&(lvalues[5781]),0},
+{"userCertificate","userCertificate",NID_userCertificate,3,
+	&(lvalues[5784]),0},
+{"cACertificate","cACertificate",NID_cACertificate,3,&(lvalues[5787]),0},
+{"authorityRevocationList","authorityRevocationList",
+	NID_authorityRevocationList,3,&(lvalues[5790]),0},
+{"certificateRevocationList","certificateRevocationList",
+	NID_certificateRevocationList,3,&(lvalues[5793]),0},
+{"crossCertificatePair","crossCertificatePair",
+	NID_crossCertificatePair,3,&(lvalues[5796]),0},
+{"enhancedSearchGuide","enhancedSearchGuide",NID_enhancedSearchGuide,
+	3,&(lvalues[5799]),0},
+{"protocolInformation","protocolInformation",NID_protocolInformation,
+	3,&(lvalues[5802]),0},
+{"distinguishedName","distinguishedName",NID_distinguishedName,3,
+	&(lvalues[5805]),0},
+{"uniqueMember","uniqueMember",NID_uniqueMember,3,&(lvalues[5808]),0},
+{"houseIdentifier","houseIdentifier",NID_houseIdentifier,3,
+	&(lvalues[5811]),0},
+{"supportedAlgorithms","supportedAlgorithms",NID_supportedAlgorithms,
+	3,&(lvalues[5814]),0},
+{"deltaRevocationList","deltaRevocationList",NID_deltaRevocationList,
+	3,&(lvalues[5817]),0},
+{"dmdName","dmdName",NID_dmdName,3,&(lvalues[5820]),0},
+{"id-alg-PWRI-KEK","id-alg-PWRI-KEK",NID_id_alg_PWRI_KEK,11,
+	&(lvalues[5823]),0},
 };
 
-static ASN1_OBJECT *sn_objs[NUM_SN]={
-&(nid_objs[364]),/* "AD_DVCS" */
-&(nid_objs[419]),/* "AES-128-CBC" */
-&(nid_objs[421]),/* "AES-128-CFB" */
-&(nid_objs[650]),/* "AES-128-CFB1" */
-&(nid_objs[653]),/* "AES-128-CFB8" */
-&(nid_objs[418]),/* "AES-128-ECB" */
-&(nid_objs[420]),/* "AES-128-OFB" */
-&(nid_objs[423]),/* "AES-192-CBC" */
-&(nid_objs[425]),/* "AES-192-CFB" */
-&(nid_objs[651]),/* "AES-192-CFB1" */
-&(nid_objs[654]),/* "AES-192-CFB8" */
-&(nid_objs[422]),/* "AES-192-ECB" */
-&(nid_objs[424]),/* "AES-192-OFB" */
-&(nid_objs[427]),/* "AES-256-CBC" */
-&(nid_objs[429]),/* "AES-256-CFB" */
-&(nid_objs[652]),/* "AES-256-CFB1" */
-&(nid_objs[655]),/* "AES-256-CFB8" */
-&(nid_objs[426]),/* "AES-256-ECB" */
-&(nid_objs[428]),/* "AES-256-OFB" */
-&(nid_objs[91]),/* "BF-CBC" */
-&(nid_objs[93]),/* "BF-CFB" */
-&(nid_objs[92]),/* "BF-ECB" */
-&(nid_objs[94]),/* "BF-OFB" */
-&(nid_objs[14]),/* "C" */
-&(nid_objs[108]),/* "CAST5-CBC" */
-&(nid_objs[110]),/* "CAST5-CFB" */
-&(nid_objs[109]),/* "CAST5-ECB" */
-&(nid_objs[111]),/* "CAST5-OFB" */
-&(nid_objs[13]),/* "CN" */
-&(nid_objs[141]),/* "CRLReason" */
-&(nid_objs[417]),/* "CSPName" */
-&(nid_objs[367]),/* "CrlID" */
-&(nid_objs[391]),/* "DC" */
-&(nid_objs[31]),/* "DES-CBC" */
-&(nid_objs[643]),/* "DES-CDMF" */
-&(nid_objs[30]),/* "DES-CFB" */
-&(nid_objs[656]),/* "DES-CFB1" */
-&(nid_objs[657]),/* "DES-CFB8" */
-&(nid_objs[29]),/* "DES-ECB" */
-&(nid_objs[32]),/* "DES-EDE" */
-&(nid_objs[43]),/* "DES-EDE-CBC" */
-&(nid_objs[60]),/* "DES-EDE-CFB" */
-&(nid_objs[62]),/* "DES-EDE-OFB" */
-&(nid_objs[33]),/* "DES-EDE3" */
-&(nid_objs[44]),/* "DES-EDE3-CBC" */
-&(nid_objs[61]),/* "DES-EDE3-CFB" */
-&(nid_objs[658]),/* "DES-EDE3-CFB1" */
-&(nid_objs[659]),/* "DES-EDE3-CFB8" */
-&(nid_objs[63]),/* "DES-EDE3-OFB" */
-&(nid_objs[45]),/* "DES-OFB" */
-&(nid_objs[80]),/* "DESX-CBC" */
-&(nid_objs[380]),/* "DOD" */
-&(nid_objs[116]),/* "DSA" */
-&(nid_objs[66]),/* "DSA-SHA" */
-&(nid_objs[113]),/* "DSA-SHA1" */
-&(nid_objs[70]),/* "DSA-SHA1-old" */
-&(nid_objs[67]),/* "DSA-old" */
-&(nid_objs[297]),/* "DVCS" */
-&(nid_objs[99]),/* "GN" */
-&(nid_objs[381]),/* "IANA" */
-&(nid_objs[34]),/* "IDEA-CBC" */
-&(nid_objs[35]),/* "IDEA-CFB" */
-&(nid_objs[36]),/* "IDEA-ECB" */
-&(nid_objs[46]),/* "IDEA-OFB" */
-&(nid_objs[181]),/* "ISO" */
-&(nid_objs[183]),/* "ISO-US" */
-&(nid_objs[645]),/* "ITU-T" */
-&(nid_objs[646]),/* "JOINT-ISO-ITU-T" */
-&(nid_objs[15]),/* "L" */
-&(nid_objs[ 3]),/* "MD2" */
-&(nid_objs[257]),/* "MD4" */
-&(nid_objs[ 4]),/* "MD5" */
-&(nid_objs[114]),/* "MD5-SHA1" */
-&(nid_objs[95]),/* "MDC2" */
-&(nid_objs[388]),/* "Mail" */
-&(nid_objs[393]),/* "NULL" */
-&(nid_objs[404]),/* "NULL" */
-&(nid_objs[57]),/* "Netscape" */
-&(nid_objs[366]),/* "Nonce" */
-&(nid_objs[17]),/* "O" */
-&(nid_objs[178]),/* "OCSP" */
-&(nid_objs[180]),/* "OCSPSigning" */
-&(nid_objs[379]),/* "ORG" */
-&(nid_objs[18]),/* "OU" */
-&(nid_objs[744]),/* "Oakley-EC2N-3" */
-&(nid_objs[745]),/* "Oakley-EC2N-4" */
-&(nid_objs[ 9]),/* "PBE-MD2-DES" */
-&(nid_objs[168]),/* "PBE-MD2-RC2-64" */
-&(nid_objs[10]),/* "PBE-MD5-DES" */
-&(nid_objs[169]),/* "PBE-MD5-RC2-64" */
-&(nid_objs[147]),/* "PBE-SHA1-2DES" */
-&(nid_objs[146]),/* "PBE-SHA1-3DES" */
-&(nid_objs[170]),/* "PBE-SHA1-DES" */
-&(nid_objs[148]),/* "PBE-SHA1-RC2-128" */
-&(nid_objs[149]),/* "PBE-SHA1-RC2-40" */
-&(nid_objs[68]),/* "PBE-SHA1-RC2-64" */
-&(nid_objs[144]),/* "PBE-SHA1-RC4-128" */
-&(nid_objs[145]),/* "PBE-SHA1-RC4-40" */
-&(nid_objs[161]),/* "PBES2" */
-&(nid_objs[69]),/* "PBKDF2" */
-&(nid_objs[162]),/* "PBMAC1" */
-&(nid_objs[127]),/* "PKIX" */
-&(nid_objs[98]),/* "RC2-40-CBC" */
-&(nid_objs[166]),/* "RC2-64-CBC" */
-&(nid_objs[37]),/* "RC2-CBC" */
-&(nid_objs[39]),/* "RC2-CFB" */
-&(nid_objs[38]),/* "RC2-ECB" */
-&(nid_objs[40]),/* "RC2-OFB" */
-&(nid_objs[ 5]),/* "RC4" */
-&(nid_objs[97]),/* "RC4-40" */
-&(nid_objs[120]),/* "RC5-CBC" */
-&(nid_objs[122]),/* "RC5-CFB" */
-&(nid_objs[121]),/* "RC5-ECB" */
-&(nid_objs[123]),/* "RC5-OFB" */
-&(nid_objs[117]),/* "RIPEMD160" */
-&(nid_objs[124]),/* "RLE" */
-&(nid_objs[19]),/* "RSA" */
-&(nid_objs[ 7]),/* "RSA-MD2" */
-&(nid_objs[396]),/* "RSA-MD4" */
-&(nid_objs[ 8]),/* "RSA-MD5" */
-&(nid_objs[96]),/* "RSA-MDC2" */
-&(nid_objs[104]),/* "RSA-NP-MD5" */
-&(nid_objs[119]),/* "RSA-RIPEMD160" */
-&(nid_objs[42]),/* "RSA-SHA" */
-&(nid_objs[65]),/* "RSA-SHA1" */
-&(nid_objs[115]),/* "RSA-SHA1-2" */
-&(nid_objs[735]),/* "RSA-SHA224" */
-&(nid_objs[732]),/* "RSA-SHA256" */
-&(nid_objs[733]),/* "RSA-SHA384" */
-&(nid_objs[734]),/* "RSA-SHA512" */
-&(nid_objs[41]),/* "SHA" */
-&(nid_objs[64]),/* "SHA1" */
-&(nid_objs[743]),/* "SHA224" */
-&(nid_objs[740]),/* "SHA256" */
-&(nid_objs[741]),/* "SHA384" */
-&(nid_objs[742]),/* "SHA512" */
-&(nid_objs[188]),/* "SMIME" */
-&(nid_objs[167]),/* "SMIME-CAPS" */
-&(nid_objs[100]),/* "SN" */
-&(nid_objs[16]),/* "ST" */
-&(nid_objs[143]),/* "SXNetID" */
-&(nid_objs[458]),/* "UID" */
-&(nid_objs[ 0]),/* "UNDEF" */
-&(nid_objs[11]),/* "X500" */
-&(nid_objs[378]),/* "X500algorithms" */
-&(nid_objs[12]),/* "X509" */
-&(nid_objs[184]),/* "X9-57" */
-&(nid_objs[185]),/* "X9cm" */
-&(nid_objs[125]),/* "ZLIB" */
-&(nid_objs[478]),/* "aRecord" */
-&(nid_objs[289]),/* "aaControls" */
-&(nid_objs[287]),/* "ac-auditEntity" */
-&(nid_objs[397]),/* "ac-proxying" */
-&(nid_objs[288]),/* "ac-targeting" */
-&(nid_objs[368]),/* "acceptableResponses" */
-&(nid_objs[446]),/* "account" */
-&(nid_objs[363]),/* "ad_timestamping" */
-&(nid_objs[376]),/* "algorithm" */
-&(nid_objs[405]),/* "ansi-X9-62" */
-&(nid_objs[737]),/* "anyPolicy" */
-&(nid_objs[370]),/* "archiveCutoff" */
-&(nid_objs[484]),/* "associatedDomain" */
-&(nid_objs[485]),/* "associatedName" */
-&(nid_objs[501]),/* "audio" */
-&(nid_objs[177]),/* "authorityInfoAccess" */
-&(nid_objs[90]),/* "authorityKeyIdentifier" */
-&(nid_objs[87]),/* "basicConstraints" */
-&(nid_objs[365]),/* "basicOCSPResponse" */
-&(nid_objs[285]),/* "biometricInfo" */
-&(nid_objs[494]),/* "buildingName" */
-&(nid_objs[677]),/* "c2onb191v4" */
-&(nid_objs[678]),/* "c2onb191v5" */
-&(nid_objs[683]),/* "c2onb239v4" */
-&(nid_objs[684]),/* "c2onb239v5" */
-&(nid_objs[670]),/* "c2pnb163v1" */
-&(nid_objs[671]),/* "c2pnb163v2" */
-&(nid_objs[672]),/* "c2pnb163v3" */
-&(nid_objs[673]),/* "c2pnb176v1" */
-&(nid_objs[679]),/* "c2pnb208w1" */
-&(nid_objs[685]),/* "c2pnb272w1" */
-&(nid_objs[686]),/* "c2pnb304w1" */
-&(nid_objs[688]),/* "c2pnb368w1" */
-&(nid_objs[674]),/* "c2tnb191v1" */
-&(nid_objs[675]),/* "c2tnb191v2" */
-&(nid_objs[676]),/* "c2tnb191v3" */
-&(nid_objs[680]),/* "c2tnb239v1" */
-&(nid_objs[681]),/* "c2tnb239v2" */
-&(nid_objs[682]),/* "c2tnb239v3" */
-&(nid_objs[687]),/* "c2tnb359v1" */
-&(nid_objs[689]),/* "c2tnb431r1" */
-&(nid_objs[483]),/* "cNAMERecord" */
-&(nid_objs[179]),/* "caIssuers" */
-&(nid_objs[443]),/* "caseIgnoreIA5StringSyntax" */
-&(nid_objs[152]),/* "certBag" */
-&(nid_objs[663]),/* "certicom-arc" */
-&(nid_objs[89]),/* "certificatePolicies" */
-&(nid_objs[54]),/* "challengePassword" */
-&(nid_objs[407]),/* "characteristic-two-field" */
-&(nid_objs[395]),/* "clearance" */
-&(nid_objs[130]),/* "clientAuth" */
-&(nid_objs[131]),/* "codeSigning" */
-&(nid_objs[50]),/* "contentType" */
-&(nid_objs[53]),/* "countersignature" */
-&(nid_objs[153]),/* "crlBag" */
-&(nid_objs[103]),/* "crlDistributionPoints" */
-&(nid_objs[88]),/* "crlNumber" */
-&(nid_objs[500]),/* "dITRedirect" */
-&(nid_objs[451]),/* "dNSDomain" */
-&(nid_objs[495]),/* "dSAQuality" */
-&(nid_objs[434]),/* "data" */
-&(nid_objs[390]),/* "dcobject" */
-&(nid_objs[140]),/* "deltaCRL" */
-&(nid_objs[107]),/* "description" */
-&(nid_objs[28]),/* "dhKeyAgreement" */
-&(nid_objs[382]),/* "directory" */
-&(nid_objs[174]),/* "dnQualifier" */
-&(nid_objs[447]),/* "document" */
-&(nid_objs[471]),/* "documentAuthor" */
-&(nid_objs[468]),/* "documentIdentifier" */
-&(nid_objs[472]),/* "documentLocation" */
-&(nid_objs[502]),/* "documentPublisher" */
-&(nid_objs[449]),/* "documentSeries" */
-&(nid_objs[469]),/* "documentTitle" */
-&(nid_objs[470]),/* "documentVersion" */
-&(nid_objs[392]),/* "domain" */
-&(nid_objs[452]),/* "domainRelatedObject" */
-&(nid_objs[416]),/* "ecdsa-with-SHA1" */
-&(nid_objs[48]),/* "emailAddress" */
-&(nid_objs[132]),/* "emailProtection" */
-&(nid_objs[389]),/* "enterprises" */
-&(nid_objs[384]),/* "experimental" */
-&(nid_objs[172]),/* "extReq" */
-&(nid_objs[56]),/* "extendedCertificateAttributes" */
-&(nid_objs[126]),/* "extendedKeyUsage" */
-&(nid_objs[372]),/* "extendedStatus" */
-&(nid_objs[462]),/* "favouriteDrink" */
-&(nid_objs[453]),/* "friendlyCountry" */
-&(nid_objs[490]),/* "friendlyCountryName" */
-&(nid_objs[156]),/* "friendlyName" */
-&(nid_objs[509]),/* "generationQualifier" */
-&(nid_objs[163]),/* "hmacWithSHA1" */
-&(nid_objs[432]),/* "holdInstructionCallIssuer" */
-&(nid_objs[430]),/* "holdInstructionCode" */
-&(nid_objs[431]),/* "holdInstructionNone" */
-&(nid_objs[433]),/* "holdInstructionReject" */
-&(nid_objs[486]),/* "homePostalAddress" */
-&(nid_objs[473]),/* "homeTelephoneNumber" */
-&(nid_objs[466]),/* "host" */
-&(nid_objs[442]),/* "iA5StringSyntax" */
-&(nid_objs[266]),/* "id-aca" */
-&(nid_objs[355]),/* "id-aca-accessIdentity" */
-&(nid_objs[354]),/* "id-aca-authenticationInfo" */
-&(nid_objs[356]),/* "id-aca-chargingIdentity" */
-&(nid_objs[399]),/* "id-aca-encAttrs" */
-&(nid_objs[357]),/* "id-aca-group" */
-&(nid_objs[358]),/* "id-aca-role" */
-&(nid_objs[176]),/* "id-ad" */
-&(nid_objs[262]),/* "id-alg" */
-&(nid_objs[323]),/* "id-alg-des40" */
-&(nid_objs[326]),/* "id-alg-dh-pop" */
-&(nid_objs[325]),/* "id-alg-dh-sig-hmac-sha1" */
-&(nid_objs[324]),/* "id-alg-noSignature" */
-&(nid_objs[268]),/* "id-cct" */
-&(nid_objs[361]),/* "id-cct-PKIData" */
-&(nid_objs[362]),/* "id-cct-PKIResponse" */
-&(nid_objs[360]),/* "id-cct-crs" */
-&(nid_objs[81]),/* "id-ce" */
-&(nid_objs[666]),/* "id-characteristic-two-basis" */
-&(nid_objs[263]),/* "id-cmc" */
-&(nid_objs[334]),/* "id-cmc-addExtensions" */
-&(nid_objs[346]),/* "id-cmc-confirmCertAcceptance" */
-&(nid_objs[330]),/* "id-cmc-dataReturn" */
-&(nid_objs[336]),/* "id-cmc-decryptedPOP" */
-&(nid_objs[335]),/* "id-cmc-encryptedPOP" */
-&(nid_objs[339]),/* "id-cmc-getCRL" */
-&(nid_objs[338]),/* "id-cmc-getCert" */
-&(nid_objs[328]),/* "id-cmc-identification" */
-&(nid_objs[329]),/* "id-cmc-identityProof" */
-&(nid_objs[337]),/* "id-cmc-lraPOPWitness" */
-&(nid_objs[344]),/* "id-cmc-popLinkRandom" */
-&(nid_objs[345]),/* "id-cmc-popLinkWitness" */
-&(nid_objs[343]),/* "id-cmc-queryPending" */
-&(nid_objs[333]),/* "id-cmc-recipientNonce" */
-&(nid_objs[341]),/* "id-cmc-regInfo" */
-&(nid_objs[342]),/* "id-cmc-responseInfo" */
-&(nid_objs[340]),/* "id-cmc-revokeRequest" */
-&(nid_objs[332]),/* "id-cmc-senderNonce" */
-&(nid_objs[327]),/* "id-cmc-statusInfo" */
-&(nid_objs[331]),/* "id-cmc-transactionId" */
-&(nid_objs[408]),/* "id-ecPublicKey" */
-&(nid_objs[508]),/* "id-hex-multipart-message" */
-&(nid_objs[507]),/* "id-hex-partial-message" */
-&(nid_objs[260]),/* "id-it" */
-&(nid_objs[302]),/* "id-it-caKeyUpdateInfo" */
-&(nid_objs[298]),/* "id-it-caProtEncCert" */
-&(nid_objs[311]),/* "id-it-confirmWaitTime" */
-&(nid_objs[303]),/* "id-it-currentCRL" */
-&(nid_objs[300]),/* "id-it-encKeyPairTypes" */
-&(nid_objs[310]),/* "id-it-implicitConfirm" */
-&(nid_objs[308]),/* "id-it-keyPairParamRep" */
-&(nid_objs[307]),/* "id-it-keyPairParamReq" */
-&(nid_objs[312]),/* "id-it-origPKIMessage" */
-&(nid_objs[301]),/* "id-it-preferredSymmAlg" */
-&(nid_objs[309]),/* "id-it-revPassphrase" */
-&(nid_objs[299]),/* "id-it-signKeyPairTypes" */
-&(nid_objs[305]),/* "id-it-subscriptionRequest" */
-&(nid_objs[306]),/* "id-it-subscriptionResponse" */
-&(nid_objs[304]),/* "id-it-unsupportedOIDs" */
-&(nid_objs[128]),/* "id-kp" */
-&(nid_objs[280]),/* "id-mod-attribute-cert" */
-&(nid_objs[274]),/* "id-mod-cmc" */
-&(nid_objs[277]),/* "id-mod-cmp" */
-&(nid_objs[284]),/* "id-mod-cmp2000" */
-&(nid_objs[273]),/* "id-mod-crmf" */
-&(nid_objs[283]),/* "id-mod-dvcs" */
-&(nid_objs[275]),/* "id-mod-kea-profile-88" */
-&(nid_objs[276]),/* "id-mod-kea-profile-93" */
-&(nid_objs[282]),/* "id-mod-ocsp" */
-&(nid_objs[278]),/* "id-mod-qualified-cert-88" */
-&(nid_objs[279]),/* "id-mod-qualified-cert-93" */
-&(nid_objs[281]),/* "id-mod-timestamp-protocol" */
-&(nid_objs[264]),/* "id-on" */
-&(nid_objs[347]),/* "id-on-personalData" */
-&(nid_objs[265]),/* "id-pda" */
-&(nid_objs[352]),/* "id-pda-countryOfCitizenship" */
-&(nid_objs[353]),/* "id-pda-countryOfResidence" */
-&(nid_objs[348]),/* "id-pda-dateOfBirth" */
-&(nid_objs[351]),/* "id-pda-gender" */
-&(nid_objs[349]),/* "id-pda-placeOfBirth" */
-&(nid_objs[175]),/* "id-pe" */
-&(nid_objs[261]),/* "id-pkip" */
-&(nid_objs[258]),/* "id-pkix-mod" */
-&(nid_objs[269]),/* "id-pkix1-explicit-88" */
-&(nid_objs[271]),/* "id-pkix1-explicit-93" */
-&(nid_objs[270]),/* "id-pkix1-implicit-88" */
-&(nid_objs[272]),/* "id-pkix1-implicit-93" */
-&(nid_objs[746]),/* "id-ppl" */
-&(nid_objs[748]),/* "id-ppl-anyLanguage" */
-&(nid_objs[750]),/* "id-ppl-independent" */
-&(nid_objs[749]),/* "id-ppl-inheritAll" */
-&(nid_objs[267]),/* "id-qcs" */
-&(nid_objs[359]),/* "id-qcs-pkixQCSyntax-v1" */
-&(nid_objs[259]),/* "id-qt" */
-&(nid_objs[164]),/* "id-qt-cps" */
-&(nid_objs[165]),/* "id-qt-unotice" */
-&(nid_objs[313]),/* "id-regCtrl" */
-&(nid_objs[316]),/* "id-regCtrl-authenticator" */
-&(nid_objs[319]),/* "id-regCtrl-oldCertID" */
-&(nid_objs[318]),/* "id-regCtrl-pkiArchiveOptions" */
-&(nid_objs[317]),/* "id-regCtrl-pkiPublicationInfo" */
-&(nid_objs[320]),/* "id-regCtrl-protocolEncrKey" */
-&(nid_objs[315]),/* "id-regCtrl-regToken" */
-&(nid_objs[314]),/* "id-regInfo" */
-&(nid_objs[322]),/* "id-regInfo-certReq" */
-&(nid_objs[321]),/* "id-regInfo-utf8Pairs" */
-&(nid_objs[512]),/* "id-set" */
-&(nid_objs[191]),/* "id-smime-aa" */
-&(nid_objs[215]),/* "id-smime-aa-contentHint" */
-&(nid_objs[218]),/* "id-smime-aa-contentIdentifier" */
-&(nid_objs[221]),/* "id-smime-aa-contentReference" */
-&(nid_objs[240]),/* "id-smime-aa-dvcs-dvc" */
-&(nid_objs[217]),/* "id-smime-aa-encapContentType" */
-&(nid_objs[222]),/* "id-smime-aa-encrypKeyPref" */
-&(nid_objs[220]),/* "id-smime-aa-equivalentLabels" */
-&(nid_objs[232]),/* "id-smime-aa-ets-CertificateRefs" */
-&(nid_objs[233]),/* "id-smime-aa-ets-RevocationRefs" */
-&(nid_objs[238]),/* "id-smime-aa-ets-archiveTimeStamp" */
-&(nid_objs[237]),/* "id-smime-aa-ets-certCRLTimestamp" */
-&(nid_objs[234]),/* "id-smime-aa-ets-certValues" */
-&(nid_objs[227]),/* "id-smime-aa-ets-commitmentType" */
-&(nid_objs[231]),/* "id-smime-aa-ets-contentTimestamp" */
-&(nid_objs[236]),/* "id-smime-aa-ets-escTimeStamp" */
-&(nid_objs[230]),/* "id-smime-aa-ets-otherSigCert" */
-&(nid_objs[235]),/* "id-smime-aa-ets-revocationValues" */
-&(nid_objs[226]),/* "id-smime-aa-ets-sigPolicyId" */
-&(nid_objs[229]),/* "id-smime-aa-ets-signerAttr" */
-&(nid_objs[228]),/* "id-smime-aa-ets-signerLocation" */
-&(nid_objs[219]),/* "id-smime-aa-macValue" */
-&(nid_objs[214]),/* "id-smime-aa-mlExpandHistory" */
-&(nid_objs[216]),/* "id-smime-aa-msgSigDigest" */
-&(nid_objs[212]),/* "id-smime-aa-receiptRequest" */
-&(nid_objs[213]),/* "id-smime-aa-securityLabel" */
-&(nid_objs[239]),/* "id-smime-aa-signatureType" */
-&(nid_objs[223]),/* "id-smime-aa-signingCertificate" */
-&(nid_objs[224]),/* "id-smime-aa-smimeEncryptCerts" */
-&(nid_objs[225]),/* "id-smime-aa-timeStampToken" */
-&(nid_objs[192]),/* "id-smime-alg" */
-&(nid_objs[243]),/* "id-smime-alg-3DESwrap" */
-&(nid_objs[246]),/* "id-smime-alg-CMS3DESwrap" */
-&(nid_objs[247]),/* "id-smime-alg-CMSRC2wrap" */
-&(nid_objs[245]),/* "id-smime-alg-ESDH" */
-&(nid_objs[241]),/* "id-smime-alg-ESDHwith3DES" */
-&(nid_objs[242]),/* "id-smime-alg-ESDHwithRC2" */
-&(nid_objs[244]),/* "id-smime-alg-RC2wrap" */
-&(nid_objs[193]),/* "id-smime-cd" */
-&(nid_objs[248]),/* "id-smime-cd-ldap" */
-&(nid_objs[190]),/* "id-smime-ct" */
-&(nid_objs[210]),/* "id-smime-ct-DVCSRequestData" */
-&(nid_objs[211]),/* "id-smime-ct-DVCSResponseData" */
-&(nid_objs[208]),/* "id-smime-ct-TDTInfo" */
-&(nid_objs[207]),/* "id-smime-ct-TSTInfo" */
-&(nid_objs[205]),/* "id-smime-ct-authData" */
-&(nid_objs[209]),/* "id-smime-ct-contentInfo" */
-&(nid_objs[206]),/* "id-smime-ct-publishCert" */
-&(nid_objs[204]),/* "id-smime-ct-receipt" */
-&(nid_objs[195]),/* "id-smime-cti" */
-&(nid_objs[255]),/* "id-smime-cti-ets-proofOfApproval" */
-&(nid_objs[256]),/* "id-smime-cti-ets-proofOfCreation" */
-&(nid_objs[253]),/* "id-smime-cti-ets-proofOfDelivery" */
-&(nid_objs[251]),/* "id-smime-cti-ets-proofOfOrigin" */
-&(nid_objs[252]),/* "id-smime-cti-ets-proofOfReceipt" */
-&(nid_objs[254]),/* "id-smime-cti-ets-proofOfSender" */
-&(nid_objs[189]),/* "id-smime-mod" */
-&(nid_objs[196]),/* "id-smime-mod-cms" */
-&(nid_objs[197]),/* "id-smime-mod-ess" */
-&(nid_objs[202]),/* "id-smime-mod-ets-eSigPolicy-88" */
-&(nid_objs[203]),/* "id-smime-mod-ets-eSigPolicy-97" */
-&(nid_objs[200]),/* "id-smime-mod-ets-eSignature-88" */
-&(nid_objs[201]),/* "id-smime-mod-ets-eSignature-97" */
-&(nid_objs[199]),/* "id-smime-mod-msg-v3" */
-&(nid_objs[198]),/* "id-smime-mod-oid" */
-&(nid_objs[194]),/* "id-smime-spq" */
-&(nid_objs[250]),/* "id-smime-spq-ets-sqt-unotice" */
-&(nid_objs[249]),/* "id-smime-spq-ets-sqt-uri" */
-&(nid_objs[662]),/* "identified-organization" */
-&(nid_objs[461]),/* "info" */
-&(nid_objs[739]),/* "inhibitAnyPolicy" */
-&(nid_objs[101]),/* "initials" */
-&(nid_objs[647]),/* "international-organizations" */
-&(nid_objs[142]),/* "invalidityDate" */
-&(nid_objs[294]),/* "ipsecEndSystem" */
-&(nid_objs[295]),/* "ipsecTunnel" */
-&(nid_objs[296]),/* "ipsecUser" */
-&(nid_objs[86]),/* "issuerAltName" */
-&(nid_objs[492]),/* "janetMailbox" */
-&(nid_objs[150]),/* "keyBag" */
-&(nid_objs[83]),/* "keyUsage" */
-&(nid_objs[477]),/* "lastModifiedBy" */
-&(nid_objs[476]),/* "lastModifiedTime" */
-&(nid_objs[157]),/* "localKeyID" */
-&(nid_objs[480]),/* "mXRecord" */
-&(nid_objs[460]),/* "mail" */
-&(nid_objs[493]),/* "mailPreferenceOption" */
-&(nid_objs[467]),/* "manager" */
-&(nid_objs[182]),/* "member-body" */
-&(nid_objs[51]),/* "messageDigest" */
-&(nid_objs[383]),/* "mgmt" */
-&(nid_objs[504]),/* "mime-mhs" */
-&(nid_objs[506]),/* "mime-mhs-bodies" */
-&(nid_objs[505]),/* "mime-mhs-headings" */
-&(nid_objs[488]),/* "mobileTelephoneNumber" */
-&(nid_objs[136]),/* "msCTLSign" */
-&(nid_objs[135]),/* "msCodeCom" */
-&(nid_objs[134]),/* "msCodeInd" */
-&(nid_objs[138]),/* "msEFS" */
-&(nid_objs[171]),/* "msExtReq" */
-&(nid_objs[137]),/* "msSGC" */
-&(nid_objs[648]),/* "msSmartcardLogin" */
-&(nid_objs[649]),/* "msUPN" */
-&(nid_objs[481]),/* "nSRecord" */
-&(nid_objs[173]),/* "name" */
-&(nid_objs[736]),/* "nameConstraints" */
-&(nid_objs[369]),/* "noCheck" */
-&(nid_objs[403]),/* "noRevAvail" */
-&(nid_objs[72]),/* "nsBaseUrl" */
-&(nid_objs[76]),/* "nsCaPolicyUrl" */
-&(nid_objs[74]),/* "nsCaRevocationUrl" */
-&(nid_objs[58]),/* "nsCertExt" */
-&(nid_objs[79]),/* "nsCertSequence" */
-&(nid_objs[71]),/* "nsCertType" */
-&(nid_objs[78]),/* "nsComment" */
-&(nid_objs[59]),/* "nsDataType" */
-&(nid_objs[75]),/* "nsRenewalUrl" */
-&(nid_objs[73]),/* "nsRevocationUrl" */
-&(nid_objs[139]),/* "nsSGC" */
-&(nid_objs[77]),/* "nsSslServerName" */
-&(nid_objs[667]),/* "onBasis" */
-&(nid_objs[491]),/* "organizationalStatus" */
-&(nid_objs[475]),/* "otherMailbox" */
-&(nid_objs[489]),/* "pagerTelephoneNumber" */
-&(nid_objs[374]),/* "path" */
-&(nid_objs[112]),/* "pbeWithMD5AndCast5CBC" */
-&(nid_objs[499]),/* "personalSignature" */
-&(nid_objs[487]),/* "personalTitle" */
-&(nid_objs[464]),/* "photo" */
-&(nid_objs[437]),/* "pilot" */
-&(nid_objs[439]),/* "pilotAttributeSyntax" */
-&(nid_objs[438]),/* "pilotAttributeType" */
-&(nid_objs[479]),/* "pilotAttributeType27" */
-&(nid_objs[456]),/* "pilotDSA" */
-&(nid_objs[441]),/* "pilotGroups" */
-&(nid_objs[444]),/* "pilotObject" */
-&(nid_objs[440]),/* "pilotObjectClass" */
-&(nid_objs[455]),/* "pilotOrganization" */
-&(nid_objs[445]),/* "pilotPerson" */
-&(nid_objs[ 2]),/* "pkcs" */
-&(nid_objs[186]),/* "pkcs1" */
-&(nid_objs[27]),/* "pkcs3" */
-&(nid_objs[187]),/* "pkcs5" */
-&(nid_objs[20]),/* "pkcs7" */
-&(nid_objs[21]),/* "pkcs7-data" */
-&(nid_objs[25]),/* "pkcs7-digestData" */
-&(nid_objs[26]),/* "pkcs7-encryptedData" */
-&(nid_objs[23]),/* "pkcs7-envelopedData" */
-&(nid_objs[24]),/* "pkcs7-signedAndEnvelopedData" */
-&(nid_objs[22]),/* "pkcs7-signedData" */
-&(nid_objs[151]),/* "pkcs8ShroudedKeyBag" */
-&(nid_objs[47]),/* "pkcs9" */
-&(nid_objs[401]),/* "policyConstraints" */
-&(nid_objs[738]),/* "policyMappings" */
-&(nid_objs[661]),/* "postalCode" */
-&(nid_objs[669]),/* "ppBasis" */
-&(nid_objs[406]),/* "prime-field" */
-&(nid_objs[409]),/* "prime192v1" */
-&(nid_objs[410]),/* "prime192v2" */
-&(nid_objs[411]),/* "prime192v3" */
-&(nid_objs[412]),/* "prime239v1" */
-&(nid_objs[413]),/* "prime239v2" */
-&(nid_objs[414]),/* "prime239v3" */
-&(nid_objs[415]),/* "prime256v1" */
-&(nid_objs[385]),/* "private" */
-&(nid_objs[84]),/* "privateKeyUsagePeriod" */
-&(nid_objs[747]),/* "proxyCertInfo" */
-&(nid_objs[510]),/* "pseudonym" */
-&(nid_objs[435]),/* "pss" */
-&(nid_objs[286]),/* "qcStatements" */
-&(nid_objs[457]),/* "qualityLabelledData" */
-&(nid_objs[450]),/* "rFC822localPart" */
-&(nid_objs[400]),/* "role" */
-&(nid_objs[448]),/* "room" */
-&(nid_objs[463]),/* "roomNumber" */
-&(nid_objs[ 6]),/* "rsaEncryption" */
-&(nid_objs[644]),/* "rsaOAEPEncryptionSET" */
-&(nid_objs[377]),/* "rsaSignature" */
-&(nid_objs[ 1]),/* "rsadsi" */
-&(nid_objs[482]),/* "sOARecord" */
-&(nid_objs[155]),/* "safeContentsBag" */
-&(nid_objs[291]),/* "sbqp-autonomousSysNum" */
-&(nid_objs[290]),/* "sbqp-ipAddrBlock" */
-&(nid_objs[292]),/* "sbqp-routerIdentifier" */
-&(nid_objs[159]),/* "sdsiCertificate" */
-&(nid_objs[690]),/* "secp112r1" */
-&(nid_objs[691]),/* "secp112r2" */
-&(nid_objs[692]),/* "secp128r1" */
-&(nid_objs[693]),/* "secp128r2" */
-&(nid_objs[694]),/* "secp160k1" */
-&(nid_objs[695]),/* "secp160r1" */
-&(nid_objs[696]),/* "secp160r2" */
-&(nid_objs[697]),/* "secp192k1" */
-&(nid_objs[698]),/* "secp224k1" */
-&(nid_objs[699]),/* "secp224r1" */
-&(nid_objs[700]),/* "secp256k1" */
-&(nid_objs[701]),/* "secp384r1" */
-&(nid_objs[702]),/* "secp521r1" */
-&(nid_objs[154]),/* "secretBag" */
-&(nid_objs[474]),/* "secretary" */
-&(nid_objs[703]),/* "sect113r1" */
-&(nid_objs[704]),/* "sect113r2" */
-&(nid_objs[705]),/* "sect131r1" */
-&(nid_objs[706]),/* "sect131r2" */
-&(nid_objs[707]),/* "sect163k1" */
-&(nid_objs[708]),/* "sect163r1" */
-&(nid_objs[709]),/* "sect163r2" */
-&(nid_objs[710]),/* "sect193r1" */
-&(nid_objs[711]),/* "sect193r2" */
-&(nid_objs[712]),/* "sect233k1" */
-&(nid_objs[713]),/* "sect233r1" */
-&(nid_objs[714]),/* "sect239k1" */
-&(nid_objs[715]),/* "sect283k1" */
-&(nid_objs[716]),/* "sect283r1" */
-&(nid_objs[717]),/* "sect409k1" */
-&(nid_objs[718]),/* "sect409r1" */
-&(nid_objs[719]),/* "sect571k1" */
-&(nid_objs[720]),/* "sect571r1" */
-&(nid_objs[386]),/* "security" */
-&(nid_objs[394]),/* "selected-attribute-types" */
-&(nid_objs[105]),/* "serialNumber" */
-&(nid_objs[129]),/* "serverAuth" */
-&(nid_objs[371]),/* "serviceLocator" */
-&(nid_objs[625]),/* "set-addPolicy" */
-&(nid_objs[515]),/* "set-attr" */
-&(nid_objs[518]),/* "set-brand" */
-&(nid_objs[638]),/* "set-brand-AmericanExpress" */
-&(nid_objs[637]),/* "set-brand-Diners" */
-&(nid_objs[636]),/* "set-brand-IATA-ATA" */
-&(nid_objs[639]),/* "set-brand-JCB" */
-&(nid_objs[641]),/* "set-brand-MasterCard" */
-&(nid_objs[642]),/* "set-brand-Novus" */
-&(nid_objs[640]),/* "set-brand-Visa" */
-&(nid_objs[517]),/* "set-certExt" */
-&(nid_objs[513]),/* "set-ctype" */
-&(nid_objs[514]),/* "set-msgExt" */
-&(nid_objs[516]),/* "set-policy" */
-&(nid_objs[607]),/* "set-policy-root" */
-&(nid_objs[624]),/* "set-rootKeyThumb" */
-&(nid_objs[620]),/* "setAttr-Cert" */
-&(nid_objs[631]),/* "setAttr-GenCryptgrm" */
-&(nid_objs[623]),/* "setAttr-IssCap" */
-&(nid_objs[628]),/* "setAttr-IssCap-CVM" */
-&(nid_objs[630]),/* "setAttr-IssCap-Sig" */
-&(nid_objs[629]),/* "setAttr-IssCap-T2" */
-&(nid_objs[621]),/* "setAttr-PGWYcap" */
-&(nid_objs[635]),/* "setAttr-SecDevSig" */
-&(nid_objs[632]),/* "setAttr-T2Enc" */
-&(nid_objs[633]),/* "setAttr-T2cleartxt" */
-&(nid_objs[634]),/* "setAttr-TokICCsig" */
-&(nid_objs[627]),/* "setAttr-Token-B0Prime" */
-&(nid_objs[626]),/* "setAttr-Token-EMV" */
-&(nid_objs[622]),/* "setAttr-TokenType" */
-&(nid_objs[619]),/* "setCext-IssuerCapabilities" */
-&(nid_objs[615]),/* "setCext-PGWYcapabilities" */
-&(nid_objs[616]),/* "setCext-TokenIdentifier" */
-&(nid_objs[618]),/* "setCext-TokenType" */
-&(nid_objs[617]),/* "setCext-Track2Data" */
-&(nid_objs[611]),/* "setCext-cCertRequired" */
-&(nid_objs[609]),/* "setCext-certType" */
-&(nid_objs[608]),/* "setCext-hashedRoot" */
-&(nid_objs[610]),/* "setCext-merchData" */
-&(nid_objs[613]),/* "setCext-setExt" */
-&(nid_objs[614]),/* "setCext-setQualf" */
-&(nid_objs[612]),/* "setCext-tunneling" */
-&(nid_objs[540]),/* "setct-AcqCardCodeMsg" */
-&(nid_objs[576]),/* "setct-AcqCardCodeMsgTBE" */
-&(nid_objs[570]),/* "setct-AuthReqTBE" */
-&(nid_objs[534]),/* "setct-AuthReqTBS" */
-&(nid_objs[527]),/* "setct-AuthResBaggage" */
-&(nid_objs[571]),/* "setct-AuthResTBE" */
-&(nid_objs[572]),/* "setct-AuthResTBEX" */
-&(nid_objs[535]),/* "setct-AuthResTBS" */
-&(nid_objs[536]),/* "setct-AuthResTBSX" */
-&(nid_objs[528]),/* "setct-AuthRevReqBaggage" */
-&(nid_objs[577]),/* "setct-AuthRevReqTBE" */
-&(nid_objs[541]),/* "setct-AuthRevReqTBS" */
-&(nid_objs[529]),/* "setct-AuthRevResBaggage" */
-&(nid_objs[542]),/* "setct-AuthRevResData" */
-&(nid_objs[578]),/* "setct-AuthRevResTBE" */
-&(nid_objs[579]),/* "setct-AuthRevResTBEB" */
-&(nid_objs[543]),/* "setct-AuthRevResTBS" */
-&(nid_objs[573]),/* "setct-AuthTokenTBE" */
-&(nid_objs[537]),/* "setct-AuthTokenTBS" */
-&(nid_objs[600]),/* "setct-BCIDistributionTBS" */
-&(nid_objs[558]),/* "setct-BatchAdminReqData" */
-&(nid_objs[592]),/* "setct-BatchAdminReqTBE" */
-&(nid_objs[559]),/* "setct-BatchAdminResData" */
-&(nid_objs[593]),/* "setct-BatchAdminResTBE" */
-&(nid_objs[599]),/* "setct-CRLNotificationResTBS" */
-&(nid_objs[598]),/* "setct-CRLNotificationTBS" */
-&(nid_objs[580]),/* "setct-CapReqTBE" */
-&(nid_objs[581]),/* "setct-CapReqTBEX" */
-&(nid_objs[544]),/* "setct-CapReqTBS" */
-&(nid_objs[545]),/* "setct-CapReqTBSX" */
-&(nid_objs[546]),/* "setct-CapResData" */
-&(nid_objs[582]),/* "setct-CapResTBE" */
-&(nid_objs[583]),/* "setct-CapRevReqTBE" */
-&(nid_objs[584]),/* "setct-CapRevReqTBEX" */
-&(nid_objs[547]),/* "setct-CapRevReqTBS" */
-&(nid_objs[548]),/* "setct-CapRevReqTBSX" */
-&(nid_objs[549]),/* "setct-CapRevResData" */
-&(nid_objs[585]),/* "setct-CapRevResTBE" */
-&(nid_objs[538]),/* "setct-CapTokenData" */
-&(nid_objs[530]),/* "setct-CapTokenSeq" */
-&(nid_objs[574]),/* "setct-CapTokenTBE" */
-&(nid_objs[575]),/* "setct-CapTokenTBEX" */
-&(nid_objs[539]),/* "setct-CapTokenTBS" */
-&(nid_objs[560]),/* "setct-CardCInitResTBS" */
-&(nid_objs[566]),/* "setct-CertInqReqTBS" */
-&(nid_objs[563]),/* "setct-CertReqData" */
-&(nid_objs[595]),/* "setct-CertReqTBE" */
-&(nid_objs[596]),/* "setct-CertReqTBEX" */
-&(nid_objs[564]),/* "setct-CertReqTBS" */
-&(nid_objs[565]),/* "setct-CertResData" */
-&(nid_objs[597]),/* "setct-CertResTBE" */
-&(nid_objs[586]),/* "setct-CredReqTBE" */
-&(nid_objs[587]),/* "setct-CredReqTBEX" */
-&(nid_objs[550]),/* "setct-CredReqTBS" */
-&(nid_objs[551]),/* "setct-CredReqTBSX" */
-&(nid_objs[552]),/* "setct-CredResData" */
-&(nid_objs[588]),/* "setct-CredResTBE" */
-&(nid_objs[589]),/* "setct-CredRevReqTBE" */
-&(nid_objs[590]),/* "setct-CredRevReqTBEX" */
-&(nid_objs[553]),/* "setct-CredRevReqTBS" */
-&(nid_objs[554]),/* "setct-CredRevReqTBSX" */
-&(nid_objs[555]),/* "setct-CredRevResData" */
-&(nid_objs[591]),/* "setct-CredRevResTBE" */
-&(nid_objs[567]),/* "setct-ErrorTBS" */
-&(nid_objs[526]),/* "setct-HODInput" */
-&(nid_objs[561]),/* "setct-MeAqCInitResTBS" */
-&(nid_objs[522]),/* "setct-OIData" */
-&(nid_objs[519]),/* "setct-PANData" */
-&(nid_objs[521]),/* "setct-PANOnly" */
-&(nid_objs[520]),/* "setct-PANToken" */
-&(nid_objs[556]),/* "setct-PCertReqData" */
-&(nid_objs[557]),/* "setct-PCertResTBS" */
-&(nid_objs[523]),/* "setct-PI" */
-&(nid_objs[532]),/* "setct-PI-TBS" */
-&(nid_objs[524]),/* "setct-PIData" */
-&(nid_objs[525]),/* "setct-PIDataUnsigned" */
-&(nid_objs[568]),/* "setct-PIDualSignedTBE" */
-&(nid_objs[569]),/* "setct-PIUnsignedTBE" */
-&(nid_objs[531]),/* "setct-PInitResData" */
-&(nid_objs[533]),/* "setct-PResData" */
-&(nid_objs[594]),/* "setct-RegFormReqTBE" */
-&(nid_objs[562]),/* "setct-RegFormResTBS" */
-&(nid_objs[606]),/* "setext-cv" */
-&(nid_objs[601]),/* "setext-genCrypt" */
-&(nid_objs[602]),/* "setext-miAuth" */
-&(nid_objs[604]),/* "setext-pinAny" */
-&(nid_objs[603]),/* "setext-pinSecure" */
-&(nid_objs[605]),/* "setext-track2" */
-&(nid_objs[52]),/* "signingTime" */
-&(nid_objs[454]),/* "simpleSecurityObject" */
-&(nid_objs[496]),/* "singleLevelQuality" */
-&(nid_objs[387]),/* "snmpv2" */
-&(nid_objs[660]),/* "streetAddress" */
-&(nid_objs[85]),/* "subjectAltName" */
-&(nid_objs[398]),/* "subjectInfoAccess" */
-&(nid_objs[82]),/* "subjectKeyIdentifier" */
-&(nid_objs[498]),/* "subtreeMaximumQuality" */
-&(nid_objs[497]),/* "subtreeMinimumQuality" */
-&(nid_objs[402]),/* "targetInformation" */
-&(nid_objs[459]),/* "textEncodedORAddress" */
-&(nid_objs[293]),/* "textNotice" */
-&(nid_objs[133]),/* "timeStamping" */
-&(nid_objs[106]),/* "title" */
-&(nid_objs[668]),/* "tpBasis" */
-&(nid_objs[375]),/* "trustRoot" */
-&(nid_objs[436]),/* "ucl" */
-&(nid_objs[55]),/* "unstructuredAddress" */
-&(nid_objs[49]),/* "unstructuredName" */
-&(nid_objs[465]),/* "userClass" */
-&(nid_objs[373]),/* "valid" */
-&(nid_objs[664]),/* "wap" */
-&(nid_objs[665]),/* "wap-wsg" */
-&(nid_objs[721]),/* "wap-wsg-idm-ecid-wtls1" */
-&(nid_objs[729]),/* "wap-wsg-idm-ecid-wtls10" */
-&(nid_objs[730]),/* "wap-wsg-idm-ecid-wtls11" */
-&(nid_objs[731]),/* "wap-wsg-idm-ecid-wtls12" */
-&(nid_objs[722]),/* "wap-wsg-idm-ecid-wtls3" */
-&(nid_objs[723]),/* "wap-wsg-idm-ecid-wtls4" */
-&(nid_objs[724]),/* "wap-wsg-idm-ecid-wtls5" */
-&(nid_objs[725]),/* "wap-wsg-idm-ecid-wtls6" */
-&(nid_objs[726]),/* "wap-wsg-idm-ecid-wtls7" */
-&(nid_objs[727]),/* "wap-wsg-idm-ecid-wtls8" */
-&(nid_objs[728]),/* "wap-wsg-idm-ecid-wtls9" */
-&(nid_objs[503]),/* "x500UniqueIdentifier" */
-&(nid_objs[158]),/* "x509Certificate" */
-&(nid_objs[160]),/* "x509Crl" */
+static const unsigned int sn_objs[NUM_SN]={
+364,	/* "AD_DVCS" */
+419,	/* "AES-128-CBC" */
+421,	/* "AES-128-CFB" */
+650,	/* "AES-128-CFB1" */
+653,	/* "AES-128-CFB8" */
+418,	/* "AES-128-ECB" */
+420,	/* "AES-128-OFB" */
+423,	/* "AES-192-CBC" */
+425,	/* "AES-192-CFB" */
+651,	/* "AES-192-CFB1" */
+654,	/* "AES-192-CFB8" */
+422,	/* "AES-192-ECB" */
+424,	/* "AES-192-OFB" */
+427,	/* "AES-256-CBC" */
+429,	/* "AES-256-CFB" */
+652,	/* "AES-256-CFB1" */
+655,	/* "AES-256-CFB8" */
+426,	/* "AES-256-ECB" */
+428,	/* "AES-256-OFB" */
+91,	/* "BF-CBC" */
+93,	/* "BF-CFB" */
+92,	/* "BF-ECB" */
+94,	/* "BF-OFB" */
+14,	/* "C" */
+751,	/* "CAMELLIA-128-CBC" */
+757,	/* "CAMELLIA-128-CFB" */
+760,	/* "CAMELLIA-128-CFB1" */
+763,	/* "CAMELLIA-128-CFB8" */
+754,	/* "CAMELLIA-128-ECB" */
+766,	/* "CAMELLIA-128-OFB" */
+752,	/* "CAMELLIA-192-CBC" */
+758,	/* "CAMELLIA-192-CFB" */
+761,	/* "CAMELLIA-192-CFB1" */
+764,	/* "CAMELLIA-192-CFB8" */
+755,	/* "CAMELLIA-192-ECB" */
+767,	/* "CAMELLIA-192-OFB" */
+753,	/* "CAMELLIA-256-CBC" */
+759,	/* "CAMELLIA-256-CFB" */
+762,	/* "CAMELLIA-256-CFB1" */
+765,	/* "CAMELLIA-256-CFB8" */
+756,	/* "CAMELLIA-256-ECB" */
+768,	/* "CAMELLIA-256-OFB" */
+108,	/* "CAST5-CBC" */
+110,	/* "CAST5-CFB" */
+109,	/* "CAST5-ECB" */
+111,	/* "CAST5-OFB" */
+13,	/* "CN" */
+141,	/* "CRLReason" */
+417,	/* "CSPName" */
+367,	/* "CrlID" */
+391,	/* "DC" */
+31,	/* "DES-CBC" */
+643,	/* "DES-CDMF" */
+30,	/* "DES-CFB" */
+656,	/* "DES-CFB1" */
+657,	/* "DES-CFB8" */
+29,	/* "DES-ECB" */
+32,	/* "DES-EDE" */
+43,	/* "DES-EDE-CBC" */
+60,	/* "DES-EDE-CFB" */
+62,	/* "DES-EDE-OFB" */
+33,	/* "DES-EDE3" */
+44,	/* "DES-EDE3-CBC" */
+61,	/* "DES-EDE3-CFB" */
+658,	/* "DES-EDE3-CFB1" */
+659,	/* "DES-EDE3-CFB8" */
+63,	/* "DES-EDE3-OFB" */
+45,	/* "DES-OFB" */
+80,	/* "DESX-CBC" */
+380,	/* "DOD" */
+116,	/* "DSA" */
+66,	/* "DSA-SHA" */
+113,	/* "DSA-SHA1" */
+70,	/* "DSA-SHA1-old" */
+67,	/* "DSA-old" */
+297,	/* "DVCS" */
+99,	/* "GN" */
+855,	/* "HMAC" */
+780,	/* "HMAC-MD5" */
+781,	/* "HMAC-SHA1" */
+381,	/* "IANA" */
+34,	/* "IDEA-CBC" */
+35,	/* "IDEA-CFB" */
+36,	/* "IDEA-ECB" */
+46,	/* "IDEA-OFB" */
+181,	/* "ISO" */
+183,	/* "ISO-US" */
+645,	/* "ITU-T" */
+646,	/* "JOINT-ISO-ITU-T" */
+773,	/* "KISA" */
+15,	/* "L" */
+856,	/* "LocalKeySet" */
+ 3,	/* "MD2" */
+257,	/* "MD4" */
+ 4,	/* "MD5" */
+114,	/* "MD5-SHA1" */
+95,	/* "MDC2" */
+388,	/* "Mail" */
+393,	/* "NULL" */
+404,	/* "NULL" */
+57,	/* "Netscape" */
+366,	/* "Nonce" */
+17,	/* "O" */
+178,	/* "OCSP" */
+180,	/* "OCSPSigning" */
+379,	/* "ORG" */
+18,	/* "OU" */
+749,	/* "Oakley-EC2N-3" */
+750,	/* "Oakley-EC2N-4" */
+ 9,	/* "PBE-MD2-DES" */
+168,	/* "PBE-MD2-RC2-64" */
+10,	/* "PBE-MD5-DES" */
+169,	/* "PBE-MD5-RC2-64" */
+147,	/* "PBE-SHA1-2DES" */
+146,	/* "PBE-SHA1-3DES" */
+170,	/* "PBE-SHA1-DES" */
+148,	/* "PBE-SHA1-RC2-128" */
+149,	/* "PBE-SHA1-RC2-40" */
+68,	/* "PBE-SHA1-RC2-64" */
+144,	/* "PBE-SHA1-RC4-128" */
+145,	/* "PBE-SHA1-RC4-40" */
+161,	/* "PBES2" */
+69,	/* "PBKDF2" */
+162,	/* "PBMAC1" */
+127,	/* "PKIX" */
+98,	/* "RC2-40-CBC" */
+166,	/* "RC2-64-CBC" */
+37,	/* "RC2-CBC" */
+39,	/* "RC2-CFB" */
+38,	/* "RC2-ECB" */
+40,	/* "RC2-OFB" */
+ 5,	/* "RC4" */
+97,	/* "RC4-40" */
+120,	/* "RC5-CBC" */
+122,	/* "RC5-CFB" */
+121,	/* "RC5-ECB" */
+123,	/* "RC5-OFB" */
+117,	/* "RIPEMD160" */
+124,	/* "RLE" */
+19,	/* "RSA" */
+ 7,	/* "RSA-MD2" */
+396,	/* "RSA-MD4" */
+ 8,	/* "RSA-MD5" */
+96,	/* "RSA-MDC2" */
+104,	/* "RSA-NP-MD5" */
+119,	/* "RSA-RIPEMD160" */
+42,	/* "RSA-SHA" */
+65,	/* "RSA-SHA1" */
+115,	/* "RSA-SHA1-2" */
+671,	/* "RSA-SHA224" */
+668,	/* "RSA-SHA256" */
+669,	/* "RSA-SHA384" */
+670,	/* "RSA-SHA512" */
+777,	/* "SEED-CBC" */
+779,	/* "SEED-CFB" */
+776,	/* "SEED-ECB" */
+778,	/* "SEED-OFB" */
+41,	/* "SHA" */
+64,	/* "SHA1" */
+675,	/* "SHA224" */
+672,	/* "SHA256" */
+673,	/* "SHA384" */
+674,	/* "SHA512" */
+188,	/* "SMIME" */
+167,	/* "SMIME-CAPS" */
+100,	/* "SN" */
+16,	/* "ST" */
+143,	/* "SXNetID" */
+458,	/* "UID" */
+ 0,	/* "UNDEF" */
+11,	/* "X500" */
+378,	/* "X500algorithms" */
+12,	/* "X509" */
+184,	/* "X9-57" */
+185,	/* "X9cm" */
+125,	/* "ZLIB" */
+478,	/* "aRecord" */
+289,	/* "aaControls" */
+287,	/* "ac-auditEntity" */
+397,	/* "ac-proxying" */
+288,	/* "ac-targeting" */
+368,	/* "acceptableResponses" */
+446,	/* "account" */
+363,	/* "ad_timestamping" */
+376,	/* "algorithm" */
+405,	/* "ansi-X9-62" */
+746,	/* "anyPolicy" */
+370,	/* "archiveCutoff" */
+484,	/* "associatedDomain" */
+485,	/* "associatedName" */
+501,	/* "audio" */
+177,	/* "authorityInfoAccess" */
+90,	/* "authorityKeyIdentifier" */
+882,	/* "authorityRevocationList" */
+87,	/* "basicConstraints" */
+365,	/* "basicOCSPResponse" */
+285,	/* "biometricInfo" */
+494,	/* "buildingName" */
+860,	/* "businessCategory" */
+691,	/* "c2onb191v4" */
+692,	/* "c2onb191v5" */
+697,	/* "c2onb239v4" */
+698,	/* "c2onb239v5" */
+684,	/* "c2pnb163v1" */
+685,	/* "c2pnb163v2" */
+686,	/* "c2pnb163v3" */
+687,	/* "c2pnb176v1" */
+693,	/* "c2pnb208w1" */
+699,	/* "c2pnb272w1" */
+700,	/* "c2pnb304w1" */
+702,	/* "c2pnb368w1" */
+688,	/* "c2tnb191v1" */
+689,	/* "c2tnb191v2" */
+690,	/* "c2tnb191v3" */
+694,	/* "c2tnb239v1" */
+695,	/* "c2tnb239v2" */
+696,	/* "c2tnb239v3" */
+701,	/* "c2tnb359v1" */
+703,	/* "c2tnb431r1" */
+881,	/* "cACertificate" */
+483,	/* "cNAMERecord" */
+179,	/* "caIssuers" */
+785,	/* "caRepository" */
+443,	/* "caseIgnoreIA5StringSyntax" */
+152,	/* "certBag" */
+677,	/* "certicom-arc" */
+771,	/* "certificateIssuer" */
+89,	/* "certificatePolicies" */
+883,	/* "certificateRevocationList" */
+54,	/* "challengePassword" */
+407,	/* "characteristic-two-field" */
+395,	/* "clearance" */
+130,	/* "clientAuth" */
+131,	/* "codeSigning" */
+50,	/* "contentType" */
+53,	/* "countersignature" */
+153,	/* "crlBag" */
+103,	/* "crlDistributionPoints" */
+88,	/* "crlNumber" */
+884,	/* "crossCertificatePair" */
+806,	/* "cryptocom" */
+805,	/* "cryptopro" */
+500,	/* "dITRedirect" */
+451,	/* "dNSDomain" */
+495,	/* "dSAQuality" */
+434,	/* "data" */
+390,	/* "dcobject" */
+140,	/* "deltaCRL" */
+891,	/* "deltaRevocationList" */
+107,	/* "description" */
+871,	/* "destinationIndicator" */
+28,	/* "dhKeyAgreement" */
+382,	/* "directory" */
+887,	/* "distinguishedName" */
+892,	/* "dmdName" */
+174,	/* "dnQualifier" */
+447,	/* "document" */
+471,	/* "documentAuthor" */
+468,	/* "documentIdentifier" */
+472,	/* "documentLocation" */
+502,	/* "documentPublisher" */
+449,	/* "documentSeries" */
+469,	/* "documentTitle" */
+470,	/* "documentVersion" */
+392,	/* "domain" */
+452,	/* "domainRelatedObject" */
+802,	/* "dsa_with_SHA224" */
+803,	/* "dsa_with_SHA256" */
+791,	/* "ecdsa-with-Recommended" */
+416,	/* "ecdsa-with-SHA1" */
+793,	/* "ecdsa-with-SHA224" */
+794,	/* "ecdsa-with-SHA256" */
+795,	/* "ecdsa-with-SHA384" */
+796,	/* "ecdsa-with-SHA512" */
+792,	/* "ecdsa-with-Specified" */
+48,	/* "emailAddress" */
+132,	/* "emailProtection" */
+885,	/* "enhancedSearchGuide" */
+389,	/* "enterprises" */
+384,	/* "experimental" */
+172,	/* "extReq" */
+56,	/* "extendedCertificateAttributes" */
+126,	/* "extendedKeyUsage" */
+372,	/* "extendedStatus" */
+867,	/* "facsimileTelephoneNumber" */
+462,	/* "favouriteDrink" */
+857,	/* "freshestCRL" */
+453,	/* "friendlyCountry" */
+490,	/* "friendlyCountryName" */
+156,	/* "friendlyName" */
+509,	/* "generationQualifier" */
+815,	/* "gost-mac" */
+811,	/* "gost2001" */
+851,	/* "gost2001cc" */
+813,	/* "gost89" */
+814,	/* "gost89-cnt" */
+812,	/* "gost94" */
+850,	/* "gost94cc" */
+797,	/* "hmacWithMD5" */
+163,	/* "hmacWithSHA1" */
+798,	/* "hmacWithSHA224" */
+799,	/* "hmacWithSHA256" */
+800,	/* "hmacWithSHA384" */
+801,	/* "hmacWithSHA512" */
+432,	/* "holdInstructionCallIssuer" */
+430,	/* "holdInstructionCode" */
+431,	/* "holdInstructionNone" */
+433,	/* "holdInstructionReject" */
+486,	/* "homePostalAddress" */
+473,	/* "homeTelephoneNumber" */
+466,	/* "host" */
+889,	/* "houseIdentifier" */
+442,	/* "iA5StringSyntax" */
+783,	/* "id-DHBasedMac" */
+824,	/* "id-Gost28147-89-CryptoPro-A-ParamSet" */
+825,	/* "id-Gost28147-89-CryptoPro-B-ParamSet" */
+826,	/* "id-Gost28147-89-CryptoPro-C-ParamSet" */
+827,	/* "id-Gost28147-89-CryptoPro-D-ParamSet" */
+819,	/* "id-Gost28147-89-CryptoPro-KeyMeshing" */
+829,	/* "id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet" */
+828,	/* "id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet" */
+830,	/* "id-Gost28147-89-CryptoPro-RIC-1-ParamSet" */
+820,	/* "id-Gost28147-89-None-KeyMeshing" */
+823,	/* "id-Gost28147-89-TestParamSet" */
+849,	/* "id-Gost28147-89-cc" */
+840,	/* "id-GostR3410-2001-CryptoPro-A-ParamSet" */
+841,	/* "id-GostR3410-2001-CryptoPro-B-ParamSet" */
+842,	/* "id-GostR3410-2001-CryptoPro-C-ParamSet" */
+843,	/* "id-GostR3410-2001-CryptoPro-XchA-ParamSet" */
+844,	/* "id-GostR3410-2001-CryptoPro-XchB-ParamSet" */
+854,	/* "id-GostR3410-2001-ParamSet-cc" */
+839,	/* "id-GostR3410-2001-TestParamSet" */
+817,	/* "id-GostR3410-2001DH" */
+832,	/* "id-GostR3410-94-CryptoPro-A-ParamSet" */
+833,	/* "id-GostR3410-94-CryptoPro-B-ParamSet" */
+834,	/* "id-GostR3410-94-CryptoPro-C-ParamSet" */
+835,	/* "id-GostR3410-94-CryptoPro-D-ParamSet" */
+836,	/* "id-GostR3410-94-CryptoPro-XchA-ParamSet" */
+837,	/* "id-GostR3410-94-CryptoPro-XchB-ParamSet" */
+838,	/* "id-GostR3410-94-CryptoPro-XchC-ParamSet" */
+831,	/* "id-GostR3410-94-TestParamSet" */
+845,	/* "id-GostR3410-94-a" */
+846,	/* "id-GostR3410-94-aBis" */
+847,	/* "id-GostR3410-94-b" */
+848,	/* "id-GostR3410-94-bBis" */
+818,	/* "id-GostR3410-94DH" */
+822,	/* "id-GostR3411-94-CryptoProParamSet" */
+821,	/* "id-GostR3411-94-TestParamSet" */
+807,	/* "id-GostR3411-94-with-GostR3410-2001" */
+853,	/* "id-GostR3411-94-with-GostR3410-2001-cc" */
+808,	/* "id-GostR3411-94-with-GostR3410-94" */
+852,	/* "id-GostR3411-94-with-GostR3410-94-cc" */
+810,	/* "id-HMACGostR3411-94" */
+782,	/* "id-PasswordBasedMAC" */
+266,	/* "id-aca" */
+355,	/* "id-aca-accessIdentity" */
+354,	/* "id-aca-authenticationInfo" */
+356,	/* "id-aca-chargingIdentity" */
+399,	/* "id-aca-encAttrs" */
+357,	/* "id-aca-group" */
+358,	/* "id-aca-role" */
+176,	/* "id-ad" */
+788,	/* "id-aes128-wrap" */
+789,	/* "id-aes192-wrap" */
+790,	/* "id-aes256-wrap" */
+262,	/* "id-alg" */
+893,	/* "id-alg-PWRI-KEK" */
+323,	/* "id-alg-des40" */
+326,	/* "id-alg-dh-pop" */
+325,	/* "id-alg-dh-sig-hmac-sha1" */
+324,	/* "id-alg-noSignature" */
+268,	/* "id-cct" */
+361,	/* "id-cct-PKIData" */
+362,	/* "id-cct-PKIResponse" */
+360,	/* "id-cct-crs" */
+81,	/* "id-ce" */
+680,	/* "id-characteristic-two-basis" */
+263,	/* "id-cmc" */
+334,	/* "id-cmc-addExtensions" */
+346,	/* "id-cmc-confirmCertAcceptance" */
+330,	/* "id-cmc-dataReturn" */
+336,	/* "id-cmc-decryptedPOP" */
+335,	/* "id-cmc-encryptedPOP" */
+339,	/* "id-cmc-getCRL" */
+338,	/* "id-cmc-getCert" */
+328,	/* "id-cmc-identification" */
+329,	/* "id-cmc-identityProof" */
+337,	/* "id-cmc-lraPOPWitness" */
+344,	/* "id-cmc-popLinkRandom" */
+345,	/* "id-cmc-popLinkWitness" */
+343,	/* "id-cmc-queryPending" */
+333,	/* "id-cmc-recipientNonce" */
+341,	/* "id-cmc-regInfo" */
+342,	/* "id-cmc-responseInfo" */
+340,	/* "id-cmc-revokeRequest" */
+332,	/* "id-cmc-senderNonce" */
+327,	/* "id-cmc-statusInfo" */
+331,	/* "id-cmc-transactionId" */
+787,	/* "id-ct-asciiTextWithCRLF" */
+408,	/* "id-ecPublicKey" */
+508,	/* "id-hex-multipart-message" */
+507,	/* "id-hex-partial-message" */
+260,	/* "id-it" */
+302,	/* "id-it-caKeyUpdateInfo" */
+298,	/* "id-it-caProtEncCert" */
+311,	/* "id-it-confirmWaitTime" */
+303,	/* "id-it-currentCRL" */
+300,	/* "id-it-encKeyPairTypes" */
+310,	/* "id-it-implicitConfirm" */
+308,	/* "id-it-keyPairParamRep" */
+307,	/* "id-it-keyPairParamReq" */
+312,	/* "id-it-origPKIMessage" */
+301,	/* "id-it-preferredSymmAlg" */
+309,	/* "id-it-revPassphrase" */
+299,	/* "id-it-signKeyPairTypes" */
+305,	/* "id-it-subscriptionRequest" */
+306,	/* "id-it-subscriptionResponse" */
+784,	/* "id-it-suppLangTags" */
+304,	/* "id-it-unsupportedOIDs" */
+128,	/* "id-kp" */
+280,	/* "id-mod-attribute-cert" */
+274,	/* "id-mod-cmc" */
+277,	/* "id-mod-cmp" */
+284,	/* "id-mod-cmp2000" */
+273,	/* "id-mod-crmf" */
+283,	/* "id-mod-dvcs" */
+275,	/* "id-mod-kea-profile-88" */
+276,	/* "id-mod-kea-profile-93" */
+282,	/* "id-mod-ocsp" */
+278,	/* "id-mod-qualified-cert-88" */
+279,	/* "id-mod-qualified-cert-93" */
+281,	/* "id-mod-timestamp-protocol" */
+264,	/* "id-on" */
+858,	/* "id-on-permanentIdentifier" */
+347,	/* "id-on-personalData" */
+265,	/* "id-pda" */
+352,	/* "id-pda-countryOfCitizenship" */
+353,	/* "id-pda-countryOfResidence" */
+348,	/* "id-pda-dateOfBirth" */
+351,	/* "id-pda-gender" */
+349,	/* "id-pda-placeOfBirth" */
+175,	/* "id-pe" */
+261,	/* "id-pkip" */
+258,	/* "id-pkix-mod" */
+269,	/* "id-pkix1-explicit-88" */
+271,	/* "id-pkix1-explicit-93" */
+270,	/* "id-pkix1-implicit-88" */
+272,	/* "id-pkix1-implicit-93" */
+662,	/* "id-ppl" */
+664,	/* "id-ppl-anyLanguage" */
+667,	/* "id-ppl-independent" */
+665,	/* "id-ppl-inheritAll" */
+267,	/* "id-qcs" */
+359,	/* "id-qcs-pkixQCSyntax-v1" */
+259,	/* "id-qt" */
+164,	/* "id-qt-cps" */
+165,	/* "id-qt-unotice" */
+313,	/* "id-regCtrl" */
+316,	/* "id-regCtrl-authenticator" */
+319,	/* "id-regCtrl-oldCertID" */
+318,	/* "id-regCtrl-pkiArchiveOptions" */
+317,	/* "id-regCtrl-pkiPublicationInfo" */
+320,	/* "id-regCtrl-protocolEncrKey" */
+315,	/* "id-regCtrl-regToken" */
+314,	/* "id-regInfo" */
+322,	/* "id-regInfo-certReq" */
+321,	/* "id-regInfo-utf8Pairs" */
+512,	/* "id-set" */
+191,	/* "id-smime-aa" */
+215,	/* "id-smime-aa-contentHint" */
+218,	/* "id-smime-aa-contentIdentifier" */
+221,	/* "id-smime-aa-contentReference" */
+240,	/* "id-smime-aa-dvcs-dvc" */
+217,	/* "id-smime-aa-encapContentType" */
+222,	/* "id-smime-aa-encrypKeyPref" */
+220,	/* "id-smime-aa-equivalentLabels" */
+232,	/* "id-smime-aa-ets-CertificateRefs" */
+233,	/* "id-smime-aa-ets-RevocationRefs" */
+238,	/* "id-smime-aa-ets-archiveTimeStamp" */
+237,	/* "id-smime-aa-ets-certCRLTimestamp" */
+234,	/* "id-smime-aa-ets-certValues" */
+227,	/* "id-smime-aa-ets-commitmentType" */
+231,	/* "id-smime-aa-ets-contentTimestamp" */
+236,	/* "id-smime-aa-ets-escTimeStamp" */
+230,	/* "id-smime-aa-ets-otherSigCert" */
+235,	/* "id-smime-aa-ets-revocationValues" */
+226,	/* "id-smime-aa-ets-sigPolicyId" */
+229,	/* "id-smime-aa-ets-signerAttr" */
+228,	/* "id-smime-aa-ets-signerLocation" */
+219,	/* "id-smime-aa-macValue" */
+214,	/* "id-smime-aa-mlExpandHistory" */
+216,	/* "id-smime-aa-msgSigDigest" */
+212,	/* "id-smime-aa-receiptRequest" */
+213,	/* "id-smime-aa-securityLabel" */
+239,	/* "id-smime-aa-signatureType" */
+223,	/* "id-smime-aa-signingCertificate" */
+224,	/* "id-smime-aa-smimeEncryptCerts" */
+225,	/* "id-smime-aa-timeStampToken" */
+192,	/* "id-smime-alg" */
+243,	/* "id-smime-alg-3DESwrap" */
+246,	/* "id-smime-alg-CMS3DESwrap" */
+247,	/* "id-smime-alg-CMSRC2wrap" */
+245,	/* "id-smime-alg-ESDH" */
+241,	/* "id-smime-alg-ESDHwith3DES" */
+242,	/* "id-smime-alg-ESDHwithRC2" */
+244,	/* "id-smime-alg-RC2wrap" */
+193,	/* "id-smime-cd" */
+248,	/* "id-smime-cd-ldap" */
+190,	/* "id-smime-ct" */
+210,	/* "id-smime-ct-DVCSRequestData" */
+211,	/* "id-smime-ct-DVCSResponseData" */
+208,	/* "id-smime-ct-TDTInfo" */
+207,	/* "id-smime-ct-TSTInfo" */
+205,	/* "id-smime-ct-authData" */
+786,	/* "id-smime-ct-compressedData" */
+209,	/* "id-smime-ct-contentInfo" */
+206,	/* "id-smime-ct-publishCert" */
+204,	/* "id-smime-ct-receipt" */
+195,	/* "id-smime-cti" */
+255,	/* "id-smime-cti-ets-proofOfApproval" */
+256,	/* "id-smime-cti-ets-proofOfCreation" */
+253,	/* "id-smime-cti-ets-proofOfDelivery" */
+251,	/* "id-smime-cti-ets-proofOfOrigin" */
+252,	/* "id-smime-cti-ets-proofOfReceipt" */
+254,	/* "id-smime-cti-ets-proofOfSender" */
+189,	/* "id-smime-mod" */
+196,	/* "id-smime-mod-cms" */
+197,	/* "id-smime-mod-ess" */
+202,	/* "id-smime-mod-ets-eSigPolicy-88" */
+203,	/* "id-smime-mod-ets-eSigPolicy-97" */
+200,	/* "id-smime-mod-ets-eSignature-88" */
+201,	/* "id-smime-mod-ets-eSignature-97" */
+199,	/* "id-smime-mod-msg-v3" */
+198,	/* "id-smime-mod-oid" */
+194,	/* "id-smime-spq" */
+250,	/* "id-smime-spq-ets-sqt-unotice" */
+249,	/* "id-smime-spq-ets-sqt-uri" */
+676,	/* "identified-organization" */
+461,	/* "info" */
+748,	/* "inhibitAnyPolicy" */
+101,	/* "initials" */
+647,	/* "international-organizations" */
+869,	/* "internationaliSDNNumber" */
+142,	/* "invalidityDate" */
+294,	/* "ipsecEndSystem" */
+295,	/* "ipsecTunnel" */
+296,	/* "ipsecUser" */
+86,	/* "issuerAltName" */
+770,	/* "issuingDistributionPoint" */
+492,	/* "janetMailbox" */
+150,	/* "keyBag" */
+83,	/* "keyUsage" */
+477,	/* "lastModifiedBy" */
+476,	/* "lastModifiedTime" */
+157,	/* "localKeyID" */
+480,	/* "mXRecord" */
+460,	/* "mail" */
+493,	/* "mailPreferenceOption" */
+467,	/* "manager" */
+809,	/* "md_gost94" */
+875,	/* "member" */
+182,	/* "member-body" */
+51,	/* "messageDigest" */
+383,	/* "mgmt" */
+504,	/* "mime-mhs" */
+506,	/* "mime-mhs-bodies" */
+505,	/* "mime-mhs-headings" */
+488,	/* "mobileTelephoneNumber" */
+136,	/* "msCTLSign" */
+135,	/* "msCodeCom" */
+134,	/* "msCodeInd" */
+138,	/* "msEFS" */
+171,	/* "msExtReq" */
+137,	/* "msSGC" */
+648,	/* "msSmartcardLogin" */
+649,	/* "msUPN" */
+481,	/* "nSRecord" */
+173,	/* "name" */
+666,	/* "nameConstraints" */
+369,	/* "noCheck" */
+403,	/* "noRevAvail" */
+72,	/* "nsBaseUrl" */
+76,	/* "nsCaPolicyUrl" */
+74,	/* "nsCaRevocationUrl" */
+58,	/* "nsCertExt" */
+79,	/* "nsCertSequence" */
+71,	/* "nsCertType" */
+78,	/* "nsComment" */
+59,	/* "nsDataType" */
+75,	/* "nsRenewalUrl" */
+73,	/* "nsRevocationUrl" */
+139,	/* "nsSGC" */
+77,	/* "nsSslServerName" */
+681,	/* "onBasis" */
+491,	/* "organizationalStatus" */
+475,	/* "otherMailbox" */
+876,	/* "owner" */
+489,	/* "pagerTelephoneNumber" */
+374,	/* "path" */
+112,	/* "pbeWithMD5AndCast5CBC" */
+499,	/* "personalSignature" */
+487,	/* "personalTitle" */
+464,	/* "photo" */
+863,	/* "physicalDeliveryOfficeName" */
+437,	/* "pilot" */
+439,	/* "pilotAttributeSyntax" */
+438,	/* "pilotAttributeType" */
+479,	/* "pilotAttributeType27" */
+456,	/* "pilotDSA" */
+441,	/* "pilotGroups" */
+444,	/* "pilotObject" */
+440,	/* "pilotObjectClass" */
+455,	/* "pilotOrganization" */
+445,	/* "pilotPerson" */
+ 2,	/* "pkcs" */
+186,	/* "pkcs1" */
+27,	/* "pkcs3" */
+187,	/* "pkcs5" */
+20,	/* "pkcs7" */
+21,	/* "pkcs7-data" */
+25,	/* "pkcs7-digestData" */
+26,	/* "pkcs7-encryptedData" */
+23,	/* "pkcs7-envelopedData" */
+24,	/* "pkcs7-signedAndEnvelopedData" */
+22,	/* "pkcs7-signedData" */
+151,	/* "pkcs8ShroudedKeyBag" */
+47,	/* "pkcs9" */
+401,	/* "policyConstraints" */
+747,	/* "policyMappings" */
+862,	/* "postOfficeBox" */
+861,	/* "postalAddress" */
+661,	/* "postalCode" */
+683,	/* "ppBasis" */
+872,	/* "preferredDeliveryMethod" */
+873,	/* "presentationAddress" */
+816,	/* "prf-gostr3411-94" */
+406,	/* "prime-field" */
+409,	/* "prime192v1" */
+410,	/* "prime192v2" */
+411,	/* "prime192v3" */
+412,	/* "prime239v1" */
+413,	/* "prime239v2" */
+414,	/* "prime239v3" */
+415,	/* "prime256v1" */
+385,	/* "private" */
+84,	/* "privateKeyUsagePeriod" */
+886,	/* "protocolInformation" */
+663,	/* "proxyCertInfo" */
+510,	/* "pseudonym" */
+435,	/* "pss" */
+286,	/* "qcStatements" */
+457,	/* "qualityLabelledData" */
+450,	/* "rFC822localPart" */
+870,	/* "registeredAddress" */
+400,	/* "role" */
+877,	/* "roleOccupant" */
+448,	/* "room" */
+463,	/* "roomNumber" */
+ 6,	/* "rsaEncryption" */
+644,	/* "rsaOAEPEncryptionSET" */
+377,	/* "rsaSignature" */
+ 1,	/* "rsadsi" */
+482,	/* "sOARecord" */
+155,	/* "safeContentsBag" */
+291,	/* "sbgp-autonomousSysNum" */
+290,	/* "sbgp-ipAddrBlock" */
+292,	/* "sbgp-routerIdentifier" */
+159,	/* "sdsiCertificate" */
+859,	/* "searchGuide" */
+704,	/* "secp112r1" */
+705,	/* "secp112r2" */
+706,	/* "secp128r1" */
+707,	/* "secp128r2" */
+708,	/* "secp160k1" */
+709,	/* "secp160r1" */
+710,	/* "secp160r2" */
+711,	/* "secp192k1" */
+712,	/* "secp224k1" */
+713,	/* "secp224r1" */
+714,	/* "secp256k1" */
+715,	/* "secp384r1" */
+716,	/* "secp521r1" */
+154,	/* "secretBag" */
+474,	/* "secretary" */
+717,	/* "sect113r1" */
+718,	/* "sect113r2" */
+719,	/* "sect131r1" */
+720,	/* "sect131r2" */
+721,	/* "sect163k1" */
+722,	/* "sect163r1" */
+723,	/* "sect163r2" */
+724,	/* "sect193r1" */
+725,	/* "sect193r2" */
+726,	/* "sect233k1" */
+727,	/* "sect233r1" */
+728,	/* "sect239k1" */
+729,	/* "sect283k1" */
+730,	/* "sect283r1" */
+731,	/* "sect409k1" */
+732,	/* "sect409r1" */
+733,	/* "sect571k1" */
+734,	/* "sect571r1" */
+386,	/* "security" */
+878,	/* "seeAlso" */
+394,	/* "selected-attribute-types" */
+105,	/* "serialNumber" */
+129,	/* "serverAuth" */
+371,	/* "serviceLocator" */
+625,	/* "set-addPolicy" */
+515,	/* "set-attr" */
+518,	/* "set-brand" */
+638,	/* "set-brand-AmericanExpress" */
+637,	/* "set-brand-Diners" */
+636,	/* "set-brand-IATA-ATA" */
+639,	/* "set-brand-JCB" */
+641,	/* "set-brand-MasterCard" */
+642,	/* "set-brand-Novus" */
+640,	/* "set-brand-Visa" */
+517,	/* "set-certExt" */
+513,	/* "set-ctype" */
+514,	/* "set-msgExt" */
+516,	/* "set-policy" */
+607,	/* "set-policy-root" */
+624,	/* "set-rootKeyThumb" */
+620,	/* "setAttr-Cert" */
+631,	/* "setAttr-GenCryptgrm" */
+623,	/* "setAttr-IssCap" */
+628,	/* "setAttr-IssCap-CVM" */
+630,	/* "setAttr-IssCap-Sig" */
+629,	/* "setAttr-IssCap-T2" */
+621,	/* "setAttr-PGWYcap" */
+635,	/* "setAttr-SecDevSig" */
+632,	/* "setAttr-T2Enc" */
+633,	/* "setAttr-T2cleartxt" */
+634,	/* "setAttr-TokICCsig" */
+627,	/* "setAttr-Token-B0Prime" */
+626,	/* "setAttr-Token-EMV" */
+622,	/* "setAttr-TokenType" */
+619,	/* "setCext-IssuerCapabilities" */
+615,	/* "setCext-PGWYcapabilities" */
+616,	/* "setCext-TokenIdentifier" */
+618,	/* "setCext-TokenType" */
+617,	/* "setCext-Track2Data" */
+611,	/* "setCext-cCertRequired" */
+609,	/* "setCext-certType" */
+608,	/* "setCext-hashedRoot" */
+610,	/* "setCext-merchData" */
+613,	/* "setCext-setExt" */
+614,	/* "setCext-setQualf" */
+612,	/* "setCext-tunneling" */
+540,	/* "setct-AcqCardCodeMsg" */
+576,	/* "setct-AcqCardCodeMsgTBE" */
+570,	/* "setct-AuthReqTBE" */
+534,	/* "setct-AuthReqTBS" */
+527,	/* "setct-AuthResBaggage" */
+571,	/* "setct-AuthResTBE" */
+572,	/* "setct-AuthResTBEX" */
+535,	/* "setct-AuthResTBS" */
+536,	/* "setct-AuthResTBSX" */
+528,	/* "setct-AuthRevReqBaggage" */
+577,	/* "setct-AuthRevReqTBE" */
+541,	/* "setct-AuthRevReqTBS" */
+529,	/* "setct-AuthRevResBaggage" */
+542,	/* "setct-AuthRevResData" */
+578,	/* "setct-AuthRevResTBE" */
+579,	/* "setct-AuthRevResTBEB" */
+543,	/* "setct-AuthRevResTBS" */
+573,	/* "setct-AuthTokenTBE" */
+537,	/* "setct-AuthTokenTBS" */
+600,	/* "setct-BCIDistributionTBS" */
+558,	/* "setct-BatchAdminReqData" */
+592,	/* "setct-BatchAdminReqTBE" */
+559,	/* "setct-BatchAdminResData" */
+593,	/* "setct-BatchAdminResTBE" */
+599,	/* "setct-CRLNotificationResTBS" */
+598,	/* "setct-CRLNotificationTBS" */
+580,	/* "setct-CapReqTBE" */
+581,	/* "setct-CapReqTBEX" */
+544,	/* "setct-CapReqTBS" */
+545,	/* "setct-CapReqTBSX" */
+546,	/* "setct-CapResData" */
+582,	/* "setct-CapResTBE" */
+583,	/* "setct-CapRevReqTBE" */
+584,	/* "setct-CapRevReqTBEX" */
+547,	/* "setct-CapRevReqTBS" */
+548,	/* "setct-CapRevReqTBSX" */
+549,	/* "setct-CapRevResData" */
+585,	/* "setct-CapRevResTBE" */
+538,	/* "setct-CapTokenData" */
+530,	/* "setct-CapTokenSeq" */
+574,	/* "setct-CapTokenTBE" */
+575,	/* "setct-CapTokenTBEX" */
+539,	/* "setct-CapTokenTBS" */
+560,	/* "setct-CardCInitResTBS" */
+566,	/* "setct-CertInqReqTBS" */
+563,	/* "setct-CertReqData" */
+595,	/* "setct-CertReqTBE" */
+596,	/* "setct-CertReqTBEX" */
+564,	/* "setct-CertReqTBS" */
+565,	/* "setct-CertResData" */
+597,	/* "setct-CertResTBE" */
+586,	/* "setct-CredReqTBE" */
+587,	/* "setct-CredReqTBEX" */
+550,	/* "setct-CredReqTBS" */
+551,	/* "setct-CredReqTBSX" */
+552,	/* "setct-CredResData" */
+588,	/* "setct-CredResTBE" */
+589,	/* "setct-CredRevReqTBE" */
+590,	/* "setct-CredRevReqTBEX" */
+553,	/* "setct-CredRevReqTBS" */
+554,	/* "setct-CredRevReqTBSX" */
+555,	/* "setct-CredRevResData" */
+591,	/* "setct-CredRevResTBE" */
+567,	/* "setct-ErrorTBS" */
+526,	/* "setct-HODInput" */
+561,	/* "setct-MeAqCInitResTBS" */
+522,	/* "setct-OIData" */
+519,	/* "setct-PANData" */
+521,	/* "setct-PANOnly" */
+520,	/* "setct-PANToken" */
+556,	/* "setct-PCertReqData" */
+557,	/* "setct-PCertResTBS" */
+523,	/* "setct-PI" */
+532,	/* "setct-PI-TBS" */
+524,	/* "setct-PIData" */
+525,	/* "setct-PIDataUnsigned" */
+568,	/* "setct-PIDualSignedTBE" */
+569,	/* "setct-PIUnsignedTBE" */
+531,	/* "setct-PInitResData" */
+533,	/* "setct-PResData" */
+594,	/* "setct-RegFormReqTBE" */
+562,	/* "setct-RegFormResTBS" */
+606,	/* "setext-cv" */
+601,	/* "setext-genCrypt" */
+602,	/* "setext-miAuth" */
+604,	/* "setext-pinAny" */
+603,	/* "setext-pinSecure" */
+605,	/* "setext-track2" */
+52,	/* "signingTime" */
+454,	/* "simpleSecurityObject" */
+496,	/* "singleLevelQuality" */
+387,	/* "snmpv2" */
+660,	/* "street" */
+85,	/* "subjectAltName" */
+769,	/* "subjectDirectoryAttributes" */
+398,	/* "subjectInfoAccess" */
+82,	/* "subjectKeyIdentifier" */
+498,	/* "subtreeMaximumQuality" */
+497,	/* "subtreeMinimumQuality" */
+890,	/* "supportedAlgorithms" */
+874,	/* "supportedApplicationContext" */
+402,	/* "targetInformation" */
+864,	/* "telephoneNumber" */
+866,	/* "teletexTerminalIdentifier" */
+865,	/* "telexNumber" */
+459,	/* "textEncodedORAddress" */
+293,	/* "textNotice" */
+133,	/* "timeStamping" */
+106,	/* "title" */
+682,	/* "tpBasis" */
+375,	/* "trustRoot" */
+436,	/* "ucl" */
+888,	/* "uniqueMember" */
+55,	/* "unstructuredAddress" */
+49,	/* "unstructuredName" */
+880,	/* "userCertificate" */
+465,	/* "userClass" */
+879,	/* "userPassword" */
+373,	/* "valid" */
+678,	/* "wap" */
+679,	/* "wap-wsg" */
+735,	/* "wap-wsg-idm-ecid-wtls1" */
+743,	/* "wap-wsg-idm-ecid-wtls10" */
+744,	/* "wap-wsg-idm-ecid-wtls11" */
+745,	/* "wap-wsg-idm-ecid-wtls12" */
+736,	/* "wap-wsg-idm-ecid-wtls3" */
+737,	/* "wap-wsg-idm-ecid-wtls4" */
+738,	/* "wap-wsg-idm-ecid-wtls5" */
+739,	/* "wap-wsg-idm-ecid-wtls6" */
+740,	/* "wap-wsg-idm-ecid-wtls7" */
+741,	/* "wap-wsg-idm-ecid-wtls8" */
+742,	/* "wap-wsg-idm-ecid-wtls9" */
+804,	/* "whirlpool" */
+868,	/* "x121Address" */
+503,	/* "x500UniqueIdentifier" */
+158,	/* "x509Certificate" */
+160,	/* "x509Crl" */
 };
 
-static ASN1_OBJECT *ln_objs[NUM_LN]={
-&(nid_objs[363]),/* "AD Time Stamping" */
-&(nid_objs[405]),/* "ANSI X9.62" */
-&(nid_objs[368]),/* "Acceptable OCSP Responses" */
-&(nid_objs[748]),/* "Any language" */
-&(nid_objs[177]),/* "Authority Information Access" */
-&(nid_objs[365]),/* "Basic OCSP Response" */
-&(nid_objs[285]),/* "Biometric Info" */
-&(nid_objs[179]),/* "CA Issuers" */
-&(nid_objs[131]),/* "Code Signing" */
-&(nid_objs[382]),/* "Directory" */
-&(nid_objs[392]),/* "Domain" */
-&(nid_objs[132]),/* "E-mail Protection" */
-&(nid_objs[389]),/* "Enterprises" */
-&(nid_objs[384]),/* "Experimental" */
-&(nid_objs[372]),/* "Extended OCSP Status" */
-&(nid_objs[172]),/* "Extension Request" */
-&(nid_objs[432]),/* "Hold Instruction Call Issuer" */
-&(nid_objs[430]),/* "Hold Instruction Code" */
-&(nid_objs[431]),/* "Hold Instruction None" */
-&(nid_objs[433]),/* "Hold Instruction Reject" */
-&(nid_objs[634]),/* "ICC or token signature" */
-&(nid_objs[294]),/* "IPSec End System" */
-&(nid_objs[295]),/* "IPSec Tunnel" */
-&(nid_objs[296]),/* "IPSec User" */
-&(nid_objs[182]),/* "ISO Member Body" */
-&(nid_objs[183]),/* "ISO US Member Body" */
-&(nid_objs[750]),/* "Independent" */
-&(nid_objs[749]),/* "Inherit all" */
-&(nid_objs[647]),/* "International Organizations" */
-&(nid_objs[142]),/* "Invalidity Date" */
-&(nid_objs[504]),/* "MIME MHS" */
-&(nid_objs[388]),/* "Mail" */
-&(nid_objs[383]),/* "Management" */
-&(nid_objs[417]),/* "Microsoft CSP Name" */
-&(nid_objs[135]),/* "Microsoft Commercial Code Signing" */
-&(nid_objs[138]),/* "Microsoft Encrypted File System" */
-&(nid_objs[171]),/* "Microsoft Extension Request" */
-&(nid_objs[134]),/* "Microsoft Individual Code Signing" */
-&(nid_objs[137]),/* "Microsoft Server Gated Crypto" */
-&(nid_objs[648]),/* "Microsoft Smartcardlogin" */
-&(nid_objs[136]),/* "Microsoft Trust List Signing" */
-&(nid_objs[649]),/* "Microsoft Universal Principal Name" */
-&(nid_objs[393]),/* "NULL" */
-&(nid_objs[404]),/* "NULL" */
-&(nid_objs[72]),/* "Netscape Base Url" */
-&(nid_objs[76]),/* "Netscape CA Policy Url" */
-&(nid_objs[74]),/* "Netscape CA Revocation Url" */
-&(nid_objs[71]),/* "Netscape Cert Type" */
-&(nid_objs[58]),/* "Netscape Certificate Extension" */
-&(nid_objs[79]),/* "Netscape Certificate Sequence" */
-&(nid_objs[78]),/* "Netscape Comment" */
-&(nid_objs[57]),/* "Netscape Communications Corp." */
-&(nid_objs[59]),/* "Netscape Data Type" */
-&(nid_objs[75]),/* "Netscape Renewal Url" */
-&(nid_objs[73]),/* "Netscape Revocation Url" */
-&(nid_objs[77]),/* "Netscape SSL Server Name" */
-&(nid_objs[139]),/* "Netscape Server Gated Crypto" */
-&(nid_objs[178]),/* "OCSP" */
-&(nid_objs[370]),/* "OCSP Archive Cutoff" */
-&(nid_objs[367]),/* "OCSP CRL ID" */
-&(nid_objs[369]),/* "OCSP No Check" */
-&(nid_objs[366]),/* "OCSP Nonce" */
-&(nid_objs[371]),/* "OCSP Service Locator" */
-&(nid_objs[180]),/* "OCSP Signing" */
-&(nid_objs[161]),/* "PBES2" */
-&(nid_objs[69]),/* "PBKDF2" */
-&(nid_objs[162]),/* "PBMAC1" */
-&(nid_objs[127]),/* "PKIX" */
-&(nid_objs[164]),/* "Policy Qualifier CPS" */
-&(nid_objs[165]),/* "Policy Qualifier User Notice" */
-&(nid_objs[385]),/* "Private" */
-&(nid_objs[747]),/* "Proxy Certificate Information" */
-&(nid_objs[ 1]),/* "RSA Data Security, Inc." */
-&(nid_objs[ 2]),/* "RSA Data Security, Inc. PKCS" */
-&(nid_objs[188]),/* "S/MIME" */
-&(nid_objs[167]),/* "S/MIME Capabilities" */
-&(nid_objs[387]),/* "SNMPv2" */
-&(nid_objs[512]),/* "Secure Electronic Transactions" */
-&(nid_objs[386]),/* "Security" */
-&(nid_objs[394]),/* "Selected Attribute Types" */
-&(nid_objs[143]),/* "Strong Extranet ID" */
-&(nid_objs[398]),/* "Subject Information Access" */
-&(nid_objs[130]),/* "TLS Web Client Authentication" */
-&(nid_objs[129]),/* "TLS Web Server Authentication" */
-&(nid_objs[133]),/* "Time Stamping" */
-&(nid_objs[375]),/* "Trust Root" */
-&(nid_objs[12]),/* "X509" */
-&(nid_objs[402]),/* "X509v3 AC Targeting" */
-&(nid_objs[737]),/* "X509v3 Any Policy" */
-&(nid_objs[90]),/* "X509v3 Authority Key Identifier" */
-&(nid_objs[87]),/* "X509v3 Basic Constraints" */
-&(nid_objs[103]),/* "X509v3 CRL Distribution Points" */
-&(nid_objs[88]),/* "X509v3 CRL Number" */
-&(nid_objs[141]),/* "X509v3 CRL Reason Code" */
-&(nid_objs[89]),/* "X509v3 Certificate Policies" */
-&(nid_objs[140]),/* "X509v3 Delta CRL Indicator" */
-&(nid_objs[126]),/* "X509v3 Extended Key Usage" */
-&(nid_objs[739]),/* "X509v3 Inhibit Any Policy" */
-&(nid_objs[86]),/* "X509v3 Issuer Alternative Name" */
-&(nid_objs[83]),/* "X509v3 Key Usage" */
-&(nid_objs[736]),/* "X509v3 Name Constraints" */
-&(nid_objs[403]),/* "X509v3 No Revocation Available" */
-&(nid_objs[401]),/* "X509v3 Policy Constraints" */
-&(nid_objs[738]),/* "X509v3 Policy Mappings" */
-&(nid_objs[84]),/* "X509v3 Private Key Usage Period" */
-&(nid_objs[85]),/* "X509v3 Subject Alternative Name" */
-&(nid_objs[82]),/* "X509v3 Subject Key Identifier" */
-&(nid_objs[184]),/* "X9.57" */
-&(nid_objs[185]),/* "X9.57 CM ?" */
-&(nid_objs[478]),/* "aRecord" */
-&(nid_objs[289]),/* "aaControls" */
-&(nid_objs[287]),/* "ac-auditEntity" */
-&(nid_objs[397]),/* "ac-proxying" */
-&(nid_objs[288]),/* "ac-targeting" */
-&(nid_objs[446]),/* "account" */
-&(nid_objs[364]),/* "ad dvcs" */
-&(nid_objs[606]),/* "additional verification" */
-&(nid_objs[419]),/* "aes-128-cbc" */
-&(nid_objs[421]),/* "aes-128-cfb" */
-&(nid_objs[650]),/* "aes-128-cfb1" */
-&(nid_objs[653]),/* "aes-128-cfb8" */
-&(nid_objs[418]),/* "aes-128-ecb" */
-&(nid_objs[420]),/* "aes-128-ofb" */
-&(nid_objs[423]),/* "aes-192-cbc" */
-&(nid_objs[425]),/* "aes-192-cfb" */
-&(nid_objs[651]),/* "aes-192-cfb1" */
-&(nid_objs[654]),/* "aes-192-cfb8" */
-&(nid_objs[422]),/* "aes-192-ecb" */
-&(nid_objs[424]),/* "aes-192-ofb" */
-&(nid_objs[427]),/* "aes-256-cbc" */
-&(nid_objs[429]),/* "aes-256-cfb" */
-&(nid_objs[652]),/* "aes-256-cfb1" */
-&(nid_objs[655]),/* "aes-256-cfb8" */
-&(nid_objs[426]),/* "aes-256-ecb" */
-&(nid_objs[428]),/* "aes-256-ofb" */
-&(nid_objs[376]),/* "algorithm" */
-&(nid_objs[484]),/* "associatedDomain" */
-&(nid_objs[485]),/* "associatedName" */
-&(nid_objs[501]),/* "audio" */
-&(nid_objs[91]),/* "bf-cbc" */
-&(nid_objs[93]),/* "bf-cfb" */
-&(nid_objs[92]),/* "bf-ecb" */
-&(nid_objs[94]),/* "bf-ofb" */
-&(nid_objs[494]),/* "buildingName" */
-&(nid_objs[677]),/* "c2onb191v4" */
-&(nid_objs[678]),/* "c2onb191v5" */
-&(nid_objs[683]),/* "c2onb239v4" */
-&(nid_objs[684]),/* "c2onb239v5" */
-&(nid_objs[670]),/* "c2pnb163v1" */
-&(nid_objs[671]),/* "c2pnb163v2" */
-&(nid_objs[672]),/* "c2pnb163v3" */
-&(nid_objs[673]),/* "c2pnb176v1" */
-&(nid_objs[679]),/* "c2pnb208w1" */
-&(nid_objs[685]),/* "c2pnb272w1" */
-&(nid_objs[686]),/* "c2pnb304w1" */
-&(nid_objs[688]),/* "c2pnb368w1" */
-&(nid_objs[674]),/* "c2tnb191v1" */
-&(nid_objs[675]),/* "c2tnb191v2" */
-&(nid_objs[676]),/* "c2tnb191v3" */
-&(nid_objs[680]),/* "c2tnb239v1" */
-&(nid_objs[681]),/* "c2tnb239v2" */
-&(nid_objs[682]),/* "c2tnb239v3" */
-&(nid_objs[687]),/* "c2tnb359v1" */
-&(nid_objs[689]),/* "c2tnb431r1" */
-&(nid_objs[483]),/* "cNAMERecord" */
-&(nid_objs[443]),/* "caseIgnoreIA5StringSyntax" */
-&(nid_objs[108]),/* "cast5-cbc" */
-&(nid_objs[110]),/* "cast5-cfb" */
-&(nid_objs[109]),/* "cast5-ecb" */
-&(nid_objs[111]),/* "cast5-ofb" */
-&(nid_objs[152]),/* "certBag" */
-&(nid_objs[663]),/* "certicom-arc" */
-&(nid_objs[517]),/* "certificate extensions" */
-&(nid_objs[54]),/* "challengePassword" */
-&(nid_objs[407]),/* "characteristic-two-field" */
-&(nid_objs[395]),/* "clearance" */
-&(nid_objs[633]),/* "cleartext track 2" */
-&(nid_objs[13]),/* "commonName" */
-&(nid_objs[513]),/* "content types" */
-&(nid_objs[50]),/* "contentType" */
-&(nid_objs[53]),/* "countersignature" */
-&(nid_objs[14]),/* "countryName" */
-&(nid_objs[153]),/* "crlBag" */
-&(nid_objs[500]),/* "dITRedirect" */
-&(nid_objs[451]),/* "dNSDomain" */
-&(nid_objs[495]),/* "dSAQuality" */
-&(nid_objs[434]),/* "data" */
-&(nid_objs[390]),/* "dcObject" */
-&(nid_objs[31]),/* "des-cbc" */
-&(nid_objs[643]),/* "des-cdmf" */
-&(nid_objs[30]),/* "des-cfb" */
-&(nid_objs[656]),/* "des-cfb1" */
-&(nid_objs[657]),/* "des-cfb8" */
-&(nid_objs[29]),/* "des-ecb" */
-&(nid_objs[32]),/* "des-ede" */
-&(nid_objs[43]),/* "des-ede-cbc" */
-&(nid_objs[60]),/* "des-ede-cfb" */
-&(nid_objs[62]),/* "des-ede-ofb" */
-&(nid_objs[33]),/* "des-ede3" */
-&(nid_objs[44]),/* "des-ede3-cbc" */
-&(nid_objs[61]),/* "des-ede3-cfb" */
-&(nid_objs[658]),/* "des-ede3-cfb1" */
-&(nid_objs[659]),/* "des-ede3-cfb8" */
-&(nid_objs[63]),/* "des-ede3-ofb" */
-&(nid_objs[45]),/* "des-ofb" */
-&(nid_objs[107]),/* "description" */
-&(nid_objs[80]),/* "desx-cbc" */
-&(nid_objs[28]),/* "dhKeyAgreement" */
-&(nid_objs[11]),/* "directory services (X.500)" */
-&(nid_objs[378]),/* "directory services - algorithms" */
-&(nid_objs[174]),/* "dnQualifier" */
-&(nid_objs[447]),/* "document" */
-&(nid_objs[471]),/* "documentAuthor" */
-&(nid_objs[468]),/* "documentIdentifier" */
-&(nid_objs[472]),/* "documentLocation" */
-&(nid_objs[502]),/* "documentPublisher" */
-&(nid_objs[449]),/* "documentSeries" */
-&(nid_objs[469]),/* "documentTitle" */
-&(nid_objs[470]),/* "documentVersion" */
-&(nid_objs[380]),/* "dod" */
-&(nid_objs[391]),/* "domainComponent" */
-&(nid_objs[452]),/* "domainRelatedObject" */
-&(nid_objs[116]),/* "dsaEncryption" */
-&(nid_objs[67]),/* "dsaEncryption-old" */
-&(nid_objs[66]),/* "dsaWithSHA" */
-&(nid_objs[113]),/* "dsaWithSHA1" */
-&(nid_objs[70]),/* "dsaWithSHA1-old" */
-&(nid_objs[297]),/* "dvcs" */
-&(nid_objs[416]),/* "ecdsa-with-SHA1" */
-&(nid_objs[48]),/* "emailAddress" */
-&(nid_objs[632]),/* "encrypted track 2" */
-&(nid_objs[56]),/* "extendedCertificateAttributes" */
-&(nid_objs[462]),/* "favouriteDrink" */
-&(nid_objs[453]),/* "friendlyCountry" */
-&(nid_objs[490]),/* "friendlyCountryName" */
-&(nid_objs[156]),/* "friendlyName" */
-&(nid_objs[631]),/* "generate cryptogram" */
-&(nid_objs[509]),/* "generationQualifier" */
-&(nid_objs[601]),/* "generic cryptogram" */
-&(nid_objs[99]),/* "givenName" */
-&(nid_objs[163]),/* "hmacWithSHA1" */
-&(nid_objs[486]),/* "homePostalAddress" */
-&(nid_objs[473]),/* "homeTelephoneNumber" */
-&(nid_objs[466]),/* "host" */
-&(nid_objs[442]),/* "iA5StringSyntax" */
-&(nid_objs[381]),/* "iana" */
-&(nid_objs[266]),/* "id-aca" */
-&(nid_objs[355]),/* "id-aca-accessIdentity" */
-&(nid_objs[354]),/* "id-aca-authenticationInfo" */
-&(nid_objs[356]),/* "id-aca-chargingIdentity" */
-&(nid_objs[399]),/* "id-aca-encAttrs" */
-&(nid_objs[357]),/* "id-aca-group" */
-&(nid_objs[358]),/* "id-aca-role" */
-&(nid_objs[176]),/* "id-ad" */
-&(nid_objs[262]),/* "id-alg" */
-&(nid_objs[323]),/* "id-alg-des40" */
-&(nid_objs[326]),/* "id-alg-dh-pop" */
-&(nid_objs[325]),/* "id-alg-dh-sig-hmac-sha1" */
-&(nid_objs[324]),/* "id-alg-noSignature" */
-&(nid_objs[268]),/* "id-cct" */
-&(nid_objs[361]),/* "id-cct-PKIData" */
-&(nid_objs[362]),/* "id-cct-PKIResponse" */
-&(nid_objs[360]),/* "id-cct-crs" */
-&(nid_objs[81]),/* "id-ce" */
-&(nid_objs[666]),/* "id-characteristic-two-basis" */
-&(nid_objs[263]),/* "id-cmc" */
-&(nid_objs[334]),/* "id-cmc-addExtensions" */
-&(nid_objs[346]),/* "id-cmc-confirmCertAcceptance" */
-&(nid_objs[330]),/* "id-cmc-dataReturn" */
-&(nid_objs[336]),/* "id-cmc-decryptedPOP" */
-&(nid_objs[335]),/* "id-cmc-encryptedPOP" */
-&(nid_objs[339]),/* "id-cmc-getCRL" */
-&(nid_objs[338]),/* "id-cmc-getCert" */
-&(nid_objs[328]),/* "id-cmc-identification" */
-&(nid_objs[329]),/* "id-cmc-identityProof" */
-&(nid_objs[337]),/* "id-cmc-lraPOPWitness" */
-&(nid_objs[344]),/* "id-cmc-popLinkRandom" */
-&(nid_objs[345]),/* "id-cmc-popLinkWitness" */
-&(nid_objs[343]),/* "id-cmc-queryPending" */
-&(nid_objs[333]),/* "id-cmc-recipientNonce" */
-&(nid_objs[341]),/* "id-cmc-regInfo" */
-&(nid_objs[342]),/* "id-cmc-responseInfo" */
-&(nid_objs[340]),/* "id-cmc-revokeRequest" */
-&(nid_objs[332]),/* "id-cmc-senderNonce" */
-&(nid_objs[327]),/* "id-cmc-statusInfo" */
-&(nid_objs[331]),/* "id-cmc-transactionId" */
-&(nid_objs[408]),/* "id-ecPublicKey" */
-&(nid_objs[508]),/* "id-hex-multipart-message" */
-&(nid_objs[507]),/* "id-hex-partial-message" */
-&(nid_objs[260]),/* "id-it" */
-&(nid_objs[302]),/* "id-it-caKeyUpdateInfo" */
-&(nid_objs[298]),/* "id-it-caProtEncCert" */
-&(nid_objs[311]),/* "id-it-confirmWaitTime" */
-&(nid_objs[303]),/* "id-it-currentCRL" */
-&(nid_objs[300]),/* "id-it-encKeyPairTypes" */
-&(nid_objs[310]),/* "id-it-implicitConfirm" */
-&(nid_objs[308]),/* "id-it-keyPairParamRep" */
-&(nid_objs[307]),/* "id-it-keyPairParamReq" */
-&(nid_objs[312]),/* "id-it-origPKIMessage" */
-&(nid_objs[301]),/* "id-it-preferredSymmAlg" */
-&(nid_objs[309]),/* "id-it-revPassphrase" */
-&(nid_objs[299]),/* "id-it-signKeyPairTypes" */
-&(nid_objs[305]),/* "id-it-subscriptionRequest" */
-&(nid_objs[306]),/* "id-it-subscriptionResponse" */
-&(nid_objs[304]),/* "id-it-unsupportedOIDs" */
-&(nid_objs[128]),/* "id-kp" */
-&(nid_objs[280]),/* "id-mod-attribute-cert" */
-&(nid_objs[274]),/* "id-mod-cmc" */
-&(nid_objs[277]),/* "id-mod-cmp" */
-&(nid_objs[284]),/* "id-mod-cmp2000" */
-&(nid_objs[273]),/* "id-mod-crmf" */
-&(nid_objs[283]),/* "id-mod-dvcs" */
-&(nid_objs[275]),/* "id-mod-kea-profile-88" */
-&(nid_objs[276]),/* "id-mod-kea-profile-93" */
-&(nid_objs[282]),/* "id-mod-ocsp" */
-&(nid_objs[278]),/* "id-mod-qualified-cert-88" */
-&(nid_objs[279]),/* "id-mod-qualified-cert-93" */
-&(nid_objs[281]),/* "id-mod-timestamp-protocol" */
-&(nid_objs[264]),/* "id-on" */
-&(nid_objs[347]),/* "id-on-personalData" */
-&(nid_objs[265]),/* "id-pda" */
-&(nid_objs[352]),/* "id-pda-countryOfCitizenship" */
-&(nid_objs[353]),/* "id-pda-countryOfResidence" */
-&(nid_objs[348]),/* "id-pda-dateOfBirth" */
-&(nid_objs[351]),/* "id-pda-gender" */
-&(nid_objs[349]),/* "id-pda-placeOfBirth" */
-&(nid_objs[175]),/* "id-pe" */
-&(nid_objs[261]),/* "id-pkip" */
-&(nid_objs[258]),/* "id-pkix-mod" */
-&(nid_objs[269]),/* "id-pkix1-explicit-88" */
-&(nid_objs[271]),/* "id-pkix1-explicit-93" */
-&(nid_objs[270]),/* "id-pkix1-implicit-88" */
-&(nid_objs[272]),/* "id-pkix1-implicit-93" */
-&(nid_objs[746]),/* "id-ppl" */
-&(nid_objs[267]),/* "id-qcs" */
-&(nid_objs[359]),/* "id-qcs-pkixQCSyntax-v1" */
-&(nid_objs[259]),/* "id-qt" */
-&(nid_objs[313]),/* "id-regCtrl" */
-&(nid_objs[316]),/* "id-regCtrl-authenticator" */
-&(nid_objs[319]),/* "id-regCtrl-oldCertID" */
-&(nid_objs[318]),/* "id-regCtrl-pkiArchiveOptions" */
-&(nid_objs[317]),/* "id-regCtrl-pkiPublicationInfo" */
-&(nid_objs[320]),/* "id-regCtrl-protocolEncrKey" */
-&(nid_objs[315]),/* "id-regCtrl-regToken" */
-&(nid_objs[314]),/* "id-regInfo" */
-&(nid_objs[322]),/* "id-regInfo-certReq" */
-&(nid_objs[321]),/* "id-regInfo-utf8Pairs" */
-&(nid_objs[191]),/* "id-smime-aa" */
-&(nid_objs[215]),/* "id-smime-aa-contentHint" */
-&(nid_objs[218]),/* "id-smime-aa-contentIdentifier" */
-&(nid_objs[221]),/* "id-smime-aa-contentReference" */
-&(nid_objs[240]),/* "id-smime-aa-dvcs-dvc" */
-&(nid_objs[217]),/* "id-smime-aa-encapContentType" */
-&(nid_objs[222]),/* "id-smime-aa-encrypKeyPref" */
-&(nid_objs[220]),/* "id-smime-aa-equivalentLabels" */
-&(nid_objs[232]),/* "id-smime-aa-ets-CertificateRefs" */
-&(nid_objs[233]),/* "id-smime-aa-ets-RevocationRefs" */
-&(nid_objs[238]),/* "id-smime-aa-ets-archiveTimeStamp" */
-&(nid_objs[237]),/* "id-smime-aa-ets-certCRLTimestamp" */
-&(nid_objs[234]),/* "id-smime-aa-ets-certValues" */
-&(nid_objs[227]),/* "id-smime-aa-ets-commitmentType" */
-&(nid_objs[231]),/* "id-smime-aa-ets-contentTimestamp" */
-&(nid_objs[236]),/* "id-smime-aa-ets-escTimeStamp" */
-&(nid_objs[230]),/* "id-smime-aa-ets-otherSigCert" */
-&(nid_objs[235]),/* "id-smime-aa-ets-revocationValues" */
-&(nid_objs[226]),/* "id-smime-aa-ets-sigPolicyId" */
-&(nid_objs[229]),/* "id-smime-aa-ets-signerAttr" */
-&(nid_objs[228]),/* "id-smime-aa-ets-signerLocation" */
-&(nid_objs[219]),/* "id-smime-aa-macValue" */
-&(nid_objs[214]),/* "id-smime-aa-mlExpandHistory" */
-&(nid_objs[216]),/* "id-smime-aa-msgSigDigest" */
-&(nid_objs[212]),/* "id-smime-aa-receiptRequest" */
-&(nid_objs[213]),/* "id-smime-aa-securityLabel" */
-&(nid_objs[239]),/* "id-smime-aa-signatureType" */
-&(nid_objs[223]),/* "id-smime-aa-signingCertificate" */
-&(nid_objs[224]),/* "id-smime-aa-smimeEncryptCerts" */
-&(nid_objs[225]),/* "id-smime-aa-timeStampToken" */
-&(nid_objs[192]),/* "id-smime-alg" */
-&(nid_objs[243]),/* "id-smime-alg-3DESwrap" */
-&(nid_objs[246]),/* "id-smime-alg-CMS3DESwrap" */
-&(nid_objs[247]),/* "id-smime-alg-CMSRC2wrap" */
-&(nid_objs[245]),/* "id-smime-alg-ESDH" */
-&(nid_objs[241]),/* "id-smime-alg-ESDHwith3DES" */
-&(nid_objs[242]),/* "id-smime-alg-ESDHwithRC2" */
-&(nid_objs[244]),/* "id-smime-alg-RC2wrap" */
-&(nid_objs[193]),/* "id-smime-cd" */
-&(nid_objs[248]),/* "id-smime-cd-ldap" */
-&(nid_objs[190]),/* "id-smime-ct" */
-&(nid_objs[210]),/* "id-smime-ct-DVCSRequestData" */
-&(nid_objs[211]),/* "id-smime-ct-DVCSResponseData" */
-&(nid_objs[208]),/* "id-smime-ct-TDTInfo" */
-&(nid_objs[207]),/* "id-smime-ct-TSTInfo" */
-&(nid_objs[205]),/* "id-smime-ct-authData" */
-&(nid_objs[209]),/* "id-smime-ct-contentInfo" */
-&(nid_objs[206]),/* "id-smime-ct-publishCert" */
-&(nid_objs[204]),/* "id-smime-ct-receipt" */
-&(nid_objs[195]),/* "id-smime-cti" */
-&(nid_objs[255]),/* "id-smime-cti-ets-proofOfApproval" */
-&(nid_objs[256]),/* "id-smime-cti-ets-proofOfCreation" */
-&(nid_objs[253]),/* "id-smime-cti-ets-proofOfDelivery" */
-&(nid_objs[251]),/* "id-smime-cti-ets-proofOfOrigin" */
-&(nid_objs[252]),/* "id-smime-cti-ets-proofOfReceipt" */
-&(nid_objs[254]),/* "id-smime-cti-ets-proofOfSender" */
-&(nid_objs[189]),/* "id-smime-mod" */
-&(nid_objs[196]),/* "id-smime-mod-cms" */
-&(nid_objs[197]),/* "id-smime-mod-ess" */
-&(nid_objs[202]),/* "id-smime-mod-ets-eSigPolicy-88" */
-&(nid_objs[203]),/* "id-smime-mod-ets-eSigPolicy-97" */
-&(nid_objs[200]),/* "id-smime-mod-ets-eSignature-88" */
-&(nid_objs[201]),/* "id-smime-mod-ets-eSignature-97" */
-&(nid_objs[199]),/* "id-smime-mod-msg-v3" */
-&(nid_objs[198]),/* "id-smime-mod-oid" */
-&(nid_objs[194]),/* "id-smime-spq" */
-&(nid_objs[250]),/* "id-smime-spq-ets-sqt-unotice" */
-&(nid_objs[249]),/* "id-smime-spq-ets-sqt-uri" */
-&(nid_objs[34]),/* "idea-cbc" */
-&(nid_objs[35]),/* "idea-cfb" */
-&(nid_objs[36]),/* "idea-ecb" */
-&(nid_objs[46]),/* "idea-ofb" */
-&(nid_objs[662]),/* "identified-organization" */
-&(nid_objs[461]),/* "info" */
-&(nid_objs[101]),/* "initials" */
-&(nid_objs[744]),/* "ipsec3" */
-&(nid_objs[745]),/* "ipsec4" */
-&(nid_objs[181]),/* "iso" */
-&(nid_objs[623]),/* "issuer capabilities" */
-&(nid_objs[645]),/* "itu-t" */
-&(nid_objs[492]),/* "janetMailbox" */
-&(nid_objs[646]),/* "joint-iso-itu-t" */
-&(nid_objs[150]),/* "keyBag" */
-&(nid_objs[477]),/* "lastModifiedBy" */
-&(nid_objs[476]),/* "lastModifiedTime" */
-&(nid_objs[157]),/* "localKeyID" */
-&(nid_objs[15]),/* "localityName" */
-&(nid_objs[480]),/* "mXRecord" */
-&(nid_objs[493]),/* "mailPreferenceOption" */
-&(nid_objs[467]),/* "manager" */
-&(nid_objs[ 3]),/* "md2" */
-&(nid_objs[ 7]),/* "md2WithRSAEncryption" */
-&(nid_objs[257]),/* "md4" */
-&(nid_objs[396]),/* "md4WithRSAEncryption" */
-&(nid_objs[ 4]),/* "md5" */
-&(nid_objs[114]),/* "md5-sha1" */
-&(nid_objs[104]),/* "md5WithRSA" */
-&(nid_objs[ 8]),/* "md5WithRSAEncryption" */
-&(nid_objs[95]),/* "mdc2" */
-&(nid_objs[96]),/* "mdc2WithRSA" */
-&(nid_objs[602]),/* "merchant initiated auth" */
-&(nid_objs[514]),/* "message extensions" */
-&(nid_objs[51]),/* "messageDigest" */
-&(nid_objs[506]),/* "mime-mhs-bodies" */
-&(nid_objs[505]),/* "mime-mhs-headings" */
-&(nid_objs[488]),/* "mobileTelephoneNumber" */
-&(nid_objs[481]),/* "nSRecord" */
-&(nid_objs[173]),/* "name" */
-&(nid_objs[667]),/* "onBasis" */
-&(nid_objs[379]),/* "org" */
-&(nid_objs[17]),/* "organizationName" */
-&(nid_objs[491]),/* "organizationalStatus" */
-&(nid_objs[18]),/* "organizationalUnitName" */
-&(nid_objs[475]),/* "otherMailbox" */
-&(nid_objs[489]),/* "pagerTelephoneNumber" */
-&(nid_objs[374]),/* "path" */
-&(nid_objs[621]),/* "payment gateway capabilities" */
-&(nid_objs[ 9]),/* "pbeWithMD2AndDES-CBC" */
-&(nid_objs[168]),/* "pbeWithMD2AndRC2-CBC" */
-&(nid_objs[112]),/* "pbeWithMD5AndCast5CBC" */
-&(nid_objs[10]),/* "pbeWithMD5AndDES-CBC" */
-&(nid_objs[169]),/* "pbeWithMD5AndRC2-CBC" */
-&(nid_objs[148]),/* "pbeWithSHA1And128BitRC2-CBC" */
-&(nid_objs[144]),/* "pbeWithSHA1And128BitRC4" */
-&(nid_objs[147]),/* "pbeWithSHA1And2-KeyTripleDES-CBC" */
-&(nid_objs[146]),/* "pbeWithSHA1And3-KeyTripleDES-CBC" */
-&(nid_objs[149]),/* "pbeWithSHA1And40BitRC2-CBC" */
-&(nid_objs[145]),/* "pbeWithSHA1And40BitRC4" */
-&(nid_objs[170]),/* "pbeWithSHA1AndDES-CBC" */
-&(nid_objs[68]),/* "pbeWithSHA1AndRC2-CBC" */
-&(nid_objs[499]),/* "personalSignature" */
-&(nid_objs[487]),/* "personalTitle" */
-&(nid_objs[464]),/* "photo" */
-&(nid_objs[437]),/* "pilot" */
-&(nid_objs[439]),/* "pilotAttributeSyntax" */
-&(nid_objs[438]),/* "pilotAttributeType" */
-&(nid_objs[479]),/* "pilotAttributeType27" */
-&(nid_objs[456]),/* "pilotDSA" */
-&(nid_objs[441]),/* "pilotGroups" */
-&(nid_objs[444]),/* "pilotObject" */
-&(nid_objs[440]),/* "pilotObjectClass" */
-&(nid_objs[455]),/* "pilotOrganization" */
-&(nid_objs[445]),/* "pilotPerson" */
-&(nid_objs[186]),/* "pkcs1" */
-&(nid_objs[27]),/* "pkcs3" */
-&(nid_objs[187]),/* "pkcs5" */
-&(nid_objs[20]),/* "pkcs7" */
-&(nid_objs[21]),/* "pkcs7-data" */
-&(nid_objs[25]),/* "pkcs7-digestData" */
-&(nid_objs[26]),/* "pkcs7-encryptedData" */
-&(nid_objs[23]),/* "pkcs7-envelopedData" */
-&(nid_objs[24]),/* "pkcs7-signedAndEnvelopedData" */
-&(nid_objs[22]),/* "pkcs7-signedData" */
-&(nid_objs[151]),/* "pkcs8ShroudedKeyBag" */
-&(nid_objs[47]),/* "pkcs9" */
-&(nid_objs[661]),/* "postalCode" */
-&(nid_objs[669]),/* "ppBasis" */
-&(nid_objs[406]),/* "prime-field" */
-&(nid_objs[409]),/* "prime192v1" */
-&(nid_objs[410]),/* "prime192v2" */
-&(nid_objs[411]),/* "prime192v3" */
-&(nid_objs[412]),/* "prime239v1" */
-&(nid_objs[413]),/* "prime239v2" */
-&(nid_objs[414]),/* "prime239v3" */
-&(nid_objs[415]),/* "prime256v1" */
-&(nid_objs[510]),/* "pseudonym" */
-&(nid_objs[435]),/* "pss" */
-&(nid_objs[286]),/* "qcStatements" */
-&(nid_objs[457]),/* "qualityLabelledData" */
-&(nid_objs[450]),/* "rFC822localPart" */
-&(nid_objs[98]),/* "rc2-40-cbc" */
-&(nid_objs[166]),/* "rc2-64-cbc" */
-&(nid_objs[37]),/* "rc2-cbc" */
-&(nid_objs[39]),/* "rc2-cfb" */
-&(nid_objs[38]),/* "rc2-ecb" */
-&(nid_objs[40]),/* "rc2-ofb" */
-&(nid_objs[ 5]),/* "rc4" */
-&(nid_objs[97]),/* "rc4-40" */
-&(nid_objs[120]),/* "rc5-cbc" */
-&(nid_objs[122]),/* "rc5-cfb" */
-&(nid_objs[121]),/* "rc5-ecb" */
-&(nid_objs[123]),/* "rc5-ofb" */
-&(nid_objs[460]),/* "rfc822Mailbox" */
-&(nid_objs[117]),/* "ripemd160" */
-&(nid_objs[119]),/* "ripemd160WithRSA" */
-&(nid_objs[400]),/* "role" */
-&(nid_objs[448]),/* "room" */
-&(nid_objs[463]),/* "roomNumber" */
-&(nid_objs[19]),/* "rsa" */
-&(nid_objs[ 6]),/* "rsaEncryption" */
-&(nid_objs[644]),/* "rsaOAEPEncryptionSET" */
-&(nid_objs[377]),/* "rsaSignature" */
-&(nid_objs[124]),/* "run length compression" */
-&(nid_objs[482]),/* "sOARecord" */
-&(nid_objs[155]),/* "safeContentsBag" */
-&(nid_objs[291]),/* "sbqp-autonomousSysNum" */
-&(nid_objs[290]),/* "sbqp-ipAddrBlock" */
-&(nid_objs[292]),/* "sbqp-routerIdentifier" */
-&(nid_objs[159]),/* "sdsiCertificate" */
-&(nid_objs[690]),/* "secp112r1" */
-&(nid_objs[691]),/* "secp112r2" */
-&(nid_objs[692]),/* "secp128r1" */
-&(nid_objs[693]),/* "secp128r2" */
-&(nid_objs[694]),/* "secp160k1" */
-&(nid_objs[695]),/* "secp160r1" */
-&(nid_objs[696]),/* "secp160r2" */
-&(nid_objs[697]),/* "secp192k1" */
-&(nid_objs[698]),/* "secp224k1" */
-&(nid_objs[699]),/* "secp224r1" */
-&(nid_objs[700]),/* "secp256k1" */
-&(nid_objs[701]),/* "secp384r1" */
-&(nid_objs[702]),/* "secp521r1" */
-&(nid_objs[154]),/* "secretBag" */
-&(nid_objs[474]),/* "secretary" */
-&(nid_objs[703]),/* "sect113r1" */
-&(nid_objs[704]),/* "sect113r2" */
-&(nid_objs[705]),/* "sect131r1" */
-&(nid_objs[706]),/* "sect131r2" */
-&(nid_objs[707]),/* "sect163k1" */
-&(nid_objs[708]),/* "sect163r1" */
-&(nid_objs[709]),/* "sect163r2" */
-&(nid_objs[710]),/* "sect193r1" */
-&(nid_objs[711]),/* "sect193r2" */
-&(nid_objs[712]),/* "sect233k1" */
-&(nid_objs[713]),/* "sect233r1" */
-&(nid_objs[714]),/* "sect239k1" */
-&(nid_objs[715]),/* "sect283k1" */
-&(nid_objs[716]),/* "sect283r1" */
-&(nid_objs[717]),/* "sect409k1" */
-&(nid_objs[718]),/* "sect409r1" */
-&(nid_objs[719]),/* "sect571k1" */
-&(nid_objs[720]),/* "sect571r1" */
-&(nid_objs[635]),/* "secure device signature" */
-&(nid_objs[105]),/* "serialNumber" */
-&(nid_objs[625]),/* "set-addPolicy" */
-&(nid_objs[515]),/* "set-attr" */
-&(nid_objs[518]),/* "set-brand" */
-&(nid_objs[638]),/* "set-brand-AmericanExpress" */
-&(nid_objs[637]),/* "set-brand-Diners" */
-&(nid_objs[636]),/* "set-brand-IATA-ATA" */
-&(nid_objs[639]),/* "set-brand-JCB" */
-&(nid_objs[641]),/* "set-brand-MasterCard" */
-&(nid_objs[642]),/* "set-brand-Novus" */
-&(nid_objs[640]),/* "set-brand-Visa" */
-&(nid_objs[516]),/* "set-policy" */
-&(nid_objs[607]),/* "set-policy-root" */
-&(nid_objs[624]),/* "set-rootKeyThumb" */
-&(nid_objs[620]),/* "setAttr-Cert" */
-&(nid_objs[628]),/* "setAttr-IssCap-CVM" */
-&(nid_objs[630]),/* "setAttr-IssCap-Sig" */
-&(nid_objs[629]),/* "setAttr-IssCap-T2" */
-&(nid_objs[627]),/* "setAttr-Token-B0Prime" */
-&(nid_objs[626]),/* "setAttr-Token-EMV" */
-&(nid_objs[622]),/* "setAttr-TokenType" */
-&(nid_objs[619]),/* "setCext-IssuerCapabilities" */
-&(nid_objs[615]),/* "setCext-PGWYcapabilities" */
-&(nid_objs[616]),/* "setCext-TokenIdentifier" */
-&(nid_objs[618]),/* "setCext-TokenType" */
-&(nid_objs[617]),/* "setCext-Track2Data" */
-&(nid_objs[611]),/* "setCext-cCertRequired" */
-&(nid_objs[609]),/* "setCext-certType" */
-&(nid_objs[608]),/* "setCext-hashedRoot" */
-&(nid_objs[610]),/* "setCext-merchData" */
-&(nid_objs[613]),/* "setCext-setExt" */
-&(nid_objs[614]),/* "setCext-setQualf" */
-&(nid_objs[612]),/* "setCext-tunneling" */
-&(nid_objs[540]),/* "setct-AcqCardCodeMsg" */
-&(nid_objs[576]),/* "setct-AcqCardCodeMsgTBE" */
-&(nid_objs[570]),/* "setct-AuthReqTBE" */
-&(nid_objs[534]),/* "setct-AuthReqTBS" */
-&(nid_objs[527]),/* "setct-AuthResBaggage" */
-&(nid_objs[571]),/* "setct-AuthResTBE" */
-&(nid_objs[572]),/* "setct-AuthResTBEX" */
-&(nid_objs[535]),/* "setct-AuthResTBS" */
-&(nid_objs[536]),/* "setct-AuthResTBSX" */
-&(nid_objs[528]),/* "setct-AuthRevReqBaggage" */
-&(nid_objs[577]),/* "setct-AuthRevReqTBE" */
-&(nid_objs[541]),/* "setct-AuthRevReqTBS" */
-&(nid_objs[529]),/* "setct-AuthRevResBaggage" */
-&(nid_objs[542]),/* "setct-AuthRevResData" */
-&(nid_objs[578]),/* "setct-AuthRevResTBE" */
-&(nid_objs[579]),/* "setct-AuthRevResTBEB" */
-&(nid_objs[543]),/* "setct-AuthRevResTBS" */
-&(nid_objs[573]),/* "setct-AuthTokenTBE" */
-&(nid_objs[537]),/* "setct-AuthTokenTBS" */
-&(nid_objs[600]),/* "setct-BCIDistributionTBS" */
-&(nid_objs[558]),/* "setct-BatchAdminReqData" */
-&(nid_objs[592]),/* "setct-BatchAdminReqTBE" */
-&(nid_objs[559]),/* "setct-BatchAdminResData" */
-&(nid_objs[593]),/* "setct-BatchAdminResTBE" */
-&(nid_objs[599]),/* "setct-CRLNotificationResTBS" */
-&(nid_objs[598]),/* "setct-CRLNotificationTBS" */
-&(nid_objs[580]),/* "setct-CapReqTBE" */
-&(nid_objs[581]),/* "setct-CapReqTBEX" */
-&(nid_objs[544]),/* "setct-CapReqTBS" */
-&(nid_objs[545]),/* "setct-CapReqTBSX" */
-&(nid_objs[546]),/* "setct-CapResData" */
-&(nid_objs[582]),/* "setct-CapResTBE" */
-&(nid_objs[583]),/* "setct-CapRevReqTBE" */
-&(nid_objs[584]),/* "setct-CapRevReqTBEX" */
-&(nid_objs[547]),/* "setct-CapRevReqTBS" */
-&(nid_objs[548]),/* "setct-CapRevReqTBSX" */
-&(nid_objs[549]),/* "setct-CapRevResData" */
-&(nid_objs[585]),/* "setct-CapRevResTBE" */
-&(nid_objs[538]),/* "setct-CapTokenData" */
-&(nid_objs[530]),/* "setct-CapTokenSeq" */
-&(nid_objs[574]),/* "setct-CapTokenTBE" */
-&(nid_objs[575]),/* "setct-CapTokenTBEX" */
-&(nid_objs[539]),/* "setct-CapTokenTBS" */
-&(nid_objs[560]),/* "setct-CardCInitResTBS" */
-&(nid_objs[566]),/* "setct-CertInqReqTBS" */
-&(nid_objs[563]),/* "setct-CertReqData" */
-&(nid_objs[595]),/* "setct-CertReqTBE" */
-&(nid_objs[596]),/* "setct-CertReqTBEX" */
-&(nid_objs[564]),/* "setct-CertReqTBS" */
-&(nid_objs[565]),/* "setct-CertResData" */
-&(nid_objs[597]),/* "setct-CertResTBE" */
-&(nid_objs[586]),/* "setct-CredReqTBE" */
-&(nid_objs[587]),/* "setct-CredReqTBEX" */
-&(nid_objs[550]),/* "setct-CredReqTBS" */
-&(nid_objs[551]),/* "setct-CredReqTBSX" */
-&(nid_objs[552]),/* "setct-CredResData" */
-&(nid_objs[588]),/* "setct-CredResTBE" */
-&(nid_objs[589]),/* "setct-CredRevReqTBE" */
-&(nid_objs[590]),/* "setct-CredRevReqTBEX" */
-&(nid_objs[553]),/* "setct-CredRevReqTBS" */
-&(nid_objs[554]),/* "setct-CredRevReqTBSX" */
-&(nid_objs[555]),/* "setct-CredRevResData" */
-&(nid_objs[591]),/* "setct-CredRevResTBE" */
-&(nid_objs[567]),/* "setct-ErrorTBS" */
-&(nid_objs[526]),/* "setct-HODInput" */
-&(nid_objs[561]),/* "setct-MeAqCInitResTBS" */
-&(nid_objs[522]),/* "setct-OIData" */
-&(nid_objs[519]),/* "setct-PANData" */
-&(nid_objs[521]),/* "setct-PANOnly" */
-&(nid_objs[520]),/* "setct-PANToken" */
-&(nid_objs[556]),/* "setct-PCertReqData" */
-&(nid_objs[557]),/* "setct-PCertResTBS" */
-&(nid_objs[523]),/* "setct-PI" */
-&(nid_objs[532]),/* "setct-PI-TBS" */
-&(nid_objs[524]),/* "setct-PIData" */
-&(nid_objs[525]),/* "setct-PIDataUnsigned" */
-&(nid_objs[568]),/* "setct-PIDualSignedTBE" */
-&(nid_objs[569]),/* "setct-PIUnsignedTBE" */
-&(nid_objs[531]),/* "setct-PInitResData" */
-&(nid_objs[533]),/* "setct-PResData" */
-&(nid_objs[594]),/* "setct-RegFormReqTBE" */
-&(nid_objs[562]),/* "setct-RegFormResTBS" */
-&(nid_objs[604]),/* "setext-pinAny" */
-&(nid_objs[603]),/* "setext-pinSecure" */
-&(nid_objs[605]),/* "setext-track2" */
-&(nid_objs[41]),/* "sha" */
-&(nid_objs[64]),/* "sha1" */
-&(nid_objs[115]),/* "sha1WithRSA" */
-&(nid_objs[65]),/* "sha1WithRSAEncryption" */
-&(nid_objs[743]),/* "sha224" */
-&(nid_objs[735]),/* "sha224WithRSAEncryption" */
-&(nid_objs[740]),/* "sha256" */
-&(nid_objs[732]),/* "sha256WithRSAEncryption" */
-&(nid_objs[741]),/* "sha384" */
-&(nid_objs[733]),/* "sha384WithRSAEncryption" */
-&(nid_objs[742]),/* "sha512" */
-&(nid_objs[734]),/* "sha512WithRSAEncryption" */
-&(nid_objs[42]),/* "shaWithRSAEncryption" */
-&(nid_objs[52]),/* "signingTime" */
-&(nid_objs[454]),/* "simpleSecurityObject" */
-&(nid_objs[496]),/* "singleLevelQuality" */
-&(nid_objs[16]),/* "stateOrProvinceName" */
-&(nid_objs[660]),/* "streetAddress" */
-&(nid_objs[498]),/* "subtreeMaximumQuality" */
-&(nid_objs[497]),/* "subtreeMinimumQuality" */
-&(nid_objs[100]),/* "surname" */
-&(nid_objs[459]),/* "textEncodedORAddress" */
-&(nid_objs[293]),/* "textNotice" */
-&(nid_objs[106]),/* "title" */
-&(nid_objs[668]),/* "tpBasis" */
-&(nid_objs[436]),/* "ucl" */
-&(nid_objs[ 0]),/* "undefined" */
-&(nid_objs[55]),/* "unstructuredAddress" */
-&(nid_objs[49]),/* "unstructuredName" */
-&(nid_objs[465]),/* "userClass" */
-&(nid_objs[458]),/* "userId" */
-&(nid_objs[373]),/* "valid" */
-&(nid_objs[664]),/* "wap" */
-&(nid_objs[665]),/* "wap-wsg" */
-&(nid_objs[721]),/* "wap-wsg-idm-ecid-wtls1" */
-&(nid_objs[729]),/* "wap-wsg-idm-ecid-wtls10" */
-&(nid_objs[730]),/* "wap-wsg-idm-ecid-wtls11" */
-&(nid_objs[731]),/* "wap-wsg-idm-ecid-wtls12" */
-&(nid_objs[722]),/* "wap-wsg-idm-ecid-wtls3" */
-&(nid_objs[723]),/* "wap-wsg-idm-ecid-wtls4" */
-&(nid_objs[724]),/* "wap-wsg-idm-ecid-wtls5" */
-&(nid_objs[725]),/* "wap-wsg-idm-ecid-wtls6" */
-&(nid_objs[726]),/* "wap-wsg-idm-ecid-wtls7" */
-&(nid_objs[727]),/* "wap-wsg-idm-ecid-wtls8" */
-&(nid_objs[728]),/* "wap-wsg-idm-ecid-wtls9" */
-&(nid_objs[503]),/* "x500UniqueIdentifier" */
-&(nid_objs[158]),/* "x509Certificate" */
-&(nid_objs[160]),/* "x509Crl" */
-&(nid_objs[125]),/* "zlib compression" */
+static const unsigned int ln_objs[NUM_LN]={
+363,	/* "AD Time Stamping" */
+405,	/* "ANSI X9.62" */
+368,	/* "Acceptable OCSP Responses" */
+664,	/* "Any language" */
+177,	/* "Authority Information Access" */
+365,	/* "Basic OCSP Response" */
+285,	/* "Biometric Info" */
+179,	/* "CA Issuers" */
+785,	/* "CA Repository" */
+131,	/* "Code Signing" */
+783,	/* "Diffie-Hellman based MAC" */
+382,	/* "Directory" */
+392,	/* "Domain" */
+132,	/* "E-mail Protection" */
+389,	/* "Enterprises" */
+384,	/* "Experimental" */
+372,	/* "Extended OCSP Status" */
+172,	/* "Extension Request" */
+813,	/* "GOST 28147-89" */
+849,	/* "GOST 28147-89 Cryptocom ParamSet" */
+815,	/* "GOST 28147-89 MAC" */
+851,	/* "GOST 34.10-2001 Cryptocom" */
+850,	/* "GOST 34.10-94 Cryptocom" */
+811,	/* "GOST R 34.10-2001" */
+817,	/* "GOST R 34.10-2001 DH" */
+812,	/* "GOST R 34.10-94" */
+818,	/* "GOST R 34.10-94 DH" */
+809,	/* "GOST R 34.11-94" */
+816,	/* "GOST R 34.11-94 PRF" */
+807,	/* "GOST R 34.11-94 with GOST R 34.10-2001" */
+853,	/* "GOST R 34.11-94 with GOST R 34.10-2001 Cryptocom" */
+808,	/* "GOST R 34.11-94 with GOST R 34.10-94" */
+852,	/* "GOST R 34.11-94 with GOST R 34.10-94 Cryptocom" */
+854,	/* "GOST R 3410-2001 Parameter Set Cryptocom" */
+810,	/* "HMAC GOST 34.11-94" */
+432,	/* "Hold Instruction Call Issuer" */
+430,	/* "Hold Instruction Code" */
+431,	/* "Hold Instruction None" */
+433,	/* "Hold Instruction Reject" */
+634,	/* "ICC or token signature" */
+294,	/* "IPSec End System" */
+295,	/* "IPSec Tunnel" */
+296,	/* "IPSec User" */
+182,	/* "ISO Member Body" */
+183,	/* "ISO US Member Body" */
+667,	/* "Independent" */
+665,	/* "Inherit all" */
+647,	/* "International Organizations" */
+142,	/* "Invalidity Date" */
+504,	/* "MIME MHS" */
+388,	/* "Mail" */
+383,	/* "Management" */
+417,	/* "Microsoft CSP Name" */
+135,	/* "Microsoft Commercial Code Signing" */
+138,	/* "Microsoft Encrypted File System" */
+171,	/* "Microsoft Extension Request" */
+134,	/* "Microsoft Individual Code Signing" */
+856,	/* "Microsoft Local Key set" */
+137,	/* "Microsoft Server Gated Crypto" */
+648,	/* "Microsoft Smartcardlogin" */
+136,	/* "Microsoft Trust List Signing" */
+649,	/* "Microsoft Universal Principal Name" */
+393,	/* "NULL" */
+404,	/* "NULL" */
+72,	/* "Netscape Base Url" */
+76,	/* "Netscape CA Policy Url" */
+74,	/* "Netscape CA Revocation Url" */
+71,	/* "Netscape Cert Type" */
+58,	/* "Netscape Certificate Extension" */
+79,	/* "Netscape Certificate Sequence" */
+78,	/* "Netscape Comment" */
+57,	/* "Netscape Communications Corp." */
+59,	/* "Netscape Data Type" */
+75,	/* "Netscape Renewal Url" */
+73,	/* "Netscape Revocation Url" */
+77,	/* "Netscape SSL Server Name" */
+139,	/* "Netscape Server Gated Crypto" */
+178,	/* "OCSP" */
+370,	/* "OCSP Archive Cutoff" */
+367,	/* "OCSP CRL ID" */
+369,	/* "OCSP No Check" */
+366,	/* "OCSP Nonce" */
+371,	/* "OCSP Service Locator" */
+180,	/* "OCSP Signing" */
+161,	/* "PBES2" */
+69,	/* "PBKDF2" */
+162,	/* "PBMAC1" */
+127,	/* "PKIX" */
+858,	/* "Permanent Identifier" */
+164,	/* "Policy Qualifier CPS" */
+165,	/* "Policy Qualifier User Notice" */
+385,	/* "Private" */
+663,	/* "Proxy Certificate Information" */
+ 1,	/* "RSA Data Security, Inc." */
+ 2,	/* "RSA Data Security, Inc. PKCS" */
+188,	/* "S/MIME" */
+167,	/* "S/MIME Capabilities" */
+387,	/* "SNMPv2" */
+512,	/* "Secure Electronic Transactions" */
+386,	/* "Security" */
+394,	/* "Selected Attribute Types" */
+143,	/* "Strong Extranet ID" */
+398,	/* "Subject Information Access" */
+130,	/* "TLS Web Client Authentication" */
+129,	/* "TLS Web Server Authentication" */
+133,	/* "Time Stamping" */
+375,	/* "Trust Root" */
+12,	/* "X509" */
+402,	/* "X509v3 AC Targeting" */
+746,	/* "X509v3 Any Policy" */
+90,	/* "X509v3 Authority Key Identifier" */
+87,	/* "X509v3 Basic Constraints" */
+103,	/* "X509v3 CRL Distribution Points" */
+88,	/* "X509v3 CRL Number" */
+141,	/* "X509v3 CRL Reason Code" */
+771,	/* "X509v3 Certificate Issuer" */
+89,	/* "X509v3 Certificate Policies" */
+140,	/* "X509v3 Delta CRL Indicator" */
+126,	/* "X509v3 Extended Key Usage" */
+857,	/* "X509v3 Freshest CRL" */
+748,	/* "X509v3 Inhibit Any Policy" */
+86,	/* "X509v3 Issuer Alternative Name" */
+770,	/* "X509v3 Issuing Distrubution Point" */
+83,	/* "X509v3 Key Usage" */
+666,	/* "X509v3 Name Constraints" */
+403,	/* "X509v3 No Revocation Available" */
+401,	/* "X509v3 Policy Constraints" */
+747,	/* "X509v3 Policy Mappings" */
+84,	/* "X509v3 Private Key Usage Period" */
+85,	/* "X509v3 Subject Alternative Name" */
+769,	/* "X509v3 Subject Directory Attributes" */
+82,	/* "X509v3 Subject Key Identifier" */
+184,	/* "X9.57" */
+185,	/* "X9.57 CM ?" */
+478,	/* "aRecord" */
+289,	/* "aaControls" */
+287,	/* "ac-auditEntity" */
+397,	/* "ac-proxying" */
+288,	/* "ac-targeting" */
+446,	/* "account" */
+364,	/* "ad dvcs" */
+606,	/* "additional verification" */
+419,	/* "aes-128-cbc" */
+421,	/* "aes-128-cfb" */
+650,	/* "aes-128-cfb1" */
+653,	/* "aes-128-cfb8" */
+418,	/* "aes-128-ecb" */
+420,	/* "aes-128-ofb" */
+423,	/* "aes-192-cbc" */
+425,	/* "aes-192-cfb" */
+651,	/* "aes-192-cfb1" */
+654,	/* "aes-192-cfb8" */
+422,	/* "aes-192-ecb" */
+424,	/* "aes-192-ofb" */
+427,	/* "aes-256-cbc" */
+429,	/* "aes-256-cfb" */
+652,	/* "aes-256-cfb1" */
+655,	/* "aes-256-cfb8" */
+426,	/* "aes-256-ecb" */
+428,	/* "aes-256-ofb" */
+376,	/* "algorithm" */
+484,	/* "associatedDomain" */
+485,	/* "associatedName" */
+501,	/* "audio" */
+882,	/* "authorityRevocationList" */
+91,	/* "bf-cbc" */
+93,	/* "bf-cfb" */
+92,	/* "bf-ecb" */
+94,	/* "bf-ofb" */
+494,	/* "buildingName" */
+860,	/* "businessCategory" */
+691,	/* "c2onb191v4" */
+692,	/* "c2onb191v5" */
+697,	/* "c2onb239v4" */
+698,	/* "c2onb239v5" */
+684,	/* "c2pnb163v1" */
+685,	/* "c2pnb163v2" */
+686,	/* "c2pnb163v3" */
+687,	/* "c2pnb176v1" */
+693,	/* "c2pnb208w1" */
+699,	/* "c2pnb272w1" */
+700,	/* "c2pnb304w1" */
+702,	/* "c2pnb368w1" */
+688,	/* "c2tnb191v1" */
+689,	/* "c2tnb191v2" */
+690,	/* "c2tnb191v3" */
+694,	/* "c2tnb239v1" */
+695,	/* "c2tnb239v2" */
+696,	/* "c2tnb239v3" */
+701,	/* "c2tnb359v1" */
+703,	/* "c2tnb431r1" */
+881,	/* "cACertificate" */
+483,	/* "cNAMERecord" */
+751,	/* "camellia-128-cbc" */
+757,	/* "camellia-128-cfb" */
+760,	/* "camellia-128-cfb1" */
+763,	/* "camellia-128-cfb8" */
+754,	/* "camellia-128-ecb" */
+766,	/* "camellia-128-ofb" */
+752,	/* "camellia-192-cbc" */
+758,	/* "camellia-192-cfb" */
+761,	/* "camellia-192-cfb1" */
+764,	/* "camellia-192-cfb8" */
+755,	/* "camellia-192-ecb" */
+767,	/* "camellia-192-ofb" */
+753,	/* "camellia-256-cbc" */
+759,	/* "camellia-256-cfb" */
+762,	/* "camellia-256-cfb1" */
+765,	/* "camellia-256-cfb8" */
+756,	/* "camellia-256-ecb" */
+768,	/* "camellia-256-ofb" */
+443,	/* "caseIgnoreIA5StringSyntax" */
+108,	/* "cast5-cbc" */
+110,	/* "cast5-cfb" */
+109,	/* "cast5-ecb" */
+111,	/* "cast5-ofb" */
+152,	/* "certBag" */
+677,	/* "certicom-arc" */
+517,	/* "certificate extensions" */
+883,	/* "certificateRevocationList" */
+54,	/* "challengePassword" */
+407,	/* "characteristic-two-field" */
+395,	/* "clearance" */
+633,	/* "cleartext track 2" */
+13,	/* "commonName" */
+513,	/* "content types" */
+50,	/* "contentType" */
+53,	/* "countersignature" */
+14,	/* "countryName" */
+153,	/* "crlBag" */
+884,	/* "crossCertificatePair" */
+806,	/* "cryptocom" */
+805,	/* "cryptopro" */
+500,	/* "dITRedirect" */
+451,	/* "dNSDomain" */
+495,	/* "dSAQuality" */
+434,	/* "data" */
+390,	/* "dcObject" */
+891,	/* "deltaRevocationList" */
+31,	/* "des-cbc" */
+643,	/* "des-cdmf" */
+30,	/* "des-cfb" */
+656,	/* "des-cfb1" */
+657,	/* "des-cfb8" */
+29,	/* "des-ecb" */
+32,	/* "des-ede" */
+43,	/* "des-ede-cbc" */
+60,	/* "des-ede-cfb" */
+62,	/* "des-ede-ofb" */
+33,	/* "des-ede3" */
+44,	/* "des-ede3-cbc" */
+61,	/* "des-ede3-cfb" */
+658,	/* "des-ede3-cfb1" */
+659,	/* "des-ede3-cfb8" */
+63,	/* "des-ede3-ofb" */
+45,	/* "des-ofb" */
+107,	/* "description" */
+871,	/* "destinationIndicator" */
+80,	/* "desx-cbc" */
+28,	/* "dhKeyAgreement" */
+11,	/* "directory services (X.500)" */
+378,	/* "directory services - algorithms" */
+887,	/* "distinguishedName" */
+892,	/* "dmdName" */
+174,	/* "dnQualifier" */
+447,	/* "document" */
+471,	/* "documentAuthor" */
+468,	/* "documentIdentifier" */
+472,	/* "documentLocation" */
+502,	/* "documentPublisher" */
+449,	/* "documentSeries" */
+469,	/* "documentTitle" */
+470,	/* "documentVersion" */
+380,	/* "dod" */
+391,	/* "domainComponent" */
+452,	/* "domainRelatedObject" */
+116,	/* "dsaEncryption" */
+67,	/* "dsaEncryption-old" */
+66,	/* "dsaWithSHA" */
+113,	/* "dsaWithSHA1" */
+70,	/* "dsaWithSHA1-old" */
+802,	/* "dsa_with_SHA224" */
+803,	/* "dsa_with_SHA256" */
+297,	/* "dvcs" */
+791,	/* "ecdsa-with-Recommended" */
+416,	/* "ecdsa-with-SHA1" */
+793,	/* "ecdsa-with-SHA224" */
+794,	/* "ecdsa-with-SHA256" */
+795,	/* "ecdsa-with-SHA384" */
+796,	/* "ecdsa-with-SHA512" */
+792,	/* "ecdsa-with-Specified" */
+48,	/* "emailAddress" */
+632,	/* "encrypted track 2" */
+885,	/* "enhancedSearchGuide" */
+56,	/* "extendedCertificateAttributes" */
+867,	/* "facsimileTelephoneNumber" */
+462,	/* "favouriteDrink" */
+453,	/* "friendlyCountry" */
+490,	/* "friendlyCountryName" */
+156,	/* "friendlyName" */
+631,	/* "generate cryptogram" */
+509,	/* "generationQualifier" */
+601,	/* "generic cryptogram" */
+99,	/* "givenName" */
+814,	/* "gost89-cnt" */
+855,	/* "hmac" */
+780,	/* "hmac-md5" */
+781,	/* "hmac-sha1" */
+797,	/* "hmacWithMD5" */
+163,	/* "hmacWithSHA1" */
+798,	/* "hmacWithSHA224" */
+799,	/* "hmacWithSHA256" */
+800,	/* "hmacWithSHA384" */
+801,	/* "hmacWithSHA512" */
+486,	/* "homePostalAddress" */
+473,	/* "homeTelephoneNumber" */
+466,	/* "host" */
+889,	/* "houseIdentifier" */
+442,	/* "iA5StringSyntax" */
+381,	/* "iana" */
+824,	/* "id-Gost28147-89-CryptoPro-A-ParamSet" */
+825,	/* "id-Gost28147-89-CryptoPro-B-ParamSet" */
+826,	/* "id-Gost28147-89-CryptoPro-C-ParamSet" */
+827,	/* "id-Gost28147-89-CryptoPro-D-ParamSet" */
+819,	/* "id-Gost28147-89-CryptoPro-KeyMeshing" */
+829,	/* "id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet" */
+828,	/* "id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet" */
+830,	/* "id-Gost28147-89-CryptoPro-RIC-1-ParamSet" */
+820,	/* "id-Gost28147-89-None-KeyMeshing" */
+823,	/* "id-Gost28147-89-TestParamSet" */
+840,	/* "id-GostR3410-2001-CryptoPro-A-ParamSet" */
+841,	/* "id-GostR3410-2001-CryptoPro-B-ParamSet" */
+842,	/* "id-GostR3410-2001-CryptoPro-C-ParamSet" */
+843,	/* "id-GostR3410-2001-CryptoPro-XchA-ParamSet" */
+844,	/* "id-GostR3410-2001-CryptoPro-XchB-ParamSet" */
+839,	/* "id-GostR3410-2001-TestParamSet" */
+832,	/* "id-GostR3410-94-CryptoPro-A-ParamSet" */
+833,	/* "id-GostR3410-94-CryptoPro-B-ParamSet" */
+834,	/* "id-GostR3410-94-CryptoPro-C-ParamSet" */
+835,	/* "id-GostR3410-94-CryptoPro-D-ParamSet" */
+836,	/* "id-GostR3410-94-CryptoPro-XchA-ParamSet" */
+837,	/* "id-GostR3410-94-CryptoPro-XchB-ParamSet" */
+838,	/* "id-GostR3410-94-CryptoPro-XchC-ParamSet" */
+831,	/* "id-GostR3410-94-TestParamSet" */
+845,	/* "id-GostR3410-94-a" */
+846,	/* "id-GostR3410-94-aBis" */
+847,	/* "id-GostR3410-94-b" */
+848,	/* "id-GostR3410-94-bBis" */
+822,	/* "id-GostR3411-94-CryptoProParamSet" */
+821,	/* "id-GostR3411-94-TestParamSet" */
+266,	/* "id-aca" */
+355,	/* "id-aca-accessIdentity" */
+354,	/* "id-aca-authenticationInfo" */
+356,	/* "id-aca-chargingIdentity" */
+399,	/* "id-aca-encAttrs" */
+357,	/* "id-aca-group" */
+358,	/* "id-aca-role" */
+176,	/* "id-ad" */
+788,	/* "id-aes128-wrap" */
+789,	/* "id-aes192-wrap" */
+790,	/* "id-aes256-wrap" */
+262,	/* "id-alg" */
+893,	/* "id-alg-PWRI-KEK" */
+323,	/* "id-alg-des40" */
+326,	/* "id-alg-dh-pop" */
+325,	/* "id-alg-dh-sig-hmac-sha1" */
+324,	/* "id-alg-noSignature" */
+268,	/* "id-cct" */
+361,	/* "id-cct-PKIData" */
+362,	/* "id-cct-PKIResponse" */
+360,	/* "id-cct-crs" */
+81,	/* "id-ce" */
+680,	/* "id-characteristic-two-basis" */
+263,	/* "id-cmc" */
+334,	/* "id-cmc-addExtensions" */
+346,	/* "id-cmc-confirmCertAcceptance" */
+330,	/* "id-cmc-dataReturn" */
+336,	/* "id-cmc-decryptedPOP" */
+335,	/* "id-cmc-encryptedPOP" */
+339,	/* "id-cmc-getCRL" */
+338,	/* "id-cmc-getCert" */
+328,	/* "id-cmc-identification" */
+329,	/* "id-cmc-identityProof" */
+337,	/* "id-cmc-lraPOPWitness" */
+344,	/* "id-cmc-popLinkRandom" */
+345,	/* "id-cmc-popLinkWitness" */
+343,	/* "id-cmc-queryPending" */
+333,	/* "id-cmc-recipientNonce" */
+341,	/* "id-cmc-regInfo" */
+342,	/* "id-cmc-responseInfo" */
+340,	/* "id-cmc-revokeRequest" */
+332,	/* "id-cmc-senderNonce" */
+327,	/* "id-cmc-statusInfo" */
+331,	/* "id-cmc-transactionId" */
+787,	/* "id-ct-asciiTextWithCRLF" */
+408,	/* "id-ecPublicKey" */
+508,	/* "id-hex-multipart-message" */
+507,	/* "id-hex-partial-message" */
+260,	/* "id-it" */
+302,	/* "id-it-caKeyUpdateInfo" */
+298,	/* "id-it-caProtEncCert" */
+311,	/* "id-it-confirmWaitTime" */
+303,	/* "id-it-currentCRL" */
+300,	/* "id-it-encKeyPairTypes" */
+310,	/* "id-it-implicitConfirm" */
+308,	/* "id-it-keyPairParamRep" */
+307,	/* "id-it-keyPairParamReq" */
+312,	/* "id-it-origPKIMessage" */
+301,	/* "id-it-preferredSymmAlg" */
+309,	/* "id-it-revPassphrase" */
+299,	/* "id-it-signKeyPairTypes" */
+305,	/* "id-it-subscriptionRequest" */
+306,	/* "id-it-subscriptionResponse" */
+784,	/* "id-it-suppLangTags" */
+304,	/* "id-it-unsupportedOIDs" */
+128,	/* "id-kp" */
+280,	/* "id-mod-attribute-cert" */
+274,	/* "id-mod-cmc" */
+277,	/* "id-mod-cmp" */
+284,	/* "id-mod-cmp2000" */
+273,	/* "id-mod-crmf" */
+283,	/* "id-mod-dvcs" */
+275,	/* "id-mod-kea-profile-88" */
+276,	/* "id-mod-kea-profile-93" */
+282,	/* "id-mod-ocsp" */
+278,	/* "id-mod-qualified-cert-88" */
+279,	/* "id-mod-qualified-cert-93" */
+281,	/* "id-mod-timestamp-protocol" */
+264,	/* "id-on" */
+347,	/* "id-on-personalData" */
+265,	/* "id-pda" */
+352,	/* "id-pda-countryOfCitizenship" */
+353,	/* "id-pda-countryOfResidence" */
+348,	/* "id-pda-dateOfBirth" */
+351,	/* "id-pda-gender" */
+349,	/* "id-pda-placeOfBirth" */
+175,	/* "id-pe" */
+261,	/* "id-pkip" */
+258,	/* "id-pkix-mod" */
+269,	/* "id-pkix1-explicit-88" */
+271,	/* "id-pkix1-explicit-93" */
+270,	/* "id-pkix1-implicit-88" */
+272,	/* "id-pkix1-implicit-93" */
+662,	/* "id-ppl" */
+267,	/* "id-qcs" */
+359,	/* "id-qcs-pkixQCSyntax-v1" */
+259,	/* "id-qt" */
+313,	/* "id-regCtrl" */
+316,	/* "id-regCtrl-authenticator" */
+319,	/* "id-regCtrl-oldCertID" */
+318,	/* "id-regCtrl-pkiArchiveOptions" */
+317,	/* "id-regCtrl-pkiPublicationInfo" */
+320,	/* "id-regCtrl-protocolEncrKey" */
+315,	/* "id-regCtrl-regToken" */
+314,	/* "id-regInfo" */
+322,	/* "id-regInfo-certReq" */
+321,	/* "id-regInfo-utf8Pairs" */
+191,	/* "id-smime-aa" */
+215,	/* "id-smime-aa-contentHint" */
+218,	/* "id-smime-aa-contentIdentifier" */
+221,	/* "id-smime-aa-contentReference" */
+240,	/* "id-smime-aa-dvcs-dvc" */
+217,	/* "id-smime-aa-encapContentType" */
+222,	/* "id-smime-aa-encrypKeyPref" */
+220,	/* "id-smime-aa-equivalentLabels" */
+232,	/* "id-smime-aa-ets-CertificateRefs" */
+233,	/* "id-smime-aa-ets-RevocationRefs" */
+238,	/* "id-smime-aa-ets-archiveTimeStamp" */
+237,	/* "id-smime-aa-ets-certCRLTimestamp" */
+234,	/* "id-smime-aa-ets-certValues" */
+227,	/* "id-smime-aa-ets-commitmentType" */
+231,	/* "id-smime-aa-ets-contentTimestamp" */
+236,	/* "id-smime-aa-ets-escTimeStamp" */
+230,	/* "id-smime-aa-ets-otherSigCert" */
+235,	/* "id-smime-aa-ets-revocationValues" */
+226,	/* "id-smime-aa-ets-sigPolicyId" */
+229,	/* "id-smime-aa-ets-signerAttr" */
+228,	/* "id-smime-aa-ets-signerLocation" */
+219,	/* "id-smime-aa-macValue" */
+214,	/* "id-smime-aa-mlExpandHistory" */
+216,	/* "id-smime-aa-msgSigDigest" */
+212,	/* "id-smime-aa-receiptRequest" */
+213,	/* "id-smime-aa-securityLabel" */
+239,	/* "id-smime-aa-signatureType" */
+223,	/* "id-smime-aa-signingCertificate" */
+224,	/* "id-smime-aa-smimeEncryptCerts" */
+225,	/* "id-smime-aa-timeStampToken" */
+192,	/* "id-smime-alg" */
+243,	/* "id-smime-alg-3DESwrap" */
+246,	/* "id-smime-alg-CMS3DESwrap" */
+247,	/* "id-smime-alg-CMSRC2wrap" */
+245,	/* "id-smime-alg-ESDH" */
+241,	/* "id-smime-alg-ESDHwith3DES" */
+242,	/* "id-smime-alg-ESDHwithRC2" */
+244,	/* "id-smime-alg-RC2wrap" */
+193,	/* "id-smime-cd" */
+248,	/* "id-smime-cd-ldap" */
+190,	/* "id-smime-ct" */
+210,	/* "id-smime-ct-DVCSRequestData" */
+211,	/* "id-smime-ct-DVCSResponseData" */
+208,	/* "id-smime-ct-TDTInfo" */
+207,	/* "id-smime-ct-TSTInfo" */
+205,	/* "id-smime-ct-authData" */
+786,	/* "id-smime-ct-compressedData" */
+209,	/* "id-smime-ct-contentInfo" */
+206,	/* "id-smime-ct-publishCert" */
+204,	/* "id-smime-ct-receipt" */
+195,	/* "id-smime-cti" */
+255,	/* "id-smime-cti-ets-proofOfApproval" */
+256,	/* "id-smime-cti-ets-proofOfCreation" */
+253,	/* "id-smime-cti-ets-proofOfDelivery" */
+251,	/* "id-smime-cti-ets-proofOfOrigin" */
+252,	/* "id-smime-cti-ets-proofOfReceipt" */
+254,	/* "id-smime-cti-ets-proofOfSender" */
+189,	/* "id-smime-mod" */
+196,	/* "id-smime-mod-cms" */
+197,	/* "id-smime-mod-ess" */
+202,	/* "id-smime-mod-ets-eSigPolicy-88" */
+203,	/* "id-smime-mod-ets-eSigPolicy-97" */
+200,	/* "id-smime-mod-ets-eSignature-88" */
+201,	/* "id-smime-mod-ets-eSignature-97" */
+199,	/* "id-smime-mod-msg-v3" */
+198,	/* "id-smime-mod-oid" */
+194,	/* "id-smime-spq" */
+250,	/* "id-smime-spq-ets-sqt-unotice" */
+249,	/* "id-smime-spq-ets-sqt-uri" */
+34,	/* "idea-cbc" */
+35,	/* "idea-cfb" */
+36,	/* "idea-ecb" */
+46,	/* "idea-ofb" */
+676,	/* "identified-organization" */
+461,	/* "info" */
+101,	/* "initials" */
+869,	/* "internationaliSDNNumber" */
+749,	/* "ipsec3" */
+750,	/* "ipsec4" */
+181,	/* "iso" */
+623,	/* "issuer capabilities" */
+645,	/* "itu-t" */
+492,	/* "janetMailbox" */
+646,	/* "joint-iso-itu-t" */
+150,	/* "keyBag" */
+773,	/* "kisa" */
+477,	/* "lastModifiedBy" */
+476,	/* "lastModifiedTime" */
+157,	/* "localKeyID" */
+15,	/* "localityName" */
+480,	/* "mXRecord" */
+493,	/* "mailPreferenceOption" */
+467,	/* "manager" */
+ 3,	/* "md2" */
+ 7,	/* "md2WithRSAEncryption" */
+257,	/* "md4" */
+396,	/* "md4WithRSAEncryption" */
+ 4,	/* "md5" */
+114,	/* "md5-sha1" */
+104,	/* "md5WithRSA" */
+ 8,	/* "md5WithRSAEncryption" */
+95,	/* "mdc2" */
+96,	/* "mdc2WithRSA" */
+875,	/* "member" */
+602,	/* "merchant initiated auth" */
+514,	/* "message extensions" */
+51,	/* "messageDigest" */
+506,	/* "mime-mhs-bodies" */
+505,	/* "mime-mhs-headings" */
+488,	/* "mobileTelephoneNumber" */
+481,	/* "nSRecord" */
+173,	/* "name" */
+681,	/* "onBasis" */
+379,	/* "org" */
+17,	/* "organizationName" */
+491,	/* "organizationalStatus" */
+18,	/* "organizationalUnitName" */
+475,	/* "otherMailbox" */
+876,	/* "owner" */
+489,	/* "pagerTelephoneNumber" */
+782,	/* "password based MAC" */
+374,	/* "path" */
+621,	/* "payment gateway capabilities" */
+ 9,	/* "pbeWithMD2AndDES-CBC" */
+168,	/* "pbeWithMD2AndRC2-CBC" */
+112,	/* "pbeWithMD5AndCast5CBC" */
+10,	/* "pbeWithMD5AndDES-CBC" */
+169,	/* "pbeWithMD5AndRC2-CBC" */
+148,	/* "pbeWithSHA1And128BitRC2-CBC" */
+144,	/* "pbeWithSHA1And128BitRC4" */
+147,	/* "pbeWithSHA1And2-KeyTripleDES-CBC" */
+146,	/* "pbeWithSHA1And3-KeyTripleDES-CBC" */
+149,	/* "pbeWithSHA1And40BitRC2-CBC" */
+145,	/* "pbeWithSHA1And40BitRC4" */
+170,	/* "pbeWithSHA1AndDES-CBC" */
+68,	/* "pbeWithSHA1AndRC2-CBC" */
+499,	/* "personalSignature" */
+487,	/* "personalTitle" */
+464,	/* "photo" */
+863,	/* "physicalDeliveryOfficeName" */
+437,	/* "pilot" */
+439,	/* "pilotAttributeSyntax" */
+438,	/* "pilotAttributeType" */
+479,	/* "pilotAttributeType27" */
+456,	/* "pilotDSA" */
+441,	/* "pilotGroups" */
+444,	/* "pilotObject" */
+440,	/* "pilotObjectClass" */
+455,	/* "pilotOrganization" */
+445,	/* "pilotPerson" */
+186,	/* "pkcs1" */
+27,	/* "pkcs3" */
+187,	/* "pkcs5" */
+20,	/* "pkcs7" */
+21,	/* "pkcs7-data" */
+25,	/* "pkcs7-digestData" */
+26,	/* "pkcs7-encryptedData" */
+23,	/* "pkcs7-envelopedData" */
+24,	/* "pkcs7-signedAndEnvelopedData" */
+22,	/* "pkcs7-signedData" */
+151,	/* "pkcs8ShroudedKeyBag" */
+47,	/* "pkcs9" */
+862,	/* "postOfficeBox" */
+861,	/* "postalAddress" */
+661,	/* "postalCode" */
+683,	/* "ppBasis" */
+872,	/* "preferredDeliveryMethod" */
+873,	/* "presentationAddress" */
+406,	/* "prime-field" */
+409,	/* "prime192v1" */
+410,	/* "prime192v2" */
+411,	/* "prime192v3" */
+412,	/* "prime239v1" */
+413,	/* "prime239v2" */
+414,	/* "prime239v3" */
+415,	/* "prime256v1" */
+886,	/* "protocolInformation" */
+510,	/* "pseudonym" */
+435,	/* "pss" */
+286,	/* "qcStatements" */
+457,	/* "qualityLabelledData" */
+450,	/* "rFC822localPart" */
+98,	/* "rc2-40-cbc" */
+166,	/* "rc2-64-cbc" */
+37,	/* "rc2-cbc" */
+39,	/* "rc2-cfb" */
+38,	/* "rc2-ecb" */
+40,	/* "rc2-ofb" */
+ 5,	/* "rc4" */
+97,	/* "rc4-40" */
+120,	/* "rc5-cbc" */
+122,	/* "rc5-cfb" */
+121,	/* "rc5-ecb" */
+123,	/* "rc5-ofb" */
+870,	/* "registeredAddress" */
+460,	/* "rfc822Mailbox" */
+117,	/* "ripemd160" */
+119,	/* "ripemd160WithRSA" */
+400,	/* "role" */
+877,	/* "roleOccupant" */
+448,	/* "room" */
+463,	/* "roomNumber" */
+19,	/* "rsa" */
+ 6,	/* "rsaEncryption" */
+644,	/* "rsaOAEPEncryptionSET" */
+377,	/* "rsaSignature" */
+124,	/* "run length compression" */
+482,	/* "sOARecord" */
+155,	/* "safeContentsBag" */
+291,	/* "sbgp-autonomousSysNum" */
+290,	/* "sbgp-ipAddrBlock" */
+292,	/* "sbgp-routerIdentifier" */
+159,	/* "sdsiCertificate" */
+859,	/* "searchGuide" */
+704,	/* "secp112r1" */
+705,	/* "secp112r2" */
+706,	/* "secp128r1" */
+707,	/* "secp128r2" */
+708,	/* "secp160k1" */
+709,	/* "secp160r1" */
+710,	/* "secp160r2" */
+711,	/* "secp192k1" */
+712,	/* "secp224k1" */
+713,	/* "secp224r1" */
+714,	/* "secp256k1" */
+715,	/* "secp384r1" */
+716,	/* "secp521r1" */
+154,	/* "secretBag" */
+474,	/* "secretary" */
+717,	/* "sect113r1" */
+718,	/* "sect113r2" */
+719,	/* "sect131r1" */
+720,	/* "sect131r2" */
+721,	/* "sect163k1" */
+722,	/* "sect163r1" */
+723,	/* "sect163r2" */
+724,	/* "sect193r1" */
+725,	/* "sect193r2" */
+726,	/* "sect233k1" */
+727,	/* "sect233r1" */
+728,	/* "sect239k1" */
+729,	/* "sect283k1" */
+730,	/* "sect283r1" */
+731,	/* "sect409k1" */
+732,	/* "sect409r1" */
+733,	/* "sect571k1" */
+734,	/* "sect571r1" */
+635,	/* "secure device signature" */
+878,	/* "seeAlso" */
+777,	/* "seed-cbc" */
+779,	/* "seed-cfb" */
+776,	/* "seed-ecb" */
+778,	/* "seed-ofb" */
+105,	/* "serialNumber" */
+625,	/* "set-addPolicy" */
+515,	/* "set-attr" */
+518,	/* "set-brand" */
+638,	/* "set-brand-AmericanExpress" */
+637,	/* "set-brand-Diners" */
+636,	/* "set-brand-IATA-ATA" */
+639,	/* "set-brand-JCB" */
+641,	/* "set-brand-MasterCard" */
+642,	/* "set-brand-Novus" */
+640,	/* "set-brand-Visa" */
+516,	/* "set-policy" */
+607,	/* "set-policy-root" */
+624,	/* "set-rootKeyThumb" */
+620,	/* "setAttr-Cert" */
+628,	/* "setAttr-IssCap-CVM" */
+630,	/* "setAttr-IssCap-Sig" */
+629,	/* "setAttr-IssCap-T2" */
+627,	/* "setAttr-Token-B0Prime" */
+626,	/* "setAttr-Token-EMV" */
+622,	/* "setAttr-TokenType" */
+619,	/* "setCext-IssuerCapabilities" */
+615,	/* "setCext-PGWYcapabilities" */
+616,	/* "setCext-TokenIdentifier" */
+618,	/* "setCext-TokenType" */
+617,	/* "setCext-Track2Data" */
+611,	/* "setCext-cCertRequired" */
+609,	/* "setCext-certType" */
+608,	/* "setCext-hashedRoot" */
+610,	/* "setCext-merchData" */
+613,	/* "setCext-setExt" */
+614,	/* "setCext-setQualf" */
+612,	/* "setCext-tunneling" */
+540,	/* "setct-AcqCardCodeMsg" */
+576,	/* "setct-AcqCardCodeMsgTBE" */
+570,	/* "setct-AuthReqTBE" */
+534,	/* "setct-AuthReqTBS" */
+527,	/* "setct-AuthResBaggage" */
+571,	/* "setct-AuthResTBE" */
+572,	/* "setct-AuthResTBEX" */
+535,	/* "setct-AuthResTBS" */
+536,	/* "setct-AuthResTBSX" */
+528,	/* "setct-AuthRevReqBaggage" */
+577,	/* "setct-AuthRevReqTBE" */
+541,	/* "setct-AuthRevReqTBS" */
+529,	/* "setct-AuthRevResBaggage" */
+542,	/* "setct-AuthRevResData" */
+578,	/* "setct-AuthRevResTBE" */
+579,	/* "setct-AuthRevResTBEB" */
+543,	/* "setct-AuthRevResTBS" */
+573,	/* "setct-AuthTokenTBE" */
+537,	/* "setct-AuthTokenTBS" */
+600,	/* "setct-BCIDistributionTBS" */
+558,	/* "setct-BatchAdminReqData" */
+592,	/* "setct-BatchAdminReqTBE" */
+559,	/* "setct-BatchAdminResData" */
+593,	/* "setct-BatchAdminResTBE" */
+599,	/* "setct-CRLNotificationResTBS" */
+598,	/* "setct-CRLNotificationTBS" */
+580,	/* "setct-CapReqTBE" */
+581,	/* "setct-CapReqTBEX" */
+544,	/* "setct-CapReqTBS" */
+545,	/* "setct-CapReqTBSX" */
+546,	/* "setct-CapResData" */
+582,	/* "setct-CapResTBE" */
+583,	/* "setct-CapRevReqTBE" */
+584,	/* "setct-CapRevReqTBEX" */
+547,	/* "setct-CapRevReqTBS" */
+548,	/* "setct-CapRevReqTBSX" */
+549,	/* "setct-CapRevResData" */
+585,	/* "setct-CapRevResTBE" */
+538,	/* "setct-CapTokenData" */
+530,	/* "setct-CapTokenSeq" */
+574,	/* "setct-CapTokenTBE" */
+575,	/* "setct-CapTokenTBEX" */
+539,	/* "setct-CapTokenTBS" */
+560,	/* "setct-CardCInitResTBS" */
+566,	/* "setct-CertInqReqTBS" */
+563,	/* "setct-CertReqData" */
+595,	/* "setct-CertReqTBE" */
+596,	/* "setct-CertReqTBEX" */
+564,	/* "setct-CertReqTBS" */
+565,	/* "setct-CertResData" */
+597,	/* "setct-CertResTBE" */
+586,	/* "setct-CredReqTBE" */
+587,	/* "setct-CredReqTBEX" */
+550,	/* "setct-CredReqTBS" */
+551,	/* "setct-CredReqTBSX" */
+552,	/* "setct-CredResData" */
+588,	/* "setct-CredResTBE" */
+589,	/* "setct-CredRevReqTBE" */
+590,	/* "setct-CredRevReqTBEX" */
+553,	/* "setct-CredRevReqTBS" */
+554,	/* "setct-CredRevReqTBSX" */
+555,	/* "setct-CredRevResData" */
+591,	/* "setct-CredRevResTBE" */
+567,	/* "setct-ErrorTBS" */
+526,	/* "setct-HODInput" */
+561,	/* "setct-MeAqCInitResTBS" */
+522,	/* "setct-OIData" */
+519,	/* "setct-PANData" */
+521,	/* "setct-PANOnly" */
+520,	/* "setct-PANToken" */
+556,	/* "setct-PCertReqData" */
+557,	/* "setct-PCertResTBS" */
+523,	/* "setct-PI" */
+532,	/* "setct-PI-TBS" */
+524,	/* "setct-PIData" */
+525,	/* "setct-PIDataUnsigned" */
+568,	/* "setct-PIDualSignedTBE" */
+569,	/* "setct-PIUnsignedTBE" */
+531,	/* "setct-PInitResData" */
+533,	/* "setct-PResData" */
+594,	/* "setct-RegFormReqTBE" */
+562,	/* "setct-RegFormResTBS" */
+604,	/* "setext-pinAny" */
+603,	/* "setext-pinSecure" */
+605,	/* "setext-track2" */
+41,	/* "sha" */
+64,	/* "sha1" */
+115,	/* "sha1WithRSA" */
+65,	/* "sha1WithRSAEncryption" */
+675,	/* "sha224" */
+671,	/* "sha224WithRSAEncryption" */
+672,	/* "sha256" */
+668,	/* "sha256WithRSAEncryption" */
+673,	/* "sha384" */
+669,	/* "sha384WithRSAEncryption" */
+674,	/* "sha512" */
+670,	/* "sha512WithRSAEncryption" */
+42,	/* "shaWithRSAEncryption" */
+52,	/* "signingTime" */
+454,	/* "simpleSecurityObject" */
+496,	/* "singleLevelQuality" */
+16,	/* "stateOrProvinceName" */
+660,	/* "streetAddress" */
+498,	/* "subtreeMaximumQuality" */
+497,	/* "subtreeMinimumQuality" */
+890,	/* "supportedAlgorithms" */
+874,	/* "supportedApplicationContext" */
+100,	/* "surname" */
+864,	/* "telephoneNumber" */
+866,	/* "teletexTerminalIdentifier" */
+865,	/* "telexNumber" */
+459,	/* "textEncodedORAddress" */
+293,	/* "textNotice" */
+106,	/* "title" */
+682,	/* "tpBasis" */
+436,	/* "ucl" */
+ 0,	/* "undefined" */
+888,	/* "uniqueMember" */
+55,	/* "unstructuredAddress" */
+49,	/* "unstructuredName" */
+880,	/* "userCertificate" */
+465,	/* "userClass" */
+458,	/* "userId" */
+879,	/* "userPassword" */
+373,	/* "valid" */
+678,	/* "wap" */
+679,	/* "wap-wsg" */
+735,	/* "wap-wsg-idm-ecid-wtls1" */
+743,	/* "wap-wsg-idm-ecid-wtls10" */
+744,	/* "wap-wsg-idm-ecid-wtls11" */
+745,	/* "wap-wsg-idm-ecid-wtls12" */
+736,	/* "wap-wsg-idm-ecid-wtls3" */
+737,	/* "wap-wsg-idm-ecid-wtls4" */
+738,	/* "wap-wsg-idm-ecid-wtls5" */
+739,	/* "wap-wsg-idm-ecid-wtls6" */
+740,	/* "wap-wsg-idm-ecid-wtls7" */
+741,	/* "wap-wsg-idm-ecid-wtls8" */
+742,	/* "wap-wsg-idm-ecid-wtls9" */
+804,	/* "whirlpool" */
+868,	/* "x121Address" */
+503,	/* "x500UniqueIdentifier" */
+158,	/* "x509Certificate" */
+160,	/* "x509Crl" */
+125,	/* "zlib compression" */
 };
 
-static ASN1_OBJECT *obj_objs[NUM_OBJ]={
-&(nid_objs[ 0]),/* OBJ_undef                        0 */
-&(nid_objs[393]),/* OBJ_joint_iso_ccitt              OBJ_joint_iso_itu_t */
-&(nid_objs[404]),/* OBJ_ccitt                        OBJ_itu_t */
-&(nid_objs[645]),/* OBJ_itu_t                        0 */
-&(nid_objs[434]),/* OBJ_data                         0 9 */
-&(nid_objs[181]),/* OBJ_iso                          1 */
-&(nid_objs[182]),/* OBJ_member_body                  1 2 */
-&(nid_objs[379]),/* OBJ_org                          1 3 */
-&(nid_objs[662]),/* OBJ_identified_organization      1 3 */
-&(nid_objs[646]),/* OBJ_joint_iso_itu_t              2 */
-&(nid_objs[11]),/* OBJ_X500                         2 5 */
-&(nid_objs[647]),/* OBJ_international_organizations  2 23 */
-&(nid_objs[380]),/* OBJ_dod                          1 3 6 */
-&(nid_objs[12]),/* OBJ_X509                         2 5 4 */
-&(nid_objs[378]),/* OBJ_X500algorithms               2 5 8 */
-&(nid_objs[81]),/* OBJ_id_ce                        2 5 29 */
-&(nid_objs[512]),/* OBJ_id_set                       2 23 42 */
-&(nid_objs[664]),/* OBJ_wap                          2 23 43 */
-&(nid_objs[435]),/* OBJ_pss                          0 9 2342 */
-&(nid_objs[183]),/* OBJ_ISO_US                       1 2 840 */
-&(nid_objs[381]),/* OBJ_iana                         1 3 6 1 */
-&(nid_objs[663]),/* OBJ_certicom_arc                 1 3 132 */
-&(nid_objs[394]),/* OBJ_selected_attribute_types     2 5 1 5 */
-&(nid_objs[13]),/* OBJ_commonName                   2 5 4 3 */
-&(nid_objs[100]),/* OBJ_surname                      2 5 4 4 */
-&(nid_objs[105]),/* OBJ_serialNumber                 2 5 4 5 */
-&(nid_objs[14]),/* OBJ_countryName                  2 5 4 6 */
-&(nid_objs[15]),/* OBJ_localityName                 2 5 4 7 */
-&(nid_objs[16]),/* OBJ_stateOrProvinceName          2 5 4 8 */
-&(nid_objs[660]),/* OBJ_streetAddress                2 5 4 9 */
-&(nid_objs[17]),/* OBJ_organizationName             2 5 4 10 */
-&(nid_objs[18]),/* OBJ_organizationalUnitName       2 5 4 11 */
-&(nid_objs[106]),/* OBJ_title                        2 5 4 12 */
-&(nid_objs[107]),/* OBJ_description                  2 5 4 13 */
-&(nid_objs[661]),/* OBJ_postalCode                   2 5 4 17 */
-&(nid_objs[173]),/* OBJ_name                         2 5 4 41 */
-&(nid_objs[99]),/* OBJ_givenName                    2 5 4 42 */
-&(nid_objs[101]),/* OBJ_initials                     2 5 4 43 */
-&(nid_objs[509]),/* OBJ_generationQualifier          2 5 4 44 */
-&(nid_objs[503]),/* OBJ_x500UniqueIdentifier         2 5 4 45 */
-&(nid_objs[174]),/* OBJ_dnQualifier                  2 5 4 46 */
-&(nid_objs[510]),/* OBJ_pseudonym                    2 5 4 65 */
-&(nid_objs[400]),/* OBJ_role                         2 5 4 72 */
-&(nid_objs[82]),/* OBJ_subject_key_identifier       2 5 29 14 */
-&(nid_objs[83]),/* OBJ_key_usage                    2 5 29 15 */
-&(nid_objs[84]),/* OBJ_private_key_usage_period     2 5 29 16 */
-&(nid_objs[85]),/* OBJ_subject_alt_name             2 5 29 17 */
-&(nid_objs[86]),/* OBJ_issuer_alt_name              2 5 29 18 */
-&(nid_objs[87]),/* OBJ_basic_constraints            2 5 29 19 */
-&(nid_objs[88]),/* OBJ_crl_number                   2 5 29 20 */
-&(nid_objs[141]),/* OBJ_crl_reason                   2 5 29 21 */
-&(nid_objs[430]),/* OBJ_hold_instruction_code        2 5 29 23 */
-&(nid_objs[142]),/* OBJ_invalidity_date              2 5 29 24 */
-&(nid_objs[140]),/* OBJ_delta_crl                    2 5 29 27 */
-&(nid_objs[736]),/* OBJ_name_constraints             2 5 29 30 */
-&(nid_objs[103]),/* OBJ_crl_distribution_points      2 5 29 31 */
-&(nid_objs[89]),/* OBJ_certificate_policies         2 5 29 32 */
-&(nid_objs[738]),/* OBJ_policy_mappings              2 5 29 33 */
-&(nid_objs[90]),/* OBJ_authority_key_identifier     2 5 29 35 */
-&(nid_objs[401]),/* OBJ_policy_constraints           2 5 29 36 */
-&(nid_objs[126]),/* OBJ_ext_key_usage                2 5 29 37 */
-&(nid_objs[739]),/* OBJ_inhibit_any_policy           2 5 29 54 */
-&(nid_objs[402]),/* OBJ_target_information           2 5 29 55 */
-&(nid_objs[403]),/* OBJ_no_rev_avail                 2 5 29 56 */
-&(nid_objs[513]),/* OBJ_set_ctype                    2 23 42 0 */
-&(nid_objs[514]),/* OBJ_set_msgExt                   2 23 42 1 */
-&(nid_objs[515]),/* OBJ_set_attr                     2 23 42 3 */
-&(nid_objs[516]),/* OBJ_set_policy                   2 23 42 5 */
-&(nid_objs[517]),/* OBJ_set_certExt                  2 23 42 7 */
-&(nid_objs[518]),/* OBJ_set_brand                    2 23 42 8 */
-&(nid_objs[665]),/* OBJ_wap_wsg                      2 23 43 13 */
-&(nid_objs[382]),/* OBJ_Directory                    1 3 6 1 1 */
-&(nid_objs[383]),/* OBJ_Management                   1 3 6 1 2 */
-&(nid_objs[384]),/* OBJ_Experimental                 1 3 6 1 3 */
-&(nid_objs[385]),/* OBJ_Private                      1 3 6 1 4 */
-&(nid_objs[386]),/* OBJ_Security                     1 3 6 1 5 */
-&(nid_objs[387]),/* OBJ_SNMPv2                       1 3 6 1 6 */
-&(nid_objs[388]),/* OBJ_Mail                         1 3 6 1 7 */
-&(nid_objs[376]),/* OBJ_algorithm                    1 3 14 3 2 */
-&(nid_objs[395]),/* OBJ_clearance                    2 5 1 5 55 */
-&(nid_objs[19]),/* OBJ_rsa                          2 5 8 1 1 */
-&(nid_objs[96]),/* OBJ_mdc2WithRSA                  2 5 8 3 100 */
-&(nid_objs[95]),/* OBJ_mdc2                         2 5 8 3 101 */
-&(nid_objs[737]),/* OBJ_any_policy                   2 5 29 32 0 */
-&(nid_objs[519]),/* OBJ_setct_PANData                2 23 42 0 0 */
-&(nid_objs[520]),/* OBJ_setct_PANToken               2 23 42 0 1 */
-&(nid_objs[521]),/* OBJ_setct_PANOnly                2 23 42 0 2 */
-&(nid_objs[522]),/* OBJ_setct_OIData                 2 23 42 0 3 */
-&(nid_objs[523]),/* OBJ_setct_PI                     2 23 42 0 4 */
-&(nid_objs[524]),/* OBJ_setct_PIData                 2 23 42 0 5 */
-&(nid_objs[525]),/* OBJ_setct_PIDataUnsigned         2 23 42 0 6 */
-&(nid_objs[526]),/* OBJ_setct_HODInput               2 23 42 0 7 */
-&(nid_objs[527]),/* OBJ_setct_AuthResBaggage         2 23 42 0 8 */
-&(nid_objs[528]),/* OBJ_setct_AuthRevReqBaggage      2 23 42 0 9 */
-&(nid_objs[529]),/* OBJ_setct_AuthRevResBaggage      2 23 42 0 10 */
-&(nid_objs[530]),/* OBJ_setct_CapTokenSeq            2 23 42 0 11 */
-&(nid_objs[531]),/* OBJ_setct_PInitResData           2 23 42 0 12 */
-&(nid_objs[532]),/* OBJ_setct_PI_TBS                 2 23 42 0 13 */
-&(nid_objs[533]),/* OBJ_setct_PResData               2 23 42 0 14 */
-&(nid_objs[534]),/* OBJ_setct_AuthReqTBS             2 23 42 0 16 */
-&(nid_objs[535]),/* OBJ_setct_AuthResTBS             2 23 42 0 17 */
-&(nid_objs[536]),/* OBJ_setct_AuthResTBSX            2 23 42 0 18 */
-&(nid_objs[537]),/* OBJ_setct_AuthTokenTBS           2 23 42 0 19 */
-&(nid_objs[538]),/* OBJ_setct_CapTokenData           2 23 42 0 20 */
-&(nid_objs[539]),/* OBJ_setct_CapTokenTBS            2 23 42 0 21 */
-&(nid_objs[540]),/* OBJ_setct_AcqCardCodeMsg         2 23 42 0 22 */
-&(nid_objs[541]),/* OBJ_setct_AuthRevReqTBS          2 23 42 0 23 */
-&(nid_objs[542]),/* OBJ_setct_AuthRevResData         2 23 42 0 24 */
-&(nid_objs[543]),/* OBJ_setct_AuthRevResTBS          2 23 42 0 25 */
-&(nid_objs[544]),/* OBJ_setct_CapReqTBS              2 23 42 0 26 */
-&(nid_objs[545]),/* OBJ_setct_CapReqTBSX             2 23 42 0 27 */
-&(nid_objs[546]),/* OBJ_setct_CapResData             2 23 42 0 28 */
-&(nid_objs[547]),/* OBJ_setct_CapRevReqTBS           2 23 42 0 29 */
-&(nid_objs[548]),/* OBJ_setct_CapRevReqTBSX          2 23 42 0 30 */
-&(nid_objs[549]),/* OBJ_setct_CapRevResData          2 23 42 0 31 */
-&(nid_objs[550]),/* OBJ_setct_CredReqTBS             2 23 42 0 32 */
-&(nid_objs[551]),/* OBJ_setct_CredReqTBSX            2 23 42 0 33 */
-&(nid_objs[552]),/* OBJ_setct_CredResData            2 23 42 0 34 */
-&(nid_objs[553]),/* OBJ_setct_CredRevReqTBS          2 23 42 0 35 */
-&(nid_objs[554]),/* OBJ_setct_CredRevReqTBSX         2 23 42 0 36 */
-&(nid_objs[555]),/* OBJ_setct_CredRevResData         2 23 42 0 37 */
-&(nid_objs[556]),/* OBJ_setct_PCertReqData           2 23 42 0 38 */
-&(nid_objs[557]),/* OBJ_setct_PCertResTBS            2 23 42 0 39 */
-&(nid_objs[558]),/* OBJ_setct_BatchAdminReqData      2 23 42 0 40 */
-&(nid_objs[559]),/* OBJ_setct_BatchAdminResData      2 23 42 0 41 */
-&(nid_objs[560]),/* OBJ_setct_CardCInitResTBS        2 23 42 0 42 */
-&(nid_objs[561]),/* OBJ_setct_MeAqCInitResTBS        2 23 42 0 43 */
-&(nid_objs[562]),/* OBJ_setct_RegFormResTBS          2 23 42 0 44 */
-&(nid_objs[563]),/* OBJ_setct_CertReqData            2 23 42 0 45 */
-&(nid_objs[564]),/* OBJ_setct_CertReqTBS             2 23 42 0 46 */
-&(nid_objs[565]),/* OBJ_setct_CertResData            2 23 42 0 47 */
-&(nid_objs[566]),/* OBJ_setct_CertInqReqTBS          2 23 42 0 48 */
-&(nid_objs[567]),/* OBJ_setct_ErrorTBS               2 23 42 0 49 */
-&(nid_objs[568]),/* OBJ_setct_PIDualSignedTBE        2 23 42 0 50 */
-&(nid_objs[569]),/* OBJ_setct_PIUnsignedTBE          2 23 42 0 51 */
-&(nid_objs[570]),/* OBJ_setct_AuthReqTBE             2 23 42 0 52 */
-&(nid_objs[571]),/* OBJ_setct_AuthResTBE             2 23 42 0 53 */
-&(nid_objs[572]),/* OBJ_setct_AuthResTBEX            2 23 42 0 54 */
-&(nid_objs[573]),/* OBJ_setct_AuthTokenTBE           2 23 42 0 55 */
-&(nid_objs[574]),/* OBJ_setct_CapTokenTBE            2 23 42 0 56 */
-&(nid_objs[575]),/* OBJ_setct_CapTokenTBEX           2 23 42 0 57 */
-&(nid_objs[576]),/* OBJ_setct_AcqCardCodeMsgTBE      2 23 42 0 58 */
-&(nid_objs[577]),/* OBJ_setct_AuthRevReqTBE          2 23 42 0 59 */
-&(nid_objs[578]),/* OBJ_setct_AuthRevResTBE          2 23 42 0 60 */
-&(nid_objs[579]),/* OBJ_setct_AuthRevResTBEB         2 23 42 0 61 */
-&(nid_objs[580]),/* OBJ_setct_CapReqTBE              2 23 42 0 62 */
-&(nid_objs[581]),/* OBJ_setct_CapReqTBEX             2 23 42 0 63 */
-&(nid_objs[582]),/* OBJ_setct_CapResTBE              2 23 42 0 64 */
-&(nid_objs[583]),/* OBJ_setct_CapRevReqTBE           2 23 42 0 65 */
-&(nid_objs[584]),/* OBJ_setct_CapRevReqTBEX          2 23 42 0 66 */
-&(nid_objs[585]),/* OBJ_setct_CapRevResTBE           2 23 42 0 67 */
-&(nid_objs[586]),/* OBJ_setct_CredReqTBE             2 23 42 0 68 */
-&(nid_objs[587]),/* OBJ_setct_CredReqTBEX            2 23 42 0 69 */
-&(nid_objs[588]),/* OBJ_setct_CredResTBE             2 23 42 0 70 */
-&(nid_objs[589]),/* OBJ_setct_CredRevReqTBE          2 23 42 0 71 */
-&(nid_objs[590]),/* OBJ_setct_CredRevReqTBEX         2 23 42 0 72 */
-&(nid_objs[591]),/* OBJ_setct_CredRevResTBE          2 23 42 0 73 */
-&(nid_objs[592]),/* OBJ_setct_BatchAdminReqTBE       2 23 42 0 74 */
-&(nid_objs[593]),/* OBJ_setct_BatchAdminResTBE       2 23 42 0 75 */
-&(nid_objs[594]),/* OBJ_setct_RegFormReqTBE          2 23 42 0 76 */
-&(nid_objs[595]),/* OBJ_setct_CertReqTBE             2 23 42 0 77 */
-&(nid_objs[596]),/* OBJ_setct_CertReqTBEX            2 23 42 0 78 */
-&(nid_objs[597]),/* OBJ_setct_CertResTBE             2 23 42 0 79 */
-&(nid_objs[598]),/* OBJ_setct_CRLNotificationTBS     2 23 42 0 80 */
-&(nid_objs[599]),/* OBJ_setct_CRLNotificationResTBS  2 23 42 0 81 */
-&(nid_objs[600]),/* OBJ_setct_BCIDistributionTBS     2 23 42 0 82 */
-&(nid_objs[601]),/* OBJ_setext_genCrypt              2 23 42 1 1 */
-&(nid_objs[602]),/* OBJ_setext_miAuth                2 23 42 1 3 */
-&(nid_objs[603]),/* OBJ_setext_pinSecure             2 23 42 1 4 */
-&(nid_objs[604]),/* OBJ_setext_pinAny                2 23 42 1 5 */
-&(nid_objs[605]),/* OBJ_setext_track2                2 23 42 1 7 */
-&(nid_objs[606]),/* OBJ_setext_cv                    2 23 42 1 8 */
-&(nid_objs[620]),/* OBJ_setAttr_Cert                 2 23 42 3 0 */
-&(nid_objs[621]),/* OBJ_setAttr_PGWYcap              2 23 42 3 1 */
-&(nid_objs[622]),/* OBJ_setAttr_TokenType            2 23 42 3 2 */
-&(nid_objs[623]),/* OBJ_setAttr_IssCap               2 23 42 3 3 */
-&(nid_objs[607]),/* OBJ_set_policy_root              2 23 42 5 0 */
-&(nid_objs[608]),/* OBJ_setCext_hashedRoot           2 23 42 7 0 */
-&(nid_objs[609]),/* OBJ_setCext_certType             2 23 42 7 1 */
-&(nid_objs[610]),/* OBJ_setCext_merchData            2 23 42 7 2 */
-&(nid_objs[611]),/* OBJ_setCext_cCertRequired        2 23 42 7 3 */
-&(nid_objs[612]),/* OBJ_setCext_tunneling            2 23 42 7 4 */
-&(nid_objs[613]),/* OBJ_setCext_setExt               2 23 42 7 5 */
-&(nid_objs[614]),/* OBJ_setCext_setQualf             2 23 42 7 6 */
-&(nid_objs[615]),/* OBJ_setCext_PGWYcapabilities     2 23 42 7 7 */
-&(nid_objs[616]),/* OBJ_setCext_TokenIdentifier      2 23 42 7 8 */
-&(nid_objs[617]),/* OBJ_setCext_Track2Data           2 23 42 7 9 */
-&(nid_objs[618]),/* OBJ_setCext_TokenType            2 23 42 7 10 */
-&(nid_objs[619]),/* OBJ_setCext_IssuerCapabilities   2 23 42 7 11 */
-&(nid_objs[636]),/* OBJ_set_brand_IATA_ATA           2 23 42 8 1 */
-&(nid_objs[640]),/* OBJ_set_brand_Visa               2 23 42 8 4 */
-&(nid_objs[641]),/* OBJ_set_brand_MasterCard         2 23 42 8 5 */
-&(nid_objs[637]),/* OBJ_set_brand_Diners             2 23 42 8 30 */
-&(nid_objs[638]),/* OBJ_set_brand_AmericanExpress    2 23 42 8 34 */
-&(nid_objs[639]),/* OBJ_set_brand_JCB                2 23 42 8 35 */
-&(nid_objs[184]),/* OBJ_X9_57                        1 2 840 10040 */
-&(nid_objs[405]),/* OBJ_ansi_X9_62                   1 2 840 10045 */
-&(nid_objs[389]),/* OBJ_Enterprises                  1 3 6 1 4 1 */
-&(nid_objs[504]),/* OBJ_mime_mhs                     1 3 6 1 7 1 */
-&(nid_objs[104]),/* OBJ_md5WithRSA                   1 3 14 3 2 3 */
-&(nid_objs[29]),/* OBJ_des_ecb                      1 3 14 3 2 6 */
-&(nid_objs[31]),/* OBJ_des_cbc                      1 3 14 3 2 7 */
-&(nid_objs[45]),/* OBJ_des_ofb64                    1 3 14 3 2 8 */
-&(nid_objs[30]),/* OBJ_des_cfb64                    1 3 14 3 2 9 */
-&(nid_objs[377]),/* OBJ_rsaSignature                 1 3 14 3 2 11 */
-&(nid_objs[67]),/* OBJ_dsa_2                        1 3 14 3 2 12 */
-&(nid_objs[66]),/* OBJ_dsaWithSHA                   1 3 14 3 2 13 */
-&(nid_objs[42]),/* OBJ_shaWithRSAEncryption         1 3 14 3 2 15 */
-&(nid_objs[32]),/* OBJ_des_ede_ecb                  1 3 14 3 2 17 */
-&(nid_objs[41]),/* OBJ_sha                          1 3 14 3 2 18 */
-&(nid_objs[64]),/* OBJ_sha1                         1 3 14 3 2 26 */
-&(nid_objs[70]),/* OBJ_dsaWithSHA1_2                1 3 14 3 2 27 */
-&(nid_objs[115]),/* OBJ_sha1WithRSA                  1 3 14 3 2 29 */
-&(nid_objs[117]),/* OBJ_ripemd160                    1 3 36 3 2 1 */
-&(nid_objs[143]),/* OBJ_sxnet                        1 3 101 1 4 1 */
-&(nid_objs[707]),/* OBJ_sect163k1                    1 3 132 0 1 */
-&(nid_objs[708]),/* OBJ_sect163r1                    1 3 132 0 2 */
-&(nid_objs[714]),/* OBJ_sect239k1                    1 3 132 0 3 */
-&(nid_objs[703]),/* OBJ_sect113r1                    1 3 132 0 4 */
-&(nid_objs[704]),/* OBJ_sect113r2                    1 3 132 0 5 */
-&(nid_objs[690]),/* OBJ_secp112r1                    1 3 132 0 6 */
-&(nid_objs[691]),/* OBJ_secp112r2                    1 3 132 0 7 */
-&(nid_objs[695]),/* OBJ_secp160r1                    1 3 132 0 8 */
-&(nid_objs[694]),/* OBJ_secp160k1                    1 3 132 0 9 */
-&(nid_objs[700]),/* OBJ_secp256k1                    1 3 132 0 10 */
-&(nid_objs[709]),/* OBJ_sect163r2                    1 3 132 0 15 */
-&(nid_objs[715]),/* OBJ_sect283k1                    1 3 132 0 16 */
-&(nid_objs[716]),/* OBJ_sect283r1                    1 3 132 0 17 */
-&(nid_objs[705]),/* OBJ_sect131r1                    1 3 132 0 22 */
-&(nid_objs[706]),/* OBJ_sect131r2                    1 3 132 0 23 */
-&(nid_objs[710]),/* OBJ_sect193r1                    1 3 132 0 24 */
-&(nid_objs[711]),/* OBJ_sect193r2                    1 3 132 0 25 */
-&(nid_objs[712]),/* OBJ_sect233k1                    1 3 132 0 26 */
-&(nid_objs[713]),/* OBJ_sect233r1                    1 3 132 0 27 */
-&(nid_objs[692]),/* OBJ_secp128r1                    1 3 132 0 28 */
-&(nid_objs[693]),/* OBJ_secp128r2                    1 3 132 0 29 */
-&(nid_objs[696]),/* OBJ_secp160r2                    1 3 132 0 30 */
-&(nid_objs[697]),/* OBJ_secp192k1                    1 3 132 0 31 */
-&(nid_objs[698]),/* OBJ_secp224k1                    1 3 132 0 32 */
-&(nid_objs[699]),/* OBJ_secp224r1                    1 3 132 0 33 */
-&(nid_objs[701]),/* OBJ_secp384r1                    1 3 132 0 34 */
-&(nid_objs[702]),/* OBJ_secp521r1                    1 3 132 0 35 */
-&(nid_objs[717]),/* OBJ_sect409k1                    1 3 132 0 36 */
-&(nid_objs[718]),/* OBJ_sect409r1                    1 3 132 0 37 */
-&(nid_objs[719]),/* OBJ_sect571k1                    1 3 132 0 38 */
-&(nid_objs[720]),/* OBJ_sect571r1                    1 3 132 0 39 */
-&(nid_objs[624]),/* OBJ_set_rootKeyThumb             2 23 42 3 0 0 */
-&(nid_objs[625]),/* OBJ_set_addPolicy                2 23 42 3 0 1 */
-&(nid_objs[626]),/* OBJ_setAttr_Token_EMV            2 23 42 3 2 1 */
-&(nid_objs[627]),/* OBJ_setAttr_Token_B0Prime        2 23 42 3 2 2 */
-&(nid_objs[628]),/* OBJ_setAttr_IssCap_CVM           2 23 42 3 3 3 */
-&(nid_objs[629]),/* OBJ_setAttr_IssCap_T2            2 23 42 3 3 4 */
-&(nid_objs[630]),/* OBJ_setAttr_IssCap_Sig           2 23 42 3 3 5 */
-&(nid_objs[642]),/* OBJ_set_brand_Novus              2 23 42 8 6011 */
-&(nid_objs[721]),/* OBJ_wap_wsg_idm_ecid_wtls1       2 23 43 13 4 1 */
-&(nid_objs[722]),/* OBJ_wap_wsg_idm_ecid_wtls3       2 23 43 13 4 3 */
-&(nid_objs[723]),/* OBJ_wap_wsg_idm_ecid_wtls4       2 23 43 13 4 4 */
-&(nid_objs[724]),/* OBJ_wap_wsg_idm_ecid_wtls5       2 23 43 13 4 5 */
-&(nid_objs[725]),/* OBJ_wap_wsg_idm_ecid_wtls6       2 23 43 13 4 6 */
-&(nid_objs[726]),/* OBJ_wap_wsg_idm_ecid_wtls7       2 23 43 13 4 7 */
-&(nid_objs[727]),/* OBJ_wap_wsg_idm_ecid_wtls8       2 23 43 13 4 8 */
-&(nid_objs[728]),/* OBJ_wap_wsg_idm_ecid_wtls9       2 23 43 13 4 9 */
-&(nid_objs[729]),/* OBJ_wap_wsg_idm_ecid_wtls10      2 23 43 13 4 10 */
-&(nid_objs[730]),/* OBJ_wap_wsg_idm_ecid_wtls11      2 23 43 13 4 11 */
-&(nid_objs[731]),/* OBJ_wap_wsg_idm_ecid_wtls12      2 23 43 13 4 12 */
-&(nid_objs[124]),/* OBJ_rle_compression              1 1 1 1 666 1 */
-&(nid_objs[125]),/* OBJ_zlib_compression             1 1 1 1 666 2 */
-&(nid_objs[ 1]),/* OBJ_rsadsi                       1 2 840 113549 */
-&(nid_objs[185]),/* OBJ_X9cm                         1 2 840 10040 4 */
-&(nid_objs[127]),/* OBJ_id_pkix                      1 3 6 1 5 5 7 */
-&(nid_objs[505]),/* OBJ_mime_mhs_headings            1 3 6 1 7 1 1 */
-&(nid_objs[506]),/* OBJ_mime_mhs_bodies              1 3 6 1 7 1 2 */
-&(nid_objs[119]),/* OBJ_ripemd160WithRSA             1 3 36 3 3 1 2 */
-&(nid_objs[631]),/* OBJ_setAttr_GenCryptgrm          2 23 42 3 3 3 1 */
-&(nid_objs[632]),/* OBJ_setAttr_T2Enc                2 23 42 3 3 4 1 */
-&(nid_objs[633]),/* OBJ_setAttr_T2cleartxt           2 23 42 3 3 4 2 */
-&(nid_objs[634]),/* OBJ_setAttr_TokICCsig            2 23 42 3 3 5 1 */
-&(nid_objs[635]),/* OBJ_setAttr_SecDevSig            2 23 42 3 3 5 2 */
-&(nid_objs[436]),/* OBJ_ucl                          0 9 2342 19200300 */
-&(nid_objs[ 2]),/* OBJ_pkcs                         1 2 840 113549 1 */
-&(nid_objs[431]),/* OBJ_hold_instruction_none        1 2 840 10040 2 1 */
-&(nid_objs[432]),/* OBJ_hold_instruction_call_issuer 1 2 840 10040 2 2 */
-&(nid_objs[433]),/* OBJ_hold_instruction_reject      1 2 840 10040 2 3 */
-&(nid_objs[116]),/* OBJ_dsa                          1 2 840 10040 4 1 */
-&(nid_objs[113]),/* OBJ_dsaWithSHA1                  1 2 840 10040 4 3 */
-&(nid_objs[406]),/* OBJ_X9_62_prime_field            1 2 840 10045 1 1 */
-&(nid_objs[407]),/* OBJ_X9_62_characteristic_two_field 1 2 840 10045 1 2 */
-&(nid_objs[408]),/* OBJ_X9_62_id_ecPublicKey         1 2 840 10045 2 1 */
-&(nid_objs[416]),/* OBJ_ecdsa_with_SHA1              1 2 840 10045 4 1 */
-&(nid_objs[258]),/* OBJ_id_pkix_mod                  1 3 6 1 5 5 7 0 */
-&(nid_objs[175]),/* OBJ_id_pe                        1 3 6 1 5 5 7 1 */
-&(nid_objs[259]),/* OBJ_id_qt                        1 3 6 1 5 5 7 2 */
-&(nid_objs[128]),/* OBJ_id_kp                        1 3 6 1 5 5 7 3 */
-&(nid_objs[260]),/* OBJ_id_it                        1 3 6 1 5 5 7 4 */
-&(nid_objs[261]),/* OBJ_id_pkip                      1 3 6 1 5 5 7 5 */
-&(nid_objs[262]),/* OBJ_id_alg                       1 3 6 1 5 5 7 6 */
-&(nid_objs[263]),/* OBJ_id_cmc                       1 3 6 1 5 5 7 7 */
-&(nid_objs[264]),/* OBJ_id_on                        1 3 6 1 5 5 7 8 */
-&(nid_objs[265]),/* OBJ_id_pda                       1 3 6 1 5 5 7 9 */
-&(nid_objs[266]),/* OBJ_id_aca                       1 3 6 1 5 5 7 10 */
-&(nid_objs[267]),/* OBJ_id_qcs                       1 3 6 1 5 5 7 11 */
-&(nid_objs[268]),/* OBJ_id_cct                       1 3 6 1 5 5 7 12 */
-&(nid_objs[746]),/* OBJ_id_ppl                       1 3 6 1 5 5 7 21 */
-&(nid_objs[176]),/* OBJ_id_ad                        1 3 6 1 5 5 7 48 */
-&(nid_objs[507]),/* OBJ_id_hex_partial_message       1 3 6 1 7 1 1 1 */
-&(nid_objs[508]),/* OBJ_id_hex_multipart_message     1 3 6 1 7 1 1 2 */
-&(nid_objs[57]),/* OBJ_netscape                     2 16 840 1 113730 */
-&(nid_objs[437]),/* OBJ_pilot                        0 9 2342 19200300 100 */
-&(nid_objs[186]),/* OBJ_pkcs1                        1 2 840 113549 1 1 */
-&(nid_objs[27]),/* OBJ_pkcs3                        1 2 840 113549 1 3 */
-&(nid_objs[187]),/* OBJ_pkcs5                        1 2 840 113549 1 5 */
-&(nid_objs[20]),/* OBJ_pkcs7                        1 2 840 113549 1 7 */
-&(nid_objs[47]),/* OBJ_pkcs9                        1 2 840 113549 1 9 */
-&(nid_objs[ 3]),/* OBJ_md2                          1 2 840 113549 2 2 */
-&(nid_objs[257]),/* OBJ_md4                          1 2 840 113549 2 4 */
-&(nid_objs[ 4]),/* OBJ_md5                          1 2 840 113549 2 5 */
-&(nid_objs[163]),/* OBJ_hmacWithSHA1                 1 2 840 113549 2 7 */
-&(nid_objs[37]),/* OBJ_rc2_cbc                      1 2 840 113549 3 2 */
-&(nid_objs[ 5]),/* OBJ_rc4                          1 2 840 113549 3 4 */
-&(nid_objs[44]),/* OBJ_des_ede3_cbc                 1 2 840 113549 3 7 */
-&(nid_objs[120]),/* OBJ_rc5_cbc                      1 2 840 113549 3 8 */
-&(nid_objs[643]),/* OBJ_des_cdmf                     1 2 840 113549 3 10 */
-&(nid_objs[666]),/* OBJ_X9_62_id_characteristic_two_basis 1 2 840 10045 1 2 3 */
-&(nid_objs[670]),/* OBJ_X9_62_c2pnb163v1             1 2 840 10045 3 0 1 */
-&(nid_objs[671]),/* OBJ_X9_62_c2pnb163v2             1 2 840 10045 3 0 2 */
-&(nid_objs[672]),/* OBJ_X9_62_c2pnb163v3             1 2 840 10045 3 0 3 */
-&(nid_objs[673]),/* OBJ_X9_62_c2pnb176v1             1 2 840 10045 3 0 4 */
-&(nid_objs[674]),/* OBJ_X9_62_c2tnb191v1             1 2 840 10045 3 0 5 */
-&(nid_objs[675]),/* OBJ_X9_62_c2tnb191v2             1 2 840 10045 3 0 6 */
-&(nid_objs[676]),/* OBJ_X9_62_c2tnb191v3             1 2 840 10045 3 0 7 */
-&(nid_objs[677]),/* OBJ_X9_62_c2onb191v4             1 2 840 10045 3 0 8 */
-&(nid_objs[678]),/* OBJ_X9_62_c2onb191v5             1 2 840 10045 3 0 9 */
-&(nid_objs[679]),/* OBJ_X9_62_c2pnb208w1             1 2 840 10045 3 0 10 */
-&(nid_objs[680]),/* OBJ_X9_62_c2tnb239v1             1 2 840 10045 3 0 11 */
-&(nid_objs[681]),/* OBJ_X9_62_c2tnb239v2             1 2 840 10045 3 0 12 */
-&(nid_objs[682]),/* OBJ_X9_62_c2tnb239v3             1 2 840 10045 3 0 13 */
-&(nid_objs[683]),/* OBJ_X9_62_c2onb239v4             1 2 840 10045 3 0 14 */
-&(nid_objs[684]),/* OBJ_X9_62_c2onb239v5             1 2 840 10045 3 0 15 */
-&(nid_objs[685]),/* OBJ_X9_62_c2pnb272w1             1 2 840 10045 3 0 16 */
-&(nid_objs[686]),/* OBJ_X9_62_c2pnb304w1             1 2 840 10045 3 0 17 */
-&(nid_objs[687]),/* OBJ_X9_62_c2tnb359v1             1 2 840 10045 3 0 18 */
-&(nid_objs[688]),/* OBJ_X9_62_c2pnb368w1             1 2 840 10045 3 0 19 */
-&(nid_objs[689]),/* OBJ_X9_62_c2tnb431r1             1 2 840 10045 3 0 20 */
-&(nid_objs[409]),/* OBJ_X9_62_prime192v1             1 2 840 10045 3 1 1 */
-&(nid_objs[410]),/* OBJ_X9_62_prime192v2             1 2 840 10045 3 1 2 */
-&(nid_objs[411]),/* OBJ_X9_62_prime192v3             1 2 840 10045 3 1 3 */
-&(nid_objs[412]),/* OBJ_X9_62_prime239v1             1 2 840 10045 3 1 4 */
-&(nid_objs[413]),/* OBJ_X9_62_prime239v2             1 2 840 10045 3 1 5 */
-&(nid_objs[414]),/* OBJ_X9_62_prime239v3             1 2 840 10045 3 1 6 */
-&(nid_objs[415]),/* OBJ_X9_62_prime256v1             1 2 840 10045 3 1 7 */
-&(nid_objs[269]),/* OBJ_id_pkix1_explicit_88         1 3 6 1 5 5 7 0 1 */
-&(nid_objs[270]),/* OBJ_id_pkix1_implicit_88         1 3 6 1 5 5 7 0 2 */
-&(nid_objs[271]),/* OBJ_id_pkix1_explicit_93         1 3 6 1 5 5 7 0 3 */
-&(nid_objs[272]),/* OBJ_id_pkix1_implicit_93         1 3 6 1 5 5 7 0 4 */
-&(nid_objs[273]),/* OBJ_id_mod_crmf                  1 3 6 1 5 5 7 0 5 */
-&(nid_objs[274]),/* OBJ_id_mod_cmc                   1 3 6 1 5 5 7 0 6 */
-&(nid_objs[275]),/* OBJ_id_mod_kea_profile_88        1 3 6 1 5 5 7 0 7 */
-&(nid_objs[276]),/* OBJ_id_mod_kea_profile_93        1 3 6 1 5 5 7 0 8 */
-&(nid_objs[277]),/* OBJ_id_mod_cmp                   1 3 6 1 5 5 7 0 9 */
-&(nid_objs[278]),/* OBJ_id_mod_qualified_cert_88     1 3 6 1 5 5 7 0 10 */
-&(nid_objs[279]),/* OBJ_id_mod_qualified_cert_93     1 3 6 1 5 5 7 0 11 */
-&(nid_objs[280]),/* OBJ_id_mod_attribute_cert        1 3 6 1 5 5 7 0 12 */
-&(nid_objs[281]),/* OBJ_id_mod_timestamp_protocol    1 3 6 1 5 5 7 0 13 */
-&(nid_objs[282]),/* OBJ_id_mod_ocsp                  1 3 6 1 5 5 7 0 14 */
-&(nid_objs[283]),/* OBJ_id_mod_dvcs                  1 3 6 1 5 5 7 0 15 */
-&(nid_objs[284]),/* OBJ_id_mod_cmp2000               1 3 6 1 5 5 7 0 16 */
-&(nid_objs[177]),/* OBJ_info_access                  1 3 6 1 5 5 7 1 1 */
-&(nid_objs[285]),/* OBJ_biometricInfo                1 3 6 1 5 5 7 1 2 */
-&(nid_objs[286]),/* OBJ_qcStatements                 1 3 6 1 5 5 7 1 3 */
-&(nid_objs[287]),/* OBJ_ac_auditEntity               1 3 6 1 5 5 7 1 4 */
-&(nid_objs[288]),/* OBJ_ac_targeting                 1 3 6 1 5 5 7 1 5 */
-&(nid_objs[289]),/* OBJ_aaControls                   1 3 6 1 5 5 7 1 6 */
-&(nid_objs[290]),/* OBJ_sbqp_ipAddrBlock             1 3 6 1 5 5 7 1 7 */
-&(nid_objs[291]),/* OBJ_sbqp_autonomousSysNum        1 3 6 1 5 5 7 1 8 */
-&(nid_objs[292]),/* OBJ_sbqp_routerIdentifier        1 3 6 1 5 5 7 1 9 */
-&(nid_objs[397]),/* OBJ_ac_proxying                  1 3 6 1 5 5 7 1 10 */
-&(nid_objs[398]),/* OBJ_sinfo_access                 1 3 6 1 5 5 7 1 11 */
-&(nid_objs[747]),/* OBJ_proxyCertInfo                1 3 6 1 5 5 7 1 14 */
-&(nid_objs[164]),/* OBJ_id_qt_cps                    1 3 6 1 5 5 7 2 1 */
-&(nid_objs[165]),/* OBJ_id_qt_unotice                1 3 6 1 5 5 7 2 2 */
-&(nid_objs[293]),/* OBJ_textNotice                   1 3 6 1 5 5 7 2 3 */
-&(nid_objs[129]),/* OBJ_server_auth                  1 3 6 1 5 5 7 3 1 */
-&(nid_objs[130]),/* OBJ_client_auth                  1 3 6 1 5 5 7 3 2 */
-&(nid_objs[131]),/* OBJ_code_sign                    1 3 6 1 5 5 7 3 3 */
-&(nid_objs[132]),/* OBJ_email_protect                1 3 6 1 5 5 7 3 4 */
-&(nid_objs[294]),/* OBJ_ipsecEndSystem               1 3 6 1 5 5 7 3 5 */
-&(nid_objs[295]),/* OBJ_ipsecTunnel                  1 3 6 1 5 5 7 3 6 */
-&(nid_objs[296]),/* OBJ_ipsecUser                    1 3 6 1 5 5 7 3 7 */
-&(nid_objs[133]),/* OBJ_time_stamp                   1 3 6 1 5 5 7 3 8 */
-&(nid_objs[180]),/* OBJ_OCSP_sign                    1 3 6 1 5 5 7 3 9 */
-&(nid_objs[297]),/* OBJ_dvcs                         1 3 6 1 5 5 7 3 10 */
-&(nid_objs[298]),/* OBJ_id_it_caProtEncCert          1 3 6 1 5 5 7 4 1 */
-&(nid_objs[299]),/* OBJ_id_it_signKeyPairTypes       1 3 6 1 5 5 7 4 2 */
-&(nid_objs[300]),/* OBJ_id_it_encKeyPairTypes        1 3 6 1 5 5 7 4 3 */
-&(nid_objs[301]),/* OBJ_id_it_preferredSymmAlg       1 3 6 1 5 5 7 4 4 */
-&(nid_objs[302]),/* OBJ_id_it_caKeyUpdateInfo        1 3 6 1 5 5 7 4 5 */
-&(nid_objs[303]),/* OBJ_id_it_currentCRL             1 3 6 1 5 5 7 4 6 */
-&(nid_objs[304]),/* OBJ_id_it_unsupportedOIDs        1 3 6 1 5 5 7 4 7 */
-&(nid_objs[305]),/* OBJ_id_it_subscriptionRequest    1 3 6 1 5 5 7 4 8 */
-&(nid_objs[306]),/* OBJ_id_it_subscriptionResponse   1 3 6 1 5 5 7 4 9 */
-&(nid_objs[307]),/* OBJ_id_it_keyPairParamReq        1 3 6 1 5 5 7 4 10 */
-&(nid_objs[308]),/* OBJ_id_it_keyPairParamRep        1 3 6 1 5 5 7 4 11 */
-&(nid_objs[309]),/* OBJ_id_it_revPassphrase          1 3 6 1 5 5 7 4 12 */
-&(nid_objs[310]),/* OBJ_id_it_implicitConfirm        1 3 6 1 5 5 7 4 13 */
-&(nid_objs[311]),/* OBJ_id_it_confirmWaitTime        1 3 6 1 5 5 7 4 14 */
-&(nid_objs[312]),/* OBJ_id_it_origPKIMessage         1 3 6 1 5 5 7 4 15 */
-&(nid_objs[313]),/* OBJ_id_regCtrl                   1 3 6 1 5 5 7 5 1 */
-&(nid_objs[314]),/* OBJ_id_regInfo                   1 3 6 1 5 5 7 5 2 */
-&(nid_objs[323]),/* OBJ_id_alg_des40                 1 3 6 1 5 5 7 6 1 */
-&(nid_objs[324]),/* OBJ_id_alg_noSignature           1 3 6 1 5 5 7 6 2 */
-&(nid_objs[325]),/* OBJ_id_alg_dh_sig_hmac_sha1      1 3 6 1 5 5 7 6 3 */
-&(nid_objs[326]),/* OBJ_id_alg_dh_pop                1 3 6 1 5 5 7 6 4 */
-&(nid_objs[327]),/* OBJ_id_cmc_statusInfo            1 3 6 1 5 5 7 7 1 */
-&(nid_objs[328]),/* OBJ_id_cmc_identification        1 3 6 1 5 5 7 7 2 */
-&(nid_objs[329]),/* OBJ_id_cmc_identityProof         1 3 6 1 5 5 7 7 3 */
-&(nid_objs[330]),/* OBJ_id_cmc_dataReturn            1 3 6 1 5 5 7 7 4 */
-&(nid_objs[331]),/* OBJ_id_cmc_transactionId         1 3 6 1 5 5 7 7 5 */
-&(nid_objs[332]),/* OBJ_id_cmc_senderNonce           1 3 6 1 5 5 7 7 6 */
-&(nid_objs[333]),/* OBJ_id_cmc_recipientNonce        1 3 6 1 5 5 7 7 7 */
-&(nid_objs[334]),/* OBJ_id_cmc_addExtensions         1 3 6 1 5 5 7 7 8 */
-&(nid_objs[335]),/* OBJ_id_cmc_encryptedPOP          1 3 6 1 5 5 7 7 9 */
-&(nid_objs[336]),/* OBJ_id_cmc_decryptedPOP          1 3 6 1 5 5 7 7 10 */
-&(nid_objs[337]),/* OBJ_id_cmc_lraPOPWitness         1 3 6 1 5 5 7 7 11 */
-&(nid_objs[338]),/* OBJ_id_cmc_getCert               1 3 6 1 5 5 7 7 15 */
-&(nid_objs[339]),/* OBJ_id_cmc_getCRL                1 3 6 1 5 5 7 7 16 */
-&(nid_objs[340]),/* OBJ_id_cmc_revokeRequest         1 3 6 1 5 5 7 7 17 */
-&(nid_objs[341]),/* OBJ_id_cmc_regInfo               1 3 6 1 5 5 7 7 18 */
-&(nid_objs[342]),/* OBJ_id_cmc_responseInfo          1 3 6 1 5 5 7 7 19 */
-&(nid_objs[343]),/* OBJ_id_cmc_queryPending          1 3 6 1 5 5 7 7 21 */
-&(nid_objs[344]),/* OBJ_id_cmc_popLinkRandom         1 3 6 1 5 5 7 7 22 */
-&(nid_objs[345]),/* OBJ_id_cmc_popLinkWitness        1 3 6 1 5 5 7 7 23 */
-&(nid_objs[346]),/* OBJ_id_cmc_confirmCertAcceptance 1 3 6 1 5 5 7 7 24 */
-&(nid_objs[347]),/* OBJ_id_on_personalData           1 3 6 1 5 5 7 8 1 */
-&(nid_objs[348]),/* OBJ_id_pda_dateOfBirth           1 3 6 1 5 5 7 9 1 */
-&(nid_objs[349]),/* OBJ_id_pda_placeOfBirth          1 3 6 1 5 5 7 9 2 */
-&(nid_objs[351]),/* OBJ_id_pda_gender                1 3 6 1 5 5 7 9 3 */
-&(nid_objs[352]),/* OBJ_id_pda_countryOfCitizenship  1 3 6 1 5 5 7 9 4 */
-&(nid_objs[353]),/* OBJ_id_pda_countryOfResidence    1 3 6 1 5 5 7 9 5 */
-&(nid_objs[354]),/* OBJ_id_aca_authenticationInfo    1 3 6 1 5 5 7 10 1 */
-&(nid_objs[355]),/* OBJ_id_aca_accessIdentity        1 3 6 1 5 5 7 10 2 */
-&(nid_objs[356]),/* OBJ_id_aca_chargingIdentity      1 3 6 1 5 5 7 10 3 */
-&(nid_objs[357]),/* OBJ_id_aca_group                 1 3 6 1 5 5 7 10 4 */
-&(nid_objs[358]),/* OBJ_id_aca_role                  1 3 6 1 5 5 7 10 5 */
-&(nid_objs[399]),/* OBJ_id_aca_encAttrs              1 3 6 1 5 5 7 10 6 */
-&(nid_objs[359]),/* OBJ_id_qcs_pkixQCSyntax_v1       1 3 6 1 5 5 7 11 1 */
-&(nid_objs[360]),/* OBJ_id_cct_crs                   1 3 6 1 5 5 7 12 1 */
-&(nid_objs[361]),/* OBJ_id_cct_PKIData               1 3 6 1 5 5 7 12 2 */
-&(nid_objs[362]),/* OBJ_id_cct_PKIResponse           1 3 6 1 5 5 7 12 3 */
-&(nid_objs[748]),/* OBJ_id_ppl_anyLanguage           1 3 6 1 5 5 7 21 0 */
-&(nid_objs[749]),/* OBJ_id_ppl_inheritAll            1 3 6 1 5 5 7 21 1 */
-&(nid_objs[750]),/* OBJ_Independent                  1 3 6 1 5 5 7 21 2 */
-&(nid_objs[178]),/* OBJ_ad_OCSP                      1 3 6 1 5 5 7 48 1 */
-&(nid_objs[179]),/* OBJ_ad_ca_issuers                1 3 6 1 5 5 7 48 2 */
-&(nid_objs[363]),/* OBJ_ad_timeStamping              1 3 6 1 5 5 7 48 3 */
-&(nid_objs[364]),/* OBJ_ad_dvcs                      1 3 6 1 5 5 7 48 4 */
-&(nid_objs[58]),/* OBJ_netscape_cert_extension      2 16 840 1 113730 1 */
-&(nid_objs[59]),/* OBJ_netscape_data_type           2 16 840 1 113730 2 */
-&(nid_objs[438]),/* OBJ_pilotAttributeType           0 9 2342 19200300 100 1 */
-&(nid_objs[439]),/* OBJ_pilotAttributeSyntax         0 9 2342 19200300 100 3 */
-&(nid_objs[440]),/* OBJ_pilotObjectClass             0 9 2342 19200300 100 4 */
-&(nid_objs[441]),/* OBJ_pilotGroups                  0 9 2342 19200300 100 10 */
-&(nid_objs[108]),/* OBJ_cast5_cbc                    1 2 840 113533 7 66 10 */
-&(nid_objs[112]),/* OBJ_pbeWithMD5AndCast5_CBC       1 2 840 113533 7 66 12 */
-&(nid_objs[ 6]),/* OBJ_rsaEncryption                1 2 840 113549 1 1 1 */
-&(nid_objs[ 7]),/* OBJ_md2WithRSAEncryption         1 2 840 113549 1 1 2 */
-&(nid_objs[396]),/* OBJ_md4WithRSAEncryption         1 2 840 113549 1 1 3 */
-&(nid_objs[ 8]),/* OBJ_md5WithRSAEncryption         1 2 840 113549 1 1 4 */
-&(nid_objs[65]),/* OBJ_sha1WithRSAEncryption        1 2 840 113549 1 1 5 */
-&(nid_objs[644]),/* OBJ_rsaOAEPEncryptionSET         1 2 840 113549 1 1 6 */
-&(nid_objs[732]),/* OBJ_sha256WithRSAEncryption      1 2 840 113549 1 1 11 */
-&(nid_objs[733]),/* OBJ_sha384WithRSAEncryption      1 2 840 113549 1 1 12 */
-&(nid_objs[734]),/* OBJ_sha512WithRSAEncryption      1 2 840 113549 1 1 13 */
-&(nid_objs[735]),/* OBJ_sha224WithRSAEncryption      1 2 840 113549 1 1 14 */
-&(nid_objs[28]),/* OBJ_dhKeyAgreement               1 2 840 113549 1 3 1 */
-&(nid_objs[ 9]),/* OBJ_pbeWithMD2AndDES_CBC         1 2 840 113549 1 5 1 */
-&(nid_objs[10]),/* OBJ_pbeWithMD5AndDES_CBC         1 2 840 113549 1 5 3 */
-&(nid_objs[168]),/* OBJ_pbeWithMD2AndRC2_CBC         1 2 840 113549 1 5 4 */
-&(nid_objs[169]),/* OBJ_pbeWithMD5AndRC2_CBC         1 2 840 113549 1 5 6 */
-&(nid_objs[170]),/* OBJ_pbeWithSHA1AndDES_CBC        1 2 840 113549 1 5 10 */
-&(nid_objs[68]),/* OBJ_pbeWithSHA1AndRC2_CBC        1 2 840 113549 1 5 11 */
-&(nid_objs[69]),/* OBJ_id_pbkdf2                    1 2 840 113549 1 5 12 */
-&(nid_objs[161]),/* OBJ_pbes2                        1 2 840 113549 1 5 13 */
-&(nid_objs[162]),/* OBJ_pbmac1                       1 2 840 113549 1 5 14 */
-&(nid_objs[21]),/* OBJ_pkcs7_data                   1 2 840 113549 1 7 1 */
-&(nid_objs[22]),/* OBJ_pkcs7_signed                 1 2 840 113549 1 7 2 */
-&(nid_objs[23]),/* OBJ_pkcs7_enveloped              1 2 840 113549 1 7 3 */
-&(nid_objs[24]),/* OBJ_pkcs7_signedAndEnveloped     1 2 840 113549 1 7 4 */
-&(nid_objs[25]),/* OBJ_pkcs7_digest                 1 2 840 113549 1 7 5 */
-&(nid_objs[26]),/* OBJ_pkcs7_encrypted              1 2 840 113549 1 7 6 */
-&(nid_objs[48]),/* OBJ_pkcs9_emailAddress           1 2 840 113549 1 9 1 */
-&(nid_objs[49]),/* OBJ_pkcs9_unstructuredName       1 2 840 113549 1 9 2 */
-&(nid_objs[50]),/* OBJ_pkcs9_contentType            1 2 840 113549 1 9 3 */
-&(nid_objs[51]),/* OBJ_pkcs9_messageDigest          1 2 840 113549 1 9 4 */
-&(nid_objs[52]),/* OBJ_pkcs9_signingTime            1 2 840 113549 1 9 5 */
-&(nid_objs[53]),/* OBJ_pkcs9_countersignature       1 2 840 113549 1 9 6 */
-&(nid_objs[54]),/* OBJ_pkcs9_challengePassword      1 2 840 113549 1 9 7 */
-&(nid_objs[55]),/* OBJ_pkcs9_unstructuredAddress    1 2 840 113549 1 9 8 */
-&(nid_objs[56]),/* OBJ_pkcs9_extCertAttributes      1 2 840 113549 1 9 9 */
-&(nid_objs[172]),/* OBJ_ext_req                      1 2 840 113549 1 9 14 */
-&(nid_objs[167]),/* OBJ_SMIMECapabilities            1 2 840 113549 1 9 15 */
-&(nid_objs[188]),/* OBJ_SMIME                        1 2 840 113549 1 9 16 */
-&(nid_objs[156]),/* OBJ_friendlyName                 1 2 840 113549 1 9 20 */
-&(nid_objs[157]),/* OBJ_localKeyID                   1 2 840 113549 1 9 21 */
-&(nid_objs[667]),/* OBJ_X9_62_onBasis                1 2 840 10045 1 2 3 1 */
-&(nid_objs[668]),/* OBJ_X9_62_tpBasis                1 2 840 10045 1 2 3 2 */
-&(nid_objs[669]),/* OBJ_X9_62_ppBasis                1 2 840 10045 1 2 3 3 */
-&(nid_objs[417]),/* OBJ_ms_csp_name                  1 3 6 1 4 1 311 17 1 */
-&(nid_objs[390]),/* OBJ_dcObject                     1 3 6 1 4 1 1466 344 */
-&(nid_objs[91]),/* OBJ_bf_cbc                       1 3 6 1 4 1 3029 1 2 */
-&(nid_objs[315]),/* OBJ_id_regCtrl_regToken          1 3 6 1 5 5 7 5 1 1 */
-&(nid_objs[316]),/* OBJ_id_regCtrl_authenticator     1 3 6 1 5 5 7 5 1 2 */
-&(nid_objs[317]),/* OBJ_id_regCtrl_pkiPublicationInfo 1 3 6 1 5 5 7 5 1 3 */
-&(nid_objs[318]),/* OBJ_id_regCtrl_pkiArchiveOptions 1 3 6 1 5 5 7 5 1 4 */
-&(nid_objs[319]),/* OBJ_id_regCtrl_oldCertID         1 3 6 1 5 5 7 5 1 5 */
-&(nid_objs[320]),/* OBJ_id_regCtrl_protocolEncrKey   1 3 6 1 5 5 7 5 1 6 */
-&(nid_objs[321]),/* OBJ_id_regInfo_utf8Pairs         1 3 6 1 5 5 7 5 2 1 */
-&(nid_objs[322]),/* OBJ_id_regInfo_certReq           1 3 6 1 5 5 7 5 2 2 */
-&(nid_objs[365]),/* OBJ_id_pkix_OCSP_basic           1 3 6 1 5 5 7 48 1 1 */
-&(nid_objs[366]),/* OBJ_id_pkix_OCSP_Nonce           1 3 6 1 5 5 7 48 1 2 */
-&(nid_objs[367]),/* OBJ_id_pkix_OCSP_CrlID           1 3 6 1 5 5 7 48 1 3 */
-&(nid_objs[368]),/* OBJ_id_pkix_OCSP_acceptableResponses 1 3 6 1 5 5 7 48 1 4 */
-&(nid_objs[369]),/* OBJ_id_pkix_OCSP_noCheck         1 3 6 1 5 5 7 48 1 5 */
-&(nid_objs[370]),/* OBJ_id_pkix_OCSP_archiveCutoff   1 3 6 1 5 5 7 48 1 6 */
-&(nid_objs[371]),/* OBJ_id_pkix_OCSP_serviceLocator  1 3 6 1 5 5 7 48 1 7 */
-&(nid_objs[372]),/* OBJ_id_pkix_OCSP_extendedStatus  1 3 6 1 5 5 7 48 1 8 */
-&(nid_objs[373]),/* OBJ_id_pkix_OCSP_valid           1 3 6 1 5 5 7 48 1 9 */
-&(nid_objs[374]),/* OBJ_id_pkix_OCSP_path            1 3 6 1 5 5 7 48 1 10 */
-&(nid_objs[375]),/* OBJ_id_pkix_OCSP_trustRoot       1 3 6 1 5 5 7 48 1 11 */
-&(nid_objs[418]),/* OBJ_aes_128_ecb                  2 16 840 1 101 3 4 1 1 */
-&(nid_objs[419]),/* OBJ_aes_128_cbc                  2 16 840 1 101 3 4 1 2 */
-&(nid_objs[420]),/* OBJ_aes_128_ofb128               2 16 840 1 101 3 4 1 3 */
-&(nid_objs[421]),/* OBJ_aes_128_cfb128               2 16 840 1 101 3 4 1 4 */
-&(nid_objs[422]),/* OBJ_aes_192_ecb                  2 16 840 1 101 3 4 1 21 */
-&(nid_objs[423]),/* OBJ_aes_192_cbc                  2 16 840 1 101 3 4 1 22 */
-&(nid_objs[424]),/* OBJ_aes_192_ofb128               2 16 840 1 101 3 4 1 23 */
-&(nid_objs[425]),/* OBJ_aes_192_cfb128               2 16 840 1 101 3 4 1 24 */
-&(nid_objs[426]),/* OBJ_aes_256_ecb                  2 16 840 1 101 3 4 1 41 */
-&(nid_objs[427]),/* OBJ_aes_256_cbc                  2 16 840 1 101 3 4 1 42 */
-&(nid_objs[428]),/* OBJ_aes_256_ofb128               2 16 840 1 101 3 4 1 43 */
-&(nid_objs[429]),/* OBJ_aes_256_cfb128               2 16 840 1 101 3 4 1 44 */
-&(nid_objs[740]),/* OBJ_sha256                       2 16 840 1 101 3 4 2 1 */
-&(nid_objs[741]),/* OBJ_sha384                       2 16 840 1 101 3 4 2 2 */
-&(nid_objs[742]),/* OBJ_sha512                       2 16 840 1 101 3 4 2 3 */
-&(nid_objs[743]),/* OBJ_sha224                       2 16 840 1 101 3 4 2 4 */
-&(nid_objs[71]),/* OBJ_netscape_cert_type           2 16 840 1 113730 1 1 */
-&(nid_objs[72]),/* OBJ_netscape_base_url            2 16 840 1 113730 1 2 */
-&(nid_objs[73]),/* OBJ_netscape_revocation_url      2 16 840 1 113730 1 3 */
-&(nid_objs[74]),/* OBJ_netscape_ca_revocation_url   2 16 840 1 113730 1 4 */
-&(nid_objs[75]),/* OBJ_netscape_renewal_url         2 16 840 1 113730 1 7 */
-&(nid_objs[76]),/* OBJ_netscape_ca_policy_url       2 16 840 1 113730 1 8 */
-&(nid_objs[77]),/* OBJ_netscape_ssl_server_name     2 16 840 1 113730 1 12 */
-&(nid_objs[78]),/* OBJ_netscape_comment             2 16 840 1 113730 1 13 */
-&(nid_objs[79]),/* OBJ_netscape_cert_sequence       2 16 840 1 113730 2 5 */
-&(nid_objs[139]),/* OBJ_ns_sgc                       2 16 840 1 113730 4 1 */
-&(nid_objs[458]),/* OBJ_userId                       0 9 2342 19200300 100 1 1 */
-&(nid_objs[459]),/* OBJ_textEncodedORAddress         0 9 2342 19200300 100 1 2 */
-&(nid_objs[460]),/* OBJ_rfc822Mailbox                0 9 2342 19200300 100 1 3 */
-&(nid_objs[461]),/* OBJ_info                         0 9 2342 19200300 100 1 4 */
-&(nid_objs[462]),/* OBJ_favouriteDrink               0 9 2342 19200300 100 1 5 */
-&(nid_objs[463]),/* OBJ_roomNumber                   0 9 2342 19200300 100 1 6 */
-&(nid_objs[464]),/* OBJ_photo                        0 9 2342 19200300 100 1 7 */
-&(nid_objs[465]),/* OBJ_userClass                    0 9 2342 19200300 100 1 8 */
-&(nid_objs[466]),/* OBJ_host                         0 9 2342 19200300 100 1 9 */
-&(nid_objs[467]),/* OBJ_manager                      0 9 2342 19200300 100 1 10 */
-&(nid_objs[468]),/* OBJ_documentIdentifier           0 9 2342 19200300 100 1 11 */
-&(nid_objs[469]),/* OBJ_documentTitle                0 9 2342 19200300 100 1 12 */
-&(nid_objs[470]),/* OBJ_documentVersion              0 9 2342 19200300 100 1 13 */
-&(nid_objs[471]),/* OBJ_documentAuthor               0 9 2342 19200300 100 1 14 */
-&(nid_objs[472]),/* OBJ_documentLocation             0 9 2342 19200300 100 1 15 */
-&(nid_objs[473]),/* OBJ_homeTelephoneNumber          0 9 2342 19200300 100 1 20 */
-&(nid_objs[474]),/* OBJ_secretary                    0 9 2342 19200300 100 1 21 */
-&(nid_objs[475]),/* OBJ_otherMailbox                 0 9 2342 19200300 100 1 22 */
-&(nid_objs[476]),/* OBJ_lastModifiedTime             0 9 2342 19200300 100 1 23 */
-&(nid_objs[477]),/* OBJ_lastModifiedBy               0 9 2342 19200300 100 1 24 */
-&(nid_objs[391]),/* OBJ_domainComponent              0 9 2342 19200300 100 1 25 */
-&(nid_objs[478]),/* OBJ_aRecord                      0 9 2342 19200300 100 1 26 */
-&(nid_objs[479]),/* OBJ_pilotAttributeType27         0 9 2342 19200300 100 1 27 */
-&(nid_objs[480]),/* OBJ_mXRecord                     0 9 2342 19200300 100 1 28 */
-&(nid_objs[481]),/* OBJ_nSRecord                     0 9 2342 19200300 100 1 29 */
-&(nid_objs[482]),/* OBJ_sOARecord                    0 9 2342 19200300 100 1 30 */
-&(nid_objs[483]),/* OBJ_cNAMERecord                  0 9 2342 19200300 100 1 31 */
-&(nid_objs[484]),/* OBJ_associatedDomain             0 9 2342 19200300 100 1 37 */
-&(nid_objs[485]),/* OBJ_associatedName               0 9 2342 19200300 100 1 38 */
-&(nid_objs[486]),/* OBJ_homePostalAddress            0 9 2342 19200300 100 1 39 */
-&(nid_objs[487]),/* OBJ_personalTitle                0 9 2342 19200300 100 1 40 */
-&(nid_objs[488]),/* OBJ_mobileTelephoneNumber        0 9 2342 19200300 100 1 41 */
-&(nid_objs[489]),/* OBJ_pagerTelephoneNumber         0 9 2342 19200300 100 1 42 */
-&(nid_objs[490]),/* OBJ_friendlyCountryName          0 9 2342 19200300 100 1 43 */
-&(nid_objs[491]),/* OBJ_organizationalStatus         0 9 2342 19200300 100 1 45 */
-&(nid_objs[492]),/* OBJ_janetMailbox                 0 9 2342 19200300 100 1 46 */
-&(nid_objs[493]),/* OBJ_mailPreferenceOption         0 9 2342 19200300 100 1 47 */
-&(nid_objs[494]),/* OBJ_buildingName                 0 9 2342 19200300 100 1 48 */
-&(nid_objs[495]),/* OBJ_dSAQuality                   0 9 2342 19200300 100 1 49 */
-&(nid_objs[496]),/* OBJ_singleLevelQuality           0 9 2342 19200300 100 1 50 */
-&(nid_objs[497]),/* OBJ_subtreeMinimumQuality        0 9 2342 19200300 100 1 51 */
-&(nid_objs[498]),/* OBJ_subtreeMaximumQuality        0 9 2342 19200300 100 1 52 */
-&(nid_objs[499]),/* OBJ_personalSignature            0 9 2342 19200300 100 1 53 */
-&(nid_objs[500]),/* OBJ_dITRedirect                  0 9 2342 19200300 100 1 54 */
-&(nid_objs[501]),/* OBJ_audio                        0 9 2342 19200300 100 1 55 */
-&(nid_objs[502]),/* OBJ_documentPublisher            0 9 2342 19200300 100 1 56 */
-&(nid_objs[442]),/* OBJ_iA5StringSyntax              0 9 2342 19200300 100 3 4 */
-&(nid_objs[443]),/* OBJ_caseIgnoreIA5StringSyntax    0 9 2342 19200300 100 3 5 */
-&(nid_objs[444]),/* OBJ_pilotObject                  0 9 2342 19200300 100 4 3 */
-&(nid_objs[445]),/* OBJ_pilotPerson                  0 9 2342 19200300 100 4 4 */
-&(nid_objs[446]),/* OBJ_account                      0 9 2342 19200300 100 4 5 */
-&(nid_objs[447]),/* OBJ_document                     0 9 2342 19200300 100 4 6 */
-&(nid_objs[448]),/* OBJ_room                         0 9 2342 19200300 100 4 7 */
-&(nid_objs[449]),/* OBJ_documentSeries               0 9 2342 19200300 100 4 9 */
-&(nid_objs[392]),/* OBJ_Domain                       0 9 2342 19200300 100 4 13 */
-&(nid_objs[450]),/* OBJ_rFC822localPart              0 9 2342 19200300 100 4 14 */
-&(nid_objs[451]),/* OBJ_dNSDomain                    0 9 2342 19200300 100 4 15 */
-&(nid_objs[452]),/* OBJ_domainRelatedObject          0 9 2342 19200300 100 4 17 */
-&(nid_objs[453]),/* OBJ_friendlyCountry              0 9 2342 19200300 100 4 18 */
-&(nid_objs[454]),/* OBJ_simpleSecurityObject         0 9 2342 19200300 100 4 19 */
-&(nid_objs[455]),/* OBJ_pilotOrganization            0 9 2342 19200300 100 4 20 */
-&(nid_objs[456]),/* OBJ_pilotDSA                     0 9 2342 19200300 100 4 21 */
-&(nid_objs[457]),/* OBJ_qualityLabelledData          0 9 2342 19200300 100 4 22 */
-&(nid_objs[189]),/* OBJ_id_smime_mod                 1 2 840 113549 1 9 16 0 */
-&(nid_objs[190]),/* OBJ_id_smime_ct                  1 2 840 113549 1 9 16 1 */
-&(nid_objs[191]),/* OBJ_id_smime_aa                  1 2 840 113549 1 9 16 2 */
-&(nid_objs[192]),/* OBJ_id_smime_alg                 1 2 840 113549 1 9 16 3 */
-&(nid_objs[193]),/* OBJ_id_smime_cd                  1 2 840 113549 1 9 16 4 */
-&(nid_objs[194]),/* OBJ_id_smime_spq                 1 2 840 113549 1 9 16 5 */
-&(nid_objs[195]),/* OBJ_id_smime_cti                 1 2 840 113549 1 9 16 6 */
-&(nid_objs[158]),/* OBJ_x509Certificate              1 2 840 113549 1 9 22 1 */
-&(nid_objs[159]),/* OBJ_sdsiCertificate              1 2 840 113549 1 9 22 2 */
-&(nid_objs[160]),/* OBJ_x509Crl                      1 2 840 113549 1 9 23 1 */
-&(nid_objs[144]),/* OBJ_pbe_WithSHA1And128BitRC4     1 2 840 113549 1 12 1 1 */
-&(nid_objs[145]),/* OBJ_pbe_WithSHA1And40BitRC4      1 2 840 113549 1 12 1 2 */
-&(nid_objs[146]),/* OBJ_pbe_WithSHA1And3_Key_TripleDES_CBC 1 2 840 113549 1 12 1 3 */
-&(nid_objs[147]),/* OBJ_pbe_WithSHA1And2_Key_TripleDES_CBC 1 2 840 113549 1 12 1 4 */
-&(nid_objs[148]),/* OBJ_pbe_WithSHA1And128BitRC2_CBC 1 2 840 113549 1 12 1 5 */
-&(nid_objs[149]),/* OBJ_pbe_WithSHA1And40BitRC2_CBC  1 2 840 113549 1 12 1 6 */
-&(nid_objs[171]),/* OBJ_ms_ext_req                   1 3 6 1 4 1 311 2 1 14 */
-&(nid_objs[134]),/* OBJ_ms_code_ind                  1 3 6 1 4 1 311 2 1 21 */
-&(nid_objs[135]),/* OBJ_ms_code_com                  1 3 6 1 4 1 311 2 1 22 */
-&(nid_objs[136]),/* OBJ_ms_ctl_sign                  1 3 6 1 4 1 311 10 3 1 */
-&(nid_objs[137]),/* OBJ_ms_sgc                       1 3 6 1 4 1 311 10 3 3 */
-&(nid_objs[138]),/* OBJ_ms_efs                       1 3 6 1 4 1 311 10 3 4 */
-&(nid_objs[648]),/* OBJ_ms_smartcard_login           1 3 6 1 4 1 311 20 2 2 */
-&(nid_objs[649]),/* OBJ_ms_upn                       1 3 6 1 4 1 311 20 2 3 */
-&(nid_objs[196]),/* OBJ_id_smime_mod_cms             1 2 840 113549 1 9 16 0 1 */
-&(nid_objs[197]),/* OBJ_id_smime_mod_ess             1 2 840 113549 1 9 16 0 2 */
-&(nid_objs[198]),/* OBJ_id_smime_mod_oid             1 2 840 113549 1 9 16 0 3 */
-&(nid_objs[199]),/* OBJ_id_smime_mod_msg_v3          1 2 840 113549 1 9 16 0 4 */
-&(nid_objs[200]),/* OBJ_id_smime_mod_ets_eSignature_88 1 2 840 113549 1 9 16 0 5 */
-&(nid_objs[201]),/* OBJ_id_smime_mod_ets_eSignature_97 1 2 840 113549 1 9 16 0 6 */
-&(nid_objs[202]),/* OBJ_id_smime_mod_ets_eSigPolicy_88 1 2 840 113549 1 9 16 0 7 */
-&(nid_objs[203]),/* OBJ_id_smime_mod_ets_eSigPolicy_97 1 2 840 113549 1 9 16 0 8 */
-&(nid_objs[204]),/* OBJ_id_smime_ct_receipt          1 2 840 113549 1 9 16 1 1 */
-&(nid_objs[205]),/* OBJ_id_smime_ct_authData         1 2 840 113549 1 9 16 1 2 */
-&(nid_objs[206]),/* OBJ_id_smime_ct_publishCert      1 2 840 113549 1 9 16 1 3 */
-&(nid_objs[207]),/* OBJ_id_smime_ct_TSTInfo          1 2 840 113549 1 9 16 1 4 */
-&(nid_objs[208]),/* OBJ_id_smime_ct_TDTInfo          1 2 840 113549 1 9 16 1 5 */
-&(nid_objs[209]),/* OBJ_id_smime_ct_contentInfo      1 2 840 113549 1 9 16 1 6 */
-&(nid_objs[210]),/* OBJ_id_smime_ct_DVCSRequestData  1 2 840 113549 1 9 16 1 7 */
-&(nid_objs[211]),/* OBJ_id_smime_ct_DVCSResponseData 1 2 840 113549 1 9 16 1 8 */
-&(nid_objs[212]),/* OBJ_id_smime_aa_receiptRequest   1 2 840 113549 1 9 16 2 1 */
-&(nid_objs[213]),/* OBJ_id_smime_aa_securityLabel    1 2 840 113549 1 9 16 2 2 */
-&(nid_objs[214]),/* OBJ_id_smime_aa_mlExpandHistory  1 2 840 113549 1 9 16 2 3 */
-&(nid_objs[215]),/* OBJ_id_smime_aa_contentHint      1 2 840 113549 1 9 16 2 4 */
-&(nid_objs[216]),/* OBJ_id_smime_aa_msgSigDigest     1 2 840 113549 1 9 16 2 5 */
-&(nid_objs[217]),/* OBJ_id_smime_aa_encapContentType 1 2 840 113549 1 9 16 2 6 */
-&(nid_objs[218]),/* OBJ_id_smime_aa_contentIdentifier 1 2 840 113549 1 9 16 2 7 */
-&(nid_objs[219]),/* OBJ_id_smime_aa_macValue         1 2 840 113549 1 9 16 2 8 */
-&(nid_objs[220]),/* OBJ_id_smime_aa_equivalentLabels 1 2 840 113549 1 9 16 2 9 */
-&(nid_objs[221]),/* OBJ_id_smime_aa_contentReference 1 2 840 113549 1 9 16 2 10 */
-&(nid_objs[222]),/* OBJ_id_smime_aa_encrypKeyPref    1 2 840 113549 1 9 16 2 11 */
-&(nid_objs[223]),/* OBJ_id_smime_aa_signingCertificate 1 2 840 113549 1 9 16 2 12 */
-&(nid_objs[224]),/* OBJ_id_smime_aa_smimeEncryptCerts 1 2 840 113549 1 9 16 2 13 */
-&(nid_objs[225]),/* OBJ_id_smime_aa_timeStampToken   1 2 840 113549 1 9 16 2 14 */
-&(nid_objs[226]),/* OBJ_id_smime_aa_ets_sigPolicyId  1 2 840 113549 1 9 16 2 15 */
-&(nid_objs[227]),/* OBJ_id_smime_aa_ets_commitmentType 1 2 840 113549 1 9 16 2 16 */
-&(nid_objs[228]),/* OBJ_id_smime_aa_ets_signerLocation 1 2 840 113549 1 9 16 2 17 */
-&(nid_objs[229]),/* OBJ_id_smime_aa_ets_signerAttr   1 2 840 113549 1 9 16 2 18 */
-&(nid_objs[230]),/* OBJ_id_smime_aa_ets_otherSigCert 1 2 840 113549 1 9 16 2 19 */
-&(nid_objs[231]),/* OBJ_id_smime_aa_ets_contentTimestamp 1 2 840 113549 1 9 16 2 20 */
-&(nid_objs[232]),/* OBJ_id_smime_aa_ets_CertificateRefs 1 2 840 113549 1 9 16 2 21 */
-&(nid_objs[233]),/* OBJ_id_smime_aa_ets_RevocationRefs 1 2 840 113549 1 9 16 2 22 */
-&(nid_objs[234]),/* OBJ_id_smime_aa_ets_certValues   1 2 840 113549 1 9 16 2 23 */
-&(nid_objs[235]),/* OBJ_id_smime_aa_ets_revocationValues 1 2 840 113549 1 9 16 2 24 */
-&(nid_objs[236]),/* OBJ_id_smime_aa_ets_escTimeStamp 1 2 840 113549 1 9 16 2 25 */
-&(nid_objs[237]),/* OBJ_id_smime_aa_ets_certCRLTimestamp 1 2 840 113549 1 9 16 2 26 */
-&(nid_objs[238]),/* OBJ_id_smime_aa_ets_archiveTimeStamp 1 2 840 113549 1 9 16 2 27 */
-&(nid_objs[239]),/* OBJ_id_smime_aa_signatureType    1 2 840 113549 1 9 16 2 28 */
-&(nid_objs[240]),/* OBJ_id_smime_aa_dvcs_dvc         1 2 840 113549 1 9 16 2 29 */
-&(nid_objs[241]),/* OBJ_id_smime_alg_ESDHwith3DES    1 2 840 113549 1 9 16 3 1 */
-&(nid_objs[242]),/* OBJ_id_smime_alg_ESDHwithRC2     1 2 840 113549 1 9 16 3 2 */
-&(nid_objs[243]),/* OBJ_id_smime_alg_3DESwrap        1 2 840 113549 1 9 16 3 3 */
-&(nid_objs[244]),/* OBJ_id_smime_alg_RC2wrap         1 2 840 113549 1 9 16 3 4 */
-&(nid_objs[245]),/* OBJ_id_smime_alg_ESDH            1 2 840 113549 1 9 16 3 5 */
-&(nid_objs[246]),/* OBJ_id_smime_alg_CMS3DESwrap     1 2 840 113549 1 9 16 3 6 */
-&(nid_objs[247]),/* OBJ_id_smime_alg_CMSRC2wrap      1 2 840 113549 1 9 16 3 7 */
-&(nid_objs[248]),/* OBJ_id_smime_cd_ldap             1 2 840 113549 1 9 16 4 1 */
-&(nid_objs[249]),/* OBJ_id_smime_spq_ets_sqt_uri     1 2 840 113549 1 9 16 5 1 */
-&(nid_objs[250]),/* OBJ_id_smime_spq_ets_sqt_unotice 1 2 840 113549 1 9 16 5 2 */
-&(nid_objs[251]),/* OBJ_id_smime_cti_ets_proofOfOrigin 1 2 840 113549 1 9 16 6 1 */
-&(nid_objs[252]),/* OBJ_id_smime_cti_ets_proofOfReceipt 1 2 840 113549 1 9 16 6 2 */
-&(nid_objs[253]),/* OBJ_id_smime_cti_ets_proofOfDelivery 1 2 840 113549 1 9 16 6 3 */
-&(nid_objs[254]),/* OBJ_id_smime_cti_ets_proofOfSender 1 2 840 113549 1 9 16 6 4 */
-&(nid_objs[255]),/* OBJ_id_smime_cti_ets_proofOfApproval 1 2 840 113549 1 9 16 6 5 */
-&(nid_objs[256]),/* OBJ_id_smime_cti_ets_proofOfCreation 1 2 840 113549 1 9 16 6 6 */
-&(nid_objs[150]),/* OBJ_keyBag                       1 2 840 113549 1 12 10 1 1 */
-&(nid_objs[151]),/* OBJ_pkcs8ShroudedKeyBag          1 2 840 113549 1 12 10 1 2 */
-&(nid_objs[152]),/* OBJ_certBag                      1 2 840 113549 1 12 10 1 3 */
-&(nid_objs[153]),/* OBJ_crlBag                       1 2 840 113549 1 12 10 1 4 */
-&(nid_objs[154]),/* OBJ_secretBag                    1 2 840 113549 1 12 10 1 5 */
-&(nid_objs[155]),/* OBJ_safeContentsBag              1 2 840 113549 1 12 10 1 6 */
-&(nid_objs[34]),/* OBJ_idea_cbc                     1 3 6 1 4 1 188 7 1 1 2 */
+static const unsigned int obj_objs[NUM_OBJ]={
+ 0,	/* OBJ_undef                        0 */
+393,	/* OBJ_joint_iso_ccitt              OBJ_joint_iso_itu_t */
+404,	/* OBJ_ccitt                        OBJ_itu_t */
+645,	/* OBJ_itu_t                        0 */
+434,	/* OBJ_data                         0 9 */
+181,	/* OBJ_iso                          1 */
+182,	/* OBJ_member_body                  1 2 */
+379,	/* OBJ_org                          1 3 */
+676,	/* OBJ_identified_organization      1 3 */
+646,	/* OBJ_joint_iso_itu_t              2 */
+11,	/* OBJ_X500                         2 5 */
+647,	/* OBJ_international_organizations  2 23 */
+380,	/* OBJ_dod                          1 3 6 */
+12,	/* OBJ_X509                         2 5 4 */
+378,	/* OBJ_X500algorithms               2 5 8 */
+81,	/* OBJ_id_ce                        2 5 29 */
+512,	/* OBJ_id_set                       2 23 42 */
+678,	/* OBJ_wap                          2 23 43 */
+435,	/* OBJ_pss                          0 9 2342 */
+183,	/* OBJ_ISO_US                       1 2 840 */
+381,	/* OBJ_iana                         1 3 6 1 */
+677,	/* OBJ_certicom_arc                 1 3 132 */
+394,	/* OBJ_selected_attribute_types     2 5 1 5 */
+13,	/* OBJ_commonName                   2 5 4 3 */
+100,	/* OBJ_surname                      2 5 4 4 */
+105,	/* OBJ_serialNumber                 2 5 4 5 */
+14,	/* OBJ_countryName                  2 5 4 6 */
+15,	/* OBJ_localityName                 2 5 4 7 */
+16,	/* OBJ_stateOrProvinceName          2 5 4 8 */
+660,	/* OBJ_streetAddress                2 5 4 9 */
+17,	/* OBJ_organizationName             2 5 4 10 */
+18,	/* OBJ_organizationalUnitName       2 5 4 11 */
+106,	/* OBJ_title                        2 5 4 12 */
+107,	/* OBJ_description                  2 5 4 13 */
+859,	/* OBJ_searchGuide                  2 5 4 14 */
+860,	/* OBJ_businessCategory             2 5 4 15 */
+861,	/* OBJ_postalAddress                2 5 4 16 */
+661,	/* OBJ_postalCode                   2 5 4 17 */
+862,	/* OBJ_postOfficeBox                2 5 4 18 */
+863,	/* OBJ_physicalDeliveryOfficeName   2 5 4 19 */
+864,	/* OBJ_telephoneNumber              2 5 4 20 */
+865,	/* OBJ_telexNumber                  2 5 4 21 */
+866,	/* OBJ_teletexTerminalIdentifier    2 5 4 22 */
+867,	/* OBJ_facsimileTelephoneNumber     2 5 4 23 */
+868,	/* OBJ_x121Address                  2 5 4 24 */
+869,	/* OBJ_internationaliSDNNumber      2 5 4 25 */
+870,	/* OBJ_registeredAddress            2 5 4 26 */
+871,	/* OBJ_destinationIndicator         2 5 4 27 */
+872,	/* OBJ_preferredDeliveryMethod      2 5 4 28 */
+873,	/* OBJ_presentationAddress          2 5 4 29 */
+874,	/* OBJ_supportedApplicationContext  2 5 4 30 */
+875,	/* OBJ_member                       2 5 4 31 */
+876,	/* OBJ_owner                        2 5 4 32 */
+877,	/* OBJ_roleOccupant                 2 5 4 33 */
+878,	/* OBJ_seeAlso                      2 5 4 34 */
+879,	/* OBJ_userPassword                 2 5 4 35 */
+880,	/* OBJ_userCertificate              2 5 4 36 */
+881,	/* OBJ_cACertificate                2 5 4 37 */
+882,	/* OBJ_authorityRevocationList      2 5 4 38 */
+883,	/* OBJ_certificateRevocationList    2 5 4 39 */
+884,	/* OBJ_crossCertificatePair         2 5 4 40 */
+173,	/* OBJ_name                         2 5 4 41 */
+99,	/* OBJ_givenName                    2 5 4 42 */
+101,	/* OBJ_initials                     2 5 4 43 */
+509,	/* OBJ_generationQualifier          2 5 4 44 */
+503,	/* OBJ_x500UniqueIdentifier         2 5 4 45 */
+174,	/* OBJ_dnQualifier                  2 5 4 46 */
+885,	/* OBJ_enhancedSearchGuide          2 5 4 47 */
+886,	/* OBJ_protocolInformation          2 5 4 48 */
+887,	/* OBJ_distinguishedName            2 5 4 49 */
+888,	/* OBJ_uniqueMember                 2 5 4 50 */
+889,	/* OBJ_houseIdentifier              2 5 4 51 */
+890,	/* OBJ_supportedAlgorithms          2 5 4 52 */
+891,	/* OBJ_deltaRevocationList          2 5 4 53 */
+892,	/* OBJ_dmdName                      2 5 4 54 */
+510,	/* OBJ_pseudonym                    2 5 4 65 */
+400,	/* OBJ_role                         2 5 4 72 */
+769,	/* OBJ_subject_directory_attributes 2 5 29 9 */
+82,	/* OBJ_subject_key_identifier       2 5 29 14 */
+83,	/* OBJ_key_usage                    2 5 29 15 */
+84,	/* OBJ_private_key_usage_period     2 5 29 16 */
+85,	/* OBJ_subject_alt_name             2 5 29 17 */
+86,	/* OBJ_issuer_alt_name              2 5 29 18 */
+87,	/* OBJ_basic_constraints            2 5 29 19 */
+88,	/* OBJ_crl_number                   2 5 29 20 */
+141,	/* OBJ_crl_reason                   2 5 29 21 */
+430,	/* OBJ_hold_instruction_code        2 5 29 23 */
+142,	/* OBJ_invalidity_date              2 5 29 24 */
+140,	/* OBJ_delta_crl                    2 5 29 27 */
+770,	/* OBJ_issuing_distribution_point   2 5 29 28 */
+771,	/* OBJ_certificate_issuer           2 5 29 29 */
+666,	/* OBJ_name_constraints             2 5 29 30 */
+103,	/* OBJ_crl_distribution_points      2 5 29 31 */
+89,	/* OBJ_certificate_policies         2 5 29 32 */
+747,	/* OBJ_policy_mappings              2 5 29 33 */
+90,	/* OBJ_authority_key_identifier     2 5 29 35 */
+401,	/* OBJ_policy_constraints           2 5 29 36 */
+126,	/* OBJ_ext_key_usage                2 5 29 37 */
+857,	/* OBJ_freshest_crl                 2 5 29 46 */
+748,	/* OBJ_inhibit_any_policy           2 5 29 54 */
+402,	/* OBJ_target_information           2 5 29 55 */
+403,	/* OBJ_no_rev_avail                 2 5 29 56 */
+513,	/* OBJ_set_ctype                    2 23 42 0 */
+514,	/* OBJ_set_msgExt                   2 23 42 1 */
+515,	/* OBJ_set_attr                     2 23 42 3 */
+516,	/* OBJ_set_policy                   2 23 42 5 */
+517,	/* OBJ_set_certExt                  2 23 42 7 */
+518,	/* OBJ_set_brand                    2 23 42 8 */
+679,	/* OBJ_wap_wsg                      2 23 43 1 */
+382,	/* OBJ_Directory                    1 3 6 1 1 */
+383,	/* OBJ_Management                   1 3 6 1 2 */
+384,	/* OBJ_Experimental                 1 3 6 1 3 */
+385,	/* OBJ_Private                      1 3 6 1 4 */
+386,	/* OBJ_Security                     1 3 6 1 5 */
+387,	/* OBJ_SNMPv2                       1 3 6 1 6 */
+388,	/* OBJ_Mail                         1 3 6 1 7 */
+376,	/* OBJ_algorithm                    1 3 14 3 2 */
+395,	/* OBJ_clearance                    2 5 1 5 55 */
+19,	/* OBJ_rsa                          2 5 8 1 1 */
+96,	/* OBJ_mdc2WithRSA                  2 5 8 3 100 */
+95,	/* OBJ_mdc2                         2 5 8 3 101 */
+746,	/* OBJ_any_policy                   2 5 29 32 0 */
+519,	/* OBJ_setct_PANData                2 23 42 0 0 */
+520,	/* OBJ_setct_PANToken               2 23 42 0 1 */
+521,	/* OBJ_setct_PANOnly                2 23 42 0 2 */
+522,	/* OBJ_setct_OIData                 2 23 42 0 3 */
+523,	/* OBJ_setct_PI                     2 23 42 0 4 */
+524,	/* OBJ_setct_PIData                 2 23 42 0 5 */
+525,	/* OBJ_setct_PIDataUnsigned         2 23 42 0 6 */
+526,	/* OBJ_setct_HODInput               2 23 42 0 7 */
+527,	/* OBJ_setct_AuthResBaggage         2 23 42 0 8 */
+528,	/* OBJ_setct_AuthRevReqBaggage      2 23 42 0 9 */
+529,	/* OBJ_setct_AuthRevResBaggage      2 23 42 0 10 */
+530,	/* OBJ_setct_CapTokenSeq            2 23 42 0 11 */
+531,	/* OBJ_setct_PInitResData           2 23 42 0 12 */
+532,	/* OBJ_setct_PI_TBS                 2 23 42 0 13 */
+533,	/* OBJ_setct_PResData               2 23 42 0 14 */
+534,	/* OBJ_setct_AuthReqTBS             2 23 42 0 16 */
+535,	/* OBJ_setct_AuthResTBS             2 23 42 0 17 */
+536,	/* OBJ_setct_AuthResTBSX            2 23 42 0 18 */
+537,	/* OBJ_setct_AuthTokenTBS           2 23 42 0 19 */
+538,	/* OBJ_setct_CapTokenData           2 23 42 0 20 */
+539,	/* OBJ_setct_CapTokenTBS            2 23 42 0 21 */
+540,	/* OBJ_setct_AcqCardCodeMsg         2 23 42 0 22 */
+541,	/* OBJ_setct_AuthRevReqTBS          2 23 42 0 23 */
+542,	/* OBJ_setct_AuthRevResData         2 23 42 0 24 */
+543,	/* OBJ_setct_AuthRevResTBS          2 23 42 0 25 */
+544,	/* OBJ_setct_CapReqTBS              2 23 42 0 26 */
+545,	/* OBJ_setct_CapReqTBSX             2 23 42 0 27 */
+546,	/* OBJ_setct_CapResData             2 23 42 0 28 */
+547,	/* OBJ_setct_CapRevReqTBS           2 23 42 0 29 */
+548,	/* OBJ_setct_CapRevReqTBSX          2 23 42 0 30 */
+549,	/* OBJ_setct_CapRevResData          2 23 42 0 31 */
+550,	/* OBJ_setct_CredReqTBS             2 23 42 0 32 */
+551,	/* OBJ_setct_CredReqTBSX            2 23 42 0 33 */
+552,	/* OBJ_setct_CredResData            2 23 42 0 34 */
+553,	/* OBJ_setct_CredRevReqTBS          2 23 42 0 35 */
+554,	/* OBJ_setct_CredRevReqTBSX         2 23 42 0 36 */
+555,	/* OBJ_setct_CredRevResData         2 23 42 0 37 */
+556,	/* OBJ_setct_PCertReqData           2 23 42 0 38 */
+557,	/* OBJ_setct_PCertResTBS            2 23 42 0 39 */
+558,	/* OBJ_setct_BatchAdminReqData      2 23 42 0 40 */
+559,	/* OBJ_setct_BatchAdminResData      2 23 42 0 41 */
+560,	/* OBJ_setct_CardCInitResTBS        2 23 42 0 42 */
+561,	/* OBJ_setct_MeAqCInitResTBS        2 23 42 0 43 */
+562,	/* OBJ_setct_RegFormResTBS          2 23 42 0 44 */
+563,	/* OBJ_setct_CertReqData            2 23 42 0 45 */
+564,	/* OBJ_setct_CertReqTBS             2 23 42 0 46 */
+565,	/* OBJ_setct_CertResData            2 23 42 0 47 */
+566,	/* OBJ_setct_CertInqReqTBS          2 23 42 0 48 */
+567,	/* OBJ_setct_ErrorTBS               2 23 42 0 49 */
+568,	/* OBJ_setct_PIDualSignedTBE        2 23 42 0 50 */
+569,	/* OBJ_setct_PIUnsignedTBE          2 23 42 0 51 */
+570,	/* OBJ_setct_AuthReqTBE             2 23 42 0 52 */
+571,	/* OBJ_setct_AuthResTBE             2 23 42 0 53 */
+572,	/* OBJ_setct_AuthResTBEX            2 23 42 0 54 */
+573,	/* OBJ_setct_AuthTokenTBE           2 23 42 0 55 */
+574,	/* OBJ_setct_CapTokenTBE            2 23 42 0 56 */
+575,	/* OBJ_setct_CapTokenTBEX           2 23 42 0 57 */
+576,	/* OBJ_setct_AcqCardCodeMsgTBE      2 23 42 0 58 */
+577,	/* OBJ_setct_AuthRevReqTBE          2 23 42 0 59 */
+578,	/* OBJ_setct_AuthRevResTBE          2 23 42 0 60 */
+579,	/* OBJ_setct_AuthRevResTBEB         2 23 42 0 61 */
+580,	/* OBJ_setct_CapReqTBE              2 23 42 0 62 */
+581,	/* OBJ_setct_CapReqTBEX             2 23 42 0 63 */
+582,	/* OBJ_setct_CapResTBE              2 23 42 0 64 */
+583,	/* OBJ_setct_CapRevReqTBE           2 23 42 0 65 */
+584,	/* OBJ_setct_CapRevReqTBEX          2 23 42 0 66 */
+585,	/* OBJ_setct_CapRevResTBE           2 23 42 0 67 */
+586,	/* OBJ_setct_CredReqTBE             2 23 42 0 68 */
+587,	/* OBJ_setct_CredReqTBEX            2 23 42 0 69 */
+588,	/* OBJ_setct_CredResTBE             2 23 42 0 70 */
+589,	/* OBJ_setct_CredRevReqTBE          2 23 42 0 71 */
+590,	/* OBJ_setct_CredRevReqTBEX         2 23 42 0 72 */
+591,	/* OBJ_setct_CredRevResTBE          2 23 42 0 73 */
+592,	/* OBJ_setct_BatchAdminReqTBE       2 23 42 0 74 */
+593,	/* OBJ_setct_BatchAdminResTBE       2 23 42 0 75 */
+594,	/* OBJ_setct_RegFormReqTBE          2 23 42 0 76 */
+595,	/* OBJ_setct_CertReqTBE             2 23 42 0 77 */
+596,	/* OBJ_setct_CertReqTBEX            2 23 42 0 78 */
+597,	/* OBJ_setct_CertResTBE             2 23 42 0 79 */
+598,	/* OBJ_setct_CRLNotificationTBS     2 23 42 0 80 */
+599,	/* OBJ_setct_CRLNotificationResTBS  2 23 42 0 81 */
+600,	/* OBJ_setct_BCIDistributionTBS     2 23 42 0 82 */
+601,	/* OBJ_setext_genCrypt              2 23 42 1 1 */
+602,	/* OBJ_setext_miAuth                2 23 42 1 3 */
+603,	/* OBJ_setext_pinSecure             2 23 42 1 4 */
+604,	/* OBJ_setext_pinAny                2 23 42 1 5 */
+605,	/* OBJ_setext_track2                2 23 42 1 7 */
+606,	/* OBJ_setext_cv                    2 23 42 1 8 */
+620,	/* OBJ_setAttr_Cert                 2 23 42 3 0 */
+621,	/* OBJ_setAttr_PGWYcap              2 23 42 3 1 */
+622,	/* OBJ_setAttr_TokenType            2 23 42 3 2 */
+623,	/* OBJ_setAttr_IssCap               2 23 42 3 3 */
+607,	/* OBJ_set_policy_root              2 23 42 5 0 */
+608,	/* OBJ_setCext_hashedRoot           2 23 42 7 0 */
+609,	/* OBJ_setCext_certType             2 23 42 7 1 */
+610,	/* OBJ_setCext_merchData            2 23 42 7 2 */
+611,	/* OBJ_setCext_cCertRequired        2 23 42 7 3 */
+612,	/* OBJ_setCext_tunneling            2 23 42 7 4 */
+613,	/* OBJ_setCext_setExt               2 23 42 7 5 */
+614,	/* OBJ_setCext_setQualf             2 23 42 7 6 */
+615,	/* OBJ_setCext_PGWYcapabilities     2 23 42 7 7 */
+616,	/* OBJ_setCext_TokenIdentifier      2 23 42 7 8 */
+617,	/* OBJ_setCext_Track2Data           2 23 42 7 9 */
+618,	/* OBJ_setCext_TokenType            2 23 42 7 10 */
+619,	/* OBJ_setCext_IssuerCapabilities   2 23 42 7 11 */
+636,	/* OBJ_set_brand_IATA_ATA           2 23 42 8 1 */
+640,	/* OBJ_set_brand_Visa               2 23 42 8 4 */
+641,	/* OBJ_set_brand_MasterCard         2 23 42 8 5 */
+637,	/* OBJ_set_brand_Diners             2 23 42 8 30 */
+638,	/* OBJ_set_brand_AmericanExpress    2 23 42 8 34 */
+639,	/* OBJ_set_brand_JCB                2 23 42 8 35 */
+805,	/* OBJ_cryptopro                    1 2 643 2 2 */
+806,	/* OBJ_cryptocom                    1 2 643 2 9 */
+184,	/* OBJ_X9_57                        1 2 840 10040 */
+405,	/* OBJ_ansi_X9_62                   1 2 840 10045 */
+389,	/* OBJ_Enterprises                  1 3 6 1 4 1 */
+504,	/* OBJ_mime_mhs                     1 3 6 1 7 1 */
+104,	/* OBJ_md5WithRSA                   1 3 14 3 2 3 */
+29,	/* OBJ_des_ecb                      1 3 14 3 2 6 */
+31,	/* OBJ_des_cbc                      1 3 14 3 2 7 */
+45,	/* OBJ_des_ofb64                    1 3 14 3 2 8 */
+30,	/* OBJ_des_cfb64                    1 3 14 3 2 9 */
+377,	/* OBJ_rsaSignature                 1 3 14 3 2 11 */
+67,	/* OBJ_dsa_2                        1 3 14 3 2 12 */
+66,	/* OBJ_dsaWithSHA                   1 3 14 3 2 13 */
+42,	/* OBJ_shaWithRSAEncryption         1 3 14 3 2 15 */
+32,	/* OBJ_des_ede_ecb                  1 3 14 3 2 17 */
+41,	/* OBJ_sha                          1 3 14 3 2 18 */
+64,	/* OBJ_sha1                         1 3 14 3 2 26 */
+70,	/* OBJ_dsaWithSHA1_2                1 3 14 3 2 27 */
+115,	/* OBJ_sha1WithRSA                  1 3 14 3 2 29 */
+117,	/* OBJ_ripemd160                    1 3 36 3 2 1 */
+143,	/* OBJ_sxnet                        1 3 101 1 4 1 */
+721,	/* OBJ_sect163k1                    1 3 132 0 1 */
+722,	/* OBJ_sect163r1                    1 3 132 0 2 */
+728,	/* OBJ_sect239k1                    1 3 132 0 3 */
+717,	/* OBJ_sect113r1                    1 3 132 0 4 */
+718,	/* OBJ_sect113r2                    1 3 132 0 5 */
+704,	/* OBJ_secp112r1                    1 3 132 0 6 */
+705,	/* OBJ_secp112r2                    1 3 132 0 7 */
+709,	/* OBJ_secp160r1                    1 3 132 0 8 */
+708,	/* OBJ_secp160k1                    1 3 132 0 9 */
+714,	/* OBJ_secp256k1                    1 3 132 0 10 */
+723,	/* OBJ_sect163r2                    1 3 132 0 15 */
+729,	/* OBJ_sect283k1                    1 3 132 0 16 */
+730,	/* OBJ_sect283r1                    1 3 132 0 17 */
+719,	/* OBJ_sect131r1                    1 3 132 0 22 */
+720,	/* OBJ_sect131r2                    1 3 132 0 23 */
+724,	/* OBJ_sect193r1                    1 3 132 0 24 */
+725,	/* OBJ_sect193r2                    1 3 132 0 25 */
+726,	/* OBJ_sect233k1                    1 3 132 0 26 */
+727,	/* OBJ_sect233r1                    1 3 132 0 27 */
+706,	/* OBJ_secp128r1                    1 3 132 0 28 */
+707,	/* OBJ_secp128r2                    1 3 132 0 29 */
+710,	/* OBJ_secp160r2                    1 3 132 0 30 */
+711,	/* OBJ_secp192k1                    1 3 132 0 31 */
+712,	/* OBJ_secp224k1                    1 3 132 0 32 */
+713,	/* OBJ_secp224r1                    1 3 132 0 33 */
+715,	/* OBJ_secp384r1                    1 3 132 0 34 */
+716,	/* OBJ_secp521r1                    1 3 132 0 35 */
+731,	/* OBJ_sect409k1                    1 3 132 0 36 */
+732,	/* OBJ_sect409r1                    1 3 132 0 37 */
+733,	/* OBJ_sect571k1                    1 3 132 0 38 */
+734,	/* OBJ_sect571r1                    1 3 132 0 39 */
+624,	/* OBJ_set_rootKeyThumb             2 23 42 3 0 0 */
+625,	/* OBJ_set_addPolicy                2 23 42 3 0 1 */
+626,	/* OBJ_setAttr_Token_EMV            2 23 42 3 2 1 */
+627,	/* OBJ_setAttr_Token_B0Prime        2 23 42 3 2 2 */
+628,	/* OBJ_setAttr_IssCap_CVM           2 23 42 3 3 3 */
+629,	/* OBJ_setAttr_IssCap_T2            2 23 42 3 3 4 */
+630,	/* OBJ_setAttr_IssCap_Sig           2 23 42 3 3 5 */
+642,	/* OBJ_set_brand_Novus              2 23 42 8 6011 */
+735,	/* OBJ_wap_wsg_idm_ecid_wtls1       2 23 43 1 4 1 */
+736,	/* OBJ_wap_wsg_idm_ecid_wtls3       2 23 43 1 4 3 */
+737,	/* OBJ_wap_wsg_idm_ecid_wtls4       2 23 43 1 4 4 */
+738,	/* OBJ_wap_wsg_idm_ecid_wtls5       2 23 43 1 4 5 */
+739,	/* OBJ_wap_wsg_idm_ecid_wtls6       2 23 43 1 4 6 */
+740,	/* OBJ_wap_wsg_idm_ecid_wtls7       2 23 43 1 4 7 */
+741,	/* OBJ_wap_wsg_idm_ecid_wtls8       2 23 43 1 4 8 */
+742,	/* OBJ_wap_wsg_idm_ecid_wtls9       2 23 43 1 4 9 */
+743,	/* OBJ_wap_wsg_idm_ecid_wtls10      2 23 43 1 4 10 */
+744,	/* OBJ_wap_wsg_idm_ecid_wtls11      2 23 43 1 4 11 */
+745,	/* OBJ_wap_wsg_idm_ecid_wtls12      2 23 43 1 4 12 */
+804,	/* OBJ_whirlpool                    1 0 10118 3 0 55 */
+124,	/* OBJ_rle_compression              1 1 1 1 666 1 */
+773,	/* OBJ_kisa                         1 2 410 200004 */
+807,	/* OBJ_id_GostR3411_94_with_GostR3410_2001 1 2 643 2 2 3 */
+808,	/* OBJ_id_GostR3411_94_with_GostR3410_94 1 2 643 2 2 4 */
+809,	/* OBJ_id_GostR3411_94              1 2 643 2 2 9 */
+810,	/* OBJ_id_HMACGostR3411_94          1 2 643 2 2 10 */
+811,	/* OBJ_id_GostR3410_2001            1 2 643 2 2 19 */
+812,	/* OBJ_id_GostR3410_94              1 2 643 2 2 20 */
+813,	/* OBJ_id_Gost28147_89              1 2 643 2 2 21 */
+815,	/* OBJ_id_Gost28147_89_MAC          1 2 643 2 2 22 */
+816,	/* OBJ_id_GostR3411_94_prf          1 2 643 2 2 23 */
+817,	/* OBJ_id_GostR3410_2001DH          1 2 643 2 2 98 */
+818,	/* OBJ_id_GostR3410_94DH            1 2 643 2 2 99 */
+ 1,	/* OBJ_rsadsi                       1 2 840 113549 */
+185,	/* OBJ_X9cm                         1 2 840 10040 4 */
+127,	/* OBJ_id_pkix                      1 3 6 1 5 5 7 */
+505,	/* OBJ_mime_mhs_headings            1 3 6 1 7 1 1 */
+506,	/* OBJ_mime_mhs_bodies              1 3 6 1 7 1 2 */
+119,	/* OBJ_ripemd160WithRSA             1 3 36 3 3 1 2 */
+631,	/* OBJ_setAttr_GenCryptgrm          2 23 42 3 3 3 1 */
+632,	/* OBJ_setAttr_T2Enc                2 23 42 3 3 4 1 */
+633,	/* OBJ_setAttr_T2cleartxt           2 23 42 3 3 4 2 */
+634,	/* OBJ_setAttr_TokICCsig            2 23 42 3 3 5 1 */
+635,	/* OBJ_setAttr_SecDevSig            2 23 42 3 3 5 2 */
+436,	/* OBJ_ucl                          0 9 2342 19200300 */
+820,	/* OBJ_id_Gost28147_89_None_KeyMeshing 1 2 643 2 2 14 0 */
+819,	/* OBJ_id_Gost28147_89_CryptoPro_KeyMeshing 1 2 643 2 2 14 1 */
+845,	/* OBJ_id_GostR3410_94_a            1 2 643 2 2 20 1 */
+846,	/* OBJ_id_GostR3410_94_aBis         1 2 643 2 2 20 2 */
+847,	/* OBJ_id_GostR3410_94_b            1 2 643 2 2 20 3 */
+848,	/* OBJ_id_GostR3410_94_bBis         1 2 643 2 2 20 4 */
+821,	/* OBJ_id_GostR3411_94_TestParamSet 1 2 643 2 2 30 0 */
+822,	/* OBJ_id_GostR3411_94_CryptoProParamSet 1 2 643 2 2 30 1 */
+823,	/* OBJ_id_Gost28147_89_TestParamSet 1 2 643 2 2 31 0 */
+824,	/* OBJ_id_Gost28147_89_CryptoPro_A_ParamSet 1 2 643 2 2 31 1 */
+825,	/* OBJ_id_Gost28147_89_CryptoPro_B_ParamSet 1 2 643 2 2 31 2 */
+826,	/* OBJ_id_Gost28147_89_CryptoPro_C_ParamSet 1 2 643 2 2 31 3 */
+827,	/* OBJ_id_Gost28147_89_CryptoPro_D_ParamSet 1 2 643 2 2 31 4 */
+828,	/* OBJ_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet 1 2 643 2 2 31 5 */
+829,	/* OBJ_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet 1 2 643 2 2 31 6 */
+830,	/* OBJ_id_Gost28147_89_CryptoPro_RIC_1_ParamSet 1 2 643 2 2 31 7 */
+831,	/* OBJ_id_GostR3410_94_TestParamSet 1 2 643 2 2 32 0 */
+832,	/* OBJ_id_GostR3410_94_CryptoPro_A_ParamSet 1 2 643 2 2 32 2 */
+833,	/* OBJ_id_GostR3410_94_CryptoPro_B_ParamSet 1 2 643 2 2 32 3 */
+834,	/* OBJ_id_GostR3410_94_CryptoPro_C_ParamSet 1 2 643 2 2 32 4 */
+835,	/* OBJ_id_GostR3410_94_CryptoPro_D_ParamSet 1 2 643 2 2 32 5 */
+836,	/* OBJ_id_GostR3410_94_CryptoPro_XchA_ParamSet 1 2 643 2 2 33 1 */
+837,	/* OBJ_id_GostR3410_94_CryptoPro_XchB_ParamSet 1 2 643 2 2 33 2 */
+838,	/* OBJ_id_GostR3410_94_CryptoPro_XchC_ParamSet 1 2 643 2 2 33 3 */
+839,	/* OBJ_id_GostR3410_2001_TestParamSet 1 2 643 2 2 35 0 */
+840,	/* OBJ_id_GostR3410_2001_CryptoPro_A_ParamSet 1 2 643 2 2 35 1 */
+841,	/* OBJ_id_GostR3410_2001_CryptoPro_B_ParamSet 1 2 643 2 2 35 2 */
+842,	/* OBJ_id_GostR3410_2001_CryptoPro_C_ParamSet 1 2 643 2 2 35 3 */
+843,	/* OBJ_id_GostR3410_2001_CryptoPro_XchA_ParamSet 1 2 643 2 2 36 0 */
+844,	/* OBJ_id_GostR3410_2001_CryptoPro_XchB_ParamSet 1 2 643 2 2 36 1 */
+ 2,	/* OBJ_pkcs                         1 2 840 113549 1 */
+431,	/* OBJ_hold_instruction_none        1 2 840 10040 2 1 */
+432,	/* OBJ_hold_instruction_call_issuer 1 2 840 10040 2 2 */
+433,	/* OBJ_hold_instruction_reject      1 2 840 10040 2 3 */
+116,	/* OBJ_dsa                          1 2 840 10040 4 1 */
+113,	/* OBJ_dsaWithSHA1                  1 2 840 10040 4 3 */
+406,	/* OBJ_X9_62_prime_field            1 2 840 10045 1 1 */
+407,	/* OBJ_X9_62_characteristic_two_field 1 2 840 10045 1 2 */
+408,	/* OBJ_X9_62_id_ecPublicKey         1 2 840 10045 2 1 */
+416,	/* OBJ_ecdsa_with_SHA1              1 2 840 10045 4 1 */
+791,	/* OBJ_ecdsa_with_Recommended       1 2 840 10045 4 2 */
+792,	/* OBJ_ecdsa_with_Specified         1 2 840 10045 4 3 */
+258,	/* OBJ_id_pkix_mod                  1 3 6 1 5 5 7 0 */
+175,	/* OBJ_id_pe                        1 3 6 1 5 5 7 1 */
+259,	/* OBJ_id_qt                        1 3 6 1 5 5 7 2 */
+128,	/* OBJ_id_kp                        1 3 6 1 5 5 7 3 */
+260,	/* OBJ_id_it                        1 3 6 1 5 5 7 4 */
+261,	/* OBJ_id_pkip                      1 3 6 1 5 5 7 5 */
+262,	/* OBJ_id_alg                       1 3 6 1 5 5 7 6 */
+263,	/* OBJ_id_cmc                       1 3 6 1 5 5 7 7 */
+264,	/* OBJ_id_on                        1 3 6 1 5 5 7 8 */
+265,	/* OBJ_id_pda                       1 3 6 1 5 5 7 9 */
+266,	/* OBJ_id_aca                       1 3 6 1 5 5 7 10 */
+267,	/* OBJ_id_qcs                       1 3 6 1 5 5 7 11 */
+268,	/* OBJ_id_cct                       1 3 6 1 5 5 7 12 */
+662,	/* OBJ_id_ppl                       1 3 6 1 5 5 7 21 */
+176,	/* OBJ_id_ad                        1 3 6 1 5 5 7 48 */
+507,	/* OBJ_id_hex_partial_message       1 3 6 1 7 1 1 1 */
+508,	/* OBJ_id_hex_multipart_message     1 3 6 1 7 1 1 2 */
+57,	/* OBJ_netscape                     2 16 840 1 113730 */
+754,	/* OBJ_camellia_128_ecb             0 3 4401 5 3 1 9 1 */
+766,	/* OBJ_camellia_128_ofb128          0 3 4401 5 3 1 9 3 */
+757,	/* OBJ_camellia_128_cfb128          0 3 4401 5 3 1 9 4 */
+755,	/* OBJ_camellia_192_ecb             0 3 4401 5 3 1 9 21 */
+767,	/* OBJ_camellia_192_ofb128          0 3 4401 5 3 1 9 23 */
+758,	/* OBJ_camellia_192_cfb128          0 3 4401 5 3 1 9 24 */
+756,	/* OBJ_camellia_256_ecb             0 3 4401 5 3 1 9 41 */
+768,	/* OBJ_camellia_256_ofb128          0 3 4401 5 3 1 9 43 */
+759,	/* OBJ_camellia_256_cfb128          0 3 4401 5 3 1 9 44 */
+437,	/* OBJ_pilot                        0 9 2342 19200300 100 */
+776,	/* OBJ_seed_ecb                     1 2 410 200004 1 3 */
+777,	/* OBJ_seed_cbc                     1 2 410 200004 1 4 */
+779,	/* OBJ_seed_cfb128                  1 2 410 200004 1 5 */
+778,	/* OBJ_seed_ofb128                  1 2 410 200004 1 6 */
+852,	/* OBJ_id_GostR3411_94_with_GostR3410_94_cc 1 2 643 2 9 1 3 3 */
+853,	/* OBJ_id_GostR3411_94_with_GostR3410_2001_cc 1 2 643 2 9 1 3 4 */
+850,	/* OBJ_id_GostR3410_94_cc           1 2 643 2 9 1 5 3 */
+851,	/* OBJ_id_GostR3410_2001_cc         1 2 643 2 9 1 5 4 */
+849,	/* OBJ_id_Gost28147_89_cc           1 2 643 2 9 1 6 1 */
+854,	/* OBJ_id_GostR3410_2001_ParamSet_cc 1 2 643 2 9 1 8 1 */
+186,	/* OBJ_pkcs1                        1 2 840 113549 1 1 */
+27,	/* OBJ_pkcs3                        1 2 840 113549 1 3 */
+187,	/* OBJ_pkcs5                        1 2 840 113549 1 5 */
+20,	/* OBJ_pkcs7                        1 2 840 113549 1 7 */
+47,	/* OBJ_pkcs9                        1 2 840 113549 1 9 */
+ 3,	/* OBJ_md2                          1 2 840 113549 2 2 */
+257,	/* OBJ_md4                          1 2 840 113549 2 4 */
+ 4,	/* OBJ_md5                          1 2 840 113549 2 5 */
+797,	/* OBJ_hmacWithMD5                  1 2 840 113549 2 6 */
+163,	/* OBJ_hmacWithSHA1                 1 2 840 113549 2 7 */
+798,	/* OBJ_hmacWithSHA224               1 2 840 113549 2 8 */
+799,	/* OBJ_hmacWithSHA256               1 2 840 113549 2 9 */
+800,	/* OBJ_hmacWithSHA384               1 2 840 113549 2 10 */
+801,	/* OBJ_hmacWithSHA512               1 2 840 113549 2 11 */
+37,	/* OBJ_rc2_cbc                      1 2 840 113549 3 2 */
+ 5,	/* OBJ_rc4                          1 2 840 113549 3 4 */
+44,	/* OBJ_des_ede3_cbc                 1 2 840 113549 3 7 */
+120,	/* OBJ_rc5_cbc                      1 2 840 113549 3 8 */
+643,	/* OBJ_des_cdmf                     1 2 840 113549 3 10 */
+680,	/* OBJ_X9_62_id_characteristic_two_basis 1 2 840 10045 1 2 3 */
+684,	/* OBJ_X9_62_c2pnb163v1             1 2 840 10045 3 0 1 */
+685,	/* OBJ_X9_62_c2pnb163v2             1 2 840 10045 3 0 2 */
+686,	/* OBJ_X9_62_c2pnb163v3             1 2 840 10045 3 0 3 */
+687,	/* OBJ_X9_62_c2pnb176v1             1 2 840 10045 3 0 4 */
+688,	/* OBJ_X9_62_c2tnb191v1             1 2 840 10045 3 0 5 */
+689,	/* OBJ_X9_62_c2tnb191v2             1 2 840 10045 3 0 6 */
+690,	/* OBJ_X9_62_c2tnb191v3             1 2 840 10045 3 0 7 */
+691,	/* OBJ_X9_62_c2onb191v4             1 2 840 10045 3 0 8 */
+692,	/* OBJ_X9_62_c2onb191v5             1 2 840 10045 3 0 9 */
+693,	/* OBJ_X9_62_c2pnb208w1             1 2 840 10045 3 0 10 */
+694,	/* OBJ_X9_62_c2tnb239v1             1 2 840 10045 3 0 11 */
+695,	/* OBJ_X9_62_c2tnb239v2             1 2 840 10045 3 0 12 */
+696,	/* OBJ_X9_62_c2tnb239v3             1 2 840 10045 3 0 13 */
+697,	/* OBJ_X9_62_c2onb239v4             1 2 840 10045 3 0 14 */
+698,	/* OBJ_X9_62_c2onb239v5             1 2 840 10045 3 0 15 */
+699,	/* OBJ_X9_62_c2pnb272w1             1 2 840 10045 3 0 16 */
+700,	/* OBJ_X9_62_c2pnb304w1             1 2 840 10045 3 0 17 */
+701,	/* OBJ_X9_62_c2tnb359v1             1 2 840 10045 3 0 18 */
+702,	/* OBJ_X9_62_c2pnb368w1             1 2 840 10045 3 0 19 */
+703,	/* OBJ_X9_62_c2tnb431r1             1 2 840 10045 3 0 20 */
+409,	/* OBJ_X9_62_prime192v1             1 2 840 10045 3 1 1 */
+410,	/* OBJ_X9_62_prime192v2             1 2 840 10045 3 1 2 */
+411,	/* OBJ_X9_62_prime192v3             1 2 840 10045 3 1 3 */
+412,	/* OBJ_X9_62_prime239v1             1 2 840 10045 3 1 4 */
+413,	/* OBJ_X9_62_prime239v2             1 2 840 10045 3 1 5 */
+414,	/* OBJ_X9_62_prime239v3             1 2 840 10045 3 1 6 */
+415,	/* OBJ_X9_62_prime256v1             1 2 840 10045 3 1 7 */
+793,	/* OBJ_ecdsa_with_SHA224            1 2 840 10045 4 3 1 */
+794,	/* OBJ_ecdsa_with_SHA256            1 2 840 10045 4 3 2 */
+795,	/* OBJ_ecdsa_with_SHA384            1 2 840 10045 4 3 3 */
+796,	/* OBJ_ecdsa_with_SHA512            1 2 840 10045 4 3 4 */
+269,	/* OBJ_id_pkix1_explicit_88         1 3 6 1 5 5 7 0 1 */
+270,	/* OBJ_id_pkix1_implicit_88         1 3 6 1 5 5 7 0 2 */
+271,	/* OBJ_id_pkix1_explicit_93         1 3 6 1 5 5 7 0 3 */
+272,	/* OBJ_id_pkix1_implicit_93         1 3 6 1 5 5 7 0 4 */
+273,	/* OBJ_id_mod_crmf                  1 3 6 1 5 5 7 0 5 */
+274,	/* OBJ_id_mod_cmc                   1 3 6 1 5 5 7 0 6 */
+275,	/* OBJ_id_mod_kea_profile_88        1 3 6 1 5 5 7 0 7 */
+276,	/* OBJ_id_mod_kea_profile_93        1 3 6 1 5 5 7 0 8 */
+277,	/* OBJ_id_mod_cmp                   1 3 6 1 5 5 7 0 9 */
+278,	/* OBJ_id_mod_qualified_cert_88     1 3 6 1 5 5 7 0 10 */
+279,	/* OBJ_id_mod_qualified_cert_93     1 3 6 1 5 5 7 0 11 */
+280,	/* OBJ_id_mod_attribute_cert        1 3 6 1 5 5 7 0 12 */
+281,	/* OBJ_id_mod_timestamp_protocol    1 3 6 1 5 5 7 0 13 */
+282,	/* OBJ_id_mod_ocsp                  1 3 6 1 5 5 7 0 14 */
+283,	/* OBJ_id_mod_dvcs                  1 3 6 1 5 5 7 0 15 */
+284,	/* OBJ_id_mod_cmp2000               1 3 6 1 5 5 7 0 16 */
+177,	/* OBJ_info_access                  1 3 6 1 5 5 7 1 1 */
+285,	/* OBJ_biometricInfo                1 3 6 1 5 5 7 1 2 */
+286,	/* OBJ_qcStatements                 1 3 6 1 5 5 7 1 3 */
+287,	/* OBJ_ac_auditEntity               1 3 6 1 5 5 7 1 4 */
+288,	/* OBJ_ac_targeting                 1 3 6 1 5 5 7 1 5 */
+289,	/* OBJ_aaControls                   1 3 6 1 5 5 7 1 6 */
+290,	/* OBJ_sbgp_ipAddrBlock             1 3 6 1 5 5 7 1 7 */
+291,	/* OBJ_sbgp_autonomousSysNum        1 3 6 1 5 5 7 1 8 */
+292,	/* OBJ_sbgp_routerIdentifier        1 3 6 1 5 5 7 1 9 */
+397,	/* OBJ_ac_proxying                  1 3 6 1 5 5 7 1 10 */
+398,	/* OBJ_sinfo_access                 1 3 6 1 5 5 7 1 11 */
+663,	/* OBJ_proxyCertInfo                1 3 6 1 5 5 7 1 14 */
+164,	/* OBJ_id_qt_cps                    1 3 6 1 5 5 7 2 1 */
+165,	/* OBJ_id_qt_unotice                1 3 6 1 5 5 7 2 2 */
+293,	/* OBJ_textNotice                   1 3 6 1 5 5 7 2 3 */
+129,	/* OBJ_server_auth                  1 3 6 1 5 5 7 3 1 */
+130,	/* OBJ_client_auth                  1 3 6 1 5 5 7 3 2 */
+131,	/* OBJ_code_sign                    1 3 6 1 5 5 7 3 3 */
+132,	/* OBJ_email_protect                1 3 6 1 5 5 7 3 4 */
+294,	/* OBJ_ipsecEndSystem               1 3 6 1 5 5 7 3 5 */
+295,	/* OBJ_ipsecTunnel                  1 3 6 1 5 5 7 3 6 */
+296,	/* OBJ_ipsecUser                    1 3 6 1 5 5 7 3 7 */
+133,	/* OBJ_time_stamp                   1 3 6 1 5 5 7 3 8 */
+180,	/* OBJ_OCSP_sign                    1 3 6 1 5 5 7 3 9 */
+297,	/* OBJ_dvcs                         1 3 6 1 5 5 7 3 10 */
+298,	/* OBJ_id_it_caProtEncCert          1 3 6 1 5 5 7 4 1 */
+299,	/* OBJ_id_it_signKeyPairTypes       1 3 6 1 5 5 7 4 2 */
+300,	/* OBJ_id_it_encKeyPairTypes        1 3 6 1 5 5 7 4 3 */
+301,	/* OBJ_id_it_preferredSymmAlg       1 3 6 1 5 5 7 4 4 */
+302,	/* OBJ_id_it_caKeyUpdateInfo        1 3 6 1 5 5 7 4 5 */
+303,	/* OBJ_id_it_currentCRL             1 3 6 1 5 5 7 4 6 */
+304,	/* OBJ_id_it_unsupportedOIDs        1 3 6 1 5 5 7 4 7 */
+305,	/* OBJ_id_it_subscriptionRequest    1 3 6 1 5 5 7 4 8 */
+306,	/* OBJ_id_it_subscriptionResponse   1 3 6 1 5 5 7 4 9 */
+307,	/* OBJ_id_it_keyPairParamReq        1 3 6 1 5 5 7 4 10 */
+308,	/* OBJ_id_it_keyPairParamRep        1 3 6 1 5 5 7 4 11 */
+309,	/* OBJ_id_it_revPassphrase          1 3 6 1 5 5 7 4 12 */
+310,	/* OBJ_id_it_implicitConfirm        1 3 6 1 5 5 7 4 13 */
+311,	/* OBJ_id_it_confirmWaitTime        1 3 6 1 5 5 7 4 14 */
+312,	/* OBJ_id_it_origPKIMessage         1 3 6 1 5 5 7 4 15 */
+784,	/* OBJ_id_it_suppLangTags           1 3 6 1 5 5 7 4 16 */
+313,	/* OBJ_id_regCtrl                   1 3 6 1 5 5 7 5 1 */
+314,	/* OBJ_id_regInfo                   1 3 6 1 5 5 7 5 2 */
+323,	/* OBJ_id_alg_des40                 1 3 6 1 5 5 7 6 1 */
+324,	/* OBJ_id_alg_noSignature           1 3 6 1 5 5 7 6 2 */
+325,	/* OBJ_id_alg_dh_sig_hmac_sha1      1 3 6 1 5 5 7 6 3 */
+326,	/* OBJ_id_alg_dh_pop                1 3 6 1 5 5 7 6 4 */
+327,	/* OBJ_id_cmc_statusInfo            1 3 6 1 5 5 7 7 1 */
+328,	/* OBJ_id_cmc_identification        1 3 6 1 5 5 7 7 2 */
+329,	/* OBJ_id_cmc_identityProof         1 3 6 1 5 5 7 7 3 */
+330,	/* OBJ_id_cmc_dataReturn            1 3 6 1 5 5 7 7 4 */
+331,	/* OBJ_id_cmc_transactionId         1 3 6 1 5 5 7 7 5 */
+332,	/* OBJ_id_cmc_senderNonce           1 3 6 1 5 5 7 7 6 */
+333,	/* OBJ_id_cmc_recipientNonce        1 3 6 1 5 5 7 7 7 */
+334,	/* OBJ_id_cmc_addExtensions         1 3 6 1 5 5 7 7 8 */
+335,	/* OBJ_id_cmc_encryptedPOP          1 3 6 1 5 5 7 7 9 */
+336,	/* OBJ_id_cmc_decryptedPOP          1 3 6 1 5 5 7 7 10 */
+337,	/* OBJ_id_cmc_lraPOPWitness         1 3 6 1 5 5 7 7 11 */
+338,	/* OBJ_id_cmc_getCert               1 3 6 1 5 5 7 7 15 */
+339,	/* OBJ_id_cmc_getCRL                1 3 6 1 5 5 7 7 16 */
+340,	/* OBJ_id_cmc_revokeRequest         1 3 6 1 5 5 7 7 17 */
+341,	/* OBJ_id_cmc_regInfo               1 3 6 1 5 5 7 7 18 */
+342,	/* OBJ_id_cmc_responseInfo          1 3 6 1 5 5 7 7 19 */
+343,	/* OBJ_id_cmc_queryPending          1 3 6 1 5 5 7 7 21 */
+344,	/* OBJ_id_cmc_popLinkRandom         1 3 6 1 5 5 7 7 22 */
+345,	/* OBJ_id_cmc_popLinkWitness        1 3 6 1 5 5 7 7 23 */
+346,	/* OBJ_id_cmc_confirmCertAcceptance 1 3 6 1 5 5 7 7 24 */
+347,	/* OBJ_id_on_personalData           1 3 6 1 5 5 7 8 1 */
+858,	/* OBJ_id_on_permanentIdentifier    1 3 6 1 5 5 7 8 3 */
+348,	/* OBJ_id_pda_dateOfBirth           1 3 6 1 5 5 7 9 1 */
+349,	/* OBJ_id_pda_placeOfBirth          1 3 6 1 5 5 7 9 2 */
+351,	/* OBJ_id_pda_gender                1 3 6 1 5 5 7 9 3 */
+352,	/* OBJ_id_pda_countryOfCitizenship  1 3 6 1 5 5 7 9 4 */
+353,	/* OBJ_id_pda_countryOfResidence    1 3 6 1 5 5 7 9 5 */
+354,	/* OBJ_id_aca_authenticationInfo    1 3 6 1 5 5 7 10 1 */
+355,	/* OBJ_id_aca_accessIdentity        1 3 6 1 5 5 7 10 2 */
+356,	/* OBJ_id_aca_chargingIdentity      1 3 6 1 5 5 7 10 3 */
+357,	/* OBJ_id_aca_group                 1 3 6 1 5 5 7 10 4 */
+358,	/* OBJ_id_aca_role                  1 3 6 1 5 5 7 10 5 */
+399,	/* OBJ_id_aca_encAttrs              1 3 6 1 5 5 7 10 6 */
+359,	/* OBJ_id_qcs_pkixQCSyntax_v1       1 3 6 1 5 5 7 11 1 */
+360,	/* OBJ_id_cct_crs                   1 3 6 1 5 5 7 12 1 */
+361,	/* OBJ_id_cct_PKIData               1 3 6 1 5 5 7 12 2 */
+362,	/* OBJ_id_cct_PKIResponse           1 3 6 1 5 5 7 12 3 */
+664,	/* OBJ_id_ppl_anyLanguage           1 3 6 1 5 5 7 21 0 */
+665,	/* OBJ_id_ppl_inheritAll            1 3 6 1 5 5 7 21 1 */
+667,	/* OBJ_Independent                  1 3 6 1 5 5 7 21 2 */
+178,	/* OBJ_ad_OCSP                      1 3 6 1 5 5 7 48 1 */
+179,	/* OBJ_ad_ca_issuers                1 3 6 1 5 5 7 48 2 */
+363,	/* OBJ_ad_timeStamping              1 3 6 1 5 5 7 48 3 */
+364,	/* OBJ_ad_dvcs                      1 3 6 1 5 5 7 48 4 */
+785,	/* OBJ_caRepository                 1 3 6 1 5 5 7 48 5 */
+780,	/* OBJ_hmac_md5                     1 3 6 1 5 5 8 1 1 */
+781,	/* OBJ_hmac_sha1                    1 3 6 1 5 5 8 1 2 */
+58,	/* OBJ_netscape_cert_extension      2 16 840 1 113730 1 */
+59,	/* OBJ_netscape_data_type           2 16 840 1 113730 2 */
+438,	/* OBJ_pilotAttributeType           0 9 2342 19200300 100 1 */
+439,	/* OBJ_pilotAttributeSyntax         0 9 2342 19200300 100 3 */
+440,	/* OBJ_pilotObjectClass             0 9 2342 19200300 100 4 */
+441,	/* OBJ_pilotGroups                  0 9 2342 19200300 100 10 */
+108,	/* OBJ_cast5_cbc                    1 2 840 113533 7 66 10 */
+112,	/* OBJ_pbeWithMD5AndCast5_CBC       1 2 840 113533 7 66 12 */
+782,	/* OBJ_id_PasswordBasedMAC          1 2 840 113533 7 66 13 */
+783,	/* OBJ_id_DHBasedMac                1 2 840 113533 7 66 30 */
+ 6,	/* OBJ_rsaEncryption                1 2 840 113549 1 1 1 */
+ 7,	/* OBJ_md2WithRSAEncryption         1 2 840 113549 1 1 2 */
+396,	/* OBJ_md4WithRSAEncryption         1 2 840 113549 1 1 3 */
+ 8,	/* OBJ_md5WithRSAEncryption         1 2 840 113549 1 1 4 */
+65,	/* OBJ_sha1WithRSAEncryption        1 2 840 113549 1 1 5 */
+644,	/* OBJ_rsaOAEPEncryptionSET         1 2 840 113549 1 1 6 */
+668,	/* OBJ_sha256WithRSAEncryption      1 2 840 113549 1 1 11 */
+669,	/* OBJ_sha384WithRSAEncryption      1 2 840 113549 1 1 12 */
+670,	/* OBJ_sha512WithRSAEncryption      1 2 840 113549 1 1 13 */
+671,	/* OBJ_sha224WithRSAEncryption      1 2 840 113549 1 1 14 */
+28,	/* OBJ_dhKeyAgreement               1 2 840 113549 1 3 1 */
+ 9,	/* OBJ_pbeWithMD2AndDES_CBC         1 2 840 113549 1 5 1 */
+10,	/* OBJ_pbeWithMD5AndDES_CBC         1 2 840 113549 1 5 3 */
+168,	/* OBJ_pbeWithMD2AndRC2_CBC         1 2 840 113549 1 5 4 */
+169,	/* OBJ_pbeWithMD5AndRC2_CBC         1 2 840 113549 1 5 6 */
+170,	/* OBJ_pbeWithSHA1AndDES_CBC        1 2 840 113549 1 5 10 */
+68,	/* OBJ_pbeWithSHA1AndRC2_CBC        1 2 840 113549 1 5 11 */
+69,	/* OBJ_id_pbkdf2                    1 2 840 113549 1 5 12 */
+161,	/* OBJ_pbes2                        1 2 840 113549 1 5 13 */
+162,	/* OBJ_pbmac1                       1 2 840 113549 1 5 14 */
+21,	/* OBJ_pkcs7_data                   1 2 840 113549 1 7 1 */
+22,	/* OBJ_pkcs7_signed                 1 2 840 113549 1 7 2 */
+23,	/* OBJ_pkcs7_enveloped              1 2 840 113549 1 7 3 */
+24,	/* OBJ_pkcs7_signedAndEnveloped     1 2 840 113549 1 7 4 */
+25,	/* OBJ_pkcs7_digest                 1 2 840 113549 1 7 5 */
+26,	/* OBJ_pkcs7_encrypted              1 2 840 113549 1 7 6 */
+48,	/* OBJ_pkcs9_emailAddress           1 2 840 113549 1 9 1 */
+49,	/* OBJ_pkcs9_unstructuredName       1 2 840 113549 1 9 2 */
+50,	/* OBJ_pkcs9_contentType            1 2 840 113549 1 9 3 */
+51,	/* OBJ_pkcs9_messageDigest          1 2 840 113549 1 9 4 */
+52,	/* OBJ_pkcs9_signingTime            1 2 840 113549 1 9 5 */
+53,	/* OBJ_pkcs9_countersignature       1 2 840 113549 1 9 6 */
+54,	/* OBJ_pkcs9_challengePassword      1 2 840 113549 1 9 7 */
+55,	/* OBJ_pkcs9_unstructuredAddress    1 2 840 113549 1 9 8 */
+56,	/* OBJ_pkcs9_extCertAttributes      1 2 840 113549 1 9 9 */
+172,	/* OBJ_ext_req                      1 2 840 113549 1 9 14 */
+167,	/* OBJ_SMIMECapabilities            1 2 840 113549 1 9 15 */
+188,	/* OBJ_SMIME                        1 2 840 113549 1 9 16 */
+156,	/* OBJ_friendlyName                 1 2 840 113549 1 9 20 */
+157,	/* OBJ_localKeyID                   1 2 840 113549 1 9 21 */
+681,	/* OBJ_X9_62_onBasis                1 2 840 10045 1 2 3 1 */
+682,	/* OBJ_X9_62_tpBasis                1 2 840 10045 1 2 3 2 */
+683,	/* OBJ_X9_62_ppBasis                1 2 840 10045 1 2 3 3 */
+417,	/* OBJ_ms_csp_name                  1 3 6 1 4 1 311 17 1 */
+856,	/* OBJ_LocalKeySet                  1 3 6 1 4 1 311 17 2 */
+390,	/* OBJ_dcObject                     1 3 6 1 4 1 1466 344 */
+91,	/* OBJ_bf_cbc                       1 3 6 1 4 1 3029 1 2 */
+315,	/* OBJ_id_regCtrl_regToken          1 3 6 1 5 5 7 5 1 1 */
+316,	/* OBJ_id_regCtrl_authenticator     1 3 6 1 5 5 7 5 1 2 */
+317,	/* OBJ_id_regCtrl_pkiPublicationInfo 1 3 6 1 5 5 7 5 1 3 */
+318,	/* OBJ_id_regCtrl_pkiArchiveOptions 1 3 6 1 5 5 7 5 1 4 */
+319,	/* OBJ_id_regCtrl_oldCertID         1 3 6 1 5 5 7 5 1 5 */
+320,	/* OBJ_id_regCtrl_protocolEncrKey   1 3 6 1 5 5 7 5 1 6 */
+321,	/* OBJ_id_regInfo_utf8Pairs         1 3 6 1 5 5 7 5 2 1 */
+322,	/* OBJ_id_regInfo_certReq           1 3 6 1 5 5 7 5 2 2 */
+365,	/* OBJ_id_pkix_OCSP_basic           1 3 6 1 5 5 7 48 1 1 */
+366,	/* OBJ_id_pkix_OCSP_Nonce           1 3 6 1 5 5 7 48 1 2 */
+367,	/* OBJ_id_pkix_OCSP_CrlID           1 3 6 1 5 5 7 48 1 3 */
+368,	/* OBJ_id_pkix_OCSP_acceptableResponses 1 3 6 1 5 5 7 48 1 4 */
+369,	/* OBJ_id_pkix_OCSP_noCheck         1 3 6 1 5 5 7 48 1 5 */
+370,	/* OBJ_id_pkix_OCSP_archiveCutoff   1 3 6 1 5 5 7 48 1 6 */
+371,	/* OBJ_id_pkix_OCSP_serviceLocator  1 3 6 1 5 5 7 48 1 7 */
+372,	/* OBJ_id_pkix_OCSP_extendedStatus  1 3 6 1 5 5 7 48 1 8 */
+373,	/* OBJ_id_pkix_OCSP_valid           1 3 6 1 5 5 7 48 1 9 */
+374,	/* OBJ_id_pkix_OCSP_path            1 3 6 1 5 5 7 48 1 10 */
+375,	/* OBJ_id_pkix_OCSP_trustRoot       1 3 6 1 5 5 7 48 1 11 */
+418,	/* OBJ_aes_128_ecb                  2 16 840 1 101 3 4 1 1 */
+419,	/* OBJ_aes_128_cbc                  2 16 840 1 101 3 4 1 2 */
+420,	/* OBJ_aes_128_ofb128               2 16 840 1 101 3 4 1 3 */
+421,	/* OBJ_aes_128_cfb128               2 16 840 1 101 3 4 1 4 */
+788,	/* OBJ_id_aes128_wrap               2 16 840 1 101 3 4 1 5 */
+422,	/* OBJ_aes_192_ecb                  2 16 840 1 101 3 4 1 21 */
+423,	/* OBJ_aes_192_cbc                  2 16 840 1 101 3 4 1 22 */
+424,	/* OBJ_aes_192_ofb128               2 16 840 1 101 3 4 1 23 */
+425,	/* OBJ_aes_192_cfb128               2 16 840 1 101 3 4 1 24 */
+789,	/* OBJ_id_aes192_wrap               2 16 840 1 101 3 4 1 25 */
+426,	/* OBJ_aes_256_ecb                  2 16 840 1 101 3 4 1 41 */
+427,	/* OBJ_aes_256_cbc                  2 16 840 1 101 3 4 1 42 */
+428,	/* OBJ_aes_256_ofb128               2 16 840 1 101 3 4 1 43 */
+429,	/* OBJ_aes_256_cfb128               2 16 840 1 101 3 4 1 44 */
+790,	/* OBJ_id_aes256_wrap               2 16 840 1 101 3 4 1 45 */
+672,	/* OBJ_sha256                       2 16 840 1 101 3 4 2 1 */
+673,	/* OBJ_sha384                       2 16 840 1 101 3 4 2 2 */
+674,	/* OBJ_sha512                       2 16 840 1 101 3 4 2 3 */
+675,	/* OBJ_sha224                       2 16 840 1 101 3 4 2 4 */
+802,	/* OBJ_dsa_with_SHA224              2 16 840 1 101 3 4 3 1 */
+803,	/* OBJ_dsa_with_SHA256              2 16 840 1 101 3 4 3 2 */
+71,	/* OBJ_netscape_cert_type           2 16 840 1 113730 1 1 */
+72,	/* OBJ_netscape_base_url            2 16 840 1 113730 1 2 */
+73,	/* OBJ_netscape_revocation_url      2 16 840 1 113730 1 3 */
+74,	/* OBJ_netscape_ca_revocation_url   2 16 840 1 113730 1 4 */
+75,	/* OBJ_netscape_renewal_url         2 16 840 1 113730 1 7 */
+76,	/* OBJ_netscape_ca_policy_url       2 16 840 1 113730 1 8 */
+77,	/* OBJ_netscape_ssl_server_name     2 16 840 1 113730 1 12 */
+78,	/* OBJ_netscape_comment             2 16 840 1 113730 1 13 */
+79,	/* OBJ_netscape_cert_sequence       2 16 840 1 113730 2 5 */
+139,	/* OBJ_ns_sgc                       2 16 840 1 113730 4 1 */
+458,	/* OBJ_userId                       0 9 2342 19200300 100 1 1 */
+459,	/* OBJ_textEncodedORAddress         0 9 2342 19200300 100 1 2 */
+460,	/* OBJ_rfc822Mailbox                0 9 2342 19200300 100 1 3 */
+461,	/* OBJ_info                         0 9 2342 19200300 100 1 4 */
+462,	/* OBJ_favouriteDrink               0 9 2342 19200300 100 1 5 */
+463,	/* OBJ_roomNumber                   0 9 2342 19200300 100 1 6 */
+464,	/* OBJ_photo                        0 9 2342 19200300 100 1 7 */
+465,	/* OBJ_userClass                    0 9 2342 19200300 100 1 8 */
+466,	/* OBJ_host                         0 9 2342 19200300 100 1 9 */
+467,	/* OBJ_manager                      0 9 2342 19200300 100 1 10 */
+468,	/* OBJ_documentIdentifier           0 9 2342 19200300 100 1 11 */
+469,	/* OBJ_documentTitle                0 9 2342 19200300 100 1 12 */
+470,	/* OBJ_documentVersion              0 9 2342 19200300 100 1 13 */
+471,	/* OBJ_documentAuthor               0 9 2342 19200300 100 1 14 */
+472,	/* OBJ_documentLocation             0 9 2342 19200300 100 1 15 */
+473,	/* OBJ_homeTelephoneNumber          0 9 2342 19200300 100 1 20 */
+474,	/* OBJ_secretary                    0 9 2342 19200300 100 1 21 */
+475,	/* OBJ_otherMailbox                 0 9 2342 19200300 100 1 22 */
+476,	/* OBJ_lastModifiedTime             0 9 2342 19200300 100 1 23 */
+477,	/* OBJ_lastModifiedBy               0 9 2342 19200300 100 1 24 */
+391,	/* OBJ_domainComponent              0 9 2342 19200300 100 1 25 */
+478,	/* OBJ_aRecord                      0 9 2342 19200300 100 1 26 */
+479,	/* OBJ_pilotAttributeType27         0 9 2342 19200300 100 1 27 */
+480,	/* OBJ_mXRecord                     0 9 2342 19200300 100 1 28 */
+481,	/* OBJ_nSRecord                     0 9 2342 19200300 100 1 29 */
+482,	/* OBJ_sOARecord                    0 9 2342 19200300 100 1 30 */
+483,	/* OBJ_cNAMERecord                  0 9 2342 19200300 100 1 31 */
+484,	/* OBJ_associatedDomain             0 9 2342 19200300 100 1 37 */
+485,	/* OBJ_associatedName               0 9 2342 19200300 100 1 38 */
+486,	/* OBJ_homePostalAddress            0 9 2342 19200300 100 1 39 */
+487,	/* OBJ_personalTitle                0 9 2342 19200300 100 1 40 */
+488,	/* OBJ_mobileTelephoneNumber        0 9 2342 19200300 100 1 41 */
+489,	/* OBJ_pagerTelephoneNumber         0 9 2342 19200300 100 1 42 */
+490,	/* OBJ_friendlyCountryName          0 9 2342 19200300 100 1 43 */
+491,	/* OBJ_organizationalStatus         0 9 2342 19200300 100 1 45 */
+492,	/* OBJ_janetMailbox                 0 9 2342 19200300 100 1 46 */
+493,	/* OBJ_mailPreferenceOption         0 9 2342 19200300 100 1 47 */
+494,	/* OBJ_buildingName                 0 9 2342 19200300 100 1 48 */
+495,	/* OBJ_dSAQuality                   0 9 2342 19200300 100 1 49 */
+496,	/* OBJ_singleLevelQuality           0 9 2342 19200300 100 1 50 */
+497,	/* OBJ_subtreeMinimumQuality        0 9 2342 19200300 100 1 51 */
+498,	/* OBJ_subtreeMaximumQuality        0 9 2342 19200300 100 1 52 */
+499,	/* OBJ_personalSignature            0 9 2342 19200300 100 1 53 */
+500,	/* OBJ_dITRedirect                  0 9 2342 19200300 100 1 54 */
+501,	/* OBJ_audio                        0 9 2342 19200300 100 1 55 */
+502,	/* OBJ_documentPublisher            0 9 2342 19200300 100 1 56 */
+442,	/* OBJ_iA5StringSyntax              0 9 2342 19200300 100 3 4 */
+443,	/* OBJ_caseIgnoreIA5StringSyntax    0 9 2342 19200300 100 3 5 */
+444,	/* OBJ_pilotObject                  0 9 2342 19200300 100 4 3 */
+445,	/* OBJ_pilotPerson                  0 9 2342 19200300 100 4 4 */
+446,	/* OBJ_account                      0 9 2342 19200300 100 4 5 */
+447,	/* OBJ_document                     0 9 2342 19200300 100 4 6 */
+448,	/* OBJ_room                         0 9 2342 19200300 100 4 7 */
+449,	/* OBJ_documentSeries               0 9 2342 19200300 100 4 9 */
+392,	/* OBJ_Domain                       0 9 2342 19200300 100 4 13 */
+450,	/* OBJ_rFC822localPart              0 9 2342 19200300 100 4 14 */
+451,	/* OBJ_dNSDomain                    0 9 2342 19200300 100 4 15 */
+452,	/* OBJ_domainRelatedObject          0 9 2342 19200300 100 4 17 */
+453,	/* OBJ_friendlyCountry              0 9 2342 19200300 100 4 18 */
+454,	/* OBJ_simpleSecurityObject         0 9 2342 19200300 100 4 19 */
+455,	/* OBJ_pilotOrganization            0 9 2342 19200300 100 4 20 */
+456,	/* OBJ_pilotDSA                     0 9 2342 19200300 100 4 21 */
+457,	/* OBJ_qualityLabelledData          0 9 2342 19200300 100 4 22 */
+189,	/* OBJ_id_smime_mod                 1 2 840 113549 1 9 16 0 */
+190,	/* OBJ_id_smime_ct                  1 2 840 113549 1 9 16 1 */
+191,	/* OBJ_id_smime_aa                  1 2 840 113549 1 9 16 2 */
+192,	/* OBJ_id_smime_alg                 1 2 840 113549 1 9 16 3 */
+193,	/* OBJ_id_smime_cd                  1 2 840 113549 1 9 16 4 */
+194,	/* OBJ_id_smime_spq                 1 2 840 113549 1 9 16 5 */
+195,	/* OBJ_id_smime_cti                 1 2 840 113549 1 9 16 6 */
+158,	/* OBJ_x509Certificate              1 2 840 113549 1 9 22 1 */
+159,	/* OBJ_sdsiCertificate              1 2 840 113549 1 9 22 2 */
+160,	/* OBJ_x509Crl                      1 2 840 113549 1 9 23 1 */
+144,	/* OBJ_pbe_WithSHA1And128BitRC4     1 2 840 113549 1 12 1 1 */
+145,	/* OBJ_pbe_WithSHA1And40BitRC4      1 2 840 113549 1 12 1 2 */
+146,	/* OBJ_pbe_WithSHA1And3_Key_TripleDES_CBC 1 2 840 113549 1 12 1 3 */
+147,	/* OBJ_pbe_WithSHA1And2_Key_TripleDES_CBC 1 2 840 113549 1 12 1 4 */
+148,	/* OBJ_pbe_WithSHA1And128BitRC2_CBC 1 2 840 113549 1 12 1 5 */
+149,	/* OBJ_pbe_WithSHA1And40BitRC2_CBC  1 2 840 113549 1 12 1 6 */
+171,	/* OBJ_ms_ext_req                   1 3 6 1 4 1 311 2 1 14 */
+134,	/* OBJ_ms_code_ind                  1 3 6 1 4 1 311 2 1 21 */
+135,	/* OBJ_ms_code_com                  1 3 6 1 4 1 311 2 1 22 */
+136,	/* OBJ_ms_ctl_sign                  1 3 6 1 4 1 311 10 3 1 */
+137,	/* OBJ_ms_sgc                       1 3 6 1 4 1 311 10 3 3 */
+138,	/* OBJ_ms_efs                       1 3 6 1 4 1 311 10 3 4 */
+648,	/* OBJ_ms_smartcard_login           1 3 6 1 4 1 311 20 2 2 */
+649,	/* OBJ_ms_upn                       1 3 6 1 4 1 311 20 2 3 */
+751,	/* OBJ_camellia_128_cbc             1 2 392 200011 61 1 1 1 2 */
+752,	/* OBJ_camellia_192_cbc             1 2 392 200011 61 1 1 1 3 */
+753,	/* OBJ_camellia_256_cbc             1 2 392 200011 61 1 1 1 4 */
+196,	/* OBJ_id_smime_mod_cms             1 2 840 113549 1 9 16 0 1 */
+197,	/* OBJ_id_smime_mod_ess             1 2 840 113549 1 9 16 0 2 */
+198,	/* OBJ_id_smime_mod_oid             1 2 840 113549 1 9 16 0 3 */
+199,	/* OBJ_id_smime_mod_msg_v3          1 2 840 113549 1 9 16 0 4 */
+200,	/* OBJ_id_smime_mod_ets_eSignature_88 1 2 840 113549 1 9 16 0 5 */
+201,	/* OBJ_id_smime_mod_ets_eSignature_97 1 2 840 113549 1 9 16 0 6 */
+202,	/* OBJ_id_smime_mod_ets_eSigPolicy_88 1 2 840 113549 1 9 16 0 7 */
+203,	/* OBJ_id_smime_mod_ets_eSigPolicy_97 1 2 840 113549 1 9 16 0 8 */
+204,	/* OBJ_id_smime_ct_receipt          1 2 840 113549 1 9 16 1 1 */
+205,	/* OBJ_id_smime_ct_authData         1 2 840 113549 1 9 16 1 2 */
+206,	/* OBJ_id_smime_ct_publishCert      1 2 840 113549 1 9 16 1 3 */
+207,	/* OBJ_id_smime_ct_TSTInfo          1 2 840 113549 1 9 16 1 4 */
+208,	/* OBJ_id_smime_ct_TDTInfo          1 2 840 113549 1 9 16 1 5 */
+209,	/* OBJ_id_smime_ct_contentInfo      1 2 840 113549 1 9 16 1 6 */
+210,	/* OBJ_id_smime_ct_DVCSRequestData  1 2 840 113549 1 9 16 1 7 */
+211,	/* OBJ_id_smime_ct_DVCSResponseData 1 2 840 113549 1 9 16 1 8 */
+786,	/* OBJ_id_smime_ct_compressedData   1 2 840 113549 1 9 16 1 9 */
+787,	/* OBJ_id_ct_asciiTextWithCRLF      1 2 840 113549 1 9 16 1 27 */
+212,	/* OBJ_id_smime_aa_receiptRequest   1 2 840 113549 1 9 16 2 1 */
+213,	/* OBJ_id_smime_aa_securityLabel    1 2 840 113549 1 9 16 2 2 */
+214,	/* OBJ_id_smime_aa_mlExpandHistory  1 2 840 113549 1 9 16 2 3 */
+215,	/* OBJ_id_smime_aa_contentHint      1 2 840 113549 1 9 16 2 4 */
+216,	/* OBJ_id_smime_aa_msgSigDigest     1 2 840 113549 1 9 16 2 5 */
+217,	/* OBJ_id_smime_aa_encapContentType 1 2 840 113549 1 9 16 2 6 */
+218,	/* OBJ_id_smime_aa_contentIdentifier 1 2 840 113549 1 9 16 2 7 */
+219,	/* OBJ_id_smime_aa_macValue         1 2 840 113549 1 9 16 2 8 */
+220,	/* OBJ_id_smime_aa_equivalentLabels 1 2 840 113549 1 9 16 2 9 */
+221,	/* OBJ_id_smime_aa_contentReference 1 2 840 113549 1 9 16 2 10 */
+222,	/* OBJ_id_smime_aa_encrypKeyPref    1 2 840 113549 1 9 16 2 11 */
+223,	/* OBJ_id_smime_aa_signingCertificate 1 2 840 113549 1 9 16 2 12 */
+224,	/* OBJ_id_smime_aa_smimeEncryptCerts 1 2 840 113549 1 9 16 2 13 */
+225,	/* OBJ_id_smime_aa_timeStampToken   1 2 840 113549 1 9 16 2 14 */
+226,	/* OBJ_id_smime_aa_ets_sigPolicyId  1 2 840 113549 1 9 16 2 15 */
+227,	/* OBJ_id_smime_aa_ets_commitmentType 1 2 840 113549 1 9 16 2 16 */
+228,	/* OBJ_id_smime_aa_ets_signerLocation 1 2 840 113549 1 9 16 2 17 */
+229,	/* OBJ_id_smime_aa_ets_signerAttr   1 2 840 113549 1 9 16 2 18 */
+230,	/* OBJ_id_smime_aa_ets_otherSigCert 1 2 840 113549 1 9 16 2 19 */
+231,	/* OBJ_id_smime_aa_ets_contentTimestamp 1 2 840 113549 1 9 16 2 20 */
+232,	/* OBJ_id_smime_aa_ets_CertificateRefs 1 2 840 113549 1 9 16 2 21 */
+233,	/* OBJ_id_smime_aa_ets_RevocationRefs 1 2 840 113549 1 9 16 2 22 */
+234,	/* OBJ_id_smime_aa_ets_certValues   1 2 840 113549 1 9 16 2 23 */
+235,	/* OBJ_id_smime_aa_ets_revocationValues 1 2 840 113549 1 9 16 2 24 */
+236,	/* OBJ_id_smime_aa_ets_escTimeStamp 1 2 840 113549 1 9 16 2 25 */
+237,	/* OBJ_id_smime_aa_ets_certCRLTimestamp 1 2 840 113549 1 9 16 2 26 */
+238,	/* OBJ_id_smime_aa_ets_archiveTimeStamp 1 2 840 113549 1 9 16 2 27 */
+239,	/* OBJ_id_smime_aa_signatureType    1 2 840 113549 1 9 16 2 28 */
+240,	/* OBJ_id_smime_aa_dvcs_dvc         1 2 840 113549 1 9 16 2 29 */
+241,	/* OBJ_id_smime_alg_ESDHwith3DES    1 2 840 113549 1 9 16 3 1 */
+242,	/* OBJ_id_smime_alg_ESDHwithRC2     1 2 840 113549 1 9 16 3 2 */
+243,	/* OBJ_id_smime_alg_3DESwrap        1 2 840 113549 1 9 16 3 3 */
+244,	/* OBJ_id_smime_alg_RC2wrap         1 2 840 113549 1 9 16 3 4 */
+245,	/* OBJ_id_smime_alg_ESDH            1 2 840 113549 1 9 16 3 5 */
+246,	/* OBJ_id_smime_alg_CMS3DESwrap     1 2 840 113549 1 9 16 3 6 */
+247,	/* OBJ_id_smime_alg_CMSRC2wrap      1 2 840 113549 1 9 16 3 7 */
+125,	/* OBJ_zlib_compression             1 2 840 113549 1 9 16 3 8 */
+893,	/* OBJ_id_alg_PWRI_KEK              1 2 840 113549 1 9 16 3 9 */
+248,	/* OBJ_id_smime_cd_ldap             1 2 840 113549 1 9 16 4 1 */
+249,	/* OBJ_id_smime_spq_ets_sqt_uri     1 2 840 113549 1 9 16 5 1 */
+250,	/* OBJ_id_smime_spq_ets_sqt_unotice 1 2 840 113549 1 9 16 5 2 */
+251,	/* OBJ_id_smime_cti_ets_proofOfOrigin 1 2 840 113549 1 9 16 6 1 */
+252,	/* OBJ_id_smime_cti_ets_proofOfReceipt 1 2 840 113549 1 9 16 6 2 */
+253,	/* OBJ_id_smime_cti_ets_proofOfDelivery 1 2 840 113549 1 9 16 6 3 */
+254,	/* OBJ_id_smime_cti_ets_proofOfSender 1 2 840 113549 1 9 16 6 4 */
+255,	/* OBJ_id_smime_cti_ets_proofOfApproval 1 2 840 113549 1 9 16 6 5 */
+256,	/* OBJ_id_smime_cti_ets_proofOfCreation 1 2 840 113549 1 9 16 6 6 */
+150,	/* OBJ_keyBag                       1 2 840 113549 1 12 10 1 1 */
+151,	/* OBJ_pkcs8ShroudedKeyBag          1 2 840 113549 1 12 10 1 2 */
+152,	/* OBJ_certBag                      1 2 840 113549 1 12 10 1 3 */
+153,	/* OBJ_crlBag                       1 2 840 113549 1 12 10 1 4 */
+154,	/* OBJ_secretBag                    1 2 840 113549 1 12 10 1 5 */
+155,	/* OBJ_safeContentsBag              1 2 840 113549 1 12 10 1 6 */
+34,	/* OBJ_idea_cbc                     1 3 6 1 4 1 188 7 1 1 2 */
 };
 
diff --git a/crypto/objects/obj_dat.pl b/crypto/objects/obj_dat.pl
index d0371661f9..c67f71c327 100644
--- a/crypto/objects/obj_dat.pl
+++ b/crypto/objects/obj_dat.pl
@@ -94,7 +94,7 @@ for ($i=0; $i<$n; $i++)
 	{
 	if (!defined($nid{$i}))
 		{
-		push(@out,"{NULL,NULL,NID_undef,0,NULL},\n");
+		push(@out,"{NULL,NULL,NID_undef,0,NULL,0},\n");
 		}
 	else
 		{
@@ -138,7 +138,7 @@ for ($i=0; $i<$n; $i++)
 			}
 		else
 			{
-			$out.="0,NULL";
+			$out.="0,NULL,0";
 			}
 		$out.="},\n";
 		push(@out,$out);
@@ -148,13 +148,13 @@ for ($i=0; $i<$n; $i++)
 @a=grep(defined($sn{$nid{$_}}),0 .. $n);
 foreach (sort { $sn{$nid{$a}} cmp $sn{$nid{$b}} } @a)
 	{
-	push(@sn,sprintf("&(nid_objs[%2d]),/* \"$sn{$nid{$_}}\" */\n",$_));
+	push(@sn,sprintf("%2d,\t/* \"$sn{$nid{$_}}\" */\n",$_));
 	}
 
 @a=grep(defined($ln{$nid{$_}}),0 .. $n);
 foreach (sort { $ln{$nid{$a}} cmp $ln{$nid{$b}} } @a)
 	{
-	push(@ln,sprintf("&(nid_objs[%2d]),/* \"$ln{$nid{$_}}\" */\n",$_));
+	push(@ln,sprintf("%2d,\t/* \"$ln{$nid{$_}}\" */\n",$_));
 	}
 
 @a=grep(defined($obj{$nid{$_}}),0 .. $n);
@@ -164,7 +164,7 @@ foreach (sort obj_cmp @a)
 	$v=$objd{$m};
 	$v =~ s/L//g;
 	$v =~ s/,/ /g;
-	push(@ob,sprintf("&(nid_objs[%2d]),/* %-32s %s */\n",$_,$m,$v));
+	push(@ob,sprintf("%2d,\t/* %-32s %s */\n",$_,$m,$v));
 	}
 
 print OUT <<'EOF';
@@ -239,11 +239,11 @@ printf OUT "#define NUM_SN %d\n",$#sn+1;
 printf OUT "#define NUM_LN %d\n",$#ln+1;
 printf OUT "#define NUM_OBJ %d\n\n",$#ob+1;
 
-printf OUT "static unsigned char lvalues[%d]={\n",$lvalues+1;
+printf OUT "static const unsigned char lvalues[%d]={\n",$lvalues+1;
 print OUT @lvalues;
 print OUT "};\n\n";
 
-printf OUT "static ASN1_OBJECT nid_objs[NUM_NID]={\n";
+printf OUT "static const ASN1_OBJECT nid_objs[NUM_NID]={\n";
 foreach (@out)
 	{
 	if (length($_) > 75)
@@ -267,15 +267,15 @@ foreach (@out)
 	}
 print  OUT "};\n\n";
 
-printf OUT "static ASN1_OBJECT *sn_objs[NUM_SN]={\n";
+printf OUT "static const unsigned int sn_objs[NUM_SN]={\n";
 print  OUT @sn;
 print  OUT "};\n\n";
 
-printf OUT "static ASN1_OBJECT *ln_objs[NUM_LN]={\n";
+printf OUT "static const unsigned int ln_objs[NUM_LN]={\n";
 print  OUT @ln;
 print  OUT "};\n\n";
 
-printf OUT "static ASN1_OBJECT *obj_objs[NUM_OBJ]={\n";
+printf OUT "static const unsigned int obj_objs[NUM_OBJ]={\n";
 print  OUT @ob;
 print  OUT "};\n\n";
 
diff --git a/crypto/objects/obj_err.c b/crypto/objects/obj_err.c
index 2b5f43e3cc..2e7a034c3f 100644
--- a/crypto/objects/obj_err.c
+++ b/crypto/objects/obj_err.c
@@ -1,6 +1,6 @@
 /* crypto/objects/obj_err.c */
 /* ====================================================================
- * Copyright (c) 1999-2004 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2006 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -64,22 +64,26 @@
 
 /* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
+
+#define ERR_FUNC(func) ERR_PACK(ERR_LIB_OBJ,func,0)
+#define ERR_REASON(reason) ERR_PACK(ERR_LIB_OBJ,0,reason)
+
 static ERR_STRING_DATA OBJ_str_functs[]=
 	{
-{ERR_PACK(0,OBJ_F_OBJ_ADD_OBJECT,0),	"OBJ_add_object"},
-{ERR_PACK(0,OBJ_F_OBJ_CREATE,0),	"OBJ_create"},
-{ERR_PACK(0,OBJ_F_OBJ_DUP,0),	"OBJ_dup"},
-{ERR_PACK(0,OBJ_F_OBJ_NAME_NEW_INDEX,0),	"OBJ_NAME_new_index"},
-{ERR_PACK(0,OBJ_F_OBJ_NID2LN,0),	"OBJ_nid2ln"},
-{ERR_PACK(0,OBJ_F_OBJ_NID2OBJ,0),	"OBJ_nid2obj"},
-{ERR_PACK(0,OBJ_F_OBJ_NID2SN,0),	"OBJ_nid2sn"},
+{ERR_FUNC(OBJ_F_OBJ_ADD_OBJECT),	"OBJ_add_object"},
+{ERR_FUNC(OBJ_F_OBJ_CREATE),	"OBJ_create"},
+{ERR_FUNC(OBJ_F_OBJ_DUP),	"OBJ_dup"},
+{ERR_FUNC(OBJ_F_OBJ_NAME_NEW_INDEX),	"OBJ_NAME_new_index"},
+{ERR_FUNC(OBJ_F_OBJ_NID2LN),	"OBJ_nid2ln"},
+{ERR_FUNC(OBJ_F_OBJ_NID2OBJ),	"OBJ_nid2obj"},
+{ERR_FUNC(OBJ_F_OBJ_NID2SN),	"OBJ_nid2sn"},
 {0,NULL}
 	};
 
 static ERR_STRING_DATA OBJ_str_reasons[]=
 	{
-{OBJ_R_MALLOC_FAILURE                    ,"malloc failure"},
-{OBJ_R_UNKNOWN_NID                       ,"unknown nid"},
+{ERR_REASON(OBJ_R_MALLOC_FAILURE)        ,"malloc failure"},
+{ERR_REASON(OBJ_R_UNKNOWN_NID)           ,"unknown nid"},
 {0,NULL}
 	};
 
@@ -87,15 +91,12 @@ static ERR_STRING_DATA OBJ_str_reasons[]=
 
 void ERR_load_OBJ_strings(void)
 	{
-	static int init=1;
-
-	if (init)
-		{
-		init=0;
 #ifndef OPENSSL_NO_ERR
-		ERR_load_strings(ERR_LIB_OBJ,OBJ_str_functs);
-		ERR_load_strings(ERR_LIB_OBJ,OBJ_str_reasons);
-#endif
 
+	if (ERR_func_error_string(OBJ_str_functs[0].error) == NULL)
+		{
+		ERR_load_strings(0,OBJ_str_functs);
+		ERR_load_strings(0,OBJ_str_reasons);
 		}
+#endif
 	}
diff --git a/crypto/objects/obj_lib.c b/crypto/objects/obj_lib.c
index b0b0f2ff24..23e9d48cdf 100644
--- a/crypto/objects/obj_lib.c
+++ b/crypto/objects/obj_lib.c
@@ -66,7 +66,8 @@ ASN1_OBJECT *OBJ_dup(const ASN1_OBJECT *o)
 	{
 	ASN1_OBJECT *r;
 	int i;
-	char *ln=NULL;
+	char *ln=NULL,*sn=NULL;
+	unsigned char *data=NULL;
 
 	if (o == NULL) return(NULL);
 	if (!(o->flags & ASN1_OBJECT_FLAG_DYNAMIC))
@@ -79,41 +80,42 @@ ASN1_OBJECT *OBJ_dup(const ASN1_OBJECT *o)
 		OBJerr(OBJ_F_OBJ_DUP,ERR_R_ASN1_LIB);
 		return(NULL);
 		}
-	r->data=OPENSSL_malloc(o->length);
-	if (r->data == NULL)
+	data=OPENSSL_malloc(o->length);
+	if (data == NULL)
 		goto err;
-	memcpy(r->data,o->data,o->length);
+	if (o->data != NULL)
+		memcpy(data,o->data,o->length);
+	/* once data attached to object it remains const */
+	r->data = data;
 	r->length=o->length;
 	r->nid=o->nid;
 	r->ln=r->sn=NULL;
 	if (o->ln != NULL)
 		{
 		i=strlen(o->ln)+1;
-		r->ln=ln=OPENSSL_malloc(i);
-		if (r->ln == NULL) goto err;
+		ln=OPENSSL_malloc(i);
+		if (ln == NULL) goto err;
 		memcpy(ln,o->ln,i);
+		r->ln=ln;
 		}
 
 	if (o->sn != NULL)
 		{
-		char *s;
-
 		i=strlen(o->sn)+1;
-		r->sn=s=OPENSSL_malloc(i);
-		if (r->sn == NULL) goto err;
-		memcpy(s,o->sn,i);
+		sn=OPENSSL_malloc(i);
+		if (sn == NULL) goto err;
+		memcpy(sn,o->sn,i);
+		r->sn=sn;
 		}
 	r->flags=o->flags|(ASN1_OBJECT_FLAG_DYNAMIC|
 		ASN1_OBJECT_FLAG_DYNAMIC_STRINGS|ASN1_OBJECT_FLAG_DYNAMIC_DATA);
 	return(r);
 err:
 	OBJerr(OBJ_F_OBJ_DUP,ERR_R_MALLOC_FAILURE);
-	if (r != NULL)
-		{
-		if (ln != NULL) OPENSSL_free(ln);
-		if (r->data != NULL) OPENSSL_free(r->data);
-		OPENSSL_free(r);
-		}
+	if (ln != NULL)		OPENSSL_free(ln);
+	if (sn != NULL)		OPENSSL_free(sn);
+	if (data != NULL)	OPENSSL_free(data);
+	if (r != NULL)		OPENSSL_free(r);
 	return(NULL);
 	}
 
diff --git a/crypto/objects/obj_mac.h b/crypto/objects/obj_mac.h
index 322577094a..a4326633cd 100644
--- a/crypto/objects/obj_mac.h
+++ b/crypto/objects/obj_mac.h
@@ -94,11 +94,21 @@
 #define OBJ_member_body		OBJ_iso,2L
 
 #define SN_identified_organization		"identified-organization"
-#define NID_identified_organization		662
+#define NID_identified_organization		676
 #define OBJ_identified_organization		OBJ_iso,3L
 
+#define SN_hmac_md5		"HMAC-MD5"
+#define LN_hmac_md5		"hmac-md5"
+#define NID_hmac_md5		780
+#define OBJ_hmac_md5		OBJ_identified_organization,6L,1L,5L,5L,8L,1L,1L
+
+#define SN_hmac_sha1		"HMAC-SHA1"
+#define LN_hmac_sha1		"hmac-sha1"
+#define NID_hmac_sha1		781
+#define OBJ_hmac_sha1		OBJ_identified_organization,6L,1L,5L,5L,8L,1L,2L
+
 #define SN_certicom_arc		"certicom-arc"
-#define NID_certicom_arc		663
+#define NID_certicom_arc		677
 #define OBJ_certicom_arc		OBJ_identified_organization,132L
 
 #define SN_international_organizations		"international-organizations"
@@ -107,12 +117,12 @@
 #define OBJ_international_organizations		OBJ_joint_iso_itu_t,23L
 
 #define SN_wap		"wap"
-#define NID_wap		664
+#define NID_wap		678
 #define OBJ_wap		OBJ_international_organizations,43L
 
 #define SN_wap_wsg		"wap-wsg"
-#define NID_wap_wsg		665
-#define OBJ_wap_wsg		OBJ_wap,13L
+#define NID_wap_wsg		679
+#define OBJ_wap_wsg		OBJ_wap,1L
 
 #define SN_selected_attribute_types		"selected-attribute-types"
 #define LN_selected_attribute_types		"Selected Attribute Types"
@@ -164,19 +174,19 @@
 #define OBJ_X9_62_characteristic_two_field		OBJ_X9_62_id_fieldType,2L
 
 #define SN_X9_62_id_characteristic_two_basis		"id-characteristic-two-basis"
-#define NID_X9_62_id_characteristic_two_basis		666
+#define NID_X9_62_id_characteristic_two_basis		680
 #define OBJ_X9_62_id_characteristic_two_basis		OBJ_X9_62_characteristic_two_field,3L
 
 #define SN_X9_62_onBasis		"onBasis"
-#define NID_X9_62_onBasis		667
+#define NID_X9_62_onBasis		681
 #define OBJ_X9_62_onBasis		OBJ_X9_62_id_characteristic_two_basis,1L
 
 #define SN_X9_62_tpBasis		"tpBasis"
-#define NID_X9_62_tpBasis		668
+#define NID_X9_62_tpBasis		682
 #define OBJ_X9_62_tpBasis		OBJ_X9_62_id_characteristic_two_basis,2L
 
 #define SN_X9_62_ppBasis		"ppBasis"
-#define NID_X9_62_ppBasis		669
+#define NID_X9_62_ppBasis		683
 #define OBJ_X9_62_ppBasis		OBJ_X9_62_id_characteristic_two_basis,3L
 
 #define OBJ_X9_62_id_publicKeyType		OBJ_ansi_X9_62,2L
@@ -190,83 +200,83 @@
 #define OBJ_X9_62_c_TwoCurve		OBJ_X9_62_ellipticCurve,0L
 
 #define SN_X9_62_c2pnb163v1		"c2pnb163v1"
-#define NID_X9_62_c2pnb163v1		670
+#define NID_X9_62_c2pnb163v1		684
 #define OBJ_X9_62_c2pnb163v1		OBJ_X9_62_c_TwoCurve,1L
 
 #define SN_X9_62_c2pnb163v2		"c2pnb163v2"
-#define NID_X9_62_c2pnb163v2		671
+#define NID_X9_62_c2pnb163v2		685
 #define OBJ_X9_62_c2pnb163v2		OBJ_X9_62_c_TwoCurve,2L
 
 #define SN_X9_62_c2pnb163v3		"c2pnb163v3"
-#define NID_X9_62_c2pnb163v3		672
+#define NID_X9_62_c2pnb163v3		686
 #define OBJ_X9_62_c2pnb163v3		OBJ_X9_62_c_TwoCurve,3L
 
 #define SN_X9_62_c2pnb176v1		"c2pnb176v1"
-#define NID_X9_62_c2pnb176v1		673
+#define NID_X9_62_c2pnb176v1		687
 #define OBJ_X9_62_c2pnb176v1		OBJ_X9_62_c_TwoCurve,4L
 
 #define SN_X9_62_c2tnb191v1		"c2tnb191v1"
-#define NID_X9_62_c2tnb191v1		674
+#define NID_X9_62_c2tnb191v1		688
 #define OBJ_X9_62_c2tnb191v1		OBJ_X9_62_c_TwoCurve,5L
 
 #define SN_X9_62_c2tnb191v2		"c2tnb191v2"
-#define NID_X9_62_c2tnb191v2		675
+#define NID_X9_62_c2tnb191v2		689
 #define OBJ_X9_62_c2tnb191v2		OBJ_X9_62_c_TwoCurve,6L
 
 #define SN_X9_62_c2tnb191v3		"c2tnb191v3"
-#define NID_X9_62_c2tnb191v3		676
+#define NID_X9_62_c2tnb191v3		690
 #define OBJ_X9_62_c2tnb191v3		OBJ_X9_62_c_TwoCurve,7L
 
 #define SN_X9_62_c2onb191v4		"c2onb191v4"
-#define NID_X9_62_c2onb191v4		677
+#define NID_X9_62_c2onb191v4		691
 #define OBJ_X9_62_c2onb191v4		OBJ_X9_62_c_TwoCurve,8L
 
 #define SN_X9_62_c2onb191v5		"c2onb191v5"
-#define NID_X9_62_c2onb191v5		678
+#define NID_X9_62_c2onb191v5		692
 #define OBJ_X9_62_c2onb191v5		OBJ_X9_62_c_TwoCurve,9L
 
 #define SN_X9_62_c2pnb208w1		"c2pnb208w1"
-#define NID_X9_62_c2pnb208w1		679
+#define NID_X9_62_c2pnb208w1		693
 #define OBJ_X9_62_c2pnb208w1		OBJ_X9_62_c_TwoCurve,10L
 
 #define SN_X9_62_c2tnb239v1		"c2tnb239v1"
-#define NID_X9_62_c2tnb239v1		680
+#define NID_X9_62_c2tnb239v1		694
 #define OBJ_X9_62_c2tnb239v1		OBJ_X9_62_c_TwoCurve,11L
 
 #define SN_X9_62_c2tnb239v2		"c2tnb239v2"
-#define NID_X9_62_c2tnb239v2		681
+#define NID_X9_62_c2tnb239v2		695
 #define OBJ_X9_62_c2tnb239v2		OBJ_X9_62_c_TwoCurve,12L
 
 #define SN_X9_62_c2tnb239v3		"c2tnb239v3"
-#define NID_X9_62_c2tnb239v3		682
+#define NID_X9_62_c2tnb239v3		696
 #define OBJ_X9_62_c2tnb239v3		OBJ_X9_62_c_TwoCurve,13L
 
 #define SN_X9_62_c2onb239v4		"c2onb239v4"
-#define NID_X9_62_c2onb239v4		683
+#define NID_X9_62_c2onb239v4		697
 #define OBJ_X9_62_c2onb239v4		OBJ_X9_62_c_TwoCurve,14L
 
 #define SN_X9_62_c2onb239v5		"c2onb239v5"
-#define NID_X9_62_c2onb239v5		684
+#define NID_X9_62_c2onb239v5		698
 #define OBJ_X9_62_c2onb239v5		OBJ_X9_62_c_TwoCurve,15L
 
 #define SN_X9_62_c2pnb272w1		"c2pnb272w1"
-#define NID_X9_62_c2pnb272w1		685
+#define NID_X9_62_c2pnb272w1		699
 #define OBJ_X9_62_c2pnb272w1		OBJ_X9_62_c_TwoCurve,16L
 
 #define SN_X9_62_c2pnb304w1		"c2pnb304w1"
-#define NID_X9_62_c2pnb304w1		686
+#define NID_X9_62_c2pnb304w1		700
 #define OBJ_X9_62_c2pnb304w1		OBJ_X9_62_c_TwoCurve,17L
 
 #define SN_X9_62_c2tnb359v1		"c2tnb359v1"
-#define NID_X9_62_c2tnb359v1		687
+#define NID_X9_62_c2tnb359v1		701
 #define OBJ_X9_62_c2tnb359v1		OBJ_X9_62_c_TwoCurve,18L
 
 #define SN_X9_62_c2pnb368w1		"c2pnb368w1"
-#define NID_X9_62_c2pnb368w1		688
+#define NID_X9_62_c2pnb368w1		702
 #define OBJ_X9_62_c2pnb368w1		OBJ_X9_62_c_TwoCurve,19L
 
 #define SN_X9_62_c2tnb431r1		"c2tnb431r1"
-#define NID_X9_62_c2tnb431r1		689
+#define NID_X9_62_c2tnb431r1		703
 #define OBJ_X9_62_c2tnb431r1		OBJ_X9_62_c_TwoCurve,20L
 
 #define OBJ_X9_62_primeCurve		OBJ_X9_62_ellipticCurve,1L
@@ -305,176 +315,200 @@
 #define NID_ecdsa_with_SHA1		416
 #define OBJ_ecdsa_with_SHA1		OBJ_X9_62_id_ecSigType,1L
 
+#define SN_ecdsa_with_Recommended		"ecdsa-with-Recommended"
+#define NID_ecdsa_with_Recommended		791
+#define OBJ_ecdsa_with_Recommended		OBJ_X9_62_id_ecSigType,2L
+
+#define SN_ecdsa_with_Specified		"ecdsa-with-Specified"
+#define NID_ecdsa_with_Specified		792
+#define OBJ_ecdsa_with_Specified		OBJ_X9_62_id_ecSigType,3L
+
+#define SN_ecdsa_with_SHA224		"ecdsa-with-SHA224"
+#define NID_ecdsa_with_SHA224		793
+#define OBJ_ecdsa_with_SHA224		OBJ_ecdsa_with_Specified,1L
+
+#define SN_ecdsa_with_SHA256		"ecdsa-with-SHA256"
+#define NID_ecdsa_with_SHA256		794
+#define OBJ_ecdsa_with_SHA256		OBJ_ecdsa_with_Specified,2L
+
+#define SN_ecdsa_with_SHA384		"ecdsa-with-SHA384"
+#define NID_ecdsa_with_SHA384		795
+#define OBJ_ecdsa_with_SHA384		OBJ_ecdsa_with_Specified,3L
+
+#define SN_ecdsa_with_SHA512		"ecdsa-with-SHA512"
+#define NID_ecdsa_with_SHA512		796
+#define OBJ_ecdsa_with_SHA512		OBJ_ecdsa_with_Specified,4L
+
 #define OBJ_secg_ellipticCurve		OBJ_certicom_arc,0L
 
 #define SN_secp112r1		"secp112r1"
-#define NID_secp112r1		690
+#define NID_secp112r1		704
 #define OBJ_secp112r1		OBJ_secg_ellipticCurve,6L
 
 #define SN_secp112r2		"secp112r2"
-#define NID_secp112r2		691
+#define NID_secp112r2		705
 #define OBJ_secp112r2		OBJ_secg_ellipticCurve,7L
 
 #define SN_secp128r1		"secp128r1"
-#define NID_secp128r1		692
+#define NID_secp128r1		706
 #define OBJ_secp128r1		OBJ_secg_ellipticCurve,28L
 
 #define SN_secp128r2		"secp128r2"
-#define NID_secp128r2		693
+#define NID_secp128r2		707
 #define OBJ_secp128r2		OBJ_secg_ellipticCurve,29L
 
 #define SN_secp160k1		"secp160k1"
-#define NID_secp160k1		694
+#define NID_secp160k1		708
 #define OBJ_secp160k1		OBJ_secg_ellipticCurve,9L
 
 #define SN_secp160r1		"secp160r1"
-#define NID_secp160r1		695
+#define NID_secp160r1		709
 #define OBJ_secp160r1		OBJ_secg_ellipticCurve,8L
 
 #define SN_secp160r2		"secp160r2"
-#define NID_secp160r2		696
+#define NID_secp160r2		710
 #define OBJ_secp160r2		OBJ_secg_ellipticCurve,30L
 
 #define SN_secp192k1		"secp192k1"
-#define NID_secp192k1		697
+#define NID_secp192k1		711
 #define OBJ_secp192k1		OBJ_secg_ellipticCurve,31L
 
 #define SN_secp224k1		"secp224k1"
-#define NID_secp224k1		698
+#define NID_secp224k1		712
 #define OBJ_secp224k1		OBJ_secg_ellipticCurve,32L
 
 #define SN_secp224r1		"secp224r1"
-#define NID_secp224r1		699
+#define NID_secp224r1		713
 #define OBJ_secp224r1		OBJ_secg_ellipticCurve,33L
 
 #define SN_secp256k1		"secp256k1"
-#define NID_secp256k1		700
+#define NID_secp256k1		714
 #define OBJ_secp256k1		OBJ_secg_ellipticCurve,10L
 
 #define SN_secp384r1		"secp384r1"
-#define NID_secp384r1		701
+#define NID_secp384r1		715
 #define OBJ_secp384r1		OBJ_secg_ellipticCurve,34L
 
 #define SN_secp521r1		"secp521r1"
-#define NID_secp521r1		702
+#define NID_secp521r1		716
 #define OBJ_secp521r1		OBJ_secg_ellipticCurve,35L
 
 #define SN_sect113r1		"sect113r1"
-#define NID_sect113r1		703
+#define NID_sect113r1		717
 #define OBJ_sect113r1		OBJ_secg_ellipticCurve,4L
 
 #define SN_sect113r2		"sect113r2"
-#define NID_sect113r2		704
+#define NID_sect113r2		718
 #define OBJ_sect113r2		OBJ_secg_ellipticCurve,5L
 
 #define SN_sect131r1		"sect131r1"
-#define NID_sect131r1		705
+#define NID_sect131r1		719
 #define OBJ_sect131r1		OBJ_secg_ellipticCurve,22L
 
 #define SN_sect131r2		"sect131r2"
-#define NID_sect131r2		706
+#define NID_sect131r2		720
 #define OBJ_sect131r2		OBJ_secg_ellipticCurve,23L
 
 #define SN_sect163k1		"sect163k1"
-#define NID_sect163k1		707
+#define NID_sect163k1		721
 #define OBJ_sect163k1		OBJ_secg_ellipticCurve,1L
 
 #define SN_sect163r1		"sect163r1"
-#define NID_sect163r1		708
+#define NID_sect163r1		722
 #define OBJ_sect163r1		OBJ_secg_ellipticCurve,2L
 
 #define SN_sect163r2		"sect163r2"
-#define NID_sect163r2		709
+#define NID_sect163r2		723
 #define OBJ_sect163r2		OBJ_secg_ellipticCurve,15L
 
 #define SN_sect193r1		"sect193r1"
-#define NID_sect193r1		710
+#define NID_sect193r1		724
 #define OBJ_sect193r1		OBJ_secg_ellipticCurve,24L
 
 #define SN_sect193r2		"sect193r2"
-#define NID_sect193r2		711
+#define NID_sect193r2		725
 #define OBJ_sect193r2		OBJ_secg_ellipticCurve,25L
 
 #define SN_sect233k1		"sect233k1"
-#define NID_sect233k1		712
+#define NID_sect233k1		726
 #define OBJ_sect233k1		OBJ_secg_ellipticCurve,26L
 
 #define SN_sect233r1		"sect233r1"
-#define NID_sect233r1		713
+#define NID_sect233r1		727
 #define OBJ_sect233r1		OBJ_secg_ellipticCurve,27L
 
 #define SN_sect239k1		"sect239k1"
-#define NID_sect239k1		714
+#define NID_sect239k1		728
 #define OBJ_sect239k1		OBJ_secg_ellipticCurve,3L
 
 #define SN_sect283k1		"sect283k1"
-#define NID_sect283k1		715
+#define NID_sect283k1		729
 #define OBJ_sect283k1		OBJ_secg_ellipticCurve,16L
 
 #define SN_sect283r1		"sect283r1"
-#define NID_sect283r1		716
+#define NID_sect283r1		730
 #define OBJ_sect283r1		OBJ_secg_ellipticCurve,17L
 
 #define SN_sect409k1		"sect409k1"
-#define NID_sect409k1		717
+#define NID_sect409k1		731
 #define OBJ_sect409k1		OBJ_secg_ellipticCurve,36L
 
 #define SN_sect409r1		"sect409r1"
-#define NID_sect409r1		718
+#define NID_sect409r1		732
 #define OBJ_sect409r1		OBJ_secg_ellipticCurve,37L
 
 #define SN_sect571k1		"sect571k1"
-#define NID_sect571k1		719
+#define NID_sect571k1		733
 #define OBJ_sect571k1		OBJ_secg_ellipticCurve,38L
 
 #define SN_sect571r1		"sect571r1"
-#define NID_sect571r1		720
+#define NID_sect571r1		734
 #define OBJ_sect571r1		OBJ_secg_ellipticCurve,39L
 
 #define OBJ_wap_wsg_idm_ecid		OBJ_wap_wsg,4L
 
 #define SN_wap_wsg_idm_ecid_wtls1		"wap-wsg-idm-ecid-wtls1"
-#define NID_wap_wsg_idm_ecid_wtls1		721
+#define NID_wap_wsg_idm_ecid_wtls1		735
 #define OBJ_wap_wsg_idm_ecid_wtls1		OBJ_wap_wsg_idm_ecid,1L
 
 #define SN_wap_wsg_idm_ecid_wtls3		"wap-wsg-idm-ecid-wtls3"
-#define NID_wap_wsg_idm_ecid_wtls3		722
+#define NID_wap_wsg_idm_ecid_wtls3		736
 #define OBJ_wap_wsg_idm_ecid_wtls3		OBJ_wap_wsg_idm_ecid,3L
 
 #define SN_wap_wsg_idm_ecid_wtls4		"wap-wsg-idm-ecid-wtls4"
-#define NID_wap_wsg_idm_ecid_wtls4		723
+#define NID_wap_wsg_idm_ecid_wtls4		737
 #define OBJ_wap_wsg_idm_ecid_wtls4		OBJ_wap_wsg_idm_ecid,4L
 
 #define SN_wap_wsg_idm_ecid_wtls5		"wap-wsg-idm-ecid-wtls5"
-#define NID_wap_wsg_idm_ecid_wtls5		724
+#define NID_wap_wsg_idm_ecid_wtls5		738
 #define OBJ_wap_wsg_idm_ecid_wtls5		OBJ_wap_wsg_idm_ecid,5L
 
 #define SN_wap_wsg_idm_ecid_wtls6		"wap-wsg-idm-ecid-wtls6"
-#define NID_wap_wsg_idm_ecid_wtls6		725
+#define NID_wap_wsg_idm_ecid_wtls6		739
 #define OBJ_wap_wsg_idm_ecid_wtls6		OBJ_wap_wsg_idm_ecid,6L
 
 #define SN_wap_wsg_idm_ecid_wtls7		"wap-wsg-idm-ecid-wtls7"
-#define NID_wap_wsg_idm_ecid_wtls7		726
+#define NID_wap_wsg_idm_ecid_wtls7		740
 #define OBJ_wap_wsg_idm_ecid_wtls7		OBJ_wap_wsg_idm_ecid,7L
 
 #define SN_wap_wsg_idm_ecid_wtls8		"wap-wsg-idm-ecid-wtls8"
-#define NID_wap_wsg_idm_ecid_wtls8		727
+#define NID_wap_wsg_idm_ecid_wtls8		741
 #define OBJ_wap_wsg_idm_ecid_wtls8		OBJ_wap_wsg_idm_ecid,8L
 
 #define SN_wap_wsg_idm_ecid_wtls9		"wap-wsg-idm-ecid-wtls9"
-#define NID_wap_wsg_idm_ecid_wtls9		728
+#define NID_wap_wsg_idm_ecid_wtls9		742
 #define OBJ_wap_wsg_idm_ecid_wtls9		OBJ_wap_wsg_idm_ecid,9L
 
 #define SN_wap_wsg_idm_ecid_wtls10		"wap-wsg-idm-ecid-wtls10"
-#define NID_wap_wsg_idm_ecid_wtls10		729
+#define NID_wap_wsg_idm_ecid_wtls10		743
 #define OBJ_wap_wsg_idm_ecid_wtls10		OBJ_wap_wsg_idm_ecid,10L
 
 #define SN_wap_wsg_idm_ecid_wtls11		"wap-wsg-idm-ecid-wtls11"
-#define NID_wap_wsg_idm_ecid_wtls11		730
+#define NID_wap_wsg_idm_ecid_wtls11		744
 #define OBJ_wap_wsg_idm_ecid_wtls11		OBJ_wap_wsg_idm_ecid,11L
 
 #define SN_wap_wsg_idm_ecid_wtls12		"wap-wsg-idm-ecid-wtls12"
-#define NID_wap_wsg_idm_ecid_wtls12		731
+#define NID_wap_wsg_idm_ecid_wtls12		745
 #define OBJ_wap_wsg_idm_ecid_wtls12		OBJ_wap_wsg_idm_ecid,12L
 
 #define SN_cast5_cbc		"CAST5-CBC"
@@ -498,6 +532,16 @@
 #define NID_pbeWithMD5AndCast5_CBC		112
 #define OBJ_pbeWithMD5AndCast5_CBC		OBJ_ISO_US,113533L,7L,66L,12L
 
+#define SN_id_PasswordBasedMAC		"id-PasswordBasedMAC"
+#define LN_id_PasswordBasedMAC		"password based MAC"
+#define NID_id_PasswordBasedMAC		782
+#define OBJ_id_PasswordBasedMAC		OBJ_ISO_US,113533L,7L,66L,13L
+
+#define SN_id_DHBasedMac		"id-DHBasedMac"
+#define LN_id_DHBasedMac		"Diffie-Hellman based MAC"
+#define NID_id_DHBasedMac		783
+#define OBJ_id_DHBasedMac		OBJ_ISO_US,113533L,7L,66L,30L
+
 #define SN_rsadsi		"rsadsi"
 #define LN_rsadsi		"RSA Data Security, Inc."
 #define NID_rsadsi		1
@@ -538,22 +582,22 @@
 
 #define SN_sha256WithRSAEncryption		"RSA-SHA256"
 #define LN_sha256WithRSAEncryption		"sha256WithRSAEncryption"
-#define NID_sha256WithRSAEncryption		732
+#define NID_sha256WithRSAEncryption		668
 #define OBJ_sha256WithRSAEncryption		OBJ_pkcs1,11L
 
 #define SN_sha384WithRSAEncryption		"RSA-SHA384"
 #define LN_sha384WithRSAEncryption		"sha384WithRSAEncryption"
-#define NID_sha384WithRSAEncryption		733
+#define NID_sha384WithRSAEncryption		669
 #define OBJ_sha384WithRSAEncryption		OBJ_pkcs1,12L
 
 #define SN_sha512WithRSAEncryption		"RSA-SHA512"
 #define LN_sha512WithRSAEncryption		"sha512WithRSAEncryption"
-#define NID_sha512WithRSAEncryption		734
+#define NID_sha512WithRSAEncryption		670
 #define OBJ_sha512WithRSAEncryption		OBJ_pkcs1,13L
 
 #define SN_sha224WithRSAEncryption		"RSA-SHA224"
 #define LN_sha224WithRSAEncryption		"sha224WithRSAEncryption"
-#define NID_sha224WithRSAEncryption		735
+#define NID_sha224WithRSAEncryption		671
 #define OBJ_sha224WithRSAEncryption		OBJ_pkcs1,14L
 
 #define SN_pkcs3		"pkcs3"
@@ -785,6 +829,14 @@
 #define NID_id_smime_ct_DVCSResponseData		211
 #define OBJ_id_smime_ct_DVCSResponseData		OBJ_id_smime_ct,8L
 
+#define SN_id_smime_ct_compressedData		"id-smime-ct-compressedData"
+#define NID_id_smime_ct_compressedData		786
+#define OBJ_id_smime_ct_compressedData		OBJ_id_smime_ct,9L
+
+#define SN_id_ct_asciiTextWithCRLF		"id-ct-asciiTextWithCRLF"
+#define NID_id_ct_asciiTextWithCRLF		787
+#define OBJ_id_ct_asciiTextWithCRLF		OBJ_id_smime_ct,27L
+
 #define SN_id_smime_aa_receiptRequest		"id-smime-aa-receiptRequest"
 #define NID_id_smime_aa_receiptRequest		212
 #define OBJ_id_smime_aa_receiptRequest		OBJ_id_smime_aa,1L
@@ -929,6 +981,10 @@
 #define NID_id_smime_alg_CMSRC2wrap		247
 #define OBJ_id_smime_alg_CMSRC2wrap		OBJ_id_smime_alg,7L
 
+#define SN_id_alg_PWRI_KEK		"id-alg-PWRI-KEK"
+#define NID_id_alg_PWRI_KEK		893
+#define OBJ_id_alg_PWRI_KEK		OBJ_id_smime_alg,9L
+
 #define SN_id_smime_cd_ldap		"id-smime-cd-ldap"
 #define NID_id_smime_cd_ldap		248
 #define OBJ_id_smime_cd_ldap		OBJ_id_smime_cd,1L
@@ -978,6 +1034,11 @@
 #define NID_ms_csp_name		417
 #define OBJ_ms_csp_name		1L,3L,6L,1L,4L,1L,311L,17L,1L
 
+#define SN_LocalKeySet		"LocalKeySet"
+#define LN_LocalKeySet		"Microsoft Local Key set"
+#define NID_LocalKeySet		856
+#define OBJ_LocalKeySet		1L,3L,6L,1L,4L,1L,311L,17L,2L
+
 #define OBJ_certTypes		OBJ_pkcs9,22L
 
 #define LN_x509Certificate		"x509Certificate"
@@ -1075,10 +1136,30 @@
 #define LN_md5_sha1		"md5-sha1"
 #define NID_md5_sha1		114
 
+#define LN_hmacWithMD5		"hmacWithMD5"
+#define NID_hmacWithMD5		797
+#define OBJ_hmacWithMD5		OBJ_rsadsi,2L,6L
+
 #define LN_hmacWithSHA1		"hmacWithSHA1"
 #define NID_hmacWithSHA1		163
 #define OBJ_hmacWithSHA1		OBJ_rsadsi,2L,7L
 
+#define LN_hmacWithSHA224		"hmacWithSHA224"
+#define NID_hmacWithSHA224		798
+#define OBJ_hmacWithSHA224		OBJ_rsadsi,2L,8L
+
+#define LN_hmacWithSHA256		"hmacWithSHA256"
+#define NID_hmacWithSHA256		799
+#define OBJ_hmacWithSHA256		OBJ_rsadsi,2L,9L
+
+#define LN_hmacWithSHA384		"hmacWithSHA384"
+#define NID_hmacWithSHA384		800
+#define OBJ_hmacWithSHA384		OBJ_rsadsi,2L,10L
+
+#define LN_hmacWithSHA512		"hmacWithSHA512"
+#define NID_hmacWithSHA512		801
+#define OBJ_hmacWithSHA512		OBJ_rsadsi,2L,11L
+
 #define SN_rc2_cbc		"RC2-CBC"
 #define LN_rc2_cbc		"rc2-cbc"
 #define NID_rc2_cbc		37
@@ -1266,7 +1347,7 @@
 #define OBJ_id_cct		OBJ_id_pkix,12L
 
 #define SN_id_ppl		"id-ppl"
-#define NID_id_ppl		746
+#define NID_id_ppl		662
 #define OBJ_id_ppl		OBJ_id_pkix,21L
 
 #define SN_id_ad		"id-ad"
@@ -1363,17 +1444,17 @@
 #define NID_aaControls		289
 #define OBJ_aaControls		OBJ_id_pe,6L
 
-#define SN_sbqp_ipAddrBlock		"sbqp-ipAddrBlock"
-#define NID_sbqp_ipAddrBlock		290
-#define OBJ_sbqp_ipAddrBlock		OBJ_id_pe,7L
+#define SN_sbgp_ipAddrBlock		"sbgp-ipAddrBlock"
+#define NID_sbgp_ipAddrBlock		290
+#define OBJ_sbgp_ipAddrBlock		OBJ_id_pe,7L
 
-#define SN_sbqp_autonomousSysNum		"sbqp-autonomousSysNum"
-#define NID_sbqp_autonomousSysNum		291
-#define OBJ_sbqp_autonomousSysNum		OBJ_id_pe,8L
+#define SN_sbgp_autonomousSysNum		"sbgp-autonomousSysNum"
+#define NID_sbgp_autonomousSysNum		291
+#define OBJ_sbgp_autonomousSysNum		OBJ_id_pe,8L
 
-#define SN_sbqp_routerIdentifier		"sbqp-routerIdentifier"
-#define NID_sbqp_routerIdentifier		292
-#define OBJ_sbqp_routerIdentifier		OBJ_id_pe,9L
+#define SN_sbgp_routerIdentifier		"sbgp-routerIdentifier"
+#define NID_sbgp_routerIdentifier		292
+#define OBJ_sbgp_routerIdentifier		OBJ_id_pe,9L
 
 #define SN_ac_proxying		"ac-proxying"
 #define NID_ac_proxying		397
@@ -1386,7 +1467,7 @@
 
 #define SN_proxyCertInfo		"proxyCertInfo"
 #define LN_proxyCertInfo		"Proxy Certificate Information"
-#define NID_proxyCertInfo		747
+#define NID_proxyCertInfo		663
 #define OBJ_proxyCertInfo		OBJ_id_pe,14L
 
 #define SN_id_qt_cps		"id-qt-cps"
@@ -1513,6 +1594,10 @@
 #define NID_id_it_origPKIMessage		312
 #define OBJ_id_it_origPKIMessage		OBJ_id_it,15L
 
+#define SN_id_it_suppLangTags		"id-it-suppLangTags"
+#define NID_id_it_suppLangTags		784
+#define OBJ_id_it_suppLangTags		OBJ_id_it,16L
+
 #define SN_id_regCtrl		"id-regCtrl"
 #define NID_id_regCtrl		313
 #define OBJ_id_regCtrl		OBJ_id_pkip,1L
@@ -1653,6 +1738,11 @@
 #define NID_id_on_personalData		347
 #define OBJ_id_on_personalData		OBJ_id_on,1L
 
+#define SN_id_on_permanentIdentifier		"id-on-permanentIdentifier"
+#define LN_id_on_permanentIdentifier		"Permanent Identifier"
+#define NID_id_on_permanentIdentifier		858
+#define OBJ_id_on_permanentIdentifier		OBJ_id_on,3L
+
 #define SN_id_pda_dateOfBirth		"id-pda-dateOfBirth"
 #define NID_id_pda_dateOfBirth		348
 #define OBJ_id_pda_dateOfBirth		OBJ_id_pda,1L
@@ -1715,17 +1805,17 @@
 
 #define SN_id_ppl_anyLanguage		"id-ppl-anyLanguage"
 #define LN_id_ppl_anyLanguage		"Any language"
-#define NID_id_ppl_anyLanguage		748
+#define NID_id_ppl_anyLanguage		664
 #define OBJ_id_ppl_anyLanguage		OBJ_id_ppl,0L
 
 #define SN_id_ppl_inheritAll		"id-ppl-inheritAll"
 #define LN_id_ppl_inheritAll		"Inherit all"
-#define NID_id_ppl_inheritAll		749
+#define NID_id_ppl_inheritAll		665
 #define OBJ_id_ppl_inheritAll		OBJ_id_ppl,1L
 
 #define SN_Independent		"id-ppl-independent"
 #define LN_Independent		"Independent"
-#define NID_Independent		750
+#define NID_Independent		667
 #define OBJ_Independent		OBJ_id_ppl,2L
 
 #define SN_ad_OCSP		"OCSP"
@@ -1748,6 +1838,11 @@
 #define NID_ad_dvcs		364
 #define OBJ_ad_dvcs		OBJ_id_ad,4L
 
+#define SN_caRepository		"caRepository"
+#define LN_caRepository		"CA Repository"
+#define NID_caRepository		785
+#define OBJ_caRepository		OBJ_id_ad,5L
+
 #define OBJ_id_pkix_OCSP		OBJ_ad_OCSP
 
 #define SN_id_pkix_OCSP_basic		"basicOCSPResponse"
@@ -1958,6 +2053,7 @@
 #define NID_stateOrProvinceName		16
 #define OBJ_stateOrProvinceName		OBJ_X509,8L
 
+#define SN_streetAddress		"street"
 #define LN_streetAddress		"streetAddress"
 #define NID_streetAddress		660
 #define OBJ_streetAddress		OBJ_X509,9L
@@ -1972,6 +2068,7 @@
 #define NID_organizationalUnitName		18
 #define OBJ_organizationalUnitName		OBJ_X509,11L
 
+#define SN_title		"title"
 #define LN_title		"title"
 #define NID_title		106
 #define OBJ_title		OBJ_X509,12L
@@ -1980,10 +2077,114 @@
 #define NID_description		107
 #define OBJ_description		OBJ_X509,13L
 
+#define LN_searchGuide		"searchGuide"
+#define NID_searchGuide		859
+#define OBJ_searchGuide		OBJ_X509,14L
+
+#define LN_businessCategory		"businessCategory"
+#define NID_businessCategory		860
+#define OBJ_businessCategory		OBJ_X509,15L
+
+#define LN_postalAddress		"postalAddress"
+#define NID_postalAddress		861
+#define OBJ_postalAddress		OBJ_X509,16L
+
 #define LN_postalCode		"postalCode"
 #define NID_postalCode		661
 #define OBJ_postalCode		OBJ_X509,17L
 
+#define LN_postOfficeBox		"postOfficeBox"
+#define NID_postOfficeBox		862
+#define OBJ_postOfficeBox		OBJ_X509,18L
+
+#define LN_physicalDeliveryOfficeName		"physicalDeliveryOfficeName"
+#define NID_physicalDeliveryOfficeName		863
+#define OBJ_physicalDeliveryOfficeName		OBJ_X509,19L
+
+#define LN_telephoneNumber		"telephoneNumber"
+#define NID_telephoneNumber		864
+#define OBJ_telephoneNumber		OBJ_X509,20L
+
+#define LN_telexNumber		"telexNumber"
+#define NID_telexNumber		865
+#define OBJ_telexNumber		OBJ_X509,21L
+
+#define LN_teletexTerminalIdentifier		"teletexTerminalIdentifier"
+#define NID_teletexTerminalIdentifier		866
+#define OBJ_teletexTerminalIdentifier		OBJ_X509,22L
+
+#define LN_facsimileTelephoneNumber		"facsimileTelephoneNumber"
+#define NID_facsimileTelephoneNumber		867
+#define OBJ_facsimileTelephoneNumber		OBJ_X509,23L
+
+#define LN_x121Address		"x121Address"
+#define NID_x121Address		868
+#define OBJ_x121Address		OBJ_X509,24L
+
+#define LN_internationaliSDNNumber		"internationaliSDNNumber"
+#define NID_internationaliSDNNumber		869
+#define OBJ_internationaliSDNNumber		OBJ_X509,25L
+
+#define LN_registeredAddress		"registeredAddress"
+#define NID_registeredAddress		870
+#define OBJ_registeredAddress		OBJ_X509,26L
+
+#define LN_destinationIndicator		"destinationIndicator"
+#define NID_destinationIndicator		871
+#define OBJ_destinationIndicator		OBJ_X509,27L
+
+#define LN_preferredDeliveryMethod		"preferredDeliveryMethod"
+#define NID_preferredDeliveryMethod		872
+#define OBJ_preferredDeliveryMethod		OBJ_X509,28L
+
+#define LN_presentationAddress		"presentationAddress"
+#define NID_presentationAddress		873
+#define OBJ_presentationAddress		OBJ_X509,29L
+
+#define LN_supportedApplicationContext		"supportedApplicationContext"
+#define NID_supportedApplicationContext		874
+#define OBJ_supportedApplicationContext		OBJ_X509,30L
+
+#define SN_member		"member"
+#define NID_member		875
+#define OBJ_member		OBJ_X509,31L
+
+#define SN_owner		"owner"
+#define NID_owner		876
+#define OBJ_owner		OBJ_X509,32L
+
+#define LN_roleOccupant		"roleOccupant"
+#define NID_roleOccupant		877
+#define OBJ_roleOccupant		OBJ_X509,33L
+
+#define SN_seeAlso		"seeAlso"
+#define NID_seeAlso		878
+#define OBJ_seeAlso		OBJ_X509,34L
+
+#define LN_userPassword		"userPassword"
+#define NID_userPassword		879
+#define OBJ_userPassword		OBJ_X509,35L
+
+#define LN_userCertificate		"userCertificate"
+#define NID_userCertificate		880
+#define OBJ_userCertificate		OBJ_X509,36L
+
+#define LN_cACertificate		"cACertificate"
+#define NID_cACertificate		881
+#define OBJ_cACertificate		OBJ_X509,37L
+
+#define LN_authorityRevocationList		"authorityRevocationList"
+#define NID_authorityRevocationList		882
+#define OBJ_authorityRevocationList		OBJ_X509,38L
+
+#define LN_certificateRevocationList		"certificateRevocationList"
+#define NID_certificateRevocationList		883
+#define OBJ_certificateRevocationList		OBJ_X509,39L
+
+#define LN_crossCertificatePair		"crossCertificatePair"
+#define NID_crossCertificatePair		884
+#define OBJ_crossCertificatePair		OBJ_X509,40L
+
 #define SN_name		"name"
 #define LN_name		"name"
 #define NID_name		173
@@ -1994,6 +2195,7 @@
 #define NID_givenName		99
 #define OBJ_givenName		OBJ_X509,42L
 
+#define SN_initials		"initials"
 #define LN_initials		"initials"
 #define NID_initials		101
 #define OBJ_initials		OBJ_X509,43L
@@ -2011,6 +2213,38 @@
 #define NID_dnQualifier		174
 #define OBJ_dnQualifier		OBJ_X509,46L
 
+#define LN_enhancedSearchGuide		"enhancedSearchGuide"
+#define NID_enhancedSearchGuide		885
+#define OBJ_enhancedSearchGuide		OBJ_X509,47L
+
+#define LN_protocolInformation		"protocolInformation"
+#define NID_protocolInformation		886
+#define OBJ_protocolInformation		OBJ_X509,48L
+
+#define LN_distinguishedName		"distinguishedName"
+#define NID_distinguishedName		887
+#define OBJ_distinguishedName		OBJ_X509,49L
+
+#define LN_uniqueMember		"uniqueMember"
+#define NID_uniqueMember		888
+#define OBJ_uniqueMember		OBJ_X509,50L
+
+#define LN_houseIdentifier		"houseIdentifier"
+#define NID_houseIdentifier		889
+#define OBJ_houseIdentifier		OBJ_X509,51L
+
+#define LN_supportedAlgorithms		"supportedAlgorithms"
+#define NID_supportedAlgorithms		890
+#define OBJ_supportedAlgorithms		OBJ_X509,52L
+
+#define LN_deltaRevocationList		"deltaRevocationList"
+#define NID_deltaRevocationList		891
+#define OBJ_deltaRevocationList		OBJ_X509,53L
+
+#define SN_dmdName		"dmdName"
+#define NID_dmdName		892
+#define OBJ_dmdName		OBJ_X509,54L
+
 #define LN_pseudonym		"pseudonym"
 #define NID_pseudonym		510
 #define OBJ_pseudonym		OBJ_X509,65L
@@ -2044,6 +2278,11 @@
 #define NID_id_ce		81
 #define OBJ_id_ce		OBJ_X500,29L
 
+#define SN_subject_directory_attributes		"subjectDirectoryAttributes"
+#define LN_subject_directory_attributes		"X509v3 Subject Directory Attributes"
+#define NID_subject_directory_attributes		769
+#define OBJ_subject_directory_attributes		OBJ_id_ce,9L
+
 #define SN_subject_key_identifier		"subjectKeyIdentifier"
 #define LN_subject_key_identifier		"X509v3 Subject Key Identifier"
 #define NID_subject_key_identifier		82
@@ -2094,9 +2333,19 @@
 #define NID_delta_crl		140
 #define OBJ_delta_crl		OBJ_id_ce,27L
 
+#define SN_issuing_distribution_point		"issuingDistributionPoint"
+#define LN_issuing_distribution_point		"X509v3 Issuing Distrubution Point"
+#define NID_issuing_distribution_point		770
+#define OBJ_issuing_distribution_point		OBJ_id_ce,28L
+
+#define SN_certificate_issuer		"certificateIssuer"
+#define LN_certificate_issuer		"X509v3 Certificate Issuer"
+#define NID_certificate_issuer		771
+#define OBJ_certificate_issuer		OBJ_id_ce,29L
+
 #define SN_name_constraints		"nameConstraints"
 #define LN_name_constraints		"X509v3 Name Constraints"
-#define NID_name_constraints		736
+#define NID_name_constraints		666
 #define OBJ_name_constraints		OBJ_id_ce,30L
 
 #define SN_crl_distribution_points		"crlDistributionPoints"
@@ -2111,12 +2360,12 @@
 
 #define SN_any_policy		"anyPolicy"
 #define LN_any_policy		"X509v3 Any Policy"
-#define NID_any_policy		737
+#define NID_any_policy		746
 #define OBJ_any_policy		OBJ_certificate_policies,0L
 
 #define SN_policy_mappings		"policyMappings"
 #define LN_policy_mappings		"X509v3 Policy Mappings"
-#define NID_policy_mappings		738
+#define NID_policy_mappings		747
 #define OBJ_policy_mappings		OBJ_id_ce,33L
 
 #define SN_authority_key_identifier		"authorityKeyIdentifier"
@@ -2134,9 +2383,14 @@
 #define NID_ext_key_usage		126
 #define OBJ_ext_key_usage		OBJ_id_ce,37L
 
+#define SN_freshest_crl		"freshestCRL"
+#define LN_freshest_crl		"X509v3 Freshest CRL"
+#define NID_freshest_crl		857
+#define OBJ_freshest_crl		OBJ_id_ce,46L
+
 #define SN_inhibit_any_policy		"inhibitAnyPolicy"
 #define LN_inhibit_any_policy		"X509v3 Inhibit Any Policy"
-#define NID_inhibit_any_policy		739
+#define NID_inhibit_any_policy		748
 #define OBJ_inhibit_any_policy		OBJ_id_ce,54L
 
 #define SN_target_information		"targetInformation"
@@ -2308,7 +2562,7 @@
 #define SN_zlib_compression		"ZLIB"
 #define LN_zlib_compression		"zlib compression"
 #define NID_zlib_compression		125
-#define OBJ_zlib_compression		1L,1L,1L,1L,666L,2L
+#define OBJ_zlib_compression		OBJ_id_smime_alg,8L
 
 #define OBJ_csor		2L,16L,840L,1L,101L,3L
 
@@ -2416,28 +2670,50 @@
 #define LN_des_ede3_cfb8		"des-ede3-cfb8"
 #define NID_des_ede3_cfb8		659
 
+#define SN_id_aes128_wrap		"id-aes128-wrap"
+#define NID_id_aes128_wrap		788
+#define OBJ_id_aes128_wrap		OBJ_aes,5L
+
+#define SN_id_aes192_wrap		"id-aes192-wrap"
+#define NID_id_aes192_wrap		789
+#define OBJ_id_aes192_wrap		OBJ_aes,25L
+
+#define SN_id_aes256_wrap		"id-aes256-wrap"
+#define NID_id_aes256_wrap		790
+#define OBJ_id_aes256_wrap		OBJ_aes,45L
+
 #define OBJ_nist_hashalgs		OBJ_nistAlgorithms,2L
 
 #define SN_sha256		"SHA256"
 #define LN_sha256		"sha256"
-#define NID_sha256		740
+#define NID_sha256		672
 #define OBJ_sha256		OBJ_nist_hashalgs,1L
 
 #define SN_sha384		"SHA384"
 #define LN_sha384		"sha384"
-#define NID_sha384		741
+#define NID_sha384		673
 #define OBJ_sha384		OBJ_nist_hashalgs,2L
 
 #define SN_sha512		"SHA512"
 #define LN_sha512		"sha512"
-#define NID_sha512		742
+#define NID_sha512		674
 #define OBJ_sha512		OBJ_nist_hashalgs,3L
 
 #define SN_sha224		"SHA224"
 #define LN_sha224		"sha224"
-#define NID_sha224		743
+#define NID_sha224		675
 #define OBJ_sha224		OBJ_nist_hashalgs,4L
 
+#define OBJ_dsa_with_sha2		OBJ_nistAlgorithms,3L
+
+#define SN_dsa_with_SHA224		"dsa_with_SHA224"
+#define NID_dsa_with_SHA224		802
+#define OBJ_dsa_with_SHA224		OBJ_dsa_with_sha2,1L
+
+#define SN_dsa_with_SHA256		"dsa_with_SHA256"
+#define NID_dsa_with_SHA256		803
+#define OBJ_dsa_with_SHA256		OBJ_dsa_with_sha2,2L
+
 #define SN_hold_instruction_code		"holdInstructionCode"
 #define LN_hold_instruction_code		"Hold Instruction Code"
 #define NID_hold_instruction_code		430
@@ -3297,9 +3573,346 @@
 
 #define SN_ipsec3		"Oakley-EC2N-3"
 #define LN_ipsec3		"ipsec3"
-#define NID_ipsec3		744
+#define NID_ipsec3		749
 
 #define SN_ipsec4		"Oakley-EC2N-4"
 #define LN_ipsec4		"ipsec4"
-#define NID_ipsec4		745
+#define NID_ipsec4		750
+
+#define SN_whirlpool		"whirlpool"
+#define NID_whirlpool		804
+#define OBJ_whirlpool		OBJ_iso,0L,10118L,3L,0L,55L
+
+#define SN_cryptopro		"cryptopro"
+#define NID_cryptopro		805
+#define OBJ_cryptopro		OBJ_member_body,643L,2L,2L
+
+#define SN_cryptocom		"cryptocom"
+#define NID_cryptocom		806
+#define OBJ_cryptocom		OBJ_member_body,643L,2L,9L
+
+#define SN_id_GostR3411_94_with_GostR3410_2001		"id-GostR3411-94-with-GostR3410-2001"
+#define LN_id_GostR3411_94_with_GostR3410_2001		"GOST R 34.11-94 with GOST R 34.10-2001"
+#define NID_id_GostR3411_94_with_GostR3410_2001		807
+#define OBJ_id_GostR3411_94_with_GostR3410_2001		OBJ_cryptopro,3L
+
+#define SN_id_GostR3411_94_with_GostR3410_94		"id-GostR3411-94-with-GostR3410-94"
+#define LN_id_GostR3411_94_with_GostR3410_94		"GOST R 34.11-94 with GOST R 34.10-94"
+#define NID_id_GostR3411_94_with_GostR3410_94		808
+#define OBJ_id_GostR3411_94_with_GostR3410_94		OBJ_cryptopro,4L
+
+#define SN_id_GostR3411_94		"md_gost94"
+#define LN_id_GostR3411_94		"GOST R 34.11-94"
+#define NID_id_GostR3411_94		809
+#define OBJ_id_GostR3411_94		OBJ_cryptopro,9L
+
+#define SN_id_HMACGostR3411_94		"id-HMACGostR3411-94"
+#define LN_id_HMACGostR3411_94		"HMAC GOST 34.11-94"
+#define NID_id_HMACGostR3411_94		810
+#define OBJ_id_HMACGostR3411_94		OBJ_cryptopro,10L
+
+#define SN_id_GostR3410_2001		"gost2001"
+#define LN_id_GostR3410_2001		"GOST R 34.10-2001"
+#define NID_id_GostR3410_2001		811
+#define OBJ_id_GostR3410_2001		OBJ_cryptopro,19L
+
+#define SN_id_GostR3410_94		"gost94"
+#define LN_id_GostR3410_94		"GOST R 34.10-94"
+#define NID_id_GostR3410_94		812
+#define OBJ_id_GostR3410_94		OBJ_cryptopro,20L
+
+#define SN_id_Gost28147_89		"gost89"
+#define LN_id_Gost28147_89		"GOST 28147-89"
+#define NID_id_Gost28147_89		813
+#define OBJ_id_Gost28147_89		OBJ_cryptopro,21L
+
+#define SN_gost89_cnt		"gost89-cnt"
+#define NID_gost89_cnt		814
+
+#define SN_id_Gost28147_89_MAC		"gost-mac"
+#define LN_id_Gost28147_89_MAC		"GOST 28147-89 MAC"
+#define NID_id_Gost28147_89_MAC		815
+#define OBJ_id_Gost28147_89_MAC		OBJ_cryptopro,22L
+
+#define SN_id_GostR3411_94_prf		"prf-gostr3411-94"
+#define LN_id_GostR3411_94_prf		"GOST R 34.11-94 PRF"
+#define NID_id_GostR3411_94_prf		816
+#define OBJ_id_GostR3411_94_prf		OBJ_cryptopro,23L
+
+#define SN_id_GostR3410_2001DH		"id-GostR3410-2001DH"
+#define LN_id_GostR3410_2001DH		"GOST R 34.10-2001 DH"
+#define NID_id_GostR3410_2001DH		817
+#define OBJ_id_GostR3410_2001DH		OBJ_cryptopro,98L
+
+#define SN_id_GostR3410_94DH		"id-GostR3410-94DH"
+#define LN_id_GostR3410_94DH		"GOST R 34.10-94 DH"
+#define NID_id_GostR3410_94DH		818
+#define OBJ_id_GostR3410_94DH		OBJ_cryptopro,99L
+
+#define SN_id_Gost28147_89_CryptoPro_KeyMeshing		"id-Gost28147-89-CryptoPro-KeyMeshing"
+#define NID_id_Gost28147_89_CryptoPro_KeyMeshing		819
+#define OBJ_id_Gost28147_89_CryptoPro_KeyMeshing		OBJ_cryptopro,14L,1L
+
+#define SN_id_Gost28147_89_None_KeyMeshing		"id-Gost28147-89-None-KeyMeshing"
+#define NID_id_Gost28147_89_None_KeyMeshing		820
+#define OBJ_id_Gost28147_89_None_KeyMeshing		OBJ_cryptopro,14L,0L
+
+#define SN_id_GostR3411_94_TestParamSet		"id-GostR3411-94-TestParamSet"
+#define NID_id_GostR3411_94_TestParamSet		821
+#define OBJ_id_GostR3411_94_TestParamSet		OBJ_cryptopro,30L,0L
+
+#define SN_id_GostR3411_94_CryptoProParamSet		"id-GostR3411-94-CryptoProParamSet"
+#define NID_id_GostR3411_94_CryptoProParamSet		822
+#define OBJ_id_GostR3411_94_CryptoProParamSet		OBJ_cryptopro,30L,1L
+
+#define SN_id_Gost28147_89_TestParamSet		"id-Gost28147-89-TestParamSet"
+#define NID_id_Gost28147_89_TestParamSet		823
+#define OBJ_id_Gost28147_89_TestParamSet		OBJ_cryptopro,31L,0L
+
+#define SN_id_Gost28147_89_CryptoPro_A_ParamSet		"id-Gost28147-89-CryptoPro-A-ParamSet"
+#define NID_id_Gost28147_89_CryptoPro_A_ParamSet		824
+#define OBJ_id_Gost28147_89_CryptoPro_A_ParamSet		OBJ_cryptopro,31L,1L
+
+#define SN_id_Gost28147_89_CryptoPro_B_ParamSet		"id-Gost28147-89-CryptoPro-B-ParamSet"
+#define NID_id_Gost28147_89_CryptoPro_B_ParamSet		825
+#define OBJ_id_Gost28147_89_CryptoPro_B_ParamSet		OBJ_cryptopro,31L,2L
+
+#define SN_id_Gost28147_89_CryptoPro_C_ParamSet		"id-Gost28147-89-CryptoPro-C-ParamSet"
+#define NID_id_Gost28147_89_CryptoPro_C_ParamSet		826
+#define OBJ_id_Gost28147_89_CryptoPro_C_ParamSet		OBJ_cryptopro,31L,3L
+
+#define SN_id_Gost28147_89_CryptoPro_D_ParamSet		"id-Gost28147-89-CryptoPro-D-ParamSet"
+#define NID_id_Gost28147_89_CryptoPro_D_ParamSet		827
+#define OBJ_id_Gost28147_89_CryptoPro_D_ParamSet		OBJ_cryptopro,31L,4L
+
+#define SN_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet		"id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet"
+#define NID_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet		828
+#define OBJ_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet		OBJ_cryptopro,31L,5L
+
+#define SN_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet		"id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet"
+#define NID_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet		829
+#define OBJ_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet		OBJ_cryptopro,31L,6L
+
+#define SN_id_Gost28147_89_CryptoPro_RIC_1_ParamSet		"id-Gost28147-89-CryptoPro-RIC-1-ParamSet"
+#define NID_id_Gost28147_89_CryptoPro_RIC_1_ParamSet		830
+#define OBJ_id_Gost28147_89_CryptoPro_RIC_1_ParamSet		OBJ_cryptopro,31L,7L
+
+#define SN_id_GostR3410_94_TestParamSet		"id-GostR3410-94-TestParamSet"
+#define NID_id_GostR3410_94_TestParamSet		831
+#define OBJ_id_GostR3410_94_TestParamSet		OBJ_cryptopro,32L,0L
+
+#define SN_id_GostR3410_94_CryptoPro_A_ParamSet		"id-GostR3410-94-CryptoPro-A-ParamSet"
+#define NID_id_GostR3410_94_CryptoPro_A_ParamSet		832
+#define OBJ_id_GostR3410_94_CryptoPro_A_ParamSet		OBJ_cryptopro,32L,2L
+
+#define SN_id_GostR3410_94_CryptoPro_B_ParamSet		"id-GostR3410-94-CryptoPro-B-ParamSet"
+#define NID_id_GostR3410_94_CryptoPro_B_ParamSet		833
+#define OBJ_id_GostR3410_94_CryptoPro_B_ParamSet		OBJ_cryptopro,32L,3L
+
+#define SN_id_GostR3410_94_CryptoPro_C_ParamSet		"id-GostR3410-94-CryptoPro-C-ParamSet"
+#define NID_id_GostR3410_94_CryptoPro_C_ParamSet		834
+#define OBJ_id_GostR3410_94_CryptoPro_C_ParamSet		OBJ_cryptopro,32L,4L
+
+#define SN_id_GostR3410_94_CryptoPro_D_ParamSet		"id-GostR3410-94-CryptoPro-D-ParamSet"
+#define NID_id_GostR3410_94_CryptoPro_D_ParamSet		835
+#define OBJ_id_GostR3410_94_CryptoPro_D_ParamSet		OBJ_cryptopro,32L,5L
+
+#define SN_id_GostR3410_94_CryptoPro_XchA_ParamSet		"id-GostR3410-94-CryptoPro-XchA-ParamSet"
+#define NID_id_GostR3410_94_CryptoPro_XchA_ParamSet		836
+#define OBJ_id_GostR3410_94_CryptoPro_XchA_ParamSet		OBJ_cryptopro,33L,1L
+
+#define SN_id_GostR3410_94_CryptoPro_XchB_ParamSet		"id-GostR3410-94-CryptoPro-XchB-ParamSet"
+#define NID_id_GostR3410_94_CryptoPro_XchB_ParamSet		837
+#define OBJ_id_GostR3410_94_CryptoPro_XchB_ParamSet		OBJ_cryptopro,33L,2L
+
+#define SN_id_GostR3410_94_CryptoPro_XchC_ParamSet		"id-GostR3410-94-CryptoPro-XchC-ParamSet"
+#define NID_id_GostR3410_94_CryptoPro_XchC_ParamSet		838
+#define OBJ_id_GostR3410_94_CryptoPro_XchC_ParamSet		OBJ_cryptopro,33L,3L
+
+#define SN_id_GostR3410_2001_TestParamSet		"id-GostR3410-2001-TestParamSet"
+#define NID_id_GostR3410_2001_TestParamSet		839
+#define OBJ_id_GostR3410_2001_TestParamSet		OBJ_cryptopro,35L,0L
+
+#define SN_id_GostR3410_2001_CryptoPro_A_ParamSet		"id-GostR3410-2001-CryptoPro-A-ParamSet"
+#define NID_id_GostR3410_2001_CryptoPro_A_ParamSet		840
+#define OBJ_id_GostR3410_2001_CryptoPro_A_ParamSet		OBJ_cryptopro,35L,1L
+
+#define SN_id_GostR3410_2001_CryptoPro_B_ParamSet		"id-GostR3410-2001-CryptoPro-B-ParamSet"
+#define NID_id_GostR3410_2001_CryptoPro_B_ParamSet		841
+#define OBJ_id_GostR3410_2001_CryptoPro_B_ParamSet		OBJ_cryptopro,35L,2L
+
+#define SN_id_GostR3410_2001_CryptoPro_C_ParamSet		"id-GostR3410-2001-CryptoPro-C-ParamSet"
+#define NID_id_GostR3410_2001_CryptoPro_C_ParamSet		842
+#define OBJ_id_GostR3410_2001_CryptoPro_C_ParamSet		OBJ_cryptopro,35L,3L
+
+#define SN_id_GostR3410_2001_CryptoPro_XchA_ParamSet		"id-GostR3410-2001-CryptoPro-XchA-ParamSet"
+#define NID_id_GostR3410_2001_CryptoPro_XchA_ParamSet		843
+#define OBJ_id_GostR3410_2001_CryptoPro_XchA_ParamSet		OBJ_cryptopro,36L,0L
+
+#define SN_id_GostR3410_2001_CryptoPro_XchB_ParamSet		"id-GostR3410-2001-CryptoPro-XchB-ParamSet"
+#define NID_id_GostR3410_2001_CryptoPro_XchB_ParamSet		844
+#define OBJ_id_GostR3410_2001_CryptoPro_XchB_ParamSet		OBJ_cryptopro,36L,1L
+
+#define SN_id_GostR3410_94_a		"id-GostR3410-94-a"
+#define NID_id_GostR3410_94_a		845
+#define OBJ_id_GostR3410_94_a		OBJ_id_GostR3410_94,1L
+
+#define SN_id_GostR3410_94_aBis		"id-GostR3410-94-aBis"
+#define NID_id_GostR3410_94_aBis		846
+#define OBJ_id_GostR3410_94_aBis		OBJ_id_GostR3410_94,2L
+
+#define SN_id_GostR3410_94_b		"id-GostR3410-94-b"
+#define NID_id_GostR3410_94_b		847
+#define OBJ_id_GostR3410_94_b		OBJ_id_GostR3410_94,3L
+
+#define SN_id_GostR3410_94_bBis		"id-GostR3410-94-bBis"
+#define NID_id_GostR3410_94_bBis		848
+#define OBJ_id_GostR3410_94_bBis		OBJ_id_GostR3410_94,4L
+
+#define SN_id_Gost28147_89_cc		"id-Gost28147-89-cc"
+#define LN_id_Gost28147_89_cc		"GOST 28147-89 Cryptocom ParamSet"
+#define NID_id_Gost28147_89_cc		849
+#define OBJ_id_Gost28147_89_cc		OBJ_cryptocom,1L,6L,1L
+
+#define SN_id_GostR3410_94_cc		"gost94cc"
+#define LN_id_GostR3410_94_cc		"GOST 34.10-94 Cryptocom"
+#define NID_id_GostR3410_94_cc		850
+#define OBJ_id_GostR3410_94_cc		OBJ_cryptocom,1L,5L,3L
+
+#define SN_id_GostR3410_2001_cc		"gost2001cc"
+#define LN_id_GostR3410_2001_cc		"GOST 34.10-2001 Cryptocom"
+#define NID_id_GostR3410_2001_cc		851
+#define OBJ_id_GostR3410_2001_cc		OBJ_cryptocom,1L,5L,4L
+
+#define SN_id_GostR3411_94_with_GostR3410_94_cc		"id-GostR3411-94-with-GostR3410-94-cc"
+#define LN_id_GostR3411_94_with_GostR3410_94_cc		"GOST R 34.11-94 with GOST R 34.10-94 Cryptocom"
+#define NID_id_GostR3411_94_with_GostR3410_94_cc		852
+#define OBJ_id_GostR3411_94_with_GostR3410_94_cc		OBJ_cryptocom,1L,3L,3L
+
+#define SN_id_GostR3411_94_with_GostR3410_2001_cc		"id-GostR3411-94-with-GostR3410-2001-cc"
+#define LN_id_GostR3411_94_with_GostR3410_2001_cc		"GOST R 34.11-94 with GOST R 34.10-2001 Cryptocom"
+#define NID_id_GostR3411_94_with_GostR3410_2001_cc		853
+#define OBJ_id_GostR3411_94_with_GostR3410_2001_cc		OBJ_cryptocom,1L,3L,4L
+
+#define SN_id_GostR3410_2001_ParamSet_cc		"id-GostR3410-2001-ParamSet-cc"
+#define LN_id_GostR3410_2001_ParamSet_cc		"GOST R 3410-2001 Parameter Set Cryptocom"
+#define NID_id_GostR3410_2001_ParamSet_cc		854
+#define OBJ_id_GostR3410_2001_ParamSet_cc		OBJ_cryptocom,1L,8L,1L
+
+#define SN_camellia_128_cbc		"CAMELLIA-128-CBC"
+#define LN_camellia_128_cbc		"camellia-128-cbc"
+#define NID_camellia_128_cbc		751
+#define OBJ_camellia_128_cbc		1L,2L,392L,200011L,61L,1L,1L,1L,2L
+
+#define SN_camellia_192_cbc		"CAMELLIA-192-CBC"
+#define LN_camellia_192_cbc		"camellia-192-cbc"
+#define NID_camellia_192_cbc		752
+#define OBJ_camellia_192_cbc		1L,2L,392L,200011L,61L,1L,1L,1L,3L
+
+#define SN_camellia_256_cbc		"CAMELLIA-256-CBC"
+#define LN_camellia_256_cbc		"camellia-256-cbc"
+#define NID_camellia_256_cbc		753
+#define OBJ_camellia_256_cbc		1L,2L,392L,200011L,61L,1L,1L,1L,4L
+
+#define OBJ_ntt_ds		0L,3L,4401L,5L
+
+#define OBJ_camellia		OBJ_ntt_ds,3L,1L,9L
+
+#define SN_camellia_128_ecb		"CAMELLIA-128-ECB"
+#define LN_camellia_128_ecb		"camellia-128-ecb"
+#define NID_camellia_128_ecb		754
+#define OBJ_camellia_128_ecb		OBJ_camellia,1L
+
+#define SN_camellia_128_ofb128		"CAMELLIA-128-OFB"
+#define LN_camellia_128_ofb128		"camellia-128-ofb"
+#define NID_camellia_128_ofb128		766
+#define OBJ_camellia_128_ofb128		OBJ_camellia,3L
+
+#define SN_camellia_128_cfb128		"CAMELLIA-128-CFB"
+#define LN_camellia_128_cfb128		"camellia-128-cfb"
+#define NID_camellia_128_cfb128		757
+#define OBJ_camellia_128_cfb128		OBJ_camellia,4L
+
+#define SN_camellia_192_ecb		"CAMELLIA-192-ECB"
+#define LN_camellia_192_ecb		"camellia-192-ecb"
+#define NID_camellia_192_ecb		755
+#define OBJ_camellia_192_ecb		OBJ_camellia,21L
+
+#define SN_camellia_192_ofb128		"CAMELLIA-192-OFB"
+#define LN_camellia_192_ofb128		"camellia-192-ofb"
+#define NID_camellia_192_ofb128		767
+#define OBJ_camellia_192_ofb128		OBJ_camellia,23L
+
+#define SN_camellia_192_cfb128		"CAMELLIA-192-CFB"
+#define LN_camellia_192_cfb128		"camellia-192-cfb"
+#define NID_camellia_192_cfb128		758
+#define OBJ_camellia_192_cfb128		OBJ_camellia,24L
+
+#define SN_camellia_256_ecb		"CAMELLIA-256-ECB"
+#define LN_camellia_256_ecb		"camellia-256-ecb"
+#define NID_camellia_256_ecb		756
+#define OBJ_camellia_256_ecb		OBJ_camellia,41L
+
+#define SN_camellia_256_ofb128		"CAMELLIA-256-OFB"
+#define LN_camellia_256_ofb128		"camellia-256-ofb"
+#define NID_camellia_256_ofb128		768
+#define OBJ_camellia_256_ofb128		OBJ_camellia,43L
+
+#define SN_camellia_256_cfb128		"CAMELLIA-256-CFB"
+#define LN_camellia_256_cfb128		"camellia-256-cfb"
+#define NID_camellia_256_cfb128		759
+#define OBJ_camellia_256_cfb128		OBJ_camellia,44L
+
+#define SN_camellia_128_cfb1		"CAMELLIA-128-CFB1"
+#define LN_camellia_128_cfb1		"camellia-128-cfb1"
+#define NID_camellia_128_cfb1		760
+
+#define SN_camellia_192_cfb1		"CAMELLIA-192-CFB1"
+#define LN_camellia_192_cfb1		"camellia-192-cfb1"
+#define NID_camellia_192_cfb1		761
+
+#define SN_camellia_256_cfb1		"CAMELLIA-256-CFB1"
+#define LN_camellia_256_cfb1		"camellia-256-cfb1"
+#define NID_camellia_256_cfb1		762
+
+#define SN_camellia_128_cfb8		"CAMELLIA-128-CFB8"
+#define LN_camellia_128_cfb8		"camellia-128-cfb8"
+#define NID_camellia_128_cfb8		763
+
+#define SN_camellia_192_cfb8		"CAMELLIA-192-CFB8"
+#define LN_camellia_192_cfb8		"camellia-192-cfb8"
+#define NID_camellia_192_cfb8		764
+
+#define SN_camellia_256_cfb8		"CAMELLIA-256-CFB8"
+#define LN_camellia_256_cfb8		"camellia-256-cfb8"
+#define NID_camellia_256_cfb8		765
+
+#define SN_kisa		"KISA"
+#define LN_kisa		"kisa"
+#define NID_kisa		773
+#define OBJ_kisa		OBJ_member_body,410L,200004L
+
+#define SN_seed_ecb		"SEED-ECB"
+#define LN_seed_ecb		"seed-ecb"
+#define NID_seed_ecb		776
+#define OBJ_seed_ecb		OBJ_kisa,1L,3L
+
+#define SN_seed_cbc		"SEED-CBC"
+#define LN_seed_cbc		"seed-cbc"
+#define NID_seed_cbc		777
+#define OBJ_seed_cbc		OBJ_kisa,1L,4L
+
+#define SN_seed_cfb128		"SEED-CFB"
+#define LN_seed_cfb128		"seed-cfb"
+#define NID_seed_cfb128		779
+#define OBJ_seed_cfb128		OBJ_kisa,1L,5L
+
+#define SN_seed_ofb128		"SEED-OFB"
+#define LN_seed_ofb128		"seed-ofb"
+#define NID_seed_ofb128		778
+#define OBJ_seed_ofb128		OBJ_kisa,1L,6L
+
+#define SN_hmac		"HMAC"
+#define LN_hmac		"hmac"
+#define NID_hmac		855
 
diff --git a/crypto/objects/obj_mac.num b/crypto/objects/obj_mac.num
index 180d20f1bc..65ca66fff2 100644
--- a/crypto/objects/obj_mac.num
+++ b/crypto/objects/obj_mac.num
@@ -287,9 +287,9 @@ qcStatements		286
 ac_auditEntity		287
 ac_targeting		288
 aaControls		289
-sbqp_ipAddrBlock		290
-sbqp_autonomousSysNum		291
-sbqp_routerIdentifier		292
+sbgp_ipAddrBlock		290
+sbgp_autonomousSysNum		291
+sbgp_routerIdentifier		292
 textNotice		293
 ipsecEndSystem		294
 ipsecTunnel		295
@@ -659,92 +659,235 @@ des_ede3_cfb1		658
 des_ede3_cfb8		659
 streetAddress		660
 postalCode		661
-identified_organization		662
-certicom_arc		663
-wap		664
-wap_wsg		665
-X9_62_id_characteristic_two_basis		666
-X9_62_onBasis		667
-X9_62_tpBasis		668
-X9_62_ppBasis		669
-X9_62_c2pnb163v1		670
-X9_62_c2pnb163v2		671
-X9_62_c2pnb163v3		672
-X9_62_c2pnb176v1		673
-X9_62_c2tnb191v1		674
-X9_62_c2tnb191v2		675
-X9_62_c2tnb191v3		676
-X9_62_c2onb191v4		677
-X9_62_c2onb191v5		678
-X9_62_c2pnb208w1		679
-X9_62_c2tnb239v1		680
-X9_62_c2tnb239v2		681
-X9_62_c2tnb239v3		682
-X9_62_c2onb239v4		683
-X9_62_c2onb239v5		684
-X9_62_c2pnb272w1		685
-X9_62_c2pnb304w1		686
-X9_62_c2tnb359v1		687
-X9_62_c2pnb368w1		688
-X9_62_c2tnb431r1		689
-secp112r1		690
-secp112r2		691
-secp128r1		692
-secp128r2		693
-secp160k1		694
-secp160r1		695
-secp160r2		696
-secp192k1		697
-secp224k1		698
-secp224r1		699
-secp256k1		700
-secp384r1		701
-secp521r1		702
-sect113r1		703
-sect113r2		704
-sect131r1		705
-sect131r2		706
-sect163k1		707
-sect163r1		708
-sect163r2		709
-sect193r1		710
-sect193r2		711
-sect233k1		712
-sect233r1		713
-sect239k1		714
-sect283k1		715
-sect283r1		716
-sect409k1		717
-sect409r1		718
-sect571k1		719
-sect571r1		720
-wap_wsg_idm_ecid_wtls1		721
-wap_wsg_idm_ecid_wtls3		722
-wap_wsg_idm_ecid_wtls4		723
-wap_wsg_idm_ecid_wtls5		724
-wap_wsg_idm_ecid_wtls6		725
-wap_wsg_idm_ecid_wtls7		726
-wap_wsg_idm_ecid_wtls8		727
-wap_wsg_idm_ecid_wtls9		728
-wap_wsg_idm_ecid_wtls10		729
-wap_wsg_idm_ecid_wtls11		730
-wap_wsg_idm_ecid_wtls12		731
-sha256WithRSAEncryption		732
-sha384WithRSAEncryption		733
-sha512WithRSAEncryption		734
-sha224WithRSAEncryption		735
-name_constraints		736
-any_policy		737
-policy_mappings		738
-inhibit_any_policy		739
-sha256		740
-sha384		741
-sha512		742
-sha224		743
-ipsec3		744
-ipsec4		745
-id_ppl		746
-proxyCertInfo		747
-id_ppl_anyLanguage		748
-id_ppl_inheritAll		749
-Independent		750
+id_ppl		662
+proxyCertInfo		663
+id_ppl_anyLanguage		664
+id_ppl_inheritAll		665
+name_constraints		666
+Independent		667
+sha256WithRSAEncryption		668
+sha384WithRSAEncryption		669
+sha512WithRSAEncryption		670
+sha224WithRSAEncryption		671
+sha256		672
+sha384		673
+sha512		674
+sha224		675
+identified_organization		676
+certicom_arc		677
+wap		678
+wap_wsg		679
+X9_62_id_characteristic_two_basis		680
+X9_62_onBasis		681
+X9_62_tpBasis		682
+X9_62_ppBasis		683
+X9_62_c2pnb163v1		684
+X9_62_c2pnb163v2		685
+X9_62_c2pnb163v3		686
+X9_62_c2pnb176v1		687
+X9_62_c2tnb191v1		688
+X9_62_c2tnb191v2		689
+X9_62_c2tnb191v3		690
+X9_62_c2onb191v4		691
+X9_62_c2onb191v5		692
+X9_62_c2pnb208w1		693
+X9_62_c2tnb239v1		694
+X9_62_c2tnb239v2		695
+X9_62_c2tnb239v3		696
+X9_62_c2onb239v4		697
+X9_62_c2onb239v5		698
+X9_62_c2pnb272w1		699
+X9_62_c2pnb304w1		700
+X9_62_c2tnb359v1		701
+X9_62_c2pnb368w1		702
+X9_62_c2tnb431r1		703
+secp112r1		704
+secp112r2		705
+secp128r1		706
+secp128r2		707
+secp160k1		708
+secp160r1		709
+secp160r2		710
+secp192k1		711
+secp224k1		712
+secp224r1		713
+secp256k1		714
+secp384r1		715
+secp521r1		716
+sect113r1		717
+sect113r2		718
+sect131r1		719
+sect131r2		720
+sect163k1		721
+sect163r1		722
+sect163r2		723
+sect193r1		724
+sect193r2		725
+sect233k1		726
+sect233r1		727
+sect239k1		728
+sect283k1		729
+sect283r1		730
+sect409k1		731
+sect409r1		732
+sect571k1		733
+sect571r1		734
+wap_wsg_idm_ecid_wtls1		735
+wap_wsg_idm_ecid_wtls3		736
+wap_wsg_idm_ecid_wtls4		737
+wap_wsg_idm_ecid_wtls5		738
+wap_wsg_idm_ecid_wtls6		739
+wap_wsg_idm_ecid_wtls7		740
+wap_wsg_idm_ecid_wtls8		741
+wap_wsg_idm_ecid_wtls9		742
+wap_wsg_idm_ecid_wtls10		743
+wap_wsg_idm_ecid_wtls11		744
+wap_wsg_idm_ecid_wtls12		745
+any_policy		746
+policy_mappings		747
+inhibit_any_policy		748
+ipsec3		749
+ipsec4		750
+camellia_128_cbc		751
+camellia_192_cbc		752
+camellia_256_cbc		753
+camellia_128_ecb		754
+camellia_192_ecb		755
+camellia_256_ecb		756
+camellia_128_cfb128		757
+camellia_192_cfb128		758
+camellia_256_cfb128		759
+camellia_128_cfb1		760
+camellia_192_cfb1		761
+camellia_256_cfb1		762
+camellia_128_cfb8		763
+camellia_192_cfb8		764
+camellia_256_cfb8		765
+camellia_128_ofb128		766
+camellia_192_ofb128		767
+camellia_256_ofb128		768
+subject_directory_attributes		769
+issuing_distribution_point		770
+certificate_issuer		771
+korea		772
+kisa		773
+kftc		774
+npki_alg		775
+seed_ecb		776
+seed_cbc		777
+seed_ofb128		778
+seed_cfb128		779
+hmac_md5		780
+hmac_sha1		781
+id_PasswordBasedMAC		782
+id_DHBasedMac		783
+id_it_suppLangTags		784
+caRepository		785
+id_smime_ct_compressedData		786
+id_ct_asciiTextWithCRLF		787
+id_aes128_wrap		788
+id_aes192_wrap		789
+id_aes256_wrap		790
+ecdsa_with_Recommended		791
+ecdsa_with_Specified		792
+ecdsa_with_SHA224		793
+ecdsa_with_SHA256		794
+ecdsa_with_SHA384		795
+ecdsa_with_SHA512		796
+hmacWithMD5		797
+hmacWithSHA224		798
+hmacWithSHA256		799
+hmacWithSHA384		800
+hmacWithSHA512		801
+dsa_with_SHA224		802
+dsa_with_SHA256		803
+whirlpool		804
+cryptopro		805
+cryptocom		806
+id_GostR3411_94_with_GostR3410_2001		807
+id_GostR3411_94_with_GostR3410_94		808
+id_GostR3411_94		809
+id_HMACGostR3411_94		810
+id_GostR3410_2001		811
+id_GostR3410_94		812
+id_Gost28147_89		813
+gost89_cnt		814
+id_Gost28147_89_MAC		815
+id_GostR3411_94_prf		816
+id_GostR3410_2001DH		817
+id_GostR3410_94DH		818
+id_Gost28147_89_CryptoPro_KeyMeshing		819
+id_Gost28147_89_None_KeyMeshing		820
+id_GostR3411_94_TestParamSet		821
+id_GostR3411_94_CryptoProParamSet		822
+id_Gost28147_89_TestParamSet		823
+id_Gost28147_89_CryptoPro_A_ParamSet		824
+id_Gost28147_89_CryptoPro_B_ParamSet		825
+id_Gost28147_89_CryptoPro_C_ParamSet		826
+id_Gost28147_89_CryptoPro_D_ParamSet		827
+id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet		828
+id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet		829
+id_Gost28147_89_CryptoPro_RIC_1_ParamSet		830
+id_GostR3410_94_TestParamSet		831
+id_GostR3410_94_CryptoPro_A_ParamSet		832
+id_GostR3410_94_CryptoPro_B_ParamSet		833
+id_GostR3410_94_CryptoPro_C_ParamSet		834
+id_GostR3410_94_CryptoPro_D_ParamSet		835
+id_GostR3410_94_CryptoPro_XchA_ParamSet		836
+id_GostR3410_94_CryptoPro_XchB_ParamSet		837
+id_GostR3410_94_CryptoPro_XchC_ParamSet		838
+id_GostR3410_2001_TestParamSet		839
+id_GostR3410_2001_CryptoPro_A_ParamSet		840
+id_GostR3410_2001_CryptoPro_B_ParamSet		841
+id_GostR3410_2001_CryptoPro_C_ParamSet		842
+id_GostR3410_2001_CryptoPro_XchA_ParamSet		843
+id_GostR3410_2001_CryptoPro_XchB_ParamSet		844
+id_GostR3410_94_a		845
+id_GostR3410_94_aBis		846
+id_GostR3410_94_b		847
+id_GostR3410_94_bBis		848
+id_Gost28147_89_cc		849
+id_GostR3410_94_cc		850
+id_GostR3410_2001_cc		851
+id_GostR3411_94_with_GostR3410_94_cc		852
+id_GostR3411_94_with_GostR3410_2001_cc		853
+id_GostR3410_2001_ParamSet_cc		854
+hmac		855
+LocalKeySet		856
+freshest_crl		857
+id_on_permanentIdentifier		858
+searchGuide		859
+businessCategory		860
+postalAddress		861
+postOfficeBox		862
+physicalDeliveryOfficeName		863
+telephoneNumber		864
+telexNumber		865
+teletexTerminalIdentifier		866
+facsimileTelephoneNumber		867
+x121Address		868
+internationaliSDNNumber		869
+registeredAddress		870
+destinationIndicator		871
+preferredDeliveryMethod		872
+presentationAddress		873
+supportedApplicationContext		874
+member		875
+owner		876
+roleOccupant		877
+seeAlso		878
+userPassword		879
+userCertificate		880
+cACertificate		881
+authorityRevocationList		882
+certificateRevocationList		883
+crossCertificatePair		884
+enhancedSearchGuide		885
+protocolInformation		886
+distinguishedName		887
+uniqueMember		888
+houseIdentifier		889
+supportedAlgorithms		890
+deltaRevocationList		891
+dmdName		892
+id_alg_PWRI_KEK		893
diff --git a/crypto/objects/obj_xref.c b/crypto/objects/obj_xref.c
new file mode 100644
index 0000000000..152eca5c67
--- /dev/null
+++ b/crypto/objects/obj_xref.c
@@ -0,0 +1,231 @@
+/* crypto/objects/obj_xref.c */
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project 2006.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <openssl/objects.h>
+#include "obj_xref.h"
+
+DECLARE_STACK_OF(nid_triple)
+STACK_OF(nid_triple) *sig_app, *sigx_app;
+
+static int sig_cmp(const nid_triple *a, const nid_triple *b)
+	{
+	return a->sign_id - b->sign_id;
+	}
+
+DECLARE_OBJ_BSEARCH_CMP_FN(nid_triple, nid_triple, sig);
+IMPLEMENT_OBJ_BSEARCH_CMP_FN(nid_triple, nid_triple, sig);
+
+static int sig_sk_cmp(const nid_triple * const *a, const nid_triple * const *b)
+	{
+	return (*a)->sign_id - (*b)->sign_id;
+	}
+
+DECLARE_OBJ_BSEARCH_CMP_FN(const nid_triple *, const nid_triple *, sigx);
+
+static int sigx_cmp(const nid_triple * const *a, const nid_triple * const *b)
+	{
+	int ret;
+	ret = (*a)->hash_id - (*b)->hash_id;
+	if (ret)
+		return ret;
+	return (*a)->pkey_id - (*b)->pkey_id;
+	}
+
+IMPLEMENT_OBJ_BSEARCH_CMP_FN(const nid_triple *, const nid_triple *, sigx);
+
+int OBJ_find_sigid_algs(int signid, int *pdig_nid, int *ppkey_nid)
+	{
+	nid_triple tmp;
+	const nid_triple *rv = NULL;
+	tmp.sign_id = signid;
+
+	if (sig_app)
+		{
+		int idx = sk_nid_triple_find(sig_app, &tmp);
+		if (idx >= 0)
+			rv = sk_nid_triple_value(sig_app, idx);
+		}
+
+#ifndef OBJ_XREF_TEST2
+	if (rv == NULL)
+		{
+		rv = OBJ_bsearch_sig(&tmp, sigoid_srt,
+				 sizeof(sigoid_srt) / sizeof(nid_triple));
+		}
+#endif
+	if (rv == NULL)
+		return 0;
+	*pdig_nid = rv->hash_id;
+	*ppkey_nid = rv->pkey_id;
+	return 1;
+	}
+
+int OBJ_find_sigid_by_algs(int *psignid, int dig_nid, int pkey_nid)
+	{
+	nid_triple tmp;
+	const nid_triple *t=&tmp;
+	const nid_triple **rv = NULL;
+
+	tmp.hash_id = dig_nid;
+	tmp.pkey_id = pkey_nid;
+
+	if (sigx_app)
+		{
+		int idx = sk_nid_triple_find(sigx_app, &tmp);
+		if (idx >= 0)
+			{
+			t = sk_nid_triple_value(sigx_app, idx);
+			rv = &t;
+			}
+		}
+
+#ifndef OBJ_XREF_TEST2
+	if (rv == NULL)
+		{
+		rv = OBJ_bsearch_sigx(&t, sigoid_srt_xref,
+				 sizeof(sigoid_srt_xref) / sizeof(nid_triple *)
+				 );
+		}
+#endif
+	if (rv == NULL)
+		return 0;
+	*psignid = (*rv)->sign_id;
+	return 1;
+	}
+
+int OBJ_add_sigid(int signid, int dig_id, int pkey_id)
+	{
+	nid_triple *ntr;
+	if (!sig_app)
+		sig_app = sk_nid_triple_new(sig_sk_cmp);
+	if (!sig_app)
+		return 0;
+	if (!sigx_app)
+		sigx_app = sk_nid_triple_new(sigx_cmp);
+	if (!sigx_app)
+		return 0;
+	ntr = OPENSSL_malloc(sizeof(int) * 3);
+	if (!ntr)
+		return 0;
+	ntr->sign_id = signid;
+	ntr->hash_id = dig_id;
+	ntr->pkey_id = pkey_id;
+
+	if (!sk_nid_triple_push(sig_app, ntr))
+		{
+		OPENSSL_free(ntr);
+		return 0;
+		}
+
+	if (!sk_nid_triple_push(sigx_app, ntr))
+		return 0;
+
+	sk_nid_triple_sort(sig_app);
+	sk_nid_triple_sort(sigx_app);
+
+	return 1;
+	}
+
+static void sid_free(nid_triple *tt)
+	{
+	OPENSSL_free(tt);
+	}
+
+void OBJ_sigid_free(void)
+	{
+	if (sig_app)
+		{
+		sk_nid_triple_pop_free(sig_app, sid_free);
+		sig_app = NULL;
+		}
+	if (sigx_app)
+		{
+		sk_nid_triple_free(sigx_app);
+		sigx_app = NULL;
+		}
+	}
+		
+#ifdef OBJ_XREF_TEST
+
+main()
+	{
+	int n1, n2, n3;
+
+	int i, rv;
+#ifdef OBJ_XREF_TEST2
+	for (i = 0; i <	sizeof(sigoid_srt) / sizeof(nid_triple); i++)
+		{
+		OBJ_add_sigid(sigoid_srt[i][0], sigoid_srt[i][1],
+				sigoid_srt[i][2]);
+		}
+#endif
+
+	for (i = 0; i <	sizeof(sigoid_srt) / sizeof(nid_triple); i++)
+		{
+		n1 = sigoid_srt[i][0];
+		rv = OBJ_find_sigid_algs(n1, &n2, &n3);
+		printf("Forward: %d, %s %s %s\n", rv,
+			OBJ_nid2ln(n1), OBJ_nid2ln(n2), OBJ_nid2ln(n3));
+		n1=0;
+		rv = OBJ_find_sigid_by_algs(&n1, n2, n3);
+		printf("Reverse: %d, %s %s %s\n", rv,
+			OBJ_nid2ln(n1), OBJ_nid2ln(n2), OBJ_nid2ln(n3));
+		}
+	}
+	
+#endif
diff --git a/crypto/objects/obj_xref.h b/crypto/objects/obj_xref.h
new file mode 100644
index 0000000000..d5b9b8e198
--- /dev/null
+++ b/crypto/objects/obj_xref.h
@@ -0,0 +1,75 @@
+/* AUTOGENERATED BY objxref.pl, DO NOT EDIT */
+
+typedef struct
+	{
+	int sign_id;
+	int hash_id;
+	int pkey_id;
+	} nid_triple;
+
+static const nid_triple sigoid_srt[] =
+	{
+	{NID_md2WithRSAEncryption, NID_md2, NID_rsaEncryption},
+	{NID_md5WithRSAEncryption, NID_md5, NID_rsaEncryption},
+	{NID_shaWithRSAEncryption, NID_sha, NID_rsaEncryption},
+	{NID_sha1WithRSAEncryption, NID_sha1, NID_rsaEncryption},
+	{NID_dsaWithSHA, NID_sha, NID_dsa},
+	{NID_dsaWithSHA1_2, NID_sha1, NID_dsa_2},
+	{NID_mdc2WithRSA, NID_mdc2, NID_rsaEncryption},
+	{NID_md5WithRSA, NID_md5, NID_rsa},
+	{NID_dsaWithSHA1, NID_sha1, NID_dsa},
+	{NID_sha1WithRSA, NID_sha1, NID_rsa},
+	{NID_ripemd160WithRSA, NID_ripemd160, NID_rsaEncryption},
+	{NID_md4WithRSAEncryption, NID_md4, NID_rsaEncryption},
+	{NID_ecdsa_with_SHA1, NID_sha1, NID_X9_62_id_ecPublicKey},
+	{NID_sha256WithRSAEncryption, NID_sha256, NID_rsaEncryption},
+	{NID_sha384WithRSAEncryption, NID_sha384, NID_rsaEncryption},
+	{NID_sha512WithRSAEncryption, NID_sha512, NID_rsaEncryption},
+	{NID_sha224WithRSAEncryption, NID_sha224, NID_rsaEncryption},
+	{NID_ecdsa_with_Recommended, NID_undef, NID_X9_62_id_ecPublicKey},
+	{NID_ecdsa_with_Specified, NID_undef, NID_X9_62_id_ecPublicKey},
+	{NID_ecdsa_with_SHA224, NID_sha224, NID_X9_62_id_ecPublicKey},
+	{NID_ecdsa_with_SHA256, NID_sha256, NID_X9_62_id_ecPublicKey},
+	{NID_ecdsa_with_SHA384, NID_sha384, NID_X9_62_id_ecPublicKey},
+	{NID_ecdsa_with_SHA512, NID_sha512, NID_X9_62_id_ecPublicKey},
+	{NID_dsa_with_SHA224, NID_sha224, NID_dsa},
+	{NID_dsa_with_SHA256, NID_sha256, NID_dsa},
+	{NID_id_GostR3411_94_with_GostR3410_2001, NID_id_GostR3411_94, NID_id_GostR3410_2001},
+	{NID_id_GostR3411_94_with_GostR3410_94, NID_id_GostR3411_94, NID_id_GostR3410_94},
+	{NID_id_GostR3411_94_with_GostR3410_94_cc, NID_id_GostR3411_94, NID_id_GostR3410_94_cc},
+	{NID_id_GostR3411_94_with_GostR3410_2001_cc, NID_id_GostR3411_94, NID_id_GostR3410_2001_cc},
+	};
+
+static const nid_triple * const sigoid_srt_xref[] =
+	{
+	&sigoid_srt[17],
+	&sigoid_srt[18],
+	&sigoid_srt[0],
+	&sigoid_srt[1],
+	&sigoid_srt[7],
+	&sigoid_srt[2],
+	&sigoid_srt[4],
+	&sigoid_srt[3],
+	&sigoid_srt[9],
+	&sigoid_srt[5],
+	&sigoid_srt[8],
+	&sigoid_srt[12],
+	&sigoid_srt[6],
+	&sigoid_srt[10],
+	&sigoid_srt[11],
+	&sigoid_srt[13],
+	&sigoid_srt[24],
+	&sigoid_srt[20],
+	&sigoid_srt[14],
+	&sigoid_srt[21],
+	&sigoid_srt[15],
+	&sigoid_srt[22],
+	&sigoid_srt[16],
+	&sigoid_srt[23],
+	&sigoid_srt[19],
+	&sigoid_srt[25],
+	&sigoid_srt[26],
+	&sigoid_srt[27],
+	&sigoid_srt[28],
+	};
+
diff --git a/crypto/objects/obj_xref.txt b/crypto/objects/obj_xref.txt
new file mode 100644
index 0000000000..e45b3d34b9
--- /dev/null
+++ b/crypto/objects/obj_xref.txt
@@ -0,0 +1,42 @@
+# OID cross reference table.
+# Links signatures OIDs to their corresponding public key algorithms
+# and digests.
+
+md2WithRSAEncryption	md2	rsaEncryption
+md5WithRSAEncryption	md5	rsaEncryption
+shaWithRSAEncryption	sha	rsaEncryption
+sha1WithRSAEncryption	sha1	rsaEncryption
+md4WithRSAEncryption	md4	rsaEncryption
+sha256WithRSAEncryption sha256	rsaEncryption
+sha384WithRSAEncryption	sha384	rsaEncryption
+sha512WithRSAEncryption	sha512	rsaEncryption
+sha224WithRSAEncryption	sha224	rsaEncryption
+mdc2WithRSA		mdc2	rsaEncryption
+ripemd160WithRSA	ripemd160 rsaEncryption
+
+# Alternative deprecated OIDs. By using the older "rsa" OID this
+# type will be recognized by not normally used.
+
+md5WithRSA		md5	rsa
+sha1WithRSA		sha1	rsa
+
+dsaWithSHA		sha	dsa
+dsaWithSHA1		sha1	dsa
+
+dsaWithSHA1_2		sha1	dsa_2
+
+ecdsa_with_SHA1		sha1	X9_62_id_ecPublicKey
+ecdsa_with_SHA224	sha224	X9_62_id_ecPublicKey
+ecdsa_with_SHA256	sha256	X9_62_id_ecPublicKey
+ecdsa_with_SHA384	sha384	X9_62_id_ecPublicKey
+ecdsa_with_SHA512	sha512	X9_62_id_ecPublicKey
+ecdsa_with_Recommended	undef	X9_62_id_ecPublicKey
+ecdsa_with_Specified	undef	X9_62_id_ecPublicKey
+
+dsa_with_SHA224		sha224	dsa
+dsa_with_SHA256		sha256	dsa
+
+id_GostR3411_94_with_GostR3410_2001	id_GostR3411_94 id_GostR3410_2001
+id_GostR3411_94_with_GostR3410_94	id_GostR3411_94 id_GostR3410_94
+id_GostR3411_94_with_GostR3410_94_cc	id_GostR3411_94 id_GostR3410_94_cc
+id_GostR3411_94_with_GostR3410_2001_cc	id_GostR3411_94 id_GostR3410_2001_cc
diff --git a/crypto/objects/objects.h b/crypto/objects/objects.h
index 7242f76fb0..bd0ee52feb 100644
--- a/crypto/objects/objects.h
+++ b/crypto/objects/objects.h
@@ -1011,10 +1011,91 @@ int		OBJ_txt2nid(const char *s);
 int		OBJ_ln2nid(const char *s);
 int		OBJ_sn2nid(const char *s);
 int		OBJ_cmp(const ASN1_OBJECT *a,const ASN1_OBJECT *b);
-const char *	OBJ_bsearch(const char *key,const char *base,int num,int size,
-	int (*cmp)(const void *, const void *));
-const char *	OBJ_bsearch_ex(const char *key,const char *base,int num,
-	int size, int (*cmp)(const void *, const void *), int flags);
+const void *	OBJ_bsearch_(const void *key,const void *base,int num,int size,
+			     int (*cmp)(const void *, const void *));
+const void *	OBJ_bsearch_ex_(const void *key,const void *base,int num,
+				int size,
+				int (*cmp)(const void *, const void *),
+				int flags);
+
+#define _DECLARE_OBJ_BSEARCH_CMP_FN(scope, type1, type2, nm)	\
+  static int nm##_cmp_BSEARCH_CMP_FN(const void *, const void *); \
+  static int nm##_cmp(type1 const *, type2 const *); \
+  scope type2 * OBJ_bsearch_##nm(type1 *key, type2 const *base, int num)
+
+#define DECLARE_OBJ_BSEARCH_CMP_FN(type1, type2, cmp)	\
+  _DECLARE_OBJ_BSEARCH_CMP_FN(static, type1, type2, cmp)
+#define DECLARE_OBJ_BSEARCH_GLOBAL_CMP_FN(type1, type2, nm)	\
+  type2 * OBJ_bsearch_##nm(type1 *key, type2 const *base, int num)
+
+/*
+ * Unsolved problem: if a type is actually a pointer type, like
+ * nid_triple is, then its impossible to get a const where you need
+ * it. Consider:
+ *
+ * typedef int nid_triple[3];
+ * const void *a_;
+ * const nid_triple const *a = a_;
+ *
+ * The assignement discards a const because what you really want is:
+ *
+ * const int const * const *a = a_;
+ *
+ * But if you do that, you lose the fact that a is an array of 3 ints,
+ * which breaks comparison functions.
+ *
+ * Thus we end up having to cast, sadly, or unpack the
+ * declarations. Or, as I finally did in this case, delcare nid_triple
+ * to be a struct, which it should have been in the first place.
+ *
+ * Ben, August 2008.
+ *
+ * Also, strictly speaking not all types need be const, but handling
+ * the non-constness means a lot of complication, and in practice
+ * comparison routines do always not touch their arguments.
+ */
+
+#define IMPLEMENT_OBJ_BSEARCH_CMP_FN(type1, type2, nm)	\
+  static int nm##_cmp_BSEARCH_CMP_FN(const void *a_, const void *b_)	\
+      { \
+      type1 const *a = a_; \
+      type2 const *b = b_; \
+      return nm##_cmp(a,b); \
+      } \
+  static type2 *OBJ_bsearch_##nm(type1 *key, type2 const *base, int num) \
+      { \
+      return (type2 *)OBJ_bsearch_(key, base, num, sizeof(type2), \
+					nm##_cmp_BSEARCH_CMP_FN); \
+      } \
+      extern void dummy_prototype(void)
+
+#define IMPLEMENT_OBJ_BSEARCH_GLOBAL_CMP_FN(type1, type2, nm)	\
+  static int nm##_cmp_BSEARCH_CMP_FN(const void *a_, const void *b_)	\
+      { \
+      type1 const *a = a_; \
+      type2 const *b = b_; \
+      return nm##_cmp(a,b); \
+      } \
+  type2 *OBJ_bsearch_##nm(type1 *key, type2 const *base, int num) \
+      { \
+      return (type2 *)OBJ_bsearch_(key, base, num, sizeof(type2), \
+					nm##_cmp_BSEARCH_CMP_FN); \
+      } \
+      extern void dummy_prototype(void)
+
+#define OBJ_bsearch(type1,key,type2,base,num,cmp)			       \
+  ((type2 *)OBJ_bsearch_(CHECKED_PTR_OF(type1,key),CHECKED_PTR_OF(type2,base), \
+			 num,sizeof(type2),				\
+			 ((void)CHECKED_PTR_OF(type1,cmp##_type_1),	\
+			  (void)CHECKED_PTR_OF(type2,cmp##_type_2),	\
+			  cmp##_BSEARCH_CMP_FN)))
+
+#define OBJ_bsearch_ex(type1,key,type2,base,num,cmp,flags)			\
+  ((type2 *)OBJ_bsearch_ex_(CHECKED_PTR_OF(type1,key),CHECKED_PTR_OF(type2,base), \
+			 num,sizeof(type2),				\
+			 ((void)CHECKED_PTR_OF(type1,cmp##_type_1),	\
+			  (void)type_2=CHECKED_PTR_OF(type2,cmp##_type_2), \
+			  cmp##_BSEARCH_CMP_FN)),flags)
 
 int		OBJ_new_nid(int num);
 int		OBJ_add_object(const ASN1_OBJECT *obj);
@@ -1022,6 +1103,14 @@ int		OBJ_create(const char *oid,const char *sn,const char *ln);
 void		OBJ_cleanup(void );
 int		OBJ_create_objects(BIO *in);
 
+int OBJ_find_sigid_algs(int signid, int *pdig_nid, int *ppkey_nid);
+int OBJ_find_sigid_by_algs(int *psignid, int dig_nid, int pkey_nid);
+int OBJ_add_sigid(int signid, int dig_id, int pkey_id);
+void OBJ_sigid_free(void);
+
+extern int obj_cleanup_defer;
+void check_defer(int nid);
+
 /* BEGIN ERROR CODES */
 /* The following lines are auto generated by the script mkerr.pl. Any changes
  * made after this point may be overwritten when the script is next run.
diff --git a/crypto/objects/objects.pl b/crypto/objects/objects.pl
index 76c06cc8f9..15c00bbd52 100644
--- a/crypto/objects/objects.pl
+++ b/crypto/objects/objects.pl
@@ -14,6 +14,8 @@ while(<NUMIN>)
 	$Cname =~ s/^X//;
 	if (defined($nidn{$mynum}))
 		{ die "$ARGV[1]:$o:There's already an object with NID ",$mynum," on line ",$order{$mynum},"\n"; }
+	if (defined($nid{$Cname}))
+		{ die "$ARGV[1]:$o:There's already an object with name ",$Cname," on line ",$order{$nid{$Cname}},"\n"; }
 	$nid{$Cname} = $mynum;
 	$nidn{$mynum} = $Cname;
 	$order{$mynum} = $o;
@@ -102,6 +104,7 @@ while (<IN>)
 		$max_nid++;
 		$nid{$Cname} = $max_nid;
 		$nidn{$max_nid} = $Cname;
+print STDERR "Added OID $Cname\n";
 		}
 	$Cname="";
 	}
diff --git a/crypto/objects/objects.txt b/crypto/objects/objects.txt
index 46a405b3e6..97be877906 100644
--- a/crypto/objects/objects.txt
+++ b/crypto/objects/objects.txt
@@ -11,12 +11,16 @@ iso 2			: member-body		: ISO Member Body
 
 iso 3			: identified-organization
 
+# HMAC OIDs
+identified-organization 6 1 5 5 8 1 1	: HMAC-MD5	: hmac-md5
+identified-organization 6 1 5 5 8 1 2	: HMAC-SHA1	: hmac-sha1
+
 identified-organization 132	: certicom-arc
 
 joint-iso-itu-t 23	: international-organizations	: International Organizations
 
 international-organizations 43	: wap
-wap 13			: wap-wsg
+wap 1			: wap-wsg
 
 joint-iso-itu-t 5 1 5	: selected-attribute-types	: Selected Attribute Types
 
@@ -75,6 +79,12 @@ X9-62_primeCurve 7	 	: prime256v1
 !Alias id-ecSigType ansi-X9-62 4
 !global
 X9-62_id-ecSigType 1		: ecdsa-with-SHA1
+X9-62_id-ecSigType 2		: ecdsa-with-Recommended
+X9-62_id-ecSigType 3		: ecdsa-with-Specified
+ecdsa-with-Specified 1		: ecdsa-with-SHA224
+ecdsa-with-Specified 2		: ecdsa-with-SHA256
+ecdsa-with-Specified 3		: ecdsa-with-SHA384
+ecdsa-with-Specified 4		: ecdsa-with-SHA512
 
 # SECG curve OIDs from "SEC 2: Recommended Elliptic Curve Domain Parameters"
 # (http://www.secg.org/)
@@ -141,6 +151,10 @@ ISO-US 113533 7 66 10	: CAST5-CBC		: cast5-cbc
 !Cname pbeWithMD5AndCast5-CBC
 ISO-US 113533 7 66 12	:			: pbeWithMD5AndCast5CBC
 
+# Macs for CMP and CRMF
+ISO-US 113533 7 66 13	: id-PasswordBasedMAC	: password based MAC
+ISO-US 113533 7 66 30	: id-DHBasedMac		: Diffie-Hellman based MAC
+
 ISO-US 113549		: rsadsi		: RSA Data Security, Inc.
 
 rsadsi 1		: pkcs			: RSA Data Security, Inc. PKCS
@@ -237,6 +251,8 @@ id-smime-ct 5		: id-smime-ct-TDTInfo
 id-smime-ct 6		: id-smime-ct-contentInfo
 id-smime-ct 7		: id-smime-ct-DVCSRequestData
 id-smime-ct 8		: id-smime-ct-DVCSResponseData
+id-smime-ct 9		: id-smime-ct-compressedData
+id-smime-ct 27		: id-ct-asciiTextWithCRLF
 
 # S/MIME Attributes
 id-smime-aa 1		: id-smime-aa-receiptRequest
@@ -283,6 +299,7 @@ id-smime-alg 4		: id-smime-alg-RC2wrap
 id-smime-alg 5		: id-smime-alg-ESDH
 id-smime-alg 6		: id-smime-alg-CMS3DESwrap
 id-smime-alg 7		: id-smime-alg-CMSRC2wrap
+id-smime-alg 9		: id-alg-PWRI-KEK
 
 # S/MIME Certificate Distribution
 id-smime-cd 1		: id-smime-cd-ldap
@@ -303,6 +320,7 @@ pkcs9 20		:			: friendlyName
 pkcs9 21		:			: localKeyID
 !Cname ms-csp-name
 1 3 6 1 4 1 311 17 1	: CSPName		: Microsoft CSP Name
+1 3 6 1 4 1 311 17 2	: LocalKeySet		: Microsoft Local Key set
 !Alias certTypes pkcs9 22
 certTypes 1		:			: x509Certificate
 certTypes 2		:			: sdsiCertificate
@@ -338,7 +356,15 @@ rsadsi 2 2		: MD2			: md2
 rsadsi 2 4		: MD4			: md4
 rsadsi 2 5		: MD5			: md5
 			: MD5-SHA1		: md5-sha1
+rsadsi 2 6		:			: hmacWithMD5
 rsadsi 2 7		:			: hmacWithSHA1
+
+# From RFC4231
+rsadsi 2 8		:			: hmacWithSHA224
+rsadsi 2 9		:			: hmacWithSHA256
+rsadsi 2 10		:			: hmacWithSHA384
+rsadsi 2 11		:			: hmacWithSHA512
+
 rsadsi 3 2		: RC2-CBC		: rc2-cbc
 			: RC2-ECB		: rc2-ecb
 !Cname rc2-cfb64
@@ -434,9 +460,9 @@ id-pe 3			: qcStatements
 id-pe 4			: ac-auditEntity
 id-pe 5			: ac-targeting
 id-pe 6			: aaControls
-id-pe 7			: sbqp-ipAddrBlock
-id-pe 8			: sbqp-autonomousSysNum
-id-pe 9			: sbqp-routerIdentifier
+id-pe 7			: sbgp-ipAddrBlock
+id-pe 8			: sbgp-autonomousSysNum
+id-pe 9			: sbgp-routerIdentifier
 id-pe 10		: ac-proxying
 !Cname sinfo-access
 id-pe 11		: subjectInfoAccess	: Subject Information Access
@@ -484,6 +510,7 @@ id-it 12		: id-it-revPassphrase
 id-it 13		: id-it-implicitConfirm
 id-it 14		: id-it-confirmWaitTime
 id-it 15		: id-it-origPKIMessage
+id-it 16		: id-it-suppLangTags
 
 # CRMF registration
 id-pkip 1		: id-regCtrl
@@ -531,6 +558,7 @@ id-cmc 24		: id-cmc-confirmCertAcceptance
 
 # other names
 id-on 1			: id-on-personalData
+id-on 3			: id-on-permanentIdentifier : Permanent Identifier
 
 # personal data attributes
 id-pda 1		: id-pda-dateOfBirth
@@ -570,6 +598,7 @@ id-ad 2			: caIssuers		: CA Issuers
 id-ad 3			: ad_timestamping	: AD Time Stamping
 !Cname ad-dvcs
 id-ad 4			: AD_DVCS		: ad dvcs
+id-ad 5			: caRepository		: CA Repository
 
 
 !Alias id-pkix-OCSP ad-OCSP
@@ -636,18 +665,52 @@ X509 5			: 			: serialNumber
 X509 6			: C			: countryName
 X509 7			: L			: localityName
 X509 8			: ST			: stateOrProvinceName
-X509 9			:			: streetAddress
+X509 9			: street		: streetAddress
 X509 10			: O			: organizationName
 X509 11			: OU			: organizationalUnitName
-X509 12			: 			: title
+X509 12			: title			: title
 X509 13			: 			: description
-X509 17			:			: postalCode
+X509 14			: 			: searchGuide
+X509 15			: 			: businessCategory
+X509 16			: 			: postalAddress
+X509 17			: 			: postalCode
+X509 18			: 			: postOfficeBox
+X509 19			: 			: physicalDeliveryOfficeName
+X509 20			: 			: telephoneNumber
+X509 21			: 			: telexNumber
+X509 22			: 			: teletexTerminalIdentifier
+X509 23			: 			: facsimileTelephoneNumber
+X509 24			: 			: x121Address
+X509 25			: 			: internationaliSDNNumber
+X509 26			: 			: registeredAddress
+X509 27			: 			: destinationIndicator
+X509 28			: 			: preferredDeliveryMethod
+X509 29			: 			: presentationAddress
+X509 30			: 			: supportedApplicationContext
+X509 31			: member		:
+X509 32			: owner			:
+X509 33			: 			: roleOccupant
+X509 34			: seeAlso		:
+X509 35			: 			: userPassword
+X509 36			: 			: userCertificate
+X509 37			: 			: cACertificate
+X509 38			: 			: authorityRevocationList
+X509 39			: 			: certificateRevocationList
+X509 40			: 			: crossCertificatePair
 X509 41			: name			: name
 X509 42			: GN			: givenName
-X509 43			: 			: initials
+X509 43			: initials		: initials
 X509 44			: 			: generationQualifier
 X509 45			: 			: x500UniqueIdentifier
 X509 46			: dnQualifier		: dnQualifier
+X509 47			: 			: enhancedSearchGuide
+X509 48			: 			: protocolInformation
+X509 49			: 			: distinguishedName
+X509 50			: 			: uniqueMember
+X509 51			: 			: houseIdentifier
+X509 52			: 			: supportedAlgorithms
+X509 53			: 			: deltaRevocationList
+X509 54			: dmdName		:
 X509 65			:			: pseudonym
 X509 72			: role			: role
 
@@ -657,6 +720,8 @@ X500algorithms 3 100	: RSA-MDC2		: mdc2WithRSA
 X500algorithms 3 101	: MDC2			: mdc2
 
 X500 29			: id-ce
+!Cname subject-directory-attributes
+id-ce 9			: subjectDirectoryAttributes : X509v3 Subject Directory Attributes
 !Cname subject-key-identifier
 id-ce 14		: subjectKeyIdentifier	: X509v3 Subject Key Identifier
 !Cname key-usage
@@ -677,6 +742,10 @@ id-ce 21		: CRLReason		: X509v3 CRL Reason Code
 id-ce 24		: invalidityDate	: Invalidity Date
 !Cname delta-crl
 id-ce 27		: deltaCRL		: X509v3 Delta CRL Indicator
+!Cname issuing-distribution-point
+id-ce 28		: issuingDistributionPoint : X509v3 Issuing Distrubution Point
+!Cname certificate-issuer
+id-ce 29		: certificateIssuer	: X509v3 Certificate Issuer
 !Cname name-constraints
 id-ce 30		: nameConstraints	: X509v3 Name Constraints
 !Cname crl-distribution-points
@@ -693,6 +762,8 @@ id-ce 35		: authorityKeyIdentifier : X509v3 Authority Key Identifier
 id-ce 36		: policyConstraints	: X509v3 Policy Constraints
 !Cname ext-key-usage
 id-ce 37		: extendedKeyUsage	: X509v3 Extended Key Usage
+!Cname freshest-crl
+id-ce 46		: freshestCRL		: X509v3 Freshest CRL
 !Cname inhibit-any-policy
 id-ce 54		: inhibitAnyPolicy	: X509v3 Inhibit Any Policy
 !Cname target-information
@@ -762,7 +833,7 @@ mime-mhs-headings 2	: id-hex-multipart-message : id-hex-multipart-message
 !Cname rle-compression
 1 1 1 1 666 1		: RLE			: run length compression
 !Cname zlib-compression
-1 1 1 1 666 2		: ZLIB			: zlib compression
+id-smime-alg 8		: ZLIB			: zlib compression
 
 # AES aka Rijndael
 
@@ -804,6 +875,10 @@ aes 44			: AES-256-CFB		: aes-256-cfb
 			: DES-EDE3-CFB1		: des-ede3-cfb1
 			: DES-EDE3-CFB8		: des-ede3-cfb8
 
+aes 5			: id-aes128-wrap 
+aes 25			: id-aes192-wrap 
+aes 45			: id-aes256-wrap 
+
 # OIDs for SHA224, SHA256, SHA385 and SHA512, according to x9.84.
 !Alias nist_hashalgs nistAlgorithms 2
 nist_hashalgs 1		: SHA256		: sha256
@@ -811,6 +886,11 @@ nist_hashalgs 2		: SHA384		: sha384
 nist_hashalgs 3		: SHA512		: sha512
 nist_hashalgs 4		: SHA224		: sha224
 
+# OIDs for dsa-with-sha224 and dsa-with-sha256
+!Alias dsa_with_sha2 nistAlgorithms 3
+dsa_with_sha2 1		: dsa_with_SHA224
+dsa_with_sha2 2		: dsa_with_SHA256
+
 # Hold instruction CRL entry extension
 !Cname hold-instruction-code
 id-ce 23		: holdInstructionCode	: Hold Instruction Code
@@ -1047,3 +1127,134 @@ rsadsi 1 1 6		: rsaOAEPEncryptionSET
 
 			: Oakley-EC2N-3		: ipsec3
 			: Oakley-EC2N-4		: ipsec4
+
+iso 0 10118 3 0 55	: whirlpool
+
+# GOST OIDs
+
+member-body 643 2 2	: cryptopro
+member-body 643 2 9	: cryptocom
+
+cryptopro 3		: id-GostR3411-94-with-GostR3410-2001 : GOST R 34.11-94 with GOST R 34.10-2001
+cryptopro 4		: id-GostR3411-94-with-GostR3410-94 : GOST R 34.11-94 with GOST R 34.10-94
+!Cname id-GostR3411-94
+cryptopro 9		: md_gost94		: GOST R 34.11-94
+cryptopro 10		: id-HMACGostR3411-94	: HMAC GOST 34.11-94
+!Cname id-GostR3410-2001
+cryptopro 19		: gost2001	: GOST R 34.10-2001
+!Cname id-GostR3410-94
+cryptopro 20		: gost94	: GOST R 34.10-94
+!Cname id-Gost28147-89
+cryptopro 21		: gost89 		: GOST 28147-89
+			: gost89-cnt
+!Cname id-Gost28147-89-MAC
+cryptopro 22		: gost-mac	: GOST 28147-89 MAC
+!Cname id-GostR3411-94-prf
+cryptopro 23		: prf-gostr3411-94	: GOST R 34.11-94 PRF
+cryptopro 98		: id-GostR3410-2001DH	: GOST R 34.10-2001 DH
+cryptopro 99		: id-GostR3410-94DH	: GOST R 34.10-94 DH
+
+cryptopro 14 1		: id-Gost28147-89-CryptoPro-KeyMeshing
+cryptopro 14 0		: id-Gost28147-89-None-KeyMeshing
+
+# GOST parameter set OIDs
+
+cryptopro 30 0		: id-GostR3411-94-TestParamSet
+cryptopro 30 1		: id-GostR3411-94-CryptoProParamSet
+
+cryptopro 31 0		: id-Gost28147-89-TestParamSet
+cryptopro 31 1		: id-Gost28147-89-CryptoPro-A-ParamSet
+cryptopro 31 2		: id-Gost28147-89-CryptoPro-B-ParamSet
+cryptopro 31 3		: id-Gost28147-89-CryptoPro-C-ParamSet
+cryptopro 31 4		: id-Gost28147-89-CryptoPro-D-ParamSet
+cryptopro 31 5		: id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet
+cryptopro 31 6		: id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet
+cryptopro 31 7		: id-Gost28147-89-CryptoPro-RIC-1-ParamSet
+
+cryptopro 32 0		: id-GostR3410-94-TestParamSet
+cryptopro 32 2		: id-GostR3410-94-CryptoPro-A-ParamSet
+cryptopro 32 3		: id-GostR3410-94-CryptoPro-B-ParamSet
+cryptopro 32 4		: id-GostR3410-94-CryptoPro-C-ParamSet
+cryptopro 32 5		: id-GostR3410-94-CryptoPro-D-ParamSet
+
+cryptopro 33 1		: id-GostR3410-94-CryptoPro-XchA-ParamSet
+cryptopro 33 2		: id-GostR3410-94-CryptoPro-XchB-ParamSet
+cryptopro 33 3		: id-GostR3410-94-CryptoPro-XchC-ParamSet
+
+cryptopro 35 0		: id-GostR3410-2001-TestParamSet
+cryptopro 35 1		: id-GostR3410-2001-CryptoPro-A-ParamSet
+cryptopro 35 2		: id-GostR3410-2001-CryptoPro-B-ParamSet
+cryptopro 35 3		: id-GostR3410-2001-CryptoPro-C-ParamSet
+
+cryptopro 36 0		: id-GostR3410-2001-CryptoPro-XchA-ParamSet
+cryptopro 36 1		: id-GostR3410-2001-CryptoPro-XchB-ParamSet
+
+id-GostR3410-94 1	: id-GostR3410-94-a
+id-GostR3410-94 2	: id-GostR3410-94-aBis
+id-GostR3410-94 3	: id-GostR3410-94-b
+id-GostR3410-94 4	: id-GostR3410-94-bBis
+
+# Cryptocom LTD GOST OIDs
+
+cryptocom 1 6 1		: id-Gost28147-89-cc	: GOST 28147-89 Cryptocom ParamSet
+!Cname id-GostR3410-94-cc
+cryptocom 1 5 3		: gost94cc	: GOST 34.10-94 Cryptocom
+!Cname id-GostR3410-2001-cc
+cryptocom 1 5 4		: gost2001cc	: GOST 34.10-2001 Cryptocom
+
+cryptocom 1 3 3		: id-GostR3411-94-with-GostR3410-94-cc : GOST R 34.11-94 with GOST R 34.10-94 Cryptocom
+cryptocom 1 3 4		: id-GostR3411-94-with-GostR3410-2001-cc : GOST R 34.11-94 with GOST R 34.10-2001 Cryptocom
+
+cryptocom 1 8 1		: id-GostR3410-2001-ParamSet-cc : GOST R 3410-2001 Parameter Set Cryptocom
+
+# Definitions for Camellia cipher - CBC MODE
+
+1 2 392 200011 61 1 1 1 2 : CAMELLIA-128-CBC		: camellia-128-cbc
+1 2 392 200011 61 1 1 1 3 : CAMELLIA-192-CBC		: camellia-192-cbc
+1 2 392 200011 61 1 1 1 4 : CAMELLIA-256-CBC		: camellia-256-cbc
+
+# Definitions for Camellia cipher - ECB, CFB, OFB MODE
+
+!Alias ntt-ds 0 3 4401 5
+!Alias camellia ntt-ds 3 1 9 
+
+camellia 1		: CAMELLIA-128-ECB		: camellia-128-ecb
+!Cname camellia-128-ofb128
+camellia 3		: CAMELLIA-128-OFB		: camellia-128-ofb
+!Cname camellia-128-cfb128
+camellia 4		: CAMELLIA-128-CFB		: camellia-128-cfb
+
+camellia 21		: CAMELLIA-192-ECB		: camellia-192-ecb
+!Cname camellia-192-ofb128
+camellia 23		: CAMELLIA-192-OFB		: camellia-192-ofb
+!Cname camellia-192-cfb128
+camellia 24		: CAMELLIA-192-CFB		: camellia-192-cfb
+
+camellia 41		: CAMELLIA-256-ECB		: camellia-256-ecb
+!Cname camellia-256-ofb128
+camellia 43		: CAMELLIA-256-OFB		: camellia-256-ofb
+!Cname camellia-256-cfb128
+camellia 44		: CAMELLIA-256-CFB		: camellia-256-cfb
+
+# There are no OIDs for these modes...
+
+			: CAMELLIA-128-CFB1		: camellia-128-cfb1
+			: CAMELLIA-192-CFB1		: camellia-192-cfb1
+			: CAMELLIA-256-CFB1		: camellia-256-cfb1
+			: CAMELLIA-128-CFB8		: camellia-128-cfb8
+			: CAMELLIA-192-CFB8		: camellia-192-cfb8
+			: CAMELLIA-256-CFB8		: camellia-256-cfb8
+
+# Definitions for SEED cipher - ECB, CBC, OFB mode
+
+member-body 410 200004  : KISA          : kisa
+kisa 1 3                : SEED-ECB      : seed-ecb
+kisa 1 4                : SEED-CBC      : seed-cbc
+!Cname seed-cfb128
+kisa 1 5                : SEED-CFB      : seed-cfb
+!Cname seed-ofb128
+kisa 1 6                : SEED-OFB      : seed-ofb
+
+# There is no OID that just denotes "HMAC" oddly enough...
+
+			: HMAC				: hmac
diff --git a/crypto/objects/objxref.pl b/crypto/objects/objxref.pl
new file mode 100644
index 0000000000..731d3ae22c
--- /dev/null
+++ b/crypto/objects/objxref.pl
@@ -0,0 +1,107 @@
+#!/usr/local/bin/perl
+
+use strict;
+
+my %xref_tbl;
+my %oid_tbl;
+
+my ($mac_file, $xref_file) = @ARGV;
+
+open(IN, $mac_file) || die "Can't open $mac_file";
+
+# Read in OID nid values for a lookup table.
+
+while (<IN>)
+	{
+	chomp;
+	my ($name, $num) = /^(\S+)\s+(\S+)$/;
+	$oid_tbl{$name} = $num;
+	}
+close IN;
+
+open(IN, $xref_file) || die "Can't open $xref_file";
+
+my $ln = 1;
+
+while (<IN>)
+	{
+	chomp;
+	s/#.*$//;
+	next if (/^\S*$/);
+	my ($xr, $p1, $p2) = /^(\S+)\s+(\S+)\s+(\S+)/;
+	check_oid($xr);
+	check_oid($p1);
+	check_oid($p2);
+	$xref_tbl{$xr} = [$p1, $p2, $ln];
+	}
+
+my @xrkeys = keys %xref_tbl;
+
+my @srt1 = sort { $oid_tbl{$a} <=> $oid_tbl{$b}} @xrkeys;
+
+for(my $i = 0; $i <= $#srt1; $i++)
+	{
+	$xref_tbl{$srt1[$i]}[2] = $i;
+	}
+
+my @srt2 = sort
+	{
+	my$ap1 = $oid_tbl{$xref_tbl{$a}[0]};
+	my$bp1 = $oid_tbl{$xref_tbl{$b}[0]};
+	return $ap1 - $bp1 if ($ap1 != $bp1);
+	my$ap2 = $oid_tbl{$xref_tbl{$a}[1]};
+	my$bp2 = $oid_tbl{$xref_tbl{$b}[1]};
+
+	return $ap2 - $bp2;
+	} @xrkeys;
+
+my $pname = $0;
+
+$pname =~ s|^.[^/]/||;
+
+print <<EOF;
+/* AUTOGENERATED BY $pname, DO NOT EDIT */
+
+typedef struct
+	{
+	int sign_id;
+	int hash_id;
+	int pkey_id;
+	} nid_triple;
+
+static const nid_triple sigoid_srt[] =
+	{
+EOF
+
+foreach (@srt1)
+	{
+	my $xr = $_;
+	my ($p1, $p2) = @{$xref_tbl{$_}};
+	print "\t{NID_$xr, NID_$p1, NID_$p2},\n";
+	}
+
+print "\t};";
+print <<EOF;
+
+
+static const nid_triple * const sigoid_srt_xref[] =
+	{
+EOF
+
+foreach (@srt2)
+	{
+	my $x = $xref_tbl{$_}[2];
+	print "\t\&sigoid_srt\[$x\],\n";
+	}
+
+print "\t};\n\n";
+
+sub check_oid
+	{
+	my ($chk) = @_;
+	if (!exists $oid_tbl{$chk})
+		{
+		die "Not Found \"$chk\"\n";
+		}
+	}
+
diff --git a/crypto/ocsp/.cvsignore b/crypto/ocsp/.cvsignore
index c6d03a9dbc..439e6d3eb6 100644
--- a/crypto/ocsp/.cvsignore
+++ b/crypto/ocsp/.cvsignore
@@ -1,2 +1,4 @@
 lib
 Makefile.save
+*.flc
+semantic.cache
diff --git a/crypto/ocsp/Makefile.ssl b/crypto/ocsp/Makefile.ssl
deleted file mode 100644
index c4f50af842..0000000000
--- a/crypto/ocsp/Makefile.ssl
+++ /dev/null
@@ -1,218 +0,0 @@
-#
-# OpenSSL/ocsp/Makefile.ssl
-#
-
-DIR=	ocsp
-TOP=	../..
-CC=	cc
-INCLUDES= -I.. -I$(TOP) -I../../include
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile README
-TEST=
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC= ocsp_asn.c ocsp_ext.c ocsp_ht.c ocsp_lib.c ocsp_cl.c \
-	ocsp_srv.c ocsp_prn.c ocsp_vfy.c ocsp_err.c
-
-LIBOBJ= ocsp_asn.o ocsp_ext.o ocsp_ht.o ocsp_lib.o ocsp_cl.o \
-	ocsp_srv.o ocsp_prn.o ocsp_vfy.o ocsp_err.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= ocsp.h
-HEADER=	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@sh $(TOP)/util/point.sh Makefile.ssl Makefile ;
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-ocsp_asn.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
-ocsp_asn.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-ocsp_asn.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-ocsp_asn.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-ocsp_asn.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-ocsp_asn.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-ocsp_asn.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-ocsp_asn.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h
-ocsp_asn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-ocsp_asn.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-ocsp_asn.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-ocsp_asn.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-ocsp_asn.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-ocsp_asn.o: ocsp_asn.c
-ocsp_cl.o: ../../e_os.h ../../include/openssl/asn1.h
-ocsp_cl.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-ocsp_cl.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-ocsp_cl.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-ocsp_cl.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-ocsp_cl.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-ocsp_cl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-ocsp_cl.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h
-ocsp_cl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-ocsp_cl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
-ocsp_cl.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
-ocsp_cl.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
-ocsp_cl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-ocsp_cl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-ocsp_cl.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-ocsp_cl.o: ../cryptlib.h ocsp_cl.c
-ocsp_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-ocsp_err.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
-ocsp_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-ocsp_err.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-ocsp_err.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-ocsp_err.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-ocsp_err.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-ocsp_err.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h
-ocsp_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-ocsp_err.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-ocsp_err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-ocsp_err.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-ocsp_err.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-ocsp_err.o: ocsp_err.c
-ocsp_ext.o: ../../e_os.h ../../include/openssl/asn1.h
-ocsp_ext.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-ocsp_ext.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-ocsp_ext.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-ocsp_ext.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-ocsp_ext.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-ocsp_ext.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-ocsp_ext.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h
-ocsp_ext.o: ../../include/openssl/opensslconf.h
-ocsp_ext.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-ocsp_ext.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
-ocsp_ext.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-ocsp_ext.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-ocsp_ext.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-ocsp_ext.o: ../../include/openssl/x509v3.h ../cryptlib.h ocsp_ext.c
-ocsp_ht.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-ocsp_ht.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
-ocsp_ht.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-ocsp_ht.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-ocsp_ht.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-ocsp_ht.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-ocsp_ht.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-ocsp_ht.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h
-ocsp_ht.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-ocsp_ht.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-ocsp_ht.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-ocsp_ht.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-ocsp_ht.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-ocsp_ht.o: ocsp_ht.c
-ocsp_lib.o: ../../e_os.h ../../include/openssl/asn1.h
-ocsp_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-ocsp_lib.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-ocsp_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-ocsp_lib.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-ocsp_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-ocsp_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-ocsp_lib.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h
-ocsp_lib.o: ../../include/openssl/opensslconf.h
-ocsp_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-ocsp_lib.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
-ocsp_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
-ocsp_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-ocsp_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-ocsp_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-ocsp_lib.o: ../../include/openssl/x509v3.h ../cryptlib.h ocsp_lib.c
-ocsp_prn.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-ocsp_prn.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
-ocsp_prn.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-ocsp_prn.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-ocsp_prn.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-ocsp_prn.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-ocsp_prn.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-ocsp_prn.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h
-ocsp_prn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-ocsp_prn.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
-ocsp_prn.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-ocsp_prn.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-ocsp_prn.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-ocsp_prn.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-ocsp_prn.o: ocsp_prn.c
-ocsp_srv.o: ../../e_os.h ../../include/openssl/asn1.h
-ocsp_srv.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-ocsp_srv.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-ocsp_srv.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-ocsp_srv.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-ocsp_srv.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-ocsp_srv.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-ocsp_srv.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h
-ocsp_srv.o: ../../include/openssl/opensslconf.h
-ocsp_srv.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-ocsp_srv.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
-ocsp_srv.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
-ocsp_srv.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-ocsp_srv.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-ocsp_srv.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-ocsp_srv.o: ../../include/openssl/x509v3.h ../cryptlib.h ocsp_srv.c
-ocsp_vfy.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-ocsp_vfy.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
-ocsp_vfy.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-ocsp_vfy.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-ocsp_vfy.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-ocsp_vfy.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-ocsp_vfy.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-ocsp_vfy.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h
-ocsp_vfy.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-ocsp_vfy.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-ocsp_vfy.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-ocsp_vfy.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-ocsp_vfy.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-ocsp_vfy.o: ocsp_vfy.c
diff --git a/crypto/ocsp/ocsp.h b/crypto/ocsp/ocsp.h
index fab3c03182..31e45744ba 100644
--- a/crypto/ocsp/ocsp.h
+++ b/crypto/ocsp/ocsp.h
@@ -64,6 +64,7 @@
 #ifndef HEADER_OCSP_H
 #define HEADER_OCSP_H
 
+#include <openssl/ossl_typ.h>
 #include <openssl/x509.h>
 #include <openssl/x509v3.h>
 #include <openssl/safestack.h>
@@ -186,11 +187,11 @@ typedef struct ocsp_resp_bytes_st
  *      responseStatus         OCSPResponseStatus,
  *      responseBytes          [0] EXPLICIT ResponseBytes OPTIONAL }
  */
-typedef struct ocsp_response_st
+struct ocsp_response_st
 	{
 	ASN1_ENUMERATED *responseStatus;
 	OCSP_RESPBYTES  *responseBytes;
-	} OCSP_RESPONSE;
+	};
 
 /*   ResponderID ::= CHOICE {
  *      byName   [1] Name,
@@ -198,14 +199,18 @@ typedef struct ocsp_response_st
  */
 #define V_OCSP_RESPID_NAME 0
 #define V_OCSP_RESPID_KEY  1
-typedef struct ocsp_responder_id_st
+struct ocsp_responder_id_st
 	{
 	int type;
 	union   {
 		X509_NAME* byName;
         	ASN1_OCTET_STRING *byKey;
 		} value;
-	} OCSP_RESPID;
+	};
+
+DECLARE_STACK_OF(OCSP_RESPID)
+DECLARE_ASN1_FUNCTIONS(OCSP_RESPID)
+
 /*   KeyHash ::= OCTET STRING --SHA-1 hash of responder's public key
  *                            --(excluding the tag and length fields)
  */
@@ -349,13 +354,9 @@ typedef struct ocsp_service_locator_st
 #define PEM_STRING_OCSP_REQUEST	"OCSP REQUEST"
 #define PEM_STRING_OCSP_RESPONSE "OCSP RESPONSE"
 
-#define d2i_OCSP_REQUEST_bio(bp,p) (OCSP_REQUEST*)ASN1_d2i_bio((char*(*)()) \
-		OCSP_REQUEST_new,(char *(*)())d2i_OCSP_REQUEST, (bp),\
-		(unsigned char **)(p))
+#define d2i_OCSP_REQUEST_bio(bp,p) ASN1_d2i_bio_of(OCSP_REQUEST,OCSP_REQUEST_new,d2i_OCSP_REQUEST,bp,p)
 
-#define d2i_OCSP_RESPONSE_bio(bp,p) (OCSP_RESPONSE*)ASN1_d2i_bio((char*(*)())\
-		OCSP_REQUEST_new,(char *(*)())d2i_OCSP_RESPONSE, (bp),\
-		(unsigned char **)(p))
+#define d2i_OCSP_RESPONSE_bio(bp,p) ASN1_d2i_bio_of(OCSP_RESPONSE,OCSP_RESPONSE_new,d2i_OCSP_RESPONSE,bp,p)
 
 #define	PEM_read_bio_OCSP_REQUEST(bp,x,cb) (OCSP_REQUEST *)PEM_ASN1_read_bio( \
      (char *(*)())d2i_OCSP_REQUEST,PEM_STRING_OCSP_REQUEST,bp,(char **)x,cb,NULL)
@@ -371,11 +372,9 @@ typedef struct ocsp_service_locator_st
     PEM_ASN1_write_bio((int (*)())i2d_OCSP_RESPONSE,PEM_STRING_OCSP_RESPONSE,\
 			bp,(char *)o, NULL,NULL,0,NULL,NULL)
 
-#define i2d_OCSP_RESPONSE_bio(bp,o) ASN1_i2d_bio(i2d_OCSP_RESPONSE,bp,\
-		(unsigned char *)o)
+#define i2d_OCSP_RESPONSE_bio(bp,o) ASN1_i2d_bio_of(OCSP_RESPONSE,i2d_OCSP_RESPONSE,bp,o)
 
-#define i2d_OCSP_REQUEST_bio(bp,o) ASN1_i2d_bio(i2d_OCSP_REQUEST,bp,\
-		(unsigned char *)o)
+#define i2d_OCSP_REQUEST_bio(bp,o) ASN1_i2d_bio_of(OCSP_REQUEST,i2d_OCSP_REQUEST,bp,o)
 
 #define OCSP_REQUEST_sign(o,pkey,md) \
 	ASN1_item_sign(ASN1_ITEM_rptr(OCSP_REQINFO),\
@@ -396,14 +395,20 @@ typedef struct ocsp_service_locator_st
 #define ASN1_BIT_STRING_digest(data,type,md,len) \
 	ASN1_item_digest(ASN1_ITEM_rptr(ASN1_BIT_STRING),type,data,md,len)
 
-#define OCSP_CERTID_dup(cid) (OCSP_CERTID*)ASN1_dup((int(*)())i2d_OCSP_CERTID,\
-		(char *(*)())d2i_OCSP_CERTID,(char *)(cid))
-
 #define OCSP_CERTSTATUS_dup(cs)\
                 (OCSP_CERTSTATUS*)ASN1_dup((int(*)())i2d_OCSP_CERTSTATUS,\
 		(char *(*)())d2i_OCSP_CERTSTATUS,(char *)(cs))
 
+OCSP_CERTID *OCSP_CERTID_dup(OCSP_CERTID *id);
+
 OCSP_RESPONSE *OCSP_sendreq_bio(BIO *b, char *path, OCSP_REQUEST *req);
+OCSP_REQ_CTX *OCSP_sendreq_new(BIO *io, char *path, OCSP_REQUEST *req,
+								int maxline);
+int OCSP_sendreq_nbio(OCSP_RESPONSE **presp, OCSP_REQ_CTX *rctx);
+void OCSP_REQ_CTX_free(OCSP_REQ_CTX *rctx);
+int OCSP_REQ_CTX_set1_req(OCSP_REQ_CTX *rctx, OCSP_REQUEST *req);
+int OCSP_REQ_CTX_add1_header(OCSP_REQ_CTX *rctx,
+		const char *name, const char *value);
 
 OCSP_CERTID *OCSP_cert_to_id(const EVP_MD *dgst, X509 *subject, X509 *issuer);
 
@@ -473,9 +478,6 @@ int OCSP_basic_sign(OCSP_BASICRESP *brsp,
 			X509 *signer, EVP_PKEY *key, const EVP_MD *dgst,
 			STACK_OF(X509) *certs, unsigned long flags);
 
-ASN1_STRING *ASN1_STRING_encode(ASN1_STRING *s, int (*i2d)(), 
-				char *data, STACK_OF(ASN1_OBJECT) *sk);
-
 X509_EXTENSION *OCSP_crlID_new(char *url, long *n, char *tim);
 
 X509_EXTENSION *OCSP_accept_responses_new(char **oids);
@@ -544,9 +546,9 @@ DECLARE_ASN1_FUNCTIONS(OCSP_REQINFO)
 DECLARE_ASN1_FUNCTIONS(OCSP_CRLID)
 DECLARE_ASN1_FUNCTIONS(OCSP_SERVICELOC)
 
-char *OCSP_response_status_str(long s);
-char *OCSP_cert_status_str(long s);
-char *OCSP_crl_reason_str(long s);
+const char *OCSP_response_status_str(long s);
+const char *OCSP_cert_status_str(long s);
+const char *OCSP_crl_reason_str(long s);
 
 int OCSP_REQUEST_print(BIO *bp, OCSP_REQUEST* a, unsigned long flags);
 int OCSP_RESPONSE_print(BIO *bp, OCSP_RESPONSE* o, unsigned long flags);
@@ -564,11 +566,11 @@ void ERR_load_OCSP_strings(void);
 
 /* Function codes. */
 #define OCSP_F_ASN1_STRING_ENCODE			 100
-#define OCSP_F_CERT_ID_NEW				 101
 #define OCSP_F_D2I_OCSP_NONCE				 102
 #define OCSP_F_OCSP_BASIC_ADD1_STATUS			 103
 #define OCSP_F_OCSP_BASIC_SIGN				 104
 #define OCSP_F_OCSP_BASIC_VERIFY			 105
+#define OCSP_F_OCSP_CERT_ID_NEW				 101
 #define OCSP_F_OCSP_CHECK_DELEGATED			 106
 #define OCSP_F_OCSP_CHECK_IDS				 107
 #define OCSP_F_OCSP_CHECK_ISSUER			 108
@@ -579,6 +581,8 @@ void ERR_load_OCSP_strings(void);
 #define OCSP_F_OCSP_REQUEST_VERIFY			 116
 #define OCSP_F_OCSP_RESPONSE_GET1_BASIC			 111
 #define OCSP_F_OCSP_SENDREQ_BIO				 112
+#define OCSP_F_OCSP_SENDREQ_NBIO			 117
+#define OCSP_F_PARSE_HTTP_LINE1				 118
 #define OCSP_F_REQUEST_VERIFY				 113
 
 /* Reason codes. */
diff --git a/crypto/ocsp/ocsp_asn.c b/crypto/ocsp/ocsp_asn.c
index 6a3a360d54..bfe892ac70 100644
--- a/crypto/ocsp/ocsp_asn.c
+++ b/crypto/ocsp/ocsp_asn.c
@@ -1,5 +1,5 @@
 /* ocsp_asn.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2000.
  */
 /* ====================================================================
@@ -62,7 +62,7 @@
 ASN1_SEQUENCE(OCSP_SIGNATURE) = {
 	ASN1_SIMPLE(OCSP_SIGNATURE, signatureAlgorithm, X509_ALGOR),
 	ASN1_SIMPLE(OCSP_SIGNATURE, signature, ASN1_BIT_STRING),
-	ASN1_EXP_SEQUENCE_OF(OCSP_SIGNATURE, certs, X509, 0)
+	ASN1_EXP_SEQUENCE_OF_OPT(OCSP_SIGNATURE, certs, X509, 0)
 } ASN1_SEQUENCE_END(OCSP_SIGNATURE)
 
 IMPLEMENT_ASN1_FUNCTIONS(OCSP_SIGNATURE)
diff --git a/crypto/ocsp/ocsp_cl.c b/crypto/ocsp/ocsp_cl.c
index 9b3e6dd8ca..9c14d9da27 100644
--- a/crypto/ocsp/ocsp_cl.c
+++ b/crypto/ocsp/ocsp_cl.c
@@ -101,6 +101,8 @@ int OCSP_request_set1_name(OCSP_REQUEST *req, X509_NAME *nm)
 	{
 	GENERAL_NAME *gen;
 	gen = GENERAL_NAME_new();
+	if (gen == NULL)
+		return 0;
 	if (!X509_NAME_set(&gen->d.directoryName, nm))
 		{
 		GENERAL_NAME_free(gen);
@@ -153,7 +155,6 @@ int OCSP_request_sign(OCSP_REQUEST   *req,
 			goto err;
 
 	if (!(req->optionalSignature = sig = OCSP_SIGNATURE_new())) goto err;
-	if (!dgst) dgst = EVP_sha1();
 	if (key)
 		{
 		if (!X509_check_private_key(signer, key))
diff --git a/crypto/ocsp/ocsp_err.c b/crypto/ocsp/ocsp_err.c
index 4c4d8306f8..0cedcea682 100644
--- a/crypto/ocsp/ocsp_err.c
+++ b/crypto/ocsp/ocsp_err.c
@@ -1,6 +1,6 @@
 /* crypto/ocsp/ocsp_err.c */
 /* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2006 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -64,60 +64,66 @@
 
 /* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
+
+#define ERR_FUNC(func) ERR_PACK(ERR_LIB_OCSP,func,0)
+#define ERR_REASON(reason) ERR_PACK(ERR_LIB_OCSP,0,reason)
+
 static ERR_STRING_DATA OCSP_str_functs[]=
 	{
-{ERR_PACK(0,OCSP_F_ASN1_STRING_ENCODE,0),	"ASN1_STRING_encode"},
-{ERR_PACK(0,OCSP_F_CERT_ID_NEW,0),	"CERT_ID_NEW"},
-{ERR_PACK(0,OCSP_F_D2I_OCSP_NONCE,0),	"D2I_OCSP_NONCE"},
-{ERR_PACK(0,OCSP_F_OCSP_BASIC_ADD1_STATUS,0),	"OCSP_basic_add1_status"},
-{ERR_PACK(0,OCSP_F_OCSP_BASIC_SIGN,0),	"OCSP_basic_sign"},
-{ERR_PACK(0,OCSP_F_OCSP_BASIC_VERIFY,0),	"OCSP_basic_verify"},
-{ERR_PACK(0,OCSP_F_OCSP_CHECK_DELEGATED,0),	"OCSP_CHECK_DELEGATED"},
-{ERR_PACK(0,OCSP_F_OCSP_CHECK_IDS,0),	"OCSP_CHECK_IDS"},
-{ERR_PACK(0,OCSP_F_OCSP_CHECK_ISSUER,0),	"OCSP_CHECK_ISSUER"},
-{ERR_PACK(0,OCSP_F_OCSP_CHECK_VALIDITY,0),	"OCSP_check_validity"},
-{ERR_PACK(0,OCSP_F_OCSP_MATCH_ISSUERID,0),	"OCSP_MATCH_ISSUERID"},
-{ERR_PACK(0,OCSP_F_OCSP_PARSE_URL,0),	"OCSP_parse_url"},
-{ERR_PACK(0,OCSP_F_OCSP_REQUEST_SIGN,0),	"OCSP_request_sign"},
-{ERR_PACK(0,OCSP_F_OCSP_REQUEST_VERIFY,0),	"OCSP_request_verify"},
-{ERR_PACK(0,OCSP_F_OCSP_RESPONSE_GET1_BASIC,0),	"OCSP_response_get1_basic"},
-{ERR_PACK(0,OCSP_F_OCSP_SENDREQ_BIO,0),	"OCSP_sendreq_bio"},
-{ERR_PACK(0,OCSP_F_REQUEST_VERIFY,0),	"REQUEST_VERIFY"},
+{ERR_FUNC(OCSP_F_ASN1_STRING_ENCODE),	"ASN1_STRING_encode"},
+{ERR_FUNC(OCSP_F_D2I_OCSP_NONCE),	"D2I_OCSP_NONCE"},
+{ERR_FUNC(OCSP_F_OCSP_BASIC_ADD1_STATUS),	"OCSP_basic_add1_status"},
+{ERR_FUNC(OCSP_F_OCSP_BASIC_SIGN),	"OCSP_basic_sign"},
+{ERR_FUNC(OCSP_F_OCSP_BASIC_VERIFY),	"OCSP_basic_verify"},
+{ERR_FUNC(OCSP_F_OCSP_CERT_ID_NEW),	"OCSP_cert_id_new"},
+{ERR_FUNC(OCSP_F_OCSP_CHECK_DELEGATED),	"OCSP_CHECK_DELEGATED"},
+{ERR_FUNC(OCSP_F_OCSP_CHECK_IDS),	"OCSP_CHECK_IDS"},
+{ERR_FUNC(OCSP_F_OCSP_CHECK_ISSUER),	"OCSP_CHECK_ISSUER"},
+{ERR_FUNC(OCSP_F_OCSP_CHECK_VALIDITY),	"OCSP_check_validity"},
+{ERR_FUNC(OCSP_F_OCSP_MATCH_ISSUERID),	"OCSP_MATCH_ISSUERID"},
+{ERR_FUNC(OCSP_F_OCSP_PARSE_URL),	"OCSP_parse_url"},
+{ERR_FUNC(OCSP_F_OCSP_REQUEST_SIGN),	"OCSP_request_sign"},
+{ERR_FUNC(OCSP_F_OCSP_REQUEST_VERIFY),	"OCSP_request_verify"},
+{ERR_FUNC(OCSP_F_OCSP_RESPONSE_GET1_BASIC),	"OCSP_response_get1_basic"},
+{ERR_FUNC(OCSP_F_OCSP_SENDREQ_BIO),	"OCSP_sendreq_bio"},
+{ERR_FUNC(OCSP_F_OCSP_SENDREQ_NBIO),	"OCSP_sendreq_nbio"},
+{ERR_FUNC(OCSP_F_PARSE_HTTP_LINE1),	"PARSE_HTTP_LINE1"},
+{ERR_FUNC(OCSP_F_REQUEST_VERIFY),	"REQUEST_VERIFY"},
 {0,NULL}
 	};
 
 static ERR_STRING_DATA OCSP_str_reasons[]=
 	{
-{OCSP_R_BAD_DATA                         ,"bad data"},
-{OCSP_R_CERTIFICATE_VERIFY_ERROR         ,"certificate verify error"},
-{OCSP_R_DIGEST_ERR                       ,"digest err"},
-{OCSP_R_ERROR_IN_NEXTUPDATE_FIELD        ,"error in nextupdate field"},
-{OCSP_R_ERROR_IN_THISUPDATE_FIELD        ,"error in thisupdate field"},
-{OCSP_R_ERROR_PARSING_URL                ,"error parsing url"},
-{OCSP_R_MISSING_OCSPSIGNING_USAGE        ,"missing ocspsigning usage"},
-{OCSP_R_NEXTUPDATE_BEFORE_THISUPDATE     ,"nextupdate before thisupdate"},
-{OCSP_R_NOT_BASIC_RESPONSE               ,"not basic response"},
-{OCSP_R_NO_CERTIFICATES_IN_CHAIN         ,"no certificates in chain"},
-{OCSP_R_NO_CONTENT                       ,"no content"},
-{OCSP_R_NO_PUBLIC_KEY                    ,"no public key"},
-{OCSP_R_NO_RESPONSE_DATA                 ,"no response data"},
-{OCSP_R_NO_REVOKED_TIME                  ,"no revoked time"},
-{OCSP_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE,"private key does not match certificate"},
-{OCSP_R_REQUEST_NOT_SIGNED               ,"request not signed"},
-{OCSP_R_RESPONSE_CONTAINS_NO_REVOCATION_DATA,"response contains no revocation data"},
-{OCSP_R_ROOT_CA_NOT_TRUSTED              ,"root ca not trusted"},
-{OCSP_R_SERVER_READ_ERROR                ,"server read error"},
-{OCSP_R_SERVER_RESPONSE_ERROR            ,"server response error"},
-{OCSP_R_SERVER_RESPONSE_PARSE_ERROR      ,"server response parse error"},
-{OCSP_R_SERVER_WRITE_ERROR               ,"server write error"},
-{OCSP_R_SIGNATURE_FAILURE                ,"signature failure"},
-{OCSP_R_SIGNER_CERTIFICATE_NOT_FOUND     ,"signer certificate not found"},
-{OCSP_R_STATUS_EXPIRED                   ,"status expired"},
-{OCSP_R_STATUS_NOT_YET_VALID             ,"status not yet valid"},
-{OCSP_R_STATUS_TOO_OLD                   ,"status too old"},
-{OCSP_R_UNKNOWN_MESSAGE_DIGEST           ,"unknown message digest"},
-{OCSP_R_UNKNOWN_NID                      ,"unknown nid"},
-{OCSP_R_UNSUPPORTED_REQUESTORNAME_TYPE   ,"unsupported requestorname type"},
+{ERR_REASON(OCSP_R_BAD_DATA)             ,"bad data"},
+{ERR_REASON(OCSP_R_CERTIFICATE_VERIFY_ERROR),"certificate verify error"},
+{ERR_REASON(OCSP_R_DIGEST_ERR)           ,"digest err"},
+{ERR_REASON(OCSP_R_ERROR_IN_NEXTUPDATE_FIELD),"error in nextupdate field"},
+{ERR_REASON(OCSP_R_ERROR_IN_THISUPDATE_FIELD),"error in thisupdate field"},
+{ERR_REASON(OCSP_R_ERROR_PARSING_URL)    ,"error parsing url"},
+{ERR_REASON(OCSP_R_MISSING_OCSPSIGNING_USAGE),"missing ocspsigning usage"},
+{ERR_REASON(OCSP_R_NEXTUPDATE_BEFORE_THISUPDATE),"nextupdate before thisupdate"},
+{ERR_REASON(OCSP_R_NOT_BASIC_RESPONSE)   ,"not basic response"},
+{ERR_REASON(OCSP_R_NO_CERTIFICATES_IN_CHAIN),"no certificates in chain"},
+{ERR_REASON(OCSP_R_NO_CONTENT)           ,"no content"},
+{ERR_REASON(OCSP_R_NO_PUBLIC_KEY)        ,"no public key"},
+{ERR_REASON(OCSP_R_NO_RESPONSE_DATA)     ,"no response data"},
+{ERR_REASON(OCSP_R_NO_REVOKED_TIME)      ,"no revoked time"},
+{ERR_REASON(OCSP_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE),"private key does not match certificate"},
+{ERR_REASON(OCSP_R_REQUEST_NOT_SIGNED)   ,"request not signed"},
+{ERR_REASON(OCSP_R_RESPONSE_CONTAINS_NO_REVOCATION_DATA),"response contains no revocation data"},
+{ERR_REASON(OCSP_R_ROOT_CA_NOT_TRUSTED)  ,"root ca not trusted"},
+{ERR_REASON(OCSP_R_SERVER_READ_ERROR)    ,"server read error"},
+{ERR_REASON(OCSP_R_SERVER_RESPONSE_ERROR),"server response error"},
+{ERR_REASON(OCSP_R_SERVER_RESPONSE_PARSE_ERROR),"server response parse error"},
+{ERR_REASON(OCSP_R_SERVER_WRITE_ERROR)   ,"server write error"},
+{ERR_REASON(OCSP_R_SIGNATURE_FAILURE)    ,"signature failure"},
+{ERR_REASON(OCSP_R_SIGNER_CERTIFICATE_NOT_FOUND),"signer certificate not found"},
+{ERR_REASON(OCSP_R_STATUS_EXPIRED)       ,"status expired"},
+{ERR_REASON(OCSP_R_STATUS_NOT_YET_VALID) ,"status not yet valid"},
+{ERR_REASON(OCSP_R_STATUS_TOO_OLD)       ,"status too old"},
+{ERR_REASON(OCSP_R_UNKNOWN_MESSAGE_DIGEST),"unknown message digest"},
+{ERR_REASON(OCSP_R_UNKNOWN_NID)          ,"unknown nid"},
+{ERR_REASON(OCSP_R_UNSUPPORTED_REQUESTORNAME_TYPE),"unsupported requestorname type"},
 {0,NULL}
 	};
 
@@ -125,15 +131,12 @@ static ERR_STRING_DATA OCSP_str_reasons[]=
 
 void ERR_load_OCSP_strings(void)
 	{
-	static int init=1;
-
-	if (init)
-		{
-		init=0;
 #ifndef OPENSSL_NO_ERR
-		ERR_load_strings(ERR_LIB_OCSP,OCSP_str_functs);
-		ERR_load_strings(ERR_LIB_OCSP,OCSP_str_reasons);
-#endif
 
+	if (ERR_func_error_string(OCSP_str_functs[0].error) == NULL)
+		{
+		ERR_load_strings(0,OCSP_str_functs);
+		ERR_load_strings(0,OCSP_str_reasons);
 		}
+#endif
 	}
diff --git a/crypto/ocsp/ocsp_ext.c b/crypto/ocsp/ocsp_ext.c
index 57399433fc..ec884cb08f 100644
--- a/crypto/ocsp/ocsp_ext.c
+++ b/crypto/ocsp/ocsp_ext.c
@@ -264,9 +264,9 @@ int OCSP_SINGLERESP_add_ext(OCSP_SINGLERESP *x, X509_EXTENSION *ex, int loc)
 	}
 
 /* also CRL Entry Extensions */
-
-ASN1_STRING *ASN1_STRING_encode(ASN1_STRING *s, int (*i2d)(), 
-				char *data, STACK_OF(ASN1_OBJECT) *sk)
+#if 0
+ASN1_STRING *ASN1_STRING_encode(ASN1_STRING *s, i2d_of_void *i2d,
+				void *data, STACK_OF(ASN1_OBJECT) *sk)
         {
 	int i;
 	unsigned char *p, *b = NULL;
@@ -274,18 +274,23 @@ ASN1_STRING *ASN1_STRING_encode(ASN1_STRING *s, int (*i2d)(),
 	if (data)
 	        {
 		if ((i=i2d(data,NULL)) <= 0) goto err;
-		if (!(b=p=(unsigned char*)OPENSSL_malloc((unsigned int)i)))
+		if (!(b=p=OPENSSL_malloc((unsigned int)i)))
 			goto err;
 	        if (i2d(data, &p) <= 0) goto err;
 		}
 	else if (sk)
 	        {
-		if ((i=i2d_ASN1_SET_OF_ASN1_OBJECT(sk,NULL,i2d,V_ASN1_SEQUENCE,
-				   V_ASN1_UNIVERSAL,IS_SEQUENCE))<=0) goto err;
-		if (!(b=p=(unsigned char*)OPENSSL_malloc((unsigned int)i)))
+		if ((i=i2d_ASN1_SET_OF_ASN1_OBJECT(sk,NULL,
+						   (I2D_OF(ASN1_OBJECT))i2d,
+						   V_ASN1_SEQUENCE,
+						   V_ASN1_UNIVERSAL,
+						   IS_SEQUENCE))<=0) goto err;
+		if (!(b=p=OPENSSL_malloc((unsigned int)i)))
 			goto err;
-		if (i2d_ASN1_SET_OF_ASN1_OBJECT(sk,&p,i2d,V_ASN1_SEQUENCE,
-				 V_ASN1_UNIVERSAL,IS_SEQUENCE)<=0) goto err;
+		if (i2d_ASN1_SET_OF_ASN1_OBJECT(sk,&p,(I2D_OF(ASN1_OBJECT))i2d,
+						V_ASN1_SEQUENCE,
+						V_ASN1_UNIVERSAL,
+						IS_SEQUENCE)<=0) goto err;
 		}
 	else
 		{
@@ -300,6 +305,7 @@ err:
 	if (b) OPENSSL_free(b);
 	return NULL;
 	}
+#endif
 
 /* Nonce handling functions */
 
@@ -437,16 +443,10 @@ X509_EXTENSION *OCSP_crlID_new(char *url, long *n, char *tim)
 		if (!(ASN1_GENERALIZEDTIME_set_string(cid->crlTime, tim))) 
 		        goto err;
 		}
-	if (!(x = X509_EXTENSION_new())) goto err;
-	if (!(x->object = OBJ_nid2obj(NID_id_pkix_OCSP_CrlID))) goto err;
-	if (!(ASN1_STRING_encode(x->value,i2d_OCSP_CRLID,(char*)cid,NULL)))
-	        goto err;
-	OCSP_CRLID_free(cid);
-	return x;
+	x = X509V3_EXT_i2d(NID_id_pkix_OCSP_CrlID, 0, cid);
 err:
-	if (x) X509_EXTENSION_free(x);
 	if (cid) OCSP_CRLID_free(cid);
-	return NULL;
+	return x;
 	}
 
 /*   AcceptableResponses ::= SEQUENCE OF OBJECT IDENTIFIER */
@@ -464,17 +464,10 @@ X509_EXTENSION *OCSP_accept_responses_new(char **oids)
 		        sk_ASN1_OBJECT_push(sk, o);
 		oids++;
 		}
-	if (!(x = X509_EXTENSION_new())) goto err;
-	if (!(x->object = OBJ_nid2obj(NID_id_pkix_OCSP_acceptableResponses)))
-		goto err;
-	if (!(ASN1_STRING_encode(x->value,i2d_ASN1_OBJECT,NULL,sk)))
-	        goto err;
-	sk_ASN1_OBJECT_pop_free(sk, ASN1_OBJECT_free);
-	return x;
+	x = X509V3_EXT_i2d(NID_id_pkix_OCSP_acceptableResponses, 0, sk);
 err:
-	if (x) X509_EXTENSION_free(x);
 	if (sk) sk_ASN1_OBJECT_pop_free(sk, ASN1_OBJECT_free);
-	return NULL;
+	return x;
         }
 
 /*  ArchiveCutoff ::= GeneralizedTime */
@@ -485,16 +478,10 @@ X509_EXTENSION *OCSP_archive_cutoff_new(char* tim)
 
 	if (!(gt = ASN1_GENERALIZEDTIME_new())) goto err;
 	if (!(ASN1_GENERALIZEDTIME_set_string(gt, tim))) goto err;
-	if (!(x = X509_EXTENSION_new())) goto err;
-	if (!(x->object=OBJ_nid2obj(NID_id_pkix_OCSP_archiveCutoff)))goto err;
-	if (!(ASN1_STRING_encode(x->value,i2d_ASN1_GENERALIZEDTIME,
-				 (char*)gt,NULL))) goto err;
-	ASN1_GENERALIZEDTIME_free(gt);
-	return x;
+	x = X509V3_EXT_i2d(NID_id_pkix_OCSP_archiveCutoff, 0, gt);
 err:
 	if (gt) ASN1_GENERALIZEDTIME_free(gt);
-	if (x) X509_EXTENSION_free(x);
-	return NULL;
+	return x;
 	}
 
 /* per ACCESS_DESCRIPTION parameter are oids, of which there are currently
@@ -523,16 +510,9 @@ X509_EXTENSION *OCSP_url_svcloc_new(X509_NAME* issuer, char **urls)
 		if (!sk_ACCESS_DESCRIPTION_push(sloc->locator, ad)) goto err;
 		urls++;
 		}
-	if (!(x = X509_EXTENSION_new())) goto err;
-	if (!(x->object = OBJ_nid2obj(NID_id_pkix_OCSP_serviceLocator))) 
-	        goto err;
-	if (!(ASN1_STRING_encode(x->value, i2d_OCSP_SERVICELOC,
-				 (char*)sloc, NULL))) goto err;
-	OCSP_SERVICELOC_free(sloc);
-	return x;
+	x = X509V3_EXT_i2d(NID_id_pkix_OCSP_serviceLocator, 0, sloc);
 err:
-	if (x) X509_EXTENSION_free(x);
 	if (sloc) OCSP_SERVICELOC_free(sloc);
-	return NULL;
+	return x;
 	}
 
diff --git a/crypto/ocsp/ocsp_ht.c b/crypto/ocsp/ocsp_ht.c
index 9213e58ae4..12bbfcffd1 100644
--- a/crypto/ocsp/ocsp_ht.c
+++ b/crypto/ocsp/ocsp_ht.c
@@ -1,9 +1,9 @@
 /* ocsp_ht.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 2000.
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project 2006.
  */
 /* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -56,11 +56,12 @@
  *
  */
 
-#include <openssl/asn1.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <ctype.h>
 #include <string.h>
+#include "e_os.h"
+#include <openssl/asn1.h>
 #include <openssl/ocsp.h>
 #include <openssl/err.h>
 #include <openssl/buffer.h>
@@ -68,106 +69,430 @@
 #define strtoul (unsigned long)strtol
 #endif /* OPENSSL_SYS_SUNOS */
 
-/* Quick and dirty HTTP OCSP request handler.
- * Could make this a bit cleverer by adding
- * support for non blocking BIOs and a few
- * other refinements.
- */
+/* Stateful OCSP request code, supporting non-blocking I/O */
 
-OCSP_RESPONSE *OCSP_sendreq_bio(BIO *b, char *path, OCSP_REQUEST *req)
-{
-	BIO *mem = NULL;
-	char tmpbuf[1024];
-	OCSP_RESPONSE *resp = NULL;
-	char *p, *q, *r;
-	int len, retcode;
-	static char req_txt[] =
-"POST %s HTTP/1.0\r\n\
-Content-Type: application/ocsp-request\r\n\
-Content-Length: %d\r\n\r\n";
-
-	len = i2d_OCSP_REQUEST(req, NULL);
-	if(BIO_printf(b, req_txt, path, len) < 0) {
-		OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,OCSP_R_SERVER_WRITE_ERROR);
-		goto err;
+/* Opaque OCSP request status structure */
+
+struct ocsp_req_ctx_st {
+	int state;		/* Current I/O state */
+	unsigned char *iobuf;	/* Line buffer */
+	int iobuflen;		/* Line buffer length */
+	BIO *io;		/* BIO to perform I/O with */
+	BIO *mem;		/* Memory BIO response is built into */
+	unsigned long asn1_len;	/* ASN1 length of response */
+	};
+
+#define OCSP_MAX_REQUEST_LENGTH	(100 * 1024)
+#define OCSP_MAX_LINE_LEN	4096;
+
+/* OCSP states */
+
+/* If set no reading should be performed */
+#define OHS_NOREAD		0x1000
+/* Error condition */
+#define OHS_ERROR		(0 | OHS_NOREAD)
+/* First line being read */
+#define OHS_FIRSTLINE		1
+/* MIME headers being read */
+#define OHS_HEADERS		2
+/* OCSP initial header (tag + length) being read */
+#define OHS_ASN1_HEADER		3
+/* OCSP content octets being read */
+#define OHS_ASN1_CONTENT	4
+/* Request being sent */
+#define OHS_ASN1_WRITE		(6 | OHS_NOREAD)
+/* Request being flushed */
+#define OHS_ASN1_FLUSH		(7 | OHS_NOREAD)
+/* Completed */
+#define OHS_DONE		(8 | OHS_NOREAD)
+
+
+static int parse_http_line1(char *line);
+
+void OCSP_REQ_CTX_free(OCSP_REQ_CTX *rctx)
+	{
+	if (rctx->mem)
+		BIO_free(rctx->mem);
+	if (rctx->iobuf)
+		OPENSSL_free(rctx->iobuf);
+	OPENSSL_free(rctx);
 	}
-	if(i2d_OCSP_REQUEST_bio(b, req) <= 0) {
-		OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,OCSP_R_SERVER_WRITE_ERROR);
-		goto err;
+
+int OCSP_REQ_CTX_set1_req(OCSP_REQ_CTX *rctx, OCSP_REQUEST *req)
+	{
+	static const char req_hdr[] =
+	"Content-Type: application/ocsp-request\r\n"
+	"Content-Length: %d\r\n\r\n";
+        if (BIO_printf(rctx->mem, req_hdr, i2d_OCSP_REQUEST(req, NULL)) <= 0)
+		return 0;
+        if (i2d_OCSP_REQUEST_bio(rctx->mem, req) <= 0)
+		return 0;
+	rctx->state = OHS_ASN1_WRITE;
+	rctx->asn1_len = BIO_get_mem_data(rctx->mem, NULL);
+	return 1;
 	}
-	if(!(mem = BIO_new(BIO_s_mem()))) goto err;
-	/* Copy response to a memory BIO: socket bios can't do gets! */
-	while ((len = BIO_read(b, tmpbuf, sizeof tmpbuf))) {
-		if(len < 0) {
-			OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,OCSP_R_SERVER_READ_ERROR);
-			goto err;
+
+int OCSP_REQ_CTX_add1_header(OCSP_REQ_CTX *rctx,
+		const char *name, const char *value)
+	{
+	if (!name)
+		return 0;
+	if (BIO_puts(rctx->mem, name) <= 0)
+		return 0;
+	if (value)
+		{
+		if (BIO_write(rctx->mem, ": ", 2) != 2)
+			return 0;
+		if (BIO_puts(rctx->mem, value) <= 0)
+			return 0;
 		}
-		BIO_write(mem, tmpbuf, len);
+	if (BIO_write(rctx->mem, "\r\n", 2) != 2)
+		return 0;
+	return 1;
 	}
-	if(BIO_gets(mem, tmpbuf, 512) <= 0) {
-		OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,OCSP_R_SERVER_RESPONSE_PARSE_ERROR);
-		goto err;
+
+OCSP_REQ_CTX *OCSP_sendreq_new(BIO *io, char *path, OCSP_REQUEST *req,
+								int maxline)
+	{
+	static const char post_hdr[] = "POST %s HTTP/1.0\r\n";
+
+	OCSP_REQ_CTX *rctx;
+	rctx = OPENSSL_malloc(sizeof(OCSP_REQ_CTX));
+	rctx->state = OHS_ERROR;
+	rctx->mem = BIO_new(BIO_s_mem());
+	rctx->io = io;
+	rctx->asn1_len = 0;
+	if (maxline > 0)
+		rctx->iobuflen = maxline;
+	else
+		rctx->iobuflen = OCSP_MAX_LINE_LEN;
+	rctx->iobuf = OPENSSL_malloc(rctx->iobuflen);
+	if (!rctx->iobuf)
+		return 0;
+	if (!path)
+		path = "/";
+
+        if (BIO_printf(rctx->mem, post_hdr, path) <= 0)
+		return 0;
+
+	if (req && !OCSP_REQ_CTX_set1_req(rctx, req))
+		return 0;
+
+	return rctx;
 	}
-	/* Parse the HTTP response. This will look like this:
-	 * "HTTP/1.0 200 OK". We need to obtain the numeric code and
-         * (optional) informational message.
-	 */
 
+/* Parse the HTTP response. This will look like this:
+ * "HTTP/1.0 200 OK". We need to obtain the numeric code and
+ * (optional) informational message.
+ */
+
+static int parse_http_line1(char *line)
+	{
+	int retcode;
+	char *p, *q, *r;
 	/* Skip to first white space (passed protocol info) */
-	for(p = tmpbuf; *p && !isspace((unsigned char)*p); p++) continue;
-	if(!*p) {
-		OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,OCSP_R_SERVER_RESPONSE_PARSE_ERROR);
-		goto err;
-	}
+
+	for(p = line; *p && !isspace((unsigned char)*p); p++)
+		continue;
+	if(!*p)
+		{
+		OCSPerr(OCSP_F_PARSE_HTTP_LINE1,
+					OCSP_R_SERVER_RESPONSE_PARSE_ERROR);
+		return 0;
+		}
+
 	/* Skip past white space to start of response code */
-	while(*p && isspace((unsigned char)*p)) p++;
-	if(!*p) {
-		OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,OCSP_R_SERVER_RESPONSE_PARSE_ERROR);
-		goto err;
-	}
+	while(*p && isspace((unsigned char)*p))
+		p++;
+
+	if(!*p)
+		{
+		OCSPerr(OCSP_F_PARSE_HTTP_LINE1,
+					OCSP_R_SERVER_RESPONSE_PARSE_ERROR);
+		return 0;
+		}
+
 	/* Find end of response code: first whitespace after start of code */
-	for(q = p; *q && !isspace((unsigned char)*q); q++) continue;
-	if(!*q) {
-		OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,OCSP_R_SERVER_RESPONSE_PARSE_ERROR);
-		goto err;
-	}
+	for(q = p; *q && !isspace((unsigned char)*q); q++)
+		continue;
+
+	if(!*q)
+		{
+		OCSPerr(OCSP_F_PARSE_HTTP_LINE1,
+					OCSP_R_SERVER_RESPONSE_PARSE_ERROR);
+		return 0;
+		}
+
 	/* Set end of response code and start of message */ 
 	*q++ = 0;
+
 	/* Attempt to parse numeric code */
 	retcode = strtoul(p, &r, 10);
-	if(*r) goto err;
+
+	if(*r)
+		return 0;
+
 	/* Skip over any leading white space in message */
-	while(*q && isspace((unsigned char)*q))  q++;
-	if(*q) {
-	/* Finally zap any trailing white space in message (include CRLF) */
-	/* We know q has a non white space character so this is OK */
-		for(r = q + strlen(q) - 1; isspace((unsigned char)*r); r--) *r = 0;
-	}
-	if(retcode != 200) {
-		OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,OCSP_R_SERVER_RESPONSE_ERROR);
-		if(!*q) { 
-			ERR_add_error_data(2, "Code=", p);
+	while(*q && isspace((unsigned char)*q))
+		q++;
+
+	if(*q)
+		{
+		/* Finally zap any trailing white space in message (include
+		 * CRLF) */
+
+		/* We know q has a non white space character so this is OK */
+		for(r = q + strlen(q) - 1; isspace((unsigned char)*r); r--)
+			*r = 0;
 		}
-		else {
+	if(retcode != 200)
+		{
+		OCSPerr(OCSP_F_PARSE_HTTP_LINE1, OCSP_R_SERVER_RESPONSE_ERROR);
+		if(!*q)
+			ERR_add_error_data(2, "Code=", p);
+		else
 			ERR_add_error_data(4, "Code=", p, ",Reason=", q);
+		return 0;
 		}
-		goto err;
+
+
+	return 1;
+
 	}
-	/* Find blank line marking beginning of content */	
-	while(BIO_gets(mem, tmpbuf, 512) > 0)
+
+int OCSP_sendreq_nbio(OCSP_RESPONSE **presp, OCSP_REQ_CTX *rctx)
 	{
-		for(p = tmpbuf; *p && isspace((unsigned char)*p); p++) continue;
-		if(!*p) break;
-	}
-	if(*p) {
-		OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,OCSP_R_NO_CONTENT);
-		goto err;
+	int i, n;
+	const unsigned char *p;
+	next_io:
+	if (!(rctx->state & OHS_NOREAD))
+		{
+		n = BIO_read(rctx->io, rctx->iobuf, rctx->iobuflen);
+
+		if (n <= 0)
+			{
+			if (BIO_should_retry(rctx->io))
+				return -1;
+			return 0;
+			}
+
+		/* Write data to memory BIO */
+
+		if (BIO_write(rctx->mem, rctx->iobuf, n) != n)
+			return 0;
+		}
+
+	switch(rctx->state)
+		{
+
+		case OHS_ASN1_WRITE:
+		n = BIO_get_mem_data(rctx->mem, &p);
+
+		i = BIO_write(rctx->io,
+			p + (n - rctx->asn1_len), rctx->asn1_len);
+
+		if (i <= 0)
+			{
+			if (BIO_should_retry(rctx->io))
+				return -1;
+			rctx->state = OHS_ERROR;
+			return 0;
+			}
+
+		rctx->asn1_len -= i;
+
+		if (rctx->asn1_len > 0)
+			goto next_io;
+
+		rctx->state = OHS_ASN1_FLUSH;
+
+		(void)BIO_reset(rctx->mem);
+
+		case OHS_ASN1_FLUSH:
+
+		i = BIO_flush(rctx->io);
+
+		if (i > 0)
+			{
+			rctx->state = OHS_FIRSTLINE;
+			goto next_io;
+			}
+
+		if (BIO_should_retry(rctx->io))
+			return -1;
+
+		rctx->state = OHS_ERROR;
+		return 0;
+
+		case OHS_ERROR:
+		return 0;
+
+		case OHS_FIRSTLINE:
+		case OHS_HEADERS:
+
+		/* Attempt to read a line in */
+
+		next_line:
+		/* Due to &%^*$" memory BIO behaviour with BIO_gets we
+		 * have to check there's a complete line in there before
+		 * calling BIO_gets or we'll just get a partial read.
+		 */
+		n = BIO_get_mem_data(rctx->mem, &p);
+		if ((n <= 0) || !memchr(p, '\n', n))
+			{
+			if (n >= rctx->iobuflen)
+				{
+				rctx->state = OHS_ERROR;
+				return 0;
+				}
+			goto next_io;
+			}
+		n = BIO_gets(rctx->mem, (char *)rctx->iobuf, rctx->iobuflen);
+
+		if (n <= 0)
+			{
+			if (BIO_should_retry(rctx->mem))
+				goto next_io;
+			rctx->state = OHS_ERROR;
+			return 0;
+			}
+
+		/* Don't allow excessive lines */
+		if (n == rctx->iobuflen)
+			{
+			rctx->state = OHS_ERROR;
+			return 0;
+			}
+
+		/* First line */
+		if (rctx->state == OHS_FIRSTLINE)
+			{
+			if (parse_http_line1((char *)rctx->iobuf))
+				{
+				rctx->state = OHS_HEADERS;
+				goto next_line;
+				}
+			else
+				{
+				rctx->state = OHS_ERROR;
+				return 0;
+				}
+			}
+		else
+			{
+			/* Look for blank line: end of headers */
+			for (p = rctx->iobuf; *p; p++)
+				{
+				if ((*p != '\r') && (*p != '\n'))
+					break;
+				}
+			if (*p)
+				goto next_line;
+
+			rctx->state = OHS_ASN1_HEADER;
+
+			}
+ 
+		/* Fall thru */
+
+
+		case OHS_ASN1_HEADER:
+		/* Now reading ASN1 header: can read at least 6 bytes which
+		 * is more than enough for any valid ASN1 SEQUENCE header
+		 */
+		n = BIO_get_mem_data(rctx->mem, &p);
+		if (n < 6)
+			goto next_io;
+
+		/* Check it is an ASN1 SEQUENCE */
+		if (*p++ != (V_ASN1_SEQUENCE|V_ASN1_CONSTRUCTED))
+			{
+			rctx->state = OHS_ERROR;
+			return 0;
+			}
+
+		/* Check out length field */
+		if (*p & 0x80)
+			{
+			n = *p & 0x7F;
+			/* Not NDEF or excessive length */
+			if (!n || (n > 4))
+				{
+				rctx->state = OHS_ERROR;
+				return 0;
+				}
+			p++;
+			rctx->asn1_len = 0;
+			for (i = 0; i < n; i++)
+				{
+				rctx->asn1_len <<= 8;
+				rctx->asn1_len |= *p++;
+				}
+
+			if (rctx->asn1_len > OCSP_MAX_REQUEST_LENGTH)
+				{
+				rctx->state = OHS_ERROR;
+				return 0;
+				}
+
+			rctx->asn1_len += n + 2;
+			}
+		else
+			rctx->asn1_len = *p + 2;
+
+		rctx->state = OHS_ASN1_CONTENT;
+
+		/* Fall thru */
+		
+		case OHS_ASN1_CONTENT:
+		n = BIO_get_mem_data(rctx->mem, &p);
+		if (n < (int)rctx->asn1_len)
+			goto next_io;
+
+
+		*presp = d2i_OCSP_RESPONSE(NULL, &p, rctx->asn1_len);
+		if (*presp)
+			{
+			rctx->state = OHS_DONE;
+			return 1;
+			}
+
+		rctx->state = OHS_ERROR;
+		return 0;
+
+		break;
+
+		case OHS_DONE:
+		return 1;
+
+		}
+
+
+
+	return 0;
+
+
 	}
-	if(!(resp = d2i_OCSP_RESPONSE_bio(mem, NULL))) {
-		OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,ERR_R_NESTED_ASN1_ERROR);
-		goto err;
+
+/* Blocking OCSP request handler: now a special case of non-blocking I/O */
+
+OCSP_RESPONSE *OCSP_sendreq_bio(BIO *b, char *path, OCSP_REQUEST *req)
+	{
+	OCSP_RESPONSE *resp = NULL;
+	OCSP_REQ_CTX *ctx;
+	int rv;
+
+	ctx = OCSP_sendreq_new(b, path, req, -1);
+
+	do
+		{
+		rv = OCSP_sendreq_nbio(&resp, ctx);
+		} while ((rv == -1) && BIO_should_retry(b));
+
+	OCSP_REQ_CTX_free(ctx);
+
+	if (rv)
+		return resp;
+
+	return NULL;
 	}
-	err:
-	BIO_free(mem);
-	return resp;
-}
diff --git a/crypto/ocsp/ocsp_lib.c b/crypto/ocsp/ocsp_lib.c
index 9e87fc7895..0090bc267c 100644
--- a/crypto/ocsp/ocsp_lib.c
+++ b/crypto/ocsp/ocsp_lib.c
@@ -69,6 +69,7 @@
 #include <openssl/pem.h>
 #include <openssl/x509v3.h>
 #include <openssl/ocsp.h>
+#include <openssl/asn1t.h>
 
 /* Convert a certificate and its issuer to an OCSP_CERTID */
 
@@ -112,7 +113,7 @@ OCSP_CERTID *OCSP_cert_id_new(const EVP_MD *dgst,
 	if (alg->algorithm != NULL) ASN1_OBJECT_free(alg->algorithm);
 	if ((nid = EVP_MD_type(dgst)) == NID_undef)
 	        {
-		OCSPerr(OCSP_F_CERT_ID_NEW,OCSP_R_UNKNOWN_NID);
+		OCSPerr(OCSP_F_OCSP_CERT_ID_NEW,OCSP_R_UNKNOWN_NID);
 		goto err;
 		}
 	if (!(alg->algorithm=OBJ_nid2obj(nid))) goto err;
@@ -123,7 +124,8 @@ OCSP_CERTID *OCSP_cert_id_new(const EVP_MD *dgst,
 	if (!(ASN1_OCTET_STRING_set(cid->issuerNameHash, md, i))) goto err;
 
 	/* Calculate the issuerKey hash, excluding tag and length */
-	EVP_Digest(issuerKey->data, issuerKey->length, md, &i, dgst, NULL);
+	if (!EVP_Digest(issuerKey->data, issuerKey->length, md, &i, dgst, NULL))
+		goto err;
 
 	if (!(ASN1_OCTET_STRING_set(cid->issuerKeyHash, md, i))) goto err;
 
@@ -134,7 +136,7 @@ OCSP_CERTID *OCSP_cert_id_new(const EVP_MD *dgst,
 		}
 	return cid;
 digerr:
-	OCSPerr(OCSP_F_CERT_ID_NEW,OCSP_R_DIGEST_ERR);
+	OCSPerr(OCSP_F_OCSP_CERT_ID_NEW,OCSP_R_DIGEST_ERR);
 err:
 	if (cid) OCSP_CERTID_free(cid);
 	return NULL;
@@ -260,3 +262,5 @@ int OCSP_parse_url(char *url, char **phost, char **pport, char **ppath, int *pss
 	return 0;
 
 	}
+
+IMPLEMENT_ASN1_DUP_FUNCTION(OCSP_CERTID)
diff --git a/crypto/ocsp/ocsp_prn.c b/crypto/ocsp/ocsp_prn.c
index 3dfb51c1e4..9fe6f0fb02 100644
--- a/crypto/ocsp/ocsp_prn.c
+++ b/crypto/ocsp/ocsp_prn.c
@@ -85,21 +85,21 @@ static int ocsp_certid_print(BIO *bp, OCSP_CERTID* a, int indent)
 typedef struct
 	{
 	long t;
-	char *m;
+	const char *m;
 	} OCSP_TBLSTR;
 
-static char *table2string(long s, OCSP_TBLSTR *ts, int len)
+static const char *table2string(long s, const OCSP_TBLSTR *ts, int len)
 {
-	OCSP_TBLSTR *p;
+	const OCSP_TBLSTR *p;
 	for (p=ts; p < ts + len; p++)
 	        if (p->t == s)
 		         return p->m;
 	return "(UNKNOWN)";
 }
 
-char *OCSP_response_status_str(long s)
+const char *OCSP_response_status_str(long s)
         {
-	static OCSP_TBLSTR rstat_tbl[] = {
+	static const OCSP_TBLSTR rstat_tbl[] = {
 	        { OCSP_RESPONSE_STATUS_SUCCESSFUL, "successful" },
 	        { OCSP_RESPONSE_STATUS_MALFORMEDREQUEST, "malformedrequest" },
 	        { OCSP_RESPONSE_STATUS_INTERNALERROR, "internalerror" },
@@ -109,18 +109,18 @@ char *OCSP_response_status_str(long s)
 	return table2string(s, rstat_tbl, 6);
 	} 
 
-char *OCSP_cert_status_str(long s)
+const char *OCSP_cert_status_str(long s)
         {
-	static OCSP_TBLSTR cstat_tbl[] = {
+	static const OCSP_TBLSTR cstat_tbl[] = {
 	        { V_OCSP_CERTSTATUS_GOOD, "good" },
 	        { V_OCSP_CERTSTATUS_REVOKED, "revoked" },
 	        { V_OCSP_CERTSTATUS_UNKNOWN, "unknown" } };
 	return table2string(s, cstat_tbl, 3);
 	} 
 
-char *OCSP_crl_reason_str(long s)
+const char *OCSP_crl_reason_str(long s)
         {
-	OCSP_TBLSTR reason_tbl[] = {
+	static const OCSP_TBLSTR reason_tbl[] = {
 	  { OCSP_REVOKED_STATUS_UNSPECIFIED, "unspecified" },
           { OCSP_REVOKED_STATUS_KEYCOMPROMISE, "keyCompromise" },
           { OCSP_REVOKED_STATUS_CACOMPROMISE, "cACompromise" },
@@ -266,12 +266,12 @@ int OCSP_RESPONSE_print(BIO *bp, OCSP_RESPONSE* o, unsigned long flags)
 			if (!ASN1_GENERALIZEDTIME_print(bp,single->nextUpdate))
 				goto err;
 			}
-		if (!BIO_write(bp,"\n",1)) goto err;
+		if (BIO_write(bp,"\n",1) <= 0) goto err;
 		if (!X509V3_extensions_print(bp,
 					"Response Single Extensions",
 					single->singleExtensions, flags, 8))
 							goto err;
-		if (!BIO_write(bp,"\n",1)) goto err;
+		if (BIO_write(bp,"\n",1) <= 0) goto err;
 		}
 	if (!X509V3_extensions_print(bp, "Response Extensions",
 					rd->responseExtensions, flags, 4))
diff --git a/crypto/ocsp/ocsp_srv.c b/crypto/ocsp/ocsp_srv.c
index fffa134e75..1c606dd0b6 100644
--- a/crypto/ocsp/ocsp_srv.c
+++ b/crypto/ocsp/ocsp_srv.c
@@ -1,5 +1,5 @@
 /* ocsp_srv.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2001.
  */
 /* ====================================================================
diff --git a/crypto/ocsp/ocsp_vfy.c b/crypto/ocsp/ocsp_vfy.c
index 3d58dfb06c..415d67e61c 100644
--- a/crypto/ocsp/ocsp_vfy.c
+++ b/crypto/ocsp/ocsp_vfy.c
@@ -1,5 +1,5 @@
 /* ocsp_vfy.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2000.
  */
 /* ====================================================================
@@ -308,6 +308,8 @@ static int ocsp_match_issuerid(X509 *cert, OCSP_CERTID *cid,
 			}
 
 		mdlen = EVP_MD_size(dgst);
+		if (mdlen < 0)
+		    return -1;
 		if ((cid->issuerNameHash->length != mdlen) ||
 		   (cid->issuerKeyHash->length != mdlen))
 			return 0;
@@ -316,7 +318,7 @@ static int ocsp_match_issuerid(X509 *cert, OCSP_CERTID *cid,
 			return -1;
 		if (memcmp(md, cid->issuerNameHash->data, mdlen))
 			return 0;
-		X509_pubkey_digest(cert, EVP_sha1(), md, NULL);
+		X509_pubkey_digest(cert, dgst, md, NULL);
 		if (memcmp(md, cid->issuerKeyHash->data, mdlen))
 			return 0;
 
@@ -367,7 +369,7 @@ int OCSP_request_verify(OCSP_REQUEST *req, STACK_OF(X509) *certs, X509_STORE *st
 		return 0;
 		}
 	gen = req->tbsRequest->requestorName;
-	if (gen->type != GEN_DIRNAME)
+	if (!gen || gen->type != GEN_DIRNAME)
 		{
 		OCSPerr(OCSP_F_OCSP_REQUEST_VERIFY, OCSP_R_UNSUPPORTED_REQUESTORNAME_TYPE);
 		return 0;
diff --git a/crypto/opensslconf.h.in b/crypto/opensslconf.h.in
index cee83acf98..97e3745563 100644
--- a/crypto/opensslconf.h.in
+++ b/crypto/opensslconf.h.in
@@ -63,14 +63,9 @@
 /* Should we define BN_DIV2W here? */
 
 /* Only one for the following should be defined */
-/* The prime number generation stuff may not work when
- * EIGHT_BIT but I don't care since I've only used this mode
- * for debuging the bignum libraries */
 #undef SIXTY_FOUR_BIT_LONG
 #undef SIXTY_FOUR_BIT
 #define THIRTY_TWO_BIT
-#undef SIXTEEN_BIT
-#undef EIGHT_BIT
 #endif
 
 #if defined(HEADER_RC4_LOCL_H) && !defined(CONFIG_HEADER_RC4_LOCL_H)
diff --git a/crypto/opensslv.h b/crypto/opensslv.h
index 1dd3280798..a23dedc91b 100644
--- a/crypto/opensslv.h
+++ b/crypto/opensslv.h
@@ -25,11 +25,11 @@
  * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
  *  major minor fix final patch/beta)
  */
-#define OPENSSL_VERSION_NUMBER	0x00908000L
+#define OPENSSL_VERSION_NUMBER	0x10100000L
 #ifdef OPENSSL_FIPS
-#define OPENSSL_VERSION_TEXT	"OpenSSL 0.9.8-fips-dev XX xxx XXXX"
+#define OPENSSL_VERSION_TEXT	"OpenSSL 1.1.0-fips-dev xx XXX xxxx"
 #else
-#define OPENSSL_VERSION_TEXT	"OpenSSL 0.9.8-dev XX xxx XXXX"
+#define OPENSSL_VERSION_TEXT	"OpenSSL 1.1.0-dev xx XXX xxxx"
 #endif
 #define OPENSSL_VERSION_PTEXT	" part of " OPENSSL_VERSION_TEXT
 
@@ -83,7 +83,7 @@
  * should only keep the versions that are binary compatible with the current.
  */
 #define SHLIB_VERSION_HISTORY ""
-#define SHLIB_VERSION_NUMBER "0.9.8"
+#define SHLIB_VERSION_NUMBER "1.1.0"
 
 
 #endif /* HEADER_OPENSSLV_H */
diff --git a/crypto/ossl_typ.h b/crypto/ossl_typ.h
index 9c335a1819..12bd7014de 100644
--- a/crypto/ossl_typ.h
+++ b/crypto/ossl_typ.h
@@ -95,10 +95,15 @@ typedef int ASN1_BOOLEAN;
 typedef int ASN1_NULL;
 #endif
 
+typedef struct asn1_pctx_st ASN1_PCTX;
+
 #ifdef OPENSSL_SYS_WIN32
 #undef X509_NAME
+#undef X509_EXTENSIONS
 #undef X509_CERT_PAIR
 #undef PKCS7_ISSUER_AND_SERIAL
+#undef OCSP_REQUEST
+#undef OCSP_RESPONSE
 #endif
 
 #ifdef BIGNUM
@@ -119,6 +124,11 @@ typedef struct env_md_st EVP_MD;
 typedef struct env_md_ctx_st EVP_MD_CTX;
 typedef struct evp_pkey_st EVP_PKEY;
 
+typedef struct evp_pkey_asn1_method_st EVP_PKEY_ASN1_METHOD;
+
+typedef struct evp_pkey_method_st EVP_PKEY_METHOD;
+typedef struct evp_pkey_ctx_st EVP_PKEY_CTX;
+
 typedef struct dh_st DH;
 typedef struct dh_method DH_METHOD;
 
@@ -136,10 +146,15 @@ typedef struct ecdsa_method ECDSA_METHOD;
 typedef struct x509_st X509;
 typedef struct X509_algor_st X509_ALGOR;
 typedef struct X509_crl_st X509_CRL;
+typedef struct x509_crl_method_st X509_CRL_METHOD;
+typedef struct x509_revoked_st X509_REVOKED;
 typedef struct X509_name_st X509_NAME;
+typedef struct X509_pubkey_st X509_PUBKEY;
 typedef struct x509_store_st X509_STORE;
 typedef struct x509_store_ctx_st X509_STORE_CTX;
 
+typedef struct pkcs8_priv_key_info_st PKCS8_PRIV_KEY_INFO;
+
 typedef struct v3_ext_ctx X509V3_CTX;
 typedef struct conf_st CONF;
 
@@ -152,12 +167,19 @@ typedef struct ui_method_st UI_METHOD;
 typedef struct st_ERR_FNS ERR_FNS;
 
 typedef struct engine_st ENGINE;
+typedef struct ssl_st SSL;
+typedef struct ssl_ctx_st SSL_CTX;
 
 typedef struct X509_POLICY_NODE_st X509_POLICY_NODE;
 typedef struct X509_POLICY_LEVEL_st X509_POLICY_LEVEL;
 typedef struct X509_POLICY_TREE_st X509_POLICY_TREE;
 typedef struct X509_POLICY_CACHE_st X509_POLICY_CACHE;
 
+typedef struct AUTHORITY_KEYID_st AUTHORITY_KEYID;
+typedef struct DIST_POINT_st DIST_POINT;
+typedef struct ISSUING_DIST_POINT_st ISSUING_DIST_POINT;
+typedef struct NAME_CONSTRAINTS_st NAME_CONSTRAINTS;
+
   /* If placed in pkcs12.h, we end up with a circular depency with pkcs7.h */
 #define DECLARE_PKCS12_STACK_OF(type) /* Nothing */
 #define IMPLEMENT_PKCS12_STACK_OF(type) /* Nothing */
@@ -171,4 +193,8 @@ typedef void CRYPTO_EX_free(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
 typedef int CRYPTO_EX_dup(CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from, void *from_d, 
 					int idx, long argl, void *argp);
 
+typedef struct ocsp_req_ctx_st OCSP_REQ_CTX;
+typedef struct ocsp_response_st OCSP_RESPONSE;
+typedef struct ocsp_responder_id_st OCSP_RESPID;
+
 #endif /* def HEADER_OPENSSL_TYPES_H */
diff --git a/crypto/pariscid.pl b/crypto/pariscid.pl
new file mode 100644
index 0000000000..1ed5381957
--- /dev/null
+++ b/crypto/pariscid.pl
@@ -0,0 +1,138 @@
+#!/usr/bin/env perl
+
+$flavour = shift;
+$output = shift;
+open STDOUT,">$output";
+
+if ($flavour =~ /64/) {
+	$LEVEL		="2.0W";
+	$SIZE_T		=8;
+	$ST		="std";
+} else {
+	$LEVEL		="1.1";
+	$SIZE_T		=4;
+	$ST		="stw";
+}
+
+$rp="%r2";
+$sp="%r30";
+$rv="%r28";
+
+$code=<<___;
+	.LEVEL	$LEVEL
+	.SPACE	\$TEXT\$
+	.SUBSPA	\$CODE\$,QUAD=0,ALIGN=8,ACCESS=0x2C,CODE_ONLY
+
+	.EXPORT	OPENSSL_cpuid_setup,ENTRY
+	.ALIGN	8
+OPENSSL_cpuid_setup
+	.PROC
+	.CALLINFO	NO_CALLS
+	.ENTRY
+	bv	($rp)
+	.EXIT
+	nop
+	.PROCEND
+
+	.EXPORT	OPENSSL_rdtsc,ENTRY
+	.ALIGN	8
+OPENSSL_rdtsc
+	.PROC
+	.CALLINFO	NO_CALLS
+	.ENTRY
+	mfctl	%cr16,$rv
+	bv	($rp)
+	.EXIT
+	nop
+	.PROCEND
+
+	.EXPORT	OPENSSL_wipe_cpu,ENTRY
+	.ALIGN	8
+OPENSSL_wipe_cpu
+	.PROC
+	.CALLINFO	NO_CALLS
+	.ENTRY
+	xor		%r0,%r0,%r1
+	fcpy,dbl	%fr0,%fr4
+	xor		%r0,%r0,%r19
+	fcpy,dbl	%fr0,%fr5
+	xor		%r0,%r0,%r20
+	fcpy,dbl	%fr0,%fr6
+	xor		%r0,%r0,%r21
+	fcpy,dbl	%fr0,%fr7
+	xor		%r0,%r0,%r22
+	fcpy,dbl	%fr0,%fr8
+	xor		%r0,%r0,%r23
+	fcpy,dbl	%fr0,%fr9
+	xor		%r0,%r0,%r24
+	fcpy,dbl	%fr0,%fr10
+	xor		%r0,%r0,%r25
+	fcpy,dbl	%fr0,%fr11
+	xor		%r0,%r0,%r26
+	fcpy,dbl	%fr0,%fr22
+	xor		%r0,%r0,%r29
+	fcpy,dbl	%fr0,%fr23
+	xor		%r0,%r0,%r31
+	fcpy,dbl	%fr0,%fr24
+	fcpy,dbl	%fr0,%fr25
+	fcpy,dbl	%fr0,%fr26
+	fcpy,dbl	%fr0,%fr27
+	fcpy,dbl	%fr0,%fr28
+	fcpy,dbl	%fr0,%fr29
+	fcpy,dbl	%fr0,%fr30
+	fcpy,dbl	%fr0,%fr31
+	bv		($rp)
+	.EXIT
+	ldo		0($sp),$rv
+	.PROCEND
+___
+{
+$inp="%r26";
+$len="%r25";
+
+$code.=<<___;
+	.EXPORT	OPENSSL_cleanse,ENTRY,ARGW0=GR,ARGW1=GR
+	.ALIGN	8
+OPENSSL_cleanse
+	.PROC
+	.CALLINFO	NO_CALLS
+	.ENTRY
+	cmpib,*=	0,$len,Ldone
+	nop
+	cmpib,*>>=	15,$len,Little
+	ldi		$SIZE_T-1,%r1
+
+Lalign
+	and,*<>		$inp,%r1,%r28
+	b,n		Laligned
+	stb		%r0,0($inp)
+	ldo		-1($len),$len
+	b		Lalign
+	ldo		1($inp),$inp
+
+Laligned
+	andcm		$len,%r1,%r28
+Loop
+	$ST		%r0,0($inp)
+	addib,*<>	-$SIZE_T,%r28,Loop
+	ldo		$SIZE_T($inp),$inp
+
+	and,*<>		$len,%r1,$len
+	b,n		Ldone
+Little
+	stb		%r0,0($inp)
+	addib,*<>	-1,$len,Little
+	ldo		1($inp),$inp
+Ldone
+	bv		($rp)
+	.EXIT
+	nop
+	.PROCEND
+___
+}
+
+$code =~ s/cmpib,\*/comib,/gm if ($SIZE_T==4);
+$code =~ s/,\*/,/gm if ($SIZE_T==4);
+print $code;
+close STDOUT;
+
diff --git a/crypto/pem/.cvsignore b/crypto/pem/.cvsignore
index d0340d6553..feb507d7bd 100644
--- a/crypto/pem/.cvsignore
+++ b/crypto/pem/.cvsignore
@@ -1,3 +1,5 @@
 lib
 ctx_size
 Makefile.save
+*.flc
+semantic.cache
diff --git a/crypto/pem/Makefile.ssl b/crypto/pem/Makefile.ssl
deleted file mode 100644
index 02156ef659..0000000000
--- a/crypto/pem/Makefile.ssl
+++ /dev/null
@@ -1,246 +0,0 @@
-#
-# SSLeay/crypto/pem/Makefile
-#
-
-DIR=	pem
-TOP=	../..
-CC=	cc
-INCLUDES= -I.. -I$(TOP) -I../../include
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC= pem_sign.c pem_seal.c pem_info.c pem_lib.c pem_all.c pem_err.c \
-	pem_x509.c pem_xaux.c pem_oth.c pem_pk8.c pem_pkey.c
-
-LIBOBJ=	pem_sign.o pem_seal.o pem_info.o pem_lib.o pem_all.o pem_err.o \
-	pem_x509.o pem_xaux.o pem_oth.o pem_pk8.o pem_pkey.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= pem.h pem2.h
-HEADER=	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links: $(EXHEADER)
-	@sh $(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-pem_all.o: ../../e_os.h ../../include/openssl/asn1.h
-pem_all.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-pem_all.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
-pem_all.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-pem_all.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-pem_all.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-pem_all.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-pem_all.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-pem_all.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-pem_all.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
-pem_all.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
-pem_all.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-pem_all.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-pem_all.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-pem_all.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_all.c
-pem_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-pem_err.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-pem_err.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-pem_err.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-pem_err.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-pem_err.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-pem_err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-pem_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-pem_err.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
-pem_err.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-pem_err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-pem_err.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-pem_err.o: ../../include/openssl/x509_vfy.h pem_err.c
-pem_info.o: ../../e_os.h ../../include/openssl/asn1.h
-pem_info.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-pem_info.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h
-pem_info.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-pem_info.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-pem_info.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-pem_info.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-pem_info.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-pem_info.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-pem_info.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
-pem_info.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
-pem_info.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-pem_info.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-pem_info.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-pem_info.o: ../cryptlib.h pem_info.c
-pem_lib.o: ../../e_os.h ../../include/openssl/asn1.h
-pem_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-pem_lib.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-pem_lib.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
-pem_lib.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-pem_lib.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-pem_lib.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-pem_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-pem_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-pem_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
-pem_lib.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs12.h
-pem_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
-pem_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-pem_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-pem_lib.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
-pem_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-pem_lib.o: ../cryptlib.h pem_lib.c
-pem_oth.o: ../../e_os.h ../../include/openssl/asn1.h
-pem_oth.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-pem_oth.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-pem_oth.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-pem_oth.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-pem_oth.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-pem_oth.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-pem_oth.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-pem_oth.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
-pem_oth.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
-pem_oth.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
-pem_oth.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-pem_oth.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-pem_oth.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_oth.c
-pem_pk8.o: ../../e_os.h ../../include/openssl/asn1.h
-pem_pk8.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-pem_pk8.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-pem_pk8.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-pem_pk8.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-pem_pk8.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-pem_pk8.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-pem_pk8.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-pem_pk8.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
-pem_pk8.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs12.h
-pem_pk8.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
-pem_pk8.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-pem_pk8.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-pem_pk8.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-pem_pk8.o: ../cryptlib.h pem_pk8.c
-pem_pkey.o: ../../e_os.h ../../include/openssl/asn1.h
-pem_pkey.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-pem_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-pem_pkey.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-pem_pkey.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-pem_pkey.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-pem_pkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-pem_pkey.o: ../../include/openssl/opensslconf.h
-pem_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-pem_pkey.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
-pem_pkey.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
-pem_pkey.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
-pem_pkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-pem_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-pem_pkey.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_pkey.c
-pem_seal.o: ../../e_os.h ../../include/openssl/asn1.h
-pem_seal.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-pem_seal.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-pem_seal.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-pem_seal.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-pem_seal.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-pem_seal.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-pem_seal.o: ../../include/openssl/opensslconf.h
-pem_seal.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-pem_seal.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
-pem_seal.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
-pem_seal.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-pem_seal.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-pem_seal.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-pem_seal.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_seal.c
-pem_sign.o: ../../e_os.h ../../include/openssl/asn1.h
-pem_sign.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-pem_sign.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-pem_sign.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-pem_sign.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-pem_sign.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-pem_sign.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-pem_sign.o: ../../include/openssl/opensslconf.h
-pem_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-pem_sign.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
-pem_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
-pem_sign.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-pem_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-pem_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-pem_sign.o: ../cryptlib.h pem_sign.c
-pem_x509.o: ../../e_os.h ../../include/openssl/asn1.h
-pem_x509.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-pem_x509.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-pem_x509.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-pem_x509.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-pem_x509.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-pem_x509.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-pem_x509.o: ../../include/openssl/opensslconf.h
-pem_x509.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-pem_x509.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
-pem_x509.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-pem_x509.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-pem_x509.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-pem_x509.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_x509.c
-pem_xaux.o: ../../e_os.h ../../include/openssl/asn1.h
-pem_xaux.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-pem_xaux.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-pem_xaux.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-pem_xaux.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-pem_xaux.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-pem_xaux.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-pem_xaux.o: ../../include/openssl/opensslconf.h
-pem_xaux.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-pem_xaux.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
-pem_xaux.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-pem_xaux.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-pem_xaux.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-pem_xaux.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_xaux.c
diff --git a/crypto/pem/pem.h b/crypto/pem/pem.h
index ce5b75c315..c2d7690580 100644
--- a/crypto/pem/pem.h
+++ b/crypto/pem/pem.h
@@ -125,6 +125,7 @@ extern "C" {
 #define PEM_STRING_DSA		"DSA PRIVATE KEY"
 #define PEM_STRING_DSA_PUBLIC	"DSA PUBLIC KEY"
 #define PEM_STRING_PKCS7	"PKCS7"
+#define PEM_STRING_PKCS7_SIGNED	"PKCS #7 SIGNED DATA"
 #define PEM_STRING_PKCS8	"ENCRYPTED PRIVATE KEY"
 #define PEM_STRING_PKCS8INF	"PRIVATE KEY"
 #define PEM_STRING_DHPARAMS	"DH PARAMETERS"
@@ -133,6 +134,8 @@ extern "C" {
 #define PEM_STRING_ECDSA_PUBLIC "ECDSA PUBLIC KEY"
 #define PEM_STRING_ECPARAMETERS "EC PARAMETERS"
 #define PEM_STRING_ECPRIVATEKEY	"EC PRIVATE KEY"
+#define PEM_STRING_PARAMETERS	"PARAMETERS"
+#define PEM_STRING_CMS		"CMS"
 
   /* Note that this structure is initialised by PEM_SealInit and cleaned up
      by PEM_SealFinal (at least for now) */
@@ -181,11 +184,8 @@ typedef struct pem_ctx_st
 	int num_recipient;
 	PEM_USER **recipient;
 
-#ifndef OPENSSL_NO_STACK
-	STACK *x509_chain;	/* certificate chain */
-#else
-	char *x509_chain;	/* certificate chain */
-#endif
+	/* XXX(ben): don#t think this is used! 
+		STACK *x509_chain;	/ * certificate chain */
 	EVP_MD *md;		/* signature type */
 
 	int md_enc;		/* is the md encrypted or not? */
@@ -213,22 +213,28 @@ typedef struct pem_ctx_st
 
 #define IMPLEMENT_PEM_read_fp(name, type, str, asn1) /**/
 #define IMPLEMENT_PEM_write_fp(name, type, str, asn1) /**/
+#define IMPLEMENT_PEM_write_fp_const(name, type, str, asn1) /**/
 #define IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) /**/
+#define IMPLEMENT_PEM_write_cb_fp_const(name, type, str, asn1) /**/
 
 #else
 
 #define IMPLEMENT_PEM_read_fp(name, type, str, asn1) \
 type *PEM_read_##name(FILE *fp, type **x, pem_password_cb *cb, void *u)\
 { \
-return((type *)PEM_ASN1_read((char *(*)())d2i_##asn1, str,fp,(char **)x,\
-	cb,u)); \
-} \
+return PEM_ASN1_read((d2i_of_void *)d2i_##asn1, str,fp,(void **)x,cb,u); \
+} 
 
 #define IMPLEMENT_PEM_write_fp(name, type, str, asn1) \
 int PEM_write_##name(FILE *fp, type *x) \
 { \
-return(PEM_ASN1_write((int (*)())i2d_##asn1,str,fp, (char *)x, \
-							 NULL,NULL,0,NULL,NULL)); \
+return PEM_ASN1_write((i2d_of_void *)i2d_##asn1,str,fp,x,NULL,NULL,0,NULL,NULL); \
+}
+
+#define IMPLEMENT_PEM_write_fp_const(name, type, str, asn1) \
+int PEM_write_##name(FILE *fp, const type *x) \
+{ \
+return PEM_ASN1_write((i2d_of_void *)i2d_##asn1,str,fp,(void *)x,NULL,NULL,0,NULL,NULL); \
 }
 
 #define IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) \
@@ -236,8 +242,15 @@ int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \
 	     unsigned char *kstr, int klen, pem_password_cb *cb, \
 		  void *u) \
 	{ \
-	return(PEM_ASN1_write((int (*)())i2d_##asn1,str,fp, \
-		(char *)x,enc,kstr,klen,cb,u)); \
+	return PEM_ASN1_write((i2d_of_void *)i2d_##asn1,str,fp,x,enc,kstr,klen,cb,u); \
+	}
+
+#define IMPLEMENT_PEM_write_cb_fp_const(name, type, str, asn1) \
+int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \
+	     unsigned char *kstr, int klen, pem_password_cb *cb, \
+		  void *u) \
+	{ \
+	return PEM_ASN1_write((i2d_of_void *)i2d_##asn1,str,fp,x,enc,kstr,klen,cb,u); \
 	}
 
 #endif
@@ -245,33 +258,51 @@ int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \
 #define IMPLEMENT_PEM_read_bio(name, type, str, asn1) \
 type *PEM_read_bio_##name(BIO *bp, type **x, pem_password_cb *cb, void *u)\
 { \
-return((type *)PEM_ASN1_read_bio((char *(*)())d2i_##asn1, str,bp,\
-							(char **)x,cb,u)); \
+return PEM_ASN1_read_bio((d2i_of_void *)d2i_##asn1, str,bp,(void **)x,cb,u); \
 }
 
 #define IMPLEMENT_PEM_write_bio(name, type, str, asn1) \
 int PEM_write_bio_##name(BIO *bp, type *x) \
 { \
-return(PEM_ASN1_write_bio((int (*)())i2d_##asn1,str,bp, (char *)x, \
-							 NULL,NULL,0,NULL,NULL)); \
+return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1,str,bp,x,NULL,NULL,0,NULL,NULL); \
+}
+
+#define IMPLEMENT_PEM_write_bio_const(name, type, str, asn1) \
+int PEM_write_bio_##name(BIO *bp, const type *x) \
+{ \
+return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1,str,bp,(void *)x,NULL,NULL,0,NULL,NULL); \
 }
 
 #define IMPLEMENT_PEM_write_cb_bio(name, type, str, asn1) \
 int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \
 	     unsigned char *kstr, int klen, pem_password_cb *cb, void *u) \
 	{ \
-	return(PEM_ASN1_write_bio((int (*)())i2d_##asn1,str,bp, \
-		(char *)x,enc,kstr,klen,cb,u)); \
+	return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1,str,bp,x,enc,kstr,klen,cb,u); \
+	}
+
+#define IMPLEMENT_PEM_write_cb_bio_const(name, type, str, asn1) \
+int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \
+	     unsigned char *kstr, int klen, pem_password_cb *cb, void *u) \
+	{ \
+	return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1,str,bp,(void *)x,enc,kstr,klen,cb,u); \
 	}
 
 #define IMPLEMENT_PEM_write(name, type, str, asn1) \
 	IMPLEMENT_PEM_write_bio(name, type, str, asn1) \
 	IMPLEMENT_PEM_write_fp(name, type, str, asn1) 
 
+#define IMPLEMENT_PEM_write_const(name, type, str, asn1) \
+	IMPLEMENT_PEM_write_bio_const(name, type, str, asn1) \
+	IMPLEMENT_PEM_write_fp_const(name, type, str, asn1) 
+
 #define IMPLEMENT_PEM_write_cb(name, type, str, asn1) \
 	IMPLEMENT_PEM_write_cb_bio(name, type, str, asn1) \
 	IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) 
 
+#define IMPLEMENT_PEM_write_cb_const(name, type, str, asn1) \
+	IMPLEMENT_PEM_write_cb_bio_const(name, type, str, asn1) \
+	IMPLEMENT_PEM_write_cb_fp_const(name, type, str, asn1) 
+
 #define IMPLEMENT_PEM_read(name, type, str, asn1) \
 	IMPLEMENT_PEM_read_bio(name, type, str, asn1) \
 	IMPLEMENT_PEM_read_fp(name, type, str, asn1) 
@@ -280,13 +311,17 @@ int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \
 	IMPLEMENT_PEM_read(name, type, str, asn1) \
 	IMPLEMENT_PEM_write(name, type, str, asn1)
 
+#define IMPLEMENT_PEM_rw_const(name, type, str, asn1) \
+	IMPLEMENT_PEM_read(name, type, str, asn1) \
+	IMPLEMENT_PEM_write_const(name, type, str, asn1)
+
 #define IMPLEMENT_PEM_rw_cb(name, type, str, asn1) \
 	IMPLEMENT_PEM_read(name, type, str, asn1) \
 	IMPLEMENT_PEM_write_cb(name, type, str, asn1)
 
 /* These are the same except they are for the declarations */
 
-#if defined(OPENSSL_SYS_WIN16) || defined(OPENSSL_NO_FP_API)
+#if defined(OPENSSL_NO_FP_API)
 
 #define DECLARE_PEM_read_fp(name, type) /**/
 #define DECLARE_PEM_write_fp(name, type) /**/
@@ -300,6 +335,9 @@ int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \
 #define DECLARE_PEM_write_fp(name, type) \
 	int PEM_write_##name(FILE *fp, type *x);
 
+#define DECLARE_PEM_write_fp_const(name, type) \
+	int PEM_write_##name(FILE *fp, const type *x);
+
 #define DECLARE_PEM_write_cb_fp(name, type) \
 	int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \
 	     unsigned char *kstr, int klen, pem_password_cb *cb, void *u);
@@ -313,6 +351,9 @@ int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \
 #define DECLARE_PEM_write_bio(name, type) \
 	int PEM_write_bio_##name(BIO *bp, type *x);
 
+#define DECLARE_PEM_write_bio_const(name, type) \
+	int PEM_write_bio_##name(BIO *bp, const type *x);
+
 #define DECLARE_PEM_write_cb_bio(name, type) \
 	int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \
 	     unsigned char *kstr, int klen, pem_password_cb *cb, void *u);
@@ -321,6 +362,7 @@ int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \
 
 #define DECLARE_PEM_read_bio(name, type) /**/
 #define DECLARE_PEM_write_bio(name, type) /**/
+#define DECLARE_PEM_write_bio_const(name, type) /**/
 #define DECLARE_PEM_write_cb_bio(name, type) /**/
 
 #endif
@@ -329,6 +371,10 @@ int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \
 	DECLARE_PEM_write_bio(name, type) \
 	DECLARE_PEM_write_fp(name, type) 
 
+#define DECLARE_PEM_write_const(name, type) \
+	DECLARE_PEM_write_bio_const(name, type) \
+	DECLARE_PEM_write_fp_const(name, type)
+
 #define DECLARE_PEM_write_cb(name, type) \
 	DECLARE_PEM_write_cb_bio(name, type) \
 	DECLARE_PEM_write_cb_fp(name, type) 
@@ -341,147 +387,14 @@ int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \
 	DECLARE_PEM_read(name, type) \
 	DECLARE_PEM_write(name, type)
 
+#define DECLARE_PEM_rw_const(name, type) \
+	DECLARE_PEM_read(name, type) \
+	DECLARE_PEM_write_const(name, type)
+
 #define DECLARE_PEM_rw_cb(name, type) \
 	DECLARE_PEM_read(name, type) \
 	DECLARE_PEM_write_cb(name, type)
 
-#ifdef SSLEAY_MACROS
-
-#define PEM_write_SSL_SESSION(fp,x) \
-		PEM_ASN1_write((int (*)())i2d_SSL_SESSION, \
-			PEM_STRING_SSL_SESSION,fp, (char *)x, NULL,NULL,0,NULL,NULL)
-#define PEM_write_X509(fp,x) \
-		PEM_ASN1_write((int (*)())i2d_X509,PEM_STRING_X509,fp, \
-			(char *)x, NULL,NULL,0,NULL,NULL)
-#define PEM_write_X509_REQ(fp,x) PEM_ASN1_write( \
-		(int (*)())i2d_X509_REQ,PEM_STRING_X509_REQ,fp,(char *)x, \
-			NULL,NULL,0,NULL,NULL)
-#define PEM_write_X509_CRL(fp,x) \
-		PEM_ASN1_write((int (*)())i2d_X509_CRL,PEM_STRING_X509_CRL, \
-			fp,(char *)x, NULL,NULL,0,NULL,NULL)
-#define	PEM_write_RSAPrivateKey(fp,x,enc,kstr,klen,cb,u) \
-		PEM_ASN1_write((int (*)())i2d_RSAPrivateKey,PEM_STRING_RSA,fp,\
-			(char *)x,enc,kstr,klen,cb,u)
-#define	PEM_write_RSAPublicKey(fp,x) \
-		PEM_ASN1_write((int (*)())i2d_RSAPublicKey,\
-			PEM_STRING_RSA_PUBLIC,fp,(char *)x,NULL,NULL,0,NULL,NULL)
-#define	PEM_write_DSAPrivateKey(fp,x,enc,kstr,klen,cb,u) \
-		PEM_ASN1_write((int (*)())i2d_DSAPrivateKey,PEM_STRING_DSA,fp,\
-			(char *)x,enc,kstr,klen,cb,u)
-#define	PEM_write_PrivateKey(bp,x,enc,kstr,klen,cb,u) \
-		PEM_ASN1_write((int (*)())i2d_PrivateKey,\
-		(((x)->type == EVP_PKEY_DSA)?PEM_STRING_DSA:PEM_STRING_RSA),\
-			bp,(char *)x,enc,kstr,klen,cb,u)
-#define PEM_write_PKCS7(fp,x) \
-		PEM_ASN1_write((int (*)())i2d_PKCS7,PEM_STRING_PKCS7,fp, \
-			(char *)x, NULL,NULL,0,NULL,NULL)
-#define PEM_write_DHparams(fp,x) \
-		PEM_ASN1_write((int (*)())i2d_DHparams,PEM_STRING_DHPARAMS,fp,\
-			(char *)x,NULL,NULL,0,NULL,NULL)
-
-#define PEM_write_NETSCAPE_CERT_SEQUENCE(fp,x) \
-                PEM_ASN1_write((int (*)())i2d_NETSCAPE_CERT_SEQUENCE, \
-			PEM_STRING_X509,fp, \
-                        (char *)x, NULL,NULL,0,NULL,NULL)
-
-#define	PEM_read_SSL_SESSION(fp,x,cb,u) (SSL_SESSION *)PEM_ASN1_read( \
-	(char *(*)())d2i_SSL_SESSION,PEM_STRING_SSL_SESSION,fp,(char **)x,cb,u)
-#define	PEM_read_X509(fp,x,cb,u) (X509 *)PEM_ASN1_read( \
-	(char *(*)())d2i_X509,PEM_STRING_X509,fp,(char **)x,cb,u)
-#define	PEM_read_X509_REQ(fp,x,cb,u) (X509_REQ *)PEM_ASN1_read( \
-	(char *(*)())d2i_X509_REQ,PEM_STRING_X509_REQ,fp,(char **)x,cb,u)
-#define	PEM_read_X509_CRL(fp,x,cb,u) (X509_CRL *)PEM_ASN1_read( \
-	(char *(*)())d2i_X509_CRL,PEM_STRING_X509_CRL,fp,(char **)x,cb,u)
-#define	PEM_read_RSAPrivateKey(fp,x,cb,u) (RSA *)PEM_ASN1_read( \
-	(char *(*)())d2i_RSAPrivateKey,PEM_STRING_RSA,fp,(char **)x,cb,u)
-#define	PEM_read_RSAPublicKey(fp,x,cb,u) (RSA *)PEM_ASN1_read( \
-	(char *(*)())d2i_RSAPublicKey,PEM_STRING_RSA_PUBLIC,fp,(char **)x,cb,u)
-#define	PEM_read_DSAPrivateKey(fp,x,cb,u) (DSA *)PEM_ASN1_read( \
-	(char *(*)())d2i_DSAPrivateKey,PEM_STRING_DSA,fp,(char **)x,cb,u)
-#define	PEM_read_PrivateKey(fp,x,cb,u) (EVP_PKEY *)PEM_ASN1_read( \
-	(char *(*)())d2i_PrivateKey,PEM_STRING_EVP_PKEY,fp,(char **)x,cb,u)
-#define	PEM_read_PKCS7(fp,x,cb,u) (PKCS7 *)PEM_ASN1_read( \
-	(char *(*)())d2i_PKCS7,PEM_STRING_PKCS7,fp,(char **)x,cb,u)
-#define	PEM_read_DHparams(fp,x,cb,u) (DH *)PEM_ASN1_read( \
-	(char *(*)())d2i_DHparams,PEM_STRING_DHPARAMS,fp,(char **)x,cb,u)
-
-#define PEM_read_NETSCAPE_CERT_SEQUENCE(fp,x,cb,u) \
-		(NETSCAPE_CERT_SEQUENCE *)PEM_ASN1_read( \
-        (char *(*)())d2i_NETSCAPE_CERT_SEQUENCE,PEM_STRING_X509,fp,\
-							(char **)x,cb,u)
-
-#define PEM_write_bio_SSL_SESSION(bp,x) \
-		PEM_ASN1_write_bio((int (*)())i2d_SSL_SESSION, \
-			PEM_STRING_SSL_SESSION,bp, (char *)x, NULL,NULL,0,NULL,NULL)
-#define PEM_write_bio_X509(bp,x) \
-		PEM_ASN1_write_bio((int (*)())i2d_X509,PEM_STRING_X509,bp, \
-			(char *)x, NULL,NULL,0,NULL,NULL)
-#define PEM_write_bio_X509_REQ(bp,x) PEM_ASN1_write_bio( \
-		(int (*)())i2d_X509_REQ,PEM_STRING_X509_REQ,bp,(char *)x, \
-			NULL,NULL,0,NULL,NULL)
-#define PEM_write_bio_X509_CRL(bp,x) \
-		PEM_ASN1_write_bio((int (*)())i2d_X509_CRL,PEM_STRING_X509_CRL,\
-			bp,(char *)x, NULL,NULL,0,NULL,NULL)
-#define	PEM_write_bio_RSAPrivateKey(bp,x,enc,kstr,klen,cb,u) \
-		PEM_ASN1_write_bio((int (*)())i2d_RSAPrivateKey,PEM_STRING_RSA,\
-			bp,(char *)x,enc,kstr,klen,cb,u)
-#define	PEM_write_bio_RSAPublicKey(bp,x) \
-		PEM_ASN1_write_bio((int (*)())i2d_RSAPublicKey, \
-			PEM_STRING_RSA_PUBLIC,\
-			bp,(char *)x,NULL,NULL,0,NULL,NULL)
-#define	PEM_write_bio_DSAPrivateKey(bp,x,enc,kstr,klen,cb,u) \
-		PEM_ASN1_write_bio((int (*)())i2d_DSAPrivateKey,PEM_STRING_DSA,\
-			bp,(char *)x,enc,kstr,klen,cb,u)
-#define	PEM_write_bio_PrivateKey(bp,x,enc,kstr,klen,cb,u) \
-		PEM_ASN1_write_bio((int (*)())i2d_PrivateKey,\
-		(((x)->type == EVP_PKEY_DSA)?PEM_STRING_DSA:PEM_STRING_RSA),\
-			bp,(char *)x,enc,kstr,klen,cb,u)
-#define PEM_write_bio_PKCS7(bp,x) \
-		PEM_ASN1_write_bio((int (*)())i2d_PKCS7,PEM_STRING_PKCS7,bp, \
-			(char *)x, NULL,NULL,0,NULL,NULL)
-#define PEM_write_bio_DHparams(bp,x) \
-		PEM_ASN1_write_bio((int (*)())i2d_DHparams,PEM_STRING_DHPARAMS,\
-			bp,(char *)x,NULL,NULL,0,NULL,NULL)
-#define PEM_write_bio_DSAparams(bp,x) \
-		PEM_ASN1_write_bio((int (*)())i2d_DSAparams, \
-			PEM_STRING_DSAPARAMS,bp,(char *)x,NULL,NULL,0,NULL,NULL)
-
-#define PEM_write_bio_NETSCAPE_CERT_SEQUENCE(bp,x) \
-                PEM_ASN1_write_bio((int (*)())i2d_NETSCAPE_CERT_SEQUENCE, \
-			PEM_STRING_X509,bp, \
-                        (char *)x, NULL,NULL,0,NULL,NULL)
-
-#define	PEM_read_bio_SSL_SESSION(bp,x,cb,u) (SSL_SESSION *)PEM_ASN1_read_bio( \
-	(char *(*)())d2i_SSL_SESSION,PEM_STRING_SSL_SESSION,bp,(char **)x,cb,u)
-#define	PEM_read_bio_X509(bp,x,cb,u) (X509 *)PEM_ASN1_read_bio( \
-	(char *(*)())d2i_X509,PEM_STRING_X509,bp,(char **)x,cb,u)
-#define	PEM_read_bio_X509_REQ(bp,x,cb,u) (X509_REQ *)PEM_ASN1_read_bio( \
-	(char *(*)())d2i_X509_REQ,PEM_STRING_X509_REQ,bp,(char **)x,cb,u)
-#define	PEM_read_bio_X509_CRL(bp,x,cb,u) (X509_CRL *)PEM_ASN1_read_bio( \
-	(char *(*)())d2i_X509_CRL,PEM_STRING_X509_CRL,bp,(char **)x,cb,u)
-#define	PEM_read_bio_RSAPrivateKey(bp,x,cb,u) (RSA *)PEM_ASN1_read_bio( \
-	(char *(*)())d2i_RSAPrivateKey,PEM_STRING_RSA,bp,(char **)x,cb,u)
-#define	PEM_read_bio_RSAPublicKey(bp,x,cb,u) (RSA *)PEM_ASN1_read_bio( \
-	(char *(*)())d2i_RSAPublicKey,PEM_STRING_RSA_PUBLIC,bp,(char **)x,cb,u)
-#define	PEM_read_bio_DSAPrivateKey(bp,x,cb,u) (DSA *)PEM_ASN1_read_bio( \
-	(char *(*)())d2i_DSAPrivateKey,PEM_STRING_DSA,bp,(char **)x,cb,u)
-#define	PEM_read_bio_PrivateKey(bp,x,cb,u) (EVP_PKEY *)PEM_ASN1_read_bio( \
-	(char *(*)())d2i_PrivateKey,PEM_STRING_EVP_PKEY,bp,(char **)x,cb,u)
-
-#define	PEM_read_bio_PKCS7(bp,x,cb,u) (PKCS7 *)PEM_ASN1_read_bio( \
-	(char *(*)())d2i_PKCS7,PEM_STRING_PKCS7,bp,(char **)x,cb,u)
-#define	PEM_read_bio_DHparams(bp,x,cb,u) (DH *)PEM_ASN1_read_bio( \
-	(char *(*)())d2i_DHparams,PEM_STRING_DHPARAMS,bp,(char **)x,cb,u)
-#define	PEM_read_bio_DSAparams(bp,x,cb,u) (DSA *)PEM_ASN1_read_bio( \
-	(char *(*)())d2i_DSAparams,PEM_STRING_DSAPARAMS,bp,(char **)x,cb,u)
-
-#define PEM_read_bio_NETSCAPE_CERT_SEQUENCE(bp,x,cb,u) \
-		(NETSCAPE_CERT_SEQUENCE *)PEM_ASN1_read_bio( \
-        (char *(*)())d2i_NETSCAPE_CERT_SEQUENCE,PEM_STRING_X509,bp,\
-							(char **)x,cb,u)
-
-#endif
-
 #if 1
 /* "userdata": new with OpenSSL 0.9.4 */
 typedef int pem_password_cb(char *buf, int size, int rwflag, void *userdata);
@@ -501,39 +414,38 @@ int	PEM_write_bio(BIO *bp,const char *name,char *hdr,unsigned char *data,
 		long len);
 int PEM_bytes_read_bio(unsigned char **pdata, long *plen, char **pnm, const char *name, BIO *bp,
 	     pem_password_cb *cb, void *u);
-char *	PEM_ASN1_read_bio(char *(*d2i)(),const char *name,BIO *bp,char **x,
-		pem_password_cb *cb, void *u);
-int	PEM_ASN1_write_bio(int (*i2d)(),const char *name,BIO *bp,char *x,
+void *	PEM_ASN1_read_bio(d2i_of_void *d2i, const char *name, BIO *bp,
+			  void **x, pem_password_cb *cb, void *u);
+int	PEM_ASN1_write_bio(i2d_of_void *i2d,const char *name,BIO *bp, void *x,
 			   const EVP_CIPHER *enc,unsigned char *kstr,int klen,
 			   pem_password_cb *cb, void *u);
+
 STACK_OF(X509_INFO) *	PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb, void *u);
 int	PEM_X509_INFO_write_bio(BIO *bp,X509_INFO *xi, EVP_CIPHER *enc,
 		unsigned char *kstr, int klen, pem_password_cb *cd, void *u);
 #endif
 
-#ifndef OPENSSL_SYS_WIN16
 int	PEM_read(FILE *fp, char **name, char **header,
 		unsigned char **data,long *len);
 int	PEM_write(FILE *fp,char *name,char *hdr,unsigned char *data,long len);
-char *	PEM_ASN1_read(char *(*d2i)(),const char *name,FILE *fp,char **x,
-	pem_password_cb *cb, void *u);
-int	PEM_ASN1_write(int (*i2d)(),const char *name,FILE *fp,char *x,
-		       const EVP_CIPHER *enc,unsigned char *kstr,int klen,
-		       pem_password_cb *callback, void *u);
+void *  PEM_ASN1_read(d2i_of_void *d2i, const char *name, FILE *fp, void **x,
+		      pem_password_cb *cb, void *u);
+int	PEM_ASN1_write(i2d_of_void *i2d,const char *name,FILE *fp,
+		       void *x,const EVP_CIPHER *enc,unsigned char *kstr,
+		       int klen,pem_password_cb *callback, void *u);
 STACK_OF(X509_INFO) *	PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk,
 	pem_password_cb *cb, void *u);
-#endif
 
 int	PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type,
 		EVP_MD *md_type, unsigned char **ek, int *ekl,
 		unsigned char *iv, EVP_PKEY **pubk, int npubk);
-void	PEM_SealUpdate(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *out, int *outl,
+int	PEM_SealUpdate(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *out, int *outl,
 		unsigned char *in, int inl);
 int	PEM_SealFinal(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *sig,int *sigl,
 		unsigned char *out, int *outl, EVP_PKEY *priv);
 
-void    PEM_SignInit(EVP_MD_CTX *ctx, EVP_MD *type);
-void    PEM_SignUpdate(EVP_MD_CTX *ctx,unsigned char *d,unsigned int cnt);
+int	PEM_SignInit(EVP_MD_CTX *ctx, EVP_MD *type);
+int	PEM_SignUpdate(EVP_MD_CTX *ctx,unsigned char *d,unsigned int cnt);
 int	PEM_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
 		unsigned int *siglen, EVP_PKEY *pkey);
 
@@ -541,7 +453,6 @@ int	PEM_def_callback(char *buf, int num, int w, void *key);
 void	PEM_proc_type(char *buf, int type);
 void	PEM_dek_info(char *buf, const char *type, int len, char *str);
 
-#ifndef SSLEAY_MACROS
 
 #include <openssl/symhacks.h>
 
@@ -568,7 +479,7 @@ DECLARE_PEM_rw(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO)
 
 DECLARE_PEM_rw_cb(RSAPrivateKey, RSA)
 
-DECLARE_PEM_rw(RSAPublicKey, RSA)
+DECLARE_PEM_rw_const(RSAPublicKey, RSA)
 DECLARE_PEM_rw(RSA_PUBKEY, RSA)
 
 #endif
@@ -579,19 +490,19 @@ DECLARE_PEM_rw_cb(DSAPrivateKey, DSA)
 
 DECLARE_PEM_rw(DSA_PUBKEY, DSA)
 
-DECLARE_PEM_rw(DSAparams, DSA)
+DECLARE_PEM_rw_const(DSAparams, DSA)
 
 #endif
 
 #ifndef OPENSSL_NO_EC
-DECLARE_PEM_rw(ECPKParameters, EC_GROUP)
+DECLARE_PEM_rw_const(ECPKParameters, EC_GROUP)
 DECLARE_PEM_rw_cb(ECPrivateKey, EC_KEY)
 DECLARE_PEM_rw(EC_PUBKEY, EC_KEY)
 #endif
 
 #ifndef OPENSSL_NO_DH
 
-DECLARE_PEM_rw(DHparams, DH)
+DECLARE_PEM_rw_const(DHparams, DH)
 
 #endif
 
@@ -627,7 +538,20 @@ EVP_PKEY *d2i_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY **x, pem_password_cb *cb, vo
 int PEM_write_PKCS8PrivateKey(FILE *fp,EVP_PKEY *x,const EVP_CIPHER *enc,
 			      char *kstr,int klen, pem_password_cb *cd, void *u);
 
-#endif /* SSLEAY_MACROS */
+EVP_PKEY *PEM_read_bio_Parameters(BIO *bp, EVP_PKEY **x);
+int PEM_write_bio_Parameters(BIO *bp, EVP_PKEY *x);
+
+
+EVP_PKEY *b2i_PrivateKey(const unsigned char **in, long length);
+EVP_PKEY *b2i_PublicKey(const unsigned char **in, long length);
+EVP_PKEY *b2i_PrivateKey_bio(BIO *in);
+EVP_PKEY *b2i_PublicKey_bio(BIO *in);
+int i2b_PrivateKey_bio(BIO *out, EVP_PKEY *pk);
+int i2b_PublicKey_bio(BIO *out, EVP_PKEY *pk);
+
+EVP_PKEY *b2i_PVK_bio(BIO *in, pem_password_cb *cb, void *u);
+int i2b_PVK_bio(BIO *out, EVP_PKEY *pk, int enclevel,
+		pem_password_cb *cb, void *u);
 
 
 /* BEGIN ERROR CODES */
@@ -639,26 +563,43 @@ void ERR_load_PEM_strings(void);
 /* Error codes for the PEM functions. */
 
 /* Function codes. */
+#define PEM_F_B2I_DSS					 127
+#define PEM_F_B2I_PVK_BIO				 128
+#define PEM_F_B2I_RSA					 129
+#define PEM_F_CHECK_BITLEN_DSA				 130
+#define PEM_F_CHECK_BITLEN_RSA				 131
 #define PEM_F_D2I_PKCS8PRIVATEKEY_BIO			 120
 #define PEM_F_D2I_PKCS8PRIVATEKEY_FP			 121
-#define PEM_F_DEF_CALLBACK				 100
+#define PEM_F_DO_B2I					 132
+#define PEM_F_DO_B2I_BIO				 133
+#define PEM_F_DO_BLOB_HEADER				 134
+#define PEM_F_DO_PK8PKEY				 126
+#define PEM_F_DO_PK8PKEY_FP				 125
+#define PEM_F_DO_PVK_BODY				 135
+#define PEM_F_DO_PVK_HEADER				 136
+#define PEM_F_I2B_PVK					 137
+#define PEM_F_I2B_PVK_BIO				 138
 #define PEM_F_LOAD_IV					 101
 #define PEM_F_PEM_ASN1_READ				 102
 #define PEM_F_PEM_ASN1_READ_BIO				 103
 #define PEM_F_PEM_ASN1_WRITE				 104
 #define PEM_F_PEM_ASN1_WRITE_BIO			 105
+#define PEM_F_PEM_DEF_CALLBACK				 100
 #define PEM_F_PEM_DO_HEADER				 106
-#define PEM_F_PEM_F_DO_PK8KEY_FP			 122
 #define PEM_F_PEM_F_PEM_WRITE_PKCS8PRIVATEKEY		 118
 #define PEM_F_PEM_GET_EVP_CIPHER_INFO			 107
+#define PEM_F_PEM_PK8PKEY				 119
 #define PEM_F_PEM_READ					 108
 #define PEM_F_PEM_READ_BIO				 109
+#define PEM_F_PEM_READ_BIO_PARAMETERS			 140
+#define PEM_F_PEM_READ_BIO_PRIVATEKEY			 123
+#define PEM_F_PEM_READ_PRIVATEKEY			 124
 #define PEM_F_PEM_SEALFINAL				 110
 #define PEM_F_PEM_SEALINIT				 111
 #define PEM_F_PEM_SIGNFINAL				 112
 #define PEM_F_PEM_WRITE					 113
 #define PEM_F_PEM_WRITE_BIO				 114
-#define PEM_F_PEM_WRITE_BIO_PKCS8PRIVATEKEY		 119
+#define PEM_F_PEM_WRITE_PRIVATEKEY			 139
 #define PEM_F_PEM_X509_INFO_READ			 115
 #define PEM_F_PEM_X509_INFO_READ_BIO			 116
 #define PEM_F_PEM_X509_INFO_WRITE_BIO			 117
@@ -668,18 +609,30 @@ void ERR_load_PEM_strings(void);
 #define PEM_R_BAD_DECRYPT				 101
 #define PEM_R_BAD_END_LINE				 102
 #define PEM_R_BAD_IV_CHARS				 103
+#define PEM_R_BAD_MAGIC_NUMBER				 116
 #define PEM_R_BAD_PASSWORD_READ				 104
+#define PEM_R_BAD_VERSION_NUMBER			 117
+#define PEM_R_BIO_WRITE_FAILURE				 118
+#define PEM_R_CIPHER_IS_NULL				 127
 #define PEM_R_ERROR_CONVERTING_PRIVATE_KEY		 115
+#define PEM_R_EXPECTING_PRIVATE_KEY_BLOB		 119
+#define PEM_R_EXPECTING_PUBLIC_KEY_BLOB			 120
+#define PEM_R_INCONSISTENT_HEADER			 121
+#define PEM_R_KEYBLOB_HEADER_PARSE_ERROR		 122
+#define PEM_R_KEYBLOB_TOO_SHORT				 123
 #define PEM_R_NOT_DEK_INFO				 105
 #define PEM_R_NOT_ENCRYPTED				 106
 #define PEM_R_NOT_PROC_TYPE				 107
 #define PEM_R_NO_START_LINE				 108
 #define PEM_R_PROBLEMS_GETTING_PASSWORD			 109
 #define PEM_R_PUBLIC_KEY_NO_RSA				 110
+#define PEM_R_PVK_DATA_TOO_SHORT			 124
+#define PEM_R_PVK_TOO_SHORT				 125
 #define PEM_R_READ_KEY					 111
 #define PEM_R_SHORT_HEADER				 112
 #define PEM_R_UNSUPPORTED_CIPHER			 113
 #define PEM_R_UNSUPPORTED_ENCRYPTION			 114
+#define PEM_R_UNSUPPORTED_KEY_COMPONENTS		 126
 
 #ifdef  __cplusplus
 }
diff --git a/crypto/pem/pem_all.c b/crypto/pem/pem_all.c
index a4357d591c..3e7a6093ad 100644
--- a/crypto/pem/pem_all.c
+++ b/crypto/pem/pem_all.c
@@ -110,16 +110,21 @@
  */
 
 #include <stdio.h>
-#undef SSLEAY_MACROS
 #include "cryptlib.h"
 #include <openssl/bio.h>
 #include <openssl/evp.h>
 #include <openssl/x509.h>
 #include <openssl/pkcs7.h>
 #include <openssl/pem.h>
+#ifndef OPENSSL_NO_RSA
 #include <openssl/rsa.h>
+#endif
+#ifndef OPENSSL_NO_DSA
 #include <openssl/dsa.h>
+#endif
+#ifndef OPENSSL_NO_DH
 #include <openssl/dh.h>
+#endif
 
 #ifndef OPENSSL_NO_RSA
 static RSA *pkey_get_rsa(EVP_PKEY *key, RSA **rsa);
@@ -188,8 +193,8 @@ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **rsa, pem_password_cb *cb,
 
 #endif
 
-IMPLEMENT_PEM_write_cb(RSAPrivateKey, RSA, PEM_STRING_RSA, RSAPrivateKey)
-IMPLEMENT_PEM_rw(RSAPublicKey, RSA, PEM_STRING_RSA_PUBLIC, RSAPublicKey)
+IMPLEMENT_PEM_write_cb_const(RSAPrivateKey, RSA, PEM_STRING_RSA, RSAPrivateKey)
+IMPLEMENT_PEM_rw_const(RSAPublicKey, RSA, PEM_STRING_RSA_PUBLIC, RSAPublicKey)
 IMPLEMENT_PEM_rw(RSA_PUBKEY, RSA, PEM_STRING_PUBLIC, RSA_PUBKEY)
 
 #endif
@@ -215,10 +220,10 @@ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **dsa, pem_password_cb *cb,
 {
 	EVP_PKEY *pktmp;
 	pktmp = PEM_read_bio_PrivateKey(bp, NULL, cb, u);
-	return pkey_get_dsa(pktmp, dsa);
+	return pkey_get_dsa(pktmp, dsa);	/* will free pktmp */
 }
 
-IMPLEMENT_PEM_write_cb(DSAPrivateKey, DSA, PEM_STRING_DSA, DSAPrivateKey)
+IMPLEMENT_PEM_write_cb_const(DSAPrivateKey, DSA, PEM_STRING_DSA, DSAPrivateKey)
 IMPLEMENT_PEM_rw(DSA_PUBKEY, DSA, PEM_STRING_PUBLIC, DSA_PUBKEY)
 
 #ifndef OPENSSL_NO_FP_API
@@ -228,12 +233,12 @@ DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **dsa, pem_password_cb *cb,
 {
 	EVP_PKEY *pktmp;
 	pktmp = PEM_read_PrivateKey(fp, NULL, cb, u);
-	return pkey_get_dsa(pktmp, dsa);
+	return pkey_get_dsa(pktmp, dsa);	/* will free pktmp */
 }
 
 #endif
 
-IMPLEMENT_PEM_rw(DSAparams, DSA, PEM_STRING_DSAPARAMS, DSAparams)
+IMPLEMENT_PEM_rw_const(DSAparams, DSA, PEM_STRING_DSAPARAMS, DSAparams)
 
 #endif
 
@@ -259,10 +264,10 @@ EC_KEY *PEM_read_bio_ECPrivateKey(BIO *bp, EC_KEY **key, pem_password_cb *cb,
 {
 	EVP_PKEY *pktmp;
 	pktmp = PEM_read_bio_PrivateKey(bp, NULL, cb, u);
-	return pkey_get_eckey(pktmp, key);
+	return pkey_get_eckey(pktmp, key);	/* will free pktmp */
 }
 
-IMPLEMENT_PEM_rw(ECPKParameters, EC_GROUP, PEM_STRING_ECPARAMETERS, ECPKParameters)
+IMPLEMENT_PEM_rw_const(ECPKParameters, EC_GROUP, PEM_STRING_ECPARAMETERS, ECPKParameters)
 
 IMPLEMENT_PEM_write_cb(ECPrivateKey, EC_KEY, PEM_STRING_ECPRIVATEKEY, ECPrivateKey)
 
@@ -275,7 +280,7 @@ EC_KEY *PEM_read_ECPrivateKey(FILE *fp, EC_KEY **eckey, pem_password_cb *cb,
 {
 	EVP_PKEY *pktmp;
 	pktmp = PEM_read_PrivateKey(fp, NULL, cb, u);
-	return pkey_get_eckey(pktmp, eckey);
+	return pkey_get_eckey(pktmp, eckey);	/* will free pktmp */
 }
 
 #endif
@@ -284,19 +289,8 @@ EC_KEY *PEM_read_ECPrivateKey(FILE *fp, EC_KEY **eckey, pem_password_cb *cb,
 
 #ifndef OPENSSL_NO_DH
 
-IMPLEMENT_PEM_rw(DHparams, DH, PEM_STRING_DHPARAMS, DHparams)
+IMPLEMENT_PEM_rw_const(DHparams, DH, PEM_STRING_DHPARAMS, DHparams)
 
 #endif
 
-
-/* The PrivateKey case is not that straightforward.
- *   IMPLEMENT_PEM_rw_cb(PrivateKey, EVP_PKEY, PEM_STRING_EVP_PKEY, PrivateKey)
- * does not work, RSA and DSA keys have specific strings.
- * (When reading, parameter PEM_STRING_EVP_PKEY is a wildcard for anything
- * appropriate.)
- */
-IMPLEMENT_PEM_write_cb(PrivateKey, EVP_PKEY, ((x->type == EVP_PKEY_DSA)?PEM_STRING_DSA:\
-			(x->type == EVP_PKEY_RSA)?PEM_STRING_RSA:PEM_STRING_ECPRIVATEKEY), PrivateKey)
-
 IMPLEMENT_PEM_rw(PUBKEY, EVP_PKEY, PEM_STRING_PUBLIC, PUBKEY)
-
diff --git a/crypto/pem/pem_err.c b/crypto/pem/pem_err.c
index 3b39b84d66..d644aeedd4 100644
--- a/crypto/pem/pem_err.c
+++ b/crypto/pem/pem_err.c
@@ -1,6 +1,6 @@
 /* crypto/pem/pem_err.c */
 /* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2007 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -64,52 +64,85 @@
 
 /* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
+
+#define ERR_FUNC(func) ERR_PACK(ERR_LIB_PEM,func,0)
+#define ERR_REASON(reason) ERR_PACK(ERR_LIB_PEM,0,reason)
+
 static ERR_STRING_DATA PEM_str_functs[]=
 	{
-{ERR_PACK(0,PEM_F_D2I_PKCS8PRIVATEKEY_BIO,0),	"d2i_PKCS8PrivateKey_bio"},
-{ERR_PACK(0,PEM_F_D2I_PKCS8PRIVATEKEY_FP,0),	"d2i_PKCS8PrivateKey_fp"},
-{ERR_PACK(0,PEM_F_DEF_CALLBACK,0),	"DEF_CALLBACK"},
-{ERR_PACK(0,PEM_F_LOAD_IV,0),	"LOAD_IV"},
-{ERR_PACK(0,PEM_F_PEM_ASN1_READ,0),	"PEM_ASN1_read"},
-{ERR_PACK(0,PEM_F_PEM_ASN1_READ_BIO,0),	"PEM_ASN1_read_bio"},
-{ERR_PACK(0,PEM_F_PEM_ASN1_WRITE,0),	"PEM_ASN1_write"},
-{ERR_PACK(0,PEM_F_PEM_ASN1_WRITE_BIO,0),	"PEM_ASN1_write_bio"},
-{ERR_PACK(0,PEM_F_PEM_DO_HEADER,0),	"PEM_do_header"},
-{ERR_PACK(0,PEM_F_PEM_F_DO_PK8KEY_FP,0),	"PEM_F_DO_PK8KEY_FP"},
-{ERR_PACK(0,PEM_F_PEM_F_PEM_WRITE_PKCS8PRIVATEKEY,0),	"PEM_F_PEM_WRITE_PKCS8PRIVATEKEY"},
-{ERR_PACK(0,PEM_F_PEM_GET_EVP_CIPHER_INFO,0),	"PEM_get_EVP_CIPHER_INFO"},
-{ERR_PACK(0,PEM_F_PEM_READ,0),	"PEM_read"},
-{ERR_PACK(0,PEM_F_PEM_READ_BIO,0),	"PEM_read_bio"},
-{ERR_PACK(0,PEM_F_PEM_SEALFINAL,0),	"PEM_SealFinal"},
-{ERR_PACK(0,PEM_F_PEM_SEALINIT,0),	"PEM_SealInit"},
-{ERR_PACK(0,PEM_F_PEM_SIGNFINAL,0),	"PEM_SignFinal"},
-{ERR_PACK(0,PEM_F_PEM_WRITE,0),	"PEM_write"},
-{ERR_PACK(0,PEM_F_PEM_WRITE_BIO,0),	"PEM_write_bio"},
-{ERR_PACK(0,PEM_F_PEM_WRITE_BIO_PKCS8PRIVATEKEY,0),	"PEM_write_bio_PKCS8PrivateKey"},
-{ERR_PACK(0,PEM_F_PEM_X509_INFO_READ,0),	"PEM_X509_INFO_read"},
-{ERR_PACK(0,PEM_F_PEM_X509_INFO_READ_BIO,0),	"PEM_X509_INFO_read_bio"},
-{ERR_PACK(0,PEM_F_PEM_X509_INFO_WRITE_BIO,0),	"PEM_X509_INFO_write_bio"},
+{ERR_FUNC(PEM_F_B2I_DSS),	"B2I_DSS"},
+{ERR_FUNC(PEM_F_B2I_PVK_BIO),	"b2i_PVK_bio"},
+{ERR_FUNC(PEM_F_B2I_RSA),	"B2I_RSA"},
+{ERR_FUNC(PEM_F_CHECK_BITLEN_DSA),	"CHECK_BITLEN_DSA"},
+{ERR_FUNC(PEM_F_CHECK_BITLEN_RSA),	"CHECK_BITLEN_RSA"},
+{ERR_FUNC(PEM_F_D2I_PKCS8PRIVATEKEY_BIO),	"d2i_PKCS8PrivateKey_bio"},
+{ERR_FUNC(PEM_F_D2I_PKCS8PRIVATEKEY_FP),	"d2i_PKCS8PrivateKey_fp"},
+{ERR_FUNC(PEM_F_DO_B2I),	"DO_B2I"},
+{ERR_FUNC(PEM_F_DO_B2I_BIO),	"DO_B2I_BIO"},
+{ERR_FUNC(PEM_F_DO_BLOB_HEADER),	"DO_BLOB_HEADER"},
+{ERR_FUNC(PEM_F_DO_PK8PKEY),	"DO_PK8PKEY"},
+{ERR_FUNC(PEM_F_DO_PK8PKEY_FP),	"DO_PK8PKEY_FP"},
+{ERR_FUNC(PEM_F_DO_PVK_BODY),	"DO_PVK_BODY"},
+{ERR_FUNC(PEM_F_DO_PVK_HEADER),	"DO_PVK_HEADER"},
+{ERR_FUNC(PEM_F_I2B_PVK),	"I2B_PVK"},
+{ERR_FUNC(PEM_F_I2B_PVK_BIO),	"i2b_PVK_bio"},
+{ERR_FUNC(PEM_F_LOAD_IV),	"LOAD_IV"},
+{ERR_FUNC(PEM_F_PEM_ASN1_READ),	"PEM_ASN1_read"},
+{ERR_FUNC(PEM_F_PEM_ASN1_READ_BIO),	"PEM_ASN1_read_bio"},
+{ERR_FUNC(PEM_F_PEM_ASN1_WRITE),	"PEM_ASN1_write"},
+{ERR_FUNC(PEM_F_PEM_ASN1_WRITE_BIO),	"PEM_ASN1_write_bio"},
+{ERR_FUNC(PEM_F_PEM_DEF_CALLBACK),	"PEM_def_callback"},
+{ERR_FUNC(PEM_F_PEM_DO_HEADER),	"PEM_do_header"},
+{ERR_FUNC(PEM_F_PEM_F_PEM_WRITE_PKCS8PRIVATEKEY),	"PEM_F_PEM_WRITE_PKCS8PRIVATEKEY"},
+{ERR_FUNC(PEM_F_PEM_GET_EVP_CIPHER_INFO),	"PEM_get_EVP_CIPHER_INFO"},
+{ERR_FUNC(PEM_F_PEM_PK8PKEY),	"PEM_PK8PKEY"},
+{ERR_FUNC(PEM_F_PEM_READ),	"PEM_read"},
+{ERR_FUNC(PEM_F_PEM_READ_BIO),	"PEM_read_bio"},
+{ERR_FUNC(PEM_F_PEM_READ_BIO_PARAMETERS),	"PEM_read_bio_Parameters"},
+{ERR_FUNC(PEM_F_PEM_READ_BIO_PRIVATEKEY),	"PEM_READ_BIO_PRIVATEKEY"},
+{ERR_FUNC(PEM_F_PEM_READ_PRIVATEKEY),	"PEM_READ_PRIVATEKEY"},
+{ERR_FUNC(PEM_F_PEM_SEALFINAL),	"PEM_SealFinal"},
+{ERR_FUNC(PEM_F_PEM_SEALINIT),	"PEM_SealInit"},
+{ERR_FUNC(PEM_F_PEM_SIGNFINAL),	"PEM_SignFinal"},
+{ERR_FUNC(PEM_F_PEM_WRITE),	"PEM_write"},
+{ERR_FUNC(PEM_F_PEM_WRITE_BIO),	"PEM_write_bio"},
+{ERR_FUNC(PEM_F_PEM_WRITE_PRIVATEKEY),	"PEM_WRITE_PRIVATEKEY"},
+{ERR_FUNC(PEM_F_PEM_X509_INFO_READ),	"PEM_X509_INFO_read"},
+{ERR_FUNC(PEM_F_PEM_X509_INFO_READ_BIO),	"PEM_X509_INFO_read_bio"},
+{ERR_FUNC(PEM_F_PEM_X509_INFO_WRITE_BIO),	"PEM_X509_INFO_write_bio"},
 {0,NULL}
 	};
 
 static ERR_STRING_DATA PEM_str_reasons[]=
 	{
-{PEM_R_BAD_BASE64_DECODE                 ,"bad base64 decode"},
-{PEM_R_BAD_DECRYPT                       ,"bad decrypt"},
-{PEM_R_BAD_END_LINE                      ,"bad end line"},
-{PEM_R_BAD_IV_CHARS                      ,"bad iv chars"},
-{PEM_R_BAD_PASSWORD_READ                 ,"bad password read"},
-{PEM_R_ERROR_CONVERTING_PRIVATE_KEY      ,"error converting private key"},
-{PEM_R_NOT_DEK_INFO                      ,"not dek info"},
-{PEM_R_NOT_ENCRYPTED                     ,"not encrypted"},
-{PEM_R_NOT_PROC_TYPE                     ,"not proc type"},
-{PEM_R_NO_START_LINE                     ,"no start line"},
-{PEM_R_PROBLEMS_GETTING_PASSWORD         ,"problems getting password"},
-{PEM_R_PUBLIC_KEY_NO_RSA                 ,"public key no rsa"},
-{PEM_R_READ_KEY                          ,"read key"},
-{PEM_R_SHORT_HEADER                      ,"short header"},
-{PEM_R_UNSUPPORTED_CIPHER                ,"unsupported cipher"},
-{PEM_R_UNSUPPORTED_ENCRYPTION            ,"unsupported encryption"},
+{ERR_REASON(PEM_R_BAD_BASE64_DECODE)     ,"bad base64 decode"},
+{ERR_REASON(PEM_R_BAD_DECRYPT)           ,"bad decrypt"},
+{ERR_REASON(PEM_R_BAD_END_LINE)          ,"bad end line"},
+{ERR_REASON(PEM_R_BAD_IV_CHARS)          ,"bad iv chars"},
+{ERR_REASON(PEM_R_BAD_MAGIC_NUMBER)      ,"bad magic number"},
+{ERR_REASON(PEM_R_BAD_PASSWORD_READ)     ,"bad password read"},
+{ERR_REASON(PEM_R_BAD_VERSION_NUMBER)    ,"bad version number"},
+{ERR_REASON(PEM_R_BIO_WRITE_FAILURE)     ,"bio write failure"},
+{ERR_REASON(PEM_R_CIPHER_IS_NULL)        ,"cipher is null"},
+{ERR_REASON(PEM_R_ERROR_CONVERTING_PRIVATE_KEY),"error converting private key"},
+{ERR_REASON(PEM_R_EXPECTING_PRIVATE_KEY_BLOB),"expecting private key blob"},
+{ERR_REASON(PEM_R_EXPECTING_PUBLIC_KEY_BLOB),"expecting public key blob"},
+{ERR_REASON(PEM_R_INCONSISTENT_HEADER)   ,"inconsistent header"},
+{ERR_REASON(PEM_R_KEYBLOB_HEADER_PARSE_ERROR),"keyblob header parse error"},
+{ERR_REASON(PEM_R_KEYBLOB_TOO_SHORT)     ,"keyblob too short"},
+{ERR_REASON(PEM_R_NOT_DEK_INFO)          ,"not dek info"},
+{ERR_REASON(PEM_R_NOT_ENCRYPTED)         ,"not encrypted"},
+{ERR_REASON(PEM_R_NOT_PROC_TYPE)         ,"not proc type"},
+{ERR_REASON(PEM_R_NO_START_LINE)         ,"no start line"},
+{ERR_REASON(PEM_R_PROBLEMS_GETTING_PASSWORD),"problems getting password"},
+{ERR_REASON(PEM_R_PUBLIC_KEY_NO_RSA)     ,"public key no rsa"},
+{ERR_REASON(PEM_R_PVK_DATA_TOO_SHORT)    ,"pvk data too short"},
+{ERR_REASON(PEM_R_PVK_TOO_SHORT)         ,"pvk too short"},
+{ERR_REASON(PEM_R_READ_KEY)              ,"read key"},
+{ERR_REASON(PEM_R_SHORT_HEADER)          ,"short header"},
+{ERR_REASON(PEM_R_UNSUPPORTED_CIPHER)    ,"unsupported cipher"},
+{ERR_REASON(PEM_R_UNSUPPORTED_ENCRYPTION),"unsupported encryption"},
+{ERR_REASON(PEM_R_UNSUPPORTED_KEY_COMPONENTS),"unsupported key components"},
 {0,NULL}
 	};
 
@@ -117,15 +150,12 @@ static ERR_STRING_DATA PEM_str_reasons[]=
 
 void ERR_load_PEM_strings(void)
 	{
-	static int init=1;
-
-	if (init)
-		{
-		init=0;
 #ifndef OPENSSL_NO_ERR
-		ERR_load_strings(ERR_LIB_PEM,PEM_str_functs);
-		ERR_load_strings(ERR_LIB_PEM,PEM_str_reasons);
-#endif
 
+	if (ERR_func_error_string(PEM_str_functs[0].error) == NULL)
+		{
+		ERR_load_strings(0,PEM_str_functs);
+		ERR_load_strings(0,PEM_str_reasons);
 		}
+#endif
 	}
diff --git a/crypto/pem/pem_info.c b/crypto/pem/pem_info.c
index 7eba3b26c1..1b2be527ed 100644
--- a/crypto/pem/pem_info.c
+++ b/crypto/pem/pem_info.c
@@ -63,8 +63,12 @@
 #include <openssl/evp.h>
 #include <openssl/x509.h>
 #include <openssl/pem.h>
+#ifndef OPENSSL_NO_RSA
 #include <openssl/rsa.h>
+#endif
+#ifndef OPENSSL_NO_DSA
 #include <openssl/dsa.h>
+#endif
 
 #ifndef OPENSSL_NO_FP_API
 STACK_OF(X509_INFO) *PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb, void *u)
@@ -87,13 +91,15 @@ STACK_OF(X509_INFO) *PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk, pem_p
 STACK_OF(X509_INFO) *PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb, void *u)
 	{
 	X509_INFO *xi=NULL;
-	char *name=NULL,*header=NULL,**pp;
-	unsigned char *data=NULL,*p;
+	char *name=NULL,*header=NULL;
+	void *pp;
+	unsigned char *data=NULL;
+	const unsigned char *p;
 	long len,error=0;
 	int ok=0;
 	STACK_OF(X509_INFO) *ret=NULL;
-	unsigned int i,raw;
-	char *(*d2i)();
+	unsigned int i,raw,ptype;
+	d2i_of_void *d2i = 0;
 
 	if (sk == NULL)
 		{
@@ -110,6 +116,7 @@ STACK_OF(X509_INFO) *PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk, pe
 	for (;;)
 		{
 		raw=0;
+		ptype = 0;
 		i=PEM_read_bio(bp,&name,&header,&data,&len);
 		if (i == 0)
 			{
@@ -125,42 +132,41 @@ start:
 		if (	(strcmp(name,PEM_STRING_X509) == 0) ||
 			(strcmp(name,PEM_STRING_X509_OLD) == 0))
 			{
-			d2i=(char *(*)())d2i_X509;
+			d2i=(D2I_OF(void))d2i_X509;
 			if (xi->x509 != NULL)
 				{
 				if (!sk_X509_INFO_push(ret,xi)) goto err;
 				if ((xi=X509_INFO_new()) == NULL) goto err;
 				goto start;
 				}
-			pp=(char **)&(xi->x509);
+			pp=&(xi->x509);
 			}
 		else if ((strcmp(name,PEM_STRING_X509_TRUSTED) == 0))
 			{
-			d2i=(char *(*)())d2i_X509_AUX;
+			d2i=(D2I_OF(void))d2i_X509_AUX;
 			if (xi->x509 != NULL)
 				{
 				if (!sk_X509_INFO_push(ret,xi)) goto err;
 				if ((xi=X509_INFO_new()) == NULL) goto err;
 				goto start;
 				}
-			pp=(char **)&(xi->x509);
+			pp=&(xi->x509);
 			}
 		else if (strcmp(name,PEM_STRING_X509_CRL) == 0)
 			{
-			d2i=(char *(*)())d2i_X509_CRL;
+			d2i=(D2I_OF(void))d2i_X509_CRL;
 			if (xi->crl != NULL)
 				{
 				if (!sk_X509_INFO_push(ret,xi)) goto err;
 				if ((xi=X509_INFO_new()) == NULL) goto err;
 				goto start;
 				}
-			pp=(char **)&(xi->crl);
+			pp=&(xi->crl);
 			}
 		else
 #ifndef OPENSSL_NO_RSA
 			if (strcmp(name,PEM_STRING_RSA) == 0)
 			{
-			d2i=(char *(*)())d2i_RSAPrivateKey;
 			if (xi->x_pkey != NULL) 
 				{
 				if (!sk_X509_INFO_push(ret,xi)) goto err;
@@ -172,10 +178,8 @@ start:
 			xi->enc_len=0;
 
 			xi->x_pkey=X509_PKEY_new();
-			if ((xi->x_pkey->dec_pkey=EVP_PKEY_new()) == NULL)
-				goto err;
-			xi->x_pkey->dec_pkey->type=EVP_PKEY_RSA;
-			pp=(char **)&(xi->x_pkey->dec_pkey->pkey.rsa);
+			ptype=EVP_PKEY_RSA;
+			pp=&xi->x_pkey->dec_pkey;
 			if ((int)strlen(header) > 10) /* assume encrypted */
 				raw=1;
 			}
@@ -184,7 +188,7 @@ start:
 #ifndef OPENSSL_NO_DSA
 			if (strcmp(name,PEM_STRING_DSA) == 0)
 			{
-			d2i=(char *(*)())d2i_DSAPrivateKey;
+			d2i=(D2I_OF(void))d2i_DSAPrivateKey;
 			if (xi->x_pkey != NULL) 
 				{
 				if (!sk_X509_INFO_push(ret,xi)) goto err;
@@ -196,10 +200,8 @@ start:
 			xi->enc_len=0;
 
 			xi->x_pkey=X509_PKEY_new();
-			if ((xi->x_pkey->dec_pkey=EVP_PKEY_new()) == NULL)
-				goto err;
-			xi->x_pkey->dec_pkey->type=EVP_PKEY_DSA;
-			pp=(char **)&(xi->x_pkey->dec_pkey->pkey.dsa);
+			ptype = EVP_PKEY_DSA;
+			pp=&xi->x_pkey->dec_pkey;
 			if ((int)strlen(header) > 10) /* assume encrypted */
 				raw=1;
 			}
@@ -208,7 +210,7 @@ start:
 #ifndef OPENSSL_NO_EC
  			if (strcmp(name,PEM_STRING_ECPRIVATEKEY) == 0)
  			{
- 				d2i=(char *(*)())d2i_ECPrivateKey;
+ 				d2i=(D2I_OF(void))d2i_ECPrivateKey;
  				if (xi->x_pkey != NULL) 
  				{
  					if (!sk_X509_INFO_push(ret,xi)) goto err;
@@ -220,10 +222,8 @@ start:
  			xi->enc_len=0;
  
  			xi->x_pkey=X509_PKEY_new();
- 			if ((xi->x_pkey->dec_pkey=EVP_PKEY_new()) == NULL)
- 				goto err;
- 			xi->x_pkey->dec_pkey->type=EVP_PKEY_EC;
- 			pp=(char **)&(xi->x_pkey->dec_pkey->pkey.eckey);
+			ptype = EVP_PKEY_EC;
+ 			pp=&xi->x_pkey->dec_pkey;
  			if ((int)strlen(header) > 10) /* assume encrypted */
  				raw=1;
 			}
@@ -245,7 +245,15 @@ start:
 				if (!PEM_do_header(&cipher,data,&len,cb,u))
 					goto err;
 				p=data;
-				if (d2i(pp,&p,len) == NULL)
+				if (ptype)
+					{
+					if (!d2i_PrivateKey(ptype, pp, &p, len))
+						{
+						PEMerr(PEM_F_PEM_X509_INFO_READ_BIO,ERR_R_ASN1_LIB);
+						goto err;
+						}
+					}
+				else if (d2i(pp,&p,len) == NULL)
 					{
 					PEMerr(PEM_F_PEM_X509_INFO_READ_BIO,ERR_R_ASN1_LIB);
 					goto err;
@@ -331,6 +339,12 @@ int PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc,
 		{
 		if ( (xi->enc_data!=NULL) && (xi->enc_len>0) )
 			{
+			if (enc == NULL)
+				{
+				PEMerr(PEM_F_PEM_X509_INFO_WRITE_BIO,PEM_R_CIPHER_IS_NULL);
+				goto err;
+				}
+
 			/* copy from weirdo names into more normal things */
 			iv=xi->enc_cipher.iv;
 			data=(unsigned char *)xi->enc_data;
diff --git a/crypto/pem/pem_lib.c b/crypto/pem/pem_lib.c
index 81c4aba235..27f0544c06 100644
--- a/crypto/pem/pem_lib.c
+++ b/crypto/pem/pem_lib.c
@@ -57,6 +57,7 @@
  */
 
 #include <stdio.h>
+#include <ctype.h>
 #include "cryptlib.h"
 #include <openssl/buffer.h>
 #include <openssl/objects.h>
@@ -65,23 +66,28 @@
 #include <openssl/x509.h>
 #include <openssl/pem.h>
 #include <openssl/pkcs12.h>
+#include "asn1_locl.h"
 #ifndef OPENSSL_NO_DES
 #include <openssl/des.h>
 #endif
+#ifndef OPENSSL_NO_ENGINE
+#include <openssl/engine.h>
+#endif
 
-const char *PEM_version="PEM" OPENSSL_VERSION_PTEXT;
+const char PEM_version[]="PEM" OPENSSL_VERSION_PTEXT;
 
 #define MIN_LENGTH	4
 
 static int load_iv(char **fromp,unsigned char *to, int num);
 static int check_pem(const char *nm, const char *name);
+int pem_check_suffix(const char *pem_str, const char *suffix);
 
 int PEM_def_callback(char *buf, int num, int w, void *key)
 	{
 #ifdef OPENSSL_NO_FP_API
 	/* We should not ever call the default callback routine from
 	 * windows. */
-	PEMerr(PEM_F_DEF_CALLBACK,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+	PEMerr(PEM_F_PEM_DEF_CALLBACK,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
 	return(-1);
 #else
 	int i,j;
@@ -102,7 +108,7 @@ int PEM_def_callback(char *buf, int num, int w, void *key)
 		i=EVP_read_pw_string(buf,num,prompt,w);
 		if (i != 0)
 			{
-			PEMerr(PEM_F_DEF_CALLBACK,PEM_R_PROBLEMS_GETTING_PASSWORD);
+			PEMerr(PEM_F_PEM_DEF_CALLBACK,PEM_R_PROBLEMS_GETTING_PASSWORD);
 			memset(buf,0,(unsigned int)num);
 			return(-1);
 			}
@@ -158,11 +164,11 @@ void PEM_dek_info(char *buf, const char *type, int len, char *str)
 	}
 
 #ifndef OPENSSL_NO_FP_API
-char *PEM_ASN1_read(char *(*d2i)(), const char *name, FILE *fp, char **x,
-	     pem_password_cb *cb, void *u)
+void *PEM_ASN1_read(d2i_of_void *d2i, const char *name, FILE *fp, void **x,
+		    pem_password_cb *cb, void *u)
 	{
         BIO *b;
-        char *ret;
+        void *ret;
 
         if ((b=BIO_new(BIO_s_file())) == NULL)
 		{
@@ -183,20 +189,54 @@ static int check_pem(const char *nm, const char *name)
 
 	/* Make PEM_STRING_EVP_PKEY match any private key */
 
-	if(!strcmp(nm,PEM_STRING_PKCS8) &&
-		!strcmp(name,PEM_STRING_EVP_PKEY)) return 1;
-
-	if(!strcmp(nm,PEM_STRING_PKCS8INF) &&
-		 !strcmp(name,PEM_STRING_EVP_PKEY)) return 1;
-
-	if(!strcmp(nm,PEM_STRING_RSA) &&
-		!strcmp(name,PEM_STRING_EVP_PKEY)) return 1;
+	if(!strcmp(name,PEM_STRING_EVP_PKEY))
+		{
+		int slen;
+		const EVP_PKEY_ASN1_METHOD *ameth;
+		if(!strcmp(nm,PEM_STRING_PKCS8))
+			return 1;
+		if(!strcmp(nm,PEM_STRING_PKCS8INF))
+			return 1;
+		slen = pem_check_suffix(nm, "PRIVATE KEY"); 
+		if (slen > 0)
+			{
+			/* NB: ENGINE implementations wont contain
+			 * a deprecated old private key decode function
+			 * so don't look for them.
+			 */
+			ameth = EVP_PKEY_asn1_find_str(NULL, nm, slen);
+			if (ameth && ameth->old_priv_decode)
+				return 1;
+			}
+		return 0;
+		}
 
-	if(!strcmp(nm,PEM_STRING_DSA) &&
-		 !strcmp(name,PEM_STRING_EVP_PKEY)) return 1;
+	if(!strcmp(name,PEM_STRING_PARAMETERS))
+		{
+		int slen;
+		const EVP_PKEY_ASN1_METHOD *ameth;
+		slen = pem_check_suffix(nm, "PARAMETERS"); 
+		if (slen > 0)
+			{
+			ENGINE *e;
+			ameth = EVP_PKEY_asn1_find_str(&e, nm, slen);
+			if (ameth)
+				{
+				int r;
+				if (ameth->param_decode)
+					r = 1;
+				else
+					r = 0;
+#ifndef OPENSSL_NO_ENGINE
+				if (e)
+					ENGINE_finish(e);
+#endif
+				return r;
+				}
+			}
+		return 0;
+		}
 
- 	if(!strcmp(nm,PEM_STRING_ECPRIVATEKEY) &&
- 		 !strcmp(name,PEM_STRING_EVP_PKEY)) return 1;
 	/* Permit older strings */
 
 	if(!strcmp(nm,PEM_STRING_X509_OLD) &&
@@ -216,6 +256,17 @@ static int check_pem(const char *nm, const char *name)
 	if(!strcmp(nm, PEM_STRING_X509) &&
 		!strcmp(name, PEM_STRING_PKCS7)) return 1;
 
+	if(!strcmp(nm, PEM_STRING_PKCS7_SIGNED) &&
+		!strcmp(name, PEM_STRING_PKCS7)) return 1;
+
+#ifndef OPENSSL_NO_CMS
+	if(!strcmp(nm, PEM_STRING_X509) &&
+		!strcmp(name, PEM_STRING_CMS)) return 1;
+	/* Allow CMS to be read from PKCS#7 headers */
+	if(!strcmp(nm, PEM_STRING_PKCS7) &&
+		!strcmp(name, PEM_STRING_CMS)) return 1;
+#endif
+
 	return 0;
 }
 
@@ -260,9 +311,9 @@ err:
 	}
 
 #ifndef OPENSSL_NO_FP_API
-int PEM_ASN1_write(int (*i2d)(), const char *name, FILE *fp, char *x,
-	     const EVP_CIPHER *enc, unsigned char *kstr, int klen,
-	     pem_password_cb *callback, void *u)
+int PEM_ASN1_write(i2d_of_void *i2d, const char *name, FILE *fp,
+		   void *x, const EVP_CIPHER *enc, unsigned char *kstr,
+		   int klen, pem_password_cb *callback, void *u)
         {
         BIO *b;
         int ret;
@@ -279,9 +330,9 @@ int PEM_ASN1_write(int (*i2d)(), const char *name, FILE *fp, char *x,
         }
 #endif
 
-int PEM_ASN1_write_bio(int (*i2d)(), const char *name, BIO *bp, char *x,
-	     const EVP_CIPHER *enc, unsigned char *kstr, int klen,
-	     pem_password_cb *callback, void *u)
+int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp,
+		       void *x, const EVP_CIPHER *enc, unsigned char *kstr,
+		       int klen, pem_password_cb *callback, void *u)
 	{
 	EVP_CIPHER_CTX ctx;
 	int dsize=0,i,j,ret=0;
@@ -343,7 +394,8 @@ int PEM_ASN1_write_bio(int (*i2d)(), const char *name, BIO *bp, char *x,
 			goto err;
 		/* The 'iv' is used as the iv and as a salt.  It is
 		 * NOT taken from the BytesToKey function */
-		EVP_BytesToKey(enc,EVP_md5(),iv,kstr,klen,1,key,NULL);
+		if (!EVP_BytesToKey(enc,EVP_md5(),iv,kstr,klen,1,key,NULL))
+			goto err;
 
 		if (kstr == (unsigned char *)buf) OPENSSL_cleanse(buf,PEM_BUFSIZE);
 
@@ -355,12 +407,15 @@ int PEM_ASN1_write_bio(int (*i2d)(), const char *name, BIO *bp, char *x,
 		/* k=strlen(buf); */
 
 		EVP_CIPHER_CTX_init(&ctx);
-		EVP_EncryptInit_ex(&ctx,enc,NULL,key,iv);
-		EVP_EncryptUpdate(&ctx,data,&j,data,i);
-		EVP_EncryptFinal_ex(&ctx,&(data[j]),&i);
+		ret = 1;
+		if (!EVP_EncryptInit_ex(&ctx,enc,NULL,key,iv)
+			|| !EVP_EncryptUpdate(&ctx,data,&j,data,i)
+			|| !EVP_EncryptFinal_ex(&ctx,&(data[j]),&i))
+			ret = 0;
 		EVP_CIPHER_CTX_cleanup(&ctx);
+		if (ret == 0)
+			goto err;
 		i+=j;
-		ret=1;
 		}
 	else
 		{
@@ -408,14 +463,17 @@ int PEM_do_header(EVP_CIPHER_INFO *cipher, unsigned char *data, long *plen,
 	ebcdic2ascii(buf, buf, klen);
 #endif
 
-	EVP_BytesToKey(cipher->cipher,EVP_md5(),&(cipher->iv[0]),
-		(unsigned char *)buf,klen,1,key,NULL);
+	if (!EVP_BytesToKey(cipher->cipher,EVP_md5(),&(cipher->iv[0]),
+		(unsigned char *)buf,klen,1,key,NULL))
+		return 0;
 
 	j=(int)len;
 	EVP_CIPHER_CTX_init(&ctx);
-	EVP_DecryptInit_ex(&ctx,cipher->cipher,NULL, key,&(cipher->iv[0]));
-	EVP_DecryptUpdate(&ctx,data,&i,data,j);
-	o=EVP_DecryptFinal_ex(&ctx,&(data[i]),&j);
+	o = EVP_DecryptInit_ex(&ctx,cipher->cipher,NULL, key,&(cipher->iv[0]));
+	if (o)
+		o = EVP_DecryptUpdate(&ctx,data,&i,data,j);
+	if (o)
+		o = EVP_DecryptFinal_ex(&ctx,&(data[i]),&j);
 	EVP_CIPHER_CTX_cleanup(&ctx);
 	OPENSSL_cleanse((char *)buf,sizeof(buf));
 	OPENSSL_cleanse((char *)key,sizeof(key));
@@ -579,6 +637,7 @@ int PEM_write_bio(BIO *bp, const char *name, char *header, unsigned char *data,
 		}
 	EVP_EncodeFinal(&ctx,buf,&outl);
 	if ((outl > 0) && (BIO_write(bp,(char *)buf,outl) != outl)) goto err;
+	OPENSSL_cleanse(buf, PEM_BUFSIZE*8);
 	OPENSSL_free(buf);
 	buf = NULL;
 	if (	(BIO_write(bp,"-----END ",9) != 9) ||
@@ -587,8 +646,10 @@ int PEM_write_bio(BIO *bp, const char *name, char *header, unsigned char *data,
 		goto err;
 	return(i+outl);
 err:
-	if (buf)
+	if (buf) {
+		OPENSSL_cleanse(buf, PEM_BUFSIZE*8);
 		OPENSSL_free(buf);
+	}
 	PEMerr(PEM_F_PEM_WRITE_BIO,reason);
 	return(0);
 	}
@@ -627,6 +688,9 @@ int PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data,
 	dataB=BUF_MEM_new();
 	if ((nameB == NULL) || (headerB == NULL) || (dataB == NULL))
 		{
+		BUF_MEM_free(nameB);
+		BUF_MEM_free(headerB);
+		BUF_MEM_free(dataB);
 		PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE);
 		return(0);
 		}
@@ -773,3 +837,25 @@ err:
 	BUF_MEM_free(dataB);
 	return(0);
 	}
+
+/* Check pem string and return prefix length.
+ * If for example the pem_str == "RSA PRIVATE KEY" and suffix = "PRIVATE KEY"
+ * the return value is 3 for the string "RSA".
+ */
+
+int pem_check_suffix(const char *pem_str, const char *suffix)
+	{
+	int pem_len = strlen(pem_str);
+	int suffix_len = strlen(suffix);
+	const char *p;
+	if (suffix_len + 1 >= pem_len)
+		return 0;
+	p = pem_str + pem_len - suffix_len;
+	if (strcmp(p, suffix))
+		return 0;
+	p--;
+	if (*p != ' ')
+		return 0;
+	return p - pem_str;
+	}
+
diff --git a/crypto/pem/pem_oth.c b/crypto/pem/pem_oth.c
index 8d9064ea7c..b33868d25a 100644
--- a/crypto/pem/pem_oth.c
+++ b/crypto/pem/pem_oth.c
@@ -67,10 +67,11 @@
 
 /* Handle 'other' PEMs: not private keys */
 
-char *PEM_ASN1_read_bio(char *(*d2i)(), const char *name, BIO *bp, char **x,
-	     pem_password_cb *cb, void *u)
+void *PEM_ASN1_read_bio(d2i_of_void *d2i, const char *name, BIO *bp, void **x,
+			pem_password_cb *cb, void *u)
 	{
-	unsigned char *p=NULL,*data=NULL;
+	const unsigned char *p=NULL;
+	unsigned char *data=NULL;
 	long len;
 	char *ret=NULL;
 
diff --git a/crypto/pem/pem_pk8.c b/crypto/pem/pem_pk8.c
index db38a2a79d..6deab8c338 100644
--- a/crypto/pem/pem_pk8.c
+++ b/crypto/pem/pem_pk8.c
@@ -118,7 +118,7 @@ static int do_pk8pkey(BIO *bp, EVP_PKEY *x, int isder, int nid, const EVP_CIPHER
 	char buf[PEM_BUFSIZE];
 	int ret;
 	if(!(p8inf = EVP_PKEY2PKCS8(x))) {
-		PEMerr(PEM_F_PEM_WRITE_BIO_PKCS8PRIVATEKEY,
+		PEMerr(PEM_F_DO_PK8PKEY,
 					PEM_R_ERROR_CONVERTING_PRIVATE_KEY);
 		return 0;
 	}
@@ -127,8 +127,7 @@ static int do_pk8pkey(BIO *bp, EVP_PKEY *x, int isder, int nid, const EVP_CIPHER
 			if(!cb) klen = PEM_def_callback(buf, PEM_BUFSIZE, 1, u);
 			else klen = cb(buf, PEM_BUFSIZE, 1, u);
 			if(klen <= 0) {
-				PEMerr(PEM_F_PEM_WRITE_BIO_PKCS8PRIVATEKEY,
-								PEM_R_READ_KEY);
+				PEMerr(PEM_F_DO_PK8PKEY,PEM_R_READ_KEY);
 				PKCS8_PRIV_KEY_INFO_free(p8inf);
 				return 0;
 			}
@@ -215,7 +214,7 @@ static int do_pk8pkey_fp(FILE *fp, EVP_PKEY *x, int isder, int nid, const EVP_CI
 	BIO *bp;
 	int ret;
 	if(!(bp = BIO_new_fp(fp, BIO_NOCLOSE))) {
-		PEMerr(PEM_F_PEM_F_DO_PK8KEY_FP,ERR_R_BUF_LIB);
+		PEMerr(PEM_F_DO_PK8PKEY_FP,ERR_R_BUF_LIB);
                 return(0);
 	}
 	ret = do_pk8pkey(bp, x, isder, nid, enc, kstr, klen, cb, u);
diff --git a/crypto/pem/pem_pkey.c b/crypto/pem/pem_pkey.c
index ce8e83b955..8ecf24903b 100644
--- a/crypto/pem/pem_pkey.c
+++ b/crypto/pem/pem_pkey.c
@@ -65,7 +65,12 @@
 #include <openssl/x509.h>
 #include <openssl/pkcs12.h>
 #include <openssl/pem.h>
+#ifndef OPENSSL_NO_ENGINE
+#include <openssl/engine.h>
+#endif
+#include "asn1_locl.h"
 
+int pem_check_suffix(const char *pem_str, const char *suffix);
 
 EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, void *u)
 	{
@@ -73,19 +78,14 @@ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, vo
 	const unsigned char *p=NULL;
 	unsigned char *data=NULL;
 	long len;
+	int slen;
 	EVP_PKEY *ret=NULL;
 
 	if (!PEM_bytes_read_bio(&data, &len, &nm, PEM_STRING_EVP_PKEY, bp, cb, u))
 		return NULL;
 	p = data;
 
-	if (strcmp(nm,PEM_STRING_RSA) == 0)
-		ret=d2i_PrivateKey(EVP_PKEY_RSA,x,&p,len);
-	else if (strcmp(nm,PEM_STRING_DSA) == 0)
-		ret=d2i_PrivateKey(EVP_PKEY_DSA,x,&p,len);
-	else if (strcmp(nm,PEM_STRING_ECPRIVATEKEY) == 0)
-		ret=d2i_PrivateKey(EVP_PKEY_EC,x,&p,len);
-	else if (strcmp(nm,PEM_STRING_PKCS8INF) == 0) {
+	if (strcmp(nm,PEM_STRING_PKCS8INF) == 0) {
 		PKCS8_PRIV_KEY_INFO *p8inf;
 		p8inf=d2i_PKCS8_PRIV_KEY_INFO(NULL, &p, len);
 		if(!p8inf) goto p8err;
@@ -105,7 +105,7 @@ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, vo
 		if (cb) klen=cb(psbuf,PEM_BUFSIZE,0,u);
 		else klen=PEM_def_callback(psbuf,PEM_BUFSIZE,0,u);
 		if (klen <= 0) {
-			PEMerr(PEM_F_PEM_ASN1_READ_BIO,
+			PEMerr(PEM_F_PEM_READ_BIO_PRIVATEKEY,
 					PEM_R_BAD_PASSWORD_READ);
 			X509_SIG_free(p8);
 			goto err;
@@ -119,16 +119,92 @@ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, vo
 			*x = ret;
 		}
 		PKCS8_PRIV_KEY_INFO_free(p8inf);
-	}
+	} else if ((slen = pem_check_suffix(nm, "PRIVATE KEY")) > 0)
+		{
+		const EVP_PKEY_ASN1_METHOD *ameth;
+		ameth = EVP_PKEY_asn1_find_str(NULL, nm, slen);
+		if (!ameth || !ameth->old_priv_decode)
+			goto p8err;
+		ret=d2i_PrivateKey(ameth->pkey_id,x,&p,len);
+		}
 p8err:
 	if (ret == NULL)
-		PEMerr(PEM_F_PEM_ASN1_READ_BIO,ERR_R_ASN1_LIB);
+		PEMerr(PEM_F_PEM_READ_BIO_PRIVATEKEY,ERR_R_ASN1_LIB);
+err:
+	OPENSSL_free(nm);
+	OPENSSL_cleanse(data, len);
+	OPENSSL_free(data);
+	return(ret);
+	}
+
+int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                                               unsigned char *kstr, int klen,
+                                               pem_password_cb *cb, void *u)
+	{
+	char pem_str[80];
+	if (!x->ameth || x->ameth->priv_encode)
+		return PEM_write_bio_PKCS8PrivateKey(bp, x, enc,
+							(char *)kstr, klen,
+							cb, u);
+
+	BIO_snprintf(pem_str, 80, "%s PRIVATE KEY", x->ameth->pem_str);
+	return PEM_ASN1_write_bio((i2d_of_void *)i2d_PrivateKey,
+				pem_str,bp,x,enc,kstr,klen,cb,u);
+	}
+
+EVP_PKEY *PEM_read_bio_Parameters(BIO *bp, EVP_PKEY **x)
+	{
+	char *nm=NULL;
+	const unsigned char *p=NULL;
+	unsigned char *data=NULL;
+	long len;
+	int slen;
+	EVP_PKEY *ret=NULL;
+
+	if (!PEM_bytes_read_bio(&data, &len, &nm, PEM_STRING_PARAMETERS,
+								bp, 0, NULL))
+		return NULL;
+	p = data;
+
+	if ((slen = pem_check_suffix(nm, "PARAMETERS")) > 0)
+		{
+		ret = EVP_PKEY_new();
+		if (!ret)
+			goto err;
+		if (!EVP_PKEY_set_type_str(ret, nm, slen)
+			|| !ret->ameth->param_decode
+			|| !ret->ameth->param_decode(ret, &p, len))
+			{
+			EVP_PKEY_free(ret);
+			ret = NULL;
+			goto err;
+			}
+		if(x)
+			{
+			if(*x) EVP_PKEY_free((EVP_PKEY *)*x);
+			*x = ret;
+			}
+		}
 err:
+	if (ret == NULL)
+		PEMerr(PEM_F_PEM_READ_BIO_PARAMETERS,ERR_R_ASN1_LIB);
 	OPENSSL_free(nm);
 	OPENSSL_free(data);
 	return(ret);
 	}
 
+int PEM_write_bio_Parameters(BIO *bp, EVP_PKEY *x)
+	{
+	char pem_str[80];
+	if (!x->ameth || !x->ameth->param_encode)
+		return 0;
+
+	BIO_snprintf(pem_str, 80, "%s PARAMETERS", x->ameth->pem_str);
+	return PEM_ASN1_write_bio(
+		(i2d_of_void *)x->ameth->param_encode,
+				pem_str,bp,x,NULL,NULL,0,0,NULL);
+	}
+
 #ifndef OPENSSL_NO_FP_API
 EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x, pem_password_cb *cb, void *u)
 	{
@@ -137,7 +213,7 @@ EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x, pem_password_cb *cb, void
 
         if ((b=BIO_new(BIO_s_file())) == NULL)
 		{
-		PEMerr(PEM_F_PEM_ASN1_READ,ERR_R_BUF_LIB);
+		PEMerr(PEM_F_PEM_READ_PRIVATEKEY,ERR_R_BUF_LIB);
                 return(0);
 		}
         BIO_set_fp(b,fp,BIO_NOCLOSE);
@@ -145,4 +221,22 @@ EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x, pem_password_cb *cb, void
         BIO_free(b);
         return(ret);
 	}
+
+int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                                               unsigned char *kstr, int klen,
+                                               pem_password_cb *cb, void *u)
+	{
+        BIO *b;
+        int ret;
+
+        if ((b=BIO_new_fp(fp, BIO_NOCLOSE)) == NULL)
+		{
+		PEMerr(PEM_F_PEM_WRITE_PRIVATEKEY,ERR_R_BUF_LIB);
+                return 0;
+		}
+        ret=PEM_write_bio_PrivateKey(b, x, enc, kstr, klen, cb, u);
+        BIO_free(b);
+        return ret;
+	}
+
 #endif
diff --git a/crypto/pem/pem_seal.c b/crypto/pem/pem_seal.c
index 0458093353..ae4598d674 100644
--- a/crypto/pem/pem_seal.c
+++ b/crypto/pem/pem_seal.c
@@ -56,6 +56,7 @@
  * [including the GNU Public Licence.]
  */
 
+#include <openssl/opensslconf.h>	/* for OPENSSL_NO_RSA */
 #ifndef OPENSSL_NO_RSA
 #include <stdio.h>
 #include "cryptlib.h"
@@ -95,11 +96,12 @@ int PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type, EVP_MD *md_type,
 	EVP_EncodeInit(&ctx->encode);
 
 	EVP_MD_CTX_init(&ctx->md);
-	EVP_SignInit(&ctx->md,md_type);
+	if (!EVP_SignInit(&ctx->md,md_type))
+		goto err;
 
 	EVP_CIPHER_CTX_init(&ctx->cipher);
 	ret=EVP_SealInit(&ctx->cipher,type,ek,ekl,iv,pubk,npubk);
-	if (!ret) goto err;
+	if (ret <= 0) goto err;
 
 	/* base64 encode the keys */
 	for (i=0; i<npubk; i++)
@@ -117,14 +119,15 @@ err:
 	return(ret);
 	}
 
-void PEM_SealUpdate(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *out, int *outl,
+int PEM_SealUpdate(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *out, int *outl,
 	     unsigned char *in, int inl)
 	{
 	unsigned char buffer[1600];
 	int i,j;
 
 	*outl=0;
-	EVP_SignUpdate(&ctx->md,in,inl);
+	if (!EVP_SignUpdate(&ctx->md,in,inl))
+		return 0;
 	for (;;)
 		{
 		if (inl <= 0) break;
@@ -132,13 +135,15 @@ void PEM_SealUpdate(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *out, int *outl,
 			i=1200;
 		else
 			i=inl;
-		EVP_EncryptUpdate(&ctx->cipher,buffer,&j,in,i);
+		if (!EVP_EncryptUpdate(&ctx->cipher,buffer,&j,in,i))
+			return 0;
 		EVP_EncodeUpdate(&ctx->encode,out,&j,buffer,j);
 		*outl+=j;
 		out+=j;
 		in+=i;
 		inl-=i;
 		}
+	return 1;
 	}
 
 int PEM_SealFinal(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *sig, int *sigl,
@@ -162,7 +167,8 @@ int PEM_SealFinal(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *sig, int *sigl,
 		goto err;
 		}
 
-	EVP_EncryptFinal_ex(&ctx->cipher,s,(int *)&i);
+	if (!EVP_EncryptFinal_ex(&ctx->cipher,s,(int *)&i))
+		goto err;
 	EVP_EncodeUpdate(&ctx->encode,out,&j,s,i);
 	*outl=j;
 	out+=j;
diff --git a/crypto/pem/pem_sign.c b/crypto/pem/pem_sign.c
index c3b9808cb2..80fb6e71ba 100644
--- a/crypto/pem/pem_sign.c
+++ b/crypto/pem/pem_sign.c
@@ -64,15 +64,15 @@
 #include <openssl/x509.h>
 #include <openssl/pem.h>
 
-void PEM_SignInit(EVP_MD_CTX *ctx, EVP_MD *type)
+int PEM_SignInit(EVP_MD_CTX *ctx, EVP_MD *type)
 	{
-	EVP_DigestInit_ex(ctx, type, NULL);
+	return EVP_DigestInit_ex(ctx, type, NULL);
 	}
 
-void PEM_SignUpdate(EVP_MD_CTX *ctx, unsigned char *data,
+int PEM_SignUpdate(EVP_MD_CTX *ctx, unsigned char *data,
 	     unsigned int count)
 	{
-	EVP_DigestUpdate(ctx,data,count);
+	return EVP_DigestUpdate(ctx,data,count);
 	}
 
 int PEM_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, unsigned int *siglen,
diff --git a/crypto/pem/pem_x509.c b/crypto/pem/pem_x509.c
index 19f88d8d3a..b531057dc9 100644
--- a/crypto/pem/pem_x509.c
+++ b/crypto/pem/pem_x509.c
@@ -1,5 +1,5 @@
 /* pem_x509.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2001.
  */
 /* ====================================================================
@@ -57,7 +57,6 @@
  */
 
 #include <stdio.h>
-#undef SSLEAY_MACROS
 #include "cryptlib.h"
 #include <openssl/bio.h>
 #include <openssl/evp.h>
diff --git a/crypto/pem/pem_xaux.c b/crypto/pem/pem_xaux.c
index 63ce660cf1..328f796200 100644
--- a/crypto/pem/pem_xaux.c
+++ b/crypto/pem/pem_xaux.c
@@ -1,5 +1,5 @@
 /* pem_xaux.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2001.
  */
 /* ====================================================================
@@ -57,7 +57,6 @@
  */
 
 #include <stdio.h>
-#undef SSLEAY_MACROS
 #include "cryptlib.h"
 #include <openssl/bio.h>
 #include <openssl/evp.h>
diff --git a/crypto/pem/pvkfmt.c b/crypto/pem/pvkfmt.c
new file mode 100644
index 0000000000..0d6c749c33
--- /dev/null
+++ b/crypto/pem/pvkfmt.c
@@ -0,0 +1,949 @@
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project 2005.
+ */
+/* ====================================================================
+ * Copyright (c) 2005 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/* Support for PVK format keys and related structures (such a PUBLICKEYBLOB
+ * and PRIVATEKEYBLOB).
+ */
+
+#include "cryptlib.h"
+#include <openssl/pem.h>
+#include <openssl/rand.h>
+#include <openssl/bn.h>
+#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DSA)
+#include <openssl/dsa.h>
+#include <openssl/rsa.h>
+
+/* Utility function: read a DWORD (4 byte unsigned integer) in little endian
+ * format
+ */
+
+static unsigned int read_ledword(const unsigned char **in)
+	{
+	const unsigned char *p = *in;
+	unsigned int ret;
+	ret = *p++;
+	ret |= (*p++ << 8);
+	ret |= (*p++ << 16);
+	ret |= (*p++ << 24);
+	*in = p;
+	return ret;
+	}
+
+/* Read a BIGNUM in little endian format. The docs say that this should take up 
+ * bitlen/8 bytes.
+ */
+
+static int read_lebn(const unsigned char **in, unsigned int nbyte, BIGNUM **r)
+	{
+	const unsigned char *p;
+	unsigned char *tmpbuf, *q;
+	unsigned int i;
+	p = *in + nbyte - 1;
+	tmpbuf = OPENSSL_malloc(nbyte);
+	if (!tmpbuf)
+		return 0;
+	q = tmpbuf;
+	for (i = 0; i < nbyte; i++)
+		*q++ = *p--;
+	*r = BN_bin2bn(tmpbuf, nbyte, NULL);
+	OPENSSL_free(tmpbuf);
+	if (*r)
+		{
+		*in += nbyte;
+		return 1;
+		}
+	else
+		return 0;
+	}
+
+
+/* Convert private key blob to EVP_PKEY: RSA and DSA keys supported */
+
+#define MS_PUBLICKEYBLOB	0x6
+#define MS_PRIVATEKEYBLOB	0x7
+#define MS_RSA1MAGIC		0x31415352L
+#define MS_RSA2MAGIC		0x32415352L
+#define MS_DSS1MAGIC		0x31535344L
+#define MS_DSS2MAGIC		0x32535344L
+
+#define MS_KEYALG_RSA_KEYX	0xa400
+#define MS_KEYALG_DSS_SIGN	0x2200
+
+#define MS_KEYTYPE_KEYX		0x1
+#define MS_KEYTYPE_SIGN		0x2
+
+/* The PVK file magic number: seems to spell out "bobsfile", who is Bob? */
+#define MS_PVKMAGIC		0xb0b5f11eL
+/* Salt length for PVK files */
+#define PVK_SALTLEN		0x10
+
+static EVP_PKEY *b2i_rsa(const unsigned char **in, unsigned int length,
+						unsigned int bitlen, int ispub);
+static EVP_PKEY *b2i_dss(const unsigned char **in, unsigned int length,
+						unsigned int bitlen, int ispub);
+
+static int do_blob_header(const unsigned char **in, unsigned int length,
+				unsigned int *pmagic, unsigned int *pbitlen,
+				int *pisdss, int *pispub)
+	{
+	const unsigned char *p = *in;
+	if (length < 16)
+		return 0;
+	/* bType */
+	if (*p == MS_PUBLICKEYBLOB)
+		{
+		if (*pispub == 0)
+			{
+			PEMerr(PEM_F_DO_BLOB_HEADER,
+					PEM_R_EXPECTING_PRIVATE_KEY_BLOB);
+			return 0;
+			}
+		*pispub = 1;
+		}
+	else if (*p == MS_PRIVATEKEYBLOB)
+		{
+		if (*pispub == 1)
+			{
+			PEMerr(PEM_F_DO_BLOB_HEADER,
+					PEM_R_EXPECTING_PUBLIC_KEY_BLOB);
+			return 0;
+			}
+		*pispub = 0;
+		}
+	else
+		return 0;
+	p++;
+	/* Version */
+	if (*p++ != 0x2)
+		{
+		PEMerr(PEM_F_DO_BLOB_HEADER, PEM_R_BAD_VERSION_NUMBER);
+		return 0;
+		}
+	/* Ignore reserved, aiKeyAlg */
+	p+= 6;
+	*pmagic = read_ledword(&p);
+	*pbitlen = read_ledword(&p);
+	*pisdss = 0;
+	switch (*pmagic)
+		{
+
+		case MS_DSS1MAGIC:
+		*pisdss = 1;
+		case MS_RSA1MAGIC:
+		if (*pispub == 0)
+			{
+			PEMerr(PEM_F_DO_BLOB_HEADER,
+					PEM_R_EXPECTING_PRIVATE_KEY_BLOB);
+			return 0;
+			}
+		break;
+
+		case MS_DSS2MAGIC:
+		*pisdss = 1;
+		case MS_RSA2MAGIC:
+		if (*pispub == 1)
+			{
+			PEMerr(PEM_F_DO_BLOB_HEADER,
+					PEM_R_EXPECTING_PUBLIC_KEY_BLOB);
+			return 0;
+			}
+		break;
+
+		default:
+		PEMerr(PEM_F_DO_BLOB_HEADER, PEM_R_BAD_MAGIC_NUMBER);
+		return -1;
+		}
+	*in = p;
+	return 1;
+	}
+
+static unsigned int blob_length(unsigned bitlen, int isdss, int ispub)
+	{
+	unsigned int nbyte, hnbyte;
+	nbyte = (bitlen + 7) >> 3;
+	hnbyte = (bitlen + 15) >> 4;
+	if (isdss)
+		{
+
+		/* Expected length: 20 for q + 3 components bitlen each + 24
+		 * for seed structure.
+		 */
+		if (ispub)
+			return  44 + 3 * nbyte;
+		/* Expected length: 20 for q, priv, 2 bitlen components + 24
+		 * for seed structure.
+		 */
+		else
+			return 64 + 2 * nbyte;
+		}
+	else
+		{
+		/* Expected length: 4 for 'e' + 'n' */
+		if (ispub)
+			return 4 + nbyte;
+		else
+		/* Expected length: 4 for 'e' and 7 other components.
+		 * 2 components are bitlen size, 5 are bitlen/2
+		 */
+			return 4 + 2*nbyte + 5*hnbyte;
+		}
+
+	}
+
+static EVP_PKEY *do_b2i(const unsigned char **in, unsigned int length,
+								int ispub)
+	{
+	const unsigned char *p = *in;
+	unsigned int bitlen, magic;
+	int isdss;
+	if (do_blob_header(&p, length, &magic, &bitlen, &isdss, &ispub) <= 0)
+		{
+		PEMerr(PEM_F_DO_B2I, PEM_R_KEYBLOB_HEADER_PARSE_ERROR);
+		return NULL;
+		}
+	length -= 16;
+	if (length < blob_length(bitlen, isdss, ispub))
+		{
+		PEMerr(PEM_F_DO_B2I, PEM_R_KEYBLOB_TOO_SHORT);
+		return NULL;
+		}
+	if (isdss)
+		return b2i_dss(&p, length, bitlen, ispub);
+	else
+		return b2i_rsa(&p, length, bitlen, ispub);
+	}
+
+static EVP_PKEY *do_b2i_bio(BIO *in, int ispub)
+	{
+	const unsigned char *p;
+	unsigned char hdr_buf[16], *buf = NULL;
+	unsigned int bitlen, magic, length;
+	int isdss;
+	EVP_PKEY *ret = NULL;
+	if (BIO_read(in, hdr_buf, 16) != 16)
+		{
+		PEMerr(PEM_F_DO_B2I_BIO, PEM_R_KEYBLOB_TOO_SHORT);
+		return NULL;
+		}
+	p = hdr_buf;
+	if (do_blob_header(&p, 16, &magic, &bitlen, &isdss, &ispub) <= 0)
+		return NULL;
+
+	length = blob_length(bitlen, isdss, ispub);
+	buf = OPENSSL_malloc(length);
+	if (!buf)
+		{
+		PEMerr(PEM_F_DO_B2I_BIO, ERR_R_MALLOC_FAILURE);
+		goto err;
+		}
+	p = buf;
+	if (BIO_read(in, buf, length) != (int)length)
+		{
+		PEMerr(PEM_F_DO_B2I_BIO, PEM_R_KEYBLOB_TOO_SHORT);
+		goto err;
+		}
+
+	if (isdss)
+		ret = b2i_dss(&p, length, bitlen, ispub);
+	else
+		ret = b2i_rsa(&p, length, bitlen, ispub);
+
+	err:
+	if (buf)
+		OPENSSL_free(buf);
+	return ret;
+	}
+
+static EVP_PKEY *b2i_dss(const unsigned char **in, unsigned int length,
+						unsigned int bitlen, int ispub)
+	{
+	const unsigned char *p = *in;
+	EVP_PKEY *ret = NULL;
+	DSA *dsa = NULL;
+	BN_CTX *ctx = NULL;
+	unsigned int nbyte;
+	nbyte = (bitlen + 7) >> 3;
+
+	dsa = DSA_new();
+	ret = EVP_PKEY_new();
+	if (!dsa || !ret)
+		goto memerr;
+	if (!read_lebn(&p, nbyte, &dsa->p))
+		goto memerr;
+	if (!read_lebn(&p, 20, &dsa->q))
+		goto memerr;
+	if (!read_lebn(&p, nbyte, &dsa->g))
+		goto memerr;
+	if (ispub)
+		{
+		if (!read_lebn(&p, nbyte, &dsa->pub_key))
+			goto memerr;
+		}
+	else
+		{
+		if (!read_lebn(&p, 20, &dsa->priv_key))
+			goto memerr;
+		/* Calculate public key */
+		if (!(dsa->pub_key = BN_new()))
+			goto memerr;
+		if (!(ctx = BN_CTX_new()))
+			goto memerr;
+			
+		if (!BN_mod_exp(dsa->pub_key, dsa->g,
+						 dsa->priv_key, dsa->p, ctx))
+			
+			goto memerr;
+		BN_CTX_free(ctx);
+		}
+
+	EVP_PKEY_set1_DSA(ret, dsa);
+	DSA_free(dsa);
+	*in = p;
+	return ret;
+
+	memerr:
+	PEMerr(PEM_F_B2I_DSS, ERR_R_MALLOC_FAILURE);
+	if (dsa)
+		DSA_free(dsa);
+	if (ret)
+		EVP_PKEY_free(ret);
+	if (ctx)
+		BN_CTX_free(ctx);
+	return NULL;
+	}
+
+static EVP_PKEY *b2i_rsa(const unsigned char **in, unsigned int length,
+						unsigned int bitlen, int ispub)
+		
+	{
+	const unsigned char *p = *in;
+	EVP_PKEY *ret = NULL;
+	RSA *rsa = NULL;
+	unsigned int nbyte, hnbyte;
+	nbyte = (bitlen + 7) >> 3;
+	hnbyte = (bitlen + 15) >> 4;
+	rsa = RSA_new();
+	ret = EVP_PKEY_new();
+	if (!rsa || !ret)
+		goto memerr;
+	rsa->e = BN_new();
+	if (!rsa->e)
+		goto memerr;
+	if (!BN_set_word(rsa->e, read_ledword(&p)))
+		goto memerr;
+	if (!read_lebn(&p, nbyte, &rsa->n))
+		goto memerr;
+	if (!ispub)
+		{
+		if (!read_lebn(&p, hnbyte, &rsa->p))
+			goto memerr;
+		if (!read_lebn(&p, hnbyte, &rsa->q))
+			goto memerr;
+		if (!read_lebn(&p, hnbyte, &rsa->dmp1))
+			goto memerr;
+		if (!read_lebn(&p, hnbyte, &rsa->dmq1))
+			goto memerr;
+		if (!read_lebn(&p, hnbyte, &rsa->iqmp))
+			goto memerr;
+		if (!read_lebn(&p, nbyte, &rsa->d))
+			goto memerr;
+		}
+
+	EVP_PKEY_set1_RSA(ret, rsa);
+	RSA_free(rsa);
+	*in = p;
+	return ret;
+	memerr:
+	PEMerr(PEM_F_B2I_RSA, ERR_R_MALLOC_FAILURE);
+	if (rsa)
+		RSA_free(rsa);
+	if (ret)
+		EVP_PKEY_free(ret);
+	return NULL;
+	}
+
+EVP_PKEY *b2i_PrivateKey(const unsigned char **in, long length)
+	{
+	return do_b2i(in, length, 0);
+	}
+
+EVP_PKEY *b2i_PublicKey(const unsigned char **in, long length)
+	{
+	return do_b2i(in, length, 1);
+	}
+
+
+EVP_PKEY *b2i_PrivateKey_bio(BIO *in)
+	{
+	return do_b2i_bio(in, 0);
+	}
+
+EVP_PKEY *b2i_PublicKey_bio(BIO *in)
+	{
+	return do_b2i_bio(in, 1);
+	}
+
+static void write_ledword(unsigned char **out, unsigned int dw)
+	{
+	unsigned char *p = *out;
+	*p++ = dw & 0xff;
+	*p++ = (dw>>8) & 0xff;
+	*p++ = (dw>>16) & 0xff;
+	*p++ = (dw>>24) & 0xff;
+	*out = p;
+	}
+
+static void write_lebn(unsigned char **out, const BIGNUM *bn, int len)
+	{
+	int nb, i;
+	unsigned char *p = *out, *q, c;
+	nb = BN_num_bytes(bn);
+	BN_bn2bin(bn, p);
+	q = p + nb - 1;
+	/* In place byte order reversal */
+	for (i = 0; i < nb/2; i++)
+		{
+		c = *p;
+		*p++ = *q;
+		*q-- = c;
+		}
+	*out += nb;
+	/* Pad with zeroes if we have to */
+	if (len > 0)
+		{
+		len -= nb;
+		if (len > 0)
+			{
+			memset(*out, 0, len);
+			*out += len;
+			}
+		}
+	}
+
+
+static int check_bitlen_rsa(RSA *rsa, int ispub, unsigned int *magic);
+static int check_bitlen_dsa(DSA *dsa, int ispub, unsigned int *magic);
+
+static void write_rsa(unsigned char **out, RSA *rsa, int ispub);
+static void write_dsa(unsigned char **out, DSA *dsa, int ispub);
+	
+static int do_i2b(unsigned char **out, EVP_PKEY *pk, int ispub)
+	{
+	unsigned char *p;
+	unsigned int bitlen, magic = 0, keyalg;
+	int outlen, noinc = 0;
+	if (pk->type == EVP_PKEY_DSA)
+		{
+		bitlen = check_bitlen_dsa(pk->pkey.dsa, ispub, &magic);
+		keyalg = MS_KEYALG_DSS_SIGN;
+		}
+	else if (pk->type == EVP_PKEY_RSA)
+		{
+		bitlen = check_bitlen_rsa(pk->pkey.rsa, ispub, &magic);
+		keyalg = MS_KEYALG_RSA_KEYX;
+		}
+	else
+		return -1;
+	if (bitlen == 0)
+		return -1;
+	outlen = 16 + blob_length(bitlen,
+			keyalg == MS_KEYALG_DSS_SIGN ? 1 : 0, ispub);
+	if (out == NULL)
+		return outlen;
+	if (*out)
+		p = *out;
+	else
+		{
+		p = OPENSSL_malloc(outlen);
+		if (!p)
+			return -1;
+		*out = p;
+		noinc = 1;
+		}
+	if (ispub)
+		*p++ = MS_PUBLICKEYBLOB;
+	else
+		*p++ = MS_PRIVATEKEYBLOB;
+	*p++ = 0x2;
+	*p++ = 0;
+	*p++ = 0;
+	write_ledword(&p, keyalg);
+	write_ledword(&p, magic);
+	write_ledword(&p, bitlen);
+	if (keyalg == MS_KEYALG_DSS_SIGN)
+		write_dsa(&p, pk->pkey.dsa, ispub);
+	else
+		write_rsa(&p, pk->pkey.rsa, ispub);
+	if (!noinc)
+		*out += outlen;
+	return outlen;
+	}
+
+static int do_i2b_bio(BIO *out, EVP_PKEY *pk, int ispub)
+	{
+	unsigned char *tmp = NULL;
+	int outlen, wrlen;
+	outlen = do_i2b(&tmp, pk, ispub);
+	if (outlen < 0)
+		return -1;
+	wrlen = BIO_write(out, tmp, outlen);
+	OPENSSL_free(tmp);
+	if (wrlen == outlen)
+		return outlen;
+	return -1;
+	}
+
+static int check_bitlen_dsa(DSA *dsa, int ispub, unsigned int *pmagic)
+	{
+	int bitlen;
+	bitlen = BN_num_bits(dsa->p);
+	if ((bitlen & 7) || (BN_num_bits(dsa->q) != 160)
+		|| (BN_num_bits(dsa->g) > bitlen))
+		goto badkey;
+	if (ispub)
+		{
+		if (BN_num_bits(dsa->pub_key) > bitlen)
+			goto badkey;
+		*pmagic = MS_DSS1MAGIC;
+		}
+	else
+		{
+		if (BN_num_bits(dsa->priv_key) > 160)
+			goto badkey;
+		*pmagic = MS_DSS2MAGIC;
+		}
+	
+	return bitlen;
+	badkey:
+	PEMerr(PEM_F_CHECK_BITLEN_DSA, PEM_R_UNSUPPORTED_KEY_COMPONENTS);
+	return 0;
+	}
+
+static int check_bitlen_rsa(RSA *rsa, int ispub, unsigned int *pmagic)
+	{
+	int nbyte, hnbyte, bitlen;
+	if (BN_num_bits(rsa->e) > 32)
+		goto badkey;
+	bitlen = BN_num_bits(rsa->n);
+	nbyte = BN_num_bytes(rsa->n);
+	hnbyte = (BN_num_bits(rsa->n) + 15) >> 4;
+	if (ispub)
+		{
+		*pmagic = MS_RSA1MAGIC;
+		return bitlen;
+		}
+	else
+	{
+		*pmagic = MS_RSA2MAGIC;
+		/* For private key each component must fit within nbyte or
+		 * hnbyte.
+		 */
+		if (BN_num_bytes(rsa->d) > nbyte)
+			goto badkey;
+		if ((BN_num_bytes(rsa->iqmp) > hnbyte)
+			|| (BN_num_bytes(rsa->p) > hnbyte)
+			|| (BN_num_bytes(rsa->q) > hnbyte)
+			|| (BN_num_bytes(rsa->dmp1) > hnbyte)
+			|| (BN_num_bytes(rsa->dmq1) > hnbyte))
+			goto badkey;
+	}
+	return bitlen;
+	badkey:
+	PEMerr(PEM_F_CHECK_BITLEN_RSA, PEM_R_UNSUPPORTED_KEY_COMPONENTS);
+	return 0;
+	}
+
+
+static void write_rsa(unsigned char **out, RSA *rsa, int ispub)
+	{
+	int nbyte, hnbyte;
+	nbyte = BN_num_bytes(rsa->n);
+	hnbyte = (BN_num_bits(rsa->n) + 15) >> 4;
+	write_lebn(out, rsa->e, 4);
+	write_lebn(out, rsa->n, -1);
+	if (ispub)
+		return;
+	write_lebn(out, rsa->p, hnbyte);
+	write_lebn(out, rsa->q, hnbyte);
+	write_lebn(out, rsa->dmp1, hnbyte);
+	write_lebn(out, rsa->dmq1, hnbyte);
+	write_lebn(out, rsa->iqmp, hnbyte);
+	write_lebn(out, rsa->d, nbyte);
+	}
+
+	
+static void write_dsa(unsigned char **out, DSA *dsa, int ispub)
+	{
+	int nbyte;
+	nbyte = BN_num_bytes(dsa->p);
+	write_lebn(out, dsa->p, nbyte);
+	write_lebn(out, dsa->q, 20);
+	write_lebn(out, dsa->g, nbyte);
+	if (ispub)
+		write_lebn(out, dsa->pub_key, nbyte);
+	else
+		write_lebn(out, dsa->priv_key, 20);
+	/* Set "invalid" for seed structure values */
+	memset(*out, 0xff, 24);
+	*out += 24;
+	return;
+	}
+	
+
+int i2b_PrivateKey_bio(BIO *out, EVP_PKEY *pk)
+	{
+	return do_i2b_bio(out, pk, 0);
+	}
+
+int i2b_PublicKey_bio(BIO *out, EVP_PKEY *pk)
+	{
+	return do_i2b_bio(out, pk, 1);
+	}
+
+static int do_PVK_header(const unsigned char **in, unsigned int length,
+		int skip_magic,
+	       	unsigned int *psaltlen, unsigned int *pkeylen)
+		
+	{
+	const unsigned char *p = *in;
+	unsigned int pvk_magic, keytype, is_encrypted;
+	if (skip_magic)
+		{
+		if (length < 20)
+			{
+			PEMerr(PEM_F_DO_PVK_HEADER, PEM_R_PVK_TOO_SHORT);
+			return 0;
+			}
+		length -= 20;
+		}
+	else
+		{
+		if (length < 24)
+			{
+			PEMerr(PEM_F_DO_PVK_HEADER, PEM_R_PVK_TOO_SHORT);
+			return 0;
+			}
+		length -= 24;
+		pvk_magic = read_ledword(&p);
+		if (pvk_magic != MS_PVKMAGIC)
+			{
+			PEMerr(PEM_F_DO_PVK_HEADER, PEM_R_BAD_MAGIC_NUMBER);
+			return 0;
+			}
+		}
+	/* Skip reserved */
+	p += 4;
+	keytype = read_ledword(&p);
+	is_encrypted = read_ledword(&p);
+	*psaltlen = read_ledword(&p);
+	*pkeylen = read_ledword(&p);
+
+	if (is_encrypted && !*psaltlen)
+		{
+		PEMerr(PEM_F_DO_PVK_HEADER, PEM_R_INCONSISTENT_HEADER);
+		return 0;
+		}
+
+	*in = p;
+	return 1;
+	}
+
+static int derive_pvk_key(unsigned char *key, 
+			const unsigned char *salt, unsigned int saltlen,
+			const unsigned char *pass, int passlen)
+	{
+	EVP_MD_CTX mctx;
+	int rv = 1;
+	EVP_MD_CTX_init(&mctx);
+	if (!EVP_DigestInit_ex(&mctx, EVP_sha1(), NULL)
+		|| !EVP_DigestUpdate(&mctx, salt, saltlen)
+		|| !EVP_DigestUpdate(&mctx, pass, passlen)
+		|| !EVP_DigestFinal_ex(&mctx, key, NULL))
+			rv = 0;
+
+	EVP_MD_CTX_cleanup(&mctx);
+	return rv;
+	}
+	
+
+static EVP_PKEY *do_PVK_body(const unsigned char **in,
+		unsigned int saltlen, unsigned int keylen,
+		pem_password_cb *cb, void *u)
+	{
+	EVP_PKEY *ret = NULL;
+	const unsigned char *p = *in;
+	unsigned int magic;
+	unsigned char *enctmp = NULL, *q;
+	EVP_CIPHER_CTX cctx;
+	EVP_CIPHER_CTX_init(&cctx);
+	if (saltlen)
+		{
+		char psbuf[PEM_BUFSIZE];
+		unsigned char keybuf[20];
+		int enctmplen, inlen;
+		if (cb)
+			inlen=cb(psbuf,PEM_BUFSIZE,0,u);
+		else
+			inlen=PEM_def_callback(psbuf,PEM_BUFSIZE,0,u);
+		if (inlen <= 0)
+			{
+			PEMerr(PEM_F_DO_PVK_BODY,PEM_R_BAD_PASSWORD_READ);
+			return NULL;
+			}
+		enctmp = OPENSSL_malloc(keylen + 8);
+		if (!enctmp)
+			{
+			PEMerr(PEM_F_DO_PVK_BODY, ERR_R_MALLOC_FAILURE);
+			return NULL;
+			}
+		if (!derive_pvk_key(keybuf, p, saltlen,
+			    (unsigned char *)psbuf, inlen))
+			return NULL;
+		p += saltlen;
+		/* Copy BLOBHEADER across, decrypt rest */
+		memcpy(enctmp, p, 8);
+		p += 8;
+		inlen = keylen - 8;
+		q = enctmp + 8;
+		if (!EVP_DecryptInit_ex(&cctx, EVP_rc4(), NULL, keybuf, NULL))
+			goto err;
+		if (!EVP_DecryptUpdate(&cctx, q, &enctmplen, p, inlen))
+			goto err;
+		if (!EVP_DecryptFinal_ex(&cctx, q + enctmplen, &enctmplen))
+			goto err;
+		magic = read_ledword((const unsigned char **)&q);
+		if (magic != MS_RSA2MAGIC && magic != MS_DSS2MAGIC)
+			{
+			q = enctmp + 8;
+			memset(keybuf + 5, 0, 11);
+			if (!EVP_DecryptInit_ex(&cctx, EVP_rc4(), NULL, keybuf,
+								NULL))
+				goto err;
+			OPENSSL_cleanse(keybuf, 20);
+			if (!EVP_DecryptUpdate(&cctx, q, &enctmplen, p, inlen))
+				goto err;
+			if (!EVP_DecryptFinal_ex(&cctx, q + enctmplen,
+								&enctmplen))
+				goto err;
+			magic = read_ledword((const unsigned char **)&q);
+			if (magic != MS_RSA2MAGIC && magic != MS_DSS2MAGIC)
+				{
+				PEMerr(PEM_F_DO_PVK_BODY, PEM_R_BAD_DECRYPT);
+				goto err;
+				}
+			}
+		else
+			OPENSSL_cleanse(keybuf, 20);
+		p = enctmp;
+		}
+
+	ret = b2i_PrivateKey(&p, keylen);
+	err:
+	EVP_CIPHER_CTX_cleanup(&cctx);
+	if (enctmp && saltlen)
+		OPENSSL_free(enctmp);
+	return ret;
+	}
+
+
+EVP_PKEY *b2i_PVK_bio(BIO *in, pem_password_cb *cb, void *u)
+	{
+	unsigned char pvk_hdr[24], *buf = NULL;
+	const unsigned char *p;
+	int buflen;
+	EVP_PKEY *ret = NULL;
+	unsigned int saltlen, keylen;
+	if (BIO_read(in, pvk_hdr, 24) != 24)
+		{
+		PEMerr(PEM_F_B2I_PVK_BIO, PEM_R_PVK_DATA_TOO_SHORT);
+		return NULL;
+		}
+	p = pvk_hdr;
+
+	if (!do_PVK_header(&p, 24, 0, &saltlen, &keylen))
+		return 0;
+	buflen = (int) keylen + saltlen;
+	buf = OPENSSL_malloc(buflen);
+	if (!buf)
+		{
+		PEMerr(PEM_F_B2I_PVK_BIO, ERR_R_MALLOC_FAILURE);
+		return 0;
+		}
+	p = buf;
+	if (BIO_read(in, buf, buflen) != buflen)
+		{
+		PEMerr(PEM_F_B2I_PVK_BIO, PEM_R_PVK_DATA_TOO_SHORT);
+		goto err;
+		}
+	ret = do_PVK_body(&p, saltlen, keylen, cb, u);
+
+	err:
+	if (buf)
+		{
+		OPENSSL_cleanse(buf, buflen);
+		OPENSSL_free(buf);
+		}
+	return ret;
+	}
+
+	
+	
+static int i2b_PVK(unsigned char **out, EVP_PKEY*pk, int enclevel,
+		pem_password_cb *cb, void *u)
+	{
+	int outlen = 24, noinc, pklen;
+	unsigned char *p, *salt = NULL;
+	EVP_CIPHER_CTX cctx;
+	EVP_CIPHER_CTX_init(&cctx);
+	if (enclevel)
+		outlen += PVK_SALTLEN;
+	pklen = do_i2b(NULL, pk, 0);
+	if (pklen < 0)
+		return -1;
+	outlen += pklen;
+	if (!out)
+		return outlen;
+	if (*out)
+		{
+		p = *out;
+		noinc = 0;
+		}
+	else
+		{
+		p = OPENSSL_malloc(outlen);
+		if (!p)
+			{
+			PEMerr(PEM_F_I2B_PVK,ERR_R_MALLOC_FAILURE);
+			return -1;
+			}
+		*out = p;
+		noinc = 1;
+		}
+
+	write_ledword(&p, MS_PVKMAGIC);
+	write_ledword(&p, 0);
+	if (pk->type == EVP_PKEY_DSA)
+		write_ledword(&p, MS_KEYTYPE_SIGN);
+	else
+		write_ledword(&p, MS_KEYTYPE_KEYX);
+	write_ledword(&p, enclevel ? 1 : 0);
+	write_ledword(&p, enclevel ? PVK_SALTLEN: 0);
+	write_ledword(&p, pklen);
+	if (enclevel)
+		{
+		if (RAND_bytes(p, PVK_SALTLEN) <= 0)
+			goto error;
+		salt = p;
+		p += PVK_SALTLEN;
+		}
+	do_i2b(&p, pk, 0);
+	if (enclevel == 0)
+		return outlen;
+	else
+		{
+		char psbuf[PEM_BUFSIZE];
+		unsigned char keybuf[20];
+		int enctmplen, inlen;
+		if (cb)
+			inlen=cb(psbuf,PEM_BUFSIZE,1,u);
+		else
+			inlen=PEM_def_callback(psbuf,PEM_BUFSIZE,1,u);
+		if (inlen <= 0)
+			{
+			PEMerr(PEM_F_I2B_PVK,PEM_R_BAD_PASSWORD_READ);
+			goto error;
+			}
+		if (!derive_pvk_key(keybuf, salt, PVK_SALTLEN,
+			    (unsigned char *)psbuf, inlen))
+			goto error;
+		if (enclevel == 1)
+			memset(keybuf + 5, 0, 11);
+		p = salt + PVK_SALTLEN + 8;
+		if (!EVP_EncryptInit_ex(&cctx, EVP_rc4(), NULL, keybuf, NULL))
+			goto error;
+		OPENSSL_cleanse(keybuf, 20);
+		if (!EVP_DecryptUpdate(&cctx, p, &enctmplen, p, pklen - 8))
+			goto error;
+		if (!EVP_DecryptFinal_ex(&cctx, p + enctmplen, &enctmplen))
+			goto error;
+		}
+	EVP_CIPHER_CTX_cleanup(&cctx);
+	return outlen;
+
+	error:
+	EVP_CIPHER_CTX_cleanup(&cctx);
+	return -1;
+	}
+
+int i2b_PVK_bio(BIO *out, EVP_PKEY *pk, int enclevel,
+		pem_password_cb *cb, void *u)
+	{
+	unsigned char *tmp = NULL;
+	int outlen, wrlen;
+	outlen = i2b_PVK(&tmp, pk, enclevel, cb, u);
+	if (outlen < 0)
+		return -1;
+	wrlen = BIO_write(out, tmp, outlen);
+	OPENSSL_free(tmp);
+	if (wrlen == outlen)
+		{
+		PEMerr(PEM_F_I2B_PVK_BIO, PEM_R_BIO_WRITE_FAILURE);
+		return outlen;
+		}
+	return -1;
+	}
+#endif
diff --git a/crypto/perlasm/cbc.pl b/crypto/perlasm/cbc.pl
index 22149c680e..e43dc9ae15 100644
--- a/crypto/perlasm/cbc.pl
+++ b/crypto/perlasm/cbc.pl
@@ -322,7 +322,8 @@ sub cbc
 
 	&function_end_A($name);
 
-	&set_label("cbc_enc_jmp_table",1);
+	&align(64);
+	&set_label("cbc_enc_jmp_table");
 	&data_word("0");
 	&data_word(&label("ej1")."-".&label("PIC_point"));
 	&data_word(&label("ej2")."-".&label("PIC_point"));
@@ -341,6 +342,7 @@ sub cbc
 	#&data_word(&label("dj5")."-".&label("PIC_point"));
 	#&data_word(&label("dj6")."-".&label("PIC_point"));
 	#&data_word(&label("dj7")."-".&label("PIC_point"));
+	&align(64);
 
 	&function_end_B($name);
 	
diff --git a/crypto/perlasm/ppc-xlate.pl b/crypto/perlasm/ppc-xlate.pl
new file mode 100755
index 0000000000..4579671c97
--- /dev/null
+++ b/crypto/perlasm/ppc-xlate.pl
@@ -0,0 +1,152 @@
+#!/usr/bin/env perl
+
+# PowerPC assembler distiller by <appro>.
+
+my $flavour = shift;
+my $output = shift;
+open STDOUT,">$output" || die "can't open $output: $!";
+
+my %GLOBALS;
+my $dotinlocallabels=($flavour=~/linux/)?1:0;
+
+################################################################
+# directives which need special treatment on different platforms
+################################################################
+my $globl = sub {
+    my $junk = shift;
+    my $name = shift;
+    my $global = \$GLOBALS{$name};
+    my $ret;
+
+    $name =~ s|^[\.\_]||;
+ 
+    SWITCH: for ($flavour) {
+	/aix/		&& do { $name = ".$name";
+				last;
+			      };
+	/osx/		&& do { $name = "_$name";
+				last;
+			      };
+	/linux.*32/	&& do {	$ret .= ".globl	$name\n";
+				$ret .= ".type	$name,\@function";
+				last;
+			      };
+	/linux.*64/	&& do {	$ret .= ".globl	.$name\n";
+				$ret .= ".type	.$name,\@function\n";
+				$ret .= ".section	\".opd\",\"aw\"\n";
+				$ret .= ".globl	$name\n";
+				$ret .= ".align	3\n";
+				$ret .= "$name:\n";
+				$ret .= ".quad	.$name,.TOC.\@tocbase,0\n";
+				$ret .= ".size	$name,24\n";
+				$ret .= ".previous\n";
+
+				$name = ".$name";
+				last;
+			      };
+    }
+
+    $ret = ".globl	$name" if (!$ret);
+    $$global = $name;
+    $ret;
+};
+my $text = sub {
+    ($flavour =~ /aix/) ? ".csect" : ".text";
+};
+my $machine = sub {
+    my $junk = shift;
+    my $arch = shift;
+    if ($flavour =~ /osx/)
+    {	$arch =~ s/\"//g;
+	$arch = ($flavour=~/64/) ? "ppc970-64" : "ppc970" if ($arch eq "any");
+    }
+    ".machine	$arch";
+};
+my $asciz = sub {
+    shift;
+    my $line = join(",",@_);
+    if ($line =~ /^"(.*)"$/)
+    {	".byte	" . join(",",unpack("C*",$1),0) . "\n.align	2";	}
+    else
+    {	"";	}
+};
+
+################################################################
+# simplified mnemonics not handled by at least one assembler
+################################################################
+my $cmplw = sub {
+    my $f = shift;
+    my $cr = 0; $cr = shift if ($#_>1);
+    # Some out-of-date 32-bit GNU assembler just can't handle cmplw...
+    ($flavour =~ /linux.*32/) ?
+	"	.long	".sprintf "0x%x",31<<26|$cr<<23|$_[0]<<16|$_[1]<<11|64 :
+	"	cmplw	".join(',',$cr,@_);
+};
+my $bdnz = sub {
+    my $f = shift;
+    my $bo = $f=~/[\+\-]/ ? 16+9 : 16;	# optional "to be taken" hint
+    "	bc	$bo,0,".shift;
+} if ($flavour!~/linux/);
+my $bltlr = sub {
+    my $f = shift;
+    my $bo = $f=~/\-/ ? 12+2 : 12;	# optional "not to be taken" hint
+    ($flavour =~ /linux/) ?		# GNU as doesn't allow most recent hints
+	"	.long	".sprintf "0x%x",19<<26|$bo<<21|16<<1 :
+	"	bclr	$bo,0";
+};
+my $bnelr = sub {
+    my $f = shift;
+    my $bo = $f=~/\-/ ? 4+2 : 4;	# optional "not to be taken" hint
+    ($flavour =~ /linux/) ?		# GNU as doesn't allow most recent hints
+	"	.long	".sprintf "0x%x",19<<26|$bo<<21|2<<16|16<<1 :
+	"	bclr	$bo,2";
+};
+my $beqlr = sub {
+    my $f = shift;
+    my $bo = $f=~/-/ ? 12+2 : 12;	# optional "not to be taken" hint
+    ($flavour =~ /linux/) ?		# GNU as doesn't allow most recent hints
+	"	.long	".sprintf "0x%X",19<<26|$bo<<21|2<<16|16<<1 :
+	"	bclr	$bo,2";
+};
+# GNU assembler can't handle extrdi rA,rS,16,48, or when sum of last two
+# arguments is 64, with "operand out of range" error.
+my $extrdi = sub {
+    my ($f,$ra,$rs,$n,$b) = @_;
+    $b = ($b+$n)&63; $n = 64-$n;
+    "	rldicl	$ra,$rs,$b,$n";
+};
+
+while($line=<>) {
+
+    $line =~ s|[#!;].*$||;	# get rid of asm-style comments...
+    $line =~ s|/\*.*\*/||;	# ... and C-style comments...
+    $line =~ s|^\s+||;		# ... and skip white spaces in beginning...
+    $line =~ s|\s+$||;		# ... and at the end
+
+    {
+	$line =~ s|\b\.L(\w+)|L$1|g;	# common denominator for Locallabel
+	$line =~ s|\bL(\w+)|\.L$1|g	if ($dotinlocallabels);
+    }
+
+    {
+	$line =~ s|(^[\.\w]+)\:\s*||;
+	my $label = $1;
+	printf "%s:",($GLOBALS{$label} or $label) if ($label);
+    }
+
+    {
+	$line =~ s|^\s*(\.?)(\w+)([\.\+\-]?)\s*||;
+	my $c = $1; $c = "\t" if ($c eq "");
+	my $mnemonic = $2;
+	my $f = $3;
+	my $opcode = eval("\$$mnemonic");
+	$line =~ s|\bc?[rf]([0-9]+)\b|$1|g if ($c ne "." and $flavour !~ /osx/);
+	if (ref($opcode) eq 'CODE') { $line = &$opcode($f,split(',',$line)); }
+	elsif ($mnemonic)           { $line = $c.$mnemonic.$f."\t".$line; }
+    }
+
+    print $line if ($line);
+    print "\n";
+}
+
+close STDOUT;
diff --git a/crypto/perlasm/x86_64-xlate.pl b/crypto/perlasm/x86_64-xlate.pl
new file mode 100755
index 0000000000..e4fc17bdbd
--- /dev/null
+++ b/crypto/perlasm/x86_64-xlate.pl
@@ -0,0 +1,906 @@
+#!/usr/bin/env perl
+
+# Ascetic x86_64 AT&T to MASM/NASM assembler translator by <appro>.
+#
+# Why AT&T to MASM and not vice versa? Several reasons. Because AT&T
+# format is way easier to parse. Because it's simpler to "gear" from
+# Unix ABI to Windows one [see cross-reference "card" at the end of
+# file]. Because Linux targets were available first...
+#
+# In addition the script also "distills" code suitable for GNU
+# assembler, so that it can be compiled with more rigid assemblers,
+# such as Solaris /usr/ccs/bin/as.
+#
+# This translator is not designed to convert *arbitrary* assembler
+# code from AT&T format to MASM one. It's designed to convert just
+# enough to provide for dual-ABI OpenSSL modules development...
+# There *are* limitations and you might have to modify your assembler
+# code or this script to achieve the desired result...
+#
+# Currently recognized limitations:
+#
+# - can't use multiple ops per line;
+#
+# Dual-ABI styling rules.
+#
+# 1. Adhere to Unix register and stack layout [see cross-reference
+#    ABI "card" at the end for explanation].
+# 2. Forget about "red zone," stick to more traditional blended
+#    stack frame allocation. If volatile storage is actually required
+#    that is. If not, just leave the stack as is.
+# 3. Functions tagged with ".type name,@function" get crafted with
+#    unified Win64 prologue and epilogue automatically. If you want
+#    to take care of ABI differences yourself, tag functions as
+#    ".type name,@abi-omnipotent" instead.
+# 4. To optimize the Win64 prologue you can specify number of input
+#    arguments as ".type name,@function,N." Keep in mind that if N is
+#    larger than 6, then you *have to* write "abi-omnipotent" code,
+#    because >6 cases can't be addressed with unified prologue.
+# 5. Name local labels as .L*, do *not* use dynamic labels such as 1:
+#    (sorry about latter).
+# 6. Don't use [or hand-code with .byte] "rep ret." "ret" mnemonic is
+#    required to identify the spots, where to inject Win64 epilogue!
+#    But on the pros, it's then prefixed with rep automatically:-)
+# 7. Stick to explicit ip-relative addressing. If you have to use
+#    GOTPCREL addressing, stick to mov symbol@GOTPCREL(%rip),%r??.
+#    Both are recognized and translated to proper Win64 addressing
+#    modes. To support legacy code a synthetic directive, .picmeup,
+#    is implemented. It puts address of the *next* instruction into
+#    target register, e.g.:
+#
+#		.picmeup	%rax
+#		lea		.Label-.(%rax),%rax
+#
+# 8. In order to provide for structured exception handling unified
+#    Win64 prologue copies %rsp value to %rax. For further details
+#    see SEH paragraph at the end.
+# 9. .init segment is allowed to contain calls to functions only.
+
+my $flavour = shift;
+my $output  = shift;
+if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
+
+{ my ($stddev,$stdino,@junk)=stat(STDOUT);
+  my ($outdev,$outino,@junk)=stat($output);
+
+    open STDOUT,">$output" || die "can't open $output: $!"
+	if ($stddev!=$outdev || $stdino!=$outino);
+}
+
+my $gas=1;	$gas=0 if ($output =~ /\.asm$/);
+my $elf=1;	$elf=0 if (!$gas);
+my $win64=0;
+my $prefix="";
+my $decor=".L";
+
+my $masmref=8 + 50727*2**-32;	# 8.00.50727 shipped with VS2005
+my $masm=0;
+my $PTR=" PTR";
+
+my $nasmref=2.03;
+my $nasm=0;
+
+if    ($flavour eq "mingw64")	{ $gas=1; $elf=0; $win64=1; $prefix="_"; }
+elsif ($flavour eq "macosx")	{ $gas=1; $elf=0; $prefix="_"; $decor="L\$"; }
+elsif ($flavour eq "masm")	{ $gas=0; $elf=0; $masm=$masmref; $win64=1; $decor="\$L\$"; }
+elsif ($flavour eq "nasm")	{ $gas=0; $elf=0; $nasm=$nasmref; $win64=1; $decor="\$L\$"; $PTR=""; }
+elsif (!$gas)
+{   if ($ENV{ASM} =~ m/nasm/ && `nasm -v` =~ m/version ([0-9]+)\.([0-9]+)/i)
+    {	$nasm = $1 + $2*0.01; $PTR="";  }
+    elsif (`ml64 2>&1` =~ m/Version ([0-9]+)\.([0-9]+)(\.([0-9]+))?/)
+    {	$masm = $1 + $2*2**-16 + $4*2**-32;   }
+    die "no assembler found on %PATH" if (!($nasm || $masm));
+    $win64=1;
+    $elf=0;
+    $decor="\$L\$";
+}
+
+my $current_segment;
+my $current_function;
+my %globals;
+
+{ package opcode;	# pick up opcodes
+    sub re {
+	my	$self = shift;	# single instance in enough...
+	local	*line = shift;
+	undef	$ret;
+
+	if ($line =~ /^([a-z][a-z0-9]*)/i) {
+	    $self->{op} = $1;
+	    $ret = $self;
+	    $line = substr($line,@+[0]); $line =~ s/^\s+//;
+
+	    undef $self->{sz};
+	    if ($self->{op} =~ /^(movz)b.*/) {	# movz is pain...
+		$self->{op} = $1;
+		$self->{sz} = "b";
+	    } elsif ($self->{op} =~ /call|jmp/) {
+		$self->{sz} = ""
+	    } elsif ($self->{op} =~ /([a-z]{3,})([qlwb])$/) {
+		$self->{op} = $1;
+		$self->{sz} = $2;
+	    }
+	}
+	$ret;
+    }
+    sub size {
+	my $self = shift;
+	my $sz   = shift;
+	$self->{sz} = $sz if (defined($sz) && !defined($self->{sz}));
+	$self->{sz};
+    }
+    sub out {
+	my $self = shift;
+	if ($gas) {
+	    if ($self->{op} eq "movz") {	# movz is pain...
+		sprintf "%s%s%s",$self->{op},$self->{sz},shift;
+	    } elsif ($self->{op} =~ /^set/) { 
+		"$self->{op}";
+	    } elsif ($self->{op} eq "ret") {
+		my $epilogue = "";
+		if ($win64 && $current_function->{abi} eq "svr4") {
+		    $epilogue = "movq	8(%rsp),%rdi\n\t" .
+				"movq	16(%rsp),%rsi\n\t";
+		}
+	    	$epilogue . ".byte	0xf3,0xc3";
+	    } elsif ($self->{op} eq "call" && !$elf && $current_segment eq ".init") {
+		".p2align\t3\n\t.quad";
+	    } else {
+		"$self->{op}$self->{sz}";
+	    }
+	} else {
+	    $self->{op} =~ s/^movz/movzx/;
+	    if ($self->{op} eq "ret") {
+		$self->{op} = "";
+		if ($win64 && $current_function->{abi} eq "svr4") {
+		    $self->{op} = "mov	rdi,QWORD${PTR}[8+rsp]\t;WIN64 epilogue\n\t".
+				  "mov	rsi,QWORD${PTR}[16+rsp]\n\t";
+	    	}
+		$self->{op} .= "DB\t0F3h,0C3h\t\t;repret";
+	    } elsif ($self->{op} =~ /^(pop|push)f/) {
+		$self->{op} .= $self->{sz};
+	    } elsif ($self->{op} eq "call" && $current_segment eq ".CRT\$XCU") {
+		$self->{op} = "ALIGN\t8\n\tDQ";
+	    } 
+	    $self->{op};
+	}
+    }
+    sub mnemonic {
+	my $self=shift;
+	my $op=shift;
+	$self->{op}=$op if (defined($op));
+	$self->{op};
+    }
+}
+{ package const;	# pick up constants, which start with $
+    sub re {
+	my	$self = shift;	# single instance in enough...
+	local	*line = shift;
+	undef	$ret;
+
+	if ($line =~ /^\$([^,]+)/) {
+	    $self->{value} = $1;
+	    $ret = $self;
+	    $line = substr($line,@+[0]); $line =~ s/^\s+//;
+	}
+	$ret;
+    }
+    sub out {
+    	my $self = shift;
+
+	if ($gas) {
+	    # Solaris /usr/ccs/bin/as can't handle multiplications
+	    # in $self->{value}
+	    $self->{value} =~ s/(?<![0-9a-f])(0[x0-9a-f]+)/oct($1)/egi;
+	    $self->{value} =~ s/([0-9]+\s*[\*\/\%]\s*[0-9]+)/eval($1)/eg;
+	    sprintf "\$%s",$self->{value};
+	} else {
+	    $self->{value} =~ s/(0b[0-1]+)/oct($1)/eig;
+	    $self->{value} =~ s/0x([0-9a-f]+)/0$1h/ig if ($masm);
+	    sprintf "%s",$self->{value};
+	}
+    }
+}
+{ package ea;		# pick up effective addresses: expr(%reg,%reg,scale)
+    sub re {
+	my	$self = shift;	# single instance in enough...
+	local	*line = shift;
+	undef	$ret;
+
+	# optional * ---vvv--- appears in indirect jmp/call
+	if ($line =~ /^(\*?)([^\(,]*)\(([%\w,]+)\)/) {
+	    $self->{asterisk} = $1;
+	    $self->{label} = $2;
+	    ($self->{base},$self->{index},$self->{scale})=split(/,/,$3);
+	    $self->{scale} = 1 if (!defined($self->{scale}));
+	    $ret = $self;
+	    $line = substr($line,@+[0]); $line =~ s/^\s+//;
+
+	    if ($win64 && $self->{label} =~ s/\@GOTPCREL//) {
+		die if (opcode->mnemonic() ne "mov");
+		opcode->mnemonic("lea");
+	    }
+	    $self->{base}  =~ s/^%//;
+	    $self->{index} =~ s/^%// if (defined($self->{index}));
+	}
+	$ret;
+    }
+    sub size {}
+    sub out {
+    	my $self = shift;
+	my $sz = shift;
+
+	$self->{label} =~ s/([_a-z][_a-z0-9]*)/$globals{$1} or $1/gei;
+	$self->{label} =~ s/\.L/$decor/g;
+
+	# Silently convert all EAs to 64-bit. This is required for
+	# elder GNU assembler and results in more compact code,
+	# *but* most importantly AES module depends on this feature!
+	$self->{index} =~ s/^[er](.?[0-9xpi])[d]?$/r\1/;
+	$self->{base}  =~ s/^[er](.?[0-9xpi])[d]?$/r\1/;
+
+	if ($gas) {
+	    # Solaris /usr/ccs/bin/as can't handle multiplications
+	    # in $self->{label}, new gas requires sign extension...
+	    use integer;
+	    $self->{label} =~ s/(?<![0-9a-f])(0[x0-9a-f]+)/oct($1)/egi;
+	    $self->{label} =~ s/([0-9]+\s*[\*\/\%]\s*[0-9]+)/eval($1)/eg;
+	    $self->{label} =~ s/([0-9]+)/$1<<32>>32/eg;
+	    $self->{label} =~ s/^___imp_/__imp__/   if ($flavour eq "mingw64");
+
+	    if (defined($self->{index})) {
+		sprintf "%s%s(%%%s,%%%s,%d)",$self->{asterisk},
+					$self->{label},$self->{base},
+					$self->{index},$self->{scale};
+	    } else {
+		sprintf "%s%s(%%%s)",	$self->{asterisk},$self->{label},$self->{base};
+	    }
+	} else {
+	    %szmap = ( b=>"BYTE$PTR", w=>"WORD$PTR", l=>"DWORD$PTR", q=>"QWORD$PTR" );
+
+	    $self->{label} =~ s/\./\$/g;
+	    $self->{label} =~ s/0x([0-9a-f]+)/0$1h/ig;
+	    $self->{label} = "($self->{label})" if ($self->{label} =~ /[\*\+\-\/]/);
+	    $sz="q" if ($self->{asterisk});
+
+	    if (defined($self->{index})) {
+		sprintf "%s[%s%s*%d+%s]",$szmap{$sz},
+					$self->{label}?"$self->{label}+":"",
+					$self->{index},$self->{scale},
+					$self->{base};
+	    } elsif ($self->{base} eq "rip") {
+		sprintf "%s[%s]",$szmap{$sz},$self->{label};
+	    } else {
+		sprintf "%s[%s%s]",$szmap{$sz},
+					$self->{label}?"$self->{label}+":"",
+					$self->{base};
+	    }
+	}
+    }
+}
+{ package register;	# pick up registers, which start with %.
+    sub re {
+	my	$class = shift;	# muliple instances...
+	my	$self = {};
+	local	*line = shift;
+	undef	$ret;
+
+	# optional * ---vvv--- appears in indirect jmp/call
+	if ($line =~ /^(\*?)%(\w+)/) {
+	    bless $self,$class;
+	    $self->{asterisk} = $1;
+	    $self->{value} = $2;
+	    $ret = $self;
+	    $line = substr($line,@+[0]); $line =~ s/^\s+//;
+	}
+	$ret;
+    }
+    sub size {
+	my	$self = shift;
+	undef	$ret;
+
+	if    ($self->{value} =~ /^r[\d]+b$/i)	{ $ret="b"; }
+	elsif ($self->{value} =~ /^r[\d]+w$/i)	{ $ret="w"; }
+	elsif ($self->{value} =~ /^r[\d]+d$/i)	{ $ret="l"; }
+	elsif ($self->{value} =~ /^r[\w]+$/i)	{ $ret="q"; }
+	elsif ($self->{value} =~ /^[a-d][hl]$/i){ $ret="b"; }
+	elsif ($self->{value} =~ /^[\w]{2}l$/i)	{ $ret="b"; }
+	elsif ($self->{value} =~ /^[\w]{2}$/i)	{ $ret="w"; }
+	elsif ($self->{value} =~ /^e[a-z]{2}$/i){ $ret="l"; }
+
+	$ret;
+    }
+    sub out {
+    	my $self = shift;
+	if ($gas)	{ sprintf "%s%%%s",$self->{asterisk},$self->{value}; }
+	else		{ $self->{value}; }
+    }
+}
+{ package label;	# pick up labels, which end with :
+    sub re {
+	my	$self = shift;	# single instance is enough...
+	local	*line = shift;
+	undef	$ret;
+
+	if ($line =~ /(^[\.\w]+)\:/) {
+	    $self->{value} = $1;
+	    $ret = $self;
+	    $line = substr($line,@+[0]); $line =~ s/^\s+//;
+
+	    $self->{value} =~ s/^\.L/$decor/;
+	}
+	$ret;
+    }
+    sub out {
+	my $self = shift;
+
+	if ($gas) {
+	    my $func = ($globals{$self->{value}} or $self->{value}) . ":";
+	    if ($win64	&&
+			$current_function->{name} eq $self->{value} &&
+			$current_function->{abi} eq "svr4") {
+		$func .= "\n";
+		$func .= "	movq	%rdi,8(%rsp)\n";
+		$func .= "	movq	%rsi,16(%rsp)\n";
+		$func .= "	movq	%rsp,%rax\n";
+		$func .= "${decor}SEH_begin_$current_function->{name}:\n";
+		my $narg = $current_function->{narg};
+		$narg=6 if (!defined($narg));
+		$func .= "	movq	%rcx,%rdi\n" if ($narg>0);
+		$func .= "	movq	%rdx,%rsi\n" if ($narg>1);
+		$func .= "	movq	%r8,%rdx\n"  if ($narg>2);
+		$func .= "	movq	%r9,%rcx\n"  if ($narg>3);
+		$func .= "	movq	40(%rsp),%r8\n" if ($narg>4);
+		$func .= "	movq	48(%rsp),%r9\n" if ($narg>5);
+	    }
+	    $func;
+	} elsif ($self->{value} ne "$current_function->{name}") {
+	    $self->{value} .= ":" if ($masm && $ret!~m/^\$/);
+	    $self->{value} . ":";
+	} elsif ($win64 && $current_function->{abi} eq "svr4") {
+	    my $func =	"$current_function->{name}" .
+			($nasm ? ":" : "\tPROC $current_function->{scope}") .
+			"\n";
+	    $func .= "	mov	QWORD${PTR}[8+rsp],rdi\t;WIN64 prologue\n";
+	    $func .= "	mov	QWORD${PTR}[16+rsp],rsi\n";
+	    $func .= "	mov	rax,rsp\n";
+	    $func .= "${decor}SEH_begin_$current_function->{name}:";
+	    $func .= ":" if ($masm);
+	    $func .= "\n";
+	    my $narg = $current_function->{narg};
+	    $narg=6 if (!defined($narg));
+	    $func .= "	mov	rdi,rcx\n" if ($narg>0);
+	    $func .= "	mov	rsi,rdx\n" if ($narg>1);
+	    $func .= "	mov	rdx,r8\n"  if ($narg>2);
+	    $func .= "	mov	rcx,r9\n"  if ($narg>3);
+	    $func .= "	mov	r8,QWORD${PTR}[40+rsp]\n" if ($narg>4);
+	    $func .= "	mov	r9,QWORD${PTR}[48+rsp]\n" if ($narg>5);
+	    $func .= "\n";
+	} else {
+	   "$current_function->{name}".
+			($nasm ? ":" : "\tPROC $current_function->{scope}");
+	}
+    }
+}
+{ package expr;		# pick up expressioins
+    sub re {
+	my	$self = shift;	# single instance is enough...
+	local	*line = shift;
+	undef	$ret;
+
+	if ($line =~ /(^[^,]+)/) {
+	    $self->{value} = $1;
+	    $ret = $self;
+	    $line = substr($line,@+[0]); $line =~ s/^\s+//;
+
+	    $self->{value} =~ s/\@PLT// if (!$elf);
+	    $self->{value} =~ s/([_a-z][_a-z0-9]*)/$globals{$1} or $1/gei;
+	    $self->{value} =~ s/\.L/$decor/g;
+	}
+	$ret;
+    }
+    sub out {
+	my $self = shift;
+	if ($nasm && opcode->mnemonic()=~m/^j/) {
+	    "NEAR ".$self->{value};
+	} else {
+	    $self->{value};
+	}
+    }
+}
+{ package directive;	# pick up directives, which start with .
+    sub re {
+	my	$self = shift;	# single instance is enough...
+	local	*line = shift;
+	undef	$ret;
+	my	$dir;
+	my	%opcode =	# lea 2f-1f(%rip),%dst; 1: nop; 2:
+		(	"%rax"=>0x01058d48,	"%rcx"=>0x010d8d48,
+			"%rdx"=>0x01158d48,	"%rbx"=>0x011d8d48,
+			"%rsp"=>0x01258d48,	"%rbp"=>0x012d8d48,
+			"%rsi"=>0x01358d48,	"%rdi"=>0x013d8d48,
+			"%r8" =>0x01058d4c,	"%r9" =>0x010d8d4c,
+			"%r10"=>0x01158d4c,	"%r11"=>0x011d8d4c,
+			"%r12"=>0x01258d4c,	"%r13"=>0x012d8d4c,
+			"%r14"=>0x01358d4c,	"%r15"=>0x013d8d4c	);
+
+	if ($line =~ /^\s*(\.\w+)/) {
+	    $dir = $1;
+	    $ret = $self;
+	    undef $self->{value};
+	    $line = substr($line,@+[0]); $line =~ s/^\s+//;
+
+	    SWITCH: for ($dir) {
+		/\.picmeup/ && do { if ($line =~ /(%r[\w]+)/i) {
+			    		$dir="\t.long";
+					$line=sprintf "0x%x,0x90000000",$opcode{$1};
+				    }
+				    last;
+				  };
+		/\.global|\.globl|\.extern/
+			    && do { $globals{$line} = $prefix . $line;
+				    $line = $globals{$line} if ($prefix);
+				    last;
+				  };
+		/\.type/    && do { ($sym,$type,$narg) = split(',',$line);
+				    if ($type eq "\@function") {
+					undef $current_function;
+					$current_function->{name} = $sym;
+					$current_function->{abi}  = "svr4";
+					$current_function->{narg} = $narg;
+					$current_function->{scope} = defined($globals{$sym})?"PUBLIC":"PRIVATE";
+				    } elsif ($type eq "\@abi-omnipotent") {
+					undef $current_function;
+					$current_function->{name} = $sym;
+					$current_function->{scope} = defined($globals{$sym})?"PUBLIC":"PRIVATE";
+				    }
+				    $line =~ s/\@abi\-omnipotent/\@function/;
+				    $line =~ s/\@function.*/\@function/;
+				    last;
+				  };
+		/\.asciz/   && do { if ($line =~ /^"(.*)"$/) {
+					$dir  = ".byte";
+					$line = join(",",unpack("C*",$1),0);
+				    }
+				    last;
+				  };
+		/\.rva|\.long|\.quad/
+			    && do { $line =~ s/([_a-z][_a-z0-9]*)/$globals{$1} or $1/gei;
+				    $line =~ s/\.L/$decor/g;
+				    last;
+				  };
+	    }
+
+	    if ($gas) {
+		$self->{value} = $dir . "\t" . $line;
+
+		if ($dir =~ /\.extern/) {
+		    $self->{value} = ""; # swallow extern
+		} elsif (!$elf && $dir =~ /\.type/) {
+		    $self->{value} = "";
+		    $self->{value} = ".def\t" . ($globals{$1} or $1) . ";\t" .
+				(defined($globals{$1})?".scl 2;":".scl 3;") .
+				"\t.type 32;\t.endef"
+				if ($win64 && $line =~ /([^,]+),\@function/);
+		} elsif (!$elf && $dir =~ /\.size/) {
+		    $self->{value} = "";
+		    if (defined($current_function)) {
+			$self->{value} .= "${decor}SEH_end_$current_function->{name}:"
+				if ($win64 && $current_function->{abi} eq "svr4");
+			undef $current_function;
+		    }
+		} elsif (!$elf && $dir =~ /\.align/) {
+		    $self->{value} = ".p2align\t" . (log($line)/log(2));
+		} elsif ($dir eq ".section") {
+		    $current_segment=$line;
+		    if (!$elf && $current_segment eq ".init") {
+			if	($flavour eq "macosx")	{ $self->{value} = ".mod_init_func"; }
+			elsif	($flavour eq "mingw64")	{ $self->{value} = ".section\t.ctors"; }
+		    }
+		} elsif ($dir =~ /\.(text|data)/) {
+		    $current_segment=".$1";
+		}
+		$line = "";
+		return $self;
+	    }
+
+	    # non-gas case or nasm/masm
+	    SWITCH: for ($dir) {
+		/\.text/    && do { my $v=undef;
+				    if ($nasm) {
+					$v="section	.text code align=64\n";
+				    } else {
+					$v="$current_segment\tENDS\n" if ($current_segment);
+					$current_segment = ".text\$";
+					$v.="$current_segment\tSEGMENT ";
+					$v.=$masm>=$masmref ? "ALIGN(64)" : "PAGE";
+					$v.=" 'CODE'";
+				    }
+				    $self->{value} = $v;
+				    last;
+				  };
+		/\.data/    && do { my $v=undef;
+				    if ($nasm) {
+					$v="section	.data data align=8\n";
+				    } else {
+					$v="$current_segment\tENDS\n" if ($current_segment);
+					$current_segment = "_DATA";
+					$v.="$current_segment\tSEGMENT";
+				    }
+				    $self->{value} = $v;
+				    last;
+				  };
+		/\.section/ && do { my $v=undef;
+				    $line =~ s/([^,]*).*/$1/;
+				    $line = ".CRT\$XCU" if ($line eq ".init");
+				    if ($nasm) {
+					$v="section	$line";
+					if ($line=~/\.([px])data/) {
+					    $v.=" rdata align=";
+					    $v.=$1 eq "p"? 4 : 8;
+					}
+				    } else {
+					$v="$current_segment\tENDS\n" if ($current_segment);
+					$v.="$line\tSEGMENT";
+					if ($line=~/\.([px])data/) {
+					    $v.=" READONLY";
+					    $v.=" ALIGN(".($1 eq "p" ? 4 : 8).")" if ($masm>=$masmref);
+					}
+				    }
+				    $current_segment = $line;
+				    $self->{value} = $v;
+				    last;
+				  };
+		/\.extern/  && do { $self->{value}  = "EXTERN\t".$line;
+				    $self->{value} .= ":NEAR" if ($masm);
+				    last;
+				  };
+		/\.globl|.global/
+			    && do { $self->{value}  = $masm?"PUBLIC":"global";
+				    $self->{value} .= "\t".$line;
+				    last;
+				  };
+		/\.size/    && do { if (defined($current_function)) {
+					undef $self->{value};
+					if ($current_function->{abi} eq "svr4") {
+					    $self->{value}="${decor}SEH_end_$current_function->{name}:";
+					    $self->{value}.=":\n" if($masm);
+					}
+					$self->{value}.="$current_function->{name}\tENDP" if($masm);
+					undef $current_function;
+				    }
+				    last;
+				  };
+		/\.align/   && do { $self->{value} = "ALIGN\t".$line; last; };
+		/\.(value|long|rva|quad)/
+			    && do { my $sz  = substr($1,0,1);
+				    my @arr = split(',',$line);
+				    my $last = pop(@arr);
+				    my $conv = sub  {	my $var=shift;
+							$var=~s/^(0b[0-1]+)/oct($1)/eig;
+							$var=~s/^0x([0-9a-f]+)/0$1h/ig if ($masm);
+							if ($sz eq "D" && ($current_segment=~/.[px]data/ || $dir eq ".rva"))
+							{ $var=~s/([_a-z\$\@][_a-z0-9\$\@]*)/$nasm?"$1 wrt ..imagebase":"imagerel $1"/egi; }
+							$var;
+						    };  
+
+				    $sz =~ tr/bvlrq/BWDDQ/;
+				    $self->{value} = "\tD$sz\t";
+				    for (@arr) { $self->{value} .= &$conv($_).","; }
+				    $self->{value} .= &$conv($last);
+				    last;
+				  };
+		/\.byte/    && do { my @str=split(",",$line);
+				    map(s/(0b[0-1]+)/oct($1)/eig,@str);
+				    map(s/0x([0-9a-f]+)/0$1h/ig,@str) if ($masm);	
+				    while ($#str>15) {
+					$self->{value}.="DB\t"
+						.join(",",@str[0..15])."\n";
+					foreach (0..15) { shift @str; }
+				    }
+				    $self->{value}.="DB\t"
+						.join(",",@str) if (@str);
+				    last;
+				  };
+	    }
+	    $line = "";
+	}
+
+	$ret;
+    }
+    sub out {
+	my $self = shift;
+	$self->{value};
+    }
+}
+
+if ($nasm) {
+    print <<___;
+default	rel
+___
+} elsif ($masm) {
+    print <<___;
+OPTION	DOTNAME
+___
+}
+while($line=<>) {
+
+    chomp($line);
+
+    $line =~ s|[#!].*$||;	# get rid of asm-style comments...
+    $line =~ s|/\*.*\*/||;	# ... and C-style comments...
+    $line =~ s|^\s+||;		# ... and skip white spaces in beginning
+
+    undef $label;
+    undef $opcode;
+    undef $sz;
+    undef @args;
+
+    if ($label=label->re(\$line))	{ print $label->out(); }
+
+    if (directive->re(\$line)) {
+	printf "%s",directive->out();
+    } elsif ($opcode=opcode->re(\$line)) { ARGUMENT: while (1) {
+	my $arg;
+
+	if ($arg=register->re(\$line))	{ opcode->size($arg->size()); }
+	elsif ($arg=const->re(\$line))	{ }
+	elsif ($arg=ea->re(\$line))	{ }
+	elsif ($arg=expr->re(\$line))	{ }
+	else				{ last ARGUMENT; }
+
+	push @args,$arg;
+
+	last ARGUMENT if ($line !~ /^,/);
+
+	$line =~ s/^,\s*//;
+	} # ARGUMENT:
+
+	$sz=opcode->size();
+
+	if ($#args>=0) {
+	    my $insn;
+	    if ($gas) {
+		$insn = $opcode->out($#args>=1?$args[$#args]->size():$sz);
+	    } else {
+		$insn = $opcode->out();
+		$insn .= $sz if (map($_->out() =~ /xmm|mmx/,@args));
+		@args = reverse(@args);
+		undef $sz if ($nasm && $opcode->mnemonic() eq "lea");
+	    }
+	    printf "\t%s\t%s",$insn,join(",",map($_->out($sz),@args));
+	} else {
+	    printf "\t%s",$opcode->out();
+	}
+    }
+
+    print $line,"\n";
+}
+
+print "\n$current_segment\tENDS\n"	if ($current_segment && $masm);
+print "END\n"				if ($masm);
+
+close STDOUT;
+
+#################################################
+# Cross-reference x86_64 ABI "card"
+#
+# 		Unix		Win64
+# %rax		*		*
+# %rbx		-		-
+# %rcx		#4		#1
+# %rdx		#3		#2
+# %rsi		#2		-
+# %rdi		#1		-
+# %rbp		-		-
+# %rsp		-		-
+# %r8		#5		#3
+# %r9		#6		#4
+# %r10		*		*
+# %r11		*		*
+# %r12		-		-
+# %r13		-		-
+# %r14		-		-
+# %r15		-		-
+# 
+# (*)	volatile register
+# (-)	preserved by callee
+# (#)	Nth argument, volatile
+#
+# In Unix terms top of stack is argument transfer area for arguments
+# which could not be accomodated in registers. Or in other words 7th
+# [integer] argument resides at 8(%rsp) upon function entry point.
+# 128 bytes above %rsp constitute a "red zone" which is not touched
+# by signal handlers and can be used as temporal storage without
+# allocating a frame.
+#
+# In Win64 terms N*8 bytes on top of stack is argument transfer area,
+# which belongs to/can be overwritten by callee. N is the number of
+# arguments passed to callee, *but* not less than 4! This means that
+# upon function entry point 5th argument resides at 40(%rsp), as well
+# as that 32 bytes from 8(%rsp) can always be used as temporal
+# storage [without allocating a frame]. One can actually argue that
+# one can assume a "red zone" above stack pointer under Win64 as well.
+# Point is that at apparently no occasion Windows kernel would alter
+# the area above user stack pointer in true asynchronous manner...
+#
+# All the above means that if assembler programmer adheres to Unix
+# register and stack layout, but disregards the "red zone" existense,
+# it's possible to use following prologue and epilogue to "gear" from
+# Unix to Win64 ABI in leaf functions with not more than 6 arguments.
+#
+# omnipotent_function:
+# ifdef WIN64
+#	movq	%rdi,8(%rsp)
+#	movq	%rsi,16(%rsp)
+#	movq	%rcx,%rdi	; if 1st argument is actually present
+#	movq	%rdx,%rsi	; if 2nd argument is actually ...
+#	movq	%r8,%rdx	; if 3rd argument is ...
+#	movq	%r9,%rcx	; if 4th argument ...
+#	movq	40(%rsp),%r8	; if 5th ...
+#	movq	48(%rsp),%r9	; if 6th ...
+# endif
+#	...
+# ifdef WIN64
+#	movq	8(%rsp),%rdi
+#	movq	16(%rsp),%rsi
+# endif
+#	ret
+#
+#################################################
+# Win64 SEH, Structured Exception Handling.
+#
+# Unlike on Unix systems(*) lack of Win64 stack unwinding information
+# has undesired side-effect at run-time: if an exception is raised in
+# assembler subroutine such as those in question (basically we're
+# referring to segmentation violations caused by malformed input
+# parameters), the application is briskly terminated without invoking
+# any exception handlers, most notably without generating memory dump
+# or any user notification whatsoever. This poses a problem. It's
+# possible to address it by registering custom language-specific
+# handler that would restore processor context to the state at
+# subroutine entry point and return "exception is not handled, keep
+# unwinding" code. Writing such handler can be a challenge... But it's
+# doable, though requires certain coding convention. Consider following
+# snippet:
+#
+# .type	function,@function
+# function:
+#	movq	%rsp,%rax	# copy rsp to volatile register
+#	pushq	%r15		# save non-volatile registers
+#	pushq	%rbx
+#	pushq	%rbp
+#	movq	%rsp,%r11
+#	subq	%rdi,%r11	# prepare [variable] stack frame
+#	andq	$-64,%r11
+#	movq	%rax,0(%r11)	# check for exceptions
+#	movq	%r11,%rsp	# allocate [variable] stack frame
+#	movq	%rax,0(%rsp)	# save original rsp value
+# magic_point:
+#	...
+#	movq	0(%rsp),%rcx	# pull original rsp value
+#	movq	-24(%rcx),%rbp	# restore non-volatile registers
+#	movq	-16(%rcx),%rbx
+#	movq	-8(%rcx),%r15
+#	movq	%rcx,%rsp	# restore original rsp
+#	ret
+# .size function,.-function
+#
+# The key is that up to magic_point copy of original rsp value remains
+# in chosen volatile register and no non-volatile register, except for
+# rsp, is modified. While past magic_point rsp remains constant till
+# the very end of the function. In this case custom language-specific
+# exception handler would look like this:
+#
+# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
+#		CONTEXT *context,DISPATCHER_CONTEXT *disp)
+# {	ULONG64 *rsp = (ULONG64 *)context->Rax;
+#	if (context->Rip >= magic_point)
+#	{   rsp = ((ULONG64 **)context->Rsp)[0];
+#	    context->Rbp = rsp[-3];
+#	    context->Rbx = rsp[-2];
+#	    context->R15 = rsp[-1];
+#	}
+#	context->Rsp = (ULONG64)rsp;
+#	context->Rdi = rsp[1];
+#	context->Rsi = rsp[2];
+#
+#	memcpy (disp->ContextRecord,context,sizeof(CONTEXT));
+#	RtlVirtualUnwind(UNW_FLAG_NHANDLER,disp->ImageBase,
+#		dips->ControlPc,disp->FunctionEntry,disp->ContextRecord,
+#		&disp->HandlerData,&disp->EstablisherFrame,NULL);
+#	return ExceptionContinueSearch;
+# }
+#
+# It's appropriate to implement this handler in assembler, directly in
+# function's module. In order to do that one has to know members'
+# offsets in CONTEXT and DISPATCHER_CONTEXT structures and some constant
+# values. Here they are:
+#
+#	CONTEXT.Rax				120
+#	CONTEXT.Rcx				128
+#	CONTEXT.Rdx				136
+#	CONTEXT.Rbx				144
+#	CONTEXT.Rsp				152
+#	CONTEXT.Rbp				160
+#	CONTEXT.Rsi				168
+#	CONTEXT.Rdi				176
+#	CONTEXT.R8				184
+#	CONTEXT.R9				192
+#	CONTEXT.R10				200
+#	CONTEXT.R11				208
+#	CONTEXT.R12				216
+#	CONTEXT.R13				224
+#	CONTEXT.R14				232
+#	CONTEXT.R15				240
+#	CONTEXT.Rip				248
+#	CONTEXT.Xmm6				512
+#	sizeof(CONTEXT)				1232
+#	DISPATCHER_CONTEXT.ControlPc		0
+#	DISPATCHER_CONTEXT.ImageBase		8
+#	DISPATCHER_CONTEXT.FunctionEntry	16
+#	DISPATCHER_CONTEXT.EstablisherFrame	24
+#	DISPATCHER_CONTEXT.TargetIp		32
+#	DISPATCHER_CONTEXT.ContextRecord	40
+#	DISPATCHER_CONTEXT.LanguageHandler	48
+#	DISPATCHER_CONTEXT.HandlerData		56
+#	UNW_FLAG_NHANDLER			0
+#	ExceptionContinueSearch			1
+#
+# In order to tie the handler to the function one has to compose
+# couple of structures: one for .xdata segment and one for .pdata.
+#
+# UNWIND_INFO structure for .xdata segment would be
+#
+# function_unwind_info:
+#	.byte	9,0,0,0
+#	.rva	handler
+#
+# This structure designates exception handler for a function with
+# zero-length prologue, no stack frame or frame register.
+#
+# To facilitate composing of .pdata structures, auto-generated "gear"
+# prologue copies rsp value to rax and denotes next instruction with
+# .LSEH_begin_{function_name} label. This essentially defines the SEH
+# styling rule mentioned in the beginning. Position of this label is
+# chosen in such manner that possible exceptions raised in the "gear"
+# prologue would be accounted to caller and unwound from latter's frame.
+# End of function is marked with respective .LSEH_end_{function_name}
+# label. To summarize, .pdata segment would contain
+#
+#	.rva	.LSEH_begin_function
+#	.rva	.LSEH_end_function
+#	.rva	function_unwind_info
+#
+# Reference to functon_unwind_info from .xdata segment is the anchor.
+# In case you wonder why references are 32-bit .rvas and not 64-bit
+# .quads. References put into these two segments are required to be
+# *relative* to the base address of the current binary module, a.k.a.
+# image base. No Win64 module, be it .exe or .dll, can be larger than
+# 2GB and thus such relative references can be and are accommodated in
+# 32 bits.
+#
+# Having reviewed the example function code, one can argue that "movq
+# %rsp,%rax" above is redundant. It is not! Keep in mind that on Unix
+# rax would contain an undefined value. If this "offends" you, use
+# another register and refrain from modifying rax till magic_point is
+# reached, i.e. as if it was a non-volatile register. If more registers
+# are required prior [variable] frame setup is completed, note that
+# nobody says that you can have only one "magic point." You can
+# "liberate" non-volatile registers by denoting last stack off-load
+# instruction and reflecting it in finer grade unwind logic in handler.
+# After all, isn't it why it's called *language-specific* handler...
+#
+# Attentive reader can notice that exceptions would be mishandled in
+# auto-generated "gear" epilogue. Well, exception effectively can't
+# occur there, because if memory area used by it was subject to
+# segmentation violation, then it would be raised upon call to the
+# function (and as already mentioned be accounted to caller, which is
+# not a problem). If you're still not comfortable, then define tail
+# "magic point" just prior ret instruction and have handler treat it...
+#
+# (*)	Note that we're talking about run-time, not debug-time. Lack of
+#	unwind information makes debugging hard on both Windows and
+#	Unix. "Unlike" referes to the fact that on Unix signal handler
+#	will always be invoked, core dumped and appropriate exit code
+#	returned to parent (for user notification).
diff --git a/crypto/perlasm/x86asm.pl b/crypto/perlasm/x86asm.pl
index cf2aee40ec..34244c1ce0 100644
--- a/crypto/perlasm/x86asm.pl
+++ b/crypto/perlasm/x86asm.pl
@@ -1,130 +1,224 @@
-#!/usr/local/bin/perl
+#!/usr/bin/env perl
 
 # require 'x86asm.pl';
-# &asm_init("cpp","des-586.pl");
-# XXX
-# XXX
-# main'asm_finish
-
-sub main'asm_finish
-	{
-	&file_end();
-	&asm_finish_cpp() if $cpp;
-	print &asm_get_output();
-	}
-
-sub main'asm_init
-	{
-	($type,$fn,$i386)=@_;
-	$filename=$fn;
-
-	$elf=$cpp=$coff=$aout=$win32=$netware=$mwerks=0;
-	if (	($type eq "elf"))
-		{ $elf=1; require "x86unix.pl"; }
-	elsif (	($type eq "a.out"))
-		{ $aout=1; require "x86unix.pl"; }
-	elsif (	($type eq "coff" or $type eq "gaswin"))
-		{ $coff=1; require "x86unix.pl"; }
-	elsif (	($type eq "cpp"))
-		{ $cpp=1; require "x86unix.pl"; }
-	elsif (	($type eq "win32"))
-		{ $win32=1; require "x86ms.pl"; }
-	elsif (	($type eq "win32n"))
-		{ $win32=1; require "x86nasm.pl"; }
-	elsif (	($type eq "nw-nasm"))
-		{ $netware=1; require "x86nasm.pl"; }
-	elsif (	($type eq "nw-mwasm"))
-		{ $netware=1; $mwerks=1; require "x86nasm.pl"; }
-	else
-		{
-		print STDERR <<"EOF";
+# &asm_init(<flavor>,"des-586.pl"[,$i386only]);
+# &function_begin("foo");
+# ...
+# &function_end("foo");
+# &asm_finish
+
+$out=();
+$i386=0;
+
+# AUTOLOAD is this context has quite unpleasant side effect, namely
+# that typos in function calls effectively go to assembler output,
+# but on the pros side we don't have to implement one subroutine per
+# each opcode...
+sub ::AUTOLOAD
+{ my $opcode = $AUTOLOAD;
+
+    die "more than 4 arguments passed to $opcode" if ($#_>3);
+
+    $opcode =~ s/.*:://;
+    if    ($opcode =~ /^push/) { $stack+=4; }
+    elsif ($opcode =~ /^pop/)  { $stack-=4; }
+
+    &generic($opcode,@_) or die "undefined subroutine \&$AUTOLOAD";
+}
+
+sub ::emit
+{ my $opcode=shift;
+
+    if ($#_==-1)    { push(@out,"\t$opcode\n");				}
+    else            { push(@out,"\t$opcode\t".join(',',@_)."\n");	}
+}
+
+sub ::LB
+{   $_[0] =~ m/^e?([a-d])x$/o or die "$_[0] does not have a 'low byte'";
+  $1."l";
+}
+sub ::HB
+{   $_[0] =~ m/^e?([a-d])x$/o or die "$_[0] does not have a 'high byte'";
+  $1."h";
+}
+sub ::stack_push{ my $num=$_[0]*4; $stack+=$num; &sub("esp",$num);	}
+sub ::stack_pop	{ my $num=$_[0]*4; $stack-=$num; &add("esp",$num);	}
+sub ::blindpop	{ &pop($_[0]); $stack+=4;				}
+sub ::wparam	{ &DWP($stack+4*$_[0],"esp");				}
+sub ::swtmp	{ &DWP(4*$_[0],"esp");					}
+
+sub ::bswap
+{   if ($i386)	# emulate bswap for i386
+    {	&comment("bswap @_");
+	&xchg(&HB(@_),&LB(@_));
+	&ror (@_,16);
+	&xchg(&HB(@_),&LB(@_));
+    }
+    else
+    {	&generic("bswap",@_);	}
+}
+# These are made-up opcodes introduced over the years essentially
+# by ignorance, just alias them to real ones...
+sub ::movb	{ &mov(@_);	}
+sub ::xorb	{ &xor(@_);	}
+sub ::rotl	{ &rol(@_);	}
+sub ::rotr	{ &ror(@_);	}
+sub ::exch	{ &xchg(@_);	}
+sub ::halt	{ &hlt;		}
+sub ::movz	{ &movzx(@_);	}
+sub ::pushf	{ &pushfd;	}
+sub ::popf	{ &popfd;	}
+
+# 3 argument instructions
+sub ::movq
+{ my($p1,$p2,$optimize)=@_;
+
+    if ($optimize && $p1=~/^mm[0-7]$/ && $p2=~/^mm[0-7]$/)
+    # movq between mmx registers can sink Intel CPUs
+    {	&::pshufw($p1,$p2,0xe4);		}
+    else
+    {	&::generic("movq",@_);			}
+}
+
+# AESNI extenstion
+sub ::aeskeygenassist
+{ my($dst,$src,$imm)=@_;
+    if ("$dst:$src" =~ /xmm([0-7]):xmm([0-7])/)
+    {	&data_byte(0x66,0x0f,0x3a,0xdf,0xc0|($1<<3)|$2,$imm);	}
+}
+sub ::aescommon
+{ my($opcodelet,$dst,$src)=@_;
+    if ("$dst:$src" =~ /xmm([0-7]):xmm([0-7])/)
+    {	&data_byte(0x66,0x0f,0x38,$opcodelet,0xc0|($1<<3)|$2);	}
+}
+sub ::aesimc		{ ::aescommon(0xdb,@_); }
+sub ::aesenc		{ ::aescommon(0xdc,@_); }
+sub ::aesenclast	{ ::aescommon(0xdd,@_); }
+sub ::aesdec		{ ::aescommon(0xde,@_); }
+sub ::aesdeclast	{ ::aescommon(0xdf,@_); }
+
+# label management
+$lbdecor="L";		# local label decoration, set by package
+$label="000";
+
+sub ::islabel		# see is argument is a known label
+{ my $i;
+    foreach $i (values %label) { return $i if ($i eq $_[0]); }
+  $label{$_[0]};	# can be undef
+}
+
+sub ::label		# instantiate a function-scope label
+{   if (!defined($label{$_[0]}))
+    {	$label{$_[0]}="${lbdecor}${label}${_[0]}"; $label++;   }
+  $label{$_[0]};
+}
+
+sub ::LABEL		# instantiate a file-scope label
+{   $label{$_[0]}=$_[1] if (!defined($label{$_[0]}));
+  $label{$_[0]};
+}
+
+sub ::static_label	{ &::LABEL($_[0],$lbdecor.$_[0]); }
+
+sub ::set_label_B	{ push(@out,"@_:\n"); }
+sub ::set_label
+{ my $label=&::label($_[0]);
+    &::align($_[1]) if ($_[1]>1);
+    &::set_label_B($label);
+  $label;
+}
+
+sub ::wipe_labels	# wipes function-scope labels
+{   foreach $i (keys %label)
+    {	delete $label{$i} if ($label{$i} =~ /^\Q${lbdecor}\E[0-9]{3}/);	}
+}
+
+# subroutine management
+sub ::function_begin
+{   &function_begin_B(@_);
+    $stack=4;
+    &push("ebp");
+    &push("ebx");
+    &push("esi");
+    &push("edi");
+}
+
+sub ::function_end
+{   &pop("edi");
+    &pop("esi");
+    &pop("ebx");
+    &pop("ebp");
+    &ret();
+    &function_end_B(@_);
+    $stack=0;
+    &wipe_labels();
+}
+
+sub ::function_end_A
+{   &pop("edi");
+    &pop("esi");
+    &pop("ebx");
+    &pop("ebp");
+    &ret();
+    $stack+=16;	# readjust esp as if we didn't pop anything
+}
+
+sub ::asciz
+{ my @str=unpack("C*",shift);
+    push @str,0;
+    while ($#str>15) {
+	&data_byte(@str[0..15]);
+	foreach (0..15) { shift @str; }
+    }
+    &data_byte(@str) if (@str);
+}
+
+sub ::asm_finish
+{   &file_end();
+    print @out;
+}
+
+sub ::asm_init
+{ my ($type,$fn,$cpu)=@_;
+
+    $filename=$fn;
+    $i386=$cpu;
+
+    $elf=$cpp=$coff=$aout=$macosx=$win32=$netware=$mwerks=0;
+    if    (($type eq "elf"))
+    {	$elf=1;			require "x86gas.pl";	}
+    elsif (($type eq "a\.out"))
+    {	$aout=1;		require "x86gas.pl";	}
+    elsif (($type eq "coff" or $type eq "gaswin"))
+    {	$coff=1;		require "x86gas.pl";	}
+    elsif (($type eq "win32n"))
+    {	$win32=1;		require "x86nasm.pl";	}
+    elsif (($type eq "nw-nasm"))
+    {	$netware=1;		require "x86nasm.pl";	}
+    #elsif (($type eq "nw-mwasm"))
+    #{	$netware=1; $mwerks=1;	require "x86nasm.pl";	}
+    elsif (($type eq "win32"))
+    {	$win32=1;		require "x86masm.pl";	}
+    elsif (($type eq "macosx"))
+    {	$aout=1; $macosx=1;	require "x86gas.pl";	}
+    else
+    {	print STDERR <<"EOF";
 Pick one target type from
 	elf	- Linux, FreeBSD, Solaris x86, etc.
-	a.out	- OpenBSD, DJGPP, etc.
+	a.out	- DJGPP, elder OpenBSD, etc.
 	coff	- GAS/COFF such as Win32 targets
-	win32	- Windows 95/Windows NT
 	win32n	- Windows 95/Windows NT NASM format
 	nw-nasm - NetWare NASM format
-	nw-mwasm- NetWare Metrowerks Assembler
+	macosx	- Mac OS X
 EOF
-		exit(1);
-		}
-
-	$pic=0;
-	for (@ARGV) {	$pic=1 if (/\-[fK]PIC/i);	}
-
-	&asm_init_output();
-
-&comment("Don't even think of reading this code");
-&comment("It was automatically generated by $filename");
-&comment("Which is a perl program used to generate the x86 assember for");
-&comment("any of ELF, a.out, COFF, Win32, ...");
-&comment("eric <eay\@cryptsoft.com>");
-&comment("");
-
-	$filename =~ s/\.pl$//;
-	&file($filename);
-	}
-
-sub asm_finish_cpp
-	{
-	return unless $cpp;
-
-	local($tmp,$i);
-	foreach $i (&get_labels())
-		{
-		$tmp.="#define $i _$i\n";
-		}
-	print <<"EOF";
-/* Run the C pre-processor over this file with one of the following defined
- * ELF - elf object files,
- * OUT - a.out object files,
- * BSDI - BSDI style a.out object files
- * SOL - Solaris style elf
- */
-
-#define TYPE(a,b)       .type   a,b
-#define SIZE(a,b)       .size   a,b
-
-#if defined(OUT) || (defined(BSDI) && !defined(ELF))
-$tmp
-#endif
-
-#ifdef OUT
-#define OK	1
-#define ALIGN	4
-#if defined(__CYGWIN__) || defined(__DJGPP__)
-#undef SIZE
-#undef TYPE
-#define SIZE(a,b)
-#define TYPE(a,b)	.def a; .scl 2; .type 32; .endef
-#endif /* __CYGWIN || __DJGPP */
-#endif
-
-#if defined(BSDI) && !defined(ELF)
-#define OK              1
-#define ALIGN           4
-#undef SIZE
-#undef TYPE
-#define SIZE(a,b)
-#define TYPE(a,b)
-#endif
-
-#if defined(ELF) || defined(SOL)
-#define OK              1
-#define ALIGN           16
-#endif
-
-#ifndef OK
-You need to define one of
-ELF - elf systems - linux-elf, NetBSD and DG-UX
-OUT - a.out systems - linux-a.out and FreeBSD
-SOL - solaris systems, which are elf with strange comment lines
-BSDI - a.out with a very primative version of as.
-#endif
-
-/* Let the Assembler begin :-) */
-EOF
-	}
+	exit(1);
+    }
+
+    $pic=0;
+    for (@ARGV) { $pic=1 if (/\-[fK]PIC/i); }
+
+    $filename =~ s/\.pl$//;
+    &file($filename);
+}
 
 1;
diff --git a/crypto/perlasm/x86gas.pl b/crypto/perlasm/x86gas.pl
new file mode 100644
index 0000000000..b470507730
--- /dev/null
+++ b/crypto/perlasm/x86gas.pl
@@ -0,0 +1,247 @@
+#!/usr/bin/env perl
+
+package x86gas;
+
+*out=\@::out;
+
+$::lbdecor=$::aout?"L":".L";		# local label decoration
+$nmdecor=($::aout or $::coff)?"_":"";	# external name decoration
+
+$initseg="";
+
+$align=16;
+$align=log($align)/log(2) if ($::aout);
+$com_start="#" if ($::aout or $::coff);
+
+sub opsize()
+{ my $reg=shift;
+    if    ($reg =~ m/^%e/o)		{ "l"; }
+    elsif ($reg =~ m/^%[a-d][hl]$/o)	{ "b"; }
+    elsif ($reg =~ m/^%[xm]/o)		{ undef; }
+    else				{ "w"; }
+}
+
+# swap arguments;
+# expand opcode with size suffix;
+# prefix numeric constants with $;
+sub ::generic
+{ my($opcode,@arg)=@_;
+  my($suffix,$dst,$src);
+
+    @arg=reverse(@arg);
+
+    for (@arg)
+    {	s/^(\*?)(e?[a-dsixphl]{2})$/$1%$2/o;	# gp registers
+	s/^([xy]?mm[0-7])$/%$1/o;		# xmm/mmx registers
+	s/^(\-?[0-9]+)$/\$$1/o;			# constants
+	s/^(\-?0x[0-9a-f]+)$/\$$1/o;		# constants
+    }
+
+    $dst = $arg[$#arg]		if ($#arg>=0);
+    $src = $arg[$#arg-1]	if ($#arg>=1);
+    if    ($dst =~ m/^%/o)	{ $suffix=&opsize($dst); }
+    elsif ($src =~ m/^%/o)	{ $suffix=&opsize($src); }
+    else			{ $suffix="l";           }
+    undef $suffix if ($dst =~ m/^%[xm]/o || $src =~ m/^%[xm]/o);
+
+    if ($#_==0)				{ &::emit($opcode);		}
+    elsif ($opcode =~ m/^j/o && $#_==1)	{ &::emit($opcode,@arg);	}
+    elsif ($opcode eq "call" && $#_==1)	{ &::emit($opcode,@arg);	}
+    elsif ($opcode =~ m/^set/&& $#_==1)	{ &::emit($opcode,@arg);	}
+    else				{ &::emit($opcode.$suffix,@arg);}
+
+  1;
+}
+#
+# opcodes not covered by ::generic above, mostly inconsistent namings...
+#
+sub ::movzx	{ &::movzb(@_);			}
+sub ::pushfd	{ &::pushfl;			}
+sub ::popfd	{ &::popfl;			}
+sub ::cpuid	{ &::emit(".byte\t0x0f,0xa2");	}
+sub ::rdtsc	{ &::emit(".byte\t0x0f,0x31");	}
+
+sub ::call	{ &::emit("call",(&::islabel($_[0]) or "$nmdecor$_[0]")); }
+sub ::call_ptr	{ &::generic("call","*$_[0]");	}
+sub ::jmp_ptr	{ &::generic("jmp","*$_[0]");	}
+
+*::bswap = sub	{ &::emit("bswap","%$_[0]");	} if (!$::i386);
+
+sub ::DWP
+{ my($addr,$reg1,$reg2,$idx)=@_;
+  my $ret="";
+
+    $addr =~ s/^\s+//;
+    # prepend global references with optional underscore
+    $addr =~ s/^([^\+\-0-9][^\+\-]*)/&::islabel($1) or "$nmdecor$1"/ige;
+
+    $reg1 = "%$reg1" if ($reg1);
+    $reg2 = "%$reg2" if ($reg2);
+
+    $ret .= $addr if (($addr ne "") && ($addr ne 0));
+
+    if ($reg2)
+    {	$idx!= 0 or $idx=1;
+	$ret .= "($reg1,$reg2,$idx)";
+    }
+    elsif ($reg1)
+    {	$ret .= "($reg1)";	}
+
+  $ret;
+}
+sub ::QWP	{ &::DWP(@_);	}
+sub ::BP	{ &::DWP(@_);	}
+sub ::BC	{ @_;		}
+sub ::DWC	{ @_;		}
+
+sub ::file
+{   push(@out,".file\t\"$_[0].s\"\n.text\n");	}
+
+sub ::function_begin_B
+{ my $func=shift;
+  my $global=($func !~ /^_/);
+  my $begin="${::lbdecor}_${func}_begin";
+
+    &::LABEL($func,$global?"$begin":"$nmdecor$func");
+    $func=$nmdecor.$func;
+
+    push(@out,".globl\t$func\n")	if ($global);
+    if ($::coff)
+    {	push(@out,".def\t$func;\t.scl\t".(3-$global).";\t.type\t32;\t.endef\n"); }
+    elsif (($::aout and !$::pic) or $::macosx)
+    { }
+    else
+    {	push(@out,".type	$func,\@function\n"); }
+    push(@out,".align\t$align\n");
+    push(@out,"$func:\n");
+    push(@out,"$begin:\n")		if ($global);
+    $::stack=4;
+}
+
+sub ::function_end_B
+{ my $func=shift;
+    push(@out,".size\t$nmdecor$func,.-".&::LABEL($func)."\n") if ($::elf);
+    $::stack=0;
+    &::wipe_labels();
+}
+
+sub ::comment
+	{
+	if (!defined($com_start) or $::elf)
+		{	# Regarding $::elf above...
+			# GNU and SVR4 as'es use different comment delimiters,
+		push(@out,"\n");	# so we just skip ELF comments...
+		return;
+		}
+	foreach (@_)
+		{
+		if (/^\s*$/)
+			{ push(@out,"\n"); }
+		else
+			{ push(@out,"\t$com_start $_ $com_end\n"); }
+		}
+	}
+
+sub ::external_label
+{   foreach(@_) { &::LABEL($_,$nmdecor.$_); }   }
+
+sub ::public_label
+{   push(@out,".globl\t".&::LABEL($_[0],$nmdecor.$_[0])."\n");   }
+
+sub ::file_end
+{   if (grep {/\b${nmdecor}OPENSSL_ia32cap_P\b/i} @out) {
+	my $tmp=".comm\t${nmdecor}OPENSSL_ia32cap_P,8";
+	if ($::elf)	{ push (@out,"$tmp,4\n"); }
+	else		{ push (@out,"$tmp\n"); }
+    }
+    if ($::macosx)
+    {	if (%non_lazy_ptr)
+    	{   push(@out,".section __IMPORT,__pointers,non_lazy_symbol_pointers\n");
+	    foreach $i (keys %non_lazy_ptr)
+	    {	push(@out,"$non_lazy_ptr{$i}:\n.indirect_symbol\t$i\n.long\t0\n");   }
+	}
+    }
+    push(@out,$initseg) if ($initseg);
+}
+
+sub ::data_byte	{   push(@out,".byte\t".join(',',@_)."\n");   }
+sub ::data_word {   push(@out,".long\t".join(',',@_)."\n");   }
+
+sub ::align
+{ my $val=$_[0],$p2,$i;
+    if ($::aout)
+    {	for ($p2=0;$val!=0;$val>>=1) { $p2++; }
+	$val=$p2-1;
+	$val.=",0x90";
+    }
+    push(@out,".align\t$val\n");
+}
+
+sub ::picmeup
+{ my($dst,$sym,$base,$reflabel)=@_;
+
+    if ($::pic && ($::elf || $::aout))
+    {	if (!defined($base))
+	{   &::call(&::label("PIC_me_up"));
+	    &::set_label("PIC_me_up");
+	    &::blindpop($dst);
+	    $base=$dst;
+	    $reflabel=&::label("PIC_me_up");
+	}
+	if ($::macosx)
+	{   my $indirect=&::static_label("$nmdecor$sym\$non_lazy_ptr");
+	    &::mov($dst,&::DWP("$indirect-$reflabel",$base));
+	    $non_lazy_ptr{"$nmdecor$sym"}=$indirect;
+	}
+	else
+	{   &::lea($dst,&::DWP("_GLOBAL_OFFSET_TABLE_+[.-$reflabel]",
+			    $base));
+	    &::mov($dst,&::DWP("$sym\@GOT",$dst));
+	}
+    }
+    else
+    {	&::lea($dst,&::DWP($sym));	}
+}
+
+sub ::initseg
+{ my $f=$nmdecor.shift;
+
+    if ($::elf)
+    {	$initseg.=<<___;
+.section	.init
+	call	$f
+	jmp	.Linitalign
+.align	$align
+.Linitalign:
+___
+    }
+    elsif ($::coff)
+    {   $initseg.=<<___;	# applies to both Cygwin and Mingw
+.section	.ctors
+.long	$f
+___
+    }
+    elsif ($::macosx)
+    {	$initseg.=<<___;
+.mod_init_func
+.align 2
+.long   $f
+___
+    }
+    elsif ($::aout)
+    {	my $ctor="${nmdecor}_GLOBAL_\$I\$$f";
+	$initseg.=".text\n";
+	$initseg.=".type	$ctor,\@function\n" if ($::pic);
+	$initseg.=<<___;	# OpenBSD way...
+.globl	$ctor
+.align	2
+$ctor:
+	jmp	$f
+___
+    }
+}
+
+sub ::dataseg
+{   push(@out,".data\n");   }
+
+1;
diff --git a/crypto/perlasm/x86masm.pl b/crypto/perlasm/x86masm.pl
new file mode 100644
index 0000000000..03e7ba66ae
--- /dev/null
+++ b/crypto/perlasm/x86masm.pl
@@ -0,0 +1,184 @@
+#!/usr/bin/env perl
+
+package x86masm;
+
+*out=\@::out;
+
+$::lbdecor="\$L";	# local label decoration
+$nmdecor="_";		# external name decoration
+
+$initseg="";
+$segment="";
+
+sub ::generic
+{ my ($opcode,@arg)=@_;
+
+    # fix hexadecimal constants
+    for (@arg) { s/0x([0-9a-f]+)/0$1h/oi; }
+
+    if ($opcode !~ /movq/)
+    {	# fix xmm references
+	$arg[0] =~ s/\b[A-Z]+WORD\s+PTR/XMMWORD PTR/i if ($arg[1]=~/\bxmm[0-7]\b/i);
+	$arg[1] =~ s/\b[A-Z]+WORD\s+PTR/XMMWORD PTR/i if ($arg[0]=~/\bxmm[0-7]\b/i);
+    }
+
+    &::emit($opcode,@arg);
+  1;
+}
+#
+# opcodes not covered by ::generic above, mostly inconsistent namings...
+#
+sub ::call	{ &::emit("call",(&::islabel($_[0]) or "$nmdecor$_[0]")); }
+sub ::call_ptr	{ &::emit("call",@_);	}
+sub ::jmp_ptr	{ &::emit("jmp",@_);	}
+
+sub get_mem
+{ my($size,$addr,$reg1,$reg2,$idx)=@_;
+  my($post,$ret);
+
+    $ret .= "$size PTR " if ($size ne "");
+
+    $addr =~ s/^\s+//;
+    # prepend global references with optional underscore
+    $addr =~ s/^([^\+\-0-9][^\+\-]*)/&::islabel($1) or "$nmdecor$1"/ige;
+    # put address arithmetic expression in parenthesis
+    $addr="($addr)" if ($addr =~ /^.+[\-\+].+$/);
+
+    if (($addr ne "") && ($addr ne 0))
+    {	if ($addr !~ /^-/)	{ $ret .= "$addr";  }
+	else			{ $post=$addr;      }
+    }
+    $ret .= "[";
+
+    if ($reg2 ne "")
+    {	$idx!=0 or $idx=1;
+	$ret .= "$reg2*$idx";
+	$ret .= "+$reg1" if ($reg1 ne "");
+    }
+    else
+    {	$ret .= "$reg1";   }
+
+    $ret .= "$post]";
+    $ret =~ s/\+\]/]/; # in case $addr was the only argument
+    $ret =~ s/\[\s*\]//;
+
+  $ret;
+}
+sub ::BP	{ &get_mem("BYTE",@_);  }
+sub ::DWP	{ &get_mem("DWORD",@_); }
+sub ::QWP	{ &get_mem("QWORD",@_); }
+sub ::BC	{ "@_";  }
+sub ::DWC	{ "@_"; }
+
+sub ::file
+{ my $tmp=<<___;
+TITLE	$_[0].asm
+IF \@Version LT 800
+ECHO MASM version 8.00 or later is strongly recommended.
+ENDIF
+.486
+.MODEL	FLAT
+OPTION	DOTNAME
+IF \@Version LT 800
+.text\$	SEGMENT PAGE 'CODE'
+ELSE
+.text\$	SEGMENT ALIGN(64) 'CODE'
+ENDIF
+___
+    push(@out,$tmp);
+    $segment = ".text\$";
+}
+
+sub ::function_begin_B
+{ my $func=shift;
+  my $global=($func !~ /^_/);
+  my $begin="${::lbdecor}_${func}_begin";
+
+    &::LABEL($func,$global?"$begin":"$nmdecor$func");
+    $func="ALIGN\t16\n".$nmdecor.$func."\tPROC";
+
+    if ($global)    { $func.=" PUBLIC\n${begin}::\n"; }
+    else	    { $func.=" PRIVATE\n";            }
+    push(@out,$func);
+    $::stack=4;
+}
+sub ::function_end_B
+{ my $func=shift;
+
+    push(@out,"$nmdecor$func ENDP\n");
+    $::stack=0;
+    &::wipe_labels();
+}
+
+sub ::file_end
+{ my $xmmheader=<<___;
+.686
+.XMM
+IF \@Version LT 800
+XMMWORD STRUCT 16
+DQ	2 dup (?)
+XMMWORD	ENDS
+ENDIF
+___
+    if (grep {/\b[x]?mm[0-7]\b/i} @out) {
+	grep {s/\.[3-7]86/$xmmheader/} @out;
+    }
+
+    push(@out,"$segment	ENDS\n");
+
+    if (grep {/\b${nmdecor}OPENSSL_ia32cap_P\b/i} @out)
+    {	my $comm=<<___;
+.bss	SEGMENT 'BSS'
+COMM	${nmdecor}OPENSSL_ia32cap_P:QWORD
+.bss	ENDS
+___
+	# comment out OPENSSL_ia32cap_P declarations
+	grep {s/(^EXTERN\s+${nmdecor}OPENSSL_ia32cap_P)/\;$1/} @out;
+	push (@out,$comm);
+    }
+    push (@out,$initseg) if ($initseg);
+    push (@out,"END\n");
+}
+
+sub ::comment {   foreach (@_) { push(@out,"\t; $_\n"); }   }
+
+*::set_label_B = sub
+{ my $l=shift; push(@out,$l.($l=~/^\Q${::lbdecor}\E[0-9]{3}/?":\n":"::\n")); };
+
+sub ::external_label
+{   foreach(@_)
+    {	push(@out, "EXTERN\t".&::LABEL($_,$nmdecor.$_).":NEAR\n");   }
+}
+
+sub ::public_label
+{   push(@out,"PUBLIC\t".&::LABEL($_[0],$nmdecor.$_[0])."\n");   }
+
+sub ::data_byte
+{   push(@out,("DB\t").join(',',@_)."\n");	}
+
+sub ::data_word
+{   push(@out,("DD\t").join(',',@_)."\n");	}
+
+sub ::align
+{   push(@out,"ALIGN\t$_[0]\n");	}
+
+sub ::picmeup
+{ my($dst,$sym)=@_;
+    &::lea($dst,&::DWP($sym));
+}
+
+sub ::initseg
+{ my $f=$nmdecor.shift;
+
+    $initseg.=<<___;
+.CRT\$XCU	SEGMENT DWORD PUBLIC 'DATA'
+EXTERN	$f:NEAR
+DD	$f
+.CRT\$XCU	ENDS
+___
+}
+
+sub ::dataseg
+{   push(@out,"$segment\tENDS\n_DATA\tSEGMENT\n"); $segment="_DATA";   }
+
+1;
diff --git a/crypto/perlasm/x86ms.pl b/crypto/perlasm/x86ms.pl
deleted file mode 100644
index 35ba300d04..0000000000
--- a/crypto/perlasm/x86ms.pl
+++ /dev/null
@@ -1,452 +0,0 @@
-#!/usr/local/bin/perl
-
-package x86ms;
-
-$label="L000";
-
-%lb=(	'eax',	'al',
-	'ebx',	'bl',
-	'ecx',	'cl',
-	'edx',	'dl',
-	'ax',	'al',
-	'bx',	'bl',
-	'cx',	'cl',
-	'dx',	'dl',
-	);
-
-%hb=(	'eax',	'ah',
-	'ebx',	'bh',
-	'ecx',	'ch',
-	'edx',	'dh',
-	'ax',	'ah',
-	'bx',	'bh',
-	'cx',	'ch',
-	'dx',	'dh',
-	);
-
-sub main'asm_init_output { @out=(); }
-sub main'asm_get_output { return(@out); }
-sub main'get_labels { return(@labels); }
-sub main'external_label { push(@labels,@_); }
-
-sub main'LB
-	{
-	(defined($lb{$_[0]})) || die "$_[0] does not have a 'low byte'\n";
-	return($lb{$_[0]});
-	}
-
-sub main'HB
-	{
-	(defined($hb{$_[0]})) || die "$_[0] does not have a 'high byte'\n";
-	return($hb{$_[0]});
-	}
-
-sub main'BP
-	{
-	&get_mem("BYTE",@_);
-	}
-
-sub main'DWP
-	{
-	&get_mem("DWORD",@_);
-	}
-
-sub main'QWP
-	{
-	&get_mem("QWORD",@_);
-	}
-
-sub main'BC
-	{
-	return @_;
-	}
-
-sub main'DWC
-	{
-	return @_;
-	}
-
-sub main'stack_push
-	{
-	local($num)=@_;
-	$stack+=$num*4;
-	&main'sub("esp",$num*4);
-	}
-
-sub main'stack_pop
-	{
-	local($num)=@_;
-	$stack-=$num*4;
-	&main'add("esp",$num*4);
-	}
-
-sub get_mem
-	{
-	local($size,$addr,$reg1,$reg2,$idx)=@_;
-	local($t,$post);
-	local($ret)="$size PTR ";
-
-	$addr =~ s/^\s+//;
-	if ($addr =~ /^(.+)\+(.+)$/)
-		{
-		$reg2=&conv($1);
-		$addr="_$2";
-		}
-	elsif ($addr =~ /^[_a-z][_a-z0-9]*$/i)
-		{
-		$addr="_$addr";
-		}
-
-	if ($addr =~ /^.+\-.+$/) { $addr="($addr)"; }
-
-	$reg1="$regs{$reg1}" if defined($regs{$reg1});
-	$reg2="$regs{$reg2}" if defined($regs{$reg2});
-	if (($addr ne "") && ($addr ne 0))
-		{
-		if ($addr !~ /^-/)
-			{ $ret.=$addr; }
-		else	{ $post=$addr; }
-		}
-	if ($reg2 ne "")
-		{
-		$t="";
-		$t="*$idx" if ($idx != 0);
-		$reg1="+".$reg1 if ("$reg1$post" ne "");
-		$ret.="[$reg2$t$reg1$post]";
-		}
-	else
-		{
-		$ret.="[$reg1$post]"
-		}
-	$ret =~ s/\[\]//;	# in case $addr was the only argument
-	return($ret);
-	}
-
-sub main'mov	{ &out2("mov",@_); }
-sub main'movb	{ &out2("mov",@_); }
-sub main'and	{ &out2("and",@_); }
-sub main'or	{ &out2("or",@_); }
-sub main'shl	{ &out2("shl",@_); }
-sub main'shr	{ &out2("shr",@_); }
-sub main'xor	{ &out2("xor",@_); }
-sub main'xorb	{ &out2("xor",@_); }
-sub main'add	{ &out2("add",@_); }
-sub main'adc	{ &out2("adc",@_); }
-sub main'sub	{ &out2("sub",@_); }
-sub main'sbb	{ &out2("sbb",@_); }
-sub main'rotl	{ &out2("rol",@_); }
-sub main'rotr	{ &out2("ror",@_); }
-sub main'exch	{ &out2("xchg",@_); }
-sub main'cmp	{ &out2("cmp",@_); }
-sub main'lea	{ &out2("lea",@_); }
-sub main'mul	{ &out1("mul",@_); }
-sub main'div	{ &out1("div",@_); }
-sub main'dec	{ &out1("dec",@_); }
-sub main'inc	{ &out1("inc",@_); }
-sub main'jmp	{ &out1("jmp",@_); }
-sub main'jmp_ptr { &out1p("jmp",@_); }
-sub main'je	{ &out1("je",@_); }
-sub main'jle	{ &out1("jle",@_); }
-sub main'jz	{ &out1("jz",@_); }
-sub main'jge	{ &out1("jge",@_); }
-sub main'jl	{ &out1("jl",@_); }
-sub main'ja	{ &out1("ja",@_); }
-sub main'jae	{ &out1("jae",@_); }
-sub main'jb	{ &out1("jb",@_); }
-sub main'jbe	{ &out1("jbe",@_); }
-sub main'jc	{ &out1("jc",@_); }
-sub main'jnc	{ &out1("jnc",@_); }
-sub main'jnz	{ &out1("jnz",@_); }
-sub main'jne	{ &out1("jne",@_); }
-sub main'jno	{ &out1("jno",@_); }
-sub main'push	{ &out1("push",@_); $stack+=4; }
-sub main'pop	{ &out1("pop",@_); $stack-=4; }
-sub main'pushf	{ &out0("pushfd"); $stack+=4; }
-sub main'popf	{ &out0("popfd"); $stack-=4; }
-sub main'bswap	{ &out1("bswap",@_); &using486(); }
-sub main'not	{ &out1("not",@_); }
-sub main'call	{ &out1("call",($_[0]=~/^\$L/?'':'_').$_[0]); }
-sub main'ret	{ &out0("ret"); }
-sub main'nop	{ &out0("nop"); }
-sub main'test	{ &out2("test",@_); }
-sub main'bt	{ &out2("bt",@_); }
-sub main'leave	{ &out0("leave"); }
-sub main'cpuid  { &out0("DW\t0A20Fh"); }
-sub main'rdtsc  { &out0("DW\t0310Fh"); }
-sub main'halt	{ &out0("hlt"); }
-sub main'movz	{ &out2("movzx",@_); }
-sub main'neg	{ &out1("neg",@_); }
-
-# SSE2
-sub main'emms	{ &out0("emms"); }
-sub main'movd	{ &out2("movd",@_); }
-sub main'movq	{ &out2("movq",@_); }
-sub main'movdqu	{ &out2("movdqu",@_); }
-sub main'movdqa	{ &out2("movdqa",@_); }
-sub main'movdq2q{ &out2("movdq2q",@_); }
-sub main'movq2dq{ &out2("movq2dq",@_); }
-sub main'paddq	{ &out2("paddq",@_); }
-sub main'pmuludq{ &out2("pmuludq",@_); }
-sub main'psrlq	{ &out2("psrlq",@_); }
-sub main'psllq	{ &out2("psllq",@_); }
-sub main'pxor	{ &out2("pxor",@_); }
-sub main'por	{ &out2("por",@_); }
-sub main'pand	{ &out2("pand",@_); }
-
-sub out2
-	{
-	local($name,$p1,$p2)=@_;
-	local($l,$t);
-
-	push(@out,"\t$name\t");
-	$t=&conv($p1).",";
-	$l=length($t);
-	push(@out,$t);
-	$l=4-($l+9)/8;
-	push(@out,"\t" x $l);
-	push(@out,&conv($p2));
-	push(@out,"\n");
-	}
-
-sub out0
-	{
-	local($name)=@_;
-
-	push(@out,"\t$name\n");
-	}
-
-sub out1
-	{
-	local($name,$p1)=@_;
-	local($l,$t);
-
-	push(@out,"\t$name\t".&conv($p1)."\n");
-	}
-
-sub conv
-	{
-	local($p)=@_;
-
-	$p =~ s/0x([0-9A-Fa-f]+)/0$1h/;
-	return $p;
-	}
-
-sub using486
-	{
-	return if $using486;
-	$using486++;
-	grep(s/\.386/\.486/,@out);
-	}
-
-sub main'file
-	{
-	local($file)=@_;
-
-	local($tmp)=<<"EOF";
-	TITLE	$file.asm
-        .386
-.model FLAT
-EOF
-	push(@out,$tmp);
-	}
-
-sub main'function_begin
-	{
-	local($func,$extra)=@_;
-
-	push(@labels,$func);
-
-	local($tmp)=<<"EOF";
-_TEXT\$	SEGMENT PARA
-PUBLIC	_$func
-$extra
-_$func PROC NEAR
-	push	ebp
-	push	ebx
-	push	esi
-	push	edi
-EOF
-	push(@out,$tmp);
-	$stack=20;
-	}
-
-sub main'function_begin_B
-	{
-	local($func,$extra)=@_;
-
-	local($tmp)=<<"EOF";
-_TEXT\$	SEGMENT	PARA
-PUBLIC	_$func
-$extra
-_$func PROC NEAR
-EOF
-	push(@out,$tmp);
-	$stack=4;
-	}
-
-sub main'function_end
-	{
-	local($func)=@_;
-
-	local($tmp)=<<"EOF";
-	pop	edi
-	pop	esi
-	pop	ebx
-	pop	ebp
-	ret
-_$func ENDP
-_TEXT\$	ENDS
-EOF
-	push(@out,$tmp);
-	$stack=0;
-	%label=();
-	}
-
-sub main'function_end_B
-	{
-	local($func)=@_;
-
-	local($tmp)=<<"EOF";
-_$func ENDP
-_TEXT\$	ENDS
-EOF
-	push(@out,$tmp);
-	$stack=0;
-	%label=();
-	}
-
-sub main'function_end_A
-	{
-	local($func)=@_;
-
-	local($tmp)=<<"EOF";
-	pop	edi
-	pop	esi
-	pop	ebx
-	pop	ebp
-	ret
-EOF
-	push(@out,$tmp);
-	}
-
-sub main'file_end
-	{
-	# try to detect if SSE2 or MMX extensions were used...
-	if (grep {/xmm[0-7]\s*,/i} @out) {
-		grep {s/\.[3-7]86/\.686\n\t\.XMM/} @out;
-		}
-	elsif (grep {/mm[0-7]\s*,/i} @out) {
-		grep {s/\.[3-7]86/\.686\n\t\.MMX/} @out;
-		}
-	push(@out,"END\n");
-	}
-
-sub main'wparam
-	{
-	local($num)=@_;
-
-	return(&main'DWP($stack+$num*4,"esp","",0));
-	}
-
-sub main'swtmp
-	{
-	return(&main'DWP($_[0]*4,"esp","",0));
-	}
-
-# Should use swtmp, which is above esp.  Linix can trash the stack above esp
-#sub main'wtmp
-#	{
-#	local($num)=@_;
-#
-#	return(&main'DWP(-(($num+1)*4),"esp","",0));
-#	}
-
-sub main'comment
-	{
-	foreach (@_)
-		{
-		push(@out,"\t; $_\n");
-		}
-	}
-
-sub main'public_label
-	{
-	$label{$_[0]}="_$_[0]"	if (!defined($label{$_[0]}));
-	push(@out,"PUBLIC\t$label{$_[0]}\n");
-	}
-
-sub main'label
-	{
-	if (!defined($label{$_[0]}))
-		{
-		$label{$_[0]}="\$${label}${_[0]}";
-		$label++;
-		}
-	return($label{$_[0]});
-	}
-
-sub main'set_label
-	{
-	if (!defined($label{$_[0]}))
-		{
-		$label{$_[0]}="\$${label}${_[0]}";
-		$label++;
-		}
-	if ($_[1]!=0 && $_[1]>1)
-		{
-		main'align($_[1]);
-		}
-	if((defined $_[2]) && ($_[2] == 1))
-		{
-		push(@out,"$label{$_[0]}::\n");
-		}
-	elsif ($label{$_[0]} !~ /^\$/)
-		{
-		push(@out,"$label{$_[0]}\tLABEL PTR\n");
-		}
-	else
-		{
-		push(@out,"$label{$_[0]}:\n");
-		}
-	}
-
-sub main'data_word
-	{
-	push(@out,"\tDD\t".join(',',@_)."\n");
-	}
-
-sub main'align
-	{
-	push(@out,"\tALIGN\t$_[0]\n");
-	}
-
-sub out1p
-	{
-	local($name,$p1)=@_;
-	local($l,$t);
-
-	push(@out,"\t$name\t ".&conv($p1)."\n");
-	}
-
-sub main'picmeup
-	{
-	local($dst,$sym)=@_;
-	&main'lea($dst,&main'DWP($sym));
-	}
-
-sub main'blindpop { &out1("pop",@_); }
-
-sub main'initseg 
-	{
-	local($f)=@_;
-	local($tmp)=<<___;
-OPTION	DOTNAME
-.CRT\$XIU	SEGMENT DWORD PUBLIC 'DATA'
-EXTRN	_$f:NEAR
-DD	_$f
-.CRT\$XIU	ENDS
-___
-	push(@out,$tmp);
-	}
-
-1;
diff --git a/crypto/perlasm/x86nasm.pl b/crypto/perlasm/x86nasm.pl
index b897ed0fda..1a384582bf 100644
--- a/crypto/perlasm/x86nasm.pl
+++ b/crypto/perlasm/x86nasm.pl
@@ -1,435 +1,166 @@
-#!/usr/local/bin/perl
+#!/usr/bin/env perl
 
 package x86nasm;
 
-$label="L000";
-$under=($main'netware)?'':'_';
+*out=\@::out;
 
-%lb=(	'eax',	'al',
-	'ebx',	'bl',
-	'ecx',	'cl',
-	'edx',	'dl',
-	'ax',	'al',
-	'bx',	'bl',
-	'cx',	'cl',
-	'dx',	'dl',
-	);
+$::lbdecor="L\$";		# local label decoration
+$nmdecor=$::netware?"":"_";	# external name decoration
+$drdecor=$::mwerks?".":"";	# directive decoration
 
-%hb=(	'eax',	'ah',
-	'ebx',	'bh',
-	'ecx',	'ch',
-	'edx',	'dh',
-	'ax',	'ah',
-	'bx',	'bh',
-	'cx',	'ch',
-	'dx',	'dh',
-	);
+$initseg="";
 
-sub main'asm_init_output { @out=(); }
-sub main'asm_get_output { return(@out); }
-sub main'get_labels { return(@labels); }
+sub ::generic
+{ my $opcode=shift;
+  my $tmp;
 
-sub main'external_label
-{
-	push(@labels,@_);
-	foreach (@_) {
-		push(@out,".") if ($main'mwerks);
-		push(@out, "extern\t${under}$_\n");
-	}
+    if (!$::mwerks)
+    {   if    ($opcode =~ m/^j/o && $#_==0) # optimize jumps
+	{   $_[0] = "NEAR $_[0]";   	}
+	elsif ($opcode eq "lea" && $#_==1)  # wipe storage qualifier from lea
+	{   $_[1] =~ s/^[^\[]*\[/\[/o;	}
+    }
+    &::emit($opcode,@_);
+  1;
 }
-
-sub main'LB
-	{
-	(defined($lb{$_[0]})) || die "$_[0] does not have a 'low byte'\n";
-	return($lb{$_[0]});
-	}
-
-sub main'HB
-	{
-	(defined($hb{$_[0]})) || die "$_[0] does not have a 'high byte'\n";
-	return($hb{$_[0]});
-	}
-
-sub main'BP
-	{
-	&get_mem("BYTE",@_);
-	}
-
-sub main'DWP
-	{
-	&get_mem("DWORD",@_);
-	}
-
-sub main'QWP
-	{
-	&get_mem("",@_);
-	}
-
-sub main'BC
-	{
-	return (($main'mwerks)?"":"BYTE ")."@_";
-	}
-
-sub main'DWC
-	{
-	return (($main'mwerks)?"":"DWORD ")."@_";
-	}
-
-sub main'stack_push
-	{
-	my($num)=@_;
-	$stack+=$num*4;
-	&main'sub("esp",$num*4);
-	}
-
-sub main'stack_pop
-	{
-	my($num)=@_;
-	$stack-=$num*4;
-	&main'add("esp",$num*4);
-	}
+#
+# opcodes not covered by ::generic above, mostly inconsistent namings...
+#
+sub ::call	{ &::emit("call",(&::islabel($_[0]) or "$nmdecor$_[0]")); }
+sub ::call_ptr	{ &::emit("call",@_);	}
+sub ::jmp_ptr	{ &::emit("jmp",@_);	}
 
 sub get_mem
-	{
-	my($size,$addr,$reg1,$reg2,$idx)=@_;
-	my($t,$post);
-	my($ret)=$size;
-	if ($ret ne "")
-		{
-		$ret .= " PTR" if ($main'mwerks);
-		$ret .= " ";
-		}
-	$ret .= "[";
-	$addr =~ s/^\s+//;
-	if ($addr =~ /^(.+)\+(.+)$/)
-		{
-		$reg2=&conv($1);
-		$addr="$under$2";
-		}
-	elsif ($addr =~ /^[_a-z][_a-z0-9]*$/i)
-		{
-		$addr="$under$addr";
-		}
-
-	if ($addr =~ /^.+\-.+$/) { $addr="($addr)"; }
-
-	$reg1="$regs{$reg1}" if defined($regs{$reg1});
-	$reg2="$regs{$reg2}" if defined($regs{$reg2});
-	if (($addr ne "") && ($addr ne 0))
-		{
-		if ($addr !~ /^-/)
-			{ $ret.="${addr}+"; }
-		else	{ $post=$addr; }
-		}
-	if ($reg2 ne "")
-		{
-		$t="";
-		$t="*$idx" if ($idx != 0);
-		$reg1="+".$reg1 if ("$reg1$post" ne "");
-		$ret.="$reg2$t$reg1$post]";
-		}
-	else
-		{
-		$ret.="$reg1$post]"
-		}
-	$ret =~ s/\+\]/]/; # in case $addr was the only argument
-	return($ret);
-	}
-
-sub main'mov	{ &out2("mov",@_); }
-sub main'movb	{ &out2("mov",@_); }
-sub main'and	{ &out2("and",@_); }
-sub main'or	{ &out2("or",@_); }
-sub main'shl	{ &out2("shl",@_); }
-sub main'shr	{ &out2("shr",@_); }
-sub main'xor	{ &out2("xor",@_); }
-sub main'xorb	{ &out2("xor",@_); }
-sub main'add	{ &out2("add",@_); }
-sub main'adc	{ &out2("adc",@_); }
-sub main'sub	{ &out2("sub",@_); }
-sub main'sbb	{ &out2("sbb",@_); }
-sub main'rotl	{ &out2("rol",@_); }
-sub main'rotr	{ &out2("ror",@_); }
-sub main'exch	{ &out2("xchg",@_); }
-sub main'cmp	{ &out2("cmp",@_); }
-sub main'lea	{ &out2("lea",@_); }
-sub main'mul	{ &out1("mul",@_); }
-sub main'div	{ &out1("div",@_); }
-sub main'dec	{ &out1("dec",@_); }
-sub main'inc	{ &out1("inc",@_); }
-sub main'jmp	{ &out1("jmp",@_); }
-sub main'jmp_ptr { &out1p("jmp",@_); }
-
-# This is a bit of a kludge: declare all branches as NEAR.
-$near=($main'mwerks)?'':'NEAR';
-sub main'je	{ &out1("je $near",@_); }
-sub main'jle	{ &out1("jle $near",@_); }
-sub main'jz	{ &out1("jz $near",@_); }
-sub main'jge	{ &out1("jge $near",@_); }
-sub main'jl	{ &out1("jl $near",@_); }
-sub main'ja	{ &out1("ja $near",@_); }
-sub main'jae	{ &out1("jae $near",@_); }
-sub main'jb	{ &out1("jb $near",@_); }
-sub main'jbe	{ &out1("jbe $near",@_); }
-sub main'jc	{ &out1("jc $near",@_); }
-sub main'jnc	{ &out1("jnc $near",@_); }
-sub main'jnz	{ &out1("jnz $near",@_); }
-sub main'jne	{ &out1("jne $near",@_); }
-sub main'jno	{ &out1("jno $near",@_); }
-
-sub main'push	{ &out1("push",@_); $stack+=4; }
-sub main'pop	{ &out1("pop",@_); $stack-=4; }
-sub main'pushf	{ &out0("pushfd"); $stack+=4; }
-sub main'popf	{ &out0("popfd"); $stack-=4; }
-sub main'bswap	{ &out1("bswap",@_); &using486(); }
-sub main'not	{ &out1("not",@_); }
-sub main'call	{ &out1("call",($_[0]=~/^\@L/?'':$under).$_[0]); }
-sub main'ret	{ &out0("ret"); }
-sub main'nop	{ &out0("nop"); }
-sub main'test	{ &out2("test",@_); }
-sub main'bt	{ &out2("bt",@_); }
-sub main'leave	{ &out0("leave"); }
-sub main'cpuid	{ &out0("cpuid"); }
-sub main'rdtsc	{ &out0("rdtsc"); }
-sub main'halt	{ &out0("hlt"); }
-sub main'movz	{ &out2("movzx",@_); }
-sub main'neg	{ &out1("neg",@_); }
-
-# SSE2
-sub main'emms	{ &out0("emms"); }
-sub main'movd	{ &out2("movd",@_); }
-sub main'movq	{ &out2("movq",@_); }
-sub main'movdqu	{ &out2("movdqu",@_); }
-sub main'movdqa	{ &out2("movdqa",@_); }
-sub main'movdq2q{ &out2("movdq2q",@_); }
-sub main'movq2dq{ &out2("movq2dq",@_); }
-sub main'paddq	{ &out2("paddq",@_); }
-sub main'pmuludq{ &out2("pmuludq",@_); }
-sub main'psrlq	{ &out2("psrlq",@_); }
-sub main'psllq	{ &out2("psllq",@_); }
-sub main'pxor	{ &out2("pxor",@_); }
-sub main'por	{ &out2("por",@_); }
-sub main'pand	{ &out2("pand",@_); }
-
-sub out2
-	{
-	my($name,$p1,$p2)=@_;
-	my($l,$t);
-
-	push(@out,"\t$name\t");
-	if (!$main'mwerks and $name eq "lea")
-		{
-		$p1 =~ s/^[^\[]*\[/\[/;
-		$p2 =~ s/^[^\[]*\[/\[/;
-		}
-	$t=&conv($p1).",";
-	$l=length($t);
-	push(@out,$t);
-	$l=4-($l+9)/8;
-	push(@out,"\t" x $l);
-	push(@out,&conv($p2));
-	push(@out,"\n");
-	}
-
-sub out0
-	{
-	my($name)=@_;
-
-	push(@out,"\t$name\n");
-	}
-
-sub out1
-	{
-	my($name,$p1)=@_;
-	my($l,$t);
-	push(@out,"\t$name\t".&conv($p1)."\n");
-	}
-
-sub conv
-	{
-	my($p)=@_;
-	$p =~ s/0x([0-9A-Fa-f]+)/0$1h/;
-	return $p;
-	}
-
-sub using486
-	{
-	return if $using486;
-	$using486++;
-	grep(s/\.386/\.486/,@out);
-	}
-
-sub main'file
-	{
-	push(@out,".") if ($main'mwerks);
-	push(@out,"section\t.text\n");
-	}
-
-sub main'function_begin
-	{
-	my($func,$extra)=@_;
-
-	push(@labels,$func);
-	my($tmp)=<<"EOF";
-global	$under$func
-$under$func:
-	push	ebp
-	push	ebx
-	push	esi
-	push	edi
-EOF
-	push(@out,$tmp);
-	$stack=20;
-	}
-
-sub main'function_begin_B
-	{
-	my($func,$extra)=@_;
-	my($tmp)=<<"EOF";
-global	$under$func
-$under$func:
-EOF
-	push(@out,$tmp);
-	$stack=4;
-	}
-
-sub main'function_end
-	{
-	my($func)=@_;
-
-	my($tmp)=<<"EOF";
-	pop	edi
-	pop	esi
-	pop	ebx
-	pop	ebp
-	ret
-EOF
-	push(@out,$tmp);
-	$stack=0;
-	%label=();
-	}
-
-sub main'function_end_B
-	{
-	$stack=0;
-	%label=();
-	}
-
-sub main'function_end_A
-	{
-	my($func)=@_;
-
-	my($tmp)=<<"EOF";
-	pop	edi
-	pop	esi
-	pop	ebx
-	pop	ebp
-	ret
-EOF
+{ my($size,$addr,$reg1,$reg2,$idx)=@_;
+  my($post,$ret);
+
+    if ($size ne "")
+    {	$ret .= "$size";
+	$ret .= " PTR" if ($::mwerks);
+	$ret .= " ";
+    }
+    $ret .= "[";
+
+    $addr =~ s/^\s+//;
+    # prepend global references with optional underscore
+    $addr =~ s/^([^\+\-0-9][^\+\-]*)/::islabel($1) or "$nmdecor$1"/ige;
+    # put address arithmetic expression in parenthesis
+    $addr="($addr)" if ($addr =~ /^.+[\-\+].+$/);
+
+    if (($addr ne "") && ($addr ne 0))
+    {	if ($addr !~ /^-/)	{ $ret .= "$addr+"; }
+	else			{ $post=$addr;      }
+    }
+
+    if ($reg2 ne "")
+    {	$idx!=0 or $idx=1;
+	$ret .= "$reg2*$idx";
+	$ret .= "+$reg1" if ($reg1 ne "");
+    }
+    else
+    {	$ret .= "$reg1";   }
+
+    $ret .= "$post]";
+    $ret =~ s/\+\]/]/; # in case $addr was the only argument
+
+  $ret;
+}
+sub ::BP	{ &get_mem("BYTE",@_);  }
+sub ::DWP	{ &get_mem("DWORD",@_); }
+sub ::QWP	{ &get_mem("",@_);      }
+sub ::BC	{ (($::mwerks)?"":"BYTE ")."@_";  }
+sub ::DWC	{ (($::mwerks)?"":"DWORD ")."@_"; }
+
+sub ::file
+{   if ($::mwerks)	{ push(@out,".section\t.text,64\n"); }
+    else
+    { my $tmp=<<___;
+%ifidn __OUTPUT_FORMAT__,obj
+section	code	use32 class=code align=64
+%elifidn __OUTPUT_FORMAT__,win32
+\$\@feat.00 equ 1
+section	.text	code align=64
+%else
+section	.text	code
+%endif
+___
 	push(@out,$tmp);
-	}
-
-sub main'file_end
-	{
-	}
-
-sub main'wparam
-	{
-	my($num)=@_;
+    }
+}
 
-	return(&main'DWP($stack+$num*4,"esp","",0));
-	}
+sub ::function_begin_B
+{ my $func=shift;
+  my $global=($func !~ /^_/);
+  my $begin="${::lbdecor}_${func}_begin";
 
-sub main'swtmp
-	{
-	return(&main'DWP($_[0]*4,"esp","",0));
-	}
+    $begin =~ s/^\@/./ if ($::mwerks);	# the torture never stops
 
-# Should use swtmp, which is above esp.  Linix can trash the stack above esp
-#sub main'wtmp
-#	{
-#	my($num)=@_;
-#
-#	return(&main'DWP(-(($num+1)*4),"esp","",0));
-#	}
+    &::LABEL($func,$global?"$begin":"$nmdecor$func");
+    $func=$nmdecor.$func;
 
-sub main'comment
-	{
-	foreach (@_)
-		{
-		push(@out,"\t; $_\n");
-		}
-	}
+    push(@out,"${drdecor}global	$func\n")	if ($global);
+    push(@out,"${drdecor}align	16\n");
+    push(@out,"$func:\n");
+    push(@out,"$begin:\n")			if ($global);
+    $::stack=4;
+}
 
-sub main'public_label
-	{
-	$label{$_[0]}="${under}${_[0]}"	if (!defined($label{$_[0]}));
-	push(@out,"global\t$label{$_[0]}\n");
-	}
+sub ::function_end_B
+{   $::stack=0;
+    &::wipe_labels();
+}
 
-sub main'label
-	{
-	if (!defined($label{$_[0]}))
-		{
-		$label{$_[0]}="\@${label}${_[0]}";
-		$label++;
-		}
-	return($label{$_[0]});
-	}
+sub ::file_end
+{   if (grep {/\b${nmdecor}OPENSSL_ia32cap_P\b/i} @out)
+    {	my $comm=<<___;
+${drdecor}segment	.bss
+${drdecor}common	${nmdecor}OPENSSL_ia32cap_P 8
+___
+	# comment out OPENSSL_ia32cap_P declarations
+	grep {s/(^extern\s+${nmdecor}OPENSSL_ia32cap_P)/\;$1/} @out;
+	push (@out,$comm)
+    }
+    push (@out,$initseg) if ($initseg);		
+}
 
-sub main'set_label
-	{
-	if (!defined($label{$_[0]}))
-		{
-		$label{$_[0]}="\@${label}${_[0]}";
-		$label++;
-		}
-	if ($_[1]!=0 && $_[1]>1)
-		{
-		main'align($_[1]);
-		}
-	push(@out,"$label{$_[0]}:\n");
-	}
+sub ::comment {   foreach (@_) { push(@out,"\t; $_\n"); }   }
 
-sub main'data_word
-	{
-	push(@out,(($main'mwerks)?".long\t":"DD\t").join(',',@_)."\n");
-	}
+sub ::external_label
+{   foreach(@_)
+    {	push(@out,"${drdecor}extern\t".&::LABEL($_,$nmdecor.$_)."\n");   }
+}
 
-sub main'align
-	{
-	push(@out,".") if ($main'mwerks);
-	push(@out,"align\t$_[0]\n");
-	}
+sub ::public_label
+{   push(@out,"${drdecor}global\t".&::LABEL($_[0],$nmdecor.$_[0])."\n");  }
 
-sub out1p
-	{
-	my($name,$p1)=@_;
-	my($l,$t);
+sub ::data_byte
+{   push(@out,(($::mwerks)?".byte\t":"db\t").join(',',@_)."\n");	}
 
-	push(@out,"\t$name\t ".&conv($p1)."\n");
-	}
+sub ::data_word
+{   push(@out,(($::mwerks)?".long\t":"dd\t").join(',',@_)."\n");	}
 
-sub main'picmeup
-	{
-	local($dst,$sym)=@_;
-	&main'lea($dst,&main'DWP($sym));
-	}
+sub ::align
+{   push(@out,"${drdecor}align\t$_[0]\n");	}
 
-sub main'blindpop { &out1("pop",@_); }
+sub ::picmeup
+{ my($dst,$sym)=@_;
+    &::lea($dst,&::DWP($sym));
+}
 
-sub main'initseg
-	{
-	local($f)=@_;
-	if ($main'win32)
-		{
-		local($tmp)=<<___;
-segment	.CRT\$XIU data
-extern	$under$f
-DD	$under$f
+sub ::initseg
+{ my $f=$nmdecor.shift;
+    if ($::win32)
+    {	$initseg=<<___;
+segment	.CRT\$XCU data align=4
+extern	$f
+dd	$f
 ___
-		push(@out,$tmp);
-		}
-	}
+    }
+}
+
+sub ::dataseg
+{   if ($mwerks)	{ push(@out,".section\t.data,4\n");   }
+    else		{ push(@out,"section\t.data align=4\n"); }
+}
 
 1;
diff --git a/crypto/perlasm/x86unix.pl b/crypto/perlasm/x86unix.pl
deleted file mode 100644
index 4381580be7..0000000000
--- a/crypto/perlasm/x86unix.pl
+++ /dev/null
@@ -1,744 +0,0 @@
-#!/usr/local/bin/perl
-
-package x86unix;	# GAS actually...
-
-$label="L000";
-$const="";
-$constl=0;
-
-$align=($main'aout)?"4":"16";
-$under=($main'aout or $main'coff)?"_":"";
-$dot=($main'aout)?"":".";
-$com_start="#" if ($main'aout or $main'coff);
-
-sub main'asm_init_output { @out=(); }
-sub main'asm_get_output { return(@out); }
-sub main'get_labels { return(@labels); }
-sub main'external_label { push(@labels,@_); }
-
-if ($main'cpp)
-	{
-	$align="ALIGN";
-	$under="";
-	$com_start='/*';
-	$com_end='*/';
-	}
-
-%lb=(	'eax',	'%al',
-	'ebx',	'%bl',
-	'ecx',	'%cl',
-	'edx',	'%dl',
-	'ax',	'%al',
-	'bx',	'%bl',
-	'cx',	'%cl',
-	'dx',	'%dl',
-	);
-
-%hb=(	'eax',	'%ah',
-	'ebx',	'%bh',
-	'ecx',	'%ch',
-	'edx',	'%dh',
-	'ax',	'%ah',
-	'bx',	'%bh',
-	'cx',	'%ch',
-	'dx',	'%dh',
-	);
-
-%regs=(	'eax',	'%eax',
-	'ebx',	'%ebx',
-	'ecx',	'%ecx',
-	'edx',	'%edx',
-	'esi',	'%esi',
-	'edi',	'%edi',
-	'ebp',	'%ebp',
-	'esp',	'%esp',
-
-	'mm0',	'%mm0',
-	'mm1',	'%mm1',
-	'mm2',	'%mm2',
-	'mm3',	'%mm3',
-	'mm4',	'%mm4',
-	'mm5',	'%mm5',
-	'mm6',	'%mm6',
-	'mm7',	'%mm7',
-
-	'xmm0',	'%xmm0',
-	'xmm1',	'%xmm1',
-	'xmm2',	'%xmm2',
-	'xmm3',	'%xmm3',
-	'xmm4',	'%xmm4',
-	'xmm5',	'%xmm5',
-	'xmm6',	'%xmm6',
-	'xmm7',	'%xmm7',
-	);
-
-%reg_val=(
-	'eax',	0x00,
-	'ebx',	0x03,
-	'ecx',	0x01,
-	'edx',	0x02,
-	'esi',	0x06,
-	'edi',	0x07,
-	'ebp',	0x05,
-	'esp',	0x04,
-	);
-
-sub main'LB
-	{
-	(defined($lb{$_[0]})) || die "$_[0] does not have a 'low byte'\n";
-	return($lb{$_[0]});
-	}
-
-sub main'HB
-	{
-	(defined($hb{$_[0]})) || die "$_[0] does not have a 'high byte'\n";
-	return($hb{$_[0]});
-	}
-
-sub main'DWP
-	{
-	local($addr,$reg1,$reg2,$idx)=@_;
-
-	$ret="";
-	$addr =~ s/(^|[+ \t])([A-Za-z_]+[A-Za-z0-9_]+)($|[+ \t])/$1$under$2$3/;
-	$reg1="$regs{$reg1}" if defined($regs{$reg1});
-	$reg2="$regs{$reg2}" if defined($regs{$reg2});
-	$ret.=$addr if ($addr ne "") && ($addr ne 0);
-	if ($reg2 ne "")
-		{
-		if($idx ne "" && $idx != 0)
-		    { $ret.="($reg1,$reg2,$idx)"; }
-		else
-		    { $ret.="($reg1,$reg2)"; }
-	        }
-	elsif ($reg1 ne "")
-		{ $ret.="($reg1)" }
-	return($ret);
-	}
-
-sub main'QWP
-	{
-	return(&main'DWP(@_));
-	}
-
-sub main'BP
-	{
-	return(&main'DWP(@_));
-	}
-
-sub main'BC
-	{
-	return @_;
-	}
-
-sub main'DWC
-	{
-	return @_;
-	}
-
-#sub main'BP
-#	{
-#	local($addr,$reg1,$reg2,$idx)=@_;
-#
-#	$ret="";
-#
-#	$addr =~ s/(^|[+ \t])([A-Za-z_]+)($|[+ \t])/$1$under$2$3/;
-#	$reg1="$regs{$reg1}" if defined($regs{$reg1});
-#	$reg2="$regs{$reg2}" if defined($regs{$reg2});
-#	$ret.=$addr if ($addr ne "") && ($addr ne 0);
-#	if ($reg2 ne "")
-#		{ $ret.="($reg1,$reg2,$idx)"; }
-#	else
-#		{ $ret.="($reg1)" }
-#	return($ret);
-#	}
-
-sub main'mov	{ &out2("movl",@_); }
-sub main'movb	{ &out2("movb",@_); }
-sub main'and	{ &out2("andl",@_); }
-sub main'or	{ &out2("orl",@_); }
-sub main'shl	{ &out2("sall",@_); }
-sub main'shr	{ &out2("shrl",@_); }
-sub main'xor	{ &out2("xorl",@_); }
-sub main'xorb	{ &out2("xorb",@_); }
-sub main'add	{ &out2($_[0]=~/%[a-d][lh]/?"addb":"addl",@_); }
-sub main'adc	{ &out2("adcl",@_); }
-sub main'sub	{ &out2("subl",@_); }
-sub main'sbb	{ &out2("sbbl",@_); }
-sub main'rotl	{ &out2("roll",@_); }
-sub main'rotr	{ &out2("rorl",@_); }
-sub main'exch	{ &out2($_[0]=~/%[a-d][lh]/?"xchgb":"xchgl",@_); }
-sub main'cmp	{ &out2("cmpl",@_); }
-sub main'lea	{ &out2("leal",@_); }
-sub main'mul	{ &out1("mull",@_); }
-sub main'div	{ &out1("divl",@_); }
-sub main'jmp	{ &out1("jmp",@_); }
-sub main'jmp_ptr { &out1p("jmp",@_); }
-sub main'je	{ &out1("je",@_); }
-sub main'jle	{ &out1("jle",@_); }
-sub main'jne	{ &out1("jne",@_); }
-sub main'jnz	{ &out1("jnz",@_); }
-sub main'jz	{ &out1("jz",@_); }
-sub main'jge	{ &out1("jge",@_); }
-sub main'jl	{ &out1("jl",@_); }
-sub main'ja	{ &out1("ja",@_); }
-sub main'jae	{ &out1("jae",@_); }
-sub main'jb	{ &out1("jb",@_); }
-sub main'jbe	{ &out1("jbe",@_); }
-sub main'jc	{ &out1("jc",@_); }
-sub main'jnc	{ &out1("jnc",@_); }
-sub main'jno	{ &out1("jno",@_); }
-sub main'dec	{ &out1("decl",@_); }
-sub main'inc	{ &out1($_[0]=~/%[a-d][hl]/?"incb":"incl",@_); }
-sub main'push	{ &out1("pushl",@_); $stack+=4; }
-sub main'pop	{ &out1("popl",@_); $stack-=4; }
-sub main'pushf	{ &out0("pushfl"); $stack+=4; }
-sub main'popf	{ &out0("popfl"); $stack-=4; }
-sub main'not	{ &out1("notl",@_); }
-sub main'call	{	my $pre=$under;
-			foreach $i (%label)
-			{ if ($label{$i} eq $_[0]) { $pre=''; last; } }
-			&out1("call",$pre.$_[0]);
-		}
-sub main'ret	{ &out0("ret"); }
-sub main'nop	{ &out0("nop"); }
-sub main'test	{ &out2("testl",@_); }
-sub main'bt	{ &out2("btl",@_); }
-sub main'leave	{ &out0("leave"); }
-sub main'cpuid	{ &out0(".byte\t0x0f,0xa2"); }
-sub main'rdtsc	{ &out0(".byte\t0x0f,0x31"); }
-sub main'halt	{ &out0("hlt"); }
-sub main'movz	{ &out2("movzbl",@_); }
-sub main'neg	{ &out1("negl",@_); }
-
-# SSE2
-sub main'emms	{ &out0("emms"); }
-sub main'movd	{ &out2("movd",@_); }
-sub main'movq	{ &out2("movq",@_); }
-sub main'movdqu	{ &out2("movdqu",@_); }
-sub main'movdqa	{ &out2("movdqa",@_); }
-sub main'movdq2q{ &out2("movdq2q",@_); }
-sub main'movq2dq{ &out2("movq2dq",@_); }
-sub main'paddq	{ &out2("paddq",@_); }
-sub main'pmuludq{ &out2("pmuludq",@_); }
-sub main'psrlq	{ &out2("psrlq",@_); }
-sub main'psllq	{ &out2("psllq",@_); }
-sub main'pxor	{ &out2("pxor",@_); }
-sub main'por	{ &out2("por",@_); }
-sub main'pand	{ &out2("pand",@_); }
-
-# The bswapl instruction is new for the 486. Emulate if i386.
-sub main'bswap
-	{
-	if ($main'i386)
-		{
-		&main'comment("bswapl @_");
-		&main'exch(main'HB(@_),main'LB(@_));
-		&main'rotr(@_,16);
-		&main'exch(main'HB(@_),main'LB(@_));
-		}
-	else
-		{
-		&out1("bswapl",@_);
-		}
-	}
-
-sub out2
-	{
-	local($name,$p1,$p2)=@_;
-	local($l,$ll,$t);
-	local(%special)=(	"roll",0xD1C0,"rorl",0xD1C8,
-				"rcll",0xD1D0,"rcrl",0xD1D8,
-				"shll",0xD1E0,"shrl",0xD1E8,
-				"sarl",0xD1F8);
-	
-	if ((defined($special{$name})) && defined($regs{$p1}) && ($p2 == 1))
-		{
-		$op=$special{$name}|$reg_val{$p1};
-		$tmp1=sprintf(".byte %d\n",($op>>8)&0xff);
-		$tmp2=sprintf(".byte %d\t",$op     &0xff);
-		push(@out,$tmp1);
-		push(@out,$tmp2);
-
-		$p2=&conv($p2);
-		$p1=&conv($p1);
-		&main'comment("$name $p2 $p1");
-		return;
-		}
-
-	push(@out,"\t$name\t");
-	$t=&conv($p2).",";
-	$l=length($t);
-	push(@out,$t);
-	$ll=4-($l+9)/8;
-	$tmp1=sprintf("\t" x $ll);
-	push(@out,$tmp1);
-	push(@out,&conv($p1)."\n");
-	}
-
-sub out1
-	{
-	local($name,$p1)=@_;
-	local($l,$t);
-	local(%special)=("bswapl",0x0FC8);
-
-	if ((defined($special{$name})) && defined($regs{$p1}))
-		{
-		$op=$special{$name}|$reg_val{$p1};
-		$tmp1=sprintf(".byte %d\n",($op>>8)&0xff);
-		$tmp2=sprintf(".byte %d\t",$op     &0xff);
-		push(@out,$tmp1);
-		push(@out,$tmp2);
-
-		$p2=&conv($p2);
-		$p1=&conv($p1);
-		&main'comment("$name $p2 $p1");
-		return;
-		}
-
-	push(@out,"\t$name\t".&conv($p1)."\n");
-	}
-
-sub out1p
-	{
-	local($name,$p1)=@_;
-	local($l,$t);
-
-	push(@out,"\t$name\t*".&conv($p1)."\n");
-	}
-
-sub out0
-	{
-	push(@out,"\t$_[0]\n");
-	}
-
-sub conv
-	{
-	local($p)=@_;
-
-#	$p =~ s/0x([0-9A-Fa-f]+)/0$1h/;
-
-	$p=$regs{$p} if (defined($regs{$p}));
-
-	$p =~ s/^(-{0,1}[0-9A-Fa-f]+)$/\$$1/;
-	$p =~ s/^(0x[0-9A-Fa-f]+)$/\$$1/;
-	return $p;
-	}
-
-sub main'file
-	{
-	local($file)=@_;
-
-	local($tmp)=<<"EOF";
-	.file	"$file.s"
-EOF
-	push(@out,$tmp);
-	}
-
-sub main'function_begin
-	{
-	local($func)=@_;
-
-	&main'external_label($func);
-	$func=$under.$func;
-
-	local($tmp)=<<"EOF";
-.text
-.globl	$func
-EOF
-	push(@out,$tmp);
-	if ($main'cpp)
-		{ $tmp=push(@out,"TYPE($func,\@function)\n"); }
-	elsif ($main'coff)
-		{ $tmp=push(@out,".def\t$func;\t.scl\t2;\t.type\t32;\t.endef\n"); }
-	elsif ($main'aout and !$main'pic)
-		{ }
-	else	{ $tmp=push(@out,".type\t$func,\@function\n"); }
-	push(@out,".align\t$align\n");
-	push(@out,"$func:\n");
-	$tmp=<<"EOF";
-	pushl	%ebp
-	pushl	%ebx
-	pushl	%esi
-	pushl	%edi
-
-EOF
-	push(@out,$tmp);
-	$stack=20;
-	}
-
-sub main'function_begin_B
-	{
-	local($func,$extra)=@_;
-
-	&main'external_label($func);
-	$func=$under.$func;
-
-	local($tmp)=<<"EOF";
-.text
-.globl	$func
-EOF
-	push(@out,$tmp);
-	if ($main'cpp)
-		{ push(@out,"TYPE($func,\@function)\n"); }
-	elsif ($main'coff)
-		{ $tmp=push(@out,".def\t$func;\t.scl\t2;\t.type\t32;\t.endef\n"); }
-	elsif ($main'aout and !$main'pic)
-		{ }
-	else	{ push(@out,".type	$func,\@function\n"); }
-	push(@out,".align\t$align\n");
-	push(@out,"$func:\n");
-	$stack=4;
-	}
-
-sub main'function_end
-	{
-	local($func)=@_;
-
-	$func=$under.$func;
-
-	local($tmp)=<<"EOF";
-	popl	%edi
-	popl	%esi
-	popl	%ebx
-	popl	%ebp
-	ret
-${dot}L_${func}_end:
-EOF
-	push(@out,$tmp);
-
-	if ($main'cpp)
-		{ push(@out,"SIZE($func,${dot}L_${func}_end-$func)\n"); }
-	elsif ($main'coff or $main'aout)
-                { }
-	else	{ push(@out,".size\t$func,${dot}L_${func}_end-$func\n"); }
-	push(@out,".ident	\"$func\"\n");
-	$stack=0;
-	%label=();
-	}
-
-sub main'function_end_A
-	{
-	local($func)=@_;
-
-	local($tmp)=<<"EOF";
-	popl	%edi
-	popl	%esi
-	popl	%ebx
-	popl	%ebp
-	ret
-EOF
-	push(@out,$tmp);
-	}
-
-sub main'function_end_B
-	{
-	local($func)=@_;
-
-	$func=$under.$func;
-
-	push(@out,"${dot}L_${func}_end:\n");
-	if ($main'cpp)
-		{ push(@out,"SIZE($func,${dot}L_${func}_end-$func)\n"); }
-        elsif ($main'coff or $main'aout)
-                { }
-	else	{ push(@out,".size\t$func,${dot}L_${func}_end-$func\n"); }
-	push(@out,".ident	\"$func\"\n");
-	$stack=0;
-	%label=();
-	}
-
-sub main'wparam
-	{
-	local($num)=@_;
-
-	return(&main'DWP($stack+$num*4,"esp","",0));
-	}
-
-sub main'stack_push
-	{
-	local($num)=@_;
-	$stack+=$num*4;
-	&main'sub("esp",$num*4);
-	}
-
-sub main'stack_pop
-	{
-	local($num)=@_;
-	$stack-=$num*4;
-	&main'add("esp",$num*4);
-	}
-
-sub main'swtmp
-	{
-	return(&main'DWP($_[0]*4,"esp","",0));
-	}
-
-# Should use swtmp, which is above esp.  Linix can trash the stack above esp
-#sub main'wtmp
-#	{
-#	local($num)=@_;
-#
-#	return(&main'DWP(-($num+1)*4,"esp","",0));
-#	}
-
-sub main'comment
-	{
-	if (!defined($com_start) or $main'elf)
-		{	# Regarding $main'elf above...
-			# GNU and SVR4 as'es use different comment delimiters,
-		push(@out,"\n");	# so we just skip ELF comments...
-		return;
-		}
-	foreach (@_)
-		{
-		if (/^\s*$/)
-			{ push(@out,"\n"); }
-		else
-			{ push(@out,"\t$com_start $_ $com_end\n"); }
-		}
-	}
-
-sub main'public_label
-	{
-	$label{$_[0]}="${under}${_[0]}"	if (!defined($label{$_[0]}));
-	push(@out,".globl\t$label{$_[0]}\n");
-	}
-
-sub main'label
-	{
-	if (!defined($label{$_[0]}))
-		{
-		$label{$_[0]}="${dot}${label}${_[0]}";
-		$label++;
-		}
-	return($label{$_[0]});
-	}
-
-sub main'set_label
-	{
-	if (!defined($label{$_[0]}))
-		{
-		$label{$_[0]}="${dot}${label}${_[0]}";
-		$label++;
-		}
-	if ($_[1]!=0)
-		{
-		if ($_[1]>1)	{ main'align($_[1]);		}
-		else		{ push(@out,".align $align\n");	}
-		}
-	push(@out,"$label{$_[0]}:\n");
-	}
-
-sub main'file_end
-	{
-	# try to detect if SSE2 or MMX extensions were used on ELF platform...
-	if ($main'elf && grep {/%[x]*mm[0-7]/i} @out) {
-		local($tmp);
-
-		push (@out,"\n.comm\t${under}OPENSSL_ia32cap_P,4,4\n");
-
-		push (@out,".section\t.init\n");
-		# One can argue that it's wasteful to craft every
-		# SSE/MMX module with this snippet... Well, it's 72
-		# bytes long and for the moment we have two modules.
-		# Let's argue when we have 7 modules or so...
-		#
-		# $1<<10 sets a reserved bit to signal that variable
-		# was initialized already...
-		&main'picmeup("edx","OPENSSL_ia32cap_P");
-		$tmp=<<___;
-		cmpl	\$0,(%edx)
-		jne	1f
-		movl	\$1<<10,(%edx)
-		pushf
-		popl	%eax
-		movl	%eax,%ecx
-		xorl	\$1<<21,%eax
-		pushl	%eax
-		popf
-		pushf
-		popl	%eax
-		xorl	%ecx,%eax
-		btl	\$21,%eax
-		jnc	1f
-		pushl	%edi
-		pushl	%ebx
-		movl	%edx,%edi
-		movl	\$1,%eax
-		.byte	0x0f,0xa2
-		orl	\$1<<10,%edx
-		movl	%edx,0(%edi)
-		popl	%ebx
-		popl	%edi
-	.align	$align
-	1:
-___
-		push (@out,$tmp);
-	}
-
-	if ($const ne "")
-		{
-		push(@out,".section .rodata\n");
-		push(@out,$const);
-		$const="";
-		}
-	}
-
-sub main'data_word
-	{
-	push(@out,"\t.long\t".join(',',@_)."\n");
-	}
-
-sub main'align
-	{
-	my $val=$_[0],$p2,$i;
-	if ($main'aout) {
-		for ($p2=0;$val!=0;$val>>=1) { $p2++; }
-		$val=$p2-1;
-		$val.=",0x90";
-	}
-	push(@out,".align\t$val\n");
-	}
-
-# debug output functions: puts, putx, printf
-
-sub main'puts
-	{
-	&pushvars();
-	&main'push('$Lstring' . ++$constl);
-	&main'call('puts');
-	$stack-=4;
-	&main'add("esp",4);
-	&popvars();
-
-	$const .= "Lstring$constl:\n\t.string \"@_[0]\"\n";
-	}
-
-sub main'putx
-	{
-	&pushvars();
-	&main'push($_[0]);
-	&main'push('$Lstring' . ++$constl);
-	&main'call('printf');
-	&main'add("esp",8);
-	$stack-=8;
-	&popvars();
-
-	$const .= "Lstring$constl:\n\t.string \"\%X\"\n";
-	}
-
-sub main'printf
-	{
-	$ostack = $stack;
-	&pushvars();
-	for ($i = @_ - 1; $i >= 0; $i--)
-		{
-		if ($i == 0) # change this to support %s format strings
-			{
-			&main'push('$Lstring' . ++$constl);
-			$const .= "Lstring$constl:\n\t.string \"@_[$i]\"\n";
-			}
-		else
-			{
-			if ($_[$i] =~ /([0-9]*)\(%esp\)/)
-				{
-				&main'push(($1 + $stack - $ostack) . '(%esp)');
-				}
-			else
-				{
-				&main'push($_[$i]);
-				}
-			}
-		}
-	&main'call('printf');
-	$stack-=4*@_;
-	&main'add("esp",4*@_);
-	&popvars();
-	}
-
-sub pushvars
-	{
-	&main'pushf();
-	&main'push("edx");
-	&main'push("ecx");
-	&main'push("eax");
-	}
-
-sub popvars
-	{
-	&main'pop("eax");
-	&main'pop("ecx");
-	&main'pop("edx");
-	&main'popf();
-	}
-
-sub main'picmeup
-	{
-	local($dst,$sym)=@_;
-	if ($main'cpp)
-		{
-		local($tmp)=<<___;
-#if (defined(ELF) || defined(SOL)) && defined(PIC)
-	call	1f
-1:	popl	$regs{$dst}
-	addl	\$_GLOBAL_OFFSET_TABLE_+[.-1b],$regs{$dst}
-	movl	$sym\@GOT($regs{$dst}),$regs{$dst}
-#else
-	leal	$sym,$regs{$dst}
-#endif
-___
-		push(@out,$tmp);
-		}
-	elsif ($main'pic && ($main'elf || $main'aout))
-		{
-		&main'call(&main'label("PIC_me_up"));
-		&main'set_label("PIC_me_up");
-		&main'blindpop($dst);
-		&main'add($dst,"\$${under}_GLOBAL_OFFSET_TABLE_+[.-".
-				&main'label("PIC_me_up") . "]");
-		&main'mov($dst,&main'DWP($under.$sym."\@GOT",$dst));
-		}
-	else
-		{
-		&main'lea($dst,&main'DWP($sym));
-		}
-	}
-
-sub main'blindpop { &out1("popl",@_); }
-
-sub main'initseg
-	{
-	local($f)=@_;
-	local($tmp);
-	if ($main'elf)
-		{
-		$tmp=<<___;
-.section	.init
-	call	$under$f
-	.align	$align
-___
-		}
-	elsif ($main'coff)
-		{
-		$tmp=<<___;	# applies to both Cygwin and Mingw
-.section	.ctors
-.long	$under$f
-___
-		}
-	elsif ($main'aout)
-		{
-		local($ctor)="${under}_GLOBAL_\$I\$$f";
-		$tmp=".text\n";
-		$tmp.=".type	$ctor,\@function\n" if ($main'pic);
-		$tmp.=<<___;	# OpenBSD way...
-.globl	$ctor
-.align	2
-$ctor:
-	jmp	$under$f
-___
-		}
-	push(@out,$tmp) if ($tmp);
-	}
-
-1;
diff --git a/crypto/pkcs12/.cvsignore b/crypto/pkcs12/.cvsignore
index c6d03a9dbc..439e6d3eb6 100644
--- a/crypto/pkcs12/.cvsignore
+++ b/crypto/pkcs12/.cvsignore
@@ -1,2 +1,4 @@
 lib
 Makefile.save
+*.flc
+semantic.cache
diff --git a/crypto/pkcs12/Makefile.ssl b/crypto/pkcs12/Makefile.ssl
deleted file mode 100644
index 13860527ab..0000000000
--- a/crypto/pkcs12/Makefile.ssl
+++ /dev/null
@@ -1,291 +0,0 @@
-#
-# SSLeay/crypto/pkcs12/Makefile
-#
-
-DIR=	pkcs12
-TOP=	../..
-CC=	cc
-INCLUDES= -I.. -I$(TOP) -I../../include
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC= p12_add.c p12_asn.c p12_attr.c p12_crpt.c p12_crt.c p12_decr.c \
-	p12_init.c p12_key.c p12_kiss.c p12_mutl.c\
-	p12_utl.c p12_npas.c pk12err.c p12_p8d.c p12_p8e.c
-LIBOBJ= p12_add.o p12_asn.o p12_attr.o p12_crpt.o p12_crt.o p12_decr.o \
-	p12_init.o p12_key.o p12_kiss.o p12_mutl.o\
-	p12_utl.o p12_npas.o pk12err.o p12_p8d.o p12_p8e.o
-
-SRC= $(LIBSRC)
-
-EXHEADER=  pkcs12.h
-HEADER=	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-test:
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@sh $(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-p12_add.o: ../../e_os.h ../../include/openssl/asn1.h
-p12_add.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-p12_add.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-p12_add.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-p12_add.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-p12_add.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-p12_add.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-p12_add.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-p12_add.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h
-p12_add.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-p12_add.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p12_add.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p12_add.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_add.c
-p12_asn.o: ../../e_os.h ../../include/openssl/asn1.h
-p12_asn.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
-p12_asn.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-p12_asn.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-p12_asn.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-p12_asn.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-p12_asn.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-p12_asn.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p12_asn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-p12_asn.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
-p12_asn.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-p12_asn.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-p12_asn.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-p12_asn.o: ../cryptlib.h p12_asn.c
-p12_attr.o: ../../e_os.h ../../include/openssl/asn1.h
-p12_attr.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-p12_attr.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-p12_attr.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-p12_attr.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-p12_attr.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-p12_attr.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-p12_attr.o: ../../include/openssl/opensslconf.h
-p12_attr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-p12_attr.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
-p12_attr.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-p12_attr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-p12_attr.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-p12_attr.o: ../cryptlib.h p12_attr.c
-p12_crpt.o: ../../e_os.h ../../include/openssl/asn1.h
-p12_crpt.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-p12_crpt.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-p12_crpt.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-p12_crpt.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-p12_crpt.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-p12_crpt.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-p12_crpt.o: ../../include/openssl/opensslconf.h
-p12_crpt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-p12_crpt.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
-p12_crpt.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-p12_crpt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-p12_crpt.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-p12_crpt.o: ../cryptlib.h p12_crpt.c
-p12_crt.o: ../../e_os.h ../../include/openssl/asn1.h
-p12_crt.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-p12_crt.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-p12_crt.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-p12_crt.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-p12_crt.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-p12_crt.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-p12_crt.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-p12_crt.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h
-p12_crt.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-p12_crt.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p12_crt.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p12_crt.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_crt.c
-p12_decr.o: ../../e_os.h ../../include/openssl/asn1.h
-p12_decr.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-p12_decr.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-p12_decr.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-p12_decr.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-p12_decr.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-p12_decr.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-p12_decr.o: ../../include/openssl/opensslconf.h
-p12_decr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-p12_decr.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
-p12_decr.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-p12_decr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-p12_decr.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-p12_decr.o: ../cryptlib.h p12_decr.c
-p12_init.o: ../../e_os.h ../../include/openssl/asn1.h
-p12_init.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-p12_init.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-p12_init.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-p12_init.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-p12_init.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-p12_init.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-p12_init.o: ../../include/openssl/opensslconf.h
-p12_init.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-p12_init.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
-p12_init.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-p12_init.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-p12_init.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-p12_init.o: ../cryptlib.h p12_init.c
-p12_key.o: ../../e_os.h ../../include/openssl/asn1.h
-p12_key.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-p12_key.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-p12_key.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-p12_key.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-p12_key.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-p12_key.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-p12_key.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p12_key.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-p12_key.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
-p12_key.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-p12_key.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-p12_key.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-p12_key.o: ../cryptlib.h p12_key.c
-p12_kiss.o: ../../e_os.h ../../include/openssl/asn1.h
-p12_kiss.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-p12_kiss.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-p12_kiss.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-p12_kiss.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-p12_kiss.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-p12_kiss.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-p12_kiss.o: ../../include/openssl/opensslconf.h
-p12_kiss.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-p12_kiss.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
-p12_kiss.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-p12_kiss.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-p12_kiss.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-p12_kiss.o: ../cryptlib.h p12_kiss.c
-p12_mutl.o: ../../e_os.h ../../include/openssl/asn1.h
-p12_mutl.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-p12_mutl.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-p12_mutl.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-p12_mutl.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-p12_mutl.o: ../../include/openssl/evp.h ../../include/openssl/hmac.h
-p12_mutl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-p12_mutl.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p12_mutl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-p12_mutl.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
-p12_mutl.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
-p12_mutl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p12_mutl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p12_mutl.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_mutl.c
-p12_npas.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-p12_npas.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-p12_npas.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-p12_npas.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-p12_npas.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-p12_npas.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-p12_npas.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p12_npas.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-p12_npas.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
-p12_npas.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
-p12_npas.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-p12_npas.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-p12_npas.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-p12_npas.o: p12_npas.c
-p12_p8d.o: ../../e_os.h ../../include/openssl/asn1.h
-p12_p8d.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-p12_p8d.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-p12_p8d.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-p12_p8d.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-p12_p8d.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-p12_p8d.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-p12_p8d.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-p12_p8d.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h
-p12_p8d.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-p12_p8d.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p12_p8d.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p12_p8d.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_p8d.c
-p12_p8e.o: ../../e_os.h ../../include/openssl/asn1.h
-p12_p8e.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-p12_p8e.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-p12_p8e.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-p12_p8e.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-p12_p8e.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-p12_p8e.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-p12_p8e.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-p12_p8e.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h
-p12_p8e.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-p12_p8e.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p12_p8e.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p12_p8e.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_p8e.c
-p12_utl.o: ../../e_os.h ../../include/openssl/asn1.h
-p12_utl.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-p12_utl.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-p12_utl.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-p12_utl.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-p12_utl.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-p12_utl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-p12_utl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-p12_utl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h
-p12_utl.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-p12_utl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p12_utl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p12_utl.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_utl.c
-pk12err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-pk12err.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-pk12err.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-pk12err.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-pk12err.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-pk12err.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-pk12err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-pk12err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-pk12err.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
-pk12err.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-pk12err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-pk12err.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-pk12err.o: pk12err.c
diff --git a/crypto/pkcs12/p12_add.c b/crypto/pkcs12/p12_add.c
index 1909f28506..27ac5facfa 100644
--- a/crypto/pkcs12/p12_add.c
+++ b/crypto/pkcs12/p12_add.c
@@ -1,5 +1,5 @@
 /* p12_add.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
 /* ====================================================================
@@ -68,16 +68,16 @@ PKCS12_SAFEBAG *PKCS12_item_pack_safebag(void *obj, const ASN1_ITEM *it, int nid
 	PKCS12_BAGS *bag;
 	PKCS12_SAFEBAG *safebag;
 	if (!(bag = PKCS12_BAGS_new())) {
-		PKCS12err(PKCS12_F_PKCS12_PACK_SAFEBAG, ERR_R_MALLOC_FAILURE);
+		PKCS12err(PKCS12_F_PKCS12_ITEM_PACK_SAFEBAG, ERR_R_MALLOC_FAILURE);
 		return NULL;
 	}
 	bag->type = OBJ_nid2obj(nid1);
 	if (!ASN1_item_pack(obj, it, &bag->value.octet)) {
-		PKCS12err(PKCS12_F_PKCS12_PACK_SAFEBAG, ERR_R_MALLOC_FAILURE);
+		PKCS12err(PKCS12_F_PKCS12_ITEM_PACK_SAFEBAG, ERR_R_MALLOC_FAILURE);
 		return NULL;
 	}
 	if (!(safebag = PKCS12_SAFEBAG_new())) {
-		PKCS12err(PKCS12_F_PKCS12_PACK_SAFEBAG, ERR_R_MALLOC_FAILURE);
+		PKCS12err(PKCS12_F_PKCS12_ITEM_PACK_SAFEBAG, ERR_R_MALLOC_FAILURE);
 		return NULL;
 	}
 	safebag->value.bag = bag;
@@ -106,6 +106,7 @@ PKCS12_SAFEBAG *PKCS12_MAKE_SHKEYBAG(int pbe_nid, const char *pass,
 	     PKCS8_PRIV_KEY_INFO *p8)
 {
 	PKCS12_SAFEBAG *bag;
+	const EVP_CIPHER *pbe_ciph;
 
 	/* Set up the safe bag */
 	if (!(bag = PKCS12_SAFEBAG_new())) {
@@ -114,8 +115,14 @@ PKCS12_SAFEBAG *PKCS12_MAKE_SHKEYBAG(int pbe_nid, const char *pass,
 	}
 
 	bag->type = OBJ_nid2obj(NID_pkcs8ShroudedKeyBag);
+
+	pbe_ciph = EVP_get_cipherbynid(pbe_nid);
+
+	if (pbe_ciph)
+		pbe_nid = -1;
+
 	if (!(bag->value.shkeybag = 
-	  PKCS8_encrypt(pbe_nid, NULL, pass, passlen, salt, saltlen, iter,
+	  PKCS8_encrypt(pbe_nid, pbe_ciph, pass, passlen, salt, saltlen, iter,
 									 p8))) {
 		PKCS12err(PKCS12_F_PKCS12_MAKE_SHKEYBAG, ERR_R_MALLOC_FAILURE);
 		return NULL;
@@ -148,7 +155,11 @@ PKCS7 *PKCS12_pack_p7data(STACK_OF(PKCS12_SAFEBAG) *sk)
 /* Unpack SAFEBAGS from PKCS#7 data ContentInfo */
 STACK_OF(PKCS12_SAFEBAG) *PKCS12_unpack_p7data(PKCS7 *p7)
 {
-	if(!PKCS7_type_is_data(p7)) return NULL;
+	if(!PKCS7_type_is_data(p7))
+		{
+		PKCS12err(PKCS12_F_PKCS12_UNPACK_P7DATA,PKCS12_R_CONTENT_TYPE_NOT_DATA);
+		return NULL;
+		}
 	return ASN1_item_unpack(p7->d.data, ASN1_ITEM_rptr(PKCS12_SAFEBAGS));
 }
 
@@ -160,6 +171,7 @@ PKCS7 *PKCS12_pack_p7encdata(int pbe_nid, const char *pass, int passlen,
 {
 	PKCS7 *p7;
 	X509_ALGOR *pbe;
+	const EVP_CIPHER *pbe_ciph;
 	if (!(p7 = PKCS7_new())) {
 		PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA, ERR_R_MALLOC_FAILURE);
 		return NULL;
@@ -169,7 +181,15 @@ PKCS7 *PKCS12_pack_p7encdata(int pbe_nid, const char *pass, int passlen,
 				PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE);
 		return NULL;
 	}
-	if (!(pbe = PKCS5_pbe_set(pbe_nid, iter, salt, saltlen))) {
+
+	pbe_ciph = EVP_get_cipherbynid(pbe_nid);
+
+	if (pbe_ciph)
+		pbe = PKCS5_pbe2_set(pbe_ciph, iter, salt, saltlen);
+	else
+		pbe = PKCS5_pbe_set(pbe_nid, iter, salt, saltlen);
+
+	if (!pbe) {
 		PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA, ERR_R_MALLOC_FAILURE);
 		return NULL;
 	}
@@ -211,5 +231,10 @@ int PKCS12_pack_authsafes(PKCS12 *p12, STACK_OF(PKCS7) *safes)
 
 STACK_OF(PKCS7) *PKCS12_unpack_authsafes(PKCS12 *p12)
 {
+	if (!PKCS7_type_is_data(p12->authsafes))
+		{
+		PKCS12err(PKCS12_F_PKCS12_UNPACK_AUTHSAFES,PKCS12_R_CONTENT_TYPE_NOT_DATA);
+		return NULL;
+		}
 	return ASN1_item_unpack(p12->authsafes->d.data, ASN1_ITEM_rptr(PKCS12_AUTHSAFES));
 }
diff --git a/crypto/pkcs12/p12_asn.c b/crypto/pkcs12/p12_asn.c
index a3739fee1a..6e27633817 100644
--- a/crypto/pkcs12/p12_asn.c
+++ b/crypto/pkcs12/p12_asn.c
@@ -1,5 +1,5 @@
 /* p12_asn.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
 /* ====================================================================
diff --git a/crypto/pkcs12/p12_attr.c b/crypto/pkcs12/p12_attr.c
index 026cf3826a..e4d9c25647 100644
--- a/crypto/pkcs12/p12_attr.c
+++ b/crypto/pkcs12/p12_attr.c
@@ -1,5 +1,5 @@
 /* p12_attr.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
 /* ====================================================================
@@ -139,7 +139,7 @@ char *PKCS12_get_friendlyname(PKCS12_SAFEBAG *bag)
 	ASN1_TYPE *atype;
 	if (!(atype = PKCS12_get_attr(bag, NID_friendlyName))) return NULL;
 	if (atype->type != V_ASN1_BMPSTRING) return NULL;
-	return uni2asc(atype->value.bmpstring->data,
+	return OPENSSL_uni2asc(atype->value.bmpstring->data,
 				 atype->value.bmpstring->length);
 }
 
diff --git a/crypto/pkcs12/p12_crpt.c b/crypto/pkcs12/p12_crpt.c
index d407be39ca..b71d07b4d0 100644
--- a/crypto/pkcs12/p12_crpt.c
+++ b/crypto/pkcs12/p12_crpt.c
@@ -1,5 +1,5 @@
 /* p12_crpt.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
 /* ====================================================================
@@ -60,31 +60,13 @@
 #include "cryptlib.h"
 #include <openssl/pkcs12.h>
 
-/* PKCS#12 specific PBE functions */
+/* PKCS#12 PBE algorithms now in static table */
 
 void PKCS12_PBE_add(void)
 {
-#ifndef OPENSSL_NO_RC4
-EVP_PBE_alg_add(NID_pbe_WithSHA1And128BitRC4, EVP_rc4(), EVP_sha1(),
-							 PKCS12_PBE_keyivgen);
-EVP_PBE_alg_add(NID_pbe_WithSHA1And40BitRC4, EVP_rc4_40(), EVP_sha1(),
-							 PKCS12_PBE_keyivgen);
-#endif
-#ifndef OPENSSL_NO_DES
-EVP_PBE_alg_add(NID_pbe_WithSHA1And3_Key_TripleDES_CBC,
-		 	EVP_des_ede3_cbc(), EVP_sha1(), PKCS12_PBE_keyivgen);
-EVP_PBE_alg_add(NID_pbe_WithSHA1And2_Key_TripleDES_CBC, 
-			EVP_des_ede_cbc(), EVP_sha1(), PKCS12_PBE_keyivgen);
-#endif
-#ifndef OPENSSL_NO_RC2
-EVP_PBE_alg_add(NID_pbe_WithSHA1And128BitRC2_CBC, EVP_rc2_cbc(),
-					EVP_sha1(), PKCS12_PBE_keyivgen);
-EVP_PBE_alg_add(NID_pbe_WithSHA1And40BitRC2_CBC, EVP_rc2_40_cbc(),
-					EVP_sha1(), PKCS12_PBE_keyivgen);
-#endif
 }
 
-int PKCS12_PBE_keyivgen (EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
+int PKCS12_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
 		ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md, int en_de)
 {
 	PBEPARAM *pbe;
@@ -94,10 +76,15 @@ int PKCS12_PBE_keyivgen (EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
 	unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH];
 
 	/* Extract useful info from parameter */
+	if (param == NULL || param->type != V_ASN1_SEQUENCE ||
+	    param->value.sequence == NULL) {
+		PKCS12err(PKCS12_F_PKCS12_PBE_KEYIVGEN,PKCS12_R_DECODE_ERROR);
+		return 0;
+	}
+
 	pbuf = param->value.sequence->data;
-	if (!param || (param->type != V_ASN1_SEQUENCE) ||
-	   !(pbe = d2i_PBEPARAM (NULL, &pbuf, param->value.sequence->length))) {
-		EVPerr(PKCS12_F_PKCS12_PBE_KEYIVGEN,EVP_R_DECODE_ERROR);
+	if (!(pbe = d2i_PBEPARAM(NULL, &pbuf, param->value.sequence->length))) {
+		PKCS12err(PKCS12_F_PKCS12_PBE_KEYIVGEN,PKCS12_R_DECODE_ERROR);
 		return 0;
 	}
 
diff --git a/crypto/pkcs12/p12_crt.c b/crypto/pkcs12/p12_crt.c
index 77b5845ea9..96b131defa 100644
--- a/crypto/pkcs12/p12_crt.c
+++ b/crypto/pkcs12/p12_crt.c
@@ -1,5 +1,5 @@
 /* p12_crt.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project.
  */
 /* ====================================================================
@@ -63,6 +63,19 @@
 
 static int pkcs12_add_bag(STACK_OF(PKCS12_SAFEBAG) **pbags, PKCS12_SAFEBAG *bag);
 
+static int copy_bag_attr(PKCS12_SAFEBAG *bag, EVP_PKEY *pkey, int nid)
+	{
+	int idx;
+	X509_ATTRIBUTE *attr;
+	idx = EVP_PKEY_get_attr_by_NID(pkey, nid, -1);
+	if (idx < 0)
+		return 1;
+	attr = EVP_PKEY_get_attr(pkey, idx);
+	if (!X509at_add1_attr(&bag->attrib, attr))
+		return 0;
+	return 1;
+	}
+
 PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert,
 	     STACK_OF(X509) *ca, int nid_key, int nid_cert, int iter, int mac_iter,
 	     int keytype)
@@ -123,8 +136,15 @@ PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert,
 	if (pkey)
 		{
 		bag = PKCS12_add_key(&bags, pkey, keytype, iter, nid_key, pass);
+
 		if (!bag)
 			goto err;
+
+		if (!copy_bag_attr(bag, pkey, NID_ms_csp_name))
+			goto err;
+		if (!copy_bag_attr(bag, pkey, NID_LocalKeySet))
+			goto err;
+
 		if(name && !PKCS12_add_friendlyname(bag, name, -1))
 			goto err;
 		if(keyidlen && !PKCS12_add_localkeyid(bag, keyid, keyidlen))
@@ -139,6 +159,9 @@ PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert,
 
 	p12 = PKCS12_add_safes(safes, 0);
 
+	if (!p12)
+		goto err;
+
 	sk_PKCS7_pop_free(safes, PKCS7_free);
 
 	safes = NULL;
diff --git a/crypto/pkcs12/p12_decr.c b/crypto/pkcs12/p12_decr.c
index 19c0ccff62..9d3557e8d7 100644
--- a/crypto/pkcs12/p12_decr.c
+++ b/crypto/pkcs12/p12_decr.c
@@ -1,5 +1,5 @@
 /* p12_decr.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
 /* ====================================================================
@@ -89,7 +89,14 @@ unsigned char * PKCS12_pbe_crypt(X509_ALGOR *algor, const char *pass,
 		goto err;
 	}
 
-	EVP_CipherUpdate(&ctx, out, &i, in, inlen);
+	if (!EVP_CipherUpdate(&ctx, out, &i, in, inlen))
+		{
+		OPENSSL_free(out);
+		out = NULL;
+		PKCS12err(PKCS12_F_PKCS12_PBE_CRYPT,ERR_R_EVP_LIB);
+		goto err;
+		}
+
 	outlen = i;
 	if(!EVP_CipherFinal_ex(&ctx, out + i, &i)) {
 		OPENSSL_free(out);
@@ -120,7 +127,7 @@ void * PKCS12_item_decrypt_d2i(X509_ALGOR *algor, const ASN1_ITEM *it,
 
 	if (!PKCS12_pbe_crypt(algor, pass, passlen, oct->data, oct->length,
 			       &out, &outlen, 0)) {
-		PKCS12err(PKCS12_F_PKCS12_DECRYPT_D2I,PKCS12_R_PKCS12_PBE_CRYPT_ERROR);
+		PKCS12err(PKCS12_F_PKCS12_ITEM_DECRYPT_D2I,PKCS12_R_PKCS12_PBE_CRYPT_ERROR);
 		return NULL;
 	}
 	p = out;
@@ -138,7 +145,7 @@ void * PKCS12_item_decrypt_d2i(X509_ALGOR *algor, const ASN1_ITEM *it,
 #endif
 	ret = ASN1_item_d2i(NULL, &p, outlen, it);
 	if (zbuf) OPENSSL_cleanse(out, outlen);
-	if(!ret) PKCS12err(PKCS12_F_PKCS12_DECRYPT_D2I,PKCS12_R_DECODE_ERROR);
+	if(!ret) PKCS12err(PKCS12_F_PKCS12_ITEM_DECRYPT_D2I,PKCS12_R_DECODE_ERROR);
 	OPENSSL_free(out);
 	return ret;
 }
@@ -155,17 +162,17 @@ ASN1_OCTET_STRING *PKCS12_item_i2d_encrypt(X509_ALGOR *algor, const ASN1_ITEM *i
 	unsigned char *in = NULL;
 	int inlen;
 	if (!(oct = M_ASN1_OCTET_STRING_new ())) {
-		PKCS12err(PKCS12_F_PKCS12_I2D_ENCRYPT,ERR_R_MALLOC_FAILURE);
+		PKCS12err(PKCS12_F_PKCS12_ITEM_I2D_ENCRYPT,ERR_R_MALLOC_FAILURE);
 		return NULL;
 	}
 	inlen = ASN1_item_i2d(obj, &in, it);
 	if (!in) {
-		PKCS12err(PKCS12_F_PKCS12_I2D_ENCRYPT,PKCS12_R_ENCODE_ERROR);
+		PKCS12err(PKCS12_F_PKCS12_ITEM_I2D_ENCRYPT,PKCS12_R_ENCODE_ERROR);
 		return NULL;
 	}
 	if (!PKCS12_pbe_crypt(algor, pass, passlen, in, inlen, &oct->data,
 				 &oct->length, 1)) {
-		PKCS12err(PKCS12_F_PKCS12_I2D_ENCRYPT,PKCS12_R_ENCRYPT_ERROR);
+		PKCS12err(PKCS12_F_PKCS12_ITEM_I2D_ENCRYPT,PKCS12_R_ENCRYPT_ERROR);
 		OPENSSL_free(in);
 		return NULL;
 	}
diff --git a/crypto/pkcs12/p12_init.c b/crypto/pkcs12/p12_init.c
index 5276b12669..d4d84b056a 100644
--- a/crypto/pkcs12/p12_init.c
+++ b/crypto/pkcs12/p12_init.c
@@ -1,5 +1,5 @@
 /* p12_init.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
 /* ====================================================================
@@ -62,7 +62,7 @@
 
 /* Initialise a PKCS12 structure to take data */
 
-PKCS12 *PKCS12_init (int mode)
+PKCS12 *PKCS12_init(int mode)
 {
 	PKCS12 *pkcs12;
 	if (!(pkcs12 = PKCS12_new())) {
diff --git a/crypto/pkcs12/p12_key.c b/crypto/pkcs12/p12_key.c
index 18e72d0a1b..705050ec4c 100644
--- a/crypto/pkcs12/p12_key.c
+++ b/crypto/pkcs12/p12_key.c
@@ -1,5 +1,5 @@
 /* p12_key.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
 /* ====================================================================
@@ -81,15 +81,18 @@ int PKCS12_key_gen_asc(const char *pass, int passlen, unsigned char *salt,
 	int ret;
 	unsigned char *unipass;
 	int uniplen;
+
 	if(!pass) {
 		unipass = NULL;
 		uniplen = 0;
-	} else if (!asc2uni(pass, passlen, &unipass, &uniplen)) {
+	} else if (!OPENSSL_asc2uni(pass, passlen, &unipass, &uniplen)) {
 		PKCS12err(PKCS12_F_PKCS12_KEY_GEN_ASC,ERR_R_MALLOC_FAILURE);
 		return 0;
 	}
 	ret = PKCS12_key_gen_uni(unipass, uniplen, salt, saltlen,
 						 id, iter, n, out, md_type);
+	if (ret <= 0)
+	    return 0;
 	if(unipass) {
 		OPENSSL_cleanse(unipass, uniplen);	/* Clear password from memory */
 		OPENSSL_free(unipass);
@@ -129,6 +132,8 @@ int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt,
 #endif
 	v = EVP_MD_block_size (md_type);
 	u = EVP_MD_size (md_type);
+	if (u < 0)
+	    return 0;
 	D = OPENSSL_malloc (v);
 	Ai = OPENSSL_malloc (u);
 	B = OPENSSL_malloc (v + 1);
@@ -148,14 +153,16 @@ int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt,
 	for (i = 0; i < Slen; i++) *p++ = salt[i % saltlen];
 	for (i = 0; i < Plen; i++) *p++ = pass[i % passlen];
 	for (;;) {
-		EVP_DigestInit_ex(&ctx, md_type, NULL);
-		EVP_DigestUpdate(&ctx, D, v);
-		EVP_DigestUpdate(&ctx, I, Ilen);
-		EVP_DigestFinal_ex(&ctx, Ai, NULL);
+		if (!EVP_DigestInit_ex(&ctx, md_type, NULL)
+			|| !EVP_DigestUpdate(&ctx, D, v)
+			|| !EVP_DigestUpdate(&ctx, I, Ilen)
+			|| !EVP_DigestFinal_ex(&ctx, Ai, NULL))
+			goto err;
 		for (j = 1; j < iter; j++) {
-			EVP_DigestInit_ex(&ctx, md_type, NULL);
-			EVP_DigestUpdate(&ctx, Ai, u);
-			EVP_DigestFinal_ex(&ctx, Ai, NULL);
+			if (!EVP_DigestInit_ex(&ctx, md_type, NULL)
+				|| !EVP_DigestUpdate(&ctx, Ai, u)
+				|| !EVP_DigestFinal_ex(&ctx, Ai, NULL))
+			goto err;
 		}
 		memcpy (out, Ai, min (n, u));
 		if (u >= n) {
@@ -196,6 +203,9 @@ int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt,
 			} else BN_bn2bin (Ij, I + j);
 		}
 	}
+	err:
+	EVP_MD_CTX_cleanup(&ctx);
+	return 0;
 }
 #ifdef DEBUG_KEYGEN
 void h__dump (unsigned char *p, int len)
diff --git a/crypto/pkcs12/p12_kiss.c b/crypto/pkcs12/p12_kiss.c
index 2b31999e11..292cc3ed4a 100644
--- a/crypto/pkcs12/p12_kiss.c
+++ b/crypto/pkcs12/p12_kiss.c
@@ -1,5 +1,5 @@
 /* p12_kiss.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
 /* ====================================================================
@@ -63,16 +63,13 @@
 /* Simplified PKCS#12 routines */
 
 static int parse_pk12( PKCS12 *p12, const char *pass, int passlen,
-		EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca);
+		EVP_PKEY **pkey, STACK_OF(X509) *ocerts);
 
 static int parse_bags( STACK_OF(PKCS12_SAFEBAG) *bags, const char *pass,
-		       int passlen, EVP_PKEY **pkey, X509 **cert,
-		       STACK_OF(X509) **ca, ASN1_OCTET_STRING **keyid,
-		       char *keymatch);
+		       int passlen, EVP_PKEY **pkey, STACK_OF(X509) *ocerts);
 
 static int parse_bag( PKCS12_SAFEBAG *bag, const char *pass, int passlen,
-			EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca,
-			ASN1_OCTET_STRING **keyid, char *keymatch);
+			EVP_PKEY **pkey, STACK_OF(X509) *ocerts);
 
 /* Parse and decrypt a PKCS#12 structure returning user key, user cert
  * and other (CA) certs. Note either ca should be NULL, *ca should be NULL,
@@ -80,27 +77,23 @@ static int parse_bag( PKCS12_SAFEBAG *bag, const char *pass, int passlen,
  * passed unitialised.
  */
 
-int PKCS12_parse (PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert,
+int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert,
 	     STACK_OF(X509) **ca)
 {
-
+	STACK_OF(X509) *ocerts = NULL;
+	X509 *x = NULL;
 	/* Check for NULL PKCS12 structure */
 
-	if(!p12) {
+	if(!p12)
+		{
 		PKCS12err(PKCS12_F_PKCS12_PARSE,PKCS12_R_INVALID_NULL_PKCS12_POINTER);
 		return 0;
-	}
-
-	/* Allocate stack for ca certificates if needed */
-	if ((ca != NULL) && (*ca == NULL)) {
-		if (!(*ca = sk_X509_new_null())) {
-			PKCS12err(PKCS12_F_PKCS12_PARSE,ERR_R_MALLOC_FAILURE);
-			return 0;
 		}
-	}
 
-	if(pkey) *pkey = NULL;
-	if(cert) *cert = NULL;
+	if(pkey)
+		*pkey = NULL;
+	if(cert)
+		*cert = NULL;
 
 	/* Check the mac */
 
@@ -122,35 +115,75 @@ int PKCS12_parse (PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert,
 		goto err;
 	}
 
-	if (!parse_pk12 (p12, pass, -1, pkey, cert, ca))
+	/* Allocate stack for other certificates */
+	ocerts = sk_X509_new_null();
+
+	if (!ocerts)
+		{
+		PKCS12err(PKCS12_F_PKCS12_PARSE,ERR_R_MALLOC_FAILURE);
+		return 0;
+		}
+
+	if (!parse_pk12 (p12, pass, -1, pkey, ocerts))
 		{
 		PKCS12err(PKCS12_F_PKCS12_PARSE,PKCS12_R_PARSE_ERROR);
 		goto err;
 		}
 
+	while ((x = sk_X509_pop(ocerts)))
+		{
+		if (pkey && *pkey && cert && !*cert)
+			{
+			if (X509_check_private_key(x, *pkey))
+				{
+				*cert = x;
+				x = NULL;
+				}
+			}
+
+		if (ca && x)
+			{
+			if (!*ca)
+				*ca = sk_X509_new_null();
+			if (!*ca)
+				goto err;
+			if (!sk_X509_push(*ca, x))
+				goto err;
+			x = NULL;
+			}
+		if (x)
+			X509_free(x);
+		}
+
+	if (ocerts)
+		sk_X509_pop_free(ocerts, X509_free);
+
 	return 1;
 
  err:
 
-	if (pkey && *pkey) EVP_PKEY_free(*pkey);
-	if (cert && *cert) X509_free(*cert);
-	if (ca) sk_X509_pop_free(*ca, X509_free);
+	if (pkey && *pkey)
+		EVP_PKEY_free(*pkey);
+	if (cert && *cert)
+		X509_free(*cert);
+	if (x)
+		X509_free(*cert);
+	if (ocerts)
+		sk_X509_pop_free(ocerts, X509_free);
 	return 0;
 
 }
 
 /* Parse the outer PKCS#12 structure */
 
-static int parse_pk12 (PKCS12 *p12, const char *pass, int passlen,
-	     EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca)
+static int parse_pk12(PKCS12 *p12, const char *pass, int passlen,
+	     EVP_PKEY **pkey, STACK_OF(X509) *ocerts)
 {
 	STACK_OF(PKCS7) *asafes;
 	STACK_OF(PKCS12_SAFEBAG) *bags;
 	int i, bagnid;
 	PKCS7 *p7;
-	ASN1_OCTET_STRING *keyid = NULL;
 
-	char keymatch = 0;
 	if (!(asafes = PKCS12_unpack_authsafes (p12))) return 0;
 	for (i = 0; i < sk_PKCS7_num (asafes); i++) {
 		p7 = sk_PKCS7_value (asafes, i);
@@ -164,8 +197,7 @@ static int parse_pk12 (PKCS12 *p12, const char *pass, int passlen,
 			sk_PKCS7_pop_free(asafes, PKCS7_free);
 			return 0;
 		}
-	    	if (!parse_bags(bags, pass, passlen, pkey, cert, ca,
-							 &keyid, &keymatch)) {
+	    	if (!parse_bags(bags, pass, passlen, pkey, ocerts)) {
 			sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
 			sk_PKCS7_pop_free(asafes, PKCS7_free);
 			return 0;
@@ -173,89 +205,65 @@ static int parse_pk12 (PKCS12 *p12, const char *pass, int passlen,
 		sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
 	}
 	sk_PKCS7_pop_free(asafes, PKCS7_free);
-	if (keyid) M_ASN1_OCTET_STRING_free(keyid);
 	return 1;
 }
 
 
-static int parse_bags (STACK_OF(PKCS12_SAFEBAG) *bags, const char *pass,
-		       int passlen, EVP_PKEY **pkey, X509 **cert,
-		       STACK_OF(X509) **ca, ASN1_OCTET_STRING **keyid,
-		       char *keymatch)
+static int parse_bags(STACK_OF(PKCS12_SAFEBAG) *bags, const char *pass,
+		      int passlen, EVP_PKEY **pkey, STACK_OF(X509) *ocerts)
 {
 	int i;
 	for (i = 0; i < sk_PKCS12_SAFEBAG_num(bags); i++) {
 		if (!parse_bag(sk_PKCS12_SAFEBAG_value (bags, i),
-			 pass, passlen, pkey, cert, ca, keyid,
-							 keymatch)) return 0;
+				 pass, passlen, pkey, ocerts))
+			return 0;
 	}
 	return 1;
 }
 
-#define MATCH_KEY  0x1
-#define MATCH_CERT 0x2
-#define MATCH_ALL  0x3
-
 static int parse_bag(PKCS12_SAFEBAG *bag, const char *pass, int passlen,
-		      EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca,
-		      ASN1_OCTET_STRING **keyid,
-	     char *keymatch)
+		     EVP_PKEY **pkey, STACK_OF(X509) *ocerts)
 {
 	PKCS8_PRIV_KEY_INFO *p8;
 	X509 *x509;
-	ASN1_OCTET_STRING *lkey = NULL, *ckid = NULL;
 	ASN1_TYPE *attrib;
 	ASN1_BMPSTRING *fname = NULL;
+	ASN1_OCTET_STRING *lkid = NULL;
 
 	if ((attrib = PKCS12_get_attr (bag, NID_friendlyName)))
 		fname = attrib->value.bmpstring;
 
-	if ((attrib = PKCS12_get_attr (bag, NID_localKeyID))) {
-		lkey = attrib->value.octet_string;
-		ckid = lkey;
-	}
+	if ((attrib = PKCS12_get_attr (bag, NID_localKeyID)))
+		lkid = attrib->value.octet_string;
 
-	/* Check for any local key id matching (if needed) */
-	if (lkey && ((*keymatch & MATCH_ALL) != MATCH_ALL)) {
-		if (*keyid) {
-			if (M_ASN1_OCTET_STRING_cmp(*keyid, lkey)) lkey = NULL;
-		} else {
-			if (!(*keyid = M_ASN1_OCTET_STRING_dup(lkey))) {
-				PKCS12err(PKCS12_F_PARSE_BAGS,ERR_R_MALLOC_FAILURE);
-				return 0;
-		    }
-		}
-	}
-	
 	switch (M_PKCS12_bag_type(bag))
 	{
 	case NID_keyBag:
-		if (!lkey || !pkey) return 1;	
-		if (!(*pkey = EVP_PKCS82PKEY(bag->value.keybag))) return 0;
-		*keymatch |= MATCH_KEY;
+		if (!pkey || *pkey)
+			return 1;	
+		if (!(*pkey = EVP_PKCS82PKEY(bag->value.keybag)))
+			return 0;
 	break;
 
 	case NID_pkcs8ShroudedKeyBag:
-		if (!lkey || !pkey) return 1;	
+		if (!pkey || *pkey)
+			return 1;	
 		if (!(p8 = PKCS12_decrypt_skey(bag, pass, passlen)))
 				return 0;
 		*pkey = EVP_PKCS82PKEY(p8);
 		PKCS8_PRIV_KEY_INFO_free(p8);
 		if (!(*pkey)) return 0;
-		*keymatch |= MATCH_KEY;
 	break;
 
 	case NID_certBag:
 		if (M_PKCS12_cert_bag_type(bag) != NID_x509Certificate )
-								 return 1;
-		if (!(x509 = PKCS12_certbag2x509(bag))) return 0;
-		if(ckid)
+			return 1;
+		if (!(x509 = PKCS12_certbag2x509(bag)))
+			return 0;
+		if(lkid && !X509_keyid_set1(x509, lkid->data, lkid->length))
 			{
-			if (!X509_keyid_set1(x509, ckid->data, ckid->length))
-				{
-				X509_free(x509);
-				return 0;
-				}
+			X509_free(x509);
+			return 0;
 			}
 		if(fname) {
 			int len, r;
@@ -272,20 +280,17 @@ static int parse_bag(PKCS12_SAFEBAG *bag, const char *pass, int passlen,
 			}
 		}
 
+		if(!sk_X509_push(ocerts, x509))
+			{
+			X509_free(x509);
+			return 0;
+			}
 
-		if (lkey) {
-			*keymatch |= MATCH_CERT;
-			if (cert) *cert = x509;
-			else X509_free(x509);
-		} else {
-			if(ca) sk_X509_push (*ca, x509);
-			else X509_free(x509);
-		}
 	break;
 
 	case NID_safeContentsBag:
 		return parse_bags(bag->value.safes, pass, passlen,
-			 		pkey, cert, ca, keyid, keymatch);
+			 		pkey, ocerts);
 	break;
 
 	default:
diff --git a/crypto/pkcs12/p12_mutl.c b/crypto/pkcs12/p12_mutl.c
index 4886b9b289..96de1bd11e 100644
--- a/crypto/pkcs12/p12_mutl.c
+++ b/crypto/pkcs12/p12_mutl.c
@@ -1,5 +1,5 @@
 /* p12_mutl.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
 /* ====================================================================
@@ -64,13 +64,20 @@
 #include <openssl/pkcs12.h>
 
 /* Generate a MAC */
-int PKCS12_gen_mac (PKCS12 *p12, const char *pass, int passlen,
-		    unsigned char *mac, unsigned int *maclen)
+int PKCS12_gen_mac(PKCS12 *p12, const char *pass, int passlen,
+		   unsigned char *mac, unsigned int *maclen)
 {
 	const EVP_MD *md_type;
 	HMAC_CTX hmac;
-	unsigned char key[PKCS12_MAC_KEY_LENGTH], *salt;
+	unsigned char key[EVP_MAX_MD_SIZE], *salt;
 	int saltlen, iter;
+	int md_size;
+
+	if (!PKCS7_type_is_data(p12->authsafes))
+		{
+		PKCS12err(PKCS12_F_PKCS12_GEN_MAC,PKCS12_R_CONTENT_TYPE_NOT_DATA);
+		return 0;
+		}
 
 	salt = p12->mac->salt->data;
 	saltlen = p12->mac->salt->length;
@@ -81,31 +88,38 @@ int PKCS12_gen_mac (PKCS12 *p12, const char *pass, int passlen,
 		PKCS12err(PKCS12_F_PKCS12_GEN_MAC,PKCS12_R_UNKNOWN_DIGEST_ALGORITHM);
 		return 0;
 	}
+	md_size = EVP_MD_size(md_type);
+	if (md_size < 0)
+	    return 0;
 	if(!PKCS12_key_gen (pass, passlen, salt, saltlen, PKCS12_MAC_ID, iter,
-				 PKCS12_MAC_KEY_LENGTH, key, md_type)) {
+				 md_size, key, md_type)) {
 		PKCS12err(PKCS12_F_PKCS12_GEN_MAC,PKCS12_R_KEY_GEN_ERROR);
 		return 0;
 	}
 	HMAC_CTX_init(&hmac);
-	HMAC_Init_ex(&hmac, key, PKCS12_MAC_KEY_LENGTH, md_type, NULL);
-    	HMAC_Update(&hmac, p12->authsafes->d.data->data,
-					 p12->authsafes->d.data->length);
-    	HMAC_Final(&hmac, mac, maclen);
+	if (!HMAC_Init_ex(&hmac, key, md_size, md_type, NULL)
+    		|| !HMAC_Update(&hmac, p12->authsafes->d.data->data,
+					 p12->authsafes->d.data->length)
+    		|| !HMAC_Final(&hmac, mac, maclen))
+		{
+    		HMAC_CTX_cleanup(&hmac);
+		return 0;
+		}
     	HMAC_CTX_cleanup(&hmac);
 	return 1;
 }
 
 /* Verify the mac */
-int PKCS12_verify_mac (PKCS12 *p12, const char *pass, int passlen)
+int PKCS12_verify_mac(PKCS12 *p12, const char *pass, int passlen)
 {
 	unsigned char mac[EVP_MAX_MD_SIZE];
 	unsigned int maclen;
 	if(p12->mac == NULL) {
-		PKCS12err(PKCS12_F_VERIFY_MAC,PKCS12_R_MAC_ABSENT);
+		PKCS12err(PKCS12_F_PKCS12_VERIFY_MAC,PKCS12_R_MAC_ABSENT);
 		return 0;
 	}
 	if (!PKCS12_gen_mac (p12, pass, passlen, mac, &maclen)) {
-		PKCS12err(PKCS12_F_VERIFY_MAC,PKCS12_R_MAC_GENERATION_ERROR);
+		PKCS12err(PKCS12_F_PKCS12_VERIFY_MAC,PKCS12_R_MAC_GENERATION_ERROR);
 		return 0;
 	}
 	if ((maclen != (unsigned int)p12->mac->dinfo->digest->length)
@@ -115,7 +129,7 @@ int PKCS12_verify_mac (PKCS12 *p12, const char *pass, int passlen)
 
 /* Set a mac */
 
-int PKCS12_set_mac (PKCS12 *p12, const char *pass, int passlen,
+int PKCS12_set_mac(PKCS12 *p12, const char *pass, int passlen,
 	     unsigned char *salt, int saltlen, int iter, const EVP_MD *md_type)
 {
 	unsigned char mac[EVP_MAX_MD_SIZE];
@@ -139,7 +153,7 @@ int PKCS12_set_mac (PKCS12 *p12, const char *pass, int passlen,
 }
 
 /* Set up a mac structure */
-int PKCS12_setup_mac (PKCS12 *p12, int iter, unsigned char *salt, int saltlen,
+int PKCS12_setup_mac(PKCS12 *p12, int iter, unsigned char *salt, int saltlen,
 	     const EVP_MD *md_type)
 {
 	if (!(p12->mac = PKCS12_MAC_DATA_new())) return PKCS12_ERROR;
diff --git a/crypto/pkcs12/p12_npas.c b/crypto/pkcs12/p12_npas.c
index e62d497c6f..47e5e9c377 100644
--- a/crypto/pkcs12/p12_npas.c
+++ b/crypto/pkcs12/p12_npas.c
@@ -1,5 +1,5 @@
 /* p12_npas.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
 /* ====================================================================
@@ -77,28 +77,26 @@ static int alg_get(X509_ALGOR *alg, int *pnid, int *piter, int *psaltlen);
 
 int PKCS12_newpass(PKCS12 *p12, char *oldpass, char *newpass)
 {
+	/* Check for NULL PKCS12 structure */
 
-/* Check for NULL PKCS12 structure */
-
-if(!p12) {
-	PKCS12err(PKCS12_F_PKCS12_NEWPASS,PKCS12_R_INVALID_NULL_PKCS12_POINTER);
-	return 0;
-}
-
-/* Check the mac */
-
-if (!PKCS12_verify_mac(p12, oldpass, -1)) {
-	PKCS12err(PKCS12_F_PKCS12_NEWPASS,PKCS12_R_MAC_VERIFY_FAILURE);
-	return 0;
-}
+	if(!p12) {
+		PKCS12err(PKCS12_F_PKCS12_NEWPASS,PKCS12_R_INVALID_NULL_PKCS12_POINTER);
+		return 0;
+	}
 
-if (!newpass_p12(p12, oldpass, newpass)) {
-	PKCS12err(PKCS12_F_PKCS12_NEWPASS,PKCS12_R_PARSE_ERROR);
-	return 0;
-}
+	/* Check the mac */
+	
+	if (!PKCS12_verify_mac(p12, oldpass, -1)) {
+		PKCS12err(PKCS12_F_PKCS12_NEWPASS,PKCS12_R_MAC_VERIFY_FAILURE);
+		return 0;
+	}
 
-return 1;
+	if (!newpass_p12(p12, oldpass, newpass)) {
+		PKCS12err(PKCS12_F_PKCS12_NEWPASS,PKCS12_R_PARSE_ERROR);
+		return 0;
+	}
 
+	return 1;
 }
 
 /* Parse the outer PKCS#12 structure */
diff --git a/crypto/pkcs12/p12_p8d.c b/crypto/pkcs12/p12_p8d.c
index 3c6f377933..deba81e4a9 100644
--- a/crypto/pkcs12/p12_p8d.c
+++ b/crypto/pkcs12/p12_p8d.c
@@ -1,5 +1,5 @@
 /* p12_p8d.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2001.
  */
 /* ====================================================================
diff --git a/crypto/pkcs12/p12_p8e.c b/crypto/pkcs12/p12_p8e.c
index 3d47956652..bf20a77b4c 100644
--- a/crypto/pkcs12/p12_p8e.c
+++ b/crypto/pkcs12/p12_p8e.c
@@ -1,5 +1,5 @@
 /* p12_p8e.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2001.
  */
 /* ====================================================================
diff --git a/crypto/pkcs12/p12_utl.c b/crypto/pkcs12/p12_utl.c
index 243ec76be9..59c6f453f6 100644
--- a/crypto/pkcs12/p12_utl.c
+++ b/crypto/pkcs12/p12_utl.c
@@ -1,5 +1,5 @@
 /* p12_utl.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
 /* ====================================================================
@@ -62,7 +62,7 @@
 
 /* Cheap and nasty Unicode stuff */
 
-unsigned char *asc2uni(const char *asc, int asclen, unsigned char **uni, int *unilen)
+unsigned char *OPENSSL_asc2uni(const char *asc, int asclen, unsigned char **uni, int *unilen)
 {
 	int ulen, i;
 	unsigned char *unitmp;
@@ -81,7 +81,7 @@ unsigned char *asc2uni(const char *asc, int asclen, unsigned char **uni, int *un
 	return unitmp;
 }
 
-char *uni2asc(unsigned char *uni, int unilen)
+char *OPENSSL_uni2asc(unsigned char *uni, int unilen)
 {
 	int asclen, i;
 	char *asctmp;
diff --git a/crypto/pkcs12/pk12err.c b/crypto/pkcs12/pk12err.c
index 10ab80502c..f6ddf2df12 100644
--- a/crypto/pkcs12/pk12err.c
+++ b/crypto/pkcs12/pk12err.c
@@ -1,6 +1,6 @@
 /* crypto/pkcs12/pk12err.c */
 /* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2006 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -64,60 +64,68 @@
 
 /* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
+
+#define ERR_FUNC(func) ERR_PACK(ERR_LIB_PKCS12,func,0)
+#define ERR_REASON(reason) ERR_PACK(ERR_LIB_PKCS12,0,reason)
+
 static ERR_STRING_DATA PKCS12_str_functs[]=
 	{
-{ERR_PACK(0,PKCS12_F_PARSE_BAGS,0),	"PARSE_BAGS"},
-{ERR_PACK(0,PKCS12_F_PKCS12_ADD_FRIENDLYNAME,0),	"PKCS12_ADD_FRIENDLYNAME"},
-{ERR_PACK(0,PKCS12_F_PKCS12_ADD_FRIENDLYNAME_ASC,0),	"PKCS12_add_friendlyname_asc"},
-{ERR_PACK(0,PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI,0),	"PKCS12_add_friendlyname_uni"},
-{ERR_PACK(0,PKCS12_F_PKCS12_ADD_LOCALKEYID,0),	"PKCS12_add_localkeyid"},
-{ERR_PACK(0,PKCS12_F_PKCS12_CREATE,0),	"PKCS12_create"},
-{ERR_PACK(0,PKCS12_F_PKCS12_DECRYPT_D2I,0),	"PKCS12_decrypt_d2i"},
-{ERR_PACK(0,PKCS12_F_PKCS12_GEN_MAC,0),	"PKCS12_gen_mac"},
-{ERR_PACK(0,PKCS12_F_PKCS12_I2D_ENCRYPT,0),	"PKCS12_i2d_encrypt"},
-{ERR_PACK(0,PKCS12_F_PKCS12_INIT,0),	"PKCS12_init"},
-{ERR_PACK(0,PKCS12_F_PKCS12_KEY_GEN_ASC,0),	"PKCS12_key_gen_asc"},
-{ERR_PACK(0,PKCS12_F_PKCS12_KEY_GEN_UNI,0),	"PKCS12_key_gen_uni"},
-{ERR_PACK(0,PKCS12_F_PKCS12_MAKE_KEYBAG,0),	"PKCS12_MAKE_KEYBAG"},
-{ERR_PACK(0,PKCS12_F_PKCS12_MAKE_SHKEYBAG,0),	"PKCS12_MAKE_SHKEYBAG"},
-{ERR_PACK(0,PKCS12_F_PKCS12_NEWPASS,0),	"PKCS12_newpass"},
-{ERR_PACK(0,PKCS12_F_PKCS12_PACK_P7DATA,0),	"PKCS12_pack_p7data"},
-{ERR_PACK(0,PKCS12_F_PKCS12_PACK_P7ENCDATA,0),	"PKCS12_pack_p7encdata"},
-{ERR_PACK(0,PKCS12_F_PKCS12_PACK_SAFEBAG,0),	"PKCS12_pack_safebag"},
-{ERR_PACK(0,PKCS12_F_PKCS12_PARSE,0),	"PKCS12_parse"},
-{ERR_PACK(0,PKCS12_F_PKCS12_PBE_CRYPT,0),	"PKCS12_pbe_crypt"},
-{ERR_PACK(0,PKCS12_F_PKCS12_PBE_KEYIVGEN,0),	"PKCS12_PBE_keyivgen"},
-{ERR_PACK(0,PKCS12_F_PKCS12_SETUP_MAC,0),	"PKCS12_setup_mac"},
-{ERR_PACK(0,PKCS12_F_PKCS12_SET_MAC,0),	"PKCS12_set_mac"},
-{ERR_PACK(0,PKCS12_F_PKCS8_ADD_KEYUSAGE,0),	"PKCS8_add_keyusage"},
-{ERR_PACK(0,PKCS12_F_PKCS8_ENCRYPT,0),	"PKCS8_encrypt"},
-{ERR_PACK(0,PKCS12_F_VERIFY_MAC,0),	"VERIFY_MAC"},
+{ERR_FUNC(PKCS12_F_PARSE_BAG),	"PARSE_BAG"},
+{ERR_FUNC(PKCS12_F_PARSE_BAGS),	"PARSE_BAGS"},
+{ERR_FUNC(PKCS12_F_PKCS12_ADD_FRIENDLYNAME),	"PKCS12_ADD_FRIENDLYNAME"},
+{ERR_FUNC(PKCS12_F_PKCS12_ADD_FRIENDLYNAME_ASC),	"PKCS12_add_friendlyname_asc"},
+{ERR_FUNC(PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI),	"PKCS12_add_friendlyname_uni"},
+{ERR_FUNC(PKCS12_F_PKCS12_ADD_LOCALKEYID),	"PKCS12_add_localkeyid"},
+{ERR_FUNC(PKCS12_F_PKCS12_CREATE),	"PKCS12_create"},
+{ERR_FUNC(PKCS12_F_PKCS12_GEN_MAC),	"PKCS12_gen_mac"},
+{ERR_FUNC(PKCS12_F_PKCS12_INIT),	"PKCS12_init"},
+{ERR_FUNC(PKCS12_F_PKCS12_ITEM_DECRYPT_D2I),	"PKCS12_item_decrypt_d2i"},
+{ERR_FUNC(PKCS12_F_PKCS12_ITEM_I2D_ENCRYPT),	"PKCS12_item_i2d_encrypt"},
+{ERR_FUNC(PKCS12_F_PKCS12_ITEM_PACK_SAFEBAG),	"PKCS12_item_pack_safebag"},
+{ERR_FUNC(PKCS12_F_PKCS12_KEY_GEN_ASC),	"PKCS12_key_gen_asc"},
+{ERR_FUNC(PKCS12_F_PKCS12_KEY_GEN_UNI),	"PKCS12_key_gen_uni"},
+{ERR_FUNC(PKCS12_F_PKCS12_MAKE_KEYBAG),	"PKCS12_MAKE_KEYBAG"},
+{ERR_FUNC(PKCS12_F_PKCS12_MAKE_SHKEYBAG),	"PKCS12_MAKE_SHKEYBAG"},
+{ERR_FUNC(PKCS12_F_PKCS12_NEWPASS),	"PKCS12_newpass"},
+{ERR_FUNC(PKCS12_F_PKCS12_PACK_P7DATA),	"PKCS12_pack_p7data"},
+{ERR_FUNC(PKCS12_F_PKCS12_PACK_P7ENCDATA),	"PKCS12_pack_p7encdata"},
+{ERR_FUNC(PKCS12_F_PKCS12_PARSE),	"PKCS12_parse"},
+{ERR_FUNC(PKCS12_F_PKCS12_PBE_CRYPT),	"PKCS12_pbe_crypt"},
+{ERR_FUNC(PKCS12_F_PKCS12_PBE_KEYIVGEN),	"PKCS12_PBE_keyivgen"},
+{ERR_FUNC(PKCS12_F_PKCS12_SETUP_MAC),	"PKCS12_setup_mac"},
+{ERR_FUNC(PKCS12_F_PKCS12_SET_MAC),	"PKCS12_set_mac"},
+{ERR_FUNC(PKCS12_F_PKCS12_UNPACK_AUTHSAFES),	"PKCS12_unpack_authsafes"},
+{ERR_FUNC(PKCS12_F_PKCS12_UNPACK_P7DATA),	"PKCS12_unpack_p7data"},
+{ERR_FUNC(PKCS12_F_PKCS12_VERIFY_MAC),	"PKCS12_verify_mac"},
+{ERR_FUNC(PKCS12_F_PKCS8_ADD_KEYUSAGE),	"PKCS8_add_keyusage"},
+{ERR_FUNC(PKCS12_F_PKCS8_ENCRYPT),	"PKCS8_encrypt"},
 {0,NULL}
 	};
 
 static ERR_STRING_DATA PKCS12_str_reasons[]=
 	{
-{PKCS12_R_CANT_PACK_STRUCTURE            ,"cant pack structure"},
-{PKCS12_R_DECODE_ERROR                   ,"decode error"},
-{PKCS12_R_ENCODE_ERROR                   ,"encode error"},
-{PKCS12_R_ENCRYPT_ERROR                  ,"encrypt error"},
-{PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE,"error setting encrypted data type"},
-{PKCS12_R_INVALID_NULL_ARGUMENT          ,"invalid null argument"},
-{PKCS12_R_INVALID_NULL_PKCS12_POINTER    ,"invalid null pkcs12 pointer"},
-{PKCS12_R_IV_GEN_ERROR                   ,"iv gen error"},
-{PKCS12_R_KEY_GEN_ERROR                  ,"key gen error"},
-{PKCS12_R_MAC_ABSENT                     ,"mac absent"},
-{PKCS12_R_MAC_GENERATION_ERROR           ,"mac generation error"},
-{PKCS12_R_MAC_SETUP_ERROR                ,"mac setup error"},
-{PKCS12_R_MAC_STRING_SET_ERROR           ,"mac string set error"},
-{PKCS12_R_MAC_VERIFY_ERROR               ,"mac verify error"},
-{PKCS12_R_MAC_VERIFY_FAILURE             ,"mac verify failure"},
-{PKCS12_R_PARSE_ERROR                    ,"parse error"},
-{PKCS12_R_PKCS12_ALGOR_CIPHERINIT_ERROR  ,"pkcs12 algor cipherinit error"},
-{PKCS12_R_PKCS12_CIPHERFINAL_ERROR       ,"pkcs12 cipherfinal error"},
-{PKCS12_R_PKCS12_PBE_CRYPT_ERROR         ,"pkcs12 pbe crypt error"},
-{PKCS12_R_UNKNOWN_DIGEST_ALGORITHM       ,"unknown digest algorithm"},
-{PKCS12_R_UNSUPPORTED_PKCS12_MODE        ,"unsupported pkcs12 mode"},
+{ERR_REASON(PKCS12_R_CANT_PACK_STRUCTURE),"cant pack structure"},
+{ERR_REASON(PKCS12_R_CONTENT_TYPE_NOT_DATA),"content type not data"},
+{ERR_REASON(PKCS12_R_DECODE_ERROR)       ,"decode error"},
+{ERR_REASON(PKCS12_R_ENCODE_ERROR)       ,"encode error"},
+{ERR_REASON(PKCS12_R_ENCRYPT_ERROR)      ,"encrypt error"},
+{ERR_REASON(PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE),"error setting encrypted data type"},
+{ERR_REASON(PKCS12_R_INVALID_NULL_ARGUMENT),"invalid null argument"},
+{ERR_REASON(PKCS12_R_INVALID_NULL_PKCS12_POINTER),"invalid null pkcs12 pointer"},
+{ERR_REASON(PKCS12_R_IV_GEN_ERROR)       ,"iv gen error"},
+{ERR_REASON(PKCS12_R_KEY_GEN_ERROR)      ,"key gen error"},
+{ERR_REASON(PKCS12_R_MAC_ABSENT)         ,"mac absent"},
+{ERR_REASON(PKCS12_R_MAC_GENERATION_ERROR),"mac generation error"},
+{ERR_REASON(PKCS12_R_MAC_SETUP_ERROR)    ,"mac setup error"},
+{ERR_REASON(PKCS12_R_MAC_STRING_SET_ERROR),"mac string set error"},
+{ERR_REASON(PKCS12_R_MAC_VERIFY_ERROR)   ,"mac verify error"},
+{ERR_REASON(PKCS12_R_MAC_VERIFY_FAILURE) ,"mac verify failure"},
+{ERR_REASON(PKCS12_R_PARSE_ERROR)        ,"parse error"},
+{ERR_REASON(PKCS12_R_PKCS12_ALGOR_CIPHERINIT_ERROR),"pkcs12 algor cipherinit error"},
+{ERR_REASON(PKCS12_R_PKCS12_CIPHERFINAL_ERROR),"pkcs12 cipherfinal error"},
+{ERR_REASON(PKCS12_R_PKCS12_PBE_CRYPT_ERROR),"pkcs12 pbe crypt error"},
+{ERR_REASON(PKCS12_R_UNKNOWN_DIGEST_ALGORITHM),"unknown digest algorithm"},
+{ERR_REASON(PKCS12_R_UNSUPPORTED_PKCS12_MODE),"unsupported pkcs12 mode"},
 {0,NULL}
 	};
 
@@ -125,15 +133,12 @@ static ERR_STRING_DATA PKCS12_str_reasons[]=
 
 void ERR_load_PKCS12_strings(void)
 	{
-	static int init=1;
-
-	if (init)
-		{
-		init=0;
 #ifndef OPENSSL_NO_ERR
-		ERR_load_strings(ERR_LIB_PKCS12,PKCS12_str_functs);
-		ERR_load_strings(ERR_LIB_PKCS12,PKCS12_str_reasons);
-#endif
 
+	if (ERR_func_error_string(PKCS12_str_functs[0].error) == NULL)
+		{
+		ERR_load_strings(0,PKCS12_str_functs);
+		ERR_load_strings(0,PKCS12_str_reasons);
 		}
+#endif
 	}
diff --git a/crypto/pkcs12/pkcs12.h b/crypto/pkcs12/pkcs12.h
index 5c8b492816..b17eb9f42b 100644
--- a/crypto/pkcs12/pkcs12.h
+++ b/crypto/pkcs12/pkcs12.h
@@ -1,5 +1,5 @@
 /* pkcs12.h */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
 /* ====================================================================
@@ -108,8 +108,6 @@ PKCS12_MAC_DATA *mac;
 PKCS7 *authsafes;
 } PKCS12;
 
-PREDECLARE_STACK_OF(PKCS12_SAFEBAG)
-
 typedef struct {
 ASN1_OBJECT *type;
 union {
@@ -232,8 +230,8 @@ int PKCS12_set_mac(PKCS12 *p12, const char *pass, int passlen,
 		   const EVP_MD *md_type);
 int PKCS12_setup_mac(PKCS12 *p12, int iter, unsigned char *salt,
 					 int saltlen, const EVP_MD *md_type);
-unsigned char *asc2uni(const char *asc, int asclen, unsigned char **uni, int *unilen);
-char *uni2asc(unsigned char *uni, int unilen);
+unsigned char *OPENSSL_asc2uni(const char *asc, int asclen, unsigned char **uni, int *unilen);
+char *OPENSSL_uni2asc(unsigned char *uni, int unilen);
 
 DECLARE_ASN1_FUNCTIONS(PKCS12)
 DECLARE_ASN1_FUNCTIONS(PKCS12_MAC_DATA)
@@ -273,16 +271,18 @@ void ERR_load_PKCS12_strings(void);
 /* Error codes for the PKCS12 functions. */
 
 /* Function codes. */
+#define PKCS12_F_PARSE_BAG				 129
 #define PKCS12_F_PARSE_BAGS				 103
 #define PKCS12_F_PKCS12_ADD_FRIENDLYNAME		 100
 #define PKCS12_F_PKCS12_ADD_FRIENDLYNAME_ASC		 127
 #define PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI		 102
 #define PKCS12_F_PKCS12_ADD_LOCALKEYID			 104
 #define PKCS12_F_PKCS12_CREATE				 105
-#define PKCS12_F_PKCS12_DECRYPT_D2I			 106
 #define PKCS12_F_PKCS12_GEN_MAC				 107
-#define PKCS12_F_PKCS12_I2D_ENCRYPT			 108
 #define PKCS12_F_PKCS12_INIT				 109
+#define PKCS12_F_PKCS12_ITEM_DECRYPT_D2I		 106
+#define PKCS12_F_PKCS12_ITEM_I2D_ENCRYPT		 108
+#define PKCS12_F_PKCS12_ITEM_PACK_SAFEBAG		 117
 #define PKCS12_F_PKCS12_KEY_GEN_ASC			 110
 #define PKCS12_F_PKCS12_KEY_GEN_UNI			 111
 #define PKCS12_F_PKCS12_MAKE_KEYBAG			 112
@@ -290,18 +290,20 @@ void ERR_load_PKCS12_strings(void);
 #define PKCS12_F_PKCS12_NEWPASS				 128
 #define PKCS12_F_PKCS12_PACK_P7DATA			 114
 #define PKCS12_F_PKCS12_PACK_P7ENCDATA			 115
-#define PKCS12_F_PKCS12_PACK_SAFEBAG			 117
 #define PKCS12_F_PKCS12_PARSE				 118
 #define PKCS12_F_PKCS12_PBE_CRYPT			 119
 #define PKCS12_F_PKCS12_PBE_KEYIVGEN			 120
 #define PKCS12_F_PKCS12_SETUP_MAC			 122
 #define PKCS12_F_PKCS12_SET_MAC				 123
+#define PKCS12_F_PKCS12_UNPACK_AUTHSAFES		 130
+#define PKCS12_F_PKCS12_UNPACK_P7DATA			 131
+#define PKCS12_F_PKCS12_VERIFY_MAC			 126
 #define PKCS12_F_PKCS8_ADD_KEYUSAGE			 124
 #define PKCS12_F_PKCS8_ENCRYPT				 125
-#define PKCS12_F_VERIFY_MAC				 126
 
 /* Reason codes. */
 #define PKCS12_R_CANT_PACK_STRUCTURE			 100
+#define PKCS12_R_CONTENT_TYPE_NOT_DATA			 121
 #define PKCS12_R_DECODE_ERROR				 101
 #define PKCS12_R_ENCODE_ERROR				 102
 #define PKCS12_R_ENCRYPT_ERROR				 103
diff --git a/crypto/pkcs7/.cvsignore b/crypto/pkcs7/.cvsignore
index 780d5c1afc..5463e2ac26 100644
--- a/crypto/pkcs7/.cvsignore
+++ b/crypto/pkcs7/.cvsignore
@@ -4,3 +4,5 @@ enc
 dec
 sign
 verify
+*.flc
+semantic.cache
diff --git a/crypto/pkcs7/Makefile.ssl b/crypto/pkcs7/Makefile.ssl
deleted file mode 100644
index f8161ecb24..0000000000
--- a/crypto/pkcs7/Makefile.ssl
+++ /dev/null
@@ -1,192 +0,0 @@
-#
-# SSLeay/crypto/pkcs7/Makefile
-#
-
-DIR=	pkcs7
-TOP=	../..
-CC=	cc
-INCLUDES= -I.. -I$(TOP) -I../../include
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-PEX_LIBS=
-EX_LIBS=
- 
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile README
-TEST=
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=	pk7_asn1.c pk7_lib.c pkcs7err.c pk7_doit.c pk7_smime.c pk7_attr.c \
-	pk7_mime.c
-LIBOBJ= pk7_asn1.o pk7_lib.o pkcs7err.o pk7_doit.o pk7_smime.o pk7_attr.o \
-	pk7_mime.o
-
-SRC= $(LIBSRC)
-
-EXHEADER=  pkcs7.h
-HEADER=	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-test:
-
-all:	lib
-
-testapps: enc dec sign verify
-
-enc: enc.o lib
-	$(CC) $(CFLAGS) -o enc enc.o $(PEX_LIBS) $(LIB) $(EX_LIBS)
-
-dec: dec.o lib
-	$(CC) $(CFLAGS) -o dec dec.o $(PEX_LIBS) $(LIB) $(EX_LIBS)
-
-sign: sign.o lib
-	$(CC) $(CFLAGS) -o sign sign.o $(PEX_LIBS) $(LIB) $(EX_LIBS)
-
-verify: verify.o example.o lib
-	$(CC) $(CFLAGS) -o verify verify.o $(PEX_LIBS) example.o $(LIB) $(EX_LIBS)
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@sh $(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff enc dec sign verify
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-pk7_asn1.o: ../../e_os.h ../../include/openssl/asn1.h
-pk7_asn1.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
-pk7_asn1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-pk7_asn1.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-pk7_asn1.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-pk7_asn1.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-pk7_asn1.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-pk7_asn1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-pk7_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-pk7_asn1.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-pk7_asn1.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-pk7_asn1.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-pk7_asn1.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pk7_asn1.c
-pk7_attr.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-pk7_attr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-pk7_attr.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-pk7_attr.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-pk7_attr.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-pk7_attr.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-pk7_attr.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-pk7_attr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-pk7_attr.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
-pk7_attr.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-pk7_attr.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-pk7_attr.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-pk7_attr.o: ../../include/openssl/x509_vfy.h pk7_attr.c
-pk7_doit.o: ../../e_os.h ../../include/openssl/asn1.h
-pk7_doit.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-pk7_doit.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-pk7_doit.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-pk7_doit.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-pk7_doit.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-pk7_doit.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-pk7_doit.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-pk7_doit.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-pk7_doit.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
-pk7_doit.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-pk7_doit.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-pk7_doit.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-pk7_doit.o: ../../include/openssl/x509v3.h ../cryptlib.h pk7_doit.c
-pk7_lib.o: ../../e_os.h ../../include/openssl/asn1.h
-pk7_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-pk7_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-pk7_lib.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-pk7_lib.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-pk7_lib.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-pk7_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-pk7_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-pk7_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-pk7_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-pk7_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-pk7_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-pk7_lib.o: ../cryptlib.h pk7_lib.c
-pk7_mime.o: ../../e_os.h ../../include/openssl/asn1.h
-pk7_mime.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-pk7_mime.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-pk7_mime.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-pk7_mime.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-pk7_mime.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-pk7_mime.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-pk7_mime.o: ../../include/openssl/opensslconf.h
-pk7_mime.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-pk7_mime.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
-pk7_mime.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-pk7_mime.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-pk7_mime.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-pk7_mime.o: ../cryptlib.h pk7_mime.c
-pk7_smime.o: ../../e_os.h ../../include/openssl/asn1.h
-pk7_smime.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-pk7_smime.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-pk7_smime.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-pk7_smime.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-pk7_smime.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-pk7_smime.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-pk7_smime.o: ../../include/openssl/objects.h
-pk7_smime.o: ../../include/openssl/opensslconf.h
-pk7_smime.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-pk7_smime.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-pk7_smime.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-pk7_smime.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-pk7_smime.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-pk7_smime.o: ../cryptlib.h pk7_smime.c
-pkcs7err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-pkcs7err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-pkcs7err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-pkcs7err.o: ../../include/openssl/opensslconf.h
-pkcs7err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-pkcs7err.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-pkcs7err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-pkcs7err.o: pkcs7err.c
diff --git a/crypto/pkcs7/bio_ber.c b/crypto/pkcs7/bio_ber.c
index 895a91177b..31973fcd1f 100644
--- a/crypto/pkcs7/bio_ber.c
+++ b/crypto/pkcs7/bio_ber.c
@@ -204,7 +204,7 @@ int bio_ber_get_header(BIO *bio, BIO_BER_CTX *ctx)
 		if ((ctx->buf_len < BER_BUF_SIZE) &&
 			(ERR_GET_REASON(ERR_peek_error()) == ASN1_R_TOO_LONG))
 			{
-			ERR_get_error(); /* clear the error */
+			ERR_clear_error(); /* clear the error */
 			BIO_set_retry_read(b);
 			}
 		return(-1);
diff --git a/crypto/pkcs7/bio_pk7.c b/crypto/pkcs7/bio_pk7.c
new file mode 100644
index 0000000000..c8d06d6cdc
--- /dev/null
+++ b/crypto/pkcs7/bio_pk7.c
@@ -0,0 +1,69 @@
+/* bio_pk7.c */
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project.
+ */
+/* ====================================================================
+ * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#include <openssl/asn1.h>
+#include <openssl/pkcs7.h>
+#include <openssl/bio.h>
+
+#ifndef OPENSSL_SYSNAME_NETWARE
+#include <memory.h>
+#endif
+#include <stdio.h>
+
+/* Streaming encode support for PKCS#7 */
+
+BIO *BIO_new_PKCS7(BIO *out, PKCS7 *p7) 
+	{
+	return BIO_new_NDEF(out, (ASN1_VALUE *)p7, ASN1_ITEM_rptr(PKCS7));
+	}
diff --git a/crypto/pkcs7/pk7_asn1.c b/crypto/pkcs7/pk7_asn1.c
index 77931feeb4..b7ec2883cb 100644
--- a/crypto/pkcs7/pk7_asn1.c
+++ b/crypto/pkcs7/pk7_asn1.c
@@ -1,5 +1,5 @@
 /* pk7_asn.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2000.
  */
 /* ====================================================================
@@ -77,10 +77,39 @@ ASN1_ADB(PKCS7) = {
 	ADB_ENTRY(NID_pkcs7_encrypted, ASN1_NDEF_EXP_OPT(PKCS7, d.encrypted, PKCS7_ENCRYPT, 0))
 } ASN1_ADB_END(PKCS7, 0, type, 0, &p7default_tt, NULL);
 
-ASN1_NDEF_SEQUENCE(PKCS7) = {
+/* PKCS#7 streaming support */
+static int pk7_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
+							void *exarg)
+{
+	ASN1_STREAM_ARG *sarg = exarg;
+	PKCS7 **pp7 = (PKCS7 **)pval;
+
+	switch(operation)
+		{
+
+		case ASN1_OP_STREAM_PRE:
+		if (PKCS7_stream(&sarg->boundary, *pp7) <= 0)
+			return 0;
+		case ASN1_OP_DETACHED_PRE:
+		sarg->ndef_bio = PKCS7_dataInit(*pp7, sarg->out);
+		if (!sarg->ndef_bio)
+			return 0;
+		break;
+
+		case ASN1_OP_STREAM_POST:
+		case ASN1_OP_DETACHED_POST:
+		if (PKCS7_dataFinal(*pp7, sarg->ndef_bio) <= 0)
+			return 0;
+		break;
+
+		}
+	return 1;
+}
+
+ASN1_NDEF_SEQUENCE_cb(PKCS7, pk7_cb) = {
 	ASN1_SIMPLE(PKCS7, type, ASN1_OBJECT),
 	ASN1_ADB_OBJECT(PKCS7)
-}ASN1_NDEF_SEQUENCE_END(PKCS7)
+}ASN1_NDEF_SEQUENCE_END_cb(PKCS7, PKCS7)
 
 IMPLEMENT_ASN1_FUNCTIONS(PKCS7)
 IMPLEMENT_ASN1_NDEF_FUNCTION(PKCS7)
@@ -98,7 +127,8 @@ ASN1_NDEF_SEQUENCE(PKCS7_SIGNED) = {
 IMPLEMENT_ASN1_FUNCTIONS(PKCS7_SIGNED)
 
 /* Minor tweak to operation: free up EVP_PKEY */
-static int si_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
+static int si_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
+							void *exarg)
 {
 	if(operation == ASN1_OP_FREE_POST) {
 		PKCS7_SIGNER_INFO *si = (PKCS7_SIGNER_INFO *)*pval;
@@ -140,7 +170,8 @@ ASN1_NDEF_SEQUENCE(PKCS7_ENVELOPE) = {
 IMPLEMENT_ASN1_FUNCTIONS(PKCS7_ENVELOPE)
 
 /* Minor tweak to operation: free up X509 */
-static int ri_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
+static int ri_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
+								void *exarg)
 {
 	if(operation == ASN1_OP_FREE_POST) {
 		PKCS7_RECIP_INFO *ri = (PKCS7_RECIP_INFO *)*pval;
@@ -161,7 +192,7 @@ IMPLEMENT_ASN1_FUNCTIONS(PKCS7_RECIP_INFO)
 ASN1_NDEF_SEQUENCE(PKCS7_ENC_CONTENT) = {
 	ASN1_SIMPLE(PKCS7_ENC_CONTENT, content_type, ASN1_OBJECT),
 	ASN1_SIMPLE(PKCS7_ENC_CONTENT, algorithm, X509_ALGOR),
-	ASN1_IMP_OPT(PKCS7_ENC_CONTENT, enc_data, ASN1_OCTET_STRING, 0)
+	ASN1_IMP_OPT(PKCS7_ENC_CONTENT, enc_data, ASN1_OCTET_STRING_NDEF, 0)
 } ASN1_NDEF_SEQUENCE_END(PKCS7_ENC_CONTENT)
 
 IMPLEMENT_ASN1_FUNCTIONS(PKCS7_ENC_CONTENT)
@@ -212,3 +243,5 @@ ASN1_ITEM_TEMPLATE(PKCS7_ATTR_VERIFY) =
 	ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_IMPTAG | ASN1_TFLG_UNIVERSAL,
 				V_ASN1_SET, PKCS7_ATTRIBUTES, X509_ATTRIBUTE)
 ASN1_ITEM_TEMPLATE_END(PKCS7_ATTR_VERIFY)
+
+IMPLEMENT_ASN1_PRINT_FUNCTION(PKCS7)
diff --git a/crypto/pkcs7/pk7_attr.c b/crypto/pkcs7/pk7_attr.c
index 735c8800e1..a97db51210 100644
--- a/crypto/pkcs7/pk7_attr.c
+++ b/crypto/pkcs7/pk7_attr.c
@@ -1,5 +1,5 @@
 /* pk7_attr.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2001.
  */
 /* ====================================================================
@@ -60,6 +60,7 @@
 #include <stdlib.h>
 #include <openssl/bio.h>
 #include <openssl/asn1.h>
+#include <openssl/asn1t.h>
 #include <openssl/pem.h>
 #include <openssl/pkcs7.h>
 #include <openssl/x509.h>
@@ -68,27 +69,12 @@
 int PKCS7_add_attrib_smimecap(PKCS7_SIGNER_INFO *si, STACK_OF(X509_ALGOR) *cap)
 {
 	ASN1_STRING *seq;
-	unsigned char *p, *pp;
-	int len;
-	len=i2d_ASN1_SET_OF_X509_ALGOR(cap,NULL,i2d_X509_ALGOR,
-				       V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL,
-				       IS_SEQUENCE);
-	if(!(pp=(unsigned char *)OPENSSL_malloc(len))) {
-		PKCS7err(PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP,ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	p=pp;
-	i2d_ASN1_SET_OF_X509_ALGOR(cap,&p,i2d_X509_ALGOR, V_ASN1_SEQUENCE,
-				   V_ASN1_UNIVERSAL, IS_SEQUENCE);
 	if(!(seq = ASN1_STRING_new())) {
 		PKCS7err(PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP,ERR_R_MALLOC_FAILURE);
 		return 0;
 	}
-	if(!ASN1_STRING_set (seq, pp, len)) {
-		PKCS7err(PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP,ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	OPENSSL_free (pp);
+	seq->length = ASN1_item_i2d((ASN1_VALUE *)cap,&seq->data,
+				ASN1_ITEM_rptr(X509_ALGORS));
         return PKCS7_add_signed_attribute(si, NID_SMIMECapabilities,
 							V_ASN1_SEQUENCE, seq);
 }
@@ -102,10 +88,9 @@ STACK_OF(X509_ALGOR) *PKCS7_get_smimecap(PKCS7_SIGNER_INFO *si)
 	if (!cap || (cap->type != V_ASN1_SEQUENCE))
 		return NULL;
 	p = cap->value.sequence->data;
-	return d2i_ASN1_SET_OF_X509_ALGOR(NULL, &p,
-					  cap->value.sequence->length,
-					  d2i_X509_ALGOR, X509_ALGOR_free,
-					  V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL);
+	return (STACK_OF(X509_ALGOR) *)
+		ASN1_item_d2i(NULL, &p, cap->value.sequence->length,
+				ASN1_ITEM_rptr(X509_ALGORS));
 	}
 
 /* Basic smime-capabilities OID and optional integer arg */
@@ -139,3 +124,42 @@ int PKCS7_simple_smimecap(STACK_OF(X509_ALGOR) *sk, int nid, int arg)
 	sk_X509_ALGOR_push (sk, alg);
 	return 1;
 }
+
+int PKCS7_add_attrib_content_type(PKCS7_SIGNER_INFO *si, ASN1_OBJECT *coid)
+	{
+	if (PKCS7_get_signed_attribute(si, NID_pkcs9_contentType))
+		return 0;
+	if (!coid)
+		coid = OBJ_nid2obj(NID_pkcs7_data);
+	return PKCS7_add_signed_attribute(si, NID_pkcs9_contentType,
+				V_ASN1_OBJECT, coid);
+	}
+
+int PKCS7_add0_attrib_signing_time(PKCS7_SIGNER_INFO *si, ASN1_TIME *t)
+	{
+	if (!t && !(t=X509_gmtime_adj(NULL,0)))
+		{
+		PKCS7err(PKCS7_F_PKCS7_ADD0_ATTRIB_SIGNING_TIME,
+				ERR_R_MALLOC_FAILURE);
+		return 0;
+		}
+	return PKCS7_add_signed_attribute(si, NID_pkcs9_signingTime,
+						V_ASN1_UTCTIME, t);
+	}
+
+int PKCS7_add1_attrib_digest(PKCS7_SIGNER_INFO *si,
+				const unsigned char *md, int mdlen)
+	{
+	ASN1_OCTET_STRING *os;
+	os = ASN1_OCTET_STRING_new();
+	if (!os)
+		return 0;
+	if (!ASN1_STRING_set(os, md, mdlen)
+		|| !PKCS7_add_signed_attribute(si, NID_pkcs9_messageDigest,
+						V_ASN1_OCTET_STRING, os))
+		{
+		ASN1_OCTET_STRING_free(os);
+		return 0;
+		}
+	return 1;
+	}
diff --git a/crypto/pkcs7/pk7_doit.c b/crypto/pkcs7/pk7_doit.c
index 8d98a85210..c2a56893ef 100644
--- a/crypto/pkcs7/pk7_doit.c
+++ b/crypto/pkcs7/pk7_doit.c
@@ -62,6 +62,7 @@
 #include <openssl/objects.h>
 #include <openssl/x509.h>
 #include <openssl/x509v3.h>
+#include <openssl/err.h>
 
 static int add_attribute(STACK_OF(X509_ATTRIBUTE) **sk, int nid, int atrtype,
 			 void *value);
@@ -137,6 +138,121 @@ static int PKCS7_bio_add_digest(BIO **pbio, X509_ALGOR *alg)
 
 	}
 
+static int pkcs7_encode_rinfo(PKCS7_RECIP_INFO *ri,
+					unsigned char *key, int keylen)
+	{
+	EVP_PKEY_CTX *pctx = NULL;
+	EVP_PKEY *pkey = NULL;
+	unsigned char *ek = NULL;
+	int ret = 0;
+	size_t eklen;
+
+	pkey = X509_get_pubkey(ri->cert);
+
+	if (!pkey)
+		return 0;
+
+	pctx = EVP_PKEY_CTX_new(pkey, NULL);
+	if (!pctx)
+		return 0;
+
+	if (EVP_PKEY_encrypt_init(pctx) <= 0)
+		goto err;
+
+	if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_ENCRYPT,
+				EVP_PKEY_CTRL_PKCS7_ENCRYPT, 0, ri) <= 0)
+		{
+		PKCS7err(PKCS7_F_PKCS7_ENCODE_RINFO, PKCS7_R_CTRL_ERROR);
+		goto err;
+		}
+
+	if (EVP_PKEY_encrypt(pctx, NULL, &eklen, key, keylen) <= 0)
+		goto err;
+
+	ek = OPENSSL_malloc(eklen);
+
+	if (ek == NULL)
+		{
+		PKCS7err(PKCS7_F_PKCS7_ENCODE_RINFO, ERR_R_MALLOC_FAILURE);
+		goto err;
+		}
+
+	if (EVP_PKEY_encrypt(pctx, ek, &eklen, key, keylen) <= 0)
+		goto err;
+
+	ASN1_STRING_set0(ri->enc_key, ek, eklen);
+	ek = NULL;
+
+	ret = 1;
+
+	err:
+	if (pkey)
+		EVP_PKEY_free(pkey);
+	if (pctx)
+		EVP_PKEY_CTX_free(pctx);
+	if (ek)
+		OPENSSL_free(ek);
+	return ret;
+
+	}
+
+
+static int pkcs7_decrypt_rinfo(unsigned char **pek, int *peklen,
+			       PKCS7_RECIP_INFO *ri, EVP_PKEY *pkey)
+	{
+	EVP_PKEY_CTX *pctx = NULL;
+	unsigned char *ek = NULL;
+	size_t eklen;
+
+	int ret = 0;
+
+	pctx = EVP_PKEY_CTX_new(pkey, NULL);
+	if (!pctx)
+		return 0;
+
+	if (EVP_PKEY_decrypt_init(pctx) <= 0)
+		goto err;
+
+	if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DECRYPT,
+				EVP_PKEY_CTRL_PKCS7_DECRYPT, 0, ri) <= 0)
+		{
+		PKCS7err(PKCS7_F_PKCS7_DECRYPT_RINFO, PKCS7_R_CTRL_ERROR);
+		goto err;
+		}
+
+	if (EVP_PKEY_decrypt(pctx, NULL, &eklen,
+				ri->enc_key->data, ri->enc_key->length) <= 0)
+		goto err;
+
+	ek = OPENSSL_malloc(eklen);
+
+	if (ek == NULL)
+		{
+		PKCS7err(PKCS7_F_PKCS7_DECRYPT_RINFO, ERR_R_MALLOC_FAILURE);
+		goto err;
+		}
+
+	if (EVP_PKEY_decrypt(pctx, ek, &eklen,
+				ri->enc_key->data, ri->enc_key->length) <= 0)
+		{
+		PKCS7err(PKCS7_F_PKCS7_DECRYPT_RINFO, ERR_R_EVP_LIB);
+		goto err;
+		}
+
+	ret = 1;
+
+	*pek = ek;
+	*peklen = eklen;
+
+	err:
+	if (pctx)
+		EVP_PKEY_CTX_free(pctx);
+	if (!ret && ek)
+		OPENSSL_free(ek);
+
+	return ret;
+	}
+
 BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio)
 	{
 	int i;
@@ -147,7 +263,6 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio)
 	STACK_OF(PKCS7_RECIP_INFO) *rsk=NULL;
 	X509_ALGOR *xalg=NULL;
 	PKCS7_RECIP_INFO *ri=NULL;
-	EVP_PKEY *pkey;
 	ASN1_OCTET_STRING *os=NULL;
 
 	i=OBJ_obj2nid(p7->type);
@@ -186,6 +301,8 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio)
 		xa = p7->d.digest->md;
 		os = PKCS7_get_octet_string(p7->d.digest->contents);
 		break;
+	case NID_pkcs7_data:
+		break;
 	default:
 		PKCS7err(PKCS7_F_PKCS7_DATAINIT,PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
 	        goto err;
@@ -203,8 +320,6 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio)
 		unsigned char key[EVP_MAX_KEY_LENGTH];
 		unsigned char iv[EVP_MAX_IV_LENGTH];
 		int keylen,ivlen;
-		int jj,max;
-		unsigned char *tmp;
 		EVP_CIPHER_CTX *ctx;
 
 		if ((btmp=BIO_new(BIO_f_cipher())) == NULL)
@@ -216,7 +331,9 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio)
 		keylen=EVP_CIPHER_key_length(evp_cipher);
 		ivlen=EVP_CIPHER_iv_length(evp_cipher);
 		xalg->algorithm = OBJ_nid2obj(EVP_CIPHER_type(evp_cipher));
-		if (ivlen > 0) RAND_pseudo_bytes(iv,ivlen);
+		if (ivlen > 0)
+			if (RAND_pseudo_bytes(iv,ivlen) <= 0)
+				goto err;
 		if (EVP_CipherInit_ex(ctx, evp_cipher, NULL, NULL, NULL, 1)<=0)
 			goto err;
 		if (EVP_CIPHER_CTX_rand_key(ctx, key) <= 0)
@@ -225,53 +342,22 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio)
 			goto err;
 
 		if (ivlen > 0) {
-			if (xalg->parameter == NULL) 
-						xalg->parameter=ASN1_TYPE_new();
+			if (xalg->parameter == NULL) {
+				xalg->parameter = ASN1_TYPE_new();
+				if (xalg->parameter == NULL)
+					goto err;
+			}
 			if(EVP_CIPHER_param_to_asn1(ctx, xalg->parameter) < 0)
-								       goto err;
+				goto err;
 		}
 
 		/* Lets do the pub key stuff :-) */
-		max=0;
 		for (i=0; i<sk_PKCS7_RECIP_INFO_num(rsk); i++)
 			{
 			ri=sk_PKCS7_RECIP_INFO_value(rsk,i);
-			if (ri->cert == NULL)
-				{
-				PKCS7err(PKCS7_F_PKCS7_DATAINIT,PKCS7_R_MISSING_CERIPEND_INFO);
+			if (pkcs7_encode_rinfo(ri, key, keylen) <= 0)
 				goto err;
-				}
-			pkey=X509_get_pubkey(ri->cert);
-			jj=EVP_PKEY_size(pkey);
-			EVP_PKEY_free(pkey);
-			if (max < jj) max=jj;
 			}
-		if ((tmp=(unsigned char *)OPENSSL_malloc(max)) == NULL)
-			{
-			PKCS7err(PKCS7_F_PKCS7_DATAINIT,ERR_R_MALLOC_FAILURE);
-			goto err;
-			}
-		for (i=0; i<sk_PKCS7_RECIP_INFO_num(rsk); i++)
-			{
-			ri=sk_PKCS7_RECIP_INFO_value(rsk,i);
-			pkey=X509_get_pubkey(ri->cert);
-			jj=EVP_PKEY_encrypt(tmp,key,keylen,pkey);
-			EVP_PKEY_free(pkey);
-			if (jj <= 0)
-				{
-				PKCS7err(PKCS7_F_PKCS7_DATAINIT,ERR_R_EVP_LIB);
-				OPENSSL_free(tmp);
-				goto err;
-				}
-			if (!M_ASN1_OCTET_STRING_set(ri->enc_key,tmp,jj))
-				{
-				PKCS7err(PKCS7_F_PKCS7_DATAINIT,
-					ERR_R_MALLOC_FAILURE);
-				OPENSSL_free(tmp);
-				goto err;
-				}
-			}
-		OPENSSL_free(tmp);
 		OPENSSL_cleanse(key, keylen);
 
 		if (out == NULL)
@@ -290,10 +376,15 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio)
 		if(bio == NULL)
 			{
 			bio=BIO_new(BIO_s_mem());
+			if (bio == NULL)
+				goto err;
 			BIO_set_mem_eof_return(bio,0);
 			}
 		}
-	BIO_push(out,bio);
+	if (out)
+		BIO_push(out,bio);
+	else
+		out = bio;
 	bio=NULL;
 	if (0)
 		{
@@ -307,12 +398,22 @@ err:
 	return(out);
 	}
 
+static int pkcs7_cmp_ri(PKCS7_RECIP_INFO *ri, X509 *pcert)
+	{
+	int ret;
+	ret = X509_NAME_cmp(ri->issuer_and_serial->issuer,
+				pcert->cert_info->issuer);
+	if (ret)
+		return ret;
+	return M_ASN1_INTEGER_cmp(pcert->cert_info->serialNumber,
+					ri->issuer_and_serial->serial);
+	}
+
 /* int */
 BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
 	{
 	int i,j;
 	BIO *out=NULL,*btmp=NULL,*etmp=NULL,*bio=NULL;
-	unsigned char *tmp=NULL;
 	X509_ALGOR *xa;
 	ASN1_OCTET_STRING *data_body=NULL;
 	const EVP_MD *evp_md;
@@ -402,7 +503,8 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
 		int max;
 		X509_OBJECT ret;
 #endif
-		int jj;
+		unsigned char *ek = NULL;
+		int eklen;
 
 		if ((etmp=BIO_new(BIO_f_cipher())) == NULL)
 			{
@@ -417,34 +519,47 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
 		 * (if any)
 		 */
 
-		for (i=0; i<sk_PKCS7_RECIP_INFO_num(rsk); i++) {
-			ri=sk_PKCS7_RECIP_INFO_value(rsk,i);
-			if(!X509_NAME_cmp(ri->issuer_and_serial->issuer,
-					pcert->cert_info->issuer) &&
-			     !M_ASN1_INTEGER_cmp(pcert->cert_info->serialNumber,
-					ri->issuer_and_serial->serial)) break;
-			ri=NULL;
-		}
-		if (ri == NULL) {
-			PKCS7err(PKCS7_F_PKCS7_DATADECODE,
-				 PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE);
-			goto err;
-		}
-
-		jj=EVP_PKEY_size(pkey);
-		tmp=(unsigned char *)OPENSSL_malloc(jj+10);
-		if (tmp == NULL)
+		if (pcert)
 			{
-			PKCS7err(PKCS7_F_PKCS7_DATADECODE,ERR_R_MALLOC_FAILURE);
-			goto err;
+			for (i=0; i<sk_PKCS7_RECIP_INFO_num(rsk); i++)
+				{
+				ri=sk_PKCS7_RECIP_INFO_value(rsk,i);
+				if (!pkcs7_cmp_ri(ri, pcert))
+					break;
+				ri=NULL;
+				}
+			if (ri == NULL)
+				{
+				PKCS7err(PKCS7_F_PKCS7_DATADECODE,
+				      PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE);
+				goto err;
+				}
 			}
 
-		jj=EVP_PKEY_decrypt(tmp, M_ASN1_STRING_data(ri->enc_key),
-			M_ASN1_STRING_length(ri->enc_key), pkey);
-		if (jj <= 0)
+		/* If we haven't got a certificate try each ri in turn */
+
+		if (pcert == NULL)
 			{
-			PKCS7err(PKCS7_F_PKCS7_DATADECODE,ERR_R_EVP_LIB);
-			goto err;
+			for (i=0; i<sk_PKCS7_RECIP_INFO_num(rsk); i++)
+				{
+				ri=sk_PKCS7_RECIP_INFO_value(rsk,i);
+				if (pkcs7_decrypt_rinfo(&ek, &eklen,
+							ri, pkey) > 0)
+					break;
+				ERR_clear_error();
+				ri = NULL;
+				}
+			if (ri == NULL)
+				{
+				PKCS7err(PKCS7_F_PKCS7_DATADECODE,
+				      PKCS7_R_NO_RECIPIENT_MATCHES_KEY);
+				goto err;
+				}
+			}
+		else
+			{
+			if (pkcs7_decrypt_rinfo(&ek, &eklen, ri, pkey) <= 0)
+				goto err;
 			}
 
 		evp_ctx=NULL;
@@ -454,22 +569,26 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
 		if (EVP_CIPHER_asn1_to_param(evp_ctx,enc_alg->parameter) < 0)
 			goto err;
 
-		if (jj != EVP_CIPHER_CTX_key_length(evp_ctx)) {
+		if (eklen != EVP_CIPHER_CTX_key_length(evp_ctx)) {
 			/* Some S/MIME clients don't use the same key
 			 * and effective key length. The key length is
 			 * determined by the size of the decrypted RSA key.
 			 */
-			if(!EVP_CIPHER_CTX_set_key_length(evp_ctx, jj))
+			if(!EVP_CIPHER_CTX_set_key_length(evp_ctx, eklen))
 				{
 				PKCS7err(PKCS7_F_PKCS7_DATADECODE,
 					PKCS7_R_DECRYPTED_KEY_IS_WRONG_LENGTH);
 				goto err;
 				}
 		} 
-		if (EVP_CipherInit_ex(evp_ctx,NULL,NULL,tmp,NULL,0) <= 0)
+		if (EVP_CipherInit_ex(evp_ctx,NULL,NULL,ek,NULL,0) <= 0)
 			goto err;
 
-		OPENSSL_cleanse(tmp,jj);
+		if (ek)
+			{
+			OPENSSL_cleanse(ek,eklen);
+			OPENSSL_free(ek);
+			}
 
 		if (out == NULL)
 			out=etmp;
@@ -501,6 +620,8 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
 			bio=BIO_new(BIO_s_mem());
 			BIO_set_mem_eof_return(bio,0);
 		}
+		if (bio == NULL)
+			goto err;
 #endif
 		}
 	BIO_push(out,bio);
@@ -515,8 +636,6 @@ err:
 		if (bio != NULL) BIO_free_all(bio);
 		out=NULL;
 		}
-	if (tmp != NULL)
-		OPENSSL_free(tmp);
 	return(out);
 	}
 
@@ -527,13 +646,13 @@ static BIO *PKCS7_find_digest(EVP_MD_CTX **pmd, BIO *bio, int nid)
 		bio=BIO_find_type(bio,BIO_TYPE_MD);
 		if (bio == NULL)
 			{
-			PKCS7err(PKCS7_F_FIND_DIGEST,PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST);
+			PKCS7err(PKCS7_F_PKCS7_FIND_DIGEST,PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST);
 			return NULL;	
 			}
 		BIO_get_md_ctx(bio,pmd);
 		if (*pmd == NULL)
 			{
-			PKCS7err(PKCS7_F_PKCS7_DATASIGN,ERR_R_INTERNAL_ERROR);
+			PKCS7err(PKCS7_F_PKCS7_FIND_DIGEST,ERR_R_INTERNAL_ERROR);
 			return NULL;
 			}	
 		if (EVP_MD_CTX_type(*pmd) == nid)
@@ -543,13 +662,47 @@ static BIO *PKCS7_find_digest(EVP_MD_CTX **pmd, BIO *bio, int nid)
 	return NULL;
 	}
 
+static int do_pkcs7_signed_attrib(PKCS7_SIGNER_INFO *si, EVP_MD_CTX *mctx)
+	{
+	unsigned char md_data[EVP_MAX_MD_SIZE];
+	unsigned int md_len;
+
+	/* Add signing time if not already present */
+	if (!PKCS7_get_signed_attribute(si, NID_pkcs9_signingTime))
+		{
+		if (!PKCS7_add0_attrib_signing_time(si, NULL))
+			{
+			PKCS7err(PKCS7_F_DO_PKCS7_SIGNED_ATTRIB,
+					ERR_R_MALLOC_FAILURE);
+			return 0;
+			}
+		}
+
+	/* Add digest */
+	if (!EVP_DigestFinal_ex(mctx, md_data,&md_len))
+		{
+		PKCS7err(PKCS7_F_DO_PKCS7_SIGNED_ATTRIB, ERR_R_EVP_LIB);
+		return 0;
+		}
+	if (!PKCS7_add1_attrib_digest(si, md_data, md_len))
+		{
+		PKCS7err(PKCS7_F_DO_PKCS7_SIGNED_ATTRIB, ERR_R_MALLOC_FAILURE);
+		return 0;
+		}
+
+	/* Now sign the attributes */
+	if (!PKCS7_SIGNER_INFO_sign(si))
+			return 0;
+
+	return 1;
+	}
+	
+				
 int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
 	{
 	int ret=0;
 	int i,j;
 	BIO *btmp;
-	BUF_MEM *buf_mem=NULL;
-	BUF_MEM *buf=NULL;
 	PKCS7_SIGNER_INFO *si;
 	EVP_MD_CTX *mdc,ctx_tmp;
 	STACK_OF(X509_ATTRIBUTE) *sk;
@@ -562,24 +715,37 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
 
 	switch (i)
 		{
+	case NID_pkcs7_data:
+		os = p7->d.data;
+		break;
 	case NID_pkcs7_signedAndEnveloped:
 		/* XXXXXXXXXXXXXXXX */
 		si_sk=p7->d.signed_and_enveloped->signer_info;
-		if (!(os=M_ASN1_OCTET_STRING_new()))
+		os = p7->d.signed_and_enveloped->enc_data->enc_data;
+		if (!os)
 			{
-			PKCS7err(PKCS7_F_PKCS7_DATASIGN,ERR_R_MALLOC_FAILURE);
-			goto err;
+			os=M_ASN1_OCTET_STRING_new();
+			if (!os)
+				{
+				PKCS7err(PKCS7_F_PKCS7_DATAFINAL,ERR_R_MALLOC_FAILURE);
+				goto err;
+				}
+			p7->d.signed_and_enveloped->enc_data->enc_data=os;
 			}
-		p7->d.signed_and_enveloped->enc_data->enc_data=os;
 		break;
 	case NID_pkcs7_enveloped:
 		/* XXXXXXXXXXXXXXXX */
-		if (!(os=M_ASN1_OCTET_STRING_new()))
+		os = p7->d.enveloped->enc_data->enc_data;
+		if (!os)
 			{
-			PKCS7err(PKCS7_F_PKCS7_DATASIGN,ERR_R_MALLOC_FAILURE);
-			goto err;
+			os=M_ASN1_OCTET_STRING_new();
+			if (!os)
+				{
+				PKCS7err(PKCS7_F_PKCS7_DATAFINAL,ERR_R_MALLOC_FAILURE);
+				goto err;
+				}
+			p7->d.enveloped->enc_data->enc_data=os;
 			}
-		p7->d.enveloped->enc_data->enc_data=os;
 		break;
 	case NID_pkcs7_signed:
 		si_sk=p7->d.sign->signer_info;
@@ -601,21 +767,20 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
 			}
 		break;
 
+	default:
+		PKCS7err(PKCS7_F_PKCS7_DATAFINAL,PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
+	        goto err;
 		}
 
 	if (si_sk != NULL)
 		{
-		if ((buf=BUF_MEM_new()) == NULL)
-			{
-			PKCS7err(PKCS7_F_PKCS7_DATASIGN,ERR_R_BIO_LIB);
-			goto err;
-			}
 		for (i=0; i<sk_PKCS7_SIGNER_INFO_num(si_sk); i++)
 			{
 			si=sk_PKCS7_SIGNER_INFO_value(si_sk,i);
-			if (si->pkey == NULL) continue;
+			if (si->pkey == NULL)
+				continue;
 
-			j=OBJ_obj2nid(si->digest_alg->algorithm);
+			j = OBJ_obj2nid(si->digest_alg->algorithm);
 
 			btmp=bio;
 
@@ -626,89 +791,35 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
 
 			/* We now have the EVP_MD_CTX, lets do the
 			 * signing. */
-			EVP_MD_CTX_copy_ex(&ctx_tmp,mdc);
-			if (!BUF_MEM_grow_clean(buf,EVP_PKEY_size(si->pkey)))
-				{
-				PKCS7err(PKCS7_F_PKCS7_DATASIGN,ERR_R_BIO_LIB);
+			if (!EVP_MD_CTX_copy_ex(&ctx_tmp,mdc))
 				goto err;
-				}
 
 			sk=si->auth_attr;
 
 			/* If there are attributes, we add the digest
 			 * attribute and only sign the attributes */
-			if ((sk != NULL) && (sk_X509_ATTRIBUTE_num(sk) != 0))
+			if (sk_X509_ATTRIBUTE_num(sk) > 0)
 				{
-				unsigned char md_data[EVP_MAX_MD_SIZE], *abuf=NULL;
-				unsigned int md_len, alen;
-				ASN1_OCTET_STRING *digest;
-				ASN1_UTCTIME *sign_time;
-				const EVP_MD *md_tmp;
-
-				/* Add signing time if not already present */
-				if (!PKCS7_get_signed_attribute(si,
-							NID_pkcs9_signingTime))
-					{
-					if (!(sign_time=X509_gmtime_adj(NULL,0)))
-						{
-						PKCS7err(PKCS7_F_PKCS7_DATASIGN,
-							ERR_R_MALLOC_FAILURE);
-						goto err;
-						}
-					PKCS7_add_signed_attribute(si,
-						NID_pkcs9_signingTime,
-						V_ASN1_UTCTIME,sign_time);
-					}
-
-				/* Add digest */
-				md_tmp=EVP_MD_CTX_md(&ctx_tmp);
-				EVP_DigestFinal_ex(&ctx_tmp,md_data,&md_len);
-				if (!(digest=M_ASN1_OCTET_STRING_new()))
-					{
-					PKCS7err(PKCS7_F_PKCS7_DATASIGN,
-						ERR_R_MALLOC_FAILURE);
+				if (!do_pkcs7_signed_attrib(si, &ctx_tmp))
 					goto err;
-					}
-				if (!M_ASN1_OCTET_STRING_set(digest,md_data,
-								md_len))
+				}
+			else
+				{
+				unsigned char *abuf = NULL;
+				unsigned int abuflen;
+				abuflen = EVP_PKEY_size(si->pkey);
+				abuf = OPENSSL_malloc(abuflen);
+				if (!abuf)
+					goto err;
+
+				if (!EVP_SignFinal(&ctx_tmp, abuf, &abuflen,
+							si->pkey))
 					{
-					PKCS7err(PKCS7_F_PKCS7_DATASIGN,
-						ERR_R_MALLOC_FAILURE);
+					PKCS7err(PKCS7_F_PKCS7_DATAFINAL,
+							ERR_R_EVP_LIB);
 					goto err;
 					}
-				PKCS7_add_signed_attribute(si,
-					NID_pkcs9_messageDigest,
-					V_ASN1_OCTET_STRING,digest);
-
-				/* Now sign the attributes */
-				EVP_SignInit_ex(&ctx_tmp,md_tmp,NULL);
-				alen = ASN1_item_i2d((ASN1_VALUE *)sk,&abuf,
-							ASN1_ITEM_rptr(PKCS7_ATTR_SIGN));
-				if(!abuf) goto err;
-				EVP_SignUpdate(&ctx_tmp,abuf,alen);
-				OPENSSL_free(abuf);
-				}
-
-#ifndef OPENSSL_NO_DSA
-			if (si->pkey->type == EVP_PKEY_DSA)
-				ctx_tmp.digest=EVP_dss1();
-#endif
-#ifndef OPENSSL_NO_ECDSA
- 			if (si->pkey->type == EVP_PKEY_EC)
- 				ctx_tmp.digest=EVP_ecdsa();
-#endif
-
-			if (!EVP_SignFinal(&ctx_tmp,(unsigned char *)buf->data,
-				(unsigned int *)&buf->length,si->pkey))
-				{
-				PKCS7err(PKCS7_F_PKCS7_DATASIGN,ERR_R_EVP_LIB);
-				goto err;
-				}
-			if (!ASN1_STRING_set(si->enc_digest,
-				(unsigned char *)buf->data,buf->length))
-				{
-				PKCS7err(PKCS7_F_PKCS7_DATASIGN,ERR_R_ASN1_LIB);
-				goto err;
+				ASN1_STRING_set0(si->enc_digest, abuf, abuflen);
 				}
 			}
 		}
@@ -719,38 +830,95 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
 		if (!PKCS7_find_digest(&mdc, bio,
 				OBJ_obj2nid(p7->d.digest->md->algorithm)))
 			goto err;
-		EVP_DigestFinal_ex(mdc,md_data,&md_len);
+		if (!EVP_DigestFinal_ex(mdc,md_data,&md_len))
+			goto err;
 		M_ASN1_OCTET_STRING_set(p7->d.digest->digest, md_data, md_len);
 		}
 
-	if (!PKCS7_is_detached(p7))
+	if (!PKCS7_is_detached(p7) && !(os->flags & ASN1_STRING_FLAG_NDEF))
 		{
+		char *cont;
+		long contlen;
 		btmp=BIO_find_type(bio,BIO_TYPE_MEM);
 		if (btmp == NULL)
 			{
-			PKCS7err(PKCS7_F_PKCS7_DATASIGN,PKCS7_R_UNABLE_TO_FIND_MEM_BIO);
+			PKCS7err(PKCS7_F_PKCS7_DATAFINAL,PKCS7_R_UNABLE_TO_FIND_MEM_BIO);
 			goto err;
 			}
-		BIO_get_mem_ptr(btmp,&buf_mem);
+		contlen = BIO_get_mem_data(btmp, &cont);
 		/* Mark the BIO read only then we can use its copy of the data
 		 * instead of making an extra copy.
 		 */
 		BIO_set_flags(btmp, BIO_FLAGS_MEM_RDONLY);
 		BIO_set_mem_eof_return(btmp, 0);
-		os->data = (unsigned char *)buf_mem->data;
-		os->length = buf_mem->length;
-#if 0
-		M_ASN1_OCTET_STRING_set(os,
-			(unsigned char *)buf_mem->data,buf_mem->length);
-#endif
+		ASN1_STRING_set0(os, (unsigned char *)cont, contlen);
 		}
 	ret=1;
 err:
 	EVP_MD_CTX_cleanup(&ctx_tmp);
-	if (buf != NULL) BUF_MEM_free(buf);
 	return(ret);
 	}
 
+int PKCS7_SIGNER_INFO_sign(PKCS7_SIGNER_INFO *si)
+	{
+	EVP_MD_CTX mctx;
+	EVP_PKEY_CTX *pctx;
+	unsigned char *abuf = NULL;
+	int alen;
+	size_t siglen;
+	const EVP_MD *md = NULL;
+
+	md = EVP_get_digestbyobj(si->digest_alg->algorithm);
+	if (md == NULL)
+		return 0;
+
+	EVP_MD_CTX_init(&mctx);
+	if (EVP_DigestSignInit(&mctx, &pctx, md,NULL, si->pkey) <= 0)
+		goto err;
+
+	if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_SIGN,
+				EVP_PKEY_CTRL_PKCS7_SIGN, 0, si) <= 0)
+		{
+		PKCS7err(PKCS7_F_PKCS7_SIGNER_INFO_SIGN, PKCS7_R_CTRL_ERROR);
+		goto err;
+		}
+
+	alen = ASN1_item_i2d((ASN1_VALUE *)si->auth_attr,&abuf,
+				ASN1_ITEM_rptr(PKCS7_ATTR_SIGN));
+	if(!abuf)
+		goto err;
+	if (EVP_DigestSignUpdate(&mctx,abuf,alen) <= 0)
+		goto err;
+	OPENSSL_free(abuf);
+	if (EVP_DigestSignFinal(&mctx, NULL, &siglen) <= 0)
+		goto err;
+	abuf = OPENSSL_malloc(siglen);
+	if(!abuf)
+		goto err;
+	if (EVP_DigestSignFinal(&mctx, abuf, &siglen) <= 0)
+		goto err;
+
+	if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_SIGN,
+				EVP_PKEY_CTRL_PKCS7_SIGN, 1, si) <= 0)
+		{
+		PKCS7err(PKCS7_F_PKCS7_SIGNER_INFO_SIGN, PKCS7_R_CTRL_ERROR);
+		goto err;
+		}
+
+	EVP_MD_CTX_cleanup(&mctx);
+
+	ASN1_STRING_set0(si->enc_digest, abuf, siglen);
+
+	return 1;
+
+	err:
+	if (abuf)
+		OPENSSL_free(abuf);
+	EVP_MD_CTX_cleanup(&mctx);
+	return 0;
+
+	}
+
 int PKCS7_dataVerify(X509_STORE *cert_store, X509_STORE_CTX *ctx, BIO *bio,
 	     PKCS7 *p7, PKCS7_SIGNER_INFO *si)
 	{
@@ -856,16 +1024,19 @@ int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si,
 
 	/* mdc is the digest ctx that we want, unless there are attributes,
 	 * in which case the digest is the signed attributes */
-	EVP_MD_CTX_copy_ex(&mdc_tmp,mdc);
+	if (!EVP_MD_CTX_copy_ex(&mdc_tmp,mdc))
+		goto err;
 
 	sk=si->auth_attr;
 	if ((sk != NULL) && (sk_X509_ATTRIBUTE_num(sk) != 0))
 		{
 		unsigned char md_dat[EVP_MAX_MD_SIZE], *abuf = NULL;
-                unsigned int md_len, alen;
+                unsigned int md_len;
+		int alen;
 		ASN1_OCTET_STRING *message_digest;
 
-		EVP_DigestFinal_ex(&mdc_tmp,md_dat,&md_len);
+		if (!EVP_DigestFinal_ex(&mdc_tmp,md_dat,&md_len))
+			goto err;
 		message_digest=PKCS7_digest_from_attributes(sk);
 		if (!message_digest)
 			{
@@ -890,11 +1061,19 @@ for (ii=0; ii<md_len; ii++) printf("%02X",md_dat[ii]); printf(" calc\n");
 			goto err;
 			}
 
-		EVP_VerifyInit_ex(&mdc_tmp,EVP_get_digestbynid(md_type), NULL);
+		if (!EVP_VerifyInit_ex(&mdc_tmp,EVP_get_digestbynid(md_type), NULL))
+			goto err;
 
 		alen = ASN1_item_i2d((ASN1_VALUE *)sk, &abuf,
 						ASN1_ITEM_rptr(PKCS7_ATTR_VERIFY));
-		EVP_VerifyUpdate(&mdc_tmp, abuf, alen);
+		if (alen <= 0) 
+			{
+			PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY,ERR_R_ASN1_LIB);
+			ret = -1;
+			goto err;
+			}
+		if (!EVP_VerifyUpdate(&mdc_tmp, abuf, alen))
+			goto err;
 
 		OPENSSL_free(abuf);
 		}
@@ -906,12 +1085,6 @@ for (ii=0; ii<md_len; ii++) printf("%02X",md_dat[ii]); printf(" calc\n");
 		ret = -1;
 		goto err;
 		}
-#ifndef OPENSSL_NO_DSA
-	if(pkey->type == EVP_PKEY_DSA) mdc_tmp.digest=EVP_dss1();
-#endif
-#ifndef OPENSSL_NO_ECDSA
-	if (pkey->type == EVP_PKEY_EC) mdc_tmp.digest=EVP_ecdsa();
-#endif
 
 	i=EVP_VerifyFinal(&mdc_tmp,os->data,os->length, pkey);
 	EVP_PKEY_free(pkey);
@@ -936,8 +1109,13 @@ PKCS7_ISSUER_AND_SERIAL *PKCS7_get_issuer_and_serial(PKCS7 *p7, int idx)
 	int i;
 
 	i=OBJ_obj2nid(p7->type);
-	if (i != NID_pkcs7_signedAndEnveloped) return(NULL);
+	if (i != NID_pkcs7_signedAndEnveloped)
+		return NULL;
+	if (p7->d.signed_and_enveloped == NULL)
+		return NULL;
 	rsk=p7->d.signed_and_enveloped->recipientinfo;
+	if (rsk == NULL)
+		return NULL;
 	ri=sk_PKCS7_RECIP_INFO_value(rsk,0);
 	if (sk_PKCS7_RECIP_INFO_num(rsk) <= idx) return(NULL);
 	ri=sk_PKCS7_RECIP_INFO_value(rsk,idx);
@@ -991,6 +1169,8 @@ int PKCS7_set_signed_attributes(PKCS7_SIGNER_INFO *p7si,
 	if (p7si->auth_attr != NULL)
 		sk_X509_ATTRIBUTE_pop_free(p7si->auth_attr,X509_ATTRIBUTE_free);
 	p7si->auth_attr=sk_X509_ATTRIBUTE_dup(sk);
+	if (p7si->auth_attr == NULL)
+		return 0;
 	for (i=0; i<sk_X509_ATTRIBUTE_num(sk); i++)
 		{
 		if ((sk_X509_ATTRIBUTE_set(p7si->auth_attr,i,
@@ -1009,6 +1189,8 @@ int PKCS7_set_attributes(PKCS7_SIGNER_INFO *p7si, STACK_OF(X509_ATTRIBUTE) *sk)
 		sk_X509_ATTRIBUTE_pop_free(p7si->unauth_attr,
 					   X509_ATTRIBUTE_free);
 	p7si->unauth_attr=sk_X509_ATTRIBUTE_dup(sk);
+	if (p7si->unauth_attr == NULL)
+		return 0;
 	for (i=0; i<sk_X509_ATTRIBUTE_num(sk); i++)
 		{
 		if ((sk_X509_ATTRIBUTE_set(p7si->unauth_attr,i,
@@ -1039,9 +1221,16 @@ static int add_attribute(STACK_OF(X509_ATTRIBUTE) **sk, int nid, int atrtype,
 	if (*sk == NULL)
 		{
 		*sk = sk_X509_ATTRIBUTE_new_null();
+		if (*sk == NULL)
+			return 0;	
 new_attrib:
-		attr=X509_ATTRIBUTE_create(nid,atrtype,value);
-		sk_X509_ATTRIBUTE_push(*sk,attr);
+		if (!(attr=X509_ATTRIBUTE_create(nid,atrtype,value)))
+			return 0;
+		if (!sk_X509_ATTRIBUTE_push(*sk,attr))
+			{
+			X509_ATTRIBUTE_free(attr);
+			return 0;
+			}
 		}
 	else
 		{
@@ -1054,7 +1243,13 @@ new_attrib:
 				{
 				X509_ATTRIBUTE_free(attr);
 				attr=X509_ATTRIBUTE_create(nid,atrtype,value);
-				sk_X509_ATTRIBUTE_set(*sk,i,attr);
+				if (attr == NULL)
+					return 0;
+				if (!sk_X509_ATTRIBUTE_set(*sk,i,attr))
+					{
+					X509_ATTRIBUTE_free(attr);
+					return 0;
+					}
 				goto end;
 				}
 			}
diff --git a/crypto/pkcs7/pk7_lib.c b/crypto/pkcs7/pk7_lib.c
index a45a0f0640..3ca0952792 100644
--- a/crypto/pkcs7/pk7_lib.c
+++ b/crypto/pkcs7/pk7_lib.c
@@ -60,6 +60,7 @@
 #include "cryptlib.h"
 #include <openssl/objects.h>
 #include <openssl/x509.h>
+#include "asn1_locl.h"
 
 long PKCS7_ctrl(PKCS7 *p7, int cmd, long larg, char *parg)
 	{
@@ -187,7 +188,6 @@ int PKCS7_set_type(PKCS7 *p7, int type)
 		ASN1_INTEGER_set(p7->d.signed_and_enveloped->version,1);
 		if (!ASN1_INTEGER_set(p7->d.signed_and_enveloped->version,1))
 			goto err;
-  		break;
 		p7->d.signed_and_enveloped->enc_data->content_type
 						= OBJ_nid2obj(NID_pkcs7_data);
 		break;
@@ -272,16 +272,23 @@ int PKCS7_add_signer(PKCS7 *p7, PKCS7_SIGNER_INFO *psi)
 	if (!j) /* we need to add another algorithm */
 		{
 		if(!(alg=X509_ALGOR_new())
-			|| !(alg->parameter = ASN1_TYPE_new())) {
+			|| !(alg->parameter = ASN1_TYPE_new()))
+			{
+			X509_ALGOR_free(alg);
 			PKCS7err(PKCS7_F_PKCS7_ADD_SIGNER,ERR_R_MALLOC_FAILURE);
 			return(0);
-		}
+			}
 		alg->algorithm=OBJ_nid2obj(nid);
 		alg->parameter->type = V_ASN1_NULL;
-		sk_X509_ALGOR_push(md_sk,alg);
+		if (!sk_X509_ALGOR_push(md_sk,alg))
+			{
+			X509_ALGOR_free(alg);
+			return 0;
+			}
 		}
 
-	sk_PKCS7_SIGNER_INFO_push(signer_sk,psi);
+	if (!sk_PKCS7_SIGNER_INFO_push(signer_sk,psi))
+		return 0;
 	return(1);
 	}
 
@@ -306,8 +313,17 @@ int PKCS7_add_certificate(PKCS7 *p7, X509 *x509)
 
 	if (*sk == NULL)
 		*sk=sk_X509_new_null();
+	if (*sk == NULL)
+		{
+		PKCS7err(PKCS7_F_PKCS7_ADD_CERTIFICATE, ERR_R_MALLOC_FAILURE);
+		return 0;
+		}
 	CRYPTO_add(&x509->references,1,CRYPTO_LOCK_X509);
-	sk_X509_push(*sk,x509);
+	if (!sk_X509_push(*sk,x509))
+		{
+		X509_free(x509);
+		return 0;
+		}
 	return(1);
 	}
 
@@ -332,22 +348,26 @@ int PKCS7_add_crl(PKCS7 *p7, X509_CRL *crl)
 
 	if (*sk == NULL)
 		*sk=sk_X509_CRL_new_null();
+	if (*sk == NULL)
+		{
+		PKCS7err(PKCS7_F_PKCS7_ADD_CRL,ERR_R_MALLOC_FAILURE);
+		return 0;
+		}
 
 	CRYPTO_add(&crl->references,1,CRYPTO_LOCK_X509_CRL);
-	sk_X509_CRL_push(*sk,crl);
+	if (!sk_X509_CRL_push(*sk,crl))
+		{
+		X509_CRL_free(crl);
+		return 0;
+		}
 	return(1);
 	}
 
 int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey,
 	     const EVP_MD *dgst)
 	{
-	int nid;
-	char is_dsa;
+	int ret;
 
-	if (pkey->type == EVP_PKEY_DSA || pkey->type == EVP_PKEY_EC)
-		is_dsa = 1;
-	else
-		is_dsa = 0;
 	/* We now need to add another PKCS7_SIGNER_INFO entry */
 	if (!ASN1_INTEGER_set(p7i->version,1))
 		goto err;
@@ -367,64 +387,55 @@ int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey,
 	p7i->pkey=pkey;
 
 	/* Set the algorithms */
-	if (is_dsa) p7i->digest_alg->algorithm=OBJ_nid2obj(NID_sha1);
-	else	
-		p7i->digest_alg->algorithm=OBJ_nid2obj(EVP_MD_type(dgst));
 
-	if (p7i->digest_alg->parameter != NULL)
-		ASN1_TYPE_free(p7i->digest_alg->parameter);
-	if ((p7i->digest_alg->parameter=ASN1_TYPE_new()) == NULL)
-		goto err;
-	p7i->digest_alg->parameter->type=V_ASN1_NULL;
+	X509_ALGOR_set0(p7i->digest_alg, OBJ_nid2obj(EVP_MD_type(dgst)),
+				V_ASN1_NULL, NULL);
 
-	if (p7i->digest_enc_alg->parameter != NULL)
-		ASN1_TYPE_free(p7i->digest_enc_alg->parameter);
-	nid = EVP_PKEY_type(pkey->type);
-	if (nid == EVP_PKEY_RSA)
-		{
-		p7i->digest_enc_alg->algorithm=OBJ_nid2obj(NID_rsaEncryption);
-		if (!(p7i->digest_enc_alg->parameter=ASN1_TYPE_new()))
-			goto err;
-		p7i->digest_enc_alg->parameter->type=V_ASN1_NULL;
-		}
-	else if (nid == EVP_PKEY_DSA)
-		{
-#if 1
-		/* use 'dsaEncryption' OID for compatibility with other software
-		 * (PKCS #7 v1.5 does specify how to handle DSA) ... */
-		p7i->digest_enc_alg->algorithm=OBJ_nid2obj(NID_dsa);
-#else
-		/* ... although the 'dsaWithSHA1' OID (as required by RFC 2630 for CMS)
-		 * would make more sense. */
-		p7i->digest_enc_alg->algorithm=OBJ_nid2obj(NID_dsaWithSHA1);
-#endif
-		p7i->digest_enc_alg->parameter = NULL; /* special case for DSA: omit 'parameter'! */
-		}
-	else if (nid == EVP_PKEY_EC)
+	if (pkey->ameth && pkey->ameth->pkey_ctrl)
 		{
-		p7i->digest_enc_alg->algorithm=OBJ_nid2obj(NID_ecdsa_with_SHA1);
-		if (!(p7i->digest_enc_alg->parameter=ASN1_TYPE_new()))
-			goto err;
-		p7i->digest_enc_alg->parameter->type=V_ASN1_NULL;
+		ret = pkey->ameth->pkey_ctrl(pkey, ASN1_PKEY_CTRL_PKCS7_SIGN,
+						0, p7i);
+		if (ret > 0)
+			return 1;
+		if (ret != -2)
+			{
+			PKCS7err(PKCS7_F_PKCS7_SIGNER_INFO_SET,
+					PKCS7_R_SIGNING_CTRL_FAILURE);
+			return 0;
+			}
 		}
-	else
-		return(0);
-
-	return(1);
+	PKCS7err(PKCS7_F_PKCS7_SIGNER_INFO_SET,
+			PKCS7_R_SIGNING_NOT_SUPPORTED_FOR_THIS_KEY_TYPE);
 err:
-	return(0);
+	return 0;
 	}
 
 PKCS7_SIGNER_INFO *PKCS7_add_signature(PKCS7 *p7, X509 *x509, EVP_PKEY *pkey,
 	     const EVP_MD *dgst)
 	{
-	PKCS7_SIGNER_INFO *si;
+	PKCS7_SIGNER_INFO *si = NULL;
+
+	if (dgst == NULL)
+		{
+		int def_nid;
+		if (EVP_PKEY_get_default_digest_nid(pkey, &def_nid) <= 0)
+			goto err;
+		dgst = EVP_get_digestbynid(def_nid);
+		if (dgst == NULL)
+			{
+			PKCS7err(PKCS7_F_PKCS7_ADD_SIGNATURE,
+						PKCS7_R_NO_DEFAULT_DIGEST);
+			goto err;
+			}
+		}
 
 	if ((si=PKCS7_SIGNER_INFO_new()) == NULL) goto err;
 	if (!PKCS7_SIGNER_INFO_set(si,x509,pkey,dgst)) goto err;
 	if (!PKCS7_add_signer(p7,si)) goto err;
 	return(si);
 err:
+	if (si)
+		PKCS7_SIGNER_INFO_free(si);
 	return(NULL);
 	}
 
@@ -460,6 +471,23 @@ STACK_OF(PKCS7_SIGNER_INFO) *PKCS7_get_signer_info(PKCS7 *p7)
 		return(NULL);
 	}
 
+void PKCS7_SIGNER_INFO_get0_algs(PKCS7_SIGNER_INFO *si, EVP_PKEY **pk,
+					X509_ALGOR **pdig, X509_ALGOR **psig)
+	{
+	if (pk)
+		*pk = si->pkey;
+	if (pdig)
+		*pdig = si->digest_alg;
+	if (psig)
+		*psig = si->digest_enc_alg;
+	}
+
+void PKCS7_RECIP_INFO_get0_alg(PKCS7_RECIP_INFO *ri, X509_ALGOR **penc)
+	{
+	if (penc)
+		*penc = ri->key_enc_algor;
+	}
+
 PKCS7_RECIP_INFO *PKCS7_add_recipient(PKCS7 *p7, X509 *x509)
 	{
 	PKCS7_RECIP_INFO *ri;
@@ -467,9 +495,11 @@ PKCS7_RECIP_INFO *PKCS7_add_recipient(PKCS7 *p7, X509 *x509)
 	if ((ri=PKCS7_RECIP_INFO_new()) == NULL) goto err;
 	if (!PKCS7_RECIP_INFO_set(ri,x509)) goto err;
 	if (!PKCS7_add_recipient_info(p7,ri)) goto err;
-	return(ri);
+	return ri;
 err:
-	return(NULL);
+	if (ri)
+		PKCS7_RECIP_INFO_free(ri);
+	return NULL;
 	}
 
 int PKCS7_add_recipient_info(PKCS7 *p7, PKCS7_RECIP_INFO *ri)
@@ -491,12 +521,15 @@ int PKCS7_add_recipient_info(PKCS7 *p7, PKCS7_RECIP_INFO *ri)
 		return(0);
 		}
 
-	sk_PKCS7_RECIP_INFO_push(sk,ri);
+	if (!sk_PKCS7_RECIP_INFO_push(sk,ri))
+		return 0;
 	return(1);
 	}
 
 int PKCS7_RECIP_INFO_set(PKCS7_RECIP_INFO *p7i, X509 *x509)
 	{
+	int ret;
+	EVP_PKEY *pkey = NULL;
 	if (!ASN1_INTEGER_set(p7i->version,0))
 		return 0;
 	if (!X509_NAME_set(&p7i->issuer_and_serial->issuer,
@@ -508,14 +541,41 @@ int PKCS7_RECIP_INFO_set(PKCS7_RECIP_INFO *p7i, X509 *x509)
 		M_ASN1_INTEGER_dup(X509_get_serialNumber(x509))))
 		return 0;
 
-	X509_ALGOR_free(p7i->key_enc_algor);
-	if (!(p7i->key_enc_algor= X509_ALGOR_dup(x509->cert_info->key->algor)))
-		return 0;
+	pkey = X509_get_pubkey(x509);
+
+	if (!pkey || !pkey->ameth || !pkey->ameth->pkey_ctrl)
+		{
+		PKCS7err(PKCS7_F_PKCS7_RECIP_INFO_SET,
+			PKCS7_R_ENCRYPTION_NOT_SUPPORTED_FOR_THIS_KEY_TYPE);
+		goto err;
+		}
+
+	ret = pkey->ameth->pkey_ctrl(pkey, ASN1_PKEY_CTRL_PKCS7_ENCRYPT,
+						0, p7i);
+	if (ret == -2)
+		{
+		PKCS7err(PKCS7_F_PKCS7_RECIP_INFO_SET,
+			PKCS7_R_ENCRYPTION_NOT_SUPPORTED_FOR_THIS_KEY_TYPE);
+		goto err;
+		}
+	if (ret <= 0)
+		{
+		PKCS7err(PKCS7_F_PKCS7_RECIP_INFO_SET,
+				PKCS7_R_ENCRYPTION_CTRL_FAILURE);
+		goto err;
+		}
+
+	EVP_PKEY_free(pkey);
 
 	CRYPTO_add(&x509->references,1,CRYPTO_LOCK_X509);
 	p7i->cert=x509;
 
-	return(1);
+	return 1;
+
+	err:
+	if (pkey)
+		EVP_PKEY_free(pkey);
+	return 0;
 	}
 
 X509 *PKCS7_cert_from_signer_info(PKCS7 *p7, PKCS7_SIGNER_INFO *si)
@@ -560,3 +620,48 @@ int PKCS7_set_cipher(PKCS7 *p7, const EVP_CIPHER *cipher)
 	return 1;
 	}
 
+int PKCS7_stream(unsigned char ***boundary, PKCS7 *p7)
+	{
+	ASN1_OCTET_STRING *os = NULL;
+
+	switch (OBJ_obj2nid(p7->type))
+		{
+		case NID_pkcs7_data:
+		os = p7->d.data;
+		break;
+
+		case NID_pkcs7_signedAndEnveloped:
+		os = p7->d.signed_and_enveloped->enc_data->enc_data;
+		if (os == NULL)
+			{
+			os=M_ASN1_OCTET_STRING_new();
+			p7->d.signed_and_enveloped->enc_data->enc_data=os;
+			}
+		break;
+
+		case NID_pkcs7_enveloped:
+		os = p7->d.enveloped->enc_data->enc_data;
+		if (os == NULL)
+			{
+			os=M_ASN1_OCTET_STRING_new();
+			p7->d.enveloped->enc_data->enc_data=os;
+			}
+		break;
+
+		case NID_pkcs7_signed:
+		os=p7->d.sign->contents->d.data;
+		break;
+
+		default:
+		os = NULL;
+		break;
+		}
+	
+	if (os == NULL)
+		return 0;
+
+	os->flags |= ASN1_STRING_FLAG_NDEF;
+	*boundary = &os->data;
+
+	return 1;
+	}
diff --git a/crypto/pkcs7/pk7_mime.c b/crypto/pkcs7/pk7_mime.c
index 210ec1e8c4..938f79a646 100644
--- a/crypto/pkcs7/pk7_mime.c
+++ b/crypto/pkcs7/pk7_mime.c
@@ -1,9 +1,9 @@
 /* pk7_mime.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project.
  */
 /* ====================================================================
- * Copyright (c) 1999-2003 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -50,10 +50,6 @@
  * OF THE POSSIBILITY OF SUCH DAMAGE.
  * ====================================================================
  *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
  */
 
 #include <stdio.h>
@@ -61,696 +57,41 @@
 #include "cryptlib.h"
 #include <openssl/rand.h>
 #include <openssl/x509.h>
+#include <openssl/asn1.h>
 
-/* MIME and related routines */
-
-/* MIME format structures
- * Note that all are translated to lower case apart from
- * parameter values. Quotes are stripped off
- */
-
-typedef struct {
-char *param_name;			/* Param name e.g. "micalg" */
-char *param_value;			/* Param value e.g. "sha1" */
-} MIME_PARAM;
-
-DECLARE_STACK_OF(MIME_PARAM)
-IMPLEMENT_STACK_OF(MIME_PARAM)
-
-typedef struct {
-char *name;				/* Name of line e.g. "content-type" */
-char *value;				/* Value of line e.g. "text/plain" */
-STACK_OF(MIME_PARAM) *params;		/* Zero or more parameters */
-} MIME_HEADER;
-
-DECLARE_STACK_OF(MIME_HEADER)
-IMPLEMENT_STACK_OF(MIME_HEADER)
+/* PKCS#7 wrappers round generalised stream and MIME routines */
 
-static int pkcs7_output_data(BIO *bio, BIO *data, PKCS7 *p7, int flags);
-static int B64_write_PKCS7(BIO *bio, PKCS7 *p7);
-static PKCS7 *B64_read_PKCS7(BIO *bio);
-static char * strip_ends(char *name);
-static char * strip_start(char *name);
-static char * strip_end(char *name);
-static MIME_HEADER *mime_hdr_new(char *name, char *value);
-static int mime_hdr_addparam(MIME_HEADER *mhdr, char *name, char *value);
-static STACK_OF(MIME_HEADER) *mime_parse_hdr(BIO *bio);
-static int mime_hdr_cmp(const MIME_HEADER * const *a,
-			const MIME_HEADER * const *b);
-static int mime_param_cmp(const MIME_PARAM * const *a,
-			const MIME_PARAM * const *b);
-static void mime_param_free(MIME_PARAM *param);
-static int mime_bound_check(char *line, int linelen, char *bound, int blen);
-static int multi_split(BIO *bio, char *bound, STACK_OF(BIO) **ret);
-static int strip_eol(char *linebuf, int *plen);
-static MIME_HEADER *mime_hdr_find(STACK_OF(MIME_HEADER) *hdrs, char *name);
-static MIME_PARAM *mime_param_find(MIME_HEADER *hdr, char *name);
-static void mime_hdr_free(MIME_HEADER *hdr);
-
-#define MAX_SMLEN 1024
-#define mime_debug(x) /* x */
-
-
-typedef void (*stkfree)();
-
-/* Base 64 read and write of PKCS#7 structure */
-
-static int B64_write_PKCS7(BIO *bio, PKCS7 *p7)
-{
-	BIO *b64;
-	if(!(b64 = BIO_new(BIO_f_base64()))) {
-		PKCS7err(PKCS7_F_B64_WRITE_PKCS7,ERR_R_MALLOC_FAILURE);
-		return 0;
+int i2d_PKCS7_bio_stream(BIO *out, PKCS7 *p7, BIO *in, int flags)
+	{
+	return i2d_ASN1_bio_stream(out, (ASN1_VALUE *)p7, in, flags,
+					ASN1_ITEM_rptr(PKCS7));
 	}
-	bio = BIO_push(b64, bio);
-	i2d_PKCS7_bio(bio, p7);
-	BIO_flush(bio);
-	bio = BIO_pop(bio);
-	BIO_free(b64);
-	return 1;
-}
 
-static PKCS7 *B64_read_PKCS7(BIO *bio)
-{
-	BIO *b64;
-	PKCS7 *p7;
-	if(!(b64 = BIO_new(BIO_f_base64()))) {
-		PKCS7err(PKCS7_F_B64_READ_PKCS7,ERR_R_MALLOC_FAILURE);
-		return 0;
+int PEM_write_bio_PKCS7_stream(BIO *out, PKCS7 *p7, BIO *in, int flags)
+	{
+	return PEM_write_bio_ASN1_stream(out, (ASN1_VALUE *) p7, in, flags,
+						"PKCS7",
+						ASN1_ITEM_rptr(PKCS7));
 	}
-	bio = BIO_push(b64, bio);
-	if(!(p7 = d2i_PKCS7_bio(bio, NULL))) 
-		PKCS7err(PKCS7_F_B64_READ_PKCS7,PKCS7_R_DECODE_ERROR);
-	BIO_flush(bio);
-	bio = BIO_pop(bio);
-	BIO_free(b64);
-	return p7;
-}
-
-/* SMIME sender */
 
 int SMIME_write_PKCS7(BIO *bio, PKCS7 *p7, BIO *data, int flags)
-{
-	char bound[33], c;
-	int i;
-	char *mime_prefix, *mime_eol;
-	if (flags & PKCS7_NOOLDMIMETYPE)
-		mime_prefix = "application/pkcs7-";
-	else
-		mime_prefix = "application/x-pkcs7-";
-	if (flags & PKCS7_CRLFEOL)
-		mime_eol = "\r\n";
-	else
-		mime_eol = "\n";
-	if((flags & PKCS7_DETACHED) && data) {
-	/* We want multipart/signed */
-		/* Generate a random boundary */
-		RAND_pseudo_bytes((unsigned char *)bound, 32);
-		for(i = 0; i < 32; i++) {
-			c = bound[i] & 0xf;
-			if(c < 10) c += '0';
-			else c += 'A' - 10;
-			bound[i] = c;
-		}
-		bound[32] = 0;
-		BIO_printf(bio, "MIME-Version: 1.0%s", mime_eol);
-		BIO_printf(bio, "Content-Type: multipart/signed;");
-		BIO_printf(bio, " protocol=\"%ssignature\";", mime_prefix);
-		BIO_printf(bio, " micalg=sha1; boundary=\"----%s\"%s%s",
-						bound, mime_eol, mime_eol);
-		BIO_printf(bio, "This is an S/MIME signed message%s%s",
-						mime_eol, mime_eol);
-		/* Now write out the first part */
-		BIO_printf(bio, "------%s%s", bound, mime_eol);
-		pkcs7_output_data(bio, data, p7, flags);
-		BIO_printf(bio, "%s------%s%s", mime_eol, bound, mime_eol);
-
-		/* Headers for signature */
-
-		BIO_printf(bio, "Content-Type: %ssignature;", mime_prefix); 
-		BIO_printf(bio, " name=\"smime.p7s\"%s", mime_eol);
-		BIO_printf(bio, "Content-Transfer-Encoding: base64%s",
-								mime_eol);
-		BIO_printf(bio, "Content-Disposition: attachment;");
-		BIO_printf(bio, " filename=\"smime.p7s\"%s%s",
-							mime_eol, mime_eol);
-		B64_write_PKCS7(bio, p7);
-		BIO_printf(bio,"%s------%s--%s%s", mime_eol, bound,
-							mime_eol, mime_eol);
-		return 1;
-	}
-	/* MIME headers */
-	BIO_printf(bio, "MIME-Version: 1.0%s", mime_eol);
-	BIO_printf(bio, "Content-Disposition: attachment;");
-	BIO_printf(bio, " filename=\"smime.p7m\"%s", mime_eol);
-	BIO_printf(bio, "Content-Type: %smime;", mime_prefix);
-	BIO_printf(bio, " name=\"smime.p7m\"%s", mime_eol);
-	BIO_printf(bio, "Content-Transfer-Encoding: base64%s%s",
-						mime_eol, mime_eol);
-	B64_write_PKCS7(bio, p7);
-	BIO_printf(bio, "%s", mime_eol);
-	return 1;
-}
-
-/* Handle output of PKCS#7 data */
-
-
-static int pkcs7_output_data(BIO *out, BIO *data, PKCS7 *p7, int flags)
 	{
-	BIO *tmpbio, *p7bio;
-
-	if (!(flags & PKCS7_STREAM))
-		{
-		SMIME_crlf_copy(data, out, flags);
-		return 1;
-		}
-
-	/* Partial sign operation */
-
-	/* Initialize sign operation */
-	p7bio = PKCS7_dataInit(p7, out);
-
-	/* Copy data across, computing digests etc */
-	SMIME_crlf_copy(data, p7bio, flags);
-
-	/* Must be detached */
-	PKCS7_set_detached(p7, 1);
-
-	/* Finalize signatures */
-	PKCS7_dataFinal(p7, p7bio);
-
-	/* Now remove any digests prepended to the BIO */
+	STACK_OF(X509_ALGOR) *mdalgs;
+	int ctype_nid = OBJ_obj2nid(p7->type);
+	if (ctype_nid == NID_pkcs7_signed)
+		mdalgs = p7->d.sign->md_algs;
+	else
+		mdalgs = NULL;
 
-	while (p7bio != out)
-		{
-		tmpbio = BIO_pop(p7bio);
-		BIO_free(p7bio);
-		p7bio = tmpbio;
-		}
+	flags ^= SMIME_OLDMIME;
 
-	return 1;
 
+	return SMIME_write_ASN1(bio, (ASN1_VALUE *)p7, data, flags,
+					ctype_nid, NID_undef, mdalgs,
+					ASN1_ITEM_rptr(PKCS7));	
 	}
 
-/* SMIME reader: handle multipart/signed and opaque signing.
- * in multipart case the content is placed in a memory BIO
- * pointed to by "bcont". In opaque this is set to NULL
- */
-
 PKCS7 *SMIME_read_PKCS7(BIO *bio, BIO **bcont)
-{
-	BIO *p7in;
-	STACK_OF(MIME_HEADER) *headers = NULL;
-	STACK_OF(BIO) *parts = NULL;
-	MIME_HEADER *hdr;
-	MIME_PARAM *prm;
-	PKCS7 *p7;
-	int ret;
-
-	if(bcont) *bcont = NULL;
-
-	if (!(headers = mime_parse_hdr(bio))) {
-		PKCS7err(PKCS7_F_SMIME_READ_PKCS7,PKCS7_R_MIME_PARSE_ERROR);
-		return NULL;
-	}
-
-	if(!(hdr = mime_hdr_find(headers, "content-type")) || !hdr->value) {
-		sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
-		PKCS7err(PKCS7_F_SMIME_READ_PKCS7, PKCS7_R_NO_CONTENT_TYPE);
-		return NULL;
-	}
-
-	/* Handle multipart/signed */
-
-	if(!strcmp(hdr->value, "multipart/signed")) {
-		/* Split into two parts */
-		prm = mime_param_find(hdr, "boundary");
-		if(!prm || !prm->param_value) {
-			sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
-			PKCS7err(PKCS7_F_SMIME_READ_PKCS7, PKCS7_R_NO_MULTIPART_BOUNDARY);
-			return NULL;
-		}
-		ret = multi_split(bio, prm->param_value, &parts);
-		sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
-		if(!ret || (sk_BIO_num(parts) != 2) ) {
-			PKCS7err(PKCS7_F_SMIME_READ_PKCS7, PKCS7_R_NO_MULTIPART_BODY_FAILURE);
-			sk_BIO_pop_free(parts, BIO_vfree);
-			return NULL;
-		}
-
-		/* Parse the signature piece */
-		p7in = sk_BIO_value(parts, 1);
-
-		if (!(headers = mime_parse_hdr(p7in))) {
-			PKCS7err(PKCS7_F_SMIME_READ_PKCS7,PKCS7_R_MIME_SIG_PARSE_ERROR);
-			sk_BIO_pop_free(parts, BIO_vfree);
-			return NULL;
-		}
-
-		/* Get content type */
-
-		if(!(hdr = mime_hdr_find(headers, "content-type")) ||
-								 !hdr->value) {
-			sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
-			PKCS7err(PKCS7_F_SMIME_READ_PKCS7, PKCS7_R_NO_SIG_CONTENT_TYPE);
-			return NULL;
-		}
-
-		if(strcmp(hdr->value, "application/x-pkcs7-signature") &&
-			strcmp(hdr->value, "application/pkcs7-signature")) {
-			sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
-			PKCS7err(PKCS7_F_SMIME_READ_PKCS7,PKCS7_R_SIG_INVALID_MIME_TYPE);
-			ERR_add_error_data(2, "type: ", hdr->value);
-			sk_BIO_pop_free(parts, BIO_vfree);
-			return NULL;
-		}
-		sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
-		/* Read in PKCS#7 */
-		if(!(p7 = B64_read_PKCS7(p7in))) {
-			PKCS7err(PKCS7_F_SMIME_READ_PKCS7,PKCS7_R_PKCS7_SIG_PARSE_ERROR);
-			sk_BIO_pop_free(parts, BIO_vfree);
-			return NULL;
-		}
-
-		if(bcont) {
-			*bcont = sk_BIO_value(parts, 0);
-			BIO_free(p7in);
-			sk_BIO_free(parts);
-		} else sk_BIO_pop_free(parts, BIO_vfree);
-		return p7;
-	}
-		
-	/* OK, if not multipart/signed try opaque signature */
-
-	if (strcmp (hdr->value, "application/x-pkcs7-mime") &&
-	    strcmp (hdr->value, "application/pkcs7-mime")) {
-		PKCS7err(PKCS7_F_SMIME_READ_PKCS7,PKCS7_R_INVALID_MIME_TYPE);
-		ERR_add_error_data(2, "type: ", hdr->value);
-		sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
-		return NULL;
-	}
-
-	sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
-	
-	if(!(p7 = B64_read_PKCS7(bio))) {
-		PKCS7err(PKCS7_F_SMIME_READ_PKCS7, PKCS7_R_PKCS7_PARSE_ERROR);
-		return NULL;
-	}
-	return p7;
-
-}
-
-/* Copy text from one BIO to another making the output CRLF at EOL */
-int SMIME_crlf_copy(BIO *in, BIO *out, int flags)
-{
-	char eol;
-	int len;
-	char linebuf[MAX_SMLEN];
-	if(flags & PKCS7_BINARY) {
-		while((len = BIO_read(in, linebuf, MAX_SMLEN)) > 0)
-						BIO_write(out, linebuf, len);
-		return 1;
-	}
-	if(flags & PKCS7_TEXT)
-		BIO_printf(out, "Content-Type: text/plain\r\n\r\n");
-	while ((len = BIO_gets(in, linebuf, MAX_SMLEN)) > 0) {
-		eol = strip_eol(linebuf, &len);
-		if (len)
-			BIO_write(out, linebuf, len);
-		if(eol) BIO_write(out, "\r\n", 2);
-	}
-	return 1;
-}
-
-/* Strip off headers if they are text/plain */
-int SMIME_text(BIO *in, BIO *out)
-{
-	char iobuf[4096];
-	int len;
-	STACK_OF(MIME_HEADER) *headers;
-	MIME_HEADER *hdr;
-
-	if (!(headers = mime_parse_hdr(in))) {
-		PKCS7err(PKCS7_F_SMIME_TEXT,PKCS7_R_MIME_PARSE_ERROR);
-		return 0;
-	}
-	if(!(hdr = mime_hdr_find(headers, "content-type")) || !hdr->value) {
-		PKCS7err(PKCS7_F_SMIME_TEXT,PKCS7_R_MIME_NO_CONTENT_TYPE);
-		sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
-		return 0;
-	}
-	if (strcmp (hdr->value, "text/plain")) {
-		PKCS7err(PKCS7_F_SMIME_TEXT,PKCS7_R_INVALID_MIME_TYPE);
-		ERR_add_error_data(2, "type: ", hdr->value);
-		sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
-		return 0;
-	}
-	sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
-	while ((len = BIO_read(in, iobuf, sizeof(iobuf))) > 0)
-						BIO_write(out, iobuf, len);
-	return 1;
-}
-
-/* Split a multipart/XXX message body into component parts: result is
- * canonical parts in a STACK of bios
- */
-
-static int multi_split(BIO *bio, char *bound, STACK_OF(BIO) **ret)
-{
-	char linebuf[MAX_SMLEN];
-	int len, blen;
-	int eol = 0, next_eol = 0;
-	BIO *bpart = NULL;
-	STACK_OF(BIO) *parts;
-	char state, part, first;
-
-	blen = strlen(bound);
-	part = 0;
-	state = 0;
-	first = 1;
-	parts = sk_BIO_new_null();
-	*ret = parts;
-	while ((len = BIO_gets(bio, linebuf, MAX_SMLEN)) > 0) {
-		state = mime_bound_check(linebuf, len, bound, blen);
-		if(state == 1) {
-			first = 1;
-			part++;
-		} else if(state == 2) {
-			sk_BIO_push(parts, bpart);
-			return 1;
-		} else if(part) {
-			/* Strip CR+LF from linebuf */
-			next_eol = strip_eol(linebuf, &len);
-			if(first) {
-				first = 0;
-				if(bpart) sk_BIO_push(parts, bpart);
-				bpart = BIO_new(BIO_s_mem());
-				BIO_set_mem_eof_return(bpart, 0);
-			} else if (eol)
-				BIO_write(bpart, "\r\n", 2);
-			eol = next_eol;
-			if (len)
-				BIO_write(bpart, linebuf, len);
-		}
-	}
-	return 0;
-}
-
-/* This is the big one: parse MIME header lines up to message body */
-
-#define MIME_INVALID	0
-#define MIME_START	1
-#define MIME_TYPE	2
-#define MIME_NAME	3
-#define MIME_VALUE	4
-#define MIME_QUOTE	5
-#define MIME_COMMENT	6
-
-
-static STACK_OF(MIME_HEADER) *mime_parse_hdr(BIO *bio)
-{
-	char *p, *q, c;
-	char *ntmp;
-	char linebuf[MAX_SMLEN];
-	MIME_HEADER *mhdr = NULL;
-	STACK_OF(MIME_HEADER) *headers;
-	int len, state, save_state = 0;
-
-	headers = sk_MIME_HEADER_new(mime_hdr_cmp);
-	while ((len = BIO_gets(bio, linebuf, MAX_SMLEN)) > 0) {
-	/* If whitespace at line start then continuation line */
-	if(mhdr && isspace((unsigned char)linebuf[0])) state = MIME_NAME;
-	else state = MIME_START;
-	ntmp = NULL;
-	/* Go through all characters */
-	for(p = linebuf, q = linebuf; (c = *p) && (c!='\r') && (c!='\n'); p++) {
-
-	/* State machine to handle MIME headers
-	 * if this looks horrible that's because it *is*
-         */
-
-		switch(state) {
-			case MIME_START:
-			if(c == ':') {
-				state = MIME_TYPE;
-				*p = 0;
-				ntmp = strip_ends(q);
-				q = p + 1;
-			}
-			break;
-
-			case MIME_TYPE:
-			if(c == ';') {
-				mime_debug("Found End Value\n");
-				*p = 0;
-				mhdr = mime_hdr_new(ntmp, strip_ends(q));
-				sk_MIME_HEADER_push(headers, mhdr);
-				ntmp = NULL;
-				q = p + 1;
-				state = MIME_NAME;
-			} else if(c == '(') {
-				save_state = state;
-				state = MIME_COMMENT;
-			}
-			break;
-
-			case MIME_COMMENT:
-			if(c == ')') {
-				state = save_state;
-			}
-			break;
-
-			case MIME_NAME:
-			if(c == '=') {
-				state = MIME_VALUE;
-				*p = 0;
-				ntmp = strip_ends(q);
-				q = p + 1;
-			}
-			break ;
-
-			case MIME_VALUE:
-			if(c == ';') {
-				state = MIME_NAME;
-				*p = 0;
-				mime_hdr_addparam(mhdr, ntmp, strip_ends(q));
-				ntmp = NULL;
-				q = p + 1;
-			} else if (c == '"') {
-				mime_debug("Found Quote\n");
-				state = MIME_QUOTE;
-			} else if(c == '(') {
-				save_state = state;
-				state = MIME_COMMENT;
-			}
-			break;
-
-			case MIME_QUOTE:
-			if(c == '"') {
-				mime_debug("Found Match Quote\n");
-				state = MIME_VALUE;
-			}
-			break;
-		}
-	}
-
-	if(state == MIME_TYPE) {
-		mhdr = mime_hdr_new(ntmp, strip_ends(q));
-		sk_MIME_HEADER_push(headers, mhdr);
-	} else if(state == MIME_VALUE)
-			 mime_hdr_addparam(mhdr, ntmp, strip_ends(q));
-	if(p == linebuf) break;	/* Blank line means end of headers */
-}
-
-return headers;
-
-}
-
-static char *strip_ends(char *name)
-{
-	return strip_end(strip_start(name));
-}
-
-/* Strip a parameter of whitespace from start of param */
-static char *strip_start(char *name)
-{
-	char *p, c;
-	/* Look for first non white space or quote */
-	for(p = name; (c = *p) ;p++) {
-		if(c == '"') {
-			/* Next char is start of string if non null */
-			if(p[1]) return p + 1;
-			/* Else null string */
-			return NULL;
-		}
-		if(!isspace((unsigned char)c)) return p;
-	}
-	return NULL;
-}
-
-/* As above but strip from end of string : maybe should handle brackets? */
-static char *strip_end(char *name)
-{
-	char *p, c;
-	if(!name) return NULL;
-	/* Look for first non white space or quote */
-	for(p = name + strlen(name) - 1; p >= name ;p--) {
-		c = *p;
-		if(c == '"') {
-			if(p - 1 == name) return NULL;
-			*p = 0;
-			return name;
-		}
-		if(isspace((unsigned char)c)) *p = 0;	
-		else return name;
-	}
-	return NULL;
-}
-
-static MIME_HEADER *mime_hdr_new(char *name, char *value)
-{
-	MIME_HEADER *mhdr;
-	char *tmpname, *tmpval, *p;
-	int c;
-	if(name) {
-		if(!(tmpname = BUF_strdup(name))) return NULL;
-		for(p = tmpname ; *p; p++) {
-			c = *p;
-			if(isupper(c)) {
-				c = tolower(c);
-				*p = c;
-			}
-		}
-	} else tmpname = NULL;
-	if(value) {
-		if(!(tmpval = BUF_strdup(value))) return NULL;
-		for(p = tmpval ; *p; p++) {
-			c = *p;
-			if(isupper(c)) {
-				c = tolower(c);
-				*p = c;
-			}
-		}
-	} else tmpval = NULL;
-	mhdr = (MIME_HEADER *) OPENSSL_malloc(sizeof(MIME_HEADER));
-	if(!mhdr) return NULL;
-	mhdr->name = tmpname;
-	mhdr->value = tmpval;
-	if(!(mhdr->params = sk_MIME_PARAM_new(mime_param_cmp))) return NULL;
-	return mhdr;
-}
-		
-static int mime_hdr_addparam(MIME_HEADER *mhdr, char *name, char *value)
-{
-	char *tmpname, *tmpval, *p;
-	int c;
-	MIME_PARAM *mparam;
-	if(name) {
-		tmpname = BUF_strdup(name);
-		if(!tmpname) return 0;
-		for(p = tmpname ; *p; p++) {
-			c = *p;
-			if(isupper(c)) {
-				c = tolower(c);
-				*p = c;
-			}
-		}
-	} else tmpname = NULL;
-	if(value) {
-		tmpval = BUF_strdup(value);
-		if(!tmpval) return 0;
-	} else tmpval = NULL;
-	/* Parameter values are case sensitive so leave as is */
-	mparam = (MIME_PARAM *) OPENSSL_malloc(sizeof(MIME_PARAM));
-	if(!mparam) return 0;
-	mparam->param_name = tmpname;
-	mparam->param_value = tmpval;
-	sk_MIME_PARAM_push(mhdr->params, mparam);
-	return 1;
-}
-
-static int mime_hdr_cmp(const MIME_HEADER * const *a,
-			const MIME_HEADER * const *b)
-{
-	return(strcmp((*a)->name, (*b)->name));
-}
-
-static int mime_param_cmp(const MIME_PARAM * const *a,
-			const MIME_PARAM * const *b)
-{
-	return(strcmp((*a)->param_name, (*b)->param_name));
-}
-
-/* Find a header with a given name (if possible) */
-
-static MIME_HEADER *mime_hdr_find(STACK_OF(MIME_HEADER) *hdrs, char *name)
-{
-	MIME_HEADER htmp;
-	int idx;
-	htmp.name = name;
-	idx = sk_MIME_HEADER_find(hdrs, &htmp);
-	if(idx < 0) return NULL;
-	return sk_MIME_HEADER_value(hdrs, idx);
-}
-
-static MIME_PARAM *mime_param_find(MIME_HEADER *hdr, char *name)
-{
-	MIME_PARAM param;
-	int idx;
-	param.param_name = name;
-	idx = sk_MIME_PARAM_find(hdr->params, &param);
-	if(idx < 0) return NULL;
-	return sk_MIME_PARAM_value(hdr->params, idx);
-}
-
-static void mime_hdr_free(MIME_HEADER *hdr)
-{
-	if(hdr->name) OPENSSL_free(hdr->name);
-	if(hdr->value) OPENSSL_free(hdr->value);
-	if(hdr->params) sk_MIME_PARAM_pop_free(hdr->params, mime_param_free);
-	OPENSSL_free(hdr);
-}
-
-static void mime_param_free(MIME_PARAM *param)
-{
-	if(param->param_name) OPENSSL_free(param->param_name);
-	if(param->param_value) OPENSSL_free(param->param_value);
-	OPENSSL_free(param);
-}
-
-/* Check for a multipart boundary. Returns:
- * 0 : no boundary
- * 1 : part boundary
- * 2 : final boundary
- */
-static int mime_bound_check(char *line, int linelen, char *bound, int blen)
-{
-	if(linelen == -1) linelen = strlen(line);
-	if(blen == -1) blen = strlen(bound);
-	/* Quickly eliminate if line length too short */
-	if(blen + 2 > linelen) return 0;
-	/* Check for part boundary */
-	if(!strncmp(line, "--", 2) && !strncmp(line + 2, bound, blen)) {
-		if(!strncmp(line + blen + 2, "--", 2)) return 2;
-		else return 1;
-	}
-	return 0;
-}
-
-static int strip_eol(char *linebuf, int *plen)
 	{
-	int len = *plen;
-	char *p, c;
-	int is_eol = 0;
-	p = linebuf + len - 1;
-	for (p = linebuf + len - 1; len > 0; len--, p--)
-		{
-		c = *p;
-		if (c == '\n')
-			is_eol = 1;
-		else if (c != '\r')
-			break;
-		}
-	*plen = len;
-	return is_eol;
+	return (PKCS7 *)SMIME_read_ASN1(bio, bcont, ASN1_ITEM_rptr(PKCS7));
 	}
diff --git a/crypto/pkcs7/pk7_smime.c b/crypto/pkcs7/pk7_smime.c
index 4607e5fd69..86742d0dcd 100644
--- a/crypto/pkcs7/pk7_smime.c
+++ b/crypto/pkcs7/pk7_smime.c
@@ -1,5 +1,5 @@
 /* pk7_smime.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project.
  */
 /* ====================================================================
@@ -63,88 +63,205 @@
 #include <openssl/x509.h>
 #include <openssl/x509v3.h>
 
+static int pkcs7_copy_existing_digest(PKCS7 *p7, PKCS7_SIGNER_INFO *si);
+
 PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs,
 		  BIO *data, int flags)
 {
 	PKCS7 *p7;
-	PKCS7_SIGNER_INFO *si;
-	BIO *p7bio;
-	STACK_OF(X509_ALGOR) *smcap;
 	int i;
 
-	if(!X509_check_private_key(signcert, pkey)) {
-		PKCS7err(PKCS7_F_PKCS7_SIGN,PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE);
-                return NULL;
-	}
-
-	if(!(p7 = PKCS7_new())) {
+	if(!(p7 = PKCS7_new()))
+		{
 		PKCS7err(PKCS7_F_PKCS7_SIGN,ERR_R_MALLOC_FAILURE);
 		return NULL;
-	}
+		}
 
-	PKCS7_set_type(p7, NID_pkcs7_signed);
+	if (!PKCS7_set_type(p7, NID_pkcs7_signed))
+		goto err;
 
-	PKCS7_content_new(p7, NID_pkcs7_data);
+	if (!PKCS7_content_new(p7, NID_pkcs7_data))
+		goto err;
 
-    	if (!(si = PKCS7_add_signature(p7,signcert,pkey,EVP_sha1()))) {
-		PKCS7err(PKCS7_F_PKCS7_SIGN,PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR);
-		return NULL;
-	}
+    	if (pkey && !PKCS7_sign_add_signer(p7, signcert, pkey, NULL, flags))
+		{
+		PKCS7err(PKCS7_F_PKCS7_SIGN,PKCS7_R_PKCS7_ADD_SIGNER_ERROR);
+		goto err;
+		}
 
-	if(!(flags & PKCS7_NOCERTS)) {
-		PKCS7_add_certificate(p7, signcert);
-		if(certs) for(i = 0; i < sk_X509_num(certs); i++)
-			PKCS7_add_certificate(p7, sk_X509_value(certs, i));
-	}
+	if(!(flags & PKCS7_NOCERTS))
+		{
+		for(i = 0; i < sk_X509_num(certs); i++)
+			{
+			if (!PKCS7_add_certificate(p7, sk_X509_value(certs, i)))
+				goto err;
+			}
+		}
 
-	if(!(flags & PKCS7_NOATTR)) {
-		PKCS7_add_signed_attribute(si, NID_pkcs9_contentType,
-				V_ASN1_OBJECT, OBJ_nid2obj(NID_pkcs7_data));
-		/* Add SMIMECapabilities */
-		if(!(flags & PKCS7_NOSMIMECAP))
+	if(flags & PKCS7_DETACHED)
+		PKCS7_set_detached(p7, 1);
+
+	if (flags & (PKCS7_STREAM|PKCS7_PARTIAL))
+		return p7;
+
+	if (PKCS7_final(p7, data, flags))
+		return p7;
+
+	err:
+	PKCS7_free(p7);
+	return NULL;
+}
+
+int PKCS7_final(PKCS7 *p7, BIO *data, int flags)
+	{
+	BIO *p7bio;
+	int ret = 0;
+	if (!(p7bio = PKCS7_dataInit(p7, NULL)))
 		{
-		if(!(smcap = sk_X509_ALGOR_new_null())) {
-			PKCS7err(PKCS7_F_PKCS7_SIGN,ERR_R_MALLOC_FAILURE);
-			return NULL;
+		PKCS7err(PKCS7_F_PKCS7_FINAL,ERR_R_MALLOC_FAILURE);
+		return 0;
 		}
-#ifndef OPENSSL_NO_DES
-		PKCS7_simple_smimecap (smcap, NID_des_ede3_cbc, -1);
-#endif
-#ifndef OPENSSL_NO_RC2
-		PKCS7_simple_smimecap (smcap, NID_rc2_cbc, 128);
-		PKCS7_simple_smimecap (smcap, NID_rc2_cbc, 64);
-#endif
-#ifndef OPENSSL_NO_DES
-		PKCS7_simple_smimecap (smcap, NID_des_cbc, -1);
-#endif
-#ifndef OPENSSL_NO_RC2
-		PKCS7_simple_smimecap (smcap, NID_rc2_cbc, 40);
-#endif
-		PKCS7_add_attrib_smimecap (si, smcap);
-		sk_X509_ALGOR_pop_free(smcap, X509_ALGOR_free);
+
+	SMIME_crlf_copy(data, p7bio, flags);
+
+	(void)BIO_flush(p7bio);
+
+
+        if (!PKCS7_dataFinal(p7,p7bio))
+		{
+		PKCS7err(PKCS7_F_PKCS7_FINAL,PKCS7_R_PKCS7_DATASIGN);
+		goto err;
 		}
+
+	ret = 1;
+
+	err:
+	BIO_free_all(p7bio);
+
+	return ret;
+
 	}
 
-	if (flags & PKCS7_STREAM)
-		return p7;
+/* Check to see if a cipher exists and if so add S/MIME capabilities */
 
-	if (!(p7bio = PKCS7_dataInit(p7, NULL))) {
-		PKCS7err(PKCS7_F_PKCS7_SIGN,ERR_R_MALLOC_FAILURE);
-		return NULL;
+static int add_cipher_smcap(STACK_OF(X509_ALGOR) *sk, int nid, int arg)
+	{
+	if (EVP_get_cipherbynid(nid))
+		return PKCS7_simple_smimecap(sk, nid, arg);
+	return 1;
 	}
 
-	SMIME_crlf_copy(data, p7bio, flags);
+static int add_digest_smcap(STACK_OF(X509_ALGOR) *sk, int nid, int arg)
+	{
+	if (EVP_get_digestbynid(nid))
+		return PKCS7_simple_smimecap(sk, nid, arg);
+	return 1;
+	}
 
-	if(flags & PKCS7_DETACHED)PKCS7_set_detached(p7, 1);
+PKCS7_SIGNER_INFO *PKCS7_sign_add_signer(PKCS7 *p7, X509 *signcert,
+					EVP_PKEY *pkey, const EVP_MD *md,
+					int flags)
+	{
+	PKCS7_SIGNER_INFO *si = NULL;
+	STACK_OF(X509_ALGOR) *smcap = NULL;
+	if(!X509_check_private_key(signcert, pkey))
+		{
+		PKCS7err(PKCS7_F_PKCS7_SIGN_ADD_SIGNER,
+			PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE);
+                return NULL;
+		}
 
-        if (!PKCS7_dataFinal(p7,p7bio)) {
-		PKCS7err(PKCS7_F_PKCS7_SIGN,PKCS7_R_PKCS7_DATASIGN);
+    	if (!(si = PKCS7_add_signature(p7,signcert,pkey, md)))
+		{
+		PKCS7err(PKCS7_F_PKCS7_SIGN_ADD_SIGNER,
+				PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR);
 		return NULL;
+		}
+
+	if(!(flags & PKCS7_NOCERTS))
+		{
+		if (!PKCS7_add_certificate(p7, signcert))
+			goto err;
+		}
+
+	if(!(flags & PKCS7_NOATTR))
+		{
+		if (!PKCS7_add_attrib_content_type(si, NULL))
+			goto err;
+		/* Add SMIMECapabilities */
+		if(!(flags & PKCS7_NOSMIMECAP))
+			{
+			if(!(smcap = sk_X509_ALGOR_new_null()))
+				{
+				PKCS7err(PKCS7_F_PKCS7_SIGN_ADD_SIGNER,
+					ERR_R_MALLOC_FAILURE);
+				goto err;
+				}
+			if (!add_cipher_smcap(smcap, NID_aes_256_cbc, -1)
+			|| !add_digest_smcap(smcap, NID_id_GostR3411_94, -1)
+			|| !add_cipher_smcap(smcap, NID_id_Gost28147_89, -1)
+				|| !add_cipher_smcap(smcap, NID_aes_192_cbc, -1)
+				|| !add_cipher_smcap(smcap, NID_aes_128_cbc, -1)
+			|| !add_cipher_smcap(smcap, NID_des_ede3_cbc, -1)
+				|| !add_cipher_smcap(smcap, NID_rc2_cbc, 128)
+				|| !add_cipher_smcap(smcap, NID_rc2_cbc, 64)
+				|| !add_cipher_smcap(smcap, NID_des_cbc, -1)
+				|| !add_cipher_smcap(smcap, NID_rc2_cbc, 40)
+				|| !PKCS7_add_attrib_smimecap (si, smcap))
+				goto err;
+			sk_X509_ALGOR_pop_free(smcap, X509_ALGOR_free);
+			smcap = NULL;
+			}
+		if (flags & PKCS7_REUSE_DIGEST)
+			{
+			if (!pkcs7_copy_existing_digest(p7, si))
+				goto err;
+			if (!(flags & PKCS7_PARTIAL) &&
+					!PKCS7_SIGNER_INFO_sign(si))
+				goto err;
+			}
+		}
+	return si;
+	err:
+	if (smcap)
+		sk_X509_ALGOR_pop_free(smcap, X509_ALGOR_free);
+	return NULL;
 	}
 
-        BIO_free_all(p7bio);
-	return p7;
-}
+/* Search for a digest matching SignerInfo digest type and if found
+ * copy across.
+ */
+
+static int pkcs7_copy_existing_digest(PKCS7 *p7, PKCS7_SIGNER_INFO *si)
+	{
+	int i;
+	STACK_OF(PKCS7_SIGNER_INFO) *sinfos;
+	PKCS7_SIGNER_INFO *sitmp;
+	ASN1_OCTET_STRING *osdig = NULL;
+	sinfos = PKCS7_get_signer_info(p7);
+	for (i = 0; i < sk_PKCS7_SIGNER_INFO_num(sinfos); i++)
+		{
+		sitmp = sk_PKCS7_SIGNER_INFO_value(sinfos, i);
+		if (si == sitmp)
+			break;
+		if (sk_X509_ATTRIBUTE_num(sitmp->auth_attr) <= 0)
+			continue;
+		if (!OBJ_cmp(si->digest_alg->algorithm,
+				sitmp->digest_alg->algorithm))
+			{
+			osdig = PKCS7_digest_from_attributes(sitmp->auth_attr);
+			break;
+			}
+
+		}
+
+	if (osdig)
+		return PKCS7_add1_attrib_digest(si, osdig->data, osdig->length);
+
+	PKCS7err(PKCS7_F_PKCS7_COPY_EXISTING_DIGEST,
+			PKCS7_R_NO_MATCHING_DIGEST_TYPE_FOUND);
+	return 0;
+	}
 
 int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
 					BIO *indata, BIO *out, int flags)
@@ -210,8 +327,7 @@ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
 				sk_X509_free(signers);
 				return 0;
 				}
-			X509_STORE_CTX_set_purpose(&cert_ctx,
-						X509_PURPOSE_SMIME_SIGN);
+			X509_STORE_CTX_set_default(&cert_ctx, "smime_sign");
 		} else if(!X509_STORE_CTX_init (&cert_ctx, store, signer, NULL)) {
 			PKCS7err(PKCS7_F_PKCS7_VERIFY,ERR_R_X509_LIB);
 			sk_X509_free(signers);
@@ -255,13 +371,15 @@ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
 		tmpin = indata;
 		
 
-	p7bio=PKCS7_dataInit(p7,tmpin);
+	if (!(p7bio=PKCS7_dataInit(p7,tmpin)))
+		goto err;
 
 	if(flags & PKCS7_TEXT) {
 		if(!(tmpout = BIO_new(BIO_s_mem()))) {
 			PKCS7err(PKCS7_F_PKCS7_VERIFY,ERR_R_MALLOC_FAILURE);
 			goto err;
 		}
+		BIO_set_mem_eof_return(tmpout, 0);
 	} else tmpout = out;
 
 	/* We now have to 'read' from p7bio to calculate digests etc. */
@@ -300,11 +418,9 @@ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
 	
 	if (tmpin == indata)
 		{
-		if(indata) BIO_pop(p7bio);
-		BIO_free_all(p7bio);
+		if (indata) BIO_pop(p7bio);
 		}
-	else
-		BIO_free_all(tmpin);
+	BIO_free_all(p7bio);
 
 	sk_X509_free(signers);
 
@@ -362,7 +478,10 @@ STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags)
 			return 0;
 	    }
 
-	    sk_X509_push(signers, signer);
+	    if (!sk_X509_push(signers, signer)) {
+		sk_X509_free(signers);
+		return NULL;
+	    }
 	}
 	return signers;
 }
@@ -382,8 +501,9 @@ PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher,
 		return NULL;
 	}
 
-	PKCS7_set_type(p7, NID_pkcs7_enveloped);
-	if(!PKCS7_set_cipher(p7, cipher)) {
+	if (!PKCS7_set_type(p7, NID_pkcs7_enveloped))
+		goto err;
+	if (!PKCS7_set_cipher(p7, cipher)) {
 		PKCS7err(PKCS7_F_PKCS7_ENCRYPT,PKCS7_R_ERROR_SETTING_CIPHER);
 		goto err;
 	}
@@ -397,26 +517,15 @@ PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher,
 		}
 	}
 
-	if(!(p7bio = PKCS7_dataInit(p7, NULL))) {
-		PKCS7err(PKCS7_F_PKCS7_ENCRYPT,ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-
-	SMIME_crlf_copy(in, p7bio, flags);
-
-	BIO_flush(p7bio);
-
-        if (!PKCS7_dataFinal(p7,p7bio)) {
-		PKCS7err(PKCS7_F_PKCS7_ENCRYPT,PKCS7_R_PKCS7_DATAFINAL_ERROR);
-		goto err;
-	}
-        BIO_free_all(p7bio);
+	if (flags & PKCS7_STREAM)
+		return p7;
 
-	return p7;
+	if (PKCS7_final(p7, in, flags))
+		return p7;
 
 	err:
 
-	BIO_free(p7bio);
+	BIO_free_all(p7bio);
 	PKCS7_free(p7);
 	return NULL;
 
@@ -438,7 +547,7 @@ int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data, int flags)
 		return 0;
 	}
 
-	if(!X509_check_private_key(cert, pkey)) {
+	if(cert && !X509_check_private_key(cert, pkey)) {
 		PKCS7err(PKCS7_F_PKCS7_DECRYPT,
 				PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE);
 		return 0;
@@ -454,10 +563,13 @@ int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data, int flags)
 		/* Encrypt BIOs can't do BIO_gets() so add a buffer BIO */
 		if(!(tmpbuf = BIO_new(BIO_f_buffer()))) {
 			PKCS7err(PKCS7_F_PKCS7_DECRYPT, ERR_R_MALLOC_FAILURE);
+			BIO_free_all(tmpmem);
 			return 0;
 		}
 		if(!(bread = BIO_push(tmpbuf, tmpmem))) {
 			PKCS7err(PKCS7_F_PKCS7_DECRYPT, ERR_R_MALLOC_FAILURE);
+			BIO_free_all(tmpbuf);
+			BIO_free_all(tmpmem);
 			return 0;
 		}
 		ret = SMIME_text(bread, data);
diff --git a/crypto/pkcs7/pkcs7.h b/crypto/pkcs7/pkcs7.h
index 9dc3c0caa0..e4d443193c 100644
--- a/crypto/pkcs7/pkcs7.h
+++ b/crypto/pkcs7/pkcs7.h
@@ -232,6 +232,9 @@ DECLARE_PKCS12_STACK_OF(PKCS7)
 #define PKCS7_type_is_signedAndEnveloped(a) \
 		(OBJ_obj2nid((a)->type) == NID_pkcs7_signedAndEnveloped)
 #define PKCS7_type_is_data(a)   (OBJ_obj2nid((a)->type) == NID_pkcs7_data)
+#define PKCS7_type_is_digest(a)   (OBJ_obj2nid((a)->type) == NID_pkcs7_digest)
+#define PKCS7_type_is_encrypted(a) \
+		(OBJ_obj2nid((a)->type) == NID_pkcs7_encrypted)
 
 #define PKCS7_type_is_digest(a)   (OBJ_obj2nid((a)->type) == NID_pkcs7_digest)
 
@@ -242,14 +245,6 @@ DECLARE_PKCS12_STACK_OF(PKCS7)
 
 #define PKCS7_is_detached(p7) (PKCS7_type_is_signed(p7) && PKCS7_get_detached(p7))
 
-#ifdef SSLEAY_MACROS
-#ifndef PKCS7_ISSUER_AND_SERIAL_digest
-#define PKCS7_ISSUER_AND_SERIAL_digest(data,type,md,len) \
-        ASN1_digest((int (*)())i2d_PKCS7_ISSUER_AND_SERIAL,type,\
-	                (char *)data,md,len)
-#endif
-#endif
-
 /* S/MIME related flags */
 
 #define PKCS7_TEXT		0x1
@@ -266,6 +261,8 @@ DECLARE_PKCS12_STACK_OF(PKCS7)
 #define PKCS7_CRLFEOL		0x800
 #define PKCS7_STREAM		0x1000
 #define PKCS7_NOCRL		0x2000
+#define PKCS7_PARTIAL		0x4000
+#define PKCS7_REUSE_DIGEST	0x8000
 
 /* Flags: for compatibility with older code */
 
@@ -281,7 +278,6 @@ DECLARE_PKCS12_STACK_OF(PKCS7)
 
 DECLARE_ASN1_FUNCTIONS(PKCS7_ISSUER_AND_SERIAL)
 
-#ifndef SSLEAY_MACROS
 int PKCS7_ISSUER_AND_SERIAL_digest(PKCS7_ISSUER_AND_SERIAL *data,const EVP_MD *type,
 	unsigned char *md,unsigned int *len);
 #ifndef OPENSSL_NO_FP_API
@@ -291,7 +287,8 @@ int i2d_PKCS7_fp(FILE *fp,PKCS7 *p7);
 PKCS7 *PKCS7_dup(PKCS7 *p7);
 PKCS7 *d2i_PKCS7_bio(BIO *bp,PKCS7 **p7);
 int i2d_PKCS7_bio(BIO *bp,PKCS7 *p7);
-#endif
+int i2d_PKCS7_bio_stream(BIO *out, PKCS7 *p7, BIO *in, int flags);
+int PEM_write_bio_PKCS7_stream(BIO *out, PKCS7 *p7, BIO *in, int flags);
 
 DECLARE_ASN1_FUNCTIONS(PKCS7_SIGNER_INFO)
 DECLARE_ASN1_FUNCTIONS(PKCS7_RECIP_INFO)
@@ -307,6 +304,7 @@ DECLARE_ASN1_ITEM(PKCS7_ATTR_SIGN)
 DECLARE_ASN1_ITEM(PKCS7_ATTR_VERIFY)
 
 DECLARE_ASN1_NDEF_FUNCTION(PKCS7)
+DECLARE_ASN1_PRINT_FUNCTION(PKCS7)
 
 long PKCS7_ctrl(PKCS7 *p7, int cmd, long larg, char *parg);
 
@@ -315,6 +313,7 @@ int PKCS7_set0_type_other(PKCS7 *p7, int type, ASN1_TYPE *other);
 int PKCS7_set_content(PKCS7 *p7, PKCS7 *p7_data);
 int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey,
 	const EVP_MD *dgst);
+int PKCS7_SIGNER_INFO_sign(PKCS7_SIGNER_INFO *si);
 int PKCS7_add_signer(PKCS7 *p7, PKCS7_SIGNER_INFO *p7i);
 int PKCS7_add_certificate(PKCS7 *p7, X509 *x509);
 int PKCS7_add_crl(PKCS7 *p7, X509_CRL *x509);
@@ -336,9 +335,13 @@ int PKCS7_set_digest(PKCS7 *p7, const EVP_MD *md);
 STACK_OF(PKCS7_SIGNER_INFO) *PKCS7_get_signer_info(PKCS7 *p7);
 
 PKCS7_RECIP_INFO *PKCS7_add_recipient(PKCS7 *p7, X509 *x509);
+void PKCS7_SIGNER_INFO_get0_algs(PKCS7_SIGNER_INFO *si, EVP_PKEY **pk,
+					X509_ALGOR **pdig, X509_ALGOR **psig);
+void PKCS7_RECIP_INFO_get0_alg(PKCS7_RECIP_INFO *ri, X509_ALGOR **penc);
 int PKCS7_add_recipient_info(PKCS7 *p7, PKCS7_RECIP_INFO *ri);
 int PKCS7_RECIP_INFO_set(PKCS7_RECIP_INFO *p7i, X509 *x509);
 int PKCS7_set_cipher(PKCS7 *p7, const EVP_CIPHER *cipher);
+int PKCS7_stream(unsigned char ***boundary, PKCS7 *p7);
 
 PKCS7_ISSUER_AND_SERIAL *PKCS7_get_issuer_and_serial(PKCS7 *p7, int idx);
 ASN1_OCTET_STRING *PKCS7_digest_from_attributes(STACK_OF(X509_ATTRIBUTE) *sk);
@@ -355,6 +358,12 @@ int PKCS7_set_attributes(PKCS7_SIGNER_INFO *p7si,STACK_OF(X509_ATTRIBUTE) *sk);
 
 PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs,
 							BIO *data, int flags);
+
+PKCS7_SIGNER_INFO *PKCS7_sign_add_signer(PKCS7 *p7,
+			X509 *signcert, EVP_PKEY *pkey, const EVP_MD *md,
+			int flags);
+
+int PKCS7_final(PKCS7 *p7, BIO *data, int flags);
 int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
 					BIO *indata, BIO *out, int flags);
 STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags);
@@ -367,10 +376,16 @@ int PKCS7_add_attrib_smimecap(PKCS7_SIGNER_INFO *si,
 STACK_OF(X509_ALGOR) *PKCS7_get_smimecap(PKCS7_SIGNER_INFO *si);
 int PKCS7_simple_smimecap(STACK_OF(X509_ALGOR) *sk, int nid, int arg);
 
+int PKCS7_add_attrib_content_type(PKCS7_SIGNER_INFO *si, ASN1_OBJECT *coid);
+int PKCS7_add0_attrib_signing_time(PKCS7_SIGNER_INFO *si, ASN1_TIME *t);
+int PKCS7_add1_attrib_digest(PKCS7_SIGNER_INFO *si,
+				const unsigned char *md, int mdlen);
+
 int SMIME_write_PKCS7(BIO *bio, PKCS7 *p7, BIO *data, int flags);
 PKCS7 *SMIME_read_PKCS7(BIO *bio, BIO **bcont);
-int SMIME_crlf_copy(BIO *in, BIO *out, int flags);
-int SMIME_text(BIO *in, BIO *out);
+
+BIO *BIO_new_PKCS7(BIO *out, PKCS7 *p7);
+
 
 /* BEGIN ERROR CODES */
 /* The following lines are auto generated by the script mkerr.pl. Any changes
@@ -383,27 +398,40 @@ void ERR_load_PKCS7_strings(void);
 /* Function codes. */
 #define PKCS7_F_B64_READ_PKCS7				 120
 #define PKCS7_F_B64_WRITE_PKCS7				 121
-#define PKCS7_F_FIND_DIGEST				 127
+#define PKCS7_F_DO_PKCS7_SIGNED_ATTRIB			 136
+#define PKCS7_F_I2D_PKCS7_BIO_STREAM			 140
+#define PKCS7_F_PKCS7_ADD0_ATTRIB_SIGNING_TIME		 135
 #define PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP		 118
 #define PKCS7_F_PKCS7_ADD_CERTIFICATE			 100
 #define PKCS7_F_PKCS7_ADD_CRL				 101
 #define PKCS7_F_PKCS7_ADD_RECIPIENT_INFO		 102
+#define PKCS7_F_PKCS7_ADD_SIGNATURE			 131
 #define PKCS7_F_PKCS7_ADD_SIGNER			 103
 #define PKCS7_F_PKCS7_BIO_ADD_DIGEST			 125
+#define PKCS7_F_PKCS7_COPY_EXISTING_DIGEST		 138
 #define PKCS7_F_PKCS7_CTRL				 104
 #define PKCS7_F_PKCS7_DATADECODE			 112
+#define PKCS7_F_PKCS7_DATAFINAL				 128
 #define PKCS7_F_PKCS7_DATAINIT				 105
 #define PKCS7_F_PKCS7_DATASIGN				 106
 #define PKCS7_F_PKCS7_DATAVERIFY			 107
 #define PKCS7_F_PKCS7_DECRYPT				 114
+#define PKCS7_F_PKCS7_DECRYPT_RINFO			 133
+#define PKCS7_F_PKCS7_ENCODE_RINFO			 132
 #define PKCS7_F_PKCS7_ENCRYPT				 115
+#define PKCS7_F_PKCS7_FINAL				 134
+#define PKCS7_F_PKCS7_FIND_DIGEST			 127
 #define PKCS7_F_PKCS7_GET0_SIGNERS			 124
+#define PKCS7_F_PKCS7_RECIP_INFO_SET			 130
 #define PKCS7_F_PKCS7_SET_CIPHER			 108
 #define PKCS7_F_PKCS7_SET_CONTENT			 109
 #define PKCS7_F_PKCS7_SET_DIGEST			 126
 #define PKCS7_F_PKCS7_SET_TYPE				 110
 #define PKCS7_F_PKCS7_SIGN				 116
 #define PKCS7_F_PKCS7_SIGNATUREVERIFY			 113
+#define PKCS7_F_PKCS7_SIGNER_INFO_SET			 129
+#define PKCS7_F_PKCS7_SIGNER_INFO_SIGN			 139
+#define PKCS7_F_PKCS7_SIGN_ADD_SIGNER			 137
 #define PKCS7_F_PKCS7_SIMPLE_SMIMECAP			 119
 #define PKCS7_F_PKCS7_VERIFY				 117
 #define PKCS7_F_SMIME_READ_PKCS7			 122
@@ -414,10 +442,13 @@ void ERR_load_PKCS7_strings(void);
 #define PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER		 144
 #define PKCS7_R_CIPHER_NOT_INITIALIZED			 116
 #define PKCS7_R_CONTENT_AND_DATA_PRESENT		 118
+#define PKCS7_R_CTRL_ERROR				 152
 #define PKCS7_R_DECODE_ERROR				 130
 #define PKCS7_R_DECRYPTED_KEY_IS_WRONG_LENGTH		 100
 #define PKCS7_R_DECRYPT_ERROR				 119
 #define PKCS7_R_DIGEST_FAILURE				 101
+#define PKCS7_R_ENCRYPTION_CTRL_FAILURE			 149
+#define PKCS7_R_ENCRYPTION_NOT_SUPPORTED_FOR_THIS_KEY_TYPE 150
 #define PKCS7_R_ERROR_ADDING_RECIPIENT			 120
 #define PKCS7_R_ERROR_SETTING_CIPHER			 121
 #define PKCS7_R_INVALID_MIME_TYPE			 131
@@ -428,21 +459,28 @@ void ERR_load_PKCS7_strings(void);
 #define PKCS7_R_MISSING_CERIPEND_INFO			 103
 #define PKCS7_R_NO_CONTENT				 122
 #define PKCS7_R_NO_CONTENT_TYPE				 135
+#define PKCS7_R_NO_DEFAULT_DIGEST			 151
+#define PKCS7_R_NO_MATCHING_DIGEST_TYPE_FOUND		 154
 #define PKCS7_R_NO_MULTIPART_BODY_FAILURE		 136
 #define PKCS7_R_NO_MULTIPART_BOUNDARY			 137
 #define PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE	 115
+#define PKCS7_R_NO_RECIPIENT_MATCHES_KEY		 146
 #define PKCS7_R_NO_SIGNATURES_ON_DATA			 123
 #define PKCS7_R_NO_SIGNERS				 142
 #define PKCS7_R_NO_SIG_CONTENT_TYPE			 138
 #define PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE	 104
 #define PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR		 124
+#define PKCS7_R_PKCS7_ADD_SIGNER_ERROR			 153
+#define PKCS7_R_PKCS7_DATAFINAL				 126
 #define PKCS7_R_PKCS7_DATAFINAL_ERROR			 125
-#define PKCS7_R_PKCS7_DATASIGN				 126
+#define PKCS7_R_PKCS7_DATASIGN				 145
 #define PKCS7_R_PKCS7_PARSE_ERROR			 139
 #define PKCS7_R_PKCS7_SIG_PARSE_ERROR			 140
 #define PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE	 127
 #define PKCS7_R_SIGNATURE_FAILURE			 105
 #define PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND		 128
+#define PKCS7_R_SIGNING_CTRL_FAILURE			 147
+#define PKCS7_R_SIGNING_NOT_SUPPORTED_FOR_THIS_KEY_TYPE	 148
 #define PKCS7_R_SIG_INVALID_MIME_TYPE			 141
 #define PKCS7_R_SMIME_TEXT_ERROR			 129
 #define PKCS7_R_UNABLE_TO_FIND_CERTIFICATE		 106
diff --git a/crypto/pkcs7/pkcs7err.c b/crypto/pkcs7/pkcs7err.c
index 0d481e0b79..d0af32a265 100644
--- a/crypto/pkcs7/pkcs7err.c
+++ b/crypto/pkcs7/pkcs7err.c
@@ -1,6 +1,6 @@
 /* crypto/pkcs7/pkcs7err.c */
 /* ====================================================================
- * Copyright (c) 1999-2003 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2007 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -64,84 +64,111 @@
 
 /* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
+
+#define ERR_FUNC(func) ERR_PACK(ERR_LIB_PKCS7,func,0)
+#define ERR_REASON(reason) ERR_PACK(ERR_LIB_PKCS7,0,reason)
+
 static ERR_STRING_DATA PKCS7_str_functs[]=
 	{
-{ERR_PACK(0,PKCS7_F_B64_READ_PKCS7,0),	"B64_READ_PKCS7"},
-{ERR_PACK(0,PKCS7_F_B64_WRITE_PKCS7,0),	"B64_WRITE_PKCS7"},
-{ERR_PACK(0,PKCS7_F_FIND_DIGEST,0),	"FIND_DIGEST"},
-{ERR_PACK(0,PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP,0),	"PKCS7_add_attrib_smimecap"},
-{ERR_PACK(0,PKCS7_F_PKCS7_ADD_CERTIFICATE,0),	"PKCS7_add_certificate"},
-{ERR_PACK(0,PKCS7_F_PKCS7_ADD_CRL,0),	"PKCS7_add_crl"},
-{ERR_PACK(0,PKCS7_F_PKCS7_ADD_RECIPIENT_INFO,0),	"PKCS7_add_recipient_info"},
-{ERR_PACK(0,PKCS7_F_PKCS7_ADD_SIGNER,0),	"PKCS7_add_signer"},
-{ERR_PACK(0,PKCS7_F_PKCS7_BIO_ADD_DIGEST,0),	"PKCS7_BIO_ADD_DIGEST"},
-{ERR_PACK(0,PKCS7_F_PKCS7_CTRL,0),	"PKCS7_ctrl"},
-{ERR_PACK(0,PKCS7_F_PKCS7_DATADECODE,0),	"PKCS7_dataDecode"},
-{ERR_PACK(0,PKCS7_F_PKCS7_DATAINIT,0),	"PKCS7_dataInit"},
-{ERR_PACK(0,PKCS7_F_PKCS7_DATASIGN,0),	"PKCS7_DATASIGN"},
-{ERR_PACK(0,PKCS7_F_PKCS7_DATAVERIFY,0),	"PKCS7_dataVerify"},
-{ERR_PACK(0,PKCS7_F_PKCS7_DECRYPT,0),	"PKCS7_decrypt"},
-{ERR_PACK(0,PKCS7_F_PKCS7_ENCRYPT,0),	"PKCS7_encrypt"},
-{ERR_PACK(0,PKCS7_F_PKCS7_GET0_SIGNERS,0),	"PKCS7_get0_signers"},
-{ERR_PACK(0,PKCS7_F_PKCS7_SET_CIPHER,0),	"PKCS7_set_cipher"},
-{ERR_PACK(0,PKCS7_F_PKCS7_SET_CONTENT,0),	"PKCS7_set_content"},
-{ERR_PACK(0,PKCS7_F_PKCS7_SET_DIGEST,0),	"PKCS7_set_digest"},
-{ERR_PACK(0,PKCS7_F_PKCS7_SET_TYPE,0),	"PKCS7_set_type"},
-{ERR_PACK(0,PKCS7_F_PKCS7_SIGN,0),	"PKCS7_sign"},
-{ERR_PACK(0,PKCS7_F_PKCS7_SIGNATUREVERIFY,0),	"PKCS7_signatureVerify"},
-{ERR_PACK(0,PKCS7_F_PKCS7_SIMPLE_SMIMECAP,0),	"PKCS7_simple_smimecap"},
-{ERR_PACK(0,PKCS7_F_PKCS7_VERIFY,0),	"PKCS7_verify"},
-{ERR_PACK(0,PKCS7_F_SMIME_READ_PKCS7,0),	"SMIME_read_PKCS7"},
-{ERR_PACK(0,PKCS7_F_SMIME_TEXT,0),	"SMIME_text"},
+{ERR_FUNC(PKCS7_F_B64_READ_PKCS7),	"B64_READ_PKCS7"},
+{ERR_FUNC(PKCS7_F_B64_WRITE_PKCS7),	"B64_WRITE_PKCS7"},
+{ERR_FUNC(PKCS7_F_DO_PKCS7_SIGNED_ATTRIB),	"DO_PKCS7_SIGNED_ATTRIB"},
+{ERR_FUNC(PKCS7_F_I2D_PKCS7_BIO_STREAM),	"i2d_PKCS7_bio_stream"},
+{ERR_FUNC(PKCS7_F_PKCS7_ADD0_ATTRIB_SIGNING_TIME),	"PKCS7_add0_attrib_signing_time"},
+{ERR_FUNC(PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP),	"PKCS7_add_attrib_smimecap"},
+{ERR_FUNC(PKCS7_F_PKCS7_ADD_CERTIFICATE),	"PKCS7_add_certificate"},
+{ERR_FUNC(PKCS7_F_PKCS7_ADD_CRL),	"PKCS7_add_crl"},
+{ERR_FUNC(PKCS7_F_PKCS7_ADD_RECIPIENT_INFO),	"PKCS7_add_recipient_info"},
+{ERR_FUNC(PKCS7_F_PKCS7_ADD_SIGNATURE),	"PKCS7_add_signature"},
+{ERR_FUNC(PKCS7_F_PKCS7_ADD_SIGNER),	"PKCS7_add_signer"},
+{ERR_FUNC(PKCS7_F_PKCS7_BIO_ADD_DIGEST),	"PKCS7_BIO_ADD_DIGEST"},
+{ERR_FUNC(PKCS7_F_PKCS7_COPY_EXISTING_DIGEST),	"PKCS7_COPY_EXISTING_DIGEST"},
+{ERR_FUNC(PKCS7_F_PKCS7_CTRL),	"PKCS7_ctrl"},
+{ERR_FUNC(PKCS7_F_PKCS7_DATADECODE),	"PKCS7_dataDecode"},
+{ERR_FUNC(PKCS7_F_PKCS7_DATAFINAL),	"PKCS7_dataFinal"},
+{ERR_FUNC(PKCS7_F_PKCS7_DATAINIT),	"PKCS7_dataInit"},
+{ERR_FUNC(PKCS7_F_PKCS7_DATASIGN),	"PKCS7_DATASIGN"},
+{ERR_FUNC(PKCS7_F_PKCS7_DATAVERIFY),	"PKCS7_dataVerify"},
+{ERR_FUNC(PKCS7_F_PKCS7_DECRYPT),	"PKCS7_decrypt"},
+{ERR_FUNC(PKCS7_F_PKCS7_DECRYPT_RINFO),	"PKCS7_DECRYPT_RINFO"},
+{ERR_FUNC(PKCS7_F_PKCS7_ENCODE_RINFO),	"PKCS7_ENCODE_RINFO"},
+{ERR_FUNC(PKCS7_F_PKCS7_ENCRYPT),	"PKCS7_encrypt"},
+{ERR_FUNC(PKCS7_F_PKCS7_FINAL),	"PKCS7_final"},
+{ERR_FUNC(PKCS7_F_PKCS7_FIND_DIGEST),	"PKCS7_FIND_DIGEST"},
+{ERR_FUNC(PKCS7_F_PKCS7_GET0_SIGNERS),	"PKCS7_get0_signers"},
+{ERR_FUNC(PKCS7_F_PKCS7_RECIP_INFO_SET),	"PKCS7_RECIP_INFO_set"},
+{ERR_FUNC(PKCS7_F_PKCS7_SET_CIPHER),	"PKCS7_set_cipher"},
+{ERR_FUNC(PKCS7_F_PKCS7_SET_CONTENT),	"PKCS7_set_content"},
+{ERR_FUNC(PKCS7_F_PKCS7_SET_DIGEST),	"PKCS7_set_digest"},
+{ERR_FUNC(PKCS7_F_PKCS7_SET_TYPE),	"PKCS7_set_type"},
+{ERR_FUNC(PKCS7_F_PKCS7_SIGN),	"PKCS7_sign"},
+{ERR_FUNC(PKCS7_F_PKCS7_SIGNATUREVERIFY),	"PKCS7_signatureVerify"},
+{ERR_FUNC(PKCS7_F_PKCS7_SIGNER_INFO_SET),	"PKCS7_SIGNER_INFO_set"},
+{ERR_FUNC(PKCS7_F_PKCS7_SIGNER_INFO_SIGN),	"PKCS7_SIGNER_INFO_sign"},
+{ERR_FUNC(PKCS7_F_PKCS7_SIGN_ADD_SIGNER),	"PKCS7_sign_add_signer"},
+{ERR_FUNC(PKCS7_F_PKCS7_SIMPLE_SMIMECAP),	"PKCS7_simple_smimecap"},
+{ERR_FUNC(PKCS7_F_PKCS7_VERIFY),	"PKCS7_verify"},
+{ERR_FUNC(PKCS7_F_SMIME_READ_PKCS7),	"SMIME_read_PKCS7"},
+{ERR_FUNC(PKCS7_F_SMIME_TEXT),	"SMIME_text"},
 {0,NULL}
 	};
 
 static ERR_STRING_DATA PKCS7_str_reasons[]=
 	{
-{PKCS7_R_CERTIFICATE_VERIFY_ERROR        ,"certificate verify error"},
-{PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER ,"cipher has no object identifier"},
-{PKCS7_R_CIPHER_NOT_INITIALIZED          ,"cipher not initialized"},
-{PKCS7_R_CONTENT_AND_DATA_PRESENT        ,"content and data present"},
-{PKCS7_R_DECODE_ERROR                    ,"decode error"},
-{PKCS7_R_DECRYPTED_KEY_IS_WRONG_LENGTH   ,"decrypted key is wrong length"},
-{PKCS7_R_DECRYPT_ERROR                   ,"decrypt error"},
-{PKCS7_R_DIGEST_FAILURE                  ,"digest failure"},
-{PKCS7_R_ERROR_ADDING_RECIPIENT          ,"error adding recipient"},
-{PKCS7_R_ERROR_SETTING_CIPHER            ,"error setting cipher"},
-{PKCS7_R_INVALID_MIME_TYPE               ,"invalid mime type"},
-{PKCS7_R_INVALID_NULL_POINTER            ,"invalid null pointer"},
-{PKCS7_R_MIME_NO_CONTENT_TYPE            ,"mime no content type"},
-{PKCS7_R_MIME_PARSE_ERROR                ,"mime parse error"},
-{PKCS7_R_MIME_SIG_PARSE_ERROR            ,"mime sig parse error"},
-{PKCS7_R_MISSING_CERIPEND_INFO           ,"missing ceripend info"},
-{PKCS7_R_NO_CONTENT                      ,"no content"},
-{PKCS7_R_NO_CONTENT_TYPE                 ,"no content type"},
-{PKCS7_R_NO_MULTIPART_BODY_FAILURE       ,"no multipart body failure"},
-{PKCS7_R_NO_MULTIPART_BOUNDARY           ,"no multipart boundary"},
-{PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE,"no recipient matches certificate"},
-{PKCS7_R_NO_SIGNATURES_ON_DATA           ,"no signatures on data"},
-{PKCS7_R_NO_SIGNERS                      ,"no signers"},
-{PKCS7_R_NO_SIG_CONTENT_TYPE             ,"no sig content type"},
-{PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE,"operation not supported on this type"},
-{PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR       ,"pkcs7 add signature error"},
-{PKCS7_R_PKCS7_DATAFINAL_ERROR           ,"pkcs7 datafinal error"},
-{PKCS7_R_PKCS7_DATASIGN                  ,"pkcs7 datasign"},
-{PKCS7_R_PKCS7_PARSE_ERROR               ,"pkcs7 parse error"},
-{PKCS7_R_PKCS7_SIG_PARSE_ERROR           ,"pkcs7 sig parse error"},
-{PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE,"private key does not match certificate"},
-{PKCS7_R_SIGNATURE_FAILURE               ,"signature failure"},
-{PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND    ,"signer certificate not found"},
-{PKCS7_R_SIG_INVALID_MIME_TYPE           ,"sig invalid mime type"},
-{PKCS7_R_SMIME_TEXT_ERROR                ,"smime text error"},
-{PKCS7_R_UNABLE_TO_FIND_CERTIFICATE      ,"unable to find certificate"},
-{PKCS7_R_UNABLE_TO_FIND_MEM_BIO          ,"unable to find mem bio"},
-{PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST   ,"unable to find message digest"},
-{PKCS7_R_UNKNOWN_DIGEST_TYPE             ,"unknown digest type"},
-{PKCS7_R_UNKNOWN_OPERATION               ,"unknown operation"},
-{PKCS7_R_UNSUPPORTED_CIPHER_TYPE         ,"unsupported cipher type"},
-{PKCS7_R_UNSUPPORTED_CONTENT_TYPE        ,"unsupported content type"},
-{PKCS7_R_WRONG_CONTENT_TYPE              ,"wrong content type"},
-{PKCS7_R_WRONG_PKCS7_TYPE                ,"wrong pkcs7 type"},
+{ERR_REASON(PKCS7_R_CERTIFICATE_VERIFY_ERROR),"certificate verify error"},
+{ERR_REASON(PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER),"cipher has no object identifier"},
+{ERR_REASON(PKCS7_R_CIPHER_NOT_INITIALIZED),"cipher not initialized"},
+{ERR_REASON(PKCS7_R_CONTENT_AND_DATA_PRESENT),"content and data present"},
+{ERR_REASON(PKCS7_R_CTRL_ERROR)          ,"ctrl error"},
+{ERR_REASON(PKCS7_R_DECODE_ERROR)        ,"decode error"},
+{ERR_REASON(PKCS7_R_DECRYPTED_KEY_IS_WRONG_LENGTH),"decrypted key is wrong length"},
+{ERR_REASON(PKCS7_R_DECRYPT_ERROR)       ,"decrypt error"},
+{ERR_REASON(PKCS7_R_DIGEST_FAILURE)      ,"digest failure"},
+{ERR_REASON(PKCS7_R_ENCRYPTION_CTRL_FAILURE),"encryption ctrl failure"},
+{ERR_REASON(PKCS7_R_ENCRYPTION_NOT_SUPPORTED_FOR_THIS_KEY_TYPE),"encryption not supported for this key type"},
+{ERR_REASON(PKCS7_R_ERROR_ADDING_RECIPIENT),"error adding recipient"},
+{ERR_REASON(PKCS7_R_ERROR_SETTING_CIPHER),"error setting cipher"},
+{ERR_REASON(PKCS7_R_INVALID_MIME_TYPE)   ,"invalid mime type"},
+{ERR_REASON(PKCS7_R_INVALID_NULL_POINTER),"invalid null pointer"},
+{ERR_REASON(PKCS7_R_MIME_NO_CONTENT_TYPE),"mime no content type"},
+{ERR_REASON(PKCS7_R_MIME_PARSE_ERROR)    ,"mime parse error"},
+{ERR_REASON(PKCS7_R_MIME_SIG_PARSE_ERROR),"mime sig parse error"},
+{ERR_REASON(PKCS7_R_MISSING_CERIPEND_INFO),"missing ceripend info"},
+{ERR_REASON(PKCS7_R_NO_CONTENT)          ,"no content"},
+{ERR_REASON(PKCS7_R_NO_CONTENT_TYPE)     ,"no content type"},
+{ERR_REASON(PKCS7_R_NO_DEFAULT_DIGEST)   ,"no default digest"},
+{ERR_REASON(PKCS7_R_NO_MATCHING_DIGEST_TYPE_FOUND),"no matching digest type found"},
+{ERR_REASON(PKCS7_R_NO_MULTIPART_BODY_FAILURE),"no multipart body failure"},
+{ERR_REASON(PKCS7_R_NO_MULTIPART_BOUNDARY),"no multipart boundary"},
+{ERR_REASON(PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE),"no recipient matches certificate"},
+{ERR_REASON(PKCS7_R_NO_RECIPIENT_MATCHES_KEY),"no recipient matches key"},
+{ERR_REASON(PKCS7_R_NO_SIGNATURES_ON_DATA),"no signatures on data"},
+{ERR_REASON(PKCS7_R_NO_SIGNERS)          ,"no signers"},
+{ERR_REASON(PKCS7_R_NO_SIG_CONTENT_TYPE) ,"no sig content type"},
+{ERR_REASON(PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE),"operation not supported on this type"},
+{ERR_REASON(PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR),"pkcs7 add signature error"},
+{ERR_REASON(PKCS7_R_PKCS7_ADD_SIGNER_ERROR),"pkcs7 add signer error"},
+{ERR_REASON(PKCS7_R_PKCS7_DATAFINAL)     ,"pkcs7 datafinal"},
+{ERR_REASON(PKCS7_R_PKCS7_DATAFINAL_ERROR),"pkcs7 datafinal error"},
+{ERR_REASON(PKCS7_R_PKCS7_DATASIGN)      ,"pkcs7 datasign"},
+{ERR_REASON(PKCS7_R_PKCS7_PARSE_ERROR)   ,"pkcs7 parse error"},
+{ERR_REASON(PKCS7_R_PKCS7_SIG_PARSE_ERROR),"pkcs7 sig parse error"},
+{ERR_REASON(PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE),"private key does not match certificate"},
+{ERR_REASON(PKCS7_R_SIGNATURE_FAILURE)   ,"signature failure"},
+{ERR_REASON(PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND),"signer certificate not found"},
+{ERR_REASON(PKCS7_R_SIGNING_CTRL_FAILURE),"signing ctrl failure"},
+{ERR_REASON(PKCS7_R_SIGNING_NOT_SUPPORTED_FOR_THIS_KEY_TYPE),"signing not supported for this key type"},
+{ERR_REASON(PKCS7_R_SIG_INVALID_MIME_TYPE),"sig invalid mime type"},
+{ERR_REASON(PKCS7_R_SMIME_TEXT_ERROR)    ,"smime text error"},
+{ERR_REASON(PKCS7_R_UNABLE_TO_FIND_CERTIFICATE),"unable to find certificate"},
+{ERR_REASON(PKCS7_R_UNABLE_TO_FIND_MEM_BIO),"unable to find mem bio"},
+{ERR_REASON(PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST),"unable to find message digest"},
+{ERR_REASON(PKCS7_R_UNKNOWN_DIGEST_TYPE) ,"unknown digest type"},
+{ERR_REASON(PKCS7_R_UNKNOWN_OPERATION)   ,"unknown operation"},
+{ERR_REASON(PKCS7_R_UNSUPPORTED_CIPHER_TYPE),"unsupported cipher type"},
+{ERR_REASON(PKCS7_R_UNSUPPORTED_CONTENT_TYPE),"unsupported content type"},
+{ERR_REASON(PKCS7_R_WRONG_CONTENT_TYPE)  ,"wrong content type"},
+{ERR_REASON(PKCS7_R_WRONG_PKCS7_TYPE)    ,"wrong pkcs7 type"},
 {0,NULL}
 	};
 
@@ -149,15 +176,12 @@ static ERR_STRING_DATA PKCS7_str_reasons[]=
 
 void ERR_load_PKCS7_strings(void)
 	{
-	static int init=1;
-
-	if (init)
-		{
-		init=0;
 #ifndef OPENSSL_NO_ERR
-		ERR_load_strings(ERR_LIB_PKCS7,PKCS7_str_functs);
-		ERR_load_strings(ERR_LIB_PKCS7,PKCS7_str_reasons);
-#endif
 
+	if (ERR_func_error_string(PKCS7_str_functs[0].error) == NULL)
+		{
+		ERR_load_strings(0,PKCS7_str_functs);
+		ERR_load_strings(0,PKCS7_str_reasons);
 		}
+#endif
 	}
diff --git a/crypto/ppccap.c b/crypto/ppccap.c
new file mode 100644
index 0000000000..aa095ca4ba
--- /dev/null
+++ b/crypto/ppccap.c
@@ -0,0 +1,95 @@
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <setjmp.h>
+#include <signal.h>
+#include <openssl/bn.h>
+
+#define PPC_FPU64	(1<<0)
+
+static int OPENSSL_ppccap_P = 0;
+
+static sigset_t all_masked;
+
+#ifdef OPENSSL_BN_ASM_MONT
+int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, const BN_ULONG *np, const BN_ULONG *n0, int num)
+	{
+	int bn_mul_mont_fpu64(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, const BN_ULONG *np, const BN_ULONG *n0, int num);
+	int bn_mul_mont_int(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, const BN_ULONG *np, const BN_ULONG *n0, int num);
+
+	if (sizeof(size_t)==4)
+		{
+#if (defined(__APPLE__) && defined(__MACH__))
+		if ((OPENSSL_ppccap_P&PPC_FPU64))
+			return bn_mul_mont_fpu64(rp,ap,bp,np,n0,num);
+#else
+		/* boundary of 32 was experimentally determined on
+		   Linux 2.6.22, might have to be adjusted on AIX... */
+		if (num>=32 && (num&3)==0 && (OPENSSL_ppccap_P&PPC_FPU64))
+			{
+			sigset_t oset;
+			int ret;
+
+			sigprocmask(SIG_SETMASK,&all_masked,&oset);
+			ret=bn_mul_mont_fpu64(rp,ap,bp,np,n0,num);
+			sigprocmask(SIG_SETMASK,&oset,NULL);
+
+			return ret;
+			}
+#endif
+		}
+	else if ((OPENSSL_ppccap_P&PPC_FPU64))
+		/* this is a "must" on Power 6, but run-time detection
+		 * is not implemented yet... */
+		return bn_mul_mont_fpu64(rp,ap,bp,np,n0,num);
+
+	return bn_mul_mont_int(rp,ap,bp,np,n0,num);
+	}
+#endif
+
+static sigjmp_buf ill_jmp;
+static void ill_handler (int sig) { siglongjmp(ill_jmp,sig); }
+
+void OPENSSL_ppc64_probe(void);
+
+void OPENSSL_cpuid_setup(void)
+	{
+	char *e;
+
+	sigfillset(&all_masked);
+	sigdelset(&all_masked,SIGILL);
+	sigdelset(&all_masked,SIGTRAP);
+	sigdelset(&all_masked,SIGEMT);
+	sigdelset(&all_masked,SIGFPE);
+	sigdelset(&all_masked,SIGBUS);
+	sigdelset(&all_masked,SIGSEGV);
+
+	if ((e=getenv("OPENSSL_ppccap")))
+		{
+		OPENSSL_ppccap_P=strtoul(e,NULL,0);
+		return;
+		}
+
+	if (sizeof(size_t)==4)
+		{
+		struct sigaction	ill_oact,ill_act;
+		sigset_t		oset;
+
+		memset(&ill_act,0,sizeof(ill_act));
+		ill_act.sa_handler = ill_handler;
+		ill_act.sa_mask    = all_masked;
+		sigprocmask(SIG_SETMASK,&ill_act.sa_mask,&oset);
+		sigaction (SIGILL,&ill_act,&ill_oact);
+		if (sigsetjmp(ill_jmp,0) == 0)
+			{
+			OPENSSL_ppc64_probe();
+			OPENSSL_ppccap_P |= PPC_FPU64;
+			}
+		else
+			{
+			OPENSSL_ppccap_P &= ~PPC_FPU64;
+			}
+		sigaction (SIGILL,&ill_oact,NULL);
+		sigprocmask(SIG_SETMASK,&oset,NULL);
+		}
+	}
diff --git a/crypto/ppccpuid.pl b/crypto/ppccpuid.pl
new file mode 100755
index 0000000000..7e8d233b72
--- /dev/null
+++ b/crypto/ppccpuid.pl
@@ -0,0 +1,112 @@
+#!/usr/bin/env perl
+
+$flavour = shift;
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+( $xlate="${dir}ppc-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}perlasm/ppc-xlate.pl" and -f $xlate) or
+die "can't locate ppc-xlate.pl";
+
+open STDOUT,"| $^X $xlate $flavour ".shift || die "can't call $xlate: $!";
+
+if ($flavour=~/64/) {
+    $CMPLI="cmpldi";
+    $SHRLI="srdi";
+    $SIGNX="extsw";
+} else {
+    $CMPLI="cmplwi";
+    $SHRLI="srwi";
+    $SIGNX="mr";
+}
+
+$code=<<___;
+.machine	"any"
+.text
+
+.globl	.OPENSSL_ppc64_probe
+.align	4
+.OPENSSL_ppc64_probe:
+	fcfid	f1,f1
+	extrdi	r0,r0,32,0
+	blr
+
+.globl	.OPENSSL_wipe_cpu
+.align	4
+.OPENSSL_wipe_cpu:
+	xor	r0,r0,r0
+	fmr	f0,f31
+	fmr	f1,f31
+	fmr	f2,f31
+	mr	r3,r1
+	fmr	f3,f31
+	xor	r4,r4,r4
+	fmr	f4,f31
+	xor	r5,r5,r5
+	fmr	f5,f31
+	xor	r6,r6,r6
+	fmr	f6,f31
+	xor	r7,r7,r7
+	fmr	f7,f31
+	xor	r8,r8,r8
+	fmr	f8,f31
+	xor	r9,r9,r9
+	fmr	f9,f31
+	xor	r10,r10,r10
+	fmr	f10,f31
+	xor	r11,r11,r11
+	fmr	f11,f31
+	xor	r12,r12,r12
+	fmr	f12,f31
+	fmr	f13,f31
+	blr
+
+.globl	.OPENSSL_atomic_add
+.align	4
+.OPENSSL_atomic_add:
+Loop:	lwarx	r5,0,r3
+	add	r0,r4,r5
+	stwcx.	r0,0,r3
+	bne-	Loop
+	$SIGNX	r3,r0
+	blr
+
+.globl	.OPENSSL_rdtsc
+.align	4
+.OPENSSL_rdtsc:
+	mftb	r3
+	mftbu	r4
+	blr
+
+.globl	.OPENSSL_cleanse
+.align	4
+.OPENSSL_cleanse:
+	$CMPLI	r4,7
+	li	r0,0
+	bge	Lot
+	$CMPLI	r4,0
+	beqlr-
+Little:	mtctr	r4
+	stb	r0,0(r3)
+	addi	r3,r3,1
+	bdnz-	\$-8
+	blr
+Lot:	andi.	r5,r3,3
+	beq	Laligned
+	stb	r0,0(r3)
+	subi	r4,r4,1
+	addi	r3,r3,1
+	b	Lot
+Laligned:
+	$SHRLI	r5,r4,2
+	mtctr	r5
+	stw	r0,0(r3)
+	addi	r3,r3,4
+	bdnz-	\$-8
+	andi.	r4,r4,3
+	bne	Little
+	blr
+___
+
+$code =~ s/\`([^\`]*)\`/eval $1/gem;
+print $code;
+close STDOUT;
diff --git a/crypto/pqueue/.cvsignore b/crypto/pqueue/.cvsignore
new file mode 100644
index 0000000000..439e6d3eb6
--- /dev/null
+++ b/crypto/pqueue/.cvsignore
@@ -0,0 +1,4 @@
+lib
+Makefile.save
+*.flc
+semantic.cache
diff --git a/crypto/txt_db/Makefile.ssl b/crypto/pqueue/Makefile
index 57b5dea702..fb36a0c876 100644
--- a/crypto/txt_db/Makefile.ssl
+++ b/crypto/pqueue/Makefile
@@ -1,19 +1,13 @@
 #
-# SSLeay/crypto/txt_db/Makefile
+# OpenSSL/crypto/pqueue/Makefile
 #
 
-DIR=	txt_db
+DIR=	pqueue
 TOP=	../..
 CC=	cc
 INCLUDES=
 CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
+MAKEFILE=	Makefile
 AR=		ar r
 
 CFLAGS= $(INCLUDES) $(CFLAG)
@@ -23,12 +17,12 @@ TEST=
 APPS=
 
 LIB=$(TOP)/libcrypto.a
-LIBSRC=txt_db.c
-LIBOBJ=txt_db.o
+LIBSRC=pqueue.c
+LIBOBJ=pqueue.o
 
 SRC= $(LIBSRC)
 
-EXHEADER= txt_db.h
+EXHEADER= pqueue.h
 HEADER=	$(EXHEADER)
 
 ALL=    $(GENERAL) $(SRC) $(HEADER)
@@ -44,15 +38,15 @@ lib:	$(LIBOBJ)
 	@touch lib
 
 files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
 
 links:
-	@sh $(TOP)/util/point.sh Makefile.ssl Makefile
 	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
 	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
 	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
 
 install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
 	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
 	do  \
 	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
@@ -68,6 +62,7 @@ lint:
 	lint -DLINT $(INCLUDES) $(SRC)>fluff
 
 depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
 	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
 
 dclean:
@@ -79,11 +74,10 @@ clean:
 
 # DO NOT DELETE THIS LINE -- make depend depends on it.
 
-txt_db.o: ../../e_os.h ../../include/openssl/bio.h
-txt_db.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-txt_db.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-txt_db.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-txt_db.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-txt_db.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-txt_db.o: ../../include/openssl/symhacks.h ../../include/openssl/txt_db.h
-txt_db.o: ../cryptlib.h txt_db.c
+pqueue.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+pqueue.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+pqueue.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+pqueue.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+pqueue.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pqueue.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+pqueue.o: ../../include/openssl/symhacks.h ../cryptlib.h pqueue.c pqueue.h
diff --git a/crypto/pqueue/pq_test.c b/crypto/pqueue/pq_test.c
new file mode 100644
index 0000000000..8d496dfc65
--- /dev/null
+++ b/crypto/pqueue/pq_test.c
@@ -0,0 +1,95 @@
+/* crypto/pqueue/pq_test.c */
+/* 
+ * DTLS implementation written by Nagendra Modadugu
+ * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.  
+ */
+/* ====================================================================
+ * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "pqueue.h"
+
+int
+main(void)
+	{
+	pitem *item;
+	pqueue pq;
+
+	pq = pqueue_new();
+
+	item = pitem_new(3, NULL);
+	pqueue_insert(pq, item);
+
+	item = pitem_new(1, NULL);
+	pqueue_insert(pq, item);
+
+	item = pitem_new(2, NULL);
+	pqueue_insert(pq, item);
+
+	item = pqueue_find(pq, 1);
+	fprintf(stderr, "found %ld\n", item->priority);
+
+	item = pqueue_find(pq, 2);
+	fprintf(stderr, "found %ld\n", item->priority);
+
+	item = pqueue_find(pq, 3);
+	fprintf(stderr, "found %ld\n", item ? item->priority: 0);
+
+	pqueue_print(pq);
+
+	for(item = pqueue_pop(pq); item != NULL; item = pqueue_pop(pq))
+		pitem_free(item);
+
+	pqueue_free(pq);
+	return 0;
+	}
diff --git a/crypto/pqueue/pqueue.c b/crypto/pqueue/pqueue.c
new file mode 100644
index 0000000000..99a6fb874d
--- /dev/null
+++ b/crypto/pqueue/pqueue.c
@@ -0,0 +1,253 @@
+/* crypto/pqueue/pqueue.c */
+/* 
+ * DTLS implementation written by Nagendra Modadugu
+ * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.  
+ */
+/* ====================================================================
+ * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "cryptlib.h"
+#include <openssl/bn.h>
+#include "pqueue.h"
+
+typedef struct _pqueue
+	{
+	pitem *items;
+	int count;
+	} pqueue_s;
+
+pitem *
+pitem_new(unsigned char *prio64be, void *data)
+	{
+	pitem *item = (pitem *) OPENSSL_malloc(sizeof(pitem));
+	if (item == NULL) return NULL;
+
+	memcpy(item->priority,prio64be,sizeof(item->priority));
+
+	item->data = data;
+	item->next = NULL;
+
+	return item;
+	}
+
+void
+pitem_free(pitem *item)
+	{
+	if (item == NULL) return;
+
+	OPENSSL_free(item);
+	}
+
+pqueue_s *
+pqueue_new()
+	{
+	pqueue_s *pq = (pqueue_s *) OPENSSL_malloc(sizeof(pqueue_s));
+	if (pq == NULL) return NULL;
+
+	memset(pq, 0x00, sizeof(pqueue_s));
+	return pq;
+	}
+
+void
+pqueue_free(pqueue_s *pq)
+	{
+	if (pq == NULL) return;
+
+	OPENSSL_free(pq);
+	}
+
+pitem *
+pqueue_insert(pqueue_s *pq, pitem *item)
+	{
+	pitem *curr, *next;
+
+	if (pq->items == NULL)
+		{
+		pq->items = item;
+		return item;
+		}
+
+	for(curr = NULL, next = pq->items; 
+		next != NULL;
+		curr = next, next = next->next)
+		{
+		/* we can compare 64-bit value in big-endian encoding
+		 * with memcmp:-) */
+		int cmp = memcmp(next->priority, item->priority,8);
+		if (cmp > 0)		/* next > item */
+			{
+			item->next = next;
+
+			if (curr == NULL) 
+				pq->items = item;
+			else  
+				curr->next = item;
+
+			return item;
+			}
+		
+		else if (cmp == 0)	/* duplicates not allowed */
+			return NULL;
+		}
+
+	item->next = NULL;
+	curr->next = item;
+
+	return item;
+	}
+
+pitem *
+pqueue_peek(pqueue_s *pq)
+	{
+	return pq->items;
+	}
+
+pitem *
+pqueue_pop(pqueue_s *pq)
+	{
+	pitem *item = pq->items;
+
+	if (pq->items != NULL)
+		pq->items = pq->items->next;
+
+	return item;
+	}
+
+pitem *
+pqueue_find(pqueue_s *pq, unsigned char *prio64be)
+	{
+	pitem *next, *prev = NULL;
+	pitem *found = NULL;
+
+	if ( pq->items == NULL)
+		return NULL;
+
+	for ( next = pq->items; next->next != NULL; 
+		  prev = next, next = next->next)
+		{
+		if ( memcmp(next->priority, prio64be,8) == 0)
+			{
+			found = next;
+			break;
+			}
+		}
+	
+	/* check the one last node */
+	if ( memcmp(next->priority, prio64be,8) ==0)
+		found = next;
+
+	if ( ! found)
+		return NULL;
+
+#if 0 /* find works in peek mode */
+	if ( prev == NULL)
+		pq->items = next->next;
+	else
+		prev->next = next->next;
+#endif
+
+	return found;
+	}
+
+void
+pqueue_print(pqueue_s *pq)
+	{
+	pitem *item = pq->items;
+
+	while(item != NULL)
+		{
+		printf("item\t%02x%02x%02x%02x%02x%02x%02x%02x\n",
+			item->priority[0],item->priority[1],
+			item->priority[2],item->priority[3],
+			item->priority[4],item->priority[5],
+			item->priority[6],item->priority[7]);
+		item = item->next;
+		}
+	}
+
+pitem *
+pqueue_iterator(pqueue_s *pq)
+	{
+	return pqueue_peek(pq);
+	}
+
+pitem *
+pqueue_next(pitem **item)
+	{
+	pitem *ret;
+
+	if ( item == NULL || *item == NULL)
+		return NULL;
+
+
+	/* *item != NULL */
+	ret = *item;
+	*item = (*item)->next;
+
+	return ret;
+	}
+
+int
+pqueue_size(pqueue_s *pq)
+{
+	pitem *item = pq->items;
+	int count = 0;
+	
+	while(item != NULL)
+	{
+		count++;
+		item = item->next;
+	}
+	return count;
+}
diff --git a/crypto/pqueue/pqueue.h b/crypto/pqueue/pqueue.h
new file mode 100644
index 0000000000..87fc9037c8
--- /dev/null
+++ b/crypto/pqueue/pqueue.h
@@ -0,0 +1,94 @@
+/* crypto/pqueue/pqueue.h */
+/* 
+ * DTLS implementation written by Nagendra Modadugu
+ * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.  
+ */
+/* ====================================================================
+ * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_PQUEUE_H
+#define HEADER_PQUEUE_H
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+typedef struct _pqueue *pqueue;
+
+typedef struct _pitem
+	{
+	unsigned char priority[8]; /* 64-bit value in big-endian encoding */
+	void *data;
+	struct _pitem *next;
+	} pitem;
+
+typedef struct _pitem *piterator;
+
+pitem *pitem_new(unsigned char *prio64be, void *data);
+void   pitem_free(pitem *item);
+
+pqueue pqueue_new(void);
+void   pqueue_free(pqueue pq);
+
+pitem *pqueue_insert(pqueue pq, pitem *item);
+pitem *pqueue_peek(pqueue pq);
+pitem *pqueue_pop(pqueue pq);
+pitem *pqueue_find(pqueue pq, unsigned char *prio64be);
+pitem *pqueue_iterator(pqueue pq);
+pitem *pqueue_next(piterator *iter);
+
+void   pqueue_print(pqueue pq);
+int    pqueue_size(pqueue pq);
+
+#endif /* ! HEADER_PQUEUE_H */
diff --git a/crypto/rand/.cvsignore b/crypto/rand/.cvsignore
index c6d03a9dbc..439e6d3eb6 100644
--- a/crypto/rand/.cvsignore
+++ b/crypto/rand/.cvsignore
@@ -1,2 +1,4 @@
 lib
 Makefile.save
+*.flc
+semantic.cache
diff --git a/crypto/rand/Makefile.ssl b/crypto/rand/Makefile.ssl
deleted file mode 100644
index e5da96e865..0000000000
--- a/crypto/rand/Makefile.ssl
+++ /dev/null
@@ -1,164 +0,0 @@
-#
-# SSLeay/crypto/rand/Makefile
-#
-
-DIR=	rand
-TOP=	../..
-CC=	cc
-INCLUDES=
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST= randtest.c
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=md_rand.c randfile.c rand_lib.c rand_err.c rand_egd.c \
-	rand_win.c rand_unix.c rand_os2.c rand_nw.c
-LIBOBJ=md_rand.o randfile.o rand_lib.o rand_err.o rand_egd.o \
-	rand_win.o rand_unix.o rand_os2.o rand_nw.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= rand.h
-HEADER=	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@sh $(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-md_rand.o: ../../e_os.h ../../include/openssl/asn1.h
-md_rand.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
-md_rand.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-md_rand.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-md_rand.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-md_rand.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-md_rand.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
-md_rand.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-md_rand.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-md_rand.o: md_rand.c rand_lcl.h
-rand_egd.o: ../../include/openssl/buffer.h ../../include/openssl/e_os2.h
-rand_egd.o: ../../include/openssl/opensslconf.h
-rand_egd.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
-rand_egd.o: rand_egd.c
-rand_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
-rand_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-rand_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-rand_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-rand_err.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
-rand_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-rand_err.o: rand_err.c
-rand_lib.o: ../../e_os.h ../../include/openssl/bio.h
-rand_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-rand_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
-rand_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-rand_lib.o: ../../include/openssl/opensslconf.h
-rand_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-rand_lib.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
-rand_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-rand_lib.o: ../cryptlib.h rand_lib.c
-rand_nw.o: ../../e_os.h ../../include/openssl/asn1.h
-rand_nw.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-rand_nw.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-rand_nw.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-rand_nw.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-rand_nw.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-rand_nw.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-rand_nw.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
-rand_nw.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-rand_nw.o: ../../include/openssl/symhacks.h ../cryptlib.h rand_lcl.h rand_nw.c
-rand_os2.o: ../../e_os.h ../../include/openssl/asn1.h
-rand_os2.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-rand_os2.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-rand_os2.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-rand_os2.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-rand_os2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-rand_os2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-rand_os2.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
-rand_os2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-rand_os2.o: ../../include/openssl/symhacks.h ../cryptlib.h rand_lcl.h
-rand_os2.o: rand_os2.c
-rand_unix.o: ../../e_os.h ../../include/openssl/asn1.h
-rand_unix.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-rand_unix.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-rand_unix.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-rand_unix.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-rand_unix.o: ../../include/openssl/objects.h
-rand_unix.o: ../../include/openssl/opensslconf.h
-rand_unix.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-rand_unix.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
-rand_unix.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-rand_unix.o: ../../include/openssl/symhacks.h ../cryptlib.h rand_lcl.h
-rand_unix.o: rand_unix.c
-rand_win.o: ../../e_os.h ../../include/openssl/asn1.h
-rand_win.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-rand_win.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-rand_win.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-rand_win.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-rand_win.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-rand_win.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-rand_win.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
-rand_win.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-rand_win.o: ../../include/openssl/symhacks.h ../cryptlib.h rand_lcl.h
-rand_win.o: rand_win.c
-randfile.o: ../../e_os.h ../../include/openssl/buffer.h
-randfile.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-randfile.o: ../../include/openssl/opensslconf.h
-randfile.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-randfile.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
-randfile.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-randfile.o: randfile.c
diff --git a/crypto/rand/md_rand.c b/crypto/rand/md_rand.c
index 87fd9455e2..4e581f3917 100644
--- a/crypto/rand/md_rand.c
+++ b/crypto/rand/md_rand.c
@@ -145,18 +145,18 @@ static unsigned int crypto_lock_rand = 0; /* may be set only when a thread
                                            * holds CRYPTO_LOCK_RAND
                                            * (to prevent double locking) */
 /* access to lockin_thread is synchronized by CRYPTO_LOCK_RAND2 */
-static unsigned long locking_thread = 0; /* valid iff crypto_lock_rand is set */
+static CRYPTO_THREADID locking_threadid; /* valid iff crypto_lock_rand is set */
 
 
 #ifdef PREDICT
 int rand_predictable=0;
 #endif
 
-const char *RAND_version="RAND" OPENSSL_VERSION_PTEXT;
+const char RAND_version[]="RAND" OPENSSL_VERSION_PTEXT;
 
 static void ssleay_rand_cleanup(void);
-static void ssleay_rand_seed(const void *buf, int num);
-static void ssleay_rand_add(const void *buf, int num, double add_entropy);
+static int ssleay_rand_seed(const void *buf, int num);
+static int ssleay_rand_add(const void *buf, int num, double add_entropy);
 static int ssleay_rand_bytes(unsigned char *buf, int num);
 static int ssleay_rand_pseudo_bytes(unsigned char *buf, int num);
 static int ssleay_rand_status(void);
@@ -187,13 +187,14 @@ static void ssleay_rand_cleanup(void)
 	initialized=0;
 	}
 
-static void ssleay_rand_add(const void *buf, int num, double add)
+static int ssleay_rand_add(const void *buf, int num, double add)
 	{
 	int i,j,k,st_idx;
 	long md_c[2];
 	unsigned char local_md[MD_DIGEST_LENGTH];
 	EVP_MD_CTX m;
 	int do_not_lock;
+	int rv = 0;
 
 	/*
 	 * (Based on the rand(3) manpage)
@@ -210,11 +211,14 @@ static void ssleay_rand_add(const void *buf, int num, double add)
          * hash function.
 	 */
 
+	EVP_MD_CTX_init(&m);
 	/* check if we already have the lock */
 	if (crypto_lock_rand)
 		{
+		CRYPTO_THREADID cur;
+		CRYPTO_THREADID_current(&cur);
 		CRYPTO_r_lock(CRYPTO_LOCK_RAND2);
-		do_not_lock = (locking_thread == CRYPTO_thread_id());
+		do_not_lock = !CRYPTO_THREADID_cmp(&locking_threadid, &cur);
 		CRYPTO_r_unlock(CRYPTO_LOCK_RAND2);
 		}
 	else
@@ -254,26 +258,41 @@ static void ssleay_rand_add(const void *buf, int num, double add)
 
 	if (!do_not_lock) CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
 
-	EVP_MD_CTX_init(&m);
 	for (i=0; i<num; i+=MD_DIGEST_LENGTH)
 		{
 		j=(num-i);
 		j=(j > MD_DIGEST_LENGTH)?MD_DIGEST_LENGTH:j;
 
-		MD_Init(&m);
-		MD_Update(&m,local_md,MD_DIGEST_LENGTH);
+		if (!MD_Init(&m))
+			goto err;
+		if (!MD_Update(&m,local_md,MD_DIGEST_LENGTH))
+			goto err;
 		k=(st_idx+j)-STATE_SIZE;
 		if (k > 0)
 			{
-			MD_Update(&m,&(state[st_idx]),j-k);
-			MD_Update(&m,&(state[0]),k);
+			if (!MD_Update(&m,&(state[st_idx]),j-k))
+				goto err;
+			if (!MD_Update(&m,&(state[0]),k))
+				goto err;
 			}
 		else
-			MD_Update(&m,&(state[st_idx]),j);
-			
-		MD_Update(&m,buf,j);
-		MD_Update(&m,(unsigned char *)&(md_c[0]),sizeof(md_c));
-		MD_Final(&m,local_md);
+			if (!MD_Update(&m,&(state[st_idx]),j))
+				goto err;
+
+		/* DO NOT REMOVE THE FOLLOWING CALL TO MD_Update()! */
+		if (!MD_Update(&m,buf,j))
+			goto err;
+		/* We know that line may cause programs such as
+		   purify and valgrind to complain about use of
+		   uninitialized data.  The problem is not, it's
+		   with the caller.  Removing that line will make
+		   sure you get really bad randomness and thereby
+		   other problems such as very insecure keys. */
+
+		if (!MD_Update(&m,(unsigned char *)&(md_c[0]),sizeof(md_c)))
+			goto err;
+		if (!MD_Final(&m,local_md))
+			goto err;
 		md_c[1]++;
 
 		buf=(const char *)buf + j;
@@ -293,7 +312,6 @@ static void ssleay_rand_add(const void *buf, int num, double add)
 				st_idx=0;
 			}
 		}
-	EVP_MD_CTX_cleanup(&m);
 
 	if (!do_not_lock) CRYPTO_w_lock(CRYPTO_LOCK_RAND);
 	/* Don't just copy back local_md into md -- this could mean that
@@ -311,11 +329,15 @@ static void ssleay_rand_add(const void *buf, int num, double add)
 #if !defined(OPENSSL_THREADS) && !defined(OPENSSL_SYS_WIN32)
 	assert(md_c[1] == md_count[1]);
 #endif
+	rv = 1;
+	err:
+	EVP_MD_CTX_cleanup(&m);
+	return rv;
 	}
 
-static void ssleay_rand_seed(const void *buf, int num)
+static int ssleay_rand_seed(const void *buf, int num)
 	{
-	ssleay_rand_add(buf, num, (double)num);
+	return ssleay_rand_add(buf, num, (double)num);
 	}
 
 static int ssleay_rand_bytes(unsigned char *buf, int num)
@@ -372,7 +394,7 @@ static int ssleay_rand_bytes(unsigned char *buf, int num)
 
 	/* prevent ssleay_rand_bytes() from trying to obtain the lock again */
 	CRYPTO_w_lock(CRYPTO_LOCK_RAND2);
-	locking_thread = CRYPTO_thread_id();
+	CRYPTO_THREADID_current(&locking_threadid);
 	CRYPTO_w_unlock(CRYPTO_LOCK_RAND2);
 	crypto_lock_rand = 1;
 
@@ -454,28 +476,43 @@ static int ssleay_rand_bytes(unsigned char *buf, int num)
 		/* num_ceil -= MD_DIGEST_LENGTH/2 */
 		j=(num >= MD_DIGEST_LENGTH/2)?MD_DIGEST_LENGTH/2:num;
 		num-=j;
-		MD_Init(&m);
+		if (!MD_Init(&m))
+			goto err;
 #ifndef GETPID_IS_MEANINGLESS
 		if (curr_pid) /* just in the first iteration to save time */
 			{
-			MD_Update(&m,(unsigned char*)&curr_pid,sizeof curr_pid);
+			if (!MD_Update(&m,(unsigned char*)&curr_pid,sizeof curr_pid))
+				goto err;
 			curr_pid = 0;
 			}
 #endif
-		MD_Update(&m,local_md,MD_DIGEST_LENGTH);
-		MD_Update(&m,(unsigned char *)&(md_c[0]),sizeof(md_c));
-#ifndef PURIFY
-		MD_Update(&m,buf,j); /* purify complains */
+		if (!MD_Update(&m,local_md,MD_DIGEST_LENGTH))
+			goto err;
+		if (!MD_Update(&m,(unsigned char *)&(md_c[0]),sizeof(md_c)))
+			goto err;
+
+#ifndef PURIFY /* purify complains */
+		/* DO NOT REMOVE THE FOLLOWING CALL TO MD_Update()! */
+		if (!MD_Update(&m,buf,j))
+			goto err;
+		/* We know that line may cause programs such as
+		   purify and valgrind to complain about use of
+		   uninitialized data.  */
 #endif
+
 		k=(st_idx+MD_DIGEST_LENGTH/2)-st_num;
 		if (k > 0)
 			{
-			MD_Update(&m,&(state[st_idx]),MD_DIGEST_LENGTH/2-k);
-			MD_Update(&m,&(state[0]),k);
+			if (!MD_Update(&m,&(state[st_idx]),MD_DIGEST_LENGTH/2-k))
+				goto err;
+			if (!MD_Update(&m,&(state[0]),k))
+				goto err;
 			}
 		else
-			MD_Update(&m,&(state[st_idx]),MD_DIGEST_LENGTH/2);
-		MD_Final(&m,local_md);
+			if (!MD_Update(&m,&(state[st_idx]),MD_DIGEST_LENGTH/2))
+				goto err;
+		if (!MD_Final(&m,local_md))
+			goto err;
 
 		for (i=0; i<MD_DIGEST_LENGTH/2; i++)
 			{
@@ -487,12 +524,16 @@ static int ssleay_rand_bytes(unsigned char *buf, int num)
 			}
 		}
 
-	MD_Init(&m);
-	MD_Update(&m,(unsigned char *)&(md_c[0]),sizeof(md_c));
-	MD_Update(&m,local_md,MD_DIGEST_LENGTH);
+	if (!MD_Init(&m)
+		|| !MD_Update(&m,(unsigned char *)&(md_c[0]),sizeof(md_c))
+		|| !MD_Update(&m,local_md,MD_DIGEST_LENGTH))
+		goto err;
 	CRYPTO_w_lock(CRYPTO_LOCK_RAND);
-	MD_Update(&m,md,MD_DIGEST_LENGTH);
-	MD_Final(&m,md);
+	if (!MD_Update(&m,md,MD_DIGEST_LENGTH) || !MD_Final(&m,md))
+		{
+		CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
+		goto err;
+		}
 	CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
 
 	EVP_MD_CTX_cleanup(&m);
@@ -505,6 +546,11 @@ static int ssleay_rand_bytes(unsigned char *buf, int num)
 			"http://www.openssl.org/support/faq.html");
 		return(0);
 		}
+	err:
+	EVP_MD_CTX_cleanup(&m);
+	RANDerr(RAND_F_SSLEAY_RAND_BYTES,ERR_R_EVP_LIB);
+	return 0;
+
 	}
 
 /* pseudo-random bytes that are guaranteed to be unique but not
@@ -520,22 +566,24 @@ static int ssleay_rand_pseudo_bytes(unsigned char *buf, int num)
 		err = ERR_peek_error();
 		if (ERR_GET_LIB(err) == ERR_LIB_RAND &&
 		    ERR_GET_REASON(err) == RAND_R_PRNG_NOT_SEEDED)
-			(void)ERR_get_error();
+			ERR_clear_error();
 		}
 	return (ret);
 	}
 
 static int ssleay_rand_status(void)
 	{
+	CRYPTO_THREADID cur;
 	int ret;
 	int do_not_lock;
 
+	CRYPTO_THREADID_current(&cur);
 	/* check if we already have the lock
 	 * (could happen if a RAND_poll() implementation calls RAND_status()) */
 	if (crypto_lock_rand)
 		{
 		CRYPTO_r_lock(CRYPTO_LOCK_RAND2);
-		do_not_lock = (locking_thread == CRYPTO_thread_id());
+		do_not_lock = !CRYPTO_THREADID_cmp(&locking_threadid, &cur);
 		CRYPTO_r_unlock(CRYPTO_LOCK_RAND2);
 		}
 	else
@@ -547,7 +595,7 @@ static int ssleay_rand_status(void)
 		
 		/* prevent ssleay_rand_bytes() from trying to obtain the lock again */
 		CRYPTO_w_lock(CRYPTO_LOCK_RAND2);
-		locking_thread = CRYPTO_thread_id();
+		CRYPTO_THREADID_cpy(&locking_threadid, &cur);
 		CRYPTO_w_unlock(CRYPTO_LOCK_RAND2);
 		crypto_lock_rand = 1;
 		}
diff --git a/crypto/rand/rand.h b/crypto/rand/rand.h
index ac6c021763..5895d3b6e1 100644
--- a/crypto/rand/rand.h
+++ b/crypto/rand/rand.h
@@ -80,10 +80,10 @@ extern "C" {
 
 struct rand_meth_st
 	{
-	void (*seed)(const void *buf, int num);
+	int (*seed)(const void *buf, int num);
 	int (*bytes)(unsigned char *buf, int num);
 	void (*cleanup)(void);
-	void (*add)(const void *buf, int num, double entropy);
+	int (*add)(const void *buf, int num, double entropy);
 	int (*pseudorand)(unsigned char *buf, int num);
 	int (*status)(void);
 	};
diff --git a/crypto/rand/rand_egd.c b/crypto/rand/rand_egd.c
index 50bce6caba..d53b916ebe 100644
--- a/crypto/rand/rand_egd.c
+++ b/crypto/rand/rand_egd.c
@@ -95,7 +95,7 @@
  *   RAND_egd() is a wrapper for RAND_egd_bytes() with numbytes=255.
  */
 
-#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_VOS)
+#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_VOS) || defined(OPENSSL_SYS_BEOS)
 int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes)
 	{
 	return(-1);
diff --git a/crypto/rand/rand_err.c b/crypto/rand/rand_err.c
index b77267e213..03cda4dd92 100644
--- a/crypto/rand/rand_err.c
+++ b/crypto/rand/rand_err.c
@@ -1,6 +1,6 @@
 /* crypto/rand/rand_err.c */
 /* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2006 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -64,16 +64,20 @@
 
 /* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
+
+#define ERR_FUNC(func) ERR_PACK(ERR_LIB_RAND,func,0)
+#define ERR_REASON(reason) ERR_PACK(ERR_LIB_RAND,0,reason)
+
 static ERR_STRING_DATA RAND_str_functs[]=
 	{
-{ERR_PACK(0,RAND_F_RAND_GET_RAND_METHOD,0),	"RAND_get_rand_method"},
-{ERR_PACK(0,RAND_F_SSLEAY_RAND_BYTES,0),	"SSLEAY_RAND_BYTES"},
+{ERR_FUNC(RAND_F_RAND_GET_RAND_METHOD),	"RAND_get_rand_method"},
+{ERR_FUNC(RAND_F_SSLEAY_RAND_BYTES),	"SSLEAY_RAND_BYTES"},
 {0,NULL}
 	};
 
 static ERR_STRING_DATA RAND_str_reasons[]=
 	{
-{RAND_R_PRNG_NOT_SEEDED                  ,"PRNG not seeded"},
+{ERR_REASON(RAND_R_PRNG_NOT_SEEDED)      ,"PRNG not seeded"},
 {0,NULL}
 	};
 
@@ -81,15 +85,12 @@ static ERR_STRING_DATA RAND_str_reasons[]=
 
 void ERR_load_RAND_strings(void)
 	{
-	static int init=1;
-
-	if (init)
-		{
-		init=0;
 #ifndef OPENSSL_NO_ERR
-		ERR_load_strings(ERR_LIB_RAND,RAND_str_functs);
-		ERR_load_strings(ERR_LIB_RAND,RAND_str_reasons);
-#endif
 
+	if (ERR_func_error_string(RAND_str_functs[0].error) == NULL)
+		{
+		ERR_load_strings(0,RAND_str_functs);
+		ERR_load_strings(0,RAND_str_reasons);
 		}
+#endif
 	}
diff --git a/crypto/rand/rand_nw.c b/crypto/rand/rand_nw.c
index ba57812788..f177ffbe82 100644
--- a/crypto/rand/rand_nw.c
+++ b/crypto/rand/rand_nw.c
@@ -117,9 +117,15 @@
 
 #if defined(NETWARE_LIBC)
 #include <nks/thread.h>
+#else
+#include <nwthread.h>
 #endif
 
-extern long RunningProcess;
+extern int GetProcessSwitchCount(void);
+#if !defined(NETWARE_LIBC) || (CURRENT_NDK_THRESHOLD < 509220000)
+extern void *RunningProcess; /* declare here same as found in newer NDKs */
+extern unsigned long GetSuperHighResolutionTimer(void);
+#endif
 
    /* the FAQ indicates we need to provide at least 20 bytes (160 bits) of seed
    */
@@ -142,7 +148,8 @@ int RAND_poll(void)
    l = GetProcessSwitchCount();
    RAND_add(&l,sizeof(l),1);
    
-   l=RunningProcess;
+   /* need to cast the void* to unsigned long here */
+   l = (unsigned long)RunningProcess;
    RAND_add(&l,sizeof(l),1);
 
    for( i=2; i<ENTROPY_NEEDED; i++)
diff --git a/crypto/rand/rand_os2.c b/crypto/rand/rand_os2.c
index c3e36d4e5e..fc1e78b179 100644
--- a/crypto/rand/rand_os2.c
+++ b/crypto/rand/rand_os2.c
@@ -78,8 +78,10 @@ typedef struct _CPUUTIL {
     ULONG ulIntrHigh;           /* High 32 bits of interrupt time */
 } CPUUTIL;
 
+#ifndef __KLIBC__
 APIRET APIENTRY(*DosPerfSysCall) (ULONG ulCommand, ULONG ulParm1, ULONG ulParm2, ULONG ulParm3) = NULL;
 APIRET APIENTRY(*DosQuerySysState) (ULONG func, ULONG arg1, ULONG pid, ULONG _res_, PVOID buf, ULONG bufsz) = NULL;
+#endif
 HMODULE hDoscalls = 0;
 
 int RAND_poll(void)
@@ -91,6 +93,7 @@ int RAND_poll(void)
     if (hDoscalls == 0) {
         ULONG rc = DosLoadModule(failed_module, sizeof(failed_module), "DOSCALLS", &hDoscalls);
 
+#ifndef __KLIBC__
         if (rc == 0) {
             rc = DosQueryProcAddr(hDoscalls, 976, NULL, (PFN *)&DosPerfSysCall);
 
@@ -102,6 +105,7 @@ int RAND_poll(void)
             if (rc)
                 DosQuerySysState = NULL;
         }
+#endif
     }
 
     /* Sample the hi-res timer, runs at around 1.1 MHz */
@@ -122,7 +126,9 @@ int RAND_poll(void)
             RAND_add(&util, sizeof(util), 10);
         }
         else {
+#ifndef __KLIBC__
             DosPerfSysCall = NULL;
+#endif
         }
     }
 
diff --git a/crypto/rand/rand_unix.c b/crypto/rand/rand_unix.c
index 14837a7a7d..e9ead3a529 100644
--- a/crypto/rand/rand_unix.c
+++ b/crypto/rand/rand_unix.c
@@ -56,7 +56,7 @@
  * [including the GNU Public Licence.]
  */
 /* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -116,7 +116,7 @@
 #include <openssl/rand.h>
 #include "rand_lcl.h"
 
-#if !(defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE)) 
+#if !(defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE))
 
 #include <sys/types.h>
 #include <sys/time.h>
@@ -125,8 +125,58 @@
 #include <fcntl.h>
 #include <unistd.h>
 #include <time.h>
+#if defined(OPENSSL_SYS_LINUX) /* should actually be available virtually everywhere */
+# include <poll.h>
+#endif
+#include <limits.h>
+#ifndef FD_SETSIZE
+# define FD_SETSIZE (8*sizeof(fd_set))
+#endif
 
-#ifdef __OpenBSD__
+#ifdef __VOS__
+int RAND_poll(void)
+{
+	unsigned char buf[ENTROPY_NEEDED];
+	pid_t curr_pid;
+	uid_t curr_uid;
+	static int first=1;
+	int i;
+	long rnd = 0;
+	struct timespec ts;
+	unsigned seed;
+
+/* The VOS random() function starts from a static seed so its
+   initial value is predictable.  If random() returns the
+   initial value, reseed it with dynamic data.  The VOS
+   real-time clock has a granularity of 1 nsec so it should be
+   reasonably difficult to predict its exact value.  Do not
+   gratuitously reseed the PRNG because other code in this
+   process or thread may be using it.  */
+
+	if (first) {
+		first = 0;
+		rnd = random ();
+		if (rnd == 1804289383) {
+			clock_gettime (CLOCK_REALTIME, &ts);
+			curr_pid = getpid();
+			curr_uid = getuid();
+			seed = ts.tv_sec ^ ts.tv_nsec ^ curr_pid ^ curr_uid;
+			srandom (seed);
+		}
+	}
+
+	for (i = 0; i < sizeof(buf); i++) {
+		if (i % 4 == 0)
+			rnd = random();
+		buf[i] = rnd;
+		rnd >>= 8;
+	}
+	RAND_add(buf, sizeof(buf), ENTROPY_NEEDED);
+	memset(buf, 0, sizeof(buf));
+
+	return 1;
+}
+#elif defined __OpenBSD__
 int RAND_poll(void)
 {
 	u_int32_t rnd = 0, i;
@@ -143,7 +193,7 @@ int RAND_poll(void)
 
 	return 1;
 }
-#else
+#else /* !defined(__OpenBSD__) */
 int RAND_poll(void)
 {
 	unsigned long l;
@@ -155,7 +205,8 @@ int RAND_poll(void)
 #ifdef DEVRANDOM
 	static const char *randomfiles[] = { DEVRANDOM };
 	struct stat randomstats[sizeof(randomfiles)/sizeof(randomfiles[0])];
-	int fd,i;
+	int fd;
+	unsigned int i;
 #endif
 #ifdef DEVRANDOM_EGD
 	static const char *egdsockets[] = { DEVRANDOM_EGD, NULL };
@@ -168,7 +219,8 @@ int RAND_poll(void)
 	 * have this. Use /dev/urandom if you can as /dev/random may block
 	 * if it runs out of random entries.  */
 
-	for (i=0; i<sizeof(randomfiles)/sizeof(randomfiles[0]) && n < ENTROPY_NEEDED; i++)
+	for (i = 0; (i < sizeof(randomfiles)/sizeof(randomfiles[0])) &&
+			(n < ENTROPY_NEEDED); i++)
 		{
 		if ((fd = open(randomfiles[i], O_RDONLY
 #ifdef O_NONBLOCK
@@ -183,10 +235,9 @@ int RAND_poll(void)
 #endif
 			)) >= 0)
 			{
-			struct timeval t = { 0, 10*1000 }; /* Spend 10ms on
-							      each file. */
-			int r,j;
-			fd_set fset;
+			int usec = 10*1000; /* spend 10ms on each file */
+			int r;
+			unsigned int j;
 			struct stat *st=&randomstats[i];
 
 			/* Avoid using same input... Used to be O_NOFOLLOW
@@ -202,35 +253,84 @@ int RAND_poll(void)
 
 			do
 				{
-				FD_ZERO(&fset);
-				FD_SET(fd, &fset);
-				r = -1;
+				int try_read = 0;
+
+#if defined(OPENSSL_SYS_BEOS_R5)
+				/* select() is broken in BeOS R5, so we simply
+				 *  try to read something and snooze if we couldn't */
+				try_read = 1;
+
+#elif defined(OPENSSL_SYS_LINUX)
+				/* use poll() */
+				struct pollfd pset;
+				
+				pset.fd = fd;
+				pset.events = POLLIN;
+				pset.revents = 0;
 
-				if (select(fd+1,&fset,NULL,NULL,&t) < 0)
-					t.tv_usec=0;
-				else if (FD_ISSET(fd, &fset))
+				if (poll(&pset, 1, usec / 1000) < 0)
+					usec = 0;
+				else
+					try_read = (pset.revents & POLLIN) != 0;
+
+#else
+				/* use select() */
+				fd_set fset;
+				struct timeval t;
+				
+				t.tv_sec = 0;
+				t.tv_usec = usec;
+
+				if (FD_SETSIZE > 0 && (unsigned)fd >= FD_SETSIZE)
 					{
-					r=read(fd,(unsigned char *)tmpbuf+n,
-					       ENTROPY_NEEDED-n);
+					/* can't use select, so just try to read once anyway */
+					try_read = 1;
+					}
+				else
+					{
+					FD_ZERO(&fset);
+					FD_SET(fd, &fset);
+					
+					if (select(fd+1,&fset,NULL,NULL,&t) >= 0)
+						{
+						usec = t.tv_usec;
+						if (FD_ISSET(fd, &fset))
+							try_read = 1;
+						}
+					else
+						usec = 0;
+					}
+#endif
+				
+				if (try_read)
+					{
+					r = read(fd,(unsigned char *)tmpbuf+n, ENTROPY_NEEDED-n);
 					if (r > 0)
 						n += r;
+#if defined(OPENSSL_SYS_BEOS_R5)
+					if (r == 0)
+						snooze(t.tv_usec);
+#endif
 					}
-
-				/* Some Unixen will update t, some
-				   won't.  For those who won't, give
-				   up here, otherwise, we will do
+				else
+					r = -1;
+				
+				/* Some Unixen will update t in select(), some
+				   won't.  For those who won't, or if we
+				   didn't use select() in the first place,
+				   give up here, otherwise, we will do
 				   this once again for the remaining
 				   time. */
-				if (t.tv_usec == 10*1000)
-					t.tv_usec=0;
+				if (usec == 10*1000)
+					usec = 0;
 				}
-			while ((r > 0 || (errno == EINTR || errno == EAGAIN))
-				&& t.tv_usec != 0 && n < ENTROPY_NEEDED);
+			while ((r > 0 ||
+			       (errno == EINTR || errno == EAGAIN)) && usec != 0 && n < ENTROPY_NEEDED);
 
 			close(fd);
 			}
 		}
-#endif
+#endif /* defined(DEVRANDOM) */
 
 #ifdef DEVRANDOM_EGD
 	/* Use an EGD socket to read entropy from an EGD or PRNGD entropy
@@ -245,7 +345,7 @@ int RAND_poll(void)
 		if (r > 0)
 			n += r;
 		}
-#endif
+#endif /* defined(DEVRANDOM_EGD) */
 
 #if defined(DEVRANDOM) || defined(DEVRANDOM_EGD)
 	if (n > 0)
@@ -264,6 +364,14 @@ int RAND_poll(void)
 	l=time(NULL);
 	RAND_add(&l,sizeof(l),0.0);
 
+#if defined(OPENSSL_SYS_BEOS)
+	{
+	system_info sysInfo;
+	get_system_info(&sysInfo);
+	RAND_add(&sysInfo,sizeof(sysInfo),0);
+	}
+#endif
+
 #if defined(DEVRANDOM) || defined(DEVRANDOM_EGD)
 	return 1;
 #else
@@ -271,12 +379,13 @@ int RAND_poll(void)
 #endif
 }
 
-#endif
-#endif
+#endif /* defined(__OpenBSD__) */
+#endif /* !(defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE)) */
+
 
 #if defined(OPENSSL_SYS_VXWORKS)
 int RAND_poll(void)
-{
-    return 0;
-}
+	{
+	return 0;
+	}
 #endif
diff --git a/crypto/rand/rand_win.c b/crypto/rand/rand_win.c
index aaea92c8fd..9bad067f43 100644
--- a/crypto/rand/rand_win.c
+++ b/crypto/rand/rand_win.c
@@ -121,6 +121,10 @@
 #include <wincrypt.h>
 #include <tlhelp32.h>
 
+/* Limit the time spent walking through the heap, processes, threads and modules to
+   a maximum of 1000 miliseconds each, unless CryptoGenRandom failed */
+#define MAXDELAY 1000
+
 /* Intel hardware RNG CSP -- available from
  * http://developer.intel.com/design/security/rng/redist_license.htm
  */
@@ -152,6 +156,7 @@ typedef struct tagCURSORINFO
 #define CURSOR_SHOWING     0x00000001
 #endif /* CURSOR_SHOWING */
 
+#if !defined(OPENSSL_SYS_WINCE)
 typedef BOOL (WINAPI *CRYPTACQUIRECONTEXTW)(HCRYPTPROV *, LPCWSTR, LPCWSTR,
 				    DWORD, DWORD);
 typedef BOOL (WINAPI *CRYPTGENRANDOM)(HCRYPTPROV, DWORD, BYTE *);
@@ -163,7 +168,7 @@ typedef DWORD (WINAPI *GETQUEUESTATUS)(UINT);
 
 typedef HANDLE (WINAPI *CREATETOOLHELP32SNAPSHOT)(DWORD, DWORD);
 typedef BOOL (WINAPI *CLOSETOOLHELP32SNAPSHOT)(HANDLE);
-typedef BOOL (WINAPI *HEAP32FIRST)(LPHEAPENTRY32, DWORD, DWORD);
+typedef BOOL (WINAPI *HEAP32FIRST)(LPHEAPENTRY32, DWORD, size_t);
 typedef BOOL (WINAPI *HEAP32NEXT)(LPHEAPENTRY32);
 typedef BOOL (WINAPI *HEAP32LIST)(HANDLE, LPHEAPLIST32);
 typedef BOOL (WINAPI *PROCESS32)(HANDLE, LPPROCESSENTRY32);
@@ -171,9 +176,7 @@ typedef BOOL (WINAPI *THREAD32)(HANDLE, LPTHREADENTRY32);
 typedef BOOL (WINAPI *MODULE32)(HANDLE, LPMODULEENTRY32);
 
 #include <lmcons.h>
-#ifndef OPENSSL_SYS_WINCE
 #include <lmstats.h>
-#endif
 #if 1 /* The NET API is Unicode only.  It requires the use of the UNICODE
        * macro.  When UNICODE is defined LPTSTR becomes LPWSTR.  LMSTR was
        * was added to the Platform SDK to allow the NET API to be used in
@@ -184,26 +187,14 @@ typedef NET_API_STATUS (NET_API_FUNCTION * NETSTATGET)
         (LPWSTR, LPWSTR, DWORD, DWORD, LPBYTE*);
 typedef NET_API_STATUS (NET_API_FUNCTION * NETFREE)(LPBYTE);
 #endif /* 1 */
+#endif /* !OPENSSL_SYS_WINCE */
 
 int RAND_poll(void)
 {
 	MEMORYSTATUS m;
 	HCRYPTPROV hProvider = 0;
-	BYTE buf[64];
 	DWORD w;
-	HWND h;
-
-	HMODULE advapi, kernel, user, netapi;
-	CRYPTACQUIRECONTEXTW acquire = 0;
-	CRYPTGENRANDOM gen = 0;
-	CRYPTRELEASECONTEXT release = 0;
-#if 1 /* There was previously a problem with NETSTATGET.  Currently, this
-       * section is still experimental, but if all goes well, this conditional
-       * will be removed
-       */
-	NETSTATGET netstatget = 0;
-	NETFREE netfree = 0;
-#endif /* 1 */
+	int good = 0;
 
 	/* Determine the OS version we are on so we can turn off things 
 	 * that do not work properly.
@@ -212,21 +203,24 @@ int RAND_poll(void)
         osverinfo.dwOSVersionInfoSize = sizeof(OSVERSIONINFO) ;
         GetVersionEx( &osverinfo ) ;
 
-#if defined(OPENSSL_SYS_WINCE) && WCEPLATFORM!=MS_HPC_PRO
-#ifndef CryptAcquireContext
-#define CryptAcquireContext CryptAcquireContextW
-#endif
+#if defined(OPENSSL_SYS_WINCE)
+# if defined(_WIN32_WCE) && _WIN32_WCE>=300
+/* Even though MSDN says _WIN32_WCE>=210, it doesn't seem to be available
+ * in commonly available implementations prior 300... */
+	{
+	BYTE buf[64];
 	/* poll the CryptoAPI PRNG */
 	/* The CryptoAPI returns sizeof(buf) bytes of randomness */
-	if (CryptAcquireContext(&hProvider, 0, 0, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT))
+	if (CryptAcquireContextW(&hProvider, NULL, NULL, PROV_RSA_FULL,
+				CRYPT_VERIFYCONTEXT))
 		{
 		if (CryptGenRandom(hProvider, sizeof(buf), buf))
 			RAND_add(buf, sizeof(buf), sizeof(buf));
 		CryptReleaseContext(hProvider, 0); 
 		}
-#endif
-
-#ifndef OPENSSL_SYS_WINCE
+	}
+# endif
+#else	/* OPENSSL_SYS_WINCE */
 	/*
 	 * None of below libraries are present on Windows CE, which is
 	 * why we #ifndef the whole section. This also excuses us from
@@ -240,17 +234,19 @@ int RAND_poll(void)
 	 * implement own shim routine, which would accept ANSI argument
 	 * and expand it to Unicode.
 	 */
-
+	{
 	/* load functions dynamically - not available on all systems */
-	advapi = LoadLibrary(TEXT("ADVAPI32.DLL"));
-	kernel = LoadLibrary(TEXT("KERNEL32.DLL"));
-	user = LoadLibrary(TEXT("USER32.DLL"));
-	netapi = LoadLibrary(TEXT("NETAPI32.DLL"));
-
-#if 1 /* There was previously a problem with NETSTATGET.  Currently, this
-       * section is still experimental, but if all goes well, this conditional
-       * will be removed
-       */
+	HMODULE advapi = LoadLibrary(TEXT("ADVAPI32.DLL"));
+	HMODULE kernel = LoadLibrary(TEXT("KERNEL32.DLL"));
+	HMODULE user = NULL;
+	HMODULE netapi = LoadLibrary(TEXT("NETAPI32.DLL"));
+	CRYPTACQUIRECONTEXTW acquire = NULL;
+	CRYPTGENRANDOM gen = NULL;
+	CRYPTRELEASECONTEXT release = NULL;
+	NETSTATGET netstatget = NULL;
+	NETFREE netfree = NULL;
+	BYTE buf[64];
+
 	if (netapi)
 		{
 		netstatget = (NETSTATGET) GetProcAddress(netapi,"NetStatisticsGet");
@@ -280,7 +276,6 @@ int RAND_poll(void)
 
 	if (netapi)
 		FreeLibrary(netapi);
-#endif /* 1 */
 
         /* It appears like this can cause an exception deep within ADVAPI32.DLL
          * at random times on Windows 2000.  Reported by Jeffrey Altman.  
@@ -356,12 +351,13 @@ int RAND_poll(void)
 		{
 		/* poll the CryptoAPI PRNG */
                 /* The CryptoAPI returns sizeof(buf) bytes of randomness */
-		if (acquire(&hProvider, 0, 0, PROV_RSA_FULL,
+		if (acquire(&hProvider, NULL, NULL, PROV_RSA_FULL,
 			CRYPT_VERIFYCONTEXT))
 			{
 			if (gen(hProvider, sizeof(buf), buf) != 0)
 				{
 				RAND_add(buf, sizeof(buf), 0);
+				good = 1;
 #if 0
 				printf("randomness from PROV_RSA_FULL\n");
 #endif
@@ -375,6 +371,7 @@ int RAND_poll(void)
 			if (gen(hProvider, sizeof(buf), buf) != 0)
 				{
 				RAND_add(buf, sizeof(buf), sizeof(buf));
+				good = 1;
 #if 0
 				printf("randomness from PROV_INTEL_SEC\n");
 #endif
@@ -386,7 +383,9 @@ int RAND_poll(void)
         if (advapi)
 		FreeLibrary(advapi);
 
-	if (user)
+	if ((osverinfo.dwPlatformId != VER_PLATFORM_WIN32_NT ||
+	     !OPENSSL_isservice()) &&
+	    (user = LoadLibrary(TEXT("USER32.DLL"))))
 		{
 		GETCURSORINFO cursor;
 		GETFOREGROUNDWINDOW win;
@@ -399,7 +398,7 @@ int RAND_poll(void)
 		if (win)
 			{
 			/* window handle */
-			h = win();
+			HWND h = win();
 			RAND_add(&h, sizeof(h), 0);
 			}
 		if (cursor)
@@ -464,6 +463,7 @@ int RAND_poll(void)
 		PROCESSENTRY32 p;
 		THREADENTRY32 t;
 		MODULEENTRY32 m;
+		DWORD starttime = 0;
 
 		snap = (CREATETOOLHELP32SNAPSHOT)
 			GetProcAddress(kernel, "CreateToolhelp32Snapshot");
@@ -494,8 +494,55 @@ int RAND_poll(void)
                          * each entry.  Consider each field a source of 1 byte
                          * of entropy.
                          */
+			ZeroMemory(&hlist, sizeof(HEAPLIST32));
 			hlist.dwSize = sizeof(HEAPLIST32);		
+			if (good) starttime = GetTickCount();
+#ifdef _MSC_VER
+			if (heaplist_first(handle, &hlist))
+				{
+				/*
+				   following discussion on dev ML, exception on WinCE (or other Win
+				   platform) is theoretically of unknown origin; prevent infinite
+				   loop here when this theoretical case occurs; otherwise cope with
+				   the expected (MSDN documented) exception-throwing behaviour of
+				   Heap32Next() on WinCE.
+
+				   based on patch in original message by Tanguy Fautré (2009/03/02)
+			           Subject: RAND_poll() and CreateToolhelp32Snapshot() stability
+			     */
+				int ex_cnt_limit = 42; 
+				do
+					{
+					RAND_add(&hlist, hlist.dwSize, 3);
+					__try
+						{
+						ZeroMemory(&hentry, sizeof(HEAPENTRY32));
+					hentry.dwSize = sizeof(HEAPENTRY32);
+					if (heap_first(&hentry,
+						hlist.th32ProcessID,
+						hlist.th32HeapID))
+						{
+						int entrycnt = 80;
+						do
+							RAND_add(&hentry,
+								hentry.dwSize, 5);
+						while (heap_next(&hentry)
+							&& --entrycnt > 0);
+						}
+						}
+					__except (EXCEPTION_EXECUTE_HANDLER)
+						{
+							/* ignore access violations when walking the heap list */
+							ex_cnt_limit--;
+						}
+					} while (heaplist_next(handle, &hlist) 
+						&& (!good || (GetTickCount()-starttime)<MAXDELAY)
+						&& ex_cnt_limit > 0);
+				}
+
+#else
 			if (heaplist_first(handle, &hlist))
+				{
 				do
 					{
 					RAND_add(&hlist, hlist.dwSize, 3);
@@ -511,19 +558,23 @@ int RAND_poll(void)
 						while (heap_next(&hentry)
 							&& --entrycnt > 0);
 						}
-					} while (heaplist_next(handle,
-						&hlist));
-			
+					} while (heaplist_next(handle, &hlist) 
+						&& (!good || (GetTickCount()-starttime)<MAXDELAY));
+				}
+#endif
+
 			/* process walking */
                         /* PROCESSENTRY32 contains 9 fields that will change
                          * with each entry.  Consider each field a source of
                          * 1 byte of entropy.
                          */
 			p.dwSize = sizeof(PROCESSENTRY32);
+		
+			if (good) starttime = GetTickCount();
 			if (process_first(handle, &p))
 				do
 					RAND_add(&p, p.dwSize, 9);
-				while (process_next(handle, &p));
+				while (process_next(handle, &p) && (!good || (GetTickCount()-starttime)<MAXDELAY));
 
 			/* thread walking */
                         /* THREADENTRY32 contains 6 fields that will change
@@ -531,10 +582,11 @@ int RAND_poll(void)
                          * 1 byte of entropy.
                          */
 			t.dwSize = sizeof(THREADENTRY32);
+			if (good) starttime = GetTickCount();
 			if (thread_first(handle, &t))
 				do
 					RAND_add(&t, t.dwSize, 6);
-				while (thread_next(handle, &t));
+				while (thread_next(handle, &t) && (!good || (GetTickCount()-starttime)<MAXDELAY));
 
 			/* module walking */
                         /* MODULEENTRY32 contains 9 fields that will change
@@ -542,18 +594,22 @@ int RAND_poll(void)
                          * 1 byte of entropy.
                          */
 			m.dwSize = sizeof(MODULEENTRY32);
+			if (good) starttime = GetTickCount();
 			if (module_first(handle, &m))
 				do
 					RAND_add(&m, m.dwSize, 9);
-				while (module_next(handle, &m));
+				while (module_next(handle, &m)
+					       	&& (!good || (GetTickCount()-starttime)<MAXDELAY));
 			if (close_snap)
 				close_snap(handle);
 			else
 				CloseHandle(handle);
+
 			}
 
 		FreeLibrary(kernel);
 		}
+	}
 #endif /* !OPENSSL_SYS_WINCE */
 
 	/* timer data */
@@ -680,7 +736,7 @@ static void readtimer(void)
 
 static void readscreen(void)
 {
-#ifndef OPENSSL_SYS_WINCE
+#if !defined(OPENSSL_SYS_WINCE) && !defined(OPENSSL_SYS_WIN32_CYGWIN)
   HDC		hScrDC;		/* screen DC */
   HDC		hMemDC;		/* memory DC */
   HBITMAP	hBitmap;	/* handle for our bitmap */
@@ -693,6 +749,9 @@ static void readscreen(void)
   int		y;		/* y-coordinate of screen lines to grab */
   int		n = 16;		/* number of screen lines to grab at a time */
 
+  if (GetVersion() >= 0x80000000 || !OPENSSL_isservice())
+    return;
+
   /* Create a screen DC and a memory DC compatible to screen DC */
   hScrDC = CreateDC(TEXT("DISPLAY"), NULL, NULL, NULL);
   hMemDC = CreateCompatibleDC(hScrDC);
diff --git a/crypto/rand/randfile.c b/crypto/rand/randfile.c
index dda020fb10..4ed40b7b70 100644
--- a/crypto/rand/randfile.c
+++ b/crypto/rand/randfile.c
@@ -57,7 +57,7 @@
  */
 
 /* We need to define this to get macros like S_IFBLK and S_IFCHR */
-#define _XOPEN_SOURCE 1
+#define _XOPEN_SOURCE 500
 
 #include <errno.h>
 #include <stdio.h>
@@ -75,16 +75,29 @@
 #ifndef NO_SYS_TYPES_H
 # include <sys/types.h>
 #endif
-#ifdef MAC_OS_pre_X
-# include <stat.h>
-#else
+#ifndef OPENSSL_NO_POSIX_IO
 # include <sys/stat.h>
 #endif
 
+#ifdef _WIN32
+#define stat	_stat
+#define chmod	_chmod
+#define open	_open
+#define fdopen	_fdopen
+#endif
+
 #undef BUFSIZE
 #define BUFSIZE	1024
 #define RAND_DATA 1024
 
+#ifdef OPENSSL_SYS_VMS
+/* This declaration is a nasty hack to get around vms' extension to fopen
+ * for passing in sharing options being disabled by our /STANDARD=ANSI89 */
+static FILE *(*const vms_fopen)(const char *, const char *, ...) =
+    (FILE *(*)(const char *, const char *, ...))fopen;
+#define VMS_OPEN_ATTRS "shr=get,put,upd,del","ctx=bin,stm","rfm=stm","rat=none","mrs=0"
+#endif
+
 /* #define RFILE ".rnd" - defined in ../../e_os.h */
 
 /* Note that these functions are intended for seed files only.
@@ -96,21 +109,35 @@ int RAND_load_file(const char *file, long bytes)
 	 * if bytes == -1, read complete file. */
 
 	MS_STATIC unsigned char buf[BUFSIZE];
+#ifndef OPENSSL_NO_POSIX_IO
 	struct stat sb;
+#endif
 	int i,ret=0,n;
 	FILE *in;
 
 	if (file == NULL) return(0);
 
-	i=stat(file,&sb);
-	/* If the state fails, put some crap in anyway */
+#ifndef OPENSSL_NO_POSIX_IO
+#ifdef PURIFY
+	/* struct stat can have padding and unused fields that may not be
+	 * initialized in the call to stat(). We need to clear the entire
+	 * structure before calling RAND_add() to avoid complaints from
+	 * applications such as Valgrind.
+	 */
+	memset(&sb, 0, sizeof(sb));
+#endif
+	if (stat(file,&sb) < 0) return(0);
 	RAND_add(&sb,sizeof(sb),0.0);
-	if (i < 0) return(0);
+#endif
 	if (bytes == 0) return(ret);
 
+#ifdef OPENSSL_SYS_VMS
+	in=vms_fopen(file,"rb",VMS_OPEN_ATTRS);
+#else
 	in=fopen(file,"rb");
+#endif
 	if (in == NULL) goto err;
-#if defined(S_IFBLK) && defined(S_IFCHR)
+#if defined(S_IFBLK) && defined(S_IFCHR) && !defined(OPNESSL_NO_POSIX_IO)
 	if (sb.st_mode & (S_IFBLK | S_IFCHR)) {
 	  /* this file is a device. we don't want read an infinite number
 	   * of bytes from a random device, nor do we want to use buffered
@@ -128,8 +155,12 @@ int RAND_load_file(const char *file, long bytes)
 			n = BUFSIZE;
 		i=fread(buf,1,n,in);
 		if (i <= 0) break;
+#ifdef PURIFY
+		RAND_add(buf,i,(double)i);
+#else
 		/* even if n != i, use the full array */
 		RAND_add(buf,n,(double)i);
+#endif
 		ret+=i;
 		if (bytes > 0)
 			{
@@ -149,12 +180,13 @@ int RAND_write_file(const char *file)
 	int i,ret=0,rand_err=0;
 	FILE *out = NULL;
 	int n;
+#ifndef OPENSSL_NO_POSIX_IO
 	struct stat sb;
 	
 	i=stat(file,&sb);
 	if (i != -1) { 
-#if defined(S_IFBLK) && defined(S_IFCHR)
-	  if (sb.st_mode & (S_IFBLK | S_IFCHR)) {
+#if defined(S_ISBLK) && defined(S_ISCHR)
+	  if (S_ISBLK(sb.st_mode) || S_ISCHR(sb.st_mode)) {
 	    /* this file is a device. we don't write back to it. 
 	     * we "succeed" on the assumption this is some sort 
 	     * of random device. Otherwise attempting to write to 
@@ -164,20 +196,48 @@ int RAND_write_file(const char *file)
 	  }
 #endif
 	}
+#endif
 
-#if defined(O_CREAT) && !defined(OPENSSL_SYS_WIN32)
+#if defined(O_CREAT) && !defined(OPENSSL_NO_POSIX_IO) && !defined(OPENSSL_SYS_VMS)
 	{
-	/* For some reason Win32 can't write to files created this way */
-	
+#ifndef O_BINARY
+#define O_BINARY 0
+#endif
 	/* chmod(..., 0600) is too late to protect the file,
 	 * permissions should be restrictive from the start */
-	int fd = open(file, O_CREAT, 0600);
+	int fd = open(file, O_WRONLY|O_CREAT|O_BINARY, 0600);
 	if (fd != -1)
 		out = fdopen(fd, "wb");
 	}
 #endif
+
+#ifdef OPENSSL_SYS_VMS
+	/* VMS NOTE: Prior versions of this routine created a _new_
+	 * version of the rand file for each call into this routine, then
+	 * deleted all existing versions named ;-1, and finally renamed
+	 * the current version as ';1'. Under concurrent usage, this
+	 * resulted in an RMS race condition in rename() which could
+	 * orphan files (see vms message help for RMS$_REENT). With the
+	 * fopen() calls below, openssl/VMS now shares the top-level
+	 * version of the rand file. Note that there may still be
+	 * conditions where the top-level rand file is locked. If so, this
+	 * code will then create a new version of the rand file. Without
+	 * the delete and rename code, this can result in ascending file
+	 * versions that stop at version 32767, and this routine will then
+	 * return an error. The remedy for this is to recode the calling
+	 * application to avoid concurrent use of the rand file, or
+	 * synchronize usage at the application level. Also consider
+	 * whether or not you NEED a persistent rand file in a concurrent
+	 * use situation. 
+	 */
+
+	out = vms_fopen(file,"rb+",VMS_OPEN_ATTRS);
+	if (out == NULL)
+		out = vms_fopen(file,"wb",VMS_OPEN_ATTRS);
+#else
 	if (out == NULL)
 		out = fopen(file,"wb");
+#endif
 	if (out == NULL) goto err;
 
 #ifndef NO_CHMOD
@@ -199,25 +259,6 @@ int RAND_write_file(const char *file)
 		ret+=i;
 		if (n <= 0) break;
                 }
-#ifdef OPENSSL_SYS_VMS
-	/* Try to delete older versions of the file, until there aren't
-	   any */
-	{
-	char *tmpf;
-
-	tmpf = OPENSSL_malloc(strlen(file) + 4);  /* to add ";-1" and a nul */
-	if (tmpf)
-		{
-		strcpy(tmpf, file);
-		strcat(tmpf, ";-1");
-		while(delete(tmpf) == 0)
-			;
-		rename(file,";1"); /* Make sure it's version 1, or we
-				      will reach the limit (32767) at
-				      some point... */
-		}
-	}
-#endif /* OPENSSL_SYS_VMS */
 
 	fclose(out);
 	OPENSSL_cleanse(buf,BUFSIZE);
diff --git a/crypto/rand/randtest.c b/crypto/rand/randtest.c
index ef057c2c31..9e92a70b03 100644
--- a/crypto/rand/randtest.c
+++ b/crypto/rand/randtest.c
@@ -65,7 +65,7 @@
 /* some FIPS 140-1 random number test */
 /* some simple tests */
 
-int main()
+int main(int argc,char **argv)
 	{
 	unsigned char buf[2500];
 	int i,j,k,s,sign,nsign,err=0;
diff --git a/crypto/rc2/.cvsignore b/crypto/rc2/.cvsignore
index c6d03a9dbc..439e6d3eb6 100644
--- a/crypto/rc2/.cvsignore
+++ b/crypto/rc2/.cvsignore
@@ -1,2 +1,4 @@
 lib
 Makefile.save
+*.flc
+semantic.cache
diff --git a/crypto/rc2/Makefile.ssl b/crypto/rc2/Makefile.ssl
deleted file mode 100644
index 2a036d3037..0000000000
--- a/crypto/rc2/Makefile.ssl
+++ /dev/null
@@ -1,91 +0,0 @@
-#
-# SSLeay/crypto/rc2/Makefile
-#
-
-DIR=	rc2
-TOP=	../..
-CC=	cc
-INCLUDES=
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=rc2test.c
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=rc2_ecb.c rc2_skey.c rc2_cbc.c rc2cfb64.c rc2ofb64.c
-LIBOBJ=rc2_ecb.o rc2_skey.o rc2_cbc.o rc2cfb64.o rc2ofb64.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= rc2.h
-HEADER=	rc2_locl.h $(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@sh $(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-rc2_cbc.o: ../../include/openssl/opensslconf.h ../../include/openssl/rc2.h
-rc2_cbc.o: rc2_cbc.c rc2_locl.h
-rc2_ecb.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-rc2_ecb.o: ../../include/openssl/rc2.h rc2_ecb.c rc2_locl.h
-rc2_skey.o: ../../include/openssl/opensslconf.h ../../include/openssl/rc2.h
-rc2_skey.o: rc2_locl.h rc2_skey.c
-rc2cfb64.o: ../../include/openssl/opensslconf.h ../../include/openssl/rc2.h
-rc2cfb64.o: rc2_locl.h rc2cfb64.c
-rc2ofb64.o: ../../include/openssl/opensslconf.h ../../include/openssl/rc2.h
-rc2ofb64.o: rc2_locl.h rc2ofb64.c
diff --git a/crypto/rc2/rc2_ecb.c b/crypto/rc2/rc2_ecb.c
index d3e8c2718a..fff86c7af8 100644
--- a/crypto/rc2/rc2_ecb.c
+++ b/crypto/rc2/rc2_ecb.c
@@ -60,7 +60,7 @@
 #include "rc2_locl.h"
 #include <openssl/opensslv.h>
 
-const char *RC2_version="RC2" OPENSSL_VERSION_PTEXT;
+const char RC2_version[]="RC2" OPENSSL_VERSION_PTEXT;
 
 /* RC2 as implemented frm a posting from
  * Newsgroups: sci.crypt
diff --git a/crypto/rc2/rc2_skey.c b/crypto/rc2/rc2_skey.c
index cab3080c73..0150b0e035 100644
--- a/crypto/rc2/rc2_skey.c
+++ b/crypto/rc2/rc2_skey.c
@@ -59,7 +59,7 @@
 #include <openssl/rc2.h>
 #include "rc2_locl.h"
 
-static unsigned char key_table[256]={
+static const unsigned char key_table[256]={
 	0xd9,0x78,0xf9,0xc4,0x19,0xdd,0xb5,0xed,0x28,0xe9,0xfd,0x79,
 	0x4a,0xa0,0xd8,0x9d,0xc6,0x7e,0x37,0x83,0x2b,0x76,0x53,0x8e,
 	0x62,0x4c,0x64,0x88,0x44,0x8b,0xfb,0xa2,0x17,0x9a,0x59,0xf5,
@@ -84,6 +84,10 @@ static unsigned char key_table[256]={
 	0xfe,0x7f,0xc1,0xad,
 	};
 
+#if defined(_MSC_VER) && defined(_ARM_)
+#pragma optimize("g",off)
+#endif
+
 /* It has come to my attention that there are 2 versions of the RC2
  * key schedule.  One which is normal, and anther which has a hook to
  * use a reduced key length.
@@ -136,3 +140,6 @@ void RC2_set_key(RC2_KEY *key, int len, const unsigned char *data, int bits)
 		*(ki--)=((k[i]<<8)|k[i-1])&0xffff;
 	}
 
+#if defined(_MSC_VER)
+#pragma optimize("",on)
+#endif
diff --git a/crypto/rc2/rc2speed.c b/crypto/rc2/rc2speed.c
index b16e6e2ed1..85cf6f65bf 100644
--- a/crypto/rc2/rc2speed.c
+++ b/crypto/rc2/rc2speed.c
@@ -105,10 +105,10 @@ OPENSSL_DECLARE_EXIT
 #ifndef HZ
 #ifndef CLK_TCK
 #define HZ	100.0
-#endif
-#else /* CLK_TCK */
+#else	/* CLK_TCK */
 #define HZ ((double)CLK_TCK)
-#endif
+#endif	/* CLK_TCK */
+#endif	/* HZ */
 
 #define BUFSIZE	((long)1024)
 long run=0;
diff --git a/crypto/rc4/.cvsignore b/crypto/rc4/.cvsignore
index c6d03a9dbc..55e2f07396 100644
--- a/crypto/rc4/.cvsignore
+++ b/crypto/rc4/.cvsignore
@@ -1,2 +1,5 @@
 lib
 Makefile.save
+*.flc
+semantic.cache
+rc4-*.s
diff --git a/crypto/rc4/Makefile.ssl b/crypto/rc4/Makefile.ssl
deleted file mode 100644
index 7e98de885a..0000000000
--- a/crypto/rc4/Makefile.ssl
+++ /dev/null
@@ -1,117 +0,0 @@
-#
-# SSLeay/crypto/rc4/Makefile
-#
-
-DIR=	rc4
-TOP=	../..
-CC=	cc
-CPP=    $(CC) -E
-INCLUDES=
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-RC4_ENC=rc4_enc.o
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-ASFLAGS= $(INCLUDES) $(ASFLAG)
-AFLAGS= $(ASFLAGS)
-
-GENERAL=Makefile
-TEST=rc4test.c
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=rc4_skey.c rc4_enc.c
-LIBOBJ=rc4_skey.o $(RC4_ENC)
-
-SRC= $(LIBSRC)
-
-EXHEADER= rc4.h
-HEADER=	$(EXHEADER) rc4_locl.h
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-# ELF
-rx86-elf.s: asm/rc4-586.pl ../perlasm/x86asm.pl
-	(cd asm; $(PERL) rc4-586.pl elf $(CFLAGS) > ../$@)
-# COFF
-rx86-cof.s: asm/rc4-586.pl ../perlasm/x86asm.pl
-	(cd asm; $(PERL) rc4-586.pl coff $(CFLAGS) > ../$@)
-# a.out
-rx86-out.s: asm/rc4-586.pl ../perlasm/x86asm.pl
-	(cd asm; $(PERL) rc4-586.pl a.out $(CFLAGS) > ../$@)
-
-rc4-amd64.s: asm/rc4-amd64.pl;	$(PERL) $< $@
-
-rc4-ia64.s: asm/rc4-ia64.S
-	$(CC) $(CFLAGS) -E asm/rc4-ia64.S > $@
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@sh $(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-rc4_enc.o: ../../e_os.h ../../include/openssl/bio.h
-rc4_enc.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-rc4_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-rc4_enc.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-rc4_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-rc4_enc.o: ../../include/openssl/rc4.h ../../include/openssl/safestack.h
-rc4_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-rc4_enc.o: ../cryptlib.h rc4_enc.c rc4_locl.h
-rc4_skey.o: ../../e_os.h ../../include/openssl/bio.h
-rc4_skey.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-rc4_skey.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-rc4_skey.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-rc4_skey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-rc4_skey.o: ../../include/openssl/rc4.h ../../include/openssl/safestack.h
-rc4_skey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-rc4_skey.o: ../cryptlib.h rc4_locl.h rc4_skey.c
diff --git a/crypto/rc4/asm/.cvsignore b/crypto/rc4/asm/.cvsignore
index b261702507..ded381e2be 100644
--- a/crypto/rc4/asm/.cvsignore
+++ b/crypto/rc4/asm/.cvsignore
@@ -1,2 +1,4 @@
 rx86unix.cpp
 rx86-elf.s
+*.flc
+semantic.cache
diff --git a/crypto/rc4/asm/rc4-586.pl b/crypto/rc4/asm/rc4-586.pl
index d6e98f0811..38a44a70ef 100644
--- a/crypto/rc4/asm/rc4-586.pl
+++ b/crypto/rc4/asm/rc4-586.pl
@@ -1,14 +1,21 @@
-#!/usr/local/bin/perl
+#!/usr/bin/env perl
+
+# ====================================================================
+# [Re]written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
 
 # At some point it became apparent that the original SSLeay RC4
-# assembler implementation performs suboptimaly on latest IA-32
+# assembler implementation performs suboptimally on latest IA-32
 # microarchitectures. After re-tuning performance has changed as
 # following:
 #
-# Pentium	+0%
-# Pentium III	+17%
-# AMD		+52%(*)
-# P4		+180%(**)
+# Pentium	-10%
+# Pentium III	+12%
+# AMD		+50%(*)
+# P4		+250%(**)
 #
 # (*)	This number is actually a trade-off:-) It's possible to
 #	achieve	+72%, but at the cost of -48% off PIII performance.
@@ -17,213 +24,247 @@
 #	For reference! This code delivers ~80% of rc4-amd64.pl
 #	performance on the same Opteron machine.
 # (**)	This number requires compressed key schedule set up by
-#	RC4_set_key and therefore doesn't apply to 0.9.7 [option for
-#	compressed key schedule is implemented in 0.9.8 and later,
-#	see commentary section in rc4_skey.c for further details].
+#	RC4_set_key [see commentary below for further details].
 #
 #					<appro@fy.chalmers.se>
 
-push(@INC,"perlasm","../../perlasm");
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+push(@INC,"${dir}","${dir}../../perlasm");
 require "x86asm.pl";
 
 &asm_init($ARGV[0],"rc4-586.pl");
 
-$x="eax";
-$y="ebx";
+$xx="eax";
+$yy="ebx";
 $tx="ecx";
 $ty="edx";
-$in="esi";
-$out="edi";
-$d="ebp";
-
-&RC4("RC4");
-
-&asm_finish();
-
-sub RC4_loop
-	{
-	local($n,$p,$char)=@_;
-
-	&comment("Round $n");
-
-	if ($char)
-		{
-		if ($p >= 0)
-			{
-			 &mov($ty,	&swtmp(2));
-			&cmp($ty,	$in);
-			 &jbe(&label("finished"));
-			&inc($in);
-			}
-		else
-			{
-			&add($ty,	8);
-			 &inc($in);
-			&cmp($ty,	$in);
-			 &jb(&label("finished"));
-			&mov(&swtmp(2),	$ty);
-			}
-		}
-	# Moved out
-	# &mov(	$tx,		&DWP(0,$d,$x,4)) if $p < 0;
-
-	&add(	&LB($y),	&LB($tx));
-	&mov(	$ty,		&DWP(0,$d,$y,4));
-	 # XXX
-	&mov(	&DWP(0,$d,$x,4),$ty);
-	 &add(	$ty,		$tx);
-	&mov(	&DWP(0,$d,$y,4),$tx);
-	 &and(	$ty,		0xff);
-	 &inc(	&LB($x));			# NEXT ROUND
-	&mov(	$tx,		&DWP(0,$d,$x,4)) if $p < 1; # NEXT ROUND
-	 &mov(	$ty,		&DWP(0,$d,$ty,4));
-
-	if (!$char)
-		{
-		#moved up into last round
-		if ($p >= 1)
-			{
-			&add(	$out,	8)
-			}
-		&movb(	&BP($n,"esp","",0),	&LB($ty));
-		}
-	else
-		{
-		# Note in+=8 has occured
-		&movb(	&HB($ty),	&BP(-1,$in,"",0));
-		 # XXX
-		&xorb(&LB($ty),		&HB($ty));
-		 # XXX
-		&movb(&BP($n,$out,"",0),&LB($ty));
-		}
+$inp="esi";
+$out="ebp";
+$dat="edi";
+
+sub RC4_loop {
+  my $i=shift;
+  my $func = ($i==0)?*mov:*or;
+
+	&add	(&LB($yy),&LB($tx));
+	&mov	($ty,&DWP(0,$dat,$yy,4));
+	&mov	(&DWP(0,$dat,$yy,4),$tx);
+	&mov	(&DWP(0,$dat,$xx,4),$ty);
+	&add	($ty,$tx);
+	&inc	(&LB($xx));
+	&and	($ty,0xff);
+	&ror	($out,8)	if ($i!=0);
+	if ($i<3) {
+	  &mov	($tx,&DWP(0,$dat,$xx,4));
+	} else {
+	  &mov	($tx,&wparam(3));	# reload [re-biased] out
 	}
-
-
-sub RC4
-	{
-	local($name)=@_;
-
-	&function_begin_B($name,"");
-
-	&mov($ty,&wparam(1));		# len
-	&cmp($ty,0);
-	&jne(&label("proceed"));
-	&ret();
-	&set_label("proceed");
-
-	&comment("");
-
-	&push("ebp");
-	 &push("ebx");
-	&push("esi");
-	 &xor(	$x,	$x);		# avoid partial register stalls
-	&push("edi");
-	 &xor(	$y,	$y);		# avoid partial register stalls
-	&mov(	$d,	&wparam(0));	# key
-	 &mov(	$in,	&wparam(2));
-
-	&movb(	&LB($x),	&BP(0,$d,"",1));
-	 &movb(	&LB($y),	&BP(4,$d,"",1));
-
-	&mov(	$out,	&wparam(3));
-	 &inc(	&LB($x));
-
-	&stack_push(3);	# 3 temp variables
-	 &add(	$d,	8);
-
-	# detect compressed schedule, see commentary section in rc4_skey.c...
-	# in 0.9.7 context ~50 bytes below RC4_CHAR label remain redundant,
-	# as compressed key schedule is set up in 0.9.8 and later.
-	&cmp(&DWP(256,$d),-1);
-	&je(&label("RC4_CHAR"));
-
-	 &lea(	$ty,	&DWP(-8,$ty,$in));
-
-	# check for 0 length input
-
-	 &mov(	&swtmp(2),	$ty);	# this is now address to exit at
-	&mov(	$tx,	&DWP(0,$d,$x,4));
-
-	 &cmp(	$ty,	$in);
-	&jb(	&label("end")); # less than 8 bytes
-
-	&set_label("start");
-
-	# filling DELAY SLOT
-	&add(	$in,	8);
-
-	&RC4_loop(0,-1,0);
-	&RC4_loop(1,0,0);
-	&RC4_loop(2,0,0);
-	&RC4_loop(3,0,0);
-	&RC4_loop(4,0,0);
-	&RC4_loop(5,0,0);
-	&RC4_loop(6,0,0);
-	&RC4_loop(7,1,0);
-	
-	&comment("apply the cipher text");
-	# xor the cipher data with input
-
-	#&add(	$out,	8); #moved up into last round
-
-	&mov(	$tx,	&swtmp(0));
-	 &mov(	$ty,	&DWP(-8,$in,"",0));
-	&xor(	$tx,	$ty);
-	 &mov(	$ty,	&DWP(-4,$in,"",0)); 
-	&mov(	&DWP(-8,$out,"",0),	$tx);
-	 &mov(	$tx,	&swtmp(1));
-	&xor(	$tx,	$ty);
-	 &mov(	$ty,	&swtmp(2));	# load end ptr;
-	&mov(	&DWP(-4,$out,"",0),	$tx);
-	 &mov(	$tx,		&DWP(0,$d,$x,4));
-	&cmp($in,	$ty);
-	 &jbe(&label("start"));
-
-	&set_label("end");
-
-	# There is quite a bit of extra crap in RC4_loop() for this
-	# first round
-	&RC4_loop(0,-1,1);
-	&RC4_loop(1,0,1);
-	&RC4_loop(2,0,1);
-	&RC4_loop(3,0,1);
-	&RC4_loop(4,0,1);
-	&RC4_loop(5,0,1);
-	&RC4_loop(6,1,1);
-
-	&jmp(&label("finished"));
-
-	&align(16);
-	# this is essentially Intel P4 specific codepath, see rc4_skey.c,
-	# and is engaged in 0.9.8 and later context...
-	&set_label("RC4_CHAR");
-
-	&lea	($ty,&DWP(0,$in,$ty));
-	&mov	(&swtmp(2),$ty);
-
+	&$func	($out,&DWP(0,$dat,$ty,4));
+}
+
+# void RC4(RC4_KEY *key,size_t len,const unsigned char *inp,unsigned char *out);
+&function_begin("RC4");
+	&mov	($dat,&wparam(0));	# load key schedule pointer
+	&mov	($ty, &wparam(1));	# load len
+	&mov	($inp,&wparam(2));	# load inp
+	&mov	($out,&wparam(3));	# load out
+
+	&xor	($xx,$xx);		# avoid partial register stalls
+	&xor	($yy,$yy);
+
+	&cmp	($ty,0);		# safety net
+	&je	(&label("abort"));
+
+	&mov	(&LB($xx),&BP(0,$dat));	# load key->x
+	&mov	(&LB($yy),&BP(4,$dat));	# load key->y
+	&add	($dat,8);
+
+	&lea	($tx,&DWP(0,$inp,$ty));
+	&sub	($out,$inp);		# re-bias out
+	&mov	(&wparam(1),$tx);	# save input+len
+
+	&inc	(&LB($xx));
+
+	# detect compressed key schedule...
+	&cmp	(&DWP(256,$dat),-1);
+	&je	(&label("RC4_CHAR"));
+
+	&mov	($tx,&DWP(0,$dat,$xx,4));
+
+	&and	($ty,-4);		# how many 4-byte chunks?
+	&jz	(&label("loop1"));
+
+	&lea	($ty,&DWP(-4,$inp,$ty));
+	&mov	(&wparam(2),$ty);	# save input+(len/4)*4-4
+	&mov	(&wparam(3),$out);	# $out as accumulator in this loop
+
+	&set_label("loop4",16);
+		for ($i=0;$i<4;$i++) { RC4_loop($i); }
+		&ror	($out,8);
+		&xor	($out,&DWP(0,$inp));
+		&cmp	($inp,&wparam(2));	# compare to input+(len/4)*4-4
+		&mov	(&DWP(0,$tx,$inp),$out);# $tx holds re-biased out here
+		&lea	($inp,&DWP(4,$inp));
+		&mov	($tx,&DWP(0,$dat,$xx,4));
+	&jb	(&label("loop4"));
+
+	&cmp	($inp,&wparam(1));	# compare to input+len
+	&je	(&label("done"));
+	&mov	($out,&wparam(3));	# restore $out
+
+	&set_label("loop1",16);
+		&add	(&LB($yy),&LB($tx));
+		&mov	($ty,&DWP(0,$dat,$yy,4));
+		&mov	(&DWP(0,$dat,$yy,4),$tx);
+		&mov	(&DWP(0,$dat,$xx,4),$ty);
+		&add	($ty,$tx);
+		&inc	(&LB($xx));
+		&and	($ty,0xff);
+		&mov	($ty,&DWP(0,$dat,$ty,4));
+		&xor	(&LB($ty),&BP(0,$inp));
+		&lea	($inp,&DWP(1,$inp));
+		&mov	($tx,&DWP(0,$dat,$xx,4));
+		&cmp	($inp,&wparam(1));	# compare to input+len
+		&mov	(&BP(-1,$out,$inp),&LB($ty));
+	&jb	(&label("loop1"));
+
+	&jmp	(&label("done"));
+
+# this is essentially Intel P4 specific codepath...
+&set_label("RC4_CHAR",16);
+	&movz	($tx,&BP(0,$dat,$xx));
 	# strangely enough unrolled loop performs over 20% slower...
-	&set_label("RC4_CHAR_loop");
-		&movz	($tx,&BP(0,$d,$x));
-		&add	(&LB($y),&LB($tx));
-		&movz	($ty,&BP(0,$d,$y));
-		&movb	(&BP(0,$d,$y),&LB($tx));
-		&movb	(&BP(0,$d,$x),&LB($ty));
+	&set_label("cloop1");
+		&add	(&LB($yy),&LB($tx));
+		&movz	($ty,&BP(0,$dat,$yy));
+		&mov	(&BP(0,$dat,$yy),&LB($tx));
+		&mov	(&BP(0,$dat,$xx),&LB($ty));
 		&add	(&LB($ty),&LB($tx));
-		&movz	($ty,&BP(0,$d,$ty));
-		&xorb	(&LB($ty),&BP(0,$in));
-		&movb	(&BP(0,$out),&LB($ty));
-		&inc	(&LB($x));
-		&inc	($in);
-		&inc	($out);
-		&cmp	($in,&swtmp(2));
-	&jb	(&label("RC4_CHAR_loop"));
-
-	&set_label("finished");
-	&dec(	$x);
-	 &stack_pop(3);
-	&movb(	&BP(-4,$d,"",0),&LB($y));
-	 &movb(	&BP(-8,$d,"",0),&LB($x));
-
-	&function_end($name);
-	}
+		&movz	($ty,&BP(0,$dat,$ty));
+		&add	(&LB($xx),1);
+		&xor	(&LB($ty),&BP(0,$inp));
+		&lea	($inp,&DWP(1,$inp));
+		&movz	($tx,&BP(0,$dat,$xx));
+		&cmp	($inp,&wparam(1));
+		&mov	(&BP(-1,$out,$inp),&LB($ty));
+	&jb	(&label("cloop1"));
+
+&set_label("done");
+	&dec	(&LB($xx));
+	&mov	(&BP(-4,$dat),&LB($yy));	# save key->y
+	&mov	(&BP(-8,$dat),&LB($xx));	# save key->x
+&set_label("abort");
+&function_end("RC4");
+
+########################################################################
+
+$inp="esi";
+$out="edi";
+$idi="ebp";
+$ido="ecx";
+$idx="edx";
+
+&external_label("OPENSSL_ia32cap_P");
+
+# void RC4_set_key(RC4_KEY *key,int len,const unsigned char *data);
+&function_begin("RC4_set_key");
+	&mov	($out,&wparam(0));		# load key
+	&mov	($idi,&wparam(1));		# load len
+	&mov	($inp,&wparam(2));		# load data
+	&picmeup($idx,"OPENSSL_ia32cap_P");
+
+	&lea	($out,&DWP(2*4,$out));		# &key->data
+	&lea	($inp,&DWP(0,$inp,$idi));	# $inp to point at the end
+	&neg	($idi);
+	&xor	("eax","eax");
+	&mov	(&DWP(-4,$out),$idi);		# borrow key->y
+
+	&bt	(&DWP(0,$idx),20);		# check for bit#20
+	&jc	(&label("c1stloop"));
+
+&set_label("w1stloop",16);
+	&mov	(&DWP(0,$out,"eax",4),"eax");	# key->data[i]=i;
+	&add	(&LB("eax"),1);			# i++;
+	&jnc	(&label("w1stloop"));
+
+	&xor	($ido,$ido);
+	&xor	($idx,$idx);
+
+&set_label("w2ndloop",16);
+	&mov	("eax",&DWP(0,$out,$ido,4));
+	&add	(&LB($idx),&BP(0,$inp,$idi));
+	&add	(&LB($idx),&LB("eax"));
+	&add	($idi,1);
+	&mov	("ebx",&DWP(0,$out,$idx,4));
+	&jnz	(&label("wnowrap"));
+	  &mov	($idi,&DWP(-4,$out));
+	&set_label("wnowrap");
+	&mov	(&DWP(0,$out,$idx,4),"eax");
+	&mov	(&DWP(0,$out,$ido,4),"ebx");
+	&add	(&LB($ido),1);
+	&jnc	(&label("w2ndloop"));
+&jmp	(&label("exit"));
+
+# Unlike all other x86 [and x86_64] implementations, Intel P4 core
+# [including EM64T] was found to perform poorly with above "32-bit" key
+# schedule, a.k.a. RC4_INT. Performance improvement for IA-32 hand-coded
+# assembler turned out to be 3.5x if re-coded for compressed 8-bit one,
+# a.k.a. RC4_CHAR! It's however inappropriate to just switch to 8-bit
+# schedule for x86[_64], because non-P4 implementations suffer from
+# significant performance losses then, e.g. PIII exhibits >2x
+# deterioration, and so does Opteron. In order to assure optimal
+# all-round performance, we detect P4 at run-time and set up compressed
+# key schedule, which is recognized by RC4 procedure.
+
+&set_label("c1stloop",16);
+	&mov	(&BP(0,$out,"eax"),&LB("eax"));	# key->data[i]=i;
+	&add	(&LB("eax"),1);			# i++;
+	&jnc	(&label("c1stloop"));
+
+	&xor	($ido,$ido);
+	&xor	($idx,$idx);
+	&xor	("ebx","ebx");
+
+&set_label("c2ndloop",16);
+	&mov	(&LB("eax"),&BP(0,$out,$ido));
+	&add	(&LB($idx),&BP(0,$inp,$idi));
+	&add	(&LB($idx),&LB("eax"));
+	&add	($idi,1);
+	&mov	(&LB("ebx"),&BP(0,$out,$idx));
+	&jnz	(&label("cnowrap"));
+	  &mov	($idi,&DWP(-4,$out));
+	&set_label("cnowrap");
+	&mov	(&BP(0,$out,$idx),&LB("eax"));
+	&mov	(&BP(0,$out,$ido),&LB("ebx"));
+	&add	(&LB($ido),1);
+	&jnc	(&label("c2ndloop"));
+
+	&mov	(&DWP(256,$out),-1);		# mark schedule as compressed
+
+&set_label("exit");
+	&xor	("eax","eax");
+	&mov	(&DWP(-8,$out),"eax");		# key->x=0;
+	&mov	(&DWP(-4,$out),"eax");		# key->y=0;
+&function_end("RC4_set_key");
+
+# const char *RC4_options(void);
+&function_begin_B("RC4_options");
+	&call	(&label("pic_point"));
+&set_label("pic_point");
+	&blindpop("eax");
+	&lea	("eax",&DWP(&label("opts")."-".&label("pic_point"),"eax"));
+	&picmeup("edx","OPENSSL_ia32cap_P");
+	&bt	(&DWP(0,"edx"),20);
+	&jnc	(&label("skip"));
+	  &add	("eax",12);
+	&set_label("skip");
+	&ret	();
+&set_label("opts",64);
+&asciz	("rc4(4x,int)");
+&asciz	("rc4(1x,char)");
+&asciz	("RC4 for x86, CRYPTOGAMS by <appro\@openssl.org>");
+&align	(64);
+&function_end_B("RC4_options");
+
+&asm_finish();
 
diff --git a/crypto/rc4/asm/rc4-amd64.pl b/crypto/rc4/asm/rc4-amd64.pl
deleted file mode 100755
index 9e0da8af99..0000000000
--- a/crypto/rc4/asm/rc4-amd64.pl
+++ /dev/null
@@ -1,227 +0,0 @@
-#!/usr/bin/env perl
-#
-# ====================================================================
-# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
-# project. Rights for redistribution and usage in source and binary
-# forms are granted according to the OpenSSL license.
-# ====================================================================
-#
-# 2.22x RC4 tune-up:-) It should be noted though that my hand [as in
-# "hand-coded assembler"] doesn't stand for the whole improvement
-# coefficient. It turned out that eliminating RC4_CHAR from config
-# line results in ~40% improvement (yes, even for C implementation).
-# Presumably it has everything to do with AMD cache architecture and
-# RAW or whatever penalties. Once again! The module *requires* config
-# line *without* RC4_CHAR! As for coding "secret," I bet on partial
-# register arithmetics. For example instead of 'inc %r8; and $255,%r8'
-# I simply 'inc %r8b'. Even though optimization manual discourages
-# to operate on partial registers, it turned out to be the best bet.
-# At least for AMD... How IA32E would perform remains to be seen...
-
-# As was shown by Marc Bevand reordering of couple of load operations
-# results in even higher performance gain of 3.3x:-) At least on
-# Opteron... For reference, 1x in this case is RC4_CHAR C-code
-# compiled with gcc 3.3.2, which performs at ~54MBps per 1GHz clock.
-# Latter means that if you want to *estimate* what to expect from
-# *your* CPU, then multiply 54 by 3.3 and clock frequency in GHz.
-
-# Intel P4 EM64T core was found to run the AMD64 code really slow...
-# The only way to achieve comparable performance on P4 is to keep
-# RC4_CHAR. Kind of ironic, huh? As it's apparently impossible to
-# compose blended code, which would perform even within 30% marginal
-# on either AMD and Intel platforms, I implement both cases. See
-# rc4_skey.c for further details... This applies to 0.9.8 and later.
-# In 0.9.7 context RC4_CHAR codepath is never engaged and ~70 bytes
-# of code remain redundant.
-
-$output=shift;
-
-$win64a=1 if ($output =~ /win64a.[s|asm]/);
-
-open STDOUT,">$output" || die "can't open $output: $!";
-
-if (defined($win64a)) {
-    $dat="%rcx";	# arg1
-    $len="%rdx";	# arg2
-    $inp="%rsi";	# r8, arg3 moves here
-    $out="%rdi";	# r9, arg4 moves here
-} else {
-    $dat="%rdi";	# arg1
-    $len="%rsi";	# arg2
-    $inp="%rdx";	# arg3
-    $out="%rcx";	# arg4
-}
-
-$XX="%r10";
-$TX="%r8";
-$YY="%r11";
-$TY="%r9";
-
-sub PTR() {
-    my $ret=shift;
-    if (defined($win64a)) {
-	$ret =~ s/\[([\S]+)\+([\S]+)\]/[$2+$1]/g;   # [%rN+%rM*4]->[%rM*4+%rN]
-	$ret =~ s/:([^\[]+)\[([^\]]+)\]/:[$2+$1]/g; # :off[ea]->:[ea+off]
-    } else {
-	$ret =~ s/[\+\*]/,/g;		# [%rN+%rM*4]->[%rN,%rM,4]
-	$ret =~ s/\[([^\]]+)\]/($1)/g;	# [%rN]->(%rN)
-    }
-    $ret;
-}
-
-$code=<<___ if (!defined($win64a));
-.text
-
-.globl	RC4
-.type	RC4,\@function
-.align	16
-RC4:	or	$len,$len
-	jne	.Lentry
-	repret
-.Lentry:
-___
-$code=<<___ if (defined($win64a));
-_TEXT	SEGMENT
-PUBLIC	RC4
-ALIGN	16
-RC4	PROC
-	or	$len,$len
-	jne	.Lentry
-	repret
-.Lentry:
-	push	%rdi
-	push	%rsi
-	sub	\$40,%rsp
-	mov	%r8,$inp
-	mov	%r9,$out
-___
-$code.=<<___;
-	add	\$8,$dat
-	movl	`&PTR("DWORD:-8[$dat]")`,$XX#d
-	movl	`&PTR("DWORD:-4[$dat]")`,$YY#d
-	cmpl	\$-1,`&PTR("DWORD:256[$dat]")`
-	je	.LRC4_CHAR
-	test	\$-8,$len
-	jz	.Lloop1
-.align	16
-.Lloop8:
-	inc	$XX#b
-	movl	`&PTR("DWORD:[$dat+$XX*4]")`,$TX#d
-	add	$TX#b,$YY#b
-	movl	`&PTR("DWORD:[$dat+$YY*4]")`,$TY#d
-	movl	$TX#d,`&PTR("DWORD:[$dat+$YY*4]")`
-	movl	$TY#d,`&PTR("DWORD:[$dat+$XX*4]")`
-	add	$TX#b,$TY#b
-	inc	$XX#b
-	movl	`&PTR("DWORD:[$dat+$XX*4]")`,$TX#d
-	movb	`&PTR("BYTE:[$dat+$TY*4]")`,%al
-___
-for ($i=1;$i<=6;$i++) {
-$code.=<<___;
-	add	$TX#b,$YY#b
-	ror	\$8,%rax
-	movl	`&PTR("DWORD:[$dat+$YY*4]")`,$TY#d
-	movl	$TX#d,`&PTR("DWORD:[$dat+$YY*4]")`
-	movl	$TY#d,`&PTR("DWORD:[$dat+$XX*4]")`
-	add	$TX#b,$TY#b
-	inc	$XX#b
-	movl	`&PTR("DWORD:[$dat+$XX*4]")`,$TX#d
-	movb	`&PTR("BYTE:[$dat+$TY*4]")`,%al
-___
-}
-$code.=<<___;
-	add	$TX#b,$YY#b
-	ror	\$8,%rax
-	movl	`&PTR("DWORD:[$dat+$YY*4]")`,$TY#d
-	movl	$TX#d,`&PTR("DWORD:[$dat+$YY*4]")`
-	movl	$TY#d,`&PTR("DWORD:[$dat+$XX*4]")`
-	sub	\$8,$len
-	add	$TY#b,$TX#b
-	movb	`&PTR("BYTE:[$dat+$TX*4]")`,%al
-	ror	\$8,%rax
-	add	\$8,$inp
-	add	\$8,$out
-
-	xor	`&PTR("QWORD:-8[$inp]")`,%rax
-	mov	%rax,`&PTR("QWORD:-8[$out]")`
-
-	test	\$-8,$len
-	jnz	.Lloop8
-	cmp	\$0,$len
-	jne	.Lloop1
-.Lexit:
-	movl	$XX#d,`&PTR("DWORD:-8[$dat]")`
-	movl	$YY#d,`&PTR("DWORD:-4[$dat]")`
-___
-$code.=<<___ if (defined($win64a));
-	add	\$40,%rsp
-	pop	%rsi
-	pop	%rdi
-___
-$code.=<<___;
-	repret
-.align	16
-.Lloop1:
-	movzb	`&PTR("BYTE:[$inp]")`,%eax
-	inc	$XX#b
-	movl	`&PTR("DWORD:[$dat+$XX*4]")`,$TX#d
-	add	$TX#b,$YY#b
-	movl	`&PTR("DWORD:[$dat+$YY*4]")`,$TY#d
-	movl	$TX#d,`&PTR("DWORD:[$dat+$YY*4]")`
-	movl	$TY#d,`&PTR("DWORD:[$dat+$XX*4]")`
-	add	$TY#b,$TX#b
-	movl	`&PTR("DWORD:[$dat+$TX*4]")`,$TY#d
-	xor	$TY,%rax
-	inc	$inp
-	movb	%al,`&PTR("BYTE:[$out]")`
-	inc	$out
-	dec	$len
-	jnz	.Lloop1
-	jmp	.Lexit
-
-.align	16
-.LRC4_CHAR:
-	inc	$XX#b
-	movzb	`&PTR("BYTE:[$dat+$XX]")`,$TX#d
-	add	$TX#b,$YY#b
-	movzb	`&PTR("BYTE:[$dat+$YY]")`,$TY#d
-	movb	$TX#b,`&PTR("BYTE:[$dat+$YY]")`
-	movb	$TY#b,`&PTR("BYTE:[$dat+$XX]")`
-	add	$TX#b,$TY#b
-	movzb	`&PTR("BYTE:[$dat+$TY]")`,$TY#d
-	xorb	`&PTR("BYTE:[$inp]")`,$TY#b
-	movb	$TY#b,`&PTR("BYTE:[$out]")`
-	inc	$inp
-	inc	$out
-	dec	$len
-	jnz	.LRC4_CHAR
-	jmp	.Lexit
-___
-$code.=<<___ if (defined($win64a));
-RC4	ENDP
-_TEXT	ENDS
-END
-___
-$code.=<<___ if (!defined($win64a));
-.size	RC4,.-RC4
-___
-
-$code =~ s/#([bwd])/$1/gm;
-$code =~ s/\`([^\`]*)\`/eval $1/gem;
-
-if (defined($win64a)) {
-    $code =~ s/\.align/ALIGN/gm;
-    $code =~ s/[\$%]//gm;
-    $code =~ s/\.L/\$L/gm;
-    $code =~ s/([\w]+)([\s]+)([\S]+),([\S]+)/$1$2$4,$3/gm;
-    $code =~ s/([QD]*WORD|BYTE):/$1 PTR/gm;
-    $code =~ s/mov[bwlq]/mov/gm;
-    $code =~ s/movzb/movzx/gm;
-    $code =~ s/repret/DB\t0F3h,0C3h/gm;
-    $code =~ s/cmpl/cmp/gm;
-    $code =~ s/xorb/xor/gm;
-} else {
-    $code =~ s/([QD]*WORD|BYTE)://gm;
-    $code =~ s/repret/.byte\t0xF3,0xC3/gm;
-}
-print $code;
diff --git a/crypto/rc4/asm/rc4-ia64.S b/crypto/rc4/asm/rc4-ia64.S
deleted file mode 100644
index b517d2e88f..0000000000
--- a/crypto/rc4/asm/rc4-ia64.S
+++ /dev/null
@@ -1,157 +0,0 @@
-// ====================================================================
-// Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
-// project.
-//
-// Rights for redistribution and usage in source and binary forms are
-// granted according to the OpenSSL license. Warranty of any kind is
-// disclaimed.
-// ====================================================================
-
-.ident  "rc4-ia64.S, Version 1.1"
-.ident  "IA-64 ISA artwork by Andy Polyakov <appro@fy.chalmers.se>"
-
-// What's wrong with compiler generated code? Because of the nature of
-// C language, compiler doesn't [dare to] reorder load and stores. But
-// being memory-bound, RC4 should benefit from reorder [on in-order-
-// execution core such as IA-64]. But what can we reorder? At the very
-// least we can safely reorder references to key schedule in respect
-// to input and output streams. Secondly, from the first [close] glance
-// it appeared that it's possible to pull up some references to
-// elements of the key schedule itself. Original rationale ["prior
-// loads are not safe only for "degenerated" key schedule, when some
-// elements equal to the same value"] was kind of sloppy. I should have
-// formulated as it really was: if we assume that pulling up reference
-// to key[x+1] is not safe, then it would mean that key schedule would
-// "degenerate," which is never the case. The problem is that this
-// holds true in respect to references to key[x], but not to key[y].
-// Legitimate "collisions" do occur within every 256^2 bytes window.
-// Fortunately there're enough free instruction slots to keep prior
-// reference to key[x+1], detect "collision" and compensate for it.
-// All this without sacrificing a single clock cycle:-)
-// Furthermore. In order to compress loop body to the minimum, I chose
-// to deploy deposit instruction, which substitutes for the whole
-// key->data+((x&255)<<log2(sizeof(key->data[0]))). This unfortunately
-// requires key->data to be aligned at sizeof(key->data) boundary.
-// This is why you'll find "RC4_INT pad[512-256-2];" addenum to RC4_KEY
-// and "d=(RC4_INT *)(((size_t)(d+255))&~(sizeof(key->data)-1));" in
-// rc4_skey.c [and rc4_enc.c, where it's retained for debugging
-// purposes]. Throughput is ~210MBps on 900MHz CPU, which is is >3x
-// faster than gcc generated code and +30% - if compared to HP-UX C.
-// Unrolling loop below should give >30% on top of that...
-
-.text
-.explicit
-
-#if defined(_HPUX_SOURCE) && !defined(_LP64)
-# define ADDP	addp4
-#else
-# define ADDP	add
-#endif
-
-#define SZ	4	// this is set to sizeof(RC4_INT)
-// SZ==4 seems to be optimal. At least SZ==8 is not any faster, not for
-// assembler implementation, while SZ==1 code is ~30% slower.
-#if SZ==1	// RC4_INT is unsigned char
-# define	LDKEY	ld1
-# define	STKEY	st1
-# define	OFF	0
-#elif SZ==4	// RC4_INT is unsigned int
-# define	LDKEY	ld4
-# define	STKEY	st4
-# define	OFF	2
-#elif SZ==8	// RC4_INT is unsigned long
-# define	LDKEY	ld8
-# define	STKEY	st8
-# define	OFF	3
-#endif
-
-out=r8;		// [expanded] output pointer
-inp=r9;		// [expanded] output pointer
-prsave=r10;
-key=r28;	// [expanded] pointer to RC4_KEY
-ksch=r29;	// (key->data+255)[&~(sizeof(key->data)-1)]
-xx=r30;
-yy=r31;
-
-// void RC4(RC4_KEY *key,size_t len,const void *inp,void *out);
-.global	RC4#
-.proc	RC4#
-.align	32
-.skip	16
-RC4:
-	.prologue
-	.fframe 0
-	.save   ar.pfs,r2
-	.save	ar.lc,r3
-	.save	pr,prsave
-{ .mii;	alloc	r2=ar.pfs,4,12,0,16
-	mov	prsave=pr
-	ADDP	key=0,in0		};;
-{ .mib;	cmp.eq	p6,p0=0,in1			// len==0?
-	mov	r3=ar.lc
-(p6)	br.ret.spnt.many	b0	};;	// emergency exit
-
-	.body
-	.rotr	dat[4],key_x[4],tx[2],rnd[2],key_y[2],ty[1];
-
-{ .mib;	LDKEY	xx=[key],SZ			// load key->x
-	add	in1=-1,in1			// adjust len for loop counter
-	nop.b	0			}
-{ .mib;	ADDP	inp=0,in2
-	ADDP	out=0,in3
-	brp.loop.imp	.Ltop,.Lexit-16	};;
-{ .mmi;	LDKEY	yy=[key]			// load key->y
-	add	ksch=(255+1)*SZ,key		// as ksch will be used with
-						// deposit instruction only,
-						// I don't have to &~255...
-	mov	ar.lc=in1		}
-{ .mmi;	mov	key_y[1]=r0			// guarantee inequality
-						// in first iteration
-	add	xx=1,xx
-	mov	pr.rot=1<<16		};;
-{ .mii;	nop.m	0
-	dep	key_x[1]=xx,ksch,OFF,8
-	mov	ar.ec=3			};;	// note that epilogue counter
-						// is off by 1. I compensate
-						// for this at exit...
-.Ltop:
-// The loop is scheduled for 3*(n+2) spin-rate on Itanium 2, which
-// theoretically gives asymptotic performance of clock frequency
-// divided by 3 bytes per seconds, or 500MBps on 1.5GHz CPU. Measured
-// performance however is distinctly lower than 1/4:-( The culplrit
-// seems to be *(out++)=dat, which inadvertently splits the bundle,
-// even though there is M-port available... Unrolling is due...
-// Unrolled loop should collect output with variable shift instruction
-// in order to avoid starvation for integer shifter... It should be
-// possible to get pretty close to theoretical peak...
-{ .mmi;	(p16)	LDKEY	tx[0]=[key_x[1]]		// tx=key[xx]
-	(p17)	LDKEY	ty[0]=[key_y[1]]		// ty=key[yy]	
-	(p18)	dep	rnd[1]=rnd[1],ksch,OFF,8}	// &key[(tx+ty)&255]
-{ .mmi;	(p19)	st1	[out]=dat[3],1			// *(out++)=dat
-	(p16)	add	xx=1,xx				// x++
-	(p16)	cmp.ne.unc p20,p21=key_x[1],key_y[1]	};;
-{ .mmi;	(p18)	LDKEY	rnd[1]=[rnd[1]]			// rnd=key[(tx+ty)&255]
-	(p16)	ld1	dat[0]=[inp],1			// dat=*(inp++)
-	(p16)	dep	key_x[0]=xx,ksch,OFF,8	}	// &key[xx&255]
-.pred.rel	"mutex",p20,p21
-{ .mmi;	(p21)	add	yy=yy,tx[1]			// (p16)
-	(p20)	add	yy=yy,tx[0]			// (p16) y+=tx
-	(p21)	mov	tx[0]=tx[1]		};;	// (p16)
-{ .mmi;	(p17)	STKEY	[key_y[1]]=tx[1]		// key[yy]=tx
-	(p17)	STKEY	[key_x[2]]=ty[0]		// key[xx]=ty
-	(p16)	dep	key_y[0]=yy,ksch,OFF,8	}	// &key[yy&255]
-{ .mmb;	(p17)	add	rnd[0]=tx[1],ty[0]		// tx+=ty
-	(p18)	xor	dat[2]=dat[2],rnd[1]		// dat^=rnd
-	br.ctop.sptk	.Ltop			};;
-.Lexit:
-{ .mib;	STKEY	[key]=yy,-SZ			// save key->y
-	mov	pr=prsave,0x1ffff
-	nop.b	0			}
-{ .mib;	st1	[out]=dat[3],1			// compensate for truncated
-						// epilogue counter
-	add	xx=-1,xx
-	nop.b	0			};;
-{ .mib;	STKEY	[key]=xx			// save key->x
-	mov	ar.lc=r3
-	br.ret.sptk.many	b0	};;
-.endp	RC4#
diff --git a/crypto/rc4/asm/rc4-ia64.pl b/crypto/rc4/asm/rc4-ia64.pl
new file mode 100644
index 0000000000..49cd5b5e69
--- /dev/null
+++ b/crypto/rc4/asm/rc4-ia64.pl
@@ -0,0 +1,755 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by David Mosberger <David.Mosberger@acm.org> based on the
+# Itanium optimized Crypto code which was released by HP Labs at
+# http://www.hpl.hp.com/research/linux/crypto/.
+#
+# Copyright (c) 2005 Hewlett-Packard Development Company, L.P.
+#
+# Permission is hereby granted, free of charge, to any person obtaining
+# a copy of this software and associated documentation files (the
+# "Software"), to deal in the Software without restriction, including
+# without limitation the rights to use, copy, modify, merge, publish,
+# distribute, sublicense, and/or sell copies of the Software, and to
+# permit persons to whom the Software is furnished to do so, subject to
+# the following conditions:
+#
+# The above copyright notice and this permission notice shall be
+# included in all copies or substantial portions of the Software.
+
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.  */
+
+
+
+# This is a little helper program which generates a software-pipelined
+# for RC4 encryption.  The basic algorithm looks like this:
+#
+#   for (counter = 0; counter < len; ++counter)
+#     {
+#       in = inp[counter];
+#       SI = S[I];
+#       J = (SI + J) & 0xff;
+#       SJ = S[J];
+#       T = (SI + SJ) & 0xff;
+#       S[I] = SJ, S[J] = SI;
+#       ST = S[T];
+#       outp[counter] = in ^ ST;
+#       I = (I + 1) & 0xff;
+#     }
+#
+# Pipelining this loop isn't easy, because the stores to the S[] array
+# need to be observed in the right order.  The loop generated by the
+# code below has the following pipeline diagram:
+#
+#      cycle
+#     | 0 | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 |10 |11 |12 |13 |14 |15 |16 |17 |
+# iter
+#   1: xxx LDI xxx xxx xxx LDJ xxx SWP xxx LDT xxx xxx
+#   2:             xxx LDI xxx xxx xxx LDJ xxx SWP xxx LDT xxx xxx
+#   3:                         xxx LDI xxx xxx xxx LDJ xxx SWP xxx LDT xxx xxx
+#
+#   where:
+# 	LDI = load of S[I]
+# 	LDJ = load of S[J]
+# 	SWP = swap of S[I] and S[J]
+# 	LDT = load of S[T]
+#
+# Note that in the above diagram, the major trouble-spot is that LDI
+# of the 2nd iteration is performed BEFORE the SWP of the first
+# iteration.  Fortunately, this is easy to detect (I of the 1st
+# iteration will be equal to J of the 2nd iteration) and when this
+# happens, we simply forward the proper value from the 1st iteration
+# to the 2nd one.  The proper value in this case is simply the value
+# of S[I] from the first iteration (thanks to the fact that SWP
+# simply swaps the contents of S[I] and S[J]).
+#
+# Another potential trouble-spot is in cycle 7, where SWP of the 1st
+# iteration issues at the same time as the LDI of the 3rd iteration.
+# However, thanks to IA-64 execution semantics, this can be taken
+# care of simply by placing LDI later in the instruction-group than
+# SWP.  IA-64 CPUs will automatically forward the value if they
+# detect that the SWP and LDI are accessing the same memory-location.
+
+# The core-loop that can be pipelined then looks like this (annotated
+# with McKinley/Madison issue port & latency numbers, assuming L1
+# cache hits for the most part):
+
+# operation:	    instruction:		    issue-ports:  latency
+# ------------------  -----------------------------   ------------- -------
+
+# Data = *inp++       ld1 data = [inp], 1             M0-M1         1 cyc     c0
+#                     shladd Iptr = I, KeyTable, 3    M0-M3, I0, I1 1 cyc
+# I = (I + 1) & 0xff  padd1 nextI = I, one            M0-M3, I0, I1 3 cyc
+#                     ;;
+# SI = S[I]           ld8 SI = [Iptr]                 M0-M1         1 cyc     c1 * after SWAP!
+#                     ;;
+#                     cmp.eq.unc pBypass = I, J                                  * after J is valid!
+# J = SI + J          add J = J, SI                   M0-M3, I0, I1 1 cyc     c2
+#                     (pBypass) br.cond.spnt Bypass
+#                     ;;
+# ---------------------------------------------------------------------------------------
+# J = J & 0xff        zxt1 J = J                      I0, I1, 1 cyc           c3
+#                     ;;
+#                     shladd Jptr = J, KeyTable, 3    M0-M3, I0, I1 1 cyc     c4
+#                     ;;
+# SJ = S[J]           ld8 SJ = [Jptr]                 M0-M1         1 cyc     c5
+#                     ;;
+# ---------------------------------------------------------------------------------------
+# T = (SI + SJ)       add T = SI, SJ                  M0-M3, I0, I1 1 cyc     c6
+#                     ;;
+# T = T & 0xff        zxt1 T = T                      I0, I1        1 cyc
+# S[I] = SJ           st8 [Iptr] = SJ                 M2-M3                   c7
+# S[J] = SI           st8 [Jptr] = SI                 M2-M3
+#                     ;;
+#                     shladd Tptr = T, KeyTable, 3    M0-M3, I0, I1 1 cyc     c8
+#                     ;;
+# ---------------------------------------------------------------------------------------
+# T = S[T]            ld8 T = [Tptr]                  M0-M1         1 cyc     c9
+#                     ;;
+# data ^= T           xor data = data, T              M0-M3, I0, I1 1 cyc     c10
+#                     ;;
+# *out++ = Data ^ T   dep word = word, data, 8, POS   I0, I1        1 cyc     c11
+#                     ;;
+# ---------------------------------------------------------------------------------------
+
+# There are several points worth making here:
+
+#   - Note that due to the bypass/forwarding-path, the first two
+#     phases of the loop are strangly mingled together.  In
+#     particular, note that the first stage of the pipeline is
+#     using the value of "J", as calculated by the second stage.
+#   - Each bundle-pair will have exactly 6 instructions.
+#   - Pipelined, the loop can execute in 3 cycles/iteration and
+#     4 stages.  However, McKinley/Madison can issue "st1" to
+#     the same bank at a rate of at most one per 4 cycles.  Thus,
+#     instead of storing each byte, we accumulate them in a word
+#     and then write them back at once with a single "st8" (this
+#     implies that the setup code needs to ensure that the output
+#     buffer is properly aligned, if need be, by encoding the
+#     first few bytes separately).
+#   - There is no space for a "br.ctop" instruction.  For this
+#     reason we can't use module-loop support in IA-64 and have
+#     to do a traditional, purely software-pipelined loop.
+#   - We can't replace any of the remaining "add/zxt1" pairs with
+#     "padd1" because the latency for that instruction is too high
+#     and would push the loop to the point where more bypasses
+#     would be needed, which we don't have space for.
+#   - The above loop runs at around 3.26 cycles/byte, or roughly
+#     440 MByte/sec on a 1.5GHz Madison.  This is well below the
+#     system bus bandwidth and hence with judicious use of
+#     "lfetch" this loop can run at (almost) peak speed even when
+#     the input and output data reside in memory.  The
+#     max. latency that can be tolerated is (PREFETCH_DISTANCE *
+#     L2_LINE_SIZE * 3 cyc), or about 384 cycles assuming (at
+#     least) 1-ahead prefetching of 128 byte cache-lines.  Note
+#     that we do NOT prefetch into L1, since that would only
+#     interfere with the S[] table values stored there.  This is
+#     acceptable because there is a 10 cycle latency between
+#     load and first use of the input data.
+#   - We use a branch to out-of-line bypass-code of cycle-pressure:
+#     we calculate the next J, check for the need to activate the
+#     bypass path, and activate the bypass path ALL IN THE SAME
+#     CYCLE.  If we didn't have these constraints, we could do
+#     the bypass with a simple conditional move instruction.
+#     Fortunately, the bypass paths get activated relatively
+#     infrequently, so the extra branches don't cost all that much
+#     (about 0.04 cycles/byte, measured on a 16396 byte file with
+#     random input data).
+#
+
+$phases = 4;		# number of stages/phases in the pipelined-loop
+$unroll_count = 6;	# number of times we unrolled it
+$pComI = (1 << 0);
+$pComJ = (1 << 1);
+$pComT = (1 << 2);
+$pOut  = (1 << 3);
+
+$NData = 4;
+$NIP = 3;
+$NJP = 2;
+$NI = 2;
+$NSI = 3;
+$NSJ = 2;
+$NT = 2;
+$NOutWord = 2;
+
+#
+# $threshold is the minimum length before we attempt to use the
+# big software-pipelined loop.  It MUST be greater-or-equal
+# to:
+#  		PHASES * (UNROLL_COUNT + 1) + 7
+#
+# The "+ 7" comes from the fact we may have to encode up to
+#   7 bytes separately before the output pointer is aligned.
+#
+$threshold = (3 * ($phases * ($unroll_count + 1)) + 7);
+
+sub I {
+    local *code = shift;
+    local $format = shift;
+    $code .= sprintf ("\t\t".$format."\n", @_);
+}
+
+sub P {
+    local *code = shift;
+    local $format = shift;
+    $code .= sprintf ($format."\n", @_);
+}
+
+sub STOP {
+    local *code = shift;
+    $code .=<<___;
+		;;
+___
+}
+
+sub emit_body {
+    local *c = shift;
+    local *bypass = shift;
+    local ($iteration, $p) = @_;
+
+    local $i0 = $iteration;
+    local $i1 = $iteration - 1;
+    local $i2 = $iteration - 2;
+    local $i3 = $iteration - 3;
+    local $iw0 = ($iteration - 3) / 8;
+    local $iw1 = ($iteration > 3) ? ($iteration - 4) / 8 : 1;
+    local $byte_num = ($iteration - 3) % 8;
+    local $label = $iteration + 1;
+    local $pAny = ($p & 0xf) == 0xf;
+    local $pByp = (($p & $pComI) && ($iteration > 0));
+
+    $c.=<<___;
+//////////////////////////////////////////////////
+___
+
+    if (($p & 0xf) == 0) {
+	$c.="#ifdef HOST_IS_BIG_ENDIAN\n";
+	&I(\$c,"shr.u	OutWord[%u] = OutWord[%u], 32;;",
+				$iw1 % $NOutWord, $iw1 % $NOutWord);
+	$c.="#endif\n";
+	&I(\$c, "st4 [OutPtr] = OutWord[%u], 4", $iw1 % $NOutWord);
+	return;
+    }
+
+    # Cycle 0
+    &I(\$c, "{ .mmi")					      if ($pAny);
+    &I(\$c, "ld1    Data[%u] = [InPtr], 1", $i0 % $NData)     if ($p & $pComI);
+    &I(\$c, "padd1  I[%u] = One, I[%u]", $i0 % $NI, $i1 % $NI)if ($p & $pComI);
+    &I(\$c, "zxt1   J = J")				      if ($p & $pComJ);
+    &I(\$c, "}")					      if ($pAny);
+    &I(\$c, "{ .mmi")					      if ($pAny);
+    &I(\$c, "LKEY   T[%u] = [T[%u]]", $i1 % $NT, $i1 % $NT)   if ($p & $pOut);
+    &I(\$c, "add    T[%u] = SI[%u], SJ[%u]",
+       $i0 % $NT, $i2 % $NSI, $i1 % $NSJ)		      if ($p & $pComT);
+    &I(\$c, "KEYADDR(IPr[%u], I[%u])", $i0 % $NIP, $i1 % $NI) if ($p & $pComI);
+    &I(\$c, "}")					      if ($pAny);
+    &STOP(\$c);
+
+    # Cycle 1
+    &I(\$c, "{ .mmi")					      if ($pAny);
+    &I(\$c, "SKEY   [IPr[%u]] = SJ[%u]", $i2 % $NIP, $i1%$NSJ)if ($p & $pComT);
+    &I(\$c, "SKEY   [JP[%u]] = SI[%u]", $i1 % $NJP, $i2%$NSI) if ($p & $pComT);
+    &I(\$c, "zxt1   T[%u] = T[%u]", $i0 % $NT, $i0 % $NT)     if ($p & $pComT);
+    &I(\$c, "}")					      if ($pAny);
+    &I(\$c, "{ .mmi")					      if ($pAny);
+    &I(\$c, "LKEY   SI[%u] = [IPr[%u]]", $i0 % $NSI, $i0%$NIP)if ($p & $pComI);
+    &I(\$c, "KEYADDR(JP[%u], J)", $i0 % $NJP)		      if ($p & $pComJ);
+    &I(\$c, "xor    Data[%u] = Data[%u], T[%u]",
+       $i3 % $NData, $i3 % $NData, $i1 % $NT)		      if ($p & $pOut);
+    &I(\$c, "}")					      if ($pAny);
+    &STOP(\$c);
+
+    # Cycle 2
+    &I(\$c, "{ .mmi")					      if ($pAny);
+    &I(\$c, "LKEY   SJ[%u] = [JP[%u]]", $i0 % $NSJ, $i0%$NJP) if ($p & $pComJ);
+    &I(\$c, "cmp.eq pBypass, p0 = I[%u], J", $i1 % $NI)	      if ($pByp);
+    &I(\$c, "dep OutWord[%u] = Data[%u], OutWord[%u], BYTE_POS(%u), 8",
+       $iw0%$NOutWord, $i3%$NData, $iw1%$NOutWord, $byte_num) if ($p & $pOut);
+    &I(\$c, "}")					      if ($pAny);
+    &I(\$c, "{ .mmb")					      if ($pAny);
+    &I(\$c, "add    J = J, SI[%u]", $i0 % $NSI)		      if ($p & $pComI);
+    &I(\$c, "KEYADDR(T[%u], T[%u])", $i0 % $NT, $i0 % $NT)    if ($p & $pComT);
+    &P(\$c, "(pBypass)\tbr.cond.spnt.many .rc4Bypass%u",$label)if ($pByp);
+    &I(\$c, "}") if ($pAny);
+    &STOP(\$c);
+
+    &P(\$c, ".rc4Resume%u:", $label)			      if ($pByp);
+    if ($byte_num == 0 && $iteration >= $phases) {
+	&I(\$c, "st8 [OutPtr] = OutWord[%u], 8",
+	   $iw1 % $NOutWord)				      if ($p & $pOut);
+	if ($iteration == (1 + $unroll_count) * $phases - 1) {
+	    if ($unroll_count == 6) {
+		&I(\$c, "mov OutWord[%u] = OutWord[%u]",
+		   $iw1 % $NOutWord, $iw0 % $NOutWord);
+	    }
+	    &I(\$c, "lfetch.nt1 [InPrefetch], %u",
+	       $unroll_count * $phases);
+	    &I(\$c, "lfetch.excl.nt1 [OutPrefetch], %u",
+	       $unroll_count * $phases);
+	    &I(\$c, "br.cloop.sptk.few .rc4Loop");
+	}
+    }
+
+    if ($pByp) {
+	&P(\$bypass, ".rc4Bypass%u:", $label);
+	&I(\$bypass, "sub J = J, SI[%u]", $i0 % $NSI);
+	&I(\$bypass, "nop 0");
+	&I(\$bypass, "nop 0");
+	&I(\$bypass, ";;");
+	&I(\$bypass, "add J = J, SI[%u]", $i1 % $NSI);
+	&I(\$bypass, "mov SI[%u] = SI[%u]", $i0 % $NSI, $i1 % $NSI);
+	&I(\$bypass, "br.sptk.many .rc4Resume%u\n", $label);
+	&I(\$bypass, ";;");
+    }
+}
+
+$code=<<___;
+.ident \"rc4-ia64.s, version 3.0\"
+.ident \"Copyright (c) 2005 Hewlett-Packard Development Company, L.P.\"
+
+#define LCSave		r8
+#define PRSave		r9
+
+/* Inputs become invalid once rotation begins!  */
+
+#define StateTable	in0
+#define DataLen		in1
+#define InputBuffer	in2
+#define OutputBuffer	in3
+
+#define KTable		r14
+#define J		r15
+#define InPtr		r16
+#define OutPtr		r17
+#define InPrefetch	r18
+#define OutPrefetch	r19
+#define One		r20
+#define LoopCount	r21
+#define Remainder	r22
+#define IFinal		r23
+#define EndPtr		r24
+
+#define tmp0		r25
+#define tmp1		r26
+
+#define pBypass		p6
+#define pDone		p7
+#define pSmall		p8
+#define pAligned	p9
+#define pUnaligned	p10
+
+#define pComputeI	pPhase[0]
+#define pComputeJ	pPhase[1]
+#define pComputeT	pPhase[2]
+#define pOutput		pPhase[3]
+
+#define RetVal		r8
+#define L_OK		p7
+#define L_NOK		p8
+
+#define	_NINPUTS	4
+#define	_NOUTPUT	0
+
+#define	_NROTATE	24
+#define	_NLOCALS	(_NROTATE - _NINPUTS - _NOUTPUT)
+
+#ifndef SZ
+# define SZ	4	// this must be set to sizeof(RC4_INT)
+#endif
+
+#if SZ == 1
+# define LKEY			ld1
+# define SKEY			st1
+# define KEYADDR(dst, i)	add dst = i, KTable
+#elif SZ == 2
+# define LKEY			ld2
+# define SKEY			st2
+# define KEYADDR(dst, i)	shladd dst = i, 1, KTable
+#elif SZ == 4
+# define LKEY			ld4
+# define SKEY			st4
+# define KEYADDR(dst, i)	shladd dst = i, 2, KTable
+#else
+# define LKEY			ld8
+# define SKEY			st8
+# define KEYADDR(dst, i)	shladd dst = i, 3, KTable
+#endif
+
+#if defined(_HPUX_SOURCE) && !defined(_LP64)
+# define ADDP	addp4
+#else
+# define ADDP	add
+#endif
+
+/* Define a macro for the bit number of the n-th byte: */
+
+#if defined(_HPUX_SOURCE) || defined(B_ENDIAN)
+# define HOST_IS_BIG_ENDIAN
+# define BYTE_POS(n)	(56 - (8 * (n)))
+#else
+# define BYTE_POS(n)	(8 * (n))
+#endif
+
+/*
+   We must perform the first phase of the pipeline explicitly since
+   we will always load from the stable the first time. The br.cexit
+   will never be taken since regardless of the number of bytes because
+   the epilogue count is 4.
+*/
+/* MODSCHED_RC4 macro was split to _PROLOGUE and _LOOP, because HP-UX
+   assembler failed on original macro with syntax error. <appro> */
+#define MODSCHED_RC4_PROLOGUE						   \\
+	{								   \\
+				ld1		Data[0] = [InPtr], 1;	   \\
+				add		IFinal = 1, I[1];	   \\
+				KEYADDR(IPr[0], I[1]);			   \\
+	} ;;								   \\
+	{								   \\
+				LKEY		SI[0] = [IPr[0]];	   \\
+				mov		pr.rot = 0x10000;	   \\
+				mov		ar.ec = 4;		   \\
+	} ;;								   \\
+	{								   \\
+				add		J = J, SI[0];		   \\
+				zxt1		I[0] = IFinal;		   \\
+				br.cexit.spnt.few .+16; /* never taken */  \\
+	} ;;
+#define MODSCHED_RC4_LOOP(label)					   \\
+label:									   \\
+	{	.mmi;							   \\
+		(pComputeI)	ld1		Data[0] = [InPtr], 1;	   \\
+		(pComputeI)	add		IFinal = 1, I[1];	   \\
+		(pComputeJ)	zxt1		J = J;			   \\
+	}{	.mmi;							   \\
+		(pOutput)	LKEY		T[1] = [T[1]];		   \\
+		(pComputeT)	add		T[0] = SI[2], SJ[1];	   \\
+		(pComputeI)	KEYADDR(IPr[0], I[1]);			   \\
+	} ;;								   \\
+	{	.mmi;							   \\
+		(pComputeT)	SKEY		[IPr[2]] = SJ[1];	   \\
+		(pComputeT)	SKEY		[JP[1]] = SI[2];	   \\
+		(pComputeT)	zxt1		T[0] = T[0];		   \\
+	}{	.mmi;							   \\
+		(pComputeI)	LKEY		SI[0] = [IPr[0]];	   \\
+		(pComputeJ)	KEYADDR(JP[0], J);			   \\
+		(pComputeI)	cmp.eq.unc	pBypass, p0 = I[1], J;	   \\
+	} ;;								   \\
+	{	.mmi;							   \\
+		(pComputeJ)	LKEY		SJ[0] = [JP[0]];	   \\
+		(pOutput)	xor		Data[3] = Data[3], T[1];   \\
+				nop		0x0;			   \\
+	}{	.mmi;							   \\
+		(pComputeT)	KEYADDR(T[0], T[0]);			   \\
+		(pBypass)	mov		SI[0] = SI[1];		   \\
+		(pComputeI)	zxt1		I[0] = IFinal;		   \\
+	} ;;								   \\
+	{	.mmb;							   \\
+		(pOutput)	st1		[OutPtr] = Data[3], 1;	   \\
+		(pComputeI)	add		J = J, SI[0];		   \\
+				br.ctop.sptk.few label;			   \\
+	} ;;
+
+	.text
+
+	.align	32
+
+	.type	RC4, \@function
+	.global	RC4
+
+	.proc	RC4
+	.prologue
+
+RC4:
+	{
+	  	.mmi
+		alloc	r2 = ar.pfs, _NINPUTS, _NLOCALS, _NOUTPUT, _NROTATE
+
+		.rotr Data[4], I[2], IPr[3], SI[3], JP[2], SJ[2], T[2], \\
+		      OutWord[2]
+		.rotp pPhase[4]
+
+		ADDP		InPrefetch = 0, InputBuffer
+		ADDP		KTable = 0, StateTable
+	}
+	{
+		.mmi
+		ADDP		InPtr = 0, InputBuffer
+		ADDP		OutPtr = 0, OutputBuffer
+		mov		RetVal = r0
+	}
+	;;
+	{
+		.mmi
+		lfetch.nt1	[InPrefetch], 0x80
+		ADDP		OutPrefetch = 0, OutputBuffer
+	}
+	{               // Return 0 if the input length is nonsensical
+        	.mib
+		ADDP		StateTable = 0, StateTable
+        	cmp.ge.unc  	L_NOK, L_OK = r0, DataLen
+	(L_NOK) br.ret.sptk.few rp
+	}
+	;;
+	{
+        	.mib
+        	cmp.eq.or  	L_NOK, L_OK = r0, InPtr
+        	cmp.eq.or  	L_NOK, L_OK = r0, OutPtr
+		nop		0x0
+	}
+	{
+		.mib
+        	cmp.eq.or  	L_NOK, L_OK = r0, StateTable
+		nop		0x0
+	(L_NOK) br.ret.sptk.few rp
+	}
+	;;
+		LKEY		I[1] = [KTable], SZ
+/* Prefetch the state-table. It contains 256 elements of size SZ */
+
+#if SZ == 1
+		ADDP		tmp0 = 1*128, StateTable
+#elif SZ == 2
+		ADDP		tmp0 = 3*128, StateTable
+		ADDP		tmp1 = 2*128, StateTable
+#elif SZ == 4
+		ADDP		tmp0 = 7*128, StateTable
+		ADDP		tmp1 = 6*128, StateTable
+#elif SZ == 8
+		ADDP		tmp0 = 15*128, StateTable
+		ADDP		tmp1 = 14*128, StateTable
+#endif
+		;;
+#if SZ >= 8
+		lfetch.fault.nt1		[tmp0], -256	// 15
+		lfetch.fault.nt1		[tmp1], -256;;
+		lfetch.fault.nt1		[tmp0], -256	// 13
+		lfetch.fault.nt1		[tmp1], -256;;
+		lfetch.fault.nt1		[tmp0], -256	// 11
+		lfetch.fault.nt1		[tmp1], -256;;
+		lfetch.fault.nt1		[tmp0], -256	//  9
+		lfetch.fault.nt1		[tmp1], -256;;
+#endif
+#if SZ >= 4
+		lfetch.fault.nt1		[tmp0], -256	//  7
+		lfetch.fault.nt1		[tmp1], -256;;
+		lfetch.fault.nt1		[tmp0], -256	//  5
+		lfetch.fault.nt1		[tmp1], -256;;
+#endif
+#if SZ >= 2
+		lfetch.fault.nt1		[tmp0], -256	//  3
+		lfetch.fault.nt1		[tmp1], -256;;
+#endif
+	{
+		.mii
+		lfetch.fault.nt1		[tmp0]		//  1
+		add		I[1]=1,I[1];;
+		zxt1		I[1]=I[1]
+	}
+	{
+		.mmi
+		lfetch.nt1	[InPrefetch], 0x80
+		lfetch.excl.nt1	[OutPrefetch], 0x80
+		.save		pr, PRSave
+		mov		PRSave = pr
+	} ;;
+	{
+		.mmi
+		lfetch.excl.nt1	[OutPrefetch], 0x80
+		LKEY		J = [KTable], SZ
+		ADDP		EndPtr = DataLen, InPtr
+	}  ;;
+	{
+		.mmi
+		ADDP		EndPtr = -1, EndPtr	// Make it point to
+							// last data byte.
+		mov		One = 1
+		.save		ar.lc, LCSave
+		mov		LCSave = ar.lc
+		.body
+	} ;;
+	{
+		.mmb
+		sub		Remainder = 0, OutPtr
+		cmp.gtu		pSmall, p0 = $threshold, DataLen
+(pSmall)	br.cond.dpnt	.rc4Remainder		// Data too small for
+							// big loop.
+	} ;;
+	{
+		.mmi
+		and		Remainder = 0x7, Remainder
+		;;
+		cmp.eq		pAligned, pUnaligned = Remainder, r0
+		nop		0x0
+	} ;;
+	{
+		.mmb
+.pred.rel	"mutex",pUnaligned,pAligned
+(pUnaligned)	add		Remainder = -1, Remainder
+(pAligned)	sub		Remainder = EndPtr, InPtr
+(pAligned)	br.cond.dptk.many .rc4Aligned
+	} ;;
+	{
+		.mmi
+		nop		0x0
+		nop		0x0
+		mov.i		ar.lc = Remainder
+	}
+
+/* Do the initial few bytes via the compact, modulo-scheduled loop
+   until the output pointer is 8-byte-aligned.  */
+
+		MODSCHED_RC4_PROLOGUE
+		MODSCHED_RC4_LOOP(.RC4AlignLoop)
+
+	{
+		.mib
+		sub		Remainder = EndPtr, InPtr
+		zxt1		IFinal = IFinal
+		clrrrb				// Clear CFM.rrb.pr so
+		;;				// next "mov pr.rot = N"
+						// does the right thing.
+	}
+	{
+		.mmi
+		mov		I[1] = IFinal
+		nop		0x0
+		nop		0x0
+	} ;;
+
+
+.rc4Aligned:
+
+/*
+   Unrolled loop count = (Remainder - ($unroll_count+1)*$phases)/($unroll_count*$phases)
+ */
+
+	{
+		.mlx
+		add	LoopCount = 1 - ($unroll_count + 1)*$phases, Remainder
+		movl		Remainder = 0xaaaaaaaaaaaaaaab
+	} ;;
+	{
+		.mmi
+		setf.sig	f6 = LoopCount		// M2, M3	6 cyc
+		setf.sig	f7 = Remainder		// M2, M3	6 cyc
+		nop		0x0
+	} ;;
+	{
+		.mfb
+		nop		0x0
+		xmpy.hu		f6 = f6, f7
+		nop		0x0
+	} ;;
+	{
+		.mmi
+		getf.sig	LoopCount = f6;;	// M2		5 cyc
+		nop		0x0
+		shr.u		LoopCount = LoopCount, 4
+	} ;;
+	{
+		.mmi
+		nop		0x0
+		nop		0x0
+		mov.i		ar.lc = LoopCount
+	} ;;
+
+/* Now comes the unrolled loop: */
+
+.rc4Prologue:
+___
+
+$iteration = 0;
+
+# Generate the prologue:
+$predicates = 1;
+for ($i = 0; $i < $phases; ++$i) {
+    &emit_body (\$code, \$bypass, $iteration++, $predicates);
+    $predicates = ($predicates << 1) | 1;
+}
+
+$code.=<<___;
+.rc4Loop:
+___
+
+# Generate the body:
+for ($i = 0; $i < $unroll_count*$phases; ++$i) {
+    &emit_body (\$code, \$bypass, $iteration++, $predicates);
+}
+
+$code.=<<___;
+.rc4Epilogue:
+___
+
+# Generate the epilogue:
+for ($i = 0; $i < $phases; ++$i) {
+    $predicates <<= 1;
+    &emit_body (\$code, \$bypass, $iteration++, $predicates);
+}
+
+$code.=<<___;
+	{
+		.mmi
+		lfetch.nt1	[EndPtr]	// fetch line with last byte
+		mov		IFinal = I[1]
+		nop		0x0
+	}
+
+.rc4Remainder:
+	{
+		.mmi
+		sub		Remainder = EndPtr, InPtr	// Calculate
+								// # of bytes
+								// left - 1
+		nop		0x0
+		nop		0x0
+	} ;;
+	{
+		.mib
+		cmp.eq		pDone, p0 = -1, Remainder // done already?
+		mov.i		ar.lc = Remainder
+(pDone)		br.cond.dptk.few .rc4Complete
+	}
+
+/* Do the remaining bytes via the compact, modulo-scheduled loop */
+
+		MODSCHED_RC4_PROLOGUE
+		MODSCHED_RC4_LOOP(.RC4RestLoop)
+
+.rc4Complete:
+	{
+		.mmi
+		add		KTable = -SZ, KTable
+		add		IFinal = -1, IFinal
+		mov		ar.lc = LCSave
+	} ;;
+	{
+		.mii
+		SKEY		[KTable] = J,-SZ
+		zxt1		IFinal = IFinal
+		mov		pr = PRSave, 0x1FFFF
+	} ;;
+	{
+		.mib
+		SKEY		[KTable] = IFinal
+		add		RetVal = 1, r0
+		br.ret.sptk.few	rp
+	} ;;
+___
+
+# Last but not least, emit the code for the bypass-code of the unrolled loop:
+
+$code.=$bypass;
+
+$code.=<<___;
+	.endp RC4
+___
+
+print $code;
diff --git a/crypto/rc4/asm/rc4-parisc.pl b/crypto/rc4/asm/rc4-parisc.pl
new file mode 100644
index 0000000000..9e681965b9
--- /dev/null
+++ b/crypto/rc4/asm/rc4-parisc.pl
@@ -0,0 +1,313 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# RC4 for PA-RISC.
+
+# June 2009.
+#
+# Performance is 33% better than gcc 3.2 generated code on PA-7100LC.
+# For reference, [4x] unrolled loop is >40% faster than folded one.
+# It's possible to unroll loop 8 times on PA-RISC 2.0, but improvement
+# is believed to be not sufficient to justify the effort...
+#
+# Special thanks to polarhome.com for providing HP-UX account.
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+
+$flavour = shift;
+$output = shift;
+open STDOUT,">$output";
+
+if ($flavour =~ /64/) {
+	$LEVEL		="2.0W";
+	$SIZE_T		=8;
+	$FRAME_MARKER	=80;
+	$SAVED_RP	=16;
+	$PUSH		="std";
+	$PUSHMA		="std,ma";
+	$POP		="ldd";
+	$POPMB		="ldd,mb";
+} else {
+	$LEVEL		="1.0";
+	$SIZE_T		=4;
+	$FRAME_MARKER	=48;
+	$SAVED_RP	=20;
+	$PUSH		="stw";
+	$PUSHMA		="stwm";
+	$POP		="ldw";
+	$POPMB		="ldwm";
+}
+
+$FRAME=4*$SIZE_T+$FRAME_MARKER;	# 4 saved regs + frame marker
+				#                [+ argument transfer]
+$SZ=1;				# defaults to RC4_CHAR
+if (open CONF,"<${dir}../../opensslconf.h") {
+    while(<CONF>) {
+	if (m/#\s*define\s+RC4_INT\s+(.*)/) {
+	    $SZ = ($1=~/char$/) ? 1 : 4;
+	    last;
+	}
+    }
+    close CONF;
+}
+
+if ($SZ==1) {	# RC4_CHAR
+    $LD="ldb";
+    $LDX="ldbx";
+    $MKX="addl";
+    $ST="stb";
+} else {	# RC4_INT (~5% faster than RC4_CHAR on PA-7100LC)
+    $LD="ldw";
+    $LDX="ldwx,s";
+    $MKX="sh2addl";
+    $ST="stw";
+}
+
+$key="%r26";
+$len="%r25";
+$inp="%r24";
+$out="%r23";
+
+@XX=("%r19","%r20");
+@TX=("%r21","%r22");
+$YY="%r28";
+$TY="%r29";
+
+$acc="%r1";
+$ix="%r2";
+$iy="%r3";
+$dat0="%r4";
+$dat1="%r5";
+$rem="%r6";
+$mask="%r31";
+
+sub unrolledloopbody {
+for ($i=0;$i<4;$i++) {
+$code.=<<___;
+	ldo	1($XX[0]),$XX[1]
+	`sprintf("$LDX	%$TY(%$key),%$dat1") if ($i>0)`	
+	and	$mask,$XX[1],$XX[1]
+	$LDX	$YY($key),$TY
+	$MKX	$YY,$key,$ix
+	$LDX	$XX[1]($key),$TX[1]
+	$MKX	$XX[0],$key,$iy
+	$ST	$TX[0],0($ix)
+	comclr,<> $XX[1],$YY,%r0	; conditional
+	copy	$TX[0],$TX[1]		; move
+	`sprintf("%sdep	%$dat1,%d,8,%$acc",$i==1?"z":"",8*($i-1)+7) if ($i>0)`
+	$ST	$TY,0($iy)
+	addl	$TX[0],$TY,$TY
+	addl	$TX[1],$YY,$YY
+	and	$mask,$TY,$TY
+	and	$mask,$YY,$YY
+___
+push(@TX,shift(@TX)); push(@XX,shift(@XX));	# "rotate" registers
+} }
+
+sub foldedloop {
+my ($label,$count)=@_;
+$code.=<<___;
+$label
+	$MKX	$YY,$key,$iy
+	$LDX	$YY($key),$TY
+	$MKX	$XX[0],$key,$ix
+	$ST	$TX[0],0($iy)
+	ldo	1($XX[0]),$XX[0]
+	$ST	$TY,0($ix)
+	addl	$TX[0],$TY,$TY
+	ldbx	$inp($out),$dat1
+	and	$mask,$TY,$TY
+	and	$mask,$XX[0],$XX[0]
+	$LDX	$TY($key),$acc
+	$LDX	$XX[0]($key),$TX[0]
+	ldo	1($out),$out
+	xor	$dat1,$acc,$acc
+	addl	$TX[0],$YY,$YY
+	stb	$acc,-1($out)
+	addib,<> -1,$count,$label	; $count is always small
+	and	$mask,$YY,$YY
+___
+}
+
+$code=<<___;
+	.LEVEL	$LEVEL
+	.SPACE	\$TEXT\$
+	.SUBSPA	\$CODE\$,QUAD=0,ALIGN=8,ACCESS=0x2C,CODE_ONLY
+
+	.EXPORT	RC4,ENTRY,ARGW0=GR,ARGW1=GR,ARGW2=GR,ARGW3=GR
+RC4
+	.PROC
+	.CALLINFO	FRAME=`$FRAME-4*$SIZE_T`,NO_CALLS,SAVE_RP,ENTRY_GR=6
+	.ENTRY
+	$PUSH	%r2,-$SAVED_RP(%sp)	; standard prologue
+	$PUSHMA	%r3,$FRAME(%sp)
+	$PUSH	%r4,`-$FRAME+1*$SIZE_T`(%sp)
+	$PUSH	%r5,`-$FRAME+2*$SIZE_T`(%sp)
+	$PUSH	%r6,`-$FRAME+3*$SIZE_T`(%sp)
+
+	cmpib,*= 0,$len,L\$abort
+	sub	$inp,$out,$inp		; distance between $inp and $out
+
+	$LD	`0*$SZ`($key),$XX[0]
+	$LD	`1*$SZ`($key),$YY
+	ldo	`2*$SZ`($key),$key
+
+	ldi	0xff,$mask
+	ldi	3,$dat0		
+
+	ldo	1($XX[0]),$XX[0]	; warm up loop
+	and	$mask,$XX[0],$XX[0]
+	$LDX	$XX[0]($key),$TX[0]
+	addl	$TX[0],$YY,$YY
+	cmpib,*>>= 6,$len,L\$oop1	; is $len large enough to bother?
+	and	$mask,$YY,$YY
+
+	and,<>	$out,$dat0,$rem		; is $out aligned?
+	b	L\$alignedout
+	subi	4,$rem,$rem
+	sub	$len,$rem,$len
+___
+&foldedloop("L\$alignout",$rem);	# process till $out is aligned
+
+$code.=<<___;
+L\$alignedout				; $len is at least 4 here
+	and,<>	$inp,$dat0,$acc		; is $inp aligned?
+	b	L\$oop4
+	sub	$inp,$acc,$rem		; align $inp
+
+	sh3addl	$acc,%r0,$acc
+	subi	32,$acc,$acc
+	mtctl	$acc,%cr11		; load %sar with vshd align factor
+	ldwx	$rem($out),$dat0
+	ldo	4($rem),$rem
+L\$oop4misalignedinp
+___
+&unrolledloopbody();
+$code.=<<___;
+	$LDX	$TY($key),$ix
+	ldwx	$rem($out),$dat1
+	ldo	-4($len),$len
+	or	$ix,$acc,$acc		; last piece, no need to dep
+	vshd	$dat0,$dat1,$iy		; align data
+	copy	$dat1,$dat0
+	xor	$iy,$acc,$acc
+	stw	$acc,0($out)
+	cmpib,*<< 3,$len,L\$oop4misalignedinp
+	ldo	4($out),$out
+	cmpib,*= 0,$len,L\$done
+	nop
+	b	L\$oop1
+	nop
+
+	.ALIGN	8
+L\$oop4
+___
+&unrolledloopbody();
+$code.=<<___;
+	$LDX	$TY($key),$ix
+	ldwx	$inp($out),$dat0
+	ldo	-4($len),$len
+	or	$ix,$acc,$acc		; last piece, no need to dep
+	xor	$dat0,$acc,$acc
+	stw	$acc,0($out)
+	cmpib,*<< 3,$len,L\$oop4
+	ldo	4($out),$out
+	cmpib,*= 0,$len,L\$done
+	nop
+___
+&foldedloop("L\$oop1",$len);
+$code.=<<___;
+L\$done
+	$POP	`-$FRAME-$SAVED_RP`(%sp),%r2
+	ldo	-1($XX[0]),$XX[0]	; chill out loop
+	sub	$YY,$TX[0],$YY
+	and	$mask,$XX[0],$XX[0]
+	and	$mask,$YY,$YY
+	$ST	$XX[0],`-2*$SZ`($key)
+	$ST	$YY,`-1*$SZ`($key)
+	$POP	`-$FRAME+1*$SIZE_T`(%sp),%r4
+	$POP	`-$FRAME+2*$SIZE_T`(%sp),%r5
+	$POP	`-$FRAME+3*$SIZE_T`(%sp),%r6
+L\$abort
+	bv	(%r2)
+	.EXIT
+	$POPMB	-$FRAME(%sp),%r3
+	.PROCEND
+___
+
+$code.=<<___;
+
+	.EXPORT	RC4_set_key,ENTRY,ARGW0=GR,ARGW1=GR,ARGW2=GR
+	.ALIGN	8
+RC4_set_key
+	.PROC
+	.CALLINFO	NO_CALLS
+	.ENTRY
+	$ST	%r0,`0*$SZ`($key)
+	$ST	%r0,`1*$SZ`($key)
+	ldo	`2*$SZ`($key),$key
+	copy	%r0,@XX[0]
+L\$1st
+	$ST	@XX[0],0($key)
+	ldo	1(@XX[0]),@XX[0]
+	bb,>=	@XX[0],`31-8`,L\$1st	; @XX[0]<256
+	ldo	$SZ($key),$key
+
+	ldo	`-256*$SZ`($key),$key	; rewind $key
+	addl	$len,$inp,$inp		; $inp to point at the end
+	sub	%r0,$len,%r23		; inverse index
+	copy	%r0,@XX[0]
+	copy	%r0,@XX[1]
+	ldi	0xff,$mask
+
+L\$2nd
+	$LDX	@XX[0]($key),@TX[0]
+	ldbx	%r23($inp),@TX[1]
+	addi,nuv 1,%r23,%r23		; increment and conditional
+	sub	%r0,$len,%r23		; inverse index
+	addl	@TX[0],@XX[1],@XX[1]
+	addl	@TX[1],@XX[1],@XX[1]
+	and	$mask,@XX[1],@XX[1]
+	$MKX	@XX[0],$key,$TY
+	$LDX	@XX[1]($key),@TX[1]
+	$MKX	@XX[1],$key,$YY
+	ldo	1(@XX[0]),@XX[0]
+	$ST	@TX[0],0($YY)
+	bb,>=	@XX[0],`31-8`,L\$2nd	; @XX[0]<256
+	$ST	@TX[1],0($TY)
+
+	bv,n	(%r2)
+	.EXIT
+	nop
+	.PROCEND
+
+	.EXPORT	RC4_options,ENTRY
+	.ALIGN	8
+RC4_options
+	.PROC
+	.CALLINFO	NO_CALLS
+	.ENTRY
+	blr	%r0,%r28
+	ldi	3,%r1
+L\$pic
+	andcm	%r28,%r1,%r28
+	bv	(%r2)
+	.EXIT
+	ldo	L\$opts-L\$pic(%r28),%r28
+	.PROCEND
+	.ALIGN	8
+L\$opts
+	.STRINGZ "rc4(4x,`$SZ==1?"char":"int"`)"
+	.STRINGZ "RC4 for PA-RISC, CRYPTOGAMS by <appro\@openssl.org>"
+___
+$code =~ s/\`([^\`]*)\`/eval $1/gem;
+$code =~ s/cmpib,\*/comib,/gm if ($SIZE_T==4);
+
+print $code;
+close STDOUT;
diff --git a/crypto/rc4/asm/rc4-s390x.pl b/crypto/rc4/asm/rc4-s390x.pl
new file mode 100644
index 0000000000..96681fa05e
--- /dev/null
+++ b/crypto/rc4/asm/rc4-s390x.pl
@@ -0,0 +1,205 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+#
+# February 2009
+#
+# Performance is 2x of gcc 3.4.6 on z10. Coding "secret" is to
+# "cluster" Address Generation Interlocks, so that one pipeline stall
+# resolves several dependencies.
+
+$rp="%r14";
+$sp="%r15";
+$code=<<___;
+.text
+
+___
+
+# void RC4(RC4_KEY *key,size_t len,const void *inp,void *out)
+{
+$acc="%r0";
+$cnt="%r1";
+$key="%r2";
+$len="%r3";
+$inp="%r4";
+$out="%r5";
+
+@XX=("%r6","%r7");
+@TX=("%r8","%r9");
+$YY="%r10";
+$TY="%r11";
+
+$code.=<<___;
+.globl	RC4
+.type	RC4,\@function
+.align	64
+RC4:
+	stmg	%r6,%r11,48($sp)
+	llgc	$XX[0],0($key)
+	llgc	$YY,1($key)
+	la	$XX[0],1($XX[0])
+	nill	$XX[0],0xff
+	srlg	$cnt,$len,3
+	ltgr	$cnt,$cnt
+	llgc	$TX[0],2($XX[0],$key)
+	jz	.Lshort
+	j	.Loop8
+
+.align	64
+.Loop8:
+___
+for ($i=0;$i<8;$i++) {
+$code.=<<___;
+	la	$YY,0($YY,$TX[0])	# $i
+	nill	$YY,255
+	la	$XX[1],1($XX[0])
+	nill	$XX[1],255
+___
+$code.=<<___ if ($i==1);
+	llgc	$acc,2($TY,$key)
+___
+$code.=<<___ if ($i>1);
+	sllg	$acc,$acc,8
+	ic	$acc,2($TY,$key)
+___
+$code.=<<___;
+	llgc	$TY,2($YY,$key)
+	stc	$TX[0],2($YY,$key)
+	llgc	$TX[1],2($XX[1],$key)
+	stc	$TY,2($XX[0],$key)
+	cr	$XX[1],$YY
+	jne	.Lcmov$i
+	la	$TX[1],0($TX[0])
+.Lcmov$i:
+	la	$TY,0($TY,$TX[0])
+	nill	$TY,255
+___
+push(@TX,shift(@TX)); push(@XX,shift(@XX));     # "rotate" registers
+}
+
+$code.=<<___;
+	lg	$TX[1],0($inp)
+	sllg	$acc,$acc,8
+	la	$inp,8($inp)
+	ic	$acc,2($TY,$key)
+	xgr	$acc,$TX[1]
+	stg	$acc,0($out)
+	la	$out,8($out)
+	brct	$cnt,.Loop8
+
+.Lshort:
+	lghi	$acc,7
+	ngr	$len,$acc
+	jz	.Lexit
+	j	.Loop1
+
+.align	16
+.Loop1:
+	la	$YY,0($YY,$TX[0])
+	nill	$YY,255
+	llgc	$TY,2($YY,$key)
+	stc	$TX[0],2($YY,$key)
+	stc	$TY,2($XX[0],$key)
+	ar	$TY,$TX[0]
+	ahi	$XX[0],1
+	nill	$TY,255
+	nill	$XX[0],255
+	llgc	$acc,0($inp)
+	la	$inp,1($inp)
+	llgc	$TY,2($TY,$key)
+	llgc	$TX[0],2($XX[0],$key)
+	xr	$acc,$TY
+	stc	$acc,0($out)
+	la	$out,1($out)
+	brct	$len,.Loop1
+
+.Lexit:
+	ahi	$XX[0],-1
+	stc	$XX[0],0($key)
+	stc	$YY,1($key)
+	lmg	%r6,%r11,48($sp)
+	br	$rp
+.size	RC4,.-RC4
+.string	"RC4 for s390x, CRYPTOGAMS by <appro\@openssl.org>"
+
+___
+}
+
+# void RC4_set_key(RC4_KEY *key,unsigned int len,const void *inp)
+{
+$cnt="%r0";
+$idx="%r1";
+$key="%r2";
+$len="%r3";
+$inp="%r4";
+$acc="%r5";
+$dat="%r6";
+$ikey="%r7";
+$iinp="%r8";
+
+$code.=<<___;
+.globl	RC4_set_key
+.type	RC4_set_key,\@function
+.align	64
+RC4_set_key:
+	stmg	%r6,%r8,48($sp)
+	lhi	$cnt,256
+	la	$idx,0(%r0)
+	sth	$idx,0($key)
+.align	4
+.L1stloop:
+	stc	$idx,2($idx,$key)
+	la	$idx,1($idx)
+	brct	$cnt,.L1stloop
+
+	lghi	$ikey,-256
+	lr	$cnt,$len
+	la	$iinp,0(%r0)
+	la	$idx,0(%r0)
+.align	16
+.L2ndloop:
+	llgc	$acc,2+256($ikey,$key)
+	llgc	$dat,0($iinp,$inp)
+	la	$idx,0($idx,$acc)
+	la	$ikey,1($ikey)
+	la	$idx,0($idx,$dat)
+	nill	$idx,255
+	la	$iinp,1($iinp)
+	tml	$ikey,255
+	llgc	$dat,2($idx,$key)
+	stc	$dat,2+256-1($ikey,$key)
+	stc	$acc,2($idx,$key)
+	jz	.Ldone
+	brct	$cnt,.L2ndloop
+	lr	$cnt,$len
+	la	$iinp,0(%r0)
+	j	.L2ndloop
+.Ldone:
+	lmg	%r6,%r8,48($sp)
+	br	$rp
+.size	RC4_set_key,.-RC4_set_key
+
+___
+}
+
+# const char *RC4_options()
+$code.=<<___;
+.globl	RC4_options
+.type	RC4_options,\@function
+.align	16
+RC4_options:
+	larl	%r2,.Loptions
+	br	%r14
+.size	RC4_options,.-RC4_options
+.section	.rodata
+.Loptions:
+.align	8
+.string	"rc4(8x,char)"
+___
+
+print $code;
diff --git a/crypto/rc4/asm/rc4-x86_64.pl b/crypto/rc4/asm/rc4-x86_64.pl
new file mode 100755
index 0000000000..677be5fe25
--- /dev/null
+++ b/crypto/rc4/asm/rc4-x86_64.pl
@@ -0,0 +1,504 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+#
+# 2.22x RC4 tune-up:-) It should be noted though that my hand [as in
+# "hand-coded assembler"] doesn't stand for the whole improvement
+# coefficient. It turned out that eliminating RC4_CHAR from config
+# line results in ~40% improvement (yes, even for C implementation).
+# Presumably it has everything to do with AMD cache architecture and
+# RAW or whatever penalties. Once again! The module *requires* config
+# line *without* RC4_CHAR! As for coding "secret," I bet on partial
+# register arithmetics. For example instead of 'inc %r8; and $255,%r8'
+# I simply 'inc %r8b'. Even though optimization manual discourages
+# to operate on partial registers, it turned out to be the best bet.
+# At least for AMD... How IA32E would perform remains to be seen...
+
+# As was shown by Marc Bevand reordering of couple of load operations
+# results in even higher performance gain of 3.3x:-) At least on
+# Opteron... For reference, 1x in this case is RC4_CHAR C-code
+# compiled with gcc 3.3.2, which performs at ~54MBps per 1GHz clock.
+# Latter means that if you want to *estimate* what to expect from
+# *your* Opteron, then multiply 54 by 3.3 and clock frequency in GHz.
+
+# Intel P4 EM64T core was found to run the AMD64 code really slow...
+# The only way to achieve comparable performance on P4 was to keep
+# RC4_CHAR. Kind of ironic, huh? As it's apparently impossible to
+# compose blended code, which would perform even within 30% marginal
+# on either AMD and Intel platforms, I implement both cases. See
+# rc4_skey.c for further details...
+
+# P4 EM64T core appears to be "allergic" to 64-bit inc/dec. Replacing 
+# those with add/sub results in 50% performance improvement of folded
+# loop...
+
+# As was shown by Zou Nanhai loop unrolling can improve Intel EM64T
+# performance by >30% [unlike P4 32-bit case that is]. But this is
+# provided that loads are reordered even more aggressively! Both code
+# pathes, AMD64 and EM64T, reorder loads in essentially same manner
+# as my IA-64 implementation. On Opteron this resulted in modest 5%
+# improvement [I had to test it], while final Intel P4 performance
+# achieves respectful 432MBps on 2.8GHz processor now. For reference.
+# If executed on Xeon, current RC4_CHAR code-path is 2.7x faster than
+# RC4_INT code-path. While if executed on Opteron, it's only 25%
+# slower than the RC4_INT one [meaning that if CPU µ-arch detection
+# is not implemented, then this final RC4_CHAR code-path should be
+# preferred, as it provides better *all-round* performance].
+
+# Intel Core2 was observed to perform poorly on both code paths:-( It
+# apparently suffers from some kind of partial register stall, which
+# occurs in 64-bit mode only [as virtually identical 32-bit loop was
+# observed to outperform 64-bit one by almost 50%]. Adding two movzb to
+# cloop1 boosts its performance by 80%! This loop appears to be optimal
+# fit for Core2 and therefore the code was modified to skip cloop8 on
+# this CPU.
+
+$flavour = shift;
+$output  = shift;
+if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
+
+$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
+die "can't locate x86_64-xlate.pl";
+
+open STDOUT,"| $^X $xlate $flavour $output";
+
+$dat="%rdi";	    # arg1
+$len="%rsi";	    # arg2
+$inp="%rdx";	    # arg3
+$out="%rcx";	    # arg4
+
+@XX=("%r8","%r10");
+@TX=("%r9","%r11");
+$YY="%r12";
+$TY="%r13";
+
+$code=<<___;
+.text
+
+.globl	RC4
+.type	RC4,\@function,4
+.align	16
+RC4:	or	$len,$len
+	jne	.Lentry
+	ret
+.Lentry:
+	push	%rbx
+	push	%r12
+	push	%r13
+.Lprologue:
+
+	add	\$8,$dat
+	movl	-8($dat),$XX[0]#d
+	movl	-4($dat),$YY#d
+	cmpl	\$-1,256($dat)
+	je	.LRC4_CHAR
+	inc	$XX[0]#b
+	movl	($dat,$XX[0],4),$TX[0]#d
+	test	\$-8,$len
+	jz	.Lloop1
+	jmp	.Lloop8
+.align	16
+.Lloop8:
+___
+for ($i=0;$i<8;$i++) {
+$code.=<<___;
+	add	$TX[0]#b,$YY#b
+	mov	$XX[0],$XX[1]
+	movl	($dat,$YY,4),$TY#d
+	ror	\$8,%rax			# ror is redundant when $i=0
+	inc	$XX[1]#b
+	movl	($dat,$XX[1],4),$TX[1]#d
+	cmp	$XX[1],$YY
+	movl	$TX[0]#d,($dat,$YY,4)
+	cmove	$TX[0],$TX[1]
+	movl	$TY#d,($dat,$XX[0],4)
+	add	$TX[0]#b,$TY#b
+	movb	($dat,$TY,4),%al
+___
+push(@TX,shift(@TX)); push(@XX,shift(@XX));	# "rotate" registers
+}
+$code.=<<___;
+	ror	\$8,%rax
+	sub	\$8,$len
+
+	xor	($inp),%rax
+	add	\$8,$inp
+	mov	%rax,($out)
+	add	\$8,$out
+
+	test	\$-8,$len
+	jnz	.Lloop8
+	cmp	\$0,$len
+	jne	.Lloop1
+	jmp	.Lexit
+
+.align	16
+.Lloop1:
+	add	$TX[0]#b,$YY#b
+	movl	($dat,$YY,4),$TY#d
+	movl	$TX[0]#d,($dat,$YY,4)
+	movl	$TY#d,($dat,$XX[0],4)
+	add	$TY#b,$TX[0]#b
+	inc	$XX[0]#b
+	movl	($dat,$TX[0],4),$TY#d
+	movl	($dat,$XX[0],4),$TX[0]#d
+	xorb	($inp),$TY#b
+	inc	$inp
+	movb	$TY#b,($out)
+	inc	$out
+	dec	$len
+	jnz	.Lloop1
+	jmp	.Lexit
+
+.align	16
+.LRC4_CHAR:
+	add	\$1,$XX[0]#b
+	movzb	($dat,$XX[0]),$TX[0]#d
+	test	\$-8,$len
+	jz	.Lcloop1
+	cmpl	\$0,260($dat)
+	jnz	.Lcloop1
+	jmp	.Lcloop8
+.align	16
+.Lcloop8:
+	mov	($inp),%eax
+	mov	4($inp),%ebx
+___
+# unroll 2x4-wise, because 64-bit rotates kill Intel P4...
+for ($i=0;$i<4;$i++) {
+$code.=<<___;
+	add	$TX[0]#b,$YY#b
+	lea	1($XX[0]),$XX[1]
+	movzb	($dat,$YY),$TY#d
+	movzb	$XX[1]#b,$XX[1]#d
+	movzb	($dat,$XX[1]),$TX[1]#d
+	movb	$TX[0]#b,($dat,$YY)
+	cmp	$XX[1],$YY
+	movb	$TY#b,($dat,$XX[0])
+	jne	.Lcmov$i			# Intel cmov is sloooow...
+	mov	$TX[0],$TX[1]
+.Lcmov$i:
+	add	$TX[0]#b,$TY#b
+	xor	($dat,$TY),%al
+	ror	\$8,%eax
+___
+push(@TX,shift(@TX)); push(@XX,shift(@XX));	# "rotate" registers
+}
+for ($i=4;$i<8;$i++) {
+$code.=<<___;
+	add	$TX[0]#b,$YY#b
+	lea	1($XX[0]),$XX[1]
+	movzb	($dat,$YY),$TY#d
+	movzb	$XX[1]#b,$XX[1]#d
+	movzb	($dat,$XX[1]),$TX[1]#d
+	movb	$TX[0]#b,($dat,$YY)
+	cmp	$XX[1],$YY
+	movb	$TY#b,($dat,$XX[0])
+	jne	.Lcmov$i			# Intel cmov is sloooow...
+	mov	$TX[0],$TX[1]
+.Lcmov$i:
+	add	$TX[0]#b,$TY#b
+	xor	($dat,$TY),%bl
+	ror	\$8,%ebx
+___
+push(@TX,shift(@TX)); push(@XX,shift(@XX));	# "rotate" registers
+}
+$code.=<<___;
+	lea	-8($len),$len
+	mov	%eax,($out)
+	lea	8($inp),$inp
+	mov	%ebx,4($out)
+	lea	8($out),$out
+
+	test	\$-8,$len
+	jnz	.Lcloop8
+	cmp	\$0,$len
+	jne	.Lcloop1
+	jmp	.Lexit
+___
+$code.=<<___;
+.align	16
+.Lcloop1:
+	add	$TX[0]#b,$YY#b
+	movzb	($dat,$YY),$TY#d
+	movb	$TX[0]#b,($dat,$YY)
+	movb	$TY#b,($dat,$XX[0])
+	add	$TX[0]#b,$TY#b
+	add	\$1,$XX[0]#b
+	movzb	$TY#b,$TY#d
+	movzb	$XX[0]#b,$XX[0]#d
+	movzb	($dat,$TY),$TY#d
+	movzb	($dat,$XX[0]),$TX[0]#d
+	xorb	($inp),$TY#b
+	lea	1($inp),$inp
+	movb	$TY#b,($out)
+	lea	1($out),$out
+	sub	\$1,$len
+	jnz	.Lcloop1
+	jmp	.Lexit
+
+.align	16
+.Lexit:
+	sub	\$1,$XX[0]#b
+	movl	$XX[0]#d,-8($dat)
+	movl	$YY#d,-4($dat)
+
+	mov	(%rsp),%r13
+	mov	8(%rsp),%r12
+	mov	16(%rsp),%rbx
+	add	\$24,%rsp
+.Lepilogue:
+	ret
+.size	RC4,.-RC4
+___
+
+$idx="%r8";
+$ido="%r9";
+
+$code.=<<___;
+.extern	OPENSSL_ia32cap_P
+.globl	RC4_set_key
+.type	RC4_set_key,\@function,3
+.align	16
+RC4_set_key:
+	lea	8($dat),$dat
+	lea	($inp,$len),$inp
+	neg	$len
+	mov	$len,%rcx
+	xor	%eax,%eax
+	xor	$ido,$ido
+	xor	%r10,%r10
+	xor	%r11,%r11
+
+	mov	OPENSSL_ia32cap_P(%rip),$idx#d
+	bt	\$20,$idx#d
+	jnc	.Lw1stloop
+	bt	\$30,$idx#d
+	setc	$ido#b
+	mov	$ido#d,260($dat)
+	jmp	.Lc1stloop
+
+.align	16
+.Lw1stloop:
+	mov	%eax,($dat,%rax,4)
+	add	\$1,%al
+	jnc	.Lw1stloop
+
+	xor	$ido,$ido
+	xor	$idx,$idx
+.align	16
+.Lw2ndloop:
+	mov	($dat,$ido,4),%r10d
+	add	($inp,$len,1),$idx#b
+	add	%r10b,$idx#b
+	add	\$1,$len
+	mov	($dat,$idx,4),%r11d
+	cmovz	%rcx,$len
+	mov	%r10d,($dat,$idx,4)
+	mov	%r11d,($dat,$ido,4)
+	add	\$1,$ido#b
+	jnc	.Lw2ndloop
+	jmp	.Lexit_key
+
+.align	16
+.Lc1stloop:
+	mov	%al,($dat,%rax)
+	add	\$1,%al
+	jnc	.Lc1stloop
+
+	xor	$ido,$ido
+	xor	$idx,$idx
+.align	16
+.Lc2ndloop:
+	mov	($dat,$ido),%r10b
+	add	($inp,$len),$idx#b
+	add	%r10b,$idx#b
+	add	\$1,$len
+	mov	($dat,$idx),%r11b
+	jnz	.Lcnowrap
+	mov	%rcx,$len
+.Lcnowrap:
+	mov	%r10b,($dat,$idx)
+	mov	%r11b,($dat,$ido)
+	add	\$1,$ido#b
+	jnc	.Lc2ndloop
+	movl	\$-1,256($dat)
+
+.align	16
+.Lexit_key:
+	xor	%eax,%eax
+	mov	%eax,-8($dat)
+	mov	%eax,-4($dat)
+	ret
+.size	RC4_set_key,.-RC4_set_key
+
+.globl	RC4_options
+.type	RC4_options,\@abi-omnipotent
+.align	16
+RC4_options:
+	lea	.Lopts(%rip),%rax
+	mov	OPENSSL_ia32cap_P(%rip),%edx
+	bt	\$20,%edx
+	jnc	.Ldone
+	add	\$12,%rax
+	bt	\$30,%edx
+	jnc	.Ldone
+	add	\$13,%rax
+.Ldone:
+	ret
+.align	64
+.Lopts:
+.asciz	"rc4(8x,int)"
+.asciz	"rc4(8x,char)"
+.asciz	"rc4(1x,char)"
+.asciz	"RC4 for x86_64, CRYPTOGAMS by <appro\@openssl.org>"
+.align	64
+.size	RC4_options,.-RC4_options
+___
+
+# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
+#		CONTEXT *context,DISPATCHER_CONTEXT *disp)
+if ($win64) {
+$rec="%rcx";
+$frame="%rdx";
+$context="%r8";
+$disp="%r9";
+
+$code.=<<___;
+.extern	__imp_RtlVirtualUnwind
+.type	stream_se_handler,\@abi-omnipotent
+.align	16
+stream_se_handler:
+	push	%rsi
+	push	%rdi
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	pushfq
+	sub	\$64,%rsp
+
+	mov	120($context),%rax	# pull context->Rax
+	mov	248($context),%rbx	# pull context->Rip
+
+	lea	.Lprologue(%rip),%r10
+	cmp	%r10,%rbx		# context->Rip<prologue label
+	jb	.Lin_prologue
+
+	mov	152($context),%rax	# pull context->Rsp
+
+	lea	.Lepilogue(%rip),%r10
+	cmp	%r10,%rbx		# context->Rip>=epilogue label
+	jae	.Lin_prologue
+
+	lea	24(%rax),%rax
+
+	mov	-8(%rax),%rbx
+	mov	-16(%rax),%r12
+	mov	-24(%rax),%r13
+	mov	%rbx,144($context)	# restore context->Rbx
+	mov	%r12,216($context)	# restore context->R12
+	mov	%r13,224($context)	# restore context->R13
+
+.Lin_prologue:
+	mov	8(%rax),%rdi
+	mov	16(%rax),%rsi
+	mov	%rax,152($context)	# restore context->Rsp
+	mov	%rsi,168($context)	# restore context->Rsi
+	mov	%rdi,176($context)	# restore context->Rdi
+
+	jmp	.Lcommon_seh_exit
+.size	stream_se_handler,.-stream_se_handler
+
+.type	key_se_handler,\@abi-omnipotent
+.align	16
+key_se_handler:
+	push	%rsi
+	push	%rdi
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	pushfq
+	sub	\$64,%rsp
+
+	mov	152($context),%rax	# pull context->Rsp
+	mov	8(%rax),%rdi
+	mov	16(%rax),%rsi
+	mov	%rsi,168($context)	# restore context->Rsi
+	mov	%rdi,176($context)	# restore context->Rdi
+
+.Lcommon_seh_exit:
+
+	mov	40($disp),%rdi		# disp->ContextRecord
+	mov	$context,%rsi		# context
+	mov	\$154,%ecx		# sizeof(CONTEXT)
+	.long	0xa548f3fc		# cld; rep movsq
+
+	mov	$disp,%rsi
+	xor	%rcx,%rcx		# arg1, UNW_FLAG_NHANDLER
+	mov	8(%rsi),%rdx		# arg2, disp->ImageBase
+	mov	0(%rsi),%r8		# arg3, disp->ControlPc
+	mov	16(%rsi),%r9		# arg4, disp->FunctionEntry
+	mov	40(%rsi),%r10		# disp->ContextRecord
+	lea	56(%rsi),%r11		# &disp->HandlerData
+	lea	24(%rsi),%r12		# &disp->EstablisherFrame
+	mov	%r10,32(%rsp)		# arg5
+	mov	%r11,40(%rsp)		# arg6
+	mov	%r12,48(%rsp)		# arg7
+	mov	%rcx,56(%rsp)		# arg8, (NULL)
+	call	*__imp_RtlVirtualUnwind(%rip)
+
+	mov	\$1,%eax		# ExceptionContinueSearch
+	add	\$64,%rsp
+	popfq
+	pop	%r15
+	pop	%r14
+	pop	%r13
+	pop	%r12
+	pop	%rbp
+	pop	%rbx
+	pop	%rdi
+	pop	%rsi
+	ret
+.size	key_se_handler,.-key_se_handler
+
+.section	.pdata
+.align	4
+	.rva	.LSEH_begin_RC4
+	.rva	.LSEH_end_RC4
+	.rva	.LSEH_info_RC4
+
+	.rva	.LSEH_begin_RC4_set_key
+	.rva	.LSEH_end_RC4_set_key
+	.rva	.LSEH_info_RC4_set_key
+
+.section	.xdata
+.align	8
+.LSEH_info_RC4:
+	.byte	9,0,0,0
+	.rva	stream_se_handler
+.LSEH_info_RC4_set_key:
+	.byte	9,0,0,0
+	.rva	key_se_handler
+___
+}
+
+$code =~ s/#([bwd])/$1/gm;
+
+print $code;
+
+close STDOUT;
diff --git a/crypto/rc4/rc4.h b/crypto/rc4/rc4.h
index c24a5b1281..29d1acccf5 100644
--- a/crypto/rc4/rc4.h
+++ b/crypto/rc4/rc4.h
@@ -64,6 +64,8 @@
 #error RC4 is disabled.
 #endif
 
+#include <stddef.h>
+
 #ifdef  __cplusplus
 extern "C" {
 #endif
@@ -72,16 +74,12 @@ typedef struct rc4_key_st
 	{
 	RC4_INT x,y;
 	RC4_INT data[256];
-#if defined(__ia64) || defined(__ia64__) || defined(_M_IA64)
-	/* see crypto/rc4/asm/rc4-ia64.S for further details... */
-	RC4_INT pad[512-256-2];
-#endif
 	} RC4_KEY;
 
  
 const char *RC4_options(void);
 void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data);
-void RC4(RC4_KEY *key, unsigned long len, const unsigned char *indata,
+void RC4(RC4_KEY *key, size_t len, const unsigned char *indata,
 		unsigned char *outdata);
 
 #ifdef  __cplusplus
diff --git a/crypto/rc4/rc4_enc.c b/crypto/rc4/rc4_enc.c
index 7d0bf92f03..0d16616588 100644
--- a/crypto/rc4/rc4_enc.c
+++ b/crypto/rc4/rc4_enc.c
@@ -67,20 +67,16 @@
  * Date: Wed, 14 Sep 1994 06:35:31 GMT
  */
 
-void RC4(RC4_KEY *key, unsigned long len, const unsigned char *indata,
+void RC4(RC4_KEY *key, size_t len, const unsigned char *indata,
 	     unsigned char *outdata)
 	{
         register RC4_INT *d;
         register RC4_INT x,y,tx,ty;
-	int i;
+	size_t i;
         
         x=key->x;     
         y=key->y;     
         d=key->data; 
-#if defined(__ia64) || defined(__ia64__) || defined(_M_IA64)
-	/* see crypto/rc4/asm/rc4-ia64.S for further details... */
-	d=(RC4_INT *)(((size_t)(d+255))&~(sizeof(key->data)-1));
-#endif
 
 #if defined(RC4_CHUNK)
 	/*
@@ -165,7 +161,7 @@ void RC4(RC4_KEY *key, unsigned long len, const unsigned char *indata,
 		if (!is_endian.little)
 			{	/* BIG-ENDIAN CASE */
 # define BESHFT(c)	(((sizeof(RC4_CHUNK)-(c)-1)*8)&(sizeof(RC4_CHUNK)*8-1))
-			for (;len&-sizeof(RC4_CHUNK);len-=sizeof(RC4_CHUNK))
+			for (;len&(0-sizeof(RC4_CHUNK));len-=sizeof(RC4_CHUNK))
 				{
 				ichunk  = *(RC4_CHUNK *)indata;
 				otp  = RC4_STEP<<BESHFT(0);
@@ -218,7 +214,7 @@ void RC4(RC4_KEY *key, unsigned long len, const unsigned char *indata,
 		else
 			{	/* LITTLE-ENDIAN CASE */
 # define LESHFT(c)	(((c)*8)&(sizeof(RC4_CHUNK)*8-1))
-			for (;len&-sizeof(RC4_CHUNK);len-=sizeof(RC4_CHUNK))
+			for (;len&(0-sizeof(RC4_CHUNK));len-=sizeof(RC4_CHUNK))
 				{
 				ichunk  = *(RC4_CHUNK *)indata;
 				otp  = RC4_STEP;
@@ -284,7 +280,7 @@ void RC4(RC4_KEY *key, unsigned long len, const unsigned char *indata,
 #define RC4_LOOP(a,b,i)	LOOP(a[i],b[i])
 #endif
 
-	i=(int)(len>>3L);
+	i=len>>3;
 	if (i)
 		{
 		for (;;)
@@ -304,7 +300,7 @@ void RC4(RC4_KEY *key, unsigned long len, const unsigned char *indata,
 			if (--i == 0) break;
 			}
 		}
-	i=(int)len&0x07;
+	i=len&0x07;
 	if (i)
 		{
 		for (;;)
diff --git a/crypto/rc4/rc4_skey.c b/crypto/rc4/rc4_skey.c
index 083b53dfb8..b22c40b0bd 100644
--- a/crypto/rc4/rc4_skey.c
+++ b/crypto/rc4/rc4_skey.c
@@ -60,7 +60,7 @@
 #include "rc4_locl.h"
 #include <openssl/opensslv.h>
 
-const char *RC4_version="RC4" OPENSSL_VERSION_PTEXT;
+const char RC4_version[]="RC4" OPENSSL_VERSION_PTEXT;
 
 const char *RC4_options(void)
 	{
@@ -93,10 +93,6 @@ void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data)
         unsigned int i;
         
         d= &(key->data[0]);
-#if defined(__ia64) || defined(__ia64__) || defined(_M_IA64)
-	/* see crypto/rc4/asm/rc4-ia64.S for further details... */
-	d=(RC4_INT *)(((size_t)(d+255))&~(sizeof(key->data)-1));
-#endif
         key->x = 0;     
         key->y = 0;     
         id1=id2=0;     
diff --git a/crypto/rc4/rc4test.c b/crypto/rc4/rc4test.c
index 49afa5c1db..633a79e758 100644
--- a/crypto/rc4/rc4test.c
+++ b/crypto/rc4/rc4test.c
@@ -216,11 +216,11 @@ int main(int argc, char *argv[])
 		if (memcmp(md,expected,sizeof(md))) {
 			printf("error in RC4 bulk test\n");
 			printf("output:");
-			for (j=0; j<sizeof(md); j++)
+			for (j=0; j<(int)sizeof(md); j++)
 				printf(" %02x",md[j]);
 			printf("\n");
 			printf("expect:");
-			for (j=0; j<sizeof(md); j++)
+			for (j=0; j<(int)sizeof(md); j++)
 				printf(" %02x",expected[j]);
 			printf("\n");
 			err++;
diff --git a/crypto/rc5/.cvsignore b/crypto/rc5/.cvsignore
index c6d03a9dbc..439e6d3eb6 100644
--- a/crypto/rc5/.cvsignore
+++ b/crypto/rc5/.cvsignore
@@ -1,2 +1,4 @@
 lib
 Makefile.save
+*.flc
+semantic.cache
diff --git a/crypto/rc5/Makefile.ssl b/crypto/rc5/Makefile.ssl
deleted file mode 100644
index e5d2b2b462..0000000000
--- a/crypto/rc5/Makefile.ssl
+++ /dev/null
@@ -1,108 +0,0 @@
-#
-# SSLeay/crypto/rc5/Makefile
-#
-
-DIR=	rc5
-TOP=	../..
-CC=	cc
-CPP=	$(CC) -E
-INCLUDES=
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-RC5_ENC=		rc5_enc.o
-# or use
-#DES_ENC=	r586-elf.o
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-ASFLAGS= $(INCLUDES) $(ASFLAG)
-AFLAGS= $(ASFLAGS)
-
-GENERAL=Makefile
-TEST=rc5test.c
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=rc5_skey.c rc5_ecb.c rc5_enc.c rc5cfb64.c rc5ofb64.c 
-LIBOBJ=rc5_skey.o rc5_ecb.o $(RC5_ENC) rc5cfb64.o rc5ofb64.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= rc5.h
-HEADER=	rc5_locl.h $(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-# ELF
-r586-elf.s: asm/rc5-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
-	(cd asm; $(PERL) rc5-586.pl elf $(CFLAGS) > ../$@)
-# COFF
-r586-cof.s: asm/rc5-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
-	(cd asm; $(PERL) rc5-586.pl coff $(CFLAGS) > ../$@)
-# a.out
-r586-out.s: asm/rc5-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
-	(cd asm; $(PERL) rc5-586.pl a.out $(CFLAGS) > ../$@)
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@sh $(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-rc5_ecb.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-rc5_ecb.o: ../../include/openssl/rc5.h rc5_ecb.c rc5_locl.h
-rc5_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/rc5.h
-rc5_enc.o: rc5_enc.c rc5_locl.h
-rc5_skey.o: ../../include/openssl/opensslconf.h ../../include/openssl/rc5.h
-rc5_skey.o: rc5_locl.h rc5_skey.c
-rc5cfb64.o: ../../include/openssl/opensslconf.h ../../include/openssl/rc5.h
-rc5cfb64.o: rc5_locl.h rc5cfb64.c
-rc5ofb64.o: ../../include/openssl/opensslconf.h ../../include/openssl/rc5.h
-rc5ofb64.o: rc5_locl.h rc5ofb64.c
diff --git a/crypto/rc5/asm/.cvsignore b/crypto/rc5/asm/.cvsignore
index 855415c90e..e294b19f6e 100644
--- a/crypto/rc5/asm/.cvsignore
+++ b/crypto/rc5/asm/.cvsignore
@@ -1,2 +1,4 @@
 r586unix.cpp
 r586-elf.s
+*.flc
+semantic.cache
diff --git a/crypto/rc5/asm/rc5-586.pl b/crypto/rc5/asm/rc5-586.pl
index edff1d1e64..61ac6effc6 100644
--- a/crypto/rc5/asm/rc5-586.pl
+++ b/crypto/rc5/asm/rc5-586.pl
@@ -1,6 +1,7 @@
 #!/usr/local/bin/perl
 
-push(@INC,"perlasm","../../perlasm");
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+push(@INC,"${dir}","${dir}../../perlasm");
 require "x86asm.pl";
 require "cbc.pl";
 
diff --git a/crypto/ripemd/.cvsignore b/crypto/ripemd/.cvsignore
index c6d03a9dbc..4e5de4863b 100644
--- a/crypto/ripemd/.cvsignore
+++ b/crypto/ripemd/.cvsignore
@@ -1,2 +1,5 @@
 lib
 Makefile.save
+*.flc
+semantic.cache
+rmd-*.s
diff --git a/crypto/ripemd/Makefile.ssl b/crypto/ripemd/Makefile.ssl
deleted file mode 100644
index 051695cd19..0000000000
--- a/crypto/ripemd/Makefile.ssl
+++ /dev/null
@@ -1,104 +0,0 @@
-#
-# SSLeay/crypto/ripemd/Makefile
-#
-
-DIR=    ripemd
-TOP=    ../..
-CC=     cc
-CPP=    $(CC) -E
-INCLUDES=
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=           make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=       Makefile.ssl
-AR=             ar r
-
-RIP_ASM_OBJ=
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-ASFLAGS= $(INCLUDES) $(ASFLAG)
-AFLAGS= $(ASFLAGS)
-
-GENERAL=Makefile
-TEST=rmdtest.c
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=rmd_dgst.c rmd_one.c
-LIBOBJ=rmd_dgst.o rmd_one.o $(RMD160_ASM_OBJ)
-
-SRC= $(LIBSRC)
-
-EXHEADER= ripemd.h
-HEADER= rmd_locl.h rmdconst.h $(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:    lib
-
-lib:    $(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-# ELF
-rm86-elf.s: asm/rmd-586.pl ../perlasm/x86asm.pl
-	(cd asm; $(PERL) rmd-586.pl elf $(CFLAGS) > ../$@)
-# COFF
-rm86-cof.s: asm/rmd-586.pl ../perlasm/x86asm.pl
-	(cd asm; $(PERL) rmd-586.pl coff $(CFLAGS) > ../$@)
-# a.out
-rm86-out.s: asm/rmd-586.pl ../perlasm/x86asm.pl
-	(cd asm; $(PERL) rmd-586.pl a.out $(CFLAGS) > ../$@)
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@sh $(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-rmd_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
-rmd_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/ripemd.h
-rmd_dgst.o: ../md32_common.h rmd_dgst.c rmd_locl.h rmdconst.h
-rmd_one.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-rmd_one.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-rmd_one.o: ../../include/openssl/ossl_typ.h ../../include/openssl/ripemd.h
-rmd_one.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-rmd_one.o: ../../include/openssl/symhacks.h rmd_one.c
diff --git a/crypto/ripemd/README b/crypto/ripemd/README
index 7097707264..f1ffc8b134 100644
--- a/crypto/ripemd/README
+++ b/crypto/ripemd/README
@@ -4,7 +4,7 @@ http://www.esat.kuleuven.ac.be/~bosselae/ripemd160.html
 This is my implementation of RIPEMD-160.  The pentium assember is a little
 off the pace since I only get 1050 cycles, while the best is 1013.
 I have a few ideas for how to get another 20 or so cycles, but at
-this point I will not bother right now.  I belive the trick will be
+this point I will not bother right now.  I believe the trick will be
 to remove my 'copy X array onto stack' until inside the RIP1() finctions the
 first time round.  To do this I need another register and will only have one
 temporary one.  A bit tricky....  I can also cleanup the saving of the 5 words
diff --git a/crypto/ripemd/asm/.cvsignore b/crypto/ripemd/asm/.cvsignore
index e18b24f965..1c4890f54c 100644
--- a/crypto/ripemd/asm/.cvsignore
+++ b/crypto/ripemd/asm/.cvsignore
@@ -1,2 +1,4 @@
 rm86unix.cpp
 rm86-elf.s
+*.flc
+semantic.cache
diff --git a/crypto/ripemd/asm/rmd-586.pl b/crypto/ripemd/asm/rmd-586.pl
index 0ab6f76bff..e8b2bc2db2 100644
--- a/crypto/ripemd/asm/rmd-586.pl
+++ b/crypto/ripemd/asm/rmd-586.pl
@@ -1,11 +1,12 @@
 #!/usr/local/bin/perl
 
 # Normal is the
-# ripemd160_block_asm_host_order(RIPEMD160_CTX *c, ULONG *X,int blocks);
+# ripemd160_block_asm_data_order(RIPEMD160_CTX *c, ULONG *X,int blocks);
 
 $normal=0;
 
-push(@INC,"perlasm","../../perlasm");
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+push(@INC,"${dir}","${dir}../../perlasm");
 require "x86asm.pl";
 
 &asm_init($ARGV[0],$0);
@@ -56,7 +57,7 @@ $KR3=0x7A6D76E9;
 	 8, 5,12, 9,12, 5,14, 6, 8,13, 6, 5,15,13,11,11,
  	);
 
-&ripemd160_block("ripemd160_block_asm_host_order");
+&ripemd160_block("ripemd160_block_asm_data_order");
 &asm_finish();
 
 sub Xv
diff --git a/crypto/ripemd/ripemd.h b/crypto/ripemd/ripemd.h
index 06bd67183b..5942eb6180 100644
--- a/crypto/ripemd/ripemd.h
+++ b/crypto/ripemd/ripemd.h
@@ -60,6 +60,7 @@
 #define HEADER_RIPEMD_H
 
 #include <openssl/e_os2.h>
+#include <stddef.h>
 
 #ifdef  __cplusplus
 extern "C" {
@@ -69,7 +70,7 @@ extern "C" {
 #error RIPEMD is disabled.
 #endif
 
-#if defined(OPENSSL_SYS_WIN16) || defined(__LP32__)
+#if defined(__LP32__)
 #define RIPEMD160_LONG unsigned long
 #elif defined(OPENSSL_SYS_CRAY) || defined(__ILP64__)
 #define RIPEMD160_LONG unsigned long
diff --git a/crypto/ripemd/rmd_dgst.c b/crypto/ripemd/rmd_dgst.c
index 03a286dfcc..59b017f8c0 100644
--- a/crypto/ripemd/rmd_dgst.c
+++ b/crypto/ripemd/rmd_dgst.c
@@ -60,7 +60,7 @@
 #include "rmd_locl.h"
 #include <openssl/opensslv.h>
 
-const char *RMD160_version="RIPE-MD160" OPENSSL_VERSION_PTEXT;
+const char RMD160_version[]="RIPE-MD160" OPENSSL_VERSION_PTEXT;
 
 #  ifdef RMD160_ASM
      void ripemd160_block_x86(RIPEMD160_CTX *c, unsigned long *p,size_t num);
@@ -71,218 +71,15 @@ const char *RMD160_version="RIPE-MD160" OPENSSL_VERSION_PTEXT;
 
 int RIPEMD160_Init(RIPEMD160_CTX *c)
 	{
+	memset (c,0,sizeof(*c));
 	c->A=RIPEMD160_A;
 	c->B=RIPEMD160_B;
 	c->C=RIPEMD160_C;
 	c->D=RIPEMD160_D;
 	c->E=RIPEMD160_E;
-	c->Nl=0;
-	c->Nh=0;
-	c->num=0;
 	return 1;
 	}
 
-#ifndef ripemd160_block_host_order
-#ifdef X
-#undef X
-#endif
-#define X(i)	XX[i]
-void ripemd160_block_host_order (RIPEMD160_CTX *ctx, const void *p, size_t num)
-	{
-	const RIPEMD160_LONG *XX=p;
-	register unsigned MD32_REG_T A,B,C,D,E;
-	register unsigned MD32_REG_T a,b,c,d,e;
-
-	for (;num--;XX+=HASH_LBLOCK)
-		{
-
-	A=ctx->A; B=ctx->B; C=ctx->C; D=ctx->D; E=ctx->E;
-
-	RIP1(A,B,C,D,E,WL00,SL00);
-	RIP1(E,A,B,C,D,WL01,SL01);
-	RIP1(D,E,A,B,C,WL02,SL02);
-	RIP1(C,D,E,A,B,WL03,SL03);
-	RIP1(B,C,D,E,A,WL04,SL04);
-	RIP1(A,B,C,D,E,WL05,SL05);
-	RIP1(E,A,B,C,D,WL06,SL06);
-	RIP1(D,E,A,B,C,WL07,SL07);
-	RIP1(C,D,E,A,B,WL08,SL08);
-	RIP1(B,C,D,E,A,WL09,SL09);
-	RIP1(A,B,C,D,E,WL10,SL10);
-	RIP1(E,A,B,C,D,WL11,SL11);
-	RIP1(D,E,A,B,C,WL12,SL12);
-	RIP1(C,D,E,A,B,WL13,SL13);
-	RIP1(B,C,D,E,A,WL14,SL14);
-	RIP1(A,B,C,D,E,WL15,SL15);
-
-	RIP2(E,A,B,C,D,WL16,SL16,KL1);
-	RIP2(D,E,A,B,C,WL17,SL17,KL1);
-	RIP2(C,D,E,A,B,WL18,SL18,KL1);
-	RIP2(B,C,D,E,A,WL19,SL19,KL1);
-	RIP2(A,B,C,D,E,WL20,SL20,KL1);
-	RIP2(E,A,B,C,D,WL21,SL21,KL1);
-	RIP2(D,E,A,B,C,WL22,SL22,KL1);
-	RIP2(C,D,E,A,B,WL23,SL23,KL1);
-	RIP2(B,C,D,E,A,WL24,SL24,KL1);
-	RIP2(A,B,C,D,E,WL25,SL25,KL1);
-	RIP2(E,A,B,C,D,WL26,SL26,KL1);
-	RIP2(D,E,A,B,C,WL27,SL27,KL1);
-	RIP2(C,D,E,A,B,WL28,SL28,KL1);
-	RIP2(B,C,D,E,A,WL29,SL29,KL1);
-	RIP2(A,B,C,D,E,WL30,SL30,KL1);
-	RIP2(E,A,B,C,D,WL31,SL31,KL1);
-
-	RIP3(D,E,A,B,C,WL32,SL32,KL2);
-	RIP3(C,D,E,A,B,WL33,SL33,KL2);
-	RIP3(B,C,D,E,A,WL34,SL34,KL2);
-	RIP3(A,B,C,D,E,WL35,SL35,KL2);
-	RIP3(E,A,B,C,D,WL36,SL36,KL2);
-	RIP3(D,E,A,B,C,WL37,SL37,KL2);
-	RIP3(C,D,E,A,B,WL38,SL38,KL2);
-	RIP3(B,C,D,E,A,WL39,SL39,KL2);
-	RIP3(A,B,C,D,E,WL40,SL40,KL2);
-	RIP3(E,A,B,C,D,WL41,SL41,KL2);
-	RIP3(D,E,A,B,C,WL42,SL42,KL2);
-	RIP3(C,D,E,A,B,WL43,SL43,KL2);
-	RIP3(B,C,D,E,A,WL44,SL44,KL2);
-	RIP3(A,B,C,D,E,WL45,SL45,KL2);
-	RIP3(E,A,B,C,D,WL46,SL46,KL2);
-	RIP3(D,E,A,B,C,WL47,SL47,KL2);
-
-	RIP4(C,D,E,A,B,WL48,SL48,KL3);
-	RIP4(B,C,D,E,A,WL49,SL49,KL3);
-	RIP4(A,B,C,D,E,WL50,SL50,KL3);
-	RIP4(E,A,B,C,D,WL51,SL51,KL3);
-	RIP4(D,E,A,B,C,WL52,SL52,KL3);
-	RIP4(C,D,E,A,B,WL53,SL53,KL3);
-	RIP4(B,C,D,E,A,WL54,SL54,KL3);
-	RIP4(A,B,C,D,E,WL55,SL55,KL3);
-	RIP4(E,A,B,C,D,WL56,SL56,KL3);
-	RIP4(D,E,A,B,C,WL57,SL57,KL3);
-	RIP4(C,D,E,A,B,WL58,SL58,KL3);
-	RIP4(B,C,D,E,A,WL59,SL59,KL3);
-	RIP4(A,B,C,D,E,WL60,SL60,KL3);
-	RIP4(E,A,B,C,D,WL61,SL61,KL3);
-	RIP4(D,E,A,B,C,WL62,SL62,KL3);
-	RIP4(C,D,E,A,B,WL63,SL63,KL3);
-
-	RIP5(B,C,D,E,A,WL64,SL64,KL4);
-	RIP5(A,B,C,D,E,WL65,SL65,KL4);
-	RIP5(E,A,B,C,D,WL66,SL66,KL4);
-	RIP5(D,E,A,B,C,WL67,SL67,KL4);
-	RIP5(C,D,E,A,B,WL68,SL68,KL4);
-	RIP5(B,C,D,E,A,WL69,SL69,KL4);
-	RIP5(A,B,C,D,E,WL70,SL70,KL4);
-	RIP5(E,A,B,C,D,WL71,SL71,KL4);
-	RIP5(D,E,A,B,C,WL72,SL72,KL4);
-	RIP5(C,D,E,A,B,WL73,SL73,KL4);
-	RIP5(B,C,D,E,A,WL74,SL74,KL4);
-	RIP5(A,B,C,D,E,WL75,SL75,KL4);
-	RIP5(E,A,B,C,D,WL76,SL76,KL4);
-	RIP5(D,E,A,B,C,WL77,SL77,KL4);
-	RIP5(C,D,E,A,B,WL78,SL78,KL4);
-	RIP5(B,C,D,E,A,WL79,SL79,KL4);
-
-	a=A; b=B; c=C; d=D; e=E;
-	/* Do other half */
-	A=ctx->A; B=ctx->B; C=ctx->C; D=ctx->D; E=ctx->E;
-
-	RIP5(A,B,C,D,E,WR00,SR00,KR0);
-	RIP5(E,A,B,C,D,WR01,SR01,KR0);
-	RIP5(D,E,A,B,C,WR02,SR02,KR0);
-	RIP5(C,D,E,A,B,WR03,SR03,KR0);
-	RIP5(B,C,D,E,A,WR04,SR04,KR0);
-	RIP5(A,B,C,D,E,WR05,SR05,KR0);
-	RIP5(E,A,B,C,D,WR06,SR06,KR0);
-	RIP5(D,E,A,B,C,WR07,SR07,KR0);
-	RIP5(C,D,E,A,B,WR08,SR08,KR0);
-	RIP5(B,C,D,E,A,WR09,SR09,KR0);
-	RIP5(A,B,C,D,E,WR10,SR10,KR0);
-	RIP5(E,A,B,C,D,WR11,SR11,KR0);
-	RIP5(D,E,A,B,C,WR12,SR12,KR0);
-	RIP5(C,D,E,A,B,WR13,SR13,KR0);
-	RIP5(B,C,D,E,A,WR14,SR14,KR0);
-	RIP5(A,B,C,D,E,WR15,SR15,KR0);
-
-	RIP4(E,A,B,C,D,WR16,SR16,KR1);
-	RIP4(D,E,A,B,C,WR17,SR17,KR1);
-	RIP4(C,D,E,A,B,WR18,SR18,KR1);
-	RIP4(B,C,D,E,A,WR19,SR19,KR1);
-	RIP4(A,B,C,D,E,WR20,SR20,KR1);
-	RIP4(E,A,B,C,D,WR21,SR21,KR1);
-	RIP4(D,E,A,B,C,WR22,SR22,KR1);
-	RIP4(C,D,E,A,B,WR23,SR23,KR1);
-	RIP4(B,C,D,E,A,WR24,SR24,KR1);
-	RIP4(A,B,C,D,E,WR25,SR25,KR1);
-	RIP4(E,A,B,C,D,WR26,SR26,KR1);
-	RIP4(D,E,A,B,C,WR27,SR27,KR1);
-	RIP4(C,D,E,A,B,WR28,SR28,KR1);
-	RIP4(B,C,D,E,A,WR29,SR29,KR1);
-	RIP4(A,B,C,D,E,WR30,SR30,KR1);
-	RIP4(E,A,B,C,D,WR31,SR31,KR1);
-
-	RIP3(D,E,A,B,C,WR32,SR32,KR2);
-	RIP3(C,D,E,A,B,WR33,SR33,KR2);
-	RIP3(B,C,D,E,A,WR34,SR34,KR2);
-	RIP3(A,B,C,D,E,WR35,SR35,KR2);
-	RIP3(E,A,B,C,D,WR36,SR36,KR2);
-	RIP3(D,E,A,B,C,WR37,SR37,KR2);
-	RIP3(C,D,E,A,B,WR38,SR38,KR2);
-	RIP3(B,C,D,E,A,WR39,SR39,KR2);
-	RIP3(A,B,C,D,E,WR40,SR40,KR2);
-	RIP3(E,A,B,C,D,WR41,SR41,KR2);
-	RIP3(D,E,A,B,C,WR42,SR42,KR2);
-	RIP3(C,D,E,A,B,WR43,SR43,KR2);
-	RIP3(B,C,D,E,A,WR44,SR44,KR2);
-	RIP3(A,B,C,D,E,WR45,SR45,KR2);
-	RIP3(E,A,B,C,D,WR46,SR46,KR2);
-	RIP3(D,E,A,B,C,WR47,SR47,KR2);
-
-	RIP2(C,D,E,A,B,WR48,SR48,KR3);
-	RIP2(B,C,D,E,A,WR49,SR49,KR3);
-	RIP2(A,B,C,D,E,WR50,SR50,KR3);
-	RIP2(E,A,B,C,D,WR51,SR51,KR3);
-	RIP2(D,E,A,B,C,WR52,SR52,KR3);
-	RIP2(C,D,E,A,B,WR53,SR53,KR3);
-	RIP2(B,C,D,E,A,WR54,SR54,KR3);
-	RIP2(A,B,C,D,E,WR55,SR55,KR3);
-	RIP2(E,A,B,C,D,WR56,SR56,KR3);
-	RIP2(D,E,A,B,C,WR57,SR57,KR3);
-	RIP2(C,D,E,A,B,WR58,SR58,KR3);
-	RIP2(B,C,D,E,A,WR59,SR59,KR3);
-	RIP2(A,B,C,D,E,WR60,SR60,KR3);
-	RIP2(E,A,B,C,D,WR61,SR61,KR3);
-	RIP2(D,E,A,B,C,WR62,SR62,KR3);
-	RIP2(C,D,E,A,B,WR63,SR63,KR3);
-
-	RIP1(B,C,D,E,A,WR64,SR64);
-	RIP1(A,B,C,D,E,WR65,SR65);
-	RIP1(E,A,B,C,D,WR66,SR66);
-	RIP1(D,E,A,B,C,WR67,SR67);
-	RIP1(C,D,E,A,B,WR68,SR68);
-	RIP1(B,C,D,E,A,WR69,SR69);
-	RIP1(A,B,C,D,E,WR70,SR70);
-	RIP1(E,A,B,C,D,WR71,SR71);
-	RIP1(D,E,A,B,C,WR72,SR72);
-	RIP1(C,D,E,A,B,WR73,SR73);
-	RIP1(B,C,D,E,A,WR74,SR74);
-	RIP1(A,B,C,D,E,WR75,SR75);
-	RIP1(E,A,B,C,D,WR76,SR76);
-	RIP1(D,E,A,B,C,WR77,SR77);
-	RIP1(C,D,E,A,B,WR78,SR78);
-	RIP1(B,C,D,E,A,WR79,SR79);
-
-	D     =ctx->B+c+D;
-	ctx->B=ctx->C+d+E;
-	ctx->C=ctx->D+e+A;
-	ctx->D=ctx->E+a+B;
-	ctx->E=ctx->A+b+C;
-	ctx->A=D;
-
-		}
-	}
-#endif
-
 #ifndef ripemd160_block_data_order
 #ifdef X
 #undef X
diff --git a/crypto/ripemd/rmd_locl.h b/crypto/ripemd/rmd_locl.h
index 8eb0d288d6..f14b346e66 100644
--- a/crypto/ripemd/rmd_locl.h
+++ b/crypto/ripemd/rmd_locl.h
@@ -72,28 +72,20 @@
  */
 #ifdef RMD160_ASM
 # if defined(__i386) || defined(__i386__) || defined(_M_IX86) || defined(__INTEL__)
-#  define ripemd160_block_host_order ripemd160_block_asm_host_order
+#  define ripemd160_block_data_order ripemd160_block_asm_data_order
 # endif
 #endif
 
-void ripemd160_block_host_order (RIPEMD160_CTX *c, const void *p,size_t num);
 void ripemd160_block_data_order (RIPEMD160_CTX *c, const void *p,size_t num);
 
-#if defined(__i386) || defined(__i386__) || defined(_M_IX86) || defined(__INTEL__)
-#define ripemd160_block_data_order ripemd160_block_host_order
-#endif
-
 #define DATA_ORDER_IS_LITTLE_ENDIAN
 
 #define HASH_LONG               RIPEMD160_LONG
-#define HASH_LONG_LOG2          RIPEMD160_LONG_LOG2
 #define HASH_CTX                RIPEMD160_CTX
 #define HASH_CBLOCK             RIPEMD160_CBLOCK
-#define HASH_LBLOCK             RIPEMD160_LBLOCK
 #define HASH_UPDATE             RIPEMD160_Update
 #define HASH_TRANSFORM          RIPEMD160_Transform
 #define HASH_FINAL              RIPEMD160_Final
-#define HASH_BLOCK_HOST_ORDER   ripemd160_block_host_order
 #define	HASH_MAKE_STRING(c,s)	do {	\
 	unsigned long ll;		\
 	ll=(c)->A; HOST_l2c(ll,(s));	\
@@ -102,9 +94,7 @@ void ripemd160_block_data_order (RIPEMD160_CTX *c, const void *p,size_t num);
 	ll=(c)->D; HOST_l2c(ll,(s));	\
 	ll=(c)->E; HOST_l2c(ll,(s));	\
 	} while (0)
-#if !defined(L_ENDIAN) || defined(ripemd160_block_data_order)
 #define HASH_BLOCK_DATA_ORDER   ripemd160_block_data_order
-#endif
 
 #include "md32_common.h"
 
diff --git a/crypto/ripemd/rmd_one.c b/crypto/ripemd/rmd_one.c
index bfc4d83fe0..3efb13758f 100644
--- a/crypto/ripemd/rmd_one.c
+++ b/crypto/ripemd/rmd_one.c
@@ -68,7 +68,8 @@ unsigned char *RIPEMD160(const unsigned char *d, size_t n,
 	static unsigned char m[RIPEMD160_DIGEST_LENGTH];
 
 	if (md == NULL) md=m;
-	RIPEMD160_Init(&c);
+	if (!RIPEMD160_Init(&c))
+		return NULL;
 	RIPEMD160_Update(&c,d,n);
 	RIPEMD160_Final(md,&c);
 	OPENSSL_cleanse(&c,sizeof(c)); /* security consideration */
diff --git a/crypto/ripemd/rmdtest.c b/crypto/ripemd/rmdtest.c
index cbfdf2ae6f..fb34e0e836 100644
--- a/crypto/ripemd/rmdtest.c
+++ b/crypto/ripemd/rmdtest.c
@@ -103,12 +103,12 @@ static char *pt(unsigned char *md);
 int main(int argc, char *argv[])
 	{
 	int i,err=0;
-	unsigned char **P,**R;
+	char **P,**R;
 	char *p;
 	unsigned char md[RIPEMD160_DIGEST_LENGTH];
 
-	P=(unsigned char **)test;
-	R=(unsigned char **)ret;
+	P=test;
+	R=ret;
 	i=1;
 	while (*P != NULL)
 		{
diff --git a/crypto/rsa/.cvsignore b/crypto/rsa/.cvsignore
index c6d03a9dbc..439e6d3eb6 100644
--- a/crypto/rsa/.cvsignore
+++ b/crypto/rsa/.cvsignore
@@ -1,2 +1,4 @@
 lib
 Makefile.save
+*.flc
+semantic.cache
diff --git a/crypto/rsa/Makefile.ssl b/crypto/rsa/Makefile.ssl
deleted file mode 100644
index 3619331644..0000000000
--- a/crypto/rsa/Makefile.ssl
+++ /dev/null
@@ -1,223 +0,0 @@
-#
-# SSLeay/crypto/rsa/Makefile
-#
-
-DIR=	rsa
-TOP=	../..
-CC=	cc
-INCLUDES= -I.. -I$(TOP) -I../../include
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-TEST=rsa_test.c
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC= rsa_eay.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_saos.c rsa_err.c \
-	rsa_pk1.c rsa_ssl.c rsa_none.c rsa_oaep.c rsa_chk.c rsa_null.c \
-	rsa_asn1.c rsa_depr.c
-LIBOBJ= rsa_eay.o rsa_gen.o rsa_lib.o rsa_sign.o rsa_saos.o rsa_err.o \
-	rsa_pk1.o rsa_ssl.o rsa_none.o rsa_oaep.o rsa_chk.o rsa_null.o \
-	rsa_asn1.o rsa_depr.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= rsa.h
-HEADER=	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@sh $(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-rsa_asn1.o: ../../e_os.h ../../include/openssl/asn1.h
-rsa_asn1.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
-rsa_asn1.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-rsa_asn1.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-rsa_asn1.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-rsa_asn1.o: ../../include/openssl/opensslconf.h
-rsa_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-rsa_asn1.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-rsa_asn1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-rsa_asn1.o: ../cryptlib.h rsa_asn1.c
-rsa_chk.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-rsa_chk.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
-rsa_chk.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-rsa_chk.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-rsa_chk.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-rsa_chk.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-rsa_chk.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-rsa_chk.o: rsa_chk.c
-rsa_depr.o: ../../e_os.h ../../include/openssl/asn1.h
-rsa_depr.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-rsa_depr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-rsa_depr.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-rsa_depr.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-rsa_depr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-rsa_depr.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-rsa_depr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-rsa_depr.o: ../cryptlib.h rsa_depr.c
-rsa_eay.o: ../../e_os.h ../../include/openssl/asn1.h
-rsa_eay.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-rsa_eay.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-rsa_eay.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-rsa_eay.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-rsa_eay.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-rsa_eay.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
-rsa_eay.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-rsa_eay.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_eay.c
-rsa_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-rsa_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-rsa_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-rsa_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-rsa_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rsa.h
-rsa_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-rsa_err.o: ../../include/openssl/symhacks.h rsa_err.c
-rsa_gen.o: ../../e_os.h ../../include/openssl/asn1.h
-rsa_gen.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-rsa_gen.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-rsa_gen.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-rsa_gen.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-rsa_gen.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-rsa_gen.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-rsa_gen.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-rsa_gen.o: ../cryptlib.h rsa_gen.c
-rsa_lib.o: ../../e_os.h ../../include/openssl/asn1.h
-rsa_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-rsa_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-rsa_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
-rsa_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-rsa_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-rsa_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
-rsa_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-rsa_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-rsa_lib.o: ../cryptlib.h rsa_lib.c
-rsa_none.o: ../../e_os.h ../../include/openssl/asn1.h
-rsa_none.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-rsa_none.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-rsa_none.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-rsa_none.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-rsa_none.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-rsa_none.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
-rsa_none.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-rsa_none.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_none.c
-rsa_null.o: ../../e_os.h ../../include/openssl/asn1.h
-rsa_null.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-rsa_null.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-rsa_null.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-rsa_null.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-rsa_null.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-rsa_null.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
-rsa_null.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-rsa_null.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_null.c
-rsa_oaep.o: ../../e_os.h ../../include/openssl/asn1.h
-rsa_oaep.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-rsa_oaep.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-rsa_oaep.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-rsa_oaep.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-rsa_oaep.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-rsa_oaep.o: ../../include/openssl/opensslconf.h
-rsa_oaep.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-rsa_oaep.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
-rsa_oaep.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-rsa_oaep.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-rsa_oaep.o: ../cryptlib.h rsa_oaep.c
-rsa_pk1.o: ../../e_os.h ../../include/openssl/asn1.h
-rsa_pk1.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-rsa_pk1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-rsa_pk1.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-rsa_pk1.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-rsa_pk1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-rsa_pk1.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
-rsa_pk1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-rsa_pk1.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_pk1.c
-rsa_saos.o: ../../e_os.h ../../include/openssl/asn1.h
-rsa_saos.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-rsa_saos.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-rsa_saos.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-rsa_saos.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-rsa_saos.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-rsa_saos.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-rsa_saos.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-rsa_saos.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-rsa_saos.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
-rsa_saos.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-rsa_saos.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-rsa_saos.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-rsa_saos.o: ../cryptlib.h rsa_saos.c
-rsa_sign.o: ../../e_os.h ../../include/openssl/asn1.h
-rsa_sign.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-rsa_sign.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-rsa_sign.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-rsa_sign.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-rsa_sign.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-rsa_sign.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-rsa_sign.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-rsa_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-rsa_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
-rsa_sign.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-rsa_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-rsa_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-rsa_sign.o: ../cryptlib.h rsa_sign.c
-rsa_ssl.o: ../../e_os.h ../../include/openssl/asn1.h
-rsa_ssl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-rsa_ssl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-rsa_ssl.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-rsa_ssl.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-rsa_ssl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-rsa_ssl.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
-rsa_ssl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-rsa_ssl.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_ssl.c
diff --git a/crypto/rsa/rsa.h b/crypto/rsa/rsa.h
index 00a7873f92..cf74343657 100644
--- a/crypto/rsa/rsa.h
+++ b/crypto/rsa/rsa.h
@@ -117,7 +117,8 @@ struct rsa_meth_st
 		unsigned char *sigret, unsigned int *siglen, const RSA *rsa);
 	int (*rsa_verify)(int dtype,
 		const unsigned char *m, unsigned int m_length,
-		unsigned char *sigbuf, unsigned int siglen, const RSA *rsa);
+		const unsigned char *sigbuf, unsigned int siglen,
+								const RSA *rsa);
 /* If this callback is NULL, the builtin software RSA key-gen will be used. This
  * is for behavioural compatibility whilst the code gets rewired, but one day
  * it would be nice to assume there are no such things as "builtin software"
@@ -156,38 +157,98 @@ struct rsa_st
 	 * NULL */
 	char *bignum_data;
 	BN_BLINDING *blinding;
+	BN_BLINDING *mt_blinding;
 	};
 
+#ifndef OPENSSL_RSA_MAX_MODULUS_BITS
+# define OPENSSL_RSA_MAX_MODULUS_BITS	16384
+#endif
+
+#ifndef OPENSSL_RSA_SMALL_MODULUS_BITS
+# define OPENSSL_RSA_SMALL_MODULUS_BITS	3072
+#endif
+#ifndef OPENSSL_RSA_MAX_PUBEXP_BITS
+# define OPENSSL_RSA_MAX_PUBEXP_BITS	64 /* exponent limit enforced for "large" modulus only */
+#endif
+
 #define RSA_3	0x3L
 #define RSA_F4	0x10001L
 
-#define RSA_METHOD_FLAG_NO_CHECK	0x01 /* don't check pub/private match */
+#define RSA_METHOD_FLAG_NO_CHECK	0x0001 /* don't check pub/private match */
 
-#define RSA_FLAG_CACHE_PUBLIC		0x02
-#define RSA_FLAG_CACHE_PRIVATE		0x04
-#define RSA_FLAG_BLINDING		0x08
-#define RSA_FLAG_THREAD_SAFE		0x10
+#define RSA_FLAG_CACHE_PUBLIC		0x0002
+#define RSA_FLAG_CACHE_PRIVATE		0x0004
+#define RSA_FLAG_BLINDING		0x0008
+#define RSA_FLAG_THREAD_SAFE		0x0010
 /* This flag means the private key operations will be handled by rsa_mod_exp
  * and that they do not depend on the private key components being present:
  * for example a key stored in external hardware. Without this flag bn_mod_exp
  * gets called when private key components are absent.
  */
-#define RSA_FLAG_EXT_PKEY		0x20
+#define RSA_FLAG_EXT_PKEY		0x0020
 
 /* This flag in the RSA_METHOD enables the new rsa_sign, rsa_verify functions.
  */
-#define RSA_FLAG_SIGN_VER		0x40
+#define RSA_FLAG_SIGN_VER		0x0040
+
+#define RSA_FLAG_NO_BLINDING		0x0080 /* new with 0.9.6j and 0.9.7b; the built-in
+                                                * RSA implementation now uses blinding by
+                                                * default (ignoring RSA_FLAG_BLINDING),
+                                                * but other engines might not need it
+                                                */
+#define RSA_FLAG_NO_CONSTTIME		0x0100 /* new with 0.9.8f; the built-in RSA
+						* implementation now uses constant time
+						* operations by default in private key operations,
+						* e.g., constant time modular exponentiation, 
+                                                * modular inverse without leaking branches, 
+                                                * division without leaking branches. This 
+                                                * flag disables these constant time 
+                                                * operations and results in faster RSA 
+                                                * private key operations.
+                                                */ 
+#ifndef OPENSSL_NO_DEPRECATED
+#define RSA_FLAG_NO_EXP_CONSTTIME RSA_FLAG_NO_CONSTTIME /* deprecated name for the flag*/
+                                                /* new with 0.9.7h; the built-in RSA
+                                                * implementation now uses constant time
+                                                * modular exponentiation for secret exponents
+                                                * by default. This flag causes the
+                                                * faster variable sliding window method to
+                                                * be used for all exponents.
+                                                */
+#endif
+
+
+#define EVP_PKEY_CTX_set_rsa_padding(ctx, pad) \
+	EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, -1, EVP_PKEY_CTRL_RSA_PADDING, \
+				pad, NULL)
+
+#define EVP_PKEY_CTX_set_rsa_pss_saltlen(ctx, len) \
+	EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, \
+				(EVP_PKEY_OP_SIGN|EVP_PKEY_OP_VERIFY), \
+				EVP_PKEY_CTRL_RSA_PSS_SALTLEN, \
+				len, NULL)
 
-#define RSA_FLAG_NO_BLINDING		0x80 /* new with 0.9.6j and 0.9.7b; the built-in
-                                              * RSA implementation now uses blinding by
-                                              * default (ignoring RSA_FLAG_BLINDING),
-                                              * but other engines might not need it
-                                              */
+#define EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, bits) \
+	EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_KEYGEN, \
+				EVP_PKEY_CTRL_RSA_KEYGEN_BITS, bits, NULL)
+
+#define EVP_PKEY_CTX_set_rsa_keygen_pubexp(ctx, pubexp) \
+	EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_KEYGEN, \
+				EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP, 0, pubexp)
+
+#define EVP_PKEY_CTRL_RSA_PADDING	(EVP_PKEY_ALG_CTRL + 1)
+#define EVP_PKEY_CTRL_RSA_PSS_SALTLEN	(EVP_PKEY_ALG_CTRL + 2)
+
+#define EVP_PKEY_CTRL_RSA_KEYGEN_BITS	(EVP_PKEY_ALG_CTRL + 3)
+#define EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP	(EVP_PKEY_ALG_CTRL + 4)
 
 #define RSA_PKCS1_PADDING	1
 #define RSA_SSLV23_PADDING	2
 #define RSA_NO_PADDING		3
 #define RSA_PKCS1_OAEP_PADDING	4
+#define RSA_X931_PADDING	5
+/* EVP_PKEY_ only */
+#define RSA_PKCS1_PSS_PADDING	6
 
 #define RSA_PKCS1_PADDING_SIZE	11
 
@@ -247,18 +308,28 @@ int	RSA_print_fp(FILE *fp, const RSA *r,int offset);
 int	RSA_print(BIO *bp, const RSA *r,int offset);
 #endif
 
-int i2d_RSA_NET(const RSA *a, unsigned char **pp, int (*cb)(), int sgckey);
-RSA *d2i_RSA_NET(RSA **a, const unsigned char **pp, long length, int (*cb)(), int sgckey);
-
-int i2d_Netscape_RSA(const RSA *a, unsigned char **pp, int (*cb)());
-RSA *d2i_Netscape_RSA(RSA **a, const unsigned char **pp, long length, int (*cb)());
+#ifndef OPENSSL_NO_RC4
+int i2d_RSA_NET(const RSA *a, unsigned char **pp,
+		int (*cb)(char *buf, int len, const char *prompt, int verify),
+		int sgckey);
+RSA *d2i_RSA_NET(RSA **a, const unsigned char **pp, long length,
+		 int (*cb)(char *buf, int len, const char *prompt, int verify),
+		 int sgckey);
+
+int i2d_Netscape_RSA(const RSA *a, unsigned char **pp,
+		     int (*cb)(char *buf, int len, const char *prompt,
+			       int verify));
+RSA *d2i_Netscape_RSA(RSA **a, const unsigned char **pp, long length,
+		      int (*cb)(char *buf, int len, const char *prompt,
+				int verify));
+#endif
 
 /* The following 2 functions sign and verify a X509_SIG ASN1 object
  * inside PKCS#1 padded RSA encryption */
 int RSA_sign(int type, const unsigned char *m, unsigned int m_length,
 	unsigned char *sigret, unsigned int *siglen, RSA *rsa);
 int RSA_verify(int type, const unsigned char *m, unsigned int m_length,
-	unsigned char *sigbuf, unsigned int siglen, RSA *rsa);
+	const unsigned char *sigbuf, unsigned int siglen, RSA *rsa);
 
 /* The following 2 function sign and verify a ASN1_OCTET_STRING
  * object inside PKCS#1 padded RSA encryption */
@@ -271,6 +342,7 @@ int RSA_verify_ASN1_OCTET_STRING(int type,
 
 int RSA_blinding_on(RSA *rsa, BN_CTX *ctx);
 void RSA_blinding_off(RSA *rsa);
+BN_BLINDING *RSA_setup_blinding(RSA *rsa, BN_CTX *ctx);
 
 int RSA_padding_add_PKCS1_type_1(unsigned char *to,int tlen,
 	const unsigned char *f,int fl);
@@ -280,6 +352,8 @@ int RSA_padding_add_PKCS1_type_2(unsigned char *to,int tlen,
 	const unsigned char *f,int fl);
 int RSA_padding_check_PKCS1_type_2(unsigned char *to,int tlen,
 	const unsigned char *f,int fl,int rsa_len);
+int PKCS1_MGF1(unsigned char *mask, long len,
+	const unsigned char *seed, long seedlen, const EVP_MD *dgst);
 int RSA_padding_add_PKCS1_OAEP(unsigned char *to,int tlen,
 	const unsigned char *f,int fl,
 	const unsigned char *p,int pl);
@@ -294,6 +368,17 @@ int RSA_padding_add_none(unsigned char *to,int tlen,
 	const unsigned char *f,int fl);
 int RSA_padding_check_none(unsigned char *to,int tlen,
 	const unsigned char *f,int fl,int rsa_len);
+int RSA_padding_add_X931(unsigned char *to,int tlen,
+	const unsigned char *f,int fl);
+int RSA_padding_check_X931(unsigned char *to,int tlen,
+	const unsigned char *f,int fl,int rsa_len);
+int RSA_X931_hash_id(int nid);
+
+int RSA_verify_PKCS1_PSS(RSA *rsa, const unsigned char *mHash,
+			const EVP_MD *Hash, const unsigned char *EM, int sLen);
+int RSA_padding_add_PKCS1_PSS(RSA *rsa, unsigned char *EM,
+			const unsigned char *mHash,
+			const EVP_MD *Hash, int sLen);
 
 int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
 	CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
@@ -312,31 +397,54 @@ void ERR_load_RSA_strings(void);
 /* Error codes for the RSA functions. */
 
 /* Function codes. */
+#define RSA_F_CHECK_PADDING_MD				 140
+#define RSA_F_DO_RSA_PRINT				 146
+#define RSA_F_INT_RSA_VERIFY				 145
 #define RSA_F_MEMORY_LOCK				 100
+#define RSA_F_OLD_RSA_PRIV_DECODE			 147
+#define RSA_F_PKEY_RSA_CTRL				 143
+#define RSA_F_PKEY_RSA_CTRL_STR				 144
+#define RSA_F_PKEY_RSA_SIGN				 142
+#define RSA_F_PKEY_RSA_VERIFYRECOVER			 141
+#define RSA_F_RSA_BUILTIN_KEYGEN			 129
 #define RSA_F_RSA_CHECK_KEY				 123
 #define RSA_F_RSA_EAY_PRIVATE_DECRYPT			 101
 #define RSA_F_RSA_EAY_PRIVATE_ENCRYPT			 102
 #define RSA_F_RSA_EAY_PUBLIC_DECRYPT			 103
 #define RSA_F_RSA_EAY_PUBLIC_ENCRYPT			 104
 #define RSA_F_RSA_GENERATE_KEY				 105
+#define RSA_F_RSA_MEMORY_LOCK				 130
 #define RSA_F_RSA_NEW_METHOD				 106
 #define RSA_F_RSA_NULL					 124
+#define RSA_F_RSA_NULL_MOD_EXP				 131
+#define RSA_F_RSA_NULL_PRIVATE_DECRYPT			 132
+#define RSA_F_RSA_NULL_PRIVATE_ENCRYPT			 133
+#define RSA_F_RSA_NULL_PUBLIC_DECRYPT			 134
+#define RSA_F_RSA_NULL_PUBLIC_ENCRYPT			 135
 #define RSA_F_RSA_PADDING_ADD_NONE			 107
 #define RSA_F_RSA_PADDING_ADD_PKCS1_OAEP		 121
+#define RSA_F_RSA_PADDING_ADD_PKCS1_PSS			 125
 #define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1		 108
 #define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2		 109
 #define RSA_F_RSA_PADDING_ADD_SSLV23			 110
+#define RSA_F_RSA_PADDING_ADD_X931			 127
 #define RSA_F_RSA_PADDING_CHECK_NONE			 111
 #define RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP		 122
 #define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1		 112
 #define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2		 113
 #define RSA_F_RSA_PADDING_CHECK_SSLV23			 114
+#define RSA_F_RSA_PADDING_CHECK_X931			 128
 #define RSA_F_RSA_PRINT					 115
 #define RSA_F_RSA_PRINT_FP				 116
+#define RSA_F_RSA_PRIV_DECODE				 137
+#define RSA_F_RSA_PRIV_ENCODE				 138
+#define RSA_F_RSA_PUB_DECODE				 139
+#define RSA_F_RSA_SETUP_BLINDING			 136
 #define RSA_F_RSA_SIGN					 117
 #define RSA_F_RSA_SIGN_ASN1_OCTET_STRING		 118
 #define RSA_F_RSA_VERIFY				 119
 #define RSA_F_RSA_VERIFY_ASN1_OCTET_STRING		 120
+#define RSA_F_RSA_VERIFY_PKCS1_PSS			 126
 
 /* Reason codes. */
 #define RSA_R_ALGORITHM_MISMATCH			 100
@@ -356,20 +464,37 @@ void ERR_load_RSA_strings(void);
 #define RSA_R_DMP1_NOT_CONGRUENT_TO_D			 124
 #define RSA_R_DMQ1_NOT_CONGRUENT_TO_D			 125
 #define RSA_R_D_E_NOT_CONGRUENT_TO_1			 123
+#define RSA_R_FIRST_OCTET_INVALID			 133
+#define RSA_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE	 144
+#define RSA_R_INVALID_DIGEST_LENGTH			 143
+#define RSA_R_INVALID_HEADER				 137
+#define RSA_R_INVALID_KEYBITS				 145
 #define RSA_R_INVALID_MESSAGE_LENGTH			 131
+#define RSA_R_INVALID_PADDING				 138
+#define RSA_R_INVALID_PADDING_MODE			 141
+#define RSA_R_INVALID_PSS_SALTLEN			 146
+#define RSA_R_INVALID_TRAILER				 139
+#define RSA_R_INVALID_X931_DIGEST			 142
 #define RSA_R_IQMP_NOT_INVERSE_OF_Q			 126
 #define RSA_R_KEY_SIZE_TOO_SMALL			 120
+#define RSA_R_LAST_OCTET_INVALID			 134
+#define RSA_R_MODULUS_TOO_LARGE				 105
+#define RSA_R_NO_PUBLIC_EXPONENT			 140
 #define RSA_R_NULL_BEFORE_BLOCK_MISSING			 113
 #define RSA_R_N_DOES_NOT_EQUAL_P_Q			 127
 #define RSA_R_OAEP_DECODING_ERROR			 121
+#define RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE	 148
 #define RSA_R_PADDING_CHECK_FAILED			 114
 #define RSA_R_P_NOT_PRIME				 128
 #define RSA_R_Q_NOT_PRIME				 129
 #define RSA_R_RSA_OPERATIONS_NOT_SUPPORTED		 130
+#define RSA_R_SLEN_CHECK_FAILED				 136
+#define RSA_R_SLEN_RECOVERY_FAILED			 135
 #define RSA_R_SSLV3_ROLLBACK_ATTACK			 115
 #define RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 116
 #define RSA_R_UNKNOWN_ALGORITHM_TYPE			 117
 #define RSA_R_UNKNOWN_PADDING_TYPE			 118
+#define RSA_R_VALUE_MISSING				 147
 #define RSA_R_WRONG_SIGNATURE_LENGTH			 119
 
 #ifdef  __cplusplus
diff --git a/crypto/rsa/rsa_ameth.c b/crypto/rsa/rsa_ameth.c
new file mode 100644
index 0000000000..8c3209885e
--- /dev/null
+++ b/crypto/rsa/rsa_ameth.c
@@ -0,0 +1,349 @@
+/* crypto/rsa/rsa_ameth.c */
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project 2006.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/asn1t.h>
+#include <openssl/x509.h>
+#include <openssl/rsa.h>
+#include <openssl/bn.h>
+#ifndef OPENSSL_NO_CMS
+#include <openssl/cms.h>
+#endif
+#include "asn1_locl.h"
+
+static int rsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey)
+	{
+	unsigned char *penc = NULL;
+	int penclen;
+	penclen = i2d_RSAPublicKey(pkey->pkey.rsa, &penc);
+	if (penclen <= 0)
+		return 0;
+	if (X509_PUBKEY_set0_param(pk, OBJ_nid2obj(EVP_PKEY_RSA),
+				V_ASN1_NULL, NULL, penc, penclen))
+		return 1;
+
+	OPENSSL_free(penc);
+	return 0;
+	}
+
+static int rsa_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey)
+	{
+	const unsigned char *p;
+	int pklen;
+	RSA *rsa = NULL;
+	if (!X509_PUBKEY_get0_param(NULL, &p, &pklen, NULL, pubkey))
+		return 0;
+	if (!(rsa = d2i_RSAPublicKey(NULL, &p, pklen)))
+		{
+		RSAerr(RSA_F_RSA_PUB_DECODE, ERR_R_RSA_LIB);
+		return 0;
+		}
+	EVP_PKEY_assign_RSA (pkey, rsa);
+	return 1;
+	}
+
+static int rsa_pub_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
+	{
+	if (BN_cmp(b->pkey.rsa->n,a->pkey.rsa->n) != 0
+		|| BN_cmp(b->pkey.rsa->e,a->pkey.rsa->e) != 0)
+			return 0;
+	return 1;
+	}
+
+static int old_rsa_priv_decode(EVP_PKEY *pkey,
+					const unsigned char **pder, int derlen)
+	{
+	RSA *rsa;
+	if (!(rsa = d2i_RSAPrivateKey (NULL, pder, derlen)))
+		{
+		RSAerr(RSA_F_OLD_RSA_PRIV_DECODE, ERR_R_RSA_LIB);
+		return 0;
+		}
+	EVP_PKEY_assign_RSA(pkey, rsa);
+	return 1;
+	}
+
+static int old_rsa_priv_encode(const EVP_PKEY *pkey, unsigned char **pder)
+	{
+	return i2d_RSAPrivateKey(pkey->pkey.rsa, pder);
+	}
+
+static int rsa_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey)
+	{
+	unsigned char *rk = NULL;
+	int rklen;
+	rklen = i2d_RSAPrivateKey(pkey->pkey.rsa, &rk);
+
+	if (rklen <= 0)
+		{
+		RSAerr(RSA_F_RSA_PRIV_ENCODE,ERR_R_MALLOC_FAILURE);
+		return 0;
+		}
+
+	if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(NID_rsaEncryption), 0,
+				V_ASN1_NULL, NULL, rk, rklen))
+		{
+		RSAerr(RSA_F_RSA_PRIV_ENCODE,ERR_R_MALLOC_FAILURE);
+		return 0;
+		}
+
+	return 1;
+	}
+
+static int rsa_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8)
+	{
+	const unsigned char *p;
+	int pklen;
+	if (!PKCS8_pkey_get0(NULL, &p, &pklen, NULL, p8))
+		return 0;
+	return old_rsa_priv_decode(pkey, &p, pklen);
+	}
+
+static int int_rsa_size(const EVP_PKEY *pkey)
+	{
+	return RSA_size(pkey->pkey.rsa);
+	}
+
+static int rsa_bits(const EVP_PKEY *pkey)
+	{
+	return BN_num_bits(pkey->pkey.rsa->n);
+	}
+
+static void int_rsa_free(EVP_PKEY *pkey)
+	{
+	RSA_free(pkey->pkey.rsa);
+	}
+
+
+static void update_buflen(const BIGNUM *b, size_t *pbuflen)
+	{
+	size_t i;
+	if (!b)
+		return;
+	if (*pbuflen < (i = (size_t)BN_num_bytes(b)))
+			*pbuflen = i;
+	}
+
+static int do_rsa_print(BIO *bp, const RSA *x, int off, int priv)
+	{
+	char *str;
+	const char *s;
+	unsigned char *m=NULL;
+	int ret=0, mod_len = 0;
+	size_t buf_len=0;
+
+	update_buflen(x->n, &buf_len);
+	update_buflen(x->e, &buf_len);
+
+	if (priv)
+		{
+		update_buflen(x->d, &buf_len);
+		update_buflen(x->p, &buf_len);
+		update_buflen(x->q, &buf_len);
+		update_buflen(x->dmp1, &buf_len);
+		update_buflen(x->dmq1, &buf_len);
+		update_buflen(x->iqmp, &buf_len);
+		}
+
+	m=(unsigned char *)OPENSSL_malloc(buf_len+10);
+	if (m == NULL)
+		{
+		RSAerr(RSA_F_DO_RSA_PRINT,ERR_R_MALLOC_FAILURE);
+		goto err;
+		}
+
+	if (x->n != NULL)
+		mod_len = BN_num_bits(x->n);
+
+	if(!BIO_indent(bp,off,128))
+		goto err;
+
+	if (priv && x->d)
+		{
+		if (BIO_printf(bp,"Private-Key: (%d bit)\n", mod_len)
+			<= 0) goto err;
+		str = "modulus:";
+		s = "publicExponent:";
+		}
+	else
+		{
+		if (BIO_printf(bp,"Public-Key: (%d bit)\n", mod_len)
+			<= 0) goto err;
+		str = "Modulus:";
+		s= "Exponent:";
+		}
+	if (!ASN1_bn_print(bp,str,x->n,m,off)) goto err;
+	if (!ASN1_bn_print(bp,s,x->e,m,off))
+		goto err;
+	if (priv)
+		{
+		if (!ASN1_bn_print(bp,"privateExponent:",x->d,m,off))
+			goto err;
+		if (!ASN1_bn_print(bp,"prime1:",x->p,m,off))
+			goto err;
+		if (!ASN1_bn_print(bp,"prime2:",x->q,m,off))
+			goto err;
+		if (!ASN1_bn_print(bp,"exponent1:",x->dmp1,m,off))
+			goto err;
+		if (!ASN1_bn_print(bp,"exponent2:",x->dmq1,m,off))
+			goto err;
+		if (!ASN1_bn_print(bp,"coefficient:",x->iqmp,m,off))
+			goto err;
+		}
+	ret=1;
+err:
+	if (m != NULL) OPENSSL_free(m);
+	return(ret);
+	}
+
+static int rsa_pub_print(BIO *bp, const EVP_PKEY *pkey, int indent,
+							ASN1_PCTX *ctx)
+	{
+	return do_rsa_print(bp, pkey->pkey.rsa, indent, 0);
+	}
+
+
+static int rsa_priv_print(BIO *bp, const EVP_PKEY *pkey, int indent,
+							ASN1_PCTX *ctx)
+	{
+	return do_rsa_print(bp, pkey->pkey.rsa, indent, 1);
+	}
+
+
+static int rsa_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
+	{
+	X509_ALGOR *alg = NULL;
+	switch (op)
+		{
+
+		case ASN1_PKEY_CTRL_PKCS7_SIGN:
+		if (arg1 == 0)
+			PKCS7_SIGNER_INFO_get0_algs(arg2, NULL, NULL, &alg);
+		break;
+
+		case ASN1_PKEY_CTRL_PKCS7_ENCRYPT:
+		if (arg1 == 0)
+			PKCS7_RECIP_INFO_get0_alg(arg2, &alg);
+		break;
+#ifndef OPENSSL_NO_CMS
+		case ASN1_PKEY_CTRL_CMS_SIGN:
+		if (arg1 == 0)
+			CMS_SignerInfo_get0_algs(arg2, NULL, NULL, NULL, &alg);
+		break;
+
+		case ASN1_PKEY_CTRL_CMS_ENVELOPE:
+		if (arg1 == 0)
+			CMS_RecipientInfo_ktri_get0_algs(arg2, NULL, NULL, &alg);
+		break;
+#endif
+
+		case ASN1_PKEY_CTRL_DEFAULT_MD_NID:
+		*(int *)arg2 = NID_sha1;
+		return 1;
+
+		default:
+		return -2;
+
+		}
+
+	if (alg)
+		X509_ALGOR_set0(alg, OBJ_nid2obj(NID_rsaEncryption),
+							V_ASN1_NULL, 0);
+
+	return 1;
+
+	}
+
+
+const EVP_PKEY_ASN1_METHOD rsa_asn1_meths[] = 
+	{
+		{
+		EVP_PKEY_RSA,
+		EVP_PKEY_RSA,
+		ASN1_PKEY_SIGPARAM_NULL,
+
+		"RSA",
+		"OpenSSL RSA method",
+
+		rsa_pub_decode,
+		rsa_pub_encode,
+		rsa_pub_cmp,
+		rsa_pub_print,
+
+		rsa_priv_decode,
+		rsa_priv_encode,
+		rsa_priv_print,
+
+		int_rsa_size,
+		rsa_bits,
+
+		0,0,0,0,0,0,
+
+		int_rsa_free,
+		rsa_pkey_ctrl,
+		old_rsa_priv_decode,
+		old_rsa_priv_encode
+		},
+
+		{
+		EVP_PKEY_RSA2,
+		EVP_PKEY_RSA,
+		ASN1_PKEY_ALIAS
+		}
+	};
diff --git a/crypto/rsa/rsa_asn1.c b/crypto/rsa/rsa_asn1.c
index 1455a7e0e4..4efca8cdc8 100644
--- a/crypto/rsa/rsa_asn1.c
+++ b/crypto/rsa/rsa_asn1.c
@@ -1,9 +1,9 @@
 /* rsa_asn1.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2000.
  */
 /* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 2000-2005 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -62,19 +62,9 @@
 #include <openssl/rsa.h>
 #include <openssl/asn1t.h>
 
-static ASN1_METHOD method={
-        (int (*)())  i2d_RSAPrivateKey,
-        (char *(*)())d2i_RSAPrivateKey,
-        (char *(*)())RSA_new,
-        (void (*)()) RSA_free};
-
-ASN1_METHOD *RSAPrivateKey_asn1_meth(void)
-	{
-	return(&method);
-	}
-
 /* Override the default free and new methods */
-static int rsa_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
+static int rsa_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
+								void *exarg)
 {
 	if(operation == ASN1_OP_NEW_PRE) {
 		*pval = (ASN1_VALUE *)RSA_new();
diff --git a/crypto/rsa/rsa_depr.c b/crypto/rsa/rsa_depr.c
index 73fa6eea90..a859ded987 100644
--- a/crypto/rsa/rsa_depr.c
+++ b/crypto/rsa/rsa_depr.c
@@ -80,10 +80,11 @@ RSA *RSA_generate_key(int bits, unsigned long e_value,
 
 	/* The problem is when building with 8, 16, or 32 BN_ULONG,
 	 * unsigned long can be larger */
-	for (i=0; i<sizeof(unsigned long)*8; i++)
+	for (i=0; i<(int)sizeof(unsigned long)*8; i++)
 		{
 		if (e_value & (1UL<<i))
-			BN_set_bit(e,i);
+			if (BN_set_bit(e,i) == 0)
+				goto err;
 		}
 
 	BN_GENCB_set_old(&cb, callback, cb_arg);
diff --git a/crypto/rsa/rsa_eay.c b/crypto/rsa/rsa_eay.c
index b66b4bc140..c5eaeeae6b 100644
--- a/crypto/rsa/rsa_eay.c
+++ b/crypto/rsa/rsa_eay.c
@@ -55,6 +55,59 @@
  * copied and put under another distribution licence
  * [including the GNU Public Licence.]
  */
+/* ====================================================================
+ * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
 
 #include <stdio.h>
 #include "cryptlib.h"
@@ -97,43 +150,6 @@ const RSA_METHOD *RSA_PKCS1_SSLeay(void)
 	return(&rsa_pkcs1_eay_meth);
 	}
 
-/* Static helper to reduce oodles of code duplication. As a slight
- * optimisation, the "MONT_HELPER() macro must be used as front-end to this
- * function, to prevent unnecessary function calls - there is an initial test
- * that is performed by the macro-generated code. */
-static int rsa_eay_mont_helper(BN_MONT_CTX **ptr, const BIGNUM *modulus, BN_CTX *ctx)
-	{
-	BN_MONT_CTX *bn_mont_ctx;
-	if((bn_mont_ctx = BN_MONT_CTX_new()) == NULL)
-		return 0;
-	if(!BN_MONT_CTX_set(bn_mont_ctx, modulus, ctx))
-		{
-		BN_MONT_CTX_free(bn_mont_ctx);
-		return 0;
-		}
-	if (*ptr == NULL) /* other thread may have finished first */
-		{
-		CRYPTO_w_lock(CRYPTO_LOCK_RSA);
-		if (*ptr == NULL) /* check again in the lock to stop races */
-			{
-			*ptr = bn_mont_ctx;
-			bn_mont_ctx = NULL;
-			}
-		CRYPTO_w_unlock(CRYPTO_LOCK_RSA);
-		}
-	if (bn_mont_ctx)
-		BN_MONT_CTX_free(bn_mont_ctx);
-	return 1;
-	}
-/* Usage example;
- *    MONT_HELPER(rsa, bn_ctx, p, rsa->flags & RSA_FLAG_CACHE_PRIVATE, goto err);
- */
-#define MONT_HELPER(rsa, ctx, m, pre_cond, err_instr) \
-	if((pre_cond) && ((rsa)->_method_mod_##m == NULL) && \
-			!rsa_eay_mont_helper(&((rsa)->_method_mod_##m), \
-				(rsa)->m, (ctx))) \
-		err_instr
-
 static int RSA_eay_public_encrypt(int flen, const unsigned char *from,
 	     unsigned char *to, RSA *rsa, int padding)
 	{
@@ -142,6 +158,28 @@ static int RSA_eay_public_encrypt(int flen, const unsigned char *from,
 	unsigned char *buf=NULL;
 	BN_CTX *ctx=NULL;
 
+	if (BN_num_bits(rsa->n) > OPENSSL_RSA_MAX_MODULUS_BITS)
+		{
+		RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_MODULUS_TOO_LARGE);
+		return -1;
+		}
+
+	if (BN_ucmp(rsa->n, rsa->e) <= 0)
+		{
+		RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_BAD_E_VALUE);
+		return -1;
+		}
+
+	/* for large moduli, enforce exponent limit */
+	if (BN_num_bits(rsa->n) > OPENSSL_RSA_SMALL_MODULUS_BITS)
+		{
+		if (BN_num_bits(rsa->e) > OPENSSL_RSA_MAX_PUBEXP_BITS)
+			{
+			RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_BAD_E_VALUE);
+			return -1;
+			}
+		}
+	
 	if ((ctx=BN_CTX_new()) == NULL) goto err;
 	BN_CTX_start(ctx);
 	f = BN_CTX_get(ctx);
@@ -179,13 +217,15 @@ static int RSA_eay_public_encrypt(int flen, const unsigned char *from,
 	if (BN_bin2bn(buf,num,f) == NULL) goto err;
 	
 	if (BN_ucmp(f, rsa->n) >= 0)
-		{	
+		{
 		/* usually the padding functions would catch this */
 		RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT,RSA_R_DATA_TOO_LARGE_FOR_MODULUS);
 		goto err;
 		}
 
-	MONT_HELPER(rsa, ctx, n, rsa->flags & RSA_FLAG_CACHE_PUBLIC, goto err);
+	if (rsa->flags & RSA_FLAG_CACHE_PUBLIC)
+		if (!BN_MONT_CTX_set_locked(&rsa->_method_mod_n, CRYPTO_LOCK_RSA, rsa->n, ctx))
+			goto err;
 
 	if (!rsa->meth->bn_mod_exp(ret,f,rsa->e,rsa->n,ctx,
 		rsa->_method_mod_n)) goto err;
@@ -212,64 +252,103 @@ err:
 	return(r);
 	}
 
-static int rsa_eay_blinding(RSA *rsa, BN_CTX *ctx)
-	{
-	int ret = 1;
-	CRYPTO_w_lock(CRYPTO_LOCK_RSA);
-	/* Check again inside the lock - the macro's check is racey */
-	if(rsa->blinding == NULL)
-		ret = RSA_blinding_on(rsa, ctx);
-	CRYPTO_w_unlock(CRYPTO_LOCK_RSA);
-	return ret;
-	}
+static BN_BLINDING *rsa_get_blinding(RSA *rsa, int *local, BN_CTX *ctx)
+{
+	BN_BLINDING *ret;
+	int got_write_lock = 0;
+	CRYPTO_THREADID cur;
 
-#define BLINDING_HELPER(rsa, ctx, err_instr) \
-	do { \
-		if((!((rsa)->flags & RSA_FLAG_NO_BLINDING)) && \
-		    ((rsa)->blinding == NULL) && \
-		    !rsa_eay_blinding(rsa, ctx)) \
-			err_instr \
-	} while(0)
+	CRYPTO_r_lock(CRYPTO_LOCK_RSA);
 
-static BN_BLINDING *setup_blinding(RSA *rsa, BN_CTX *ctx)
-	{
-	BIGNUM *A, *Ai;
-	BN_BLINDING *ret = NULL;
+	if (rsa->blinding == NULL)
+		{
+		CRYPTO_r_unlock(CRYPTO_LOCK_RSA);
+		CRYPTO_w_lock(CRYPTO_LOCK_RSA);
+		got_write_lock = 1;
 
-	/* added in OpenSSL 0.9.6j and 0.9.7b */
+		if (rsa->blinding == NULL)
+			rsa->blinding = RSA_setup_blinding(rsa, ctx);
+		}
 
-	/* NB: similar code appears in RSA_blinding_on (rsa_lib.c);
-	 * this should be placed in a new function of its own, but for reasons
-	 * of binary compatibility can't */
+	ret = rsa->blinding;
+	if (ret == NULL)
+		goto err;
 
-	BN_CTX_start(ctx);
-	A = BN_CTX_get(ctx);
-	if ((RAND_status() == 0) && rsa->d != NULL && rsa->d->d != NULL)
+	CRYPTO_THREADID_current(&cur);
+	if (!CRYPTO_THREADID_cmp(&cur, BN_BLINDING_thread_id(ret)))
 		{
-		/* if PRNG is not properly seeded, resort to secret exponent as unpredictable seed */
-		RAND_add(rsa->d->d, rsa->d->dmax * sizeof rsa->d->d[0], 0.0);
-		if (!BN_pseudo_rand_range(A,rsa->n)) goto err;
+		/* rsa->blinding is ours! */
+
+		*local = 1;
 		}
 	else
 		{
-		if (!BN_rand_range(A,rsa->n)) goto err;
+		/* resort to rsa->mt_blinding instead */
+
+		*local = 0; /* instructs rsa_blinding_convert(), rsa_blinding_invert()
+		             * that the BN_BLINDING is shared, meaning that accesses
+		             * require locks, and that the blinding factor must be
+		             * stored outside the BN_BLINDING
+		             */
+
+		if (rsa->mt_blinding == NULL)
+			{
+			if (!got_write_lock)
+				{
+				CRYPTO_r_unlock(CRYPTO_LOCK_RSA);
+				CRYPTO_w_lock(CRYPTO_LOCK_RSA);
+				got_write_lock = 1;
+				}
+			
+			if (rsa->mt_blinding == NULL)
+				rsa->mt_blinding = RSA_setup_blinding(rsa, ctx);
+			}
+		ret = rsa->mt_blinding;
 		}
-	if ((Ai=BN_mod_inverse(NULL,A,rsa->n,ctx)) == NULL) goto err;
 
-	if (!rsa->meth->bn_mod_exp(A,A,rsa->e,rsa->n,ctx,rsa->_method_mod_n))
-		goto err;
-	ret = BN_BLINDING_new(A,Ai,rsa->n);
-	BN_free(Ai);
-err:
-	BN_CTX_end(ctx);
+ err:
+	if (got_write_lock)
+		CRYPTO_w_unlock(CRYPTO_LOCK_RSA);
+	else
+		CRYPTO_r_unlock(CRYPTO_LOCK_RSA);
 	return ret;
-	}
+}
+
+static int rsa_blinding_convert(BN_BLINDING *b, int local, BIGNUM *f,
+	BIGNUM *r, BN_CTX *ctx)
+{
+	if (local)
+		return BN_BLINDING_convert_ex(f, NULL, b, ctx);
+	else
+		{
+		int ret;
+		CRYPTO_r_lock(CRYPTO_LOCK_RSA_BLINDING);
+		ret = BN_BLINDING_convert_ex(f, r, b, ctx);
+		CRYPTO_r_unlock(CRYPTO_LOCK_RSA_BLINDING);
+		return ret;
+		}
+}
+
+static int rsa_blinding_invert(BN_BLINDING *b, int local, BIGNUM *f,
+	BIGNUM *r, BN_CTX *ctx)
+{
+	if (local)
+		return BN_BLINDING_invert_ex(f, NULL, b, ctx);
+	else
+		{
+		int ret;
+		CRYPTO_w_lock(CRYPTO_LOCK_RSA_BLINDING);
+		ret = BN_BLINDING_invert_ex(f, r, b, ctx);
+		CRYPTO_w_unlock(CRYPTO_LOCK_RSA_BLINDING);
+		return ret;
+		}
+}
 
 /* signing */
 static int RSA_eay_private_encrypt(int flen, const unsigned char *from,
 	     unsigned char *to, RSA *rsa, int padding)
 	{
-	BIGNUM *f,*ret;
+	BIGNUM *f, *ret, *br, *res;
 	int i,j,k,num=0,r= -1;
 	unsigned char *buf=NULL;
 	BN_CTX *ctx=NULL;
@@ -278,9 +357,10 @@ static int RSA_eay_private_encrypt(int flen, const unsigned char *from,
 
 	if ((ctx=BN_CTX_new()) == NULL) goto err;
 	BN_CTX_start(ctx);
-	f = BN_CTX_get(ctx);
+	f   = BN_CTX_get(ctx);
+	br  = BN_CTX_get(ctx);
 	ret = BN_CTX_get(ctx);
-	num=BN_num_bytes(rsa->n);
+	num = BN_num_bytes(rsa->n);
 	buf = OPENSSL_malloc(num);
 	if(!f || !ret || !buf)
 		{
@@ -293,6 +373,9 @@ static int RSA_eay_private_encrypt(int flen, const unsigned char *from,
 	case RSA_PKCS1_PADDING:
 		i=RSA_padding_add_PKCS1_type_1(buf,num,from,flen);
 		break;
+	case RSA_X931_PADDING:
+		i=RSA_padding_add_X931(buf,num,from,flen);
+		break;
 	case RSA_NO_PADDING:
 		i=RSA_padding_add_none(buf,num,from,flen);
 		break;
@@ -312,17 +395,9 @@ static int RSA_eay_private_encrypt(int flen, const unsigned char *from,
 		goto err;
 		}
 
-	BLINDING_HELPER(rsa, ctx, goto err;);
-	blinding = rsa->blinding;
-	
-	/* Now unless blinding is disabled, 'blinding' is non-NULL.
-	 * But the BN_BLINDING object may be owned by some other thread
-	 * (we don't want to keep it constant and we don't want to use
-	 * lots of locking to avoid race conditions, so only a single
-	 * thread can use it; other threads have to use local blinding
-	 * factors) */
 	if (!(rsa->flags & RSA_FLAG_NO_BLINDING))
 		{
+		blinding = rsa_get_blinding(rsa, &local_blinding, ctx);
 		if (blinding == NULL)
 			{
 			RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT, ERR_R_INTERNAL_ERROR);
@@ -331,20 +406,8 @@ static int RSA_eay_private_encrypt(int flen, const unsigned char *from,
 		}
 	
 	if (blinding != NULL)
-		{
-		if (blinding->thread_id != CRYPTO_thread_id())
-			{
-			/* we need a local one-time blinding factor */
-
-			blinding = setup_blinding(rsa, ctx);
-			if (blinding == NULL)
-				goto err;
-			local_blinding = 1;
-			}
-		}
-
-	if (blinding)
-		if (!BN_BLINDING_convert(f, blinding, ctx)) goto err;
+		if (!rsa_blinding_convert(blinding, local_blinding, f, br, ctx))
+			goto err;
 
 	if ( (rsa->flags & RSA_FLAG_EXT_PKEY) ||
 		((rsa->p != NULL) &&
@@ -352,21 +415,50 @@ static int RSA_eay_private_encrypt(int flen, const unsigned char *from,
 		(rsa->dmp1 != NULL) &&
 		(rsa->dmq1 != NULL) &&
 		(rsa->iqmp != NULL)) )
-		{ if (!rsa->meth->rsa_mod_exp(ret,f,rsa,ctx)) goto err; }
+		{ 
+		if (!rsa->meth->rsa_mod_exp(ret, f, rsa, ctx)) goto err;
+		}
 	else
 		{
-		MONT_HELPER(rsa, ctx, n, rsa->flags & RSA_FLAG_CACHE_PUBLIC, goto err);
-		if (!rsa->meth->bn_mod_exp(ret,f,rsa->d,rsa->n,ctx,
+		BIGNUM local_d;
+		BIGNUM *d = NULL;
+		
+		if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME))
+			{
+			BN_init(&local_d);
+			d = &local_d;
+			BN_with_flags(d, rsa->d, BN_FLG_CONSTTIME);
+			}
+		else
+			d= rsa->d;
+
+		if (rsa->flags & RSA_FLAG_CACHE_PUBLIC)
+			if(!BN_MONT_CTX_set_locked(&rsa->_method_mod_n, CRYPTO_LOCK_RSA, rsa->n, ctx))
+				goto err;
+
+		if (!rsa->meth->bn_mod_exp(ret,f,d,rsa->n,ctx,
 				rsa->_method_mod_n)) goto err;
 		}
 
 	if (blinding)
-		if (!BN_BLINDING_invert(ret, blinding, ctx)) goto err;
+		if (!rsa_blinding_invert(blinding, local_blinding, ret, br, ctx))
+			goto err;
+
+	if (padding == RSA_X931_PADDING)
+		{
+		BN_sub(f, rsa->n, ret);
+		if (BN_cmp(ret, f))
+			res = f;
+		else
+			res = ret;
+		}
+	else
+		res = ret;
 
 	/* put in leading 0 bytes if the number is less than the
 	 * length of the modulus */
-	j=BN_num_bytes(ret);
-	i=BN_bn2bin(ret,&(to[num-j]));
+	j=BN_num_bytes(res);
+	i=BN_bn2bin(res,&(to[num-j]));
 	for (k=0; k<(num-i); k++)
 		to[k]=0;
 
@@ -377,8 +469,6 @@ err:
 		BN_CTX_end(ctx);
 		BN_CTX_free(ctx);
 		}
-	if (local_blinding)
-		BN_BLINDING_free(blinding);
 	if (buf != NULL)
 		{
 		OPENSSL_cleanse(buf,num);
@@ -390,7 +480,7 @@ err:
 static int RSA_eay_private_decrypt(int flen, const unsigned char *from,
 	     unsigned char *to, RSA *rsa, int padding)
 	{
-	BIGNUM *f,*ret;
+	BIGNUM *f, *ret, *br;
 	int j,num=0,r= -1;
 	unsigned char *p;
 	unsigned char *buf=NULL;
@@ -400,9 +490,10 @@ static int RSA_eay_private_decrypt(int flen, const unsigned char *from,
 
 	if((ctx = BN_CTX_new()) == NULL) goto err;
 	BN_CTX_start(ctx);
-	f = BN_CTX_get(ctx);
+	f   = BN_CTX_get(ctx);
+	br  = BN_CTX_get(ctx);
 	ret = BN_CTX_get(ctx);
-	num=BN_num_bytes(rsa->n);
+	num = BN_num_bytes(rsa->n);
 	buf = OPENSSL_malloc(num);
 	if(!f || !ret || !buf)
 		{
@@ -427,17 +518,9 @@ static int RSA_eay_private_decrypt(int flen, const unsigned char *from,
 		goto err;
 		}
 
-	BLINDING_HELPER(rsa, ctx, goto err;);
-	blinding = rsa->blinding;
-	
-	/* Now unless blinding is disabled, 'blinding' is non-NULL.
-	 * But the BN_BLINDING object may be owned by some other thread
-	 * (we don't want to keep it constant and we don't want to use
-	 * lots of locking to avoid race conditions, so only a single
-	 * thread can use it; other threads have to use local blinding
-	 * factors) */
 	if (!(rsa->flags & RSA_FLAG_NO_BLINDING))
 		{
+		blinding = rsa_get_blinding(rsa, &local_blinding, ctx);
 		if (blinding == NULL)
 			{
 			RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT, ERR_R_INTERNAL_ERROR);
@@ -446,20 +529,8 @@ static int RSA_eay_private_decrypt(int flen, const unsigned char *from,
 		}
 	
 	if (blinding != NULL)
-		{
-		if (blinding->thread_id != CRYPTO_thread_id())
-			{
-			/* we need a local one-time blinding factor */
-
-			blinding = setup_blinding(rsa, ctx);
-			if (blinding == NULL)
-				goto err;
-			local_blinding = 1;
-			}
-		}
-
-	if (blinding)
-		if (!BN_BLINDING_convert(f, blinding, ctx)) goto err;
+		if (!rsa_blinding_convert(blinding, local_blinding, f, br, ctx))
+			goto err;
 
 	/* do the decrypt */
 	if ( (rsa->flags & RSA_FLAG_EXT_PKEY) ||
@@ -468,17 +539,33 @@ static int RSA_eay_private_decrypt(int flen, const unsigned char *from,
 		(rsa->dmp1 != NULL) &&
 		(rsa->dmq1 != NULL) &&
 		(rsa->iqmp != NULL)) )
-		{ if (!rsa->meth->rsa_mod_exp(ret,f,rsa,ctx)) goto err; }
+		{
+		if (!rsa->meth->rsa_mod_exp(ret, f, rsa, ctx)) goto err;
+		}
 	else
 		{
-		MONT_HELPER(rsa, ctx, n, rsa->flags & RSA_FLAG_CACHE_PUBLIC, goto err);
-		if (!rsa->meth->bn_mod_exp(ret,f,rsa->d,rsa->n,ctx,
+		BIGNUM local_d;
+		BIGNUM *d = NULL;
+		
+		if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME))
+			{
+			d = &local_d;
+			BN_with_flags(d, rsa->d, BN_FLG_CONSTTIME);
+			}
+		else
+			d = rsa->d;
+
+		if (rsa->flags & RSA_FLAG_CACHE_PUBLIC)
+			if (!BN_MONT_CTX_set_locked(&rsa->_method_mod_n, CRYPTO_LOCK_RSA, rsa->n, ctx))
+				goto err;
+		if (!rsa->meth->bn_mod_exp(ret,f,d,rsa->n,ctx,
 				rsa->_method_mod_n))
-			goto err;
+		  goto err;
 		}
 
 	if (blinding)
-		if (!BN_BLINDING_invert(ret, blinding, ctx)) goto err;
+		if (!rsa_blinding_invert(blinding, local_blinding, ret, br, ctx))
+			goto err;
 
 	p=buf;
 	j=BN_bn2bin(ret,p); /* j is only used with no-padding mode */
@@ -512,8 +599,6 @@ err:
 		BN_CTX_end(ctx);
 		BN_CTX_free(ctx);
 		}
-	if (local_blinding)
-		BN_BLINDING_free(blinding);
 	if (buf != NULL)
 		{
 		OPENSSL_cleanse(buf,num);
@@ -532,6 +617,28 @@ static int RSA_eay_public_decrypt(int flen, const unsigned char *from,
 	unsigned char *buf=NULL;
 	BN_CTX *ctx=NULL;
 
+	if (BN_num_bits(rsa->n) > OPENSSL_RSA_MAX_MODULUS_BITS)
+		{
+		RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT, RSA_R_MODULUS_TOO_LARGE);
+		return -1;
+		}
+
+	if (BN_ucmp(rsa->n, rsa->e) <= 0)
+		{
+		RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT, RSA_R_BAD_E_VALUE);
+		return -1;
+		}
+
+	/* for large moduli, enforce exponent limit */
+	if (BN_num_bits(rsa->n) > OPENSSL_RSA_SMALL_MODULUS_BITS)
+		{
+		if (BN_num_bits(rsa->e) > OPENSSL_RSA_MAX_PUBEXP_BITS)
+			{
+			RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT, RSA_R_BAD_E_VALUE);
+			return -1;
+			}
+		}
+	
 	if((ctx = BN_CTX_new()) == NULL) goto err;
 	BN_CTX_start(ctx);
 	f = BN_CTX_get(ctx);
@@ -560,11 +667,16 @@ static int RSA_eay_public_decrypt(int flen, const unsigned char *from,
 		goto err;
 		}
 
-	MONT_HELPER(rsa, ctx, n, rsa->flags & RSA_FLAG_CACHE_PUBLIC, goto err);
+	if (rsa->flags & RSA_FLAG_CACHE_PUBLIC)
+		if (!BN_MONT_CTX_set_locked(&rsa->_method_mod_n, CRYPTO_LOCK_RSA, rsa->n, ctx))
+			goto err;
 
 	if (!rsa->meth->bn_mod_exp(ret,f,rsa->e,rsa->n,ctx,
 		rsa->_method_mod_n)) goto err;
 
+	if ((padding == RSA_X931_PADDING) && ((ret->d[0] & 0xf) != 12))
+		BN_sub(ret, rsa->n, ret);
+
 	p=buf;
 	i=BN_bn2bin(ret,p);
 
@@ -573,6 +685,9 @@ static int RSA_eay_public_decrypt(int flen, const unsigned char *from,
 	case RSA_PKCS1_PADDING:
 		r=RSA_padding_check_PKCS1_type_1(to,num,buf,i,num);
 		break;
+	case RSA_X931_PADDING:
+		r=RSA_padding_check_X931(to,num,buf,i,num);
+		break;
 	case RSA_NO_PADDING:
 		r=RSA_padding_check_none(to,num,buf,i,num);
 		break;
@@ -600,6 +715,8 @@ err:
 static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
 	{
 	BIGNUM *r1,*m1,*vrfy;
+	BIGNUM local_dmp1,local_dmq1,local_c,local_r1;
+	BIGNUM *dmp1,*dmq1,*c,*pr1;
 	int ret=0;
 
 	BN_CTX_start(ctx);
@@ -607,26 +724,106 @@ static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
 	m1 = BN_CTX_get(ctx);
 	vrfy = BN_CTX_get(ctx);
 
-	MONT_HELPER(rsa, ctx, p, rsa->flags & RSA_FLAG_CACHE_PRIVATE, goto err);
-	MONT_HELPER(rsa, ctx, q, rsa->flags & RSA_FLAG_CACHE_PRIVATE, goto err);
-	MONT_HELPER(rsa, ctx, n, rsa->flags & RSA_FLAG_CACHE_PUBLIC, goto err);
+	{
+		BIGNUM local_p, local_q;
+		BIGNUM *p = NULL, *q = NULL;
+
+		/* Make sure BN_mod_inverse in Montgomery intialization uses the
+		 * BN_FLG_CONSTTIME flag (unless RSA_FLAG_NO_CONSTTIME is set)
+		 */
+		if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME))
+			{
+			BN_init(&local_p);
+			p = &local_p;
+			BN_with_flags(p, rsa->p, BN_FLG_CONSTTIME);
+
+			BN_init(&local_q);
+			q = &local_q;
+			BN_with_flags(q, rsa->q, BN_FLG_CONSTTIME);
+			}
+		else
+			{
+			p = rsa->p;
+			q = rsa->q;
+			}
+
+		if (rsa->flags & RSA_FLAG_CACHE_PRIVATE)
+			{
+			if (!BN_MONT_CTX_set_locked(&rsa->_method_mod_p, CRYPTO_LOCK_RSA, p, ctx))
+				goto err;
+			if (!BN_MONT_CTX_set_locked(&rsa->_method_mod_q, CRYPTO_LOCK_RSA, q, ctx))
+				goto err;
+			}
+	}
+
+	if (rsa->flags & RSA_FLAG_CACHE_PUBLIC)
+		if (!BN_MONT_CTX_set_locked(&rsa->_method_mod_n, CRYPTO_LOCK_RSA, rsa->n, ctx))
+			goto err;
+
+	/* compute I mod q */
+	if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME))
+		{
+		c = &local_c;
+		BN_with_flags(c, I, BN_FLG_CONSTTIME);
+		if (!BN_mod(r1,c,rsa->q,ctx)) goto err;
+		}
+	else
+		{
+		if (!BN_mod(r1,I,rsa->q,ctx)) goto err;
+		}
 
-	if (!BN_mod(r1,I,rsa->q,ctx)) goto err;
-	if (!rsa->meth->bn_mod_exp(m1,r1,rsa->dmq1,rsa->q,ctx,
+	/* compute r1^dmq1 mod q */
+	if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME))
+		{
+		dmq1 = &local_dmq1;
+		BN_with_flags(dmq1, rsa->dmq1, BN_FLG_CONSTTIME);
+		}
+	else
+		dmq1 = rsa->dmq1;
+	if (!rsa->meth->bn_mod_exp(m1,r1,dmq1,rsa->q,ctx,
 		rsa->_method_mod_q)) goto err;
 
-	if (!BN_mod(r1,I,rsa->p,ctx)) goto err;
-	if (!rsa->meth->bn_mod_exp(r0,r1,rsa->dmp1,rsa->p,ctx,
+	/* compute I mod p */
+	if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME))
+		{
+		c = &local_c;
+		BN_with_flags(c, I, BN_FLG_CONSTTIME);
+		if (!BN_mod(r1,c,rsa->p,ctx)) goto err;
+		}
+	else
+		{
+		if (!BN_mod(r1,I,rsa->p,ctx)) goto err;
+		}
+
+	/* compute r1^dmp1 mod p */
+	if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME))
+		{
+		dmp1 = &local_dmp1;
+		BN_with_flags(dmp1, rsa->dmp1, BN_FLG_CONSTTIME);
+		}
+	else
+		dmp1 = rsa->dmp1;
+	if (!rsa->meth->bn_mod_exp(r0,r1,dmp1,rsa->p,ctx,
 		rsa->_method_mod_p)) goto err;
 
 	if (!BN_sub(r0,r0,m1)) goto err;
 	/* This will help stop the size of r0 increasing, which does
 	 * affect the multiply if it optimised for a power of 2 size */
-	if (BN_get_sign(r0))
+	if (BN_is_negative(r0))
 		if (!BN_add(r0,r0,rsa->p)) goto err;
 
 	if (!BN_mul(r1,r0,rsa->iqmp,ctx)) goto err;
-	if (!BN_mod(r0,r1,rsa->p,ctx)) goto err;
+
+	/* Turn BN_FLG_CONSTTIME flag on before division operation */
+	if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME))
+		{
+		pr1 = &local_r1;
+		BN_with_flags(pr1, r1, BN_FLG_CONSTTIME);
+		}
+	else
+		pr1 = r1;
+	if (!BN_mod(r0,pr1,rsa->p,ctx)) goto err;
+
 	/* If p < q it is occasionally possible for the correction of
          * adding 'p' if r0 is negative above to leave the result still
 	 * negative. This can break the private key operations: the following
@@ -634,7 +831,7 @@ static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
 	 * This will *never* happen with OpenSSL generated keys because
          * they ensure p > q [steve]
          */
-	if (BN_get_sign(r0))
+	if (BN_is_negative(r0))
 		if (!BN_add(r0,r0,rsa->p)) goto err;
 	if (!BN_mul(r1,r0,rsa->q,ctx)) goto err;
 	if (!BN_add(r0,r1,m1)) goto err;
@@ -648,14 +845,27 @@ static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
 		 * for absolute equality, just congruency. */
 		if (!BN_sub(vrfy, vrfy, I)) goto err;
 		if (!BN_mod(vrfy, vrfy, rsa->n, ctx)) goto err;
-		if (BN_get_sign(vrfy))
+		if (BN_is_negative(vrfy))
 			if (!BN_add(vrfy, vrfy, rsa->n)) goto err;
 		if (!BN_is_zero(vrfy))
+			{
 			/* 'I' and 'vrfy' aren't congruent mod n. Don't leak
 			 * miscalculated CRT output, just do a raw (slower)
 			 * mod_exp and return that instead. */
-			if (!rsa->meth->bn_mod_exp(r0,I,rsa->d,rsa->n,ctx,
-					rsa->_method_mod_n)) goto err;
+
+			BIGNUM local_d;
+			BIGNUM *d = NULL;
+		
+			if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME))
+				{
+				d = &local_d;
+				BN_with_flags(d, rsa->d, BN_FLG_CONSTTIME);
+				}
+			else
+				d = rsa->d;
+			if (!rsa->meth->bn_mod_exp(r0,I,d,rsa->n,ctx,
+						   rsa->_method_mod_n)) goto err;
+			}
 		}
 	ret=1;
 err:
diff --git a/crypto/rsa/rsa_err.c b/crypto/rsa/rsa_err.c
index a7766c3b76..cf9f1106b0 100644
--- a/crypto/rsa/rsa_err.c
+++ b/crypto/rsa/rsa_err.c
@@ -1,6 +1,6 @@
 /* crypto/rsa/rsa_err.c */
 /* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2008 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -64,70 +64,114 @@
 
 /* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
+
+#define ERR_FUNC(func) ERR_PACK(ERR_LIB_RSA,func,0)
+#define ERR_REASON(reason) ERR_PACK(ERR_LIB_RSA,0,reason)
+
 static ERR_STRING_DATA RSA_str_functs[]=
 	{
-{ERR_PACK(0,RSA_F_MEMORY_LOCK,0),	"MEMORY_LOCK"},
-{ERR_PACK(0,RSA_F_RSA_CHECK_KEY,0),	"RSA_check_key"},
-{ERR_PACK(0,RSA_F_RSA_EAY_PRIVATE_DECRYPT,0),	"RSA_EAY_PRIVATE_DECRYPT"},
-{ERR_PACK(0,RSA_F_RSA_EAY_PRIVATE_ENCRYPT,0),	"RSA_EAY_PRIVATE_ENCRYPT"},
-{ERR_PACK(0,RSA_F_RSA_EAY_PUBLIC_DECRYPT,0),	"RSA_EAY_PUBLIC_DECRYPT"},
-{ERR_PACK(0,RSA_F_RSA_EAY_PUBLIC_ENCRYPT,0),	"RSA_EAY_PUBLIC_ENCRYPT"},
-{ERR_PACK(0,RSA_F_RSA_GENERATE_KEY,0),	"RSA_generate_key"},
-{ERR_PACK(0,RSA_F_RSA_NEW_METHOD,0),	"RSA_new_method"},
-{ERR_PACK(0,RSA_F_RSA_NULL,0),	"RSA_NULL"},
-{ERR_PACK(0,RSA_F_RSA_PADDING_ADD_NONE,0),	"RSA_padding_add_none"},
-{ERR_PACK(0,RSA_F_RSA_PADDING_ADD_PKCS1_OAEP,0),	"RSA_padding_add_PKCS1_OAEP"},
-{ERR_PACK(0,RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1,0),	"RSA_padding_add_PKCS1_type_1"},
-{ERR_PACK(0,RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2,0),	"RSA_padding_add_PKCS1_type_2"},
-{ERR_PACK(0,RSA_F_RSA_PADDING_ADD_SSLV23,0),	"RSA_padding_add_SSLv23"},
-{ERR_PACK(0,RSA_F_RSA_PADDING_CHECK_NONE,0),	"RSA_padding_check_none"},
-{ERR_PACK(0,RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP,0),	"RSA_padding_check_PKCS1_OAEP"},
-{ERR_PACK(0,RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1,0),	"RSA_padding_check_PKCS1_type_1"},
-{ERR_PACK(0,RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2,0),	"RSA_padding_check_PKCS1_type_2"},
-{ERR_PACK(0,RSA_F_RSA_PADDING_CHECK_SSLV23,0),	"RSA_padding_check_SSLv23"},
-{ERR_PACK(0,RSA_F_RSA_PRINT,0),	"RSA_print"},
-{ERR_PACK(0,RSA_F_RSA_PRINT_FP,0),	"RSA_print_fp"},
-{ERR_PACK(0,RSA_F_RSA_SIGN,0),	"RSA_sign"},
-{ERR_PACK(0,RSA_F_RSA_SIGN_ASN1_OCTET_STRING,0),	"RSA_sign_ASN1_OCTET_STRING"},
-{ERR_PACK(0,RSA_F_RSA_VERIFY,0),	"RSA_verify"},
-{ERR_PACK(0,RSA_F_RSA_VERIFY_ASN1_OCTET_STRING,0),	"RSA_verify_ASN1_OCTET_STRING"},
+{ERR_FUNC(RSA_F_CHECK_PADDING_MD),	"CHECK_PADDING_MD"},
+{ERR_FUNC(RSA_F_DO_RSA_PRINT),	"DO_RSA_PRINT"},
+{ERR_FUNC(RSA_F_INT_RSA_VERIFY),	"INT_RSA_VERIFY"},
+{ERR_FUNC(RSA_F_MEMORY_LOCK),	"MEMORY_LOCK"},
+{ERR_FUNC(RSA_F_OLD_RSA_PRIV_DECODE),	"OLD_RSA_PRIV_DECODE"},
+{ERR_FUNC(RSA_F_PKEY_RSA_CTRL),	"PKEY_RSA_CTRL"},
+{ERR_FUNC(RSA_F_PKEY_RSA_CTRL_STR),	"PKEY_RSA_CTRL_STR"},
+{ERR_FUNC(RSA_F_PKEY_RSA_SIGN),	"PKEY_RSA_SIGN"},
+{ERR_FUNC(RSA_F_PKEY_RSA_VERIFYRECOVER),	"PKEY_RSA_VERIFYRECOVER"},
+{ERR_FUNC(RSA_F_RSA_BUILTIN_KEYGEN),	"RSA_BUILTIN_KEYGEN"},
+{ERR_FUNC(RSA_F_RSA_CHECK_KEY),	"RSA_check_key"},
+{ERR_FUNC(RSA_F_RSA_EAY_PRIVATE_DECRYPT),	"RSA_EAY_PRIVATE_DECRYPT"},
+{ERR_FUNC(RSA_F_RSA_EAY_PRIVATE_ENCRYPT),	"RSA_EAY_PRIVATE_ENCRYPT"},
+{ERR_FUNC(RSA_F_RSA_EAY_PUBLIC_DECRYPT),	"RSA_EAY_PUBLIC_DECRYPT"},
+{ERR_FUNC(RSA_F_RSA_EAY_PUBLIC_ENCRYPT),	"RSA_EAY_PUBLIC_ENCRYPT"},
+{ERR_FUNC(RSA_F_RSA_GENERATE_KEY),	"RSA_generate_key"},
+{ERR_FUNC(RSA_F_RSA_MEMORY_LOCK),	"RSA_memory_lock"},
+{ERR_FUNC(RSA_F_RSA_NEW_METHOD),	"RSA_new_method"},
+{ERR_FUNC(RSA_F_RSA_NULL),	"RSA_NULL"},
+{ERR_FUNC(RSA_F_RSA_NULL_MOD_EXP),	"RSA_NULL_MOD_EXP"},
+{ERR_FUNC(RSA_F_RSA_NULL_PRIVATE_DECRYPT),	"RSA_NULL_PRIVATE_DECRYPT"},
+{ERR_FUNC(RSA_F_RSA_NULL_PRIVATE_ENCRYPT),	"RSA_NULL_PRIVATE_ENCRYPT"},
+{ERR_FUNC(RSA_F_RSA_NULL_PUBLIC_DECRYPT),	"RSA_NULL_PUBLIC_DECRYPT"},
+{ERR_FUNC(RSA_F_RSA_NULL_PUBLIC_ENCRYPT),	"RSA_NULL_PUBLIC_ENCRYPT"},
+{ERR_FUNC(RSA_F_RSA_PADDING_ADD_NONE),	"RSA_padding_add_none"},
+{ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP),	"RSA_padding_add_PKCS1_OAEP"},
+{ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_PSS),	"RSA_padding_add_PKCS1_PSS"},
+{ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1),	"RSA_padding_add_PKCS1_type_1"},
+{ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2),	"RSA_padding_add_PKCS1_type_2"},
+{ERR_FUNC(RSA_F_RSA_PADDING_ADD_SSLV23),	"RSA_padding_add_SSLv23"},
+{ERR_FUNC(RSA_F_RSA_PADDING_ADD_X931),	"RSA_padding_add_X931"},
+{ERR_FUNC(RSA_F_RSA_PADDING_CHECK_NONE),	"RSA_padding_check_none"},
+{ERR_FUNC(RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP),	"RSA_padding_check_PKCS1_OAEP"},
+{ERR_FUNC(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1),	"RSA_padding_check_PKCS1_type_1"},
+{ERR_FUNC(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2),	"RSA_padding_check_PKCS1_type_2"},
+{ERR_FUNC(RSA_F_RSA_PADDING_CHECK_SSLV23),	"RSA_padding_check_SSLv23"},
+{ERR_FUNC(RSA_F_RSA_PADDING_CHECK_X931),	"RSA_padding_check_X931"},
+{ERR_FUNC(RSA_F_RSA_PRINT),	"RSA_print"},
+{ERR_FUNC(RSA_F_RSA_PRINT_FP),	"RSA_print_fp"},
+{ERR_FUNC(RSA_F_RSA_PRIV_DECODE),	"RSA_PRIV_DECODE"},
+{ERR_FUNC(RSA_F_RSA_PRIV_ENCODE),	"RSA_PRIV_ENCODE"},
+{ERR_FUNC(RSA_F_RSA_PUB_DECODE),	"RSA_PUB_DECODE"},
+{ERR_FUNC(RSA_F_RSA_SETUP_BLINDING),	"RSA_setup_blinding"},
+{ERR_FUNC(RSA_F_RSA_SIGN),	"RSA_sign"},
+{ERR_FUNC(RSA_F_RSA_SIGN_ASN1_OCTET_STRING),	"RSA_sign_ASN1_OCTET_STRING"},
+{ERR_FUNC(RSA_F_RSA_VERIFY),	"RSA_verify"},
+{ERR_FUNC(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING),	"RSA_verify_ASN1_OCTET_STRING"},
+{ERR_FUNC(RSA_F_RSA_VERIFY_PKCS1_PSS),	"RSA_verify_PKCS1_PSS"},
 {0,NULL}
 	};
 
 static ERR_STRING_DATA RSA_str_reasons[]=
 	{
-{RSA_R_ALGORITHM_MISMATCH                ,"algorithm mismatch"},
-{RSA_R_BAD_E_VALUE                       ,"bad e value"},
-{RSA_R_BAD_FIXED_HEADER_DECRYPT          ,"bad fixed header decrypt"},
-{RSA_R_BAD_PAD_BYTE_COUNT                ,"bad pad byte count"},
-{RSA_R_BAD_SIGNATURE                     ,"bad signature"},
-{RSA_R_BLOCK_TYPE_IS_NOT_01              ,"block type is not 01"},
-{RSA_R_BLOCK_TYPE_IS_NOT_02              ,"block type is not 02"},
-{RSA_R_DATA_GREATER_THAN_MOD_LEN         ,"data greater than mod len"},
-{RSA_R_DATA_TOO_LARGE                    ,"data too large"},
-{RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE       ,"data too large for key size"},
-{RSA_R_DATA_TOO_LARGE_FOR_MODULUS        ,"data too large for modulus"},
-{RSA_R_DATA_TOO_SMALL                    ,"data too small"},
-{RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE       ,"data too small for key size"},
-{RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY        ,"digest too big for rsa key"},
-{RSA_R_DMP1_NOT_CONGRUENT_TO_D           ,"dmp1 not congruent to d"},
-{RSA_R_DMQ1_NOT_CONGRUENT_TO_D           ,"dmq1 not congruent to d"},
-{RSA_R_D_E_NOT_CONGRUENT_TO_1            ,"d e not congruent to 1"},
-{RSA_R_INVALID_MESSAGE_LENGTH            ,"invalid message length"},
-{RSA_R_IQMP_NOT_INVERSE_OF_Q             ,"iqmp not inverse of q"},
-{RSA_R_KEY_SIZE_TOO_SMALL                ,"key size too small"},
-{RSA_R_NULL_BEFORE_BLOCK_MISSING         ,"null before block missing"},
-{RSA_R_N_DOES_NOT_EQUAL_P_Q              ,"n does not equal p q"},
-{RSA_R_OAEP_DECODING_ERROR               ,"oaep decoding error"},
-{RSA_R_PADDING_CHECK_FAILED              ,"padding check failed"},
-{RSA_R_P_NOT_PRIME                       ,"p not prime"},
-{RSA_R_Q_NOT_PRIME                       ,"q not prime"},
-{RSA_R_RSA_OPERATIONS_NOT_SUPPORTED      ,"rsa operations not supported"},
-{RSA_R_SSLV3_ROLLBACK_ATTACK             ,"sslv3 rollback attack"},
-{RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD,"the asn1 object identifier is not known for this md"},
-{RSA_R_UNKNOWN_ALGORITHM_TYPE            ,"unknown algorithm type"},
-{RSA_R_UNKNOWN_PADDING_TYPE              ,"unknown padding type"},
-{RSA_R_WRONG_SIGNATURE_LENGTH            ,"wrong signature length"},
+{ERR_REASON(RSA_R_ALGORITHM_MISMATCH)    ,"algorithm mismatch"},
+{ERR_REASON(RSA_R_BAD_E_VALUE)           ,"bad e value"},
+{ERR_REASON(RSA_R_BAD_FIXED_HEADER_DECRYPT),"bad fixed header decrypt"},
+{ERR_REASON(RSA_R_BAD_PAD_BYTE_COUNT)    ,"bad pad byte count"},
+{ERR_REASON(RSA_R_BAD_SIGNATURE)         ,"bad signature"},
+{ERR_REASON(RSA_R_BLOCK_TYPE_IS_NOT_01)  ,"block type is not 01"},
+{ERR_REASON(RSA_R_BLOCK_TYPE_IS_NOT_02)  ,"block type is not 02"},
+{ERR_REASON(RSA_R_DATA_GREATER_THAN_MOD_LEN),"data greater than mod len"},
+{ERR_REASON(RSA_R_DATA_TOO_LARGE)        ,"data too large"},
+{ERR_REASON(RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE),"data too large for key size"},
+{ERR_REASON(RSA_R_DATA_TOO_LARGE_FOR_MODULUS),"data too large for modulus"},
+{ERR_REASON(RSA_R_DATA_TOO_SMALL)        ,"data too small"},
+{ERR_REASON(RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE),"data too small for key size"},
+{ERR_REASON(RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY),"digest too big for rsa key"},
+{ERR_REASON(RSA_R_DMP1_NOT_CONGRUENT_TO_D),"dmp1 not congruent to d"},
+{ERR_REASON(RSA_R_DMQ1_NOT_CONGRUENT_TO_D),"dmq1 not congruent to d"},
+{ERR_REASON(RSA_R_D_E_NOT_CONGRUENT_TO_1),"d e not congruent to 1"},
+{ERR_REASON(RSA_R_FIRST_OCTET_INVALID)   ,"first octet invalid"},
+{ERR_REASON(RSA_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE),"illegal or unsupported padding mode"},
+{ERR_REASON(RSA_R_INVALID_DIGEST_LENGTH) ,"invalid digest length"},
+{ERR_REASON(RSA_R_INVALID_HEADER)        ,"invalid header"},
+{ERR_REASON(RSA_R_INVALID_KEYBITS)       ,"invalid keybits"},
+{ERR_REASON(RSA_R_INVALID_MESSAGE_LENGTH),"invalid message length"},
+{ERR_REASON(RSA_R_INVALID_PADDING)       ,"invalid padding"},
+{ERR_REASON(RSA_R_INVALID_PADDING_MODE)  ,"invalid padding mode"},
+{ERR_REASON(RSA_R_INVALID_PSS_SALTLEN)   ,"invalid pss saltlen"},
+{ERR_REASON(RSA_R_INVALID_TRAILER)       ,"invalid trailer"},
+{ERR_REASON(RSA_R_INVALID_X931_DIGEST)   ,"invalid x931 digest"},
+{ERR_REASON(RSA_R_IQMP_NOT_INVERSE_OF_Q) ,"iqmp not inverse of q"},
+{ERR_REASON(RSA_R_KEY_SIZE_TOO_SMALL)    ,"key size too small"},
+{ERR_REASON(RSA_R_LAST_OCTET_INVALID)    ,"last octet invalid"},
+{ERR_REASON(RSA_R_MODULUS_TOO_LARGE)     ,"modulus too large"},
+{ERR_REASON(RSA_R_NO_PUBLIC_EXPONENT)    ,"no public exponent"},
+{ERR_REASON(RSA_R_NULL_BEFORE_BLOCK_MISSING),"null before block missing"},
+{ERR_REASON(RSA_R_N_DOES_NOT_EQUAL_P_Q)  ,"n does not equal p q"},
+{ERR_REASON(RSA_R_OAEP_DECODING_ERROR)   ,"oaep decoding error"},
+{ERR_REASON(RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE),"operation not supported for this keytype"},
+{ERR_REASON(RSA_R_PADDING_CHECK_FAILED)  ,"padding check failed"},
+{ERR_REASON(RSA_R_P_NOT_PRIME)           ,"p not prime"},
+{ERR_REASON(RSA_R_Q_NOT_PRIME)           ,"q not prime"},
+{ERR_REASON(RSA_R_RSA_OPERATIONS_NOT_SUPPORTED),"rsa operations not supported"},
+{ERR_REASON(RSA_R_SLEN_CHECK_FAILED)     ,"salt length check failed"},
+{ERR_REASON(RSA_R_SLEN_RECOVERY_FAILED)  ,"salt length recovery failed"},
+{ERR_REASON(RSA_R_SSLV3_ROLLBACK_ATTACK) ,"sslv3 rollback attack"},
+{ERR_REASON(RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD),"the asn1 object identifier is not known for this md"},
+{ERR_REASON(RSA_R_UNKNOWN_ALGORITHM_TYPE),"unknown algorithm type"},
+{ERR_REASON(RSA_R_UNKNOWN_PADDING_TYPE)  ,"unknown padding type"},
+{ERR_REASON(RSA_R_VALUE_MISSING)         ,"value missing"},
+{ERR_REASON(RSA_R_WRONG_SIGNATURE_LENGTH),"wrong signature length"},
 {0,NULL}
 	};
 
@@ -135,15 +179,12 @@ static ERR_STRING_DATA RSA_str_reasons[]=
 
 void ERR_load_RSA_strings(void)
 	{
-	static int init=1;
-
-	if (init)
-		{
-		init=0;
 #ifndef OPENSSL_NO_ERR
-		ERR_load_strings(ERR_LIB_RSA,RSA_str_functs);
-		ERR_load_strings(ERR_LIB_RSA,RSA_str_reasons);
-#endif
 
+	if (ERR_func_error_string(RSA_str_functs[0].error) == NULL)
+		{
+		ERR_load_strings(0,RSA_str_functs);
+		ERR_load_strings(0,RSA_str_reasons);
 		}
+#endif
 	}
diff --git a/crypto/rsa/rsa_gen.c b/crypto/rsa/rsa_gen.c
index 8e3a5821d6..767f7ab682 100644
--- a/crypto/rsa/rsa_gen.c
+++ b/crypto/rsa/rsa_gen.c
@@ -85,6 +85,8 @@ int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb)
 static int rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb)
 	{
 	BIGNUM *r0=NULL,*r1=NULL,*r2=NULL,*r3=NULL,*tmp;
+	BIGNUM local_r0,local_d,local_p;
+	BIGNUM *pr0,*d,*p;
 	int bitsp,bitsq,ok= -1,n=0;
 	BN_CTX *ctx=NULL;
 
@@ -139,7 +141,7 @@ static int rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb)
 		if(degenerate == 3)
 			{
 			ok = 0; /* we set our own err */
-			RSAerr(RSA_F_RSA_GENERATE_KEY,RSA_R_KEY_SIZE_TOO_SMALL);
+			RSAerr(RSA_F_RSA_BUILTIN_KEYGEN,RSA_R_KEY_SIZE_TOO_SMALL);
 			goto err;
 			}
 		if (!BN_sub(r2,rsa->q,BN_value_one())) goto err;
@@ -165,26 +167,52 @@ static int rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb)
 	if (!BN_sub(r1,rsa->p,BN_value_one())) goto err;	/* p-1 */
 	if (!BN_sub(r2,rsa->q,BN_value_one())) goto err;	/* q-1 */
 	if (!BN_mul(r0,r1,r2,ctx)) goto err;	/* (p-1)(q-1) */
-	if (!BN_mod_inverse(rsa->d,rsa->e,r0,ctx)) goto err;	/* d */
+	if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME))
+		{
+		  pr0 = &local_r0;
+		  BN_with_flags(pr0, r0, BN_FLG_CONSTTIME);
+		}
+	else
+	  pr0 = r0;
+	if (!BN_mod_inverse(rsa->d,rsa->e,pr0,ctx)) goto err;	/* d */
+
+	/* set up d for correct BN_FLG_CONSTTIME flag */
+	if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME))
+		{
+		d = &local_d;
+		BN_with_flags(d, rsa->d, BN_FLG_CONSTTIME);
+		}
+	else
+		d = rsa->d;
 
 	/* calculate d mod (p-1) */
-	if (!BN_mod(rsa->dmp1,rsa->d,r1,ctx)) goto err;
+	if (!BN_mod(rsa->dmp1,d,r1,ctx)) goto err;
 
 	/* calculate d mod (q-1) */
-	if (!BN_mod(rsa->dmq1,rsa->d,r2,ctx)) goto err;
+	if (!BN_mod(rsa->dmq1,d,r2,ctx)) goto err;
 
 	/* calculate inverse of q mod p */
-	if (!BN_mod_inverse(rsa->iqmp,rsa->q,rsa->p,ctx)) goto err;
+	if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME))
+		{
+		p = &local_p;
+		BN_with_flags(p, rsa->p, BN_FLG_CONSTTIME);
+		}
+	else
+		p = rsa->p;
+	if (!BN_mod_inverse(rsa->iqmp,rsa->q,p,ctx)) goto err;
 
 	ok=1;
 err:
 	if (ok == -1)
 		{
-		RSAerr(RSA_F_RSA_GENERATE_KEY,ERR_LIB_BN);
+		RSAerr(RSA_F_RSA_BUILTIN_KEYGEN,ERR_LIB_BN);
 		ok=0;
 		}
-	BN_CTX_end(ctx);
-	BN_CTX_free(ctx);
+	if (ctx != NULL)
+		{
+		BN_CTX_end(ctx);
+		BN_CTX_free(ctx);
+		}
 
 	return ok;
 	}
diff --git a/crypto/rsa/rsa_lib.c b/crypto/rsa/rsa_lib.c
index cba2dd66cd..de45088d76 100644
--- a/crypto/rsa/rsa_lib.c
+++ b/crypto/rsa/rsa_lib.c
@@ -67,7 +67,7 @@
 #include <openssl/engine.h>
 #endif
 
-const char *RSA_version="RSA" OPENSSL_VERSION_PTEXT;
+const char RSA_version[]="RSA" OPENSSL_VERSION_PTEXT;
 
 static const RSA_METHOD *default_RSA_meth=NULL;
 
@@ -179,9 +179,19 @@ RSA *RSA_new_method(ENGINE *engine)
 	ret->_method_mod_p=NULL;
 	ret->_method_mod_q=NULL;
 	ret->blinding=NULL;
+	ret->mt_blinding=NULL;
 	ret->bignum_data=NULL;
 	ret->flags=ret->meth->flags;
-	CRYPTO_new_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data);
+	if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data))
+		{
+#ifndef OPENSSL_NO_ENGINE
+	if (ret->engine)
+		ENGINE_finish(ret->engine);
+#endif
+		OPENSSL_free(ret);
+		return(NULL);
+		}
+
 	if ((ret->meth->init != NULL) && !ret->meth->init(ret))
 		{
 #ifndef OPENSSL_NO_ENGINE
@@ -232,6 +242,7 @@ void RSA_free(RSA *r)
 	if (r->dmq1 != NULL) BN_clear_free(r->dmq1);
 	if (r->iqmp != NULL) BN_clear_free(r->iqmp);
 	if (r->blinding != NULL) BN_BLINDING_free(r->blinding);
+	if (r->mt_blinding != NULL) BN_BLINDING_free(r->mt_blinding);
 	if (r->bignum_data != NULL) OPENSSL_free_locked(r->bignum_data);
 	OPENSSL_free(r);
 	}
@@ -314,59 +325,117 @@ void RSA_blinding_off(RSA *rsa)
 	rsa->flags |= RSA_FLAG_NO_BLINDING;
 	}
 
-int RSA_blinding_on(RSA *rsa, BN_CTX *p_ctx)
+int RSA_blinding_on(RSA *rsa, BN_CTX *ctx)
 	{
-	BIGNUM *A,*Ai = NULL;
-	BN_CTX *ctx;
 	int ret=0;
 
-	if (p_ctx == NULL)
+	if (rsa->blinding != NULL)
+		RSA_blinding_off(rsa);
+
+	rsa->blinding = RSA_setup_blinding(rsa, ctx);
+	if (rsa->blinding == NULL)
+		goto err;
+
+	rsa->flags |= RSA_FLAG_BLINDING;
+	rsa->flags &= ~RSA_FLAG_NO_BLINDING;
+	ret=1;
+err:
+	return(ret);
+	}
+
+static BIGNUM *rsa_get_public_exp(const BIGNUM *d, const BIGNUM *p,
+	const BIGNUM *q, BN_CTX *ctx)
+{
+	BIGNUM *ret = NULL, *r0, *r1, *r2;
+
+	if (d == NULL || p == NULL || q == NULL)
+		return NULL;
+
+	BN_CTX_start(ctx);
+	r0 = BN_CTX_get(ctx);
+	r1 = BN_CTX_get(ctx);
+	r2 = BN_CTX_get(ctx);
+	if (r2 == NULL)
+		goto err;
+
+	if (!BN_sub(r1, p, BN_value_one())) goto err;
+	if (!BN_sub(r2, q, BN_value_one())) goto err;
+	if (!BN_mul(r0, r1, r2, ctx)) goto err;
+
+	ret = BN_mod_inverse(NULL, d, r0, ctx);
+err:
+	BN_CTX_end(ctx);
+	return ret;
+}
+
+BN_BLINDING *RSA_setup_blinding(RSA *rsa, BN_CTX *in_ctx)
+{
+	BIGNUM local_n;
+	BIGNUM *e,*n;
+	BN_CTX *ctx;
+	BN_BLINDING *ret = NULL;
+
+	if (in_ctx == NULL)
 		{
-		if ((ctx=BN_CTX_new()) == NULL) goto err;
+		if ((ctx = BN_CTX_new()) == NULL) return 0;
 		}
 	else
-		ctx=p_ctx;
+		ctx = in_ctx;
 
-	/* XXXXX: Shouldn't this be RSA_blinding_off(rsa)? */
-	if (rsa->blinding != NULL)
+	BN_CTX_start(ctx);
+	e  = BN_CTX_get(ctx);
+	if (e == NULL)
 		{
-		BN_BLINDING_free(rsa->blinding);
-		rsa->blinding = NULL;
+		RSAerr(RSA_F_RSA_SETUP_BLINDING, ERR_R_MALLOC_FAILURE);
+		goto err;
 		}
 
-	/* NB: similar code appears in setup_blinding (rsa_eay.c);
-	 * this should be placed in a new function of its own, but for reasons
-	 * of binary compatibility can't */
+	if (rsa->e == NULL)
+		{
+		e = rsa_get_public_exp(rsa->d, rsa->p, rsa->q, ctx);
+		if (e == NULL)
+			{
+			RSAerr(RSA_F_RSA_SETUP_BLINDING, RSA_R_NO_PUBLIC_EXPONENT);
+			goto err;
+			}
+		}
+	else
+		e = rsa->e;
 
-	BN_CTX_start(ctx);
-	A = BN_CTX_get(ctx);
+	
 	if ((RAND_status() == 0) && rsa->d != NULL && rsa->d->d != NULL)
 		{
-		/* if PRNG is not properly seeded, resort to secret exponent as unpredictable seed */
+		/* if PRNG is not properly seeded, resort to secret
+		 * exponent as unpredictable seed */
 		RAND_add(rsa->d->d, rsa->d->dmax * sizeof rsa->d->d[0], 0.0);
-		if (!BN_pseudo_rand_range(A,rsa->n)) goto err;
 		}
-	else
+
+	if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME))
 		{
-		if (!BN_rand_range(A,rsa->n)) goto err;
+		/* Set BN_FLG_CONSTTIME flag */
+		n = &local_n;
+		BN_with_flags(n, rsa->n, BN_FLG_CONSTTIME);
 		}
-	if ((Ai=BN_mod_inverse(NULL,A,rsa->n,ctx)) == NULL) goto err;
+	else
+		n = rsa->n;
 
-	if (!rsa->meth->bn_mod_exp(A,A,rsa->e,rsa->n,ctx,rsa->_method_mod_n))
+	ret = BN_BLINDING_create_param(NULL, e, n, ctx,
+			rsa->meth->bn_mod_exp, rsa->_method_mod_n);
+	if (ret == NULL)
+		{
+		RSAerr(RSA_F_RSA_SETUP_BLINDING, ERR_R_BN_LIB);
 		goto err;
-	if ((rsa->blinding=BN_BLINDING_new(A,Ai,rsa->n)) == NULL) goto err;
-	/* to make things thread-safe without excessive locking,
-	 * rsa->blinding will be used just by the current thread: */
-	rsa->blinding->thread_id = CRYPTO_thread_id();
-	rsa->flags |= RSA_FLAG_BLINDING;
-	rsa->flags &= ~RSA_FLAG_NO_BLINDING;
-	ret=1;
+		}
+	CRYPTO_THREADID_current(BN_BLINDING_thread_id(ret));
 err:
-	if (Ai != NULL) BN_free(Ai);
 	BN_CTX_end(ctx);
-	if (ctx != p_ctx) BN_CTX_free(ctx);
-	return(ret);
-	}
+	if (in_ctx == NULL)
+		BN_CTX_free(ctx);
+	if(rsa->e == NULL)
+		BN_free(e);
+
+	return ret;
+}
 
 int RSA_memory_lock(RSA *r)
 	{
@@ -389,7 +458,7 @@ int RSA_memory_lock(RSA *r)
 		j+= (*t[i])->top;
 	if ((p=OPENSSL_malloc_locked((off+j)*sizeof(BN_ULONG))) == NULL)
 		{
-		RSAerr(RSA_F_MEMORY_LOCK,ERR_R_MALLOC_FAILURE);
+		RSAerr(RSA_F_RSA_MEMORY_LOCK,ERR_R_MALLOC_FAILURE);
 		return(0);
 		}
 	bn=(BIGNUM *)p;
diff --git a/crypto/rsa/rsa_locl.h b/crypto/rsa/rsa_locl.h
new file mode 100644
index 0000000000..f5d2d56628
--- /dev/null
+++ b/crypto/rsa/rsa_locl.h
@@ -0,0 +1,4 @@
+extern int int_rsa_verify(int dtype, const unsigned char *m, unsigned int m_len,
+		unsigned char *rm, size_t *prm_len,
+		const unsigned char *sigbuf, size_t siglen,
+		RSA *rsa);
diff --git a/crypto/rsa/rsa_null.c b/crypto/rsa/rsa_null.c
index 1bf70ca2a9..2f2202f142 100644
--- a/crypto/rsa/rsa_null.c
+++ b/crypto/rsa/rsa_null.c
@@ -1,5 +1,5 @@
 /* rsa_null.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
 /* ====================================================================
@@ -107,35 +107,35 @@ const RSA_METHOD *RSA_null_method(void)
 static int RSA_null_public_encrypt(int flen, const unsigned char *from,
 	     unsigned char *to, RSA *rsa, int padding)
 	{
-	RSAerr(RSA_F_RSA_NULL, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED);
+	RSAerr(RSA_F_RSA_NULL_PUBLIC_ENCRYPT, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED);
 	return -1;
 	}
 
 static int RSA_null_private_encrypt(int flen, const unsigned char *from,
 	     unsigned char *to, RSA *rsa, int padding)
 	{
-	RSAerr(RSA_F_RSA_NULL, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED);
+	RSAerr(RSA_F_RSA_NULL_PRIVATE_ENCRYPT, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED);
 	return -1;
 	}
 
 static int RSA_null_private_decrypt(int flen, const unsigned char *from,
 	     unsigned char *to, RSA *rsa, int padding)
 	{
-	RSAerr(RSA_F_RSA_NULL, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED);
+	RSAerr(RSA_F_RSA_NULL_PRIVATE_DECRYPT, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED);
 	return -1;
 	}
 
 static int RSA_null_public_decrypt(int flen, const unsigned char *from,
 	     unsigned char *to, RSA *rsa, int padding)
 	{
-	RSAerr(RSA_F_RSA_NULL, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED);
+	RSAerr(RSA_F_RSA_NULL_PUBLIC_DECRYPT, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED);
 	return -1;
 	}
 
 #if 0 /* not currently used */
 static int RSA_null_mod_exp(BIGNUM *r0, BIGNUM *I, RSA *rsa)
 	{
-	RSAerr(RSA_F_RSA_NULL, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED);
+	...err(RSA_F_RSA_NULL_MOD_EXP, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED);
 	return -1;
 	}
 #endif
@@ -149,5 +149,3 @@ static int RSA_null_finish(RSA *rsa)
 	{
 	return(1);
 	}
-
-
diff --git a/crypto/rsa/rsa_oaep.c b/crypto/rsa/rsa_oaep.c
index e3f7c608ec..553d212ebe 100644
--- a/crypto/rsa/rsa_oaep.c
+++ b/crypto/rsa/rsa_oaep.c
@@ -28,7 +28,7 @@
 #include <openssl/rand.h>
 #include <openssl/sha.h>
 
-int MGF1(unsigned char *mask, long len,
+static int MGF1(unsigned char *mask, long len,
 	const unsigned char *seed, long seedlen);
 
 int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen,
@@ -52,18 +52,12 @@ int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen,
 		return 0;
 		}
 
-	dbmask = OPENSSL_malloc(emlen - SHA_DIGEST_LENGTH);
-	if (dbmask == NULL)
-		{
-		RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP, ERR_R_MALLOC_FAILURE);
-		return 0;
-		}
-
 	to[0] = 0;
 	seed = to + 1;
 	db = to + SHA_DIGEST_LENGTH + 1;
 
-	EVP_Digest((void *)param, plen, db, NULL, EVP_sha1(), NULL);
+	if (!EVP_Digest((void *)param, plen, db, NULL, EVP_sha1(), NULL))
+		return 0;
 	memset(db + SHA_DIGEST_LENGTH, 0,
 		emlen - flen - 2 * SHA_DIGEST_LENGTH - 1);
 	db[emlen - flen - SHA_DIGEST_LENGTH - 1] = 0x01;
@@ -76,11 +70,20 @@ int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen,
 	   20);
 #endif
 
-	MGF1(dbmask, emlen - SHA_DIGEST_LENGTH, seed, SHA_DIGEST_LENGTH);
+	dbmask = OPENSSL_malloc(emlen - SHA_DIGEST_LENGTH);
+	if (dbmask == NULL)
+		{
+		RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP, ERR_R_MALLOC_FAILURE);
+		return 0;
+		}
+
+	if (MGF1(dbmask, emlen - SHA_DIGEST_LENGTH, seed, SHA_DIGEST_LENGTH) < 0)
+		return 0;
 	for (i = 0; i < emlen - SHA_DIGEST_LENGTH; i++)
 		db[i] ^= dbmask[i];
 
-	MGF1(seedmask, SHA_DIGEST_LENGTH, db, emlen - SHA_DIGEST_LENGTH);
+	if (MGF1(seedmask, SHA_DIGEST_LENGTH, db, emlen - SHA_DIGEST_LENGTH) < 0)
+		return 0;
 	for (i = 0; i < SHA_DIGEST_LENGTH; i++)
 		seed[i] ^= seedmask[i];
 
@@ -96,6 +99,7 @@ int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen,
 	const unsigned char *maskeddb;
 	int lzero;
 	unsigned char *db = NULL, seed[SHA_DIGEST_LENGTH], phash[SHA_DIGEST_LENGTH];
+	unsigned char *padded_from;
 	int bad = 0;
 
 	if (--num < 2 * SHA_DIGEST_LENGTH + 1)
@@ -106,8 +110,6 @@ int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen,
 	lzero = num - flen;
 	if (lzero < 0)
 		{
-		/* lzero == -1 */
-
 		/* signalling this error immediately after detection might allow
 		 * for side-channel attacks (e.g. timing if 'plen' is huge
 		 * -- cf. James H. Manger, "A Chosen Ciphertext Attack on RSA Optimal
@@ -115,26 +117,37 @@ int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen,
 		 * so we use a 'bad' flag */
 		bad = 1;
 		lzero = 0;
+		flen = num; /* don't overflow the memcpy to padded_from */
 		}
-	maskeddb = from - lzero + SHA_DIGEST_LENGTH;
 
 	dblen = num - SHA_DIGEST_LENGTH;
-	db = OPENSSL_malloc(dblen);
+	db = OPENSSL_malloc(dblen + num);
 	if (db == NULL)
 		{
-		RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP, ERR_R_MALLOC_FAILURE);
+		RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP, ERR_R_MALLOC_FAILURE);
 		return -1;
 		}
 
-	MGF1(seed, SHA_DIGEST_LENGTH, maskeddb, dblen);
-	for (i = lzero; i < SHA_DIGEST_LENGTH; i++)
-		seed[i] ^= from[i - lzero];
+	/* Always do this zero-padding copy (even when lzero == 0)
+	 * to avoid leaking timing info about the value of lzero. */
+	padded_from = db + dblen;
+	memset(padded_from, 0, lzero);
+	memcpy(padded_from + lzero, from, flen);
+
+	maskeddb = padded_from + SHA_DIGEST_LENGTH;
+
+	if (MGF1(seed, SHA_DIGEST_LENGTH, maskeddb, dblen))
+		return -1;
+	for (i = 0; i < SHA_DIGEST_LENGTH; i++)
+		seed[i] ^= padded_from[i];
   
-	MGF1(db, dblen, seed, SHA_DIGEST_LENGTH);
+	if (MGF1(db, dblen, seed, SHA_DIGEST_LENGTH))
+		return -1;
 	for (i = 0; i < dblen; i++)
 		db[i] ^= maskeddb[i];
 
-	EVP_Digest((void *)param, plen, phash, NULL, EVP_sha1(), NULL);
+	if (!EVP_Digest((void *)param, plen, phash, NULL, EVP_sha1(), NULL))
+		return -1;
 
 	if (memcmp(db, phash, SHA_DIGEST_LENGTH) != 0 || bad)
 		goto decoding_err;
@@ -143,13 +156,13 @@ int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen,
 		for (i = SHA_DIGEST_LENGTH; i < dblen; i++)
 			if (db[i] != 0x00)
 				break;
-		if (db[i] != 0x01 || i++ >= dblen)
+		if (i == dblen || db[i] != 0x01)
 			goto decoding_err;
 		else
 			{
 			/* everything looks OK */
 
-			mlen = dblen - i;
+			mlen = dblen - ++i;
 			if (tlen < mlen)
 				{
 				RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP, RSA_R_DATA_TOO_LARGE);
@@ -170,37 +183,53 @@ decoding_err:
 	return -1;
 	}
 
-int MGF1(unsigned char *mask, long len,
-	const unsigned char *seed, long seedlen)
+int PKCS1_MGF1(unsigned char *mask, long len,
+	const unsigned char *seed, long seedlen, const EVP_MD *dgst)
 	{
 	long i, outlen = 0;
 	unsigned char cnt[4];
 	EVP_MD_CTX c;
-	unsigned char md[SHA_DIGEST_LENGTH];
+	unsigned char md[EVP_MAX_MD_SIZE];
+	int mdlen;
+	int rv = -1;
 
 	EVP_MD_CTX_init(&c);
+	mdlen = EVP_MD_size(dgst);
+	if (mdlen < 0)
+		goto err;
 	for (i = 0; outlen < len; i++)
 		{
 		cnt[0] = (unsigned char)((i >> 24) & 255);
 		cnt[1] = (unsigned char)((i >> 16) & 255);
 		cnt[2] = (unsigned char)((i >> 8)) & 255;
 		cnt[3] = (unsigned char)(i & 255);
-		EVP_DigestInit_ex(&c,EVP_sha1(), NULL);
-		EVP_DigestUpdate(&c, seed, seedlen);
-		EVP_DigestUpdate(&c, cnt, 4);
-		if (outlen + SHA_DIGEST_LENGTH <= len)
+		if (!EVP_DigestInit_ex(&c,dgst, NULL)
+			|| !EVP_DigestUpdate(&c, seed, seedlen)
+			|| !EVP_DigestUpdate(&c, cnt, 4))
+			goto err;
+		if (outlen + mdlen <= len)
 			{
-			EVP_DigestFinal_ex(&c, mask + outlen, NULL);
-			outlen += SHA_DIGEST_LENGTH;
+			if (!EVP_DigestFinal_ex(&c, mask + outlen, NULL))
+				goto err;
+			outlen += mdlen;
 			}
 		else
 			{
-			EVP_DigestFinal_ex(&c, md, NULL);
+			if (!EVP_DigestFinal_ex(&c, md, NULL))
+				goto err;
 			memcpy(mask + outlen, md, len - outlen);
 			outlen = len;
 			}
 		}
+	rv = 0;
+	err:
 	EVP_MD_CTX_cleanup(&c);
-	return 0;
+	return rv;
+	}
+
+static int MGF1(unsigned char *mask, long len, const unsigned char *seed,
+		 long seedlen)
+	{
+	return PKCS1_MGF1(mask, len, seed, seedlen, EVP_sha1());
 	}
 #endif
diff --git a/crypto/rsa/rsa_pmeth.c b/crypto/rsa/rsa_pmeth.c
new file mode 100644
index 0000000000..297e17cdcf
--- /dev/null
+++ b/crypto/rsa/rsa_pmeth.c
@@ -0,0 +1,585 @@
+/* crypto/rsa/rsa_pmeth.c */
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project 2006.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/asn1t.h>
+#include <openssl/x509.h>
+#include <openssl/rsa.h>
+#include <openssl/bn.h>
+#include <openssl/evp.h>
+#include "evp_locl.h"
+#include "rsa_locl.h"
+
+/* RSA pkey context structure */
+
+typedef struct
+	{
+	/* Key gen parameters */
+	int nbits;
+	BIGNUM *pub_exp;
+	/* Keygen callback info */
+	int gentmp[2];
+	/* RSA padding mode */
+	int pad_mode;
+	/* message digest */
+	const EVP_MD *md;
+	/* PSS/OAEP salt length */
+	int saltlen;
+	/* Temp buffer */
+	unsigned char *tbuf;
+	} RSA_PKEY_CTX;
+
+static int pkey_rsa_init(EVP_PKEY_CTX *ctx)
+	{
+	RSA_PKEY_CTX *rctx;
+	rctx = OPENSSL_malloc(sizeof(RSA_PKEY_CTX));
+	if (!rctx)
+		return 0;
+	rctx->nbits = 1024;
+	rctx->pub_exp = NULL;
+	rctx->pad_mode = RSA_PKCS1_PADDING;
+	rctx->md = NULL;
+	rctx->tbuf = NULL;
+
+	rctx->saltlen = -2;
+
+	ctx->data = rctx;
+	ctx->keygen_info = rctx->gentmp;
+	ctx->keygen_info_count = 2;
+	
+	return 1;
+	}
+
+static int pkey_rsa_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
+	{
+	RSA_PKEY_CTX *dctx, *sctx;
+	if (!pkey_rsa_init(dst))
+		return 0;
+       	sctx = src->data;
+	dctx = dst->data;
+	dctx->nbits = sctx->nbits;
+	if (sctx->pub_exp)
+		{
+		dctx->pub_exp = BN_dup(sctx->pub_exp);
+		if (!dctx->pub_exp)
+			return 0;
+		}
+	dctx->pad_mode = sctx->pad_mode;
+	dctx->md = sctx->md;
+	return 1;
+	}
+
+static int setup_tbuf(RSA_PKEY_CTX *ctx, EVP_PKEY_CTX *pk)
+	{
+	if (ctx->tbuf)
+		return 1;
+	ctx->tbuf = OPENSSL_malloc(EVP_PKEY_size(pk->pkey));
+	if (!ctx->tbuf)
+		return 0;
+	return 1;
+	}
+
+static void pkey_rsa_cleanup(EVP_PKEY_CTX *ctx)
+	{
+	RSA_PKEY_CTX *rctx = ctx->data;
+	if (rctx)
+		{
+		if (rctx->pub_exp)
+			BN_free(rctx->pub_exp);
+		if (rctx->tbuf)
+			OPENSSL_free(rctx->tbuf);
+		OPENSSL_free(rctx);
+		}
+	}
+
+static int pkey_rsa_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+					const unsigned char *tbs, size_t tbslen)
+	{
+	int ret;
+	RSA_PKEY_CTX *rctx = ctx->data;
+	RSA *rsa = ctx->pkey->pkey.rsa;
+
+	if (rctx->md)
+		{
+		if (tbslen != (size_t)EVP_MD_size(rctx->md))
+			{
+			RSAerr(RSA_F_PKEY_RSA_SIGN,
+					RSA_R_INVALID_DIGEST_LENGTH);
+			return -1;
+			}
+		if (rctx->pad_mode == RSA_X931_PADDING)
+			{
+			if (!setup_tbuf(rctx, ctx))
+				return -1;
+			memcpy(rctx->tbuf, tbs, tbslen);
+			rctx->tbuf[tbslen] =
+				RSA_X931_hash_id(EVP_MD_type(rctx->md));
+			ret = RSA_private_encrypt(tbslen + 1, rctx->tbuf,
+						sig, rsa, RSA_X931_PADDING);
+			}
+		else if (rctx->pad_mode == RSA_PKCS1_PADDING)
+			{
+			unsigned int sltmp;
+			ret = RSA_sign(EVP_MD_type(rctx->md),
+						tbs, tbslen, sig, &sltmp, rsa);
+			if (ret <= 0)
+				return ret;
+			ret = sltmp;
+			}
+		else if (rctx->pad_mode == RSA_PKCS1_PSS_PADDING)
+			{
+			if (!setup_tbuf(rctx, ctx))
+				return -1;
+			if (!RSA_padding_add_PKCS1_PSS(rsa, rctx->tbuf, tbs,
+						rctx->md, rctx->saltlen))
+				return -1;
+			ret = RSA_private_encrypt(RSA_size(rsa), rctx->tbuf,
+						sig, rsa, RSA_NO_PADDING);
+			}
+		else
+			return -1;
+		}
+	else
+		ret = RSA_private_encrypt(tbslen, tbs, sig, ctx->pkey->pkey.rsa,
+							rctx->pad_mode);
+	if (ret < 0)
+		return ret;
+	*siglen = ret;
+	return 1;
+	}
+
+
+static int pkey_rsa_verifyrecover(EVP_PKEY_CTX *ctx,
+					unsigned char *rout, size_t *routlen,
+					const unsigned char *sig, size_t siglen)
+	{
+	int ret;
+	RSA_PKEY_CTX *rctx = ctx->data;
+
+	if (rctx->md)
+		{
+		if (rctx->pad_mode == RSA_X931_PADDING)
+			{
+			if (!setup_tbuf(rctx, ctx))
+				return -1;
+			ret = RSA_public_decrypt(siglen, sig,
+						rctx->tbuf, ctx->pkey->pkey.rsa,
+						RSA_X931_PADDING);
+			if (ret < 1)
+				return 0;
+			ret--;
+			if (rctx->tbuf[ret] !=
+				RSA_X931_hash_id(EVP_MD_type(rctx->md)))
+				{
+				RSAerr(RSA_F_PKEY_RSA_VERIFYRECOVER,
+						RSA_R_ALGORITHM_MISMATCH);
+				return 0;
+				}
+			if (ret != EVP_MD_size(rctx->md))
+				{
+				RSAerr(RSA_F_PKEY_RSA_VERIFYRECOVER,
+					RSA_R_INVALID_DIGEST_LENGTH);
+				return 0;
+				}
+			if (rout)
+				memcpy(rout, rctx->tbuf, ret);
+			}
+		else if (rctx->pad_mode == RSA_PKCS1_PADDING)
+			{
+			size_t sltmp;
+			ret = int_rsa_verify(EVP_MD_type(rctx->md),
+						NULL, 0, rout, &sltmp,
+					sig, siglen, ctx->pkey->pkey.rsa);
+			ret = sltmp;
+			}
+		else
+			return -1;
+		}
+	else
+		ret = RSA_public_decrypt(siglen, sig, rout, ctx->pkey->pkey.rsa,
+							rctx->pad_mode);
+	if (ret < 0)
+		return ret;
+	*routlen = ret;
+	return 1;
+	}
+
+static int pkey_rsa_verify(EVP_PKEY_CTX *ctx,
+					const unsigned char *sig, size_t siglen,
+					const unsigned char *tbs, size_t tbslen)
+	{
+	RSA_PKEY_CTX *rctx = ctx->data;
+	RSA *rsa = ctx->pkey->pkey.rsa;
+	size_t rslen;
+	if (rctx->md)
+		{
+		if (rctx->pad_mode == RSA_PKCS1_PADDING)
+			return RSA_verify(EVP_MD_type(rctx->md), tbs, tbslen,
+					sig, siglen, rsa);
+		if (rctx->pad_mode == RSA_X931_PADDING)
+			{
+			if (pkey_rsa_verifyrecover(ctx, NULL, &rslen,
+					sig, siglen) <= 0)
+				return 0;
+			}
+		else if (rctx->pad_mode == RSA_PKCS1_PSS_PADDING)
+			{
+			int ret;
+			if (!setup_tbuf(rctx, ctx))
+				return -1;
+			ret = RSA_public_decrypt(siglen, sig, rctx->tbuf,
+							rsa, RSA_NO_PADDING);
+			if (ret <= 0)
+				return 0;
+			ret = RSA_verify_PKCS1_PSS(rsa, tbs, rctx->md,
+						rctx->tbuf, rctx->saltlen);
+			if (ret <= 0)
+				return 0;
+			return 1;
+			}
+		else
+			return -1;
+		}
+	else
+		{
+		if (!setup_tbuf(rctx, ctx))
+			return -1;
+		rslen = RSA_public_decrypt(siglen, sig, rctx->tbuf,
+						rsa, rctx->pad_mode);
+		if (rslen == 0)
+			return 0;
+		}
+
+	if ((rslen != tbslen) || memcmp(tbs, rctx->tbuf, rslen))
+		return 0;
+
+	return 1;
+			
+	}
+	
+
+static int pkey_rsa_encrypt(EVP_PKEY_CTX *ctx,
+					unsigned char *out, size_t *outlen,
+					const unsigned char *in, size_t inlen)
+	{
+	int ret;
+	RSA_PKEY_CTX *rctx = ctx->data;
+	ret = RSA_public_encrypt(inlen, in, out, ctx->pkey->pkey.rsa,
+							rctx->pad_mode);
+	if (ret < 0)
+		return ret;
+	*outlen = ret;
+	return 1;
+	}
+
+static int pkey_rsa_decrypt(EVP_PKEY_CTX *ctx,
+					unsigned char *out, size_t *outlen,
+					const unsigned char *in, size_t inlen)
+	{
+	int ret;
+	RSA_PKEY_CTX *rctx = ctx->data;
+	ret = RSA_private_decrypt(inlen, in, out, ctx->pkey->pkey.rsa,
+							rctx->pad_mode);
+	if (ret < 0)
+		return ret;
+	*outlen = ret;
+	return 1;
+	}
+
+static int check_padding_md(const EVP_MD *md, int padding)
+	{
+	if (!md)
+		return 1;
+
+	if (padding == RSA_NO_PADDING)
+		{
+		RSAerr(RSA_F_CHECK_PADDING_MD, RSA_R_INVALID_PADDING_MODE);
+		return 0;
+		}
+
+	if (padding == RSA_X931_PADDING)
+		{
+		if (RSA_X931_hash_id(EVP_MD_type(md)) == -1)
+			{
+			RSAerr(RSA_F_CHECK_PADDING_MD,
+						RSA_R_INVALID_X931_DIGEST);
+			return 0;
+			}
+		return 1;
+		}
+
+	return 1;
+	}
+			
+
+static int pkey_rsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
+	{
+	RSA_PKEY_CTX *rctx = ctx->data;
+	switch (type)
+		{
+		case EVP_PKEY_CTRL_RSA_PADDING:
+		if ((p1 >= RSA_PKCS1_PADDING) && (p1 <= RSA_PKCS1_PSS_PADDING))
+			{
+			if (!check_padding_md(rctx->md, p1))
+				return 0;
+			if (p1 == RSA_PKCS1_PSS_PADDING) 
+				{
+				if (!(ctx->operation &
+				     (EVP_PKEY_OP_SIGN | EVP_PKEY_OP_VERIFY)))
+					goto bad_pad;
+				if (!rctx->md)
+					rctx->md = EVP_sha1();
+				}
+			if (p1 == RSA_PKCS1_OAEP_PADDING) 
+				{
+				if (!(ctx->operation & EVP_PKEY_OP_TYPE_CRYPT))
+					goto bad_pad;
+				if (!rctx->md)
+					rctx->md = EVP_sha1();
+				}
+			rctx->pad_mode = p1;
+			return 1;
+			}
+		bad_pad:
+		RSAerr(RSA_F_PKEY_RSA_CTRL,
+				RSA_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE);
+		return -2;
+
+		case EVP_PKEY_CTRL_RSA_PSS_SALTLEN:
+		if (p1 < -2)
+			return -2;
+		if (rctx->pad_mode != RSA_PKCS1_PSS_PADDING)
+			{
+			RSAerr(RSA_F_PKEY_RSA_CTRL, RSA_R_INVALID_PSS_SALTLEN);
+			return -2;
+			}
+		rctx->saltlen = p1;
+		return 1;
+
+		case EVP_PKEY_CTRL_RSA_KEYGEN_BITS:
+		if (p1 < 256)
+			{
+			RSAerr(RSA_F_PKEY_RSA_CTRL, RSA_R_INVALID_KEYBITS);
+			return -2;
+			}
+		rctx->nbits = p1;
+		return 1;
+
+		case EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP:
+		if (!p2)
+			return -2;
+		rctx->pub_exp = p2;
+		return 1;
+
+		case EVP_PKEY_CTRL_MD:
+		if (!check_padding_md(p2, rctx->pad_mode))
+			return 0;
+		rctx->md = p2;
+		return 1;
+
+		case EVP_PKEY_CTRL_DIGESTINIT:
+		case EVP_PKEY_CTRL_PKCS7_ENCRYPT:
+		case EVP_PKEY_CTRL_PKCS7_DECRYPT:
+		case EVP_PKEY_CTRL_PKCS7_SIGN:
+#ifndef OPENSSL_NO_CMS
+		case EVP_PKEY_CTRL_CMS_ENCRYPT:
+		case EVP_PKEY_CTRL_CMS_DECRYPT:
+		case EVP_PKEY_CTRL_CMS_SIGN:
+#endif
+		return 1;
+		case EVP_PKEY_CTRL_PEER_KEY:
+			RSAerr(RSA_F_PKEY_RSA_CTRL,
+			RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+			return -2;	
+
+		default:
+		return -2;
+
+		}
+	}
+			
+static int pkey_rsa_ctrl_str(EVP_PKEY_CTX *ctx,
+			const char *type, const char *value)
+	{
+	if (!value)
+		{
+		RSAerr(RSA_F_PKEY_RSA_CTRL_STR, RSA_R_VALUE_MISSING);
+		return 0;
+		}
+	if (!strcmp(type, "rsa_padding_mode"))
+		{
+		int pm;
+		if (!strcmp(value, "pkcs1"))
+			pm = RSA_PKCS1_PADDING;
+		else if (!strcmp(value, "sslv23"))
+			pm = RSA_SSLV23_PADDING;
+		else if (!strcmp(value, "none"))
+			pm = RSA_NO_PADDING;
+		else if (!strcmp(value, "oeap"))
+			pm = RSA_PKCS1_OAEP_PADDING;
+		else if (!strcmp(value, "x931"))
+			pm = RSA_X931_PADDING;
+		else if (!strcmp(value, "pss"))
+			pm = RSA_PKCS1_PSS_PADDING;
+		else
+			{
+			RSAerr(RSA_F_PKEY_RSA_CTRL_STR,
+						RSA_R_UNKNOWN_PADDING_TYPE);
+			return -2;
+			}
+		return EVP_PKEY_CTX_set_rsa_padding(ctx, pm);
+		}
+
+	if (!strcmp(type, "rsa_pss_saltlen"))
+		{
+		int saltlen;
+		saltlen = atoi(value);
+		return EVP_PKEY_CTX_set_rsa_pss_saltlen(ctx, saltlen);
+		}
+
+	if (!strcmp(type, "rsa_keygen_bits"))
+		{
+		int nbits;
+		nbits = atoi(value);
+		return EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, nbits);
+		}
+
+	if (!strcmp(type, "rsa_keygen_pubexp"))
+		{
+		int ret;
+		BIGNUM *pubexp = NULL;
+		if (!BN_asc2bn(&pubexp, value))
+			return 0;
+		ret = EVP_PKEY_CTX_set_rsa_keygen_pubexp(ctx, pubexp);
+		if (ret <= 0)
+			BN_free(pubexp);
+		return ret;
+		}
+
+	return -2;
+	}
+
+static int pkey_rsa_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
+	{
+	RSA *rsa = NULL;
+	RSA_PKEY_CTX *rctx = ctx->data;
+	BN_GENCB *pcb, cb;
+	int ret;
+	if (!rctx->pub_exp)
+		{
+		rctx->pub_exp = BN_new();
+		if (!rctx->pub_exp || !BN_set_word(rctx->pub_exp, RSA_F4))
+			return 0;
+		}
+	rsa = RSA_new();
+	if (!rsa)
+		return 0;
+	if (ctx->pkey_gencb)
+		{
+		pcb = &cb;
+		evp_pkey_set_cb_translate(pcb, ctx);
+		}
+	else
+		pcb = NULL;
+	ret = RSA_generate_key_ex(rsa, rctx->nbits, rctx->pub_exp, pcb);
+	if (ret > 0)
+		EVP_PKEY_assign_RSA(pkey, rsa);
+	else
+		RSA_free(rsa);
+	return ret;
+	}
+
+const EVP_PKEY_METHOD rsa_pkey_meth = 
+	{
+	EVP_PKEY_RSA,
+	EVP_PKEY_FLAG_AUTOARGLEN,
+	pkey_rsa_init,
+	pkey_rsa_copy,
+	pkey_rsa_cleanup,
+
+	0,0,
+
+	0,
+	pkey_rsa_keygen,
+
+	0,
+	pkey_rsa_sign,
+
+	0,
+	pkey_rsa_verify,
+
+	0,
+	pkey_rsa_verifyrecover,
+
+
+	0,0,0,0,
+
+	0,
+	pkey_rsa_encrypt,
+
+	0,
+	pkey_rsa_decrypt,
+
+	0,0,
+
+	pkey_rsa_ctrl,
+	pkey_rsa_ctrl_str
+
+
+	};
diff --git a/crypto/rsa/rsa_prn.c b/crypto/rsa/rsa_prn.c
new file mode 100644
index 0000000000..224db0fae5
--- /dev/null
+++ b/crypto/rsa/rsa_prn.c
@@ -0,0 +1,93 @@
+/* crypto/rsa/rsa_prn.c */
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project 2006.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/rsa.h>
+#include <openssl/evp.h>
+
+#ifndef OPENSSL_NO_FP_API
+int RSA_print_fp(FILE *fp, const RSA *x, int off)
+	{
+	BIO *b;
+	int ret;
+
+	if ((b=BIO_new(BIO_s_file())) == NULL)
+		{
+		RSAerr(RSA_F_RSA_PRINT_FP,ERR_R_BUF_LIB);
+		return(0);
+		}
+	BIO_set_fp(b,fp,BIO_NOCLOSE);
+	ret=RSA_print(b,x,off);
+	BIO_free(b);
+	return(ret);
+	}
+#endif
+
+int RSA_print(BIO *bp, const RSA *x, int off)
+	{
+	EVP_PKEY *pk;
+	int ret;
+	pk = EVP_PKEY_new();
+	if (!pk || !EVP_PKEY_set1_RSA(pk, (RSA *)x))
+		return 0;
+	ret = EVP_PKEY_print_private(bp, pk, off, NULL);
+	EVP_PKEY_free(pk);
+	return ret;
+	}
+
diff --git a/crypto/rsa/rsa_pss.c b/crypto/rsa/rsa_pss.c
new file mode 100644
index 0000000000..4efb8eddad
--- /dev/null
+++ b/crypto/rsa/rsa_pss.c
@@ -0,0 +1,282 @@
+/* rsa_pss.c */
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project 2005.
+ */
+/* ====================================================================
+ * Copyright (c) 2005 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/bn.h>
+#include <openssl/rsa.h>
+#include <openssl/evp.h>
+#include <openssl/rand.h>
+#include <openssl/sha.h>
+
+static const unsigned char zeroes[] = {0,0,0,0,0,0,0,0};
+
+#if defined(_MSC_VER) && defined(_ARM_)
+#pragma optimize("g", off)
+#endif
+
+int RSA_verify_PKCS1_PSS(RSA *rsa, const unsigned char *mHash,
+			const EVP_MD *Hash, const unsigned char *EM, int sLen)
+	{
+	int i;
+	int ret = 0;
+	int hLen, maskedDBLen, MSBits, emLen;
+	const unsigned char *H;
+	unsigned char *DB = NULL;
+	EVP_MD_CTX ctx;
+	unsigned char H_[EVP_MAX_MD_SIZE];
+	EVP_MD_CTX_init(&ctx);
+
+	hLen = EVP_MD_size(Hash);
+	if (hLen < 0)
+		goto err;
+	/*
+	 * Negative sLen has special meanings:
+	 *	-1	sLen == hLen
+	 *	-2	salt length is autorecovered from signature
+	 *	-N	reserved
+	 */
+	if      (sLen == -1)	sLen = hLen;
+	else if (sLen == -2)	sLen = -2;
+	else if (sLen < -2)
+		{
+		RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, RSA_R_SLEN_CHECK_FAILED);
+		goto err;
+		}
+
+	MSBits = (BN_num_bits(rsa->n) - 1) & 0x7;
+	emLen = RSA_size(rsa);
+	if (EM[0] & (0xFF << MSBits))
+		{
+		RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, RSA_R_FIRST_OCTET_INVALID);
+		goto err;
+		}
+	if (MSBits == 0)
+		{
+		EM++;
+		emLen--;
+		}
+	if (emLen < (hLen + sLen + 2)) /* sLen can be small negative */
+		{
+		RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, RSA_R_DATA_TOO_LARGE);
+		goto err;
+		}
+	if (EM[emLen - 1] != 0xbc)
+		{
+		RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, RSA_R_LAST_OCTET_INVALID);
+		goto err;
+		}
+	maskedDBLen = emLen - hLen - 1;
+	H = EM + maskedDBLen;
+	DB = OPENSSL_malloc(maskedDBLen);
+	if (!DB)
+		{
+		RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, ERR_R_MALLOC_FAILURE);
+		goto err;
+		}
+	if (PKCS1_MGF1(DB, maskedDBLen, H, hLen, Hash) < 0)
+		goto err;
+	for (i = 0; i < maskedDBLen; i++)
+		DB[i] ^= EM[i];
+	if (MSBits)
+		DB[0] &= 0xFF >> (8 - MSBits);
+	for (i = 0; DB[i] == 0 && i < (maskedDBLen-1); i++) ;
+	if (DB[i++] != 0x1)
+		{
+		RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, RSA_R_SLEN_RECOVERY_FAILED);
+		goto err;
+		}
+	if (sLen >= 0 && (maskedDBLen - i) != sLen)
+		{
+		RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, RSA_R_SLEN_CHECK_FAILED);
+		goto err;
+		}
+	if (!EVP_DigestInit_ex(&ctx, Hash, NULL)
+		|| !EVP_DigestUpdate(&ctx, zeroes, sizeof zeroes)
+		|| !EVP_DigestUpdate(&ctx, mHash, hLen))
+		goto err;
+	if (maskedDBLen - i)
+		{
+		if (!EVP_DigestUpdate(&ctx, DB + i, maskedDBLen - i))
+			goto err;
+		}
+	if (!EVP_DigestFinal(&ctx, H_, NULL))
+		goto err;
+	if (memcmp(H_, H, hLen))
+		{
+		RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, RSA_R_BAD_SIGNATURE);
+		ret = 0;
+		}
+	else 
+		ret = 1;
+
+	err:
+	if (DB)
+		OPENSSL_free(DB);
+	EVP_MD_CTX_cleanup(&ctx);
+
+	return ret;
+
+	}
+
+int RSA_padding_add_PKCS1_PSS(RSA *rsa, unsigned char *EM,
+			const unsigned char *mHash,
+			const EVP_MD *Hash, int sLen)
+	{
+	int i;
+	int ret = 0;
+	int hLen, maskedDBLen, MSBits, emLen;
+	unsigned char *H, *salt = NULL, *p;
+	EVP_MD_CTX ctx;
+
+	hLen = EVP_MD_size(Hash);
+	if (hLen < 0)
+		goto err;
+	/*
+	 * Negative sLen has special meanings:
+	 *	-1	sLen == hLen
+	 *	-2	salt length is maximized
+	 *	-N	reserved
+	 */
+	if      (sLen == -1)	sLen = hLen;
+	else if (sLen == -2)	sLen = -2;
+	else if (sLen < -2)
+		{
+		RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_PSS, RSA_R_SLEN_CHECK_FAILED);
+		goto err;
+		}
+
+	MSBits = (BN_num_bits(rsa->n) - 1) & 0x7;
+	emLen = RSA_size(rsa);
+	if (MSBits == 0)
+		{
+		*EM++ = 0;
+		emLen--;
+		}
+	if (sLen == -2)
+		{
+		sLen = emLen - hLen - 2;
+		}
+	else if (emLen < (hLen + sLen + 2))
+		{
+		RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_PSS,
+		   RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
+		goto err;
+		}
+	if (sLen > 0)
+		{
+		salt = OPENSSL_malloc(sLen);
+		if (!salt)
+			{
+			RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_PSS,
+		   		ERR_R_MALLOC_FAILURE);
+			goto err;
+			}
+		if (RAND_bytes(salt, sLen) <= 0)
+			goto err;
+		}
+	maskedDBLen = emLen - hLen - 1;
+	H = EM + maskedDBLen;
+	EVP_MD_CTX_init(&ctx);
+	if (!EVP_DigestInit_ex(&ctx, Hash, NULL)
+		|| !EVP_DigestUpdate(&ctx, zeroes, sizeof zeroes)
+		|| !EVP_DigestUpdate(&ctx, mHash, hLen))
+		goto err;
+	if (sLen && !EVP_DigestUpdate(&ctx, salt, sLen))
+		goto err;
+	if (!EVP_DigestFinal(&ctx, H, NULL))
+		goto err;
+	EVP_MD_CTX_cleanup(&ctx);
+
+	/* Generate dbMask in place then perform XOR on it */
+	if (PKCS1_MGF1(EM, maskedDBLen, H, hLen, Hash))
+		goto err;
+
+	p = EM;
+
+	/* Initial PS XORs with all zeroes which is a NOP so just update
+	 * pointer. Note from a test above this value is guaranteed to
+	 * be non-negative.
+	 */
+	p += emLen - sLen - hLen - 2;
+	*p++ ^= 0x1;
+	if (sLen > 0)
+		{
+		for (i = 0; i < sLen; i++)
+			*p++ ^= salt[i];
+		}
+	if (MSBits)
+		EM[0] &= 0xFF >> (8 - MSBits);
+
+	/* H is already in place so just set final 0xbc */
+
+	EM[emLen - 1] = 0xbc;
+
+	ret = 1;
+
+	err:
+	if (salt)
+		OPENSSL_free(salt);
+
+	return ret;
+
+	}
+
+#if defined(_MSC_VER)
+#pragma optimize("",on)
+#endif
diff --git a/crypto/rsa/rsa_sign.c b/crypto/rsa/rsa_sign.c
index 9e7dfd1927..0be4ec7fb0 100644
--- a/crypto/rsa/rsa_sign.c
+++ b/crypto/rsa/rsa_sign.c
@@ -62,6 +62,7 @@
 #include <openssl/rsa.h>
 #include <openssl/objects.h>
 #include <openssl/x509.h>
+#include "rsa_locl.h"
 
 /* Size of an SSL signature: MD5+SHA1 */
 #define SSL_SIG_LENGTH	36
@@ -76,7 +77,7 @@ int RSA_sign(int type, const unsigned char *m, unsigned int m_len,
 	const unsigned char *s = NULL;
 	X509_ALGOR algor;
 	ASN1_OCTET_STRING digest;
-	if(rsa->flags & RSA_FLAG_SIGN_VER)
+	if((rsa->flags & RSA_FLAG_SIGN_VER) && rsa->meth->rsa_sign)
 		{
 		return rsa->meth->rsa_sign(type, m, m_len,
 			sigret, siglen, rsa);
@@ -142,8 +143,11 @@ int RSA_sign(int type, const unsigned char *m, unsigned int m_len,
 	return(ret);
 	}
 
-int RSA_verify(int dtype, const unsigned char *m, unsigned int m_len,
-	     unsigned char *sigbuf, unsigned int siglen, RSA *rsa)
+int int_rsa_verify(int dtype, const unsigned char *m,
+			  unsigned int m_len,
+			  unsigned char *rm, size_t *prm_len,
+			  const unsigned char *sigbuf, size_t siglen,
+			  RSA *rsa)
 	{
 	int i,ret=0,sigtype;
 	unsigned char *s;
@@ -151,24 +155,28 @@ int RSA_verify(int dtype, const unsigned char *m, unsigned int m_len,
 
 	if (siglen != (unsigned int)RSA_size(rsa))
 		{
-		RSAerr(RSA_F_RSA_VERIFY,RSA_R_WRONG_SIGNATURE_LENGTH);
+		RSAerr(RSA_F_INT_RSA_VERIFY,RSA_R_WRONG_SIGNATURE_LENGTH);
 		return(0);
 		}
 
-	if(rsa->flags & RSA_FLAG_SIGN_VER)
+	if((dtype == NID_md5_sha1) && rm)
 		{
-		return rsa->meth->rsa_verify(dtype, m, m_len,
-			sigbuf, siglen, rsa);
+		i = RSA_public_decrypt((int)siglen,
+					sigbuf,rm,rsa,RSA_PKCS1_PADDING);
+		if (i <= 0)
+			return 0;
+		*prm_len = i;
+		return 1;
 		}
 
 	s=(unsigned char *)OPENSSL_malloc((unsigned int)siglen);
 	if (s == NULL)
 		{
-		RSAerr(RSA_F_RSA_VERIFY,ERR_R_MALLOC_FAILURE);
+		RSAerr(RSA_F_INT_RSA_VERIFY,ERR_R_MALLOC_FAILURE);
 		goto err;
 		}
 	if((dtype == NID_md5_sha1) && (m_len != SSL_SIG_LENGTH) ) {
-			RSAerr(RSA_F_RSA_VERIFY,RSA_R_INVALID_MESSAGE_LENGTH);
+			RSAerr(RSA_F_INT_RSA_VERIFY,RSA_R_INVALID_MESSAGE_LENGTH);
 			goto err;
 	}
 	i=RSA_public_decrypt((int)siglen,sigbuf,s,rsa,RSA_PKCS1_PADDING);
@@ -178,13 +186,30 @@ int RSA_verify(int dtype, const unsigned char *m, unsigned int m_len,
 	/* Special case: SSL signature */
 	if(dtype == NID_md5_sha1) {
 		if((i != SSL_SIG_LENGTH) || memcmp(s, m, SSL_SIG_LENGTH))
-				RSAerr(RSA_F_RSA_VERIFY,RSA_R_BAD_SIGNATURE);
+				RSAerr(RSA_F_INT_RSA_VERIFY,RSA_R_BAD_SIGNATURE);
 		else ret = 1;
 	} else {
 		const unsigned char *p=s;
 		sig=d2i_X509_SIG(NULL,&p,(long)i);
 
 		if (sig == NULL) goto err;
+
+		/* Excess data can be used to create forgeries */
+		if(p != s+i)
+			{
+			RSAerr(RSA_F_INT_RSA_VERIFY,RSA_R_BAD_SIGNATURE);
+			goto err;
+			}
+
+		/* Parameters to the signature algorithm can also be used to
+		   create forgeries */
+		if(sig->algor->parameter
+		   && ASN1_TYPE_get(sig->algor->parameter) != V_ASN1_NULL)
+			{
+			RSAerr(RSA_F_INT_RSA_VERIFY,RSA_R_BAD_SIGNATURE);
+			goto err;
+			}
+
 		sigtype=OBJ_obj2nid(sig->algor->algorithm);
 
 
@@ -207,15 +232,30 @@ int RSA_verify(int dtype, const unsigned char *m, unsigned int m_len,
 				}
 			else
 				{
-				RSAerr(RSA_F_RSA_VERIFY,
+				RSAerr(RSA_F_INT_RSA_VERIFY,
 						RSA_R_ALGORITHM_MISMATCH);
 				goto err;
 				}
 			}
-		if (	((unsigned int)sig->digest->length != m_len) ||
+		if (rm)
+			{
+			const EVP_MD *md;
+			md = EVP_get_digestbynid(dtype);
+			if (md && (EVP_MD_size(md) != sig->digest->length))
+				RSAerr(RSA_F_INT_RSA_VERIFY,
+						RSA_R_INVALID_DIGEST_LENGTH);
+			else
+				{
+				memcpy(rm, sig->digest->data,
+							sig->digest->length);
+				*prm_len = sig->digest->length;
+				ret = 1;
+				}
+			}
+		else if (((unsigned int)sig->digest->length != m_len) ||
 			(memcmp(m,sig->digest->data,m_len) != 0))
 			{
-			RSAerr(RSA_F_RSA_VERIFY,RSA_R_BAD_SIGNATURE);
+			RSAerr(RSA_F_INT_RSA_VERIFY,RSA_R_BAD_SIGNATURE);
 			}
 		else
 			ret=1;
@@ -230,3 +270,16 @@ err:
 	return(ret);
 	}
 
+int RSA_verify(int dtype, const unsigned char *m, unsigned int m_len,
+		const unsigned char *sigbuf, unsigned int siglen,
+		RSA *rsa)
+	{
+
+	if((rsa->flags & RSA_FLAG_SIGN_VER) && rsa->meth->rsa_verify)
+		{
+		return rsa->meth->rsa_verify(dtype, m, m_len,
+			sigbuf, siglen, rsa);
+		}
+
+	return int_rsa_verify(dtype, m, m_len, NULL, NULL, sigbuf, siglen, rsa);
+	}
diff --git a/crypto/rsa/rsa_ssl.c b/crypto/rsa/rsa_ssl.c
index ea72629494..cfeff15bc9 100644
--- a/crypto/rsa/rsa_ssl.c
+++ b/crypto/rsa/rsa_ssl.c
@@ -130,7 +130,7 @@ int RSA_padding_check_SSLv23(unsigned char *to, int tlen,
 		RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23,RSA_R_NULL_BEFORE_BLOCK_MISSING);
 		return(-1);
 		}
-	for (k= -8; k<0; k++)
+	for (k = -9; k<-1; k++)
 		{
 		if (p[k] !=  0x03) break;
 		}
diff --git a/crypto/rsa/rsa_test.c b/crypto/rsa/rsa_test.c
index 6f0a28aa25..c8705a0f6e 100644
--- a/crypto/rsa/rsa_test.c
+++ b/crypto/rsa/rsa_test.c
@@ -219,6 +219,7 @@ int main(int argc, char *argv[])
     int plen;
     int clen = 0;
     int num;
+    int n;
 
     CRYPTO_malloc_debug_init();
     CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
@@ -228,10 +229,10 @@ int main(int argc, char *argv[])
 
     plen = sizeof(ptext_ex) - 1;
 
-    for (v = 0; v < 3; v++)
+    for (v = 0; v < 6; v++)
 	{
 	key = RSA_new();
-	switch (v) {
+	switch (v%3) {
     case 0:
 	clen = key1(key, ctext_ex);
 	break;
@@ -242,6 +243,7 @@ int main(int argc, char *argv[])
 	clen = key3(key, ctext_ex);
 	break;
 	}
+	if (v/3 >= 1) key->flags |= RSA_FLAG_NO_CONSTTIME;
 
 	num = RSA_public_encrypt(plen, ptext_ex, ctext, key,
 				 RSA_PKCS1_PADDING);
@@ -277,7 +279,7 @@ int main(int argc, char *argv[])
 	    err=1;
 	    goto next;
 	    }
-  
+
 	num = RSA_private_decrypt(num, ctext, ptext, key,
 				  RSA_PKCS1_OAEP_PADDING);
 	if (num != plen || memcmp(ptext, ptext_ex, num) != 0)
@@ -286,10 +288,7 @@ int main(int argc, char *argv[])
 	    err=1;
 	    }
 	else if (memcmp(ctext, ctext_ex, num) == 0)
-	    {
 	    printf("OAEP test vector %d passed!\n", v);
-	    goto next;
-	    }
     
 	/* Different ciphertexts (rsa_oaep.c without -DPKCS_TESTVECT).
 	   Try decrypting ctext_ex */
@@ -304,12 +303,32 @@ int main(int argc, char *argv[])
 	    }
 	else
 	    printf("OAEP encryption/decryption ok\n");
+
+	/* Try decrypting corrupted ciphertexts */
+	for(n = 0 ; n < clen ; ++n)
+	    {
+	    int b;
+	    unsigned char saved = ctext[n];
+	    for(b = 0 ; b < 256 ; ++b)
+		{
+		if(b == saved)
+		    continue;
+		ctext[n] = b;
+		num = RSA_private_decrypt(num, ctext, ptext, key,
+					  RSA_PKCS1_OAEP_PADDING);
+		if(num > 0)
+		    {
+		    printf("Corrupt data decrypted!\n");
+		    err = 1;
+		    }
+		}
+	    }
     next:
 	RSA_free(key);
 	}
 
     CRYPTO_cleanup_all_ex_data();
-    ERR_remove_state(0);
+    ERR_remove_thread_state(NULL);
 
     CRYPTO_mem_leaks_fp(stderr);
 
diff --git a/crypto/rsa/rsa_x931.c b/crypto/rsa/rsa_x931.c
new file mode 100644
index 0000000000..21548e37ed
--- /dev/null
+++ b/crypto/rsa/rsa_x931.c
@@ -0,0 +1,177 @@
+/* rsa_x931.c */
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project 2005.
+ */
+/* ====================================================================
+ * Copyright (c) 2005 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/bn.h>
+#include <openssl/rsa.h>
+#include <openssl/rand.h>
+#include <openssl/objects.h>
+
+int RSA_padding_add_X931(unsigned char *to, int tlen,
+	     const unsigned char *from, int flen)
+	{
+	int j;
+	unsigned char *p;
+
+	/* Absolute minimum amount of padding is 1 header nibble, 1 padding
+	 * nibble and 2 trailer bytes: but 1 hash if is already in 'from'.
+	 */
+
+	j = tlen - flen - 2;
+
+	if (j < 0)
+		{
+		RSAerr(RSA_F_RSA_PADDING_ADD_X931,RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
+		return -1;
+		}
+	
+	p=(unsigned char *)to;
+
+	/* If no padding start and end nibbles are in one byte */
+	if (j == 0)
+		*p++ = 0x6A;
+	else
+		{
+		*p++ = 0x6B;
+		if (j > 1)
+			{
+			memset(p, 0xBB, j - 1);
+			p += j - 1;
+			}
+		*p++ = 0xBA;
+		}
+	memcpy(p,from,(unsigned int)flen);
+	p += flen;
+	*p = 0xCC;
+	return(1);
+	}
+
+int RSA_padding_check_X931(unsigned char *to, int tlen,
+	     const unsigned char *from, int flen, int num)
+	{
+	int i = 0,j;
+	const unsigned char *p;
+
+	p=from;
+	if ((num != flen) || ((*p != 0x6A) && (*p != 0x6B)))
+		{
+		RSAerr(RSA_F_RSA_PADDING_CHECK_X931,RSA_R_INVALID_HEADER);
+		return -1;
+		}
+
+	if (*p++ == 0x6B)
+		{
+		j=flen-3;
+		for (i = 0; i < j; i++)
+			{
+			unsigned char c = *p++;
+			if (c == 0xBA)
+				break;
+			if (c != 0xBB)
+				{
+				RSAerr(RSA_F_RSA_PADDING_CHECK_X931,
+					RSA_R_INVALID_PADDING);
+				return -1;
+				}
+			}
+
+		j -= i;
+
+		if (i == 0)
+			{
+			RSAerr(RSA_F_RSA_PADDING_CHECK_X931, RSA_R_INVALID_PADDING);
+			return -1;
+			}
+
+		}
+	else j = flen - 2;
+
+	if (p[j] != 0xCC)
+		{
+		RSAerr(RSA_F_RSA_PADDING_CHECK_X931, RSA_R_INVALID_TRAILER);
+		return -1;
+		}
+
+	memcpy(to,p,(unsigned int)j);
+
+	return(j);
+	}
+
+/* Translate between X931 hash ids and NIDs */
+
+int RSA_X931_hash_id(int nid)
+	{
+	switch (nid)
+		{
+		case NID_sha1:
+		return 0x33;
+
+		case NID_sha256:
+		return 0x34;
+
+		case NID_sha384:
+		return 0x36;
+
+		case NID_sha512:
+		return 0x35;
+
+		}
+	return -1;
+	}
+
diff --git a/crypto/s390xcap.c b/crypto/s390xcap.c
new file mode 100644
index 0000000000..ffbe0235f9
--- /dev/null
+++ b/crypto/s390xcap.c
@@ -0,0 +1,37 @@
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <setjmp.h>
+#include <signal.h>
+
+extern unsigned long OPENSSL_s390xcap_P;
+
+static sigjmp_buf ill_jmp;
+static void ill_handler (int sig) { siglongjmp(ill_jmp,sig); }
+
+unsigned long OPENSSL_s390x_facilities(void);
+
+void OPENSSL_cpuid_setup(void)
+	{
+	sigset_t oset;
+	struct sigaction ill_act,oact;
+
+	if (OPENSSL_s390xcap_P) return;
+
+	memset(&ill_act,0,sizeof(ill_act));
+	ill_act.sa_handler = ill_handler;
+	sigfillset(&ill_act.sa_mask);
+	sigdelset(&ill_act.sa_mask,SIGILL);
+	sigdelset(&ill_act.sa_mask,SIGTRAP);
+	sigprocmask(SIG_SETMASK,&ill_act.sa_mask,&oset);
+	sigaction (SIGILL,&ill_act,&oact);
+
+	/* protection against missing store-facility-list-extended */
+	if (sigsetjmp(ill_jmp,0) == 0)
+		OPENSSL_s390xcap_P = OPENSSL_s390x_facilities();
+	else
+		OPENSSL_s390xcap_P = 1UL<<63;
+
+	sigaction (SIGILL,&oact,NULL);
+	sigprocmask(SIG_SETMASK,&oset,NULL);
+	}
diff --git a/crypto/s390xcpuid.S b/crypto/s390xcpuid.S
new file mode 100644
index 0000000000..b053c6a281
--- /dev/null
+++ b/crypto/s390xcpuid.S
@@ -0,0 +1,92 @@
+.text
+
+.globl	OPENSSL_s390x_facilities
+.type	OPENSSL_s390x_facilities,@function
+.align	16
+OPENSSL_s390x_facilities:
+	lghi	%r0,0
+	.long	0xb2b0f010	# stfle	16(%r15)
+	lg	%r2,16(%r15)
+	larl	%r1,OPENSSL_s390xcap_P
+	stg	%r2,0(%r1)
+	br	%r14
+.size	OPENSSL_s390x_facilities,.-OPENSSL_s390x_facilities
+
+.globl	OPENSSL_rdtsc
+.type	OPENSSL_rdtsc,@function
+.align	16
+OPENSSL_rdtsc:
+	stck	16(%r15)
+	lg	%r2,16(%r15)
+	br	%r14
+.size	OPENSSL_rdtsc,.-OPENSSL_rdtsc
+
+.globl	OPENSSL_atomic_add
+.type	OPENSSL_atomic_add,@function
+.align	16
+OPENSSL_atomic_add:
+	l	%r1,0(%r2)
+.Lspin:	lr	%r0,%r1
+	ar	%r0,%r3
+	cs	%r1,%r0,0(%r2)
+	brc	4,.Lspin
+	lgfr	%r2,%r0		# OpenSSL expects the new value
+	br	%r14
+.size	OPENSSL_atomic_add,.-OPENSSL_atomic_add
+
+.globl	OPENSSL_wipe_cpu
+.type	OPENSSL_wipe_cpu,@function
+.align	16
+OPENSSL_wipe_cpu:
+	xgr	%r0,%r0
+	xgr	%r1,%r1
+	lgr	%r2,%r15
+	xgr	%r3,%r3
+	xgr	%r4,%r4
+	lzdr	%f0
+	lzdr	%f1
+	lzdr	%f2
+	lzdr	%f3
+	lzdr	%f4
+	lzdr	%f5
+	lzdr	%f6
+	lzdr	%f7
+	br	%r14
+.size	OPENSSL_wipe_cpu,.-OPENSSL_wipe_cpu
+
+.globl	OPENSSL_cleanse
+.type	OPENSSL_cleanse,@function
+.align	16
+OPENSSL_cleanse:
+	lghi	%r4,15
+	lghi	%r0,0
+	clgr	%r3,%r4
+	jh	.Lot
+	clgr	%r3,%r0
+	bcr	8,%r14
+.Little:
+	stc	%r0,0(%r2)
+	la	%r2,1(%r2)
+	brctg	%r3,.Little
+	br	%r14
+.align	4
+.Lot:	tmll	%r2,7
+	jz	.Laligned
+	stc	%r0,0(%r2)
+	la	%r2,1(%r2)
+	brctg	%r3,.Lot
+.Laligned:
+	srlg	%r4,%r3,3
+.Loop:	stg	%r0,0(%r2)
+	la	%r2,8(%r2)
+	brctg	%r4,.Loop
+	lghi	%r4,7
+	ngr	%r3,%r4
+	jnz	.Little
+	br	%r14
+.size	OPENSSL_cleanse,.-OPENSSL_cleanse
+
+.section	.init
+	brasl	%r14,OPENSSL_cpuid_setup
+
+.comm	OPENSSL_s390xcap_P,8,8
diff --git a/crypto/seed/.cvsignore b/crypto/seed/.cvsignore
new file mode 100644
index 0000000000..439e6d3eb6
--- /dev/null
+++ b/crypto/seed/.cvsignore
@@ -0,0 +1,4 @@
+lib
+Makefile.save
+*.flc
+semantic.cache
diff --git a/crypto/seed/Makefile b/crypto/seed/Makefile
new file mode 100644
index 0000000000..4bc55e4916
--- /dev/null
+++ b/crypto/seed/Makefile
@@ -0,0 +1,106 @@
+#
+# crypto/seed/Makefile
+#
+
+DIR=	seed
+TOP=	../..
+CC=	cc
+CPP=	$(CC) -E
+INCLUDES=
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=seed.c seed_ecb.c seed_cbc.c seed_cfb.c seed_ofb.c
+LIBOBJ=seed.o seed_ecb.o seed_cbc.o seed_cfb.o seed_ofb.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= seed.h
+HEADER= seed_locl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+seed.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+seed.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+seed.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+seed.o: ../../include/openssl/seed.h ../../include/openssl/stack.h
+seed.o: ../../include/openssl/symhacks.h seed.c seed_locl.h
+seed_cbc.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+seed_cbc.o: ../../include/openssl/modes.h ../../include/openssl/opensslconf.h
+seed_cbc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+seed_cbc.o: ../../include/openssl/safestack.h ../../include/openssl/seed.h
+seed_cbc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+seed_cbc.o: seed_cbc.c
+seed_cfb.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+seed_cfb.o: ../../include/openssl/modes.h ../../include/openssl/opensslconf.h
+seed_cfb.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+seed_cfb.o: ../../include/openssl/safestack.h ../../include/openssl/seed.h
+seed_cfb.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+seed_cfb.o: seed_cfb.c
+seed_ecb.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+seed_ecb.o: ../../include/openssl/opensslconf.h
+seed_ecb.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+seed_ecb.o: ../../include/openssl/safestack.h ../../include/openssl/seed.h
+seed_ecb.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+seed_ecb.o: seed_ecb.c
+seed_ofb.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+seed_ofb.o: ../../include/openssl/modes.h ../../include/openssl/opensslconf.h
+seed_ofb.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+seed_ofb.o: ../../include/openssl/safestack.h ../../include/openssl/seed.h
+seed_ofb.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+seed_ofb.o: seed_ofb.c
diff --git a/crypto/seed/seed.c b/crypto/seed/seed.c
new file mode 100644
index 0000000000..2bc384a19f
--- /dev/null
+++ b/crypto/seed/seed.c
@@ -0,0 +1,325 @@
+/*
+ * Copyright (c) 2007 KISA(Korea Information Security Agency). All rights reserved.  
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Neither the name of author nor the names of its contributors may
+ *    be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ */
+#ifndef OPENSSL_NO_SEED
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#ifdef WIN32
+#include <memory.h>
+#endif
+
+#include <openssl/seed.h>
+#include "seed_locl.h"
+
+static const seed_word SS[4][256] = {	{
+	0x2989a1a8, 0x05858184, 0x16c6d2d4, 0x13c3d3d0, 0x14445054, 0x1d0d111c, 0x2c8ca0ac, 0x25052124,
+	0x1d4d515c, 0x03434340, 0x18081018, 0x1e0e121c, 0x11415150, 0x3cccf0fc, 0x0acac2c8, 0x23436360,
+	0x28082028, 0x04444044, 0x20002020, 0x1d8d919c, 0x20c0e0e0, 0x22c2e2e0, 0x08c8c0c8, 0x17071314,
+	0x2585a1a4, 0x0f8f838c, 0x03030300, 0x3b4b7378, 0x3b8bb3b8, 0x13031310, 0x12c2d2d0, 0x2ecee2ec,
+	0x30407070, 0x0c8c808c, 0x3f0f333c, 0x2888a0a8, 0x32023230, 0x1dcdd1dc, 0x36c6f2f4, 0x34447074,
+	0x2ccce0ec, 0x15859194, 0x0b0b0308, 0x17475354, 0x1c4c505c, 0x1b4b5358, 0x3d8db1bc, 0x01010100,
+	0x24042024, 0x1c0c101c, 0x33437370, 0x18889098, 0x10001010, 0x0cccc0cc, 0x32c2f2f0, 0x19c9d1d8,
+	0x2c0c202c, 0x27c7e3e4, 0x32427270, 0x03838380, 0x1b8b9398, 0x11c1d1d0, 0x06868284, 0x09c9c1c8,
+	0x20406060, 0x10405050, 0x2383a3a0, 0x2bcbe3e8, 0x0d0d010c, 0x3686b2b4, 0x1e8e929c, 0x0f4f434c,
+	0x3787b3b4, 0x1a4a5258, 0x06c6c2c4, 0x38487078, 0x2686a2a4, 0x12021210, 0x2f8fa3ac, 0x15c5d1d4,
+	0x21416160, 0x03c3c3c0, 0x3484b0b4, 0x01414140, 0x12425250, 0x3d4d717c, 0x0d8d818c, 0x08080008,
+	0x1f0f131c, 0x19899198, 0x00000000, 0x19091118, 0x04040004, 0x13435350, 0x37c7f3f4, 0x21c1e1e0,
+	0x3dcdf1fc, 0x36467274, 0x2f0f232c, 0x27072324, 0x3080b0b0, 0x0b8b8388, 0x0e0e020c, 0x2b8ba3a8,
+	0x2282a2a0, 0x2e4e626c, 0x13839390, 0x0d4d414c, 0x29496168, 0x3c4c707c, 0x09090108, 0x0a0a0208,
+	0x3f8fb3bc, 0x2fcfe3ec, 0x33c3f3f0, 0x05c5c1c4, 0x07878384, 0x14041014, 0x3ecef2fc, 0x24446064,
+	0x1eced2dc, 0x2e0e222c, 0x0b4b4348, 0x1a0a1218, 0x06060204, 0x21012120, 0x2b4b6368, 0x26466264,
+	0x02020200, 0x35c5f1f4, 0x12829290, 0x0a8a8288, 0x0c0c000c, 0x3383b3b0, 0x3e4e727c, 0x10c0d0d0,
+	0x3a4a7278, 0x07474344, 0x16869294, 0x25c5e1e4, 0x26062224, 0x00808080, 0x2d8da1ac, 0x1fcfd3dc,
+	0x2181a1a0, 0x30003030, 0x37073334, 0x2e8ea2ac, 0x36063234, 0x15051114, 0x22022220, 0x38083038,
+	0x34c4f0f4, 0x2787a3a4, 0x05454144, 0x0c4c404c, 0x01818180, 0x29c9e1e8, 0x04848084, 0x17879394,
+	0x35053134, 0x0bcbc3c8, 0x0ecec2cc, 0x3c0c303c, 0x31417170, 0x11011110, 0x07c7c3c4, 0x09898188,
+	0x35457174, 0x3bcbf3f8, 0x1acad2d8, 0x38c8f0f8, 0x14849094, 0x19495158, 0x02828280, 0x04c4c0c4,
+	0x3fcff3fc, 0x09494148, 0x39093138, 0x27476364, 0x00c0c0c0, 0x0fcfc3cc, 0x17c7d3d4, 0x3888b0b8,
+	0x0f0f030c, 0x0e8e828c, 0x02424240, 0x23032320, 0x11819190, 0x2c4c606c, 0x1bcbd3d8, 0x2484a0a4,
+	0x34043034, 0x31c1f1f0, 0x08484048, 0x02c2c2c0, 0x2f4f636c, 0x3d0d313c, 0x2d0d212c, 0x00404040,
+	0x3e8eb2bc, 0x3e0e323c, 0x3c8cb0bc, 0x01c1c1c0, 0x2a8aa2a8, 0x3a8ab2b8, 0x0e4e424c, 0x15455154,
+	0x3b0b3338, 0x1cccd0dc, 0x28486068, 0x3f4f737c, 0x1c8c909c, 0x18c8d0d8, 0x0a4a4248, 0x16465254,
+	0x37477374, 0x2080a0a0, 0x2dcde1ec, 0x06464244, 0x3585b1b4, 0x2b0b2328, 0x25456164, 0x3acaf2f8,
+	0x23c3e3e0, 0x3989b1b8, 0x3181b1b0, 0x1f8f939c, 0x1e4e525c, 0x39c9f1f8, 0x26c6e2e4, 0x3282b2b0,
+	0x31013130, 0x2acae2e8, 0x2d4d616c, 0x1f4f535c, 0x24c4e0e4, 0x30c0f0f0, 0x0dcdc1cc, 0x08888088,
+	0x16061214, 0x3a0a3238, 0x18485058, 0x14c4d0d4, 0x22426260, 0x29092128, 0x07070304, 0x33033330,
+	0x28c8e0e8, 0x1b0b1318, 0x05050104, 0x39497178, 0x10809090, 0x2a4a6268, 0x2a0a2228, 0x1a8a9298
+},	{
+	0x38380830, 0xe828c8e0, 0x2c2d0d21, 0xa42686a2, 0xcc0fcfc3, 0xdc1eced2, 0xb03383b3, 0xb83888b0,
+	0xac2f8fa3, 0x60204060, 0x54154551, 0xc407c7c3, 0x44044440, 0x6c2f4f63, 0x682b4b63, 0x581b4b53,
+	0xc003c3c3, 0x60224262, 0x30330333, 0xb43585b1, 0x28290921, 0xa02080a0, 0xe022c2e2, 0xa42787a3,
+	0xd013c3d3, 0x90118191, 0x10110111, 0x04060602, 0x1c1c0c10, 0xbc3c8cb0, 0x34360632, 0x480b4b43,
+	0xec2fcfe3, 0x88088880, 0x6c2c4c60, 0xa82888a0, 0x14170713, 0xc404c4c0, 0x14160612, 0xf434c4f0,
+	0xc002c2c2, 0x44054541, 0xe021c1e1, 0xd416c6d2, 0x3c3f0f33, 0x3c3d0d31, 0x8c0e8e82, 0x98188890,
+	0x28280820, 0x4c0e4e42, 0xf436c6f2, 0x3c3e0e32, 0xa42585a1, 0xf839c9f1, 0x0c0d0d01, 0xdc1fcfd3,
+	0xd818c8d0, 0x282b0b23, 0x64264662, 0x783a4a72, 0x24270723, 0x2c2f0f23, 0xf031c1f1, 0x70324272,
+	0x40024242, 0xd414c4d0, 0x40014141, 0xc000c0c0, 0x70334373, 0x64274763, 0xac2c8ca0, 0x880b8b83,
+	0xf437c7f3, 0xac2d8da1, 0x80008080, 0x1c1f0f13, 0xc80acac2, 0x2c2c0c20, 0xa82a8aa2, 0x34340430,
+	0xd012c2d2, 0x080b0b03, 0xec2ecee2, 0xe829c9e1, 0x5c1d4d51, 0x94148490, 0x18180810, 0xf838c8f0,
+	0x54174753, 0xac2e8ea2, 0x08080800, 0xc405c5c1, 0x10130313, 0xcc0dcdc1, 0x84068682, 0xb83989b1,
+	0xfc3fcff3, 0x7c3d4d71, 0xc001c1c1, 0x30310131, 0xf435c5f1, 0x880a8a82, 0x682a4a62, 0xb03181b1,
+	0xd011c1d1, 0x20200020, 0xd417c7d3, 0x00020202, 0x20220222, 0x04040400, 0x68284860, 0x70314171,
+	0x04070703, 0xd81bcbd3, 0x9c1d8d91, 0x98198991, 0x60214161, 0xbc3e8eb2, 0xe426c6e2, 0x58194951,
+	0xdc1dcdd1, 0x50114151, 0x90108090, 0xdc1cccd0, 0x981a8a92, 0xa02383a3, 0xa82b8ba3, 0xd010c0d0,
+	0x80018181, 0x0c0f0f03, 0x44074743, 0x181a0a12, 0xe023c3e3, 0xec2ccce0, 0x8c0d8d81, 0xbc3f8fb3,
+	0x94168692, 0x783b4b73, 0x5c1c4c50, 0xa02282a2, 0xa02181a1, 0x60234363, 0x20230323, 0x4c0d4d41,
+	0xc808c8c0, 0x9c1e8e92, 0x9c1c8c90, 0x383a0a32, 0x0c0c0c00, 0x2c2e0e22, 0xb83a8ab2, 0x6c2e4e62,
+	0x9c1f8f93, 0x581a4a52, 0xf032c2f2, 0x90128292, 0xf033c3f3, 0x48094941, 0x78384870, 0xcc0cccc0,
+	0x14150511, 0xf83bcbf3, 0x70304070, 0x74354571, 0x7c3f4f73, 0x34350531, 0x10100010, 0x00030303,
+	0x64244460, 0x6c2d4d61, 0xc406c6c2, 0x74344470, 0xd415c5d1, 0xb43484b0, 0xe82acae2, 0x08090901,
+	0x74364672, 0x18190911, 0xfc3ecef2, 0x40004040, 0x10120212, 0xe020c0e0, 0xbc3d8db1, 0x04050501,
+	0xf83acaf2, 0x00010101, 0xf030c0f0, 0x282a0a22, 0x5c1e4e52, 0xa82989a1, 0x54164652, 0x40034343,
+	0x84058581, 0x14140410, 0x88098981, 0x981b8b93, 0xb03080b0, 0xe425c5e1, 0x48084840, 0x78394971,
+	0x94178793, 0xfc3cccf0, 0x1c1e0e12, 0x80028282, 0x20210121, 0x8c0c8c80, 0x181b0b13, 0x5c1f4f53,
+	0x74374773, 0x54144450, 0xb03282b2, 0x1c1d0d11, 0x24250521, 0x4c0f4f43, 0x00000000, 0x44064642,
+	0xec2dcde1, 0x58184850, 0x50124252, 0xe82bcbe3, 0x7c3e4e72, 0xd81acad2, 0xc809c9c1, 0xfc3dcdf1,
+	0x30300030, 0x94158591, 0x64254561, 0x3c3c0c30, 0xb43686b2, 0xe424c4e0, 0xb83b8bb3, 0x7c3c4c70,
+	0x0c0e0e02, 0x50104050, 0x38390931, 0x24260622, 0x30320232, 0x84048480, 0x68294961, 0x90138393,
+	0x34370733, 0xe427c7e3, 0x24240420, 0xa42484a0, 0xc80bcbc3, 0x50134353, 0x080a0a02, 0x84078783,
+	0xd819c9d1, 0x4c0c4c40, 0x80038383, 0x8c0f8f83, 0xcc0ecec2, 0x383b0b33, 0x480a4a42, 0xb43787b3
+},	{
+	0xa1a82989, 0x81840585, 0xd2d416c6, 0xd3d013c3, 0x50541444, 0x111c1d0d, 0xa0ac2c8c, 0x21242505,
+	0x515c1d4d, 0x43400343, 0x10181808, 0x121c1e0e, 0x51501141, 0xf0fc3ccc, 0xc2c80aca, 0x63602343,
+	0x20282808, 0x40440444, 0x20202000, 0x919c1d8d, 0xe0e020c0, 0xe2e022c2, 0xc0c808c8, 0x13141707,
+	0xa1a42585, 0x838c0f8f, 0x03000303, 0x73783b4b, 0xb3b83b8b, 0x13101303, 0xd2d012c2, 0xe2ec2ece,
+	0x70703040, 0x808c0c8c, 0x333c3f0f, 0xa0a82888, 0x32303202, 0xd1dc1dcd, 0xf2f436c6, 0x70743444,
+	0xe0ec2ccc, 0x91941585, 0x03080b0b, 0x53541747, 0x505c1c4c, 0x53581b4b, 0xb1bc3d8d, 0x01000101,
+	0x20242404, 0x101c1c0c, 0x73703343, 0x90981888, 0x10101000, 0xc0cc0ccc, 0xf2f032c2, 0xd1d819c9,
+	0x202c2c0c, 0xe3e427c7, 0x72703242, 0x83800383, 0x93981b8b, 0xd1d011c1, 0x82840686, 0xc1c809c9,
+	0x60602040, 0x50501040, 0xa3a02383, 0xe3e82bcb, 0x010c0d0d, 0xb2b43686, 0x929c1e8e, 0x434c0f4f,
+	0xb3b43787, 0x52581a4a, 0xc2c406c6, 0x70783848, 0xa2a42686, 0x12101202, 0xa3ac2f8f, 0xd1d415c5,
+	0x61602141, 0xc3c003c3, 0xb0b43484, 0x41400141, 0x52501242, 0x717c3d4d, 0x818c0d8d, 0x00080808,
+	0x131c1f0f, 0x91981989, 0x00000000, 0x11181909, 0x00040404, 0x53501343, 0xf3f437c7, 0xe1e021c1,
+	0xf1fc3dcd, 0x72743646, 0x232c2f0f, 0x23242707, 0xb0b03080, 0x83880b8b, 0x020c0e0e, 0xa3a82b8b,
+	0xa2a02282, 0x626c2e4e, 0x93901383, 0x414c0d4d, 0x61682949, 0x707c3c4c, 0x01080909, 0x02080a0a,
+	0xb3bc3f8f, 0xe3ec2fcf, 0xf3f033c3, 0xc1c405c5, 0x83840787, 0x10141404, 0xf2fc3ece, 0x60642444,
+	0xd2dc1ece, 0x222c2e0e, 0x43480b4b, 0x12181a0a, 0x02040606, 0x21202101, 0x63682b4b, 0x62642646,
+	0x02000202, 0xf1f435c5, 0x92901282, 0x82880a8a, 0x000c0c0c, 0xb3b03383, 0x727c3e4e, 0xd0d010c0,
+	0x72783a4a, 0x43440747, 0x92941686, 0xe1e425c5, 0x22242606, 0x80800080, 0xa1ac2d8d, 0xd3dc1fcf,
+	0xa1a02181, 0x30303000, 0x33343707, 0xa2ac2e8e, 0x32343606, 0x11141505, 0x22202202, 0x30383808,
+	0xf0f434c4, 0xa3a42787, 0x41440545, 0x404c0c4c, 0x81800181, 0xe1e829c9, 0x80840484, 0x93941787,
+	0x31343505, 0xc3c80bcb, 0xc2cc0ece, 0x303c3c0c, 0x71703141, 0x11101101, 0xc3c407c7, 0x81880989,
+	0x71743545, 0xf3f83bcb, 0xd2d81aca, 0xf0f838c8, 0x90941484, 0x51581949, 0x82800282, 0xc0c404c4,
+	0xf3fc3fcf, 0x41480949, 0x31383909, 0x63642747, 0xc0c000c0, 0xc3cc0fcf, 0xd3d417c7, 0xb0b83888,
+	0x030c0f0f, 0x828c0e8e, 0x42400242, 0x23202303, 0x91901181, 0x606c2c4c, 0xd3d81bcb, 0xa0a42484,
+	0x30343404, 0xf1f031c1, 0x40480848, 0xc2c002c2, 0x636c2f4f, 0x313c3d0d, 0x212c2d0d, 0x40400040,
+	0xb2bc3e8e, 0x323c3e0e, 0xb0bc3c8c, 0xc1c001c1, 0xa2a82a8a, 0xb2b83a8a, 0x424c0e4e, 0x51541545,
+	0x33383b0b, 0xd0dc1ccc, 0x60682848, 0x737c3f4f, 0x909c1c8c, 0xd0d818c8, 0x42480a4a, 0x52541646,
+	0x73743747, 0xa0a02080, 0xe1ec2dcd, 0x42440646, 0xb1b43585, 0x23282b0b, 0x61642545, 0xf2f83aca,
+	0xe3e023c3, 0xb1b83989, 0xb1b03181, 0x939c1f8f, 0x525c1e4e, 0xf1f839c9, 0xe2e426c6, 0xb2b03282,
+	0x31303101, 0xe2e82aca, 0x616c2d4d, 0x535c1f4f, 0xe0e424c4, 0xf0f030c0, 0xc1cc0dcd, 0x80880888,
+	0x12141606, 0x32383a0a, 0x50581848, 0xd0d414c4, 0x62602242, 0x21282909, 0x03040707, 0x33303303,
+	0xe0e828c8, 0x13181b0b, 0x01040505, 0x71783949, 0x90901080, 0x62682a4a, 0x22282a0a, 0x92981a8a
+},	{
+	0x08303838, 0xc8e0e828, 0x0d212c2d, 0x86a2a426, 0xcfc3cc0f, 0xced2dc1e, 0x83b3b033, 0x88b0b838,
+	0x8fa3ac2f, 0x40606020, 0x45515415, 0xc7c3c407, 0x44404404, 0x4f636c2f, 0x4b63682b, 0x4b53581b,
+	0xc3c3c003, 0x42626022, 0x03333033, 0x85b1b435, 0x09212829, 0x80a0a020, 0xc2e2e022, 0x87a3a427,
+	0xc3d3d013, 0x81919011, 0x01111011, 0x06020406, 0x0c101c1c, 0x8cb0bc3c, 0x06323436, 0x4b43480b,
+	0xcfe3ec2f, 0x88808808, 0x4c606c2c, 0x88a0a828, 0x07131417, 0xc4c0c404, 0x06121416, 0xc4f0f434,
+	0xc2c2c002, 0x45414405, 0xc1e1e021, 0xc6d2d416, 0x0f333c3f, 0x0d313c3d, 0x8e828c0e, 0x88909818,
+	0x08202828, 0x4e424c0e, 0xc6f2f436, 0x0e323c3e, 0x85a1a425, 0xc9f1f839, 0x0d010c0d, 0xcfd3dc1f,
+	0xc8d0d818, 0x0b23282b, 0x46626426, 0x4a72783a, 0x07232427, 0x0f232c2f, 0xc1f1f031, 0x42727032,
+	0x42424002, 0xc4d0d414, 0x41414001, 0xc0c0c000, 0x43737033, 0x47636427, 0x8ca0ac2c, 0x8b83880b,
+	0xc7f3f437, 0x8da1ac2d, 0x80808000, 0x0f131c1f, 0xcac2c80a, 0x0c202c2c, 0x8aa2a82a, 0x04303434,
+	0xc2d2d012, 0x0b03080b, 0xcee2ec2e, 0xc9e1e829, 0x4d515c1d, 0x84909414, 0x08101818, 0xc8f0f838,
+	0x47535417, 0x8ea2ac2e, 0x08000808, 0xc5c1c405, 0x03131013, 0xcdc1cc0d, 0x86828406, 0x89b1b839,
+	0xcff3fc3f, 0x4d717c3d, 0xc1c1c001, 0x01313031, 0xc5f1f435, 0x8a82880a, 0x4a62682a, 0x81b1b031,
+	0xc1d1d011, 0x00202020, 0xc7d3d417, 0x02020002, 0x02222022, 0x04000404, 0x48606828, 0x41717031,
+	0x07030407, 0xcbd3d81b, 0x8d919c1d, 0x89919819, 0x41616021, 0x8eb2bc3e, 0xc6e2e426, 0x49515819,
+	0xcdd1dc1d, 0x41515011, 0x80909010, 0xccd0dc1c, 0x8a92981a, 0x83a3a023, 0x8ba3a82b, 0xc0d0d010,
+	0x81818001, 0x0f030c0f, 0x47434407, 0x0a12181a, 0xc3e3e023, 0xcce0ec2c, 0x8d818c0d, 0x8fb3bc3f,
+	0x86929416, 0x4b73783b, 0x4c505c1c, 0x82a2a022, 0x81a1a021, 0x43636023, 0x03232023, 0x4d414c0d,
+	0xc8c0c808, 0x8e929c1e, 0x8c909c1c, 0x0a32383a, 0x0c000c0c, 0x0e222c2e, 0x8ab2b83a, 0x4e626c2e,
+	0x8f939c1f, 0x4a52581a, 0xc2f2f032, 0x82929012, 0xc3f3f033, 0x49414809, 0x48707838, 0xccc0cc0c,
+	0x05111415, 0xcbf3f83b, 0x40707030, 0x45717435, 0x4f737c3f, 0x05313435, 0x00101010, 0x03030003,
+	0x44606424, 0x4d616c2d, 0xc6c2c406, 0x44707434, 0xc5d1d415, 0x84b0b434, 0xcae2e82a, 0x09010809,
+	0x46727436, 0x09111819, 0xcef2fc3e, 0x40404000, 0x02121012, 0xc0e0e020, 0x8db1bc3d, 0x05010405,
+	0xcaf2f83a, 0x01010001, 0xc0f0f030, 0x0a22282a, 0x4e525c1e, 0x89a1a829, 0x46525416, 0x43434003,
+	0x85818405, 0x04101414, 0x89818809, 0x8b93981b, 0x80b0b030, 0xc5e1e425, 0x48404808, 0x49717839,
+	0x87939417, 0xccf0fc3c, 0x0e121c1e, 0x82828002, 0x01212021, 0x8c808c0c, 0x0b13181b, 0x4f535c1f,
+	0x47737437, 0x44505414, 0x82b2b032, 0x0d111c1d, 0x05212425, 0x4f434c0f, 0x00000000, 0x46424406,
+	0xcde1ec2d, 0x48505818, 0x42525012, 0xcbe3e82b, 0x4e727c3e, 0xcad2d81a, 0xc9c1c809, 0xcdf1fc3d,
+	0x00303030, 0x85919415, 0x45616425, 0x0c303c3c, 0x86b2b436, 0xc4e0e424, 0x8bb3b83b, 0x4c707c3c,
+	0x0e020c0e, 0x40505010, 0x09313839, 0x06222426, 0x02323032, 0x84808404, 0x49616829, 0x83939013,
+	0x07333437, 0xc7e3e427, 0x04202424, 0x84a0a424, 0xcbc3c80b, 0x43535013, 0x0a02080a, 0x87838407,
+	0xc9d1d819, 0x4c404c0c, 0x83838003, 0x8f838c0f, 0xcec2cc0e, 0x0b33383b, 0x4a42480a, 0x87b3b437
+}	};
+
+/* key schedule constants - golden ratio */
+#define KC0     0x9e3779b9
+#define KC1     0x3c6ef373
+#define KC2     0x78dde6e6
+#define KC3     0xf1bbcdcc
+#define KC4     0xe3779b99
+#define KC5     0xc6ef3733
+#define KC6     0x8dde6e67
+#define KC7     0x1bbcdccf
+#define KC8     0x3779b99e
+#define KC9     0x6ef3733c
+#define KC10    0xdde6e678
+#define KC11    0xbbcdccf1
+#define KC12    0x779b99e3
+#define KC13    0xef3733c6
+#define KC14    0xde6e678d
+#define KC15    0xbcdccf1b
+
+#if defined(OPENSSL_SMALL_FOOTPRINT)
+static const seed_word KC[] = {
+	KC0,	KC1,	KC2,	KC3,	KC4,	KC5,	KC6,	KC7,
+	KC8,	KC9,	KC10,	KC11,	KC12,	KC13,	KC14,	KC15	};
+#endif
+
+void SEED_set_key(const unsigned char rawkey[SEED_KEY_LENGTH], SEED_KEY_SCHEDULE *ks)
+{
+	seed_word x1, x2, x3, x4;
+	seed_word t0, t1;
+
+	char2word(rawkey   , x1);
+	char2word(rawkey+4 , x2);
+	char2word(rawkey+8 , x3);
+	char2word(rawkey+12, x4);
+
+	t0 = (x1 + x3 - KC0) & 0xffffffff;
+	t1 = (x2 - x4 + KC0) & 0xffffffff;                     KEYUPDATE_TEMP(t0, t1, &ks->data[0]);
+	KEYSCHEDULE_UPDATE1(t0, t1, x1, x2, x3, x4, KC1);      KEYUPDATE_TEMP(t0, t1, &ks->data[2]);
+
+#if !defined(OPENSSL_SMALL_FOOTPRINT)
+	KEYSCHEDULE_UPDATE0(t0, t1, x1, x2, x3, x4, KC2);      KEYUPDATE_TEMP(t0, t1, &ks->data[4]);
+	KEYSCHEDULE_UPDATE1(t0, t1, x1, x2, x3, x4, KC3);      KEYUPDATE_TEMP(t0, t1, &ks->data[6]);
+	KEYSCHEDULE_UPDATE0(t0, t1, x1, x2, x3, x4, KC4);      KEYUPDATE_TEMP(t0, t1, &ks->data[8]);
+	KEYSCHEDULE_UPDATE1(t0, t1, x1, x2, x3, x4, KC5);      KEYUPDATE_TEMP(t0, t1, &ks->data[10]);
+	KEYSCHEDULE_UPDATE0(t0, t1, x1, x2, x3, x4, KC6);      KEYUPDATE_TEMP(t0, t1, &ks->data[12]);
+	KEYSCHEDULE_UPDATE1(t0, t1, x1, x2, x3, x4, KC7);      KEYUPDATE_TEMP(t0, t1, &ks->data[14]);
+	KEYSCHEDULE_UPDATE0(t0, t1, x1, x2, x3, x4, KC8);      KEYUPDATE_TEMP(t0, t1, &ks->data[16]);
+	KEYSCHEDULE_UPDATE1(t0, t1, x1, x2, x3, x4, KC9);      KEYUPDATE_TEMP(t0, t1, &ks->data[18]);
+	KEYSCHEDULE_UPDATE0(t0, t1, x1, x2, x3, x4, KC10);     KEYUPDATE_TEMP(t0, t1, &ks->data[20]);
+	KEYSCHEDULE_UPDATE1(t0, t1, x1, x2, x3, x4, KC11);     KEYUPDATE_TEMP(t0, t1, &ks->data[22]);
+	KEYSCHEDULE_UPDATE0(t0, t1, x1, x2, x3, x4, KC12);     KEYUPDATE_TEMP(t0, t1, &ks->data[24]);
+	KEYSCHEDULE_UPDATE1(t0, t1, x1, x2, x3, x4, KC13);     KEYUPDATE_TEMP(t0, t1, &ks->data[26]);
+	KEYSCHEDULE_UPDATE0(t0, t1, x1, x2, x3, x4, KC14);     KEYUPDATE_TEMP(t0, t1, &ks->data[28]);
+	KEYSCHEDULE_UPDATE1(t0, t1, x1, x2, x3, x4, KC15);     KEYUPDATE_TEMP(t0, t1, &ks->data[30]);
+#else
+	{
+	    int i;
+	    for (i=2; i<16; i+=2) {
+		KEYSCHEDULE_UPDATE0(t0, t1, x1, x2, x3, x4, KC[i]);
+		KEYUPDATE_TEMP(t0, t1, &ks->data[i*2]);
+		KEYSCHEDULE_UPDATE1(t0, t1, x1, x2, x3, x4, KC[i+1]);
+		KEYUPDATE_TEMP(t0, t1, &ks->data[i*2+2]);
+	    }
+	}
+#endif
+}
+
+void SEED_encrypt(const unsigned char s[SEED_BLOCK_SIZE], unsigned char d[SEED_BLOCK_SIZE], const SEED_KEY_SCHEDULE *ks)
+{
+	seed_word x1, x2, x3, x4;
+	seed_word t0, t1;
+
+	char2word(s,    x1);
+	char2word(s+4,  x2);
+	char2word(s+8,  x3);
+	char2word(s+12, x4);
+
+#if !defined(OPENSSL_SMALL_FOOTPRINT)	
+	E_SEED(t0, t1, x1, x2, x3, x4, 0);
+	E_SEED(t0, t1, x3, x4, x1, x2, 2);
+	E_SEED(t0, t1, x1, x2, x3, x4, 4);
+	E_SEED(t0, t1, x3, x4, x1, x2, 6);
+	E_SEED(t0, t1, x1, x2, x3, x4, 8);
+	E_SEED(t0, t1, x3, x4, x1, x2, 10);
+	E_SEED(t0, t1, x1, x2, x3, x4, 12);
+	E_SEED(t0, t1, x3, x4, x1, x2, 14);
+	E_SEED(t0, t1, x1, x2, x3, x4, 16);
+	E_SEED(t0, t1, x3, x4, x1, x2, 18);
+	E_SEED(t0, t1, x1, x2, x3, x4, 20);
+	E_SEED(t0, t1, x3, x4, x1, x2, 22);
+	E_SEED(t0, t1, x1, x2, x3, x4, 24);
+	E_SEED(t0, t1, x3, x4, x1, x2, 26);
+	E_SEED(t0, t1, x1, x2, x3, x4, 28);
+	E_SEED(t0, t1, x3, x4, x1, x2, 30);
+#else
+	{
+	    int i;
+	    for (i=0;i<30;i+=4) {
+		E_SEED(t0,t1,x1,x2,x3,x4,i);
+		E_SEED(t0,t1,x3,x4,x1,x2,i+2);
+	    }
+	}
+#endif
+
+	word2char(x3, d);
+	word2char(x4, d+4);
+	word2char(x1, d+8);
+	word2char(x2, d+12);
+}
+
+void SEED_decrypt(const unsigned char s[SEED_BLOCK_SIZE], unsigned char d[SEED_BLOCK_SIZE], const SEED_KEY_SCHEDULE *ks)
+{
+	seed_word x1, x2, x3, x4;
+	seed_word t0, t1;
+
+	char2word(s,    x1);
+	char2word(s+4,  x2);
+	char2word(s+8,  x3);
+	char2word(s+12, x4);
+
+#if !defined(OPENSSL_SMALL_FOOTPRINT)
+	E_SEED(t0, t1, x1, x2, x3, x4, 30);
+	E_SEED(t0, t1, x3, x4, x1, x2, 28);
+	E_SEED(t0, t1, x1, x2, x3, x4, 26);
+	E_SEED(t0, t1, x3, x4, x1, x2, 24);
+	E_SEED(t0, t1, x1, x2, x3, x4, 22);
+	E_SEED(t0, t1, x3, x4, x1, x2, 20);
+	E_SEED(t0, t1, x1, x2, x3, x4, 18);
+	E_SEED(t0, t1, x3, x4, x1, x2, 16);
+	E_SEED(t0, t1, x1, x2, x3, x4, 14);
+	E_SEED(t0, t1, x3, x4, x1, x2, 12);
+	E_SEED(t0, t1, x1, x2, x3, x4, 10);
+	E_SEED(t0, t1, x3, x4, x1, x2, 8);
+	E_SEED(t0, t1, x1, x2, x3, x4, 6);
+	E_SEED(t0, t1, x3, x4, x1, x2, 4);
+	E_SEED(t0, t1, x1, x2, x3, x4, 2);
+	E_SEED(t0, t1, x3, x4, x1, x2, 0);
+#else
+	{
+	    int i;
+	    for (i=30; i>0; i-=4) {
+		E_SEED(t0, t1, x1, x2, x3, x4, i);
+		E_SEED(t0, t1, x3, x4, x1, x2, i-2);
+
+	    }
+	}
+#endif
+
+	word2char(x3, d);
+	word2char(x4, d+4);
+	word2char(x1, d+8);
+	word2char(x2, d+12);
+}
+
+#endif /* OPENSSL_NO_SEED */
diff --git a/crypto/seed/seed.h b/crypto/seed/seed.h
new file mode 100644
index 0000000000..6ffa5f024e
--- /dev/null
+++ b/crypto/seed/seed.h
@@ -0,0 +1,137 @@
+/*
+ * Copyright (c) 2007 KISA(Korea Information Security Agency). All rights reserved.  
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Neither the name of author nor the names of its contributors may
+ *    be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2007 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+
+#ifndef HEADER_SEED_H
+#define HEADER_SEED_H
+
+#include <openssl/opensslconf.h>
+#include <openssl/e_os2.h>
+#include <openssl/crypto.h>
+
+#ifdef OPENSSL_NO_SEED
+#error SEED is disabled.
+#endif
+
+#ifdef AES_LONG /* look whether we need 'long' to get 32 bits */
+# ifndef SEED_LONG
+#  define SEED_LONG 1
+# endif
+#endif
+
+#if !defined(NO_SYS_TYPES_H)
+# include <sys/types.h>
+#endif
+
+#define SEED_BLOCK_SIZE 16
+#define SEED_KEY_LENGTH	16
+
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+
+typedef struct seed_key_st {
+#ifdef SEED_LONG
+    unsigned long data[32];
+#else
+    unsigned int data[32];
+#endif
+} SEED_KEY_SCHEDULE;
+
+
+void SEED_set_key(const unsigned char rawkey[SEED_KEY_LENGTH], SEED_KEY_SCHEDULE *ks);
+
+void SEED_encrypt(const unsigned char s[SEED_BLOCK_SIZE], unsigned char d[SEED_BLOCK_SIZE], const SEED_KEY_SCHEDULE *ks);
+void SEED_decrypt(const unsigned char s[SEED_BLOCK_SIZE], unsigned char d[SEED_BLOCK_SIZE], const SEED_KEY_SCHEDULE *ks);
+
+void SEED_ecb_encrypt(const unsigned char *in, unsigned char *out, const SEED_KEY_SCHEDULE *ks, int enc);
+void SEED_cbc_encrypt(const unsigned char *in, unsigned char *out,
+        size_t len, const SEED_KEY_SCHEDULE *ks, unsigned char ivec[SEED_BLOCK_SIZE], int enc);
+void SEED_cfb128_encrypt(const unsigned char *in, unsigned char *out,
+        size_t len, const SEED_KEY_SCHEDULE *ks, unsigned char ivec[SEED_BLOCK_SIZE], int *num, int enc);
+void SEED_ofb128_encrypt(const unsigned char *in, unsigned char *out,
+        size_t len, const SEED_KEY_SCHEDULE *ks, unsigned char ivec[SEED_BLOCK_SIZE], int *num);
+
+#ifdef  __cplusplus
+}
+#endif
+
+#endif /* HEADER_SEED_H */
diff --git a/crypto/seed/seed_cbc.c b/crypto/seed/seed_cbc.c
new file mode 100644
index 0000000000..6c3f9b527a
--- /dev/null
+++ b/crypto/seed/seed_cbc.c
@@ -0,0 +1,63 @@
+/* crypto/seed/seed_cbc.c -*- mode:C; c-file-style: "eay" -*- */
+/* ====================================================================
+ * Copyright (c) 1998-2007 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#include <openssl/seed.h>
+#include <openssl/modes.h>
+
+void SEED_cbc_encrypt(const unsigned char *in, unsigned char *out,
+                      size_t len, const SEED_KEY_SCHEDULE *ks,
+                      unsigned char ivec[SEED_BLOCK_SIZE], int enc)
+	{
+	if (enc)
+		CRYPTO_cbc128_encrypt(in,out,len,ks,ivec,(block128_f)SEED_encrypt);
+	else
+		CRYPTO_cbc128_decrypt(in,out,len,ks,ivec,(block128_f)SEED_decrypt);
+	}
diff --git a/crypto/asn1/a_hdr.c b/crypto/seed/seed_cfb.c
index b354ae5865..694597dd06 100644
--- a/crypto/asn1/a_hdr.c
+++ b/crypto/seed/seed_cfb.c
@@ -1,4 +1,53 @@
-/* crypto/asn1/a_hdr.c */
+/* crypto/seed/seed_cfb.c -*- mode:C; c-file-style: "eay" -*- */
+/* ====================================================================
+ * Copyright (c) 1998-2007 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -56,64 +105,12 @@
  * [including the GNU Public Licence.]
  */
 
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1_mac.h>
-#include <openssl/asn1.h>
-
-int i2d_ASN1_HEADER(ASN1_HEADER *a, unsigned char **pp)
-	{
-	M_ASN1_I2D_vars(a);
-
-	M_ASN1_I2D_len(a->header,	i2d_ASN1_OCTET_STRING);
-	M_ASN1_I2D_len(a->data,		a->meth->i2d);
-
-	M_ASN1_I2D_seq_total();
-
-	M_ASN1_I2D_put(a->header,	i2d_ASN1_OCTET_STRING);
-	M_ASN1_I2D_put(a->data,		a->meth->i2d);
-
-	M_ASN1_I2D_finish();
-	}
-
-ASN1_HEADER *d2i_ASN1_HEADER(ASN1_HEADER **a, const unsigned char **pp,
-	     long length)
-	{
-	M_ASN1_D2I_vars(a,ASN1_HEADER *,ASN1_HEADER_new);
-
-	M_ASN1_D2I_Init();
-        M_ASN1_D2I_start_sequence();
-        M_ASN1_D2I_get(ret->header,d2i_ASN1_OCTET_STRING);
-	if (ret->meth != NULL)
-		{
-		M_ASN1_D2I_get(ret->data,ret->meth->d2i);
-		}
-	else
-		{
-		if (a != NULL) (*a)=ret;
-		return(ret);
-		}
-        M_ASN1_D2I_Finish(a,ASN1_HEADER_free,ASN1_F_D2I_ASN1_HEADER);
-	}
-
-ASN1_HEADER *ASN1_HEADER_new(void)
-	{
-	ASN1_HEADER *ret=NULL;
-	ASN1_CTX c;
-
-	M_ASN1_New_Malloc(ret,ASN1_HEADER);
-	M_ASN1_New(ret->header,M_ASN1_OCTET_STRING_new);
-	ret->meth=NULL;
-	ret->data=NULL;
-	return(ret);
-        M_ASN1_New_Error(ASN1_F_ASN1_HEADER_NEW);
-	}
+#include <openssl/seed.h>
+#include <openssl/modes.h>
 
-void ASN1_HEADER_free(ASN1_HEADER *a)
+void SEED_cfb128_encrypt(const unsigned char *in, unsigned char *out,
+                         size_t len, const SEED_KEY_SCHEDULE *ks,
+                         unsigned char ivec[SEED_BLOCK_SIZE], int *num, int enc)
 	{
-	if (a == NULL) return;
-	M_ASN1_OCTET_STRING_free(a->header);
-	if (a->meth != NULL)
-		a->meth->destroy(a->data);
-	OPENSSL_free(a);
+	CRYPTO_cfb128_encrypt(in,out,len,ks,ivec,num,enc,(block128_f)SEED_encrypt);
 	}
diff --git a/crypto/seed/seed_ecb.c b/crypto/seed/seed_ecb.c
new file mode 100644
index 0000000000..e63f5ae14e
--- /dev/null
+++ b/crypto/seed/seed_ecb.c
@@ -0,0 +1,60 @@
+/* crypto/seed/seed_ecb.c -*- mode:C; c-file-style: "eay" -*- */
+/* ====================================================================
+ * Copyright (c) 2007 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#include <openssl/seed.h>
+
+void SEED_ecb_encrypt(const unsigned char *in, unsigned char *out, const SEED_KEY_SCHEDULE *ks, int enc) 
+	{
+	if (enc)
+		SEED_encrypt(in, out, ks);
+	else
+		SEED_decrypt(in, out, ks);
+	}
diff --git a/crypto/seed/seed_locl.h b/crypto/seed/seed_locl.h
new file mode 100644
index 0000000000..fd456b6422
--- /dev/null
+++ b/crypto/seed/seed_locl.h
@@ -0,0 +1,116 @@
+/*
+ * Copyright (c) 2007 KISA(Korea Information Security Agency). All rights reserved.  
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Neither the name of author nor the names of its contributors may
+ *    be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ */
+#ifndef HEADER_SEED_LOCL_H
+#define HEADER_SEED_LOCL_H
+
+#include "openssl/e_os2.h"
+#include <openssl/seed.h>
+
+
+#ifdef SEED_LONG /* need 32-bit type */
+typedef unsigned long seed_word;
+#else
+typedef unsigned int seed_word;
+#endif
+
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+#define G_FUNC(v)       \
+        SS[0][(unsigned char)      (v) & 0xff] ^ SS[1][(unsigned char) ((v)>>8) & 0xff] ^ \
+        SS[2][(unsigned char)((v)>>16) & 0xff] ^ SS[3][(unsigned char)((v)>>24) & 0xff]
+
+#define char2word(c, i)  \
+        (i) = ((((seed_word)(c)[0]) << 24) | (((seed_word)(c)[1]) << 16) | (((seed_word)(c)[2]) << 8) | ((seed_word)(c)[3]))
+
+#define word2char(l, c)  \
+        *((c)+0) = (unsigned char)((l)>>24) & 0xff; \
+        *((c)+1) = (unsigned char)((l)>>16) & 0xff; \
+        *((c)+2) = (unsigned char)((l)>> 8) & 0xff; \
+        *((c)+3) = (unsigned char)((l))     & 0xff
+
+#define KEYSCHEDULE_UPDATE0(T0, T1, X1, X2, X3, X4, KC)  \
+        (T0) = (X3);                                     \
+        (X3) = (((X3)<<8) ^ ((X4)>>24)) & 0xffffffff;    \
+        (X4) = (((X4)<<8) ^ ((T0)>>24)) & 0xffffffff;    \
+        (T0) = ((X1) + (X3) - (KC))     & 0xffffffff;    \
+        (T1) = ((X2) + (KC) - (X4))     & 0xffffffff
+
+#define KEYSCHEDULE_UPDATE1(T0, T1, X1, X2, X3, X4, KC)  \
+        (T0) = (X1);                                     \
+        (X1) = (((X1)>>8) ^ ((X2)<<24)) & 0xffffffff;    \
+        (X2) = (((X2)>>8) ^ ((T0)<<24)) & 0xffffffff;    \
+        (T0) = ((X1) + (X3) - (KC))     & 0xffffffff;     \
+        (T1) = ((X2) + (KC) - (X4))     & 0xffffffff
+
+#define KEYUPDATE_TEMP(T0, T1, K)   \
+        (K)[0] = G_FUNC((T0));      \
+        (K)[1] = G_FUNC((T1))
+
+#define XOR_SEEDBLOCK(DST, SRC)      \
+        ((DST))[0] ^= ((SRC))[0];    \
+        ((DST))[1] ^= ((SRC))[1];    \
+        ((DST))[2] ^= ((SRC))[2];    \
+        ((DST))[3] ^= ((SRC))[3]
+
+#define MOV_SEEDBLOCK(DST, SRC)      \
+        ((DST))[0] = ((SRC))[0];     \
+        ((DST))[1] = ((SRC))[1];     \
+        ((DST))[2] = ((SRC))[2];     \
+        ((DST))[3] = ((SRC))[3]
+
+# define CHAR2WORD(C, I)              \
+        char2word((C),    (I)[0]);    \
+        char2word((C+4),  (I)[1]);    \
+        char2word((C+8),  (I)[2]);    \
+        char2word((C+12), (I)[3])
+
+# define WORD2CHAR(I, C)              \
+        word2char((I)[0], (C));       \
+        word2char((I)[1], (C+4));     \
+        word2char((I)[2], (C+8));     \
+        word2char((I)[3], (C+12))
+
+# define E_SEED(T0, T1, X1, X2, X3, X4, rbase)   \
+        (T0) = (X3) ^ (ks->data)[(rbase)];       \
+        (T1) = (X4) ^ (ks->data)[(rbase)+1];     \
+        (T1) ^= (T0);                            \
+        (T1) = G_FUNC((T1));                     \
+        (T0) = ((T0) + (T1)) & 0xffffffff;       \
+        (T0) = G_FUNC((T0));                     \
+        (T1) = ((T1) + (T0)) & 0xffffffff;       \
+        (T1) = G_FUNC((T1));                     \
+        (T0) = ((T0) + (T1)) & 0xffffffff;       \
+        (X1) ^= (T0);                            \
+        (X2) ^= (T1)
+
+#ifdef  __cplusplus
+}
+#endif
+
+#endif /* HEADER_SEED_LOCL_H */
diff --git a/crypto/asn1/p8_key.c b/crypto/seed/seed_ofb.c
index 3a31248e14..3c8ba33bb9 100644
--- a/crypto/asn1/p8_key.c
+++ b/crypto/seed/seed_ofb.c
@@ -1,4 +1,53 @@
-/* crypto/asn1/p8_key.c */
+/* crypto/seed/seed_ofb.c -*- mode:C; c-file-style: "eay" -*- */
+/* ====================================================================
+ * Copyright (c) 1998-2007 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -56,76 +105,12 @@
  * [including the GNU Public Licence.]
  */
 
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1_mac.h>
-#include <openssl/objects.h>
+#include <openssl/seed.h>
+#include <openssl/modes.h>
 
-int i2d_X509_KEY(X509 *a, unsigned char **pp)
+void SEED_ofb128_encrypt(const unsigned char *in, unsigned char *out,
+                         size_t len, const SEED_KEY_SCHEDULE *ks,
+                         unsigned char ivec[SEED_BLOCK_SIZE], int *num)
 	{
-	M_ASN1_I2D_vars(a);
-
-	M_ASN1_I2D_len(a->cert_info,	i2d_X509_CINF);
-	M_ASN1_I2D_len(a->sig_alg,	i2d_X509_ALGOR);
-	M_ASN1_I2D_len(a->signature,	i2d_ASN1_BIT_STRING);
-
-	M_ASN1_I2D_seq_total();
-
-	M_ASN1_I2D_put(a->cert_info,	i2d_X509_CINF);
-	M_ASN1_I2D_put(a->sig_alg,	i2d_X509_ALGOR);
-	M_ASN1_I2D_put(a->signature,	i2d_ASN1_BIT_STRING);
-
-	M_ASN1_I2D_finish();
-	}
-
-X509 *d2i_X509_KEY(X509 **a, unsigned char **pp, long length)
-	{
-	M_ASN1_D2I_vars(a,X509 *,X509_new);
-
-	M_ASN1_D2I_Init();
-	M_ASN1_D2I_start_sequence();
-	M_ASN1_D2I_get(ret->cert_info,d2i_X509_CINF);
-	M_ASN1_D2I_get(ret->sig_alg,d2i_X509_ALGOR);
-	M_ASN1_D2I_get(ret->signature,d2i_ASN1_BIT_STRING);
-	M_ASN1_D2I_Finish(a,X509_free,ASN1_F_D2I_X509);
-	}
-
-X509 *X509_KEY_new(void)
-	{
-	X509_KEY *ret=NULL;
-
-	M_ASN1_New_OPENSSL_malloc(ret,X509_KEY);
-	ret->references=1;
-	ret->type=NID
-	M_ASN1_New(ret->cert_info,X509_CINF_new);
-	M_ASN1_New(ret->sig_alg,X509_ALGOR_new);
-	M_ASN1_New(ret->signature,ASN1_BIT_STRING_new);
-	return(ret);
-	M_ASN1_New_Error(ASN1_F_X509_NEW);
-	}
-
-void X509_KEY_free(X509 *a)
-	{
-	int i;
-
-	if (a == NULL) return;
-
-	i=CRYPTO_add_lock(&a->references,-1,CRYPTO_LOCK_X509_KEY);
-#ifdef REF_PRINT
-	REF_PRINT("X509_KEY",a);
-#endif
-	if (i > 0) return;
-#ifdef REF_CHECK
-	if (i < 0)
-		{
-		fprintf(stderr,"X509_KEY_free, bad reference count\n");
-		abort();
-		}
-#endif
-
-	X509_CINF_free(a->cert_info);
-	X509_ALGOR_free(a->sig_alg);
-	ASN1_BIT_STRING_free(a->signature);
-	OPENSSL_free(a);
+	CRYPTO_ofb128_encrypt(in,out,len,ks,ivec,num,(block128_f)SEED_encrypt);
 	}
-
diff --git a/crypto/sha/.cvsignore b/crypto/sha/.cvsignore
index c6d03a9dbc..4f51f915e7 100644
--- a/crypto/sha/.cvsignore
+++ b/crypto/sha/.cvsignore
@@ -1,2 +1,7 @@
 lib
 Makefile.save
+*.flc
+semantic.cache
+sha1-*.s
+sha256-*.s
+sha512-*.s
diff --git a/crypto/sha/Makefile.ssl b/crypto/sha/Makefile.ssl
deleted file mode 100644
index 71adb3c38c..0000000000
--- a/crypto/sha/Makefile.ssl
+++ /dev/null
@@ -1,139 +0,0 @@
-#
-# SSLeay/crypto/sha/Makefile
-#
-
-DIR=    sha
-TOP=    ../..
-CC=     cc
-CPP=    $(CC) -E
-INCLUDES=
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=           make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=       Makefile.ssl
-AR=             ar r
-
-SHA1_ASM_OBJ=
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-ASFLAGS= $(INCLUDES) $(ASFLAG)
-AFLAGS= $(ASFLAGS)
-
-GENERAL=Makefile
-TEST=shatest.c sha1test.c sha256t.c sha512t.c
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=sha_dgst.c sha1dgst.c sha_one.c sha1_one.c sha256.c sha512.c
-LIBOBJ=sha_dgst.o sha1dgst.o sha_one.o sha1_one.o sha256.o sha512.o $(SHA1_ASM_OBJ)
-
-SRC= $(LIBSRC)
-
-EXHEADER= sha.h
-HEADER= sha_locl.h $(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:    lib
-
-lib:    $(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-# ELF
-sx86-elf.s: asm/sha1-586.pl ../perlasm/x86asm.pl
-	(cd asm; $(PERL) sha1-586.pl elf $(CFLAGS) $(PROCESSOR) > ../$@)
-s512sse2-elf.s:	asm/sha512-sse2.pl ../perlasm/x86asm.pl
-	(cd asm; $(PERL) sha512-sse2.pl elf $(CFLAGS) $(PROCESSOR) > ../$@)
-# COFF
-sx86-cof.s: asm/sha1-586.pl ../perlasm/x86asm.pl
-	(cd asm; $(PERL) sha1-586.pl coff $(CFLAGS) $(PROCESSOR) > ../$@)
-s512sse2-cof.s:     asm/sha512-sse2.pl ../perlasm/x86asm.pl
-	(cd asm; $(PERL) sha512-sse2.pl coff $(CFLAGS) $(PROCESSOR) > ../$@)
-# a.out
-sx86-out.s: asm/sha1-586.pl ../perlasm/x86asm.pl
-	(cd asm; $(PERL) sha1-586.pl a.out $(CFLAGS) $(PROCESSOR) > ../$@)
-s512sse2-out.s:     asm/sha512-sse2.pl ../perlasm/x86asm.pl
-	(cd asm; $(PERL) sha512-sse2.pl a.out $(CFLAGS) $(PROCESSOR) > ../$@)
-
-sha1-ia64.s:   asm/sha1-ia64.pl
-	(cd asm; $(PERL) sha1-ia64.pl $(CFLAGS) ) > $@
-sha256-ia64.s: asm/sha512-ia64.pl
-	(cd asm; $(PERL) sha512-ia64.pl ../$@ $(CFLAGS))
-sha512-ia64.s: asm/sha512-ia64.pl
-	(cd asm; $(PERL) sha512-ia64.pl ../$@ $(CFLAGS))
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@sh $(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-sha1_one.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-sha1_one.o: ../../include/openssl/opensslconf.h
-sha1_one.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-sha1_one.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-sha1_one.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-sha1_one.o: sha1_one.c
-sha1dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
-sha1dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/sha.h
-sha1dgst.o: ../md32_common.h sha1dgst.c sha_locl.h
-sha256.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-sha256.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-sha256.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-sha256.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-sha256.o: ../../include/openssl/symhacks.h ../md32_common.h sha256.c
-sha512.o: ../../e_os.h ../../include/openssl/bio.h
-sha512.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-sha512.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-sha512.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-sha512.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-sha512.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-sha512.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-sha512.o: ../cryptlib.h sha512.c
-sha_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
-sha_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/sha.h
-sha_dgst.o: ../md32_common.h sha_dgst.c sha_locl.h
-sha_one.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-sha_one.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-sha_one.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-sha_one.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-sha_one.o: ../../include/openssl/symhacks.h sha_one.c
diff --git a/crypto/sha/asm/.cvsignore b/crypto/sha/asm/.cvsignore
index 748a54a4b5..9921443258 100644
--- a/crypto/sha/asm/.cvsignore
+++ b/crypto/sha/asm/.cvsignore
@@ -1,2 +1,4 @@
 sx86unix.cpp
 sx86-elf.s
+*.flc
+semantic.cache
diff --git a/crypto/sha/asm/sha1-586.pl b/crypto/sha/asm/sha1-586.pl
index 4f8521f1e2..dc855ef557 100644
--- a/crypto/sha/asm/sha1-586.pl
+++ b/crypto/sha/asm/sha1-586.pl
@@ -1,5 +1,19 @@
-#!/usr/local/bin/perl
+#!/usr/bin/env perl
 
+# ====================================================================
+# [Re]written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# "[Re]written" was achieved in two major overhauls. In 2004 BODY_*
+# functions were re-implemented to address P4 performance issue [see
+# commentary below], and in 2006 the rest was rewritten in order to
+# gain freedom to liberate licensing terms.
+
+# January, September 2004.
+#
 # It was noted that Intel IA-32 C compiler generates code which
 # performs ~30% *faster* on P4 CPU than original *hand-coded*
 # SHA1 assembler implementation. To address this problem (and
@@ -17,90 +31,38 @@
 # improvement on P4 outweights the loss and incorporate this
 # re-tuned code to 0.9.7 and later.
 # ----------------------------------------------------------------
-# Those who for any particular reason absolutely must score on
-# Pentium can replace this module with one from 0.9.6 distribution.
-# This "offer" shall be revoked the moment programming interface to
-# this module is changed, in which case this paragraph should be
-# removed.
-# ----------------------------------------------------------------
 #					<appro@fy.chalmers.se>
 
-$normal=0;
-
-push(@INC,"perlasm","../../perlasm");
+# August 2009.
+#
+# George Spelvin has tipped that F_40_59(b,c,d) can be rewritten as
+# '(c&d) + (b&(c^d))', which allows to accumulate partial results
+# and lighten "pressure" on scratch registers. This resulted in
+# >12% performance improvement on contemporary AMD cores (with no
+# degradation on other CPUs:-). Also, the code was revised to maximize
+# "distance" between instructions producing input to 'lea' instruction
+# and the 'lea' instruction itself, which is essential for Intel Atom
+# core.
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+push(@INC,"${dir}","${dir}../../perlasm");
 require "x86asm.pl";
 
 &asm_init($ARGV[0],"sha1-586.pl",$ARGV[$#ARGV] eq "386");
 
 $A="eax";
-$B="ecx";
-$C="ebx";
+$B="ebx";
+$C="ecx";
 $D="edx";
 $E="edi";
 $T="esi";
 $tmp1="ebp";
 
-$off=9*4;
-
-@K=(0x5a827999,0x6ed9eba1,0x8f1bbcdc,0xca62c1d6);
-
-&sha1_block_data("sha1_block_asm_data_order");
-
-&asm_finish();
-
-sub Nn
-	{
-	local($p)=@_;
-	local(%n)=($A,$T,$B,$A,$C,$B,$D,$C,$E,$D,$T,$E);
-	return($n{$p});
-	}
-
-sub Np
-	{
-	local($p)=@_;
-	local(%n)=($A,$T,$B,$A,$C,$B,$D,$C,$E,$D,$T,$E);
-	local(%n)=($A,$B,$B,$C,$C,$D,$D,$E,$E,$T,$T,$A);
-	return($n{$p});
-	}
-
-sub Na
-	{
-	local($n)=@_;
-	return( (($n   )&0x0f),
-		(($n+ 2)&0x0f),
-		(($n+ 8)&0x0f),
-		(($n+13)&0x0f),
-		(($n+ 1)&0x0f));
-	}
-
-sub X_expand
-	{
-	local($in)=@_;
-
-	&comment("First, load the words onto the stack in network byte order");
-	for ($i=0; $i<16; $i+=2)
-		{
-		&mov($A,&DWP(($i+0)*4,$in,"",0));# unless $i == 0;
-		 &mov($B,&DWP(($i+1)*4,$in,"",0));
-		&bswap($A);
-		 &bswap($B);
-		&mov(&swtmp($i+0),$A);
-		 &mov(&swtmp($i+1),$B);
-		}
-
-	&comment("We now have the X array on the stack");
-	&comment("starting at sp-4");
-	}
-
-# Rules of engagement
-# F is always trashable at the start, the running total.
-# E becomes the next F so it can be trashed after it has been 'accumulated'
-# F becomes A in the next round.  We don't need to access it much.
-# During the X update part, the result ends up in $X[$n0].
+@V=($A,$B,$C,$D,$E,$T);
 
 sub BODY_00_15
 	{
-	local($pos,$K,$X,$n,$a,$b,$c,$d,$e,$f)=@_;
+	local($n,$a,$b,$c,$d,$e,$f)=@_;
 
 	&comment("00_15 $n");
 
@@ -109,322 +71,160 @@ sub BODY_00_15
 	 else        { &mov($a,$tmp1); }
 	&rotl($tmp1,5);			# tmp1=ROTATE(a,5)
 	 &xor($f,$d);
+	&add($tmp1,$e);			# tmp1+=e;
+	 &mov($e,&swtmp($n%16));	# e becomes volatile and is loaded
+	 				# with xi, also note that e becomes
+					# f in next round...
 	&and($f,$b);
-	 &add($tmp1,$e);		# tmp1+=e;
-	&mov($e,&swtmp($n));		# e becomes volatile and
-	 				# is loaded with xi
-	 &xor($f,$d);			# f holds F_00_19(b,c,d)
 	&rotr($b,2);			# b=ROTATE(b,30)
-	 &lea($tmp1,&DWP($K,$tmp1,$e,1));# tmp1+=K_00_19+xi
+	 &xor($f,$d);			# f holds F_00_19(b,c,d)
+	&lea($tmp1,&DWP(0x5a827999,$tmp1,$e));	# tmp1+=K_00_19+xi
 
-	if ($n==15) { &add($f,$tmp1); }	# f+=tmp1
-	else        { &add($tmp1,$f); }
+	if ($n==15) { &mov($e,&swtmp(($n+1)%16));# pre-fetch f for next round
+		      &add($f,$tmp1); }	# f+=tmp1
+	else        { &add($tmp1,$f); }	# f becomes a in next round
 	}
 
 sub BODY_16_19
 	{
-	local($pos,$K,$X,$n,$a,$b,$c,$d,$e,$f)=@_;
-	local($n0,$n1,$n2,$n3,$np)=&Na($n);
+	local($n,$a,$b,$c,$d,$e,$f)=@_;
 
 	&comment("16_19 $n");
 
-	&mov($f,&swtmp($n1));		# f to hold Xupdate(xi,xa,xb,xc,xd)
-	 &mov($tmp1,$c);		# tmp1 to hold F_00_19(b,c,d)
-	&xor($f,&swtmp($n0));
-	 &xor($tmp1,$d);
-	&xor($f,&swtmp($n2));
-	 &and($tmp1,$b);		# tmp1 holds F_00_19(b,c,d)
-	&rotr($b,2);			# b=ROTATE(b,30)
-	 &xor($f,&swtmp($n3));		# f holds xa^xb^xc^xd
-	&rotl($f,1);			# f=ROATE(f,1)
+	&mov($tmp1,$c);			# tmp1 to hold F_00_19(b,c,d)
+	 &xor($f,&swtmp(($n+2)%16));	# f to hold Xupdate(xi,xa,xb,xc,xd)
+	&xor($tmp1,$d);
+	 &xor($f,&swtmp(($n+8)%16));
+	&and($tmp1,$b);
+	 &xor($f,&swtmp(($n+13)%16));	# f holds xa^xb^xc^xd
+	&rotl($f,1);			# f=ROTATE(f,1)
 	 &xor($tmp1,$d);		# tmp1=F_00_19(b,c,d)
-	&mov(&swtmp($n0),$f);		# xi=f
-	&lea($f,&DWP($K,$f,$e,1));	# f+=K_00_19+e
-	 &mov($e,$a);			# e becomes volatile
-	&rotl($e,5);			# e=ROTATE(a,5)
-	 &add($f,$tmp1);		# f+=F_00_19(b,c,d)
-	&add($f,$e);			# f+=ROTATE(a,5)
+	&add($e,$tmp1);			# e+=F_00_19(b,c,d)
+	 &mov($tmp1,$a);
+	&rotr($b,2);			# b=ROTATE(b,30)
+	 &mov(&swtmp($n%16),$f);	# xi=f
+	&rotl($tmp1,5);			# ROTATE(a,5)
+	 &lea($f,&DWP(0x5a827999,$f,$e));# f+=F_00_19(b,c,d)+e
+	&mov($e,&swtmp(($n+1)%16));	# pre-fetch f for next round
+	 &add($f,$tmp1);		# f+=ROTATE(a,5)
 	}
 
 sub BODY_20_39
 	{
-	local($pos,$K,$X,$n,$a,$b,$c,$d,$e,$f)=@_;
+	local($n,$a,$b,$c,$d,$e,$f)=@_;
+	local $K=($n<40)?0x6ed9eba1:0xca62c1d6;
 
 	&comment("20_39 $n");
-	local($n0,$n1,$n2,$n3,$np)=&Na($n);
 
 	&mov($tmp1,$b);			# tmp1 to hold F_20_39(b,c,d)
-	 &mov($f,&swtmp($n0));		# f to hold Xupdate(xi,xa,xb,xc,xd)
-	&rotr($b,2);			# b=ROTATE(b,30)
-	 &xor($f,&swtmp($n1));
+	 &xor($f,&swtmp(($n+2)%16));	# f to hold Xupdate(xi,xa,xb,xc,xd)
 	&xor($tmp1,$c);
-	 &xor($f,&swtmp($n2));
+	 &xor($f,&swtmp(($n+8)%16));
 	&xor($tmp1,$d);			# tmp1 holds F_20_39(b,c,d)
-	 &xor($f,&swtmp($n3));		# f holds xa^xb^xc^xd
+	 &xor($f,&swtmp(($n+13)%16));	# f holds xa^xb^xc^xd
 	&rotl($f,1);			# f=ROTATE(f,1)
-	 &add($tmp1,$e);
-	&mov(&swtmp($n0),$f);		# xi=f
-	 &mov($e,$a);			# e becomes volatile
-	&rotl($e,5);			# e=ROTATE(a,5)
-	 &lea($f,&DWP($K,$f,$tmp1,1));	# f+=K_20_39+e
-	&add($f,$e);			# f+=ROTATE(a,5)
+	 &add($e,$tmp1);		# e+=F_20_39(b,c,d)
+	&rotr($b,2);			# b=ROTATE(b,30)
+	 &mov($tmp1,$a);
+	&rotl($tmp1,5);			# ROTATE(a,5)
+	 &mov(&swtmp($n%16),$f) if($n<77);# xi=f
+	&lea($f,&DWP($K,$f,$e));	# f+=e+K_XX_YY
+	 &mov($e,&swtmp(($n+1)%16)) if($n<79);# pre-fetch f for next round
+	&add($f,$tmp1);			# f+=ROTATE(a,5)
 	}
 
 sub BODY_40_59
 	{
-	local($pos,$K,$X,$n,$a,$b,$c,$d,$e,$f)=@_;
+	local($n,$a,$b,$c,$d,$e,$f)=@_;
 
 	&comment("40_59 $n");
-	local($n0,$n1,$n2,$n3,$np)=&Na($n);
-
-	&mov($f,&swtmp($n0));		# f to hold Xupdate(xi,xa,xb,xc,xd)
-	 &mov($tmp1,&swtmp($n1));
-	&xor($f,$tmp1);
-	 &mov($tmp1,&swtmp($n2));
-	&xor($f,$tmp1);
-	 &mov($tmp1,&swtmp($n3));
-	&xor($f,$tmp1);			# f holds xa^xb^xc^xd
-	 &mov($tmp1,$b);		# tmp1 to hold F_40_59(b,c,d)
+
+	&mov($tmp1,$c);			# tmp1 to hold F_40_59(b,c,d)
+	 &xor($f,&swtmp(($n+2)%16));	# f to hold Xupdate(xi,xa,xb,xc,xd)
+	&xor($tmp1,$d);
+	 &xor($f,&swtmp(($n+8)%16));
+	&and($tmp1,$b);
+	 &xor($f,&swtmp(($n+13)%16));	# f holds xa^xb^xc^xd
 	&rotl($f,1);			# f=ROTATE(f,1)
-	 &or($tmp1,$c);
-	&mov(&swtmp($n0),$f);		# xi=f
-	 &and($tmp1,$d);
-	&lea($f,&DWP($K,$f,$e,1));	# f+=K_40_59+e
-	 &mov($e,$b);			# e becomes volatile and is used
-					# to calculate F_40_59(b,c,d)
+	 &add($tmp1,$e);		# b&(c^d)+=e
 	&rotr($b,2);			# b=ROTATE(b,30)
-	 &and($e,$c);
-	&or($tmp1,$e);			# tmp1 holds F_40_59(b,c,d)		
-	 &mov($e,$a);
-	&rotl($e,5);			# e=ROTATE(a,5)
-	 &add($f,$tmp1);		# f+=tmp1;
+	 &mov($e,$a);			# e becomes volatile
+	&rotl($e,5);			# ROTATE(a,5)
+	 &mov(&swtmp($n%16),$f);	# xi=f
+	&lea($f,&DWP(0x8f1bbcdc,$f,$tmp1));# f+=K_40_59+e+(b&(c^d))
+	 &mov($tmp1,$c);
 	&add($f,$e);			# f+=ROTATE(a,5)
+	 &and($tmp1,$d);
+	&mov($e,&swtmp(($n+1)%16));	# pre-fetch f for next round
+	 &add($f,$tmp1);		# f+=c&d
 	}
 
-sub BODY_60_79
-	{
-	&BODY_20_39(@_);
-	}
+&function_begin("sha1_block_data_order");
+	&mov($tmp1,&wparam(0));	# SHA_CTX *c
+	&mov($T,&wparam(1));	# const void *input
+	&mov($A,&wparam(2));	# size_t num
+	&stack_push(16);	# allocate X[16]
+	&shl($A,6);
+	&add($A,$T);
+	&mov(&wparam(2),$A);	# pointer beyond the end of input
+	&mov($E,&DWP(16,$tmp1));# pre-load E
 
-sub sha1_block_host
-	{
-	local($name, $sclabel)=@_;
-
-	&function_begin_B($name,"");
-
-	# parameter 1 is the MD5_CTX structure.
-	# A	0
-	# B	4
-	# C	8
-	# D 	12
-	# E 	16
-
-	&mov("ecx",	&wparam(2));
-	 &push("esi");
-	&shl("ecx",6);
-	 &mov("esi",	&wparam(1));
-	&push("ebp");
-	 &add("ecx","esi");	# offset to leave on
-	&push("ebx");
-	 &mov("ebp",	&wparam(0));
-	&push("edi");
-	 &mov($D,	&DWP(12,"ebp","",0));
-	&stack_push(18+9);
-	 &mov($E,	&DWP(16,"ebp","",0));
-	&mov($C,	&DWP( 8,"ebp","",0));
-	 &mov(&swtmp(17),"ecx");
-
-	&comment("First we need to setup the X array");
-
-	for ($i=0; $i<16; $i+=2)
+	&set_label("loop",16);
+
+	# copy input chunk to X, but reversing byte order!
+	for ($i=0; $i<16; $i+=4)
 		{
-		&mov($A,&DWP(($i+0)*4,"esi","",0));# unless $i == 0;
-		 &mov($B,&DWP(($i+1)*4,"esi","",0));
+		&mov($A,&DWP(4*($i+0),$T));
+		&mov($B,&DWP(4*($i+1),$T));
+		&mov($C,&DWP(4*($i+2),$T));
+		&mov($D,&DWP(4*($i+3),$T));
+		&bswap($A);
+		&bswap($B);
+		&bswap($C);
+		&bswap($D);
 		&mov(&swtmp($i+0),$A);
-		 &mov(&swtmp($i+1),$B);
+		&mov(&swtmp($i+1),$B);
+		&mov(&swtmp($i+2),$C);
+		&mov(&swtmp($i+3),$D);
 		}
-	&jmp($sclabel);
-	&function_end_B($name);
-	}
-
-
-sub sha1_block_data
-	{
-	local($name)=@_;
-
-	&function_begin_B($name,"");
-
-	# parameter 1 is the MD5_CTX structure.
-	# A	0
-	# B	4
-	# C	8
-	# D 	12
-	# E 	16
-
-	&mov("ecx",	&wparam(2));
-	 &push("esi");
-	&shl("ecx",6);
-	 &mov("esi",	&wparam(1));
-	&push("ebp");
-	 &add("ecx","esi");	# offset to leave on
-	&push("ebx");
-	 &mov("ebp",	&wparam(0));
-	&push("edi");
-	 &mov($D,	&DWP(12,"ebp","",0));
-	&stack_push(18+9);
-	 &mov($E,	&DWP(16,"ebp","",0));
-	&mov($C,	&DWP( 8,"ebp","",0));
-	 &mov(&swtmp(17),"ecx");
-
-	&comment("First we need to setup the X array");
-
-	&set_label("start") unless $normal;
-
-	&X_expand("esi");
-	 &mov(&wparam(1),"esi");
-
-	&set_label("shortcut", 0, 1);
-	&comment("");
-	&comment("Start processing");
-
-	# odd start
-	&mov($A,	&DWP( 0,"ebp","",0));
-	 &mov($B,	&DWP( 4,"ebp","",0));
-	$X="esp";
-	&BODY_00_15(-2,$K[0],$X, 0,$A,$B,$C,$D,$E,$T);
-	&BODY_00_15( 0,$K[0],$X, 1,$T,$A,$B,$C,$D,$E);
-	&BODY_00_15( 0,$K[0],$X, 2,$E,$T,$A,$B,$C,$D);
-	&BODY_00_15( 0,$K[0],$X, 3,$D,$E,$T,$A,$B,$C);
-	&BODY_00_15( 0,$K[0],$X, 4,$C,$D,$E,$T,$A,$B);
-	&BODY_00_15( 0,$K[0],$X, 5,$B,$C,$D,$E,$T,$A);
-	&BODY_00_15( 0,$K[0],$X, 6,$A,$B,$C,$D,$E,$T);
-	&BODY_00_15( 0,$K[0],$X, 7,$T,$A,$B,$C,$D,$E);
-	&BODY_00_15( 0,$K[0],$X, 8,$E,$T,$A,$B,$C,$D);
-	&BODY_00_15( 0,$K[0],$X, 9,$D,$E,$T,$A,$B,$C);
-	&BODY_00_15( 0,$K[0],$X,10,$C,$D,$E,$T,$A,$B);
-	&BODY_00_15( 0,$K[0],$X,11,$B,$C,$D,$E,$T,$A);
-	&BODY_00_15( 0,$K[0],$X,12,$A,$B,$C,$D,$E,$T);
-	&BODY_00_15( 0,$K[0],$X,13,$T,$A,$B,$C,$D,$E);
-	&BODY_00_15( 0,$K[0],$X,14,$E,$T,$A,$B,$C,$D);
-	&BODY_00_15( 1,$K[0],$X,15,$D,$E,$T,$A,$B,$C);
-	&BODY_16_19(-1,$K[0],$X,16,$C,$D,$E,$T,$A,$B);
-	&BODY_16_19( 0,$K[0],$X,17,$B,$C,$D,$E,$T,$A);
-	&BODY_16_19( 0,$K[0],$X,18,$A,$B,$C,$D,$E,$T);
-	&BODY_16_19( 1,$K[0],$X,19,$T,$A,$B,$C,$D,$E);
-
-	&BODY_20_39(-1,$K[1],$X,20,$E,$T,$A,$B,$C,$D);
-	&BODY_20_39( 0,$K[1],$X,21,$D,$E,$T,$A,$B,$C);
-	&BODY_20_39( 0,$K[1],$X,22,$C,$D,$E,$T,$A,$B);
-	&BODY_20_39( 0,$K[1],$X,23,$B,$C,$D,$E,$T,$A);
-	&BODY_20_39( 0,$K[1],$X,24,$A,$B,$C,$D,$E,$T);
-	&BODY_20_39( 0,$K[1],$X,25,$T,$A,$B,$C,$D,$E);
-	&BODY_20_39( 0,$K[1],$X,26,$E,$T,$A,$B,$C,$D);
-	&BODY_20_39( 0,$K[1],$X,27,$D,$E,$T,$A,$B,$C);
-	&BODY_20_39( 0,$K[1],$X,28,$C,$D,$E,$T,$A,$B);
-	&BODY_20_39( 0,$K[1],$X,29,$B,$C,$D,$E,$T,$A);
-	&BODY_20_39( 0,$K[1],$X,30,$A,$B,$C,$D,$E,$T);
-	&BODY_20_39( 0,$K[1],$X,31,$T,$A,$B,$C,$D,$E);
-	&BODY_20_39( 0,$K[1],$X,32,$E,$T,$A,$B,$C,$D);
-	&BODY_20_39( 0,$K[1],$X,33,$D,$E,$T,$A,$B,$C);
-	&BODY_20_39( 0,$K[1],$X,34,$C,$D,$E,$T,$A,$B);
-	&BODY_20_39( 0,$K[1],$X,35,$B,$C,$D,$E,$T,$A);
-	&BODY_20_39( 0,$K[1],$X,36,$A,$B,$C,$D,$E,$T);
-	&BODY_20_39( 0,$K[1],$X,37,$T,$A,$B,$C,$D,$E);
-	&BODY_20_39( 0,$K[1],$X,38,$E,$T,$A,$B,$C,$D);
-	&BODY_20_39( 1,$K[1],$X,39,$D,$E,$T,$A,$B,$C);
-
-	&BODY_40_59(-1,$K[2],$X,40,$C,$D,$E,$T,$A,$B);
-	&BODY_40_59( 0,$K[2],$X,41,$B,$C,$D,$E,$T,$A);
-	&BODY_40_59( 0,$K[2],$X,42,$A,$B,$C,$D,$E,$T);
-	&BODY_40_59( 0,$K[2],$X,43,$T,$A,$B,$C,$D,$E);
-	&BODY_40_59( 0,$K[2],$X,44,$E,$T,$A,$B,$C,$D);
-	&BODY_40_59( 0,$K[2],$X,45,$D,$E,$T,$A,$B,$C);
-	&BODY_40_59( 0,$K[2],$X,46,$C,$D,$E,$T,$A,$B);
-	&BODY_40_59( 0,$K[2],$X,47,$B,$C,$D,$E,$T,$A);
-	&BODY_40_59( 0,$K[2],$X,48,$A,$B,$C,$D,$E,$T);
-	&BODY_40_59( 0,$K[2],$X,49,$T,$A,$B,$C,$D,$E);
-	&BODY_40_59( 0,$K[2],$X,50,$E,$T,$A,$B,$C,$D);
-	&BODY_40_59( 0,$K[2],$X,51,$D,$E,$T,$A,$B,$C);
-	&BODY_40_59( 0,$K[2],$X,52,$C,$D,$E,$T,$A,$B);
-	&BODY_40_59( 0,$K[2],$X,53,$B,$C,$D,$E,$T,$A);
-	&BODY_40_59( 0,$K[2],$X,54,$A,$B,$C,$D,$E,$T);
-	&BODY_40_59( 0,$K[2],$X,55,$T,$A,$B,$C,$D,$E);
-	&BODY_40_59( 0,$K[2],$X,56,$E,$T,$A,$B,$C,$D);
-	&BODY_40_59( 0,$K[2],$X,57,$D,$E,$T,$A,$B,$C);
-	&BODY_40_59( 0,$K[2],$X,58,$C,$D,$E,$T,$A,$B);
-	&BODY_40_59( 1,$K[2],$X,59,$B,$C,$D,$E,$T,$A);
-
-	&BODY_60_79(-1,$K[3],$X,60,$A,$B,$C,$D,$E,$T);
-	&BODY_60_79( 0,$K[3],$X,61,$T,$A,$B,$C,$D,$E);
-	&BODY_60_79( 0,$K[3],$X,62,$E,$T,$A,$B,$C,$D);
-	&BODY_60_79( 0,$K[3],$X,63,$D,$E,$T,$A,$B,$C);
-	&BODY_60_79( 0,$K[3],$X,64,$C,$D,$E,$T,$A,$B);
-	&BODY_60_79( 0,$K[3],$X,65,$B,$C,$D,$E,$T,$A);
-	&BODY_60_79( 0,$K[3],$X,66,$A,$B,$C,$D,$E,$T);
-	&BODY_60_79( 0,$K[3],$X,67,$T,$A,$B,$C,$D,$E);
-	&BODY_60_79( 0,$K[3],$X,68,$E,$T,$A,$B,$C,$D);
-	&BODY_60_79( 0,$K[3],$X,69,$D,$E,$T,$A,$B,$C);
-	&BODY_60_79( 0,$K[3],$X,70,$C,$D,$E,$T,$A,$B);
-	&BODY_60_79( 0,$K[3],$X,71,$B,$C,$D,$E,$T,$A);
-	&BODY_60_79( 0,$K[3],$X,72,$A,$B,$C,$D,$E,$T);
-	&BODY_60_79( 0,$K[3],$X,73,$T,$A,$B,$C,$D,$E);
-	&BODY_60_79( 0,$K[3],$X,74,$E,$T,$A,$B,$C,$D);
-	&BODY_60_79( 0,$K[3],$X,75,$D,$E,$T,$A,$B,$C);
-	&BODY_60_79( 0,$K[3],$X,76,$C,$D,$E,$T,$A,$B);
-	&BODY_60_79( 0,$K[3],$X,77,$B,$C,$D,$E,$T,$A);
-	&BODY_60_79( 0,$K[3],$X,78,$A,$B,$C,$D,$E,$T);
-	&BODY_60_79( 2,$K[3],$X,79,$T,$A,$B,$C,$D,$E);
-
-	&comment("End processing");
-	&comment("");
-	# D is the tmp value
-
-	# E -> A
-	# T -> B
-	# A -> C
-	# B -> D
-	# C -> E
-	# D -> T
-
-	&mov($tmp1,&wparam(0));
-
-	 &mov($D,	&DWP(12,$tmp1,"",0));
-	&add($D,$B);
-	 &mov($B,	&DWP( 4,$tmp1,"",0));
-	&add($B,$T);
-	 &mov($T,	$A);
-	&mov($A,	&DWP( 0,$tmp1,"",0));
-	 &mov(&DWP(12,$tmp1,"",0),$D);
-
-	&add($A,$E);
-	 &mov($E,	&DWP(16,$tmp1,"",0));
-	&add($E,$C);
-	 &mov($C,	&DWP( 8,$tmp1,"",0));
-	&add($C,$T);
-
-	 &mov(&DWP( 0,$tmp1,"",0),$A);
-	&mov("esi",&wparam(1));
-	 &mov(&DWP( 8,$tmp1,"",0),$C);
- 	&add("esi",64);
-	 &mov("eax",&swtmp(17));
-	&mov(&DWP(16,$tmp1,"",0),$E);
-	 &cmp("esi","eax");
-	&mov(&DWP( 4,$tmp1,"",0),$B);
-	 &jb(&label("start"));
-
-	&stack_pop(18+9);
-	 &pop("edi");
-	&pop("ebx");
-	 &pop("ebp");
-	&pop("esi");
-	 &ret();
-
-	# keep a note of shortcut label so it can be used outside
-	# block.
-	my $sclabel = &label("shortcut");
-
-	&function_end_B($name);
-	# Putting this here avoids problems with MASM in debugging mode
-	&sha1_block_host("sha1_block_asm_host_order", $sclabel);
-	}
+	&mov(&wparam(1),$T);	# redundant in 1st spin
+
+	&mov($A,&DWP(0,$tmp1));	# load SHA_CTX
+	&mov($B,&DWP(4,$tmp1));
+	&mov($C,&DWP(8,$tmp1));
+	&mov($D,&DWP(12,$tmp1));
+	# E is pre-loaded
+
+	for($i=0;$i<16;$i++)	{ &BODY_00_15($i,@V); unshift(@V,pop(@V)); }
+	for(;$i<20;$i++)	{ &BODY_16_19($i,@V); unshift(@V,pop(@V)); }
+	for(;$i<40;$i++)	{ &BODY_20_39($i,@V); unshift(@V,pop(@V)); }
+	for(;$i<60;$i++)	{ &BODY_40_59($i,@V); unshift(@V,pop(@V)); }
+	for(;$i<80;$i++)	{ &BODY_20_39($i,@V); unshift(@V,pop(@V)); }
+
+	(($V[5] eq $D) and ($V[0] eq $E)) or die;	# double-check
+
+	&mov($tmp1,&wparam(0));	# re-load SHA_CTX*
+	&mov($D,&wparam(1));	# D is last "T" and is discarded
+
+	&add($E,&DWP(0,$tmp1));	# E is last "A"...
+	&add($T,&DWP(4,$tmp1));
+	&add($A,&DWP(8,$tmp1));
+	&add($B,&DWP(12,$tmp1));
+	&add($C,&DWP(16,$tmp1));
+
+	&mov(&DWP(0,$tmp1),$E);	# update SHA_CTX
+	 &add($D,64);		# advance input pointer
+	&mov(&DWP(4,$tmp1),$T);
+	 &cmp($D,&wparam(2));	# have we reached the end yet?
+	&mov(&DWP(8,$tmp1),$A);
+	 &mov($E,$C);		# C is last "E" which needs to be "pre-loaded"
+	&mov(&DWP(12,$tmp1),$B);
+	 &mov($T,$D);		# input pointer
+	&mov(&DWP(16,$tmp1),$C);
+	&jb(&label("loop"));
+
+	&stack_pop(16);
+&function_end("sha1_block_data_order");
+&asciz("SHA1 block transform for x86, CRYPTOGAMS by <appro\@openssl.org>");
 
+&asm_finish();
diff --git a/crypto/sha/asm/sha1-alpha.pl b/crypto/sha/asm/sha1-alpha.pl
new file mode 100644
index 0000000000..dd9b43b697
--- /dev/null
+++ b/crypto/sha/asm/sha1-alpha.pl
@@ -0,0 +1,314 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# SHA1 block procedure for Alpha.
+
+# On 21264 performance is 33% better than code generated by vendor
+# compiler, and 75% better than GCC [3.4]. Implementation features
+# vectorized byte swap, but not Xupdate.
+
+@X=(	"\$0",	"\$1",	"\$2",	"\$3",	"\$4",	"\$5",	"\$6",	"\$7",
+	"\$8",	"\$9",	"\$10",	"\$11",	"\$12",	"\$13",	"\$14",	"\$15");
+$ctx="a0";	# $16
+$inp="a1";
+$num="a2";
+$A="a3";
+$B="a4";	# 20
+$C="a5";
+$D="t8";
+$E="t9";	@V=($A,$B,$C,$D,$E);
+$t0="t10";	# 24
+$t1="t11";
+$t2="ra";
+$t3="t12";
+$K="AT";	# 28
+
+sub BODY_00_19 {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $j=$i+1;
+$code.=<<___ if ($i==0);
+	ldq_u	@X[0],0+0($inp)
+	ldq_u	@X[1],0+7($inp)
+___
+$code.=<<___ if (!($i&1) && $i<14);
+	ldq_u	@X[$i+2],($i+2)*4+0($inp)
+	ldq_u	@X[$i+3],($i+2)*4+7($inp)
+___
+$code.=<<___ if (!($i&1) && $i<15);
+	extql	@X[$i],$inp,@X[$i]
+	extqh	@X[$i+1],$inp,@X[$i+1]
+
+	or	@X[$i+1],@X[$i],@X[$i]	# pair of 32-bit values are fetched
+
+	srl	@X[$i],24,$t0		# vectorized byte swap
+	srl	@X[$i],8,$t2
+
+	sll	@X[$i],8,$t3
+	sll	@X[$i],24,@X[$i]
+	zapnot	$t0,0x11,$t0
+	zapnot	$t2,0x22,$t2
+
+	zapnot	@X[$i],0x88,@X[$i]
+	or	$t0,$t2,$t0
+	zapnot	$t3,0x44,$t3
+	sll	$a,5,$t1
+
+	or	@X[$i],$t0,@X[$i]
+	addl	$K,$e,$e
+	and	$b,$c,$t2
+	zapnot	$a,0xf,$a
+
+	or	@X[$i],$t3,@X[$i]
+	srl	$a,27,$t0
+	bic	$d,$b,$t3
+	sll	$b,30,$b
+
+	extll	@X[$i],4,@X[$i+1]	# extract upper half
+	or	$t2,$t3,$t2
+	addl	@X[$i],$e,$e
+
+	addl	$t1,$e,$e
+	srl	$b,32,$t3
+	zapnot	@X[$i],0xf,@X[$i]
+
+	addl	$t0,$e,$e
+	addl	$t2,$e,$e
+	or	$t3,$b,$b
+___
+$code.=<<___ if (($i&1) && $i<15);
+	sll	$a,5,$t1
+	addl	$K,$e,$e
+	and	$b,$c,$t2
+	zapnot	$a,0xf,$a
+
+	srl	$a,27,$t0
+	addl	@X[$i%16],$e,$e
+	bic	$d,$b,$t3
+	sll	$b,30,$b
+
+	or	$t2,$t3,$t2
+	addl	$t1,$e,$e
+	srl	$b,32,$t3
+	zapnot	@X[$i],0xf,@X[$i]
+
+	addl	$t0,$e,$e
+	addl	$t2,$e,$e
+	or	$t3,$b,$b
+___
+$code.=<<___ if ($i>=15);	# with forward Xupdate
+	sll	$a,5,$t1
+	addl	$K,$e,$e
+	and	$b,$c,$t2
+	xor	@X[($j+2)%16],@X[$j%16],@X[$j%16]
+
+	zapnot	$a,0xf,$a
+	addl	@X[$i%16],$e,$e
+	bic	$d,$b,$t3
+	xor	@X[($j+8)%16],@X[$j%16],@X[$j%16]
+
+	srl	$a,27,$t0
+	addl	$t1,$e,$e
+	or	$t2,$t3,$t2
+	xor	@X[($j+13)%16],@X[$j%16],@X[$j%16]
+
+	sll	$b,30,$b
+	addl	$t0,$e,$e
+	srl	@X[$j%16],31,$t1
+
+	addl	$t2,$e,$e
+	srl	$b,32,$t3
+	addl	@X[$j%16],@X[$j%16],@X[$j%16]
+
+	or	$t3,$b,$b
+	zapnot	@X[$i%16],0xf,@X[$i%16]
+	or	$t1,@X[$j%16],@X[$j%16]
+___
+}
+
+sub BODY_20_39 {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $j=$i+1;
+$code.=<<___ if ($i<79);	# with forward Xupdate
+	sll	$a,5,$t1
+	addl	$K,$e,$e
+	zapnot	$a,0xf,$a
+	xor	@X[($j+2)%16],@X[$j%16],@X[$j%16]
+
+	sll	$b,30,$t3
+	addl	$t1,$e,$e
+	xor	$b,$c,$t2
+	xor	@X[($j+8)%16],@X[$j%16],@X[$j%16]
+
+	srl	$b,2,$b
+	addl	@X[$i%16],$e,$e
+	xor	$d,$t2,$t2
+	xor	@X[($j+13)%16],@X[$j%16],@X[$j%16]
+
+	srl	@X[$j%16],31,$t1
+	addl	$t2,$e,$e
+	srl	$a,27,$t0
+	addl	@X[$j%16],@X[$j%16],@X[$j%16]
+
+	or	$t3,$b,$b
+	addl	$t0,$e,$e
+	or	$t1,@X[$j%16],@X[$j%16]
+___
+$code.=<<___ if ($i<77);
+	zapnot	@X[$i%16],0xf,@X[$i%16]
+___
+$code.=<<___ if ($i==79);	# with context fetch
+	sll	$a,5,$t1
+	addl	$K,$e,$e
+	zapnot	$a,0xf,$a
+	ldl	@X[0],0($ctx)
+
+	sll	$b,30,$t3
+	addl	$t1,$e,$e
+	xor	$b,$c,$t2
+	ldl	@X[1],4($ctx)
+
+	srl	$b,2,$b
+	addl	@X[$i%16],$e,$e
+	xor	$d,$t2,$t2
+	ldl	@X[2],8($ctx)
+
+	srl	$a,27,$t0
+	addl	$t2,$e,$e
+	ldl	@X[3],12($ctx)
+
+	or	$t3,$b,$b
+	addl	$t0,$e,$e
+	ldl	@X[4],16($ctx)
+___
+}
+
+sub BODY_40_59 {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $j=$i+1;
+$code.=<<___;	# with forward Xupdate
+	sll	$a,5,$t1
+	addl	$K,$e,$e
+	zapnot	$a,0xf,$a
+	xor	@X[($j+2)%16],@X[$j%16],@X[$j%16]
+
+	srl	$a,27,$t0
+	and	$b,$c,$t2
+	and	$b,$d,$t3
+	xor	@X[($j+8)%16],@X[$j%16],@X[$j%16]
+
+	sll	$b,30,$b
+	addl	$t1,$e,$e
+	xor	@X[($j+13)%16],@X[$j%16],@X[$j%16]
+
+	srl	@X[$j%16],31,$t1
+	addl	$t0,$e,$e
+	or	$t2,$t3,$t2
+	and	$c,$d,$t3
+
+	or	$t2,$t3,$t2
+	srl	$b,32,$t3
+	addl	@X[$i%16],$e,$e
+	addl	@X[$j%16],@X[$j%16],@X[$j%16]
+
+	or	$t3,$b,$b
+	addl	$t2,$e,$e
+	or	$t1,@X[$j%16],@X[$j%16]
+	zapnot	@X[$i%16],0xf,@X[$i%16]
+___
+}
+
+$code=<<___;
+#include <asm.h>
+#include <regdef.h>
+
+.text
+
+.set	noat
+.set	noreorder
+.globl	sha1_block_data_order
+.align	5
+.ent	sha1_block_data_order
+sha1_block_data_order:
+	lda	sp,-64(sp)
+	stq	ra,0(sp)
+	stq	s0,8(sp)
+	stq	s1,16(sp)
+	stq	s2,24(sp)
+	stq	s3,32(sp)
+	stq	s4,40(sp)
+	stq	s5,48(sp)
+	stq	fp,56(sp)
+	.mask	0x0400fe00,-64
+	.frame	sp,64,ra
+	.prologue 0
+
+	ldl	$A,0($ctx)
+	ldl	$B,4($ctx)
+	sll	$num,6,$num
+	ldl	$C,8($ctx)
+	ldl	$D,12($ctx)
+	ldl	$E,16($ctx)
+	addq	$inp,$num,$num
+
+.Lloop:
+	.set	noreorder
+	ldah	$K,23170(zero)
+	zapnot	$B,0xf,$B
+	lda	$K,31129($K)	# K_00_19
+___
+for ($i=0;$i<20;$i++) { &BODY_00_19($i,@V); unshift(@V,pop(@V)); }
+
+$code.=<<___;
+	ldah	$K,28378(zero)
+	lda	$K,-5215($K)	# K_20_39
+___
+for (;$i<40;$i++) { &BODY_20_39($i,@V); unshift(@V,pop(@V)); }
+
+$code.=<<___;
+	ldah	$K,-28900(zero)
+	lda	$K,-17188($K)	# K_40_59
+___
+for (;$i<60;$i++) { &BODY_40_59($i,@V); unshift(@V,pop(@V)); }
+
+$code.=<<___;
+	ldah	$K,-13725(zero)
+	lda	$K,-15914($K)	# K_60_79
+___
+for (;$i<80;$i++) { &BODY_20_39($i,@V); unshift(@V,pop(@V)); }
+
+$code.=<<___;
+	addl	@X[0],$A,$A
+	addl	@X[1],$B,$B
+	addl	@X[2],$C,$C
+	addl	@X[3],$D,$D
+	addl	@X[4],$E,$E
+	stl	$A,0($ctx)
+	stl	$B,4($ctx)
+	addq	$inp,64,$inp
+	stl	$C,8($ctx)
+	stl	$D,12($ctx)
+	stl	$E,16($ctx)
+	cmpult	$inp,$num,$t1
+	bne	$t1,.Lloop
+
+	.set	noreorder
+	ldq	ra,0(sp)
+	ldq	s0,8(sp)
+	ldq	s1,16(sp)
+	ldq	s2,24(sp)
+	ldq	s3,32(sp)
+	ldq	s4,40(sp)
+	ldq	s5,48(sp)
+	ldq	fp,56(sp)
+	lda	sp,64(sp)
+	ret	(ra)
+.end	sha1_block_data_order
+___
+print $code;
+close STDOUT;
diff --git a/crypto/sha/asm/sha1-armv4-large.pl b/crypto/sha/asm/sha1-armv4-large.pl
new file mode 100644
index 0000000000..f99606a32e
--- /dev/null
+++ b/crypto/sha/asm/sha1-armv4-large.pl
@@ -0,0 +1,243 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# sha1_block procedure for ARMv4.
+#
+# January 2007.
+
+# Size/performance trade-off
+# ====================================================================
+# impl		size in bytes	comp cycles[*]	measured performance
+# ====================================================================
+# thumb		304		3212		4420
+# armv4-small	392/+29%	1958/+64%	2250/+96%
+# armv4-compact	740/+89%	1552/+26%	1840/+22%
+# armv4-large	1420/+92%	1307/+19%	1370/+34%[***]
+# full unroll	~5100/+260%	~1260/+4%	~1300/+5%
+# ====================================================================
+# thumb		= same as 'small' but in Thumb instructions[**] and
+#		  with recurring code in two private functions;
+# small		= detached Xload/update, loops are folded;
+# compact	= detached Xload/update, 5x unroll;
+# large		= interleaved Xload/update, 5x unroll;
+# full unroll	= interleaved Xload/update, full unroll, estimated[!];
+#
+# [*]	Manually counted instructions in "grand" loop body. Measured
+#	performance is affected by prologue and epilogue overhead,
+#	i-cache availability, branch penalties, etc.
+# [**]	While each Thumb instruction is twice smaller, they are not as
+#	diverse as ARM ones: e.g., there are only two arithmetic
+#	instructions with 3 arguments, no [fixed] rotate, addressing
+#	modes are limited. As result it takes more instructions to do
+#	the same job in Thumb, therefore the code is never twice as
+#	small and always slower.
+# [***]	which is also ~35% better than compiler generated code.
+
+$output=shift;
+open STDOUT,">$output";
+
+$ctx="r0";
+$inp="r1";
+$len="r2";
+$a="r3";
+$b="r4";
+$c="r5";
+$d="r6";
+$e="r7";
+$K="r8";
+$t0="r9";
+$t1="r10";
+$t2="r11";
+$t3="r12";
+$Xi="r14";
+@V=($a,$b,$c,$d,$e);
+
+# One can optimize this for aligned access on big-endian architecture,
+# but code's endian neutrality makes it too pretty:-)
+sub Xload {
+my ($a,$b,$c,$d,$e)=@_;
+$code.=<<___;
+	ldrb	$t0,[$inp],#4
+	ldrb	$t1,[$inp,#-3]
+	ldrb	$t2,[$inp,#-2]
+	ldrb	$t3,[$inp,#-1]
+	add	$e,$K,$e,ror#2			@ E+=K_00_19
+	orr	$t0,$t1,$t0,lsl#8
+	add	$e,$e,$a,ror#27			@ E+=ROR(A,27)
+	orr	$t0,$t2,$t0,lsl#8
+	eor	$t1,$c,$d			@ F_xx_xx
+	orr	$t0,$t3,$t0,lsl#8
+	add	$e,$e,$t0			@ E+=X[i]
+	str	$t0,[$Xi,#-4]!
+___
+}
+sub Xupdate {
+my ($a,$b,$c,$d,$e,$flag)=@_;
+$code.=<<___;
+	ldr	$t0,[$Xi,#15*4]
+	ldr	$t1,[$Xi,#13*4]
+	ldr	$t2,[$Xi,#7*4]
+	ldr	$t3,[$Xi,#2*4]
+	add	$e,$K,$e,ror#2			@ E+=K_xx_xx
+	eor	$t0,$t0,$t1
+	eor	$t2,$t2,$t3
+	eor	$t0,$t0,$t2
+	add	$e,$e,$a,ror#27			@ E+=ROR(A,27)
+___
+$code.=<<___ if (!defined($flag));
+	eor	$t1,$c,$d			@ F_xx_xx, but not in 40_59
+___
+$code.=<<___;
+	mov	$t0,$t0,ror#31
+	add	$e,$e,$t0			@ E+=X[i]
+	str	$t0,[$Xi,#-4]!
+___
+}
+
+sub BODY_00_15 {
+my ($a,$b,$c,$d,$e)=@_;
+	&Xload(@_);
+$code.=<<___;
+	and	$t1,$b,$t1,ror#2
+	eor	$t1,$t1,$d,ror#2		@ F_00_19(B,C,D)
+	add	$e,$e,$t1			@ E+=F_00_19(B,C,D)
+___
+}
+
+sub BODY_16_19 {
+my ($a,$b,$c,$d,$e)=@_;
+	&Xupdate(@_);
+$code.=<<___;
+	and	$t1,$b,$t1,ror#2
+	eor	$t1,$t1,$d,ror#2		@ F_00_19(B,C,D)
+	add	$e,$e,$t1			@ E+=F_00_19(B,C,D)
+___
+}
+
+sub BODY_20_39 {
+my ($a,$b,$c,$d,$e)=@_;
+	&Xupdate(@_);
+$code.=<<___;
+	eor	$t1,$b,$t1,ror#2		@ F_20_39(B,C,D)
+	add	$e,$e,$t1			@ E+=F_20_39(B,C,D)
+___
+}
+
+sub BODY_40_59 {
+my ($a,$b,$c,$d,$e)=@_;
+if (1) {
+	&Xupdate(@_);
+$code.=<<___;
+	and	$t2,$c,$d
+	and	$t1,$b,$t1,ror#2
+	add	$e,$e,$t2,ror#2
+	add	$e,$e,$t1			@ E+=F_40_59(B,C,D)
+___
+} else {
+	&Xupdate(@_,1);
+$code.=<<___;
+	and	$t1,$b,$c,ror#2
+	orr	$t2,$b,$c,ror#2
+	and	$t2,$t2,$d,ror#2
+	orr	$t1,$t1,$t2			@ F_40_59(B,C,D)
+	add	$e,$e,$t1			@ E+=F_40_59(B,C,D)
+___
+}
+}
+
+$code=<<___;
+.text
+
+.global	sha1_block_data_order
+.type	sha1_block_data_order,%function
+
+.align	2
+sha1_block_data_order:
+	stmdb	sp!,{r4-r12,lr}
+	add	$len,$inp,$len,lsl#6	@ $len to point at the end of $inp
+	ldmia	$ctx,{$a,$b,$c,$d,$e}
+.Lloop:
+	ldr	$K,.LK_00_19
+	mov	$Xi,sp
+	sub	sp,sp,#15*4
+	mov	$c,$c,ror#30
+	mov	$d,$d,ror#30
+	mov	$e,$e,ror#30		@ [6]
+.L_00_15:
+___
+for($i=0;$i<5;$i++) {
+	&BODY_00_15(@V);	unshift(@V,pop(@V));
+}
+$code.=<<___;
+	teq	$Xi,sp
+	bne	.L_00_15		@ [((11+4)*5+2)*3]
+___
+	&BODY_00_15(@V);	unshift(@V,pop(@V));
+	&BODY_16_19(@V);	unshift(@V,pop(@V));
+	&BODY_16_19(@V);	unshift(@V,pop(@V));
+	&BODY_16_19(@V);	unshift(@V,pop(@V));
+	&BODY_16_19(@V);	unshift(@V,pop(@V));
+$code.=<<___;
+
+	ldr	$K,.LK_20_39		@ [+15+16*4]
+	sub	sp,sp,#25*4
+	cmn	sp,#0			@ [+3], clear carry to denote 20_39
+.L_20_39_or_60_79:
+___
+for($i=0;$i<5;$i++) {
+	&BODY_20_39(@V);	unshift(@V,pop(@V));
+}
+$code.=<<___;
+	teq	$Xi,sp			@ preserve carry
+	bne	.L_20_39_or_60_79	@ [+((12+3)*5+2)*4]
+	bcs	.L_done			@ [+((12+3)*5+2)*4], spare 300 bytes
+
+	ldr	$K,.LK_40_59
+	sub	sp,sp,#20*4		@ [+2]
+.L_40_59:
+___
+for($i=0;$i<5;$i++) {
+	&BODY_40_59(@V);	unshift(@V,pop(@V));
+}
+$code.=<<___;
+	teq	$Xi,sp
+	bne	.L_40_59		@ [+((12+5)*5+2)*4]
+
+	ldr	$K,.LK_60_79
+	sub	sp,sp,#20*4
+	cmp	sp,#0			@ set carry to denote 60_79
+	b	.L_20_39_or_60_79	@ [+4], spare 300 bytes
+.L_done:
+	add	sp,sp,#80*4		@ "deallocate" stack frame
+	ldmia	$ctx,{$K,$t0,$t1,$t2,$t3}
+	add	$a,$K,$a
+	add	$b,$t0,$b
+	add	$c,$t1,$c,ror#2
+	add	$d,$t2,$d,ror#2
+	add	$e,$t3,$e,ror#2
+	stmia	$ctx,{$a,$b,$c,$d,$e}
+	teq	$inp,$len
+	bne	.Lloop			@ [+18], total 1307
+
+	ldmia	sp!,{r4-r12,lr}
+	tst	lr,#1
+	moveq	pc,lr			@ be binary compatible with V4, yet
+	bx	lr			@ interoperable with Thumb ISA:-)
+.align	2
+.LK_00_19:	.word	0x5a827999
+.LK_20_39:	.word	0x6ed9eba1
+.LK_40_59:	.word	0x8f1bbcdc
+.LK_60_79:	.word	0xca62c1d6
+.size	sha1_block_data_order,.-sha1_block_data_order
+.asciz	"SHA1 block transform for ARMv4, CRYPTOGAMS by <appro\@openssl.org>"
+___
+
+$code =~ s/\bbx\s+lr\b/.word\t0xe12fff1e/gm;	# make it possible to compile with -march=armv4
+print $code;
+close STDOUT; # enforce flush
diff --git a/crypto/sha/asm/sha1-ia64.pl b/crypto/sha/asm/sha1-ia64.pl
index cb9dfad124..db28f0805a 100644
--- a/crypto/sha/asm/sha1-ia64.pl
+++ b/crypto/sha/asm/sha1-ia64.pl
@@ -2,8 +2,9 @@
 #
 # ====================================================================
 # Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
-# project. Rights for redistribution and usage in source and binary
-# forms are granted according to the OpenSSL license.
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
 # ====================================================================
 #
 # Eternal question is what's wrong with compiler generated code? The
@@ -11,15 +12,10 @@
 # to perform rotations by maintaining copy of 32-bit value in upper
 # bits of 64-bit register. Just follow mux2 and shrp instructions...
 # Performance under big-endian OS such as HP-UX is 179MBps*1GHz, which
-# is >50% better than HP C and >2x better than gcc. As of this moment
-# performance under little-endian OS such as Linux and Windows will be
-# a bit lower, because data has to be picked in reverse byte-order.
-# It's possible to resolve this issue by implementing third function,
-# sha1_block_asm_data_order_aligned, which would temporarily flip
-# BE field in User Mask register...
+# is >50% better than HP C and >2x better than gcc.
 
 $code=<<___;
-.ident  \"sha1-ia64.s, version 1.0\"
+.ident  \"sha1-ia64.s, version 1.3\"
 .ident  \"IA-64 ISA artwork by Andy Polyakov <appro\@fy.chalmers.se>\"
 .explicit
 
@@ -30,14 +26,10 @@ if ($^O eq "hpux") {
     $ADDP="addp4";
     for (@ARGV) { $ADDP="add" if (/[\+DD|\-mlp]64/); }
 } else { $ADDP="add"; }
-for (@ARGV) {	$big_endian=1 if (/\-DB_ENDIAN/);
-		$big_endian=0 if (/\-DL_ENDIAN/);   }
-if (!defined($big_endian))
-	    {	$big_endian=(unpack('L',pack('N',1))==1);   }
 
 #$human=1;
 if ($human) {	# useful for visual code auditing...
-	($A,$B,$C,$D,$E,$T)   = ("A","B","C","D","E","T");
+	($A,$B,$C,$D,$E)   = ("A","B","C","D","E");
 	($h0,$h1,$h2,$h3,$h4) = ("h0","h1","h2","h3","h4");
 	($K_00_19, $K_20_39, $K_40_59, $K_60_79) =
 	    (	"K_00_19","K_20_39","K_40_59","K_60_79"	);
@@ -45,80 +37,75 @@ if ($human) {	# useful for visual code auditing...
 		"X8", "X9","X10","X11","X12","X13","X14","X15"	);
 }
 else {
-	($A,$B,$C,$D,$E,$T)   = ("loc0","loc1","loc2","loc3","loc4","loc5");
-	($h0,$h1,$h2,$h3,$h4) = ("loc6","loc7","loc8","loc9","loc10");
+	($A,$B,$C,$D,$E)   =    ("loc0","loc1","loc2","loc3","loc4");
+	($h0,$h1,$h2,$h3,$h4) = ("loc5","loc6","loc7","loc8","loc9");
 	($K_00_19, $K_20_39, $K_40_59, $K_60_79) =
-	    (	"r14", "r15", "loc11", "loc12"	);
+	    (	"r14", "r15", "loc10", "loc11"	);
 	@X= (	"r16", "r17", "r18", "r19", "r20", "r21", "r22", "r23",
 		"r24", "r25", "r26", "r27", "r28", "r29", "r30", "r31"	);
 }
 
 sub BODY_00_15 {
 local	*code=shift;
-local	($i,$a,$b,$c,$d,$e,$f,$unaligned)=@_;
-
-if ($unaligned) {
-	$code.=<<___;
-{ .mmi;	ld1	tmp0=[inp],2		    // MSB
-	ld1	tmp1=[tmp3],2		};;
-{ .mmi;	ld1	tmp2=[inp],2
-	ld1	$X[$i&0xf]=[tmp3],2	    // LSB
-	dep	tmp1=tmp0,tmp1,8,8	};;
-{ .mii;	cmp.ne	p16,p0=r0,r0		    // no misaligned prefetch
-	dep	$X[$i&0xf]=tmp2,$X[$i&0xf],8,8;;
-	dep	$X[$i&0xf]=tmp1,$X[$i&0xf],16,16	};;
-{ .mmi;	nop.m	0
-___
-	}
-elsif ($i<15) {
-	$code.=<<___;
-{ .mmi;	ld4	$X[($i+1)&0xf]=[inp],4	// prefetch
-___
-	}
-else	{
-	$code.=<<___;
-{ .mmi;	nop.m	0
+my	($i,$a,$b,$c,$d,$e)=@_;
+my	$j=$i+1;
+my	$Xn=@X[$j%16];
+
+$code.=<<___ if ($i==0);
+{ .mmi;	ld1	$X[$i]=[inp],2		    // MSB
+	ld1	tmp2=[tmp3],2		};;
+{ .mmi;	ld1	tmp0=[inp],2
+	ld1	tmp4=[tmp3],2		    // LSB
+	dep	$X[$i]=$X[$i],tmp2,8,8	};;
 ___
-	}
 if ($i<15) {
 	$code.=<<___;
-	and	tmp0=$c,$b
-	dep.z	tmp5=$a,5,27		}   // a<<5
-{ .mmi;	andcm	tmp1=$d,$b
-	add	tmp4=$e,$K_00_19	};;
-{ .mmi;	or	tmp0=tmp0,tmp1		    // F_00_19(b,c,d)=(b&c)|(~b&d)
-	add	$f=tmp4,$X[$i&0xf]	    // f=xi+e+K_00_19
+{ .mmi;	ld1	$Xn=[inp],2		    // forward Xload
+	nop.m	0x0
+	dep	tmp1=tmp0,tmp4,8,8	};;
+{ .mmi;	ld1	tmp2=[tmp3],2		    // forward Xload
+	and	tmp4=$c,$b
+	dep	$X[$i]=$X[$i],tmp1,16,16} //;;
+{ .mmi;	add	$e=$e,$K_00_19		    // e+=K_00_19
+	andcm	tmp1=$d,$b
+	dep.z	tmp5=$a,5,27		};; // a<<5
+{ .mmi;	add	$e=$e,$X[$i]		    // e+=Xload
+	or	tmp4=tmp4,tmp1		    // F_00_19(b,c,d)=(b&c)|(~b&d)
 	extr.u	tmp1=$a,27,5		};; // a>>27
-{ .mib;	add	$f=$f,tmp0		    // f+=F_00_19(b,c,d)
+{ .mmi;	ld1	tmp0=[inp],2		    // forward Xload
+	add	$e=$e,tmp4		    // e+=F_00_19(b,c,d)
 	shrp	$b=tmp6,tmp6,2		}   // b=ROTATE(b,30)
-{ .mib;	or	tmp1=tmp1,tmp5		    // ROTATE(a,5)
+{ .mmi;	ld1	tmp4=[tmp3],2		    // forward Xload
+	or	tmp5=tmp1,tmp5		    // ROTATE(a,5)
 	mux2	tmp6=$a,0x44		};; // see b in next iteration
-{ .mii;	add	$f=$f,tmp1		    // f+=ROTATE(a,5)
-	mux2	$X[$i&0xf]=$X[$i&0xf],0x44
-	nop.i	0			};;
+{ .mii;	add	$e=$e,tmp5		    // e+=ROTATE(a,5)
+	dep	$Xn=$Xn,tmp2,8,8	    // forward Xload
+	mux2	$X[$i]=$X[$i],0x44	} //;;
 
 ___
 	}
 else	{
 	$code.=<<___;
-	and	tmp0=$c,$b
-	dep.z	tmp5=$a,5,27		}   // a<<5 ;;?
-{ .mmi;	andcm	tmp1=$d,$b
-	add	tmp4=$e,$K_00_19	};;
-{ .mmi;	or	tmp0=tmp0,tmp1		    // F_00_19(b,c,d)=(b&c)|(~b&d)
-	add	$f=tmp4,$X[$i&0xf]	    // f=xi+e+K_00_19
+{ .mii;	and	tmp3=$c,$b
+	dep	tmp1=tmp0,tmp4,8,8;;
+	dep	$X[$i]=$X[$i],tmp1,16,16} //;;
+{ .mmi;	add	$e=$e,$K_00_19		    // e+=K_00_19
+	andcm	tmp1=$d,$b
+	dep.z	tmp5=$a,5,27		};; // a<<5
+{ .mmi;	add	$e=$e,$X[$i]		    // e+=Xupdate
+	or	tmp4=tmp3,tmp1		    // F_00_19(b,c,d)=(b&c)|(~b&d)
 	extr.u	tmp1=$a,27,5		}   // a>>27
-{ .mmi;	xor	tmp2=$X[($i+0+1)&0xf],$X[($i+2+1)&0xf]	// +1
-	xor	tmp3=$X[($i+8+1)&0xf],$X[($i+13+1)&0xf] // +1
+{ .mmi;	xor	$Xn=$Xn,$X[($j+2)%16]	    // forward Xupdate
+	xor	tmp3=$X[($j+8)%16],$X[($j+13)%16] // forward Xupdate
 	nop.i	0			};;
-{ .mmi;	add	$f=$f,tmp0		    // f+=F_00_19(b,c,d)
-	xor	tmp2=tmp2,tmp3		    // +1
+{ .mmi;	add	$e=$e,tmp4		    // e+=F_00_19(b,c,d)
+	xor	$Xn=$Xn,tmp3		    // forward Xupdate
 	shrp	$b=tmp6,tmp6,2		}   // b=ROTATE(b,30)
 { .mmi; or	tmp1=tmp1,tmp5		    // ROTATE(a,5)
 	mux2	tmp6=$a,0x44		};; // see b in next iteration
-{ .mii;	add	$f=$f,tmp1		    // f+=ROTATE(a,5)
-	shrp	$e=tmp2,tmp2,31		    // f+1=ROTATE(x[0]^x[2]^x[8]^x[13],1)
-	mux2	$X[$i&0xf]=$X[$i&0xf],0x44  };;
+{ .mii;	add	$e=$e,tmp1		    // e+=ROTATE(a,5)
+	shrp	$Xn=$Xn,$Xn,31		    // ROTATE(x[0]^x[2]^x[8]^x[13],1)
+	mux2	$X[$i]=$X[$i],0x44	};;
 
 ___
 	}
@@ -126,27 +113,28 @@ ___
 
 sub BODY_16_19 {
 local	*code=shift;
-local	($i,$a,$b,$c,$d,$e,$f)=@_;
+my	($i,$a,$b,$c,$d,$e)=@_;
+my	$j=$i+1;
+my	$Xn=@X[$j%16];
 
 $code.=<<___;
-{ .mmi;	mov	$X[$i&0xf]=$f		    // Xupdate
-	and	tmp0=$c,$b
+{ .mib;	add	$e=$e,$K_00_19		    // e+=K_00_19
 	dep.z	tmp5=$a,5,27		}   // a<<5
-{ .mmi;	andcm	tmp1=$d,$b
-	add	tmp4=$e,$K_00_19	};;
-{ .mmi;	or	tmp0=tmp0,tmp1		    // F_00_19(b,c,d)=(b&c)|(~b&d)
-	add	$f=$f,tmp4		    // f+=e+K_00_19
+{ .mib;	andcm	tmp1=$d,$b
+	and	tmp0=$c,$b		};;
+{ .mmi;	add	$e=$e,$X[$i%16]		    // e+=Xupdate
+	or	tmp0=tmp0,tmp1		    // F_00_19(b,c,d)=(b&c)|(~b&d)
 	extr.u	tmp1=$a,27,5		}   // a>>27
-{ .mmi;	xor	tmp2=$X[($i+0+1)&0xf],$X[($i+2+1)&0xf]	// +1
-	xor	tmp3=$X[($i+8+1)&0xf],$X[($i+13+1)&0xf]	// +1
+{ .mmi;	xor	$Xn=$Xn,$X[($j+2)%16]	    // forward Xupdate
+	xor	tmp3=$X[($j+8)%16],$X[($j+13)%16]	// forward Xupdate
 	nop.i	0			};;
-{ .mmi;	add	$f=$f,tmp0		    // f+=F_00_19(b,c,d)
-	xor	tmp2=tmp2,tmp3		    // +1
+{ .mmi;	add	$e=$e,tmp0		    // f+=F_00_19(b,c,d)
+	xor	$Xn=$Xn,tmp3		    // forward Xupdate
 	shrp	$b=tmp6,tmp6,2		}   // b=ROTATE(b,30)
 { .mmi;	or	tmp1=tmp1,tmp5		    // ROTATE(a,5)
 	mux2	tmp6=$a,0x44		};; // see b in next iteration
-{ .mii;	add	$f=$f,tmp1		    // f+=ROTATE(a,5)
-	shrp	$e=tmp2,tmp2,31		    // f+1=ROTATE(x[0]^x[2]^x[8]^x[13],1)
+{ .mii;	add	$e=$e,tmp1		    // e+=ROTATE(a,5)
+	shrp	$Xn=$Xn,$Xn,31		    // ROTATE(x[0]^x[2]^x[8]^x[13],1)
 	nop.i	0			};;
 
 ___
@@ -154,51 +142,47 @@ ___
 
 sub BODY_20_39 {
 local	*code=shift;
-local	($i,$a,$b,$c,$d,$e,$f,$Konst)=@_;
+my	($i,$a,$b,$c,$d,$e,$Konst)=@_;
 	$Konst = $K_20_39 if (!defined($Konst));
+my	$j=$i+1;
+my	$Xn=@X[$j%16];
 
 if ($i<79) {
 $code.=<<___;
-{ .mib;	mov	$X[$i&0xf]=$f		    // Xupdate
+{ .mib;	add	$e=$e,$Konst		    // e+=K_XX_XX
 	dep.z	tmp5=$a,5,27		}   // a<<5
 { .mib;	xor	tmp0=$c,$b
-	add	tmp4=$e,$Konst		};;
-{ .mmi;	xor	tmp0=tmp0,$d		    // F_20_39(b,c,d)=b^c^d
-	add	$f=$f,tmp4		    // f+=e+K_20_39
+	xor	$Xn=$Xn,$X[($j+2)%16]	};; // forward Xupdate
+{ .mib;	add	$e=$e,$X[$i%16]		    // e+=Xupdate
 	extr.u	tmp1=$a,27,5		}   // a>>27
-{ .mmi;	xor	tmp2=$X[($i+0+1)&0xf],$X[($i+2+1)&0xf]	// +1
-	xor	tmp3=$X[($i+8+1)&0xf],$X[($i+13+1)&0xf]	// +1
-	nop.i	0			};;
-{ .mmi;	add	$f=$f,tmp0		    // f+=F_20_39(b,c,d)
-	xor	tmp2=tmp2,tmp3		    // +1
+{ .mib;	xor	tmp0=tmp0,$d		    // F_20_39(b,c,d)=b^c^d
+	xor	$Xn=$Xn,$X[($j+8)%16]	};; // forward Xupdate
+{ .mmi;	add	$e=$e,tmp0		    // e+=F_20_39(b,c,d)
+	xor	$Xn=$Xn,$X[($j+13)%16]	    // forward Xupdate
 	shrp	$b=tmp6,tmp6,2		}   // b=ROTATE(b,30)
 { .mmi;	or	tmp1=tmp1,tmp5		    // ROTATE(a,5)
 	mux2	tmp6=$a,0x44		};; // see b in next iteration
-{ .mii;	add	$f=$f,tmp1		    // f+=ROTATE(a,5)
-	shrp	$e=tmp2,tmp2,31		    // f+1=ROTATE(x[0]^x[2]^x[8]^x[13],1)
+{ .mii;	add	$e=$e,tmp1		    // e+=ROTATE(a,5)
+	shrp	$Xn=$Xn,$Xn,31		    // ROTATE(x[0]^x[2]^x[8]^x[13],1)
 	nop.i	0			};;
 
 ___
 }
 else {
 $code.=<<___;
-{ .mib;	mov	$X[$i&0xf]=$f		    // Xupdate
+{ .mib;	add	$e=$e,$Konst		    // e+=K_60_79
 	dep.z	tmp5=$a,5,27		}   // a<<5
 { .mib;	xor	tmp0=$c,$b
-	add	tmp4=$e,$Konst		};;
-{ .mib;	xor	tmp0=tmp0,$d		    // F_20_39(b,c,d)=b^c^d
-	extr.u	tmp1=$a,27,5		}   // a>>27
-{ .mib;	add	$f=$f,tmp4		    // f+=e+K_20_39
 	add	$h1=$h1,$a		};; // wrap up
-{ .mmi;
-(p16)	ld4.s	$X[0]=[inp],4		    // non-faulting prefetch
-	add	$f=$f,tmp0		    // f+=F_20_39(b,c,d)
-	shrp	$b=tmp6,tmp6,2		}   // b=ROTATE(b,30) ;;?
-{ .mmi;	or	tmp1=tmp1,tmp5		    // ROTATE(a,5)
+{ .mib;	add	$e=$e,$X[$i%16]		    // e+=Xupdate
+	extr.u	tmp1=$a,27,5		}   // a>>27
+{ .mib;	xor	tmp0=tmp0,$d		    // F_20_39(b,c,d)=b^c^d
 	add	$h3=$h3,$c		};; // wrap up
-{ .mib;	add	tmp3=1,inp		    // used in unaligned codepath
-	add	$f=$f,tmp1		}   // f+=ROTATE(a,5)
-{ .mib;	add	$h2=$h2,$b		    // wrap up
+{ .mmi;	add	$e=$e,tmp0		    // e+=F_20_39(b,c,d)
+	or	tmp1=tmp1,tmp5		    // ROTATE(a,5)
+	shrp	$b=tmp6,tmp6,2		};; // b=ROTATE(b,30) ;;?
+{ .mmi;	add	$e=$e,tmp1		    // e+=ROTATE(a,5)
+	add	tmp3=1,inp		    // used in unaligned codepath
 	add	$h4=$h4,$d		};; // wrap up
 
 ___
@@ -207,29 +191,29 @@ ___
 
 sub BODY_40_59 {
 local	*code=shift;
-local	($i,$a,$b,$c,$d,$e,$f)=@_;
+my	($i,$a,$b,$c,$d,$e)=@_;
+my	$j=$i+1;
+my	$Xn=@X[$j%16];
 
 $code.=<<___;
-{ .mmi;	mov	$X[$i&0xf]=$f		    // Xupdate
-	and	tmp0=$c,$b
+{ .mib;	add	$e=$e,$K_40_59		    // e+=K_40_59
 	dep.z	tmp5=$a,5,27		}   // a<<5
-{ .mmi;	and	tmp1=$d,$b
-	add	tmp4=$e,$K_40_59	};;
-{ .mmi;	or	tmp0=tmp0,tmp1		    // (b&c)|(b&d)
-	add	$f=$f,tmp4		    // f+=e+K_40_59
+{ .mib;	and	tmp1=$c,$d
+	xor	tmp0=$c,$d		};;
+{ .mmi;	add	$e=$e,$X[$i%16]		    // e+=Xupdate
+	add	tmp5=tmp5,tmp1		    // a<<5+(c&d)
 	extr.u	tmp1=$a,27,5		}   // a>>27
-{ .mmi;	and	tmp4=$c,$d
-	xor	tmp2=$X[($i+0+1)&0xf],$X[($i+2+1)&0xf]	// +1
-	xor	tmp3=$X[($i+8+1)&0xf],$X[($i+13+1)&0xf]	// +1
-	};;
-{ .mmi;	or	tmp1=tmp1,tmp5		    // ROTATE(a,5)
-	xor	tmp2=tmp2,tmp3		    // +1
+{ .mmi;	and	tmp0=tmp0,$b
+	xor	$Xn=$Xn,$X[($j+2)%16]	    // forward Xupdate
+	xor	tmp3=$X[($j+8)%16],$X[($j+13)%16] };;	// forward Xupdate
+{ .mmi;	add	$e=$e,tmp0		    // e+=b&(c^d)
+	add	tmp5=tmp5,tmp1		    // ROTATE(a,5)+(c&d)
 	shrp	$b=tmp6,tmp6,2		}   // b=ROTATE(b,30)
-{ .mmi;	or	tmp0=tmp0,tmp4		    // F_40_59(b,c,d)=(b&c)|(b&d)|(c&d)
+{ .mmi;	xor	$Xn=$Xn,tmp3
 	mux2	tmp6=$a,0x44		};; // see b in next iteration
-{ .mii;	add	$f=$f,tmp0		    // f+=F_40_59(b,c,d)
-	shrp	$e=tmp2,tmp2,31;;	    // f+1=ROTATE(x[0]^x[2]^x[8]^x[13],1)
-	add	$f=$f,tmp1		};; // f+=ROTATE(a,5)
+{ .mii;	add	$e=$e,tmp5		    // e+=ROTATE(a,5)+(c&d)
+	shrp	$Xn=$Xn,$Xn,31		    // ROTATE(x[0]^x[2]^x[8]^x[13],1)
+	nop.i	0x0			};;
 
 ___
 }
@@ -245,179 +229,22 @@ tmp3=r11;
 ctx=r32;	// in0
 inp=r33;	// in1
 
-// void sha1_block_asm_host_order(SHA_CTX *c,const void *p,size_t num);
-.global	sha1_block_asm_host_order#
-.proc	sha1_block_asm_host_order#
+// void sha1_block_data_order(SHA_CTX *c,const void *p,size_t num);
+.global	sha1_block_data_order#
+.proc	sha1_block_data_order#
 .align	32
-sha1_block_asm_host_order:
+sha1_block_data_order:
 	.prologue
-	.fframe	0
-	.save	ar.pfs,r0
-	.save	ar.lc,r3
-{ .mmi;	alloc	tmp1=ar.pfs,3,15,0,0
+{ .mmi;	alloc	tmp1=ar.pfs,3,14,0,0
 	$ADDP	tmp0=4,ctx
-	mov	r3=ar.lc		}
-{ .mmi;	$ADDP	ctx=0,ctx
-	$ADDP	inp=0,inp
-	mov	r2=pr			};;
-tmp4=in2;
-tmp5=loc13;
-tmp6=loc14;
-	.body
-{ .mlx;	ld4	$h0=[ctx],8
-	movl	$K_00_19=0x5a827999	}
-{ .mlx;	ld4	$h1=[tmp0],8
-	movl	$K_20_39=0x6ed9eba1	};;
-{ .mlx;	ld4	$h2=[ctx],8
-	movl	$K_40_59=0x8f1bbcdc	}
-{ .mlx;	ld4	$h3=[tmp0]
-	movl	$K_60_79=0xca62c1d6	};;
-{ .mmi;	ld4	$h4=[ctx],-16
-	add	in2=-1,in2		    // adjust num for ar.lc
-	mov	ar.ec=1			};;
-{ .mmi;	ld4	$X[0]=[inp],4		    // prefetch
-	cmp.ne	p16,p0=r0,in2		    // prefecth at loop end
-	mov	ar.lc=in2		};; // brp.loop.imp: too far
-
-.Lhtop:
-{ .mmi;	mov	$A=$h0
-	mov	$B=$h1
-	mux2	tmp6=$h1,0x44		}
-{ .mmi;	mov	$C=$h2
-	mov	$D=$h3
-	mov	$E=$h4			};;
-
-___
-
-	&BODY_00_15(\$code, 0,$A,$B,$C,$D,$E,$T);
-	&BODY_00_15(\$code, 1,$T,$A,$B,$C,$D,$E);
-	&BODY_00_15(\$code, 2,$E,$T,$A,$B,$C,$D);
-	&BODY_00_15(\$code, 3,$D,$E,$T,$A,$B,$C);
-	&BODY_00_15(\$code, 4,$C,$D,$E,$T,$A,$B);
-	&BODY_00_15(\$code, 5,$B,$C,$D,$E,$T,$A);
-	&BODY_00_15(\$code, 6,$A,$B,$C,$D,$E,$T);
-	&BODY_00_15(\$code, 7,$T,$A,$B,$C,$D,$E);
-	&BODY_00_15(\$code, 8,$E,$T,$A,$B,$C,$D);
-	&BODY_00_15(\$code, 9,$D,$E,$T,$A,$B,$C);
-	&BODY_00_15(\$code,10,$C,$D,$E,$T,$A,$B);
-	&BODY_00_15(\$code,11,$B,$C,$D,$E,$T,$A);
-	&BODY_00_15(\$code,12,$A,$B,$C,$D,$E,$T);
-	&BODY_00_15(\$code,13,$T,$A,$B,$C,$D,$E);
-	&BODY_00_15(\$code,14,$E,$T,$A,$B,$C,$D);
-	&BODY_00_15(\$code,15,$D,$E,$T,$A,$B,$C);
-
-	&BODY_16_19(\$code,16,$C,$D,$E,$T,$A,$B);
-	&BODY_16_19(\$code,17,$B,$C,$D,$E,$T,$A);
-	&BODY_16_19(\$code,18,$A,$B,$C,$D,$E,$T);
-	&BODY_16_19(\$code,19,$T,$A,$B,$C,$D,$E);
-
-	&BODY_20_39(\$code,20,$E,$T,$A,$B,$C,$D);
-	&BODY_20_39(\$code,21,$D,$E,$T,$A,$B,$C);
-	&BODY_20_39(\$code,22,$C,$D,$E,$T,$A,$B);
-	&BODY_20_39(\$code,23,$B,$C,$D,$E,$T,$A);
-	&BODY_20_39(\$code,24,$A,$B,$C,$D,$E,$T);
-	&BODY_20_39(\$code,25,$T,$A,$B,$C,$D,$E);
-	&BODY_20_39(\$code,26,$E,$T,$A,$B,$C,$D);
-	&BODY_20_39(\$code,27,$D,$E,$T,$A,$B,$C);
-	&BODY_20_39(\$code,28,$C,$D,$E,$T,$A,$B);
-	&BODY_20_39(\$code,29,$B,$C,$D,$E,$T,$A);
-	&BODY_20_39(\$code,30,$A,$B,$C,$D,$E,$T);
-	&BODY_20_39(\$code,31,$T,$A,$B,$C,$D,$E);
-	&BODY_20_39(\$code,32,$E,$T,$A,$B,$C,$D);
-	&BODY_20_39(\$code,33,$D,$E,$T,$A,$B,$C);
-	&BODY_20_39(\$code,34,$C,$D,$E,$T,$A,$B);
-	&BODY_20_39(\$code,35,$B,$C,$D,$E,$T,$A);
-	&BODY_20_39(\$code,36,$A,$B,$C,$D,$E,$T);
-	&BODY_20_39(\$code,37,$T,$A,$B,$C,$D,$E);
-	&BODY_20_39(\$code,38,$E,$T,$A,$B,$C,$D);
-	&BODY_20_39(\$code,39,$D,$E,$T,$A,$B,$C);
-
-	&BODY_40_59(\$code,40,$C,$D,$E,$T,$A,$B);
-	&BODY_40_59(\$code,41,$B,$C,$D,$E,$T,$A);
-	&BODY_40_59(\$code,42,$A,$B,$C,$D,$E,$T);
-	&BODY_40_59(\$code,43,$T,$A,$B,$C,$D,$E);
-	&BODY_40_59(\$code,44,$E,$T,$A,$B,$C,$D);
-	&BODY_40_59(\$code,45,$D,$E,$T,$A,$B,$C);
-	&BODY_40_59(\$code,46,$C,$D,$E,$T,$A,$B);
-	&BODY_40_59(\$code,47,$B,$C,$D,$E,$T,$A);
-	&BODY_40_59(\$code,48,$A,$B,$C,$D,$E,$T);
-	&BODY_40_59(\$code,49,$T,$A,$B,$C,$D,$E);
-	&BODY_40_59(\$code,50,$E,$T,$A,$B,$C,$D);
-	&BODY_40_59(\$code,51,$D,$E,$T,$A,$B,$C);
-	&BODY_40_59(\$code,52,$C,$D,$E,$T,$A,$B);
-	&BODY_40_59(\$code,53,$B,$C,$D,$E,$T,$A);
-	&BODY_40_59(\$code,54,$A,$B,$C,$D,$E,$T);
-	&BODY_40_59(\$code,55,$T,$A,$B,$C,$D,$E);
-	&BODY_40_59(\$code,56,$E,$T,$A,$B,$C,$D);
-	&BODY_40_59(\$code,57,$D,$E,$T,$A,$B,$C);
-	&BODY_40_59(\$code,58,$C,$D,$E,$T,$A,$B);
-	&BODY_40_59(\$code,59,$B,$C,$D,$E,$T,$A);
-
-	&BODY_60_79(\$code,60,$A,$B,$C,$D,$E,$T);
-	&BODY_60_79(\$code,61,$T,$A,$B,$C,$D,$E);
-	&BODY_60_79(\$code,62,$E,$T,$A,$B,$C,$D);
-	&BODY_60_79(\$code,63,$D,$E,$T,$A,$B,$C);
-	&BODY_60_79(\$code,64,$C,$D,$E,$T,$A,$B);
-	&BODY_60_79(\$code,65,$B,$C,$D,$E,$T,$A);
-	&BODY_60_79(\$code,66,$A,$B,$C,$D,$E,$T);
-	&BODY_60_79(\$code,67,$T,$A,$B,$C,$D,$E);
-	&BODY_60_79(\$code,68,$E,$T,$A,$B,$C,$D);
-	&BODY_60_79(\$code,69,$D,$E,$T,$A,$B,$C);
-	&BODY_60_79(\$code,70,$C,$D,$E,$T,$A,$B);
-	&BODY_60_79(\$code,71,$B,$C,$D,$E,$T,$A);
-	&BODY_60_79(\$code,72,$A,$B,$C,$D,$E,$T);
-	&BODY_60_79(\$code,73,$T,$A,$B,$C,$D,$E);
-	&BODY_60_79(\$code,74,$E,$T,$A,$B,$C,$D);
-	&BODY_60_79(\$code,75,$D,$E,$T,$A,$B,$C);
-	&BODY_60_79(\$code,76,$C,$D,$E,$T,$A,$B);
-	&BODY_60_79(\$code,77,$B,$C,$D,$E,$T,$A);
-	&BODY_60_79(\$code,78,$A,$B,$C,$D,$E,$T);
-	&BODY_60_79(\$code,79,$T,$A,$B,$C,$D,$E);
-
-$code.=<<___;
-{ .mmb;	add	$h0=$h0,$E
-	nop.m	0
-	br.ctop.dptk.many	.Lhtop	};;
-.Lhend:
-{ .mmi;	add	tmp0=4,ctx
-	mov	ar.lc=r3		};;
-{ .mmi;	st4	[ctx]=$h0,8
-	st4	[tmp0]=$h1,8		};;
-{ .mmi;	st4	[ctx]=$h2,8
-	st4	[tmp0]=$h3		};;
-{ .mib;	st4	[ctx]=$h4,-16
-	mov	pr=r2,0x1ffff
-	br.ret.sptk.many	b0	};;
-.endp	sha1_block_asm_host_order#
-___
-
-
-$code.=<<___;
-// void sha1_block_asm_data_order(SHA_CTX *c,const void *p,size_t num);
-.global	sha1_block_asm_data_order#
-.proc	sha1_block_asm_data_order#
-.align	32
-sha1_block_asm_data_order:
-___
-$code.=<<___ if ($big_endian);
-{ .mmi;	and	r2=3,inp				};;
-{ .mib;	cmp.eq	p6,p0=r0,r2
-(p6)	br.dptk.many	sha1_block_asm_host_order	};;
-___
-$code.=<<___;
-	.prologue
-	.fframe	0
-	.save	ar.pfs,r0
 	.save	ar.lc,r3
-{ .mmi;	alloc	tmp1=ar.pfs,3,15,0,0
-	$ADDP	tmp0=4,ctx
 	mov	r3=ar.lc		}
 { .mmi;	$ADDP	ctx=0,ctx
 	$ADDP	inp=0,inp
 	mov	r2=pr			};;
 tmp4=in2;
-tmp5=loc13;
-tmp6=loc14;
+tmp5=loc12;
+tmp6=loc13;
 	.body
 { .mlx;	ld4	$h0=[ctx],8
 	movl	$K_00_19=0x5a827999	}
@@ -444,94 +271,20 @@ tmp6=loc14;
 
 ___
 
-	&BODY_00_15(\$code, 0,$A,$B,$C,$D,$E,$T,1);
-	&BODY_00_15(\$code, 1,$T,$A,$B,$C,$D,$E,1);
-	&BODY_00_15(\$code, 2,$E,$T,$A,$B,$C,$D,1);
-	&BODY_00_15(\$code, 3,$D,$E,$T,$A,$B,$C,1);
-	&BODY_00_15(\$code, 4,$C,$D,$E,$T,$A,$B,1);
-	&BODY_00_15(\$code, 5,$B,$C,$D,$E,$T,$A,1);
-	&BODY_00_15(\$code, 6,$A,$B,$C,$D,$E,$T,1);
-	&BODY_00_15(\$code, 7,$T,$A,$B,$C,$D,$E,1);
-	&BODY_00_15(\$code, 8,$E,$T,$A,$B,$C,$D,1);
-	&BODY_00_15(\$code, 9,$D,$E,$T,$A,$B,$C,1);
-	&BODY_00_15(\$code,10,$C,$D,$E,$T,$A,$B,1);
-	&BODY_00_15(\$code,11,$B,$C,$D,$E,$T,$A,1);
-	&BODY_00_15(\$code,12,$A,$B,$C,$D,$E,$T,1);
-	&BODY_00_15(\$code,13,$T,$A,$B,$C,$D,$E,1);
-	&BODY_00_15(\$code,14,$E,$T,$A,$B,$C,$D,1);
-	&BODY_00_15(\$code,15,$D,$E,$T,$A,$B,$C,1);
-
-	&BODY_16_19(\$code,16,$C,$D,$E,$T,$A,$B);
-	&BODY_16_19(\$code,17,$B,$C,$D,$E,$T,$A);
-	&BODY_16_19(\$code,18,$A,$B,$C,$D,$E,$T);
-	&BODY_16_19(\$code,19,$T,$A,$B,$C,$D,$E);
+{ my $i,@V=($A,$B,$C,$D,$E);
 
-	&BODY_20_39(\$code,20,$E,$T,$A,$B,$C,$D);
-	&BODY_20_39(\$code,21,$D,$E,$T,$A,$B,$C);
-	&BODY_20_39(\$code,22,$C,$D,$E,$T,$A,$B);
-	&BODY_20_39(\$code,23,$B,$C,$D,$E,$T,$A);
-	&BODY_20_39(\$code,24,$A,$B,$C,$D,$E,$T);
-	&BODY_20_39(\$code,25,$T,$A,$B,$C,$D,$E);
-	&BODY_20_39(\$code,26,$E,$T,$A,$B,$C,$D);
-	&BODY_20_39(\$code,27,$D,$E,$T,$A,$B,$C);
-	&BODY_20_39(\$code,28,$C,$D,$E,$T,$A,$B);
-	&BODY_20_39(\$code,29,$B,$C,$D,$E,$T,$A);
-	&BODY_20_39(\$code,30,$A,$B,$C,$D,$E,$T);
-	&BODY_20_39(\$code,31,$T,$A,$B,$C,$D,$E);
-	&BODY_20_39(\$code,32,$E,$T,$A,$B,$C,$D);
-	&BODY_20_39(\$code,33,$D,$E,$T,$A,$B,$C);
-	&BODY_20_39(\$code,34,$C,$D,$E,$T,$A,$B);
-	&BODY_20_39(\$code,35,$B,$C,$D,$E,$T,$A);
-	&BODY_20_39(\$code,36,$A,$B,$C,$D,$E,$T);
-	&BODY_20_39(\$code,37,$T,$A,$B,$C,$D,$E);
-	&BODY_20_39(\$code,38,$E,$T,$A,$B,$C,$D);
-	&BODY_20_39(\$code,39,$D,$E,$T,$A,$B,$C);
+	for($i=0;$i<16;$i++)	{ &BODY_00_15(\$code,$i,@V); unshift(@V,pop(@V)); }
+	for(;$i<20;$i++)	{ &BODY_16_19(\$code,$i,@V); unshift(@V,pop(@V)); }
+	for(;$i<40;$i++)	{ &BODY_20_39(\$code,$i,@V); unshift(@V,pop(@V)); }
+	for(;$i<60;$i++)	{ &BODY_40_59(\$code,$i,@V); unshift(@V,pop(@V)); }
+	for(;$i<80;$i++)	{ &BODY_60_79(\$code,$i,@V); unshift(@V,pop(@V)); }
 
-	&BODY_40_59(\$code,40,$C,$D,$E,$T,$A,$B);
-	&BODY_40_59(\$code,41,$B,$C,$D,$E,$T,$A);
-	&BODY_40_59(\$code,42,$A,$B,$C,$D,$E,$T);
-	&BODY_40_59(\$code,43,$T,$A,$B,$C,$D,$E);
-	&BODY_40_59(\$code,44,$E,$T,$A,$B,$C,$D);
-	&BODY_40_59(\$code,45,$D,$E,$T,$A,$B,$C);
-	&BODY_40_59(\$code,46,$C,$D,$E,$T,$A,$B);
-	&BODY_40_59(\$code,47,$B,$C,$D,$E,$T,$A);
-	&BODY_40_59(\$code,48,$A,$B,$C,$D,$E,$T);
-	&BODY_40_59(\$code,49,$T,$A,$B,$C,$D,$E);
-	&BODY_40_59(\$code,50,$E,$T,$A,$B,$C,$D);
-	&BODY_40_59(\$code,51,$D,$E,$T,$A,$B,$C);
-	&BODY_40_59(\$code,52,$C,$D,$E,$T,$A,$B);
-	&BODY_40_59(\$code,53,$B,$C,$D,$E,$T,$A);
-	&BODY_40_59(\$code,54,$A,$B,$C,$D,$E,$T);
-	&BODY_40_59(\$code,55,$T,$A,$B,$C,$D,$E);
-	&BODY_40_59(\$code,56,$E,$T,$A,$B,$C,$D);
-	&BODY_40_59(\$code,57,$D,$E,$T,$A,$B,$C);
-	&BODY_40_59(\$code,58,$C,$D,$E,$T,$A,$B);
-	&BODY_40_59(\$code,59,$B,$C,$D,$E,$T,$A);
-
-	&BODY_60_79(\$code,60,$A,$B,$C,$D,$E,$T);
-	&BODY_60_79(\$code,61,$T,$A,$B,$C,$D,$E);
-	&BODY_60_79(\$code,62,$E,$T,$A,$B,$C,$D);
-	&BODY_60_79(\$code,63,$D,$E,$T,$A,$B,$C);
-	&BODY_60_79(\$code,64,$C,$D,$E,$T,$A,$B);
-	&BODY_60_79(\$code,65,$B,$C,$D,$E,$T,$A);
-	&BODY_60_79(\$code,66,$A,$B,$C,$D,$E,$T);
-	&BODY_60_79(\$code,67,$T,$A,$B,$C,$D,$E);
-	&BODY_60_79(\$code,68,$E,$T,$A,$B,$C,$D);
-	&BODY_60_79(\$code,69,$D,$E,$T,$A,$B,$C);
-	&BODY_60_79(\$code,70,$C,$D,$E,$T,$A,$B);
-	&BODY_60_79(\$code,71,$B,$C,$D,$E,$T,$A);
-	&BODY_60_79(\$code,72,$A,$B,$C,$D,$E,$T);
-	&BODY_60_79(\$code,73,$T,$A,$B,$C,$D,$E);
-	&BODY_60_79(\$code,74,$E,$T,$A,$B,$C,$D);
-	&BODY_60_79(\$code,75,$D,$E,$T,$A,$B,$C);
-	&BODY_60_79(\$code,76,$C,$D,$E,$T,$A,$B);
-	&BODY_60_79(\$code,77,$B,$C,$D,$E,$T,$A);
-	&BODY_60_79(\$code,78,$A,$B,$C,$D,$E,$T);
-	&BODY_60_79(\$code,79,$T,$A,$B,$C,$D,$E);
+	(($V[0] eq $A) and ($V[4] eq $E)) or die;	# double-check
+}
 
 $code.=<<___;
-{ .mmb;	add	$h0=$h0,$E
-	nop.m	0
+{ .mmb;	add	$h0=$h0,$A
+	add	$h2=$h2,$C
 	br.ctop.dptk.many	.Ldtop	};;
 .Ldend:
 { .mmi;	add	tmp0=4,ctx
@@ -543,7 +296,9 @@ $code.=<<___;
 { .mib;	st4	[ctx]=$h4,-16
 	mov	pr=r2,0x1ffff
 	br.ret.sptk.many	b0	};;
-.endp	sha1_block_asm_data_order#
+.endp	sha1_block_data_order#
+stringz	"SHA1 block transform for IA64, CRYPTOGAMS by <appro\@openssl.org>"
 ___
 
+$output=shift and open STDOUT,">$output";
 print $code;
diff --git a/crypto/sha/asm/sha1-mips.pl b/crypto/sha/asm/sha1-mips.pl
new file mode 100644
index 0000000000..a2f7aaddc1
--- /dev/null
+++ b/crypto/sha/asm/sha1-mips.pl
@@ -0,0 +1,281 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# SHA1 block procedure for MIPS.
+
+# Performance improvement is 30% on unaligned input. The "secret" is
+# to deploy lwl/lwr pair to load unaligned input. One could have
+# vectorized Xupdate on MIPSIII/IV, but the goal was to code MIPS32-
+# compatible subroutine. There is room for minor optimization on
+# little-endian platforms...
+#
+# The code is somewhat IRIX-centric, i.e. is likely to require minor
+# adaptations for other OSes...
+
+for (@ARGV) {   $big_endian=1 if (/\-DB_ENDIAN/);
+                $big_endian=0 if (/\-DL_ENDIAN/);   }
+if (!defined($big_endian))
+            {   $big_endian=(unpack('L',pack('N',1))==1);   }
+
+# offsets of the Most and Least Significant Bytes
+$MSB=$big_endian?0:3;
+$LSB=3&~$MSB;
+
+@X=(	"\$8",	"\$9",	"\$10",	"\$11",	"\$12",	"\$13",	"\$14",	"\$15",
+	"\$16",	"\$17",	"\$18",	"\$19",	"\$20",	"\$21",	"\$22",	"\$23");
+$ctx="\$4";	# a0
+$inp="\$5";	# a1
+$num="\$6";	# a2
+$A="\$1";
+$B="\$2";
+$C="\$3";
+$D="\$7";
+$E="\$24";	@V=($A,$B,$C,$D,$E);
+$t0="\$25";	# jp,t9
+$t1="\$28";	# gp
+$t2="\$30";	# fp,s8
+$K="\$31";	# ra
+
+$FRAMESIZE=16;
+
+sub BODY_00_14 {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $j=$i+1;
+$code.=<<___	if (!$big_endian);
+	srl	$t0,@X[$i],24	# byte swap($i)
+	srl	$t1,@X[$i],8
+	andi	$t2,@X[$i],0xFF00
+	sll	@X[$i],@X[$i],24
+	andi	$t1,0xFF00
+	sll	$t2,$t2,8
+	or	@X[$i],$t0
+	or	@X[$i],$t1
+	or	@X[$i],$t2
+___
+$code.=<<___;
+	 lwl	@X[$j],$j*4+$MSB($inp)
+	sll	$t0,$a,5	# $i
+	addu	$e,$K
+	 lwr	@X[$j],$j*4+$LSB($inp)
+	srl	$t1,$a,27
+	addu	$e,$t0
+	xor	$t0,$c,$d
+	addu	$e,$t1
+	sll	$t2,$b,30
+	and	$t0,$b
+	srl	$b,$b,2
+	xor	$t0,$d
+	addu	$e,@X[$i]
+	or	$b,$t2
+	addu	$e,$t0
+___
+}
+
+sub BODY_15_19 {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $j=$i+1;
+
+$code.=<<___	if (!$big_endian && $i==15);
+	srl	$t0,@X[$i],24	# byte swap($i)
+	srl	$t1,@X[$i],8
+	andi	$t2,@X[$i],0xFF00
+	sll	@X[$i],@X[$i],24
+	andi	$t1,0xFF00
+	sll	$t2,$t2,8
+	or	@X[$i],$t0
+	or	@X[$i],$t1
+	or	@X[$i],$t2
+___
+$code.=<<___;
+	 xor	@X[$j%16],@X[($j+2)%16]
+	sll	$t0,$a,5	# $i
+	addu	$e,$K
+	srl	$t1,$a,27
+	addu	$e,$t0
+	 xor	@X[$j%16],@X[($j+8)%16]
+	xor	$t0,$c,$d
+	addu	$e,$t1
+	 xor	@X[$j%16],@X[($j+13)%16]
+	sll	$t2,$b,30
+	and	$t0,$b
+	 srl	$t1,@X[$j%16],31
+	 addu	@X[$j%16],@X[$j%16]
+	srl	$b,$b,2
+	xor	$t0,$d
+	 or	@X[$j%16],$t1
+	addu	$e,@X[$i%16]
+	or	$b,$t2
+	addu	$e,$t0
+___
+}
+
+sub BODY_20_39 {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $j=$i+1;
+$code.=<<___ if ($i<79);
+	 xor	@X[$j%16],@X[($j+2)%16]
+	sll	$t0,$a,5	# $i
+	addu	$e,$K
+	srl	$t1,$a,27
+	addu	$e,$t0
+	 xor	@X[$j%16],@X[($j+8)%16]
+	xor	$t0,$c,$d
+	addu	$e,$t1
+	 xor	@X[$j%16],@X[($j+13)%16]
+	sll	$t2,$b,30
+	xor	$t0,$b
+	 srl	$t1,@X[$j%16],31
+	 addu	@X[$j%16],@X[$j%16]
+	srl	$b,$b,2
+	addu	$e,@X[$i%16]
+	 or	@X[$j%16],$t1
+	or	$b,$t2
+	addu	$e,$t0
+___
+$code.=<<___ if ($i==79);
+	 lw	@X[0],0($ctx)
+	sll	$t0,$a,5	# $i
+	addu	$e,$K
+	 lw	@X[1],4($ctx)
+	srl	$t1,$a,27
+	addu	$e,$t0
+	 lw	@X[2],8($ctx)
+	xor	$t0,$c,$d
+	addu	$e,$t1
+	 lw	@X[3],12($ctx)
+	sll	$t2,$b,30
+	xor	$t0,$b
+	 lw	@X[4],16($ctx)
+	srl	$b,$b,2
+	addu	$e,@X[$i%16]
+	or	$b,$t2
+	addu	$e,$t0
+___
+}
+
+sub BODY_40_59 {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $j=$i+1;
+$code.=<<___ if ($i<79);
+	 xor	@X[$j%16],@X[($j+2)%16]
+	sll	$t0,$a,5	# $i
+	addu	$e,$K
+	srl	$t1,$a,27
+	addu	$e,$t0
+	 xor	@X[$j%16],@X[($j+8)%16]
+	and	$t0,$c,$d
+	addu	$e,$t1
+	 xor	@X[$j%16],@X[($j+13)%16]
+	sll	$t2,$b,30
+	addu	$e,$t0
+	 srl	$t1,@X[$j%16],31
+	xor	$t0,$c,$d
+	 addu	@X[$j%16],@X[$j%16]
+	and	$t0,$b
+	srl	$b,$b,2
+	 or	@X[$j%16],$t1
+	addu	$e,@X[$i%16]
+	or	$b,$t2
+	addu	$e,$t0
+___
+}
+
+$code=<<___;
+#include <asm.h>
+#include <regdef.h>
+
+.text
+
+.set	noat
+.set	noreorder
+.align	5
+.globl	sha1_block_data_order
+.ent	sha1_block_data_order
+sha1_block_data_order:
+	.frame	sp,$FRAMESIZE*SZREG,zero
+	.mask	0xd0ff0000,-$FRAMESIZE*SZREG
+	.set	noreorder
+	PTR_SUB	sp,$FRAMESIZE*SZREG
+	REG_S	\$31,($FRAMESIZE-1)*SZREG(sp)
+	REG_S	\$30,($FRAMESIZE-2)*SZREG(sp)
+	REG_S	\$28,($FRAMESIZE-3)*SZREG(sp)
+	REG_S	\$23,($FRAMESIZE-4)*SZREG(sp)
+	REG_S	\$22,($FRAMESIZE-5)*SZREG(sp)
+	REG_S	\$21,($FRAMESIZE-6)*SZREG(sp)
+	REG_S	\$20,($FRAMESIZE-7)*SZREG(sp)
+	REG_S	\$19,($FRAMESIZE-8)*SZREG(sp)
+	REG_S	\$18,($FRAMESIZE-9)*SZREG(sp)
+	REG_S	\$17,($FRAMESIZE-10)*SZREG(sp)
+	REG_S	\$16,($FRAMESIZE-11)*SZREG(sp)
+
+	lw	$A,0($ctx)
+	lw	$B,4($ctx)
+	lw	$C,8($ctx)
+	lw	$D,12($ctx)
+	b	.Loop
+	lw	$E,16($ctx)
+.align	4
+.Loop:
+	.set	reorder
+	lwl	@X[0],$MSB($inp)
+	lui	$K,0x5a82
+	lwr	@X[0],$LSB($inp)
+	ori	$K,0x7999	# K_00_19
+___
+for ($i=0;$i<15;$i++)	{ &BODY_00_14($i,@V); unshift(@V,pop(@V)); }
+for (;$i<20;$i++)	{ &BODY_15_19($i,@V); unshift(@V,pop(@V)); }
+$code.=<<___;
+	lui	$K,0x6ed9
+	ori	$K,0xeba1	# K_20_39
+___
+for (;$i<40;$i++)	{ &BODY_20_39($i,@V); unshift(@V,pop(@V)); }
+$code.=<<___;
+	lui	$K,0x8f1b
+	ori	$K,0xbcdc	# K_40_59
+___
+for (;$i<60;$i++)	{ &BODY_40_59($i,@V); unshift(@V,pop(@V)); }
+$code.=<<___;
+	lui	$K,0xca62
+	ori	$K,0xc1d6	# K_60_79
+___
+for (;$i<80;$i++)	{ &BODY_20_39($i,@V); unshift(@V,pop(@V)); }
+$code.=<<___;
+	addu	$A,$X[0]
+	addu	$B,$X[1]
+	sw	$A,0($ctx)
+	addu	$C,$X[2]
+	addu	$D,$X[3]
+	sw	$B,4($ctx)
+	addu	$E,$X[4]
+	PTR_SUB	$num,1
+	sw	$C,8($ctx)
+	sw	$D,12($ctx)
+	sw	$E,16($ctx)
+	.set	noreorder
+	bnez	$num,.Loop
+	PTR_ADD	$inp,64
+
+	.set	noreorder
+	REG_L	\$31,($FRAMESIZE-1)*SZREG(sp)
+	REG_L	\$30,($FRAMESIZE-2)*SZREG(sp)
+	REG_L	\$28,($FRAMESIZE-3)*SZREG(sp)
+	REG_L	\$23,($FRAMESIZE-4)*SZREG(sp)
+	REG_L	\$22,($FRAMESIZE-5)*SZREG(sp)
+	REG_L	\$21,($FRAMESIZE-6)*SZREG(sp)
+	REG_L	\$20,($FRAMESIZE-7)*SZREG(sp)
+	REG_L	\$19,($FRAMESIZE-8)*SZREG(sp)
+	REG_L	\$18,($FRAMESIZE-9)*SZREG(sp)
+	REG_L	\$17,($FRAMESIZE-10)*SZREG(sp)
+	REG_L	\$16,($FRAMESIZE-11)*SZREG(sp)
+	jr	ra
+	PTR_ADD	sp,$FRAMESIZE*SZREG
+.end	sha1_block_data_order
+___
+print $code;
+close STDOUT;
diff --git a/crypto/sha/asm/sha1-parisc.pl b/crypto/sha/asm/sha1-parisc.pl
new file mode 100644
index 0000000000..6d7bf495b2
--- /dev/null
+++ b/crypto/sha/asm/sha1-parisc.pl
@@ -0,0 +1,259 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# SHA1 block procedure for PA-RISC.
+
+# June 2009.
+#
+# On PA-7100LC performance is >30% better than gcc 3.2 generated code
+# for aligned input and >50% better for unaligned. Compared to vendor
+# compiler on PA-8600 it's almost 60% faster in 64-bit build and just
+# few percent faster in 32-bit one (this for aligned input, data for
+# unaligned input is not available).
+#
+# Special thanks to polarhome.com for providing HP-UX account.
+
+$flavour = shift;
+$output = shift;
+open STDOUT,">$output";
+
+if ($flavour =~ /64/) {
+	$LEVEL		="2.0W";
+	$SIZE_T		=8;
+	$FRAME_MARKER	=80;
+	$SAVED_RP	=16;
+	$PUSH		="std";
+	$PUSHMA		="std,ma";
+	$POP		="ldd";
+	$POPMB		="ldd,mb";
+} else {
+	$LEVEL		="1.0";
+	$SIZE_T		=4;
+	$FRAME_MARKER	=48;
+	$SAVED_RP	=20;
+	$PUSH		="stw";
+	$PUSHMA		="stwm";
+	$POP		="ldw";
+	$POPMB		="ldwm";
+}
+
+$FRAME=14*$SIZE_T+$FRAME_MARKER;# 14 saved regs + frame marker
+				#                 [+ argument transfer]
+$ctx="%r26";		# arg0
+$inp="%r25";		# arg1
+$num="%r24";		# arg2
+
+$t0="%r28";
+$t1="%r29";
+$K="%r31";
+
+@X=("%r1", "%r2", "%r3", "%r4", "%r5", "%r6", "%r7", "%r8",
+    "%r9", "%r10","%r11","%r12","%r13","%r14","%r15","%r16",$t0);
+
+@V=($A,$B,$C,$D,$E)=("%r19","%r20","%r21","%r22","%r23");
+
+sub BODY_00_19 {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $j=$i+1;
+$code.=<<___ if ($i<15);
+	addl	$K,$e,$e	; $i
+	shd	$a,$a,27,$t1
+	addl	@X[$i],$e,$e
+	and	$c,$b,$t0
+	addl	$t1,$e,$e
+	andcm	$d,$b,$t1
+	shd	$b,$b,2,$b
+	or	$t1,$t0,$t0
+	addl	$t0,$e,$e
+___
+$code.=<<___ if ($i>=15);	# with forward Xupdate
+	addl	$K,$e,$e	; $i
+	shd	$a,$a,27,$t1
+	xor	@X[($j+2)%16],@X[$j%16],@X[$j%16]
+	addl	@X[$i%16],$e,$e
+	and	$c,$b,$t0
+	xor	@X[($j+8)%16],@X[$j%16],@X[$j%16]
+	addl	$t1,$e,$e
+	andcm	$d,$b,$t1
+	shd	$b,$b,2,$b
+	or	$t1,$t0,$t0
+	xor	@X[($j+13)%16],@X[$j%16],@X[$j%16]
+	add	$t0,$e,$e
+	shd	@X[$j%16],@X[$j%16],31,@X[$j%16]
+___
+}
+
+sub BODY_20_39 {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $j=$i+1;
+$code.=<<___ if ($i<79);
+	xor	@X[($j+2)%16],@X[$j%16],@X[$j%16]	; $i
+	addl	$K,$e,$e
+	shd	$a,$a,27,$t1
+	xor	@X[($j+8)%16],@X[$j%16],@X[$j%16]
+	addl	@X[$i%16],$e,$e
+	xor	$b,$c,$t0
+	xor	@X[($j+13)%16],@X[$j%16],@X[$j%16]
+	addl	$t1,$e,$e
+	shd	$b,$b,2,$b
+	xor	$d,$t0,$t0
+	shd	@X[$j%16],@X[$j%16],31,@X[$j%16]
+	addl	$t0,$e,$e
+___
+$code.=<<___ if ($i==79);	# with context load
+	ldw	0($ctx),@X[0]	; $i
+	addl	$K,$e,$e
+	shd	$a,$a,27,$t1
+	ldw	4($ctx),@X[1]
+	addl	@X[$i%16],$e,$e
+	xor	$b,$c,$t0
+	ldw	8($ctx),@X[2]
+	addl	$t1,$e,$e
+	shd	$b,$b,2,$b
+	xor	$d,$t0,$t0
+	ldw	12($ctx),@X[3]
+	addl	$t0,$e,$e
+	ldw	16($ctx),@X[4]
+___
+}
+
+sub BODY_40_59 {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $j=$i+1;
+$code.=<<___;
+	shd	$a,$a,27,$t1	; $i
+	addl	$K,$e,$e
+	xor	@X[($j+2)%16],@X[$j%16],@X[$j%16]
+	xor	$d,$c,$t0
+	addl	@X[$i%16],$e,$e
+	xor	@X[($j+8)%16],@X[$j%16],@X[$j%16]
+	and	$b,$t0,$t0
+	addl	$t1,$e,$e
+	shd	$b,$b,2,$b
+	xor	@X[($j+13)%16],@X[$j%16],@X[$j%16]
+	addl	$t0,$e,$e
+	and	$d,$c,$t1
+	shd	@X[$j%16],@X[$j%16],31,@X[$j%16]
+	addl	$t1,$e,$e
+___
+}
+
+$code=<<___;
+	.LEVEL	$LEVEL
+	.SPACE	\$TEXT\$
+	.SUBSPA	\$CODE\$,QUAD=0,ALIGN=8,ACCESS=0x2C,CODE_ONLY
+
+	.EXPORT	sha1_block_data_order,ENTRY,ARGW0=GR,ARGW1=GR,ARGW2=GR
+sha1_block_data_order
+	.PROC
+	.CALLINFO	FRAME=`$FRAME-14*$SIZE_T`,NO_CALLS,SAVE_RP,ENTRY_GR=16
+	.ENTRY
+	$PUSH	%r2,-$SAVED_RP(%sp)	; standard prologue
+	$PUSHMA	%r3,$FRAME(%sp)
+	$PUSH	%r4,`-$FRAME+1*$SIZE_T`(%sp)
+	$PUSH	%r5,`-$FRAME+2*$SIZE_T`(%sp)
+	$PUSH	%r6,`-$FRAME+3*$SIZE_T`(%sp)
+	$PUSH	%r7,`-$FRAME+4*$SIZE_T`(%sp)
+	$PUSH	%r8,`-$FRAME+5*$SIZE_T`(%sp)
+	$PUSH	%r9,`-$FRAME+6*$SIZE_T`(%sp)
+	$PUSH	%r10,`-$FRAME+7*$SIZE_T`(%sp)
+	$PUSH	%r11,`-$FRAME+8*$SIZE_T`(%sp)
+	$PUSH	%r12,`-$FRAME+9*$SIZE_T`(%sp)
+	$PUSH	%r13,`-$FRAME+10*$SIZE_T`(%sp)
+	$PUSH	%r14,`-$FRAME+11*$SIZE_T`(%sp)
+	$PUSH	%r15,`-$FRAME+12*$SIZE_T`(%sp)
+	$PUSH	%r16,`-$FRAME+13*$SIZE_T`(%sp)
+
+	ldw	0($ctx),$A
+	ldw	4($ctx),$B
+	ldw	8($ctx),$C
+	ldw	12($ctx),$D
+	ldw	16($ctx),$E
+
+	extru	$inp,31,2,$t0		; t0=inp&3;
+	sh3addl	$t0,%r0,$t0		; t0*=8;
+	subi	32,$t0,$t0		; t0=32-t0;
+	mtctl	$t0,%cr11		; %sar=t0;
+
+L\$oop
+	ldi	3,$t0
+	andcm	$inp,$t0,$t0		; 64-bit neutral
+___
+	for ($i=0;$i<15;$i++) {		# load input block
+	$code.="\tldw	`4*$i`($t0),@X[$i]\n";		}
+$code.=<<___;
+	cmpb,*=	$inp,$t0,L\$aligned
+	ldw	60($t0),@X[15]
+	ldw	64($t0),@X[16]
+___
+	for ($i=0;$i<16;$i++) {		# align input
+	$code.="\tvshd	@X[$i],@X[$i+1],@X[$i]\n";	}
+$code.=<<___;
+L\$aligned
+	ldil	L'0x5a827000,$K		; K_00_19
+	ldo	0x999($K),$K
+___
+for ($i=0;$i<20;$i++)   { &BODY_00_19($i,@V); unshift(@V,pop(@V)); }
+$code.=<<___;
+	ldil	L'0x6ed9e000,$K		; K_20_39
+	ldo	0xba1($K),$K
+___
+
+for (;$i<40;$i++)       { &BODY_20_39($i,@V); unshift(@V,pop(@V)); }
+$code.=<<___;
+	ldil	L'0x8f1bb000,$K		; K_40_59
+	ldo	0xcdc($K),$K
+___
+
+for (;$i<60;$i++)       { &BODY_40_59($i,@V); unshift(@V,pop(@V)); }
+$code.=<<___;
+	ldil	L'0xca62c000,$K		; K_60_79
+	ldo	0x1d6($K),$K
+___
+for (;$i<80;$i++)       { &BODY_20_39($i,@V); unshift(@V,pop(@V)); }
+
+$code.=<<___;
+	addl	@X[0],$A,$A
+	addl	@X[1],$B,$B
+	addl	@X[2],$C,$C
+	addl	@X[3],$D,$D
+	addl	@X[4],$E,$E
+	stw	$A,0($ctx)
+	stw	$B,4($ctx)
+	stw	$C,8($ctx)
+	stw	$D,12($ctx)
+	stw	$E,16($ctx)
+	addib,*<> -1,$num,L\$oop
+	ldo	64($inp),$inp
+
+	$POP	`-$FRAME-$SAVED_RP`(%sp),%r2	; standard epilogue
+	$POP	`-$FRAME+1*$SIZE_T`(%sp),%r4
+	$POP	`-$FRAME+2*$SIZE_T`(%sp),%r5
+	$POP	`-$FRAME+3*$SIZE_T`(%sp),%r6
+	$POP	`-$FRAME+4*$SIZE_T`(%sp),%r7
+	$POP	`-$FRAME+5*$SIZE_T`(%sp),%r8
+	$POP	`-$FRAME+6*$SIZE_T`(%sp),%r9
+	$POP	`-$FRAME+7*$SIZE_T`(%sp),%r10
+	$POP	`-$FRAME+8*$SIZE_T`(%sp),%r11
+	$POP	`-$FRAME+9*$SIZE_T`(%sp),%r12
+	$POP	`-$FRAME+10*$SIZE_T`(%sp),%r13
+	$POP	`-$FRAME+11*$SIZE_T`(%sp),%r14
+	$POP	`-$FRAME+12*$SIZE_T`(%sp),%r15
+	$POP	`-$FRAME+13*$SIZE_T`(%sp),%r16
+	bv	(%r2)
+	.EXIT
+	$POPMB	-$FRAME(%sp),%r3
+	.PROCEND
+	.STRINGZ "SHA1 block transform for PA-RISC, CRYPTOGAMS by <appro\@openssl.org>"
+___
+
+$code =~ s/\`([^\`]*)\`/eval $1/gem;
+$code =~ s/,\*/,/gm if ($SIZE_T==4);
+print $code;
+close STDOUT;
diff --git a/crypto/sha/asm/sha1-ppc.pl b/crypto/sha/asm/sha1-ppc.pl
new file mode 100755
index 0000000000..dcd0fcdfcf
--- /dev/null
+++ b/crypto/sha/asm/sha1-ppc.pl
@@ -0,0 +1,319 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# I let hardware handle unaligned input(*), except on page boundaries
+# (see below for details). Otherwise straightforward implementation
+# with X vector in register bank. The module is big-endian [which is
+# not big deal as there're no little-endian targets left around].
+#
+# (*) this means that this module is inappropriate for PPC403? Does
+#     anybody know if pre-POWER3 can sustain unaligned load?
+
+# 			-m64	-m32
+# ----------------------------------
+# PPC970,gcc-4.0.0	+76%	+59%
+# Power6,xlc-7		+68%	+33%
+
+$flavour = shift;
+
+if ($flavour =~ /64/) {
+	$SIZE_T	=8;
+	$UCMP	="cmpld";
+	$STU	="stdu";
+	$POP	="ld";
+	$PUSH	="std";
+} elsif ($flavour =~ /32/) {
+	$SIZE_T	=4;
+	$UCMP	="cmplw";
+	$STU	="stwu";
+	$POP	="lwz";
+	$PUSH	="stw";
+} else { die "nonsense $flavour"; }
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+( $xlate="${dir}ppc-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}../../perlasm/ppc-xlate.pl" and -f $xlate) or
+die "can't locate ppc-xlate.pl";
+
+open STDOUT,"| $^X $xlate $flavour ".shift || die "can't call $xlate: $!";
+
+$FRAME=24*$SIZE_T;
+
+$K  ="r0";
+$sp ="r1";
+$toc="r2";
+$ctx="r3";
+$inp="r4";
+$num="r5";
+$t0 ="r15";
+$t1 ="r6";
+
+$A  ="r7";
+$B  ="r8";
+$C  ="r9";
+$D  ="r10";
+$E  ="r11";
+$T  ="r12";
+
+@V=($A,$B,$C,$D,$E,$T);
+@X=("r16","r17","r18","r19","r20","r21","r22","r23",
+    "r24","r25","r26","r27","r28","r29","r30","r31");
+
+sub BODY_00_19 {
+my ($i,$a,$b,$c,$d,$e,$f)=@_;
+my $j=$i+1;
+$code.=<<___ if ($i==0);
+	lwz	@X[$i],`$i*4`($inp)
+___
+$code.=<<___ if ($i<15);
+	lwz	@X[$j],`$j*4`($inp)
+	add	$f,$K,$e
+	rotlwi	$e,$a,5
+	add	$f,$f,@X[$i]
+	and	$t0,$c,$b
+	add	$f,$f,$e
+	andc	$t1,$d,$b
+	rotlwi	$b,$b,30
+	or	$t0,$t0,$t1
+	add	$f,$f,$t0
+___
+$code.=<<___ if ($i>=15);
+	add	$f,$K,$e
+	rotlwi	$e,$a,5
+	xor	@X[$j%16],@X[$j%16],@X[($j+2)%16]
+	add	$f,$f,@X[$i%16]
+	and	$t0,$c,$b
+	xor	@X[$j%16],@X[$j%16],@X[($j+8)%16]
+	add	$f,$f,$e
+	andc	$t1,$d,$b
+	rotlwi	$b,$b,30
+	or	$t0,$t0,$t1
+	xor	@X[$j%16],@X[$j%16],@X[($j+13)%16]
+	add	$f,$f,$t0
+	rotlwi	@X[$j%16],@X[$j%16],1
+___
+}
+
+sub BODY_20_39 {
+my ($i,$a,$b,$c,$d,$e,$f)=@_;
+my $j=$i+1;
+$code.=<<___ if ($i<79);
+	add	$f,$K,$e
+	rotlwi	$e,$a,5
+	xor	@X[$j%16],@X[$j%16],@X[($j+2)%16]
+	add	$f,$f,@X[$i%16]
+	xor	$t0,$b,$c
+	xor	@X[$j%16],@X[$j%16],@X[($j+8)%16]
+	add	$f,$f,$e
+	rotlwi	$b,$b,30
+	xor	$t0,$t0,$d
+	xor	@X[$j%16],@X[$j%16],@X[($j+13)%16]
+	add	$f,$f,$t0
+	rotlwi	@X[$j%16],@X[$j%16],1
+___
+$code.=<<___ if ($i==79);
+	add	$f,$K,$e
+	rotlwi	$e,$a,5
+	lwz	r16,0($ctx)
+	add	$f,$f,@X[$i%16]
+	xor	$t0,$b,$c
+	lwz	r17,4($ctx)
+	add	$f,$f,$e
+	rotlwi	$b,$b,30
+	lwz	r18,8($ctx)
+	xor	$t0,$t0,$d
+	lwz	r19,12($ctx)
+	add	$f,$f,$t0
+	lwz	r20,16($ctx)
+___
+}
+
+sub BODY_40_59 {
+my ($i,$a,$b,$c,$d,$e,$f)=@_;
+my $j=$i+1;
+$code.=<<___;
+	add	$f,$K,$e
+	rotlwi	$e,$a,5
+	xor	@X[$j%16],@X[$j%16],@X[($j+2)%16]
+	add	$f,$f,@X[$i%16]
+	and	$t0,$b,$c
+	xor	@X[$j%16],@X[$j%16],@X[($j+8)%16]
+	add	$f,$f,$e
+	or	$t1,$b,$c
+	rotlwi	$b,$b,30
+	xor	@X[$j%16],@X[$j%16],@X[($j+13)%16]
+	and	$t1,$t1,$d
+	or	$t0,$t0,$t1
+	rotlwi	@X[$j%16],@X[$j%16],1
+	add	$f,$f,$t0
+___
+}
+
+$code=<<___;
+.machine	"any"
+.text
+
+.globl	.sha1_block_data_order
+.align	4
+.sha1_block_data_order:
+	mflr	r0
+	$STU	$sp,`-($FRAME+64)`($sp)
+	$PUSH	r0,`$FRAME-$SIZE_T*18`($sp)
+	$PUSH	r15,`$FRAME-$SIZE_T*17`($sp)
+	$PUSH	r16,`$FRAME-$SIZE_T*16`($sp)
+	$PUSH	r17,`$FRAME-$SIZE_T*15`($sp)
+	$PUSH	r18,`$FRAME-$SIZE_T*14`($sp)
+	$PUSH	r19,`$FRAME-$SIZE_T*13`($sp)
+	$PUSH	r20,`$FRAME-$SIZE_T*12`($sp)
+	$PUSH	r21,`$FRAME-$SIZE_T*11`($sp)
+	$PUSH	r22,`$FRAME-$SIZE_T*10`($sp)
+	$PUSH	r23,`$FRAME-$SIZE_T*9`($sp)
+	$PUSH	r24,`$FRAME-$SIZE_T*8`($sp)
+	$PUSH	r25,`$FRAME-$SIZE_T*7`($sp)
+	$PUSH	r26,`$FRAME-$SIZE_T*6`($sp)
+	$PUSH	r27,`$FRAME-$SIZE_T*5`($sp)
+	$PUSH	r28,`$FRAME-$SIZE_T*4`($sp)
+	$PUSH	r29,`$FRAME-$SIZE_T*3`($sp)
+	$PUSH	r30,`$FRAME-$SIZE_T*2`($sp)
+	$PUSH	r31,`$FRAME-$SIZE_T*1`($sp)
+	lwz	$A,0($ctx)
+	lwz	$B,4($ctx)
+	lwz	$C,8($ctx)
+	lwz	$D,12($ctx)
+	lwz	$E,16($ctx)
+	andi.	r0,$inp,3
+	bne	Lunaligned
+Laligned:
+	mtctr	$num
+	bl	Lsha1_block_private
+Ldone:
+	$POP	r0,`$FRAME-$SIZE_T*18`($sp)
+	$POP	r15,`$FRAME-$SIZE_T*17`($sp)
+	$POP	r16,`$FRAME-$SIZE_T*16`($sp)
+	$POP	r17,`$FRAME-$SIZE_T*15`($sp)
+	$POP	r18,`$FRAME-$SIZE_T*14`($sp)
+	$POP	r19,`$FRAME-$SIZE_T*13`($sp)
+	$POP	r20,`$FRAME-$SIZE_T*12`($sp)
+	$POP	r21,`$FRAME-$SIZE_T*11`($sp)
+	$POP	r22,`$FRAME-$SIZE_T*10`($sp)
+	$POP	r23,`$FRAME-$SIZE_T*9`($sp)
+	$POP	r24,`$FRAME-$SIZE_T*8`($sp)
+	$POP	r25,`$FRAME-$SIZE_T*7`($sp)
+	$POP	r26,`$FRAME-$SIZE_T*6`($sp)
+	$POP	r27,`$FRAME-$SIZE_T*5`($sp)
+	$POP	r28,`$FRAME-$SIZE_T*4`($sp)
+	$POP	r29,`$FRAME-$SIZE_T*3`($sp)
+	$POP	r30,`$FRAME-$SIZE_T*2`($sp)
+	$POP	r31,`$FRAME-$SIZE_T*1`($sp)
+	mtlr	r0
+	addi	$sp,$sp,`$FRAME+64`
+	blr
+___
+
+# PowerPC specification allows an implementation to be ill-behaved
+# upon unaligned access which crosses page boundary. "Better safe
+# than sorry" principle makes me treat it specially. But I don't
+# look for particular offending word, but rather for 64-byte input
+# block which crosses the boundary. Once found that block is aligned
+# and hashed separately...
+$code.=<<___;
+.align	4
+Lunaligned:
+	subfic	$t1,$inp,4096
+	andi.	$t1,$t1,4095	; distance to closest page boundary
+	srwi.	$t1,$t1,6	; t1/=64
+	beq	Lcross_page
+	$UCMP	$num,$t1
+	ble-	Laligned	; didn't cross the page boundary
+	mtctr	$t1
+	subfc	$num,$t1,$num
+	bl	Lsha1_block_private
+Lcross_page:
+	li	$t1,16
+	mtctr	$t1
+	addi	r20,$sp,$FRAME	; spot below the frame
+Lmemcpy:
+	lbz	r16,0($inp)
+	lbz	r17,1($inp)
+	lbz	r18,2($inp)
+	lbz	r19,3($inp)
+	addi	$inp,$inp,4
+	stb	r16,0(r20)
+	stb	r17,1(r20)
+	stb	r18,2(r20)
+	stb	r19,3(r20)
+	addi	r20,r20,4
+	bdnz	Lmemcpy
+
+	$PUSH	$inp,`$FRAME-$SIZE_T*19`($sp)
+	li	$t1,1
+	addi	$inp,$sp,$FRAME
+	mtctr	$t1
+	bl	Lsha1_block_private
+	$POP	$inp,`$FRAME-$SIZE_T*19`($sp)
+	addic.	$num,$num,-1
+	bne-	Lunaligned
+	b	Ldone
+___
+
+# This is private block function, which uses tailored calling
+# interface, namely upon entry SHA_CTX is pre-loaded to given
+# registers and counter register contains amount of chunks to
+# digest...
+$code.=<<___;
+.align	4
+Lsha1_block_private:
+___
+$code.=<<___;	# load K_00_19
+	lis	$K,0x5a82
+	ori	$K,$K,0x7999
+___
+for($i=0;$i<20;$i++)	{ &BODY_00_19($i,@V); unshift(@V,pop(@V)); }
+$code.=<<___;	# load K_20_39
+	lis	$K,0x6ed9
+	ori	$K,$K,0xeba1
+___
+for(;$i<40;$i++)	{ &BODY_20_39($i,@V); unshift(@V,pop(@V)); }
+$code.=<<___;	# load K_40_59
+	lis	$K,0x8f1b
+	ori	$K,$K,0xbcdc
+___
+for(;$i<60;$i++)	{ &BODY_40_59($i,@V); unshift(@V,pop(@V)); }
+$code.=<<___;	# load K_60_79
+	lis	$K,0xca62
+	ori	$K,$K,0xc1d6
+___
+for(;$i<80;$i++)	{ &BODY_20_39($i,@V); unshift(@V,pop(@V)); }
+$code.=<<___;
+	add	r16,r16,$E
+	add	r17,r17,$T
+	add	r18,r18,$A
+	add	r19,r19,$B
+	add	r20,r20,$C
+	stw	r16,0($ctx)
+	mr	$A,r16
+	stw	r17,4($ctx)
+	mr	$B,r17
+	stw	r18,8($ctx)
+	mr	$C,r18
+	stw	r19,12($ctx)
+	mr	$D,r19
+	stw	r20,16($ctx)
+	mr	$E,r20
+	addi	$inp,$inp,`16*4`
+	bdnz-	Lsha1_block_private
+	blr
+___
+$code.=<<___;
+.asciz	"SHA1 block transform for PPC, CRYPTOGAMS by <appro\@fy.chalmers.se>"
+___
+
+$code =~ s/\`([^\`]*)\`/eval $1/gem;
+print $code;
+close STDOUT;
diff --git a/crypto/sha/asm/sha1-s390x.pl b/crypto/sha/asm/sha1-s390x.pl
new file mode 100644
index 0000000000..4b17848287
--- /dev/null
+++ b/crypto/sha/asm/sha1-s390x.pl
@@ -0,0 +1,226 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# SHA1 block procedure for s390x.
+
+# April 2007.
+#
+# Performance is >30% better than gcc 3.3 generated code. But the real
+# twist is that SHA1 hardware support is detected and utilized. In
+# which case performance can reach further >4.5x for larger chunks.
+
+# January 2009.
+#
+# Optimize Xupdate for amount of memory references and reschedule
+# instructions to favour dual-issue z10 pipeline. On z10 hardware is
+# "only" ~2.3x faster than software.
+
+$kimdfunc=1;	# magic function code for kimd instruction
+
+$output=shift;
+open STDOUT,">$output";
+
+$K_00_39="%r0"; $K=$K_00_39;
+$K_40_79="%r1";
+$ctx="%r2";	$prefetch="%r2";
+$inp="%r3";
+$len="%r4";
+
+$A="%r5";
+$B="%r6";
+$C="%r7";
+$D="%r8";
+$E="%r9";	@V=($A,$B,$C,$D,$E);
+$t0="%r10";
+$t1="%r11";
+@X=("%r12","%r13","%r14");
+$sp="%r15";
+
+$frame=160+16*4;
+
+sub Xupdate {
+my $i=shift;
+
+$code.=<<___ if ($i==15);
+	lg	$prefetch,160($sp)	### Xupdate(16) warm-up
+	lr	$X[0],$X[2]
+___
+return if ($i&1);	# Xupdate is vectorized and executed every 2nd cycle
+$code.=<<___ if ($i<16);
+	lg	$X[0],`$i*4`($inp)	### Xload($i)
+	rllg	$X[1],$X[0],32
+___
+$code.=<<___ if ($i>=16);
+	xgr	$X[0],$prefetch		### Xupdate($i)
+	lg	$prefetch,`160+4*(($i+2)%16)`($sp)
+	xg	$X[0],`160+4*(($i+8)%16)`($sp)
+	xgr	$X[0],$prefetch
+	rll	$X[0],$X[0],1
+	rllg	$X[1],$X[0],32
+	rll	$X[1],$X[1],1
+	rllg	$X[0],$X[1],32
+	lr	$X[2],$X[1]		# feedback
+___
+$code.=<<___ if ($i<=70);
+	stg	$X[0],`160+4*($i%16)`($sp)
+___
+unshift(@X,pop(@X));
+}
+
+sub BODY_00_19 {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $xi=$X[1];
+
+	&Xupdate($i);
+$code.=<<___;
+	alr	$e,$K		### $i
+	rll	$t1,$a,5
+	lr	$t0,$d
+	xr	$t0,$c
+	alr	$e,$t1
+	nr	$t0,$b
+	alr	$e,$xi
+	xr	$t0,$d
+	rll	$b,$b,30
+	alr	$e,$t0
+___
+}
+
+sub BODY_20_39 {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $xi=$X[1];
+
+	&Xupdate($i);
+$code.=<<___;
+	alr	$e,$K		### $i
+	rll	$t1,$a,5
+	lr	$t0,$b
+	alr	$e,$t1
+	xr	$t0,$c
+	alr	$e,$xi
+	xr	$t0,$d
+	rll	$b,$b,30
+	alr	$e,$t0
+___
+}
+
+sub BODY_40_59 {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $xi=$X[1];
+
+	&Xupdate($i);
+$code.=<<___;
+	alr	$e,$K		### $i
+	rll	$t1,$a,5
+	lr	$t0,$b
+	alr	$e,$t1
+	or	$t0,$c
+	lr	$t1,$b
+	nr	$t0,$d
+	nr	$t1,$c
+	alr	$e,$xi
+	or	$t0,$t1
+	rll	$b,$b,30
+	alr	$e,$t0
+___
+}
+
+$code.=<<___;
+.text
+.align	64
+.type	Ktable,\@object
+Ktable: .long	0x5a827999,0x6ed9eba1,0x8f1bbcdc,0xca62c1d6
+	.skip	48	#.long	0,0,0,0,0,0,0,0,0,0,0,0
+.size	Ktable,.-Ktable
+.globl	sha1_block_data_order
+.type	sha1_block_data_order,\@function
+sha1_block_data_order:
+___
+$code.=<<___ if ($kimdfunc);
+	larl	%r1,OPENSSL_s390xcap_P
+	lg	%r0,0(%r1)
+	tmhl	%r0,0x4000	# check for message-security assist
+	jz	.Lsoftware
+	lghi	%r0,0
+	la	%r1,16($sp)
+	.long	0xb93e0002	# kimd %r0,%r2
+	lg	%r0,16($sp)
+	tmhh	%r0,`0x8000>>$kimdfunc`
+	jz	.Lsoftware
+	lghi	%r0,$kimdfunc
+	lgr	%r1,$ctx
+	lgr	%r2,$inp
+	sllg	%r3,$len,6
+	.long	0xb93e0002	# kimd %r0,%r2
+	brc	1,.-4		# pay attention to "partial completion"
+	br	%r14
+.align	16
+.Lsoftware:
+___
+$code.=<<___;
+	lghi	%r1,-$frame
+	stg	$ctx,16($sp)
+	stmg	%r6,%r15,48($sp)
+	lgr	%r0,$sp
+	la	$sp,0(%r1,$sp)
+	stg	%r0,0($sp)
+
+	larl	$t0,Ktable
+	llgf	$A,0($ctx)
+	llgf	$B,4($ctx)
+	llgf	$C,8($ctx)
+	llgf	$D,12($ctx)
+	llgf	$E,16($ctx)
+
+	lg	$K_00_39,0($t0)
+	lg	$K_40_79,8($t0)
+
+.Lloop:
+	rllg	$K_00_39,$K_00_39,32
+___
+for ($i=0;$i<20;$i++)	{ &BODY_00_19($i,@V); unshift(@V,pop(@V)); }
+$code.=<<___;
+	rllg	$K_00_39,$K_00_39,32
+___
+for (;$i<40;$i++)	{ &BODY_20_39($i,@V); unshift(@V,pop(@V)); }
+$code.=<<___;	$K=$K_40_79;
+	rllg	$K_40_79,$K_40_79,32
+___
+for (;$i<60;$i++)	{ &BODY_40_59($i,@V); unshift(@V,pop(@V)); }
+$code.=<<___;
+	rllg	$K_40_79,$K_40_79,32
+___
+for (;$i<80;$i++)	{ &BODY_20_39($i,@V); unshift(@V,pop(@V)); }
+$code.=<<___;
+
+	lg	$ctx,`$frame+16`($sp)
+	la	$inp,64($inp)
+	al	$A,0($ctx)
+	al	$B,4($ctx)
+	al	$C,8($ctx)
+	al	$D,12($ctx)
+	al	$E,16($ctx)
+	st	$A,0($ctx)
+	st	$B,4($ctx)
+	st	$C,8($ctx)
+	st	$D,12($ctx)
+	st	$E,16($ctx)
+	brct	$len,.Lloop
+
+	lmg	%r6,%r15,`$frame+48`($sp)
+	br	%r14
+.size	sha1_block_data_order,.-sha1_block_data_order
+.string	"SHA1 block transform for s390x, CRYPTOGAMS by <appro\@openssl.org>"
+.comm	OPENSSL_s390xcap_P,8,8
+___
+
+$code =~ s/\`([^\`]*)\`/eval $1/gem;
+
+print $code;
+close STDOUT;
diff --git a/crypto/sha/asm/sha1-sparcv9.pl b/crypto/sha/asm/sha1-sparcv9.pl
new file mode 100644
index 0000000000..8306fc88cc
--- /dev/null
+++ b/crypto/sha/asm/sha1-sparcv9.pl
@@ -0,0 +1,283 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# Performance improvement is not really impressive on pre-T1 CPU: +8%
+# over Sun C and +25% over gcc [3.3]. While on T1, a.k.a. Niagara, it
+# turned to be 40% faster than 64-bit code generated by Sun C 5.8 and
+# >2x than 64-bit code generated by gcc 3.4. And there is a gimmick.
+# X[16] vector is packed to 8 64-bit registers and as result nothing
+# is spilled on stack. In addition input data is loaded in compact
+# instruction sequence, thus minimizing the window when the code is
+# subject to [inter-thread] cache-thrashing hazard. The goal is to
+# ensure scalability on UltraSPARC T1, or rather to avoid decay when
+# amount of active threads exceeds the number of physical cores.
+
+$bits=32;
+for (@ARGV)	{ $bits=64 if (/\-m64/ || /\-xarch\=v9/); }
+if ($bits==64)	{ $bias=2047; $frame=192; }
+else		{ $bias=0;    $frame=112; }
+
+$output=shift;
+open STDOUT,">$output";
+
+@X=("%o0","%o1","%o2","%o3","%o4","%o5","%g1","%o7");
+$rot1m="%g2";
+$tmp64="%g3";
+$Xi="%g4";
+$A="%l0";
+$B="%l1";
+$C="%l2";
+$D="%l3";
+$E="%l4";
+@V=($A,$B,$C,$D,$E);
+$K_00_19="%l5";
+$K_20_39="%l6";
+$K_40_59="%l7";
+$K_60_79="%g5";
+@K=($K_00_19,$K_20_39,$K_40_59,$K_60_79);
+
+$ctx="%i0";
+$inp="%i1";
+$len="%i2";
+$tmp0="%i3";
+$tmp1="%i4";
+$tmp2="%i5";
+
+sub BODY_00_15 {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $xi=($i&1)?@X[($i/2)%8]:$Xi;
+
+$code.=<<___;
+	sll	$a,5,$tmp0		!! $i
+	add	@K[$i/20],$e,$e
+	srl	$a,27,$tmp1
+	add	$tmp0,$e,$e
+	and	$c,$b,$tmp0
+	add	$tmp1,$e,$e
+	sll	$b,30,$tmp2
+	andn	$d,$b,$tmp1
+	srl	$b,2,$b
+	or	$tmp1,$tmp0,$tmp1
+	or	$tmp2,$b,$b
+	add	$xi,$e,$e
+___
+if ($i&1 && $i<15) {
+	$code.=
+	"	srlx	@X[(($i+1)/2)%8],32,$Xi\n";
+}
+$code.=<<___;
+	add	$tmp1,$e,$e
+___
+}
+
+sub Xupdate {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $j=$i/2;
+
+if ($i&1) {
+$code.=<<___;
+	sll	$a,5,$tmp0		!! $i
+	add	@K[$i/20],$e,$e
+	srl	$a,27,$tmp1
+___
+} else {
+$code.=<<___;
+	sllx	@X[($j+6)%8],32,$Xi	! Xupdate($i)
+	xor	@X[($j+1)%8],@X[$j%8],@X[$j%8]
+	srlx	@X[($j+7)%8],32,$tmp1
+	xor	@X[($j+4)%8],@X[$j%8],@X[$j%8]
+	sll	$a,5,$tmp0		!! $i
+	or	$tmp1,$Xi,$Xi
+	add	@K[$i/20],$e,$e		!!
+	xor	$Xi,@X[$j%8],@X[$j%8]
+	srlx	@X[$j%8],31,$Xi
+	add	@X[$j%8],@X[$j%8],@X[$j%8]
+	and	$Xi,$rot1m,$Xi
+	andn	@X[$j%8],$rot1m,@X[$j%8]
+	srl	$a,27,$tmp1		!!
+	or	$Xi,@X[$j%8],@X[$j%8]
+___
+}
+}
+
+sub BODY_16_19 {
+my ($i,$a,$b,$c,$d,$e)=@_;
+
+	&Xupdate(@_);
+    if ($i&1) {
+	$xi=@X[($i/2)%8];
+    } else {
+	$xi=$Xi;
+	$code.="\tsrlx	@X[($i/2)%8],32,$xi\n";
+    }
+$code.=<<___;
+	add	$tmp0,$e,$e		!!
+	and	$c,$b,$tmp0
+	add	$tmp1,$e,$e
+	sll	$b,30,$tmp2
+	add	$xi,$e,$e
+	andn	$d,$b,$tmp1
+	srl	$b,2,$b
+	or	$tmp1,$tmp0,$tmp1
+	or	$tmp2,$b,$b
+	add	$tmp1,$e,$e
+___
+}
+
+sub BODY_20_39 {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $xi;
+	&Xupdate(@_);
+    if ($i&1) {
+	$xi=@X[($i/2)%8];
+    } else {
+	$xi=$Xi;
+	$code.="\tsrlx	@X[($i/2)%8],32,$xi\n";
+    }
+$code.=<<___;
+	add	$tmp0,$e,$e		!!
+	xor	$c,$b,$tmp0
+	add	$tmp1,$e,$e
+	sll	$b,30,$tmp2
+	xor	$d,$tmp0,$tmp1
+	srl	$b,2,$b
+	add	$tmp1,$e,$e
+	or	$tmp2,$b,$b
+	add	$xi,$e,$e
+___
+}
+
+sub BODY_40_59 {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $xi;
+	&Xupdate(@_);
+    if ($i&1) {
+	$xi=@X[($i/2)%8];
+    } else {
+	$xi=$Xi;
+	$code.="\tsrlx	@X[($i/2)%8],32,$xi\n";
+    }
+$code.=<<___;
+	add	$tmp0,$e,$e		!!
+	and	$c,$b,$tmp0
+	add	$tmp1,$e,$e
+	sll	$b,30,$tmp2
+	or	$c,$b,$tmp1
+	srl	$b,2,$b
+	and	$d,$tmp1,$tmp1
+	add	$xi,$e,$e
+	or	$tmp1,$tmp0,$tmp1
+	or	$tmp2,$b,$b
+	add	$tmp1,$e,$e
+___
+}
+
+$code.=<<___ if ($bits==64);
+.register	%g2,#scratch
+.register	%g3,#scratch
+___
+$code.=<<___;
+.section	".text",#alloc,#execinstr
+
+.align	32
+.globl	sha1_block_data_order
+sha1_block_data_order:
+	save	%sp,-$frame,%sp
+	sllx	$len,6,$len
+	add	$inp,$len,$len
+
+	or	%g0,1,$rot1m
+	sllx	$rot1m,32,$rot1m
+	or	$rot1m,1,$rot1m
+
+	ld	[$ctx+0],$A
+	ld	[$ctx+4],$B
+	ld	[$ctx+8],$C
+	ld	[$ctx+12],$D
+	ld	[$ctx+16],$E
+	andn	$inp,7,$tmp0
+
+	sethi	%hi(0x5a827999),$K_00_19
+	or	$K_00_19,%lo(0x5a827999),$K_00_19
+	sethi	%hi(0x6ed9eba1),$K_20_39
+	or	$K_20_39,%lo(0x6ed9eba1),$K_20_39
+	sethi	%hi(0x8f1bbcdc),$K_40_59
+	or	$K_40_59,%lo(0x8f1bbcdc),$K_40_59
+	sethi	%hi(0xca62c1d6),$K_60_79
+	or	$K_60_79,%lo(0xca62c1d6),$K_60_79
+
+.Lloop:
+	ldx	[$tmp0+0],@X[0]
+	ldx	[$tmp0+16],@X[2]
+	ldx	[$tmp0+32],@X[4]
+	ldx	[$tmp0+48],@X[6]
+	and	$inp,7,$tmp1
+	ldx	[$tmp0+8],@X[1]
+	sll	$tmp1,3,$tmp1
+	ldx	[$tmp0+24],@X[3]
+	subcc	%g0,$tmp1,$tmp2	! should be 64-$tmp1, but -$tmp1 works too
+	ldx	[$tmp0+40],@X[5]
+	bz,pt	%icc,.Laligned
+	ldx	[$tmp0+56],@X[7]
+
+	sllx	@X[0],$tmp1,@X[0]
+	ldx	[$tmp0+64],$tmp64
+___
+for($i=0;$i<7;$i++)
+{   $code.=<<___;
+	srlx	@X[$i+1],$tmp2,$Xi
+	sllx	@X[$i+1],$tmp1,@X[$i+1]
+	or	$Xi,@X[$i],@X[$i]
+___
+}
+$code.=<<___;
+	srlx	$tmp64,$tmp2,$tmp64
+	or	$tmp64,@X[7],@X[7]
+.Laligned:
+	srlx	@X[0],32,$Xi
+___
+for ($i=0;$i<16;$i++)	{ &BODY_00_15($i,@V); unshift(@V,pop(@V)); }
+for (;$i<20;$i++)	{ &BODY_16_19($i,@V); unshift(@V,pop(@V)); }
+for (;$i<40;$i++)	{ &BODY_20_39($i,@V); unshift(@V,pop(@V)); }
+for (;$i<60;$i++)	{ &BODY_40_59($i,@V); unshift(@V,pop(@V)); }
+for (;$i<80;$i++)	{ &BODY_20_39($i,@V); unshift(@V,pop(@V)); }
+$code.=<<___;
+
+	ld	[$ctx+0],@X[0]
+	ld	[$ctx+4],@X[1]
+	ld	[$ctx+8],@X[2]
+	ld	[$ctx+12],@X[3]
+	add	$inp,64,$inp
+	ld	[$ctx+16],@X[4]
+	cmp	$inp,$len
+
+	add	$A,@X[0],$A
+	st	$A,[$ctx+0]
+	add	$B,@X[1],$B
+	st	$B,[$ctx+4]
+	add	$C,@X[2],$C
+	st	$C,[$ctx+8]
+	add	$D,@X[3],$D
+	st	$D,[$ctx+12]
+	add	$E,@X[4],$E
+	st	$E,[$ctx+16]
+
+	bne	`$bits==64?"%xcc":"%icc"`,.Lloop
+	andn	$inp,7,$tmp0
+
+	ret
+	restore
+.type	sha1_block_data_order,#function
+.size	sha1_block_data_order,(.-sha1_block_data_order)
+.asciz	"SHA1 block transform for SPARCv9, CRYPTOGAMS by <appro\@openssl.org>"
+___
+
+$code =~ s/\`([^\`]*)\`/eval $1/gem;
+print $code;
+close STDOUT;
diff --git a/crypto/sha/asm/sha1-sparcv9a.pl b/crypto/sha/asm/sha1-sparcv9a.pl
new file mode 100644
index 0000000000..15eb854bad
--- /dev/null
+++ b/crypto/sha/asm/sha1-sparcv9a.pl
@@ -0,0 +1,600 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# January 2009
+#
+# Provided that UltraSPARC VIS instructions are pipe-lined(*) and
+# pairable(*) with IALU ones, offloading of Xupdate to the UltraSPARC
+# Graphic Unit would make it possible to achieve higher instruction-
+# level parallelism, ILP, and thus higher performance. It should be
+# explicitly noted that ILP is the keyword, and it means that this
+# code would be unsuitable for cores like UltraSPARC-Tx. The idea is
+# not really novel, Sun had VIS-powered implementation for a while.
+# Unlike Sun's implementation this one can process multiple unaligned
+# input blocks, and as such works as drop-in replacement for OpenSSL
+# sha1_block_data_order. Performance improvement was measured to be
+# 40% over pure IALU sha1-sparcv9.pl on UltraSPARC-IIi, but 12% on
+# UltraSPARC-III. See below for discussion...
+#
+# The module does not present direct interest for OpenSSL, because
+# it doesn't provide better performance on contemporary SPARCv9 CPUs,
+# UltraSPARC-Tx and SPARC64-V[II] to be specific. Those who feel they
+# absolutely must score on UltraSPARC-I-IV can simply replace
+# crypto/sha/asm/sha1-sparcv9.pl with this module.
+#
+# (*)	"Pipe-lined" means that even if it takes several cycles to
+#	complete, next instruction using same functional unit [but not
+#	depending on the result of the current instruction] can start
+#	execution without having to wait for the unit. "Pairable"
+#	means that two [or more] independent instructions can be
+#	issued at the very same time.
+
+$bits=32;
+for (@ARGV)	{ $bits=64 if (/\-m64/ || /\-xarch\=v9/); }
+if ($bits==64)	{ $bias=2047; $frame=192; }
+else		{ $bias=0;    $frame=112; }
+
+$output=shift;
+open STDOUT,">$output";
+
+$ctx="%i0";
+$inp="%i1";
+$len="%i2";
+$tmp0="%i3";
+$tmp1="%i4";
+$tmp2="%i5";
+$tmp3="%g5";
+
+$base="%g1";
+$align="%g4";
+$Xfer="%o5";
+$nXfer=$tmp3;
+$Xi="%o7";
+
+$A="%l0";
+$B="%l1";
+$C="%l2";
+$D="%l3";
+$E="%l4";
+@V=($A,$B,$C,$D,$E);
+
+$Actx="%o0";
+$Bctx="%o1";
+$Cctx="%o2";
+$Dctx="%o3";
+$Ectx="%o4";
+
+$fmul="%f32";
+$VK_00_19="%f34";
+$VK_20_39="%f36";
+$VK_40_59="%f38";
+$VK_60_79="%f40";
+@VK=($VK_00_19,$VK_20_39,$VK_40_59,$VK_60_79);
+@X=("%f0", "%f1", "%f2", "%f3", "%f4", "%f5", "%f6", "%f7",
+    "%f8", "%f9","%f10","%f11","%f12","%f13","%f14","%f15","%f16");
+
+# This is reference 2x-parallelized VIS-powered Xupdate procedure. It
+# covers even K_NN_MM addition...
+sub Xupdate {
+my ($i)=@_;
+my $K=@VK[($i+16)/20];
+my $j=($i+16)%16;
+
+#	[ provided that GSR.alignaddr_offset is 5, $mul contains
+#	  0x100ULL<<32|0x100 value and K_NN_MM are pre-loaded to
+#	  chosen registers... ]
+$code.=<<___;
+	fxors		@X[($j+13)%16],@X[$j],@X[$j]	!-1/-1/-1:X[0]^=X[13]
+	fxors		@X[($j+14)%16],@X[$j+1],@X[$j+1]! 0/ 0/ 0:X[1]^=X[14]
+	fxor		@X[($j+2)%16],@X[($j+8)%16],%f18! 1/ 1/ 1:Tmp=X[2,3]^X[8,9]
+	fxor		%f18,@X[$j],@X[$j]		! 2/ 4/ 3:X[0,1]^=X[2,3]^X[8,9]
+	faligndata	@X[$j],@X[$j],%f18		! 3/ 7/ 5:Tmp=X[0,1]>>>24
+	fpadd32		@X[$j],@X[$j],@X[$j]		! 4/ 8/ 6:X[0,1]<<=1
+	fmul8ulx16	%f18,$fmul,%f18			! 5/10/ 7:Tmp>>=7, Tmp&=1
+	![fxors		%f15,%f2,%f2]
+	for		%f18,@X[$j],@X[$j]		! 8/14/10:X[0,1]|=Tmp
+	![fxors		%f0,%f3,%f3]			!10/17/12:X[0] dependency
+	fpadd32		$K,@X[$j],%f20
+	std		%f20,[$Xfer+`4*$j`]
+___
+# The numbers delimited with slash are the earliest possible dispatch
+# cycles for given instruction assuming 1 cycle latency for simple VIS
+# instructions, such as on UltraSPARC-I&II, 3 cycles latency, such as
+# on UltraSPARC-III&IV, and 2 cycles latency(*), respectively. Being
+# 2x-parallelized the procedure is "worth" 5, 8.5 or 6 ticks per SHA1
+# round. As [long as] FPU/VIS instructions are perfectly pairable with
+# IALU ones, the round timing is defined by the maximum between VIS
+# and IALU timings. The latter varies from round to round and averages
+# out at 6.25 ticks. This means that USI&II should operate at IALU
+# rate, while USIII&IV - at VIS rate. This explains why performance
+# improvement varies among processors. Well, given that pure IALU
+# sha1-sparcv9.pl module exhibits virtually uniform performance of
+# ~9.3 cycles per SHA1 round. Timings mentioned above are theoretical
+# lower limits. Real-life performance was measured to be 6.6 cycles
+# per SHA1 round on USIIi and 8.3 on USIII. The latter is lower than
+# half-round VIS timing, because there are 16 Xupdate-free rounds,
+# which "push down" average theoretical timing to 8 cycles...
+
+# (*)	SPARC64-V[II] was originally believed to have 2 cycles VIS
+#	latency. Well, it might have, but it doesn't have dedicated
+#	VIS-unit. Instead, VIS instructions are executed by other
+#	functional units, ones used here - by IALU. This doesn't
+#	improve effective ILP...
+}
+
+# The reference Xupdate procedure is then "strained" over *pairs* of
+# BODY_NN_MM and kind of modulo-scheduled in respect to X[n]^=X[n+13]
+# and K_NN_MM addition. It's "running" 15 rounds ahead, which leaves
+# plenty of room to amortize for read-after-write hazard, as well as
+# to fetch and align input for the next spin. The VIS instructions are
+# scheduled for latency of 2 cycles, because there are not enough IALU
+# instructions to schedule for latency of 3, while scheduling for 1
+# would give no gain on USI&II anyway.
+
+sub BODY_00_19 {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $j=$i&~1;
+my $k=($j+16+2)%16;	# ahead reference
+my $l=($j+16-2)%16;	# behind reference
+my $K=@VK[($j+16-2)/20];
+
+$j=($j+16)%16;
+
+$code.=<<___ if (!($i&1));
+	sll		$a,5,$tmp0			!! $i
+	and		$c,$b,$tmp3
+	ld		[$Xfer+`4*($i%16)`],$Xi
+	 fxors		@X[($j+14)%16],@X[$j+1],@X[$j+1]! 0/ 0/ 0:X[1]^=X[14]
+	srl		$a,27,$tmp1
+	add		$tmp0,$e,$e
+	 fxor		@X[($j+2)%16],@X[($j+8)%16],%f18! 1/ 1/ 1:Tmp=X[2,3]^X[8,9]
+	sll		$b,30,$tmp2
+	add		$tmp1,$e,$e
+	andn		$d,$b,$tmp1
+	add		$Xi,$e,$e
+	 fxor		%f18,@X[$j],@X[$j]		! 2/ 4/ 3:X[0,1]^=X[2,3]^X[8,9]
+	srl		$b,2,$b
+	or		$tmp1,$tmp3,$tmp1
+	or		$tmp2,$b,$b
+	add		$tmp1,$e,$e
+	 faligndata	@X[$j],@X[$j],%f18		! 3/ 7/ 5:Tmp=X[0,1]>>>24
+___
+$code.=<<___ if ($i&1);
+	sll		$a,5,$tmp0			!! $i
+	and		$c,$b,$tmp3
+	ld		[$Xfer+`4*($i%16)`],$Xi
+	 fpadd32	@X[$j],@X[$j],@X[$j]		! 4/ 8/ 6:X[0,1]<<=1
+	srl		$a,27,$tmp1
+	add		$tmp0,$e,$e
+	 fmul8ulx16	%f18,$fmul,%f18			! 5/10/ 7:Tmp>>=7, Tmp&=1
+	sll		$b,30,$tmp2
+	add		$tmp1,$e,$e
+	 fpadd32	$K,@X[$l],%f20			!
+	andn		$d,$b,$tmp1
+	add		$Xi,$e,$e
+	 fxors		@X[($k+13)%16],@X[$k],@X[$k]	!-1/-1/-1:X[0]^=X[13]
+	srl		$b,2,$b
+	or		$tmp1,$tmp3,$tmp1
+	 fxor		%f18,@X[$j],@X[$j]		! 8/14/10:X[0,1]|=Tmp
+	or		$tmp2,$b,$b
+	add		$tmp1,$e,$e
+___
+$code.=<<___ if ($i&1 && $i>=2);
+	 std		%f20,[$Xfer+`4*$l`]		!
+___
+}
+
+sub BODY_20_39 {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $j=$i&~1;
+my $k=($j+16+2)%16;	# ahead reference
+my $l=($j+16-2)%16;	# behind reference
+my $K=@VK[($j+16-2)/20];
+
+$j=($j+16)%16;
+
+$code.=<<___ if (!($i&1) && $i<64);
+	sll		$a,5,$tmp0			!! $i
+	ld		[$Xfer+`4*($i%16)`],$Xi
+	 fxors		@X[($j+14)%16],@X[$j+1],@X[$j+1]! 0/ 0/ 0:X[1]^=X[14]
+	srl		$a,27,$tmp1
+	add		$tmp0,$e,$e
+	 fxor		@X[($j+2)%16],@X[($j+8)%16],%f18! 1/ 1/ 1:Tmp=X[2,3]^X[8,9]
+	xor		$c,$b,$tmp0
+	add		$tmp1,$e,$e
+	sll		$b,30,$tmp2
+	xor		$d,$tmp0,$tmp1
+	 fxor		%f18,@X[$j],@X[$j]		! 2/ 4/ 3:X[0,1]^=X[2,3]^X[8,9]
+	srl		$b,2,$b
+	add		$tmp1,$e,$e
+	or		$tmp2,$b,$b
+	add		$Xi,$e,$e
+	 faligndata	@X[$j],@X[$j],%f18		! 3/ 7/ 5:Tmp=X[0,1]>>>24
+___
+$code.=<<___ if ($i&1 && $i<64);
+	sll		$a,5,$tmp0			!! $i
+	ld		[$Xfer+`4*($i%16)`],$Xi
+	 fpadd32	@X[$j],@X[$j],@X[$j]		! 4/ 8/ 6:X[0,1]<<=1
+	srl		$a,27,$tmp1
+	add		$tmp0,$e,$e
+	 fmul8ulx16	%f18,$fmul,%f18			! 5/10/ 7:Tmp>>=7, Tmp&=1
+	xor		$c,$b,$tmp0
+	add		$tmp1,$e,$e
+	 fpadd32	$K,@X[$l],%f20			!
+	sll		$b,30,$tmp2
+	xor		$d,$tmp0,$tmp1
+	 fxors		@X[($k+13)%16],@X[$k],@X[$k]	!-1/-1/-1:X[0]^=X[13]
+	srl		$b,2,$b
+	add		$tmp1,$e,$e
+	 fxor		%f18,@X[$j],@X[$j]		! 8/14/10:X[0,1]|=Tmp
+	or		$tmp2,$b,$b
+	add		$Xi,$e,$e
+	 std		%f20,[$Xfer+`4*$l`]		!
+___
+$code.=<<___ if ($i==64);
+	sll		$a,5,$tmp0			!! $i
+	ld		[$Xfer+`4*($i%16)`],$Xi
+	 fpadd32	$K,@X[$l],%f20
+	srl		$a,27,$tmp1
+	add		$tmp0,$e,$e
+	xor		$c,$b,$tmp0
+	add		$tmp1,$e,$e
+	sll		$b,30,$tmp2
+	xor		$d,$tmp0,$tmp1
+	 std		%f20,[$Xfer+`4*$l`]
+	srl		$b,2,$b
+	add		$tmp1,$e,$e
+	or		$tmp2,$b,$b
+	add		$Xi,$e,$e
+___
+$code.=<<___ if ($i>64);
+	sll		$a,5,$tmp0			!! $i
+	ld		[$Xfer+`4*($i%16)`],$Xi
+	srl		$a,27,$tmp1
+	add		$tmp0,$e,$e
+	xor		$c,$b,$tmp0
+	add		$tmp1,$e,$e
+	sll		$b,30,$tmp2
+	xor		$d,$tmp0,$tmp1
+	srl		$b,2,$b
+	add		$tmp1,$e,$e
+	or		$tmp2,$b,$b
+	add		$Xi,$e,$e
+___
+}
+
+sub BODY_40_59 {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $j=$i&~1;
+my $k=($j+16+2)%16;	# ahead reference
+my $l=($j+16-2)%16;	# behind reference
+my $K=@VK[($j+16-2)/20];
+
+$j=($j+16)%16;
+
+$code.=<<___ if (!($i&1));
+	sll		$a,5,$tmp0			!! $i
+	ld		[$Xfer+`4*($i%16)`],$Xi
+	 fxors		@X[($j+14)%16],@X[$j+1],@X[$j+1]! 0/ 0/ 0:X[1]^=X[14]
+	srl		$a,27,$tmp1
+	add		$tmp0,$e,$e
+	 fxor		@X[($j+2)%16],@X[($j+8)%16],%f18! 1/ 1/ 1:Tmp=X[2,3]^X[8,9]
+	and		$c,$b,$tmp0
+	add		$tmp1,$e,$e
+	sll		$b,30,$tmp2
+	or		$c,$b,$tmp1
+	 fxor		%f18,@X[$j],@X[$j]		! 2/ 4/ 3:X[0,1]^=X[2,3]^X[8,9]
+	srl		$b,2,$b
+	and		$d,$tmp1,$tmp1
+	add		$Xi,$e,$e
+	or		$tmp1,$tmp0,$tmp1
+	 faligndata	@X[$j],@X[$j],%f18		! 3/ 7/ 5:Tmp=X[0,1]>>>24
+	or		$tmp2,$b,$b
+	add		$tmp1,$e,$e
+	 fpadd32	@X[$j],@X[$j],@X[$j]		! 4/ 8/ 6:X[0,1]<<=1
+___
+$code.=<<___ if ($i&1);
+	sll		$a,5,$tmp0			!! $i
+	ld		[$Xfer+`4*($i%16)`],$Xi
+	srl		$a,27,$tmp1
+	add		$tmp0,$e,$e
+	 fmul8ulx16	%f18,$fmul,%f18			! 5/10/ 7:Tmp>>=7, Tmp&=1
+	and		$c,$b,$tmp0
+	add		$tmp1,$e,$e
+	 fpadd32	$K,@X[$l],%f20			!
+	sll		$b,30,$tmp2
+	or		$c,$b,$tmp1
+	 fxors		@X[($k+13)%16],@X[$k],@X[$k]	!-1/-1/-1:X[0]^=X[13]
+	srl		$b,2,$b
+	and		$d,$tmp1,$tmp1
+	 fxor		%f18,@X[$j],@X[$j]		! 8/14/10:X[0,1]|=Tmp
+	add		$Xi,$e,$e
+	or		$tmp1,$tmp0,$tmp1
+	or		$tmp2,$b,$b
+	add		$tmp1,$e,$e
+	 std		%f20,[$Xfer+`4*$l`]		!
+___
+}
+
+# If there is more data to process, then we pre-fetch the data for
+# next iteration in last ten rounds...
+sub BODY_70_79 {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $j=$i&~1;
+my $m=($i%8)*2;
+
+$j=($j+16)%16;
+
+$code.=<<___ if ($i==70);
+	sll		$a,5,$tmp0			!! $i
+	ld		[$Xfer+`4*($i%16)`],$Xi
+	srl		$a,27,$tmp1
+	add		$tmp0,$e,$e
+	 ldd		[$inp+64],@X[0]
+	xor		$c,$b,$tmp0
+	add		$tmp1,$e,$e
+	sll		$b,30,$tmp2
+	xor		$d,$tmp0,$tmp1
+	srl		$b,2,$b
+	add		$tmp1,$e,$e
+	or		$tmp2,$b,$b
+	add		$Xi,$e,$e
+
+	and		$inp,-64,$nXfer
+	inc		64,$inp
+	and		$nXfer,255,$nXfer
+	alignaddr	%g0,$align,%g0
+	add		$base,$nXfer,$nXfer
+___
+$code.=<<___ if ($i==71);
+	sll		$a,5,$tmp0			!! $i
+	ld		[$Xfer+`4*($i%16)`],$Xi
+	srl		$a,27,$tmp1
+	add		$tmp0,$e,$e
+	xor		$c,$b,$tmp0
+	add		$tmp1,$e,$e
+	sll		$b,30,$tmp2
+	xor		$d,$tmp0,$tmp1
+	srl		$b,2,$b
+	add		$tmp1,$e,$e
+	or		$tmp2,$b,$b
+	add		$Xi,$e,$e
+___
+$code.=<<___ if ($i>=72);
+	 faligndata	@X[$m],@X[$m+2],@X[$m]
+	sll		$a,5,$tmp0			!! $i
+	ld		[$Xfer+`4*($i%16)`],$Xi
+	srl		$a,27,$tmp1
+	add		$tmp0,$e,$e
+	xor		$c,$b,$tmp0
+	add		$tmp1,$e,$e
+	 fpadd32	$VK_00_19,@X[$m],%f20
+	sll		$b,30,$tmp2
+	xor		$d,$tmp0,$tmp1
+	srl		$b,2,$b
+	add		$tmp1,$e,$e
+	or		$tmp2,$b,$b
+	add		$Xi,$e,$e
+___
+$code.=<<___ if ($i<77);
+	 ldd		[$inp+`8*($i+1-70)`],@X[2*($i+1-70)]
+___
+$code.=<<___ if ($i==77);	# redundant if $inp was aligned
+	 add		$align,63,$tmp0
+	 and		$tmp0,-8,$tmp0
+	 ldd		[$inp+$tmp0],@X[16]
+___
+$code.=<<___ if ($i>=72);
+	 std		%f20,[$nXfer+`4*$m`]
+___
+}
+
+$code.=<<___;
+.section	".text",#alloc,#execinstr
+
+.align	64
+vis_const:
+.long	0x5a827999,0x5a827999	! K_00_19
+.long	0x6ed9eba1,0x6ed9eba1	! K_20_39
+.long	0x8f1bbcdc,0x8f1bbcdc	! K_40_59
+.long	0xca62c1d6,0xca62c1d6	! K_60_79
+.long	0x00000100,0x00000100
+.align	64
+.type	vis_const,#object
+.size	vis_const,(.-vis_const)
+
+.globl	sha1_block_data_order
+sha1_block_data_order:
+	save	%sp,-$frame,%sp
+	add	%fp,$bias-256,$base
+
+1:	call	.+8
+	add	%o7,vis_const-1b,$tmp0
+
+	ldd	[$tmp0+0],$VK_00_19
+	ldd	[$tmp0+8],$VK_20_39
+	ldd	[$tmp0+16],$VK_40_59
+	ldd	[$tmp0+24],$VK_60_79
+	ldd	[$tmp0+32],$fmul
+
+	ld	[$ctx+0],$Actx
+	and	$base,-256,$base
+	ld	[$ctx+4],$Bctx
+	sub	$base,$bias+$frame,%sp
+	ld	[$ctx+8],$Cctx
+	and	$inp,7,$align
+	ld	[$ctx+12],$Dctx
+	and	$inp,-8,$inp
+	ld	[$ctx+16],$Ectx
+
+	! X[16] is maintained in FP register bank
+	alignaddr	%g0,$align,%g0
+	ldd		[$inp+0],@X[0]
+	sub		$inp,-64,$Xfer
+	ldd		[$inp+8],@X[2]
+	and		$Xfer,-64,$Xfer
+	ldd		[$inp+16],@X[4]
+	and		$Xfer,255,$Xfer
+	ldd		[$inp+24],@X[6]
+	add		$base,$Xfer,$Xfer
+	ldd		[$inp+32],@X[8]
+	ldd		[$inp+40],@X[10]
+	ldd		[$inp+48],@X[12]
+	brz,pt		$align,.Laligned
+	ldd		[$inp+56],@X[14]
+
+	ldd		[$inp+64],@X[16]
+	faligndata	@X[0],@X[2],@X[0]
+	faligndata	@X[2],@X[4],@X[2]
+	faligndata	@X[4],@X[6],@X[4]
+	faligndata	@X[6],@X[8],@X[6]
+	faligndata	@X[8],@X[10],@X[8]
+	faligndata	@X[10],@X[12],@X[10]
+	faligndata	@X[12],@X[14],@X[12]
+	faligndata	@X[14],@X[16],@X[14]
+
+.Laligned:
+	mov		5,$tmp0
+	dec		1,$len
+	alignaddr	%g0,$tmp0,%g0
+	fpadd32		$VK_00_19,@X[0],%f16
+	fpadd32		$VK_00_19,@X[2],%f18
+	fpadd32		$VK_00_19,@X[4],%f20
+	fpadd32		$VK_00_19,@X[6],%f22
+	fpadd32		$VK_00_19,@X[8],%f24
+	fpadd32		$VK_00_19,@X[10],%f26
+	fpadd32		$VK_00_19,@X[12],%f28
+	fpadd32		$VK_00_19,@X[14],%f30
+	std		%f16,[$Xfer+0]
+	mov		$Actx,$A
+	std		%f18,[$Xfer+8]
+	mov		$Bctx,$B
+	std		%f20,[$Xfer+16]
+	mov		$Cctx,$C
+	std		%f22,[$Xfer+24]
+	mov		$Dctx,$D
+	std		%f24,[$Xfer+32]
+	mov		$Ectx,$E
+	std		%f26,[$Xfer+40]
+	fxors		@X[13],@X[0],@X[0]
+	std		%f28,[$Xfer+48]
+	ba		.Loop
+	std		%f30,[$Xfer+56]
+.align	32
+.Loop:
+___
+for ($i=0;$i<20;$i++)	{ &BODY_00_19($i,@V); unshift(@V,pop(@V)); }
+for (;$i<40;$i++)	{ &BODY_20_39($i,@V); unshift(@V,pop(@V)); }
+for (;$i<60;$i++)	{ &BODY_40_59($i,@V); unshift(@V,pop(@V)); }
+for (;$i<70;$i++)	{ &BODY_20_39($i,@V); unshift(@V,pop(@V)); }
+$code.=<<___;
+	tst		$len
+	bz,pn		`$bits==32?"%icc":"%xcc"`,.Ltail
+	nop
+___
+for (;$i<80;$i++)	{ &BODY_70_79($i,@V); unshift(@V,pop(@V)); }
+$code.=<<___;
+	add		$A,$Actx,$Actx
+	add		$B,$Bctx,$Bctx
+	add		$C,$Cctx,$Cctx
+	add		$D,$Dctx,$Dctx
+	add		$E,$Ectx,$Ectx
+	mov		5,$tmp0
+	fxors		@X[13],@X[0],@X[0]
+	mov		$Actx,$A
+	mov		$Bctx,$B
+	mov		$Cctx,$C
+	mov		$Dctx,$D
+	mov		$Ectx,$E
+	alignaddr	%g0,$tmp0,%g0	
+	dec		1,$len
+	ba		.Loop
+	mov		$nXfer,$Xfer
+
+.align	32
+.Ltail:
+___
+for($i=70;$i<80;$i++)	{ &BODY_20_39($i,@V); unshift(@V,pop(@V)); }
+$code.=<<___;
+	add	$A,$Actx,$Actx
+	add	$B,$Bctx,$Bctx
+	add	$C,$Cctx,$Cctx
+	add	$D,$Dctx,$Dctx
+	add	$E,$Ectx,$Ectx
+
+	st	$Actx,[$ctx+0]
+	st	$Bctx,[$ctx+4]
+	st	$Cctx,[$ctx+8]
+	st	$Dctx,[$ctx+12]
+	st	$Ectx,[$ctx+16]
+
+	ret
+	restore
+.type	sha1_block_data_order,#function
+.size	sha1_block_data_order,(.-sha1_block_data_order)
+.asciz	"SHA1 block transform for SPARCv9a, CRYPTOGAMS by <appro\@openssl.org>"
+___
+
+# Purpose of these subroutines is to explicitly encode VIS instructions,
+# so that one can compile the module without having to specify VIS
+# extentions on compiler command line, e.g. -xarch=v9 vs. -xarch=v9a.
+# Idea is to reserve for option to produce "universal" binary and let
+# programmer detect if current CPU is VIS capable at run-time.
+sub unvis {
+my ($mnemonic,$rs1,$rs2,$rd)=@_;
+my $ref,$opf;
+my %visopf = (	"fmul8ulx16"	=> 0x037,
+		"faligndata"	=> 0x048,
+		"fpadd32"	=> 0x052,
+		"fxor"		=> 0x06c,
+		"fxors"		=> 0x06d	);
+
+    $ref = "$mnemonic\t$rs1,$rs2,$rd";
+
+    if ($opf=$visopf{$mnemonic}) {
+	foreach ($rs1,$rs2,$rd) {
+	    return $ref if (!/%f([0-9]{1,2})/);
+	    $_=$1;
+	    if ($1>=32) {
+		return $ref if ($1&1);
+		# re-encode for upper double register addressing
+		$_=($1|$1>>5)&31;
+	    }
+	}
+
+	return	sprintf ".word\t0x%08x !%s",
+			0x81b00000|$rd<<25|$rs1<<14|$opf<<5|$rs2,
+			$ref;
+    } else {
+	return $ref;
+    }
+}
+sub unalignaddr {
+my ($mnemonic,$rs1,$rs2,$rd)=@_;
+my %bias = ( "g" => 0, "o" => 8, "l" => 16, "i" => 24 );
+my $ref="$mnemonic\t$rs1,$rs2,$rd";
+
+    foreach ($rs1,$rs2,$rd) {
+	if (/%([goli])([0-7])/)	{ $_=$bias{$1}+$2; }
+	else			{ return $ref; }
+    }
+    return  sprintf ".word\t0x%08x !%s",
+		    0x81b00300|$rd<<25|$rs1<<14|$rs2,
+		    $ref;
+}
+
+$code =~ s/\`([^\`]*)\`/eval $1/gem;
+$code =~ s/\b(f[^\s]*)\s+(%f[0-9]{1,2}),(%f[0-9]{1,2}),(%f[0-9]{1,2})/
+		&unvis($1,$2,$3,$4)
+	  /gem;
+$code =~ s/\b(alignaddr)\s+(%[goli][0-7]),(%[goli][0-7]),(%[goli][0-7])/
+		&unalignaddr($1,$2,$3,$4)
+	  /gem;
+print $code;
+close STDOUT;
diff --git a/crypto/sha/asm/sha1-thumb.pl b/crypto/sha/asm/sha1-thumb.pl
new file mode 100644
index 0000000000..7c9ea9b029
--- /dev/null
+++ b/crypto/sha/asm/sha1-thumb.pl
@@ -0,0 +1,259 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# sha1_block for Thumb.
+#
+# January 2007.
+#
+# The code does not present direct interest to OpenSSL, because of low
+# performance. Its purpose is to establish _size_ benchmark. Pretty
+# useless one I must say, because 30% or 88 bytes larger ARMv4 code
+# [avialable on demand] is almost _twice_ as fast. It should also be
+# noted that in-lining of .Lcommon and .Lrotate improves performance
+# by over 40%, while code increases by only 10% or 32 bytes. But once
+# again, the goal was to establish _size_ benchmark, not performance.
+
+$output=shift;
+open STDOUT,">$output";
+
+$inline=0;
+#$cheat_on_binutils=1;
+
+$t0="r0";
+$t1="r1";
+$t2="r2";
+$a="r3";
+$b="r4";
+$c="r5";
+$d="r6";
+$e="r7";
+$K="r8";	# "upper" registers can be used in add/sub and mov insns
+$ctx="r9";
+$inp="r10";
+$len="r11";
+$Xi="r12";
+
+sub common {
+<<___;
+	sub	$t0,#4
+	ldr	$t1,[$t0]
+	add	$e,$K			@ E+=K_xx_xx
+	lsl	$t2,$a,#5
+	add	$t2,$e
+	lsr	$e,$a,#27
+	add	$t2,$e			@ E+=ROR(A,27)
+	add	$t2,$t1			@ E+=X[i]
+___
+}
+sub rotate {
+<<___;
+	mov	$e,$d			@ E=D
+	mov	$d,$c			@ D=C
+	lsl	$c,$b,#30
+	lsr	$b,$b,#2
+	orr	$c,$b			@ C=ROR(B,2)
+	mov	$b,$a			@ B=A
+	add	$a,$t2,$t1		@ A=E+F_xx_xx(B,C,D)
+___
+}
+
+sub BODY_00_19 {
+$code.=$inline?&common():"\tbl	.Lcommon\n";
+$code.=<<___;
+	mov	$t1,$c
+	eor	$t1,$d
+	and	$t1,$b
+	eor	$t1,$d			@ F_00_19(B,C,D)
+___
+$code.=$inline?&rotate():"\tbl	.Lrotate\n";
+}
+
+sub BODY_20_39 {
+$code.=$inline?&common():"\tbl	.Lcommon\n";
+$code.=<<___;
+	mov	$t1,$b
+	eor	$t1,$c
+	eor	$t1,$d			@ F_20_39(B,C,D)
+___
+$code.=$inline?&rotate():"\tbl	.Lrotate\n";
+}
+
+sub BODY_40_59 {
+$code.=$inline?&common():"\tbl	.Lcommon\n";
+$code.=<<___;
+	mov	$t1,$b
+	and	$t1,$c
+	mov	$e,$b
+	orr	$e,$c
+	and	$e,$d
+	orr	$t1,$e			@ F_40_59(B,C,D)
+___
+$code.=$inline?&rotate():"\tbl	.Lrotate\n";
+}
+
+$code=<<___;
+.text
+.code	16
+
+.global	sha1_block_data_order
+.type	sha1_block_data_order,%function
+
+.align	2
+sha1_block_data_order:
+___
+if ($cheat_on_binutils) {
+$code.=<<___;
+.code	32
+	add	r3,pc,#1
+	bx	r3			@ switch to Thumb ISA
+.code	16
+___
+}
+$code.=<<___;
+	push	{r4-r7}
+	mov	r3,r8
+	mov	r4,r9
+	mov	r5,r10
+	mov	r6,r11
+	mov	r7,r12
+	push	{r3-r7,lr}
+	lsl	r2,#6
+	mov	$ctx,r0			@ save context
+	mov	$inp,r1			@ save inp
+	mov	$len,r2			@ save len
+	add	$len,$inp		@ $len to point at inp end
+
+.Lloop:
+	mov	$Xi,sp
+	mov	$t2,sp
+	sub	$t2,#16*4		@ [3]
+.LXload:
+	ldrb	$a,[$t1,#0]		@ $t1 is r1 and holds inp
+	ldrb	$b,[$t1,#1]
+	ldrb	$c,[$t1,#2]
+	ldrb	$d,[$t1,#3]
+	lsl	$a,#24
+	lsl	$b,#16
+	lsl	$c,#8
+	orr	$a,$b
+	orr	$a,$c
+	orr	$a,$d
+	add	$t1,#4
+	push	{$a}
+	cmp	sp,$t2
+	bne	.LXload			@ [+14*16]
+
+	mov	$inp,$t1		@ update $inp
+	sub	$t2,#32*4
+	sub	$t2,#32*4
+	mov	$e,#31			@ [+4]
+.LXupdate:
+	ldr	$a,[sp,#15*4]
+	ldr	$b,[sp,#13*4]
+	ldr	$c,[sp,#7*4]
+	ldr	$d,[sp,#2*4]
+	eor	$a,$b
+	eor	$a,$c
+	eor	$a,$d
+	ror	$a,$e
+	push	{$a}
+	cmp	sp,$t2
+	bne	.LXupdate		@ [+(11+1)*64]
+
+	ldmia	$t0!,{$a,$b,$c,$d,$e}	@ $t0 is r0 and holds ctx
+	mov	$t0,$Xi
+
+	ldr	$t2,.LK_00_19
+	mov	$t1,$t0
+	sub	$t1,#20*4
+	mov	$Xi,$t1
+	mov	$K,$t2			@ [+7+4]
+.L_00_19:
+___
+	&BODY_00_19();
+$code.=<<___;
+	cmp	$Xi,$t0
+	bne	.L_00_19		@ [+(2+9+4+2+8+2)*20]
+
+	ldr	$t2,.LK_20_39
+	mov	$t1,$t0
+	sub	$t1,#20*4
+	mov	$Xi,$t1
+	mov	$K,$t2			@ [+5]
+.L_20_39_or_60_79:
+___
+	&BODY_20_39();
+$code.=<<___;
+	cmp	$Xi,$t0
+	bne	.L_20_39_or_60_79	@ [+(2+9+3+2+8+2)*20*2]
+	cmp	sp,$t0
+	beq	.Ldone			@ [+2]
+
+	ldr	$t2,.LK_40_59
+	mov	$t1,$t0
+	sub	$t1,#20*4
+	mov	$Xi,$t1
+	mov	$K,$t2			@ [+5]
+.L_40_59:
+___
+	&BODY_40_59();
+$code.=<<___;
+	cmp	$Xi,$t0
+	bne	.L_40_59		@ [+(2+9+6+2+8+2)*20]
+
+	ldr	$t2,.LK_60_79
+	mov	$Xi,sp
+	mov	$K,$t2
+	b	.L_20_39_or_60_79	@ [+4]
+.Ldone:
+	mov	$t0,$ctx
+	ldr	$t1,[$t0,#0]
+	ldr	$t2,[$t0,#4]
+	add	$a,$t1
+	ldr	$t1,[$t0,#8]
+	add	$b,$t2
+	ldr	$t2,[$t0,#12]
+	add	$c,$t1
+	ldr	$t1,[$t0,#16]
+	add	$d,$t2
+	add	$e,$t1
+	stmia	$t0!,{$a,$b,$c,$d,$e}	@ [+20]
+
+	add	sp,#80*4		@ deallocate stack frame
+	mov	$t0,$ctx		@ restore ctx
+	mov	$t1,$inp		@ restore inp
+	cmp	$t1,$len
+	beq	.Lexit
+	b	.Lloop			@ [+6] total 3212 cycles
+.Lexit:
+	pop	{r2-r7}
+	mov	r8,r2
+	mov	r9,r3
+	mov	r10,r4
+	mov	r11,r5
+	mov	r12,r6
+	mov	lr,r7
+	pop	{r4-r7}
+	bx	lr
+.align	2
+___
+$code.=".Lcommon:\n".&common()."\tmov	pc,lr\n" if (!$inline);
+$code.=".Lrotate:\n".&rotate()."\tmov	pc,lr\n" if (!$inline);
+$code.=<<___;
+.align	2
+.LK_00_19:	.word	0x5a827999
+.LK_20_39:	.word	0x6ed9eba1
+.LK_40_59:	.word	0x8f1bbcdc
+.LK_60_79:	.word	0xca62c1d6
+.size	sha1_block_data_order,.-sha1_block_data_order
+.asciz	"SHA1 block transform for Thumb, CRYPTOGAMS by <appro\@openssl.org>"
+___
+
+print $code;
+close STDOUT; # enforce flush
diff --git a/crypto/sha/asm/sha1-x86_64.pl b/crypto/sha/asm/sha1-x86_64.pl
new file mode 100755
index 0000000000..35ab0e7e78
--- /dev/null
+++ b/crypto/sha/asm/sha1-x86_64.pl
@@ -0,0 +1,350 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+#
+# sha1_block procedure for x86_64.
+#
+# It was brought to my attention that on EM64T compiler-generated code
+# was far behind 32-bit assembler implementation. This is unlike on
+# Opteron where compiler-generated code was only 15% behind 32-bit
+# assembler, which originally made it hard to motivate the effort.
+# There was suggestion to mechanically translate 32-bit code, but I
+# dismissed it, reasoning that x86_64 offers enough register bank
+# capacity to fully utilize SHA-1 parallelism. Therefore this fresh
+# implementation:-) However! While 64-bit code does perform better
+# on Opteron, I failed to beat 32-bit assembler on EM64T core. Well,
+# x86_64 does offer larger *addressable* bank, but out-of-order core
+# reaches for even more registers through dynamic aliasing, and EM64T
+# core must have managed to run-time optimize even 32-bit code just as
+# good as 64-bit one. Performance improvement is summarized in the
+# following table:
+#
+#		gcc 3.4		32-bit asm	cycles/byte
+# Opteron	+45%		+20%		6.8
+# Xeon P4	+65%		+0%		9.9
+# Core2		+60%		+10%		7.0
+
+# August 2009.
+#
+# The code was revised to minimize code size and to maximize
+# "distance" between instructions producing input to 'lea'
+# instruction and the 'lea' instruction itself, which is essential
+# for Intel Atom core.
+
+$flavour = shift;
+$output  = shift;
+if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
+
+$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
+die "can't locate x86_64-xlate.pl";
+
+open STDOUT,"| $^X $xlate $flavour $output";
+
+$ctx="%rdi";	# 1st arg
+$inp="%rsi";	# 2nd arg
+$num="%rdx";	# 3rd arg
+
+# reassign arguments in order to produce more compact code
+$ctx="%r8";
+$inp="%r9";
+$num="%r10";
+
+$t0="%eax";
+$t1="%ebx";
+$t2="%ecx";
+@xi=("%edx","%ebp");
+$A="%esi";
+$B="%edi";
+$C="%r11d";
+$D="%r12d";
+$E="%r13d";
+
+@V=($A,$B,$C,$D,$E);
+
+sub BODY_00_19 {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $j=$i+1;
+$code.=<<___ if ($i==0);
+	mov	`4*$i`($inp),$xi[0]
+	bswap	$xi[0]
+	mov	$xi[0],`4*$i`(%rsp)
+___
+$code.=<<___ if ($i<15);
+	mov	$c,$t0
+	mov	`4*$j`($inp),$xi[1]
+	mov	$a,$t2
+	xor	$d,$t0
+	bswap	$xi[1]
+	rol	\$5,$t2
+	lea	0x5a827999($xi[0],$e),$e
+	and	$b,$t0
+	mov	$xi[1],`4*$j`(%rsp)
+	add	$t2,$e
+	xor	$d,$t0
+	rol	\$30,$b
+	add	$t0,$e
+___
+$code.=<<___ if ($i>=15);
+	mov	`4*($j%16)`(%rsp),$xi[1]
+	mov	$c,$t0
+	mov	$a,$t2
+	xor	`4*(($j+2)%16)`(%rsp),$xi[1]
+	xor	$d,$t0
+	rol	\$5,$t2
+	xor	`4*(($j+8)%16)`(%rsp),$xi[1]
+	and	$b,$t0
+	lea	0x5a827999($xi[0],$e),$e
+	xor	`4*(($j+13)%16)`(%rsp),$xi[1]
+	xor	$d,$t0
+	rol	\$1,$xi[1]
+	add	$t2,$e
+	rol	\$30,$b
+	mov	$xi[1],`4*($j%16)`(%rsp)
+	add	$t0,$e
+___
+unshift(@xi,pop(@xi));
+}
+
+sub BODY_20_39 {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $j=$i+1;
+my $K=($i<40)?0x6ed9eba1:0xca62c1d6;
+$code.=<<___ if ($i<79);
+	mov	`4*($j%16)`(%rsp),$xi[1]
+	mov	$c,$t0
+	mov	$a,$t2
+	xor	`4*(($j+2)%16)`(%rsp),$xi[1]
+	xor	$b,$t0
+	rol	\$5,$t2
+	lea	$K($xi[0],$e),$e
+	xor	`4*(($j+8)%16)`(%rsp),$xi[1]
+	xor	$d,$t0
+	add	$t2,$e
+	xor	`4*(($j+13)%16)`(%rsp),$xi[1]
+	rol	\$30,$b
+	add	$t0,$e
+	rol	\$1,$xi[1]
+___
+$code.=<<___ if ($i<76);
+	mov	$xi[1],`4*($j%16)`(%rsp)
+___
+$code.=<<___ if ($i==79);
+	mov	$c,$t0
+	mov	$a,$t2
+	xor	$b,$t0
+	lea	$K($xi[0],$e),$e
+	rol	\$5,$t2
+	xor	$d,$t0
+	add	$t2,$e
+	rol	\$30,$b
+	add	$t0,$e
+___
+unshift(@xi,pop(@xi));
+}
+
+sub BODY_40_59 {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $j=$i+1;
+$code.=<<___;
+	mov	`4*($j%16)`(%rsp),$xi[1]
+	mov	$c,$t0
+	mov	$c,$t1
+	xor	`4*(($j+2)%16)`(%rsp),$xi[1]
+	and	$d,$t0
+	mov	$a,$t2
+	xor	`4*(($j+8)%16)`(%rsp),$xi[1]
+	xor	$d,$t1
+	lea	0x8f1bbcdc($xi[0],$e),$e
+	rol	\$5,$t2
+	xor	`4*(($j+13)%16)`(%rsp),$xi[1]
+	add	$t0,$e
+	and	$b,$t1
+	rol	\$1,$xi[1]
+	add	$t1,$e
+	rol	\$30,$b
+	mov	$xi[1],`4*($j%16)`(%rsp)
+	add	$t2,$e
+___
+unshift(@xi,pop(@xi));
+}
+
+$code.=<<___;
+.text
+
+.globl	sha1_block_data_order
+.type	sha1_block_data_order,\@function,3
+.align	16
+sha1_block_data_order:
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	mov	%rsp,%r11
+	mov	%rdi,$ctx	# reassigned argument
+	sub	\$`8+16*4`,%rsp
+	mov	%rsi,$inp	# reassigned argument
+	and	\$-64,%rsp
+	mov	%rdx,$num	# reassigned argument
+	mov	%r11,`16*4`(%rsp)
+.Lprologue:
+
+	mov	0($ctx),$A
+	mov	4($ctx),$B
+	mov	8($ctx),$C
+	mov	12($ctx),$D
+	mov	16($ctx),$E
+
+.align	4
+.Lloop:
+___
+for($i=0;$i<20;$i++)	{ &BODY_00_19($i,@V); unshift(@V,pop(@V)); }
+for(;$i<40;$i++)	{ &BODY_20_39($i,@V); unshift(@V,pop(@V)); }
+for(;$i<60;$i++)	{ &BODY_40_59($i,@V); unshift(@V,pop(@V)); }
+for(;$i<80;$i++)	{ &BODY_20_39($i,@V); unshift(@V,pop(@V)); }
+$code.=<<___;
+	add	0($ctx),$A
+	add	4($ctx),$B
+	add	8($ctx),$C
+	add	12($ctx),$D
+	add	16($ctx),$E
+	mov	$A,0($ctx)
+	mov	$B,4($ctx)
+	mov	$C,8($ctx)
+	mov	$D,12($ctx)
+	mov	$E,16($ctx)
+
+	sub	\$1,$num
+	lea	`16*4`($inp),$inp
+	jnz	.Lloop
+
+	mov	`16*4`(%rsp),%rsi
+	mov	(%rsi),%r13
+	mov	8(%rsi),%r12
+	mov	16(%rsi),%rbp
+	mov	24(%rsi),%rbx
+	lea	32(%rsi),%rsp
+.Lepilogue:
+	ret
+.size	sha1_block_data_order,.-sha1_block_data_order
+
+.asciz	"SHA1 block transform for x86_64, CRYPTOGAMS by <appro\@openssl.org>"
+.align	16
+___
+
+# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
+#		CONTEXT *context,DISPATCHER_CONTEXT *disp)
+if ($win64) {
+$rec="%rcx";
+$frame="%rdx";
+$context="%r8";
+$disp="%r9";
+
+$code.=<<___;
+.extern	__imp_RtlVirtualUnwind
+.type	se_handler,\@abi-omnipotent
+.align	16
+se_handler:
+	push	%rsi
+	push	%rdi
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	pushfq
+	sub	\$64,%rsp
+
+	mov	120($context),%rax	# pull context->Rax
+	mov	248($context),%rbx	# pull context->Rip
+
+	lea	.Lprologue(%rip),%r10
+	cmp	%r10,%rbx		# context->Rip<.Lprologue
+	jb	.Lin_prologue
+
+	mov	152($context),%rax	# pull context->Rsp
+
+	lea	.Lepilogue(%rip),%r10
+	cmp	%r10,%rbx		# context->Rip>=.Lepilogue
+	jae	.Lin_prologue
+
+	mov	`16*4`(%rax),%rax	# pull saved stack pointer
+	lea	32(%rax),%rax
+
+	mov	-8(%rax),%rbx
+	mov	-16(%rax),%rbp
+	mov	-24(%rax),%r12
+	mov	-32(%rax),%r13
+	mov	%rbx,144($context)	# restore context->Rbx
+	mov	%rbp,160($context)	# restore context->Rbp
+	mov	%r12,216($context)	# restore context->R12
+	mov	%r13,224($context)	# restore context->R13
+
+.Lin_prologue:
+	mov	8(%rax),%rdi
+	mov	16(%rax),%rsi
+	mov	%rax,152($context)	# restore context->Rsp
+	mov	%rsi,168($context)	# restore context->Rsi
+	mov	%rdi,176($context)	# restore context->Rdi
+
+	mov	40($disp),%rdi		# disp->ContextRecord
+	mov	$context,%rsi		# context
+	mov	\$154,%ecx		# sizeof(CONTEXT)
+	.long	0xa548f3fc		# cld; rep movsq
+
+	mov	$disp,%rsi
+	xor	%rcx,%rcx		# arg1, UNW_FLAG_NHANDLER
+	mov	8(%rsi),%rdx		# arg2, disp->ImageBase
+	mov	0(%rsi),%r8		# arg3, disp->ControlPc
+	mov	16(%rsi),%r9		# arg4, disp->FunctionEntry
+	mov	40(%rsi),%r10		# disp->ContextRecord
+	lea	56(%rsi),%r11		# &disp->HandlerData
+	lea	24(%rsi),%r12		# &disp->EstablisherFrame
+	mov	%r10,32(%rsp)		# arg5
+	mov	%r11,40(%rsp)		# arg6
+	mov	%r12,48(%rsp)		# arg7
+	mov	%rcx,56(%rsp)		# arg8, (NULL)
+	call	*__imp_RtlVirtualUnwind(%rip)
+
+	mov	\$1,%eax		# ExceptionContinueSearch
+	add	\$64,%rsp
+	popfq
+	pop	%r15
+	pop	%r14
+	pop	%r13
+	pop	%r12
+	pop	%rbp
+	pop	%rbx
+	pop	%rdi
+	pop	%rsi
+	ret
+.size	se_handler,.-se_handler
+
+.section	.pdata
+.align	4
+	.rva	.LSEH_begin_sha1_block_data_order
+	.rva	.LSEH_end_sha1_block_data_order
+	.rva	.LSEH_info_sha1_block_data_order
+
+.section	.xdata
+.align	8
+.LSEH_info_sha1_block_data_order:
+	.byte	9,0,0,0
+	.rva	se_handler
+___
+}
+
+####################################################################
+
+$code =~ s/\`([^\`]*)\`/eval $1/gem;
+print $code;
+close STDOUT;
diff --git a/crypto/sha/asm/sha256-586.pl b/crypto/sha/asm/sha256-586.pl
new file mode 100644
index 0000000000..ecc8b69c75
--- /dev/null
+++ b/crypto/sha/asm/sha256-586.pl
@@ -0,0 +1,251 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+#
+# SHA256 block transform for x86. September 2007.
+#
+# Performance in clock cycles per processed byte (less is better):
+#
+#		Pentium	PIII	P4	AMD K8	Core2
+# gcc		46	36	41	27	26
+# icc		57	33	38	25	23	
+# x86 asm	40	30	35	20	20
+# x86_64 asm(*)	-	-	21	15.8	16.5
+#
+# (*) x86_64 assembler performance is presented for reference
+#     purposes.
+#
+# Performance improvement over compiler generated code varies from
+# 10% to 40% [see above]. Not very impressive on some µ-archs, but
+# it's 5 times smaller and optimizies amount of writes.
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+push(@INC,"${dir}","${dir}../../perlasm");
+require "x86asm.pl";
+
+&asm_init($ARGV[0],"sha512-586.pl",$ARGV[$#ARGV] eq "386");
+
+$A="eax";
+$E="edx";
+$T="ebx";
+$Aoff=&DWP(0,"esp");
+$Boff=&DWP(4,"esp");
+$Coff=&DWP(8,"esp");
+$Doff=&DWP(12,"esp");
+$Eoff=&DWP(16,"esp");
+$Foff=&DWP(20,"esp");
+$Goff=&DWP(24,"esp");
+$Hoff=&DWP(28,"esp");
+$Xoff=&DWP(32,"esp");
+$K256="ebp";
+
+sub BODY_00_15() {
+    my $in_16_63=shift;
+
+	&mov	("ecx",$E);
+	 &add	($T,&DWP(4*(8+15+16-9),"esp"))	if ($in_16_63);	# T += X[-7]
+	&ror	("ecx",6);
+	&mov	("edi",$E);
+	&ror	("edi",11);
+	 &mov	("esi",$Foff);
+	&xor	("ecx","edi");
+	&ror	("edi",25-11);
+	 &mov	(&DWP(4*(8+15),"esp"),$T)	if ($in_16_63);	# save X[0]
+	&xor	("ecx","edi");	# Sigma1(e)
+	 &mov	("edi",$Goff);
+	&add	($T,"ecx");	# T += Sigma1(e)
+	 &mov	($Eoff,$E);	# modulo-scheduled
+
+	&xor	("esi","edi");
+	 &mov	("ecx",$A);
+	&and	("esi",$E);
+	 &mov	($E,$Doff);	# e becomes d, which is e in next iteration
+	&xor	("esi","edi");	# Ch(e,f,g)
+	 &mov	("edi",$A);
+	&add	($T,"esi");	# T += Ch(e,f,g)
+
+	&ror	("ecx",2);
+	 &add	($T,$Hoff);	# T += h
+	&ror	("edi",13);
+	 &mov	("esi",$Boff);
+	&xor	("ecx","edi");
+	&ror	("edi",22-13);
+	 &add	($E,$T);	# d += T
+	&xor	("ecx","edi");	# Sigma0(a)
+	 &mov	("edi",$Coff);
+
+	&add	($T,"ecx");	# T += Sigma0(a)
+	 &mov	($Aoff,$A);	# modulo-scheduled
+
+	&mov	("ecx",$A);
+	 &sub	("esp",4);
+	&or	($A,"esi");	# a becomes h, which is a in next iteration
+	&and	("ecx","esi");
+	&and	($A,"edi");
+	 &mov	("esi",&DWP(0,$K256));
+	&or	($A,"ecx");	# h=Maj(a,b,c)
+
+	&add	($K256,4);
+	&add	($A,$T);	# h += T
+	 &mov	($T,&DWP(4*(8+15+16-1),"esp"))	if ($in_16_63);	# preload T
+	&add	($E,"esi");	# d += K256[i]
+	&add	($A,"esi");	# h += K256[i]
+}
+
+&function_begin("sha256_block_data_order");
+	&mov	("esi",wparam(0));	# ctx
+	&mov	("edi",wparam(1));	# inp
+	&mov	("eax",wparam(2));	# num
+	&mov	("ebx","esp");		# saved sp
+
+	&call	(&label("pic_point"));	# make it PIC!
+&set_label("pic_point");
+	&blindpop($K256);
+	&lea	($K256,&DWP(&label("K256")."-".&label("pic_point"),$K256));
+
+	&sub	("esp",16);
+	&and	("esp",-64);
+
+	&shl	("eax",6);
+	&add	("eax","edi");
+	&mov	(&DWP(0,"esp"),"esi");	# ctx
+	&mov	(&DWP(4,"esp"),"edi");	# inp
+	&mov	(&DWP(8,"esp"),"eax");	# inp+num*128
+	&mov	(&DWP(12,"esp"),"ebx");	# saved sp
+
+&set_label("loop",16);
+    # copy input block to stack reversing byte and dword order
+    for($i=0;$i<4;$i++) {
+	&mov	("eax",&DWP($i*16+0,"edi"));
+	&mov	("ebx",&DWP($i*16+4,"edi"));
+	&mov	("ecx",&DWP($i*16+8,"edi"));
+	&mov	("edx",&DWP($i*16+12,"edi"));
+	&bswap	("eax");
+	&bswap	("ebx");
+	&bswap	("ecx");
+	&bswap	("edx");
+	&push	("eax");
+	&push	("ebx");
+	&push	("ecx");
+	&push	("edx");
+    }
+	&add	("edi",64);
+	&sub	("esp",4*8);		# place for A,B,C,D,E,F,G,H
+	&mov	(&DWP(4*(8+16)+4,"esp"),"edi");
+
+	# copy ctx->h[0-7] to A,B,C,D,E,F,G,H on stack
+	&mov	($A,&DWP(0,"esi"));
+	&mov	("ebx",&DWP(4,"esi"));
+	&mov	("ecx",&DWP(8,"esi"));
+	&mov	("edi",&DWP(12,"esi"));
+	# &mov	($Aoff,$A);
+	&mov	($Boff,"ebx");
+	&mov	($Coff,"ecx");
+	&mov	($Doff,"edi");
+	&mov	($E,&DWP(16,"esi"));	
+	&mov	("ebx",&DWP(20,"esi"));
+	&mov	("ecx",&DWP(24,"esi"));
+	&mov	("edi",&DWP(28,"esi"));
+	# &mov	($Eoff,$E);
+	&mov	($Foff,"ebx");
+	&mov	($Goff,"ecx");
+	&mov	($Hoff,"edi");
+
+&set_label("00_15",16);
+	&mov	($T,&DWP(4*(8+15),"esp"));
+
+	&BODY_00_15();
+
+	&cmp	("esi",0xc19bf174);
+	&jne	(&label("00_15"));
+
+	&mov	($T,&DWP(4*(8+15+16-1),"esp"));	# preloaded in BODY_00_15(1)
+&set_label("16_63",16);
+	&mov	("esi",$T);
+	 &mov	("ecx",&DWP(4*(8+15+16-14),"esp"));
+	&shr	($T,3);
+	&ror	("esi",7);
+	&xor	($T,"esi");
+	&ror	("esi",18-7);
+	 &mov	("edi","ecx");
+	&xor	($T,"esi");			# T = sigma0(X[-15])
+
+	&shr	("ecx",10);
+	 &mov	("esi",&DWP(4*(8+15+16),"esp"));
+	&ror	("edi",17);
+	&xor	("ecx","edi");
+	&ror	("edi",19-17);
+	 &add	($T,"esi");			# T += X[-16]
+	&xor	("edi","ecx")			# sigma1(X[-2])
+
+	&add	($T,"edi");			# T += sigma1(X[-2])
+	# &add	($T,&DWP(4*(8+15+16-9),"esp"));	# T += X[-7], moved to BODY_00_15(1)
+	# &mov	(&DWP(4*(8+15),"esp"),$T);	# save X[0]
+
+	&BODY_00_15(1);
+
+	&cmp	("esi",0xc67178f2);
+	&jne	(&label("16_63"));
+
+	&mov	("esi",&DWP(4*(8+16+64)+0,"esp"));#ctx
+	# &mov	($A,$Aoff);
+	&mov	("ebx",$Boff);
+	&mov	("ecx",$Coff);
+	&mov	("edi",$Doff);
+	&add	($A,&DWP(0,"esi"));
+	&add	("ebx",&DWP(4,"esi"));
+	&add	("ecx",&DWP(8,"esi"));
+	&add	("edi",&DWP(12,"esi"));
+	&mov	(&DWP(0,"esi"),$A);
+	&mov	(&DWP(4,"esi"),"ebx");
+	&mov	(&DWP(8,"esi"),"ecx");
+	&mov	(&DWP(12,"esi"),"edi");
+	# &mov	($E,$Eoff);
+	&mov	("eax",$Foff);
+	&mov	("ebx",$Goff);
+	&mov	("ecx",$Hoff);
+	&mov	("edi",&DWP(4*(8+16+64)+4,"esp"));#inp
+	&add	($E,&DWP(16,"esi"));
+	&add	("eax",&DWP(20,"esi"));
+	&add	("ebx",&DWP(24,"esi"));
+	&add	("ecx",&DWP(28,"esi"));
+	&mov	(&DWP(16,"esi"),$E);
+	&mov	(&DWP(20,"esi"),"eax");
+	&mov	(&DWP(24,"esi"),"ebx");
+	&mov	(&DWP(28,"esi"),"ecx");
+
+	&add	("esp",4*(8+16+64));		# destroy frame
+	&sub	($K256,4*64);			# rewind K
+
+	&cmp	("edi",&DWP(8,"esp"));		# are we done yet?
+	&jb	(&label("loop"));
+
+	&mov	("esp",&DWP(12,"esp"));		# restore sp
+&function_end_A();
+
+&set_label("K256",64);	# Yes! I keep it in the code segment!
+	&data_word(0x428a2f98,0x71374491,0xb5c0fbcf,0xe9b5dba5);
+	&data_word(0x3956c25b,0x59f111f1,0x923f82a4,0xab1c5ed5);
+	&data_word(0xd807aa98,0x12835b01,0x243185be,0x550c7dc3);
+	&data_word(0x72be5d74,0x80deb1fe,0x9bdc06a7,0xc19bf174);
+	&data_word(0xe49b69c1,0xefbe4786,0x0fc19dc6,0x240ca1cc);
+	&data_word(0x2de92c6f,0x4a7484aa,0x5cb0a9dc,0x76f988da);
+	&data_word(0x983e5152,0xa831c66d,0xb00327c8,0xbf597fc7);
+	&data_word(0xc6e00bf3,0xd5a79147,0x06ca6351,0x14292967);
+	&data_word(0x27b70a85,0x2e1b2138,0x4d2c6dfc,0x53380d13);
+	&data_word(0x650a7354,0x766a0abb,0x81c2c92e,0x92722c85);
+	&data_word(0xa2bfe8a1,0xa81a664b,0xc24b8b70,0xc76c51a3);
+	&data_word(0xd192e819,0xd6990624,0xf40e3585,0x106aa070);
+	&data_word(0x19a4c116,0x1e376c08,0x2748774c,0x34b0bcb5);
+	&data_word(0x391c0cb3,0x4ed8aa4a,0x5b9cca4f,0x682e6ff3);
+	&data_word(0x748f82ee,0x78a5636f,0x84c87814,0x8cc70208);
+	&data_word(0x90befffa,0xa4506ceb,0xbef9a3f7,0xc67178f2);
+&function_end_B("sha256_block_data_order");
+&asciz("SHA256 block transform for x86, CRYPTOGAMS by <appro\@openssl.org>");
+
+&asm_finish();
diff --git a/crypto/sha/asm/sha256-armv4.pl b/crypto/sha/asm/sha256-armv4.pl
new file mode 100644
index 0000000000..853ca31e48
--- /dev/null
+++ b/crypto/sha/asm/sha256-armv4.pl
@@ -0,0 +1,180 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# SHA256 block procedure for ARMv4. May 2007.
+
+# Performance is ~2x better than gcc 3.4 generated code and in "abso-
+# lute" terms is ~2250 cycles per 64-byte block or ~35 cycles per
+# byte.
+
+$output=shift;
+open STDOUT,">$output";
+
+$ctx="r0";	$t0="r0";
+$inp="r1";
+$len="r2";	$t1="r2";
+$T1="r3";
+$A="r4";
+$B="r5";
+$C="r6";
+$D="r7";
+$E="r8";
+$F="r9";
+$G="r10";
+$H="r11";
+@V=($A,$B,$C,$D,$E,$F,$G,$H);
+$t2="r12";
+$Ktbl="r14";
+
+@Sigma0=( 2,13,22);
+@Sigma1=( 6,11,25);
+@sigma0=( 7,18, 3);
+@sigma1=(17,19,10);
+
+sub BODY_00_15 {
+my ($i,$a,$b,$c,$d,$e,$f,$g,$h) = @_;
+
+$code.=<<___ if ($i<16);
+	ldrb	$T1,[$inp,#3]			@ $i
+	ldrb	$t2,[$inp,#2]
+	ldrb	$t1,[$inp,#1]
+	ldrb	$t0,[$inp],#4
+	orr	$T1,$T1,$t2,lsl#8
+	orr	$T1,$T1,$t1,lsl#16
+	orr	$T1,$T1,$t0,lsl#24
+	`"str	$inp,[sp,#17*4]"	if ($i==15)`
+___
+$code.=<<___;
+	ldr	$t2,[$Ktbl],#4			@ *K256++
+	str	$T1,[sp,#`$i%16`*4]
+	mov	$t0,$e,ror#$Sigma1[0]
+	eor	$t0,$t0,$e,ror#$Sigma1[1]
+	eor	$t0,$t0,$e,ror#$Sigma1[2]	@ Sigma1(e)
+	add	$T1,$T1,$t0
+	eor	$t1,$f,$g
+	and	$t1,$t1,$e
+	eor	$t1,$t1,$g			@ Ch(e,f,g)
+	add	$T1,$T1,$t1
+	add	$T1,$T1,$h
+	add	$T1,$T1,$t2
+	mov	$h,$a,ror#$Sigma0[0]
+	eor	$h,$h,$a,ror#$Sigma0[1]
+	eor	$h,$h,$a,ror#$Sigma0[2]		@ Sigma0(a)
+	orr	$t0,$a,$b
+	and	$t0,$t0,$c
+	and	$t1,$a,$b
+	orr	$t0,$t0,$t1			@ Maj(a,b,c)
+	add	$h,$h,$t0
+	add	$d,$d,$T1
+	add	$h,$h,$T1
+___
+}
+
+sub BODY_16_XX {
+my ($i,$a,$b,$c,$d,$e,$f,$g,$h) = @_;
+
+$code.=<<___;
+	ldr	$t1,[sp,#`($i+1)%16`*4]	@ $i
+	ldr	$t2,[sp,#`($i+14)%16`*4]
+	ldr	$T1,[sp,#`($i+0)%16`*4]
+	ldr	$inp,[sp,#`($i+9)%16`*4]
+	mov	$t0,$t1,ror#$sigma0[0]
+	eor	$t0,$t0,$t1,ror#$sigma0[1]
+	eor	$t0,$t0,$t1,lsr#$sigma0[2]	@ sigma0(X[i+1])
+	mov	$t1,$t2,ror#$sigma1[0]
+	eor	$t1,$t1,$t2,ror#$sigma1[1]
+	eor	$t1,$t1,$t2,lsr#$sigma1[2]	@ sigma1(X[i+14])
+	add	$T1,$T1,$t0
+	add	$T1,$T1,$t1
+	add	$T1,$T1,$inp
+___
+	&BODY_00_15(@_);
+}
+
+$code=<<___;
+.text
+.code	32
+
+.type	K256,%object
+.align	5
+K256:
+.word	0x428a2f98,0x71374491,0xb5c0fbcf,0xe9b5dba5
+.word	0x3956c25b,0x59f111f1,0x923f82a4,0xab1c5ed5
+.word	0xd807aa98,0x12835b01,0x243185be,0x550c7dc3
+.word	0x72be5d74,0x80deb1fe,0x9bdc06a7,0xc19bf174
+.word	0xe49b69c1,0xefbe4786,0x0fc19dc6,0x240ca1cc
+.word	0x2de92c6f,0x4a7484aa,0x5cb0a9dc,0x76f988da
+.word	0x983e5152,0xa831c66d,0xb00327c8,0xbf597fc7
+.word	0xc6e00bf3,0xd5a79147,0x06ca6351,0x14292967
+.word	0x27b70a85,0x2e1b2138,0x4d2c6dfc,0x53380d13
+.word	0x650a7354,0x766a0abb,0x81c2c92e,0x92722c85
+.word	0xa2bfe8a1,0xa81a664b,0xc24b8b70,0xc76c51a3
+.word	0xd192e819,0xd6990624,0xf40e3585,0x106aa070
+.word	0x19a4c116,0x1e376c08,0x2748774c,0x34b0bcb5
+.word	0x391c0cb3,0x4ed8aa4a,0x5b9cca4f,0x682e6ff3
+.word	0x748f82ee,0x78a5636f,0x84c87814,0x8cc70208
+.word	0x90befffa,0xa4506ceb,0xbef9a3f7,0xc67178f2
+.size	K256,.-K256
+
+.global	sha256_block_data_order
+.type	sha256_block_data_order,%function
+sha256_block_data_order:
+	sub	r3,pc,#8		@ sha256_block_data_order
+	add	$len,$inp,$len,lsl#6	@ len to point at the end of inp
+	stmdb	sp!,{$ctx,$inp,$len,r4-r12,lr}
+	ldmia	$ctx,{$A,$B,$C,$D,$E,$F,$G,$H}
+	sub	$Ktbl,r3,#256		@ K256
+	sub	sp,sp,#16*4		@ alloca(X[16])
+.Loop:
+___
+for($i=0;$i<16;$i++)	{ &BODY_00_15($i,@V); unshift(@V,pop(@V)); }
+$code.=".Lrounds_16_xx:\n";
+for (;$i<32;$i++)	{ &BODY_16_XX($i,@V); unshift(@V,pop(@V)); }
+$code.=<<___;
+	and	$t2,$t2,#0xff
+	cmp	$t2,#0xf2
+	bne	.Lrounds_16_xx
+
+	ldr	$T1,[sp,#16*4]		@ pull ctx
+	ldr	$t0,[$T1,#0]
+	ldr	$t1,[$T1,#4]
+	ldr	$t2,[$T1,#8]
+	add	$A,$A,$t0
+	ldr	$t0,[$T1,#12]
+	add	$B,$B,$t1
+	ldr	$t1,[$T1,#16]
+	add	$C,$C,$t2
+	ldr	$t2,[$T1,#20]
+	add	$D,$D,$t0
+	ldr	$t0,[$T1,#24]
+	add	$E,$E,$t1
+	ldr	$t1,[$T1,#28]
+	add	$F,$F,$t2
+	ldr	$inp,[sp,#17*4]		@ pull inp
+	ldr	$t2,[sp,#18*4]		@ pull inp+len
+	add	$G,$G,$t0
+	add	$H,$H,$t1
+	stmia	$T1,{$A,$B,$C,$D,$E,$F,$G,$H}
+	cmp	$inp,$t2
+	sub	$Ktbl,$Ktbl,#256	@ rewind Ktbl
+	bne	.Loop
+
+	add	sp,sp,#`16+3`*4	@ destroy frame
+	ldmia	sp!,{r4-r12,lr}
+	tst	lr,#1
+	moveq	pc,lr			@ be binary compatible with V4, yet
+	bx	lr			@ interoperable with Thumb ISA:-)
+.size   sha256_block_data_order,.-sha256_block_data_order
+.asciz  "SHA256 block transform for ARMv4, CRYPTOGAMS by <appro\@openssl.org>"
+___
+
+$code =~ s/\`([^\`]*)\`/eval $1/gem;
+$code =~ s/\bbx\s+lr\b/.word\t0xe12fff1e/gm;	# make it possible to compile with -march=armv4
+print $code;
+close STDOUT; # enforce flush
diff --git a/crypto/sha/asm/sha512-586.pl b/crypto/sha/asm/sha512-586.pl
new file mode 100644
index 0000000000..5b9f3337ad
--- /dev/null
+++ b/crypto/sha/asm/sha512-586.pl
@@ -0,0 +1,644 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+#
+# SHA512 block transform for x86. September 2007.
+#
+# Performance in clock cycles per processed byte (less is better):
+#
+#		Pentium	PIII	P4	AMD K8	Core2
+# gcc		100	75	116	54	66
+# icc		97	77	95	55	57
+# x86 asm	61	56	82	36	40
+# SSE2 asm	-	-	38	24	20
+# x86_64 asm(*)	-	-	30	10.0	10.5
+#
+# (*) x86_64 assembler performance is presented for reference
+#     purposes.
+#
+# IALU code-path is optimized for elder Pentiums. On vanilla Pentium
+# performance improvement over compiler generated code reaches ~60%,
+# while on PIII - ~35%. On newer µ-archs improvement varies from 15%
+# to 50%, but it's less important as they are expected to execute SSE2
+# code-path, which is commonly ~2-3x faster [than compiler generated
+# code]. SSE2 code-path is as fast as original sha512-sse2.pl, even
+# though it does not use 128-bit operations. The latter means that
+# SSE2-aware kernel is no longer required to execute the code. Another
+# difference is that new code optimizes amount of writes, but at the
+# cost of increased data cache "footprint" by 1/2KB.
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+push(@INC,"${dir}","${dir}../../perlasm");
+require "x86asm.pl";
+
+&asm_init($ARGV[0],"sha512-586.pl",$ARGV[$#ARGV] eq "386");
+
+$sse2=0;
+for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); }
+
+&external_label("OPENSSL_ia32cap_P") if ($sse2);
+
+$Tlo=&DWP(0,"esp");	$Thi=&DWP(4,"esp");
+$Alo=&DWP(8,"esp");	$Ahi=&DWP(8+4,"esp");
+$Blo=&DWP(16,"esp");	$Bhi=&DWP(16+4,"esp");
+$Clo=&DWP(24,"esp");	$Chi=&DWP(24+4,"esp");
+$Dlo=&DWP(32,"esp");	$Dhi=&DWP(32+4,"esp");
+$Elo=&DWP(40,"esp");	$Ehi=&DWP(40+4,"esp");
+$Flo=&DWP(48,"esp");	$Fhi=&DWP(48+4,"esp");
+$Glo=&DWP(56,"esp");	$Ghi=&DWP(56+4,"esp");
+$Hlo=&DWP(64,"esp");	$Hhi=&DWP(64+4,"esp");
+$K512="ebp";
+
+$Asse2=&QWP(0,"esp");
+$Bsse2=&QWP(8,"esp");
+$Csse2=&QWP(16,"esp");
+$Dsse2=&QWP(24,"esp");
+$Esse2=&QWP(32,"esp");
+$Fsse2=&QWP(40,"esp");
+$Gsse2=&QWP(48,"esp");
+$Hsse2=&QWP(56,"esp");
+
+$A="mm0";	# B-D and
+$E="mm4";	# F-H are commonly loaded to respectively mm1-mm3 and
+		# mm5-mm7, but it's done on on-demand basis...
+
+sub BODY_00_15_sse2 {
+    my $prefetch=shift;
+
+	&movq	("mm5",$Fsse2);			# load f
+	&movq	("mm6",$Gsse2);			# load g
+	&movq	("mm7",$Hsse2);			# load h
+
+	&movq	("mm1",$E);			# %mm1 is sliding right
+	&movq	("mm2",$E);			# %mm2 is sliding left
+	&psrlq	("mm1",14);
+	&movq	($Esse2,$E);			# modulo-scheduled save e
+	&psllq	("mm2",23);
+	&movq	("mm3","mm1");			# %mm3 is T1
+	&psrlq	("mm1",4);
+	&pxor	("mm3","mm2");
+	&psllq	("mm2",23);
+	&pxor	("mm3","mm1");
+	&psrlq	("mm1",23);
+	&pxor	("mm3","mm2");
+	&psllq	("mm2",4);
+	&pxor	("mm3","mm1");
+	&paddq	("mm7",QWP(0,$K512));		# h+=K512[i]
+	&pxor	("mm3","mm2");			# T1=Sigma1_512(e)
+
+	&pxor	("mm5","mm6");			# f^=g
+	&movq	("mm1",$Bsse2);			# load b
+	&pand	("mm5",$E);			# f&=e
+	&movq	("mm2",$Csse2);			# load c
+	&pxor	("mm5","mm6");			# f^=g
+	&movq	($E,$Dsse2);			# e = load d
+	&paddq	("mm3","mm5");			# T1+=Ch(e,f,g)
+	&movq	(&QWP(0,"esp"),$A);		# modulo-scheduled save a
+	&paddq	("mm3","mm7");			# T1+=h
+
+	&movq	("mm5",$A);			# %mm5 is sliding right
+	&movq	("mm6",$A);			# %mm6 is sliding left
+	&paddq	("mm3",&QWP(8*9,"esp"));	# T1+=X[0]
+	&psrlq	("mm5",28);
+	&paddq	($E,"mm3");			# e += T1
+	&psllq	("mm6",25);
+	&movq	("mm7","mm5");			# %mm7 is T2
+	&psrlq	("mm5",6);
+	&pxor	("mm7","mm6");
+	&psllq	("mm6",5);
+	&pxor	("mm7","mm5");
+	&psrlq	("mm5",5);
+	&pxor	("mm7","mm6");
+	&psllq	("mm6",6);
+	&pxor	("mm7","mm5");
+	&sub	("esp",8);
+	&pxor	("mm7","mm6");			# T2=Sigma0_512(a)
+
+	&movq	("mm5",$A);			# %mm5=a
+	&por	($A,"mm2");			# a=a|c
+	&movq	("mm6",&QWP(8*(9+16-14),"esp"))	if ($prefetch);
+	&pand	("mm5","mm2");			# %mm5=a&c
+	&pand	($A,"mm1");			# a=(a|c)&b
+	&movq	("mm2",&QWP(8*(9+16-1),"esp"))	if ($prefetch);
+	&por	("mm5",$A);			# %mm5=(a&c)|((a|c)&b)
+	&paddq	("mm7","mm5");			# T2+=Maj(a,b,c)
+	&movq	($A,"mm3");			# a=T1
+
+	&mov	(&LB("edx"),&BP(0,$K512));
+	&paddq	($A,"mm7");			# a+=T2
+	&add	($K512,8);
+}
+
+sub BODY_00_15_x86 {
+	#define Sigma1(x)	(ROTR((x),14) ^ ROTR((x),18)  ^ ROTR((x),41))
+	#	LO		lo>>14^hi<<18 ^ lo>>18^hi<<14 ^ hi>>9^lo<<23
+	#	HI		hi>>14^lo<<18 ^ hi>>18^lo<<14 ^ lo>>9^hi<<23
+	&mov	("ecx",$Elo);
+	&mov	("edx",$Ehi);
+	&mov	("esi","ecx");
+
+	&shr	("ecx",9)	# lo>>9
+	&mov	("edi","edx");
+	&shr	("edx",9)	# hi>>9
+	&mov	("ebx","ecx");
+	&shl	("esi",14);	# lo<<14
+	&mov	("eax","edx");
+	&shl	("edi",14);	# hi<<14
+	&xor	("ebx","esi");
+
+	&shr	("ecx",14-9);	# lo>>14
+	&xor	("eax","edi");
+	&shr	("edx",14-9);	# hi>>14
+	&xor	("eax","ecx");
+	&shl	("esi",18-14);	# lo<<18
+	&xor	("ebx","edx");
+	&shl	("edi",18-14);	# hi<<18
+	&xor	("ebx","esi");
+
+	&shr	("ecx",18-14);	# lo>>18
+	&xor	("eax","edi");
+	&shr	("edx",18-14);	# hi>>18
+	&xor	("eax","ecx");
+	&shl	("esi",23-18);	# lo<<23
+	&xor	("ebx","edx");
+	&shl	("edi",23-18);	# hi<<23
+	&xor	("eax","esi");
+	&xor	("ebx","edi");			# T1 = Sigma1(e)
+
+	&mov	("ecx",$Flo);
+	&mov	("edx",$Fhi);
+	&mov	("esi",$Glo);
+	&mov	("edi",$Ghi);
+	 &add	("eax",$Hlo);
+	 &adc	("ebx",$Hhi);			# T1 += h
+	&xor	("ecx","esi");
+	&xor	("edx","edi");
+	&and	("ecx",$Elo);
+	&and	("edx",$Ehi);
+	 &add	("eax",&DWP(8*(9+15)+0,"esp"));
+	 &adc	("ebx",&DWP(8*(9+15)+4,"esp"));	# T1 += X[0]
+	&xor	("ecx","esi");
+	&xor	("edx","edi");			# Ch(e,f,g) = (f^g)&e)^g
+
+	&mov	("esi",&DWP(0,$K512));
+	&mov	("edi",&DWP(4,$K512));		# K[i]
+	&add	("eax","ecx");
+	&adc	("ebx","edx");			# T1 += Ch(e,f,g)
+	&mov	("ecx",$Dlo);
+	&mov	("edx",$Dhi);
+	&add	("eax","esi");
+	&adc	("ebx","edi");			# T1 += K[i]
+	&mov	($Tlo,"eax");
+	&mov	($Thi,"ebx");			# put T1 away
+	&add	("eax","ecx");
+	&adc	("ebx","edx");			# d += T1
+
+	#define Sigma0(x)	(ROTR((x),28) ^ ROTR((x),34) ^ ROTR((x),39))
+	#	LO		lo>>28^hi<<4  ^ hi>>2^lo<<30 ^ hi>>7^lo<<25
+	#	HI		hi>>28^lo<<4  ^ lo>>2^hi<<30 ^ lo>>7^hi<<25
+	&mov	("ecx",$Alo);
+	&mov	("edx",$Ahi);
+	&mov	($Dlo,"eax");
+	&mov	($Dhi,"ebx");
+	&mov	("esi","ecx");
+
+	&shr	("ecx",2)	# lo>>2
+	&mov	("edi","edx");
+	&shr	("edx",2)	# hi>>2
+	&mov	("ebx","ecx");
+	&shl	("esi",4);	# lo<<4
+	&mov	("eax","edx");
+	&shl	("edi",4);	# hi<<4
+	&xor	("ebx","esi");
+
+	&shr	("ecx",7-2);	# lo>>7
+	&xor	("eax","edi");
+	&shr	("edx",7-2);	# hi>>7
+	&xor	("ebx","ecx");
+	&shl	("esi",25-4);	# lo<<25
+	&xor	("eax","edx");
+	&shl	("edi",25-4);	# hi<<25
+	&xor	("eax","esi");
+
+	&shr	("ecx",28-7);	# lo>>28
+	&xor	("ebx","edi");
+	&shr	("edx",28-7);	# hi>>28
+	&xor	("eax","ecx");
+	&shl	("esi",30-25);	# lo<<30
+	&xor	("ebx","edx");
+	&shl	("edi",30-25);	# hi<<30
+	&xor	("eax","esi");
+	&xor	("ebx","edi");			# Sigma0(a)
+
+	&mov	("ecx",$Alo);
+	&mov	("edx",$Ahi);
+	&mov	("esi",$Blo);
+	&mov	("edi",$Bhi);
+	&add	("eax",$Tlo);
+	&adc	("ebx",$Thi);			# T1 = Sigma0(a)+T1
+	&or	("ecx","esi");
+	&or	("edx","edi");
+	&and	("ecx",$Clo);
+	&and	("edx",$Chi);
+	&and	("esi",$Alo);
+	&and	("edi",$Ahi);
+	&or	("ecx","esi");
+	&or	("edx","edi");			# Maj(a,b,c) = ((a|b)&c)|(a&b)
+
+	&add	("eax","ecx");
+	&adc	("ebx","edx");			# T1 += Maj(a,b,c)
+	&mov	($Tlo,"eax");
+	&mov	($Thi,"ebx");
+
+	&mov	(&LB("edx"),&BP(0,$K512));	# pre-fetch LSB of *K
+	&sub	("esp",8);
+	&lea	($K512,&DWP(8,$K512));		# K++
+}
+
+
+&function_begin("sha512_block_data_order");
+	&mov	("esi",wparam(0));	# ctx
+	&mov	("edi",wparam(1));	# inp
+	&mov	("eax",wparam(2));	# num
+	&mov	("ebx","esp");		# saved sp
+
+	&call	(&label("pic_point"));	# make it PIC!
+&set_label("pic_point");
+	&blindpop($K512);
+	&lea	($K512,&DWP(&label("K512")."-".&label("pic_point"),$K512));
+
+	&sub	("esp",16);
+	&and	("esp",-64);
+
+	&shl	("eax",7);
+	&add	("eax","edi");
+	&mov	(&DWP(0,"esp"),"esi");	# ctx
+	&mov	(&DWP(4,"esp"),"edi");	# inp
+	&mov	(&DWP(8,"esp"),"eax");	# inp+num*128
+	&mov	(&DWP(12,"esp"),"ebx");	# saved sp
+
+if ($sse2) {
+	&picmeup("edx","OPENSSL_ia32cap_P",$K512,&label("K512"));
+	&bt	(&DWP(0,"edx"),26);
+	&jnc	(&label("loop_x86"));
+
+	# load ctx->h[0-7]
+	&movq	($A,&QWP(0,"esi"));
+	&movq	("mm1",&QWP(8,"esi"));
+	&movq	("mm2",&QWP(16,"esi"));
+	&movq	("mm3",&QWP(24,"esi"));
+	&movq	($E,&QWP(32,"esi"));
+	&movq	("mm5",&QWP(40,"esi"));
+	&movq	("mm6",&QWP(48,"esi"));
+	&movq	("mm7",&QWP(56,"esi"));
+	&sub	("esp",8*10);
+
+&set_label("loop_sse2",16);
+	# &movq	($Asse2,$A);
+	&movq	($Bsse2,"mm1");
+	&movq	($Csse2,"mm2");
+	&movq	($Dsse2,"mm3");
+	# &movq	($Esse2,$E);
+	&movq	($Fsse2,"mm5");
+	&movq	($Gsse2,"mm6");
+	&movq	($Hsse2,"mm7");
+
+	&mov	("ecx",&DWP(0,"edi"));
+	&mov	("edx",&DWP(4,"edi"));
+	&add	("edi",8);
+	&bswap	("ecx");
+	&bswap	("edx");
+	&mov	(&DWP(8*9+4,"esp"),"ecx");
+	&mov	(&DWP(8*9+0,"esp"),"edx");
+
+&set_label("00_14_sse2",16);
+	&mov	("eax",&DWP(0,"edi"));
+	&mov	("ebx",&DWP(4,"edi"));
+	&add	("edi",8);
+	&bswap	("eax");
+	&bswap	("ebx");
+	&mov	(&DWP(8*8+4,"esp"),"eax");
+	&mov	(&DWP(8*8+0,"esp"),"ebx");
+
+	&BODY_00_15_sse2();
+
+	&cmp	(&LB("edx"),0x35);
+	&jne	(&label("00_14_sse2"));
+
+	&BODY_00_15_sse2(1);
+
+&set_label("16_79_sse2",16);
+	#&movq	("mm2",&QWP(8*(9+16-1),"esp"));	#prefetched in BODY_00_15 
+	#&movq	("mm6",&QWP(8*(9+16-14),"esp"));
+	&movq	("mm1","mm2");
+
+	&psrlq	("mm2",1);
+	&movq	("mm7","mm6");
+	&psrlq	("mm6",6);
+	&movq	("mm3","mm2");
+
+	&psrlq	("mm2",7-1);
+	&movq	("mm5","mm6");
+	&psrlq	("mm6",19-6);
+	&pxor	("mm3","mm2");
+
+	&psrlq	("mm2",8-7);
+	&pxor	("mm5","mm6");
+	&psrlq	("mm6",61-19);
+	&pxor	("mm3","mm2");
+
+	&movq	("mm2",&QWP(8*(9+16),"esp"));
+
+	&psllq	("mm1",56);
+	&pxor	("mm5","mm6");
+	&psllq	("mm7",3);
+	&pxor	("mm3","mm1");
+
+	&paddq	("mm2",&QWP(8*(9+16-9),"esp"));
+
+	&psllq	("mm1",63-56);
+	&pxor	("mm5","mm7");
+	&psllq	("mm7",45-3);
+	&pxor	("mm3","mm1");
+	&pxor	("mm5","mm7");
+
+	&paddq	("mm3","mm5");
+	&paddq	("mm3","mm2");
+	&movq	(&QWP(8*9,"esp"),"mm3");
+
+	&BODY_00_15_sse2(1);
+
+	&cmp	(&LB("edx"),0x17);
+	&jne	(&label("16_79_sse2"));
+
+	# &movq	($A,$Asse2);
+	&movq	("mm1",$Bsse2);
+	&movq	("mm2",$Csse2);
+	&movq	("mm3",$Dsse2);
+	# &movq	($E,$Esse2);
+	&movq	("mm5",$Fsse2);
+	&movq	("mm6",$Gsse2);
+	&movq	("mm7",$Hsse2);
+
+	&paddq	($A,&QWP(0,"esi"));
+	&paddq	("mm1",&QWP(8,"esi"));
+	&paddq	("mm2",&QWP(16,"esi"));
+	&paddq	("mm3",&QWP(24,"esi"));
+	&paddq	($E,&QWP(32,"esi"));
+	&paddq	("mm5",&QWP(40,"esi"));
+	&paddq	("mm6",&QWP(48,"esi"));
+	&paddq	("mm7",&QWP(56,"esi"));
+
+	&movq	(&QWP(0,"esi"),$A);
+	&movq	(&QWP(8,"esi"),"mm1");
+	&movq	(&QWP(16,"esi"),"mm2");
+	&movq	(&QWP(24,"esi"),"mm3");
+	&movq	(&QWP(32,"esi"),$E);
+	&movq	(&QWP(40,"esi"),"mm5");
+	&movq	(&QWP(48,"esi"),"mm6");
+	&movq	(&QWP(56,"esi"),"mm7");
+
+	&add	("esp",8*80);			# destroy frame
+	&sub	($K512,8*80);			# rewind K
+
+	&cmp	("edi",&DWP(8*10+8,"esp"));	# are we done yet?
+	&jb	(&label("loop_sse2"));
+
+	&emms	();
+	&mov	("esp",&DWP(8*10+12,"esp"));	# restore sp
+&function_end_A();
+}
+&set_label("loop_x86",16);
+    # copy input block to stack reversing byte and qword order
+    for ($i=0;$i<8;$i++) {
+	&mov	("eax",&DWP($i*16+0,"edi"));
+	&mov	("ebx",&DWP($i*16+4,"edi"));
+	&mov	("ecx",&DWP($i*16+8,"edi"));
+	&mov	("edx",&DWP($i*16+12,"edi"));
+	&bswap	("eax");
+	&bswap	("ebx");
+	&bswap	("ecx");
+	&bswap	("edx");
+	&push	("eax");
+	&push	("ebx");
+	&push	("ecx");
+	&push	("edx");
+    }
+	&add	("edi",128);
+	&sub	("esp",9*8);		# place for T,A,B,C,D,E,F,G,H
+	&mov	(&DWP(8*(9+16)+4,"esp"),"edi");
+
+	# copy ctx->h[0-7] to A,B,C,D,E,F,G,H on stack
+	&lea	("edi",&DWP(8,"esp"));
+	&mov	("ecx",16);
+	&data_word(0xA5F3F689);		# rep movsd
+
+&set_label("00_15_x86",16);
+	&BODY_00_15_x86();
+
+	&cmp	(&LB("edx"),0x94);
+	&jne	(&label("00_15_x86"));
+
+&set_label("16_79_x86",16);
+	#define sigma0(x)	(ROTR((x),1)  ^ ROTR((x),8)  ^ ((x)>>7))
+	#	LO		lo>>1^hi<<31  ^ lo>>8^hi<<24 ^ lo>>7^hi<<25
+	#	HI		hi>>1^lo<<31  ^ hi>>8^lo<<24 ^ hi>>7
+	&mov	("ecx",&DWP(8*(9+15+16-1)+0,"esp"));
+	&mov	("edx",&DWP(8*(9+15+16-1)+4,"esp"));
+	&mov	("esi","ecx");
+
+	&shr	("ecx",1)	# lo>>1
+	&mov	("edi","edx");
+	&shr	("edx",1)	# hi>>1
+	&mov	("eax","ecx");
+	&shl	("esi",24);	# lo<<24
+	&mov	("ebx","edx");
+	&shl	("edi",24);	# hi<<24
+	&xor	("ebx","esi");
+
+	&shr	("ecx",7-1);	# lo>>7
+	&xor	("eax","edi");
+	&shr	("edx",7-1);	# hi>>7
+	&xor	("eax","ecx");
+	&shl	("esi",31-24);	# lo<<31
+	&xor	("ebx","edx");
+	&shl	("edi",25-24);	# hi<<25
+	&xor	("ebx","esi");
+
+	&shr	("ecx",8-7);	# lo>>8
+	&xor	("eax","edi");
+	&shr	("edx",8-7);	# hi>>8
+	&xor	("eax","ecx");
+	&shl	("edi",31-25);	# hi<<31
+	&xor	("ebx","edx");
+	&xor	("eax","edi");			# T1 = sigma0(X[-15])
+
+	&mov	(&DWP(0,"esp"),"eax");
+	&mov	(&DWP(4,"esp"),"ebx");		# put T1 away
+
+	#define sigma1(x)	(ROTR((x),19) ^ ROTR((x),61) ^ ((x)>>6))
+	#	LO		lo>>19^hi<<13 ^ hi>>29^lo<<3 ^ lo>>6^hi<<26
+	#	HI		hi>>19^lo<<13 ^ lo>>29^hi<<3 ^ hi>>6
+	&mov	("ecx",&DWP(8*(9+15+16-14)+0,"esp"));
+	&mov	("edx",&DWP(8*(9+15+16-14)+4,"esp"));
+	&mov	("esi","ecx");
+
+	&shr	("ecx",6)	# lo>>6
+	&mov	("edi","edx");
+	&shr	("edx",6)	# hi>>6
+	&mov	("eax","ecx");
+	&shl	("esi",3);	# lo<<3
+	&mov	("ebx","edx");
+	&shl	("edi",3);	# hi<<3
+	&xor	("eax","esi");
+
+	&shr	("ecx",19-6);	# lo>>19
+	&xor	("ebx","edi");
+	&shr	("edx",19-6);	# hi>>19
+	&xor	("eax","ecx");
+	&shl	("esi",13-3);	# lo<<13
+	&xor	("ebx","edx");
+	&shl	("edi",13-3);	# hi<<13
+	&xor	("ebx","esi");
+
+	&shr	("ecx",29-19);	# lo>>29
+	&xor	("eax","edi");
+	&shr	("edx",29-19);	# hi>>29
+	&xor	("ebx","ecx");
+	&shl	("edi",26-13);	# hi<<26
+	&xor	("eax","edx");
+	&xor	("eax","edi");			# sigma1(X[-2])
+
+	&mov	("ecx",&DWP(8*(9+15+16)+0,"esp"));
+	&mov	("edx",&DWP(8*(9+15+16)+4,"esp"));
+	&add	("eax",&DWP(0,"esp"));
+	&adc	("ebx",&DWP(4,"esp"));		# T1 = sigma1(X[-2])+T1
+	&mov	("esi",&DWP(8*(9+15+16-9)+0,"esp"));
+	&mov	("edi",&DWP(8*(9+15+16-9)+4,"esp"));
+	&add	("eax","ecx");
+	&adc	("ebx","edx");			# T1 += X[-16]
+	&add	("eax","esi");
+	&adc	("ebx","edi");			# T1 += X[-7]
+	&mov	(&DWP(8*(9+15)+0,"esp"),"eax");
+	&mov	(&DWP(8*(9+15)+4,"esp"),"ebx");	# save X[0]
+
+	&BODY_00_15_x86();
+
+	&cmp	(&LB("edx"),0x17);
+	&jne	(&label("16_79_x86"));
+
+	&mov	("esi",&DWP(8*(9+16+80)+0,"esp"));# ctx
+	&mov	("edi",&DWP(8*(9+16+80)+4,"esp"));# inp
+    for($i=0;$i<4;$i++) {
+	&mov	("eax",&DWP($i*16+0,"esi"));
+	&mov	("ebx",&DWP($i*16+4,"esi"));
+	&mov	("ecx",&DWP($i*16+8,"esi"));
+	&mov	("edx",&DWP($i*16+12,"esi"));
+	&add	("eax",&DWP(8+($i*16)+0,"esp"));
+	&adc	("ebx",&DWP(8+($i*16)+4,"esp"));
+	&mov	(&DWP($i*16+0,"esi"),"eax");
+	&mov	(&DWP($i*16+4,"esi"),"ebx");
+	&add	("ecx",&DWP(8+($i*16)+8,"esp"));
+	&adc	("edx",&DWP(8+($i*16)+12,"esp"));
+	&mov	(&DWP($i*16+8,"esi"),"ecx");
+	&mov	(&DWP($i*16+12,"esi"),"edx");
+    }
+	&add	("esp",8*(9+16+80));		# destroy frame
+	&sub	($K512,8*80);			# rewind K
+
+	&cmp	("edi",&DWP(8,"esp"));		# are we done yet?
+	&jb	(&label("loop_x86"));
+
+	&mov	("esp",&DWP(12,"esp"));		# restore sp
+&function_end_A();
+
+&set_label("K512",64);	# Yes! I keep it in the code segment!
+	&data_word(0xd728ae22,0x428a2f98);	# u64
+	&data_word(0x23ef65cd,0x71374491);	# u64
+	&data_word(0xec4d3b2f,0xb5c0fbcf);	# u64
+	&data_word(0x8189dbbc,0xe9b5dba5);	# u64
+	&data_word(0xf348b538,0x3956c25b);	# u64
+	&data_word(0xb605d019,0x59f111f1);	# u64
+	&data_word(0xaf194f9b,0x923f82a4);	# u64
+	&data_word(0xda6d8118,0xab1c5ed5);	# u64
+	&data_word(0xa3030242,0xd807aa98);	# u64
+	&data_word(0x45706fbe,0x12835b01);	# u64
+	&data_word(0x4ee4b28c,0x243185be);	# u64
+	&data_word(0xd5ffb4e2,0x550c7dc3);	# u64
+	&data_word(0xf27b896f,0x72be5d74);	# u64
+	&data_word(0x3b1696b1,0x80deb1fe);	# u64
+	&data_word(0x25c71235,0x9bdc06a7);	# u64
+	&data_word(0xcf692694,0xc19bf174);	# u64
+	&data_word(0x9ef14ad2,0xe49b69c1);	# u64
+	&data_word(0x384f25e3,0xefbe4786);	# u64
+	&data_word(0x8b8cd5b5,0x0fc19dc6);	# u64
+	&data_word(0x77ac9c65,0x240ca1cc);	# u64
+	&data_word(0x592b0275,0x2de92c6f);	# u64
+	&data_word(0x6ea6e483,0x4a7484aa);	# u64
+	&data_word(0xbd41fbd4,0x5cb0a9dc);	# u64
+	&data_word(0x831153b5,0x76f988da);	# u64
+	&data_word(0xee66dfab,0x983e5152);	# u64
+	&data_word(0x2db43210,0xa831c66d);	# u64
+	&data_word(0x98fb213f,0xb00327c8);	# u64
+	&data_word(0xbeef0ee4,0xbf597fc7);	# u64
+	&data_word(0x3da88fc2,0xc6e00bf3);	# u64
+	&data_word(0x930aa725,0xd5a79147);	# u64
+	&data_word(0xe003826f,0x06ca6351);	# u64
+	&data_word(0x0a0e6e70,0x14292967);	# u64
+	&data_word(0x46d22ffc,0x27b70a85);	# u64
+	&data_word(0x5c26c926,0x2e1b2138);	# u64
+	&data_word(0x5ac42aed,0x4d2c6dfc);	# u64
+	&data_word(0x9d95b3df,0x53380d13);	# u64
+	&data_word(0x8baf63de,0x650a7354);	# u64
+	&data_word(0x3c77b2a8,0x766a0abb);	# u64
+	&data_word(0x47edaee6,0x81c2c92e);	# u64
+	&data_word(0x1482353b,0x92722c85);	# u64
+	&data_word(0x4cf10364,0xa2bfe8a1);	# u64
+	&data_word(0xbc423001,0xa81a664b);	# u64
+	&data_word(0xd0f89791,0xc24b8b70);	# u64
+	&data_word(0x0654be30,0xc76c51a3);	# u64
+	&data_word(0xd6ef5218,0xd192e819);	# u64
+	&data_word(0x5565a910,0xd6990624);	# u64
+	&data_word(0x5771202a,0xf40e3585);	# u64
+	&data_word(0x32bbd1b8,0x106aa070);	# u64
+	&data_word(0xb8d2d0c8,0x19a4c116);	# u64
+	&data_word(0x5141ab53,0x1e376c08);	# u64
+	&data_word(0xdf8eeb99,0x2748774c);	# u64
+	&data_word(0xe19b48a8,0x34b0bcb5);	# u64
+	&data_word(0xc5c95a63,0x391c0cb3);	# u64
+	&data_word(0xe3418acb,0x4ed8aa4a);	# u64
+	&data_word(0x7763e373,0x5b9cca4f);	# u64
+	&data_word(0xd6b2b8a3,0x682e6ff3);	# u64
+	&data_word(0x5defb2fc,0x748f82ee);	# u64
+	&data_word(0x43172f60,0x78a5636f);	# u64
+	&data_word(0xa1f0ab72,0x84c87814);	# u64
+	&data_word(0x1a6439ec,0x8cc70208);	# u64
+	&data_word(0x23631e28,0x90befffa);	# u64
+	&data_word(0xde82bde9,0xa4506ceb);	# u64
+	&data_word(0xb2c67915,0xbef9a3f7);	# u64
+	&data_word(0xe372532b,0xc67178f2);	# u64
+	&data_word(0xea26619c,0xca273ece);	# u64
+	&data_word(0x21c0c207,0xd186b8c7);	# u64
+	&data_word(0xcde0eb1e,0xeada7dd6);	# u64
+	&data_word(0xee6ed178,0xf57d4f7f);	# u64
+	&data_word(0x72176fba,0x06f067aa);	# u64
+	&data_word(0xa2c898a6,0x0a637dc5);	# u64
+	&data_word(0xbef90dae,0x113f9804);	# u64
+	&data_word(0x131c471b,0x1b710b35);	# u64
+	&data_word(0x23047d84,0x28db77f5);	# u64
+	&data_word(0x40c72493,0x32caab7b);	# u64
+	&data_word(0x15c9bebc,0x3c9ebe0a);	# u64
+	&data_word(0x9c100d4c,0x431d67c4);	# u64
+	&data_word(0xcb3e42b6,0x4cc5d4be);	# u64
+	&data_word(0xfc657e2a,0x597f299c);	# u64
+	&data_word(0x3ad6faec,0x5fcb6fab);	# u64
+	&data_word(0x4a475817,0x6c44198c);	# u64
+&function_end_B("sha512_block_data_order");
+&asciz("SHA512 block transform for x86, CRYPTOGAMS by <appro\@openssl.org>");
+
+&asm_finish();
diff --git a/crypto/sha/asm/sha512-armv4.pl b/crypto/sha/asm/sha512-armv4.pl
new file mode 100644
index 0000000000..f27e9cd319
--- /dev/null
+++ b/crypto/sha/asm/sha512-armv4.pl
@@ -0,0 +1,398 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# SHA512 block procedure for ARMv4. September 2007.
+
+# This code is ~4.5 (four and a half) times faster than code generated
+# by gcc 3.4 and it spends ~72 clock cycles per byte. 
+
+# Byte order [in]dependence. =========================================
+#
+# Caller is expected to maintain specific *dword* order in h[0-7],
+# namely with most significant dword at *lower* address, which is
+# reflected in below two parameters. *Byte* order within these dwords
+# in turn is whatever *native* byte order on current platform.
+$hi=0;
+$lo=4;
+# ====================================================================
+
+$output=shift;
+open STDOUT,">$output";
+
+$ctx="r0";
+$inp="r1";
+$len="r2";
+$Tlo="r3";
+$Thi="r4";
+$Alo="r5";
+$Ahi="r6";
+$Elo="r7";
+$Ehi="r8";
+$t0="r9";
+$t1="r10";
+$t2="r11";
+$t3="r12";
+############	r13 is stack pointer
+$Ktbl="r14";
+############	r15 is program counter
+
+$Aoff=8*0;
+$Boff=8*1;
+$Coff=8*2;
+$Doff=8*3;
+$Eoff=8*4;
+$Foff=8*5;
+$Goff=8*6;
+$Hoff=8*7;
+$Xoff=8*8;
+
+sub BODY_00_15() {
+my $magic = shift;
+$code.=<<___;
+	ldr	$t2,[sp,#$Hoff+0]	@ h.lo
+	ldr	$t3,[sp,#$Hoff+4]	@ h.hi
+	@ Sigma1(x)	(ROTR((x),14) ^ ROTR((x),18)  ^ ROTR((x),41))
+	@ LO		lo>>14^hi<<18 ^ lo>>18^hi<<14 ^ hi>>9^lo<<23
+	@ HI		hi>>14^lo<<18 ^ hi>>18^lo<<14 ^ lo>>9^hi<<23
+	mov	$t0,$Elo,lsr#14
+	mov	$t1,$Ehi,lsr#14
+	eor	$t0,$t0,$Ehi,lsl#18
+	eor	$t1,$t1,$Elo,lsl#18
+	eor	$t0,$t0,$Elo,lsr#18
+	eor	$t1,$t1,$Ehi,lsr#18
+	eor	$t0,$t0,$Ehi,lsl#14
+	eor	$t1,$t1,$Elo,lsl#14
+	eor	$t0,$t0,$Ehi,lsr#9
+	eor	$t1,$t1,$Elo,lsr#9
+	eor	$t0,$t0,$Elo,lsl#23
+	eor	$t1,$t1,$Ehi,lsl#23	@ Sigma1(e)
+	adds	$Tlo,$Tlo,$t0
+	adc	$Thi,$Thi,$t1		@ T += Sigma1(e)
+	adds	$Tlo,$Tlo,$t2
+	adc	$Thi,$Thi,$t3		@ T += h
+
+	ldr	$t0,[sp,#$Foff+0]	@ f.lo
+	ldr	$t1,[sp,#$Foff+4]	@ f.hi
+	ldr	$t2,[sp,#$Goff+0]	@ g.lo
+	ldr	$t3,[sp,#$Goff+4]	@ g.hi
+	str	$Elo,[sp,#$Eoff+0]
+	str	$Ehi,[sp,#$Eoff+4]
+	str	$Alo,[sp,#$Aoff+0]
+	str	$Ahi,[sp,#$Aoff+4]
+
+	eor	$t0,$t0,$t2
+	eor	$t1,$t1,$t3
+	and	$t0,$t0,$Elo
+	and	$t1,$t1,$Ehi
+	eor	$t0,$t0,$t2
+	eor	$t1,$t1,$t3		@ Ch(e,f,g)
+
+	ldr	$t2,[$Ktbl,#4]		@ K[i].lo
+	ldr	$t3,[$Ktbl,#0]		@ K[i].hi
+	ldr	$Elo,[sp,#$Doff+0]	@ d.lo
+	ldr	$Ehi,[sp,#$Doff+4]	@ d.hi
+
+	adds	$Tlo,$Tlo,$t0
+	adc	$Thi,$Thi,$t1		@ T += Ch(e,f,g)
+	adds	$Tlo,$Tlo,$t2
+	adc	$Thi,$Thi,$t3		@ T += K[i]
+	adds	$Elo,$Elo,$Tlo
+	adc	$Ehi,$Ehi,$Thi		@ d += T
+
+	and	$t0,$t2,#0xff
+	teq	$t0,#$magic
+	orreq	$Ktbl,$Ktbl,#1
+
+	ldr	$t2,[sp,#$Boff+0]	@ b.lo
+	ldr	$t3,[sp,#$Coff+0]	@ c.lo
+	@ Sigma0(x)	(ROTR((x),28) ^ ROTR((x),34) ^ ROTR((x),39))
+	@ LO		lo>>28^hi<<4  ^ hi>>2^lo<<30 ^ hi>>7^lo<<25
+	@ HI		hi>>28^lo<<4  ^ lo>>2^hi<<30 ^ lo>>7^hi<<25
+	mov	$t0,$Alo,lsr#28
+	mov	$t1,$Ahi,lsr#28
+	eor	$t0,$t0,$Ahi,lsl#4
+	eor	$t1,$t1,$Alo,lsl#4
+	eor	$t0,$t0,$Ahi,lsr#2
+	eor	$t1,$t1,$Alo,lsr#2
+	eor	$t0,$t0,$Alo,lsl#30
+	eor	$t1,$t1,$Ahi,lsl#30
+	eor	$t0,$t0,$Ahi,lsr#7
+	eor	$t1,$t1,$Alo,lsr#7
+	eor	$t0,$t0,$Alo,lsl#25
+	eor	$t1,$t1,$Ahi,lsl#25	@ Sigma0(a)
+	adds	$Tlo,$Tlo,$t0
+	adc	$Thi,$Thi,$t1		@ T += Sigma0(a)
+
+	and	$t0,$Alo,$t2
+	orr	$Alo,$Alo,$t2
+	ldr	$t1,[sp,#$Boff+4]	@ b.hi
+	ldr	$t2,[sp,#$Coff+4]	@ c.hi
+	and	$Alo,$Alo,$t3
+	orr	$Alo,$Alo,$t0		@ Maj(a,b,c).lo
+	and	$t3,$Ahi,$t1
+	orr	$Ahi,$Ahi,$t1
+	and	$Ahi,$Ahi,$t2
+	orr	$Ahi,$Ahi,$t3		@ Maj(a,b,c).hi
+	adds	$Alo,$Alo,$Tlo
+	adc	$Ahi,$Ahi,$Thi		@ h += T
+
+	sub	sp,sp,#8
+	add	$Ktbl,$Ktbl,#8
+___
+}
+$code=<<___;
+.text
+.code	32
+.type	K512,%object
+.align	5
+K512:
+.word	0x428a2f98,0xd728ae22, 0x71374491,0x23ef65cd
+.word	0xb5c0fbcf,0xec4d3b2f, 0xe9b5dba5,0x8189dbbc
+.word	0x3956c25b,0xf348b538, 0x59f111f1,0xb605d019
+.word	0x923f82a4,0xaf194f9b, 0xab1c5ed5,0xda6d8118
+.word	0xd807aa98,0xa3030242, 0x12835b01,0x45706fbe
+.word	0x243185be,0x4ee4b28c, 0x550c7dc3,0xd5ffb4e2
+.word	0x72be5d74,0xf27b896f, 0x80deb1fe,0x3b1696b1
+.word	0x9bdc06a7,0x25c71235, 0xc19bf174,0xcf692694
+.word	0xe49b69c1,0x9ef14ad2, 0xefbe4786,0x384f25e3
+.word	0x0fc19dc6,0x8b8cd5b5, 0x240ca1cc,0x77ac9c65
+.word	0x2de92c6f,0x592b0275, 0x4a7484aa,0x6ea6e483
+.word	0x5cb0a9dc,0xbd41fbd4, 0x76f988da,0x831153b5
+.word	0x983e5152,0xee66dfab, 0xa831c66d,0x2db43210
+.word	0xb00327c8,0x98fb213f, 0xbf597fc7,0xbeef0ee4
+.word	0xc6e00bf3,0x3da88fc2, 0xd5a79147,0x930aa725
+.word	0x06ca6351,0xe003826f, 0x14292967,0x0a0e6e70
+.word	0x27b70a85,0x46d22ffc, 0x2e1b2138,0x5c26c926
+.word	0x4d2c6dfc,0x5ac42aed, 0x53380d13,0x9d95b3df
+.word	0x650a7354,0x8baf63de, 0x766a0abb,0x3c77b2a8
+.word	0x81c2c92e,0x47edaee6, 0x92722c85,0x1482353b
+.word	0xa2bfe8a1,0x4cf10364, 0xa81a664b,0xbc423001
+.word	0xc24b8b70,0xd0f89791, 0xc76c51a3,0x0654be30
+.word	0xd192e819,0xd6ef5218, 0xd6990624,0x5565a910
+.word	0xf40e3585,0x5771202a, 0x106aa070,0x32bbd1b8
+.word	0x19a4c116,0xb8d2d0c8, 0x1e376c08,0x5141ab53
+.word	0x2748774c,0xdf8eeb99, 0x34b0bcb5,0xe19b48a8
+.word	0x391c0cb3,0xc5c95a63, 0x4ed8aa4a,0xe3418acb
+.word	0x5b9cca4f,0x7763e373, 0x682e6ff3,0xd6b2b8a3
+.word	0x748f82ee,0x5defb2fc, 0x78a5636f,0x43172f60
+.word	0x84c87814,0xa1f0ab72, 0x8cc70208,0x1a6439ec
+.word	0x90befffa,0x23631e28, 0xa4506ceb,0xde82bde9
+.word	0xbef9a3f7,0xb2c67915, 0xc67178f2,0xe372532b
+.word	0xca273ece,0xea26619c, 0xd186b8c7,0x21c0c207
+.word	0xeada7dd6,0xcde0eb1e, 0xf57d4f7f,0xee6ed178
+.word	0x06f067aa,0x72176fba, 0x0a637dc5,0xa2c898a6
+.word	0x113f9804,0xbef90dae, 0x1b710b35,0x131c471b
+.word	0x28db77f5,0x23047d84, 0x32caab7b,0x40c72493
+.word	0x3c9ebe0a,0x15c9bebc, 0x431d67c4,0x9c100d4c
+.word	0x4cc5d4be,0xcb3e42b6, 0x597f299c,0xfc657e2a
+.word	0x5fcb6fab,0x3ad6faec, 0x6c44198c,0x4a475817
+.size	K512,.-K512
+
+.global	sha512_block_data_order
+.type	sha512_block_data_order,%function
+sha512_block_data_order:
+	sub	r3,pc,#8		@ sha512_block_data_order
+	add	$len,$inp,$len,lsl#7	@ len to point at the end of inp
+	stmdb	sp!,{r4-r12,lr}
+	sub	$Ktbl,r3,#640		@ K512
+	sub	sp,sp,#9*8
+
+	ldr	$Elo,[$ctx,#$Eoff+$lo]
+	ldr	$Ehi,[$ctx,#$Eoff+$hi]
+	ldr	$t0, [$ctx,#$Goff+$lo]
+	ldr	$t1, [$ctx,#$Goff+$hi]
+	ldr	$t2, [$ctx,#$Hoff+$lo]
+	ldr	$t3, [$ctx,#$Hoff+$hi]
+.Loop:
+	str	$t0, [sp,#$Goff+0]
+	str	$t1, [sp,#$Goff+4]
+	str	$t2, [sp,#$Hoff+0]
+	str	$t3, [sp,#$Hoff+4]
+	ldr	$Alo,[$ctx,#$Aoff+$lo]
+	ldr	$Ahi,[$ctx,#$Aoff+$hi]
+	ldr	$Tlo,[$ctx,#$Boff+$lo]
+	ldr	$Thi,[$ctx,#$Boff+$hi]
+	ldr	$t0, [$ctx,#$Coff+$lo]
+	ldr	$t1, [$ctx,#$Coff+$hi]
+	ldr	$t2, [$ctx,#$Doff+$lo]
+	ldr	$t3, [$ctx,#$Doff+$hi]
+	str	$Tlo,[sp,#$Boff+0]
+	str	$Thi,[sp,#$Boff+4]
+	str	$t0, [sp,#$Coff+0]
+	str	$t1, [sp,#$Coff+4]
+	str	$t2, [sp,#$Doff+0]
+	str	$t3, [sp,#$Doff+4]
+	ldr	$Tlo,[$ctx,#$Foff+$lo]
+	ldr	$Thi,[$ctx,#$Foff+$hi]
+	str	$Tlo,[sp,#$Foff+0]
+	str	$Thi,[sp,#$Foff+4]
+
+.L00_15:
+	ldrb	$Tlo,[$inp,#7]
+	ldrb	$t0, [$inp,#6]
+	ldrb	$t1, [$inp,#5]
+	ldrb	$t2, [$inp,#4]
+	ldrb	$Thi,[$inp,#3]
+	ldrb	$t3, [$inp,#2]
+	orr	$Tlo,$Tlo,$t0,lsl#8
+	ldrb	$t0, [$inp,#1]
+	orr	$Tlo,$Tlo,$t1,lsl#16
+	ldrb	$t1, [$inp],#8
+	orr	$Tlo,$Tlo,$t2,lsl#24
+	orr	$Thi,$Thi,$t3,lsl#8
+	orr	$Thi,$Thi,$t0,lsl#16
+	orr	$Thi,$Thi,$t1,lsl#24
+	str	$Tlo,[sp,#$Xoff+0]
+	str	$Thi,[sp,#$Xoff+4]
+___
+	&BODY_00_15(0x94);
+$code.=<<___;
+	tst	$Ktbl,#1
+	beq	.L00_15
+	bic	$Ktbl,$Ktbl,#1
+
+.L16_79:
+	ldr	$t0,[sp,#`$Xoff+8*(16-1)`+0]
+	ldr	$t1,[sp,#`$Xoff+8*(16-1)`+4]
+	ldr	$t2,[sp,#`$Xoff+8*(16-14)`+0]
+	ldr	$t3,[sp,#`$Xoff+8*(16-14)`+4]
+
+	@ sigma0(x)	(ROTR((x),1)  ^ ROTR((x),8)  ^ ((x)>>7))
+	@ LO		lo>>1^hi<<31  ^ lo>>8^hi<<24 ^ lo>>7^hi<<25
+	@ HI		hi>>1^lo<<31  ^ hi>>8^lo<<24 ^ hi>>7
+	mov	$Tlo,$t0,lsr#1
+	mov	$Thi,$t1,lsr#1
+	eor	$Tlo,$Tlo,$t1,lsl#31
+	eor	$Thi,$Thi,$t0,lsl#31
+	eor	$Tlo,$Tlo,$t0,lsr#8
+	eor	$Thi,$Thi,$t1,lsr#8
+	eor	$Tlo,$Tlo,$t1,lsl#24
+	eor	$Thi,$Thi,$t0,lsl#24
+	eor	$Tlo,$Tlo,$t0,lsr#7
+	eor	$Thi,$Thi,$t1,lsr#7
+	eor	$Tlo,$Tlo,$t1,lsl#25
+
+	@ sigma1(x)	(ROTR((x),19) ^ ROTR((x),61) ^ ((x)>>6))
+	@ LO		lo>>19^hi<<13 ^ hi>>29^lo<<3 ^ lo>>6^hi<<26
+	@ HI		hi>>19^lo<<13 ^ lo>>29^hi<<3 ^ hi>>6
+	mov	$t0,$t2,lsr#19
+	mov	$t1,$t3,lsr#19
+	eor	$t0,$t0,$t3,lsl#13
+	eor	$t1,$t1,$t2,lsl#13
+	eor	$t0,$t0,$t3,lsr#29
+	eor	$t1,$t1,$t2,lsr#29
+	eor	$t0,$t0,$t2,lsl#3
+	eor	$t1,$t1,$t3,lsl#3
+	eor	$t0,$t0,$t2,lsr#6
+	eor	$t1,$t1,$t3,lsr#6
+	eor	$t0,$t0,$t3,lsl#26
+
+	ldr	$t2,[sp,#`$Xoff+8*(16-9)`+0]
+	ldr	$t3,[sp,#`$Xoff+8*(16-9)`+4]
+	adds	$Tlo,$Tlo,$t0
+	adc	$Thi,$Thi,$t1
+
+	ldr	$t0,[sp,#`$Xoff+8*16`+0]
+	ldr	$t1,[sp,#`$Xoff+8*16`+4]
+	adds	$Tlo,$Tlo,$t2
+	adc	$Thi,$Thi,$t3
+	adds	$Tlo,$Tlo,$t0
+	adc	$Thi,$Thi,$t1
+	str	$Tlo,[sp,#$Xoff+0]
+	str	$Thi,[sp,#$Xoff+4]
+___
+	&BODY_00_15(0x17);
+$code.=<<___;
+	tst	$Ktbl,#1
+	beq	.L16_79
+	bic	$Ktbl,$Ktbl,#1
+
+	ldr	$Tlo,[sp,#$Boff+0]
+	ldr	$Thi,[sp,#$Boff+4]
+	ldr	$t0, [$ctx,#$Aoff+$lo]
+	ldr	$t1, [$ctx,#$Aoff+$hi]
+	ldr	$t2, [$ctx,#$Boff+$lo]
+	ldr	$t3, [$ctx,#$Boff+$hi]
+	adds	$t0,$Alo,$t0
+	adc	$t1,$Ahi,$t1
+	adds	$t2,$Tlo,$t2
+	adc	$t3,$Thi,$t3
+	str	$t0, [$ctx,#$Aoff+$lo]
+	str	$t1, [$ctx,#$Aoff+$hi]
+	str	$t2, [$ctx,#$Boff+$lo]
+	str	$t3, [$ctx,#$Boff+$hi]
+
+	ldr	$Alo,[sp,#$Coff+0]
+	ldr	$Ahi,[sp,#$Coff+4]
+	ldr	$Tlo,[sp,#$Doff+0]
+	ldr	$Thi,[sp,#$Doff+4]
+	ldr	$t0, [$ctx,#$Coff+$lo]
+	ldr	$t1, [$ctx,#$Coff+$hi]
+	ldr	$t2, [$ctx,#$Doff+$lo]
+	ldr	$t3, [$ctx,#$Doff+$hi]
+	adds	$t0,$Alo,$t0
+	adc	$t1,$Ahi,$t1
+	adds	$t2,$Tlo,$t2
+	adc	$t3,$Thi,$t3
+	str	$t0, [$ctx,#$Coff+$lo]
+	str	$t1, [$ctx,#$Coff+$hi]
+	str	$t2, [$ctx,#$Doff+$lo]
+	str	$t3, [$ctx,#$Doff+$hi]
+
+	ldr	$Tlo,[sp,#$Foff+0]
+	ldr	$Thi,[sp,#$Foff+4]
+	ldr	$t0, [$ctx,#$Eoff+$lo]
+	ldr	$t1, [$ctx,#$Eoff+$hi]
+	ldr	$t2, [$ctx,#$Foff+$lo]
+	ldr	$t3, [$ctx,#$Foff+$hi]
+	adds	$Elo,$Elo,$t0
+	adc	$Ehi,$Ehi,$t1
+	adds	$t2,$Tlo,$t2
+	adc	$t3,$Thi,$t3
+	str	$Elo,[$ctx,#$Eoff+$lo]
+	str	$Ehi,[$ctx,#$Eoff+$hi]
+	str	$t2, [$ctx,#$Foff+$lo]
+	str	$t3, [$ctx,#$Foff+$hi]
+
+	ldr	$Alo,[sp,#$Goff+0]
+	ldr	$Ahi,[sp,#$Goff+4]
+	ldr	$Tlo,[sp,#$Hoff+0]
+	ldr	$Thi,[sp,#$Hoff+4]
+	ldr	$t0, [$ctx,#$Goff+$lo]
+	ldr	$t1, [$ctx,#$Goff+$hi]
+	ldr	$t2, [$ctx,#$Hoff+$lo]
+	ldr	$t3, [$ctx,#$Hoff+$hi]
+	adds	$t0,$Alo,$t0
+	adc	$t1,$Ahi,$t1
+	adds	$t2,$Tlo,$t2
+	adc	$t3,$Thi,$t3
+	str	$t0, [$ctx,#$Goff+$lo]
+	str	$t1, [$ctx,#$Goff+$hi]
+	str	$t2, [$ctx,#$Hoff+$lo]
+	str	$t3, [$ctx,#$Hoff+$hi]
+
+	add	sp,sp,#640
+	sub	$Ktbl,$Ktbl,#640
+
+	teq	$inp,$len
+	bne	.Loop
+
+	add	sp,sp,#8*9		@ destroy frame
+	ldmia	sp!,{r4-r12,lr}
+	tst	lr,#1
+	moveq	pc,lr			@ be binary compatible with V4, yet
+	bx	lr			@ interoperable with Thumb ISA:-)
+.size   sha512_block_data_order,.-sha512_block_data_order
+.asciz  "SHA512 block transform for ARMv4, CRYPTOGAMS by <appro\@openssl.org>"
+___
+
+$code =~ s/\`([^\`]*)\`/eval $1/gem;
+$code =~ s/\bbx\s+lr\b/.word\t0xe12fff1e/gm;	# make it possible to compile with -march=armv4
+print $code;
+close STDOUT; # enforce flush
diff --git a/crypto/sha/asm/sha512-ia64.pl b/crypto/sha/asm/sha512-ia64.pl
index 0aea02399a..1c6ce56522 100755
--- a/crypto/sha/asm/sha512-ia64.pl
+++ b/crypto/sha/asm/sha512-ia64.pl
@@ -2,8 +2,9 @@
 #
 # ====================================================================
 # Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
-# project. Rights for redistribution and usage in source and binary
-# forms are granted according to the OpenSSL license.
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
 # ====================================================================
 #
 # SHA256/512_Transform for Itanium.
@@ -71,7 +72,7 @@ if ($output =~ /512.*\.[s|asm]/) {
 	$ADD="add";
 	$SHRU="shr.u";
 	$TABLE="K512";
-	$func="sha512_block";
+	$func="sha512_block_data_order";
 	@Sigma0=(28,34,39);
 	@Sigma1=(14,18,41);
 	@sigma0=(1,  8, 7);
@@ -85,7 +86,7 @@ if ($output =~ /512.*\.[s|asm]/) {
 	$ADD="padd4";
 	$SHRU="pshr4.u";
 	$TABLE="K256";
-	$func="sha256_block";
+	$func="sha256_block_data_order";
 	@Sigma0=( 2,13,22);
 	@Sigma1=( 6,11,25);
 	@sigma0=( 7,18, 3);
@@ -105,11 +106,13 @@ if (!defined($big_endian))
              {	$big_endian=(unpack('L',pack('N',1))==1);  }
 
 $code=<<___;
-.ident  \"$output, version 1.0\"
+.ident  \"$output, version 1.1\"
 .ident  \"IA-64 ISA artwork by Andy Polyakov <appro\@fy.chalmers.se>\"
 .explicit
 .text
 
+pfssave=r2;
+lcsave=r3;
 prsave=r14;
 K=r15;
 A=r16;	B=r17;	C=r18;	D=r19;
@@ -121,6 +124,8 @@ ctx=r31;	// 1st arg
 input=r48;	// 2nd arg
 num=r49;	// 3rd arg
 sgm0=r50;	sgm1=r51;	// small constants
+A_=r54;	B_=r55;	C_=r56;	D_=r57;
+E_=r58;	F_=r59;	G_=r60;	H_=r61;
 
 // void $func (SHA_CTX *ctx, const void *in,size_t num[,int host])
 .global	$func#
@@ -128,82 +133,319 @@ sgm0=r50;	sgm1=r51;	// small constants
 .align	32
 $func:
 	.prologue
-	.fframe	0
-	.save	ar.pfs,r2
-	.save	ar.lc,r3
-	.save	pr,prsave
-{ .mmi;	alloc	r2=ar.pfs,3,17,0,16
+	.save	ar.pfs,pfssave
+{ .mmi;	alloc	pfssave=ar.pfs,3,27,0,16
 	$ADDP	ctx=0,r32		// 1st arg
-	mov	r3=ar.lc	}
+	.save	ar.lc,lcsave
+	mov	lcsave=ar.lc	}
 { .mmi;	$ADDP	input=0,r33		// 2nd arg
-	addl	Ktbl=\@ltoff($TABLE#),gp
+	mov	num=r34			// 3rd arg
+	.save	pr,prsave
 	mov	prsave=pr	};;
 
 	.body
-{ .mii;	ld8	Ktbl=[Ktbl]
-	mov	num=r34		};;	// 3rd arg
-
 { .mib;	add	r8=0*$SZ,ctx
 	add	r9=1*$SZ,ctx
-	brp.loop.imp	.L_first16,.L_first16_ctop
-				}
+	brp.loop.imp	.L_first16,.L_first16_end-16	}
 { .mib;	add	r10=2*$SZ,ctx
 	add	r11=3*$SZ,ctx
-	brp.loop.imp	.L_rest,.L_rest_ctop
-				};;
-// load A-H
-{ .mmi;	$LDW	A=[r8],4*$SZ
-	$LDW	B=[r9],4*$SZ
-	mov	sgm0=$sigma0[2]	}
-{ .mmi;	$LDW	C=[r10],4*$SZ
-	$LDW	D=[r11],4*$SZ
-	mov	sgm1=$sigma1[2]	};;
-{ .mmi;	$LDW	E=[r8]
-	$LDW	F=[r9]		}
-{ .mmi;	$LDW	G=[r10]
-	$LDW	H=[r11]
-	cmp.ne	p15,p14=0,r35	};;	// used in sha256_block
+	brp.loop.imp	.L_rest,.L_rest_end-16		};;
 
+// load A-H
+.Lpic_point:
+{ .mmi;	$LDW	A_=[r8],4*$SZ
+	$LDW	B_=[r9],4*$SZ
+	mov	Ktbl=ip		}
+{ .mmi;	$LDW	C_=[r10],4*$SZ
+	$LDW	D_=[r11],4*$SZ
+	mov	sgm0=$sigma0[2]	};;
+{ .mmi;	$LDW	E_=[r8]
+	$LDW	F_=[r9]
+	add	Ktbl=($TABLE#-.Lpic_point),Ktbl		}
+{ .mmi;	$LDW	G_=[r10]
+	$LDW	H_=[r11]
+	cmp.ne	p0,p16=0,r0	};;	// used in sha256_block
+___
+$code.=<<___ if ($BITS==64);
+{ .mii;	and	r8=7,input
+	and	input=~7,input;;
+	cmp.eq	p9,p0=1,r8	}
+{ .mmi;	cmp.eq	p10,p0=2,r8
+	cmp.eq	p11,p0=3,r8
+	cmp.eq	p12,p0=4,r8	}
+{ .mmi;	cmp.eq	p13,p0=5,r8
+	cmp.eq	p14,p0=6,r8
+	cmp.eq	p15,p0=7,r8	};;
+___
+$code.=<<___;
 .L_outer:
-{ .mii;	mov	ar.lc=15
-	mov	ar.ec=1		};;
-.align	32
-.L_first16:
 .rotr	X[16]
+{ .mmi;	mov	A=A_
+	mov	B=B_
+	mov	ar.lc=14	}
+{ .mmi;	mov	C=C_
+	mov	D=D_
+	mov	E=E_		}
+{ .mmi;	mov	F=F_
+	mov	G=G_
+	mov	ar.ec=2		}
+{ .mmi;	ld1	X[15]=[input],$SZ		// eliminated in 64-bit
+	mov	H=H_
+	mov	sgm1=$sigma1[2]	};;
+
 ___
 $t0="t0", $t1="t1", $code.=<<___ if ($BITS==32);
-{ .mib;	(p14)	add	r9=1,input
-	(p14)	add	r10=2,input	}
-{ .mib;	(p14)	add	r11=3,input
-	(p15)	br.dptk.few	.L_host	};;
-{ .mmi;	(p14)	ld1	r8=[input],$SZ
-	(p14)	ld1	r9=[r9]		}
-{ .mmi;	(p14)	ld1	r10=[r10]
-	(p14)	ld1	r11=[r11]	};;
-{ .mii;	(p14)	dep	r9=r8,r9,8,8
-	(p14)	dep	r11=r10,r11,8,8	};;
-{ .mib;	(p14)	dep	X[15]=r9,r11,16,16 };;
-.L_host:
-{ .mib;	(p15)	$LDW	X[15]=[input],$SZ	// X[i]=*input++
+.align	32
+.L_first16:
+{ .mmi;		add	r9=1-$SZ,input
+		add	r10=2-$SZ,input
+		add	r11=3-$SZ,input	};;
+{ .mmi;		ld1	r9=[r9]
+		ld1	r10=[r10]
 		dep.z	$t1=E,32,32	}
-{ .mib;		$LDW	K=[Ktbl],$SZ
+{ .mmi;		$LDW	K=[Ktbl],$SZ
+		ld1	r11=[r11]
 		zxt4	E=E		};;
-{ .mmi;		or	$t1=$t1,E
-		and	T1=F,E
-		and	T2=A,B		}
+{ .mii;		or	$t1=$t1,E
+		dep	X[15]=X[15],r9,8,8
+		dep	r11=r10,r11,8,8	};;
+{ .mmi;		and	T1=F,E
+		and	T2=A,B
+		dep	X[15]=X[15],r11,16,16	}
 { .mmi;		andcm	r8=G,E
 		and	r9=A,C
 		mux2	$t0=A,0x44	};;	// copy lower half to upper
-{ .mib;		xor	T1=T1,r8		// T1=((e & f) ^ (~e & g))
+{ .mmi;	(p16)	ld1	X[15-1]=[input],$SZ	// prefetch
+		xor	T1=T1,r8		// T1=((e & f) ^ (~e & g))
 		_rotr	r11=$t1,$Sigma1[0] }	// ROTR(e,14)
 { .mib;		and	r10=B,C
 		xor	T2=T2,r9	};;
 ___
 $t0="A", $t1="E", $code.=<<___ if ($BITS==64);
-{ .mmi;		$LDW	X[15]=[input],$SZ	// X[i]=*input++
+// in 64-bit mode I load whole X[16] at once and take care of alignment...
+{ .mmi;	add	r8=1*$SZ,input
+	add	r9=2*$SZ,input
+	add	r10=3*$SZ,input		};;
+{ .mmb;	$LDW	X[15]=[input],4*$SZ
+	$LDW	X[14]=[r8],4*$SZ
+(p9)	br.cond.dpnt.many	.L1byte	};;
+{ .mmb;	$LDW	X[13]=[r9],4*$SZ
+	$LDW	X[12]=[r10],4*$SZ
+(p10)	br.cond.dpnt.many	.L2byte	};;
+{ .mmb;	$LDW	X[11]=[input],4*$SZ
+	$LDW	X[10]=[r8],4*$SZ
+(p11)	br.cond.dpnt.many	.L3byte	};;
+{ .mmb;	$LDW	X[ 9]=[r9],4*$SZ
+	$LDW	X[ 8]=[r10],4*$SZ
+(p12)	br.cond.dpnt.many	.L4byte	};;
+{ .mmb;	$LDW	X[ 7]=[input],4*$SZ
+	$LDW	X[ 6]=[r8],4*$SZ
+(p13)	br.cond.dpnt.many	.L5byte	};;
+{ .mmb;	$LDW	X[ 5]=[r9],4*$SZ
+	$LDW	X[ 4]=[r10],4*$SZ
+(p14)	br.cond.dpnt.many	.L6byte	};;
+{ .mmb;	$LDW	X[ 3]=[input],4*$SZ
+	$LDW	X[ 2]=[r8],4*$SZ
+(p15)	br.cond.dpnt.many	.L7byte	};;
+{ .mmb;	$LDW	X[ 1]=[r9],4*$SZ
+	$LDW	X[ 0]=[r10],4*$SZ
+	br.many	.L_first16		};;
+.L1byte:
+{ .mmi;	$LDW	X[13]=[r9],4*$SZ
+	$LDW	X[12]=[r10],4*$SZ
+	shrp	X[15]=X[15],X[14],56	};;
+{ .mmi;	$LDW	X[11]=[input],4*$SZ
+	$LDW	X[10]=[r8],4*$SZ
+	shrp	X[14]=X[14],X[13],56	}
+{ .mmi;	$LDW	X[ 9]=[r9],4*$SZ
+	$LDW	X[ 8]=[r10],4*$SZ
+	shrp	X[13]=X[13],X[12],56	};;
+{ .mmi;	$LDW	X[ 7]=[input],4*$SZ
+	$LDW	X[ 6]=[r8],4*$SZ
+	shrp	X[12]=X[12],X[11],56	}
+{ .mmi;	$LDW	X[ 5]=[r9],4*$SZ
+	$LDW	X[ 4]=[r10],4*$SZ
+	shrp	X[11]=X[11],X[10],56	};;
+{ .mmi;	$LDW	X[ 3]=[input],4*$SZ
+	$LDW	X[ 2]=[r8],4*$SZ
+	shrp	X[10]=X[10],X[ 9],56	}
+{ .mmi;	$LDW	X[ 1]=[r9],4*$SZ
+	$LDW	X[ 0]=[r10],4*$SZ
+	shrp	X[ 9]=X[ 9],X[ 8],56	};;
+{ .mii;	$LDW	T1=[input]
+	shrp	X[ 8]=X[ 8],X[ 7],56
+	shrp	X[ 7]=X[ 7],X[ 6],56	}
+{ .mii;	shrp	X[ 6]=X[ 6],X[ 5],56
+	shrp	X[ 5]=X[ 5],X[ 4],56	};;
+{ .mii;	shrp	X[ 4]=X[ 4],X[ 3],56
+	shrp	X[ 3]=X[ 3],X[ 2],56	}
+{ .mii;	shrp	X[ 2]=X[ 2],X[ 1],56
+	shrp	X[ 1]=X[ 1],X[ 0],56	}
+{ .mib;	shrp	X[ 0]=X[ 0],T1,56
+	br.many	.L_first16		};;
+.L2byte:
+{ .mmi;	$LDW	X[11]=[input],4*$SZ
+	$LDW	X[10]=[r8],4*$SZ
+	shrp	X[15]=X[15],X[14],48	}
+{ .mmi;	$LDW	X[ 9]=[r9],4*$SZ
+	$LDW	X[ 8]=[r10],4*$SZ
+	shrp	X[14]=X[14],X[13],48	};;
+{ .mmi;	$LDW	X[ 7]=[input],4*$SZ
+	$LDW	X[ 6]=[r8],4*$SZ
+	shrp	X[13]=X[13],X[12],48	}
+{ .mmi;	$LDW	X[ 5]=[r9],4*$SZ
+	$LDW	X[ 4]=[r10],4*$SZ
+	shrp	X[12]=X[12],X[11],48	};;
+{ .mmi;	$LDW	X[ 3]=[input],4*$SZ
+	$LDW	X[ 2]=[r8],4*$SZ
+	shrp	X[11]=X[11],X[10],48	}
+{ .mmi;	$LDW	X[ 1]=[r9],4*$SZ
+	$LDW	X[ 0]=[r10],4*$SZ
+	shrp	X[10]=X[10],X[ 9],48	};;
+{ .mii;	$LDW	T1=[input]
+	shrp	X[ 9]=X[ 9],X[ 8],48
+	shrp	X[ 8]=X[ 8],X[ 7],48	}
+{ .mii;	shrp	X[ 7]=X[ 7],X[ 6],48
+	shrp	X[ 6]=X[ 6],X[ 5],48	};;
+{ .mii;	shrp	X[ 5]=X[ 5],X[ 4],48
+	shrp	X[ 4]=X[ 4],X[ 3],48	}
+{ .mii;	shrp	X[ 3]=X[ 3],X[ 2],48
+	shrp	X[ 2]=X[ 2],X[ 1],48	}
+{ .mii;	shrp	X[ 1]=X[ 1],X[ 0],48
+	shrp	X[ 0]=X[ 0],T1,48	}
+{ .mfb;	br.many	.L_first16		};;
+.L3byte:
+{ .mmi;	$LDW	X[ 9]=[r9],4*$SZ
+	$LDW	X[ 8]=[r10],4*$SZ
+	shrp	X[15]=X[15],X[14],40	};;
+{ .mmi;	$LDW	X[ 7]=[input],4*$SZ
+	$LDW	X[ 6]=[r8],4*$SZ
+	shrp	X[14]=X[14],X[13],40	}
+{ .mmi;	$LDW	X[ 5]=[r9],4*$SZ
+	$LDW	X[ 4]=[r10],4*$SZ
+	shrp	X[13]=X[13],X[12],40	};;
+{ .mmi;	$LDW	X[ 3]=[input],4*$SZ
+	$LDW	X[ 2]=[r8],4*$SZ
+	shrp	X[12]=X[12],X[11],40	}
+{ .mmi;	$LDW	X[ 1]=[r9],4*$SZ
+	$LDW	X[ 0]=[r10],4*$SZ
+	shrp	X[11]=X[11],X[10],40	};;
+{ .mii;	$LDW	T1=[input]
+	shrp	X[10]=X[10],X[ 9],40
+	shrp	X[ 9]=X[ 9],X[ 8],40	}
+{ .mii;	shrp	X[ 8]=X[ 8],X[ 7],40
+	shrp	X[ 7]=X[ 7],X[ 6],40	};;
+{ .mii;	shrp	X[ 6]=X[ 6],X[ 5],40
+	shrp	X[ 5]=X[ 5],X[ 4],40	}
+{ .mii;	shrp	X[ 4]=X[ 4],X[ 3],40
+	shrp	X[ 3]=X[ 3],X[ 2],40	}
+{ .mii;	shrp	X[ 2]=X[ 2],X[ 1],40
+	shrp	X[ 1]=X[ 1],X[ 0],40	}
+{ .mib;	shrp	X[ 0]=X[ 0],T1,40
+	br.many	.L_first16		};;
+.L4byte:
+{ .mmi;	$LDW	X[ 7]=[input],4*$SZ
+	$LDW	X[ 6]=[r8],4*$SZ
+	shrp	X[15]=X[15],X[14],32	}
+{ .mmi;	$LDW	X[ 5]=[r9],4*$SZ
+	$LDW	X[ 4]=[r10],4*$SZ
+	shrp	X[14]=X[14],X[13],32	};;
+{ .mmi;	$LDW	X[ 3]=[input],4*$SZ
+	$LDW	X[ 2]=[r8],4*$SZ
+	shrp	X[13]=X[13],X[12],32	}
+{ .mmi;	$LDW	X[ 1]=[r9],4*$SZ
+	$LDW	X[ 0]=[r10],4*$SZ
+	shrp	X[12]=X[12],X[11],32	};;
+{ .mii;	$LDW	T1=[input]
+	shrp	X[11]=X[11],X[10],32
+	shrp	X[10]=X[10],X[ 9],32	}
+{ .mii;	shrp	X[ 9]=X[ 9],X[ 8],32
+	shrp	X[ 8]=X[ 8],X[ 7],32	};;
+{ .mii;	shrp	X[ 7]=X[ 7],X[ 6],32
+	shrp	X[ 6]=X[ 6],X[ 5],32	}
+{ .mii;	shrp	X[ 5]=X[ 5],X[ 4],32
+	shrp	X[ 4]=X[ 4],X[ 3],32	}
+{ .mii;	shrp	X[ 3]=X[ 3],X[ 2],32
+	shrp	X[ 2]=X[ 2],X[ 1],32	}
+{ .mii;	shrp	X[ 1]=X[ 1],X[ 0],32
+	shrp	X[ 0]=X[ 0],T1,32	}
+{ .mfb;	br.many	.L_first16		};;
+.L5byte:
+{ .mmi;	$LDW	X[ 5]=[r9],4*$SZ
+	$LDW	X[ 4]=[r10],4*$SZ
+	shrp	X[15]=X[15],X[14],24	};;
+{ .mmi;	$LDW	X[ 3]=[input],4*$SZ
+	$LDW	X[ 2]=[r8],4*$SZ
+	shrp	X[14]=X[14],X[13],24	}
+{ .mmi;	$LDW	X[ 1]=[r9],4*$SZ
+	$LDW	X[ 0]=[r10],4*$SZ
+	shrp	X[13]=X[13],X[12],24	};;
+{ .mii;	$LDW	T1=[input]
+	shrp	X[12]=X[12],X[11],24
+	shrp	X[11]=X[11],X[10],24	}
+{ .mii;	shrp	X[10]=X[10],X[ 9],24
+	shrp	X[ 9]=X[ 9],X[ 8],24	};;
+{ .mii;	shrp	X[ 8]=X[ 8],X[ 7],24
+	shrp	X[ 7]=X[ 7],X[ 6],24	}
+{ .mii;	shrp	X[ 6]=X[ 6],X[ 5],24
+	shrp	X[ 5]=X[ 5],X[ 4],24	}
+{ .mii;	shrp	X[ 4]=X[ 4],X[ 3],24
+	shrp	X[ 3]=X[ 3],X[ 2],24	}
+{ .mii;	shrp	X[ 2]=X[ 2],X[ 1],24
+	shrp	X[ 1]=X[ 1],X[ 0],24	}
+{ .mib;	shrp	X[ 0]=X[ 0],T1,24
+	br.many	.L_first16		};;
+.L6byte:
+{ .mmi;	$LDW	X[ 3]=[input],4*$SZ
+	$LDW	X[ 2]=[r8],4*$SZ
+	shrp	X[15]=X[15],X[14],16	}
+{ .mmi;	$LDW	X[ 1]=[r9],4*$SZ
+	$LDW	X[ 0]=[r10],4*$SZ
+	shrp	X[14]=X[14],X[13],16	};;
+{ .mii;	$LDW	T1=[input]
+	shrp	X[13]=X[13],X[12],16
+	shrp	X[12]=X[12],X[11],16	}
+{ .mii;	shrp	X[11]=X[11],X[10],16
+	shrp	X[10]=X[10],X[ 9],16	};;
+{ .mii;	shrp	X[ 9]=X[ 9],X[ 8],16
+	shrp	X[ 8]=X[ 8],X[ 7],16	}
+{ .mii;	shrp	X[ 7]=X[ 7],X[ 6],16
+	shrp	X[ 6]=X[ 6],X[ 5],16	}
+{ .mii;	shrp	X[ 5]=X[ 5],X[ 4],16
+	shrp	X[ 4]=X[ 4],X[ 3],16	}
+{ .mii;	shrp	X[ 3]=X[ 3],X[ 2],16
+	shrp	X[ 2]=X[ 2],X[ 1],16	}
+{ .mii;	shrp	X[ 1]=X[ 1],X[ 0],16
+	shrp	X[ 0]=X[ 0],T1,16	}
+{ .mfb;	br.many	.L_first16		};;
+.L7byte:
+{ .mmi;	$LDW	X[ 1]=[r9],4*$SZ
+	$LDW	X[ 0]=[r10],4*$SZ
+	shrp	X[15]=X[15],X[14],8	};;
+{ .mii;	$LDW	T1=[input]
+	shrp	X[14]=X[14],X[13],8
+	shrp	X[13]=X[13],X[12],8	}
+{ .mii;	shrp	X[12]=X[12],X[11],8
+	shrp	X[11]=X[11],X[10],8	};;
+{ .mii;	shrp	X[10]=X[10],X[ 9],8
+	shrp	X[ 9]=X[ 9],X[ 8],8	}
+{ .mii;	shrp	X[ 8]=X[ 8],X[ 7],8
+	shrp	X[ 7]=X[ 7],X[ 6],8	}
+{ .mii;	shrp	X[ 6]=X[ 6],X[ 5],8
+	shrp	X[ 5]=X[ 5],X[ 4],8	}
+{ .mii;	shrp	X[ 4]=X[ 4],X[ 3],8
+	shrp	X[ 3]=X[ 3],X[ 2],8	}
+{ .mii;	shrp	X[ 2]=X[ 2],X[ 1],8
+	shrp	X[ 1]=X[ 1],X[ 0],8	}
+{ .mib;	shrp	X[ 0]=X[ 0],T1,8
+	br.many	.L_first16		};;
+
+.align	32
+.L_first16:
+{ .mmi;		$LDW	K=[Ktbl],$SZ
 		and	T1=F,E
 		and	T2=A,B		}
-{ .mmi;		$LDW	K=[Ktbl],$SZ
+{ .mmi;		//$LDW	X[15]=[input],$SZ	// X[i]=*input++
 		andcm	r8=G,E
 		and	r9=A,C		};;
 { .mmi;		xor	T1=T1,r8		//T1=((e & f) ^ (~e & g))
@@ -236,13 +478,14 @@ $code.=<<___;
 { .mmi;		xor	r10=r8,r10		// r10=Sigma0(a)
 		mov	B=A
 		add	A=T1,T2		};;
-.L_first16_ctop:
 { .mib;		add	E=E,T1
 		add	A=A,r10			// T2=Maj(a,b,c)+Sigma0(a)
 	br.ctop.sptk	.L_first16	};;
+.L_first16_end:
+
+{ .mii;	mov	ar.lc=$rounds-17
+	mov	ar.ec=1			};;
 
-{ .mib;	mov	ar.lc=$rounds-17	}
-{ .mib;	mov	ar.ec=1			};;
 .align	32
 .L_rest:
 .rotr	X[16]
@@ -311,46 +554,38 @@ $code.=<<___;
 { .mmi;		xor	r10=r8,r10		// r10=Sigma0(a)
 		mov	B=A
 		add	A=T1,T2		};;
-.L_rest_ctop:
 { .mib;		add	E=E,T1
 		add	A=A,r10			// T2=Maj(a,b,c)+Sigma0(a)
 	br.ctop.sptk	.L_rest	};;
+.L_rest_end:
+
+{ .mmi;	add	A_=A_,A
+	add	B_=B_,B
+	add	C_=C_,C			}
+{ .mmi;	add	D_=D_,D
+	add	E_=E_,E
+	cmp.ltu	p16,p0=1,num		};;
+{ .mmi;	add	F_=F_,F
+	add	G_=G_,G
+	add	H_=H_,H			}
+{ .mmb;	add	Ktbl=-$SZ*$rounds,Ktbl
+(p16)	add	num=-1,num
+(p16)	br.dptk.many	.L_outer	};;
 
 { .mib;	add	r8=0*$SZ,ctx
 	add	r9=1*$SZ,ctx		}
 { .mib;	add	r10=2*$SZ,ctx
 	add	r11=3*$SZ,ctx		};;
-{ .mmi;	$LDW	r32=[r8],4*$SZ
-	$LDW	r33=[r9],4*$SZ		}
-{ .mmi;	$LDW	r34=[r10],4*$SZ
-	$LDW	r35=[r11],4*$SZ
-	cmp.ltu	p6,p7=1,num		};;
-{ .mmi;	$LDW	r36=[r8],-4*$SZ
-	$LDW	r37=[r9],-4*$SZ
-(p6)	add	Ktbl=-$SZ*$rounds,Ktbl	}
-{ .mmi;	$LDW	r38=[r10],-4*$SZ
-	$LDW	r39=[r11],-4*$SZ
-(p7)	mov	ar.lc=r3		};;
-{ .mmi;	add	A=A,r32
-	add	B=B,r33
-	add	C=C,r34			}
-{ .mmi;	add	D=D,r35
-	add	E=E,r36
-	add	F=F,r37			};;
-{ .mmi;	$STW	[r8]=A,4*$SZ
-	$STW	[r9]=B,4*$SZ
-	add	G=G,r38			}
-{ .mmi;	$STW	[r10]=C,4*$SZ
-	$STW	[r11]=D,4*$SZ
-	add	H=H,r39			};;
-{ .mmi;	$STW	[r8]=E
-	$STW	[r9]=F
-(p6)	add	num=-1,num		}
-{ .mmb;	$STW	[r10]=G
-	$STW	[r11]=H
-(p6)	br.dptk.many	.L_outer	};;
-
-{ .mib;	mov	pr=prsave,0x1ffff
+{ .mmi;	$STW	[r8]=A_,4*$SZ
+	$STW	[r9]=B_,4*$SZ
+	mov	ar.lc=lcsave		}
+{ .mmi;	$STW	[r10]=C_,4*$SZ
+	$STW	[r11]=D_,4*$SZ
+	mov	pr=prsave,0x1ffff	};;
+{ .mmb;	$STW	[r8]=E_
+	$STW	[r9]=F_			}
+{ .mmb;	$STW	[r10]=G_
+	$STW	[r11]=H_
 	br.ret.sptk.many	b0	};;
 .endp	$func#
 ___
@@ -359,7 +594,10 @@ $code =~ s/\`([^\`]*)\`/eval $1/gem;
 $code =~ s/_rotr(\s+)([^=]+)=([^,]+),([0-9]+)/shrp$1$2=$3,$3,$4/gm;
 if ($BITS==64) {
     $code =~ s/mux2(\s+)\S+/nop.i$1 0x0/gm;
-    $code =~ s/mux1(\s+)\S+/nop.i$1 0x0/gm if ($big_endian);
+    $code =~ s/mux1(\s+)\S+/nop.i$1 0x0/gm	if ($big_endian);
+    $code =~ s/(shrp\s+X\[[^=]+)=([^,]+),([^,]+),([1-9]+)/$1=$3,$2,64-$4/gm
+    						if (!$big_endian);
+    $code =~ s/ld1(\s+)X\[\S+/nop.m$1 0x0/gm;
 }
 
 print $code;
@@ -384,6 +622,7 @@ K256:	data4	0x428a2f98,0x71374491,0xb5c0fbcf,0xe9b5dba5
 	data4	0x748f82ee,0x78a5636f,0x84c87814,0x8cc70208
 	data4	0x90befffa,0xa4506ceb,0xbef9a3f7,0xc67178f2
 .size	K256#,$SZ*$rounds
+stringz	"SHA256 block transform for IA64, CRYPTOGAMS by <appro\@openssl.org>"
 ___
 print<<___ if ($BITS==64);
 .align	64
@@ -429,4 +668,5 @@ K512:	data8	0x428a2f98d728ae22,0x7137449123ef65cd
 	data8	0x4cc5d4becb3e42b6,0x597f299cfc657e2a
 	data8	0x5fcb6fab3ad6faec,0x6c44198c4a475817
 .size	K512#,$SZ*$rounds
+stringz	"SHA512 block transform for IA64, CRYPTOGAMS by <appro\@openssl.org>"
 ___
diff --git a/crypto/sha/asm/sha512-parisc.pl b/crypto/sha/asm/sha512-parisc.pl
new file mode 100755
index 0000000000..e24ee58ae9
--- /dev/null
+++ b/crypto/sha/asm/sha512-parisc.pl
@@ -0,0 +1,791 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# SHA256/512 block procedure for PA-RISC.
+
+# June 2009.
+#
+# SHA256 performance is >75% better than gcc 3.2 generated code on
+# PA-7100LC. Compared to code generated by vendor compiler this
+# implementation is almost 70% faster in 64-bit build, but delivers
+# virtually same performance in 32-bit build on PA-8600.
+#
+# SHA512 performance is >2.9x better than gcc 3.2 generated code on
+# PA-7100LC, PA-RISC 1.1 processor. Then implementation detects if the
+# code is executed on PA-RISC 2.0 processor and switches to 64-bit
+# code path delivering adequate peformance even in "blended" 32-bit
+# build. Though 64-bit code is not any faster than code generated by
+# vendor compiler on PA-8600...
+#
+# Special thanks to polarhome.com for providing HP-UX account.
+
+$flavour = shift;
+$output = shift;
+open STDOUT,">$output";
+
+if ($flavour =~ /64/) {
+	$LEVEL		="2.0W";
+	$SIZE_T		=8;
+	$FRAME_MARKER	=80;
+	$SAVED_RP	=16;
+	$PUSH		="std";
+	$PUSHMA		="std,ma";
+	$POP		="ldd";
+	$POPMB		="ldd,mb";
+} else {
+	$LEVEL		="1.0";
+	$SIZE_T		=4;
+	$FRAME_MARKER	=48;
+	$SAVED_RP	=20;
+	$PUSH		="stw";
+	$PUSHMA		="stwm";
+	$POP		="ldw";
+	$POPMB		="ldwm";
+}
+
+if ($output =~ /512/) {
+	$func="sha512_block_data_order";
+	$SZ=8;
+	@Sigma0=(28,34,39);
+	@Sigma1=(14,18,41);
+	@sigma0=(1,  8, 7);
+	@sigma1=(19,61, 6);
+	$rounds=80;
+	$LAST10BITS=0x017;
+	$LD="ldd";
+	$LDM="ldd,ma";
+	$ST="std";
+} else {
+	$func="sha256_block_data_order";
+	$SZ=4;
+	@Sigma0=( 2,13,22);
+	@Sigma1=( 6,11,25);
+	@sigma0=( 7,18, 3);
+	@sigma1=(17,19,10);
+	$rounds=64;
+	$LAST10BITS=0x0f2;
+	$LD="ldw";
+	$LDM="ldwm";
+	$ST="stw";
+}
+
+$FRAME=16*$SIZE_T+$FRAME_MARKER;# 16 saved regs + frame marker
+				#                 [+ argument transfer]
+$XOFF=16*$SZ+32;		# local variables
+$FRAME+=$XOFF;
+$XOFF+=$FRAME_MARKER;		# distance between %sp and local variables
+
+$ctx="%r26";	# zapped by $a0
+$inp="%r25";	# zapped by $a1
+$num="%r24";	# zapped by $t0
+
+$a0 ="%r26";
+$a1 ="%r25";
+$t0 ="%r24";
+$t1 ="%r29";
+$Tbl="%r31";
+
+@V=($A,$B,$C,$D,$E,$F,$G,$H)=("%r17","%r18","%r19","%r20","%r21","%r22","%r23","%r28");
+
+@X=("%r1", "%r2", "%r3", "%r4", "%r5", "%r6", "%r7", "%r8",
+    "%r9", "%r10","%r11","%r12","%r13","%r14","%r15","%r16",$inp);
+
+sub ROUND_00_15 {
+my ($i,$a,$b,$c,$d,$e,$f,$g,$h)=@_;
+$code.=<<___;
+	_ror	$e,$Sigma1[0],$a0
+	and	$f,$e,$t0
+	_ror	$e,$Sigma1[1],$a1
+	addl	$t1,$h,$h
+	andcm	$g,$e,$t1
+	xor	$a1,$a0,$a0
+	_ror	$a1,`$Sigma1[2]-$Sigma1[1]`,$a1
+	or	$t0,$t1,$t1		; Ch(e,f,g)
+	addl	@X[$i%16],$h,$h
+	xor	$a0,$a1,$a1		; Sigma1(e)
+	addl	$t1,$h,$h
+	_ror	$a,$Sigma0[0],$a0
+	addl	$a1,$h,$h
+
+	_ror	$a,$Sigma0[1],$a1
+	and	$a,$b,$t0
+	and	$a,$c,$t1
+	xor	$a1,$a0,$a0
+	_ror	$a1,`$Sigma0[2]-$Sigma0[1]`,$a1
+	xor	$t1,$t0,$t0
+	and	$b,$c,$t1
+	xor	$a0,$a1,$a1		; Sigma0(a)
+	addl	$h,$d,$d
+	xor	$t1,$t0,$t0		; Maj(a,b,c)
+	`"$LDM	$SZ($Tbl),$t1" if ($i<15)`
+	addl	$a1,$h,$h
+	addl	$t0,$h,$h
+
+___
+}
+
+sub ROUND_16_xx {
+my ($i,$a,$b,$c,$d,$e,$f,$g,$h)=@_;
+$i-=16;
+$code.=<<___;
+	_ror	@X[($i+1)%16],$sigma0[0],$a0
+	_ror	@X[($i+1)%16],$sigma0[1],$a1
+	addl	@X[($i+9)%16],@X[$i],@X[$i]
+	_ror	@X[($i+14)%16],$sigma1[0],$t0
+	_ror	@X[($i+14)%16],$sigma1[1],$t1
+	xor	$a1,$a0,$a0
+	_shr	@X[($i+1)%16],$sigma0[2],$a1
+	xor	$t1,$t0,$t0
+	_shr	@X[($i+14)%16],$sigma1[2],$t1
+	xor	$a1,$a0,$a0		; sigma0(X[(i+1)&0x0f])
+	xor	$t1,$t0,$t0		; sigma1(X[(i+14)&0x0f])
+	$LDM	$SZ($Tbl),$t1
+	addl	$a0,@X[$i],@X[$i]
+	addl	$t0,@X[$i],@X[$i]
+___
+$code.=<<___ if ($i==15);
+	extru	$t1,31,10,$a1
+	comiclr,<> $LAST10BITS,$a1,%r0
+	ldo	1($Tbl),$Tbl		; signal end of $Tbl
+___
+&ROUND_00_15($i+16,$a,$b,$c,$d,$e,$f,$g,$h);
+}
+
+$code=<<___;
+	.LEVEL	$LEVEL
+	.SPACE	\$TEXT\$
+	.SUBSPA	\$CODE\$,QUAD=0,ALIGN=8,ACCESS=0x2C,CODE_ONLY
+
+	.ALIGN	64
+L\$table
+___
+$code.=<<___ if ($SZ==8);
+	.WORD	0x428a2f98,0xd728ae22,0x71374491,0x23ef65cd
+	.WORD	0xb5c0fbcf,0xec4d3b2f,0xe9b5dba5,0x8189dbbc
+	.WORD	0x3956c25b,0xf348b538,0x59f111f1,0xb605d019
+	.WORD	0x923f82a4,0xaf194f9b,0xab1c5ed5,0xda6d8118
+	.WORD	0xd807aa98,0xa3030242,0x12835b01,0x45706fbe
+	.WORD	0x243185be,0x4ee4b28c,0x550c7dc3,0xd5ffb4e2
+	.WORD	0x72be5d74,0xf27b896f,0x80deb1fe,0x3b1696b1
+	.WORD	0x9bdc06a7,0x25c71235,0xc19bf174,0xcf692694
+	.WORD	0xe49b69c1,0x9ef14ad2,0xefbe4786,0x384f25e3
+	.WORD	0x0fc19dc6,0x8b8cd5b5,0x240ca1cc,0x77ac9c65
+	.WORD	0x2de92c6f,0x592b0275,0x4a7484aa,0x6ea6e483
+	.WORD	0x5cb0a9dc,0xbd41fbd4,0x76f988da,0x831153b5
+	.WORD	0x983e5152,0xee66dfab,0xa831c66d,0x2db43210
+	.WORD	0xb00327c8,0x98fb213f,0xbf597fc7,0xbeef0ee4
+	.WORD	0xc6e00bf3,0x3da88fc2,0xd5a79147,0x930aa725
+	.WORD	0x06ca6351,0xe003826f,0x14292967,0x0a0e6e70
+	.WORD	0x27b70a85,0x46d22ffc,0x2e1b2138,0x5c26c926
+	.WORD	0x4d2c6dfc,0x5ac42aed,0x53380d13,0x9d95b3df
+	.WORD	0x650a7354,0x8baf63de,0x766a0abb,0x3c77b2a8
+	.WORD	0x81c2c92e,0x47edaee6,0x92722c85,0x1482353b
+	.WORD	0xa2bfe8a1,0x4cf10364,0xa81a664b,0xbc423001
+	.WORD	0xc24b8b70,0xd0f89791,0xc76c51a3,0x0654be30
+	.WORD	0xd192e819,0xd6ef5218,0xd6990624,0x5565a910
+	.WORD	0xf40e3585,0x5771202a,0x106aa070,0x32bbd1b8
+	.WORD	0x19a4c116,0xb8d2d0c8,0x1e376c08,0x5141ab53
+	.WORD	0x2748774c,0xdf8eeb99,0x34b0bcb5,0xe19b48a8
+	.WORD	0x391c0cb3,0xc5c95a63,0x4ed8aa4a,0xe3418acb
+	.WORD	0x5b9cca4f,0x7763e373,0x682e6ff3,0xd6b2b8a3
+	.WORD	0x748f82ee,0x5defb2fc,0x78a5636f,0x43172f60
+	.WORD	0x84c87814,0xa1f0ab72,0x8cc70208,0x1a6439ec
+	.WORD	0x90befffa,0x23631e28,0xa4506ceb,0xde82bde9
+	.WORD	0xbef9a3f7,0xb2c67915,0xc67178f2,0xe372532b
+	.WORD	0xca273ece,0xea26619c,0xd186b8c7,0x21c0c207
+	.WORD	0xeada7dd6,0xcde0eb1e,0xf57d4f7f,0xee6ed178
+	.WORD	0x06f067aa,0x72176fba,0x0a637dc5,0xa2c898a6
+	.WORD	0x113f9804,0xbef90dae,0x1b710b35,0x131c471b
+	.WORD	0x28db77f5,0x23047d84,0x32caab7b,0x40c72493
+	.WORD	0x3c9ebe0a,0x15c9bebc,0x431d67c4,0x9c100d4c
+	.WORD	0x4cc5d4be,0xcb3e42b6,0x597f299c,0xfc657e2a
+	.WORD	0x5fcb6fab,0x3ad6faec,0x6c44198c,0x4a475817
+___
+$code.=<<___ if ($SZ==4);
+	.WORD	0x428a2f98,0x71374491,0xb5c0fbcf,0xe9b5dba5
+	.WORD	0x3956c25b,0x59f111f1,0x923f82a4,0xab1c5ed5
+	.WORD	0xd807aa98,0x12835b01,0x243185be,0x550c7dc3
+	.WORD	0x72be5d74,0x80deb1fe,0x9bdc06a7,0xc19bf174
+	.WORD	0xe49b69c1,0xefbe4786,0x0fc19dc6,0x240ca1cc
+	.WORD	0x2de92c6f,0x4a7484aa,0x5cb0a9dc,0x76f988da
+	.WORD	0x983e5152,0xa831c66d,0xb00327c8,0xbf597fc7
+	.WORD	0xc6e00bf3,0xd5a79147,0x06ca6351,0x14292967
+	.WORD	0x27b70a85,0x2e1b2138,0x4d2c6dfc,0x53380d13
+	.WORD	0x650a7354,0x766a0abb,0x81c2c92e,0x92722c85
+	.WORD	0xa2bfe8a1,0xa81a664b,0xc24b8b70,0xc76c51a3
+	.WORD	0xd192e819,0xd6990624,0xf40e3585,0x106aa070
+	.WORD	0x19a4c116,0x1e376c08,0x2748774c,0x34b0bcb5
+	.WORD	0x391c0cb3,0x4ed8aa4a,0x5b9cca4f,0x682e6ff3
+	.WORD	0x748f82ee,0x78a5636f,0x84c87814,0x8cc70208
+	.WORD	0x90befffa,0xa4506ceb,0xbef9a3f7,0xc67178f2
+___
+$code.=<<___;
+
+	.EXPORT	$func,ENTRY,ARGW0=GR,ARGW1=GR,ARGW2=GR
+	.ALIGN	64
+$func
+	.PROC
+	.CALLINFO	FRAME=`$FRAME-16*$SIZE_T`,NO_CALLS,SAVE_RP,ENTRY_GR=18
+	.ENTRY
+	$PUSH	%r2,-$SAVED_RP(%sp)	; standard prologue
+	$PUSHMA	%r3,$FRAME(%sp)
+	$PUSH	%r4,`-$FRAME+1*$SIZE_T`(%sp)
+	$PUSH	%r5,`-$FRAME+2*$SIZE_T`(%sp)
+	$PUSH	%r6,`-$FRAME+3*$SIZE_T`(%sp)
+	$PUSH	%r7,`-$FRAME+4*$SIZE_T`(%sp)
+	$PUSH	%r8,`-$FRAME+5*$SIZE_T`(%sp)
+	$PUSH	%r9,`-$FRAME+6*$SIZE_T`(%sp)
+	$PUSH	%r10,`-$FRAME+7*$SIZE_T`(%sp)
+	$PUSH	%r11,`-$FRAME+8*$SIZE_T`(%sp)
+	$PUSH	%r12,`-$FRAME+9*$SIZE_T`(%sp)
+	$PUSH	%r13,`-$FRAME+10*$SIZE_T`(%sp)
+	$PUSH	%r14,`-$FRAME+11*$SIZE_T`(%sp)
+	$PUSH	%r15,`-$FRAME+12*$SIZE_T`(%sp)
+	$PUSH	%r16,`-$FRAME+13*$SIZE_T`(%sp)
+	$PUSH	%r17,`-$FRAME+14*$SIZE_T`(%sp)
+	$PUSH	%r18,`-$FRAME+15*$SIZE_T`(%sp)
+
+	_shl	$num,`log(16*$SZ)/log(2)`,$num
+	addl	$inp,$num,$num		; $num to point at the end of $inp
+
+	$PUSH	$num,`-$FRAME_MARKER-4*$SIZE_T`(%sp)	; save arguments
+	$PUSH	$inp,`-$FRAME_MARKER-3*$SIZE_T`(%sp)
+	$PUSH	$ctx,`-$FRAME_MARKER-2*$SIZE_T`(%sp)
+
+	blr	%r0,$Tbl
+	ldi	3,$t1
+L\$pic
+	andcm	$Tbl,$t1,$Tbl		; wipe privilege level
+	ldo	L\$table-L\$pic($Tbl),$Tbl
+___
+$code.=<<___ if ($SZ==8 && $SIZE_T==4);
+	ldi	31,$t1
+	mtctl	$t1,%cr11
+	extrd,u,*= $t1,%sar,1,$t1	; executes on PA-RISC 1.0
+	b	L\$parisc1
+	nop
+___
+$code.=<<___;
+	$LD	`0*$SZ`($ctx),$A	; load context
+	$LD	`1*$SZ`($ctx),$B
+	$LD	`2*$SZ`($ctx),$C
+	$LD	`3*$SZ`($ctx),$D
+	$LD	`4*$SZ`($ctx),$E
+	$LD	`5*$SZ`($ctx),$F
+	$LD	`6*$SZ`($ctx),$G
+	$LD	`7*$SZ`($ctx),$H
+
+	extru	$inp,31,`log($SZ)/log(2)`,$t0
+	sh3addl	$t0,%r0,$t0
+	subi	`8*$SZ`,$t0,$t0
+	mtctl	$t0,%cr11		; load %sar with align factor
+
+L\$oop
+	ldi	`$SZ-1`,$t0
+	$LDM	$SZ($Tbl),$t1
+	andcm	$inp,$t0,$t0		; align $inp
+___
+	for ($i=0;$i<15;$i++) {		# load input block
+	$code.="\t$LD	`$SZ*$i`($t0),@X[$i]\n";		}
+$code.=<<___;
+	cmpb,*=	$inp,$t0,L\$aligned
+	$LD	`$SZ*15`($t0),@X[15]
+	$LD	`$SZ*16`($t0),@X[16]
+___
+	for ($i=0;$i<16;$i++) {		# align data
+	$code.="\t_align	@X[$i],@X[$i+1],@X[$i]\n";	}
+$code.=<<___;
+L\$aligned
+	nop	; otherwise /usr/ccs/bin/as is confused by below .WORD
+___
+
+for($i=0;$i<16;$i++)	{ &ROUND_00_15($i,@V); unshift(@V,pop(@V)); }
+$code.=<<___;
+L\$rounds
+	nop	; otherwise /usr/ccs/bin/as is confused by below .WORD
+___
+for(;$i<32;$i++)	{ &ROUND_16_xx($i,@V); unshift(@V,pop(@V)); }
+$code.=<<___;
+	bb,>=	$Tbl,31,L\$rounds	; end of $Tbl signalled?
+	nop
+
+	$POP	`-$FRAME_MARKER-2*$SIZE_T`(%sp),$ctx	; restore arguments
+	$POP	`-$FRAME_MARKER-3*$SIZE_T`(%sp),$inp
+	$POP	`-$FRAME_MARKER-4*$SIZE_T`(%sp),$num
+	ldo	`-$rounds*$SZ-1`($Tbl),$Tbl		; rewind $Tbl
+
+	$LD	`0*$SZ`($ctx),@X[0]	; load context
+	$LD	`1*$SZ`($ctx),@X[1]
+	$LD	`2*$SZ`($ctx),@X[2]
+	$LD	`3*$SZ`($ctx),@X[3]
+	$LD	`4*$SZ`($ctx),@X[4]
+	$LD	`5*$SZ`($ctx),@X[5]
+	addl	@X[0],$A,$A
+	$LD	`6*$SZ`($ctx),@X[6]
+	addl	@X[1],$B,$B
+	$LD	`7*$SZ`($ctx),@X[7]
+	ldo	`16*$SZ`($inp),$inp	; advance $inp
+
+	$ST	$A,`0*$SZ`($ctx)	; save context
+	addl	@X[2],$C,$C
+	$ST	$B,`1*$SZ`($ctx)
+	addl	@X[3],$D,$D
+	$ST	$C,`2*$SZ`($ctx)
+	addl	@X[4],$E,$E
+	$ST	$D,`3*$SZ`($ctx)
+	addl	@X[5],$F,$F
+	$ST	$E,`4*$SZ`($ctx)
+	addl	@X[6],$G,$G
+	$ST	$F,`5*$SZ`($ctx)
+	addl	@X[7],$H,$H
+	$ST	$G,`6*$SZ`($ctx)
+	$ST	$H,`7*$SZ`($ctx)
+
+	cmpb,*<>,n $inp,$num,L\$oop
+	$PUSH	$inp,`-$FRAME_MARKER-3*$SIZE_T`(%sp)	; save $inp
+___
+if ($SZ==8 && $SIZE_T==4)	# SHA512 for 32-bit PA-RISC 1.0
+{{
+$code.=<<___;
+	b	L\$done
+	nop
+
+	.ALIGN	64
+L\$parisc1
+___
+
+@V=(  $Ahi,  $Alo,  $Bhi,  $Blo,  $Chi,  $Clo,  $Dhi,  $Dlo,
+      $Ehi,  $Elo,  $Fhi,  $Flo,  $Ghi,  $Glo,  $Hhi,  $Hlo) = 
+   ( "%r1", "%r2", "%r3", "%r4", "%r5", "%r6", "%r7", "%r8",
+     "%r9","%r10","%r11","%r12","%r13","%r14","%r15","%r16");
+$a0 ="%r17";
+$a1 ="%r18";
+$a2 ="%r19";
+$a3 ="%r20";
+$t0 ="%r21";
+$t1 ="%r22";
+$t2 ="%r28";
+$t3 ="%r29";
+$Tbl="%r31";
+
+@X=("%r23","%r24","%r25","%r26");	# zaps $num,$inp,$ctx
+
+sub ROUND_00_15_pa1 {
+my ($i,$ahi,$alo,$bhi,$blo,$chi,$clo,$dhi,$dlo,
+       $ehi,$elo,$fhi,$flo,$ghi,$glo,$hhi,$hlo,$flag)=@_;
+my ($Xhi,$Xlo,$Xnhi,$Xnlo) = @X;
+
+$code.=<<___ if (!$flag);
+	ldw	`-$XOFF+8*(($i+1)%16)`(%sp),$Xnhi
+	ldw	`-$XOFF+8*(($i+1)%16)+4`(%sp),$Xnlo	; load X[i+1]
+___
+$code.=<<___;
+	shd	$ehi,$elo,$Sigma1[0],$t0
+	 add	$Xlo,$hlo,$hlo
+	shd	$elo,$ehi,$Sigma1[0],$t1
+	 addc	$Xhi,$hhi,$hhi		; h += X[i]
+	shd	$ehi,$elo,$Sigma1[1],$t2
+	 ldwm	8($Tbl),$Xhi
+	shd	$elo,$ehi,$Sigma1[1],$t3
+	 ldw	-4($Tbl),$Xlo		; load K[i]
+	xor	$t2,$t0,$t0
+	xor	$t3,$t1,$t1
+	 and	$flo,$elo,$a0
+	 and	$fhi,$ehi,$a1
+	shd	$ehi,$elo,$Sigma1[2],$t2
+	 andcm	$glo,$elo,$a2
+	shd	$elo,$ehi,$Sigma1[2],$t3
+	 andcm	$ghi,$ehi,$a3
+	xor	$t2,$t0,$t0
+	xor	$t3,$t1,$t1		; Sigma1(e)
+	add	$Xlo,$hlo,$hlo
+	 xor	$a2,$a0,$a0
+	addc	$Xhi,$hhi,$hhi		; h += K[i]
+	 xor	$a3,$a1,$a1		; Ch(e,f,g)
+
+	 add	$t0,$hlo,$hlo
+	shd	$ahi,$alo,$Sigma0[0],$t0
+	 addc	$t1,$hhi,$hhi		; h += Sigma1(e)
+	shd	$alo,$ahi,$Sigma0[0],$t1	
+	 add	$a0,$hlo,$hlo
+	shd	$ahi,$alo,$Sigma0[1],$t2
+	 addc	$a1,$hhi,$hhi		; h += Ch(e,f,g)
+	shd	$alo,$ahi,$Sigma0[1],$t3
+
+	xor	$t2,$t0,$t0
+	xor	$t3,$t1,$t1
+	shd	$ahi,$alo,$Sigma0[2],$t2
+	and	$alo,$blo,$a0
+	shd	$alo,$ahi,$Sigma0[2],$t3
+	and	$ahi,$bhi,$a1
+	xor	$t2,$t0,$t0
+	xor	$t3,$t1,$t1		; Sigma0(a)
+
+	and	$alo,$clo,$a2
+	and	$ahi,$chi,$a3
+	xor	$a2,$a0,$a0
+	 add	$hlo,$dlo,$dlo
+	xor	$a3,$a1,$a1
+	 addc	$hhi,$dhi,$dhi		; d += h
+	and	$blo,$clo,$a2
+	 add	$t0,$hlo,$hlo
+	and	$bhi,$chi,$a3
+	 addc	$t1,$hhi,$hhi		; h += Sigma0(a)
+	xor	$a2,$a0,$a0
+	 add	$a0,$hlo,$hlo
+	xor	$a3,$a1,$a1		; Maj(a,b,c)
+	 addc	$a1,$hhi,$hhi		; h += Maj(a,b,c)
+
+___
+$code.=<<___ if ($i==15 && $flag);
+	extru	$Xlo,31,10,$Xlo
+	comiclr,= $LAST10BITS,$Xlo,%r0
+	b	L\$rounds_pa1
+	nop
+___
+push(@X,shift(@X)); push(@X,shift(@X));
+}
+
+sub ROUND_16_xx_pa1 {
+my ($Xhi,$Xlo,$Xnhi,$Xnlo) = @X;
+my ($i)=shift;
+$i-=16;
+$code.=<<___;
+	ldw	`-$XOFF+8*(($i+1)%16)`(%sp),$Xnhi
+	ldw	`-$XOFF+8*(($i+1)%16)+4`(%sp),$Xnlo	; load X[i+1]
+	ldw	`-$XOFF+8*(($i+9)%16)`(%sp),$a1
+	ldw	`-$XOFF+8*(($i+9)%16)+4`(%sp),$a0	; load X[i+9]
+	ldw	`-$XOFF+8*(($i+14)%16)`(%sp),$a3
+	ldw	`-$XOFF+8*(($i+14)%16)+4`(%sp),$a2	; load X[i+14]
+	shd	$Xnhi,$Xnlo,$sigma0[0],$t0
+	shd	$Xnlo,$Xnhi,$sigma0[0],$t1
+	 add	$a0,$Xlo,$Xlo
+	shd	$Xnhi,$Xnlo,$sigma0[1],$t2
+	 addc	$a1,$Xhi,$Xhi
+	shd	$Xnlo,$Xnhi,$sigma0[1],$t3
+	xor	$t2,$t0,$t0
+	shd	$Xnhi,$Xnlo,$sigma0[2],$t2
+	xor	$t3,$t1,$t1
+	extru	$Xnhi,`31-$sigma0[2]`,`32-$sigma0[2]`,$t3
+	xor	$t2,$t0,$t0
+	 shd	$a3,$a2,$sigma1[0],$a0
+	xor	$t3,$t1,$t1		; sigma0(X[i+1)&0x0f])
+	 shd	$a2,$a3,$sigma1[0],$a1
+	add	$t0,$Xlo,$Xlo
+	 shd	$a3,$a2,$sigma1[1],$t2
+	addc	$t1,$Xhi,$Xhi
+	 shd	$a2,$a3,$sigma1[1],$t3
+	xor	$t2,$a0,$a0
+	shd	$a3,$a2,$sigma1[2],$t2
+	xor	$t3,$a1,$a1
+	extru	$a3,`31-$sigma1[2]`,`32-$sigma1[2]`,$t3
+	xor	$t2,$a0,$a0
+	xor	$t3,$a1,$a1		; sigma0(X[i+14)&0x0f])
+	add	$a0,$Xlo,$Xlo
+	addc	$a1,$Xhi,$Xhi
+
+	stw	$Xhi,`-$XOFF+8*($i%16)`(%sp)
+	stw	$Xlo,`-$XOFF+8*($i%16)+4`(%sp)
+___
+&ROUND_00_15_pa1($i,@_,1);
+}
+$code.=<<___;
+	ldw	`0*4`($ctx),$Ahi		; load context
+	ldw	`1*4`($ctx),$Alo
+	ldw	`2*4`($ctx),$Bhi
+	ldw	`3*4`($ctx),$Blo
+	ldw	`4*4`($ctx),$Chi
+	ldw	`5*4`($ctx),$Clo
+	ldw	`6*4`($ctx),$Dhi
+	ldw	`7*4`($ctx),$Dlo
+	ldw	`8*4`($ctx),$Ehi
+	ldw	`9*4`($ctx),$Elo
+	ldw	`10*4`($ctx),$Fhi
+	ldw	`11*4`($ctx),$Flo
+	ldw	`12*4`($ctx),$Ghi
+	ldw	`13*4`($ctx),$Glo
+	ldw	`14*4`($ctx),$Hhi
+	ldw	`15*4`($ctx),$Hlo
+
+	extru	$inp,31,2,$t0
+	sh3addl	$t0,%r0,$t0
+	subi	32,$t0,$t0
+	mtctl	$t0,%cr11		; load %sar with align factor
+
+L\$oop_pa1
+	extru	$inp,31,2,$a3
+	comib,=	0,$a3,L\$aligned_pa1
+	sub	$inp,$a3,$inp
+
+	ldw	`0*4`($inp),$X[0]
+	ldw	`1*4`($inp),$X[1]
+	ldw	`2*4`($inp),$t2
+	ldw	`3*4`($inp),$t3
+	ldw	`4*4`($inp),$a0
+	ldw	`5*4`($inp),$a1
+	ldw	`6*4`($inp),$a2
+	ldw	`7*4`($inp),$a3
+	vshd	$X[0],$X[1],$X[0]
+	vshd	$X[1],$t2,$X[1]
+	stw	$X[0],`-$XOFF+0*4`(%sp)
+	ldw	`8*4`($inp),$t0
+	vshd	$t2,$t3,$t2
+	stw	$X[1],`-$XOFF+1*4`(%sp)
+	ldw	`9*4`($inp),$t1
+	vshd	$t3,$a0,$t3
+___
+{
+my @t=($t2,$t3,$a0,$a1,$a2,$a3,$t0,$t1);
+for ($i=2;$i<=(128/4-8);$i++) {
+$code.=<<___;
+	stw	$t[0],`-$XOFF+$i*4`(%sp)
+	ldw	`(8+$i)*4`($inp),$t[0]
+	vshd	$t[1],$t[2],$t[1]
+___
+push(@t,shift(@t));
+}
+for (;$i<(128/4-1);$i++) {
+$code.=<<___;
+	stw	$t[0],`-$XOFF+$i*4`(%sp)
+	vshd	$t[1],$t[2],$t[1]
+___
+push(@t,shift(@t));
+}
+$code.=<<___;
+	b	L\$collected_pa1
+	stw	$t[0],`-$XOFF+$i*4`(%sp)
+
+___
+}
+$code.=<<___;
+L\$aligned_pa1
+	ldw	`0*4`($inp),$X[0]
+	ldw	`1*4`($inp),$X[1]
+	ldw	`2*4`($inp),$t2
+	ldw	`3*4`($inp),$t3
+	ldw	`4*4`($inp),$a0
+	ldw	`5*4`($inp),$a1
+	ldw	`6*4`($inp),$a2
+	ldw	`7*4`($inp),$a3
+	stw	$X[0],`-$XOFF+0*4`(%sp)
+	ldw	`8*4`($inp),$t0
+	stw	$X[1],`-$XOFF+1*4`(%sp)
+	ldw	`9*4`($inp),$t1
+___
+{
+my @t=($t2,$t3,$a0,$a1,$a2,$a3,$t0,$t1);
+for ($i=2;$i<(128/4-8);$i++) {
+$code.=<<___;
+	stw	$t[0],`-$XOFF+$i*4`(%sp)
+	ldw	`(8+$i)*4`($inp),$t[0]
+___
+push(@t,shift(@t));
+}
+for (;$i<128/4;$i++) {
+$code.=<<___;
+	stw	$t[0],`-$XOFF+$i*4`(%sp)
+___
+push(@t,shift(@t));
+}
+$code.="L\$collected_pa1\n";
+}
+
+for($i=0;$i<16;$i++)	{ &ROUND_00_15_pa1($i,@V); unshift(@V,pop(@V)); unshift(@V,pop(@V)); }
+$code.="L\$rounds_pa1\n";
+for(;$i<32;$i++)	{ &ROUND_16_xx_pa1($i,@V); unshift(@V,pop(@V)); unshift(@V,pop(@V)); }
+
+$code.=<<___;
+	$POP	`-$FRAME_MARKER-2*$SIZE_T`(%sp),$ctx	; restore arguments
+	$POP	`-$FRAME_MARKER-3*$SIZE_T`(%sp),$inp
+	$POP	`-$FRAME_MARKER-4*$SIZE_T`(%sp),$num
+	ldo	`-$rounds*$SZ`($Tbl),$Tbl		; rewind $Tbl
+
+	ldw	`0*4`($ctx),$t1		; update context
+	ldw	`1*4`($ctx),$t0
+	ldw	`2*4`($ctx),$t3
+	ldw	`3*4`($ctx),$t2
+	ldw	`4*4`($ctx),$a1
+	ldw	`5*4`($ctx),$a0
+	ldw	`6*4`($ctx),$a3
+	add	$t0,$Alo,$Alo
+	ldw	`7*4`($ctx),$a2
+	addc	$t1,$Ahi,$Ahi
+	ldw	`8*4`($ctx),$t1
+	add	$t2,$Blo,$Blo
+	ldw	`9*4`($ctx),$t0
+	addc	$t3,$Bhi,$Bhi
+	ldw	`10*4`($ctx),$t3
+	add	$a0,$Clo,$Clo
+	ldw	`11*4`($ctx),$t2
+	addc	$a1,$Chi,$Chi
+	ldw	`12*4`($ctx),$a1
+	add	$a2,$Dlo,$Dlo
+	ldw	`13*4`($ctx),$a0
+	addc	$a3,$Dhi,$Dhi
+	ldw	`14*4`($ctx),$a3
+	add	$t0,$Elo,$Elo
+	ldw	`15*4`($ctx),$a2
+	addc	$t1,$Ehi,$Ehi
+	stw	$Ahi,`0*4`($ctx)
+	add	$t2,$Flo,$Flo
+	stw	$Alo,`1*4`($ctx)
+	addc	$t3,$Fhi,$Fhi
+	stw	$Bhi,`2*4`($ctx)
+	add	$a0,$Glo,$Glo
+	stw	$Blo,`3*4`($ctx)
+	addc	$a1,$Ghi,$Ghi
+	stw	$Chi,`4*4`($ctx)
+	add	$a2,$Hlo,$Hlo
+	stw	$Clo,`5*4`($ctx)
+	addc	$a3,$Hhi,$Hhi
+	stw	$Dhi,`6*4`($ctx)
+	ldo	`16*$SZ`($inp),$inp	; advance $inp
+	stw	$Dlo,`7*4`($ctx)
+	stw	$Ehi,`8*4`($ctx)
+	stw	$Elo,`9*4`($ctx)
+	stw	$Fhi,`10*4`($ctx)
+	stw	$Flo,`11*4`($ctx)
+	stw	$Ghi,`12*4`($ctx)
+	stw	$Glo,`13*4`($ctx)
+	stw	$Hhi,`14*4`($ctx)
+	comb,=	$inp,$num,L\$done
+	stw	$Hlo,`15*4`($ctx)
+	b	L\$oop_pa1
+	$PUSH	$inp,`-$FRAME_MARKER-3*$SIZE_T`(%sp)	; save $inp
+L\$done
+___
+}}
+$code.=<<___;
+	$POP	`-$FRAME-$SAVED_RP`(%sp),%r2		; standard epilogue
+	$POP	`-$FRAME+1*$SIZE_T`(%sp),%r4
+	$POP	`-$FRAME+2*$SIZE_T`(%sp),%r5
+	$POP	`-$FRAME+3*$SIZE_T`(%sp),%r6
+	$POP	`-$FRAME+4*$SIZE_T`(%sp),%r7
+	$POP	`-$FRAME+5*$SIZE_T`(%sp),%r8
+	$POP	`-$FRAME+6*$SIZE_T`(%sp),%r9
+	$POP	`-$FRAME+7*$SIZE_T`(%sp),%r10
+	$POP	`-$FRAME+8*$SIZE_T`(%sp),%r11
+	$POP	`-$FRAME+9*$SIZE_T`(%sp),%r12
+	$POP	`-$FRAME+10*$SIZE_T`(%sp),%r13
+	$POP	`-$FRAME+11*$SIZE_T`(%sp),%r14
+	$POP	`-$FRAME+12*$SIZE_T`(%sp),%r15
+	$POP	`-$FRAME+13*$SIZE_T`(%sp),%r16
+	$POP	`-$FRAME+14*$SIZE_T`(%sp),%r17
+	$POP	`-$FRAME+15*$SIZE_T`(%sp),%r18
+	bv	(%r2)
+	.EXIT
+	$POPMB	-$FRAME(%sp),%r3
+	.PROCEND
+	.STRINGZ "SHA`64*$SZ` block transform for PA-RISC, CRYPTOGAMS by <appro\@openssl.org>"
+___
+
+# Explicitly encode PA-RISC 2.0 instructions used in this module, so
+# that it can be compiled with .LEVEL 1.0. It should be noted that I
+# wouldn't have to do this, if GNU assembler understood .ALLOW 2.0
+# directive...
+
+my $ldd = sub {
+  my ($mod,$args) = @_;
+  my $orig = "ldd$mod\t$args";
+
+    if ($args =~ /(\-?[0-9]+)\(%r([0-9]+)\),%r([0-9]+)/) # format 3 suffices
+    {	my $opcode=(0x14<<26)|($2<<21)|($3<<16)|(($1&0x1FF8)<<1)|(($1>>13)&1);
+	$opcode|=(1<<3) if ($mod =~ /^,m/);
+	$opcode|=(1<<2) if ($mod =~ /^,mb/);
+	sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig;
+    }
+    else { "\t".$orig; }
+};
+
+my $std = sub {
+  my ($mod,$args) = @_;
+  my $orig = "std$mod\t$args";
+
+    if ($args =~ /%r([0-9]+),(\-?[0-9]+)\(%r([0-9]+)\)/) # format 3 suffices
+    {	my $opcode=(0x1c<<26)|($3<<21)|($1<<16)|(($2&0x1FF8)<<1)|(($2>>13)&1);
+	sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig;
+    }
+    else { "\t".$orig; }
+};
+
+my $extrd = sub {
+  my ($mod,$args) = @_;
+  my $orig = "extrd$mod\t$args";
+
+    # I only have ",u" completer, it's implicitly encoded...
+    if ($args =~ /%r([0-9]+),([0-9]+),([0-9]+),%r([0-9]+)/)	# format 15
+    {	my $opcode=(0x36<<26)|($1<<21)|($4<<16);
+	my $len=32-$3;
+	$opcode |= (($2&0x20)<<6)|(($2&0x1f)<<5);		# encode pos
+	$opcode |= (($len&0x20)<<7)|($len&0x1f);		# encode len
+	sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig;
+    }
+    elsif ($args =~ /%r([0-9]+),%sar,([0-9]+),%r([0-9]+)/)	# format 12
+    {	my $opcode=(0x34<<26)|($1<<21)|($3<<16)|(2<<11)|(1<<9);
+	my $len=32-$2;
+	$opcode |= (($len&0x20)<<3)|($len&0x1f);		# encode len
+	$opcode |= (1<<13) if ($mod =~ /,\**=/);
+	sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig;
+    }
+    else { "\t".$orig; }
+};
+
+my $shrpd = sub {
+  my ($mod,$args) = @_;
+  my $orig = "shrpd$mod\t$args";
+
+    if ($args =~ /%r([0-9]+),%r([0-9]+),([0-9]+),%r([0-9]+)/)	# format 14
+    {	my $opcode=(0x34<<26)|($2<<21)|($1<<16)|(1<<10)|$4;
+	my $cpos=63-$3;
+	$opcode |= (($cpos&0x20)<<6)|(($cpos&0x1f)<<5);		# encode sa
+	sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig;
+    }
+    elsif ($args =~ /%r([0-9]+),%r([0-9]+),%sar,%r([0-9]+)/)	# format 11
+    {	sprintf "\t.WORD\t0x%08x\t; %s",
+		(0x34<<26)|($2<<21)|($1<<16)|(1<<9)|$3,$orig;
+    }
+    else { "\t".$orig; }
+};
+
+sub assemble {
+  my ($mnemonic,$mod,$args)=@_;
+  my $opcode = eval("\$$mnemonic");
+
+    ref($opcode) eq 'CODE' ? &$opcode($mod,$args) : "\t$mnemonic$mod\t$args";
+}
+
+foreach (split("\n",$code)) {
+	s/\`([^\`]*)\`/eval $1/ge;
+
+	s/shd\s+(%r[0-9]+),(%r[0-9]+),([0-9]+)/
+		$3>31 ? sprintf("shd\t%$2,%$1,%d",$3-32)	# rotation for >=32
+		:       sprintf("shd\t%$1,%$2,%d",$3)/e			or
+	# translate made up instructons: _ror, _shr, _align, _shl
+	s/_ror(\s+)(%r[0-9]+),/
+		($SZ==4 ? "shd" : "shrpd")."$1$2,$2,"/e			or
+
+	s/_shr(\s+%r[0-9]+),([0-9]+),/
+		$SZ==4 ? sprintf("extru%s,%d,%d,",$1,31-$2,32-$2)
+		:        sprintf("extrd,u%s,%d,%d,",$1,63-$2,64-$2)/e	or
+
+	s/_align(\s+%r[0-9]+,%r[0-9]+),/
+		($SZ==4 ? "vshd$1," : "shrpd$1,%sar,")/e		or
+
+	s/_shl(\s+%r[0-9]+),([0-9]+),/
+		$SIZE_T==4 ? sprintf("zdep%s,%d,%d,",$1,31-$2,32-$2)
+		:            sprintf("depd,z%s,%d,%d,",$1,63-$2,64-$2)/e;
+
+	s/^\s+([a-z]+)([\S]*)\s+([\S]*)/&assemble($1,$2,$3)/e if ($SIZE_T==4);
+
+	s/cmpb,\*/comb,/ if ($SIZE_T==4);
+
+	print $_,"\n";
+}
+
+close STDOUT;
diff --git a/crypto/sha/asm/sha512-ppc.pl b/crypto/sha/asm/sha512-ppc.pl
new file mode 100755
index 0000000000..768a6a6fad
--- /dev/null
+++ b/crypto/sha/asm/sha512-ppc.pl
@@ -0,0 +1,462 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# I let hardware handle unaligned input, except on page boundaries
+# (see below for details). Otherwise straightforward implementation
+# with X vector in register bank. The module is big-endian [which is
+# not big deal as there're no little-endian targets left around].
+
+#			sha256		|	sha512
+# 			-m64	-m32	|	-m64	-m32
+# --------------------------------------+-----------------------
+# PPC970,gcc-4.0.0	+50%	+38%	|	+40%	+410%(*)
+# Power6,xlc-7		+150%	+90%	|	+100%	+430%(*)
+#
+# (*)	64-bit code in 32-bit application context, which actually is
+#	on TODO list. It should be noted that for safe deployment in
+#	32-bit *mutli-threaded* context asyncronous signals should be
+#	blocked upon entry to SHA512 block routine. This is because
+#	32-bit signaling procedure invalidates upper halves of GPRs.
+#	Context switch procedure preserves them, but not signaling:-(
+
+# Second version is true multi-thread safe. Trouble with the original
+# version was that it was using thread local storage pointer register.
+# Well, it scrupulously preserved it, but the problem would arise the
+# moment asynchronous signal was delivered and signal handler would
+# dereference the TLS pointer. While it's never the case in openssl
+# application or test suite, we have to respect this scenario and not
+# use TLS pointer register. Alternative would be to require caller to
+# block signals prior calling this routine. For the record, in 32-bit
+# context R2 serves as TLS pointer, while in 64-bit context - R13.
+
+$flavour=shift;
+$output =shift;
+
+if ($flavour =~ /64/) {
+	$SIZE_T=8;
+	$STU="stdu";
+	$UCMP="cmpld";
+	$SHL="sldi";
+	$POP="ld";
+	$PUSH="std";
+} elsif ($flavour =~ /32/) {
+	$SIZE_T=4;
+	$STU="stwu";
+	$UCMP="cmplw";
+	$SHL="slwi";
+	$POP="lwz";
+	$PUSH="stw";
+} else { die "nonsense $flavour"; }
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+( $xlate="${dir}ppc-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}../../perlasm/ppc-xlate.pl" and -f $xlate) or
+die "can't locate ppc-xlate.pl";
+
+open STDOUT,"| $^X $xlate $flavour $output" || die "can't call $xlate: $!";
+
+if ($output =~ /512/) {
+	$func="sha512_block_data_order";
+	$SZ=8;
+	@Sigma0=(28,34,39);
+	@Sigma1=(14,18,41);
+	@sigma0=(1,  8, 7);
+	@sigma1=(19,61, 6);
+	$rounds=80;
+	$LD="ld";
+	$ST="std";
+	$ROR="rotrdi";
+	$SHR="srdi";
+} else {
+	$func="sha256_block_data_order";
+	$SZ=4;
+	@Sigma0=( 2,13,22);
+	@Sigma1=( 6,11,25);
+	@sigma0=( 7,18, 3);
+	@sigma1=(17,19,10);
+	$rounds=64;
+	$LD="lwz";
+	$ST="stw";
+	$ROR="rotrwi";
+	$SHR="srwi";
+}
+
+$FRAME=32*$SIZE_T;
+
+$sp ="r1";
+$toc="r2";
+$ctx="r3";	# zapped by $a0
+$inp="r4";	# zapped by $a1
+$num="r5";	# zapped by $t0
+
+$T  ="r0";
+$a0 ="r3";
+$a1 ="r4";
+$t0 ="r5";
+$t1 ="r6";
+$Tbl="r7";
+
+$A  ="r8";
+$B  ="r9";
+$C  ="r10";
+$D  ="r11";
+$E  ="r12";
+$F  ="r13";	$F="r2" if ($SIZE_T==8);# reassigned to exempt TLS pointer
+$G  ="r14";
+$H  ="r15";
+
+@V=($A,$B,$C,$D,$E,$F,$G,$H);
+@X=("r16","r17","r18","r19","r20","r21","r22","r23",
+    "r24","r25","r26","r27","r28","r29","r30","r31");
+
+$inp="r31";	# reassigned $inp! aliases with @X[15]
+
+sub ROUND_00_15 {
+my ($i,$a,$b,$c,$d,$e,$f,$g,$h)=@_;
+$code.=<<___;
+	$LD	$T,`$i*$SZ`($Tbl)
+	$ROR	$a0,$e,$Sigma1[0]
+	$ROR	$a1,$e,$Sigma1[1]
+	and	$t0,$f,$e
+	andc	$t1,$g,$e
+	add	$T,$T,$h
+	xor	$a0,$a0,$a1
+	$ROR	$a1,$a1,`$Sigma1[2]-$Sigma1[1]`
+	or	$t0,$t0,$t1		; Ch(e,f,g)
+	add	$T,$T,@X[$i]
+	xor	$a0,$a0,$a1		; Sigma1(e)
+	add	$T,$T,$t0
+	add	$T,$T,$a0
+
+	$ROR	$a0,$a,$Sigma0[0]
+	$ROR	$a1,$a,$Sigma0[1]
+	and	$t0,$a,$b
+	and	$t1,$a,$c
+	xor	$a0,$a0,$a1
+	$ROR	$a1,$a1,`$Sigma0[2]-$Sigma0[1]`
+	xor	$t0,$t0,$t1
+	and	$t1,$b,$c
+	xor	$a0,$a0,$a1		; Sigma0(a)
+	add	$d,$d,$T
+	xor	$t0,$t0,$t1		; Maj(a,b,c)
+	add	$h,$T,$a0
+	add	$h,$h,$t0
+
+___
+}
+
+sub ROUND_16_xx {
+my ($i,$a,$b,$c,$d,$e,$f,$g,$h)=@_;
+$i-=16;
+$code.=<<___;
+	$ROR	$a0,@X[($i+1)%16],$sigma0[0]
+	$ROR	$a1,@X[($i+1)%16],$sigma0[1]
+	$ROR	$t0,@X[($i+14)%16],$sigma1[0]
+	$ROR	$t1,@X[($i+14)%16],$sigma1[1]
+	xor	$a0,$a0,$a1
+	$SHR	$a1,@X[($i+1)%16],$sigma0[2]
+	xor	$t0,$t0,$t1
+	$SHR	$t1,@X[($i+14)%16],$sigma1[2]
+	add	@X[$i],@X[$i],@X[($i+9)%16]
+	xor	$a0,$a0,$a1		; sigma0(X[(i+1)&0x0f])
+	xor	$t0,$t0,$t1		; sigma1(X[(i+14)&0x0f])
+	add	@X[$i],@X[$i],$a0
+	add	@X[$i],@X[$i],$t0
+___
+&ROUND_00_15($i,$a,$b,$c,$d,$e,$f,$g,$h);
+}
+
+$code=<<___;
+.machine	"any"
+.text
+
+.globl	$func
+.align	6
+$func:
+	mflr	r0
+	$STU	$sp,`-($FRAME+16*$SZ)`($sp)
+	$SHL	$num,$num,`log(16*$SZ)/log(2)`
+
+	$PUSH	$ctx,`$FRAME-$SIZE_T*22`($sp)
+
+	$PUSH	r0,`$FRAME-$SIZE_T*21`($sp)
+	$PUSH	$toc,`$FRAME-$SIZE_T*20`($sp)
+	$PUSH	r13,`$FRAME-$SIZE_T*19`($sp)
+	$PUSH	r14,`$FRAME-$SIZE_T*18`($sp)
+	$PUSH	r15,`$FRAME-$SIZE_T*17`($sp)
+	$PUSH	r16,`$FRAME-$SIZE_T*16`($sp)
+	$PUSH	r17,`$FRAME-$SIZE_T*15`($sp)
+	$PUSH	r18,`$FRAME-$SIZE_T*14`($sp)
+	$PUSH	r19,`$FRAME-$SIZE_T*13`($sp)
+	$PUSH	r20,`$FRAME-$SIZE_T*12`($sp)
+	$PUSH	r21,`$FRAME-$SIZE_T*11`($sp)
+	$PUSH	r22,`$FRAME-$SIZE_T*10`($sp)
+	$PUSH	r23,`$FRAME-$SIZE_T*9`($sp)
+	$PUSH	r24,`$FRAME-$SIZE_T*8`($sp)
+	$PUSH	r25,`$FRAME-$SIZE_T*7`($sp)
+	$PUSH	r26,`$FRAME-$SIZE_T*6`($sp)
+	$PUSH	r27,`$FRAME-$SIZE_T*5`($sp)
+	$PUSH	r28,`$FRAME-$SIZE_T*4`($sp)
+	$PUSH	r29,`$FRAME-$SIZE_T*3`($sp)
+	$PUSH	r30,`$FRAME-$SIZE_T*2`($sp)
+	$PUSH	r31,`$FRAME-$SIZE_T*1`($sp)
+
+	$LD	$A,`0*$SZ`($ctx)
+	mr	$inp,r4				; incarnate $inp
+	$LD	$B,`1*$SZ`($ctx)
+	$LD	$C,`2*$SZ`($ctx)
+	$LD	$D,`3*$SZ`($ctx)
+	$LD	$E,`4*$SZ`($ctx)
+	$LD	$F,`5*$SZ`($ctx)
+	$LD	$G,`6*$SZ`($ctx)
+	$LD	$H,`7*$SZ`($ctx)
+
+	b	LPICmeup
+LPICedup:
+	andi.	r0,$inp,3
+	bne	Lunaligned
+Laligned:
+	add	$num,$inp,$num
+	$PUSH	$num,`$FRAME-$SIZE_T*24`($sp)	; end pointer
+	$PUSH	$inp,`$FRAME-$SIZE_T*23`($sp)	; inp pointer
+	bl	Lsha2_block_private
+Ldone:
+	$POP	r0,`$FRAME-$SIZE_T*21`($sp)
+	$POP	$toc,`$FRAME-$SIZE_T*20`($sp)
+	$POP	r13,`$FRAME-$SIZE_T*19`($sp)
+	$POP	r14,`$FRAME-$SIZE_T*18`($sp)
+	$POP	r15,`$FRAME-$SIZE_T*17`($sp)
+	$POP	r16,`$FRAME-$SIZE_T*16`($sp)
+	$POP	r17,`$FRAME-$SIZE_T*15`($sp)
+	$POP	r18,`$FRAME-$SIZE_T*14`($sp)
+	$POP	r19,`$FRAME-$SIZE_T*13`($sp)
+	$POP	r20,`$FRAME-$SIZE_T*12`($sp)
+	$POP	r21,`$FRAME-$SIZE_T*11`($sp)
+	$POP	r22,`$FRAME-$SIZE_T*10`($sp)
+	$POP	r23,`$FRAME-$SIZE_T*9`($sp)
+	$POP	r24,`$FRAME-$SIZE_T*8`($sp)
+	$POP	r25,`$FRAME-$SIZE_T*7`($sp)
+	$POP	r26,`$FRAME-$SIZE_T*6`($sp)
+	$POP	r27,`$FRAME-$SIZE_T*5`($sp)
+	$POP	r28,`$FRAME-$SIZE_T*4`($sp)
+	$POP	r29,`$FRAME-$SIZE_T*3`($sp)
+	$POP	r30,`$FRAME-$SIZE_T*2`($sp)
+	$POP	r31,`$FRAME-$SIZE_T*1`($sp)
+	mtlr	r0
+	addi	$sp,$sp,`$FRAME+16*$SZ`
+	blr
+___
+
+# PowerPC specification allows an implementation to be ill-behaved
+# upon unaligned access which crosses page boundary. "Better safe
+# than sorry" principle makes me treat it specially. But I don't
+# look for particular offending word, but rather for the input
+# block which crosses the boundary. Once found that block is aligned
+# and hashed separately...
+$code.=<<___;
+.align	4
+Lunaligned:
+	subfic	$t1,$inp,4096
+	andi.	$t1,$t1,`4096-16*$SZ`	; distance to closest page boundary
+	beq	Lcross_page
+	$UCMP	$num,$t1
+	ble-	Laligned		; didn't cross the page boundary
+	subfc	$num,$t1,$num
+	add	$t1,$inp,$t1
+	$PUSH	$num,`$FRAME-$SIZE_T*25`($sp)	; save real remaining num
+	$PUSH	$t1,`$FRAME-$SIZE_T*24`($sp)	; intermediate end pointer
+	$PUSH	$inp,`$FRAME-$SIZE_T*23`($sp)	; inp pointer
+	bl	Lsha2_block_private
+	; $inp equals to the intermediate end pointer here
+	$POP	$num,`$FRAME-$SIZE_T*25`($sp)	; restore real remaining num
+Lcross_page:
+	li	$t1,`16*$SZ/4`
+	mtctr	$t1
+	addi	r20,$sp,$FRAME			; aligned spot below the frame
+Lmemcpy:
+	lbz	r16,0($inp)
+	lbz	r17,1($inp)
+	lbz	r18,2($inp)
+	lbz	r19,3($inp)
+	addi	$inp,$inp,4
+	stb	r16,0(r20)
+	stb	r17,1(r20)
+	stb	r18,2(r20)
+	stb	r19,3(r20)
+	addi	r20,r20,4
+	bdnz	Lmemcpy
+
+	$PUSH	$inp,`$FRAME-$SIZE_T*26`($sp)	; save real inp
+	addi	$t1,$sp,`$FRAME+16*$SZ`		; fictitious end pointer
+	addi	$inp,$sp,$FRAME			; fictitious inp pointer
+	$PUSH	$num,`$FRAME-$SIZE_T*25`($sp)	; save real num
+	$PUSH	$t1,`$FRAME-$SIZE_T*24`($sp)	; end pointer
+	$PUSH	$inp,`$FRAME-$SIZE_T*23`($sp)	; inp pointer
+	bl	Lsha2_block_private
+	$POP	$inp,`$FRAME-$SIZE_T*26`($sp)	; restore real inp
+	$POP	$num,`$FRAME-$SIZE_T*25`($sp)	; restore real num
+	addic.	$num,$num,`-16*$SZ`		; num--
+	bne-	Lunaligned
+	b	Ldone
+___
+
+$code.=<<___;
+.align	4
+Lsha2_block_private:
+___
+for($i=0;$i<16;$i++) {
+$code.=<<___ if ($SZ==4);
+	lwz	@X[$i],`$i*$SZ`($inp)
+___
+# 64-bit loads are split to 2x32-bit ones, as CPU can't handle
+# unaligned 64-bit loads, only 32-bit ones...
+$code.=<<___ if ($SZ==8);
+	lwz	$t0,`$i*$SZ`($inp)
+	lwz	@X[$i],`$i*$SZ+4`($inp)
+	insrdi	@X[$i],$t0,32,0
+___
+	&ROUND_00_15($i,@V);
+	unshift(@V,pop(@V));
+}
+$code.=<<___;
+	li	$T,`$rounds/16-1`
+	mtctr	$T
+.align	4
+Lrounds:
+	addi	$Tbl,$Tbl,`16*$SZ`
+___
+for(;$i<32;$i++) {
+	&ROUND_16_xx($i,@V);
+	unshift(@V,pop(@V));
+}
+$code.=<<___;
+	bdnz-	Lrounds
+
+	$POP	$ctx,`$FRAME-$SIZE_T*22`($sp)
+	$POP	$inp,`$FRAME-$SIZE_T*23`($sp)	; inp pointer
+	$POP	$num,`$FRAME-$SIZE_T*24`($sp)	; end pointer
+	subi	$Tbl,$Tbl,`($rounds-16)*$SZ`	; rewind Tbl
+
+	$LD	r16,`0*$SZ`($ctx)
+	$LD	r17,`1*$SZ`($ctx)
+	$LD	r18,`2*$SZ`($ctx)
+	$LD	r19,`3*$SZ`($ctx)
+	$LD	r20,`4*$SZ`($ctx)
+	$LD	r21,`5*$SZ`($ctx)
+	$LD	r22,`6*$SZ`($ctx)
+	addi	$inp,$inp,`16*$SZ`		; advance inp
+	$LD	r23,`7*$SZ`($ctx)
+	add	$A,$A,r16
+	add	$B,$B,r17
+	$PUSH	$inp,`$FRAME-$SIZE_T*23`($sp)
+	add	$C,$C,r18
+	$ST	$A,`0*$SZ`($ctx)
+	add	$D,$D,r19
+	$ST	$B,`1*$SZ`($ctx)
+	add	$E,$E,r20
+	$ST	$C,`2*$SZ`($ctx)
+	add	$F,$F,r21
+	$ST	$D,`3*$SZ`($ctx)
+	add	$G,$G,r22
+	$ST	$E,`4*$SZ`($ctx)
+	add	$H,$H,r23
+	$ST	$F,`5*$SZ`($ctx)
+	$ST	$G,`6*$SZ`($ctx)
+	$UCMP	$inp,$num
+	$ST	$H,`7*$SZ`($ctx)
+	bne	Lsha2_block_private
+	blr
+___
+
+# Ugly hack here, because PPC assembler syntax seem to vary too
+# much from platforms to platform...
+$code.=<<___;
+.align	6
+LPICmeup:
+	bl	LPIC
+	addi	$Tbl,$Tbl,`64-4`	; "distance" between . and last nop
+	b	LPICedup
+	nop
+	nop
+	nop
+	nop
+	nop
+LPIC:	mflr	$Tbl
+	blr
+	nop
+	nop
+	nop
+	nop
+	nop
+	nop
+___
+$code.=<<___ if ($SZ==8);
+	.long	0x428a2f98,0xd728ae22,0x71374491,0x23ef65cd
+	.long	0xb5c0fbcf,0xec4d3b2f,0xe9b5dba5,0x8189dbbc
+	.long	0x3956c25b,0xf348b538,0x59f111f1,0xb605d019
+	.long	0x923f82a4,0xaf194f9b,0xab1c5ed5,0xda6d8118
+	.long	0xd807aa98,0xa3030242,0x12835b01,0x45706fbe
+	.long	0x243185be,0x4ee4b28c,0x550c7dc3,0xd5ffb4e2
+	.long	0x72be5d74,0xf27b896f,0x80deb1fe,0x3b1696b1
+	.long	0x9bdc06a7,0x25c71235,0xc19bf174,0xcf692694
+	.long	0xe49b69c1,0x9ef14ad2,0xefbe4786,0x384f25e3
+	.long	0x0fc19dc6,0x8b8cd5b5,0x240ca1cc,0x77ac9c65
+	.long	0x2de92c6f,0x592b0275,0x4a7484aa,0x6ea6e483
+	.long	0x5cb0a9dc,0xbd41fbd4,0x76f988da,0x831153b5
+	.long	0x983e5152,0xee66dfab,0xa831c66d,0x2db43210
+	.long	0xb00327c8,0x98fb213f,0xbf597fc7,0xbeef0ee4
+	.long	0xc6e00bf3,0x3da88fc2,0xd5a79147,0x930aa725
+	.long	0x06ca6351,0xe003826f,0x14292967,0x0a0e6e70
+	.long	0x27b70a85,0x46d22ffc,0x2e1b2138,0x5c26c926
+	.long	0x4d2c6dfc,0x5ac42aed,0x53380d13,0x9d95b3df
+	.long	0x650a7354,0x8baf63de,0x766a0abb,0x3c77b2a8
+	.long	0x81c2c92e,0x47edaee6,0x92722c85,0x1482353b
+	.long	0xa2bfe8a1,0x4cf10364,0xa81a664b,0xbc423001
+	.long	0xc24b8b70,0xd0f89791,0xc76c51a3,0x0654be30
+	.long	0xd192e819,0xd6ef5218,0xd6990624,0x5565a910
+	.long	0xf40e3585,0x5771202a,0x106aa070,0x32bbd1b8
+	.long	0x19a4c116,0xb8d2d0c8,0x1e376c08,0x5141ab53
+	.long	0x2748774c,0xdf8eeb99,0x34b0bcb5,0xe19b48a8
+	.long	0x391c0cb3,0xc5c95a63,0x4ed8aa4a,0xe3418acb
+	.long	0x5b9cca4f,0x7763e373,0x682e6ff3,0xd6b2b8a3
+	.long	0x748f82ee,0x5defb2fc,0x78a5636f,0x43172f60
+	.long	0x84c87814,0xa1f0ab72,0x8cc70208,0x1a6439ec
+	.long	0x90befffa,0x23631e28,0xa4506ceb,0xde82bde9
+	.long	0xbef9a3f7,0xb2c67915,0xc67178f2,0xe372532b
+	.long	0xca273ece,0xea26619c,0xd186b8c7,0x21c0c207
+	.long	0xeada7dd6,0xcde0eb1e,0xf57d4f7f,0xee6ed178
+	.long	0x06f067aa,0x72176fba,0x0a637dc5,0xa2c898a6
+	.long	0x113f9804,0xbef90dae,0x1b710b35,0x131c471b
+	.long	0x28db77f5,0x23047d84,0x32caab7b,0x40c72493
+	.long	0x3c9ebe0a,0x15c9bebc,0x431d67c4,0x9c100d4c
+	.long	0x4cc5d4be,0xcb3e42b6,0x597f299c,0xfc657e2a
+	.long	0x5fcb6fab,0x3ad6faec,0x6c44198c,0x4a475817
+___
+$code.=<<___ if ($SZ==4);
+	.long	0x428a2f98,0x71374491,0xb5c0fbcf,0xe9b5dba5
+	.long	0x3956c25b,0x59f111f1,0x923f82a4,0xab1c5ed5
+	.long	0xd807aa98,0x12835b01,0x243185be,0x550c7dc3
+	.long	0x72be5d74,0x80deb1fe,0x9bdc06a7,0xc19bf174
+	.long	0xe49b69c1,0xefbe4786,0x0fc19dc6,0x240ca1cc
+	.long	0x2de92c6f,0x4a7484aa,0x5cb0a9dc,0x76f988da
+	.long	0x983e5152,0xa831c66d,0xb00327c8,0xbf597fc7
+	.long	0xc6e00bf3,0xd5a79147,0x06ca6351,0x14292967
+	.long	0x27b70a85,0x2e1b2138,0x4d2c6dfc,0x53380d13
+	.long	0x650a7354,0x766a0abb,0x81c2c92e,0x92722c85
+	.long	0xa2bfe8a1,0xa81a664b,0xc24b8b70,0xc76c51a3
+	.long	0xd192e819,0xd6990624,0xf40e3585,0x106aa070
+	.long	0x19a4c116,0x1e376c08,0x2748774c,0x34b0bcb5
+	.long	0x391c0cb3,0x4ed8aa4a,0x5b9cca4f,0x682e6ff3
+	.long	0x748f82ee,0x78a5636f,0x84c87814,0x8cc70208
+	.long	0x90befffa,0xa4506ceb,0xbef9a3f7,0xc67178f2
+___
+
+$code =~ s/\`([^\`]*)\`/eval $1/gem;
+print $code;
+close STDOUT;
diff --git a/crypto/sha/asm/sha512-s390x.pl b/crypto/sha/asm/sha512-s390x.pl
new file mode 100644
index 0000000000..e7ef2d5a9f
--- /dev/null
+++ b/crypto/sha/asm/sha512-s390x.pl
@@ -0,0 +1,301 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# SHA256/512 block procedures for s390x.
+
+# April 2007.
+#
+# sha256_block_data_order is reportedly >3 times faster than gcc 3.3
+# generated code (must be a bug in compiler, as improvement is
+# "pathologically" high, in particular in comparison to other SHA
+# modules). But the real twist is that it detects if hardware support
+# for SHA256 is available and in such case utilizes it. Then the
+# performance can reach >6.5x of assembler one for larger chunks.
+#
+# sha512_block_data_order is ~70% faster than gcc 3.3 generated code.
+
+# January 2009.
+#
+# Add support for hardware SHA512 and reschedule instructions to
+# favour dual-issue z10 pipeline. Hardware SHA256/512 is ~4.7x faster
+# than software.
+
+$t0="%r0";
+$t1="%r1";
+$ctx="%r2";	$t2="%r2";
+$inp="%r3";
+$len="%r4";	# used as index in inner loop
+
+$A="%r5";
+$B="%r6";
+$C="%r7";
+$D="%r8";
+$E="%r9";
+$F="%r10";
+$G="%r11";
+$H="%r12";	@V=($A,$B,$C,$D,$E,$F,$G,$H);
+$tbl="%r13";
+$T1="%r14";
+$sp="%r15";
+
+$output=shift;
+open STDOUT,">$output";
+
+if ($output =~ /512/) {
+	$label="512";
+	$SZ=8;
+	$LD="lg";	# load from memory
+	$ST="stg";	# store to memory
+	$ADD="alg";	# add with memory operand
+	$ROT="rllg";	# rotate left
+	$SHR="srlg";	# logical right shift [see even at the end]
+	@Sigma0=(25,30,36);
+	@Sigma1=(23,46,50);
+	@sigma0=(56,63, 7);
+	@sigma1=( 3,45, 6);
+	$rounds=80;
+	$kimdfunc=3;	# 0 means unknown/unsupported/unimplemented/disabled
+} else {
+	$label="256";
+	$SZ=4;
+	$LD="llgf";	# load from memory
+	$ST="st";	# store to memory
+	$ADD="al";	# add with memory operand
+	$ROT="rll";	# rotate left
+	$SHR="srl";	# logical right shift
+	@Sigma0=(10,19,30);
+	@Sigma1=( 7,21,26);
+	@sigma0=(14,25, 3);
+	@sigma1=(13,15,10);
+	$rounds=64;
+	$kimdfunc=2;	# magic function code for kimd instruction
+}
+$Func="sha${label}_block_data_order";
+$Table="K${label}";
+$frame=160+16*$SZ;
+
+sub BODY_00_15 {
+my ($i,$a,$b,$c,$d,$e,$f,$g,$h) = @_;
+
+$code.=<<___ if ($i<16);
+	$LD	$T1,`$i*$SZ`($inp)	### $i
+___
+$code.=<<___;
+	$ROT	$t0,$e,$Sigma1[0]
+	$ROT	$t1,$e,$Sigma1[1]
+	 lgr	$t2,$f
+	xgr	$t0,$t1
+	$ROT	$t1,$t1,`$Sigma1[2]-$Sigma1[1]`
+	 xgr	$t2,$g
+	$ST	$T1,`160+$SZ*($i%16)`($sp)
+	xgr	$t0,$t1			# Sigma1(e)
+	la	$T1,0($T1,$h)		# T1+=h
+	 ngr	$t2,$e
+	 lgr	$t1,$a
+	algr	$T1,$t0			# T1+=Sigma1(e)
+	$ROT	$h,$a,$Sigma0[0]
+	 xgr	$t2,$g			# Ch(e,f,g)
+	$ADD	$T1,`$i*$SZ`($len,$tbl)	# T1+=K[i]
+	$ROT	$t0,$a,$Sigma0[1]
+	algr	$T1,$t2			# T1+=Ch(e,f,g)
+	 ogr	$t1,$b
+	xgr	$h,$t0
+	 lgr	$t2,$a
+	 ngr	$t1,$c
+	$ROT	$t0,$t0,`$Sigma0[2]-$Sigma0[1]`
+	xgr	$h,$t0			# h=Sigma0(a)
+	 ngr	$t2,$b
+	algr	$h,$T1			# h+=T1
+	 ogr	$t2,$t1			# Maj(a,b,c)
+	la	$d,0($d,$T1)		# d+=T1
+	algr	$h,$t2			# h+=Maj(a,b,c)
+___
+}
+
+sub BODY_16_XX {
+my ($i,$a,$b,$c,$d,$e,$f,$g,$h) = @_;
+
+$code.=<<___;
+	$LD	$T1,`160+$SZ*(($i+1)%16)`($sp)	### $i
+	$LD	$t1,`160+$SZ*(($i+14)%16)`($sp)
+	$ROT	$t0,$T1,$sigma0[0]
+	$SHR	$T1,$sigma0[2]
+	$ROT	$t2,$t0,`$sigma0[1]-$sigma0[0]`
+	xgr	$T1,$t0
+	$ROT	$t0,$t1,$sigma1[0]
+	xgr	$T1,$t2				# sigma0(X[i+1])
+	$SHR	$t1,$sigma1[2]
+	$ADD	$T1,`160+$SZ*($i%16)`($sp)	# +=X[i]
+	xgr	$t1,$t0
+	$ROT	$t0,$t0,`$sigma1[1]-$sigma1[0]`
+	$ADD	$T1,`160+$SZ*(($i+9)%16)`($sp)	# +=X[i+9]
+	xgr	$t1,$t0				# sigma1(X[i+14])
+	algr	$T1,$t1				# +=sigma1(X[i+14])
+___
+	&BODY_00_15(@_);
+}
+
+$code.=<<___;
+.text
+.align	64
+.type	$Table,\@object
+$Table:
+___
+$code.=<<___ if ($SZ==4);
+	.long	0x428a2f98,0x71374491,0xb5c0fbcf,0xe9b5dba5
+	.long	0x3956c25b,0x59f111f1,0x923f82a4,0xab1c5ed5
+	.long	0xd807aa98,0x12835b01,0x243185be,0x550c7dc3
+	.long	0x72be5d74,0x80deb1fe,0x9bdc06a7,0xc19bf174
+	.long	0xe49b69c1,0xefbe4786,0x0fc19dc6,0x240ca1cc
+	.long	0x2de92c6f,0x4a7484aa,0x5cb0a9dc,0x76f988da
+	.long	0x983e5152,0xa831c66d,0xb00327c8,0xbf597fc7
+	.long	0xc6e00bf3,0xd5a79147,0x06ca6351,0x14292967
+	.long	0x27b70a85,0x2e1b2138,0x4d2c6dfc,0x53380d13
+	.long	0x650a7354,0x766a0abb,0x81c2c92e,0x92722c85
+	.long	0xa2bfe8a1,0xa81a664b,0xc24b8b70,0xc76c51a3
+	.long	0xd192e819,0xd6990624,0xf40e3585,0x106aa070
+	.long	0x19a4c116,0x1e376c08,0x2748774c,0x34b0bcb5
+	.long	0x391c0cb3,0x4ed8aa4a,0x5b9cca4f,0x682e6ff3
+	.long	0x748f82ee,0x78a5636f,0x84c87814,0x8cc70208
+	.long	0x90befffa,0xa4506ceb,0xbef9a3f7,0xc67178f2
+___
+$code.=<<___ if ($SZ==8);
+	.quad	0x428a2f98d728ae22,0x7137449123ef65cd
+	.quad	0xb5c0fbcfec4d3b2f,0xe9b5dba58189dbbc
+	.quad	0x3956c25bf348b538,0x59f111f1b605d019
+	.quad	0x923f82a4af194f9b,0xab1c5ed5da6d8118
+	.quad	0xd807aa98a3030242,0x12835b0145706fbe
+	.quad	0x243185be4ee4b28c,0x550c7dc3d5ffb4e2
+	.quad	0x72be5d74f27b896f,0x80deb1fe3b1696b1
+	.quad	0x9bdc06a725c71235,0xc19bf174cf692694
+	.quad	0xe49b69c19ef14ad2,0xefbe4786384f25e3
+	.quad	0x0fc19dc68b8cd5b5,0x240ca1cc77ac9c65
+	.quad	0x2de92c6f592b0275,0x4a7484aa6ea6e483
+	.quad	0x5cb0a9dcbd41fbd4,0x76f988da831153b5
+	.quad	0x983e5152ee66dfab,0xa831c66d2db43210
+	.quad	0xb00327c898fb213f,0xbf597fc7beef0ee4
+	.quad	0xc6e00bf33da88fc2,0xd5a79147930aa725
+	.quad	0x06ca6351e003826f,0x142929670a0e6e70
+	.quad	0x27b70a8546d22ffc,0x2e1b21385c26c926
+	.quad	0x4d2c6dfc5ac42aed,0x53380d139d95b3df
+	.quad	0x650a73548baf63de,0x766a0abb3c77b2a8
+	.quad	0x81c2c92e47edaee6,0x92722c851482353b
+	.quad	0xa2bfe8a14cf10364,0xa81a664bbc423001
+	.quad	0xc24b8b70d0f89791,0xc76c51a30654be30
+	.quad	0xd192e819d6ef5218,0xd69906245565a910
+	.quad	0xf40e35855771202a,0x106aa07032bbd1b8
+	.quad	0x19a4c116b8d2d0c8,0x1e376c085141ab53
+	.quad	0x2748774cdf8eeb99,0x34b0bcb5e19b48a8
+	.quad	0x391c0cb3c5c95a63,0x4ed8aa4ae3418acb
+	.quad	0x5b9cca4f7763e373,0x682e6ff3d6b2b8a3
+	.quad	0x748f82ee5defb2fc,0x78a5636f43172f60
+	.quad	0x84c87814a1f0ab72,0x8cc702081a6439ec
+	.quad	0x90befffa23631e28,0xa4506cebde82bde9
+	.quad	0xbef9a3f7b2c67915,0xc67178f2e372532b
+	.quad	0xca273eceea26619c,0xd186b8c721c0c207
+	.quad	0xeada7dd6cde0eb1e,0xf57d4f7fee6ed178
+	.quad	0x06f067aa72176fba,0x0a637dc5a2c898a6
+	.quad	0x113f9804bef90dae,0x1b710b35131c471b
+	.quad	0x28db77f523047d84,0x32caab7b40c72493
+	.quad	0x3c9ebe0a15c9bebc,0x431d67c49c100d4c
+	.quad	0x4cc5d4becb3e42b6,0x597f299cfc657e2a
+	.quad	0x5fcb6fab3ad6faec,0x6c44198c4a475817
+___
+$code.=<<___;
+.size	$Table,.-$Table
+.globl	$Func
+.type	$Func,\@function
+$Func:
+___
+$code.=<<___ if ($kimdfunc);
+	larl	%r1,OPENSSL_s390xcap_P
+	lg	%r0,0(%r1)
+	tmhl	%r0,0x4000	# check for message-security assist
+	jz	.Lsoftware
+	lghi	%r0,0
+	la	%r1,16($sp)
+	.long	0xb93e0002	# kimd %r0,%r2
+	lg	%r0,16($sp)
+	tmhh	%r0,`0x8000>>$kimdfunc`
+	jz	.Lsoftware
+	lghi	%r0,$kimdfunc
+	lgr	%r1,$ctx
+	lgr	%r2,$inp
+	sllg	%r3,$len,`log(16*$SZ)/log(2)`
+	.long	0xb93e0002	# kimd %r0,%r2
+	brc	1,.-4		# pay attention to "partial completion"
+	br	%r14
+.align	16
+.Lsoftware:
+___
+$code.=<<___;
+	sllg	$len,$len,`log(16*$SZ)/log(2)`
+	lghi	%r1,-$frame
+	agr	$len,$inp
+	stmg	$ctx,%r15,16($sp)
+	lgr	%r0,$sp
+	la	$sp,0(%r1,$sp)
+	stg	%r0,0($sp)
+
+	larl	$tbl,$Table
+	$LD	$A,`0*$SZ`($ctx)
+	$LD	$B,`1*$SZ`($ctx)
+	$LD	$C,`2*$SZ`($ctx)
+	$LD	$D,`3*$SZ`($ctx)
+	$LD	$E,`4*$SZ`($ctx)
+	$LD	$F,`5*$SZ`($ctx)
+	$LD	$G,`6*$SZ`($ctx)
+	$LD	$H,`7*$SZ`($ctx)
+
+.Lloop:
+	lghi	$len,0
+___
+for ($i=0;$i<16;$i++)	{ &BODY_00_15($i,@V); unshift(@V,pop(@V)); }
+$code.=".Lrounds_16_xx:\n";
+for (;$i<32;$i++)	{ &BODY_16_XX($i,@V); unshift(@V,pop(@V)); }
+$code.=<<___;
+	aghi	$len,`16*$SZ`
+	lghi	$t0,`($rounds-16)*$SZ`
+	clgr	$len,$t0
+	jne	.Lrounds_16_xx
+
+	lg	$ctx,`$frame+16`($sp)
+	la	$inp,`16*$SZ`($inp)
+	$ADD	$A,`0*$SZ`($ctx)
+	$ADD	$B,`1*$SZ`($ctx)
+	$ADD	$C,`2*$SZ`($ctx)
+	$ADD	$D,`3*$SZ`($ctx)
+	$ADD	$E,`4*$SZ`($ctx)
+	$ADD	$F,`5*$SZ`($ctx)
+	$ADD	$G,`6*$SZ`($ctx)
+	$ADD	$H,`7*$SZ`($ctx)
+	$ST	$A,`0*$SZ`($ctx)
+	$ST	$B,`1*$SZ`($ctx)
+	$ST	$C,`2*$SZ`($ctx)
+	$ST	$D,`3*$SZ`($ctx)
+	$ST	$E,`4*$SZ`($ctx)
+	$ST	$F,`5*$SZ`($ctx)
+	$ST	$G,`6*$SZ`($ctx)
+	$ST	$H,`7*$SZ`($ctx)
+	clg	$inp,`$frame+32`($sp)
+	jne	.Lloop
+
+	lmg	%r6,%r15,`$frame+48`($sp)	
+	br	%r14
+.size	$Func,.-$Func
+.string	"SHA${label} block transform for s390x, CRYPTOGAMS by <appro\@openssl.org>"
+.comm	OPENSSL_s390xcap_P,8,8
+___
+
+$code =~ s/\`([^\`]*)\`/eval $1/gem;
+# unlike 32-bit shift 64-bit one takes three arguments
+$code =~ s/(srlg\s+)(%r[0-9]+),/$1$2,$2,/gm;
+
+print $code;
+close STDOUT;
diff --git a/crypto/sha/asm/sha512-sparcv9.pl b/crypto/sha/asm/sha512-sparcv9.pl
new file mode 100644
index 0000000000..54241aab50
--- /dev/null
+++ b/crypto/sha/asm/sha512-sparcv9.pl
@@ -0,0 +1,593 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# SHA256 performance improvement over compiler generated code varies
+# from 40% for Sun C [32-bit build] to 70% for gcc [3.3, 64-bit
+# build]. Just like in SHA1 module I aim to ensure scalability on
+# UltraSPARC T1 by packing X[16] to 8 64-bit registers.
+
+# SHA512 on pre-T1 UltraSPARC.
+#
+# Performance is >75% better than 64-bit code generated by Sun C and
+# over 2x than 32-bit code. X[16] resides on stack, but access to it
+# is scheduled for L2 latency and staged through 32 least significant
+# bits of %l0-%l7. The latter is done to achieve 32-/64-bit ABI
+# duality. Nevetheless it's ~40% faster than SHA256, which is pretty
+# good [optimal coefficient is 50%].
+#
+# SHA512 on UltraSPARC T1.
+#
+# It's not any faster than 64-bit code generated by Sun C 5.8. This is
+# because 64-bit code generator has the advantage of using 64-bit
+# loads(*) to access X[16], which I consciously traded for 32-/64-bit
+# ABI duality [as per above]. But it surpasses 32-bit Sun C generated
+# code by 60%, not to mention that it doesn't suffer from severe decay
+# when running 4 times physical cores threads and that it leaves gcc
+# [3.4] behind by over 4x factor! If compared to SHA256, single thread
+# performance is only 10% better, but overall throughput for maximum
+# amount of threads for given CPU exceeds corresponding one of SHA256
+# by 30% [again, optimal coefficient is 50%].
+#
+# (*)	Unlike pre-T1 UltraSPARC loads on T1 are executed strictly
+#	in-order, i.e. load instruction has to complete prior next
+#	instruction in given thread is executed, even if the latter is
+#	not dependent on load result! This means that on T1 two 32-bit
+#	loads are always slower than one 64-bit load. Once again this
+#	is unlike pre-T1 UltraSPARC, where, if scheduled appropriately,
+#	2x32-bit loads can be as fast as 1x64-bit ones.
+
+$bits=32;
+for (@ARGV)	{ $bits=64 if (/\-m64/ || /\-xarch\=v9/); }
+if ($bits==64)	{ $bias=2047; $frame=192; }
+else		{ $bias=0;    $frame=112; }
+
+$output=shift;
+open STDOUT,">$output";
+
+if ($output =~ /512/) {
+	$label="512";
+	$SZ=8;
+	$LD="ldx";		# load from memory
+	$ST="stx";		# store to memory
+	$SLL="sllx";		# shift left logical
+	$SRL="srlx";		# shift right logical
+	@Sigma0=(28,34,39);
+	@Sigma1=(14,18,41);
+	@sigma0=( 7, 1, 8);	# right shift first
+	@sigma1=( 6,19,61);	# right shift first
+	$lastK=0x817;
+	$rounds=80;
+	$align=4;
+
+	$locals=16*$SZ;		# X[16]
+
+	$A="%o0";
+	$B="%o1";
+	$C="%o2";
+	$D="%o3";
+	$E="%o4";
+	$F="%o5";
+	$G="%g1";
+	$H="%o7";
+	@V=($A,$B,$C,$D,$E,$F,$G,$H);
+} else {
+	$label="256";
+	$SZ=4;
+	$LD="ld";		# load from memory
+	$ST="st";		# store to memory
+	$SLL="sll";		# shift left logical
+	$SRL="srl";		# shift right logical
+	@Sigma0=( 2,13,22);
+	@Sigma1=( 6,11,25);
+	@sigma0=( 3, 7,18);	# right shift first
+	@sigma1=(10,17,19);	# right shift first
+	$lastK=0x8f2;
+	$rounds=64;
+	$align=8;
+
+	$locals=0;		# X[16] is register resident
+	@X=("%o0","%o1","%o2","%o3","%o4","%o5","%g1","%o7");
+	
+	$A="%l0";
+	$B="%l1";
+	$C="%l2";
+	$D="%l3";
+	$E="%l4";
+	$F="%l5";
+	$G="%l6";
+	$H="%l7";
+	@V=($A,$B,$C,$D,$E,$F,$G,$H);
+}
+$T1="%g2";
+$tmp0="%g3";
+$tmp1="%g4";
+$tmp2="%g5";
+
+$ctx="%i0";
+$inp="%i1";
+$len="%i2";
+$Ktbl="%i3";
+$tmp31="%i4";
+$tmp32="%i5";
+
+########### SHA256
+$Xload = sub {
+my ($i,$a,$b,$c,$d,$e,$f,$g,$h)=@_;
+
+    if ($i==0) {
+$code.=<<___;
+	ldx	[$inp+0],@X[0]
+	ldx	[$inp+16],@X[2]
+	ldx	[$inp+32],@X[4]
+	ldx	[$inp+48],@X[6]
+	ldx	[$inp+8],@X[1]
+	ldx	[$inp+24],@X[3]
+	subcc	%g0,$tmp31,$tmp32 ! should be 64-$tmp31, but -$tmp31 works too
+	ldx	[$inp+40],@X[5]
+	bz,pt	%icc,.Laligned
+	ldx	[$inp+56],@X[7]
+
+	sllx	@X[0],$tmp31,@X[0]
+	ldx	[$inp+64],$T1
+___
+for($j=0;$j<7;$j++)
+{   $code.=<<___;
+	srlx	@X[$j+1],$tmp32,$tmp1
+	sllx	@X[$j+1],$tmp31,@X[$j+1]
+	or	$tmp1,@X[$j],@X[$j]
+___
+}
+$code.=<<___;
+	srlx	$T1,$tmp32,$T1
+	or	$T1,@X[7],@X[7]
+.Laligned:
+___
+    }
+
+    if ($i&1) {
+	$code.="\tadd	@X[$i/2],$h,$T1\n";
+    } else {
+	$code.="\tsrlx	@X[$i/2],32,$T1\n\tadd	$h,$T1,$T1\n";
+    }
+} if ($SZ==4);
+
+########### SHA512
+$Xload = sub {
+my ($i,$a,$b,$c,$d,$e,$f,$g,$h)=@_;
+my @pair=("%l".eval(($i*2)%8),"%l".eval(($i*2)%8+1),"%l".eval((($i+1)*2)%8));
+
+$code.=<<___ if ($i==0);
+	ld	[$inp+0],%l0
+	ld	[$inp+4],%l1
+	ld	[$inp+8],%l2
+	ld	[$inp+12],%l3
+	ld	[$inp+16],%l4
+	ld	[$inp+20],%l5
+	ld	[$inp+24],%l6
+	ld	[$inp+28],%l7
+___
+$code.=<<___ if ($i<15);
+	sllx	@pair[1],$tmp31,$tmp2	! Xload($i)
+	add	$tmp31,32,$tmp0
+	sllx	@pair[0],$tmp0,$tmp1
+	`"ld	[$inp+".eval(32+0+$i*8)."],@pair[0]"	if ($i<12)`
+	srlx	@pair[2],$tmp32,@pair[1]
+	or	$tmp1,$tmp2,$tmp2
+	or	@pair[1],$tmp2,$tmp2
+	`"ld	[$inp+".eval(32+4+$i*8)."],@pair[1]"	if ($i<12)`
+	add	$h,$tmp2,$T1
+	$ST	$tmp2,[%sp+`$bias+$frame+$i*$SZ`]
+___
+$code.=<<___ if ($i==12);
+	brnz,a	$tmp31,.+8
+	ld	[$inp+128],%l0
+___
+$code.=<<___ if ($i==15);
+	ld	[%sp+`$bias+$frame+(($i+1+1)%16)*$SZ+0`],%l2
+	sllx	@pair[1],$tmp31,$tmp2	! Xload($i)
+	add	$tmp31,32,$tmp0
+	ld	[%sp+`$bias+$frame+(($i+1+1)%16)*$SZ+4`],%l3
+	sllx	@pair[0],$tmp0,$tmp1
+	ld	[%sp+`$bias+$frame+(($i+1+9)%16)*$SZ+0`],%l4
+	srlx	@pair[2],$tmp32,@pair[1]
+	or	$tmp1,$tmp2,$tmp2
+	ld	[%sp+`$bias+$frame+(($i+1+9)%16)*$SZ+4`],%l5
+	or	@pair[1],$tmp2,$tmp2
+	ld	[%sp+`$bias+$frame+(($i+1+14)%16)*$SZ+0`],%l6
+	add	$h,$tmp2,$T1
+	$ST	$tmp2,[%sp+`$bias+$frame+$i*$SZ`]
+	ld	[%sp+`$bias+$frame+(($i+1+14)%16)*$SZ+4`],%l7
+	ld	[%sp+`$bias+$frame+(($i+1+0)%16)*$SZ+0`],%l0
+	ld	[%sp+`$bias+$frame+(($i+1+0)%16)*$SZ+4`],%l1
+___
+} if ($SZ==8);
+
+########### common
+sub BODY_00_15 {
+my ($i,$a,$b,$c,$d,$e,$f,$g,$h)=@_;
+
+    if ($i<16) {
+	&$Xload(@_);
+    } else {
+	$code.="\tadd	$h,$T1,$T1\n";
+    }
+
+$code.=<<___;
+	$SRL	$e,@Sigma1[0],$h	!! $i
+	xor	$f,$g,$tmp2
+	$SLL	$e,`$SZ*8-@Sigma1[2]`,$tmp1
+	and	$e,$tmp2,$tmp2
+	$SRL	$e,@Sigma1[1],$tmp0
+	xor	$tmp1,$h,$h
+	$SLL	$e,`$SZ*8-@Sigma1[1]`,$tmp1
+	xor	$tmp0,$h,$h
+	$SRL	$e,@Sigma1[2],$tmp0
+	xor	$tmp1,$h,$h
+	$SLL	$e,`$SZ*8-@Sigma1[0]`,$tmp1
+	xor	$tmp0,$h,$h
+	xor	$g,$tmp2,$tmp2		! Ch(e,f,g)
+	xor	$tmp1,$h,$tmp0		! Sigma1(e)
+
+	$SRL	$a,@Sigma0[0],$h
+	add	$tmp2,$T1,$T1
+	$LD	[$Ktbl+`$i*$SZ`],$tmp2	! K[$i]
+	$SLL	$a,`$SZ*8-@Sigma0[2]`,$tmp1
+	add	$tmp0,$T1,$T1
+	$SRL	$a,@Sigma0[1],$tmp0
+	xor	$tmp1,$h,$h
+	$SLL	$a,`$SZ*8-@Sigma0[1]`,$tmp1
+	xor	$tmp0,$h,$h
+	$SRL	$a,@Sigma0[2],$tmp0
+	xor	$tmp1,$h,$h	
+	$SLL	$a,`$SZ*8-@Sigma0[0]`,$tmp1
+	xor	$tmp0,$h,$h
+	xor	$tmp1,$h,$h		! Sigma0(a)
+
+	or	$a,$b,$tmp0
+	and	$a,$b,$tmp1
+	and	$c,$tmp0,$tmp0
+	or	$tmp0,$tmp1,$tmp1	! Maj(a,b,c)
+	add	$tmp2,$T1,$T1		! +=K[$i]
+	add	$tmp1,$h,$h
+
+	add	$T1,$d,$d
+	add	$T1,$h,$h
+___
+}
+
+########### SHA256
+$BODY_16_XX = sub {
+my $i=@_[0];
+my $xi;
+
+    if ($i&1) {
+	$xi=$tmp32;
+	$code.="\tsrlx	@X[(($i+1)/2)%8],32,$xi\n";
+    } else {
+	$xi=@X[(($i+1)/2)%8];
+    }
+$code.=<<___;
+	srl	$xi,@sigma0[0],$T1		!! Xupdate($i)
+	sll	$xi,`32-@sigma0[2]`,$tmp1
+	srl	$xi,@sigma0[1],$tmp0
+	xor	$tmp1,$T1,$T1
+	sll	$tmp1,`@sigma0[2]-@sigma0[1]`,$tmp1
+	xor	$tmp0,$T1,$T1
+	srl	$xi,@sigma0[2],$tmp0
+	xor	$tmp1,$T1,$T1
+___
+    if ($i&1) {
+	$xi=@X[(($i+14)/2)%8];
+    } else {
+	$xi=$tmp32;
+	$code.="\tsrlx	@X[(($i+14)/2)%8],32,$xi\n";
+    }
+$code.=<<___;
+	srl	$xi,@sigma1[0],$tmp2
+	xor	$tmp0,$T1,$T1			! T1=sigma0(X[i+1])
+	sll	$xi,`32-@sigma1[2]`,$tmp1
+	srl	$xi,@sigma1[1],$tmp0
+	xor	$tmp1,$tmp2,$tmp2
+	sll	$tmp1,`@sigma1[2]-@sigma1[1]`,$tmp1
+	xor	$tmp0,$tmp2,$tmp2
+	srl	$xi,@sigma1[2],$tmp0
+	xor	$tmp1,$tmp2,$tmp2
+___
+    if ($i&1) {
+	$xi=@X[($i/2)%8];
+$code.=<<___;
+	srlx	@X[(($i+9)/2)%8],32,$tmp1	! X[i+9]
+	xor	$tmp0,$tmp2,$tmp2		! sigma1(X[i+14])
+	srl	@X[($i/2)%8],0,$tmp0
+	add	$xi,$T1,$T1			! +=X[i]
+	xor	$tmp0,@X[($i/2)%8],@X[($i/2)%8]
+	add	$tmp2,$T1,$T1
+	add	$tmp1,$T1,$T1
+
+	srl	$T1,0,$T1
+	or	$T1,@X[($i/2)%8],@X[($i/2)%8]
+___
+    } else {
+	$xi=@X[(($i+9)/2)%8];
+$code.=<<___;
+	srlx	@X[($i/2)%8],32,$tmp1		! X[i]
+	xor	$tmp0,$tmp2,$tmp2		! sigma1(X[i+14])
+	srl	@X[($i/2)%8],0,@X[($i/2)%8]
+	add	$xi,$T1,$T1			! +=X[i+9]
+	add	$tmp2,$T1,$T1
+	add	$tmp1,$T1,$T1
+
+	sllx	$T1,32,$tmp0
+	or	$tmp0,@X[($i/2)%8],@X[($i/2)%8]
+___
+    }
+    &BODY_00_15(@_);
+} if ($SZ==4);
+
+########### SHA512
+$BODY_16_XX = sub {
+my $i=@_[0];
+my @pair=("%l".eval(($i*2)%8),"%l".eval(($i*2)%8+1));
+
+$code.=<<___;
+	sllx	%l2,32,$tmp0		!! Xupdate($i)
+	or	%l3,$tmp0,$tmp0
+
+	srlx	$tmp0,@sigma0[0],$T1
+	ld	[%sp+`$bias+$frame+(($i+1+1)%16)*$SZ+0`],%l2
+	sllx	$tmp0,`64-@sigma0[2]`,$tmp1
+	ld	[%sp+`$bias+$frame+(($i+1+1)%16)*$SZ+4`],%l3
+	srlx	$tmp0,@sigma0[1],$tmp0
+	xor	$tmp1,$T1,$T1
+	sllx	$tmp1,`@sigma0[2]-@sigma0[1]`,$tmp1
+	xor	$tmp0,$T1,$T1
+	srlx	$tmp0,`@sigma0[2]-@sigma0[1]`,$tmp0
+	xor	$tmp1,$T1,$T1
+	sllx	%l6,32,$tmp2
+	xor	$tmp0,$T1,$T1		! sigma0(X[$i+1])
+	or	%l7,$tmp2,$tmp2
+
+	srlx	$tmp2,@sigma1[0],$tmp1
+	ld	[%sp+`$bias+$frame+(($i+1+14)%16)*$SZ+0`],%l6
+	sllx	$tmp2,`64-@sigma1[2]`,$tmp0
+	ld	[%sp+`$bias+$frame+(($i+1+14)%16)*$SZ+4`],%l7
+	srlx	$tmp2,@sigma1[1],$tmp2
+	xor	$tmp0,$tmp1,$tmp1
+	sllx	$tmp0,`@sigma1[2]-@sigma1[1]`,$tmp0
+	xor	$tmp2,$tmp1,$tmp1
+	srlx	$tmp2,`@sigma1[2]-@sigma1[1]`,$tmp2
+	xor	$tmp0,$tmp1,$tmp1
+	sllx	%l4,32,$tmp0
+	xor	$tmp2,$tmp1,$tmp1	! sigma1(X[$i+14])
+	ld	[%sp+`$bias+$frame+(($i+1+9)%16)*$SZ+0`],%l4
+	or	%l5,$tmp0,$tmp0
+	ld	[%sp+`$bias+$frame+(($i+1+9)%16)*$SZ+4`],%l5
+
+	sllx	%l0,32,$tmp2
+	add	$tmp1,$T1,$T1
+	ld	[%sp+`$bias+$frame+(($i+1+0)%16)*$SZ+0`],%l0
+	or	%l1,$tmp2,$tmp2
+	add	$tmp0,$T1,$T1		! +=X[$i+9]
+	ld	[%sp+`$bias+$frame+(($i+1+0)%16)*$SZ+4`],%l1
+	add	$tmp2,$T1,$T1		! +=X[$i]
+	$ST	$T1,[%sp+`$bias+$frame+($i%16)*$SZ`]
+___
+    &BODY_00_15(@_);
+} if ($SZ==8);
+
+$code.=<<___ if ($bits==64);
+.register	%g2,#scratch
+.register	%g3,#scratch
+___
+$code.=<<___;
+.section	".text",#alloc,#execinstr
+
+.align	64
+K${label}:
+.type	K${label},#object
+___
+if ($SZ==4) {
+$code.=<<___;
+	.long	0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5
+	.long	0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5
+	.long	0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3
+	.long	0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174
+	.long	0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc
+	.long	0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da
+	.long	0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7
+	.long	0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967
+	.long	0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13
+	.long	0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85
+	.long	0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3
+	.long	0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070
+	.long	0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5
+	.long	0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3
+	.long	0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208
+	.long	0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2
+___
+} else {
+$code.=<<___;
+	.long	0x428a2f98,0xd728ae22, 0x71374491,0x23ef65cd
+	.long	0xb5c0fbcf,0xec4d3b2f, 0xe9b5dba5,0x8189dbbc
+	.long	0x3956c25b,0xf348b538, 0x59f111f1,0xb605d019
+	.long	0x923f82a4,0xaf194f9b, 0xab1c5ed5,0xda6d8118
+	.long	0xd807aa98,0xa3030242, 0x12835b01,0x45706fbe
+	.long	0x243185be,0x4ee4b28c, 0x550c7dc3,0xd5ffb4e2
+	.long	0x72be5d74,0xf27b896f, 0x80deb1fe,0x3b1696b1
+	.long	0x9bdc06a7,0x25c71235, 0xc19bf174,0xcf692694
+	.long	0xe49b69c1,0x9ef14ad2, 0xefbe4786,0x384f25e3
+	.long	0x0fc19dc6,0x8b8cd5b5, 0x240ca1cc,0x77ac9c65
+	.long	0x2de92c6f,0x592b0275, 0x4a7484aa,0x6ea6e483
+	.long	0x5cb0a9dc,0xbd41fbd4, 0x76f988da,0x831153b5
+	.long	0x983e5152,0xee66dfab, 0xa831c66d,0x2db43210
+	.long	0xb00327c8,0x98fb213f, 0xbf597fc7,0xbeef0ee4
+	.long	0xc6e00bf3,0x3da88fc2, 0xd5a79147,0x930aa725
+	.long	0x06ca6351,0xe003826f, 0x14292967,0x0a0e6e70
+	.long	0x27b70a85,0x46d22ffc, 0x2e1b2138,0x5c26c926
+	.long	0x4d2c6dfc,0x5ac42aed, 0x53380d13,0x9d95b3df
+	.long	0x650a7354,0x8baf63de, 0x766a0abb,0x3c77b2a8
+	.long	0x81c2c92e,0x47edaee6, 0x92722c85,0x1482353b
+	.long	0xa2bfe8a1,0x4cf10364, 0xa81a664b,0xbc423001
+	.long	0xc24b8b70,0xd0f89791, 0xc76c51a3,0x0654be30
+	.long	0xd192e819,0xd6ef5218, 0xd6990624,0x5565a910
+	.long	0xf40e3585,0x5771202a, 0x106aa070,0x32bbd1b8
+	.long	0x19a4c116,0xb8d2d0c8, 0x1e376c08,0x5141ab53
+	.long	0x2748774c,0xdf8eeb99, 0x34b0bcb5,0xe19b48a8
+	.long	0x391c0cb3,0xc5c95a63, 0x4ed8aa4a,0xe3418acb
+	.long	0x5b9cca4f,0x7763e373, 0x682e6ff3,0xd6b2b8a3
+	.long	0x748f82ee,0x5defb2fc, 0x78a5636f,0x43172f60
+	.long	0x84c87814,0xa1f0ab72, 0x8cc70208,0x1a6439ec
+	.long	0x90befffa,0x23631e28, 0xa4506ceb,0xde82bde9
+	.long	0xbef9a3f7,0xb2c67915, 0xc67178f2,0xe372532b
+	.long	0xca273ece,0xea26619c, 0xd186b8c7,0x21c0c207
+	.long	0xeada7dd6,0xcde0eb1e, 0xf57d4f7f,0xee6ed178
+	.long	0x06f067aa,0x72176fba, 0x0a637dc5,0xa2c898a6
+	.long	0x113f9804,0xbef90dae, 0x1b710b35,0x131c471b
+	.long	0x28db77f5,0x23047d84, 0x32caab7b,0x40c72493
+	.long	0x3c9ebe0a,0x15c9bebc, 0x431d67c4,0x9c100d4c
+	.long	0x4cc5d4be,0xcb3e42b6, 0x597f299c,0xfc657e2a
+	.long	0x5fcb6fab,0x3ad6faec, 0x6c44198c,0x4a475817
+___
+}
+$code.=<<___;
+.size	K${label},.-K${label}
+.globl	sha${label}_block_data_order
+sha${label}_block_data_order:
+	save	%sp,`-$frame-$locals`,%sp
+	and	$inp,`$align-1`,$tmp31
+	sllx	$len,`log(16*$SZ)/log(2)`,$len
+	andn	$inp,`$align-1`,$inp
+	sll	$tmp31,3,$tmp31
+	add	$inp,$len,$len
+___
+$code.=<<___ if ($SZ==8); # SHA512
+	mov	32,$tmp32
+	sub	$tmp32,$tmp31,$tmp32
+___
+$code.=<<___;
+.Lpic:	call	.+8
+	add	%o7,K${label}-.Lpic,$Ktbl
+
+	$LD	[$ctx+`0*$SZ`],$A
+	$LD	[$ctx+`1*$SZ`],$B
+	$LD	[$ctx+`2*$SZ`],$C
+	$LD	[$ctx+`3*$SZ`],$D
+	$LD	[$ctx+`4*$SZ`],$E
+	$LD	[$ctx+`5*$SZ`],$F
+	$LD	[$ctx+`6*$SZ`],$G
+	$LD	[$ctx+`7*$SZ`],$H
+
+.Lloop:
+___
+for ($i=0;$i<16;$i++)	{ &BODY_00_15($i,@V); unshift(@V,pop(@V)); }
+$code.=".L16_xx:\n";
+for (;$i<32;$i++)	{ &$BODY_16_XX($i,@V); unshift(@V,pop(@V)); }
+$code.=<<___;
+	and	$tmp2,0xfff,$tmp2
+	cmp	$tmp2,$lastK
+	bne	.L16_xx
+	add	$Ktbl,`16*$SZ`,$Ktbl	! Ktbl+=16
+
+___
+$code.=<<___ if ($SZ==4); # SHA256
+	$LD	[$ctx+`0*$SZ`],@X[0]
+	$LD	[$ctx+`1*$SZ`],@X[1]
+	$LD	[$ctx+`2*$SZ`],@X[2]
+	$LD	[$ctx+`3*$SZ`],@X[3]
+	$LD	[$ctx+`4*$SZ`],@X[4]
+	$LD	[$ctx+`5*$SZ`],@X[5]
+	$LD	[$ctx+`6*$SZ`],@X[6]
+	$LD	[$ctx+`7*$SZ`],@X[7]
+
+	add	$A,@X[0],$A
+	$ST	$A,[$ctx+`0*$SZ`]
+	add	$B,@X[1],$B
+	$ST	$B,[$ctx+`1*$SZ`]
+	add	$C,@X[2],$C
+	$ST	$C,[$ctx+`2*$SZ`]
+	add	$D,@X[3],$D
+	$ST	$D,[$ctx+`3*$SZ`]
+	add	$E,@X[4],$E
+	$ST	$E,[$ctx+`4*$SZ`]
+	add	$F,@X[5],$F
+	$ST	$F,[$ctx+`5*$SZ`]
+	add	$G,@X[6],$G
+	$ST	$G,[$ctx+`6*$SZ`]
+	add	$H,@X[7],$H
+	$ST	$H,[$ctx+`7*$SZ`]
+___
+$code.=<<___ if ($SZ==8); # SHA512
+	ld	[$ctx+`0*$SZ+0`],%l0
+	ld	[$ctx+`0*$SZ+4`],%l1
+	ld	[$ctx+`1*$SZ+0`],%l2
+	ld	[$ctx+`1*$SZ+4`],%l3
+	ld	[$ctx+`2*$SZ+0`],%l4
+	ld	[$ctx+`2*$SZ+4`],%l5
+	ld	[$ctx+`3*$SZ+0`],%l6
+
+	sllx	%l0,32,$tmp0
+	ld	[$ctx+`3*$SZ+4`],%l7
+	sllx	%l2,32,$tmp1
+	or	%l1,$tmp0,$tmp0
+	or	%l3,$tmp1,$tmp1
+	add	$tmp0,$A,$A
+	add	$tmp1,$B,$B
+	$ST	$A,[$ctx+`0*$SZ`]
+	sllx	%l4,32,$tmp2
+	$ST	$B,[$ctx+`1*$SZ`]
+	sllx	%l6,32,$T1
+	or	%l5,$tmp2,$tmp2
+	or	%l7,$T1,$T1
+	add	$tmp2,$C,$C
+	$ST	$C,[$ctx+`2*$SZ`]
+	add	$T1,$D,$D
+	$ST	$D,[$ctx+`3*$SZ`]
+
+	ld	[$ctx+`4*$SZ+0`],%l0
+	ld	[$ctx+`4*$SZ+4`],%l1
+	ld	[$ctx+`5*$SZ+0`],%l2
+	ld	[$ctx+`5*$SZ+4`],%l3
+	ld	[$ctx+`6*$SZ+0`],%l4
+	ld	[$ctx+`6*$SZ+4`],%l5
+	ld	[$ctx+`7*$SZ+0`],%l6
+
+	sllx	%l0,32,$tmp0
+	ld	[$ctx+`7*$SZ+4`],%l7
+	sllx	%l2,32,$tmp1
+	or	%l1,$tmp0,$tmp0
+	or	%l3,$tmp1,$tmp1
+	add	$tmp0,$E,$E
+	add	$tmp1,$F,$F
+	$ST	$E,[$ctx+`4*$SZ`]
+	sllx	%l4,32,$tmp2
+	$ST	$F,[$ctx+`5*$SZ`]
+	sllx	%l6,32,$T1
+	or	%l5,$tmp2,$tmp2
+	or	%l7,$T1,$T1
+	add	$tmp2,$G,$G
+	$ST	$G,[$ctx+`6*$SZ`]
+	add	$T1,$H,$H
+	$ST	$H,[$ctx+`7*$SZ`]
+___
+$code.=<<___;
+	add	$inp,`16*$SZ`,$inp		! advance inp
+	cmp	$inp,$len
+	bne	`$bits==64?"%xcc":"%icc"`,.Lloop
+	sub	$Ktbl,`($rounds-16)*$SZ`,$Ktbl	! rewind Ktbl
+
+	ret
+	restore
+.type	sha${label}_block_data_order,#function
+.size	sha${label}_block_data_order,(.-sha${label}_block_data_order)
+.asciz	"SHA${label} block transform for SPARCv9, CRYPTOGAMS by <appro\@openssl.org>"
+___
+
+$code =~ s/\`([^\`]*)\`/eval $1/gem;
+print $code;
+close STDOUT;
diff --git a/crypto/sha/asm/sha512-sse2.pl b/crypto/sha/asm/sha512-sse2.pl
deleted file mode 100644
index 0596d5c503..0000000000
--- a/crypto/sha/asm/sha512-sse2.pl
+++ /dev/null
@@ -1,404 +0,0 @@
-#!/usr/bin/env perl
-#
-# ====================================================================
-# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
-# project. Rights for redistribution and usage in source and binary
-# forms are granted according to the OpenSSL license.
-# ====================================================================
-#
-# SHA512_Transform_SSE2.
-#
-# As the name suggests, this is an IA-32 SSE2 implementation of
-# SHA512_Transform. Motivating factor for the undertaken effort was that
-# SHA512 was observed to *consistently* perform *significantly* poorer
-# than SHA256 [2x and slower is common] on 32-bit platforms. On 64-bit
-# platforms on the other hand SHA512 tend to outperform SHA256 [~50%
-# seem to be common improvement factor]. All this is perfectly natural,
-# as SHA512 is a 64-bit algorithm. But isn't IA-32 SSE2 essentially
-# a 64-bit instruction set? Is it rich enough to implement SHA512?
-# If answer was "no," then you wouldn't have been reading this...
-#
-# Throughput performance in MBps (larger is better):
-#
-#		2.4GHz P4	1.4GHz AMD32	1.4GHz AMD64(*)
-# SHA256/gcc(*)	54		43		59
-# SHA512/gcc	17		23		92
-# SHA512/sse2	61(**)		57(**)
-# SHA512/icc	26		28
-# SHA256/icc(*)	65		54
-#
-# (*)	AMD64 and SHA256 numbers are presented mostly for amusement or
-#	reference purposes.
-# (**)	I.e. it gives ~2-3x speed-up if compared with compiler generated
-#	code. One can argue that hand-coded *non*-SSE2 implementation
-#	would perform better than compiler generated one as well, and
-#	that comparison is therefore not exactly fair. Well, as SHA512
-#	puts enormous pressure on IA-32 GP register bank, I reckon that
-#	hand-coded version wouldn't perform significantly better than
-#	one compiled with icc, ~20% perhaps... So that this code would
-#	still outperform it with distinguishing marginal. But feel free
-#	to prove me wrong:-)
-#						<appro@fy.chalmers.se>
-push(@INC,"perlasm","../../perlasm");
-require "x86asm.pl";
-
-&asm_init($ARGV[0],"sha512-sse2.pl",$ARGV[$#ARGV] eq "386");
-
-$K512="esi";	# K512[80] table, found at the end...
-#$W512="esp";	# $W512 is not just W512[16]: it comprises *two* copies
-		# of W512[16] and a copy of A-H variables...
-$W512_SZ=8*(16+16+8);	# see above...
-#$Kidx="ebx";	# index in K512 table, advances from 0 to 80...
-$Widx="edx";	# index in W512, wraps around at 16...
-$data="edi";	# 16 qwords of input data...
-$A="mm0";	# B-D and
-$E="mm1";	# F-H are allocated dynamically...
-$Aoff=256+0;	# A-H offsets relative to $W512...
-$Boff=256+8;
-$Coff=256+16;
-$Doff=256+24;
-$Eoff=256+32;
-$Foff=256+40;
-$Goff=256+48;
-$Hoff=256+56;
-
-sub SHA2_ROUND()
-{ local ($kidx,$widx)=@_;
-
-	# One can argue that one could reorder instructions for better
-	# performance. Well, I tried and it doesn't seem to make any
-	# noticeable difference. Modern out-of-order execution cores
-	# reorder instructions to their liking in either case and they
-	# apparently do decent job. So we can keep the code more
-	# readable/regular/comprehensible:-)
-
-	# I adhere to 64-bit %mmX registers in order to avoid/not care
-	# about #GP exceptions on misaligned 128-bit access, most
-	# notably in paddq with memory operand. Not to mention that
-	# SSE2 intructions operating on %mmX can be scheduled every
-	# cycle [and not every second one if operating on %xmmN].
-
-	&movq	("mm4",&QWP($Foff,$W512));	# load f
-	&movq	("mm5",&QWP($Goff,$W512));	# load g
-	&movq	("mm6",&QWP($Hoff,$W512));	# load h
-
-	&movq	("mm2",$E);			# %mm2 is sliding right
-	&movq	("mm3",$E);			# %mm3 is sliding left
-	&psrlq	("mm2",14);
-	&psllq	("mm3",23);
-	&movq	("mm7","mm2");			# %mm7 is T1
-	&pxor	("mm7","mm3");
-	&psrlq	("mm2",4);
-	&psllq	("mm3",23);
-	&pxor	("mm7","mm2");
-	&pxor	("mm7","mm3");
-	&psrlq	("mm2",23);
-	&psllq	("mm3",4);
-	&pxor	("mm7","mm2");
-	&pxor	("mm7","mm3");			# T1=Sigma1_512(e)
-
-	&movq	(&QWP($Foff,$W512),$E);		# f = e
-	&movq	(&QWP($Goff,$W512),"mm4");	# g = f
-	&movq	(&QWP($Hoff,$W512),"mm5");	# h = g
-
-	&pxor	("mm4","mm5");			# f^=g
-	&pand	("mm4",$E);			# f&=e
-	&pxor	("mm4","mm5");			# f^=g
-	&paddq	("mm7","mm4");			# T1+=Ch(e,f,g)
-
-	&movq	("mm2",&QWP($Boff,$W512));	# load b
-	&movq	("mm3",&QWP($Coff,$W512));	# load c
-	&movq	($E,&QWP($Doff,$W512));		# e = d
-
-	&paddq	("mm7","mm6");			# T1+=h
-	&paddq	("mm7",&QWP(0,$K512,$kidx,8));	# T1+=K512[i]
-	&paddq	("mm7",&QWP(0,$W512,$widx,8));	# T1+=W512[i]
-	&paddq	($E,"mm7");			# e += T1
-
-	&movq	("mm4",$A);			# %mm4 is sliding right
-	&movq	("mm5",$A);			# %mm5 is sliding left
-	&psrlq	("mm4",28);
-	&psllq	("mm5",25);
-	&movq	("mm6","mm4");			# %mm6 is T2
-	&pxor	("mm6","mm5");
-	&psrlq	("mm4",6);
-	&psllq	("mm5",5);
-	&pxor	("mm6","mm4");
-	&pxor	("mm6","mm5");
-	&psrlq	("mm4",5);
-	&psllq	("mm5",6);
-	&pxor	("mm6","mm4");
-	&pxor	("mm6","mm5");			# T2=Sigma0_512(a)
-
-	&movq	(&QWP($Boff,$W512),$A);		# b = a
-	&movq	(&QWP($Coff,$W512),"mm2");	# c = b
-	&movq	(&QWP($Doff,$W512),"mm3");	# d = c
-
-	&movq	("mm4",$A);			# %mm4=a
-	&por	($A,"mm3");			# a=a|c
-	&pand	("mm4","mm3");			# %mm4=a&c
-	&pand	($A,"mm2");			# a=(a|c)&b
-	&por	("mm4",$A);			# %mm4=(a&c)|((a|c)&b)
-	&paddq	("mm6","mm4");			# T2+=Maj(a,b,c)
-
-	&movq	($A,"mm7");			# a=T1
-	&paddq	($A,"mm6");			# a+=T2
-}
-
-$func="sha512_block_sse2";
-
-&function_begin_B($func);
-	if (0) {# Caller is expected to check if it's appropriate to
-		# call this routine. Below 3 lines are retained for
-		# debugging purposes...
-		&picmeup("eax","OPENSSL_ia32cap");
-		&bt	(&DWP(0,"eax"),26);
-		&jnc	("SHA512_Transform");
-	}
-
-	&push	("ebp");
-	&mov	("ebp","esp");
-	&push	("ebx");
-	&push	("esi");
-	&push	("edi");
-
-	&mov	($Widx,&DWP(8,"ebp"));		# A-H state, 1st arg
-	&mov	($data,&DWP(12,"ebp"));		# input data, 2nd arg
-	&call	(&label("pic_point"));		# make it PIC!
-&set_label("pic_point");
-	&blindpop($K512);
-	&lea	($K512,&DWP(&label("K512")."-".&label("pic_point"),$K512));
-
-	$W512 = "esp";			# start using %esp as W512
-	&sub	($W512,$W512_SZ);
-	&and	($W512,-16);		# ensure 128-bit alignment
-
-	# make private copy of A-H
-	#     v assume the worst and stick to unaligned load
-	&movdqu	("xmm0",&QWP(0,$Widx));
-	&movdqu	("xmm1",&QWP(16,$Widx));
-	&movdqu	("xmm2",&QWP(32,$Widx));
-	&movdqu	("xmm3",&QWP(48,$Widx));
-
-&align(8);
-&set_label("_chunk_loop");
-
-	&movdqa	(&QWP($Aoff,$W512),"xmm0");	# a,b
-	&movdqa	(&QWP($Coff,$W512),"xmm1");	# c,d
-	&movdqa	(&QWP($Eoff,$W512),"xmm2");	# e,f
-	&movdqa	(&QWP($Goff,$W512),"xmm3");	# g,h
-
-	&xor	($Widx,$Widx);
-
-	&movdq2q($A,"xmm0");			# load a
-	&movdq2q($E,"xmm2");			# load e
-
-	# Why aren't loops unrolled? It makes sense to unroll if
-	# execution time for loop body is comparable with branch
-	# penalties and/or if whole data-set resides in register bank.
-	# Neither is case here... Well, it would be possible to
-	# eliminate few store operations, but it would hardly affect
-	# so to say stop-watch performance, as there is a lot of
-	# available memory slots to fill. It will only relieve some
-	# pressure off memory bus...
-
-	# flip input stream byte order...
-	&mov	("eax",&DWP(0,$data,$Widx,8));
-	&mov	("ebx",&DWP(4,$data,$Widx,8));
-	&bswap	("eax");
-	&bswap	("ebx");
-	&mov	(&DWP(0,$W512,$Widx,8),"ebx");		# W512[i]
-	&mov	(&DWP(4,$W512,$Widx,8),"eax");
-	&mov	(&DWP(128+0,$W512,$Widx,8),"ebx");	# copy of W512[i]
-	&mov	(&DWP(128+4,$W512,$Widx,8),"eax");
-
-&align(8);
-&set_label("_1st_loop");		# 0-15
-	# flip input stream byte order...
-	&mov	("eax",&DWP(0+8,$data,$Widx,8));
-	&mov	("ebx",&DWP(4+8,$data,$Widx,8));
-	&bswap	("eax");
-	&bswap	("ebx");
-	&mov	(&DWP(0+8,$W512,$Widx,8),"ebx");	# W512[i]
-	&mov	(&DWP(4+8,$W512,$Widx,8),"eax");
-	&mov	(&DWP(128+0+8,$W512,$Widx,8),"ebx");	# copy of W512[i]
-	&mov	(&DWP(128+4+8,$W512,$Widx,8),"eax");
-&set_label("_1st_looplet");
-	&SHA2_ROUND($Widx,$Widx); &inc($Widx);
-
-&cmp	($Widx,15)
-&jl	(&label("_1st_loop"));
-&je	(&label("_1st_looplet"));	# playing similar trick on 2nd loop
-					# does not improve performance...
-
-	$Kidx = "ebx";			# start using %ebx as Kidx
-	&mov	($Kidx,$Widx);
-
-&align(8);
-&set_label("_2nd_loop");		# 16-79
-	&and($Widx,0xf);
-
-	# 128-bit fragment! I update W512[i] and W512[i+1] in
-	# parallel:-) Note that I refer to W512[(i&0xf)+N] and not to
-	# W512[(i+N)&0xf]! This is exactly what I maintain the second
-	# copy of W512[16] for...
-	&movdqu	("xmm0",&QWP(8*1,$W512,$Widx,8));	# s0=W512[i+1]
-	&movdqa	("xmm2","xmm0");		# %xmm2 is sliding right
-	&movdqa	("xmm3","xmm0");		# %xmm3 is sliding left
-	&psrlq	("xmm2",1);
-	&psllq	("xmm3",56);
-	&movdqa	("xmm0","xmm2");
-	&pxor	("xmm0","xmm3");
-	&psrlq	("xmm2",6);
-	&psllq	("xmm3",7);
-	&pxor	("xmm0","xmm2");
-	&pxor	("xmm0","xmm3");
-	&psrlq	("xmm2",1);
-	&pxor	("xmm0","xmm2");		# s0 = sigma0_512(s0);
-
-	&movdqa	("xmm1",&QWP(8*14,$W512,$Widx,8));	# s1=W512[i+14]
-	&movdqa	("xmm4","xmm1");		# %xmm4 is sliding right
-	&movdqa	("xmm5","xmm1");		# %xmm5 is sliding left
-	&psrlq	("xmm4",6);
-	&psllq	("xmm5",3);
-	&movdqa	("xmm1","xmm4");
-	&pxor	("xmm1","xmm5");
-	&psrlq	("xmm4",13);
-	&psllq	("xmm5",42);
-	&pxor	("xmm1","xmm4");
-	&pxor	("xmm1","xmm5");
-	&psrlq	("xmm4",42);
-	&pxor	("xmm1","xmm4");		# s1 = sigma1_512(s1);
-
-	#     + have to explictly load W512[i+9] as it's not 128-bit
-	#     v	aligned and paddq would throw an exception...
-	&movdqu	("xmm6",&QWP(8*9,$W512,$Widx,8));
-	&paddq	("xmm0","xmm1");		# s0 += s1
-	&paddq	("xmm0","xmm6");		# s0 += W512[i+9]
-	&paddq	("xmm0",&QWP(0,$W512,$Widx,8));	# s0 += W512[i]
-
-	&movdqa	(&QWP(0,$W512,$Widx,8),"xmm0");		# W512[i] = s0
-	&movdqa	(&QWP(16*8,$W512,$Widx,8),"xmm0");	# copy of W512[i]
-
-	# as the above fragment was 128-bit, we "owe" 2 rounds...
-	&SHA2_ROUND($Kidx,$Widx); &inc($Kidx); &inc($Widx);
-	&SHA2_ROUND($Kidx,$Widx); &inc($Kidx); &inc($Widx);
-
-&cmp	($Kidx,80);
-&jl	(&label("_2nd_loop"));
-
-	# update A-H state
-	&mov	($Widx,&DWP(8,"ebp"));		# A-H state, 1st arg
-	&movq	(&QWP($Aoff,$W512),$A);		# write out a
-	&movq	(&QWP($Eoff,$W512),$E);		# write out e
-	&movdqu	("xmm0",&QWP(0,$Widx));
-	&movdqu	("xmm1",&QWP(16,$Widx));
-	&movdqu	("xmm2",&QWP(32,$Widx));
-	&movdqu	("xmm3",&QWP(48,$Widx));
-	&paddq	("xmm0",&QWP($Aoff,$W512));	# 128-bit additions...
-	&paddq	("xmm1",&QWP($Coff,$W512));
-	&paddq	("xmm2",&QWP($Eoff,$W512));
-	&paddq	("xmm3",&QWP($Goff,$W512));
-	&movdqu	(&QWP(0,$Widx),"xmm0");
-	&movdqu	(&QWP(16,$Widx),"xmm1");
-	&movdqu	(&QWP(32,$Widx),"xmm2");
-	&movdqu	(&QWP(48,$Widx),"xmm3");
-
-&add	($data,16*8);				# advance input data pointer
-&dec	(&DWP(16,"ebp"));			# decrement 3rd arg
-&jnz	(&label("_chunk_loop"));
-
-	# epilogue
-	&emms	();	# required for at least ELF and Win32 ABIs
-	&mov	("edi",&DWP(-12,"ebp"));
-	&mov	("esi",&DWP(-8,"ebp"));
-	&mov	("ebx",&DWP(-4,"ebp"));
-	&leave	();
-&ret	();
-
-&align(16);
-&set_label("K512");	# Yes! I keep it in the code segment!
-	&data_word(0xd728ae22,0x428a2f98);	# u64
-	&data_word(0x23ef65cd,0x71374491);	# u64
-	&data_word(0xec4d3b2f,0xb5c0fbcf);	# u64
-	&data_word(0x8189dbbc,0xe9b5dba5);	# u64
-	&data_word(0xf348b538,0x3956c25b);	# u64
-	&data_word(0xb605d019,0x59f111f1);	# u64
-	&data_word(0xaf194f9b,0x923f82a4);	# u64
-	&data_word(0xda6d8118,0xab1c5ed5);	# u64
-	&data_word(0xa3030242,0xd807aa98);	# u64
-	&data_word(0x45706fbe,0x12835b01);	# u64
-	&data_word(0x4ee4b28c,0x243185be);	# u64
-	&data_word(0xd5ffb4e2,0x550c7dc3);	# u64
-	&data_word(0xf27b896f,0x72be5d74);	# u64
-	&data_word(0x3b1696b1,0x80deb1fe);	# u64
-	&data_word(0x25c71235,0x9bdc06a7);	# u64
-	&data_word(0xcf692694,0xc19bf174);	# u64
-	&data_word(0x9ef14ad2,0xe49b69c1);	# u64
-	&data_word(0x384f25e3,0xefbe4786);	# u64
-	&data_word(0x8b8cd5b5,0x0fc19dc6);	# u64
-	&data_word(0x77ac9c65,0x240ca1cc);	# u64
-	&data_word(0x592b0275,0x2de92c6f);	# u64
-	&data_word(0x6ea6e483,0x4a7484aa);	# u64
-	&data_word(0xbd41fbd4,0x5cb0a9dc);	# u64
-	&data_word(0x831153b5,0x76f988da);	# u64
-	&data_word(0xee66dfab,0x983e5152);	# u64
-	&data_word(0x2db43210,0xa831c66d);	# u64
-	&data_word(0x98fb213f,0xb00327c8);	# u64
-	&data_word(0xbeef0ee4,0xbf597fc7);	# u64
-	&data_word(0x3da88fc2,0xc6e00bf3);	# u64
-	&data_word(0x930aa725,0xd5a79147);	# u64
-	&data_word(0xe003826f,0x06ca6351);	# u64
-	&data_word(0x0a0e6e70,0x14292967);	# u64
-	&data_word(0x46d22ffc,0x27b70a85);	# u64
-	&data_word(0x5c26c926,0x2e1b2138);	# u64
-	&data_word(0x5ac42aed,0x4d2c6dfc);	# u64
-	&data_word(0x9d95b3df,0x53380d13);	# u64
-	&data_word(0x8baf63de,0x650a7354);	# u64
-	&data_word(0x3c77b2a8,0x766a0abb);	# u64
-	&data_word(0x47edaee6,0x81c2c92e);	# u64
-	&data_word(0x1482353b,0x92722c85);	# u64
-	&data_word(0x4cf10364,0xa2bfe8a1);	# u64
-	&data_word(0xbc423001,0xa81a664b);	# u64
-	&data_word(0xd0f89791,0xc24b8b70);	# u64
-	&data_word(0x0654be30,0xc76c51a3);	# u64
-	&data_word(0xd6ef5218,0xd192e819);	# u64
-	&data_word(0x5565a910,0xd6990624);	# u64
-	&data_word(0x5771202a,0xf40e3585);	# u64
-	&data_word(0x32bbd1b8,0x106aa070);	# u64
-	&data_word(0xb8d2d0c8,0x19a4c116);	# u64
-	&data_word(0x5141ab53,0x1e376c08);	# u64
-	&data_word(0xdf8eeb99,0x2748774c);	# u64
-	&data_word(0xe19b48a8,0x34b0bcb5);	# u64
-	&data_word(0xc5c95a63,0x391c0cb3);	# u64
-	&data_word(0xe3418acb,0x4ed8aa4a);	# u64
-	&data_word(0x7763e373,0x5b9cca4f);	# u64
-	&data_word(0xd6b2b8a3,0x682e6ff3);	# u64
-	&data_word(0x5defb2fc,0x748f82ee);	# u64
-	&data_word(0x43172f60,0x78a5636f);	# u64
-	&data_word(0xa1f0ab72,0x84c87814);	# u64
-	&data_word(0x1a6439ec,0x8cc70208);	# u64
-	&data_word(0x23631e28,0x90befffa);	# u64
-	&data_word(0xde82bde9,0xa4506ceb);	# u64
-	&data_word(0xb2c67915,0xbef9a3f7);	# u64
-	&data_word(0xe372532b,0xc67178f2);	# u64
-	&data_word(0xea26619c,0xca273ece);	# u64
-	&data_word(0x21c0c207,0xd186b8c7);	# u64
-	&data_word(0xcde0eb1e,0xeada7dd6);	# u64
-	&data_word(0xee6ed178,0xf57d4f7f);	# u64
-	&data_word(0x72176fba,0x06f067aa);	# u64
-	&data_word(0xa2c898a6,0x0a637dc5);	# u64
-	&data_word(0xbef90dae,0x113f9804);	# u64
-	&data_word(0x131c471b,0x1b710b35);	# u64
-	&data_word(0x23047d84,0x28db77f5);	# u64
-	&data_word(0x40c72493,0x32caab7b);	# u64
-	&data_word(0x15c9bebc,0x3c9ebe0a);	# u64
-	&data_word(0x9c100d4c,0x431d67c4);	# u64
-	&data_word(0xcb3e42b6,0x4cc5d4be);	# u64
-	&data_word(0xfc657e2a,0x597f299c);	# u64
-	&data_word(0x3ad6faec,0x5fcb6fab);	# u64
-	&data_word(0x4a475817,0x6c44198c);	# u64
-
-&function_end_B($func);
-
-&asm_finish();
diff --git a/crypto/sha/asm/sha512-x86_64.pl b/crypto/sha/asm/sha512-x86_64.pl
new file mode 100755
index 0000000000..e6643f8cf6
--- /dev/null
+++ b/crypto/sha/asm/sha512-x86_64.pl
@@ -0,0 +1,456 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. Rights for redistribution and usage in source and binary
+# forms are granted according to the OpenSSL license.
+# ====================================================================
+#
+# sha256/512_block procedure for x86_64.
+#
+# 40% improvement over compiler-generated code on Opteron. On EM64T
+# sha256 was observed to run >80% faster and sha512 - >40%. No magical
+# tricks, just straight implementation... I really wonder why gcc
+# [being armed with inline assembler] fails to generate as fast code.
+# The only thing which is cool about this module is that it's very
+# same instruction sequence used for both SHA-256 and SHA-512. In
+# former case the instructions operate on 32-bit operands, while in
+# latter - on 64-bit ones. All I had to do is to get one flavor right,
+# the other one passed the test right away:-)
+#
+# sha256_block runs in ~1005 cycles on Opteron, which gives you
+# asymptotic performance of 64*1000/1005=63.7MBps times CPU clock
+# frequency in GHz. sha512_block runs in ~1275 cycles, which results
+# in 128*1000/1275=100MBps per GHz. Is there room for improvement?
+# Well, if you compare it to IA-64 implementation, which maintains
+# X[16] in register bank[!], tends to 4 instructions per CPU clock
+# cycle and runs in 1003 cycles, 1275 is very good result for 3-way
+# issue Opteron pipeline and X[16] maintained in memory. So that *if*
+# there is a way to improve it, *then* the only way would be to try to
+# offload X[16] updates to SSE unit, but that would require "deeper"
+# loop unroll, which in turn would naturally cause size blow-up, not
+# to mention increased complexity! And once again, only *if* it's
+# actually possible to noticeably improve overall ILP, instruction
+# level parallelism, on a given CPU implementation in this case.
+#
+# Special note on Intel EM64T. While Opteron CPU exhibits perfect
+# perfromance ratio of 1.5 between 64- and 32-bit flavors [see above],
+# [currently available] EM64T CPUs apparently are far from it. On the
+# contrary, 64-bit version, sha512_block, is ~30% *slower* than 32-bit
+# sha256_block:-( This is presumably because 64-bit shifts/rotates
+# apparently are not atomic instructions, but implemented in microcode.
+
+$flavour = shift;
+$output  = shift;
+if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
+
+$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
+die "can't locate x86_64-xlate.pl";
+
+open STDOUT,"| $^X $xlate $flavour $output";
+
+if ($output =~ /512/) {
+	$func="sha512_block_data_order";
+	$TABLE="K512";
+	$SZ=8;
+	@ROT=($A,$B,$C,$D,$E,$F,$G,$H)=("%rax","%rbx","%rcx","%rdx",
+					"%r8", "%r9", "%r10","%r11");
+	($T1,$a0,$a1,$a2)=("%r12","%r13","%r14","%r15");
+	@Sigma0=(28,34,39);
+	@Sigma1=(14,18,41);
+	@sigma0=(1,  8, 7);
+	@sigma1=(19,61, 6);
+	$rounds=80;
+} else {
+	$func="sha256_block_data_order";
+	$TABLE="K256";
+	$SZ=4;
+	@ROT=($A,$B,$C,$D,$E,$F,$G,$H)=("%eax","%ebx","%ecx","%edx",
+					"%r8d","%r9d","%r10d","%r11d");
+	($T1,$a0,$a1,$a2)=("%r12d","%r13d","%r14d","%r15d");
+	@Sigma0=( 2,13,22);
+	@Sigma1=( 6,11,25);
+	@sigma0=( 7,18, 3);
+	@sigma1=(17,19,10);
+	$rounds=64;
+}
+
+$ctx="%rdi";	# 1st arg
+$round="%rdi";	# zaps $ctx
+$inp="%rsi";	# 2nd arg
+$Tbl="%rbp";
+
+$_ctx="16*$SZ+0*8(%rsp)";
+$_inp="16*$SZ+1*8(%rsp)";
+$_end="16*$SZ+2*8(%rsp)";
+$_rsp="16*$SZ+3*8(%rsp)";
+$framesz="16*$SZ+4*8";
+
+
+sub ROUND_00_15()
+{ my ($i,$a,$b,$c,$d,$e,$f,$g,$h) = @_;
+
+$code.=<<___;
+	mov	$e,$a0
+	mov	$e,$a1
+	mov	$f,$a2
+
+	ror	\$$Sigma1[0],$a0
+	ror	\$$Sigma1[1],$a1
+	xor	$g,$a2			# f^g
+
+	xor	$a1,$a0
+	ror	\$`$Sigma1[2]-$Sigma1[1]`,$a1
+	and	$e,$a2			# (f^g)&e
+	mov	$T1,`$SZ*($i&0xf)`(%rsp)
+
+	xor	$a1,$a0			# Sigma1(e)
+	xor	$g,$a2			# Ch(e,f,g)=((f^g)&e)^g
+	add	$h,$T1			# T1+=h
+
+	mov	$a,$h
+	add	$a0,$T1			# T1+=Sigma1(e)
+
+	add	$a2,$T1			# T1+=Ch(e,f,g)
+	mov	$a,$a0
+	mov	$a,$a1
+
+	ror	\$$Sigma0[0],$h
+	ror	\$$Sigma0[1],$a0
+	mov	$a,$a2
+	add	($Tbl,$round,$SZ),$T1	# T1+=K[round]
+
+	xor	$a0,$h
+	ror	\$`$Sigma0[2]-$Sigma0[1]`,$a0
+	or	$c,$a1			# a|c
+
+	xor	$a0,$h			# h=Sigma0(a)
+	and	$c,$a2			# a&c
+	add	$T1,$d			# d+=T1
+
+	and	$b,$a1			# (a|c)&b
+	add	$T1,$h			# h+=T1
+
+	or	$a2,$a1			# Maj(a,b,c)=((a|c)&b)|(a&c)
+	lea	1($round),$round	# round++
+
+	add	$a1,$h			# h+=Maj(a,b,c)
+___
+}
+
+sub ROUND_16_XX()
+{ my ($i,$a,$b,$c,$d,$e,$f,$g,$h) = @_;
+
+$code.=<<___;
+	mov	`$SZ*(($i+1)&0xf)`(%rsp),$a0
+	mov	`$SZ*(($i+14)&0xf)`(%rsp),$T1
+
+	mov	$a0,$a2
+
+	shr	\$$sigma0[2],$a0
+	ror	\$$sigma0[0],$a2
+
+	xor	$a2,$a0
+	ror	\$`$sigma0[1]-$sigma0[0]`,$a2
+
+	xor	$a2,$a0			# sigma0(X[(i+1)&0xf])
+	mov	$T1,$a1
+
+	shr	\$$sigma1[2],$T1
+	ror	\$$sigma1[0],$a1
+
+	xor	$a1,$T1
+	ror	\$`$sigma1[1]-$sigma1[0]`,$a1
+
+	xor	$a1,$T1			# sigma1(X[(i+14)&0xf])
+
+	add	$a0,$T1
+
+	add	`$SZ*(($i+9)&0xf)`(%rsp),$T1
+
+	add	`$SZ*($i&0xf)`(%rsp),$T1
+___
+	&ROUND_00_15(@_);
+}
+
+$code=<<___;
+.text
+
+.globl	$func
+.type	$func,\@function,4
+.align	16
+$func:
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	mov	%rsp,%r11		# copy %rsp
+	shl	\$4,%rdx		# num*16
+	sub	\$$framesz,%rsp
+	lea	($inp,%rdx,$SZ),%rdx	# inp+num*16*$SZ
+	and	\$-64,%rsp		# align stack frame
+	mov	$ctx,$_ctx		# save ctx, 1st arg
+	mov	$inp,$_inp		# save inp, 2nd arh
+	mov	%rdx,$_end		# save end pointer, "3rd" arg
+	mov	%r11,$_rsp		# save copy of %rsp
+.Lprologue:
+
+	lea	$TABLE(%rip),$Tbl
+
+	mov	$SZ*0($ctx),$A
+	mov	$SZ*1($ctx),$B
+	mov	$SZ*2($ctx),$C
+	mov	$SZ*3($ctx),$D
+	mov	$SZ*4($ctx),$E
+	mov	$SZ*5($ctx),$F
+	mov	$SZ*6($ctx),$G
+	mov	$SZ*7($ctx),$H
+	jmp	.Lloop
+
+.align	16
+.Lloop:
+	xor	$round,$round
+___
+	for($i=0;$i<16;$i++) {
+		$code.="	mov	$SZ*$i($inp),$T1\n";
+		$code.="	bswap	$T1\n";
+		&ROUND_00_15($i,@ROT);
+		unshift(@ROT,pop(@ROT));
+	}
+$code.=<<___;
+	jmp	.Lrounds_16_xx
+.align	16
+.Lrounds_16_xx:
+___
+	for(;$i<32;$i++) {
+		&ROUND_16_XX($i,@ROT);
+		unshift(@ROT,pop(@ROT));
+	}
+
+$code.=<<___;
+	cmp	\$$rounds,$round
+	jb	.Lrounds_16_xx
+
+	mov	$_ctx,$ctx
+	lea	16*$SZ($inp),$inp
+
+	add	$SZ*0($ctx),$A
+	add	$SZ*1($ctx),$B
+	add	$SZ*2($ctx),$C
+	add	$SZ*3($ctx),$D
+	add	$SZ*4($ctx),$E
+	add	$SZ*5($ctx),$F
+	add	$SZ*6($ctx),$G
+	add	$SZ*7($ctx),$H
+
+	cmp	$_end,$inp
+
+	mov	$A,$SZ*0($ctx)
+	mov	$B,$SZ*1($ctx)
+	mov	$C,$SZ*2($ctx)
+	mov	$D,$SZ*3($ctx)
+	mov	$E,$SZ*4($ctx)
+	mov	$F,$SZ*5($ctx)
+	mov	$G,$SZ*6($ctx)
+	mov	$H,$SZ*7($ctx)
+	jb	.Lloop
+
+	mov	$_rsp,%rsi
+	mov	(%rsi),%r15
+	mov	8(%rsi),%r14
+	mov	16(%rsi),%r13
+	mov	24(%rsi),%r12
+	mov	32(%rsi),%rbp
+	mov	40(%rsi),%rbx
+	lea	48(%rsi),%rsp
+.Lepilogue:
+	ret
+.size	$func,.-$func
+___
+
+if ($SZ==4) {
+$code.=<<___;
+.align	64
+.type	$TABLE,\@object
+$TABLE:
+	.long	0x428a2f98,0x71374491,0xb5c0fbcf,0xe9b5dba5
+	.long	0x3956c25b,0x59f111f1,0x923f82a4,0xab1c5ed5
+	.long	0xd807aa98,0x12835b01,0x243185be,0x550c7dc3
+	.long	0x72be5d74,0x80deb1fe,0x9bdc06a7,0xc19bf174
+	.long	0xe49b69c1,0xefbe4786,0x0fc19dc6,0x240ca1cc
+	.long	0x2de92c6f,0x4a7484aa,0x5cb0a9dc,0x76f988da
+	.long	0x983e5152,0xa831c66d,0xb00327c8,0xbf597fc7
+	.long	0xc6e00bf3,0xd5a79147,0x06ca6351,0x14292967
+	.long	0x27b70a85,0x2e1b2138,0x4d2c6dfc,0x53380d13
+	.long	0x650a7354,0x766a0abb,0x81c2c92e,0x92722c85
+	.long	0xa2bfe8a1,0xa81a664b,0xc24b8b70,0xc76c51a3
+	.long	0xd192e819,0xd6990624,0xf40e3585,0x106aa070
+	.long	0x19a4c116,0x1e376c08,0x2748774c,0x34b0bcb5
+	.long	0x391c0cb3,0x4ed8aa4a,0x5b9cca4f,0x682e6ff3
+	.long	0x748f82ee,0x78a5636f,0x84c87814,0x8cc70208
+	.long	0x90befffa,0xa4506ceb,0xbef9a3f7,0xc67178f2
+___
+} else {
+$code.=<<___;
+.align	64
+.type	$TABLE,\@object
+$TABLE:
+	.quad	0x428a2f98d728ae22,0x7137449123ef65cd
+	.quad	0xb5c0fbcfec4d3b2f,0xe9b5dba58189dbbc
+	.quad	0x3956c25bf348b538,0x59f111f1b605d019
+	.quad	0x923f82a4af194f9b,0xab1c5ed5da6d8118
+	.quad	0xd807aa98a3030242,0x12835b0145706fbe
+	.quad	0x243185be4ee4b28c,0x550c7dc3d5ffb4e2
+	.quad	0x72be5d74f27b896f,0x80deb1fe3b1696b1
+	.quad	0x9bdc06a725c71235,0xc19bf174cf692694
+	.quad	0xe49b69c19ef14ad2,0xefbe4786384f25e3
+	.quad	0x0fc19dc68b8cd5b5,0x240ca1cc77ac9c65
+	.quad	0x2de92c6f592b0275,0x4a7484aa6ea6e483
+	.quad	0x5cb0a9dcbd41fbd4,0x76f988da831153b5
+	.quad	0x983e5152ee66dfab,0xa831c66d2db43210
+	.quad	0xb00327c898fb213f,0xbf597fc7beef0ee4
+	.quad	0xc6e00bf33da88fc2,0xd5a79147930aa725
+	.quad	0x06ca6351e003826f,0x142929670a0e6e70
+	.quad	0x27b70a8546d22ffc,0x2e1b21385c26c926
+	.quad	0x4d2c6dfc5ac42aed,0x53380d139d95b3df
+	.quad	0x650a73548baf63de,0x766a0abb3c77b2a8
+	.quad	0x81c2c92e47edaee6,0x92722c851482353b
+	.quad	0xa2bfe8a14cf10364,0xa81a664bbc423001
+	.quad	0xc24b8b70d0f89791,0xc76c51a30654be30
+	.quad	0xd192e819d6ef5218,0xd69906245565a910
+	.quad	0xf40e35855771202a,0x106aa07032bbd1b8
+	.quad	0x19a4c116b8d2d0c8,0x1e376c085141ab53
+	.quad	0x2748774cdf8eeb99,0x34b0bcb5e19b48a8
+	.quad	0x391c0cb3c5c95a63,0x4ed8aa4ae3418acb
+	.quad	0x5b9cca4f7763e373,0x682e6ff3d6b2b8a3
+	.quad	0x748f82ee5defb2fc,0x78a5636f43172f60
+	.quad	0x84c87814a1f0ab72,0x8cc702081a6439ec
+	.quad	0x90befffa23631e28,0xa4506cebde82bde9
+	.quad	0xbef9a3f7b2c67915,0xc67178f2e372532b
+	.quad	0xca273eceea26619c,0xd186b8c721c0c207
+	.quad	0xeada7dd6cde0eb1e,0xf57d4f7fee6ed178
+	.quad	0x06f067aa72176fba,0x0a637dc5a2c898a6
+	.quad	0x113f9804bef90dae,0x1b710b35131c471b
+	.quad	0x28db77f523047d84,0x32caab7b40c72493
+	.quad	0x3c9ebe0a15c9bebc,0x431d67c49c100d4c
+	.quad	0x4cc5d4becb3e42b6,0x597f299cfc657e2a
+	.quad	0x5fcb6fab3ad6faec,0x6c44198c4a475817
+___
+}
+
+# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
+#		CONTEXT *context,DISPATCHER_CONTEXT *disp)
+if ($win64) {
+$rec="%rcx";
+$frame="%rdx";
+$context="%r8";
+$disp="%r9";
+
+$code.=<<___;
+.extern	__imp_RtlVirtualUnwind
+.type	se_handler,\@abi-omnipotent
+.align	16
+se_handler:
+	push	%rsi
+	push	%rdi
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	pushfq
+	sub	\$64,%rsp
+
+	mov	120($context),%rax	# pull context->Rax
+	mov	248($context),%rbx	# pull context->Rip
+
+	lea	.Lprologue(%rip),%r10
+	cmp	%r10,%rbx		# context->Rip<.Lprologue
+	jb	.Lin_prologue
+
+	mov	152($context),%rax	# pull context->Rsp
+
+	lea	.Lepilogue(%rip),%r10
+	cmp	%r10,%rbx		# context->Rip>=.Lepilogue
+	jae	.Lin_prologue
+
+	mov	16*$SZ+3*8(%rax),%rax	# pull $_rsp
+	lea	48(%rax),%rax
+
+	mov	-8(%rax),%rbx
+	mov	-16(%rax),%rbp
+	mov	-24(%rax),%r12
+	mov	-32(%rax),%r13
+	mov	-40(%rax),%r14
+	mov	-48(%rax),%r15
+	mov	%rbx,144($context)	# restore context->Rbx
+	mov	%rbp,160($context)	# restore context->Rbp
+	mov	%r12,216($context)	# restore context->R12
+	mov	%r13,224($context)	# restore context->R13
+	mov	%r14,232($context)	# restore context->R14
+	mov	%r15,240($context)	# restore context->R15
+
+.Lin_prologue:
+	mov	8(%rax),%rdi
+	mov	16(%rax),%rsi
+	mov	%rax,152($context)	# restore context->Rsp
+	mov	%rsi,168($context)	# restore context->Rsi
+	mov	%rdi,176($context)	# restore context->Rdi
+
+	mov	40($disp),%rdi		# disp->ContextRecord
+	mov	$context,%rsi		# context
+	mov	\$154,%ecx		# sizeof(CONTEXT)
+	.long	0xa548f3fc		# cld; rep movsq
+
+	mov	$disp,%rsi
+	xor	%rcx,%rcx		# arg1, UNW_FLAG_NHANDLER
+	mov	8(%rsi),%rdx		# arg2, disp->ImageBase
+	mov	0(%rsi),%r8		# arg3, disp->ControlPc
+	mov	16(%rsi),%r9		# arg4, disp->FunctionEntry
+	mov	40(%rsi),%r10		# disp->ContextRecord
+	lea	56(%rsi),%r11		# &disp->HandlerData
+	lea	24(%rsi),%r12		# &disp->EstablisherFrame
+	mov	%r10,32(%rsp)		# arg5
+	mov	%r11,40(%rsp)		# arg6
+	mov	%r12,48(%rsp)		# arg7
+	mov	%rcx,56(%rsp)		# arg8, (NULL)
+	call	*__imp_RtlVirtualUnwind(%rip)
+
+	mov	\$1,%eax		# ExceptionContinueSearch
+	add	\$64,%rsp
+	popfq
+	pop	%r15
+	pop	%r14
+	pop	%r13
+	pop	%r12
+	pop	%rbp
+	pop	%rbx
+	pop	%rdi
+	pop	%rsi
+	ret
+.size	se_handler,.-se_handler
+
+.section	.pdata
+.align	4
+	.rva	.LSEH_begin_$func
+	.rva	.LSEH_end_$func
+	.rva	.LSEH_info_$func
+
+.section	.xdata
+.align	8
+.LSEH_info_$func:
+	.byte	9,0,0,0
+	.rva	se_handler
+___
+}
+
+$code =~ s/\`([^\`]*)\`/eval $1/gem;
+print $code;
+close STDOUT;
diff --git a/crypto/sha/sha.h b/crypto/sha/sha.h
index a900ad3e95..16cacf9fc0 100644
--- a/crypto/sha/sha.h
+++ b/crypto/sha/sha.h
@@ -60,6 +60,7 @@
 #define HEADER_SHA_H
 
 #include <openssl/e_os2.h>
+#include <stddef.h>
 
 #ifdef  __cplusplus
 extern "C" {
@@ -80,7 +81,7 @@ extern "C" {
  * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
  */
 
-#if defined(OPENSSL_SYS_WIN16) || defined(__LP32__)
+#if defined(__LP32__)
 #define SHA_LONG unsigned long
 #elif defined(OPENSSL_SYS_CRAY) || defined(__ILP64__)
 #define SHA_LONG unsigned long
@@ -148,6 +149,7 @@ void SHA256_Transform(SHA256_CTX *c, const unsigned char *data);
 #define SHA384_DIGEST_LENGTH	48
 #define SHA512_DIGEST_LENGTH	64
 
+#ifndef OPENSSL_NO_SHA512
 /*
  * Unlike 32-bit digest algorithms, SHA-512 *relies* on SHA_LONG64
  * being exactly 64-bit wide. See Implementation Notes in sha512.c
@@ -177,6 +179,7 @@ typedef struct SHA512state_st
 	} u;
 	unsigned int num,md_len;
 	} SHA512_CTX;
+#endif
 
 #ifndef OPENSSL_NO_SHA512
 int SHA384_Init(SHA512_CTX *c);
diff --git a/crypto/sha/sha1_one.c b/crypto/sha/sha1_one.c
index 582b25394c..7c65b60276 100644
--- a/crypto/sha/sha1_one.c
+++ b/crypto/sha/sha1_one.c
@@ -68,7 +68,8 @@ unsigned char *SHA1(const unsigned char *d, size_t n, unsigned char *md)
 	static unsigned char m[SHA_DIGEST_LENGTH];
 
 	if (md == NULL) md=m;
-	SHA1_Init(&c);
+	if (!SHA1_Init(&c))
+		return NULL;
 	SHA1_Update(&c,d,n);
 	SHA1_Final(md,&c);
 	OPENSSL_cleanse(&c,sizeof(c));
diff --git a/crypto/sha/sha1dgst.c b/crypto/sha/sha1dgst.c
index 182f65982a..50d1925cde 100644
--- a/crypto/sha/sha1dgst.c
+++ b/crypto/sha/sha1dgst.c
@@ -56,6 +56,7 @@
  * [including the GNU Public Licence.]
  */
 
+#include <openssl/opensslconf.h>
 #if !defined(OPENSSL_NO_SHA1) && !defined(OPENSSL_NO_SHA)
 
 #undef  SHA_0
@@ -63,7 +64,7 @@
 
 #include <openssl/opensslv.h>
 
-const char *SHA1_version="SHA1" OPENSSL_VERSION_PTEXT;
+const char SHA1_version[]="SHA1" OPENSSL_VERSION_PTEXT;
 
 /* The implementation is in ../md32_common.h */
 
diff --git a/crypto/sha/sha1s.cpp b/crypto/sha/sha1s.cpp
deleted file mode 100644
index af23d1e0f2..0000000000
--- a/crypto/sha/sha1s.cpp
+++ /dev/null
@@ -1,82 +0,0 @@
-//
-// gettsc.inl
-//
-// gives access to the Pentium's (secret) cycle counter
-//
-// This software was written by Leonard Janke (janke@unixg.ubc.ca)
-// in 1996-7 and is entered, by him, into the public domain.
-
-#if defined(__WATCOMC__)
-void GetTSC(unsigned long&);
-#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
-#elif defined(__GNUC__)
-inline
-void GetTSC(unsigned long& tsc)
-{
-  asm volatile(".byte 15, 49\n\t"
-	       : "=eax" (tsc)
-	       :
-	       : "%edx", "%eax");
-}
-#elif defined(_MSC_VER)
-inline
-void GetTSC(unsigned long& tsc)
-{
-  unsigned long a;
-  __asm _emit 0fh
-  __asm _emit 31h
-  __asm mov a, eax;
-  tsc=a;
-}
-#endif      
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <openssl/sha.h>
-
-#define sha1_block_x86 sha1_block_asm_data_order
-extern "C" {
-void sha1_block_x86(SHA_CTX *ctx, unsigned char *buffer,int num);
-}
-
-void main(int argc,char *argv[])
-	{
-	unsigned char buffer[64*256];
-	SHA_CTX ctx;
-	unsigned long s1,s2,e1,e2;
-	unsigned char k[16];
-	unsigned long data[2];
-	unsigned char iv[8];
-	int i,num=0,numm;
-	int j=0;
-
-	if (argc >= 2)
-		num=atoi(argv[1]);
-
-	if (num == 0) num=16;
-	if (num > 250) num=16;
-	numm=num+2;
-#if 0
-	num*=64;
-	numm*=64;
-#endif
-
-	for (j=0; j<6; j++)
-		{
-		for (i=0; i<10; i++) /**/
-			{
-			sha1_block_x86(&ctx,buffer,numm);
-			GetTSC(s1);
-			sha1_block_x86(&ctx,buffer,numm);
-			GetTSC(e1);
-			GetTSC(s2);
-			sha1_block_x86(&ctx,buffer,num);
-			GetTSC(e2);
-			sha1_block_x86(&ctx,buffer,num);
-			}
-
-		printf("sha1 (%d bytes) %d %d (%.2f)\n",num*64,
-			e1-s1,e2-s2,(double)((e1-s1)-(e2-s2))/2);
-		}
-	}
-
diff --git a/crypto/sha/sha1test.c b/crypto/sha/sha1test.c
index b0650c7254..6feb3964c7 100644
--- a/crypto/sha/sha1test.c
+++ b/crypto/sha/sha1test.c
@@ -106,7 +106,7 @@ static char *pt(unsigned char *md);
 int main(int argc, char *argv[])
 	{
 	int i,err=0;
-	unsigned char **P,**R;
+	char **P,**R;
 	static unsigned char buf[1000];
 	char *p,*r;
 	EVP_MD_CTX c;
@@ -118,8 +118,8 @@ int main(int argc, char *argv[])
 #endif
 
 	EVP_MD_CTX_init(&c);
-	P=(unsigned char **)test;
-	R=(unsigned char **)ret;
+	P=test;
+	R=ret;
 	i=1;
 	while (*P != NULL)
 		{
diff --git a/crypto/sha/sha256.c b/crypto/sha/sha256.c
index 5f3845f55c..8952d87673 100644
--- a/crypto/sha/sha256.c
+++ b/crypto/sha/sha256.c
@@ -4,37 +4,37 @@
  * according to the OpenSSL license [found in ../../LICENSE].
  * ====================================================================
  */
+#include <openssl/opensslconf.h>
 #if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA256)
 
 #include <stdlib.h>
 #include <string.h>
 
-#include <openssl/opensslconf.h>
 #include <openssl/crypto.h>
 #include <openssl/sha.h>
 #include <openssl/opensslv.h>
 
-const char *SHA256_version="SHA-256" OPENSSL_VERSION_PTEXT;
+const char SHA256_version[]="SHA-256" OPENSSL_VERSION_PTEXT;
 
 int SHA224_Init (SHA256_CTX *c)
 	{
+	memset (c,0,sizeof(*c));
 	c->h[0]=0xc1059ed8UL;	c->h[1]=0x367cd507UL;
 	c->h[2]=0x3070dd17UL;	c->h[3]=0xf70e5939UL;
 	c->h[4]=0xffc00b31UL;	c->h[5]=0x68581511UL;
 	c->h[6]=0x64f98fa7UL;	c->h[7]=0xbefa4fa4UL;
-	c->Nl=0;	c->Nh=0;
-	c->num=0;	c->md_len=SHA224_DIGEST_LENGTH;
+	c->md_len=SHA224_DIGEST_LENGTH;
 	return 1;
 	}
 
 int SHA256_Init (SHA256_CTX *c)
 	{
+	memset (c,0,sizeof(*c));
 	c->h[0]=0x6a09e667UL;	c->h[1]=0xbb67ae85UL;
 	c->h[2]=0x3c6ef372UL;	c->h[3]=0xa54ff53aUL;
 	c->h[4]=0x510e527fUL;	c->h[5]=0x9b05688cUL;
 	c->h[6]=0x1f83d9abUL;	c->h[7]=0x5be0cd19UL;
-	c->Nl=0;	c->Nh=0;
-	c->num=0;	c->md_len=SHA256_DIGEST_LENGTH;
+	c->md_len=SHA256_DIGEST_LENGTH;
 	return 1;
 	}
 
@@ -69,17 +69,11 @@ int SHA224_Update(SHA256_CTX *c, const void *data, size_t len)
 int SHA224_Final (unsigned char *md, SHA256_CTX *c)
 {   return SHA256_Final (md,c);   }
 
-#ifndef	SHA_LONG_LOG2
-#define	SHA_LONG_LOG2	2	/* default to 32 bits */
-#endif
-
 #define	DATA_ORDER_IS_BIG_ENDIAN
 
 #define	HASH_LONG		SHA_LONG
-#define	HASH_LONG_LOG2		SHA_LONG_LOG2
 #define	HASH_CTX		SHA256_CTX
 #define	HASH_CBLOCK		SHA_CBLOCK
-#define	HASH_LBLOCK		SHA_LBLOCK
 /*
  * Note that FIPS180-2 discusses "Truncation of the Hash Function Output."
  * default: case below covers for it. It's not clear however if it's
@@ -90,21 +84,21 @@ int SHA224_Final (unsigned char *md, SHA256_CTX *c)
  */
 #define	HASH_MAKE_STRING(c,s)	do {	\
 	unsigned long ll;		\
-	unsigned int  n;		\
+	unsigned int  nn;		\
 	switch ((c)->md_len)		\
 	{   case SHA224_DIGEST_LENGTH:	\
-		for (n=0;n<SHA224_DIGEST_LENGTH/4;n++)	\
-		{   ll=(c)->h[n]; HOST_l2c(ll,(s));   }	\
+		for (nn=0;nn<SHA224_DIGEST_LENGTH/4;nn++)	\
+		{   ll=(c)->h[nn]; HOST_l2c(ll,(s));   }	\
 		break;			\
 	    case SHA256_DIGEST_LENGTH:	\
-		for (n=0;n<SHA256_DIGEST_LENGTH/4;n++)	\
-		{   ll=(c)->h[n]; HOST_l2c(ll,(s));   }	\
+		for (nn=0;nn<SHA256_DIGEST_LENGTH/4;nn++)	\
+		{   ll=(c)->h[nn]; HOST_l2c(ll,(s));   }	\
 		break;			\
 	    default:			\
 		if ((c)->md_len > SHA256_DIGEST_LENGTH)	\
 		    return 0;				\
-		for (n=0;n<(c)->md_len/4;n++)		\
-		{   ll=(c)->h[n]; HOST_l2c(ll,(s));   }	\
+		for (nn=0;nn<(c)->md_len/4;nn++)		\
+		{   ll=(c)->h[nn]; HOST_l2c(ll,(s));   }	\
 		break;			\
 	}				\
 	} while (0)
@@ -112,16 +106,15 @@ int SHA224_Final (unsigned char *md, SHA256_CTX *c)
 #define	HASH_UPDATE		SHA256_Update
 #define	HASH_TRANSFORM		SHA256_Transform
 #define	HASH_FINAL		SHA256_Final
-#define	HASH_BLOCK_HOST_ORDER	sha256_block_host_order
 #define	HASH_BLOCK_DATA_ORDER	sha256_block_data_order
-void sha256_block_host_order (SHA256_CTX *ctx, const void *in, size_t num);
+#ifndef SHA256_ASM
+static
+#endif
 void sha256_block_data_order (SHA256_CTX *ctx, const void *in, size_t num);
 
 #include "md32_common.h"
 
-#ifdef SHA256_ASM
-void sha256_block (SHA256_CTX *ctx, const void *in, size_t num, int host);
-#else
+#ifndef SHA256_ASM
 static const SHA_LONG K256[64] = {
 	0x428a2f98UL,0x71374491UL,0xb5c0fbcfUL,0xe9b5dba5UL,
 	0x3956c25bUL,0x59f111f1UL,0x923f82a4UL,0xab1c5ed5UL,
@@ -155,10 +148,10 @@ static const SHA_LONG K256[64] = {
 
 #ifdef OPENSSL_SMALL_FOOTPRINT
 
-static void sha256_block (SHA256_CTX *ctx, const void *in, size_t num, int host)
+static void sha256_block_data_order (SHA256_CTX *ctx, const void *in, size_t num)
 	{
 	unsigned MD32_REG_T a,b,c,d,e,f,g,h,s0,s1,T1,T2;
-	SHA_LONG	X[16];
+	SHA_LONG	X[16],l;
 	int i;
 	const unsigned char *data=in;
 
@@ -167,33 +160,13 @@ static void sha256_block (SHA256_CTX *ctx, const void *in, size_t num, int host)
 	a = ctx->h[0];	b = ctx->h[1];	c = ctx->h[2];	d = ctx->h[3];
 	e = ctx->h[4];	f = ctx->h[5];	g = ctx->h[6];	h = ctx->h[7];
 
-	if (host)
-		{
-		const SHA_LONG *W=(const SHA_LONG *)data;
-
-		for (i=0;i<16;i++)
-			{
-			T1 = X[i] = W[i];
-			T1 += h + Sigma1(e) + Ch(e,f,g) + K256[i];
-			T2 = Sigma0(a) + Maj(a,b,c);
-			h = g;	g = f;	f = e;	e = d + T1;
-			d = c;	c = b;	b = a;	a = T1 + T2;
-			}
-
-		data += SHA256_CBLOCK;
-		}
-	else
+	for (i=0;i<16;i++)
 		{
-		SHA_LONG l;
-
-		for (i=0;i<16;i++)
-			{
-			HOST_c2l(data,l); T1 = X[i] = l;
-			T1 += h + Sigma1(e) + Ch(e,f,g) + K256[i];
-			T2 = Sigma0(a) + Maj(a,b,c);
-			h = g;	g = f;	f = e;	e = d + T1;
-			d = c;	c = b;	b = a;	a = T1 + T2;
-			}
+		HOST_c2l(data,l); T1 = X[i] = l;
+		T1 += h + Sigma1(e) + Ch(e,f,g) + K256[i];
+		T2 = Sigma0(a) + Maj(a,b,c);
+		h = g;	g = f;	f = e;	e = d + T1;
+		d = c;	c = b;	b = a;	a = T1 + T2;
 		}
 
 	for (;i<64;i++)
@@ -227,19 +200,20 @@ static void sha256_block (SHA256_CTX *ctx, const void *in, size_t num, int host)
 	T1 = X[(i)&0x0f] += s0 + s1 + X[(i+9)&0x0f];	\
 	ROUND_00_15(i,a,b,c,d,e,f,g,h);		} while (0)
 
-static void sha256_block (SHA256_CTX *ctx, const void *in, size_t num, int host)
+static void sha256_block_data_order (SHA256_CTX *ctx, const void *in, size_t num)
 	{
 	unsigned MD32_REG_T a,b,c,d,e,f,g,h,s0,s1,T1;
 	SHA_LONG	X[16];
 	int i;
 	const unsigned char *data=in;
+	const union { long one; char little; } is_endian = {1};
 
 			while (num--) {
 
 	a = ctx->h[0];	b = ctx->h[1];	c = ctx->h[2];	d = ctx->h[3];
 	e = ctx->h[4];	f = ctx->h[5];	g = ctx->h[6];	h = ctx->h[7];
 
-	if (host)
+	if (!is_endian.little && sizeof(SHA_LONG)==4 && ((size_t)in%4)==0)
 		{
 		const SHA_LONG *W=(const SHA_LONG *)data;
 
@@ -305,15 +279,4 @@ static void sha256_block (SHA256_CTX *ctx, const void *in, size_t num, int host)
 #endif
 #endif /* SHA256_ASM */
 
-/*
- * Idea is to trade couple of cycles for some space. On IA-32 we save
- * about 4K in "big footprint" case. In "small footprint" case any gain
- * is appreciated:-)
- */
-void HASH_BLOCK_HOST_ORDER (SHA256_CTX *ctx, const void *in, size_t num)
-{   sha256_block (ctx,in,num,1);   }
-
-void HASH_BLOCK_DATA_ORDER (SHA256_CTX *ctx, const void *in, size_t num)
-{   sha256_block (ctx,in,num,0);   }
-
 #endif /* OPENSSL_NO_SHA256 */
diff --git a/crypto/sha/sha256t.c b/crypto/sha/sha256t.c
index 5c26ec86ef..6b4a3bd001 100644
--- a/crypto/sha/sha256t.c
+++ b/crypto/sha/sha256t.c
@@ -10,6 +10,14 @@
 #include <openssl/sha.h>
 #include <openssl/evp.h>
 
+#if defined(OPENSSL_NO_SHA) || defined(OPENSSL_NO_SHA256)
+int main(int argc, char *argv[])
+{
+    printf("No SHA256 support\n");
+    return(0);
+}
+#else
+
 unsigned char app_b1[SHA256_DIGEST_LENGTH] = {
 	0xba,0x78,0x16,0xbf,0x8f,0x01,0xcf,0xea,
 	0x41,0x41,0x40,0xde,0x5d,0xae,0x22,0x23,
@@ -46,7 +54,7 @@ unsigned char addenum_3[SHA224_DIGEST_LENGTH] = {
 	0xf0,0x3f,0x42,0x58,0x19,0x48,0xb2,0xee,
 	0x4e,0xe7,0xad,0x67 };
 
-int main ()
+int main (int argc,char **argv)
 { unsigned char md[SHA256_DIGEST_LENGTH];
   int		i;
   EVP_MD_CTX	evp;
@@ -136,3 +144,4 @@ int main ()
 
   return 0;
 }
+#endif
diff --git a/crypto/sha/sha512.c b/crypto/sha/sha512.c
index c84bd5addf..cbc0e58c48 100644
--- a/crypto/sha/sha512.c
+++ b/crypto/sha/sha512.c
@@ -4,6 +4,7 @@
  * according to the OpenSSL license [found in ../../LICENSE].
  * ====================================================================
  */
+#include <openssl/opensslconf.h>
 #if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA512)
 /*
  * IMPLEMENTATION NOTES.
@@ -43,21 +44,36 @@
 #include <stdlib.h>
 #include <string.h>
 
-#include <openssl/opensslconf.h>
 #include <openssl/crypto.h>
 #include <openssl/sha.h>
 #include <openssl/opensslv.h>
 
 #include "cryptlib.h"
 
-const char *SHA512_version="SHA-512" OPENSSL_VERSION_PTEXT;
+const char SHA512_version[]="SHA-512" OPENSSL_VERSION_PTEXT;
 
-#if defined(_M_IX86) || defined(_M_AMD64) || defined(__i386) || defined(__x86_64)
+#if defined(__i386) || defined(__i386__) || defined(_M_IX86) || \
+    defined(__x86_64) || defined(_M_AMD64) || defined(_M_X64) || \
+    defined(__s390__) || defined(__s390x__) || \
+    defined(SHA512_ASM)
 #define SHA512_BLOCK_CAN_MANAGE_UNALIGNED_DATA
 #endif
 
 int SHA384_Init (SHA512_CTX *c)
 	{
+#if defined(SHA512_ASM) && (defined(__arm__) || defined(__arm))
+	/* maintain dword order required by assembler module */
+	unsigned int *h = (unsigned int *)c->h;
+
+	h[0]  = 0xcbbb9d5d; h[1]  = 0xc1059ed8;
+	h[2]  = 0x629a292a; h[3]  = 0x367cd507;
+	h[4]  = 0x9159015a; h[5]  = 0x3070dd17;
+	h[6]  = 0x152fecd8; h[7]  = 0xf70e5939;
+	h[8]  = 0x67332667; h[9]  = 0xffc00b31;
+	h[10] = 0x8eb44a87; h[11] = 0x68581511;
+	h[12] = 0xdb0c2e0d; h[13] = 0x64f98fa7;
+	h[14] = 0x47b5481d; h[15] = 0xbefa4fa4;
+#else
 	c->h[0]=U64(0xcbbb9d5dc1059ed8);
 	c->h[1]=U64(0x629a292a367cd507);
 	c->h[2]=U64(0x9159015a3070dd17);
@@ -66,6 +82,7 @@ int SHA384_Init (SHA512_CTX *c)
 	c->h[5]=U64(0x8eb44a8768581511);
 	c->h[6]=U64(0xdb0c2e0d64f98fa7);
 	c->h[7]=U64(0x47b5481dbefa4fa4);
+#endif
         c->Nl=0;        c->Nh=0;
         c->num=0;       c->md_len=SHA384_DIGEST_LENGTH;
         return 1;
@@ -73,6 +90,19 @@ int SHA384_Init (SHA512_CTX *c)
 
 int SHA512_Init (SHA512_CTX *c)
 	{
+#if defined(SHA512_ASM) && (defined(__arm__) || defined(__arm))
+	/* maintain dword order required by assembler module */
+	unsigned int *h = (unsigned int *)c->h;
+
+	h[0]  = 0x6a09e667; h[1]  = 0xf3bcc908;
+	h[2]  = 0xbb67ae85; h[3]  = 0x84caa73b;
+	h[4]  = 0x3c6ef372; h[5]  = 0xfe94f82b;
+	h[6]  = 0xa54ff53a; h[7]  = 0x5f1d36f1;
+	h[8]  = 0x510e527f; h[9]  = 0xade682d1;
+	h[10] = 0x9b05688c; h[11] = 0x2b3e6c1f;
+	h[12] = 0x1f83d9ab; h[13] = 0xfb41bd6b;
+	h[14] = 0x5be0cd19; h[15] = 0x137e2179;
+#else
 	c->h[0]=U64(0x6a09e667f3bcc908);
 	c->h[1]=U64(0xbb67ae8584caa73b);
 	c->h[2]=U64(0x3c6ef372fe94f82b);
@@ -81,6 +111,7 @@ int SHA512_Init (SHA512_CTX *c)
 	c->h[5]=U64(0x9b05688c2b3e6c1f);
 	c->h[6]=U64(0x1f83d9abfb41bd6b);
 	c->h[7]=U64(0x5be0cd19137e2179);
+#endif
         c->Nl=0;        c->Nh=0;
         c->num=0;       c->md_len=SHA512_DIGEST_LENGTH;
         return 1;
@@ -89,7 +120,7 @@ int SHA512_Init (SHA512_CTX *c)
 #ifndef SHA512_ASM
 static
 #endif
-void sha512_block (SHA512_CTX *ctx, const void *in, size_t num);
+void sha512_block_data_order (SHA512_CTX *ctx, const void *in, size_t num);
 
 int SHA512_Final (unsigned char *md, SHA512_CTX *c)
 	{
@@ -100,7 +131,7 @@ int SHA512_Final (unsigned char *md, SHA512_CTX *c)
 	n++;
 	if (n > (sizeof(c->u)-16))
 		memset (p+n,0,sizeof(c->u)-n), n=0,
-		sha512_block (c,p,1);
+		sha512_block_data_order (c,p,1);
 
 	memset (p+n,0,sizeof(c->u)-16-n);
 #ifdef	B_ENDIAN
@@ -125,10 +156,28 @@ int SHA512_Final (unsigned char *md, SHA512_CTX *c)
 	p[sizeof(c->u)-16] = (unsigned char)(c->Nh>>56);
 #endif
 
-	sha512_block (c,p,1);
+	sha512_block_data_order (c,p,1);
 
 	if (md==0) return 0;
 
+#if defined(SHA512_ASM) && (defined(__arm__) || defined(__arm))
+	/* recall assembler dword order... */
+	n = c->md_len;
+	if (n == SHA384_DIGEST_LENGTH || n == SHA512_DIGEST_LENGTH)
+		{
+		unsigned int *h = (unsigned int *)c->h, t;
+
+		for (n/=4;n;n--)
+			{
+			t = *(h++);
+			*(md++) = (unsigned char)(t>>24);
+			*(md++) = (unsigned char)(t>>16);
+			*(md++) = (unsigned char)(t>>8);
+			*(md++) = (unsigned char)(t);
+			}
+		}
+	else	return 0;
+#else
 	switch (c->md_len)
 		{
 		/* Let compiler decide if it's appropriate to unroll... */
@@ -165,7 +214,7 @@ int SHA512_Final (unsigned char *md, SHA512_CTX *c)
 		/* ... as well as make sure md_len is not abused. */
 		default:	return 0;
 		}
-
+#endif
 	return 1;
 	}
 
@@ -191,13 +240,13 @@ int SHA512_Update (SHA512_CTX *c, const void *_data, size_t len)
 
 		if (len < n)
 			{
-			memcpy (p+c->num,data,len), c->num += len;
+			memcpy (p+c->num,data,len), c->num += (unsigned int)len;
 			return 1;
 			}
 		else	{
 			memcpy (p+c->num,data,n), c->num = 0;
 			len-=n, data+=n;
-			sha512_block (c,p,1);
+			sha512_block_data_order (c,p,1);
 			}
 		}
 
@@ -207,12 +256,12 @@ int SHA512_Update (SHA512_CTX *c, const void *_data, size_t len)
 		if ((size_t)data%sizeof(c->u.d[0]) != 0)
 			while (len >= sizeof(c->u))
 				memcpy (p,data,sizeof(c->u)),
-				sha512_block (c,p,1),
+				sha512_block_data_order (c,p,1),
 				len  -= sizeof(c->u),
 				data += sizeof(c->u);
 		else
 #endif
-			sha512_block (c,data,len/sizeof(c->u)),
+			sha512_block_data_order (c,data,len/sizeof(c->u)),
 			data += len,
 			len  %= sizeof(c->u),
 			data -= len;
@@ -227,7 +276,7 @@ int SHA384_Update (SHA512_CTX *c, const void *data, size_t len)
 {   return SHA512_Update (c,data,len);   }
 
 void SHA512_Transform (SHA512_CTX *c, const unsigned char *data)
-{   sha512_block (c,data,1);  }
+{   sha512_block_data_order (c,data,1);  }
 
 unsigned char *SHA384(const unsigned char *d, size_t n, unsigned char *md)
 	{
@@ -301,10 +350,70 @@ static const SHA_LONG64 K512[80] = {
 #ifndef PEDANTIC
 # if defined(__GNUC__) && __GNUC__>=2 && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM)
 #  if defined(__x86_64) || defined(__x86_64__)
-#   define PULL64(x) ({ SHA_LONG64 ret=*((const SHA_LONG64 *)(&(x)));	\
+#   define ROTR(a,n)	({ SHA_LONG64 ret;		\
+				asm ("rorq %1,%0"	\
+				: "=r"(ret)		\
+				: "J"(n),"0"(a)		\
+				: "cc"); ret;		})
+#   if !defined(B_ENDIAN)
+#    define PULL64(x) ({ SHA_LONG64 ret=*((const SHA_LONG64 *)(&(x)));	\
 				asm ("bswapq	%0"		\
 				: "=r"(ret)			\
 				: "0"(ret)); ret;		})
+#   endif
+#  elif (defined(__i386) || defined(__i386__)) && !defined(B_ENDIAN)
+#   if defined(I386_ONLY)
+#    define PULL64(x) ({ const unsigned int *p=(const unsigned int *)(&(x));\
+			 unsigned int hi=p[0],lo=p[1];		\
+				asm("xchgb %%ah,%%al;xchgb %%dh,%%dl;"\
+				    "roll $16,%%eax; roll $16,%%edx; "\
+				    "xchgb %%ah,%%al;xchgb %%dh,%%dl;" \
+				: "=a"(lo),"=d"(hi)		\
+				: "0"(lo),"1"(hi) : "cc");	\
+				((SHA_LONG64)hi)<<32|lo;	})
+#   else
+#    define PULL64(x) ({ const unsigned int *p=(const unsigned int *)(&(x));\
+			 unsigned int hi=p[0],lo=p[1];		\
+				asm ("bswapl %0; bswapl %1;"	\
+				: "=r"(lo),"=r"(hi)		\
+				: "0"(lo),"1"(hi));		\
+				((SHA_LONG64)hi)<<32|lo;	})
+#   endif
+#  elif (defined(_ARCH_PPC) && defined(__64BIT__)) || defined(_ARCH_PPC64)
+#   define ROTR(a,n)	({ SHA_LONG64 ret;		\
+				asm ("rotrdi %0,%1,%2"	\
+				: "=r"(ret)		\
+				: "r"(a),"K"(n)); ret;	})
+#  endif
+# elif defined(_MSC_VER)
+#  if defined(_WIN64)	/* applies to both IA-64 and AMD64 */
+#   pragma intrinsic(_rotr64)
+#   define ROTR(a,n)	_rotr64((a),n)
+#  endif
+#  if defined(_M_IX86) && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM)
+#   if defined(I386_ONLY)
+    static SHA_LONG64 __fastcall __pull64be(const void *x)
+    {	_asm	mov	edx, [ecx + 0]
+	_asm	mov	eax, [ecx + 4]
+	_asm	xchg	dh,dl
+	_asm	xchg	ah,al
+	_asm	rol	edx,16
+	_asm	rol	eax,16
+	_asm	xchg	dh,dl
+	_asm	xchg	ah,al
+    }
+#   else
+    static SHA_LONG64 __fastcall __pull64be(const void *x)
+    {	_asm	mov	edx, [ecx + 0]
+	_asm	mov	eax, [ecx + 4]
+	_asm	bswap	edx
+	_asm	bswap	eax
+    }
+#   endif
+#   define PULL64(x) __pull64be(&(x))
+#   if _MSC_VER<=1200
+#    pragma inline_depth(0)
+#   endif
 #  endif
 # endif
 #endif
@@ -314,27 +423,6 @@ static const SHA_LONG64 K512[80] = {
 #define PULL64(x) (B(x,0)|B(x,1)|B(x,2)|B(x,3)|B(x,4)|B(x,5)|B(x,6)|B(x,7))
 #endif
 
-#ifndef PEDANTIC
-# if defined(_MSC_VER)
-#  if defined(_WIN64)	/* applies to both IA-64 and AMD64 */
-#   define ROTR(a,n)	_rotr64((a),n)
-#  endif
-# elif defined(__GNUC__) && __GNUC__>=2 && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM)
-#  if defined(__x86_64) || defined(__x86_64__)
-#   define ROTR(a,n)	({ unsigned long ret;		\
-				asm ("rorq %1,%0"	\
-				: "=r"(ret)		\
-				: "J"(n),"0"(a)		\
-				: "cc"); ret;		})
-#  elif defined(_ARCH_PPC) && defined(__64BIT__)
-#   define ROTR(a,n)	({ unsigned long ret;		\
-				asm ("rotrdi %0,%1,%2"	\
-				: "=r"(ret)		\
-				: "r"(a),"K"(n)); ret;	})
-#  endif
-# endif
-#endif
-
 #ifndef ROTR
 #define ROTR(x,s)	(((x)>>s) | (x)<<(64-s))
 #endif
@@ -347,27 +435,74 @@ static const SHA_LONG64 K512[80] = {
 #define Ch(x,y,z)	(((x) & (y)) ^ ((~(x)) & (z)))
 #define Maj(x,y,z)	(((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z)))
 
-#if defined(OPENSSL_IA32_SSE2) && !defined(OPENSSL_NO_ASM) && !defined(I386_ONLY)
-#define	GO_FOR_SSE2(ctx,in,num)		do {		\
-	void	sha512_block_sse2(void *,const void *,size_t);	\
-	if (!(OPENSSL_ia32cap_P & (1<<26))) break;	\
-	sha512_block_sse2(ctx->h,in,num); return;	\
-					} while (0)
+
+#if defined(__i386) || defined(__i386__) || defined(_M_IX86)
+/*
+ * This code should give better results on 32-bit CPU with less than
+ * ~24 registers, both size and performance wise...
+ */
+static void sha512_block_data_order (SHA512_CTX *ctx, const void *in, size_t num)
+	{
+	const SHA_LONG64 *W=in;
+	SHA_LONG64	A,E,T;
+	SHA_LONG64	X[9+80],*F;
+	int i;
+
+			while (num--) {
+
+	F    = X+80;
+	A    = ctx->h[0];	F[1] = ctx->h[1];
+	F[2] = ctx->h[2];	F[3] = ctx->h[3];
+	E    = ctx->h[4];	F[5] = ctx->h[5];
+	F[6] = ctx->h[6];	F[7] = ctx->h[7];
+
+	for (i=0;i<16;i++,F--)
+		{
+#ifdef B_ENDIAN
+		T = W[i];
+#else
+		T = PULL64(W[i]);
 #endif
+		F[0] = A;
+		F[4] = E;
+		F[8] = T;
+		T   += F[7] + Sigma1(E) + Ch(E,F[5],F[6]) + K512[i];
+		E    = F[3] + T;
+		A    = T + Sigma0(A) + Maj(A,F[1],F[2]);
+		}
+
+	for (;i<80;i++,F--)
+		{
+		T    = sigma0(F[8+16-1]);
+		T   += sigma1(F[8+16-14]);
+		T   += F[8+16] + F[8+16-9];
+
+		F[0] = A;
+		F[4] = E;
+		F[8] = T;
+		T   += F[7] + Sigma1(E) + Ch(E,F[5],F[6]) + K512[i];
+		E    = F[3] + T;
+		A    = T + Sigma0(A) + Maj(A,F[1],F[2]);
+		}
 
-#ifdef OPENSSL_SMALL_FOOTPRINT
+	ctx->h[0] += A;		ctx->h[1] += F[1];
+	ctx->h[2] += F[2];	ctx->h[3] += F[3];
+	ctx->h[4] += E;		ctx->h[5] += F[5];
+	ctx->h[6] += F[6];	ctx->h[7] += F[7];
+
+			W+=SHA_LBLOCK;
+			}
+	}
 
-static void sha512_block (SHA512_CTX *ctx, const void *in, size_t num)
+#elif defined(OPENSSL_SMALL_FOOTPRINT)
+
+static void sha512_block_data_order (SHA512_CTX *ctx, const void *in, size_t num)
 	{
 	const SHA_LONG64 *W=in;
 	SHA_LONG64	a,b,c,d,e,f,g,h,s0,s1,T1,T2;
 	SHA_LONG64	X[16];
 	int i;
 
-#ifdef GO_FOR_SSE2
-	GO_FOR_SSE2(ctx,in,num);
-#endif
-
 			while (num--) {
 
 	a = ctx->h[0];	b = ctx->h[1];	c = ctx->h[2];	d = ctx->h[3];
@@ -412,23 +547,19 @@ static void sha512_block (SHA512_CTX *ctx, const void *in, size_t num)
 	h = Sigma0(a) + Maj(a,b,c);			\
 	d += T1;	h += T1;		} while (0)
 
-#define	ROUND_16_80(i,a,b,c,d,e,f,g,h,X)	do {	\
-	s0 = X[(i+1)&0x0f];	s0 = sigma0(s0);	\
-	s1 = X[(i+14)&0x0f];	s1 = sigma1(s1);	\
-	T1 = X[(i)&0x0f] += s0 + s1 + X[(i+9)&0x0f];	\
-	ROUND_00_15(i,a,b,c,d,e,f,g,h);		} while (0)
+#define	ROUND_16_80(i,j,a,b,c,d,e,f,g,h,X)	do {	\
+	s0 = X[(j+1)&0x0f];	s0 = sigma0(s0);	\
+	s1 = X[(j+14)&0x0f];	s1 = sigma1(s1);	\
+	T1 = X[(j)&0x0f] += s0 + s1 + X[(j+9)&0x0f];	\
+	ROUND_00_15(i+j,a,b,c,d,e,f,g,h);		} while (0)
 
-static void sha512_block (SHA512_CTX *ctx, const void *in, size_t num)
+static void sha512_block_data_order (SHA512_CTX *ctx, const void *in, size_t num)
 	{
 	const SHA_LONG64 *W=in;
 	SHA_LONG64	a,b,c,d,e,f,g,h,s0,s1,T1;
 	SHA_LONG64	X[16];
 	int i;
 
-#ifdef GO_FOR_SSE2
-	GO_FOR_SSE2(ctx,in,num);
-#endif
-
 			while (num--) {
 
 	a = ctx->h[0];	b = ctx->h[1];	c = ctx->h[2];	d = ctx->h[3];
@@ -470,16 +601,24 @@ static void sha512_block (SHA512_CTX *ctx, const void *in, size_t num)
 	T1 = X[15] = PULL64(W[15]);	ROUND_00_15(15,b,c,d,e,f,g,h,a);
 #endif
 
-	for (i=16;i<80;i+=8)
+	for (i=16;i<80;i+=16)
 		{
-		ROUND_16_80(i+0,a,b,c,d,e,f,g,h,X);
-		ROUND_16_80(i+1,h,a,b,c,d,e,f,g,X);
-		ROUND_16_80(i+2,g,h,a,b,c,d,e,f,X);
-		ROUND_16_80(i+3,f,g,h,a,b,c,d,e,X);
-		ROUND_16_80(i+4,e,f,g,h,a,b,c,d,X);
-		ROUND_16_80(i+5,d,e,f,g,h,a,b,c,X);
-		ROUND_16_80(i+6,c,d,e,f,g,h,a,b,X);
-		ROUND_16_80(i+7,b,c,d,e,f,g,h,a,X);
+		ROUND_16_80(i, 0,a,b,c,d,e,f,g,h,X);
+		ROUND_16_80(i, 1,h,a,b,c,d,e,f,g,X);
+		ROUND_16_80(i, 2,g,h,a,b,c,d,e,f,X);
+		ROUND_16_80(i, 3,f,g,h,a,b,c,d,e,X);
+		ROUND_16_80(i, 4,e,f,g,h,a,b,c,d,X);
+		ROUND_16_80(i, 5,d,e,f,g,h,a,b,c,X);
+		ROUND_16_80(i, 6,c,d,e,f,g,h,a,b,X);
+		ROUND_16_80(i, 7,b,c,d,e,f,g,h,a,X);
+		ROUND_16_80(i, 8,a,b,c,d,e,f,g,h,X);
+		ROUND_16_80(i, 9,h,a,b,c,d,e,f,g,X);
+		ROUND_16_80(i,10,g,h,a,b,c,d,e,f,X);
+		ROUND_16_80(i,11,f,g,h,a,b,c,d,e,X);
+		ROUND_16_80(i,12,e,f,g,h,a,b,c,d,X);
+		ROUND_16_80(i,13,d,e,f,g,h,a,b,c,X);
+		ROUND_16_80(i,14,c,d,e,f,g,h,a,b,X);
+		ROUND_16_80(i,15,b,c,d,e,f,g,h,a,X);
 		}
 
 	ctx->h[0] += a;	ctx->h[1] += b;	ctx->h[2] += c;	ctx->h[3] += d;
@@ -493,4 +632,10 @@ static void sha512_block (SHA512_CTX *ctx, const void *in, size_t num)
 
 #endif /* SHA512_ASM */
 
-#endif /* OPENSSL_NO_SHA512 */
+#else /* !OPENSSL_NO_SHA512 */
+
+#if defined(PEDANTIC) || defined(__DECC) || defined(OPENSSL_SYS_MACOSX)
+static void *dummy=&dummy;
+#endif
+
+#endif /* !OPENSSL_NO_SHA512 */
diff --git a/crypto/sha/sha512t.c b/crypto/sha/sha512t.c
index 7385469bee..210041d435 100644
--- a/crypto/sha/sha512t.c
+++ b/crypto/sha/sha512t.c
@@ -11,6 +11,14 @@
 #include <openssl/evp.h>
 #include <openssl/crypto.h>
 
+#if defined(OPENSSL_NO_SHA) || defined(OPENSSL_NO_SHA512)
+int main(int argc, char *argv[])
+{
+    printf("No SHA512 support\n");
+    return(0);
+}
+#else
+
 unsigned char app_c1[SHA512_DIGEST_LENGTH] = {
 	0xdd,0xaf,0x35,0xa1,0x93,0x61,0x7a,0xba,
 	0xcc,0x41,0x73,0x49,0xae,0x20,0x41,0x31,
@@ -65,7 +73,7 @@ unsigned char app_d3[SHA384_DIGEST_LENGTH] = {
 	0x07,0xb8,0xb3,0xdc,0x38,0xec,0xc4,0xeb,
 	0xae,0x97,0xdd,0xd8,0x7f,0x3d,0x89,0x85 };
 
-int main ()
+int main (int argc,char **argv)
 { unsigned char md[SHA512_DIGEST_LENGTH];
   int		i;
   EVP_MD_CTX	evp;
@@ -173,3 +181,4 @@ int main ()
 
   return 0;
 }
+#endif
diff --git a/crypto/sha/sha_dgst.c b/crypto/sha/sha_dgst.c
index 5a4b3ab204..70eb56032c 100644
--- a/crypto/sha/sha_dgst.c
+++ b/crypto/sha/sha_dgst.c
@@ -56,6 +56,7 @@
  * [including the GNU Public Licence.]
  */
 
+#include <openssl/opensslconf.h>
 #if !defined(OPENSSL_NO_SHA0) && !defined(OPENSSL_NO_SHA)
 
 #undef  SHA_1
@@ -63,7 +64,7 @@
 
 #include <openssl/opensslv.h>
 
-const char *SHA_version="SHA" OPENSSL_VERSION_PTEXT;
+const char SHA_version[]="SHA" OPENSSL_VERSION_PTEXT;
 
 /* The implementation is in ../md32_common.h */
 
diff --git a/crypto/sha/sha_locl.h b/crypto/sha/sha_locl.h
index d1f64c5fd0..672c26eee1 100644
--- a/crypto/sha/sha_locl.h
+++ b/crypto/sha/sha_locl.h
@@ -62,17 +62,11 @@
 #include <openssl/opensslconf.h>
 #include <openssl/sha.h>
 
-#ifndef SHA_LONG_LOG2
-#define SHA_LONG_LOG2	2	/* default to 32 bits */
-#endif
-
 #define DATA_ORDER_IS_BIG_ENDIAN
 
 #define HASH_LONG               SHA_LONG
-#define HASH_LONG_LOG2          SHA_LONG_LOG2
 #define HASH_CTX                SHA_CTX
 #define HASH_CBLOCK             SHA_CBLOCK
-#define HASH_LBLOCK             SHA_LBLOCK
 #define HASH_MAKE_STRING(c,s)   do {	\
 	unsigned long ll;		\
 	ll=(c)->h0; HOST_l2c(ll,(s));	\
@@ -88,12 +82,10 @@
 # define HASH_TRANSFORM          	SHA_Transform
 # define HASH_FINAL              	SHA_Final
 # define HASH_INIT			SHA_Init
-# define HASH_BLOCK_HOST_ORDER   	sha_block_host_order
 # define HASH_BLOCK_DATA_ORDER   	sha_block_data_order
 # define Xupdate(a,ix,ia,ib,ic,id)	(ix=(a)=(ia^ib^ic^id))
 
-  void sha_block_host_order (SHA_CTX *c, const void *p,size_t num);
-  void sha_block_data_order (SHA_CTX *c, const void *p,size_t num);
+static void sha_block_data_order (SHA_CTX *c, const void *p,size_t num);
 
 #elif defined(SHA_1)
 
@@ -101,7 +93,6 @@
 # define HASH_TRANSFORM          	SHA1_Transform
 # define HASH_FINAL              	SHA1_Final
 # define HASH_INIT			SHA1_Init
-# define HASH_BLOCK_HOST_ORDER   	sha1_block_host_order
 # define HASH_BLOCK_DATA_ORDER   	sha1_block_data_order
 # if defined(__MWERKS__) && defined(__MC68K__)
    /* Metrowerks for Motorola fails otherwise:-( <appro@fy.chalmers.se> */
@@ -114,22 +105,10 @@
 					)
 # endif
 
-# ifdef SHA1_ASM
-#  if defined(__i386) || defined(__i386__) || defined(_M_IX86) || defined(__INTEL__)
-#   define sha1_block_host_order		sha1_block_asm_host_order
-#   define DONT_IMPLEMENT_BLOCK_HOST_ORDER
-#   define sha1_block_data_order		sha1_block_asm_data_order
-#   define DONT_IMPLEMENT_BLOCK_DATA_ORDER
-#   define HASH_BLOCK_DATA_ORDER_ALIGNED	sha1_block_asm_data_order
-#  elif defined(__ia64) || defined(__ia64__) || defined(_M_IA64)
-#   define sha1_block_host_order		sha1_block_asm_host_order
-#   define DONT_IMPLEMENT_BLOCK_HOST_ORDER
-#   define sha1_block_data_order		sha1_block_asm_data_order
-#   define DONT_IMPLEMENT_BLOCK_DATA_ORDER
-#  endif
-# endif
-  void sha1_block_host_order (SHA_CTX *c, const void *p,size_t num);
-  void sha1_block_data_order (SHA_CTX *c, const void *p,size_t num);
+#ifndef SHA1_ASM
+static
+#endif
+void sha1_block_data_order (SHA_CTX *c, const void *p,size_t num);
 
 #else
 # error "Either SHA_0 or SHA_1 must be defined."
@@ -145,14 +124,12 @@
 
 int HASH_INIT (SHA_CTX *c)
 	{
+	memset (c,0,sizeof(*c));
 	c->h0=INIT_DATA_h0;
 	c->h1=INIT_DATA_h1;
 	c->h2=INIT_DATA_h2;
 	c->h3=INIT_DATA_h3;
 	c->h4=INIT_DATA_h4;
-	c->Nl=0;
-	c->Nh=0;
-	c->num=0;
 	return 1;
 	}
 
@@ -227,133 +204,8 @@ int HASH_INIT (SHA_CTX *c)
 # define X(i)	XX[i]
 #endif
 
-#ifndef DONT_IMPLEMENT_BLOCK_HOST_ORDER
-void HASH_BLOCK_HOST_ORDER (SHA_CTX *c, const void *d, size_t num)
-	{
-	const SHA_LONG *W=d;
-	register unsigned MD32_REG_T A,B,C,D,E,T;
-#ifndef MD32_XARRAY
-	unsigned MD32_REG_T	XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7,
-				XX8, XX9,XX10,XX11,XX12,XX13,XX14,XX15;
-#else
-	SHA_LONG	XX[16];
-#endif
-
-	A=c->h0;
-	B=c->h1;
-	C=c->h2;
-	D=c->h3;
-	E=c->h4;
-
-	for (;;)
-		{
-	BODY_00_15( 0,A,B,C,D,E,T,W[ 0]);
-	BODY_00_15( 1,T,A,B,C,D,E,W[ 1]);
-	BODY_00_15( 2,E,T,A,B,C,D,W[ 2]);
-	BODY_00_15( 3,D,E,T,A,B,C,W[ 3]);
-	BODY_00_15( 4,C,D,E,T,A,B,W[ 4]);
-	BODY_00_15( 5,B,C,D,E,T,A,W[ 5]);
-	BODY_00_15( 6,A,B,C,D,E,T,W[ 6]);
-	BODY_00_15( 7,T,A,B,C,D,E,W[ 7]);
-	BODY_00_15( 8,E,T,A,B,C,D,W[ 8]);
-	BODY_00_15( 9,D,E,T,A,B,C,W[ 9]);
-	BODY_00_15(10,C,D,E,T,A,B,W[10]);
-	BODY_00_15(11,B,C,D,E,T,A,W[11]);
-	BODY_00_15(12,A,B,C,D,E,T,W[12]);
-	BODY_00_15(13,T,A,B,C,D,E,W[13]);
-	BODY_00_15(14,E,T,A,B,C,D,W[14]);
-	BODY_00_15(15,D,E,T,A,B,C,W[15]);
-
-	BODY_16_19(16,C,D,E,T,A,B,X( 0),W[ 0],W[ 2],W[ 8],W[13]);
-	BODY_16_19(17,B,C,D,E,T,A,X( 1),W[ 1],W[ 3],W[ 9],W[14]);
-	BODY_16_19(18,A,B,C,D,E,T,X( 2),W[ 2],W[ 4],W[10],W[15]);
-	BODY_16_19(19,T,A,B,C,D,E,X( 3),W[ 3],W[ 5],W[11],X( 0));
-
-	BODY_20_31(20,E,T,A,B,C,D,X( 4),W[ 4],W[ 6],W[12],X( 1));
-	BODY_20_31(21,D,E,T,A,B,C,X( 5),W[ 5],W[ 7],W[13],X( 2));
-	BODY_20_31(22,C,D,E,T,A,B,X( 6),W[ 6],W[ 8],W[14],X( 3));
-	BODY_20_31(23,B,C,D,E,T,A,X( 7),W[ 7],W[ 9],W[15],X( 4));
-	BODY_20_31(24,A,B,C,D,E,T,X( 8),W[ 8],W[10],X( 0),X( 5));
-	BODY_20_31(25,T,A,B,C,D,E,X( 9),W[ 9],W[11],X( 1),X( 6));
-	BODY_20_31(26,E,T,A,B,C,D,X(10),W[10],W[12],X( 2),X( 7));
-	BODY_20_31(27,D,E,T,A,B,C,X(11),W[11],W[13],X( 3),X( 8));
-	BODY_20_31(28,C,D,E,T,A,B,X(12),W[12],W[14],X( 4),X( 9));
-	BODY_20_31(29,B,C,D,E,T,A,X(13),W[13],W[15],X( 5),X(10));
-	BODY_20_31(30,A,B,C,D,E,T,X(14),W[14],X( 0),X( 6),X(11));
-	BODY_20_31(31,T,A,B,C,D,E,X(15),W[15],X( 1),X( 7),X(12));
-
-	BODY_32_39(32,E,T,A,B,C,D,X( 0),X( 2),X( 8),X(13));
-	BODY_32_39(33,D,E,T,A,B,C,X( 1),X( 3),X( 9),X(14));
-	BODY_32_39(34,C,D,E,T,A,B,X( 2),X( 4),X(10),X(15));
-	BODY_32_39(35,B,C,D,E,T,A,X( 3),X( 5),X(11),X( 0));
-	BODY_32_39(36,A,B,C,D,E,T,X( 4),X( 6),X(12),X( 1));
-	BODY_32_39(37,T,A,B,C,D,E,X( 5),X( 7),X(13),X( 2));
-	BODY_32_39(38,E,T,A,B,C,D,X( 6),X( 8),X(14),X( 3));
-	BODY_32_39(39,D,E,T,A,B,C,X( 7),X( 9),X(15),X( 4));
-
-	BODY_40_59(40,C,D,E,T,A,B,X( 8),X(10),X( 0),X( 5));
-	BODY_40_59(41,B,C,D,E,T,A,X( 9),X(11),X( 1),X( 6));
-	BODY_40_59(42,A,B,C,D,E,T,X(10),X(12),X( 2),X( 7));
-	BODY_40_59(43,T,A,B,C,D,E,X(11),X(13),X( 3),X( 8));
-	BODY_40_59(44,E,T,A,B,C,D,X(12),X(14),X( 4),X( 9));
-	BODY_40_59(45,D,E,T,A,B,C,X(13),X(15),X( 5),X(10));
-	BODY_40_59(46,C,D,E,T,A,B,X(14),X( 0),X( 6),X(11));
-	BODY_40_59(47,B,C,D,E,T,A,X(15),X( 1),X( 7),X(12));
-	BODY_40_59(48,A,B,C,D,E,T,X( 0),X( 2),X( 8),X(13));
-	BODY_40_59(49,T,A,B,C,D,E,X( 1),X( 3),X( 9),X(14));
-	BODY_40_59(50,E,T,A,B,C,D,X( 2),X( 4),X(10),X(15));
-	BODY_40_59(51,D,E,T,A,B,C,X( 3),X( 5),X(11),X( 0));
-	BODY_40_59(52,C,D,E,T,A,B,X( 4),X( 6),X(12),X( 1));
-	BODY_40_59(53,B,C,D,E,T,A,X( 5),X( 7),X(13),X( 2));
-	BODY_40_59(54,A,B,C,D,E,T,X( 6),X( 8),X(14),X( 3));
-	BODY_40_59(55,T,A,B,C,D,E,X( 7),X( 9),X(15),X( 4));
-	BODY_40_59(56,E,T,A,B,C,D,X( 8),X(10),X( 0),X( 5));
-	BODY_40_59(57,D,E,T,A,B,C,X( 9),X(11),X( 1),X( 6));
-	BODY_40_59(58,C,D,E,T,A,B,X(10),X(12),X( 2),X( 7));
-	BODY_40_59(59,B,C,D,E,T,A,X(11),X(13),X( 3),X( 8));
-
-	BODY_60_79(60,A,B,C,D,E,T,X(12),X(14),X( 4),X( 9));
-	BODY_60_79(61,T,A,B,C,D,E,X(13),X(15),X( 5),X(10));
-	BODY_60_79(62,E,T,A,B,C,D,X(14),X( 0),X( 6),X(11));
-	BODY_60_79(63,D,E,T,A,B,C,X(15),X( 1),X( 7),X(12));
-	BODY_60_79(64,C,D,E,T,A,B,X( 0),X( 2),X( 8),X(13));
-	BODY_60_79(65,B,C,D,E,T,A,X( 1),X( 3),X( 9),X(14));
-	BODY_60_79(66,A,B,C,D,E,T,X( 2),X( 4),X(10),X(15));
-	BODY_60_79(67,T,A,B,C,D,E,X( 3),X( 5),X(11),X( 0));
-	BODY_60_79(68,E,T,A,B,C,D,X( 4),X( 6),X(12),X( 1));
-	BODY_60_79(69,D,E,T,A,B,C,X( 5),X( 7),X(13),X( 2));
-	BODY_60_79(70,C,D,E,T,A,B,X( 6),X( 8),X(14),X( 3));
-	BODY_60_79(71,B,C,D,E,T,A,X( 7),X( 9),X(15),X( 4));
-	BODY_60_79(72,A,B,C,D,E,T,X( 8),X(10),X( 0),X( 5));
-	BODY_60_79(73,T,A,B,C,D,E,X( 9),X(11),X( 1),X( 6));
-	BODY_60_79(74,E,T,A,B,C,D,X(10),X(12),X( 2),X( 7));
-	BODY_60_79(75,D,E,T,A,B,C,X(11),X(13),X( 3),X( 8));
-	BODY_60_79(76,C,D,E,T,A,B,X(12),X(14),X( 4),X( 9));
-	BODY_60_79(77,B,C,D,E,T,A,X(13),X(15),X( 5),X(10));
-	BODY_60_79(78,A,B,C,D,E,T,X(14),X( 0),X( 6),X(11));
-	BODY_60_79(79,T,A,B,C,D,E,X(15),X( 1),X( 7),X(12));
-	
-	c->h0=(c->h0+E)&0xffffffffL; 
-	c->h1=(c->h1+T)&0xffffffffL;
-	c->h2=(c->h2+A)&0xffffffffL;
-	c->h3=(c->h3+B)&0xffffffffL;
-	c->h4=(c->h4+C)&0xffffffffL;
-
-	if (--num == 0) break;
-
-	A=c->h0;
-	B=c->h1;
-	C=c->h2;
-	D=c->h3;
-	E=c->h4;
-
-	W+=SHA_LBLOCK;
-		}
-	}
-#endif
-
-#ifndef DONT_IMPLEMENT_BLOCK_DATA_ORDER
-void HASH_BLOCK_DATA_ORDER (SHA_CTX *c, const void *p, size_t num)
+#if !defined(SHA_1) || !defined(SHA1_ASM)
+static void HASH_BLOCK_DATA_ORDER (SHA_CTX *c, const void *p, size_t num)
 	{
 	const unsigned char *data=p;
 	register unsigned MD32_REG_T A,B,C,D,E,T,l;
@@ -371,25 +223,53 @@ void HASH_BLOCK_DATA_ORDER (SHA_CTX *c, const void *p, size_t num)
 	E=c->h4;
 
 	for (;;)
-		{
+			{
+	const union { long one; char little; } is_endian = {1};
 
-	HOST_c2l(data,l); X( 0)=l;		HOST_c2l(data,l); X( 1)=l;
-	BODY_00_15( 0,A,B,C,D,E,T,X( 0));	HOST_c2l(data,l); X( 2)=l;
-	BODY_00_15( 1,T,A,B,C,D,E,X( 1));	HOST_c2l(data,l); X( 3)=l;
-	BODY_00_15( 2,E,T,A,B,C,D,X( 2));	HOST_c2l(data,l); X( 4)=l;
-	BODY_00_15( 3,D,E,T,A,B,C,X( 3));	HOST_c2l(data,l); X( 5)=l;
-	BODY_00_15( 4,C,D,E,T,A,B,X( 4));	HOST_c2l(data,l); X( 6)=l;
-	BODY_00_15( 5,B,C,D,E,T,A,X( 5));	HOST_c2l(data,l); X( 7)=l;
-	BODY_00_15( 6,A,B,C,D,E,T,X( 6));	HOST_c2l(data,l); X( 8)=l;
-	BODY_00_15( 7,T,A,B,C,D,E,X( 7));	HOST_c2l(data,l); X( 9)=l;
-	BODY_00_15( 8,E,T,A,B,C,D,X( 8));	HOST_c2l(data,l); X(10)=l;
-	BODY_00_15( 9,D,E,T,A,B,C,X( 9));	HOST_c2l(data,l); X(11)=l;
-	BODY_00_15(10,C,D,E,T,A,B,X(10));	HOST_c2l(data,l); X(12)=l;
-	BODY_00_15(11,B,C,D,E,T,A,X(11));	HOST_c2l(data,l); X(13)=l;
-	BODY_00_15(12,A,B,C,D,E,T,X(12));	HOST_c2l(data,l); X(14)=l;
-	BODY_00_15(13,T,A,B,C,D,E,X(13));	HOST_c2l(data,l); X(15)=l;
-	BODY_00_15(14,E,T,A,B,C,D,X(14));
-	BODY_00_15(15,D,E,T,A,B,C,X(15));
+	if (!is_endian.little && sizeof(SHA_LONG)==4 && ((size_t)p%4)==0)
+		{
+		const SHA_LONG *W=(const SHA_LONG *)data;
+
+		X( 0) = W[0];				X( 1) = W[ 1];
+		BODY_00_15( 0,A,B,C,D,E,T,X( 0));	X( 2) = W[ 2];
+		BODY_00_15( 1,T,A,B,C,D,E,X( 1));	X( 3) = W[ 3];
+		BODY_00_15( 2,E,T,A,B,C,D,X( 2));	X( 4) = W[ 4];
+		BODY_00_15( 3,D,E,T,A,B,C,X( 3));	X( 5) = W[ 5];
+		BODY_00_15( 4,C,D,E,T,A,B,X( 4));	X( 6) = W[ 6];
+		BODY_00_15( 5,B,C,D,E,T,A,X( 5));	X( 7) = W[ 7];
+		BODY_00_15( 6,A,B,C,D,E,T,X( 6));	X( 8) = W[ 8];
+		BODY_00_15( 7,T,A,B,C,D,E,X( 7));	X( 9) = W[ 9];
+		BODY_00_15( 8,E,T,A,B,C,D,X( 8));	X(10) = W[10];
+		BODY_00_15( 9,D,E,T,A,B,C,X( 9));	X(11) = W[11];
+		BODY_00_15(10,C,D,E,T,A,B,X(10));	X(12) = W[12];
+		BODY_00_15(11,B,C,D,E,T,A,X(11));	X(13) = W[13];
+		BODY_00_15(12,A,B,C,D,E,T,X(12));	X(14) = W[14];
+		BODY_00_15(13,T,A,B,C,D,E,X(13));	X(15) = W[15];
+		BODY_00_15(14,E,T,A,B,C,D,X(14));
+		BODY_00_15(15,D,E,T,A,B,C,X(15));
+
+		data += SHA_CBLOCK;
+		}
+	else
+		{
+		HOST_c2l(data,l); X( 0)=l;		HOST_c2l(data,l); X( 1)=l;
+		BODY_00_15( 0,A,B,C,D,E,T,X( 0));	HOST_c2l(data,l); X( 2)=l;
+		BODY_00_15( 1,T,A,B,C,D,E,X( 1));	HOST_c2l(data,l); X( 3)=l;
+		BODY_00_15( 2,E,T,A,B,C,D,X( 2));	HOST_c2l(data,l); X( 4)=l;
+		BODY_00_15( 3,D,E,T,A,B,C,X( 3));	HOST_c2l(data,l); X( 5)=l;
+		BODY_00_15( 4,C,D,E,T,A,B,X( 4));	HOST_c2l(data,l); X( 6)=l;
+		BODY_00_15( 5,B,C,D,E,T,A,X( 5));	HOST_c2l(data,l); X( 7)=l;
+		BODY_00_15( 6,A,B,C,D,E,T,X( 6));	HOST_c2l(data,l); X( 8)=l;
+		BODY_00_15( 7,T,A,B,C,D,E,X( 7));	HOST_c2l(data,l); X( 9)=l;
+		BODY_00_15( 8,E,T,A,B,C,D,X( 8));	HOST_c2l(data,l); X(10)=l;
+		BODY_00_15( 9,D,E,T,A,B,C,X( 9));	HOST_c2l(data,l); X(11)=l;
+		BODY_00_15(10,C,D,E,T,A,B,X(10));	HOST_c2l(data,l); X(12)=l;
+		BODY_00_15(11,B,C,D,E,T,A,X(11));	HOST_c2l(data,l); X(13)=l;
+		BODY_00_15(12,A,B,C,D,E,T,X(12));	HOST_c2l(data,l); X(14)=l;
+		BODY_00_15(13,T,A,B,C,D,E,X(13));	HOST_c2l(data,l); X(15)=l;
+		BODY_00_15(14,E,T,A,B,C,D,X(14));
+		BODY_00_15(15,D,E,T,A,B,C,X(15));
+		}
 
 	BODY_16_19(16,C,D,E,T,A,B,X( 0),X( 0),X( 2),X( 8),X(13));
 	BODY_16_19(17,B,C,D,E,T,A,X( 1),X( 1),X( 3),X( 9),X(14));
@@ -474,7 +354,7 @@ void HASH_BLOCK_DATA_ORDER (SHA_CTX *c, const void *p, size_t num)
 	D=c->h3;
 	E=c->h4;
 
-		}
+			}
 	}
 #endif
 
@@ -509,54 +389,8 @@ void HASH_BLOCK_DATA_ORDER (SHA_CTX *c, const void *p, size_t num)
 	E=D, D=C, C=ROTATE(B,30), B=A;	\
 	A=ROTATE(A,5)+T+xa;	    } while(0)
 
-#ifndef DONT_IMPLEMENT_BLOCK_HOST_ORDER
-void HASH_BLOCK_HOST_ORDER (SHA_CTX *c, const void *d, size_t num)
-	{
-	const SHA_LONG *W=d;
-	register unsigned MD32_REG_T A,B,C,D,E,T;
-	int i;
-	SHA_LONG	X[16];
-
-	A=c->h0;
-	B=c->h1;
-	C=c->h2;
-	D=c->h3;
-	E=c->h4;
-
-	for (;;)
-		{
-	for (i=0;i<16;i++)
-	{ X[i]=W[i]; BODY_00_15(X[i]); }
-	for (i=0;i<4;i++)
-	{ BODY_16_19(X[i],       X[i+2],      X[i+8],     X[(i+13)&15]); }
-	for (;i<24;i++)
-	{ BODY_20_39(X[i&15],    X[(i+2)&15], X[(i+8)&15],X[(i+13)&15]); }
-	for (i=0;i<20;i++)
-	{ BODY_40_59(X[(i+8)&15],X[(i+10)&15],X[i&15],    X[(i+5)&15]);  }
-	for (i=4;i<24;i++)
-	{ BODY_60_79(X[(i+8)&15],X[(i+10)&15],X[i&15],    X[(i+5)&15]);  }
-	
-	c->h0=(c->h0+A)&0xffffffffL; 
-	c->h1=(c->h1+B)&0xffffffffL;
-	c->h2=(c->h2+C)&0xffffffffL;
-	c->h3=(c->h3+D)&0xffffffffL;
-	c->h4=(c->h4+E)&0xffffffffL;
-
-	if (--num == 0) break;
-
-	A=c->h0;
-	B=c->h1;
-	C=c->h2;
-	D=c->h3;
-	E=c->h4;
-
-	W+=SHA_LBLOCK;
-		}
-	}
-#endif
-
-#ifndef DONT_IMPLEMENT_BLOCK_DATA_ORDER
-void HASH_BLOCK_DATA_ORDER (SHA_CTX *c, const void *p, size_t num)
+#if !defined(SHA_1) || !defined(SHA1_ASM)
+static void HASH_BLOCK_DATA_ORDER (SHA_CTX *c, const void *p, size_t num)
 	{
 	const unsigned char *data=p;
 	register unsigned MD32_REG_T A,B,C,D,E,T,l;
diff --git a/crypto/sha/sha_one.c b/crypto/sha/sha_one.c
index 371ffddac6..3bae623ce8 100644
--- a/crypto/sha/sha_one.c
+++ b/crypto/sha/sha_one.c
@@ -68,7 +68,8 @@ unsigned char *SHA(const unsigned char *d, size_t n, unsigned char *md)
 	static unsigned char m[SHA_DIGEST_LENGTH];
 
 	if (md == NULL) md=m;
-	SHA_Init(&c);
+	if (!SHA_Init(&c))
+		return NULL;
 	SHA_Update(&c,d,n);
 	SHA_Final(md,&c);
 	OPENSSL_cleanse(&c,sizeof(c));
diff --git a/crypto/sha/shatest.c b/crypto/sha/shatest.c
index d007cf13ed..27614646d1 100644
--- a/crypto/sha/shatest.c
+++ b/crypto/sha/shatest.c
@@ -62,10 +62,10 @@
 
 #include "../e_os.h"
 
-#ifdef OPENSSL_NO_SHA
+#if defined(OPENSSL_NO_SHA) || defined(OPENSSL_NO_SHA0)
 int main(int argc, char *argv[])
 {
-    printf("No SHA support\n");
+    printf("No SHA0 support\n");
     return(0);
 }
 #else
@@ -106,7 +106,7 @@ static char *pt(unsigned char *md);
 int main(int argc, char *argv[])
 	{
 	int i,err=0;
-	unsigned char **P,**R;
+	char **P,**R;
 	static unsigned char buf[1000];
 	char *p,*r;
 	EVP_MD_CTX c;
@@ -118,14 +118,14 @@ int main(int argc, char *argv[])
 #endif
 
 	EVP_MD_CTX_init(&c);
-	P=(unsigned char **)test;
-	R=(unsigned char **)ret;
+	P=test;
+	R=ret;
 	i=1;
 	while (*P != NULL)
 		{
-		EVP_Digest(*P,strlen((char *)*P),md,NULL,EVP_sha(), NULL);
+		EVP_Digest(*P,strlen(*P),md,NULL,EVP_sha(), NULL);
 		p=pt(md);
-		if (strcmp(p,(char *)*R) != 0)
+		if (strcmp(p,*R) != 0)
 			{
 			printf("error calculating SHA on '%s'\n",*P);
 			printf("got %s instead of %s\n",p,*R);
diff --git a/crypto/sparccpuid.S b/crypto/sparccpuid.S
new file mode 100644
index 0000000000..bcf46f209d
--- /dev/null
+++ b/crypto/sparccpuid.S
@@ -0,0 +1,320 @@
+#if defined(__SUNPRO_C) && defined(__sparcv9)
+# define ABI64  /* They've said -xarch=v9 at command line */
+#elif defined(__GNUC__) && defined(__arch64__)
+# define ABI64  /* They've said -m64 at command line */
+#endif
+
+#ifdef ABI64
+  .register	%g2,#scratch
+  .register	%g3,#scratch
+# define	FRAME	-192
+# define	BIAS	2047
+#else
+# define	FRAME	-96
+# define	BIAS	0
+#endif
+
+.text
+.align	32
+.global	OPENSSL_wipe_cpu
+.type	OPENSSL_wipe_cpu,#function
+! Keep in mind that this does not excuse us from wiping the stack!
+! This routine wipes registers, but not the backing store [which
+! resides on the stack, toward lower addresses]. To facilitate for
+! stack wiping I return pointer to the top of stack of the *caller*.
+OPENSSL_wipe_cpu:
+	save	%sp,FRAME,%sp
+	nop
+#ifdef __sun
+#include <sys/trap.h>
+	ta	ST_CLEAN_WINDOWS
+#else
+	call	.walk.reg.wins
+#endif
+	nop
+	call	.PIC.zero.up
+	mov	.zero-(.-4),%o0
+	ld	[%o0],%f0
+	ld	[%o0],%f1
+
+	subcc	%g0,1,%o0
+	! Following is V9 "rd %ccr,%o0" instruction. However! V8
+	! specification says that it ("rd %asr2,%o0" in V8 terms) does
+	! not cause illegal_instruction trap. It therefore can be used
+	! to determine if the CPU the code is executing on is V8- or
+	! V9-compliant, as V9 returns a distinct value of 0x99,
+	! "negative" and "borrow" bits set in both %icc and %xcc.
+	.word	0x91408000	!rd	%ccr,%o0
+	cmp	%o0,0x99
+	bne	.v8
+	nop
+			! Even though we do not use %fp register bank,
+			! we wipe it as memcpy might have used it...
+			.word	0xbfa00040	!fmovd	%f0,%f62
+			.word	0xbba00040	!...
+			.word	0xb7a00040
+			.word	0xb3a00040
+			.word	0xafa00040
+			.word	0xaba00040
+			.word	0xa7a00040
+			.word	0xa3a00040
+			.word	0x9fa00040
+			.word	0x9ba00040
+			.word	0x97a00040
+			.word	0x93a00040
+			.word	0x8fa00040
+			.word	0x8ba00040
+			.word	0x87a00040
+			.word	0x83a00040	!fmovd	%f0,%f32
+.v8:			fmovs	%f1,%f31
+	clr	%o0
+			fmovs	%f0,%f30
+	clr	%o1
+			fmovs	%f1,%f29
+	clr	%o2
+			fmovs	%f0,%f28
+	clr	%o3
+			fmovs	%f1,%f27
+	clr	%o4
+			fmovs	%f0,%f26
+	clr	%o5
+			fmovs	%f1,%f25
+	clr	%o7
+			fmovs	%f0,%f24
+	clr	%l0
+			fmovs	%f1,%f23
+	clr	%l1
+			fmovs	%f0,%f22
+	clr	%l2
+			fmovs	%f1,%f21
+	clr	%l3
+			fmovs	%f0,%f20
+	clr	%l4
+			fmovs	%f1,%f19
+	clr	%l5
+			fmovs	%f0,%f18
+	clr	%l6
+			fmovs	%f1,%f17
+	clr	%l7
+			fmovs	%f0,%f16
+	clr	%i0
+			fmovs	%f1,%f15
+	clr	%i1
+			fmovs	%f0,%f14
+	clr	%i2
+			fmovs	%f1,%f13
+	clr	%i3
+			fmovs	%f0,%f12
+	clr	%i4
+			fmovs	%f1,%f11
+	clr	%i5
+			fmovs	%f0,%f10
+	clr	%g1
+			fmovs	%f1,%f9
+	clr	%g2
+			fmovs	%f0,%f8
+	clr	%g3
+			fmovs	%f1,%f7
+	clr	%g4
+			fmovs	%f0,%f6
+	clr	%g5
+			fmovs	%f1,%f5
+			fmovs	%f0,%f4
+			fmovs	%f1,%f3
+			fmovs	%f0,%f2
+
+	add	%fp,BIAS,%i0	! return pointer to caller´s top of stack
+
+	ret
+	restore
+
+.zero:	.long	0x0,0x0
+.PIC.zero.up:
+	retl
+	add	%o0,%o7,%o0
+#ifdef DEBUG
+.global	walk_reg_wins
+.type	walk_reg_wins,#function
+walk_reg_wins:
+#endif
+.walk.reg.wins:
+	save	%sp,FRAME,%sp
+	cmp	%i7,%o7
+	be	2f
+	clr	%o0
+	cmp	%o7,0	! compiler never cleans %o7...
+	be	1f	! could have been a leaf function...
+	clr	%o1
+	call	.walk.reg.wins
+	nop
+1:	clr	%o2
+	clr	%o3
+	clr	%o4
+	clr	%o5
+	clr	%o7
+	clr	%l0
+	clr	%l1
+	clr	%l2
+	clr	%l3
+	clr	%l4
+	clr	%l5
+	clr	%l6
+	clr	%l7
+	add	%o0,1,%i0	! used for debugging
+2:	ret
+	restore
+.size	OPENSSL_wipe_cpu,.-OPENSSL_wipe_cpu
+
+.global	OPENSSL_atomic_add
+.type	OPENSSL_atomic_add,#function
+.align	32
+OPENSSL_atomic_add:
+#ifndef ABI64
+	subcc	%g0,1,%o2
+	.word	0x95408000	!rd	%ccr,%o2, see comment above
+	cmp	%o2,0x99
+	be	.v9
+	nop
+	save	%sp,FRAME,%sp
+	ba	.enter
+	nop
+#ifdef __sun
+! Note that you don't have to link with libthread to call thr_yield,
+! as libc provides a stub, which is overloaded the moment you link
+! with *either* libpthread or libthread...
+#define	YIELD_CPU	thr_yield
+#else
+! applies at least to Linux and FreeBSD... Feedback expected...
+#define	YIELD_CPU	sched_yield
+#endif
+.spin:	call	YIELD_CPU
+	nop
+.enter:	ld	[%i0],%i2
+	cmp	%i2,-4096
+	be	.spin
+	mov	-1,%i2
+	swap	[%i0],%i2
+	cmp	%i2,-1
+	be	.spin
+	add	%i2,%i1,%i2
+	stbar
+	st	%i2,[%i0]
+	sra	%i2,%g0,%i0
+	ret
+	restore
+.v9:
+#endif
+	ld	[%o0],%o2
+1:	add	%o1,%o2,%o3
+	.word	0xd7e2100a	!cas [%o0],%o2,%o3, compare [%o0] with %o2 and swap %o3
+	cmp	%o2,%o3
+	bne	1b
+	mov	%o3,%o2		! cas is always fetching to dest. register
+	add	%o1,%o2,%o0	! OpenSSL expects the new value
+	retl
+	sra	%o0,%g0,%o0	! we return signed int, remember?
+.size	OPENSSL_atomic_add,.-OPENSSL_atomic_add
+
+.global	_sparcv9_rdtick
+.align	32
+_sparcv9_rdtick:
+	subcc	%g0,1,%o0
+	.word	0x91408000	!rd	%ccr,%o0
+	cmp	%o0,0x99
+	bne	.notick
+	xor	%o0,%o0,%o0
+	.word	0x91410000	!rd	%tick,%o0
+	retl
+	.word	0x93323020	!srlx	%o2,32,%o1
+.notick:
+	retl
+	xor	%o1,%o1,%o1
+.type	_sparcv9_rdtick,#function
+.size	_sparcv9_rdtick,.-_sparcv9_rdtick
+
+.global	OPENSSL_cleanse
+.align	32
+OPENSSL_cleanse:
+	cmp	%o1,14
+	nop
+#ifdef ABI64
+	bgu	%xcc,.Lot
+#else
+	bgu	.Lot
+#endif
+	cmp	%o1,0
+	bne	.Little
+	nop
+	retl
+	nop
+
+.Little:
+	stb	%g0,[%o0]
+	subcc	%o1,1,%o1
+	bnz	.Little
+	add	%o0,1,%o0
+	retl
+	nop
+.align	32
+.Lot:
+#ifndef ABI64
+	subcc	%g0,1,%g1
+	! see above for explanation
+	.word	0x83408000	!rd	%ccr,%g1
+	cmp	%g1,0x99
+	bne	.v8lot
+	nop
+#endif
+
+.v9lot:	andcc	%o0,7,%g0
+	bz	.v9aligned
+	nop
+	stb	%g0,[%o0]
+	sub	%o1,1,%o1
+	ba	.v9lot
+	add	%o0,1,%o0
+.align	16,0x01000000
+.v9aligned:
+	.word	0xc0720000	!stx	%g0,[%o0]
+	sub	%o1,8,%o1
+	andcc	%o1,-8,%g0
+#ifdef ABI64
+	.word	0x126ffffd	!bnz	%xcc,.v9aligned
+#else
+	.word	0x124ffffd	!bnz	%icc,.v9aligned
+#endif
+	add	%o0,8,%o0
+
+	cmp	%o1,0
+	bne	.Little
+	nop
+	retl
+	nop
+#ifndef ABI64
+.v8lot:	andcc	%o0,3,%g0
+	bz	.v8aligned
+	nop
+	stb	%g0,[%o0]
+	sub	%o1,1,%o1
+	ba	.v8lot
+	add	%o0,1,%o0
+	nop
+.v8aligned:
+	st	%g0,[%o0]
+	sub	%o1,4,%o1
+	andcc	%o1,-4,%g0
+	bnz	.v8aligned
+	add	%o0,4,%o0
+
+	cmp	%o1,0
+	bne	.Little
+	nop
+	retl
+	nop
+#endif
+.type	OPENSSL_cleanse,#function
+.size	OPENSSL_cleanse,.-OPENSSL_cleanse
+
+.section	".init",#alloc,#execinstr
+	call	OPENSSL_cpuid_setup
+	nop
diff --git a/crypto/sparcv9cap.c b/crypto/sparcv9cap.c
new file mode 100644
index 0000000000..5f31d20bd0
--- /dev/null
+++ b/crypto/sparcv9cap.c
@@ -0,0 +1,154 @@
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/time.h>
+#include <openssl/bn.h>
+
+#define SPARCV9_TICK_PRIVILEGED	(1<<0)
+#define SPARCV9_PREFER_FPU	(1<<1)
+#define SPARCV9_VIS1		(1<<2)
+#define SPARCV9_VIS2		(1<<3)	/* reserved */
+#define SPARCV9_FMADD		(1<<4)	/* reserved for SPARC64 V */
+static int OPENSSL_sparcv9cap_P=SPARCV9_TICK_PRIVILEGED;
+
+int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, const BN_ULONG *np,const BN_ULONG *n0, int num)
+	{
+	int bn_mul_mont_fpu(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, const BN_ULONG *np,const BN_ULONG *n0, int num);
+	int bn_mul_mont_int(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, const BN_ULONG *np,const BN_ULONG *n0, int num);
+
+	if ((OPENSSL_sparcv9cap_P&(SPARCV9_PREFER_FPU|SPARCV9_VIS1)) ==
+		(SPARCV9_PREFER_FPU|SPARCV9_VIS1))
+		return bn_mul_mont_fpu(rp,ap,bp,np,n0,num);
+	else
+		return bn_mul_mont_int(rp,ap,bp,np,n0,num);
+	}
+
+unsigned long OPENSSL_rdtsc(void)
+	{
+	unsigned long _sparcv9_rdtick(void);
+
+	if (OPENSSL_sparcv9cap_P&SPARCV9_TICK_PRIVILEGED)
+#if defined(__sun) && defined(__SVR4)
+		return gethrtime();
+#else
+		return 0;
+#endif
+	else
+		return _sparcv9_rdtick();
+	}
+
+#if defined(__sun) && defined(__SVR4)
+
+#include <dlfcn.h>
+#include <libdevinfo.h>
+#include <sys/systeminfo.h>
+
+typedef di_node_t (*di_init_t)(const char *,uint_t);
+typedef void      (*di_fini_t)(di_node_t);
+typedef char *    (*di_node_name_t)(di_node_t);
+typedef int       (*di_walk_node_t)(di_node_t,uint_t,di_node_name_t,int (*)(di_node_t,di_node_name_t));
+
+#define DLLINK(h,name) (name=(name##_t)dlsym((h),#name))
+
+static int walk_nodename(di_node_t node, di_node_name_t di_node_name)
+	{
+	char *name = (*di_node_name)(node);
+
+	/* This is expected to catch all UltraSPARC flavors prior T1 */
+	if (!strcmp (name,"SUNW,UltraSPARC") ||
+	    !strncmp(name,"SUNW,UltraSPARC-I",17))  /* covers II,III,IV */
+		{
+		OPENSSL_sparcv9cap_P |= SPARCV9_PREFER_FPU|SPARCV9_VIS1;
+
+		/* %tick is privileged only on UltraSPARC-I/II, but not IIe */
+		if (name[14]!='\0' && name[17]!='\0' && name[18]!='\0')
+			OPENSSL_sparcv9cap_P &= ~SPARCV9_TICK_PRIVILEGED;
+
+		return DI_WALK_TERMINATE;
+		}
+	/* This is expected to catch remaining UltraSPARCs, such as T1 */
+	else if (!strncmp(name,"SUNW,UltraSPARC",15))
+		{
+		OPENSSL_sparcv9cap_P &= ~SPARCV9_TICK_PRIVILEGED;
+
+		return DI_WALK_TERMINATE;
+		}
+
+	return DI_WALK_CONTINUE;
+	}
+
+void OPENSSL_cpuid_setup(void)
+	{
+	void *h;
+	char *e,si[256];
+	static int trigger=0;
+
+	if (trigger) return;
+	trigger=1;
+
+	if ((e=getenv("OPENSSL_sparcv9cap")))
+		{
+		OPENSSL_sparcv9cap_P=strtoul(e,NULL,0);
+		return;
+		}
+
+	if (sysinfo(SI_MACHINE,si,sizeof(si))>0)
+		{
+		if (strcmp(si,"sun4v"))
+			/* FPU is preferred for all CPUs, but US-T1/2 */
+			OPENSSL_sparcv9cap_P |= SPARCV9_PREFER_FPU;
+		}
+
+	if (sysinfo(SI_ISALIST,si,sizeof(si))>0)
+		{
+		if (strstr(si,"+vis"))
+			OPENSSL_sparcv9cap_P |= SPARCV9_VIS1;
+		if (strstr(si,"+vis2"))
+			{
+			OPENSSL_sparcv9cap_P |= SPARCV9_VIS2;
+			OPENSSL_sparcv9cap_P &= ~SPARCV9_TICK_PRIVILEGED;
+			return;
+			}
+		}
+
+	if ((h = dlopen("libdevinfo.so.1",RTLD_LAZY))) do
+		{
+		di_init_t	di_init;
+		di_fini_t	di_fini;
+		di_walk_node_t	di_walk_node;
+		di_node_name_t	di_node_name;
+		di_node_t	root_node;
+
+		if (!DLLINK(h,di_init))		break;
+		if (!DLLINK(h,di_fini))		break;
+		if (!DLLINK(h,di_walk_node))	break;
+		if (!DLLINK(h,di_node_name))	break;
+
+		if ((root_node = (*di_init)("/",DINFOSUBTREE))!=DI_NODE_NIL)
+			{
+			(*di_walk_node)(root_node,DI_WALK_SIBFIRST,
+					di_node_name,walk_nodename);
+			(*di_fini)(root_node);
+			}
+		} while(0);
+
+	if (h) dlclose(h);
+	}
+
+#else
+
+void OPENSSL_cpuid_setup(void)
+	{
+	char *e;
+ 
+	if ((e=getenv("OPENSSL_sparcv9cap")))
+		{
+		OPENSSL_sparcv9cap_P=strtoul(e,NULL,0);
+		return;
+		}
+
+	/* For now we assume that the rest supports UltraSPARC-I* only */
+	OPENSSL_sparcv9cap_P |= SPARCV9_PREFER_FPU|SPARCV9_VIS1;
+	}
+
+#endif
diff --git a/crypto/stack/.cvsignore b/crypto/stack/.cvsignore
index c6d03a9dbc..439e6d3eb6 100644
--- a/crypto/stack/.cvsignore
+++ b/crypto/stack/.cvsignore
@@ -1,2 +1,4 @@
 lib
 Makefile.save
+*.flc
+semantic.cache
diff --git a/crypto/stack/safestack.h b/crypto/stack/safestack.h
index 6d6739eae1..d8dacb7ea5 100644
--- a/crypto/stack/safestack.h
+++ b/crypto/stack/safestack.h
@@ -57,7 +57,28 @@
 
 #include <openssl/stack.h>
 
-#ifdef DEBUG_SAFESTACK
+#ifndef CHECKED_PTR_OF
+#define CHECKED_PTR_OF(type, p) \
+    ((void*) (1 ? p : (type*)0))
+#endif
+
+/* In C++ we get problems because an explicit cast is needed from (void *)
+ * we use CHECKED_STACK_OF to ensure the correct type is passed in the macros
+ * below. 
+ */
+
+#define CHECKED_STACK_OF(type, p) \
+    ((_STACK*) (1 ? p : (STACK_OF(type)*)0))
+
+#define CHECKED_SK_FREE_FUNC(type, p) \
+    ((void (*)(void *)) ((1 ? p : (void (*)(type *))0)))
+
+#define CHECKED_SK_FREE_FUNC2(type, p) \
+    ((void (*)(void *)) ((1 ? p : (void (*)(type))0)))
+
+#define CHECKED_SK_CMP_FUNC(type, p) \
+    ((int (*)(const void *, const void *)) \
+	((1 ? p : (int (*)(const type * const *, const type * const *))0)))
 
 #define STACK_OF(type) struct stack_st_##type
 #define PREDECLARE_STACK_OF(type) STACK_OF(type);
@@ -65,151 +86,125 @@
 #define DECLARE_STACK_OF(type) \
 STACK_OF(type) \
     { \
-    STACK stack; \
+    _STACK stack; \
+    };
+#define DECLARE_SPECIAL_STACK_OF(type, type2) \
+STACK_OF(type) \
+    { \
+    _STACK stack; \
     };
 
 #define IMPLEMENT_STACK_OF(type) /* nada (obsolete in new safestack approach)*/
 
-/* SKM_sk_... stack macros are internal to safestack.h:
- * never use them directly, use sk_<type>_... instead */
-#define SKM_sk_new(type, cmp) \
-	((STACK_OF(type) * (*)(int (*)(const type * const *, const type * const *)))sk_new)(cmp)
-#define SKM_sk_new_null(type) \
-	((STACK_OF(type) * (*)(void))sk_new_null)()
-#define SKM_sk_free(type, st) \
-	((void (*)(STACK_OF(type) *))sk_free)(st)
-#define SKM_sk_num(type, st) \
-	((int (*)(const STACK_OF(type) *))sk_num)(st)
-#define SKM_sk_value(type, st,i) \
-	((type * (*)(const STACK_OF(type) *, int))sk_value)(st, i)
-#define SKM_sk_set(type, st,i,val) \
-	((type * (*)(STACK_OF(type) *, int, type *))sk_set)(st, i, val)
-#define SKM_sk_zero(type, st) \
-	((void (*)(STACK_OF(type) *))sk_zero)(st)
-#define SKM_sk_push(type, st,val) \
-	((int (*)(STACK_OF(type) *, type *))sk_push)(st, val)
-#define SKM_sk_unshift(type, st,val) \
-	((int (*)(STACK_OF(type) *, type *))sk_unshift)(st, val)
-#define SKM_sk_find(type, st,val) \
-	((int (*)(STACK_OF(type) *, type *))sk_find)(st, val)
-#define SKM_sk_delete(type, st,i) \
-	((type * (*)(STACK_OF(type) *, int))sk_delete)(st, i)
-#define SKM_sk_delete_ptr(type, st,ptr) \
-	((type * (*)(STACK_OF(type) *, type *))sk_delete_ptr)(st, ptr)
-#define SKM_sk_insert(type, st,val,i) \
-	((int (*)(STACK_OF(type) *, type *, int))sk_insert)(st, val, i)
-#define SKM_sk_set_cmp_func(type, st,cmp) \
-	((int (*(*)(STACK_OF(type) *, int (*)(const type * const *, const type * const *))) \
-	  (const type * const *, const type * const *))sk_set_cmp_func)\
-	(st, cmp)
-#define SKM_sk_dup(type, st) \
-	((STACK_OF(type) *(*)(STACK_OF(type) *))sk_dup)(st)
-#define SKM_sk_pop_free(type, st,free_func) \
-	((void (*)(STACK_OF(type) *, void (*)(type *)))sk_pop_free)\
-	(st, free_func)
-#define SKM_sk_shift(type, st) \
-	((type * (*)(STACK_OF(type) *))sk_shift)(st)
-#define SKM_sk_pop(type, st) \
-	((type * (*)(STACK_OF(type) *))sk_pop)(st)
-#define SKM_sk_sort(type, st) \
-	((void (*)(STACK_OF(type) *))sk_sort)(st)
-#define SKM_sk_is_sorted(type, st) \
-	((int (*)(const STACK_OF(type) *))sk_is_sorted)(st)
 
-#define	SKM_ASN1_SET_OF_d2i(type, st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-((STACK_OF(type) * (*) (STACK_OF(type) **,const unsigned char **, long , \
-                         type *(*)(type **, const unsigned char **,long), \
-                                void (*)(type *), int ,int )) d2i_ASN1_SET) \
-			(st,pp,length, d2i_func, free_func, ex_tag,ex_class)
-#define	SKM_ASN1_SET_OF_i2d(type, st, pp, i2d_func, ex_tag, ex_class, is_set) \
-	((int (*)(STACK_OF(type) *,unsigned char **, \
-                           int (*)(type *,unsigned char **), int , int , int)) i2d_ASN1_SET) \
-						(st,pp,i2d_func,ex_tag,ex_class,is_set)
+/* Strings are special: normally an lhash entry will point to a single
+ * (somewhat) mutable object. In the case of strings:
+ *
+ * a) Instead of a single char, there is an array of chars, NUL-terminated.
+ * b) The string may have be immutable.
+ *
+ * So, they need their own declarations. Especially important for
+ * type-checking tools, such as Deputy.
+ *
+o * In practice, however, it appears to be hard to have a const
+ * string. For now, I'm settling for dealing with the fact it is a
+ * string at all.
+ */
+typedef char *OPENSSL_STRING;
 
-#define	SKM_ASN1_seq_pack(type, st, i2d_func, buf, len) \
-	((unsigned char *(*)(STACK_OF(type) *, \
-                                    int (*)(type *,unsigned char **), unsigned char **,int *)) ASN1_seq_pack) \
-				(st, i2d_func, buf, len)
-#define	SKM_ASN1_seq_unpack(type, buf, len, d2i_func, free_func) \
-	((STACK_OF(type) * (*)(const unsigned char *,int, \
-                              type *(*)(type **,const unsigned char **, long), \
-                                       void (*)(type *)))ASN1_seq_unpack) \
-					(buf,len,d2i_func, free_func)
+typedef const char *OPENSSL_CSTRING;
 
-#define SKM_PKCS12_decrypt_d2i(type, algor, d2i_func, free_func, pass, passlen, oct, seq) \
-	((STACK_OF(type) * (*)(X509_ALGOR *, \
-            		type *(*)(type **, const unsigned char **, long), \
-				void (*)(type *), \
-                                const char *, int, \
-                                ASN1_STRING *, int))PKCS12_decrypt_d2i) \
-				(algor,d2i_func,free_func,pass,passlen,oct,seq)
+/* Confusingly, LHASH_OF(STRING) deals with char ** throughout, but
+ * STACK_OF(STRING) is really more like STACK_OF(char), only, as
+ * mentioned above, instead of a single char each entry is a
+ * NUL-terminated array of chars. So, we have to implement STRING
+ * specially for STACK_OF. This is dealt with in the autogenerated
+ * macros below.
+ */
+
+DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char)
 
-#else
+/* Similarly, we sometimes use a block of characters, NOT
+ * nul-terminated. These should also be distinguished from "normal"
+ * stacks. */
 
-#define STACK_OF(type) STACK
-#define PREDECLARE_STACK_OF(type) /* nada */
-#define DECLARE_STACK_OF(type)    /* nada */
-#define IMPLEMENT_STACK_OF(type)  /* nada */
+typedef void *OPENSSL_BLOCK;
+DECLARE_SPECIAL_STACK_OF(OPENSSL_BLOCK, void)
 
+/* SKM_sk_... stack macros are internal to safestack.h:
+ * never use them directly, use sk_<type>_... instead */
 #define SKM_sk_new(type, cmp) \
-	sk_new((int (*)(const char * const *, const char * const *))(cmp))
+	((STACK_OF(type) *)sk_new(CHECKED_SK_CMP_FUNC(type, cmp)))
 #define SKM_sk_new_null(type) \
-	sk_new_null()
+	((STACK_OF(type) *)sk_new_null())
 #define SKM_sk_free(type, st) \
-	sk_free(st)
+	sk_free(CHECKED_STACK_OF(type, st))
 #define SKM_sk_num(type, st) \
-	sk_num(st)
+	sk_num(CHECKED_STACK_OF(type, st))
 #define SKM_sk_value(type, st,i) \
-	((type *)sk_value(st, i))
+	((type *)sk_value(CHECKED_STACK_OF(type, st), i))
 #define SKM_sk_set(type, st,i,val) \
-	((type *)sk_set(st, i,(char *)val))
+	sk_set(CHECKED_STACK_OF(type, st), i, CHECKED_PTR_OF(type, val))
 #define SKM_sk_zero(type, st) \
-	sk_zero(st)
-#define SKM_sk_push(type, st,val) \
-	sk_push(st, (char *)val)
-#define SKM_sk_unshift(type, st,val) \
-	sk_unshift(st, val)
-#define SKM_sk_find(type, st,val) \
-	sk_find(st, (char *)val)
-#define SKM_sk_delete(type, st,i) \
-	((type *)sk_delete(st, i))
-#define SKM_sk_delete_ptr(type, st,ptr) \
-	((type *)sk_delete_ptr(st,(char *)ptr))
-#define SKM_sk_insert(type, st,val,i) \
-	sk_insert(st, (char *)val, i)
-#define SKM_sk_set_cmp_func(type, st,cmp) \
+	sk_zero(CHECKED_STACK_OF(type, st))
+#define SKM_sk_push(type, st, val) \
+	sk_push(CHECKED_STACK_OF(type, st), CHECKED_PTR_OF(type, val))
+#define SKM_sk_unshift(type, st, val) \
+	sk_unshift(CHECKED_STACK_OF(type, st), CHECKED_PTR_OF(type, val))
+#define SKM_sk_find(type, st, val) \
+	sk_find(CHECKED_STACK_OF(type, st), CHECKED_PTR_OF(type, val))
+#define SKM_sk_find_ex(type, st, val) \
+	sk_find_ex(CHECKED_STACK_OF(type, st), \
+		   CHECKED_PTR_OF(type, val))
+#define SKM_sk_delete(type, st, i) \
+	(type *)sk_delete(CHECKED_STACK_OF(type, st), i)
+#define SKM_sk_delete_ptr(type, st, ptr) \
+	(type *)sk_delete_ptr(CHECKED_STACK_OF(type, st), CHECKED_PTR_OF(type, ptr))
+#define SKM_sk_insert(type, st,val, i) \
+	sk_insert(CHECKED_STACK_OF(type, st), CHECKED_PTR_OF(type, val), i)
+#define SKM_sk_set_cmp_func(type, st, cmp) \
 	((int (*)(const type * const *,const type * const *)) \
-	sk_set_cmp_func(st, (int (*)(const char * const *, const char * const *))(cmp)))
+	sk_set_cmp_func(CHECKED_STACK_OF(type, st), CHECKED_SK_CMP_FUNC(type, cmp)))
 #define SKM_sk_dup(type, st) \
-	sk_dup(st)
-#define SKM_sk_pop_free(type, st,free_func) \
-	sk_pop_free(st, (void (*)(void *))free_func)
+	(STACK_OF(type) *)sk_dup(CHECKED_STACK_OF(type, st))
+#define SKM_sk_pop_free(type, st, free_func) \
+	sk_pop_free(CHECKED_STACK_OF(type, st), CHECKED_SK_FREE_FUNC(type, free_func))
 #define SKM_sk_shift(type, st) \
-	((type *)sk_shift(st))
+	(type *)sk_shift(CHECKED_STACK_OF(type, st))
 #define SKM_sk_pop(type, st) \
-	((type *)sk_pop(st))
+	(type *)sk_pop(CHECKED_STACK_OF(type, st))
 #define SKM_sk_sort(type, st) \
-	sk_sort(st)
+	sk_sort(CHECKED_STACK_OF(type, st))
 #define SKM_sk_is_sorted(type, st) \
-	sk_is_sorted(st)
+	sk_is_sorted(CHECKED_STACK_OF(type, st))
 
 #define	SKM_ASN1_SET_OF_d2i(type, st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-	d2i_ASN1_SET(st,pp,length, (char *(*)())d2i_func, (void (*)(void *))free_func, ex_tag,ex_class)
+	(STACK_OF(type) *)d2i_ASN1_SET(CHECKED_STACK_OF(type, st), \
+				pp, length, \
+				CHECKED_D2I_OF(type, d2i_func), \
+				CHECKED_SK_FREE_FUNC(type, free_func), \
+				ex_tag, ex_class)
+
 #define	SKM_ASN1_SET_OF_i2d(type, st, pp, i2d_func, ex_tag, ex_class, is_set) \
-	i2d_ASN1_SET(st,pp,i2d_func,ex_tag,ex_class,is_set)
+	i2d_ASN1_SET(CHECKED_STACK_OF(type, st), pp, \
+				CHECKED_I2D_OF(type, i2d_func), \
+				ex_tag, ex_class, is_set)
 
 #define	SKM_ASN1_seq_pack(type, st, i2d_func, buf, len) \
-	ASN1_seq_pack(st, i2d_func, buf, len)
+	ASN1_seq_pack(CHECKED_PTR_OF(STACK_OF(type), st), \
+			CHECKED_I2D_OF(type, i2d_func), buf, len)
+
 #define	SKM_ASN1_seq_unpack(type, buf, len, d2i_func, free_func) \
-	ASN1_seq_unpack(buf,len,(char *(*)())d2i_func, (void(*)(void *))free_func)
+	(STACK_OF(type) *)ASN1_seq_unpack(buf, len, CHECKED_D2I_OF(type, d2i_func), CHECKED_SK_FREE_FUNC(type, free_func))
 
 #define SKM_PKCS12_decrypt_d2i(type, algor, d2i_func, free_func, pass, passlen, oct, seq) \
-	((STACK *)PKCS12_decrypt_d2i(algor,(char *(*)())d2i_func, (void(*)(void *))free_func,pass,passlen,oct,seq))
-
-#endif
+	(STACK_OF(type) *)PKCS12_decrypt_d2i(algor, \
+				CHECKED_D2I_OF(type, d2i_func), \
+				CHECKED_SK_FREE_FUNC(type, free_func), \
+				pass, passlen, oct, seq)
 
 /* This block of defines is updated by util/mkstack.pl, please do not touch! */
-#define sk_ACCESS_DESCRIPTION_new(st) SKM_sk_new(ACCESS_DESCRIPTION, (st))
+#define sk_ACCESS_DESCRIPTION_new(cmp) SKM_sk_new(ACCESS_DESCRIPTION, (cmp))
 #define sk_ACCESS_DESCRIPTION_new_null() SKM_sk_new_null(ACCESS_DESCRIPTION)
 #define sk_ACCESS_DESCRIPTION_free(st) SKM_sk_free(ACCESS_DESCRIPTION, (st))
 #define sk_ACCESS_DESCRIPTION_num(st) SKM_sk_num(ACCESS_DESCRIPTION, (st))
@@ -231,7 +226,29 @@ STACK_OF(type) \
 #define sk_ACCESS_DESCRIPTION_sort(st) SKM_sk_sort(ACCESS_DESCRIPTION, (st))
 #define sk_ACCESS_DESCRIPTION_is_sorted(st) SKM_sk_is_sorted(ACCESS_DESCRIPTION, (st))
 
-#define sk_ASN1_GENERALSTRING_new(st) SKM_sk_new(ASN1_GENERALSTRING, (st))
+#define sk_ASIdOrRange_new(cmp) SKM_sk_new(ASIdOrRange, (cmp))
+#define sk_ASIdOrRange_new_null() SKM_sk_new_null(ASIdOrRange)
+#define sk_ASIdOrRange_free(st) SKM_sk_free(ASIdOrRange, (st))
+#define sk_ASIdOrRange_num(st) SKM_sk_num(ASIdOrRange, (st))
+#define sk_ASIdOrRange_value(st, i) SKM_sk_value(ASIdOrRange, (st), (i))
+#define sk_ASIdOrRange_set(st, i, val) SKM_sk_set(ASIdOrRange, (st), (i), (val))
+#define sk_ASIdOrRange_zero(st) SKM_sk_zero(ASIdOrRange, (st))
+#define sk_ASIdOrRange_push(st, val) SKM_sk_push(ASIdOrRange, (st), (val))
+#define sk_ASIdOrRange_unshift(st, val) SKM_sk_unshift(ASIdOrRange, (st), (val))
+#define sk_ASIdOrRange_find(st, val) SKM_sk_find(ASIdOrRange, (st), (val))
+#define sk_ASIdOrRange_find_ex(st, val) SKM_sk_find_ex(ASIdOrRange, (st), (val))
+#define sk_ASIdOrRange_delete(st, i) SKM_sk_delete(ASIdOrRange, (st), (i))
+#define sk_ASIdOrRange_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASIdOrRange, (st), (ptr))
+#define sk_ASIdOrRange_insert(st, val, i) SKM_sk_insert(ASIdOrRange, (st), (val), (i))
+#define sk_ASIdOrRange_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASIdOrRange, (st), (cmp))
+#define sk_ASIdOrRange_dup(st) SKM_sk_dup(ASIdOrRange, st)
+#define sk_ASIdOrRange_pop_free(st, free_func) SKM_sk_pop_free(ASIdOrRange, (st), (free_func))
+#define sk_ASIdOrRange_shift(st) SKM_sk_shift(ASIdOrRange, (st))
+#define sk_ASIdOrRange_pop(st) SKM_sk_pop(ASIdOrRange, (st))
+#define sk_ASIdOrRange_sort(st) SKM_sk_sort(ASIdOrRange, (st))
+#define sk_ASIdOrRange_is_sorted(st) SKM_sk_is_sorted(ASIdOrRange, (st))
+
+#define sk_ASN1_GENERALSTRING_new(cmp) SKM_sk_new(ASN1_GENERALSTRING, (cmp))
 #define sk_ASN1_GENERALSTRING_new_null() SKM_sk_new_null(ASN1_GENERALSTRING)
 #define sk_ASN1_GENERALSTRING_free(st) SKM_sk_free(ASN1_GENERALSTRING, (st))
 #define sk_ASN1_GENERALSTRING_num(st) SKM_sk_num(ASN1_GENERALSTRING, (st))
@@ -253,7 +270,7 @@ STACK_OF(type) \
 #define sk_ASN1_GENERALSTRING_sort(st) SKM_sk_sort(ASN1_GENERALSTRING, (st))
 #define sk_ASN1_GENERALSTRING_is_sorted(st) SKM_sk_is_sorted(ASN1_GENERALSTRING, (st))
 
-#define sk_ASN1_INTEGER_new(st) SKM_sk_new(ASN1_INTEGER, (st))
+#define sk_ASN1_INTEGER_new(cmp) SKM_sk_new(ASN1_INTEGER, (cmp))
 #define sk_ASN1_INTEGER_new_null() SKM_sk_new_null(ASN1_INTEGER)
 #define sk_ASN1_INTEGER_free(st) SKM_sk_free(ASN1_INTEGER, (st))
 #define sk_ASN1_INTEGER_num(st) SKM_sk_num(ASN1_INTEGER, (st))
@@ -275,7 +292,7 @@ STACK_OF(type) \
 #define sk_ASN1_INTEGER_sort(st) SKM_sk_sort(ASN1_INTEGER, (st))
 #define sk_ASN1_INTEGER_is_sorted(st) SKM_sk_is_sorted(ASN1_INTEGER, (st))
 
-#define sk_ASN1_OBJECT_new(st) SKM_sk_new(ASN1_OBJECT, (st))
+#define sk_ASN1_OBJECT_new(cmp) SKM_sk_new(ASN1_OBJECT, (cmp))
 #define sk_ASN1_OBJECT_new_null() SKM_sk_new_null(ASN1_OBJECT)
 #define sk_ASN1_OBJECT_free(st) SKM_sk_free(ASN1_OBJECT, (st))
 #define sk_ASN1_OBJECT_num(st) SKM_sk_num(ASN1_OBJECT, (st))
@@ -297,7 +314,7 @@ STACK_OF(type) \
 #define sk_ASN1_OBJECT_sort(st) SKM_sk_sort(ASN1_OBJECT, (st))
 #define sk_ASN1_OBJECT_is_sorted(st) SKM_sk_is_sorted(ASN1_OBJECT, (st))
 
-#define sk_ASN1_STRING_TABLE_new(st) SKM_sk_new(ASN1_STRING_TABLE, (st))
+#define sk_ASN1_STRING_TABLE_new(cmp) SKM_sk_new(ASN1_STRING_TABLE, (cmp))
 #define sk_ASN1_STRING_TABLE_new_null() SKM_sk_new_null(ASN1_STRING_TABLE)
 #define sk_ASN1_STRING_TABLE_free(st) SKM_sk_free(ASN1_STRING_TABLE, (st))
 #define sk_ASN1_STRING_TABLE_num(st) SKM_sk_num(ASN1_STRING_TABLE, (st))
@@ -319,7 +336,7 @@ STACK_OF(type) \
 #define sk_ASN1_STRING_TABLE_sort(st) SKM_sk_sort(ASN1_STRING_TABLE, (st))
 #define sk_ASN1_STRING_TABLE_is_sorted(st) SKM_sk_is_sorted(ASN1_STRING_TABLE, (st))
 
-#define sk_ASN1_TYPE_new(st) SKM_sk_new(ASN1_TYPE, (st))
+#define sk_ASN1_TYPE_new(cmp) SKM_sk_new(ASN1_TYPE, (cmp))
 #define sk_ASN1_TYPE_new_null() SKM_sk_new_null(ASN1_TYPE)
 #define sk_ASN1_TYPE_free(st) SKM_sk_free(ASN1_TYPE, (st))
 #define sk_ASN1_TYPE_num(st) SKM_sk_num(ASN1_TYPE, (st))
@@ -341,7 +358,29 @@ STACK_OF(type) \
 #define sk_ASN1_TYPE_sort(st) SKM_sk_sort(ASN1_TYPE, (st))
 #define sk_ASN1_TYPE_is_sorted(st) SKM_sk_is_sorted(ASN1_TYPE, (st))
 
-#define sk_ASN1_VALUE_new(st) SKM_sk_new(ASN1_VALUE, (st))
+#define sk_ASN1_UTF8STRING_new(cmp) SKM_sk_new(ASN1_UTF8STRING, (cmp))
+#define sk_ASN1_UTF8STRING_new_null() SKM_sk_new_null(ASN1_UTF8STRING)
+#define sk_ASN1_UTF8STRING_free(st) SKM_sk_free(ASN1_UTF8STRING, (st))
+#define sk_ASN1_UTF8STRING_num(st) SKM_sk_num(ASN1_UTF8STRING, (st))
+#define sk_ASN1_UTF8STRING_value(st, i) SKM_sk_value(ASN1_UTF8STRING, (st), (i))
+#define sk_ASN1_UTF8STRING_set(st, i, val) SKM_sk_set(ASN1_UTF8STRING, (st), (i), (val))
+#define sk_ASN1_UTF8STRING_zero(st) SKM_sk_zero(ASN1_UTF8STRING, (st))
+#define sk_ASN1_UTF8STRING_push(st, val) SKM_sk_push(ASN1_UTF8STRING, (st), (val))
+#define sk_ASN1_UTF8STRING_unshift(st, val) SKM_sk_unshift(ASN1_UTF8STRING, (st), (val))
+#define sk_ASN1_UTF8STRING_find(st, val) SKM_sk_find(ASN1_UTF8STRING, (st), (val))
+#define sk_ASN1_UTF8STRING_find_ex(st, val) SKM_sk_find_ex(ASN1_UTF8STRING, (st), (val))
+#define sk_ASN1_UTF8STRING_delete(st, i) SKM_sk_delete(ASN1_UTF8STRING, (st), (i))
+#define sk_ASN1_UTF8STRING_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_UTF8STRING, (st), (ptr))
+#define sk_ASN1_UTF8STRING_insert(st, val, i) SKM_sk_insert(ASN1_UTF8STRING, (st), (val), (i))
+#define sk_ASN1_UTF8STRING_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASN1_UTF8STRING, (st), (cmp))
+#define sk_ASN1_UTF8STRING_dup(st) SKM_sk_dup(ASN1_UTF8STRING, st)
+#define sk_ASN1_UTF8STRING_pop_free(st, free_func) SKM_sk_pop_free(ASN1_UTF8STRING, (st), (free_func))
+#define sk_ASN1_UTF8STRING_shift(st) SKM_sk_shift(ASN1_UTF8STRING, (st))
+#define sk_ASN1_UTF8STRING_pop(st) SKM_sk_pop(ASN1_UTF8STRING, (st))
+#define sk_ASN1_UTF8STRING_sort(st) SKM_sk_sort(ASN1_UTF8STRING, (st))
+#define sk_ASN1_UTF8STRING_is_sorted(st) SKM_sk_is_sorted(ASN1_UTF8STRING, (st))
+
+#define sk_ASN1_VALUE_new(cmp) SKM_sk_new(ASN1_VALUE, (cmp))
 #define sk_ASN1_VALUE_new_null() SKM_sk_new_null(ASN1_VALUE)
 #define sk_ASN1_VALUE_free(st) SKM_sk_free(ASN1_VALUE, (st))
 #define sk_ASN1_VALUE_num(st) SKM_sk_num(ASN1_VALUE, (st))
@@ -363,7 +402,7 @@ STACK_OF(type) \
 #define sk_ASN1_VALUE_sort(st) SKM_sk_sort(ASN1_VALUE, (st))
 #define sk_ASN1_VALUE_is_sorted(st) SKM_sk_is_sorted(ASN1_VALUE, (st))
 
-#define sk_BIO_new(st) SKM_sk_new(BIO, (st))
+#define sk_BIO_new(cmp) SKM_sk_new(BIO, (cmp))
 #define sk_BIO_new_null() SKM_sk_new_null(BIO)
 #define sk_BIO_free(st) SKM_sk_free(BIO, (st))
 #define sk_BIO_num(st) SKM_sk_num(BIO, (st))
@@ -385,7 +424,139 @@ STACK_OF(type) \
 #define sk_BIO_sort(st) SKM_sk_sort(BIO, (st))
 #define sk_BIO_is_sorted(st) SKM_sk_is_sorted(BIO, (st))
 
-#define sk_CONF_IMODULE_new(st) SKM_sk_new(CONF_IMODULE, (st))
+#define sk_BY_DIR_ENTRY_new(cmp) SKM_sk_new(BY_DIR_ENTRY, (cmp))
+#define sk_BY_DIR_ENTRY_new_null() SKM_sk_new_null(BY_DIR_ENTRY)
+#define sk_BY_DIR_ENTRY_free(st) SKM_sk_free(BY_DIR_ENTRY, (st))
+#define sk_BY_DIR_ENTRY_num(st) SKM_sk_num(BY_DIR_ENTRY, (st))
+#define sk_BY_DIR_ENTRY_value(st, i) SKM_sk_value(BY_DIR_ENTRY, (st), (i))
+#define sk_BY_DIR_ENTRY_set(st, i, val) SKM_sk_set(BY_DIR_ENTRY, (st), (i), (val))
+#define sk_BY_DIR_ENTRY_zero(st) SKM_sk_zero(BY_DIR_ENTRY, (st))
+#define sk_BY_DIR_ENTRY_push(st, val) SKM_sk_push(BY_DIR_ENTRY, (st), (val))
+#define sk_BY_DIR_ENTRY_unshift(st, val) SKM_sk_unshift(BY_DIR_ENTRY, (st), (val))
+#define sk_BY_DIR_ENTRY_find(st, val) SKM_sk_find(BY_DIR_ENTRY, (st), (val))
+#define sk_BY_DIR_ENTRY_find_ex(st, val) SKM_sk_find_ex(BY_DIR_ENTRY, (st), (val))
+#define sk_BY_DIR_ENTRY_delete(st, i) SKM_sk_delete(BY_DIR_ENTRY, (st), (i))
+#define sk_BY_DIR_ENTRY_delete_ptr(st, ptr) SKM_sk_delete_ptr(BY_DIR_ENTRY, (st), (ptr))
+#define sk_BY_DIR_ENTRY_insert(st, val, i) SKM_sk_insert(BY_DIR_ENTRY, (st), (val), (i))
+#define sk_BY_DIR_ENTRY_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(BY_DIR_ENTRY, (st), (cmp))
+#define sk_BY_DIR_ENTRY_dup(st) SKM_sk_dup(BY_DIR_ENTRY, st)
+#define sk_BY_DIR_ENTRY_pop_free(st, free_func) SKM_sk_pop_free(BY_DIR_ENTRY, (st), (free_func))
+#define sk_BY_DIR_ENTRY_shift(st) SKM_sk_shift(BY_DIR_ENTRY, (st))
+#define sk_BY_DIR_ENTRY_pop(st) SKM_sk_pop(BY_DIR_ENTRY, (st))
+#define sk_BY_DIR_ENTRY_sort(st) SKM_sk_sort(BY_DIR_ENTRY, (st))
+#define sk_BY_DIR_ENTRY_is_sorted(st) SKM_sk_is_sorted(BY_DIR_ENTRY, (st))
+
+#define sk_BY_DIR_HASH_new(cmp) SKM_sk_new(BY_DIR_HASH, (cmp))
+#define sk_BY_DIR_HASH_new_null() SKM_sk_new_null(BY_DIR_HASH)
+#define sk_BY_DIR_HASH_free(st) SKM_sk_free(BY_DIR_HASH, (st))
+#define sk_BY_DIR_HASH_num(st) SKM_sk_num(BY_DIR_HASH, (st))
+#define sk_BY_DIR_HASH_value(st, i) SKM_sk_value(BY_DIR_HASH, (st), (i))
+#define sk_BY_DIR_HASH_set(st, i, val) SKM_sk_set(BY_DIR_HASH, (st), (i), (val))
+#define sk_BY_DIR_HASH_zero(st) SKM_sk_zero(BY_DIR_HASH, (st))
+#define sk_BY_DIR_HASH_push(st, val) SKM_sk_push(BY_DIR_HASH, (st), (val))
+#define sk_BY_DIR_HASH_unshift(st, val) SKM_sk_unshift(BY_DIR_HASH, (st), (val))
+#define sk_BY_DIR_HASH_find(st, val) SKM_sk_find(BY_DIR_HASH, (st), (val))
+#define sk_BY_DIR_HASH_find_ex(st, val) SKM_sk_find_ex(BY_DIR_HASH, (st), (val))
+#define sk_BY_DIR_HASH_delete(st, i) SKM_sk_delete(BY_DIR_HASH, (st), (i))
+#define sk_BY_DIR_HASH_delete_ptr(st, ptr) SKM_sk_delete_ptr(BY_DIR_HASH, (st), (ptr))
+#define sk_BY_DIR_HASH_insert(st, val, i) SKM_sk_insert(BY_DIR_HASH, (st), (val), (i))
+#define sk_BY_DIR_HASH_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(BY_DIR_HASH, (st), (cmp))
+#define sk_BY_DIR_HASH_dup(st) SKM_sk_dup(BY_DIR_HASH, st)
+#define sk_BY_DIR_HASH_pop_free(st, free_func) SKM_sk_pop_free(BY_DIR_HASH, (st), (free_func))
+#define sk_BY_DIR_HASH_shift(st) SKM_sk_shift(BY_DIR_HASH, (st))
+#define sk_BY_DIR_HASH_pop(st) SKM_sk_pop(BY_DIR_HASH, (st))
+#define sk_BY_DIR_HASH_sort(st) SKM_sk_sort(BY_DIR_HASH, (st))
+#define sk_BY_DIR_HASH_is_sorted(st) SKM_sk_is_sorted(BY_DIR_HASH, (st))
+
+#define sk_CMS_CertificateChoices_new(cmp) SKM_sk_new(CMS_CertificateChoices, (cmp))
+#define sk_CMS_CertificateChoices_new_null() SKM_sk_new_null(CMS_CertificateChoices)
+#define sk_CMS_CertificateChoices_free(st) SKM_sk_free(CMS_CertificateChoices, (st))
+#define sk_CMS_CertificateChoices_num(st) SKM_sk_num(CMS_CertificateChoices, (st))
+#define sk_CMS_CertificateChoices_value(st, i) SKM_sk_value(CMS_CertificateChoices, (st), (i))
+#define sk_CMS_CertificateChoices_set(st, i, val) SKM_sk_set(CMS_CertificateChoices, (st), (i), (val))
+#define sk_CMS_CertificateChoices_zero(st) SKM_sk_zero(CMS_CertificateChoices, (st))
+#define sk_CMS_CertificateChoices_push(st, val) SKM_sk_push(CMS_CertificateChoices, (st), (val))
+#define sk_CMS_CertificateChoices_unshift(st, val) SKM_sk_unshift(CMS_CertificateChoices, (st), (val))
+#define sk_CMS_CertificateChoices_find(st, val) SKM_sk_find(CMS_CertificateChoices, (st), (val))
+#define sk_CMS_CertificateChoices_find_ex(st, val) SKM_sk_find_ex(CMS_CertificateChoices, (st), (val))
+#define sk_CMS_CertificateChoices_delete(st, i) SKM_sk_delete(CMS_CertificateChoices, (st), (i))
+#define sk_CMS_CertificateChoices_delete_ptr(st, ptr) SKM_sk_delete_ptr(CMS_CertificateChoices, (st), (ptr))
+#define sk_CMS_CertificateChoices_insert(st, val, i) SKM_sk_insert(CMS_CertificateChoices, (st), (val), (i))
+#define sk_CMS_CertificateChoices_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CMS_CertificateChoices, (st), (cmp))
+#define sk_CMS_CertificateChoices_dup(st) SKM_sk_dup(CMS_CertificateChoices, st)
+#define sk_CMS_CertificateChoices_pop_free(st, free_func) SKM_sk_pop_free(CMS_CertificateChoices, (st), (free_func))
+#define sk_CMS_CertificateChoices_shift(st) SKM_sk_shift(CMS_CertificateChoices, (st))
+#define sk_CMS_CertificateChoices_pop(st) SKM_sk_pop(CMS_CertificateChoices, (st))
+#define sk_CMS_CertificateChoices_sort(st) SKM_sk_sort(CMS_CertificateChoices, (st))
+#define sk_CMS_CertificateChoices_is_sorted(st) SKM_sk_is_sorted(CMS_CertificateChoices, (st))
+
+#define sk_CMS_RecipientInfo_new(cmp) SKM_sk_new(CMS_RecipientInfo, (cmp))
+#define sk_CMS_RecipientInfo_new_null() SKM_sk_new_null(CMS_RecipientInfo)
+#define sk_CMS_RecipientInfo_free(st) SKM_sk_free(CMS_RecipientInfo, (st))
+#define sk_CMS_RecipientInfo_num(st) SKM_sk_num(CMS_RecipientInfo, (st))
+#define sk_CMS_RecipientInfo_value(st, i) SKM_sk_value(CMS_RecipientInfo, (st), (i))
+#define sk_CMS_RecipientInfo_set(st, i, val) SKM_sk_set(CMS_RecipientInfo, (st), (i), (val))
+#define sk_CMS_RecipientInfo_zero(st) SKM_sk_zero(CMS_RecipientInfo, (st))
+#define sk_CMS_RecipientInfo_push(st, val) SKM_sk_push(CMS_RecipientInfo, (st), (val))
+#define sk_CMS_RecipientInfo_unshift(st, val) SKM_sk_unshift(CMS_RecipientInfo, (st), (val))
+#define sk_CMS_RecipientInfo_find(st, val) SKM_sk_find(CMS_RecipientInfo, (st), (val))
+#define sk_CMS_RecipientInfo_find_ex(st, val) SKM_sk_find_ex(CMS_RecipientInfo, (st), (val))
+#define sk_CMS_RecipientInfo_delete(st, i) SKM_sk_delete(CMS_RecipientInfo, (st), (i))
+#define sk_CMS_RecipientInfo_delete_ptr(st, ptr) SKM_sk_delete_ptr(CMS_RecipientInfo, (st), (ptr))
+#define sk_CMS_RecipientInfo_insert(st, val, i) SKM_sk_insert(CMS_RecipientInfo, (st), (val), (i))
+#define sk_CMS_RecipientInfo_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CMS_RecipientInfo, (st), (cmp))
+#define sk_CMS_RecipientInfo_dup(st) SKM_sk_dup(CMS_RecipientInfo, st)
+#define sk_CMS_RecipientInfo_pop_free(st, free_func) SKM_sk_pop_free(CMS_RecipientInfo, (st), (free_func))
+#define sk_CMS_RecipientInfo_shift(st) SKM_sk_shift(CMS_RecipientInfo, (st))
+#define sk_CMS_RecipientInfo_pop(st) SKM_sk_pop(CMS_RecipientInfo, (st))
+#define sk_CMS_RecipientInfo_sort(st) SKM_sk_sort(CMS_RecipientInfo, (st))
+#define sk_CMS_RecipientInfo_is_sorted(st) SKM_sk_is_sorted(CMS_RecipientInfo, (st))
+
+#define sk_CMS_RevocationInfoChoice_new(cmp) SKM_sk_new(CMS_RevocationInfoChoice, (cmp))
+#define sk_CMS_RevocationInfoChoice_new_null() SKM_sk_new_null(CMS_RevocationInfoChoice)
+#define sk_CMS_RevocationInfoChoice_free(st) SKM_sk_free(CMS_RevocationInfoChoice, (st))
+#define sk_CMS_RevocationInfoChoice_num(st) SKM_sk_num(CMS_RevocationInfoChoice, (st))
+#define sk_CMS_RevocationInfoChoice_value(st, i) SKM_sk_value(CMS_RevocationInfoChoice, (st), (i))
+#define sk_CMS_RevocationInfoChoice_set(st, i, val) SKM_sk_set(CMS_RevocationInfoChoice, (st), (i), (val))
+#define sk_CMS_RevocationInfoChoice_zero(st) SKM_sk_zero(CMS_RevocationInfoChoice, (st))
+#define sk_CMS_RevocationInfoChoice_push(st, val) SKM_sk_push(CMS_RevocationInfoChoice, (st), (val))
+#define sk_CMS_RevocationInfoChoice_unshift(st, val) SKM_sk_unshift(CMS_RevocationInfoChoice, (st), (val))
+#define sk_CMS_RevocationInfoChoice_find(st, val) SKM_sk_find(CMS_RevocationInfoChoice, (st), (val))
+#define sk_CMS_RevocationInfoChoice_find_ex(st, val) SKM_sk_find_ex(CMS_RevocationInfoChoice, (st), (val))
+#define sk_CMS_RevocationInfoChoice_delete(st, i) SKM_sk_delete(CMS_RevocationInfoChoice, (st), (i))
+#define sk_CMS_RevocationInfoChoice_delete_ptr(st, ptr) SKM_sk_delete_ptr(CMS_RevocationInfoChoice, (st), (ptr))
+#define sk_CMS_RevocationInfoChoice_insert(st, val, i) SKM_sk_insert(CMS_RevocationInfoChoice, (st), (val), (i))
+#define sk_CMS_RevocationInfoChoice_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CMS_RevocationInfoChoice, (st), (cmp))
+#define sk_CMS_RevocationInfoChoice_dup(st) SKM_sk_dup(CMS_RevocationInfoChoice, st)
+#define sk_CMS_RevocationInfoChoice_pop_free(st, free_func) SKM_sk_pop_free(CMS_RevocationInfoChoice, (st), (free_func))
+#define sk_CMS_RevocationInfoChoice_shift(st) SKM_sk_shift(CMS_RevocationInfoChoice, (st))
+#define sk_CMS_RevocationInfoChoice_pop(st) SKM_sk_pop(CMS_RevocationInfoChoice, (st))
+#define sk_CMS_RevocationInfoChoice_sort(st) SKM_sk_sort(CMS_RevocationInfoChoice, (st))
+#define sk_CMS_RevocationInfoChoice_is_sorted(st) SKM_sk_is_sorted(CMS_RevocationInfoChoice, (st))
+
+#define sk_CMS_SignerInfo_new(cmp) SKM_sk_new(CMS_SignerInfo, (cmp))
+#define sk_CMS_SignerInfo_new_null() SKM_sk_new_null(CMS_SignerInfo)
+#define sk_CMS_SignerInfo_free(st) SKM_sk_free(CMS_SignerInfo, (st))
+#define sk_CMS_SignerInfo_num(st) SKM_sk_num(CMS_SignerInfo, (st))
+#define sk_CMS_SignerInfo_value(st, i) SKM_sk_value(CMS_SignerInfo, (st), (i))
+#define sk_CMS_SignerInfo_set(st, i, val) SKM_sk_set(CMS_SignerInfo, (st), (i), (val))
+#define sk_CMS_SignerInfo_zero(st) SKM_sk_zero(CMS_SignerInfo, (st))
+#define sk_CMS_SignerInfo_push(st, val) SKM_sk_push(CMS_SignerInfo, (st), (val))
+#define sk_CMS_SignerInfo_unshift(st, val) SKM_sk_unshift(CMS_SignerInfo, (st), (val))
+#define sk_CMS_SignerInfo_find(st, val) SKM_sk_find(CMS_SignerInfo, (st), (val))
+#define sk_CMS_SignerInfo_find_ex(st, val) SKM_sk_find_ex(CMS_SignerInfo, (st), (val))
+#define sk_CMS_SignerInfo_delete(st, i) SKM_sk_delete(CMS_SignerInfo, (st), (i))
+#define sk_CMS_SignerInfo_delete_ptr(st, ptr) SKM_sk_delete_ptr(CMS_SignerInfo, (st), (ptr))
+#define sk_CMS_SignerInfo_insert(st, val, i) SKM_sk_insert(CMS_SignerInfo, (st), (val), (i))
+#define sk_CMS_SignerInfo_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CMS_SignerInfo, (st), (cmp))
+#define sk_CMS_SignerInfo_dup(st) SKM_sk_dup(CMS_SignerInfo, st)
+#define sk_CMS_SignerInfo_pop_free(st, free_func) SKM_sk_pop_free(CMS_SignerInfo, (st), (free_func))
+#define sk_CMS_SignerInfo_shift(st) SKM_sk_shift(CMS_SignerInfo, (st))
+#define sk_CMS_SignerInfo_pop(st) SKM_sk_pop(CMS_SignerInfo, (st))
+#define sk_CMS_SignerInfo_sort(st) SKM_sk_sort(CMS_SignerInfo, (st))
+#define sk_CMS_SignerInfo_is_sorted(st) SKM_sk_is_sorted(CMS_SignerInfo, (st))
+
+#define sk_CONF_IMODULE_new(cmp) SKM_sk_new(CONF_IMODULE, (cmp))
 #define sk_CONF_IMODULE_new_null() SKM_sk_new_null(CONF_IMODULE)
 #define sk_CONF_IMODULE_free(st) SKM_sk_free(CONF_IMODULE, (st))
 #define sk_CONF_IMODULE_num(st) SKM_sk_num(CONF_IMODULE, (st))
@@ -407,7 +578,7 @@ STACK_OF(type) \
 #define sk_CONF_IMODULE_sort(st) SKM_sk_sort(CONF_IMODULE, (st))
 #define sk_CONF_IMODULE_is_sorted(st) SKM_sk_is_sorted(CONF_IMODULE, (st))
 
-#define sk_CONF_MODULE_new(st) SKM_sk_new(CONF_MODULE, (st))
+#define sk_CONF_MODULE_new(cmp) SKM_sk_new(CONF_MODULE, (cmp))
 #define sk_CONF_MODULE_new_null() SKM_sk_new_null(CONF_MODULE)
 #define sk_CONF_MODULE_free(st) SKM_sk_free(CONF_MODULE, (st))
 #define sk_CONF_MODULE_num(st) SKM_sk_num(CONF_MODULE, (st))
@@ -429,7 +600,7 @@ STACK_OF(type) \
 #define sk_CONF_MODULE_sort(st) SKM_sk_sort(CONF_MODULE, (st))
 #define sk_CONF_MODULE_is_sorted(st) SKM_sk_is_sorted(CONF_MODULE, (st))
 
-#define sk_CONF_VALUE_new(st) SKM_sk_new(CONF_VALUE, (st))
+#define sk_CONF_VALUE_new(cmp) SKM_sk_new(CONF_VALUE, (cmp))
 #define sk_CONF_VALUE_new_null() SKM_sk_new_null(CONF_VALUE)
 #define sk_CONF_VALUE_free(st) SKM_sk_free(CONF_VALUE, (st))
 #define sk_CONF_VALUE_num(st) SKM_sk_num(CONF_VALUE, (st))
@@ -451,7 +622,7 @@ STACK_OF(type) \
 #define sk_CONF_VALUE_sort(st) SKM_sk_sort(CONF_VALUE, (st))
 #define sk_CONF_VALUE_is_sorted(st) SKM_sk_is_sorted(CONF_VALUE, (st))
 
-#define sk_CRYPTO_EX_DATA_FUNCS_new(st) SKM_sk_new(CRYPTO_EX_DATA_FUNCS, (st))
+#define sk_CRYPTO_EX_DATA_FUNCS_new(cmp) SKM_sk_new(CRYPTO_EX_DATA_FUNCS, (cmp))
 #define sk_CRYPTO_EX_DATA_FUNCS_new_null() SKM_sk_new_null(CRYPTO_EX_DATA_FUNCS)
 #define sk_CRYPTO_EX_DATA_FUNCS_free(st) SKM_sk_free(CRYPTO_EX_DATA_FUNCS, (st))
 #define sk_CRYPTO_EX_DATA_FUNCS_num(st) SKM_sk_num(CRYPTO_EX_DATA_FUNCS, (st))
@@ -473,7 +644,7 @@ STACK_OF(type) \
 #define sk_CRYPTO_EX_DATA_FUNCS_sort(st) SKM_sk_sort(CRYPTO_EX_DATA_FUNCS, (st))
 #define sk_CRYPTO_EX_DATA_FUNCS_is_sorted(st) SKM_sk_is_sorted(CRYPTO_EX_DATA_FUNCS, (st))
 
-#define sk_CRYPTO_dynlock_new(st) SKM_sk_new(CRYPTO_dynlock, (st))
+#define sk_CRYPTO_dynlock_new(cmp) SKM_sk_new(CRYPTO_dynlock, (cmp))
 #define sk_CRYPTO_dynlock_new_null() SKM_sk_new_null(CRYPTO_dynlock)
 #define sk_CRYPTO_dynlock_free(st) SKM_sk_free(CRYPTO_dynlock, (st))
 #define sk_CRYPTO_dynlock_num(st) SKM_sk_num(CRYPTO_dynlock, (st))
@@ -495,7 +666,7 @@ STACK_OF(type) \
 #define sk_CRYPTO_dynlock_sort(st) SKM_sk_sort(CRYPTO_dynlock, (st))
 #define sk_CRYPTO_dynlock_is_sorted(st) SKM_sk_is_sorted(CRYPTO_dynlock, (st))
 
-#define sk_DIST_POINT_new(st) SKM_sk_new(DIST_POINT, (st))
+#define sk_DIST_POINT_new(cmp) SKM_sk_new(DIST_POINT, (cmp))
 #define sk_DIST_POINT_new_null() SKM_sk_new_null(DIST_POINT)
 #define sk_DIST_POINT_free(st) SKM_sk_free(DIST_POINT, (st))
 #define sk_DIST_POINT_num(st) SKM_sk_num(DIST_POINT, (st))
@@ -517,7 +688,7 @@ STACK_OF(type) \
 #define sk_DIST_POINT_sort(st) SKM_sk_sort(DIST_POINT, (st))
 #define sk_DIST_POINT_is_sorted(st) SKM_sk_is_sorted(DIST_POINT, (st))
 
-#define sk_ENGINE_new(st) SKM_sk_new(ENGINE, (st))
+#define sk_ENGINE_new(cmp) SKM_sk_new(ENGINE, (cmp))
 #define sk_ENGINE_new_null() SKM_sk_new_null(ENGINE)
 #define sk_ENGINE_free(st) SKM_sk_free(ENGINE, (st))
 #define sk_ENGINE_num(st) SKM_sk_num(ENGINE, (st))
@@ -539,7 +710,7 @@ STACK_OF(type) \
 #define sk_ENGINE_sort(st) SKM_sk_sort(ENGINE, (st))
 #define sk_ENGINE_is_sorted(st) SKM_sk_is_sorted(ENGINE, (st))
 
-#define sk_ENGINE_CLEANUP_ITEM_new(st) SKM_sk_new(ENGINE_CLEANUP_ITEM, (st))
+#define sk_ENGINE_CLEANUP_ITEM_new(cmp) SKM_sk_new(ENGINE_CLEANUP_ITEM, (cmp))
 #define sk_ENGINE_CLEANUP_ITEM_new_null() SKM_sk_new_null(ENGINE_CLEANUP_ITEM)
 #define sk_ENGINE_CLEANUP_ITEM_free(st) SKM_sk_free(ENGINE_CLEANUP_ITEM, (st))
 #define sk_ENGINE_CLEANUP_ITEM_num(st) SKM_sk_num(ENGINE_CLEANUP_ITEM, (st))
@@ -561,7 +732,117 @@ STACK_OF(type) \
 #define sk_ENGINE_CLEANUP_ITEM_sort(st) SKM_sk_sort(ENGINE_CLEANUP_ITEM, (st))
 #define sk_ENGINE_CLEANUP_ITEM_is_sorted(st) SKM_sk_is_sorted(ENGINE_CLEANUP_ITEM, (st))
 
-#define sk_GENERAL_NAME_new(st) SKM_sk_new(GENERAL_NAME, (st))
+#define sk_ESS_CERT_ID_new(cmp) SKM_sk_new(ESS_CERT_ID, (cmp))
+#define sk_ESS_CERT_ID_new_null() SKM_sk_new_null(ESS_CERT_ID)
+#define sk_ESS_CERT_ID_free(st) SKM_sk_free(ESS_CERT_ID, (st))
+#define sk_ESS_CERT_ID_num(st) SKM_sk_num(ESS_CERT_ID, (st))
+#define sk_ESS_CERT_ID_value(st, i) SKM_sk_value(ESS_CERT_ID, (st), (i))
+#define sk_ESS_CERT_ID_set(st, i, val) SKM_sk_set(ESS_CERT_ID, (st), (i), (val))
+#define sk_ESS_CERT_ID_zero(st) SKM_sk_zero(ESS_CERT_ID, (st))
+#define sk_ESS_CERT_ID_push(st, val) SKM_sk_push(ESS_CERT_ID, (st), (val))
+#define sk_ESS_CERT_ID_unshift(st, val) SKM_sk_unshift(ESS_CERT_ID, (st), (val))
+#define sk_ESS_CERT_ID_find(st, val) SKM_sk_find(ESS_CERT_ID, (st), (val))
+#define sk_ESS_CERT_ID_find_ex(st, val) SKM_sk_find_ex(ESS_CERT_ID, (st), (val))
+#define sk_ESS_CERT_ID_delete(st, i) SKM_sk_delete(ESS_CERT_ID, (st), (i))
+#define sk_ESS_CERT_ID_delete_ptr(st, ptr) SKM_sk_delete_ptr(ESS_CERT_ID, (st), (ptr))
+#define sk_ESS_CERT_ID_insert(st, val, i) SKM_sk_insert(ESS_CERT_ID, (st), (val), (i))
+#define sk_ESS_CERT_ID_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ESS_CERT_ID, (st), (cmp))
+#define sk_ESS_CERT_ID_dup(st) SKM_sk_dup(ESS_CERT_ID, st)
+#define sk_ESS_CERT_ID_pop_free(st, free_func) SKM_sk_pop_free(ESS_CERT_ID, (st), (free_func))
+#define sk_ESS_CERT_ID_shift(st) SKM_sk_shift(ESS_CERT_ID, (st))
+#define sk_ESS_CERT_ID_pop(st) SKM_sk_pop(ESS_CERT_ID, (st))
+#define sk_ESS_CERT_ID_sort(st) SKM_sk_sort(ESS_CERT_ID, (st))
+#define sk_ESS_CERT_ID_is_sorted(st) SKM_sk_is_sorted(ESS_CERT_ID, (st))
+
+#define sk_EVP_MD_new(cmp) SKM_sk_new(EVP_MD, (cmp))
+#define sk_EVP_MD_new_null() SKM_sk_new_null(EVP_MD)
+#define sk_EVP_MD_free(st) SKM_sk_free(EVP_MD, (st))
+#define sk_EVP_MD_num(st) SKM_sk_num(EVP_MD, (st))
+#define sk_EVP_MD_value(st, i) SKM_sk_value(EVP_MD, (st), (i))
+#define sk_EVP_MD_set(st, i, val) SKM_sk_set(EVP_MD, (st), (i), (val))
+#define sk_EVP_MD_zero(st) SKM_sk_zero(EVP_MD, (st))
+#define sk_EVP_MD_push(st, val) SKM_sk_push(EVP_MD, (st), (val))
+#define sk_EVP_MD_unshift(st, val) SKM_sk_unshift(EVP_MD, (st), (val))
+#define sk_EVP_MD_find(st, val) SKM_sk_find(EVP_MD, (st), (val))
+#define sk_EVP_MD_find_ex(st, val) SKM_sk_find_ex(EVP_MD, (st), (val))
+#define sk_EVP_MD_delete(st, i) SKM_sk_delete(EVP_MD, (st), (i))
+#define sk_EVP_MD_delete_ptr(st, ptr) SKM_sk_delete_ptr(EVP_MD, (st), (ptr))
+#define sk_EVP_MD_insert(st, val, i) SKM_sk_insert(EVP_MD, (st), (val), (i))
+#define sk_EVP_MD_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(EVP_MD, (st), (cmp))
+#define sk_EVP_MD_dup(st) SKM_sk_dup(EVP_MD, st)
+#define sk_EVP_MD_pop_free(st, free_func) SKM_sk_pop_free(EVP_MD, (st), (free_func))
+#define sk_EVP_MD_shift(st) SKM_sk_shift(EVP_MD, (st))
+#define sk_EVP_MD_pop(st) SKM_sk_pop(EVP_MD, (st))
+#define sk_EVP_MD_sort(st) SKM_sk_sort(EVP_MD, (st))
+#define sk_EVP_MD_is_sorted(st) SKM_sk_is_sorted(EVP_MD, (st))
+
+#define sk_EVP_PBE_CTL_new(cmp) SKM_sk_new(EVP_PBE_CTL, (cmp))
+#define sk_EVP_PBE_CTL_new_null() SKM_sk_new_null(EVP_PBE_CTL)
+#define sk_EVP_PBE_CTL_free(st) SKM_sk_free(EVP_PBE_CTL, (st))
+#define sk_EVP_PBE_CTL_num(st) SKM_sk_num(EVP_PBE_CTL, (st))
+#define sk_EVP_PBE_CTL_value(st, i) SKM_sk_value(EVP_PBE_CTL, (st), (i))
+#define sk_EVP_PBE_CTL_set(st, i, val) SKM_sk_set(EVP_PBE_CTL, (st), (i), (val))
+#define sk_EVP_PBE_CTL_zero(st) SKM_sk_zero(EVP_PBE_CTL, (st))
+#define sk_EVP_PBE_CTL_push(st, val) SKM_sk_push(EVP_PBE_CTL, (st), (val))
+#define sk_EVP_PBE_CTL_unshift(st, val) SKM_sk_unshift(EVP_PBE_CTL, (st), (val))
+#define sk_EVP_PBE_CTL_find(st, val) SKM_sk_find(EVP_PBE_CTL, (st), (val))
+#define sk_EVP_PBE_CTL_find_ex(st, val) SKM_sk_find_ex(EVP_PBE_CTL, (st), (val))
+#define sk_EVP_PBE_CTL_delete(st, i) SKM_sk_delete(EVP_PBE_CTL, (st), (i))
+#define sk_EVP_PBE_CTL_delete_ptr(st, ptr) SKM_sk_delete_ptr(EVP_PBE_CTL, (st), (ptr))
+#define sk_EVP_PBE_CTL_insert(st, val, i) SKM_sk_insert(EVP_PBE_CTL, (st), (val), (i))
+#define sk_EVP_PBE_CTL_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(EVP_PBE_CTL, (st), (cmp))
+#define sk_EVP_PBE_CTL_dup(st) SKM_sk_dup(EVP_PBE_CTL, st)
+#define sk_EVP_PBE_CTL_pop_free(st, free_func) SKM_sk_pop_free(EVP_PBE_CTL, (st), (free_func))
+#define sk_EVP_PBE_CTL_shift(st) SKM_sk_shift(EVP_PBE_CTL, (st))
+#define sk_EVP_PBE_CTL_pop(st) SKM_sk_pop(EVP_PBE_CTL, (st))
+#define sk_EVP_PBE_CTL_sort(st) SKM_sk_sort(EVP_PBE_CTL, (st))
+#define sk_EVP_PBE_CTL_is_sorted(st) SKM_sk_is_sorted(EVP_PBE_CTL, (st))
+
+#define sk_EVP_PKEY_ASN1_METHOD_new(cmp) SKM_sk_new(EVP_PKEY_ASN1_METHOD, (cmp))
+#define sk_EVP_PKEY_ASN1_METHOD_new_null() SKM_sk_new_null(EVP_PKEY_ASN1_METHOD)
+#define sk_EVP_PKEY_ASN1_METHOD_free(st) SKM_sk_free(EVP_PKEY_ASN1_METHOD, (st))
+#define sk_EVP_PKEY_ASN1_METHOD_num(st) SKM_sk_num(EVP_PKEY_ASN1_METHOD, (st))
+#define sk_EVP_PKEY_ASN1_METHOD_value(st, i) SKM_sk_value(EVP_PKEY_ASN1_METHOD, (st), (i))
+#define sk_EVP_PKEY_ASN1_METHOD_set(st, i, val) SKM_sk_set(EVP_PKEY_ASN1_METHOD, (st), (i), (val))
+#define sk_EVP_PKEY_ASN1_METHOD_zero(st) SKM_sk_zero(EVP_PKEY_ASN1_METHOD, (st))
+#define sk_EVP_PKEY_ASN1_METHOD_push(st, val) SKM_sk_push(EVP_PKEY_ASN1_METHOD, (st), (val))
+#define sk_EVP_PKEY_ASN1_METHOD_unshift(st, val) SKM_sk_unshift(EVP_PKEY_ASN1_METHOD, (st), (val))
+#define sk_EVP_PKEY_ASN1_METHOD_find(st, val) SKM_sk_find(EVP_PKEY_ASN1_METHOD, (st), (val))
+#define sk_EVP_PKEY_ASN1_METHOD_find_ex(st, val) SKM_sk_find_ex(EVP_PKEY_ASN1_METHOD, (st), (val))
+#define sk_EVP_PKEY_ASN1_METHOD_delete(st, i) SKM_sk_delete(EVP_PKEY_ASN1_METHOD, (st), (i))
+#define sk_EVP_PKEY_ASN1_METHOD_delete_ptr(st, ptr) SKM_sk_delete_ptr(EVP_PKEY_ASN1_METHOD, (st), (ptr))
+#define sk_EVP_PKEY_ASN1_METHOD_insert(st, val, i) SKM_sk_insert(EVP_PKEY_ASN1_METHOD, (st), (val), (i))
+#define sk_EVP_PKEY_ASN1_METHOD_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(EVP_PKEY_ASN1_METHOD, (st), (cmp))
+#define sk_EVP_PKEY_ASN1_METHOD_dup(st) SKM_sk_dup(EVP_PKEY_ASN1_METHOD, st)
+#define sk_EVP_PKEY_ASN1_METHOD_pop_free(st, free_func) SKM_sk_pop_free(EVP_PKEY_ASN1_METHOD, (st), (free_func))
+#define sk_EVP_PKEY_ASN1_METHOD_shift(st) SKM_sk_shift(EVP_PKEY_ASN1_METHOD, (st))
+#define sk_EVP_PKEY_ASN1_METHOD_pop(st) SKM_sk_pop(EVP_PKEY_ASN1_METHOD, (st))
+#define sk_EVP_PKEY_ASN1_METHOD_sort(st) SKM_sk_sort(EVP_PKEY_ASN1_METHOD, (st))
+#define sk_EVP_PKEY_ASN1_METHOD_is_sorted(st) SKM_sk_is_sorted(EVP_PKEY_ASN1_METHOD, (st))
+
+#define sk_EVP_PKEY_METHOD_new(cmp) SKM_sk_new(EVP_PKEY_METHOD, (cmp))
+#define sk_EVP_PKEY_METHOD_new_null() SKM_sk_new_null(EVP_PKEY_METHOD)
+#define sk_EVP_PKEY_METHOD_free(st) SKM_sk_free(EVP_PKEY_METHOD, (st))
+#define sk_EVP_PKEY_METHOD_num(st) SKM_sk_num(EVP_PKEY_METHOD, (st))
+#define sk_EVP_PKEY_METHOD_value(st, i) SKM_sk_value(EVP_PKEY_METHOD, (st), (i))
+#define sk_EVP_PKEY_METHOD_set(st, i, val) SKM_sk_set(EVP_PKEY_METHOD, (st), (i), (val))
+#define sk_EVP_PKEY_METHOD_zero(st) SKM_sk_zero(EVP_PKEY_METHOD, (st))
+#define sk_EVP_PKEY_METHOD_push(st, val) SKM_sk_push(EVP_PKEY_METHOD, (st), (val))
+#define sk_EVP_PKEY_METHOD_unshift(st, val) SKM_sk_unshift(EVP_PKEY_METHOD, (st), (val))
+#define sk_EVP_PKEY_METHOD_find(st, val) SKM_sk_find(EVP_PKEY_METHOD, (st), (val))
+#define sk_EVP_PKEY_METHOD_find_ex(st, val) SKM_sk_find_ex(EVP_PKEY_METHOD, (st), (val))
+#define sk_EVP_PKEY_METHOD_delete(st, i) SKM_sk_delete(EVP_PKEY_METHOD, (st), (i))
+#define sk_EVP_PKEY_METHOD_delete_ptr(st, ptr) SKM_sk_delete_ptr(EVP_PKEY_METHOD, (st), (ptr))
+#define sk_EVP_PKEY_METHOD_insert(st, val, i) SKM_sk_insert(EVP_PKEY_METHOD, (st), (val), (i))
+#define sk_EVP_PKEY_METHOD_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(EVP_PKEY_METHOD, (st), (cmp))
+#define sk_EVP_PKEY_METHOD_dup(st) SKM_sk_dup(EVP_PKEY_METHOD, st)
+#define sk_EVP_PKEY_METHOD_pop_free(st, free_func) SKM_sk_pop_free(EVP_PKEY_METHOD, (st), (free_func))
+#define sk_EVP_PKEY_METHOD_shift(st) SKM_sk_shift(EVP_PKEY_METHOD, (st))
+#define sk_EVP_PKEY_METHOD_pop(st) SKM_sk_pop(EVP_PKEY_METHOD, (st))
+#define sk_EVP_PKEY_METHOD_sort(st) SKM_sk_sort(EVP_PKEY_METHOD, (st))
+#define sk_EVP_PKEY_METHOD_is_sorted(st) SKM_sk_is_sorted(EVP_PKEY_METHOD, (st))
+
+#define sk_GENERAL_NAME_new(cmp) SKM_sk_new(GENERAL_NAME, (cmp))
 #define sk_GENERAL_NAME_new_null() SKM_sk_new_null(GENERAL_NAME)
 #define sk_GENERAL_NAME_free(st) SKM_sk_free(GENERAL_NAME, (st))
 #define sk_GENERAL_NAME_num(st) SKM_sk_num(GENERAL_NAME, (st))
@@ -583,7 +864,29 @@ STACK_OF(type) \
 #define sk_GENERAL_NAME_sort(st) SKM_sk_sort(GENERAL_NAME, (st))
 #define sk_GENERAL_NAME_is_sorted(st) SKM_sk_is_sorted(GENERAL_NAME, (st))
 
-#define sk_GENERAL_SUBTREE_new(st) SKM_sk_new(GENERAL_SUBTREE, (st))
+#define sk_GENERAL_NAMES_new(cmp) SKM_sk_new(GENERAL_NAMES, (cmp))
+#define sk_GENERAL_NAMES_new_null() SKM_sk_new_null(GENERAL_NAMES)
+#define sk_GENERAL_NAMES_free(st) SKM_sk_free(GENERAL_NAMES, (st))
+#define sk_GENERAL_NAMES_num(st) SKM_sk_num(GENERAL_NAMES, (st))
+#define sk_GENERAL_NAMES_value(st, i) SKM_sk_value(GENERAL_NAMES, (st), (i))
+#define sk_GENERAL_NAMES_set(st, i, val) SKM_sk_set(GENERAL_NAMES, (st), (i), (val))
+#define sk_GENERAL_NAMES_zero(st) SKM_sk_zero(GENERAL_NAMES, (st))
+#define sk_GENERAL_NAMES_push(st, val) SKM_sk_push(GENERAL_NAMES, (st), (val))
+#define sk_GENERAL_NAMES_unshift(st, val) SKM_sk_unshift(GENERAL_NAMES, (st), (val))
+#define sk_GENERAL_NAMES_find(st, val) SKM_sk_find(GENERAL_NAMES, (st), (val))
+#define sk_GENERAL_NAMES_find_ex(st, val) SKM_sk_find_ex(GENERAL_NAMES, (st), (val))
+#define sk_GENERAL_NAMES_delete(st, i) SKM_sk_delete(GENERAL_NAMES, (st), (i))
+#define sk_GENERAL_NAMES_delete_ptr(st, ptr) SKM_sk_delete_ptr(GENERAL_NAMES, (st), (ptr))
+#define sk_GENERAL_NAMES_insert(st, val, i) SKM_sk_insert(GENERAL_NAMES, (st), (val), (i))
+#define sk_GENERAL_NAMES_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(GENERAL_NAMES, (st), (cmp))
+#define sk_GENERAL_NAMES_dup(st) SKM_sk_dup(GENERAL_NAMES, st)
+#define sk_GENERAL_NAMES_pop_free(st, free_func) SKM_sk_pop_free(GENERAL_NAMES, (st), (free_func))
+#define sk_GENERAL_NAMES_shift(st) SKM_sk_shift(GENERAL_NAMES, (st))
+#define sk_GENERAL_NAMES_pop(st) SKM_sk_pop(GENERAL_NAMES, (st))
+#define sk_GENERAL_NAMES_sort(st) SKM_sk_sort(GENERAL_NAMES, (st))
+#define sk_GENERAL_NAMES_is_sorted(st) SKM_sk_is_sorted(GENERAL_NAMES, (st))
+
+#define sk_GENERAL_SUBTREE_new(cmp) SKM_sk_new(GENERAL_SUBTREE, (cmp))
 #define sk_GENERAL_SUBTREE_new_null() SKM_sk_new_null(GENERAL_SUBTREE)
 #define sk_GENERAL_SUBTREE_free(st) SKM_sk_free(GENERAL_SUBTREE, (st))
 #define sk_GENERAL_SUBTREE_num(st) SKM_sk_num(GENERAL_SUBTREE, (st))
@@ -605,7 +908,51 @@ STACK_OF(type) \
 #define sk_GENERAL_SUBTREE_sort(st) SKM_sk_sort(GENERAL_SUBTREE, (st))
 #define sk_GENERAL_SUBTREE_is_sorted(st) SKM_sk_is_sorted(GENERAL_SUBTREE, (st))
 
-#define sk_KRB5_APREQBODY_new(st) SKM_sk_new(KRB5_APREQBODY, (st))
+#define sk_IPAddressFamily_new(cmp) SKM_sk_new(IPAddressFamily, (cmp))
+#define sk_IPAddressFamily_new_null() SKM_sk_new_null(IPAddressFamily)
+#define sk_IPAddressFamily_free(st) SKM_sk_free(IPAddressFamily, (st))
+#define sk_IPAddressFamily_num(st) SKM_sk_num(IPAddressFamily, (st))
+#define sk_IPAddressFamily_value(st, i) SKM_sk_value(IPAddressFamily, (st), (i))
+#define sk_IPAddressFamily_set(st, i, val) SKM_sk_set(IPAddressFamily, (st), (i), (val))
+#define sk_IPAddressFamily_zero(st) SKM_sk_zero(IPAddressFamily, (st))
+#define sk_IPAddressFamily_push(st, val) SKM_sk_push(IPAddressFamily, (st), (val))
+#define sk_IPAddressFamily_unshift(st, val) SKM_sk_unshift(IPAddressFamily, (st), (val))
+#define sk_IPAddressFamily_find(st, val) SKM_sk_find(IPAddressFamily, (st), (val))
+#define sk_IPAddressFamily_find_ex(st, val) SKM_sk_find_ex(IPAddressFamily, (st), (val))
+#define sk_IPAddressFamily_delete(st, i) SKM_sk_delete(IPAddressFamily, (st), (i))
+#define sk_IPAddressFamily_delete_ptr(st, ptr) SKM_sk_delete_ptr(IPAddressFamily, (st), (ptr))
+#define sk_IPAddressFamily_insert(st, val, i) SKM_sk_insert(IPAddressFamily, (st), (val), (i))
+#define sk_IPAddressFamily_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(IPAddressFamily, (st), (cmp))
+#define sk_IPAddressFamily_dup(st) SKM_sk_dup(IPAddressFamily, st)
+#define sk_IPAddressFamily_pop_free(st, free_func) SKM_sk_pop_free(IPAddressFamily, (st), (free_func))
+#define sk_IPAddressFamily_shift(st) SKM_sk_shift(IPAddressFamily, (st))
+#define sk_IPAddressFamily_pop(st) SKM_sk_pop(IPAddressFamily, (st))
+#define sk_IPAddressFamily_sort(st) SKM_sk_sort(IPAddressFamily, (st))
+#define sk_IPAddressFamily_is_sorted(st) SKM_sk_is_sorted(IPAddressFamily, (st))
+
+#define sk_IPAddressOrRange_new(cmp) SKM_sk_new(IPAddressOrRange, (cmp))
+#define sk_IPAddressOrRange_new_null() SKM_sk_new_null(IPAddressOrRange)
+#define sk_IPAddressOrRange_free(st) SKM_sk_free(IPAddressOrRange, (st))
+#define sk_IPAddressOrRange_num(st) SKM_sk_num(IPAddressOrRange, (st))
+#define sk_IPAddressOrRange_value(st, i) SKM_sk_value(IPAddressOrRange, (st), (i))
+#define sk_IPAddressOrRange_set(st, i, val) SKM_sk_set(IPAddressOrRange, (st), (i), (val))
+#define sk_IPAddressOrRange_zero(st) SKM_sk_zero(IPAddressOrRange, (st))
+#define sk_IPAddressOrRange_push(st, val) SKM_sk_push(IPAddressOrRange, (st), (val))
+#define sk_IPAddressOrRange_unshift(st, val) SKM_sk_unshift(IPAddressOrRange, (st), (val))
+#define sk_IPAddressOrRange_find(st, val) SKM_sk_find(IPAddressOrRange, (st), (val))
+#define sk_IPAddressOrRange_find_ex(st, val) SKM_sk_find_ex(IPAddressOrRange, (st), (val))
+#define sk_IPAddressOrRange_delete(st, i) SKM_sk_delete(IPAddressOrRange, (st), (i))
+#define sk_IPAddressOrRange_delete_ptr(st, ptr) SKM_sk_delete_ptr(IPAddressOrRange, (st), (ptr))
+#define sk_IPAddressOrRange_insert(st, val, i) SKM_sk_insert(IPAddressOrRange, (st), (val), (i))
+#define sk_IPAddressOrRange_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(IPAddressOrRange, (st), (cmp))
+#define sk_IPAddressOrRange_dup(st) SKM_sk_dup(IPAddressOrRange, st)
+#define sk_IPAddressOrRange_pop_free(st, free_func) SKM_sk_pop_free(IPAddressOrRange, (st), (free_func))
+#define sk_IPAddressOrRange_shift(st) SKM_sk_shift(IPAddressOrRange, (st))
+#define sk_IPAddressOrRange_pop(st) SKM_sk_pop(IPAddressOrRange, (st))
+#define sk_IPAddressOrRange_sort(st) SKM_sk_sort(IPAddressOrRange, (st))
+#define sk_IPAddressOrRange_is_sorted(st) SKM_sk_is_sorted(IPAddressOrRange, (st))
+
+#define sk_KRB5_APREQBODY_new(cmp) SKM_sk_new(KRB5_APREQBODY, (cmp))
 #define sk_KRB5_APREQBODY_new_null() SKM_sk_new_null(KRB5_APREQBODY)
 #define sk_KRB5_APREQBODY_free(st) SKM_sk_free(KRB5_APREQBODY, (st))
 #define sk_KRB5_APREQBODY_num(st) SKM_sk_num(KRB5_APREQBODY, (st))
@@ -627,7 +974,7 @@ STACK_OF(type) \
 #define sk_KRB5_APREQBODY_sort(st) SKM_sk_sort(KRB5_APREQBODY, (st))
 #define sk_KRB5_APREQBODY_is_sorted(st) SKM_sk_is_sorted(KRB5_APREQBODY, (st))
 
-#define sk_KRB5_AUTHDATA_new(st) SKM_sk_new(KRB5_AUTHDATA, (st))
+#define sk_KRB5_AUTHDATA_new(cmp) SKM_sk_new(KRB5_AUTHDATA, (cmp))
 #define sk_KRB5_AUTHDATA_new_null() SKM_sk_new_null(KRB5_AUTHDATA)
 #define sk_KRB5_AUTHDATA_free(st) SKM_sk_free(KRB5_AUTHDATA, (st))
 #define sk_KRB5_AUTHDATA_num(st) SKM_sk_num(KRB5_AUTHDATA, (st))
@@ -649,7 +996,7 @@ STACK_OF(type) \
 #define sk_KRB5_AUTHDATA_sort(st) SKM_sk_sort(KRB5_AUTHDATA, (st))
 #define sk_KRB5_AUTHDATA_is_sorted(st) SKM_sk_is_sorted(KRB5_AUTHDATA, (st))
 
-#define sk_KRB5_AUTHENTBODY_new(st) SKM_sk_new(KRB5_AUTHENTBODY, (st))
+#define sk_KRB5_AUTHENTBODY_new(cmp) SKM_sk_new(KRB5_AUTHENTBODY, (cmp))
 #define sk_KRB5_AUTHENTBODY_new_null() SKM_sk_new_null(KRB5_AUTHENTBODY)
 #define sk_KRB5_AUTHENTBODY_free(st) SKM_sk_free(KRB5_AUTHENTBODY, (st))
 #define sk_KRB5_AUTHENTBODY_num(st) SKM_sk_num(KRB5_AUTHENTBODY, (st))
@@ -671,7 +1018,7 @@ STACK_OF(type) \
 #define sk_KRB5_AUTHENTBODY_sort(st) SKM_sk_sort(KRB5_AUTHENTBODY, (st))
 #define sk_KRB5_AUTHENTBODY_is_sorted(st) SKM_sk_is_sorted(KRB5_AUTHENTBODY, (st))
 
-#define sk_KRB5_CHECKSUM_new(st) SKM_sk_new(KRB5_CHECKSUM, (st))
+#define sk_KRB5_CHECKSUM_new(cmp) SKM_sk_new(KRB5_CHECKSUM, (cmp))
 #define sk_KRB5_CHECKSUM_new_null() SKM_sk_new_null(KRB5_CHECKSUM)
 #define sk_KRB5_CHECKSUM_free(st) SKM_sk_free(KRB5_CHECKSUM, (st))
 #define sk_KRB5_CHECKSUM_num(st) SKM_sk_num(KRB5_CHECKSUM, (st))
@@ -693,7 +1040,7 @@ STACK_OF(type) \
 #define sk_KRB5_CHECKSUM_sort(st) SKM_sk_sort(KRB5_CHECKSUM, (st))
 #define sk_KRB5_CHECKSUM_is_sorted(st) SKM_sk_is_sorted(KRB5_CHECKSUM, (st))
 
-#define sk_KRB5_ENCDATA_new(st) SKM_sk_new(KRB5_ENCDATA, (st))
+#define sk_KRB5_ENCDATA_new(cmp) SKM_sk_new(KRB5_ENCDATA, (cmp))
 #define sk_KRB5_ENCDATA_new_null() SKM_sk_new_null(KRB5_ENCDATA)
 #define sk_KRB5_ENCDATA_free(st) SKM_sk_free(KRB5_ENCDATA, (st))
 #define sk_KRB5_ENCDATA_num(st) SKM_sk_num(KRB5_ENCDATA, (st))
@@ -715,7 +1062,7 @@ STACK_OF(type) \
 #define sk_KRB5_ENCDATA_sort(st) SKM_sk_sort(KRB5_ENCDATA, (st))
 #define sk_KRB5_ENCDATA_is_sorted(st) SKM_sk_is_sorted(KRB5_ENCDATA, (st))
 
-#define sk_KRB5_ENCKEY_new(st) SKM_sk_new(KRB5_ENCKEY, (st))
+#define sk_KRB5_ENCKEY_new(cmp) SKM_sk_new(KRB5_ENCKEY, (cmp))
 #define sk_KRB5_ENCKEY_new_null() SKM_sk_new_null(KRB5_ENCKEY)
 #define sk_KRB5_ENCKEY_free(st) SKM_sk_free(KRB5_ENCKEY, (st))
 #define sk_KRB5_ENCKEY_num(st) SKM_sk_num(KRB5_ENCKEY, (st))
@@ -737,7 +1084,7 @@ STACK_OF(type) \
 #define sk_KRB5_ENCKEY_sort(st) SKM_sk_sort(KRB5_ENCKEY, (st))
 #define sk_KRB5_ENCKEY_is_sorted(st) SKM_sk_is_sorted(KRB5_ENCKEY, (st))
 
-#define sk_KRB5_PRINCNAME_new(st) SKM_sk_new(KRB5_PRINCNAME, (st))
+#define sk_KRB5_PRINCNAME_new(cmp) SKM_sk_new(KRB5_PRINCNAME, (cmp))
 #define sk_KRB5_PRINCNAME_new_null() SKM_sk_new_null(KRB5_PRINCNAME)
 #define sk_KRB5_PRINCNAME_free(st) SKM_sk_free(KRB5_PRINCNAME, (st))
 #define sk_KRB5_PRINCNAME_num(st) SKM_sk_num(KRB5_PRINCNAME, (st))
@@ -759,7 +1106,7 @@ STACK_OF(type) \
 #define sk_KRB5_PRINCNAME_sort(st) SKM_sk_sort(KRB5_PRINCNAME, (st))
 #define sk_KRB5_PRINCNAME_is_sorted(st) SKM_sk_is_sorted(KRB5_PRINCNAME, (st))
 
-#define sk_KRB5_TKTBODY_new(st) SKM_sk_new(KRB5_TKTBODY, (st))
+#define sk_KRB5_TKTBODY_new(cmp) SKM_sk_new(KRB5_TKTBODY, (cmp))
 #define sk_KRB5_TKTBODY_new_null() SKM_sk_new_null(KRB5_TKTBODY)
 #define sk_KRB5_TKTBODY_free(st) SKM_sk_free(KRB5_TKTBODY, (st))
 #define sk_KRB5_TKTBODY_num(st) SKM_sk_num(KRB5_TKTBODY, (st))
@@ -781,7 +1128,29 @@ STACK_OF(type) \
 #define sk_KRB5_TKTBODY_sort(st) SKM_sk_sort(KRB5_TKTBODY, (st))
 #define sk_KRB5_TKTBODY_is_sorted(st) SKM_sk_is_sorted(KRB5_TKTBODY, (st))
 
-#define sk_MIME_HEADER_new(st) SKM_sk_new(MIME_HEADER, (st))
+#define sk_MEM_OBJECT_DATA_new(cmp) SKM_sk_new(MEM_OBJECT_DATA, (cmp))
+#define sk_MEM_OBJECT_DATA_new_null() SKM_sk_new_null(MEM_OBJECT_DATA)
+#define sk_MEM_OBJECT_DATA_free(st) SKM_sk_free(MEM_OBJECT_DATA, (st))
+#define sk_MEM_OBJECT_DATA_num(st) SKM_sk_num(MEM_OBJECT_DATA, (st))
+#define sk_MEM_OBJECT_DATA_value(st, i) SKM_sk_value(MEM_OBJECT_DATA, (st), (i))
+#define sk_MEM_OBJECT_DATA_set(st, i, val) SKM_sk_set(MEM_OBJECT_DATA, (st), (i), (val))
+#define sk_MEM_OBJECT_DATA_zero(st) SKM_sk_zero(MEM_OBJECT_DATA, (st))
+#define sk_MEM_OBJECT_DATA_push(st, val) SKM_sk_push(MEM_OBJECT_DATA, (st), (val))
+#define sk_MEM_OBJECT_DATA_unshift(st, val) SKM_sk_unshift(MEM_OBJECT_DATA, (st), (val))
+#define sk_MEM_OBJECT_DATA_find(st, val) SKM_sk_find(MEM_OBJECT_DATA, (st), (val))
+#define sk_MEM_OBJECT_DATA_find_ex(st, val) SKM_sk_find_ex(MEM_OBJECT_DATA, (st), (val))
+#define sk_MEM_OBJECT_DATA_delete(st, i) SKM_sk_delete(MEM_OBJECT_DATA, (st), (i))
+#define sk_MEM_OBJECT_DATA_delete_ptr(st, ptr) SKM_sk_delete_ptr(MEM_OBJECT_DATA, (st), (ptr))
+#define sk_MEM_OBJECT_DATA_insert(st, val, i) SKM_sk_insert(MEM_OBJECT_DATA, (st), (val), (i))
+#define sk_MEM_OBJECT_DATA_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(MEM_OBJECT_DATA, (st), (cmp))
+#define sk_MEM_OBJECT_DATA_dup(st) SKM_sk_dup(MEM_OBJECT_DATA, st)
+#define sk_MEM_OBJECT_DATA_pop_free(st, free_func) SKM_sk_pop_free(MEM_OBJECT_DATA, (st), (free_func))
+#define sk_MEM_OBJECT_DATA_shift(st) SKM_sk_shift(MEM_OBJECT_DATA, (st))
+#define sk_MEM_OBJECT_DATA_pop(st) SKM_sk_pop(MEM_OBJECT_DATA, (st))
+#define sk_MEM_OBJECT_DATA_sort(st) SKM_sk_sort(MEM_OBJECT_DATA, (st))
+#define sk_MEM_OBJECT_DATA_is_sorted(st) SKM_sk_is_sorted(MEM_OBJECT_DATA, (st))
+
+#define sk_MIME_HEADER_new(cmp) SKM_sk_new(MIME_HEADER, (cmp))
 #define sk_MIME_HEADER_new_null() SKM_sk_new_null(MIME_HEADER)
 #define sk_MIME_HEADER_free(st) SKM_sk_free(MIME_HEADER, (st))
 #define sk_MIME_HEADER_num(st) SKM_sk_num(MIME_HEADER, (st))
@@ -803,7 +1172,7 @@ STACK_OF(type) \
 #define sk_MIME_HEADER_sort(st) SKM_sk_sort(MIME_HEADER, (st))
 #define sk_MIME_HEADER_is_sorted(st) SKM_sk_is_sorted(MIME_HEADER, (st))
 
-#define sk_MIME_PARAM_new(st) SKM_sk_new(MIME_PARAM, (st))
+#define sk_MIME_PARAM_new(cmp) SKM_sk_new(MIME_PARAM, (cmp))
 #define sk_MIME_PARAM_new_null() SKM_sk_new_null(MIME_PARAM)
 #define sk_MIME_PARAM_free(st) SKM_sk_free(MIME_PARAM, (st))
 #define sk_MIME_PARAM_num(st) SKM_sk_num(MIME_PARAM, (st))
@@ -825,7 +1194,7 @@ STACK_OF(type) \
 #define sk_MIME_PARAM_sort(st) SKM_sk_sort(MIME_PARAM, (st))
 #define sk_MIME_PARAM_is_sorted(st) SKM_sk_is_sorted(MIME_PARAM, (st))
 
-#define sk_NAME_FUNCS_new(st) SKM_sk_new(NAME_FUNCS, (st))
+#define sk_NAME_FUNCS_new(cmp) SKM_sk_new(NAME_FUNCS, (cmp))
 #define sk_NAME_FUNCS_new_null() SKM_sk_new_null(NAME_FUNCS)
 #define sk_NAME_FUNCS_free(st) SKM_sk_free(NAME_FUNCS, (st))
 #define sk_NAME_FUNCS_num(st) SKM_sk_num(NAME_FUNCS, (st))
@@ -847,7 +1216,7 @@ STACK_OF(type) \
 #define sk_NAME_FUNCS_sort(st) SKM_sk_sort(NAME_FUNCS, (st))
 #define sk_NAME_FUNCS_is_sorted(st) SKM_sk_is_sorted(NAME_FUNCS, (st))
 
-#define sk_OCSP_CERTID_new(st) SKM_sk_new(OCSP_CERTID, (st))
+#define sk_OCSP_CERTID_new(cmp) SKM_sk_new(OCSP_CERTID, (cmp))
 #define sk_OCSP_CERTID_new_null() SKM_sk_new_null(OCSP_CERTID)
 #define sk_OCSP_CERTID_free(st) SKM_sk_free(OCSP_CERTID, (st))
 #define sk_OCSP_CERTID_num(st) SKM_sk_num(OCSP_CERTID, (st))
@@ -869,7 +1238,7 @@ STACK_OF(type) \
 #define sk_OCSP_CERTID_sort(st) SKM_sk_sort(OCSP_CERTID, (st))
 #define sk_OCSP_CERTID_is_sorted(st) SKM_sk_is_sorted(OCSP_CERTID, (st))
 
-#define sk_OCSP_ONEREQ_new(st) SKM_sk_new(OCSP_ONEREQ, (st))
+#define sk_OCSP_ONEREQ_new(cmp) SKM_sk_new(OCSP_ONEREQ, (cmp))
 #define sk_OCSP_ONEREQ_new_null() SKM_sk_new_null(OCSP_ONEREQ)
 #define sk_OCSP_ONEREQ_free(st) SKM_sk_free(OCSP_ONEREQ, (st))
 #define sk_OCSP_ONEREQ_num(st) SKM_sk_num(OCSP_ONEREQ, (st))
@@ -891,7 +1260,29 @@ STACK_OF(type) \
 #define sk_OCSP_ONEREQ_sort(st) SKM_sk_sort(OCSP_ONEREQ, (st))
 #define sk_OCSP_ONEREQ_is_sorted(st) SKM_sk_is_sorted(OCSP_ONEREQ, (st))
 
-#define sk_OCSP_SINGLERESP_new(st) SKM_sk_new(OCSP_SINGLERESP, (st))
+#define sk_OCSP_RESPID_new(cmp) SKM_sk_new(OCSP_RESPID, (cmp))
+#define sk_OCSP_RESPID_new_null() SKM_sk_new_null(OCSP_RESPID)
+#define sk_OCSP_RESPID_free(st) SKM_sk_free(OCSP_RESPID, (st))
+#define sk_OCSP_RESPID_num(st) SKM_sk_num(OCSP_RESPID, (st))
+#define sk_OCSP_RESPID_value(st, i) SKM_sk_value(OCSP_RESPID, (st), (i))
+#define sk_OCSP_RESPID_set(st, i, val) SKM_sk_set(OCSP_RESPID, (st), (i), (val))
+#define sk_OCSP_RESPID_zero(st) SKM_sk_zero(OCSP_RESPID, (st))
+#define sk_OCSP_RESPID_push(st, val) SKM_sk_push(OCSP_RESPID, (st), (val))
+#define sk_OCSP_RESPID_unshift(st, val) SKM_sk_unshift(OCSP_RESPID, (st), (val))
+#define sk_OCSP_RESPID_find(st, val) SKM_sk_find(OCSP_RESPID, (st), (val))
+#define sk_OCSP_RESPID_find_ex(st, val) SKM_sk_find_ex(OCSP_RESPID, (st), (val))
+#define sk_OCSP_RESPID_delete(st, i) SKM_sk_delete(OCSP_RESPID, (st), (i))
+#define sk_OCSP_RESPID_delete_ptr(st, ptr) SKM_sk_delete_ptr(OCSP_RESPID, (st), (ptr))
+#define sk_OCSP_RESPID_insert(st, val, i) SKM_sk_insert(OCSP_RESPID, (st), (val), (i))
+#define sk_OCSP_RESPID_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(OCSP_RESPID, (st), (cmp))
+#define sk_OCSP_RESPID_dup(st) SKM_sk_dup(OCSP_RESPID, st)
+#define sk_OCSP_RESPID_pop_free(st, free_func) SKM_sk_pop_free(OCSP_RESPID, (st), (free_func))
+#define sk_OCSP_RESPID_shift(st) SKM_sk_shift(OCSP_RESPID, (st))
+#define sk_OCSP_RESPID_pop(st) SKM_sk_pop(OCSP_RESPID, (st))
+#define sk_OCSP_RESPID_sort(st) SKM_sk_sort(OCSP_RESPID, (st))
+#define sk_OCSP_RESPID_is_sorted(st) SKM_sk_is_sorted(OCSP_RESPID, (st))
+
+#define sk_OCSP_SINGLERESP_new(cmp) SKM_sk_new(OCSP_SINGLERESP, (cmp))
 #define sk_OCSP_SINGLERESP_new_null() SKM_sk_new_null(OCSP_SINGLERESP)
 #define sk_OCSP_SINGLERESP_free(st) SKM_sk_free(OCSP_SINGLERESP, (st))
 #define sk_OCSP_SINGLERESP_num(st) SKM_sk_num(OCSP_SINGLERESP, (st))
@@ -913,7 +1304,7 @@ STACK_OF(type) \
 #define sk_OCSP_SINGLERESP_sort(st) SKM_sk_sort(OCSP_SINGLERESP, (st))
 #define sk_OCSP_SINGLERESP_is_sorted(st) SKM_sk_is_sorted(OCSP_SINGLERESP, (st))
 
-#define sk_PKCS12_SAFEBAG_new(st) SKM_sk_new(PKCS12_SAFEBAG, (st))
+#define sk_PKCS12_SAFEBAG_new(cmp) SKM_sk_new(PKCS12_SAFEBAG, (cmp))
 #define sk_PKCS12_SAFEBAG_new_null() SKM_sk_new_null(PKCS12_SAFEBAG)
 #define sk_PKCS12_SAFEBAG_free(st) SKM_sk_free(PKCS12_SAFEBAG, (st))
 #define sk_PKCS12_SAFEBAG_num(st) SKM_sk_num(PKCS12_SAFEBAG, (st))
@@ -935,7 +1326,7 @@ STACK_OF(type) \
 #define sk_PKCS12_SAFEBAG_sort(st) SKM_sk_sort(PKCS12_SAFEBAG, (st))
 #define sk_PKCS12_SAFEBAG_is_sorted(st) SKM_sk_is_sorted(PKCS12_SAFEBAG, (st))
 
-#define sk_PKCS7_new(st) SKM_sk_new(PKCS7, (st))
+#define sk_PKCS7_new(cmp) SKM_sk_new(PKCS7, (cmp))
 #define sk_PKCS7_new_null() SKM_sk_new_null(PKCS7)
 #define sk_PKCS7_free(st) SKM_sk_free(PKCS7, (st))
 #define sk_PKCS7_num(st) SKM_sk_num(PKCS7, (st))
@@ -957,7 +1348,7 @@ STACK_OF(type) \
 #define sk_PKCS7_sort(st) SKM_sk_sort(PKCS7, (st))
 #define sk_PKCS7_is_sorted(st) SKM_sk_is_sorted(PKCS7, (st))
 
-#define sk_PKCS7_RECIP_INFO_new(st) SKM_sk_new(PKCS7_RECIP_INFO, (st))
+#define sk_PKCS7_RECIP_INFO_new(cmp) SKM_sk_new(PKCS7_RECIP_INFO, (cmp))
 #define sk_PKCS7_RECIP_INFO_new_null() SKM_sk_new_null(PKCS7_RECIP_INFO)
 #define sk_PKCS7_RECIP_INFO_free(st) SKM_sk_free(PKCS7_RECIP_INFO, (st))
 #define sk_PKCS7_RECIP_INFO_num(st) SKM_sk_num(PKCS7_RECIP_INFO, (st))
@@ -979,7 +1370,7 @@ STACK_OF(type) \
 #define sk_PKCS7_RECIP_INFO_sort(st) SKM_sk_sort(PKCS7_RECIP_INFO, (st))
 #define sk_PKCS7_RECIP_INFO_is_sorted(st) SKM_sk_is_sorted(PKCS7_RECIP_INFO, (st))
 
-#define sk_PKCS7_SIGNER_INFO_new(st) SKM_sk_new(PKCS7_SIGNER_INFO, (st))
+#define sk_PKCS7_SIGNER_INFO_new(cmp) SKM_sk_new(PKCS7_SIGNER_INFO, (cmp))
 #define sk_PKCS7_SIGNER_INFO_new_null() SKM_sk_new_null(PKCS7_SIGNER_INFO)
 #define sk_PKCS7_SIGNER_INFO_free(st) SKM_sk_free(PKCS7_SIGNER_INFO, (st))
 #define sk_PKCS7_SIGNER_INFO_num(st) SKM_sk_num(PKCS7_SIGNER_INFO, (st))
@@ -1001,7 +1392,7 @@ STACK_OF(type) \
 #define sk_PKCS7_SIGNER_INFO_sort(st) SKM_sk_sort(PKCS7_SIGNER_INFO, (st))
 #define sk_PKCS7_SIGNER_INFO_is_sorted(st) SKM_sk_is_sorted(PKCS7_SIGNER_INFO, (st))
 
-#define sk_POLICYINFO_new(st) SKM_sk_new(POLICYINFO, (st))
+#define sk_POLICYINFO_new(cmp) SKM_sk_new(POLICYINFO, (cmp))
 #define sk_POLICYINFO_new_null() SKM_sk_new_null(POLICYINFO)
 #define sk_POLICYINFO_free(st) SKM_sk_free(POLICYINFO, (st))
 #define sk_POLICYINFO_num(st) SKM_sk_num(POLICYINFO, (st))
@@ -1023,7 +1414,7 @@ STACK_OF(type) \
 #define sk_POLICYINFO_sort(st) SKM_sk_sort(POLICYINFO, (st))
 #define sk_POLICYINFO_is_sorted(st) SKM_sk_is_sorted(POLICYINFO, (st))
 
-#define sk_POLICYQUALINFO_new(st) SKM_sk_new(POLICYQUALINFO, (st))
+#define sk_POLICYQUALINFO_new(cmp) SKM_sk_new(POLICYQUALINFO, (cmp))
 #define sk_POLICYQUALINFO_new_null() SKM_sk_new_null(POLICYQUALINFO)
 #define sk_POLICYQUALINFO_free(st) SKM_sk_free(POLICYQUALINFO, (st))
 #define sk_POLICYQUALINFO_num(st) SKM_sk_num(POLICYQUALINFO, (st))
@@ -1045,7 +1436,7 @@ STACK_OF(type) \
 #define sk_POLICYQUALINFO_sort(st) SKM_sk_sort(POLICYQUALINFO, (st))
 #define sk_POLICYQUALINFO_is_sorted(st) SKM_sk_is_sorted(POLICYQUALINFO, (st))
 
-#define sk_POLICY_MAPPING_new(st) SKM_sk_new(POLICY_MAPPING, (st))
+#define sk_POLICY_MAPPING_new(cmp) SKM_sk_new(POLICY_MAPPING, (cmp))
 #define sk_POLICY_MAPPING_new_null() SKM_sk_new_null(POLICY_MAPPING)
 #define sk_POLICY_MAPPING_free(st) SKM_sk_free(POLICY_MAPPING, (st))
 #define sk_POLICY_MAPPING_num(st) SKM_sk_num(POLICY_MAPPING, (st))
@@ -1067,7 +1458,7 @@ STACK_OF(type) \
 #define sk_POLICY_MAPPING_sort(st) SKM_sk_sort(POLICY_MAPPING, (st))
 #define sk_POLICY_MAPPING_is_sorted(st) SKM_sk_is_sorted(POLICY_MAPPING, (st))
 
-#define sk_SSL_CIPHER_new(st) SKM_sk_new(SSL_CIPHER, (st))
+#define sk_SSL_CIPHER_new(cmp) SKM_sk_new(SSL_CIPHER, (cmp))
 #define sk_SSL_CIPHER_new_null() SKM_sk_new_null(SSL_CIPHER)
 #define sk_SSL_CIPHER_free(st) SKM_sk_free(SSL_CIPHER, (st))
 #define sk_SSL_CIPHER_num(st) SKM_sk_num(SSL_CIPHER, (st))
@@ -1089,7 +1480,7 @@ STACK_OF(type) \
 #define sk_SSL_CIPHER_sort(st) SKM_sk_sort(SSL_CIPHER, (st))
 #define sk_SSL_CIPHER_is_sorted(st) SKM_sk_is_sorted(SSL_CIPHER, (st))
 
-#define sk_SSL_COMP_new(st) SKM_sk_new(SSL_COMP, (st))
+#define sk_SSL_COMP_new(cmp) SKM_sk_new(SSL_COMP, (cmp))
 #define sk_SSL_COMP_new_null() SKM_sk_new_null(SSL_COMP)
 #define sk_SSL_COMP_free(st) SKM_sk_free(SSL_COMP, (st))
 #define sk_SSL_COMP_num(st) SKM_sk_num(SSL_COMP, (st))
@@ -1111,7 +1502,51 @@ STACK_OF(type) \
 #define sk_SSL_COMP_sort(st) SKM_sk_sort(SSL_COMP, (st))
 #define sk_SSL_COMP_is_sorted(st) SKM_sk_is_sorted(SSL_COMP, (st))
 
-#define sk_STORE_OBJECT_new(st) SKM_sk_new(STORE_OBJECT, (st))
+#define sk_STACK_OF_X509_NAME_ENTRY_new(cmp) SKM_sk_new(STACK_OF_X509_NAME_ENTRY, (cmp))
+#define sk_STACK_OF_X509_NAME_ENTRY_new_null() SKM_sk_new_null(STACK_OF_X509_NAME_ENTRY)
+#define sk_STACK_OF_X509_NAME_ENTRY_free(st) SKM_sk_free(STACK_OF_X509_NAME_ENTRY, (st))
+#define sk_STACK_OF_X509_NAME_ENTRY_num(st) SKM_sk_num(STACK_OF_X509_NAME_ENTRY, (st))
+#define sk_STACK_OF_X509_NAME_ENTRY_value(st, i) SKM_sk_value(STACK_OF_X509_NAME_ENTRY, (st), (i))
+#define sk_STACK_OF_X509_NAME_ENTRY_set(st, i, val) SKM_sk_set(STACK_OF_X509_NAME_ENTRY, (st), (i), (val))
+#define sk_STACK_OF_X509_NAME_ENTRY_zero(st) SKM_sk_zero(STACK_OF_X509_NAME_ENTRY, (st))
+#define sk_STACK_OF_X509_NAME_ENTRY_push(st, val) SKM_sk_push(STACK_OF_X509_NAME_ENTRY, (st), (val))
+#define sk_STACK_OF_X509_NAME_ENTRY_unshift(st, val) SKM_sk_unshift(STACK_OF_X509_NAME_ENTRY, (st), (val))
+#define sk_STACK_OF_X509_NAME_ENTRY_find(st, val) SKM_sk_find(STACK_OF_X509_NAME_ENTRY, (st), (val))
+#define sk_STACK_OF_X509_NAME_ENTRY_find_ex(st, val) SKM_sk_find_ex(STACK_OF_X509_NAME_ENTRY, (st), (val))
+#define sk_STACK_OF_X509_NAME_ENTRY_delete(st, i) SKM_sk_delete(STACK_OF_X509_NAME_ENTRY, (st), (i))
+#define sk_STACK_OF_X509_NAME_ENTRY_delete_ptr(st, ptr) SKM_sk_delete_ptr(STACK_OF_X509_NAME_ENTRY, (st), (ptr))
+#define sk_STACK_OF_X509_NAME_ENTRY_insert(st, val, i) SKM_sk_insert(STACK_OF_X509_NAME_ENTRY, (st), (val), (i))
+#define sk_STACK_OF_X509_NAME_ENTRY_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(STACK_OF_X509_NAME_ENTRY, (st), (cmp))
+#define sk_STACK_OF_X509_NAME_ENTRY_dup(st) SKM_sk_dup(STACK_OF_X509_NAME_ENTRY, st)
+#define sk_STACK_OF_X509_NAME_ENTRY_pop_free(st, free_func) SKM_sk_pop_free(STACK_OF_X509_NAME_ENTRY, (st), (free_func))
+#define sk_STACK_OF_X509_NAME_ENTRY_shift(st) SKM_sk_shift(STACK_OF_X509_NAME_ENTRY, (st))
+#define sk_STACK_OF_X509_NAME_ENTRY_pop(st) SKM_sk_pop(STACK_OF_X509_NAME_ENTRY, (st))
+#define sk_STACK_OF_X509_NAME_ENTRY_sort(st) SKM_sk_sort(STACK_OF_X509_NAME_ENTRY, (st))
+#define sk_STACK_OF_X509_NAME_ENTRY_is_sorted(st) SKM_sk_is_sorted(STACK_OF_X509_NAME_ENTRY, (st))
+
+#define sk_STORE_ATTR_INFO_new(cmp) SKM_sk_new(STORE_ATTR_INFO, (cmp))
+#define sk_STORE_ATTR_INFO_new_null() SKM_sk_new_null(STORE_ATTR_INFO)
+#define sk_STORE_ATTR_INFO_free(st) SKM_sk_free(STORE_ATTR_INFO, (st))
+#define sk_STORE_ATTR_INFO_num(st) SKM_sk_num(STORE_ATTR_INFO, (st))
+#define sk_STORE_ATTR_INFO_value(st, i) SKM_sk_value(STORE_ATTR_INFO, (st), (i))
+#define sk_STORE_ATTR_INFO_set(st, i, val) SKM_sk_set(STORE_ATTR_INFO, (st), (i), (val))
+#define sk_STORE_ATTR_INFO_zero(st) SKM_sk_zero(STORE_ATTR_INFO, (st))
+#define sk_STORE_ATTR_INFO_push(st, val) SKM_sk_push(STORE_ATTR_INFO, (st), (val))
+#define sk_STORE_ATTR_INFO_unshift(st, val) SKM_sk_unshift(STORE_ATTR_INFO, (st), (val))
+#define sk_STORE_ATTR_INFO_find(st, val) SKM_sk_find(STORE_ATTR_INFO, (st), (val))
+#define sk_STORE_ATTR_INFO_find_ex(st, val) SKM_sk_find_ex(STORE_ATTR_INFO, (st), (val))
+#define sk_STORE_ATTR_INFO_delete(st, i) SKM_sk_delete(STORE_ATTR_INFO, (st), (i))
+#define sk_STORE_ATTR_INFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(STORE_ATTR_INFO, (st), (ptr))
+#define sk_STORE_ATTR_INFO_insert(st, val, i) SKM_sk_insert(STORE_ATTR_INFO, (st), (val), (i))
+#define sk_STORE_ATTR_INFO_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(STORE_ATTR_INFO, (st), (cmp))
+#define sk_STORE_ATTR_INFO_dup(st) SKM_sk_dup(STORE_ATTR_INFO, st)
+#define sk_STORE_ATTR_INFO_pop_free(st, free_func) SKM_sk_pop_free(STORE_ATTR_INFO, (st), (free_func))
+#define sk_STORE_ATTR_INFO_shift(st) SKM_sk_shift(STORE_ATTR_INFO, (st))
+#define sk_STORE_ATTR_INFO_pop(st) SKM_sk_pop(STORE_ATTR_INFO, (st))
+#define sk_STORE_ATTR_INFO_sort(st) SKM_sk_sort(STORE_ATTR_INFO, (st))
+#define sk_STORE_ATTR_INFO_is_sorted(st) SKM_sk_is_sorted(STORE_ATTR_INFO, (st))
+
+#define sk_STORE_OBJECT_new(cmp) SKM_sk_new(STORE_OBJECT, (cmp))
 #define sk_STORE_OBJECT_new_null() SKM_sk_new_null(STORE_OBJECT)
 #define sk_STORE_OBJECT_free(st) SKM_sk_free(STORE_OBJECT, (st))
 #define sk_STORE_OBJECT_num(st) SKM_sk_num(STORE_OBJECT, (st))
@@ -1133,7 +1568,7 @@ STACK_OF(type) \
 #define sk_STORE_OBJECT_sort(st) SKM_sk_sort(STORE_OBJECT, (st))
 #define sk_STORE_OBJECT_is_sorted(st) SKM_sk_is_sorted(STORE_OBJECT, (st))
 
-#define sk_SXNETID_new(st) SKM_sk_new(SXNETID, (st))
+#define sk_SXNETID_new(cmp) SKM_sk_new(SXNETID, (cmp))
 #define sk_SXNETID_new_null() SKM_sk_new_null(SXNETID)
 #define sk_SXNETID_free(st) SKM_sk_free(SXNETID, (st))
 #define sk_SXNETID_num(st) SKM_sk_num(SXNETID, (st))
@@ -1155,7 +1590,7 @@ STACK_OF(type) \
 #define sk_SXNETID_sort(st) SKM_sk_sort(SXNETID, (st))
 #define sk_SXNETID_is_sorted(st) SKM_sk_is_sorted(SXNETID, (st))
 
-#define sk_UI_STRING_new(st) SKM_sk_new(UI_STRING, (st))
+#define sk_UI_STRING_new(cmp) SKM_sk_new(UI_STRING, (cmp))
 #define sk_UI_STRING_new_null() SKM_sk_new_null(UI_STRING)
 #define sk_UI_STRING_free(st) SKM_sk_free(UI_STRING, (st))
 #define sk_UI_STRING_num(st) SKM_sk_num(UI_STRING, (st))
@@ -1177,7 +1612,7 @@ STACK_OF(type) \
 #define sk_UI_STRING_sort(st) SKM_sk_sort(UI_STRING, (st))
 #define sk_UI_STRING_is_sorted(st) SKM_sk_is_sorted(UI_STRING, (st))
 
-#define sk_X509_new(st) SKM_sk_new(X509, (st))
+#define sk_X509_new(cmp) SKM_sk_new(X509, (cmp))
 #define sk_X509_new_null() SKM_sk_new_null(X509)
 #define sk_X509_free(st) SKM_sk_free(X509, (st))
 #define sk_X509_num(st) SKM_sk_num(X509, (st))
@@ -1199,7 +1634,7 @@ STACK_OF(type) \
 #define sk_X509_sort(st) SKM_sk_sort(X509, (st))
 #define sk_X509_is_sorted(st) SKM_sk_is_sorted(X509, (st))
 
-#define sk_X509V3_EXT_METHOD_new(st) SKM_sk_new(X509V3_EXT_METHOD, (st))
+#define sk_X509V3_EXT_METHOD_new(cmp) SKM_sk_new(X509V3_EXT_METHOD, (cmp))
 #define sk_X509V3_EXT_METHOD_new_null() SKM_sk_new_null(X509V3_EXT_METHOD)
 #define sk_X509V3_EXT_METHOD_free(st) SKM_sk_free(X509V3_EXT_METHOD, (st))
 #define sk_X509V3_EXT_METHOD_num(st) SKM_sk_num(X509V3_EXT_METHOD, (st))
@@ -1221,7 +1656,7 @@ STACK_OF(type) \
 #define sk_X509V3_EXT_METHOD_sort(st) SKM_sk_sort(X509V3_EXT_METHOD, (st))
 #define sk_X509V3_EXT_METHOD_is_sorted(st) SKM_sk_is_sorted(X509V3_EXT_METHOD, (st))
 
-#define sk_X509_ALGOR_new(st) SKM_sk_new(X509_ALGOR, (st))
+#define sk_X509_ALGOR_new(cmp) SKM_sk_new(X509_ALGOR, (cmp))
 #define sk_X509_ALGOR_new_null() SKM_sk_new_null(X509_ALGOR)
 #define sk_X509_ALGOR_free(st) SKM_sk_free(X509_ALGOR, (st))
 #define sk_X509_ALGOR_num(st) SKM_sk_num(X509_ALGOR, (st))
@@ -1243,7 +1678,7 @@ STACK_OF(type) \
 #define sk_X509_ALGOR_sort(st) SKM_sk_sort(X509_ALGOR, (st))
 #define sk_X509_ALGOR_is_sorted(st) SKM_sk_is_sorted(X509_ALGOR, (st))
 
-#define sk_X509_ATTRIBUTE_new(st) SKM_sk_new(X509_ATTRIBUTE, (st))
+#define sk_X509_ATTRIBUTE_new(cmp) SKM_sk_new(X509_ATTRIBUTE, (cmp))
 #define sk_X509_ATTRIBUTE_new_null() SKM_sk_new_null(X509_ATTRIBUTE)
 #define sk_X509_ATTRIBUTE_free(st) SKM_sk_free(X509_ATTRIBUTE, (st))
 #define sk_X509_ATTRIBUTE_num(st) SKM_sk_num(X509_ATTRIBUTE, (st))
@@ -1265,7 +1700,7 @@ STACK_OF(type) \
 #define sk_X509_ATTRIBUTE_sort(st) SKM_sk_sort(X509_ATTRIBUTE, (st))
 #define sk_X509_ATTRIBUTE_is_sorted(st) SKM_sk_is_sorted(X509_ATTRIBUTE, (st))
 
-#define sk_X509_CRL_new(st) SKM_sk_new(X509_CRL, (st))
+#define sk_X509_CRL_new(cmp) SKM_sk_new(X509_CRL, (cmp))
 #define sk_X509_CRL_new_null() SKM_sk_new_null(X509_CRL)
 #define sk_X509_CRL_free(st) SKM_sk_free(X509_CRL, (st))
 #define sk_X509_CRL_num(st) SKM_sk_num(X509_CRL, (st))
@@ -1287,7 +1722,7 @@ STACK_OF(type) \
 #define sk_X509_CRL_sort(st) SKM_sk_sort(X509_CRL, (st))
 #define sk_X509_CRL_is_sorted(st) SKM_sk_is_sorted(X509_CRL, (st))
 
-#define sk_X509_EXTENSION_new(st) SKM_sk_new(X509_EXTENSION, (st))
+#define sk_X509_EXTENSION_new(cmp) SKM_sk_new(X509_EXTENSION, (cmp))
 #define sk_X509_EXTENSION_new_null() SKM_sk_new_null(X509_EXTENSION)
 #define sk_X509_EXTENSION_free(st) SKM_sk_free(X509_EXTENSION, (st))
 #define sk_X509_EXTENSION_num(st) SKM_sk_num(X509_EXTENSION, (st))
@@ -1309,7 +1744,7 @@ STACK_OF(type) \
 #define sk_X509_EXTENSION_sort(st) SKM_sk_sort(X509_EXTENSION, (st))
 #define sk_X509_EXTENSION_is_sorted(st) SKM_sk_is_sorted(X509_EXTENSION, (st))
 
-#define sk_X509_INFO_new(st) SKM_sk_new(X509_INFO, (st))
+#define sk_X509_INFO_new(cmp) SKM_sk_new(X509_INFO, (cmp))
 #define sk_X509_INFO_new_null() SKM_sk_new_null(X509_INFO)
 #define sk_X509_INFO_free(st) SKM_sk_free(X509_INFO, (st))
 #define sk_X509_INFO_num(st) SKM_sk_num(X509_INFO, (st))
@@ -1331,7 +1766,7 @@ STACK_OF(type) \
 #define sk_X509_INFO_sort(st) SKM_sk_sort(X509_INFO, (st))
 #define sk_X509_INFO_is_sorted(st) SKM_sk_is_sorted(X509_INFO, (st))
 
-#define sk_X509_LOOKUP_new(st) SKM_sk_new(X509_LOOKUP, (st))
+#define sk_X509_LOOKUP_new(cmp) SKM_sk_new(X509_LOOKUP, (cmp))
 #define sk_X509_LOOKUP_new_null() SKM_sk_new_null(X509_LOOKUP)
 #define sk_X509_LOOKUP_free(st) SKM_sk_free(X509_LOOKUP, (st))
 #define sk_X509_LOOKUP_num(st) SKM_sk_num(X509_LOOKUP, (st))
@@ -1353,7 +1788,7 @@ STACK_OF(type) \
 #define sk_X509_LOOKUP_sort(st) SKM_sk_sort(X509_LOOKUP, (st))
 #define sk_X509_LOOKUP_is_sorted(st) SKM_sk_is_sorted(X509_LOOKUP, (st))
 
-#define sk_X509_NAME_new(st) SKM_sk_new(X509_NAME, (st))
+#define sk_X509_NAME_new(cmp) SKM_sk_new(X509_NAME, (cmp))
 #define sk_X509_NAME_new_null() SKM_sk_new_null(X509_NAME)
 #define sk_X509_NAME_free(st) SKM_sk_free(X509_NAME, (st))
 #define sk_X509_NAME_num(st) SKM_sk_num(X509_NAME, (st))
@@ -1375,7 +1810,7 @@ STACK_OF(type) \
 #define sk_X509_NAME_sort(st) SKM_sk_sort(X509_NAME, (st))
 #define sk_X509_NAME_is_sorted(st) SKM_sk_is_sorted(X509_NAME, (st))
 
-#define sk_X509_NAME_ENTRY_new(st) SKM_sk_new(X509_NAME_ENTRY, (st))
+#define sk_X509_NAME_ENTRY_new(cmp) SKM_sk_new(X509_NAME_ENTRY, (cmp))
 #define sk_X509_NAME_ENTRY_new_null() SKM_sk_new_null(X509_NAME_ENTRY)
 #define sk_X509_NAME_ENTRY_free(st) SKM_sk_free(X509_NAME_ENTRY, (st))
 #define sk_X509_NAME_ENTRY_num(st) SKM_sk_num(X509_NAME_ENTRY, (st))
@@ -1397,7 +1832,7 @@ STACK_OF(type) \
 #define sk_X509_NAME_ENTRY_sort(st) SKM_sk_sort(X509_NAME_ENTRY, (st))
 #define sk_X509_NAME_ENTRY_is_sorted(st) SKM_sk_is_sorted(X509_NAME_ENTRY, (st))
 
-#define sk_X509_OBJECT_new(st) SKM_sk_new(X509_OBJECT, (st))
+#define sk_X509_OBJECT_new(cmp) SKM_sk_new(X509_OBJECT, (cmp))
 #define sk_X509_OBJECT_new_null() SKM_sk_new_null(X509_OBJECT)
 #define sk_X509_OBJECT_free(st) SKM_sk_free(X509_OBJECT, (st))
 #define sk_X509_OBJECT_num(st) SKM_sk_num(X509_OBJECT, (st))
@@ -1419,7 +1854,7 @@ STACK_OF(type) \
 #define sk_X509_OBJECT_sort(st) SKM_sk_sort(X509_OBJECT, (st))
 #define sk_X509_OBJECT_is_sorted(st) SKM_sk_is_sorted(X509_OBJECT, (st))
 
-#define sk_X509_POLICY_DATA_new(st) SKM_sk_new(X509_POLICY_DATA, (st))
+#define sk_X509_POLICY_DATA_new(cmp) SKM_sk_new(X509_POLICY_DATA, (cmp))
 #define sk_X509_POLICY_DATA_new_null() SKM_sk_new_null(X509_POLICY_DATA)
 #define sk_X509_POLICY_DATA_free(st) SKM_sk_free(X509_POLICY_DATA, (st))
 #define sk_X509_POLICY_DATA_num(st) SKM_sk_num(X509_POLICY_DATA, (st))
@@ -1441,7 +1876,7 @@ STACK_OF(type) \
 #define sk_X509_POLICY_DATA_sort(st) SKM_sk_sort(X509_POLICY_DATA, (st))
 #define sk_X509_POLICY_DATA_is_sorted(st) SKM_sk_is_sorted(X509_POLICY_DATA, (st))
 
-#define sk_X509_POLICY_NODE_new(st) SKM_sk_new(X509_POLICY_NODE, (st))
+#define sk_X509_POLICY_NODE_new(cmp) SKM_sk_new(X509_POLICY_NODE, (cmp))
 #define sk_X509_POLICY_NODE_new_null() SKM_sk_new_null(X509_POLICY_NODE)
 #define sk_X509_POLICY_NODE_free(st) SKM_sk_free(X509_POLICY_NODE, (st))
 #define sk_X509_POLICY_NODE_num(st) SKM_sk_num(X509_POLICY_NODE, (st))
@@ -1463,29 +1898,7 @@ STACK_OF(type) \
 #define sk_X509_POLICY_NODE_sort(st) SKM_sk_sort(X509_POLICY_NODE, (st))
 #define sk_X509_POLICY_NODE_is_sorted(st) SKM_sk_is_sorted(X509_POLICY_NODE, (st))
 
-#define sk_X509_POLICY_REF_new(st) SKM_sk_new(X509_POLICY_REF, (st))
-#define sk_X509_POLICY_REF_new_null() SKM_sk_new_null(X509_POLICY_REF)
-#define sk_X509_POLICY_REF_free(st) SKM_sk_free(X509_POLICY_REF, (st))
-#define sk_X509_POLICY_REF_num(st) SKM_sk_num(X509_POLICY_REF, (st))
-#define sk_X509_POLICY_REF_value(st, i) SKM_sk_value(X509_POLICY_REF, (st), (i))
-#define sk_X509_POLICY_REF_set(st, i, val) SKM_sk_set(X509_POLICY_REF, (st), (i), (val))
-#define sk_X509_POLICY_REF_zero(st) SKM_sk_zero(X509_POLICY_REF, (st))
-#define sk_X509_POLICY_REF_push(st, val) SKM_sk_push(X509_POLICY_REF, (st), (val))
-#define sk_X509_POLICY_REF_unshift(st, val) SKM_sk_unshift(X509_POLICY_REF, (st), (val))
-#define sk_X509_POLICY_REF_find(st, val) SKM_sk_find(X509_POLICY_REF, (st), (val))
-#define sk_X509_POLICY_REF_find_ex(st, val) SKM_sk_find_ex(X509_POLICY_REF, (st), (val))
-#define sk_X509_POLICY_REF_delete(st, i) SKM_sk_delete(X509_POLICY_REF, (st), (i))
-#define sk_X509_POLICY_REF_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_POLICY_REF, (st), (ptr))
-#define sk_X509_POLICY_REF_insert(st, val, i) SKM_sk_insert(X509_POLICY_REF, (st), (val), (i))
-#define sk_X509_POLICY_REF_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_POLICY_REF, (st), (cmp))
-#define sk_X509_POLICY_REF_dup(st) SKM_sk_dup(X509_POLICY_REF, st)
-#define sk_X509_POLICY_REF_pop_free(st, free_func) SKM_sk_pop_free(X509_POLICY_REF, (st), (free_func))
-#define sk_X509_POLICY_REF_shift(st) SKM_sk_shift(X509_POLICY_REF, (st))
-#define sk_X509_POLICY_REF_pop(st) SKM_sk_pop(X509_POLICY_REF, (st))
-#define sk_X509_POLICY_REF_sort(st) SKM_sk_sort(X509_POLICY_REF, (st))
-#define sk_X509_POLICY_REF_is_sorted(st) SKM_sk_is_sorted(X509_POLICY_REF, (st))
-
-#define sk_X509_PURPOSE_new(st) SKM_sk_new(X509_PURPOSE, (st))
+#define sk_X509_PURPOSE_new(cmp) SKM_sk_new(X509_PURPOSE, (cmp))
 #define sk_X509_PURPOSE_new_null() SKM_sk_new_null(X509_PURPOSE)
 #define sk_X509_PURPOSE_free(st) SKM_sk_free(X509_PURPOSE, (st))
 #define sk_X509_PURPOSE_num(st) SKM_sk_num(X509_PURPOSE, (st))
@@ -1507,7 +1920,7 @@ STACK_OF(type) \
 #define sk_X509_PURPOSE_sort(st) SKM_sk_sort(X509_PURPOSE, (st))
 #define sk_X509_PURPOSE_is_sorted(st) SKM_sk_is_sorted(X509_PURPOSE, (st))
 
-#define sk_X509_REVOKED_new(st) SKM_sk_new(X509_REVOKED, (st))
+#define sk_X509_REVOKED_new(cmp) SKM_sk_new(X509_REVOKED, (cmp))
 #define sk_X509_REVOKED_new_null() SKM_sk_new_null(X509_REVOKED)
 #define sk_X509_REVOKED_free(st) SKM_sk_free(X509_REVOKED, (st))
 #define sk_X509_REVOKED_num(st) SKM_sk_num(X509_REVOKED, (st))
@@ -1529,7 +1942,7 @@ STACK_OF(type) \
 #define sk_X509_REVOKED_sort(st) SKM_sk_sort(X509_REVOKED, (st))
 #define sk_X509_REVOKED_is_sorted(st) SKM_sk_is_sorted(X509_REVOKED, (st))
 
-#define sk_X509_TRUST_new(st) SKM_sk_new(X509_TRUST, (st))
+#define sk_X509_TRUST_new(cmp) SKM_sk_new(X509_TRUST, (cmp))
 #define sk_X509_TRUST_new_null() SKM_sk_new_null(X509_TRUST)
 #define sk_X509_TRUST_free(st) SKM_sk_free(X509_TRUST, (st))
 #define sk_X509_TRUST_num(st) SKM_sk_num(X509_TRUST, (st))
@@ -1551,7 +1964,7 @@ STACK_OF(type) \
 #define sk_X509_TRUST_sort(st) SKM_sk_sort(X509_TRUST, (st))
 #define sk_X509_TRUST_is_sorted(st) SKM_sk_is_sorted(X509_TRUST, (st))
 
-#define sk_X509_VERIFY_PARAM_new(st) SKM_sk_new(X509_VERIFY_PARAM, (st))
+#define sk_X509_VERIFY_PARAM_new(cmp) SKM_sk_new(X509_VERIFY_PARAM, (cmp))
 #define sk_X509_VERIFY_PARAM_new_null() SKM_sk_new_null(X509_VERIFY_PARAM)
 #define sk_X509_VERIFY_PARAM_free(st) SKM_sk_free(X509_VERIFY_PARAM, (st))
 #define sk_X509_VERIFY_PARAM_num(st) SKM_sk_num(X509_VERIFY_PARAM, (st))
@@ -1573,6 +1986,125 @@ STACK_OF(type) \
 #define sk_X509_VERIFY_PARAM_sort(st) SKM_sk_sort(X509_VERIFY_PARAM, (st))
 #define sk_X509_VERIFY_PARAM_is_sorted(st) SKM_sk_is_sorted(X509_VERIFY_PARAM, (st))
 
+#define sk_nid_triple_new(cmp) SKM_sk_new(nid_triple, (cmp))
+#define sk_nid_triple_new_null() SKM_sk_new_null(nid_triple)
+#define sk_nid_triple_free(st) SKM_sk_free(nid_triple, (st))
+#define sk_nid_triple_num(st) SKM_sk_num(nid_triple, (st))
+#define sk_nid_triple_value(st, i) SKM_sk_value(nid_triple, (st), (i))
+#define sk_nid_triple_set(st, i, val) SKM_sk_set(nid_triple, (st), (i), (val))
+#define sk_nid_triple_zero(st) SKM_sk_zero(nid_triple, (st))
+#define sk_nid_triple_push(st, val) SKM_sk_push(nid_triple, (st), (val))
+#define sk_nid_triple_unshift(st, val) SKM_sk_unshift(nid_triple, (st), (val))
+#define sk_nid_triple_find(st, val) SKM_sk_find(nid_triple, (st), (val))
+#define sk_nid_triple_find_ex(st, val) SKM_sk_find_ex(nid_triple, (st), (val))
+#define sk_nid_triple_delete(st, i) SKM_sk_delete(nid_triple, (st), (i))
+#define sk_nid_triple_delete_ptr(st, ptr) SKM_sk_delete_ptr(nid_triple, (st), (ptr))
+#define sk_nid_triple_insert(st, val, i) SKM_sk_insert(nid_triple, (st), (val), (i))
+#define sk_nid_triple_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(nid_triple, (st), (cmp))
+#define sk_nid_triple_dup(st) SKM_sk_dup(nid_triple, st)
+#define sk_nid_triple_pop_free(st, free_func) SKM_sk_pop_free(nid_triple, (st), (free_func))
+#define sk_nid_triple_shift(st) SKM_sk_shift(nid_triple, (st))
+#define sk_nid_triple_pop(st) SKM_sk_pop(nid_triple, (st))
+#define sk_nid_triple_sort(st) SKM_sk_sort(nid_triple, (st))
+#define sk_nid_triple_is_sorted(st) SKM_sk_is_sorted(nid_triple, (st))
+
+#define sk_void_new(cmp) SKM_sk_new(void, (cmp))
+#define sk_void_new_null() SKM_sk_new_null(void)
+#define sk_void_free(st) SKM_sk_free(void, (st))
+#define sk_void_num(st) SKM_sk_num(void, (st))
+#define sk_void_value(st, i) SKM_sk_value(void, (st), (i))
+#define sk_void_set(st, i, val) SKM_sk_set(void, (st), (i), (val))
+#define sk_void_zero(st) SKM_sk_zero(void, (st))
+#define sk_void_push(st, val) SKM_sk_push(void, (st), (val))
+#define sk_void_unshift(st, val) SKM_sk_unshift(void, (st), (val))
+#define sk_void_find(st, val) SKM_sk_find(void, (st), (val))
+#define sk_void_find_ex(st, val) SKM_sk_find_ex(void, (st), (val))
+#define sk_void_delete(st, i) SKM_sk_delete(void, (st), (i))
+#define sk_void_delete_ptr(st, ptr) SKM_sk_delete_ptr(void, (st), (ptr))
+#define sk_void_insert(st, val, i) SKM_sk_insert(void, (st), (val), (i))
+#define sk_void_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(void, (st), (cmp))
+#define sk_void_dup(st) SKM_sk_dup(void, st)
+#define sk_void_pop_free(st, free_func) SKM_sk_pop_free(void, (st), (free_func))
+#define sk_void_shift(st) SKM_sk_shift(void, (st))
+#define sk_void_pop(st) SKM_sk_pop(void, (st))
+#define sk_void_sort(st) SKM_sk_sort(void, (st))
+#define sk_void_is_sorted(st) SKM_sk_is_sorted(void, (st))
+
+#define sk_OPENSSL_BLOCK_new(cmp) ((STACK_OF(OPENSSL_BLOCK) *)sk_new(CHECKED_SK_CMP_FUNC(void, cmp)))
+#define sk_OPENSSL_BLOCK_new_null() ((STACK_OF(OPENSSL_BLOCK) *)sk_new_null())
+#define sk_OPENSSL_BLOCK_push(st, val) sk_push(CHECKED_PTR_OF(STACK_OF(OPENSSL_BLOCK), st), CHECKED_PTR_OF(void, val))
+#define sk_OPENSSL_BLOCK_find(st, val) sk_find(CHECKED_PTR_OF(STACK_OF(OPENSSL_BLOCK), st), CHECKED_PTR_OF(void, val))
+#define sk_OPENSSL_BLOCK_value(st, i) ((OPENSSL_BLOCK)sk_value(CHECKED_PTR_OF(STACK_OF(OPENSSL_BLOCK), st), i))
+#define sk_OPENSSL_BLOCK_num(st) SKM_sk_num(OPENSSL_BLOCK, st)
+#define sk_OPENSSL_BLOCK_pop_free(st, free_func) sk_pop_free(CHECKED_PTR_OF(STACK_OF(OPENSSL_BLOCK), st), CHECKED_SK_FREE_FUNC2(OPENSSL_BLOCK, free_func))
+#define sk_OPENSSL_BLOCK_insert(st, val, i) sk_insert(CHECKED_PTR_OF(STACK_OF(OPENSSL_BLOCK), st), CHECKED_PTR_OF(void, val), i)
+#define sk_OPENSSL_BLOCK_free(st) SKM_sk_free(OPENSSL_BLOCK, st)
+#define sk_OPENSSL_BLOCK_set(st, i, val) sk_set((_STACK *)CHECKED_PTR_OF(STACK_OF(OPENSSL_BLOCK), st), i, CHECKED_PTR_OF(void, val))
+#define sk_OPENSSL_BLOCK_zero(st) SKM_sk_zero(OPENSSL_BLOCK, (st))
+#define sk_OPENSSL_BLOCK_unshift(st, val) sk_unshift((_STACK *)CHECKED_PTR_OF(STACK_OF(OPENSSL_BLOCK), st), CHECKED_PTR_OF(void, val))
+#define sk_OPENSSL_BLOCK_find_ex(st, val) sk_find_ex((_STACK *)CHECKED_CONST_PTR_OF(STACK_OF(OPENSSL_BLOCK), st), CHECKED_CONST_PTR_OF(void, val))
+#define sk_OPENSSL_BLOCK_delete(st, i) SKM_sk_delete(OPENSSL_BLOCK, (st), (i))
+#define sk_OPENSSL_BLOCK_delete_ptr(st, ptr) (OPENSSL_BLOCK *)sk_delete_ptr((_STACK *)CHECKED_PTR_OF(STACK_OF(OPENSSL_BLOCK), st), CHECKED_PTR_OF(void, ptr))
+#define sk_OPENSSL_BLOCK_set_cmp_func(st, cmp)  \
+	((int (*)(const void * const *,const void * const *)) \
+	sk_set_cmp_func((_STACK *)CHECKED_PTR_OF(STACK_OF(OPENSSL_BLOCK), st), CHECKED_SK_CMP_FUNC(void, cmp)))
+#define sk_OPENSSL_BLOCK_dup(st) SKM_sk_dup(OPENSSL_BLOCK, st)
+#define sk_OPENSSL_BLOCK_shift(st) SKM_sk_shift(OPENSSL_BLOCK, (st))
+#define sk_OPENSSL_BLOCK_pop(st) (void *)sk_pop((_STACK *)CHECKED_PTR_OF(STACK_OF(OPENSSL_BLOCK), st))
+#define sk_OPENSSL_BLOCK_sort(st) SKM_sk_sort(OPENSSL_BLOCK, (st))
+#define sk_OPENSSL_BLOCK_is_sorted(st) SKM_sk_is_sorted(OPENSSL_BLOCK, (st))
+
+
+#define sk_OPENSSL_PSTRING_new(cmp) ((STACK_OF(OPENSSL_PSTRING) *)sk_new(CHECKED_SK_CMP_FUNC(OPENSSL_STRING, cmp)))
+#define sk_OPENSSL_PSTRING_new_null() ((STACK_OF(OPENSSL_PSTRING) *)sk_new_null())
+#define sk_OPENSSL_PSTRING_push(st, val) sk_push(CHECKED_PTR_OF(STACK_OF(OPENSSL_PSTRING), st), CHECKED_PTR_OF(OPENSSL_STRING, val))
+#define sk_OPENSSL_PSTRING_find(st, val) sk_find(CHECKED_PTR_OF(STACK_OF(OPENSSL_PSTRING), st), CHECKED_PTR_OF(OPENSSL_STRING, val))
+#define sk_OPENSSL_PSTRING_value(st, i) ((OPENSSL_PSTRING)sk_value(CHECKED_PTR_OF(STACK_OF(OPENSSL_PSTRING), st), i))
+#define sk_OPENSSL_PSTRING_num(st) SKM_sk_num(OPENSSL_PSTRING, st)
+#define sk_OPENSSL_PSTRING_pop_free(st, free_func) sk_pop_free(CHECKED_PTR_OF(STACK_OF(OPENSSL_PSTRING), st), CHECKED_SK_FREE_FUNC2(OPENSSL_PSTRING, free_func))
+#define sk_OPENSSL_PSTRING_insert(st, val, i) sk_insert(CHECKED_PTR_OF(STACK_OF(OPENSSL_PSTRING), st), CHECKED_PTR_OF(OPENSSL_STRING, val), i)
+#define sk_OPENSSL_PSTRING_free(st) SKM_sk_free(OPENSSL_PSTRING, st)
+#define sk_OPENSSL_PSTRING_set(st, i, val) sk_set((_STACK *)CHECKED_PTR_OF(STACK_OF(OPENSSL_PSTRING), st), i, CHECKED_PTR_OF(OPENSSL_STRING, val))
+#define sk_OPENSSL_PSTRING_zero(st) SKM_sk_zero(OPENSSL_PSTRING, (st))
+#define sk_OPENSSL_PSTRING_unshift(st, val) sk_unshift((_STACK *)CHECKED_PTR_OF(STACK_OF(OPENSSL_PSTRING), st), CHECKED_PTR_OF(OPENSSL_STRING, val))
+#define sk_OPENSSL_PSTRING_find_ex(st, val) sk_find_ex((_STACK *)CHECKED_CONST_PTR_OF(STACK_OF(OPENSSL_PSTRING), st), CHECKED_CONST_PTR_OF(OPENSSL_STRING, val))
+#define sk_OPENSSL_PSTRING_delete(st, i) SKM_sk_delete(OPENSSL_PSTRING, (st), (i))
+#define sk_OPENSSL_PSTRING_delete_ptr(st, ptr) (OPENSSL_PSTRING *)sk_delete_ptr((_STACK *)CHECKED_PTR_OF(STACK_OF(OPENSSL_PSTRING), st), CHECKED_PTR_OF(OPENSSL_STRING, ptr))
+#define sk_OPENSSL_PSTRING_set_cmp_func(st, cmp)  \
+	((int (*)(const OPENSSL_STRING * const *,const OPENSSL_STRING * const *)) \
+	sk_set_cmp_func((_STACK *)CHECKED_PTR_OF(STACK_OF(OPENSSL_PSTRING), st), CHECKED_SK_CMP_FUNC(OPENSSL_STRING, cmp)))
+#define sk_OPENSSL_PSTRING_dup(st) SKM_sk_dup(OPENSSL_PSTRING, st)
+#define sk_OPENSSL_PSTRING_shift(st) SKM_sk_shift(OPENSSL_PSTRING, (st))
+#define sk_OPENSSL_PSTRING_pop(st) (OPENSSL_STRING *)sk_pop((_STACK *)CHECKED_PTR_OF(STACK_OF(OPENSSL_PSTRING), st))
+#define sk_OPENSSL_PSTRING_sort(st) SKM_sk_sort(OPENSSL_PSTRING, (st))
+#define sk_OPENSSL_PSTRING_is_sorted(st) SKM_sk_is_sorted(OPENSSL_PSTRING, (st))
+
+
+#define sk_OPENSSL_STRING_new(cmp) ((STACK_OF(OPENSSL_STRING) *)sk_new(CHECKED_SK_CMP_FUNC(char, cmp)))
+#define sk_OPENSSL_STRING_new_null() ((STACK_OF(OPENSSL_STRING) *)sk_new_null())
+#define sk_OPENSSL_STRING_push(st, val) sk_push(CHECKED_PTR_OF(STACK_OF(OPENSSL_STRING), st), CHECKED_PTR_OF(char, val))
+#define sk_OPENSSL_STRING_find(st, val) sk_find(CHECKED_PTR_OF(STACK_OF(OPENSSL_STRING), st), CHECKED_PTR_OF(char, val))
+#define sk_OPENSSL_STRING_value(st, i) ((OPENSSL_STRING)sk_value(CHECKED_PTR_OF(STACK_OF(OPENSSL_STRING), st), i))
+#define sk_OPENSSL_STRING_num(st) SKM_sk_num(OPENSSL_STRING, st)
+#define sk_OPENSSL_STRING_pop_free(st, free_func) sk_pop_free(CHECKED_PTR_OF(STACK_OF(OPENSSL_STRING), st), CHECKED_SK_FREE_FUNC2(OPENSSL_STRING, free_func))
+#define sk_OPENSSL_STRING_insert(st, val, i) sk_insert(CHECKED_PTR_OF(STACK_OF(OPENSSL_STRING), st), CHECKED_PTR_OF(char, val), i)
+#define sk_OPENSSL_STRING_free(st) SKM_sk_free(OPENSSL_STRING, st)
+#define sk_OPENSSL_STRING_set(st, i, val) sk_set((_STACK *)CHECKED_PTR_OF(STACK_OF(OPENSSL_STRING), st), i, CHECKED_PTR_OF(char, val))
+#define sk_OPENSSL_STRING_zero(st) SKM_sk_zero(OPENSSL_STRING, (st))
+#define sk_OPENSSL_STRING_unshift(st, val) sk_unshift((_STACK *)CHECKED_PTR_OF(STACK_OF(OPENSSL_STRING), st), CHECKED_PTR_OF(char, val))
+#define sk_OPENSSL_STRING_find_ex(st, val) sk_find_ex((_STACK *)CHECKED_CONST_PTR_OF(STACK_OF(OPENSSL_STRING), st), CHECKED_CONST_PTR_OF(char, val))
+#define sk_OPENSSL_STRING_delete(st, i) SKM_sk_delete(OPENSSL_STRING, (st), (i))
+#define sk_OPENSSL_STRING_delete_ptr(st, ptr) (OPENSSL_STRING *)sk_delete_ptr((_STACK *)CHECKED_PTR_OF(STACK_OF(OPENSSL_STRING), st), CHECKED_PTR_OF(char, ptr))
+#define sk_OPENSSL_STRING_set_cmp_func(st, cmp)  \
+	((int (*)(const char * const *,const char * const *)) \
+	sk_set_cmp_func((_STACK *)CHECKED_PTR_OF(STACK_OF(OPENSSL_STRING), st), CHECKED_SK_CMP_FUNC(char, cmp)))
+#define sk_OPENSSL_STRING_dup(st) SKM_sk_dup(OPENSSL_STRING, st)
+#define sk_OPENSSL_STRING_shift(st) SKM_sk_shift(OPENSSL_STRING, (st))
+#define sk_OPENSSL_STRING_pop(st) (char *)sk_pop((_STACK *)CHECKED_PTR_OF(STACK_OF(OPENSSL_STRING), st))
+#define sk_OPENSSL_STRING_sort(st) SKM_sk_sort(OPENSSL_STRING, (st))
+#define sk_OPENSSL_STRING_is_sorted(st) SKM_sk_is_sorted(OPENSSL_STRING, (st))
+
+
 #define d2i_ASN1_SET_OF_ACCESS_DESCRIPTION(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
 	SKM_ASN1_SET_OF_d2i(ACCESS_DESCRIPTION, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) 
 #define i2d_ASN1_SET_OF_ACCESS_DESCRIPTION(st, pp, i2d_func, ex_tag, ex_class, is_set) \
@@ -1609,6 +2141,15 @@ STACK_OF(type) \
 #define ASN1_seq_unpack_ASN1_TYPE(buf, len, d2i_func, free_func) \
 	SKM_ASN1_seq_unpack(ASN1_TYPE, (buf), (len), (d2i_func), (free_func))
 
+#define d2i_ASN1_SET_OF_ASN1_UTF8STRING(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
+	SKM_ASN1_SET_OF_d2i(ASN1_UTF8STRING, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) 
+#define i2d_ASN1_SET_OF_ASN1_UTF8STRING(st, pp, i2d_func, ex_tag, ex_class, is_set) \
+	SKM_ASN1_SET_OF_i2d(ASN1_UTF8STRING, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
+#define ASN1_seq_pack_ASN1_UTF8STRING(st, i2d_func, buf, len) \
+	SKM_ASN1_seq_pack(ASN1_UTF8STRING, (st), (i2d_func), (buf), (len))
+#define ASN1_seq_unpack_ASN1_UTF8STRING(buf, len, d2i_func, free_func) \
+	SKM_ASN1_seq_unpack(ASN1_UTF8STRING, (buf), (len), (d2i_func), (free_func))
+
 #define d2i_ASN1_SET_OF_DIST_POINT(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
 	SKM_ASN1_SET_OF_d2i(DIST_POINT, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) 
 #define i2d_ASN1_SET_OF_DIST_POINT(st, pp, i2d_func, ex_tag, ex_class, is_set) \
@@ -1618,6 +2159,24 @@ STACK_OF(type) \
 #define ASN1_seq_unpack_DIST_POINT(buf, len, d2i_func, free_func) \
 	SKM_ASN1_seq_unpack(DIST_POINT, (buf), (len), (d2i_func), (free_func))
 
+#define d2i_ASN1_SET_OF_ESS_CERT_ID(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
+	SKM_ASN1_SET_OF_d2i(ESS_CERT_ID, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) 
+#define i2d_ASN1_SET_OF_ESS_CERT_ID(st, pp, i2d_func, ex_tag, ex_class, is_set) \
+	SKM_ASN1_SET_OF_i2d(ESS_CERT_ID, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
+#define ASN1_seq_pack_ESS_CERT_ID(st, i2d_func, buf, len) \
+	SKM_ASN1_seq_pack(ESS_CERT_ID, (st), (i2d_func), (buf), (len))
+#define ASN1_seq_unpack_ESS_CERT_ID(buf, len, d2i_func, free_func) \
+	SKM_ASN1_seq_unpack(ESS_CERT_ID, (buf), (len), (d2i_func), (free_func))
+
+#define d2i_ASN1_SET_OF_EVP_MD(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
+	SKM_ASN1_SET_OF_d2i(EVP_MD, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) 
+#define i2d_ASN1_SET_OF_EVP_MD(st, pp, i2d_func, ex_tag, ex_class, is_set) \
+	SKM_ASN1_SET_OF_i2d(EVP_MD, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
+#define ASN1_seq_pack_EVP_MD(st, i2d_func, buf, len) \
+	SKM_ASN1_seq_pack(EVP_MD, (st), (i2d_func), (buf), (len))
+#define ASN1_seq_unpack_EVP_MD(buf, len, d2i_func, free_func) \
+	SKM_ASN1_seq_unpack(EVP_MD, (buf), (len), (d2i_func), (free_func))
+
 #define d2i_ASN1_SET_OF_GENERAL_NAME(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
 	SKM_ASN1_SET_OF_d2i(GENERAL_NAME, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) 
 #define i2d_ASN1_SET_OF_GENERAL_NAME(st, pp, i2d_func, ex_tag, ex_class, is_set) \
@@ -1776,6 +2335,240 @@ STACK_OF(type) \
 
 #define PKCS12_decrypt_d2i_PKCS7(algor, d2i_func, free_func, pass, passlen, oct, seq) \
 	SKM_PKCS12_decrypt_d2i(PKCS7, (algor), (d2i_func), (free_func), (pass), (passlen), (oct), (seq))
+
+#define lh_ADDED_OBJ_new() LHM_lh_new(ADDED_OBJ,added_obj)
+#define lh_ADDED_OBJ_insert(lh,inst) LHM_lh_insert(ADDED_OBJ,lh,inst)
+#define lh_ADDED_OBJ_retrieve(lh,inst) LHM_lh_retrieve(ADDED_OBJ,lh,inst)
+#define lh_ADDED_OBJ_delete(lh,inst) LHM_lh_delete(ADDED_OBJ,lh,inst)
+#define lh_ADDED_OBJ_doall(lh,fn) LHM_lh_doall(ADDED_OBJ,lh,fn)
+#define lh_ADDED_OBJ_doall_arg(lh,fn,arg_type,arg) \
+  LHM_lh_doall_arg(ADDED_OBJ,lh,fn,arg_type,arg)
+#define lh_ADDED_OBJ_error(lh) LHM_lh_error(ADDED_OBJ,lh)
+#define lh_ADDED_OBJ_num_items(lh) LHM_lh_num_items(ADDED_OBJ,lh)
+#define lh_ADDED_OBJ_down_load(lh) LHM_lh_down_load(ADDED_OBJ,lh)
+#define lh_ADDED_OBJ_node_stats_bio(lh,out) \
+  LHM_lh_node_stats_bio(ADDED_OBJ,lh,out)
+#define lh_ADDED_OBJ_node_usage_stats_bio(lh,out) \
+  LHM_lh_node_usage_stats_bio(ADDED_OBJ,lh,out)
+#define lh_ADDED_OBJ_stats_bio(lh,out) \
+  LHM_lh_stats_bio(ADDED_OBJ,lh,out)
+#define lh_ADDED_OBJ_free(lh) LHM_lh_free(ADDED_OBJ,lh)
+
+#define lh_APP_INFO_new() LHM_lh_new(APP_INFO,app_info)
+#define lh_APP_INFO_insert(lh,inst) LHM_lh_insert(APP_INFO,lh,inst)
+#define lh_APP_INFO_retrieve(lh,inst) LHM_lh_retrieve(APP_INFO,lh,inst)
+#define lh_APP_INFO_delete(lh,inst) LHM_lh_delete(APP_INFO,lh,inst)
+#define lh_APP_INFO_doall(lh,fn) LHM_lh_doall(APP_INFO,lh,fn)
+#define lh_APP_INFO_doall_arg(lh,fn,arg_type,arg) \
+  LHM_lh_doall_arg(APP_INFO,lh,fn,arg_type,arg)
+#define lh_APP_INFO_error(lh) LHM_lh_error(APP_INFO,lh)
+#define lh_APP_INFO_num_items(lh) LHM_lh_num_items(APP_INFO,lh)
+#define lh_APP_INFO_down_load(lh) LHM_lh_down_load(APP_INFO,lh)
+#define lh_APP_INFO_node_stats_bio(lh,out) \
+  LHM_lh_node_stats_bio(APP_INFO,lh,out)
+#define lh_APP_INFO_node_usage_stats_bio(lh,out) \
+  LHM_lh_node_usage_stats_bio(APP_INFO,lh,out)
+#define lh_APP_INFO_stats_bio(lh,out) \
+  LHM_lh_stats_bio(APP_INFO,lh,out)
+#define lh_APP_INFO_free(lh) LHM_lh_free(APP_INFO,lh)
+
+#define lh_CONF_VALUE_new() LHM_lh_new(CONF_VALUE,conf_value)
+#define lh_CONF_VALUE_insert(lh,inst) LHM_lh_insert(CONF_VALUE,lh,inst)
+#define lh_CONF_VALUE_retrieve(lh,inst) LHM_lh_retrieve(CONF_VALUE,lh,inst)
+#define lh_CONF_VALUE_delete(lh,inst) LHM_lh_delete(CONF_VALUE,lh,inst)
+#define lh_CONF_VALUE_doall(lh,fn) LHM_lh_doall(CONF_VALUE,lh,fn)
+#define lh_CONF_VALUE_doall_arg(lh,fn,arg_type,arg) \
+  LHM_lh_doall_arg(CONF_VALUE,lh,fn,arg_type,arg)
+#define lh_CONF_VALUE_error(lh) LHM_lh_error(CONF_VALUE,lh)
+#define lh_CONF_VALUE_num_items(lh) LHM_lh_num_items(CONF_VALUE,lh)
+#define lh_CONF_VALUE_down_load(lh) LHM_lh_down_load(CONF_VALUE,lh)
+#define lh_CONF_VALUE_node_stats_bio(lh,out) \
+  LHM_lh_node_stats_bio(CONF_VALUE,lh,out)
+#define lh_CONF_VALUE_node_usage_stats_bio(lh,out) \
+  LHM_lh_node_usage_stats_bio(CONF_VALUE,lh,out)
+#define lh_CONF_VALUE_stats_bio(lh,out) \
+  LHM_lh_stats_bio(CONF_VALUE,lh,out)
+#define lh_CONF_VALUE_free(lh) LHM_lh_free(CONF_VALUE,lh)
+
+#define lh_ENGINE_PILE_new() LHM_lh_new(ENGINE_PILE,engine_pile)
+#define lh_ENGINE_PILE_insert(lh,inst) LHM_lh_insert(ENGINE_PILE,lh,inst)
+#define lh_ENGINE_PILE_retrieve(lh,inst) LHM_lh_retrieve(ENGINE_PILE,lh,inst)
+#define lh_ENGINE_PILE_delete(lh,inst) LHM_lh_delete(ENGINE_PILE,lh,inst)
+#define lh_ENGINE_PILE_doall(lh,fn) LHM_lh_doall(ENGINE_PILE,lh,fn)
+#define lh_ENGINE_PILE_doall_arg(lh,fn,arg_type,arg) \
+  LHM_lh_doall_arg(ENGINE_PILE,lh,fn,arg_type,arg)
+#define lh_ENGINE_PILE_error(lh) LHM_lh_error(ENGINE_PILE,lh)
+#define lh_ENGINE_PILE_num_items(lh) LHM_lh_num_items(ENGINE_PILE,lh)
+#define lh_ENGINE_PILE_down_load(lh) LHM_lh_down_load(ENGINE_PILE,lh)
+#define lh_ENGINE_PILE_node_stats_bio(lh,out) \
+  LHM_lh_node_stats_bio(ENGINE_PILE,lh,out)
+#define lh_ENGINE_PILE_node_usage_stats_bio(lh,out) \
+  LHM_lh_node_usage_stats_bio(ENGINE_PILE,lh,out)
+#define lh_ENGINE_PILE_stats_bio(lh,out) \
+  LHM_lh_stats_bio(ENGINE_PILE,lh,out)
+#define lh_ENGINE_PILE_free(lh) LHM_lh_free(ENGINE_PILE,lh)
+
+#define lh_ERR_STATE_new() LHM_lh_new(ERR_STATE,err_state)
+#define lh_ERR_STATE_insert(lh,inst) LHM_lh_insert(ERR_STATE,lh,inst)
+#define lh_ERR_STATE_retrieve(lh,inst) LHM_lh_retrieve(ERR_STATE,lh,inst)
+#define lh_ERR_STATE_delete(lh,inst) LHM_lh_delete(ERR_STATE,lh,inst)
+#define lh_ERR_STATE_doall(lh,fn) LHM_lh_doall(ERR_STATE,lh,fn)
+#define lh_ERR_STATE_doall_arg(lh,fn,arg_type,arg) \
+  LHM_lh_doall_arg(ERR_STATE,lh,fn,arg_type,arg)
+#define lh_ERR_STATE_error(lh) LHM_lh_error(ERR_STATE,lh)
+#define lh_ERR_STATE_num_items(lh) LHM_lh_num_items(ERR_STATE,lh)
+#define lh_ERR_STATE_down_load(lh) LHM_lh_down_load(ERR_STATE,lh)
+#define lh_ERR_STATE_node_stats_bio(lh,out) \
+  LHM_lh_node_stats_bio(ERR_STATE,lh,out)
+#define lh_ERR_STATE_node_usage_stats_bio(lh,out) \
+  LHM_lh_node_usage_stats_bio(ERR_STATE,lh,out)
+#define lh_ERR_STATE_stats_bio(lh,out) \
+  LHM_lh_stats_bio(ERR_STATE,lh,out)
+#define lh_ERR_STATE_free(lh) LHM_lh_free(ERR_STATE,lh)
+
+#define lh_ERR_STRING_DATA_new() LHM_lh_new(ERR_STRING_DATA,err_string_data)
+#define lh_ERR_STRING_DATA_insert(lh,inst) LHM_lh_insert(ERR_STRING_DATA,lh,inst)
+#define lh_ERR_STRING_DATA_retrieve(lh,inst) LHM_lh_retrieve(ERR_STRING_DATA,lh,inst)
+#define lh_ERR_STRING_DATA_delete(lh,inst) LHM_lh_delete(ERR_STRING_DATA,lh,inst)
+#define lh_ERR_STRING_DATA_doall(lh,fn) LHM_lh_doall(ERR_STRING_DATA,lh,fn)
+#define lh_ERR_STRING_DATA_doall_arg(lh,fn,arg_type,arg) \
+  LHM_lh_doall_arg(ERR_STRING_DATA,lh,fn,arg_type,arg)
+#define lh_ERR_STRING_DATA_error(lh) LHM_lh_error(ERR_STRING_DATA,lh)
+#define lh_ERR_STRING_DATA_num_items(lh) LHM_lh_num_items(ERR_STRING_DATA,lh)
+#define lh_ERR_STRING_DATA_down_load(lh) LHM_lh_down_load(ERR_STRING_DATA,lh)
+#define lh_ERR_STRING_DATA_node_stats_bio(lh,out) \
+  LHM_lh_node_stats_bio(ERR_STRING_DATA,lh,out)
+#define lh_ERR_STRING_DATA_node_usage_stats_bio(lh,out) \
+  LHM_lh_node_usage_stats_bio(ERR_STRING_DATA,lh,out)
+#define lh_ERR_STRING_DATA_stats_bio(lh,out) \
+  LHM_lh_stats_bio(ERR_STRING_DATA,lh,out)
+#define lh_ERR_STRING_DATA_free(lh) LHM_lh_free(ERR_STRING_DATA,lh)
+
+#define lh_EX_CLASS_ITEM_new() LHM_lh_new(EX_CLASS_ITEM,ex_class_item)
+#define lh_EX_CLASS_ITEM_insert(lh,inst) LHM_lh_insert(EX_CLASS_ITEM,lh,inst)
+#define lh_EX_CLASS_ITEM_retrieve(lh,inst) LHM_lh_retrieve(EX_CLASS_ITEM,lh,inst)
+#define lh_EX_CLASS_ITEM_delete(lh,inst) LHM_lh_delete(EX_CLASS_ITEM,lh,inst)
+#define lh_EX_CLASS_ITEM_doall(lh,fn) LHM_lh_doall(EX_CLASS_ITEM,lh,fn)
+#define lh_EX_CLASS_ITEM_doall_arg(lh,fn,arg_type,arg) \
+  LHM_lh_doall_arg(EX_CLASS_ITEM,lh,fn,arg_type,arg)
+#define lh_EX_CLASS_ITEM_error(lh) LHM_lh_error(EX_CLASS_ITEM,lh)
+#define lh_EX_CLASS_ITEM_num_items(lh) LHM_lh_num_items(EX_CLASS_ITEM,lh)
+#define lh_EX_CLASS_ITEM_down_load(lh) LHM_lh_down_load(EX_CLASS_ITEM,lh)
+#define lh_EX_CLASS_ITEM_node_stats_bio(lh,out) \
+  LHM_lh_node_stats_bio(EX_CLASS_ITEM,lh,out)
+#define lh_EX_CLASS_ITEM_node_usage_stats_bio(lh,out) \
+  LHM_lh_node_usage_stats_bio(EX_CLASS_ITEM,lh,out)
+#define lh_EX_CLASS_ITEM_stats_bio(lh,out) \
+  LHM_lh_stats_bio(EX_CLASS_ITEM,lh,out)
+#define lh_EX_CLASS_ITEM_free(lh) LHM_lh_free(EX_CLASS_ITEM,lh)
+
+#define lh_FUNCTION_new() LHM_lh_new(FUNCTION,function)
+#define lh_FUNCTION_insert(lh,inst) LHM_lh_insert(FUNCTION,lh,inst)
+#define lh_FUNCTION_retrieve(lh,inst) LHM_lh_retrieve(FUNCTION,lh,inst)
+#define lh_FUNCTION_delete(lh,inst) LHM_lh_delete(FUNCTION,lh,inst)
+#define lh_FUNCTION_doall(lh,fn) LHM_lh_doall(FUNCTION,lh,fn)
+#define lh_FUNCTION_doall_arg(lh,fn,arg_type,arg) \
+  LHM_lh_doall_arg(FUNCTION,lh,fn,arg_type,arg)
+#define lh_FUNCTION_error(lh) LHM_lh_error(FUNCTION,lh)
+#define lh_FUNCTION_num_items(lh) LHM_lh_num_items(FUNCTION,lh)
+#define lh_FUNCTION_down_load(lh) LHM_lh_down_load(FUNCTION,lh)
+#define lh_FUNCTION_node_stats_bio(lh,out) \
+  LHM_lh_node_stats_bio(FUNCTION,lh,out)
+#define lh_FUNCTION_node_usage_stats_bio(lh,out) \
+  LHM_lh_node_usage_stats_bio(FUNCTION,lh,out)
+#define lh_FUNCTION_stats_bio(lh,out) \
+  LHM_lh_stats_bio(FUNCTION,lh,out)
+#define lh_FUNCTION_free(lh) LHM_lh_free(FUNCTION,lh)
+
+#define lh_MEM_new() LHM_lh_new(MEM,mem)
+#define lh_MEM_insert(lh,inst) LHM_lh_insert(MEM,lh,inst)
+#define lh_MEM_retrieve(lh,inst) LHM_lh_retrieve(MEM,lh,inst)
+#define lh_MEM_delete(lh,inst) LHM_lh_delete(MEM,lh,inst)
+#define lh_MEM_doall(lh,fn) LHM_lh_doall(MEM,lh,fn)
+#define lh_MEM_doall_arg(lh,fn,arg_type,arg) \
+  LHM_lh_doall_arg(MEM,lh,fn,arg_type,arg)
+#define lh_MEM_error(lh) LHM_lh_error(MEM,lh)
+#define lh_MEM_num_items(lh) LHM_lh_num_items(MEM,lh)
+#define lh_MEM_down_load(lh) LHM_lh_down_load(MEM,lh)
+#define lh_MEM_node_stats_bio(lh,out) \
+  LHM_lh_node_stats_bio(MEM,lh,out)
+#define lh_MEM_node_usage_stats_bio(lh,out) \
+  LHM_lh_node_usage_stats_bio(MEM,lh,out)
+#define lh_MEM_stats_bio(lh,out) \
+  LHM_lh_stats_bio(MEM,lh,out)
+#define lh_MEM_free(lh) LHM_lh_free(MEM,lh)
+
+#define lh_OBJ_NAME_new() LHM_lh_new(OBJ_NAME,obj_name)
+#define lh_OBJ_NAME_insert(lh,inst) LHM_lh_insert(OBJ_NAME,lh,inst)
+#define lh_OBJ_NAME_retrieve(lh,inst) LHM_lh_retrieve(OBJ_NAME,lh,inst)
+#define lh_OBJ_NAME_delete(lh,inst) LHM_lh_delete(OBJ_NAME,lh,inst)
+#define lh_OBJ_NAME_doall(lh,fn) LHM_lh_doall(OBJ_NAME,lh,fn)
+#define lh_OBJ_NAME_doall_arg(lh,fn,arg_type,arg) \
+  LHM_lh_doall_arg(OBJ_NAME,lh,fn,arg_type,arg)
+#define lh_OBJ_NAME_error(lh) LHM_lh_error(OBJ_NAME,lh)
+#define lh_OBJ_NAME_num_items(lh) LHM_lh_num_items(OBJ_NAME,lh)
+#define lh_OBJ_NAME_down_load(lh) LHM_lh_down_load(OBJ_NAME,lh)
+#define lh_OBJ_NAME_node_stats_bio(lh,out) \
+  LHM_lh_node_stats_bio(OBJ_NAME,lh,out)
+#define lh_OBJ_NAME_node_usage_stats_bio(lh,out) \
+  LHM_lh_node_usage_stats_bio(OBJ_NAME,lh,out)
+#define lh_OBJ_NAME_stats_bio(lh,out) \
+  LHM_lh_stats_bio(OBJ_NAME,lh,out)
+#define lh_OBJ_NAME_free(lh) LHM_lh_free(OBJ_NAME,lh)
+
+#define lh_OPENSSL_CSTRING_new() LHM_lh_new(OPENSSL_CSTRING,openssl_cstring)
+#define lh_OPENSSL_CSTRING_insert(lh,inst) LHM_lh_insert(OPENSSL_CSTRING,lh,inst)
+#define lh_OPENSSL_CSTRING_retrieve(lh,inst) LHM_lh_retrieve(OPENSSL_CSTRING,lh,inst)
+#define lh_OPENSSL_CSTRING_delete(lh,inst) LHM_lh_delete(OPENSSL_CSTRING,lh,inst)
+#define lh_OPENSSL_CSTRING_doall(lh,fn) LHM_lh_doall(OPENSSL_CSTRING,lh,fn)
+#define lh_OPENSSL_CSTRING_doall_arg(lh,fn,arg_type,arg) \
+  LHM_lh_doall_arg(OPENSSL_CSTRING,lh,fn,arg_type,arg)
+#define lh_OPENSSL_CSTRING_error(lh) LHM_lh_error(OPENSSL_CSTRING,lh)
+#define lh_OPENSSL_CSTRING_num_items(lh) LHM_lh_num_items(OPENSSL_CSTRING,lh)
+#define lh_OPENSSL_CSTRING_down_load(lh) LHM_lh_down_load(OPENSSL_CSTRING,lh)
+#define lh_OPENSSL_CSTRING_node_stats_bio(lh,out) \
+  LHM_lh_node_stats_bio(OPENSSL_CSTRING,lh,out)
+#define lh_OPENSSL_CSTRING_node_usage_stats_bio(lh,out) \
+  LHM_lh_node_usage_stats_bio(OPENSSL_CSTRING,lh,out)
+#define lh_OPENSSL_CSTRING_stats_bio(lh,out) \
+  LHM_lh_stats_bio(OPENSSL_CSTRING,lh,out)
+#define lh_OPENSSL_CSTRING_free(lh) LHM_lh_free(OPENSSL_CSTRING,lh)
+
+#define lh_OPENSSL_STRING_new() LHM_lh_new(OPENSSL_STRING,openssl_string)
+#define lh_OPENSSL_STRING_insert(lh,inst) LHM_lh_insert(OPENSSL_STRING,lh,inst)
+#define lh_OPENSSL_STRING_retrieve(lh,inst) LHM_lh_retrieve(OPENSSL_STRING,lh,inst)
+#define lh_OPENSSL_STRING_delete(lh,inst) LHM_lh_delete(OPENSSL_STRING,lh,inst)
+#define lh_OPENSSL_STRING_doall(lh,fn) LHM_lh_doall(OPENSSL_STRING,lh,fn)
+#define lh_OPENSSL_STRING_doall_arg(lh,fn,arg_type,arg) \
+  LHM_lh_doall_arg(OPENSSL_STRING,lh,fn,arg_type,arg)
+#define lh_OPENSSL_STRING_error(lh) LHM_lh_error(OPENSSL_STRING,lh)
+#define lh_OPENSSL_STRING_num_items(lh) LHM_lh_num_items(OPENSSL_STRING,lh)
+#define lh_OPENSSL_STRING_down_load(lh) LHM_lh_down_load(OPENSSL_STRING,lh)
+#define lh_OPENSSL_STRING_node_stats_bio(lh,out) \
+  LHM_lh_node_stats_bio(OPENSSL_STRING,lh,out)
+#define lh_OPENSSL_STRING_node_usage_stats_bio(lh,out) \
+  LHM_lh_node_usage_stats_bio(OPENSSL_STRING,lh,out)
+#define lh_OPENSSL_STRING_stats_bio(lh,out) \
+  LHM_lh_stats_bio(OPENSSL_STRING,lh,out)
+#define lh_OPENSSL_STRING_free(lh) LHM_lh_free(OPENSSL_STRING,lh)
+
+#define lh_SSL_SESSION_new() LHM_lh_new(SSL_SESSION,ssl_session)
+#define lh_SSL_SESSION_insert(lh,inst) LHM_lh_insert(SSL_SESSION,lh,inst)
+#define lh_SSL_SESSION_retrieve(lh,inst) LHM_lh_retrieve(SSL_SESSION,lh,inst)
+#define lh_SSL_SESSION_delete(lh,inst) LHM_lh_delete(SSL_SESSION,lh,inst)
+#define lh_SSL_SESSION_doall(lh,fn) LHM_lh_doall(SSL_SESSION,lh,fn)
+#define lh_SSL_SESSION_doall_arg(lh,fn,arg_type,arg) \
+  LHM_lh_doall_arg(SSL_SESSION,lh,fn,arg_type,arg)
+#define lh_SSL_SESSION_error(lh) LHM_lh_error(SSL_SESSION,lh)
+#define lh_SSL_SESSION_num_items(lh) LHM_lh_num_items(SSL_SESSION,lh)
+#define lh_SSL_SESSION_down_load(lh) LHM_lh_down_load(SSL_SESSION,lh)
+#define lh_SSL_SESSION_node_stats_bio(lh,out) \
+  LHM_lh_node_stats_bio(SSL_SESSION,lh,out)
+#define lh_SSL_SESSION_node_usage_stats_bio(lh,out) \
+  LHM_lh_node_usage_stats_bio(SSL_SESSION,lh,out)
+#define lh_SSL_SESSION_stats_bio(lh,out) \
+  LHM_lh_stats_bio(SSL_SESSION,lh,out)
+#define lh_SSL_SESSION_free(lh) LHM_lh_free(SSL_SESSION,lh)
 /* End of util/mkstack.pl block, you may now edit :-) */
 
 #endif /* !defined HEADER_SAFESTACK_H */
diff --git a/crypto/stack/stack.c b/crypto/stack/stack.c
index 5967a2c735..76cf1a1168 100644
--- a/crypto/stack/stack.c
+++ b/crypto/stack/stack.c
@@ -73,14 +73,14 @@
 #undef MIN_NODES
 #define MIN_NODES	4
 
-const char *STACK_version="Stack" OPENSSL_VERSION_PTEXT;
+const char STACK_version[]="Stack" OPENSSL_VERSION_PTEXT;
 
 #include <errno.h>
 
-int (*sk_set_cmp_func(STACK *sk, int (*c)(const char * const *,const char * const *)))
-		(const char * const *, const char * const *)
+int (*sk_set_cmp_func(_STACK *sk, int (*c)(const void *, const void *)))
+		(const void *, const void *)
 	{
-	int (*old)(const char * const *,const char * const *)=sk->comp;
+	int (*old)(const void *,const void *)=sk->comp;
 
 	if (sk->comp != c)
 		sk->sorted=0;
@@ -89,9 +89,9 @@ int (*sk_set_cmp_func(STACK *sk, int (*c)(const char * const *,const char * cons
 	return old;
 	}
 
-STACK *sk_dup(STACK *sk)
+_STACK *sk_dup(_STACK *sk)
 	{
-	STACK *ret;
+	_STACK *ret;
 	char **s;
 
 	if ((ret=sk_new(sk->comp)) == NULL) goto err;
@@ -112,19 +112,19 @@ err:
 	return(NULL);
 	}
 
-STACK *sk_new_null(void)
+_STACK *sk_new_null(void)
 	{
-	return sk_new((int (*)(const char * const *, const char * const *))0);
+	return sk_new((int (*)(const void *, const void *))0);
 	}
 
-STACK *sk_new(int (*c)(const char * const *, const char * const *))
+_STACK *sk_new(int (*c)(const void *, const void *))
 	{
-	STACK *ret;
+	_STACK *ret;
 	int i;
 
-	if ((ret=(STACK *)OPENSSL_malloc(sizeof(STACK))) == NULL)
+	if ((ret=OPENSSL_malloc(sizeof(_STACK))) == NULL)
 		goto err;
-	if ((ret->data=(char **)OPENSSL_malloc(sizeof(char *)*MIN_NODES)) == NULL)
+	if ((ret->data=OPENSSL_malloc(sizeof(char *)*MIN_NODES)) == NULL)
 		goto err;
 	for (i=0; i<MIN_NODES; i++)
 		ret->data[i]=NULL;
@@ -139,14 +139,14 @@ err:
 	return(NULL);
 	}
 
-int sk_insert(STACK *st, char *data, int loc)
+int sk_insert(_STACK *st, void *data, int loc)
 	{
 	char **s;
 
 	if(st == NULL) return 0;
 	if (st->num_alloc <= st->num+1)
 		{
-		s=(char **)OPENSSL_realloc((char *)st->data,
+		s=OPENSSL_realloc((char *)st->data,
 			(unsigned int)sizeof(char *)*st->num_alloc*2);
 		if (s == NULL)
 			return(0);
@@ -160,14 +160,14 @@ int sk_insert(STACK *st, char *data, int loc)
 		int i;
 		char **f,**t;
 
-		f=(char **)st->data;
-		t=(char **)&(st->data[1]);
+		f=st->data;
+		t=&(st->data[1]);
 		for (i=st->num; i>=loc; i--)
 			t[i]=f[i];
 			
 #ifdef undef /* no memmove on sunos :-( */
-		memmove( (char *)&(st->data[loc+1]),
-			(char *)&(st->data[loc]),
+		memmove(&(st->data[loc+1]),
+			&(st->data[loc]),
 			sizeof(char *)*(st->num-loc));
 #endif
 		st->data[loc]=data;
@@ -177,7 +177,7 @@ int sk_insert(STACK *st, char *data, int loc)
 	return(st->num);
 	}
 
-char *sk_delete_ptr(STACK *st, char *p)
+void *sk_delete_ptr(_STACK *st, void *p)
 	{
 	int i;
 
@@ -187,7 +187,7 @@ char *sk_delete_ptr(STACK *st, char *p)
 	return(NULL);
 	}
 
-char *sk_delete(STACK *st, int loc)
+void *sk_delete(_STACK *st, int loc)
 	{
 	char *ret;
 	int i,j;
@@ -210,11 +210,11 @@ char *sk_delete(STACK *st, int loc)
 	return(ret);
 	}
 
-static int internal_find(STACK *st, char *data, int ret_val_options)
+static int internal_find(_STACK *st, void *data, int ret_val_options)
 	{
-	char **r;
+	const void * const *r;
 	int i;
-	int (*comp_func)(const void *,const void *);
+
 	if(st == NULL) return -1;
 
 	if (st->comp == NULL)
@@ -226,53 +226,46 @@ static int internal_find(STACK *st, char *data, int ret_val_options)
 		}
 	sk_sort(st);
 	if (data == NULL) return(-1);
-	/* This (and the "qsort" below) are the two places in OpenSSL
-	 * where we need to convert from our standard (type **,type **)
-	 * compare callback type to the (void *,void *) type required by
-	 * bsearch. However, the "data" it is being called(back) with are
-	 * not (type *) pointers, but the *pointers* to (type *) pointers,
-	 * so we get our extra level of pointer dereferencing that way. */
-	comp_func=(int (*)(const void *,const void *))(st->comp);
-	r=(char **)OBJ_bsearch_ex((char *)&data,(char *)st->data,
-		st->num,sizeof(char *),comp_func,ret_val_options);
+	r=OBJ_bsearch_ex_(&data,st->data,st->num,sizeof(void *),st->comp,
+			  ret_val_options);
 	if (r == NULL) return(-1);
-	return((int)(r-st->data));
+	return (int)((char **)r-st->data);
 	}
 
-int sk_find(STACK *st, char *data)
+int sk_find(_STACK *st, void *data)
 	{
 	return internal_find(st, data, OBJ_BSEARCH_FIRST_VALUE_ON_MATCH);
 	}
-int sk_find_ex(STACK *st, char *data)
+int sk_find_ex(_STACK *st, void *data)
 	{
 	return internal_find(st, data, OBJ_BSEARCH_VALUE_ON_NOMATCH);
 	}
 
-int sk_push(STACK *st, char *data)
+int sk_push(_STACK *st, void *data)
 	{
 	return(sk_insert(st,data,st->num));
 	}
 
-int sk_unshift(STACK *st, char *data)
+int sk_unshift(_STACK *st, void *data)
 	{
 	return(sk_insert(st,data,0));
 	}
 
-char *sk_shift(STACK *st)
+void *sk_shift(_STACK *st)
 	{
 	if (st == NULL) return(NULL);
 	if (st->num <= 0) return(NULL);
 	return(sk_delete(st,0));
 	}
 
-char *sk_pop(STACK *st)
+void *sk_pop(_STACK *st)
 	{
 	if (st == NULL) return(NULL);
 	if (st->num <= 0) return(NULL);
 	return(sk_delete(st,st->num-1));
 	}
 
-void sk_zero(STACK *st)
+void sk_zero(_STACK *st)
 	{
 	if (st == NULL) return;
 	if (st->num <= 0) return;
@@ -280,7 +273,7 @@ void sk_zero(STACK *st)
 	st->num=0;
 	}
 
-void sk_pop_free(STACK *st, void (*func)(void *))
+void sk_pop_free(_STACK *st, void (*func)(void *))
 	{
 	int i;
 
@@ -291,32 +284,32 @@ void sk_pop_free(STACK *st, void (*func)(void *))
 	sk_free(st);
 	}
 
-void sk_free(STACK *st)
+void sk_free(_STACK *st)
 	{
 	if (st == NULL) return;
 	if (st->data != NULL) OPENSSL_free(st->data);
 	OPENSSL_free(st);
 	}
 
-int sk_num(const STACK *st)
+int sk_num(const _STACK *st)
 {
 	if(st == NULL) return -1;
 	return st->num;
 }
 
-char *sk_value(const STACK *st, int i)
+void *sk_value(const _STACK *st, int i)
 {
 	if(!st || (i < 0) || (i >= st->num)) return NULL;
 	return st->data[i];
 }
 
-char *sk_set(STACK *st, int i, char *value)
+void *sk_set(_STACK *st, int i, void *value)
 {
 	if(!st || (i < 0) || (i >= st->num)) return NULL;
 	return (st->data[i] = value);
 }
 
-void sk_sort(STACK *st)
+void sk_sort(_STACK *st)
 	{
 	if (st && !st->sorted)
 		{
@@ -333,7 +326,7 @@ void sk_sort(STACK *st)
 		}
 	}
 
-int sk_is_sorted(const STACK *st)
+int sk_is_sorted(const _STACK *st)
 	{
 	if (!st)
 		return 1;
diff --git a/crypto/stack/stack.h b/crypto/stack/stack.h
index 5cbb116a8b..ce35e554eb 100644
--- a/crypto/stack/stack.h
+++ b/crypto/stack/stack.h
@@ -70,37 +70,36 @@ typedef struct stack_st
 	int sorted;
 
 	int num_alloc;
-	int (*comp)(const char * const *, const char * const *);
-	} STACK;
+	int (*comp)(const void *, const void *);
+	} _STACK;  /* Use STACK_OF(...) instead */
 
 #define M_sk_num(sk)		((sk) ? (sk)->num:-1)
 #define M_sk_value(sk,n)	((sk) ? (sk)->data[n] : NULL)
 
-int sk_num(const STACK *);
-char *sk_value(const STACK *, int);
+int sk_num(const _STACK *);
+void *sk_value(const _STACK *, int);
 
-char *sk_set(STACK *, int, char *);
+void *sk_set(_STACK *, int, void *);
 
-STACK *sk_new(int (*cmp)(const char * const *, const char * const *));
-STACK *sk_new_null(void);
-void sk_free(STACK *);
-void sk_pop_free(STACK *st, void (*func)(void *));
-int sk_insert(STACK *sk,char *data,int where);
-char *sk_delete(STACK *st,int loc);
-char *sk_delete_ptr(STACK *st, char *p);
-int sk_find(STACK *st,char *data);
-int sk_find_ex(STACK *st,char *data);
-int sk_push(STACK *st,char *data);
-int sk_unshift(STACK *st,char *data);
-char *sk_shift(STACK *st);
-char *sk_pop(STACK *st);
-void sk_zero(STACK *st);
-int (*sk_set_cmp_func(STACK *sk, int (*c)(const char * const *,
-			const char * const *)))
-			(const char * const *, const char * const *);
-STACK *sk_dup(STACK *st);
-void sk_sort(STACK *st);
-int sk_is_sorted(const STACK *st);
+_STACK *sk_new(int (*cmp)(const void *, const void *));
+_STACK *sk_new_null(void);
+void sk_free(_STACK *);
+void sk_pop_free(_STACK *st, void (*func)(void *));
+int sk_insert(_STACK *sk, void *data, int where);
+void *sk_delete(_STACK *st, int loc);
+void *sk_delete_ptr(_STACK *st, void *p);
+int sk_find(_STACK *st, void *data);
+int sk_find_ex(_STACK *st, void *data);
+int sk_push(_STACK *st, void *data);
+int sk_unshift(_STACK *st, void *data);
+void *sk_shift(_STACK *st);
+void *sk_pop(_STACK *st);
+void sk_zero(_STACK *st);
+int (*sk_set_cmp_func(_STACK *sk, int (*c)(const void *, const void *)))
+	(const void *, const void *);
+_STACK *sk_dup(_STACK *st);
+void sk_sort(_STACK *st);
+int sk_is_sorted(const _STACK *st);
 
 #ifdef  __cplusplus
 }
diff --git a/crypto/store/.cvsignore b/crypto/store/.cvsignore
index 695fdd0059..68a93138ae 100644
--- a/crypto/store/.cvsignore
+++ b/crypto/store/.cvsignore
@@ -1,2 +1,4 @@
 Makefile.save
 lib
+*.flc
+semantic.cache
diff --git a/crypto/store/Makefile.ssl b/crypto/store/Makefile.ssl
deleted file mode 100644
index 29900878c2..0000000000
--- a/crypto/store/Makefile.ssl
+++ /dev/null
@@ -1,117 +0,0 @@
-#
-# OpenSSL/crypto/store/Makefile
-#
-
-DIR=	store
-TOP=	../..
-CC=	cc
-INCLUDES= -I.. -I$(TOP) -I../../include
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-#TEST= storetest.c
-TEST=
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC= str_err.c str_lib.c str_meth.c str_mem.c
-LIBOBJ= str_err.o str_lib.o str_meth.o str_mem.o
-
-SRC= $(LIBSRC)
-
-#EXHEADER= store.h str_compat.h
-EXHEADER= store.h
-HEADER=	$(EXHEADER) str_locl.h
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@headerlist="$(EXHEADER)"; for i in $$headerlist; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-str_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
-str_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-str_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-str_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-str_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-str_err.o: ../../include/openssl/store.h ../../include/openssl/symhacks.h
-str_err.o: str_err.c
-str_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-str_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-str_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-str_lib.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-str_lib.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
-str_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-str_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-str_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-str_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-str_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-str_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-str_lib.o: ../../include/openssl/store.h ../../include/openssl/symhacks.h
-str_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-str_lib.o: str_lib.c str_locl.h
-str_mem.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
-str_mem.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-str_mem.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-str_mem.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-str_mem.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-str_mem.o: ../../include/openssl/store.h ../../include/openssl/symhacks.h
-str_mem.o: str_locl.h str_mem.c
-str_meth.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-str_meth.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
-str_meth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-str_meth.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-str_meth.o: ../../include/openssl/store.h ../../include/openssl/symhacks.h
-str_meth.o: str_locl.h str_meth.c
diff --git a/crypto/store/store.h b/crypto/store/store.h
index b2e7e198f9..0a28c7d5a2 100644
--- a/crypto/store/store.h
+++ b/crypto/store/store.h
@@ -59,6 +59,12 @@
 #ifndef HEADER_STORE_H
 #define HEADER_STORE_H
 
+#include <openssl/opensslconf.h>
+
+#ifdef OPENSSL_NO_STORE
+#error STORE is disabled.
+#endif
+
 #include <openssl/ossl_typ.h>
 #ifndef OPENSSL_NO_DEPRECATED
 #include <openssl/evp.h>
@@ -408,7 +414,8 @@ int STORE_ATTR_INFO_modify_number(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
 
 /* Compare on basis of a bit pattern formed by the STORE_ATTR_TYPES values
    in each contained attribute. */
-int STORE_ATTR_INFO_compare(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b);
+int STORE_ATTR_INFO_compare(const STORE_ATTR_INFO * const *a,
+			    const STORE_ATTR_INFO * const *b);
 /* Check if the set of attributes in a is within the range of attributes
    set in b. */
 int STORE_ATTR_INFO_in_range(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b);
@@ -427,13 +434,13 @@ void ERR_load_STORE_strings(void);
 /* Error codes for the STORE functions. */
 
 /* Function codes. */
-#define STORE_F_CTRL					 160
 #define STORE_F_MEM_DELETE				 134
 #define STORE_F_MEM_GENERATE				 135
+#define STORE_F_MEM_LIST_END				 168
 #define STORE_F_MEM_LIST_NEXT				 136
 #define STORE_F_MEM_LIST_START				 137
+#define STORE_F_MEM_MODIFY				 169
 #define STORE_F_MEM_STORE				 138
-#define STORE_F_STORE_ARBITRARY				 157
 #define STORE_F_STORE_ATTR_INFO_GET0_CSTR		 139
 #define STORE_F_STORE_ATTR_INFO_GET0_DN			 140
 #define STORE_F_STORE_ATTR_INFO_GET0_NUMBER		 141
@@ -446,8 +453,7 @@ void ERR_load_STORE_strings(void);
 #define STORE_F_STORE_ATTR_INFO_SET_DN			 148
 #define STORE_F_STORE_ATTR_INFO_SET_NUMBER		 149
 #define STORE_F_STORE_ATTR_INFO_SET_SHA1STR		 150
-#define STORE_F_STORE_CERTIFICATE			 100
-#define STORE_F_STORE_CRL				 101
+#define STORE_F_STORE_CERTIFICATE			 170
 #define STORE_F_STORE_CTRL				 161
 #define STORE_F_STORE_DELETE_ARBITRARY			 158
 #define STORE_F_STORE_DELETE_CERTIFICATE		 102
@@ -487,14 +493,19 @@ void ERR_load_STORE_strings(void);
 #define STORE_F_STORE_MODIFY_PUBLIC_KEY			 167
 #define STORE_F_STORE_NEW_ENGINE			 133
 #define STORE_F_STORE_NEW_METHOD			 132
-#define STORE_F_STORE_NUMBER				 126
 #define STORE_F_STORE_PARSE_ATTRS_END			 151
+#define STORE_F_STORE_PARSE_ATTRS_ENDP			 172
 #define STORE_F_STORE_PARSE_ATTRS_NEXT			 152
-#define STORE_F_STORE_PRIVATE_KEY			 127
-#define STORE_F_STORE_PUBLIC_KEY			 128
+#define STORE_F_STORE_PARSE_ATTRS_START			 171
 #define STORE_F_STORE_REVOKE_CERTIFICATE		 129
 #define STORE_F_STORE_REVOKE_PRIVATE_KEY		 130
 #define STORE_F_STORE_REVOKE_PUBLIC_KEY			 131
+#define STORE_F_STORE_STORE_ARBITRARY			 157
+#define STORE_F_STORE_STORE_CERTIFICATE			 100
+#define STORE_F_STORE_STORE_CRL				 101
+#define STORE_F_STORE_STORE_NUMBER			 126
+#define STORE_F_STORE_STORE_PRIVATE_KEY			 127
+#define STORE_F_STORE_STORE_PUBLIC_KEY			 128
 
 /* Reason codes. */
 #define STORE_R_ALREADY_HAS_A_VALUE			 127
diff --git a/crypto/store/str_err.c b/crypto/store/str_err.c
index d18acaccd1..924edf0505 100644
--- a/crypto/store/str_err.c
+++ b/crypto/store/str_err.c
@@ -1,6 +1,6 @@
 /* crypto/store/str_err.c */
 /* ====================================================================
- * Copyright (c) 1999-2003 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2006 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -64,127 +64,135 @@
 
 /* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
+
+#define ERR_FUNC(func) ERR_PACK(ERR_LIB_STORE,func,0)
+#define ERR_REASON(reason) ERR_PACK(ERR_LIB_STORE,0,reason)
+
 static ERR_STRING_DATA STORE_str_functs[]=
 	{
-{ERR_PACK(0,STORE_F_CTRL,0),	"CTRL"},
-{ERR_PACK(0,STORE_F_MEM_DELETE,0),	"MEM_DELETE"},
-{ERR_PACK(0,STORE_F_MEM_GENERATE,0),	"MEM_GENERATE"},
-{ERR_PACK(0,STORE_F_MEM_LIST_NEXT,0),	"MEM_LIST_NEXT"},
-{ERR_PACK(0,STORE_F_MEM_LIST_START,0),	"MEM_LIST_START"},
-{ERR_PACK(0,STORE_F_MEM_STORE,0),	"MEM_STORE"},
-{ERR_PACK(0,STORE_F_STORE_ARBITRARY,0),	"STORE_ARBITRARY"},
-{ERR_PACK(0,STORE_F_STORE_ATTR_INFO_GET0_CSTR,0),	"STORE_ATTR_INFO_get0_cstr"},
-{ERR_PACK(0,STORE_F_STORE_ATTR_INFO_GET0_DN,0),	"STORE_ATTR_INFO_get0_dn"},
-{ERR_PACK(0,STORE_F_STORE_ATTR_INFO_GET0_NUMBER,0),	"STORE_ATTR_INFO_get0_number"},
-{ERR_PACK(0,STORE_F_STORE_ATTR_INFO_GET0_SHA1STR,0),	"STORE_ATTR_INFO_get0_sha1str"},
-{ERR_PACK(0,STORE_F_STORE_ATTR_INFO_MODIFY_CSTR,0),	"STORE_ATTR_INFO_modify_cstr"},
-{ERR_PACK(0,STORE_F_STORE_ATTR_INFO_MODIFY_DN,0),	"STORE_ATTR_INFO_modify_dn"},
-{ERR_PACK(0,STORE_F_STORE_ATTR_INFO_MODIFY_NUMBER,0),	"STORE_ATTR_INFO_modify_number"},
-{ERR_PACK(0,STORE_F_STORE_ATTR_INFO_MODIFY_SHA1STR,0),	"STORE_ATTR_INFO_modify_sha1str"},
-{ERR_PACK(0,STORE_F_STORE_ATTR_INFO_SET_CSTR,0),	"STORE_ATTR_INFO_set_cstr"},
-{ERR_PACK(0,STORE_F_STORE_ATTR_INFO_SET_DN,0),	"STORE_ATTR_INFO_set_dn"},
-{ERR_PACK(0,STORE_F_STORE_ATTR_INFO_SET_NUMBER,0),	"STORE_ATTR_INFO_set_number"},
-{ERR_PACK(0,STORE_F_STORE_ATTR_INFO_SET_SHA1STR,0),	"STORE_ATTR_INFO_set_sha1str"},
-{ERR_PACK(0,STORE_F_STORE_CERTIFICATE,0),	"STORE_CERTIFICATE"},
-{ERR_PACK(0,STORE_F_STORE_CRL,0),	"STORE_CRL"},
-{ERR_PACK(0,STORE_F_STORE_CTRL,0),	"STORE_ctrl"},
-{ERR_PACK(0,STORE_F_STORE_DELETE_ARBITRARY,0),	"STORE_delete_arbitrary"},
-{ERR_PACK(0,STORE_F_STORE_DELETE_CERTIFICATE,0),	"STORE_delete_certificate"},
-{ERR_PACK(0,STORE_F_STORE_DELETE_CRL,0),	"STORE_delete_crl"},
-{ERR_PACK(0,STORE_F_STORE_DELETE_NUMBER,0),	"STORE_delete_number"},
-{ERR_PACK(0,STORE_F_STORE_DELETE_PRIVATE_KEY,0),	"STORE_delete_private_key"},
-{ERR_PACK(0,STORE_F_STORE_DELETE_PUBLIC_KEY,0),	"STORE_delete_public_key"},
-{ERR_PACK(0,STORE_F_STORE_GENERATE_CRL,0),	"STORE_generate_crl"},
-{ERR_PACK(0,STORE_F_STORE_GENERATE_KEY,0),	"STORE_generate_key"},
-{ERR_PACK(0,STORE_F_STORE_GET_ARBITRARY,0),	"STORE_get_arbitrary"},
-{ERR_PACK(0,STORE_F_STORE_GET_CERTIFICATE,0),	"STORE_get_certificate"},
-{ERR_PACK(0,STORE_F_STORE_GET_CRL,0),	"STORE_get_crl"},
-{ERR_PACK(0,STORE_F_STORE_GET_NUMBER,0),	"STORE_get_number"},
-{ERR_PACK(0,STORE_F_STORE_GET_PRIVATE_KEY,0),	"STORE_get_private_key"},
-{ERR_PACK(0,STORE_F_STORE_GET_PUBLIC_KEY,0),	"STORE_get_public_key"},
-{ERR_PACK(0,STORE_F_STORE_LIST_CERTIFICATE_END,0),	"STORE_list_certificate_end"},
-{ERR_PACK(0,STORE_F_STORE_LIST_CERTIFICATE_ENDP,0),	"STORE_list_certificate_endp"},
-{ERR_PACK(0,STORE_F_STORE_LIST_CERTIFICATE_NEXT,0),	"STORE_list_certificate_next"},
-{ERR_PACK(0,STORE_F_STORE_LIST_CERTIFICATE_START,0),	"STORE_list_certificate_start"},
-{ERR_PACK(0,STORE_F_STORE_LIST_CRL_END,0),	"STORE_list_crl_end"},
-{ERR_PACK(0,STORE_F_STORE_LIST_CRL_ENDP,0),	"STORE_list_crl_endp"},
-{ERR_PACK(0,STORE_F_STORE_LIST_CRL_NEXT,0),	"STORE_list_crl_next"},
-{ERR_PACK(0,STORE_F_STORE_LIST_CRL_START,0),	"STORE_list_crl_start"},
-{ERR_PACK(0,STORE_F_STORE_LIST_PRIVATE_KEY_END,0),	"STORE_list_private_key_end"},
-{ERR_PACK(0,STORE_F_STORE_LIST_PRIVATE_KEY_ENDP,0),	"STORE_list_private_key_endp"},
-{ERR_PACK(0,STORE_F_STORE_LIST_PRIVATE_KEY_NEXT,0),	"STORE_list_private_key_next"},
-{ERR_PACK(0,STORE_F_STORE_LIST_PRIVATE_KEY_START,0),	"STORE_list_private_key_start"},
-{ERR_PACK(0,STORE_F_STORE_LIST_PUBLIC_KEY_END,0),	"STORE_list_public_key_end"},
-{ERR_PACK(0,STORE_F_STORE_LIST_PUBLIC_KEY_ENDP,0),	"STORE_list_public_key_endp"},
-{ERR_PACK(0,STORE_F_STORE_LIST_PUBLIC_KEY_NEXT,0),	"STORE_list_public_key_next"},
-{ERR_PACK(0,STORE_F_STORE_LIST_PUBLIC_KEY_START,0),	"STORE_list_public_key_start"},
-{ERR_PACK(0,STORE_F_STORE_MODIFY_ARBITRARY,0),	"STORE_modify_arbitrary"},
-{ERR_PACK(0,STORE_F_STORE_MODIFY_CERTIFICATE,0),	"STORE_modify_certificate"},
-{ERR_PACK(0,STORE_F_STORE_MODIFY_CRL,0),	"STORE_modify_crl"},
-{ERR_PACK(0,STORE_F_STORE_MODIFY_NUMBER,0),	"STORE_modify_number"},
-{ERR_PACK(0,STORE_F_STORE_MODIFY_PRIVATE_KEY,0),	"STORE_modify_private_key"},
-{ERR_PACK(0,STORE_F_STORE_MODIFY_PUBLIC_KEY,0),	"STORE_modify_public_key"},
-{ERR_PACK(0,STORE_F_STORE_NEW_ENGINE,0),	"STORE_new_engine"},
-{ERR_PACK(0,STORE_F_STORE_NEW_METHOD,0),	"STORE_new_method"},
-{ERR_PACK(0,STORE_F_STORE_NUMBER,0),	"STORE_NUMBER"},
-{ERR_PACK(0,STORE_F_STORE_PARSE_ATTRS_END,0),	"STORE_parse_attrs_end"},
-{ERR_PACK(0,STORE_F_STORE_PARSE_ATTRS_NEXT,0),	"STORE_parse_attrs_next"},
-{ERR_PACK(0,STORE_F_STORE_PRIVATE_KEY,0),	"STORE_PRIVATE_KEY"},
-{ERR_PACK(0,STORE_F_STORE_PUBLIC_KEY,0),	"STORE_PUBLIC_KEY"},
-{ERR_PACK(0,STORE_F_STORE_REVOKE_CERTIFICATE,0),	"STORE_revoke_certificate"},
-{ERR_PACK(0,STORE_F_STORE_REVOKE_PRIVATE_KEY,0),	"STORE_revoke_private_key"},
-{ERR_PACK(0,STORE_F_STORE_REVOKE_PUBLIC_KEY,0),	"STORE_revoke_public_key"},
+{ERR_FUNC(STORE_F_MEM_DELETE),	"MEM_DELETE"},
+{ERR_FUNC(STORE_F_MEM_GENERATE),	"MEM_GENERATE"},
+{ERR_FUNC(STORE_F_MEM_LIST_END),	"MEM_LIST_END"},
+{ERR_FUNC(STORE_F_MEM_LIST_NEXT),	"MEM_LIST_NEXT"},
+{ERR_FUNC(STORE_F_MEM_LIST_START),	"MEM_LIST_START"},
+{ERR_FUNC(STORE_F_MEM_MODIFY),	"MEM_MODIFY"},
+{ERR_FUNC(STORE_F_MEM_STORE),	"MEM_STORE"},
+{ERR_FUNC(STORE_F_STORE_ATTR_INFO_GET0_CSTR),	"STORE_ATTR_INFO_get0_cstr"},
+{ERR_FUNC(STORE_F_STORE_ATTR_INFO_GET0_DN),	"STORE_ATTR_INFO_get0_dn"},
+{ERR_FUNC(STORE_F_STORE_ATTR_INFO_GET0_NUMBER),	"STORE_ATTR_INFO_get0_number"},
+{ERR_FUNC(STORE_F_STORE_ATTR_INFO_GET0_SHA1STR),	"STORE_ATTR_INFO_get0_sha1str"},
+{ERR_FUNC(STORE_F_STORE_ATTR_INFO_MODIFY_CSTR),	"STORE_ATTR_INFO_modify_cstr"},
+{ERR_FUNC(STORE_F_STORE_ATTR_INFO_MODIFY_DN),	"STORE_ATTR_INFO_modify_dn"},
+{ERR_FUNC(STORE_F_STORE_ATTR_INFO_MODIFY_NUMBER),	"STORE_ATTR_INFO_modify_number"},
+{ERR_FUNC(STORE_F_STORE_ATTR_INFO_MODIFY_SHA1STR),	"STORE_ATTR_INFO_modify_sha1str"},
+{ERR_FUNC(STORE_F_STORE_ATTR_INFO_SET_CSTR),	"STORE_ATTR_INFO_set_cstr"},
+{ERR_FUNC(STORE_F_STORE_ATTR_INFO_SET_DN),	"STORE_ATTR_INFO_set_dn"},
+{ERR_FUNC(STORE_F_STORE_ATTR_INFO_SET_NUMBER),	"STORE_ATTR_INFO_set_number"},
+{ERR_FUNC(STORE_F_STORE_ATTR_INFO_SET_SHA1STR),	"STORE_ATTR_INFO_set_sha1str"},
+{ERR_FUNC(STORE_F_STORE_CERTIFICATE),	"STORE_CERTIFICATE"},
+{ERR_FUNC(STORE_F_STORE_CTRL),	"STORE_ctrl"},
+{ERR_FUNC(STORE_F_STORE_DELETE_ARBITRARY),	"STORE_delete_arbitrary"},
+{ERR_FUNC(STORE_F_STORE_DELETE_CERTIFICATE),	"STORE_delete_certificate"},
+{ERR_FUNC(STORE_F_STORE_DELETE_CRL),	"STORE_delete_crl"},
+{ERR_FUNC(STORE_F_STORE_DELETE_NUMBER),	"STORE_delete_number"},
+{ERR_FUNC(STORE_F_STORE_DELETE_PRIVATE_KEY),	"STORE_delete_private_key"},
+{ERR_FUNC(STORE_F_STORE_DELETE_PUBLIC_KEY),	"STORE_delete_public_key"},
+{ERR_FUNC(STORE_F_STORE_GENERATE_CRL),	"STORE_generate_crl"},
+{ERR_FUNC(STORE_F_STORE_GENERATE_KEY),	"STORE_generate_key"},
+{ERR_FUNC(STORE_F_STORE_GET_ARBITRARY),	"STORE_get_arbitrary"},
+{ERR_FUNC(STORE_F_STORE_GET_CERTIFICATE),	"STORE_get_certificate"},
+{ERR_FUNC(STORE_F_STORE_GET_CRL),	"STORE_get_crl"},
+{ERR_FUNC(STORE_F_STORE_GET_NUMBER),	"STORE_get_number"},
+{ERR_FUNC(STORE_F_STORE_GET_PRIVATE_KEY),	"STORE_get_private_key"},
+{ERR_FUNC(STORE_F_STORE_GET_PUBLIC_KEY),	"STORE_get_public_key"},
+{ERR_FUNC(STORE_F_STORE_LIST_CERTIFICATE_END),	"STORE_list_certificate_end"},
+{ERR_FUNC(STORE_F_STORE_LIST_CERTIFICATE_ENDP),	"STORE_list_certificate_endp"},
+{ERR_FUNC(STORE_F_STORE_LIST_CERTIFICATE_NEXT),	"STORE_list_certificate_next"},
+{ERR_FUNC(STORE_F_STORE_LIST_CERTIFICATE_START),	"STORE_list_certificate_start"},
+{ERR_FUNC(STORE_F_STORE_LIST_CRL_END),	"STORE_list_crl_end"},
+{ERR_FUNC(STORE_F_STORE_LIST_CRL_ENDP),	"STORE_list_crl_endp"},
+{ERR_FUNC(STORE_F_STORE_LIST_CRL_NEXT),	"STORE_list_crl_next"},
+{ERR_FUNC(STORE_F_STORE_LIST_CRL_START),	"STORE_list_crl_start"},
+{ERR_FUNC(STORE_F_STORE_LIST_PRIVATE_KEY_END),	"STORE_list_private_key_end"},
+{ERR_FUNC(STORE_F_STORE_LIST_PRIVATE_KEY_ENDP),	"STORE_list_private_key_endp"},
+{ERR_FUNC(STORE_F_STORE_LIST_PRIVATE_KEY_NEXT),	"STORE_list_private_key_next"},
+{ERR_FUNC(STORE_F_STORE_LIST_PRIVATE_KEY_START),	"STORE_list_private_key_start"},
+{ERR_FUNC(STORE_F_STORE_LIST_PUBLIC_KEY_END),	"STORE_list_public_key_end"},
+{ERR_FUNC(STORE_F_STORE_LIST_PUBLIC_KEY_ENDP),	"STORE_list_public_key_endp"},
+{ERR_FUNC(STORE_F_STORE_LIST_PUBLIC_KEY_NEXT),	"STORE_list_public_key_next"},
+{ERR_FUNC(STORE_F_STORE_LIST_PUBLIC_KEY_START),	"STORE_list_public_key_start"},
+{ERR_FUNC(STORE_F_STORE_MODIFY_ARBITRARY),	"STORE_modify_arbitrary"},
+{ERR_FUNC(STORE_F_STORE_MODIFY_CERTIFICATE),	"STORE_modify_certificate"},
+{ERR_FUNC(STORE_F_STORE_MODIFY_CRL),	"STORE_modify_crl"},
+{ERR_FUNC(STORE_F_STORE_MODIFY_NUMBER),	"STORE_modify_number"},
+{ERR_FUNC(STORE_F_STORE_MODIFY_PRIVATE_KEY),	"STORE_modify_private_key"},
+{ERR_FUNC(STORE_F_STORE_MODIFY_PUBLIC_KEY),	"STORE_modify_public_key"},
+{ERR_FUNC(STORE_F_STORE_NEW_ENGINE),	"STORE_new_engine"},
+{ERR_FUNC(STORE_F_STORE_NEW_METHOD),	"STORE_new_method"},
+{ERR_FUNC(STORE_F_STORE_PARSE_ATTRS_END),	"STORE_parse_attrs_end"},
+{ERR_FUNC(STORE_F_STORE_PARSE_ATTRS_ENDP),	"STORE_parse_attrs_endp"},
+{ERR_FUNC(STORE_F_STORE_PARSE_ATTRS_NEXT),	"STORE_parse_attrs_next"},
+{ERR_FUNC(STORE_F_STORE_PARSE_ATTRS_START),	"STORE_parse_attrs_start"},
+{ERR_FUNC(STORE_F_STORE_REVOKE_CERTIFICATE),	"STORE_revoke_certificate"},
+{ERR_FUNC(STORE_F_STORE_REVOKE_PRIVATE_KEY),	"STORE_revoke_private_key"},
+{ERR_FUNC(STORE_F_STORE_REVOKE_PUBLIC_KEY),	"STORE_revoke_public_key"},
+{ERR_FUNC(STORE_F_STORE_STORE_ARBITRARY),	"STORE_store_arbitrary"},
+{ERR_FUNC(STORE_F_STORE_STORE_CERTIFICATE),	"STORE_store_certificate"},
+{ERR_FUNC(STORE_F_STORE_STORE_CRL),	"STORE_store_crl"},
+{ERR_FUNC(STORE_F_STORE_STORE_NUMBER),	"STORE_store_number"},
+{ERR_FUNC(STORE_F_STORE_STORE_PRIVATE_KEY),	"STORE_store_private_key"},
+{ERR_FUNC(STORE_F_STORE_STORE_PUBLIC_KEY),	"STORE_store_public_key"},
 {0,NULL}
 	};
 
 static ERR_STRING_DATA STORE_str_reasons[]=
 	{
-{STORE_R_ALREADY_HAS_A_VALUE             ,"already has a value"},
-{STORE_R_FAILED_DELETING_ARBITRARY       ,"failed deleting arbitrary"},
-{STORE_R_FAILED_DELETING_CERTIFICATE     ,"failed deleting certificate"},
-{STORE_R_FAILED_DELETING_KEY             ,"failed deleting key"},
-{STORE_R_FAILED_DELETING_NUMBER          ,"failed deleting number"},
-{STORE_R_FAILED_GENERATING_CRL           ,"failed generating crl"},
-{STORE_R_FAILED_GENERATING_KEY           ,"failed generating key"},
-{STORE_R_FAILED_GETTING_ARBITRARY        ,"failed getting arbitrary"},
-{STORE_R_FAILED_GETTING_CERTIFICATE      ,"failed getting certificate"},
-{STORE_R_FAILED_GETTING_KEY              ,"failed getting key"},
-{STORE_R_FAILED_GETTING_NUMBER           ,"failed getting number"},
-{STORE_R_FAILED_LISTING_CERTIFICATES     ,"failed listing certificates"},
-{STORE_R_FAILED_LISTING_KEYS             ,"failed listing keys"},
-{STORE_R_FAILED_MODIFYING_ARBITRARY      ,"failed modifying arbitrary"},
-{STORE_R_FAILED_MODIFYING_CERTIFICATE    ,"failed modifying certificate"},
-{STORE_R_FAILED_MODIFYING_CRL            ,"failed modifying crl"},
-{STORE_R_FAILED_MODIFYING_NUMBER         ,"failed modifying number"},
-{STORE_R_FAILED_MODIFYING_PRIVATE_KEY    ,"failed modifying private key"},
-{STORE_R_FAILED_MODIFYING_PUBLIC_KEY     ,"failed modifying public key"},
-{STORE_R_FAILED_REVOKING_CERTIFICATE     ,"failed revoking certificate"},
-{STORE_R_FAILED_REVOKING_KEY             ,"failed revoking key"},
-{STORE_R_FAILED_STORING_ARBITRARY        ,"failed storing arbitrary"},
-{STORE_R_FAILED_STORING_CERTIFICATE      ,"failed storing certificate"},
-{STORE_R_FAILED_STORING_KEY              ,"failed storing key"},
-{STORE_R_FAILED_STORING_NUMBER           ,"failed storing number"},
-{STORE_R_NOT_IMPLEMENTED                 ,"not implemented"},
-{STORE_R_NO_CONTROL_FUNCTION             ,"no control function"},
-{STORE_R_NO_DELETE_ARBITRARY_FUNCTION    ,"no delete arbitrary function"},
-{STORE_R_NO_DELETE_NUMBER_FUNCTION       ,"no delete number function"},
-{STORE_R_NO_DELETE_OBJECT_FUNCTION       ,"no delete object function"},
-{STORE_R_NO_GENERATE_CRL_FUNCTION        ,"no generate crl function"},
-{STORE_R_NO_GENERATE_OBJECT_FUNCTION     ,"no generate object function"},
-{STORE_R_NO_GET_OBJECT_ARBITRARY_FUNCTION,"no get object arbitrary function"},
-{STORE_R_NO_GET_OBJECT_FUNCTION          ,"no get object function"},
-{STORE_R_NO_GET_OBJECT_NUMBER_FUNCTION   ,"no get object number function"},
-{STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION    ,"no list object endp function"},
-{STORE_R_NO_LIST_OBJECT_END_FUNCTION     ,"no list object end function"},
-{STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION    ,"no list object next function"},
-{STORE_R_NO_LIST_OBJECT_START_FUNCTION   ,"no list object start function"},
-{STORE_R_NO_MODIFY_OBJECT_FUNCTION       ,"no modify object function"},
-{STORE_R_NO_REVOKE_OBJECT_FUNCTION       ,"no revoke object function"},
-{STORE_R_NO_STORE                        ,"no store"},
-{STORE_R_NO_STORE_OBJECT_ARBITRARY_FUNCTION,"no store object arbitrary function"},
-{STORE_R_NO_STORE_OBJECT_FUNCTION        ,"no store object function"},
-{STORE_R_NO_STORE_OBJECT_NUMBER_FUNCTION ,"no store object number function"},
-{STORE_R_NO_VALUE                        ,"no value"},
+{ERR_REASON(STORE_R_ALREADY_HAS_A_VALUE) ,"already has a value"},
+{ERR_REASON(STORE_R_FAILED_DELETING_ARBITRARY),"failed deleting arbitrary"},
+{ERR_REASON(STORE_R_FAILED_DELETING_CERTIFICATE),"failed deleting certificate"},
+{ERR_REASON(STORE_R_FAILED_DELETING_KEY) ,"failed deleting key"},
+{ERR_REASON(STORE_R_FAILED_DELETING_NUMBER),"failed deleting number"},
+{ERR_REASON(STORE_R_FAILED_GENERATING_CRL),"failed generating crl"},
+{ERR_REASON(STORE_R_FAILED_GENERATING_KEY),"failed generating key"},
+{ERR_REASON(STORE_R_FAILED_GETTING_ARBITRARY),"failed getting arbitrary"},
+{ERR_REASON(STORE_R_FAILED_GETTING_CERTIFICATE),"failed getting certificate"},
+{ERR_REASON(STORE_R_FAILED_GETTING_KEY)  ,"failed getting key"},
+{ERR_REASON(STORE_R_FAILED_GETTING_NUMBER),"failed getting number"},
+{ERR_REASON(STORE_R_FAILED_LISTING_CERTIFICATES),"failed listing certificates"},
+{ERR_REASON(STORE_R_FAILED_LISTING_KEYS) ,"failed listing keys"},
+{ERR_REASON(STORE_R_FAILED_MODIFYING_ARBITRARY),"failed modifying arbitrary"},
+{ERR_REASON(STORE_R_FAILED_MODIFYING_CERTIFICATE),"failed modifying certificate"},
+{ERR_REASON(STORE_R_FAILED_MODIFYING_CRL),"failed modifying crl"},
+{ERR_REASON(STORE_R_FAILED_MODIFYING_NUMBER),"failed modifying number"},
+{ERR_REASON(STORE_R_FAILED_MODIFYING_PRIVATE_KEY),"failed modifying private key"},
+{ERR_REASON(STORE_R_FAILED_MODIFYING_PUBLIC_KEY),"failed modifying public key"},
+{ERR_REASON(STORE_R_FAILED_REVOKING_CERTIFICATE),"failed revoking certificate"},
+{ERR_REASON(STORE_R_FAILED_REVOKING_KEY) ,"failed revoking key"},
+{ERR_REASON(STORE_R_FAILED_STORING_ARBITRARY),"failed storing arbitrary"},
+{ERR_REASON(STORE_R_FAILED_STORING_CERTIFICATE),"failed storing certificate"},
+{ERR_REASON(STORE_R_FAILED_STORING_KEY)  ,"failed storing key"},
+{ERR_REASON(STORE_R_FAILED_STORING_NUMBER),"failed storing number"},
+{ERR_REASON(STORE_R_NOT_IMPLEMENTED)     ,"not implemented"},
+{ERR_REASON(STORE_R_NO_CONTROL_FUNCTION) ,"no control function"},
+{ERR_REASON(STORE_R_NO_DELETE_ARBITRARY_FUNCTION),"no delete arbitrary function"},
+{ERR_REASON(STORE_R_NO_DELETE_NUMBER_FUNCTION),"no delete number function"},
+{ERR_REASON(STORE_R_NO_DELETE_OBJECT_FUNCTION),"no delete object function"},
+{ERR_REASON(STORE_R_NO_GENERATE_CRL_FUNCTION),"no generate crl function"},
+{ERR_REASON(STORE_R_NO_GENERATE_OBJECT_FUNCTION),"no generate object function"},
+{ERR_REASON(STORE_R_NO_GET_OBJECT_ARBITRARY_FUNCTION),"no get object arbitrary function"},
+{ERR_REASON(STORE_R_NO_GET_OBJECT_FUNCTION),"no get object function"},
+{ERR_REASON(STORE_R_NO_GET_OBJECT_NUMBER_FUNCTION),"no get object number function"},
+{ERR_REASON(STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION),"no list object endp function"},
+{ERR_REASON(STORE_R_NO_LIST_OBJECT_END_FUNCTION),"no list object end function"},
+{ERR_REASON(STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION),"no list object next function"},
+{ERR_REASON(STORE_R_NO_LIST_OBJECT_START_FUNCTION),"no list object start function"},
+{ERR_REASON(STORE_R_NO_MODIFY_OBJECT_FUNCTION),"no modify object function"},
+{ERR_REASON(STORE_R_NO_REVOKE_OBJECT_FUNCTION),"no revoke object function"},
+{ERR_REASON(STORE_R_NO_STORE)            ,"no store"},
+{ERR_REASON(STORE_R_NO_STORE_OBJECT_ARBITRARY_FUNCTION),"no store object arbitrary function"},
+{ERR_REASON(STORE_R_NO_STORE_OBJECT_FUNCTION),"no store object function"},
+{ERR_REASON(STORE_R_NO_STORE_OBJECT_NUMBER_FUNCTION),"no store object number function"},
+{ERR_REASON(STORE_R_NO_VALUE)            ,"no value"},
 {0,NULL}
 	};
 
@@ -192,15 +200,12 @@ static ERR_STRING_DATA STORE_str_reasons[]=
 
 void ERR_load_STORE_strings(void)
 	{
-	static int init=1;
-
-	if (init)
-		{
-		init=0;
 #ifndef OPENSSL_NO_ERR
-		ERR_load_strings(ERR_LIB_STORE,STORE_str_functs);
-		ERR_load_strings(ERR_LIB_STORE,STORE_str_reasons);
-#endif
 
+	if (ERR_func_error_string(STORE_str_functs[0].error) == NULL)
+		{
+		ERR_load_strings(0,STORE_str_functs);
+		ERR_load_strings(0,STORE_str_reasons);
 		}
+#endif
 	}
diff --git a/crypto/store/str_lib.c b/crypto/store/str_lib.c
index 7e59ee1d06..f1dbcbd0e0 100644
--- a/crypto/store/str_lib.c
+++ b/crypto/store/str_lib.c
@@ -59,7 +59,9 @@
 #include <string.h>
 #include <openssl/bn.h>
 #include <openssl/err.h>
+#ifndef OPENSSL_NO_ENGINE
 #include <openssl/engine.h>
+#endif
 #include <openssl/sha.h>
 #include <openssl/x509.h>
 #include "str_locl.h"
@@ -190,7 +192,7 @@ int STORE_ctrl(STORE *store, int cmd, long i, void *p, void (*f)(void))
 	{
 	if (store == NULL)
 		{
-		STOREerr(STORE_F_CTRL,ERR_R_PASSED_NULL_PARAMETER);
+		STOREerr(STORE_F_STORE_CTRL,ERR_R_PASSED_NULL_PARAMETER);
 		return 0;
 		}
 	if (store->meth->ctrl)
@@ -234,7 +236,7 @@ const STORE_METHOD *STORE_set_method(STORE *store, const STORE_METHOD *meth)
 #define check_store(s,fncode,fnname,fnerrcode) \
 	do \
 		{ \
-		if ((s) == NULL || (s)->meth) \
+		if ((s) == NULL || (s)->meth == NULL) \
 			{ \
 			STOREerr((fncode), ERR_R_PASSED_NULL_PARAMETER); \
 			return 0; \
@@ -287,7 +289,7 @@ int STORE_store_certificate(STORE *s, X509 *data, OPENSSL_ITEM attributes[],
 	object = STORE_OBJECT_new();
 	if (!object)
 		{
-		STOREerr(STORE_F_STORE_CERTIFICATE,
+		STOREerr(STORE_F_STORE_STORE_CERTIFICATE,
 			ERR_R_MALLOC_FAILURE);
 		return 0;
 		}
@@ -305,7 +307,7 @@ int STORE_store_certificate(STORE *s, X509 *data, OPENSSL_ITEM attributes[],
 
 	if (!i)
 		{
-		STOREerr(STORE_F_STORE_CERTIFICATE,
+		STOREerr(STORE_F_STORE_STORE_CERTIFICATE,
 			STORE_R_FAILED_STORING_CERTIFICATE);
 		return 0;
 		}
@@ -491,20 +493,20 @@ int STORE_store_private_key(STORE *s, EVP_PKEY *data, OPENSSL_ITEM attributes[],
 	STORE_OBJECT *object;
 	int i;
 
-	check_store(s,STORE_F_STORE_PRIVATE_KEY,
+	check_store(s,STORE_F_STORE_STORE_PRIVATE_KEY,
 		store_object,STORE_R_NO_STORE_OBJECT_FUNCTION);
 
 	object = STORE_OBJECT_new();
 	if (!object)
 		{
-		STOREerr(STORE_F_STORE_PRIVATE_KEY,
+		STOREerr(STORE_F_STORE_STORE_PRIVATE_KEY,
 			ERR_R_MALLOC_FAILURE);
 		return 0;
 		}
 	object->data.key = EVP_PKEY_new();
 	if (!object->data.key)
 		{
-		STOREerr(STORE_F_STORE_PRIVATE_KEY,
+		STOREerr(STORE_F_STORE_STORE_PRIVATE_KEY,
 			ERR_R_MALLOC_FAILURE);
 		return 0;
 		}
@@ -522,7 +524,7 @@ int STORE_store_private_key(STORE *s, EVP_PKEY *data, OPENSSL_ITEM attributes[],
 
 	if (!i)
 		{
-		STOREerr(STORE_F_STORE_PRIVATE_KEY,
+		STOREerr(STORE_F_STORE_STORE_PRIVATE_KEY,
 			STORE_R_FAILED_STORING_KEY);
 		return 0;
 		}
@@ -686,20 +688,20 @@ int STORE_store_public_key(STORE *s, EVP_PKEY *data, OPENSSL_ITEM attributes[],
 	STORE_OBJECT *object;
 	int i;
 
-	check_store(s,STORE_F_STORE_PUBLIC_KEY,
+	check_store(s,STORE_F_STORE_STORE_PUBLIC_KEY,
 		store_object,STORE_R_NO_STORE_OBJECT_FUNCTION);
 
 	object = STORE_OBJECT_new();
 	if (!object)
 		{
-		STOREerr(STORE_F_STORE_PUBLIC_KEY,
+		STOREerr(STORE_F_STORE_STORE_PUBLIC_KEY,
 			ERR_R_MALLOC_FAILURE);
 		return 0;
 		}
 	object->data.key = EVP_PKEY_new();
 	if (!object->data.key)
 		{
-		STOREerr(STORE_F_STORE_PUBLIC_KEY,
+		STOREerr(STORE_F_STORE_STORE_PUBLIC_KEY,
 			ERR_R_MALLOC_FAILURE);
 		return 0;
 		}
@@ -717,7 +719,7 @@ int STORE_store_public_key(STORE *s, EVP_PKEY *data, OPENSSL_ITEM attributes[],
 
 	if (!i)
 		{
-		STOREerr(STORE_F_STORE_PUBLIC_KEY,
+		STOREerr(STORE_F_STORE_STORE_PUBLIC_KEY,
 			STORE_R_FAILED_STORING_KEY);
 		return 0;
 		}
@@ -907,13 +909,13 @@ int STORE_store_crl(STORE *s, X509_CRL *data, OPENSSL_ITEM attributes[],
 	STORE_OBJECT *object;
 	int i;
 
-	check_store(s,STORE_F_STORE_CRL,
+	check_store(s,STORE_F_STORE_STORE_CRL,
 		store_object,STORE_R_NO_STORE_OBJECT_FUNCTION);
 
 	object = STORE_OBJECT_new();
 	if (!object)
 		{
-		STOREerr(STORE_F_STORE_CRL,
+		STOREerr(STORE_F_STORE_STORE_CRL,
 			ERR_R_MALLOC_FAILURE);
 		return 0;
 		}
@@ -931,7 +933,7 @@ int STORE_store_crl(STORE *s, X509_CRL *data, OPENSSL_ITEM attributes[],
 
 	if (!i)
 		{
-		STOREerr(STORE_F_STORE_CRL,
+		STOREerr(STORE_F_STORE_STORE_CRL,
 			STORE_R_FAILED_STORING_KEY);
 		return 0;
 		}
@@ -1049,13 +1051,13 @@ int STORE_store_number(STORE *s, BIGNUM *data, OPENSSL_ITEM attributes[],
 	STORE_OBJECT *object;
 	int i;
 
-	check_store(s,STORE_F_STORE_NUMBER,
+	check_store(s,STORE_F_STORE_STORE_NUMBER,
 		store_object,STORE_R_NO_STORE_OBJECT_NUMBER_FUNCTION);
 
 	object = STORE_OBJECT_new();
 	if (!object)
 		{
-		STOREerr(STORE_F_STORE_NUMBER,
+		STOREerr(STORE_F_STORE_STORE_NUMBER,
 			ERR_R_MALLOC_FAILURE);
 		return 0;
 		}
@@ -1069,7 +1071,7 @@ int STORE_store_number(STORE *s, BIGNUM *data, OPENSSL_ITEM attributes[],
 
 	if (!i)
 		{
-		STOREerr(STORE_F_STORE_NUMBER,
+		STOREerr(STORE_F_STORE_STORE_NUMBER,
 			STORE_R_FAILED_STORING_NUMBER);
 		return 0;
 		}
@@ -1139,13 +1141,13 @@ int STORE_store_arbitrary(STORE *s, BUF_MEM *data, OPENSSL_ITEM attributes[],
 	STORE_OBJECT *object;
 	int i;
 
-	check_store(s,STORE_F_STORE_ARBITRARY,
+	check_store(s,STORE_F_STORE_STORE_ARBITRARY,
 		store_object,STORE_R_NO_STORE_OBJECT_ARBITRARY_FUNCTION);
 
 	object = STORE_OBJECT_new();
 	if (!object)
 		{
-		STOREerr(STORE_F_STORE_ARBITRARY,
+		STOREerr(STORE_F_STORE_STORE_ARBITRARY,
 			ERR_R_MALLOC_FAILURE);
 		return 0;
 		}
@@ -1159,7 +1161,7 @@ int STORE_store_arbitrary(STORE *s, BUF_MEM *data, OPENSSL_ITEM attributes[],
 
 	if (!i)
 		{
-		STOREerr(STORE_F_STORE_ARBITRARY,
+		STOREerr(STORE_F_STORE_STORE_ARBITRARY,
 			STORE_R_FAILED_STORING_ARBITRARY);
 		return 0;
 		}
@@ -1414,7 +1416,7 @@ int STORE_ATTR_INFO_set_sha1str(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
 			    (unsigned char *)BUF_memdup(sha1str,
 				    sha1str_size)))
 			return 1;
-		STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR,
+		STOREerr(STORE_F_STORE_ATTR_INFO_SET_SHA1STR,
 			ERR_R_MALLOC_FAILURE);
 		return 0;
 		}
@@ -1434,7 +1436,7 @@ int STORE_ATTR_INFO_set_dn(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
 		{
 		if ((attrs->values[code].dn = X509_NAME_dup(dn)))
 			return 1;
-		STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR,
+		STOREerr(STORE_F_STORE_ATTR_INFO_SET_DN,
 			ERR_R_MALLOC_FAILURE);
 		return 0;
 		}
@@ -1454,7 +1456,7 @@ int STORE_ATTR_INFO_set_number(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
 		{
 		if ((attrs->values[code].number = BN_dup(number)))
 			return 1;
-		STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR,
+		STOREerr(STORE_F_STORE_ATTR_INFO_SET_NUMBER,
 			ERR_R_MALLOC_FAILURE);
 		return 0;
 		}
@@ -1543,11 +1545,11 @@ void *STORE_parse_attrs_start(OPENSSL_ITEM *attributes)
 		if (context)
 			context->attributes = attributes;
 		else
-			STOREerr(STORE_F_STORE_PARSE_ATTRS_END,
+			STOREerr(STORE_F_STORE_PARSE_ATTRS_START,
 				ERR_R_MALLOC_FAILURE);
 		return context;
 		}
-	STOREerr(STORE_F_STORE_PARSE_ATTRS_END, ERR_R_PASSED_NULL_PARAMETER);
+	STOREerr(STORE_F_STORE_PARSE_ATTRS_START, ERR_R_PASSED_NULL_PARAMETER);
 	return 0;
 	}
 STORE_ATTR_INFO *STORE_parse_attrs_next(void *handle)
@@ -1663,12 +1665,12 @@ int STORE_parse_attrs_endp(void *handle)
 		{
 		return context->attributes->code == STORE_ATTR_END;
 		}
-	STOREerr(STORE_F_STORE_PARSE_ATTRS_END, ERR_R_PASSED_NULL_PARAMETER);
+	STOREerr(STORE_F_STORE_PARSE_ATTRS_ENDP, ERR_R_PASSED_NULL_PARAMETER);
 	return 0;
 	}
 
 static int attr_info_compare_compute_range(
-	unsigned char *abits, unsigned char *bbits,
+	const unsigned char *abits, const unsigned char *bbits,
 	unsigned int *alowp, unsigned int *ahighp,
 	unsigned int *blowp, unsigned int *bhighp)
 	{
@@ -1737,13 +1739,15 @@ static int attr_info_compare_compute_range(
 	return res;
 	}
 
-int STORE_ATTR_INFO_compare(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b)
+int STORE_ATTR_INFO_compare(const STORE_ATTR_INFO * const *a,
+			    const STORE_ATTR_INFO * const *b)
 	{
 	if (a == b) return 0;
 	if (!a) return -1;
 	if (!b) return 1;
-	return attr_info_compare_compute_range(a->set, b->set, 0, 0, 0, 0);
+	return attr_info_compare_compute_range((*a)->set, (*b)->set, 0, 0, 0, 0);
 	}
+
 int STORE_ATTR_INFO_in_range(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b)
 	{
 	unsigned int alow, ahigh, blow, bhigh;
@@ -1757,6 +1761,7 @@ int STORE_ATTR_INFO_in_range(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b)
 		return 1;
 	return 0;
 	}
+
 int STORE_ATTR_INFO_in(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b)
 	{
 	unsigned char *abits, *bbits;
@@ -1774,6 +1779,7 @@ int STORE_ATTR_INFO_in(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b)
 		}
 	return 1;
 	}
+
 int STORE_ATTR_INFO_in_ex(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b)
 	{
 	STORE_ATTR_TYPES i;
diff --git a/crypto/store/str_mem.c b/crypto/store/str_mem.c
index 77603e1814..8ac4f7e55c 100644
--- a/crypto/store/str_mem.c
+++ b/crypto/store/str_mem.c
@@ -76,30 +76,35 @@
    attribute type code).
 */
 
-struct mem_object_data_st
+typedef struct mem_object_data_st
 	{
 	STORE_OBJECT *object;
 	STORE_ATTR_INFO *attr_info;
 	int references;
-	};
+	} MEM_OBJECT_DATA;
 
+DECLARE_STACK_OF(MEM_OBJECT_DATA)
 struct mem_data_st
 	{
-	STACK *data;		/* A stack of mem_object_data_st,
-				   sorted with STORE_ATTR_INFO_compare(). */
+	STACK_OF(MEM_OBJECT_DATA) *data; /* sorted with
+					  * STORE_ATTR_INFO_compare(). */
 	unsigned int compute_components : 1; /* Currently unused, but can
 						be used to add attributes
 						from parts of the data. */
 	};
 
+DECLARE_STACK_OF(STORE_ATTR_INFO)
 struct mem_ctx_st
 	{
 	int type;		/* The type we're searching for */
-	STACK *search_attributes; /* Sets of attributes to search for.
-				     Each element is a STORE_ATTR_INFO. */
-	int search_index;	/* which of the search attributes we found a match
-				   for, -1 when we still haven't found any */
-	int index;		/* -1 as long as we're searching for the first */
+	STACK_OF(STORE_ATTR_INFO) *search_attributes; /* Sets of
+				     attributes to search for.  Each
+				     element is a STORE_ATTR_INFO. */
+	int search_index;	/* which of the search attributes we
+				   found a match for, -1 when we still
+				   haven't found any */
+	int index;		/* -1 as long as we're searching for
+                                    the first */
 	};
 
 static int mem_init(STORE *s);
@@ -196,7 +201,7 @@ static int mem_modify(STORE *s, STORE_OBJECT_TYPES type,
 	OPENSSL_ITEM modify_attributes[], OPENSSL_ITEM delete_attributes[],
 	OPENSSL_ITEM parameters[])
 	{
-	STOREerr(STORE_F_MEM_STORE, STORE_R_NOT_IMPLEMENTED);
+	STOREerr(STORE_F_MEM_MODIFY, STORE_R_NOT_IMPLEMENTED);
 	return 0;
 	}
 static int mem_delete(STORE *s, STORE_OBJECT_TYPES type,
@@ -240,7 +245,7 @@ static void *mem_list_start(STORE *s, STORE_OBJECT_TYPES type,
 		if (context->search_attributes == NULL)
 			{
 			context->search_attributes =
-				sk_new((int (*)(const char * const *, const char * const *))STORE_ATTR_INFO_compare);
+				sk_STORE_ATTR_INFO_new(STORE_ATTR_INFO_compare);
 			if (!context->search_attributes)
 				{
 				STOREerr(STORE_F_MEM_LIST_START,
@@ -248,7 +253,7 @@ static void *mem_list_start(STORE *s, STORE_OBJECT_TYPES type,
 				goto err;
 				}
 			}
-		sk_push(context->search_attributes,(char *)attrs);
+		sk_STORE_ATTR_INFO_push(context->search_attributes,attrs);
 		}
 	if (!STORE_parse_attrs_endp(attribute_context))
 		goto err;
@@ -284,11 +289,14 @@ static STORE_OBJECT *mem_list_next(STORE *s, void *handle)
 
 	if (context->search_index == -1)
 		{
-		for (i = 0; i < sk_num(context->search_attributes); i++)
+		for (i = 0;
+		     i < sk_STORE_ATTR_INFO_num(context->search_attributes);
+		     i++)
 			{
-			key.attr_info =
-				(STORE_ATTR_INFO *)sk_value(context->search_attributes, i);
-			srch = sk_find_ex(store->data, (char *)&key);
+			key.attr_info
+			  = sk_STORE_ATTR_INFO_value(context->search_attributes,
+						     i);
+			srch = sk_MEM_OBJECT_DATA_find_ex(store->data, &key);
 
 			if (srch >= 0)
 				{
@@ -301,21 +309,20 @@ static STORE_OBJECT *mem_list_next(STORE *s, void *handle)
 		return NULL;
 	
 	key.attr_info =
-		(STORE_ATTR_INFO *)sk_value(context->search_attributes,
-			context->search_index);
+		sk_STORE_ATTR_INFO_value(context->search_attributes,
+					 context->search_index);
 	for(srch = context->search_index;
-	    srch < sk_num(store->data)
+	    srch < sk_MEM_OBJECT_DATA_num(store->data)
 		    && STORE_ATTR_INFO_in_range(key.attr_info,
-			    (STORE_ATTR_INFO *)sk_value(store->data, srch))
+			    sk_MEM_OBJECT_DATA_value(store->data, srch)->attr_info)
 		    && !(cres = STORE_ATTR_INFO_in_ex(key.attr_info,
-				 (STORE_ATTR_INFO *)sk_value(store->data, srch)));
+				 sk_MEM_OBJECT_DATA_value(store->data, srch)->attr_info));
 	    srch++)
 		;
 
 	context->search_index = srch;
 	if (cres)
-		return ((struct mem_object_data_st *)sk_value(store->data,
-				srch))->object;
+		return (sk_MEM_OBJECT_DATA_value(store->data, srch))->object;
 	return NULL;
 	}
 static int mem_list_end(STORE *s, void *handle)
@@ -324,11 +331,11 @@ static int mem_list_end(STORE *s, void *handle)
 
 	if (!context)
 		{
-		STOREerr(STORE_F_MEM_LIST_NEXT, ERR_R_PASSED_NULL_PARAMETER);
+		STOREerr(STORE_F_MEM_LIST_END, ERR_R_PASSED_NULL_PARAMETER);
 		return 0;
 		}
 	if (context && context->search_attributes)
-		sk_free(context->search_attributes);
+		sk_STORE_ATTR_INFO_free(context->search_attributes);
 	if (context) OPENSSL_free(context);
 	return 1;
 	}
@@ -337,7 +344,8 @@ static int mem_list_endp(STORE *s, void *handle)
 	struct mem_ctx_st *context = (struct mem_ctx_st *)handle;
 
 	if (!context
-		|| context->search_index == sk_num(context->search_attributes))
+	    || context->search_index
+	       == sk_STORE_ATTR_INFO_num(context->search_attributes))
 		return 1;
 	return 0;
 	}
diff --git a/crypto/store/str_meth.c b/crypto/store/str_meth.c
index 648c08d76d..a46de03a26 100644
--- a/crypto/store/str_meth.c
+++ b/crypto/store/str_meth.c
@@ -65,8 +65,10 @@ STORE_METHOD *STORE_create_method(char *name)
 	STORE_METHOD *store_method = (STORE_METHOD *)OPENSSL_malloc(sizeof(STORE_METHOD));
 
 	if (store_method)
+		{
 		memset(store_method, 0, sizeof(*store_method));
-	store_method->name = BUF_strdup(name);
+		store_method->name = BUF_strdup(name);
+		}
 	return store_method;
 	}
 
diff --git a/crypto/symhacks.h b/crypto/symhacks.h
index 7e3602d2ea..151b683140 100644
--- a/crypto/symhacks.h
+++ b/crypto/symhacks.h
@@ -60,6 +60,11 @@
 /* Hacks to solve the problem with linkers incapable of handling very long
    symbol names.  In the case of VMS, the limit is 31 characters on VMS for
    VAX. */
+/* Note that this affects util/libeay.num and util/ssleay.num...  you may
+   change those manually, but that's not recommended, as those files are
+   controlled centrally and updated on Unix, and the central definition
+   may disagree with yours, which in turn may come with shareable library
+   incompatibilities. */
 #ifdef OPENSSL_SYS_VMS
 
 /* Hack a long name in crypto/ex_data.c */
@@ -133,6 +138,8 @@
 #define X509_policy_node_get0_qualifiers	X509_pcy_node_get0_qualifiers
 #undef X509_STORE_CTX_get_explicit_policy
 #define X509_STORE_CTX_get_explicit_policy	X509_STORE_CTX_get_expl_policy
+#undef X509_STORE_CTX_get0_current_issuer
+#define X509_STORE_CTX_get0_current_issuer	X509_STORE_CTX_get0_cur_issuer
 
 /* Hack some long CRYPTO names */
 #undef CRYPTO_set_dynlock_destroy_callback
@@ -140,9 +147,9 @@
 #undef CRYPTO_set_dynlock_create_callback
 #define CRYPTO_set_dynlock_create_callback      CRYPTO_set_dynlock_create_cb
 #undef CRYPTO_set_dynlock_lock_callback
-#define CRYPTO_set_dynlock_lock_callback        CRYPTO_set_dynlock_lock_cb
+#define CRYPTO_set_dynlock_lock_callback	CRYPTO_set_dynlock_lock_cb
 #undef CRYPTO_get_dynlock_lock_callback
-#define CRYPTO_get_dynlock_lock_callback        CRYPTO_get_dynlock_lock_cb
+#define CRYPTO_get_dynlock_lock_callback	CRYPTO_get_dynlock_lock_cb
 #undef CRYPTO_get_dynlock_destroy_callback
 #define CRYPTO_get_dynlock_destroy_callback     CRYPTO_get_dynlock_destroy_cb
 #undef CRYPTO_get_dynlock_create_callback
@@ -154,7 +161,7 @@
 
 /* Hack some long SSL names */
 #undef SSL_CTX_set_default_verify_paths
-#define SSL_CTX_set_default_verify_paths        SSL_CTX_set_def_verify_paths
+#define SSL_CTX_set_default_verify_paths	SSL_CTX_set_def_verify_paths
 #undef SSL_get_ex_data_X509_STORE_CTX_idx
 #define SSL_get_ex_data_X509_STORE_CTX_idx      SSL_get_ex_d_X509_STORE_CTX_idx
 #undef SSL_add_file_cert_subjects_to_stack
@@ -164,25 +171,47 @@
 #undef SSL_CTX_use_certificate_chain_file
 #define SSL_CTX_use_certificate_chain_file      SSL_CTX_use_cert_chain_file
 #undef SSL_CTX_set_cert_verify_callback
-#define SSL_CTX_set_cert_verify_callback        SSL_CTX_set_cert_verify_cb
+#define SSL_CTX_set_cert_verify_callback	SSL_CTX_set_cert_verify_cb
 #undef SSL_CTX_set_default_passwd_cb_userdata
 #define SSL_CTX_set_default_passwd_cb_userdata  SSL_CTX_set_def_passwd_cb_ud
 #undef SSL_COMP_get_compression_methods
 #define SSL_COMP_get_compression_methods	SSL_COMP_get_compress_methods
 
+#undef ssl_add_clienthello_renegotiate_ext
+#define ssl_add_clienthello_renegotiate_ext	ssl_add_clienthello_reneg_ext
+#undef ssl_add_serverhello_renegotiate_ext
+#define ssl_add_serverhello_renegotiate_ext	ssl_add_serverhello_reneg_ext
+#undef ssl_parse_clienthello_renegotiate_ext
+#define ssl_parse_clienthello_renegotiate_ext	ssl_parse_clienthello_reneg_ext
+#undef ssl_parse_serverhello_renegotiate_ext
+#define ssl_parse_serverhello_renegotiate_ext	ssl_parse_serverhello_reneg_ext
+
 /* Hack some long ENGINE names */
 #undef ENGINE_get_default_BN_mod_exp_crt
 #define ENGINE_get_default_BN_mod_exp_crt	ENGINE_get_def_BN_mod_exp_crt
 #undef ENGINE_set_default_BN_mod_exp_crt
 #define ENGINE_set_default_BN_mod_exp_crt	ENGINE_set_def_BN_mod_exp_crt
 #undef ENGINE_set_load_privkey_function
-#define ENGINE_set_load_privkey_function        ENGINE_set_load_privkey_fn
+#define ENGINE_set_load_privkey_function	ENGINE_set_load_privkey_fn
 #undef ENGINE_get_load_privkey_function
-#define ENGINE_get_load_privkey_function        ENGINE_get_load_privkey_fn
+#define ENGINE_get_load_privkey_function	ENGINE_get_load_privkey_fn
+#undef ENGINE_unregister_pkey_asn1_meths
+#define ENGINE_unregister_pkey_asn1_meths	ENGINE_unreg_pkey_asn1_meths
+#undef ENGINE_register_all_pkey_asn1_meths
+#define ENGINE_register_all_pkey_asn1_meths	ENGINE_reg_all_pkey_asn1_meths
+#undef ENGINE_set_default_pkey_asn1_meths
+#define ENGINE_set_default_pkey_asn1_meths	ENGINE_set_def_pkey_asn1_meths
+#undef ENGINE_get_pkey_asn1_meth_engine
+#define ENGINE_get_pkey_asn1_meth_engine	ENGINE_get_pkey_asn1_meth_eng
+#undef ENGINE_set_load_ssl_client_cert_function
+#define ENGINE_set_load_ssl_client_cert_function \
+						ENGINE_set_ld_ssl_clnt_cert_fn
+#undef ENGINE_get_ssl_client_cert_function
+#define ENGINE_get_ssl_client_cert_function	ENGINE_get_ssl_client_cert_fn
 
 /* Hack some long OCSP names */
 #undef OCSP_REQUEST_get_ext_by_critical
-#define OCSP_REQUEST_get_ext_by_critical        OCSP_REQUEST_get_ext_by_crit
+#define OCSP_REQUEST_get_ext_by_critical	OCSP_REQUEST_get_ext_by_crit
 #undef OCSP_BASICRESP_get_ext_by_critical
 #define OCSP_BASICRESP_get_ext_by_critical      OCSP_BASICRESP_get_ext_by_crit
 #undef OCSP_SINGLERESP_get_ext_by_critical
@@ -199,6 +228,8 @@
 #define OPENSSL_add_all_algorithms_noconf	OPENSSL_add_all_algo_noconf
 #undef OPENSSL_add_all_algorithms_conf
 #define OPENSSL_add_all_algorithms_conf		OPENSSL_add_all_algo_conf
+#undef EVP_PKEY_meth_set_verify_recover
+#define EVP_PKEY_meth_set_verify_recover	EVP_PKEY_meth_set_vrfy_recover
 
 /* Hack some long EC names */
 #undef EC_GROUP_set_point_conversion_form
@@ -227,15 +258,15 @@
 #define EC_POINT_set_compressed_coordinates_GF2m \
                                                 EC_POINT_set_compr_coords_GF2m
 #undef ec_GF2m_simple_group_clear_finish
-#define ec_GF2m_simple_group_clear_finish        ec_GF2m_simple_grp_clr_finish
+#define ec_GF2m_simple_group_clear_finish	ec_GF2m_simple_grp_clr_finish
 #undef ec_GF2m_simple_group_check_discriminant
 #define ec_GF2m_simple_group_check_discriminant	ec_GF2m_simple_grp_chk_discrim
 #undef ec_GF2m_simple_point_clear_finish
-#define ec_GF2m_simple_point_clear_finish        ec_GF2m_simple_pt_clr_finish
+#define ec_GF2m_simple_point_clear_finish	ec_GF2m_simple_pt_clr_finish
 #undef ec_GF2m_simple_point_set_to_infinity
-#define ec_GF2m_simple_point_set_to_infinity     ec_GF2m_simple_pt_set_to_inf
+#define ec_GF2m_simple_point_set_to_infinity	ec_GF2m_simple_pt_set_to_inf
 #undef ec_GF2m_simple_points_make_affine
-#define ec_GF2m_simple_points_make_affine        ec_GF2m_simple_pts_make_affine
+#define ec_GF2m_simple_points_make_affine	ec_GF2m_simple_pts_make_affine
 #undef ec_GF2m_simple_point_set_affine_coordinates
 #define ec_GF2m_simple_point_set_affine_coordinates \
                                                 ec_GF2m_smp_pt_set_af_coords
@@ -250,19 +281,19 @@
 #undef ec_GFp_simple_group_get_curve_GFp
 #define ec_GFp_simple_group_get_curve_GFp       ec_GFp_simple_grp_get_curve_GFp
 #undef ec_GFp_simple_group_clear_finish
-#define ec_GFp_simple_group_clear_finish        ec_GFp_simple_grp_clear_finish
+#define ec_GFp_simple_group_clear_finish	ec_GFp_simple_grp_clear_finish
 #undef ec_GFp_simple_group_set_generator
 #define ec_GFp_simple_group_set_generator       ec_GFp_simple_grp_set_generator
 #undef ec_GFp_simple_group_get0_generator
 #define ec_GFp_simple_group_get0_generator      ec_GFp_simple_grp_gt0_generator
 #undef ec_GFp_simple_group_get_cofactor
-#define ec_GFp_simple_group_get_cofactor        ec_GFp_simple_grp_get_cofactor
+#define ec_GFp_simple_group_get_cofactor	ec_GFp_simple_grp_get_cofactor
 #undef ec_GFp_simple_point_clear_finish
-#define ec_GFp_simple_point_clear_finish        ec_GFp_simple_pt_clear_finish
+#define ec_GFp_simple_point_clear_finish	ec_GFp_simple_pt_clear_finish
 #undef ec_GFp_simple_point_set_to_infinity
 #define ec_GFp_simple_point_set_to_infinity     ec_GFp_simple_pt_set_to_inf
 #undef ec_GFp_simple_points_make_affine
-#define ec_GFp_simple_points_make_affine        ec_GFp_simple_pts_make_affine
+#define ec_GFp_simple_points_make_affine	ec_GFp_simple_pts_make_affine
 #undef ec_GFp_simple_group_get_curve_GFp
 #define ec_GFp_simple_group_get_curve_GFp       ec_GFp_simple_grp_get_curve_GFp
 #undef ec_GFp_simple_set_Jprojective_coordinates_GFp
@@ -342,24 +373,50 @@
 #undef STORE_method_get_unlock_store_function
 #define STORE_method_get_unlock_store_function	STORE_meth_get_unlock_store_fn
 
+/* Hack some long TS names */
+#undef TS_RESP_CTX_set_status_info_cond
+#define TS_RESP_CTX_set_status_info_cond	TS_RESP_CTX_set_stat_info_cond
+#undef TS_RESP_CTX_set_clock_precision_digits
+#define TS_RESP_CTX_set_clock_precision_digits	TS_RESP_CTX_set_clk_prec_digits
+#undef TS_CONF_set_clock_precision_digits
+#define TS_CONF_set_clock_precision_digits	TS_CONF_set_clk_prec_digits
+
+/* Hack some long CMS names */
+#undef CMS_RecipientInfo_ktri_get0_algs
+#define CMS_RecipientInfo_ktri_get0_algs	CMS_RecipInfo_ktri_get0_algs
+#undef CMS_RecipientInfo_ktri_get0_signer_id
+#define CMS_RecipientInfo_ktri_get0_signer_id	CMS_RecipInfo_ktri_get0_sigr_id
+#undef CMS_OtherRevocationInfoFormat_it
+#define CMS_OtherRevocationInfoFormat_it	CMS_OtherRevocInfoFormat_it
+#undef CMS_KeyAgreeRecipientIdentifier_it
+#define CMS_KeyAgreeRecipientIdentifier_it	CMS_KeyAgreeRecipIdentifier_it
+#undef CMS_OriginatorIdentifierOrKey_it
+#define CMS_OriginatorIdentifierOrKey_it	CMS_OriginatorIdOrKey_it
+#undef cms_SignerIdentifier_get0_signer_id
+#define cms_SignerIdentifier_get0_signer_id	cms_SignerId_get0_signer_id
+
+/* Hack some long DTLS1 names */
+#undef dtls1_retransmit_buffered_messages
+#define dtls1_retransmit_buffered_messages	dtls1_retransmit_buffered_msgs
+
 #endif /* defined OPENSSL_SYS_VMS */
 
 
-/* Case insensiteve linking causes problems.... */
-#if defined(OPENSSL_SYS_WIN16) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2)
+/* Case insensitive linking causes problems.... */
+#if defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2)
 #undef ERR_load_CRYPTO_strings
 #define ERR_load_CRYPTO_strings			ERR_load_CRYPTOlib_strings
 #undef OCSP_crlID_new
-#define OCSP_crlID_new                          OCSP_crlID2_new
+#define OCSP_crlID_new				OCSP_crlID2_new
 
 #undef d2i_ECPARAMETERS
-#define d2i_ECPARAMETERS                        d2i_UC_ECPARAMETERS
+#define d2i_ECPARAMETERS			d2i_UC_ECPARAMETERS
 #undef i2d_ECPARAMETERS
-#define i2d_ECPARAMETERS                        i2d_UC_ECPARAMETERS
+#define i2d_ECPARAMETERS			i2d_UC_ECPARAMETERS
 #undef d2i_ECPKPARAMETERS
-#define d2i_ECPKPARAMETERS                      d2i_UC_ECPKPARAMETERS
+#define d2i_ECPKPARAMETERS			d2i_UC_ECPKPARAMETERS
 #undef i2d_ECPKPARAMETERS
-#define i2d_ECPKPARAMETERS                      i2d_UC_ECPKPARAMETERS
+#define i2d_ECPKPARAMETERS			i2d_UC_ECPKPARAMETERS
 
 /* These functions do not seem to exist!  However, I'm paranoid...
    Original command in x509v3.h:
@@ -368,14 +425,17 @@
    hide them a little, by giving them an extra 'o' at the
    beginning of the name... */
 #undef X509v3_cleanup_extensions
-#define X509v3_cleanup_extensions               oX509v3_cleanup_extensions
+#define X509v3_cleanup_extensions		oX509v3_cleanup_extensions
 #undef X509v3_add_extension
-#define X509v3_add_extension                    oX509v3_add_extension
+#define X509v3_add_extension			oX509v3_add_extension
 #undef X509v3_add_netscape_extensions
-#define X509v3_add_netscape_extensions          oX509v3_add_netscape_extensions
+#define X509v3_add_netscape_extensions		oX509v3_add_netscape_extensions
 #undef X509v3_add_standard_extensions
-#define X509v3_add_standard_extensions          oX509v3_add_standard_extensions
+#define X509v3_add_standard_extensions		oX509v3_add_standard_extensions
 
+/* This one clashes with CMS_data_create */
+#undef cms_Data_create
+#define cms_Data_create				priv_cms_Data_create
 
 #endif
 
diff --git a/crypto/threads/mttest.c b/crypto/threads/mttest.c
index f6f3df4b6a..eba7aa8a6e 100644
--- a/crypto/threads/mttest.c
+++ b/crypto/threads/mttest.c
@@ -117,11 +117,13 @@ void solaris_locking_callback(int mode,int type,char *file,int line);
 void win32_locking_callback(int mode,int type,char *file,int line);
 void pthreads_locking_callback(int mode,int type,char *file,int line);
 void netware_locking_callback(int mode,int type,char *file,int line);
+void beos_locking_callback(int mode,int type,const char *file,int line);
 
 unsigned long irix_thread_id(void );
 unsigned long solaris_thread_id(void );
 unsigned long pthreads_thread_id(void );
 unsigned long netware_thread_id(void );
+unsigned long beos_thread_id(void );
 
 #if defined(OPENSSL_SYS_NETWARE)
 static MPKMutex *lock_cs;
@@ -1209,3 +1211,100 @@ unsigned long netware_thread_id(void)
    return(ret);
 }
 #endif /* NETWARE */
+
+#ifdef BEOS_THREADS
+
+#include <Locker.h>
+
+static BLocker** lock_cs;
+static long* lock_count;
+
+void thread_setup(void)
+	{
+	int i;
+
+	lock_cs=(BLocker**)OPENSSL_malloc(CRYPTO_num_locks() * sizeof(BLocker*));
+	lock_count=(long*)OPENSSL_malloc(CRYPTO_num_locks() * sizeof(long));
+	for (i=0; i<CRYPTO_num_locks(); i++)
+		{
+		lock_count[i]=0;
+		lock_cs[i] = new BLocker(CRYPTO_get_lock_name(i));
+		}
+
+	CRYPTO_set_id_callback((unsigned long (*)())beos_thread_id);
+	CRYPTO_set_locking_callback(beos_locking_callback);
+	}
+
+void thread_cleanup(void)
+	{
+	int i;
+
+	CRYPTO_set_locking_callback(NULL);
+	fprintf(stderr,"cleanup\n");
+	for (i=0; i<CRYPTO_num_locks(); i++)
+		{
+		delete lock_cs[i];
+		fprintf(stderr,"%8ld:%s\n",lock_count[i],
+			CRYPTO_get_lock_name(i));
+		}
+	OPENSSL_free(lock_cs);
+	OPENSSL_free(lock_count);
+
+	fprintf(stderr,"done cleanup\n");
+	}
+
+void beos_locking_callback(int mode, int type, const char *file, int line)
+    {
+#if 0
+	fprintf(stderr,"thread=%4d mode=%s lock=%s %s:%d\n",
+		CRYPTO_thread_id(),
+		(mode&CRYPTO_LOCK)?"l":"u",
+		(type&CRYPTO_READ)?"r":"w",file,line);
+#endif
+	if (mode & CRYPTO_LOCK)
+		{
+		lock_cs[type]->Lock();
+		lock_count[type]++;
+		}
+	else
+		{
+		lock_cs[type]->Unlock();
+		}
+	}
+
+void do_threads(SSL_CTX *s_ctx, SSL_CTX *c_ctx)
+	{
+	SSL_CTX *ssl_ctx[2];
+	thread_id thread_ctx[MAX_THREAD_NUMBER];
+	int i;
+
+	ssl_ctx[0]=s_ctx;
+	ssl_ctx[1]=c_ctx;
+
+	for (i=0; i<thread_number; i++)
+		{
+		thread_ctx[i] = spawn_thread((thread_func)ndoit,
+			NULL, B_NORMAL_PRIORITY, (void *)ssl_ctx);
+		resume_thread(thread_ctx[i]);
+		}
+
+	printf("waiting...\n");
+	for (i=0; i<thread_number; i++)
+		{
+		status_t result;
+		wait_for_thread(thread_ctx[i], &result);
+		}
+
+	printf("beos threads done (%d,%d)\n",
+		s_ctx->references,c_ctx->references);
+	}
+
+unsigned long beos_thread_id(void)
+	{
+	unsigned long ret;
+
+	ret=(unsigned long)find_thread(NULL);
+	return(ret);
+	}
+
+#endif /* BEOS_THREADS */
diff --git a/crypto/threads/pthreads-vms.com b/crypto/threads/pthreads-vms.com
index 26f84bc563..e93743f530 100644
--- a/crypto/threads/pthreads-vms.com
+++ b/crypto/threads/pthreads-vms.com
@@ -1,11 +1,14 @@
 $! To compile mttest on VMS.
 $!
 $! WARNING: only tested with DEC C so far.
-$!
-$!
-$!
-$ arch := vax
-$ if f$getsyi("CPU") .ge. 128 then arch := axp
+$
+$ if (f$getsyi("cpu").lt.128)
+$ then
+$     arch := VAX
+$ else
+$     arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
+$     if (arch .eqs. "") then arch = "UNK"
+$ endif
 $ define/user openssl [--.include.openssl]
 $ cc/def=PTHREADS mttest.c
 $ link /MAP/FULL/CROSS mttest, -
diff --git a/crypto/tmdiff.c b/crypto/tmdiff.c
deleted file mode 100644
index 1c6e052ac9..0000000000
--- a/crypto/tmdiff.c
+++ /dev/null
@@ -1,260 +0,0 @@
-/* crypto/tmdiff.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-#include <stdio.h>
-#include <stdlib.h>
-#include "cryptlib.h"
-#include <openssl/tmdiff.h>
-#if !defined(OPENSSL_SYS_MSDOS)
-#include OPENSSL_UNISTD
-#endif
-
-#ifdef TIMEB
-#undef OPENSSL_SYS_WIN32
-#undef TIMES
-#endif
-
-#if !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_WIN32) && !(defined(OPENSSL_SYS_VMS) || defined(__DECC)) && !defined(OPENSSL_SYS_MACOSX_RHAPSODY) && !defined(OPENSSL_SYS_VXWORKS)
-# define TIMES
-#endif
-
-#ifdef OPENSSL_SYS_NETWARE
-#undef TIMES
-#endif
-
-#if !defined(_IRIX) || defined (OPENSSL_SYS_NETWARE)
-#  include <time.h>
-#endif
-#ifdef TIMES
-#  include <sys/types.h>
-#  include <sys/times.h>
-#endif
-
-/* Depending on the VMS version, the tms structure is perhaps defined.
-   The __TMS macro will show if it was.  If it wasn't defined, we should
-   undefine TIMES, since that tells the rest of the program how things
-   should be handled.				-- Richard Levitte */
-#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__TMS)
-#undef TIMES
-#endif
-
-#if defined(sun) || defined(__ultrix)
-#define _POSIX_SOURCE
-#include <limits.h>
-#include <sys/param.h>
-#endif
-
-#if !defined(TIMES) && !defined(OPENSSL_SYS_VXWORKS) && !defined(OPENSSL_SYS_NETWARE)
-#include <sys/timeb.h>
-#endif
-
-#ifdef OPENSSL_SYS_WIN32
-#include <windows.h>
-#endif
-
-/* The following if from times(3) man page.  It may need to be changed */
-#ifndef HZ
-# if defined(_SC_CLK_TCK) \
-     && (!defined(OPENSSL_SYS_VMS) || __CTRL_VER >= 70000000)
-/* #  define HZ ((double)sysconf(_SC_CLK_TCK)) */
-#  define HZ sysconf(_SC_CLK_TCK)
-# else
-#  ifndef CLK_TCK
-#   ifndef _BSD_CLK_TCK_ /* FreeBSD hack */
-#    define HZ  100.0
-#   else /* _BSD_CLK_TCK_ */
-#    define HZ ((double)_BSD_CLK_TCK_)
-#   endif
-#  else /* CLK_TCK */
-#   define HZ ((double)CLK_TCK)
-#  endif
-# endif
-#endif
-
-struct ms_tm
-	{
-#ifdef TIMES
-	struct tms ms_tms;
-#else
-#  ifdef OPENSSL_SYS_WIN32
-	HANDLE thread_id;
-	FILETIME ms_win32;
-#  elif defined (OPENSSL_SYS_NETWARE)
-   clock_t ms_clock;
-#  else
-#    ifdef OPENSSL_SYS_VXWORKS
-          unsigned long ticks;
-#    else
-	struct timeb ms_timeb;
-#    endif
-#  endif
-#endif
-	};
-
-MS_TM *ms_time_new(void)
-	{
-	MS_TM *ret;
-
-	ret=(MS_TM *)OPENSSL_malloc(sizeof(MS_TM));
-	if (ret == NULL)
-		return(NULL);
-	memset(ret,0,sizeof(MS_TM));
-#ifdef OPENSSL_SYS_WIN32
-	ret->thread_id=GetCurrentThread();
-#endif
-	return ret;
-	}
-
-void ms_time_free(MS_TM *a)
-	{
-	if (a != NULL)
-		OPENSSL_free(a);
-	}
-
-void ms_time_get(MS_TM *tm)
-	{
-#ifdef OPENSSL_SYS_WIN32
-	FILETIME tmpa,tmpb,tmpc;
-#endif
-
-#ifdef TIMES
-	times(&tm->ms_tms);
-#else
-#  ifdef OPENSSL_SYS_WIN32
-	GetThreadTimes(tm->thread_id,&tmpa,&tmpb,&tmpc,&(tm->ms_win32));
-#  elif defined (OPENSSL_SYS_NETWARE)
-   tm->ms_clock = clock();
-#  else
-#    ifdef OPENSSL_SYS_VXWORKS
-        tm->ticks = tickGet();
-#    else
-	ftime(&tm->ms_timeb);
-#    endif
-#  endif
-#endif
-	}
-
-double ms_time_diff(MS_TM *a, MS_TM *b)
-	{
-	double ret;
-
-#ifdef TIMES
-	ret = HZ;
-	ret = (b->ms_tms.tms_utime-a->ms_tms.tms_utime) / ret;
-#else
-# ifdef OPENSSL_SYS_WIN32
-	{
-#ifdef __GNUC__
-	signed long long la,lb;
-#else
-	signed _int64 la,lb;
-#endif
-	la=a->ms_win32.dwHighDateTime;
-	lb=b->ms_win32.dwHighDateTime;
-	la<<=32;
-	lb<<=32;
-	la+=a->ms_win32.dwLowDateTime;
-	lb+=b->ms_win32.dwLowDateTime;
-	ret=((double)(lb-la))/1e7;
-	}
-# elif defined (OPENSSL_SYS_NETWARE)
-    ret= (double)(b->ms_clock - a->ms_clock);
-# else
-#  ifdef OPENSSL_SYS_VXWORKS
-        ret = (double)(b->ticks - a->ticks) / (double)sysClkRateGet();
-#  else
-	ret=	 (double)(b->ms_timeb.time-a->ms_timeb.time)+
-		(((double)b->ms_timeb.millitm)-
-		((double)a->ms_timeb.millitm))/1000.0;
-#  endif
-# endif
-#endif
-	return((ret < 0.0000001)?0.0000001:ret);
-	}
-
-int ms_time_cmp(const MS_TM *a, const MS_TM *b)
-	{
-	double d;
-	int ret;
-
-#ifdef TIMES
-	d = HZ;
-	d = (b->ms_tms.tms_utime-a->ms_tms.tms_utime) / d;
-#else
-# ifdef OPENSSL_SYS_WIN32
-	d =(b->ms_win32.dwHighDateTime&0x000fffff)*10+b->ms_win32.dwLowDateTime/1e7;
-	d-=(a->ms_win32.dwHighDateTime&0x000fffff)*10+a->ms_win32.dwLowDateTime/1e7;
-# elif defined (OPENSSL_SYS_NETWARE)
-    d= (double)(b->ms_clock - a->ms_clock);
-# else
-#  ifdef OPENSSL_SYS_VXWORKS
-        d = (b->ticks - a->ticks);
-#  else
-	d=	 (double)(b->ms_timeb.time-a->ms_timeb.time)+
-		(((double)b->ms_timeb.millitm)-(double)a->ms_timeb.millitm)/1000.0;
-#  endif
-# endif
-#endif
-	if (d == 0.0)
-		ret=0;
-	else if (d < 0)
-		ret= -1;
-	else
-		ret=1;
-	return(ret);
-	}
-
diff --git a/crypto/ts/.cvsignore b/crypto/ts/.cvsignore
new file mode 100644
index 0000000000..c6d03a9dbc
--- /dev/null
+++ b/crypto/ts/.cvsignore
@@ -0,0 +1,2 @@
+lib
+Makefile.save
diff --git a/crypto/ts/Makefile b/crypto/ts/Makefile
new file mode 100644
index 0000000000..ad29b67bd0
--- /dev/null
+++ b/crypto/ts/Makefile
@@ -0,0 +1,268 @@
+#
+# SSLeay/crypto/ts/Makefile
+#
+
+DIR=	ts
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I../../include
+CFLAG = -g
+INSTALL_PREFIX=
+OPENSSLDIR=     /usr/local/ssl
+INSTALLTOP=/usr/local/ssl
+MAKEDEPPROG=	makedepend
+MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
+MAKEFILE=	Makefile
+AR=		ar r
+
+PEX_LIBS=
+EX_LIBS=
+ 
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL= Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=	ts_err.c ts_req_utils.c ts_req_print.c ts_rsp_utils.c ts_rsp_print.c \
+	ts_rsp_sign.c ts_rsp_verify.c ts_verify_ctx.c ts_lib.c ts_conf.c \
+	ts_asn1.c
+LIBOBJ= ts_err.o ts_req_utils.o ts_req_print.o ts_rsp_utils.o ts_rsp_print.o \
+	ts_rsp_sign.o ts_rsp_verify.o ts_verify_ctx.o ts_lib.o ts_conf.o \
+	ts_asn1.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= ts.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+test:
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@for i in $(EXHEADER) ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff enc dec sign verify
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+ts_asn1.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+ts_asn1.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+ts_asn1.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+ts_asn1.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+ts_asn1.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+ts_asn1.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+ts_asn1.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+ts_asn1.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+ts_asn1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+ts_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ts_asn1.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
+ts_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+ts_asn1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ts_asn1.o: ../../include/openssl/ts.h ../../include/openssl/x509.h
+ts_asn1.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+ts_asn1.o: ts_asn1.c
+ts_conf.o: ../../e_os.h ../../include/openssl/asn1.h
+ts_conf.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+ts_conf.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+ts_conf.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+ts_conf.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+ts_conf.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+ts_conf.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+ts_conf.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+ts_conf.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+ts_conf.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+ts_conf.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
+ts_conf.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
+ts_conf.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+ts_conf.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+ts_conf.o: ../../include/openssl/symhacks.h ../../include/openssl/ts.h
+ts_conf.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+ts_conf.o: ../../include/openssl/x509v3.h ../cryptlib.h ts_conf.c
+ts_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ts_err.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+ts_err.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+ts_err.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+ts_err.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+ts_err.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
+ts_err.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+ts_err.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+ts_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+ts_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+ts_err.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+ts_err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+ts_err.o: ../../include/openssl/symhacks.h ../../include/openssl/ts.h
+ts_err.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+ts_err.o: ../../include/openssl/x509v3.h ts_err.c
+ts_lib.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ts_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+ts_lib.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+ts_lib.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+ts_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+ts_lib.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+ts_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+ts_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+ts_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+ts_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ts_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
+ts_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+ts_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ts_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+ts_lib.o: ../../include/openssl/x509v3.h ../cryptlib.h ts.h ts_lib.c
+ts_req_print.o: ../../e_os.h ../../include/openssl/asn1.h
+ts_req_print.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+ts_req_print.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+ts_req_print.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+ts_req_print.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+ts_req_print.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+ts_req_print.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
+ts_req_print.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+ts_req_print.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+ts_req_print.o: ../../include/openssl/opensslconf.h
+ts_req_print.o: ../../include/openssl/opensslv.h
+ts_req_print.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+ts_req_print.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+ts_req_print.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+ts_req_print.o: ../../include/openssl/symhacks.h ../../include/openssl/ts.h
+ts_req_print.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+ts_req_print.o: ../../include/openssl/x509v3.h ../cryptlib.h ts_req_print.c
+ts_req_utils.o: ../../e_os.h ../../include/openssl/asn1.h
+ts_req_utils.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+ts_req_utils.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+ts_req_utils.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+ts_req_utils.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+ts_req_utils.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+ts_req_utils.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+ts_req_utils.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+ts_req_utils.o: ../../include/openssl/objects.h
+ts_req_utils.o: ../../include/openssl/opensslconf.h
+ts_req_utils.o: ../../include/openssl/opensslv.h
+ts_req_utils.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+ts_req_utils.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+ts_req_utils.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+ts_req_utils.o: ../../include/openssl/symhacks.h ../../include/openssl/ts.h
+ts_req_utils.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+ts_req_utils.o: ../../include/openssl/x509v3.h ../cryptlib.h ts_req_utils.c
+ts_rsp_print.o: ../../e_os.h ../../include/openssl/asn1.h
+ts_rsp_print.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+ts_rsp_print.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+ts_rsp_print.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+ts_rsp_print.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+ts_rsp_print.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+ts_rsp_print.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
+ts_rsp_print.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+ts_rsp_print.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+ts_rsp_print.o: ../../include/openssl/opensslconf.h
+ts_rsp_print.o: ../../include/openssl/opensslv.h
+ts_rsp_print.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+ts_rsp_print.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+ts_rsp_print.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+ts_rsp_print.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+ts_rsp_print.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+ts_rsp_print.o: ../cryptlib.h ts.h ts_rsp_print.c
+ts_rsp_sign.o: ../../e_os.h ../../include/openssl/asn1.h
+ts_rsp_sign.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+ts_rsp_sign.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+ts_rsp_sign.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+ts_rsp_sign.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+ts_rsp_sign.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+ts_rsp_sign.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+ts_rsp_sign.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+ts_rsp_sign.o: ../../include/openssl/objects.h
+ts_rsp_sign.o: ../../include/openssl/opensslconf.h
+ts_rsp_sign.o: ../../include/openssl/opensslv.h
+ts_rsp_sign.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+ts_rsp_sign.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+ts_rsp_sign.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+ts_rsp_sign.o: ../../include/openssl/symhacks.h ../../include/openssl/ts.h
+ts_rsp_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+ts_rsp_sign.o: ../../include/openssl/x509v3.h ../cryptlib.h ts_rsp_sign.c
+ts_rsp_utils.o: ../../e_os.h ../../include/openssl/asn1.h
+ts_rsp_utils.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+ts_rsp_utils.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+ts_rsp_utils.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+ts_rsp_utils.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+ts_rsp_utils.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+ts_rsp_utils.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+ts_rsp_utils.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+ts_rsp_utils.o: ../../include/openssl/objects.h
+ts_rsp_utils.o: ../../include/openssl/opensslconf.h
+ts_rsp_utils.o: ../../include/openssl/opensslv.h
+ts_rsp_utils.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+ts_rsp_utils.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+ts_rsp_utils.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+ts_rsp_utils.o: ../../include/openssl/symhacks.h ../../include/openssl/ts.h
+ts_rsp_utils.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+ts_rsp_utils.o: ../../include/openssl/x509v3.h ../cryptlib.h ts_rsp_utils.c
+ts_rsp_verify.o: ../../e_os.h ../../include/openssl/asn1.h
+ts_rsp_verify.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+ts_rsp_verify.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+ts_rsp_verify.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+ts_rsp_verify.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+ts_rsp_verify.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+ts_rsp_verify.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+ts_rsp_verify.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+ts_rsp_verify.o: ../../include/openssl/objects.h
+ts_rsp_verify.o: ../../include/openssl/opensslconf.h
+ts_rsp_verify.o: ../../include/openssl/opensslv.h
+ts_rsp_verify.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+ts_rsp_verify.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+ts_rsp_verify.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+ts_rsp_verify.o: ../../include/openssl/symhacks.h ../../include/openssl/ts.h
+ts_rsp_verify.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+ts_rsp_verify.o: ../../include/openssl/x509v3.h ../cryptlib.h ts_rsp_verify.c
+ts_verify_ctx.o: ../../e_os.h ../../include/openssl/asn1.h
+ts_verify_ctx.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+ts_verify_ctx.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+ts_verify_ctx.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+ts_verify_ctx.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+ts_verify_ctx.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+ts_verify_ctx.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+ts_verify_ctx.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+ts_verify_ctx.o: ../../include/openssl/objects.h
+ts_verify_ctx.o: ../../include/openssl/opensslconf.h
+ts_verify_ctx.o: ../../include/openssl/opensslv.h
+ts_verify_ctx.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+ts_verify_ctx.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+ts_verify_ctx.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+ts_verify_ctx.o: ../../include/openssl/symhacks.h ../../include/openssl/ts.h
+ts_verify_ctx.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+ts_verify_ctx.o: ../../include/openssl/x509v3.h ../cryptlib.h ts_verify_ctx.c
diff --git a/crypto/ts/ts.h b/crypto/ts/ts.h
new file mode 100644
index 0000000000..190e8a1bf2
--- /dev/null
+++ b/crypto/ts/ts.h
@@ -0,0 +1,861 @@
+/* crypto/ts/ts.h */
+/* Written by Zoltan Glozik (zglozik@opentsa.org) for the OpenSSL
+ * project 2002, 2003, 2004.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_TS_H
+#define HEADER_TS_H
+
+#include <openssl/opensslconf.h>
+#include <openssl/symhacks.h>
+#ifndef OPENSSL_NO_BUFFER
+#include <openssl/buffer.h>
+#endif
+#ifndef OPENSSL_NO_EVP
+#include <openssl/evp.h>
+#endif
+#ifndef OPENSSL_NO_BIO
+#include <openssl/bio.h>
+#endif
+#include <openssl/stack.h>
+#include <openssl/asn1.h>
+#include <openssl/safestack.h>
+
+#ifndef OPENSSL_NO_RSA
+#include <openssl/rsa.h>
+#endif
+
+#ifndef OPENSSL_NO_DSA
+#include <openssl/dsa.h>
+#endif
+
+#ifndef OPENSSL_NO_DH
+#include <openssl/dh.h>
+#endif
+
+#include <openssl/evp.h>
+
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+#ifdef WIN32
+/* Under Win32 this is defined in wincrypt.h */
+#undef X509_NAME
+#endif
+
+#include <openssl/x509.h>
+#include <openssl/x509v3.h>
+
+/*
+MessageImprint ::= SEQUENCE  {
+     hashAlgorithm                AlgorithmIdentifier,
+     hashedMessage                OCTET STRING  }
+*/
+
+typedef struct TS_msg_imprint_st
+	{
+	X509_ALGOR *hash_algo;
+	ASN1_OCTET_STRING *hashed_msg;
+	} TS_MSG_IMPRINT;
+
+/*
+TimeStampReq ::= SEQUENCE  {
+   version                  INTEGER  { v1(1) },
+   messageImprint           MessageImprint,
+     --a hash algorithm OID and the hash value of the data to be
+     --time-stamped
+   reqPolicy                TSAPolicyId                OPTIONAL,
+   nonce                    INTEGER                    OPTIONAL,
+   certReq                  BOOLEAN                    DEFAULT FALSE,
+   extensions               [0] IMPLICIT Extensions    OPTIONAL  }
+*/
+
+typedef struct TS_req_st
+	{
+	ASN1_INTEGER *version;
+	TS_MSG_IMPRINT *msg_imprint;
+	ASN1_OBJECT *policy_id;		/* OPTIONAL */
+	ASN1_INTEGER *nonce;		/* OPTIONAL */
+	ASN1_BOOLEAN cert_req;		/* DEFAULT FALSE */
+	STACK_OF(X509_EXTENSION) *extensions;	/* [0] OPTIONAL */
+	} TS_REQ;
+
+/*
+Accuracy ::= SEQUENCE {
+                seconds        INTEGER           OPTIONAL,
+                millis     [0] INTEGER  (1..999) OPTIONAL,
+                micros     [1] INTEGER  (1..999) OPTIONAL  }
+*/
+
+typedef struct TS_accuracy_st
+	{
+	ASN1_INTEGER *seconds;
+	ASN1_INTEGER *millis;
+	ASN1_INTEGER *micros;
+	} TS_ACCURACY;
+
+/*
+TSTInfo ::= SEQUENCE  {
+    version                      INTEGER  { v1(1) },
+    policy                       TSAPolicyId,
+    messageImprint               MessageImprint,
+      -- MUST have the same value as the similar field in
+      -- TimeStampReq
+    serialNumber                 INTEGER,
+     -- Time-Stamping users MUST be ready to accommodate integers
+     -- up to 160 bits.
+    genTime                      GeneralizedTime,
+    accuracy                     Accuracy                 OPTIONAL,
+    ordering                     BOOLEAN             DEFAULT FALSE,
+    nonce                        INTEGER                  OPTIONAL,
+      -- MUST be present if the similar field was present
+      -- in TimeStampReq.  In that case it MUST have the same value.
+    tsa                          [0] GeneralName          OPTIONAL,
+    extensions                   [1] IMPLICIT Extensions  OPTIONAL   }
+*/
+
+typedef struct TS_tst_info_st
+	{
+	ASN1_INTEGER *version;
+	ASN1_OBJECT *policy_id;
+	TS_MSG_IMPRINT *msg_imprint;
+	ASN1_INTEGER *serial;
+	ASN1_GENERALIZEDTIME *time;
+	TS_ACCURACY *accuracy;
+	ASN1_BOOLEAN ordering;
+	ASN1_INTEGER *nonce;
+	GENERAL_NAME *tsa;
+	STACK_OF(X509_EXTENSION) *extensions;
+	} TS_TST_INFO;	
+
+/*
+PKIStatusInfo ::= SEQUENCE {
+    status        PKIStatus,
+    statusString  PKIFreeText     OPTIONAL,
+    failInfo      PKIFailureInfo  OPTIONAL  }
+
+From RFC 1510 - section 3.1.1:
+PKIFreeText ::= SEQUENCE SIZE (1..MAX) OF UTF8String
+	-- text encoded as UTF-8 String (note:  each UTF8String SHOULD
+	-- include an RFC 1766 language tag to indicate the language
+	-- of the contained text)
+*/
+
+/* Possible values for status. See ts_resp_print.c && ts_resp_verify.c. */
+
+#define	TS_STATUS_GRANTED			0
+#define	TS_STATUS_GRANTED_WITH_MODS		1
+#define	TS_STATUS_REJECTION			2
+#define	TS_STATUS_WAITING			3
+#define	TS_STATUS_REVOCATION_WARNING		4
+#define	TS_STATUS_REVOCATION_NOTIFICATION	5
+
+/* Possible values for failure_info. See ts_resp_print.c && ts_resp_verify.c */
+
+#define	TS_INFO_BAD_ALG			0
+#define	TS_INFO_BAD_REQUEST		2
+#define	TS_INFO_BAD_DATA_FORMAT		5
+#define	TS_INFO_TIME_NOT_AVAILABLE	14
+#define	TS_INFO_UNACCEPTED_POLICY	15
+#define	TS_INFO_UNACCEPTED_EXTENSION	16
+#define	TS_INFO_ADD_INFO_NOT_AVAILABLE	17
+#define	TS_INFO_SYSTEM_FAILURE		25
+
+typedef struct TS_status_info_st
+	{
+	ASN1_INTEGER *status;
+	STACK_OF(ASN1_UTF8STRING) *text;
+	ASN1_BIT_STRING *failure_info;
+	} TS_STATUS_INFO;
+
+DECLARE_STACK_OF(ASN1_UTF8STRING)
+DECLARE_ASN1_SET_OF(ASN1_UTF8STRING)
+
+/*
+TimeStampResp ::= SEQUENCE  {
+     status                  PKIStatusInfo,
+     timeStampToken          TimeStampToken     OPTIONAL }
+*/
+
+typedef struct TS_resp_st
+	{
+	TS_STATUS_INFO *status_info;
+	PKCS7 *token;
+	TS_TST_INFO *tst_info;
+	} TS_RESP;
+
+/* The structure below would belong to the ESS component. */
+
+/*
+IssuerSerial ::= SEQUENCE {
+	issuer                   GeneralNames,
+	serialNumber             CertificateSerialNumber
+	}
+*/
+
+typedef struct ESS_issuer_serial
+	{
+	STACK_OF(GENERAL_NAME)	*issuer;
+	ASN1_INTEGER		*serial;
+	} ESS_ISSUER_SERIAL;
+
+/*
+ESSCertID ::=  SEQUENCE {
+        certHash                 Hash,
+        issuerSerial             IssuerSerial OPTIONAL
+}
+*/
+
+typedef struct ESS_cert_id
+	{
+	ASN1_OCTET_STRING *hash;	/* Always SHA-1 digest. */
+	ESS_ISSUER_SERIAL *issuer_serial;
+	} ESS_CERT_ID;
+
+DECLARE_STACK_OF(ESS_CERT_ID)
+DECLARE_ASN1_SET_OF(ESS_CERT_ID)
+
+/*
+SigningCertificate ::=  SEQUENCE {
+       certs        SEQUENCE OF ESSCertID,
+       policies     SEQUENCE OF PolicyInformation OPTIONAL
+}
+*/
+
+typedef struct ESS_signing_cert
+	{
+	STACK_OF(ESS_CERT_ID) *cert_ids;
+	STACK_OF(POLICYINFO) *policy_info;
+	} ESS_SIGNING_CERT;
+
+
+TS_REQ	*TS_REQ_new(void);
+void	TS_REQ_free(TS_REQ *a);
+int	i2d_TS_REQ(const TS_REQ *a, unsigned char **pp);
+TS_REQ	*d2i_TS_REQ(TS_REQ **a, const unsigned char **pp, long length);
+
+TS_REQ	*TS_REQ_dup(TS_REQ *a);
+
+TS_REQ	*d2i_TS_REQ_fp(FILE *fp, TS_REQ **a);
+int	i2d_TS_REQ_fp(FILE *fp, TS_REQ *a);
+TS_REQ	*d2i_TS_REQ_bio(BIO *fp, TS_REQ **a);
+int	i2d_TS_REQ_bio(BIO *fp, TS_REQ *a);
+
+TS_MSG_IMPRINT	*TS_MSG_IMPRINT_new(void);
+void		TS_MSG_IMPRINT_free(TS_MSG_IMPRINT *a);
+int		i2d_TS_MSG_IMPRINT(const TS_MSG_IMPRINT *a, unsigned char **pp);
+TS_MSG_IMPRINT	*d2i_TS_MSG_IMPRINT(TS_MSG_IMPRINT **a,
+				    const unsigned char **pp, long length);
+
+TS_MSG_IMPRINT	*TS_MSG_IMPRINT_dup(TS_MSG_IMPRINT *a);
+
+TS_MSG_IMPRINT	*d2i_TS_MSG_IMPRINT_fp(FILE *fp, TS_MSG_IMPRINT **a);
+int		i2d_TS_MSG_IMPRINT_fp(FILE *fp, TS_MSG_IMPRINT *a);
+TS_MSG_IMPRINT	*d2i_TS_MSG_IMPRINT_bio(BIO *fp, TS_MSG_IMPRINT **a);
+int		i2d_TS_MSG_IMPRINT_bio(BIO *fp, TS_MSG_IMPRINT *a);
+
+TS_RESP	*TS_RESP_new(void);
+void	TS_RESP_free(TS_RESP *a);
+int	i2d_TS_RESP(const TS_RESP *a, unsigned char **pp);
+TS_RESP	*d2i_TS_RESP(TS_RESP **a, const unsigned char **pp, long length);
+TS_TST_INFO *PKCS7_to_TS_TST_INFO(PKCS7 *token);
+TS_RESP	*TS_RESP_dup(TS_RESP *a);
+
+TS_RESP	*d2i_TS_RESP_fp(FILE *fp, TS_RESP **a);
+int	i2d_TS_RESP_fp(FILE *fp, TS_RESP *a);
+TS_RESP	*d2i_TS_RESP_bio(BIO *fp, TS_RESP **a);
+int	i2d_TS_RESP_bio(BIO *fp, TS_RESP *a);
+
+TS_STATUS_INFO	*TS_STATUS_INFO_new(void);
+void		TS_STATUS_INFO_free(TS_STATUS_INFO *a);
+int		i2d_TS_STATUS_INFO(const TS_STATUS_INFO *a, unsigned char **pp);
+TS_STATUS_INFO	*d2i_TS_STATUS_INFO(TS_STATUS_INFO **a, 
+				    const unsigned char **pp, long length);
+TS_STATUS_INFO	*TS_STATUS_INFO_dup(TS_STATUS_INFO *a);
+
+TS_TST_INFO	*TS_TST_INFO_new(void);
+void		TS_TST_INFO_free(TS_TST_INFO *a);
+int		i2d_TS_TST_INFO(const TS_TST_INFO *a, unsigned char **pp);
+TS_TST_INFO	*d2i_TS_TST_INFO(TS_TST_INFO **a, const unsigned char **pp,
+				    long length);
+TS_TST_INFO	*TS_TST_INFO_dup(TS_TST_INFO *a);
+
+TS_TST_INFO	*d2i_TS_TST_INFO_fp(FILE *fp, TS_TST_INFO **a);
+int		i2d_TS_TST_INFO_fp(FILE *fp, TS_TST_INFO *a);
+TS_TST_INFO	*d2i_TS_TST_INFO_bio(BIO *fp, TS_TST_INFO **a);
+int		i2d_TS_TST_INFO_bio(BIO *fp, TS_TST_INFO *a);
+
+TS_ACCURACY	*TS_ACCURACY_new(void);
+void		TS_ACCURACY_free(TS_ACCURACY *a);
+int		i2d_TS_ACCURACY(const TS_ACCURACY *a, unsigned char **pp);
+TS_ACCURACY	*d2i_TS_ACCURACY(TS_ACCURACY **a, const unsigned char **pp,
+				    long length);
+TS_ACCURACY	*TS_ACCURACY_dup(TS_ACCURACY *a);
+
+ESS_ISSUER_SERIAL *ESS_ISSUER_SERIAL_new(void);
+void		  ESS_ISSUER_SERIAL_free(ESS_ISSUER_SERIAL *a);
+int		  i2d_ESS_ISSUER_SERIAL(const ESS_ISSUER_SERIAL *a,
+					unsigned char **pp);
+ESS_ISSUER_SERIAL *d2i_ESS_ISSUER_SERIAL(ESS_ISSUER_SERIAL **a,
+					 const unsigned char **pp, long length);
+ESS_ISSUER_SERIAL *ESS_ISSUER_SERIAL_dup(ESS_ISSUER_SERIAL *a);
+
+ESS_CERT_ID	*ESS_CERT_ID_new(void);
+void		ESS_CERT_ID_free(ESS_CERT_ID *a);
+int		i2d_ESS_CERT_ID(const ESS_CERT_ID *a, unsigned char **pp);
+ESS_CERT_ID	*d2i_ESS_CERT_ID(ESS_CERT_ID **a, const unsigned char **pp,
+				 long length);
+ESS_CERT_ID	*ESS_CERT_ID_dup(ESS_CERT_ID *a);
+
+ESS_SIGNING_CERT *ESS_SIGNING_CERT_new(void);
+void		 ESS_SIGNING_CERT_free(ESS_SIGNING_CERT *a);
+int		 i2d_ESS_SIGNING_CERT(const ESS_SIGNING_CERT *a, 
+				      unsigned char **pp);
+ESS_SIGNING_CERT *d2i_ESS_SIGNING_CERT(ESS_SIGNING_CERT **a,
+				       const unsigned char **pp, long length);
+ESS_SIGNING_CERT *ESS_SIGNING_CERT_dup(ESS_SIGNING_CERT *a);
+
+void ERR_load_TS_strings(void);
+
+int TS_REQ_set_version(TS_REQ *a, long version);
+long TS_REQ_get_version(const TS_REQ *a);
+
+int TS_REQ_set_msg_imprint(TS_REQ *a, TS_MSG_IMPRINT *msg_imprint);
+TS_MSG_IMPRINT *TS_REQ_get_msg_imprint(TS_REQ *a);
+
+int TS_MSG_IMPRINT_set_algo(TS_MSG_IMPRINT *a, X509_ALGOR *alg);
+X509_ALGOR *TS_MSG_IMPRINT_get_algo(TS_MSG_IMPRINT *a);
+
+int TS_MSG_IMPRINT_set_msg(TS_MSG_IMPRINT *a, unsigned char *d, int len);
+ASN1_OCTET_STRING *TS_MSG_IMPRINT_get_msg(TS_MSG_IMPRINT *a);
+
+int TS_REQ_set_policy_id(TS_REQ *a, ASN1_OBJECT *policy);
+ASN1_OBJECT *TS_REQ_get_policy_id(TS_REQ *a);
+
+int TS_REQ_set_nonce(TS_REQ *a, const ASN1_INTEGER *nonce);
+const ASN1_INTEGER *TS_REQ_get_nonce(const TS_REQ *a);
+
+int TS_REQ_set_cert_req(TS_REQ *a, int cert_req);
+int TS_REQ_get_cert_req(const TS_REQ *a);
+
+STACK_OF(X509_EXTENSION) *TS_REQ_get_exts(TS_REQ *a);
+void TS_REQ_ext_free(TS_REQ *a);
+int TS_REQ_get_ext_count(TS_REQ *a);
+int TS_REQ_get_ext_by_NID(TS_REQ *a, int nid, int lastpos);
+int TS_REQ_get_ext_by_OBJ(TS_REQ *a, ASN1_OBJECT *obj, int lastpos);
+int TS_REQ_get_ext_by_critical(TS_REQ *a, int crit, int lastpos);
+X509_EXTENSION *TS_REQ_get_ext(TS_REQ *a, int loc);
+X509_EXTENSION *TS_REQ_delete_ext(TS_REQ *a, int loc);
+int TS_REQ_add_ext(TS_REQ *a, X509_EXTENSION *ex, int loc);
+void *TS_REQ_get_ext_d2i(TS_REQ *a, int nid, int *crit, int *idx);
+
+/* Function declarations for TS_REQ defined in ts/ts_req_print.c */
+
+int TS_REQ_print_bio(BIO *bio, TS_REQ *a);
+
+/* Function declarations for TS_RESP defined in ts/ts_resp_utils.c */
+
+int TS_RESP_set_status_info(TS_RESP *a, TS_STATUS_INFO *info);
+TS_STATUS_INFO *TS_RESP_get_status_info(TS_RESP *a);
+
+/* Caller loses ownership of PKCS7 and TS_TST_INFO objects. */
+void TS_RESP_set_tst_info(TS_RESP *a, PKCS7 *p7, TS_TST_INFO *tst_info);
+PKCS7 *TS_RESP_get_token(TS_RESP *a);
+TS_TST_INFO *TS_RESP_get_tst_info(TS_RESP *a);
+
+int TS_TST_INFO_set_version(TS_TST_INFO *a, long version);
+long TS_TST_INFO_get_version(const TS_TST_INFO *a);
+
+int TS_TST_INFO_set_policy_id(TS_TST_INFO *a, ASN1_OBJECT *policy_id);
+ASN1_OBJECT *TS_TST_INFO_get_policy_id(TS_TST_INFO *a);
+
+int TS_TST_INFO_set_msg_imprint(TS_TST_INFO *a, TS_MSG_IMPRINT *msg_imprint);
+TS_MSG_IMPRINT *TS_TST_INFO_get_msg_imprint(TS_TST_INFO *a);
+
+int TS_TST_INFO_set_serial(TS_TST_INFO *a, const ASN1_INTEGER *serial);
+const ASN1_INTEGER *TS_TST_INFO_get_serial(const TS_TST_INFO *a);
+
+int TS_TST_INFO_set_time(TS_TST_INFO *a, const ASN1_GENERALIZEDTIME *gtime);
+const ASN1_GENERALIZEDTIME *TS_TST_INFO_get_time(const TS_TST_INFO *a);
+
+int TS_TST_INFO_set_accuracy(TS_TST_INFO *a, TS_ACCURACY *accuracy);
+TS_ACCURACY *TS_TST_INFO_get_accuracy(TS_TST_INFO *a);
+
+int TS_ACCURACY_set_seconds(TS_ACCURACY *a, const ASN1_INTEGER *seconds);
+const ASN1_INTEGER *TS_ACCURACY_get_seconds(const TS_ACCURACY *a);
+
+int TS_ACCURACY_set_millis(TS_ACCURACY *a, const ASN1_INTEGER *millis);
+const ASN1_INTEGER *TS_ACCURACY_get_millis(const TS_ACCURACY *a);
+
+int TS_ACCURACY_set_micros(TS_ACCURACY *a, const ASN1_INTEGER *micros);
+const ASN1_INTEGER *TS_ACCURACY_get_micros(const TS_ACCURACY *a);
+
+int TS_TST_INFO_set_ordering(TS_TST_INFO *a, int ordering);
+int TS_TST_INFO_get_ordering(const TS_TST_INFO *a);
+
+int TS_TST_INFO_set_nonce(TS_TST_INFO *a, const ASN1_INTEGER *nonce);
+const ASN1_INTEGER *TS_TST_INFO_get_nonce(const TS_TST_INFO *a);
+
+int TS_TST_INFO_set_tsa(TS_TST_INFO *a, GENERAL_NAME *tsa);
+GENERAL_NAME *TS_TST_INFO_get_tsa(TS_TST_INFO *a);
+
+STACK_OF(X509_EXTENSION) *TS_TST_INFO_get_exts(TS_TST_INFO *a);
+void TS_TST_INFO_ext_free(TS_TST_INFO *a);
+int TS_TST_INFO_get_ext_count(TS_TST_INFO *a);
+int TS_TST_INFO_get_ext_by_NID(TS_TST_INFO *a, int nid, int lastpos);
+int TS_TST_INFO_get_ext_by_OBJ(TS_TST_INFO *a, ASN1_OBJECT *obj, int lastpos);
+int TS_TST_INFO_get_ext_by_critical(TS_TST_INFO *a, int crit, int lastpos);
+X509_EXTENSION *TS_TST_INFO_get_ext(TS_TST_INFO *a, int loc);
+X509_EXTENSION *TS_TST_INFO_delete_ext(TS_TST_INFO *a, int loc);
+int TS_TST_INFO_add_ext(TS_TST_INFO *a, X509_EXTENSION *ex, int loc);
+void *TS_TST_INFO_get_ext_d2i(TS_TST_INFO *a, int nid, int *crit, int *idx);
+
+/* Declarations related to response generation, defined in ts/ts_resp_sign.c. */
+
+/* Optional flags for response generation. */
+
+/* Don't include the TSA name in response. */
+#define	TS_TSA_NAME		0x01
+
+/* Set ordering to true in response. */
+#define	TS_ORDERING		0x02
+
+/*
+ * Include the signer certificate and the other specified certificates in
+ * the ESS signing certificate attribute beside the PKCS7 signed data.
+ * Only the signer certificates is included by default.
+ */
+#define	TS_ESS_CERT_ID_CHAIN	0x04
+
+/* Forward declaration. */
+struct TS_resp_ctx;
+
+/* This must return a unique number less than 160 bits long. */
+typedef ASN1_INTEGER *(*TS_serial_cb)(struct TS_resp_ctx *, void *);
+
+/* This must return the seconds and microseconds since Jan 1, 1970 in
+   the sec and usec variables allocated by the caller. 
+   Return non-zero for success and zero for failure. */
+typedef	int (*TS_time_cb)(struct TS_resp_ctx *, void *, long *sec, long *usec);
+
+/* This must process the given extension.
+ * It can modify the TS_TST_INFO object of the context.
+ * Return values: !0 (processed), 0 (error, it must set the 
+ * status info/failure info of the response).
+ */
+typedef	int (*TS_extension_cb)(struct TS_resp_ctx *, X509_EXTENSION *, void *);
+
+typedef struct TS_resp_ctx
+	{
+	X509		*signer_cert;
+	EVP_PKEY	*signer_key;
+	STACK_OF(X509)	*certs;	/* Certs to include in signed data. */
+	STACK_OF(ASN1_OBJECT)	*policies;	/* Acceptable policies. */
+	ASN1_OBJECT	*default_policy; /* It may appear in policies, too. */
+	STACK_OF(EVP_MD)	*mds;	/* Acceptable message digests. */
+	ASN1_INTEGER	*seconds;	/* accuracy, 0 means not specified. */
+	ASN1_INTEGER	*millis;	/* accuracy, 0 means not specified. */
+	ASN1_INTEGER	*micros;	/* accuracy, 0 means not specified. */
+	unsigned	clock_precision_digits; /* fraction of seconds in
+						   time stamp token. */
+	unsigned	flags;		/* Optional info, see values above. */
+
+	/* Callback functions. */
+	TS_serial_cb serial_cb;
+	void *serial_cb_data;	/* User data for serial_cb. */
+	
+	TS_time_cb time_cb;
+	void *time_cb_data;	/* User data for time_cb. */
+	
+	TS_extension_cb extension_cb;
+	void *extension_cb_data;	/* User data for extension_cb. */
+
+	/* These members are used only while creating the response. */
+	TS_REQ		*request;
+	TS_RESP		*response;
+	TS_TST_INFO	*tst_info;
+	} TS_RESP_CTX;
+
+DECLARE_STACK_OF(EVP_MD)
+DECLARE_ASN1_SET_OF(EVP_MD)
+
+/* Creates a response context that can be used for generating responses. */
+TS_RESP_CTX *TS_RESP_CTX_new(void);
+void TS_RESP_CTX_free(TS_RESP_CTX *ctx);
+
+/* This parameter must be set. */
+int TS_RESP_CTX_set_signer_cert(TS_RESP_CTX *ctx, X509 *signer);
+
+/* This parameter must be set. */
+int TS_RESP_CTX_set_signer_key(TS_RESP_CTX *ctx, EVP_PKEY *key);
+
+/* This parameter must be set. */
+int TS_RESP_CTX_set_def_policy(TS_RESP_CTX *ctx, ASN1_OBJECT *def_policy);
+
+/* No additional certs are included in the response by default. */
+int TS_RESP_CTX_set_certs(TS_RESP_CTX *ctx, STACK_OF(X509) *certs);
+
+/* Adds a new acceptable policy, only the default policy 
+   is accepted by default. */
+int TS_RESP_CTX_add_policy(TS_RESP_CTX *ctx, ASN1_OBJECT *policy);
+
+/* Adds a new acceptable message digest. Note that no message digests 
+   are accepted by default. The md argument is shared with the caller. */
+int TS_RESP_CTX_add_md(TS_RESP_CTX *ctx, const EVP_MD *md);
+
+/* Accuracy is not included by default. */
+int TS_RESP_CTX_set_accuracy(TS_RESP_CTX *ctx,
+			     int secs, int millis, int micros);
+
+/* Clock precision digits, i.e. the number of decimal digits: 
+   '0' means sec, '3' msec, '6' usec, and so on. Default is 0. */ 
+int TS_RESP_CTX_set_clock_precision_digits(TS_RESP_CTX *ctx,
+					   unsigned clock_precision_digits);
+/* At most we accept usec precision. */	
+#define TS_MAX_CLOCK_PRECISION_DIGITS	6
+
+/* No flags are set by default. */
+void TS_RESP_CTX_add_flags(TS_RESP_CTX *ctx, int flags);
+
+/* Default callback always returns a constant. */
+void TS_RESP_CTX_set_serial_cb(TS_RESP_CTX *ctx, TS_serial_cb cb, void *data);
+
+/* Default callback uses the gettimeofday() and gmtime() system calls. */
+void TS_RESP_CTX_set_time_cb(TS_RESP_CTX *ctx, TS_time_cb cb, void *data);
+
+/* Default callback rejects all extensions. The extension callback is called 
+ * when the TS_TST_INFO object is already set up and not signed yet. */
+/* FIXME: extension handling is not tested yet. */
+void TS_RESP_CTX_set_extension_cb(TS_RESP_CTX *ctx, 
+				  TS_extension_cb cb, void *data);
+
+/* The following methods can be used in the callbacks. */
+int TS_RESP_CTX_set_status_info(TS_RESP_CTX *ctx, 
+				int status, const char *text);
+
+/* Sets the status info only if it is still TS_STATUS_GRANTED. */
+int TS_RESP_CTX_set_status_info_cond(TS_RESP_CTX *ctx, 
+				     int status, const char *text);
+
+int TS_RESP_CTX_add_failure_info(TS_RESP_CTX *ctx, int failure);
+
+/* The get methods below can be used in the extension callback. */
+TS_REQ *TS_RESP_CTX_get_request(TS_RESP_CTX *ctx);
+
+TS_TST_INFO *TS_RESP_CTX_get_tst_info(TS_RESP_CTX *ctx);
+
+/* 
+ * Creates the signed TS_TST_INFO and puts it in TS_RESP.
+ * In case of errors it sets the status info properly.
+ * Returns NULL only in case of memory allocation/fatal error.
+ */
+TS_RESP *TS_RESP_create_response(TS_RESP_CTX *ctx, BIO *req_bio);
+
+/*
+ * Declarations related to response verification,
+ * they are defined in ts/ts_resp_verify.c.
+ */
+
+int TS_RESP_verify_signature(PKCS7 *token, STACK_OF(X509) *certs,
+			     X509_STORE *store, X509 **signer_out);
+
+/* Context structure for the generic verify method. */
+
+/* Verify the signer's certificate and the signature of the response. */
+#define	TS_VFY_SIGNATURE	(1u << 0)
+/* Verify the version number of the response. */
+#define	TS_VFY_VERSION		(1u << 1)
+/* Verify if the policy supplied by the user matches the policy of the TSA. */
+#define	TS_VFY_POLICY		(1u << 2)
+/* Verify the message imprint provided by the user. This flag should not be
+   specified with TS_VFY_DATA. */
+#define	TS_VFY_IMPRINT		(1u << 3)
+/* Verify the message imprint computed by the verify method from the user
+   provided data and the MD algorithm of the response. This flag should not be
+   specified with TS_VFY_IMPRINT. */
+#define	TS_VFY_DATA		(1u << 4)
+/* Verify the nonce value. */
+#define	TS_VFY_NONCE		(1u << 5)
+/* Verify if the TSA name field matches the signer certificate. */
+#define	TS_VFY_SIGNER		(1u << 6)
+/* Verify if the TSA name field equals to the user provided name. */
+#define	TS_VFY_TSA_NAME		(1u << 7)
+
+/* You can use the following convenience constants. */
+#define	TS_VFY_ALL_IMPRINT	(TS_VFY_SIGNATURE	\
+				 | TS_VFY_VERSION	\
+				 | TS_VFY_POLICY	\
+				 | TS_VFY_IMPRINT	\
+				 | TS_VFY_NONCE		\
+				 | TS_VFY_SIGNER	\
+				 | TS_VFY_TSA_NAME)
+#define	TS_VFY_ALL_DATA		(TS_VFY_SIGNATURE	\
+				 | TS_VFY_VERSION	\
+				 | TS_VFY_POLICY	\
+				 | TS_VFY_DATA		\
+				 | TS_VFY_NONCE		\
+				 | TS_VFY_SIGNER	\
+				 | TS_VFY_TSA_NAME)
+
+typedef struct TS_verify_ctx
+	{
+	/* Set this to the union of TS_VFY_... flags you want to carry out. */
+	unsigned	flags;
+
+	/* Must be set only with TS_VFY_SIGNATURE. certs is optional. */
+	X509_STORE	*store;
+	STACK_OF(X509)	*certs;
+
+	/* Must be set only with TS_VFY_POLICY. */
+	ASN1_OBJECT	*policy;
+
+	/* Must be set only with TS_VFY_IMPRINT. If md_alg is NULL, 
+	   the algorithm from the response is used. */
+	X509_ALGOR	*md_alg;
+	unsigned char	*imprint;
+	unsigned	imprint_len;
+
+	/* Must be set only with TS_VFY_DATA. */
+	BIO		*data;
+
+	/* Must be set only with TS_VFY_TSA_NAME. */
+	ASN1_INTEGER	*nonce;
+
+	/* Must be set only with TS_VFY_TSA_NAME. */
+	GENERAL_NAME	*tsa_name;
+	} TS_VERIFY_CTX;
+
+int TS_RESP_verify_response(TS_VERIFY_CTX *ctx, TS_RESP *response);
+int TS_RESP_verify_token(TS_VERIFY_CTX *ctx, PKCS7 *token);
+
+/*
+ * Declarations related to response verification context,
+ * they are defined in ts/ts_verify_ctx.c.
+ */
+
+/* Set all fields to zero. */
+TS_VERIFY_CTX *TS_VERIFY_CTX_new(void);
+void TS_VERIFY_CTX_init(TS_VERIFY_CTX *ctx);
+void TS_VERIFY_CTX_free(TS_VERIFY_CTX *ctx);
+void TS_VERIFY_CTX_cleanup(TS_VERIFY_CTX *ctx);
+
+/* 
+ * If ctx is NULL, it allocates and returns a new object, otherwise
+ * it returns ctx. It initialises all the members as follows:
+ * flags = TS_VFY_ALL_IMPRINT & ~(TS_VFY_TSA_NAME | TS_VFY_SIGNATURE)
+ * certs = NULL
+ * store = NULL
+ * policy = policy from the request or NULL if absent (in this case
+ *	TS_VFY_POLICY is cleared from flags as well)
+ * md_alg = MD algorithm from request
+ * imprint, imprint_len = imprint from request
+ * data = NULL
+ * nonce, nonce_len = nonce from the request or NULL if absent (in this case
+ * 	TS_VFY_NONCE is cleared from flags as well)
+ * tsa_name = NULL
+ * Important: after calling this method TS_VFY_SIGNATURE should be added!
+ */
+TS_VERIFY_CTX *TS_REQ_to_TS_VERIFY_CTX(TS_REQ *req, TS_VERIFY_CTX *ctx);
+
+/* Function declarations for TS_RESP defined in ts/ts_resp_print.c */
+
+int TS_RESP_print_bio(BIO *bio, TS_RESP *a);
+int TS_STATUS_INFO_print_bio(BIO *bio, TS_STATUS_INFO *a);
+int TS_TST_INFO_print_bio(BIO *bio, TS_TST_INFO *a);
+
+/* Common utility functions defined in ts/ts_lib.c */
+
+int TS_ASN1_INTEGER_print_bio(BIO *bio, const ASN1_INTEGER *num);
+int TS_OBJ_print_bio(BIO *bio, const ASN1_OBJECT *obj);
+int TS_ext_print_bio(BIO *bio, const STACK_OF(X509_EXTENSION) *extensions);
+int TS_X509_ALGOR_print_bio(BIO *bio, const X509_ALGOR *alg);
+int TS_MSG_IMPRINT_print_bio(BIO *bio, TS_MSG_IMPRINT *msg);
+
+/* Function declarations for handling configuration options,
+   defined in ts/ts_conf.c */
+
+X509 *TS_CONF_load_cert(const char *file);
+STACK_OF(X509) *TS_CONF_load_certs(const char *file);
+EVP_PKEY *TS_CONF_load_key(const char *file, const char *pass);
+const char *TS_CONF_get_tsa_section(CONF *conf, const char *section);
+int TS_CONF_set_serial(CONF *conf, const char *section, TS_serial_cb cb,
+		       TS_RESP_CTX *ctx);
+int TS_CONF_set_crypto_device(CONF *conf, const char *section,
+			      const char *device);
+int TS_CONF_set_default_engine(const char *name);
+int TS_CONF_set_signer_cert(CONF *conf, const char *section,
+			    const char *cert, TS_RESP_CTX *ctx);
+int TS_CONF_set_certs(CONF *conf, const char *section, const char *certs,
+		      TS_RESP_CTX *ctx);
+int TS_CONF_set_signer_key(CONF *conf, const char *section,
+			   const char *key, const char *pass, TS_RESP_CTX *ctx);
+int TS_CONF_set_def_policy(CONF *conf, const char *section,
+			   const char *policy, TS_RESP_CTX *ctx);
+int TS_CONF_set_policies(CONF *conf, const char *section, TS_RESP_CTX *ctx);
+int TS_CONF_set_digests(CONF *conf, const char *section, TS_RESP_CTX *ctx);
+int TS_CONF_set_accuracy(CONF *conf, const char *section, TS_RESP_CTX *ctx);
+int TS_CONF_set_clock_precision_digits(CONF *conf, const char *section,
+				       TS_RESP_CTX *ctx);
+int TS_CONF_set_ordering(CONF *conf, const char *section, TS_RESP_CTX *ctx);
+int TS_CONF_set_tsa_name(CONF *conf, const char *section, TS_RESP_CTX *ctx);
+int TS_CONF_set_ess_cert_id_chain(CONF *conf, const char *section,
+				  TS_RESP_CTX *ctx);
+
+/* -------------------------------------------------- */
+/* BEGIN ERROR CODES */
+/* The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_TS_strings(void);
+
+/* Error codes for the TS functions. */
+
+/* Function codes. */
+#define TS_F_D2I_TS_RESP				 147
+#define TS_F_DEF_SERIAL_CB				 110
+#define TS_F_DEF_TIME_CB				 111
+#define TS_F_ESS_ADD_SIGNING_CERT			 112
+#define TS_F_ESS_CERT_ID_NEW_INIT			 113
+#define TS_F_ESS_SIGNING_CERT_NEW_INIT			 114
+#define TS_F_INT_TS_RESP_VERIFY_TOKEN			 149
+#define TS_F_PKCS7_TO_TS_TST_INFO			 148
+#define TS_F_TS_ACCURACY_SET_MICROS			 115
+#define TS_F_TS_ACCURACY_SET_MILLIS			 116
+#define TS_F_TS_ACCURACY_SET_SECONDS			 117
+#define TS_F_TS_CHECK_IMPRINTS				 100
+#define TS_F_TS_CHECK_NONCES				 101
+#define TS_F_TS_CHECK_POLICY				 102
+#define TS_F_TS_CHECK_SIGNING_CERTS			 103
+#define TS_F_TS_CHECK_STATUS_INFO			 104
+#define TS_F_TS_COMPUTE_IMPRINT				 145
+#define TS_F_TS_CONF_SET_DEFAULT_ENGINE			 146
+#define TS_F_TS_GET_STATUS_TEXT				 105
+#define TS_F_TS_MSG_IMPRINT_SET_ALGO			 118
+#define TS_F_TS_REQ_SET_MSG_IMPRINT			 119
+#define TS_F_TS_REQ_SET_NONCE				 120
+#define TS_F_TS_REQ_SET_POLICY_ID			 121
+#define TS_F_TS_RESP_CREATE_RESPONSE			 122
+#define TS_F_TS_RESP_CREATE_TST_INFO			 123
+#define TS_F_TS_RESP_CTX_ADD_FAILURE_INFO		 124
+#define TS_F_TS_RESP_CTX_ADD_MD				 125
+#define TS_F_TS_RESP_CTX_ADD_POLICY			 126
+#define TS_F_TS_RESP_CTX_NEW				 127
+#define TS_F_TS_RESP_CTX_SET_ACCURACY			 128
+#define TS_F_TS_RESP_CTX_SET_CERTS			 129
+#define TS_F_TS_RESP_CTX_SET_DEF_POLICY			 130
+#define TS_F_TS_RESP_CTX_SET_SIGNER_CERT		 131
+#define TS_F_TS_RESP_CTX_SET_STATUS_INFO		 132
+#define TS_F_TS_RESP_GET_POLICY				 133
+#define TS_F_TS_RESP_SET_GENTIME_WITH_PRECISION		 134
+#define TS_F_TS_RESP_SET_STATUS_INFO			 135
+#define TS_F_TS_RESP_SET_TST_INFO			 150
+#define TS_F_TS_RESP_SIGN				 136
+#define TS_F_TS_RESP_VERIFY_SIGNATURE			 106
+#define TS_F_TS_RESP_VERIFY_TOKEN			 107
+#define TS_F_TS_TST_INFO_SET_ACCURACY			 137
+#define TS_F_TS_TST_INFO_SET_MSG_IMPRINT		 138
+#define TS_F_TS_TST_INFO_SET_NONCE			 139
+#define TS_F_TS_TST_INFO_SET_POLICY_ID			 140
+#define TS_F_TS_TST_INFO_SET_SERIAL			 141
+#define TS_F_TS_TST_INFO_SET_TIME			 142
+#define TS_F_TS_TST_INFO_SET_TSA			 143
+#define TS_F_TS_VERIFY					 108
+#define TS_F_TS_VERIFY_CERT				 109
+#define TS_F_TS_VERIFY_CTX_NEW				 144
+
+/* Reason codes. */
+#define TS_R_BAD_PKCS7_TYPE				 132
+#define TS_R_BAD_TYPE					 133
+#define TS_R_CERTIFICATE_VERIFY_ERROR			 100
+#define TS_R_COULD_NOT_SET_ENGINE			 127
+#define TS_R_COULD_NOT_SET_TIME				 115
+#define TS_R_D2I_TS_RESP_INT_FAILED			 128
+#define TS_R_DETACHED_CONTENT				 134
+#define TS_R_ESS_ADD_SIGNING_CERT_ERROR			 116
+#define TS_R_ESS_SIGNING_CERTIFICATE_ERROR		 101
+#define TS_R_INVALID_NULL_POINTER			 102
+#define TS_R_INVALID_SIGNER_CERTIFICATE_PURPOSE		 117
+#define TS_R_MESSAGE_IMPRINT_MISMATCH			 103
+#define TS_R_NONCE_MISMATCH				 104
+#define TS_R_NONCE_NOT_RETURNED				 105
+#define TS_R_NO_CONTENT					 106
+#define TS_R_NO_TIME_STAMP_TOKEN			 107
+#define TS_R_PKCS7_ADD_SIGNATURE_ERROR			 118
+#define TS_R_PKCS7_ADD_SIGNED_ATTR_ERROR		 119
+#define TS_R_PKCS7_TO_TS_TST_INFO_FAILED		 129
+#define TS_R_POLICY_MISMATCH				 108
+#define TS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE	 120
+#define TS_R_RESPONSE_SETUP_ERROR			 121
+#define TS_R_SIGNATURE_FAILURE				 109
+#define TS_R_THERE_MUST_BE_ONE_SIGNER			 110
+#define TS_R_TIME_SYSCALL_ERROR				 122
+#define TS_R_TOKEN_NOT_PRESENT				 130
+#define TS_R_TOKEN_PRESENT				 131
+#define TS_R_TSA_NAME_MISMATCH				 111
+#define TS_R_TSA_UNTRUSTED				 112
+#define TS_R_TST_INFO_SETUP_ERROR			 123
+#define TS_R_TS_DATASIGN				 124
+#define TS_R_UNACCEPTABLE_POLICY			 125
+#define TS_R_UNSUPPORTED_MD_ALGORITHM			 126
+#define TS_R_UNSUPPORTED_VERSION			 113
+#define TS_R_WRONG_CONTENT_TYPE				 114
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/crypto/ts/ts_asn1.c b/crypto/ts/ts_asn1.c
new file mode 100644
index 0000000000..40b730c5e2
--- /dev/null
+++ b/crypto/ts/ts_asn1.c
@@ -0,0 +1,322 @@
+/* crypto/ts/ts_asn1.c */
+/* Written by Nils Larsch for the OpenSSL project 2004.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <openssl/ts.h>
+#include <openssl/err.h>
+#include <openssl/asn1t.h>
+
+ASN1_SEQUENCE(TS_MSG_IMPRINT) = {
+	ASN1_SIMPLE(TS_MSG_IMPRINT, hash_algo, X509_ALGOR),
+	ASN1_SIMPLE(TS_MSG_IMPRINT, hashed_msg, ASN1_OCTET_STRING)
+} ASN1_SEQUENCE_END(TS_MSG_IMPRINT)
+
+IMPLEMENT_ASN1_FUNCTIONS_const(TS_MSG_IMPRINT)
+IMPLEMENT_ASN1_DUP_FUNCTION(TS_MSG_IMPRINT)
+#ifndef OPENSSL_NO_BIO
+TS_MSG_IMPRINT *d2i_TS_MSG_IMPRINT_bio(BIO *bp, TS_MSG_IMPRINT **a)
+	{
+	return ASN1_d2i_bio_of(TS_MSG_IMPRINT, TS_MSG_IMPRINT_new, d2i_TS_MSG_IMPRINT, bp, a);
+	}
+
+int i2d_TS_MSG_IMPRINT_bio(BIO *bp, TS_MSG_IMPRINT *a)
+{
+	return ASN1_i2d_bio_of_const(TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT, bp, a);
+}
+#endif
+#ifndef OPENSSL_NO_FP_API
+TS_MSG_IMPRINT *d2i_TS_MSG_IMPRINT_fp(FILE *fp, TS_MSG_IMPRINT **a)
+	{
+	return ASN1_d2i_fp_of(TS_MSG_IMPRINT, TS_MSG_IMPRINT_new, d2i_TS_MSG_IMPRINT, fp, a);
+	}
+
+int i2d_TS_MSG_IMPRINT_fp(FILE *fp, TS_MSG_IMPRINT *a)
+	{
+	return ASN1_i2d_fp_of_const(TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT, fp, a);
+	}
+#endif
+
+ASN1_SEQUENCE(TS_REQ) = {
+	ASN1_SIMPLE(TS_REQ, version, ASN1_INTEGER),
+	ASN1_SIMPLE(TS_REQ, msg_imprint, TS_MSG_IMPRINT),
+	ASN1_OPT(TS_REQ, policy_id, ASN1_OBJECT),
+	ASN1_OPT(TS_REQ, nonce, ASN1_INTEGER),
+	ASN1_OPT(TS_REQ, cert_req, ASN1_FBOOLEAN),
+	ASN1_IMP_SEQUENCE_OF_OPT(TS_REQ, extensions, X509_EXTENSION, 0)
+} ASN1_SEQUENCE_END(TS_REQ)
+
+IMPLEMENT_ASN1_FUNCTIONS_const(TS_REQ)
+IMPLEMENT_ASN1_DUP_FUNCTION(TS_REQ)
+#ifndef OPENSSL_NO_BIO
+TS_REQ *d2i_TS_REQ_bio(BIO *bp, TS_REQ **a)
+	{
+	return ASN1_d2i_bio_of(TS_REQ, TS_REQ_new, d2i_TS_REQ, bp, a);
+	}
+
+int i2d_TS_REQ_bio(BIO *bp, TS_REQ *a)
+	{
+	return ASN1_i2d_bio_of_const(TS_REQ, i2d_TS_REQ, bp, a);
+	}
+#endif
+#ifndef OPENSSL_NO_FP_API
+TS_REQ *d2i_TS_REQ_fp(FILE *fp, TS_REQ **a)
+	{
+	return ASN1_d2i_fp_of(TS_REQ, TS_REQ_new, d2i_TS_REQ, fp, a);
+	}
+
+int i2d_TS_REQ_fp(FILE *fp, TS_REQ *a)
+	{
+	return ASN1_i2d_fp_of_const(TS_REQ, i2d_TS_REQ, fp, a);
+	}
+#endif
+
+ASN1_SEQUENCE(TS_ACCURACY) = {
+	ASN1_OPT(TS_ACCURACY, seconds, ASN1_INTEGER),
+	ASN1_IMP_OPT(TS_ACCURACY, millis, ASN1_INTEGER, 0),
+	ASN1_IMP_OPT(TS_ACCURACY, micros, ASN1_INTEGER, 1)
+} ASN1_SEQUENCE_END(TS_ACCURACY)
+
+IMPLEMENT_ASN1_FUNCTIONS_const(TS_ACCURACY)
+IMPLEMENT_ASN1_DUP_FUNCTION(TS_ACCURACY)
+
+ASN1_SEQUENCE(TS_TST_INFO) = {
+	ASN1_SIMPLE(TS_TST_INFO, version, ASN1_INTEGER),
+	ASN1_SIMPLE(TS_TST_INFO, policy_id, ASN1_OBJECT),
+	ASN1_SIMPLE(TS_TST_INFO, msg_imprint, TS_MSG_IMPRINT),
+	ASN1_SIMPLE(TS_TST_INFO, serial, ASN1_INTEGER),
+	ASN1_SIMPLE(TS_TST_INFO, time, ASN1_GENERALIZEDTIME),
+	ASN1_OPT(TS_TST_INFO, accuracy, TS_ACCURACY),
+	ASN1_OPT(TS_TST_INFO, ordering, ASN1_FBOOLEAN),
+	ASN1_OPT(TS_TST_INFO, nonce, ASN1_INTEGER),
+	ASN1_EXP_OPT(TS_TST_INFO, tsa, GENERAL_NAME, 0),
+	ASN1_IMP_SEQUENCE_OF_OPT(TS_TST_INFO, extensions, X509_EXTENSION, 1)
+} ASN1_SEQUENCE_END(TS_TST_INFO)
+
+IMPLEMENT_ASN1_FUNCTIONS_const(TS_TST_INFO)
+IMPLEMENT_ASN1_DUP_FUNCTION(TS_TST_INFO)
+#ifndef OPENSSL_NO_BIO
+TS_TST_INFO *d2i_TS_TST_INFO_bio(BIO *bp, TS_TST_INFO **a)
+	{
+	return ASN1_d2i_bio_of(TS_TST_INFO, TS_TST_INFO_new, d2i_TS_TST_INFO, bp, a);
+	}
+
+int i2d_TS_TST_INFO_bio(BIO *bp, TS_TST_INFO *a)
+	{
+	return ASN1_i2d_bio_of_const(TS_TST_INFO, i2d_TS_TST_INFO, bp, a);
+	}
+#endif
+#ifndef OPENSSL_NO_FP_API
+TS_TST_INFO *d2i_TS_TST_INFO_fp(FILE *fp, TS_TST_INFO **a)
+	{
+	return ASN1_d2i_fp_of(TS_TST_INFO, TS_TST_INFO_new, d2i_TS_TST_INFO, fp, a);
+	}
+
+int i2d_TS_TST_INFO_fp(FILE *fp, TS_TST_INFO *a)
+	{
+	return ASN1_i2d_fp_of_const(TS_TST_INFO, i2d_TS_TST_INFO, fp, a);
+	}
+#endif
+
+ASN1_SEQUENCE(TS_STATUS_INFO) = {
+	ASN1_SIMPLE(TS_STATUS_INFO, status, ASN1_INTEGER),
+	ASN1_SEQUENCE_OF_OPT(TS_STATUS_INFO, text, ASN1_UTF8STRING),
+	ASN1_OPT(TS_STATUS_INFO, failure_info, ASN1_BIT_STRING)
+} ASN1_SEQUENCE_END(TS_STATUS_INFO)
+
+IMPLEMENT_ASN1_FUNCTIONS_const(TS_STATUS_INFO)
+IMPLEMENT_ASN1_DUP_FUNCTION(TS_STATUS_INFO)
+
+static int ts_resp_set_tst_info(TS_RESP *a)
+{
+	long    status;
+
+	status = ASN1_INTEGER_get(a->status_info->status);
+
+	if (a->token) {
+		if (status != 0 && status != 1) {
+			TSerr(TS_F_TS_RESP_SET_TST_INFO, TS_R_TOKEN_PRESENT);
+			return 0;
+		}
+		if (a->tst_info != NULL)
+			TS_TST_INFO_free(a->tst_info);
+		a->tst_info = PKCS7_to_TS_TST_INFO(a->token);
+		if (!a->tst_info) {
+			TSerr(TS_F_TS_RESP_SET_TST_INFO, TS_R_PKCS7_TO_TS_TST_INFO_FAILED);
+			return 0;
+		}
+	} else if (status == 0 || status == 1) {
+		TSerr(TS_F_TS_RESP_SET_TST_INFO, TS_R_TOKEN_NOT_PRESENT);
+		return 0;
+	}
+
+	return 1;
+}
+
+static int ts_resp_cb(int op, ASN1_VALUE **pval, const ASN1_ITEM *it,
+	void *exarg)
+{
+	TS_RESP *ts_resp = (TS_RESP *)*pval;
+	if (op == ASN1_OP_NEW_POST) {
+		ts_resp->tst_info = NULL;
+	} else if (op == ASN1_OP_FREE_POST) {
+		if (ts_resp->tst_info != NULL)
+			TS_TST_INFO_free(ts_resp->tst_info);
+	} else if (op == ASN1_OP_D2I_POST) {
+		if (ts_resp_set_tst_info(ts_resp) == 0)
+			return 0;
+	}
+	return 1;
+}
+
+ASN1_SEQUENCE_cb(TS_RESP, ts_resp_cb) = {
+	ASN1_SIMPLE(TS_RESP, status_info, TS_STATUS_INFO),
+	ASN1_OPT(TS_RESP, token, PKCS7),
+} ASN1_SEQUENCE_END_cb(TS_RESP, TS_RESP)
+
+IMPLEMENT_ASN1_FUNCTIONS_const(TS_RESP)
+IMPLEMENT_ASN1_DUP_FUNCTION(TS_RESP)
+#ifndef OPENSSL_NO_BIO
+TS_RESP *d2i_TS_RESP_bio(BIO *bp, TS_RESP **a)
+	{
+	return ASN1_d2i_bio_of(TS_RESP, TS_RESP_new, d2i_TS_RESP, bp, a);
+	}
+
+int i2d_TS_RESP_bio(BIO *bp, TS_RESP *a)
+	{
+	return ASN1_i2d_bio_of_const(TS_RESP, i2d_TS_RESP, bp, a);
+	}
+#endif
+#ifndef OPENSSL_NO_FP_API
+TS_RESP *d2i_TS_RESP_fp(FILE *fp, TS_RESP **a)
+	{
+	return ASN1_d2i_fp_of(TS_RESP, TS_RESP_new, d2i_TS_RESP, fp, a);
+	}
+
+int i2d_TS_RESP_fp(FILE *fp, TS_RESP *a)
+	{
+	return ASN1_i2d_fp_of_const(TS_RESP, i2d_TS_RESP, fp, a);
+	}
+#endif
+
+ASN1_SEQUENCE(ESS_ISSUER_SERIAL) = {
+	ASN1_SEQUENCE_OF(ESS_ISSUER_SERIAL, issuer, GENERAL_NAME),
+	ASN1_SIMPLE(ESS_ISSUER_SERIAL, serial, ASN1_INTEGER)
+} ASN1_SEQUENCE_END(ESS_ISSUER_SERIAL)
+
+IMPLEMENT_ASN1_FUNCTIONS_const(ESS_ISSUER_SERIAL)
+IMPLEMENT_ASN1_DUP_FUNCTION(ESS_ISSUER_SERIAL)
+
+ASN1_SEQUENCE(ESS_CERT_ID) = {
+	ASN1_SIMPLE(ESS_CERT_ID, hash, ASN1_OCTET_STRING),
+	ASN1_OPT(ESS_CERT_ID, issuer_serial, ESS_ISSUER_SERIAL)
+} ASN1_SEQUENCE_END(ESS_CERT_ID)
+
+IMPLEMENT_ASN1_FUNCTIONS_const(ESS_CERT_ID)
+IMPLEMENT_ASN1_DUP_FUNCTION(ESS_CERT_ID)
+
+ASN1_SEQUENCE(ESS_SIGNING_CERT) = {
+	ASN1_SEQUENCE_OF(ESS_SIGNING_CERT, cert_ids, ESS_CERT_ID),
+	ASN1_SEQUENCE_OF_OPT(ESS_SIGNING_CERT, policy_info, POLICYINFO)
+} ASN1_SEQUENCE_END(ESS_SIGNING_CERT)
+
+IMPLEMENT_ASN1_FUNCTIONS_const(ESS_SIGNING_CERT)
+IMPLEMENT_ASN1_DUP_FUNCTION(ESS_SIGNING_CERT)
+
+/* Getting encapsulated TS_TST_INFO object from PKCS7. */
+TS_TST_INFO *PKCS7_to_TS_TST_INFO(PKCS7 *token)
+{
+	PKCS7_SIGNED *pkcs7_signed;
+	PKCS7 *enveloped;
+	ASN1_TYPE *tst_info_wrapper;
+	ASN1_OCTET_STRING *tst_info_der;
+	const unsigned char *p;
+
+	if (!PKCS7_type_is_signed(token))
+		{
+		TSerr(TS_F_PKCS7_TO_TS_TST_INFO, TS_R_BAD_PKCS7_TYPE);
+		return NULL;
+		}
+
+	/* Content must be present. */
+	if (PKCS7_get_detached(token))
+		{
+		TSerr(TS_F_PKCS7_TO_TS_TST_INFO, TS_R_DETACHED_CONTENT);
+		return NULL;
+		}
+
+	/* We have a signed data with content. */
+	pkcs7_signed = token->d.sign;
+	enveloped = pkcs7_signed->contents;
+	if (OBJ_obj2nid(enveloped->type) != NID_id_smime_ct_TSTInfo)
+		{
+		TSerr(TS_F_PKCS7_TO_TS_TST_INFO, TS_R_BAD_PKCS7_TYPE);
+		return NULL;
+		}
+
+	/* We have a DER encoded TST_INFO as the signed data. */
+	tst_info_wrapper = enveloped->d.other;
+	if (tst_info_wrapper->type != V_ASN1_OCTET_STRING)
+		{
+		TSerr(TS_F_PKCS7_TO_TS_TST_INFO, TS_R_BAD_TYPE);
+		return NULL;
+		}
+
+	/* We have the correct ASN1_OCTET_STRING type. */
+	tst_info_der = tst_info_wrapper->value.octet_string;
+	/* At last, decode the TST_INFO. */
+	p = tst_info_der->data;
+	return d2i_TS_TST_INFO(NULL, &p, tst_info_der->length);
+}
diff --git a/crypto/ts/ts_conf.c b/crypto/ts/ts_conf.c
new file mode 100644
index 0000000000..c39be76f28
--- /dev/null
+++ b/crypto/ts/ts_conf.c
@@ -0,0 +1,507 @@
+/* crypto/ts/ts_conf.c */
+/* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL
+ * project 2002.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <string.h>
+
+#include <openssl/crypto.h>
+#include "cryptlib.h"
+#include <openssl/pem.h>
+#ifndef OPENSSL_NO_ENGINE
+#include <openssl/engine.h>
+#endif
+#include <openssl/ts.h>
+
+/* Macro definitions for the configuration file. */
+
+#define	BASE_SECTION			"tsa"
+#define	ENV_DEFAULT_TSA			"default_tsa"
+#define	ENV_SERIAL			"serial"
+#define ENV_CRYPTO_DEVICE		"crypto_device"
+#define	ENV_SIGNER_CERT			"signer_cert"
+#define	ENV_CERTS			"certs"
+#define	ENV_SIGNER_KEY			"signer_key"
+#define	ENV_DEFAULT_POLICY		"default_policy"
+#define	ENV_OTHER_POLICIES		"other_policies"
+#define	ENV_DIGESTS			"digests"
+#define	ENV_ACCURACY			"accuracy"
+#define	ENV_ORDERING			"ordering"
+#define	ENV_TSA_NAME			"tsa_name"
+#define	ENV_ESS_CERT_ID_CHAIN		"ess_cert_id_chain"
+#define	ENV_VALUE_SECS			"secs"
+#define	ENV_VALUE_MILLISECS		"millisecs"
+#define	ENV_VALUE_MICROSECS		"microsecs"
+#define	ENV_CLOCK_PRECISION_DIGITS	"clock_precision_digits" 
+#define	ENV_VALUE_YES			"yes"
+#define	ENV_VALUE_NO			"no"
+
+/* Function definitions for certificate and key loading. */
+
+X509 *TS_CONF_load_cert(const char *file)
+	{
+	BIO *cert = NULL;
+	X509 *x = NULL;
+
+	if ((cert = BIO_new_file(file, "r")) == NULL) goto end;
+	x = PEM_read_bio_X509_AUX(cert, NULL, NULL, NULL);
+end:
+	if (x == NULL)
+		fprintf(stderr, "unable to load certificate: %s\n", file);
+	BIO_free(cert);
+	return x;
+	}
+
+STACK_OF(X509) *TS_CONF_load_certs(const char *file)
+	{
+	BIO *certs = NULL;
+	STACK_OF(X509) *othercerts = NULL;
+	STACK_OF(X509_INFO) *allcerts = NULL;
+	int i;
+
+	if (!(certs = BIO_new_file(file, "r"))) goto end;
+
+	if (!(othercerts = sk_X509_new_null())) goto end;
+	allcerts = PEM_X509_INFO_read_bio(certs, NULL, NULL, NULL);
+	for(i = 0; i < sk_X509_INFO_num(allcerts); i++)
+		{
+		X509_INFO *xi = sk_X509_INFO_value(allcerts, i);
+		if (xi->x509)
+			{
+			sk_X509_push(othercerts, xi->x509);
+			xi->x509 = NULL;
+			}
+		}
+end:
+	if (othercerts == NULL)
+		fprintf(stderr, "unable to load certificates: %s\n", file);
+	sk_X509_INFO_pop_free(allcerts, X509_INFO_free);
+	BIO_free(certs);
+	return othercerts;
+	}
+
+EVP_PKEY *TS_CONF_load_key(const char *file, const char *pass)
+	{
+	BIO *key = NULL;
+	EVP_PKEY *pkey = NULL;
+
+	if (!(key = BIO_new_file(file, "r"))) goto end;
+	pkey = PEM_read_bio_PrivateKey(key, NULL, NULL, (char *) pass);
+ end:
+	if (pkey == NULL)
+		fprintf(stderr, "unable to load private key: %s\n", file);
+	BIO_free(key);
+	return pkey;
+	}
+
+/* Function definitions for handling configuration options. */
+
+static void TS_CONF_lookup_fail(const char *name, const char *tag)
+	{
+	fprintf(stderr, "variable lookup failed for %s::%s\n", name, tag);
+	}
+
+static void TS_CONF_invalid(const char *name, const char *tag)
+	{
+	fprintf(stderr, "invalid variable value for %s::%s\n", name, tag);
+	}
+
+const char *TS_CONF_get_tsa_section(CONF *conf, const char *section)
+	{
+	if (!section)
+		{
+		section = NCONF_get_string(conf, BASE_SECTION, ENV_DEFAULT_TSA);
+		if (!section)
+			TS_CONF_lookup_fail(BASE_SECTION, ENV_DEFAULT_TSA);
+		}
+	return section;
+	}
+
+int TS_CONF_set_serial(CONF *conf, const char *section, TS_serial_cb cb,
+		       TS_RESP_CTX *ctx)
+	{
+	int ret = 0;
+	char *serial = NCONF_get_string(conf, section, ENV_SERIAL);
+	if (!serial)
+		{
+		TS_CONF_lookup_fail(section, ENV_SERIAL);
+		goto err;
+		}
+	TS_RESP_CTX_set_serial_cb(ctx, cb, serial);
+
+	ret = 1;
+ err:
+	return ret;
+	}
+
+#ifndef OPENSSL_NO_ENGINE
+
+int TS_CONF_set_crypto_device(CONF *conf, const char *section,
+			      const char *device)
+	{
+	int ret = 0;
+	
+	if (!device)
+		device = NCONF_get_string(conf, section,
+					  ENV_CRYPTO_DEVICE);
+
+	if (device && !TS_CONF_set_default_engine(device))
+		{
+		TS_CONF_invalid(section, ENV_CRYPTO_DEVICE);
+		goto err;
+		}
+	ret = 1;
+ err:
+	return ret;
+	}
+
+int TS_CONF_set_default_engine(const char *name)
+	{
+	ENGINE *e = NULL;
+	int ret = 0;
+
+	/* Leave the default if builtin specified. */
+	if (strcmp(name, "builtin") == 0) return 1;
+
+	if (!(e = ENGINE_by_id(name))) goto err;
+	/* Enable the use of the NCipher HSM for forked children. */
+	if (strcmp(name, "chil") == 0) 
+		ENGINE_ctrl(e, ENGINE_CTRL_CHIL_SET_FORKCHECK, 1, 0, 0);
+	/* All the operations are going to be carried out by the engine. */
+	if (!ENGINE_set_default(e, ENGINE_METHOD_ALL)) goto err;
+	ret = 1;
+ err:
+	if (!ret)
+		{
+		TSerr(TS_F_TS_CONF_SET_DEFAULT_ENGINE, 
+		      TS_R_COULD_NOT_SET_ENGINE);
+		ERR_add_error_data(2, "engine:", name);
+		}
+	if (e) ENGINE_free(e);
+	return ret;
+	}
+
+#endif
+
+int TS_CONF_set_signer_cert(CONF *conf, const char *section,
+			    const char *cert, TS_RESP_CTX *ctx)
+	{
+	int ret = 0;
+	X509 *cert_obj = NULL;
+	if (!cert) 
+		cert = NCONF_get_string(conf, section, ENV_SIGNER_CERT);
+	if (!cert)
+		{
+		TS_CONF_lookup_fail(section, ENV_SIGNER_CERT);
+		goto err;
+		}
+	if (!(cert_obj = TS_CONF_load_cert(cert)))
+		goto err;
+	if (!TS_RESP_CTX_set_signer_cert(ctx, cert_obj))
+		goto err;
+
+	ret = 1;
+ err:
+	X509_free(cert_obj);
+	return ret;
+	}
+
+int TS_CONF_set_certs(CONF *conf, const char *section, const char *certs,
+		      TS_RESP_CTX *ctx)
+	{
+	int ret = 0;
+	STACK_OF(X509) *certs_obj = NULL;
+	if (!certs) 
+		certs = NCONF_get_string(conf, section, ENV_CERTS);
+	/* Certificate chain is optional. */
+	if (!certs) goto end;
+	if (!(certs_obj = TS_CONF_load_certs(certs))) goto err;
+	if (!TS_RESP_CTX_set_certs(ctx, certs_obj)) goto err;
+ end:
+	ret = 1;
+ err:
+	sk_X509_pop_free(certs_obj, X509_free);
+	return ret;
+	}
+
+int TS_CONF_set_signer_key(CONF *conf, const char *section,
+			   const char *key, const char *pass,
+			   TS_RESP_CTX *ctx)
+	{
+	int ret = 0;
+	EVP_PKEY *key_obj = NULL;
+	if (!key) 
+		key = NCONF_get_string(conf, section, ENV_SIGNER_KEY);
+	if (!key)
+		{
+		TS_CONF_lookup_fail(section, ENV_SIGNER_KEY);
+		goto err;
+		}
+	if (!(key_obj = TS_CONF_load_key(key, pass))) goto err;
+	if (!TS_RESP_CTX_set_signer_key(ctx, key_obj)) goto err;
+
+	ret = 1;
+ err:
+	EVP_PKEY_free(key_obj);
+	return ret;
+	}
+
+int TS_CONF_set_def_policy(CONF *conf, const char *section,
+			   const char *policy, TS_RESP_CTX *ctx)
+	{
+	int ret = 0;
+	ASN1_OBJECT *policy_obj = NULL;
+	if (!policy) 
+		policy = NCONF_get_string(conf, section, 
+					  ENV_DEFAULT_POLICY);
+	if (!policy)
+		{
+		TS_CONF_lookup_fail(section, ENV_DEFAULT_POLICY);
+		goto err;
+		}
+	if (!(policy_obj = OBJ_txt2obj(policy, 0)))
+		{
+		TS_CONF_invalid(section, ENV_DEFAULT_POLICY);
+		goto err;
+		}
+	if (!TS_RESP_CTX_set_def_policy(ctx, policy_obj))
+		goto err;
+
+	ret = 1;
+ err:
+	ASN1_OBJECT_free(policy_obj);
+	return ret;
+	}
+
+int TS_CONF_set_policies(CONF *conf, const char *section,
+			 TS_RESP_CTX *ctx)
+	{
+	int ret = 0;
+	int i;
+	STACK_OF(CONF_VALUE) *list = NULL;
+	char *policies = NCONF_get_string(conf, section, 
+					  ENV_OTHER_POLICIES);
+	/* If no other policy is specified, that's fine. */
+	if (policies && !(list = X509V3_parse_list(policies)))
+		{
+		TS_CONF_invalid(section, ENV_OTHER_POLICIES);
+		goto err;
+		}
+	for (i = 0; i < sk_CONF_VALUE_num(list); ++i)
+		{
+		CONF_VALUE *val = sk_CONF_VALUE_value(list, i);
+		const char *extval = val->value ? val->value : val->name;
+		ASN1_OBJECT *objtmp;
+		if (!(objtmp = OBJ_txt2obj(extval, 0)))
+			{
+			TS_CONF_invalid(section, ENV_OTHER_POLICIES);
+			goto err;
+			}
+		if (!TS_RESP_CTX_add_policy(ctx, objtmp))
+			goto err;
+		ASN1_OBJECT_free(objtmp);
+		}
+
+	ret = 1;
+ err:
+	sk_CONF_VALUE_pop_free(list, X509V3_conf_free);
+	return ret;
+	}
+
+int TS_CONF_set_digests(CONF *conf, const char *section,
+			TS_RESP_CTX *ctx)
+	{
+	int ret = 0;
+	int i;
+	STACK_OF(CONF_VALUE) *list = NULL;
+	char *digests = NCONF_get_string(conf, section, ENV_DIGESTS);
+	if (!digests)
+		{
+		TS_CONF_lookup_fail(section, ENV_DIGESTS);
+		goto err;
+		}
+	if (!(list = X509V3_parse_list(digests)))
+		{
+		TS_CONF_invalid(section, ENV_DIGESTS);
+		goto err;
+		}
+	if (sk_CONF_VALUE_num(list) == 0)
+		{
+		TS_CONF_invalid(section, ENV_DIGESTS);
+		goto err;
+		}
+	for (i = 0; i < sk_CONF_VALUE_num(list); ++i)
+		{
+		CONF_VALUE *val = sk_CONF_VALUE_value(list, i);
+		const char *extval = val->value ? val->value : val->name;
+		const EVP_MD *md;
+		if (!(md = EVP_get_digestbyname(extval)))
+			{
+			TS_CONF_invalid(section, ENV_DIGESTS);
+			goto err;
+			}
+		if (!TS_RESP_CTX_add_md(ctx, md))
+			goto err;
+		}
+
+	ret = 1;
+ err:
+	sk_CONF_VALUE_pop_free(list, X509V3_conf_free);
+	return ret;
+	}
+
+int TS_CONF_set_accuracy(CONF *conf, const char *section, TS_RESP_CTX *ctx)
+	{
+	int ret = 0;
+	int i;
+	int secs = 0, millis = 0, micros = 0;
+	STACK_OF(CONF_VALUE) *list = NULL;
+	char *accuracy = NCONF_get_string(conf, section, ENV_ACCURACY);
+
+	if (accuracy && !(list = X509V3_parse_list(accuracy)))
+		{
+		TS_CONF_invalid(section, ENV_ACCURACY);
+		goto err;
+		}
+	for (i = 0; i < sk_CONF_VALUE_num(list); ++i)
+		{
+		CONF_VALUE *val = sk_CONF_VALUE_value(list, i);
+		if (strcmp(val->name, ENV_VALUE_SECS) == 0) 
+			{
+			if (val->value) secs = atoi(val->value);
+			}
+		else if (strcmp(val->name, ENV_VALUE_MILLISECS) == 0)
+			{
+			if (val->value) millis = atoi(val->value);
+			}
+		else if (strcmp(val->name, ENV_VALUE_MICROSECS) == 0)
+			{
+			if (val->value) micros = atoi(val->value);
+			}
+		else
+			{
+			TS_CONF_invalid(section, ENV_ACCURACY);
+			goto err;
+			}
+		}
+	if (!TS_RESP_CTX_set_accuracy(ctx, secs, millis, micros))
+		goto err;
+
+	ret = 1;
+ err:
+	sk_CONF_VALUE_pop_free(list, X509V3_conf_free);
+	return ret;
+	}
+
+int TS_CONF_set_clock_precision_digits(CONF *conf, const char *section,
+				       TS_RESP_CTX *ctx)
+	{
+	int ret = 0;
+	long digits = 0;
+	
+	/* If not specified, set the default value to 0, i.e. sec  precision */
+	if (!NCONF_get_number_e(conf, section, ENV_CLOCK_PRECISION_DIGITS,
+				&digits))
+		digits = 0;
+	if (digits < 0 || digits > TS_MAX_CLOCK_PRECISION_DIGITS)
+		{
+		TS_CONF_invalid(section, ENV_CLOCK_PRECISION_DIGITS);
+		goto err;
+		}
+
+	if (!TS_RESP_CTX_set_clock_precision_digits(ctx, digits))
+		goto err;
+
+	return 1;
+ err:
+	return ret;
+	}
+
+static int TS_CONF_add_flag(CONF *conf, const char *section, const char *field,
+			    int flag, TS_RESP_CTX *ctx)
+	{
+	/* Default is false. */
+	const char *value = NCONF_get_string(conf, section, field);
+	if (value)
+		{
+		if (strcmp(value, ENV_VALUE_YES) == 0)
+			TS_RESP_CTX_add_flags(ctx, flag);
+		else if (strcmp(value, ENV_VALUE_NO) != 0)
+			{
+			TS_CONF_invalid(section, field);
+			return 0;
+			}
+		}
+
+	return 1;
+	}
+
+int TS_CONF_set_ordering(CONF *conf, const char *section, TS_RESP_CTX *ctx)
+	{
+	return TS_CONF_add_flag(conf, section, ENV_ORDERING, TS_ORDERING, ctx);
+	}
+
+int TS_CONF_set_tsa_name(CONF *conf, const char *section, TS_RESP_CTX *ctx)
+	{
+	return TS_CONF_add_flag(conf, section, ENV_TSA_NAME, TS_TSA_NAME, ctx);
+	}
+
+int TS_CONF_set_ess_cert_id_chain(CONF *conf, const char *section,
+				  TS_RESP_CTX *ctx)
+	{
+	return TS_CONF_add_flag(conf, section, ENV_ESS_CERT_ID_CHAIN, 
+				TS_ESS_CERT_ID_CHAIN, ctx);
+	}
diff --git a/crypto/ts/ts_err.c b/crypto/ts/ts_err.c
new file mode 100644
index 0000000000..a08b0ffa23
--- /dev/null
+++ b/crypto/ts/ts_err.c
@@ -0,0 +1,179 @@
+/* crypto/ts/ts_err.c */
+/* ====================================================================
+ * Copyright (c) 1999-2007 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/* NOTE: this file was auto generated by the mkerr.pl script: any changes
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
+ */
+
+#include <stdio.h>
+#include <openssl/err.h>
+#include <openssl/ts.h>
+
+/* BEGIN ERROR CODES */
+#ifndef OPENSSL_NO_ERR
+
+#define ERR_FUNC(func) ERR_PACK(ERR_LIB_TS,func,0)
+#define ERR_REASON(reason) ERR_PACK(ERR_LIB_TS,0,reason)
+
+static ERR_STRING_DATA TS_str_functs[]=
+	{
+{ERR_FUNC(TS_F_D2I_TS_RESP),	"d2i_TS_RESP"},
+{ERR_FUNC(TS_F_DEF_SERIAL_CB),	"DEF_SERIAL_CB"},
+{ERR_FUNC(TS_F_DEF_TIME_CB),	"DEF_TIME_CB"},
+{ERR_FUNC(TS_F_ESS_ADD_SIGNING_CERT),	"ESS_ADD_SIGNING_CERT"},
+{ERR_FUNC(TS_F_ESS_CERT_ID_NEW_INIT),	"ESS_CERT_ID_NEW_INIT"},
+{ERR_FUNC(TS_F_ESS_SIGNING_CERT_NEW_INIT),	"ESS_SIGNING_CERT_NEW_INIT"},
+{ERR_FUNC(TS_F_INT_TS_RESP_VERIFY_TOKEN),	"INT_TS_RESP_VERIFY_TOKEN"},
+{ERR_FUNC(TS_F_PKCS7_TO_TS_TST_INFO),	"PKCS7_to_TS_TST_INFO"},
+{ERR_FUNC(TS_F_TS_ACCURACY_SET_MICROS),	"TS_ACCURACY_set_micros"},
+{ERR_FUNC(TS_F_TS_ACCURACY_SET_MILLIS),	"TS_ACCURACY_set_millis"},
+{ERR_FUNC(TS_F_TS_ACCURACY_SET_SECONDS),	"TS_ACCURACY_set_seconds"},
+{ERR_FUNC(TS_F_TS_CHECK_IMPRINTS),	"TS_CHECK_IMPRINTS"},
+{ERR_FUNC(TS_F_TS_CHECK_NONCES),	"TS_CHECK_NONCES"},
+{ERR_FUNC(TS_F_TS_CHECK_POLICY),	"TS_CHECK_POLICY"},
+{ERR_FUNC(TS_F_TS_CHECK_SIGNING_CERTS),	"TS_CHECK_SIGNING_CERTS"},
+{ERR_FUNC(TS_F_TS_CHECK_STATUS_INFO),	"TS_CHECK_STATUS_INFO"},
+{ERR_FUNC(TS_F_TS_COMPUTE_IMPRINT),	"TS_COMPUTE_IMPRINT"},
+{ERR_FUNC(TS_F_TS_CONF_SET_DEFAULT_ENGINE),	"TS_CONF_set_default_engine"},
+{ERR_FUNC(TS_F_TS_GET_STATUS_TEXT),	"TS_GET_STATUS_TEXT"},
+{ERR_FUNC(TS_F_TS_MSG_IMPRINT_SET_ALGO),	"TS_MSG_IMPRINT_set_algo"},
+{ERR_FUNC(TS_F_TS_REQ_SET_MSG_IMPRINT),	"TS_REQ_set_msg_imprint"},
+{ERR_FUNC(TS_F_TS_REQ_SET_NONCE),	"TS_REQ_set_nonce"},
+{ERR_FUNC(TS_F_TS_REQ_SET_POLICY_ID),	"TS_REQ_set_policy_id"},
+{ERR_FUNC(TS_F_TS_RESP_CREATE_RESPONSE),	"TS_RESP_create_response"},
+{ERR_FUNC(TS_F_TS_RESP_CREATE_TST_INFO),	"TS_RESP_CREATE_TST_INFO"},
+{ERR_FUNC(TS_F_TS_RESP_CTX_ADD_FAILURE_INFO),	"TS_RESP_CTX_add_failure_info"},
+{ERR_FUNC(TS_F_TS_RESP_CTX_ADD_MD),	"TS_RESP_CTX_add_md"},
+{ERR_FUNC(TS_F_TS_RESP_CTX_ADD_POLICY),	"TS_RESP_CTX_add_policy"},
+{ERR_FUNC(TS_F_TS_RESP_CTX_NEW),	"TS_RESP_CTX_new"},
+{ERR_FUNC(TS_F_TS_RESP_CTX_SET_ACCURACY),	"TS_RESP_CTX_set_accuracy"},
+{ERR_FUNC(TS_F_TS_RESP_CTX_SET_CERTS),	"TS_RESP_CTX_set_certs"},
+{ERR_FUNC(TS_F_TS_RESP_CTX_SET_DEF_POLICY),	"TS_RESP_CTX_set_def_policy"},
+{ERR_FUNC(TS_F_TS_RESP_CTX_SET_SIGNER_CERT),	"TS_RESP_CTX_set_signer_cert"},
+{ERR_FUNC(TS_F_TS_RESP_CTX_SET_STATUS_INFO),	"TS_RESP_CTX_set_status_info"},
+{ERR_FUNC(TS_F_TS_RESP_GET_POLICY),	"TS_RESP_GET_POLICY"},
+{ERR_FUNC(TS_F_TS_RESP_SET_GENTIME_WITH_PRECISION),	"TS_RESP_SET_GENTIME_WITH_PRECISION"},
+{ERR_FUNC(TS_F_TS_RESP_SET_STATUS_INFO),	"TS_RESP_set_status_info"},
+{ERR_FUNC(TS_F_TS_RESP_SET_TST_INFO),	"TS_RESP_set_tst_info"},
+{ERR_FUNC(TS_F_TS_RESP_SIGN),	"TS_RESP_SIGN"},
+{ERR_FUNC(TS_F_TS_RESP_VERIFY_SIGNATURE),	"TS_RESP_verify_signature"},
+{ERR_FUNC(TS_F_TS_RESP_VERIFY_TOKEN),	"TS_RESP_verify_token"},
+{ERR_FUNC(TS_F_TS_TST_INFO_SET_ACCURACY),	"TS_TST_INFO_set_accuracy"},
+{ERR_FUNC(TS_F_TS_TST_INFO_SET_MSG_IMPRINT),	"TS_TST_INFO_set_msg_imprint"},
+{ERR_FUNC(TS_F_TS_TST_INFO_SET_NONCE),	"TS_TST_INFO_set_nonce"},
+{ERR_FUNC(TS_F_TS_TST_INFO_SET_POLICY_ID),	"TS_TST_INFO_set_policy_id"},
+{ERR_FUNC(TS_F_TS_TST_INFO_SET_SERIAL),	"TS_TST_INFO_set_serial"},
+{ERR_FUNC(TS_F_TS_TST_INFO_SET_TIME),	"TS_TST_INFO_set_time"},
+{ERR_FUNC(TS_F_TS_TST_INFO_SET_TSA),	"TS_TST_INFO_set_tsa"},
+{ERR_FUNC(TS_F_TS_VERIFY),	"TS_VERIFY"},
+{ERR_FUNC(TS_F_TS_VERIFY_CERT),	"TS_VERIFY_CERT"},
+{ERR_FUNC(TS_F_TS_VERIFY_CTX_NEW),	"TS_VERIFY_CTX_new"},
+{0,NULL}
+	};
+
+static ERR_STRING_DATA TS_str_reasons[]=
+	{
+{ERR_REASON(TS_R_BAD_PKCS7_TYPE)         ,"bad pkcs7 type"},
+{ERR_REASON(TS_R_BAD_TYPE)               ,"bad type"},
+{ERR_REASON(TS_R_CERTIFICATE_VERIFY_ERROR),"certificate verify error"},
+{ERR_REASON(TS_R_COULD_NOT_SET_ENGINE)   ,"could not set engine"},
+{ERR_REASON(TS_R_COULD_NOT_SET_TIME)     ,"could not set time"},
+{ERR_REASON(TS_R_D2I_TS_RESP_INT_FAILED) ,"d2i ts resp int failed"},
+{ERR_REASON(TS_R_DETACHED_CONTENT)       ,"detached content"},
+{ERR_REASON(TS_R_ESS_ADD_SIGNING_CERT_ERROR),"ess add signing cert error"},
+{ERR_REASON(TS_R_ESS_SIGNING_CERTIFICATE_ERROR),"ess signing certificate error"},
+{ERR_REASON(TS_R_INVALID_NULL_POINTER)   ,"invalid null pointer"},
+{ERR_REASON(TS_R_INVALID_SIGNER_CERTIFICATE_PURPOSE),"invalid signer certificate purpose"},
+{ERR_REASON(TS_R_MESSAGE_IMPRINT_MISMATCH),"message imprint mismatch"},
+{ERR_REASON(TS_R_NONCE_MISMATCH)         ,"nonce mismatch"},
+{ERR_REASON(TS_R_NONCE_NOT_RETURNED)     ,"nonce not returned"},
+{ERR_REASON(TS_R_NO_CONTENT)             ,"no content"},
+{ERR_REASON(TS_R_NO_TIME_STAMP_TOKEN)    ,"no time stamp token"},
+{ERR_REASON(TS_R_PKCS7_ADD_SIGNATURE_ERROR),"pkcs7 add signature error"},
+{ERR_REASON(TS_R_PKCS7_ADD_SIGNED_ATTR_ERROR),"pkcs7 add signed attr error"},
+{ERR_REASON(TS_R_PKCS7_TO_TS_TST_INFO_FAILED),"pkcs7 to ts tst info failed"},
+{ERR_REASON(TS_R_POLICY_MISMATCH)        ,"policy mismatch"},
+{ERR_REASON(TS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE),"private key does not match certificate"},
+{ERR_REASON(TS_R_RESPONSE_SETUP_ERROR)   ,"response setup error"},
+{ERR_REASON(TS_R_SIGNATURE_FAILURE)      ,"signature failure"},
+{ERR_REASON(TS_R_THERE_MUST_BE_ONE_SIGNER),"there must be one signer"},
+{ERR_REASON(TS_R_TIME_SYSCALL_ERROR)     ,"time syscall error"},
+{ERR_REASON(TS_R_TOKEN_NOT_PRESENT)      ,"token not present"},
+{ERR_REASON(TS_R_TOKEN_PRESENT)          ,"token present"},
+{ERR_REASON(TS_R_TSA_NAME_MISMATCH)      ,"tsa name mismatch"},
+{ERR_REASON(TS_R_TSA_UNTRUSTED)          ,"tsa untrusted"},
+{ERR_REASON(TS_R_TST_INFO_SETUP_ERROR)   ,"tst info setup error"},
+{ERR_REASON(TS_R_TS_DATASIGN)            ,"ts datasign"},
+{ERR_REASON(TS_R_UNACCEPTABLE_POLICY)    ,"unacceptable policy"},
+{ERR_REASON(TS_R_UNSUPPORTED_MD_ALGORITHM),"unsupported md algorithm"},
+{ERR_REASON(TS_R_UNSUPPORTED_VERSION)    ,"unsupported version"},
+{ERR_REASON(TS_R_WRONG_CONTENT_TYPE)     ,"wrong content type"},
+{0,NULL}
+	};
+
+#endif
+
+void ERR_load_TS_strings(void)
+	{
+#ifndef OPENSSL_NO_ERR
+
+	if (ERR_func_error_string(TS_str_functs[0].error) == NULL)
+		{
+		ERR_load_strings(0,TS_str_functs);
+		ERR_load_strings(0,TS_str_reasons);
+		}
+#endif
+	}
diff --git a/crypto/ts/ts_lib.c b/crypto/ts/ts_lib.c
new file mode 100644
index 0000000000..e8608dbf71
--- /dev/null
+++ b/crypto/ts/ts_lib.c
@@ -0,0 +1,145 @@
+/* crypto/ts/ts_lib.c */
+/* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL
+ * project 2002.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/objects.h>
+#include <openssl/bn.h>
+#include <openssl/x509v3.h>
+#include "ts.h"
+
+/* Local function declarations. */
+
+/* Function definitions. */
+
+int TS_ASN1_INTEGER_print_bio(BIO *bio, const ASN1_INTEGER *num)
+	{
+	BIGNUM num_bn;
+	int result = 0;
+	char *hex;
+
+	BN_init(&num_bn);
+	ASN1_INTEGER_to_BN(num, &num_bn);
+	if ((hex = BN_bn2hex(&num_bn))) 
+		{
+		result = BIO_write(bio, "0x", 2) > 0;
+		result = result && BIO_write(bio, hex, strlen(hex)) > 0;
+		OPENSSL_free(hex);
+		}
+	BN_free(&num_bn);
+
+	return result;
+	}
+
+int TS_OBJ_print_bio(BIO *bio, const ASN1_OBJECT *obj)
+	{
+	char obj_txt[128];
+
+	int len = OBJ_obj2txt(obj_txt, sizeof(obj_txt), obj, 0);
+	BIO_write(bio, obj_txt, len);
+	BIO_write(bio, "\n", 1);
+
+	return 1;
+	}
+
+int TS_ext_print_bio(BIO *bio, const STACK_OF(X509_EXTENSION) *extensions)
+	{
+	int i, critical, n;
+	X509_EXTENSION *ex;
+	ASN1_OBJECT *obj;
+
+	BIO_printf(bio, "Extensions:\n");
+	n = X509v3_get_ext_count(extensions);
+	for (i = 0; i < n; i++)
+		{
+		ex = X509v3_get_ext(extensions, i);
+		obj = X509_EXTENSION_get_object(ex);
+		i2a_ASN1_OBJECT(bio, obj);
+		critical = X509_EXTENSION_get_critical(ex);
+		BIO_printf(bio, ": %s\n", critical ? "critical" : "");
+		if (!X509V3_EXT_print(bio, ex, 0, 4))
+			{
+			BIO_printf(bio, "%4s", "");
+			M_ASN1_OCTET_STRING_print(bio, ex->value);
+			}
+		BIO_write(bio, "\n", 1);
+		}
+
+	return 1;
+	}
+
+int TS_X509_ALGOR_print_bio(BIO *bio, const X509_ALGOR *alg)
+	{
+	int i = OBJ_obj2nid(alg->algorithm);
+	return BIO_printf(bio, "Hash Algorithm: %s\n",
+		(i == NID_undef) ? "UNKNOWN" : OBJ_nid2ln(i));
+	}
+
+int TS_MSG_IMPRINT_print_bio(BIO *bio, TS_MSG_IMPRINT *a)
+	{
+	const ASN1_OCTET_STRING *msg;
+
+	TS_X509_ALGOR_print_bio(bio, TS_MSG_IMPRINT_get_algo(a));
+
+	BIO_printf(bio, "Message data:\n");
+	msg = TS_MSG_IMPRINT_get_msg(a);
+	BIO_dump_indent(bio, (const char *)M_ASN1_STRING_data(msg), 
+			M_ASN1_STRING_length(msg), 4);
+
+	return 1;
+	}
diff --git a/crypto/ts/ts_req_print.c b/crypto/ts/ts_req_print.c
new file mode 100644
index 0000000000..eba12c3824
--- /dev/null
+++ b/crypto/ts/ts_req_print.c
@@ -0,0 +1,102 @@
+/* crypto/ts/ts_req_print.c */
+/* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL
+ * project 2002.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/objects.h>
+#include <openssl/bn.h>
+#include <openssl/x509v3.h>
+#include <openssl/ts.h>
+
+/* Function definitions. */
+
+int TS_REQ_print_bio(BIO *bio, TS_REQ *a)
+	{
+	int v;
+	ASN1_OBJECT *policy_id;
+	const ASN1_INTEGER *nonce;
+
+	if (a == NULL) return 0;
+
+	v = TS_REQ_get_version(a);
+	BIO_printf(bio, "Version: %d\n", v);
+
+	TS_MSG_IMPRINT_print_bio(bio, TS_REQ_get_msg_imprint(a));
+
+	BIO_printf(bio, "Policy OID: ");
+	policy_id = TS_REQ_get_policy_id(a);
+	if (policy_id == NULL)
+		BIO_printf(bio, "unspecified\n");
+	else	
+		TS_OBJ_print_bio(bio, policy_id);
+
+	BIO_printf(bio, "Nonce: ");
+	nonce = TS_REQ_get_nonce(a);
+	if (nonce == NULL)
+		BIO_printf(bio, "unspecified");
+	else
+		TS_ASN1_INTEGER_print_bio(bio, nonce);
+	BIO_write(bio, "\n", 1);
+
+	BIO_printf(bio, "Certificate required: %s\n", 
+		   TS_REQ_get_cert_req(a) ? "yes" : "no");
+
+	TS_ext_print_bio(bio, TS_REQ_get_exts(a));
+
+	return 1;
+	}
diff --git a/crypto/ts/ts_req_utils.c b/crypto/ts/ts_req_utils.c
new file mode 100644
index 0000000000..43280c1587
--- /dev/null
+++ b/crypto/ts/ts_req_utils.c
@@ -0,0 +1,234 @@
+/* crypto/ts/ts_req_utils.c */
+/* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL
+ * project 2002.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/objects.h>
+#include <openssl/x509v3.h>
+#include <openssl/ts.h>
+
+int TS_REQ_set_version(TS_REQ *a, long version)
+	{
+	return ASN1_INTEGER_set(a->version, version);
+	}
+
+long TS_REQ_get_version(const TS_REQ *a)
+	{
+	return ASN1_INTEGER_get(a->version);
+	}
+
+int TS_REQ_set_msg_imprint(TS_REQ *a, TS_MSG_IMPRINT *msg_imprint)
+	{
+	TS_MSG_IMPRINT *new_msg_imprint;
+
+	if (a->msg_imprint == msg_imprint)
+		return 1;
+	new_msg_imprint = TS_MSG_IMPRINT_dup(msg_imprint);
+	if (new_msg_imprint == NULL)
+		{
+		TSerr(TS_F_TS_REQ_SET_MSG_IMPRINT, ERR_R_MALLOC_FAILURE);
+		return 0;
+		}
+	TS_MSG_IMPRINT_free(a->msg_imprint);
+	a->msg_imprint = new_msg_imprint;
+	return 1;
+	}
+
+TS_MSG_IMPRINT *TS_REQ_get_msg_imprint(TS_REQ *a)
+	{
+	return a->msg_imprint;
+	}
+
+int TS_MSG_IMPRINT_set_algo(TS_MSG_IMPRINT *a, X509_ALGOR *alg)
+	{
+	X509_ALGOR *new_alg;
+
+	if (a->hash_algo == alg)
+		return 1;
+	new_alg = X509_ALGOR_dup(alg);
+	if (new_alg == NULL)
+		{
+		TSerr(TS_F_TS_MSG_IMPRINT_SET_ALGO, ERR_R_MALLOC_FAILURE);
+		return 0;
+		}
+	X509_ALGOR_free(a->hash_algo);
+	a->hash_algo = new_alg;
+	return 1;
+	}
+
+X509_ALGOR *TS_MSG_IMPRINT_get_algo(TS_MSG_IMPRINT *a)
+	{
+	return a->hash_algo;
+	}
+
+int TS_MSG_IMPRINT_set_msg(TS_MSG_IMPRINT *a, unsigned char *d, int len)
+	{
+	return ASN1_OCTET_STRING_set(a->hashed_msg, d, len);
+	}
+
+ASN1_OCTET_STRING *TS_MSG_IMPRINT_get_msg(TS_MSG_IMPRINT *a)
+	{
+	return a->hashed_msg;
+	}
+
+int TS_REQ_set_policy_id(TS_REQ *a, ASN1_OBJECT *policy)
+	{
+	ASN1_OBJECT *new_policy;
+
+	if (a->policy_id == policy)
+		return 1;
+	new_policy = OBJ_dup(policy);
+	if (new_policy == NULL)
+		{
+		TSerr(TS_F_TS_REQ_SET_POLICY_ID, ERR_R_MALLOC_FAILURE);
+		return 0;
+		}
+	ASN1_OBJECT_free(a->policy_id);
+	a->policy_id = new_policy;
+	return 1;
+	}
+
+ASN1_OBJECT *TS_REQ_get_policy_id(TS_REQ *a)
+	{
+	return a->policy_id;
+	}
+
+int TS_REQ_set_nonce(TS_REQ *a, const ASN1_INTEGER *nonce)
+	{
+	ASN1_INTEGER *new_nonce;
+
+	if (a->nonce == nonce)
+		return 1;
+	new_nonce = ASN1_INTEGER_dup(nonce);
+	if (new_nonce == NULL)
+		{
+		TSerr(TS_F_TS_REQ_SET_NONCE, ERR_R_MALLOC_FAILURE);
+		return 0;
+		}
+	ASN1_INTEGER_free(a->nonce);
+	a->nonce = new_nonce;
+	return 1;
+	}
+
+const ASN1_INTEGER *TS_REQ_get_nonce(const TS_REQ *a)
+	{
+	return a->nonce;
+	}
+
+int TS_REQ_set_cert_req(TS_REQ *a, int cert_req)
+	{
+	a->cert_req = cert_req ? 0xFF : 0x00;
+	return 1;
+	}
+
+int TS_REQ_get_cert_req(const TS_REQ *a)
+	{
+	return a->cert_req ? 1 : 0;
+	}
+
+STACK_OF(X509_EXTENSION) *TS_REQ_get_exts(TS_REQ *a)
+	{
+	return a->extensions;
+	}
+
+void TS_REQ_ext_free(TS_REQ *a)
+	{
+	if (!a) return;
+	sk_X509_EXTENSION_pop_free(a->extensions, X509_EXTENSION_free);
+	a->extensions = NULL;
+	}
+
+int TS_REQ_get_ext_count(TS_REQ *a)
+	{
+	return X509v3_get_ext_count(a->extensions);
+	}
+
+int TS_REQ_get_ext_by_NID(TS_REQ *a, int nid, int lastpos)
+	{
+	return X509v3_get_ext_by_NID(a->extensions, nid, lastpos);
+	}
+
+int TS_REQ_get_ext_by_OBJ(TS_REQ *a, ASN1_OBJECT *obj, int lastpos)
+	{
+	return X509v3_get_ext_by_OBJ(a->extensions, obj, lastpos);
+	}
+
+int TS_REQ_get_ext_by_critical(TS_REQ *a, int crit, int lastpos)
+	{
+	return X509v3_get_ext_by_critical(a->extensions, crit, lastpos);
+	}
+
+X509_EXTENSION *TS_REQ_get_ext(TS_REQ *a, int loc)
+	{
+	return X509v3_get_ext(a->extensions,loc);
+	}
+
+X509_EXTENSION *TS_REQ_delete_ext(TS_REQ *a, int loc)
+	{
+	return X509v3_delete_ext(a->extensions,loc);
+	}
+
+int TS_REQ_add_ext(TS_REQ *a, X509_EXTENSION *ex, int loc)
+	{
+	return X509v3_add_ext(&a->extensions,ex,loc) != NULL;
+	}
+
+void *TS_REQ_get_ext_d2i(TS_REQ *a, int nid, int *crit, int *idx)
+	{
+	return X509V3_get_d2i(a->extensions, nid, crit, idx);
+	}
diff --git a/crypto/ts/ts_rsp_print.c b/crypto/ts/ts_rsp_print.c
new file mode 100644
index 0000000000..21062517ba
--- /dev/null
+++ b/crypto/ts/ts_rsp_print.c
@@ -0,0 +1,287 @@
+/* crypto/ts/ts_resp_print.c */
+/* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL
+ * project 2002.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/objects.h>
+#include <openssl/bn.h>
+#include <openssl/x509v3.h>
+#include "ts.h"
+
+struct status_map_st
+	{
+	int bit;
+	const char *text;
+	};
+
+/* Local function declarations. */
+
+static int TS_status_map_print(BIO *bio, struct status_map_st *a,
+			       ASN1_BIT_STRING *v);
+static int TS_ACCURACY_print_bio(BIO *bio, const TS_ACCURACY *accuracy);
+
+/* Function definitions. */
+
+int TS_RESP_print_bio(BIO *bio, TS_RESP *a)
+	{
+	TS_TST_INFO *tst_info;
+
+	BIO_printf(bio, "Status info:\n");
+	TS_STATUS_INFO_print_bio(bio, TS_RESP_get_status_info(a));
+
+	BIO_printf(bio, "\nTST info:\n");
+	tst_info = TS_RESP_get_tst_info(a);
+	if (tst_info != NULL)
+		TS_TST_INFO_print_bio(bio, TS_RESP_get_tst_info(a));
+	else
+		BIO_printf(bio, "Not included.\n");
+		
+	return 1;
+	}
+
+int TS_STATUS_INFO_print_bio(BIO *bio, TS_STATUS_INFO *a)
+	{
+	static const char *status_map[] =
+		{
+		"Granted.",
+		"Granted with modifications.",
+		"Rejected.",
+		"Waiting.",
+		"Revocation warning.",
+		"Revoked."
+		};
+	static struct status_map_st failure_map[] =
+		{
+		{ TS_INFO_BAD_ALG,
+		"unrecognized or unsupported algorithm identifier" },
+		{ TS_INFO_BAD_REQUEST,
+		"transaction not permitted or supported" },
+		{ TS_INFO_BAD_DATA_FORMAT,
+		"the data submitted has the wrong format" },
+		{ TS_INFO_TIME_NOT_AVAILABLE,
+		"the TSA's time source is not available" },
+		{ TS_INFO_UNACCEPTED_POLICY,
+		"the requested TSA policy is not supported by the TSA" },
+		{ TS_INFO_UNACCEPTED_EXTENSION,
+		"the requested extension is not supported by the TSA" },
+		{ TS_INFO_ADD_INFO_NOT_AVAILABLE,
+		"the additional information requested could not be understood "
+		"or is not available" },
+		{ TS_INFO_SYSTEM_FAILURE,
+		"the request cannot be handled due to system failure" },
+		{ -1, NULL }
+		};
+	long status;
+	int i, lines = 0;
+
+	/* Printing status code. */
+	BIO_printf(bio, "Status: ");
+	status = ASN1_INTEGER_get(a->status);
+	if (0 <= status && status < (long)(sizeof(status_map)/sizeof(status_map[0])))
+		BIO_printf(bio, "%s\n", status_map[status]);
+	else
+		BIO_printf(bio, "out of bounds\n");
+	
+	/* Printing status description. */
+	BIO_printf(bio, "Status description: ");
+	for (i = 0; i < sk_ASN1_UTF8STRING_num(a->text); ++i)
+		{
+		if (i > 0)
+			BIO_puts(bio, "\t");
+		ASN1_STRING_print_ex(bio, sk_ASN1_UTF8STRING_value(a->text, i),
+				     0);
+		BIO_puts(bio, "\n");
+		}
+	if (i == 0)
+		BIO_printf(bio, "unspecified\n");
+
+	/* Printing failure information. */
+	BIO_printf(bio, "Failure info: ");
+	if (a->failure_info != NULL)
+		lines = TS_status_map_print(bio, failure_map,
+					    a->failure_info);
+	if (lines == 0)
+		BIO_printf(bio, "unspecified");
+	BIO_printf(bio, "\n");
+
+	return 1;
+	}
+
+static int TS_status_map_print(BIO *bio, struct status_map_st *a,
+			       ASN1_BIT_STRING *v)
+	{
+	int lines = 0;
+
+	for (; a->bit >= 0; ++a)
+		{
+		if (ASN1_BIT_STRING_get_bit(v, a->bit))
+			{
+			if (++lines > 1)
+				BIO_printf(bio, ", ");
+			BIO_printf(bio, "%s", a->text);
+			}
+		}
+
+	return lines;
+	}
+
+int TS_TST_INFO_print_bio(BIO *bio, TS_TST_INFO *a)
+	{
+	int v;
+	ASN1_OBJECT *policy_id;
+	const ASN1_INTEGER *serial;
+	const ASN1_GENERALIZEDTIME *gtime;
+	TS_ACCURACY *accuracy;
+	const ASN1_INTEGER *nonce;
+	GENERAL_NAME *tsa_name;
+
+	if (a == NULL) return 0;
+
+	/* Print version. */
+	v = TS_TST_INFO_get_version(a);
+	BIO_printf(bio, "Version: %d\n", v);
+
+	/* Print policy id. */
+	BIO_printf(bio, "Policy OID: ");
+	policy_id = TS_TST_INFO_get_policy_id(a);
+	TS_OBJ_print_bio(bio, policy_id);
+
+	/* Print message imprint. */
+	TS_MSG_IMPRINT_print_bio(bio, TS_TST_INFO_get_msg_imprint(a));
+
+	/* Print serial number. */
+	BIO_printf(bio, "Serial number: ");
+	serial = TS_TST_INFO_get_serial(a);
+	if (serial == NULL)
+		BIO_printf(bio, "unspecified");
+	else
+		TS_ASN1_INTEGER_print_bio(bio, serial);
+	BIO_write(bio, "\n", 1);
+
+	/* Print time stamp. */
+	BIO_printf(bio, "Time stamp: ");
+	gtime = TS_TST_INFO_get_time(a);
+	ASN1_GENERALIZEDTIME_print(bio, gtime);
+	BIO_write(bio, "\n", 1);
+
+	/* Print accuracy. */
+	BIO_printf(bio, "Accuracy: ");
+	accuracy = TS_TST_INFO_get_accuracy(a);
+	if (accuracy == NULL)
+		BIO_printf(bio, "unspecified");
+	else
+		TS_ACCURACY_print_bio(bio, accuracy);
+	BIO_write(bio, "\n", 1);
+
+	/* Print ordering. */
+	BIO_printf(bio, "Ordering: %s\n", 
+		   TS_TST_INFO_get_ordering(a) ? "yes" : "no");
+
+	/* Print nonce. */
+	BIO_printf(bio, "Nonce: ");
+	nonce = TS_TST_INFO_get_nonce(a);
+	if (nonce == NULL)
+		BIO_printf(bio, "unspecified");
+	else
+		TS_ASN1_INTEGER_print_bio(bio, nonce);
+	BIO_write(bio, "\n", 1);
+
+	/* Print TSA name. */
+	BIO_printf(bio, "TSA: ");
+	tsa_name = TS_TST_INFO_get_tsa(a);
+	if (tsa_name == NULL)
+		BIO_printf(bio, "unspecified");
+	else
+		{
+		STACK_OF(CONF_VALUE) *nval;
+		if ((nval = i2v_GENERAL_NAME(NULL, tsa_name, NULL)))
+			X509V3_EXT_val_prn(bio, nval, 0, 0);
+		sk_CONF_VALUE_pop_free(nval, X509V3_conf_free);
+		}
+	BIO_write(bio, "\n", 1);
+
+	/* Print extensions. */
+	TS_ext_print_bio(bio, TS_TST_INFO_get_exts(a));
+
+	return 1;
+	}
+
+static int TS_ACCURACY_print_bio(BIO *bio, const TS_ACCURACY *accuracy)
+	{
+	const ASN1_INTEGER *seconds = TS_ACCURACY_get_seconds(accuracy);
+	const ASN1_INTEGER *millis = TS_ACCURACY_get_millis(accuracy);
+	const ASN1_INTEGER *micros = TS_ACCURACY_get_micros(accuracy);
+
+	if (seconds != NULL)
+		TS_ASN1_INTEGER_print_bio(bio, seconds);
+	else
+		BIO_printf(bio, "unspecified");
+	BIO_printf(bio, " seconds, ");
+	if (millis != NULL)
+		TS_ASN1_INTEGER_print_bio(bio, millis);
+	else
+		BIO_printf(bio, "unspecified");
+	BIO_printf(bio, " millis, ");
+	if (micros != NULL)
+		TS_ASN1_INTEGER_print_bio(bio, micros);
+	else
+		BIO_printf(bio, "unspecified");
+	BIO_printf(bio, " micros");
+
+	return 1;
+	}
diff --git a/crypto/ts/ts_rsp_sign.c b/crypto/ts/ts_rsp_sign.c
new file mode 100644
index 0000000000..b0f023c9d2
--- /dev/null
+++ b/crypto/ts/ts_rsp_sign.c
@@ -0,0 +1,1020 @@
+/* crypto/ts/ts_resp_sign.c */
+/* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL
+ * project 2002.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "cryptlib.h"
+
+#if defined(OPENSSL_SYS_UNIX)
+#include <sys/time.h>
+#endif
+
+#include <openssl/objects.h>
+#include <openssl/ts.h>
+#include <openssl/pkcs7.h>
+
+/* Private function declarations. */
+
+static ASN1_INTEGER *def_serial_cb(struct TS_resp_ctx *, void *);
+static int def_time_cb(struct TS_resp_ctx *, void *, long *sec, long *usec);
+static int def_extension_cb(struct TS_resp_ctx *, X509_EXTENSION *, void *);
+
+static void TS_RESP_CTX_init(TS_RESP_CTX *ctx);
+static void TS_RESP_CTX_cleanup(TS_RESP_CTX *ctx);
+static int TS_RESP_check_request(TS_RESP_CTX *ctx);
+static ASN1_OBJECT *TS_RESP_get_policy(TS_RESP_CTX *ctx);
+static TS_TST_INFO *TS_RESP_create_tst_info(TS_RESP_CTX *ctx, 
+					    ASN1_OBJECT *policy);
+static int TS_RESP_process_extensions(TS_RESP_CTX *ctx);
+static int TS_RESP_sign(TS_RESP_CTX *ctx);
+
+static ESS_SIGNING_CERT *ESS_SIGNING_CERT_new_init(X509 *signcert, 
+						   STACK_OF(X509) *certs);
+static ESS_CERT_ID *ESS_CERT_ID_new_init(X509 *cert, int issuer_needed);
+static int TS_TST_INFO_content_new(PKCS7 *p7);
+static int ESS_add_signing_cert(PKCS7_SIGNER_INFO *si, ESS_SIGNING_CERT *sc);
+
+static ASN1_GENERALIZEDTIME *TS_RESP_set_genTime_with_precision(
+	ASN1_GENERALIZEDTIME *, long, long, unsigned);
+
+/* Default callbacks for response generation. */
+
+static ASN1_INTEGER *def_serial_cb(struct TS_resp_ctx *ctx, void *data)
+	{
+	ASN1_INTEGER *serial = ASN1_INTEGER_new();
+	if (!serial) goto err;
+	if (!ASN1_INTEGER_set(serial, 1)) goto err;
+	return serial;
+ err:
+	TSerr(TS_F_DEF_SERIAL_CB, ERR_R_MALLOC_FAILURE);
+	TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION,
+				    "Error during serial number generation.");
+	return NULL;
+	}
+
+#if defined(OPENSSL_SYS_UNIX)
+
+/* Use the gettimeofday function call. */
+static int def_time_cb(struct TS_resp_ctx *ctx, void *data, 
+		       long *sec, long *usec)
+	{
+	struct timeval tv;
+	if (gettimeofday(&tv, NULL) != 0) 
+		{
+		TSerr(TS_F_DEF_TIME_CB, TS_R_TIME_SYSCALL_ERROR);
+		TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION,
+					    "Time is not available.");
+		TS_RESP_CTX_add_failure_info(ctx, TS_INFO_TIME_NOT_AVAILABLE);
+		return 0;
+		}
+	/* Return time to caller. */
+	*sec = tv.tv_sec;
+	*usec = tv.tv_usec;
+
+	return 1;
+	}
+
+#else
+
+/* Use the time function call that provides only seconds precision. */
+static int def_time_cb(struct TS_resp_ctx *ctx, void *data, 
+		       long *sec, long *usec)
+	{
+	time_t t;
+	if (time(&t) == (time_t) -1)
+		{
+		TSerr(TS_F_DEF_TIME_CB, TS_R_TIME_SYSCALL_ERROR);
+		TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION,
+					    "Time is not available.");
+		TS_RESP_CTX_add_failure_info(ctx, TS_INFO_TIME_NOT_AVAILABLE);
+		return 0;
+		}
+	/* Return time to caller, only second precision. */
+	*sec = (long) t;
+	*usec = 0;
+
+	return 1;
+	}
+
+#endif
+
+static int def_extension_cb(struct TS_resp_ctx *ctx, X509_EXTENSION *ext,
+			    void *data)
+	{
+	/* No extensions are processed here. */
+	TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION,
+				    "Unsupported extension.");
+	TS_RESP_CTX_add_failure_info(ctx, TS_INFO_UNACCEPTED_EXTENSION);
+	return 0;
+	}
+
+/* TS_RESP_CTX management functions. */
+
+TS_RESP_CTX *TS_RESP_CTX_new()
+	{
+	TS_RESP_CTX *ctx;
+
+	if (!(ctx = (TS_RESP_CTX *) OPENSSL_malloc(sizeof(TS_RESP_CTX))))
+		{
+		TSerr(TS_F_TS_RESP_CTX_NEW, ERR_R_MALLOC_FAILURE);
+		return NULL;
+		}
+	memset(ctx, 0, sizeof(TS_RESP_CTX));
+
+	/* Setting default callbacks. */
+	ctx->serial_cb = def_serial_cb;
+	ctx->time_cb = def_time_cb;
+	ctx->extension_cb = def_extension_cb;
+
+	return ctx;
+	}
+
+void TS_RESP_CTX_free(TS_RESP_CTX *ctx)
+	{
+	if (!ctx) return;
+
+	X509_free(ctx->signer_cert);
+	EVP_PKEY_free(ctx->signer_key);
+	sk_X509_pop_free(ctx->certs, X509_free);
+	sk_ASN1_OBJECT_pop_free(ctx->policies, ASN1_OBJECT_free);
+	ASN1_OBJECT_free(ctx->default_policy);
+	sk_EVP_MD_free(ctx->mds);	/* No EVP_MD_free method exists. */
+	ASN1_INTEGER_free(ctx->seconds);
+	ASN1_INTEGER_free(ctx->millis);
+	ASN1_INTEGER_free(ctx->micros);
+	OPENSSL_free(ctx);
+	}
+
+int TS_RESP_CTX_set_signer_cert(TS_RESP_CTX *ctx, X509 *signer)
+	{
+	if (X509_check_purpose(signer, X509_PURPOSE_TIMESTAMP_SIGN, 0) != 1)
+		{
+		TSerr(TS_F_TS_RESP_CTX_SET_SIGNER_CERT, 
+		      TS_R_INVALID_SIGNER_CERTIFICATE_PURPOSE);
+		return 0;
+		}
+	if (ctx->signer_cert) X509_free(ctx->signer_cert);
+	ctx->signer_cert = signer;
+	CRYPTO_add(&ctx->signer_cert->references, +1, CRYPTO_LOCK_X509);
+	return 1;
+	}
+
+int TS_RESP_CTX_set_signer_key(TS_RESP_CTX *ctx, EVP_PKEY *key)
+	{
+	if (ctx->signer_key) EVP_PKEY_free(ctx->signer_key);
+	ctx->signer_key = key;
+	CRYPTO_add(&ctx->signer_key->references, +1, CRYPTO_LOCK_EVP_PKEY);
+
+	return 1;
+	}
+
+int TS_RESP_CTX_set_def_policy(TS_RESP_CTX *ctx, ASN1_OBJECT *def_policy)
+	{
+	if (ctx->default_policy) ASN1_OBJECT_free(ctx->default_policy);
+	if (!(ctx->default_policy = OBJ_dup(def_policy))) goto err;
+	return 1;
+ err:
+	TSerr(TS_F_TS_RESP_CTX_SET_DEF_POLICY, ERR_R_MALLOC_FAILURE);
+	return 0;
+	}
+
+int TS_RESP_CTX_set_certs(TS_RESP_CTX *ctx, STACK_OF(X509) *certs)
+	{
+	int i;
+
+	if (ctx->certs)
+		{
+		sk_X509_pop_free(ctx->certs, X509_free);
+		ctx->certs = NULL;
+		}
+	if (!certs) return 1;
+	if (!(ctx->certs = sk_X509_dup(certs))) 
+		{
+		TSerr(TS_F_TS_RESP_CTX_SET_CERTS, ERR_R_MALLOC_FAILURE);
+		return 0;
+		}
+	for (i = 0; i < sk_X509_num(ctx->certs); ++i)
+		{
+		X509 *cert = sk_X509_value(ctx->certs, i);
+		CRYPTO_add(&cert->references, +1, CRYPTO_LOCK_X509);
+		}
+
+	return 1;
+	}
+
+int TS_RESP_CTX_add_policy(TS_RESP_CTX *ctx, ASN1_OBJECT *policy)
+	{
+	ASN1_OBJECT *copy = NULL;
+
+	/* Create new policy stack if necessary. */
+	if (!ctx->policies && !(ctx->policies = sk_ASN1_OBJECT_new_null())) 
+		goto err;
+	if (!(copy = OBJ_dup(policy))) goto err;
+	if (!sk_ASN1_OBJECT_push(ctx->policies, copy)) goto err;
+
+	return 1;
+ err:
+	TSerr(TS_F_TS_RESP_CTX_ADD_POLICY, ERR_R_MALLOC_FAILURE);
+	ASN1_OBJECT_free(copy);
+	return 0;
+	}
+
+int TS_RESP_CTX_add_md(TS_RESP_CTX *ctx, const EVP_MD *md)
+	{
+	/* Create new md stack if necessary. */
+	if (!ctx->mds && !(ctx->mds = sk_EVP_MD_new_null())) 
+		goto err;
+	/* Add the shared md, no copy needed. */
+	if (!sk_EVP_MD_push(ctx->mds, (EVP_MD *)md)) goto err;
+
+	return 1;
+ err:
+	TSerr(TS_F_TS_RESP_CTX_ADD_MD, ERR_R_MALLOC_FAILURE);
+	return 0;
+	}
+
+#define TS_RESP_CTX_accuracy_free(ctx)		\
+	ASN1_INTEGER_free(ctx->seconds);	\
+	ctx->seconds = NULL;			\
+	ASN1_INTEGER_free(ctx->millis);		\
+	ctx->millis = NULL;			\
+	ASN1_INTEGER_free(ctx->micros);		\
+	ctx->micros = NULL;
+
+int TS_RESP_CTX_set_accuracy(TS_RESP_CTX *ctx, 
+			     int secs, int millis, int micros)
+	{
+
+	TS_RESP_CTX_accuracy_free(ctx);
+	if (secs && (!(ctx->seconds = ASN1_INTEGER_new())
+		     || !ASN1_INTEGER_set(ctx->seconds, secs)))
+		goto err;
+	if (millis && (!(ctx->millis = ASN1_INTEGER_new())
+		       || !ASN1_INTEGER_set(ctx->millis, millis)))
+		goto err;
+	if (micros && (!(ctx->micros = ASN1_INTEGER_new())
+		       || !ASN1_INTEGER_set(ctx->micros, micros)))
+		goto err;
+
+	return 1;
+ err:
+	TS_RESP_CTX_accuracy_free(ctx);
+	TSerr(TS_F_TS_RESP_CTX_SET_ACCURACY, ERR_R_MALLOC_FAILURE);
+	return 0;
+	}
+
+void TS_RESP_CTX_add_flags(TS_RESP_CTX *ctx, int flags)
+	{
+	ctx->flags |= flags;
+	}
+
+void TS_RESP_CTX_set_serial_cb(TS_RESP_CTX *ctx, TS_serial_cb cb, void *data)
+	{
+	ctx->serial_cb = cb;
+	ctx->serial_cb_data = data;
+	}
+
+void TS_RESP_CTX_set_time_cb(TS_RESP_CTX *ctx, TS_time_cb cb, void *data)
+	{
+	ctx->time_cb = cb;
+	ctx->time_cb_data = data;
+	}
+
+void TS_RESP_CTX_set_extension_cb(TS_RESP_CTX *ctx, 
+				  TS_extension_cb cb, void *data)
+	{
+	ctx->extension_cb = cb;
+	ctx->extension_cb_data = data;
+	}
+
+int TS_RESP_CTX_set_status_info(TS_RESP_CTX *ctx, 
+				int status, const char *text)
+	{
+	TS_STATUS_INFO *si = NULL;
+	ASN1_UTF8STRING *utf8_text = NULL;
+	int ret = 0;
+
+	if (!(si = TS_STATUS_INFO_new())) goto err;
+	if (!ASN1_INTEGER_set(si->status, status)) goto err;
+	if (text)
+		{
+		if (!(utf8_text = ASN1_UTF8STRING_new())
+		    || !ASN1_STRING_set(utf8_text, text, strlen(text)))
+			goto err;
+		if (!si->text && !(si->text = sk_ASN1_UTF8STRING_new_null()))
+			goto err;
+		if (!sk_ASN1_UTF8STRING_push(si->text, utf8_text)) goto err;
+		utf8_text = NULL;	/* Ownership is lost. */
+		}
+	if (!TS_RESP_set_status_info(ctx->response, si)) goto err;
+	ret = 1;
+ err:
+	if (!ret)
+		TSerr(TS_F_TS_RESP_CTX_SET_STATUS_INFO, ERR_R_MALLOC_FAILURE);
+	TS_STATUS_INFO_free(si);
+	ASN1_UTF8STRING_free(utf8_text);
+	return ret;
+	}
+
+int TS_RESP_CTX_set_status_info_cond(TS_RESP_CTX *ctx, 
+				     int status, const char *text)
+	{
+	int ret = 1;
+	TS_STATUS_INFO *si = TS_RESP_get_status_info(ctx->response);
+
+	if (ASN1_INTEGER_get(si->status) == TS_STATUS_GRANTED)
+		{
+		/* Status has not been set, set it now. */
+		ret = TS_RESP_CTX_set_status_info(ctx, status, text);
+		}
+	return ret;
+	}
+
+int TS_RESP_CTX_add_failure_info(TS_RESP_CTX *ctx, int failure)
+	{
+	TS_STATUS_INFO *si = TS_RESP_get_status_info(ctx->response);
+	if (!si->failure_info && !(si->failure_info = ASN1_BIT_STRING_new()))
+		goto err;
+	if (!ASN1_BIT_STRING_set_bit(si->failure_info, failure, 1))
+		goto err;
+	return 1;
+ err:
+	TSerr(TS_F_TS_RESP_CTX_ADD_FAILURE_INFO, ERR_R_MALLOC_FAILURE);
+	return 0;
+	}
+
+TS_REQ *TS_RESP_CTX_get_request(TS_RESP_CTX *ctx)
+	{
+	return ctx->request;
+	}
+
+TS_TST_INFO *TS_RESP_CTX_get_tst_info(TS_RESP_CTX *ctx)
+	{
+	return ctx->tst_info;
+	}
+
+int TS_RESP_CTX_set_clock_precision_digits(TS_RESP_CTX *ctx, unsigned precision)
+       {
+       if (precision > TS_MAX_CLOCK_PRECISION_DIGITS)
+	       return 0;
+       ctx->clock_precision_digits = precision;
+       return 1;
+       }
+
+/* Main entry method of the response generation. */
+TS_RESP *TS_RESP_create_response(TS_RESP_CTX *ctx, BIO *req_bio)
+	{
+	ASN1_OBJECT *policy;
+	TS_RESP *response;
+	int result = 0;
+
+	TS_RESP_CTX_init(ctx);
+
+	/* Creating the response object. */
+	if (!(ctx->response = TS_RESP_new())) 
+		{
+		TSerr(TS_F_TS_RESP_CREATE_RESPONSE, ERR_R_MALLOC_FAILURE);
+		goto end;
+		}
+
+	/* Parsing DER request. */
+	if (!(ctx->request = d2i_TS_REQ_bio(req_bio, NULL)))
+		{
+		TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION,
+					    "Bad request format or "
+					    "system error.");
+		TS_RESP_CTX_add_failure_info(ctx, TS_INFO_BAD_DATA_FORMAT);
+		goto end;
+		}
+
+	/* Setting default status info. */
+	if (!TS_RESP_CTX_set_status_info(ctx, TS_STATUS_GRANTED, NULL))
+		goto end;
+
+	/* Checking the request format. */
+	if (!TS_RESP_check_request(ctx)) goto end;
+
+	/* Checking acceptable policies. */
+	if (!(policy = TS_RESP_get_policy(ctx))) goto end;
+
+	/* Creating the TS_TST_INFO object. */
+	if (!(ctx->tst_info = TS_RESP_create_tst_info(ctx, policy)))
+		goto end;
+
+	/* Processing extensions. */
+	if (!TS_RESP_process_extensions(ctx)) goto end;
+
+	/* Generating the signature. */
+	if (!TS_RESP_sign(ctx)) goto end;
+
+	/* Everything was successful. */
+	result = 1;
+ end:
+	if (!result)
+		{
+		TSerr(TS_F_TS_RESP_CREATE_RESPONSE, TS_R_RESPONSE_SETUP_ERROR);
+		if (ctx->response != NULL)
+			{
+			if (TS_RESP_CTX_set_status_info_cond(ctx,
+				TS_STATUS_REJECTION, "Error during response "
+				"generation.") == 0)
+				{
+				TS_RESP_free(ctx->response);
+				ctx->response = NULL;
+				}
+			}
+		}
+	response = ctx->response;
+	ctx->response = NULL;	/* Ownership will be returned to caller. */
+	TS_RESP_CTX_cleanup(ctx);
+	return response;
+	}
+
+/* Initializes the variable part of the context. */
+static void TS_RESP_CTX_init(TS_RESP_CTX *ctx)
+	{
+	ctx->request = NULL;
+	ctx->response = NULL;
+	ctx->tst_info = NULL;
+	}
+
+/* Cleans up the variable part of the context. */
+static void TS_RESP_CTX_cleanup(TS_RESP_CTX *ctx)
+	{
+	TS_REQ_free(ctx->request);
+	ctx->request = NULL;
+	TS_RESP_free(ctx->response);
+	ctx->response = NULL;
+	TS_TST_INFO_free(ctx->tst_info);
+	ctx->tst_info = NULL;
+	}
+
+/* Checks the format and content of the request. */
+static int TS_RESP_check_request(TS_RESP_CTX *ctx)
+	{
+	TS_REQ *request = ctx->request;
+	TS_MSG_IMPRINT *msg_imprint;
+	X509_ALGOR *md_alg;
+	int md_alg_id;
+	const ASN1_OCTET_STRING *digest;
+	EVP_MD *md = NULL;
+	int i;
+
+	/* Checking request version. */
+	if (TS_REQ_get_version(request) != 1)
+		{
+		TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION,
+					    "Bad request version.");
+		TS_RESP_CTX_add_failure_info(ctx, TS_INFO_BAD_REQUEST);
+		return 0;
+		}
+
+	/* Checking message digest algorithm. */
+	msg_imprint = TS_REQ_get_msg_imprint(request);
+	md_alg = TS_MSG_IMPRINT_get_algo(msg_imprint);
+	md_alg_id = OBJ_obj2nid(md_alg->algorithm);
+	for (i = 0; !md && i < sk_EVP_MD_num(ctx->mds); ++i)
+		{
+		EVP_MD *current_md = sk_EVP_MD_value(ctx->mds, i);
+		if (md_alg_id == EVP_MD_type(current_md))
+			md = current_md;
+		}
+	if (!md)
+		{
+		TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION,
+					    "Message digest algorithm is "
+					    "not supported.");
+		TS_RESP_CTX_add_failure_info(ctx, TS_INFO_BAD_ALG);
+		return 0;
+		}
+
+	/* No message digest takes parameter. */
+	if (md_alg->parameter 
+	    && ASN1_TYPE_get(md_alg->parameter) != V_ASN1_NULL)
+		{
+		TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION,
+					    "Superfluous message digest "
+					    "parameter.");
+		TS_RESP_CTX_add_failure_info(ctx, TS_INFO_BAD_ALG);
+		return 0;
+		}
+	/* Checking message digest size. */
+	digest = TS_MSG_IMPRINT_get_msg(msg_imprint);
+	if (digest->length != EVP_MD_size(md))
+		{
+		TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION,
+					    "Bad message digest.");
+		TS_RESP_CTX_add_failure_info(ctx, TS_INFO_BAD_DATA_FORMAT);
+		return 0;
+		}
+
+	return 1;
+	}
+
+/* Returns the TSA policy based on the requested and acceptable policies. */
+static ASN1_OBJECT *TS_RESP_get_policy(TS_RESP_CTX *ctx)
+	{
+	ASN1_OBJECT *requested = TS_REQ_get_policy_id(ctx->request);
+	ASN1_OBJECT *policy = NULL;
+	int i;
+
+	if (ctx->default_policy == NULL)
+		{
+		TSerr(TS_F_TS_RESP_GET_POLICY, TS_R_INVALID_NULL_POINTER);
+		return NULL;
+		}
+	/* Return the default policy if none is requested or the default is
+	   requested. */
+	if (!requested || !OBJ_cmp(requested, ctx->default_policy))
+		policy = ctx->default_policy;
+
+	/* Check if the policy is acceptable. */
+	for (i = 0; !policy && i < sk_ASN1_OBJECT_num(ctx->policies); ++i)
+		{
+		ASN1_OBJECT *current = sk_ASN1_OBJECT_value(ctx->policies, i);
+		if (!OBJ_cmp(requested, current))
+			policy = current;
+		}
+	if (!policy)
+		{
+		TSerr(TS_F_TS_RESP_GET_POLICY, TS_R_UNACCEPTABLE_POLICY);
+		TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION,
+					    "Requested policy is not "
+					    "supported.");
+		TS_RESP_CTX_add_failure_info(ctx, TS_INFO_UNACCEPTED_POLICY);
+		}
+	return policy;
+	}
+
+/* Creates the TS_TST_INFO object based on the settings of the context. */
+static TS_TST_INFO *TS_RESP_create_tst_info(TS_RESP_CTX *ctx,
+					    ASN1_OBJECT *policy)
+	{
+	int result = 0;
+	TS_TST_INFO *tst_info = NULL;
+	ASN1_INTEGER *serial = NULL;
+	ASN1_GENERALIZEDTIME *asn1_time = NULL;
+	long sec, usec;
+	TS_ACCURACY *accuracy = NULL;
+	const ASN1_INTEGER *nonce;
+	GENERAL_NAME *tsa_name = NULL;
+
+	if (!(tst_info = TS_TST_INFO_new())) goto end;
+	if (!TS_TST_INFO_set_version(tst_info, 1)) goto end;
+	if (!TS_TST_INFO_set_policy_id(tst_info, policy)) goto end;
+	if (!TS_TST_INFO_set_msg_imprint(tst_info, ctx->request->msg_imprint))
+		goto end;
+	if (!(serial = (*ctx->serial_cb)(ctx, ctx->serial_cb_data))
+	    || !TS_TST_INFO_set_serial(tst_info, serial))
+		goto end;
+	if (!(*ctx->time_cb)(ctx, ctx->time_cb_data, &sec, &usec)
+            || !(asn1_time = TS_RESP_set_genTime_with_precision(NULL, 
+					sec, usec, 
+					ctx->clock_precision_digits))
+	    || !TS_TST_INFO_set_time(tst_info, asn1_time))
+		goto end;
+
+	/* Setting accuracy if needed. */
+	if ((ctx->seconds || ctx->millis || ctx->micros) 
+	    && !(accuracy = TS_ACCURACY_new()))
+		goto end;
+
+	if (ctx->seconds && !TS_ACCURACY_set_seconds(accuracy, ctx->seconds))
+		goto end;
+	if (ctx->millis && !TS_ACCURACY_set_millis(accuracy, ctx->millis))
+		goto end;
+	if (ctx->micros && !TS_ACCURACY_set_micros(accuracy, ctx->micros))
+		goto end;
+	if (accuracy && !TS_TST_INFO_set_accuracy(tst_info, accuracy)) 
+		goto end;
+
+	/* Setting ordering. */
+	if ((ctx->flags & TS_ORDERING) 
+	    && !TS_TST_INFO_set_ordering(tst_info, 1))
+		goto end;
+	
+	/* Setting nonce if needed. */
+	if ((nonce = TS_REQ_get_nonce(ctx->request)) != NULL
+	    && !TS_TST_INFO_set_nonce(tst_info, nonce))
+		goto end;
+
+	/* Setting TSA name to subject of signer certificate. */
+	if (ctx->flags & TS_TSA_NAME)
+		{
+		if (!(tsa_name = GENERAL_NAME_new())) goto end;
+		tsa_name->type = GEN_DIRNAME;
+		tsa_name->d.dirn = 
+			X509_NAME_dup(ctx->signer_cert->cert_info->subject);
+		if (!tsa_name->d.dirn) goto end;
+		if (!TS_TST_INFO_set_tsa(tst_info, tsa_name)) goto end;
+		}
+
+	result = 1;
+ end:
+	if (!result)
+		{
+		TS_TST_INFO_free(tst_info);
+		tst_info = NULL;
+		TSerr(TS_F_TS_RESP_CREATE_TST_INFO, TS_R_TST_INFO_SETUP_ERROR);
+		TS_RESP_CTX_set_status_info_cond(ctx, TS_STATUS_REJECTION,
+						 "Error during TSTInfo "
+						 "generation.");
+		}
+	GENERAL_NAME_free(tsa_name);
+	TS_ACCURACY_free(accuracy);
+	ASN1_GENERALIZEDTIME_free(asn1_time);
+	ASN1_INTEGER_free(serial);
+	
+	return tst_info;
+	}
+
+/* Processing the extensions of the request. */
+static int TS_RESP_process_extensions(TS_RESP_CTX *ctx)
+	{
+	STACK_OF(X509_EXTENSION) *exts = TS_REQ_get_exts(ctx->request);
+	int i;
+	int ok = 1;
+
+	for (i = 0; ok && i < sk_X509_EXTENSION_num(exts); ++i)
+		{
+		X509_EXTENSION *ext = sk_X509_EXTENSION_value(exts, i);
+		/* XXXXX The last argument was previously
+		   (void *)ctx->extension_cb, but ISO C doesn't permit
+		   converting a function pointer to void *.  For lack of
+		   better information, I'm placing a NULL there instead.
+		   The callback can pick its own address out from the ctx
+		   anyway...
+		*/
+		ok = (*ctx->extension_cb)(ctx, ext, NULL);
+		}
+
+	return ok;
+	}
+
+/* Functions for signing the TS_TST_INFO structure of the context. */
+static int TS_RESP_sign(TS_RESP_CTX *ctx)
+	{
+	int ret = 0;
+	PKCS7 *p7 = NULL;
+	PKCS7_SIGNER_INFO *si;
+	STACK_OF(X509) *certs;	/* Certificates to include in sc. */
+	ESS_SIGNING_CERT *sc = NULL;
+	ASN1_OBJECT *oid;
+	BIO *p7bio = NULL;
+	int i;
+
+	/* Check if signcert and pkey match. */
+	if (!X509_check_private_key(ctx->signer_cert, ctx->signer_key)) {
+		TSerr(TS_F_TS_RESP_SIGN, 
+		      TS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE);
+                goto err;
+	}
+
+	/* Create a new PKCS7 signed object. */
+	if (!(p7 = PKCS7_new())) {
+		TSerr(TS_F_TS_RESP_SIGN, ERR_R_MALLOC_FAILURE);
+		goto err;
+	}
+	if (!PKCS7_set_type(p7, NID_pkcs7_signed)) goto err;
+
+	/* Force SignedData version to be 3 instead of the default 1. */
+	if (!ASN1_INTEGER_set(p7->d.sign->version, 3)) goto err;
+
+	/* Add signer certificate and optional certificate chain. */
+	if (TS_REQ_get_cert_req(ctx->request))
+		{
+		PKCS7_add_certificate(p7, ctx->signer_cert);
+		if (ctx->certs)
+			{
+			for(i = 0; i < sk_X509_num(ctx->certs); ++i) 
+				{
+				X509 *cert = sk_X509_value(ctx->certs, i);
+				PKCS7_add_certificate(p7, cert);
+				}
+			}
+		}
+
+	/* Add a new signer info. */
+    	if (!(si = PKCS7_add_signature(p7, ctx->signer_cert, 
+				       ctx->signer_key, EVP_sha1())))
+		{
+		TSerr(TS_F_TS_RESP_SIGN, TS_R_PKCS7_ADD_SIGNATURE_ERROR);
+		goto err;
+		}
+
+	/* Add content type signed attribute to the signer info. */
+	oid = OBJ_nid2obj(NID_id_smime_ct_TSTInfo);
+	if (!PKCS7_add_signed_attribute(si, NID_pkcs9_contentType,
+					V_ASN1_OBJECT, oid))
+		{
+		TSerr(TS_F_TS_RESP_SIGN, TS_R_PKCS7_ADD_SIGNED_ATTR_ERROR);
+		goto err;
+		}
+
+	/* Create the ESS SigningCertificate attribute which contains 
+	   the signer certificate id and optionally the certificate chain. */
+	certs = ctx->flags & TS_ESS_CERT_ID_CHAIN ? ctx->certs : NULL;
+	if (!(sc = ESS_SIGNING_CERT_new_init(ctx->signer_cert, certs)))
+		goto err;
+
+	/* Add SigningCertificate signed attribute to the signer info. */
+	if (!ESS_add_signing_cert(si, sc))
+		{
+		TSerr(TS_F_TS_RESP_SIGN, TS_R_ESS_ADD_SIGNING_CERT_ERROR);
+		goto err;
+		}	
+
+	/* Add a new empty NID_id_smime_ct_TSTInfo encapsulated content. */
+	if (!TS_TST_INFO_content_new(p7)) goto err;
+
+	/* Add the DER encoded tst_info to the PKCS7 structure. */
+	if (!(p7bio = PKCS7_dataInit(p7, NULL))) {
+		TSerr(TS_F_TS_RESP_SIGN, ERR_R_MALLOC_FAILURE);
+		goto err;
+	}
+
+	/* Convert tst_info to DER. */
+	if (!i2d_TS_TST_INFO_bio(p7bio, ctx->tst_info))
+		{
+		TSerr(TS_F_TS_RESP_SIGN, TS_R_TS_DATASIGN);
+		goto err;
+		}
+
+	/* Create the signature and add it to the signer info. */
+        if (!PKCS7_dataFinal(p7, p7bio))
+		{
+		TSerr(TS_F_TS_RESP_SIGN, TS_R_TS_DATASIGN);
+		goto err;
+		}
+
+	/* Set new PKCS7 and TST_INFO objects. */
+	TS_RESP_set_tst_info(ctx->response, p7, ctx->tst_info);
+	p7 = NULL;		/* Ownership is lost. */
+	ctx->tst_info = NULL;	/* Ownership is lost. */
+
+	ret = 1;
+ err:
+	if (!ret)
+		TS_RESP_CTX_set_status_info_cond(ctx, TS_STATUS_REJECTION,
+						 "Error during signature "
+						 "generation.");
+	BIO_free_all(p7bio);
+	ESS_SIGNING_CERT_free(sc);
+	PKCS7_free(p7);
+	return ret;
+	}
+
+static ESS_SIGNING_CERT *ESS_SIGNING_CERT_new_init(X509 *signcert, 
+						   STACK_OF(X509) *certs)
+	{
+	ESS_CERT_ID *cid;
+	ESS_SIGNING_CERT *sc = NULL;
+	int i;
+
+	/* Creating the ESS_CERT_ID stack. */
+	if (!(sc = ESS_SIGNING_CERT_new())) goto err;
+	if (!sc->cert_ids && !(sc->cert_ids = sk_ESS_CERT_ID_new_null()))
+		goto err;
+
+	/* Adding the signing certificate id. */
+	if (!(cid = ESS_CERT_ID_new_init(signcert, 0))
+	    || !sk_ESS_CERT_ID_push(sc->cert_ids, cid))
+		goto err;
+	/* Adding the certificate chain ids. */
+	for (i = 0; i < sk_X509_num(certs); ++i)
+		{
+		X509 *cert = sk_X509_value(certs, i);
+		if (!(cid = ESS_CERT_ID_new_init(cert, 1))
+		    || !sk_ESS_CERT_ID_push(sc->cert_ids, cid))
+			goto err;
+		}
+
+	return sc;
+err:
+	ESS_SIGNING_CERT_free(sc);
+	TSerr(TS_F_ESS_SIGNING_CERT_NEW_INIT, ERR_R_MALLOC_FAILURE);
+	return NULL;
+	}
+
+static ESS_CERT_ID *ESS_CERT_ID_new_init(X509 *cert, int issuer_needed)
+	{
+	ESS_CERT_ID *cid = NULL;
+	GENERAL_NAME *name = NULL;
+	
+	/* Recompute SHA1 hash of certificate if necessary (side effect). */
+	X509_check_purpose(cert, -1, 0);
+
+	if (!(cid = ESS_CERT_ID_new())) goto err;
+	if (!ASN1_OCTET_STRING_set(cid->hash, cert->sha1_hash,
+				   sizeof(cert->sha1_hash)))
+		goto err;
+
+	/* Setting the issuer/serial if requested. */
+	if (issuer_needed)
+		{
+		/* Creating issuer/serial structure. */
+		if (!cid->issuer_serial
+		    && !(cid->issuer_serial = ESS_ISSUER_SERIAL_new()))
+			goto err;
+		/* Creating general name from the certificate issuer. */
+		if (!(name = GENERAL_NAME_new())) goto err;
+		name->type = GEN_DIRNAME;
+		if (!(name->d.dirn = X509_NAME_dup(cert->cert_info->issuer))) 
+			goto err;
+		if (!sk_GENERAL_NAME_push(cid->issuer_serial->issuer, name)) 
+			goto err;
+		name = NULL;	/* Ownership is lost. */
+		/* Setting the serial number. */
+		ASN1_INTEGER_free(cid->issuer_serial->serial);
+		if (!(cid->issuer_serial->serial = 
+		      ASN1_INTEGER_dup(cert->cert_info->serialNumber)))
+			goto err;
+		}
+
+	return cid;
+err:
+	GENERAL_NAME_free(name);
+	ESS_CERT_ID_free(cid);
+	TSerr(TS_F_ESS_CERT_ID_NEW_INIT, ERR_R_MALLOC_FAILURE);
+	return NULL;
+	}
+
+static int TS_TST_INFO_content_new(PKCS7 *p7)
+	{
+	PKCS7 *ret = NULL;
+	ASN1_OCTET_STRING *octet_string = NULL;
+
+	/* Create new encapsulated NID_id_smime_ct_TSTInfo content. */
+	if (!(ret = PKCS7_new())) goto err;
+	if (!(ret->d.other = ASN1_TYPE_new())) goto err;
+	ret->type = OBJ_nid2obj(NID_id_smime_ct_TSTInfo);
+	if (!(octet_string = ASN1_OCTET_STRING_new())) goto err;
+	ASN1_TYPE_set(ret->d.other, V_ASN1_OCTET_STRING, octet_string);
+	octet_string = NULL;
+
+	/* Add encapsulated content to signed PKCS7 structure. */
+	if (!PKCS7_set_content(p7, ret)) goto err;
+
+	return 1;
+ err:
+	ASN1_OCTET_STRING_free(octet_string);
+	PKCS7_free(ret);
+	return 0;
+	}
+
+static int ESS_add_signing_cert(PKCS7_SIGNER_INFO *si, ESS_SIGNING_CERT *sc)
+	{
+	ASN1_STRING *seq = NULL;
+	unsigned char *p, *pp = NULL;
+	int len;
+
+	len = i2d_ESS_SIGNING_CERT(sc, NULL);
+	if (!(pp = (unsigned char *) OPENSSL_malloc(len)))
+		{
+		TSerr(TS_F_ESS_ADD_SIGNING_CERT, ERR_R_MALLOC_FAILURE);
+		goto err;
+		}
+	p = pp;
+	i2d_ESS_SIGNING_CERT(sc, &p);
+	if (!(seq = ASN1_STRING_new()) || !ASN1_STRING_set(seq, pp, len))
+		{
+		TSerr(TS_F_ESS_ADD_SIGNING_CERT, ERR_R_MALLOC_FAILURE);
+		goto err;
+		}
+	OPENSSL_free(pp); pp = NULL;
+	return PKCS7_add_signed_attribute(si, 
+					  NID_id_smime_aa_signingCertificate,
+					  V_ASN1_SEQUENCE, seq);
+ err:
+	ASN1_STRING_free(seq);
+	OPENSSL_free(pp);
+
+	return 0;
+	}
+
+
+static ASN1_GENERALIZEDTIME *
+TS_RESP_set_genTime_with_precision(ASN1_GENERALIZEDTIME *asn1_time, 
+				   long sec, long usec, unsigned precision)
+	{
+	time_t time_sec = (time_t) sec;
+	struct tm *tm = NULL;	
+	char genTime_str[17 + TS_MAX_CLOCK_PRECISION_DIGITS];
+	char *p = genTime_str;
+	char *p_end = genTime_str + sizeof(genTime_str);
+
+	if (precision > TS_MAX_CLOCK_PRECISION_DIGITS)
+		goto err;
+
+	
+	if (!(tm = gmtime(&time_sec)))
+		goto err;
+
+	/* 
+	 * Put "genTime_str" in GeneralizedTime format.  We work around the 
+	 * restrictions imposed by rfc3280 (i.e. "GeneralizedTime values MUST 
+	 * NOT include fractional seconds") and OpenSSL related functions to 
+	 * meet the rfc3161 requirement: "GeneralizedTime syntax can include 
+	 * fraction-of-second details". 
+	 */                   
+	p += BIO_snprintf(p, p_end - p,
+			  "%04d%02d%02d%02d%02d%02d",
+			  tm->tm_year + 1900, tm->tm_mon + 1, tm->tm_mday, 
+			  tm->tm_hour, tm->tm_min, tm->tm_sec);
+	if (precision > 0)
+	{
+		/* Add fraction of seconds (leave space for dot and null). */
+		BIO_snprintf(p, 2 + precision, ".%ld", usec);
+		/* We cannot use the snprintf return value, 
+		   because it might have been truncated. */
+		p += strlen(p);
+
+		/* To make things a bit harder, X.690 | ISO/IEC 8825-1 provides
+		   the following restrictions for a DER-encoding, which OpenSSL
+		   (specifically ASN1_GENERALIZEDTIME_check() function) doesn't 
+		   support:
+		   "The encoding MUST terminate with a "Z" (which means "Zulu" 
+		   time). The decimal point element, if present, MUST be the 
+		   point option ".". The fractional-seconds elements, 
+		   if present, MUST omit all trailing 0's; 
+		   if the elements correspond to 0, they MUST be wholly
+		   omitted, and the decimal point element also MUST be
+		   omitted." */
+		/* Remove trailing zeros. The dot guarantees the exit
+		   condition of this loop even if all the digits are zero. */
+		while (*--p == '0')
+			/* empty */;
+		/* p points to either the dot or the last non-zero digit. */
+		if (*p != '.') ++p;
+		}
+	/* Add the trailing Z and the terminating null. */
+	*p++ = 'Z';
+	*p++ = '\0';
+
+	/* Now call OpenSSL to check and set our genTime value */
+	if (!asn1_time && !(asn1_time = M_ASN1_GENERALIZEDTIME_new()))
+		goto err;
+	if (!ASN1_GENERALIZEDTIME_set_string(asn1_time, genTime_str))
+		{
+		ASN1_GENERALIZEDTIME_free(asn1_time);
+		goto err;
+		}
+
+	return asn1_time;
+ err:
+	TSerr(TS_F_TS_RESP_SET_GENTIME_WITH_PRECISION, TS_R_COULD_NOT_SET_TIME);
+	return NULL;
+	}
diff --git a/crypto/ts/ts_rsp_utils.c b/crypto/ts/ts_rsp_utils.c
new file mode 100644
index 0000000000..401c1fdc51
--- /dev/null
+++ b/crypto/ts/ts_rsp_utils.c
@@ -0,0 +1,409 @@
+/* crypto/ts/ts_resp_utils.c */
+/* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL
+ * project 2002.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/objects.h>
+#include <openssl/ts.h>
+#include <openssl/pkcs7.h>
+
+/* Function definitions. */
+
+int TS_RESP_set_status_info(TS_RESP *a, TS_STATUS_INFO *status_info)
+	{
+	TS_STATUS_INFO *new_status_info;
+
+	if (a->status_info == status_info)
+		return 1;
+	new_status_info = TS_STATUS_INFO_dup(status_info);
+	if (new_status_info == NULL)
+		{
+		TSerr(TS_F_TS_RESP_SET_STATUS_INFO, ERR_R_MALLOC_FAILURE);
+		return 0;
+		}
+	TS_STATUS_INFO_free(a->status_info);
+	a->status_info = new_status_info;
+
+	return 1;
+	}
+
+TS_STATUS_INFO *TS_RESP_get_status_info(TS_RESP *a)
+	{
+	return a->status_info;
+	}
+
+/* Caller loses ownership of PKCS7 and TS_TST_INFO objects. */
+void TS_RESP_set_tst_info(TS_RESP *a, PKCS7 *p7, TS_TST_INFO *tst_info)
+	{
+	/* Set new PKCS7 and TST_INFO objects. */
+	PKCS7_free(a->token);
+	a->token = p7;
+	TS_TST_INFO_free(a->tst_info);
+	a->tst_info = tst_info;
+	}
+
+PKCS7 *TS_RESP_get_token(TS_RESP *a)
+	{
+	return a->token;
+	}
+
+TS_TST_INFO *TS_RESP_get_tst_info(TS_RESP *a)
+	{
+	return a->tst_info;
+	}
+
+int TS_TST_INFO_set_version(TS_TST_INFO *a, long version)
+	{
+	return ASN1_INTEGER_set(a->version, version);
+	}
+
+long TS_TST_INFO_get_version(const TS_TST_INFO *a)
+	{
+	return ASN1_INTEGER_get(a->version);
+	}
+
+int TS_TST_INFO_set_policy_id(TS_TST_INFO *a, ASN1_OBJECT *policy)
+	{
+	ASN1_OBJECT *new_policy;
+
+	if (a->policy_id == policy)
+		return 1;
+	new_policy = OBJ_dup(policy);
+	if (new_policy == NULL)
+		{
+		TSerr(TS_F_TS_TST_INFO_SET_POLICY_ID, ERR_R_MALLOC_FAILURE);
+		return 0;
+		}
+	ASN1_OBJECT_free(a->policy_id);
+	a->policy_id = new_policy;
+	return 1;
+	}
+
+ASN1_OBJECT *TS_TST_INFO_get_policy_id(TS_TST_INFO *a)
+	{
+	return a->policy_id;
+	}
+
+int TS_TST_INFO_set_msg_imprint(TS_TST_INFO *a, TS_MSG_IMPRINT *msg_imprint)
+	{
+	TS_MSG_IMPRINT *new_msg_imprint;
+
+	if (a->msg_imprint == msg_imprint)
+		return 1;
+	new_msg_imprint = TS_MSG_IMPRINT_dup(msg_imprint);
+	if (new_msg_imprint == NULL)
+		{
+		TSerr(TS_F_TS_TST_INFO_SET_MSG_IMPRINT, ERR_R_MALLOC_FAILURE);
+		return 0;
+		}
+	TS_MSG_IMPRINT_free(a->msg_imprint);
+	a->msg_imprint = new_msg_imprint;
+	return 1;
+	}
+
+TS_MSG_IMPRINT *TS_TST_INFO_get_msg_imprint(TS_TST_INFO *a)
+	{
+	return a->msg_imprint;
+	}
+
+int TS_TST_INFO_set_serial(TS_TST_INFO *a, const ASN1_INTEGER *serial)
+	{
+	ASN1_INTEGER *new_serial;
+
+	if (a->serial == serial)
+		return 1;
+	new_serial = ASN1_INTEGER_dup(serial);
+	if (new_serial == NULL)
+		{
+		TSerr(TS_F_TS_TST_INFO_SET_SERIAL, ERR_R_MALLOC_FAILURE);
+		return 0;
+		}
+	ASN1_INTEGER_free(a->serial);
+	a->serial = new_serial;
+	return 1;
+	}
+
+const ASN1_INTEGER *TS_TST_INFO_get_serial(const TS_TST_INFO *a)
+	{
+	return a->serial;
+	}
+
+int TS_TST_INFO_set_time(TS_TST_INFO *a, const ASN1_GENERALIZEDTIME *gtime)
+	{
+	ASN1_GENERALIZEDTIME *new_time;
+
+	if (a->time == gtime)
+		return 1;
+	new_time = M_ASN1_GENERALIZEDTIME_dup(gtime);
+	if (new_time == NULL)
+		{
+		TSerr(TS_F_TS_TST_INFO_SET_TIME, ERR_R_MALLOC_FAILURE);
+		return 0;
+		}
+	ASN1_GENERALIZEDTIME_free(a->time);
+	a->time = new_time;
+	return 1;
+	}
+
+const ASN1_GENERALIZEDTIME *TS_TST_INFO_get_time(const TS_TST_INFO *a)
+	{
+	return a->time;
+	}
+
+int TS_TST_INFO_set_accuracy(TS_TST_INFO *a, TS_ACCURACY *accuracy)
+	{
+	TS_ACCURACY *new_accuracy;
+
+	if (a->accuracy == accuracy)
+		return 1;
+	new_accuracy = TS_ACCURACY_dup(accuracy);
+	if (new_accuracy == NULL)
+		{
+		TSerr(TS_F_TS_TST_INFO_SET_ACCURACY, ERR_R_MALLOC_FAILURE);
+		return 0;
+		}
+	TS_ACCURACY_free(a->accuracy);
+	a->accuracy = new_accuracy;
+	return 1;
+	}
+
+TS_ACCURACY *TS_TST_INFO_get_accuracy(TS_TST_INFO *a)
+	{
+	return a->accuracy;
+	}
+
+int TS_ACCURACY_set_seconds(TS_ACCURACY *a, const ASN1_INTEGER *seconds)
+	{
+	ASN1_INTEGER *new_seconds;
+
+	if (a->seconds == seconds)
+		return 1;
+	new_seconds = ASN1_INTEGER_dup(seconds);
+	if (new_seconds == NULL)
+		{
+		TSerr(TS_F_TS_ACCURACY_SET_SECONDS, ERR_R_MALLOC_FAILURE);
+		return 0;
+		}
+	ASN1_INTEGER_free(a->seconds);
+	a->seconds = new_seconds;
+	return 1;
+	}
+
+const ASN1_INTEGER *TS_ACCURACY_get_seconds(const TS_ACCURACY *a)
+	{
+	return a->seconds;
+	}
+
+int TS_ACCURACY_set_millis(TS_ACCURACY *a, const ASN1_INTEGER *millis)
+	{
+	ASN1_INTEGER *new_millis = NULL;
+
+	if (a->millis == millis)
+		return 1;
+	if (millis != NULL)
+		{
+		new_millis = ASN1_INTEGER_dup(millis);
+		if (new_millis == NULL)
+			{
+			TSerr(TS_F_TS_ACCURACY_SET_MILLIS, 
+			      ERR_R_MALLOC_FAILURE);
+			return 0;
+			}
+		}
+	ASN1_INTEGER_free(a->millis);
+	a->millis = new_millis;
+	return 1;
+	}
+
+const ASN1_INTEGER *TS_ACCURACY_get_millis(const TS_ACCURACY *a)
+	{
+	return a->millis;
+	}
+
+int TS_ACCURACY_set_micros(TS_ACCURACY *a, const ASN1_INTEGER *micros)
+	{
+	ASN1_INTEGER *new_micros = NULL;
+
+	if (a->micros == micros)
+		return 1;
+	if (micros != NULL)
+		{
+		new_micros = ASN1_INTEGER_dup(micros);
+		if (new_micros == NULL)
+			{
+			TSerr(TS_F_TS_ACCURACY_SET_MICROS, 
+			      ERR_R_MALLOC_FAILURE);
+			return 0;
+			}
+		}
+	ASN1_INTEGER_free(a->micros);
+	a->micros = new_micros;
+	return 1;
+	}
+
+const ASN1_INTEGER *TS_ACCURACY_get_micros(const TS_ACCURACY *a)
+	{
+	return a->micros;
+	}
+
+int TS_TST_INFO_set_ordering(TS_TST_INFO *a, int ordering)
+	{
+	a->ordering = ordering ? 0xFF : 0x00;
+	return 1;
+	}
+
+int TS_TST_INFO_get_ordering(const TS_TST_INFO *a)
+	{
+	return a->ordering ? 1 : 0;
+	}
+
+int TS_TST_INFO_set_nonce(TS_TST_INFO *a, const ASN1_INTEGER *nonce)
+	{
+	ASN1_INTEGER *new_nonce;
+
+	if (a->nonce == nonce)
+		return 1;
+	new_nonce = ASN1_INTEGER_dup(nonce);
+	if (new_nonce == NULL)
+		{
+		TSerr(TS_F_TS_TST_INFO_SET_NONCE, ERR_R_MALLOC_FAILURE);
+		return 0;
+		}
+	ASN1_INTEGER_free(a->nonce);
+	a->nonce = new_nonce;
+	return 1;
+	}
+
+const ASN1_INTEGER *TS_TST_INFO_get_nonce(const TS_TST_INFO *a)
+	{
+	return a->nonce;
+	}
+
+int TS_TST_INFO_set_tsa(TS_TST_INFO *a, GENERAL_NAME *tsa)
+	{
+	GENERAL_NAME *new_tsa;
+
+	if (a->tsa == tsa)
+		return 1;
+	new_tsa = GENERAL_NAME_dup(tsa);
+	if (new_tsa == NULL)
+		{
+		TSerr(TS_F_TS_TST_INFO_SET_TSA, ERR_R_MALLOC_FAILURE);
+		return 0;
+		}
+	GENERAL_NAME_free(a->tsa);
+	a->tsa = new_tsa;
+	return 1;
+	}
+
+GENERAL_NAME *TS_TST_INFO_get_tsa(TS_TST_INFO *a)
+	{
+	return a->tsa;
+	}
+
+STACK_OF(X509_EXTENSION) *TS_TST_INFO_get_exts(TS_TST_INFO *a)
+	{
+	return a->extensions;
+	}
+
+void TS_TST_INFO_ext_free(TS_TST_INFO *a)
+	{
+	if (!a) return;
+	sk_X509_EXTENSION_pop_free(a->extensions, X509_EXTENSION_free);
+	a->extensions = NULL;
+	}
+
+int TS_TST_INFO_get_ext_count(TS_TST_INFO *a)
+	{
+	return X509v3_get_ext_count(a->extensions);
+	}
+
+int TS_TST_INFO_get_ext_by_NID(TS_TST_INFO *a, int nid, int lastpos)
+	{
+	return X509v3_get_ext_by_NID(a->extensions, nid, lastpos);
+	}
+
+int TS_TST_INFO_get_ext_by_OBJ(TS_TST_INFO *a, ASN1_OBJECT *obj, int lastpos)
+	{
+	return X509v3_get_ext_by_OBJ(a->extensions, obj, lastpos);
+	}
+
+int TS_TST_INFO_get_ext_by_critical(TS_TST_INFO *a, int crit, int lastpos)
+	{
+	return X509v3_get_ext_by_critical(a->extensions, crit, lastpos);
+	}
+
+X509_EXTENSION *TS_TST_INFO_get_ext(TS_TST_INFO *a, int loc)
+	{
+	return X509v3_get_ext(a->extensions,loc);
+	}
+
+X509_EXTENSION *TS_TST_INFO_delete_ext(TS_TST_INFO *a, int loc)
+	{
+	return X509v3_delete_ext(a->extensions,loc);
+	}
+
+int TS_TST_INFO_add_ext(TS_TST_INFO *a, X509_EXTENSION *ex, int loc)
+	{
+	return X509v3_add_ext(&a->extensions,ex,loc) != NULL;
+	}
+
+void *TS_TST_INFO_get_ext_d2i(TS_TST_INFO *a, int nid, int *crit, int *idx)
+	{
+	return X509V3_get_d2i(a->extensions, nid, crit, idx);
+	}
diff --git a/crypto/ts/ts_rsp_verify.c b/crypto/ts/ts_rsp_verify.c
new file mode 100644
index 0000000000..afe16afbe4
--- /dev/null
+++ b/crypto/ts/ts_rsp_verify.c
@@ -0,0 +1,728 @@
+/* crypto/ts/ts_resp_verify.c */
+/* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL
+ * project 2002.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/objects.h>
+#include <openssl/ts.h>
+#include <openssl/pkcs7.h>
+
+/* Private function declarations. */
+
+static int TS_verify_cert(X509_STORE *store, STACK_OF(X509) *untrusted,
+			  X509 *signer, STACK_OF(X509) **chain);
+static int TS_check_signing_certs(PKCS7_SIGNER_INFO *si, STACK_OF(X509) *chain);
+static ESS_SIGNING_CERT *ESS_get_signing_cert(PKCS7_SIGNER_INFO *si);
+static int TS_find_cert(STACK_OF(ESS_CERT_ID) *cert_ids, X509 *cert);
+static int TS_issuer_serial_cmp(ESS_ISSUER_SERIAL *is, X509_CINF *cinfo);
+static int int_TS_RESP_verify_token(TS_VERIFY_CTX *ctx, 
+				 PKCS7 *token, TS_TST_INFO *tst_info);
+static int TS_check_status_info(TS_RESP *response);
+static char *TS_get_status_text(STACK_OF(ASN1_UTF8STRING) *text);
+static int TS_check_policy(ASN1_OBJECT *req_oid, TS_TST_INFO *tst_info);
+static int TS_compute_imprint(BIO *data, TS_TST_INFO *tst_info,
+			      X509_ALGOR **md_alg, 
+			      unsigned char **imprint, unsigned *imprint_len);
+static int TS_check_imprints(X509_ALGOR *algor_a, 
+			     unsigned char *imprint_a, unsigned len_a,
+			     TS_TST_INFO *tst_info);
+static int TS_check_nonces(const ASN1_INTEGER *a, TS_TST_INFO *tst_info);
+static int TS_check_signer_name(GENERAL_NAME *tsa_name, X509 *signer);
+static int TS_find_name(STACK_OF(GENERAL_NAME) *gen_names, GENERAL_NAME *name);
+
+/*
+ * Local mapping between response codes and descriptions.
+ * Don't forget to change TS_STATUS_BUF_SIZE when modifying 
+ * the elements of this array.
+ */
+static const char *TS_status_text[] =
+	{ "granted",
+	  "grantedWithMods",
+	  "rejection",
+	  "waiting",
+	  "revocationWarning",
+	  "revocationNotification" };
+
+#define TS_STATUS_TEXT_SIZE	(sizeof(TS_status_text)/sizeof(*TS_status_text))
+
+/*
+ * This must be greater or equal to the sum of the strings in TS_status_text
+ * plus the number of its elements.
+ */
+#define TS_STATUS_BUF_SIZE	256
+
+static struct
+	{
+	int code;
+	const char *text;
+	} TS_failure_info[] =
+		{ { TS_INFO_BAD_ALG, "badAlg" },
+		  { TS_INFO_BAD_REQUEST, "badRequest" },
+		  { TS_INFO_BAD_DATA_FORMAT, "badDataFormat" },
+		  { TS_INFO_TIME_NOT_AVAILABLE, "timeNotAvailable" },
+		  { TS_INFO_UNACCEPTED_POLICY, "unacceptedPolicy" },
+		  { TS_INFO_UNACCEPTED_EXTENSION, "unacceptedExtension" },
+		  { TS_INFO_ADD_INFO_NOT_AVAILABLE, "addInfoNotAvailable" },
+		  { TS_INFO_SYSTEM_FAILURE, "systemFailure" } };
+
+#define TS_FAILURE_INFO_SIZE	(sizeof(TS_failure_info) / \
+				sizeof(*TS_failure_info))
+
+/* Functions for verifying a signed TS_TST_INFO structure. */
+
+/*
+ * This function carries out the following tasks:
+ *	- Checks if there is one and only one signer.
+ *	- Search for the signing certificate in 'certs' and in the response.
+ *	- Check the extended key usage and key usage fields of the signer
+ *	certificate (done by the path validation).
+ *	- Build and validate the certificate path.
+ *	- Check if the certificate path meets the requirements of the
+ *	SigningCertificate ESS signed attribute.
+ *	- Verify the signature value.
+ *	- Returns the signer certificate in 'signer', if 'signer' is not NULL.
+ */
+int TS_RESP_verify_signature(PKCS7 *token, STACK_OF(X509) *certs,
+			     X509_STORE *store, X509 **signer_out)
+	{
+	STACK_OF(PKCS7_SIGNER_INFO) *sinfos = NULL;
+	PKCS7_SIGNER_INFO *si;
+	STACK_OF(X509) *signers = NULL;
+	X509	*signer;
+	STACK_OF(X509) *chain = NULL;
+	char	buf[4096];
+	int	i, j = 0, ret = 0;
+	BIO	*p7bio = NULL;
+
+	/* Some sanity checks first. */
+	if (!token)
+		{
+		TSerr(TS_F_TS_RESP_VERIFY_SIGNATURE, TS_R_INVALID_NULL_POINTER);
+		goto err;
+		}
+
+	/* Check for the correct content type */
+	if(!PKCS7_type_is_signed(token))
+		{
+		TSerr(TS_F_TS_RESP_VERIFY_SIGNATURE, TS_R_WRONG_CONTENT_TYPE);
+		goto err;
+		}
+
+	/* Check if there is one and only one signer. */
+	sinfos = PKCS7_get_signer_info(token);
+	if (!sinfos || sk_PKCS7_SIGNER_INFO_num(sinfos) != 1)
+		{
+		TSerr(TS_F_TS_RESP_VERIFY_SIGNATURE,
+		      TS_R_THERE_MUST_BE_ONE_SIGNER);
+		goto err;
+		}
+	si = sk_PKCS7_SIGNER_INFO_value(sinfos, 0);
+
+	/* Check for no content: no data to verify signature. */
+	if (PKCS7_get_detached(token))
+		{
+		TSerr(TS_F_TS_RESP_VERIFY_SIGNATURE, TS_R_NO_CONTENT);
+		goto err;
+		}
+	
+	/* Get hold of the signer certificate, search only internal
+	   certificates if it was requested. */
+	signers = PKCS7_get0_signers(token, certs, 0);
+	if (!signers || sk_X509_num(signers) != 1) goto err;
+	signer = sk_X509_value(signers, 0);
+
+	/* Now verify the certificate. */
+	if (!TS_verify_cert(store, certs, signer, &chain)) goto err;
+
+	/* Check if the signer certificate is consistent with the
+	   ESS extension. */
+	if (!TS_check_signing_certs(si, chain)) goto err;
+
+	/* Creating the message digest. */
+	p7bio = PKCS7_dataInit(token, NULL);
+
+	/* We now have to 'read' from p7bio to calculate digests etc. */
+	while ((i = BIO_read(p7bio,buf,sizeof(buf))) > 0);
+
+	/* Verifying the signature. */
+	j = PKCS7_signatureVerify(p7bio, token, si, signer);
+	if (j <= 0)
+		{
+		TSerr(TS_F_TS_RESP_VERIFY_SIGNATURE, TS_R_SIGNATURE_FAILURE);
+		goto err;
+		}
+
+	/* Return the signer certificate if needed. */
+	if (signer_out)
+		{
+		*signer_out = signer;
+		CRYPTO_add(&signer->references, 1, CRYPTO_LOCK_X509);
+		}
+
+	ret = 1;
+
+ err:
+	BIO_free_all(p7bio);
+	sk_X509_pop_free(chain, X509_free);
+	sk_X509_free(signers);
+
+	return ret;
+	}
+
+/*
+ * The certificate chain is returned in chain. Caller is responsible for
+ * freeing the vector.
+ */
+static int TS_verify_cert(X509_STORE *store, STACK_OF(X509) *untrusted,
+			  X509 *signer, STACK_OF(X509) **chain)
+	{
+	X509_STORE_CTX	cert_ctx;
+	int i;
+	int ret = 1;
+
+	/* chain is an out argument. */
+	*chain = NULL;
+	X509_STORE_CTX_init(&cert_ctx, store, signer, untrusted);
+	X509_STORE_CTX_set_purpose(&cert_ctx, X509_PURPOSE_TIMESTAMP_SIGN);
+	i = X509_verify_cert(&cert_ctx);
+	if (i <= 0)
+		{
+		int j = X509_STORE_CTX_get_error(&cert_ctx);
+		TSerr(TS_F_TS_VERIFY_CERT, TS_R_CERTIFICATE_VERIFY_ERROR);
+		ERR_add_error_data(2, "Verify error:",
+				   X509_verify_cert_error_string(j));
+		ret = 0;
+		}
+	else
+		{
+		/* Get a copy of the certificate chain. */
+		*chain = X509_STORE_CTX_get1_chain(&cert_ctx);
+		}
+
+	X509_STORE_CTX_cleanup(&cert_ctx);
+
+	return ret;
+	}
+
+static int TS_check_signing_certs(PKCS7_SIGNER_INFO *si, STACK_OF(X509) *chain)
+	{
+	ESS_SIGNING_CERT *ss = ESS_get_signing_cert(si);
+	STACK_OF(ESS_CERT_ID) *cert_ids = NULL;
+	X509 *cert;
+	int i = 0;
+	int ret = 0;
+
+	if (!ss) goto err;
+	cert_ids = ss->cert_ids;
+	/* The signer certificate must be the first in cert_ids. */
+	cert = sk_X509_value(chain, 0);
+	if (TS_find_cert(cert_ids, cert) != 0) goto err;
+	
+	/* Check the other certificates of the chain if there are more
+	   than one certificate ids in cert_ids. */
+	if (sk_ESS_CERT_ID_num(cert_ids) > 1)
+		{
+		/* All the certificates of the chain must be in cert_ids. */
+		for (i = 1; i < sk_X509_num(chain); ++i)
+			{
+			cert = sk_X509_value(chain, i);
+			if (TS_find_cert(cert_ids, cert) < 0) goto err;
+			}
+		}
+	ret = 1;
+ err:
+	if (!ret)
+		TSerr(TS_F_TS_CHECK_SIGNING_CERTS, 
+		      TS_R_ESS_SIGNING_CERTIFICATE_ERROR);
+	ESS_SIGNING_CERT_free(ss);
+	return ret;
+	}
+
+static ESS_SIGNING_CERT *ESS_get_signing_cert(PKCS7_SIGNER_INFO *si)
+	{
+	ASN1_TYPE *attr;
+	const unsigned char *p;
+	attr = PKCS7_get_signed_attribute(si, 
+					  NID_id_smime_aa_signingCertificate);
+	if (!attr) return NULL;
+	p = attr->value.sequence->data;
+	return d2i_ESS_SIGNING_CERT(NULL, &p, attr->value.sequence->length);
+	}
+
+/* Returns < 0 if certificate is not found, certificate index otherwise. */
+static int TS_find_cert(STACK_OF(ESS_CERT_ID) *cert_ids, X509 *cert)
+	{
+	int i;
+
+	if (!cert_ids || !cert) return -1;
+
+	/* Recompute SHA1 hash of certificate if necessary (side effect). */
+	X509_check_purpose(cert, -1, 0);
+
+	/* Look for cert in the cert_ids vector. */
+	for (i = 0; i < sk_ESS_CERT_ID_num(cert_ids); ++i)
+		{
+		ESS_CERT_ID *cid = sk_ESS_CERT_ID_value(cert_ids, i);
+
+		/* Check the SHA-1 hash first. */
+		if (cid->hash->length == sizeof(cert->sha1_hash)
+		    && !memcmp(cid->hash->data, cert->sha1_hash,
+			       sizeof(cert->sha1_hash)))
+			{
+			/* Check the issuer/serial as well if specified. */
+			ESS_ISSUER_SERIAL *is = cid->issuer_serial;
+			if (!is || !TS_issuer_serial_cmp(is, cert->cert_info))
+				return i;
+			}
+		}
+	
+	return -1;
+	}
+
+static int TS_issuer_serial_cmp(ESS_ISSUER_SERIAL *is, X509_CINF *cinfo)
+	{
+	GENERAL_NAME *issuer;
+
+	if (!is || !cinfo || sk_GENERAL_NAME_num(is->issuer) != 1) return -1;
+
+	/* Check the issuer first. It must be a directory name. */
+	issuer = sk_GENERAL_NAME_value(is->issuer, 0);
+	if (issuer->type != GEN_DIRNAME 
+	    || X509_NAME_cmp(issuer->d.dirn, cinfo->issuer))
+		return -1;
+
+	/* Check the serial number, too. */
+	if (ASN1_INTEGER_cmp(is->serial, cinfo->serialNumber))
+		return -1;
+
+	return 0;
+	}
+
+/*
+ * Verifies whether 'response' contains a valid response with regards 
+ * to the settings of the context:
+ *	- Gives an error message if the TS_TST_INFO is not present.
+ *	- Calls _TS_RESP_verify_token to verify the token content.
+ */
+int TS_RESP_verify_response(TS_VERIFY_CTX *ctx, TS_RESP *response)
+	{
+	PKCS7 *token = TS_RESP_get_token(response);
+	TS_TST_INFO *tst_info = TS_RESP_get_tst_info(response);
+	int ret = 0;
+
+	/* Check if we have a successful TS_TST_INFO object in place. */
+	if (!TS_check_status_info(response)) goto err;
+
+	/* Check the contents of the time stamp token. */
+	if (!int_TS_RESP_verify_token(ctx, token, tst_info))
+		goto err;
+
+	ret = 1;
+ err:
+	return ret;
+	}
+
+/*
+ * Tries to extract a TS_TST_INFO structure from the PKCS7 token and
+ * calls the internal int_TS_RESP_verify_token function for verifying it.
+ */
+int TS_RESP_verify_token(TS_VERIFY_CTX *ctx, PKCS7 *token)
+	{
+	TS_TST_INFO *tst_info = PKCS7_to_TS_TST_INFO(token);
+	int ret = 0;
+	if (tst_info)
+		{
+		ret = int_TS_RESP_verify_token(ctx, token, tst_info);
+		TS_TST_INFO_free(tst_info);
+		}
+	return ret;
+	}
+
+/*
+ * Verifies whether the 'token' contains a valid time stamp token 
+ * with regards to the settings of the context. Only those checks are
+ * carried out that are specified in the context:
+ *	- Verifies the signature of the TS_TST_INFO.
+ *	- Checks the version number of the response.
+ *	- Check if the requested and returned policies math.
+ *	- Check if the message imprints are the same.
+ *	- Check if the nonces are the same.
+ *	- Check if the TSA name matches the signer.
+ *	- Check if the TSA name is the expected TSA.
+ */
+static int int_TS_RESP_verify_token(TS_VERIFY_CTX *ctx, 
+				 PKCS7 *token, TS_TST_INFO *tst_info)
+	{
+	X509 *signer = NULL;
+	GENERAL_NAME *tsa_name = TS_TST_INFO_get_tsa(tst_info);
+	X509_ALGOR *md_alg = NULL;
+	unsigned char *imprint = NULL;
+	unsigned imprint_len = 0;
+	int ret = 0;
+
+	/* Verify the signature. */
+	if ((ctx->flags & TS_VFY_SIGNATURE)
+	    && !TS_RESP_verify_signature(token, ctx->certs, ctx->store,
+					 &signer))
+		goto err;
+	
+	/* Check version number of response. */
+	if ((ctx->flags & TS_VFY_VERSION)
+	    && TS_TST_INFO_get_version(tst_info) != 1)
+		{
+		TSerr(TS_F_INT_TS_RESP_VERIFY_TOKEN, TS_R_UNSUPPORTED_VERSION);
+		goto err;
+		}
+
+	/* Check policies. */
+	if ((ctx->flags & TS_VFY_POLICY)
+	    && !TS_check_policy(ctx->policy, tst_info))
+		goto err;
+	
+	/* Check message imprints. */
+	if ((ctx->flags & TS_VFY_IMPRINT)
+	    && !TS_check_imprints(ctx->md_alg, ctx->imprint, ctx->imprint_len,
+				  tst_info)) 
+		goto err;
+
+	/* Compute and check message imprints. */
+	if ((ctx->flags & TS_VFY_DATA)
+	    && (!TS_compute_imprint(ctx->data, tst_info,
+				    &md_alg, &imprint, &imprint_len)
+	    || !TS_check_imprints(md_alg, imprint, imprint_len, tst_info)))
+		goto err;
+
+	/* Check nonces. */
+	if ((ctx->flags & TS_VFY_NONCE)
+	    && !TS_check_nonces(ctx->nonce, tst_info))
+		goto err;
+
+	/* Check whether TSA name and signer certificate match. */
+	if ((ctx->flags & TS_VFY_SIGNER)
+	    && tsa_name && !TS_check_signer_name(tsa_name, signer))
+		{
+		TSerr(TS_F_INT_TS_RESP_VERIFY_TOKEN, TS_R_TSA_NAME_MISMATCH);
+		goto err;
+		}
+
+	/* Check whether the TSA is the expected one. */
+	if ((ctx->flags & TS_VFY_TSA_NAME)
+	    && !TS_check_signer_name(ctx->tsa_name, signer))
+		{
+		TSerr(TS_F_INT_TS_RESP_VERIFY_TOKEN, TS_R_TSA_UNTRUSTED);
+		goto err;
+		}
+
+	ret = 1;
+ err:
+	X509_free(signer);
+	X509_ALGOR_free(md_alg);
+	OPENSSL_free(imprint);
+	return ret;
+	}
+
+static int TS_check_status_info(TS_RESP *response)
+	{
+	TS_STATUS_INFO *info = TS_RESP_get_status_info(response);
+	long status = ASN1_INTEGER_get(info->status);
+	const char *status_text = NULL;
+	char *embedded_status_text = NULL;
+	char failure_text[TS_STATUS_BUF_SIZE] = "";
+
+	/* Check if everything went fine. */
+	if (status == 0 || status == 1) return 1;
+
+	/* There was an error, get the description in status_text. */
+	if (0 <= status && status < (long)TS_STATUS_TEXT_SIZE)
+		status_text = TS_status_text[status];
+	else
+		status_text = "unknown code";
+
+	/* Set the embedded_status_text to the returned description. */
+	if (sk_ASN1_UTF8STRING_num(info->text) > 0
+	    && !(embedded_status_text = TS_get_status_text(info->text)))
+		return 0;
+	
+	/* Filling in failure_text with the failure information. */
+	if (info->failure_info)
+		{
+		int i;
+		int first = 1;
+		for (i = 0; i < (int)TS_FAILURE_INFO_SIZE; ++i)
+			{
+			if (ASN1_BIT_STRING_get_bit(info->failure_info,
+						    TS_failure_info[i].code))
+				{
+				if (!first)
+					strcpy(failure_text, ",");
+				else
+					first = 0;
+				strcat(failure_text, TS_failure_info[i].text);
+				}
+			}
+		}
+	if (failure_text[0] == '\0')
+		strcpy(failure_text, "unspecified");
+
+	/* Making up the error string. */
+	TSerr(TS_F_TS_CHECK_STATUS_INFO, TS_R_NO_TIME_STAMP_TOKEN);
+	ERR_add_error_data(6,
+			   "status code: ", status_text,
+			   ", status text: ", embedded_status_text ? 
+			   embedded_status_text : "unspecified",
+			   ", failure codes: ", failure_text);
+	OPENSSL_free(embedded_status_text);
+
+	return 0;
+	}
+
+static char *TS_get_status_text(STACK_OF(ASN1_UTF8STRING) *text)
+	{
+	int i;
+	unsigned int length = 0;
+	char *result = NULL;
+	char *p;
+
+	/* Determine length first. */
+	for (i = 0; i < sk_ASN1_UTF8STRING_num(text); ++i)
+		{
+		ASN1_UTF8STRING *current = sk_ASN1_UTF8STRING_value(text, i);
+		length += ASN1_STRING_length(current);
+		length += 1;	/* separator character */
+		}
+	/* Allocate memory (closing '\0' included). */
+	if (!(result = OPENSSL_malloc(length)))
+		{
+		TSerr(TS_F_TS_GET_STATUS_TEXT, ERR_R_MALLOC_FAILURE);
+		return NULL;
+		}
+	/* Concatenate the descriptions. */
+	for (i = 0, p = result; i < sk_ASN1_UTF8STRING_num(text); ++i)
+		{
+		ASN1_UTF8STRING *current = sk_ASN1_UTF8STRING_value(text, i);
+		length = ASN1_STRING_length(current);
+		if (i > 0) *p++ = '/';
+		strncpy(p, (const char *)ASN1_STRING_data(current), length);
+		p += length;
+		}
+	/* We do have space for this, too. */
+	*p = '\0';
+	
+	return result;
+	}
+
+static int TS_check_policy(ASN1_OBJECT *req_oid, TS_TST_INFO *tst_info)
+	{
+	ASN1_OBJECT *resp_oid = TS_TST_INFO_get_policy_id(tst_info);
+
+	if (OBJ_cmp(req_oid, resp_oid) != 0)
+		{
+		TSerr(TS_F_TS_CHECK_POLICY, TS_R_POLICY_MISMATCH);
+		return 0;
+		}
+
+	return 1;
+	}
+
+static int TS_compute_imprint(BIO *data, TS_TST_INFO *tst_info,
+			      X509_ALGOR **md_alg, 
+			      unsigned char **imprint, unsigned *imprint_len)
+	{
+	TS_MSG_IMPRINT *msg_imprint = TS_TST_INFO_get_msg_imprint(tst_info);
+	X509_ALGOR *md_alg_resp = TS_MSG_IMPRINT_get_algo(msg_imprint);
+	const EVP_MD *md;
+	EVP_MD_CTX md_ctx;
+	unsigned char buffer[4096];
+	int length;
+
+	*md_alg = NULL;
+	*imprint = NULL;
+
+	/* Return the MD algorithm of the response. */
+	if (!(*md_alg = X509_ALGOR_dup(md_alg_resp))) goto err;
+
+	/* Getting the MD object. */
+	if (!(md = EVP_get_digestbyobj((*md_alg)->algorithm)))
+		{
+		TSerr(TS_F_TS_COMPUTE_IMPRINT, TS_R_UNSUPPORTED_MD_ALGORITHM);
+		goto err;
+		}
+
+	/* Compute message digest. */
+	length = EVP_MD_size(md);
+	if (length < 0)
+	    goto err;
+	*imprint_len = length;
+	if (!(*imprint = OPENSSL_malloc(*imprint_len))) 
+		{
+		TSerr(TS_F_TS_COMPUTE_IMPRINT, ERR_R_MALLOC_FAILURE);
+		goto err;
+		}
+
+	if (!EVP_DigestInit(&md_ctx, md))
+		goto err;
+	while ((length = BIO_read(data, buffer, sizeof(buffer))) > 0)
+		{
+		if (!EVP_DigestUpdate(&md_ctx, buffer, length))
+			goto err;
+		}
+	if (!EVP_DigestFinal(&md_ctx, *imprint, NULL))
+		goto err;
+
+	return 1;
+ err:
+	X509_ALGOR_free(*md_alg);
+	OPENSSL_free(*imprint);
+	*imprint_len = 0;
+	return 0;
+	}
+
+static int TS_check_imprints(X509_ALGOR *algor_a, 
+			     unsigned char *imprint_a, unsigned len_a,
+			     TS_TST_INFO *tst_info)
+	{
+	TS_MSG_IMPRINT *b = TS_TST_INFO_get_msg_imprint(tst_info);
+	X509_ALGOR *algor_b = TS_MSG_IMPRINT_get_algo(b);
+	int ret = 0;
+
+	/* algor_a is optional. */
+	if (algor_a)
+		{
+		/* Compare algorithm OIDs. */
+		if (OBJ_cmp(algor_a->algorithm, algor_b->algorithm)) goto err;
+
+		/* The parameter must be NULL in both. */
+		if ((algor_a->parameter 
+		     && ASN1_TYPE_get(algor_a->parameter) != V_ASN1_NULL)
+		    || (algor_b->parameter
+			&& ASN1_TYPE_get(algor_b->parameter) != V_ASN1_NULL))
+			goto err;
+		}
+
+	/* Compare octet strings. */
+	ret = len_a == (unsigned) ASN1_STRING_length(b->hashed_msg) &&
+		memcmp(imprint_a, ASN1_STRING_data(b->hashed_msg), len_a) == 0;
+ err:
+	if (!ret)
+		TSerr(TS_F_TS_CHECK_IMPRINTS, TS_R_MESSAGE_IMPRINT_MISMATCH);
+	return ret;
+	}
+
+static int TS_check_nonces(const ASN1_INTEGER *a, TS_TST_INFO *tst_info)
+	{
+	const ASN1_INTEGER *b = TS_TST_INFO_get_nonce(tst_info);
+
+	/* Error if nonce is missing. */
+	if (!b)
+		{
+		TSerr(TS_F_TS_CHECK_NONCES, TS_R_NONCE_NOT_RETURNED);
+		return 0;
+		}
+
+	/* No error if a nonce is returned without being requested. */
+	if (ASN1_INTEGER_cmp(a, b) != 0)
+		{
+		TSerr(TS_F_TS_CHECK_NONCES, TS_R_NONCE_MISMATCH);
+		return 0;
+		}
+
+	return 1;
+	}
+
+/* Check if the specified TSA name matches either the subject
+   or one of the subject alternative names of the TSA certificate. */
+static int TS_check_signer_name(GENERAL_NAME *tsa_name, X509 *signer)
+	{
+	STACK_OF(GENERAL_NAME) *gen_names = NULL;
+	int idx = -1;
+	int found = 0;
+
+	/* Check the subject name first. */
+	if (tsa_name->type == GEN_DIRNAME 
+	    && X509_name_cmp(tsa_name->d.dirn, signer->cert_info->subject) == 0)
+		return 1;
+
+	/* Check all the alternative names. */
+	gen_names = X509_get_ext_d2i(signer, NID_subject_alt_name,
+				     NULL, &idx);
+	while (gen_names != NULL
+	       && !(found = TS_find_name(gen_names, tsa_name) >= 0))
+		{
+		/* Get the next subject alternative name,
+		   although there should be no more than one. */
+		GENERAL_NAMES_free(gen_names);
+		gen_names = X509_get_ext_d2i(signer, NID_subject_alt_name,
+					     NULL, &idx);
+		}
+	if (gen_names) GENERAL_NAMES_free(gen_names);
+	
+	return found;
+	}
+
+/* Returns 1 if name is in gen_names, 0 otherwise. */
+static int TS_find_name(STACK_OF(GENERAL_NAME) *gen_names, GENERAL_NAME *name)
+	{
+	int i, found;
+	for (i = 0, found = 0; !found && i < sk_GENERAL_NAME_num(gen_names);
+	     ++i)
+		{
+		GENERAL_NAME *current = sk_GENERAL_NAME_value(gen_names, i);
+		found = GENERAL_NAME_cmp(current, name) == 0;
+		}
+	return found ? i - 1 : -1;
+	}
diff --git a/crypto/ts/ts_verify_ctx.c b/crypto/ts/ts_verify_ctx.c
new file mode 100644
index 0000000000..b079b50fc3
--- /dev/null
+++ b/crypto/ts/ts_verify_ctx.c
@@ -0,0 +1,160 @@
+/* crypto/ts/ts_verify_ctx.c */
+/* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL
+ * project 2003.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <assert.h>
+#include "cryptlib.h"
+#include <openssl/objects.h>
+#include <openssl/ts.h>
+
+TS_VERIFY_CTX *TS_VERIFY_CTX_new(void)
+	{
+	TS_VERIFY_CTX *ctx = 
+		(TS_VERIFY_CTX *) OPENSSL_malloc(sizeof(TS_VERIFY_CTX));
+	if (ctx)
+		memset(ctx, 0, sizeof(TS_VERIFY_CTX));
+	else
+		TSerr(TS_F_TS_VERIFY_CTX_NEW, ERR_R_MALLOC_FAILURE);
+	return ctx;
+	}
+
+void TS_VERIFY_CTX_init(TS_VERIFY_CTX *ctx)
+	{
+	assert(ctx != NULL);
+	memset(ctx, 0, sizeof(TS_VERIFY_CTX));
+	}
+
+void TS_VERIFY_CTX_free(TS_VERIFY_CTX *ctx)
+	{
+	if (!ctx) return;
+
+	TS_VERIFY_CTX_cleanup(ctx);
+	OPENSSL_free(ctx);
+	}
+
+void TS_VERIFY_CTX_cleanup(TS_VERIFY_CTX *ctx)
+	{
+	if (!ctx) return;
+
+	X509_STORE_free(ctx->store);
+	sk_X509_pop_free(ctx->certs, X509_free);
+
+	ASN1_OBJECT_free(ctx->policy);
+
+	X509_ALGOR_free(ctx->md_alg);
+	OPENSSL_free(ctx->imprint);
+	
+	BIO_free_all(ctx->data);
+
+	ASN1_INTEGER_free(ctx->nonce);
+
+	GENERAL_NAME_free(ctx->tsa_name);
+
+	TS_VERIFY_CTX_init(ctx);
+	}
+
+TS_VERIFY_CTX *TS_REQ_to_TS_VERIFY_CTX(TS_REQ *req, TS_VERIFY_CTX *ctx)
+	{
+	TS_VERIFY_CTX *ret = ctx;
+	ASN1_OBJECT *policy;
+	TS_MSG_IMPRINT *imprint;
+	X509_ALGOR *md_alg;
+	ASN1_OCTET_STRING *msg;
+	const ASN1_INTEGER *nonce;
+
+	assert(req != NULL);
+	if (ret)
+		TS_VERIFY_CTX_cleanup(ret);
+	else
+		if (!(ret = TS_VERIFY_CTX_new())) return NULL;
+
+	/* Setting flags. */
+	ret->flags = TS_VFY_ALL_IMPRINT & ~(TS_VFY_TSA_NAME | TS_VFY_SIGNATURE);
+
+	/* Setting policy. */
+	if ((policy = TS_REQ_get_policy_id(req)) != NULL)
+		{
+		if (!(ret->policy = OBJ_dup(policy))) goto err;
+		}
+	else
+		ret->flags &= ~TS_VFY_POLICY;
+
+	/* Setting md_alg, imprint and imprint_len. */
+	imprint = TS_REQ_get_msg_imprint(req);
+	md_alg = TS_MSG_IMPRINT_get_algo(imprint);
+	if (!(ret->md_alg = X509_ALGOR_dup(md_alg))) goto err;
+	msg = TS_MSG_IMPRINT_get_msg(imprint);
+	ret->imprint_len = ASN1_STRING_length(msg);
+	if (!(ret->imprint = OPENSSL_malloc(ret->imprint_len))) goto err;
+	memcpy(ret->imprint, ASN1_STRING_data(msg), ret->imprint_len);
+
+	/* Setting nonce. */
+	if ((nonce = TS_REQ_get_nonce(req)) != NULL)
+		{
+		if (!(ret->nonce = ASN1_INTEGER_dup(nonce))) goto err;
+		}
+	else
+		ret->flags &= ~TS_VFY_NONCE;
+
+	return ret;
+ err:
+	if (ctx)
+		TS_VERIFY_CTX_cleanup(ctx);
+	else
+		TS_VERIFY_CTX_free(ret);
+	return NULL;
+	}
diff --git a/crypto/txt_db/.cvsignore b/crypto/txt_db/.cvsignore
index c6d03a9dbc..439e6d3eb6 100644
--- a/crypto/txt_db/.cvsignore
+++ b/crypto/txt_db/.cvsignore
@@ -1,2 +1,4 @@
 lib
 Makefile.save
+*.flc
+semantic.cache
diff --git a/crypto/txt_db/txt_db.c b/crypto/txt_db/txt_db.c
index 58b300b00b..6f2ce3b5a4 100644
--- a/crypto/txt_db/txt_db.c
+++ b/crypto/txt_db/txt_db.c
@@ -66,7 +66,7 @@
 #undef BUFSIZE
 #define BUFSIZE	512
 
-const char *TXT_DB_version="TXT_DB" OPENSSL_VERSION_PTEXT;
+const char TXT_DB_version[]="TXT_DB" OPENSSL_VERSION_PTEXT;
 
 TXT_DB *TXT_DB_read(BIO *in, int num)
 	{
@@ -77,22 +77,23 @@ TXT_DB *TXT_DB_read(BIO *in, int num)
 	int i,add,n;
 	int size=BUFSIZE;
 	int offset=0;
-	char *p,**pp,*f;
+	char *p,*f;
+	OPENSSL_STRING *pp;
 	BUF_MEM *buf=NULL;
 
 	if ((buf=BUF_MEM_new()) == NULL) goto err;
 	if (!BUF_MEM_grow(buf,size)) goto err;
 
-	if ((ret=(TXT_DB *)OPENSSL_malloc(sizeof(TXT_DB))) == NULL)
+	if ((ret=OPENSSL_malloc(sizeof(TXT_DB))) == NULL)
 		goto err;
 	ret->num_fields=num;
 	ret->index=NULL;
 	ret->qual=NULL;
-	if ((ret->data=sk_new_null()) == NULL)
+	if ((ret->data=sk_OPENSSL_PSTRING_new_null()) == NULL)
 		goto err;
-	if ((ret->index=(LHASH **)OPENSSL_malloc(sizeof(LHASH *)*num)) == NULL)
+	if ((ret->index=OPENSSL_malloc(sizeof(*ret->index)*num)) == NULL)
 		goto err;
-	if ((ret->qual=(int (**)())OPENSSL_malloc(sizeof(int (**)())*num)) == NULL)
+	if ((ret->qual=OPENSSL_malloc(sizeof(*(ret->qual))*num)) == NULL)
 		goto err;
 	for (i=0; i<num; i++)
 		{
@@ -122,7 +123,7 @@ TXT_DB *TXT_DB_read(BIO *in, int num)
 		else
 			{
 			buf->data[offset-1]='\0'; /* blat the '\n' */
-			if (!(p=(char *)OPENSSL_malloc(add+offset))) goto err;
+			if (!(p=OPENSSL_malloc(add+offset))) goto err;
 			offset=0;
 			}
 		pp=(char **)p;
@@ -155,16 +156,16 @@ TXT_DB *TXT_DB_read(BIO *in, int num)
 		*(p++)='\0';
 		if ((n != num) || (*f != '\0'))
 			{
-#if !defined(OPENSSL_NO_STDIO) && !defined(OPENSSL_SYS_WIN16)	/* temporaty fix :-( */
+#if !defined(OPENSSL_NO_STDIO) && !defined(OPENSSL_SYS_WIN16)	/* temporary fix :-( */
 			fprintf(stderr,"wrong number of fields on line %ld (looking for field %d, got %d, '%s' left)\n",ln,num,n,f);
 #endif
 			er=2;
 			goto err;
 			}
 		pp[n]=p;
-		if (!sk_push(ret->data,(char *)pp))
+		if (!sk_OPENSSL_PSTRING_push(ret->data,pp))
 			{
-#if !defined(OPENSSL_NO_STDIO) && !defined(OPENSSL_SYS_WIN16)	/* temporaty fix :-( */
+#if !defined(OPENSSL_NO_STDIO) && !defined(OPENSSL_SYS_WIN16)	/* temporary fix :-( */
 			fprintf(stderr,"failure in sk_push\n");
 #endif
 			er=2;
@@ -179,20 +180,23 @@ err:
 #if !defined(OPENSSL_NO_STDIO) && !defined(OPENSSL_SYS_WIN16)
 		if (er == 1) fprintf(stderr,"OPENSSL_malloc failure\n");
 #endif
-		if (ret->data != NULL) sk_free(ret->data);
-		if (ret->index != NULL) OPENSSL_free(ret->index);
-		if (ret->qual != NULL) OPENSSL_free(ret->qual);
-		if (ret != NULL) OPENSSL_free(ret);
+		if (ret != NULL)
+			{
+			if (ret->data != NULL) sk_OPENSSL_PSTRING_free(ret->data);
+			if (ret->index != NULL) OPENSSL_free(ret->index);
+			if (ret->qual != NULL) OPENSSL_free(ret->qual);
+			if (ret != NULL) OPENSSL_free(ret);
+			}
 		return(NULL);
 		}
 	else
 		return(ret);
 	}
 
-char **TXT_DB_get_by_index(TXT_DB *db, int idx, char **value)
+OPENSSL_STRING *TXT_DB_get_by_index(TXT_DB *db, int idx, OPENSSL_STRING *value)
 	{
-	char **ret;
-	LHASH *lh;
+	OPENSSL_STRING *ret;
+	LHASH_OF(OPENSSL_STRING) *lh;
 
 	if (idx >= db->num_fields)
 		{
@@ -205,16 +209,16 @@ char **TXT_DB_get_by_index(TXT_DB *db, int idx, char **value)
 		db->error=DB_ERROR_NO_INDEX;
 		return(NULL);
 		}
-	ret=(char **)lh_retrieve(lh,value);
+	ret=lh_OPENSSL_STRING_retrieve(lh,value);
 	db->error=DB_ERROR_OK;
 	return(ret);
 	}
 
-int TXT_DB_create_index(TXT_DB *db, int field, int (*qual)(),
-		LHASH_HASH_FN_TYPE hash, LHASH_COMP_FN_TYPE cmp)
+int TXT_DB_create_index(TXT_DB *db, int field, int (*qual)(OPENSSL_STRING *),
+			LHASH_HASH_FN_TYPE hash, LHASH_COMP_FN_TYPE cmp)
 	{
-	LHASH *idx;
-	char *r;
+	LHASH_OF(OPENSSL_STRING) *idx;
+	OPENSSL_STRING *r;
 	int i,n;
 
 	if (field >= db->num_fields)
@@ -222,26 +226,27 @@ int TXT_DB_create_index(TXT_DB *db, int field, int (*qual)(),
 		db->error=DB_ERROR_INDEX_OUT_OF_RANGE;
 		return(0);
 		}
-	if ((idx=lh_new(hash,cmp)) == NULL)
+	/* FIXME: we lose type checking at this point */
+	if ((idx=(LHASH_OF(OPENSSL_STRING) *)lh_new(hash,cmp)) == NULL)
 		{
 		db->error=DB_ERROR_MALLOC;
 		return(0);
 		}
-	n=sk_num(db->data);
+	n=sk_OPENSSL_PSTRING_num(db->data);
 	for (i=0; i<n; i++)
 		{
-		r=(char *)sk_value(db->data,i);
+		r=sk_OPENSSL_PSTRING_value(db->data,i);
 		if ((qual != NULL) && (qual(r) == 0)) continue;
-		if ((r=lh_insert(idx,r)) != NULL)
+		if ((r=lh_OPENSSL_STRING_insert(idx,r)) != NULL)
 			{
 			db->error=DB_ERROR_INDEX_CLASH;
-			db->arg1=sk_find(db->data,r);
+			db->arg1=sk_OPENSSL_PSTRING_find(db->data,r);
 			db->arg2=i;
-			lh_free(idx);
+			lh_OPENSSL_STRING_free(idx);
 			return(0);
 			}
 		}
-	if (db->index[field] != NULL) lh_free(db->index[field]);
+	if (db->index[field] != NULL) lh_OPENSSL_STRING_free(db->index[field]);
 	db->index[field]=idx;
 	db->qual[field]=qual;
 	return(1);
@@ -256,11 +261,11 @@ long TXT_DB_write(BIO *out, TXT_DB *db)
 
 	if ((buf=BUF_MEM_new()) == NULL)
 		goto err;
-	n=sk_num(db->data);
+	n=sk_OPENSSL_PSTRING_num(db->data);
 	nn=db->num_fields;
 	for (i=0; i<n; i++)
 		{
-		pp=(char **)sk_value(db->data,i);
+		pp=sk_OPENSSL_PSTRING_value(db->data,i);
 
 		l=0;
 		for (j=0; j<nn; j++)
@@ -295,10 +300,10 @@ err:
 	return(ret);
 	}
 
-int TXT_DB_insert(TXT_DB *db, char **row)
+int TXT_DB_insert(TXT_DB *db, OPENSSL_STRING *row)
 	{
 	int i;
-	char **r;
+	OPENSSL_STRING *r;
 
 	for (i=0; i<db->num_fields; i++)
 		{
@@ -306,7 +311,7 @@ int TXT_DB_insert(TXT_DB *db, char **row)
 			{
 			if ((db->qual[i] != NULL) &&
 				(db->qual[i](row) == 0)) continue;
-			r=(char **)lh_retrieve(db->index[i],row);
+			r=lh_OPENSSL_STRING_retrieve(db->index[i],row);
 			if (r != NULL)
 				{
 				db->error=DB_ERROR_INDEX_CLASH;
@@ -317,7 +322,7 @@ int TXT_DB_insert(TXT_DB *db, char **row)
 			}
 		}
 	/* We have passed the index checks, now just append and insert */
-	if (!sk_push(db->data,(char *)row))
+	if (!sk_OPENSSL_PSTRING_push(db->data,row))
 		{
 		db->error=DB_ERROR_MALLOC;
 		goto err;
@@ -329,7 +334,7 @@ int TXT_DB_insert(TXT_DB *db, char **row)
 			{
 			if ((db->qual[i] != NULL) &&
 				(db->qual[i](row) == 0)) continue;
-			lh_insert(db->index[i],row);
+			(void)lh_OPENSSL_STRING_insert(db->index[i],row);
 			}
 		}
 	return(1);
@@ -348,18 +353,18 @@ void TXT_DB_free(TXT_DB *db)
 	if (db->index != NULL)
 		{
 		for (i=db->num_fields-1; i>=0; i--)
-			if (db->index[i] != NULL) lh_free(db->index[i]);
+			if (db->index[i] != NULL) lh_OPENSSL_STRING_free(db->index[i]);
 		OPENSSL_free(db->index);
 		}
 	if (db->qual != NULL)
 		OPENSSL_free(db->qual);
 	if (db->data != NULL)
 		{
-		for (i=sk_num(db->data)-1; i>=0; i--)
+		for (i=sk_OPENSSL_PSTRING_num(db->data)-1; i>=0; i--)
 			{
 			/* check if any 'fields' have been allocated
 			 * from outside of the initial block */
-			p=(char **)sk_value(db->data,i);
+			p=sk_OPENSSL_PSTRING_value(db->data,i);
 			max=p[db->num_fields]; /* last address */
 			if (max == NULL) /* new row */
 				{
@@ -375,9 +380,9 @@ void TXT_DB_free(TXT_DB *db)
 						OPENSSL_free(p[n]);
 					}
 				}
-			OPENSSL_free(sk_value(db->data,i));
+			OPENSSL_free(sk_OPENSSL_PSTRING_value(db->data,i));
 			}
-		sk_free(db->data);
+		sk_OPENSSL_PSTRING_free(db->data);
 		}
 	OPENSSL_free(db);
 	}
diff --git a/crypto/txt_db/txt_db.h b/crypto/txt_db/txt_db.h
index c98e287703..6abe435bc8 100644
--- a/crypto/txt_db/txt_db.h
+++ b/crypto/txt_db/txt_db.h
@@ -77,16 +77,19 @@
 extern "C" {
 #endif
 
+typedef OPENSSL_STRING *OPENSSL_PSTRING;
+DECLARE_SPECIAL_STACK_OF(OPENSSL_PSTRING, OPENSSL_STRING)
+
 typedef struct txt_db_st
 	{
 	int num_fields;
-	STACK /* char ** */ *data;
-	LHASH **index;
-	int (**qual)();
+	STACK_OF(OPENSSL_PSTRING) *data;
+	LHASH_OF(OPENSSL_STRING) **index;
+	int (**qual)(OPENSSL_STRING *);
 	long error;
 	long arg1;
 	long arg2;
-	char **arg_row;
+	OPENSSL_STRING *arg_row;
 	} TXT_DB;
 
 #ifndef OPENSSL_NO_BIO
@@ -96,11 +99,11 @@ long TXT_DB_write(BIO *out, TXT_DB *db);
 TXT_DB *TXT_DB_read(char *in, int num);
 long TXT_DB_write(char *out, TXT_DB *db);
 #endif
-int TXT_DB_create_index(TXT_DB *db,int field,int (*qual)(),
-		LHASH_HASH_FN_TYPE hash, LHASH_COMP_FN_TYPE cmp);
+int TXT_DB_create_index(TXT_DB *db,int field,int (*qual)(OPENSSL_STRING *),
+			LHASH_HASH_FN_TYPE hash, LHASH_COMP_FN_TYPE cmp);
 void TXT_DB_free(TXT_DB *db);
-char **TXT_DB_get_by_index(TXT_DB *db, int idx, char **value);
-int TXT_DB_insert(TXT_DB *db,char **value);
+OPENSSL_STRING *TXT_DB_get_by_index(TXT_DB *db, int idx, OPENSSL_STRING *value);
+int TXT_DB_insert(TXT_DB *db, OPENSSL_STRING *value);
 
 #ifdef  __cplusplus
 }
diff --git a/crypto/ui/.cvsignore b/crypto/ui/.cvsignore
index c6d03a9dbc..439e6d3eb6 100644
--- a/crypto/ui/.cvsignore
+++ b/crypto/ui/.cvsignore
@@ -1,2 +1,4 @@
 lib
 Makefile.save
+*.flc
+semantic.cache
diff --git a/crypto/ui/Makefile.ssl b/crypto/ui/Makefile.ssl
deleted file mode 100644
index 9906d721b3..0000000000
--- a/crypto/ui/Makefile.ssl
+++ /dev/null
@@ -1,116 +0,0 @@
-#
-# OpenSSL/crypto/ui/Makefile
-#
-
-DIR=	ui
-TOP=	../..
-CC=	cc
-INCLUDES= -I.. -I$(TOP) -I../../include
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile
-#TEST= uitest.c
-TEST=
-APPS=
-
-COMPATSRC= ui_compat.c
-COMPATOBJ= ui_compat.o
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC= ui_err.c ui_lib.c ui_openssl.c ui_util.c $(COMPATSRC)
-LIBOBJ= ui_err.o ui_lib.o ui_openssl.o ui_util.o $(COMPATOBJ)
-
-SRC= $(LIBSRC)
-
-EXHEADER= ui.h ui_compat.h
-HEADER=	$(EXHEADER) ui_locl.h
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@sh $(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-ui_compat.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
-ui_compat.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-ui_compat.o: ../../include/openssl/stack.h ../../include/openssl/ui.h
-ui_compat.o: ../../include/openssl/ui_compat.h ui_compat.c
-ui_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
-ui_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-ui_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-ui_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-ui_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-ui_err.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h ui_err.c
-ui_lib.o: ../../e_os.h ../../include/openssl/bio.h
-ui_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-ui_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-ui_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-ui_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-ui_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-ui_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-ui_lib.o: ../cryptlib.h ui_lib.c ui_locl.h
-ui_openssl.o: ../../e_os.h ../../include/openssl/bio.h
-ui_openssl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-ui_openssl.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-ui_openssl.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-ui_openssl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-ui_openssl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-ui_openssl.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-ui_openssl.o: ../cryptlib.h ui_locl.h ui_openssl.c
-ui_util.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-ui_util.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-ui_util.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-ui_util.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-ui_util.o: ../../include/openssl/ui.h ui_locl.h ui_util.c
diff --git a/crypto/ui/ui.h b/crypto/ui/ui.h
index 59da88ea02..c343595a39 100644
--- a/crypto/ui/ui.h
+++ b/crypto/ui/ui.h
@@ -211,7 +211,7 @@ int UI_process(UI *ui);
 /* Give a user interface parametrised control commands.  This can be used to
    send down an integer, a data pointer or a function pointer, as well as
    be used to get information from a UI. */
-int UI_ctrl(UI *ui, int cmd, long i, void *p, void (*f)());
+int UI_ctrl(UI *ui, int cmd, long i, void *p, void (*f)(void));
 
 /* The commands */
 /* Use UI_CONTROL_PRINT_ERRORS with the value 1 to have UI_process print the
@@ -287,8 +287,8 @@ UI_METHOD *UI_OpenSSL(void);
 /* The UI_STRING type is the data structure that contains all the needed info
    about a string or a prompt, including test data for a verification prompt.
 */
-DECLARE_STACK_OF(UI_STRING)
 typedef struct ui_string_st UI_STRING;
+DECLARE_STACK_OF(UI_STRING)
 
 /* The different types of strings that are currently supported.
    This is only needed by method authors. */
diff --git a/crypto/ui/ui_err.c b/crypto/ui/ui_err.c
index 39a62ae737..a6b96299a0 100644
--- a/crypto/ui/ui_err.c
+++ b/crypto/ui/ui_err.c
@@ -1,6 +1,6 @@
 /* crypto/ui/ui_err.c */
 /* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2006 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -64,32 +64,36 @@
 
 /* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
+
+#define ERR_FUNC(func) ERR_PACK(ERR_LIB_UI,func,0)
+#define ERR_REASON(reason) ERR_PACK(ERR_LIB_UI,0,reason)
+
 static ERR_STRING_DATA UI_str_functs[]=
 	{
-{ERR_PACK(0,UI_F_GENERAL_ALLOCATE_BOOLEAN,0),	"GENERAL_ALLOCATE_BOOLEAN"},
-{ERR_PACK(0,UI_F_GENERAL_ALLOCATE_PROMPT,0),	"GENERAL_ALLOCATE_PROMPT"},
-{ERR_PACK(0,UI_F_GENERAL_ALLOCATE_STRING,0),	"GENERAL_ALLOCATE_STRING"},
-{ERR_PACK(0,UI_F_UI_CTRL,0),	"UI_ctrl"},
-{ERR_PACK(0,UI_F_UI_DUP_ERROR_STRING,0),	"UI_dup_error_string"},
-{ERR_PACK(0,UI_F_UI_DUP_INFO_STRING,0),	"UI_dup_info_string"},
-{ERR_PACK(0,UI_F_UI_DUP_INPUT_BOOLEAN,0),	"UI_dup_input_boolean"},
-{ERR_PACK(0,UI_F_UI_DUP_INPUT_STRING,0),	"UI_dup_input_string"},
-{ERR_PACK(0,UI_F_UI_DUP_VERIFY_STRING,0),	"UI_dup_verify_string"},
-{ERR_PACK(0,UI_F_UI_GET0_RESULT,0),	"UI_get0_result"},
-{ERR_PACK(0,UI_F_UI_NEW_METHOD,0),	"UI_new_method"},
-{ERR_PACK(0,UI_F_UI_SET_RESULT,0),	"UI_set_result"},
+{ERR_FUNC(UI_F_GENERAL_ALLOCATE_BOOLEAN),	"GENERAL_ALLOCATE_BOOLEAN"},
+{ERR_FUNC(UI_F_GENERAL_ALLOCATE_PROMPT),	"GENERAL_ALLOCATE_PROMPT"},
+{ERR_FUNC(UI_F_GENERAL_ALLOCATE_STRING),	"GENERAL_ALLOCATE_STRING"},
+{ERR_FUNC(UI_F_UI_CTRL),	"UI_ctrl"},
+{ERR_FUNC(UI_F_UI_DUP_ERROR_STRING),	"UI_dup_error_string"},
+{ERR_FUNC(UI_F_UI_DUP_INFO_STRING),	"UI_dup_info_string"},
+{ERR_FUNC(UI_F_UI_DUP_INPUT_BOOLEAN),	"UI_dup_input_boolean"},
+{ERR_FUNC(UI_F_UI_DUP_INPUT_STRING),	"UI_dup_input_string"},
+{ERR_FUNC(UI_F_UI_DUP_VERIFY_STRING),	"UI_dup_verify_string"},
+{ERR_FUNC(UI_F_UI_GET0_RESULT),	"UI_get0_result"},
+{ERR_FUNC(UI_F_UI_NEW_METHOD),	"UI_new_method"},
+{ERR_FUNC(UI_F_UI_SET_RESULT),	"UI_set_result"},
 {0,NULL}
 	};
 
 static ERR_STRING_DATA UI_str_reasons[]=
 	{
-{UI_R_COMMON_OK_AND_CANCEL_CHARACTERS    ,"common ok and cancel characters"},
-{UI_R_INDEX_TOO_LARGE                    ,"index too large"},
-{UI_R_INDEX_TOO_SMALL                    ,"index too small"},
-{UI_R_NO_RESULT_BUFFER                   ,"no result buffer"},
-{UI_R_RESULT_TOO_LARGE                   ,"result too large"},
-{UI_R_RESULT_TOO_SMALL                   ,"result too small"},
-{UI_R_UNKNOWN_CONTROL_COMMAND            ,"unknown control command"},
+{ERR_REASON(UI_R_COMMON_OK_AND_CANCEL_CHARACTERS),"common ok and cancel characters"},
+{ERR_REASON(UI_R_INDEX_TOO_LARGE)        ,"index too large"},
+{ERR_REASON(UI_R_INDEX_TOO_SMALL)        ,"index too small"},
+{ERR_REASON(UI_R_NO_RESULT_BUFFER)       ,"no result buffer"},
+{ERR_REASON(UI_R_RESULT_TOO_LARGE)       ,"result too large"},
+{ERR_REASON(UI_R_RESULT_TOO_SMALL)       ,"result too small"},
+{ERR_REASON(UI_R_UNKNOWN_CONTROL_COMMAND),"unknown control command"},
 {0,NULL}
 	};
 
@@ -97,15 +101,12 @@ static ERR_STRING_DATA UI_str_reasons[]=
 
 void ERR_load_UI_strings(void)
 	{
-	static int init=1;
-
-	if (init)
-		{
-		init=0;
 #ifndef OPENSSL_NO_ERR
-		ERR_load_strings(ERR_LIB_UI,UI_str_functs);
-		ERR_load_strings(ERR_LIB_UI,UI_str_reasons);
-#endif
 
+	if (ERR_func_error_string(UI_str_functs[0].error) == NULL)
+		{
+		ERR_load_strings(0,UI_str_functs);
+		ERR_load_strings(0,UI_str_reasons);
 		}
+#endif
 	}
diff --git a/crypto/ui/ui_lib.c b/crypto/ui/ui_lib.c
index dbc9711a2d..ac0100808f 100644
--- a/crypto/ui/ui_lib.c
+++ b/crypto/ui/ui_lib.c
@@ -57,12 +57,12 @@
  */
 
 #include <string.h>
+#include "cryptlib.h"
 #include <openssl/e_os2.h>
 #include <openssl/buffer.h>
 #include <openssl/ui.h>
 #include <openssl/err.h>
 #include "ui_locl.h"
-#include "cryptlib.h"
 
 IMPLEMENT_STACK_OF(UI_STRING_ST)
 
@@ -90,6 +90,7 @@ UI *UI_new_method(const UI_METHOD *method)
 
 	ret->strings=NULL;
 	ret->user_data=NULL;
+	ret->flags=0;
 	CRYPTO_new_ex_data(CRYPTO_EX_INDEX_UI, ret, &ret->ex_data);
 	return ret;
 	}
@@ -545,7 +546,7 @@ int UI_process(UI *ui)
 	return ok;
 	}
 
-int UI_ctrl(UI *ui, int cmd, long i, void *p, void (*f)())
+int UI_ctrl(UI *ui, int cmd, long i, void *p, void (*f)(void))
 	{
 	if (ui == NULL)
 		{
@@ -620,8 +621,10 @@ UI_METHOD *UI_create_method(char *name)
 	UI_METHOD *ui_method = (UI_METHOD *)OPENSSL_malloc(sizeof(UI_METHOD));
 
 	if (ui_method)
+		{
 		memset(ui_method, 0, sizeof(*ui_method));
-	ui_method->name = BUF_strdup(name);
+		ui_method->name = BUF_strdup(name);
+		}
 	return ui_method;
 	}
 
diff --git a/crypto/ui/ui_locl.h b/crypto/ui/ui_locl.h
index 68cc543402..aa4a55637d 100644
--- a/crypto/ui/ui_locl.h
+++ b/crypto/ui/ui_locl.h
@@ -62,6 +62,10 @@
 #include <openssl/ui.h>
 #include <openssl/crypto.h>
 
+#ifdef _
+#undef _
+#endif
+
 struct ui_method_st
 	{
 	char *name;
diff --git a/crypto/ui/ui_openssl.c b/crypto/ui/ui_openssl.c
index 0fce31092e..fe2f0a359c 100644
--- a/crypto/ui/ui_openssl.c
+++ b/crypto/ui/ui_openssl.c
@@ -122,7 +122,9 @@
  * sigaction and fileno included. -pedantic would be more appropriate for
  * the intended purposes, but we can't prevent users from adding -ansi.
  */
-#define _POSIX_C_SOURCE 1
+#ifndef _POSIX_C_SOURCE
+#define _POSIX_C_SOURCE 2
+#endif
 #include <signal.h>
 #include <stdio.h>
 #include <string.h>
@@ -304,7 +306,7 @@ static int is_a_tty;
 
 /* Declare static functions */
 #if !defined(OPENSSL_SYS_WIN16) && !defined(OPENSSL_SYS_WINCE)
-static void read_till_nl(FILE *);
+static int read_till_nl(FILE *);
 static void recsig(int);
 static void pushsig(void);
 static void popsig(void);
@@ -397,14 +399,16 @@ static int read_string(UI *ui, UI_STRING *uis)
 
 #if !defined(OPENSSL_SYS_WIN16) && !defined(OPENSSL_SYS_WINCE)
 /* Internal functions to read a string without echoing */
-static void read_till_nl(FILE *in)
+static int read_till_nl(FILE *in)
 	{
 #define SIZE 4
 	char buf[SIZE+1];
 
 	do	{
-		fgets(buf,SIZE,in);
+		if (!fgets(buf,SIZE,in))
+			return 0;
 		} while (strchr(buf,'\n') == NULL);
+	return 1;
 	}
 
 static volatile sig_atomic_t intr_signal;
@@ -452,7 +456,8 @@ static int read_string_inner(UI *ui, UI_STRING *uis, int echo, int strip_nl)
 			*p='\0';
 		}
 	else
-		read_till_nl(tty_in);
+		if (!read_till_nl(tty_in))
+			goto error;
 	if (UI_set_result(ui, uis, result) >= 0)
 		ok=1;
 
@@ -480,7 +485,7 @@ static int open_console(UI *ui)
 	CRYPTO_w_lock(CRYPTO_LOCK_UI);
 	is_a_tty = 1;
 
-#if defined(OPENSSL_SYS_MACINTOSH_CLASSIC) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE)
+#if defined(OPENSSL_SYS_MACINTOSH_CLASSIC) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_BEOS)
 	tty_in=stdin;
 	tty_out=stderr;
 #else
@@ -585,7 +590,9 @@ static int close_console(UI *ui)
 /* Internal functions to handle signals and act on them */
 static void pushsig(void)
 	{
+#ifndef OPENSSL_SYS_WIN32
 	int i;
+#endif
 #ifdef SIGACTION
 	struct sigaction sa;
 
@@ -593,6 +600,14 @@ static void pushsig(void)
 	sa.sa_handler=recsig;
 #endif
 
+#ifdef OPENSSL_SYS_WIN32
+	savsig[SIGABRT]=signal(SIGABRT,recsig);
+	savsig[SIGFPE]=signal(SIGFPE,recsig);
+	savsig[SIGILL]=signal(SIGILL,recsig);
+	savsig[SIGINT]=signal(SIGINT,recsig);
+	savsig[SIGSEGV]=signal(SIGSEGV,recsig);
+	savsig[SIGTERM]=signal(SIGTERM,recsig);
+#else
 	for (i=1; i<NX509_SIG; i++)
 		{
 #ifdef SIGUSR1
@@ -613,6 +628,7 @@ static void pushsig(void)
 		savsig[i]=signal(i,recsig);
 #endif
 		}
+#endif
 
 #ifdef SIGWINCH
 	signal(SIGWINCH,SIG_DFL);
@@ -621,8 +637,15 @@ static void pushsig(void)
 
 static void popsig(void)
 	{
+#ifdef OPENSSL_SYS_WIN32
+	signal(SIGABRT,savsig[SIGABRT]);
+	signal(SIGFPE,savsig[SIGFPE]);
+	signal(SIGILL,savsig[SIGILL]);
+	signal(SIGINT,savsig[SIGINT]);
+	signal(SIGSEGV,savsig[SIGSEGV]);
+	signal(SIGTERM,savsig[SIGTERM]);
+#else
 	int i;
-
 	for (i=1; i<NX509_SIG; i++)
 		{
 #ifdef SIGUSR1
@@ -639,6 +662,7 @@ static void popsig(void)
 		signal(i,savsig[i]);
 #endif
 		}
+#endif
 	}
 
 static void recsig(int i)
@@ -665,6 +689,8 @@ static int noecho_fgets(char *buf, int size, FILE *tty)
 		size--;
 #ifdef WIN16TTY
 		i=_inchar();
+#elif defined(_WIN32)
+		i=_getch();
 #else
 		i=getch();
 #endif
diff --git a/crypto/whrlpool/.cvsignore b/crypto/whrlpool/.cvsignore
new file mode 100644
index 0000000000..baa1c42710
--- /dev/null
+++ b/crypto/whrlpool/.cvsignore
@@ -0,0 +1,3 @@
+lib
+Makefile.save
+wp-*.s
diff --git a/crypto/stack/Makefile.ssl b/crypto/whrlpool/Makefile
index abf384a39d..566b996290 100644
--- a/crypto/stack/Makefile.ssl
+++ b/crypto/whrlpool/Makefile
@@ -1,35 +1,34 @@
 #
-# SSLeay/crypto/stack/Makefile
+# crypto/whrlpool/Makefile
 #
 
-DIR=	stack
+DIR=	whrlpool
 TOP=	../..
 CC=	cc
+CPP=	$(CC) -E
 INCLUDES=
 CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
+MAKEFILE=	Makefile
 AR=		ar r
 
+WP_ASM_OBJ=wp_block.o
+
 CFLAGS= $(INCLUDES) $(CFLAG)
+ASFLAGS= $(INCLUDES) $(ASFLAG)
+AFLAGS= $(ASFLAGS)
 
 GENERAL=Makefile
-TEST=
+TEST=wp_test.c
 APPS=
 
 LIB=$(TOP)/libcrypto.a
-LIBSRC=stack.c
-LIBOBJ=stack.o
+LIBSRC=wp_dgst.c wp_block.c
+LIBOBJ=wp_dgst.o $(WP_ASM_OBJ)
 
 SRC= $(LIBSRC)
 
-EXHEADER= stack.h safestack.h
-HEADER=	$(EXHEADER)
+EXHEADER= whrlpool.h
+HEADER= wp_locl.h $(EXHEADER)
 
 ALL=    $(GENERAL) $(SRC) $(HEADER)
 
@@ -43,16 +42,24 @@ lib:	$(LIBOBJ)
 	$(RANLIB) $(LIB) || echo Never mind.
 	@touch lib
 
+wp-mmx.s:	asm/wp-mmx.pl ../perlasm/x86asm.pl
+	$(PERL) asm/wp-mmx.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
+
+wp-x86_64.s: asm/wp-x86_64.pl
+	$(PERL) asm/wp-x86_64.pl $(PERLASM_SCHEME) > $@
+
+$(LIBOBJ): $(LIBSRC)
+
 files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
 
 links:
-	@sh $(TOP)/util/point.sh Makefile.ssl Makefile
 	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
 	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
 	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
 
 install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
 	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
 	do  \
 	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
@@ -68,6 +75,7 @@ lint:
 	lint -DLINT $(INCLUDES) $(SRC)>fluff
 
 depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
 	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
 
 dclean:
@@ -75,15 +83,11 @@ dclean:
 	mv -f Makefile.new $(MAKEFILE)
 
 clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+	rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
 
 # DO NOT DELETE THIS LINE -- make depend depends on it.
 
-stack.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-stack.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-stack.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-stack.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-stack.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-stack.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-stack.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-stack.o: ../../include/openssl/symhacks.h ../cryptlib.h stack.c
+wp_block.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+wp_block.o: ../../include/openssl/whrlpool.h wp_block.c wp_locl.h
+wp_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+wp_dgst.o: ../../include/openssl/whrlpool.h wp_dgst.c wp_locl.h
diff --git a/crypto/whrlpool/asm/wp-mmx.pl b/crypto/whrlpool/asm/wp-mmx.pl
new file mode 100644
index 0000000000..32cf16380b
--- /dev/null
+++ b/crypto/whrlpool/asm/wp-mmx.pl
@@ -0,0 +1,493 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. Rights for redistribution and usage in source and binary
+# forms are granted according to the OpenSSL license.
+# ====================================================================
+#
+# whirlpool_block_mmx implementation.
+#
+*SCALE=\(2); # 2 or 8, that is the question:-) Value of 8 results
+# in 16KB large table, which is tough on L1 cache, but eliminates
+# unaligned references to it. Value of 2 results in 4KB table, but
+# 7/8 of references to it are unaligned. AMD cores seem to be
+# allergic to the latter, while Intel ones - to former [see the
+# table]. I stick to value of 2 for two reasons: 1. smaller table
+# minimizes cache trashing and thus mitigates the hazard of side-
+# channel leakage similar to AES cache-timing one; 2. performance
+# gap among different µ-archs is smaller.
+#
+# Performance table lists rounded amounts of CPU cycles spent by
+# whirlpool_block_mmx routine on single 64 byte input block, i.e.
+# smaller is better and asymptotic throughput can be estimated by
+# multiplying 64 by CPU clock frequency and dividing by relevant
+# value from the given table:
+#
+#		$SCALE=2/8	icc8	gcc3	
+# Intel P4	3200/4600	4600(*)	6400
+# Intel PIII	2900/3000	4900	5400
+# AMD K[78]	2500/1800	9900	8200(**)
+#
+# (*)	I've sketched even non-MMX assembler, but for the record
+#	I've failed to beat the Intel compiler on P4, without using
+#	MMX that is...
+# (**)	... on AMD on the other hand non-MMX assembler was observed
+#	to perform significantly better, but I figured this MMX
+#	implementation is even faster anyway, so why bother? As for
+#	pre-MMX AMD core[s], the improvement coefficient is more
+#	than likely to vary anyway and I don't know how. But the
+#	least I know is that gcc-generated code compiled with
+#	-DL_ENDIAN and -DOPENSSL_SMALL_FOOTPRINT [see C module for
+#	details] and optimized for Pentium was observed to perform
+#	*better* on Pentium 100 than unrolled non-MMX assembler
+#	loop... So we just say that I don't know if maintaining
+#	non-MMX implementation would actually pay off, but till
+#	opposite is proved "unlikely" is assumed.
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+push(@INC,"${dir}","${dir}../../perlasm");
+require "x86asm.pl";
+
+&asm_init($ARGV[0],"wp-mmx.pl");
+
+sub L()  { &data_byte(@_); }
+sub LL()
+{	if	($SCALE==2)	{ &data_byte(@_); &data_byte(@_); }
+	elsif	($SCALE==8)	{ for ($i=0;$i<8;$i++) {
+					&data_byte(@_);
+					unshift(@_,pop(@_));
+				  }
+				}
+	else			{ die "unvalid SCALE value"; }
+}
+
+sub scale()
+{	if	($SCALE==2)	{ &lea(@_[0],&DWP(0,@_[1],@_[1])); }
+	elsif	($SCALE==8)	{ &lea(@_[0],&DWP(0,"",@_[1],8));  }
+	else			{ die "unvalid SCALE value";       }
+}
+
+sub row()
+{	if	($SCALE==2)	{ ((8-shift)&7); }
+	elsif	($SCALE==8)	{ (8*shift);     }
+	else			{ die "unvalid SCALE value"; }
+}
+
+$tbl="ebp";
+@mm=("mm0","mm1","mm2","mm3","mm4","mm5","mm6","mm7");
+
+&function_begin_B("whirlpool_block_mmx");
+	&push	("ebp");
+	&push	("ebx");
+	&push	("esi");
+	&push	("edi");
+
+	&mov	("esi",&wparam(0));		# hash value
+	&mov	("edi",&wparam(1));		# input data stream
+	&mov	("ebp",&wparam(2));		# number of chunks in input
+
+	&mov	("eax","esp");			# copy stack pointer
+	&sub	("esp",128+20);			# allocate frame
+	&and	("esp",-64);			# align for cache-line
+
+	&lea	("ebx",&DWP(128,"esp"));
+	&mov	(&DWP(0,"ebx"),"esi");		# save parameter block
+	&mov	(&DWP(4,"ebx"),"edi");
+	&mov	(&DWP(8,"ebx"),"ebp");
+	&mov	(&DWP(16,"ebx"),"eax");		# saved stack pointer
+
+	&call	(&label("pic_point"));
+&set_label("pic_point");
+	&blindpop($tbl);
+	&lea	($tbl,&DWP(&label("table")."-".&label("pic_point"),$tbl));
+
+	&xor	("ecx","ecx");
+	&xor	("edx","edx");
+
+	for($i=0;$i<8;$i++) { &movq(@mm[$i],&QWP($i*8,"esi")); }    # L=H
+&set_label("outerloop");
+	for($i=0;$i<8;$i++) { &movq(&QWP($i*8,"esp"),@mm[$i]); }    # K=L
+	for($i=0;$i<8;$i++) { &pxor(@mm[$i],&QWP($i*8,"edi")); }    # L^=inp
+	for($i=0;$i<8;$i++) { &movq(&QWP(64+$i*8,"esp"),@mm[$i]); } # S=L
+
+	&xor	("esi","esi");
+	&mov	(&DWP(12,"ebx"),"esi");		# zero round counter
+
+&set_label("round",16);
+	&movq	(@mm[0],&QWP(2048*$SCALE,$tbl,"esi",8));	# rc[r]
+	&mov	("eax",&DWP(0,"esp"));
+	&mov	("ebx",&DWP(4,"esp"));
+for($i=0;$i<8;$i++) {
+    my $func = ($i==0)? movq : pxor;
+	&movb	(&LB("ecx"),&LB("eax"));
+	&movb	(&LB("edx"),&HB("eax"));
+	&scale	("esi","ecx");
+	&scale	("edi","edx");
+	&shr	("eax",16);
+	&pxor	(@mm[0],&QWP(&row(0),$tbl,"esi",8));
+	&$func	(@mm[1],&QWP(&row(1),$tbl,"edi",8));
+	&movb	(&LB("ecx"),&LB("eax"));
+	&movb	(&LB("edx"),&HB("eax"));
+	&mov	("eax",&DWP(($i+1)*8,"esp"));
+	&scale	("esi","ecx");
+	&scale	("edi","edx");
+	&$func	(@mm[2],&QWP(&row(2),$tbl,"esi",8));
+	&$func	(@mm[3],&QWP(&row(3),$tbl,"edi",8));
+	&movb	(&LB("ecx"),&LB("ebx"));
+	&movb	(&LB("edx"),&HB("ebx"));
+	&scale	("esi","ecx");
+	&scale	("edi","edx");
+	&shr	("ebx",16);
+	&$func	(@mm[4],&QWP(&row(4),$tbl,"esi",8));
+	&$func	(@mm[5],&QWP(&row(5),$tbl,"edi",8));
+	&movb	(&LB("ecx"),&LB("ebx"));
+	&movb	(&LB("edx"),&HB("ebx"));
+	&mov	("ebx",&DWP(($i+1)*8+4,"esp"));
+	&scale	("esi","ecx");
+	&scale	("edi","edx");
+	&$func	(@mm[6],&QWP(&row(6),$tbl,"esi",8));
+	&$func	(@mm[7],&QWP(&row(7),$tbl,"edi",8));
+    push(@mm,shift(@mm));
+}
+
+	for($i=0;$i<8;$i++) { &movq(&QWP($i*8,"esp"),@mm[$i]); }    # K=L
+
+for($i=0;$i<8;$i++) {
+	&movb	(&LB("ecx"),&LB("eax"));
+	&movb	(&LB("edx"),&HB("eax"));
+	&scale	("esi","ecx");
+	&scale	("edi","edx");
+	&shr	("eax",16);
+	&pxor	(@mm[0],&QWP(&row(0),$tbl,"esi",8));
+	&pxor	(@mm[1],&QWP(&row(1),$tbl,"edi",8));
+	&movb	(&LB("ecx"),&LB("eax"));
+	&movb	(&LB("edx"),&HB("eax"));
+	&mov	("eax",&DWP(64+($i+1)*8,"esp"))		if ($i<7);
+	&scale	("esi","ecx");
+	&scale	("edi","edx");
+	&pxor	(@mm[2],&QWP(&row(2),$tbl,"esi",8));
+	&pxor	(@mm[3],&QWP(&row(3),$tbl,"edi",8));
+	&movb	(&LB("ecx"),&LB("ebx"));
+	&movb	(&LB("edx"),&HB("ebx"));
+	&scale	("esi","ecx");
+	&scale	("edi","edx");
+	&shr	("ebx",16);
+	&pxor	(@mm[4],&QWP(&row(4),$tbl,"esi",8));
+	&pxor	(@mm[5],&QWP(&row(5),$tbl,"edi",8));
+	&movb	(&LB("ecx"),&LB("ebx"));
+	&movb	(&LB("edx"),&HB("ebx"));
+	&mov	("ebx",&DWP(64+($i+1)*8+4,"esp"))	if ($i<7);
+	&scale	("esi","ecx");
+	&scale	("edi","edx");
+	&pxor	(@mm[6],&QWP(&row(6),$tbl,"esi",8));
+	&pxor	(@mm[7],&QWP(&row(7),$tbl,"edi",8));
+    push(@mm,shift(@mm));
+}
+	&lea	("ebx",&DWP(128,"esp"));
+	&mov	("esi",&DWP(12,"ebx"));		# pull round counter
+	&add	("esi",1);
+	&cmp	("esi",10);
+	&je	(&label("roundsdone"));
+
+	&mov	(&DWP(12,"ebx"),"esi");		# update round counter
+	for($i=0;$i<8;$i++) { &movq(&QWP(64+$i*8,"esp"),@mm[$i]); } # S=L
+	&jmp	(&label("round"));
+
+&set_label("roundsdone",16);
+	&mov	("esi",&DWP(0,"ebx"));		# reload argument block
+	&mov	("edi",&DWP(4,"ebx"));
+	&mov	("eax",&DWP(8,"ebx"));
+
+	for($i=0;$i<8;$i++) { &pxor(@mm[$i],&QWP($i*8,"edi")); }    # L^=inp
+	for($i=0;$i<8;$i++) { &pxor(@mm[$i],&QWP($i*8,"esi")); }    # L^=H
+	for($i=0;$i<8;$i++) { &movq(&QWP($i*8,"esi"),@mm[$i]); }    # H=L
+
+	&lea	("edi",&DWP(64,"edi"));		# inp+=64
+	&sub	("eax",1);			# num--
+	&jz	(&label("alldone"));
+	&mov	(&DWP(4,"ebx"),"edi");		# update argument block
+	&mov	(&DWP(8,"ebx"),"eax");
+	&jmp	(&label("outerloop"));
+
+&set_label("alldone");
+	&emms	();
+	&mov	("esp",&DWP(16,"ebx"));		# restore saved stack pointer
+	&pop	("edi");
+	&pop	("esi");
+	&pop	("ebx");
+	&pop	("ebp");
+	&ret	();
+
+&align(64);
+&set_label("table");
+	&LL(0x18,0x18,0x60,0x18,0xc0,0x78,0x30,0xd8);
+	&LL(0x23,0x23,0x8c,0x23,0x05,0xaf,0x46,0x26);
+	&LL(0xc6,0xc6,0x3f,0xc6,0x7e,0xf9,0x91,0xb8);
+	&LL(0xe8,0xe8,0x87,0xe8,0x13,0x6f,0xcd,0xfb);
+	&LL(0x87,0x87,0x26,0x87,0x4c,0xa1,0x13,0xcb);
+	&LL(0xb8,0xb8,0xda,0xb8,0xa9,0x62,0x6d,0x11);
+	&LL(0x01,0x01,0x04,0x01,0x08,0x05,0x02,0x09);
+	&LL(0x4f,0x4f,0x21,0x4f,0x42,0x6e,0x9e,0x0d);
+	&LL(0x36,0x36,0xd8,0x36,0xad,0xee,0x6c,0x9b);
+	&LL(0xa6,0xa6,0xa2,0xa6,0x59,0x04,0x51,0xff);
+	&LL(0xd2,0xd2,0x6f,0xd2,0xde,0xbd,0xb9,0x0c);
+	&LL(0xf5,0xf5,0xf3,0xf5,0xfb,0x06,0xf7,0x0e);
+	&LL(0x79,0x79,0xf9,0x79,0xef,0x80,0xf2,0x96);
+	&LL(0x6f,0x6f,0xa1,0x6f,0x5f,0xce,0xde,0x30);
+	&LL(0x91,0x91,0x7e,0x91,0xfc,0xef,0x3f,0x6d);
+	&LL(0x52,0x52,0x55,0x52,0xaa,0x07,0xa4,0xf8);
+	&LL(0x60,0x60,0x9d,0x60,0x27,0xfd,0xc0,0x47);
+	&LL(0xbc,0xbc,0xca,0xbc,0x89,0x76,0x65,0x35);
+	&LL(0x9b,0x9b,0x56,0x9b,0xac,0xcd,0x2b,0x37);
+	&LL(0x8e,0x8e,0x02,0x8e,0x04,0x8c,0x01,0x8a);
+	&LL(0xa3,0xa3,0xb6,0xa3,0x71,0x15,0x5b,0xd2);
+	&LL(0x0c,0x0c,0x30,0x0c,0x60,0x3c,0x18,0x6c);
+	&LL(0x7b,0x7b,0xf1,0x7b,0xff,0x8a,0xf6,0x84);
+	&LL(0x35,0x35,0xd4,0x35,0xb5,0xe1,0x6a,0x80);
+	&LL(0x1d,0x1d,0x74,0x1d,0xe8,0x69,0x3a,0xf5);
+	&LL(0xe0,0xe0,0xa7,0xe0,0x53,0x47,0xdd,0xb3);
+	&LL(0xd7,0xd7,0x7b,0xd7,0xf6,0xac,0xb3,0x21);
+	&LL(0xc2,0xc2,0x2f,0xc2,0x5e,0xed,0x99,0x9c);
+	&LL(0x2e,0x2e,0xb8,0x2e,0x6d,0x96,0x5c,0x43);
+	&LL(0x4b,0x4b,0x31,0x4b,0x62,0x7a,0x96,0x29);
+	&LL(0xfe,0xfe,0xdf,0xfe,0xa3,0x21,0xe1,0x5d);
+	&LL(0x57,0x57,0x41,0x57,0x82,0x16,0xae,0xd5);
+	&LL(0x15,0x15,0x54,0x15,0xa8,0x41,0x2a,0xbd);
+	&LL(0x77,0x77,0xc1,0x77,0x9f,0xb6,0xee,0xe8);
+	&LL(0x37,0x37,0xdc,0x37,0xa5,0xeb,0x6e,0x92);
+	&LL(0xe5,0xe5,0xb3,0xe5,0x7b,0x56,0xd7,0x9e);
+	&LL(0x9f,0x9f,0x46,0x9f,0x8c,0xd9,0x23,0x13);
+	&LL(0xf0,0xf0,0xe7,0xf0,0xd3,0x17,0xfd,0x23);
+	&LL(0x4a,0x4a,0x35,0x4a,0x6a,0x7f,0x94,0x20);
+	&LL(0xda,0xda,0x4f,0xda,0x9e,0x95,0xa9,0x44);
+	&LL(0x58,0x58,0x7d,0x58,0xfa,0x25,0xb0,0xa2);
+	&LL(0xc9,0xc9,0x03,0xc9,0x06,0xca,0x8f,0xcf);
+	&LL(0x29,0x29,0xa4,0x29,0x55,0x8d,0x52,0x7c);
+	&LL(0x0a,0x0a,0x28,0x0a,0x50,0x22,0x14,0x5a);
+	&LL(0xb1,0xb1,0xfe,0xb1,0xe1,0x4f,0x7f,0x50);
+	&LL(0xa0,0xa0,0xba,0xa0,0x69,0x1a,0x5d,0xc9);
+	&LL(0x6b,0x6b,0xb1,0x6b,0x7f,0xda,0xd6,0x14);
+	&LL(0x85,0x85,0x2e,0x85,0x5c,0xab,0x17,0xd9);
+	&LL(0xbd,0xbd,0xce,0xbd,0x81,0x73,0x67,0x3c);
+	&LL(0x5d,0x5d,0x69,0x5d,0xd2,0x34,0xba,0x8f);
+	&LL(0x10,0x10,0x40,0x10,0x80,0x50,0x20,0x90);
+	&LL(0xf4,0xf4,0xf7,0xf4,0xf3,0x03,0xf5,0x07);
+	&LL(0xcb,0xcb,0x0b,0xcb,0x16,0xc0,0x8b,0xdd);
+	&LL(0x3e,0x3e,0xf8,0x3e,0xed,0xc6,0x7c,0xd3);
+	&LL(0x05,0x05,0x14,0x05,0x28,0x11,0x0a,0x2d);
+	&LL(0x67,0x67,0x81,0x67,0x1f,0xe6,0xce,0x78);
+	&LL(0xe4,0xe4,0xb7,0xe4,0x73,0x53,0xd5,0x97);
+	&LL(0x27,0x27,0x9c,0x27,0x25,0xbb,0x4e,0x02);
+	&LL(0x41,0x41,0x19,0x41,0x32,0x58,0x82,0x73);
+	&LL(0x8b,0x8b,0x16,0x8b,0x2c,0x9d,0x0b,0xa7);
+	&LL(0xa7,0xa7,0xa6,0xa7,0x51,0x01,0x53,0xf6);
+	&LL(0x7d,0x7d,0xe9,0x7d,0xcf,0x94,0xfa,0xb2);
+	&LL(0x95,0x95,0x6e,0x95,0xdc,0xfb,0x37,0x49);
+	&LL(0xd8,0xd8,0x47,0xd8,0x8e,0x9f,0xad,0x56);
+	&LL(0xfb,0xfb,0xcb,0xfb,0x8b,0x30,0xeb,0x70);
+	&LL(0xee,0xee,0x9f,0xee,0x23,0x71,0xc1,0xcd);
+	&LL(0x7c,0x7c,0xed,0x7c,0xc7,0x91,0xf8,0xbb);
+	&LL(0x66,0x66,0x85,0x66,0x17,0xe3,0xcc,0x71);
+	&LL(0xdd,0xdd,0x53,0xdd,0xa6,0x8e,0xa7,0x7b);
+	&LL(0x17,0x17,0x5c,0x17,0xb8,0x4b,0x2e,0xaf);
+	&LL(0x47,0x47,0x01,0x47,0x02,0x46,0x8e,0x45);
+	&LL(0x9e,0x9e,0x42,0x9e,0x84,0xdc,0x21,0x1a);
+	&LL(0xca,0xca,0x0f,0xca,0x1e,0xc5,0x89,0xd4);
+	&LL(0x2d,0x2d,0xb4,0x2d,0x75,0x99,0x5a,0x58);
+	&LL(0xbf,0xbf,0xc6,0xbf,0x91,0x79,0x63,0x2e);
+	&LL(0x07,0x07,0x1c,0x07,0x38,0x1b,0x0e,0x3f);
+	&LL(0xad,0xad,0x8e,0xad,0x01,0x23,0x47,0xac);
+	&LL(0x5a,0x5a,0x75,0x5a,0xea,0x2f,0xb4,0xb0);
+	&LL(0x83,0x83,0x36,0x83,0x6c,0xb5,0x1b,0xef);
+	&LL(0x33,0x33,0xcc,0x33,0x85,0xff,0x66,0xb6);
+	&LL(0x63,0x63,0x91,0x63,0x3f,0xf2,0xc6,0x5c);
+	&LL(0x02,0x02,0x08,0x02,0x10,0x0a,0x04,0x12);
+	&LL(0xaa,0xaa,0x92,0xaa,0x39,0x38,0x49,0x93);
+	&LL(0x71,0x71,0xd9,0x71,0xaf,0xa8,0xe2,0xde);
+	&LL(0xc8,0xc8,0x07,0xc8,0x0e,0xcf,0x8d,0xc6);
+	&LL(0x19,0x19,0x64,0x19,0xc8,0x7d,0x32,0xd1);
+	&LL(0x49,0x49,0x39,0x49,0x72,0x70,0x92,0x3b);
+	&LL(0xd9,0xd9,0x43,0xd9,0x86,0x9a,0xaf,0x5f);
+	&LL(0xf2,0xf2,0xef,0xf2,0xc3,0x1d,0xf9,0x31);
+	&LL(0xe3,0xe3,0xab,0xe3,0x4b,0x48,0xdb,0xa8);
+	&LL(0x5b,0x5b,0x71,0x5b,0xe2,0x2a,0xb6,0xb9);
+	&LL(0x88,0x88,0x1a,0x88,0x34,0x92,0x0d,0xbc);
+	&LL(0x9a,0x9a,0x52,0x9a,0xa4,0xc8,0x29,0x3e);
+	&LL(0x26,0x26,0x98,0x26,0x2d,0xbe,0x4c,0x0b);
+	&LL(0x32,0x32,0xc8,0x32,0x8d,0xfa,0x64,0xbf);
+	&LL(0xb0,0xb0,0xfa,0xb0,0xe9,0x4a,0x7d,0x59);
+	&LL(0xe9,0xe9,0x83,0xe9,0x1b,0x6a,0xcf,0xf2);
+	&LL(0x0f,0x0f,0x3c,0x0f,0x78,0x33,0x1e,0x77);
+	&LL(0xd5,0xd5,0x73,0xd5,0xe6,0xa6,0xb7,0x33);
+	&LL(0x80,0x80,0x3a,0x80,0x74,0xba,0x1d,0xf4);
+	&LL(0xbe,0xbe,0xc2,0xbe,0x99,0x7c,0x61,0x27);
+	&LL(0xcd,0xcd,0x13,0xcd,0x26,0xde,0x87,0xeb);
+	&LL(0x34,0x34,0xd0,0x34,0xbd,0xe4,0x68,0x89);
+	&LL(0x48,0x48,0x3d,0x48,0x7a,0x75,0x90,0x32);
+	&LL(0xff,0xff,0xdb,0xff,0xab,0x24,0xe3,0x54);
+	&LL(0x7a,0x7a,0xf5,0x7a,0xf7,0x8f,0xf4,0x8d);
+	&LL(0x90,0x90,0x7a,0x90,0xf4,0xea,0x3d,0x64);
+	&LL(0x5f,0x5f,0x61,0x5f,0xc2,0x3e,0xbe,0x9d);
+	&LL(0x20,0x20,0x80,0x20,0x1d,0xa0,0x40,0x3d);
+	&LL(0x68,0x68,0xbd,0x68,0x67,0xd5,0xd0,0x0f);
+	&LL(0x1a,0x1a,0x68,0x1a,0xd0,0x72,0x34,0xca);
+	&LL(0xae,0xae,0x82,0xae,0x19,0x2c,0x41,0xb7);
+	&LL(0xb4,0xb4,0xea,0xb4,0xc9,0x5e,0x75,0x7d);
+	&LL(0x54,0x54,0x4d,0x54,0x9a,0x19,0xa8,0xce);
+	&LL(0x93,0x93,0x76,0x93,0xec,0xe5,0x3b,0x7f);
+	&LL(0x22,0x22,0x88,0x22,0x0d,0xaa,0x44,0x2f);
+	&LL(0x64,0x64,0x8d,0x64,0x07,0xe9,0xc8,0x63);
+	&LL(0xf1,0xf1,0xe3,0xf1,0xdb,0x12,0xff,0x2a);
+	&LL(0x73,0x73,0xd1,0x73,0xbf,0xa2,0xe6,0xcc);
+	&LL(0x12,0x12,0x48,0x12,0x90,0x5a,0x24,0x82);
+	&LL(0x40,0x40,0x1d,0x40,0x3a,0x5d,0x80,0x7a);
+	&LL(0x08,0x08,0x20,0x08,0x40,0x28,0x10,0x48);
+	&LL(0xc3,0xc3,0x2b,0xc3,0x56,0xe8,0x9b,0x95);
+	&LL(0xec,0xec,0x97,0xec,0x33,0x7b,0xc5,0xdf);
+	&LL(0xdb,0xdb,0x4b,0xdb,0x96,0x90,0xab,0x4d);
+	&LL(0xa1,0xa1,0xbe,0xa1,0x61,0x1f,0x5f,0xc0);
+	&LL(0x8d,0x8d,0x0e,0x8d,0x1c,0x83,0x07,0x91);
+	&LL(0x3d,0x3d,0xf4,0x3d,0xf5,0xc9,0x7a,0xc8);
+	&LL(0x97,0x97,0x66,0x97,0xcc,0xf1,0x33,0x5b);
+	&LL(0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00);
+	&LL(0xcf,0xcf,0x1b,0xcf,0x36,0xd4,0x83,0xf9);
+	&LL(0x2b,0x2b,0xac,0x2b,0x45,0x87,0x56,0x6e);
+	&LL(0x76,0x76,0xc5,0x76,0x97,0xb3,0xec,0xe1);
+	&LL(0x82,0x82,0x32,0x82,0x64,0xb0,0x19,0xe6);
+	&LL(0xd6,0xd6,0x7f,0xd6,0xfe,0xa9,0xb1,0x28);
+	&LL(0x1b,0x1b,0x6c,0x1b,0xd8,0x77,0x36,0xc3);
+	&LL(0xb5,0xb5,0xee,0xb5,0xc1,0x5b,0x77,0x74);
+	&LL(0xaf,0xaf,0x86,0xaf,0x11,0x29,0x43,0xbe);
+	&LL(0x6a,0x6a,0xb5,0x6a,0x77,0xdf,0xd4,0x1d);
+	&LL(0x50,0x50,0x5d,0x50,0xba,0x0d,0xa0,0xea);
+	&LL(0x45,0x45,0x09,0x45,0x12,0x4c,0x8a,0x57);
+	&LL(0xf3,0xf3,0xeb,0xf3,0xcb,0x18,0xfb,0x38);
+	&LL(0x30,0x30,0xc0,0x30,0x9d,0xf0,0x60,0xad);
+	&LL(0xef,0xef,0x9b,0xef,0x2b,0x74,0xc3,0xc4);
+	&LL(0x3f,0x3f,0xfc,0x3f,0xe5,0xc3,0x7e,0xda);
+	&LL(0x55,0x55,0x49,0x55,0x92,0x1c,0xaa,0xc7);
+	&LL(0xa2,0xa2,0xb2,0xa2,0x79,0x10,0x59,0xdb);
+	&LL(0xea,0xea,0x8f,0xea,0x03,0x65,0xc9,0xe9);
+	&LL(0x65,0x65,0x89,0x65,0x0f,0xec,0xca,0x6a);
+	&LL(0xba,0xba,0xd2,0xba,0xb9,0x68,0x69,0x03);
+	&LL(0x2f,0x2f,0xbc,0x2f,0x65,0x93,0x5e,0x4a);
+	&LL(0xc0,0xc0,0x27,0xc0,0x4e,0xe7,0x9d,0x8e);
+	&LL(0xde,0xde,0x5f,0xde,0xbe,0x81,0xa1,0x60);
+	&LL(0x1c,0x1c,0x70,0x1c,0xe0,0x6c,0x38,0xfc);
+	&LL(0xfd,0xfd,0xd3,0xfd,0xbb,0x2e,0xe7,0x46);
+	&LL(0x4d,0x4d,0x29,0x4d,0x52,0x64,0x9a,0x1f);
+	&LL(0x92,0x92,0x72,0x92,0xe4,0xe0,0x39,0x76);
+	&LL(0x75,0x75,0xc9,0x75,0x8f,0xbc,0xea,0xfa);
+	&LL(0x06,0x06,0x18,0x06,0x30,0x1e,0x0c,0x36);
+	&LL(0x8a,0x8a,0x12,0x8a,0x24,0x98,0x09,0xae);
+	&LL(0xb2,0xb2,0xf2,0xb2,0xf9,0x40,0x79,0x4b);
+	&LL(0xe6,0xe6,0xbf,0xe6,0x63,0x59,0xd1,0x85);
+	&LL(0x0e,0x0e,0x38,0x0e,0x70,0x36,0x1c,0x7e);
+	&LL(0x1f,0x1f,0x7c,0x1f,0xf8,0x63,0x3e,0xe7);
+	&LL(0x62,0x62,0x95,0x62,0x37,0xf7,0xc4,0x55);
+	&LL(0xd4,0xd4,0x77,0xd4,0xee,0xa3,0xb5,0x3a);
+	&LL(0xa8,0xa8,0x9a,0xa8,0x29,0x32,0x4d,0x81);
+	&LL(0x96,0x96,0x62,0x96,0xc4,0xf4,0x31,0x52);
+	&LL(0xf9,0xf9,0xc3,0xf9,0x9b,0x3a,0xef,0x62);
+	&LL(0xc5,0xc5,0x33,0xc5,0x66,0xf6,0x97,0xa3);
+	&LL(0x25,0x25,0x94,0x25,0x35,0xb1,0x4a,0x10);
+	&LL(0x59,0x59,0x79,0x59,0xf2,0x20,0xb2,0xab);
+	&LL(0x84,0x84,0x2a,0x84,0x54,0xae,0x15,0xd0);
+	&LL(0x72,0x72,0xd5,0x72,0xb7,0xa7,0xe4,0xc5);
+	&LL(0x39,0x39,0xe4,0x39,0xd5,0xdd,0x72,0xec);
+	&LL(0x4c,0x4c,0x2d,0x4c,0x5a,0x61,0x98,0x16);
+	&LL(0x5e,0x5e,0x65,0x5e,0xca,0x3b,0xbc,0x94);
+	&LL(0x78,0x78,0xfd,0x78,0xe7,0x85,0xf0,0x9f);
+	&LL(0x38,0x38,0xe0,0x38,0xdd,0xd8,0x70,0xe5);
+	&LL(0x8c,0x8c,0x0a,0x8c,0x14,0x86,0x05,0x98);
+	&LL(0xd1,0xd1,0x63,0xd1,0xc6,0xb2,0xbf,0x17);
+	&LL(0xa5,0xa5,0xae,0xa5,0x41,0x0b,0x57,0xe4);
+	&LL(0xe2,0xe2,0xaf,0xe2,0x43,0x4d,0xd9,0xa1);
+	&LL(0x61,0x61,0x99,0x61,0x2f,0xf8,0xc2,0x4e);
+	&LL(0xb3,0xb3,0xf6,0xb3,0xf1,0x45,0x7b,0x42);
+	&LL(0x21,0x21,0x84,0x21,0x15,0xa5,0x42,0x34);
+	&LL(0x9c,0x9c,0x4a,0x9c,0x94,0xd6,0x25,0x08);
+	&LL(0x1e,0x1e,0x78,0x1e,0xf0,0x66,0x3c,0xee);
+	&LL(0x43,0x43,0x11,0x43,0x22,0x52,0x86,0x61);
+	&LL(0xc7,0xc7,0x3b,0xc7,0x76,0xfc,0x93,0xb1);
+	&LL(0xfc,0xfc,0xd7,0xfc,0xb3,0x2b,0xe5,0x4f);
+	&LL(0x04,0x04,0x10,0x04,0x20,0x14,0x08,0x24);
+	&LL(0x51,0x51,0x59,0x51,0xb2,0x08,0xa2,0xe3);
+	&LL(0x99,0x99,0x5e,0x99,0xbc,0xc7,0x2f,0x25);
+	&LL(0x6d,0x6d,0xa9,0x6d,0x4f,0xc4,0xda,0x22);
+	&LL(0x0d,0x0d,0x34,0x0d,0x68,0x39,0x1a,0x65);
+	&LL(0xfa,0xfa,0xcf,0xfa,0x83,0x35,0xe9,0x79);
+	&LL(0xdf,0xdf,0x5b,0xdf,0xb6,0x84,0xa3,0x69);
+	&LL(0x7e,0x7e,0xe5,0x7e,0xd7,0x9b,0xfc,0xa9);
+	&LL(0x24,0x24,0x90,0x24,0x3d,0xb4,0x48,0x19);
+	&LL(0x3b,0x3b,0xec,0x3b,0xc5,0xd7,0x76,0xfe);
+	&LL(0xab,0xab,0x96,0xab,0x31,0x3d,0x4b,0x9a);
+	&LL(0xce,0xce,0x1f,0xce,0x3e,0xd1,0x81,0xf0);
+	&LL(0x11,0x11,0x44,0x11,0x88,0x55,0x22,0x99);
+	&LL(0x8f,0x8f,0x06,0x8f,0x0c,0x89,0x03,0x83);
+	&LL(0x4e,0x4e,0x25,0x4e,0x4a,0x6b,0x9c,0x04);
+	&LL(0xb7,0xb7,0xe6,0xb7,0xd1,0x51,0x73,0x66);
+	&LL(0xeb,0xeb,0x8b,0xeb,0x0b,0x60,0xcb,0xe0);
+	&LL(0x3c,0x3c,0xf0,0x3c,0xfd,0xcc,0x78,0xc1);
+	&LL(0x81,0x81,0x3e,0x81,0x7c,0xbf,0x1f,0xfd);
+	&LL(0x94,0x94,0x6a,0x94,0xd4,0xfe,0x35,0x40);
+	&LL(0xf7,0xf7,0xfb,0xf7,0xeb,0x0c,0xf3,0x1c);
+	&LL(0xb9,0xb9,0xde,0xb9,0xa1,0x67,0x6f,0x18);
+	&LL(0x13,0x13,0x4c,0x13,0x98,0x5f,0x26,0x8b);
+	&LL(0x2c,0x2c,0xb0,0x2c,0x7d,0x9c,0x58,0x51);
+	&LL(0xd3,0xd3,0x6b,0xd3,0xd6,0xb8,0xbb,0x05);
+	&LL(0xe7,0xe7,0xbb,0xe7,0x6b,0x5c,0xd3,0x8c);
+	&LL(0x6e,0x6e,0xa5,0x6e,0x57,0xcb,0xdc,0x39);
+	&LL(0xc4,0xc4,0x37,0xc4,0x6e,0xf3,0x95,0xaa);
+	&LL(0x03,0x03,0x0c,0x03,0x18,0x0f,0x06,0x1b);
+	&LL(0x56,0x56,0x45,0x56,0x8a,0x13,0xac,0xdc);
+	&LL(0x44,0x44,0x0d,0x44,0x1a,0x49,0x88,0x5e);
+	&LL(0x7f,0x7f,0xe1,0x7f,0xdf,0x9e,0xfe,0xa0);
+	&LL(0xa9,0xa9,0x9e,0xa9,0x21,0x37,0x4f,0x88);
+	&LL(0x2a,0x2a,0xa8,0x2a,0x4d,0x82,0x54,0x67);
+	&LL(0xbb,0xbb,0xd6,0xbb,0xb1,0x6d,0x6b,0x0a);
+	&LL(0xc1,0xc1,0x23,0xc1,0x46,0xe2,0x9f,0x87);
+	&LL(0x53,0x53,0x51,0x53,0xa2,0x02,0xa6,0xf1);
+	&LL(0xdc,0xdc,0x57,0xdc,0xae,0x8b,0xa5,0x72);
+	&LL(0x0b,0x0b,0x2c,0x0b,0x58,0x27,0x16,0x53);
+	&LL(0x9d,0x9d,0x4e,0x9d,0x9c,0xd3,0x27,0x01);
+	&LL(0x6c,0x6c,0xad,0x6c,0x47,0xc1,0xd8,0x2b);
+	&LL(0x31,0x31,0xc4,0x31,0x95,0xf5,0x62,0xa4);
+	&LL(0x74,0x74,0xcd,0x74,0x87,0xb9,0xe8,0xf3);
+	&LL(0xf6,0xf6,0xff,0xf6,0xe3,0x09,0xf1,0x15);
+	&LL(0x46,0x46,0x05,0x46,0x0a,0x43,0x8c,0x4c);
+	&LL(0xac,0xac,0x8a,0xac,0x09,0x26,0x45,0xa5);
+	&LL(0x89,0x89,0x1e,0x89,0x3c,0x97,0x0f,0xb5);
+	&LL(0x14,0x14,0x50,0x14,0xa0,0x44,0x28,0xb4);
+	&LL(0xe1,0xe1,0xa3,0xe1,0x5b,0x42,0xdf,0xba);
+	&LL(0x16,0x16,0x58,0x16,0xb0,0x4e,0x2c,0xa6);
+	&LL(0x3a,0x3a,0xe8,0x3a,0xcd,0xd2,0x74,0xf7);
+	&LL(0x69,0x69,0xb9,0x69,0x6f,0xd0,0xd2,0x06);
+	&LL(0x09,0x09,0x24,0x09,0x48,0x2d,0x12,0x41);
+	&LL(0x70,0x70,0xdd,0x70,0xa7,0xad,0xe0,0xd7);
+	&LL(0xb6,0xb6,0xe2,0xb6,0xd9,0x54,0x71,0x6f);
+	&LL(0xd0,0xd0,0x67,0xd0,0xce,0xb7,0xbd,0x1e);
+	&LL(0xed,0xed,0x93,0xed,0x3b,0x7e,0xc7,0xd6);
+	&LL(0xcc,0xcc,0x17,0xcc,0x2e,0xdb,0x85,0xe2);
+	&LL(0x42,0x42,0x15,0x42,0x2a,0x57,0x84,0x68);
+	&LL(0x98,0x98,0x5a,0x98,0xb4,0xc2,0x2d,0x2c);
+	&LL(0xa4,0xa4,0xaa,0xa4,0x49,0x0e,0x55,0xed);
+	&LL(0x28,0x28,0xa0,0x28,0x5d,0x88,0x50,0x75);
+	&LL(0x5c,0x5c,0x6d,0x5c,0xda,0x31,0xb8,0x86);
+	&LL(0xf8,0xf8,0xc7,0xf8,0x93,0x3f,0xed,0x6b);
+	&LL(0x86,0x86,0x22,0x86,0x44,0xa4,0x11,0xc2);
+
+	&L(0x18,0x23,0xc6,0xe8,0x87,0xb8,0x01,0x4f);	# rc[ROUNDS]
+	&L(0x36,0xa6,0xd2,0xf5,0x79,0x6f,0x91,0x52);
+	&L(0x60,0xbc,0x9b,0x8e,0xa3,0x0c,0x7b,0x35);
+	&L(0x1d,0xe0,0xd7,0xc2,0x2e,0x4b,0xfe,0x57);
+	&L(0x15,0x77,0x37,0xe5,0x9f,0xf0,0x4a,0xda);
+	&L(0x58,0xc9,0x29,0x0a,0xb1,0xa0,0x6b,0x85);
+	&L(0xbd,0x5d,0x10,0xf4,0xcb,0x3e,0x05,0x67);
+	&L(0xe4,0x27,0x41,0x8b,0xa7,0x7d,0x95,0xd8);
+	&L(0xfb,0xee,0x7c,0x66,0xdd,0x17,0x47,0x9e);
+	&L(0xca,0x2d,0xbf,0x07,0xad,0x5a,0x83,0x33);
+
+&function_end_B("whirlpool_block_mmx");
+&asm_finish(); 
diff --git a/crypto/whrlpool/asm/wp-x86_64.pl b/crypto/whrlpool/asm/wp-x86_64.pl
new file mode 100644
index 0000000000..87c0843dc1
--- /dev/null
+++ b/crypto/whrlpool/asm/wp-x86_64.pl
@@ -0,0 +1,589 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. Rights for redistribution and usage in source and binary
+# forms are granted according to the OpenSSL license.
+# ====================================================================
+#
+# whirlpool_block for x86_64.
+#
+# 2500 cycles per 64-byte input block on AMD64, which is *identical*
+# to 32-bit MMX version executed on same CPU. So why did I bother?
+# Well, it's faster than gcc 3.3.2 generated code by over 50%, and
+# over 80% faster than PathScale 1.4, an "ambitious" commercial
+# compiler. Furthermore it surpasses gcc 3.4.3 by 170% and Sun Studio
+# 10 - by 360%[!]... What is it with x86_64 compilers? It's not the
+# first example when they fail to generate more optimal code, when
+# I believe they had *all* chances to...
+#
+# Note that register and stack frame layout are virtually identical
+# to 32-bit MMX version, except that %r8-15 are used instead of
+# %mm0-8. You can even notice that K[i] and S[i] are loaded to
+# %eax:%ebx as pair of 32-bit values and not as single 64-bit one.
+# This is done in order to avoid 64-bit shift penalties on Intel
+# EM64T core. Speaking of which! I bet it's possible to improve
+# Opteron performance by compressing the table to 2KB and replacing
+# unaligned references with complementary rotations [which would
+# incidentally replace lea instructions], but it would definitely
+# just "kill" EM64T, because it has only 1 shifter/rotator [against
+# 3 on Opteron] and which is *unacceptably* slow with 64-bit
+# operand.
+
+$flavour = shift;
+$output  = shift;
+if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
+
+$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; my $dir=$1; my $xlate;
+( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
+die "can't locate x86_64-xlate.pl";
+
+open STDOUT,"| $^X $xlate $flavour $output";
+
+sub L() { $code.=".byte	".join(',',@_)."\n"; }
+sub LL(){ $code.=".byte	".join(',',@_).",".join(',',@_)."\n"; }
+
+@mm=("%r8","%r9","%r10","%r11","%r12","%r13","%r14","%r15");
+
+$func="whirlpool_block";
+$table=".Ltable";
+
+$code=<<___;
+.text
+
+.globl	$func
+.type	$func,\@function,3
+.align	16
+$func:
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+
+	mov	%rsp,%r11
+	sub	\$128+40,%rsp
+	and	\$-64,%rsp
+
+	lea	128(%rsp),%r10
+	mov	%rdi,0(%r10)		# save parameter block
+	mov	%rsi,8(%r10)
+	mov	%rdx,16(%r10)
+	mov	%r11,32(%r10)		# saved stack pointer
+.Lprologue:
+
+	mov	%r10,%rbx
+	lea	$table(%rip),%rbp
+
+	xor	%rcx,%rcx
+	xor	%rdx,%rdx
+___
+for($i=0;$i<8;$i++) { $code.="mov $i*8(%rdi),@mm[$i]\n"; }	# L=H
+$code.=".Louterloop:\n";
+for($i=0;$i<8;$i++) { $code.="mov @mm[$i],$i*8(%rsp)\n"; }	# K=L
+for($i=0;$i<8;$i++) { $code.="xor $i*8(%rsi),@mm[$i]\n"; }	# L^=inp
+for($i=0;$i<8;$i++) { $code.="mov @mm[$i],64+$i*8(%rsp)\n"; }	# S=L
+$code.=<<___;
+	xor	%rsi,%rsi
+	mov	%rsi,24(%rbx)		# zero round counter
+.align	16
+.Lround:
+	mov	4096(%rbp,%rsi,8),@mm[0]	# rc[r]
+	mov	0(%rsp),%eax
+	mov	4(%rsp),%ebx
+___
+for($i=0;$i<8;$i++) {
+    my $func = ($i==0)? "mov" : "xor";
+    $code.=<<___;
+	mov	%al,%cl
+	mov	%ah,%dl
+	lea	(%rcx,%rcx),%rsi
+	lea	(%rdx,%rdx),%rdi
+	shr	\$16,%eax
+	xor	0(%rbp,%rsi,8),@mm[0]
+	$func	7(%rbp,%rdi,8),@mm[1]
+	mov	%al,%cl
+	mov	%ah,%dl
+	mov	$i*8+8(%rsp),%eax		# ($i+1)*8
+	lea	(%rcx,%rcx),%rsi
+	lea	(%rdx,%rdx),%rdi
+	$func	6(%rbp,%rsi,8),@mm[2]
+	$func	5(%rbp,%rdi,8),@mm[3]
+	mov	%bl,%cl
+	mov	%bh,%dl
+	lea	(%rcx,%rcx),%rsi
+	lea	(%rdx,%rdx),%rdi
+	shr	\$16,%ebx
+	$func	4(%rbp,%rsi,8),@mm[4]
+	$func	3(%rbp,%rdi,8),@mm[5]
+	mov	%bl,%cl
+	mov	%bh,%dl
+	mov	$i*8+8+4(%rsp),%ebx		# ($i+1)*8+4
+	lea	(%rcx,%rcx),%rsi
+	lea	(%rdx,%rdx),%rdi
+	$func	2(%rbp,%rsi,8),@mm[6]
+	$func	1(%rbp,%rdi,8),@mm[7]
+___
+    push(@mm,shift(@mm));
+}
+for($i=0;$i<8;$i++) { $code.="mov @mm[$i],$i*8(%rsp)\n"; }	# K=L
+for($i=0;$i<8;$i++) {
+    $code.=<<___;
+	mov	%al,%cl
+	mov	%ah,%dl
+	lea	(%rcx,%rcx),%rsi
+	lea	(%rdx,%rdx),%rdi
+	shr	\$16,%eax
+	xor	0(%rbp,%rsi,8),@mm[0]
+	xor	7(%rbp,%rdi,8),@mm[1]
+	mov	%al,%cl
+	mov	%ah,%dl
+	`"mov	64+$i*8+8(%rsp),%eax"	if($i<7);`	# 64+($i+1)*8
+	lea	(%rcx,%rcx),%rsi
+	lea	(%rdx,%rdx),%rdi
+	xor	6(%rbp,%rsi,8),@mm[2]
+	xor	5(%rbp,%rdi,8),@mm[3]
+	mov	%bl,%cl
+	mov	%bh,%dl
+	lea	(%rcx,%rcx),%rsi
+	lea	(%rdx,%rdx),%rdi
+	shr	\$16,%ebx
+	xor	4(%rbp,%rsi,8),@mm[4]
+	xor	3(%rbp,%rdi,8),@mm[5]
+	mov	%bl,%cl
+	mov	%bh,%dl
+	`"mov	64+$i*8+8+4(%rsp),%ebx"	if($i<7);`	# 64+($i+1)*8+4
+	lea	(%rcx,%rcx),%rsi
+	lea	(%rdx,%rdx),%rdi
+	xor	2(%rbp,%rsi,8),@mm[6]
+	xor	1(%rbp,%rdi,8),@mm[7]
+___
+    push(@mm,shift(@mm));
+}
+$code.=<<___;
+	lea	128(%rsp),%rbx
+	mov	24(%rbx),%rsi		# pull round counter
+	add	\$1,%rsi
+	cmp	\$10,%rsi
+	je	.Lroundsdone
+
+	mov	%rsi,24(%rbx)		# update round counter
+___
+for($i=0;$i<8;$i++) { $code.="mov @mm[$i],64+$i*8(%rsp)\n"; }	# S=L
+$code.=<<___;
+	jmp	.Lround
+.align	16
+.Lroundsdone:
+	mov	0(%rbx),%rdi		# reload argument block
+	mov	8(%rbx),%rsi
+	mov	16(%rbx),%rax
+___
+for($i=0;$i<8;$i++) { $code.="xor $i*8(%rsi),@mm[$i]\n"; }	# L^=inp
+for($i=0;$i<8;$i++) { $code.="xor $i*8(%rdi),@mm[$i]\n"; }	# L^=H
+for($i=0;$i<8;$i++) { $code.="mov @mm[$i],$i*8(%rdi)\n"; }	# H=L
+$code.=<<___;
+	lea	64(%rsi),%rsi		# inp+=64
+	sub	\$1,%rax		# num--
+	jz	.Lalldone
+	mov	%rsi,8(%rbx)		# update parameter block
+	mov	%rax,16(%rbx)
+	jmp	.Louterloop
+.Lalldone:
+	mov	32(%rbx),%rsi		# restore saved pointer
+	mov	(%rsi),%r15
+	mov	8(%rsi),%r14
+	mov	16(%rsi),%r13
+	mov	24(%rsi),%r12
+	mov	32(%rsi),%rbp
+	mov	40(%rsi),%rbx
+	lea	48(%rsi),%rsp
+.Lepilogue:
+	ret
+.size	$func,.-$func
+
+.align	64
+.type	$table,\@object
+$table:
+___
+	&LL(0x18,0x18,0x60,0x18,0xc0,0x78,0x30,0xd8);
+	&LL(0x23,0x23,0x8c,0x23,0x05,0xaf,0x46,0x26);
+	&LL(0xc6,0xc6,0x3f,0xc6,0x7e,0xf9,0x91,0xb8);
+	&LL(0xe8,0xe8,0x87,0xe8,0x13,0x6f,0xcd,0xfb);
+	&LL(0x87,0x87,0x26,0x87,0x4c,0xa1,0x13,0xcb);
+	&LL(0xb8,0xb8,0xda,0xb8,0xa9,0x62,0x6d,0x11);
+	&LL(0x01,0x01,0x04,0x01,0x08,0x05,0x02,0x09);
+	&LL(0x4f,0x4f,0x21,0x4f,0x42,0x6e,0x9e,0x0d);
+	&LL(0x36,0x36,0xd8,0x36,0xad,0xee,0x6c,0x9b);
+	&LL(0xa6,0xa6,0xa2,0xa6,0x59,0x04,0x51,0xff);
+	&LL(0xd2,0xd2,0x6f,0xd2,0xde,0xbd,0xb9,0x0c);
+	&LL(0xf5,0xf5,0xf3,0xf5,0xfb,0x06,0xf7,0x0e);
+	&LL(0x79,0x79,0xf9,0x79,0xef,0x80,0xf2,0x96);
+	&LL(0x6f,0x6f,0xa1,0x6f,0x5f,0xce,0xde,0x30);
+	&LL(0x91,0x91,0x7e,0x91,0xfc,0xef,0x3f,0x6d);
+	&LL(0x52,0x52,0x55,0x52,0xaa,0x07,0xa4,0xf8);
+	&LL(0x60,0x60,0x9d,0x60,0x27,0xfd,0xc0,0x47);
+	&LL(0xbc,0xbc,0xca,0xbc,0x89,0x76,0x65,0x35);
+	&LL(0x9b,0x9b,0x56,0x9b,0xac,0xcd,0x2b,0x37);
+	&LL(0x8e,0x8e,0x02,0x8e,0x04,0x8c,0x01,0x8a);
+	&LL(0xa3,0xa3,0xb6,0xa3,0x71,0x15,0x5b,0xd2);
+	&LL(0x0c,0x0c,0x30,0x0c,0x60,0x3c,0x18,0x6c);
+	&LL(0x7b,0x7b,0xf1,0x7b,0xff,0x8a,0xf6,0x84);
+	&LL(0x35,0x35,0xd4,0x35,0xb5,0xe1,0x6a,0x80);
+	&LL(0x1d,0x1d,0x74,0x1d,0xe8,0x69,0x3a,0xf5);
+	&LL(0xe0,0xe0,0xa7,0xe0,0x53,0x47,0xdd,0xb3);
+	&LL(0xd7,0xd7,0x7b,0xd7,0xf6,0xac,0xb3,0x21);
+	&LL(0xc2,0xc2,0x2f,0xc2,0x5e,0xed,0x99,0x9c);
+	&LL(0x2e,0x2e,0xb8,0x2e,0x6d,0x96,0x5c,0x43);
+	&LL(0x4b,0x4b,0x31,0x4b,0x62,0x7a,0x96,0x29);
+	&LL(0xfe,0xfe,0xdf,0xfe,0xa3,0x21,0xe1,0x5d);
+	&LL(0x57,0x57,0x41,0x57,0x82,0x16,0xae,0xd5);
+	&LL(0x15,0x15,0x54,0x15,0xa8,0x41,0x2a,0xbd);
+	&LL(0x77,0x77,0xc1,0x77,0x9f,0xb6,0xee,0xe8);
+	&LL(0x37,0x37,0xdc,0x37,0xa5,0xeb,0x6e,0x92);
+	&LL(0xe5,0xe5,0xb3,0xe5,0x7b,0x56,0xd7,0x9e);
+	&LL(0x9f,0x9f,0x46,0x9f,0x8c,0xd9,0x23,0x13);
+	&LL(0xf0,0xf0,0xe7,0xf0,0xd3,0x17,0xfd,0x23);
+	&LL(0x4a,0x4a,0x35,0x4a,0x6a,0x7f,0x94,0x20);
+	&LL(0xda,0xda,0x4f,0xda,0x9e,0x95,0xa9,0x44);
+	&LL(0x58,0x58,0x7d,0x58,0xfa,0x25,0xb0,0xa2);
+	&LL(0xc9,0xc9,0x03,0xc9,0x06,0xca,0x8f,0xcf);
+	&LL(0x29,0x29,0xa4,0x29,0x55,0x8d,0x52,0x7c);
+	&LL(0x0a,0x0a,0x28,0x0a,0x50,0x22,0x14,0x5a);
+	&LL(0xb1,0xb1,0xfe,0xb1,0xe1,0x4f,0x7f,0x50);
+	&LL(0xa0,0xa0,0xba,0xa0,0x69,0x1a,0x5d,0xc9);
+	&LL(0x6b,0x6b,0xb1,0x6b,0x7f,0xda,0xd6,0x14);
+	&LL(0x85,0x85,0x2e,0x85,0x5c,0xab,0x17,0xd9);
+	&LL(0xbd,0xbd,0xce,0xbd,0x81,0x73,0x67,0x3c);
+	&LL(0x5d,0x5d,0x69,0x5d,0xd2,0x34,0xba,0x8f);
+	&LL(0x10,0x10,0x40,0x10,0x80,0x50,0x20,0x90);
+	&LL(0xf4,0xf4,0xf7,0xf4,0xf3,0x03,0xf5,0x07);
+	&LL(0xcb,0xcb,0x0b,0xcb,0x16,0xc0,0x8b,0xdd);
+	&LL(0x3e,0x3e,0xf8,0x3e,0xed,0xc6,0x7c,0xd3);
+	&LL(0x05,0x05,0x14,0x05,0x28,0x11,0x0a,0x2d);
+	&LL(0x67,0x67,0x81,0x67,0x1f,0xe6,0xce,0x78);
+	&LL(0xe4,0xe4,0xb7,0xe4,0x73,0x53,0xd5,0x97);
+	&LL(0x27,0x27,0x9c,0x27,0x25,0xbb,0x4e,0x02);
+	&LL(0x41,0x41,0x19,0x41,0x32,0x58,0x82,0x73);
+	&LL(0x8b,0x8b,0x16,0x8b,0x2c,0x9d,0x0b,0xa7);
+	&LL(0xa7,0xa7,0xa6,0xa7,0x51,0x01,0x53,0xf6);
+	&LL(0x7d,0x7d,0xe9,0x7d,0xcf,0x94,0xfa,0xb2);
+	&LL(0x95,0x95,0x6e,0x95,0xdc,0xfb,0x37,0x49);
+	&LL(0xd8,0xd8,0x47,0xd8,0x8e,0x9f,0xad,0x56);
+	&LL(0xfb,0xfb,0xcb,0xfb,0x8b,0x30,0xeb,0x70);
+	&LL(0xee,0xee,0x9f,0xee,0x23,0x71,0xc1,0xcd);
+	&LL(0x7c,0x7c,0xed,0x7c,0xc7,0x91,0xf8,0xbb);
+	&LL(0x66,0x66,0x85,0x66,0x17,0xe3,0xcc,0x71);
+	&LL(0xdd,0xdd,0x53,0xdd,0xa6,0x8e,0xa7,0x7b);
+	&LL(0x17,0x17,0x5c,0x17,0xb8,0x4b,0x2e,0xaf);
+	&LL(0x47,0x47,0x01,0x47,0x02,0x46,0x8e,0x45);
+	&LL(0x9e,0x9e,0x42,0x9e,0x84,0xdc,0x21,0x1a);
+	&LL(0xca,0xca,0x0f,0xca,0x1e,0xc5,0x89,0xd4);
+	&LL(0x2d,0x2d,0xb4,0x2d,0x75,0x99,0x5a,0x58);
+	&LL(0xbf,0xbf,0xc6,0xbf,0x91,0x79,0x63,0x2e);
+	&LL(0x07,0x07,0x1c,0x07,0x38,0x1b,0x0e,0x3f);
+	&LL(0xad,0xad,0x8e,0xad,0x01,0x23,0x47,0xac);
+	&LL(0x5a,0x5a,0x75,0x5a,0xea,0x2f,0xb4,0xb0);
+	&LL(0x83,0x83,0x36,0x83,0x6c,0xb5,0x1b,0xef);
+	&LL(0x33,0x33,0xcc,0x33,0x85,0xff,0x66,0xb6);
+	&LL(0x63,0x63,0x91,0x63,0x3f,0xf2,0xc6,0x5c);
+	&LL(0x02,0x02,0x08,0x02,0x10,0x0a,0x04,0x12);
+	&LL(0xaa,0xaa,0x92,0xaa,0x39,0x38,0x49,0x93);
+	&LL(0x71,0x71,0xd9,0x71,0xaf,0xa8,0xe2,0xde);
+	&LL(0xc8,0xc8,0x07,0xc8,0x0e,0xcf,0x8d,0xc6);
+	&LL(0x19,0x19,0x64,0x19,0xc8,0x7d,0x32,0xd1);
+	&LL(0x49,0x49,0x39,0x49,0x72,0x70,0x92,0x3b);
+	&LL(0xd9,0xd9,0x43,0xd9,0x86,0x9a,0xaf,0x5f);
+	&LL(0xf2,0xf2,0xef,0xf2,0xc3,0x1d,0xf9,0x31);
+	&LL(0xe3,0xe3,0xab,0xe3,0x4b,0x48,0xdb,0xa8);
+	&LL(0x5b,0x5b,0x71,0x5b,0xe2,0x2a,0xb6,0xb9);
+	&LL(0x88,0x88,0x1a,0x88,0x34,0x92,0x0d,0xbc);
+	&LL(0x9a,0x9a,0x52,0x9a,0xa4,0xc8,0x29,0x3e);
+	&LL(0x26,0x26,0x98,0x26,0x2d,0xbe,0x4c,0x0b);
+	&LL(0x32,0x32,0xc8,0x32,0x8d,0xfa,0x64,0xbf);
+	&LL(0xb0,0xb0,0xfa,0xb0,0xe9,0x4a,0x7d,0x59);
+	&LL(0xe9,0xe9,0x83,0xe9,0x1b,0x6a,0xcf,0xf2);
+	&LL(0x0f,0x0f,0x3c,0x0f,0x78,0x33,0x1e,0x77);
+	&LL(0xd5,0xd5,0x73,0xd5,0xe6,0xa6,0xb7,0x33);
+	&LL(0x80,0x80,0x3a,0x80,0x74,0xba,0x1d,0xf4);
+	&LL(0xbe,0xbe,0xc2,0xbe,0x99,0x7c,0x61,0x27);
+	&LL(0xcd,0xcd,0x13,0xcd,0x26,0xde,0x87,0xeb);
+	&LL(0x34,0x34,0xd0,0x34,0xbd,0xe4,0x68,0x89);
+	&LL(0x48,0x48,0x3d,0x48,0x7a,0x75,0x90,0x32);
+	&LL(0xff,0xff,0xdb,0xff,0xab,0x24,0xe3,0x54);
+	&LL(0x7a,0x7a,0xf5,0x7a,0xf7,0x8f,0xf4,0x8d);
+	&LL(0x90,0x90,0x7a,0x90,0xf4,0xea,0x3d,0x64);
+	&LL(0x5f,0x5f,0x61,0x5f,0xc2,0x3e,0xbe,0x9d);
+	&LL(0x20,0x20,0x80,0x20,0x1d,0xa0,0x40,0x3d);
+	&LL(0x68,0x68,0xbd,0x68,0x67,0xd5,0xd0,0x0f);
+	&LL(0x1a,0x1a,0x68,0x1a,0xd0,0x72,0x34,0xca);
+	&LL(0xae,0xae,0x82,0xae,0x19,0x2c,0x41,0xb7);
+	&LL(0xb4,0xb4,0xea,0xb4,0xc9,0x5e,0x75,0x7d);
+	&LL(0x54,0x54,0x4d,0x54,0x9a,0x19,0xa8,0xce);
+	&LL(0x93,0x93,0x76,0x93,0xec,0xe5,0x3b,0x7f);
+	&LL(0x22,0x22,0x88,0x22,0x0d,0xaa,0x44,0x2f);
+	&LL(0x64,0x64,0x8d,0x64,0x07,0xe9,0xc8,0x63);
+	&LL(0xf1,0xf1,0xe3,0xf1,0xdb,0x12,0xff,0x2a);
+	&LL(0x73,0x73,0xd1,0x73,0xbf,0xa2,0xe6,0xcc);
+	&LL(0x12,0x12,0x48,0x12,0x90,0x5a,0x24,0x82);
+	&LL(0x40,0x40,0x1d,0x40,0x3a,0x5d,0x80,0x7a);
+	&LL(0x08,0x08,0x20,0x08,0x40,0x28,0x10,0x48);
+	&LL(0xc3,0xc3,0x2b,0xc3,0x56,0xe8,0x9b,0x95);
+	&LL(0xec,0xec,0x97,0xec,0x33,0x7b,0xc5,0xdf);
+	&LL(0xdb,0xdb,0x4b,0xdb,0x96,0x90,0xab,0x4d);
+	&LL(0xa1,0xa1,0xbe,0xa1,0x61,0x1f,0x5f,0xc0);
+	&LL(0x8d,0x8d,0x0e,0x8d,0x1c,0x83,0x07,0x91);
+	&LL(0x3d,0x3d,0xf4,0x3d,0xf5,0xc9,0x7a,0xc8);
+	&LL(0x97,0x97,0x66,0x97,0xcc,0xf1,0x33,0x5b);
+	&LL(0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00);
+	&LL(0xcf,0xcf,0x1b,0xcf,0x36,0xd4,0x83,0xf9);
+	&LL(0x2b,0x2b,0xac,0x2b,0x45,0x87,0x56,0x6e);
+	&LL(0x76,0x76,0xc5,0x76,0x97,0xb3,0xec,0xe1);
+	&LL(0x82,0x82,0x32,0x82,0x64,0xb0,0x19,0xe6);
+	&LL(0xd6,0xd6,0x7f,0xd6,0xfe,0xa9,0xb1,0x28);
+	&LL(0x1b,0x1b,0x6c,0x1b,0xd8,0x77,0x36,0xc3);
+	&LL(0xb5,0xb5,0xee,0xb5,0xc1,0x5b,0x77,0x74);
+	&LL(0xaf,0xaf,0x86,0xaf,0x11,0x29,0x43,0xbe);
+	&LL(0x6a,0x6a,0xb5,0x6a,0x77,0xdf,0xd4,0x1d);
+	&LL(0x50,0x50,0x5d,0x50,0xba,0x0d,0xa0,0xea);
+	&LL(0x45,0x45,0x09,0x45,0x12,0x4c,0x8a,0x57);
+	&LL(0xf3,0xf3,0xeb,0xf3,0xcb,0x18,0xfb,0x38);
+	&LL(0x30,0x30,0xc0,0x30,0x9d,0xf0,0x60,0xad);
+	&LL(0xef,0xef,0x9b,0xef,0x2b,0x74,0xc3,0xc4);
+	&LL(0x3f,0x3f,0xfc,0x3f,0xe5,0xc3,0x7e,0xda);
+	&LL(0x55,0x55,0x49,0x55,0x92,0x1c,0xaa,0xc7);
+	&LL(0xa2,0xa2,0xb2,0xa2,0x79,0x10,0x59,0xdb);
+	&LL(0xea,0xea,0x8f,0xea,0x03,0x65,0xc9,0xe9);
+	&LL(0x65,0x65,0x89,0x65,0x0f,0xec,0xca,0x6a);
+	&LL(0xba,0xba,0xd2,0xba,0xb9,0x68,0x69,0x03);
+	&LL(0x2f,0x2f,0xbc,0x2f,0x65,0x93,0x5e,0x4a);
+	&LL(0xc0,0xc0,0x27,0xc0,0x4e,0xe7,0x9d,0x8e);
+	&LL(0xde,0xde,0x5f,0xde,0xbe,0x81,0xa1,0x60);
+	&LL(0x1c,0x1c,0x70,0x1c,0xe0,0x6c,0x38,0xfc);
+	&LL(0xfd,0xfd,0xd3,0xfd,0xbb,0x2e,0xe7,0x46);
+	&LL(0x4d,0x4d,0x29,0x4d,0x52,0x64,0x9a,0x1f);
+	&LL(0x92,0x92,0x72,0x92,0xe4,0xe0,0x39,0x76);
+	&LL(0x75,0x75,0xc9,0x75,0x8f,0xbc,0xea,0xfa);
+	&LL(0x06,0x06,0x18,0x06,0x30,0x1e,0x0c,0x36);
+	&LL(0x8a,0x8a,0x12,0x8a,0x24,0x98,0x09,0xae);
+	&LL(0xb2,0xb2,0xf2,0xb2,0xf9,0x40,0x79,0x4b);
+	&LL(0xe6,0xe6,0xbf,0xe6,0x63,0x59,0xd1,0x85);
+	&LL(0x0e,0x0e,0x38,0x0e,0x70,0x36,0x1c,0x7e);
+	&LL(0x1f,0x1f,0x7c,0x1f,0xf8,0x63,0x3e,0xe7);
+	&LL(0x62,0x62,0x95,0x62,0x37,0xf7,0xc4,0x55);
+	&LL(0xd4,0xd4,0x77,0xd4,0xee,0xa3,0xb5,0x3a);
+	&LL(0xa8,0xa8,0x9a,0xa8,0x29,0x32,0x4d,0x81);
+	&LL(0x96,0x96,0x62,0x96,0xc4,0xf4,0x31,0x52);
+	&LL(0xf9,0xf9,0xc3,0xf9,0x9b,0x3a,0xef,0x62);
+	&LL(0xc5,0xc5,0x33,0xc5,0x66,0xf6,0x97,0xa3);
+	&LL(0x25,0x25,0x94,0x25,0x35,0xb1,0x4a,0x10);
+	&LL(0x59,0x59,0x79,0x59,0xf2,0x20,0xb2,0xab);
+	&LL(0x84,0x84,0x2a,0x84,0x54,0xae,0x15,0xd0);
+	&LL(0x72,0x72,0xd5,0x72,0xb7,0xa7,0xe4,0xc5);
+	&LL(0x39,0x39,0xe4,0x39,0xd5,0xdd,0x72,0xec);
+	&LL(0x4c,0x4c,0x2d,0x4c,0x5a,0x61,0x98,0x16);
+	&LL(0x5e,0x5e,0x65,0x5e,0xca,0x3b,0xbc,0x94);
+	&LL(0x78,0x78,0xfd,0x78,0xe7,0x85,0xf0,0x9f);
+	&LL(0x38,0x38,0xe0,0x38,0xdd,0xd8,0x70,0xe5);
+	&LL(0x8c,0x8c,0x0a,0x8c,0x14,0x86,0x05,0x98);
+	&LL(0xd1,0xd1,0x63,0xd1,0xc6,0xb2,0xbf,0x17);
+	&LL(0xa5,0xa5,0xae,0xa5,0x41,0x0b,0x57,0xe4);
+	&LL(0xe2,0xe2,0xaf,0xe2,0x43,0x4d,0xd9,0xa1);
+	&LL(0x61,0x61,0x99,0x61,0x2f,0xf8,0xc2,0x4e);
+	&LL(0xb3,0xb3,0xf6,0xb3,0xf1,0x45,0x7b,0x42);
+	&LL(0x21,0x21,0x84,0x21,0x15,0xa5,0x42,0x34);
+	&LL(0x9c,0x9c,0x4a,0x9c,0x94,0xd6,0x25,0x08);
+	&LL(0x1e,0x1e,0x78,0x1e,0xf0,0x66,0x3c,0xee);
+	&LL(0x43,0x43,0x11,0x43,0x22,0x52,0x86,0x61);
+	&LL(0xc7,0xc7,0x3b,0xc7,0x76,0xfc,0x93,0xb1);
+	&LL(0xfc,0xfc,0xd7,0xfc,0xb3,0x2b,0xe5,0x4f);
+	&LL(0x04,0x04,0x10,0x04,0x20,0x14,0x08,0x24);
+	&LL(0x51,0x51,0x59,0x51,0xb2,0x08,0xa2,0xe3);
+	&LL(0x99,0x99,0x5e,0x99,0xbc,0xc7,0x2f,0x25);
+	&LL(0x6d,0x6d,0xa9,0x6d,0x4f,0xc4,0xda,0x22);
+	&LL(0x0d,0x0d,0x34,0x0d,0x68,0x39,0x1a,0x65);
+	&LL(0xfa,0xfa,0xcf,0xfa,0x83,0x35,0xe9,0x79);
+	&LL(0xdf,0xdf,0x5b,0xdf,0xb6,0x84,0xa3,0x69);
+	&LL(0x7e,0x7e,0xe5,0x7e,0xd7,0x9b,0xfc,0xa9);
+	&LL(0x24,0x24,0x90,0x24,0x3d,0xb4,0x48,0x19);
+	&LL(0x3b,0x3b,0xec,0x3b,0xc5,0xd7,0x76,0xfe);
+	&LL(0xab,0xab,0x96,0xab,0x31,0x3d,0x4b,0x9a);
+	&LL(0xce,0xce,0x1f,0xce,0x3e,0xd1,0x81,0xf0);
+	&LL(0x11,0x11,0x44,0x11,0x88,0x55,0x22,0x99);
+	&LL(0x8f,0x8f,0x06,0x8f,0x0c,0x89,0x03,0x83);
+	&LL(0x4e,0x4e,0x25,0x4e,0x4a,0x6b,0x9c,0x04);
+	&LL(0xb7,0xb7,0xe6,0xb7,0xd1,0x51,0x73,0x66);
+	&LL(0xeb,0xeb,0x8b,0xeb,0x0b,0x60,0xcb,0xe0);
+	&LL(0x3c,0x3c,0xf0,0x3c,0xfd,0xcc,0x78,0xc1);
+	&LL(0x81,0x81,0x3e,0x81,0x7c,0xbf,0x1f,0xfd);
+	&LL(0x94,0x94,0x6a,0x94,0xd4,0xfe,0x35,0x40);
+	&LL(0xf7,0xf7,0xfb,0xf7,0xeb,0x0c,0xf3,0x1c);
+	&LL(0xb9,0xb9,0xde,0xb9,0xa1,0x67,0x6f,0x18);
+	&LL(0x13,0x13,0x4c,0x13,0x98,0x5f,0x26,0x8b);
+	&LL(0x2c,0x2c,0xb0,0x2c,0x7d,0x9c,0x58,0x51);
+	&LL(0xd3,0xd3,0x6b,0xd3,0xd6,0xb8,0xbb,0x05);
+	&LL(0xe7,0xe7,0xbb,0xe7,0x6b,0x5c,0xd3,0x8c);
+	&LL(0x6e,0x6e,0xa5,0x6e,0x57,0xcb,0xdc,0x39);
+	&LL(0xc4,0xc4,0x37,0xc4,0x6e,0xf3,0x95,0xaa);
+	&LL(0x03,0x03,0x0c,0x03,0x18,0x0f,0x06,0x1b);
+	&LL(0x56,0x56,0x45,0x56,0x8a,0x13,0xac,0xdc);
+	&LL(0x44,0x44,0x0d,0x44,0x1a,0x49,0x88,0x5e);
+	&LL(0x7f,0x7f,0xe1,0x7f,0xdf,0x9e,0xfe,0xa0);
+	&LL(0xa9,0xa9,0x9e,0xa9,0x21,0x37,0x4f,0x88);
+	&LL(0x2a,0x2a,0xa8,0x2a,0x4d,0x82,0x54,0x67);
+	&LL(0xbb,0xbb,0xd6,0xbb,0xb1,0x6d,0x6b,0x0a);
+	&LL(0xc1,0xc1,0x23,0xc1,0x46,0xe2,0x9f,0x87);
+	&LL(0x53,0x53,0x51,0x53,0xa2,0x02,0xa6,0xf1);
+	&LL(0xdc,0xdc,0x57,0xdc,0xae,0x8b,0xa5,0x72);
+	&LL(0x0b,0x0b,0x2c,0x0b,0x58,0x27,0x16,0x53);
+	&LL(0x9d,0x9d,0x4e,0x9d,0x9c,0xd3,0x27,0x01);
+	&LL(0x6c,0x6c,0xad,0x6c,0x47,0xc1,0xd8,0x2b);
+	&LL(0x31,0x31,0xc4,0x31,0x95,0xf5,0x62,0xa4);
+	&LL(0x74,0x74,0xcd,0x74,0x87,0xb9,0xe8,0xf3);
+	&LL(0xf6,0xf6,0xff,0xf6,0xe3,0x09,0xf1,0x15);
+	&LL(0x46,0x46,0x05,0x46,0x0a,0x43,0x8c,0x4c);
+	&LL(0xac,0xac,0x8a,0xac,0x09,0x26,0x45,0xa5);
+	&LL(0x89,0x89,0x1e,0x89,0x3c,0x97,0x0f,0xb5);
+	&LL(0x14,0x14,0x50,0x14,0xa0,0x44,0x28,0xb4);
+	&LL(0xe1,0xe1,0xa3,0xe1,0x5b,0x42,0xdf,0xba);
+	&LL(0x16,0x16,0x58,0x16,0xb0,0x4e,0x2c,0xa6);
+	&LL(0x3a,0x3a,0xe8,0x3a,0xcd,0xd2,0x74,0xf7);
+	&LL(0x69,0x69,0xb9,0x69,0x6f,0xd0,0xd2,0x06);
+	&LL(0x09,0x09,0x24,0x09,0x48,0x2d,0x12,0x41);
+	&LL(0x70,0x70,0xdd,0x70,0xa7,0xad,0xe0,0xd7);
+	&LL(0xb6,0xb6,0xe2,0xb6,0xd9,0x54,0x71,0x6f);
+	&LL(0xd0,0xd0,0x67,0xd0,0xce,0xb7,0xbd,0x1e);
+	&LL(0xed,0xed,0x93,0xed,0x3b,0x7e,0xc7,0xd6);
+	&LL(0xcc,0xcc,0x17,0xcc,0x2e,0xdb,0x85,0xe2);
+	&LL(0x42,0x42,0x15,0x42,0x2a,0x57,0x84,0x68);
+	&LL(0x98,0x98,0x5a,0x98,0xb4,0xc2,0x2d,0x2c);
+	&LL(0xa4,0xa4,0xaa,0xa4,0x49,0x0e,0x55,0xed);
+	&LL(0x28,0x28,0xa0,0x28,0x5d,0x88,0x50,0x75);
+	&LL(0x5c,0x5c,0x6d,0x5c,0xda,0x31,0xb8,0x86);
+	&LL(0xf8,0xf8,0xc7,0xf8,0x93,0x3f,0xed,0x6b);
+	&LL(0x86,0x86,0x22,0x86,0x44,0xa4,0x11,0xc2);
+
+	&L(0x18,0x23,0xc6,0xe8,0x87,0xb8,0x01,0x4f);	# rc[ROUNDS]
+	&L(0x36,0xa6,0xd2,0xf5,0x79,0x6f,0x91,0x52);
+	&L(0x60,0xbc,0x9b,0x8e,0xa3,0x0c,0x7b,0x35);
+	&L(0x1d,0xe0,0xd7,0xc2,0x2e,0x4b,0xfe,0x57);
+	&L(0x15,0x77,0x37,0xe5,0x9f,0xf0,0x4a,0xda);
+	&L(0x58,0xc9,0x29,0x0a,0xb1,0xa0,0x6b,0x85);
+	&L(0xbd,0x5d,0x10,0xf4,0xcb,0x3e,0x05,0x67);
+	&L(0xe4,0x27,0x41,0x8b,0xa7,0x7d,0x95,0xd8);
+	&L(0xfb,0xee,0x7c,0x66,0xdd,0x17,0x47,0x9e);
+	&L(0xca,0x2d,0xbf,0x07,0xad,0x5a,0x83,0x33);
+
+# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
+#		CONTEXT *context,DISPATCHER_CONTEXT *disp)
+if ($win64) {
+$rec="%rcx";
+$frame="%rdx";
+$context="%r8";
+$disp="%r9";
+
+$code.=<<___;
+.extern	__imp_RtlVirtualUnwind
+.type	se_handler,\@abi-omnipotent
+.align	16
+se_handler:
+	push	%rsi
+	push	%rdi
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	pushfq
+	sub	\$64,%rsp
+
+	mov	120($context),%rax	# pull context->Rax
+	mov	248($context),%rbx	# pull context->Rip
+
+	lea	.Lprologue(%rip),%r10
+	cmp	%r10,%rbx		# context->Rip<.Lprologue
+	jb	.Lin_prologue
+
+	mov	152($context),%rax	# pull context->Rsp
+
+	lea	.Lepilogue(%rip),%r10
+	cmp	%r10,%rbx		# context->Rip>=.Lepilogue
+	jae	.Lin_prologue
+
+	mov	128+32(%rax),%rax	# pull saved stack pointer
+	lea	48(%rax),%rax
+
+	mov	-8(%rax),%rbx
+	mov	-16(%rax),%rbp
+	mov	-24(%rax),%r12
+	mov	-32(%rax),%r13
+	mov	-40(%rax),%r14
+	mov	-48(%rax),%r15
+	mov	%rbx,144($context)	# restore context->Rbx
+	mov	%rbp,160($context)	# restore context->Rbp
+	mov	%r12,216($context)	# restore context->R12
+	mov	%r13,224($context)	# restore context->R13
+	mov	%r14,232($context)	# restore context->R14
+	mov	%r15,240($context)	# restore context->R15
+
+.Lin_prologue:
+	mov	8(%rax),%rdi
+	mov	16(%rax),%rsi
+	mov	%rax,152($context)	# restore context->Rsp
+	mov	%rsi,168($context)	# restore context->Rsi
+	mov	%rdi,176($context)	# restore context->Rdi
+
+	mov	40($disp),%rdi		# disp->ContextRecord
+	mov	$context,%rsi		# context
+	mov	\$154,%ecx		# sizeof(CONTEXT)
+	.long	0xa548f3fc		# cld; rep movsq
+
+	mov	$disp,%rsi
+	xor	%rcx,%rcx		# arg1, UNW_FLAG_NHANDLER
+	mov	8(%rsi),%rdx		# arg2, disp->ImageBase
+	mov	0(%rsi),%r8		# arg3, disp->ControlPc
+	mov	16(%rsi),%r9		# arg4, disp->FunctionEntry
+	mov	40(%rsi),%r10		# disp->ContextRecord
+	lea	56(%rsi),%r11		# &disp->HandlerData
+	lea	24(%rsi),%r12		# &disp->EstablisherFrame
+	mov	%r10,32(%rsp)		# arg5
+	mov	%r11,40(%rsp)		# arg6
+	mov	%r12,48(%rsp)		# arg7
+	mov	%rcx,56(%rsp)		# arg8, (NULL)
+	call	*__imp_RtlVirtualUnwind(%rip)
+
+	mov	\$1,%eax		# ExceptionContinueSearch
+	add	\$64,%rsp
+	popfq
+	pop	%r15
+	pop	%r14
+	pop	%r13
+	pop	%r12
+	pop	%rbp
+	pop	%rbx
+	pop	%rdi
+	pop	%rsi
+	ret
+.size	se_handler,.-se_handler
+
+.section	.pdata
+.align	4
+	.rva	.LSEH_begin_$func
+	.rva	.LSEH_end_$func
+	.rva	.LSEH_info_$func
+
+.section	.xdata
+.align	8
+.LSEH_info_$func:
+	.byte	9,0,0,0
+	.rva	se_handler
+___
+}
+
+$code =~ s/\`([^\`]*)\`/eval $1/gem;
+print $code;
+close STDOUT;
diff --git a/crypto/whrlpool/whrlpool.h b/crypto/whrlpool/whrlpool.h
new file mode 100644
index 0000000000..03c91da115
--- /dev/null
+++ b/crypto/whrlpool/whrlpool.h
@@ -0,0 +1,38 @@
+#ifndef HEADER_WHRLPOOL_H
+#define HEADER_WHRLPOOL_H
+
+#include <openssl/e_os2.h>
+#include <stddef.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#define WHIRLPOOL_DIGEST_LENGTH	(512/8)
+#define WHIRLPOOL_BBLOCK	512
+#define WHIRLPOOL_COUNTER	(256/8)
+
+typedef struct	{
+	union	{
+		unsigned char	c[WHIRLPOOL_DIGEST_LENGTH];
+		/* double q is here to ensure 64-bit alignment */
+		double		q[WHIRLPOOL_DIGEST_LENGTH/sizeof(double)];
+		}	H;
+	unsigned char	data[WHIRLPOOL_BBLOCK/8];
+	unsigned int	bitoff;
+	size_t		bitlen[WHIRLPOOL_COUNTER/sizeof(size_t)];
+	} WHIRLPOOL_CTX;
+
+#ifndef OPENSSL_NO_WHIRLPOOL
+int WHIRLPOOL_Init	(WHIRLPOOL_CTX *c);
+int WHIRLPOOL_Update	(WHIRLPOOL_CTX *c,const void *inp,size_t bytes);
+void WHIRLPOOL_BitUpdate(WHIRLPOOL_CTX *c,const void *inp,size_t bits);
+int WHIRLPOOL_Final	(unsigned char *md,WHIRLPOOL_CTX *c);
+unsigned char *WHIRLPOOL(const void *inp,size_t bytes,unsigned char *md);
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff --git a/crypto/whrlpool/wp_block.c b/crypto/whrlpool/wp_block.c
new file mode 100644
index 0000000000..221f6cc59f
--- /dev/null
+++ b/crypto/whrlpool/wp_block.c
@@ -0,0 +1,655 @@
+/**
+ * The Whirlpool hashing function.
+ *
+ * <P>
+ * <b>References</b>
+ *
+ * <P>
+ * The Whirlpool algorithm was developed by
+ * <a href="mailto:pbarreto@scopus.com.br">Paulo S. L. M. Barreto</a> and
+ * <a href="mailto:vincent.rijmen@cryptomathic.com">Vincent Rijmen</a>.
+ *
+ * See
+ *      P.S.L.M. Barreto, V. Rijmen,
+ *      ``The Whirlpool hashing function,''
+ *      NESSIE submission, 2000 (tweaked version, 2001),
+ *      <https://www.cosic.esat.kuleuven.ac.be/nessie/workshop/submissions/whirlpool.zip>
+ *
+ * Based on "@version 3.0 (2003.03.12)" by Paulo S.L.M. Barreto and
+ * Vincent Rijmen. Lookup "reference implementations" on
+ * <http://planeta.terra.com.br/informatica/paulobarreto/>
+ *
+ * =============================================================================
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS
+ * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
+ * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+ * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
+ * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+ * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#include "wp_locl.h"
+#include <string.h>
+
+typedef unsigned char		u8;
+#if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32)
+typedef unsigned __int64	u64;
+#elif defined(__arch64__)
+typedef unsigned long		u64;
+#else
+typedef unsigned long long	u64;
+#endif
+
+#define ROUNDS	10
+
+#define STRICT_ALIGNMENT
+#if defined(__i386) || defined(__i386__) || \
+    defined(__x86_64) || defined(__x86_64__) || \
+    defined(_M_IX86) || defined(_M_AMD64) || defined(_M_X64)
+/* Well, formally there're couple of other architectures, which permit
+ * unaligned loads, specifically those not crossing cache lines, IA-64
+ * and PowerPC... */
+#  undef STRICT_ALIGNMENT
+#endif
+
+#undef SMALL_REGISTER_BANK
+#if defined(__i386) || defined(__i386__) || defined(_M_IX86)
+#  define SMALL_REGISTER_BANK
+#  if defined(WHIRLPOOL_ASM)
+#    ifndef OPENSSL_SMALL_FOOTPRINT
+#      define OPENSSL_SMALL_FOOTPRINT	/* it appears that for elder non-MMX
+					   CPUs this is actually faster! */
+#    endif
+#    define GO_FOR_MMX(ctx,inp,num)	do {			\
+	extern unsigned long OPENSSL_ia32cap_P;			\
+	void whirlpool_block_mmx(void *,const void *,size_t);	\
+	if (!(OPENSSL_ia32cap_P & (1<<23)))	break;		\
+        whirlpool_block_mmx(ctx->H.c,inp,num);	return;		\
+					} while (0)
+#  endif
+#endif
+
+#undef ROTATE
+#if defined(_MSC_VER)
+#  if defined(_WIN64)	/* applies to both IA-64 and AMD64 */
+#    pragma intrinsic(_rotl64)
+#    define ROTATE(a,n)	_rotl64((a),n)
+#  endif
+#elif defined(__GNUC__) && __GNUC__>=2
+#  if defined(__x86_64) || defined(__x86_64__)
+#    if defined(L_ENDIAN)
+#      define ROTATE(a,n)	({ u64 ret; asm ("rolq %1,%0"	\
+				   : "=r"(ret) : "J"(n),"0"(a) : "cc"); ret; })
+#    elif defined(B_ENDIAN)
+       /* Most will argue that x86_64 is always little-endian. Well,
+        * yes, but then we have stratus.com who has modified gcc to
+	* "emulate" big-endian on x86. Is there evidence that they
+	* [or somebody else] won't do same for x86_64? Naturally no.
+	* And this line is waiting ready for that brave soul:-) */
+#      define ROTATE(a,n)	({ u64 ret; asm ("rorq %1,%0"	\
+				   : "=r"(ret) : "J"(n),"0"(a) : "cc"); ret; })
+#    endif
+#  elif defined(__ia64) || defined(__ia64__)
+#    if defined(L_ENDIAN)
+#      define ROTATE(a,n)	({ u64 ret; asm ("shrp %0=%1,%1,%2"	\
+				   : "=r"(ret) : "r"(a),"M"(64-(n))); ret; })
+#    elif defined(B_ENDIAN)
+#      define ROTATE(a,n)	({ u64 ret; asm ("shrp %0=%1,%1,%2"	\
+				   : "=r"(ret) : "r"(a),"M"(n)); ret; })
+#    endif
+#  endif
+#endif
+
+#if defined(OPENSSL_SMALL_FOOTPRINT)
+#  if !defined(ROTATE)
+#    if defined(L_ENDIAN)	/* little-endians have to rotate left */
+#      define ROTATE(i,n)	((i)<<(n) ^ (i)>>(64-n))
+#    elif defined(B_ENDIAN)	/* big-endians have to rotate right */
+#      define ROTATE(i,n)	((i)>>(n) ^ (i)<<(64-n))
+#    endif
+#  endif
+#  if defined(ROTATE) && !defined(STRICT_ALIGNMENT)
+#    define STRICT_ALIGNMENT	/* ensure smallest table size */
+#  endif
+#endif
+
+/*
+ * Table size depends on STRICT_ALIGNMENT and whether or not endian-
+ * specific ROTATE macro is defined. If STRICT_ALIGNMENT is not
+ * defined, which is normally the case on x86[_64] CPUs, the table is
+ * 4KB large unconditionally. Otherwise if ROTATE is defined, the
+ * table is 2KB large, and otherwise - 16KB. 2KB table requires a
+ * whole bunch of additional rotations, but I'm willing to "trade,"
+ * because 16KB table certainly trashes L1 cache. I wish all CPUs
+ * could handle unaligned load as 4KB table doesn't trash the cache,
+ * nor does it require additional rotations.
+ */
+/*
+ * Note that every Cn macro expands as two loads: one byte load and
+ * one quadword load. One can argue that that many single-byte loads
+ * is too excessive, as one could load a quadword and "milk" it for
+ * eight 8-bit values instead. Well, yes, but in order to do so *and*
+ * avoid excessive loads you have to accomodate a handful of 64-bit
+ * values in the register bank and issue a bunch of shifts and mask.
+ * It's a tradeoff: loads vs. shift and mask in big register bank[!].
+ * On most CPUs eight single-byte loads are faster and I let other
+ * ones to depend on smart compiler to fold byte loads if beneficial.
+ * Hand-coded assembler would be another alternative:-)
+ */
+#ifdef STRICT_ALIGNMENT
+#  if defined(ROTATE)
+#    define N	1
+#    define LL(c0,c1,c2,c3,c4,c5,c6,c7)	c0,c1,c2,c3,c4,c5,c6,c7
+#    define C0(K,i)	(Cx.q[K.c[(i)*8+0]])
+#    define C1(K,i)	ROTATE(Cx.q[K.c[(i)*8+1]],8)
+#    define C2(K,i)	ROTATE(Cx.q[K.c[(i)*8+2]],16)
+#    define C3(K,i)	ROTATE(Cx.q[K.c[(i)*8+3]],24)
+#    define C4(K,i)	ROTATE(Cx.q[K.c[(i)*8+4]],32)
+#    define C5(K,i)	ROTATE(Cx.q[K.c[(i)*8+5]],40)
+#    define C6(K,i)	ROTATE(Cx.q[K.c[(i)*8+6]],48)
+#    define C7(K,i)	ROTATE(Cx.q[K.c[(i)*8+7]],56)
+#  else
+#    define N	8
+#    define LL(c0,c1,c2,c3,c4,c5,c6,c7)	c0,c1,c2,c3,c4,c5,c6,c7, \
+					c7,c0,c1,c2,c3,c4,c5,c6, \
+					c6,c7,c0,c1,c2,c3,c4,c5, \
+					c5,c6,c7,c0,c1,c2,c3,c4, \
+					c4,c5,c6,c7,c0,c1,c2,c3, \
+					c3,c4,c5,c6,c7,c0,c1,c2, \
+					c2,c3,c4,c5,c6,c7,c0,c1, \
+					c1,c2,c3,c4,c5,c6,c7,c0
+#    define C0(K,i)	(Cx.q[0+8*K.c[(i)*8+0]])
+#    define C1(K,i)	(Cx.q[1+8*K.c[(i)*8+1]])
+#    define C2(K,i)	(Cx.q[2+8*K.c[(i)*8+2]])
+#    define C3(K,i)	(Cx.q[3+8*K.c[(i)*8+3]])
+#    define C4(K,i)	(Cx.q[4+8*K.c[(i)*8+4]])
+#    define C5(K,i)	(Cx.q[5+8*K.c[(i)*8+5]])
+#    define C6(K,i)	(Cx.q[6+8*K.c[(i)*8+6]])
+#    define C7(K,i)	(Cx.q[7+8*K.c[(i)*8+7]])
+#  endif
+#else
+#  define N	2
+#  define LL(c0,c1,c2,c3,c4,c5,c6,c7)	c0,c1,c2,c3,c4,c5,c6,c7, \
+					c0,c1,c2,c3,c4,c5,c6,c7
+#  define C0(K,i)	(((u64*)(Cx.c+0))[2*K.c[(i)*8+0]])
+#  define C1(K,i)	(((u64*)(Cx.c+7))[2*K.c[(i)*8+1]])
+#  define C2(K,i)	(((u64*)(Cx.c+6))[2*K.c[(i)*8+2]])
+#  define C3(K,i)	(((u64*)(Cx.c+5))[2*K.c[(i)*8+3]])
+#  define C4(K,i)	(((u64*)(Cx.c+4))[2*K.c[(i)*8+4]])
+#  define C5(K,i)	(((u64*)(Cx.c+3))[2*K.c[(i)*8+5]])
+#  define C6(K,i)	(((u64*)(Cx.c+2))[2*K.c[(i)*8+6]])
+#  define C7(K,i)	(((u64*)(Cx.c+1))[2*K.c[(i)*8+7]])
+#endif
+
+static const
+union	{
+	u8	c[(256*N+ROUNDS)*sizeof(u64)];
+	u64	q[(256*N+ROUNDS)];
+	} Cx = { {
+	/* Note endian-neutral representation:-) */
+	LL(0x18,0x18,0x60,0x18,0xc0,0x78,0x30,0xd8),
+	LL(0x23,0x23,0x8c,0x23,0x05,0xaf,0x46,0x26),
+	LL(0xc6,0xc6,0x3f,0xc6,0x7e,0xf9,0x91,0xb8),
+	LL(0xe8,0xe8,0x87,0xe8,0x13,0x6f,0xcd,0xfb),
+	LL(0x87,0x87,0x26,0x87,0x4c,0xa1,0x13,0xcb),
+	LL(0xb8,0xb8,0xda,0xb8,0xa9,0x62,0x6d,0x11),
+	LL(0x01,0x01,0x04,0x01,0x08,0x05,0x02,0x09),
+	LL(0x4f,0x4f,0x21,0x4f,0x42,0x6e,0x9e,0x0d),
+	LL(0x36,0x36,0xd8,0x36,0xad,0xee,0x6c,0x9b),
+	LL(0xa6,0xa6,0xa2,0xa6,0x59,0x04,0x51,0xff),
+	LL(0xd2,0xd2,0x6f,0xd2,0xde,0xbd,0xb9,0x0c),
+	LL(0xf5,0xf5,0xf3,0xf5,0xfb,0x06,0xf7,0x0e),
+	LL(0x79,0x79,0xf9,0x79,0xef,0x80,0xf2,0x96),
+	LL(0x6f,0x6f,0xa1,0x6f,0x5f,0xce,0xde,0x30),
+	LL(0x91,0x91,0x7e,0x91,0xfc,0xef,0x3f,0x6d),
+	LL(0x52,0x52,0x55,0x52,0xaa,0x07,0xa4,0xf8),
+	LL(0x60,0x60,0x9d,0x60,0x27,0xfd,0xc0,0x47),
+	LL(0xbc,0xbc,0xca,0xbc,0x89,0x76,0x65,0x35),
+	LL(0x9b,0x9b,0x56,0x9b,0xac,0xcd,0x2b,0x37),
+	LL(0x8e,0x8e,0x02,0x8e,0x04,0x8c,0x01,0x8a),
+	LL(0xa3,0xa3,0xb6,0xa3,0x71,0x15,0x5b,0xd2),
+	LL(0x0c,0x0c,0x30,0x0c,0x60,0x3c,0x18,0x6c),
+	LL(0x7b,0x7b,0xf1,0x7b,0xff,0x8a,0xf6,0x84),
+	LL(0x35,0x35,0xd4,0x35,0xb5,0xe1,0x6a,0x80),
+	LL(0x1d,0x1d,0x74,0x1d,0xe8,0x69,0x3a,0xf5),
+	LL(0xe0,0xe0,0xa7,0xe0,0x53,0x47,0xdd,0xb3),
+	LL(0xd7,0xd7,0x7b,0xd7,0xf6,0xac,0xb3,0x21),
+	LL(0xc2,0xc2,0x2f,0xc2,0x5e,0xed,0x99,0x9c),
+	LL(0x2e,0x2e,0xb8,0x2e,0x6d,0x96,0x5c,0x43),
+	LL(0x4b,0x4b,0x31,0x4b,0x62,0x7a,0x96,0x29),
+	LL(0xfe,0xfe,0xdf,0xfe,0xa3,0x21,0xe1,0x5d),
+	LL(0x57,0x57,0x41,0x57,0x82,0x16,0xae,0xd5),
+	LL(0x15,0x15,0x54,0x15,0xa8,0x41,0x2a,0xbd),
+	LL(0x77,0x77,0xc1,0x77,0x9f,0xb6,0xee,0xe8),
+	LL(0x37,0x37,0xdc,0x37,0xa5,0xeb,0x6e,0x92),
+	LL(0xe5,0xe5,0xb3,0xe5,0x7b,0x56,0xd7,0x9e),
+	LL(0x9f,0x9f,0x46,0x9f,0x8c,0xd9,0x23,0x13),
+	LL(0xf0,0xf0,0xe7,0xf0,0xd3,0x17,0xfd,0x23),
+	LL(0x4a,0x4a,0x35,0x4a,0x6a,0x7f,0x94,0x20),
+	LL(0xda,0xda,0x4f,0xda,0x9e,0x95,0xa9,0x44),
+	LL(0x58,0x58,0x7d,0x58,0xfa,0x25,0xb0,0xa2),
+	LL(0xc9,0xc9,0x03,0xc9,0x06,0xca,0x8f,0xcf),
+	LL(0x29,0x29,0xa4,0x29,0x55,0x8d,0x52,0x7c),
+	LL(0x0a,0x0a,0x28,0x0a,0x50,0x22,0x14,0x5a),
+	LL(0xb1,0xb1,0xfe,0xb1,0xe1,0x4f,0x7f,0x50),
+	LL(0xa0,0xa0,0xba,0xa0,0x69,0x1a,0x5d,0xc9),
+	LL(0x6b,0x6b,0xb1,0x6b,0x7f,0xda,0xd6,0x14),
+	LL(0x85,0x85,0x2e,0x85,0x5c,0xab,0x17,0xd9),
+	LL(0xbd,0xbd,0xce,0xbd,0x81,0x73,0x67,0x3c),
+	LL(0x5d,0x5d,0x69,0x5d,0xd2,0x34,0xba,0x8f),
+	LL(0x10,0x10,0x40,0x10,0x80,0x50,0x20,0x90),
+	LL(0xf4,0xf4,0xf7,0xf4,0xf3,0x03,0xf5,0x07),
+	LL(0xcb,0xcb,0x0b,0xcb,0x16,0xc0,0x8b,0xdd),
+	LL(0x3e,0x3e,0xf8,0x3e,0xed,0xc6,0x7c,0xd3),
+	LL(0x05,0x05,0x14,0x05,0x28,0x11,0x0a,0x2d),
+	LL(0x67,0x67,0x81,0x67,0x1f,0xe6,0xce,0x78),
+	LL(0xe4,0xe4,0xb7,0xe4,0x73,0x53,0xd5,0x97),
+	LL(0x27,0x27,0x9c,0x27,0x25,0xbb,0x4e,0x02),
+	LL(0x41,0x41,0x19,0x41,0x32,0x58,0x82,0x73),
+	LL(0x8b,0x8b,0x16,0x8b,0x2c,0x9d,0x0b,0xa7),
+	LL(0xa7,0xa7,0xa6,0xa7,0x51,0x01,0x53,0xf6),
+	LL(0x7d,0x7d,0xe9,0x7d,0xcf,0x94,0xfa,0xb2),
+	LL(0x95,0x95,0x6e,0x95,0xdc,0xfb,0x37,0x49),
+	LL(0xd8,0xd8,0x47,0xd8,0x8e,0x9f,0xad,0x56),
+	LL(0xfb,0xfb,0xcb,0xfb,0x8b,0x30,0xeb,0x70),
+	LL(0xee,0xee,0x9f,0xee,0x23,0x71,0xc1,0xcd),
+	LL(0x7c,0x7c,0xed,0x7c,0xc7,0x91,0xf8,0xbb),
+	LL(0x66,0x66,0x85,0x66,0x17,0xe3,0xcc,0x71),
+	LL(0xdd,0xdd,0x53,0xdd,0xa6,0x8e,0xa7,0x7b),
+	LL(0x17,0x17,0x5c,0x17,0xb8,0x4b,0x2e,0xaf),
+	LL(0x47,0x47,0x01,0x47,0x02,0x46,0x8e,0x45),
+	LL(0x9e,0x9e,0x42,0x9e,0x84,0xdc,0x21,0x1a),
+	LL(0xca,0xca,0x0f,0xca,0x1e,0xc5,0x89,0xd4),
+	LL(0x2d,0x2d,0xb4,0x2d,0x75,0x99,0x5a,0x58),
+	LL(0xbf,0xbf,0xc6,0xbf,0x91,0x79,0x63,0x2e),
+	LL(0x07,0x07,0x1c,0x07,0x38,0x1b,0x0e,0x3f),
+	LL(0xad,0xad,0x8e,0xad,0x01,0x23,0x47,0xac),
+	LL(0x5a,0x5a,0x75,0x5a,0xea,0x2f,0xb4,0xb0),
+	LL(0x83,0x83,0x36,0x83,0x6c,0xb5,0x1b,0xef),
+	LL(0x33,0x33,0xcc,0x33,0x85,0xff,0x66,0xb6),
+	LL(0x63,0x63,0x91,0x63,0x3f,0xf2,0xc6,0x5c),
+	LL(0x02,0x02,0x08,0x02,0x10,0x0a,0x04,0x12),
+	LL(0xaa,0xaa,0x92,0xaa,0x39,0x38,0x49,0x93),
+	LL(0x71,0x71,0xd9,0x71,0xaf,0xa8,0xe2,0xde),
+	LL(0xc8,0xc8,0x07,0xc8,0x0e,0xcf,0x8d,0xc6),
+	LL(0x19,0x19,0x64,0x19,0xc8,0x7d,0x32,0xd1),
+	LL(0x49,0x49,0x39,0x49,0x72,0x70,0x92,0x3b),
+	LL(0xd9,0xd9,0x43,0xd9,0x86,0x9a,0xaf,0x5f),
+	LL(0xf2,0xf2,0xef,0xf2,0xc3,0x1d,0xf9,0x31),
+	LL(0xe3,0xe3,0xab,0xe3,0x4b,0x48,0xdb,0xa8),
+	LL(0x5b,0x5b,0x71,0x5b,0xe2,0x2a,0xb6,0xb9),
+	LL(0x88,0x88,0x1a,0x88,0x34,0x92,0x0d,0xbc),
+	LL(0x9a,0x9a,0x52,0x9a,0xa4,0xc8,0x29,0x3e),
+	LL(0x26,0x26,0x98,0x26,0x2d,0xbe,0x4c,0x0b),
+	LL(0x32,0x32,0xc8,0x32,0x8d,0xfa,0x64,0xbf),
+	LL(0xb0,0xb0,0xfa,0xb0,0xe9,0x4a,0x7d,0x59),
+	LL(0xe9,0xe9,0x83,0xe9,0x1b,0x6a,0xcf,0xf2),
+	LL(0x0f,0x0f,0x3c,0x0f,0x78,0x33,0x1e,0x77),
+	LL(0xd5,0xd5,0x73,0xd5,0xe6,0xa6,0xb7,0x33),
+	LL(0x80,0x80,0x3a,0x80,0x74,0xba,0x1d,0xf4),
+	LL(0xbe,0xbe,0xc2,0xbe,0x99,0x7c,0x61,0x27),
+	LL(0xcd,0xcd,0x13,0xcd,0x26,0xde,0x87,0xeb),
+	LL(0x34,0x34,0xd0,0x34,0xbd,0xe4,0x68,0x89),
+	LL(0x48,0x48,0x3d,0x48,0x7a,0x75,0x90,0x32),
+	LL(0xff,0xff,0xdb,0xff,0xab,0x24,0xe3,0x54),
+	LL(0x7a,0x7a,0xf5,0x7a,0xf7,0x8f,0xf4,0x8d),
+	LL(0x90,0x90,0x7a,0x90,0xf4,0xea,0x3d,0x64),
+	LL(0x5f,0x5f,0x61,0x5f,0xc2,0x3e,0xbe,0x9d),
+	LL(0x20,0x20,0x80,0x20,0x1d,0xa0,0x40,0x3d),
+	LL(0x68,0x68,0xbd,0x68,0x67,0xd5,0xd0,0x0f),
+	LL(0x1a,0x1a,0x68,0x1a,0xd0,0x72,0x34,0xca),
+	LL(0xae,0xae,0x82,0xae,0x19,0x2c,0x41,0xb7),
+	LL(0xb4,0xb4,0xea,0xb4,0xc9,0x5e,0x75,0x7d),
+	LL(0x54,0x54,0x4d,0x54,0x9a,0x19,0xa8,0xce),
+	LL(0x93,0x93,0x76,0x93,0xec,0xe5,0x3b,0x7f),
+	LL(0x22,0x22,0x88,0x22,0x0d,0xaa,0x44,0x2f),
+	LL(0x64,0x64,0x8d,0x64,0x07,0xe9,0xc8,0x63),
+	LL(0xf1,0xf1,0xe3,0xf1,0xdb,0x12,0xff,0x2a),
+	LL(0x73,0x73,0xd1,0x73,0xbf,0xa2,0xe6,0xcc),
+	LL(0x12,0x12,0x48,0x12,0x90,0x5a,0x24,0x82),
+	LL(0x40,0x40,0x1d,0x40,0x3a,0x5d,0x80,0x7a),
+	LL(0x08,0x08,0x20,0x08,0x40,0x28,0x10,0x48),
+	LL(0xc3,0xc3,0x2b,0xc3,0x56,0xe8,0x9b,0x95),
+	LL(0xec,0xec,0x97,0xec,0x33,0x7b,0xc5,0xdf),
+	LL(0xdb,0xdb,0x4b,0xdb,0x96,0x90,0xab,0x4d),
+	LL(0xa1,0xa1,0xbe,0xa1,0x61,0x1f,0x5f,0xc0),
+	LL(0x8d,0x8d,0x0e,0x8d,0x1c,0x83,0x07,0x91),
+	LL(0x3d,0x3d,0xf4,0x3d,0xf5,0xc9,0x7a,0xc8),
+	LL(0x97,0x97,0x66,0x97,0xcc,0xf1,0x33,0x5b),
+	LL(0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00),
+	LL(0xcf,0xcf,0x1b,0xcf,0x36,0xd4,0x83,0xf9),
+	LL(0x2b,0x2b,0xac,0x2b,0x45,0x87,0x56,0x6e),
+	LL(0x76,0x76,0xc5,0x76,0x97,0xb3,0xec,0xe1),
+	LL(0x82,0x82,0x32,0x82,0x64,0xb0,0x19,0xe6),
+	LL(0xd6,0xd6,0x7f,0xd6,0xfe,0xa9,0xb1,0x28),
+	LL(0x1b,0x1b,0x6c,0x1b,0xd8,0x77,0x36,0xc3),
+	LL(0xb5,0xb5,0xee,0xb5,0xc1,0x5b,0x77,0x74),
+	LL(0xaf,0xaf,0x86,0xaf,0x11,0x29,0x43,0xbe),
+	LL(0x6a,0x6a,0xb5,0x6a,0x77,0xdf,0xd4,0x1d),
+	LL(0x50,0x50,0x5d,0x50,0xba,0x0d,0xa0,0xea),
+	LL(0x45,0x45,0x09,0x45,0x12,0x4c,0x8a,0x57),
+	LL(0xf3,0xf3,0xeb,0xf3,0xcb,0x18,0xfb,0x38),
+	LL(0x30,0x30,0xc0,0x30,0x9d,0xf0,0x60,0xad),
+	LL(0xef,0xef,0x9b,0xef,0x2b,0x74,0xc3,0xc4),
+	LL(0x3f,0x3f,0xfc,0x3f,0xe5,0xc3,0x7e,0xda),
+	LL(0x55,0x55,0x49,0x55,0x92,0x1c,0xaa,0xc7),
+	LL(0xa2,0xa2,0xb2,0xa2,0x79,0x10,0x59,0xdb),
+	LL(0xea,0xea,0x8f,0xea,0x03,0x65,0xc9,0xe9),
+	LL(0x65,0x65,0x89,0x65,0x0f,0xec,0xca,0x6a),
+	LL(0xba,0xba,0xd2,0xba,0xb9,0x68,0x69,0x03),
+	LL(0x2f,0x2f,0xbc,0x2f,0x65,0x93,0x5e,0x4a),
+	LL(0xc0,0xc0,0x27,0xc0,0x4e,0xe7,0x9d,0x8e),
+	LL(0xde,0xde,0x5f,0xde,0xbe,0x81,0xa1,0x60),
+	LL(0x1c,0x1c,0x70,0x1c,0xe0,0x6c,0x38,0xfc),
+	LL(0xfd,0xfd,0xd3,0xfd,0xbb,0x2e,0xe7,0x46),
+	LL(0x4d,0x4d,0x29,0x4d,0x52,0x64,0x9a,0x1f),
+	LL(0x92,0x92,0x72,0x92,0xe4,0xe0,0x39,0x76),
+	LL(0x75,0x75,0xc9,0x75,0x8f,0xbc,0xea,0xfa),
+	LL(0x06,0x06,0x18,0x06,0x30,0x1e,0x0c,0x36),
+	LL(0x8a,0x8a,0x12,0x8a,0x24,0x98,0x09,0xae),
+	LL(0xb2,0xb2,0xf2,0xb2,0xf9,0x40,0x79,0x4b),
+	LL(0xe6,0xe6,0xbf,0xe6,0x63,0x59,0xd1,0x85),
+	LL(0x0e,0x0e,0x38,0x0e,0x70,0x36,0x1c,0x7e),
+	LL(0x1f,0x1f,0x7c,0x1f,0xf8,0x63,0x3e,0xe7),
+	LL(0x62,0x62,0x95,0x62,0x37,0xf7,0xc4,0x55),
+	LL(0xd4,0xd4,0x77,0xd4,0xee,0xa3,0xb5,0x3a),
+	LL(0xa8,0xa8,0x9a,0xa8,0x29,0x32,0x4d,0x81),
+	LL(0x96,0x96,0x62,0x96,0xc4,0xf4,0x31,0x52),
+	LL(0xf9,0xf9,0xc3,0xf9,0x9b,0x3a,0xef,0x62),
+	LL(0xc5,0xc5,0x33,0xc5,0x66,0xf6,0x97,0xa3),
+	LL(0x25,0x25,0x94,0x25,0x35,0xb1,0x4a,0x10),
+	LL(0x59,0x59,0x79,0x59,0xf2,0x20,0xb2,0xab),
+	LL(0x84,0x84,0x2a,0x84,0x54,0xae,0x15,0xd0),
+	LL(0x72,0x72,0xd5,0x72,0xb7,0xa7,0xe4,0xc5),
+	LL(0x39,0x39,0xe4,0x39,0xd5,0xdd,0x72,0xec),
+	LL(0x4c,0x4c,0x2d,0x4c,0x5a,0x61,0x98,0x16),
+	LL(0x5e,0x5e,0x65,0x5e,0xca,0x3b,0xbc,0x94),
+	LL(0x78,0x78,0xfd,0x78,0xe7,0x85,0xf0,0x9f),
+	LL(0x38,0x38,0xe0,0x38,0xdd,0xd8,0x70,0xe5),
+	LL(0x8c,0x8c,0x0a,0x8c,0x14,0x86,0x05,0x98),
+	LL(0xd1,0xd1,0x63,0xd1,0xc6,0xb2,0xbf,0x17),
+	LL(0xa5,0xa5,0xae,0xa5,0x41,0x0b,0x57,0xe4),
+	LL(0xe2,0xe2,0xaf,0xe2,0x43,0x4d,0xd9,0xa1),
+	LL(0x61,0x61,0x99,0x61,0x2f,0xf8,0xc2,0x4e),
+	LL(0xb3,0xb3,0xf6,0xb3,0xf1,0x45,0x7b,0x42),
+	LL(0x21,0x21,0x84,0x21,0x15,0xa5,0x42,0x34),
+	LL(0x9c,0x9c,0x4a,0x9c,0x94,0xd6,0x25,0x08),
+	LL(0x1e,0x1e,0x78,0x1e,0xf0,0x66,0x3c,0xee),
+	LL(0x43,0x43,0x11,0x43,0x22,0x52,0x86,0x61),
+	LL(0xc7,0xc7,0x3b,0xc7,0x76,0xfc,0x93,0xb1),
+	LL(0xfc,0xfc,0xd7,0xfc,0xb3,0x2b,0xe5,0x4f),
+	LL(0x04,0x04,0x10,0x04,0x20,0x14,0x08,0x24),
+	LL(0x51,0x51,0x59,0x51,0xb2,0x08,0xa2,0xe3),
+	LL(0x99,0x99,0x5e,0x99,0xbc,0xc7,0x2f,0x25),
+	LL(0x6d,0x6d,0xa9,0x6d,0x4f,0xc4,0xda,0x22),
+	LL(0x0d,0x0d,0x34,0x0d,0x68,0x39,0x1a,0x65),
+	LL(0xfa,0xfa,0xcf,0xfa,0x83,0x35,0xe9,0x79),
+	LL(0xdf,0xdf,0x5b,0xdf,0xb6,0x84,0xa3,0x69),
+	LL(0x7e,0x7e,0xe5,0x7e,0xd7,0x9b,0xfc,0xa9),
+	LL(0x24,0x24,0x90,0x24,0x3d,0xb4,0x48,0x19),
+	LL(0x3b,0x3b,0xec,0x3b,0xc5,0xd7,0x76,0xfe),
+	LL(0xab,0xab,0x96,0xab,0x31,0x3d,0x4b,0x9a),
+	LL(0xce,0xce,0x1f,0xce,0x3e,0xd1,0x81,0xf0),
+	LL(0x11,0x11,0x44,0x11,0x88,0x55,0x22,0x99),
+	LL(0x8f,0x8f,0x06,0x8f,0x0c,0x89,0x03,0x83),
+	LL(0x4e,0x4e,0x25,0x4e,0x4a,0x6b,0x9c,0x04),
+	LL(0xb7,0xb7,0xe6,0xb7,0xd1,0x51,0x73,0x66),
+	LL(0xeb,0xeb,0x8b,0xeb,0x0b,0x60,0xcb,0xe0),
+	LL(0x3c,0x3c,0xf0,0x3c,0xfd,0xcc,0x78,0xc1),
+	LL(0x81,0x81,0x3e,0x81,0x7c,0xbf,0x1f,0xfd),
+	LL(0x94,0x94,0x6a,0x94,0xd4,0xfe,0x35,0x40),
+	LL(0xf7,0xf7,0xfb,0xf7,0xeb,0x0c,0xf3,0x1c),
+	LL(0xb9,0xb9,0xde,0xb9,0xa1,0x67,0x6f,0x18),
+	LL(0x13,0x13,0x4c,0x13,0x98,0x5f,0x26,0x8b),
+	LL(0x2c,0x2c,0xb0,0x2c,0x7d,0x9c,0x58,0x51),
+	LL(0xd3,0xd3,0x6b,0xd3,0xd6,0xb8,0xbb,0x05),
+	LL(0xe7,0xe7,0xbb,0xe7,0x6b,0x5c,0xd3,0x8c),
+	LL(0x6e,0x6e,0xa5,0x6e,0x57,0xcb,0xdc,0x39),
+	LL(0xc4,0xc4,0x37,0xc4,0x6e,0xf3,0x95,0xaa),
+	LL(0x03,0x03,0x0c,0x03,0x18,0x0f,0x06,0x1b),
+	LL(0x56,0x56,0x45,0x56,0x8a,0x13,0xac,0xdc),
+	LL(0x44,0x44,0x0d,0x44,0x1a,0x49,0x88,0x5e),
+	LL(0x7f,0x7f,0xe1,0x7f,0xdf,0x9e,0xfe,0xa0),
+	LL(0xa9,0xa9,0x9e,0xa9,0x21,0x37,0x4f,0x88),
+	LL(0x2a,0x2a,0xa8,0x2a,0x4d,0x82,0x54,0x67),
+	LL(0xbb,0xbb,0xd6,0xbb,0xb1,0x6d,0x6b,0x0a),
+	LL(0xc1,0xc1,0x23,0xc1,0x46,0xe2,0x9f,0x87),
+	LL(0x53,0x53,0x51,0x53,0xa2,0x02,0xa6,0xf1),
+	LL(0xdc,0xdc,0x57,0xdc,0xae,0x8b,0xa5,0x72),
+	LL(0x0b,0x0b,0x2c,0x0b,0x58,0x27,0x16,0x53),
+	LL(0x9d,0x9d,0x4e,0x9d,0x9c,0xd3,0x27,0x01),
+	LL(0x6c,0x6c,0xad,0x6c,0x47,0xc1,0xd8,0x2b),
+	LL(0x31,0x31,0xc4,0x31,0x95,0xf5,0x62,0xa4),
+	LL(0x74,0x74,0xcd,0x74,0x87,0xb9,0xe8,0xf3),
+	LL(0xf6,0xf6,0xff,0xf6,0xe3,0x09,0xf1,0x15),
+	LL(0x46,0x46,0x05,0x46,0x0a,0x43,0x8c,0x4c),
+	LL(0xac,0xac,0x8a,0xac,0x09,0x26,0x45,0xa5),
+	LL(0x89,0x89,0x1e,0x89,0x3c,0x97,0x0f,0xb5),
+	LL(0x14,0x14,0x50,0x14,0xa0,0x44,0x28,0xb4),
+	LL(0xe1,0xe1,0xa3,0xe1,0x5b,0x42,0xdf,0xba),
+	LL(0x16,0x16,0x58,0x16,0xb0,0x4e,0x2c,0xa6),
+	LL(0x3a,0x3a,0xe8,0x3a,0xcd,0xd2,0x74,0xf7),
+	LL(0x69,0x69,0xb9,0x69,0x6f,0xd0,0xd2,0x06),
+	LL(0x09,0x09,0x24,0x09,0x48,0x2d,0x12,0x41),
+	LL(0x70,0x70,0xdd,0x70,0xa7,0xad,0xe0,0xd7),
+	LL(0xb6,0xb6,0xe2,0xb6,0xd9,0x54,0x71,0x6f),
+	LL(0xd0,0xd0,0x67,0xd0,0xce,0xb7,0xbd,0x1e),
+	LL(0xed,0xed,0x93,0xed,0x3b,0x7e,0xc7,0xd6),
+	LL(0xcc,0xcc,0x17,0xcc,0x2e,0xdb,0x85,0xe2),
+	LL(0x42,0x42,0x15,0x42,0x2a,0x57,0x84,0x68),
+	LL(0x98,0x98,0x5a,0x98,0xb4,0xc2,0x2d,0x2c),
+	LL(0xa4,0xa4,0xaa,0xa4,0x49,0x0e,0x55,0xed),
+	LL(0x28,0x28,0xa0,0x28,0x5d,0x88,0x50,0x75),
+	LL(0x5c,0x5c,0x6d,0x5c,0xda,0x31,0xb8,0x86),
+	LL(0xf8,0xf8,0xc7,0xf8,0x93,0x3f,0xed,0x6b),
+	LL(0x86,0x86,0x22,0x86,0x44,0xa4,0x11,0xc2),
+#define RC	(&(Cx.q[256*N]))
+	0x18,0x23,0xc6,0xe8,0x87,0xb8,0x01,0x4f,	/* rc[ROUNDS] */
+	0x36,0xa6,0xd2,0xf5,0x79,0x6f,0x91,0x52,
+	0x60,0xbc,0x9b,0x8e,0xa3,0x0c,0x7b,0x35,
+	0x1d,0xe0,0xd7,0xc2,0x2e,0x4b,0xfe,0x57,
+	0x15,0x77,0x37,0xe5,0x9f,0xf0,0x4a,0xda,
+	0x58,0xc9,0x29,0x0a,0xb1,0xa0,0x6b,0x85,
+	0xbd,0x5d,0x10,0xf4,0xcb,0x3e,0x05,0x67,
+	0xe4,0x27,0x41,0x8b,0xa7,0x7d,0x95,0xd8,
+	0xfb,0xee,0x7c,0x66,0xdd,0x17,0x47,0x9e,
+	0xca,0x2d,0xbf,0x07,0xad,0x5a,0x83,0x33
+	}
+};
+
+void whirlpool_block(WHIRLPOOL_CTX *ctx,const void *inp,size_t n)
+	{
+	int	r;
+	const u8 *p=inp;
+	union	{ u64 q[8]; u8 c[64]; } S,K,*H=(void *)ctx->H.q;
+
+#ifdef GO_FOR_MMX
+	GO_FOR_MMX(ctx,inp,n);
+#endif
+							do {
+#ifdef OPENSSL_SMALL_FOOTPRINT
+	u64	L[8];
+	int	i;
+
+	for (i=0;i<64;i++)	S.c[i] = (K.c[i] = H->c[i]) ^ p[i];
+	for (r=0;r<ROUNDS;r++)
+		{
+		for (i=0;i<8;i++)
+			{
+			L[i]  = i ? 0 : RC[r];
+			L[i] ^=	C0(K,i)       ^ C1(K,(i-1)&7) ^
+				C2(K,(i-2)&7) ^ C3(K,(i-3)&7) ^
+				C4(K,(i-4)&7) ^ C5(K,(i-5)&7) ^
+				C6(K,(i-6)&7) ^ C7(K,(i-7)&7);
+			}
+		memcpy (K.q,L,64);
+		for (i=0;i<8;i++)
+			{
+			L[i] ^= C0(S,i)       ^ C1(S,(i-1)&7) ^
+				C2(S,(i-2)&7) ^ C3(S,(i-3)&7) ^
+				C4(S,(i-4)&7) ^ C5(S,(i-5)&7) ^
+				C6(S,(i-6)&7) ^ C7(S,(i-7)&7);
+			}
+		memcpy (S.q,L,64);
+		}
+	for (i=0;i<64;i++)	H->c[i] ^= S.c[i] ^ p[i];
+#else
+	u64	L0,L1,L2,L3,L4,L5,L6,L7;
+
+#ifdef STRICT_ALIGNMENT
+	if ((size_t)p & 7)
+		{
+		memcpy (S.c,p,64);
+		S.q[0] ^= (K.q[0] = H->q[0]);
+		S.q[1] ^= (K.q[1] = H->q[1]);
+		S.q[2] ^= (K.q[2] = H->q[2]);
+		S.q[3] ^= (K.q[3] = H->q[3]);
+		S.q[4] ^= (K.q[4] = H->q[4]);
+		S.q[5] ^= (K.q[5] = H->q[5]);
+		S.q[6] ^= (K.q[6] = H->q[6]);
+		S.q[7] ^= (K.q[7] = H->q[7]);
+		}
+	else
+#endif
+		{
+		const u64 *pa = (const u64*)p;
+		S.q[0] = (K.q[0] = H->q[0]) ^ pa[0];
+		S.q[1] = (K.q[1] = H->q[1]) ^ pa[1];
+		S.q[2] = (K.q[2] = H->q[2]) ^ pa[2];
+		S.q[3] = (K.q[3] = H->q[3]) ^ pa[3];
+		S.q[4] = (K.q[4] = H->q[4]) ^ pa[4];
+		S.q[5] = (K.q[5] = H->q[5]) ^ pa[5];
+		S.q[6] = (K.q[6] = H->q[6]) ^ pa[6];
+		S.q[7] = (K.q[7] = H->q[7]) ^ pa[7];
+		}
+
+	for(r=0;r<ROUNDS;r++)
+		{
+#ifdef SMALL_REGISTER_BANK
+		L0 =	C0(K,0) ^ C1(K,7) ^ C2(K,6) ^ C3(K,5) ^
+			C4(K,4) ^ C5(K,3) ^ C6(K,2) ^ C7(K,1) ^ RC[r];
+		L1 =	C0(K,1) ^ C1(K,0) ^ C2(K,7) ^ C3(K,6) ^
+			C4(K,5) ^ C5(K,4) ^ C6(K,3) ^ C7(K,2);
+		L2 =	C0(K,2) ^ C1(K,1) ^ C2(K,0) ^ C3(K,7) ^
+			C4(K,6) ^ C5(K,5) ^ C6(K,4) ^ C7(K,3);
+		L3 =	C0(K,3) ^ C1(K,2) ^ C2(K,1) ^ C3(K,0) ^
+			C4(K,7) ^ C5(K,6) ^ C6(K,5) ^ C7(K,4);
+		L4 =	C0(K,4) ^ C1(K,3) ^ C2(K,2) ^ C3(K,1) ^
+			C4(K,0) ^ C5(K,7) ^ C6(K,6) ^ C7(K,5);
+		L5 =	C0(K,5) ^ C1(K,4) ^ C2(K,3) ^ C3(K,2) ^
+			C4(K,1) ^ C5(K,0) ^ C6(K,7) ^ C7(K,6);
+		L6 =	C0(K,6) ^ C1(K,5) ^ C2(K,4) ^ C3(K,3) ^
+			C4(K,2) ^ C5(K,1) ^ C6(K,0) ^ C7(K,7);
+		L7 =	C0(K,7) ^ C1(K,6) ^ C2(K,5) ^ C3(K,4) ^
+			C4(K,3) ^ C5(K,2) ^ C6(K,1) ^ C7(K,0);
+
+		K.q[0] = L0; K.q[1] = L1; K.q[2] = L2; K.q[3] = L3;
+		K.q[4] = L4; K.q[5] = L5; K.q[6] = L6; K.q[7] = L7;
+
+		L0 ^=	C0(S,0) ^ C1(S,7) ^ C2(S,6) ^ C3(S,5) ^
+			C4(S,4) ^ C5(S,3) ^ C6(S,2) ^ C7(S,1);
+		L1 ^=	C0(S,1) ^ C1(S,0) ^ C2(S,7) ^ C3(S,6) ^
+			C4(S,5) ^ C5(S,4) ^ C6(S,3) ^ C7(S,2);
+		L2 ^=	C0(S,2) ^ C1(S,1) ^ C2(S,0) ^ C3(S,7) ^
+			C4(S,6) ^ C5(S,5) ^ C6(S,4) ^ C7(S,3);
+		L3 ^=	C0(S,3) ^ C1(S,2) ^ C2(S,1) ^ C3(S,0) ^
+			C4(S,7) ^ C5(S,6) ^ C6(S,5) ^ C7(S,4);
+		L4 ^=	C0(S,4) ^ C1(S,3) ^ C2(S,2) ^ C3(S,1) ^
+			C4(S,0) ^ C5(S,7) ^ C6(S,6) ^ C7(S,5);
+		L5 ^=	C0(S,5) ^ C1(S,4) ^ C2(S,3) ^ C3(S,2) ^
+			C4(S,1) ^ C5(S,0) ^ C6(S,7) ^ C7(S,6);
+		L6 ^=	C0(S,6) ^ C1(S,5) ^ C2(S,4) ^ C3(S,3) ^
+			C4(S,2) ^ C5(S,1) ^ C6(S,0) ^ C7(S,7);
+		L7 ^=	C0(S,7) ^ C1(S,6) ^ C2(S,5) ^ C3(S,4) ^
+			C4(S,3) ^ C5(S,2) ^ C6(S,1) ^ C7(S,0);
+
+		S.q[0] = L0; S.q[1] = L1; S.q[2] = L2; S.q[3] = L3;
+		S.q[4] = L4; S.q[5] = L5; S.q[6] = L6; S.q[7] = L7;
+#else
+		L0  = C0(K,0); L1  = C1(K,0); L2  = C2(K,0); L3  = C3(K,0);
+		L4  = C4(K,0); L5  = C5(K,0); L6  = C6(K,0); L7  = C7(K,0);
+		L0 ^= RC[r];
+
+		L1 ^= C0(K,1); L2 ^= C1(K,1); L3 ^= C2(K,1); L4 ^= C3(K,1);
+		L5 ^= C4(K,1); L6 ^= C5(K,1); L7 ^= C6(K,1); L0 ^= C7(K,1);
+
+		L2 ^= C0(K,2); L3 ^= C1(K,2); L4 ^= C2(K,2); L5 ^= C3(K,2);
+		L6 ^= C4(K,2); L7 ^= C5(K,2); L0 ^= C6(K,2); L1 ^= C7(K,2);
+
+		L3 ^= C0(K,3); L4 ^= C1(K,3); L5 ^= C2(K,3); L6 ^= C3(K,3);
+		L7 ^= C4(K,3); L0 ^= C5(K,3); L1 ^= C6(K,3); L2 ^= C7(K,3);
+
+		L4 ^= C0(K,4); L5 ^= C1(K,4); L6 ^= C2(K,4); L7 ^= C3(K,4);
+		L0 ^= C4(K,4); L1 ^= C5(K,4); L2 ^= C6(K,4); L3 ^= C7(K,4);
+
+		L5 ^= C0(K,5); L6 ^= C1(K,5); L7 ^= C2(K,5); L0 ^= C3(K,5);
+		L1 ^= C4(K,5); L2 ^= C5(K,5); L3 ^= C6(K,5); L4 ^= C7(K,5);
+
+		L6 ^= C0(K,6); L7 ^= C1(K,6); L0 ^= C2(K,6); L1 ^= C3(K,6);
+		L2 ^= C4(K,6); L3 ^= C5(K,6); L4 ^= C6(K,6); L5 ^= C7(K,6);
+
+		L7 ^= C0(K,7); L0 ^= C1(K,7); L1 ^= C2(K,7); L2 ^= C3(K,7);
+		L3 ^= C4(K,7); L4 ^= C5(K,7); L5 ^= C6(K,7); L6 ^= C7(K,7);
+
+		K.q[0] = L0; K.q[1] = L1; K.q[2] = L2; K.q[3] = L3;
+		K.q[4] = L4; K.q[5] = L5; K.q[6] = L6; K.q[7] = L7;
+
+		L0 ^= C0(S,0); L1 ^= C1(S,0); L2 ^= C2(S,0); L3 ^= C3(S,0);
+		L4 ^= C4(S,0); L5 ^= C5(S,0); L6 ^= C6(S,0); L7 ^= C7(S,0);
+
+		L1 ^= C0(S,1); L2 ^= C1(S,1); L3 ^= C2(S,1); L4 ^= C3(S,1);
+		L5 ^= C4(S,1); L6 ^= C5(S,1); L7 ^= C6(S,1); L0 ^= C7(S,1);
+
+		L2 ^= C0(S,2); L3 ^= C1(S,2); L4 ^= C2(S,2); L5 ^= C3(S,2);
+		L6 ^= C4(S,2); L7 ^= C5(S,2); L0 ^= C6(S,2); L1 ^= C7(S,2);
+
+		L3 ^= C0(S,3); L4 ^= C1(S,3); L5 ^= C2(S,3); L6 ^= C3(S,3);
+		L7 ^= C4(S,3); L0 ^= C5(S,3); L1 ^= C6(S,3); L2 ^= C7(S,3);
+
+		L4 ^= C0(S,4); L5 ^= C1(S,4); L6 ^= C2(S,4); L7 ^= C3(S,4);
+		L0 ^= C4(S,4); L1 ^= C5(S,4); L2 ^= C6(S,4); L3 ^= C7(S,4);
+
+		L5 ^= C0(S,5); L6 ^= C1(S,5); L7 ^= C2(S,5); L0 ^= C3(S,5);
+		L1 ^= C4(S,5); L2 ^= C5(S,5); L3 ^= C6(S,5); L4 ^= C7(S,5);
+
+		L6 ^= C0(S,6); L7 ^= C1(S,6); L0 ^= C2(S,6); L1 ^= C3(S,6);
+		L2 ^= C4(S,6); L3 ^= C5(S,6); L4 ^= C6(S,6); L5 ^= C7(S,6);
+
+		L7 ^= C0(S,7); L0 ^= C1(S,7); L1 ^= C2(S,7); L2 ^= C3(S,7);
+		L3 ^= C4(S,7); L4 ^= C5(S,7); L5 ^= C6(S,7); L6 ^= C7(S,7);
+
+		S.q[0] = L0; S.q[1] = L1; S.q[2] = L2; S.q[3] = L3;
+		S.q[4] = L4; S.q[5] = L5; S.q[6] = L6; S.q[7] = L7;
+#endif
+		}
+
+#ifdef STRICT_ALIGNMENT
+	if ((size_t)p & 7)
+		{
+		int i;
+		for(i=0;i<64;i++)	H->c[i] ^= S.c[i] ^ p[i];
+		}
+	else
+#endif
+		{
+		const u64 *pa=(const u64 *)p;
+		H->q[0] ^= S.q[0] ^ pa[0];
+		H->q[1] ^= S.q[1] ^ pa[1];
+		H->q[2] ^= S.q[2] ^ pa[2];
+		H->q[3] ^= S.q[3] ^ pa[3];
+		H->q[4] ^= S.q[4] ^ pa[4];
+		H->q[5] ^= S.q[5] ^ pa[5];
+		H->q[6] ^= S.q[6] ^ pa[6];
+		H->q[7] ^= S.q[7] ^ pa[7];
+		}
+#endif
+							p += 64;
+							} while(--n);
+	}
diff --git a/crypto/whrlpool/wp_dgst.c b/crypto/whrlpool/wp_dgst.c
new file mode 100644
index 0000000000..ee5c5c1bf3
--- /dev/null
+++ b/crypto/whrlpool/wp_dgst.c
@@ -0,0 +1,264 @@
+/**
+ * The Whirlpool hashing function.
+ *
+ * <P>
+ * <b>References</b>
+ *
+ * <P>
+ * The Whirlpool algorithm was developed by
+ * <a href="mailto:pbarreto@scopus.com.br">Paulo S. L. M. Barreto</a> and
+ * <a href="mailto:vincent.rijmen@cryptomathic.com">Vincent Rijmen</a>.
+ *
+ * See
+ *      P.S.L.M. Barreto, V. Rijmen,
+ *      ``The Whirlpool hashing function,''
+ *      NESSIE submission, 2000 (tweaked version, 2001),
+ *      <https://www.cosic.esat.kuleuven.ac.be/nessie/workshop/submissions/whirlpool.zip>
+ *
+ * Based on "@version 3.0 (2003.03.12)" by Paulo S.L.M. Barreto and
+ * Vincent Rijmen. Lookup "reference implementations" on
+ * <http://planeta.terra.com.br/informatica/paulobarreto/>
+ *
+ * =============================================================================
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS
+ * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
+ * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+ * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
+ * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+ * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+/*
+ * OpenSSL-specific implementation notes.
+ *
+ * WHIRLPOOL_Update as well as one-stroke WHIRLPOOL both expect
+ * number of *bytes* as input length argument. Bit-oriented routine
+ * as specified by authors is called WHIRLPOOL_BitUpdate[!] and
+ * does not have one-stroke counterpart.
+ *
+ * WHIRLPOOL_BitUpdate implements byte-oriented loop, essentially
+ * to serve WHIRLPOOL_Update. This is done for performance.
+ *
+ * Unlike authors' reference implementation, block processing
+ * routine whirlpool_block is designed to operate on multi-block
+ * input. This is done for perfomance.
+ */
+
+#include "wp_locl.h"
+#include <string.h>
+
+int WHIRLPOOL_Init	(WHIRLPOOL_CTX *c)
+	{
+	memset (c,0,sizeof(*c));
+	return(1);
+	}
+
+int WHIRLPOOL_Update	(WHIRLPOOL_CTX *c,const void *_inp,size_t bytes)
+	{
+	/* Well, largest suitable chunk size actually is
+	 * (1<<(sizeof(size_t)*8-3))-64, but below number
+	 * is large enough for not to care about excessive
+	 * calls to WHIRLPOOL_BitUpdate... */
+	size_t chunk = ((size_t)1)<<(sizeof(size_t)*8-4);
+	const unsigned char *inp = _inp;
+
+	while (bytes>=chunk)
+		{
+		WHIRLPOOL_BitUpdate(c,inp,chunk*8);
+		bytes -= chunk;
+		inp   += chunk;
+		}
+	if (bytes)
+		WHIRLPOOL_BitUpdate(c,inp,bytes*8);
+
+	return(1);
+	}
+
+void WHIRLPOOL_BitUpdate(WHIRLPOOL_CTX *c,const void *_inp,size_t bits)
+	{
+	size_t		n;
+	unsigned int	bitoff = c->bitoff,
+			bitrem = bitoff%8,
+			inpgap = (8-(unsigned int)bits%8)&7;
+	const unsigned char *inp=_inp;
+
+	/* This 256-bit increment procedure relies on the size_t
+	 * being natural size of CPU register, so that we don't
+	 * have to mask the value in order to detect overflows. */
+	c->bitlen[0] += bits;
+	if (c->bitlen[0] < bits)	/* overflow */
+		{
+		n = 1;
+		do  { 	c->bitlen[n]++;
+		    } while(c->bitlen[n]==0
+		   	    && ++n<(WHIRLPOOL_COUNTER/sizeof(size_t)));
+		}
+
+#ifndef OPENSSL_SMALL_FOOTPRINT
+	reconsider:
+	if (inpgap==0 && bitrem==0)	/* byte-oriented loop */
+		{
+		while (bits)
+			{
+			if (bitoff==0 && (n=bits/WHIRLPOOL_BBLOCK))
+				{
+				whirlpool_block(c,inp,n);
+				inp  += n*WHIRLPOOL_BBLOCK/8;
+				bits %= WHIRLPOOL_BBLOCK;
+				}
+			else
+				{
+				unsigned int byteoff = bitoff/8;
+
+				bitrem = WHIRLPOOL_BBLOCK - bitoff;/* re-use bitrem */
+				if (bits >= bitrem)
+					{
+					bits -= bitrem;
+					bitrem /= 8;
+					memcpy(c->data+byteoff,inp,bitrem);
+					inp  += bitrem;
+					whirlpool_block(c,c->data,1);
+					bitoff = 0;
+					}
+				else
+					{
+					memcpy(c->data+byteoff,inp,bits/8);
+					bitoff += (unsigned int)bits;
+					bits = 0;
+					}
+				c->bitoff = bitoff;
+				}
+			}
+		}
+	else				/* bit-oriented loop */
+#endif
+		{
+		/*
+			   inp
+			   |
+			   +-------+-------+-------
+			      |||||||||||||||||||||
+			   +-------+-------+-------
+		+-------+-------+-------+-------+-------
+		||||||||||||||				c->data
+		+-------+-------+-------+-------+-------
+			|
+			c->bitoff/8
+		*/
+		while (bits)
+			{
+			unsigned int	byteoff	= bitoff/8;
+			unsigned char	b;
+
+#ifndef OPENSSL_SMALL_FOOTPRINT
+			if (bitrem==inpgap)
+				{
+				c->data[byteoff++] |= inp[0] & (0xff>>inpgap);
+				inpgap = 8-inpgap;
+				bitoff += inpgap;  bitrem = 0;	/* bitoff%8 */
+				bits   -= inpgap;  inpgap = 0;	/* bits%8   */
+				inp++;
+				if (bitoff==WHIRLPOOL_BBLOCK)
+					{
+					whirlpool_block(c,c->data,1);
+					bitoff = 0;
+					}
+				c->bitoff = bitoff;
+				goto reconsider;
+				}
+			else
+#endif
+			if (bits>=8)
+				{
+				b  = ((inp[0]<<inpgap) | (inp[1]>>(8-inpgap)));
+				b &= 0xff;
+				if (bitrem)	c->data[byteoff++] |= b>>bitrem;
+				else		c->data[byteoff++]  = b;
+				bitoff += 8;
+				bits   -= 8;
+				inp++;
+				if (bitoff>=WHIRLPOOL_BBLOCK)
+					{
+					whirlpool_block(c,c->data,1);
+					byteoff  = 0;
+					bitoff  %= WHIRLPOOL_BBLOCK;
+					}
+				if (bitrem)	c->data[byteoff] = b<<(8-bitrem);
+				}
+			else	/* remaining less than 8 bits */
+				{
+				b = (inp[0]<<inpgap)&0xff;
+				if (bitrem)	c->data[byteoff++] |= b>>bitrem;
+				else		c->data[byteoff++]  = b;
+				bitoff += (unsigned int)bits;
+				if (bitoff==WHIRLPOOL_BBLOCK)
+					{
+					whirlpool_block(c,c->data,1);
+					byteoff  = 0;
+			        	bitoff  %= WHIRLPOOL_BBLOCK;
+					}
+				if (bitrem)	c->data[byteoff] = b<<(8-bitrem);
+				bits = 0;
+				}
+			c->bitoff = bitoff;
+			}
+		}
+	}
+
+int WHIRLPOOL_Final	(unsigned char *md,WHIRLPOOL_CTX *c)
+	{
+	unsigned int	bitoff  = c->bitoff,
+			byteoff = bitoff/8;
+	size_t		i,j,v;
+	unsigned char  *p;
+
+	bitoff %= 8;
+	if (bitoff)	c->data[byteoff] |= 0x80>>bitoff;
+	else		c->data[byteoff]  = 0x80;
+	byteoff++;
+
+	/* pad with zeros */
+	if (byteoff > (WHIRLPOOL_BBLOCK/8-WHIRLPOOL_COUNTER))
+		{
+		if (byteoff<WHIRLPOOL_BBLOCK/8)
+			memset(&c->data[byteoff],0,WHIRLPOOL_BBLOCK/8-byteoff);
+		whirlpool_block(c,c->data,1);
+		byteoff = 0;
+		}
+	if (byteoff < (WHIRLPOOL_BBLOCK/8-WHIRLPOOL_COUNTER))
+		memset(&c->data[byteoff],0,
+			(WHIRLPOOL_BBLOCK/8-WHIRLPOOL_COUNTER)-byteoff);
+	/* smash 256-bit c->bitlen in big-endian order */
+	p = &c->data[WHIRLPOOL_BBLOCK/8-1];	/* last byte in c->data */
+	for(i=0;i<WHIRLPOOL_COUNTER/sizeof(size_t);i++)
+		for(v=c->bitlen[i],j=0;j<sizeof(size_t);j++,v>>=8)
+			*p-- = (unsigned char)(v&0xff);
+
+	whirlpool_block(c,c->data,1);
+
+	if (md)	{
+		memcpy(md,c->H.c,WHIRLPOOL_DIGEST_LENGTH);
+		memset(c,0,sizeof(*c));
+		return(1);
+		}
+	return(0);
+	}
+
+unsigned char *WHIRLPOOL(const void *inp, size_t bytes,unsigned char *md)
+	{
+	WHIRLPOOL_CTX ctx;
+	static unsigned char m[WHIRLPOOL_DIGEST_LENGTH];
+
+	if (md == NULL) md=m;
+	WHIRLPOOL_Init(&ctx);
+	WHIRLPOOL_Update(&ctx,inp,bytes);
+	WHIRLPOOL_Final(md,&ctx);
+	return(md);
+	}
diff --git a/crypto/whrlpool/wp_locl.h b/crypto/whrlpool/wp_locl.h
new file mode 100644
index 0000000000..94e56a39f1
--- /dev/null
+++ b/crypto/whrlpool/wp_locl.h
@@ -0,0 +1,3 @@
+#include <openssl/whrlpool.h>
+
+void whirlpool_block(WHIRLPOOL_CTX *,const void *,size_t);
diff --git a/crypto/whrlpool/wp_test.c b/crypto/whrlpool/wp_test.c
new file mode 100644
index 0000000000..c68c2c62ca
--- /dev/null
+++ b/crypto/whrlpool/wp_test.c
@@ -0,0 +1,228 @@
+/* ====================================================================
+ * Copyright (c) 2005 The OpenSSL Project.  All rights reserved.
+ * ====================================================================
+ */
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+
+#include <openssl/whrlpool.h>
+#include <openssl/crypto.h>
+
+#if defined(OPENSSL_NO_WHIRLPOOL)
+int main(int argc, char *argv[])
+{
+    printf("No Whirlpool support\n");
+    return(0);
+}
+#else
+
+/* ISO/IEC 10118-3 test vector set */
+unsigned char iso_test_1[WHIRLPOOL_DIGEST_LENGTH] = {
+	0x19,0xFA,0x61,0xD7,0x55,0x22,0xA4,0x66,
+	0x9B,0x44,0xE3,0x9C,0x1D,0x2E,0x17,0x26,
+	0xC5,0x30,0x23,0x21,0x30,0xD4,0x07,0xF8,
+	0x9A,0xFE,0xE0,0x96,0x49,0x97,0xF7,0xA7,
+	0x3E,0x83,0xBE,0x69,0x8B,0x28,0x8F,0xEB,
+	0xCF,0x88,0xE3,0xE0,0x3C,0x4F,0x07,0x57,
+	0xEA,0x89,0x64,0xE5,0x9B,0x63,0xD9,0x37,
+	0x08,0xB1,0x38,0xCC,0x42,0xA6,0x6E,0xB3 };
+
+unsigned char iso_test_2[WHIRLPOOL_DIGEST_LENGTH] = {
+	0x8A,0xCA,0x26,0x02,0x79,0x2A,0xEC,0x6F,
+	0x11,0xA6,0x72,0x06,0x53,0x1F,0xB7,0xD7,
+	0xF0,0xDF,0xF5,0x94,0x13,0x14,0x5E,0x69,
+	0x73,0xC4,0x50,0x01,0xD0,0x08,0x7B,0x42,
+	0xD1,0x1B,0xC6,0x45,0x41,0x3A,0xEF,0xF6,
+	0x3A,0x42,0x39,0x1A,0x39,0x14,0x5A,0x59,
+	0x1A,0x92,0x20,0x0D,0x56,0x01,0x95,0xE5,
+	0x3B,0x47,0x85,0x84,0xFD,0xAE,0x23,0x1A };
+
+unsigned char iso_test_3[WHIRLPOOL_DIGEST_LENGTH] = {
+	0x4E,0x24,0x48,0xA4,0xC6,0xF4,0x86,0xBB,
+	0x16,0xB6,0x56,0x2C,0x73,0xB4,0x02,0x0B,
+	0xF3,0x04,0x3E,0x3A,0x73,0x1B,0xCE,0x72,
+	0x1A,0xE1,0xB3,0x03,0xD9,0x7E,0x6D,0x4C,
+	0x71,0x81,0xEE,0xBD,0xB6,0xC5,0x7E,0x27,
+	0x7D,0x0E,0x34,0x95,0x71,0x14,0xCB,0xD6,
+	0xC7,0x97,0xFC,0x9D,0x95,0xD8,0xB5,0x82,
+	0xD2,0x25,0x29,0x20,0x76,0xD4,0xEE,0xF5 };
+
+unsigned char iso_test_4[WHIRLPOOL_DIGEST_LENGTH] = {
+	0x37,0x8C,0x84,0xA4,0x12,0x6E,0x2D,0xC6,
+	0xE5,0x6D,0xCC,0x74,0x58,0x37,0x7A,0xAC,
+	0x83,0x8D,0x00,0x03,0x22,0x30,0xF5,0x3C,
+	0xE1,0xF5,0x70,0x0C,0x0F,0xFB,0x4D,0x3B,
+	0x84,0x21,0x55,0x76,0x59,0xEF,0x55,0xC1,
+	0x06,0xB4,0xB5,0x2A,0xC5,0xA4,0xAA,0xA6,
+	0x92,0xED,0x92,0x00,0x52,0x83,0x8F,0x33,
+	0x62,0xE8,0x6D,0xBD,0x37,0xA8,0x90,0x3E };
+
+unsigned char iso_test_5[WHIRLPOOL_DIGEST_LENGTH] = {
+	0xF1,0xD7,0x54,0x66,0x26,0x36,0xFF,0xE9,
+	0x2C,0x82,0xEB,0xB9,0x21,0x2A,0x48,0x4A,
+	0x8D,0x38,0x63,0x1E,0xAD,0x42,0x38,0xF5,
+	0x44,0x2E,0xE1,0x3B,0x80,0x54,0xE4,0x1B,
+	0x08,0xBF,0x2A,0x92,0x51,0xC3,0x0B,0x6A,
+	0x0B,0x8A,0xAE,0x86,0x17,0x7A,0xB4,0xA6,
+	0xF6,0x8F,0x67,0x3E,0x72,0x07,0x86,0x5D,
+	0x5D,0x98,0x19,0xA3,0xDB,0xA4,0xEB,0x3B };
+
+unsigned char iso_test_6[WHIRLPOOL_DIGEST_LENGTH] = {
+	0xDC,0x37,0xE0,0x08,0xCF,0x9E,0xE6,0x9B,
+	0xF1,0x1F,0x00,0xED,0x9A,0xBA,0x26,0x90,
+	0x1D,0xD7,0xC2,0x8C,0xDE,0xC0,0x66,0xCC,
+	0x6A,0xF4,0x2E,0x40,0xF8,0x2F,0x3A,0x1E,
+	0x08,0xEB,0xA2,0x66,0x29,0x12,0x9D,0x8F,
+	0xB7,0xCB,0x57,0x21,0x1B,0x92,0x81,0xA6,
+	0x55,0x17,0xCC,0x87,0x9D,0x7B,0x96,0x21,
+	0x42,0xC6,0x5F,0x5A,0x7A,0xF0,0x14,0x67 };
+
+unsigned char iso_test_7[WHIRLPOOL_DIGEST_LENGTH] = {
+	0x46,0x6E,0xF1,0x8B,0xAB,0xB0,0x15,0x4D,
+	0x25,0xB9,0xD3,0x8A,0x64,0x14,0xF5,0xC0,
+	0x87,0x84,0x37,0x2B,0xCC,0xB2,0x04,0xD6,
+	0x54,0x9C,0x4A,0xFA,0xDB,0x60,0x14,0x29,
+	0x4D,0x5B,0xD8,0xDF,0x2A,0x6C,0x44,0xE5,
+	0x38,0xCD,0x04,0x7B,0x26,0x81,0xA5,0x1A,
+	0x2C,0x60,0x48,0x1E,0x88,0xC5,0xA2,0x0B,
+	0x2C,0x2A,0x80,0xCF,0x3A,0x9A,0x08,0x3B };
+
+unsigned char iso_test_8[WHIRLPOOL_DIGEST_LENGTH] = {
+	0x2A,0x98,0x7E,0xA4,0x0F,0x91,0x70,0x61,
+	0xF5,0xD6,0xF0,0xA0,0xE4,0x64,0x4F,0x48,
+	0x8A,0x7A,0x5A,0x52,0xDE,0xEE,0x65,0x62,
+	0x07,0xC5,0x62,0xF9,0x88,0xE9,0x5C,0x69,
+	0x16,0xBD,0xC8,0x03,0x1B,0xC5,0xBE,0x1B,
+	0x7B,0x94,0x76,0x39,0xFE,0x05,0x0B,0x56,
+	0x93,0x9B,0xAA,0xA0,0xAD,0xFF,0x9A,0xE6,
+	0x74,0x5B,0x7B,0x18,0x1C,0x3B,0xE3,0xFD };
+
+unsigned char iso_test_9[WHIRLPOOL_DIGEST_LENGTH] = {
+	0x0C,0x99,0x00,0x5B,0xEB,0x57,0xEF,0xF5,
+	0x0A,0x7C,0xF0,0x05,0x56,0x0D,0xDF,0x5D,
+	0x29,0x05,0x7F,0xD8,0x6B,0x20,0xBF,0xD6,
+	0x2D,0xEC,0xA0,0xF1,0xCC,0xEA,0x4A,0xF5,
+	0x1F,0xC1,0x54,0x90,0xED,0xDC,0x47,0xAF,
+	0x32,0xBB,0x2B,0x66,0xC3,0x4F,0xF9,0xAD,
+	0x8C,0x60,0x08,0xAD,0x67,0x7F,0x77,0x12,
+	0x69,0x53,0xB2,0x26,0xE4,0xED,0x8B,0x01 };
+
+int main (int argc,char *argv[])
+{ unsigned char md[WHIRLPOOL_DIGEST_LENGTH];
+  int		i;
+  WHIRLPOOL_CTX	ctx;
+
+#ifdef OPENSSL_IA32_SSE2
+    /* Alternative to this is to call OpenSSL_add_all_algorithms...
+     * The below code is retained exclusively for debugging purposes. */
+    { char      *env;
+
+	if ((env=getenv("OPENSSL_ia32cap")))
+	    OPENSSL_ia32cap = strtoul (env,NULL,0);
+    }
+#endif
+
+    fprintf(stdout,"Testing Whirlpool ");
+
+    WHIRLPOOL("",0,md);
+    if (memcmp(md,iso_test_1,sizeof(iso_test_1)))
+    {   fflush(stdout);
+	fprintf(stderr,"\nTEST 1 of 9 failed.\n");
+	return 1;
+    }
+    else
+	fprintf(stdout,"."); fflush(stdout);
+
+    WHIRLPOOL("a",1,md);
+    if (memcmp(md,iso_test_2,sizeof(iso_test_2)))
+    {   fflush(stdout);
+	fprintf(stderr,"\nTEST 2 of 9 failed.\n");
+	return 1;
+    }
+    else
+	fprintf(stdout,"."); fflush(stdout);
+
+    WHIRLPOOL("abc",3,md);
+    if (memcmp(md,iso_test_3,sizeof(iso_test_3)))
+    {   fflush(stdout);
+	fprintf(stderr,"\nTEST 3 of 9 failed.\n");
+	return 1;
+    }
+    else
+	fprintf(stdout,"."); fflush(stdout);
+
+    WHIRLPOOL("message digest",14,md);
+    if (memcmp(md,iso_test_4,sizeof(iso_test_4)))
+    {   fflush(stdout);
+	fprintf(stderr,"\nTEST 4 of 9 failed.\n");
+	return 1;
+    }
+    else
+	fprintf(stdout,"."); fflush(stdout);
+
+    WHIRLPOOL("abcdefghijklmnopqrstuvwxyz",26,md);
+    if (memcmp(md,iso_test_5,sizeof(iso_test_5)))
+    {   fflush(stdout);
+	fprintf(stderr,"\nTEST 5 of 9 failed.\n");
+	return 1;
+    }
+    else
+	fprintf(stdout,"."); fflush(stdout);
+
+    WHIRLPOOL(	"ABCDEFGHIJKLMNOPQRSTUVWXYZ"
+		"abcdefghijklmnopqrstuvwxyz"
+		"0123456789",62,md);
+    if (memcmp(md,iso_test_6,sizeof(iso_test_6)))
+    {   fflush(stdout);
+	fprintf(stderr,"\nTEST 6 of 9 failed.\n");
+	return 1;
+    }
+    else
+	fprintf(stdout,"."); fflush(stdout);
+
+    WHIRLPOOL(	"1234567890""1234567890""1234567890""1234567890"
+		"1234567890""1234567890""1234567890""1234567890",80,md);
+    if (memcmp(md,iso_test_7,sizeof(iso_test_7)))
+    {   fflush(stdout);
+	fprintf(stderr,"\nTEST 7 of 9 failed.\n");
+	return 1;
+    }
+    else
+	fprintf(stdout,"."); fflush(stdout);
+
+    WHIRLPOOL("abcdbcdecdefdefgefghfghighijhijk",32,md);
+    if (memcmp(md,iso_test_8,sizeof(iso_test_8)))
+    {   fflush(stdout);
+	fprintf(stderr,"\nTEST 8 of 9 failed.\n");
+	return 1;
+    }
+    else
+	fprintf(stdout,"."); fflush(stdout);
+ 
+    WHIRLPOOL_Init (&ctx);
+    for (i=0;i<1000000;i+=288)
+	WHIRLPOOL_Update (&ctx,	"aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa"
+				"aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa"
+				"aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa"
+				"aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa"
+				"aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa"
+				"aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa"
+				"aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa"
+				"aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa"
+				"aaaaaaaa""aaaaaaaa""aaaaaaaa""aaaaaaaa",
+				(1000000-i)<288?1000000-i:288);
+    WHIRLPOOL_Final (md,&ctx);
+    if (memcmp(md,iso_test_9,sizeof(iso_test_9)))
+    {   fflush(stdout);
+	fprintf(stderr,"\nTEST 9 of 9 failed.\n");
+	return 1;
+    }
+    else
+	fprintf(stdout,"."); fflush(stdout);
+
+    fprintf(stdout," passed.\n"); fflush(stdout);
+
+  return 0;
+}
+#endif
diff --git a/crypto/x509/.cvsignore b/crypto/x509/.cvsignore
index c6d03a9dbc..439e6d3eb6 100644
--- a/crypto/x509/.cvsignore
+++ b/crypto/x509/.cvsignore
@@ -1,2 +1,4 @@
 lib
 Makefile.save
+*.flc
+semantic.cache
diff --git a/crypto/x509/Makefile.ssl b/crypto/x509/Makefile.ssl
deleted file mode 100644
index e9293a8484..0000000000
--- a/crypto/x509/Makefile.ssl
+++ /dev/null
@@ -1,411 +0,0 @@
-#
-# SSLeay/crypto/x509/Makefile
-#
-
-DIR=	x509
-TOP=	../..
-CC=	cc
-INCLUDES= -I.. -I$(TOP) -I../../include
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile README
-TEST=
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=	x509_def.c x509_d2.c x509_r2x.c x509_cmp.c \
-	x509_obj.c x509_req.c x509spki.c x509_vfy.c \
-	x509_set.c x509cset.c x509rset.c x509_err.c \
-	x509name.c x509_v3.c x509_ext.c x509_att.c \
-	x509type.c x509_lu.c x_all.c x509_txt.c \
-	x509_trs.c by_file.c by_dir.c x509_vpm.c
-LIBOBJ= x509_def.o x509_d2.o x509_r2x.o x509_cmp.o \
-	x509_obj.o x509_req.o x509spki.o x509_vfy.o \
-	x509_set.o x509cset.o x509rset.o x509_err.o \
-	x509name.o x509_v3.o x509_ext.o x509_att.o \
-	x509type.o x509_lu.o x_all.o x509_txt.o \
-	x509_trs.o by_file.o by_dir.o x509_vpm.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= x509.h x509_vfy.h
-HEADER=	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@sh $(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-by_dir.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-by_dir.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-by_dir.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-by_dir.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-by_dir.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-by_dir.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-by_dir.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-by_dir.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-by_dir.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-by_dir.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-by_dir.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-by_dir.o: ../../include/openssl/x509_vfy.h ../cryptlib.h by_dir.c
-by_file.o: ../../e_os.h ../../include/openssl/asn1.h
-by_file.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-by_file.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-by_file.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-by_file.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-by_file.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-by_file.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-by_file.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-by_file.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
-by_file.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
-by_file.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-by_file.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-by_file.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-by_file.o: ../cryptlib.h by_file.c
-x509_att.o: ../../e_os.h ../../include/openssl/asn1.h
-x509_att.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-x509_att.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-x509_att.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-x509_att.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-x509_att.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x509_att.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-x509_att.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-x509_att.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-x509_att.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-x509_att.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x509_att.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-x509_att.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-x509_att.o: ../cryptlib.h x509_att.c
-x509_cmp.o: ../../e_os.h ../../include/openssl/asn1.h
-x509_cmp.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-x509_cmp.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-x509_cmp.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-x509_cmp.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-x509_cmp.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x509_cmp.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-x509_cmp.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-x509_cmp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-x509_cmp.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-x509_cmp.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x509_cmp.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-x509_cmp.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-x509_cmp.o: ../cryptlib.h x509_cmp.c
-x509_d2.o: ../../e_os.h ../../include/openssl/asn1.h
-x509_d2.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-x509_d2.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-x509_d2.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-x509_d2.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-x509_d2.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-x509_d2.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x509_d2.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-x509_d2.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-x509_d2.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-x509_d2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-x509_d2.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-x509_d2.o: ../cryptlib.h x509_d2.c
-x509_def.o: ../../e_os.h ../../include/openssl/asn1.h
-x509_def.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-x509_def.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-x509_def.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-x509_def.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-x509_def.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-x509_def.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x509_def.o: ../../include/openssl/opensslconf.h
-x509_def.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-x509_def.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-x509_def.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x509_def.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-x509_def.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509_def.c
-x509_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-x509_err.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-x509_err.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-x509_err.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-x509_err.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x509_err.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-x509_err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-x509_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-x509_err.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-x509_err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x509_err.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-x509_err.o: ../../include/openssl/x509_vfy.h x509_err.c
-x509_ext.o: ../../e_os.h ../../include/openssl/asn1.h
-x509_ext.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-x509_ext.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-x509_ext.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-x509_ext.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-x509_ext.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x509_ext.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-x509_ext.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-x509_ext.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-x509_ext.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-x509_ext.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x509_ext.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-x509_ext.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-x509_ext.o: ../cryptlib.h x509_ext.c
-x509_lu.o: ../../e_os.h ../../include/openssl/asn1.h
-x509_lu.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-x509_lu.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-x509_lu.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-x509_lu.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-x509_lu.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x509_lu.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-x509_lu.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-x509_lu.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-x509_lu.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-x509_lu.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x509_lu.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-x509_lu.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-x509_lu.o: ../cryptlib.h x509_lu.c
-x509_obj.o: ../../e_os.h ../../include/openssl/asn1.h
-x509_obj.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-x509_obj.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-x509_obj.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-x509_obj.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-x509_obj.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-x509_obj.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x509_obj.o: ../../include/openssl/opensslconf.h
-x509_obj.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-x509_obj.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-x509_obj.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x509_obj.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-x509_obj.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509_obj.c
-x509_r2x.o: ../../e_os.h ../../include/openssl/asn1.h
-x509_r2x.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-x509_r2x.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-x509_r2x.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-x509_r2x.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-x509_r2x.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x509_r2x.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-x509_r2x.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-x509_r2x.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-x509_r2x.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-x509_r2x.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x509_r2x.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-x509_r2x.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509_r2x.c
-x509_req.o: ../../e_os.h ../../include/openssl/asn1.h
-x509_req.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-x509_req.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-x509_req.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-x509_req.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-x509_req.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x509_req.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-x509_req.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-x509_req.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-x509_req.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
-x509_req.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-x509_req.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x509_req.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-x509_req.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509_req.c
-x509_set.o: ../../e_os.h ../../include/openssl/asn1.h
-x509_set.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-x509_set.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-x509_set.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-x509_set.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-x509_set.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-x509_set.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x509_set.o: ../../include/openssl/opensslconf.h
-x509_set.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-x509_set.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-x509_set.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x509_set.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-x509_set.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509_set.c
-x509_trs.o: ../../e_os.h ../../include/openssl/asn1.h
-x509_trs.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-x509_trs.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-x509_trs.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-x509_trs.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-x509_trs.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x509_trs.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-x509_trs.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-x509_trs.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-x509_trs.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-x509_trs.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x509_trs.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-x509_trs.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-x509_trs.o: ../cryptlib.h x509_trs.c
-x509_txt.o: ../../e_os.h ../../include/openssl/asn1.h
-x509_txt.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-x509_txt.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-x509_txt.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-x509_txt.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-x509_txt.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-x509_txt.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x509_txt.o: ../../include/openssl/opensslconf.h
-x509_txt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-x509_txt.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-x509_txt.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x509_txt.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-x509_txt.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509_txt.c
-x509_v3.o: ../../e_os.h ../../include/openssl/asn1.h
-x509_v3.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-x509_v3.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-x509_v3.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-x509_v3.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-x509_v3.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x509_v3.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-x509_v3.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-x509_v3.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-x509_v3.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-x509_v3.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x509_v3.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-x509_v3.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-x509_v3.o: ../cryptlib.h x509_v3.c
-x509_vfy.o: ../../e_os.h ../../include/openssl/asn1.h
-x509_vfy.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-x509_vfy.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-x509_vfy.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-x509_vfy.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-x509_vfy.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x509_vfy.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-x509_vfy.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-x509_vfy.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-x509_vfy.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-x509_vfy.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x509_vfy.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-x509_vfy.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-x509_vfy.o: ../cryptlib.h x509_vfy.c
-x509_vpm.o: ../../e_os.h ../../include/openssl/asn1.h
-x509_vpm.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-x509_vpm.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-x509_vpm.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-x509_vpm.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-x509_vpm.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x509_vpm.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-x509_vpm.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-x509_vpm.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-x509_vpm.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-x509_vpm.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x509_vpm.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-x509_vpm.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-x509_vpm.o: ../cryptlib.h x509_vpm.c
-x509cset.o: ../../e_os.h ../../include/openssl/asn1.h
-x509cset.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-x509cset.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-x509cset.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-x509cset.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-x509cset.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-x509cset.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x509cset.o: ../../include/openssl/opensslconf.h
-x509cset.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-x509cset.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-x509cset.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x509cset.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-x509cset.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509cset.c
-x509name.o: ../../e_os.h ../../include/openssl/asn1.h
-x509name.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-x509name.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-x509name.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-x509name.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-x509name.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-x509name.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x509name.o: ../../include/openssl/opensslconf.h
-x509name.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-x509name.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-x509name.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x509name.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-x509name.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509name.c
-x509rset.o: ../../e_os.h ../../include/openssl/asn1.h
-x509rset.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-x509rset.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-x509rset.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-x509rset.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-x509rset.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-x509rset.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x509rset.o: ../../include/openssl/opensslconf.h
-x509rset.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-x509rset.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-x509rset.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x509rset.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-x509rset.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509rset.c
-x509spki.o: ../../e_os.h ../../include/openssl/asn1.h
-x509spki.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-x509spki.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-x509spki.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-x509spki.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-x509spki.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-x509spki.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x509spki.o: ../../include/openssl/opensslconf.h
-x509spki.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-x509spki.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-x509spki.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x509spki.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-x509spki.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509spki.c
-x509type.o: ../../e_os.h ../../include/openssl/asn1.h
-x509type.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-x509type.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-x509type.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-x509type.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-x509type.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-x509type.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x509type.o: ../../include/openssl/opensslconf.h
-x509type.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-x509type.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-x509type.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x509type.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-x509type.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509type.c
-x_all.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-x_all.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-x_all.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-x_all.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-x_all.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-x_all.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-x_all.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x_all.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-x_all.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-x_all.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-x_all.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x_all.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-x_all.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_all.c
diff --git a/crypto/x509/by_dir.c b/crypto/x509/by_dir.c
index 6207340472..170cd89608 100644
--- a/crypto/x509/by_dir.c
+++ b/crypto/x509/by_dir.c
@@ -65,24 +65,36 @@
 #ifndef NO_SYS_TYPES_H
 # include <sys/types.h>
 #endif
-#ifdef MAC_OS_pre_X
-# include <stat.h>
-#else
+#ifndef OPENSSL_NO_POSIX_IO
 # include <sys/stat.h>
 #endif
 
 #include <openssl/lhash.h>
 #include <openssl/x509.h>
 
+
+typedef struct lookup_dir_hashes_st
+	{
+	unsigned long hash;
+	int suffix;
+	} BY_DIR_HASH;
+
+typedef struct lookup_dir_entry_st
+	{
+	char *dir;
+	int dir_type;
+	STACK_OF(BY_DIR_HASH) *hashes;
+	} BY_DIR_ENTRY;
+
 typedef struct lookup_dir_st
 	{
 	BUF_MEM *buffer;
-	int num_dirs;
-	char **dirs;
-	int *dirs_type;
-	int num_dirs_alloced;
+	STACK_OF(BY_DIR_ENTRY) *dirs;
 	} BY_DIR;
 
+DECLARE_STACK_OF(BY_DIR_HASH)
+DECLARE_STACK_OF(BY_DIR_ENTRY)
+
 static int dir_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl,
 	char **ret);
 static int new_dir(X509_LOOKUP *lu);
@@ -114,7 +126,7 @@ static int dir_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl,
 	{
 	int ret=0;
 	BY_DIR *ld;
-	char *dir;
+	char *dir = NULL;
 
 	ld=(BY_DIR *)ctx->method_data;
 
@@ -123,17 +135,16 @@ static int dir_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl,
 	case X509_L_ADD_DIR:
 		if (argl == X509_FILETYPE_DEFAULT)
 			{
-			ret=add_cert_dir(ld,X509_get_default_cert_dir(),
-				X509_FILETYPE_PEM);
+			dir=(char *)getenv(X509_get_default_cert_dir_env());
+			if (dir)
+				ret=add_cert_dir(ld,dir,X509_FILETYPE_PEM);
+			else
+				ret=add_cert_dir(ld,X509_get_default_cert_dir(),
+					X509_FILETYPE_PEM);
 			if (!ret)
 				{
 				X509err(X509_F_DIR_CTRL,X509_R_LOADING_CERT_DIR);
 				}
-			else
-				{
-				dir=(char *)Getenv(X509_get_default_cert_dir_env());
-				ret=add_cert_dir(ld,dir,X509_FILETYPE_PEM);
-				}
 			}
 		else
 			ret=add_cert_dir(ld,argp,(int)argl);
@@ -153,34 +164,51 @@ static int new_dir(X509_LOOKUP *lu)
 		OPENSSL_free(a);
 		return(0);
 		}
-	a->num_dirs=0;
 	a->dirs=NULL;
-	a->dirs_type=NULL;
-	a->num_dirs_alloced=0;
 	lu->method_data=(char *)a;
 	return(1);
 	}
 
+static void by_dir_hash_free(BY_DIR_HASH *hash)
+	{
+	OPENSSL_free(hash);
+	}
+
+static int by_dir_hash_cmp(const BY_DIR_HASH * const *a,
+			const BY_DIR_HASH * const *b)
+	{
+	if ((*a)->hash > (*b)->hash)
+		return 1;
+	if ((*a)->hash < (*b)->hash)
+		return -1;
+	return 0;
+	}
+
+static void by_dir_entry_free(BY_DIR_ENTRY *ent)
+	{
+	if (ent->dir)
+		OPENSSL_free(ent->dir);
+	if (ent->hashes)
+		sk_BY_DIR_HASH_pop_free(ent->hashes, by_dir_hash_free);
+	OPENSSL_free(ent);
+	}
+
 static void free_dir(X509_LOOKUP *lu)
 	{
 	BY_DIR *a;
-	int i;
 
 	a=(BY_DIR *)lu->method_data;
-	for (i=0; i<a->num_dirs; i++)
-		if (a->dirs[i] != NULL) OPENSSL_free(a->dirs[i]);
-	if (a->dirs != NULL) OPENSSL_free(a->dirs);
-	if (a->dirs_type != NULL) OPENSSL_free(a->dirs_type);
-	if (a->buffer != NULL) BUF_MEM_free(a->buffer);
+	if (a->dirs != NULL)
+		sk_BY_DIR_ENTRY_pop_free(a->dirs, by_dir_entry_free);
+	if (a->buffer != NULL)
+		BUF_MEM_free(a->buffer);
 	OPENSSL_free(a);
 	}
 
 static int add_cert_dir(BY_DIR *ctx, const char *dir, int type)
 	{
 	int j,len;
-	int *ip;
 	const char *s,*ss,*p;
-	char **pp;
 
 	if (dir == NULL || !*dir)
 	    {
@@ -190,51 +218,56 @@ static int add_cert_dir(BY_DIR *ctx, const char *dir, int type)
 
 	s=dir;
 	p=s;
-	for (;;)
+	for (;;p++)
 		{
 		if ((*p == LIST_SEPARATOR_CHAR) || (*p == '\0'))
 			{
+			BY_DIR_ENTRY *ent;
 			ss=s;
 			s=p+1;
 			len=(int)(p-ss);
 			if (len == 0) continue;
-			for (j=0; j<ctx->num_dirs; j++)
-				if (strncmp(ctx->dirs[j],ss,(unsigned int)len) == 0)
-					continue;
-			if (ctx->num_dirs_alloced < (ctx->num_dirs+1))
+			for (j=0; j < sk_BY_DIR_ENTRY_num(ctx->dirs); j++)
 				{
-				ctx->num_dirs_alloced+=10;
-				pp=(char **)OPENSSL_malloc(ctx->num_dirs_alloced*
-					sizeof(char *));
-				ip=(int *)OPENSSL_malloc(ctx->num_dirs_alloced*
-					sizeof(int));
-				if ((pp == NULL) || (ip == NULL))
+				ent = sk_BY_DIR_ENTRY_value(ctx->dirs, j);
+				if (strlen(ent->dir) == (size_t)len &&
+				    strncmp(ent->dir,ss,(unsigned int)len) == 0)
+					break;
+				}
+			if (j < sk_BY_DIR_ENTRY_num(ctx->dirs))
+				continue;
+			if (ctx->dirs == NULL)
+				{
+				ctx->dirs = sk_BY_DIR_ENTRY_new_null();
+				if (!ctx->dirs)
 					{
 					X509err(X509_F_ADD_CERT_DIR,ERR_R_MALLOC_FAILURE);
-					return(0);
+					return 0;
 					}
-				memcpy(pp,ctx->dirs,(ctx->num_dirs_alloced-10)*
-					sizeof(char *));
-				memcpy(ip,ctx->dirs_type,(ctx->num_dirs_alloced-10)*
-					sizeof(int));
-				if (ctx->dirs != NULL)
-					OPENSSL_free(ctx->dirs);
-				if (ctx->dirs_type != NULL)
-					OPENSSL_free(ctx->dirs_type);
-				ctx->dirs=pp;
-				ctx->dirs_type=ip;
 				}
-			ctx->dirs_type[ctx->num_dirs]=type;
-			ctx->dirs[ctx->num_dirs]=(char *)OPENSSL_malloc((unsigned int)len+1);
-			if (ctx->dirs[ctx->num_dirs] == NULL) return(0);
-			strncpy(ctx->dirs[ctx->num_dirs],ss,(unsigned int)len);
-			ctx->dirs[ctx->num_dirs][len]='\0';
-			ctx->num_dirs++;
+			ent = OPENSSL_malloc(sizeof(BY_DIR_ENTRY));
+			if (!ent)
+				return 0;
+			ent->dir_type = type;
+			ent->hashes = sk_BY_DIR_HASH_new(by_dir_hash_cmp);
+			ent->dir = OPENSSL_malloc((unsigned int)len+1);
+			if (!ent->dir || !ent->hashes)
+				{
+				by_dir_entry_free(ent);
+				return 0;
+				}
+			strncpy(ent->dir,ss,(unsigned int)len);
+			ent->dir[len] = '\0';
+			if (!sk_BY_DIR_ENTRY_push(ctx->dirs, ent))
+				{
+				by_dir_entry_free(ent);
+				return 0;
+				}
 			}
-		if (*p == '\0') break;
-		p++;
+		if (*p == '\0')
+			break;
 		}
-	return(1);
+	return 1;
 	}
 
 static int get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name,
@@ -255,7 +288,6 @@ static int get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name,
 	int i,j,k;
 	unsigned long h;
 	BUF_MEM *b=NULL;
-	struct stat st;
 	X509_OBJECT stmp,*tmp;
 	const char *postfix="";
 
@@ -291,20 +323,45 @@ static int get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name,
 	ctx=(BY_DIR *)xl->method_data;
 
 	h=X509_NAME_hash(name);
-	for (i=0; i<ctx->num_dirs; i++)
+	for (i=0; i < sk_BY_DIR_ENTRY_num(ctx->dirs); i++)
 		{
-		j=strlen(ctx->dirs[i])+1+8+6+1+1;
+		BY_DIR_ENTRY *ent;
+		int idx;
+		BY_DIR_HASH htmp, *hent;
+		ent = sk_BY_DIR_ENTRY_value(ctx->dirs, i);
+		j=strlen(ent->dir)+1+8+6+1+1;
 		if (!BUF_MEM_grow(b,j))
 			{
 			X509err(X509_F_GET_CERT_BY_SUBJECT,ERR_R_MALLOC_FAILURE);
 			goto finish;
 			}
-		k=0;
+		if (type == X509_LU_CRL && ent->hashes)
+			{
+			htmp.hash = h;
+			CRYPTO_r_lock(CRYPTO_LOCK_X509_STORE);
+			idx = sk_BY_DIR_HASH_find(ent->hashes, &htmp);
+			if (idx >= 0)
+				{
+				hent = sk_BY_DIR_HASH_value(ent->hashes, idx);
+				k = hent->suffix;
+				}
+			else
+				{
+				hent = NULL;
+				k=0;
+				}
+			CRYPTO_r_unlock(CRYPTO_LOCK_X509_STORE);
+			}
+		else
+			{
+			k = 0;
+			hent = NULL;
+			}
 		for (;;)
 			{
 			char c = '/';
 #ifdef OPENSSL_SYS_VMS
-			c = ctx->dirs[i][strlen(ctx->dirs[i])-1];
+			c = ent->dir[strlen(ent->dir)-1];
 			if (c != ':' && c != '>' && c != ']')
 				{
 				/* If no separator is present, we assume the
@@ -325,32 +382,40 @@ static int get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name,
 				/* This is special.  When c == '\0', no
 				   directory separator should be added. */
 				BIO_snprintf(b->data,b->max,
-					"%s%08lx.%s%d",ctx->dirs[i],h,
+					"%s%08lx.%s%d",ent->dir,h,
 					postfix,k);
 				}
 			else
 				{
 				BIO_snprintf(b->data,b->max,
-					"%s%c%08lx.%s%d",ctx->dirs[i],c,h,
+					"%s%c%08lx.%s%d",ent->dir,c,h,
 					postfix,k);
 				}
-			k++;
+#ifndef OPENSSL_NO_POSIX_IO
+#ifdef _WIN32
+#define stat _stat
+#endif
+			{
+			struct stat st;
 			if (stat(b->data,&st) < 0)
 				break;
+			}
+#endif
 			/* found one. */
 			if (type == X509_LU_X509)
 				{
 				if ((X509_load_cert_file(xl,b->data,
-					ctx->dirs_type[i])) == 0)
+					ent->dir_type)) == 0)
 					break;
 				}
 			else if (type == X509_LU_CRL)
 				{
 				if ((X509_load_crl_file(xl,b->data,
-					ctx->dirs_type[i])) == 0)
+					ent->dir_type)) == 0)
 					break;
 				}
 			/* else case will caught higher up */
+			k++;
 			}
 
 		/* we have added it to the cache so now pull
@@ -361,6 +426,43 @@ static int get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name,
 		else tmp = NULL;
 		CRYPTO_r_unlock(CRYPTO_LOCK_X509_STORE);
 
+
+		/* If a CRL, update the last file suffix added for this */
+
+		if (type == X509_LU_CRL)
+			{
+			CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE);
+			/* Look for entry again in case another thread added
+			 * an entry first.
+			 */
+			if (!hent)
+				{
+				htmp.hash = h;
+				idx = sk_BY_DIR_HASH_find(ent->hashes, &htmp);
+				if (idx >= 0)
+					hent =
+					 sk_BY_DIR_HASH_value(ent->hashes, idx);
+				}
+			if (!hent)
+				{
+				hent = OPENSSL_malloc(sizeof(BY_DIR_HASH));
+				hent->hash = h;
+				hent->suffix = k;
+				if (!sk_BY_DIR_HASH_push(ent->hashes, hent))
+					{
+					CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
+					OPENSSL_free(hent);
+					ok = 0;
+					goto finish;
+					}
+				}
+			else if (hent->suffix < k)
+				hent->suffix = k;
+
+			CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
+
+			}
+
 		if (tmp != NULL)
 			{
 			ok=1;
diff --git a/crypto/x509/by_file.c b/crypto/x509/by_file.c
index a5e0d4aefa..57b08ee094 100644
--- a/crypto/x509/by_file.c
+++ b/crypto/x509/by_file.c
@@ -100,7 +100,7 @@ static int by_file_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl,
 	case X509_L_FILE_LOAD:
 		if (argl == X509_FILETYPE_DEFAULT)
 			{
-			file = (char *)Getenv(X509_get_default_cert_file_env());
+			file = (char *)getenv(X509_get_default_cert_file_env());
 			if (file)
 				ok = (X509_load_cert_crl_file(ctx,file,
 					      X509_FILETYPE_PEM) != 0);
diff --git a/crypto/x509/x509.h b/crypto/x509/x509.h
index 46673fddd1..eb1b7c6b2d 100644
--- a/crypto/x509/x509.h
+++ b/crypto/x509/x509.h
@@ -116,6 +116,7 @@ extern "C" {
 /* Under Win32 these are defined in wincrypt.h */
 #undef X509_NAME
 #undef X509_CERT_PAIR
+#undef X509_EXTENSIONS
 #endif
 
 #define X509_FILETYPE_PEM	1
@@ -136,8 +137,8 @@ extern "C" {
 typedef struct X509_objects_st
 	{
 	int nid;
-	int (*a2i)();
-	int (*i2a)();
+	int (*a2i)(void);
+	int (*i2a)(void);
 	} X509_OBJECTS;
 
 struct X509_algor_st
@@ -146,21 +147,22 @@ struct X509_algor_st
 	ASN1_TYPE *parameter;
 	} /* X509_ALGOR */;
 
-DECLARE_STACK_OF(X509_ALGOR)
 DECLARE_ASN1_SET_OF(X509_ALGOR)
 
+typedef STACK_OF(X509_ALGOR) X509_ALGORS;
+
 typedef struct X509_val_st
 	{
 	ASN1_TIME *notBefore;
 	ASN1_TIME *notAfter;
 	} X509_VAL;
 
-typedef struct X509_pubkey_st
+struct X509_pubkey_st
 	{
 	X509_ALGOR *algor;
 	ASN1_BIT_STRING *public_key;
 	EVP_PKEY *pkey;
-	} X509_PUBKEY;
+	};
 
 typedef struct X509_sig_st
 	{
@@ -189,7 +191,9 @@ struct X509_name_st
 #else
 	char *bytes;
 #endif
-	unsigned long hash; /* Keep the hash around for lookups */
+/*	unsigned long hash; Keep the hash around for lookups */
+	unsigned char *canon_enc;
+	int canon_enclen;
 	} /* X509_NAME */;
 
 DECLARE_STACK_OF(X509_NAME)
@@ -203,6 +207,8 @@ typedef struct X509_extension_st
 	ASN1_OCTET_STRING *value;
 	} X509_EXTENSION;
 
+typedef STACK_OF(X509_EXTENSION) X509_EXTENSIONS;
+
 DECLARE_STACK_OF(X509_EXTENSION)
 DECLARE_ASN1_SET_OF(X509_EXTENSION)
 
@@ -286,8 +292,15 @@ struct x509_st
 	unsigned long ex_xkusage;
 	unsigned long ex_nscert;
 	ASN1_OCTET_STRING *skid;
-	struct AUTHORITY_KEYID_st *akid;
+	AUTHORITY_KEYID *akid;
 	X509_POLICY_CACHE *policy_cache;
+	STACK_OF(DIST_POINT) *crldp;
+	STACK_OF(GENERAL_NAME) *altname;
+	NAME_CONSTRAINTS *nc;
+#ifndef OPENSSL_NO_RFC3779
+	STACK_OF(IPAddressFamily) *rfc3779_addr;
+	struct ASIdentifiers_st *rfc3779_asid;
+#endif
 #ifndef OPENSSL_NO_SHA
 	unsigned char sha1_hash[SHA_DIGEST_LENGTH];
 #endif
@@ -326,10 +339,11 @@ typedef struct x509_cert_pair_st {
 #define X509_TRUST_OBJECT_SIGN	5
 #define X509_TRUST_OCSP_SIGN	6
 #define X509_TRUST_OCSP_REQUEST	7
+#define X509_TRUST_TSA		8
 
 /* Keep these up to date! */
 #define X509_TRUST_MIN		1
-#define X509_TRUST_MAX		7
+#define X509_TRUST_MAX		8
 
 
 /* trust_flags values */
@@ -416,13 +430,17 @@ typedef struct x509_cert_pair_st {
 			XN_FLAG_FN_LN | \
 			XN_FLAG_FN_ALIGN)
 
-typedef struct X509_revoked_st
+struct x509_revoked_st
 	{
 	ASN1_INTEGER *serialNumber;
 	ASN1_TIME *revocationDate;
 	STACK_OF(X509_EXTENSION) /* optional */ *extensions;
+	/* Set up if indirect CRL */
+	STACK_OF(GENERAL_NAME) *issuer;
+	/* Revocation reason */
+	int reason;
 	int sequence; /* load sequence */
-	} X509_REVOKED;
+	};
 
 DECLARE_STACK_OF(X509_REVOKED)
 DECLARE_ASN1_SET_OF(X509_REVOKED)
@@ -446,6 +464,22 @@ struct X509_crl_st
 	X509_ALGOR *sig_alg;
 	ASN1_BIT_STRING *signature;
 	int references;
+	int flags;
+	/* Copies of various extensions */
+	AUTHORITY_KEYID *akid;
+	ISSUING_DIST_POINT *idp;
+	/* Convenient breakdown of IDP */
+	int idp_flags;
+	int idp_reasons;
+	/* CRL and base CRL numbers for delta processing */
+	ASN1_INTEGER *crl_number;
+	ASN1_INTEGER *base_crl_number;
+#ifndef OPENSSL_NO_SHA
+	unsigned char sha1_hash[SHA_DIGEST_LENGTH];
+#endif
+	STACK_OF(GENERAL_NAMES) *issuers;
+	const X509_CRL_METHOD *meth;
+	void *meth_data;
 	} /* X509_CRL */;
 
 DECLARE_STACK_OF(X509_CRL)
@@ -544,18 +578,19 @@ X509_ALGOR *prf;
 
 /* PKCS#8 private key info structure */
 
-typedef struct pkcs8_priv_key_info_st
+struct pkcs8_priv_key_info_st
         {
         int broken;     /* Flag for various broken formats */
 #define PKCS8_OK		0
 #define PKCS8_NO_OCTET		1
 #define PKCS8_EMBEDDED_PARAM	2
 #define PKCS8_NS_DB		3
+#define PKCS8_NEG_PRIVKEY	4
         ASN1_INTEGER *version;
         X509_ALGOR *pkeyalg;
         ASN1_TYPE *pkey; /* Should be OCTET STRING but some are broken */
         STACK_OF(X509_ATTRIBUTE) *attributes;
-        } PKCS8_PRIV_KEY_INFO;
+        };
 
 #ifdef  __cplusplus
 }
@@ -568,151 +603,6 @@ typedef struct pkcs8_priv_key_info_st
 extern "C" {
 #endif
 
-#ifdef SSLEAY_MACROS
-#define X509_verify(a,r) ASN1_verify((int (*)())i2d_X509_CINF,a->sig_alg,\
-	a->signature,(char *)a->cert_info,r)
-#define X509_REQ_verify(a,r) ASN1_verify((int (*)())i2d_X509_REQ_INFO, \
-	a->sig_alg,a->signature,(char *)a->req_info,r)
-#define X509_CRL_verify(a,r) ASN1_verify((int (*)())i2d_X509_CRL_INFO, \
-	a->sig_alg, a->signature,(char *)a->crl,r)
-
-#define X509_sign(x,pkey,md) \
-	ASN1_sign((int (*)())i2d_X509_CINF, x->cert_info->signature, \
-		x->sig_alg, x->signature, (char *)x->cert_info,pkey,md)
-#define X509_REQ_sign(x,pkey,md) \
-	ASN1_sign((int (*)())i2d_X509_REQ_INFO,x->sig_alg, NULL, \
-		x->signature, (char *)x->req_info,pkey,md)
-#define X509_CRL_sign(x,pkey,md) \
-	ASN1_sign((int (*)())i2d_X509_CRL_INFO,x->crl->sig_alg,x->sig_alg, \
-		x->signature, (char *)x->crl,pkey,md)
-#define NETSCAPE_SPKI_sign(x,pkey,md) \
-	ASN1_sign((int (*)())i2d_NETSCAPE_SPKAC, x->sig_algor,NULL, \
-		x->signature, (char *)x->spkac,pkey,md)
-
-#define X509_dup(x509) (X509 *)ASN1_dup((int (*)())i2d_X509, \
-		(char *(*)())d2i_X509,(char *)x509)
-#define X509_ATTRIBUTE_dup(xa) (X509_ATTRIBUTE *)ASN1_dup(\
-		(int (*)())i2d_X509_ATTRIBUTE, \
-		(char *(*)())d2i_X509_ATTRIBUTE,(char *)xa)
-#define X509_EXTENSION_dup(ex) (X509_EXTENSION *)ASN1_dup( \
-		(int (*)())i2d_X509_EXTENSION, \
-		(char *(*)())d2i_X509_EXTENSION,(char *)ex)
-#define d2i_X509_fp(fp,x509) (X509 *)ASN1_d2i_fp((char *(*)())X509_new, \
-		(char *(*)())d2i_X509, (fp),(unsigned char **)(x509))
-#define i2d_X509_fp(fp,x509) ASN1_i2d_fp(i2d_X509,fp,(unsigned char *)x509)
-#define d2i_X509_bio(bp,x509) (X509 *)ASN1_d2i_bio((char *(*)())X509_new, \
-		(char *(*)())d2i_X509, (bp),(unsigned char **)(x509))
-#define i2d_X509_bio(bp,x509) ASN1_i2d_bio(i2d_X509,bp,(unsigned char *)x509)
-
-#define X509_CRL_dup(crl) (X509_CRL *)ASN1_dup((int (*)())i2d_X509_CRL, \
-		(char *(*)())d2i_X509_CRL,(char *)crl)
-#define d2i_X509_CRL_fp(fp,crl) (X509_CRL *)ASN1_d2i_fp((char *(*)()) \
-		X509_CRL_new,(char *(*)())d2i_X509_CRL, (fp),\
-		(unsigned char **)(crl))
-#define i2d_X509_CRL_fp(fp,crl) ASN1_i2d_fp(i2d_X509_CRL,fp,\
-		(unsigned char *)crl)
-#define d2i_X509_CRL_bio(bp,crl) (X509_CRL *)ASN1_d2i_bio((char *(*)()) \
-		X509_CRL_new,(char *(*)())d2i_X509_CRL, (bp),\
-		(unsigned char **)(crl))
-#define i2d_X509_CRL_bio(bp,crl) ASN1_i2d_bio(i2d_X509_CRL,bp,\
-		(unsigned char *)crl)
-
-#define PKCS7_dup(p7) (PKCS7 *)ASN1_dup((int (*)())i2d_PKCS7, \
-		(char *(*)())d2i_PKCS7,(char *)p7)
-#define d2i_PKCS7_fp(fp,p7) (PKCS7 *)ASN1_d2i_fp((char *(*)()) \
-		PKCS7_new,(char *(*)())d2i_PKCS7, (fp),\
-		(unsigned char **)(p7))
-#define i2d_PKCS7_fp(fp,p7) ASN1_i2d_fp(i2d_PKCS7,fp,\
-		(unsigned char *)p7)
-#define d2i_PKCS7_bio(bp,p7) (PKCS7 *)ASN1_d2i_bio((char *(*)()) \
-		PKCS7_new,(char *(*)())d2i_PKCS7, (bp),\
-		(unsigned char **)(p7))
-#define i2d_PKCS7_bio(bp,p7) ASN1_i2d_bio(i2d_PKCS7,bp,\
-		(unsigned char *)p7)
-
-#define X509_REQ_dup(req) (X509_REQ *)ASN1_dup((int (*)())i2d_X509_REQ, \
-		(char *(*)())d2i_X509_REQ,(char *)req)
-#define d2i_X509_REQ_fp(fp,req) (X509_REQ *)ASN1_d2i_fp((char *(*)())\
-		X509_REQ_new, (char *(*)())d2i_X509_REQ, (fp),\
-		(unsigned char **)(req))
-#define i2d_X509_REQ_fp(fp,req) ASN1_i2d_fp(i2d_X509_REQ,fp,\
-		(unsigned char *)req)
-#define d2i_X509_REQ_bio(bp,req) (X509_REQ *)ASN1_d2i_bio((char *(*)())\
-		X509_REQ_new, (char *(*)())d2i_X509_REQ, (bp),\
-		(unsigned char **)(req))
-#define i2d_X509_REQ_bio(bp,req) ASN1_i2d_bio(i2d_X509_REQ,bp,\
-		(unsigned char *)req)
-
-#define RSAPublicKey_dup(rsa) (RSA *)ASN1_dup((int (*)())i2d_RSAPublicKey, \
-		(char *(*)())d2i_RSAPublicKey,(char *)rsa)
-#define RSAPrivateKey_dup(rsa) (RSA *)ASN1_dup((int (*)())i2d_RSAPrivateKey, \
-		(char *(*)())d2i_RSAPrivateKey,(char *)rsa)
-
-#define d2i_RSAPrivateKey_fp(fp,rsa) (RSA *)ASN1_d2i_fp((char *(*)())\
-		RSA_new,(char *(*)())d2i_RSAPrivateKey, (fp), \
-		(unsigned char **)(rsa))
-#define i2d_RSAPrivateKey_fp(fp,rsa) ASN1_i2d_fp(i2d_RSAPrivateKey,fp, \
-		(unsigned char *)rsa)
-#define d2i_RSAPrivateKey_bio(bp,rsa) (RSA *)ASN1_d2i_bio((char *(*)())\
-		RSA_new,(char *(*)())d2i_RSAPrivateKey, (bp), \
-		(unsigned char **)(rsa))
-#define i2d_RSAPrivateKey_bio(bp,rsa) ASN1_i2d_bio(i2d_RSAPrivateKey,bp, \
-		(unsigned char *)rsa)
-
-#define d2i_RSAPublicKey_fp(fp,rsa) (RSA *)ASN1_d2i_fp((char *(*)())\
-		RSA_new,(char *(*)())d2i_RSAPublicKey, (fp), \
-		(unsigned char **)(rsa))
-#define i2d_RSAPublicKey_fp(fp,rsa) ASN1_i2d_fp(i2d_RSAPublicKey,fp, \
-		(unsigned char *)rsa)
-#define d2i_RSAPublicKey_bio(bp,rsa) (RSA *)ASN1_d2i_bio((char *(*)())\
-		RSA_new,(char *(*)())d2i_RSAPublicKey, (bp), \
-		(unsigned char **)(rsa))
-#define i2d_RSAPublicKey_bio(bp,rsa) ASN1_i2d_bio(i2d_RSAPublicKey,bp, \
-		(unsigned char *)rsa)
-
-#define d2i_DSAPrivateKey_fp(fp,dsa) (DSA *)ASN1_d2i_fp((char *(*)())\
-		DSA_new,(char *(*)())d2i_DSAPrivateKey, (fp), \
-		(unsigned char **)(dsa))
-#define i2d_DSAPrivateKey_fp(fp,dsa) ASN1_i2d_fp(i2d_DSAPrivateKey,fp, \
-		(unsigned char *)dsa)
-#define d2i_DSAPrivateKey_bio(bp,dsa) (DSA *)ASN1_d2i_bio((char *(*)())\
-		DSA_new,(char *(*)())d2i_DSAPrivateKey, (bp), \
-		(unsigned char **)(dsa))
-#define i2d_DSAPrivateKey_bio(bp,dsa) ASN1_i2d_bio(i2d_DSAPrivateKey,bp, \
-		(unsigned char *)dsa)
-
-#define d2i_ECPrivateKey_fp(fp,ecdsa) (EC_KEY *)ASN1_d2i_fp((char *(*)())\
-		EC_KEY_new,(char *(*)())d2i_ECPrivateKey, (fp), \
-		(unsigned char **)(ecdsa))
-#define i2d_ECPrivateKey_fp(fp,ecdsa) ASN1_i2d_fp(i2d_ECPrivateKey,fp, \
-		(unsigned char *)ecdsa)
-#define d2i_ECPrivateKey_bio(bp,ecdsa) (EC_KEY *)ASN1_d2i_bio((char *(*)())\
-		EC_KEY_new,(char *(*)())d2i_ECPrivateKey, (bp), \
-		(unsigned char **)(ecdsa))
-#define i2d_ECPrivateKey_bio(bp,ecdsa) ASN1_i2d_bio(i2d_ECPrivateKey,bp, \
-		(unsigned char *)ecdsa)
-
-#define X509_ALGOR_dup(xn) (X509_ALGOR *)ASN1_dup((int (*)())i2d_X509_ALGOR,\
-		(char *(*)())d2i_X509_ALGOR,(char *)xn)
-
-#define X509_NAME_dup(xn) (X509_NAME *)ASN1_dup((int (*)())i2d_X509_NAME, \
-		(char *(*)())d2i_X509_NAME,(char *)xn)
-#define X509_NAME_ENTRY_dup(ne) (X509_NAME_ENTRY *)ASN1_dup( \
-		(int (*)())i2d_X509_NAME_ENTRY, \
-		(char *(*)())d2i_X509_NAME_ENTRY,\
-		(char *)ne)
-
-#define X509_digest(data,type,md,len) \
-	ASN1_digest((int (*)())i2d_X509,type,(char *)data,md,len)
-#define X509_NAME_digest(data,type,md,len) \
-	ASN1_digest((int (*)())i2d_X509_NAME,type,(char *)data,md,len)
-#ifndef PKCS7_ISSUER_AND_SERIAL_digest
-#define PKCS7_ISSUER_AND_SERIAL_digest(data,type,md,len) \
-	ASN1_digest((int (*)())i2d_PKCS7_ISSUER_AND_SERIAL,type,\
-		(char *)data,md,len)
-#endif
-#endif
-
 #define X509_EXT_PACK_UNKNOWN	1
 #define X509_EXT_PACK_STRING	2
 
@@ -733,6 +623,18 @@ extern "C" {
 #define		X509_CRL_get_issuer(x) ((x)->crl->issuer)
 #define		X509_CRL_get_REVOKED(x) ((x)->crl->revoked)
 
+void X509_CRL_set_default_method(const X509_CRL_METHOD *meth);
+X509_CRL_METHOD *X509_CRL_METHOD_new(
+	int (*crl_init)(X509_CRL *crl),
+	int (*crl_free)(X509_CRL *crl),
+	int (*crl_lookup)(X509_CRL *crl, X509_REVOKED **ret,
+				ASN1_INTEGER *ser, X509_NAME *issuer),
+	int (*crl_verify)(X509_CRL *crl, EVP_PKEY *pk));
+void X509_CRL_METHOD_free(X509_CRL_METHOD *m);
+
+void X509_CRL_set_meth_data(X509_CRL *crl, void *dat);
+void *X509_CRL_get_meth_data(X509_CRL *crl);
+
 /* This one is only used so that a binary form can output, as in
  * i2d_X509_NAME(X509_get_X509_PUBKEY(x),&buf) */
 #define 	X509_get_X509_PUBKEY(x) ((x)->cert_info->key)
@@ -740,7 +642,6 @@ extern "C" {
 
 const char *X509_verify_cert_error_string(long n);
 
-#ifndef SSLEAY_MACROS
 #ifndef OPENSSL_NO_EVP
 int X509_verify(X509 *a, EVP_PKEY *r);
 
@@ -858,14 +759,18 @@ X509_EXTENSION *X509_EXTENSION_dup(X509_EXTENSION *ex);
 X509_CRL *X509_CRL_dup(X509_CRL *crl);
 X509_REQ *X509_REQ_dup(X509_REQ *req);
 X509_ALGOR *X509_ALGOR_dup(X509_ALGOR *xn);
+int X509_ALGOR_set0(X509_ALGOR *alg, ASN1_OBJECT *aobj, int ptype, void *pval);
+void X509_ALGOR_get0(ASN1_OBJECT **paobj, int *pptype, void **ppval,
+						X509_ALGOR *algor);
+
 X509_NAME *X509_NAME_dup(X509_NAME *xn);
 X509_NAME_ENTRY *X509_NAME_ENTRY_dup(X509_NAME_ENTRY *ne);
 
-#endif /* !SSLEAY_MACROS */
-
-int		X509_cmp_time(ASN1_TIME *s, time_t *t);
-int		X509_cmp_current_time(ASN1_TIME *s);
+int		X509_cmp_time(const ASN1_TIME *s, time_t *t);
+int		X509_cmp_current_time(const ASN1_TIME *s);
 ASN1_TIME *	X509_time_adj(ASN1_TIME *s, long adj, time_t *t);
+ASN1_TIME *	X509_time_adj_ex(ASN1_TIME *s,
+				int offset_day, long offset_sec, time_t *t);
 ASN1_TIME *	X509_gmtime_adj(ASN1_TIME *s, long adj);
 
 const char *	X509_get_default_cert_area(void );
@@ -879,6 +784,7 @@ X509_REQ *	X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey, const EVP_MD *md);
 X509 *		X509_REQ_to_X509(X509_REQ *r, int days,EVP_PKEY *pkey);
 
 DECLARE_ASN1_FUNCTIONS(X509_ALGOR)
+DECLARE_ASN1_ENCODE_FUNCTIONS(X509_ALGORS, X509_ALGORS, X509_ALGORS)
 DECLARE_ASN1_FUNCTIONS(X509_VAL)
 
 DECLARE_ASN1_FUNCTIONS(X509_PUBKEY)
@@ -914,6 +820,7 @@ DECLARE_ASN1_FUNCTIONS(X509_ATTRIBUTE)
 X509_ATTRIBUTE *X509_ATTRIBUTE_create(int nid, int atrtype, void *value);
 
 DECLARE_ASN1_FUNCTIONS(X509_EXTENSION)
+DECLARE_ASN1_ENCODE_FUNCTIONS(X509_EXTENSIONS, X509_EXTENSIONS, X509_EXTENSIONS)
 
 DECLARE_ASN1_FUNCTIONS(X509_NAME_ENTRY)
 
@@ -951,6 +858,9 @@ DECLARE_ASN1_FUNCTIONS(X509_CRL_INFO)
 DECLARE_ASN1_FUNCTIONS(X509_CRL)
 
 int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev);
+int X509_CRL_get0_by_serial(X509_CRL *crl,
+		X509_REVOKED **ret, ASN1_INTEGER *serial);
+int X509_CRL_get0_by_cert(X509_CRL *crl, X509_REVOKED **ret, X509 *x);
 
 X509_PKEY *	X509_PKEY_new(void );
 void		X509_PKEY_free(X509_PKEY *a);
@@ -966,15 +876,15 @@ X509_INFO *	X509_INFO_new(void);
 void		X509_INFO_free(X509_INFO *a);
 char *		X509_NAME_oneline(X509_NAME *a,char *buf,int size);
 
-int ASN1_verify(int (*i2d)(), X509_ALGOR *algor1,
-	ASN1_BIT_STRING *signature,char *data,EVP_PKEY *pkey);
+int ASN1_verify(i2d_of_void *i2d, X509_ALGOR *algor1,
+		ASN1_BIT_STRING *signature,char *data,EVP_PKEY *pkey);
 
-int ASN1_digest(int (*i2d)(),const EVP_MD *type,char *data,
-	unsigned char *md,unsigned int *len);
+int ASN1_digest(i2d_of_void *i2d,const EVP_MD *type,char *data,
+		unsigned char *md,unsigned int *len);
 
-int ASN1_sign(int (*i2d)(), X509_ALGOR *algor1, X509_ALGOR *algor2,
-	ASN1_BIT_STRING *signature,
-	char *data,EVP_PKEY *pkey, const EVP_MD *type);
+int ASN1_sign(i2d_of_void *i2d, X509_ALGOR *algor1,
+	      X509_ALGOR *algor2, ASN1_BIT_STRING *signature,
+	      char *data,EVP_PKEY *pkey, const EVP_MD *type);
 
 int ASN1_item_digest(const ASN1_ITEM *it,const EVP_MD *type,void *data,
 	unsigned char *md,unsigned int *len);
@@ -994,8 +904,8 @@ int 		X509_set_issuer_name(X509 *x, X509_NAME *name);
 X509_NAME *	X509_get_issuer_name(X509 *a);
 int 		X509_set_subject_name(X509 *x, X509_NAME *name);
 X509_NAME *	X509_get_subject_name(X509 *a);
-int 		X509_set_notBefore(X509 *x, ASN1_TIME *tm);
-int 		X509_set_notAfter(X509 *x, ASN1_TIME *tm);
+int 		X509_set_notBefore(X509 *x, const ASN1_TIME *tm);
+int 		X509_set_notAfter(X509 *x, const ASN1_TIME *tm);
 int 		X509_set_pubkey(X509 *x, EVP_PKEY *pkey);
 EVP_PKEY *	X509_get_pubkey(X509 *x);
 ASN1_BIT_STRING * X509_get0_pubkey_bitstr(const X509 *x);
@@ -1032,8 +942,8 @@ int X509_REQ_add1_attr_by_txt(X509_REQ *req,
 
 int X509_CRL_set_version(X509_CRL *x, long version);
 int X509_CRL_set_issuer_name(X509_CRL *x, X509_NAME *name);
-int X509_CRL_set_lastUpdate(X509_CRL *x, ASN1_TIME *tm);
-int X509_CRL_set_nextUpdate(X509_CRL *x, ASN1_TIME *tm);
+int X509_CRL_set_lastUpdate(X509_CRL *x, const ASN1_TIME *tm);
+int X509_CRL_set_nextUpdate(X509_CRL *x, const ASN1_TIME *tm);
 int X509_CRL_sort(X509_CRL *crl);
 
 int X509_REVOKED_set_serialNumber(X509_REVOKED *x, ASN1_INTEGER *serial);
@@ -1052,11 +962,18 @@ unsigned long	X509_issuer_name_hash(X509 *a);
 int		X509_subject_name_cmp(const X509 *a, const X509 *b);
 unsigned long	X509_subject_name_hash(X509 *x);
 
+#ifndef OPENSSL_NO_MD5
+unsigned long	X509_issuer_name_hash_old(X509 *a);
+unsigned long	X509_subject_name_hash_old(X509 *x);
+#endif
+
 int		X509_cmp(const X509 *a, const X509 *b);
 int		X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b);
 unsigned long	X509_NAME_hash(X509_NAME *x);
+unsigned long	X509_NAME_hash_old(X509_NAME *x);
 
 int		X509_CRL_cmp(const X509_CRL *a, const X509_CRL *b);
+int		X509_CRL_match(const X509_CRL *a, const X509_CRL *b);
 #ifndef OPENSSL_NO_FP_API
 int		X509_print_ex_fp(FILE *bp,X509 *x, unsigned long nmflag, unsigned long cflag);
 int		X509_print_fp(FILE *bp,X509 *x);
@@ -1097,18 +1014,18 @@ int X509_NAME_add_entry_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, int type,
 int X509_NAME_add_entry_by_NID(X509_NAME *name, int nid, int type,
 			unsigned char *bytes, int len, int loc, int set);
 X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_txt(X509_NAME_ENTRY **ne,
-		char *field, int type, unsigned char *bytes, int len);
+		const char *field, int type, const unsigned char *bytes, int len);
 X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid,
 			int type,unsigned char *bytes, int len);
-int X509_NAME_add_entry_by_txt(X509_NAME *name, char *field, int type,
-			unsigned char *bytes, int len, int loc, int set);
+int X509_NAME_add_entry_by_txt(X509_NAME *name, const char *field, int type,
+			const unsigned char *bytes, int len, int loc, int set);
 X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **ne,
-			ASN1_OBJECT *obj, int type,unsigned char *bytes,
+			ASN1_OBJECT *obj, int type,const unsigned char *bytes,
 			int len);
 int 		X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne,
 			ASN1_OBJECT *obj);
 int 		X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type,
-			unsigned char *bytes, int len);
+			const unsigned char *bytes, int len);
 ASN1_OBJECT *	X509_NAME_ENTRY_get_object(X509_NAME_ENTRY *ne);
 ASN1_STRING *	X509_NAME_ENTRY_get_data(X509_NAME_ENTRY *ne);
 
@@ -1187,6 +1104,8 @@ STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_NID(STACK_OF(X509_ATTRIBUTE) **x,
 STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE) **x,
 			const char *attrname, int type,
 			const unsigned char *bytes, int len);
+void *X509at_get0_data_by_OBJ(STACK_OF(X509_ATTRIBUTE) *x,
+				ASN1_OBJECT *obj, int lastpos, int type);
 X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid,
 	     int atrtype, const void *data, int len);
 X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **attr,
@@ -1201,6 +1120,24 @@ int X509_ATTRIBUTE_count(X509_ATTRIBUTE *attr);
 ASN1_OBJECT *X509_ATTRIBUTE_get0_object(X509_ATTRIBUTE *attr);
 ASN1_TYPE *X509_ATTRIBUTE_get0_type(X509_ATTRIBUTE *attr, int idx);
 
+int EVP_PKEY_get_attr_count(const EVP_PKEY *key);
+int EVP_PKEY_get_attr_by_NID(const EVP_PKEY *key, int nid,
+			  int lastpos);
+int EVP_PKEY_get_attr_by_OBJ(const EVP_PKEY *key, ASN1_OBJECT *obj,
+			  int lastpos);
+X509_ATTRIBUTE *EVP_PKEY_get_attr(const EVP_PKEY *key, int loc);
+X509_ATTRIBUTE *EVP_PKEY_delete_attr(EVP_PKEY *key, int loc);
+int EVP_PKEY_add1_attr(EVP_PKEY *key, X509_ATTRIBUTE *attr);
+int EVP_PKEY_add1_attr_by_OBJ(EVP_PKEY *key,
+			const ASN1_OBJECT *obj, int type,
+			const unsigned char *bytes, int len);
+int EVP_PKEY_add1_attr_by_NID(EVP_PKEY *key,
+			int nid, int type,
+			const unsigned char *bytes, int len);
+int EVP_PKEY_add1_attr_by_txt(EVP_PKEY *key,
+			const char *attrname, int type,
+			const unsigned char *bytes, int len);
+
 int		X509_verify_cert(X509_STORE_CTX *ctx);
 
 /* lookup a cert from a X509 STACK */
@@ -1212,9 +1149,19 @@ DECLARE_ASN1_FUNCTIONS(PBEPARAM)
 DECLARE_ASN1_FUNCTIONS(PBE2PARAM)
 DECLARE_ASN1_FUNCTIONS(PBKDF2PARAM)
 
-X509_ALGOR *PKCS5_pbe_set(int alg, int iter, unsigned char *salt, int saltlen);
+int PKCS5_pbe_set0_algor(X509_ALGOR *algor, int alg, int iter,
+				const unsigned char *salt, int saltlen);
+
+X509_ALGOR *PKCS5_pbe_set(int alg, int iter,
+				const unsigned char *salt, int saltlen);
 X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter,
 					 unsigned char *salt, int saltlen);
+X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter,
+				 unsigned char *salt, int saltlen,
+				 unsigned char *aiv, int prf_nid);
+
+X509_ALGOR *PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen,
+				int prf_nid, int keylen);
 
 /* PKCS#8 utilities */
 
@@ -1225,6 +1172,22 @@ PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey);
 PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8_broken(EVP_PKEY *pkey, int broken);
 PKCS8_PRIV_KEY_INFO *PKCS8_set_broken(PKCS8_PRIV_KEY_INFO *p8, int broken);
 
+int PKCS8_pkey_set0(PKCS8_PRIV_KEY_INFO *priv, ASN1_OBJECT *aobj,
+			int version, int ptype, void *pval,
+				unsigned char *penc, int penclen);
+int PKCS8_pkey_get0(ASN1_OBJECT **ppkalg,
+		const unsigned char **pk, int *ppklen,
+		X509_ALGOR **pa,
+		PKCS8_PRIV_KEY_INFO *p8);
+
+int X509_PUBKEY_set0_param(X509_PUBKEY *pub, ASN1_OBJECT *aobj,
+					int ptype, void *pval,
+					unsigned char *penc, int penclen);
+int X509_PUBKEY_get0_param(ASN1_OBJECT **ppkalg,
+		const unsigned char **pk, int *ppklen,
+		X509_ALGOR **pa,
+		X509_PUBKEY *pub);
+
 int X509_check_trust(X509 *x, int id, int flags);
 int X509_TRUST_get_count(void);
 X509_TRUST * X509_TRUST_get0(int idx);
@@ -1247,18 +1210,20 @@ void ERR_load_X509_strings(void);
 /* Function codes. */
 #define X509_F_ADD_CERT_DIR				 100
 #define X509_F_BY_FILE_CTRL				 101
+#define X509_F_CHECK_POLICY				 145
 #define X509_F_DIR_CTRL					 102
 #define X509_F_GET_CERT_BY_SUBJECT			 103
 #define X509_F_NETSCAPE_SPKI_B64_DECODE			 129
 #define X509_F_NETSCAPE_SPKI_B64_ENCODE			 130
+#define X509_F_X509AT_ADD1_ATTR				 135
 #define X509_F_X509V3_ADD_EXT				 104
-#define X509_F_X509_ADD_ATTR				 135
 #define X509_F_X509_ATTRIBUTE_CREATE_BY_NID		 136
 #define X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ		 137
 #define X509_F_X509_ATTRIBUTE_CREATE_BY_TXT		 140
 #define X509_F_X509_ATTRIBUTE_GET0_DATA			 139
 #define X509_F_X509_ATTRIBUTE_SET1_DATA			 138
 #define X509_F_X509_CHECK_PRIVATE_KEY			 128
+#define X509_F_X509_CRL_PRINT_FP			 147
 #define X509_F_X509_EXTENSION_CREATE_BY_NID		 108
 #define X509_F_X509_EXTENSION_CREATE_BY_OBJ		 109
 #define X509_F_X509_GET_PUBKEY_PARAMETERS		 110
@@ -1271,15 +1236,16 @@ void ERR_load_X509_strings(void);
 #define X509_F_X509_NAME_ENTRY_SET_OBJECT		 115
 #define X509_F_X509_NAME_ONELINE			 116
 #define X509_F_X509_NAME_PRINT				 117
-#define X509_F_X509_PRINT_FP				 118
+#define X509_F_X509_PRINT_EX_FP				 118
 #define X509_F_X509_PUBKEY_GET				 119
 #define X509_F_X509_PUBKEY_SET				 120
 #define X509_F_X509_REQ_CHECK_PRIVATE_KEY		 144
-#define X509_F_X509_REQ_PRINT				 121
+#define X509_F_X509_REQ_PRINT_EX			 121
 #define X509_F_X509_REQ_PRINT_FP			 122
 #define X509_F_X509_REQ_TO_X509				 123
 #define X509_F_X509_STORE_ADD_CERT			 124
 #define X509_F_X509_STORE_ADD_CRL			 125
+#define X509_F_X509_STORE_CTX_GET1_ISSUER		 146
 #define X509_F_X509_STORE_CTX_INIT			 143
 #define X509_F_X509_STORE_CTX_NEW			 142
 #define X509_F_X509_STORE_CTX_PURPOSE_INHERIT		 134
@@ -1301,7 +1267,10 @@ void ERR_load_X509_strings(void);
 #define X509_R_KEY_VALUES_MISMATCH			 116
 #define X509_R_LOADING_CERT_DIR				 103
 #define X509_R_LOADING_DEFAULTS				 104
+#define X509_R_METHOD_NOT_SUPPORTED			 124
 #define X509_R_NO_CERT_SET_FOR_US_TO_VERIFY		 105
+#define X509_R_PUBLIC_KEY_DECODE_ERROR			 125
+#define X509_R_PUBLIC_KEY_ENCODE_ERROR			 126
 #define X509_R_SHOULD_RETRY				 106
 #define X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN	 107
 #define X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY		 108
diff --git a/crypto/x509/x509_att.c b/crypto/x509/x509_att.c
index 0bae3d32a1..98460e8921 100644
--- a/crypto/x509/x509_att.c
+++ b/crypto/x509/x509_att.c
@@ -67,8 +67,7 @@
 
 int X509at_get_attr_count(const STACK_OF(X509_ATTRIBUTE) *x)
 {
-	if (!x) return 0;
-	return(sk_X509_ATTRIBUTE_num(x));
+	return sk_X509_ATTRIBUTE_num(x);
 }
 
 int X509at_get_attr_by_NID(const STACK_OF(X509_ATTRIBUTE) *x, int nid,
@@ -125,7 +124,13 @@ STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr(STACK_OF(X509_ATTRIBUTE) **x,
 	X509_ATTRIBUTE *new_attr=NULL;
 	STACK_OF(X509_ATTRIBUTE) *sk=NULL;
 
-	if ((x != NULL) && (*x == NULL))
+	if (x == NULL)
+		{
+		X509err(X509_F_X509AT_ADD1_ATTR, ERR_R_PASSED_NULL_PARAMETER);
+		goto err2;
+		} 
+
+	if (*x == NULL)
 		{
 		if ((sk=sk_X509_ATTRIBUTE_new_null()) == NULL)
 			goto err;
@@ -137,11 +142,11 @@ STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr(STACK_OF(X509_ATTRIBUTE) **x,
 		goto err2;
 	if (!sk_X509_ATTRIBUTE_push(sk,new_attr))
 		goto err;
-	if ((x != NULL) && (*x == NULL))
+	if (*x == NULL)
 		*x=sk;
 	return(sk);
 err:
-	X509err(X509_F_X509_ADD_ATTR,ERR_R_MALLOC_FAILURE);
+	X509err(X509_F_X509AT_ADD1_ATTR,ERR_R_MALLOC_FAILURE);
 err2:
 	if (new_attr != NULL) X509_ATTRIBUTE_free(new_attr);
 	if (sk != NULL) sk_X509_ATTRIBUTE_free(sk);
@@ -187,6 +192,22 @@ STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE) **x,
 	return ret;
 }
 
+void *X509at_get0_data_by_OBJ(STACK_OF(X509_ATTRIBUTE) *x,
+				ASN1_OBJECT *obj, int lastpos, int type)
+{
+	int i;
+	X509_ATTRIBUTE *at;
+	i = X509at_get_attr_by_OBJ(x, obj, lastpos);
+	if (i == -1)
+		return NULL;
+	if ((lastpos <= -2) && (X509at_get_attr_by_OBJ(x, obj, i) != -1))
+		return NULL;
+	at = X509at_get_attr(x, i);
+	if (lastpos <= -3 && (X509_ATTRIBUTE_count(at) != 1))
+		return NULL;
+	return X509_ATTRIBUTE_get0_data(at, 0, type, NULL);
+}
+
 X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid,
 	     int atrtype, const void *data, int len)
 {
@@ -224,7 +245,7 @@ X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **attr,
 		goto err;
 	if (!X509_ATTRIBUTE_set1_data(ret,atrtype,data,len))
 		goto err;
-	
+
 	if ((attr != NULL) && (*attr == NULL)) *attr=ret;
 	return(ret);
 err:
@@ -264,8 +285,8 @@ int X509_ATTRIBUTE_set1_object(X509_ATTRIBUTE *attr, const ASN1_OBJECT *obj)
 int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype, const void *data, int len)
 {
 	ASN1_TYPE *ttmp;
-	ASN1_STRING *stmp;
-	int atype;
+	ASN1_STRING *stmp = NULL;
+	int atype = 0;
 	if (!attr) return 0;
 	if(attrtype & MBSTRING_FLAG) {
 		stmp = ASN1_STRING_set_by_NID(NULL, data, len, attrtype,
@@ -275,16 +296,28 @@ int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype, const void *dat
 			return 0;
 		}
 		atype = stmp->type;
-	} else {
+	} else if (len != -1){
 		if(!(stmp = ASN1_STRING_type_new(attrtype))) goto err;
 		if(!ASN1_STRING_set(stmp, data, len)) goto err;
 		atype = attrtype;
 	}
 	if(!(attr->value.set = sk_ASN1_TYPE_new_null())) goto err;
+	attr->single = 0;
+	/* This is a bit naughty because the attribute should really have
+	 * at least one value but some types use and zero length SET and
+	 * require this.
+	 */
+	if (attrtype == 0)
+		return 1;
 	if(!(ttmp = ASN1_TYPE_new())) goto err;
+	if ((len == -1) && !(attrtype & MBSTRING_FLAG))
+		{
+		if (!ASN1_TYPE_set1(ttmp, attrtype, data))
+			goto err;
+		}
+	else
+		ASN1_TYPE_set(ttmp, atype, stmp);
 	if(!sk_ASN1_TYPE_push(attr->value.set, ttmp)) goto err;
-	attr->single = 0;
-	ASN1_TYPE_set(ttmp, atype, stmp);
 	return 1;
 	err:
 	X509err(X509_F_X509_ATTRIBUTE_SET1_DATA, ERR_R_MALLOC_FAILURE);
diff --git a/crypto/x509/x509_cmp.c b/crypto/x509/x509_cmp.c
index 0d6bc653b2..a75876edbb 100644
--- a/crypto/x509/x509_cmp.c
+++ b/crypto/x509/x509_cmp.c
@@ -87,15 +87,20 @@ unsigned long X509_issuer_and_serial_hash(X509 *a)
 	EVP_MD_CTX_init(&ctx);
 	f=X509_NAME_oneline(a->cert_info->issuer,NULL,0);
 	ret=strlen(f);
-	EVP_DigestInit_ex(&ctx, EVP_md5(), NULL);
-	EVP_DigestUpdate(&ctx,(unsigned char *)f,ret);
+	if (!EVP_DigestInit_ex(&ctx, EVP_md5(), NULL))
+		goto err;
+	if (!EVP_DigestUpdate(&ctx,(unsigned char *)f,ret))
+		goto err;
 	OPENSSL_free(f);
-	EVP_DigestUpdate(&ctx,(unsigned char *)a->cert_info->serialNumber->data,
-		(unsigned long)a->cert_info->serialNumber->length);
-	EVP_DigestFinal_ex(&ctx,&(md[0]),NULL);
+	if(!EVP_DigestUpdate(&ctx,(unsigned char *)a->cert_info->serialNumber->data,
+		(unsigned long)a->cert_info->serialNumber->length))
+		goto err;
+	if (!EVP_DigestFinal_ex(&ctx,&(md[0]),NULL))
+		goto err;
 	ret=(	((unsigned long)md[0]     )|((unsigned long)md[1]<<8L)|
 		((unsigned long)md[2]<<16L)|((unsigned long)md[3]<<24L)
 		)&0xffffffffL;
+	err:
 	EVP_MD_CTX_cleanup(&ctx);
 	return(ret);
 	}
@@ -116,6 +121,13 @@ int X509_CRL_cmp(const X509_CRL *a, const X509_CRL *b)
 	return(X509_NAME_cmp(a->crl->issuer,b->crl->issuer));
 	}
 
+#ifndef OPENSSL_NO_SHA
+int X509_CRL_match(const X509_CRL *a, const X509_CRL *b)
+	{
+	return memcmp(a->sha1_hash, b->sha1_hash, 20);
+	}
+#endif
+
 X509_NAME *X509_get_issuer_name(X509 *a)
 	{
 	return(a->cert_info->issuer);
@@ -126,6 +138,13 @@ unsigned long X509_issuer_name_hash(X509 *x)
 	return(X509_NAME_hash(x->cert_info->issuer));
 	}
 
+#ifndef OPENSSL_NO_MD5
+unsigned long X509_issuer_name_hash_old(X509 *x)
+	{
+	return(X509_NAME_hash_old(x->cert_info->issuer));
+	}
+#endif
+
 X509_NAME *X509_get_subject_name(X509 *a)
 	{
 	return(a->cert_info->subject);
@@ -141,6 +160,13 @@ unsigned long X509_subject_name_hash(X509 *x)
 	return(X509_NAME_hash(x->cert_info->subject));
 	}
 
+#ifndef OPENSSL_NO_MD5
+unsigned long X509_subject_name_hash_old(X509 *x)
+	{
+	return(X509_NAME_hash_old(x->cert_info->subject));
+	}
+#endif
+
 #ifndef OPENSSL_NO_SHA
 /* Compare two certificates: they must be identical for
  * this to work. NB: Although "cmp" operations are generally
@@ -162,170 +188,66 @@ int X509_cmp(const X509 *a, const X509 *b)
 #endif
 
 
-/* Case insensitive string comparision */
-static int nocase_cmp(const ASN1_STRING *a, const ASN1_STRING *b)
-{
-	int i;
-
-	if (a->length != b->length)
-		return (a->length - b->length);
-
-	for (i=0; i<a->length; i++)
-	{
-		int ca, cb;
-
-		ca = tolower(a->data[i]);
-		cb = tolower(b->data[i]);
-
-		if (ca != cb)
-			return(ca-cb);
-	}
-	return 0;
-}
-
-/* Case insensitive string comparision with space normalization 
- * Space normalization - ignore leading, trailing spaces, 
- *       multiple spaces between characters are replaced by single space  
- */
-static int nocase_spacenorm_cmp(const ASN1_STRING *a, const ASN1_STRING *b)
-{
-	unsigned char *pa = NULL, *pb = NULL;
-	int la, lb;
-	
-	la = a->length;
-	lb = b->length;
-	pa = a->data;
-	pb = b->data;
-
-	/* skip leading spaces */
-	while (la > 0 && isspace(*pa))
-	{
-		la--;
-		pa++;
-	}
-	while (lb > 0 && isspace(*pb))
-	{
-		lb--;
-		pb++;
-	}
-
-	/* skip trailing spaces */
-	while (la > 0 && isspace(pa[la-1]))
-		la--;
-	while (lb > 0 && isspace(pb[lb-1]))
-		lb--;
-
-	/* compare strings with space normalization */
-	while (la > 0 && lb > 0)
+int X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b)
 	{
-		int ca, cb;
-
-		/* compare character */
-		ca = tolower(*pa);
-		cb = tolower(*pb);
-		if (ca != cb)
-			return (ca - cb);
+	int ret;
 
-		pa++; pb++;
-		la--; lb--;
+	/* Ensure canonical encoding is present and up to date */
 
-		if (la <= 0 || lb <= 0)
-			break;
+	if (!a->canon_enc || a->modified)
+		{
+		ret = i2d_X509_NAME((X509_NAME *)a, NULL);
+		if (ret < 0)
+			return -2;
+		}
 
-		/* is white space next character ? */
-		if (isspace(*pa) && isspace(*pb))
+	if (!b->canon_enc || b->modified)
 		{
-			/* skip remaining white spaces */
-			while (la > 0 && isspace(*pa))
-			{
-				la--;
-				pa++;
-			}
-			while (lb > 0 && isspace(*pb))
-			{
-				lb--;
-				pb++;
-			}
+		ret = i2d_X509_NAME((X509_NAME *)b, NULL);
+		if (ret < 0)
+			return -2;
 		}
-	}
-	if (la > 0 || lb > 0)
-		return la - lb;
 
-	return 0;
-}
+	ret = a->canon_enclen - b->canon_enclen;
 
-static int asn1_string_memcmp(ASN1_STRING *a, ASN1_STRING *b)
-	{
-	int j;
-	j = a->length - b->length;
-	if (j)
-		return j;
-	return memcmp(a->data, b->data, a->length);
-	}
+	if (ret)
+		return ret;
 
-#define STR_TYPE_CMP (B_ASN1_PRINTABLESTRING|B_ASN1_T61STRING|B_ASN1_UTF8STRING)
+	return memcmp(a->canon_enc, b->canon_enc, a->canon_enclen);
 
-int X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b)
-	{
-	int i,j;
-	X509_NAME_ENTRY *na,*nb;
+	}
 
-	unsigned long nabit, nbbit;
+unsigned long X509_NAME_hash(X509_NAME *x)
+	{
+	unsigned long ret=0;
+	unsigned char md[SHA_DIGEST_LENGTH];
 
-	j = sk_X509_NAME_ENTRY_num(a->entries)
-		  - sk_X509_NAME_ENTRY_num(b->entries);
-	if (j)
-		return j;
-	for (i=sk_X509_NAME_ENTRY_num(a->entries)-1; i>=0; i--)
-		{
-		na=sk_X509_NAME_ENTRY_value(a->entries,i);
-		nb=sk_X509_NAME_ENTRY_value(b->entries,i);
-		j=na->value->type-nb->value->type;
-		if (j)
-			{
-			nabit = ASN1_tag2bit(na->value->type);
-			nbbit = ASN1_tag2bit(nb->value->type);
-			if (!(nabit & STR_TYPE_CMP) ||
-				!(nbbit & STR_TYPE_CMP))
-				return j;
-			j = asn1_string_memcmp(na->value, nb->value);
-			}
-		else if (na->value->type == V_ASN1_PRINTABLESTRING)
-			j=nocase_spacenorm_cmp(na->value, nb->value);
-		else if (na->value->type == V_ASN1_IA5STRING
-			&& OBJ_obj2nid(na->object) == NID_pkcs9_emailAddress)
-			j=nocase_cmp(na->value, nb->value);
-		else
-			j = asn1_string_memcmp(na->value, nb->value);
-		if (j) return(j);
-		j=na->set-nb->set;
-		if (j) return(j);
-		}
+	/* Make sure X509_NAME structure contains valid cached encoding */
+	i2d_X509_NAME(x,NULL);
+	if (!EVP_Digest(x->canon_enc, x->canon_enclen, md, NULL, EVP_sha1(),
+		NULL))
+		return 0;
 
-	/* We will check the object types after checking the values
-	 * since the values will more often be different than the object
-	 * types. */
-	for (i=sk_X509_NAME_ENTRY_num(a->entries)-1; i>=0; i--)
-		{
-		na=sk_X509_NAME_ENTRY_value(a->entries,i);
-		nb=sk_X509_NAME_ENTRY_value(b->entries,i);
-		j=OBJ_cmp(na->object,nb->object);
-		if (j) return(j);
-		}
-	return(0);
+	ret=(	((unsigned long)md[0]     )|((unsigned long)md[1]<<8L)|
+		((unsigned long)md[2]<<16L)|((unsigned long)md[3]<<24L)
+		)&0xffffffffL;
+	return(ret);
 	}
 
+
 #ifndef OPENSSL_NO_MD5
 /* I now DER encode the name and hash it.  Since I cache the DER encoding,
  * this is reasonably efficient. */
-unsigned long X509_NAME_hash(X509_NAME *x)
+
+unsigned long X509_NAME_hash_old(X509_NAME *x)
 	{
 	unsigned long ret=0;
 	unsigned char md[16];
 
 	/* Make sure X509_NAME structure contains valid cached encoding */
 	i2d_X509_NAME(x,NULL);
-	EVP_Digest(x->bytes->data, x->bytes->length, md, NULL, EVP_md5(), NULL);
+	if (!EVP_Digest(x->bytes->data, x->bytes->length, md, NULL, EVP_md5(), NULL))
+		return 0;
 
 	ret=(	((unsigned long)md[0]     )|((unsigned long)md[1]<<8L)|
 		((unsigned long)md[2]<<16L)|((unsigned long)md[3]<<24L)
@@ -386,14 +308,19 @@ ASN1_BIT_STRING *X509_get0_pubkey_bitstr(const X509 *x)
 
 int X509_check_private_key(X509 *x, EVP_PKEY *k)
 	{
-	EVP_PKEY *xk=NULL;
-	int ok=0;
+	EVP_PKEY *xk;
+	int ret;
 
 	xk=X509_get_pubkey(x);
-	switch (EVP_PKEY_cmp(xk, k))
+
+	if (xk)
+		ret = EVP_PKEY_cmp(xk, k);
+	else
+		ret = -2;
+
+	switch (ret)
 		{
 	case 1:
-		ok=1;
 		break;
 	case 0:
 		X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_KEY_VALUES_MISMATCH);
@@ -402,24 +329,11 @@ int X509_check_private_key(X509 *x, EVP_PKEY *k)
 		X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_KEY_TYPE_MISMATCH);
 		break;
 	case -2:
-#ifndef OPENSSL_NO_EC
-		if (k->type == EVP_PKEY_EC)
-			{
-			X509err(X509_F_X509_CHECK_PRIVATE_KEY, ERR_R_EC_LIB);
-			break;
-			}
-#endif
-#ifndef OPENSSL_NO_DH
-		if (k->type == EVP_PKEY_DH)
-			{
-			/* No idea */
-			X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_CANT_CHECK_DH_KEY);
-			break;
-			}
-#endif
 	        X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_UNKNOWN_KEY_TYPE);
 		}
-
-	EVP_PKEY_free(xk);
-	return(ok);
+	if (xk)
+		EVP_PKEY_free(xk);
+	if (ret > 0)
+		return 1;
+	return 0;
 	}
diff --git a/crypto/x509/x509_err.c b/crypto/x509/x509_err.c
index 7a6d5a0072..a01402f416 100644
--- a/crypto/x509/x509_err.c
+++ b/crypto/x509/x509_err.c
@@ -1,6 +1,6 @@
 /* crypto/x509/x509_err.c */
 /* ====================================================================
- * Copyright (c) 1999-2003 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2006 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -64,78 +64,88 @@
 
 /* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
+
+#define ERR_FUNC(func) ERR_PACK(ERR_LIB_X509,func,0)
+#define ERR_REASON(reason) ERR_PACK(ERR_LIB_X509,0,reason)
+
 static ERR_STRING_DATA X509_str_functs[]=
 	{
-{ERR_PACK(0,X509_F_ADD_CERT_DIR,0),	"ADD_CERT_DIR"},
-{ERR_PACK(0,X509_F_BY_FILE_CTRL,0),	"BY_FILE_CTRL"},
-{ERR_PACK(0,X509_F_DIR_CTRL,0),	"DIR_CTRL"},
-{ERR_PACK(0,X509_F_GET_CERT_BY_SUBJECT,0),	"GET_CERT_BY_SUBJECT"},
-{ERR_PACK(0,X509_F_NETSCAPE_SPKI_B64_DECODE,0),	"NETSCAPE_SPKI_b64_decode"},
-{ERR_PACK(0,X509_F_NETSCAPE_SPKI_B64_ENCODE,0),	"NETSCAPE_SPKI_b64_encode"},
-{ERR_PACK(0,X509_F_X509V3_ADD_EXT,0),	"X509v3_add_ext"},
-{ERR_PACK(0,X509_F_X509_ADD_ATTR,0),	"X509_ADD_ATTR"},
-{ERR_PACK(0,X509_F_X509_ATTRIBUTE_CREATE_BY_NID,0),	"X509_ATTRIBUTE_create_by_NID"},
-{ERR_PACK(0,X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ,0),	"X509_ATTRIBUTE_create_by_OBJ"},
-{ERR_PACK(0,X509_F_X509_ATTRIBUTE_CREATE_BY_TXT,0),	"X509_ATTRIBUTE_create_by_txt"},
-{ERR_PACK(0,X509_F_X509_ATTRIBUTE_GET0_DATA,0),	"X509_ATTRIBUTE_get0_data"},
-{ERR_PACK(0,X509_F_X509_ATTRIBUTE_SET1_DATA,0),	"X509_ATTRIBUTE_set1_data"},
-{ERR_PACK(0,X509_F_X509_CHECK_PRIVATE_KEY,0),	"X509_check_private_key"},
-{ERR_PACK(0,X509_F_X509_EXTENSION_CREATE_BY_NID,0),	"X509_EXTENSION_create_by_NID"},
-{ERR_PACK(0,X509_F_X509_EXTENSION_CREATE_BY_OBJ,0),	"X509_EXTENSION_create_by_OBJ"},
-{ERR_PACK(0,X509_F_X509_GET_PUBKEY_PARAMETERS,0),	"X509_get_pubkey_parameters"},
-{ERR_PACK(0,X509_F_X509_LOAD_CERT_CRL_FILE,0),	"X509_load_cert_crl_file"},
-{ERR_PACK(0,X509_F_X509_LOAD_CERT_FILE,0),	"X509_load_cert_file"},
-{ERR_PACK(0,X509_F_X509_LOAD_CRL_FILE,0),	"X509_load_crl_file"},
-{ERR_PACK(0,X509_F_X509_NAME_ADD_ENTRY,0),	"X509_NAME_add_entry"},
-{ERR_PACK(0,X509_F_X509_NAME_ENTRY_CREATE_BY_NID,0),	"X509_NAME_ENTRY_create_by_NID"},
-{ERR_PACK(0,X509_F_X509_NAME_ENTRY_CREATE_BY_TXT,0),	"X509_NAME_ENTRY_create_by_txt"},
-{ERR_PACK(0,X509_F_X509_NAME_ENTRY_SET_OBJECT,0),	"X509_NAME_ENTRY_set_object"},
-{ERR_PACK(0,X509_F_X509_NAME_ONELINE,0),	"X509_NAME_oneline"},
-{ERR_PACK(0,X509_F_X509_NAME_PRINT,0),	"X509_NAME_print"},
-{ERR_PACK(0,X509_F_X509_PRINT_FP,0),	"X509_print_fp"},
-{ERR_PACK(0,X509_F_X509_PUBKEY_GET,0),	"X509_PUBKEY_get"},
-{ERR_PACK(0,X509_F_X509_PUBKEY_SET,0),	"X509_PUBKEY_set"},
-{ERR_PACK(0,X509_F_X509_REQ_CHECK_PRIVATE_KEY,0),	"X509_REQ_check_private_key"},
-{ERR_PACK(0,X509_F_X509_REQ_PRINT,0),	"X509_REQ_print"},
-{ERR_PACK(0,X509_F_X509_REQ_PRINT_FP,0),	"X509_REQ_print_fp"},
-{ERR_PACK(0,X509_F_X509_REQ_TO_X509,0),	"X509_REQ_to_X509"},
-{ERR_PACK(0,X509_F_X509_STORE_ADD_CERT,0),	"X509_STORE_add_cert"},
-{ERR_PACK(0,X509_F_X509_STORE_ADD_CRL,0),	"X509_STORE_add_crl"},
-{ERR_PACK(0,X509_F_X509_STORE_CTX_INIT,0),	"X509_STORE_CTX_init"},
-{ERR_PACK(0,X509_F_X509_STORE_CTX_NEW,0),	"X509_STORE_CTX_new"},
-{ERR_PACK(0,X509_F_X509_STORE_CTX_PURPOSE_INHERIT,0),	"X509_STORE_CTX_purpose_inherit"},
-{ERR_PACK(0,X509_F_X509_TO_X509_REQ,0),	"X509_to_X509_REQ"},
-{ERR_PACK(0,X509_F_X509_TRUST_ADD,0),	"X509_TRUST_add"},
-{ERR_PACK(0,X509_F_X509_TRUST_SET,0),	"X509_TRUST_set"},
-{ERR_PACK(0,X509_F_X509_VERIFY_CERT,0),	"X509_verify_cert"},
+{ERR_FUNC(X509_F_ADD_CERT_DIR),	"ADD_CERT_DIR"},
+{ERR_FUNC(X509_F_BY_FILE_CTRL),	"BY_FILE_CTRL"},
+{ERR_FUNC(X509_F_CHECK_POLICY),	"CHECK_POLICY"},
+{ERR_FUNC(X509_F_DIR_CTRL),	"DIR_CTRL"},
+{ERR_FUNC(X509_F_GET_CERT_BY_SUBJECT),	"GET_CERT_BY_SUBJECT"},
+{ERR_FUNC(X509_F_NETSCAPE_SPKI_B64_DECODE),	"NETSCAPE_SPKI_b64_decode"},
+{ERR_FUNC(X509_F_NETSCAPE_SPKI_B64_ENCODE),	"NETSCAPE_SPKI_b64_encode"},
+{ERR_FUNC(X509_F_X509AT_ADD1_ATTR),	"X509at_add1_attr"},
+{ERR_FUNC(X509_F_X509V3_ADD_EXT),	"X509v3_add_ext"},
+{ERR_FUNC(X509_F_X509_ATTRIBUTE_CREATE_BY_NID),	"X509_ATTRIBUTE_create_by_NID"},
+{ERR_FUNC(X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ),	"X509_ATTRIBUTE_create_by_OBJ"},
+{ERR_FUNC(X509_F_X509_ATTRIBUTE_CREATE_BY_TXT),	"X509_ATTRIBUTE_create_by_txt"},
+{ERR_FUNC(X509_F_X509_ATTRIBUTE_GET0_DATA),	"X509_ATTRIBUTE_get0_data"},
+{ERR_FUNC(X509_F_X509_ATTRIBUTE_SET1_DATA),	"X509_ATTRIBUTE_set1_data"},
+{ERR_FUNC(X509_F_X509_CHECK_PRIVATE_KEY),	"X509_check_private_key"},
+{ERR_FUNC(X509_F_X509_CRL_PRINT_FP),	"X509_CRL_print_fp"},
+{ERR_FUNC(X509_F_X509_EXTENSION_CREATE_BY_NID),	"X509_EXTENSION_create_by_NID"},
+{ERR_FUNC(X509_F_X509_EXTENSION_CREATE_BY_OBJ),	"X509_EXTENSION_create_by_OBJ"},
+{ERR_FUNC(X509_F_X509_GET_PUBKEY_PARAMETERS),	"X509_get_pubkey_parameters"},
+{ERR_FUNC(X509_F_X509_LOAD_CERT_CRL_FILE),	"X509_load_cert_crl_file"},
+{ERR_FUNC(X509_F_X509_LOAD_CERT_FILE),	"X509_load_cert_file"},
+{ERR_FUNC(X509_F_X509_LOAD_CRL_FILE),	"X509_load_crl_file"},
+{ERR_FUNC(X509_F_X509_NAME_ADD_ENTRY),	"X509_NAME_add_entry"},
+{ERR_FUNC(X509_F_X509_NAME_ENTRY_CREATE_BY_NID),	"X509_NAME_ENTRY_create_by_NID"},
+{ERR_FUNC(X509_F_X509_NAME_ENTRY_CREATE_BY_TXT),	"X509_NAME_ENTRY_create_by_txt"},
+{ERR_FUNC(X509_F_X509_NAME_ENTRY_SET_OBJECT),	"X509_NAME_ENTRY_set_object"},
+{ERR_FUNC(X509_F_X509_NAME_ONELINE),	"X509_NAME_oneline"},
+{ERR_FUNC(X509_F_X509_NAME_PRINT),	"X509_NAME_print"},
+{ERR_FUNC(X509_F_X509_PRINT_EX_FP),	"X509_print_ex_fp"},
+{ERR_FUNC(X509_F_X509_PUBKEY_GET),	"X509_PUBKEY_get"},
+{ERR_FUNC(X509_F_X509_PUBKEY_SET),	"X509_PUBKEY_set"},
+{ERR_FUNC(X509_F_X509_REQ_CHECK_PRIVATE_KEY),	"X509_REQ_check_private_key"},
+{ERR_FUNC(X509_F_X509_REQ_PRINT_EX),	"X509_REQ_print_ex"},
+{ERR_FUNC(X509_F_X509_REQ_PRINT_FP),	"X509_REQ_print_fp"},
+{ERR_FUNC(X509_F_X509_REQ_TO_X509),	"X509_REQ_to_X509"},
+{ERR_FUNC(X509_F_X509_STORE_ADD_CERT),	"X509_STORE_add_cert"},
+{ERR_FUNC(X509_F_X509_STORE_ADD_CRL),	"X509_STORE_add_crl"},
+{ERR_FUNC(X509_F_X509_STORE_CTX_GET1_ISSUER),	"X509_STORE_CTX_get1_issuer"},
+{ERR_FUNC(X509_F_X509_STORE_CTX_INIT),	"X509_STORE_CTX_init"},
+{ERR_FUNC(X509_F_X509_STORE_CTX_NEW),	"X509_STORE_CTX_new"},
+{ERR_FUNC(X509_F_X509_STORE_CTX_PURPOSE_INHERIT),	"X509_STORE_CTX_purpose_inherit"},
+{ERR_FUNC(X509_F_X509_TO_X509_REQ),	"X509_to_X509_REQ"},
+{ERR_FUNC(X509_F_X509_TRUST_ADD),	"X509_TRUST_add"},
+{ERR_FUNC(X509_F_X509_TRUST_SET),	"X509_TRUST_set"},
+{ERR_FUNC(X509_F_X509_VERIFY_CERT),	"X509_verify_cert"},
 {0,NULL}
 	};
 
 static ERR_STRING_DATA X509_str_reasons[]=
 	{
-{X509_R_BAD_X509_FILETYPE                ,"bad x509 filetype"},
-{X509_R_BASE64_DECODE_ERROR              ,"base64 decode error"},
-{X509_R_CANT_CHECK_DH_KEY                ,"cant check dh key"},
-{X509_R_CERT_ALREADY_IN_HASH_TABLE       ,"cert already in hash table"},
-{X509_R_ERR_ASN1_LIB                     ,"err asn1 lib"},
-{X509_R_INVALID_DIRECTORY                ,"invalid directory"},
-{X509_R_INVALID_FIELD_NAME               ,"invalid field name"},
-{X509_R_INVALID_TRUST                    ,"invalid trust"},
-{X509_R_KEY_TYPE_MISMATCH                ,"key type mismatch"},
-{X509_R_KEY_VALUES_MISMATCH              ,"key values mismatch"},
-{X509_R_LOADING_CERT_DIR                 ,"loading cert dir"},
-{X509_R_LOADING_DEFAULTS                 ,"loading defaults"},
-{X509_R_NO_CERT_SET_FOR_US_TO_VERIFY     ,"no cert set for us to verify"},
-{X509_R_SHOULD_RETRY                     ,"should retry"},
-{X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN,"unable to find parameters in chain"},
-{X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY   ,"unable to get certs public key"},
-{X509_R_UNKNOWN_KEY_TYPE                 ,"unknown key type"},
-{X509_R_UNKNOWN_NID                      ,"unknown nid"},
-{X509_R_UNKNOWN_PURPOSE_ID               ,"unknown purpose id"},
-{X509_R_UNKNOWN_TRUST_ID                 ,"unknown trust id"},
-{X509_R_UNSUPPORTED_ALGORITHM            ,"unsupported algorithm"},
-{X509_R_WRONG_LOOKUP_TYPE                ,"wrong lookup type"},
-{X509_R_WRONG_TYPE                       ,"wrong type"},
+{ERR_REASON(X509_R_BAD_X509_FILETYPE)    ,"bad x509 filetype"},
+{ERR_REASON(X509_R_BASE64_DECODE_ERROR)  ,"base64 decode error"},
+{ERR_REASON(X509_R_CANT_CHECK_DH_KEY)    ,"cant check dh key"},
+{ERR_REASON(X509_R_CERT_ALREADY_IN_HASH_TABLE),"cert already in hash table"},
+{ERR_REASON(X509_R_ERR_ASN1_LIB)         ,"err asn1 lib"},
+{ERR_REASON(X509_R_INVALID_DIRECTORY)    ,"invalid directory"},
+{ERR_REASON(X509_R_INVALID_FIELD_NAME)   ,"invalid field name"},
+{ERR_REASON(X509_R_INVALID_TRUST)        ,"invalid trust"},
+{ERR_REASON(X509_R_KEY_TYPE_MISMATCH)    ,"key type mismatch"},
+{ERR_REASON(X509_R_KEY_VALUES_MISMATCH)  ,"key values mismatch"},
+{ERR_REASON(X509_R_LOADING_CERT_DIR)     ,"loading cert dir"},
+{ERR_REASON(X509_R_LOADING_DEFAULTS)     ,"loading defaults"},
+{ERR_REASON(X509_R_METHOD_NOT_SUPPORTED) ,"method not supported"},
+{ERR_REASON(X509_R_NO_CERT_SET_FOR_US_TO_VERIFY),"no cert set for us to verify"},
+{ERR_REASON(X509_R_PUBLIC_KEY_DECODE_ERROR),"public key decode error"},
+{ERR_REASON(X509_R_PUBLIC_KEY_ENCODE_ERROR),"public key encode error"},
+{ERR_REASON(X509_R_SHOULD_RETRY)         ,"should retry"},
+{ERR_REASON(X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN),"unable to find parameters in chain"},
+{ERR_REASON(X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY),"unable to get certs public key"},
+{ERR_REASON(X509_R_UNKNOWN_KEY_TYPE)     ,"unknown key type"},
+{ERR_REASON(X509_R_UNKNOWN_NID)          ,"unknown nid"},
+{ERR_REASON(X509_R_UNKNOWN_PURPOSE_ID)   ,"unknown purpose id"},
+{ERR_REASON(X509_R_UNKNOWN_TRUST_ID)     ,"unknown trust id"},
+{ERR_REASON(X509_R_UNSUPPORTED_ALGORITHM),"unsupported algorithm"},
+{ERR_REASON(X509_R_WRONG_LOOKUP_TYPE)    ,"wrong lookup type"},
+{ERR_REASON(X509_R_WRONG_TYPE)           ,"wrong type"},
 {0,NULL}
 	};
 
@@ -143,15 +153,12 @@ static ERR_STRING_DATA X509_str_reasons[]=
 
 void ERR_load_X509_strings(void)
 	{
-	static int init=1;
-
-	if (init)
-		{
-		init=0;
 #ifndef OPENSSL_NO_ERR
-		ERR_load_strings(ERR_LIB_X509,X509_str_functs);
-		ERR_load_strings(ERR_LIB_X509,X509_str_reasons);
-#endif
 
+	if (ERR_func_error_string(X509_str_functs[0].error) == NULL)
+		{
+		ERR_load_strings(0,X509_str_functs);
+		ERR_load_strings(0,X509_str_reasons);
 		}
+#endif
 	}
diff --git a/crypto/x509/x509_lu.c b/crypto/x509/x509_lu.c
index 8c7f22b0d9..7e38544e5f 100644
--- a/crypto/x509/x509_lu.c
+++ b/crypto/x509/x509_lu.c
@@ -196,9 +196,17 @@ X509_STORE *X509_STORE_new(void)
 	ret->get_crl = 0;
 	ret->check_crl = 0;
 	ret->cert_crl = 0;
+	ret->lookup_certs = 0;
+	ret->lookup_crls = 0;
 	ret->cleanup = 0;
 
-	CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509_STORE, ret, &ret->ex_data);
+	if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509_STORE, ret, &ret->ex_data))
+		{
+		sk_X509_OBJECT_free(ret->objs);
+		OPENSSL_free(ret);
+		return NULL;
+		}
+
 	ret->references=1;
 	return ret;
 	}
@@ -288,7 +296,7 @@ int X509_STORE_get_by_subject(X509_STORE_CTX *vs, int type, X509_NAME *name,
 
 	tmp=X509_OBJECT_retrieve_by_subject(ctx->objs,type,name);
 
-	if (tmp == NULL)
+	if (tmp == NULL || type == X509_LU_CRL)
 		{
 		for (i=vs->current_method; i<sk_X509_LOOKUP_num(ctx->get_cert_methods); i++)
 			{
@@ -414,14 +422,15 @@ void X509_OBJECT_free_contents(X509_OBJECT *a)
 		}
 	}
 
-int X509_OBJECT_idx_by_subject(STACK_OF(X509_OBJECT) *h, int type,
-	     X509_NAME *name)
+static int x509_object_idx_cnt(STACK_OF(X509_OBJECT) *h, int type,
+	     X509_NAME *name, int *pnmatch)
 	{
 	X509_OBJECT stmp;
 	X509 x509_s;
 	X509_CINF cinf_s;
 	X509_CRL crl_s;
 	X509_CRL_INFO crl_info_s;
+	int idx;
 
 	stmp.type=type;
 	switch (type)
@@ -441,7 +450,29 @@ int X509_OBJECT_idx_by_subject(STACK_OF(X509_OBJECT) *h, int type,
 		return -1;
 		}
 
-	return sk_X509_OBJECT_find(h,&stmp);
+	idx = sk_X509_OBJECT_find(h,&stmp);
+	if (idx >= 0 && pnmatch)
+		{
+		int tidx;
+		const X509_OBJECT *tobj, *pstmp;
+		*pnmatch = 1;
+		pstmp = &stmp;
+		for (tidx = idx + 1; tidx < sk_X509_OBJECT_num(h); tidx++)
+			{
+			tobj = sk_X509_OBJECT_value(h, tidx);
+			if (x509_object_cmp(&tobj, &pstmp))
+				break;
+			(*pnmatch)++;
+			}
+		}
+	return idx;
+	}
+
+
+int X509_OBJECT_idx_by_subject(STACK_OF(X509_OBJECT) *h, int type,
+	     X509_NAME *name)
+	{
+	return x509_object_idx_cnt(h, type, name, NULL);
 	}
 
 X509_OBJECT *X509_OBJECT_retrieve_by_subject(STACK_OF(X509_OBJECT) *h, int type,
@@ -453,19 +484,126 @@ X509_OBJECT *X509_OBJECT_retrieve_by_subject(STACK_OF(X509_OBJECT) *h, int type,
 	return sk_X509_OBJECT_value(h, idx);
 }
 
+STACK_OF(X509)* X509_STORE_get1_certs(X509_STORE_CTX *ctx, X509_NAME *nm)
+	{
+	int i, idx, cnt;
+	STACK_OF(X509) *sk;
+	X509 *x;
+	X509_OBJECT *obj;
+	sk = sk_X509_new_null();
+	CRYPTO_r_lock(CRYPTO_LOCK_X509_STORE);
+	idx = x509_object_idx_cnt(ctx->ctx->objs, X509_LU_X509, nm, &cnt);
+	if (idx < 0)
+		{
+		/* Nothing found in cache: do lookup to possibly add new
+		 * objects to cache
+		 */
+		X509_OBJECT xobj;
+		CRYPTO_r_unlock(CRYPTO_LOCK_X509_STORE);
+		if (!X509_STORE_get_by_subject(ctx, X509_LU_X509, nm, &xobj))
+			{
+			sk_X509_free(sk);
+			return NULL;
+			}
+		X509_OBJECT_free_contents(&xobj);
+		CRYPTO_r_lock(CRYPTO_LOCK_X509_STORE);
+		idx = x509_object_idx_cnt(ctx->ctx->objs,X509_LU_X509,nm, &cnt);
+		if (idx < 0)
+			{
+			CRYPTO_r_unlock(CRYPTO_LOCK_X509_STORE);
+			sk_X509_free(sk);
+			return NULL;
+			}
+		}
+	for (i = 0; i < cnt; i++, idx++)
+		{
+		obj = sk_X509_OBJECT_value(ctx->ctx->objs, idx);
+		x = obj->data.x509;
+		CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509);
+		if (!sk_X509_push(sk, x))
+			{
+			CRYPTO_r_unlock(CRYPTO_LOCK_X509_STORE);
+			X509_free(x);
+			sk_X509_pop_free(sk, X509_free);
+			return NULL;
+			}
+		}
+	CRYPTO_r_unlock(CRYPTO_LOCK_X509_STORE);
+	return sk;
+
+	}
+
+STACK_OF(X509_CRL)* X509_STORE_get1_crls(X509_STORE_CTX *ctx, X509_NAME *nm)
+	{
+	int i, idx, cnt;
+	STACK_OF(X509_CRL) *sk;
+	X509_CRL *x;
+	X509_OBJECT *obj, xobj;
+	sk = sk_X509_CRL_new_null();
+	CRYPTO_r_lock(CRYPTO_LOCK_X509_STORE);
+	/* Check cache first */
+	idx = x509_object_idx_cnt(ctx->ctx->objs, X509_LU_CRL, nm, &cnt);
+
+	/* Always do lookup to possibly add new CRLs to cache
+	 */
+	CRYPTO_r_unlock(CRYPTO_LOCK_X509_STORE);
+	if (!X509_STORE_get_by_subject(ctx, X509_LU_CRL, nm, &xobj))
+		{
+		sk_X509_CRL_free(sk);
+		return NULL;
+		}
+	X509_OBJECT_free_contents(&xobj);
+	CRYPTO_r_lock(CRYPTO_LOCK_X509_STORE);
+	idx = x509_object_idx_cnt(ctx->ctx->objs,X509_LU_CRL, nm, &cnt);
+	if (idx < 0)
+		{
+		CRYPTO_r_unlock(CRYPTO_LOCK_X509_STORE);
+		sk_X509_CRL_free(sk);
+		return NULL;
+		}
+
+	for (i = 0; i < cnt; i++, idx++)
+		{
+		obj = sk_X509_OBJECT_value(ctx->ctx->objs, idx);
+		x = obj->data.crl;
+		CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509_CRL);
+		if (!sk_X509_CRL_push(sk, x))
+			{
+			CRYPTO_r_unlock(CRYPTO_LOCK_X509_STORE);
+			X509_CRL_free(x);
+			sk_X509_CRL_pop_free(sk, X509_CRL_free);
+			return NULL;
+			}
+		}
+	CRYPTO_r_unlock(CRYPTO_LOCK_X509_STORE);
+	return sk;
+
+	}
+
 X509_OBJECT *X509_OBJECT_retrieve_match(STACK_OF(X509_OBJECT) *h, X509_OBJECT *x)
 {
 	int idx, i;
 	X509_OBJECT *obj;
 	idx = sk_X509_OBJECT_find(h, x);
 	if (idx == -1) return NULL;
-	if (x->type != X509_LU_X509) return sk_X509_OBJECT_value(h, idx);
+	if ((x->type != X509_LU_X509) && (x->type != X509_LU_CRL))
+		return sk_X509_OBJECT_value(h, idx);
 	for (i = idx; i < sk_X509_OBJECT_num(h); i++)
 		{
 		obj = sk_X509_OBJECT_value(h, i);
 		if (x509_object_cmp((const X509_OBJECT **)&obj, (const X509_OBJECT **)&x))
 			return NULL;
-		if ((x->type != X509_LU_X509) || !X509_cmp(obj->data.x509, x->data.x509))
+		if (x->type == X509_LU_X509)
+			{
+			if (!X509_cmp(obj->data.x509, x->data.x509))
+				return obj;
+			}
+		else if (x->type == X509_LU_CRL)
+			{
+			if (!X509_CRL_match(obj->data.crl, x->data.crl))
+				return obj;
+			}
+		else
 			return obj;
 		}
 	return NULL;
@@ -497,7 +635,7 @@ int X509_STORE_CTX_get1_issuer(X509 **issuer, X509_STORE_CTX *ctx, X509 *x)
 		if (ok == X509_LU_RETRY)
 			{
 			X509_OBJECT_free_contents(&obj);
-			X509err(X509_F_X509_VERIFY_CERT,X509_R_SHOULD_RETRY);
+			X509err(X509_F_X509_STORE_CTX_GET1_ISSUER,X509_R_SHOULD_RETRY);
 			return -1;
 			}
 		else if (ok != X509_LU_FAIL)
@@ -563,5 +701,11 @@ int X509_STORE_set1_param(X509_STORE *ctx, X509_VERIFY_PARAM *param)
 	return X509_VERIFY_PARAM_set1(ctx->param, param);
 	}
 
+void X509_STORE_set_verify_cb(X509_STORE *ctx,
+				  int (*verify_cb)(int, X509_STORE_CTX *))
+	{
+	ctx->verify_cb = verify_cb;
+	}
+
 IMPLEMENT_STACK_OF(X509_LOOKUP)
 IMPLEMENT_STACK_OF(X509_OBJECT)
diff --git a/crypto/x509/x509_obj.c b/crypto/x509/x509_obj.c
index 1e718f76eb..21fed9f838 100644
--- a/crypto/x509/x509_obj.c
+++ b/crypto/x509/x509_obj.c
@@ -72,7 +72,7 @@ int i;
 	char *p;
 	unsigned char *q;
 	BUF_MEM *b=NULL;
-	static char hex[17]="0123456789ABCDEF";
+	static const char hex[17]="0123456789ABCDEF";
 	int gs_doit[4];
 	char tmp_buf[80];
 #ifdef CHARSET_EBCDIC
diff --git a/crypto/x509/x509_r2x.c b/crypto/x509/x509_r2x.c
index fb8a78dabe..254a14693d 100644
--- a/crypto/x509/x509_r2x.c
+++ b/crypto/x509/x509_r2x.c
@@ -89,8 +89,10 @@ X509 *X509_REQ_to_X509(X509_REQ *r, int days, EVP_PKEY *pkey)
 		}
 
 	xn=X509_REQ_get_subject_name(r);
-	X509_set_subject_name(ret,X509_NAME_dup(xn));
-	X509_set_issuer_name(ret,X509_NAME_dup(xn));
+	if (X509_set_subject_name(ret,X509_NAME_dup(xn)) == 0)
+		goto err;
+	if (X509_set_issuer_name(ret,X509_NAME_dup(xn)) == 0)
+		goto err;
 
 	if (X509_gmtime_adj(xi->validity->notBefore,0) == NULL)
 		goto err;
diff --git a/crypto/x509/x509_req.c b/crypto/x509/x509_req.c
index ab13bcfc06..48183dc00c 100644
--- a/crypto/x509/x509_req.c
+++ b/crypto/x509/x509_req.c
@@ -61,6 +61,7 @@
 #include <openssl/bn.h>
 #include <openssl/evp.h>
 #include <openssl/asn1.h>
+#include <openssl/asn1t.h>
 #include <openssl/x509.h>
 #include <openssl/objects.h>
 #include <openssl/buffer.h>
@@ -205,10 +206,9 @@ STACK_OF(X509_EXTENSION) *X509_REQ_get_extensions(X509_REQ *req)
 	if(!ext || (ext->type != V_ASN1_SEQUENCE))
 		return NULL;
 	p = ext->value.sequence->data;
-	return d2i_ASN1_SET_OF_X509_EXTENSION(NULL, &p,
-			ext->value.sequence->length,
-			d2i_X509_EXTENSION, X509_EXTENSION_free,
-			V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL);
+	return (STACK_OF(X509_EXTENSION) *)
+		ASN1_item_d2i(NULL, &p, ext->value.sequence->length,
+				ASN1_ITEM_rptr(X509_EXTENSIONS));
 }
 
 /* Add a STACK_OF extensions to a certificate request: allow alternative OIDs
@@ -218,8 +218,6 @@ STACK_OF(X509_EXTENSION) *X509_REQ_get_extensions(X509_REQ *req)
 int X509_REQ_add_extensions_nid(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts,
 				int nid)
 {
-	unsigned char *p = NULL, *q;
-	long len;
 	ASN1_TYPE *at = NULL;
 	X509_ATTRIBUTE *attr = NULL;
 	if(!(at = ASN1_TYPE_new()) ||
@@ -227,25 +225,24 @@ int X509_REQ_add_extensions_nid(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts,
 
 	at->type = V_ASN1_SEQUENCE;
 	/* Generate encoding of extensions */
-	len = i2d_ASN1_SET_OF_X509_EXTENSION(exts, NULL, i2d_X509_EXTENSION,
-			V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL, IS_SEQUENCE);
-	if(!(p = OPENSSL_malloc(len))) goto err;
-	q = p;
-	i2d_ASN1_SET_OF_X509_EXTENSION(exts, &q, i2d_X509_EXTENSION,
-			V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL, IS_SEQUENCE);
-	at->value.sequence->data = p;
-	p = NULL;
-	at->value.sequence->length = len;
+	at->value.sequence->length = 
+			ASN1_item_i2d((ASN1_VALUE *)exts,
+				&at->value.sequence->data,
+				ASN1_ITEM_rptr(X509_EXTENSIONS));
 	if(!(attr = X509_ATTRIBUTE_new())) goto err;
 	if(!(attr->value.set = sk_ASN1_TYPE_new_null())) goto err;
 	if(!sk_ASN1_TYPE_push(attr->value.set, at)) goto err;
 	at = NULL;
 	attr->single = 0;
 	attr->object = OBJ_nid2obj(nid);
+	if (!req->req_info->attributes)
+		{
+		if (!(req->req_info->attributes = sk_X509_ATTRIBUTE_new_null()))
+			goto err;
+		}
 	if(!sk_X509_ATTRIBUTE_push(req->req_info->attributes, attr)) goto err;
 	return 1;
 	err:
-	if(p) OPENSSL_free(p);
 	X509_ATTRIBUTE_free(attr);
 	ASN1_TYPE_free(at);
 	return 0;
diff --git a/crypto/x509/x509_set.c b/crypto/x509/x509_set.c
index aaf61ca062..4b94fc5847 100644
--- a/crypto/x509/x509_set.c
+++ b/crypto/x509/x509_set.c
@@ -104,7 +104,7 @@ int X509_set_subject_name(X509 *x, X509_NAME *name)
 	return(X509_NAME_set(&x->cert_info->subject,name));
 	}
 
-int X509_set_notBefore(X509 *x, ASN1_TIME *tm)
+int X509_set_notBefore(X509 *x, const ASN1_TIME *tm)
 	{
 	ASN1_TIME *in;
 
@@ -122,7 +122,7 @@ int X509_set_notBefore(X509 *x, ASN1_TIME *tm)
 	return(in != NULL);
 	}
 
-int X509_set_notAfter(X509 *x, ASN1_TIME *tm)
+int X509_set_notAfter(X509 *x, const ASN1_TIME *tm)
 	{
 	ASN1_TIME *in;
 
diff --git a/crypto/x509/x509_trs.c b/crypto/x509/x509_trs.c
index 9c84a59d52..a6cb9c8b1b 100644
--- a/crypto/x509/x509_trs.c
+++ b/crypto/x509/x509_trs.c
@@ -1,5 +1,5 @@
 /* x509_trs.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
 /* ====================================================================
@@ -84,7 +84,8 @@ static X509_TRUST trstandard[] = {
 {X509_TRUST_EMAIL, 0, trust_1oidany, "S/MIME email", NID_email_protect, NULL},
 {X509_TRUST_OBJECT_SIGN, 0, trust_1oidany, "Object Signer", NID_code_sign, NULL},
 {X509_TRUST_OCSP_SIGN, 0, trust_1oid, "OCSP responder", NID_OCSP_sign, NULL},
-{X509_TRUST_OCSP_REQUEST, 0, trust_1oid, "OCSP request", NID_ad_OCSP, NULL}
+{X509_TRUST_OCSP_REQUEST, 0, trust_1oid, "OCSP request", NID_ad_OCSP, NULL},
+{X509_TRUST_TSA, 0, trust_1oidany, "TSA server", NID_time_stamp, NULL}
 };
 
 #define X509_TRUST_COUNT	(sizeof(trstandard)/sizeof(X509_TRUST))
diff --git a/crypto/x509/x509_txt.c b/crypto/x509/x509_txt.c
index 247e7e178a..c44f753c46 100644
--- a/crypto/x509/x509_txt.c
+++ b/crypto/x509/x509_txt.c
@@ -128,6 +128,8 @@ const char *X509_verify_cert_error_string(long n)
 		return ("path length constraint exceeded");
 	case X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED:
 		return("proxy path length constraint exceeded");
+	case X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED:
+		return("proxy certificates not allowed, please set the appropriate flag");
 	case X509_V_ERR_INVALID_PURPOSE:
 		return ("unsupported certificate purpose");
 	case X509_V_ERR_CERT_UNTRUSTED:
@@ -160,6 +162,28 @@ const char *X509_verify_cert_error_string(long n)
 		return("invalid or inconsistent certificate policy extension");
 	case X509_V_ERR_NO_EXPLICIT_POLICY:
 		return("no explicit policy");
+	case X509_V_ERR_DIFFERENT_CRL_SCOPE:
+	return("Different CRL scope");
+	case X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE:
+	return("Unsupported extension feature");
+ 	case X509_V_ERR_UNNESTED_RESOURCE:
+ 		return("RFC 3779 resource not subset of parent's resources");
+
+	case X509_V_ERR_PERMITTED_VIOLATION:
+		return("permitted subtree violation");
+	case X509_V_ERR_EXCLUDED_VIOLATION:
+		return("excluded subtree violation");
+	case X509_V_ERR_SUBTREE_MINMAX:
+		return("name constraints minimum and maximum not supported");
+	case X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE:
+		return("unsupported name constraint type");
+	case X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX:
+		return("unsupported or invalid name constraint syntax");
+	case X509_V_ERR_UNSUPPORTED_NAME_SYNTAX:
+		return("unsupported or invalid name syntax");
+	case X509_V_ERR_CRL_PATH_VALIDATION_ERROR:
+		return("CRL path validation error");
+
 	default:
 		BIO_snprintf(buf,sizeof buf,"error number %ld",n);
 		return(buf);
diff --git a/crypto/x509/x509_v3.c b/crypto/x509/x509_v3.c
index 67b1796a92..42e6f0ab05 100644
--- a/crypto/x509/x509_v3.c
+++ b/crypto/x509/x509_v3.c
@@ -147,7 +147,13 @@ STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x,
 	int n;
 	STACK_OF(X509_EXTENSION) *sk=NULL;
 
-	if ((x != NULL) && (*x == NULL))
+	if (x == NULL)
+		{
+		X509err(X509_F_X509V3_ADD_EXT,ERR_R_PASSED_NULL_PARAMETER);
+		goto err2;
+		}
+
+	if (*x == NULL)
 		{
 		if ((sk=sk_X509_EXTENSION_new_null()) == NULL)
 			goto err;
@@ -163,7 +169,7 @@ STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x,
 		goto err2;
 	if (!sk_X509_EXTENSION_insert(sk,new_ex,loc))
 		goto err;
-	if ((x != NULL) && (*x == NULL))
+	if (*x == NULL)
 		*x=sk;
 	return(sk);
 err:
diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c
index ffc07cce6f..87ebf62525 100644
--- a/crypto/x509/x509_vfy.c
+++ b/crypto/x509/x509_vfy.c
@@ -70,16 +70,72 @@
 #include <openssl/x509v3.h>
 #include <openssl/objects.h>
 
+/* CRL score values */
+
+/* No unhandled critical extensions */
+
+#define CRL_SCORE_NOCRITICAL	0x100
+
+/* certificate is within CRL scope */
+
+#define CRL_SCORE_SCOPE		0x080
+
+/* CRL times valid */
+
+#define CRL_SCORE_TIME		0x040
+
+/* Issuer name matches certificate */
+
+#define CRL_SCORE_ISSUER_NAME	0x020
+
+/* If this score or above CRL is probably valid */
+
+#define CRL_SCORE_VALID (CRL_SCORE_NOCRITICAL|CRL_SCORE_TIME|CRL_SCORE_SCOPE)
+
+/* CRL issuer is certificate issuer */
+
+#define CRL_SCORE_ISSUER_CERT	0x018
+
+/* CRL issuer is on certificate path */
+
+#define CRL_SCORE_SAME_PATH	0x008
+
+/* CRL issuer matches CRL AKID */
+
+#define CRL_SCORE_AKID		0x004
+
+/* Have a delta CRL with valid times */
+
+#define CRL_SCORE_TIME_DELTA	0x002
+
 static int null_callback(int ok,X509_STORE_CTX *e);
 static int check_issued(X509_STORE_CTX *ctx, X509 *x, X509 *issuer);
 static X509 *find_issuer(X509_STORE_CTX *ctx, STACK_OF(X509) *sk, X509 *x);
 static int check_chain_extensions(X509_STORE_CTX *ctx);
+static int check_name_constraints(X509_STORE_CTX *ctx);
 static int check_trust(X509_STORE_CTX *ctx);
 static int check_revocation(X509_STORE_CTX *ctx);
 static int check_cert(X509_STORE_CTX *ctx);
 static int check_policy(X509_STORE_CTX *ctx);
+
+static int get_crl_score(X509_STORE_CTX *ctx, X509 **pissuer,
+			unsigned int *preasons,
+			X509_CRL *crl, X509 *x);
+static int get_crl_delta(X509_STORE_CTX *ctx,
+				X509_CRL **pcrl, X509_CRL **pdcrl, X509 *x);
+static void get_delta_sk(X509_STORE_CTX *ctx, X509_CRL **dcrl, int *pcrl_score,
+			X509_CRL *base, STACK_OF(X509_CRL) *crls);
+static void crl_akid_check(X509_STORE_CTX *ctx, X509_CRL *crl,
+				X509 **pissuer, int *pcrl_score);
+static int crl_crldp_check(X509 *x, X509_CRL *crl, int crl_score,
+				unsigned int *preasons);
+static int check_crl_path(X509_STORE_CTX *ctx, X509 *x);
+static int check_crl_chain(X509_STORE_CTX *ctx,
+			STACK_OF(X509) *cert_path,
+			STACK_OF(X509) *crl_path);
+
 static int internal_verify(X509_STORE_CTX *ctx);
-const char *X509_version="X.509" OPENSSL_VERSION_PTEXT;
+const char X509_version[]="X.509" OPENSSL_VERSION_PTEXT;
 
 
 static int null_callback(int ok, X509_STORE_CTX *e)
@@ -102,7 +158,7 @@ int X509_verify_cert(X509_STORE_CTX *ctx)
 	X509_VERIFY_PARAM *param = ctx->param;
 	int depth,i,ok=0;
 	int num;
-	int (*cb)();
+	int (*cb)(int xok,X509_STORE_CTX *xctx);
 	STACK_OF(X509) *sktmp=NULL;
 	if (ctx->cert == NULL)
 		{
@@ -164,7 +220,7 @@ int X509_verify_cert(X509_STORE_CTX *ctx)
 					goto end;
 					}
 				CRYPTO_add(&xtmp->references,1,CRYPTO_LOCK_X509);
-				sk_X509_delete_ptr(sktmp,xtmp);
+				(void)sk_X509_delete_ptr(sktmp,xtmp);
 				ctx->last_untrusted++;
 				x=xtmp;
 				num++;
@@ -214,7 +270,7 @@ int X509_verify_cert(X509_STORE_CTX *ctx)
 				 */
 				X509_free(x);
 				x = xtmp;
-				sk_X509_set(ctx->chain, i - 1, x);
+				(void)sk_X509_set(ctx->chain, i - 1, x);
 				ctx->last_untrusted=0;
 				}
 			}
@@ -289,6 +345,12 @@ int X509_verify_cert(X509_STORE_CTX *ctx)
 
 	if (!ok) goto end;
 
+	/* Check name constraints */
+
+	ok = check_name_constraints(ctx);
+	
+	if (!ok) goto end;
+
 	/* The chain extensions are OK: check trust */
 
 	if (param->trust > 0) ok = check_trust(ctx);
@@ -312,6 +374,14 @@ int X509_verify_cert(X509_STORE_CTX *ctx)
 		ok=internal_verify(ctx);
 	if(!ok) goto end;
 
+#ifndef OPENSSL_NO_RFC3779
+	/* RFC 3779 path validation, now that CRL check has been done */
+	ok = v3_asid_validate_path(ctx);
+	if (!ok) goto end;
+	ok = v3_addr_validate_path(ctx);
+	if (!ok) goto end;
+#endif
+
 	/* If we get this far evaluate policies */
 	if (!bad_chain && (ctx->param->flags & X509_V_FLAG_POLICY_CHECK))
 		ok = ctx->check_policy(ctx);
@@ -386,10 +456,12 @@ static int check_chain_extensions(X509_STORE_CTX *ctx)
 #ifdef OPENSSL_NO_CHAIN_VERIFY
 	return 1;
 #else
-	int i, ok=0, must_be_ca;
+	int i, ok=0, must_be_ca, plen = 0;
 	X509 *x;
-	int (*cb)();
+	int (*cb)(int xok,X509_STORE_CTX *xctx);
 	int proxy_path_length = 0;
+	int purpose;
+	int allow_proxy_certs;
 	cb=ctx->verify_cb;
 
 	/* must_be_ca can have 1 of 3 values:
@@ -401,6 +473,24 @@ static int check_chain_extensions(X509_STORE_CTX *ctx)
 	       all certificates in the chain except the leaf certificate.
 	*/
 	must_be_ca = -1;
+
+	/* CRL path validation */
+	if (ctx->parent)
+		{
+		allow_proxy_certs = 0;
+		purpose = X509_PURPOSE_CRL_SIGN;
+		}
+	else
+		{
+		allow_proxy_certs =
+			!!(ctx->param->flags & X509_V_FLAG_ALLOW_PROXY_CERTS);
+		/* A hack to keep people who don't want to modify their
+		   software happy */
+		if (getenv("OPENSSL_ALLOW_PROXY_CERTS"))
+			allow_proxy_certs = 1;
+		purpose = ctx->param->purpose;
+		}
+
 	/* Check all untrusted certificates */
 	for (i = 0; i < ctx->last_untrusted; i++)
 		{
@@ -415,6 +505,14 @@ static int check_chain_extensions(X509_STORE_CTX *ctx)
 			ok=cb(0,ctx);
 			if (!ok) goto end;
 			}
+		if (!allow_proxy_certs && (x->ex_flags & EXFLAG_PROXY))
+			{
+			ctx->error = X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED;
+			ctx->error_depth = i;
+			ctx->current_cert = x;
+			ok=cb(0,ctx);
+			if (!ok) goto end;
+			}
 		ret = X509_check_ca(x);
 		switch(must_be_ca)
 			{
@@ -458,8 +556,7 @@ static int check_chain_extensions(X509_STORE_CTX *ctx)
 			}
 		if (ctx->param->purpose > 0)
 			{
-			ret = X509_check_purpose(x, ctx->param->purpose,
-				must_be_ca > 0);
+			ret = X509_check_purpose(x, purpose, must_be_ca > 0);
 			if ((ret == 0)
 				|| ((ctx->param->flags & X509_V_FLAG_X509_STRICT)
 					&& (ret != 1)))
@@ -471,9 +568,10 @@ static int check_chain_extensions(X509_STORE_CTX *ctx)
 				if (!ok) goto end;
 				}
 			}
-		/* Check pathlen */
-		if ((i > 1) && (x->ex_pathlen != -1)
-			   && (i > (x->ex_pathlen + proxy_path_length + 1)))
+		/* Check pathlen if not self issued */
+		if ((i > 1) && !(x->ex_flags & EXFLAG_SI)
+			   && (x->ex_pathlen != -1)
+			   && (plen > (x->ex_pathlen + proxy_path_length + 1)))
 			{
 			ctx->error = X509_V_ERR_PATH_LENGTH_EXCEEDED;
 			ctx->error_depth = i;
@@ -481,6 +579,9 @@ static int check_chain_extensions(X509_STORE_CTX *ctx)
 			ok=cb(0,ctx);
 			if (!ok) goto end;
 			}
+		/* Increment path length if not self issued */
+		if (!(x->ex_flags & EXFLAG_SI))
+			plen++;
 		/* If this certificate is a proxy certificate, the next
 		   certificate must be another proxy certificate or a EE
 		   certificate.  If not, the next certificate must be a
@@ -508,6 +609,42 @@ static int check_chain_extensions(X509_STORE_CTX *ctx)
 #endif
 }
 
+static int check_name_constraints(X509_STORE_CTX *ctx)
+	{
+	X509 *x;
+	int i, j, rv;
+	/* Check name constraints for all certificates */
+	for (i = sk_X509_num(ctx->chain) - 1; i >= 0; i--)
+		{
+		x = sk_X509_value(ctx->chain, i);
+		/* Ignore self issued certs unless last in chain */
+		if (i && (x->ex_flags & EXFLAG_SI))
+			continue;
+		/* Check against constraints for all certificates higher in
+		 * chain including trust anchor. Trust anchor not strictly
+		 * speaking needed but if it includes constraints it is to be
+		 * assumed it expects them to be obeyed.
+		 */
+		for (j = sk_X509_num(ctx->chain) - 1; j > i; j--)
+			{
+			NAME_CONSTRAINTS *nc = sk_X509_value(ctx->chain, j)->nc;
+			if (nc)
+				{
+				rv = NAME_CONSTRAINTS_check(x, nc);
+				if (rv != X509_V_OK)
+					{
+					ctx->error = rv;
+					ctx->error_depth = i;
+					ctx->current_cert = x;
+					if (!ctx->verify_cb(0,ctx))
+						return 0;
+					}
+				}
+			}
+		}
+	return 1;
+	}
+
 static int check_trust(X509_STORE_CTX *ctx)
 {
 #ifdef OPENSSL_NO_CHAIN_VERIFY
@@ -515,7 +652,7 @@ static int check_trust(X509_STORE_CTX *ctx)
 #else
 	int i, ok;
 	X509 *x;
-	int (*cb)();
+	int (*cb)(int xok,X509_STORE_CTX *xctx);
 	cb=ctx->verify_cb;
 /* For now just check the last certificate in the chain */
 	i = sk_X509_num(ctx->chain) - 1;
@@ -542,7 +679,12 @@ static int check_revocation(X509_STORE_CTX *ctx)
 	if (ctx->param->flags & X509_V_FLAG_CRL_CHECK_ALL)
 		last = sk_X509_num(ctx->chain) - 1;
 	else
+		{
+		/* If checking CRL paths this isn't the EE certificate */
+		if (ctx->parent)
+			return 1;
 		last = 0;
+		}
 	for(i = 0; i <= last; i++)
 		{
 		ctx->error_depth = i;
@@ -554,30 +696,65 @@ static int check_revocation(X509_STORE_CTX *ctx)
 
 static int check_cert(X509_STORE_CTX *ctx)
 	{
-	X509_CRL *crl = NULL;
+	X509_CRL *crl = NULL, *dcrl = NULL;
 	X509 *x;
 	int ok, cnum;
 	cnum = ctx->error_depth;
 	x = sk_X509_value(ctx->chain, cnum);
 	ctx->current_cert = x;
-	/* Try to retrieve relevant CRL */
-	ok = ctx->get_crl(ctx, &crl, x);
-	/* If error looking up CRL, nothing we can do except
-	 * notify callback
-	 */
-	if(!ok)
+	ctx->current_issuer = NULL;
+	ctx->current_reasons = 0;
+	while (ctx->current_reasons != CRLDP_ALL_REASONS)
 		{
-		ctx->error = X509_V_ERR_UNABLE_TO_GET_CRL;
-		ok = ctx->verify_cb(0, ctx);
-		goto err;
+		/* Try to retrieve relevant CRL */
+		if (ctx->get_crl)
+			ok = ctx->get_crl(ctx, &crl, x);
+		else
+			ok = get_crl_delta(ctx, &crl, &dcrl, x);
+		/* If error looking up CRL, nothing we can do except
+		 * notify callback
+		 */
+		if(!ok)
+			{
+			ctx->error = X509_V_ERR_UNABLE_TO_GET_CRL;
+			ok = ctx->verify_cb(0, ctx);
+			goto err;
+			}
+		ctx->current_crl = crl;
+		ok = ctx->check_crl(ctx, crl);
+		if (!ok)
+			goto err;
+
+		if (dcrl)
+			{
+			ok = ctx->check_crl(ctx, dcrl);
+			if (!ok)
+				goto err;
+			ok = ctx->cert_crl(ctx, dcrl, x);
+			if (!ok)
+				goto err;
+			}
+		else
+			ok = 1;
+
+		/* Don't look in full CRL if delta reason is removefromCRL */
+		if (ok != 2)
+			{
+			ok = ctx->cert_crl(ctx, crl, x);
+			if (!ok)
+				goto err;
+			}
+
+		X509_CRL_free(crl);
+		X509_CRL_free(dcrl);
+		crl = NULL;
+		dcrl = NULL;
 		}
-	ctx->current_crl = crl;
-	ok = ctx->check_crl(ctx, crl);
-	if (!ok) goto err;
-	ok = ctx->cert_crl(ctx, crl, x);
 	err:
-	ctx->current_crl = NULL;
 	X509_CRL_free(crl);
+	X509_CRL_free(dcrl);
+
+	ctx->current_crl = NULL;
 	return ok;
 
 	}
@@ -588,7 +765,8 @@ static int check_crl_time(X509_STORE_CTX *ctx, X509_CRL *crl, int notify)
 	{
 	time_t *ptime;
 	int i;
-	ctx->current_crl = crl;
+	if (notify)
+		ctx->current_crl = crl;
 	if (ctx->param->flags & X509_V_FLAG_USE_CHECK_TIME)
 		ptime = &ctx->param->check_time;
 	else
@@ -597,15 +775,19 @@ static int check_crl_time(X509_STORE_CTX *ctx, X509_CRL *crl, int notify)
 	i=X509_cmp_time(X509_CRL_get_lastUpdate(crl), ptime);
 	if (i == 0)
 		{
+		if (!notify)
+			return 0;
 		ctx->error=X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD;
-		if (!notify || !ctx->verify_cb(0, ctx))
+		if (!ctx->verify_cb(0, ctx))
 			return 0;
 		}
 
 	if (i > 0)
 		{
+		if (!notify)
+			return 0;
 		ctx->error=X509_V_ERR_CRL_NOT_YET_VALID;
-		if (!notify || !ctx->verify_cb(0, ctx))
+		if (!ctx->verify_cb(0, ctx))
 			return 0;
 		}
 
@@ -615,92 +797,545 @@ static int check_crl_time(X509_STORE_CTX *ctx, X509_CRL *crl, int notify)
 
 		if (i == 0)
 			{
+			if (!notify)
+				return 0;
 			ctx->error=X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD;
-			if (!notify || !ctx->verify_cb(0, ctx))
+			if (!ctx->verify_cb(0, ctx))
 				return 0;
 			}
-
-		if (i < 0)
+		/* Ignore expiry of base CRL is delta is valid */
+		if ((i < 0) && !(ctx->current_crl_score & CRL_SCORE_TIME_DELTA))
 			{
+			if (!notify)
+				return 0;
 			ctx->error=X509_V_ERR_CRL_HAS_EXPIRED;
-			if (!notify || !ctx->verify_cb(0, ctx))
+			if (!ctx->verify_cb(0, ctx))
 				return 0;
 			}
 		}
 
-	ctx->current_crl = NULL;
+	if (notify)
+		ctx->current_crl = NULL;
 
 	return 1;
 	}
 
-/* Lookup CRLs from the supplied list. Look for matching isser name
- * and validity. If we can't find a valid CRL return the last one
- * with matching name. This gives more meaningful error codes. Otherwise
- * we'd get a CRL not found error if a CRL existed with matching name but
- * was invalid.
- */
-
-static int get_crl_sk(X509_STORE_CTX *ctx, X509_CRL **pcrl,
-			X509_NAME *nm, STACK_OF(X509_CRL) *crls)
+static int get_crl_sk(X509_STORE_CTX *ctx, X509_CRL **pcrl, X509_CRL **pdcrl,
+			X509 **pissuer, int *pscore, unsigned int *preasons,
+			STACK_OF(X509_CRL) *crls)
 	{
-	int i;
+	int i, crl_score, best_score = *pscore;
+	unsigned int reasons, best_reasons = 0;
+	X509 *x = ctx->current_cert;
 	X509_CRL *crl, *best_crl = NULL;
+	X509 *crl_issuer = NULL, *best_crl_issuer = NULL;
+
 	for (i = 0; i < sk_X509_CRL_num(crls); i++)
 		{
 		crl = sk_X509_CRL_value(crls, i);
-		if (X509_NAME_cmp(nm, X509_CRL_get_issuer(crl)))
-			continue;
-		if (check_crl_time(ctx, crl, 0))
+		reasons = *preasons;
+		crl_score = get_crl_score(ctx, &crl_issuer, &reasons, crl, x);
+
+		if (crl_score > best_score)
 			{
-			*pcrl = crl;
-			CRYPTO_add(&crl->references, 1, CRYPTO_LOCK_X509);
-			return 1;
+			best_crl = crl;
+			best_crl_issuer = crl_issuer;
+			best_score = crl_score;
+			best_reasons = reasons;
 			}
-		best_crl = crl;
 		}
+
 	if (best_crl)
 		{
+		if (*pcrl)
+			X509_CRL_free(*pcrl);
 		*pcrl = best_crl;
-		CRYPTO_add(&best_crl->references, 1, CRYPTO_LOCK_X509);
+		*pissuer = best_crl_issuer;
+		*pscore = best_score;
+		*preasons = best_reasons;
+		CRYPTO_add(&best_crl->references, 1, CRYPTO_LOCK_X509_CRL);
+		if (*pdcrl)
+			{
+			X509_CRL_free(*pdcrl);
+			*pdcrl = NULL;
+			}
+		get_delta_sk(ctx, pdcrl, pscore, best_crl, crls);
 		}
-		
+
+	if (best_score >= CRL_SCORE_VALID)
+		return 1;
+
 	return 0;
 	}
 
-/* Retrieve CRL corresponding to certificate: currently just a
- * subject lookup: maybe use AKID later...
+/* Compare two CRL extensions for delta checking purposes. They should be
+ * both present or both absent. If both present all fields must be identical.
  */
-static int get_crl(X509_STORE_CTX *ctx, X509_CRL **pcrl, X509 *x)
+
+static int crl_extension_match(X509_CRL *a, X509_CRL *b, int nid)
 	{
-	int ok;
-	X509_CRL *crl = NULL;
-	X509_OBJECT xobj;
-	X509_NAME *nm;
-	nm = X509_get_issuer_name(x);
-	ok = get_crl_sk(ctx, &crl, nm, ctx->crls);
-	if (ok)
+	ASN1_OCTET_STRING *exta, *extb;
+	int i;
+	i = X509_CRL_get_ext_by_NID(a, nid, 0);
+	if (i >= 0)
 		{
-		*pcrl = crl;
+		/* Can't have multiple occurrences */
+		if (X509_CRL_get_ext_by_NID(a, nid, i) != -1)
+			return 0;
+		exta = X509_EXTENSION_get_data(X509_CRL_get_ext(a, i));
+		}
+	else
+		exta = NULL;
+
+	i = X509_CRL_get_ext_by_NID(b, nid, 0);
+
+	if (i >= 0)
+		{
+
+		if (X509_CRL_get_ext_by_NID(b, nid, i) != -1)
+			return 0;
+		extb = X509_EXTENSION_get_data(X509_CRL_get_ext(b, i));
+		}
+	else
+		extb = NULL;
+
+	if (!exta && !extb)
 		return 1;
+
+	if (!exta || !extb)
+		return 0;
+
+
+	if (ASN1_OCTET_STRING_cmp(exta, extb))
+		return 0;
+
+	return 1;
+	}
+
+/* See if a base and delta are compatible */
+
+static int check_delta_base(X509_CRL *delta, X509_CRL *base)
+	{
+	/* Delta CRL must be a delta */
+	if (!delta->base_crl_number)
+			return 0;
+	/* Base must have a CRL number */
+	if (!base->crl_number)
+			return 0;
+	/* Issuer names must match */
+	if (X509_NAME_cmp(X509_CRL_get_issuer(base),
+				X509_CRL_get_issuer(delta)))
+		return 0;
+	/* AKID and IDP must match */
+	if (!crl_extension_match(delta, base, NID_authority_key_identifier))
+			return 0;
+	if (!crl_extension_match(delta, base, NID_issuing_distribution_point))
+			return 0;
+	/* Delta CRL base number must not exceed Full CRL number. */
+	if (ASN1_INTEGER_cmp(delta->base_crl_number, base->crl_number) > 0)
+			return 0;
+	/* Delta CRL number must exceed full CRL number */
+	if (ASN1_INTEGER_cmp(delta->crl_number, base->crl_number) > 0)
+			return 1;
+	return 0;
+	}
+
+/* For a given base CRL find a delta... maybe extend to delta scoring
+ * or retrieve a chain of deltas...
+ */
+
+static void get_delta_sk(X509_STORE_CTX *ctx, X509_CRL **dcrl, int *pscore,
+			X509_CRL *base, STACK_OF(X509_CRL) *crls)
+	{
+	X509_CRL *delta;
+	int i;
+	if (!(ctx->param->flags & X509_V_FLAG_USE_DELTAS))
+		return;
+	if (!((ctx->current_cert->ex_flags | base->flags) & EXFLAG_FRESHEST))
+		return;
+	for (i = 0; i < sk_X509_CRL_num(crls); i++)
+		{
+		delta = sk_X509_CRL_value(crls, i);
+		if (check_delta_base(delta, base))
+			{
+			if (check_crl_time(ctx, delta, 0))
+				*pscore |= CRL_SCORE_TIME_DELTA;
+			CRYPTO_add(&delta->references, 1, CRYPTO_LOCK_X509_CRL);
+			*dcrl = delta;
+			return;
+			}
+		}
+	*dcrl = NULL;
+	}
+
+/* For a given CRL return how suitable it is for the supplied certificate 'x'.
+ * The return value is a mask of several criteria.
+ * If the issuer is not the certificate issuer this is returned in *pissuer.
+ * The reasons mask is also used to determine if the CRL is suitable: if
+ * no new reasons the CRL is rejected, otherwise reasons is updated.
+ */
+
+static int get_crl_score(X509_STORE_CTX *ctx, X509 **pissuer,
+			unsigned int *preasons,
+			X509_CRL *crl, X509 *x)
+	{
+
+	int crl_score = 0;
+	unsigned int tmp_reasons = *preasons, crl_reasons;
+
+	/* First see if we can reject CRL straight away */
+
+	/* Invalid IDP cannot be processed */
+	if (crl->idp_flags & IDP_INVALID)
+		return 0;
+	/* Reason codes or indirect CRLs need extended CRL support */
+	if (!(ctx->param->flags & X509_V_FLAG_EXTENDED_CRL_SUPPORT))
+		{
+		if (crl->idp_flags & (IDP_INDIRECT | IDP_REASONS))
+			return 0;
+		}
+	else if (crl->idp_flags & IDP_REASONS)
+		{
+		/* If no new reasons reject */
+		if (!(crl->idp_reasons & ~tmp_reasons))
+			return 0;
+		}
+	/* Don't process deltas at this stage */
+	else if (crl->base_crl_number)
+		return 0;
+	/* If issuer name doesn't match certificate need indirect CRL */
+	if (X509_NAME_cmp(X509_get_issuer_name(x), X509_CRL_get_issuer(crl)))
+		{
+		if (!(crl->idp_flags & IDP_INDIRECT))
+			return 0;
+		}
+	else
+		crl_score |= CRL_SCORE_ISSUER_NAME;
+
+	if (!(crl->flags & EXFLAG_CRITICAL))
+		crl_score |= CRL_SCORE_NOCRITICAL;
+
+	/* Check expiry */
+	if (check_crl_time(ctx, crl, 0))
+		crl_score |= CRL_SCORE_TIME;
+
+	/* Check authority key ID and locate certificate issuer */
+	crl_akid_check(ctx, crl, pissuer, &crl_score);
+
+	/* If we can't locate certificate issuer at this point forget it */
+
+	if (!(crl_score & CRL_SCORE_AKID))
+		return 0;
+
+	/* Check cert for matching CRL distribution points */
+
+	if (crl_crldp_check(x, crl, crl_score, &crl_reasons))
+		{
+		/* If no new reasons reject */
+		if (!(crl_reasons & ~tmp_reasons))
+			return 0;
+		tmp_reasons |= crl_reasons;
+		crl_score |= CRL_SCORE_SCOPE;
 		}
 
-	ok = X509_STORE_get_by_subject(ctx, X509_LU_CRL, nm, &xobj);
+	*preasons = tmp_reasons;
+
+	return crl_score;
 
-	if (!ok)
+	}
+
+static void crl_akid_check(X509_STORE_CTX *ctx, X509_CRL *crl,
+				X509 **pissuer, int *pcrl_score)
+	{
+	X509 *crl_issuer = NULL;
+	X509_NAME *cnm = X509_CRL_get_issuer(crl);
+	int cidx = ctx->error_depth;
+	int i;
+
+	if (cidx != sk_X509_num(ctx->chain) - 1)
+		cidx++;
+
+	crl_issuer = sk_X509_value(ctx->chain, cidx);
+
+	if (X509_check_akid(crl_issuer, crl->akid) == X509_V_OK)
 		{
-		/* If we got a near match from get_crl_sk use that */
-		if (crl)
+		if (*pcrl_score & CRL_SCORE_ISSUER_NAME)
 			{
-			*pcrl = crl;
-			return 1;
+			*pcrl_score |= CRL_SCORE_AKID|CRL_SCORE_ISSUER_CERT;
+			*pissuer = crl_issuer;
+			return;
+			}
+		}
+
+	for (cidx++; cidx < sk_X509_num(ctx->chain); cidx++)
+		{
+		crl_issuer = sk_X509_value(ctx->chain, cidx);
+		if (X509_NAME_cmp(X509_get_subject_name(crl_issuer), cnm))
+			continue;
+		if (X509_check_akid(crl_issuer, crl->akid) == X509_V_OK)
+			{
+			*pcrl_score |= CRL_SCORE_AKID|CRL_SCORE_SAME_PATH;
+			*pissuer = crl_issuer;
+			return;
+			}
+		}
+
+	/* Anything else needs extended CRL support */
+
+	if (!(ctx->param->flags & X509_V_FLAG_EXTENDED_CRL_SUPPORT))
+		return;
+
+	/* Otherwise the CRL issuer is not on the path. Look for it in the
+	 * set of untrusted certificates.
+	 */
+	for (i = 0; i < sk_X509_num(ctx->untrusted); i++)
+		{
+		crl_issuer = sk_X509_value(ctx->untrusted, i);
+		if (X509_NAME_cmp(X509_get_subject_name(crl_issuer), cnm))
+			continue;
+		if (X509_check_akid(crl_issuer, crl->akid) == X509_V_OK)
+			{
+			*pissuer = crl_issuer;
+			*pcrl_score |= CRL_SCORE_AKID;
+			return;
+			}
+		}
+	}
+
+/* Check the path of a CRL issuer certificate. This creates a new
+ * X509_STORE_CTX and populates it with most of the parameters from the
+ * parent. This could be optimised somewhat since a lot of path checking
+ * will be duplicated by the parent, but this will rarely be used in 
+ * practice.
+ */
+
+static int check_crl_path(X509_STORE_CTX *ctx, X509 *x)
+	{
+	X509_STORE_CTX crl_ctx;
+	int ret;
+	/* Don't allow recursive CRL path validation */
+	if (ctx->parent)
+		return 0;
+	if (!X509_STORE_CTX_init(&crl_ctx, ctx->ctx, x, ctx->untrusted))
+		return -1;
+
+	crl_ctx.crls = ctx->crls;
+	/* Copy verify params across */
+	X509_STORE_CTX_set0_param(&crl_ctx, ctx->param);
+
+	crl_ctx.parent = ctx;
+	crl_ctx.verify_cb = ctx->verify_cb;
+
+	/* Verify CRL issuer */
+	ret = X509_verify_cert(&crl_ctx);
+
+	if (ret <= 0)
+		goto err;
+
+	/* Check chain is acceptable */
+
+	ret = check_crl_chain(ctx, ctx->chain, crl_ctx.chain);
+	err:
+	X509_STORE_CTX_cleanup(&crl_ctx);
+	return ret;
+	}
+
+/* RFC3280 says nothing about the relationship between CRL path
+ * and certificate path, which could lead to situations where a
+ * certificate could be revoked or validated by a CA not authorised
+ * to do so. RFC5280 is more strict and states that the two paths must
+ * end in the same trust anchor, though some discussions remain...
+ * until this is resolved we use the RFC5280 version
+ */
+
+static int check_crl_chain(X509_STORE_CTX *ctx,
+			STACK_OF(X509) *cert_path,
+			STACK_OF(X509) *crl_path)
+	{
+	X509 *cert_ta, *crl_ta;
+	cert_ta = sk_X509_value(cert_path, sk_X509_num(cert_path) - 1);
+	crl_ta = sk_X509_value(crl_path, sk_X509_num(crl_path) - 1);
+	if (!X509_cmp(cert_ta, crl_ta))
+		return 1;
+	return 0;
+	}
+
+/* Check for match between two dist point names: three separate cases.
+ * 1. Both are relative names and compare X509_NAME types.
+ * 2. One full, one relative. Compare X509_NAME to GENERAL_NAMES.
+ * 3. Both are full names and compare two GENERAL_NAMES.
+ * 4. One is NULL: automatic match.
+ */
+
+
+static int idp_check_dp(DIST_POINT_NAME *a, DIST_POINT_NAME *b)
+	{
+	X509_NAME *nm = NULL;
+	GENERAL_NAMES *gens = NULL;
+	GENERAL_NAME *gena, *genb;
+	int i, j;
+	if (!a || !b)
+		return 1;
+	if (a->type == 1)
+		{
+		if (!a->dpname)
+			return 0;
+		/* Case 1: two X509_NAME */
+		if (b->type == 1)
+			{
+			if (!b->dpname)
+				return 0;
+			if (!X509_NAME_cmp(a->dpname, b->dpname))
+				return 1;
+			else
+				return 0;
+			}
+		/* Case 2: set name and GENERAL_NAMES appropriately */
+		nm = a->dpname;
+		gens = b->name.fullname;
+		}
+	else if (b->type == 1)
+		{
+		if (!b->dpname)
+			return 0;
+		/* Case 2: set name and GENERAL_NAMES appropriately */
+		gens = a->name.fullname;
+		nm = b->dpname;
+		}
+
+	/* Handle case 2 with one GENERAL_NAMES and one X509_NAME */
+	if (nm)
+		{
+		for (i = 0; i < sk_GENERAL_NAME_num(gens); i++)
+			{
+			gena = sk_GENERAL_NAME_value(gens, i);	
+			if (gena->type != GEN_DIRNAME)
+				continue;
+			if (!X509_NAME_cmp(nm, gena->d.directoryName))
+				return 1;
+			}
+		return 0;
+		}
+
+	/* Else case 3: two GENERAL_NAMES */
+
+	for (i = 0; i < sk_GENERAL_NAME_num(a->name.fullname); i++)
+		{
+		gena = sk_GENERAL_NAME_value(a->name.fullname, i);
+		for (j = 0; j < sk_GENERAL_NAME_num(b->name.fullname); j++)
+			{
+			genb = sk_GENERAL_NAME_value(b->name.fullname, j);
+			if (!GENERAL_NAME_cmp(gena, genb))
+				return 1;
 			}
+		}
+
+	return 0;
+
+	}
+
+static int crldp_check_crlissuer(DIST_POINT *dp, X509_CRL *crl, int crl_score)
+	{
+	int i;
+	X509_NAME *nm = X509_CRL_get_issuer(crl);
+	/* If no CRLissuer return is successful iff don't need a match */
+	if (!dp->CRLissuer)
+		return !!(crl_score & CRL_SCORE_ISSUER_NAME);
+	for (i = 0; i < sk_GENERAL_NAME_num(dp->CRLissuer); i++)
+		{
+		GENERAL_NAME *gen = sk_GENERAL_NAME_value(dp->CRLissuer, i);
+		if (gen->type != GEN_DIRNAME)
+			continue;
+		if (!X509_NAME_cmp(gen->d.directoryName, nm))
+			return 1;
+		}
+	return 0;
+	}
+
+/* Check CRLDP and IDP */
+
+static int crl_crldp_check(X509 *x, X509_CRL *crl, int crl_score,
+				unsigned int *preasons)
+	{
+	int i;
+	if (crl->idp_flags & IDP_ONLYATTR)
 		return 0;
+	if (x->ex_flags & EXFLAG_CA)
+		{
+		if (crl->idp_flags & IDP_ONLYUSER)
+			return 0;
+		}
+	else
+		{
+		if (crl->idp_flags & IDP_ONLYCA)
+			return 0;
+		}
+	*preasons = crl->idp_reasons;
+	for (i = 0; i < sk_DIST_POINT_num(x->crldp); i++)
+		{
+		DIST_POINT *dp = sk_DIST_POINT_value(x->crldp, i);
+		if (crldp_check_crlissuer(dp, crl, crl_score))
+			{
+			if (!crl->idp ||
+			     idp_check_dp(dp->distpoint, crl->idp->distpoint))
+				{
+				*preasons &= dp->dp_reasons;
+				return 1;
+				}
+			}
 		}
+	if ((!crl->idp || !crl->idp->distpoint) && (crl_score & CRL_SCORE_ISSUER_NAME))
+		return 1;
+	return 0;
+	}
+
+/* Retrieve CRL corresponding to current certificate.
+ * If deltas enabled try to find a delta CRL too
+ */
+	
+static int get_crl_delta(X509_STORE_CTX *ctx,
+				X509_CRL **pcrl, X509_CRL **pdcrl, X509 *x)
+	{
+	int ok;
+	X509 *issuer = NULL;
+	int crl_score = 0;
+	unsigned int reasons;
+	X509_CRL *crl = NULL, *dcrl = NULL;
+	STACK_OF(X509_CRL) *skcrl;
+	X509_NAME *nm = X509_get_issuer_name(x);
+	reasons = ctx->current_reasons;
+	ok = get_crl_sk(ctx, &crl, &dcrl, 
+				&issuer, &crl_score, &reasons, ctx->crls);
+
+	if (ok)
+		goto done;
+
+	/* Lookup CRLs from store */
+
+	skcrl = ctx->lookup_crls(ctx, nm);
 
-	*pcrl = xobj.data.crl;
+	/* If no CRLs found and a near match from get_crl_sk use that */
+	if (!skcrl && crl)
+		goto done;
+
+	get_crl_sk(ctx, &crl, &dcrl, &issuer, &crl_score, &reasons, skcrl);
+
+	sk_X509_CRL_pop_free(skcrl, X509_CRL_free);
+
+	done:
+
+	/* If we got any kind of CRL use it and return success */
 	if (crl)
-		X509_CRL_free(crl);
-	return 1;
+		{
+		ctx->current_issuer = issuer;
+		ctx->current_crl_score = crl_score;
+		ctx->current_reasons = reasons;
+		*pcrl = crl;
+		*pdcrl = dcrl;
+		return 1;
+		}
+
+	return 0;
 	}
 
 /* Check CRL validity */
@@ -711,10 +1346,14 @@ static int check_crl(X509_STORE_CTX *ctx, X509_CRL *crl)
 	int ok = 0, chnum, cnum;
 	cnum = ctx->error_depth;
 	chnum = sk_X509_num(ctx->chain) - 1;
-	/* Find CRL issuer: if not last certificate then issuer
+	/* if we have an alternative CRL issuer cert use that */
+	if (ctx->current_issuer)
+		issuer = ctx->current_issuer;
+
+	/* Else find CRL issuer: if not last certificate then issuer
 	 * is next certificate in chain.
 	 */
-	if(cnum < chnum)
+	else if (cnum < chnum)
 		issuer = sk_X509_value(ctx->chain, cnum + 1);
 	else
 		{
@@ -730,13 +1369,52 @@ static int check_crl(X509_STORE_CTX *ctx, X509_CRL *crl)
 
 	if(issuer)
 		{
-		/* Check for cRLSign bit if keyUsage present */
-		if ((issuer->ex_flags & EXFLAG_KUSAGE) &&
-			!(issuer->ex_kusage & KU_CRL_SIGN))
+		/* Skip most tests for deltas because they have already
+		 * been done
+		 */
+		if (!crl->base_crl_number)
 			{
-			ctx->error = X509_V_ERR_KEYUSAGE_NO_CRL_SIGN;
-			ok = ctx->verify_cb(0, ctx);
-			if(!ok) goto err;
+			/* Check for cRLSign bit if keyUsage present */
+			if ((issuer->ex_flags & EXFLAG_KUSAGE) &&
+				!(issuer->ex_kusage & KU_CRL_SIGN))
+				{
+				ctx->error = X509_V_ERR_KEYUSAGE_NO_CRL_SIGN;
+				ok = ctx->verify_cb(0, ctx);
+				if(!ok) goto err;
+				}
+
+			if (!(ctx->current_crl_score & CRL_SCORE_SCOPE))
+				{
+				ctx->error = X509_V_ERR_DIFFERENT_CRL_SCOPE;
+				ok = ctx->verify_cb(0, ctx);
+				if(!ok) goto err;
+				}
+
+			if (!(ctx->current_crl_score & CRL_SCORE_SAME_PATH))
+				{
+				if (check_crl_path(ctx, ctx->current_issuer) <= 0)
+					{
+					ctx->error = X509_V_ERR_CRL_PATH_VALIDATION_ERROR;
+					ok = ctx->verify_cb(0, ctx);
+					if(!ok) goto err;
+					}
+				}
+
+			if (crl->idp_flags & IDP_INVALID)
+				{
+				ctx->error = X509_V_ERR_INVALID_EXTENSION;
+				ok = ctx->verify_cb(0, ctx);
+				if(!ok) goto err;
+				}
+
+
+			}
+
+		if (!(ctx->current_crl_score & CRL_SCORE_TIME))
+			{
+			ok = check_crl_time(ctx, crl, 1);
+			if (!ok)
+				goto err;
 			}
 
 		/* Attempt to get issuer certificate public key */
@@ -760,9 +1438,6 @@ static int check_crl(X509_STORE_CTX *ctx, X509_CRL *crl)
 			}
 		}
 
-	if (!check_crl_time(ctx, crl, 1))
-		goto err;
-
 	ok = 1;
 
 	err:
@@ -773,67 +1448,48 @@ static int check_crl(X509_STORE_CTX *ctx, X509_CRL *crl)
 /* Check certificate against CRL */
 static int cert_crl(X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x)
 	{
-	int idx, ok;
-	X509_REVOKED rtmp;
-	STACK_OF(X509_EXTENSION) *exts;
-	X509_EXTENSION *ext;
-	/* Look for serial number of certificate in CRL */
-	rtmp.serialNumber = X509_get_serialNumber(x);
-	/* Sort revoked into serial number order if not already sorted.
-	 * Do this under a lock to avoid race condition.
- 	 */
-	if (!sk_X509_REVOKED_is_sorted(crl->crl->revoked))
+	int ok;
+	X509_REVOKED *rev;
+	/* The rules changed for this... previously if a CRL contained
+	 * unhandled critical extensions it could still be used to indicate
+	 * a certificate was revoked. This has since been changed since 
+	 * critical extension can change the meaning of CRL entries.
+	 */
+	if (crl->flags & EXFLAG_CRITICAL)
 		{
-		CRYPTO_w_lock(CRYPTO_LOCK_X509_CRL);
-		sk_X509_REVOKED_sort(crl->crl->revoked);
-		CRYPTO_w_unlock(CRYPTO_LOCK_X509_CRL);
+		if (ctx->param->flags & X509_V_FLAG_IGNORE_CRITICAL)
+			return 1;
+		ctx->error = X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION;
+		ok = ctx->verify_cb(0, ctx);
+		if(!ok)
+			return 0;
 		}
-	idx = sk_X509_REVOKED_find(crl->crl->revoked, &rtmp);
-	/* If found assume revoked: want something cleverer than
-	 * this to handle entry extensions in V2 CRLs.
+	/* Look for serial number of certificate in CRL
+	 * If found make sure reason is not removeFromCRL.
 	 */
-	if(idx >= 0)
+	if (X509_CRL_get0_by_cert(crl, &rev, x))
 		{
+		if (rev->reason == CRL_REASON_REMOVE_FROM_CRL)
+			return 2;
 		ctx->error = X509_V_ERR_CERT_REVOKED;
 		ok = ctx->verify_cb(0, ctx);
-		if (!ok) return 0;
+		if (!ok)
+			return 0;
 		}
 
-	if (ctx->param->flags & X509_V_FLAG_IGNORE_CRITICAL)
-		return 1;
-
-	/* See if we have any critical CRL extensions: since we
-	 * currently don't handle any CRL extensions the CRL must be
-	 * rejected. 
-	 * This code accesses the X509_CRL structure directly: applications
-	 * shouldn't do this.
-	 */
-
-	exts = crl->crl->extensions;
-
-	for (idx = 0; idx < sk_X509_EXTENSION_num(exts); idx++)
-		{
-		ext = sk_X509_EXTENSION_value(exts, idx);
-		if (ext->critical > 0)
-			{
-			ctx->error =
-				X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION;
-			ok = ctx->verify_cb(0, ctx);
-			if(!ok) return 0;
-			break;
-			}
-		}
 	return 1;
 	}
 
 static int check_policy(X509_STORE_CTX *ctx)
 	{
 	int ret;
+	if (ctx->parent)
+		return 1;
 	ret = X509_policy_check(&ctx->tree, &ctx->explicit_policy, ctx->chain,
 				ctx->param->policies, ctx->param->flags);
 	if (ret == 0)
 		{
-		X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE);
+		X509err(X509_F_CHECK_POLICY,ERR_R_MALLOC_FAILURE);
 		return 0;
 		}
 	/* Invalid or inconsistent extensions */
@@ -851,7 +1507,8 @@ static int check_policy(X509_STORE_CTX *ctx)
 				continue;
 			ctx->current_cert = x;
 			ctx->error = X509_V_ERR_INVALID_POLICY_EXTENSION;
-			ret = ctx->verify_cb(0, ctx);
+			if(!ctx->verify_cb(0, ctx))
+				return 0;
 			}
 		return 1;
 		}
@@ -925,7 +1582,7 @@ static int internal_verify(X509_STORE_CTX *ctx)
 	int ok=0,n;
 	X509 *xs,*xi;
 	EVP_PKEY *pkey=NULL;
-	int (*cb)();
+	int (*cb)(int xok,X509_STORE_CTX *xctx);
 
 	cb=ctx->verify_cb;
 
@@ -957,7 +1614,12 @@ static int internal_verify(X509_STORE_CTX *ctx)
 	while (n >= 0)
 		{
 		ctx->error_depth=n;
-		if (!xs->valid)
+
+		/* Skip signature check for self signed certificates unless
+		 * explicitly asked for. It doesn't add any security and
+		 * just wastes time.
+		 */
+		if (!xs->valid && (xs != xi || (ctx->param->flags & X509_V_FLAG_CHECK_SS_SIGNATURE)))
 			{
 			if ((pkey=X509_get_pubkey(xi)) == NULL)
 				{
@@ -967,13 +1629,6 @@ static int internal_verify(X509_STORE_CTX *ctx)
 				if (!ok) goto end;
 				}
 			else if (X509_verify(xs,pkey) <= 0)
-				/* XXX  For the final trusted self-signed cert,
-				 * this is a waste of time.  That check should
-				 * optional so that e.g. 'openssl x509' can be
-				 * used to detect invalid self-signatures, but
-				 * we don't verify again and again in SSL
-				 * handshakes and the like once the cert has
-				 * been declared trusted. */
 				{
 				ctx->error=X509_V_ERR_CERT_SIGNATURE_FAILURE;
 				ctx->current_cert=xs;
@@ -990,7 +1645,8 @@ static int internal_verify(X509_STORE_CTX *ctx)
 
 		xs->valid = 1;
 
-		if (!check_cert_time(ctx, xs))
+		ok = check_cert_time(ctx, xs);
+		if (!ok)
 			goto end;
 
 		/* The last error (if any) is still in the error value */
@@ -1011,12 +1667,12 @@ end:
 	return ok;
 	}
 
-int X509_cmp_current_time(ASN1_TIME *ctm)
+int X509_cmp_current_time(const ASN1_TIME *ctm)
 {
 	return X509_cmp_time(ctm, NULL);
 }
 
-int X509_cmp_time(ASN1_TIME *ctm, time_t *cmp_time)
+int X509_cmp_time(const ASN1_TIME *ctm, time_t *cmp_time)
 	{
 	char *str;
 	ASN1_TIME atm;
@@ -1063,7 +1719,7 @@ int X509_cmp_time(ASN1_TIME *ctm, time_t *cmp_time)
 		offset=0;
 	else
 		{
-		if ((*str != '+') && (str[5] != '-'))
+		if ((*str != '+') && (*str != '-'))
 			return 0;
 		offset=((str[1]-'0')*10+(str[2]-'0'))*60;
 		offset+=(str[3]-'0')*10+(str[4]-'0');
@@ -1071,6 +1727,7 @@ int X509_cmp_time(ASN1_TIME *ctm, time_t *cmp_time)
 			offset= -offset;
 		}
 	atm.type=ctm->type;
+	atm.flags = 0;
 	atm.length=sizeof(buff2);
 	atm.data=(unsigned char *)buff2;
 
@@ -1099,19 +1756,28 @@ ASN1_TIME *X509_gmtime_adj(ASN1_TIME *s, long adj)
 	return X509_time_adj(s, adj, NULL);
 }
 
-ASN1_TIME *X509_time_adj(ASN1_TIME *s, long adj, time_t *in_tm)
+ASN1_TIME *X509_time_adj(ASN1_TIME *s, long offset_sec, time_t *in_tm)
+	{
+	return X509_time_adj_ex(s, 0, offset_sec, in_tm);
+	}
+
+ASN1_TIME *X509_time_adj_ex(ASN1_TIME *s,
+				int offset_day, long offset_sec, time_t *in_tm)
 	{
 	time_t t;
-	int type = -1;
 
 	if (in_tm) t = *in_tm;
 	else time(&t);
 
-	t+=adj;
-	if (s) type = s->type;
-	if (type == V_ASN1_UTCTIME) return ASN1_UTCTIME_set(s,t);
-	if (type == V_ASN1_GENERALIZEDTIME) return ASN1_GENERALIZEDTIME_set(s, t);
-	return ASN1_TIME_set(s, t);
+	if (s && !(s->flags & ASN1_STRING_FLAG_MSTRING))
+		{
+		if (s->type == V_ASN1_UTCTIME)
+			return ASN1_UTCTIME_adj(s,t, offset_day, offset_sec);
+		if (s->type == V_ASN1_GENERALIZEDTIME)
+			return ASN1_GENERALIZEDTIME_adj(s, t, offset_day,
+								offset_sec);
+		}
+	return ASN1_TIME_adj(s, t, offset_day, offset_sec);
 	}
 
 int X509_get_pubkey_parameters(EVP_PKEY *pkey, STACK_OF(X509) *chain)
@@ -1214,6 +1880,21 @@ STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx)
 	return chain;
 	}
 
+X509 *X509_STORE_CTX_get0_current_issuer(X509_STORE_CTX *ctx)
+	{
+	return ctx->current_issuer;
+	}
+
+X509_CRL *X509_STORE_CTX_get0_current_crl(X509_STORE_CTX *ctx)
+	{
+	return ctx->current_crl;
+	}
+
+X509_STORE_CTX *X509_STORE_CTX_get0_parent_ctx(X509_STORE_CTX *ctx)
+	{
+	return ctx->parent;
+	}
+
 void X509_STORE_CTX_set_cert(X509_STORE_CTX *ctx, X509 *x)
 	{
 	ctx->cert=x;
@@ -1335,6 +2016,7 @@ int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509,
 	ctx->current_cert=NULL;
 	ctx->current_issuer=NULL;
 	ctx->tree = NULL;
+	ctx->parent = NULL;
 
 	ctx->param = X509_VERIFY_PARAM_new();
 
@@ -1400,7 +2082,7 @@ int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509,
 	if (store && store->get_crl)
 		ctx->get_crl = store->get_crl;
 	else
-		ctx->get_crl = get_crl;
+		ctx->get_crl = NULL;
 
 	if (store && store->check_crl)
 		ctx->check_crl = store->check_crl;
@@ -1412,6 +2094,16 @@ int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509,
 	else
 		ctx->cert_crl = cert_crl;
 
+	if (store && store->lookup_certs)
+		ctx->lookup_certs = store->lookup_certs;
+	else
+		ctx->lookup_certs = X509_STORE_get1_certs;
+
+	if (store && store->lookup_crls)
+		ctx->lookup_crls = store->lookup_crls;
+	else
+		ctx->lookup_crls = X509_STORE_get1_crls;
+
 	ctx->check_policy = check_policy;
 
 
@@ -1442,9 +2134,17 @@ void X509_STORE_CTX_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk)
 void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx)
 	{
 	if (ctx->cleanup) ctx->cleanup(ctx);
-	X509_VERIFY_PARAM_free(ctx->param);
-	if (ctx->tree)
+	if (ctx->param != NULL)
+		{
+		if (ctx->parent == NULL)
+			X509_VERIFY_PARAM_free(ctx->param);
+		ctx->param=NULL;
+		}
+	if (ctx->tree != NULL)
+		{
 		X509_policy_tree_free(ctx->tree);
+		ctx->tree=NULL;
+		}
 	if (ctx->chain != NULL)
 		{
 		sk_X509_pop_free(ctx->chain,X509_free);
diff --git a/crypto/x509/x509_vfy.h b/crypto/x509/x509_vfy.h
index 33ace72671..fe09b30aaa 100644
--- a/crypto/x509/x509_vfy.h
+++ b/crypto/x509/x509_vfy.h
@@ -77,6 +77,7 @@
 extern "C" {
 #endif
 
+#if 0
 /* Outer object */
 typedef struct x509_hash_dir_st
 	{
@@ -85,6 +86,7 @@ typedef struct x509_hash_dir_st
 	int *dirs_type;
 	int num_dirs_alloced;
 	} X509_HASH_DIR_CTX;
+#endif
 
 typedef struct x509_file_st
 	{
@@ -198,6 +200,8 @@ struct x509_store_st
 	int (*get_crl)(X509_STORE_CTX *ctx, X509_CRL **crl, X509 *x); /* retrieve CRL */
 	int (*check_crl)(X509_STORE_CTX *ctx, X509_CRL *crl); /* Check CRL validity */
 	int (*cert_crl)(X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x); /* Check certificate against CRL */
+	STACK_OF(X509) * (*lookup_certs)(X509_STORE_CTX *ctx, X509_NAME *nm);
+	STACK_OF(X509_CRL) * (*lookup_crls)(X509_STORE_CTX *ctx, X509_NAME *nm);
 	int (*cleanup)(X509_STORE_CTX *ctx);
 
 	CRYPTO_EX_DATA ex_data;
@@ -246,6 +250,8 @@ struct x509_store_ctx_st      /* X509_STORE_CTX */
 	int (*check_crl)(X509_STORE_CTX *ctx, X509_CRL *crl); /* Check CRL validity */
 	int (*cert_crl)(X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x); /* Check certificate against CRL */
 	int (*check_policy)(X509_STORE_CTX *ctx);
+	STACK_OF(X509) * (*lookup_certs)(X509_STORE_CTX *ctx, X509_NAME *nm);
+	STACK_OF(X509_CRL) * (*lookup_crls)(X509_STORE_CTX *ctx, X509_NAME *nm);
 	int (*cleanup)(X509_STORE_CTX *ctx);
 
 	/* The following is built up */
@@ -263,6 +269,11 @@ struct x509_store_ctx_st      /* X509_STORE_CTX */
 	X509 *current_issuer;	/* cert currently being tested as valid issuer */
 	X509_CRL *current_crl;	/* current CRL */
 
+	int current_crl_score;  /* score of current CRL */
+	unsigned int current_reasons;  /* Reason mask */
+
+	X509_STORE_CTX *parent; /* For CRL path validation: parent context */
+
 	CRYPTO_EX_DATA ex_data;
 	} /* X509_STORE_CTX */;
 
@@ -292,7 +303,7 @@ void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth);
 #define		X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY	6
 #define		X509_V_ERR_CERT_SIGNATURE_FAILURE		7
 #define		X509_V_ERR_CRL_SIGNATURE_FAILURE		8
-#define		X509_V_ERR_CERT_NOT_YET_VALID			9	
+#define		X509_V_ERR_CERT_NOT_YET_VALID			9
 #define		X509_V_ERR_CERT_HAS_EXPIRED			10
 #define		X509_V_ERR_CRL_NOT_YET_VALID			11
 #define		X509_V_ERR_CRL_HAS_EXPIRED			12
@@ -325,11 +336,23 @@ void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth);
 #define		X509_V_ERR_INVALID_NON_CA			37
 #define		X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED		38
 #define		X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE	39
+#define		X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED	40
+
+#define		X509_V_ERR_INVALID_EXTENSION			41
+#define		X509_V_ERR_INVALID_POLICY_EXTENSION		42
+#define		X509_V_ERR_NO_EXPLICIT_POLICY			43
+#define		X509_V_ERR_DIFFERENT_CRL_SCOPE			44
+#define		X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE	45
 
-#define		X509_V_ERR_INVALID_EXTENSION			40
-#define		X509_V_ERR_INVALID_POLICY_EXTENSION		41
-#define		X509_V_ERR_NO_EXPLICIT_POLICY			42
+#define		X509_V_ERR_UNNESTED_RESOURCE			46
 
+#define		X509_V_ERR_PERMITTED_VIOLATION			47
+#define		X509_V_ERR_EXCLUDED_VIOLATION			48
+#define		X509_V_ERR_SUBTREE_MINMAX			49
+#define		X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE		51
+#define		X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX	52
+#define		X509_V_ERR_UNSUPPORTED_NAME_SYNTAX		53
+#define		X509_V_ERR_CRL_PATH_VALIDATION_ERROR		54
 
 /* The application is not happy */
 #define		X509_V_ERR_APPLICATION_VERIFICATION		50
@@ -348,16 +371,25 @@ void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth);
 #define	X509_V_FLAG_IGNORE_CRITICAL		0x10
 /* Disable workarounds for broken certificates */
 #define	X509_V_FLAG_X509_STRICT			0x20
+/* Enable proxy certificate validation */
+#define	X509_V_FLAG_ALLOW_PROXY_CERTS		0x40
 /* Enable policy checking */
-#define X509_V_FLAG_POLICY_CHECK		0x40
+#define X509_V_FLAG_POLICY_CHECK		0x80
 /* Policy variable require-explicit-policy */
-#define X509_V_FLAG_EXPLICIT_POLICY		0x80
+#define X509_V_FLAG_EXPLICIT_POLICY		0x100
 /* Policy variable inhibit-any-policy */
-#define	X509_V_FLAG_INHIBIT_ANY			0x100
+#define	X509_V_FLAG_INHIBIT_ANY			0x200
 /* Policy variable inhibit-policy-mapping */
-#define X509_V_FLAG_INHIBIT_MAP			0x200
+#define X509_V_FLAG_INHIBIT_MAP			0x400
 /* Notify callback that policy is OK */
 #define X509_V_FLAG_NOTIFY_POLICY		0x800
+/* Extended CRL features such as indirect CRLs, alternate CRL signing keys */
+#define X509_V_FLAG_EXTENDED_CRL_SUPPORT	0x1000
+/* Delta CRL support */
+#define X509_V_FLAG_USE_DELTAS			0x2000
+/* Check selfsigned CA signature */
+#define X509_V_FLAG_CHECK_SS_SIGNATURE		0x4000
+
 
 #define X509_VP_FLAG_DEFAULT			0x1
 #define X509_VP_FLAG_OVERWRITE			0x2
@@ -380,11 +412,16 @@ void X509_OBJECT_free_contents(X509_OBJECT *a);
 X509_STORE *X509_STORE_new(void );
 void X509_STORE_free(X509_STORE *v);
 
+STACK_OF(X509)* X509_STORE_get1_certs(X509_STORE_CTX *st, X509_NAME *nm);
+STACK_OF(X509_CRL)* X509_STORE_get1_crls(X509_STORE_CTX *st, X509_NAME *nm);
 int X509_STORE_set_flags(X509_STORE *ctx, unsigned long flags);
 int X509_STORE_set_purpose(X509_STORE *ctx, int purpose);
 int X509_STORE_set_trust(X509_STORE *ctx, int trust);
 int X509_STORE_set1_param(X509_STORE *ctx, X509_VERIFY_PARAM *pm);
 
+void X509_STORE_set_verify_cb(X509_STORE *ctx,
+				  int (*verify_cb)(int, X509_STORE_CTX *));
+
 X509_STORE_CTX *X509_STORE_CTX_new(void);
 
 int X509_STORE_CTX_get1_issuer(X509 **issuer, X509_STORE_CTX *ctx, X509 *x);
@@ -443,6 +480,9 @@ int	X509_STORE_CTX_get_error(X509_STORE_CTX *ctx);
 void	X509_STORE_CTX_set_error(X509_STORE_CTX *ctx,int s);
 int	X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx);
 X509 *	X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx);
+X509 *X509_STORE_CTX_get0_current_issuer(X509_STORE_CTX *ctx);
+X509_CRL *X509_STORE_CTX_get0_current_crl(X509_STORE_CTX *ctx);
+X509_STORE_CTX *X509_STORE_CTX_get0_parent_ctx(X509_STORE_CTX *ctx);
 STACK_OF(X509) *X509_STORE_CTX_get_chain(X509_STORE_CTX *ctx);
 STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx);
 void	X509_STORE_CTX_set_cert(X509_STORE_CTX *c,X509 *x);
@@ -475,6 +515,9 @@ int X509_VERIFY_PARAM_set1(X509_VERIFY_PARAM *to,
 						const X509_VERIFY_PARAM *from);
 int X509_VERIFY_PARAM_set1_name(X509_VERIFY_PARAM *param, const char *name);
 int X509_VERIFY_PARAM_set_flags(X509_VERIFY_PARAM *param, unsigned long flags);
+int X509_VERIFY_PARAM_clear_flags(X509_VERIFY_PARAM *param,
+							unsigned long flags);
+unsigned long X509_VERIFY_PARAM_get_flags(X509_VERIFY_PARAM *param);
 int X509_VERIFY_PARAM_set_purpose(X509_VERIFY_PARAM *param, int purpose);
 int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust);
 void X509_VERIFY_PARAM_set_depth(X509_VERIFY_PARAM *param, int depth);
diff --git a/crypto/x509/x509_vpm.c b/crypto/x509/x509_vpm.c
index 087e8783a8..dfd89d89fa 100644
--- a/crypto/x509/x509_vpm.c
+++ b/crypto/x509/x509_vpm.c
@@ -1,5 +1,5 @@
 /* x509_vpm.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2004.
  */
 /* ====================================================================
@@ -74,7 +74,8 @@ static void x509_verify_param_zero(X509_VERIFY_PARAM *param)
 	param->name = NULL;
 	param->purpose = 0;
 	param->trust = 0;
-	param->inh_flags = X509_VP_FLAG_DEFAULT;
+	/*param->inh_flags = X509_VP_FLAG_DEFAULT;*/
+	param->inh_flags = 0;
 	param->flags = 0;
 	param->depth = -1;
 	if (param->policies)
@@ -172,6 +173,15 @@ int X509_VERIFY_PARAM_inherit(X509_VERIFY_PARAM *dest,
 	x509_verify_param_copy(trust, 0);
 	x509_verify_param_copy(depth, -1);
 
+	/* If overwrite or check time not set, copy across */
+
+	if (to_overwrite || !(dest->flags & X509_V_FLAG_USE_CHECK_TIME))
+		{
+		dest->check_time = src->check_time;
+		dest->flags &= ~X509_V_FLAG_USE_CHECK_TIME;
+		/* Don't need to copy flag: that is done below */
+		}
+
 	if (inh_flags & X509_VP_FLAG_RESET_FLAGS)
 		dest->flags = 0;
 
@@ -189,8 +199,12 @@ int X509_VERIFY_PARAM_inherit(X509_VERIFY_PARAM *dest,
 int X509_VERIFY_PARAM_set1(X509_VERIFY_PARAM *to,
 						const X509_VERIFY_PARAM *from)
 	{
+	unsigned long save_flags = to->inh_flags;
+	int ret;
 	to->inh_flags |= X509_VP_FLAG_DEFAULT;
-	return X509_VERIFY_PARAM_inherit(to, from);
+	ret = X509_VERIFY_PARAM_inherit(to, from);
+	to->inh_flags = save_flags;
+	return ret;
 	}
 
 int X509_VERIFY_PARAM_set1_name(X509_VERIFY_PARAM *param, const char *name)
@@ -211,6 +225,17 @@ int X509_VERIFY_PARAM_set_flags(X509_VERIFY_PARAM *param, unsigned long flags)
 	return 1;
 	}
 
+int X509_VERIFY_PARAM_clear_flags(X509_VERIFY_PARAM *param, unsigned long flags)
+	{
+	param->flags &= ~flags;
+	return 1;
+	}
+
+unsigned long X509_VERIFY_PARAM_get_flags(X509_VERIFY_PARAM *param)
+	{
+	return param->flags;
+	}
+
 int X509_VERIFY_PARAM_set_purpose(X509_VERIFY_PARAM *param, int purpose)
 	{
 	return X509_PURPOSE_set(&param->purpose, purpose);
@@ -300,11 +325,21 @@ static const X509_VERIFY_PARAM default_table[] = {
 	0,		/* flags */
 	0,		/* purpose */
 	0,		/* trust */
-	9,		/* depth */
+	100,		/* depth */
 	NULL		/* policies */
 	},
 	{
-	"pkcs7",			/* SSL/TLS client parameters */
+	"pkcs7",			/* S/MIME sign parameters */
+	0,				/* Check time */
+	0,				/* internal flags */
+	0,				/* flags */
+	X509_PURPOSE_SMIME_SIGN,	/* purpose */
+	X509_TRUST_EMAIL,		/* trust */
+	-1,				/* depth */
+	NULL				/* policies */
+	},
+	{
+	"smime_sign",			/* S/MIME sign parameters */
 	0,				/* Check time */
 	0,				/* internal flags */
 	0,				/* flags */
@@ -336,12 +371,17 @@ static const X509_VERIFY_PARAM default_table[] = {
 
 static STACK_OF(X509_VERIFY_PARAM) *param_table = NULL;
 
-static int table_cmp(const void *pa, const void *pb)
+static int table_cmp(const X509_VERIFY_PARAM *a, const X509_VERIFY_PARAM *b)
+
 	{
-	const X509_VERIFY_PARAM *a = pa, *b = pb;
 	return strcmp(a->name, b->name);
 	}
 
+DECLARE_OBJ_BSEARCH_CMP_FN(X509_VERIFY_PARAM, X509_VERIFY_PARAM,
+			   table);
+IMPLEMENT_OBJ_BSEARCH_CMP_FN(X509_VERIFY_PARAM, X509_VERIFY_PARAM,
+			     table);
+
 static int param_cmp(const X509_VERIFY_PARAM * const *a,
 			const X509_VERIFY_PARAM * const *b)
 	{
@@ -365,7 +405,7 @@ int X509_VERIFY_PARAM_add0_table(X509_VERIFY_PARAM *param)
 			{
 			ptmp = sk_X509_VERIFY_PARAM_value(param_table, idx);
 			X509_VERIFY_PARAM_free(ptmp);
-			sk_X509_VERIFY_PARAM_delete(param_table, idx);
+			(void)sk_X509_VERIFY_PARAM_delete(param_table, idx);
 			}
 		}
 	if (!sk_X509_VERIFY_PARAM_push(param_table, param))
@@ -377,6 +417,7 @@ const X509_VERIFY_PARAM *X509_VERIFY_PARAM_lookup(const char *name)
 	{
 	int idx;
 	X509_VERIFY_PARAM pm;
+
 	pm.name = (char *)name;
 	if (param_table)
 		{
@@ -384,11 +425,8 @@ const X509_VERIFY_PARAM *X509_VERIFY_PARAM_lookup(const char *name)
 		if (idx != -1)
 			return sk_X509_VERIFY_PARAM_value(param_table, idx);
 		}
-	return (const X509_VERIFY_PARAM *) OBJ_bsearch((char *)&pm,
-				(char *)&default_table,
-				sizeof(default_table)/sizeof(X509_VERIFY_PARAM),
-				sizeof(X509_VERIFY_PARAM),
-				table_cmp);
+	return OBJ_bsearch_table(&pm, default_table,
+			   sizeof(default_table)/sizeof(X509_VERIFY_PARAM));
 	}
 
 void X509_VERIFY_PARAM_table_cleanup(void)
diff --git a/crypto/x509/x509cset.c b/crypto/x509/x509cset.c
index 9d1646d5c8..3109defb0b 100644
--- a/crypto/x509/x509cset.c
+++ b/crypto/x509/x509cset.c
@@ -1,5 +1,5 @@
 /* crypto/x509/x509cset.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2001.
  */
 /* ====================================================================
@@ -81,7 +81,7 @@ int X509_CRL_set_issuer_name(X509_CRL *x, X509_NAME *name)
 	}
 
 
-int X509_CRL_set_lastUpdate(X509_CRL *x, ASN1_TIME *tm)
+int X509_CRL_set_lastUpdate(X509_CRL *x, const ASN1_TIME *tm)
 	{
 	ASN1_TIME *in;
 
@@ -99,7 +99,7 @@ int X509_CRL_set_lastUpdate(X509_CRL *x, ASN1_TIME *tm)
 	return(in != NULL);
 	}
 
-int X509_CRL_set_nextUpdate(X509_CRL *x, ASN1_TIME *tm)
+int X509_CRL_set_nextUpdate(X509_CRL *x, const ASN1_TIME *tm)
 	{
 	ASN1_TIME *in;
 
diff --git a/crypto/x509/x509name.c b/crypto/x509/x509name.c
index 4c20e03ece..27bc4dc9a3 100644
--- a/crypto/x509/x509name.c
+++ b/crypto/x509/x509name.c
@@ -195,8 +195,8 @@ int X509_NAME_add_entry_by_NID(X509_NAME *name, int nid, int type,
 	return ret;
 }
 
-int X509_NAME_add_entry_by_txt(X509_NAME *name, char *field, int type,
-			unsigned char *bytes, int len, int loc, int set)
+int X509_NAME_add_entry_by_txt(X509_NAME *name, const char *field, int type,
+			const unsigned char *bytes, int len, int loc, int set)
 {
 	X509_NAME_ENTRY *ne;
 	int ret;
@@ -273,7 +273,7 @@ err:
 	}
 
 X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_txt(X509_NAME_ENTRY **ne,
-		char *field, int type, unsigned char *bytes, int len)
+		const char *field, int type, const unsigned char *bytes, int len)
 	{
 	ASN1_OBJECT *obj;
 	X509_NAME_ENTRY *nentry;
@@ -309,7 +309,7 @@ X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid,
 	}
 
 X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **ne,
-	     ASN1_OBJECT *obj, int type, unsigned char *bytes, int len)
+	     ASN1_OBJECT *obj, int type, const unsigned char *bytes, int len)
 	{
 	X509_NAME_ENTRY *ret;
 
@@ -347,7 +347,7 @@ int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne, ASN1_OBJECT *obj)
 	}
 
 int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type,
-	     unsigned char *bytes, int len)
+	     const unsigned char *bytes, int len)
 	{
 	int i;
 
@@ -356,7 +356,7 @@ int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type,
 		return ASN1_STRING_set_by_NID(&ne->value, bytes,
 						len, type,
 					OBJ_obj2nid(ne->object)) ? 1 : 0;
-	if (len < 0) len=strlen((char *)bytes);
+	if (len < 0) len=strlen((const char *)bytes);
 	i=ASN1_STRING_set(ne->value,bytes,len);
 	if (!i) return(0);
 	if (type != V_ASN1_UNDEF)
diff --git a/crypto/x509/x509spki.c b/crypto/x509/x509spki.c
index ed868b838e..02a203d72c 100644
--- a/crypto/x509/x509spki.c
+++ b/crypto/x509/x509spki.c
@@ -1,5 +1,5 @@
 /* x509spki.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
 /* ====================================================================
diff --git a/crypto/x509/x509type.c b/crypto/x509/x509type.c
index 2cd994c5b0..3385ad3f67 100644
--- a/crypto/x509/x509type.c
+++ b/crypto/x509/x509type.c
@@ -91,6 +91,10 @@ int X509_certificate_type(X509 *x, EVP_PKEY *pkey)
 		break;
 	case EVP_PKEY_DH:
 		ret=EVP_PK_DH|EVP_PKT_EXCH;
+		break;	
+	case NID_id_GostR3410_94:
+	case NID_id_GostR3410_2001:
+		ret=EVP_PKT_EXCH|EVP_PKT_SIGN;
 		break;
 	default:
 		break;
diff --git a/crypto/x509/x_all.c b/crypto/x509/x_all.c
index 4701959b1e..ebae30b701 100644
--- a/crypto/x509/x_all.c
+++ b/crypto/x509/x_all.c
@@ -57,15 +57,18 @@
  */
 
 #include <stdio.h>
-#undef SSLEAY_MACROS
 #include <openssl/stack.h>
 #include "cryptlib.h"
 #include <openssl/buffer.h>
 #include <openssl/asn1.h>
 #include <openssl/evp.h>
 #include <openssl/x509.h>
+#ifndef OPENSSL_NO_RSA
 #include <openssl/rsa.h>
+#endif
+#ifndef OPENSSL_NO_DSA
 #include <openssl/dsa.h>
+#endif
 
 int X509_verify(X509 *a, EVP_PKEY *r)
 	{
@@ -79,12 +82,6 @@ int X509_REQ_verify(X509_REQ *a, EVP_PKEY *r)
 		a->sig_alg,a->signature,a->req_info,r));
 	}
 
-int X509_CRL_verify(X509_CRL *a, EVP_PKEY *r)
-	{
-	return(ASN1_item_verify(ASN1_ITEM_rptr(X509_CRL_INFO),
-		a->sig_alg, a->signature,a->crl,r));
-	}
-
 int NETSCAPE_SPKI_verify(NETSCAPE_SPKI *a, EVP_PKEY *r)
 	{
 	return(ASN1_item_verify(ASN1_ITEM_rptr(NETSCAPE_SPKAC),
@@ -225,9 +222,9 @@ RSA *d2i_RSAPublicKey_fp(FILE *fp, RSA **rsa)
 
 RSA *d2i_RSA_PUBKEY_fp(FILE *fp, RSA **rsa)
 	{
-	return((RSA *)ASN1_d2i_fp((char *(*)())
-		RSA_new,(char *(*)())d2i_RSA_PUBKEY, (fp),
-		(unsigned char **)(rsa)));
+	return ASN1_d2i_fp((void *(*)(void))
+			   RSA_new,(D2I_OF(void))d2i_RSA_PUBKEY, fp,
+			   (void **)rsa);
 	}
 
 int i2d_RSAPublicKey_fp(FILE *fp, RSA *rsa)
@@ -237,7 +234,7 @@ int i2d_RSAPublicKey_fp(FILE *fp, RSA *rsa)
 
 int i2d_RSA_PUBKEY_fp(FILE *fp, RSA *rsa)
 	{
-	return(ASN1_i2d_fp(i2d_RSA_PUBKEY,fp,(unsigned char *)rsa));
+	return ASN1_i2d_fp((I2D_OF(void))i2d_RSA_PUBKEY,fp,rsa);
 	}
 #endif
 
@@ -259,9 +256,7 @@ RSA *d2i_RSAPublicKey_bio(BIO *bp, RSA **rsa)
 
 RSA *d2i_RSA_PUBKEY_bio(BIO *bp, RSA **rsa)
 	{
-	return((RSA *)ASN1_d2i_bio((char *(*)())
-		RSA_new,(char *(*)())d2i_RSA_PUBKEY, (bp),
-		(unsigned char **)(rsa)));
+	return ASN1_d2i_bio_of(RSA,RSA_new,d2i_RSA_PUBKEY,bp,rsa);
 	}
 
 int i2d_RSAPublicKey_bio(BIO *bp, RSA *rsa)
@@ -271,7 +266,7 @@ int i2d_RSAPublicKey_bio(BIO *bp, RSA *rsa)
 
 int i2d_RSA_PUBKEY_bio(BIO *bp, RSA *rsa)
 	{
-	return(ASN1_i2d_bio(i2d_RSA_PUBKEY,bp,(unsigned char *)rsa));
+	return ASN1_i2d_bio_of(RSA,i2d_RSA_PUBKEY,bp,rsa);
 	}
 #endif
 
@@ -279,51 +274,44 @@ int i2d_RSA_PUBKEY_bio(BIO *bp, RSA *rsa)
 #ifndef OPENSSL_NO_FP_API
 DSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA **dsa)
 	{
-	return((DSA *)ASN1_d2i_fp((char *(*)())
-		DSA_new,(char *(*)())d2i_DSAPrivateKey, (fp),
-		(unsigned char **)(dsa)));
+	return ASN1_d2i_fp_of(DSA,DSA_new,d2i_DSAPrivateKey,fp,dsa);
 	}
 
 int i2d_DSAPrivateKey_fp(FILE *fp, DSA *dsa)
 	{
-	return(ASN1_i2d_fp(i2d_DSAPrivateKey,fp,(unsigned char *)dsa));
+	return ASN1_i2d_fp_of_const(DSA,i2d_DSAPrivateKey,fp,dsa);
 	}
 
 DSA *d2i_DSA_PUBKEY_fp(FILE *fp, DSA **dsa)
 	{
-	return((DSA *)ASN1_d2i_fp((char *(*)())
-		DSA_new,(char *(*)())d2i_DSA_PUBKEY, (fp),
-		(unsigned char **)(dsa)));
+	return ASN1_d2i_fp_of(DSA,DSA_new,d2i_DSA_PUBKEY,fp,dsa);
 	}
 
 int i2d_DSA_PUBKEY_fp(FILE *fp, DSA *dsa)
 	{
-	return(ASN1_i2d_fp(i2d_DSA_PUBKEY,fp,(unsigned char *)dsa));
+	return ASN1_i2d_fp_of(DSA,i2d_DSA_PUBKEY,fp,dsa);
 	}
 #endif
 
 DSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA **dsa)
 	{
-	return((DSA *)ASN1_d2i_bio((char *(*)())
-		DSA_new,(char *(*)())d2i_DSAPrivateKey, (bp),
-		(unsigned char **)(dsa)));
+	return ASN1_d2i_bio_of(DSA,DSA_new,d2i_DSAPrivateKey,bp,dsa
+);
 	}
 
 int i2d_DSAPrivateKey_bio(BIO *bp, DSA *dsa)
 	{
-	return(ASN1_i2d_bio(i2d_DSAPrivateKey,bp,(unsigned char *)dsa));
+	return ASN1_i2d_bio_of_const(DSA,i2d_DSAPrivateKey,bp,dsa);
 	}
 
 DSA *d2i_DSA_PUBKEY_bio(BIO *bp, DSA **dsa)
 	{
-	return((DSA *)ASN1_d2i_bio((char *(*)())
-		DSA_new,(char *(*)())d2i_DSA_PUBKEY, (bp),
-		(unsigned char **)(dsa)));
+	return ASN1_d2i_bio_of(DSA,DSA_new,d2i_DSA_PUBKEY,bp,dsa);
 	}
 
 int i2d_DSA_PUBKEY_bio(BIO *bp, DSA *dsa)
 	{
-	return(ASN1_i2d_bio(i2d_DSA_PUBKEY,bp,(unsigned char *)dsa));
+	return ASN1_i2d_bio_of(DSA,i2d_DSA_PUBKEY,bp,dsa);
 	}
 
 #endif
@@ -332,50 +320,42 @@ int i2d_DSA_PUBKEY_bio(BIO *bp, DSA *dsa)
 #ifndef OPENSSL_NO_FP_API
 EC_KEY *d2i_EC_PUBKEY_fp(FILE *fp, EC_KEY **eckey)
 	{
-	return((EC_KEY *)ASN1_d2i_fp((char *(*)())
-		EC_KEY_new,(char *(*)())d2i_EC_PUBKEY, (fp),
-		(unsigned char **)(eckey)));
+	return ASN1_d2i_fp_of(EC_KEY,EC_KEY_new,d2i_EC_PUBKEY,fp,eckey);
 	}
   
 int i2d_EC_PUBKEY_fp(FILE *fp, EC_KEY *eckey)
 	{
-	return(ASN1_i2d_fp(i2d_EC_PUBKEY,fp,(unsigned char *)eckey));
+	return ASN1_i2d_fp_of(EC_KEY,i2d_EC_PUBKEY,fp,eckey);
 	}
 
 EC_KEY *d2i_ECPrivateKey_fp(FILE *fp, EC_KEY **eckey)
 	{
-	return((EC_KEY *)ASN1_d2i_fp((char *(*)())
-		EC_KEY_new,(char *(*)())d2i_ECPrivateKey, (fp),
-		(unsigned char **)(eckey)));
+	return ASN1_d2i_fp_of(EC_KEY,EC_KEY_new,d2i_ECPrivateKey,fp,eckey);
 	}
   
 int i2d_ECPrivateKey_fp(FILE *fp, EC_KEY *eckey)
 	{
-	return(ASN1_i2d_fp(i2d_ECPrivateKey,fp,(unsigned char *)eckey));
+	return ASN1_i2d_fp_of(EC_KEY,i2d_ECPrivateKey,fp,eckey);
 	}
 #endif
 EC_KEY *d2i_EC_PUBKEY_bio(BIO *bp, EC_KEY **eckey)
 	{
-	return((EC_KEY *)ASN1_d2i_bio((char *(*)())
-		EC_KEY_new,(char *(*)())d2i_EC_PUBKEY, (bp),
-		(unsigned char **)(eckey)));
+	return ASN1_d2i_bio_of(EC_KEY,EC_KEY_new,d2i_EC_PUBKEY,bp,eckey);
 	}
   
 int i2d_EC_PUBKEY_bio(BIO *bp, EC_KEY *ecdsa)
 	{
-	return(ASN1_i2d_bio(i2d_EC_PUBKEY,bp,(unsigned char *)ecdsa));
+	return ASN1_i2d_bio_of(EC_KEY,i2d_EC_PUBKEY,bp,ecdsa);
 	}
 
 EC_KEY *d2i_ECPrivateKey_bio(BIO *bp, EC_KEY **eckey)
 	{
-	return((EC_KEY *)ASN1_d2i_bio((char *(*)())
-		EC_KEY_new,(char *(*)())d2i_ECPrivateKey, (bp),
-		(unsigned char **)(eckey)));
+	return ASN1_d2i_bio_of(EC_KEY,EC_KEY_new,d2i_ECPrivateKey,bp,eckey);
 	}
   
 int i2d_ECPrivateKey_bio(BIO *bp, EC_KEY *eckey)
 	{
-	return(ASN1_i2d_bio(i2d_ECPrivateKey,bp,(unsigned char *)eckey));
+	return ASN1_i2d_bio_of(EC_KEY,i2d_ECPrivateKey,bp,eckey);
 	}
 #endif
 
@@ -424,40 +404,37 @@ int PKCS7_ISSUER_AND_SERIAL_digest(PKCS7_ISSUER_AND_SERIAL *data, const EVP_MD *
 #ifndef OPENSSL_NO_FP_API
 X509_SIG *d2i_PKCS8_fp(FILE *fp, X509_SIG **p8)
 	{
-	return((X509_SIG *)ASN1_d2i_fp((char *(*)())X509_SIG_new,
-		(char *(*)())d2i_X509_SIG, (fp),(unsigned char **)(p8)));
+	return ASN1_d2i_fp_of(X509_SIG,X509_SIG_new,d2i_X509_SIG,fp,p8);
 	}
 
 int i2d_PKCS8_fp(FILE *fp, X509_SIG *p8)
 	{
-	return(ASN1_i2d_fp(i2d_X509_SIG,fp,(unsigned char *)p8));
+	return ASN1_i2d_fp_of(X509_SIG,i2d_X509_SIG,fp,p8);
 	}
 #endif
 
 X509_SIG *d2i_PKCS8_bio(BIO *bp, X509_SIG **p8)
 	{
-	return((X509_SIG *)ASN1_d2i_bio((char *(*)())X509_SIG_new,
-		(char *(*)())d2i_X509_SIG, (bp),(unsigned char **)(p8)));
+	return ASN1_d2i_bio_of(X509_SIG,X509_SIG_new,d2i_X509_SIG,bp,p8);
 	}
 
 int i2d_PKCS8_bio(BIO *bp, X509_SIG *p8)
 	{
-	return(ASN1_i2d_bio(i2d_X509_SIG,bp,(unsigned char *)p8));
+	return ASN1_i2d_bio_of(X509_SIG,i2d_X509_SIG,bp,p8);
 	}
 
 #ifndef OPENSSL_NO_FP_API
 PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_fp(FILE *fp,
 						 PKCS8_PRIV_KEY_INFO **p8inf)
 	{
-	return((PKCS8_PRIV_KEY_INFO *)ASN1_d2i_fp(
-		(char *(*)())PKCS8_PRIV_KEY_INFO_new,
-		(char *(*)())d2i_PKCS8_PRIV_KEY_INFO, (fp),
-				(unsigned char **)(p8inf)));
+	return ASN1_d2i_fp_of(PKCS8_PRIV_KEY_INFO,PKCS8_PRIV_KEY_INFO_new,
+			      d2i_PKCS8_PRIV_KEY_INFO,fp,p8inf);
 	}
 
 int i2d_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, PKCS8_PRIV_KEY_INFO *p8inf)
 	{
-	return(ASN1_i2d_fp(i2d_PKCS8_PRIV_KEY_INFO,fp,(unsigned char *)p8inf));
+	return ASN1_i2d_fp_of(PKCS8_PRIV_KEY_INFO,i2d_PKCS8_PRIV_KEY_INFO,fp,
+			      p8inf);
 	}
 
 int i2d_PKCS8PrivateKeyInfo_fp(FILE *fp, EVP_PKEY *key)
@@ -473,24 +450,22 @@ int i2d_PKCS8PrivateKeyInfo_fp(FILE *fp, EVP_PKEY *key)
 
 int i2d_PrivateKey_fp(FILE *fp, EVP_PKEY *pkey)
 	{
-	return(ASN1_i2d_fp(i2d_PrivateKey,fp,(unsigned char *)pkey));
+	return ASN1_i2d_fp_of(EVP_PKEY,i2d_PrivateKey,fp,pkey);
 	}
 
 EVP_PKEY *d2i_PrivateKey_fp(FILE *fp, EVP_PKEY **a)
 {
-	return((EVP_PKEY *)ASN1_d2i_fp((char *(*)())EVP_PKEY_new,
-		(char *(*)())d2i_AutoPrivateKey, (fp),(unsigned char **)(a)));
+	return ASN1_d2i_fp_of(EVP_PKEY,EVP_PKEY_new,d2i_AutoPrivateKey,fp,a);
 }
 
 int i2d_PUBKEY_fp(FILE *fp, EVP_PKEY *pkey)
 	{
-	return(ASN1_i2d_fp(i2d_PUBKEY,fp,(unsigned char *)pkey));
+	return ASN1_i2d_fp_of(EVP_PKEY,i2d_PUBKEY,fp,pkey);
 	}
 
 EVP_PKEY *d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a)
 {
-	return((EVP_PKEY *)ASN1_d2i_fp((char *(*)())EVP_PKEY_new,
-		(char *(*)())d2i_PUBKEY, (fp),(unsigned char **)(a)));
+	return ASN1_d2i_fp_of(EVP_PKEY,EVP_PKEY_new,d2i_PUBKEY,fp,a);
 }
 
 #endif
@@ -498,15 +473,14 @@ EVP_PKEY *d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a)
 PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_bio(BIO *bp,
 						 PKCS8_PRIV_KEY_INFO **p8inf)
 	{
-	return((PKCS8_PRIV_KEY_INFO *)ASN1_d2i_bio(
-		(char *(*)())PKCS8_PRIV_KEY_INFO_new,
-		(char *(*)())d2i_PKCS8_PRIV_KEY_INFO, (bp),
-				(unsigned char **)(p8inf)));
+	return ASN1_d2i_bio_of(PKCS8_PRIV_KEY_INFO,PKCS8_PRIV_KEY_INFO_new,
+			    d2i_PKCS8_PRIV_KEY_INFO,bp,p8inf);
 	}
 
 int i2d_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, PKCS8_PRIV_KEY_INFO *p8inf)
 	{
-	return(ASN1_i2d_bio(i2d_PKCS8_PRIV_KEY_INFO,bp,(unsigned char *)p8inf));
+	return ASN1_i2d_bio_of(PKCS8_PRIV_KEY_INFO,i2d_PKCS8_PRIV_KEY_INFO,bp,
+			       p8inf);
 	}
 
 int i2d_PKCS8PrivateKeyInfo_bio(BIO *bp, EVP_PKEY *key)
@@ -522,22 +496,20 @@ int i2d_PKCS8PrivateKeyInfo_bio(BIO *bp, EVP_PKEY *key)
 
 int i2d_PrivateKey_bio(BIO *bp, EVP_PKEY *pkey)
 	{
-	return(ASN1_i2d_bio(i2d_PrivateKey,bp,(unsigned char *)pkey));
+	return ASN1_i2d_bio_of(EVP_PKEY,i2d_PrivateKey,bp,pkey);
 	}
 
 EVP_PKEY *d2i_PrivateKey_bio(BIO *bp, EVP_PKEY **a)
 	{
-	return((EVP_PKEY *)ASN1_d2i_bio((char *(*)())EVP_PKEY_new,
-		(char *(*)())d2i_AutoPrivateKey, (bp),(unsigned char **)(a)));
+	return ASN1_d2i_bio_of(EVP_PKEY,EVP_PKEY_new,d2i_AutoPrivateKey,bp,a);
 	}
 
 int i2d_PUBKEY_bio(BIO *bp, EVP_PKEY *pkey)
 	{
-	return(ASN1_i2d_bio(i2d_PUBKEY,bp,(unsigned char *)pkey));
+	return ASN1_i2d_bio_of(EVP_PKEY,i2d_PUBKEY,bp,pkey);
 	}
 
 EVP_PKEY *d2i_PUBKEY_bio(BIO *bp, EVP_PKEY **a)
 	{
-	return((EVP_PKEY *)ASN1_d2i_bio((char *(*)())EVP_PKEY_new,
-		(char *(*)())d2i_PUBKEY, (bp),(unsigned char **)(a)));
+	return ASN1_d2i_bio_of(EVP_PKEY,EVP_PKEY_new,d2i_PUBKEY,bp,a);
 	}
diff --git a/crypto/x509v3/.cvsignore b/crypto/x509v3/.cvsignore
index c6d03a9dbc..439e6d3eb6 100644
--- a/crypto/x509v3/.cvsignore
+++ b/crypto/x509v3/.cvsignore
@@ -1,2 +1,4 @@
 lib
 Makefile.save
+*.flc
+semantic.cache
diff --git a/crypto/x509v3/Makefile.ssl b/crypto/x509v3/Makefile.ssl
deleted file mode 100644
index f91301188c..0000000000
--- a/crypto/x509v3/Makefile.ssl
+++ /dev/null
@@ -1,565 +0,0 @@
-#
-# SSLeay/crypto/x509v3/Makefile
-#
-
-DIR=	x509v3
-TOP=	../..
-CC=	cc
-INCLUDES= -I.. -I$(TOP) -I../../include
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile README
-TEST=
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBSRC=	v3_bcons.c v3_bitst.c v3_conf.c v3_extku.c v3_ia5.c v3_lib.c \
-v3_prn.c v3_utl.c v3err.c v3_genn.c v3_alt.c v3_skey.c v3_akey.c v3_pku.c \
-v3_int.c v3_enum.c v3_sxnet.c v3_cpols.c v3_crld.c v3_purp.c v3_info.c \
-v3_ocsp.c v3_akeya.c v3_pmaps.c v3_pcons.c v3_ncons.c v3_pcia.c v3_pci.c \
-pcy_cache.c pcy_node.c pcy_data.c pcy_map.c pcy_tree.c pcy_lib.c
-LIBOBJ= v3_bcons.o v3_bitst.o v3_conf.o v3_extku.o v3_ia5.o v3_lib.o \
-v3_prn.o v3_utl.o v3err.o v3_genn.o v3_alt.o v3_skey.o v3_akey.o v3_pku.o \
-v3_int.o v3_enum.o v3_sxnet.o v3_cpols.o v3_crld.o v3_purp.o v3_info.o \
-v3_ocsp.o v3_akeya.o v3_pmaps.o v3_pcons.o v3_ncons.o v3_pcia.o v3_pci.o \
-pcy_cache.o pcy_node.o pcy_data.o pcy_map.o pcy_tree.o pcy_lib.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= x509v3.h
-HEADER=	$(EXHEADER) pcy_int.h
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@sh $(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
-
-install:
-	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-pcy_cache.o: ../../e_os.h ../../include/openssl/asn1.h
-pcy_cache.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-pcy_cache.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-pcy_cache.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-pcy_cache.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-pcy_cache.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-pcy_cache.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-pcy_cache.o: ../../include/openssl/objects.h
-pcy_cache.o: ../../include/openssl/opensslconf.h
-pcy_cache.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-pcy_cache.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-pcy_cache.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-pcy_cache.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-pcy_cache.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-pcy_cache.o: ../cryptlib.h pcy_cache.c pcy_int.h
-pcy_data.o: ../../e_os.h ../../include/openssl/asn1.h
-pcy_data.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-pcy_data.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-pcy_data.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-pcy_data.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-pcy_data.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-pcy_data.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-pcy_data.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-pcy_data.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-pcy_data.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-pcy_data.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-pcy_data.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-pcy_data.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-pcy_data.o: ../cryptlib.h pcy_data.c pcy_int.h
-pcy_lib.o: ../../e_os.h ../../include/openssl/asn1.h
-pcy_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-pcy_lib.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-pcy_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-pcy_lib.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-pcy_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-pcy_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-pcy_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-pcy_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-pcy_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-pcy_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-pcy_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-pcy_lib.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-pcy_lib.o: ../cryptlib.h pcy_int.h pcy_lib.c
-pcy_map.o: ../../e_os.h ../../include/openssl/asn1.h
-pcy_map.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-pcy_map.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-pcy_map.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-pcy_map.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-pcy_map.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-pcy_map.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-pcy_map.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-pcy_map.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-pcy_map.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-pcy_map.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-pcy_map.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-pcy_map.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-pcy_map.o: ../cryptlib.h pcy_int.h pcy_map.c
-pcy_node.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-pcy_node.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
-pcy_node.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-pcy_node.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-pcy_node.o: ../../include/openssl/ecdsa.h ../../include/openssl/evp.h
-pcy_node.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-pcy_node.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-pcy_node.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-pcy_node.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-pcy_node.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-pcy_node.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-pcy_node.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-pcy_node.o: pcy_int.h pcy_node.c
-pcy_tree.o: ../../e_os.h ../../include/openssl/asn1.h
-pcy_tree.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-pcy_tree.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-pcy_tree.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-pcy_tree.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-pcy_tree.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-pcy_tree.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-pcy_tree.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-pcy_tree.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-pcy_tree.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-pcy_tree.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-pcy_tree.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-pcy_tree.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-pcy_tree.o: ../cryptlib.h pcy_int.h pcy_tree.c
-v3_akey.o: ../../e_os.h ../../include/openssl/asn1.h
-v3_akey.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
-v3_akey.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
-v3_akey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-v3_akey.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-v3_akey.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-v3_akey.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-v3_akey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-v3_akey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-v3_akey.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-v3_akey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-v3_akey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-v3_akey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-v3_akey.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_akey.c
-v3_akeya.o: ../../e_os.h ../../include/openssl/asn1.h
-v3_akeya.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
-v3_akeya.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
-v3_akeya.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-v3_akeya.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-v3_akeya.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-v3_akeya.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-v3_akeya.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-v3_akeya.o: ../../include/openssl/opensslconf.h
-v3_akeya.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-v3_akeya.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-v3_akeya.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-v3_akeya.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-v3_akeya.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-v3_akeya.o: ../cryptlib.h v3_akeya.c
-v3_alt.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-v3_alt.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
-v3_alt.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-v3_alt.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-v3_alt.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-v3_alt.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-v3_alt.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-v3_alt.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-v3_alt.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-v3_alt.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-v3_alt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-v3_alt.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-v3_alt.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_alt.c
-v3_bcons.o: ../../e_os.h ../../include/openssl/asn1.h
-v3_bcons.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
-v3_bcons.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
-v3_bcons.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-v3_bcons.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-v3_bcons.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-v3_bcons.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-v3_bcons.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-v3_bcons.o: ../../include/openssl/opensslconf.h
-v3_bcons.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-v3_bcons.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-v3_bcons.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-v3_bcons.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-v3_bcons.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-v3_bcons.o: ../cryptlib.h v3_bcons.c
-v3_bitst.o: ../../e_os.h ../../include/openssl/asn1.h
-v3_bitst.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-v3_bitst.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-v3_bitst.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-v3_bitst.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-v3_bitst.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-v3_bitst.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-v3_bitst.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-v3_bitst.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-v3_bitst.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-v3_bitst.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-v3_bitst.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-v3_bitst.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-v3_bitst.o: ../cryptlib.h v3_bitst.c
-v3_conf.o: ../../e_os.h ../../include/openssl/asn1.h
-v3_conf.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-v3_conf.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-v3_conf.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-v3_conf.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-v3_conf.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-v3_conf.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-v3_conf.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-v3_conf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-v3_conf.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-v3_conf.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-v3_conf.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-v3_conf.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-v3_conf.o: ../cryptlib.h v3_conf.c
-v3_cpols.o: ../../e_os.h ../../include/openssl/asn1.h
-v3_cpols.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
-v3_cpols.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
-v3_cpols.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-v3_cpols.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-v3_cpols.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-v3_cpols.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-v3_cpols.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-v3_cpols.o: ../../include/openssl/opensslconf.h
-v3_cpols.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-v3_cpols.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-v3_cpols.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-v3_cpols.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-v3_cpols.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-v3_cpols.o: ../cryptlib.h pcy_int.h v3_cpols.c
-v3_crld.o: ../../e_os.h ../../include/openssl/asn1.h
-v3_crld.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
-v3_crld.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
-v3_crld.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-v3_crld.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-v3_crld.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-v3_crld.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-v3_crld.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-v3_crld.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-v3_crld.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-v3_crld.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-v3_crld.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-v3_crld.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-v3_crld.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_crld.c
-v3_enum.o: ../../e_os.h ../../include/openssl/asn1.h
-v3_enum.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-v3_enum.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-v3_enum.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-v3_enum.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-v3_enum.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-v3_enum.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-v3_enum.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-v3_enum.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-v3_enum.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-v3_enum.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-v3_enum.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-v3_enum.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-v3_enum.o: ../cryptlib.h v3_enum.c
-v3_extku.o: ../../e_os.h ../../include/openssl/asn1.h
-v3_extku.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
-v3_extku.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
-v3_extku.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-v3_extku.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-v3_extku.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-v3_extku.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-v3_extku.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-v3_extku.o: ../../include/openssl/opensslconf.h
-v3_extku.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-v3_extku.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-v3_extku.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-v3_extku.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-v3_extku.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-v3_extku.o: ../cryptlib.h v3_extku.c
-v3_genn.o: ../../e_os.h ../../include/openssl/asn1.h
-v3_genn.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
-v3_genn.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
-v3_genn.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-v3_genn.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-v3_genn.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-v3_genn.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-v3_genn.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-v3_genn.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-v3_genn.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-v3_genn.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-v3_genn.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-v3_genn.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-v3_genn.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_genn.c
-v3_ia5.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-v3_ia5.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
-v3_ia5.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-v3_ia5.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-v3_ia5.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-v3_ia5.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-v3_ia5.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-v3_ia5.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-v3_ia5.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-v3_ia5.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-v3_ia5.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-v3_ia5.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-v3_ia5.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_ia5.c
-v3_info.o: ../../e_os.h ../../include/openssl/asn1.h
-v3_info.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
-v3_info.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
-v3_info.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-v3_info.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-v3_info.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-v3_info.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-v3_info.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-v3_info.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-v3_info.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-v3_info.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-v3_info.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-v3_info.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-v3_info.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_info.c
-v3_int.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-v3_int.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
-v3_int.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-v3_int.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-v3_int.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-v3_int.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-v3_int.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-v3_int.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-v3_int.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-v3_int.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-v3_int.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-v3_int.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-v3_int.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_int.c
-v3_lib.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-v3_lib.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
-v3_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-v3_lib.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-v3_lib.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-v3_lib.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-v3_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-v3_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-v3_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-v3_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-v3_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-v3_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-v3_lib.o: ../../include/openssl/x509v3.h ../cryptlib.h ext_dat.h v3_lib.c
-v3_ncons.o: ../../e_os.h ../../include/openssl/asn1.h
-v3_ncons.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
-v3_ncons.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
-v3_ncons.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-v3_ncons.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-v3_ncons.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-v3_ncons.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-v3_ncons.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-v3_ncons.o: ../../include/openssl/opensslconf.h
-v3_ncons.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-v3_ncons.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-v3_ncons.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-v3_ncons.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-v3_ncons.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-v3_ncons.o: ../cryptlib.h v3_ncons.c
-v3_ocsp.o: ../../e_os.h ../../include/openssl/asn1.h
-v3_ocsp.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-v3_ocsp.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-v3_ocsp.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-v3_ocsp.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-v3_ocsp.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-v3_ocsp.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-v3_ocsp.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h
-v3_ocsp.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-v3_ocsp.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-v3_ocsp.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-v3_ocsp.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-v3_ocsp.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-v3_ocsp.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_ocsp.c
-v3_pci.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-v3_pci.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
-v3_pci.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-v3_pci.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-v3_pci.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-v3_pci.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-v3_pci.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-v3_pci.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-v3_pci.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-v3_pci.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-v3_pci.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-v3_pci.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-v3_pci.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_pci.c
-v3_pcia.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
-v3_pcia.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-v3_pcia.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-v3_pcia.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-v3_pcia.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-v3_pcia.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-v3_pcia.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-v3_pcia.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-v3_pcia.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-v3_pcia.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-v3_pcia.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-v3_pcia.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-v3_pcia.o: ../../include/openssl/x509v3.h v3_pcia.c
-v3_pcons.o: ../../e_os.h ../../include/openssl/asn1.h
-v3_pcons.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
-v3_pcons.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
-v3_pcons.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-v3_pcons.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-v3_pcons.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-v3_pcons.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-v3_pcons.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-v3_pcons.o: ../../include/openssl/opensslconf.h
-v3_pcons.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-v3_pcons.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-v3_pcons.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-v3_pcons.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-v3_pcons.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-v3_pcons.o: ../cryptlib.h v3_pcons.c
-v3_pku.o: ../../e_os.h ../../include/openssl/asn1.h
-v3_pku.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
-v3_pku.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
-v3_pku.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-v3_pku.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-v3_pku.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-v3_pku.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-v3_pku.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-v3_pku.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-v3_pku.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-v3_pku.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-v3_pku.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-v3_pku.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-v3_pku.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_pku.c
-v3_pmaps.o: ../../e_os.h ../../include/openssl/asn1.h
-v3_pmaps.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
-v3_pmaps.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
-v3_pmaps.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-v3_pmaps.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-v3_pmaps.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-v3_pmaps.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-v3_pmaps.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-v3_pmaps.o: ../../include/openssl/opensslconf.h
-v3_pmaps.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-v3_pmaps.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-v3_pmaps.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-v3_pmaps.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-v3_pmaps.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-v3_pmaps.o: ../cryptlib.h v3_pmaps.c
-v3_prn.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-v3_prn.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
-v3_prn.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-v3_prn.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-v3_prn.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-v3_prn.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-v3_prn.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-v3_prn.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-v3_prn.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-v3_prn.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-v3_prn.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-v3_prn.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-v3_prn.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_prn.c
-v3_purp.o: ../../e_os.h ../../include/openssl/asn1.h
-v3_purp.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-v3_purp.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-v3_purp.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-v3_purp.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-v3_purp.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-v3_purp.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-v3_purp.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-v3_purp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-v3_purp.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-v3_purp.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-v3_purp.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-v3_purp.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-v3_purp.o: ../cryptlib.h v3_purp.c
-v3_skey.o: ../../e_os.h ../../include/openssl/asn1.h
-v3_skey.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-v3_skey.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-v3_skey.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-v3_skey.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-v3_skey.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-v3_skey.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-v3_skey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-v3_skey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-v3_skey.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-v3_skey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-v3_skey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-v3_skey.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-v3_skey.o: ../cryptlib.h v3_skey.c
-v3_sxnet.o: ../../e_os.h ../../include/openssl/asn1.h
-v3_sxnet.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
-v3_sxnet.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
-v3_sxnet.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-v3_sxnet.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-v3_sxnet.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-v3_sxnet.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-v3_sxnet.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-v3_sxnet.o: ../../include/openssl/opensslconf.h
-v3_sxnet.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-v3_sxnet.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-v3_sxnet.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-v3_sxnet.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-v3_sxnet.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-v3_sxnet.o: ../cryptlib.h v3_sxnet.c
-v3_utl.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-v3_utl.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-v3_utl.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-v3_utl.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-v3_utl.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-v3_utl.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-v3_utl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-v3_utl.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-v3_utl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-v3_utl.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-v3_utl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-v3_utl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-v3_utl.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-v3_utl.o: ../cryptlib.h v3_utl.c
-v3err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-v3err.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
-v3err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-v3err.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-v3err.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-v3err.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-v3err.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-v3err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-v3err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-v3err.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-v3err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-v3err.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-v3err.o: ../../include/openssl/x509v3.h v3err.c
diff --git a/crypto/x509v3/ext_dat.h b/crypto/x509v3/ext_dat.h
index 3ee4bffe39..76daee6fcd 100644
--- a/crypto/x509v3/ext_dat.h
+++ b/crypto/x509v3/ext_dat.h
@@ -1,5 +1,5 @@
 /* ext_dat.h */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
 /* ====================================================================
@@ -61,18 +61,19 @@ extern X509V3_EXT_METHOD v3_bcons, v3_nscert, v3_key_usage, v3_ext_ku;
 extern X509V3_EXT_METHOD v3_pkey_usage_period, v3_sxnet, v3_info, v3_sinfo;
 extern X509V3_EXT_METHOD v3_ns_ia5_list[], v3_alt[], v3_skey_id, v3_akey_id;
 extern X509V3_EXT_METHOD v3_crl_num, v3_crl_reason, v3_crl_invdate;
-extern X509V3_EXT_METHOD v3_delta_crl, v3_cpols, v3_crld;
+extern X509V3_EXT_METHOD v3_delta_crl, v3_cpols, v3_crld, v3_freshest_crl;
 extern X509V3_EXT_METHOD v3_ocsp_nonce, v3_ocsp_accresp, v3_ocsp_acutoff;
 extern X509V3_EXT_METHOD v3_ocsp_crlid, v3_ocsp_nocheck, v3_ocsp_serviceloc;
 extern X509V3_EXT_METHOD v3_crl_hold, v3_pci;
 extern X509V3_EXT_METHOD v3_policy_mappings, v3_policy_constraints;
-extern X509V3_EXT_METHOD v3_name_constraints, v3_inhibit_anyp;
+extern X509V3_EXT_METHOD v3_name_constraints, v3_inhibit_anyp, v3_idp;
+extern X509V3_EXT_METHOD v3_addr, v3_asid;
 
 /* This table will be searched using OBJ_bsearch so it *must* kept in
  * order of the ext_nid values.
  */
 
-static X509V3_EXT_METHOD *standard_exts[] = {
+static const X509V3_EXT_METHOD *standard_exts[] = {
 &v3_nscert,
 &v3_ns_ia5_list[0],
 &v3_ns_ia5_list[1],
@@ -99,6 +100,10 @@ static X509V3_EXT_METHOD *standard_exts[] = {
 #endif
 &v3_sxnet,
 &v3_info,
+#ifndef OPENSSL_NO_RFC3779
+&v3_addr,
+&v3_asid,
+#endif
 #ifndef OPENSSL_NO_OCSP
 &v3_ocsp_nonce,
 &v3_ocsp_crlid,
@@ -113,9 +118,12 @@ static X509V3_EXT_METHOD *standard_exts[] = {
 &v3_crl_hold,
 #endif
 &v3_pci,
-&v3_policy_mappings,
 &v3_name_constraints,
-&v3_inhibit_anyp
+&v3_policy_mappings,
+&v3_inhibit_anyp,
+&v3_idp,
+&v3_alt[2],
+&v3_freshest_crl,
 };
 
 /* Number of standard extensions */
diff --git a/crypto/x509v3/pcy_cache.c b/crypto/x509v3/pcy_cache.c
index c18beb89f5..172b7e7ee4 100644
--- a/crypto/x509v3/pcy_cache.c
+++ b/crypto/x509v3/pcy_cache.c
@@ -1,5 +1,5 @@
 /* pcy_cache.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2004.
  */
 /* ====================================================================
@@ -139,7 +139,6 @@ static int policy_cache_new(X509 *x)
 		return 0;
 	cache->anyPolicy = NULL;
 	cache->data = NULL;
-	cache->maps = NULL;
 	cache->any_skip = -1;
 	cache->explicit_skip = -1;
 	cache->map_skip = -1;
diff --git a/crypto/x509v3/pcy_data.c b/crypto/x509v3/pcy_data.c
index 614d2b4935..3444b03195 100644
--- a/crypto/x509v3/pcy_data.c
+++ b/crypto/x509v3/pcy_data.c
@@ -1,5 +1,5 @@
 /* pcy_data.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2004.
  */
 /* ====================================================================
@@ -82,11 +82,21 @@ void policy_data_free(X509_POLICY_DATA *data)
  * another source.
  */
 
-X509_POLICY_DATA *policy_data_new(POLICYINFO *policy, ASN1_OBJECT *id, int crit)
+X509_POLICY_DATA *policy_data_new(POLICYINFO *policy,
+					const ASN1_OBJECT *cid, int crit)
 	{
 	X509_POLICY_DATA *ret;
-	if (!policy && !id)
+	ASN1_OBJECT *id;
+	if (!policy && !cid)
 		return NULL;
+	if (cid)
+		{
+		id = OBJ_dup(cid);
+		if (!id)
+			return NULL;
+		}
+	else
+		id = NULL;
 	ret = OPENSSL_malloc(sizeof(X509_POLICY_DATA));
 	if (!ret)
 		return NULL;
@@ -94,6 +104,8 @@ X509_POLICY_DATA *policy_data_new(POLICYINFO *policy, ASN1_OBJECT *id, int crit)
 	if (!ret->expected_policy_set)
 		{
 		OPENSSL_free(ret);
+		if (id)
+			ASN1_OBJECT_free(id);
 		return NULL;
 		}
 
diff --git a/crypto/x509v3/pcy_int.h b/crypto/x509v3/pcy_int.h
index ba62a209da..ccff92846e 100644
--- a/crypto/x509v3/pcy_int.h
+++ b/crypto/x509v3/pcy_int.h
@@ -1,5 +1,5 @@
 /* pcy_int.h */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2004.
  */
 /* ====================================================================
@@ -56,12 +56,10 @@
  *
  */
 
-DECLARE_STACK_OF(X509_POLICY_DATA)
-DECLARE_STACK_OF(X509_POLICY_REF)
-DECLARE_STACK_OF(X509_POLICY_NODE)
 
 typedef struct X509_POLICY_DATA_st X509_POLICY_DATA;
-typedef struct X509_POLICY_REF_st X509_POLICY_REF;
+
+DECLARE_STACK_OF(X509_POLICY_DATA)
 
 /* Internal structures */
 
@@ -110,16 +108,6 @@ struct X509_POLICY_DATA_st
 
 #define POLICY_DATA_FLAG_CRITICAL		0x10
 
-/* This structure is an entry from a table of mapped policies which
- * cross reference the policy it refers to.
- */
-
-struct X509_POLICY_REF_st
-	{
-	ASN1_OBJECT *subjectDomainPolicy;
-	const X509_POLICY_DATA *data;
-	};
-
 /* This structure is cached with a certificate */
 
 struct X509_POLICY_CACHE_st {
@@ -127,8 +115,6 @@ struct X509_POLICY_CACHE_st {
 	X509_POLICY_DATA *anyPolicy;
 	/* other policy data */
 	STACK_OF(X509_POLICY_DATA) *data;
-	/* If policyMappings extension present a table of mapped policies */
-	STACK_OF(X509_POLICY_REF) *maps;
 	/* If InhibitAnyPolicy present this is its value or -1 if absent. */
 	long any_skip;
 	/* If policyConstraints and requireExplicitPolicy present this is its
@@ -193,7 +179,7 @@ struct X509_POLICY_TREE_st
 
 /* Internal functions */
 
-X509_POLICY_DATA *policy_data_new(POLICYINFO *policy, ASN1_OBJECT *id,
+X509_POLICY_DATA *policy_data_new(POLICYINFO *policy, const ASN1_OBJECT *id,
 								int crit);
 void policy_data_free(X509_POLICY_DATA *data);
 
@@ -209,15 +195,18 @@ void policy_cache_init(void);
 void policy_cache_free(X509_POLICY_CACHE *cache);
 
 X509_POLICY_NODE *level_find_node(const X509_POLICY_LEVEL *level,
+					const X509_POLICY_NODE *parent,	
 					const ASN1_OBJECT *id);
 
 X509_POLICY_NODE *tree_find_sk(STACK_OF(X509_POLICY_NODE) *sk,
 						const ASN1_OBJECT *id);
 
 X509_POLICY_NODE *level_add_node(X509_POLICY_LEVEL *level,
-			X509_POLICY_DATA *data,
+			const X509_POLICY_DATA *data,
 			X509_POLICY_NODE *parent,
 			X509_POLICY_TREE *tree);
 void policy_node_free(X509_POLICY_NODE *node);
+int policy_node_match(const X509_POLICY_LEVEL *lvl,
+		      const X509_POLICY_NODE *node, const ASN1_OBJECT *oid);
 
 const X509_POLICY_CACHE *policy_cache_set(X509 *x);
diff --git a/crypto/x509v3/pcy_lib.c b/crypto/x509v3/pcy_lib.c
index dae4840bc5..93bfd92703 100644
--- a/crypto/x509v3/pcy_lib.c
+++ b/crypto/x509v3/pcy_lib.c
@@ -1,5 +1,5 @@
 /* pcy_lib.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2004.
  */
 /* ====================================================================
diff --git a/crypto/x509v3/pcy_map.c b/crypto/x509v3/pcy_map.c
index 35221e8ba8..21163b529d 100644
--- a/crypto/x509v3/pcy_map.c
+++ b/crypto/x509v3/pcy_map.c
@@ -1,5 +1,5 @@
 /* pcy_map.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2004.
  */
 /* ====================================================================
@@ -62,31 +62,6 @@
 
 #include "pcy_int.h"
 
-static int ref_cmp(const X509_POLICY_REF * const *a,
-			const X509_POLICY_REF * const *b)
-	{
-	return OBJ_cmp((*a)->subjectDomainPolicy, (*b)->subjectDomainPolicy);
-	}
-
-static void policy_map_free(X509_POLICY_REF *map)
-	{
-	if (map->subjectDomainPolicy)
-		ASN1_OBJECT_free(map->subjectDomainPolicy);
-	OPENSSL_free(map);
-	}
-
-static X509_POLICY_REF *policy_map_find(X509_POLICY_CACHE *cache, ASN1_OBJECT *id)
-	{
-	X509_POLICY_REF tmp;
-	int idx;
-	tmp.subjectDomainPolicy = id;
-
-	idx = sk_X509_POLICY_REF_find(cache->maps, &tmp);
-	if (idx == -1)
-		return NULL;
-	return sk_X509_POLICY_REF_value(cache->maps, idx);
-	}
-
 /* Set policy mapping entries in cache.
  * Note: this modifies the passed POLICY_MAPPINGS structure
  */
@@ -94,7 +69,6 @@ static X509_POLICY_REF *policy_map_find(X509_POLICY_CACHE *cache, ASN1_OBJECT *i
 int policy_cache_set_mapping(X509 *x, POLICY_MAPPINGS *maps)
 	{
 	POLICY_MAPPING *map;
-	X509_POLICY_REF *ref = NULL;
 	X509_POLICY_DATA *data;
 	X509_POLICY_CACHE *cache = x->policy_cache;
 	int i;
@@ -104,7 +78,6 @@ int policy_cache_set_mapping(X509 *x, POLICY_MAPPINGS *maps)
 		ret = -1;
 		goto bad_mapping;
 		}
-	cache->maps = sk_X509_POLICY_REF_new(ref_cmp);
 	for (i = 0; i < sk_POLICY_MAPPING_num(maps); i++)
 		{
 		map = sk_POLICY_MAPPING_value(maps, i);
@@ -116,13 +89,6 @@ int policy_cache_set_mapping(X509 *x, POLICY_MAPPINGS *maps)
 			goto bad_mapping;
 			}
 
-		/* If we've already mapped from this OID bad mapping */
-		if (policy_map_find(cache, map->subjectDomainPolicy) != NULL)
-			{
-			ret = -1;
-			goto bad_mapping;
-			}
-
 		/* Attempt to find matching policy data */
 		data = policy_cache_find_data(cache, map->issuerDomainPolicy);
 		/* If we don't have anyPolicy can't map */
@@ -138,7 +104,7 @@ int policy_cache_set_mapping(X509 *x, POLICY_MAPPINGS *maps)
 			if (!data)
 				goto bad_mapping;
 			data->qualifier_set = cache->anyPolicy->qualifier_set;
-			map->issuerDomainPolicy = NULL;
+			/*map->issuerDomainPolicy = NULL;*/
 			data->flags |= POLICY_DATA_FLAG_MAPPED_ANY;
 			data->flags |= POLICY_DATA_FLAG_SHARED_QUALIFIERS;
 			if (!sk_X509_POLICY_DATA_push(cache->data, data))
@@ -149,23 +115,10 @@ int policy_cache_set_mapping(X509 *x, POLICY_MAPPINGS *maps)
 			}
 		else
 			data->flags |= POLICY_DATA_FLAG_MAPPED;
-
 		if (!sk_ASN1_OBJECT_push(data->expected_policy_set, 
 						map->subjectDomainPolicy))
 			goto bad_mapping;
-		
-		ref = OPENSSL_malloc(sizeof(X509_POLICY_REF));
-		if (!ref)
-			goto bad_mapping;
-
-		ref->subjectDomainPolicy = map->subjectDomainPolicy;
 		map->subjectDomainPolicy = NULL;
-		ref->data = data;
-
-		if (!sk_X509_POLICY_REF_push(cache->maps, ref))
-			goto bad_mapping;
-
-		ref = NULL;
 
 		}
 
@@ -173,13 +126,6 @@ int policy_cache_set_mapping(X509 *x, POLICY_MAPPINGS *maps)
 	bad_mapping:
 	if (ret == -1)
 		x->ex_flags |= EXFLAG_INVALID_POLICY;
-	if (ref)
-		policy_map_free(ref);
-	if (ret <= 0)
-		{
-		sk_X509_POLICY_REF_pop_free(cache->maps, policy_map_free);
-		cache->maps = NULL;
-		}
 	sk_POLICY_MAPPING_pop_free(maps, POLICY_MAPPING_free);
 	return ret;
 
diff --git a/crypto/x509v3/pcy_node.c b/crypto/x509v3/pcy_node.c
index dcc1554e29..bd1e7f1ae8 100644
--- a/crypto/x509v3/pcy_node.c
+++ b/crypto/x509v3/pcy_node.c
@@ -1,5 +1,5 @@
 /* pcy_node.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2004.
  */
 /* ====================================================================
@@ -92,13 +92,25 @@ X509_POLICY_NODE *tree_find_sk(STACK_OF(X509_POLICY_NODE) *nodes,
 	}
 
 X509_POLICY_NODE *level_find_node(const X509_POLICY_LEVEL *level,
+					const X509_POLICY_NODE *parent,	
 					const ASN1_OBJECT *id)
 	{
-	return tree_find_sk(level->nodes, id);
+	X509_POLICY_NODE *node;
+	int i;
+	for (i = 0; i < sk_X509_POLICY_NODE_num(level->nodes); i++)
+		{
+		node = sk_X509_POLICY_NODE_value(level->nodes, i);
+		if (node->parent == parent)
+			{
+			if (!OBJ_cmp(node->data->valid_policy, id))
+				return node;
+			}
+		}
+	return NULL;
 	}
 
 X509_POLICY_NODE *level_add_node(X509_POLICY_LEVEL *level,
-			X509_POLICY_DATA *data,
+			const X509_POLICY_DATA *data,
 			X509_POLICY_NODE *parent,
 			X509_POLICY_TREE *tree)
 	{
@@ -155,4 +167,31 @@ void policy_node_free(X509_POLICY_NODE *node)
 	OPENSSL_free(node);
 	}
 
+/* See if a policy node matches a policy OID. If mapping enabled look through
+ * expected policy set otherwise just valid policy.
+ */
+
+int policy_node_match(const X509_POLICY_LEVEL *lvl,
+		      const X509_POLICY_NODE *node, const ASN1_OBJECT *oid)
+	{
+	int i;
+	ASN1_OBJECT *policy_oid;
+	const X509_POLICY_DATA *x = node->data;
+
+	if (	    (lvl->flags & X509_V_FLAG_INHIBIT_MAP)
+		|| !(x->flags & POLICY_DATA_FLAG_MAP_MASK))
+		{
+		if (!OBJ_cmp(x->valid_policy, oid))
+			return 1;
+		return 0;
+		}
+
+	for (i = 0; i < sk_ASN1_OBJECT_num(x->expected_policy_set); i++)
+		{
+		policy_oid = sk_ASN1_OBJECT_value(x->expected_policy_set, i);
+		if (!OBJ_cmp(policy_oid, oid))
+			return 1;
+		}
+	return 0;
 
+	}
diff --git a/crypto/x509v3/pcy_tree.c b/crypto/x509v3/pcy_tree.c
index 62eea0c4ab..92f6b24556 100644
--- a/crypto/x509v3/pcy_tree.c
+++ b/crypto/x509v3/pcy_tree.c
@@ -1,5 +1,5 @@
 /* pcy_tree.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2004.
  */
 /* ====================================================================
@@ -62,6 +62,75 @@
 
 #include "pcy_int.h"
 
+/* Enable this to print out the complete policy tree at various point during
+ * evaluation.
+ */
+
+/*#define OPENSSL_POLICY_DEBUG*/
+
+#ifdef OPENSSL_POLICY_DEBUG
+
+static void expected_print(BIO *err, X509_POLICY_LEVEL *lev,
+				X509_POLICY_NODE *node, int indent)
+	{
+	if (	    (lev->flags & X509_V_FLAG_INHIBIT_MAP)
+		|| !(node->data->flags & POLICY_DATA_FLAG_MAP_MASK))
+		BIO_puts(err, "  Not Mapped\n");
+	else
+		{
+		int i;
+		STACK_OF(ASN1_OBJECT) *pset = node->data->expected_policy_set;
+		ASN1_OBJECT *oid;
+		BIO_puts(err, "  Expected: ");
+		for (i = 0; i < sk_ASN1_OBJECT_num(pset); i++)
+			{
+			oid = sk_ASN1_OBJECT_value(pset, i);
+			if (i)
+				BIO_puts(err, ", ");
+			i2a_ASN1_OBJECT(err, oid);
+			}
+		BIO_puts(err, "\n");
+		}
+	}
+
+static void tree_print(char *str, X509_POLICY_TREE *tree,
+			X509_POLICY_LEVEL *curr)
+	{
+	X509_POLICY_LEVEL *plev;
+	X509_POLICY_NODE *node;
+	int i;
+	BIO *err;
+	err = BIO_new_fp(stderr, BIO_NOCLOSE);
+	if (!curr)
+		curr = tree->levels + tree->nlevel;
+	else
+		curr++;
+	BIO_printf(err, "Level print after %s\n", str);
+	BIO_printf(err, "Printing Up to Level %ld\n", curr - tree->levels);
+	for (plev = tree->levels; plev != curr; plev++)
+		{
+		BIO_printf(err, "Level %ld, flags = %x\n",
+				plev - tree->levels, plev->flags);
+		for (i = 0; i < sk_X509_POLICY_NODE_num(plev->nodes); i++)
+			{
+			node = sk_X509_POLICY_NODE_value(plev->nodes, i);
+			X509_POLICY_NODE_print(err, node, 2);
+			expected_print(err, plev, node, 2);
+			BIO_printf(err, "  Flags: %x\n", node->data->flags);
+			}
+		if (plev->anyPolicy)
+			X509_POLICY_NODE_print(err, plev->anyPolicy, 2);
+		}
+
+	BIO_free(err);
+
+	}
+#else
+
+#define tree_print(a,b,c) /* */
+
+#endif
+
 /* Initialize policy tree. Return values:
  *  0 Some internal error occured.
  * -1 Inconsistent or invalid extensions in certificates.
@@ -87,8 +156,10 @@ static int tree_init(X509_POLICY_TREE **ptree, STACK_OF(X509) *certs,
 	*ptree = NULL;
 	n = sk_X509_num(certs);
 
+#if 0
 	/* Disable policy mapping for now... */
 	flags |= X509_V_FLAG_INHIBIT_MAP;
+#endif
 
 	if (flags & X509_V_FLAG_EXPLICIT_POLICY)
 		explicit_policy = 0;
@@ -130,9 +201,9 @@ static int tree_init(X509_POLICY_TREE **ptree, STACK_OF(X509) *certs,
 			ret = 2;
 		if (explicit_policy > 0)
 			{
-			explicit_policy--;
-			if (!(x->ex_flags & EXFLAG_SS)
-				&& (cache->explicit_skip != -1)
+			if (!(x->ex_flags & EXFLAG_SI))
+				explicit_policy--;
+			if ((cache->explicit_skip != -1)
 				&& (cache->explicit_skip < explicit_policy))
 				explicit_policy = cache->explicit_skip;
 			}
@@ -160,7 +231,7 @@ static int tree_init(X509_POLICY_TREE **ptree, STACK_OF(X509) *certs,
 	tree->auth_policies = NULL;
 	tree->user_policies = NULL;
 
-	if (!tree)
+	if (!tree->levels)
 		{
 		OPENSSL_free(tree);
 		return 0;
@@ -184,7 +255,6 @@ static int tree_init(X509_POLICY_TREE **ptree, STACK_OF(X509) *certs,
 		level++;
 		x = sk_X509_value(certs, i);
 		cache = policy_cache_set(x);
-
 		CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509);
 		level->cert = x;
 
@@ -197,13 +267,14 @@ static int tree_init(X509_POLICY_TREE **ptree, STACK_OF(X509) *certs,
 			/* Any matching allowed if certificate is self
 			 * issued and not the last in the chain.
 			 */
-			if (!(x->ex_flags && EXFLAG_SS) || (i == 0))
+			if (!(x->ex_flags & EXFLAG_SI) || (i == 0))
 				level->flags |= X509_V_FLAG_INHIBIT_ANY;
 			}
 		else
 			{
-			any_skip--;
-			if ((cache->any_skip > 0)
+			if (!(x->ex_flags & EXFLAG_SI))
+				any_skip--;
+			if ((cache->any_skip >= 0)
 				&& (cache->any_skip < any_skip))
 				any_skip = cache->any_skip;
 			}
@@ -212,13 +283,13 @@ static int tree_init(X509_POLICY_TREE **ptree, STACK_OF(X509) *certs,
 			level->flags |= X509_V_FLAG_INHIBIT_MAP;
 		else
 			{
-			map_skip--;
-			if ((cache->map_skip > 0)
+			if (!(x->ex_flags & EXFLAG_SI))
+				map_skip--;
+			if ((cache->map_skip >= 0)
 				&& (cache->map_skip < map_skip))
 				map_skip = cache->map_skip;
 			}
 
-
 		}
 
 	*ptree = tree;
@@ -236,7 +307,32 @@ static int tree_init(X509_POLICY_TREE **ptree, STACK_OF(X509) *certs,
 
 	}
 
-/* This corresponds to RFC3280 XXXX XXXXX:
+static int tree_link_matching_nodes(X509_POLICY_LEVEL *curr,
+				const X509_POLICY_DATA *data)
+	{
+	X509_POLICY_LEVEL *last = curr - 1;
+	X509_POLICY_NODE *node;
+	int i, matched = 0;
+	/* Iterate through all in nodes linking matches */
+	for (i = 0; i < sk_X509_POLICY_NODE_num(last->nodes); i++)
+		{
+		node = sk_X509_POLICY_NODE_value(last->nodes, i);
+		if (policy_node_match(last, node, data->valid_policy))
+			{
+			if (!level_add_node(curr, data, node, NULL))
+				return 0;
+			matched = 1;
+			}
+		}
+	if (!matched && last->anyPolicy)
+		{
+		if (!level_add_node(curr, data, last->anyPolicy, NULL))
+			return 0;
+		}
+	return 1;
+	}
+
+/* This corresponds to RFC3280 6.1.3(d)(1):
  * link any data from CertificatePolicies onto matching parent
  * or anyPolicy if no match.
  */
@@ -247,7 +343,6 @@ static int tree_link_nodes(X509_POLICY_LEVEL *curr,
 	int i;
 	X509_POLICY_LEVEL *last;
 	X509_POLICY_DATA *data;
-	X509_POLICY_NODE *parent;
 	last = curr - 1;
 	for (i = 0; i < sk_X509_POLICY_DATA_num(cache->data); i++)
 		{
@@ -260,40 +355,109 @@ static int tree_link_nodes(X509_POLICY_LEVEL *curr,
 		 * link because then it will have the mapping flags
 		 * right and we can prune it later.
 		 */
+#if 0
 		if ((data->flags & POLICY_DATA_FLAG_MAPPED_ANY)
 			&& !(curr->flags & X509_V_FLAG_INHIBIT_ANY))
 			continue;
-		/* Look for matching node in parent */
-		parent = level_find_node(last, data->valid_policy);
-		/* If no match link to anyPolicy */
-		if (!parent)
-			parent = last->anyPolicy;
-		if (parent && !level_add_node(curr, data, parent, NULL))
+#endif
+		/* Look for matching nodes in previous level */
+		if (!tree_link_matching_nodes(curr, data))
 				return 0;
 		}
 	return 1;
 	}
 
-/* This corresponds to RFC3280 XXXX XXXXX:
+/* This corresponds to RFC3280 6.1.3(d)(2):
  * Create new data for any unmatched policies in the parent and link
  * to anyPolicy.
  */
 
+static int tree_add_unmatched(X509_POLICY_LEVEL *curr,
+			const X509_POLICY_CACHE *cache,
+			const ASN1_OBJECT *id,
+			X509_POLICY_NODE *node,
+			X509_POLICY_TREE *tree)
+	{
+	X509_POLICY_DATA *data;
+	if (id == NULL)
+		id = node->data->valid_policy;
+	/* Create a new node with qualifiers from anyPolicy and
+	 * id from unmatched node.
+	 */
+	data = policy_data_new(NULL, id, node_critical(node));
+
+	if (data == NULL)
+		return 0;
+	/* Curr may not have anyPolicy */
+	data->qualifier_set = cache->anyPolicy->qualifier_set;
+	data->flags |= POLICY_DATA_FLAG_SHARED_QUALIFIERS;
+	if (!level_add_node(curr, data, node, tree))
+		{
+		policy_data_free(data);
+		return 0;
+		}
+
+	return 1;
+	}
+
+static int tree_link_unmatched(X509_POLICY_LEVEL *curr,
+			const X509_POLICY_CACHE *cache,
+			X509_POLICY_NODE *node,
+			X509_POLICY_TREE *tree)
+	{
+	const X509_POLICY_LEVEL *last = curr - 1;
+	int i;
+
+	if (	    (last->flags & X509_V_FLAG_INHIBIT_MAP)
+		|| !(node->data->flags & POLICY_DATA_FLAG_MAPPED))
+		{
+		/* If no policy mapping: matched if one child present */
+		if (node->nchild)
+			return 1;
+		if (!tree_add_unmatched(curr, cache, NULL, node, tree))
+			return 0;
+		/* Add it */
+		}
+	else
+		{
+		/* If mapping: matched if one child per expected policy set */
+		STACK_OF(ASN1_OBJECT) *expset = node->data->expected_policy_set;
+		if (node->nchild == sk_ASN1_OBJECT_num(expset))
+			return 1;
+		/* Locate unmatched nodes */
+		for (i = 0; i < sk_ASN1_OBJECT_num(expset); i++)
+			{
+			ASN1_OBJECT *oid = sk_ASN1_OBJECT_value(expset, i);
+			if (level_find_node(curr, node, oid))
+				continue;
+			if (!tree_add_unmatched(curr, cache, oid, node, tree))
+				return 0;
+			}
+
+		}
+
+	return 1;
+
+	}
+
 static int tree_link_any(X509_POLICY_LEVEL *curr,
 			const X509_POLICY_CACHE *cache,
 			X509_POLICY_TREE *tree)
 	{
 	int i;
-	X509_POLICY_DATA *data;
+	/*X509_POLICY_DATA *data;*/
 	X509_POLICY_NODE *node;
-	X509_POLICY_LEVEL *last;
-
-	last = curr - 1;
+	X509_POLICY_LEVEL *last = curr - 1;
 
 	for (i = 0; i < sk_X509_POLICY_NODE_num(last->nodes); i++)
 		{
 		node = sk_X509_POLICY_NODE_value(last->nodes, i);
 
+		if (!tree_link_unmatched(curr, cache, node, tree))
+			return 0;
+
+#if 0
+
 		/* Skip any node with any children: we only want unmathced
 		 * nodes.
 		 *
@@ -302,6 +466,7 @@ static int tree_link_any(X509_POLICY_LEVEL *curr,
 		 */
 		if (node->nchild)
 			continue;
+
 		/* Create a new node with qualifiers from anyPolicy and
 		 * id from unmatched node.
 		 */
@@ -310,13 +475,17 @@ static int tree_link_any(X509_POLICY_LEVEL *curr,
 
 		if (data == NULL)
 			return 0;
-		data->qualifier_set = curr->anyPolicy->data->qualifier_set;
+		/* Curr may not have anyPolicy */
+		data->qualifier_set = cache->anyPolicy->qualifier_set;
 		data->flags |= POLICY_DATA_FLAG_SHARED_QUALIFIERS;
 		if (!level_add_node(curr, data, node, tree))
 			{
 			policy_data_free(data);
 			return 0;
 			}
+
+#endif
+
 		}
 	/* Finally add link to anyPolicy */
 	if (last->anyPolicy)
@@ -335,30 +504,36 @@ static int tree_link_any(X509_POLICY_LEVEL *curr,
 
 static int tree_prune(X509_POLICY_TREE *tree, X509_POLICY_LEVEL *curr)
 	{
+	STACK_OF(X509_POLICY_NODE) *nodes;
 	X509_POLICY_NODE *node;
 	int i;
-	for (i = sk_X509_POLICY_NODE_num(curr->nodes) - 1; i >= 0; i--)
+	nodes = curr->nodes;
+	if (curr->flags & X509_V_FLAG_INHIBIT_MAP)
 		{
-		node = sk_X509_POLICY_NODE_value(curr->nodes, i);
-		/* Delete any mapped data: see RFC3280 XXXX */
-		if (node->data->flags & POLICY_DATA_FLAG_MAP_MASK)
+		for (i = sk_X509_POLICY_NODE_num(nodes) - 1; i >= 0; i--)
 			{
-			node->parent->nchild--;
-			OPENSSL_free(node);
-			sk_X509_POLICY_NODE_delete(curr->nodes, i);
+			node = sk_X509_POLICY_NODE_value(nodes, i);
+			/* Delete any mapped data: see RFC3280 XXXX */
+			if (node->data->flags & POLICY_DATA_FLAG_MAP_MASK)
+				{
+				node->parent->nchild--;
+				OPENSSL_free(node);
+				(void)sk_X509_POLICY_NODE_delete(nodes,i);
+				}
 			}
 		}
 
 	for(;;)	{
 		--curr;
-		for (i = sk_X509_POLICY_NODE_num(curr->nodes) - 1; i >= 0; i--)
+		nodes = curr->nodes;
+		for (i = sk_X509_POLICY_NODE_num(nodes) - 1; i >= 0; i--)
 			{
-			node = sk_X509_POLICY_NODE_value(curr->nodes, i);
+			node = sk_X509_POLICY_NODE_value(nodes, i);
 			if (node->nchild == 0)
 				{
 				node->parent->nchild--;
 				OPENSSL_free(node);
-				sk_X509_POLICY_NODE_delete(curr->nodes, i);
+				(void)sk_X509_POLICY_NODE_delete(nodes, i);
 				}
 			}
 		if (curr->anyPolicy && !curr->anyPolicy->nchild)
@@ -534,6 +709,7 @@ static int tree_evaluate(X509_POLICY_TREE *tree)
 		if (!(curr->flags & X509_V_FLAG_INHIBIT_ANY)
 			&& !tree_link_any(curr, cache, tree))
 			return 0;
+	tree_print("before tree_prune()", tree, curr);
 		ret = tree_prune(tree, curr);
 		if (ret != 1)
 			return ret;
@@ -602,7 +778,6 @@ int X509_policy_check(X509_POLICY_TREE **ptree, int *pexplicit_policy,
 	*pexplicit_policy = 0;
 	ret = tree_init(&tree, certs, flags);
 
-
 	switch (ret)
 		{
 
@@ -611,6 +786,10 @@ int X509_policy_check(X509_POLICY_TREE **ptree, int *pexplicit_policy,
 		return 1;
 
 		/* Some internal error */
+		case -1:
+		return -1;
+
+		/* Some internal error */
 		case 0:
 		return 0;
 
@@ -628,11 +807,24 @@ int X509_policy_check(X509_POLICY_TREE **ptree, int *pexplicit_policy,
 		/* Tree OK: continue */
 
 		case 1:
+		if (!tree)
+			/*
+			 * tree_init() returns success and a null tree
+			 * if it's just looking at a trust anchor.
+			 * I'm not sure that returning success here is
+			 * correct, but I'm sure that reporting this
+			 * as an internal error which our caller
+			 * interprets as a malloc failure is wrong.
+			 */
+			return 1;
 		break;
 		}
 
+	if (!tree) goto error;
 	ret = tree_evaluate(tree);
 
+	tree_print("tree_evaluate()", tree, NULL);
+
 	if (ret <= 0)
 		goto error;
 
diff --git a/crypto/x509v3/tabtest.c b/crypto/x509v3/tabtest.c
index dad0d38dd5..5ed6eb6891 100644
--- a/crypto/x509v3/tabtest.c
+++ b/crypto/x509v3/tabtest.c
@@ -1,5 +1,5 @@
 /* tabtest.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
 /* ====================================================================
diff --git a/crypto/x509v3/v3_addr.c b/crypto/x509v3/v3_addr.c
new file mode 100644
index 0000000000..9087d66e0a
--- /dev/null
+++ b/crypto/x509v3/v3_addr.c
@@ -0,0 +1,1287 @@
+/*
+ * Contributed to the OpenSSL Project by the American Registry for
+ * Internet Numbers ("ARIN").
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ */
+
+/*
+ * Implementation of RFC 3779 section 2.2.
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+
+#include "cryptlib.h"
+#include <openssl/conf.h>
+#include <openssl/asn1.h>
+#include <openssl/asn1t.h>
+#include <openssl/buffer.h>
+#include <openssl/x509v3.h>
+
+#ifndef OPENSSL_NO_RFC3779
+
+/*
+ * OpenSSL ASN.1 template translation of RFC 3779 2.2.3.
+ */
+
+ASN1_SEQUENCE(IPAddressRange) = {
+  ASN1_SIMPLE(IPAddressRange, min, ASN1_BIT_STRING),
+  ASN1_SIMPLE(IPAddressRange, max, ASN1_BIT_STRING)
+} ASN1_SEQUENCE_END(IPAddressRange)
+
+ASN1_CHOICE(IPAddressOrRange) = {
+  ASN1_SIMPLE(IPAddressOrRange, u.addressPrefix, ASN1_BIT_STRING),
+  ASN1_SIMPLE(IPAddressOrRange, u.addressRange,  IPAddressRange)
+} ASN1_CHOICE_END(IPAddressOrRange)
+
+ASN1_CHOICE(IPAddressChoice) = {
+  ASN1_SIMPLE(IPAddressChoice,      u.inherit,           ASN1_NULL),
+  ASN1_SEQUENCE_OF(IPAddressChoice, u.addressesOrRanges, IPAddressOrRange)
+} ASN1_CHOICE_END(IPAddressChoice)
+
+ASN1_SEQUENCE(IPAddressFamily) = {
+  ASN1_SIMPLE(IPAddressFamily, addressFamily,   ASN1_OCTET_STRING),
+  ASN1_SIMPLE(IPAddressFamily, ipAddressChoice, IPAddressChoice)
+} ASN1_SEQUENCE_END(IPAddressFamily)
+
+ASN1_ITEM_TEMPLATE(IPAddrBlocks) = 
+  ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0,
+			IPAddrBlocks, IPAddressFamily)
+ASN1_ITEM_TEMPLATE_END(IPAddrBlocks)
+
+IMPLEMENT_ASN1_FUNCTIONS(IPAddressRange)
+IMPLEMENT_ASN1_FUNCTIONS(IPAddressOrRange)
+IMPLEMENT_ASN1_FUNCTIONS(IPAddressChoice)
+IMPLEMENT_ASN1_FUNCTIONS(IPAddressFamily)
+
+/*
+ * How much buffer space do we need for a raw address?
+ */
+#define ADDR_RAW_BUF_LEN	16
+
+/*
+ * What's the address length associated with this AFI?
+ */
+static int length_from_afi(const unsigned afi)
+{
+  switch (afi) {
+  case IANA_AFI_IPV4:
+    return 4;
+  case IANA_AFI_IPV6:
+    return 16;
+  default:
+    return 0;
+  }
+}
+
+/*
+ * Extract the AFI from an IPAddressFamily.
+ */
+unsigned int v3_addr_get_afi(const IPAddressFamily *f)
+{
+  return ((f != NULL &&
+	   f->addressFamily != NULL &&
+	   f->addressFamily->data != NULL)
+	  ? ((f->addressFamily->data[0] << 8) |
+	     (f->addressFamily->data[1]))
+	  : 0);
+}
+
+/*
+ * Expand the bitstring form of an address into a raw byte array.
+ * At the moment this is coded for simplicity, not speed.
+ */
+static void addr_expand(unsigned char *addr,
+			const ASN1_BIT_STRING *bs,
+			const int length,
+			const unsigned char fill)
+{
+  OPENSSL_assert(bs->length >= 0 && bs->length <= length);
+  if (bs->length > 0) {
+    memcpy(addr, bs->data, bs->length);
+    if ((bs->flags & 7) != 0) {
+      unsigned char mask = 0xFF >> (8 - (bs->flags & 7));
+      if (fill == 0)
+	addr[bs->length - 1] &= ~mask;
+      else
+	addr[bs->length - 1] |= mask;
+    }
+  }
+  memset(addr + bs->length, fill, length - bs->length);
+}
+
+/*
+ * Extract the prefix length from a bitstring.
+ */
+#define addr_prefixlen(bs) ((int) ((bs)->length * 8 - ((bs)->flags & 7)))
+
+/*
+ * i2r handler for one address bitstring.
+ */
+static int i2r_address(BIO *out,
+		       const unsigned afi,
+		       const unsigned char fill,
+		       const ASN1_BIT_STRING *bs)
+{
+  unsigned char addr[ADDR_RAW_BUF_LEN];
+  int i, n;
+
+  switch (afi) {
+  case IANA_AFI_IPV4:
+    addr_expand(addr, bs, 4, fill);
+    BIO_printf(out, "%d.%d.%d.%d", addr[0], addr[1], addr[2], addr[3]);
+    break;
+  case IANA_AFI_IPV6:
+    addr_expand(addr, bs, 16, fill);
+    for (n = 16; n > 1 && addr[n-1] == 0x00 && addr[n-2] == 0x00; n -= 2)
+      ;
+    for (i = 0; i < n; i += 2)
+      BIO_printf(out, "%x%s", (addr[i] << 8) | addr[i+1], (i < 14 ? ":" : ""));
+    if (i < 16)
+      BIO_puts(out, ":");
+    if (i == 0)
+      BIO_puts(out, ":");
+    break;
+  default:
+    for (i = 0; i < bs->length; i++)
+      BIO_printf(out, "%s%02x", (i > 0 ? ":" : ""), bs->data[i]);
+    BIO_printf(out, "[%d]", (int) (bs->flags & 7));
+    break;
+  }
+  return 1;
+}
+
+/*
+ * i2r handler for a sequence of addresses and ranges.
+ */
+static int i2r_IPAddressOrRanges(BIO *out,
+				 const int indent,
+				 const IPAddressOrRanges *aors,
+				 const unsigned afi)
+{
+  int i;
+  for (i = 0; i < sk_IPAddressOrRange_num(aors); i++) {
+    const IPAddressOrRange *aor = sk_IPAddressOrRange_value(aors, i);
+    BIO_printf(out, "%*s", indent, "");
+    switch (aor->type) {
+    case IPAddressOrRange_addressPrefix:
+      if (!i2r_address(out, afi, 0x00, aor->u.addressPrefix))
+	return 0;
+      BIO_printf(out, "/%d\n", addr_prefixlen(aor->u.addressPrefix));
+      continue;
+    case IPAddressOrRange_addressRange:
+      if (!i2r_address(out, afi, 0x00, aor->u.addressRange->min))
+	return 0;
+      BIO_puts(out, "-");
+      if (!i2r_address(out, afi, 0xFF, aor->u.addressRange->max))
+	return 0;
+      BIO_puts(out, "\n");
+      continue;
+    }
+  }
+  return 1;
+}
+
+/*
+ * i2r handler for an IPAddrBlocks extension.
+ */
+static int i2r_IPAddrBlocks(const X509V3_EXT_METHOD *method,
+			    void *ext,
+			    BIO *out,
+			    int indent)
+{
+  const IPAddrBlocks *addr = ext;
+  int i;
+  for (i = 0; i < sk_IPAddressFamily_num(addr); i++) {
+    IPAddressFamily *f = sk_IPAddressFamily_value(addr, i);
+    const unsigned int afi = v3_addr_get_afi(f);
+    switch (afi) {
+    case IANA_AFI_IPV4:
+      BIO_printf(out, "%*sIPv4", indent, "");
+      break;
+    case IANA_AFI_IPV6:
+      BIO_printf(out, "%*sIPv6", indent, "");
+      break;
+    default:
+      BIO_printf(out, "%*sUnknown AFI %u", indent, "", afi);
+      break;
+    }
+    if (f->addressFamily->length > 2) {
+      switch (f->addressFamily->data[2]) {
+      case   1:
+	BIO_puts(out, " (Unicast)");
+	break;
+      case   2:
+	BIO_puts(out, " (Multicast)");
+	break;
+      case   3:
+	BIO_puts(out, " (Unicast/Multicast)");
+	break;
+      case   4:
+	BIO_puts(out, " (MPLS)");
+	break;
+      case  64:
+	BIO_puts(out, " (Tunnel)");
+	break;
+      case  65:
+	BIO_puts(out, " (VPLS)");
+	break;
+      case  66:
+	BIO_puts(out, " (BGP MDT)");
+	break;
+      case 128:
+	BIO_puts(out, " (MPLS-labeled VPN)");
+	break;
+      default:  
+	BIO_printf(out, " (Unknown SAFI %u)",
+		   (unsigned) f->addressFamily->data[2]);
+	break;
+      }
+    }
+    switch (f->ipAddressChoice->type) {
+    case IPAddressChoice_inherit:
+      BIO_puts(out, ": inherit\n");
+      break;
+    case IPAddressChoice_addressesOrRanges:
+      BIO_puts(out, ":\n");
+      if (!i2r_IPAddressOrRanges(out,
+				 indent + 2,
+				 f->ipAddressChoice->u.addressesOrRanges,
+				 afi))
+	return 0;
+      break;
+    }
+  }
+  return 1;
+}
+
+/*
+ * Sort comparison function for a sequence of IPAddressOrRange
+ * elements.
+ */
+static int IPAddressOrRange_cmp(const IPAddressOrRange *a,
+				const IPAddressOrRange *b,
+				const int length)
+{
+  unsigned char addr_a[ADDR_RAW_BUF_LEN], addr_b[ADDR_RAW_BUF_LEN];
+  int prefixlen_a = 0, prefixlen_b = 0;
+  int r;
+
+  switch (a->type) {
+  case IPAddressOrRange_addressPrefix:
+    addr_expand(addr_a, a->u.addressPrefix, length, 0x00);
+    prefixlen_a = addr_prefixlen(a->u.addressPrefix);
+    break;
+  case IPAddressOrRange_addressRange:
+    addr_expand(addr_a, a->u.addressRange->min, length, 0x00);
+    prefixlen_a = length * 8;
+    break;
+  }
+
+  switch (b->type) {
+  case IPAddressOrRange_addressPrefix:
+    addr_expand(addr_b, b->u.addressPrefix, length, 0x00);
+    prefixlen_b = addr_prefixlen(b->u.addressPrefix);
+    break;
+  case IPAddressOrRange_addressRange:
+    addr_expand(addr_b, b->u.addressRange->min, length, 0x00);
+    prefixlen_b = length * 8;
+    break;
+  }
+
+  if ((r = memcmp(addr_a, addr_b, length)) != 0)
+    return r;
+  else
+    return prefixlen_a - prefixlen_b;
+}
+
+/*
+ * IPv4-specific closure over IPAddressOrRange_cmp, since sk_sort()
+ * comparision routines are only allowed two arguments.
+ */
+static int v4IPAddressOrRange_cmp(const IPAddressOrRange * const *a,
+				  const IPAddressOrRange * const *b)
+{
+  return IPAddressOrRange_cmp(*a, *b, 4);
+}
+
+/*
+ * IPv6-specific closure over IPAddressOrRange_cmp, since sk_sort()
+ * comparision routines are only allowed two arguments.
+ */
+static int v6IPAddressOrRange_cmp(const IPAddressOrRange * const *a,
+				  const IPAddressOrRange * const *b)
+{
+  return IPAddressOrRange_cmp(*a, *b, 16);
+}
+
+/*
+ * Calculate whether a range collapses to a prefix.
+ * See last paragraph of RFC 3779 2.2.3.7.
+ */
+static int range_should_be_prefix(const unsigned char *min,
+				  const unsigned char *max,
+				  const int length)
+{
+  unsigned char mask;
+  int i, j;
+
+  for (i = 0; i < length && min[i] == max[i]; i++)
+    ;
+  for (j = length - 1; j >= 0 && min[j] == 0x00 && max[j] == 0xFF; j--)
+    ;
+  if (i < j)
+    return -1;
+  if (i > j)
+    return i * 8;
+  mask = min[i] ^ max[i];
+  switch (mask) {
+  case 0x01: j = 7; break;
+  case 0x03: j = 6; break;
+  case 0x07: j = 5; break;
+  case 0x0F: j = 4; break;
+  case 0x1F: j = 3; break;
+  case 0x3F: j = 2; break;
+  case 0x7F: j = 1; break;
+  default:   return -1;
+  }
+  if ((min[i] & mask) != 0 || (max[i] & mask) != mask)
+    return -1;
+  else
+    return i * 8 + j;
+}
+
+/*
+ * Construct a prefix.
+ */
+static int make_addressPrefix(IPAddressOrRange **result,
+			      unsigned char *addr,
+			      const int prefixlen)
+{
+  int bytelen = (prefixlen + 7) / 8, bitlen = prefixlen % 8;
+  IPAddressOrRange *aor = IPAddressOrRange_new();
+
+  if (aor == NULL)
+    return 0;
+  aor->type = IPAddressOrRange_addressPrefix;
+  if (aor->u.addressPrefix == NULL &&
+      (aor->u.addressPrefix = ASN1_BIT_STRING_new()) == NULL)
+    goto err;
+  if (!ASN1_BIT_STRING_set(aor->u.addressPrefix, addr, bytelen))
+    goto err;
+  aor->u.addressPrefix->flags &= ~7;
+  aor->u.addressPrefix->flags |= ASN1_STRING_FLAG_BITS_LEFT;
+  if (bitlen > 0) {
+    aor->u.addressPrefix->data[bytelen - 1] &= ~(0xFF >> bitlen);
+    aor->u.addressPrefix->flags |= 8 - bitlen;
+  }
+  
+  *result = aor;
+  return 1;
+
+ err:
+  IPAddressOrRange_free(aor);
+  return 0;
+}
+
+/*
+ * Construct a range.  If it can be expressed as a prefix,
+ * return a prefix instead.  Doing this here simplifies
+ * the rest of the code considerably.
+ */
+static int make_addressRange(IPAddressOrRange **result,
+			     unsigned char *min,
+			     unsigned char *max,
+			     const int length)
+{
+  IPAddressOrRange *aor;
+  int i, prefixlen;
+
+  if ((prefixlen = range_should_be_prefix(min, max, length)) >= 0)
+    return make_addressPrefix(result, min, prefixlen);
+
+  if ((aor = IPAddressOrRange_new()) == NULL)
+    return 0;
+  aor->type = IPAddressOrRange_addressRange;
+  OPENSSL_assert(aor->u.addressRange == NULL);
+  if ((aor->u.addressRange = IPAddressRange_new()) == NULL)
+    goto err;
+  if (aor->u.addressRange->min == NULL &&
+      (aor->u.addressRange->min = ASN1_BIT_STRING_new()) == NULL)
+    goto err;
+  if (aor->u.addressRange->max == NULL &&
+      (aor->u.addressRange->max = ASN1_BIT_STRING_new()) == NULL)
+    goto err;
+
+  for (i = length; i > 0 && min[i - 1] == 0x00; --i)
+    ;
+  if (!ASN1_BIT_STRING_set(aor->u.addressRange->min, min, i))
+    goto err;
+  aor->u.addressRange->min->flags &= ~7;
+  aor->u.addressRange->min->flags |= ASN1_STRING_FLAG_BITS_LEFT;
+  if (i > 0) {
+    unsigned char b = min[i - 1];
+    int j = 1;
+    while ((b & (0xFFU >> j)) != 0) 
+      ++j;
+    aor->u.addressRange->min->flags |= 8 - j;
+  }
+
+  for (i = length; i > 0 && max[i - 1] == 0xFF; --i)
+    ;
+  if (!ASN1_BIT_STRING_set(aor->u.addressRange->max, max, i))
+    goto err;
+  aor->u.addressRange->max->flags &= ~7;
+  aor->u.addressRange->max->flags |= ASN1_STRING_FLAG_BITS_LEFT;
+  if (i > 0) {
+    unsigned char b = max[i - 1];
+    int j = 1;
+    while ((b & (0xFFU >> j)) != (0xFFU >> j))
+      ++j;
+    aor->u.addressRange->max->flags |= 8 - j;
+  }
+
+  *result = aor;
+  return 1;
+
+ err:
+  IPAddressOrRange_free(aor);
+  return 0;
+}
+
+/*
+ * Construct a new address family or find an existing one.
+ */
+static IPAddressFamily *make_IPAddressFamily(IPAddrBlocks *addr,
+					     const unsigned afi,
+					     const unsigned *safi)
+{
+  IPAddressFamily *f;
+  unsigned char key[3];
+  unsigned keylen;
+  int i;
+
+  key[0] = (afi >> 8) & 0xFF;
+  key[1] = afi & 0xFF;
+  if (safi != NULL) {
+    key[2] = *safi & 0xFF;
+    keylen = 3;
+  } else {
+    keylen = 2;
+  }
+
+  for (i = 0; i < sk_IPAddressFamily_num(addr); i++) {
+    f = sk_IPAddressFamily_value(addr, i);
+    OPENSSL_assert(f->addressFamily->data != NULL);
+    if (f->addressFamily->length == keylen &&
+	!memcmp(f->addressFamily->data, key, keylen))
+      return f;
+  }
+
+  if ((f = IPAddressFamily_new()) == NULL)
+    goto err;
+  if (f->ipAddressChoice == NULL &&
+      (f->ipAddressChoice = IPAddressChoice_new()) == NULL)
+    goto err;
+  if (f->addressFamily == NULL && 
+      (f->addressFamily = ASN1_OCTET_STRING_new()) == NULL)
+    goto err;
+  if (!ASN1_OCTET_STRING_set(f->addressFamily, key, keylen))
+    goto err;
+  if (!sk_IPAddressFamily_push(addr, f))
+    goto err;
+
+  return f;
+
+ err:
+  IPAddressFamily_free(f);
+  return NULL;
+}
+
+/*
+ * Add an inheritance element.
+ */
+int v3_addr_add_inherit(IPAddrBlocks *addr,
+			const unsigned afi,
+			const unsigned *safi)
+{
+  IPAddressFamily *f = make_IPAddressFamily(addr, afi, safi);
+  if (f == NULL ||
+      f->ipAddressChoice == NULL ||
+      (f->ipAddressChoice->type == IPAddressChoice_addressesOrRanges &&
+       f->ipAddressChoice->u.addressesOrRanges != NULL))
+    return 0;
+  if (f->ipAddressChoice->type == IPAddressChoice_inherit &&
+      f->ipAddressChoice->u.inherit != NULL)
+    return 1;
+  if (f->ipAddressChoice->u.inherit == NULL &&
+      (f->ipAddressChoice->u.inherit = ASN1_NULL_new()) == NULL)
+    return 0;
+  f->ipAddressChoice->type = IPAddressChoice_inherit;
+  return 1;
+}
+
+/*
+ * Construct an IPAddressOrRange sequence, or return an existing one.
+ */
+static IPAddressOrRanges *make_prefix_or_range(IPAddrBlocks *addr,
+					       const unsigned afi,
+					       const unsigned *safi)
+{
+  IPAddressFamily *f = make_IPAddressFamily(addr, afi, safi);
+  IPAddressOrRanges *aors = NULL;
+
+  if (f == NULL ||
+      f->ipAddressChoice == NULL ||
+      (f->ipAddressChoice->type == IPAddressChoice_inherit &&
+       f->ipAddressChoice->u.inherit != NULL))
+    return NULL;
+  if (f->ipAddressChoice->type == IPAddressChoice_addressesOrRanges)
+    aors = f->ipAddressChoice->u.addressesOrRanges;
+  if (aors != NULL)
+    return aors;
+  if ((aors = sk_IPAddressOrRange_new_null()) == NULL)
+    return NULL;
+  switch (afi) {
+  case IANA_AFI_IPV4:
+    sk_IPAddressOrRange_set_cmp_func(aors, v4IPAddressOrRange_cmp);
+    break;
+  case IANA_AFI_IPV6:
+    sk_IPAddressOrRange_set_cmp_func(aors, v6IPAddressOrRange_cmp);
+    break;
+  }
+  f->ipAddressChoice->type = IPAddressChoice_addressesOrRanges;
+  f->ipAddressChoice->u.addressesOrRanges = aors;
+  return aors;
+}
+
+/*
+ * Add a prefix.
+ */
+int v3_addr_add_prefix(IPAddrBlocks *addr,
+		       const unsigned afi,
+		       const unsigned *safi,
+		       unsigned char *a,
+		       const int prefixlen)
+{
+  IPAddressOrRanges *aors = make_prefix_or_range(addr, afi, safi);
+  IPAddressOrRange *aor;
+  if (aors == NULL || !make_addressPrefix(&aor, a, prefixlen))
+    return 0;
+  if (sk_IPAddressOrRange_push(aors, aor))
+    return 1;
+  IPAddressOrRange_free(aor);
+  return 0;
+}
+
+/*
+ * Add a range.
+ */
+int v3_addr_add_range(IPAddrBlocks *addr,
+		      const unsigned afi,
+		      const unsigned *safi,
+		      unsigned char *min,
+		      unsigned char *max)
+{
+  IPAddressOrRanges *aors = make_prefix_or_range(addr, afi, safi);
+  IPAddressOrRange *aor;
+  int length = length_from_afi(afi);
+  if (aors == NULL)
+    return 0;
+  if (!make_addressRange(&aor, min, max, length))
+    return 0;
+  if (sk_IPAddressOrRange_push(aors, aor))
+    return 1;
+  IPAddressOrRange_free(aor);
+  return 0;
+}
+
+/*
+ * Extract min and max values from an IPAddressOrRange.
+ */
+static void extract_min_max(IPAddressOrRange *aor,
+			    unsigned char *min,
+			    unsigned char *max,
+			    int length)
+{
+  OPENSSL_assert(aor != NULL && min != NULL && max != NULL);
+  switch (aor->type) {
+  case IPAddressOrRange_addressPrefix:
+    addr_expand(min, aor->u.addressPrefix, length, 0x00);
+    addr_expand(max, aor->u.addressPrefix, length, 0xFF);
+    return;
+  case IPAddressOrRange_addressRange:
+    addr_expand(min, aor->u.addressRange->min, length, 0x00);
+    addr_expand(max, aor->u.addressRange->max, length, 0xFF);
+    return;
+  }
+}
+
+/*
+ * Public wrapper for extract_min_max().
+ */
+int v3_addr_get_range(IPAddressOrRange *aor,
+		      const unsigned afi,
+		      unsigned char *min,
+		      unsigned char *max,
+		      const int length)
+{
+  int afi_length = length_from_afi(afi);
+  if (aor == NULL || min == NULL || max == NULL ||
+      afi_length == 0 || length < afi_length ||
+      (aor->type != IPAddressOrRange_addressPrefix &&
+       aor->type != IPAddressOrRange_addressRange))
+    return 0;
+  extract_min_max(aor, min, max, afi_length);
+  return afi_length;
+}
+
+/*
+ * Sort comparision function for a sequence of IPAddressFamily.
+ *
+ * The last paragraph of RFC 3779 2.2.3.3 is slightly ambiguous about
+ * the ordering: I can read it as meaning that IPv6 without a SAFI
+ * comes before IPv4 with a SAFI, which seems pretty weird.  The
+ * examples in appendix B suggest that the author intended the
+ * null-SAFI rule to apply only within a single AFI, which is what I
+ * would have expected and is what the following code implements.
+ */
+static int IPAddressFamily_cmp(const IPAddressFamily * const *a_,
+			       const IPAddressFamily * const *b_)
+{
+  const ASN1_OCTET_STRING *a = (*a_)->addressFamily;
+  const ASN1_OCTET_STRING *b = (*b_)->addressFamily;
+  int len = ((a->length <= b->length) ? a->length : b->length);
+  int cmp = memcmp(a->data, b->data, len);
+  return cmp ? cmp : a->length - b->length;
+}
+
+/*
+ * Check whether an IPAddrBLocks is in canonical form.
+ */
+int v3_addr_is_canonical(IPAddrBlocks *addr)
+{
+  unsigned char a_min[ADDR_RAW_BUF_LEN], a_max[ADDR_RAW_BUF_LEN];
+  unsigned char b_min[ADDR_RAW_BUF_LEN], b_max[ADDR_RAW_BUF_LEN];
+  IPAddressOrRanges *aors;
+  int i, j, k;
+
+  /*
+   * Empty extension is cannonical.
+   */
+  if (addr == NULL)
+    return 1;
+
+  /*
+   * Check whether the top-level list is in order.
+   */
+  for (i = 0; i < sk_IPAddressFamily_num(addr) - 1; i++) {
+    const IPAddressFamily *a = sk_IPAddressFamily_value(addr, i);
+    const IPAddressFamily *b = sk_IPAddressFamily_value(addr, i + 1);
+    if (IPAddressFamily_cmp(&a, &b) >= 0)
+      return 0;
+  }
+
+  /*
+   * Top level's ok, now check each address family.
+   */
+  for (i = 0; i < sk_IPAddressFamily_num(addr); i++) {
+    IPAddressFamily *f = sk_IPAddressFamily_value(addr, i);
+    int length = length_from_afi(v3_addr_get_afi(f));
+
+    /*
+     * Inheritance is canonical.  Anything other than inheritance or
+     * a SEQUENCE OF IPAddressOrRange is an ASN.1 error or something.
+     */
+    if (f == NULL || f->ipAddressChoice == NULL)
+      return 0;
+    switch (f->ipAddressChoice->type) {
+    case IPAddressChoice_inherit:
+      continue;
+    case IPAddressChoice_addressesOrRanges:
+      break;
+    default:
+      return 0;
+    }
+
+    /*
+     * It's an IPAddressOrRanges sequence, check it.
+     */
+    aors = f->ipAddressChoice->u.addressesOrRanges;
+    if (sk_IPAddressOrRange_num(aors) == 0)
+      return 0;
+    for (j = 0; j < sk_IPAddressOrRange_num(aors) - 1; j++) {
+      IPAddressOrRange *a = sk_IPAddressOrRange_value(aors, j);
+      IPAddressOrRange *b = sk_IPAddressOrRange_value(aors, j + 1);
+
+      extract_min_max(a, a_min, a_max, length);
+      extract_min_max(b, b_min, b_max, length);
+
+      /*
+       * Punt misordered list, overlapping start, or inverted range.
+       */
+      if (memcmp(a_min, b_min, length) >= 0 ||
+	  memcmp(a_min, a_max, length) > 0 ||
+	  memcmp(b_min, b_max, length) > 0)
+	return 0;
+
+      /*
+       * Punt if adjacent or overlapping.  Check for adjacency by
+       * subtracting one from b_min first.
+       */
+      for (k = length - 1; k >= 0 && b_min[k]-- == 0x00; k--)
+	;
+      if (memcmp(a_max, b_min, length) >= 0)
+	return 0;
+
+      /*
+       * Check for range that should be expressed as a prefix.
+       */
+      if (a->type == IPAddressOrRange_addressRange &&
+	  range_should_be_prefix(a_min, a_max, length) >= 0)
+	return 0;
+    }
+
+    /*
+     * Check final range to see if it should be a prefix.
+     */
+    j = sk_IPAddressOrRange_num(aors) - 1;
+    {
+      IPAddressOrRange *a = sk_IPAddressOrRange_value(aors, j);
+      if (a->type == IPAddressOrRange_addressRange) {
+	extract_min_max(a, a_min, a_max, length);
+	if (range_should_be_prefix(a_min, a_max, length) >= 0)
+	  return 0;
+      }
+    }
+  }
+
+  /*
+   * If we made it through all that, we're happy.
+   */
+  return 1;
+}
+
+/*
+ * Whack an IPAddressOrRanges into canonical form.
+ */
+static int IPAddressOrRanges_canonize(IPAddressOrRanges *aors,
+				      const unsigned afi)
+{
+  int i, j, length = length_from_afi(afi);
+
+  /*
+   * Sort the IPAddressOrRanges sequence.
+   */
+  sk_IPAddressOrRange_sort(aors);
+
+  /*
+   * Clean up representation issues, punt on duplicates or overlaps.
+   */
+  for (i = 0; i < sk_IPAddressOrRange_num(aors) - 1; i++) {
+    IPAddressOrRange *a = sk_IPAddressOrRange_value(aors, i);
+    IPAddressOrRange *b = sk_IPAddressOrRange_value(aors, i + 1);
+    unsigned char a_min[ADDR_RAW_BUF_LEN], a_max[ADDR_RAW_BUF_LEN];
+    unsigned char b_min[ADDR_RAW_BUF_LEN], b_max[ADDR_RAW_BUF_LEN];
+
+    extract_min_max(a, a_min, a_max, length);
+    extract_min_max(b, b_min, b_max, length);
+
+    /*
+     * Punt overlaps.
+     */
+    if (memcmp(a_max, b_min, length) >= 0)
+      return 0;
+
+    /*
+     * Merge if a and b are adjacent.  We check for
+     * adjacency by subtracting one from b_min first.
+     */
+    for (j = length - 1; j >= 0 && b_min[j]-- == 0x00; j--)
+      ;
+    if (memcmp(a_max, b_min, length) == 0) {
+      IPAddressOrRange *merged;
+      if (!make_addressRange(&merged, a_min, b_max, length))
+	return 0;
+      sk_IPAddressOrRange_set(aors, i, merged);
+      sk_IPAddressOrRange_delete(aors, i + 1);
+      IPAddressOrRange_free(a);
+      IPAddressOrRange_free(b);
+      --i;
+      continue;
+    }
+  }
+
+  return 1;
+}
+
+/*
+ * Whack an IPAddrBlocks extension into canonical form.
+ */
+int v3_addr_canonize(IPAddrBlocks *addr)
+{
+  int i;
+  for (i = 0; i < sk_IPAddressFamily_num(addr); i++) {
+    IPAddressFamily *f = sk_IPAddressFamily_value(addr, i);
+    if (f->ipAddressChoice->type == IPAddressChoice_addressesOrRanges &&
+	!IPAddressOrRanges_canonize(f->ipAddressChoice->u.addressesOrRanges,
+				    v3_addr_get_afi(f)))
+      return 0;
+  }
+  sk_IPAddressFamily_set_cmp_func(addr, IPAddressFamily_cmp);
+  sk_IPAddressFamily_sort(addr);
+  OPENSSL_assert(v3_addr_is_canonical(addr));
+  return 1;
+}
+
+/*
+ * v2i handler for the IPAddrBlocks extension.
+ */
+static void *v2i_IPAddrBlocks(const struct v3_ext_method *method,
+			      struct v3_ext_ctx *ctx,
+			      STACK_OF(CONF_VALUE) *values)
+{
+  static const char v4addr_chars[] = "0123456789.";
+  static const char v6addr_chars[] = "0123456789.:abcdefABCDEF";
+  IPAddrBlocks *addr = NULL;
+  char *s = NULL, *t;
+  int i;
+  
+  if ((addr = sk_IPAddressFamily_new(IPAddressFamily_cmp)) == NULL) {
+    X509V3err(X509V3_F_V2I_IPADDRBLOCKS, ERR_R_MALLOC_FAILURE);
+    return NULL;
+  }
+
+  for (i = 0; i < sk_CONF_VALUE_num(values); i++) {
+    CONF_VALUE *val = sk_CONF_VALUE_value(values, i);
+    unsigned char min[ADDR_RAW_BUF_LEN], max[ADDR_RAW_BUF_LEN];
+    unsigned afi, *safi = NULL, safi_;
+    const char *addr_chars;
+    int prefixlen, i1, i2, delim, length;
+
+    if (       !name_cmp(val->name, "IPv4")) {
+      afi = IANA_AFI_IPV4;
+    } else if (!name_cmp(val->name, "IPv6")) {
+      afi = IANA_AFI_IPV6;
+    } else if (!name_cmp(val->name, "IPv4-SAFI")) {
+      afi = IANA_AFI_IPV4;
+      safi = &safi_;
+    } else if (!name_cmp(val->name, "IPv6-SAFI")) {
+      afi = IANA_AFI_IPV6;
+      safi = &safi_;
+    } else {
+      X509V3err(X509V3_F_V2I_IPADDRBLOCKS, X509V3_R_EXTENSION_NAME_ERROR);
+      X509V3_conf_err(val);
+      goto err;
+    }
+
+    switch (afi) {
+    case IANA_AFI_IPV4:
+      addr_chars = v4addr_chars;
+      break;
+    case IANA_AFI_IPV6:
+      addr_chars = v6addr_chars;
+      break;
+    }
+
+    length = length_from_afi(afi);
+
+    /*
+     * Handle SAFI, if any, and BUF_strdup() so we can null-terminate
+     * the other input values.
+     */
+    if (safi != NULL) {
+      *safi = strtoul(val->value, &t, 0);
+      t += strspn(t, " \t");
+      if (*safi > 0xFF || *t++ != ':') {
+	X509V3err(X509V3_F_V2I_IPADDRBLOCKS, X509V3_R_INVALID_SAFI);
+	X509V3_conf_err(val);
+	goto err;
+      }
+      t += strspn(t, " \t");
+      s = BUF_strdup(t);
+    } else {
+      s = BUF_strdup(val->value);
+    }
+    if (s == NULL) {
+      X509V3err(X509V3_F_V2I_IPADDRBLOCKS, ERR_R_MALLOC_FAILURE);
+      goto err;
+    }
+
+    /*
+     * Check for inheritance.  Not worth additional complexity to
+     * optimize this (seldom-used) case.
+     */
+    if (!strcmp(s, "inherit")) {
+      if (!v3_addr_add_inherit(addr, afi, safi)) {
+	X509V3err(X509V3_F_V2I_IPADDRBLOCKS, X509V3_R_INVALID_INHERITANCE);
+	X509V3_conf_err(val);
+	goto err;
+      }
+      OPENSSL_free(s);
+      s = NULL;
+      continue;
+    }
+
+    i1 = strspn(s, addr_chars);
+    i2 = i1 + strspn(s + i1, " \t");
+    delim = s[i2++];
+    s[i1] = '\0';
+
+    if (a2i_ipadd(min, s) != length) {
+      X509V3err(X509V3_F_V2I_IPADDRBLOCKS, X509V3_R_INVALID_IPADDRESS);
+      X509V3_conf_err(val);
+      goto err;
+    }
+
+    switch (delim) {
+    case '/':
+      prefixlen = (int) strtoul(s + i2, &t, 10);
+      if (t == s + i2 || *t != '\0') {
+	X509V3err(X509V3_F_V2I_IPADDRBLOCKS, X509V3_R_EXTENSION_VALUE_ERROR);
+	X509V3_conf_err(val);
+	goto err;
+      }
+      if (!v3_addr_add_prefix(addr, afi, safi, min, prefixlen)) {
+	X509V3err(X509V3_F_V2I_IPADDRBLOCKS, ERR_R_MALLOC_FAILURE);
+	goto err;
+      }
+      break;
+    case '-':
+      i1 = i2 + strspn(s + i2, " \t");
+      i2 = i1 + strspn(s + i1, addr_chars);
+      if (i1 == i2 || s[i2] != '\0') {
+	X509V3err(X509V3_F_V2I_IPADDRBLOCKS, X509V3_R_EXTENSION_VALUE_ERROR);
+	X509V3_conf_err(val);
+	goto err;
+      }
+      if (a2i_ipadd(max, s + i1) != length) {
+	X509V3err(X509V3_F_V2I_IPADDRBLOCKS, X509V3_R_INVALID_IPADDRESS);
+	X509V3_conf_err(val);
+	goto err;
+      }
+      if (!v3_addr_add_range(addr, afi, safi, min, max)) {
+	X509V3err(X509V3_F_V2I_IPADDRBLOCKS, ERR_R_MALLOC_FAILURE);
+	goto err;
+      }
+      break;
+    case '\0':
+      if (!v3_addr_add_prefix(addr, afi, safi, min, length * 8)) {
+	X509V3err(X509V3_F_V2I_IPADDRBLOCKS, ERR_R_MALLOC_FAILURE);
+	goto err;
+      }
+      break;
+    default:
+      X509V3err(X509V3_F_V2I_IPADDRBLOCKS, X509V3_R_EXTENSION_VALUE_ERROR);
+      X509V3_conf_err(val);
+      goto err;
+    }
+
+    OPENSSL_free(s);
+    s = NULL;
+  }
+
+  /*
+   * Canonize the result, then we're done.
+   */
+  if (!v3_addr_canonize(addr))
+    goto err;    
+  return addr;
+
+ err:
+  OPENSSL_free(s);
+  sk_IPAddressFamily_pop_free(addr, IPAddressFamily_free);
+  return NULL;
+}
+
+/*
+ * OpenSSL dispatch
+ */
+const X509V3_EXT_METHOD v3_addr = {
+  NID_sbgp_ipAddrBlock,		/* nid */
+  0,				/* flags */
+  ASN1_ITEM_ref(IPAddrBlocks),	/* template */
+  0, 0, 0, 0,			/* old functions, ignored */
+  0,				/* i2s */
+  0,				/* s2i */
+  0,				/* i2v */
+  v2i_IPAddrBlocks,		/* v2i */
+  i2r_IPAddrBlocks,		/* i2r */
+  0,				/* r2i */
+  NULL				/* extension-specific data */
+};
+
+/*
+ * Figure out whether extension sues inheritance.
+ */
+int v3_addr_inherits(IPAddrBlocks *addr)
+{
+  int i;
+  if (addr == NULL)
+    return 0;
+  for (i = 0; i < sk_IPAddressFamily_num(addr); i++) {
+    IPAddressFamily *f = sk_IPAddressFamily_value(addr, i);
+    if (f->ipAddressChoice->type == IPAddressChoice_inherit)
+      return 1;
+  }
+  return 0;
+}
+
+/*
+ * Figure out whether parent contains child.
+ */
+static int addr_contains(IPAddressOrRanges *parent,
+			 IPAddressOrRanges *child,
+			 int length)
+{
+  unsigned char p_min[ADDR_RAW_BUF_LEN], p_max[ADDR_RAW_BUF_LEN];
+  unsigned char c_min[ADDR_RAW_BUF_LEN], c_max[ADDR_RAW_BUF_LEN];
+  int p, c;
+
+  if (child == NULL || parent == child)
+    return 1;
+  if (parent == NULL)
+    return 0;
+
+  p = 0;
+  for (c = 0; c < sk_IPAddressOrRange_num(child); c++) {
+    extract_min_max(sk_IPAddressOrRange_value(child, c),
+		    c_min, c_max, length);
+    for (;; p++) {
+      if (p >= sk_IPAddressOrRange_num(parent))
+	return 0;
+      extract_min_max(sk_IPAddressOrRange_value(parent, p),
+		      p_min, p_max, length);
+      if (memcmp(p_max, c_max, length) < 0)
+	continue;
+      if (memcmp(p_min, c_min, length) > 0)
+	return 0;
+      break;
+    }
+  }
+
+  return 1;
+}
+
+/*
+ * Test whether a is a subset of b.
+ */
+int v3_addr_subset(IPAddrBlocks *a, IPAddrBlocks *b)
+{
+  int i;
+  if (a == NULL || a == b)
+    return 1;
+  if (b == NULL || v3_addr_inherits(a) || v3_addr_inherits(b))
+    return 0;
+  sk_IPAddressFamily_set_cmp_func(b, IPAddressFamily_cmp);
+  for (i = 0; i < sk_IPAddressFamily_num(a); i++) {
+    IPAddressFamily *fa = sk_IPAddressFamily_value(a, i);
+    int j = sk_IPAddressFamily_find(b, fa);
+    IPAddressFamily *fb;
+    fb = sk_IPAddressFamily_value(b, j);
+    if (fb == NULL)
+       return 0;
+    if (!addr_contains(fb->ipAddressChoice->u.addressesOrRanges, 
+		       fa->ipAddressChoice->u.addressesOrRanges,
+		       length_from_afi(v3_addr_get_afi(fb))))
+      return 0;
+  }
+  return 1;
+}
+
+/*
+ * Validation error handling via callback.
+ */
+#define validation_err(_err_)		\
+  do {					\
+    if (ctx != NULL) {			\
+      ctx->error = _err_;		\
+      ctx->error_depth = i;		\
+      ctx->current_cert = x;		\
+      ret = ctx->verify_cb(0, ctx);	\
+    } else {				\
+      ret = 0;				\
+    }					\
+    if (!ret)				\
+      goto done;			\
+  } while (0)
+
+/*
+ * Core code for RFC 3779 2.3 path validation.
+ */
+static int v3_addr_validate_path_internal(X509_STORE_CTX *ctx,
+					  STACK_OF(X509) *chain,
+					  IPAddrBlocks *ext)
+{
+  IPAddrBlocks *child = NULL;
+  int i, j, ret = 1;
+  X509 *x;
+
+  OPENSSL_assert(chain != NULL && sk_X509_num(chain) > 0);
+  OPENSSL_assert(ctx != NULL || ext != NULL);
+  OPENSSL_assert(ctx == NULL || ctx->verify_cb != NULL);
+
+  /*
+   * Figure out where to start.  If we don't have an extension to
+   * check, we're done.  Otherwise, check canonical form and
+   * set up for walking up the chain.
+   */
+  if (ext != NULL) {
+    i = -1;
+    x = NULL;
+  } else {
+    i = 0;
+    x = sk_X509_value(chain, i);
+    OPENSSL_assert(x != NULL);
+    if ((ext = x->rfc3779_addr) == NULL)
+      goto done;
+  }
+  if (!v3_addr_is_canonical(ext))
+    validation_err(X509_V_ERR_INVALID_EXTENSION);
+  sk_IPAddressFamily_set_cmp_func(ext, IPAddressFamily_cmp);
+  if ((child = sk_IPAddressFamily_dup(ext)) == NULL) {
+    X509V3err(X509V3_F_V3_ADDR_VALIDATE_PATH_INTERNAL, ERR_R_MALLOC_FAILURE);
+    ret = 0;
+    goto done;
+  }
+
+  /*
+   * Now walk up the chain.  No cert may list resources that its
+   * parent doesn't list.
+   */
+  for (i++; i < sk_X509_num(chain); i++) {
+    x = sk_X509_value(chain, i);
+    OPENSSL_assert(x != NULL);
+    if (!v3_addr_is_canonical(x->rfc3779_addr))
+      validation_err(X509_V_ERR_INVALID_EXTENSION);
+    if (x->rfc3779_addr == NULL) {
+      for (j = 0; j < sk_IPAddressFamily_num(child); j++) {
+	IPAddressFamily *fc = sk_IPAddressFamily_value(child, j);
+	if (fc->ipAddressChoice->type != IPAddressChoice_inherit) {
+	  validation_err(X509_V_ERR_UNNESTED_RESOURCE);
+	  break;
+	}
+      }
+      continue;
+    }
+    sk_IPAddressFamily_set_cmp_func(x->rfc3779_addr, IPAddressFamily_cmp);
+    for (j = 0; j < sk_IPAddressFamily_num(child); j++) {
+      IPAddressFamily *fc = sk_IPAddressFamily_value(child, j);
+      int k = sk_IPAddressFamily_find(x->rfc3779_addr, fc);
+      IPAddressFamily *fp = sk_IPAddressFamily_value(x->rfc3779_addr, k);
+      if (fp == NULL) {
+	if (fc->ipAddressChoice->type == IPAddressChoice_addressesOrRanges) {
+	  validation_err(X509_V_ERR_UNNESTED_RESOURCE);
+	  break;
+	}
+	continue;
+      }
+      if (fp->ipAddressChoice->type == IPAddressChoice_addressesOrRanges) {
+	if (fc->ipAddressChoice->type == IPAddressChoice_inherit ||
+	    addr_contains(fp->ipAddressChoice->u.addressesOrRanges, 
+			  fc->ipAddressChoice->u.addressesOrRanges,
+			  length_from_afi(v3_addr_get_afi(fc))))
+	  sk_IPAddressFamily_set(child, j, fp);
+	else
+	  validation_err(X509_V_ERR_UNNESTED_RESOURCE);
+      }
+    }
+  }
+
+  /*
+   * Trust anchor can't inherit.
+   */
+  OPENSSL_assert(x != NULL);
+  if (x->rfc3779_addr != NULL) {
+    for (j = 0; j < sk_IPAddressFamily_num(x->rfc3779_addr); j++) {
+      IPAddressFamily *fp = sk_IPAddressFamily_value(x->rfc3779_addr, j);
+      if (fp->ipAddressChoice->type == IPAddressChoice_inherit &&
+	  sk_IPAddressFamily_find(child, fp) >= 0)
+	validation_err(X509_V_ERR_UNNESTED_RESOURCE);
+    }
+  }
+
+ done:
+  sk_IPAddressFamily_free(child);
+  return ret;
+}
+
+#undef validation_err
+
+/*
+ * RFC 3779 2.3 path validation -- called from X509_verify_cert().
+ */
+int v3_addr_validate_path(X509_STORE_CTX *ctx)
+{
+  return v3_addr_validate_path_internal(ctx, ctx->chain, NULL);
+}
+
+/*
+ * RFC 3779 2.3 path validation of an extension.
+ * Test whether chain covers extension.
+ */
+int v3_addr_validate_resource_set(STACK_OF(X509) *chain,
+				  IPAddrBlocks *ext,
+				  int allow_inheritance)
+{
+  if (ext == NULL)
+    return 1;
+  if (chain == NULL || sk_X509_num(chain) == 0)
+    return 0;
+  if (!allow_inheritance && v3_addr_inherits(ext))
+    return 0;
+  return v3_addr_validate_path_internal(NULL, chain, ext);
+}
+
+#endif /* OPENSSL_NO_RFC3779 */
diff --git a/crypto/x509v3/v3_akey.c b/crypto/x509v3/v3_akey.c
index c481b6f12d..c6b68ee221 100644
--- a/crypto/x509v3/v3_akey.c
+++ b/crypto/x509v3/v3_akey.c
@@ -1,5 +1,5 @@
 /* v3_akey.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
 /* ====================================================================
@@ -68,7 +68,7 @@ static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method,
 static AUTHORITY_KEYID *v2i_AUTHORITY_KEYID(X509V3_EXT_METHOD *method,
 			X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *values);
 
-X509V3_EXT_METHOD v3_akey_id =
+const X509V3_EXT_METHOD v3_akey_id =
 	{
 	NID_authority_key_identifier,
 	X509V3_EXT_MULTILINE, ASN1_ITEM_ref(AUTHORITY_KEYID),
diff --git a/crypto/x509v3/v3_akeya.c b/crypto/x509v3/v3_akeya.c
index 2aafa26ba7..2c50f7360e 100644
--- a/crypto/x509v3/v3_akeya.c
+++ b/crypto/x509v3/v3_akeya.c
@@ -1,5 +1,5 @@
 /* v3_akey_asn1.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
 /* ====================================================================
diff --git a/crypto/x509v3/v3_alt.c b/crypto/x509v3/v3_alt.c
index c29eff8a91..d29d94338e 100644
--- a/crypto/x509v3/v3_alt.c
+++ b/crypto/x509v3/v3_alt.c
@@ -1,5 +1,5 @@
 /* v3_alt.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project.
  */
 /* ====================================================================
@@ -68,7 +68,7 @@ static int copy_issuer(X509V3_CTX *ctx, GENERAL_NAMES *gens);
 static int do_othername(GENERAL_NAME *gen, char *value, X509V3_CTX *ctx);
 static int do_dirname(GENERAL_NAME *gen, char *value, X509V3_CTX *ctx);
 
-X509V3_EXT_METHOD v3_alt[] = {
+const X509V3_EXT_METHOD v3_alt[] = {
 { NID_subject_alt_name, 0, ASN1_ITEM_ref(GENERAL_NAMES),
 0,0,0,0,
 0,0,
@@ -82,6 +82,12 @@ NULL, NULL, NULL},
 (X509V3_EXT_I2V)i2v_GENERAL_NAMES,
 (X509V3_EXT_V2I)v2i_issuer_alt,
 NULL, NULL, NULL},
+
+{ NID_certificate_issuer, 0, ASN1_ITEM_ref(GENERAL_NAMES),
+0,0,0,0,
+0,0,
+(X509V3_EXT_I2V)i2v_GENERAL_NAMES,
+NULL, NULL, NULL, NULL},
 };
 
 STACK_OF(CONF_VALUE) *i2v_GENERAL_NAMES(X509V3_EXT_METHOD *method,
@@ -241,7 +247,7 @@ static GENERAL_NAMES *v2i_issuer_alt(X509V3_EXT_METHOD *method,
 	CONF_VALUE *cnf;
 	int i;
 	if(!(gens = sk_GENERAL_NAME_new_null())) {
-		X509V3err(X509V3_F_V2I_GENERAL_NAMES,ERR_R_MALLOC_FAILURE);
+		X509V3err(X509V3_F_V2I_ISSUER_ALT,ERR_R_MALLOC_FAILURE);
 		return NULL;
 	}
 	for(i = 0; i < sk_CONF_VALUE_num(nval); i++) {
@@ -306,7 +312,7 @@ static GENERAL_NAMES *v2i_subject_alt(X509V3_EXT_METHOD *method,
 	CONF_VALUE *cnf;
 	int i;
 	if(!(gens = sk_GENERAL_NAME_new_null())) {
-		X509V3err(X509V3_F_V2I_GENERAL_NAMES,ERR_R_MALLOC_FAILURE);
+		X509V3err(X509V3_F_V2I_SUBJECT_ALT,ERR_R_MALLOC_FAILURE);
 		return NULL;
 	}
 	for(i = 0; i < sk_CONF_VALUE_num(nval); i++) {
@@ -341,7 +347,8 @@ static int copy_email(X509V3_CTX *ctx, GENERAL_NAMES *gens, int move_p)
 	X509_NAME_ENTRY *ne;
 	GENERAL_NAME *gen = NULL;
 	int i;
-	if(ctx->flags == CTX_TEST) return 1;
+	if(ctx != NULL && ctx->flags == CTX_TEST)
+		return 1;
 	if(!ctx || (!ctx->subject_cert && !ctx->subject_req)) {
 		X509V3err(X509V3_F_COPY_EMAIL,X509V3_R_NO_SUBJECT_DETAILS);
 		goto err;
@@ -359,6 +366,7 @@ static int copy_email(X509V3_CTX *ctx, GENERAL_NAMES *gens, int move_p)
                 if (move_p)
                         {
                         X509_NAME_delete_entry(nm, i);
+			X509_NAME_ENTRY_free(ne);
                         i--;
                         }
 		if(!email || !(gen = GENERAL_NAME_new())) {
@@ -385,8 +393,8 @@ static int copy_email(X509V3_CTX *ctx, GENERAL_NAMES *gens, int move_p)
 	
 }
 
-GENERAL_NAMES *v2i_GENERAL_NAMES(X509V3_EXT_METHOD *method,
-				X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
+GENERAL_NAMES *v2i_GENERAL_NAMES(const X509V3_EXT_METHOD *method,
+				 X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
 {
 	GENERAL_NAME *gen;
 	GENERAL_NAMES *gens = NULL;
@@ -407,28 +415,22 @@ GENERAL_NAMES *v2i_GENERAL_NAMES(X509V3_EXT_METHOD *method,
 	return NULL;
 }
 
-GENERAL_NAME *v2i_GENERAL_NAME(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
-							 CONF_VALUE *cnf)
+GENERAL_NAME *v2i_GENERAL_NAME(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
+			       CONF_VALUE *cnf)
 	{
 	return v2i_GENERAL_NAME_ex(NULL, method, ctx, cnf, 0);
 	}
 
-GENERAL_NAME *v2i_GENERAL_NAME_ex(GENERAL_NAME *out,
-				X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
-						 CONF_VALUE *cnf, int is_nc)
+GENERAL_NAME *a2i_GENERAL_NAME(GENERAL_NAME *out,
+			       const X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
+			       int gen_type, char *value, int is_nc)
 	{
 	char is_string = 0;
-	int type;
 	GENERAL_NAME *gen = NULL;
 
-	char *name, *value;
-
-	name = cnf->name;
-	value = cnf->value;
-
 	if(!value)
 		{
-		X509V3err(X509V3_F_V2I_GENERAL_NAME,X509V3_R_MISSING_VALUE);
+		X509V3err(X509V3_F_A2I_GENERAL_NAME,X509V3_R_MISSING_VALUE);
 		return NULL;
 		}
 
@@ -439,74 +441,62 @@ GENERAL_NAME *v2i_GENERAL_NAME_ex(GENERAL_NAME *out,
 		gen = GENERAL_NAME_new();
 		if(gen == NULL)
 			{
-			X509V3err(X509V3_F_V2I_GENERAL_NAME,ERR_R_MALLOC_FAILURE);
+			X509V3err(X509V3_F_A2I_GENERAL_NAME,ERR_R_MALLOC_FAILURE);
 			return NULL;
 			}
 		}
 
-	if(!name_cmp(name, "email"))
-		{
-		is_string = 1;
-		type = GEN_EMAIL;
-		}
-	else if(!name_cmp(name, "URI"))
-		{
-		is_string = 1;
-		type = GEN_URI;
-		}
-	else if(!name_cmp(name, "DNS"))
+	switch (gen_type)
 		{
+		case GEN_URI:
+		case GEN_EMAIL:
+		case GEN_DNS:
 		is_string = 1;
-		type = GEN_DNS;
-		}
-	else if(!name_cmp(name, "RID"))
+		break;
+		
+		case GEN_RID:
 		{
 		ASN1_OBJECT *obj;
 		if(!(obj = OBJ_txt2obj(value,0)))
 			{
-			X509V3err(X509V3_F_V2I_GENERAL_NAME,X509V3_R_BAD_OBJECT);
+			X509V3err(X509V3_F_A2I_GENERAL_NAME,X509V3_R_BAD_OBJECT);
 			ERR_add_error_data(2, "value=", value);
 			goto err;
 			}
 		gen->d.rid = obj;
-		type = GEN_RID;
 		}
-	else if(!name_cmp(name, "IP"))
-		{
+		break;
+
+		case GEN_IPADD:
 		if (is_nc)
 			gen->d.ip = a2i_IPADDRESS_NC(value);
 		else
 			gen->d.ip = a2i_IPADDRESS(value);
 		if(gen->d.ip == NULL)
 			{
-			X509V3err(X509V3_F_V2I_GENERAL_NAME,X509V3_R_BAD_IP_ADDRESS);
+			X509V3err(X509V3_F_A2I_GENERAL_NAME,X509V3_R_BAD_IP_ADDRESS);
 			ERR_add_error_data(2, "value=", value);
 			goto err;
 			}
-		type = GEN_IPADD;
-		}
-	else if(!name_cmp(name, "dirName"))
-		{
-		type = GEN_DIRNAME;
+		break;
+
+		case GEN_DIRNAME:
 		if (!do_dirname(gen, value, ctx))
 			{
-			X509V3err(X509V3_F_V2I_GENERAL_NAME,X509V3_R_DIRNAME_ERROR);
+			X509V3err(X509V3_F_A2I_GENERAL_NAME,X509V3_R_DIRNAME_ERROR);
 			goto err;
 			}
-		}
-	else if(!name_cmp(name, "otherName"))
-		{
+		break;
+
+		case GEN_OTHERNAME:
 		if (!do_othername(gen, value, ctx))
 			{
-			X509V3err(X509V3_F_V2I_GENERAL_NAME,X509V3_R_OTHERNAME_ERROR);
+			X509V3err(X509V3_F_A2I_GENERAL_NAME,X509V3_R_OTHERNAME_ERROR);
 			goto err;
 			}
-		type = GEN_OTHERNAME;
-		}
-	else
-		{
-		X509V3err(X509V3_F_V2I_GENERAL_NAME,X509V3_R_UNSUPPORTED_OPTION);
-		ERR_add_error_data(2, "name=", name);
+		break;
+		default:
+		X509V3err(X509V3_F_A2I_GENERAL_NAME,X509V3_R_UNSUPPORTED_TYPE);
 		goto err;
 		}
 
@@ -516,20 +506,63 @@ GENERAL_NAME *v2i_GENERAL_NAME_ex(GENERAL_NAME *out,
 			      !ASN1_STRING_set(gen->d.ia5, (unsigned char*)value,
 					       strlen(value)))
 			{
-			X509V3err(X509V3_F_V2I_GENERAL_NAME,ERR_R_MALLOC_FAILURE);
+			X509V3err(X509V3_F_A2I_GENERAL_NAME,ERR_R_MALLOC_FAILURE);
 			goto err;
 			}
 		}
 
-	gen->type = type;
+	gen->type = gen_type;
 
 	return gen;
 
 	err:
-	GENERAL_NAME_free(gen);
+	if (!out)
+		GENERAL_NAME_free(gen);
 	return NULL;
 	}
 
+GENERAL_NAME *v2i_GENERAL_NAME_ex(GENERAL_NAME *out,
+				  const X509V3_EXT_METHOD *method,
+				  X509V3_CTX *ctx, CONF_VALUE *cnf, int is_nc)
+	{
+	int type;
+
+	char *name, *value;
+
+	name = cnf->name;
+	value = cnf->value;
+
+	if(!value)
+		{
+		X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,X509V3_R_MISSING_VALUE);
+		return NULL;
+		}
+
+	if(!name_cmp(name, "email"))
+		type = GEN_EMAIL;
+	else if(!name_cmp(name, "URI"))
+		type = GEN_URI;
+	else if(!name_cmp(name, "DNS"))
+		type = GEN_DNS;
+	else if(!name_cmp(name, "RID"))
+		type = GEN_RID;
+	else if(!name_cmp(name, "IP"))
+		type = GEN_IPADD;
+	else if(!name_cmp(name, "dirName"))
+		type = GEN_DIRNAME;
+	else if(!name_cmp(name, "otherName"))
+		type = GEN_OTHERNAME;
+	else
+		{
+		X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,X509V3_R_UNSUPPORTED_OPTION);
+		ERR_add_error_data(2, "name=", name);
+		return NULL;
+		}
+
+	return a2i_GENERAL_NAME(out, method, ctx, type, value, is_nc);
+
+	}
+
 static int do_othername(GENERAL_NAME *gen, char *value, X509V3_CTX *ctx)
 	{
 	char *objtmp = NULL, *p;
@@ -575,6 +608,7 @@ static int do_dirname(GENERAL_NAME *gen, char *value, X509V3_CTX *ctx)
 	if (!ret)
 		X509_NAME_free(nm);
 	gen->d.dirn = nm;
+	X509V3_section_free(ctx, sk);
 		
 	return ret;
 	}
diff --git a/crypto/x509v3/v3_asid.c b/crypto/x509v3/v3_asid.c
new file mode 100644
index 0000000000..56702f86b9
--- /dev/null
+++ b/crypto/x509v3/v3_asid.c
@@ -0,0 +1,844 @@
+/*
+ * Contributed to the OpenSSL Project by the American Registry for
+ * Internet Numbers ("ARIN").
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ */
+
+/*
+ * Implementation of RFC 3779 section 3.2.
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <assert.h>
+#include "cryptlib.h"
+#include <openssl/conf.h>
+#include <openssl/asn1.h>
+#include <openssl/asn1t.h>
+#include <openssl/x509v3.h>
+#include <openssl/x509.h>
+#include <openssl/bn.h>
+
+#ifndef OPENSSL_NO_RFC3779
+
+/*
+ * OpenSSL ASN.1 template translation of RFC 3779 3.2.3.
+ */
+
+ASN1_SEQUENCE(ASRange) = {
+  ASN1_SIMPLE(ASRange, min, ASN1_INTEGER),
+  ASN1_SIMPLE(ASRange, max, ASN1_INTEGER)
+} ASN1_SEQUENCE_END(ASRange)
+
+ASN1_CHOICE(ASIdOrRange) = {
+  ASN1_SIMPLE(ASIdOrRange, u.id,    ASN1_INTEGER),
+  ASN1_SIMPLE(ASIdOrRange, u.range, ASRange)
+} ASN1_CHOICE_END(ASIdOrRange)
+
+ASN1_CHOICE(ASIdentifierChoice) = {
+  ASN1_SIMPLE(ASIdentifierChoice,      u.inherit,       ASN1_NULL),
+  ASN1_SEQUENCE_OF(ASIdentifierChoice, u.asIdsOrRanges, ASIdOrRange)
+} ASN1_CHOICE_END(ASIdentifierChoice)
+
+ASN1_SEQUENCE(ASIdentifiers) = {
+  ASN1_EXP_OPT(ASIdentifiers, asnum, ASIdentifierChoice, 0),
+  ASN1_EXP_OPT(ASIdentifiers, rdi,   ASIdentifierChoice, 1)
+} ASN1_SEQUENCE_END(ASIdentifiers)
+
+IMPLEMENT_ASN1_FUNCTIONS(ASRange)
+IMPLEMENT_ASN1_FUNCTIONS(ASIdOrRange)
+IMPLEMENT_ASN1_FUNCTIONS(ASIdentifierChoice)
+IMPLEMENT_ASN1_FUNCTIONS(ASIdentifiers)
+
+/*
+ * i2r method for an ASIdentifierChoice.
+ */
+static int i2r_ASIdentifierChoice(BIO *out,
+				  ASIdentifierChoice *choice,
+				  int indent,
+				  const char *msg)
+{
+  int i;
+  char *s;
+  if (choice == NULL)
+    return 1;
+  BIO_printf(out, "%*s%s:\n", indent, "", msg);
+  switch (choice->type) {
+  case ASIdentifierChoice_inherit:
+    BIO_printf(out, "%*sinherit\n", indent + 2, "");
+    break;
+  case ASIdentifierChoice_asIdsOrRanges:
+    for (i = 0; i < sk_ASIdOrRange_num(choice->u.asIdsOrRanges); i++) {
+      ASIdOrRange *aor = sk_ASIdOrRange_value(choice->u.asIdsOrRanges, i);
+      switch (aor->type) {
+      case ASIdOrRange_id:
+	if ((s = i2s_ASN1_INTEGER(NULL, aor->u.id)) == NULL)
+	  return 0;
+	BIO_printf(out, "%*s%s\n", indent + 2, "", s);
+	OPENSSL_free(s);
+	break;
+      case ASIdOrRange_range:
+	if ((s = i2s_ASN1_INTEGER(NULL, aor->u.range->min)) == NULL)
+	  return 0;
+	BIO_printf(out, "%*s%s-", indent + 2, "", s);
+	OPENSSL_free(s);
+	if ((s = i2s_ASN1_INTEGER(NULL, aor->u.range->max)) == NULL)
+	  return 0;
+	BIO_printf(out, "%s\n", s);
+	OPENSSL_free(s);
+	break;
+      default:
+	return 0;
+      }
+    }
+    break;
+  default:
+    return 0;
+  }
+  return 1;
+}
+
+/*
+ * i2r method for an ASIdentifier extension.
+ */
+static int i2r_ASIdentifiers(const X509V3_EXT_METHOD *method,
+			     void *ext,
+			     BIO *out,
+			     int indent)
+{
+  ASIdentifiers *asid = ext;
+  return (i2r_ASIdentifierChoice(out, asid->asnum, indent,
+				 "Autonomous System Numbers") &&
+	  i2r_ASIdentifierChoice(out, asid->rdi, indent,
+				 "Routing Domain Identifiers"));
+}
+
+/*
+ * Sort comparision function for a sequence of ASIdOrRange elements.
+ */
+static int ASIdOrRange_cmp(const ASIdOrRange * const *a_,
+			   const ASIdOrRange * const *b_)
+{
+  const ASIdOrRange *a = *a_, *b = *b_;
+
+  assert((a->type == ASIdOrRange_id && a->u.id != NULL) ||
+	 (a->type == ASIdOrRange_range && a->u.range != NULL &&
+	  a->u.range->min != NULL && a->u.range->max != NULL));
+
+  assert((b->type == ASIdOrRange_id && b->u.id != NULL) ||
+	 (b->type == ASIdOrRange_range && b->u.range != NULL &&
+	  b->u.range->min != NULL && b->u.range->max != NULL));
+
+  if (a->type == ASIdOrRange_id && b->type == ASIdOrRange_id)
+    return ASN1_INTEGER_cmp(a->u.id, b->u.id);
+
+  if (a->type == ASIdOrRange_range && b->type == ASIdOrRange_range) {
+    int r = ASN1_INTEGER_cmp(a->u.range->min, b->u.range->min);
+    return r != 0 ? r : ASN1_INTEGER_cmp(a->u.range->max, b->u.range->max);
+  }
+
+  if (a->type == ASIdOrRange_id)
+    return ASN1_INTEGER_cmp(a->u.id, b->u.range->min);
+  else
+    return ASN1_INTEGER_cmp(a->u.range->min, b->u.id);
+}
+
+/*
+ * Add an inherit element.
+ */
+int v3_asid_add_inherit(ASIdentifiers *asid, int which)
+{
+  ASIdentifierChoice **choice;
+  if (asid == NULL)
+    return 0;
+  switch (which) {
+  case V3_ASID_ASNUM:
+    choice = &asid->asnum;
+    break;
+  case V3_ASID_RDI:
+    choice = &asid->rdi;
+    break;
+  default:
+    return 0;
+  }
+  if (*choice == NULL) {
+    if ((*choice = ASIdentifierChoice_new()) == NULL)
+      return 0;
+    assert((*choice)->u.inherit == NULL);
+    if (((*choice)->u.inherit = ASN1_NULL_new()) == NULL)
+      return 0;
+    (*choice)->type = ASIdentifierChoice_inherit;
+  }
+  return (*choice)->type == ASIdentifierChoice_inherit;
+}
+
+/*
+ * Add an ID or range to an ASIdentifierChoice.
+ */
+int v3_asid_add_id_or_range(ASIdentifiers *asid,
+			    int which,
+			    ASN1_INTEGER *min,
+			    ASN1_INTEGER *max)
+{
+  ASIdentifierChoice **choice;
+  ASIdOrRange *aor;
+  if (asid == NULL)
+    return 0;
+  switch (which) {
+  case V3_ASID_ASNUM:
+    choice = &asid->asnum;
+    break;
+  case V3_ASID_RDI:
+    choice = &asid->rdi;
+    break;
+  default:
+    return 0;
+  }
+  if (*choice != NULL && (*choice)->type == ASIdentifierChoice_inherit)
+    return 0;
+  if (*choice == NULL) {
+    if ((*choice = ASIdentifierChoice_new()) == NULL)
+      return 0;
+    assert((*choice)->u.asIdsOrRanges == NULL);
+    (*choice)->u.asIdsOrRanges = sk_ASIdOrRange_new(ASIdOrRange_cmp);
+    if ((*choice)->u.asIdsOrRanges == NULL)
+      return 0;
+    (*choice)->type = ASIdentifierChoice_asIdsOrRanges;
+  }
+  if ((aor = ASIdOrRange_new()) == NULL)
+    return 0;
+  if (max == NULL) {
+    aor->type = ASIdOrRange_id;
+    aor->u.id = min;
+  } else {
+    aor->type = ASIdOrRange_range;
+    if ((aor->u.range = ASRange_new()) == NULL)
+      goto err;
+    ASN1_INTEGER_free(aor->u.range->min);
+    aor->u.range->min = min;
+    ASN1_INTEGER_free(aor->u.range->max);
+    aor->u.range->max = max;
+  }
+  if (!(sk_ASIdOrRange_push((*choice)->u.asIdsOrRanges, aor)))
+    goto err;
+  return 1;
+
+ err:
+  ASIdOrRange_free(aor);
+  return 0;
+}
+
+/*
+ * Extract min and max values from an ASIdOrRange.
+ */
+static void extract_min_max(ASIdOrRange *aor,
+			    ASN1_INTEGER **min,
+			    ASN1_INTEGER **max)
+{
+  assert(aor != NULL && min != NULL && max != NULL);
+  switch (aor->type) {
+  case ASIdOrRange_id:
+    *min = aor->u.id;
+    *max = aor->u.id;
+    return;
+  case ASIdOrRange_range:
+    *min = aor->u.range->min;
+    *max = aor->u.range->max;
+    return;
+  }
+}
+
+/*
+ * Check whether an ASIdentifierChoice is in canonical form.
+ */
+static int ASIdentifierChoice_is_canonical(ASIdentifierChoice *choice)
+{
+  ASN1_INTEGER *a_max_plus_one = NULL;
+  BIGNUM *bn = NULL;
+  int i, ret = 0;
+
+  /*
+   * Empty element or inheritance is canonical.
+   */
+  if (choice == NULL || choice->type == ASIdentifierChoice_inherit)
+    return 1;
+
+  /*
+   * If not a list, or if empty list, it's broken.
+   */
+  if (choice->type != ASIdentifierChoice_asIdsOrRanges ||
+      sk_ASIdOrRange_num(choice->u.asIdsOrRanges) == 0)
+    return 0;
+
+  /*
+   * It's a list, check it.
+   */
+  for (i = 0; i < sk_ASIdOrRange_num(choice->u.asIdsOrRanges) - 1; i++) {
+    ASIdOrRange *a = sk_ASIdOrRange_value(choice->u.asIdsOrRanges, i);
+    ASIdOrRange *b = sk_ASIdOrRange_value(choice->u.asIdsOrRanges, i + 1);
+    ASN1_INTEGER *a_min, *a_max, *b_min, *b_max;
+
+    extract_min_max(a, &a_min, &a_max);
+    extract_min_max(b, &b_min, &b_max);
+
+    /*
+     * Punt misordered list, overlapping start, or inverted range.
+     */
+    if (ASN1_INTEGER_cmp(a_min, b_min) >= 0 ||
+	ASN1_INTEGER_cmp(a_min, a_max) > 0 ||
+	ASN1_INTEGER_cmp(b_min, b_max) > 0)
+      goto done;
+
+    /*
+     * Calculate a_max + 1 to check for adjacency.
+     */
+    if ((bn == NULL && (bn = BN_new()) == NULL) ||
+	ASN1_INTEGER_to_BN(a_max, bn) == NULL ||
+	!BN_add_word(bn, 1) ||
+	(a_max_plus_one = BN_to_ASN1_INTEGER(bn, a_max_plus_one)) == NULL) {
+      X509V3err(X509V3_F_ASIDENTIFIERCHOICE_IS_CANONICAL,
+		ERR_R_MALLOC_FAILURE);
+      goto done;
+    }
+    
+    /*
+     * Punt if adjacent or overlapping.
+     */
+    if (ASN1_INTEGER_cmp(a_max_plus_one, b_min) >= 0)
+      goto done;
+  }
+
+  ret = 1;
+
+ done:
+  ASN1_INTEGER_free(a_max_plus_one);
+  BN_free(bn);
+  return ret;
+}
+
+/*
+ * Check whether an ASIdentifier extension is in canonical form.
+ */
+int v3_asid_is_canonical(ASIdentifiers *asid)
+{
+  return (asid == NULL ||
+	  (ASIdentifierChoice_is_canonical(asid->asnum) ||
+	   ASIdentifierChoice_is_canonical(asid->rdi)));
+}
+
+/*
+ * Whack an ASIdentifierChoice into canonical form.
+ */
+static int ASIdentifierChoice_canonize(ASIdentifierChoice *choice)
+{
+  ASN1_INTEGER *a_max_plus_one = NULL;
+  BIGNUM *bn = NULL;
+  int i, ret = 0;
+
+  /*
+   * Nothing to do for empty element or inheritance.
+   */
+  if (choice == NULL || choice->type == ASIdentifierChoice_inherit)
+    return 1;
+
+  /*
+   * We have a list.  Sort it.
+   */
+  assert(choice->type == ASIdentifierChoice_asIdsOrRanges);
+  sk_ASIdOrRange_sort(choice->u.asIdsOrRanges);
+
+  /*
+   * Now check for errors and suboptimal encoding, rejecting the
+   * former and fixing the latter.
+   */
+  for (i = 0; i < sk_ASIdOrRange_num(choice->u.asIdsOrRanges) - 1; i++) {
+    ASIdOrRange *a = sk_ASIdOrRange_value(choice->u.asIdsOrRanges, i);
+    ASIdOrRange *b = sk_ASIdOrRange_value(choice->u.asIdsOrRanges, i + 1);
+    ASN1_INTEGER *a_min, *a_max, *b_min, *b_max;
+
+    extract_min_max(a, &a_min, &a_max);
+    extract_min_max(b, &b_min, &b_max);
+
+    /*
+     * Make sure we're properly sorted (paranoia).
+     */
+    assert(ASN1_INTEGER_cmp(a_min, b_min) <= 0);
+
+    /*
+     * Check for overlaps.
+     */
+    if (ASN1_INTEGER_cmp(a_max, b_min) >= 0) {
+      X509V3err(X509V3_F_ASIDENTIFIERCHOICE_CANONIZE,
+		X509V3_R_EXTENSION_VALUE_ERROR);
+      goto done;
+    }
+
+    /*
+     * Calculate a_max + 1 to check for adjacency.
+     */
+    if ((bn == NULL && (bn = BN_new()) == NULL) ||
+	ASN1_INTEGER_to_BN(a_max, bn) == NULL ||
+	!BN_add_word(bn, 1) ||
+	(a_max_plus_one = BN_to_ASN1_INTEGER(bn, a_max_plus_one)) == NULL) {
+      X509V3err(X509V3_F_ASIDENTIFIERCHOICE_CANONIZE, ERR_R_MALLOC_FAILURE);
+      goto done;
+    }
+    
+    /*
+     * If a and b are adjacent, merge them.
+     */
+    if (ASN1_INTEGER_cmp(a_max_plus_one, b_min) == 0) {
+      ASRange *r;
+      switch (a->type) {
+      case ASIdOrRange_id:
+	if ((r = OPENSSL_malloc(sizeof(ASRange))) == NULL) {
+	  X509V3err(X509V3_F_ASIDENTIFIERCHOICE_CANONIZE,
+		    ERR_R_MALLOC_FAILURE);
+	  goto done;
+	}
+	r->min = a_min;
+	r->max = b_max;
+	a->type = ASIdOrRange_range;
+	a->u.range = r;
+	break;
+      case ASIdOrRange_range:
+	ASN1_INTEGER_free(a->u.range->max);
+	a->u.range->max = b_max;
+	break;
+      }
+      switch (b->type) {
+      case ASIdOrRange_id:
+	b->u.id = NULL;
+	break;
+      case ASIdOrRange_range:
+	b->u.range->max = NULL;
+	break;
+      }
+      ASIdOrRange_free(b);
+      sk_ASIdOrRange_delete(choice->u.asIdsOrRanges, i + 1);
+      i--;
+      continue;
+    }
+  }
+
+  assert(ASIdentifierChoice_is_canonical(choice)); /* Paranoia */
+
+  ret = 1;
+
+ done:
+  ASN1_INTEGER_free(a_max_plus_one);
+  BN_free(bn);
+  return ret;
+}
+
+/*
+ * Whack an ASIdentifier extension into canonical form.
+ */
+int v3_asid_canonize(ASIdentifiers *asid)
+{
+  return (asid == NULL ||
+	  (ASIdentifierChoice_canonize(asid->asnum) &&
+	   ASIdentifierChoice_canonize(asid->rdi)));
+}
+
+/*
+ * v2i method for an ASIdentifier extension.
+ */
+static void *v2i_ASIdentifiers(const struct v3_ext_method *method,
+			       struct v3_ext_ctx *ctx,
+			       STACK_OF(CONF_VALUE) *values)
+{
+  ASIdentifiers *asid = NULL;
+  int i;
+
+  if ((asid = ASIdentifiers_new()) == NULL) {
+    X509V3err(X509V3_F_V2I_ASIDENTIFIERS, ERR_R_MALLOC_FAILURE);
+    return NULL;
+  }
+
+  for (i = 0; i < sk_CONF_VALUE_num(values); i++) {
+    CONF_VALUE *val = sk_CONF_VALUE_value(values, i);
+    ASN1_INTEGER *min = NULL, *max = NULL;
+    int i1, i2, i3, is_range, which;
+
+    /*
+     * Figure out whether this is an AS or an RDI.
+     */
+    if (       !name_cmp(val->name, "AS")) {
+      which = V3_ASID_ASNUM;
+    } else if (!name_cmp(val->name, "RDI")) {
+      which = V3_ASID_RDI;
+    } else {
+      X509V3err(X509V3_F_V2I_ASIDENTIFIERS, X509V3_R_EXTENSION_NAME_ERROR);
+      X509V3_conf_err(val);
+      goto err;
+    }
+
+    /*
+     * Handle inheritance.
+     */
+    if (!strcmp(val->value, "inherit")) {
+      if (v3_asid_add_inherit(asid, which))
+	continue;
+      X509V3err(X509V3_F_V2I_ASIDENTIFIERS, X509V3_R_INVALID_INHERITANCE);
+      X509V3_conf_err(val);
+      goto err;
+    }
+
+    /*
+     * Number, range, or mistake, pick it apart and figure out which.
+     */
+    i1 = strspn(val->value, "0123456789");
+    if (val->value[i1] == '\0') {
+      is_range = 0;
+    } else {
+      is_range = 1;
+      i2 = i1 + strspn(val->value + i1, " \t");
+      if (val->value[i2] != '-') {
+	X509V3err(X509V3_F_V2I_ASIDENTIFIERS, X509V3_R_INVALID_ASNUMBER);
+	X509V3_conf_err(val);
+	goto err;
+      }
+      i2++;
+      i2 = i2 + strspn(val->value + i2, " \t");
+      i3 = i2 + strspn(val->value + i2, "0123456789");
+      if (val->value[i3] != '\0') {
+	X509V3err(X509V3_F_V2I_ASIDENTIFIERS, X509V3_R_INVALID_ASRANGE);
+	X509V3_conf_err(val);
+	goto err;
+      }
+    }
+
+    /*
+     * Syntax is ok, read and add it.
+     */
+    if (!is_range) {
+      if (!X509V3_get_value_int(val, &min)) {
+	X509V3err(X509V3_F_V2I_ASIDENTIFIERS, ERR_R_MALLOC_FAILURE);
+	goto err;
+      }
+    } else {
+      char *s = BUF_strdup(val->value);
+      if (s == NULL) {
+	X509V3err(X509V3_F_V2I_ASIDENTIFIERS, ERR_R_MALLOC_FAILURE);
+	goto err;
+      }
+      s[i1] = '\0';
+      min = s2i_ASN1_INTEGER(NULL, s);
+      max = s2i_ASN1_INTEGER(NULL, s + i2);
+      OPENSSL_free(s);
+      if (min == NULL || max == NULL) {
+	ASN1_INTEGER_free(min);
+	ASN1_INTEGER_free(max);
+	X509V3err(X509V3_F_V2I_ASIDENTIFIERS, ERR_R_MALLOC_FAILURE);
+	goto err;
+      }
+    }
+    if (!v3_asid_add_id_or_range(asid, which, min, max)) {
+      ASN1_INTEGER_free(min);
+      ASN1_INTEGER_free(max);
+      X509V3err(X509V3_F_V2I_ASIDENTIFIERS, ERR_R_MALLOC_FAILURE);
+      goto err;
+    }
+  }
+
+  /*
+   * Canonize the result, then we're done.
+   */
+  if (!v3_asid_canonize(asid))
+    goto err;
+  return asid;
+
+ err:
+  ASIdentifiers_free(asid);
+  return NULL;
+}
+
+/*
+ * OpenSSL dispatch.
+ */
+const X509V3_EXT_METHOD v3_asid = {
+  NID_sbgp_autonomousSysNum,	/* nid */
+  0,				/* flags */
+  ASN1_ITEM_ref(ASIdentifiers),	/* template */
+  0, 0, 0, 0,			/* old functions, ignored */
+  0,				/* i2s */
+  0,				/* s2i */
+  0,				/* i2v */
+  v2i_ASIdentifiers,		/* v2i */
+  i2r_ASIdentifiers,		/* i2r */
+  0,				/* r2i */
+  NULL				/* extension-specific data */
+};
+
+/*
+ * Figure out whether extension uses inheritance.
+ */
+int v3_asid_inherits(ASIdentifiers *asid)
+{
+  return (asid != NULL &&
+	  ((asid->asnum != NULL &&
+	    asid->asnum->type == ASIdentifierChoice_inherit) ||
+	   (asid->rdi != NULL &&
+	    asid->rdi->type == ASIdentifierChoice_inherit)));
+}
+
+/*
+ * Figure out whether parent contains child.
+ */
+static int asid_contains(ASIdOrRanges *parent, ASIdOrRanges *child)
+{
+  ASN1_INTEGER *p_min, *p_max, *c_min, *c_max;
+  int p, c;
+
+  if (child == NULL || parent == child)
+    return 1;
+  if (parent == NULL)
+    return 0;
+
+  p = 0;
+  for (c = 0; c < sk_ASIdOrRange_num(child); c++) {
+    extract_min_max(sk_ASIdOrRange_value(child, c), &c_min, &c_max);
+    for (;; p++) {
+      if (p >= sk_ASIdOrRange_num(parent))
+	return 0;
+      extract_min_max(sk_ASIdOrRange_value(parent, p), &p_min, &p_max);
+      if (ASN1_INTEGER_cmp(p_max, c_max) < 0)
+	continue;
+      if (ASN1_INTEGER_cmp(p_min, c_min) > 0)
+	return 0;
+      break;
+    }
+  }
+
+  return 1;
+}
+
+/*
+ * Test whether a is a subet of b.
+ */
+int v3_asid_subset(ASIdentifiers *a, ASIdentifiers *b)
+{
+  return (a == NULL ||
+	  a == b ||
+	  (b != NULL &&
+	   !v3_asid_inherits(a) &&
+	   !v3_asid_inherits(b) &&
+	   asid_contains(b->asnum->u.asIdsOrRanges,
+			 a->asnum->u.asIdsOrRanges) &&
+	   asid_contains(b->rdi->u.asIdsOrRanges,
+			 a->rdi->u.asIdsOrRanges)));
+}
+
+/*
+ * Validation error handling via callback.
+ */
+#define validation_err(_err_)		\
+  do {					\
+    if (ctx != NULL) {			\
+      ctx->error = _err_;		\
+      ctx->error_depth = i;		\
+      ctx->current_cert = x;		\
+      ret = ctx->verify_cb(0, ctx);	\
+    } else {				\
+      ret = 0;				\
+    }					\
+    if (!ret)				\
+      goto done;			\
+  } while (0)
+
+/*
+ * Core code for RFC 3779 3.3 path validation.
+ */
+static int v3_asid_validate_path_internal(X509_STORE_CTX *ctx,
+					  STACK_OF(X509) *chain,
+					  ASIdentifiers *ext)
+{
+  ASIdOrRanges *child_as = NULL, *child_rdi = NULL;
+  int i, ret = 1, inherit_as = 0, inherit_rdi = 0;
+  X509 *x;
+
+  assert(chain != NULL && sk_X509_num(chain) > 0);
+  assert(ctx != NULL || ext != NULL);
+  assert(ctx == NULL || ctx->verify_cb != NULL);
+
+  /*
+   * Figure out where to start.  If we don't have an extension to
+   * check, we're done.  Otherwise, check canonical form and
+   * set up for walking up the chain.
+   */
+  if (ext != NULL) {
+    i = -1;
+    x = NULL;
+  } else {
+    i = 0;
+    x = sk_X509_value(chain, i);
+    assert(x != NULL);
+    if ((ext = x->rfc3779_asid) == NULL)
+      goto done;
+  }
+  if (!v3_asid_is_canonical(ext))
+    validation_err(X509_V_ERR_INVALID_EXTENSION);
+  if (ext->asnum != NULL)  {
+    switch (ext->asnum->type) {
+    case ASIdentifierChoice_inherit:
+      inherit_as = 1;
+      break;
+    case ASIdentifierChoice_asIdsOrRanges:
+      child_as = ext->asnum->u.asIdsOrRanges;
+      break;
+    }
+  }
+  if (ext->rdi != NULL) {
+    switch (ext->rdi->type) {
+    case ASIdentifierChoice_inherit:
+      inherit_rdi = 1;
+      break;
+    case ASIdentifierChoice_asIdsOrRanges:
+      child_rdi = ext->rdi->u.asIdsOrRanges;
+      break;
+    }
+  }
+
+  /*
+   * Now walk up the chain.  Extensions must be in canonical form, no
+   * cert may list resources that its parent doesn't list.
+   */
+  for (i++; i < sk_X509_num(chain); i++) {
+    x = sk_X509_value(chain, i);
+    assert(x != NULL);
+    if (x->rfc3779_asid == NULL) {
+      if (child_as != NULL || child_rdi != NULL)
+	validation_err(X509_V_ERR_UNNESTED_RESOURCE);
+      continue;
+    }
+    if (!v3_asid_is_canonical(x->rfc3779_asid))
+      validation_err(X509_V_ERR_INVALID_EXTENSION);
+    if (x->rfc3779_asid->asnum == NULL && child_as != NULL) {
+      validation_err(X509_V_ERR_UNNESTED_RESOURCE);
+      child_as = NULL;
+      inherit_as = 0;
+    }
+    if (x->rfc3779_asid->asnum != NULL &&
+	x->rfc3779_asid->asnum->type == ASIdentifierChoice_asIdsOrRanges) {
+      if (inherit_as ||
+	  asid_contains(x->rfc3779_asid->asnum->u.asIdsOrRanges, child_as)) {
+	child_as = x->rfc3779_asid->asnum->u.asIdsOrRanges;
+	inherit_as = 0;
+      } else {
+	validation_err(X509_V_ERR_UNNESTED_RESOURCE);
+      }
+    }
+    if (x->rfc3779_asid->rdi == NULL && child_rdi != NULL) {
+      validation_err(X509_V_ERR_UNNESTED_RESOURCE);
+      child_rdi = NULL;
+      inherit_rdi = 0;
+    }
+    if (x->rfc3779_asid->rdi != NULL &&
+	x->rfc3779_asid->rdi->type == ASIdentifierChoice_asIdsOrRanges) {
+      if (inherit_rdi ||
+	  asid_contains(x->rfc3779_asid->rdi->u.asIdsOrRanges, child_rdi)) {
+	child_rdi = x->rfc3779_asid->rdi->u.asIdsOrRanges;
+	inherit_rdi = 0;
+      } else {
+	validation_err(X509_V_ERR_UNNESTED_RESOURCE);
+      }
+    }
+  }
+
+  /*
+   * Trust anchor can't inherit.
+   */
+  assert(x != NULL);
+  if (x->rfc3779_asid != NULL) {
+    if (x->rfc3779_asid->asnum != NULL &&
+	x->rfc3779_asid->asnum->type == ASIdentifierChoice_inherit)
+      validation_err(X509_V_ERR_UNNESTED_RESOURCE);
+    if (x->rfc3779_asid->rdi != NULL &&
+	x->rfc3779_asid->rdi->type == ASIdentifierChoice_inherit)
+      validation_err(X509_V_ERR_UNNESTED_RESOURCE);
+  }
+
+ done:
+  return ret;
+}
+
+#undef validation_err
+
+/*
+ * RFC 3779 3.3 path validation -- called from X509_verify_cert().
+ */
+int v3_asid_validate_path(X509_STORE_CTX *ctx)
+{
+  return v3_asid_validate_path_internal(ctx, ctx->chain, NULL);
+}
+
+/*
+ * RFC 3779 3.3 path validation of an extension.
+ * Test whether chain covers extension.
+ */
+int v3_asid_validate_resource_set(STACK_OF(X509) *chain,
+				  ASIdentifiers *ext,
+				  int allow_inheritance)
+{
+  if (ext == NULL)
+    return 1;
+  if (chain == NULL || sk_X509_num(chain) == 0)
+    return 0;
+  if (!allow_inheritance && v3_asid_inherits(ext))
+    return 0;
+  return v3_asid_validate_path_internal(NULL, chain, ext);
+}
+
+#endif /* OPENSSL_NO_RFC3779 */
diff --git a/crypto/x509v3/v3_bcons.c b/crypto/x509v3/v3_bcons.c
index cbb012715e..82aa488f75 100644
--- a/crypto/x509v3/v3_bcons.c
+++ b/crypto/x509v3/v3_bcons.c
@@ -1,5 +1,5 @@
 /* v3_bcons.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
 /* ====================================================================
@@ -67,7 +67,7 @@
 static STACK_OF(CONF_VALUE) *i2v_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method, BASIC_CONSTRAINTS *bcons, STACK_OF(CONF_VALUE) *extlist);
 static BASIC_CONSTRAINTS *v2i_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *values);
 
-X509V3_EXT_METHOD v3_bcons = {
+const X509V3_EXT_METHOD v3_bcons = {
 NID_basic_constraints, 0,
 ASN1_ITEM_ref(BASIC_CONSTRAINTS),
 0,0,0,0,
diff --git a/crypto/x509v3/v3_bitst.c b/crypto/x509v3/v3_bitst.c
index 170c8d280b..058d0d4dce 100644
--- a/crypto/x509v3/v3_bitst.c
+++ b/crypto/x509v3/v3_bitst.c
@@ -1,5 +1,5 @@
 /* v3_bitst.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
 /* ====================================================================
@@ -88,8 +88,8 @@ static BIT_STRING_BITNAME key_usage_type_table[] = {
 
 
 
-X509V3_EXT_METHOD v3_nscert = EXT_BITSTRING(NID_netscape_cert_type, ns_cert_type_table);
-X509V3_EXT_METHOD v3_key_usage = EXT_BITSTRING(NID_key_usage, key_usage_type_table);
+const X509V3_EXT_METHOD v3_nscert = EXT_BITSTRING(NID_netscape_cert_type, ns_cert_type_table);
+const X509V3_EXT_METHOD v3_key_usage = EXT_BITSTRING(NID_key_usage, key_usage_type_table);
 
 STACK_OF(CONF_VALUE) *i2v_ASN1_BIT_STRING(X509V3_EXT_METHOD *method,
 	     ASN1_BIT_STRING *bits, STACK_OF(CONF_VALUE) *ret)
diff --git a/crypto/x509v3/v3_conf.c b/crypto/x509v3/v3_conf.c
index 9a89e43330..6730f9a6ee 100644
--- a/crypto/x509v3/v3_conf.c
+++ b/crypto/x509v3/v3_conf.c
@@ -1,5 +1,5 @@
 /* v3_conf.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
 /* ====================================================================
@@ -72,14 +72,14 @@ static X509_EXTENSION *do_ext_nconf(CONF *conf, X509V3_CTX *ctx, int ext_nid, in
 static X509_EXTENSION *v3_generic_extension(const char *ext, char *value, int crit, int type, X509V3_CTX *ctx);
 static char *conf_lhash_get_string(void *db, char *section, char *value);
 static STACK_OF(CONF_VALUE) *conf_lhash_get_section(void *db, char *section);
-static X509_EXTENSION *do_ext_i2d(X509V3_EXT_METHOD *method, int ext_nid,
-						 int crit, void *ext_struc);
+static X509_EXTENSION *do_ext_i2d(const X509V3_EXT_METHOD *method, int ext_nid,
+				  int crit, void *ext_struc);
 static unsigned char *generic_asn1(char *value, X509V3_CTX *ctx, long *ext_len);
 /* CONF *conf:  Config file    */
 /* char *name:  Name    */
 /* char *value:  Value    */
 X509_EXTENSION *X509V3_EXT_nconf(CONF *conf, X509V3_CTX *ctx, char *name,
-	     char *value)
+				 char *value)
 	{
 	int crit;
 	int ext_type;
@@ -90,7 +90,7 @@ X509_EXTENSION *X509V3_EXT_nconf(CONF *conf, X509V3_CTX *ctx, char *name,
 	ret = do_ext_nconf(conf, ctx, OBJ_sn2nid(name), crit, value);
 	if (!ret)
 		{
-		X509V3err(X509V3_F_X509V3_EXT_CONF,X509V3_R_ERROR_IN_EXTENSION);
+		X509V3err(X509V3_F_X509V3_EXT_NCONF,X509V3_R_ERROR_IN_EXTENSION);
 		ERR_add_error_data(4,"name=", name, ", value=", value);
 		}
 	return ret;
@@ -99,7 +99,7 @@ X509_EXTENSION *X509V3_EXT_nconf(CONF *conf, X509V3_CTX *ctx, char *name,
 /* CONF *conf:  Config file    */
 /* char *value:  Value    */
 X509_EXTENSION *X509V3_EXT_nconf_nid(CONF *conf, X509V3_CTX *ctx, int ext_nid,
-	     char *value)
+				     char *value)
 	{
 	int crit;
 	int ext_type;
@@ -113,20 +113,20 @@ X509_EXTENSION *X509V3_EXT_nconf_nid(CONF *conf, X509V3_CTX *ctx, int ext_nid,
 /* CONF *conf:  Config file    */
 /* char *value:  Value    */
 static X509_EXTENSION *do_ext_nconf(CONF *conf, X509V3_CTX *ctx, int ext_nid,
-	     int crit, char *value)
+				    int crit, char *value)
 	{
-	X509V3_EXT_METHOD *method;
+	const X509V3_EXT_METHOD *method;
 	X509_EXTENSION *ext;
 	STACK_OF(CONF_VALUE) *nval;
 	void *ext_struc;
 	if (ext_nid == NID_undef)
 		{
-		X509V3err(X509V3_F_DO_EXT_CONF,X509V3_R_UNKNOWN_EXTENSION_NAME);
+		X509V3err(X509V3_F_DO_EXT_NCONF,X509V3_R_UNKNOWN_EXTENSION_NAME);
 		return NULL;
 		}
 	if (!(method = X509V3_EXT_get_nid(ext_nid)))
 		{
-		X509V3err(X509V3_F_DO_EXT_CONF,X509V3_R_UNKNOWN_EXTENSION);
+		X509V3err(X509V3_F_DO_EXT_NCONF,X509V3_R_UNKNOWN_EXTENSION);
 		return NULL;
 		}
 	/* Now get internal extension representation based on type */
@@ -136,7 +136,7 @@ static X509_EXTENSION *do_ext_nconf(CONF *conf, X509V3_CTX *ctx, int ext_nid,
 		else nval = X509V3_parse_list(value);
 		if(sk_CONF_VALUE_num(nval) <= 0)
 			{
-			X509V3err(X509V3_F_X509V3_EXT_CONF,X509V3_R_INVALID_EXTENSION_STRING);
+			X509V3err(X509V3_F_DO_EXT_NCONF,X509V3_R_INVALID_EXTENSION_STRING);
 			ERR_add_error_data(4, "name=", OBJ_nid2sn(ext_nid), ",section=", value);
 			return NULL;
 			}
@@ -153,14 +153,14 @@ static X509_EXTENSION *do_ext_nconf(CONF *conf, X509V3_CTX *ctx, int ext_nid,
 		{
 		if(!ctx->db || !ctx->db_meth)
 			{
-			X509V3err(X509V3_F_X509V3_EXT_CONF,X509V3_R_NO_CONFIG_DATABASE);
+			X509V3err(X509V3_F_DO_EXT_NCONF,X509V3_R_NO_CONFIG_DATABASE);
 			return NULL;
 			}
 		if(!(ext_struc = method->r2i(method, ctx, value))) return NULL;
 		}
 	else
 		{
-		X509V3err(X509V3_F_X509V3_EXT_CONF,X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED);
+		X509V3err(X509V3_F_DO_EXT_NCONF,X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED);
 		ERR_add_error_data(2, "name=", OBJ_nid2sn(ext_nid));
 		return NULL;
 		}
@@ -172,8 +172,8 @@ static X509_EXTENSION *do_ext_nconf(CONF *conf, X509V3_CTX *ctx, int ext_nid,
 
 	}
 
-static X509_EXTENSION *do_ext_i2d(X509V3_EXT_METHOD *method, int ext_nid,
-						 int crit, void *ext_struc)
+static X509_EXTENSION *do_ext_i2d(const X509V3_EXT_METHOD *method, int ext_nid,
+				  int crit, void *ext_struc)
 	{
 	unsigned char *ext_der;
 	int ext_len;
@@ -214,7 +214,7 @@ static X509_EXTENSION *do_ext_i2d(X509V3_EXT_METHOD *method, int ext_nid,
 
 X509_EXTENSION *X509V3_EXT_i2d(int ext_nid, int crit, void *ext_struc)
 	{
-	X509V3_EXT_METHOD *method;
+	const X509V3_EXT_METHOD *method;
 	if (!(method = X509V3_EXT_get_nid(ext_nid))) {
 		X509V3err(X509V3_F_X509V3_EXT_I2D,X509V3_R_UNKNOWN_EXTENSION);
 		return NULL;
@@ -258,7 +258,8 @@ static int v3_check_generic(char **value)
 
 /* Create a generic extension: for now just handle DER type */
 static X509_EXTENSION *v3_generic_extension(const char *ext, char *value,
-	     int crit, int gen_type, X509V3_CTX *ctx)
+					    int crit, int gen_type,
+					    X509V3_CTX *ctx)
 	{
 	unsigned char *ext_der=NULL;
 	long ext_len;
@@ -322,7 +323,7 @@ static unsigned char *generic_asn1(char *value, X509V3_CTX *ctx, long *ext_len)
 
 
 int X509V3_EXT_add_nconf_sk(CONF *conf, X509V3_CTX *ctx, char *section,
-	     STACK_OF(X509_EXTENSION) **sk)
+			    STACK_OF(X509_EXTENSION) **sk)
 	{
 	X509_EXTENSION *ext;
 	STACK_OF(CONF_VALUE) *nval;
@@ -343,7 +344,7 @@ int X509V3_EXT_add_nconf_sk(CONF *conf, X509V3_CTX *ctx, char *section,
 /* Convenience functions to add extensions to a certificate, CRL and request */
 
 int X509V3_EXT_add_nconf(CONF *conf, X509V3_CTX *ctx, char *section,
-	     X509 *cert)
+			 X509 *cert)
 	{
 	STACK_OF(X509_EXTENSION) **sk = NULL;
 	if (cert)
@@ -354,7 +355,7 @@ int X509V3_EXT_add_nconf(CONF *conf, X509V3_CTX *ctx, char *section,
 /* Same as above but for a CRL */
 
 int X509V3_EXT_CRL_add_nconf(CONF *conf, X509V3_CTX *ctx, char *section,
-	     X509_CRL *crl)
+			     X509_CRL *crl)
 	{
 	STACK_OF(X509_EXTENSION) **sk = NULL;
 	if (crl)
@@ -443,7 +444,7 @@ void X509V3_set_nconf(X509V3_CTX *ctx, CONF *conf)
 	}
 
 void X509V3_set_ctx(X509V3_CTX *ctx, X509 *issuer, X509 *subj, X509_REQ *req,
-	     X509_CRL *crl, int flags)
+		    X509_CRL *crl, int flags)
 	{
 	ctx->issuer_cert = issuer;
 	ctx->subject_cert = subj;
@@ -454,8 +455,8 @@ void X509V3_set_ctx(X509V3_CTX *ctx, X509 *issuer, X509 *subj, X509_REQ *req,
 
 /* Old conf compatibility functions */
 
-X509_EXTENSION *X509V3_EXT_conf(LHASH *conf, X509V3_CTX *ctx, char *name,
-	     char *value)
+X509_EXTENSION *X509V3_EXT_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
+				char *name, char *value)
 	{
 	CONF ctmp;
 	CONF_set_nconf(&ctmp, conf);
@@ -464,8 +465,8 @@ X509_EXTENSION *X509V3_EXT_conf(LHASH *conf, X509V3_CTX *ctx, char *name,
 
 /* LHASH *conf:  Config file    */
 /* char *value:  Value    */
-X509_EXTENSION *X509V3_EXT_conf_nid(LHASH *conf, X509V3_CTX *ctx, int ext_nid,
-	     char *value)
+X509_EXTENSION *X509V3_EXT_conf_nid(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
+				    int ext_nid, char *value)
 	{
 	CONF ctmp;
 	CONF_set_nconf(&ctmp, conf);
@@ -489,14 +490,14 @@ NULL,
 NULL
 };
 
-void X509V3_set_conf_lhash(X509V3_CTX *ctx, LHASH *lhash)
+void X509V3_set_conf_lhash(X509V3_CTX *ctx, LHASH_OF(CONF_VALUE) *lhash)
 	{
 	ctx->db_meth = &conf_lhash_method;
 	ctx->db = lhash;
 	}
 
-int X509V3_EXT_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section,
-	     X509 *cert)
+int X509V3_EXT_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
+			char *section, X509 *cert)
 	{
 	CONF ctmp;
 	CONF_set_nconf(&ctmp, conf);
@@ -505,8 +506,8 @@ int X509V3_EXT_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section,
 
 /* Same as above but for a CRL */
 
-int X509V3_EXT_CRL_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section,
-	     X509_CRL *crl)
+int X509V3_EXT_CRL_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
+			    char *section, X509_CRL *crl)
 	{
 	CONF ctmp;
 	CONF_set_nconf(&ctmp, conf);
@@ -515,8 +516,8 @@ int X509V3_EXT_CRL_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section,
 
 /* Add extensions to certificate request */
 
-int X509V3_EXT_REQ_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section,
-	     X509_REQ *req)
+int X509V3_EXT_REQ_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
+			    char *section, X509_REQ *req)
 	{
 	CONF ctmp;
 	CONF_set_nconf(&ctmp, conf);
diff --git a/crypto/x509v3/v3_cpols.c b/crypto/x509v3/v3_cpols.c
index 62b34e1f99..1f0798b946 100644
--- a/crypto/x509v3/v3_cpols.c
+++ b/crypto/x509v3/v3_cpols.c
@@ -1,5 +1,5 @@
 /* v3_cpols.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
 /* ====================================================================
@@ -77,7 +77,7 @@ static POLICYQUALINFO *notice_section(X509V3_CTX *ctx,
 					STACK_OF(CONF_VALUE) *unot, int ia5org);
 static int nref_nos(STACK_OF(ASN1_INTEGER) *nnums, STACK_OF(CONF_VALUE) *nos);
 
-X509V3_EXT_METHOD v3_cpols = {
+const X509V3_EXT_METHOD v3_cpols = {
 NID_certificate_policies, 0,ASN1_ITEM_ref(CERTIFICATEPOLICIES),
 0,0,0,0,
 0,0,
@@ -139,7 +139,15 @@ static STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method,
 	CONF_VALUE *cnf;
 	int i, ia5org;
 	pols = sk_POLICYINFO_new_null();
+	if (pols == NULL) {
+		X509V3err(X509V3_F_R2I_CERTPOL, ERR_R_MALLOC_FAILURE);
+		return NULL;
+	}
 	vals =  X509V3_parse_list(value);
+	if (vals == NULL) {
+		X509V3err(X509V3_F_R2I_CERTPOL, ERR_R_X509V3_LIB);
+		goto err;
+	}
 	ia5org = 0;
 	for(i = 0; i < sk_CONF_VALUE_num(vals); i++) {
 		cnf = sk_CONF_VALUE_value(vals, i);
@@ -173,11 +181,16 @@ static STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method,
 			pol = POLICYINFO_new();
 			pol->policyid = pobj;
 		}
-		sk_POLICYINFO_push(pols, pol);
+		if (!sk_POLICYINFO_push(pols, pol)){
+			POLICYINFO_free(pol);
+			X509V3err(X509V3_F_R2I_CERTPOL, ERR_R_MALLOC_FAILURE);
+			goto err;
+		}
 	}
 	sk_CONF_VALUE_pop_free(vals, X509V3_conf_free);
 	return pols;
 	err:
+	sk_CONF_VALUE_pop_free(vals, X509V3_conf_free);
 	sk_POLICYINFO_pop_free(pols, POLICYINFO_free);
 	return NULL;
 }
@@ -341,7 +354,7 @@ static int nref_nos(STACK_OF(ASN1_INTEGER) *nnums, STACK_OF(CONF_VALUE) *nos)
 	return 1;
 
 	merr:
-	X509V3err(X509V3_F_NOTICE_SECTION,ERR_R_MALLOC_FAILURE);
+	X509V3err(X509V3_F_NREF_NOS,ERR_R_MALLOC_FAILURE);
 
 	err:
 	sk_ASN1_INTEGER_pop_free(nnums, ASN1_STRING_free);
@@ -437,4 +450,8 @@ void X509_POLICY_NODE_print(BIO *out, X509_POLICY_NODE *node, int indent)
 	else
 		BIO_printf(out, "%*sNo Qualifiers\n", indent + 2, "");
 	}
-	
+
+
+IMPLEMENT_STACK_OF(X509_POLICY_NODE)
+IMPLEMENT_STACK_OF(X509_POLICY_DATA)
+
diff --git a/crypto/x509v3/v3_crld.c b/crypto/x509v3/v3_crld.c
index f90829c574..790a6dd032 100644
--- a/crypto/x509v3/v3_crld.c
+++ b/crypto/x509v3/v3_crld.c
@@ -1,9 +1,9 @@
 /* v3_crld.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
 /* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2008 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -63,45 +63,254 @@
 #include <openssl/asn1t.h>
 #include <openssl/x509v3.h>
 
-static STACK_OF(CONF_VALUE) *i2v_crld(X509V3_EXT_METHOD *method,
-		STACK_OF(DIST_POINT) *crld, STACK_OF(CONF_VALUE) *extlist);
-static STACK_OF(DIST_POINT) *v2i_crld(X509V3_EXT_METHOD *method,
-				X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
-
-X509V3_EXT_METHOD v3_crld = {
-NID_crl_distribution_points, X509V3_EXT_MULTILINE, ASN1_ITEM_ref(CRL_DIST_POINTS),
-0,0,0,0,
-0,0,
-(X509V3_EXT_I2V)i2v_crld,
-(X509V3_EXT_V2I)v2i_crld,
-0,0,
-NULL
+static void *v2i_crld(const X509V3_EXT_METHOD *method,
+		      X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
+static int i2r_crldp(const X509V3_EXT_METHOD *method, void *pcrldp, BIO *out,
+		     int indent);
+
+const X509V3_EXT_METHOD v3_crld =
+	{
+	NID_crl_distribution_points, 0, ASN1_ITEM_ref(CRL_DIST_POINTS),
+	0,0,0,0,
+	0,0,
+	0,
+	v2i_crld,
+	i2r_crldp,0,
+	NULL
+	};
+
+const X509V3_EXT_METHOD v3_freshest_crl =
+	{
+	NID_freshest_crl, 0, ASN1_ITEM_ref(CRL_DIST_POINTS),
+	0,0,0,0,
+	0,0,
+	0,
+	v2i_crld,
+	i2r_crldp,0,
+	NULL
+	};
+
+static STACK_OF(GENERAL_NAME) *gnames_from_sectname(X509V3_CTX *ctx, char *sect)
+	{
+	STACK_OF(CONF_VALUE) *gnsect;
+	STACK_OF(GENERAL_NAME) *gens;
+	if (*sect == '@')
+		gnsect = X509V3_get_section(ctx, sect + 1);
+	else
+		gnsect = X509V3_parse_list(sect);
+	if (!gnsect)
+		{
+		X509V3err(X509V3_F_GNAMES_FROM_SECTNAME,
+						X509V3_R_SECTION_NOT_FOUND);
+		return NULL;
+		}
+	gens = v2i_GENERAL_NAMES(NULL, ctx, gnsect);
+	if (*sect == '@')
+		X509V3_section_free(ctx, gnsect);
+	else
+		sk_CONF_VALUE_pop_free(gnsect, X509V3_conf_free);
+	return gens;
+	}
+
+static int set_dist_point_name(DIST_POINT_NAME **pdp, X509V3_CTX *ctx,
+							CONF_VALUE *cnf)
+	{
+	STACK_OF(GENERAL_NAME) *fnm = NULL;
+	STACK_OF(X509_NAME_ENTRY) *rnm = NULL;
+	if (!strncmp(cnf->name, "fullname", 9))
+		{
+		fnm = gnames_from_sectname(ctx, cnf->value);
+		if (!fnm)
+			goto err;
+		}
+	else if (!strcmp(cnf->name, "relativename"))
+		{
+		int ret;
+		STACK_OF(CONF_VALUE) *dnsect;
+		X509_NAME *nm;
+		nm = X509_NAME_new();
+		if (!nm)
+			return -1;
+		dnsect = X509V3_get_section(ctx, cnf->value);
+		if (!dnsect)
+			{
+			X509V3err(X509V3_F_SET_DIST_POINT_NAME,
+						X509V3_R_SECTION_NOT_FOUND);
+			return -1;
+			}
+		ret = X509V3_NAME_from_section(nm, dnsect, MBSTRING_ASC);
+		X509V3_section_free(ctx, dnsect);
+		rnm = nm->entries;
+		nm->entries = NULL;
+		X509_NAME_free(nm);
+		if (!ret || sk_X509_NAME_ENTRY_num(rnm) <= 0)
+			goto err;
+		/* Since its a name fragment can't have more than one
+		 * RDNSequence
+		 */
+		if (sk_X509_NAME_ENTRY_value(rnm,
+				sk_X509_NAME_ENTRY_num(rnm) - 1)->set)
+			{
+			X509V3err(X509V3_F_SET_DIST_POINT_NAME,
+						X509V3_R_INVALID_MULTIPLE_RDNS);
+			goto err;
+			}
+		}
+	else
+		return 0;
+
+	if (*pdp)
+		{
+		X509V3err(X509V3_F_SET_DIST_POINT_NAME,
+						X509V3_R_DISTPOINT_ALREADY_SET);
+		goto err;
+		}
+
+	*pdp = DIST_POINT_NAME_new();
+	if (!*pdp)
+		goto err;
+	if (fnm)
+		{
+		(*pdp)->type = 0;
+		(*pdp)->name.fullname = fnm;
+		}
+	else
+		{
+		(*pdp)->type = 1;
+		(*pdp)->name.relativename = rnm;
+		}
+
+	return 1;
+		
+	err:
+	if (fnm)
+		sk_GENERAL_NAME_pop_free(fnm, GENERAL_NAME_free);
+	if (rnm)
+		sk_X509_NAME_ENTRY_pop_free(rnm, X509_NAME_ENTRY_free);
+	return -1;
+	}
+
+static const BIT_STRING_BITNAME reason_flags[] = {
+{0, "Unused", "unused"},
+{1, "Key Compromise", "keyCompromise"},
+{2, "CA Compromise", "CACompromise"},
+{3, "Affiliation Changed", "affiliationChanged"},
+{4, "Superseded", "superseded"},
+{5, "Cessation Of Operation", "cessationOfOperation"},
+{6, "Certificate Hold", "certificateHold"},
+{7, "Privilege Withdrawn", "privilegeWithdrawn"},
+{8, "AA Compromise", "AACompromise"},
+{-1, NULL, NULL}
 };
 
-static STACK_OF(CONF_VALUE) *i2v_crld(X509V3_EXT_METHOD *method,
-			STACK_OF(DIST_POINT) *crld, STACK_OF(CONF_VALUE) *exts)
-{
-	DIST_POINT *point;
+static int set_reasons(ASN1_BIT_STRING **preas, char *value)
+	{
+	STACK_OF(CONF_VALUE) *rsk = NULL;
+	const BIT_STRING_BITNAME *pbn;
+	const char *bnam;
+	int i, ret = 0;
+	rsk = X509V3_parse_list(value);
+	if (!rsk)
+		return 0;
+	if (*preas)
+		return 0;
+	for (i = 0; i < sk_CONF_VALUE_num(rsk); i++)
+		{
+		bnam = sk_CONF_VALUE_value(rsk, i)->name;
+		if (!*preas)
+			{
+			*preas = ASN1_BIT_STRING_new();
+			if (!*preas)
+				goto err;
+			}
+		for (pbn = reason_flags; pbn->lname; pbn++)
+			{
+			if (!strcmp(pbn->sname, bnam))
+				{
+				if (!ASN1_BIT_STRING_set_bit(*preas,
+							pbn->bitnum, 1))
+					goto err;
+				break;
+				}
+			}
+		if (!pbn->lname)
+			goto err;
+		}
+	ret = 1;
+
+	err:
+	sk_CONF_VALUE_pop_free(rsk, X509V3_conf_free);
+	return ret;
+	}
+
+static int print_reasons(BIO *out, const char *rname,
+			ASN1_BIT_STRING *rflags, int indent)
+	{
+	int first = 1;
+	const BIT_STRING_BITNAME *pbn;
+	BIO_printf(out, "%*s%s:\n%*s", indent, "", rname, indent + 2, "");
+	for (pbn = reason_flags; pbn->lname; pbn++)
+		{
+		if (ASN1_BIT_STRING_get_bit(rflags, pbn->bitnum))
+			{
+			if (first)
+				first = 0;
+			else
+				BIO_puts(out, ", ");
+			BIO_puts(out, pbn->lname);
+			}
+		}
+	if (first)
+		BIO_puts(out, "<EMPTY>\n");
+	else
+		BIO_puts(out, "\n");
+	return 1;
+	}
+
+static DIST_POINT *crldp_from_section(X509V3_CTX *ctx,
+						STACK_OF(CONF_VALUE) *nval)
+	{
 	int i;
-	for(i = 0; i < sk_DIST_POINT_num(crld); i++) {
-		point = sk_DIST_POINT_value(crld, i);
-		if(point->distpoint) {
-			if(point->distpoint->type == 0)
-				exts = i2v_GENERAL_NAMES(NULL,
-					 point->distpoint->name.fullname, exts);
-		        else X509V3_add_value("RelativeName","<UNSUPPORTED>", &exts);
+	CONF_VALUE *cnf;
+	DIST_POINT *point = NULL;
+	point = DIST_POINT_new();
+	if (!point)
+		goto err;
+	for(i = 0; i < sk_CONF_VALUE_num(nval); i++)
+		{
+		int ret;
+		cnf = sk_CONF_VALUE_value(nval, i);
+		ret = set_dist_point_name(&point->distpoint, ctx, cnf);
+		if (ret > 0)
+			continue;
+		if (ret < 0)
+			goto err;
+		if (!strcmp(cnf->name, "reasons"))
+			{
+			if (!set_reasons(&point->reasons, cnf->value))
+				goto err;
+			}
+		else if (!strcmp(cnf->name, "CRLissuer"))
+			{
+			point->CRLissuer =
+				gnames_from_sectname(ctx, cnf->value);
+			if (!point->CRLissuer)
+				goto err;
+			}
 		}
-		if(point->reasons) 
-			X509V3_add_value("reasons","<UNSUPPORTED>", &exts);
-		if(point->CRLissuer)
-			X509V3_add_value("CRLissuer","<UNSUPPORTED>", &exts);
+
+	return point;
+			
+
+	err:
+	if (point)
+		DIST_POINT_free(point);
+	return NULL;
 	}
-	return exts;
-}
 
-static STACK_OF(DIST_POINT) *v2i_crld(X509V3_EXT_METHOD *method,
-				X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
-{
+static void *v2i_crld(const X509V3_EXT_METHOD *method,
+		      X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
+	{
 	STACK_OF(DIST_POINT) *crld = NULL;
 	GENERAL_NAMES *gens = NULL;
 	GENERAL_NAME *gen = NULL;
@@ -111,19 +320,44 @@ static STACK_OF(DIST_POINT) *v2i_crld(X509V3_EXT_METHOD *method,
 	for(i = 0; i < sk_CONF_VALUE_num(nval); i++) {
 		DIST_POINT *point;
 		cnf = sk_CONF_VALUE_value(nval, i);
-		if(!(gen = v2i_GENERAL_NAME(method, ctx, cnf))) goto err; 
-		if(!(gens = GENERAL_NAMES_new())) goto merr;
-		if(!sk_GENERAL_NAME_push(gens, gen)) goto merr;
-		gen = NULL;
-		if(!(point = DIST_POINT_new())) goto merr;
-		if(!sk_DIST_POINT_push(crld, point)) {
-			DIST_POINT_free(point);
-			goto merr;
-		}
-		if(!(point->distpoint = DIST_POINT_NAME_new())) goto merr;
-		point->distpoint->name.fullname = gens;
-		point->distpoint->type = 0;
-		gens = NULL;
+		if (!cnf->value)
+			{
+			STACK_OF(CONF_VALUE) *dpsect;
+			dpsect = X509V3_get_section(ctx, cnf->name);
+			if (!dpsect)
+				goto err;
+			point = crldp_from_section(ctx, dpsect);
+			X509V3_section_free(ctx, dpsect);
+			if (!point)
+				goto err;
+			if(!sk_DIST_POINT_push(crld, point))
+				{
+				DIST_POINT_free(point);
+				goto merr;
+				}
+			}
+		else
+			{
+			if(!(gen = v2i_GENERAL_NAME(method, ctx, cnf)))
+				goto err; 
+			if(!(gens = GENERAL_NAMES_new()))
+				goto merr;
+			if(!sk_GENERAL_NAME_push(gens, gen))
+				goto merr;
+			gen = NULL;
+			if(!(point = DIST_POINT_new()))
+				goto merr;
+			if(!sk_DIST_POINT_push(crld, point))
+				{
+				DIST_POINT_free(point);
+				goto merr;
+				}
+			if(!(point->distpoint = DIST_POINT_NAME_new()))
+				goto merr;
+			point->distpoint->name.fullname = gens;
+			point->distpoint->type = 0;
+			gens = NULL;
+			}
 	}
 	return crld;
 
@@ -139,11 +373,31 @@ static STACK_OF(DIST_POINT) *v2i_crld(X509V3_EXT_METHOD *method,
 IMPLEMENT_STACK_OF(DIST_POINT)
 IMPLEMENT_ASN1_SET_OF(DIST_POINT)
 
+static int dpn_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
+								void *exarg)
+	{
+	DIST_POINT_NAME *dpn = (DIST_POINT_NAME *)*pval;
+
+	switch(operation)
+		{
+		case ASN1_OP_NEW_POST:
+		dpn->dpname = NULL;
+		break;
+
+		case ASN1_OP_FREE_POST:
+		if (dpn->dpname)
+			X509_NAME_free(dpn->dpname);
+		break;
+		}
+	return 1;
+	}
+
 
-ASN1_CHOICE(DIST_POINT_NAME) = {
+ASN1_CHOICE_cb(DIST_POINT_NAME, dpn_cb) = {
 	ASN1_IMP_SEQUENCE_OF(DIST_POINT_NAME, name.fullname, GENERAL_NAME, 0),
 	ASN1_IMP_SET_OF(DIST_POINT_NAME, name.relativename, X509_NAME_ENTRY, 1)
-} ASN1_CHOICE_END(DIST_POINT_NAME)
+} ASN1_CHOICE_END_cb(DIST_POINT_NAME, DIST_POINT_NAME, type)
+
 
 IMPLEMENT_ASN1_FUNCTIONS(DIST_POINT_NAME)
 
@@ -160,3 +414,203 @@ ASN1_ITEM_TEMPLATE(CRL_DIST_POINTS) =
 ASN1_ITEM_TEMPLATE_END(CRL_DIST_POINTS)
 
 IMPLEMENT_ASN1_FUNCTIONS(CRL_DIST_POINTS)
+
+ASN1_SEQUENCE(ISSUING_DIST_POINT) = {
+	ASN1_EXP_OPT(ISSUING_DIST_POINT, distpoint, DIST_POINT_NAME, 0),
+	ASN1_IMP_OPT(ISSUING_DIST_POINT, onlyuser, ASN1_FBOOLEAN, 1),
+	ASN1_IMP_OPT(ISSUING_DIST_POINT, onlyCA, ASN1_FBOOLEAN, 2),
+	ASN1_IMP_OPT(ISSUING_DIST_POINT, onlysomereasons, ASN1_BIT_STRING, 3),
+	ASN1_IMP_OPT(ISSUING_DIST_POINT, indirectCRL, ASN1_FBOOLEAN, 4),
+	ASN1_IMP_OPT(ISSUING_DIST_POINT, onlyattr, ASN1_FBOOLEAN, 5)
+} ASN1_SEQUENCE_END(ISSUING_DIST_POINT)
+
+IMPLEMENT_ASN1_FUNCTIONS(ISSUING_DIST_POINT)
+
+static int i2r_idp(const X509V3_EXT_METHOD *method, void *pidp, BIO *out,
+		   int indent);
+static void *v2i_idp(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
+		     STACK_OF(CONF_VALUE) *nval);
+
+const X509V3_EXT_METHOD v3_idp =
+	{
+	NID_issuing_distribution_point, X509V3_EXT_MULTILINE,
+	ASN1_ITEM_ref(ISSUING_DIST_POINT),
+	0,0,0,0,
+	0,0,
+	0,
+	v2i_idp,
+	i2r_idp,0,
+	NULL
+	};
+
+static void *v2i_idp(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
+		     STACK_OF(CONF_VALUE) *nval)
+	{
+	ISSUING_DIST_POINT *idp = NULL;
+	CONF_VALUE *cnf;
+	char *name, *val;
+	int i, ret;
+	idp = ISSUING_DIST_POINT_new();
+	if (!idp)
+		goto merr;
+	for(i = 0; i < sk_CONF_VALUE_num(nval); i++)
+		{
+		cnf = sk_CONF_VALUE_value(nval, i);
+		name = cnf->name;
+		val = cnf->value;
+		ret = set_dist_point_name(&idp->distpoint, ctx, cnf);
+		if (ret > 0)
+			continue;
+		if (ret < 0)
+			goto err;
+		if (!strcmp(name, "onlyuser"))
+			{
+			if (!X509V3_get_value_bool(cnf, &idp->onlyuser))
+				goto err;
+			}
+		else if (!strcmp(name, "onlyCA"))
+			{
+			if (!X509V3_get_value_bool(cnf, &idp->onlyCA))
+				goto err;
+			}
+		else if (!strcmp(name, "onlyAA"))
+			{
+			if (!X509V3_get_value_bool(cnf, &idp->onlyattr))
+				goto err;
+			}
+		else if (!strcmp(name, "indirectCRL"))
+			{
+			if (!X509V3_get_value_bool(cnf, &idp->indirectCRL))
+				goto err;
+			}
+		else if (!strcmp(name, "onlysomereasons"))
+			{
+			if (!set_reasons(&idp->onlysomereasons, val))
+				goto err;
+			}
+		else
+			{
+                        X509V3err(X509V3_F_V2I_IDP, X509V3_R_INVALID_NAME);
+                        X509V3_conf_err(cnf);
+                        goto err;
+			}
+		}
+	return idp;
+
+	merr:
+	X509V3err(X509V3_F_V2I_IDP,ERR_R_MALLOC_FAILURE);
+	err:
+	ISSUING_DIST_POINT_free(idp);
+	return NULL;
+	}
+
+static int print_gens(BIO *out, STACK_OF(GENERAL_NAME) *gens, int indent)
+	{
+	int i;
+	for (i = 0; i < sk_GENERAL_NAME_num(gens); i++)
+		{
+		BIO_printf(out, "%*s", indent + 2, "");
+		GENERAL_NAME_print(out, sk_GENERAL_NAME_value(gens, i));
+		BIO_puts(out, "\n");
+		}
+	return 1;
+	}
+
+static int print_distpoint(BIO *out, DIST_POINT_NAME *dpn, int indent)
+	{
+	if (dpn->type == 0)
+		{
+		BIO_printf(out, "%*sFull Name:\n", indent, "");
+		print_gens(out, dpn->name.fullname, indent);
+		}
+	else
+		{
+		X509_NAME ntmp;
+		ntmp.entries = dpn->name.relativename;
+		BIO_printf(out, "%*sRelative Name:\n%*s",
+						indent, "", indent + 2, "");
+		X509_NAME_print_ex(out, &ntmp, 0, XN_FLAG_ONELINE);
+		BIO_puts(out, "\n");
+		}
+	return 1;
+	}
+
+static int i2r_idp(const X509V3_EXT_METHOD *method, void *pidp, BIO *out,
+		   int indent)
+	{
+	ISSUING_DIST_POINT *idp = pidp;
+	if (idp->distpoint)
+		print_distpoint(out, idp->distpoint, indent);
+	if (idp->onlyuser > 0)
+		BIO_printf(out, "%*sOnly User Certificates\n", indent, "");
+	if (idp->onlyCA > 0)
+		BIO_printf(out, "%*sOnly CA Certificates\n", indent, "");
+	if (idp->indirectCRL > 0)
+		BIO_printf(out, "%*sIndirect CRL\n", indent, "");
+	if (idp->onlysomereasons)
+		print_reasons(out, "Only Some Reasons", 
+				idp->onlysomereasons, indent);
+	if (idp->onlyattr > 0)
+		BIO_printf(out, "%*sOnly Attribute Certificates\n", indent, "");
+	if (!idp->distpoint && (idp->onlyuser <= 0) && (idp->onlyCA <= 0)
+		&& (idp->indirectCRL <= 0) && !idp->onlysomereasons
+		&& (idp->onlyattr <= 0))
+		BIO_printf(out, "%*s<EMPTY>\n", indent, "");
+		
+	return 1;
+	}
+
+static int i2r_crldp(const X509V3_EXT_METHOD *method, void *pcrldp, BIO *out,
+		     int indent)
+	{
+	STACK_OF(DIST_POINT) *crld = pcrldp;
+	DIST_POINT *point;
+	int i;
+	for(i = 0; i < sk_DIST_POINT_num(crld); i++)
+		{
+		BIO_puts(out, "\n");
+		point = sk_DIST_POINT_value(crld, i);
+		if(point->distpoint)
+			print_distpoint(out, point->distpoint, indent);
+		if(point->reasons) 
+			print_reasons(out, "Reasons", point->reasons,
+								indent);
+		if(point->CRLissuer)
+			{
+			BIO_printf(out, "%*sCRL Issuer:\n", indent, "");
+			print_gens(out, point->CRLissuer, indent);
+			}
+		}
+	return 1;
+	}
+
+int DIST_POINT_set_dpname(DIST_POINT_NAME *dpn, X509_NAME *iname)
+	{
+	int i;
+	STACK_OF(X509_NAME_ENTRY) *frag;
+	X509_NAME_ENTRY *ne;
+	if (!dpn || (dpn->type != 1))
+		return 1;
+	frag = dpn->name.relativename;
+	dpn->dpname = X509_NAME_dup(iname);
+	if (!dpn->dpname)
+		return 0;
+	for (i = 0; i < sk_X509_NAME_ENTRY_num(frag); i++)
+		{
+		ne = sk_X509_NAME_ENTRY_value(frag, i);
+		if (!X509_NAME_add_entry(dpn->dpname, ne, -1, i ? 0 : 1))
+			{
+			X509_NAME_free(dpn->dpname);
+			dpn->dpname = NULL;
+			return 0;
+			}
+		}
+	/* generate cached encoding of name */
+	if (i2d_X509_NAME(dpn->dpname, NULL) < 0)
+		{
+		X509_NAME_free(dpn->dpname);
+		dpn->dpname = NULL;
+		return 0;
+		}
+	return 1;
+	}
diff --git a/crypto/x509v3/v3_enum.c b/crypto/x509v3/v3_enum.c
index 010c9d6260..c0575e368d 100644
--- a/crypto/x509v3/v3_enum.c
+++ b/crypto/x509v3/v3_enum.c
@@ -1,5 +1,5 @@
 /* v3_enum.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
 /* ====================================================================
@@ -61,18 +61,21 @@
 #include <openssl/x509v3.h>
 
 static ENUMERATED_NAMES crl_reasons[] = {
-{0, "Unspecified", "unspecified"},
-{1, "Key Compromise", "keyCompromise"},
-{2, "CA Compromise", "CACompromise"},
-{3, "Affiliation Changed", "affiliationChanged"},
-{4, "Superseded", "superseded"},
-{5, "Cessation Of Operation", "cessationOfOperation"},
-{6, "Certificate Hold", "certificateHold"},
-{8, "Remove From CRL", "removeFromCRL"},
+{CRL_REASON_UNSPECIFIED, 	 "Unspecified", "unspecified"},
+{CRL_REASON_KEY_COMPROMISE,	 "Key Compromise", "keyCompromise"},
+{CRL_REASON_CA_COMPROMISE,	 "CA Compromise", "CACompromise"},
+{CRL_REASON_AFFILIATION_CHANGED, "Affiliation Changed", "affiliationChanged"},
+{CRL_REASON_SUPERSEDED, 	 "Superseded", "superseded"},
+{CRL_REASON_CESSATION_OF_OPERATION,
+			"Cessation Of Operation", "cessationOfOperation"},
+{CRL_REASON_CERTIFICATE_HOLD,	 "Certificate Hold", "certificateHold"},
+{CRL_REASON_REMOVE_FROM_CRL,	 "Remove From CRL", "removeFromCRL"},
+{CRL_REASON_PRIVILEGE_WITHDRAWN, "Privilege Withdrawn", "privilegeWithdrawn"},
+{CRL_REASON_AA_COMPROMISE,	 "AA Compromise", "AACompromise"},
 {-1, NULL, NULL}
 };
 
-X509V3_EXT_METHOD v3_crl_reason = { 
+const X509V3_EXT_METHOD v3_crl_reason = { 
 NID_crl_reason, 0, ASN1_ITEM_ref(ASN1_ENUMERATED),
 0,0,0,0,
 (X509V3_EXT_I2S)i2s_ASN1_ENUMERATED_TABLE,
diff --git a/crypto/x509v3/v3_extku.c b/crypto/x509v3/v3_extku.c
index b1cfaba1aa..1c66532757 100644
--- a/crypto/x509v3/v3_extku.c
+++ b/crypto/x509v3/v3_extku.c
@@ -1,5 +1,5 @@
 /* v3_extku.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
 /* ====================================================================
@@ -63,12 +63,13 @@
 #include <openssl/conf.h>
 #include <openssl/x509v3.h>
 
-static void *v2i_EXTENDED_KEY_USAGE(X509V3_EXT_METHOD *method,
-				X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
-static STACK_OF(CONF_VALUE) *i2v_EXTENDED_KEY_USAGE(X509V3_EXT_METHOD *method,
+static void *v2i_EXTENDED_KEY_USAGE(const X509V3_EXT_METHOD *method,
+				    X509V3_CTX *ctx,
+				    STACK_OF(CONF_VALUE) *nval);
+static STACK_OF(CONF_VALUE) *i2v_EXTENDED_KEY_USAGE(const X509V3_EXT_METHOD *method,
 		void *eku, STACK_OF(CONF_VALUE) *extlist);
 
-X509V3_EXT_METHOD v3_ext_ku = {
+const X509V3_EXT_METHOD v3_ext_ku = {
 	NID_ext_key_usage, 0,
 	ASN1_ITEM_ref(EXTENDED_KEY_USAGE),
 	0,0,0,0,
@@ -80,7 +81,7 @@ X509V3_EXT_METHOD v3_ext_ku = {
 };
 
 /* NB OCSP acceptable responses also is a SEQUENCE OF OBJECT */
-X509V3_EXT_METHOD v3_ocsp_accresp = {
+const X509V3_EXT_METHOD v3_ocsp_accresp = {
 	NID_id_pkix_OCSP_acceptableResponses, 0,
 	ASN1_ITEM_ref(EXTENDED_KEY_USAGE),
 	0,0,0,0,
@@ -97,8 +98,9 @@ ASN1_ITEM_TEMPLATE_END(EXTENDED_KEY_USAGE)
 
 IMPLEMENT_ASN1_FUNCTIONS(EXTENDED_KEY_USAGE)
 
-static STACK_OF(CONF_VALUE) *i2v_EXTENDED_KEY_USAGE(X509V3_EXT_METHOD *method,
-		void *a, STACK_OF(CONF_VALUE) *ext_list)
+static STACK_OF(CONF_VALUE) *
+  i2v_EXTENDED_KEY_USAGE(const X509V3_EXT_METHOD *method, void *a,
+			 STACK_OF(CONF_VALUE) *ext_list)
 {
 	EXTENDED_KEY_USAGE *eku = a;
 	int i;
@@ -112,8 +114,8 @@ static STACK_OF(CONF_VALUE) *i2v_EXTENDED_KEY_USAGE(X509V3_EXT_METHOD *method,
 	return ext_list;
 }
 
-static void *v2i_EXTENDED_KEY_USAGE(X509V3_EXT_METHOD *method,
-				X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
+static void *v2i_EXTENDED_KEY_USAGE(const X509V3_EXT_METHOD *method,
+				    X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
 {
 	EXTENDED_KEY_USAGE *extku;
 	char *extval;
@@ -122,7 +124,7 @@ static void *v2i_EXTENDED_KEY_USAGE(X509V3_EXT_METHOD *method,
 	int i;
 
 	if(!(extku = sk_ASN1_OBJECT_new_null())) {
-		X509V3err(X509V3_F_V2I_EXT_KU,ERR_R_MALLOC_FAILURE);
+		X509V3err(X509V3_F_V2I_EXTENDED_KEY_USAGE,ERR_R_MALLOC_FAILURE);
 		return NULL;
 	}
 
@@ -132,7 +134,7 @@ static void *v2i_EXTENDED_KEY_USAGE(X509V3_EXT_METHOD *method,
 		else extval = val->name;
 		if(!(objtmp = OBJ_txt2obj(extval, 0))) {
 			sk_ASN1_OBJECT_pop_free(extku, ASN1_OBJECT_free);
-			X509V3err(X509V3_F_V2I_EXT_KU,X509V3_R_INVALID_OBJECT_IDENTIFIER);
+			X509V3err(X509V3_F_V2I_EXTENDED_KEY_USAGE,X509V3_R_INVALID_OBJECT_IDENTIFIER);
 			X509V3_conf_err(val);
 			return NULL;
 		}
diff --git a/crypto/x509v3/v3_genn.c b/crypto/x509v3/v3_genn.c
index 650b510980..b628357301 100644
--- a/crypto/x509v3/v3_genn.c
+++ b/crypto/x509v3/v3_genn.c
@@ -1,9 +1,9 @@
 /* v3_genn.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
 /* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2008 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -99,3 +99,154 @@ ASN1_ITEM_TEMPLATE(GENERAL_NAMES) =
 ASN1_ITEM_TEMPLATE_END(GENERAL_NAMES)
 
 IMPLEMENT_ASN1_FUNCTIONS(GENERAL_NAMES)
+
+GENERAL_NAME *GENERAL_NAME_dup(GENERAL_NAME *a)
+	{
+	return (GENERAL_NAME *) ASN1_dup((i2d_of_void *) i2d_GENERAL_NAME,
+					 (d2i_of_void *) d2i_GENERAL_NAME,
+					 (char *) a);
+	}
+
+/* Returns 0 if they are equal, != 0 otherwise. */
+int GENERAL_NAME_cmp(GENERAL_NAME *a, GENERAL_NAME *b)
+	{
+	int result = -1;
+
+	if (!a || !b || a->type != b->type) return -1;
+	switch(a->type)
+		{
+	case GEN_X400:
+	case GEN_EDIPARTY:
+		result = ASN1_TYPE_cmp(a->d.other, b->d.other);
+		break;
+
+	case GEN_OTHERNAME:
+		result = OTHERNAME_cmp(a->d.otherName, b->d.otherName);
+		break;
+
+	case GEN_EMAIL:
+	case GEN_DNS:
+	case GEN_URI:
+		result = ASN1_STRING_cmp(a->d.ia5, b->d.ia5);
+		break;
+
+	case GEN_DIRNAME:
+		result = X509_NAME_cmp(a->d.dirn, b->d.dirn);
+		break;
+
+	case GEN_IPADD:
+		result = ASN1_OCTET_STRING_cmp(a->d.ip, b->d.ip);
+		break;
+	
+	case GEN_RID:
+		result = OBJ_cmp(a->d.rid, b->d.rid);
+		break;
+		}
+	return result;
+	}
+
+/* Returns 0 if they are equal, != 0 otherwise. */
+int OTHERNAME_cmp(OTHERNAME *a, OTHERNAME *b)
+	{
+	int result = -1;
+
+	if (!a || !b) return -1;
+	/* Check their type first. */
+	if ((result = OBJ_cmp(a->type_id, b->type_id)) != 0)
+		return result;
+	/* Check the value. */
+	result = ASN1_TYPE_cmp(a->value, b->value);
+	return result;
+	}
+
+void GENERAL_NAME_set0_value(GENERAL_NAME *a, int type, void *value)
+	{
+	switch(type)
+		{
+	case GEN_X400:
+	case GEN_EDIPARTY:
+		a->d.other = value;
+		break;
+
+	case GEN_OTHERNAME:
+		a->d.otherName = value;
+		break;
+
+	case GEN_EMAIL:
+	case GEN_DNS:
+	case GEN_URI:
+		a->d.ia5 = value;
+		break;
+
+	case GEN_DIRNAME:
+		a->d.dirn = value;
+		break;
+
+	case GEN_IPADD:
+		a->d.ip = value;
+		break;
+	
+	case GEN_RID:
+		a->d.rid = value;
+		break;
+		}
+	a->type = type;
+	}
+
+void *GENERAL_NAME_get0_value(GENERAL_NAME *a, int *ptype)
+	{
+	if (ptype)
+		*ptype = a->type;
+	switch(a->type)
+		{
+	case GEN_X400:
+	case GEN_EDIPARTY:
+		return a->d.other;
+
+	case GEN_OTHERNAME:
+		return a->d.otherName;
+
+	case GEN_EMAIL:
+	case GEN_DNS:
+	case GEN_URI:
+		return a->d.ia5;
+
+	case GEN_DIRNAME:
+		return a->d.dirn;
+
+	case GEN_IPADD:
+		return a->d.ip;
+	
+	case GEN_RID:
+		return a->d.rid;
+
+	default:
+		return NULL;
+		}
+	}
+
+int GENERAL_NAME_set0_othername(GENERAL_NAME *gen,
+				ASN1_OBJECT *oid, ASN1_TYPE *value)
+	{
+	OTHERNAME *oth;
+	oth = OTHERNAME_new();
+	if (!oth)
+		return 0;
+	oth->type_id = oid;
+	oth->value = value;
+	GENERAL_NAME_set0_value(gen, GEN_OTHERNAME, oth);
+	return 1;
+	}
+
+int GENERAL_NAME_get0_otherName(GENERAL_NAME *gen, 
+				ASN1_OBJECT **poid, ASN1_TYPE **pvalue)
+	{
+	if (gen->type != GEN_OTHERNAME)
+		return 0;
+	if (poid)
+		*poid = gen->d.otherName->type_id;
+	if (pvalue)
+		*pvalue = gen->d.otherName->value;
+	return 1;
+	}
+
diff --git a/crypto/x509v3/v3_ia5.c b/crypto/x509v3/v3_ia5.c
index 9683afa47c..4ff12b52b5 100644
--- a/crypto/x509v3/v3_ia5.c
+++ b/crypto/x509v3/v3_ia5.c
@@ -1,5 +1,5 @@
 /* v3_ia5.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
 /* ====================================================================
@@ -65,7 +65,7 @@
 
 static char *i2s_ASN1_IA5STRING(X509V3_EXT_METHOD *method, ASN1_IA5STRING *ia5);
 static ASN1_IA5STRING *s2i_ASN1_IA5STRING(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str);
-X509V3_EXT_METHOD v3_ns_ia5_list[] = { 
+const X509V3_EXT_METHOD v3_ns_ia5_list[] = { 
 EXT_IA5STRING(NID_netscape_base_url),
 EXT_IA5STRING(NID_netscape_revocation_url),
 EXT_IA5STRING(NID_netscape_ca_revocation_url),
diff --git a/crypto/x509v3/v3_info.c b/crypto/x509v3/v3_info.c
index b46ff13613..e1b8699f92 100644
--- a/crypto/x509v3/v3_info.c
+++ b/crypto/x509v3/v3_info.c
@@ -1,5 +1,5 @@
 /* v3_info.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
 /* ====================================================================
@@ -69,7 +69,7 @@ static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method
 static AUTHORITY_INFO_ACCESS *v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method,
 				 X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
 
-X509V3_EXT_METHOD v3_info =
+const X509V3_EXT_METHOD v3_info =
 { NID_info_access, X509V3_EXT_MULTILINE, ASN1_ITEM_ref(AUTHORITY_INFO_ACCESS),
 0,0,0,0,
 0,0,
@@ -78,7 +78,7 @@ X509V3_EXT_METHOD v3_info =
 0,0,
 NULL};
 
-X509V3_EXT_METHOD v3_sinfo =
+const X509V3_EXT_METHOD v3_sinfo =
 { NID_sinfo_access, X509V3_EXT_MULTILINE, ASN1_ITEM_ref(AUTHORITY_INFO_ACCESS),
 0,0,0,0,
 0,0,
@@ -141,19 +141,19 @@ static AUTHORITY_INFO_ACCESS *v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *metho
 	int i, objlen;
 	char *objtmp, *ptmp;
 	if(!(ainfo = sk_ACCESS_DESCRIPTION_new_null())) {
-		X509V3err(X509V3_F_V2I_ACCESS_DESCRIPTION,ERR_R_MALLOC_FAILURE);
+		X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,ERR_R_MALLOC_FAILURE);
 		return NULL;
 	}
 	for(i = 0; i < sk_CONF_VALUE_num(nval); i++) {
 		cnf = sk_CONF_VALUE_value(nval, i);
 		if(!(acc = ACCESS_DESCRIPTION_new())
 			|| !sk_ACCESS_DESCRIPTION_push(ainfo, acc)) {
-			X509V3err(X509V3_F_V2I_ACCESS_DESCRIPTION,ERR_R_MALLOC_FAILURE);
+			X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,ERR_R_MALLOC_FAILURE);
 			goto err;
 		}
 		ptmp = strchr(cnf->name, ';');
 		if(!ptmp) {
-			X509V3err(X509V3_F_V2I_ACCESS_DESCRIPTION,X509V3_R_INVALID_SYNTAX);
+			X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,X509V3_R_INVALID_SYNTAX);
 			goto err;
 		}
 		objlen = ptmp - cnf->name;
@@ -162,14 +162,14 @@ static AUTHORITY_INFO_ACCESS *v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *metho
 		if(!v2i_GENERAL_NAME_ex(acc->location, method, ctx, &ctmp, 0))
 								 goto err; 
 		if(!(objtmp = OPENSSL_malloc(objlen + 1))) {
-			X509V3err(X509V3_F_V2I_ACCESS_DESCRIPTION,ERR_R_MALLOC_FAILURE);
+			X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,ERR_R_MALLOC_FAILURE);
 			goto err;
 		}
 		strncpy(objtmp, cnf->name, objlen);
 		objtmp[objlen] = 0;
 		acc->method = OBJ_txt2obj(objtmp, 0);
 		if(!acc->method) {
-			X509V3err(X509V3_F_V2I_ACCESS_DESCRIPTION,X509V3_R_BAD_OBJECT);
+			X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,X509V3_R_BAD_OBJECT);
 			ERR_add_error_data(2, "value=", objtmp);
 			OPENSSL_free(objtmp);
 			goto err;
diff --git a/crypto/x509v3/v3_int.c b/crypto/x509v3/v3_int.c
index 85e79c05ca..4bfd14cf46 100644
--- a/crypto/x509v3/v3_int.c
+++ b/crypto/x509v3/v3_int.c
@@ -1,5 +1,5 @@
 /* v3_int.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
 /* ====================================================================
@@ -60,14 +60,14 @@
 #include "cryptlib.h"
 #include <openssl/x509v3.h>
 
-X509V3_EXT_METHOD v3_crl_num = { 
+const X509V3_EXT_METHOD v3_crl_num = { 
 	NID_crl_number, 0, ASN1_ITEM_ref(ASN1_INTEGER),
 	0,0,0,0,
 	(X509V3_EXT_I2S)i2s_ASN1_INTEGER,
 	0,
 	0,0,0,0, NULL};
 
-X509V3_EXT_METHOD v3_delta_crl = { 
+const X509V3_EXT_METHOD v3_delta_crl = { 
 	NID_delta_crl, 0, ASN1_ITEM_ref(ASN1_INTEGER),
 	0,0,0,0,
 	(X509V3_EXT_I2S)i2s_ASN1_INTEGER,
@@ -79,7 +79,7 @@ static void * s2i_asn1_int(X509V3_EXT_METHOD *meth, X509V3_CTX *ctx, char *value
 	return s2i_ASN1_INTEGER(meth, value);
 	}
 
-X509V3_EXT_METHOD v3_inhibit_anyp = { 
+const X509V3_EXT_METHOD v3_inhibit_anyp = { 
 	NID_inhibit_any_policy, 0, ASN1_ITEM_ref(ASN1_INTEGER),
 	0,0,0,0,
 	(X509V3_EXT_I2S)i2s_ASN1_INTEGER,
diff --git a/crypto/x509v3/v3_lib.c b/crypto/x509v3/v3_lib.c
index 04d99b333a..0f1e1d4422 100644
--- a/crypto/x509v3/v3_lib.c
+++ b/crypto/x509v3/v3_lib.c
@@ -1,5 +1,5 @@
 /* v3_lib.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
 /* ====================================================================
@@ -84,20 +84,24 @@ int X509V3_EXT_add(X509V3_EXT_METHOD *ext)
 }
 
 static int ext_cmp(const X509V3_EXT_METHOD * const *a,
-		const X509V3_EXT_METHOD * const *b)
+		   const X509V3_EXT_METHOD * const *b)
 {
 	return ((*a)->ext_nid - (*b)->ext_nid);
 }
 
-X509V3_EXT_METHOD *X509V3_EXT_get_nid(int nid)
+DECLARE_OBJ_BSEARCH_CMP_FN(const X509V3_EXT_METHOD *, const X509V3_EXT_METHOD *,
+			   ext);
+IMPLEMENT_OBJ_BSEARCH_CMP_FN(const X509V3_EXT_METHOD *,
+			     const X509V3_EXT_METHOD *, ext);
+
+const X509V3_EXT_METHOD *X509V3_EXT_get_nid(int nid)
 {
-	X509V3_EXT_METHOD tmp, *t = &tmp, **ret;
+	X509V3_EXT_METHOD tmp;
+	const X509V3_EXT_METHOD *t = &tmp, * const *ret;
 	int idx;
 	if(nid < 0) return NULL;
 	tmp.ext_nid = nid;
-	ret = (X509V3_EXT_METHOD **) OBJ_bsearch((char *)&t,
-			(char *)standard_exts, STANDARD_EXTENSION_COUNT,
-			sizeof(X509V3_EXT_METHOD *), (int (*)(const void *, const void *))ext_cmp);
+	ret = OBJ_bsearch_ext(&t, standard_exts, STANDARD_EXTENSION_COUNT);
 	if(ret) return *ret;
 	if(!ext_list) return NULL;
 	idx = sk_X509V3_EXT_METHOD_find(ext_list, &tmp);
@@ -105,7 +109,7 @@ X509V3_EXT_METHOD *X509V3_EXT_get_nid(int nid)
 	return sk_X509V3_EXT_METHOD_value(ext_list, idx);
 }
 
-X509V3_EXT_METHOD *X509V3_EXT_get(X509_EXTENSION *ext)
+const X509V3_EXT_METHOD *X509V3_EXT_get(X509_EXTENSION *ext)
 {
 	int nid;
 	if((nid = OBJ_obj2nid(ext->object)) == NID_undef) return NULL;
@@ -122,7 +126,9 @@ int X509V3_EXT_add_list(X509V3_EXT_METHOD *extlist)
 
 int X509V3_EXT_add_alias(int nid_to, int nid_from)
 {
-	X509V3_EXT_METHOD *ext, *tmpext;
+	const X509V3_EXT_METHOD *ext;
+	X509V3_EXT_METHOD *tmpext;
+
 	if(!(ext = X509V3_EXT_get_nid(nid_from))) {
 		X509V3err(X509V3_F_X509V3_EXT_ADD_ALIAS,X509V3_R_EXTENSION_NOT_FOUND);
 		return 0;
@@ -161,7 +167,7 @@ int X509V3_add_standard_extensions(void)
 
 void *X509V3_EXT_d2i(X509_EXTENSION *ext)
 {
-	X509V3_EXT_METHOD *method;
+	const X509V3_EXT_METHOD *method;
 	const unsigned char *p;
 
 	if(!(method = X509V3_EXT_get(ext))) return NULL;
@@ -277,7 +283,7 @@ int X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x, int nid, void *value,
 	ext = X509V3_EXT_i2d(nid, crit, value);
 
 	if(!ext) {
-		X509V3err(X509V3_F_X509V3_ADD_I2D, X509V3_R_ERROR_CREATING_EXTENSION);
+		X509V3err(X509V3_F_X509V3_ADD1_I2D, X509V3_R_ERROR_CREATING_EXTENSION);
 		return 0;
 	}
 
@@ -296,7 +302,7 @@ int X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x, int nid, void *value,
 
 	err:
 	if(!(flags & X509V3_ADD_SILENT))
-		X509V3err(X509V3_F_X509V3_ADD_I2D, errcode);
+		X509V3err(X509V3_F_X509V3_ADD1_I2D, errcode);
 	return 0;
 }
 
diff --git a/crypto/x509v3/v3_ncons.c b/crypto/x509v3/v3_ncons.c
index 5fded6910e..689df46acd 100644
--- a/crypto/x509v3/v3_ncons.c
+++ b/crypto/x509v3/v3_ncons.c
@@ -1,5 +1,5 @@
 /* v3_ncons.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project.
  */
 /* ====================================================================
@@ -63,16 +63,23 @@
 #include <openssl/conf.h>
 #include <openssl/x509v3.h>
 
-static void *v2i_NAME_CONSTRAINTS(X509V3_EXT_METHOD *method,
-				X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
-static int i2r_NAME_CONSTRAINTS(X509V3_EXT_METHOD *method, 
+static void *v2i_NAME_CONSTRAINTS(const X509V3_EXT_METHOD *method,
+				  X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
+static int i2r_NAME_CONSTRAINTS(const X509V3_EXT_METHOD *method, 
 				void *a, BIO *bp, int ind);
-static int do_i2r_name_constraints(X509V3_EXT_METHOD *method,
-				STACK_OF(GENERAL_SUBTREE) *trees,
-					BIO *bp, int ind, char *name);
+static int do_i2r_name_constraints(const X509V3_EXT_METHOD *method,
+				   STACK_OF(GENERAL_SUBTREE) *trees,
+				   BIO *bp, int ind, char *name);
 static int print_nc_ipadd(BIO *bp, ASN1_OCTET_STRING *ip);
 
-X509V3_EXT_METHOD v3_name_constraints = {
+static int nc_match(GENERAL_NAME *gen, NAME_CONSTRAINTS *nc);
+static int nc_match_single(GENERAL_NAME *sub, GENERAL_NAME *gen);
+static int nc_dn(X509_NAME *sub, X509_NAME *nm);
+static int nc_dns(ASN1_IA5STRING *sub, ASN1_IA5STRING *dns);
+static int nc_email(ASN1_IA5STRING *sub, ASN1_IA5STRING *eml);
+static int nc_uri(ASN1_IA5STRING *uri, ASN1_IA5STRING *base);
+
+const X509V3_EXT_METHOD v3_name_constraints = {
 	NID_name_constraints, 0,
 	ASN1_ITEM_ref(NAME_CONSTRAINTS),
 	0,0,0,0,
@@ -99,8 +106,8 @@ ASN1_SEQUENCE(NAME_CONSTRAINTS) = {
 IMPLEMENT_ASN1_ALLOC_FUNCTIONS(GENERAL_SUBTREE)
 IMPLEMENT_ASN1_ALLOC_FUNCTIONS(NAME_CONSTRAINTS)
 
-static void *v2i_NAME_CONSTRAINTS(X509V3_EXT_METHOD *method,
-				X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
+static void *v2i_NAME_CONSTRAINTS(const X509V3_EXT_METHOD *method,
+				  X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
 	{
 	int i;
 	CONF_VALUE tval, *val;
@@ -155,8 +162,8 @@ static void *v2i_NAME_CONSTRAINTS(X509V3_EXT_METHOD *method,
 
 	
 
-static int i2r_NAME_CONSTRAINTS(X509V3_EXT_METHOD *method,
-				void *a, BIO *bp, int ind)
+static int i2r_NAME_CONSTRAINTS(const X509V3_EXT_METHOD *method, void *a,
+				BIO *bp, int ind)
 	{
 	NAME_CONSTRAINTS *ncons = a;
 	do_i2r_name_constraints(method, ncons->permittedSubtrees,
@@ -166,9 +173,9 @@ static int i2r_NAME_CONSTRAINTS(X509V3_EXT_METHOD *method,
 	return 1;
 	}
 
-static int do_i2r_name_constraints(X509V3_EXT_METHOD *method,
-				STACK_OF(GENERAL_SUBTREE) *trees,
-					BIO *bp, int ind, char *name)
+static int do_i2r_name_constraints(const X509V3_EXT_METHOD *method,
+				   STACK_OF(GENERAL_SUBTREE) *trees,
+				   BIO *bp, int ind, char *name)
 	{
 	GENERAL_SUBTREE *tree;
 	int i;
@@ -218,3 +225,282 @@ static int print_nc_ipadd(BIO *bp, ASN1_OCTET_STRING *ip)
 	return 1;
 	}
 
+/* Check a certificate conforms to a specified set of constraints.
+ * Return values:
+ *  X509_V_OK: All constraints obeyed.
+ *  X509_V_ERR_PERMITTED_VIOLATION: Permitted subtree violation.
+ *  X509_V_ERR_EXCLUDED_VIOLATION: Excluded subtree violation.
+ *  X509_V_ERR_SUBTREE_MINMAX: Min or max values present and matching type.
+ *  X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE:  Unsupported constraint type.
+ *  X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX: bad unsupported constraint syntax.
+ *  X509_V_ERR_UNSUPPORTED_NAME_SYNTAX: bad or unsupported syntax of name
+
+ */
+
+int NAME_CONSTRAINTS_check(X509 *x, NAME_CONSTRAINTS *nc)
+	{
+	int r, i;
+	X509_NAME *nm;
+
+	nm = X509_get_subject_name(x);
+
+	if (X509_NAME_entry_count(nm) > 0)
+		{
+		GENERAL_NAME gntmp;
+		gntmp.type = GEN_DIRNAME;
+		gntmp.d.directoryName = nm;
+
+		r = nc_match(&gntmp, nc);
+
+		if (r != X509_V_OK)
+			return r;
+
+		gntmp.type = GEN_EMAIL;
+
+
+		/* Process any email address attributes in subject name */
+
+		for (i = -1;;)
+			{
+			X509_NAME_ENTRY *ne;
+			i = X509_NAME_get_index_by_NID(nm,
+						       NID_pkcs9_emailAddress,
+						       i);
+			if (i == -1)
+				break;
+			ne = X509_NAME_get_entry(nm, i);
+			gntmp.d.rfc822Name = X509_NAME_ENTRY_get_data(ne);
+			if (gntmp.d.rfc822Name->type != V_ASN1_IA5STRING)
+				return X509_V_ERR_UNSUPPORTED_NAME_SYNTAX;
+
+			r = nc_match(&gntmp, nc);
+
+			if (r != X509_V_OK)
+				return r;
+			}
+		
+		}
+
+	for (i = 0; i < sk_GENERAL_NAME_num(x->altname); i++)
+		{
+		GENERAL_NAME *gen = sk_GENERAL_NAME_value(x->altname, i);
+		r = nc_match(gen, nc);
+		if (r != X509_V_OK)
+			return r;
+		}
+
+	return X509_V_OK;
+
+	}
+
+static int nc_match(GENERAL_NAME *gen, NAME_CONSTRAINTS *nc)
+	{
+	GENERAL_SUBTREE *sub;
+	int i, r, match = 0;
+
+	/* Permitted subtrees: if any subtrees exist of matching the type
+	 * at least one subtree must match.
+	 */
+
+	for (i = 0; i < sk_GENERAL_SUBTREE_num(nc->permittedSubtrees); i++)
+		{
+		sub = sk_GENERAL_SUBTREE_value(nc->permittedSubtrees, i);
+		if (gen->type != sub->base->type)
+			continue;
+		if (sub->minimum || sub->maximum)
+			return X509_V_ERR_SUBTREE_MINMAX;
+		/* If we already have a match don't bother trying any more */
+		if (match == 2)
+			continue;
+		if (match == 0)
+			match = 1;
+		r = nc_match_single(gen, sub->base);
+		if (r == X509_V_OK)
+			match = 2;
+		else if (r != X509_V_ERR_PERMITTED_VIOLATION)
+			return r;
+		}
+
+	if (match == 1)
+		return X509_V_ERR_PERMITTED_VIOLATION;
+
+	/* Excluded subtrees: must not match any of these */
+
+	for (i = 0; i < sk_GENERAL_SUBTREE_num(nc->excludedSubtrees); i++)
+		{
+		sub = sk_GENERAL_SUBTREE_value(nc->excludedSubtrees, i);
+		if (gen->type != sub->base->type)
+			continue;
+		if (sub->minimum || sub->maximum)
+			return X509_V_ERR_SUBTREE_MINMAX;
+
+		r = nc_match_single(gen, sub->base);
+		if (r == X509_V_OK)
+			return X509_V_ERR_EXCLUDED_VIOLATION;
+		else if (r != X509_V_ERR_PERMITTED_VIOLATION)
+			return r;
+
+		}
+
+	return X509_V_OK;
+
+	}
+
+static int nc_match_single(GENERAL_NAME *gen, GENERAL_NAME *base)
+	{
+	switch(base->type)
+		{
+		case GEN_DIRNAME:
+		return nc_dn(gen->d.directoryName, base->d.directoryName);
+
+		case GEN_DNS:
+		return nc_dns(gen->d.dNSName, base->d.dNSName);
+
+		case GEN_EMAIL:
+		return nc_email(gen->d.rfc822Name, base->d.rfc822Name);
+
+		case GEN_URI:
+		return nc_uri(gen->d.uniformResourceIdentifier,
+					base->d.uniformResourceIdentifier);
+
+		default:
+		return X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE;
+		}
+
+	}
+
+/* directoryName name constraint matching.
+ * The canonical encoding of X509_NAME makes this comparison easy. It is
+ * matched if the subtree is a subset of the name.
+ */
+
+static int nc_dn(X509_NAME *nm, X509_NAME *base)
+	{
+	/* Ensure canonical encodings are up to date.  */
+	if (nm->modified && i2d_X509_NAME(nm, NULL) < 0)
+		return X509_V_ERR_OUT_OF_MEM;
+	if (base->modified && i2d_X509_NAME(base, NULL) < 0)
+		return X509_V_ERR_OUT_OF_MEM;
+	if (base->canon_enclen > nm->canon_enclen)
+		return X509_V_ERR_PERMITTED_VIOLATION;
+	if (memcmp(base->canon_enc, nm->canon_enc, base->canon_enclen))
+		return X509_V_ERR_PERMITTED_VIOLATION;
+	return X509_V_OK;
+	}
+
+static int nc_dns(ASN1_IA5STRING *dns, ASN1_IA5STRING *base)
+	{
+	char *baseptr = (char *)base->data;
+	char *dnsptr = (char *)dns->data;
+	/* Empty matches everything */
+	if (!*baseptr)
+		return X509_V_OK;
+	/* Otherwise can add zero or more components on the left so
+	 * compare RHS and if dns is longer and expect '.' as preceding
+	 * character.
+	 */
+	if (dns->length > base->length)
+		{
+		dnsptr += dns->length - base->length;
+		if (dnsptr[-1] != '.')
+			return X509_V_ERR_PERMITTED_VIOLATION;
+		}
+
+	if (strcasecmp(baseptr, dnsptr))
+			return X509_V_ERR_PERMITTED_VIOLATION;
+
+	return X509_V_OK;
+
+	}
+
+static int nc_email(ASN1_IA5STRING *eml, ASN1_IA5STRING *base)
+	{
+	const char *baseptr = (char *)base->data;
+	const char *emlptr = (char *)eml->data;
+
+	const char *baseat = strchr(baseptr, '@');
+	const char *emlat = strchr(emlptr, '@');
+	if (!emlat)
+		return X509_V_ERR_UNSUPPORTED_NAME_SYNTAX;
+	/* Special case: inital '.' is RHS match */
+	if (!baseat && (*baseptr == '.'))
+		{
+		if (eml->length > base->length)
+			{
+			emlptr += eml->length - base->length;
+			if (!strcasecmp(baseptr, emlptr))
+				return X509_V_OK;
+			}
+		return X509_V_ERR_PERMITTED_VIOLATION;
+		}
+
+	/* If we have anything before '@' match local part */
+
+	if (baseat)
+		{
+		if (baseat != baseptr)
+			{
+			if ((baseat - baseptr) != (emlat - emlptr))
+				return X509_V_ERR_PERMITTED_VIOLATION;
+			/* Case sensitive match of local part */
+			if (strncmp(baseptr, emlptr, emlat - emlptr))
+				return X509_V_ERR_PERMITTED_VIOLATION;
+			}
+		/* Position base after '@' */
+		baseptr = baseat + 1;
+		}
+	emlptr = emlat + 1;
+	/* Just have hostname left to match: case insensitive */
+	if (strcasecmp(baseptr, emlptr))
+		return X509_V_ERR_PERMITTED_VIOLATION;
+
+	return X509_V_OK;
+
+	}
+
+static int nc_uri(ASN1_IA5STRING *uri, ASN1_IA5STRING *base)
+	{
+	const char *baseptr = (char *)base->data;
+	const char *hostptr = (char *)uri->data;
+	const char *p = strchr(hostptr, ':');
+	int hostlen;
+	/* Check for foo:// and skip past it */
+	if (!p || (p[1] != '/') || (p[2] != '/'))
+		return X509_V_ERR_UNSUPPORTED_NAME_SYNTAX;
+	hostptr = p + 3;
+
+	/* Determine length of hostname part of URI */
+
+	/* Look for a port indicator as end of hostname first */
+
+	p = strchr(hostptr, ':');
+	/* Otherwise look for trailing slash */
+	if (!p)
+		p = strchr(hostptr, '/');
+
+	if (!p)
+		hostlen = strlen(hostptr);
+	else
+		hostlen = p - hostptr;
+
+	if (hostlen == 0)
+		return X509_V_ERR_UNSUPPORTED_NAME_SYNTAX;
+
+	/* Special case: inital '.' is RHS match */
+	if (*baseptr == '.')
+		{
+		if (hostlen > base->length)
+			{
+			p = hostptr + hostlen - base->length;
+			if (!strncasecmp(p, baseptr, base->length))
+				return X509_V_OK;
+			}
+		return X509_V_ERR_PERMITTED_VIOLATION;
+		}
+
+	if ((base->length != (int)hostlen) || strncasecmp(hostptr, baseptr, hostlen))
+		return X509_V_ERR_PERMITTED_VIOLATION;
+
+	return X509_V_OK;
+
+	}
diff --git a/crypto/x509v3/v3_ocsp.c b/crypto/x509v3/v3_ocsp.c
index 28c11a4dbf..0c165af314 100644
--- a/crypto/x509v3/v3_ocsp.c
+++ b/crypto/x509v3/v3_ocsp.c
@@ -1,5 +1,5 @@
 /* v3_ocsp.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
 /* ====================================================================
@@ -68,21 +68,28 @@
 /* OCSP extensions and a couple of CRL entry extensions
  */
 
-static int i2r_ocsp_crlid(X509V3_EXT_METHOD *method, void *nonce, BIO *out, int indent);
-static int i2r_ocsp_acutoff(X509V3_EXT_METHOD *method, void *nonce, BIO *out, int indent);
-static int i2r_object(X509V3_EXT_METHOD *method, void *obj, BIO *out, int indent);
+static int i2r_ocsp_crlid(const X509V3_EXT_METHOD *method, void *nonce,
+			  BIO *out, int indent);
+static int i2r_ocsp_acutoff(const X509V3_EXT_METHOD *method, void *nonce,
+			    BIO *out, int indent);
+static int i2r_object(const X509V3_EXT_METHOD *method, void *obj, BIO *out,
+		      int indent);
 
 static void *ocsp_nonce_new(void);
 static int i2d_ocsp_nonce(void *a, unsigned char **pp);
 static void *d2i_ocsp_nonce(void *a, const unsigned char **pp, long length);
 static void ocsp_nonce_free(void *a);
-static int i2r_ocsp_nonce(X509V3_EXT_METHOD *method, void *nonce, BIO *out, int indent);
+static int i2r_ocsp_nonce(const X509V3_EXT_METHOD *method, void *nonce,
+			  BIO *out, int indent);
 
-static int i2r_ocsp_nocheck(X509V3_EXT_METHOD *method, void *nocheck, BIO *out, int indent);
-static void *s2i_ocsp_nocheck(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, const char *str);
-static int i2r_ocsp_serviceloc(X509V3_EXT_METHOD *method, void *in, BIO *bp, int ind);
+static int i2r_ocsp_nocheck(const X509V3_EXT_METHOD *method,
+			    void *nocheck, BIO *out, int indent);
+static void *s2i_ocsp_nocheck(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
+			      const char *str);
+static int i2r_ocsp_serviceloc(const X509V3_EXT_METHOD *method, void *in,
+			       BIO *bp, int ind);
 
-X509V3_EXT_METHOD v3_ocsp_crlid = {
+const X509V3_EXT_METHOD v3_ocsp_crlid = {
 	NID_id_pkix_OCSP_CrlID, 0, ASN1_ITEM_ref(OCSP_CRLID),
 	0,0,0,0,
 	0,0,
@@ -91,7 +98,7 @@ X509V3_EXT_METHOD v3_ocsp_crlid = {
 	NULL
 };
 
-X509V3_EXT_METHOD v3_ocsp_acutoff = {
+const X509V3_EXT_METHOD v3_ocsp_acutoff = {
 	NID_id_pkix_OCSP_archiveCutoff, 0, ASN1_ITEM_ref(ASN1_GENERALIZEDTIME),
 	0,0,0,0,
 	0,0,
@@ -100,7 +107,7 @@ X509V3_EXT_METHOD v3_ocsp_acutoff = {
 	NULL
 };
 
-X509V3_EXT_METHOD v3_crl_invdate = {
+const X509V3_EXT_METHOD v3_crl_invdate = {
 	NID_invalidity_date, 0, ASN1_ITEM_ref(ASN1_GENERALIZEDTIME),
 	0,0,0,0,
 	0,0,
@@ -109,7 +116,7 @@ X509V3_EXT_METHOD v3_crl_invdate = {
 	NULL
 };
 
-X509V3_EXT_METHOD v3_crl_hold = {
+const X509V3_EXT_METHOD v3_crl_hold = {
 	NID_hold_instruction_code, 0, ASN1_ITEM_ref(ASN1_OBJECT),
 	0,0,0,0,
 	0,0,
@@ -118,7 +125,7 @@ X509V3_EXT_METHOD v3_crl_hold = {
 	NULL
 };
 
-X509V3_EXT_METHOD v3_ocsp_nonce = {
+const X509V3_EXT_METHOD v3_ocsp_nonce = {
 	NID_id_pkix_OCSP_Nonce, 0, NULL,
 	ocsp_nonce_new,
 	ocsp_nonce_free,
@@ -130,7 +137,7 @@ X509V3_EXT_METHOD v3_ocsp_nonce = {
 	NULL
 };
 
-X509V3_EXT_METHOD v3_ocsp_nocheck = {
+const X509V3_EXT_METHOD v3_ocsp_nocheck = {
 	NID_id_pkix_OCSP_noCheck, 0, ASN1_ITEM_ref(ASN1_NULL),
 	0,0,0,0,
 	0,s2i_ocsp_nocheck,
@@ -139,7 +146,7 @@ X509V3_EXT_METHOD v3_ocsp_nocheck = {
 	NULL
 };
 
-X509V3_EXT_METHOD v3_ocsp_serviceloc = {
+const X509V3_EXT_METHOD v3_ocsp_serviceloc = {
 	NID_id_pkix_OCSP_serviceLocator, 0, ASN1_ITEM_ref(OCSP_SERVICELOC),
 	0,0,0,0,
 	0,0,
@@ -148,44 +155,47 @@ X509V3_EXT_METHOD v3_ocsp_serviceloc = {
 	NULL
 };
 
-static int i2r_ocsp_crlid(X509V3_EXT_METHOD *method, void *in, BIO *bp, int ind)
+static int i2r_ocsp_crlid(const X509V3_EXT_METHOD *method, void *in, BIO *bp,
+			  int ind)
 {
 	OCSP_CRLID *a = in;
 	if (a->crlUrl)
 	        {
-		if (!BIO_printf(bp, "%*scrlUrl: ", ind, "")) goto err;
+		if (BIO_printf(bp, "%*scrlUrl: ", ind, "") <= 0) goto err;
 		if (!ASN1_STRING_print(bp, (ASN1_STRING*)a->crlUrl)) goto err;
-		if (!BIO_write(bp, "\n", 1)) goto err;
+		if (BIO_write(bp, "\n", 1) <= 0) goto err;
 		}
 	if (a->crlNum)
 	        {
-		if (!BIO_printf(bp, "%*scrlNum: ", ind, "")) goto err;
-		if (!i2a_ASN1_INTEGER(bp, a->crlNum)) goto err;
-		if (!BIO_write(bp, "\n", 1)) goto err;
+		if (BIO_printf(bp, "%*scrlNum: ", ind, "") <= 0) goto err;
+		if (i2a_ASN1_INTEGER(bp, a->crlNum) <= 0) goto err;
+		if (BIO_write(bp, "\n", 1) <= 0) goto err;
 		}
 	if (a->crlTime)
 	        {
-		if (!BIO_printf(bp, "%*scrlTime: ", ind, "")) goto err;
+		if (BIO_printf(bp, "%*scrlTime: ", ind, "") <= 0) goto err;
 		if (!ASN1_GENERALIZEDTIME_print(bp, a->crlTime)) goto err;
-		if (!BIO_write(bp, "\n", 1)) goto err;
+		if (BIO_write(bp, "\n", 1) <= 0) goto err;
 		}
 	return 1;
 	err:
 	return 0;
 }
 
-static int i2r_ocsp_acutoff(X509V3_EXT_METHOD *method, void *cutoff, BIO *bp, int ind)
+static int i2r_ocsp_acutoff(const X509V3_EXT_METHOD *method, void *cutoff,
+			    BIO *bp, int ind)
 {
-	if (!BIO_printf(bp, "%*s", ind, "")) return 0;
+	if (BIO_printf(bp, "%*s", ind, "") <= 0) return 0;
 	if(!ASN1_GENERALIZEDTIME_print(bp, cutoff)) return 0;
 	return 1;
 }
 
 
-static int i2r_object(X509V3_EXT_METHOD *method, void *oid, BIO *bp, int ind)
+static int i2r_object(const X509V3_EXT_METHOD *method, void *oid, BIO *bp,
+		      int ind)
 {
-	if (!BIO_printf(bp, "%*s", ind, "")) return 0;
-	if(!i2a_ASN1_OBJECT(bp, oid)) return 0;
+	if (BIO_printf(bp, "%*s", ind, "") <= 0) return 0;
+	if(i2a_ASN1_OBJECT(bp, oid) <= 0) return 0;
 	return 1;
 }
 
@@ -232,7 +242,8 @@ static void ocsp_nonce_free(void *a)
 	M_ASN1_OCTET_STRING_free(a);
 }
 
-static int i2r_ocsp_nonce(X509V3_EXT_METHOD *method, void *nonce, BIO *out, int indent)
+static int i2r_ocsp_nonce(const X509V3_EXT_METHOD *method, void *nonce,
+			  BIO *out, int indent)
 {
 	if(BIO_printf(out, "%*s", indent, "") <= 0) return 0;
 	if(i2a_ASN1_STRING(out, nonce, V_ASN1_OCTET_STRING) <= 0) return 0;
@@ -241,17 +252,20 @@ static int i2r_ocsp_nonce(X509V3_EXT_METHOD *method, void *nonce, BIO *out, int
 
 /* Nocheck is just a single NULL. Don't print anything and always set it */
 
-static int i2r_ocsp_nocheck(X509V3_EXT_METHOD *method, void *nocheck, BIO *out, int indent)
+static int i2r_ocsp_nocheck(const X509V3_EXT_METHOD *method, void *nocheck,
+			    BIO *out, int indent)
 {
 	return 1;
 }
 
-static void *s2i_ocsp_nocheck(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, const char *str)
+static void *s2i_ocsp_nocheck(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
+			      const char *str)
 {
 	return ASN1_NULL_new();
 }
 
-static int i2r_ocsp_serviceloc(X509V3_EXT_METHOD *method, void *in, BIO *bp, int ind)
+static int i2r_ocsp_serviceloc(const X509V3_EXT_METHOD *method, void *in,
+			       BIO *bp, int ind)
         {
 	int i;
 	OCSP_SERVICELOC *a = in;
diff --git a/crypto/x509v3/v3_pci.c b/crypto/x509v3/v3_pci.c
index b32d968619..c254b2ff98 100644
--- a/crypto/x509v3/v3_pci.c
+++ b/crypto/x509v3/v3_pci.c
@@ -44,7 +44,7 @@ static int i2r_pci(X509V3_EXT_METHOD *method, PROXY_CERT_INFO_EXTENSION *ext,
 static PROXY_CERT_INFO_EXTENSION *r2i_pci(X509V3_EXT_METHOD *method,
 	X509V3_CTX *ctx, char *str);
 
-X509V3_EXT_METHOD v3_pci =
+const X509V3_EXT_METHOD v3_pci =
 	{ NID_proxyCertInfo, 0, ASN1_ITEM_ref(PROXY_CERT_INFO_EXTENSION),
 	  0,0,0,0,
 	  0,0,
@@ -82,13 +82,13 @@ static int process_pci_value(CONF_VALUE *val,
 		{
 		if (*language)
 			{
-			X509V3err(X509V3_F_R2I_PCI,X509V3_R_POLICY_LANGUAGE_ALREADTY_DEFINED);
+			X509V3err(X509V3_F_PROCESS_PCI_VALUE,X509V3_R_POLICY_LANGUAGE_ALREADY_DEFINED);
 			X509V3_conf_err(val);
 			return 0;
 			}
 		if (!(*language = OBJ_txt2obj(val->value, 0)))
 			{
-			X509V3err(X509V3_F_R2I_PCI,X509V3_R_INVALID_OBJECT_IDENTIFIER);
+			X509V3err(X509V3_F_PROCESS_PCI_VALUE,X509V3_R_INVALID_OBJECT_IDENTIFIER);
 			X509V3_conf_err(val);
 			return 0;
 			}
@@ -97,13 +97,13 @@ static int process_pci_value(CONF_VALUE *val,
 		{
 		if (*pathlen)
 			{
-			X509V3err(X509V3_F_R2I_PCI,X509V3_R_POLICY_PATH_LENGTH_ALREADTY_DEFINED);
+			X509V3err(X509V3_F_PROCESS_PCI_VALUE,X509V3_R_POLICY_PATH_LENGTH_ALREADY_DEFINED);
 			X509V3_conf_err(val);
 			return 0;
 			}
 		if (!X509V3_get_value_int(val, pathlen))
 			{
-			X509V3err(X509V3_F_R2I_PCI,X509V3_R_POLICY_PATH_LENGTH);
+			X509V3err(X509V3_F_PROCESS_PCI_VALUE,X509V3_R_POLICY_PATH_LENGTH);
 			X509V3_conf_err(val);
 			return 0;
 			}
@@ -117,7 +117,7 @@ static int process_pci_value(CONF_VALUE *val,
 			*policy = ASN1_OCTET_STRING_new();
 			if (!*policy)
 				{
-				X509V3err(X509V3_F_R2I_PCI,ERR_R_MALLOC_FAILURE);
+				X509V3err(X509V3_F_PROCESS_PCI_VALUE,ERR_R_MALLOC_FAILURE);
 				X509V3_conf_err(val);
 				return 0;
 				}
@@ -148,7 +148,7 @@ static int process_pci_value(CONF_VALUE *val,
 			BIO *b = BIO_new_file(val->value + 5, "r");
 			if (!b)
 				{
-				X509V3err(X509V3_F_R2I_PCI,ERR_R_BIO_LIB);
+				X509V3err(X509V3_F_PROCESS_PCI_VALUE,ERR_R_BIO_LIB);
 				X509V3_conf_err(val);
 				goto err;
 				}
@@ -172,7 +172,7 @@ static int process_pci_value(CONF_VALUE *val,
 
 			if (n < 0)
 				{
-				X509V3err(X509V3_F_R2I_PCI,ERR_R_BIO_LIB);
+				X509V3err(X509V3_F_PROCESS_PCI_VALUE,ERR_R_BIO_LIB);
 				X509V3_conf_err(val);
 				goto err;
 				}
@@ -193,13 +193,13 @@ static int process_pci_value(CONF_VALUE *val,
 			}
 		else
 			{
-			X509V3err(X509V3_F_R2I_PCI,X509V3_R_INCORRECT_POLICY_SYNTAX_TAG);
+			X509V3err(X509V3_F_PROCESS_PCI_VALUE,X509V3_R_INCORRECT_POLICY_SYNTAX_TAG);
 			X509V3_conf_err(val);
 			goto err;
 			}
 		if (!tmp_data)
 			{
-			X509V3err(X509V3_F_R2I_PCI,ERR_R_MALLOC_FAILURE);
+			X509V3err(X509V3_F_PROCESS_PCI_VALUE,ERR_R_MALLOC_FAILURE);
 			X509V3_conf_err(val);
 			goto err;
 			}
@@ -286,12 +286,6 @@ static PROXY_CERT_INFO_EXTENSION *r2i_pci(X509V3_EXT_METHOD *method,
 		X509V3err(X509V3_F_R2I_PCI,ERR_R_MALLOC_FAILURE);
 		goto err;
 		}
-	pci->proxyPolicy = PROXY_POLICY_new();
-	if (!pci->proxyPolicy)
-		{
-		X509V3err(X509V3_F_R2I_PCI,ERR_R_MALLOC_FAILURE);
-		goto err;
-		}
 
 	pci->proxyPolicy->policyLanguage = language; language = NULL;
 	pci->proxyPolicy->policy = policy; policy = NULL;
@@ -301,11 +295,6 @@ err:
 	if (language) { ASN1_OBJECT_free(language); language = NULL; }
 	if (pathlen) { ASN1_INTEGER_free(pathlen); pathlen = NULL; }
 	if (policy) { ASN1_OCTET_STRING_free(policy); policy = NULL; }
-	if (pci && pci->proxyPolicy)
-		{
-		PROXY_POLICY_free(pci->proxyPolicy);
-		pci->proxyPolicy = NULL;
-		}
 	if (pci) { PROXY_CERT_INFO_EXTENSION_free(pci); pci = NULL; }
 end:
 	sk_CONF_VALUE_pop_free(vals, X509V3_conf_free);
diff --git a/crypto/x509v3/v3_pcons.c b/crypto/x509v3/v3_pcons.c
index 91ae862ed7..30ca652351 100644
--- a/crypto/x509v3/v3_pcons.c
+++ b/crypto/x509v3/v3_pcons.c
@@ -1,5 +1,5 @@
 /* v3_pcons.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project.
  */
 /* ====================================================================
@@ -64,12 +64,14 @@
 #include <openssl/conf.h>
 #include <openssl/x509v3.h>
 
-static STACK_OF(CONF_VALUE) *i2v_POLICY_CONSTRAINTS(X509V3_EXT_METHOD *method,
-				void *bcons, STACK_OF(CONF_VALUE) *extlist);
-static void *v2i_POLICY_CONSTRAINTS(X509V3_EXT_METHOD *method,
-				X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *values);
+static STACK_OF(CONF_VALUE) *
+i2v_POLICY_CONSTRAINTS(const X509V3_EXT_METHOD *method, void *bcons,
+		       STACK_OF(CONF_VALUE) *extlist);
+static void *v2i_POLICY_CONSTRAINTS(const X509V3_EXT_METHOD *method,
+				    X509V3_CTX *ctx,
+				    STACK_OF(CONF_VALUE) *values);
 
-X509V3_EXT_METHOD v3_policy_constraints = {
+const X509V3_EXT_METHOD v3_policy_constraints = {
 NID_policy_constraints, 0,
 ASN1_ITEM_ref(POLICY_CONSTRAINTS),
 0,0,0,0,
@@ -88,8 +90,9 @@ ASN1_SEQUENCE(POLICY_CONSTRAINTS) = {
 IMPLEMENT_ASN1_ALLOC_FUNCTIONS(POLICY_CONSTRAINTS)
 
 
-static STACK_OF(CONF_VALUE) *i2v_POLICY_CONSTRAINTS(X509V3_EXT_METHOD *method,
-	     void *a, STACK_OF(CONF_VALUE) *extlist)
+static STACK_OF(CONF_VALUE) *
+i2v_POLICY_CONSTRAINTS(const X509V3_EXT_METHOD *method, void *a,
+		       STACK_OF(CONF_VALUE) *extlist)
 {
 	POLICY_CONSTRAINTS *pcons = a;
 	X509V3_add_value_int("Require Explicit Policy",
@@ -99,8 +102,9 @@ static STACK_OF(CONF_VALUE) *i2v_POLICY_CONSTRAINTS(X509V3_EXT_METHOD *method,
 	return extlist;
 }
 
-static void *v2i_POLICY_CONSTRAINTS(X509V3_EXT_METHOD *method,
-	     X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *values)
+static void *v2i_POLICY_CONSTRAINTS(const X509V3_EXT_METHOD *method,
+				    X509V3_CTX *ctx,
+				    STACK_OF(CONF_VALUE) *values)
 {
 	POLICY_CONSTRAINTS *pcons=NULL;
 	CONF_VALUE *val;
diff --git a/crypto/x509v3/v3_pku.c b/crypto/x509v3/v3_pku.c
index 49a2e4697a..076f3ff48e 100644
--- a/crypto/x509v3/v3_pku.c
+++ b/crypto/x509v3/v3_pku.c
@@ -1,5 +1,5 @@
 /* v3_pku.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
 /* ====================================================================
@@ -66,7 +66,7 @@ static int i2r_PKEY_USAGE_PERIOD(X509V3_EXT_METHOD *method, PKEY_USAGE_PERIOD *u
 /*
 static PKEY_USAGE_PERIOD *v2i_PKEY_USAGE_PERIOD(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *values);
 */
-X509V3_EXT_METHOD v3_pkey_usage_period = {
+const X509V3_EXT_METHOD v3_pkey_usage_period = {
 NID_private_key_usage_period, 0, ASN1_ITEM_ref(PKEY_USAGE_PERIOD),
 0,0,0,0,
 0,0,0,0,
diff --git a/crypto/x509v3/v3_pmaps.c b/crypto/x509v3/v3_pmaps.c
index 137be58ad9..865bcd3980 100644
--- a/crypto/x509v3/v3_pmaps.c
+++ b/crypto/x509v3/v3_pmaps.c
@@ -1,5 +1,5 @@
 /* v3_pmaps.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project.
  */
 /* ====================================================================
@@ -63,12 +63,13 @@
 #include <openssl/conf.h>
 #include <openssl/x509v3.h>
 
-static void *v2i_POLICY_MAPPINGS(X509V3_EXT_METHOD *method,
-				X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
-static STACK_OF(CONF_VALUE) *i2v_POLICY_MAPPINGS(X509V3_EXT_METHOD *method,
-				void *pmps, STACK_OF(CONF_VALUE) *extlist);
+static void *v2i_POLICY_MAPPINGS(const X509V3_EXT_METHOD *method,
+				 X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
+static STACK_OF(CONF_VALUE) *
+i2v_POLICY_MAPPINGS(const X509V3_EXT_METHOD *method, void *pmps,
+		    STACK_OF(CONF_VALUE) *extlist);
 
-X509V3_EXT_METHOD v3_policy_mappings = {
+const X509V3_EXT_METHOD v3_policy_mappings = {
 	NID_policy_mappings, 0,
 	ASN1_ITEM_ref(POLICY_MAPPINGS),
 	0,0,0,0,
@@ -92,8 +93,9 @@ ASN1_ITEM_TEMPLATE_END(POLICY_MAPPINGS)
 IMPLEMENT_ASN1_ALLOC_FUNCTIONS(POLICY_MAPPING)
 
 
-static STACK_OF(CONF_VALUE) *i2v_POLICY_MAPPINGS(X509V3_EXT_METHOD *method,
-		void *a, STACK_OF(CONF_VALUE) *ext_list)
+static STACK_OF(CONF_VALUE) *
+i2v_POLICY_MAPPINGS(const X509V3_EXT_METHOD *method, void *a,
+		    STACK_OF(CONF_VALUE) *ext_list)
 {
 	POLICY_MAPPINGS *pmaps = a;
 	POLICY_MAPPING *pmap;
@@ -109,8 +111,8 @@ static STACK_OF(CONF_VALUE) *i2v_POLICY_MAPPINGS(X509V3_EXT_METHOD *method,
 	return ext_list;
 }
 
-static void *v2i_POLICY_MAPPINGS(X509V3_EXT_METHOD *method,
-				X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
+static void *v2i_POLICY_MAPPINGS(const X509V3_EXT_METHOD *method,
+				 X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
 {
 	POLICY_MAPPINGS *pmaps;
 	POLICY_MAPPING *pmap;
diff --git a/crypto/x509v3/v3_prn.c b/crypto/x509v3/v3_prn.c
index 20bd9bda19..3146218708 100644
--- a/crypto/x509v3/v3_prn.c
+++ b/crypto/x509v3/v3_prn.c
@@ -1,5 +1,5 @@
 /* v3_prn.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
 /* ====================================================================
@@ -110,7 +110,7 @@ int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, unsigned long flag, int inde
 	void *ext_str = NULL;
 	char *value = NULL;
 	const unsigned char *p;
-	X509V3_EXT_METHOD *method;	
+	const X509V3_EXT_METHOD *method;	
 	STACK_OF(CONF_VALUE) *nval = NULL;
 	int ok = 1;
 
diff --git a/crypto/x509v3/v3_purp.c b/crypto/x509v3/v3_purp.c
index 9f992c9087..181bd34979 100644
--- a/crypto/x509v3/v3_purp.c
+++ b/crypto/x509v3/v3_purp.c
@@ -1,5 +1,5 @@
 /* v3_purp.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2001.
  */
 /* ====================================================================
@@ -71,6 +71,7 @@ static int purpose_smime(const X509 *x, int ca);
 static int check_purpose_smime_sign(const X509_PURPOSE *xp, const X509 *x, int ca);
 static int check_purpose_smime_encrypt(const X509_PURPOSE *xp, const X509 *x, int ca);
 static int check_purpose_crl_sign(const X509_PURPOSE *xp, const X509 *x, int ca);
+static int check_purpose_timestamp_sign(const X509_PURPOSE *xp, const X509 *x, int ca);
 static int no_check(const X509_PURPOSE *xp, const X509 *x, int ca);
 static int ocsp_helper(const X509_PURPOSE *xp, const X509 *x, int ca);
 
@@ -87,6 +88,7 @@ static X509_PURPOSE xstandard[] = {
 	{X509_PURPOSE_CRL_SIGN, X509_TRUST_COMPAT, 0, check_purpose_crl_sign, "CRL signing", "crlsign", NULL},
 	{X509_PURPOSE_ANY, X509_TRUST_DEFAULT, 0, no_check, "Any Purpose", "any", NULL},
 	{X509_PURPOSE_OCSP_HELPER, X509_TRUST_COMPAT, 0, ocsp_helper, "OCSP helper", "ocsphelper", NULL},
+	{X509_PURPOSE_TIMESTAMP_SIGN, X509_TRUST_TSA, 0, check_purpose_timestamp_sign, "Time Stamp signing", "timestampsign", NULL},
 };
 
 #define X509_PURPOSE_COUNT (sizeof(xstandard)/sizeof(X509_PURPOSE))
@@ -265,11 +267,14 @@ int X509_PURPOSE_get_trust(X509_PURPOSE *xp)
 	return xp->trust;
 }
 
-static int nid_cmp(int *a, int *b)
+static int nid_cmp(const int *a, const int *b)
 	{
 	return *a - *b;
 	}
 
+DECLARE_OBJ_BSEARCH_CMP_FN(int, int, nid);
+IMPLEMENT_OBJ_BSEARCH_CMP_FN(int, int, nid);
+
 int X509_supported_extension(X509_EXTENSION *ex)
 	{
 	/* This table is a list of the NIDs of supported extensions:
@@ -280,29 +285,74 @@ int X509_supported_extension(X509_EXTENSION *ex)
 	 * searched using bsearch.
 	 */
 
-	static int supported_nids[] = {
+	static const int supported_nids[] = {
 		NID_netscape_cert_type, /* 71 */
         	NID_key_usage,		/* 83 */
 		NID_subject_alt_name,	/* 85 */
 		NID_basic_constraints,	/* 87 */
+		NID_certificate_policies, /* 89 */
         	NID_ext_key_usage,	/* 126 */
-		NID_proxyCertInfo	/* 661 */
+#ifndef OPENSSL_NO_RFC3779
+		NID_sbgp_ipAddrBlock,	/* 290 */
+		NID_sbgp_autonomousSysNum, /* 291 */
+#endif
+		NID_policy_constraints,	/* 401 */
+		NID_proxyCertInfo,	/* 663 */
+		NID_name_constraints,	/* 666 */
+		NID_policy_mappings,	/* 747 */
+		NID_inhibit_any_policy	/* 748 */
 	};
 
-	int ex_nid;
-
-	ex_nid = OBJ_obj2nid(X509_EXTENSION_get_object(ex));
+	int ex_nid = OBJ_obj2nid(X509_EXTENSION_get_object(ex));
 
 	if (ex_nid == NID_undef) 
 		return 0;
 
-	if (OBJ_bsearch((char *)&ex_nid, (char *)supported_nids,
-		sizeof(supported_nids)/sizeof(int), sizeof(int),
-		(int (*)(const void *, const void *))nid_cmp))
+	if (OBJ_bsearch_nid(&ex_nid, supported_nids,
+			sizeof(supported_nids)/sizeof(int)))
 		return 1;
 	return 0;
 	}
- 
+
+static void setup_dp(X509 *x, DIST_POINT *dp)
+	{
+	X509_NAME *iname = NULL;
+	int i;
+	if (dp->reasons)
+		{
+		if (dp->reasons->length > 0)
+			dp->dp_reasons = dp->reasons->data[0];
+		if (dp->reasons->length > 1)
+			dp->dp_reasons |= (dp->reasons->data[1] << 8);
+		dp->dp_reasons &= CRLDP_ALL_REASONS;
+		}
+	else
+		dp->dp_reasons = CRLDP_ALL_REASONS;
+	if (!dp->distpoint || (dp->distpoint->type != 1))
+		return;
+	for (i = 0; i < sk_GENERAL_NAME_num(dp->CRLissuer); i++)
+		{
+		GENERAL_NAME *gen = sk_GENERAL_NAME_value(dp->CRLissuer, i);
+		if (gen->type == GEN_DIRNAME)
+			{
+			iname = gen->d.directoryName;
+			break;
+			}
+		}
+	if (!iname)
+		iname = X509_get_issuer_name(x);
+
+	DIST_POINT_set_dpname(dp->distpoint, iname);
+
+	}
+
+static void setup_crldp(X509 *x)
+	{
+	int i;
+	x->crldp = X509_get_ext_d2i(x, NID_crl_distribution_points, NULL, NULL);
+	for (i = 0; i < sk_DIST_POINT_num(x->crldp); i++)
+		setup_dp(x, sk_DIST_POINT_value(x->crldp, i));
+	}
 
 static void x509v3_cache_extensions(X509 *x)
 {
@@ -320,7 +370,7 @@ static void x509v3_cache_extensions(X509 *x)
 #endif
 	/* Does subject name match issuer ? */
 	if(!X509_NAME_cmp(X509_get_subject_name(x), X509_get_issuer_name(x)))
-			 x->ex_flags |= EXFLAG_SS;
+			 x->ex_flags |= EXFLAG_SI;
 	/* V1 should mean no extensions ... */
 	if(!X509_get_version(x)) x->ex_flags |= EXFLAG_V1;
 	/* Handle basic constraints */
@@ -338,7 +388,9 @@ static void x509v3_cache_extensions(X509 *x)
 	}
 	/* Handle proxy certificates */
 	if((pci=X509_get_ext_d2i(x, NID_proxyCertInfo, NULL, NULL))) {
-		if (x->ex_flags & EXFLAG_CA) {
+		if (x->ex_flags & EXFLAG_CA
+		    || X509_get_ext_by_NID(x, NID_subject_alt_name, 0) >= 0
+		    || X509_get_ext_by_NID(x, NID_issuer_alt_name, 0) >= 0) {
 			x->ex_flags |= EXFLAG_INVALID;
 		}
 		if (pci->pcPathLengthConstraint) {
@@ -408,11 +460,25 @@ static void x509v3_cache_extensions(X509 *x)
 	}
 	x->skid =X509_get_ext_d2i(x, NID_subject_key_identifier, NULL, NULL);
 	x->akid =X509_get_ext_d2i(x, NID_authority_key_identifier, NULL, NULL);
+	x->altname = X509_get_ext_d2i(x, NID_subject_alt_name, NULL, NULL);
+	x->nc = X509_get_ext_d2i(x, NID_name_constraints, &i, NULL);
+	if (!x->nc && (i != -1))
+		x->ex_flags |= EXFLAG_INVALID;
+	setup_crldp(x);
+
+#ifndef OPENSSL_NO_RFC3779
+ 	x->rfc3779_addr =X509_get_ext_d2i(x, NID_sbgp_ipAddrBlock, NULL, NULL);
+ 	x->rfc3779_asid =X509_get_ext_d2i(x, NID_sbgp_autonomousSysNum,
+ 					  NULL, NULL);
+#endif
 	for (i = 0; i < X509_get_ext_count(x); i++)
 		{
 		ex = X509_get_ext(x, i);
 		if (!X509_EXTENSION_get_critical(ex))
 			continue;
+		if (OBJ_obj2nid(X509_EXTENSION_get_object(ex))
+					== NID_freshest_crl)
+			x->ex_flags |= EXFLAG_FRESHEST;
 		if (!X509_supported_extension(ex))
 			{
 			x->ex_flags |= EXFLAG_CRITICAL;
@@ -580,6 +646,41 @@ static int ocsp_helper(const X509_PURPOSE *xp, const X509 *x, int ca)
 	return 1;
 }
 
+static int check_purpose_timestamp_sign(const X509_PURPOSE *xp, const X509 *x,
+					int ca)
+{
+	int i_ext;
+
+	/* If ca is true we must return if this is a valid CA certificate. */
+	if (ca) return check_ca(x);
+
+	/* 
+	 * Check the optional key usage field:
+	 * if Key Usage is present, it must be one of digitalSignature 
+	 * and/or nonRepudiation (other values are not consistent and shall
+	 * be rejected).
+	 */
+	if ((x->ex_flags & EXFLAG_KUSAGE)
+	    && ((x->ex_kusage & ~(KU_NON_REPUDIATION | KU_DIGITAL_SIGNATURE)) ||
+		!(x->ex_kusage & (KU_NON_REPUDIATION | KU_DIGITAL_SIGNATURE))))
+		return 0;
+
+	/* Only time stamp key usage is permitted and it's required. */
+	if (!(x->ex_flags & EXFLAG_XKUSAGE) || x->ex_xkusage != XKU_TIMESTAMP)
+		return 0;
+
+	/* Extended Key Usage MUST be critical */
+	i_ext = X509_get_ext_by_NID((X509 *) x, NID_ext_key_usage, 0);
+	if (i_ext >= 0)
+		{
+		X509_EXTENSION *ext = X509_get_ext((X509 *) x, i_ext);
+		if (!X509_EXTENSION_get_critical(ext))
+			return 0;
+		}
+
+	return 1;
+}
+
 static int no_check(const X509_PURPOSE *xp, const X509 *x, int ca)
 {
 	return 1;
@@ -604,39 +705,14 @@ int X509_check_issued(X509 *issuer, X509 *subject)
 				return X509_V_ERR_SUBJECT_ISSUER_MISMATCH;
 	x509v3_cache_extensions(issuer);
 	x509v3_cache_extensions(subject);
-	if(subject->akid) {
-		/* Check key ids (if present) */
-		if(subject->akid->keyid && issuer->skid &&
-		 ASN1_OCTET_STRING_cmp(subject->akid->keyid, issuer->skid) )
-				return X509_V_ERR_AKID_SKID_MISMATCH;
-		/* Check serial number */
-		if(subject->akid->serial &&
-			ASN1_INTEGER_cmp(X509_get_serialNumber(issuer),
-						subject->akid->serial))
-				return X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH;
-		/* Check issuer name */
-		if(subject->akid->issuer) {
-			/* Ugh, for some peculiar reason AKID includes
-			 * SEQUENCE OF GeneralName. So look for a DirName.
-			 * There may be more than one but we only take any
-			 * notice of the first.
-			 */
-			GENERAL_NAMES *gens;
-			GENERAL_NAME *gen;
-			X509_NAME *nm = NULL;
-			int i;
-			gens = subject->akid->issuer;
-			for(i = 0; i < sk_GENERAL_NAME_num(gens); i++) {
-				gen = sk_GENERAL_NAME_value(gens, i);
-				if(gen->type == GEN_DIRNAME) {
-					nm = gen->d.dirn;
-					break;
-				}
-			}
-			if(nm && X509_NAME_cmp(nm, X509_get_issuer_name(issuer)))
-				return X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH;
+
+	if(subject->akid)
+		{
+		int ret = X509_check_akid(issuer, subject->akid);
+		if (ret != X509_V_OK)
+			return ret;
 		}
-	}
+
 	if(subject->ex_flags & EXFLAG_PROXY)
 		{
 		if(ku_reject(issuer, KU_DIGITAL_SIGNATURE))
@@ -647,3 +723,45 @@ int X509_check_issued(X509 *issuer, X509 *subject)
 	return X509_V_OK;
 }
 
+int X509_check_akid(X509 *issuer, AUTHORITY_KEYID *akid)
+	{
+
+	if(!akid)
+		return X509_V_OK;
+
+	/* Check key ids (if present) */
+	if(akid->keyid && issuer->skid &&
+		 ASN1_OCTET_STRING_cmp(akid->keyid, issuer->skid) )
+				return X509_V_ERR_AKID_SKID_MISMATCH;
+	/* Check serial number */
+	if(akid->serial &&
+		ASN1_INTEGER_cmp(X509_get_serialNumber(issuer), akid->serial))
+				return X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH;
+	/* Check issuer name */
+	if(akid->issuer)
+		{
+		/* Ugh, for some peculiar reason AKID includes
+		 * SEQUENCE OF GeneralName. So look for a DirName.
+		 * There may be more than one but we only take any
+		 * notice of the first.
+		 */
+		GENERAL_NAMES *gens;
+		GENERAL_NAME *gen;
+		X509_NAME *nm = NULL;
+		int i;
+		gens = akid->issuer;
+		for(i = 0; i < sk_GENERAL_NAME_num(gens); i++)
+			{
+			gen = sk_GENERAL_NAME_value(gens, i);
+			if(gen->type == GEN_DIRNAME)
+				{
+				nm = gen->d.dirn;
+				break;
+				}
+			}
+		if(nm && X509_NAME_cmp(nm, X509_get_issuer_name(issuer)))
+			return X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH;
+		}
+	return X509_V_OK;
+	}
+
diff --git a/crypto/x509v3/v3_skey.c b/crypto/x509v3/v3_skey.c
index c0f044ac1b..0a984fbaa8 100644
--- a/crypto/x509v3/v3_skey.c
+++ b/crypto/x509v3/v3_skey.c
@@ -1,5 +1,5 @@
 /* v3_skey.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
 /* ====================================================================
@@ -62,7 +62,7 @@
 #include <openssl/x509v3.h>
 
 static ASN1_OCTET_STRING *s2i_skey_id(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str);
-X509V3_EXT_METHOD v3_skey_id = { 
+const X509V3_EXT_METHOD v3_skey_id = { 
 NID_subject_key_identifier, 0, ASN1_ITEM_ref(ASN1_OCTET_STRING),
 0,0,0,0,
 (X509V3_EXT_I2S)i2s_ASN1_OCTET_STRING,
@@ -109,14 +109,14 @@ static ASN1_OCTET_STRING *s2i_skey_id(X509V3_EXT_METHOD *method,
 	if(strcmp(str, "hash")) return s2i_ASN1_OCTET_STRING(method, ctx, str);
 
 	if(!(oct = M_ASN1_OCTET_STRING_new())) {
-		X509V3err(X509V3_F_S2I_S2I_SKEY_ID,ERR_R_MALLOC_FAILURE);
+		X509V3err(X509V3_F_S2I_SKEY_ID,ERR_R_MALLOC_FAILURE);
 		return NULL;
 	}
 
 	if(ctx && (ctx->flags == CTX_TEST)) return oct;
 
 	if(!ctx || (!ctx->subject_req && !ctx->subject_cert)) {
-		X509V3err(X509V3_F_S2I_ASN1_SKEY_ID,X509V3_R_NO_PUBLIC_KEY);
+		X509V3err(X509V3_F_S2I_SKEY_ID,X509V3_R_NO_PUBLIC_KEY);
 		goto err;
 	}
 
@@ -125,14 +125,15 @@ static ASN1_OCTET_STRING *s2i_skey_id(X509V3_EXT_METHOD *method,
 	else pk = ctx->subject_cert->cert_info->key->public_key;
 
 	if(!pk) {
-		X509V3err(X509V3_F_S2I_ASN1_SKEY_ID,X509V3_R_NO_PUBLIC_KEY);
+		X509V3err(X509V3_F_S2I_SKEY_ID,X509V3_R_NO_PUBLIC_KEY);
 		goto err;
 	}
 
-	EVP_Digest(pk->data, pk->length, pkey_dig, &diglen, EVP_sha1(), NULL);
+	if (!EVP_Digest(pk->data, pk->length, pkey_dig, &diglen, EVP_sha1(), NULL))
+		goto err;
 
 	if(!M_ASN1_OCTET_STRING_set(oct, pkey_dig, diglen)) {
-		X509V3err(X509V3_F_S2I_S2I_SKEY_ID,ERR_R_MALLOC_FAILURE);
+		X509V3err(X509V3_F_S2I_SKEY_ID,ERR_R_MALLOC_FAILURE);
 		goto err;
 	}
 
diff --git a/crypto/x509v3/v3_sxnet.c b/crypto/x509v3/v3_sxnet.c
index 860909a83b..2a6bf11b65 100644
--- a/crypto/x509v3/v3_sxnet.c
+++ b/crypto/x509v3/v3_sxnet.c
@@ -1,5 +1,5 @@
 /* v3_sxnet.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
 /* ====================================================================
@@ -72,7 +72,7 @@ static int sxnet_i2r(X509V3_EXT_METHOD *method, SXNET *sx, BIO *out, int indent)
 static SXNET * sxnet_v2i(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
 						STACK_OF(CONF_VALUE) *nval);
 #endif
-X509V3_EXT_METHOD v3_sxnet = {
+const X509V3_EXT_METHOD v3_sxnet = {
 NID_sxnet, X509V3_EXT_MULTILINE, ASN1_ITEM_ref(SXNET),
 0,0,0,0,
 0,0,
@@ -154,7 +154,7 @@ int SXNET_add_id_asc(SXNET **psx, char *zone, char *user,
 {
 	ASN1_INTEGER *izone = NULL;
 	if(!(izone = s2i_ASN1_INTEGER(NULL, zone))) {
-		X509V3err(X509V3_F_SXNET_ADD_ASC,X509V3_R_ERROR_CONVERTING_ZONE);
+		X509V3err(X509V3_F_SXNET_ADD_ID_ASC,X509V3_R_ERROR_CONVERTING_ZONE);
 		return 0;
 	}
 	return SXNET_add_id_INTEGER(psx, izone, user, userlen);
diff --git a/crypto/x509v3/v3_utl.c b/crypto/x509v3/v3_utl.c
index 191cfef1a5..e030234540 100644
--- a/crypto/x509v3/v3_utl.c
+++ b/crypto/x509v3/v3_utl.c
@@ -1,5 +1,5 @@
 /* v3_utl.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project.
  */
 /* ====================================================================
@@ -67,11 +67,10 @@
 
 static char *strip_spaces(char *name);
 static int sk_strcmp(const char * const *a, const char * const *b);
-static STACK *get_email(X509_NAME *name, GENERAL_NAMES *gens);
-static void str_free(void *str);
-static int append_ia5(STACK **sk, ASN1_IA5STRING *email);
+static STACK_OF(OPENSSL_STRING) *get_email(X509_NAME *name, GENERAL_NAMES *gens);
+static void str_free(OPENSSL_STRING str);
+static int append_ia5(STACK_OF(OPENSSL_STRING) **sk, ASN1_IA5STRING *email);
 
-static int a2i_ipadd(unsigned char *ipout, const char *ipasc);
 static int ipv4_from_asc(unsigned char *v4, const char *in);
 static int ipv6_from_asc(unsigned char *v6, const char *in);
 static int ipv6_cb(const char *elem, int len, void *usr);
@@ -85,7 +84,7 @@ int X509V3_add_value(const char *name, const char *value,
 	CONF_VALUE *vtmp = NULL;
 	char *tname = NULL, *tvalue = NULL;
 	if(name && !(tname = BUF_strdup(name))) goto err;
-	if(value && !(tvalue = BUF_strdup(value))) goto err;;
+	if(value && !(tvalue = BUF_strdup(value))) goto err;
 	if(!(vtmp = (CONF_VALUE *)OPENSSL_malloc(sizeof(CONF_VALUE)))) goto err;
 	if(!*extlist && !(*extlist = sk_CONF_VALUE_new_null())) goto err;
 	vtmp->section = NULL;
@@ -361,12 +360,12 @@ static char *strip_spaces(char *name)
  * @@@ (Contents of buffer are always kept in ASCII, also on EBCDIC machines)
  */
 
-char *hex_to_string(unsigned char *buffer, long len)
+char *hex_to_string(const unsigned char *buffer, long len)
 {
 	char *tmp, *q;
-	unsigned char *p;
+	const unsigned char *p;
 	int i;
-	static char hexdig[] = "0123456789ABCDEF";
+	const static char hexdig[] = "0123456789ABCDEF";
 	if(!buffer || !len) return NULL;
 	if(!(tmp = OPENSSL_malloc(len * 3 + 1))) {
 		X509V3err(X509V3_F_HEX_TO_STRING,ERR_R_MALLOC_FAILURE);
@@ -390,7 +389,7 @@ char *hex_to_string(unsigned char *buffer, long len)
  * a buffer
  */
 
-unsigned char *string_to_hex(char *str, long *len)
+unsigned char *string_to_hex(const char *str, long *len)
 {
 	unsigned char *hexbuf, *q;
 	unsigned char ch, cl, *p;
@@ -464,21 +463,48 @@ static int sk_strcmp(const char * const *a, const char * const *b)
 	return strcmp(*a, *b);
 }
 
-STACK *X509_get1_email(X509 *x)
+STACK_OF(OPENSSL_STRING) *X509_get1_email(X509 *x)
 {
 	GENERAL_NAMES *gens;
-	STACK *ret;
+	STACK_OF(OPENSSL_STRING) *ret;
+
 	gens = X509_get_ext_d2i(x, NID_subject_alt_name, NULL, NULL);
 	ret = get_email(X509_get_subject_name(x), gens);
 	sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free);
 	return ret;
 }
 
-STACK *X509_REQ_get1_email(X509_REQ *x)
+STACK_OF(OPENSSL_STRING) *X509_get1_ocsp(X509 *x)
+{
+	AUTHORITY_INFO_ACCESS *info;
+	STACK_OF(OPENSSL_STRING) *ret = NULL;
+	int i;
+
+	info = X509_get_ext_d2i(x, NID_info_access, NULL, NULL);
+	if (!info)
+		return NULL;
+	for (i = 0; i < sk_ACCESS_DESCRIPTION_num(info); i++)
+		{
+		ACCESS_DESCRIPTION *ad = sk_ACCESS_DESCRIPTION_value(info, i);
+		if (OBJ_obj2nid(ad->method) == NID_ad_OCSP)
+			{
+			if (ad->location->type == GEN_URI)
+				{
+				if (!append_ia5(&ret, ad->location->d.uniformResourceIdentifier))
+					break;
+				}
+			}
+		}
+	AUTHORITY_INFO_ACCESS_free(info);
+	return ret;
+}
+
+STACK_OF(OPENSSL_STRING) *X509_REQ_get1_email(X509_REQ *x)
 {
 	GENERAL_NAMES *gens;
 	STACK_OF(X509_EXTENSION) *exts;
-	STACK *ret;
+	STACK_OF(OPENSSL_STRING) *ret;
+
 	exts = X509_REQ_get_extensions(x);
 	gens = X509V3_get_d2i(exts, NID_subject_alt_name, NULL, NULL);
 	ret = get_email(X509_REQ_get_subject_name(x), gens);
@@ -488,9 +514,9 @@ STACK *X509_REQ_get1_email(X509_REQ *x)
 }
 
 
-static STACK *get_email(X509_NAME *name, GENERAL_NAMES *gens)
+static STACK_OF(OPENSSL_STRING) *get_email(X509_NAME *name, GENERAL_NAMES *gens)
 {
-	STACK *ret = NULL;
+	STACK_OF(OPENSSL_STRING) *ret = NULL;
 	X509_NAME_ENTRY *ne;
 	ASN1_IA5STRING *email;
 	GENERAL_NAME *gen;
@@ -513,23 +539,23 @@ static STACK *get_email(X509_NAME *name, GENERAL_NAMES *gens)
 	return ret;
 }
 
-static void str_free(void *str)
+static void str_free(OPENSSL_STRING str)
 {
 	OPENSSL_free(str);
 }
 
-static int append_ia5(STACK **sk, ASN1_IA5STRING *email)
+static int append_ia5(STACK_OF(OPENSSL_STRING) **sk, ASN1_IA5STRING *email)
 {
 	char *emtmp;
 	/* First some sanity checks */
 	if(email->type != V_ASN1_IA5STRING) return 1;
 	if(!email->data || !email->length) return 1;
-	if(!*sk) *sk = sk_new(sk_strcmp);
+	if(!*sk) *sk = sk_OPENSSL_STRING_new(sk_strcmp);
 	if(!*sk) return 0;
 	/* Don't add duplicates */
-	if(sk_find(*sk, (char *)email->data) != -1) return 1;
+	if(sk_OPENSSL_STRING_find(*sk, (char *)email->data) != -1) return 1;
 	emtmp = BUF_strdup((char *)email->data);
-	if(!emtmp || !sk_push(*sk, emtmp)) {
+	if(!emtmp || !sk_OPENSSL_STRING_push(*sk, emtmp)) {
 		X509_email_free(*sk);
 		*sk = NULL;
 		return 0;
@@ -537,9 +563,9 @@ static int append_ia5(STACK **sk, ASN1_IA5STRING *email)
 	return 1;
 }
 
-void X509_email_free(STACK *sk)
+void X509_email_free(STACK_OF(OPENSSL_STRING) *sk)
 {
-	sk_pop_free(sk, str_free);
+	sk_OPENSSL_STRING_pop_free(sk, str_free);
 }
 
 /* Convert IP addresses both IPv4 and IPv6 into an 
@@ -615,7 +641,7 @@ ASN1_OCTET_STRING *a2i_IPADDRESS_NC(const char *ipasc)
 	}
 	
 
-static int a2i_ipadd(unsigned char *ipout, const char *ipasc)
+int a2i_ipadd(unsigned char *ipout, const char *ipasc)
 	{
 	/* If string contains a ':' assume IPv6 */
 
@@ -713,17 +739,20 @@ static int ipv6_from_asc(unsigned char *v6, const char *in)
 
 	/* Format result */
 
-	/* Copy initial part */
-	if (v6stat.zero_pos > 0)
+	if (v6stat.zero_pos >= 0)
+		{
+		/* Copy initial part */
 		memcpy(v6, v6stat.tmp, v6stat.zero_pos);
-	/* Zero middle */
-	if (v6stat.total != 16)
+		/* Zero middle */
 		memset(v6 + v6stat.zero_pos, 0, 16 - v6stat.total);
-	/* Copy final part */
-	if (v6stat.total != v6stat.zero_pos)
-		memcpy(v6 + v6stat.zero_pos + 16 - v6stat.total,
-			v6stat.tmp + v6stat.zero_pos,
-			v6stat.total - v6stat.zero_pos);
+		/* Copy final part */
+		if (v6stat.total != v6stat.zero_pos)
+			memcpy(v6 + v6stat.zero_pos + 16 - v6stat.total,
+				v6stat.tmp + v6stat.zero_pos,
+				v6stat.total - v6stat.zero_pos);
+		}
+	else
+		memcpy(v6, v6stat.tmp, 16);
 
 	return 1;
 	}
@@ -826,13 +855,13 @@ int X509V3_NAME_from_section(X509_NAME *nm, STACK_OF(CONF_VALUE)*dn_sk,
 				break;
 				}
 #ifndef CHARSET_EBCDIC
-			if (*p == '+')
+		if (*type == '+')
 #else
-			if (*p == os_toascii['+'])
+		if (*type == os_toascii['+'])
 #endif
 			{
 			mval = -1;
-			p++;
+			type++;
 			}
 		else
 			mval = 0;
diff --git a/crypto/x509v3/v3conf.c b/crypto/x509v3/v3conf.c
index 00cf5b4a5b..a9e6ca3542 100644
--- a/crypto/x509v3/v3conf.c
+++ b/crypto/x509v3/v3conf.c
@@ -1,5 +1,5 @@
 /* v3conf.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
 /* ====================================================================
diff --git a/crypto/x509v3/v3err.c b/crypto/x509v3/v3err.c
index e93f50da14..f9f6f1f91f 100644
--- a/crypto/x509v3/v3err.c
+++ b/crypto/x509v3/v3err.c
@@ -1,6 +1,6 @@
 /* crypto/x509v3/v3err.c */
 /* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2007 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -64,124 +64,150 @@
 
 /* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
+
+#define ERR_FUNC(func) ERR_PACK(ERR_LIB_X509V3,func,0)
+#define ERR_REASON(reason) ERR_PACK(ERR_LIB_X509V3,0,reason)
+
 static ERR_STRING_DATA X509V3_str_functs[]=
 	{
-{ERR_PACK(0,X509V3_F_COPY_EMAIL,0),	"COPY_EMAIL"},
-{ERR_PACK(0,X509V3_F_COPY_ISSUER,0),	"COPY_ISSUER"},
-{ERR_PACK(0,X509V3_F_DO_DIRNAME,0),	"DO_DIRNAME"},
-{ERR_PACK(0,X509V3_F_DO_EXT_CONF,0),	"DO_EXT_CONF"},
-{ERR_PACK(0,X509V3_F_DO_EXT_I2D,0),	"DO_EXT_I2D"},
-{ERR_PACK(0,X509V3_F_DO_I2V_NAME_CONSTRAINTS,0),	"DO_I2V_NAME_CONSTRAINTS"},
-{ERR_PACK(0,X509V3_F_HEX_TO_STRING,0),	"hex_to_string"},
-{ERR_PACK(0,X509V3_F_I2S_ASN1_ENUMERATED,0),	"i2s_ASN1_ENUMERATED"},
-{ERR_PACK(0,X509V3_F_I2S_ASN1_IA5STRING,0),	"I2S_ASN1_IA5STRING"},
-{ERR_PACK(0,X509V3_F_I2S_ASN1_INTEGER,0),	"i2s_ASN1_INTEGER"},
-{ERR_PACK(0,X509V3_F_I2V_AUTHORITY_INFO_ACCESS,0),	"I2V_AUTHORITY_INFO_ACCESS"},
-{ERR_PACK(0,X509V3_F_NOTICE_SECTION,0),	"NOTICE_SECTION"},
-{ERR_PACK(0,X509V3_F_NREF_NOS,0),	"NREF_NOS"},
-{ERR_PACK(0,X509V3_F_POLICY_SECTION,0),	"POLICY_SECTION"},
-{ERR_PACK(0,X509V3_F_R2I_CERTPOL,0),	"R2I_CERTPOL"},
-{ERR_PACK(0,X509V3_F_R2I_PCI,0),	"R2I_PCI"},
-{ERR_PACK(0,X509V3_F_S2I_ASN1_IA5STRING,0),	"S2I_ASN1_IA5STRING"},
-{ERR_PACK(0,X509V3_F_S2I_ASN1_INTEGER,0),	"s2i_ASN1_INTEGER"},
-{ERR_PACK(0,X509V3_F_S2I_ASN1_OCTET_STRING,0),	"s2i_ASN1_OCTET_STRING"},
-{ERR_PACK(0,X509V3_F_S2I_ASN1_SKEY_ID,0),	"S2I_ASN1_SKEY_ID"},
-{ERR_PACK(0,X509V3_F_S2I_S2I_SKEY_ID,0),	"S2I_S2I_SKEY_ID"},
-{ERR_PACK(0,X509V3_F_STRING_TO_HEX,0),	"string_to_hex"},
-{ERR_PACK(0,X509V3_F_SXNET_ADD_ASC,0),	"SXNET_ADD_ASC"},
-{ERR_PACK(0,X509V3_F_SXNET_ADD_ID_INTEGER,0),	"SXNET_add_id_INTEGER"},
-{ERR_PACK(0,X509V3_F_SXNET_ADD_ID_ULONG,0),	"SXNET_add_id_ulong"},
-{ERR_PACK(0,X509V3_F_SXNET_GET_ID_ASC,0),	"SXNET_get_id_asc"},
-{ERR_PACK(0,X509V3_F_SXNET_GET_ID_ULONG,0),	"SXNET_get_id_ulong"},
-{ERR_PACK(0,X509V3_F_V2I_ACCESS_DESCRIPTION,0),	"V2I_ACCESS_DESCRIPTION"},
-{ERR_PACK(0,X509V3_F_V2I_ASN1_BIT_STRING,0),	"v2i_ASN1_BIT_STRING"},
-{ERR_PACK(0,X509V3_F_V2I_AUTHORITY_KEYID,0),	"V2I_AUTHORITY_KEYID"},
-{ERR_PACK(0,X509V3_F_V2I_BASIC_CONSTRAINTS,0),	"V2I_BASIC_CONSTRAINTS"},
-{ERR_PACK(0,X509V3_F_V2I_CRLD,0),	"V2I_CRLD"},
-{ERR_PACK(0,X509V3_F_V2I_EXT_KU,0),	"V2I_EXT_KU"},
-{ERR_PACK(0,X509V3_F_V2I_GENERAL_NAME,0),	"v2i_GENERAL_NAME"},
-{ERR_PACK(0,X509V3_F_V2I_GENERAL_NAMES,0),	"v2i_GENERAL_NAMES"},
-{ERR_PACK(0,X509V3_F_V2I_NAME_CONSTRAINTS,0),	"V2I_NAME_CONSTRAINTS"},
-{ERR_PACK(0,X509V3_F_V2I_POLICY_CONSTRAINTS,0),	"V2I_POLICY_CONSTRAINTS"},
-{ERR_PACK(0,X509V3_F_V2I_POLICY_MAPPINGS,0),	"V2I_POLICY_MAPPINGS"},
-{ERR_PACK(0,X509V3_F_V3_GENERIC_EXTENSION,0),	"V3_GENERIC_EXTENSION"},
-{ERR_PACK(0,X509V3_F_X509V3_ADD_I2D,0),	"X509V3_ADD_I2D"},
-{ERR_PACK(0,X509V3_F_X509V3_ADD_VALUE,0),	"X509V3_add_value"},
-{ERR_PACK(0,X509V3_F_X509V3_EXT_ADD,0),	"X509V3_EXT_add"},
-{ERR_PACK(0,X509V3_F_X509V3_EXT_ADD_ALIAS,0),	"X509V3_EXT_add_alias"},
-{ERR_PACK(0,X509V3_F_X509V3_EXT_CONF,0),	"X509V3_EXT_conf"},
-{ERR_PACK(0,X509V3_F_X509V3_EXT_I2D,0),	"X509V3_EXT_i2d"},
-{ERR_PACK(0,X509V3_F_X509V3_GET_SECTION,0),	"X509V3_get_section"},
-{ERR_PACK(0,X509V3_F_X509V3_GET_STRING,0),	"X509V3_get_string"},
-{ERR_PACK(0,X509V3_F_X509V3_GET_VALUE_BOOL,0),	"X509V3_get_value_bool"},
-{ERR_PACK(0,X509V3_F_X509V3_PARSE_LIST,0),	"X509V3_parse_list"},
-{ERR_PACK(0,X509V3_F_X509_PURPOSE_ADD,0),	"X509_PURPOSE_add"},
-{ERR_PACK(0,X509V3_F_X509_PURPOSE_SET,0),	"X509_PURPOSE_set"},
+{ERR_FUNC(X509V3_F_A2I_GENERAL_NAME),	"A2I_GENERAL_NAME"},
+{ERR_FUNC(X509V3_F_ASIDENTIFIERCHOICE_CANONIZE),	"ASIDENTIFIERCHOICE_CANONIZE"},
+{ERR_FUNC(X509V3_F_ASIDENTIFIERCHOICE_IS_CANONICAL),	"ASIDENTIFIERCHOICE_IS_CANONICAL"},
+{ERR_FUNC(X509V3_F_COPY_EMAIL),	"COPY_EMAIL"},
+{ERR_FUNC(X509V3_F_COPY_ISSUER),	"COPY_ISSUER"},
+{ERR_FUNC(X509V3_F_DO_DIRNAME),	"DO_DIRNAME"},
+{ERR_FUNC(X509V3_F_DO_EXT_CONF),	"DO_EXT_CONF"},
+{ERR_FUNC(X509V3_F_DO_EXT_I2D),	"DO_EXT_I2D"},
+{ERR_FUNC(X509V3_F_DO_EXT_NCONF),	"DO_EXT_NCONF"},
+{ERR_FUNC(X509V3_F_DO_I2V_NAME_CONSTRAINTS),	"DO_I2V_NAME_CONSTRAINTS"},
+{ERR_FUNC(X509V3_F_GNAMES_FROM_SECTNAME),	"GNAMES_FROM_SECTNAME"},
+{ERR_FUNC(X509V3_F_HEX_TO_STRING),	"hex_to_string"},
+{ERR_FUNC(X509V3_F_I2S_ASN1_ENUMERATED),	"i2s_ASN1_ENUMERATED"},
+{ERR_FUNC(X509V3_F_I2S_ASN1_IA5STRING),	"I2S_ASN1_IA5STRING"},
+{ERR_FUNC(X509V3_F_I2S_ASN1_INTEGER),	"i2s_ASN1_INTEGER"},
+{ERR_FUNC(X509V3_F_I2V_AUTHORITY_INFO_ACCESS),	"I2V_AUTHORITY_INFO_ACCESS"},
+{ERR_FUNC(X509V3_F_NOTICE_SECTION),	"NOTICE_SECTION"},
+{ERR_FUNC(X509V3_F_NREF_NOS),	"NREF_NOS"},
+{ERR_FUNC(X509V3_F_POLICY_SECTION),	"POLICY_SECTION"},
+{ERR_FUNC(X509V3_F_PROCESS_PCI_VALUE),	"PROCESS_PCI_VALUE"},
+{ERR_FUNC(X509V3_F_R2I_CERTPOL),	"R2I_CERTPOL"},
+{ERR_FUNC(X509V3_F_R2I_PCI),	"R2I_PCI"},
+{ERR_FUNC(X509V3_F_S2I_ASN1_IA5STRING),	"S2I_ASN1_IA5STRING"},
+{ERR_FUNC(X509V3_F_S2I_ASN1_INTEGER),	"s2i_ASN1_INTEGER"},
+{ERR_FUNC(X509V3_F_S2I_ASN1_OCTET_STRING),	"s2i_ASN1_OCTET_STRING"},
+{ERR_FUNC(X509V3_F_S2I_ASN1_SKEY_ID),	"S2I_ASN1_SKEY_ID"},
+{ERR_FUNC(X509V3_F_S2I_SKEY_ID),	"S2I_SKEY_ID"},
+{ERR_FUNC(X509V3_F_SET_DIST_POINT_NAME),	"SET_DIST_POINT_NAME"},
+{ERR_FUNC(X509V3_F_STRING_TO_HEX),	"string_to_hex"},
+{ERR_FUNC(X509V3_F_SXNET_ADD_ID_ASC),	"SXNET_add_id_asc"},
+{ERR_FUNC(X509V3_F_SXNET_ADD_ID_INTEGER),	"SXNET_add_id_INTEGER"},
+{ERR_FUNC(X509V3_F_SXNET_ADD_ID_ULONG),	"SXNET_add_id_ulong"},
+{ERR_FUNC(X509V3_F_SXNET_GET_ID_ASC),	"SXNET_get_id_asc"},
+{ERR_FUNC(X509V3_F_SXNET_GET_ID_ULONG),	"SXNET_get_id_ulong"},
+{ERR_FUNC(X509V3_F_V2I_ASIDENTIFIERS),	"V2I_ASIDENTIFIERS"},
+{ERR_FUNC(X509V3_F_V2I_ASN1_BIT_STRING),	"v2i_ASN1_BIT_STRING"},
+{ERR_FUNC(X509V3_F_V2I_AUTHORITY_INFO_ACCESS),	"V2I_AUTHORITY_INFO_ACCESS"},
+{ERR_FUNC(X509V3_F_V2I_AUTHORITY_KEYID),	"V2I_AUTHORITY_KEYID"},
+{ERR_FUNC(X509V3_F_V2I_BASIC_CONSTRAINTS),	"V2I_BASIC_CONSTRAINTS"},
+{ERR_FUNC(X509V3_F_V2I_CRLD),	"V2I_CRLD"},
+{ERR_FUNC(X509V3_F_V2I_EXTENDED_KEY_USAGE),	"V2I_EXTENDED_KEY_USAGE"},
+{ERR_FUNC(X509V3_F_V2I_GENERAL_NAMES),	"v2i_GENERAL_NAMES"},
+{ERR_FUNC(X509V3_F_V2I_GENERAL_NAME_EX),	"v2i_GENERAL_NAME_ex"},
+{ERR_FUNC(X509V3_F_V2I_IDP),	"V2I_IDP"},
+{ERR_FUNC(X509V3_F_V2I_IPADDRBLOCKS),	"V2I_IPADDRBLOCKS"},
+{ERR_FUNC(X509V3_F_V2I_ISSUER_ALT),	"V2I_ISSUER_ALT"},
+{ERR_FUNC(X509V3_F_V2I_NAME_CONSTRAINTS),	"V2I_NAME_CONSTRAINTS"},
+{ERR_FUNC(X509V3_F_V2I_POLICY_CONSTRAINTS),	"V2I_POLICY_CONSTRAINTS"},
+{ERR_FUNC(X509V3_F_V2I_POLICY_MAPPINGS),	"V2I_POLICY_MAPPINGS"},
+{ERR_FUNC(X509V3_F_V2I_SUBJECT_ALT),	"V2I_SUBJECT_ALT"},
+{ERR_FUNC(X509V3_F_V3_ADDR_VALIDATE_PATH_INTERNAL),	"V3_ADDR_VALIDATE_PATH_INTERNAL"},
+{ERR_FUNC(X509V3_F_V3_GENERIC_EXTENSION),	"V3_GENERIC_EXTENSION"},
+{ERR_FUNC(X509V3_F_X509V3_ADD1_I2D),	"X509V3_add1_i2d"},
+{ERR_FUNC(X509V3_F_X509V3_ADD_VALUE),	"X509V3_add_value"},
+{ERR_FUNC(X509V3_F_X509V3_EXT_ADD),	"X509V3_EXT_add"},
+{ERR_FUNC(X509V3_F_X509V3_EXT_ADD_ALIAS),	"X509V3_EXT_add_alias"},
+{ERR_FUNC(X509V3_F_X509V3_EXT_CONF),	"X509V3_EXT_conf"},
+{ERR_FUNC(X509V3_F_X509V3_EXT_I2D),	"X509V3_EXT_i2d"},
+{ERR_FUNC(X509V3_F_X509V3_EXT_NCONF),	"X509V3_EXT_nconf"},
+{ERR_FUNC(X509V3_F_X509V3_GET_SECTION),	"X509V3_get_section"},
+{ERR_FUNC(X509V3_F_X509V3_GET_STRING),	"X509V3_get_string"},
+{ERR_FUNC(X509V3_F_X509V3_GET_VALUE_BOOL),	"X509V3_get_value_bool"},
+{ERR_FUNC(X509V3_F_X509V3_PARSE_LIST),	"X509V3_parse_list"},
+{ERR_FUNC(X509V3_F_X509_PURPOSE_ADD),	"X509_PURPOSE_add"},
+{ERR_FUNC(X509V3_F_X509_PURPOSE_SET),	"X509_PURPOSE_set"},
 {0,NULL}
 	};
 
 static ERR_STRING_DATA X509V3_str_reasons[]=
 	{
-{X509V3_R_BAD_IP_ADDRESS                 ,"bad ip address"},
-{X509V3_R_BAD_OBJECT                     ,"bad object"},
-{X509V3_R_BN_DEC2BN_ERROR                ,"bn dec2bn error"},
-{X509V3_R_BN_TO_ASN1_INTEGER_ERROR       ,"bn to asn1 integer error"},
-{X509V3_R_DIRNAME_ERROR                  ,"dirname error"},
-{X509V3_R_DUPLICATE_ZONE_ID              ,"duplicate zone id"},
-{X509V3_R_ERROR_CONVERTING_ZONE          ,"error converting zone"},
-{X509V3_R_ERROR_CREATING_EXTENSION       ,"error creating extension"},
-{X509V3_R_ERROR_IN_EXTENSION             ,"error in extension"},
-{X509V3_R_EXPECTED_A_SECTION_NAME        ,"expected a section name"},
-{X509V3_R_EXTENSION_EXISTS               ,"extension exists"},
-{X509V3_R_EXTENSION_NAME_ERROR           ,"extension name error"},
-{X509V3_R_EXTENSION_NOT_FOUND            ,"extension not found"},
-{X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED,"extension setting not supported"},
-{X509V3_R_EXTENSION_VALUE_ERROR          ,"extension value error"},
-{X509V3_R_ILLEGAL_EMPTY_EXTENSION        ,"illegal empty extension"},
-{X509V3_R_ILLEGAL_HEX_DIGIT              ,"illegal hex digit"},
-{X509V3_R_INCORRECT_POLICY_SYNTAX_TAG    ,"incorrect policy syntax tag"},
-{X509V3_R_INVALID_BOOLEAN_STRING         ,"invalid boolean string"},
-{X509V3_R_INVALID_EXTENSION_STRING       ,"invalid extension string"},
-{X509V3_R_INVALID_NAME                   ,"invalid name"},
-{X509V3_R_INVALID_NULL_ARGUMENT          ,"invalid null argument"},
-{X509V3_R_INVALID_NULL_NAME              ,"invalid null name"},
-{X509V3_R_INVALID_NULL_VALUE             ,"invalid null value"},
-{X509V3_R_INVALID_NUMBER                 ,"invalid number"},
-{X509V3_R_INVALID_NUMBERS                ,"invalid numbers"},
-{X509V3_R_INVALID_OBJECT_IDENTIFIER      ,"invalid object identifier"},
-{X509V3_R_INVALID_OPTION                 ,"invalid option"},
-{X509V3_R_INVALID_POLICY_IDENTIFIER      ,"invalid policy identifier"},
-{X509V3_R_INVALID_PROXY_POLICY_SETTING   ,"invalid proxy policy setting"},
-{X509V3_R_INVALID_PURPOSE                ,"invalid purpose"},
-{X509V3_R_INVALID_SECTION                ,"invalid section"},
-{X509V3_R_INVALID_SYNTAX                 ,"invalid syntax"},
-{X509V3_R_ISSUER_DECODE_ERROR            ,"issuer decode error"},
-{X509V3_R_MISSING_VALUE                  ,"missing value"},
-{X509V3_R_NEED_ORGANIZATION_AND_NUMBERS  ,"need organization and numbers"},
-{X509V3_R_NO_CONFIG_DATABASE             ,"no config database"},
-{X509V3_R_NO_ISSUER_CERTIFICATE          ,"no issuer certificate"},
-{X509V3_R_NO_ISSUER_DETAILS              ,"no issuer details"},
-{X509V3_R_NO_POLICY_IDENTIFIER           ,"no policy identifier"},
-{X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED,"no proxy cert policy language defined"},
-{X509V3_R_NO_PUBLIC_KEY                  ,"no public key"},
-{X509V3_R_NO_SUBJECT_DETAILS             ,"no subject details"},
-{X509V3_R_ODD_NUMBER_OF_DIGITS           ,"odd number of digits"},
-{X509V3_R_OPERATION_NOT_DEFINED          ,"operation not defined"},
-{X509V3_R_OTHERNAME_ERROR                ,"othername error"},
-{X509V3_R_POLICY_LANGUAGE_ALREADTY_DEFINED,"policy language alreadty defined"},
-{X509V3_R_POLICY_PATH_LENGTH             ,"policy path length"},
-{X509V3_R_POLICY_PATH_LENGTH_ALREADTY_DEFINED,"policy path length alreadty defined"},
-{X509V3_R_POLICY_SYNTAX_NOT_CURRENTLY_SUPPORTED,"policy syntax not currently supported"},
-{X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY,"policy when proxy language requires no policy"},
-{X509V3_R_SECTION_NOT_FOUND              ,"section not found"},
-{X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS   ,"unable to get issuer details"},
-{X509V3_R_UNABLE_TO_GET_ISSUER_KEYID     ,"unable to get issuer keyid"},
-{X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT    ,"unknown bit string argument"},
-{X509V3_R_UNKNOWN_EXTENSION              ,"unknown extension"},
-{X509V3_R_UNKNOWN_EXTENSION_NAME         ,"unknown extension name"},
-{X509V3_R_UNKNOWN_OPTION                 ,"unknown option"},
-{X509V3_R_UNSUPPORTED_OPTION             ,"unsupported option"},
-{X509V3_R_USER_TOO_LONG                  ,"user too long"},
+{ERR_REASON(X509V3_R_BAD_IP_ADDRESS)     ,"bad ip address"},
+{ERR_REASON(X509V3_R_BAD_OBJECT)         ,"bad object"},
+{ERR_REASON(X509V3_R_BN_DEC2BN_ERROR)    ,"bn dec2bn error"},
+{ERR_REASON(X509V3_R_BN_TO_ASN1_INTEGER_ERROR),"bn to asn1 integer error"},
+{ERR_REASON(X509V3_R_DIRNAME_ERROR)      ,"dirname error"},
+{ERR_REASON(X509V3_R_DISTPOINT_ALREADY_SET),"distpoint already set"},
+{ERR_REASON(X509V3_R_DUPLICATE_ZONE_ID)  ,"duplicate zone id"},
+{ERR_REASON(X509V3_R_ERROR_CONVERTING_ZONE),"error converting zone"},
+{ERR_REASON(X509V3_R_ERROR_CREATING_EXTENSION),"error creating extension"},
+{ERR_REASON(X509V3_R_ERROR_IN_EXTENSION) ,"error in extension"},
+{ERR_REASON(X509V3_R_EXPECTED_A_SECTION_NAME),"expected a section name"},
+{ERR_REASON(X509V3_R_EXTENSION_EXISTS)   ,"extension exists"},
+{ERR_REASON(X509V3_R_EXTENSION_NAME_ERROR),"extension name error"},
+{ERR_REASON(X509V3_R_EXTENSION_NOT_FOUND),"extension not found"},
+{ERR_REASON(X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED),"extension setting not supported"},
+{ERR_REASON(X509V3_R_EXTENSION_VALUE_ERROR),"extension value error"},
+{ERR_REASON(X509V3_R_ILLEGAL_EMPTY_EXTENSION),"illegal empty extension"},
+{ERR_REASON(X509V3_R_ILLEGAL_HEX_DIGIT)  ,"illegal hex digit"},
+{ERR_REASON(X509V3_R_INCORRECT_POLICY_SYNTAX_TAG),"incorrect policy syntax tag"},
+{ERR_REASON(X509V3_R_INVALID_MULTIPLE_RDNS),"invalid multiple rdns"},
+{ERR_REASON(X509V3_R_INVALID_ASNUMBER)   ,"invalid asnumber"},
+{ERR_REASON(X509V3_R_INVALID_ASRANGE)    ,"invalid asrange"},
+{ERR_REASON(X509V3_R_INVALID_BOOLEAN_STRING),"invalid boolean string"},
+{ERR_REASON(X509V3_R_INVALID_EXTENSION_STRING),"invalid extension string"},
+{ERR_REASON(X509V3_R_INVALID_INHERITANCE),"invalid inheritance"},
+{ERR_REASON(X509V3_R_INVALID_IPADDRESS)  ,"invalid ipaddress"},
+{ERR_REASON(X509V3_R_INVALID_NAME)       ,"invalid name"},
+{ERR_REASON(X509V3_R_INVALID_NULL_ARGUMENT),"invalid null argument"},
+{ERR_REASON(X509V3_R_INVALID_NULL_NAME)  ,"invalid null name"},
+{ERR_REASON(X509V3_R_INVALID_NULL_VALUE) ,"invalid null value"},
+{ERR_REASON(X509V3_R_INVALID_NUMBER)     ,"invalid number"},
+{ERR_REASON(X509V3_R_INVALID_NUMBERS)    ,"invalid numbers"},
+{ERR_REASON(X509V3_R_INVALID_OBJECT_IDENTIFIER),"invalid object identifier"},
+{ERR_REASON(X509V3_R_INVALID_OPTION)     ,"invalid option"},
+{ERR_REASON(X509V3_R_INVALID_POLICY_IDENTIFIER),"invalid policy identifier"},
+{ERR_REASON(X509V3_R_INVALID_PROXY_POLICY_SETTING),"invalid proxy policy setting"},
+{ERR_REASON(X509V3_R_INVALID_PURPOSE)    ,"invalid purpose"},
+{ERR_REASON(X509V3_R_INVALID_SAFI)       ,"invalid safi"},
+{ERR_REASON(X509V3_R_INVALID_SECTION)    ,"invalid section"},
+{ERR_REASON(X509V3_R_INVALID_SYNTAX)     ,"invalid syntax"},
+{ERR_REASON(X509V3_R_ISSUER_DECODE_ERROR),"issuer decode error"},
+{ERR_REASON(X509V3_R_MISSING_VALUE)      ,"missing value"},
+{ERR_REASON(X509V3_R_NEED_ORGANIZATION_AND_NUMBERS),"need organization and numbers"},
+{ERR_REASON(X509V3_R_NO_CONFIG_DATABASE) ,"no config database"},
+{ERR_REASON(X509V3_R_NO_ISSUER_CERTIFICATE),"no issuer certificate"},
+{ERR_REASON(X509V3_R_NO_ISSUER_DETAILS)  ,"no issuer details"},
+{ERR_REASON(X509V3_R_NO_POLICY_IDENTIFIER),"no policy identifier"},
+{ERR_REASON(X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED),"no proxy cert policy language defined"},
+{ERR_REASON(X509V3_R_NO_PUBLIC_KEY)      ,"no public key"},
+{ERR_REASON(X509V3_R_NO_SUBJECT_DETAILS) ,"no subject details"},
+{ERR_REASON(X509V3_R_ODD_NUMBER_OF_DIGITS),"odd number of digits"},
+{ERR_REASON(X509V3_R_OPERATION_NOT_DEFINED),"operation not defined"},
+{ERR_REASON(X509V3_R_OTHERNAME_ERROR)    ,"othername error"},
+{ERR_REASON(X509V3_R_POLICY_LANGUAGE_ALREADY_DEFINED),"policy language already defined"},
+{ERR_REASON(X509V3_R_POLICY_PATH_LENGTH) ,"policy path length"},
+{ERR_REASON(X509V3_R_POLICY_PATH_LENGTH_ALREADY_DEFINED),"policy path length already defined"},
+{ERR_REASON(X509V3_R_POLICY_SYNTAX_NOT_CURRENTLY_SUPPORTED),"policy syntax not currently supported"},
+{ERR_REASON(X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY),"policy when proxy language requires no policy"},
+{ERR_REASON(X509V3_R_SECTION_NOT_FOUND)  ,"section not found"},
+{ERR_REASON(X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS),"unable to get issuer details"},
+{ERR_REASON(X509V3_R_UNABLE_TO_GET_ISSUER_KEYID),"unable to get issuer keyid"},
+{ERR_REASON(X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT),"unknown bit string argument"},
+{ERR_REASON(X509V3_R_UNKNOWN_EXTENSION)  ,"unknown extension"},
+{ERR_REASON(X509V3_R_UNKNOWN_EXTENSION_NAME),"unknown extension name"},
+{ERR_REASON(X509V3_R_UNKNOWN_OPTION)     ,"unknown option"},
+{ERR_REASON(X509V3_R_UNSUPPORTED_OPTION) ,"unsupported option"},
+{ERR_REASON(X509V3_R_UNSUPPORTED_TYPE)   ,"unsupported type"},
+{ERR_REASON(X509V3_R_USER_TOO_LONG)      ,"user too long"},
 {0,NULL}
 	};
 
@@ -189,15 +215,12 @@ static ERR_STRING_DATA X509V3_str_reasons[]=
 
 void ERR_load_X509V3_strings(void)
 	{
-	static int init=1;
-
-	if (init)
-		{
-		init=0;
 #ifndef OPENSSL_NO_ERR
-		ERR_load_strings(ERR_LIB_X509V3,X509V3_str_functs);
-		ERR_load_strings(ERR_LIB_X509V3,X509V3_str_reasons);
-#endif
 
+	if (ERR_func_error_string(X509V3_str_functs[0].error) == NULL)
+		{
+		ERR_load_strings(0,X509V3_str_functs);
+		ERR_load_strings(0,X509V3_str_reasons);
 		}
+#endif
 	}
diff --git a/crypto/x509v3/v3prin.c b/crypto/x509v3/v3prin.c
index b529814319..d5ff268296 100644
--- a/crypto/x509v3/v3prin.c
+++ b/crypto/x509v3/v3prin.c
@@ -1,5 +1,5 @@
 /* v3prin.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
 /* ====================================================================
diff --git a/crypto/x509v3/x509v3.h b/crypto/x509v3/x509v3.h
index 1f801eb25a..b308abe7cd 100644
--- a/crypto/x509v3/x509v3.h
+++ b/crypto/x509v3/x509v3.h
@@ -1,5 +1,5 @@
 /* x509v3.h */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
 /* ====================================================================
@@ -76,12 +76,19 @@ typedef void * (*X509V3_EXT_NEW)(void);
 typedef void (*X509V3_EXT_FREE)(void *);
 typedef void * (*X509V3_EXT_D2I)(void *, const unsigned char ** , long);
 typedef int (*X509V3_EXT_I2D)(void *, unsigned char **);
-typedef STACK_OF(CONF_VALUE) * (*X509V3_EXT_I2V)(struct v3_ext_method *method, void *ext, STACK_OF(CONF_VALUE) *extlist);
-typedef void * (*X509V3_EXT_V2I)(struct v3_ext_method *method, struct v3_ext_ctx *ctx, STACK_OF(CONF_VALUE) *values);
-typedef char * (*X509V3_EXT_I2S)(struct v3_ext_method *method, void *ext);
-typedef void * (*X509V3_EXT_S2I)(struct v3_ext_method *method, struct v3_ext_ctx *ctx, const char *str);
-typedef int (*X509V3_EXT_I2R)(struct v3_ext_method *method, void *ext, BIO *out, int indent);
-typedef void * (*X509V3_EXT_R2I)(struct v3_ext_method *method, struct v3_ext_ctx *ctx, const char *str);
+typedef STACK_OF(CONF_VALUE) *
+  (*X509V3_EXT_I2V)(const struct v3_ext_method *method, void *ext,
+		    STACK_OF(CONF_VALUE) *extlist);
+typedef void * (*X509V3_EXT_V2I)(const struct v3_ext_method *method,
+				 struct v3_ext_ctx *ctx,
+				 STACK_OF(CONF_VALUE) *values);
+typedef char * (*X509V3_EXT_I2S)(const struct v3_ext_method *method, void *ext);
+typedef void * (*X509V3_EXT_S2I)(const struct v3_ext_method *method,
+				 struct v3_ext_ctx *ctx, const char *str);
+typedef int (*X509V3_EXT_I2R)(const struct v3_ext_method *method, void *ext,
+			      BIO *out, int indent);
+typedef void * (*X509V3_EXT_R2I)(const struct v3_ext_method *method,
+				 struct v3_ext_ctx *ctx, const char *str);
 
 /* V3 extension structure */
 
@@ -220,24 +227,41 @@ union {
 	GENERAL_NAMES *fullname;
 	STACK_OF(X509_NAME_ENTRY) *relativename;
 } name;
+/* If relativename then this contains the full distribution point name */
+X509_NAME *dpname;
 } DIST_POINT_NAME;
-
-typedef struct DIST_POINT_st {
+/* All existing reasons */
+#define CRLDP_ALL_REASONS	0x807f
+
+#define CRL_REASON_NONE				-1
+#define CRL_REASON_UNSPECIFIED			0
+#define CRL_REASON_KEY_COMPROMISE		1
+#define CRL_REASON_CA_COMPROMISE		2
+#define CRL_REASON_AFFILIATION_CHANGED		3
+#define CRL_REASON_SUPERSEDED			4
+#define CRL_REASON_CESSATION_OF_OPERATION	5
+#define CRL_REASON_CERTIFICATE_HOLD		6
+#define CRL_REASON_REMOVE_FROM_CRL		8
+#define CRL_REASON_PRIVILEGE_WITHDRAWN		9
+#define CRL_REASON_AA_COMPROMISE		10
+
+struct DIST_POINT_st {
 DIST_POINT_NAME	*distpoint;
 ASN1_BIT_STRING *reasons;
 GENERAL_NAMES *CRLissuer;
-} DIST_POINT;
+int dp_reasons;
+};
 
 typedef STACK_OF(DIST_POINT) CRL_DIST_POINTS;
 
 DECLARE_STACK_OF(DIST_POINT)
 DECLARE_ASN1_SET_OF(DIST_POINT)
 
-typedef struct AUTHORITY_KEYID_st {
+struct AUTHORITY_KEYID_st {
 ASN1_OCTET_STRING *keyid;
 GENERAL_NAMES *issuer;
 ASN1_INTEGER *serial;
-} AUTHORITY_KEYID;
+};
 
 /* Strong extranet structures */
 
@@ -303,10 +327,10 @@ typedef struct GENERAL_SUBTREE_st {
 
 DECLARE_STACK_OF(GENERAL_SUBTREE)
 
-typedef struct NAME_CONSTRAINTS_st {
+struct NAME_CONSTRAINTS_st {
 	STACK_OF(GENERAL_SUBTREE) *permittedSubtrees;
 	STACK_OF(GENERAL_SUBTREE) *excludedSubtrees;
-} NAME_CONSTRAINTS;
+};
 
 typedef struct POLICY_CONSTRAINTS_st {
 	ASN1_INTEGER *requireExplicitPolicy;
@@ -329,6 +353,31 @@ typedef struct PROXY_CERT_INFO_EXTENSION_st
 DECLARE_ASN1_FUNCTIONS(PROXY_POLICY)
 DECLARE_ASN1_FUNCTIONS(PROXY_CERT_INFO_EXTENSION)
 
+struct ISSUING_DIST_POINT_st
+	{
+	DIST_POINT_NAME *distpoint;
+	int onlyuser;
+	int onlyCA;
+	ASN1_BIT_STRING *onlysomereasons;
+	int indirectCRL;
+	int onlyattr;
+	};
+
+/* Values in idp_flags field */
+/* IDP present */
+#define	IDP_PRESENT	0x1
+/* IDP values inconsistent */
+#define IDP_INVALID	0x2
+/* onlyuser true */
+#define	IDP_ONLYUSER	0x4
+/* onlyCA true */
+#define	IDP_ONLYCA	0x8
+/* onlyattr true */
+#define IDP_ONLYATTR	0x10
+/* indirectCRL true */
+#define IDP_INDIRECT	0x20
+/* onlysomereasons present */
+#define IDP_REASONS	0x40
 
 #define X509V3_conf_err(val) ERR_add_error_data(6, "section:", val->section, \
 ",name:", val->name, ",value:", val->value);
@@ -363,6 +412,8 @@ DECLARE_ASN1_FUNCTIONS(PROXY_CERT_INFO_EXTENSION)
 #define EXFLAG_NSCERT		0x8
 
 #define EXFLAG_CA		0x10
+/* Really self issued not necessarily self signed */
+#define EXFLAG_SI		0x20
 #define EXFLAG_SS		0x20
 #define EXFLAG_V1		0x40
 #define EXFLAG_INVALID		0x80
@@ -370,7 +421,8 @@ DECLARE_ASN1_FUNCTIONS(PROXY_CERT_INFO_EXTENSION)
 #define EXFLAG_CRITICAL		0x200
 #define EXFLAG_PROXY		0x400
 
-#define EXFLAG_INVALID_POLICY	0x400
+#define EXFLAG_INVALID_POLICY	0x800
+#define EXFLAG_FRESHEST		0x1000
 
 #define KU_DIGITAL_SIGNATURE	0x0080
 #define KU_NON_REPUDIATION	0x0040
@@ -422,9 +474,10 @@ typedef struct x509_purpose_st {
 #define X509_PURPOSE_CRL_SIGN		6
 #define X509_PURPOSE_ANY		7
 #define X509_PURPOSE_OCSP_HELPER	8
+#define X509_PURPOSE_TIMESTAMP_SIGN	9
 
 #define X509_PURPOSE_MIN		1
-#define X509_PURPOSE_MAX		8
+#define X509_PURPOSE_MAX		9
 
 /* Flags for X509V3_EXT_print() */
 
@@ -469,6 +522,9 @@ DECLARE_ASN1_FUNCTIONS(AUTHORITY_KEYID)
 DECLARE_ASN1_FUNCTIONS(PKEY_USAGE_PERIOD)
 
 DECLARE_ASN1_FUNCTIONS(GENERAL_NAME)
+GENERAL_NAME *GENERAL_NAME_dup(GENERAL_NAME *a);
+int GENERAL_NAME_cmp(GENERAL_NAME *a, GENERAL_NAME *b);
+
 
 
 ASN1_BIT_STRING *v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD *method,
@@ -484,11 +540,18 @@ DECLARE_ASN1_FUNCTIONS(GENERAL_NAMES)
 
 STACK_OF(CONF_VALUE) *i2v_GENERAL_NAMES(X509V3_EXT_METHOD *method,
 		GENERAL_NAMES *gen, STACK_OF(CONF_VALUE) *extlist);
-GENERAL_NAMES *v2i_GENERAL_NAMES(X509V3_EXT_METHOD *method,
-				X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
+GENERAL_NAMES *v2i_GENERAL_NAMES(const X509V3_EXT_METHOD *method,
+				 X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
 
 DECLARE_ASN1_FUNCTIONS(OTHERNAME)
 DECLARE_ASN1_FUNCTIONS(EDIPARTYNAME)
+int OTHERNAME_cmp(OTHERNAME *a, OTHERNAME *b);
+void GENERAL_NAME_set0_value(GENERAL_NAME *a, int type, void *value);
+void *GENERAL_NAME_get0_value(GENERAL_NAME *a, int *ptype);
+int GENERAL_NAME_set0_othername(GENERAL_NAME *gen,
+				ASN1_OBJECT *oid, ASN1_TYPE *value);
+int GENERAL_NAME_get0_otherName(GENERAL_NAME *gen, 
+				ASN1_OBJECT **poid, ASN1_TYPE **pvalue);
 
 char *i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, ASN1_OCTET_STRING *ia5);
 ASN1_OCTET_STRING *s2i_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str);
@@ -505,6 +568,11 @@ DECLARE_ASN1_FUNCTIONS(NOTICEREF)
 DECLARE_ASN1_FUNCTIONS(CRL_DIST_POINTS)
 DECLARE_ASN1_FUNCTIONS(DIST_POINT)
 DECLARE_ASN1_FUNCTIONS(DIST_POINT_NAME)
+DECLARE_ASN1_FUNCTIONS(ISSUING_DIST_POINT)
+
+int DIST_POINT_set_dpname(DIST_POINT_NAME *dpn, X509_NAME *iname);
+
+int NAME_CONSTRAINTS_check(X509 *x, NAME_CONSTRAINTS *nc);
 
 DECLARE_ASN1_FUNCTIONS(ACCESS_DESCRIPTION)
 DECLARE_ASN1_FUNCTIONS(AUTHORITY_INFO_ACCESS)
@@ -522,11 +590,16 @@ DECLARE_ASN1_ALLOC_FUNCTIONS(NAME_CONSTRAINTS)
 DECLARE_ASN1_ALLOC_FUNCTIONS(POLICY_CONSTRAINTS)
 DECLARE_ASN1_ITEM(POLICY_CONSTRAINTS)
 
+GENERAL_NAME *a2i_GENERAL_NAME(GENERAL_NAME *out,
+			       const X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
+			       int gen_type, char *value, int is_nc);
+
 #ifdef HEADER_CONF_H
-GENERAL_NAME *v2i_GENERAL_NAME(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
-							CONF_VALUE *cnf);
-GENERAL_NAME *v2i_GENERAL_NAME_ex(GENERAL_NAME *out, X509V3_EXT_METHOD *method,
-				X509V3_CTX *ctx, CONF_VALUE *cnf, int is_nc);
+GENERAL_NAME *v2i_GENERAL_NAME(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
+			       CONF_VALUE *cnf);
+GENERAL_NAME *v2i_GENERAL_NAME_ex(GENERAL_NAME *out,
+				  const X509V3_EXT_METHOD *method,
+				  X509V3_CTX *ctx, CONF_VALUE *cnf, int is_nc);
 void X509V3_conf_free(CONF_VALUE *val);
 
 X509_EXTENSION *X509V3_EXT_nconf_nid(CONF *conf, X509V3_CTX *ctx, int ext_nid, char *value);
@@ -536,18 +609,23 @@ int X509V3_EXT_add_nconf(CONF *conf, X509V3_CTX *ctx, char *section, X509 *cert)
 int X509V3_EXT_REQ_add_nconf(CONF *conf, X509V3_CTX *ctx, char *section, X509_REQ *req);
 int X509V3_EXT_CRL_add_nconf(CONF *conf, X509V3_CTX *ctx, char *section, X509_CRL *crl);
 
-X509_EXTENSION *X509V3_EXT_conf_nid(LHASH *conf, X509V3_CTX *ctx, int ext_nid, char *value);
-X509_EXTENSION *X509V3_EXT_conf(LHASH *conf, X509V3_CTX *ctx, char *name, char *value);
-int X509V3_EXT_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section, X509 *cert);
-int X509V3_EXT_REQ_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section, X509_REQ *req);
-int X509V3_EXT_CRL_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section, X509_CRL *crl);
+X509_EXTENSION *X509V3_EXT_conf_nid(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
+				    int ext_nid, char *value);
+X509_EXTENSION *X509V3_EXT_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
+				char *name, char *value);
+int X509V3_EXT_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
+			char *section, X509 *cert);
+int X509V3_EXT_REQ_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
+			    char *section, X509_REQ *req);
+int X509V3_EXT_CRL_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
+			    char *section, X509_CRL *crl);
 
 int X509V3_add_value_bool_nf(char *name, int asn1_bool,
-						STACK_OF(CONF_VALUE) **extlist);
+			     STACK_OF(CONF_VALUE) **extlist);
 int X509V3_get_value_bool(CONF_VALUE *value, int *asn1_bool);
 int X509V3_get_value_int(CONF_VALUE *value, ASN1_INTEGER **aint);
 void X509V3_set_nconf(X509V3_CTX *ctx, CONF *conf);
-void X509V3_set_conf_lhash(X509V3_CTX *ctx, LHASH *lhash);
+void X509V3_set_conf_lhash(X509V3_CTX *ctx, LHASH_OF(CONF_VALUE) *lhash);
 #endif
 
 char * X509V3_get_string(X509V3_CTX *ctx, char *name, char *section);
@@ -574,8 +652,8 @@ int X509V3_EXT_add_list(X509V3_EXT_METHOD *extlist);
 int X509V3_EXT_add_alias(int nid_to, int nid_from);
 void X509V3_EXT_cleanup(void);
 
-X509V3_EXT_METHOD *X509V3_EXT_get(X509_EXTENSION *ext);
-X509V3_EXT_METHOD *X509V3_EXT_get_nid(int nid);
+const X509V3_EXT_METHOD *X509V3_EXT_get(X509_EXTENSION *ext);
+const X509V3_EXT_METHOD *X509V3_EXT_get_nid(int nid);
 int X509V3_add_standard_extensions(void);
 STACK_OF(CONF_VALUE) *X509V3_parse_list(const char *line);
 void *X509V3_EXT_d2i(X509_EXTENSION *ext);
@@ -585,8 +663,8 @@ void *X509V3_get_d2i(STACK_OF(X509_EXTENSION) *x, int nid, int *crit, int *idx);
 X509_EXTENSION *X509V3_EXT_i2d(int ext_nid, int crit, void *ext_struc);
 int X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x, int nid, void *value, int crit, unsigned long flags);
 
-char *hex_to_string(unsigned char *buffer, long len);
-unsigned char *string_to_hex(char *str, long *len);
+char *hex_to_string(const unsigned char *buffer, long len);
+unsigned char *string_to_hex(const char *str, long *len);
 int name_cmp(const char *name, const char *cmp);
 
 void X509V3_EXT_val_prn(BIO *out, STACK_OF(CONF_VALUE) *val, int indent,
@@ -601,6 +679,7 @@ int X509_check_purpose(X509 *x, int id, int ca);
 int X509_supported_extension(X509_EXTENSION *ex);
 int X509_PURPOSE_set(int *p, int purpose);
 int X509_check_issued(X509 *issuer, X509 *subject);
+int X509_check_akid(X509 *issuer, AUTHORITY_KEYID *akid);
 int X509_PURPOSE_get_count(void);
 X509_PURPOSE * X509_PURPOSE_get0(int idx);
 int X509_PURPOSE_get_by_sname(char *sname);
@@ -614,16 +693,168 @@ int X509_PURPOSE_get_trust(X509_PURPOSE *xp);
 void X509_PURPOSE_cleanup(void);
 int X509_PURPOSE_get_id(X509_PURPOSE *);
 
-STACK *X509_get1_email(X509 *x);
-STACK *X509_REQ_get1_email(X509_REQ *x);
-void X509_email_free(STACK *sk);
+STACK_OF(OPENSSL_STRING) *X509_get1_email(X509 *x);
+STACK_OF(OPENSSL_STRING) *X509_REQ_get1_email(X509_REQ *x);
+void X509_email_free(STACK_OF(OPENSSL_STRING) *sk);
+STACK_OF(OPENSSL_STRING) *X509_get1_ocsp(X509 *x);
 
 ASN1_OCTET_STRING *a2i_IPADDRESS(const char *ipasc);
 ASN1_OCTET_STRING *a2i_IPADDRESS_NC(const char *ipasc);
+int a2i_ipadd(unsigned char *ipout, const char *ipasc);
 int X509V3_NAME_from_section(X509_NAME *nm, STACK_OF(CONF_VALUE)*dn_sk,
 						unsigned long chtype);
 
 void X509_POLICY_NODE_print(BIO *out, X509_POLICY_NODE *node, int indent);
+DECLARE_STACK_OF(X509_POLICY_NODE)
+
+#ifndef OPENSSL_NO_RFC3779
+
+typedef struct ASRange_st {
+  ASN1_INTEGER *min, *max;
+} ASRange;
+
+#define	ASIdOrRange_id		0
+#define	ASIdOrRange_range	1
+
+typedef struct ASIdOrRange_st {
+  int type;
+  union {
+    ASN1_INTEGER *id;
+    ASRange      *range;
+  } u;
+} ASIdOrRange;
+
+typedef STACK_OF(ASIdOrRange) ASIdOrRanges;
+DECLARE_STACK_OF(ASIdOrRange)
+
+#define	ASIdentifierChoice_inherit		0
+#define	ASIdentifierChoice_asIdsOrRanges	1
+
+typedef struct ASIdentifierChoice_st {
+  int type;
+  union {
+    ASN1_NULL    *inherit;
+    ASIdOrRanges *asIdsOrRanges;
+  } u;
+} ASIdentifierChoice;
+
+typedef struct ASIdentifiers_st {
+  ASIdentifierChoice *asnum, *rdi;
+} ASIdentifiers;
+
+DECLARE_ASN1_FUNCTIONS(ASRange)
+DECLARE_ASN1_FUNCTIONS(ASIdOrRange)
+DECLARE_ASN1_FUNCTIONS(ASIdentifierChoice)
+DECLARE_ASN1_FUNCTIONS(ASIdentifiers)
+
+
+typedef struct IPAddressRange_st {
+  ASN1_BIT_STRING	*min, *max;
+} IPAddressRange;
+
+#define	IPAddressOrRange_addressPrefix	0
+#define	IPAddressOrRange_addressRange	1
+
+typedef struct IPAddressOrRange_st {
+  int type;
+  union {
+    ASN1_BIT_STRING	*addressPrefix;
+    IPAddressRange	*addressRange;
+  } u;
+} IPAddressOrRange;
+
+typedef STACK_OF(IPAddressOrRange) IPAddressOrRanges;
+DECLARE_STACK_OF(IPAddressOrRange)
+
+#define	IPAddressChoice_inherit			0
+#define	IPAddressChoice_addressesOrRanges	1
+
+typedef struct IPAddressChoice_st {
+  int type;
+  union {
+    ASN1_NULL		*inherit;
+    IPAddressOrRanges	*addressesOrRanges;
+  } u;
+} IPAddressChoice;
+
+typedef struct IPAddressFamily_st {
+  ASN1_OCTET_STRING	*addressFamily;
+  IPAddressChoice	*ipAddressChoice;
+} IPAddressFamily;
+
+typedef STACK_OF(IPAddressFamily) IPAddrBlocks;
+DECLARE_STACK_OF(IPAddressFamily)
+
+DECLARE_ASN1_FUNCTIONS(IPAddressRange)
+DECLARE_ASN1_FUNCTIONS(IPAddressOrRange)
+DECLARE_ASN1_FUNCTIONS(IPAddressChoice)
+DECLARE_ASN1_FUNCTIONS(IPAddressFamily)
+
+/*
+ * API tag for elements of the ASIdentifer SEQUENCE.
+ */
+#define	V3_ASID_ASNUM	0
+#define	V3_ASID_RDI	1
+
+/*
+ * AFI values, assigned by IANA.  It'd be nice to make the AFI
+ * handling code totally generic, but there are too many little things
+ * that would need to be defined for other address families for it to
+ * be worth the trouble.
+ */
+#define	IANA_AFI_IPV4	1
+#define	IANA_AFI_IPV6	2
+
+/*
+ * Utilities to construct and extract values from RFC3779 extensions,
+ * since some of the encodings (particularly for IP address prefixes
+ * and ranges) are a bit tedious to work with directly.
+ */
+int v3_asid_add_inherit(ASIdentifiers *asid, int which);
+int v3_asid_add_id_or_range(ASIdentifiers *asid, int which,
+			    ASN1_INTEGER *min, ASN1_INTEGER *max);
+int v3_addr_add_inherit(IPAddrBlocks *addr,
+			const unsigned afi, const unsigned *safi);
+int v3_addr_add_prefix(IPAddrBlocks *addr,
+		       const unsigned afi, const unsigned *safi,
+		       unsigned char *a, const int prefixlen);
+int v3_addr_add_range(IPAddrBlocks *addr,
+		      const unsigned afi, const unsigned *safi,
+		      unsigned char *min, unsigned char *max);
+unsigned v3_addr_get_afi(const IPAddressFamily *f);
+int v3_addr_get_range(IPAddressOrRange *aor, const unsigned afi,
+		      unsigned char *min, unsigned char *max,
+		      const int length);
+
+/*
+ * Canonical forms.
+ */
+int v3_asid_is_canonical(ASIdentifiers *asid);
+int v3_addr_is_canonical(IPAddrBlocks *addr);
+int v3_asid_canonize(ASIdentifiers *asid);
+int v3_addr_canonize(IPAddrBlocks *addr);
+
+/*
+ * Tests for inheritance and containment.
+ */
+int v3_asid_inherits(ASIdentifiers *asid);
+int v3_addr_inherits(IPAddrBlocks *addr);
+int v3_asid_subset(ASIdentifiers *a, ASIdentifiers *b);
+int v3_addr_subset(IPAddrBlocks *a, IPAddrBlocks *b);
+
+/*
+ * Check whether RFC 3779 extensions nest properly in chains.
+ */
+int v3_asid_validate_path(X509_STORE_CTX *);
+int v3_addr_validate_path(X509_STORE_CTX *);
+int v3_asid_validate_resource_set(STACK_OF(X509) *chain,
+				  ASIdentifiers *ext,
+				  int allow_inheritance);
+int v3_addr_validate_resource_set(STACK_OF(X509) *chain,
+				  IPAddrBlocks *ext,
+				  int allow_inheritance);
+
+#endif /* OPENSSL_NO_RFC3779 */
 
 /* BEGIN ERROR CODES */
 /* The following lines are auto generated by the script mkerr.pl. Any changes
@@ -634,12 +865,17 @@ void ERR_load_X509V3_strings(void);
 /* Error codes for the X509V3 functions. */
 
 /* Function codes. */
+#define X509V3_F_A2I_GENERAL_NAME			 164
+#define X509V3_F_ASIDENTIFIERCHOICE_CANONIZE		 161
+#define X509V3_F_ASIDENTIFIERCHOICE_IS_CANONICAL	 162
 #define X509V3_F_COPY_EMAIL				 122
 #define X509V3_F_COPY_ISSUER				 123
 #define X509V3_F_DO_DIRNAME				 144
 #define X509V3_F_DO_EXT_CONF				 124
 #define X509V3_F_DO_EXT_I2D				 135
+#define X509V3_F_DO_EXT_NCONF				 151
 #define X509V3_F_DO_I2V_NAME_CONSTRAINTS		 148
+#define X509V3_F_GNAMES_FROM_SECTNAME			 156
 #define X509V3_F_HEX_TO_STRING				 111
 #define X509V3_F_I2S_ASN1_ENUMERATED			 121
 #define X509V3_F_I2S_ASN1_IA5STRING			 149
@@ -648,37 +884,46 @@ void ERR_load_X509V3_strings(void);
 #define X509V3_F_NOTICE_SECTION				 132
 #define X509V3_F_NREF_NOS				 133
 #define X509V3_F_POLICY_SECTION				 131
+#define X509V3_F_PROCESS_PCI_VALUE			 150
 #define X509V3_F_R2I_CERTPOL				 130
-#define X509V3_F_R2I_PCI				 149
+#define X509V3_F_R2I_PCI				 155
 #define X509V3_F_S2I_ASN1_IA5STRING			 100
 #define X509V3_F_S2I_ASN1_INTEGER			 108
 #define X509V3_F_S2I_ASN1_OCTET_STRING			 112
 #define X509V3_F_S2I_ASN1_SKEY_ID			 114
-#define X509V3_F_S2I_S2I_SKEY_ID			 115
+#define X509V3_F_S2I_SKEY_ID				 115
+#define X509V3_F_SET_DIST_POINT_NAME			 158
 #define X509V3_F_STRING_TO_HEX				 113
-#define X509V3_F_SXNET_ADD_ASC				 125
+#define X509V3_F_SXNET_ADD_ID_ASC			 125
 #define X509V3_F_SXNET_ADD_ID_INTEGER			 126
 #define X509V3_F_SXNET_ADD_ID_ULONG			 127
 #define X509V3_F_SXNET_GET_ID_ASC			 128
 #define X509V3_F_SXNET_GET_ID_ULONG			 129
-#define X509V3_F_V2I_ACCESS_DESCRIPTION			 139
+#define X509V3_F_V2I_ASIDENTIFIERS			 163
 #define X509V3_F_V2I_ASN1_BIT_STRING			 101
+#define X509V3_F_V2I_AUTHORITY_INFO_ACCESS		 139
 #define X509V3_F_V2I_AUTHORITY_KEYID			 119
 #define X509V3_F_V2I_BASIC_CONSTRAINTS			 102
 #define X509V3_F_V2I_CRLD				 134
-#define X509V3_F_V2I_EXT_KU				 103
-#define X509V3_F_V2I_GENERAL_NAME			 117
+#define X509V3_F_V2I_EXTENDED_KEY_USAGE			 103
 #define X509V3_F_V2I_GENERAL_NAMES			 118
+#define X509V3_F_V2I_GENERAL_NAME_EX			 117
+#define X509V3_F_V2I_IDP				 157
+#define X509V3_F_V2I_IPADDRBLOCKS			 159
+#define X509V3_F_V2I_ISSUER_ALT				 153
 #define X509V3_F_V2I_NAME_CONSTRAINTS			 147
 #define X509V3_F_V2I_POLICY_CONSTRAINTS			 146
 #define X509V3_F_V2I_POLICY_MAPPINGS			 145
+#define X509V3_F_V2I_SUBJECT_ALT			 154
+#define X509V3_F_V3_ADDR_VALIDATE_PATH_INTERNAL		 160
 #define X509V3_F_V3_GENERIC_EXTENSION			 116
-#define X509V3_F_X509V3_ADD_I2D				 140
+#define X509V3_F_X509V3_ADD1_I2D			 140
 #define X509V3_F_X509V3_ADD_VALUE			 105
 #define X509V3_F_X509V3_EXT_ADD				 104
 #define X509V3_F_X509V3_EXT_ADD_ALIAS			 106
 #define X509V3_F_X509V3_EXT_CONF			 107
 #define X509V3_F_X509V3_EXT_I2D				 136
+#define X509V3_F_X509V3_EXT_NCONF			 152
 #define X509V3_F_X509V3_GET_SECTION			 142
 #define X509V3_F_X509V3_GET_STRING			 143
 #define X509V3_F_X509V3_GET_VALUE_BOOL			 110
@@ -692,6 +937,7 @@ void ERR_load_X509V3_strings(void);
 #define X509V3_R_BN_DEC2BN_ERROR			 100
 #define X509V3_R_BN_TO_ASN1_INTEGER_ERROR		 101
 #define X509V3_R_DIRNAME_ERROR				 149
+#define X509V3_R_DISTPOINT_ALREADY_SET			 160
 #define X509V3_R_DUPLICATE_ZONE_ID			 133
 #define X509V3_R_ERROR_CONVERTING_ZONE			 131
 #define X509V3_R_ERROR_CREATING_EXTENSION		 144
@@ -705,8 +951,13 @@ void ERR_load_X509V3_strings(void);
 #define X509V3_R_ILLEGAL_EMPTY_EXTENSION		 151
 #define X509V3_R_ILLEGAL_HEX_DIGIT			 113
 #define X509V3_R_INCORRECT_POLICY_SYNTAX_TAG		 152
+#define X509V3_R_INVALID_MULTIPLE_RDNS			 161
+#define X509V3_R_INVALID_ASNUMBER			 162
+#define X509V3_R_INVALID_ASRANGE			 163
 #define X509V3_R_INVALID_BOOLEAN_STRING			 104
 #define X509V3_R_INVALID_EXTENSION_STRING		 105
+#define X509V3_R_INVALID_INHERITANCE			 165
+#define X509V3_R_INVALID_IPADDRESS			 166
 #define X509V3_R_INVALID_NAME				 106
 #define X509V3_R_INVALID_NULL_ARGUMENT			 107
 #define X509V3_R_INVALID_NULL_NAME			 108
@@ -718,6 +969,7 @@ void ERR_load_X509V3_strings(void);
 #define X509V3_R_INVALID_POLICY_IDENTIFIER		 134
 #define X509V3_R_INVALID_PROXY_POLICY_SETTING		 153
 #define X509V3_R_INVALID_PURPOSE			 146
+#define X509V3_R_INVALID_SAFI				 164
 #define X509V3_R_INVALID_SECTION			 135
 #define X509V3_R_INVALID_SYNTAX				 143
 #define X509V3_R_ISSUER_DECODE_ERROR			 126
@@ -733,9 +985,9 @@ void ERR_load_X509V3_strings(void);
 #define X509V3_R_ODD_NUMBER_OF_DIGITS			 112
 #define X509V3_R_OPERATION_NOT_DEFINED			 148
 #define X509V3_R_OTHERNAME_ERROR			 147
-#define X509V3_R_POLICY_LANGUAGE_ALREADTY_DEFINED	 155
+#define X509V3_R_POLICY_LANGUAGE_ALREADY_DEFINED	 155
 #define X509V3_R_POLICY_PATH_LENGTH			 156
-#define X509V3_R_POLICY_PATH_LENGTH_ALREADTY_DEFINED	 157
+#define X509V3_R_POLICY_PATH_LENGTH_ALREADY_DEFINED	 157
 #define X509V3_R_POLICY_SYNTAX_NOT_CURRENTLY_SUPPORTED	 158
 #define X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY 159
 #define X509V3_R_SECTION_NOT_FOUND			 150
@@ -746,6 +998,7 @@ void ERR_load_X509V3_strings(void);
 #define X509V3_R_UNKNOWN_EXTENSION_NAME			 130
 #define X509V3_R_UNKNOWN_OPTION				 120
 #define X509V3_R_UNSUPPORTED_OPTION			 117
+#define X509V3_R_UNSUPPORTED_TYPE			 167
 #define X509V3_R_USER_TOO_LONG				 132
 
 #ifdef  __cplusplus
diff --git a/crypto/x86_64cpuid.pl b/crypto/x86_64cpuid.pl
new file mode 100644
index 0000000000..a7f98b3fd3
--- /dev/null
+++ b/crypto/x86_64cpuid.pl
@@ -0,0 +1,231 @@
+#!/usr/bin/env perl
+
+$flavour = shift;
+$output  = shift;
+if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
+
+$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+open STDOUT,"| $^X ${dir}perlasm/x86_64-xlate.pl $flavour $output";
+
+if ($win64)	{ $arg1="%rcx"; $arg2="%rdx"; }
+else		{ $arg1="%rdi"; $arg2="%rsi"; }
+print<<___;
+.extern		OPENSSL_cpuid_setup
+.section	.init
+	call	OPENSSL_cpuid_setup
+
+.text
+
+.globl	OPENSSL_atomic_add
+.type	OPENSSL_atomic_add,\@abi-omnipotent
+.align	16
+OPENSSL_atomic_add:
+	movl	($arg1),%eax
+.Lspin:	leaq	($arg2,%rax),%r8
+	.byte	0xf0		# lock
+	cmpxchgl	%r8d,($arg1)
+	jne	.Lspin
+	movl	%r8d,%eax
+	.byte	0x48,0x98	# cltq/cdqe
+	ret
+.size	OPENSSL_atomic_add,.-OPENSSL_atomic_add
+
+.globl	OPENSSL_rdtsc
+.type	OPENSSL_rdtsc,\@abi-omnipotent
+.align	16
+OPENSSL_rdtsc:
+	rdtsc
+	shl	\$32,%rdx
+	or	%rdx,%rax
+	ret
+.size	OPENSSL_rdtsc,.-OPENSSL_rdtsc
+
+.globl	OPENSSL_ia32_cpuid
+.type	OPENSSL_ia32_cpuid,\@abi-omnipotent
+.align	16
+OPENSSL_ia32_cpuid:
+	mov	%rbx,%r8
+
+	xor	%eax,%eax
+	cpuid
+	mov	%eax,%r11d		# max value for standard query level
+
+	xor	%eax,%eax
+	cmp	\$0x756e6547,%ebx	# "Genu"
+	setne	%al
+	mov	%eax,%r9d
+	cmp	\$0x49656e69,%edx	# "ineI"
+	setne	%al
+	or	%eax,%r9d
+	cmp	\$0x6c65746e,%ecx	# "ntel"
+	setne	%al
+	or	%eax,%r9d		# 0 indicates Intel CPU
+	jz	.Lintel
+
+	cmp	\$0x68747541,%ebx	# "Auth"
+	setne	%al
+	mov	%eax,%r10d
+	cmp	\$0x69746E65,%edx	# "enti"
+	setne	%al
+	or	%eax,%r10d
+	cmp	\$0x444D4163,%ecx	# "cAMD"
+	setne	%al
+	or	%eax,%r10d		# 0 indicates AMD CPU
+	jnz	.Lintel
+
+	# AMD specific
+	mov	\$0x80000000,%eax
+	cpuid
+	cmp	\$0x80000008,%eax
+	jb	.Lintel
+
+	mov	\$0x80000008,%eax
+	cpuid
+	movzb	%cl,%r10		# number of cores - 1
+	inc	%r10			# number of cores
+
+	mov	\$1,%eax
+	cpuid
+	bt	\$28,%edx		# test hyper-threading bit
+	jnc	.Ldone
+	shr	\$16,%ebx		# number of logical processors
+	cmp	%r10b,%bl
+	ja	.Ldone
+	and	\$0xefffffff,%edx	# ~(1<<28)
+	jmp	.Ldone
+
+.Lintel:
+	cmp	\$4,%r11d
+	mov	\$-1,%r10d
+	jb	.Lnocacheinfo
+
+	mov	\$4,%eax
+	mov	\$0,%ecx		# query L1D
+	cpuid
+	mov	%eax,%r10d
+	shr	\$14,%r10d
+	and	\$0xfff,%r10d		# number of cores -1 per L1D
+
+.Lnocacheinfo:
+	mov	\$1,%eax
+	cpuid
+	cmp	\$0,%r9d
+	jne	.Lnotintel
+	or	\$0x00100000,%edx	# use reserved 20th bit to engage RC4_CHAR
+	and	\$15,%ah
+	cmp	\$15,%ah		# examine Family ID
+	je	.Lnotintel
+	or	\$0x40000000,%edx	# use reserved bit to skip unrolled loop
+.Lnotintel:
+	bt	\$28,%edx		# test hyper-threading bit
+	jnc	.Ldone
+	and	\$0xefffffff,%edx	# ~(1<<28)
+	cmp	\$0,%r10d
+	je	.Ldone
+
+	or	\$0x10000000,%edx	# 1<<28
+	shr	\$16,%ebx
+	cmp	\$1,%bl			# see if cache is shared
+	ja	.Ldone
+	and	\$0xefffffff,%edx	# ~(1<<28)
+.Ldone:
+	shl	\$32,%rcx
+	mov	%edx,%eax
+	mov	%r8,%rbx
+	or	%rcx,%rax
+	ret
+.size	OPENSSL_ia32_cpuid,.-OPENSSL_ia32_cpuid
+
+.globl  OPENSSL_cleanse
+.type   OPENSSL_cleanse,\@abi-omnipotent
+.align  16
+OPENSSL_cleanse:
+	xor	%rax,%rax
+	cmp	\$15,$arg2
+	jae	.Lot
+	cmp	\$0,$arg2
+	je	.Lret
+.Little:
+	mov	%al,($arg1)
+	sub	\$1,$arg2
+	lea	1($arg1),$arg1
+	jnz	.Little
+.Lret:	ret
+.align	16
+.Lot:
+	test	\$7,$arg1
+	jz	.Laligned
+	mov	%al,($arg1)
+	lea	-1($arg2),$arg2
+	lea	1($arg1),$arg1
+	jmp	.Lot
+.Laligned:
+	mov	%rax,($arg1)
+	lea	-8($arg2),$arg2
+	test	\$-8,$arg2
+	lea	8($arg1),$arg1
+	jnz	.Laligned
+	cmp	\$0,$arg2
+	jne	.Little
+	ret
+.size	OPENSSL_cleanse,.-OPENSSL_cleanse
+___
+
+print<<___ if (!$win64);
+.globl	OPENSSL_wipe_cpu
+.type	OPENSSL_wipe_cpu,\@abi-omnipotent
+.align	16
+OPENSSL_wipe_cpu:
+	pxor	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	pxor	%xmm2,%xmm2
+	pxor	%xmm3,%xmm3
+	pxor	%xmm4,%xmm4
+	pxor	%xmm5,%xmm5
+	pxor	%xmm6,%xmm6
+	pxor	%xmm7,%xmm7
+	pxor	%xmm8,%xmm8
+	pxor	%xmm9,%xmm9
+	pxor	%xmm10,%xmm10
+	pxor	%xmm11,%xmm11
+	pxor	%xmm12,%xmm12
+	pxor	%xmm13,%xmm13
+	pxor	%xmm14,%xmm14
+	pxor	%xmm15,%xmm15
+	xorq	%rcx,%rcx
+	xorq	%rdx,%rdx
+	xorq	%rsi,%rsi
+	xorq	%rdi,%rdi
+	xorq	%r8,%r8
+	xorq	%r9,%r9
+	xorq	%r10,%r10
+	xorq	%r11,%r11
+	leaq	8(%rsp),%rax
+	ret
+.size	OPENSSL_wipe_cpu,.-OPENSSL_wipe_cpu
+___
+print<<___ if ($win64);
+.globl	OPENSSL_wipe_cpu
+.type	OPENSSL_wipe_cpu,\@abi-omnipotent
+.align	16
+OPENSSL_wipe_cpu:
+	pxor	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	pxor	%xmm2,%xmm2
+	pxor	%xmm3,%xmm3
+	pxor	%xmm4,%xmm4
+	pxor	%xmm5,%xmm5
+	xorq	%rcx,%rcx
+	xorq	%rdx,%rdx
+	xorq	%r8,%r8
+	xorq	%r9,%r9
+	xorq	%r10,%r10
+	xorq	%r11,%r11
+	leaq	8(%rsp),%rax
+	ret
+.size	OPENSSL_wipe_cpu,.-OPENSSL_wipe_cpu
+___
+
+close STDOUT;	# flush
diff --git a/crypto/x86cpuid.pl b/crypto/x86cpuid.pl
index 894c49c0a3..a7464af19b 100644
--- a/crypto/x86cpuid.pl
+++ b/crypto/x86cpuid.pl
@@ -1,10 +1,13 @@
 #!/usr/bin/env perl
 
-push(@INC,"perlasm");
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+push(@INC, "${dir}perlasm", "perlasm");
 require "x86asm.pl";
 
 &asm_init($ARGV[0],"x86cpuid");
 
+for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); }
+
 &function_begin("OPENSSL_ia32_cpuid");
 	&xor	("edx","edx");
 	&pushf	();
@@ -17,10 +20,90 @@ require "x86asm.pl";
 	&pop	("eax");
 	&xor	("ecx","eax");
 	&bt	("ecx",21);
-	&jnc	(&label("nocpuid"));
+	&jnc	(&label("done"));
+	&xor	("eax","eax");
+	&cpuid	();
+	&mov	("edi","eax");		# max value for standard query level
+
+	&xor	("eax","eax");
+	&cmp	("ebx",0x756e6547);	# "Genu"
+	&setne	(&LB("eax"));
+	&mov	("ebp","eax");
+	&cmp	("edx",0x49656e69);	# "ineI"
+	&setne	(&LB("eax"));
+	&or	("ebp","eax");
+	&cmp	("ecx",0x6c65746e);	# "ntel"
+	&setne	(&LB("eax"));
+	&or	("ebp","eax");		# 0 indicates Intel CPU
+	&jz	(&label("intel"));
+
+	&cmp	("ebx",0x68747541);	# "Auth"
+	&setne	(&LB("eax"));
+	&mov	("esi","eax");
+	&cmp	("edx",0x69746E65);	# "enti"
+	&setne	(&LB("eax"));
+	&or	("esi","eax");
+	&cmp	("ecx",0x444D4163);	# "cAMD"
+	&setne	(&LB("eax"));
+	&or	("esi","eax");		# 0 indicates AMD CPU
+	&jnz	(&label("intel"));
+
+	# AMD specific
+	&mov	("eax",0x80000000);
+	&cpuid	();
+	&cmp	("eax",0x80000008);
+	&jb	(&label("intel"));
+
+	&mov	("eax",0x80000008);
+	&cpuid	();
+	&movz	("esi",&LB("ecx"));	# number of cores - 1
+	&inc	("esi");		# number of cores
+
 	&mov	("eax",1);
 	&cpuid	();
-&set_label("nocpuid");
+	&bt	("edx",28);
+	&jnc	(&label("done"));
+	&shr	("ebx",16);
+	&and	("ebx",0xff);
+	&cmp	("ebx","esi");
+	&ja	(&label("done"));
+	&and	("edx",0xefffffff);	# clear hyper-threading bit
+	&jmp	(&label("done"));
+	
+&set_label("intel");
+	&cmp	("edi",4);
+	&mov	("edi",-1);
+	&jb	(&label("nocacheinfo"));
+
+	&mov	("eax",4);
+	&mov	("ecx",0);		# query L1D
+	&cpuid	();
+	&mov	("edi","eax");
+	&shr	("edi",14);
+	&and	("edi",0xfff);		# number of cores -1 per L1D
+
+&set_label("nocacheinfo");
+	&mov	("eax",1);
+	&cpuid	();
+	&cmp	("ebp",0);
+	&jne	(&label("notP4"));
+	&and	(&HB("eax"),15);	# familiy ID
+	&cmp	(&HB("eax"),15);	# P4?
+	&jne	(&label("notP4"));
+	&or	("edx",1<<20);		# use reserved bit to engage RC4_CHAR
+&set_label("notP4");
+	&bt	("edx",28);		# test hyper-threading bit
+	&jnc	(&label("done"));
+	&and	("edx",0xefffffff);
+	&cmp	("edi",0);
+	&je	(&label("done"));
+
+	&or	("edx",0x10000000);
+	&shr	("ebx",16);
+	&cmp	(&LB("ebx"),1);
+	&ja	(&label("done"));
+	&and	("edx",0xefffffff);	# clear hyper-threading bit if not
+&set_label("done");
 	&mov	("eax","edx");
 	&mov	("edx","ecx");
 &function_end("OPENSSL_ia32_cpuid");
@@ -72,6 +155,158 @@ require "x86asm.pl";
 	&ret	();
 &function_end_B("OPENSSL_instrument_halt");
 
+# Essentially there is only one use for this function. Under DJGPP:
+#
+#	#include <go32.h>
+#	...
+#	i=OPENSSL_far_spin(_dos_ds,0x46c);
+#	...
+# to obtain the number of spins till closest timer interrupt.
+
+&function_begin_B("OPENSSL_far_spin");
+	&pushf	();
+	&pop	("eax")
+	&bt	("eax",9);
+	&jnc	(&label("nospin"));	# interrupts are disabled
+
+	&mov	("eax",&DWP(4,"esp"));
+	&mov	("ecx",&DWP(8,"esp"));
+	&data_word (0x90d88e1e);	# push %ds, mov %eax,%ds
+	&xor	("eax","eax");
+	&mov	("edx",&DWP(0,"ecx"));
+	&jmp	(&label("spin"));
+
+	&align	(16);
+&set_label("spin");
+	&inc	("eax");
+	&cmp	("edx",&DWP(0,"ecx"));
+	&je	(&label("spin"));
+
+	&data_word (0x1f909090);	# pop	%ds
+	&ret	();
+
+&set_label("nospin");
+	&xor	("eax","eax");
+	&xor	("edx","edx");
+	&ret	();
+&function_end_B("OPENSSL_far_spin");
+
+&function_begin_B("OPENSSL_wipe_cpu","EXTRN\t_OPENSSL_ia32cap_P:DWORD");
+	&xor	("eax","eax");
+	&xor	("edx","edx");
+	&picmeup("ecx","OPENSSL_ia32cap_P");
+	&mov	("ecx",&DWP(0,"ecx"));
+	&bt	(&DWP(0,"ecx"),1);
+	&jnc	(&label("no_x87"));
+	if ($sse2) {
+		&bt	(&DWP(0,"ecx"),26);
+		&jnc	(&label("no_sse2"));
+		&pxor	("xmm0","xmm0");
+		&pxor	("xmm1","xmm1");
+		&pxor	("xmm2","xmm2");
+		&pxor	("xmm3","xmm3");
+		&pxor	("xmm4","xmm4");
+		&pxor	("xmm5","xmm5");
+		&pxor	("xmm6","xmm6");
+		&pxor	("xmm7","xmm7");
+	&set_label("no_sse2");
+	}
+	# just a bunch of fldz to zap the fp/mm bank followed by finit...
+	&data_word(0xeed9eed9,0xeed9eed9,0xeed9eed9,0xeed9eed9,0x90e3db9b);
+&set_label("no_x87");
+	&lea	("eax",&DWP(4,"esp"));
+	&ret	();
+&function_end_B("OPENSSL_wipe_cpu");
+
+&function_begin_B("OPENSSL_atomic_add");
+	&mov	("edx",&DWP(4,"esp"));	# fetch the pointer, 1st arg
+	&mov	("ecx",&DWP(8,"esp"));	# fetch the increment, 2nd arg
+	&push	("ebx");
+	&nop	();
+	&mov	("eax",&DWP(0,"edx"));
+&set_label("spin");
+	&lea	("ebx",&DWP(0,"eax","ecx"));
+	&nop	();
+	&data_word(0x1ab10ff0);	# lock;	cmpxchg	%ebx,(%edx)	# %eax is envolved and is always reloaded
+	&jne	(&label("spin"));
+	&mov	("eax","ebx");	# OpenSSL expects the new value
+	&pop	("ebx");
+	&ret	();
+&function_end_B("OPENSSL_atomic_add");
+
+# This function can become handy under Win32 in situations when
+# we don't know which calling convention, __stdcall or __cdecl(*),
+# indirect callee is using. In C it can be deployed as
+#
+#ifdef OPENSSL_CPUID_OBJ
+#	type OPENSSL_indirect_call(void *f,...);
+#	...
+#	OPENSSL_indirect_call(func,[up to $max arguments]);
+#endif
+#
+# (*)	it's designed to work even for __fastcall if number of
+#	arguments is 1 or 2!
+&function_begin_B("OPENSSL_indirect_call");
+	{
+	my $i,$max=7;		# $max has to be chosen as 4*n-1
+				# in order to preserve eventual
+				# stack alignment
+	&push	("ebp");
+	&mov	("ebp","esp");
+	&sub	("esp",$max*4);
+	&mov	("ecx",&DWP(12,"ebp"));
+	&mov	(&DWP(0,"esp"),"ecx");
+	&mov	("edx",&DWP(16,"ebp"));
+	&mov	(&DWP(4,"esp"),"edx");
+	for($i=2;$i<$max;$i++)
+		{
+		# Some copies will be redundant/bogus...
+		&mov	("eax",&DWP(12+$i*4,"ebp"));
+		&mov	(&DWP(0+$i*4,"esp"),"eax");
+		}
+	&call_ptr	(&DWP(8,"ebp"));# make the call...
+	&mov	("esp","ebp");	# ... and just restore the stack pointer
+				# without paying attention to what we called,
+				# (__cdecl *func) or (__stdcall *one).
+	&pop	("ebp");
+	&ret	();
+	}
+&function_end_B("OPENSSL_indirect_call");
+
+&function_begin_B("OPENSSL_cleanse");
+	&mov	("edx",&wparam(0));
+	&mov	("ecx",&wparam(1));
+	&xor	("eax","eax");
+	&cmp	("ecx",7);
+	&jae	(&label("lot"));
+	&cmp	("ecx",0);
+	&je	(&label("ret"));
+&set_label("little");
+	&mov	(&BP(0,"edx"),"al");
+	&sub	("ecx",1);
+	&lea	("edx",&DWP(1,"edx"));
+	&jnz	(&label("little"));
+&set_label("ret");
+	&ret	();
+
+&set_label("lot",16);
+	&test	("edx",3);
+	&jz	(&label("aligned"));
+	&mov	(&BP(0,"edx"),"al");
+	&lea	("ecx",&DWP(-1,"ecx"));
+	&lea	("edx",&DWP(1,"edx"));
+	&jmp	(&label("lot"));
+&set_label("aligned");
+	&mov	(&DWP(0,"edx"),"eax");
+	&lea	("ecx",&DWP(-4,"ecx"));
+	&test	("ecx",-4);
+	&lea	("edx",&DWP(4,"edx"));
+	&jnz	(&label("aligned"));
+	&cmp	("ecx",0);
+	&jne	(&label("little"));
+	&ret	();
+&function_end_B("OPENSSL_cleanse");
+
 &initseg("OPENSSL_cpuid_setup");
 
 &asm_finish();
diff --git a/demos/asn1/ocsp.c b/demos/asn1/ocsp.c
index 0199fe1004..e89f1f72a6 100644
--- a/demos/asn1/ocsp.c
+++ b/demos/asn1/ocsp.c
@@ -1,5 +1,5 @@
 /* ocsp.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2000.
  */
 /* ====================================================================
diff --git a/demos/cms/cacert.pem b/demos/cms/cacert.pem
new file mode 100644
index 0000000000..75cbb347aa
--- /dev/null
+++ b/demos/cms/cacert.pem
@@ -0,0 +1,18 @@
+-----BEGIN CERTIFICATE-----
+MIIC6DCCAlGgAwIBAgIJAMfGO3rdo2uUMA0GCSqGSIb3DQEBBAUAMFcxCzAJBgNV
+BAYTAlVLMRIwEAYDVQQHEwlUZXN0IENpdHkxFjAUBgNVBAoTDU9wZW5TU0wgR3Jv
+dXAxHDAaBgNVBAMTE1Rlc3QgUy9NSU1FIFJvb3QgQ0EwHhcNMDcwNDEzMTc0MzE3
+WhcNMTcwNDEwMTc0MzE3WjBXMQswCQYDVQQGEwJVSzESMBAGA1UEBxMJVGVzdCBD
+aXR5MRYwFAYDVQQKEw1PcGVuU1NMIEdyb3VwMRwwGgYDVQQDExNUZXN0IFMvTUlN
+RSBSb290IENBMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCqJMal1uC1/1wz
+i5+dE4EZF2im3BgROm5PVMbwPY9V1t+KYvtdc3rMcRgJaMbP+qaEcDXoIsZfYXGR
+ielgfDNZmZcj1y/FOum+Jc2OZMs3ggPmjIQ3dbBECq0hZKcbz7wfr+2OeNWm46iT
+jcSIXpGIRhUYEzOgv7zb8oOU70IbbwIDAQABo4G7MIG4MB0GA1UdDgQWBBRHUypx
+CXFQYqewhGo72lWPQUsjoDCBiAYDVR0jBIGAMH6AFEdTKnEJcVBip7CEajvaVY9B
+SyOgoVukWTBXMQswCQYDVQQGEwJVSzESMBAGA1UEBxMJVGVzdCBDaXR5MRYwFAYD
+VQQKEw1PcGVuU1NMIEdyb3VwMRwwGgYDVQQDExNUZXN0IFMvTUlNRSBSb290IENB
+ggkAx8Y7et2ja5QwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQQFAAOBgQANI+Yc
+G/YDM1WMUGEzEkU9UhsIUqdyBebnK3+OyxZSouDcE/M10jFJzBf/F5b0uUGAKWwo
+u0dzmILfKjdfWe8EyCRafZcm00rVcO09i/63FBYzlHbmfUATIqZdhKzxxQMPs5mF
+1je+pHUpzIY8TSXyh/uD9IkAy04IHwGZQf9akw==
+-----END CERTIFICATE-----
diff --git a/demos/cms/cakey.pem b/demos/cms/cakey.pem
new file mode 100644
index 0000000000..3b53c5e817
--- /dev/null
+++ b/demos/cms/cakey.pem
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXgIBAAKBgQCqJMal1uC1/1wzi5+dE4EZF2im3BgROm5PVMbwPY9V1t+KYvtd
+c3rMcRgJaMbP+qaEcDXoIsZfYXGRielgfDNZmZcj1y/FOum+Jc2OZMs3ggPmjIQ3
+dbBECq0hZKcbz7wfr+2OeNWm46iTjcSIXpGIRhUYEzOgv7zb8oOU70IbbwIDAQAB
+AoGBAKWOZ2UTc1BkjDjz0XoscmAR8Rj77MdGzfOPkIxPultSW+3yZpkGNyUbnsH5
+HAtf4Avai/m3bMN+s91kDpx9/g/I9ZEHPQLcDICETvwt/EHT7+hwvaQgsM+TgpMs
+tjlGZOWent6wVIuvwwzqOMXZLgK9FvY7upwgtrys4G3Kab5hAkEA2QzFflWyEvKS
+rMSaVtn/IjFilwa7H0IdakkjM34z4peerFTPBr4J47YD4RCR/dAvxyNy3zUxtH18
+9R6dUixI6QJBAMitJD0xOkbGWBX8KVJvRiKOIdf/95ZUAgN/h3bWKy57EB9NYj3u
+jbxXcvdjfSqiITykkjAg7SG7nrlzJsu6CpcCQG6gVsy0auXDY0TRlASuaZ6I40Is
+uRUOgqWYj2uAaHuWYdZeB4LdO3cnX0TISFDAWom6JKNlnmbrCtR4fSDT13kCQQCU
++VQJyV3F5MDHsWbLt6eNR46AV5lpk/vatPXPlrZ/zwPs+PmRmGLICvNiDA2DdNDP
+wCx2Zjsj67CtY3rNitMJAkEAm09BQnjnbBXUb1rd2SjNDWTsu80Z+zLu8pAwXNhW
+8nsvMYqlYMIxuMPwu/QuTnMRhMZ08uhqoD3ukZnBeoMEVg==
+-----END RSA PRIVATE KEY-----
diff --git a/demos/cms/cms_comp.c b/demos/cms/cms_comp.c
new file mode 100644
index 0000000000..b7943e813b
--- /dev/null
+++ b/demos/cms/cms_comp.c
@@ -0,0 +1,61 @@
+/* Simple S/MIME compress example */
+#include <openssl/pem.h>
+#include <openssl/cms.h>
+#include <openssl/err.h>
+
+int main(int argc, char **argv)
+	{
+	BIO *in = NULL, *out = NULL;
+	CMS_ContentInfo *cms = NULL;
+	int ret = 1;
+
+	/*
+	 * On OpenSSL 0.9.9 only:
+	 * for streaming set CMS_STREAM
+	 */
+	int flags = CMS_STREAM;
+
+	OpenSSL_add_all_algorithms();
+	ERR_load_crypto_strings();
+
+	/* Open content being compressed */
+
+	in = BIO_new_file("comp.txt", "r");
+
+	if (!in)
+		goto err;
+
+	/* compress content */
+	cms = CMS_compress(in, NID_zlib_compression, flags);
+
+	if (!cms)
+		goto err;
+
+	out = BIO_new_file("smcomp.txt", "w");
+	if (!out)
+		goto err;
+
+	/* Write out S/MIME message */
+	if (!SMIME_write_CMS(out, cms, in, flags))
+		goto err;
+
+	ret = 0;
+
+	err:
+
+	if (ret)
+		{
+		fprintf(stderr, "Error Compressing Data\n");
+		ERR_print_errors_fp(stderr);
+		}
+
+	if (cms)
+		CMS_ContentInfo_free(cms);
+	if (in)
+		BIO_free(in);
+	if (out)
+		BIO_free(out);
+
+	return ret;
+
+	}
diff --git a/demos/cms/cms_ddec.c b/demos/cms/cms_ddec.c
new file mode 100644
index 0000000000..ba68cfdf76
--- /dev/null
+++ b/demos/cms/cms_ddec.c
@@ -0,0 +1,89 @@
+/* S/MIME detached data decrypt example: rarely done but
+ * should the need arise this is an example....
+ */
+#include <openssl/pem.h>
+#include <openssl/cms.h>
+#include <openssl/err.h>
+
+int main(int argc, char **argv)
+	{
+	BIO *in = NULL, *out = NULL, *tbio = NULL, *dcont = NULL;
+	X509 *rcert = NULL;
+	EVP_PKEY *rkey = NULL;
+	CMS_ContentInfo *cms = NULL;
+	int ret = 1;
+
+	OpenSSL_add_all_algorithms();
+	ERR_load_crypto_strings();
+
+	/* Read in recipient certificate and private key */
+	tbio = BIO_new_file("signer.pem", "r");
+
+	if (!tbio)
+		goto err;
+
+	rcert = PEM_read_bio_X509(tbio, NULL, 0, NULL);
+
+	BIO_reset(tbio);
+
+	rkey = PEM_read_bio_PrivateKey(tbio, NULL, 0, NULL);
+
+	if (!rcert || !rkey)
+		goto err;
+
+	/* Open PEM file containing enveloped data */
+
+	in = BIO_new_file("smencr.pem", "r");
+
+	if (!in)
+		goto err;
+
+	/* Parse PEM content */
+	cms = PEM_read_bio_CMS(in, NULL, 0, NULL);
+
+	if (!cms)
+		goto err;
+
+	/* Open file containing detached content */
+	dcont = BIO_new_file("smencr.out", "rb");
+
+	if (!in)
+		goto err;
+
+	out = BIO_new_file("encrout.txt", "w");
+	if (!out)
+		goto err;
+
+	/* Decrypt S/MIME message */
+	if (!CMS_decrypt(cms, rkey, rcert, dcont, out, 0))
+		goto err;
+
+	ret = 0;
+
+	err:
+
+	if (ret)
+		{
+		fprintf(stderr, "Error Decrypting Data\n");
+		ERR_print_errors_fp(stderr);
+		}
+
+	if (cms)
+		CMS_ContentInfo_free(cms);
+	if (rcert)
+		X509_free(rcert);
+	if (rkey)
+		EVP_PKEY_free(rkey);
+
+	if (in)
+		BIO_free(in);
+	if (out)
+		BIO_free(out);
+	if (tbio)
+		BIO_free(tbio);
+	if (dcont)
+		BIO_free(dcont);
+
+	return ret;
+
+	}
diff --git a/demos/cms/cms_dec.c b/demos/cms/cms_dec.c
new file mode 100644
index 0000000000..7ddf653269
--- /dev/null
+++ b/demos/cms/cms_dec.c
@@ -0,0 +1,79 @@
+/* Simple S/MIME decryption example */
+#include <openssl/pem.h>
+#include <openssl/cms.h>
+#include <openssl/err.h>
+
+int main(int argc, char **argv)
+	{
+	BIO *in = NULL, *out = NULL, *tbio = NULL;
+	X509 *rcert = NULL;
+	EVP_PKEY *rkey = NULL;
+	CMS_ContentInfo *cms = NULL;
+	int ret = 1;
+
+	OpenSSL_add_all_algorithms();
+	ERR_load_crypto_strings();
+
+	/* Read in recipient certificate and private key */
+	tbio = BIO_new_file("signer.pem", "r");
+
+	if (!tbio)
+		goto err;
+
+	rcert = PEM_read_bio_X509(tbio, NULL, 0, NULL);
+
+	BIO_reset(tbio);
+
+	rkey = PEM_read_bio_PrivateKey(tbio, NULL, 0, NULL);
+
+	if (!rcert || !rkey)
+		goto err;
+
+	/* Open S/MIME message to decrypt */
+
+	in = BIO_new_file("smencr.txt", "r");
+
+	if (!in)
+		goto err;
+
+	/* Parse message */
+	cms = SMIME_read_CMS(in, NULL);
+
+	if (!cms)
+		goto err;
+
+	out = BIO_new_file("decout.txt", "w");
+	if (!out)
+		goto err;
+
+	/* Decrypt S/MIME message */
+	if (!CMS_decrypt(cms, rkey, rcert, out, NULL, 0))
+		goto err;
+
+	ret = 0;
+
+	err:
+
+	if (ret)
+		{
+		fprintf(stderr, "Error Decrypting Data\n");
+		ERR_print_errors_fp(stderr);
+		}
+
+	if (cms)
+		CMS_ContentInfo_free(cms);
+	if (rcert)
+		X509_free(rcert);
+	if (rkey)
+		EVP_PKEY_free(rkey);
+
+	if (in)
+		BIO_free(in);
+	if (out)
+		BIO_free(out);
+	if (tbio)
+		BIO_free(tbio);
+
+	return ret;
+
+	}
diff --git a/demos/cms/cms_denc.c b/demos/cms/cms_denc.c
new file mode 100644
index 0000000000..9265e47bf9
--- /dev/null
+++ b/demos/cms/cms_denc.c
@@ -0,0 +1,97 @@
+/* S/MIME detached data encrypt example: rarely done but
+ * should the need arise this is an example....
+ */
+#include <openssl/pem.h>
+#include <openssl/cms.h>
+#include <openssl/err.h>
+
+int main(int argc, char **argv)
+	{
+	BIO *in = NULL, *out = NULL, *tbio = NULL, *dout = NULL;
+	X509 *rcert = NULL;
+	STACK_OF(X509) *recips = NULL;
+	CMS_ContentInfo *cms = NULL;
+	int ret = 1;
+
+	int flags = CMS_STREAM|CMS_DETACHED;
+
+	OpenSSL_add_all_algorithms();
+	ERR_load_crypto_strings();
+
+	/* Read in recipient certificate */
+	tbio = BIO_new_file("signer.pem", "r");
+
+	if (!tbio)
+		goto err;
+
+	rcert = PEM_read_bio_X509(tbio, NULL, 0, NULL);
+
+	if (!rcert)
+		goto err;
+
+	/* Create recipient STACK and add recipient cert to it */
+	recips = sk_X509_new_null();
+
+	if (!recips || !sk_X509_push(recips, rcert))
+		goto err;
+
+	/* sk_X509_pop_free will free up recipient STACK and its contents
+	 * so set rcert to NULL so it isn't freed up twice.
+	 */
+	rcert = NULL;
+
+	/* Open content being encrypted */
+
+	in = BIO_new_file("encr.txt", "r");
+
+	dout = BIO_new_file("smencr.out", "wb");
+
+	if (!in)
+		goto err;
+
+	/* encrypt content */
+	cms = CMS_encrypt(recips, in, EVP_des_ede3_cbc(), flags);
+
+	if (!cms)
+		goto err;
+
+	out = BIO_new_file("smencr.pem", "w");
+	if (!out)
+		goto err;
+
+	if (!CMS_final(cms, in, dout, flags))
+		goto err;
+
+	/* Write out CMS structure without content */
+	if (!PEM_write_bio_CMS(out, cms))
+		goto err;
+
+	ret = 0;
+
+	err:
+
+	if (ret)
+		{
+		fprintf(stderr, "Error Encrypting Data\n");
+		ERR_print_errors_fp(stderr);
+		}
+
+	if (cms)
+		CMS_ContentInfo_free(cms);
+	if (rcert)
+		X509_free(rcert);
+	if (recips)
+		sk_X509_pop_free(recips, X509_free);
+
+	if (in)
+		BIO_free(in);
+	if (out)
+		BIO_free(out);
+	if (dout)
+		BIO_free(dout);
+	if (tbio)
+		BIO_free(tbio);
+
+	return ret;
+
+	}
diff --git a/demos/cms/cms_enc.c b/demos/cms/cms_enc.c
new file mode 100644
index 0000000000..916b479d3c
--- /dev/null
+++ b/demos/cms/cms_enc.c
@@ -0,0 +1,92 @@
+/* Simple S/MIME encrypt example */
+#include <openssl/pem.h>
+#include <openssl/cms.h>
+#include <openssl/err.h>
+
+int main(int argc, char **argv)
+	{
+	BIO *in = NULL, *out = NULL, *tbio = NULL;
+	X509 *rcert = NULL;
+	STACK_OF(X509) *recips = NULL;
+	CMS_ContentInfo *cms = NULL;
+	int ret = 1;
+
+	/*
+	 * On OpenSSL 1.0.0 and later only:
+	 * for streaming set CMS_STREAM
+	 */
+	int flags = CMS_STREAM;
+
+	OpenSSL_add_all_algorithms();
+	ERR_load_crypto_strings();
+
+	/* Read in recipient certificate */
+	tbio = BIO_new_file("signer.pem", "r");
+
+	if (!tbio)
+		goto err;
+
+	rcert = PEM_read_bio_X509(tbio, NULL, 0, NULL);
+
+	if (!rcert)
+		goto err;
+
+	/* Create recipient STACK and add recipient cert to it */
+	recips = sk_X509_new_null();
+
+	if (!recips || !sk_X509_push(recips, rcert))
+		goto err;
+
+	/* sk_X509_pop_free will free up recipient STACK and its contents
+	 * so set rcert to NULL so it isn't freed up twice.
+	 */
+	rcert = NULL;
+
+	/* Open content being encrypted */
+
+	in = BIO_new_file("encr.txt", "r");
+
+	if (!in)
+		goto err;
+
+	/* encrypt content */
+	cms = CMS_encrypt(recips, in, EVP_des_ede3_cbc(), flags);
+
+	if (!cms)
+		goto err;
+
+	out = BIO_new_file("smencr.txt", "w");
+	if (!out)
+		goto err;
+
+	/* Write out S/MIME message */
+	if (!SMIME_write_CMS(out, cms, in, flags))
+		goto err;
+
+	ret = 0;
+
+	err:
+
+	if (ret)
+		{
+		fprintf(stderr, "Error Encrypting Data\n");
+		ERR_print_errors_fp(stderr);
+		}
+
+	if (cms)
+		CMS_ContentInfo_free(cms);
+	if (rcert)
+		X509_free(rcert);
+	if (recips)
+		sk_X509_pop_free(recips, X509_free);
+
+	if (in)
+		BIO_free(in);
+	if (out)
+		BIO_free(out);
+	if (tbio)
+		BIO_free(tbio);
+
+	return ret;
+
+	}
diff --git a/demos/cms/cms_sign.c b/demos/cms/cms_sign.c
new file mode 100644
index 0000000000..42f762034b
--- /dev/null
+++ b/demos/cms/cms_sign.c
@@ -0,0 +1,89 @@
+/* Simple S/MIME signing example */
+#include <openssl/pem.h>
+#include <openssl/cms.h>
+#include <openssl/err.h>
+
+int main(int argc, char **argv)
+	{
+	BIO *in = NULL, *out = NULL, *tbio = NULL;
+	X509 *scert = NULL;
+	EVP_PKEY *skey = NULL;
+	CMS_ContentInfo *cms = NULL;
+	int ret = 1;
+
+	/* For simple S/MIME signing use CMS_DETACHED.
+	 * On OpenSSL 0.9.9 only:
+	 * for streaming detached set CMS_DETACHED|CMS_STREAM
+	 * for streaming non-detached set CMS_STREAM
+	 */
+	int flags = CMS_DETACHED|CMS_STREAM;
+
+	OpenSSL_add_all_algorithms();
+	ERR_load_crypto_strings();
+
+	/* Read in signer certificate and private key */
+	tbio = BIO_new_file("signer.pem", "r");
+
+	if (!tbio)
+		goto err;
+
+	scert = PEM_read_bio_X509(tbio, NULL, 0, NULL);
+
+	BIO_reset(tbio);
+
+	skey = PEM_read_bio_PrivateKey(tbio, NULL, 0, NULL);
+
+	if (!scert || !skey)
+		goto err;
+
+	/* Open content being signed */
+
+	in = BIO_new_file("sign.txt", "r");
+
+	if (!in)
+		goto err;
+
+	/* Sign content */
+	cms = CMS_sign(scert, skey, NULL, in, flags);
+
+	if (!cms)
+		goto err;
+
+	out = BIO_new_file("smout.txt", "w");
+	if (!out)
+		goto err;
+
+	if (!(flags & CMS_STREAM))
+		BIO_reset(in);
+
+	/* Write out S/MIME message */
+	if (!SMIME_write_CMS(out, cms, in, flags))
+		goto err;
+
+	ret = 0;
+
+	err:
+
+	if (ret)
+		{
+		fprintf(stderr, "Error Signing Data\n");
+		ERR_print_errors_fp(stderr);
+		}
+
+	if (cms)
+		CMS_ContentInfo_free(cms);
+	if (scert)
+		X509_free(scert);
+	if (skey)
+		EVP_PKEY_free(skey);
+
+	if (in)
+		BIO_free(in);
+	if (out)
+		BIO_free(out);
+	if (tbio)
+		BIO_free(tbio);
+
+	return ret;
+
+	}
diff --git a/demos/cms/cms_sign2.c b/demos/cms/cms_sign2.c
new file mode 100644
index 0000000000..36adee7304
--- /dev/null
+++ b/demos/cms/cms_sign2.c
@@ -0,0 +1,103 @@
+/* S/MIME signing example: 2 signers */
+#include <openssl/pem.h>
+#include <openssl/cms.h>
+#include <openssl/err.h>
+
+int main(int argc, char **argv)
+	{
+	BIO *in = NULL, *out = NULL, *tbio = NULL;
+	X509 *scert = NULL, *scert2 = NULL;
+	EVP_PKEY *skey = NULL, *skey2 = NULL;
+	CMS_ContentInfo *cms = NULL;
+	int ret = 1;
+
+	OpenSSL_add_all_algorithms();
+	ERR_load_crypto_strings();
+
+	tbio = BIO_new_file("signer.pem", "r");
+
+	if (!tbio)
+		goto err;
+
+	scert = PEM_read_bio_X509(tbio, NULL, 0, NULL);
+
+	BIO_reset(tbio);
+
+	skey = PEM_read_bio_PrivateKey(tbio, NULL, 0, NULL);
+
+	BIO_free(tbio);
+
+	tbio = BIO_new_file("signer2.pem", "r");
+
+	if (!tbio)
+		goto err;
+
+	scert2 = PEM_read_bio_X509(tbio, NULL, 0, NULL);
+
+	BIO_reset(tbio);
+
+	skey2 = PEM_read_bio_PrivateKey(tbio, NULL, 0, NULL);
+
+	if (!scert2 || !skey2)
+		goto err;
+
+	in = BIO_new_file("sign.txt", "r");
+
+	if (!in)
+		goto err;
+
+	cms = CMS_sign(NULL, NULL, NULL, in, CMS_STREAM|CMS_PARTIAL);
+
+	if (!cms)
+		goto err;
+
+	/* Add each signer in turn */
+
+	if (!CMS_add1_signer(cms, scert, skey, NULL, 0))
+		goto err;
+
+	if (!CMS_add1_signer(cms, scert2, skey2, NULL, 0))
+		goto err;
+
+	out = BIO_new_file("smout.txt", "w");
+	if (!out)
+		goto err;
+
+	/* NB: content included and finalized by SMIME_write_CMS */
+
+	if (!SMIME_write_CMS(out, cms, in, CMS_STREAM))
+		goto err;
+
+	ret = 0;
+
+	err:
+
+	if (ret)
+		{
+		fprintf(stderr, "Error Signing Data\n");
+		ERR_print_errors_fp(stderr);
+		}
+
+	if (cms)
+		CMS_ContentInfo_free(cms);
+
+	if (scert)
+		X509_free(scert);
+	if (skey)
+		EVP_PKEY_free(skey);
+
+	if (scert2)
+		X509_free(scert2);
+	if (skey)
+		EVP_PKEY_free(skey2);
+
+	if (in)
+		BIO_free(in);
+	if (out)
+		BIO_free(out);
+	if (tbio)
+		BIO_free(tbio);
+
+	return ret;
+
+	}
diff --git a/demos/cms/cms_uncomp.c b/demos/cms/cms_uncomp.c
new file mode 100644
index 0000000000..f15ae2f132
--- /dev/null
+++ b/demos/cms/cms_uncomp.c
@@ -0,0 +1,56 @@
+/* Simple S/MIME uncompression example */
+#include <openssl/pem.h>
+#include <openssl/cms.h>
+#include <openssl/err.h>
+
+int main(int argc, char **argv)
+	{
+	BIO *in = NULL, *out = NULL;
+	CMS_ContentInfo *cms = NULL;
+	int ret = 1;
+
+	OpenSSL_add_all_algorithms();
+	ERR_load_crypto_strings();
+
+	/* Open compressed content */
+
+	in = BIO_new_file("smcomp.txt", "r");
+
+	if (!in)
+		goto err;
+
+	/* Sign content */
+	cms = SMIME_read_CMS(in, NULL);
+
+	if (!cms)
+		goto err;
+
+	out = BIO_new_file("smuncomp.txt", "w");
+	if (!out)
+		goto err;
+
+	/* Uncompress S/MIME message */
+	if (!CMS_uncompress(cms, out, NULL, 0))
+		goto err;
+
+	ret = 0;
+
+	err:
+
+	if (ret)
+		{
+		fprintf(stderr, "Error Uncompressing Data\n");
+		ERR_print_errors_fp(stderr);
+		}
+
+	if (cms)
+		CMS_ContentInfo_free(cms);
+
+	if (in)
+		BIO_free(in);
+	if (out)
+		BIO_free(out);
+
+	return ret;
+
+	}
diff --git a/demos/cms/cms_ver.c b/demos/cms/cms_ver.c
new file mode 100644
index 0000000000..bf1145ed8b
--- /dev/null
+++ b/demos/cms/cms_ver.c
@@ -0,0 +1,87 @@
+/* Simple S/MIME verification example */
+#include <openssl/pem.h>
+#include <openssl/cms.h>
+#include <openssl/err.h>
+
+int main(int argc, char **argv)
+	{
+	BIO *in = NULL, *out = NULL, *tbio = NULL, *cont = NULL;
+	X509_STORE *st = NULL;
+	X509 *cacert = NULL;
+	CMS_ContentInfo *cms = NULL;
+
+	int ret = 1;
+
+	OpenSSL_add_all_algorithms();
+	ERR_load_crypto_strings();
+
+	/* Set up trusted CA certificate store */
+
+	st = X509_STORE_new();
+
+	/* Read in CA certificate */
+	tbio = BIO_new_file("cacert.pem", "r");
+
+	if (!tbio)
+		goto err;
+
+	cacert = PEM_read_bio_X509(tbio, NULL, 0, NULL);
+
+	if (!cacert)
+		goto err;
+
+	if (!X509_STORE_add_cert(st, cacert))
+		goto err;
+
+	/* Open message being verified */
+
+	in = BIO_new_file("smout.txt", "r");
+
+	if (!in)
+		goto err;
+
+	/* parse message */
+	cms = SMIME_read_CMS(in, &cont);
+
+	if (!cms)
+		goto err;
+
+	/* File to output verified content to */
+	out = BIO_new_file("smver.txt", "w");
+	if (!out)
+		goto err;
+
+	if (!CMS_verify(cms, NULL, st, cont, out, 0))
+		{
+		fprintf(stderr, "Verification Failure\n");
+		goto err;
+		}
+
+	fprintf(stderr, "Verification Successful\n");
+
+	ret = 0;
+
+	err:
+
+	if (ret)
+		{
+		fprintf(stderr, "Error Verifying Data\n");
+		ERR_print_errors_fp(stderr);
+		}
+
+	if (cms)
+		CMS_ContentInfo_free(cms);
+
+	if (cacert)
+		X509_free(cacert);
+
+	if (in)
+		BIO_free(in);
+	if (out)
+		BIO_free(out);
+	if (tbio)
+		BIO_free(tbio);
+
+	return ret;
+
+	}
diff --git a/demos/cms/comp.txt b/demos/cms/comp.txt
new file mode 100644
index 0000000000..1672328e77
--- /dev/null
+++ b/demos/cms/comp.txt
@@ -0,0 +1,22 @@
+Content-type: text/plain
+
+Some Text To be Compressed
+Some Text To be Compressed
+Some Text To be Compressed
+Some Text To be Compressed
+Some Text To be Compressed
+Some Text To be Compressed
+Some Text To be Compressed
+Some Text To be Compressed
+Some Text To be Compressed
+Some Text To be Compressed
+Some Text To be Compressed
+Some Text To be Compressed
+Some Text To be Compressed
+Some Text To be Compressed
+Some Text To be Compressed
+Some Text To be Compressed
+Some Text To be Compressed
+Some Text To be Compressed
+Some Text To be Compressed
+Some Text To be Compressed
diff --git a/demos/cms/encr.txt b/demos/cms/encr.txt
new file mode 100644
index 0000000000..0eceb407b5
--- /dev/null
+++ b/demos/cms/encr.txt
@@ -0,0 +1,3 @@
+Content-type: text/plain
+
+Sample OpenSSL Data for CMS encryption
diff --git a/demos/cms/sign.txt b/demos/cms/sign.txt
new file mode 100644
index 0000000000..c3f9d73d65
--- /dev/null
+++ b/demos/cms/sign.txt
@@ -0,0 +1,3 @@
+Content-type: text/plain
+
+Test OpenSSL CMS Signed Content
diff --git a/demos/cms/signer.pem b/demos/cms/signer.pem
new file mode 100644
index 0000000000..bac16ba963
--- /dev/null
+++ b/demos/cms/signer.pem
@@ -0,0 +1,32 @@
+-----BEGIN CERTIFICATE-----
+MIICpjCCAg+gAwIBAgIJAJ+rfmEoLQRhMA0GCSqGSIb3DQEBBAUAMFcxCzAJBgNV
+BAYTAlVLMRIwEAYDVQQHEwlUZXN0IENpdHkxFjAUBgNVBAoTDU9wZW5TU0wgR3Jv
+dXAxHDAaBgNVBAMTE1Rlc3QgUy9NSU1FIFJvb3QgQ0EwHhcNMDcwNDEzMTgyOTI3
+WhcNMTcwNDA5MTgyOTI3WjBWMQswCQYDVQQGEwJVSzElMCMGA1UEAxMcT3BlblNT
+TCB0ZXN0IFMvTUlNRSBzaWduZXIgMTEgMB4GCSqGSIb3DQEJARYRdGVzdDFAb3Bl
+bnNzbC5vcmcwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAL1ocAQ7ON2pIUXz
+jwKPzpPB9ozB6PFG6F6kARO+i0DiT6Qn8abUjwpHPU+lGys83QlpbkQVUD6Fv/4L
+ytihk6N9Pr/feECVcSZ20dI43WXjfYak14dSVrZkGNMMXqKmnnqtkAdD0oJN7A7y
+gcf8RuViV0kvk9/36eCMwMHrImfhAgMBAAGjezB5MAkGA1UdEwQCMAAwLAYJYIZI
+AYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQW
+BBSyKqjvctIsFNBHULBTqr8SHtSxpDAfBgNVHSMEGDAWgBRHUypxCXFQYqewhGo7
+2lWPQUsjoDANBgkqhkiG9w0BAQQFAAOBgQBvdYVoBfd4RV/xWSMXIcgw/i5OiwyX
+MsenQePll51MpglfArd7pUipUalCqlJt/Gs8kD16Ih1z1yuWYVTMlnDZ0PwbIOYn
++Jr8XLF9b1SMJt6PwckZZ0LZdIi2KwGAxVsIW1kjJAqu9o4YH37XW37yYdQRxfvv
+lDiQlgX0JtmLgA==
+-----END CERTIFICATE-----
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQC9aHAEOzjdqSFF848Cj86TwfaMwejxRuhepAETvotA4k+kJ/Gm
+1I8KRz1PpRsrPN0JaW5EFVA+hb/+C8rYoZOjfT6/33hAlXEmdtHSON1l432GpNeH
+Ula2ZBjTDF6ipp56rZAHQ9KCTewO8oHH/EblYldJL5Pf9+ngjMDB6yJn4QIDAQAB
+AoGACCuYIWaYll80UzslYRvo8lC8nOfEb5v6bBKxBTQD98GLY+5hKywiG3RlPalG
+mb/fXQeSPReaRYgpdwD1OBEIOEMW9kLyqpzokC0xjpZ+MwsuJTlxCesk5GEsMa3o
+wC3QMmiRA7qrZ/SzTtwrs++9mZ/pxp8JZ6pKYUj8SE7/vV0CQQDz8Ix2t40E16hx
+04+XhClnGqydZJyLLSxcTU3ZVhYxL+efo/5hZ8tKpkcDi8wq6T03BOKrKxrlIW55
+qDRNM24rAkEAxsWzu/rJhIouQyNoYygEIEYzFRlTQyZSg59u6dNiewMn27dOAbyc
+YT7B6da7e74QttTXo0lIllsX2S38+XsIIwJBANSRuIU3G66tkr5l4gnhhAaxqtuY
+sgVhvvdL8dvC9aG1Ifzt9hzBSthpHxbK+oYmK07HdhI8hLpIMLHYzoK7n3MCQEy4
+4rccBcxyyYiAkjozp+QNNIpgTBMPJ6pGT7lRLiHtBeV4y1NASdv/LTnk+Fi69Bid
+7t3H24ytfHcHmS1yn6ECQF6Jmh4C7dlvp59zXp+t+VsXxa/8sq41vKNIj0Rx9vh5
+xp9XL0C5ZpgmBnsTydP9pmkiL4ltLbMX0wJU6N2cmFw=
+-----END RSA PRIVATE KEY-----
diff --git a/demos/cms/signer2.pem b/demos/cms/signer2.pem
new file mode 100644
index 0000000000..25e23d131a
--- /dev/null
+++ b/demos/cms/signer2.pem
@@ -0,0 +1,32 @@
+-----BEGIN CERTIFICATE-----
+MIICpjCCAg+gAwIBAgIJAJ+rfmEoLQRiMA0GCSqGSIb3DQEBBAUAMFcxCzAJBgNV
+BAYTAlVLMRIwEAYDVQQHEwlUZXN0IENpdHkxFjAUBgNVBAoTDU9wZW5TU0wgR3Jv
+dXAxHDAaBgNVBAMTE1Rlc3QgUy9NSU1FIFJvb3QgQ0EwHhcNMDcwNDEzMTgyOTQ0
+WhcNMTcwNDA5MTgyOTQ0WjBWMQswCQYDVQQGEwJVSzElMCMGA1UEAxMcT3BlblNT
+TCB0ZXN0IFMvTUlNRSBzaWduZXIgMjEgMB4GCSqGSIb3DQEJARYRdGVzdDJAb3Bl
+bnNzbC5vcmcwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANco7VPgX9vcGwmZ
+jYqjq1JiR7M38dsMNhuJyLRVjJ5/cpFluQydQuG1PhzOJ8zfYVFicOXKvbYuKuXW
+ozZIwzqEqWsNf36KHTLS6yOMG8I13cRInh+fAIKq9Z8Eh65I7FJzVsNsfEQrGfEW
+GMA8us24IaSvP3QkbfHJn/4RaKznAgMBAAGjezB5MAkGA1UdEwQCMAAwLAYJYIZI
+AYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQW
+BBRlrLQJUB8uAa4q8B2OqvvTXonF5zAfBgNVHSMEGDAWgBRHUypxCXFQYqewhGo7
+2lWPQUsjoDANBgkqhkiG9w0BAQQFAAOBgQBQbi2juGALg2k9m1hKpzR2lCGmGO3X
+h3Jh/l0vIxDr0RTgP2vBrtITlx655P/o1snoeTIpYG8uUnFnTE/6YakdayAIlxV4
+aZl63AivZMpQB5SPaPH/jEsGJ8UQMfdiy4ORWIULupuPKlKwODNw7tVhQIACS/DR
+2aX6rl2JEuJ5Yg==
+-----END CERTIFICATE-----
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQDXKO1T4F/b3BsJmY2Ko6tSYkezN/HbDDYbici0VYyef3KRZbkM
+nULhtT4czifM32FRYnDlyr22Lirl1qM2SMM6hKlrDX9+ih0y0usjjBvCNd3ESJ4f
+nwCCqvWfBIeuSOxSc1bDbHxEKxnxFhjAPLrNuCGkrz90JG3xyZ/+EWis5wIDAQAB
+AoGAUTB2bcIrKfGimjrBOGGOUmYXnD8uGnQ/LqENhU8K4vxApTD3ZRUqmbUknQYF
+6r8YH/e/llasw8QkF9qod+F5GTgsnyh/aMidFHKrXXbf1662scz9+S6crSXq9Eb2
+CL57f6Kw61k6edrz8zHdA+rnTK00hzgzKCP4ZL5k8/55ueECQQD+BK+nsKi6CcKf
+m3Mh61Sf2Icm5JlMCKaihlbnh78lBN1imYUAfHJEnQ1ujxXB94R+6o9S+XrWTnTX
+2m/JNIfpAkEA2NaidX7Sv5jnRPkwJ02Srl0urxINLmg4bU0zmM3VoMklYBHWnMyr
+upPZGPh5TzCa+g6FTBmU8XK61wvnEKNcTwJBAM24VdnlBIDGbsx8RJ3vzLU30xz4
+ff5J80okqjUQhwkgC3tTAZgHMTPITZyAXQqdvrxakoCMc6MkHxTBX08AMCECQHHL
+SdyxXrYv7waSY0PtANJCkpJLveEhzqMFxdMmCjtj9BpTojYNbv3uQxtIopj9YAdk
+gW2ray++zvC2DV/86x8CQH4UJwgO6JqU4bSgi6HiRNjDg26tJ0Beu8jjl1vrkIVX
+pHFwSUeLZUsT2/iTUSgYH4uYiZPgYNcKTCT9W6se30A=
+-----END RSA PRIVATE KEY-----
diff --git a/demos/easy_tls/.cvsignore b/demos/easy_tls/.cvsignore
index 9daeafb986..eae327db85 100644
--- a/demos/easy_tls/.cvsignore
+++ b/demos/easy_tls/.cvsignore
@@ -1 +1,3 @@
 test
+*.flc
+semantic.cache
diff --git a/demos/engines/cluster_labs/.cvsignore b/demos/engines/cluster_labs/.cvsignore
index 594223d400..375a79d415 100644
--- a/demos/engines/cluster_labs/.cvsignore
+++ b/demos/engines/cluster_labs/.cvsignore
@@ -2,3 +2,5 @@
 *.so
 *.so.*
 *.a
+*.flc
+semantic.cache
diff --git a/demos/engines/cluster_labs/hw_cluster_labs.c b/demos/engines/cluster_labs/hw_cluster_labs.c
index 00c14f2755..036f48bafa 100644
--- a/demos/engines/cluster_labs/hw_cluster_labs.c
+++ b/demos/engines/cluster_labs/hw_cluster_labs.c
@@ -103,7 +103,7 @@ static int cluster_labs_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa);
 
 /* DSA stuff */
 #ifndef OPENSSL_NO_DSA
-DSA_SIG *cluster_labs_dsa_sign(const unsigned char *dgst, int dlen, DSA *dsa);
+static DSA_SIG *cluster_labs_dsa_sign(const unsigned char *dgst, int dlen, DSA *dsa);
 static int cluster_labs_dsa_verify(const unsigned char *dgst, int dgst_len,
 				DSA_SIG *sig, DSA *dsa);
 static int cluster_labs_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
@@ -245,6 +245,9 @@ static ENGINE *engine_cluster_labs(void)
 	return ret;
 	}
 
+#ifdef ENGINE_DYNAMIC_SUPPORT
+static
+#endif
 void ENGINE_load_cluster_labs(void)
 	{
 
@@ -504,7 +507,7 @@ static int cluster_labs_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa)
 
 	}
 	
-DSA_SIG *cluster_labs_dsa_sign(const unsigned char *dgst, int dlen, DSA *dsa)
+static DSA_SIG *cluster_labs_dsa_sign(const unsigned char *dgst, int dlen, DSA *dsa)
 	{
 
 	if(cluster_labs_dso == NULL)
diff --git a/demos/engines/cluster_labs/hw_cluster_labs_err.h b/demos/engines/cluster_labs/hw_cluster_labs_err.h
index afc175b133..f548a3b668 100644
--- a/demos/engines/cluster_labs/hw_cluster_labs_err.h
+++ b/demos/engines/cluster_labs/hw_cluster_labs_err.h
@@ -55,6 +55,10 @@
 #ifndef HEADER_CL_ERR_H
 #define HEADER_CL_ERR_H
 
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
 /* BEGIN ERROR CODES */
 /* The following lines are auto generated by the script mkerr.pl. Any changes
  * made after this point may be overwritten when the script is next run.
diff --git a/demos/engines/ibmca/.cvsignore b/demos/engines/ibmca/.cvsignore
index 594223d400..375a79d415 100644
--- a/demos/engines/ibmca/.cvsignore
+++ b/demos/engines/ibmca/.cvsignore
@@ -2,3 +2,5 @@
 *.so
 *.so.*
 *.a
+*.flc
+semantic.cache
diff --git a/demos/engines/ibmca/hw_ibmca.c b/demos/engines/ibmca/hw_ibmca.c
index 881b16a7cb..0c2c39b8a7 100644
--- a/demos/engines/ibmca/hw_ibmca.c
+++ b/demos/engines/ibmca/hw_ibmca.c
@@ -288,6 +288,9 @@ static ENGINE *engine_ibmca(void)
 	return ret;

 	}

 

+#ifdef ENGINE_DYNAMIC_SUPPORT

+static

+#endif

 void ENGINE_load_ibmca(void)

 	{

 	/* Copied from eng_[openssl|dyn].c */

diff --git a/demos/engines/ibmca/hw_ibmca_err.h b/demos/engines/ibmca/hw_ibmca_err.h
index da64bde5f2..2070f95799 100644
--- a/demos/engines/ibmca/hw_ibmca_err.h
+++ b/demos/engines/ibmca/hw_ibmca_err.h
@@ -55,6 +55,10 @@
 #ifndef HEADER_IBMCA_ERR_H
 #define HEADER_IBMCA_ERR_H
 
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
 /* BEGIN ERROR CODES */
 /* The following lines are auto generated by the script mkerr.pl. Any changes
  * made after this point may be overwritten when the script is next run.
diff --git a/demos/engines/rsaref/.cvsignore b/demos/engines/rsaref/.cvsignore
index 76776d9a59..e8e5e6245a 100644
--- a/demos/engines/rsaref/.cvsignore
+++ b/demos/engines/rsaref/.cvsignore
@@ -10,3 +10,5 @@ doc
 install
 rdemo
 source
+*.flc
+semantic.cache
diff --git a/demos/engines/rsaref/build.com b/demos/engines/rsaref/build.com
index b956912916..72b013d45e 100644
--- a/demos/engines/rsaref/build.com
+++ b/demos/engines/rsaref/build.com
@@ -7,6 +7,14 @@ $	    write sys$error "RSAref 2.0 hasn't been properly extracted."
 $	    exit
 $	endif
 $
+$	if (f$getsyi("cpu").lt.128)
+$	then
+$	    arch := vax
+$	else
+$	    arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
+$	    if (arch .eqs. "") then arch = "UNK"
+$	endif
+$
 $	_save_default = f$environment("default")
 $	set default [.install]
 $	files := desc,digit,md2c,md5c,nn,prime,-
@@ -29,14 +37,8 @@ $	set default [-]
 $	define/user openssl [---.include.openssl]
 $	cc/define=ENGINE_DYNAMIC_SUPPORT rsaref.c
 $
-$	if f$getsyi("CPU") .ge. 128
+$	if arch .eqs. "VAX"
 $	then
-$	    link/share=librsaref.exe sys$input:/option
-[]rsaref.obj
-[.install]rsaref.olb/lib
-[---.axp.exe.crypto]libcrypto.olb/lib
-symbol_vector=(bind_engine=procedure,v_check=procedure)
-$	else
 $	    macro/object=rsaref_vec.obj sys$input:
 ;
 ; Transfer vector for VAX shareable image
@@ -80,6 +82,24 @@ PSECT_ATTR=$CHAR_STRING_CONSTANTS,NOWRT
 []rsaref.obj
 [.install]rsaref.olb/lib
 [---.vax.exe.crypto]libcrypto.olb/lib
+$	else
+$	    if arch_name .eqs. "ALPHA"
+$	    then
+$		link/share=librsaref.exe sys$input:/option
+[]rsaref.obj
+[.install]rsaref.olb/lib
+[---.alpha.exe.crypto]libcrypto.olb/lib
+symbol_vector=(bind_engine=procedure,v_check=procedure)
+$	    else
+$		if arch_name .eqs. "IA64"
+$		then
+$		    link /shareable=librsaref.exe sys$input: /options
+[]rsaref.obj
+[.install]rsaref.olb/lib
+[---.ia64.exe.crypto]libcrypto.olb/lib
+symbol_vector=(bind_engine=procedure,v_check=procedure)
+$		endif
+$	    endif
 $	endif
 $
 $	set default '_save_default'
diff --git a/demos/engines/zencod/.cvsignore b/demos/engines/zencod/.cvsignore
index 594223d400..375a79d415 100644
--- a/demos/engines/zencod/.cvsignore
+++ b/demos/engines/zencod/.cvsignore
@@ -2,3 +2,5 @@
 *.so
 *.so.*
 *.a
+*.flc
+semantic.cache
diff --git a/demos/engines/zencod/hw_zencod.c b/demos/engines/zencod/hw_zencod.c
index 308e18710f..4234b93cbe 100644
--- a/demos/engines/zencod/hw_zencod.c
+++ b/demos/engines/zencod/hw_zencod.c
@@ -366,7 +366,7 @@ static int bind_helper ( ENGINE *e )
 /* As this is only ever called once, there's no need for locking
  * (indeed - the lock will already be held by our caller!!!)
  */
-ENGINE *ENGINE_zencod ( void )
+static ENGINE *ENGINE_zencod ( void )
 {
 
 	ENGINE *eng = ENGINE_new () ;
@@ -383,6 +383,9 @@ ENGINE *ENGINE_zencod ( void )
 }
 
 
+#ifdef ENGINE_DYNAMIC_SUPPORT
+static
+#endif
 void ENGINE_load_zencod ( void )
 {
 	/* Copied from eng_[openssl|dyn].c */
@@ -1230,7 +1233,7 @@ static const EVP_MD engine_sha1_md =
 	SHA_CBLOCK,
 	/* sizeof ( EVP_MD * ) + sizeof ( SHA_CTX ) */
 	sizeof ( ZEN_MD_DATA )
-	/* sizeof ( MD_CTX_DATA )	The message digest data stucture ... */
+	/* sizeof ( MD_CTX_DATA )	The message digest data structure ... */
 } ;
 
 /* The one for MD5 ... */
@@ -1251,7 +1254,7 @@ static const EVP_MD engine_md5_md =
 	MD5_CBLOCK,
 	/* sizeof ( EVP_MD * ) + sizeof ( MD5_CTX ) */
 	sizeof ( ZEN_MD_DATA )
-	/* sizeof ( MD_CTX_DATA )	The message digest data stucture ... */
+	/* sizeof ( MD_CTX_DATA )	The message digest data structure ... */
 } ;
 
 
diff --git a/demos/engines/zencod/hw_zencod_err.h b/demos/engines/zencod/hw_zencod_err.h
index 1b5dcb5685..60e923fd88 100644
--- a/demos/engines/zencod/hw_zencod_err.h
+++ b/demos/engines/zencod/hw_zencod_err.h
@@ -55,6 +55,10 @@
 #ifndef HEADER_ZENCOD_ERR_H
 #define HEADER_ZENCOD_ERR_H
 
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
 /* BEGIN ERROR CODES */
 /* The following lines are auto generated by the script mkerr.pl. Any changes
  * made after this point may be overwritten when the script is next run.
diff --git a/demos/maurice/.cvsignore b/demos/maurice/.cvsignore
index a99bec3448..22c4e879ee 100644
--- a/demos/maurice/.cvsignore
+++ b/demos/maurice/.cvsignore
@@ -2,3 +2,5 @@ example1
 example2
 example3
 example4
+*.flc
+semantic.cache
diff --git a/demos/pkcs12/pkread.c b/demos/pkcs12/pkread.c
index 8e1b686312..fa8f509237 100644
--- a/demos/pkcs12/pkread.c
+++ b/demos/pkcs12/pkread.c
@@ -20,7 +20,7 @@ int main(int argc, char **argv)
 		fprintf(stderr, "Usage: pkread p12file password opfile\n");
 		exit (1);
 	}
-	SSLeay_add_all_algorithms();
+	OpenSSL_add_all_algorithms();
 	ERR_load_crypto_strings();
 	if (!(fp = fopen(argv[1], "rb"))) {
 		fprintf(stderr, "Error opening file %s\n", argv[1]);
@@ -51,7 +51,7 @@ int main(int argc, char **argv)
 		fprintf(fp, "***User Certificate***\n");
 		PEM_write_X509_AUX(fp, cert);
 	}
-	if (ca && sk_num(ca)) {
+	if (ca && sk_X509_num(ca)) {
 		fprintf(fp, "***Other Certificates***\n");
 		for (i = 0; i < sk_X509_num(ca); i++) 
 		    PEM_write_X509_AUX(fp, sk_X509_value(ca, i));
diff --git a/demos/smime/cacert.pem b/demos/smime/cacert.pem
new file mode 100644
index 0000000000..75cbb347aa
--- /dev/null
+++ b/demos/smime/cacert.pem
@@ -0,0 +1,18 @@
+-----BEGIN CERTIFICATE-----
+MIIC6DCCAlGgAwIBAgIJAMfGO3rdo2uUMA0GCSqGSIb3DQEBBAUAMFcxCzAJBgNV
+BAYTAlVLMRIwEAYDVQQHEwlUZXN0IENpdHkxFjAUBgNVBAoTDU9wZW5TU0wgR3Jv
+dXAxHDAaBgNVBAMTE1Rlc3QgUy9NSU1FIFJvb3QgQ0EwHhcNMDcwNDEzMTc0MzE3
+WhcNMTcwNDEwMTc0MzE3WjBXMQswCQYDVQQGEwJVSzESMBAGA1UEBxMJVGVzdCBD
+aXR5MRYwFAYDVQQKEw1PcGVuU1NMIEdyb3VwMRwwGgYDVQQDExNUZXN0IFMvTUlN
+RSBSb290IENBMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCqJMal1uC1/1wz
+i5+dE4EZF2im3BgROm5PVMbwPY9V1t+KYvtdc3rMcRgJaMbP+qaEcDXoIsZfYXGR
+ielgfDNZmZcj1y/FOum+Jc2OZMs3ggPmjIQ3dbBECq0hZKcbz7wfr+2OeNWm46iT
+jcSIXpGIRhUYEzOgv7zb8oOU70IbbwIDAQABo4G7MIG4MB0GA1UdDgQWBBRHUypx
+CXFQYqewhGo72lWPQUsjoDCBiAYDVR0jBIGAMH6AFEdTKnEJcVBip7CEajvaVY9B
+SyOgoVukWTBXMQswCQYDVQQGEwJVSzESMBAGA1UEBxMJVGVzdCBDaXR5MRYwFAYD
+VQQKEw1PcGVuU1NMIEdyb3VwMRwwGgYDVQQDExNUZXN0IFMvTUlNRSBSb290IENB
+ggkAx8Y7et2ja5QwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQQFAAOBgQANI+Yc
+G/YDM1WMUGEzEkU9UhsIUqdyBebnK3+OyxZSouDcE/M10jFJzBf/F5b0uUGAKWwo
+u0dzmILfKjdfWe8EyCRafZcm00rVcO09i/63FBYzlHbmfUATIqZdhKzxxQMPs5mF
+1je+pHUpzIY8TSXyh/uD9IkAy04IHwGZQf9akw==
+-----END CERTIFICATE-----
diff --git a/demos/smime/cakey.pem b/demos/smime/cakey.pem
new file mode 100644
index 0000000000..3b53c5e817
--- /dev/null
+++ b/demos/smime/cakey.pem
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXgIBAAKBgQCqJMal1uC1/1wzi5+dE4EZF2im3BgROm5PVMbwPY9V1t+KYvtd
+c3rMcRgJaMbP+qaEcDXoIsZfYXGRielgfDNZmZcj1y/FOum+Jc2OZMs3ggPmjIQ3
+dbBECq0hZKcbz7wfr+2OeNWm46iTjcSIXpGIRhUYEzOgv7zb8oOU70IbbwIDAQAB
+AoGBAKWOZ2UTc1BkjDjz0XoscmAR8Rj77MdGzfOPkIxPultSW+3yZpkGNyUbnsH5
+HAtf4Avai/m3bMN+s91kDpx9/g/I9ZEHPQLcDICETvwt/EHT7+hwvaQgsM+TgpMs
+tjlGZOWent6wVIuvwwzqOMXZLgK9FvY7upwgtrys4G3Kab5hAkEA2QzFflWyEvKS
+rMSaVtn/IjFilwa7H0IdakkjM34z4peerFTPBr4J47YD4RCR/dAvxyNy3zUxtH18
+9R6dUixI6QJBAMitJD0xOkbGWBX8KVJvRiKOIdf/95ZUAgN/h3bWKy57EB9NYj3u
+jbxXcvdjfSqiITykkjAg7SG7nrlzJsu6CpcCQG6gVsy0auXDY0TRlASuaZ6I40Is
+uRUOgqWYj2uAaHuWYdZeB4LdO3cnX0TISFDAWom6JKNlnmbrCtR4fSDT13kCQQCU
++VQJyV3F5MDHsWbLt6eNR46AV5lpk/vatPXPlrZ/zwPs+PmRmGLICvNiDA2DdNDP
+wCx2Zjsj67CtY3rNitMJAkEAm09BQnjnbBXUb1rd2SjNDWTsu80Z+zLu8pAwXNhW
+8nsvMYqlYMIxuMPwu/QuTnMRhMZ08uhqoD3ukZnBeoMEVg==
+-----END RSA PRIVATE KEY-----
diff --git a/demos/smime/encr.txt b/demos/smime/encr.txt
new file mode 100644
index 0000000000..f163a326ed
--- /dev/null
+++ b/demos/smime/encr.txt
@@ -0,0 +1,3 @@
+Content-type: text/plain
+
+Sample OpenSSL Data for PKCS#7 encryption
diff --git a/demos/smime/sign.txt b/demos/smime/sign.txt
new file mode 100644
index 0000000000..af1341d0a8
--- /dev/null
+++ b/demos/smime/sign.txt
@@ -0,0 +1,3 @@
+Content-type: text/plain
+
+Test OpenSSL Signed Content
diff --git a/demos/smime/signer.pem b/demos/smime/signer.pem
new file mode 100644
index 0000000000..bac16ba963
--- /dev/null
+++ b/demos/smime/signer.pem
@@ -0,0 +1,32 @@
+-----BEGIN CERTIFICATE-----
+MIICpjCCAg+gAwIBAgIJAJ+rfmEoLQRhMA0GCSqGSIb3DQEBBAUAMFcxCzAJBgNV
+BAYTAlVLMRIwEAYDVQQHEwlUZXN0IENpdHkxFjAUBgNVBAoTDU9wZW5TU0wgR3Jv
+dXAxHDAaBgNVBAMTE1Rlc3QgUy9NSU1FIFJvb3QgQ0EwHhcNMDcwNDEzMTgyOTI3
+WhcNMTcwNDA5MTgyOTI3WjBWMQswCQYDVQQGEwJVSzElMCMGA1UEAxMcT3BlblNT
+TCB0ZXN0IFMvTUlNRSBzaWduZXIgMTEgMB4GCSqGSIb3DQEJARYRdGVzdDFAb3Bl
+bnNzbC5vcmcwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAL1ocAQ7ON2pIUXz
+jwKPzpPB9ozB6PFG6F6kARO+i0DiT6Qn8abUjwpHPU+lGys83QlpbkQVUD6Fv/4L
+ytihk6N9Pr/feECVcSZ20dI43WXjfYak14dSVrZkGNMMXqKmnnqtkAdD0oJN7A7y
+gcf8RuViV0kvk9/36eCMwMHrImfhAgMBAAGjezB5MAkGA1UdEwQCMAAwLAYJYIZI
+AYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQW
+BBSyKqjvctIsFNBHULBTqr8SHtSxpDAfBgNVHSMEGDAWgBRHUypxCXFQYqewhGo7
+2lWPQUsjoDANBgkqhkiG9w0BAQQFAAOBgQBvdYVoBfd4RV/xWSMXIcgw/i5OiwyX
+MsenQePll51MpglfArd7pUipUalCqlJt/Gs8kD16Ih1z1yuWYVTMlnDZ0PwbIOYn
++Jr8XLF9b1SMJt6PwckZZ0LZdIi2KwGAxVsIW1kjJAqu9o4YH37XW37yYdQRxfvv
+lDiQlgX0JtmLgA==
+-----END CERTIFICATE-----
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQC9aHAEOzjdqSFF848Cj86TwfaMwejxRuhepAETvotA4k+kJ/Gm
+1I8KRz1PpRsrPN0JaW5EFVA+hb/+C8rYoZOjfT6/33hAlXEmdtHSON1l432GpNeH
+Ula2ZBjTDF6ipp56rZAHQ9KCTewO8oHH/EblYldJL5Pf9+ngjMDB6yJn4QIDAQAB
+AoGACCuYIWaYll80UzslYRvo8lC8nOfEb5v6bBKxBTQD98GLY+5hKywiG3RlPalG
+mb/fXQeSPReaRYgpdwD1OBEIOEMW9kLyqpzokC0xjpZ+MwsuJTlxCesk5GEsMa3o
+wC3QMmiRA7qrZ/SzTtwrs++9mZ/pxp8JZ6pKYUj8SE7/vV0CQQDz8Ix2t40E16hx
+04+XhClnGqydZJyLLSxcTU3ZVhYxL+efo/5hZ8tKpkcDi8wq6T03BOKrKxrlIW55
+qDRNM24rAkEAxsWzu/rJhIouQyNoYygEIEYzFRlTQyZSg59u6dNiewMn27dOAbyc
+YT7B6da7e74QttTXo0lIllsX2S38+XsIIwJBANSRuIU3G66tkr5l4gnhhAaxqtuY
+sgVhvvdL8dvC9aG1Ifzt9hzBSthpHxbK+oYmK07HdhI8hLpIMLHYzoK7n3MCQEy4
+4rccBcxyyYiAkjozp+QNNIpgTBMPJ6pGT7lRLiHtBeV4y1NASdv/LTnk+Fi69Bid
+7t3H24ytfHcHmS1yn6ECQF6Jmh4C7dlvp59zXp+t+VsXxa/8sq41vKNIj0Rx9vh5
+xp9XL0C5ZpgmBnsTydP9pmkiL4ltLbMX0wJU6N2cmFw=
+-----END RSA PRIVATE KEY-----
diff --git a/demos/smime/signer2.pem b/demos/smime/signer2.pem
new file mode 100644
index 0000000000..25e23d131a
--- /dev/null
+++ b/demos/smime/signer2.pem
@@ -0,0 +1,32 @@
+-----BEGIN CERTIFICATE-----
+MIICpjCCAg+gAwIBAgIJAJ+rfmEoLQRiMA0GCSqGSIb3DQEBBAUAMFcxCzAJBgNV
+BAYTAlVLMRIwEAYDVQQHEwlUZXN0IENpdHkxFjAUBgNVBAoTDU9wZW5TU0wgR3Jv
+dXAxHDAaBgNVBAMTE1Rlc3QgUy9NSU1FIFJvb3QgQ0EwHhcNMDcwNDEzMTgyOTQ0
+WhcNMTcwNDA5MTgyOTQ0WjBWMQswCQYDVQQGEwJVSzElMCMGA1UEAxMcT3BlblNT
+TCB0ZXN0IFMvTUlNRSBzaWduZXIgMjEgMB4GCSqGSIb3DQEJARYRdGVzdDJAb3Bl
+bnNzbC5vcmcwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANco7VPgX9vcGwmZ
+jYqjq1JiR7M38dsMNhuJyLRVjJ5/cpFluQydQuG1PhzOJ8zfYVFicOXKvbYuKuXW
+ozZIwzqEqWsNf36KHTLS6yOMG8I13cRInh+fAIKq9Z8Eh65I7FJzVsNsfEQrGfEW
+GMA8us24IaSvP3QkbfHJn/4RaKznAgMBAAGjezB5MAkGA1UdEwQCMAAwLAYJYIZI
+AYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQW
+BBRlrLQJUB8uAa4q8B2OqvvTXonF5zAfBgNVHSMEGDAWgBRHUypxCXFQYqewhGo7
+2lWPQUsjoDANBgkqhkiG9w0BAQQFAAOBgQBQbi2juGALg2k9m1hKpzR2lCGmGO3X
+h3Jh/l0vIxDr0RTgP2vBrtITlx655P/o1snoeTIpYG8uUnFnTE/6YakdayAIlxV4
+aZl63AivZMpQB5SPaPH/jEsGJ8UQMfdiy4ORWIULupuPKlKwODNw7tVhQIACS/DR
+2aX6rl2JEuJ5Yg==
+-----END CERTIFICATE-----
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQDXKO1T4F/b3BsJmY2Ko6tSYkezN/HbDDYbici0VYyef3KRZbkM
+nULhtT4czifM32FRYnDlyr22Lirl1qM2SMM6hKlrDX9+ih0y0usjjBvCNd3ESJ4f
+nwCCqvWfBIeuSOxSc1bDbHxEKxnxFhjAPLrNuCGkrz90JG3xyZ/+EWis5wIDAQAB
+AoGAUTB2bcIrKfGimjrBOGGOUmYXnD8uGnQ/LqENhU8K4vxApTD3ZRUqmbUknQYF
+6r8YH/e/llasw8QkF9qod+F5GTgsnyh/aMidFHKrXXbf1662scz9+S6crSXq9Eb2
+CL57f6Kw61k6edrz8zHdA+rnTK00hzgzKCP4ZL5k8/55ueECQQD+BK+nsKi6CcKf
+m3Mh61Sf2Icm5JlMCKaihlbnh78lBN1imYUAfHJEnQ1ujxXB94R+6o9S+XrWTnTX
+2m/JNIfpAkEA2NaidX7Sv5jnRPkwJ02Srl0urxINLmg4bU0zmM3VoMklYBHWnMyr
+upPZGPh5TzCa+g6FTBmU8XK61wvnEKNcTwJBAM24VdnlBIDGbsx8RJ3vzLU30xz4
+ff5J80okqjUQhwkgC3tTAZgHMTPITZyAXQqdvrxakoCMc6MkHxTBX08AMCECQHHL
+SdyxXrYv7waSY0PtANJCkpJLveEhzqMFxdMmCjtj9BpTojYNbv3uQxtIopj9YAdk
+gW2ray++zvC2DV/86x8CQH4UJwgO6JqU4bSgi6HiRNjDg26tJ0Beu8jjl1vrkIVX
+pHFwSUeLZUsT2/iTUSgYH4uYiZPgYNcKTCT9W6se30A=
+-----END RSA PRIVATE KEY-----
diff --git a/demos/smime/smdec.c b/demos/smime/smdec.c
new file mode 100644
index 0000000000..8b1a8545a6
--- /dev/null
+++ b/demos/smime/smdec.c
@@ -0,0 +1,83 @@
+/* Simple S/MIME signing example */
+#include <openssl/pem.h>
+#include <openssl/pkcs7.h>
+#include <openssl/err.h>
+
+int main(int argc, char **argv)
+	{
+	BIO *in = NULL, *out = NULL, *tbio = NULL;
+	X509 *rcert = NULL;
+	EVP_PKEY *rkey = NULL;
+	PKCS7 *p7 = NULL;
+	int ret = 1;
+
+	OpenSSL_add_all_algorithms();
+	ERR_load_crypto_strings();
+
+	/* Read in recipient certificate and private key */
+	tbio = BIO_new_file("signer.pem", "r");
+
+	if (!tbio)
+		goto err;
+
+	rcert = PEM_read_bio_X509(tbio, NULL, 0, NULL);
+
+	BIO_reset(tbio);
+
+	rkey = PEM_read_bio_PrivateKey(tbio, NULL, 0, NULL);
+
+	if (!rcert || !rkey)
+		goto err;
+
+	/* Open content being signed */
+
+	in = BIO_new_file("smencr.txt", "r");
+
+	if (!in)
+		goto err;
+
+	/* Sign content */
+	p7 = SMIME_read_PKCS7(in, NULL);
+
+	if (!p7)
+		goto err;
+
+	out = BIO_new_file("encrout.txt", "w");
+	if (!out)
+		goto err;
+
+	/* Decrypt S/MIME message */
+	if (!PKCS7_decrypt(p7, rkey, rcert, out, 0))
+		goto err;
+
+	ret = 0;
+
+	err:
+
+	if (ret)
+		{
+		fprintf(stderr, "Error Signing Data\n");
+		ERR_print_errors_fp(stderr);
+		}
+
+	if (p7)
+		PKCS7_free(p7);
+	if (rcert)
+		X509_free(rcert);
+	if (rkey)
+		EVP_PKEY_free(rkey);
+
+	if (in)
+		BIO_free(in);
+	if (out)
+		BIO_free(out);
+	if (tbio)
+		BIO_free(tbio);
+
+	return ret;
+
+	}
+
+
+
+
diff --git a/demos/smime/smenc.c b/demos/smime/smenc.c
new file mode 100644
index 0000000000..77dd732fc1
--- /dev/null
+++ b/demos/smime/smenc.c
@@ -0,0 +1,92 @@
+/* Simple S/MIME encrypt example */
+#include <openssl/pem.h>
+#include <openssl/pkcs7.h>
+#include <openssl/err.h>
+
+int main(int argc, char **argv)
+	{
+	BIO *in = NULL, *out = NULL, *tbio = NULL;
+	X509 *rcert = NULL;
+	STACK_OF(X509) *recips = NULL;
+	PKCS7 *p7 = NULL;
+	int ret = 1;
+
+	/*
+	 * On OpenSSL 0.9.9 only:
+	 * for streaming set PKCS7_STREAM
+	 */
+	int flags = PKCS7_STREAM;
+
+	OpenSSL_add_all_algorithms();
+	ERR_load_crypto_strings();
+
+	/* Read in recipient certificate */
+	tbio = BIO_new_file("signer.pem", "r");
+
+	if (!tbio)
+		goto err;
+
+	rcert = PEM_read_bio_X509(tbio, NULL, 0, NULL);
+
+	if (!rcert)
+		goto err;
+
+	/* Create recipient STACK and add recipient cert to it */
+	recips = sk_X509_new_null();
+
+	if (!recips || !sk_X509_push(recips, rcert))
+		goto err;
+
+	/* sk_X509_pop_free will free up recipient STACK and its contents
+	 * so set rcert to NULL so it isn't freed up twice.
+	 */
+	rcert = NULL;
+
+	/* Open content being encrypted */
+
+	in = BIO_new_file("encr.txt", "r");
+
+	if (!in)
+		goto err;
+
+	/* encrypt content */
+	p7 = PKCS7_encrypt(recips, in, EVP_des_ede3_cbc(), flags);
+
+	if (!p7)
+		goto err;
+
+	out = BIO_new_file("smencr.txt", "w");
+	if (!out)
+		goto err;
+
+	/* Write out S/MIME message */
+	if (!SMIME_write_PKCS7(out, p7, in, flags))
+		goto err;
+
+	ret = 0;
+
+	err:
+
+	if (ret)
+		{
+		fprintf(stderr, "Error Encrypting Data\n");
+		ERR_print_errors_fp(stderr);
+		}
+
+	if (p7)
+		PKCS7_free(p7);
+	if (rcert)
+		X509_free(rcert);
+	if (recips)
+		sk_X509_pop_free(recips, X509_free);
+
+	if (in)
+		BIO_free(in);
+	if (out)
+		BIO_free(out);
+	if (tbio)
+		BIO_free(tbio);
+
+	return ret;
+
+	}
diff --git a/demos/smime/smsign.c b/demos/smime/smsign.c
new file mode 100644
index 0000000000..ba78830cff
--- /dev/null
+++ b/demos/smime/smsign.c
@@ -0,0 +1,89 @@
+/* Simple S/MIME signing example */
+#include <openssl/pem.h>
+#include <openssl/pkcs7.h>
+#include <openssl/err.h>
+
+int main(int argc, char **argv)
+	{
+	BIO *in = NULL, *out = NULL, *tbio = NULL;
+	X509 *scert = NULL;
+	EVP_PKEY *skey = NULL;
+	PKCS7 *p7 = NULL;
+	int ret = 1;
+
+	/* For simple S/MIME signing use PKCS7_DETACHED.
+	 * On OpenSSL 0.9.9 only:
+	 * for streaming detached set PKCS7_DETACHED|PKCS7_STREAM
+	 * for streaming non-detached set PKCS7_STREAM
+	 */
+	int flags = PKCS7_DETACHED|PKCS7_STREAM;
+
+	OpenSSL_add_all_algorithms();
+	ERR_load_crypto_strings();
+
+	/* Read in signer certificate and private key */
+	tbio = BIO_new_file("signer.pem", "r");
+
+	if (!tbio)
+		goto err;
+
+	scert = PEM_read_bio_X509(tbio, NULL, 0, NULL);
+
+	BIO_reset(tbio);
+
+	skey = PEM_read_bio_PrivateKey(tbio, NULL, 0, NULL);
+
+	if (!scert || !skey)
+		goto err;
+
+	/* Open content being signed */
+
+	in = BIO_new_file("sign.txt", "r");
+
+	if (!in)
+		goto err;
+
+	/* Sign content */
+	p7 = PKCS7_sign(scert, skey, NULL, in, flags);
+
+	if (!p7)
+		goto err;
+
+	out = BIO_new_file("smout.txt", "w");
+	if (!out)
+		goto err;
+
+	if (!(flags & PKCS7_STREAM))
+		BIO_reset(in);
+
+	/* Write out S/MIME message */
+	if (!SMIME_write_PKCS7(out, p7, in, flags))
+		goto err;
+
+	ret = 0;
+
+	err:
+
+	if (ret)
+		{
+		fprintf(stderr, "Error Signing Data\n");
+		ERR_print_errors_fp(stderr);
+		}
+
+	if (p7)
+		PKCS7_free(p7);
+	if (scert)
+		X509_free(scert);
+	if (skey)
+		EVP_PKEY_free(skey);
+
+	if (in)
+		BIO_free(in);
+	if (out)
+		BIO_free(out);
+	if (tbio)
+		BIO_free(tbio);
+
+	return ret;
+
+	}
diff --git a/demos/smime/smsign2.c b/demos/smime/smsign2.c
new file mode 100644
index 0000000000..ff835c568c
--- /dev/null
+++ b/demos/smime/smsign2.c
@@ -0,0 +1,107 @@
+/* S/MIME signing example: 2 signers. OpenSSL 0.9.9 only */
+#include <openssl/pem.h>
+#include <openssl/pkcs7.h>
+#include <openssl/err.h>
+
+int main(int argc, char **argv)
+	{
+	BIO *in = NULL, *out = NULL, *tbio = NULL;
+	X509 *scert = NULL, *scert2 = NULL;
+	EVP_PKEY *skey = NULL, *skey2 = NULL;
+	PKCS7 *p7 = NULL;
+	int ret = 1;
+
+	OpenSSL_add_all_algorithms();
+	ERR_load_crypto_strings();
+
+	tbio = BIO_new_file("signer.pem", "r");
+
+	if (!tbio)
+		goto err;
+
+	scert = PEM_read_bio_X509(tbio, NULL, 0, NULL);
+
+	BIO_reset(tbio);
+
+	skey = PEM_read_bio_PrivateKey(tbio, NULL, 0, NULL);
+
+	BIO_free(tbio);
+
+	tbio = BIO_new_file("signer2.pem", "r");
+
+	if (!tbio)
+		goto err;
+
+	scert2 = PEM_read_bio_X509(tbio, NULL, 0, NULL);
+
+	BIO_reset(tbio);
+
+	skey2 = PEM_read_bio_PrivateKey(tbio, NULL, 0, NULL);
+
+	if (!scert2 || !skey2)
+		goto err;
+
+	in = BIO_new_file("sign.txt", "r");
+
+	if (!in)
+		goto err;
+
+	p7 = PKCS7_sign(NULL, NULL, NULL, in, PKCS7_STREAM|PKCS7_PARTIAL);
+
+	if (!p7)
+		goto err;
+
+	/* Add each signer in turn */
+
+	if (!PKCS7_sign_add_signer(p7, scert, skey, NULL, 0))
+		goto err;
+
+	if (!PKCS7_sign_add_signer(p7, scert2, skey2, NULL, 0))
+		goto err;
+
+	out = BIO_new_file("smout.txt", "w");
+	if (!out)
+		goto err;
+
+	/* NB: content included and finalized by SMIME_write_PKCS7 */
+
+	if (!SMIME_write_PKCS7(out, p7, in, PKCS7_STREAM))
+		goto err;
+
+	ret = 0;
+
+	err:
+
+	if (ret)
+		{
+		fprintf(stderr, "Error Signing Data\n");
+		ERR_print_errors_fp(stderr);
+		}
+
+	if (p7)
+		PKCS7_free(p7);
+
+	if (scert)
+		X509_free(scert);
+	if (skey)
+		EVP_PKEY_free(skey);
+
+	if (scert2)
+		X509_free(scert2);
+	if (skey)
+		EVP_PKEY_free(skey2);
+
+	if (in)
+		BIO_free(in);
+	if (out)
+		BIO_free(out);
+	if (tbio)
+		BIO_free(tbio);
+
+	return ret;
+
+	}
+
+
+
+
diff --git a/demos/smime/smver.c b/demos/smime/smver.c
new file mode 100644
index 0000000000..9d360c273a
--- /dev/null
+++ b/demos/smime/smver.c
@@ -0,0 +1,87 @@
+/* Simple S/MIME verification example */
+#include <openssl/pem.h>
+#include <openssl/pkcs7.h>
+#include <openssl/err.h>
+
+int main(int argc, char **argv)
+	{
+	BIO *in = NULL, *out = NULL, *tbio = NULL, *cont = NULL;
+	X509_STORE *st = NULL;
+	X509 *cacert = NULL;
+	PKCS7 *p7 = NULL;
+
+	int ret = 1;
+
+	OpenSSL_add_all_algorithms();
+	ERR_load_crypto_strings();
+
+	/* Set up trusted CA certificate store */
+
+	st = X509_STORE_new();
+
+	/* Read in signer certificate and private key */
+	tbio = BIO_new_file("cacert.pem", "r");
+
+	if (!tbio)
+		goto err;
+
+	cacert = PEM_read_bio_X509(tbio, NULL, 0, NULL);
+
+	if (!cacert)
+		goto err;
+
+	if (!X509_STORE_add_cert(st, cacert))
+		goto err;
+
+	/* Open content being signed */
+
+	in = BIO_new_file("smout.txt", "r");
+
+	if (!in)
+		goto err;
+
+	/* Sign content */
+	p7 = SMIME_read_PKCS7(in, &cont);
+
+	if (!p7)
+		goto err;
+
+	/* File to output verified content to */
+	out = BIO_new_file("smver.txt", "w");
+	if (!out)
+		goto err;
+
+	if (!PKCS7_verify(p7, NULL, st, cont, out, 0))
+		{
+		fprintf(stderr, "Verification Failure\n");
+		goto err;
+		}
+
+	fprintf(stderr, "Verification Successful\n");
+
+	ret = 0;
+
+	err:
+
+	if (ret)
+		{
+		fprintf(stderr, "Error Verifying Data\n");
+		ERR_print_errors_fp(stderr);
+		}
+
+	if (p7)
+		PKCS7_free(p7);
+
+	if (cacert)
+		X509_free(cacert);
+
+	if (in)
+		BIO_free(in);
+	if (out)
+		BIO_free(out);
+	if (tbio)
+		BIO_free(tbio);
+
+	return ret;
+
+	}
diff --git a/demos/ssltest-ecc/ssltest.sh b/demos/ssltest-ecc/ssltest.sh
index 2d6ff167f5..923ca43824 100755
--- a/demos/ssltest-ecc/ssltest.sh
+++ b/demos/ssltest-ecc/ssltest.sh
@@ -20,23 +20,23 @@ SSLTEST=$OPENSSL_DIR/test/ssltest
 SSLVERSION=
 
 # These don't really require any certificates
-AECDH_CIPHER_LIST="EXP-AECDH-RC4-40-SHA EXP-AECDH-DES-40-CBC-SHA AECDH-DES-CBC3-SHA AECDH-DES-CBC-SHA AECDH-RC4-SHA AECDH-NULL-SHA"
+AECDH_CIPHER_LIST="AECDH-AES256-SHA AECDH-AES128-SHA AECDH-DES-CBC3-SHA AECDH-RC4-SHA AECDH-NULL-SHA"
 
 # These require ECC certificates signed with ECDSA
 # The EC public key must be authorized for key agreement.
-ECDH_ECDSA_CIPHER_LIST="EXP-ECDH-ECDSA-RC4-56-SHA EXP-ECDH-ECDSA-RC4-40-SHA ECDH-ECDSA-AES256-SHA ECDH-ECDSA-AES128-SHA ECDH-ECDSA-DES-CBC3-SHA ECDH-ECDSA-DES-CBC-SHA ECDH-ECDSA-RC4-SHA ECDH-ECDSA-NULL-SHA"
+ECDH_ECDSA_CIPHER_LIST="ECDH-ECDSA-AES256-SHA ECDH-ECDSA-AES128-SHA ECDH-ECDSA-DES-CBC3-SHA ECDH-ECDSA-RC4-SHA ECDH-ECDSA-NULL-SHA"
 
 # These require ECC certificates.
 # The EC public key must be authorized for digital signature.
-ECDHE_ECDSA_CIPHER_LIST="ECDHE-ECDSA-AES128-SHA"
+ECDHE_ECDSA_CIPHER_LIST="ECDHE-ECDSA-AES256-SHA ECDHE-ECDSA-AES128-SHA ECDHE-ECDSA-DES-CBC3-SHA ECDHE-ECDSA-RC4-SHA ECDHE-ECDSA-NULL-SHA"
 
 # These require ECC certificates signed with RSA.
 # The EC public key must be authorized for key agreement.
-ECDH_RSA_CIPHER_LIST="EXP-ECDH-RSA-RC4-56-SHA EXP-ECDH-RSA-RC4-40-SHA ECDH-RSA-AES256-SHA ECDH-RSA-AES128-SHA ECDH-RSA-DES-CBC3-SHA ECDH-RSA-DES-CBC-SHA ECDH-RSA-RC4-SHA ECDH-RSA-NULL-SHA"
+ECDH_RSA_CIPHER_LIST="ECDH-RSA-AES256-SHA ECDH-RSA-AES128-SHA ECDH-RSA-DES-CBC3-SHA ECDH-RSA-RC4-SHA ECDH-RSA-NULL-SHA"
 
 # These require RSA certificates.
 # The RSA public key must be authorized for digital signature.
-ECDHE_RSA_CIPHER_LIST="ECDHE-RSA-AES128-SHA"
+ECDHE_RSA_CIPHER_LIST="ECDHE-RSA-AES256-SHA ECDHE-RSA-AES128-SHA ECDHE-RSA-DES-CBC3-SHA ECDHE-RSA-RC4-SHA ECDHE-RSA-NULL-SHA"
 
 # List of Elliptic curves over which we wish to test generation of
 # ephemeral ECDH keys when using AECDH or ECDHE ciphers
@@ -78,9 +78,9 @@ done
 
 for curve in $ELLIPTIC_CURVE_LIST
 do
-    echo "Testing EXP-AECDH-RC4-40-SHA (with $curve)"
+    echo "Testing AECDH-RC4-SHA (with $curve)"
     $SSLTEST $SSL_VERSION -cert $SERVER_PEM \
-	-named_curve $curve -cipher EXP-AECDH-RC4-40-SHA
+	-named_curve $curve -cipher AECDH-RC4-SHA
 done
 fi
 
@@ -167,6 +167,9 @@ if [ "$1" = "ecdhe-rsa" ]; then
 for cipher in $ECDHE_RSA_CIPHER_LIST
 do
     echo "Testing $cipher (with server authentication)"
+    echo $SSLTEST $SSL_VERSION -CAfile $CA_PEM \
+	-cert $SERVER_PEM -server_auth \
+	-cipher $cipher -named_curve $DEFAULT_CURVE
     $SSLTEST $SSL_VERSION -CAfile $CA_PEM \
 	-cert $SERVER_PEM -server_auth \
 	-cipher $cipher -named_curve $DEFAULT_CURVE
diff --git a/demos/state_machine/.cvsignore b/demos/state_machine/.cvsignore
index 9aef0f5d4c..a90633f958 100644
--- a/demos/state_machine/.cvsignore
+++ b/demos/state_machine/.cvsignore
@@ -1 +1,3 @@
 state_machine
+*.flc
+semantic.cache
diff --git a/demos/tunala/.cvsignore b/demos/tunala/.cvsignore
index 1254a1ee29..f9eca981d2 100644
--- a/demos/tunala/.cvsignore
+++ b/demos/tunala/.cvsignore
@@ -1,2 +1,4 @@
 tunala
 
+*.flc
+semantic.cache
diff --git a/demos/tunala/autoungunk.sh b/demos/tunala/autoungunk.sh
index 0c9123b6cf..21790880d7 100755
--- a/demos/tunala/autoungunk.sh
+++ b/demos/tunala/autoungunk.sh
@@ -15,4 +15,5 @@ fi
 
 rm -f aclocal.m4 config.* configure install-sh \
 	missing mkinstalldirs stamp-h.* Makefile.in \
-	ltconfig ltmain.sh
+	ltconfig ltmain.sh depcomp
+rm -rf autom4te.cache
diff --git a/demos/tunala/cb.c b/demos/tunala/cb.c
index e64983896e..f6e452ae93 100644
--- a/demos/tunala/cb.c
+++ b/demos/tunala/cb.c
@@ -134,8 +134,27 @@ RSA *cb_generate_tmp_rsa(SSL *s, int is_export, int keylength)
 	/* TODO: Perhaps make it so our global key can be generated on-the-fly
 	 * after certain intervals? */
 	static RSA *rsa_tmp = NULL;
-	if(!rsa_tmp)
-		rsa_tmp = RSA_generate_key(keylength, RSA_F4, NULL, NULL);
+	BIGNUM *bn = NULL;
+	int ok = 1;
+	if(!rsa_tmp) {
+		ok = 0;
+		if(!(bn = BN_new()))
+			goto end;
+		if(!BN_set_word(bn, RSA_F4))
+			goto end;
+		if(!(rsa_tmp = RSA_new()))
+			goto end;
+		if(!RSA_generate_key_ex(rsa_tmp, keylength, bn, NULL))
+			goto end;
+		ok = 1;
+	}
+end:
+	if(bn)
+		BN_free(bn);
+	if(!ok) {
+		RSA_free(rsa_tmp);
+		rsa_tmp = NULL;
+	}
 	return rsa_tmp;
 }
 
diff --git a/demos/tunala/tunala.c b/demos/tunala/tunala.c
index e918cba2ce..ec49d3e943 100644
--- a/demos/tunala/tunala.c
+++ b/demos/tunala/tunala.c
@@ -697,9 +697,11 @@ static int ctx_set_dh(SSL_CTX *ctx, const char *dh_file, const char *dh_special)
 			abort();
 		fprintf(stderr, "Info, generating DH parameters ... ");
 		fflush(stderr);
-		if((dh = DH_generate_parameters(512, DH_GENERATOR_5,
-					NULL, NULL)) == NULL) {
+		if(!(dh = DH_new()) || !DH_generate_parameters_ex(dh, 512,
+					DH_GENERATOR_5, NULL)) {
 			fprintf(stderr, "error!\n");
+			if(dh)
+				DH_free(dh);
 			return 0;
 		}
 		fprintf(stderr, "complete\n");
@@ -733,7 +735,7 @@ static SSL_CTX *initialise_ssl_ctx(int server_mode, const char *engine_id,
 		unsigned int verify_depth)
 {
 	SSL_CTX *ctx = NULL, *ret = NULL;
-	SSL_METHOD *meth;
+	const SSL_METHOD *meth;
 	ENGINE *e = NULL;
 
         OpenSSL_add_ssl_algorithms();
diff --git a/demos/x509/mkcert.c b/demos/x509/mkcert.c
index c5e67b8e28..6a52e5d0fc 100644
--- a/demos/x509/mkcert.c
+++ b/demos/x509/mkcert.c
@@ -136,7 +136,7 @@ int mkcert(X509 **x509p, EVP_PKEY **pkeyp, int bits, int serial, int days)
 	}
 #endif
 	
-	if (!X509_sign(x,pk,EVP_md5()))
+	if (!X509_sign(x,pk,EVP_sha1()))
 		goto err;
 
 	*x509p=x;
diff --git a/demos/x509/mkreq.c b/demos/x509/mkreq.c
index 3dfc65f164..d17e4ade94 100644
--- a/demos/x509/mkreq.c
+++ b/demos/x509/mkreq.c
@@ -134,7 +134,7 @@ int mkreq(X509_REQ **req, EVP_PKEY **pkeyp, int bits, int serial, int days)
 
 #endif
 	
-	if (!X509_REQ_sign(x,pk,EVP_md5()))
+	if (!X509_REQ_sign(x,pk,EVP_sha1()))
 		goto err;
 
 	*req=x;
diff --git a/doc/HOWTO/keys.txt b/doc/HOWTO/keys.txt
index 45f42eaaf1..7ae2a3a118 100644
--- a/doc/HOWTO/keys.txt
+++ b/doc/HOWTO/keys.txt
@@ -40,9 +40,9 @@ consider insecure or to be insecure pretty soon.
 
 3. To generate a DSA key
 
-A DSA key can be used both for signing only.  This is important to
-keep in mind to know what kind of purposes a certificate request with
-a DSA key can really be used for.
+A DSA key can be used for signing only.  This is important to keep
+in mind to know what kind of purposes a certificate request with a
+DSA key can really be used for.
 
 Generating a key for the DSA algorithm is a two-step process.  First,
 you have to generate parameters from which to generate the key:
diff --git a/doc/HOWTO/proxy_certificates.txt b/doc/HOWTO/proxy_certificates.txt
new file mode 100644
index 0000000000..3d36b02f6b
--- /dev/null
+++ b/doc/HOWTO/proxy_certificates.txt
@@ -0,0 +1,322 @@
+<DRAFT!>
+			HOWTO proxy certificates
+
+0. WARNING
+
+NONE OF THE CODE PRESENTED HERE HAVE BEEN CHECKED!  They are just an
+example to show you how things can be done.  There may be typos or
+type conflicts, and you will have to resolve them.
+
+1. Introduction
+
+Proxy certificates are defined in RFC 3820.  They are really usual
+certificates with the mandatory extension proxyCertInfo.
+
+Proxy certificates are issued by an End Entity (typically a user),
+either directly with the EE certificate as issuing certificate, or by
+extension through an already issued proxy certificate..  They are used
+to extend rights to some other entity (a computer process, typically,
+or sometimes to the user itself), so it can perform operations in the
+name of the owner of the EE certificate.
+
+See http://www.ietf.org/rfc/rfc3820.txt for more information.
+
+
+2. A warning about proxy certificates
+
+Noone seems to have tested proxy certificates with security in mind.
+Basically, to this date, it seems that proxy certificates have only
+been used in a world that's highly aware of them.  What would happen
+if an unsuspecting application is to validate a chain of certificates
+that contains proxy certificates?  It would usually consider the leaf
+to be the certificate to check for authorisation data, and since proxy
+certificates are controlled by the EE certificate owner alone, it's
+would be normal to consider what the EE certificate owner could do
+with them.
+
+subjectAltName and issuerAltName are forbidden in proxy certificates,
+and this is enforced in OpenSSL.  The subject must be the same as the
+issuer, with one commonName added on.
+
+Possible threats are, as far as has been imagined so far:
+
+ - impersonation through commonName (think server certificates).
+ - use of additional extensions, possibly non-standard ones used in
+   certain environments, that would grant extra or different
+   authorisation rights.
+
+For this reason, OpenSSL requires that the use of proxy certificates
+be explicitely allowed.  Currently, this can be done using the
+following methods:
+
+ - if the application calls X509_verify_cert() itself, it can do the
+   following prior to that call (ctx is the pointer passed in the call
+   to X509_verify_cert()):
+
+	X509_STORE_CTX_set_flags(ctx, X509_V_FLAG_ALLOW_PROXY_CERTS);
+
+ - in all other cases, proxy certificate validation can be enabled
+   before starting the application by setting the envirnoment variable
+   OPENSSL_ALLOW_PROXY with some non-empty value.
+
+There are thoughts to allow proxy certificates with a line in the
+default openssl.cnf, but that's still in the future.
+
+
+3. How to create proxy cerificates
+
+It's quite easy to create proxy certificates, by taking advantage of
+the lack of checks of the 'openssl x509' application (*ahem*).  But
+first, you need to create a configuration section that contains a
+definition of the proxyCertInfo extension, a little like this:
+
+  [ v3_proxy ]
+  # A proxy certificate MUST NEVER be a CA certificate.
+  basicConstraints=CA:FALSE
+
+  # Usual authority key ID
+  authorityKeyIdentifier=keyid,issuer:always
+
+  # Now, for the extension that marks this certificate as a proxy one
+  proxyCertInfo=critical,language:id-ppl-anyLanguage,pathlen:1,policy:text:AB
+
+It's also possible to give the proxy extension in a separate section:
+
+  proxyCertInfo=critical,@proxy_ext
+
+  [ proxy_ext ]
+  language=id-ppl-anyLanguage
+  pathlen=0
+  policy=text:BC
+
+The policy value has a specific syntax, {syntag}:{string}, where the
+syntag determines what will be done with the string.  The recognised
+syntags are as follows:
+
+  text	indicates that the string is simply the bytes, not
+	encoded in any kind of way:
+
+		policy=text:räksmörgås
+
+	Previous versions of this design had a specific tag
+	for UTF-8 text.  However, since the bytes are copied
+	as-is anyway, there's no need for it.  Instead, use
+	the text: tag, like this:
+
+		policy=text:räksmörgås
+
+  hex	indicates the string is encoded in hex, with colons
+	between each byte (every second hex digit):
+
+		policy=hex:72:E4:6B:73:6D:F6:72:67:E5:73
+
+	Previous versions of this design had a tag to insert a
+	complete DER blob.  However, the only legal use for
+	this would be to surround the bytes that would go with
+	the hex: tag with what's needed to construct a correct
+	OCTET STRING.  Since hex: does that, the DER tag felt
+	superfluous, and was therefore removed.
+
+  file	indicates that the text of the policy should really be
+	taken from a file.  The string is then really a file
+	name.  This is useful for policies that are large
+	(more than a few of lines) XML documents, for example.
+
+The 'policy' setting can be split up in multiple lines like this:
+
+  0.policy=This is
+  1.polisy= a multi-
+  2.policy=line policy.
+
+NOTE: the proxy policy value is the part that determines the rights
+granted to the process using the proxy certificate.  The value is
+completely dependent on the application reading and interpretting it!
+
+Now that you have created an extension section for your proxy
+certificate, you can now easily create a proxy certificate like this:
+
+  openssl req -new -config openssl.cnf \
+	  -out proxy.req -keyout proxy.key
+  openssl x509 -req -CAcreateserial -in proxy.req -days 7 \
+	  -out proxy.crt -CA user.crt -CAkey user.key \
+	  -extfile openssl.cnf -extensions v3_proxy
+
+It's just as easy to create a proxy certificate using another proxy
+certificate as issuer (note that I'm using a different configuration
+section for it):
+
+  openssl req -new -config openssl.cnf \
+	  -out proxy2.req -keyout proxy2.key
+  openssl x509 -req -CAcreateserial -in proxy2.req -days 7 \
+	  -out proxy2.crt -CA proxy.crt -CAkey proxy.key \
+	  -extfile openssl.cnf -extensions v3_proxy2
+
+
+4. How to have your application interpret the policy?
+
+The basic way to interpret proxy policies is to prepare some default
+rights, then do a check of the proxy certificate against the a chain
+of proxy certificates, user certificate and CA certificates, and see
+what rights came out by the end.  Sounds easy, huh?  It almost is.
+
+The slightly complicated part is how to pass data between your
+application and the certificate validation procedure.
+
+You need the following ingredients:
+
+ - a callback routing that will be called for every certificate that's
+   validated.  It will be called several times for each certificates,
+   so you must be attentive to when it's a good time to do the proxy
+   policy interpretation and check, as well as to fill in the defaults
+   when the EE certificate is checked.
+
+ - a structure of data that's shared between your application code and
+   the callback.
+
+ - a wrapper function that sets it all up.
+
+ - an ex_data index function that creates an index into the generic
+   ex_data store that's attached to an X509 validation context.
+
+This is some cookbook code for you to fill in:
+
+  /* In this example, I will use a view of granted rights as a bit
+     array, one bit for each possible right.  */
+  typedef struct your_rights {
+    unsigned char rights[total_rights / 8];
+  } YOUR_RIGHTS;
+
+  /* The following procedure will create an index for the ex_data
+     store in the X509 validation context the first time it's called.
+     Subsequent calls will return the same index.  */
+  static int get_proxy_auth_ex_data_idx(void)
+  {
+    static volatile int idx = -1;
+    if (idx < 0)
+      {
+        CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE);
+        if (idx < 0)
+          {
+            idx = X509_STORE_CTX_get_ex_new_index(0,
+                                                  "for verify callback",
+                                                  NULL,NULL,NULL);
+          }
+        CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
+      }
+    return idx;
+  }
+
+  /* Callback to be given to the X509 validation procedure.  */
+  static int verify_callback(int ok, X509_STORE_CTX *ctx)
+  {
+    if (ok == 1) /* It's REALLY important you keep the proxy policy
+                    check within this secion.  It's important to know
+                    that when ok is 1, the certificates are checked
+                    from top to bottom.  You get the CA root first,
+                    followed by the possible chain of intermediate
+                    CAs, followed by the EE certificate, followed by
+                    the possible proxy certificates.  */
+      {
+        X509 *xs = ctx->current_cert;
+
+        if (xs->ex_flags & EXFLAG_PROXY)
+          {
+	    YOUR_RIGHTS *rights =
+              (YOUR_RIGHTS *)X509_STORE_CTX_get_ex_data(ctx,
+                get_proxy_auth_ex_data_idx());
+            PROXY_CERT_INFO_EXTENSION *pci =
+              X509_get_ext_d2i(xs, NID_proxyCertInfo, NULL, NULL);
+
+            switch (OBJ_obj2nid(pci->proxyPolicy->policyLanguage))
+              {
+              case NID_Independent:
+                /* Do whatever you need to grant explicit rights to
+                   this particular proxy certificate, usually by
+                   pulling them from some database.  If there are none
+                   to be found, clear all rights (making this and any
+                   subsequent proxy certificate void of any rights).
+                */
+                memset(rights->rights, 0, sizeof(rights->rights));
+                break;
+              case NID_id_ppl_inheritAll:
+                /* This is basically a NOP, we simply let the current
+                   rights stand as they are. */
+                break;
+              default:
+                /* This is usually the most complex section of code.
+                   You really do whatever you want as long as you
+                   follow RFC 3820.  In the example we use here, the
+                   simplest thing to do is to build another, temporary
+                   bit array and fill it with the rights granted by
+                   the current proxy certificate, then use it as a
+                   mask on the accumulated rights bit array, and
+                   voilà, you now have a new accumulated rights bit
+                   array.  */
+                {
+                  int i;
+                  YOUR_RIGHTS tmp_rights;
+		  memset(tmp_rights.rights, 0, sizeof(tmp_rights.rights));
+
+                  /* process_rights() is supposed to be a procedure
+                     that takes a string and it's length, interprets
+                     it and sets the bits in the YOUR_RIGHTS pointed
+                     at by the third argument.  */
+                  process_rights((char *) pci->proxyPolicy->policy->data,
+                                 pci->proxyPolicy->policy->length,
+                                 &tmp_rights);
+
+                  for(i = 0; i < total_rights / 8; i++)
+                    rights->rights[i] &= tmp_rights.rights[i];
+                }
+                break;
+              }
+            PROXY_CERT_INFO_EXTENSION_free(pci);
+          }
+        else if (!(xs->ex_flags & EXFLAG_CA))
+          {
+            /* We have a EE certificate, let's use it to set default!
+            */
+	    YOUR_RIGHTS *rights =
+              (YOUR_RIGHTS *)X509_STORE_CTX_get_ex_data(ctx,
+                get_proxy_auth_ex_data_idx());
+
+            /* The following procedure finds out what rights the owner
+               of the current certificate has, and sets them in the
+               YOUR_RIGHTS structure pointed at by the second
+               argument.  */
+            set_default_rights(xs, rights);
+          }
+      }
+    return ok;
+  }
+
+  static int my_X509_verify_cert(X509_STORE_CTX *ctx,
+                                 YOUR_RIGHTS *needed_rights)
+  {
+    int i;
+    int (*save_verify_cb)(int ok,X509_STORE_CTX *ctx) = ctx->verify_cb;
+    YOUR_RIGHTS rights;
+
+    X509_STORE_CTX_set_verify_cb(ctx, verify_callback);
+    X509_STORE_CTX_set_ex_data(ctx, get_proxy_auth_ex_data_idx(), &rights);
+    X509_STORE_CTX_set_flags(ctx, X509_V_FLAG_ALLOW_PROXY_CERTS);
+    ok = X509_verify_cert(ctx);
+
+    if (ok == 1)
+      {
+        ok = check_needed_rights(rights, needed_rights);
+      }
+
+    X509_STORE_CTX_set_verify_cb(ctx, save_verify_cb);
+
+    return ok;
+  }
+
+If you use SSL or TLS, you can easily set up a callback to have the
+certificates checked properly, using the code above:
+
+  SSL_CTX_set_cert_verify_callback(s_ctx, my_X509_verify_cert, &needed_rights);
+
+
+-- 
+Richard Levitte
diff --git a/doc/apps/CA.pl.pod b/doc/apps/CA.pl.pod
index 58e0f52001..ed69952f37 100644
--- a/doc/apps/CA.pl.pod
+++ b/doc/apps/CA.pl.pod
@@ -47,7 +47,7 @@ written to the file "newreq.pem".
 creates a new certificate request. The private key and request are
 written to the file "newreq.pem".
 
-=item B<-newreq-nowdes>
+=item B<-newreq-nodes>
 
 is like B<-newreq> except that the private key will not be encrypted.
 
diff --git a/doc/apps/asn1parse.pod b/doc/apps/asn1parse.pod
index 542d969066..f7bb926211 100644
--- a/doc/apps/asn1parse.pod
+++ b/doc/apps/asn1parse.pod
@@ -72,11 +72,11 @@ option can be used multiple times to "drill down" into a nested structure.
 =item B<-genstr string>, B<-genconf file>
 
 generate encoded data based on B<string>, B<file> or both using
-ASN1_generate_nconf() format. If B<file> only is present then the string
-is obtained from the default section using the name B<asn1>. The encoded
-data is passed through the ASN1 parser and printed out as though it came
-from a file, the contents can thus be examined and written to a file
-using the B<out> option. 
+L<ASN1_generate_nconf(3)|ASN1_generate_nconf(3)> format. If B<file> only is
+present then the string is obtained from the default section using the name
+B<asn1>. The encoded data is passed through the ASN1 parser and printed out as
+though it came from a file, the contents can thus be examined and written to a
+file using the B<out> option. 
 
 =back
 
@@ -168,4 +168,8 @@ Example config file:
 There should be options to change the format of output lines. The output of some
 ASN.1 types is not well handled (if at all).
 
+=head1 SEE ALSO
+
+L<ASN1_generate_nconf(3)|ASN1_generate_nconf(3)>
+
 =cut
diff --git a/doc/apps/ca.pod b/doc/apps/ca.pod
index 5db7d9441c..9ff0cc3612 100644
--- a/doc/apps/ca.pod
+++ b/doc/apps/ca.pod
@@ -17,7 +17,6 @@ B<openssl> B<ca>
 [B<-crl_hold instruction>]
 [B<-crl_compromise time>]
 [B<-crl_CA_compromise time>]
-[B<-subj arg>]
 [B<-crldays days>]
 [B<-crlhours hours>]
 [B<-crlexts section>]
@@ -45,6 +44,9 @@ B<openssl> B<ca>
 [B<-extensions section>]
 [B<-extfile section>]
 [B<-engine id>]
+[B<-subj arg>]
+[B<-utf8>]
+[B<-multivalue-rdn>]
 
 =head1 DESCRIPTION
 
@@ -203,7 +205,9 @@ the section of the configuration file containing certificate extensions
 to be added when a certificate is issued (defaults to B<x509_extensions>
 unless the B<-extfile> option is used). If no extension section is
 present then, a V1 certificate is created. If the extension section
-is present (even if it is empty), then a V3 certificate is created.
+is present (even if it is empty), then a V3 certificate is created. See the:w
+L<x509v3_config(5)|x509v3_config(5)> manual page for details of the
+extension section format.
 
 =item B<-extfile file>
 
@@ -213,11 +217,33 @@ used).
 
 =item B<-engine id>
 
-specifying an engine (by it's unique B<id> string) will cause B<req>
+specifying an engine (by its unique B<id> string) will cause B<ca>
 to attempt to obtain a functional reference to the specified engine,
 thus initialising it if needed. The engine will then be set as the default
 for all available algorithms.
 
+=item B<-subj arg>
+
+supersedes subject name given in the request.
+The arg must be formatted as I</type0=value0/type1=value1/type2=...>,
+characters may be escaped by \ (backslash), no spaces are skipped.
+
+=item B<-utf8>
+
+this option causes field values to be interpreted as UTF8 strings, by 
+default they are interpreted as ASCII. This means that the field
+values, whether prompted from a terminal or obtained from a
+configuration file, must be valid UTF8 strings.
+
+=item B<-multivalue-rdn>
+
+this option causes the -subj argument to be interpretedt with full
+support for multivalued RDNs. Example:
+
+I</DC=org/DC=OpenSSL/DC=users/UID=123456+CN=John Doe>
+
+If -multi-rdn is not used then the UID value is I<123456+CN=John Doe>.
+
 =back
 
 =head1 CRL OPTIONS
@@ -268,12 +294,6 @@ B<time>. B<time> should be in GeneralizedTime format that is B<YYYYMMDDHHMMSSZ>.
 This is the same as B<crl_compromise> except the revocation reason is set to
 B<CACompromise>.
 
-=item B<-subj arg>
-
-supersedes subject name given in the request.
-The arg must be formatted as I</type0=value0/type1=value1/type2=...>,
-characters may be escaped by \ (backslash), no spaces are skipped.
-
 =item B<-crlexts section>
 
 the section of the configuration file containing CRL extensions to
@@ -281,7 +301,9 @@ include. If no CRL extension section is present then a V1 CRL is
 created, if the CRL extension section is present (even if it is
 empty) then a V2 CRL is created. The CRL extensions specified are
 CRL extensions and B<not> CRL entry extensions.  It should be noted
-that some software (for example Netscape) can't handle V2 CRLs. 
+that some software (for example Netscape) can't handle V2 CRLs. See
+L<x509v3_config(5)|x509v3_config(5)> manual page for details of the
+extension section format.
 
 =back
 
@@ -422,7 +444,7 @@ the same as B<-msie_hack>
 the same as B<-policy>. Mandatory. See the B<POLICY FORMAT> section
 for more information.
 
-=item B<nameopt>, B<certopt>
+=item B<name_opt>, B<cert_opt>
 
 these options allow the format used to display the certificate details
 when asking the user to confirm signing. All the options supported by
@@ -544,8 +566,8 @@ A sample configuration file with the relevant sections for B<ca>:
  policy         = policy_any            # default policy
  email_in_dn    = no                    # Don't add the email into cert DN
 
- nameopt	= ca_default		# Subject name display option
- certopt	= ca_default		# Certificate display option
+ name_opt	= ca_default		# Subject name display option
+ cert_opt	= ca_default		# Certificate display option
  copy_extensions = none			# Don't copy extensions from request
 
  [ policy_any ]
@@ -648,6 +670,6 @@ then even if a certificate is issued with CA:TRUE it will not be valid.
 =head1 SEE ALSO
 
 L<req(1)|req(1)>, L<spkac(1)|spkac(1)>, L<x509(1)|x509(1)>, L<CA.pl(1)|CA.pl(1)>,
-L<config(5)|config(5)>
+L<config(5)|config(5)>, L<x509v3_config(5)|x509v3_config(5)> 
 
 =cut
diff --git a/doc/apps/ciphers.pod b/doc/apps/ciphers.pod
index 81a2c43893..f44aa00a2f 100644
--- a/doc/apps/ciphers.pod
+++ b/doc/apps/ciphers.pod
@@ -8,6 +8,7 @@ ciphers - SSL cipher display and cipher list tool.
 
 B<openssl> B<ciphers>
 [B<-v>]
+[B<-V>]
 [B<-ssl2>]
 [B<-ssl3>]
 [B<-tls1>]
@@ -15,7 +16,7 @@ B<openssl> B<ciphers>
 
 =head1 DESCRIPTION
 
-The B<cipherlist> command converts OpenSSL cipher lists into ordered
+The B<ciphers> command converts textual OpenSSL cipher lists into ordered
 SSL cipher preference lists. It can be used as a test tool to determine
 the appropriate cipherlist.
 
@@ -25,7 +26,7 @@ the appropriate cipherlist.
 
 =item B<-v>
 
-verbose option. List ciphers with a complete description of
+Verbose option. List ciphers with a complete description of
 protocol version (SSLv2 or SSLv3; the latter includes TLS), key exchange,
 authentication, encryption and mac algorithms used along with any key size
 restrictions and whether the algorithm is classed as an "export" cipher.
@@ -33,6 +34,10 @@ Note that without the B<-v> option, ciphers may seem to appear twice
 in a cipher list; this is when similar ciphers are available for
 SSL v2 and for SSL v3/TLS v1.
 
+=item B<-V>
+
+Like B<-V>, but include cipher suite codes in output (hex format).
+
 =item B<-ssl3>
 
 only include SSL v3 ciphers.
@@ -104,8 +109,8 @@ The following is a list of all permitted cipher strings and their meanings.
 
 =item B<DEFAULT>
 
-the default cipher list. This is determined at compile time and is normally
-B<ALL:!ADH:RC4+RSA:+SSLv2:@STRENGTH>. This must be the first cipher string
+the default cipher list. This is determined at compile time and, as of OpenSSL
+1.0.0, is normally B<ALL:!aNULL:!eNULL>. This must be the first cipher string
 specified.
 
 =item B<COMPLEMENTOFDEFAULT>
@@ -116,7 +121,8 @@ not included by B<ALL> (use B<COMPLEMENTOFALL> if necessary).
 
 =item B<ALL>
 
-all ciphers suites except the B<eNULL> ciphers which must be explicitly enabled.
+all cipher suites except the B<eNULL> ciphers which must be explicitly enabled;
+as of OpenSSL, the B<ALL> cipher suites are reasonably ordered by default
 
 =item B<COMPLEMENTOFALL>
 
@@ -125,11 +131,11 @@ the cipher suites not enabled by B<ALL>, currently being B<eNULL>.
 =item B<HIGH>
 
 "high" encryption cipher suites. This currently means those with key lengths larger
-than 128 bits.
+than 128 bits, and some cipher suites with 128-bit keys.
 
 =item B<MEDIUM>
 
-"medium" encryption cipher suites, currently those using 128 bit encryption.
+"medium" encryption cipher suites, currently some of those using 128 bit encryption.
 
 =item B<LOW>
 
@@ -146,7 +152,9 @@ export encryption algorithms. Including 40 and 56 bits algorithms.
 
 =item B<EXPORT56>
 
-56 bit export encryption algorithms.
+56 bit export encryption algorithms. In OpenSSL 0.9.8c and later the set of
+56 bit export ciphers is empty unless OpenSSL has been explicitly configured
+with support for experimental ciphers.
 
 =item B<eNULL>, B<NULL>
 
@@ -207,6 +215,10 @@ anonymous DH cipher suites.
 
 cipher suites using AES.
 
+=item B<CAMELLIA>
+
+cipher suites using Camellia.
+
 =item B<3DES>
 
 cipher suites using triple DES.
@@ -227,6 +239,10 @@ cipher suites using RC2.
 
 cipher suites using IDEA.
 
+=item B<SEED>
+
+cipher suites using SEED.
+
 =item B<MD5>
 
 cipher suites using MD5.
@@ -235,6 +251,33 @@ cipher suites using MD5.
 
 cipher suites using SHA1.
 
+=item B<aGOST> 
+
+cipher suites using GOST R 34.10 (either 2001 or 94) for authenticaction
+(needs an engine supporting GOST algorithms). 
+
+=item B<aGOST01>
+
+cipher suites using GOST R 34.10-2001 authentication.
+
+=item B<aGOST94>
+
+cipher suites using GOST R 34.10-94 authentication (note that R 34.10-94
+standard has been expired so use GOST R 34.10-2001)
+
+=item B<kGOST>
+
+cipher suites, using VKO 34.10 key exchange, specified in the RFC 4357.
+
+=item B<GOST94>
+
+cipher suites, using HMAC based on GOST R 34.11-94.
+
+=item B<GOST89MAC>
+
+cipher suites using GOST 28147-89 MAC B<instead of> HMAC.
+
+
 =back
 
 =head1 CIPHER SUITE NAMES
@@ -317,10 +360,10 @@ e.g. DES-CBC3-SHA. In these cases, RSA authentication is used.
  TLS_RSA_WITH_AES_128_CBC_SHA            AES128-SHA
  TLS_RSA_WITH_AES_256_CBC_SHA            AES256-SHA
 
- TLS_DH_DSS_WITH_AES_128_CBC_SHA         DH-DSS-AES128-SHA
- TLS_DH_DSS_WITH_AES_256_CBC_SHA         DH-DSS-AES256-SHA
- TLS_DH_RSA_WITH_AES_128_CBC_SHA         DH-RSA-AES128-SHA
- TLS_DH_RSA_WITH_AES_256_CBC_SHA         DH-RSA-AES256-SHA
+ TLS_DH_DSS_WITH_AES_128_CBC_SHA         Not implemented.
+ TLS_DH_DSS_WITH_AES_256_CBC_SHA         Not implemented.
+ TLS_DH_RSA_WITH_AES_128_CBC_SHA         Not implemented.
+ TLS_DH_RSA_WITH_AES_256_CBC_SHA         Not implemented.
 
  TLS_DHE_DSS_WITH_AES_128_CBC_SHA        DHE-DSS-AES128-SHA
  TLS_DHE_DSS_WITH_AES_256_CBC_SHA        DHE-DSS-AES256-SHA
@@ -330,6 +373,46 @@ e.g. DES-CBC3-SHA. In these cases, RSA authentication is used.
  TLS_DH_anon_WITH_AES_128_CBC_SHA        ADH-AES128-SHA
  TLS_DH_anon_WITH_AES_256_CBC_SHA        ADH-AES256-SHA
 
+=head2 Camellia ciphersuites from RFC4132, extending TLS v1.0
+
+ TLS_RSA_WITH_CAMELLIA_128_CBC_SHA      CAMELLIA128-SHA
+ TLS_RSA_WITH_CAMELLIA_256_CBC_SHA      CAMELLIA256-SHA
+
+ TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA   Not implemented.
+ TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA   Not implemented.
+ TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA   Not implemented.
+ TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA   Not implemented.
+
+ TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA  DHE-DSS-CAMELLIA128-SHA
+ TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA  DHE-DSS-CAMELLIA256-SHA
+ TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA  DHE-RSA-CAMELLIA128-SHA
+ TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA  DHE-RSA-CAMELLIA256-SHA
+
+ TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA  ADH-CAMELLIA128-SHA
+ TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA  ADH-CAMELLIA256-SHA
+
+=head2 SEED ciphersuites from RFC4162, extending TLS v1.0
+
+ TLS_RSA_WITH_SEED_CBC_SHA              SEED-SHA
+
+ TLS_DH_DSS_WITH_SEED_CBC_SHA           Not implemented.
+ TLS_DH_RSA_WITH_SEED_CBC_SHA           Not implemented.
+
+ TLS_DHE_DSS_WITH_SEED_CBC_SHA          DHE-DSS-SEED-SHA
+ TLS_DHE_RSA_WITH_SEED_CBC_SHA          DHE-RSA-SEED-SHA
+
+ TLS_DH_anon_WITH_SEED_CBC_SHA          ADH-SEED-SHA
+
+=head2 GOST ciphersuites from draft-chudov-cryptopro-cptls, extending TLS v1.0
+
+Note: these ciphers require an engine which including GOST cryptographic
+algorithms, such as the B<ccgost> engine, included in the OpenSSL distribution.
+
+ TLS_GOSTR341094_WITH_28147_CNT_IMIT GOST94-GOST89-GOST89
+ TLS_GOSTR341001_WITH_28147_CNT_IMIT GOST2001-GOST89-GOST89
+ TLS_GOSTR341094_WITH_NULL_GOSTR3411 GOST94-NULL-GOST94
+ TLS_GOSTR341001_WITH_NULL_GOSTR3411 GOST2001-NULL-GOST94
+
 =head2 Additional Export 1024 and other cipher suites
 
 Note: these ciphers can also be used in SSL v3.
@@ -388,7 +471,8 @@ L<s_client(1)|s_client(1)>, L<s_server(1)|s_server(1)>, L<ssl(3)|ssl(3)>
 
 =head1 HISTORY
 
-The B<COMPLENTOFALL> and B<COMPLEMENTOFDEFAULT> selection options were
-added in version 0.9.7.
+The B<COMPLENTOFALL> and B<COMPLEMENTOFDEFAULT> selection options
+for cipherlist strings were added in OpenSSL 0.9.7.
+The B<-V> option for the B<ciphers> command was added in OpenSSL 1.0.0.
 
 =cut
diff --git a/doc/apps/cms.pod b/doc/apps/cms.pod
new file mode 100644
index 0000000000..a09588a18d
--- /dev/null
+++ b/doc/apps/cms.pod
@@ -0,0 +1,602 @@
+=pod
+
+=head1 NAME
+
+cms - CMS utility
+
+=head1 SYNOPSIS
+
+B<openssl> B<cms>
+[B<-encrypt>]
+[B<-decrypt>]
+[B<-sign>]
+[B<-verify>]
+[B<-cmsout>]
+[B<-resign>]
+[B<-data_create>]
+[B<-data_out>]
+[B<-digest_create>]
+[B<-digest_verify>]
+[B<-compress>]
+[B<-uncompress>]
+[B<-EncryptedData_encrypt>]
+[B<-sign_receipt>]
+[B<-verify_receipt receipt>]
+[B<-in filename>]
+[B<-inform SMIME|PEM|DER>]
+[B<-rctform SMIME|PEM|DER>]
+[B<-out filename>]
+[B<-outform SMIME|PEM|DER>]
+[B<-stream -indef -noindef>]
+[B<-noindef>]
+[B<-content filename>]
+[B<-text>]
+[B<-noout>]
+[B<-print>]
+[B<-CAfile file>]
+[B<-CApath dir>]
+[B<-md digest>]
+[B<-[cipher]>]
+[B<-nointern>]
+[B<-no_signer_cert_verify>]
+[B<-nocerts>]
+[B<-noattr>]
+[B<-nosmimecap>]
+[B<-binary>]
+[B<-nodetach>]
+[B<-certfile file>]
+[B<-certsout file>]
+[B<-signer file>]
+[B<-recip file>]
+[B<-keyid>]
+[B<-receipt_request_all -receipt_request_first>]
+[B<-receipt_request_from emailaddress>]
+[B<-receipt_request_to emailaddress>]
+[B<-receipt_request_print>]
+[B<-secretkey key>]
+[B<-secretkeyid id>]
+[B<-econtent_type type>]
+[B<-inkey file>]
+[B<-passin arg>]
+[B<-rand file(s)>]
+[B<cert.pem...>]
+[B<-to addr>]
+[B<-from addr>]
+[B<-subject subj>]
+[cert.pem]...
+
+=head1 DESCRIPTION
+
+The B<cms> command handles S/MIME v3.1 mail. It can encrypt, decrypt, sign and
+verify, compress and uncompress S/MIME messages.
+
+=head1 COMMAND OPTIONS
+
+There are fourteen operation options that set the type of operation to be
+performed. The meaning of the other options varies according to the operation
+type.
+
+=over 4
+
+=item B<-encrypt>
+
+encrypt mail for the given recipient certificates. Input file is the message
+to be encrypted. The output file is the encrypted mail in MIME format. The
+actual CMS type is <B>EnvelopedData<B>.
+
+=item B<-decrypt>
+
+decrypt mail using the supplied certificate and private key. Expects an
+encrypted mail message in MIME format for the input file. The decrypted mail
+is written to the output file.
+
+=item B<-sign>
+
+sign mail using the supplied certificate and private key. Input file is
+the message to be signed. The signed message in MIME format is written
+to the output file.
+
+=item B<-verify>
+
+verify signed mail. Expects a signed mail message on input and outputs
+the signed data. Both clear text and opaque signing is supported.
+
+=item B<-cmsout>
+
+takes an input message and writes out a PEM encoded CMS structure.
+
+=item B<-resign>
+
+resign a message: take an existing message and one or more new signers.
+
+=item B<-data_create>
+
+Create a CMS B<Data> type.
+
+=item B<-data_out>
+
+B<Data> type and output the content.
+
+=item B<-digest_create>
+
+Create a CMS B<DigestedData> type.
+
+=item B<-digest_verify>
+
+Verify a CMS B<DigestedData> type and output the content.
+
+=item B<-compress>
+
+Create a CMS B<CompressedData> type. OpenSSL must be compiled with B<zlib>
+support for this option to work, otherwise it will output an error.
+
+=item B<-uncompress>
+
+Uncompress a CMS B<CompressedData> type and output the content. OpenSSL must be
+compiled with B<zlib> support for this option to work, otherwise it will
+output an error.
+
+=item B<-EncryptedData_encrypt>
+
+Encrypt suppled content using supplied symmetric key and algorithm using a CMS
+B<EncrytedData> type and output the content.
+
+=item B<-sign_receipt>
+
+Generate and output a signed receipt for the supplied message. The input 
+message B<must> contain a signed receipt request. Functionality is otherwise
+similar to the B<-sign> operation.
+
+=item B<-verify_receipt receipt>
+
+Verify a signed receipt in filename B<receipt>. The input message B<must> 
+contain the original receipt request. Functionality is otherwise similar
+to the B<-verify> operation.
+
+=item B<-in filename>
+
+the input message to be encrypted or signed or the message to be decrypted
+or verified.
+
+=item B<-inform SMIME|PEM|DER>
+
+this specifies the input format for the CMS structure. The default
+is B<SMIME> which reads an S/MIME format message. B<PEM> and B<DER>
+format change this to expect PEM and DER format CMS structures
+instead. This currently only affects the input format of the CMS
+structure, if no CMS structure is being input (for example with
+B<-encrypt> or B<-sign>) this option has no effect.
+
+=item B<-rctform SMIME|PEM|DER>
+
+specify the format for a signed receipt for use with the B<-receipt_verify>
+operation.
+
+=item B<-out filename>
+
+the message text that has been decrypted or verified or the output MIME
+format message that has been signed or verified.
+
+=item B<-outform SMIME|PEM|DER>
+
+this specifies the output format for the CMS structure. The default
+is B<SMIME> which writes an S/MIME format message. B<PEM> and B<DER>
+format change this to write PEM and DER format CMS structures
+instead. This currently only affects the output format of the CMS
+structure, if no CMS structure is being output (for example with
+B<-verify> or B<-decrypt>) this option has no effect.
+
+=item B<-stream -indef -noindef>
+
+the B<-stream> and B<-indef> options are equivalent and enable streaming I/O
+for encoding operations. This permits single pass processing of data without
+the need to hold the entire contents in memory, potentially supporting very
+large files. Streaming is automatically set for S/MIME signing with detached
+data if the output format is B<SMIME> it is currently off by default for all
+other operations.
+
+=item B<-noindef>
+
+disable streaming I/O where it would produce and indefinite length constructed
+encoding. This option currently has no effect. In future streaming will be
+enabled by default on all relevant operations and this option will disable it.
+
+=item B<-content filename>
+
+This specifies a file containing the detached content, this is only
+useful with the B<-verify> command. This is only usable if the CMS
+structure is using the detached signature form where the content is
+not included. This option will override any content if the input format
+is S/MIME and it uses the multipart/signed MIME content type.
+
+=item B<-text>
+
+this option adds plain text (text/plain) MIME headers to the supplied
+message if encrypting or signing. If decrypting or verifying it strips
+off text headers: if the decrypted or verified message is not of MIME 
+type text/plain then an error occurs.
+
+=item B<-noout>
+
+for the B<-cmsout> operation do not output the parsed CMS structure. This
+is useful when combined with the B<-print> option or if the syntax of the CMS
+structure is being checked.
+
+=item B<-print>
+
+for the B<-cmsout> operation print out all fields of the CMS structure. This
+is mainly useful for testing purposes.
+
+=item B<-CAfile file>
+
+a file containing trusted CA certificates, only used with B<-verify>.
+
+=item B<-CApath dir>
+
+a directory containing trusted CA certificates, only used with
+B<-verify>. This directory must be a standard certificate directory: that
+is a hash of each subject name (using B<x509 -hash>) should be linked
+to each certificate.
+
+=item B<-md digest>
+
+digest algorithm to use when signing or resigning. If not present then the
+default digest algorithm for the signing key will be used (usually SHA1).
+
+=item B<-[cipher]>
+
+the encryption algorithm to use. For example triple DES (168 bits) - B<-des3>
+or 256 bit AES - B<-aes256>. Any standard algorithm name (as used by the
+EVP_get_cipherbyname() function) can also be used preceded by a dash, for 
+example B<-aes_128_cbc>. See L<B<enc>|enc(1)> for a list of ciphers
+supported by your version of OpenSSL.
+
+If not specified triple DES is used. Only used with B<-encrypt> and 
+B<-EncryptedData_create> commands.
+
+=item B<-nointern>
+
+when verifying a message normally certificates (if any) included in
+the message are searched for the signing certificate. With this option
+only the certificates specified in the B<-certfile> option are used.
+The supplied certificates can still be used as untrusted CAs however.
+
+=item B<-no_signer_cert_verify>
+
+do not verify the signers certificate of a signed message.
+
+=item B<-nocerts>
+
+when signing a message the signer's certificate is normally included
+with this option it is excluded. This will reduce the size of the
+signed message but the verifier must have a copy of the signers certificate
+available locally (passed using the B<-certfile> option for example).
+
+=item B<-noattr>
+
+normally when a message is signed a set of attributes are included which
+include the signing time and supported symmetric algorithms. With this
+option they are not included.
+
+=item B<-nosmimecap>
+
+exclude the list of supported algorithms from signed attributes, other options
+such as signing time and content type are still included.
+
+=item B<-binary>
+
+normally the input message is converted to "canonical" format which is
+effectively using CR and LF as end of line: as required by the S/MIME
+specification. When this option is present no translation occurs. This
+is useful when handling binary data which may not be in MIME format.
+
+=item B<-nodetach>
+
+when signing a message use opaque signing: this form is more resistant
+to translation by mail relays but it cannot be read by mail agents that
+do not support S/MIME.  Without this option cleartext signing with
+the MIME type multipart/signed is used.
+
+=item B<-certfile file>
+
+allows additional certificates to be specified. When signing these will
+be included with the message. When verifying these will be searched for
+the signers certificates. The certificates should be in PEM format.
+
+=item B<-certsout file>
+
+any certificates contained in the message are written to B<file>.
+
+=item B<-signer file>
+
+a signing certificate when signing or resigning a message, this option can be
+used multiple times if more than one signer is required. If a message is being
+verified then the signers certificates will be written to this file if the
+verification was successful.
+
+=item B<-recip file>
+
+the recipients certificate when decrypting a message. This certificate
+must match one of the recipients of the message or an error occurs.
+
+=item B<-keyid>
+
+use subject key identifier to identify certificates instead of issuer name and
+serial number. The supplied certificate B<must> include a subject key
+identifier extension. Supported by B<-sign> and B<-encrypt> options.
+
+=item B<-receipt_request_all -receipt_request_first>
+
+for B<-sign> option include a signed receipt request. Indicate requests should
+be provided by all receipient or first tier recipients (those mailed directly
+and not from a mailing list). Ignored it B<-receipt_request_from> is included.
+
+=item B<-receipt_request_from emailaddress>
+
+for B<-sign> option include a signed receipt request. Add an explicit email
+address where receipts should be supplied.
+
+=item B<-receipt_request_to emailaddress>
+
+Add an explicit email address where signed receipts should be sent to. This 
+option B<must> but supplied if a signed receipt it requested.
+
+=item B<-receipt_request_print>
+
+For the B<-verify> operation print out the contents of any signed receipt
+requests.
+
+=item B<-secretkey key>
+
+specify symmetric key to use. The key must be supplied in hex format and be
+consistent with the algorithm used. Supported by the B<-EncryptedData_encrypt>
+B<-EncrryptedData_decrypt>, B<-encrypt> and B<-decrypt> options. When used
+with B<-encrypt> or B<-decrypt> the supplied key is used to wrap or unwrap the
+content encryption key using an AES key in the B<KEKRecipientInfo> type.
+
+=item B<-secretkeyid id>
+
+the key identifier for the supplied symmetric key for B<KEKRecipientInfo> type.
+This option B<must> be present if the B<-secretkey> option is used with
+B<-encrypt>. With B<-decrypt> operations the B<id> is used to locate the
+relevant key if it is not supplied then an attempt is used to decrypt any
+B<KEKRecipientInfo> structures.
+
+=item B<-econtent_type type>
+
+set the encapsulated content type to B<type> if not supplied the B<Data> type
+is used. The B<type> argument can be any valid OID name in either text or
+numerical format. 
+
+=item B<-inkey file>
+
+the private key to use when signing or decrypting. This must match the
+corresponding certificate. If this option is not specified then the
+private key must be included in the certificate file specified with
+the B<-recip> or B<-signer> file. When signing this option can be used
+multiple times to specify successive keys.
+
+=item B<-passin arg>
+
+the private key password source. For more information about the format of B<arg>
+see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
+
+=item B<-rand file(s)>
+
+a file or files containing random data used to seed the random number
+generator, or an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>).
+Multiple files can be specified separated by a OS-dependent character.
+The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
+all others.
+
+=item B<cert.pem...>
+
+one or more certificates of message recipients: used when encrypting
+a message. 
+
+=item B<-to, -from, -subject>
+
+the relevant mail headers. These are included outside the signed
+portion of a message so they may be included manually. If signing
+then many S/MIME mail clients check the signers certificate's email
+address matches that specified in the From: address.
+
+=item B<-purpose, -ignore_critical, -issuer_checks, -crl_check, -crl_check_all, -policy_check, -extended_crl, -x509_strict, -policy -check_ss_sig>
+
+Set various certificate chain valiadition option. See the
+L<B<verify>|verify(1)> manual page for details.
+
+=back
+
+=head1 NOTES
+
+The MIME message must be sent without any blank lines between the
+headers and the output. Some mail programs will automatically add
+a blank line. Piping the mail directly to sendmail is one way to
+achieve the correct format.
+
+The supplied message to be signed or encrypted must include the
+necessary MIME headers or many S/MIME clients wont display it
+properly (if at all). You can use the B<-text> option to automatically
+add plain text headers.
+
+A "signed and encrypted" message is one where a signed message is
+then encrypted. This can be produced by encrypting an already signed
+message: see the examples section.
+
+This version of the program only allows one signer per message but it
+will verify multiple signers on received messages. Some S/MIME clients
+choke if a message contains multiple signers. It is possible to sign
+messages "in parallel" by signing an already signed message.
+
+The options B<-encrypt> and B<-decrypt> reflect common usage in S/MIME
+clients. Strictly speaking these process CMS enveloped data: CMS
+encrypted data is used for other purposes.
+
+The B<-resign> option uses an existing message digest when adding a new
+signer. This means that attributes must be present in at least one existing
+signer using the same message digest or this operation will fail.
+
+The B<-stream> and B<-indef> options enable experimental streaming I/O support.
+As a result the encoding is BER using indefinite length constructed encoding
+and no longer DER. Streaming is supported for the B<-encrypt> operation and the
+B<-sign> operation if the content is not detached.
+
+Streaming is always used for the B<-sign> operation with detached data but
+since the content is no longer part of the CMS structure the encoding
+remains DER.
+
+=head1 EXIT CODES
+
+=over 4
+
+=item 0
+
+the operation was completely successfully.
+
+=item 1 
+
+an error occurred parsing the command options.
+
+=item 2
+
+one of the input files could not be read.
+
+=item 3
+
+an error occurred creating the CMS file or when reading the MIME
+message.
+
+=item 4
+
+an error occurred decrypting or verifying the message.
+
+=item 5
+
+the message was verified correctly but an error occurred writing out
+the signers certificates.
+
+=back
+
+=head1 COMPATIBILITY WITH PKCS#7 format.
+
+The B<smime> utility can only process the older B<PKCS#7> format. The B<cms>
+utility supports Cryptographic Message Syntax format. Use of some features
+will result in messages which cannot be processed by applications which only
+support the older format. These are detailed below.
+
+The use of the B<-keyid> option with B<-sign> or B<-encrypt>.
+
+The B<-outform PEM> option uses different headers.
+
+The B<-compress> option.
+
+The B<-secretkey> option when used with B<-encrypt>.
+
+Additionally the B<-EncryptedData_create> and B<-data_create> type cannot
+be processed by the older B<smime> command.
+
+=head1 EXAMPLES
+
+Create a cleartext signed message:
+
+ openssl cms -sign -in message.txt -text -out mail.msg \
+	-signer mycert.pem
+
+Create an opaque signed message
+
+ openssl cms -sign -in message.txt -text -out mail.msg -nodetach \
+	-signer mycert.pem
+
+Create a signed message, include some additional certificates and
+read the private key from another file:
+
+ openssl cms -sign -in in.txt -text -out mail.msg \
+	-signer mycert.pem -inkey mykey.pem -certfile mycerts.pem
+
+Create a signed message with two signers, use key identifier:
+
+ openssl cms -sign -in message.txt -text -out mail.msg \
+	-signer mycert.pem -signer othercert.pem -keyid
+
+Send a signed message under Unix directly to sendmail, including headers:
+
+ openssl cms -sign -in in.txt -text -signer mycert.pem \
+	-from steve@openssl.org -to someone@somewhere \
+	-subject "Signed message" | sendmail someone@somewhere
+
+Verify a message and extract the signer's certificate if successful:
+
+ openssl cms -verify -in mail.msg -signer user.pem -out signedtext.txt
+
+Send encrypted mail using triple DES:
+
+ openssl cms -encrypt -in in.txt -from steve@openssl.org \
+	-to someone@somewhere -subject "Encrypted message" \
+	-des3 user.pem -out mail.msg
+
+Sign and encrypt mail:
+
+ openssl cms -sign -in ml.txt -signer my.pem -text \
+	| openssl cms -encrypt -out mail.msg \
+	-from steve@openssl.org -to someone@somewhere \
+	-subject "Signed and Encrypted message" -des3 user.pem
+
+Note: the encryption command does not include the B<-text> option because the
+message being encrypted already has MIME headers.
+
+Decrypt mail:
+
+ openssl cms -decrypt -in mail.msg -recip mycert.pem -inkey key.pem
+
+The output from Netscape form signing is a PKCS#7 structure with the
+detached signature format. You can use this program to verify the
+signature by line wrapping the base64 encoded structure and surrounding
+it with:
+
+ -----BEGIN PKCS7-----
+ -----END PKCS7-----
+
+and using the command, 
+
+ openssl cms -verify -inform PEM -in signature.pem -content content.txt
+
+alternatively you can base64 decode the signature and use
+
+ openssl cms -verify -inform DER -in signature.der -content content.txt
+
+Create an encrypted message using 128 bit Camellia:
+
+ openssl cms -encrypt -in plain.txt -camellia128 -out mail.msg cert.pem
+
+Add a signer to an existing message:
+
+ openssl cms -resign -in mail.msg -signer newsign.pem -out mail2.msg
+
+=head1 BUGS
+
+The MIME parser isn't very clever: it seems to handle most messages that I've
+thrown at it but it may choke on others.
+
+The code currently will only write out the signer's certificate to a file: if
+the signer has a separate encryption certificate this must be manually
+extracted. There should be some heuristic that determines the correct
+encryption certificate.
+
+Ideally a database should be maintained of a certificates for each email
+address.
+
+The code doesn't currently take note of the permitted symmetric encryption
+algorithms as supplied in the SMIMECapabilities signed attribute. this means the
+user has to manually include the correct encryption algorithm. It should store
+the list of permitted ciphers in a database and only use those.
+
+No revocation checking is done on the signer's certificate.
+
+=head1 HISTORY
+
+The use of multiple B<-signer> options and the B<-resign> command were first
+added in OpenSSL 1.0.0
+
+
+=cut
diff --git a/doc/apps/dgst.pod b/doc/apps/dgst.pod
index b0d198724c..b035edf08e 100644
--- a/doc/apps/dgst.pod
+++ b/doc/apps/dgst.pod
@@ -14,10 +14,12 @@ B<openssl> B<dgst>
 [B<-binary>]
 [B<-out filename>]
 [B<-sign filename>]
+[B<-keyform arg>]
 [B<-passin arg>]
 [B<-verify filename>]
 [B<-prverify filename>]
 [B<-signature filename>]
+[B<-hmac key>]
 [B<file...>]
 
 [B<md5|md4|md2|sha1|sha|mdc2|ripemd160>]
@@ -60,6 +62,23 @@ filename to output to, or standard output by default.
 
 digitally sign the digest using the private key in "filename".
 
+=item B<-keyform arg>
+
+Specifies the key format to sign digest with. Only PEM and ENGINE
+formats are supported by the B<dgst> command.
+
+=item B<-engine id>
+
+Use engine B<id> for operations (including private key storage).
+This engine is not used as source for digest algorithms, unless it is
+also specified in the configuration file.
+
+=item B<-sigopt nm:v>
+
+Pass options to the signature algorithm during sign or verify operations.
+Names and values of these options are algorithm-specific.
+
+
 =item B<-passin arg>
 
 the private key password source. For more information about the format of B<arg>
@@ -78,6 +97,39 @@ verify the signature using the  the private key in "filename".
 
 the actual signature to verify.
 
+=item B<-hmac key>
+
+create a hashed MAC using "key".
+
+=item B<-mac alg>
+
+create MAC (keyed Message Authentication Code). The most popular MAC
+algorithm is HMAC (hash-based MAC), but there are other MAC algorithms
+which are not based on hash, for instance B<gost-mac> algorithm,
+supported by B<ccgost> engine. MAC keys and other options should be set
+via B<-macopt> parameter.
+
+=item B<-macopt nm:v>
+
+Passes options to MAC algorithm, specified by B<-mac> key.
+Following options are supported by both by B<HMAC> and B<gost-mac>:
+
+=over 8
+
+=item B<key:string>
+	
+Specifies MAC key as alphnumeric string (use if key contain printable
+characters only). String length must conform to any restrictions of
+the MAC algorithm for example exactly 32 chars for gost-mac.
+
+=item B<hexkey:string>
+
+Specifies MAC key in hexadecimal form (two hex digits per byte).
+Key length must conform to any restrictions of the MAC algorithm
+for example exactly 32 chars for gost-mac.
+
+=back
+
 =item B<-rand file(s)>
 
 a file or files containing random data used to seed the random number
diff --git a/doc/apps/dhparam.pod b/doc/apps/dhparam.pod
index c31db95a47..9edb4ff4e1 100644
--- a/doc/apps/dhparam.pod
+++ b/doc/apps/dhparam.pod
@@ -99,7 +99,7 @@ be loaded by calling the B<get_dh>I<numbits>B<()> function.
 
 =item B<-engine id>
 
-specifying an engine (by it's unique B<id> string) will cause B<req>
+specifying an engine (by its unique B<id> string) will cause B<dhparam>
 to attempt to obtain a functional reference to the specified engine,
 thus initialising it if needed. The engine will then be set as the default
 for all available algorithms.
diff --git a/doc/apps/dsa.pod b/doc/apps/dsa.pod
index ed06b8806d..ddbc9327fa 100644
--- a/doc/apps/dsa.pod
+++ b/doc/apps/dsa.pod
@@ -109,7 +109,7 @@ a public key.
 
 =item B<-engine id>
 
-specifying an engine (by it's unique B<id> string) will cause B<req>
+specifying an engine (by its unique B<id> string) will cause B<dsa>
 to attempt to obtain a functional reference to the specified engine,
 thus initialising it if needed. The engine will then be set as the default
 for all available algorithms.
diff --git a/doc/apps/dsaparam.pod b/doc/apps/dsaparam.pod
index b9b1b93b42..ba5ec4d72c 100644
--- a/doc/apps/dsaparam.pod
+++ b/doc/apps/dsaparam.pod
@@ -85,7 +85,7 @@ the input file (if any) is ignored.
 
 =item B<-engine id>
 
-specifying an engine (by it's unique B<id> string) will cause B<req>
+specifying an engine (by its unique B<id> string) will cause B<dsaparam>
 to attempt to obtain a functional reference to the specified engine,
 thus initialising it if needed. The engine will then be set as the default
 for all available algorithms.
diff --git a/doc/apps/ec.pod b/doc/apps/ec.pod
index 1d4a36dbf4..ba6dc4689b 100644
--- a/doc/apps/ec.pod
+++ b/doc/apps/ec.pod
@@ -130,7 +130,7 @@ is currently not implemented in OpenSSL.
 
 =item B<-engine id>
 
-specifying an engine (by it's unique B<id> string) will cause B<req>
+specifying an engine (by its unique B<id> string) will cause B<ec>
 to attempt to obtain a functional reference to the specified engine,
 thus initialising it if needed. The engine will then be set as the default
 for all available algorithms.
diff --git a/doc/apps/ecparam.pod b/doc/apps/ecparam.pod
index 1a12105da7..788c074d7b 100644
--- a/doc/apps/ecparam.pod
+++ b/doc/apps/ecparam.pod
@@ -121,7 +121,7 @@ all others.
 
 =item B<-engine id>
 
-specifying an engine (by it's unique B<id> string) will cause B<req>
+specifying an engine (by its unique B<id> string) will cause B<ecparam>
 to attempt to obtain a functional reference to the specified engine,
 thus initialising it if needed. The engine will then be set as the default
 for all available algorithms.
diff --git a/doc/apps/enc.pod b/doc/apps/enc.pod
index 18fe7c81c7..3dee4ed992 100644
--- a/doc/apps/enc.pod
+++ b/doc/apps/enc.pod
@@ -12,17 +12,24 @@ B<openssl enc -ciphername>
 [B<-pass arg>]
 [B<-e>]
 [B<-d>]
-[B<-a>]
+[B<-a/-base64>]
 [B<-A>]
 [B<-k password>]
 [B<-kfile filename>]
 [B<-K key>]
 [B<-iv IV>]
+[B<-S salt>]
+[B<-salt>]
+[B<-nosalt>]
+[B<-z>]
+[B<-md>]
 [B<-p>]
 [B<-P>]
 [B<-bufsize number>]
 [B<-nopad>]
 [B<-debug>]
+[B<-none>]
+[B<-engine id>]
 
 =head1 DESCRIPTION
 
@@ -50,15 +57,13 @@ see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
 
 =item B<-salt>
 
-use a salt in the key derivation routines. This option should B<ALWAYS>
-be used unless compatibility with previous versions of OpenSSL or SSLeay
-is required. This option is only present on OpenSSL versions 0.9.5 or
-above.
+use a salt in the key derivation routines. This is the default.
 
 =item B<-nosalt>
 
-don't use a salt in the key derivation routines. This is the default for
-compatibility with previous versions of OpenSSL and SSLeay.
+don't use a salt in the key derivation routines. This option B<SHOULD NOT> be
+used except for test purposes or compatibility with ancient versions of OpenSSL
+and SSLeay.
 
 =item B<-e>
 
@@ -74,6 +79,10 @@ base64 process the data. This means that if encryption is taking place
 the data is base64 encoded after encryption. If decryption is set then
 the input data is base64 decoded before being decrypted.
 
+=item B<-base64>
+
+same as B<-a>
+
 =item B<-A>
 
 if the B<-a> option is set then base64 process the data on one line.
@@ -89,10 +98,18 @@ read the password to derive the key from the first line of B<filename>.
 This is for compatibility with previous versions of OpenSSL. Superseded by
 the B<-pass> argument.
 
+=item B<-nosalt>
+
+do not use a salt 
+
+=item B<-salt>
+
+use salt (randomly generated or provide with B<-S> option) when
+encrypting (this is the default).
+
 =item B<-S salt>
 
-the actual salt to use: this must be represented as a string comprised only
-of hex digits.
+the actual salt to use: this must be represented as a string of hex digits.
 
 =item B<-K key>
 
@@ -131,12 +148,34 @@ disable standard block padding
 
 debug the BIOs used for I/O.
 
+=item B<-z>
+
+Compress or decompress clear text using zlib before encryption or after
+decryption. This option exists only if OpenSSL with compiled with zlib
+or zlib-dynamic option.
+
+=item B<-none>
+
+Use NULL cipher (no encryption or decryption of input).
+
 =back
 
 =head1 NOTES
 
 The program can be called either as B<openssl ciphername> or
-B<openssl enc -ciphername>.
+B<openssl enc -ciphername>. But the first form doesn't work with
+engine-provided ciphers, because this form is processed before the
+configuration file is read and any ENGINEs loaded.
+
+Engines which provide entirely new encryption algorithms (such as ccgost
+engine which provides gost89 algorithm) should be configured in the
+configuration file. Engines, specified in the command line using -engine
+options can only be used for hadrware-assisted implementations of
+ciphers, which are supported by OpenSSL core or other engine, specified
+in the configuration file.
+
+When enc command lists supported ciphers, ciphers provided by engines,
+specified in the configuration files are listed too.
 
 A password will be prompted for to derive the key and IV if necessary.
 
@@ -169,6 +208,14 @@ Blowfish and RC5 algorithms use a 128 bit key.
 
 =head1 SUPPORTED CIPHERS
 
+Note that some of these ciphers can be disabled at compile time
+and some are available only if an appropriate engine is configured
+in the configuration file. The output of the B<enc> command run with
+unsupported options (for example B<openssl enc -help>) includes a
+list of ciphers, supported by your versesion of OpenSSL, including
+ones provided by configured engines.
+
+
  base64             Base 64
 
  bf-cbc             Blowfish in CBC mode
@@ -191,18 +238,21 @@ Blowfish and RC5 algorithms use a 128 bit key.
  des-ecb            DES in ECB mode
 
  des-ede-cbc        Two key triple DES EDE in CBC mode
- des-ede            Alias for des-ede
+ des-ede            Two key triple DES EDE in ECB mode
  des-ede-cfb        Two key triple DES EDE in CFB mode
  des-ede-ofb        Two key triple DES EDE in OFB mode
 
  des-ede3-cbc       Three key triple DES EDE in CBC mode
- des-ede3           Alias for des-ede3-cbc
+ des-ede3           Three key triple DES EDE in ECB mode
  des3               Alias for des-ede3-cbc
  des-ede3-cfb       Three key triple DES EDE CFB mode
  des-ede3-ofb       Three key triple DES EDE in OFB mode
 
  desx               DESX algorithm.
 
+ gost89             GOST 28147-89 in CFB mode (provided by ccgost engine)
+ gost89-cnt        `GOST 28147-89 in CNT mode (provided by ccgost engine) 
+
  idea-cbc           IDEA algorithm in CBC mode
  idea               same as idea-cbc
  idea-cfb           IDEA in CFB mode
@@ -211,9 +261,9 @@ Blowfish and RC5 algorithms use a 128 bit key.
 
  rc2-cbc            128 bit RC2 in CBC mode
  rc2                Alias for rc2-cbc
- rc2-cfb            128 bit RC2 in CBC mode
- rc2-ecb            128 bit RC2 in CBC mode
- rc2-ofb            128 bit RC2 in CBC mode
+ rc2-cfb            128 bit RC2 in CFB mode
+ rc2-ecb            128 bit RC2 in ECB mode
+ rc2-ofb            128 bit RC2 in OFB mode
  rc2-64-cbc         64 bit RC2 in CBC mode
  rc2-40-cbc         40 bit RC2 in CBC mode
 
@@ -223,9 +273,17 @@ Blowfish and RC5 algorithms use a 128 bit key.
 
  rc5-cbc            RC5 cipher in CBC mode
  rc5                Alias for rc5-cbc
- rc5-cfb            RC5 cipher in CBC mode
- rc5-ecb            RC5 cipher in CBC mode
- rc5-ofb            RC5 cipher in CBC mode
+ rc5-cfb            RC5 cipher in CFB mode
+ rc5-ecb            RC5 cipher in ECB mode
+ rc5-ofb            RC5 cipher in OFB mode
+
+ aes-[128|192|256]-cbc	128/192/256 bit AES in CBC mode
+ aes-[128|192|256]	Alias for aes-[128|192|256]-cbc
+ aes-[128|192|256]-cfb	128/192/256 bit AES in 128 bit CFB mode
+ aes-[128|192|256]-cfb1	128/192/256 bit AES in 1 bit CFB mode
+ aes-[128|192|256]-cfb8	128/192/256 bit AES in 8 bit CFB mode
+ aes-[128|192|256]-ecb	128/192/256 bit AES in ECB mode
+ aes-[128|192|256]-ofb	128/192/256 bit AES in OFB mode
 
 =head1 EXAMPLES
 
diff --git a/doc/apps/gendsa.pod b/doc/apps/gendsa.pod
index 2c56cc7888..8c7f114ca0 100644
--- a/doc/apps/gendsa.pod
+++ b/doc/apps/gendsa.pod
@@ -40,7 +40,7 @@ all others.
 
 =item B<-engine id>
 
-specifying an engine (by it's unique B<id> string) will cause B<req>
+specifying an engine (by its unique B<id> string) will cause B<gendsa>
 to attempt to obtain a functional reference to the specified engine,
 thus initialising it if needed. The engine will then be set as the default
 for all available algorithms.
diff --git a/doc/apps/genpkey.pod b/doc/apps/genpkey.pod
new file mode 100644
index 0000000000..1611b5ca78
--- /dev/null
+++ b/doc/apps/genpkey.pod
@@ -0,0 +1,213 @@
+=pod
+
+=head1 NAME
+
+genpkey - generate a private key
+
+=head1 SYNOPSIS
+
+B<openssl> B<genpkey>
+[B<-out filename>]
+[B<-outform PEM|DER>]
+[B<-pass arg>]
+[B<-cipher>]
+[B<-engine id>]
+[B<-paramfile file>]
+[B<-algorithm alg>]
+[B<-pkeyopt opt:value>]
+[B<-genparam>]
+[B<-text>]
+
+=head1 DESCRIPTION
+
+The B<genpkey> command generates a private key.
+
+=head1 OPTIONS
+
+=over 4
+
+=item B<-out filename>
+
+the output filename. If this argument is not specified then standard output is
+used.  
+
+=item B<-outform DER|PEM>
+
+This specifies the output format DER or PEM.
+
+=item B<-pass arg>
+
+the output file password source. For more information about the format of B<arg>
+see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
+
+=item B<-cipher>
+
+This option encrypts the private key with the supplied cipher. Any algorithm
+name accepted by EVP_get_cipherbyname() is acceptable such as B<des3>.
+
+=item B<-engine id>
+
+specifying an engine (by its unique B<id> string) will cause B<genpkey>
+to attempt to obtain a functional reference to the specified engine,
+thus initialising it if needed. The engine will then be set as the default
+for all available algorithms. If used this option should precede all other
+options.
+
+=item B<-algorithm alg>
+
+public key algorithm to use such as RSA, DSA or DH. If used this option must
+precede any B<-pkeyopt> options. The options B<-paramfile> and B<-algorithm>
+are mutually exclusive.
+
+=item B<-pkeyopt opt:value>
+
+set the public key algorithm option B<opt> to B<value>. The precise set of
+options supported depends on the public key algorithm used and its
+implementation. See B<KEY GENERATION OPTIONS> below for more details.
+
+=item B<-genparam>
+
+generate a set of parameters instead of a private key. If used this option must
+precede and B<-algorithm>, B<-paramfile> or B<-pkeyopt> options.
+
+=item B<-paramfile filename>
+
+Some public key algorithms generate a private key based on a set of parameters.
+They can be supplied using this option. If this option is used the public key
+algorithm used is determined by the parameters. If used this option must
+precede and B<-pkeyopt> options. The options B<-paramfile> and B<-algorithm>
+are mutually exclusive.
+
+=item B<-text>
+
+Print an (unencrypted) text representation of private and public keys and
+parameters along with the PEM or DER structure.
+
+=back
+
+=head1 KEY GENERATION OPTIONS
+
+The options supported by each algorith and indeed each implementation of an
+algorithm can vary. The options for the OpenSSL implementations are detailed
+below.
+
+=head1 RSA KEY GENERATION OPTIONS
+
+=over 4
+
+=item B<rsa_keygen_bits:numbits>
+
+The number of bits in the generated key. If not specified 1024 is used.
+
+=item B<rsa_keygen_pubexp:value>
+
+The RSA public exponent value. This can be a large decimal or
+hexadecimal value if preceded by B<0x>. Default value is 65537.
+
+=back
+
+=head1 DSA PARAMETER GENERATION OPTIONS
+
+=over 4
+
+=item B<dsa_paramgen_bits:numbits>
+
+The number of bits in the generated parameters. If not specified 1024 is used.
+
+=head1 DH PARAMETER GENERATION OPTIONS
+
+=over 4
+
+=item B<dh_paramgen_prime_len:numbits>
+
+The number of bits in the prime parameter B<p>.
+
+=item B<dh_paramgen_generator:value>
+
+The value to use for the generator B<g>.
+
+=back
+
+=head1 EC PARAMETER GENERATION OPTIONS
+
+=over 4
+
+=item B<ec_paramgen_curve:curve>
+
+the EC curve to use.
+
+=back
+
+=head1 GOST2001 KEY GENERATION AND PARAMETER OPTIONS
+
+Gost 2001 support is not enabled by default. To enable this algorithm,
+one should load the ccgost engine in the OpenSSL configuration file.
+See README.gost file in the engines/ccgost directiry of the source
+distribution for more details.
+
+Use of a parameter file for the GOST R 34.10 algorithm is optional.
+Parameters can be specified during key generation directly as well as
+during generation of parameter file.
+
+=over 4
+
+=item B<paramset:name>
+
+Specifies GOST R 34.10-2001 parameter set according to RFC 4357.
+Parameter set can be specified using abbreviated name, object short name or
+numeric OID. Following parameter sets are supported:
+
+  paramset   OID               Usage
+  A          1.2.643.2.2.35.1  Signature
+  B          1.2.643.2.2.35.2  Signature
+  C          1.2.643.2.2.35.3  Signature
+  XA         1.2.643.2.2.36.0  Key exchange
+  XB         1.2.643.2.2.36.1  Key exchange
+  test       1.2.643.2.2.35.0  Test purposes
+
+=back
+
+
+
+=head1 NOTES
+
+The use of the genpkey program is encouraged over the algorithm specific
+utilities because additional algorithm options and ENGINE provided algorithms
+can be used.
+
+=head1 EXAMPLES
+
+Generate an RSA private key using default parameters:
+
+ openssl genpkey -algorithm RSA -out key.pem 
+
+Encrypt output private key using 128 bit AES and the passphrase "hello":
+
+ openssl genpkey -algorithm RSA -out key.pem -aes-128-cbc -pass pass:hello
+
+Generate a 2048 bit RSA key using 3 as the public exponent:
+
+ openssl genpkey -algorithm RSA -out key.pem -pkeyopt rsa_keygen_bits:2048 \
+ 						-pkeyopt rsa_keygen_pubexp:3
+
+Generate 1024 bit DSA parameters:
+
+ openssl genpkey -genparam -algorithm DSA -out dsap.pem \
+						-pkeyopt dsa_paramgen_bits:1024
+
+Generate DSA key from parameters:
+
+ openssl genpkey -paramfile dsap.pem -out dsakey.pem 
+
+Generate 1024 bit DH parameters:
+
+ openssl genpkey -genparam -algorithm DH -out dhp.pem \
+					-pkeyopt dh_paramgen_prime_len:1024
+
+Generate DH key from parameters:
+
+ openssl genpkey -paramfile dhp.pem -out dhkey.pem 
+
+
+=cut
+
diff --git a/doc/apps/genrsa.pod b/doc/apps/genrsa.pod
index 25af4d1475..7dcac2a779 100644
--- a/doc/apps/genrsa.pod
+++ b/doc/apps/genrsa.pod
@@ -57,7 +57,7 @@ all others.
 
 =item B<-engine id>
 
-specifying an engine (by it's unique B<id> string) will cause B<req>
+specifying an engine (by its unique B<id> string) will cause B<genrsa>
 to attempt to obtain a functional reference to the specified engine,
 thus initialising it if needed. The engine will then be set as the default
 for all available algorithms.
diff --git a/doc/apps/ocsp.pod b/doc/apps/ocsp.pod
index 4f266058e5..af2e12e418 100644
--- a/doc/apps/ocsp.pod
+++ b/doc/apps/ocsp.pod
@@ -51,6 +51,7 @@ B<openssl> B<ocsp>
 [B<-ndays n>]
 [B<-resp_key_id>]
 [B<-nrequest n>]
+[B<-md5|-sha1|...>]
 
 =head1 DESCRIPTION
 
@@ -73,7 +74,7 @@ specify output filename, default is standard output.
 
 This specifies the current issuer certificate. This option can be used
 multiple times. The certificate specified in B<filename> must be in
-PEM format.
+PEM format. This option B<MUST> come before any B<-cert> options.
 
 =item B<-cert filename>
 
@@ -146,7 +147,7 @@ certificate in such cases.
 
 =item B<-trust_other>
 
-the certificates specified by the B<-verify_certs> option should be explicitly
+the certificates specified by the B<-verify_other> option should be explicitly
 trusted and no additional checks will be performed on them. This is useful
 when the complete responder certificate chain is not available or trusting a
 root CA is not appropriate.
@@ -154,7 +155,7 @@ root CA is not appropriate.
 =item B<-VAfile file>
 
 file containing explicitly trusted responder certificates. Equivalent to the
-B<-verify_certs> and B<-trust_other> options.
+B<-verify_other> and B<-trust_other> options.
 
 =item B<-noverify>
 
@@ -166,7 +167,7 @@ of the responders certificate.
 
 ignore certificates contained in the OCSP response when searching for the
 signers certificate. With this option the signers certificate must be specified
-with either the B<-verify_certs> or B<-VAfile> options.
+with either the B<-verify_other> or B<-VAfile> options.
 
 =item B<-no_signature_verify>
 
@@ -206,6 +207,11 @@ information is immediately available. In this case the age of the B<notBefore> f
 is checked to see it is not older than B<age> seconds old. By default this additional
 check is not performed.
 
+=item B<-md5|-sha1|-sha256|-ripemod160|...>
+
+this option sets digest algorithm to use for certificate identification
+in the OCSP request. By default SHA-1 is used. 
+
 =back
 
 =head1 OCSP SERVER OPTIONS
diff --git a/doc/apps/openssl.pod b/doc/apps/openssl.pod
index dc0f49ddca..738142e9ff 100644
--- a/doc/apps/openssl.pod
+++ b/doc/apps/openssl.pod
@@ -12,7 +12,7 @@ I<command>
 [ I<command_opts> ]
 [ I<command_args> ]
 
-B<openssl> [ B<list-standard-commands> | B<list-message-digest-commands> | B<list-cipher-commands> ]
+B<openssl> [ B<list-standard-commands> | B<list-message-digest-commands> | B<list-cipher-commands> | B<list-cipher-algorithms> | B<list-message-digest-algorithms> | B<list-public-key-algorithms>]
 
 B<openssl> B<no->I<XXX> [ I<arbitrary options> ]
 
@@ -26,12 +26,14 @@ The B<openssl> program is a command line tool for using the various
 cryptography functions of OpenSSL's B<crypto> library from the shell. 
 It can be used for 
 
- o  Creation of RSA, DH and DSA key parameters
+ o  Creation and management of private keys, public keys and parameters
+ o  Public key cryptographic operations
  o  Creation of X.509 certificates, CSRs and CRLs 
  o  Calculation of Message Digests
  o  Encryption and Decryption with Ciphers
  o  SSL/TLS Client and Server Tests
  o  Handling of S/MIME signed or encrypted mail
+ o  Time Stamp requests, generation and verification
 
 =head1 COMMAND SUMMARY
 
@@ -44,6 +46,14 @@ and B<list-cipher-commands> output a list (one entry per line) of the names
 of all standard commands, message digest commands, or cipher commands,
 respectively, that are available in the present B<openssl> utility.
 
+The pseudo-commands B<list-cipher-algorithms> and
+B<list-message-digest-algorithms> list all cipher and message digest names, one entry per line. Aliases are listed as:
+
+ from => to
+
+The pseudo-command B<list-public-key-algorithms> lists all supported public
+key algorithms.
+
 The pseudo-command B<no->I<XXX> tests whether a command of the
 specified name is available.  If no command named I<XXX> exists, it
 returns 0 (success) and prints B<no->I<XXX>; otherwise it returns 1
@@ -71,6 +81,10 @@ Certificate Authority (CA) Management.
 
 Cipher Suite Description Determination.
 
+=item L<B<cms>|cms(1)>
+
+CMS (Cryptographic Message Syntax) utility
+
 =item L<B<crl>|crl(1)>
 
 Certificate Revocation List (CRL) Management.
@@ -88,25 +102,40 @@ Message Digest Calculation.
 Diffie-Hellman Parameter Management.
 Obsoleted by L<B<dhparam>|dhparam(1)>.
 
+=item L<B<dhparam>|dhparam(1)>
+
+Generation and Management of Diffie-Hellman Parameters. Superseded by 
+L<B<genpkey>|genpkey(1)> and L<B<pkeyparam>|pkeyparam(1)>
+
+
 =item L<B<dsa>|dsa(1)>
 
 DSA Data Management.
 
 =item L<B<dsaparam>|dsaparam(1)>
 
-DSA Parameter Generation.
+DSA Parameter Generation and Management. Superseded by 
+L<B<genpkey>|genpkey(1)> and L<B<pkeyparam>|pkeyparam(1)>
+
+=item L<B<ec>|ec(1)>
+
+EC (Elliptic curve) key processing
+
+=item L<B<ecparam>|ecparam(1)>
+
+EC parameter manipulation and generation
 
 =item L<B<enc>|enc(1)>
 
 Encoding with Ciphers.
 
-=item L<B<errstr>|errstr(1)>
+=item L<B<engine>|engine(1)>
 
-Error Number to Error String Conversion.
+Engine (loadble module) information and manipulation.
 
-=item L<B<dhparam>|dhparam(1)>
+=item L<B<errstr>|errstr(1)>
 
-Generation and Management of Diffie-Hellman Parameters.
+Error Number to Error String Conversion.
 
 =item B<gendh>
 
@@ -115,11 +144,20 @@ Obsoleted by L<B<dhparam>|dhparam(1)>.
 
 =item L<B<gendsa>|gendsa(1)>
 
-Generation of DSA Parameters.
+Generation of DSA Private Key from Parameters. Superseded by 
+L<B<genpkey>|genpkey(1)> and L<B<pkey>|pkey(1)>
+
+=item L<B<genpkey>|genpkey(1)>
+
+Generation of Private Key or Parameters.
 
 =item L<B<genrsa>|genrsa(1)>
 
-Generation of RSA Parameters.
+Generation of RSA Private Key. Superceded by L<B<genpkey>|genpkey(1)>.
+
+=item L<B<nseq>|nseq(1)>
+
+Create or examine a netscape certificate sequence
 
 =item L<B<ocsp>|ocsp(1)>
 
@@ -137,21 +175,35 @@ PKCS#12 Data Management.
 
 PKCS#7 Data Management.
 
+=item L<B<pkey>|pkey(1)>
+
+Public and private key management.
+
+=item L<B<pkeyparam>|pkeyparam(1)>
+
+Public key algorithm parameter management.
+
+=item L<B<pkeyutl>|pkeyutl(1)>
+
+Public key algorithm cryptographic operation utility.
+
 =item L<B<rand>|rand(1)>
 
 Generate pseudo-random bytes.
 
 =item L<B<req>|req(1)>
 
-X.509 Certificate Signing Request (CSR) Management.
+PKCS#10 X.509 Certificate Signing Request (CSR) Management.
 
 =item L<B<rsa>|rsa(1)>
 
-RSA Data Management.
+RSA key management.
+
 
 =item L<B<rsautl>|rsautl(1)>
 
-RSA utility for signing, verification, encryption, and decryption.
+RSA utility for signing, verification, encryption, and decryption. Superseded
+by  L<B<pkeyutl>|pkeyutl(1)>
 
 =item L<B<s_client>|s_client(1)>
 
@@ -185,6 +237,14 @@ S/MIME mail processing.
 
 Algorithm Speed Measurement.
 
+=item L<B<spkac>|spkac(1)>
+
+SPKAC printing and generating utility
+
+=item L<B<ts>|ts(1)>
+
+Time Stamping Authority tool (client/server)
+
 =item L<B<verify>|verify(1)>
 
 X.509 Certificate Verification.
@@ -229,6 +289,22 @@ SHA-1 Digest
 
 =back
 
+=item B<sha224>
+
+SHA-224 Digest
+
+=item B<sha256>
+
+SHA-256 Digest
+
+=item B<sha384>
+
+SHA-384 Digest
+
+=item B<sha512>
+
+SHA-512 Digest
+
 =head2 ENCODING AND CIPHER COMMANDS
 
 =over 10
@@ -323,7 +399,7 @@ read the password from standard input.
 L<asn1parse(1)|asn1parse(1)>, L<ca(1)|ca(1)>, L<config(5)|config(5)>,
 L<crl(1)|crl(1)>, L<crl2pkcs7(1)|crl2pkcs7(1)>, L<dgst(1)|dgst(1)>,
 L<dhparam(1)|dhparam(1)>, L<dsa(1)|dsa(1)>, L<dsaparam(1)|dsaparam(1)>,
-L<enc(1)|enc(1)>, L<gendsa(1)|gendsa(1)>,
+L<enc(1)|enc(1)>, L<gendsa(1)|gendsa(1)>, L<genpkey(1)|genpkey(1)>,
 L<genrsa(1)|genrsa(1)>, L<nseq(1)|nseq(1)>, L<openssl(1)|openssl(1)>,
 L<passwd(1)|passwd(1)>,
 L<pkcs12(1)|pkcs12(1)>, L<pkcs7(1)|pkcs7(1)>, L<pkcs8(1)|pkcs8(1)>,
@@ -332,12 +408,13 @@ L<rsautl(1)|rsautl(1)>, L<s_client(1)|s_client(1)>,
 L<s_server(1)|s_server(1)>, L<s_time(1)|s_time(1)>,
 L<smime(1)|smime(1)>, L<spkac(1)|spkac(1)>,
 L<verify(1)|verify(1)>, L<version(1)|version(1)>, L<x509(1)|x509(1)>,
-L<crypto(3)|crypto(3)>, L<ssl(3)|ssl(3)> 
+L<crypto(3)|crypto(3)>, L<ssl(3)|ssl(3)>, L<x509v3_config(5)|x509v3_config(5)> 
 
 =head1 HISTORY
 
 The openssl(1) document appeared in OpenSSL 0.9.2.
 The B<list->I<XXX>B<-commands> pseudo-commands were added in OpenSSL 0.9.3;
+The B<list->I<XXX>B<-algorithms> pseudo-commands were added in OpenSSL 1.0.0;
 the B<no->I<XXX> pseudo-commands were added in OpenSSL 0.9.5a.
 For notes on the availability of other commands, see their individual
 manual pages.
diff --git a/doc/apps/pkcs12.pod b/doc/apps/pkcs12.pod
index 7d84146293..f69a5c5a4c 100644
--- a/doc/apps/pkcs12.pod
+++ b/doc/apps/pkcs12.pod
@@ -23,22 +23,23 @@ B<openssl> B<pkcs12>
 [B<-cacerts>]
 [B<-nokeys>]
 [B<-info>]
-[B<-des>]
-[B<-des3>]
-[B<-idea>]
-[B<-nodes>]
+[B<-des | -des3 | -idea | -aes128 | -aes192 | -aes256 | -camellia128 | -camellia192 | -camellia256 | -nodes>]
 [B<-noiter>]
-[B<-maciter>]
+[B<-maciter | -nomaciter | -nomac>]
 [B<-twopass>]
 [B<-descert>]
-[B<-certpbe>]
-[B<-keypbe>]
+[B<-certpbe cipher>]
+[B<-keypbe cipher>]
+[B<-macalg digest>]
 [B<-keyex>]
 [B<-keysig>]
 [B<-password arg>]
 [B<-passin arg>]
 [B<-passout arg>]
 [B<-rand file(s)>]
+[B<-CAfile file>]
+[B<-CApath dir>]
+[B<-CSP name>]
 
 =head1 DESCRIPTION
 
@@ -49,7 +50,7 @@ programs including Netscape, MSIE and MS Outlook.
 =head1 COMMAND OPTIONS
 
 There are a lot of options the meaning of some depends of whether a PKCS#12 file
-is being created or parsed. By default a PKCS#12 file is parsed a PKCS#12
+is being created or parsed. By default a PKCS#12 file is parsed. A PKCS#12
 file can be created by using the B<-export> option (see below).
 
 =head1 PARSING OPTIONS
@@ -63,25 +64,25 @@ by default.
 
 =item B<-out filename>
 
-The filename to write certificates and private keys to, standard output by default.
-They are all written in PEM format.
+The filename to write certificates and private keys to, standard output by
+default.  They are all written in PEM format.
 
 =item B<-pass arg>, B<-passin arg>
 
-the PKCS#12 file (i.e. input file) password source. For more information about the
-format of B<arg> see the B<PASS PHRASE ARGUMENTS> section in
+the PKCS#12 file (i.e. input file) password source. For more information about
+the format of B<arg> see the B<PASS PHRASE ARGUMENTS> section in
 L<openssl(1)|openssl(1)>.
 
 =item B<-passout arg>
 
-pass phrase source to encrypt any outputed private keys with. For more information
-about the format of B<arg> see the B<PASS PHRASE ARGUMENTS> section in
-L<openssl(1)|openssl(1)>.
+pass phrase source to encrypt any outputed private keys with. For more
+information about the format of B<arg> see the B<PASS PHRASE ARGUMENTS> section
+in L<openssl(1)|openssl(1)>.
 
 =item B<-noout>
 
-this option inhibits output of the keys and certificates to the output file version
-of the PKCS#12 file.
+this option inhibits output of the keys and certificates to the output file
+version of the PKCS#12 file.
 
 =item B<-clcerts>
 
@@ -116,6 +117,14 @@ use triple DES to encrypt private keys before outputting, this is the default.
 
 use IDEA to encrypt private keys before outputting.
 
+=item B<-aes128>, B<-aes192>, B<-aes256>
+
+use AES to encrypt private keys before outputting.
+
+=item B<-camellia128>, B<-camellia192>, B<-camellia256>
+
+use Camellia to encrypt private keys before outputting.
+
 =item B<-nodes>
 
 don't encrypt the private keys at all.
@@ -148,10 +157,10 @@ by default.
 
 =item B<-in filename>
 
-The filename to read certificates and private keys from, standard input by default.
-They must all be in PEM format. The order doesn't matter but one private key and
-its corresponding certificate should be present. If additional certificates are
-present they will also be included in the PKCS#12 file.
+The filename to read certificates and private keys from, standard input by
+default.  They must all be in PEM format. The order doesn't matter but one
+private key and its corresponding certificate should be present. If additional
+certificates are present they will also be included in the PKCS#12 file.
 
 =item B<-inkey filename>
 
@@ -160,8 +169,8 @@ in the input file.
 
 =item B<-name friendlyname>
 
-This specifies the "friendly name" for the certificate and private key. This name
-is typically displayed in list boxes by software importing the file.
+This specifies the "friendly name" for the certificate and private key. This
+name is typically displayed in list boxes by software importing the file.
 
 =item B<-certfile filename>
 
@@ -201,9 +210,11 @@ key is encrypted using triple DES and the certificate using 40 bit RC2.
 =item B<-keypbe alg>, B<-certpbe alg>
 
 these options allow the algorithm used to encrypt the private key and
-certificates to be selected. Although any PKCS#5 v1.5 or PKCS#12 algorithms
-can be selected it is advisable only to use PKCS#12 algorithms. See the list
-in the B<NOTES> section for more information.
+certificates to be selected. Any PKCS#5 v1.5 or PKCS#12 PBE algorithm name
+can be used (see B<NOTES> section for more information). If a a cipher name
+(as output by the B<list-cipher-algorithms> command is specified then it
+is used with PKCS#5 v2.0. For interoperability reasons it is advisable to only
+use PKCS#12 algorithms.
 
 =item B<-keyex|-keysig>
 
@@ -216,6 +227,10 @@ S/MIME signing, authenticode (ActiveX control signing)  and SSL client
 authentication, however due to a bug only MSIE 5.0 and later support
 the use of signing only keys for SSL client authentication.
 
+=item B<-macalg digest>
+
+specify the MAC digest algorithm. If not included them SHA1 will be used.
+
 =item B<-nomaciter>, B<-noiter>
 
 these options affect the iteration counts on the MAC and key algorithms.
@@ -239,6 +254,10 @@ option.
 This option is included for compatibility with previous versions, it used
 to be needed to use MAC iterations counts but they are now used by default.
 
+=item B<-nomac>
+
+don't attempt to provide the MAC integrity.
+
 =item B<-rand file(s)>
 
 a file or files containing random data used to seed the random number
@@ -247,6 +266,20 @@ Multiple files can be specified separated by a OS-dependent character.
 The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
 all others.
 
+=item B<-CAfile file>
+
+CA storage as a file.
+
+=item B<-CApath dir>
+
+CA storage as a directory. This directory must be a standard certificate
+directory: that is a hash of each subject name (using B<x509 -hash>) should be
+linked to each certificate.
+
+=item B<-CSP name>
+
+write B<name> as a Microsoft CSP name.
+
 =back
 
 =head1 NOTES
diff --git a/doc/apps/pkcs7.pod b/doc/apps/pkcs7.pod
index a0a636328b..acfb8100f0 100644
--- a/doc/apps/pkcs7.pod
+++ b/doc/apps/pkcs7.pod
@@ -62,7 +62,7 @@ is B<-print_certs> is set).
 
 =item B<-engine id>
 
-specifying an engine (by it's unique B<id> string) will cause B<req>
+specifying an engine (by its unique B<id> string) will cause B<pkcs7>
 to attempt to obtain a functional reference to the specified engine,
 thus initialising it if needed. The engine will then be set as the default
 for all available algorithms.
diff --git a/doc/apps/pkcs8.pod b/doc/apps/pkcs8.pod
index 68ecd65b10..84abee78f3 100644
--- a/doc/apps/pkcs8.pod
+++ b/doc/apps/pkcs8.pod
@@ -125,7 +125,7 @@ list of possible algorithms is included below.
 
 =item B<-engine id>
 
-specifying an engine (by it's unique B<id> string) will cause B<req>
+specifying an engine (by its unique B<id> string) will cause B<pkcs8>
 to attempt to obtain a functional reference to the specified engine,
 thus initialising it if needed. The engine will then be set as the default
 for all available algorithms.
diff --git a/doc/apps/pkey.pod b/doc/apps/pkey.pod
new file mode 100644
index 0000000000..4851223f3f
--- /dev/null
+++ b/doc/apps/pkey.pod
@@ -0,0 +1,135 @@
+
+=pod
+
+=head1 NAME
+
+pkey - public or private key processing tool
+
+=head1 SYNOPSIS
+
+B<openssl> B<pkey>
+[B<-inform PEM|DER>]
+[B<-outform PEM|DER>]
+[B<-in filename>]
+[B<-passin arg>]
+[B<-out filename>]
+[B<-passout arg>]
+[B<-cipher>]
+[B<-text>]
+[B<-text_pub>]
+[B<-noout>]
+[B<-pubin>]
+[B<-pubout>]
+[B<-engine id>]
+
+=head1 DESCRIPTION
+
+The B<pkey> command processes public or private keys. They can be converted
+between various forms and their components printed out.
+
+=head1 COMMAND OPTIONS
+
+=over 4
+
+=item B<-inform DER|PEM>
+
+This specifies the input format DER or PEM.
+
+=item B<-outform DER|PEM>
+
+This specifies the output format, the options have the same meaning as the 
+B<-inform> option.
+
+=item B<-in filename>
+
+This specifies the input filename to read a key from or standard input if this
+option is not specified. If the key is encrypted a pass phrase will be
+prompted for.
+
+=item B<-passin arg>
+
+the input file password source. For more information about the format of B<arg>
+see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
+
+=item B<-out filename>
+
+This specifies the output filename to write a key to or standard output if this
+option is not specified. If any encryption options are set then a pass phrase
+will be prompted for. The output filename should B<not> be the same as the input
+filename.
+
+=item B<-passout password>
+
+the output file password source. For more information about the format of B<arg>
+see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
+
+=item B<-cipher>
+
+These options encrypt the private key with the supplied cipher. Any algorithm
+name accepted by EVP_get_cipherbyname() is acceptable such as B<des3>.
+
+=item B<-text>
+
+prints out the various public or private key components in
+plain text in addition to the encoded version. 
+
+=item B<-text_pub>
+
+print out only public key components even if a private key is being processed.
+
+=item B<-noout>
+
+do not output the encoded version of the key.
+
+=item B<-pubin>
+
+by default a private key is read from the input file: with this
+option a public key is read instead.
+
+=item B<-pubout>
+
+by default a private key is output: with this option a public
+key will be output instead. This option is automatically set if
+the input is a public key.
+
+=item B<-engine id>
+
+specifying an engine (by its unique B<id> string) will cause B<pkey>
+to attempt to obtain a functional reference to the specified engine,
+thus initialising it if needed. The engine will then be set as the default
+for all available algorithms.
+
+=back
+
+=head1 EXAMPLES
+
+To remove the pass phrase on an RSA private key:
+
+ openssl pkey -in key.pem -out keyout.pem
+
+To encrypt a private key using triple DES:
+
+ openssl pkey -in key.pem -des3 -out keyout.pem
+
+To convert a private key from PEM to DER format: 
+
+ openssl pkey -in key.pem -outform DER -out keyout.der
+
+To print out the components of a private key to standard output:
+
+ openssl pkey -in key.pem -text -noout
+
+To print out the public components of a private key to standard output:
+
+ openssl pkey -in key.pem -text_pub -noout
+
+To just output the public part of a private key:
+
+ openssl pkey -in key.pem -pubout -out pubkey.pem
+
+=head1 SEE ALSO
+
+L<genpkey(1)|genpkey(1)>, L<rsa(1)|rsa(1)>, L<pkcs8(1)|pkcs8(1)>,
+L<dsa(1)|dsa(1)>, L<genrsa(1)|genrsa(1)>, L<gendsa(1)|gendsa(1)> 
+
+=cut
diff --git a/doc/apps/pkeyparam.pod b/doc/apps/pkeyparam.pod
new file mode 100644
index 0000000000..154f6721af
--- /dev/null
+++ b/doc/apps/pkeyparam.pod
@@ -0,0 +1,69 @@
+
+=pod
+
+=head1 NAME
+
+pkeyparam - public key algorithm parameter processing tool
+
+=head1 SYNOPSIS
+
+B<openssl> B<pkeyparam>
+[B<-in filename>]
+[B<-out filename>]
+[B<-text>]
+[B<-noout>]
+[B<-engine id>]
+
+=head1 DESCRIPTION
+
+The B<pkey> command processes public or private keys. They can be converted
+between various forms and their components printed out.
+
+=head1 COMMAND OPTIONS
+
+=over 4
+
+=item B<-in filename>
+
+This specifies the input filename to read parameters from or standard input if
+this option is not specified.
+
+=item B<-out filename>
+
+This specifies the output filename to write parameters to or standard output if
+this option is not specified.
+
+=item B<-text>
+
+prints out the parameters in plain text in addition to the encoded version. 
+
+=item B<-noout>
+
+do not output the encoded version of the parameters.
+
+=item B<-engine id>
+
+specifying an engine (by its unique B<id> string) will cause B<pkeyparam>
+to attempt to obtain a functional reference to the specified engine,
+thus initialising it if needed. The engine will then be set as the default
+for all available algorithms.
+
+=back
+
+=head1 EXAMPLE
+
+Print out text version of parameters:
+
+ openssl pkeyparam -in param.pem -text
+
+=head1 NOTES
+
+There are no B<-inform> or B<-outform> options for this command because only
+PEM format is supported because the key type is determined by the PEM headers.
+
+=head1 SEE ALSO
+
+L<genpkey(1)|genpkey(1)>, L<rsa(1)|rsa(1)>, L<pkcs8(1)|pkcs8(1)>,
+L<dsa(1)|dsa(1)>, L<genrsa(1)|genrsa(1)>, L<gendsa(1)|gendsa(1)> 
+
+=cut
diff --git a/doc/apps/pkeyutl.pod b/doc/apps/pkeyutl.pod
new file mode 100644
index 0000000000..27be9a9007
--- /dev/null
+++ b/doc/apps/pkeyutl.pod
@@ -0,0 +1,222 @@
+=pod
+
+=head1 NAME
+
+pkeyutl - public key algorithm utility
+
+=head1 SYNOPSIS
+
+B<openssl> B<pkeyutl>
+[B<-in file>]
+[B<-out file>]
+[B<-sigfile file>]
+[B<-inkey file>]
+[B<-keyform PEM|DER>]
+[B<-passin arg>]
+[B<-peerkey file>]
+[B<-peerform PEM|DER>]
+[B<-pubin>]
+[B<-certin>]
+[B<-rev>]
+[B<-sign>]
+[B<-verify>]
+[B<-verifyrecover>]
+[B<-encrypt>]
+[B<-decrypt>]
+[B<-derive>]
+[B<-pkeyopt opt:value>]
+[B<-hexdump>]
+[B<-asn1parse>]
+[B<-engine id>]
+
+=head1 DESCRIPTION
+
+The B<pkeyutl> command can be used to perform public key operations using
+any supported algorithm.
+
+=head1 COMMAND OPTIONS
+
+=over 4
+
+=item B<-in filename>
+
+This specifies the input filename to read data from or standard input
+if this option is not specified.
+
+=item B<-out filename>
+
+specifies the output filename to write to or standard output by
+default.
+
+=item B<-inkey file>
+
+the input key file, by default it should be a private key.
+
+=item B<-keyform PEM|DER>
+
+the key format PEM, DER or ENGINE.
+
+=item B<-passin arg>
+
+the input key password source. For more information about the format of B<arg>
+see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
+
+
+=item B<-peerkey file>
+
+the peer key file, used by key derivation (agreement) operations.
+
+=item B<-peerform PEM|DER>
+
+the peer key format PEM, DER or ENGINE.
+
+=item B<-engine id>
+
+specifying an engine (by its unique B<id> string) will cause B<pkeyutl>
+to attempt to obtain a functional reference to the specified engine,
+thus initialising it if needed. The engine will then be set as the default
+for all available algorithms.
+
+
+=item B<-pubin>
+
+the input file is a public key. 
+
+=item B<-certin>
+
+the input is a certificate containing a public key. 
+
+=item B<-rev>
+
+reverse the order of the input buffer. This is useful for some libraries
+(such as CryptoAPI) which represent the buffer in little endian format.
+
+=item B<-sign>
+
+sign the input data and output the signed result. This requires
+a private key.
+
+=item B<-verify>
+
+verify the input data against the signature file and indicate if the
+verification succeeded or failed.
+
+=item B<-verifyrecover>
+
+verify the input data and output the recovered data.
+
+=item B<-encrypt>
+
+encrypt the input data using a public key.
+
+=item B<-decrypt>
+
+decrypt the input data using a private key.
+
+=item B<-derive>
+
+derive a shared secret using the peer key.
+
+=item B<-hexdump>
+
+hex dump the output data.
+
+=item B<-asn1parse>
+
+asn1parse the output data, this is useful when combined with the
+B<-verifyrecover> option when an ASN1 structure is signed.
+
+=back
+
+=head1 NOTES
+
+The operations and options supported vary according to the key algorithm
+and its implementation. The OpenSSL operations and options are indicated below.
+
+Unless otherwise mentioned all algorithms support the B<digest:alg> option
+which specifies the digest in use for sign, verify and verifyrecover operations.
+The value B<alg> should represent a digest name as used in the
+EVP_get_digestbyname() function for example B<sha1>.
+
+=head1 RSA ALGORITHM
+
+The RSA algorithm supports encrypt, decrypt, sign, verify and verifyrecover
+operations in general. Some padding modes only support some of these 
+operations however.
+
+=over 4
+
+=item -B<rsa_padding_mode:mode>
+
+This sets the RSA padding mode. Acceptable values for B<mode> are B<pkcs1> for
+PKCS#1 padding, B<sslv23> for SSLv23 padding, B<none> for no padding, B<oaep>
+for B<OAEP> mode, B<x931> for X9.31 mode and B<pss> for PSS.
+
+In PKCS#1 padding if the message digest is not set then the supplied data is 
+signed or verified directly instead of using a B<DigestInfo> structure. If a
+digest is set then the a B<DigestInfo> structure is used and its the length
+must correspond to the digest type.
+
+For B<oeap> mode only encryption and decryption is supported.
+
+For B<x931> if the digest type is set it is used to format the block data
+otherwise the first byte is used to specify the X9.31 digest ID. Sign,
+verify and verifyrecover are can be performed in this mode.
+
+For B<pss> mode only sign and verify are supported and the digest type must be
+specified.
+
+=item B<rsa_pss_saltlen:len>
+
+For B<pss> mode only this option specifies the salt length. Two special values
+are supported: -1 sets the salt length to the digest length. When signing -2
+sets the salt length to the maximum permissible value. When verifying -2 causes
+the salt length to be automatically determined based on the B<PSS> block
+structure.
+
+=back
+
+=head1 DSA ALGORITHM
+
+The DSA algorithm supports signing and verification operations only. Currently
+there are no additional options other than B<digest>. Only the SHA1
+digest can be used and this digest is assumed by default.
+
+=head1 DH ALGORITHM
+
+The DH algorithm only supports the derivation operation and no additional
+options.
+
+=head1 EC ALGORITHM
+
+The EC algorithm supports sign, verify and derive operations. The sign and
+verify operations use ECDSA and derive uses ECDH. Currently there are no
+additional options other than B<digest>. Only the SHA1 digest can be used and
+this digest is assumed by default.
+
+=head1 EXAMPLES
+
+Sign some data using a private key:
+
+ openssl pkeyutl -sign -in file -inkey key.pem -out sig
+
+Recover the signed data (e.g. if an RSA key is used):
+
+ openssl pkeyutl -verifyrecover -in sig -inkey key.pem
+
+Verify the signature (e.g. a DSA key):
+
+ openssl pkeyutl -verify -in file -sigfile sig -inkey key.pem
+
+Sign data using a message digest value (this is currently only valid for RSA):
+
+ openssl pkeyutl -sign -in file -inkey key.pem -out sig -pkeyopt digest:sha256
+
+Derive a shared secret value:
+
+ openssl pkeyutl -derive -inkey key.pem -peerkey pubkey.pem -out secret
+
+=head1 SEE ALSO
+
+L<genpkey(1)|genpkey(1)>, L<pkey(1)|pkey(1)>, L<rsautl(1)|rsautl(1)>
+L<dgst(1)|dgst(1)>, L<rsa(1)|rsa(1)>, L<genrsa(1)|genrsa(1)>
diff --git a/doc/apps/rand.pod b/doc/apps/rand.pod
index 75745ca002..d1d213ef43 100644
--- a/doc/apps/rand.pod
+++ b/doc/apps/rand.pod
@@ -10,6 +10,7 @@ B<openssl rand>
 [B<-out> I<file>]
 [B<-rand> I<file(s)>]
 [B<-base64>]
+[B<-hex>]
 I<num>
 
 =head1 DESCRIPTION
@@ -41,6 +42,10 @@ all others.
 
 Perform base64 encoding on the output.
 
+=item B<-hex>
+
+Show the output as a hex string.
+
 =back
 
 =head1 SEE ALSO
diff --git a/doc/apps/req.pod b/doc/apps/req.pod
index e2b5d0d8ec..ff48bbdf28 100644
--- a/doc/apps/req.pod
+++ b/doc/apps/req.pod
@@ -22,23 +22,29 @@ B<openssl> B<req>
 [B<-new>]
 [B<-rand file(s)>]
 [B<-newkey rsa:bits>]
-[B<-newkey dsa:file>]
+[B<-newkey alg:file>]
 [B<-nodes>]
 [B<-key filename>]
 [B<-keyform PEM|DER>]
 [B<-keyout filename>]
-[B<-[md5|sha1|md2|mdc2]>]
+[B<-keygen_engine id>]
+[B<-[digest]>]
 [B<-config filename>]
 [B<-subj arg>]
+[B<-multivalue-rdn>]
 [B<-x509>]
 [B<-days n>]
 [B<-set_serial n>]
 [B<-asn1-kludge>]
+[B<-no-asn1-kludge>]
 [B<-newhdr>]
 [B<-extensions section>]
 [B<-reqexts section>]
 [B<-utf8>]
 [B<-nameopt>]
+[B<-reqopt>]
+[B<-subject>]
+[B<-subj arg>]
 [B<-batch>]
 [B<-verbose>]
 [B<-engine id>]
@@ -90,6 +96,11 @@ see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
 
 prints out the certificate request in text form.
 
+=item B<-subject>
+
+prints out the request subject (or certificate subject if B<-x509> is
+specified)
+
 =item B<-pubkey>
 
 outputs the public key.
@@ -117,6 +128,13 @@ in the configuration file and any requested extensions.
 If the B<-key> option is not used it will generate a new RSA private
 key using information specified in the configuration file.
 
+=item B<-subj arg>
+
+Replaces subject field of input request with specified data and outputs
+modified request. The arg must be formatted as
+I</type0=value0/type1=value1/type2=...>,
+characters may be escaped by \ (backslash), no spaces are skipped.
+
 =item B<-rand file(s)>
 
 a file or files containing random data used to seed the random number
@@ -128,10 +146,35 @@ all others.
 =item B<-newkey arg>
 
 this option creates a new certificate request and a new private
-key. The argument takes one of two forms. B<rsa:nbits>, where
+key. The argument takes one of several forms. B<rsa:nbits>, where
 B<nbits> is the number of bits, generates an RSA key B<nbits>
-in size. B<dsa:filename> generates a DSA key using the parameters
-in the file B<filename>.
+in size. If B<nbits> is omitted, i.e. B<-newkey rsa> specified,
+the default key size, specified in the configuration file is used.
+
+All other algorithms support the B<-newkey alg:file> form, where file may be
+an algorithm parameter file, created by the B<genpkey -genparam> command
+or and X.509 certificate for a key with approriate algorithm.
+
+B<param:file> generates a key using the parameter file or certificate B<file>,
+the algorithm is determined by the parameters. B<algname:file> use algorithm
+B<algname> and parameter file B<file>: the two algorithms must match or an
+error occurs. B<algname> just uses algorithm B<algname>, and parameters,
+if neccessary should be specified via B<-pkeyopt> parameter.
+
+B<dsa:filename> generates a DSA key using the parameters
+in the file B<filename>. B<ec:filename> generates EC key (usable both with
+ECDSA or ECDH algorithms), B<gost2001:filename> generates GOST R
+34.10-2001 key (requires B<ccgost> engine configured in the configuration
+file). If just B<gost2001> is specified a parameter set should be
+specified by B<-pkeyopt paramset:X>
+
+
+=item B<-pkeyopt opt:value>
+
+set the public key algorithm option B<opt> to B<value>. The precise set of
+options supported depends on the public key algorithm used and its
+implementation. See B<KEY GENERATION OPTIONS> in the B<genpkey> manual page
+for more details.
 
 =item B<-key filename>
 
@@ -154,11 +197,15 @@ configuration file is used.
 if this option is specified then if a private key is created it
 will not be encrypted.
 
-=item B<-[md5|sha1|md2|mdc2]>
+=item B<-[digest]>
 
-this specifies the message digest to sign the request with. This
-overrides the digest algorithm specified in the configuration file.
-This option is ignored for DSA requests: they always use SHA1.
+this specifies the message digest to sign the request with (such as
+B<-md5>, B<-sha1>). This overrides the digest algorithm specified in
+the configuration file.
+
+Some public key algorithms may override this choice. For instance, DSA
+signatures always use SHA1, GOST R 34.10 signatures always use
+GOST R 34.11-94 (B<-md_gost94>).
 
 =item B<-config filename>
 
@@ -173,6 +220,15 @@ when processing a request.
 The arg must be formatted as I</type0=value0/type1=value1/type2=...>,
 characters may be escaped by \ (backslash), no spaces are skipped.
 
+=item B<-multivalue-rdn>
+
+this option causes the -subj argument to be interpreted with full
+support for multivalued RDNs. Example:
+
+I</DC=org/DC=OpenSSL/DC=users/UID=123456+CN=John Doe>
+
+If -multi-rdn is not used then the UID value is I<123456+CN=John Doe>.
+
 =item B<-x509>
 
 this option outputs a self signed certificate instead of a certificate
@@ -217,6 +273,15 @@ B<option> argument can be a single option or multiple options separated by
 commas.  Alternatively the B<-nameopt> switch may be used more than once to
 set multiple options. See the L<x509(1)|x509(1)> manual page for details.
 
+=item B<-reqopt>
+
+customise the output format used with B<-text>. The B<option> argument can be
+a single option or multiple options separated by commas. 
+
+See discission of the  B<-certopt> parameter in the L<B<x509>|x509(1)>
+command.
+
+
 =item B<-asn1-kludge>
 
 by default the B<req> command outputs certificate requests containing
@@ -232,6 +297,10 @@ B<SET OF> whereas the correct form does.
 
 It should be noted that very few CAs still require the use of this option.
 
+=item B<-no-asn1-kludge>
+
+Reverses effect of B<-asn1-kludge>
+
 =item B<-newhdr>
 
 Adds the word B<NEW> to the PEM file header and footer lines on the outputed
@@ -247,11 +316,16 @@ print extra details about the operations being performed.
 
 =item B<-engine id>
 
-specifying an engine (by it's unique B<id> string) will cause B<req>
+specifying an engine (by its unique B<id> string) will cause B<req>
 to attempt to obtain a functional reference to the specified engine,
 thus initialising it if needed. The engine will then be set as the default
 for all available algorithms.
 
+=item B<-keygen_engine id>
+
+specifies an engine (by its unique B<id> string) which would be used
+for key generation operations.
+
 =back
 
 =head1 CONFIGURATION FILE FORMAT
@@ -334,7 +408,9 @@ problems with BMPStrings and UTF8Strings: in particular Netscape.
 
 this specifies the configuration file section containing a list of
 extensions to add to the certificate request. It can be overridden
-by the B<-reqexts> command line switch.
+by the B<-reqexts> command line switch. See the 
+L<x509v3_config(5)|x509v3_config(5)> manual page for details of the
+extension section format.
 
 =item B<x509_extensions>
 
@@ -596,6 +672,7 @@ address in subjectAltName should be input by the user.
 =head1 SEE ALSO
 
 L<x509(1)|x509(1)>, L<ca(1)|ca(1)>, L<genrsa(1)|genrsa(1)>,
-L<gendsa(1)|gendsa(1)>, L<config(5)|config(5)>
+L<gendsa(1)|gendsa(1)>, L<config(5)|config(5)>,
+L<x509v3_config(5)|x509v3_config(5)> 
 
 =cut
diff --git a/doc/apps/rsa.pod b/doc/apps/rsa.pod
index 4d7640995e..69b2bef82c 100644
--- a/doc/apps/rsa.pod
+++ b/doc/apps/rsa.pod
@@ -120,7 +120,7 @@ the input is a public key.
 
 =item B<-engine id>
 
-specifying an engine (by it's unique B<id> string) will cause B<req>
+specifying an engine (by its unique B<id> string) will cause B<rsa>
 to attempt to obtain a functional reference to the specified engine,
 thus initialising it if needed. The engine will then be set as the default
 for all available algorithms.
diff --git a/doc/apps/rsautl.pod b/doc/apps/rsautl.pod
index a7c1681d98..1a498c2f62 100644
--- a/doc/apps/rsautl.pod
+++ b/doc/apps/rsautl.pod
@@ -152,7 +152,7 @@ The final BIT STRING contains the actual signature. It can be extracted with:
 
 The certificate public key can be extracted with:
  
- openssl x509 -in test/testx509.pem -pubout -noout >pubkey.pem
+ openssl x509 -in test/testx509.pem -pubkey -noout >pubkey.pem
 
 The signature can be analysed with:
 
diff --git a/doc/apps/s_client.pod b/doc/apps/s_client.pod
index e1e1ba9865..4ebf7b5854 100644
--- a/doc/apps/s_client.pod
+++ b/doc/apps/s_client.pod
@@ -38,6 +38,10 @@ B<openssl> B<s_client>
 [B<-cipher cipherlist>]
 [B<-starttls protocol>]
 [B<-engine id>]
+[B<-tlsextdebug>]
+[B<-no_ticket>]
+[B<-sess_out filename>]
+[B<-sess_in filename>]
 [B<-rand file(s)>]
 
 =head1 DESCRIPTION
@@ -97,6 +101,11 @@ also used when building the client certificate chain.
 A file containing trusted certificates to use during server authentication
 and to use when attempting to build the client certificate chain.
 
+=item B<-purpose, -ignore_critical, -issuer_checks, -crl_check, -crl_check_all, -policy_check, -extended_crl, -x509_strict, -policy -check_ss_sig>
+
+Set various certificate chain valiadition option. See the
+L<B<verify>|verify(1)> manual page for details.
+
 =item B<-reconnect>
 
 reconnects to the same server 5 times using the same session ID, this can
@@ -157,6 +166,16 @@ input.
 inhibit printing of session and certificate information.  This implicitly
 turns on B<-ign_eof> as well.
 
+=item B<-psk_identity identity>
+
+Use the PSK identity B<identity> when using a PSK cipher suite.
+
+=item B<-psk key>
+
+Use the PSK key B<key> when using a PSK cipher suite. The key is
+given as a hexadecimal number without leading 0x, for example -psk
+1a2b3c4d.
+
 =item B<-ssl2>, B<-ssl3>, B<-tls1>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1>
 
 these options disable the use of certain SSL or TLS protocols. By default
@@ -184,11 +203,28 @@ command for more information.
 
 send the protocol-specific message(s) to switch to TLS for communication.
 B<protocol> is a keyword for the intended protocol.  Currently, the only
-supported keywords are "smtp" and "pop3".
+supported keywords are "smtp", "pop3", "imap", and "ftp".
+
+=item B<-tlsextdebug>
+
+print out a hex dump of any TLS extensions received from the server.
+
+=item B<-no_ticket>
+
+disable RFC4507bis session ticket support. 
+
+=item B<-sess_out filename>
+
+output SSL session to B<filename>
+
+=item B<-sess_in sess.pem>
+
+load SSL session from B<filename>. The client will attempt to resume a
+connection from this session.
 
 =item B<-engine id>
 
-specifying an engine (by it's unique B<id> string) will cause B<s_client>
+specifying an engine (by its unique B<id> string) will cause B<s_client>
 to attempt to obtain a functional reference to the specified engine,
 thus initialising it if needed. The engine will then be set as the default
 for all available algorithms.
@@ -246,6 +282,10 @@ on the command line is no guarantee that the certificate works.
 If there are problems verifying a server certificate then the
 B<-showcerts> option can be used to show the whole chain.
 
+Since the SSLv23 client hello cannot include compression methods or extensions
+these will only be supported if its use is disabled, for example by using the
+B<-no_sslv2> option.
+
 =head1 BUGS
 
 Because this program has a lot of options and also because some of
diff --git a/doc/apps/s_server.pod b/doc/apps/s_server.pod
index 7c1a9581d9..3e503e17e1 100644
--- a/doc/apps/s_server.pod
+++ b/doc/apps/s_server.pod
@@ -12,6 +12,8 @@ B<openssl> B<s_server>
 [B<-context id>]
 [B<-verify depth>]
 [B<-Verify depth>]
+[B<-crl_check>]
+[B<-crl_check_all>]
 [B<-cert filename>]
 [B<-certform DER|PEM>]
 [B<-key keyfile>]
@@ -48,6 +50,8 @@ B<openssl> B<s_server>
 [B<-WWW>]
 [B<-HTTP>]
 [B<-engine id>]
+[B<-tlsextdebug>]
+[B<-no_ticket>]
 [B<-id_prefix arg>]
 [B<-rand file(s)>]
 
@@ -140,6 +144,12 @@ the client. With the B<-verify> option a certificate is requested but the
 client does not have to send one, with the B<-Verify> option the client
 must supply a certificate or an error occurs.
 
+=item B<-crl_check>, B<-crl_check_all>
+
+Check the peer certificate has not been revoked by its CA.
+The CRL(s) are appended to the certificate file. With the B<-crl_check_all>
+option all CRLs of all CAs in the chain are checked.
+
 =item B<-CApath directory>
 
 The directory to use for client certificate verification. This directory
@@ -181,6 +191,16 @@ this option translated a line feed from the terminal into CR+LF.
 
 inhibit printing of session and certificate information.
 
+=item B<-psk_hint hint>
+
+Use the PSK identity hint B<hint> when using a PSK cipher suite.
+
+=item B<-psk key>
+
+Use the PSK key B<key> when using a PSK cipher suite. The key is
+given as a hexadecimal number without leading 0x, for example -psk
+1a2b3c4d.
+
 =item B<-ssl2>, B<-ssl3>, B<-tls1>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1>
 
 these options disable the use of certain SSL or TLS protocols. By default
@@ -205,6 +225,14 @@ also included in the server list is used. Because the client specifies
 the preference order, the order of the server cipherlist irrelevant. See
 the B<ciphers> command for more information.
 
+=item B<-tlsextdebug>
+
+print out a hex dump of any TLS extensions received from the server.
+
+=item B<-no_ticket>
+
+disable RFC4507bis session ticket support. 
+
 =item B<-www>
 
 sends a status message back to the client when it connects. This includes
@@ -228,7 +256,7 @@ are part of the HTTP response line and headers must end with CRLF).
 
 =item B<-engine id>
 
-specifying an engine (by it's unique B<id> string) will cause B<s_server>
+specifying an engine (by its unique B<id> string) will cause B<s_server>
 to attempt to obtain a functional reference to the specified engine,
 thus initialising it if needed. The engine will then be set as the default
 for all available algorithms.
diff --git a/doc/apps/smime.pod b/doc/apps/smime.pod
index 84b673f791..42c0733bcb 100644
--- a/doc/apps/smime.pod
+++ b/doc/apps/smime.pod
@@ -10,16 +10,10 @@ B<openssl> B<smime>
 [B<-encrypt>]
 [B<-decrypt>]
 [B<-sign>]
+[B<-resign>]
 [B<-verify>]
 [B<-pk7out>]
-[B<-des>]
-[B<-des3>]
-[B<-rc2-40>]
-[B<-rc2-64>]
-[B<-rc2-128>]
-[B<-aes128>]
-[B<-aes192>]
-[B<-aes256>]
+[B<-[cipher]>]
 [B<-in file>]
 [B<-certfile file>]
 [B<-signer file>]
@@ -34,7 +28,11 @@ B<openssl> B<smime>
 [B<-from ad>]
 [B<-subject s>]
 [B<-text>]
+[B<-indef>]
+[B<-noindef>]
+[B<-stream>]
 [B<-rand file(s)>]
+[B<-md digest>]
 [cert.pem]...
 
 =head1 DESCRIPTION
@@ -44,7 +42,7 @@ verify S/MIME messages.
 
 =head1 COMMAND OPTIONS
 
-There are five operation options that set the type of operation to be performed.
+There are six operation options that set the type of operation to be performed.
 The meaning of the other options varies according to the operation type.
 
 =over 4
@@ -75,6 +73,10 @@ the signed data. Both clear text and opaque signing is supported.
 
 takes an input message and writes out a PEM encoded PKCS#7 structure.
 
+=item B<-resign>
+
+resign a message: take an existing message and one or more new signers.
+
 =item B<-in filename>
 
 the input message to be encrypted or signed or the MIME message to
@@ -103,6 +105,21 @@ instead. This currently only affects the output format of the PKCS#7
 structure, if no PKCS#7 structure is being output (for example with
 B<-verify> or B<-decrypt>) this option has no effect.
 
+=item B<-stream -indef -noindef>
+
+the B<-stream> and B<-indef> options are equivalent and enable streaming I/O
+for encoding operations. This permits single pass processing of data without
+the need to hold the entire contents in memory, potentially supporting very
+large files. Streaming is automatically set for S/MIME signing with detached
+data if the output format is B<SMIME> it is currently off by default for all
+other operations.
+
+=item B<-noindef>
+
+disable streaming I/O where it would produce and indefinite length constructed
+encoding. This option currently has no effect. In future streaming will be
+enabled by default on all relevant operations and this option will disable it.
+
 =item B<-content filename>
 
 This specifies a file containing the detached content, this is only
@@ -129,11 +146,20 @@ B<-verify>. This directory must be a standard certificate directory: that
 is a hash of each subject name (using B<x509 -hash>) should be linked
 to each certificate.
 
-=item B<-des -des3 -rc2-40 -rc2-64 -rc2-128 -aes128 -aes192 -aes256>
+=item B<-md digest>
 
-the encryption algorithm to use. DES (56 bits), triple DES (168 bits),
-40, 64 or 128 bit RC2 or 128, 192 or 256 bit AES respectively.  If not
-specified 40 bit RC2 is used. Only used with B<-encrypt>.
+digest algorithm to use when signing or resigning. If not present then the
+default digest algorithm for the signing key will be used (usually SHA1).
+
+=item B<-[cipher]>
+
+the encryption algorithm to use. For example DES  (56 bits) - B<-des>,
+triple DES (168 bits) - B<-des3>,
+EVP_get_cipherbyname() function) can also be used preceded by a dash, for 
+example B<-aes_128_cbc>. See L<B<enc>|enc(1)> for list of ciphers
+supported by your version of OpenSSL.
+
+If not specified 40 bit RC2 is used. Only used with B<-encrypt>.
 
 =item B<-nointern>
 
@@ -190,9 +216,10 @@ the signers certificates. The certificates should be in PEM format.
 
 =item B<-signer file>
 
-the signers certificate when signing a message. If a message is
-being verified then the signers certificates will be written to this
-file if the verification was successful.
+a signing certificate when signing or resigning a message, this option can be
+used multiple times if more than one signer is required. If a message is being
+verified then the signers certificates will be written to this file if the
+verification was successful.
 
 =item B<-recip file>
 
@@ -204,7 +231,8 @@ must match one of the recipients of the message or an error occurs.
 the private key to use when signing or decrypting. This must match the
 corresponding certificate. If this option is not specified then the
 private key must be included in the certificate file specified with
-the B<-recip> or B<-signer> file.
+the B<-recip> or B<-signer> file. When signing this option can be used
+multiple times to specify successive keys.
 
 =item B<-passin arg>
 
@@ -231,6 +259,11 @@ portion of a message so they may be included manually. If signing
 then many S/MIME mail clients check the signers certificate's email
 address matches that specified in the From: address.
 
+=item B<-purpose, -ignore_critical, -issuer_checks, -crl_check, -crl_check_all, -policy_check, -extended_crl, -x509_strict, -policy -check_ss_sig>
+
+Set various options of certificate chain verification. See
+L<B<verify>|verify(1)> manual page for details.
+
 =back
 
 =head1 NOTES
@@ -258,6 +291,19 @@ The options B<-encrypt> and B<-decrypt> reflect common usage in S/MIME
 clients. Strictly speaking these process PKCS#7 enveloped data: PKCS#7
 encrypted data is used for other purposes.
 
+The B<-resign> option uses an existing message digest when adding a new
+signer. This means that attributes must be present in at least one existing
+signer using the same message digest or this operation will fail.
+
+The B<-stream> and B<-indef> options enable experimental streaming I/O support.
+As a result the encoding is BER using indefinite length constructed encoding
+and no longer DER. Streaming is supported for the B<-encrypt> operation and the
+B<-sign> operation if the content is not detached.
+
+Streaming is always used for the B<-sign> operation with detached data but
+since the content is no longer part of the PKCS#7 structure the encoding
+remains DER.
+
 =head1 EXIT CODES
 
 =over 4
@@ -297,7 +343,7 @@ Create a cleartext signed message:
  openssl smime -sign -in message.txt -text -out mail.msg \
 	-signer mycert.pem
 
-Create and opaque signed message
+Create an opaque signed message
 
  openssl smime -sign -in message.txt -text -out mail.msg -nodetach \
 	-signer mycert.pem
@@ -308,6 +354,11 @@ read the private key from another file:
  openssl smime -sign -in in.txt -text -out mail.msg \
 	-signer mycert.pem -inkey mykey.pem -certfile mycerts.pem
 
+Create a signed message with two signers:
+
+ openssl smime -sign -in message.txt -text -out mail.msg \
+	-signer mycert.pem -signer othercert.pem
+
 Send a signed message under Unix directly to sendmail, including headers:
 
  openssl smime -sign -in in.txt -text -signer mycert.pem \
@@ -331,8 +382,8 @@ Sign and encrypt mail:
 	-from steve@openssl.org -to someone@somewhere \
 	-subject "Signed and Encrypted message" -des3 user.pem
 
-Note: the encryption command does not include the B<-text> option because the message
-being encrypted already has MIME headers.
+Note: the encryption command does not include the B<-text> option because the
+message being encrypted already has MIME headers.
 
 Decrypt mail:
 
@@ -354,16 +405,26 @@ alternatively you can base64 decode the signature and use
 
  openssl smime -verify -inform DER -in signature.der -content content.txt
 
+Create an encrypted message using 128 bit Camellia:
+
+ openssl smime -encrypt -in plain.txt -camellia128 -out mail.msg cert.pem
+
+Add a signer to an existing message:
+
+ openssl smime -resign -in mail.msg -signer newsign.pem -out mail2.msg
+
 =head1 BUGS
 
-The MIME parser isn't very clever: it seems to handle most messages that I've thrown
-at it but it may choke on others.
+The MIME parser isn't very clever: it seems to handle most messages that I've
+thrown at it but it may choke on others.
 
-The code currently will only write out the signer's certificate to a file: if the
-signer has a separate encryption certificate this must be manually extracted. There
-should be some heuristic that determines the correct encryption certificate.
+The code currently will only write out the signer's certificate to a file: if
+the signer has a separate encryption certificate this must be manually
+extracted. There should be some heuristic that determines the correct
+encryption certificate.
 
-Ideally a database should be maintained of a certificates for each email address.
+Ideally a database should be maintained of a certificates for each email
+address.
 
 The code doesn't currently take note of the permitted symmetric encryption
 algorithms as supplied in the SMIMECapabilities signed attribute. this means the
@@ -375,4 +436,10 @@ No revocation checking is done on the signer's certificate.
 The current code can only handle S/MIME v2 messages, the more complex S/MIME v3
 structures may cause parsing errors.
 
+=head1 HISTORY
+
+The use of multiple B<-signer> options and the B<-resign> command were first
+added in OpenSSL 1.0.0
+
+
 =cut
diff --git a/doc/apps/speed.pod b/doc/apps/speed.pod
index 0dcdba873e..1cd1998d16 100644
--- a/doc/apps/speed.pod
+++ b/doc/apps/speed.pod
@@ -44,7 +44,7 @@ This command is used to test the performance of cryptographic algorithms.
 
 =item B<-engine id>
 
-specifying an engine (by it's unique B<id> string) will cause B<speed>
+specifying an engine (by its unique B<id> string) will cause B<speed>
 to attempt to obtain a functional reference to the specified engine,
 thus initialising it if needed. The engine will then be set as the default
 for all available algorithms.
diff --git a/doc/apps/spkac.pod b/doc/apps/spkac.pod
index c3f1ff9c64..97fb80e401 100644
--- a/doc/apps/spkac.pod
+++ b/doc/apps/spkac.pod
@@ -81,7 +81,7 @@ verifies the digital signature on the supplied SPKAC.
 
 =item B<-engine id>
 
-specifying an engine (by it's unique B<id> string) will cause B<req>
+specifying an engine (by its unique B<id> string) will cause B<spkac>
 to attempt to obtain a functional reference to the specified engine,
 thus initialising it if needed. The engine will then be set as the default
 for all available algorithms.
diff --git a/doc/apps/ts.pod b/doc/apps/ts.pod
new file mode 100644
index 0000000000..7fb6caa96e
--- /dev/null
+++ b/doc/apps/ts.pod
@@ -0,0 +1,594 @@
+=pod
+
+=head1 NAME
+
+ts - Time Stamping Authority tool (client/server)
+
+=head1 SYNOPSIS
+
+B<openssl> B<ts>
+B<-query>
+[B<-rand> file:file...]
+[B<-config> configfile]
+[B<-data> file_to_hash]
+[B<-digest> digest_bytes]
+[B<-md2>|B<-md4>|B<-md5>|B<-sha>|B<-sha1>|B<-mdc2>|B<-ripemd160>|B<...>]
+[B<-policy> object_id]
+[B<-no_nonce>]
+[B<-cert>]
+[B<-in> request.tsq]
+[B<-out> request.tsq]
+[B<-text>]
+
+B<openssl> B<ts>
+B<-reply>
+[B<-config> configfile]
+[B<-section> tsa_section]
+[B<-queryfile> request.tsq]
+[B<-passin> password_src]
+[B<-signer> tsa_cert.pem]
+[B<-inkey> private.pem]
+[B<-chain> certs_file.pem]
+[B<-policy> object_id]
+[B<-in> response.tsr]
+[B<-token_in>]
+[B<-out> response.tsr]
+[B<-token_out>]
+[B<-text>]
+[B<-engine> id]
+
+B<openssl> B<ts>
+B<-verify>
+[B<-data> file_to_hash]
+[B<-digest> digest_bytes]
+[B<-queryfile> request.tsq]
+[B<-in> response.tsr]
+[B<-token_in>]
+[B<-CApath> trusted_cert_path]
+[B<-CAfile> trusted_certs.pem]
+[B<-untrusted> cert_file.pem]
+
+=head1 DESCRIPTION
+
+The B<ts> command is a basic Time Stamping Authority (TSA) client and server
+application as specified in RFC 3161 (Time-Stamp Protocol, TSP). A
+TSA can be part of a PKI deployment and its role is to provide long
+term proof of the existence of a certain datum before a particular
+time. Here is a brief description of the protocol:
+
+=over 4
+
+=item 1.
+
+The TSA client computes a one-way hash value for a data file and sends
+the hash to the TSA.
+
+=item 2.
+
+The TSA attaches the current date and time to the received hash value,
+signs them and sends the time stamp token back to the client. By
+creating this token the TSA certifies the existence of the original
+data file at the time of response generation.
+
+=item 3.
+
+The TSA client receives the time stamp token and verifies the
+signature on it. It also checks if the token contains the same hash
+value that it had sent to the TSA.
+
+=back
+
+There is one DER encoded protocol data unit defined for transporting a time
+stamp request to the TSA and one for sending the time stamp response
+back to the client. The B<ts> command has three main functions:
+creating a time stamp request based on a data file,
+creating a time stamp response based on a request, verifying if a
+response corresponds to a particular request or a data file.
+
+There is no support for sending the requests/responses automatically
+over HTTP or TCP yet as suggested in RFC 3161. The users must send the
+requests either by ftp or e-mail.
+
+=head1 OPTIONS
+
+=head2 Time Stamp Request generation
+
+The B<-query> switch can be used for creating and printing a time stamp
+request with the following options:
+
+=over 4
+
+=item B<-rand> file:file...
+
+The files containing random data for seeding the random number
+generator. Multiple files can be specified, the separator is B<;> for
+MS-Windows, B<,> for VMS and B<:> for all other platforms. (Optional)
+
+=item B<-config> configfile
+
+The configuration file to use, this option overrides the
+B<OPENSSL_CONF> environment variable. Only the OID section
+of the config file is used with the B<-query> command. (Optional)
+
+=item B<-data> file_to_hash
+
+The data file for which the time stamp request needs to be
+created. stdin is the default if neither the B<-data> nor the B<-digest>
+parameter is specified. (Optional)
+
+=item B<-digest> digest_bytes
+
+It is possible to specify the message imprint explicitly without the data
+file. The imprint must be specified in a hexadecimal format, two characters
+per byte, the bytes optionally separated by colons (e.g. 1A:F6:01:... or
+1AF601...). The number of bytes must match the message digest algorithm 
+in use. (Optional)
+
+=item B<-md2>|B<-md4>|B<-md5>|B<-sha>|B<-sha1>|B<-mdc2>|B<-ripemd160>|B<...>
+
+The message digest to apply to the data file, it supports all the message
+digest algorithms that are supported by the openssl B<dgst> command.
+The default is SHA-1. (Optional)
+
+=item B<-policy> object_id
+
+The policy that the client expects the TSA to use for creating the
+time stamp token. Either the dotted OID notation or OID names defined
+in the config file can be used. If no policy is requested the TSA will
+use its own default policy. (Optional)
+
+=item B<-no_nonce>
+
+No nonce is specified in the request if this option is
+given. Otherwise a 64 bit long pseudo-random none is
+included in the request. It is recommended to use nonce to
+protect against replay-attacks. (Optional)
+
+=item B<-cert>
+
+The TSA is expected to include its signing certificate in the
+response. (Optional)
+
+=item B<-in> request.tsq
+
+This option specifies a previously created time stamp request in DER
+format that will be printed into the output file. Useful when you need
+to examine the content of a request in human-readable
+
+format. (Optional)
+
+=item B<-out> request.tsq
+
+Name of the output file to which the request will be written. Default
+is stdout. (Optional)
+
+=item B<-text>
+
+If this option is specified the output is human-readable text format
+instead of DER. (Optional)
+
+=back
+
+=head2 Time Stamp Response generation
+
+A time stamp response (TimeStampResp) consists of a response status
+and the time stamp token itself (ContentInfo), if the token generation was
+successful. The B<-reply> command is for creating a time stamp
+response or time stamp token based on a request and printing the
+response/token in human-readable format. If B<-token_out> is not
+specified the output is always a time stamp response (TimeStampResp),
+otherwise it is a time stamp token (ContentInfo).
+
+=over 4
+
+=item B<-config> configfile
+
+The configuration file to use, this option overrides the
+B<OPENSSL_CONF> environment variable. See B<CONFIGURATION FILE
+OPTIONS> for configurable variables. (Optional)
+
+=item B<-section> tsa_section
+
+The name of the config file section conatining the settings for the
+response generation. If not specified the default TSA section is
+used, see B<CONFIGURATION FILE OPTIONS> for details. (Optional)
+
+=item B<-queryfile> request.tsq
+
+The name of the file containing a DER encoded time stamp request. (Optional)
+
+=item B<-passin> password_src
+
+Specifies the password source for the private key of the TSA. See
+B<PASS PHRASE ARGUMENTS> in L<openssl(1)|openssl(1)>. (Optional)
+
+=item B<-signer> tsa_cert.pem
+
+The signer certificate of the TSA in PEM format. The TSA signing
+certificate must have exactly one extended key usage assigned to it:
+timeStamping. The extended key usage must also be critical, otherwise
+the certificate is going to be refused. Overrides the B<signer_cert>
+variable of the config file. (Optional)
+
+=item B<-inkey> private.pem
+
+The signer private key of the TSA in PEM format. Overrides the
+B<signer_key> config file option. (Optional)
+
+=item B<-chain> certs_file.pem
+
+The collection of certificates in PEM format that will all
+be included in the response in addition to the signer certificate if
+the B<-cert> option was used for the request. This file is supposed to
+contain the certificate chain for the signer certificate from its
+issuer upwards. The B<-reply> command does not build a certificate
+chain automatically. (Optional)
+
+=item B<-policy> object_id
+
+The default policy to use for the response unless the client
+explicitly requires a particular TSA policy. The OID can be specified
+either in dotted notation or with its name. Overrides the
+B<default_policy> config file option. (Optional)
+
+=item B<-in> response.tsr
+
+Specifies a previously created time stamp response or time stamp token
+(if B<-token_in> is also specified) in DER format that will be written
+to the output file. This option does not require a request, it is
+useful e.g. when you need to examine the content of a response or
+token or you want to extract the time stamp token from a response. If
+the input is a token and the output is a time stamp response a default
+'granted' status info is added to the token. (Optional)
+
+=item B<-token_in>
+
+This flag can be used together with the B<-in> option and indicates
+that the input is a DER encoded time stamp token (ContentInfo) instead
+of a time stamp response (TimeStampResp). (Optional)
+
+=item B<-out> response.tsr
+
+The response is written to this file. The format and content of the
+file depends on other options (see B<-text>, B<-token_out>). The default is
+stdout. (Optional)
+
+=item B<-token_out>
+
+The output is a time stamp token (ContentInfo) instead of time stamp
+response (TimeStampResp). (Optional)
+
+=item B<-text>
+
+If this option is specified the output is human-readable text format
+instead of DER. (Optional)
+
+=item B<-engine> id
+
+Specifying an engine (by its unique B<id> string) will cause B<ts>
+to attempt to obtain a functional reference to the specified engine,
+thus initialising it if needed. The engine will then be set as the default
+for all available algorithms. Default is builtin. (Optional)
+
+=back
+
+=head2 Time Stamp Response verification
+
+The B<-verify> command is for verifying if a time stamp response or time
+stamp token is valid and matches a particular time stamp request or
+data file. The B<-verify> command does not use the configuration file.
+
+=over 4
+
+=item B<-data> file_to_hash
+
+The response or token must be verified against file_to_hash. The file
+is hashed with the message digest algorithm specified in the token. 
+The B<-digest> and B<-queryfile> options must not be specified with this one.
+(Optional)
+
+=item B<-digest> digest_bytes
+
+The response or token must be verified against the message digest specified
+with this option. The number of bytes must match the message digest algorithm
+specified in the token. The B<-data> and B<-queryfile> options must not be
+specified with this one. (Optional)
+
+=item B<-queryfile> request.tsq
+
+The original time stamp request in DER format. The B<-data> and B<-digest>
+options must not be specified with this one. (Optional)
+
+=item B<-in> response.tsr
+
+The time stamp response that needs to be verified in DER format. (Mandatory)
+
+=item B<-token_in>
+
+This flag can be used together with the B<-in> option and indicates
+that the input is a DER encoded time stamp token (ContentInfo) instead
+of a time stamp response (TimeStampResp). (Optional)
+
+=item B<-CApath> trusted_cert_path
+
+The name of the directory containing the trused CA certificates of the
+client. See the similar option of L<verify(1)|verify(1)> for additional
+details. Either this option or B<-CAfile> must be specified. (Optional)
+
+
+=item B<-CAfile> trusted_certs.pem
+
+The name of the file containing a set of trusted self-signed CA 
+certificates in PEM format. See the similar option of 
+L<verify(1)|verify(1)> for additional details. Either this option 
+or B<-CApath> must be specified.
+(Optional)
+
+=item B<-untrusted> cert_file.pem
+
+Set of additional untrusted certificates in PEM format which may be
+needed when building the certificate chain for the TSA's signing
+certificate. This file must contain the TSA signing certificate and
+all intermediate CA certificates unless the response includes them.
+(Optional)
+
+=back
+
+=head1 CONFIGURATION FILE OPTIONS
+
+The B<-query> and B<-reply> commands make use of a configuration file
+defined by the B<OPENSSL_CONF> environment variable. See L<config(5)|config(5)>
+for a general description of the syntax of the config file. The
+B<-query> command uses only the symbolic OID names section
+and it can work without it. However, the B<-reply> command needs the
+config file for its operation.
+
+When there is a command line switch equivalent of a variable the
+switch always overrides the settings in the config file.
+
+=over 4
+
+=item B<tsa> section, B<default_tsa>	
+
+This is the main section and it specifies the name of another section
+that contains all the options for the B<-reply> command. This default
+section can be overriden with the B<-section> command line switch. (Optional)
+
+=item B<oid_file>
+
+See L<ca(1)|ca(1)> for description. (Optional)
+
+=item B<oid_section>
+
+See L<ca(1)|ca(1)> for description. (Optional)
+
+=item B<RANDFILE>
+
+See L<ca(1)|ca(1)> for description. (Optional)
+
+=item B<serial>
+
+The name of the file containing the hexadecimal serial number of the
+last time stamp response created. This number is incremented by 1 for
+each response. If the file does not exist at the time of response
+generation a new file is created with serial number 1. (Mandatory)
+
+=item B<crypto_device>
+
+Specifies the OpenSSL engine that will be set as the default for 
+all available algorithms. The default value is builtin, you can specify 
+any other engines supported by OpenSSL (e.g. use chil for the NCipher HSM).
+(Optional)
+
+=item B<signer_cert>
+
+TSA signing certificate in PEM format. The same as the B<-signer>
+command line option. (Optional)
+
+=item B<certs>
+
+A file containing a set of PEM encoded certificates that need to be
+included in the response. The same as the B<-chain> command line
+option. (Optional)
+
+=item B<signer_key>
+
+The private key of the TSA in PEM format. The same as the B<-inkey>
+command line option. (Optional)
+
+=item B<default_policy>
+
+The default policy to use when the request does not mandate any
+policy. The same as the B<-policy> command line option. (Optional)
+
+=item B<other_policies>
+
+Comma separated list of policies that are also acceptable by the TSA
+and used only if the request explicitly specifies one of them. (Optional)
+
+=item B<digests>
+
+The list of message digest algorithms that the TSA accepts. At least
+one algorithm must be specified. (Mandatory)
+
+=item B<accuracy>
+
+The accuracy of the time source of the TSA in seconds, milliseconds
+and microseconds. E.g. secs:1, millisecs:500, microsecs:100. If any of
+the components is missing zero is assumed for that field. (Optional)
+
+=item B<clock_precision_digits>
+
+Specifies the maximum number of digits, which represent the fraction of 
+seconds, that  need to be included in the time field. The trailing zeroes
+must be removed from the time, so there might actually be fewer digits,
+or no fraction of seconds at all. Supported only on UNIX platforms.
+The maximum value is 6, default is 0.
+(Optional)
+
+=item B<ordering>
+
+If this option is yes the responses generated by this TSA can always
+be ordered, even if the time difference between two responses is less
+than the sum of their accuracies. Default is no. (Optional)
+
+=item B<tsa_name>
+
+Set this option to yes if the subject name of the TSA must be included in
+the TSA name field of the response. Default is no. (Optional)
+
+=item B<ess_cert_id_chain>
+
+The SignedData objects created by the TSA always contain the
+certificate identifier of the signing certificate in a signed
+attribute (see RFC 2634, Enhanced Security Services). If this option
+is set to yes and either the B<certs> variable or the B<-chain> option
+is specified then the certificate identifiers of the chain will also
+be included in the SigningCertificate signed attribute. If this
+variable is set to no, only the signing certificate identifier is
+included. Default is no. (Optional)
+
+=back
+
+=head1 ENVIRONMENT VARIABLES
+
+B<OPENSSL_CONF> contains the path of the configuration file and can be
+overriden by the B<-config> command line option.
+
+=head1 EXAMPLES
+
+All the examples below presume that B<OPENSSL_CONF> is set to a proper
+configuration file, e.g. the example configuration file 
+openssl/apps/openssl.cnf will do.
+
+=head2 Time Stamp Request
+
+To create a time stamp request for design1.txt with SHA-1 
+without nonce and policy and no certificate is required in the response:
+
+  openssl ts -query -data design1.txt -no_nonce \
+	-out design1.tsq
+
+To create a similar time stamp request with specifying the message imprint
+explicitly:
+
+  openssl ts -query -digest b7e5d3f93198b38379852f2c04e78d73abdd0f4b \
+	 -no_nonce -out design1.tsq
+
+To print the content of the previous request in human readable format:
+
+  openssl ts -query -in design1.tsq -text
+
+To create a time stamp request which includes the MD-5 digest 
+of design2.txt, requests the signer certificate and nonce,
+specifies a policy id (assuming the tsa_policy1 name is defined in the
+OID section of the config file):
+
+  openssl ts -query -data design2.txt -md5 \
+	-policy tsa_policy1 -cert -out design2.tsq
+
+=head2 Time Stamp Response
+
+Before generating a response a signing certificate must be created for
+the TSA that contains the B<timeStamping> critical extended key usage extension
+without any other key usage extensions. You can add the
+'extendedKeyUsage = critical,timeStamping' line to the user certificate section
+of the config file to generate a proper certificate. See L<req(1)|req(1)>,
+L<ca(1)|ca(1)>, L<x509(1)|x509(1)> for instructions. The examples
+below assume that cacert.pem contains the certificate of the CA,
+tsacert.pem is the signing certificate issued by cacert.pem and
+tsakey.pem is the private key of the TSA.
+
+To create a time stamp response for a request:
+
+  openssl ts -reply -queryfile design1.tsq -inkey tsakey.pem \
+	-signer tsacert.pem -out design1.tsr
+
+If you want to use the settings in the config file you could just write:
+
+  openssl ts -reply -queryfile design1.tsq -out design1.tsr
+
+To print a time stamp reply to stdout in human readable format:
+
+  openssl ts -reply -in design1.tsr -text
+
+To create a time stamp token instead of time stamp response:
+
+  openssl ts -reply -queryfile design1.tsq -out design1_token.der -token_out
+
+To print a time stamp token to stdout in human readable format:
+
+  openssl ts -reply -in design1_token.der -token_in -text -token_out
+
+To extract the time stamp token from a response:
+
+  openssl ts -reply -in design1.tsr -out design1_token.der -token_out
+
+To add 'granted' status info to a time stamp token thereby creating a
+valid response:
+
+  openssl ts -reply -in design1_token.der -token_in -out design1.tsr
+
+=head2 Time Stamp Verification
+
+To verify a time stamp reply against a request:
+
+  openssl ts -verify -queryfile design1.tsq -in design1.tsr \
+	-CAfile cacert.pem -untrusted tsacert.pem
+
+To verify a time stamp reply that includes the certificate chain:
+
+  openssl ts -verify -queryfile design2.tsq -in design2.tsr \
+	-CAfile cacert.pem
+
+To verify a time stamp token against the original data file:
+  openssl ts -verify -data design2.txt -in design2.tsr \
+	-CAfile cacert.pem
+
+To verify a time stamp token against a message imprint:
+  openssl ts -verify -digest b7e5d3f93198b38379852f2c04e78d73abdd0f4b \
+	 -in design2.tsr -CAfile cacert.pem
+
+You could also look at the 'test' directory for more examples.
+
+=head1 BUGS
+
+If you find any bugs or you have suggestions please write to
+Zoltan Glozik <zglozik@opentsa.org>. Known issues:
+
+=over 4
+
+=item * No support for time stamps over SMTP, though it is quite easy
+to implement an automatic e-mail based TSA with L<procmail(1)|procmail(1)> 
+and L<perl(1)|perl(1)>. HTTP server support is provided in the form of 
+a separate apache module. HTTP client support is provided by
+L<tsget(1)|tsget(1)>. Pure TCP/IP protocol is not supported.
+
+=item * The file containing the last serial number of the TSA is not
+locked when being read or written. This is a problem if more than one
+instance of L<openssl(1)|openssl(1)> is trying to create a time stamp
+response at the same time. This is not an issue when using the apache
+server module, it does proper locking.
+
+=item * Look for the FIXME word in the source files.
+
+=item * The source code should really be reviewed by somebody else, too.
+
+=item * More testing is needed, I have done only some basic tests (see
+test/testtsa).
+
+=back
+
+=cut
+
+=head1 AUTHOR
+
+Zoltan Glozik <zglozik@opentsa.org>, OpenTSA project (http://www.opentsa.org)
+
+=head1 SEE ALSO
+
+L<tsget(1)|tsget(1)>, L<openssl(1)|openssl(1)>, L<req(1)|req(1)>, 
+L<x509(1)|x509(1)>, L<ca(1)|ca(1)>, L<genrsa(1)|genrsa(1)>, 
+L<config(5)|config(5)>
+
+=cut
diff --git a/doc/apps/tsget.pod b/doc/apps/tsget.pod
new file mode 100644
index 0000000000..b05957beea
--- /dev/null
+++ b/doc/apps/tsget.pod
@@ -0,0 +1,194 @@
+=pod
+
+=head1 NAME
+
+tsget - Time Stamping HTTP/HTTPS client
+
+=head1 SYNOPSIS
+
+B<tsget>
+B<-h> server_url
+[B<-e> extension]
+[B<-o> output]
+[B<-v>]
+[B<-d>]
+[B<-k> private_key.pem]
+[B<-p> key_password]
+[B<-c> client_cert.pem]
+[B<-C> CA_certs.pem]
+[B<-P> CA_path]
+[B<-r> file:file...]
+[B<-g> EGD_socket]
+[request]...
+
+=head1 DESCRIPTION
+
+The B<tsget> command can be used for sending a time stamp request, as
+specified in B<RFC 3161>, to a time stamp server over HTTP or HTTPS and storing
+the time stamp response in a file. This tool cannot be used for creating the
+requests and verifying responses, you can use the OpenSSL B<ts(1)> command to
+do that. B<tsget> can send several requests to the server without closing
+the TCP connection if more than one requests are specified on the command
+line.
+
+The tool sends the following HTTP request for each time stamp request:
+
+	POST url HTTP/1.1
+	User-Agent: OpenTSA tsget.pl/<version>
+	Host: <host>:<port>
+	Pragma: no-cache
+	Content-Type: application/timestamp-query
+	Accept: application/timestamp-reply
+	Content-Length: length of body
+
+	...binary request specified by the user...
+
+B<tsget> expects a response of type application/timestamp-reply, which is
+written to a file without any interpretation.
+
+=head1 OPTIONS
+
+=over 4
+
+=item B<-h> server_url
+
+The URL of the HTTP/HTTPS server listening for time stamp requests.
+
+=item B<-e> extension
+
+If the B<-o> option is not given this argument specifies the extension of the
+output files. The base name of the output file will be the same as those of
+the input files. Default extension is '.tsr'. (Optional)
+
+=item B<-o> output
+
+This option can be specified only when just one request is sent to the
+server. The time stamp response will be written to the given output file. '-'
+means standard output. In case of multiple time stamp requests or the absence
+of this argument the names of the output files will be derived from the names
+of the input files and the default or specified extension argument. (Optional)
+
+=item B<-v>
+
+The name of the currently processed request is printed on standard
+error. (Optional)
+
+=item B<-d>
+
+Switches on verbose mode for the underlying B<curl> library. You can see
+detailed debug messages for the connection. (Optional)
+
+=item B<-k> private_key.pem
+
+(HTTPS) In case of certificate-based client authentication over HTTPS
+<private_key.pem> must contain the private key of the user. The private key
+file can optionally be protected by a passphrase. The B<-c> option must also
+be specified. (Optional)
+
+=item B<-p> key_password
+
+(HTTPS) Specifies the passphrase for the private key specified by the B<-k>
+argument. If this option is omitted and the key is passphrase protected B<tsget>
+will ask for it. (Optional)
+
+=item B<-c> client_cert.pem
+
+(HTTPS) In case of certificate-based client authentication over HTTPS
+<client_cert.pem> must contain the X.509 certificate of the user.  The B<-k>
+option must also be specified. If this option is not specified no
+certificate-based client authentication will take place. (Optional)
+
+=item B<-C> CA_certs.pem
+
+(HTTPS) The trusted CA certificate store. The certificate chain of the peer's
+certificate must include one of the CA certificates specified in this file.
+Either option B<-C> or option B<-P> must be given in case of HTTPS. (Optional)
+
+=item B<-P> CA_path
+
+(HTTPS) The path containing the trusted CA certificates to verify the peer's
+certificate. The directory must be prepared with the B<c_rehash>
+OpenSSL utility. Either option B<-C> or option B<-P> must be given in case of
+HTTPS. (Optional)
+
+=item B<-rand> file:file...
+
+The files containing random data for seeding the random number
+generator. Multiple files can be specified, the separator is B<;> for
+MS-Windows, B<,> for VMS and B<:> for all other platforms. (Optional)
+
+=item B<-g> EGD_socket
+
+The name of an EGD socket to get random data from. (Optional)
+
+=item [request]...
+
+List of files containing B<RFC 3161> DER-encoded time stamp requests. If no
+requests are specifed only one request will be sent to the server and it will be
+read from the standard input. (Optional)
+
+=back
+
+=head1 ENVIRONMENT VARIABLES
+
+The B<TSGET> environment variable can optionally contain default
+arguments. The content of this variable is added to the list of command line
+arguments.
+
+=head1 EXAMPLES
+
+The examples below presume that B<file1.tsq> and B<file2.tsq> contain valid
+time stamp requests, tsa.opentsa.org listens at port 8080 for HTTP requests
+and at port 8443 for HTTPS requests, the TSA service is available at the /tsa
+absolute path.
+
+Get a time stamp response for file1.tsq over HTTP, output is written to 
+file1.tsr:
+
+  tsget -h http://tsa.opentsa.org:8080/tsa file1.tsq
+
+Get a time stamp response for file1.tsq and file2.tsq over HTTP showing
+progress, output is written to file1.reply and file2.reply respectively:
+
+  tsget -h http://tsa.opentsa.org:8080/tsa -v -e .reply \
+	file1.tsq file2.tsq
+
+Create a time stamp request, write it to file3.tsq, send it to the server and
+write the response to file3.tsr:
+
+  openssl ts -query -data file3.txt -cert | tee file3.tsq \
+	| tsget -h http://tsa.opentsa.org:8080/tsa \
+	-o file3.tsr
+
+Get a time stamp response for file1.tsq over HTTPS without client
+authentication:
+
+  tsget -h https://tsa.opentsa.org:8443/tsa \
+	-C cacerts.pem file1.tsq
+
+Get a time stamp response for file1.tsq over HTTPS with certificate-based
+client authentication (it will ask for the passphrase if client_key.pem is
+protected):
+
+  tsget -h https://tsa.opentsa.org:8443/tsa -C cacerts.pem \
+	-k client_key.pem -c client_cert.pem file1.tsq
+
+You can shorten the previous command line if you make use of the B<TSGET>
+environment variable. The following commands do the same as the previous
+example:
+
+  TSGET='-h https://tsa.opentsa.org:8443/tsa -C cacerts.pem \
+	-k client_key.pem -c client_cert.pem'
+  export TSGET
+  tsget file1.tsq
+
+=head1 AUTHOR
+
+Zoltan Glozik <zglozik@opentsa.org>, OpenTSA project (http://www.opentsa.org)
+
+=head1 SEE ALSO
+
+L<openssl(1)|openssl(1)>, L<ts(1)|ts(1)>, L<curl(1)|curl(1)>, 
+B<RFC 3161>
+
+=cut
diff --git a/doc/apps/verify.pod b/doc/apps/verify.pod
index ea5c29c150..bd399dc772 100644
--- a/doc/apps/verify.pod
+++ b/doc/apps/verify.pod
@@ -10,6 +10,18 @@ B<openssl> B<verify>
 [B<-CApath directory>]
 [B<-CAfile file>]
 [B<-purpose purpose>]
+[B<-policy arg>]
+[B<-ignore_critical>]
+[B<-crl_check>]
+[B<-crl_check_all>]
+[B<-policy_check>]
+[B<-explicit_policy>]
+[B<-inhibit_any>]
+[B<-inhibit_map>]
+[B<-x509_strict>]
+[B<-extended_crl>]
+[B<-use_deltas>]
+[B<-policy_print>]
 [B<-untrusted file>]
 [B<-help>]
 [B<-issuer_checks>]
@@ -66,6 +78,68 @@ certificate was rejected. However the presence of rejection messages
 does not itself imply that anything is wrong: during the normal
 verify process several rejections may take place.
 
+=item B<-policy arg>
+
+Enable policy processing and add B<arg> to the user-initial-policy-set
+(see RFC3280 et al). The policy B<arg> can be an object name an OID in numeric
+form. This argument can appear more than once.
+
+=item B<-policy_check>
+
+Enables certificate policy processing.
+
+=item B<-explicit_policy>
+
+Set policy variable require-explicit-policy (see RFC3280 et al).
+
+=item B<-inhibit_any>
+
+Set policy variable inhibit-any-policy (see RFC3280 et al).
+
+=item B<-inhibit_map>
+
+Set policy variable inhibit-policy-mapping (see RFC3280 et al).
+
+=item B<-policy_print>
+
+Print out diagnostics, related to policy checking
+
+=item B<-crl_check>
+
+Checks end entity certificate validity by attempting to lookup a valid CRL.
+If a valid CRL cannot be found an error occurs. 
+
+=item B<-crl_check_all>
+
+Checks the validity of B<all> certificates in the chain by attempting
+to lookup valid CRLs.
+
+=item B<-ignore_critical>
+
+Normally if an unhandled critical extension is present which is not
+supported by OpenSSL the certificate is rejected (as required by
+RFC3280 et al). If this option is set critical extensions are
+ignored.
+
+=item B<-x509_strict>
+
+Disable workarounds for broken certificates which have to be disabled
+for strict X.509 compliance.
+
+=item B<-extended_crl>
+
+Enable extended CRL features such as indirect CRLs and alternate CRL
+signing keys.
+
+=item B<-use_deltas>
+
+Enable support for delta CRLs.
+
+=item B<-check_ss_sig>
+
+Verify the signature on the self-signed root CA. This is disabled by default
+because it doesn't add any security.
+
 =item B<->
 
 marks the last option. All arguments following this are assumed to be
@@ -169,9 +243,9 @@ the operation was successful.
 the issuer certificate could not be found: this occurs if the issuer certificate
 of an untrusted certificate cannot be found.
 
-=item B<3 X509_V_ERR_UNABLE_TO_GET_CRL unable to get certificate CRL>
+=item B<3 X509_V_ERR_UNABLE_TO_GET_CRL: unable to get certificate CRL>
 
-the CRL of a certificate could not be found. Unused.
+the CRL of a certificate could not be found.
 
 =item B<4 X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE: unable to decrypt certificate's signature>
 
@@ -194,7 +268,7 @@ the signature of the certificate is invalid.
 
 =item B<8 X509_V_ERR_CRL_SIGNATURE_FAILURE: CRL signature failure>
 
-the signature of the certificate is invalid. Unused.
+the signature of the certificate is invalid.
 
 =item B<9 X509_V_ERR_CERT_NOT_YET_VALID: certificate is not yet valid>
 
@@ -206,11 +280,11 @@ the certificate has expired: that is the notAfter date is before the current tim
 
 =item B<11 X509_V_ERR_CRL_NOT_YET_VALID: CRL is not yet valid>
 
-the CRL is not yet valid. Unused.
+the CRL is not yet valid.
 
 =item B<12 X509_V_ERR_CRL_HAS_EXPIRED: CRL has expired>
 
-the CRL has expired. Unused.
+the CRL has expired.
 
 =item B<13 X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD: format error in certificate's notBefore field>
 
@@ -222,11 +296,11 @@ the certificate notAfter field contains an invalid time.
 
 =item B<15 X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD: format error in CRL's lastUpdate field>
 
-the CRL lastUpdate field contains an invalid time. Unused.
+the CRL lastUpdate field contains an invalid time.
 
 =item B<16 X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD: format error in CRL's nextUpdate field>
 
-the CRL nextUpdate field contains an invalid time. Unused.
+the CRL nextUpdate field contains an invalid time.
 
 =item B<17 X509_V_ERR_OUT_OF_MEM: out of memory>
 
@@ -258,7 +332,7 @@ the certificate chain length is greater than the supplied maximum depth. Unused.
 
 =item B<23 X509_V_ERR_CERT_REVOKED: certificate revoked>
 
-the certificate has been revoked. Unused.
+the certificate has been revoked.
 
 =item B<24 X509_V_ERR_INVALID_CA: invalid CA certificate>
 
diff --git a/doc/apps/x509.pod b/doc/apps/x509.pod
index 21bdfccb9a..3002b08123 100644
--- a/doc/apps/x509.pod
+++ b/doc/apps/x509.pod
@@ -23,6 +23,7 @@ B<openssl> B<x509>
 [B<-issuer>]
 [B<-nameopt option>]
 [B<-email>]
+[B<-ocsp_uri>]
 [B<-startdate>]
 [B<-enddate>]
 [B<-purpose>]
@@ -98,12 +99,12 @@ default.
 
 the digest to use. This affects any signing or display option that uses a message
 digest, such as the B<-fingerprint>, B<-signkey> and B<-CA> options. If not
-specified then MD5 is used. If the key being used to sign with is a DSA key then
-this option has no effect: SHA1 is always used with DSA keys.
+specified then SHA1 is used. If the key being used to sign with is a DSA key
+then this option has no effect: SHA1 is always used with DSA keys.
 
 =item B<-engine id>
 
-specifying an engine (by it's unique B<id> string) will cause B<req>
+specifying an engine (by its unique B<id> string) will cause B<x509>
 to attempt to obtain a functional reference to the specified engine,
 thus initialising it if needed. The engine will then be set as the default
 for all available algorithms.
@@ -155,7 +156,17 @@ outputs the "hash" of the certificate issuer name.
 
 =item B<-hash>
 
-synonym for "-hash" for backward compatibility reasons.
+synonym for "-subject_hash" for backward compatibility reasons.
+
+=item B<-subject_hash_old>
+
+outputs the "hash" of the certificate subject name using the older algorithm
+as used by OpenSSL versions before 1.0.0.
+
+=item B<-issuer_hash_old>
+
+outputs the "hash" of the certificate issuer name using the older algorithm
+as used by OpenSSL versions before 1.0.0.
 
 =item B<-subject>
 
@@ -176,6 +187,10 @@ set multiple options. See the B<NAME OPTIONS> section for more information.
 
 outputs the email address(es) if any.
 
+=item B<-ocsp_uri>
+
+outputs the OCSP responder address(es) if any.
+
 =item B<-startdate>
 
 prints out the start date of the certificate, that is the notBefore date.
@@ -376,7 +391,9 @@ no extensions are added to the certificate.
 the section to add certificate extensions from. If this option is not
 specified then the extensions should either be contained in the unnamed
 (default) section or the default section should contain a variable called
-"extensions" which contains the section to use.
+"extensions" which contains the section to use. See the
+L<x509v3_config(5)|x509v3_config(5)> manual page for details of the
+extension section format.
 
 =back
 
@@ -404,13 +421,13 @@ B<sep_comma_plus>, B<dn_rev> and B<sname>.
 
 a oneline format which is more readable than RFC2253. It is equivalent to
 specifying the  B<esc_2253>, B<esc_ctrl>, B<esc_msb>, B<utf8>, B<dump_nostr>,
-B<dump_der>, B<use_quote>, B<sep_comma_plus_spc>, B<spc_eq> and B<sname>
+B<dump_der>, B<use_quote>, B<sep_comma_plus_space>, B<space_eq> and B<sname>
 options.
 
 =item B<multiline>
 
 a multiline format. It is equivalent B<esc_ctrl>, B<esc_msb>, B<sep_multiline>,
-B<spc_eq>, B<lname> and B<align>.
+B<space_eq>, B<lname> and B<align>.
 
 =item B<esc_2253>
 
@@ -510,7 +527,7 @@ diagnostic purpose.
 align field values for a more readable output. Only usable with
 B<sep_multiline>.
 
-=item B<spc_eq>
+=item B<space_eq>
 
 places spaces round the B<=> character which follows the field
 name.
@@ -620,7 +637,7 @@ Display the certificate subject name in RFC2253 form:
 Display the certificate subject name in oneline form on a terminal
 supporting UTF8:
 
- openssl x509 -in cert.pem -noout -subject -nameopt oneline,-escmsb
+ openssl x509 -in cert.pem -noout -subject -nameopt oneline,-esc_msb
 
 Display the certificate MD5 fingerprint:
 
@@ -823,6 +840,17 @@ OpenSSL 0.9.5 and later.
 =head1 SEE ALSO
 
 L<req(1)|req(1)>, L<ca(1)|ca(1)>, L<genrsa(1)|genrsa(1)>,
-L<gendsa(1)|gendsa(1)>, L<verify(1)|verify(1)>
+L<gendsa(1)|gendsa(1)>, L<verify(1)|verify(1)>,
+L<x509v3_config(5)|x509v3_config(5)> 
+
+=head1 HISTORY
+
+Before OpenSSL 0.9.8, the default digest for RSA keys was MD5.
+
+The hash algorithm used in the B<-subject_hash> and B<-issuer_hash> options
+before OpenSSL 1.0.0 was based on the deprecated MD5 algorithm and the encoding
+of the distinguished name. In OpenSSL 1.0.0 and later it is based on a
+canonical version of the DN using SHA1. This means that any directories using
+the old form must have their links rebuilt using B<c_rehash> or similar. 
 
 =cut
diff --git a/doc/apps/x509v3_config.pod b/doc/apps/x509v3_config.pod
index 09954693a3..0450067cf1 100644
--- a/doc/apps/x509v3_config.pod
+++ b/doc/apps/x509v3_config.pod
@@ -52,7 +52,7 @@ use is defined by the extension code itself: check out the certificate
 policies extension for an example.
 
 If an extension type is unsupported then the I<arbitrary> extension syntax
-must be used, see the L<ARBITRART EXTENSIONS|/"ARBITRARY EXTENSIONS"> section for more details.
+must be used, see the L<ARBITRARY EXTENSIONS|/"ARBITRARY EXTENSIONS"> section for more details.
 
 =head1 STANDARD EXTENSIONS
 
@@ -178,7 +178,7 @@ preceeding the name with a B<+> character.
 
 otherName can include arbitrary data associated with an OID: the value
 should be the OID followed by a semicolon and the content in standard
-ASN1_generate_nconf() format.
+L<ASN1_generate_nconf(3)|ASN1_generate_nconf(3)> format.
 
 Examples:
 
@@ -226,21 +226,82 @@ Example:
 
 =head2 CRL distribution points.
 
-This is a multi-valued extension that supports all the literal options of
-subject alternative name. Of the few software packages that currently interpret
-this extension most only interpret the URI option.
+This is a multi-valued extension whose options can be either in name:value pair
+using the same form as subject alternative name or a single value representing
+a section name containing all the distribution point fields.
 
-Currently each option will set a new DistributionPoint with the fullName
-field set to the given value.
+For a name:value pair a new DistributionPoint with the fullName field set to
+the given value both the cRLissuer and reasons fields are omitted in this case.
 
-Other fields like cRLissuer and reasons cannot currently be set or displayed:
-at this time no examples were available that used these fields.
+In the single option case the section indicated contains values for each
+field. In this section:
 
-Examples:
+If the name is "fullname" the value field should contain the full name
+of the distribution point in the same format as subject alternative name.
+
+If the name is "relativename" then the value field should contain a section
+name whose contents represent a DN fragment to be placed in this field.
+
+The name "CRLIssuer" if present should contain a value for this field in
+subject alternative name format.
+
+If the name is "reasons" the value field should consist of a comma
+separated field containing the reasons. Valid reasons are: "keyCompromise",
+"CACompromise", "affiliationChanged", "superseded", "cessationOfOperation",
+"certificateHold", "privilegeWithdrawn" and "AACompromise".
+
+
+Simple examples:
 
  crlDistributionPoints=URI:http://myhost.com/myca.crl
  crlDistributionPoints=URI:http://my.com/my.crl,URI:http://oth.com/my.crl
 
+Full distribution point example:
+
+ crlDistributionPoints=crldp1_section
+
+ [crldp1_section]
+
+ fullname=URI:http://myhost.com/myca.crl
+ CRLissuer=dirName:issuer_sect
+ reasons=keyCompromise, CACompromise
+
+ [issuer_sect]
+ C=UK
+ O=Organisation
+ CN=Some Name
+
+=head2 Issuing Distribution Point
+
+This extension should only appear in CRLs. It is a multi valued extension
+whose syntax is similar to the "section" pointed to by the CRL distribution
+points extension with a few differences.
+
+The names "reasons" and "CRLissuer" are not recognized.
+
+The name "onlysomereasons" is accepted which sets this field. The value is
+in the same format as the CRL distribution point "reasons" field.
+
+The names "onlyuser", "onlyCA", "onlyAA" and "indirectCRL" are also accepted
+the values should be a boolean value (TRUE or FALSE) to indicate the value of
+the corresponding field.
+
+Example:
+
+ issuingDistributionPoint=critical, @idp_section
+
+ [idp_section]
+
+ fullname=URI:http://myhost.com/myca.crl
+ indirectCRL=TRUE
+ onlysomereasons=keyCompromise, CACompromise
+
+ [issuer_sect]
+ C=UK
+ O=Organisation
+ CN=Some Name
+
+ 
 =head2 Certificate Policies.
 
 This is a I<raw> extension. All the fields of this extension can be set by
@@ -329,6 +390,16 @@ Examples:
  nameConstraints=permitted;email:.somedomain.com
 
  nameConstraints=excluded;email:.com
+issuingDistributionPoint = idp_section
+
+=head2 OCSP No Check
+
+The OCSP No Check extension is a string extension but its value is ignored.
+
+Example:
+
+ noCheck = ignored
+
 
 =head1 DEPRECATED EXTENSIONS
 
@@ -370,7 +441,8 @@ the data is formatted correctly for the given extension type.
 There are two ways to encode arbitrary extensions.
 
 The first way is to use the word ASN1 followed by the extension content
-using the same syntax as ASN1_generate_nconf(). For example:
+using the same syntax as L<ASN1_generate_nconf(3)|ASN1_generate_nconf(3)>.
+For example:
 
  1.2.3.4=critical,ASN1:UTF8String:Some random data
 
@@ -442,15 +514,16 @@ will only recognize the last value. This can be worked around by using the form:
 
 The X509v3 extension code was first added to OpenSSL 0.9.2.
 
-Policy mappings, name constraints, inhibit any policy and name
-constraints support was added in OpenSSL 0.9.8
+Policy mappings, inhibit any policy and name constraints support was added in
+OpenSSL 0.9.8
 
 The B<directoryName> and B<otherName> option as well as the B<ASN1> option
 for arbitrary extensions was added in OpenSSL 0.9.8
 
 =head1 SEE ALSO
 
-L<req(1)|req(1)>, L<ca(1)|ca(1)>, L<x509(1)|x509(1)>
+L<req(1)|req(1)>, L<ca(1)|ca(1)>, L<x509(1)|x509(1)>,
+L<ASN1_generate_nconf(3)|ASN1_generate_nconf(3)>
 
 
 =cut
diff --git a/doc/c-indentation.el b/doc/c-indentation.el
index cbf01cb172..90861d3979 100644
--- a/doc/c-indentation.el
+++ b/doc/c-indentation.el
@@ -20,6 +20,7 @@
 
 (c-add-style "eay"
 	     '((c-basic-offset . 8)
+	       (indent-tabs-mode . t)
 	       (c-comment-only-line-offset . 0)
 	       (c-hanging-braces-alist)
 	       (c-offsets-alist	. ((defun-open . +)
diff --git a/doc/crypto/ASN1_OBJECT_new.pod b/doc/crypto/ASN1_OBJECT_new.pod
index 51679bfcd9..9bae40fccf 100644
--- a/doc/crypto/ASN1_OBJECT_new.pod
+++ b/doc/crypto/ASN1_OBJECT_new.pod
@@ -6,6 +6,8 @@ ASN1_OBJECT_new, ASN1_OBJECT_free, - object allocation functions
 
 =head1 SYNOPSIS
 
+ #include <openssl/asn1.h>
+
  ASN1_OBJECT *ASN1_OBJECT_new(void);
  void ASN1_OBJECT_free(ASN1_OBJECT *a);
 
diff --git a/doc/crypto/ASN1_STRING_length.pod b/doc/crypto/ASN1_STRING_length.pod
index c4ec693f17..a08e9a0fa4 100644
--- a/doc/crypto/ASN1_STRING_length.pod
+++ b/doc/crypto/ASN1_STRING_length.pod
@@ -8,6 +8,8 @@ ASN1_STRING utility functions
 
 =head1 SYNOPSIS
 
+ #include <openssl/asn1.h>
+
  int ASN1_STRING_length(ASN1_STRING *x);
  unsigned char * ASN1_STRING_data(ASN1_STRING *x);
 
diff --git a/doc/crypto/ASN1_STRING_new.pod b/doc/crypto/ASN1_STRING_new.pod
index 5b1bbb7eb2..8ac2a03ae2 100644
--- a/doc/crypto/ASN1_STRING_new.pod
+++ b/doc/crypto/ASN1_STRING_new.pod
@@ -7,6 +7,8 @@ ASN1_STRING allocation functions
 
 =head1 SYNOPSIS
 
+ #include <openssl/asn1.h>
+
  ASN1_STRING * ASN1_STRING_new(void);
  ASN1_STRING * ASN1_STRING_type_new(int type);
  void ASN1_STRING_free(ASN1_STRING *a);
diff --git a/doc/crypto/ASN1_STRING_print_ex.pod b/doc/crypto/ASN1_STRING_print_ex.pod
index d662225b87..3891b88791 100644
--- a/doc/crypto/ASN1_STRING_print_ex.pod
+++ b/doc/crypto/ASN1_STRING_print_ex.pod
@@ -43,9 +43,9 @@ interprets UTF8 sequences.
 
 Escaping takes several forms.
 
-If the character being escaped is a 16 bit character then the form "\WXXXX" is used
+If the character being escaped is a 16 bit character then the form "\UXXXX" is used
 using exactly four characters for the hex representation. If it is 32 bits then
-"\UXXXXXXXX" is used using eight characters of its hex representation. These forms
+"\WXXXXXXXX" is used using eight characters of its hex representation. These forms
 will only be used if UTF8 conversion is not set (see below).
 
 Printable characters are normally escaped using the backslash '\' character. If
diff --git a/doc/crypto/ASN1_generate_nconf.pod b/doc/crypto/ASN1_generate_nconf.pod
index ba6e3c2e81..542fd1579a 100644
--- a/doc/crypto/ASN1_generate_nconf.pod
+++ b/doc/crypto/ASN1_generate_nconf.pod
@@ -6,6 +6,8 @@ ASN1_generate_nconf, ASN1_generate_v3 - ASN1 generation functions
 
 =head1 SYNOPSIS
 
+ #include <openssl/asn1.h>
+
  ASN1_TYPE *ASN1_generate_nconf(char *str, CONF *nconf);
  ASN1_TYPE *ASN1_generate_v3(char *str, X509V3_CTX *cnf);
 
@@ -28,7 +30,11 @@ The actual data encoded is determined by the string B<str> and
 the configuration information. The general format of the string
 is:
 
- B<[modifier,]type[:value]>
+=over 2
+
+=item B<[modifier,]type[:value]>
+
+=back
 
 That is zero or more comma separated modifiers followed by a type
 followed by an optional colon and a value. The formats of B<type>,
@@ -81,13 +87,13 @@ the format B<YYYYMMDDHHMMSSZ>.
 
 =item B<OCTETSTRING>, B<OCT>
 
-Emcodes an ASN1 B<OCTET STRING>. B<value> represents the contents
+Encodes an ASN1 B<OCTET STRING>. B<value> represents the contents
 of this structure, the format strings B<ASCII> and B<HEX> can be
 used to specify the format of B<value>.
 
-=item B<BITSRING>, B<BITSTR>
+=item B<BITSTRING>, B<BITSTR>
 
-Emcodes an ASN1 B<BIT STRING>. B<value> represents the contents
+Encodes an ASN1 B<BIT STRING>. B<value> represents the contents
 of this structure, the format strings B<ASCII>, B<HEX> and B<BITLIST>
 can be used to specify the format of B<value>.
 
@@ -97,7 +103,8 @@ bits is set to zero.
 =item B<UNIVERSALSTRING>, B<UNIV>, B<IA5>, B<IA5STRING>, B<UTF8>,
 B<UTF8String>, B<BMP>, B<BMPSTRING>, B<VISIBLESTRING>,
 B<VISIBLE>, B<PRINTABLESTRING>, B<PRINTABLE>, B<T61>,
-B<T61STRING>, B<TELETEXSTRING>, B<GeneralString>
+B<T61STRING>, B<TELETEXSTRING>, B<GeneralString>, B<NUMERICSTRING>,
+B<NUMERIC>
 
 These encode the corresponding string types. B<value> represents the
 contents of this structure. The format can be B<ASCII> or B<UTF8>.
@@ -147,10 +154,11 @@ bits is set to zero.
 This specifies the format of the ultimate value. It should be followed
 by a colon and one of the strings B<ASCII>, B<UTF8>, B<HEX> or B<BITLIST>.
 
-If no format specifier is included then B<ASCII> is used. If B<UTF8> is specified
-then the value string must be a valid B<UTF8> string. For B<HEX> the output must
-be a set of hex digits. B<BITLIST> (which is only valid for a BIT STRING) is a
-comma separated list of set bits.
+If no format specifier is included then B<ASCII> is used. If B<UTF8> is
+specified then the value string must be a valid B<UTF8> string. For B<HEX> the
+output must be a set of hex digits. B<BITLIST> (which is only valid for a BIT
+STRING) is a comma separated list of the indices of the set bits, all other
+bits are zero.
 
 =back
 
@@ -168,16 +176,20 @@ An IA5String explicitly tagged using APPLICATION tagging:
 
  EXPLICIT:0A,IA5STRING:Hello World
 
+A BITSTRING with bits 1 and 5 set and all others zero:
+
+ FORMAT:BITLIST,BITSTRING:1,5
+
 A more complex example using a config file to produce a
 SEQUENCE consiting of a BOOL an OID and a UTF8String:
 
-asn1 = SEQUENCE:seq_section
+ asn1 = SEQUENCE:seq_section
 
-[seq_section]
+ [seq_section]
 
-field1 = BOOLEAN:TRUE
-field2 = OID:commonName
-field3 = UTF8:Third field
+ field1 = BOOLEAN:TRUE
+ field2 = OID:commonName
+ field3 = UTF8:Third field
 
 This example produces an RSAPrivateKey structure, this is the
 key contained in the file client.pem in all OpenSSL distributions
diff --git a/doc/crypto/BIO_f_base64.pod b/doc/crypto/BIO_f_base64.pod
index 929557d22f..438af3b6b6 100644
--- a/doc/crypto/BIO_f_base64.pod
+++ b/doc/crypto/BIO_f_base64.pod
@@ -63,7 +63,7 @@ data to standard output:
  bio = BIO_new_fp(stdin, BIO_NOCLOSE);
  bio_out = BIO_new_fp(stdout, BIO_NOCLOSE);
  bio = BIO_push(b64, bio);
- while((inlen = BIO_read(bio, inbuf, 512) > 0) 
+ while((inlen = BIO_read(bio, inbuf, 512)) > 0) 
 	BIO_write(bio_out, inbuf, inlen);
 
  BIO_free_all(bio);
diff --git a/doc/crypto/BIO_f_md.pod b/doc/crypto/BIO_f_md.pod
index 0d24083e6d..2cc41f89d2 100644
--- a/doc/crypto/BIO_f_md.pod
+++ b/doc/crypto/BIO_f_md.pod
@@ -58,6 +58,12 @@ If an application needs to call BIO_gets() or BIO_puts() through
 a chain containing digest BIOs then this can be done by prepending
 a buffering BIO.
 
+Before OpenSSL 1.0.0 the call to BIO_get_md_ctx() would only work if the BIO
+had been initialized for example by calling BIO_set_md() ). In OpenSSL
+1.0.0 and later the context is always returned and the BIO is state is set
+to initialized. This allows applications to initialize the context externally
+if the standard calls such as BIO_set_md() are not sufficiently flexible.
+
 =head1 RETURN VALUES
 
 BIO_f_md() returns the digest BIO method.
diff --git a/doc/crypto/BIO_f_ssl.pod b/doc/crypto/BIO_f_ssl.pod
index f0b731731f..bc5861ab34 100644
--- a/doc/crypto/BIO_f_ssl.pod
+++ b/doc/crypto/BIO_f_ssl.pod
@@ -308,6 +308,15 @@ a client and also echoes the request to standard output.
 
  BIO_free_all(sbio);
 
+=head1 BUGS
+
+In OpenSSL versions before 1.0.0 the BIO_pop() call was handled incorrectly,
+the I/O BIO reference count was incorrectly incremented (instead of
+decremented) and dissociated with the SSL BIO even if the SSL BIO was not
+explicitly being popped (e.g. a pop higher up the chain). Applications which
+included workarounds for this bug (e.g. freeing BIOs more than once) should
+be modified to handle this fix or they may free up an already freed BIO.
+
 =head1 SEE ALSO
 
 TBA
diff --git a/doc/crypto/BIO_new_CMS.pod b/doc/crypto/BIO_new_CMS.pod
new file mode 100644
index 0000000000..9e3a4b7f89
--- /dev/null
+++ b/doc/crypto/BIO_new_CMS.pod
@@ -0,0 +1,66 @@
+=pod
+
+=head1 NAME
+
+ BIO_new_CMS - CMS streaming filter BIO
+
+=head1 SYNOPSIS
+
+ #include <openssl/cms.h>
+
+ BIO *BIO_new_CMS(BIO *out, CMS_ContentInfo *cms);
+
+=head1 DESCRIPTION
+
+BIO_new_CMS() returns a streaming filter BIO chain based on B<cms>. The output
+of the filter is written to B<out>. Any data written to the chain is
+automatically translated to a BER format CMS structure of the appropriate type.
+
+=head1 NOTES
+
+The chain returned by this function behaves like a standard filter BIO. It
+supports non blocking I/O. Content is processed and streamed on the fly and not
+all held in memory at once: so it is possible to encode very large structures.
+After all content has been written through the chain BIO_flush() must be called
+to finalise the structure.
+
+The B<CMS_STREAM> flag must be included in the corresponding B<flags>
+parameter of the B<cms> creation function.
+
+If an application wishes to write additional data to B<out> BIOs should be
+removed from the chain using BIO_pop() and freed with BIO_free() until B<out>
+is reached. If no additional data needs to be written BIO_free_all() can be
+called to free up the whole chain.
+
+Any content written through the filter is used verbatim: no canonical
+translation is performed.
+
+It is possible to chain multiple BIOs to, for example, create a triple wrapped
+signed, enveloped, signed structure. In this case it is the applications
+responsibility to set the inner content type of any outer CMS_ContentInfo
+structures.
+
+Large numbers of small writes through the chain should be avoided as this will
+produce an output consisting of lots of OCTET STRING structures. Prepending
+a BIO_f_buffer() buffering BIO will prevent this.
+
+=head1 BUGS
+
+There is currently no corresponding inverse BIO: i.e. one which can decode
+a CMS structure on the fly.
+
+=head1 RETURN VALUES
+
+BIO_new_CMS() returns a BIO chain when successful or NULL if an error
+occurred. The error can be obtained from ERR_get_error(3).
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_sign(3)|CMS_sign(3)>,
+L<CMS_encrypt(3)|CMS_encrypt(3)>
+
+=head1 HISTORY
+
+BIO_new_CMS() was added to OpenSSL 1.0.0
+
+=cut
diff --git a/doc/crypto/BIO_s_mem.pod b/doc/crypto/BIO_s_mem.pod
index 19648acfae..8f85e0dcee 100644
--- a/doc/crypto/BIO_s_mem.pod
+++ b/doc/crypto/BIO_s_mem.pod
@@ -74,7 +74,7 @@ Writes to memory BIOs will always succeed if memory is available: that is
 their size can grow indefinitely.
 
 Every read from a read write memory BIO will remove the data just read with
-an internal copy operation, if a BIO contains a lots of data and it is
+an internal copy operation, if a BIO contains a lot of data and it is
 read in small chunks the operation can be very slow. The use of a read only
 memory BIO avoids this problem. If the BIO must be read write then adding
 a buffering BIO to the chain will speed up the process.
diff --git a/doc/crypto/BIO_set_callback.pod b/doc/crypto/BIO_set_callback.pod
index 9b6961ca8d..4759556245 100644
--- a/doc/crypto/BIO_set_callback.pod
+++ b/doc/crypto/BIO_set_callback.pod
@@ -17,7 +17,7 @@ BIO_debug_callback - BIO callback functions
  long BIO_debug_callback(BIO *bio,int cmd,const char *argp,int argi,
 	long argl,long ret);
 
- typedef long callback(BIO *b, int oper, const char *argp,
+ typedef long (*callback)(BIO *b, int oper, const char *argp,
 			int argi, long argl, long retvalue);
 
 =head1 DESCRIPTION
diff --git a/doc/crypto/BN_BLINDING_new.pod b/doc/crypto/BN_BLINDING_new.pod
new file mode 100644
index 0000000000..5f51fdb470
--- /dev/null
+++ b/doc/crypto/BN_BLINDING_new.pod
@@ -0,0 +1,115 @@
+=pod
+
+=head1 NAME
+
+BN_BLINDING_new, BN_BLINDING_free, BN_BLINDING_update, BN_BLINDING_convert, 
+BN_BLINDING_invert, BN_BLINDING_convert_ex, BN_BLINDING_invert_ex, 
+BN_BLINDING_get_thread_id, BN_BLINDING_set_thread_id, BN_BLINDING_get_flags,
+BN_BLINDING_set_flags, BN_BLINDING_create_param - blinding related BIGNUM
+functions.
+
+=head1 SYNOPSIS
+
+ #include <openssl/bn.h>
+
+ BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai,
+	BIGNUM *mod);
+ void BN_BLINDING_free(BN_BLINDING *b);
+ int BN_BLINDING_update(BN_BLINDING *b,BN_CTX *ctx);
+ int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
+ int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
+ int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b,
+	BN_CTX *ctx);
+ int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b,
+	BN_CTX *ctx);
+ #ifndef OPENSSL_NO_DEPRECATED
+ unsigned long BN_BLINDING_get_thread_id(const BN_BLINDING *);
+ void BN_BLINDING_set_thread_id(BN_BLINDING *, unsigned long);
+ #endif
+ CRYPTO_THREADID *BN_BLINDING_thread_id(BN_BLINDING *);
+ unsigned long BN_BLINDING_get_flags(const BN_BLINDING *);
+ void BN_BLINDING_set_flags(BN_BLINDING *, unsigned long);
+ BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b,
+	const BIGNUM *e, BIGNUM *m, BN_CTX *ctx,
+	int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+			  const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx),
+	BN_MONT_CTX *m_ctx);
+
+=head1 DESCRIPTION
+
+BN_BLINDING_new() allocates a new B<BN_BLINDING> structure and copies
+the B<A> and B<Ai> values into the newly created B<BN_BLINDING> object.
+
+BN_BLINDING_free() frees the B<BN_BLINDING> structure.
+
+BN_BLINDING_update() updates the B<BN_BLINDING> parameters by squaring
+the B<A> and B<Ai> or, after specific number of uses and if the
+necessary parameters are set, by re-creating the blinding parameters.
+
+BN_BLINDING_convert_ex() multiplies B<n> with the blinding factor B<A>.
+If B<r> is not NULL a copy the inverse blinding factor B<Ai> will be
+returned in B<r> (this is useful if a B<RSA> object is shared amoung
+several threads). BN_BLINDING_invert_ex() multiplies B<n> with the
+inverse blinding factor B<Ai>. If B<r> is not NULL it will be used as
+the inverse blinding.
+
+BN_BLINDING_convert() and BN_BLINDING_invert() are wrapper
+functions for BN_BLINDING_convert_ex() and BN_BLINDING_invert_ex()
+with B<r> set to NULL.
+
+BN_BLINDING_thread_id() provides access to the B<CRYPTO_THREADID>
+object within the B<BN_BLINDING> structure. This is to help users
+provide proper locking if needed for multi-threaded use. The "thread
+id" object of a newly allocated B<BN_BLINDING> structure is
+initialised to the thread id in which BN_BLINDING_new() was called.
+
+BN_BLINDING_get_flags() returns the BN_BLINDING flags. Currently
+there are two supported flags: B<BN_BLINDING_NO_UPDATE> and
+B<BN_BLINDING_NO_RECREATE>. B<BN_BLINDING_NO_UPDATE> inhibits the
+automatic update of the B<BN_BLINDING> parameters after each use
+and B<BN_BLINDING_NO_RECREATE> inhibits the automatic re-creation
+of the B<BN_BLINDING> parameters after a fixed number of uses (currently
+32). In newly allocated B<BN_BLINDING> objects no flags are set.
+BN_BLINDING_set_flags() sets the B<BN_BLINDING> parameters flags.
+
+BN_BLINDING_create_param() creates new B<BN_BLINDING> parameters
+using the exponent B<e> and the modulus B<m>. B<bn_mod_exp> and
+B<m_ctx> can be used to pass special functions for exponentiation
+(normally BN_mod_exp_mont() and B<BN_MONT_CTX>).
+
+=head1 RETURN VALUES
+
+BN_BLINDING_new() returns the newly allocated B<BN_BLINDING> structure
+or NULL in case of an error.
+
+BN_BLINDING_update(), BN_BLINDING_convert(), BN_BLINDING_invert(),
+BN_BLINDING_convert_ex() and BN_BLINDING_invert_ex() return 1 on
+success and 0 if an error occured.
+
+BN_BLINDING_thread_id() returns a pointer to the thread id object
+within a B<BN_BLINDING> object.
+
+BN_BLINDING_get_flags() returns the currently set B<BN_BLINDING> flags
+(a B<unsigned long> value).
+
+BN_BLINDING_create_param() returns the newly created B<BN_BLINDING> 
+parameters or NULL on error.
+
+=head1 SEE ALSO
+
+L<bn(3)|bn(3)>
+
+=head1 HISTORY
+
+BN_BLINDING_thread_id was first introduced in OpenSSL 1.0.0, and it
+deprecates BN_BLINDING_set_thread_id and BN_BLINDING_get_thread_id.
+
+BN_BLINDING_convert_ex, BN_BLINDIND_invert_ex, BN_BLINDING_get_thread_id,
+BN_BLINDING_set_thread_id, BN_BLINDING_set_flags, BN_BLINDING_get_flags
+and BN_BLINDING_create_param were first introduced in OpenSSL 0.9.8
+
+=head1 AUTHOR
+
+Nils Larsch for the OpenSSL project (http://www.openssl.org).
+
+=cut
diff --git a/doc/crypto/BN_add_word.pod b/doc/crypto/BN_add_word.pod
index 94244adea4..70667d2893 100644
--- a/doc/crypto/BN_add_word.pod
+++ b/doc/crypto/BN_add_word.pod
@@ -29,11 +29,11 @@ BN_add_word() adds B<w> to B<a> (C<a+=w>).
 
 BN_sub_word() subtracts B<w> from B<a> (C<a-=w>).
 
-BN_mul_word() multiplies B<a> and B<w> (C<a*=b>).
+BN_mul_word() multiplies B<a> and B<w> (C<a*=w>).
 
 BN_div_word() divides B<a> by B<w> (C<a/=w>) and returns the remainder.
 
-BN_mod_word() returns the remainder of B<a> divided by B<w> (C<a%m>).
+BN_mod_word() returns the remainder of B<a> divided by B<w> (C<a%w>).
 
 For BN_div_word() and BN_mod_word(), B<w> must not be 0.
 
@@ -42,7 +42,8 @@ For BN_div_word() and BN_mod_word(), B<w> must not be 0.
 BN_add_word(), BN_sub_word() and BN_mul_word() return 1 for success, 0
 on error. The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
 
-BN_mod_word() and BN_div_word() return B<a>%B<w>.
+BN_mod_word() and BN_div_word() return B<a>%B<w> on success and
+B<(BN_ULONG)-1> if an error occurred.
 
 =head1 SEE ALSO
 
@@ -54,4 +55,7 @@ BN_add_word() and BN_mod_word() are available in all versions of
 SSLeay and OpenSSL. BN_div_word() was added in SSLeay 0.8, and
 BN_sub_word() and BN_mul_word() in SSLeay 0.9.0.
 
+Before 0.9.8a the return value for BN_div_word() and BN_mod_word()
+in case of an error was 0.
+
 =cut
diff --git a/doc/crypto/CMS_add0_cert.pod b/doc/crypto/CMS_add0_cert.pod
new file mode 100644
index 0000000000..9c13f488f6
--- /dev/null
+++ b/doc/crypto/CMS_add0_cert.pod
@@ -0,0 +1,66 @@
+=pod
+
+=head1 NAME
+
+ CMS_add0_cert, CMS_add1_cert, CMS_get1_certs, CMS_add0_crl, CMS_get1_crls, - CMS certificate and CRL utility functions
+
+=head1 SYNOPSIS
+
+ #include <openssl/cms.h>
+
+ int CMS_add0_cert(CMS_ContentInfo *cms, X509 *cert);
+ int CMS_add1_cert(CMS_ContentInfo *cms, X509 *cert);
+ STACK_OF(X509) *CMS_get1_certs(CMS_ContentInfo *cms);
+
+ int CMS_add0_crl(CMS_ContentInfo *cms, X509_CRL *crl);
+ int CMS_add1_crl(CMS_ContentInfo *cms, X509_CRL *crl);
+ STACK_OF(X509_CRL) *CMS_get1_crls(CMS_ContentInfo *cms);
+
+
+=head1 DESCRIPTION
+
+CMS_add0_cert() and CMS_add1_cert() add certificate B<cert> to B<cms>.
+must be of type signed data or enveloped data. 
+
+CMS_get1_certs() returns all certificates in B<cms>.
+
+CMS_add0_crl() and CMS_add1_crl() add CRL B<crl> to B<cms>. CMS_get1_crls()
+returns any CRLs in B<cms>.
+
+=head1 NOTES
+
+The CMS_ContentInfo structure B<cms> must be of type signed data or enveloped
+data or an error will be returned.
+
+For signed data certificates and CRLs are added to the B<certificates> and
+B<crls> fields of SignedData structure. For enveloped data they are added to
+B<OriginatorInfo>.
+
+As the B<0> implies CMS_add0_cert() adds B<cert> internally to B<cms> and it
+must not be freed up after the call as opposed to CMS_add1_cert() where B<cert>
+must be freed up.
+
+The same certificate or CRL must not be added to the same cms structure more
+than once.
+
+=head1 RETURN VALUES
+
+CMS_add0_cert(), CMS_add1_cert() and CMS_add0_crl() and CMS_add1_crl() return
+1 for success and 0 for failure. 
+
+CMS_get1_certs() and CMS_get1_crls() return the STACK of certificates or CRLs
+or NULL if there are none or an error occurs. The only error which will occur
+in practice is if the B<cms> type is invalid.
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>,
+L<CMS_sign(3)|CMS_sign(3)>,
+L<CMS_encrypt(3)|CMS_encrypt(3)>
+
+=head1 HISTORY
+
+CMS_add0_cert(), CMS_add1_cert(), CMS_get1_certs(), CMS_add0_crl()
+and CMS_get1_crls() were all first added to OpenSSL 0.9.8
+
+=cut
diff --git a/doc/crypto/CMS_add1_recipient_cert.pod b/doc/crypto/CMS_add1_recipient_cert.pod
new file mode 100644
index 0000000000..d7d8e2532c
--- /dev/null
+++ b/doc/crypto/CMS_add1_recipient_cert.pod
@@ -0,0 +1,62 @@
+=pod
+
+=head1 NAME
+
+ CMS_add1_recipient_cert, CMS_add0_recipient_key - add recipients to a CMS enveloped data structure
+
+=head1 SYNOPSIS
+
+ #include <openssl/cms.h>
+
+ CMS_RecipientInfo *CMS_add1_recipient_cert(CMS_ContentInfo *cms, X509 *recip, unsigned int flags);
+
+ CMS_RecipientInfo *CMS_add0_recipient_key(CMS_ContentInfo *cms, int nid, unsigned char *key, size_t keylen, unsigned char *id, size_t idlen, ASN1_GENERALIZEDTIME *date, ASN1_OBJECT *otherTypeId, ASN1_TYPE *otherType);
+
+=head1 DESCRIPTION
+
+CMS_add1_recipient_cert() adds recipient B<recip> to CMS_ContentInfo enveloped
+data structure B<cms> as a KeyTransRecipientInfo structure.
+
+CMS_add0_recipient_key() adds symmetric key B<key> of length B<keylen> using
+wrapping algorithm B<nid>, identifier B<id> of length B<idlen> and optional
+values B<date>, B<otherTypeId> and B<otherType> to CMS_ContentInfo enveloped
+data structure B<cms> as a KEKRecipientInfo structure.
+
+The CMS_ContentInfo structure should be obtained from an initial call to
+CMS_encrypt() with the flag B<CMS_PARTIAL> set.
+
+=head1 NOTES
+
+The main purpose of this function is to provide finer control over a CMS
+enveloped data structure where the simpler CMS_encrypt() function defaults are
+not appropriate. For example if one or more KEKRecipientInfo structures
+need to be added. New attributes can also be added using the returned
+CMS_RecipientInfo structure and the CMS attribute utility functions.
+
+OpenSSL will by default identify recipient certificates using issuer name
+and serial number. If B<CMS_USE_KEYID> is set it will use the subject key
+identifier value instead. An error occurs if all recipient certificates do not
+have a subject key identifier extension.
+
+Currently only AES based key wrapping algorithms are supported for B<nid>,
+specifically: NID_id_aes128_wrap, NID_id_aes192_wrap and NID_id_aes256_wrap.
+If B<nid> is set to B<NID_undef> then an AES wrap algorithm will be used
+consistent with B<keylen>.
+
+=head1 RETURN VALUES
+
+CMS_add1_recipient_cert() and CMS_add0_recipient_key() return an internal
+pointer to the CMS_RecipientInfo structure just added or NULL if an error
+occurs.
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_decrypt(3)|CMS_decrypt(3)>,
+L<CMS_final(3)|CMS_final(3)>,
+
+=head1 HISTORY
+
+CMS_add1_recipient_cert() and CMS_add0_recipient_key() were added to OpenSSL
+0.9.8
+
+=cut
diff --git a/doc/crypto/CMS_compress.pod b/doc/crypto/CMS_compress.pod
new file mode 100644
index 0000000000..0a0715271d
--- /dev/null
+++ b/doc/crypto/CMS_compress.pod
@@ -0,0 +1,73 @@
+=pod
+
+=head1 NAME
+
+CMS_compress - create a CMS CompressedData structure
+
+=head1 SYNOPSIS
+
+ #include <openssl/cms.h>
+
+ CMS_ContentInfo *CMS_compress(BIO *in, int comp_nid, unsigned int flags);
+
+=head1 DESCRIPTION
+
+CMS_compress() creates and returns a CMS CompressedData structure. B<comp_nid>
+is the compression algorithm to use or B<NID_undef> to use the default
+algorithm (zlib compression). B<in> is the content to be compressed.
+B<flags> is an optional set of flags.
+
+=head1 NOTES
+
+The only currently supported compression algorithm is zlib using the NID
+NID_zlib_compression.
+
+If zlib support is not compiled into OpenSSL then CMS_compress() will return
+an error.
+
+If the B<CMS_TEXT> flag is set MIME headers for type B<text/plain> are
+prepended to the data.
+
+Normally the supplied content is translated into MIME canonical format (as
+required by the S/MIME specifications) if B<CMS_BINARY> is set no translation
+occurs. This option should be used if the supplied data is in binary format
+otherwise the translation will corrupt it. If B<CMS_BINARY> is set then
+B<CMS_TEXT> is ignored.
+
+If the B<CMS_STREAM> flag is set a partial B<CMS_ContentInfo> structure is
+returned suitable for streaming I/O: no data is read from the BIO B<in>.
+
+The compressed data is included in the CMS_ContentInfo structure, unless
+B<CMS_DETACHED> is set in which case it is omitted. This is rarely used in
+practice and is not supported by SMIME_write_CMS().
+
+=head1 NOTES
+
+If the flag B<CMS_STREAM> is set the returned B<CMS_ContentInfo> structure is
+B<not> complete and outputting its contents via a function that does not
+properly finalize the B<CMS_ContentInfo> structure will give unpredictable
+results.
+
+Several functions including SMIME_write_CMS(), i2d_CMS_bio_stream(),
+PEM_write_bio_CMS_stream() finalize the structure. Alternatively finalization
+can be performed by obtaining the streaming ASN1 B<BIO> directly using
+BIO_new_CMS().
+
+Additional compression parameters such as the zlib compression level cannot
+currently be set.
+
+=head1 RETURN VALUES
+
+CMS_compress() returns either a CMS_ContentInfo structure or NULL if an error
+occurred. The error can be obtained from ERR_get_error(3).
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_uncompress(3)|CMS_uncompress(3)>
+
+=head1 HISTORY
+
+CMS_compress() was added to OpenSSL 0.9.8
+The B<CMS_STREAM> flag was first supported in OpenSSL 1.0.0.
+
+=cut
diff --git a/doc/crypto/CMS_decrypt.pod b/doc/crypto/CMS_decrypt.pod
new file mode 100644
index 0000000000..d857e4f93f
--- /dev/null
+++ b/doc/crypto/CMS_decrypt.pod
@@ -0,0 +1,65 @@
+=pod
+
+=head1 NAME
+
+ CMS_decrypt - decrypt content from a CMS envelopedData structure
+
+=head1 SYNOPSIS
+
+ #include <openssl/cms.h>
+
+ int CMS_decrypt(CMS_ContentInfo *cms, EVP_PKEY *pkey, X509 *cert, BIO *dcont, BIO *out, unsigned int flags);
+
+=head1 DESCRIPTION
+
+CMS_decrypt() extracts and decrypts the content from a CMS EnvelopedData
+structure. B<pkey> is the private key of the recipient, B<cert> is the
+recipient's certificate, B<out> is a BIO to write the content to and
+B<flags> is an optional set of flags.
+
+The B<dcont> parameter is used in the rare case where the encrypted content
+is detached. It will normally be set to NULL.
+
+=head1 NOTES
+
+OpenSSL_add_all_algorithms() (or equivalent) should be called before using this
+function or errors about unknown algorithms will occur.
+
+Although the recipients certificate is not needed to decrypt the data it is
+needed to locate the appropriate (of possible several) recipients in the CMS
+structure. If B<cert> is set to NULL all possible recipients are tried.
+
+It is possible to determine the correct recipient key by other means (for
+example looking them up in a database) and setting them in the CMS structure
+in advance using the CMS utility functions such as CMS_set1_pkey(). In this
+case both B<cert> and B<pkey> should be set to NULL.
+
+To process KEKRecipientInfo types CMS_set1_key() or CMS_RecipientInfo_set0_key()
+and CMS_ReceipientInfo_decrypt() should be called before CMS_decrypt() and
+B<cert> and B<pkey> set to NULL.
+
+The following flags can be passed in the B<flags> parameter.
+
+If the B<CMS_TEXT> flag is set MIME headers for type B<text/plain> are deleted
+from the content. If the content is not of type B<text/plain> then an error is
+returned.
+
+=head1 RETURN VALUES
+
+CMS_decrypt() returns either 1 for success or 0 for failure.
+The error can be obtained from ERR_get_error(3)
+
+=head1 BUGS
+
+The lack of single pass processing and the need to hold all data in memory as
+mentioned in CMS_verify() also applies to CMS_decrypt().
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_encrypt(3)|CMS_encrypt(3)>
+
+=head1 HISTORY
+
+CMS_decrypt() was added to OpenSSL 0.9.8
+
+=cut
diff --git a/doc/crypto/CMS_encrypt.pod b/doc/crypto/CMS_encrypt.pod
new file mode 100644
index 0000000000..1ee5b275ec
--- /dev/null
+++ b/doc/crypto/CMS_encrypt.pod
@@ -0,0 +1,96 @@
+=pod
+
+=head1 NAME
+
+ CMS_encrypt - create a CMS envelopedData structure
+
+=head1 SYNOPSIS
+
+ #include <openssl/cms.h>
+
+ CMS_ContentInfo *CMS_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher, unsigned int flags);
+
+=head1 DESCRIPTION
+
+CMS_encrypt() creates and returns a CMS EnvelopedData structure. B<certs>
+is a list of recipient certificates. B<in> is the content to be encrypted.
+B<cipher> is the symmetric cipher to use. B<flags> is an optional set of flags.
+
+=head1 NOTES
+
+Only certificates carrying RSA keys are supported so the recipient certificates
+supplied to this function must all contain RSA public keys, though they do not
+have to be signed using the RSA algorithm.
+
+EVP_des_ede3_cbc() (triple DES) is the algorithm of choice for S/MIME use
+because most clients will support it.
+
+The algorithm passed in the B<cipher> parameter must support ASN1 encoding of
+its parameters. 
+
+Many browsers implement a "sign and encrypt" option which is simply an S/MIME
+envelopedData containing an S/MIME signed message. This can be readily produced
+by storing the S/MIME signed message in a memory BIO and passing it to
+CMS_encrypt().
+
+The following flags can be passed in the B<flags> parameter.
+
+If the B<CMS_TEXT> flag is set MIME headers for type B<text/plain> are
+prepended to the data.
+
+Normally the supplied content is translated into MIME canonical format (as
+required by the S/MIME specifications) if B<CMS_BINARY> is set no translation
+occurs. This option should be used if the supplied data is in binary format
+otherwise the translation will corrupt it. If B<CMS_BINARY> is set then
+B<CMS_TEXT> is ignored.
+
+OpenSSL will by default identify recipient certificates using issuer name
+and serial number. If B<CMS_USE_KEYID> is set it will use the subject key
+identifier value instead. An error occurs if all recipient certificates do not
+have a subject key identifier extension.
+
+If the B<CMS_STREAM> flag is set a partial B<CMS_ContentInfo> structure is
+returned suitable for streaming I/O: no data is read from the BIO B<in>.
+
+If the B<CMS_PARTIAL> flag is set a partial B<CMS_ContentInfo> structure is
+returned to which additional recipients and attributes can be added before
+finalization.
+
+The data being encrypted is included in the CMS_ContentInfo structure, unless
+B<CMS_DETACHED> is set in which case it is omitted. This is rarely used in
+practice and is not supported by SMIME_write_CMS().
+
+=head1 NOTES
+
+If the flag B<CMS_STREAM> is set the returned B<CMS_ContentInfo> structure is
+B<not> complete and outputting its contents via a function that does not
+properly finalize the B<CMS_ContentInfo> structure will give unpredictable
+results.
+
+Several functions including SMIME_write_CMS(), i2d_CMS_bio_stream(),
+PEM_write_bio_CMS_stream() finalize the structure. Alternatively finalization
+can be performed by obtaining the streaming ASN1 B<BIO> directly using
+BIO_new_CMS().
+
+The recipients specified in B<certs> use a CMS KeyTransRecipientInfo info
+structure. KEKRecipientInfo is also supported using the flag B<CMS_PARTIAL>
+and CMS_add0_recipient_key().
+
+The parameter B<certs> may be NULL if B<CMS_PARTIAL> is set and recipients
+added later using CMS_add1_recipient_cert() or CMS_add0_recipient_key().
+
+=head1 RETURN VALUES
+
+CMS_encrypt() returns either a CMS_ContentInfo structure or NULL if an error
+occurred. The error can be obtained from ERR_get_error(3).
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_decrypt(3)|CMS_decrypt(3)>
+
+=head1 HISTORY
+
+CMS_decrypt() was added to OpenSSL 0.9.8
+The B<CMS_STREAM> flag was first supported in OpenSSL 1.0.0.
+
+=cut
diff --git a/doc/crypto/CMS_final.pod b/doc/crypto/CMS_final.pod
new file mode 100644
index 0000000000..36cf96b8a0
--- /dev/null
+++ b/doc/crypto/CMS_final.pod
@@ -0,0 +1,41 @@
+=pod
+
+=head1 NAME
+
+ CMS_final - finalise a CMS_ContentInfo structure
+
+=head1 SYNOPSIS
+
+ #include <openssl/cms.h>
+
+ int CMS_final(CMS_ContentInfo *cms, BIO *data, BIO *dcont, unsigned int flags);
+
+=head1 DESCRIPTION
+
+CMS_final() finalises the structure B<cms>. It's purpose is to perform any
+operations necessary on B<cms> (digest computation for example) and set the
+appropriate fields. The parameter B<data> contains the content to be 
+processed. The B<dcont> parameter contains a BIO to write content to after
+processing: this is only used with detached data and will usually be set to
+NULL.
+
+=head1 NOTES
+
+This function will normally be called when the B<CMS_PARTIAL> flag is used. It
+should only be used when streaming is not performed because the streaming
+I/O functions perform finalisation operations internally.
+
+=head1 RETURN VALUES
+
+CMS_final() returns 1 for success or 0 for failure.
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_sign(3)|CMS_sign(3)>,
+L<CMS_encrypt(3)|CMS_encrypt(3)>
+
+=head1 HISTORY
+
+CMS_final() was added to OpenSSL 0.9.8
+
+=cut
diff --git a/doc/crypto/CMS_get0_RecipientInfos.pod b/doc/crypto/CMS_get0_RecipientInfos.pod
new file mode 100644
index 0000000000..e0355423e6
--- /dev/null
+++ b/doc/crypto/CMS_get0_RecipientInfos.pod
@@ -0,0 +1,106 @@
+=pod
+
+=head1 NAME
+
+ CMS_get0_RecipientInfos, CMS_RecipientInfo_type, CMS_RecipientInfo_ktri_get0_signer_id,CMS_RecipientInfo_ktri_cert_cmp, CMS_RecipientInfo_set0_pkey, CMS_RecipientInfo_kekri_get0_id, CMS_RecipientInfo_kekri_id_cmp, CMS_RecipientInfo_set0_key, CMS_RecipientInfo_decrypt - CMS envelopedData RecipientInfo routines
+
+=head1 SYNOPSIS
+
+ #include <openssl/cms.h>
+
+ STACK_OF(CMS_RecipientInfo) *CMS_get0_RecipientInfos(CMS_ContentInfo *cms);
+ int CMS_RecipientInfo_type(CMS_RecipientInfo *ri);
+
+ int CMS_RecipientInfo_ktri_get0_signer_id(CMS_RecipientInfo *ri, ASN1_OCTET_STRING **keyid, X509_NAME **issuer, ASN1_INTEGER **sno);
+ int CMS_RecipientInfo_ktri_cert_cmp(CMS_RecipientInfo *ri, X509 *cert);
+ int CMS_RecipientInfo_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pkey);
+
+ int CMS_RecipientInfo_kekri_get0_id(CMS_RecipientInfo *ri, X509_ALGOR **palg, ASN1_OCTET_STRING **pid, ASN1_GENERALIZEDTIME **pdate, ASN1_OBJECT **potherid, ASN1_TYPE **pothertype);
+ int CMS_RecipientInfo_kekri_id_cmp(CMS_RecipientInfo *ri, const unsigned char *id, size_t idlen);
+ int CMS_RecipientInfo_set0_key(CMS_RecipientInfo *ri, unsigned char *key, size_t keylen);
+
+ int CMS_RecipientInfo_decrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri);
+
+=head1 DESCRIPTION
+
+The function CMS_get0_RecipientInfos() returns all the CMS_RecipientInfo
+structures associated with a CMS EnvelopedData structure.
+
+CMS_RecipientInfo_type() returns the type of CMS_RecipientInfo structure B<ri>.
+It will currently return CMS_RECIPINFO_TRANS, CMS_RECIPINFO_AGREE,
+CMS_RECIPINFO_KEK, CMS_RECIPINFO_PASS, or CMS_RECIPINFO_OTHER.
+
+CMS_RecipientInfo_ktri_get0_signer_id() retrieves the certificate recipient
+identifier associated with a specific CMS_RecipientInfo structure B<ri>, which
+must be of type CMS_RECIPINFO_TRANS. Either the keyidentifier will be set in
+B<keyid> or B<both> issuer name and serial number in B<issuer> and B<sno>. 
+
+CMS_RecipientInfo_ktri_cert_cmp() compares the certificate B<cert> against the
+CMS_RecipientInfo structure B<ri>, which must be of type CMS_RECIPINFO_TRANS.
+It returns zero if the comparison is successful and non zero if not.
+
+CMS_RecipientInfo_set0_pkey() associates the private key B<pkey> with
+the CMS_RecipientInfo structure B<ri>, which must be of type
+CMS_RECIPINFO_TRANS.
+
+CMS_RecipientInfo_kekri_get0_id() retrieves the key information from the
+CMS_RecipientInfo structure B<ri> which must be of type CMS_RECIPINFO_KEK.  Any
+of the remaining parameters can be NULL if the application is not interested in
+the value of a field. Where a field is optional and absent NULL will be written
+to the corresponding parameter. The keyEncryptionAlgorithm field is written to
+B<palg>, the B<keyIdentifier> field is written to B<pid>, the B<date> field if
+present is written to B<pdate>, if the B<other> field is present the components
+B<keyAttrId> and B<keyAttr> are written to parameters B<potherid> and
+B<pothertype>.
+
+CMS_RecipientInfo_kekri_id_cmp() compares the ID in the B<id> and B<idlen>
+parameters against the B<keyIdentifier> CMS_RecipientInfo structure B<ri>,
+which must be of type CMS_RECIPINFO_KEK.  It returns zero if the comparison is
+successful and non zero if not.
+
+CMS_RecipientInfo_set0_key() associates the symmetric key B<key> of length
+B<keylen> with the CMS_RecipientInfo structure B<ri>, which must be of type
+CMS_RECIPINFO_KEK.
+
+CMS_RecipientInfo_decrypt() attempts to decrypt CMS_RecipientInfo structure
+B<ri> in structure B<cms>. A key must have been associated with the structure
+first.
+
+=head1 NOTES
+
+The main purpose of these functions is to enable an application to lookup
+recipient keys using any appropriate technique when the simpler method
+of CMS_decrypt() is not appropriate.
+
+In typical usage and application will retrieve all CMS_RecipientInfo structures
+using CMS_get0_RecipientInfos() and check the type of each using
+CMS_RecpientInfo_type(). Depending on the type the CMS_RecipientInfo structure
+can be ignored or its key identifier data retrieved using an appropriate
+function. Then if the corresponding secret or private key can be obtained by
+any appropriate means it can then associated with the structure and
+CMS_RecpientInfo_decrypt() called. If successful CMS_decrypt() can be called
+with a NULL key to decrypt the enveloped content.
+
+=head1 RETURN VALUES
+
+CMS_get0_RecipientInfos() returns all CMS_RecipientInfo structures, or NULL if
+an error occurs.
+
+CMS_RecipientInfo_ktri_get0_signer_id(), CMS_RecipientInfo_set0_pkey(),
+CMS_RecipientInfo_kekri_get0_id(), CMS_RecipientInfo_set0_key() and
+CMS_RecipientInfo_decrypt() return 1 for success or 0 if an error occurs.
+
+CMS_RecipientInfo_ktri_cert_cmp() and CMS_RecipientInfo_kekri_cmp() return 0
+for a successful comparison and non zero otherwise.
+
+Any error can be obtained from L<ERR_get_error(3)|ERR_get_error(3)>.
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_decrypt(3)|CMS_decrypt(3)>
+
+=head1 HISTORY
+
+These functions were first was added to OpenSSL 0.9.8
+
+=cut
diff --git a/doc/crypto/CMS_get0_SignerInfos.pod b/doc/crypto/CMS_get0_SignerInfos.pod
new file mode 100644
index 0000000000..47f6d2a047
--- /dev/null
+++ b/doc/crypto/CMS_get0_SignerInfos.pod
@@ -0,0 +1,75 @@
+=pod
+
+=head1 NAME
+
+ CMS_get0_SignerInfos, CMS_SignerInfo_get0_signer_id, CMS_SignerInfo_cert_cmp, CMS_set1_signer_certs - CMS signedData signer functions.
+
+=head1 SYNOPSIS
+
+ #include <openssl/cms.h>
+
+ STACK_OF(CMS_SignerInfo) *CMS_get0_SignerInfos(CMS_ContentInfo *cms);
+
+ int CMS_SignerInfo_get0_signer_id(CMS_SignerInfo *si, ASN1_OCTET_STRING **keyid, X509_NAME **issuer, ASN1_INTEGER **sno);
+ int CMS_SignerInfo_cert_cmp(CMS_SignerInfo *si, X509 *cert);
+ void CMS_SignerInfo_set1_signer_cert(CMS_SignerInfo *si, X509 *signer);
+
+=head1 DESCRIPTION
+
+The function CMS_get0_SignerInfos() returns all the CMS_SignerInfo structures
+associated with a CMS signedData structure.
+
+CMS_SignerInfo_get0_signer_id() retrieves the certificate signer identifier
+associated with a specific CMS_SignerInfo structure B<si>. Either the
+keyidentifier will be set in B<keyid> or B<both> issuer name and serial number
+in B<issuer> and B<sno>.
+
+CMS_SignerInfo_cert_cmp() compares the certificate B<cert> against the signer
+identifier B<si>. It returns zero if the comparison is successful and non zero
+if not.
+
+CMS_SignerInfo_set1_signer_cert() sets the signers certificate of B<si> to
+B<signer>.
+
+=head1 NOTES
+
+The main purpose of these functions is to enable an application to lookup
+signers certificates using any appropriate technique when the simpler method
+of CMS_verify() is not appropriate.
+
+In typical usage and application will retrieve all CMS_SignerInfo structures
+using CMS_get0_SignerInfo() and retrieve the identifier information using
+CMS. It will then obtain the signer certificate by some unspecified means
+(or return and error if it cannot be found) and set it using
+CMS_SignerInfo_set1_signer_cert().
+
+Once all signer certificates have been set CMS_verify() can be used.
+
+Although CMS_get0_SignerInfos() can return NULL is an error occur B<or> if
+there are no signers this is not a problem in practice because the only
+error which can occur is if the B<cms> structure is not of type signedData
+due to application error.
+
+=head1 RETURN VALUES
+
+CMS_get0_SignerInfos() returns all CMS_SignerInfo structures, or NULL there
+are no signers or an error occurs.
+
+CMS_SignerInfo_get0_signer_id() returns 1 for success and 0 for failure.
+
+CMS_SignerInfo_cert_cmp() returns 0 for a successful comparison and non
+zero otherwise.
+
+CMS_SignerInfo_set1_signer_cert() does not return a value.
+
+Any error can be obtained from L<ERR_get_error(3)|ERR_get_error(3)>
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_verify(3)|CMS_verify(3)>
+
+=head1 HISTORY
+
+These functions were first was added to OpenSSL 0.9.8
+
+=cut
diff --git a/doc/crypto/CMS_get0_type.pod b/doc/crypto/CMS_get0_type.pod
new file mode 100644
index 0000000000..8ff1c3115c
--- /dev/null
+++ b/doc/crypto/CMS_get0_type.pod
@@ -0,0 +1,63 @@
+=pod
+
+=head1 NAME
+
+ CMS_get0_type, CMS_set1_eContentType, CMS_get0_eContentType - get and set CMS content types
+
+=head1 SYNOPSIS
+
+ #include <openssl/cms.h>
+
+ const ASN1_OBJECT *CMS_get0_type(CMS_ContentInfo *cms);
+ int CMS_set1_eContentType(CMS_ContentInfo *cms, const ASN1_OBJECT *oid);
+ const ASN1_OBJECT *CMS_get0_eContentType(CMS_ContentInfo *cms);
+
+=head1 DESCRIPTION
+
+CMS_get0_type() returns the content type of a CMS_ContentInfo structure as
+and ASN1_OBJECT pointer. An application can then decide how to process the
+CMS_ContentInfo structure based on this value.
+
+CMS_set1_eContentType() sets the embedded content type of a CMS_ContentInfo
+structure. It should be called with CMS functions with the B<CMS_PARTIAL>
+flag and B<before> the structure is finalised, otherwise the results are
+undefined.
+
+ASN1_OBJECT *CMS_get0_eContentType() returns a pointer to the embedded
+content type.
+
+=head1 NOTES
+
+As the B<0> implies CMS_get0_type() and CMS_get0_eContentType() return internal
+pointers which should B<not> be freed up. CMS_set1_eContentType() copies the
+supplied OID and it B<should> be freed up after use.
+
+The B<ASN1_OBJECT> values returned can be converted to an integer B<NID> value
+using OBJ_obj2nid(). For the currently supported content types the following
+values are returned:
+
+ NID_pkcs7_data
+ NID_pkcs7_signed
+ NID_pkcs7_digest
+ NID_id_smime_ct_compressedData:
+ NID_pkcs7_encrypted
+ NID_pkcs7_enveloped
+
+
+=head1 RETURN VALUES
+
+CMS_get0_type() and CMS_get0_eContentType() return and ASN1_OBJECT structure.
+
+CMS_set1_eContentType() returns 1 for success or 0 if an error occurred.  The
+error can be obtained from ERR_get_error(3).
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>
+
+=head1 HISTORY
+
+CMS_get0_type(), CMS_set1_eContentType() and CMS_get0_eContentType() were all
+first added to OpenSSL 0.9.8
+
+=cut
diff --git a/doc/crypto/CMS_get1_ReceiptRequest.pod b/doc/crypto/CMS_get1_ReceiptRequest.pod
new file mode 100644
index 0000000000..f546376a1e
--- /dev/null
+++ b/doc/crypto/CMS_get1_ReceiptRequest.pod
@@ -0,0 +1,69 @@
+=pod
+
+=head1 NAME
+
+ CMS_ReceiptRequest_create0, CMS_add1_ReceiptRequest, CMS_get1_ReceiptRequest, CMS_ReceiptRequest_get0_values - CMS signed receipt request functions.
+
+=head1 SYNOPSIS
+
+ #include <openssl/cms.h>
+
+ CMS_ReceiptRequest *CMS_ReceiptRequest_create0(unsigned char *id, int idlen, int allorfirst, STACK_OF(GENERAL_NAMES) *receiptList, STACK_OF(GENERAL_NAMES) *receiptsTo);
+ int CMS_add1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest *rr);
+ int CMS_get1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest **prr);
+ void CMS_ReceiptRequest_get0_values(CMS_ReceiptRequest *rr, ASN1_STRING **pcid, int *pallorfirst, STACK_OF(GENERAL_NAMES) **plist, STACK_OF(GENERAL_NAMES) **prto);
+
+=head1 DESCRIPTION
+
+CMS_ReceiptRequest_create0() creates a signed receipt request structure. The
+B<signedContentIdentifier> field is set using B<id> and B<idlen>, or it is set
+to 32 bytes of pseudo random data if B<id> is NULL. If B<receiptList> is NULL
+the allOrFirstTier option in B<receiptsFrom> is used and set to the value of
+the B<allorfirst> parameter. If B<receiptList> is not NULL the B<receiptList>
+option in B<receiptsFrom> is used. The B<receiptsTo> parameter specifies the
+B<receiptsTo> field value.
+
+The CMS_add1_ReceiptRequest() function adds a signed receipt request B<rr>
+to SignerInfo structure B<si>.
+
+int CMS_get1_ReceiptRequest() looks for a signed receipt request in B<si>, if
+any is found it is decoded and written to B<prr>.
+
+CMS_ReceiptRequest_get0_values() retrieves the values of a receipt request.
+The signedContentIdentifier is copied to B<pcid>. If the B<allOrFirstTier>
+option of B<receiptsFrom> is used its value is copied to B<pallorfirst>
+otherwise the B<receiptList> field is copied to B<plist>. The B<receiptsTo>
+parameter is copied to B<prto>.
+
+=head1 NOTES
+
+For more details of the meaning of the fields see RFC2634.
+
+The contents of a signed receipt should only be considered meaningful if the
+corresponding CMS_ContentInfo structure can be successfully verified using
+CMS_verify().
+
+=head1 RETURN VALUES
+
+CMS_ReceiptRequest_create0() returns a signed receipt request structure or 
+NULL if an error occurred.
+
+CMS_add1_ReceiptRequest() returns 1 for success or 0 is an error occurred.
+
+CMS_get1_ReceiptRequest() returns 1 is a signed receipt request is found and
+decoded. It returns 0 if a signed receipt request is not present and -1 if
+it is present but malformed.
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_sign(3)|CMS_sign(3)>,
+L<CMS_sign_receipt(3)|CMS_sign_receipt(3)>, L<CMS_verify(3)|CMS_verify(3)>
+L<CMS_verify_receipt(3)|CMS_verify_receipt(3)>
+
+=head1 HISTORY
+
+CMS_ReceiptRequest_create0(), CMS_add1_ReceiptRequest(),
+CMS_get1_ReceiptRequest() and CMS_ReceiptRequest_get0_values() were added to
+OpenSSL 0.9.8
+
+=cut
diff --git a/doc/crypto/CMS_sign.pod b/doc/crypto/CMS_sign.pod
new file mode 100644
index 0000000000..2cc72de327
--- /dev/null
+++ b/doc/crypto/CMS_sign.pod
@@ -0,0 +1,121 @@
+=pod
+
+=head1 NAME
+
+ CMS_sign - create a CMS SignedData structure
+
+=head1 SYNOPSIS
+
+ #include <openssl/cms.h>
+
+ CMS_ContentInfo *CMS_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, BIO *data, unsigned int flags);
+
+=head1 DESCRIPTION
+
+CMS_sign() creates and returns a CMS SignedData structure. B<signcert> is
+the certificate to sign with, B<pkey> is the corresponding private key.
+B<certs> is an optional additional set of certificates to include in the CMS
+structure (for example any intermediate CAs in the chain). Any or all of
+these parameters can be B<NULL>, see B<NOTES> below.
+
+The data to be signed is read from BIO B<data>.
+
+B<flags> is an optional set of flags.
+
+=head1 NOTES
+
+Any of the following flags (ored together) can be passed in the B<flags>
+parameter.
+
+Many S/MIME clients expect the signed content to include valid MIME headers. If
+the B<CMS_TEXT> flag is set MIME headers for type B<text/plain> are prepended
+to the data.
+
+If B<CMS_NOCERTS> is set the signer's certificate will not be included in the
+CMS_ContentInfo structure, the signer's certificate must still be supplied in
+the B<signcert> parameter though. This can reduce the size of the signature if
+the signers certificate can be obtained by other means: for example a
+previously signed message.
+
+The data being signed is included in the CMS_ContentInfo structure, unless
+B<CMS_DETACHED> is set in which case it is omitted. This is used for
+CMS_ContentInfo detached signatures which are used in S/MIME plaintext signed
+messages for example.
+
+Normally the supplied content is translated into MIME canonical format (as
+required by the S/MIME specifications) if B<CMS_BINARY> is set no translation
+occurs. This option should be used if the supplied data is in binary format
+otherwise the translation will corrupt it.
+
+The SignedData structure includes several CMS signedAttributes including the
+signing time, the CMS content type and the supported list of ciphers in an
+SMIMECapabilities attribute. If B<CMS_NOATTR> is set then no signedAttributes
+will be used. If B<CMS_NOSMIMECAP> is set then just the SMIMECapabilities are
+omitted.
+
+If present the SMIMECapabilities attribute indicates support for the following
+algorithms in preference order: 256 bit AES, Gost R3411-94, Gost 28147-89, 192
+bit AES, 128 bit AES, triple DES, 128 bit RC2, 64 bit RC2, DES and 40 bit RC2.
+If any of these algorithms is not available then it will not be included: for example the GOST algorithms will not be included if the GOST ENGINE is
+not loaded.
+
+OpenSSL will by default identify signing certificates using issuer name
+and serial number. If B<CMS_USE_KEYID> is set it will use the subject key
+identifier value instead. An error occurs if the signing certificate does not
+have a subject key identifier extension.
+
+If the flags B<CMS_STREAM> is set then the returned B<CMS_ContentInfo>
+structure is just initialized ready to perform the signing operation. The
+signing is however B<not> performed and the data to be signed is not read from
+the B<data> parameter. Signing is deferred until after the data has been
+written. In this way data can be signed in a single pass.
+
+If the B<CMS_PARTIAL> flag is set a partial B<CMS_ContentInfo> structure is
+output to which additional signers and capabilities can be added before
+finalization.
+
+If the flag B<CMS_STREAM> is set the returned B<CMS_ContentInfo> structure is
+B<not> complete and outputting its contents via a function that does not
+properly finalize the B<CMS_ContentInfo> structure will give unpredictable
+results.
+
+Several functions including SMIME_write_CMS(), i2d_CMS_bio_stream(),
+PEM_write_bio_CMS_stream() finalize the structure. Alternatively finalization
+can be performed by obtaining the streaming ASN1 B<BIO> directly using
+BIO_new_CMS().
+
+If a signer is specified it will use the default digest for the signing
+algorithm. This is B<SHA1> for both RSA and DSA keys.
+
+If B<signcert> and B<pkey> are NULL then a certificates only CMS structure is
+output.
+
+The function CMS_sign() is a basic CMS signing function whose output will be
+suitable for many purposes. For finer control of the output format the
+B<certs>, B<signcert> and B<pkey> parameters can all be B<NULL> and the
+B<CMS_PARTIAL> flag set. Then one or more signers can be added using the
+function CMS_sign_add1_signer(), non default digests can be used and custom
+attributes added. B<CMS_final()> must then be called to finalize the
+structure if streaming is not enabled. 
+
+=head1 BUGS
+
+Some attributes such as counter signatures are not supported.
+
+=head1 RETURN VALUES
+
+CMS_sign() returns either a valid CMS_ContentInfo structure or NULL if an error
+occurred. The error can be obtained from ERR_get_error(3).
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_verify(3)|CMS_verify(3)>
+
+=head1 HISTORY
+
+CMS_sign() was added to OpenSSL 0.9.8
+
+The B<CMS_STREAM> flag is only supported for detached data in OpenSSL 0.9.8,
+it is supported for embedded data in OpenSSL 1.0.0 and later.
+
+=cut
diff --git a/doc/crypto/CMS_sign_add1_signer.pod b/doc/crypto/CMS_sign_add1_signer.pod
new file mode 100644
index 0000000000..bda3ca2adb
--- /dev/null
+++ b/doc/crypto/CMS_sign_add1_signer.pod
@@ -0,0 +1,101 @@
+=pod
+
+=head1 NAME
+
+ CMS_sign_add1_signer, CMS_SignerInfo_sign - add a signer to a CMS_ContentInfo signed data structure.
+
+=head1 SYNOPSIS
+
+ #include <openssl/cms.h>
+
+ CMS_SignerInfo *CMS_sign_add1_signer(CMS_ContentInfo *cms, X509 *signcert, EVP_PKEY *pkey, const EVP_MD *md, unsigned int flags);
+
+ int CMS_SignerInfo_sign(CMS_SignerInfo *si);
+
+
+=head1 DESCRIPTION
+
+CMS_sign_add1_signer() adds a signer with certificate B<signcert> and private
+key B<pkey> using message digest B<md> to CMS_ContentInfo SignedData
+structure B<cms>.
+
+The CMS_ContentInfo structure should be obtained from an initial call to
+CMS_sign() with the flag B<CMS_PARTIAL> set or in the case or re-signing a
+valid CMS_ContentInfo SignedData structure.
+
+If the B<md> parameter is B<NULL> then the default digest for the public
+key algorithm will be used.
+
+Unless the B<CMS_REUSE_DIGEST> flag is set the returned CMS_ContentInfo
+structure is not complete and must be finalized either by streaming (if
+applicable) or a call to CMS_final().
+
+The CMS_SignerInfo_sign() function will explicitly sign a CMS_SignerInfo
+structure, its main use is when B<CMS_REUSE_DIGEST> and B<CMS_PARTIAL> flags
+are both set.
+
+=head1 NOTES
+
+The main purpose of CMS_sign_add1_signer() is to provide finer control
+over a CMS signed data structure where the simpler CMS_sign() function defaults
+are not appropriate. For example if multiple signers or non default digest
+algorithms are needed. New attributes can also be added using the returned
+CMS_SignerInfo structure and the CMS attribute utility functions or the
+CMS signed receipt request functions.
+
+Any of the following flags (ored together) can be passed in the B<flags>
+parameter.
+
+If B<CMS_REUSE_DIGEST> is set then an attempt is made to copy the content
+digest value from the CMS_ContentInfo structure: to add a signer to an existing
+structure.  An error occurs if a matching digest value cannot be found to copy.
+The returned CMS_ContentInfo structure will be valid and finalized when this
+flag is set.
+
+If B<CMS_PARTIAL> is set in addition to B<CMS_REUSE_DIGEST> then the 
+CMS_SignerInfo structure will not be finalized so additional attributes
+can be added. In this case an explicit call to CMS_SignerInfo_sign() is
+needed to finalize it.
+
+If B<CMS_NOCERTS> is set the signer's certificate will not be included in the
+CMS_ContentInfo structure, the signer's certificate must still be supplied in
+the B<signcert> parameter though. This can reduce the size of the signature if
+the signers certificate can be obtained by other means: for example a
+previously signed message.
+
+The SignedData structure includes several CMS signedAttributes including the
+signing time, the CMS content type and the supported list of ciphers in an
+SMIMECapabilities attribute. If B<CMS_NOATTR> is set then no signedAttributes
+will be used. If B<CMS_NOSMIMECAP> is set then just the SMIMECapabilities are
+omitted.
+
+OpenSSL will by default identify signing certificates using issuer name
+and serial number. If B<CMS_USE_KEYID> is set it will use the subject key
+identifier value instead. An error occurs if the signing certificate does not
+have a subject key identifier extension.
+
+If present the SMIMECapabilities attribute indicates support for the following
+algorithms in preference order: 256 bit AES, Gost R3411-94, Gost 28147-89, 192
+bit AES, 128 bit AES, triple DES, 128 bit RC2, 64 bit RC2, DES and 40 bit RC2.
+If any of these algorithms is not available then it will not be included: for example the GOST algorithms will not be included if the GOST ENGINE is
+not loaded.
+
+CMS_sign_add1_signer() returns an internal pointer to the CMS_SignerInfo
+structure just added, this can be used to set additional attributes 
+before it is finalized.
+
+=head1 RETURN VALUES
+
+CMS_sign1_add_signers() returns an internal pointer to the CMS_SignerInfo
+structure just added or NULL if an error occurs.
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_sign(3)|CMS_sign(3)>,
+L<CMS_final(3)|CMS_final(3)>,
+
+=head1 HISTORY
+
+CMS_sign_add1_signer() was added to OpenSSL 0.9.8
+
+=cut
diff --git a/doc/crypto/CMS_sign_receipt.pod b/doc/crypto/CMS_sign_receipt.pod
new file mode 100644
index 0000000000..cae1f83384
--- /dev/null
+++ b/doc/crypto/CMS_sign_receipt.pod
@@ -0,0 +1,45 @@
+=pod
+
+=head1 NAME
+
+ CMS_sign_receipt - create a CMS signed receipt
+
+=head1 SYNOPSIS
+
+ #include <openssl/cms.h>
+
+ CMS_ContentInfo *CMS_sign_receipt(CMS_SignerInfo *si, X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, unsigned int flags);
+
+=head1 DESCRIPTION
+
+CMS_sign_receipt() creates and returns a CMS signed receipt structure. B<si> is
+the B<CMS_SignerInfo> structure containing the signed receipt request.
+B<signcert> is the certificate to sign with, B<pkey> is the corresponding
+private key.  B<certs> is an optional additional set of certificates to include
+in the CMS structure (for example any intermediate CAs in the chain).
+
+B<flags> is an optional set of flags.
+
+=head1 NOTES
+
+This functions behaves in a similar way to CMS_sign() except the flag values
+B<CMS_DETACHED>, B<CMS_BINARY>, B<CMS_NOATTR>, B<CMS_TEXT> and B<CMS_STREAM>
+are not supported since they do not make sense in the context of signed
+receipts.
+
+=head1 RETURN VALUES
+
+CMS_sign_receipt() returns either a valid CMS_ContentInfo structure or NULL if
+an error occurred.  The error can be obtained from ERR_get_error(3).
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>,
+L<CMS_verify_receipt(3)|CMS_verify_receipt(3)>,
+L<CMS_sign(3)|CMS_sign(3)>
+
+=head1 HISTORY
+
+CMS_sign_receipt() was added to OpenSSL 0.9.8
+
+=cut
diff --git a/doc/crypto/CMS_uncompress.pod b/doc/crypto/CMS_uncompress.pod
new file mode 100644
index 0000000000..c6056b027d
--- /dev/null
+++ b/doc/crypto/CMS_uncompress.pod
@@ -0,0 +1,54 @@
+=pod
+
+=head1 NAME
+
+ CMS_uncompress - uncompress a CMS CompressedData structure
+
+=head1 SYNOPSIS
+
+ #include <openssl/cms.h>
+
+ int CMS_uncompress(CMS_ContentInfo *cms, BIO *dcont, BIO *out, unsigned int flags);
+
+=head1 DESCRIPTION
+
+CMS_uncompress() extracts and uncompresses the content from a CMS
+CompressedData structure B<cms>. B<data> is a BIO to write the content to and
+B<flags> is an optional set of flags.
+
+The B<dcont> parameter is used in the rare case where the compressed content
+is detached. It will normally be set to NULL.
+
+=head1 NOTES
+
+The only currently supported compression algorithm is zlib: if the structure
+indicates the use of any other algorithm an error is returned.
+
+If zlib support is not compiled into OpenSSL then CMS_uncompress() will always
+return an error.
+
+The following flags can be passed in the B<flags> parameter.
+
+If the B<CMS_TEXT> flag is set MIME headers for type B<text/plain> are deleted
+from the content. If the content is not of type B<text/plain> then an error is
+returned.
+
+=head1 RETURN VALUES
+
+CMS_uncompress() returns either 1 for success or 0 for failure. The error can
+be obtained from ERR_get_error(3)
+
+=head1 BUGS
+
+The lack of single pass processing and the need to hold all data in memory as
+mentioned in CMS_verify() also applies to CMS_decompress().
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_compress(3)|CMS_compress(3)>
+
+=head1 HISTORY
+
+CMS_uncompress() was added to OpenSSL 0.9.8
+
+=cut
diff --git a/doc/crypto/CMS_verify.pod b/doc/crypto/CMS_verify.pod
new file mode 100644
index 0000000000..8f26fdab09
--- /dev/null
+++ b/doc/crypto/CMS_verify.pod
@@ -0,0 +1,126 @@
+=pod
+
+=head1 NAME
+
+ CMS_verify - verify a CMS SignedData structure
+
+=head1 SYNOPSIS
+
+ #include <openssl/cms.h>
+
+ int CMS_verify(CMS_ContentInfo *cms, STACK_OF(X509) *certs, X509_STORE *store, BIO *indata, BIO *out, unsigned int flags);
+
+ STACK_OF(X509) *CMS_get0_signers(CMS_ContentInfo *cms);
+
+=head1 DESCRIPTION
+
+CMS_verify() verifies a CMS SignedData structure. B<cms> is the CMS_ContentInfo
+structure to verify. B<certs> is a set of certificates in which to search for
+the signing certificate(s). B<store> is a trusted certificate store used for
+chain verification. B<indata> is the detached content if the content is not
+present in B<cms>. The content is written to B<out> if it is not NULL.
+
+B<flags> is an optional set of flags, which can be used to modify the verify
+operation.
+
+CMS_get0_signers() retrieves the signing certificate(s) from B<cms>, it must
+be called after a successful CMS_verify() operation.
+
+=head1 VERIFY PROCESS
+
+Normally the verify process proceeds as follows.
+
+Initially some sanity checks are performed on B<cms>. The type of B<cms> must
+be SignedData. There must be at least one signature on the data and if
+the content is detached B<indata> cannot be B<NULL>.
+
+An attempt is made to locate all the signing certificate(s), first looking in
+the B<certs> parameter (if it is not NULL) and then looking in any
+certificates contained in the B<cms> structure itself. If any signing
+certificate cannot be located the operation fails.
+
+Each signing certificate is chain verified using the B<smimesign> purpose and
+the supplied trusted certificate store. Any internal certificates in the message
+are used as untrusted CAs. If CRL checking is enabled in B<store> any internal
+CRLs are used in addition to attempting to look them up in B<store>. If any
+chain verify fails an error code is returned.
+
+Finally the signed content is read (and written to B<out> is it is not NULL)
+and the signature's checked.
+
+If all signature's verify correctly then the function is successful.
+
+Any of the following flags (ored together) can be passed in the B<flags>
+parameter to change the default verify behaviour.
+
+If B<CMS_NOINTERN> is set the certificates in the message itself are not
+searched when locating the signing certificate(s). This means that all the
+signing certificates must be in the B<certs> parameter.
+
+If B<CMS_NOCRL> is set and CRL checking is enabled in B<store> then any
+CRLs in the message itself are ignored.
+
+If the B<CMS_TEXT> flag is set MIME headers for type B<text/plain> are deleted
+from the content. If the content is not of type B<text/plain> then an error is
+returned.
+
+If B<CMS_NO_SIGNER_CERT_VERIFY> is set the signing certificates are not
+verified.
+
+If B<CMS_NO_ATTR_VERIFY> is set the signed attributes signature is not 
+verified.
+
+If B<CMS_NO_CONTENT_VERIFY> is set then the content digest is not checked.
+
+=head1 NOTES
+
+One application of B<CMS_NOINTERN> is to only accept messages signed by
+a small number of certificates. The acceptable certificates would be passed
+in the B<certs> parameter. In this case if the signer is not one of the
+certificates supplied in B<certs> then the verify will fail because the
+signer cannot be found.
+
+In some cases the standard techniques for looking up and validating
+certificates are not appropriate: for example an application may wish to 
+lookup certificates in a database or perform customised verification. This
+can be achieved by setting and verifying the signers certificates manually 
+using the signed data utility functions.
+
+Care should be taken when modifying the default verify behaviour, for example
+setting B<CMS_NO_CONTENT_VERIFY> will totally disable all content verification 
+and any modified content will be considered valid. This combination is however
+useful if one merely wishes to write the content to B<out> and its validity
+is not considered important.
+
+Chain verification should arguably be performed using the signing time rather
+than the current time. However since the signing time is supplied by the
+signer it cannot be trusted without additional evidence (such as a trusted
+timestamp).
+
+=head1 RETURN VALUES
+
+CMS_verify() returns 1 for a successful verification and zero if an error
+occurred.
+
+CMS_get0_signers() returns all signers or NULL if an error occurred.
+
+The error can be obtained from L<ERR_get_error(3)|ERR_get_error(3)>
+
+=head1 BUGS
+
+The trusted certificate store is not searched for the signing certificate,
+this is primarily due to the inadequacies of the current B<X509_STORE>
+functionality.
+
+The lack of single pass processing means that the signed content must all
+be held in memory if it is not detached.
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_sign(3)|CMS_sign(3)>
+
+=head1 HISTORY
+
+CMS_verify() was added to OpenSSL 0.9.8
+
+=cut
diff --git a/doc/crypto/CMS_verify_receipt.pod b/doc/crypto/CMS_verify_receipt.pod
new file mode 100644
index 0000000000..9283e0e04b
--- /dev/null
+++ b/doc/crypto/CMS_verify_receipt.pod
@@ -0,0 +1,47 @@
+=pod
+
+=head1 NAME
+
+ CMS_verify_receipt - verify a CMS signed receipt
+
+=head1 SYNOPSIS
+
+ #include <openssl/cms.h>
+
+ int CMS_verify_receipt(CMS_ContentInfo *rcms, CMS_ContentInfo *ocms, STACK_OF(X509) *certs, X509_STORE *store, unsigned int flags);
+
+=head1 DESCRIPTION
+
+CMS_verify_receipt() verifies a CMS signed receipt. B<rcms> is the signed
+receipt to verify. B<ocms> is the original SignedData structure containing the
+receipt request. B<certs> is a set of certificates in which to search for the
+signing certificate. B<store> is a trusted certificate store (used for chain
+verification). 
+
+B<flags> is an optional set of flags, which can be used to modify the verify
+operation.
+
+=head1 NOTES
+
+This functions behaves in a similar way to CMS_verify() except the flag values
+B<CMS_DETACHED>, B<CMS_BINARY>, B<CMS_TEXT> and B<CMS_STREAM> are not
+supported since they do not make sense in the context of signed receipts.
+
+=head1 RETURN VALUES
+
+CMS_verify_receipt() returns 1 for a successful verification and zero if an
+error occurred.
+
+The error can be obtained from L<ERR_get_error(3)|ERR_get_error(3)>
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>,
+L<CMS_sign_receipt(3)|CMS_sign_receipt(3)>,
+L<CMS_verify(3)|CMS_verify(3)>,
+
+=head1 HISTORY
+
+CMS_verify_receipt() was added to OpenSSL 0.9.8
+
+=cut
diff --git a/doc/crypto/CONF_modules_free.pod b/doc/crypto/CONF_modules_free.pod
index af8ae6a5c9..87bc7b783c 100644
--- a/doc/crypto/CONF_modules_free.pod
+++ b/doc/crypto/CONF_modules_free.pod
@@ -2,7 +2,7 @@
 
 =head1 NAME
 
- CONF_modules_free, CONF_modules_load, CONF_modules_unload -
+ CONF_modules_free, CONF_modules_finish, CONF_modules_unload -
  OpenSSL configuration cleanup functions
 
 =head1 SYNOPSIS
@@ -10,8 +10,8 @@
  #include <openssl/conf.h>
 
  void CONF_modules_free(void);
- void CONF_modules_unload(int all);
  void CONF_modules_finish(void);
+ void CONF_modules_unload(int all);
 
 =head1 DESCRIPTION
 
diff --git a/doc/crypto/CRYPTO_set_ex_data.pod b/doc/crypto/CRYPTO_set_ex_data.pod
index 1bd5bed67d..7409c02aac 100644
--- a/doc/crypto/CRYPTO_set_ex_data.pod
+++ b/doc/crypto/CRYPTO_set_ex_data.pod
@@ -6,6 +6,8 @@ CRYPTO_set_ex_data, CRYPTO_get_ex_data - internal application specific data func
 
 =head1 SYNOPSIS
 
+ #include <openssl/crypto.h>
+
  int CRYPTO_set_ex_data(CRYPTO_EX_DATA *r, int idx, void *arg);
 
  void *CRYPTO_get_ex_data(CRYPTO_EX_DATA *r, int idx);
diff --git a/doc/crypto/DH_set_method.pod b/doc/crypto/DH_set_method.pod
index 73261fc467..d5cdc3be0c 100644
--- a/doc/crypto/DH_set_method.pod
+++ b/doc/crypto/DH_set_method.pod
@@ -36,7 +36,7 @@ structures created later. B<NB>: This is true only whilst no ENGINE has been set
 as a default for DH, so this function is no longer recommended.
 
 DH_get_default_method() returns a pointer to the current default DH_METHOD.
-However, the meaningfulness of this result is dependant on whether the ENGINE
+However, the meaningfulness of this result is dependent on whether the ENGINE
 API is being used, so this function is no longer recommended.
 
 DH_set_method() selects B<meth> to perform all operations using the key B<dh>.
diff --git a/doc/crypto/DSA_get_ex_new_index.pod b/doc/crypto/DSA_get_ex_new_index.pod
index 4612e708ec..fb6efc1182 100644
--- a/doc/crypto/DSA_get_ex_new_index.pod
+++ b/doc/crypto/DSA_get_ex_new_index.pod
@@ -6,7 +6,7 @@ DSA_get_ex_new_index, DSA_set_ex_data, DSA_get_ex_data - add application specifi
 
 =head1 SYNOPSIS
 
- #include <openssl/DSA.h>
+ #include <openssl/dsa.h>
 
  int DSA_get_ex_new_index(long argl, void *argp,
 		CRYPTO_EX_new *new_func,
diff --git a/doc/crypto/DSA_set_method.pod b/doc/crypto/DSA_set_method.pod
index bc3cfb1f0a..9c1434bd8d 100644
--- a/doc/crypto/DSA_set_method.pod
+++ b/doc/crypto/DSA_set_method.pod
@@ -36,7 +36,7 @@ structures created later. B<NB>: This is true only whilst no ENGINE has
 been set as a default for DSA, so this function is no longer recommended.
 
 DSA_get_default_method() returns a pointer to the current default
-DSA_METHOD. However, the meaningfulness of this result is dependant on
+DSA_METHOD. However, the meaningfulness of this result is dependent on
 whether the ENGINE API is being used, so this function is no longer 
 recommended.
 
diff --git a/doc/crypto/EVP_DigestInit.pod b/doc/crypto/EVP_DigestInit.pod
index 130cd7f60a..5b477ac6ec 100644
--- a/doc/crypto/EVP_DigestInit.pod
+++ b/doc/crypto/EVP_DigestInit.pod
@@ -64,9 +64,9 @@ EVP digest routines
 
 The EVP digest routines are a high level interface to message digests.
 
-EVP_MD_CTX_init() initializes digest contet B<ctx>.
+EVP_MD_CTX_init() initializes digest context B<ctx>.
 
-EVP_MD_CTX_create() allocates, initializes and returns a digest contet.
+EVP_MD_CTX_create() allocates, initializes and returns a digest context.
 
 EVP_DigestInit_ex() sets up digest context B<ctx> to use a digest
 B<type> from ENGINE B<impl>. B<ctx> must be initialized before calling this
@@ -102,7 +102,7 @@ the passed context B<ctx> does not have to be initialized, and it always
 uses the default digest implementation.
 
 EVP_DigestFinal() is similar to EVP_DigestFinal_ex() except the digest
-contet B<ctx> is automatically cleaned up.
+context B<ctx> is automatically cleaned up.
 
 EVP_MD_CTX_copy() is similar to EVP_MD_CTX_copy_ex() except the destination
 B<out> does not have to be initialized.
@@ -132,7 +132,9 @@ return B<EVP_MD> structures for the MD2, MD5, SHA, SHA1, MDC2 and RIPEMD160 dige
 algorithms respectively. The associated signature algorithm is RSA in each case.
 
 EVP_dss() and EVP_dss1() return B<EVP_MD> structures for SHA and SHA1 digest
-algorithms but using DSS (DSA) for the signature algorithm.
+algorithms but using DSS (DSA) for the signature algorithm. Note: there is 
+no need to use these pseudo-digests in OpenSSL 1.0.0 and later, they are
+however retained for compatibility.
 
 EVP_md_null() is a "null" message digest that does nothing: i.e. the hash it
 returns is of zero length.
@@ -228,12 +230,6 @@ digest name passed on the command line.
  printf("\n");
  }
 
-=head1 BUGS
-
-The link between digests and signing algorithms results in a situation where
-EVP_sha1() must be used with RSA and EVP_dss1() must be used with DSS
-even though they are identical digests.
-
 =head1 SEE ALSO
 
 L<evp(3)|evp(3)>, L<hmac(3)|hmac(3)>, L<md2(3)|md2(3)>,
@@ -253,4 +249,11 @@ EVP_md_null(), EVP_md2(), EVP_md5(), EVP_sha(), EVP_sha1(),
 EVP_dss(), EVP_dss1(), EVP_mdc2() and EVP_ripemd160() were
 changed to return truely const EVP_MD * in OpenSSL 0.9.7.
 
+The link between digests and signing algorithms was fixed in OpenSSL 1.0 and
+later, so now EVP_sha1() can be used with RSA and DSA, there is no need to
+use EVP_dss1() any more.
+
+OpenSSL 1.0 and later does not include the MD2 digest algorithm in the
+default configuration due to its security weaknesses.
+
 =cut
diff --git a/doc/crypto/EVP_DigestSignInit.pod b/doc/crypto/EVP_DigestSignInit.pod
new file mode 100644
index 0000000000..37d960e3b2
--- /dev/null
+++ b/doc/crypto/EVP_DigestSignInit.pod
@@ -0,0 +1,87 @@
+=pod
+
+=head1 NAME
+
+EVP_DigestSignInit, EVP_DigestSignUpdate, EVP_DigestSignFinal - EVP signing functions
+
+=head1 SYNOPSIS
+
+ #include <openssl/evp.h>
+
+ int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
+			const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey);
+ int EVP_DigestSignUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt);
+ int EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen);
+
+=head1 DESCRIPTION
+
+The EVP signature routines are a high level interface to digital signatures.
+
+EVP_DigestSignInit() sets up signing context B<ctx> to use digest B<type> from
+ENGINE B<impl> and private key B<pkey>. B<ctx> must be initialized with
+EVP_MD_CTX_init() before calling this function. If B<pctx> is not NULL the
+EVP_PKEY_CTX of the signing operation will be written to B<*pctx>: this can
+be used to set alternative signing options.
+
+EVP_DigestSignUpdate() hashes B<cnt> bytes of data at B<d> into the
+signature context B<ctx>. This function can be called several times on the
+same B<ctx> to include additional data. This function is currently implemented
+usig a macro.
+
+EVP_DigestSignFinal() signs the data in B<ctx> places the signature in B<sig>.
+If B<sig> is B<NULL> then the maximum size of the output buffer is written to
+the B<siglen> parameter. If B<sig> is not B<NULL> then before the call the
+B<siglen> parameter should contain the length of the B<sig> buffer, if the
+call is successful the signature is written to B<sig> and the amount of data
+written to B<siglen>.
+
+=head1 RETURN VALUES
+
+EVP_DigestSignInit() EVP_DigestSignUpdate() and EVP_DigestSignaFinal() return
+1 for success and 0 or a negative value for failure. In particular a return
+value of -2 indicates the operation is not supported by the public key
+algorithm.
+
+The error codes can be obtained from L<ERR_get_error(3)|ERR_get_error(3)>.
+
+=head1 NOTES
+
+The B<EVP> interface to digital signatures should almost always be used in
+preference to the low level interfaces. This is because the code then becomes
+transparent to the algorithm used and much more flexible.
+
+In previous versions of OpenSSL there was a link between message digest types
+and public key algorithms. This meant that "clone" digests such as EVP_dss1()
+needed to be used to sign using SHA1 and DSA. This is no longer necessary and
+the use of clone digest is now discouraged.
+
+For some key types and parameters the random number generator must be seeded
+or the operation will fail. 
+
+The call to EVP_DigestSignFinal() internally finalizes a copy of the digest
+context. This means that calls to EVP_DigestSignUpdate() and
+EVP_DigestSignFinal() can be called later to digest and sign additional data.
+
+Since only a copy of the digest context is ever finalized the context must
+be cleaned up after use by calling EVP_MD_CTX_cleanup() or a memory leak
+will occur.
+
+The use of EVP_PKEY_size() with these functions is discouraged because some
+signature operations may have a signature length which depends on the
+parameters set. As a result EVP_PKEY_size() would have to return a value
+which indicates the maximum possible signature for any set of parameters.
+
+=head1 SEE ALSO
+
+L<EVP_DigestVerifyInit(3)|EVP_DigestVerifyInit(3)>,
+L<EVP_DigestInit(3)|EVP_DigestInit(3)>, L<err(3)|err(3)>,
+L<evp(3)|evp(3)>, L<hmac(3)|hmac(3)>, L<md2(3)|md2(3)>,
+L<md5(3)|md5(3)>, L<mdc2(3)|mdc2(3)>, L<ripemd(3)|ripemd(3)>,
+L<sha(3)|sha(3)>, L<dgst(1)|dgst(1)>
+
+=head1 HISTORY
+
+EVP_DigestSignInit(), EVP_DigestSignUpdate() and EVP_DigestSignFinal() 
+were first added to OpenSSL 1.0.0.
+
+=cut
diff --git a/doc/crypto/EVP_DigestVerifyInit.pod b/doc/crypto/EVP_DigestVerifyInit.pod
new file mode 100644
index 0000000000..f224488978
--- /dev/null
+++ b/doc/crypto/EVP_DigestVerifyInit.pod
@@ -0,0 +1,82 @@
+=pod
+
+=head1 NAME
+
+EVP_DigestVerifyInit, EVP_DigestVerifyUpdate, EVP_DigestVerifyFinal - EVP signature verification functions
+
+=head1 SYNOPSIS
+
+ #include <openssl/evp.h>
+
+ int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
+			const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey);
+ int EVP_DigestVerifyUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt);
+ int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, unsigned char *sig, size_t siglen);
+
+=head1 DESCRIPTION
+
+The EVP signature routines are a high level interface to digital signatures.
+
+EVP_DigestVerifyInit() sets up verification context B<ctx> to use digest
+B<type> from ENGINE B<impl> and public key B<pkey>. B<ctx> must be initialized
+with EVP_MD_CTX_init() before calling this function. If B<pctx> is not NULL the
+EVP_PKEY_CTX of the verification operation will be written to B<*pctx>: this
+can be used to set alternative verification options.
+
+EVP_DigestVerifyUpdate() hashes B<cnt> bytes of data at B<d> into the
+verification context B<ctx>. This function can be called several times on the
+same B<ctx> to include additional data. This function is currently implemented
+using a macro.
+
+EVP_DigestVerifyFinal() verifies the data in B<ctx> against the signature in
+B<sig> of length B<siglen>.
+
+=head1 RETURN VALUES
+
+EVP_DigestVerifyInit() and EVP_DigestVerifyUpdate() return 1 for success and 0
+or a negative value for failure. In particular a return value of -2 indicates
+the operation is not supported by the public key algorithm.
+
+Unlike other functions the return value 0 from EVP_DigestVerifyFinal() only
+indicates that the signature did not not verify successfully (that is tbs did
+not match the original data or the signature was of invalid form) it is not an
+indication of a more serious error.
+
+The error codes can be obtained from L<ERR_get_error(3)|ERR_get_error(3)>.
+
+=head1 NOTES
+
+The B<EVP> interface to digital signatures should almost always be used in
+preference to the low level interfaces. This is because the code then becomes
+transparent to the algorithm used and much more flexible.
+
+In previous versions of OpenSSL there was a link between message digest types
+and public key algorithms. This meant that "clone" digests such as EVP_dss1()
+needed to be used to sign using SHA1 and DSA. This is no longer necessary and
+the use of clone digest is now discouraged.
+
+For some key types and parameters the random number generator must be seeded
+or the operation will fail. 
+
+The call to EVP_DigestVerifyFinal() internally finalizes a copy of the digest
+context. This means that calls to EVP_VerifyUpdate() and EVP_VerifyFinal() can
+be called later to digest and verify additional data.
+
+Since only a copy of the digest context is ever finalized the context must
+be cleaned up after use by calling EVP_MD_CTX_cleanup() or a memory leak
+will occur.
+
+=head1 SEE ALSO
+
+L<EVP_DigestSignInit(3)|EVP_DigestSignInit(3)>,
+L<EVP_DigestInit(3)|EVP_DigestInit(3)>, L<err(3)|err(3)>,
+L<evp(3)|evp(3)>, L<hmac(3)|hmac(3)>, L<md2(3)|md2(3)>,
+L<md5(3)|md5(3)>, L<mdc2(3)|mdc2(3)>, L<ripemd(3)|ripemd(3)>,
+L<sha(3)|sha(3)>, L<dgst(1)|dgst(1)>
+
+=head1 HISTORY
+
+EVP_DigestVerifyInit(), EVP_DigestVerifyUpdate() and EVP_DigestVerifyFinal() 
+were first added to OpenSSL 1.0.0.
+
+=cut
diff --git a/doc/crypto/EVP_EncryptInit.pod b/doc/crypto/EVP_EncryptInit.pod
index daf57e5895..8271d3dfc4 100644
--- a/doc/crypto/EVP_EncryptInit.pod
+++ b/doc/crypto/EVP_EncryptInit.pod
@@ -22,7 +22,7 @@ EVP_CIPHER_CTX_set_padding - EVP cipher routines
 
  #include <openssl/evp.h>
 
- int EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *a);
+ void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *a);
 
  int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
 	 ENGINE *impl, unsigned char *key, unsigned char *iv);
@@ -236,8 +236,8 @@ RC5 can be set.
 
 =head1 RETURN VALUES
 
-EVP_CIPHER_CTX_init, EVP_EncryptInit_ex(), EVP_EncryptUpdate() and
-EVP_EncryptFinal_ex() return 1 for success and 0 for failure.
+EVP_EncryptInit_ex(), EVP_EncryptUpdate() and EVP_EncryptFinal_ex()
+return 1 for success and 0 for failure.
 
 EVP_DecryptInit_ex() and EVP_DecryptUpdate() return 1 for success and 0 for failure.
 EVP_DecryptFinal_ex() returns 0 if the decrypt failed or 1 for success.
@@ -479,6 +479,7 @@ General encryption, decryption function example using FILE I/O and RC2 with an
 		if(!EVP_CipherUpdate(&ctx, outbuf, &outlen, inbuf, inlen))
 			{
 			/* Error */
+			EVP_CIPHER_CTX_cleanup(&ctx);
 			return 0;
 			}
 		fwrite(outbuf, 1, outlen, out);
@@ -486,6 +487,7 @@ General encryption, decryption function example using FILE I/O and RC2 with an
 	if(!EVP_CipherFinal_ex(&ctx, outbuf, &outlen))
 		{
 		/* Error */
+		EVP_CIPHER_CTX_cleanup(&ctx);
 		return 0;
 		}
 	fwrite(outbuf, 1, outlen, out);
diff --git a/doc/crypto/EVP_PKEY_CTX_ctrl.pod b/doc/crypto/EVP_PKEY_CTX_ctrl.pod
new file mode 100644
index 0000000000..f2f455990f
--- /dev/null
+++ b/doc/crypto/EVP_PKEY_CTX_ctrl.pod
@@ -0,0 +1,128 @@
+=pod
+
+=head1 NAME
+
+EVP_PKEY_ctrl, EVP_PKEY_ctrl_str - algorithm specific control operations
+
+=head1 SYNOPSIS
+
+ #include <openssl/evp.h>
+
+ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
+				int cmd, int p1, void *p2);
+ int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
+						const char *value);
+
+ int EVP_PKEY_get_default_digest_nid(EVP_PKEY *pkey, int *pnid);
+
+ #include <openssl/rsa.h>
+
+ int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+
+ int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_set_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_rsa_rsa_keygen_bits(EVP_PKEY_CTX *ctx, int mbits);
+ int EVP_PKEY_CTX_set_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx, BIGNUM *pubexp);
+
+ #include <openssl/dsa.h>
+ int EVP_PKEY_CTX_set_dsa_paramgen_bits(EVP_PKEY_CTX *ctx, int nbits);
+
+ #include <openssl/dh.h>
+ int EVP_PKEY_CTX_set_dh_paramgen_prime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_generator(EVP_PKEY_CTX *ctx, int gen);
+
+ #include <openssl/ec.h>
+ int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid);
+
+=head1 DESCRIPTION
+
+The function EVP_PKEY_CTX_ctrl() sends a control operation to the context
+B<ctx>. The key type used must match B<keytype> if it is not -1. The parameter
+B<optype> is a mask indicating which operations the control can be applied to.
+The control command is indicated in B<cmd> and any additional arguments in
+B<p1> and B<p2>.
+
+Applications will not normally call EVP_PKEY_CTX_ctrl() directly but will
+instead call one of the algorithm specific macros below.
+
+The function EVP_PKEY_ctrl_str() allows an application to send an algorithm
+specific control operation to a context B<ctx> in string form. This is
+intended to be used for options specified on the command line or in text
+files. The commands supported are documented in the openssl utility
+command line pages for the option B<-pkeyopt> which is supported by the
+B<pkeyutl>, B<genpkey> and B<req> commands.
+
+All the remaining "functions" are implemented as macros.
+
+The EVP_PKEY_CTX_set_signature_md() macro sets the message digest type used
+in a signature. It can be used with any public key algorithm supporting
+signature operations.
+
+The macro EVP_PKEY_CTX_set_rsa_padding() sets the RSA padding mode for B<ctx>.
+The B<pad> parameter can take the value RSA_PKCS1_PADDING for PKCS#1 padding,
+RSA_SSLV23_PADDING for SSLv23 padding, RSA_NO_PADDING for no padding,
+RSA_PKCS1_OAEP_PADDING for OAEP padding (encrypt and decrypt only),
+RSA_X931_PADDING for X9.31 padding (signature operations only) and 
+RSA_PKCS1_PSS_PADDING (sign and verify only).
+
+Two RSA padding modes behave differently if EVP_PKEY_CTX_set_signature_md()
+is used. If this macro is called for PKCS#1 padding the plaintext buffer is
+an actual digest value and is encapsulated in a DigestInfo structure according
+to PKCS#1 when signing and this structure is expected (and stripped off) when
+verifying. If this control is not used with RSA and PKCS#1 padding then the
+supplied data is used directly and not encapsulated. In the case of X9.31
+padding for RSA the algorithm identifier byte is added or checked and removed
+if this control is called. If it is not called then the first byte of the plaintext buffer is expected to be the algorithm identifier byte.
+
+The EVP_PKEY_CTX_set_rsa_pss_saltlen() macro sets the RSA PSS salt length to
+B<len> as its name implies it is only supported for PSS padding.  Two special
+values are supported: -1 sets the salt length to the digest length. When
+signing -2 sets the salt length to the maximum permissible value. When
+verifying -2 causes the salt length to be automatically determined based on the
+B<PSS> block structure. If this macro is not called a salt length value of -2
+is used by default.
+
+The EVP_PKEY_CTX_set_rsa_rsa_keygen_bits() macro sets the RSA key length for
+RSA key genration to B<bits>. If not specified 1024 bits is used.
+
+The EVP_PKEY_CTX_set_rsa_keygen_pubexp() macro sets the public exponent value
+for RSA key generation to B<pubexp> currently it should be an odd integer. The
+B<pubexp> pointer is used internally by this function so it should not be 
+modified or free after the call. If this macro is not called then 65537 is used.
+
+The macro EVP_PKEY_CTX_set_dsa_paramgen_bits() sets the number of bits used
+for DSA parameter generation to B<bits>. If not specified 1024 is used.
+
+The macro EVP_PKEY_CTX_set_dh_paramgen_prime_len() sets the length of the DH
+prime parameter B<p> for DH parameter generation. If this macro is not called
+then 1024 is used.
+
+The EVP_PKEY_CTX_set_dh_paramgen_generator() macro sets DH generator to B<gen>
+for DH parameter generation. If not specified 2 is used.
+
+The EVP_PKEY_CTX_set_ec_paramgen_curve_nid() sets the EC curve for EC parameter
+generation to B<nid>. For EC parameter generation this macro must be called
+or an error occurs because there is no default curve.
+
+=head1 RETURN VALUES
+
+EVP_PKEY_CTX_ctrl() and its macros return a positive value for success and 0
+or a negative value for failure. In particular a return value of -2
+indicates the operation is not supported by the public key algorithm.
+
+=head1 SEE ALSO
+
+L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
+L<EVP_PKEY_encrypt(3)|EVP_PKEY_encrypt(3)>,
+L<EVP_PKEY_decrypt(3)|EVP_PKEY_decrypt(3)>,
+L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,
+L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>,
+L<EVP_PKEY_verifyrecover(3)|EVP_PKEY_verifyrecover(3)>,
+L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)> 
+L<EVP_PKEY_keygen(3)|EVP_PKEY_keygen(3)> 
+
+=head1 HISTORY
+
+These functions were first added to OpenSSL 1.0.0.
+
+=cut
diff --git a/doc/crypto/EVP_PKEY_CTX_new.pod b/doc/crypto/EVP_PKEY_CTX_new.pod
new file mode 100644
index 0000000000..a9af867580
--- /dev/null
+++ b/doc/crypto/EVP_PKEY_CTX_new.pod
@@ -0,0 +1,52 @@
+=pod
+
+=head1 NAME
+
+EVP_PKEY_CTX_new, EVP_PKEY_CTX_new_id, EVP_PKEY_CTX_dup, EVP_PKEY_CTX_free - public key algorithm context functions.
+
+=head1 SYNOPSIS
+
+ #include <openssl/evp.h>
+
+ EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e);
+ EVP_PKEY_CTX *EVP_PKEY_CTX_new_id(int id, ENGINE *e);
+ EVP_PKEY_CTX *EVP_PKEY_CTX_dup(EVP_PKEY_CTX *ctx);
+ void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx);
+
+=head1 DESCRIPTION
+
+The EVP_PKEY_CTX_new() function allocates public key algorithm context using
+the algorithm specified in B<pkey> and ENGINE B<e>.
+
+The EVP_PKEY_CTX_new_id() function allocates public key algorithm context
+using the algorithm specified by B<id> and ENGINE B<e>. It is normally used
+when no B<EVP_PKEY> structure is associated with the operations, for example
+during parameter generation of key genration for some algorithms.
+
+EVP_PKEY_CTX_dup() duplicates the context B<ctx>.
+
+EVP_PKEY_CTX_free() frees up the context B<ctx>.
+
+=head1 NOTES
+
+The B<EVP_PKEY_CTX> structure is an opaque public key algorithm context used
+by the OpenSSL high level public key API. Contexts B<MUST NOT> be shared between
+threads: that is it is not permissible to use the same context simultaneously
+in two threads.
+
+=head1 RETURN VALUES
+
+EVP_PKEY_CTX_new(), EVP_PKEY_CTX_new_id(), EVP_PKEY_CTX_dup() returns either
+the newly allocated B<EVP_PKEY_CTX> structure of B<NULL> if an error occurred.
+
+EVP_PKEY_CTX_free() does not return a value.
+
+=head1 SEE ALSO
+
+L<EVP_PKEY_new(3)|EVP_PKEY_new(3)>
+
+=head1 HISTORY
+
+These functions were first added to OpenSSL 1.0.0.
+
+=cut
diff --git a/doc/crypto/EVP_PKEY_cmp.pod b/doc/crypto/EVP_PKEY_cmp.pod
new file mode 100644
index 0000000000..4f8185e36c
--- /dev/null
+++ b/doc/crypto/EVP_PKEY_cmp.pod
@@ -0,0 +1,61 @@
+=pod
+
+=head1 NAME
+
+EVP_PKEY_copy_parameters, EVP_PKEY_missing_parameters, EVP_PKEY_cmp_parameters, EVP_PKEY_cmp - public key parameter and comparison functions
+
+=head1 SYNOPSIS
+
+ #include <openssl/evp.h>
+
+ int EVP_PKEY_missing_parameters(const EVP_PKEY *pkey);
+ int EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from);
+
+ int EVP_PKEY_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b);
+ int EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b);
+
+=head1 DESCRIPTION
+
+The function EVP_PKEY_missing_parameters() returns 1 if the public key
+parameters of B<pkey> are missing and 0 if they are present or the algorithm
+doesn't use parameters.
+
+The function EVP_PKEY_copy_parameters() copies the parameters from key
+B<from> to key B<to>.
+
+The funcion EVP_PKEY_cmp_parameters() compares the parameters of keys
+B<a> and B<b>.
+
+The funcion EVP_PKEY_cmp() compares the public key components and paramters
+(if present) of keys B<a> and B<b>.
+
+=head1 NOTES
+
+The main purpose of the functions EVP_PKEY_missing_parameters() and
+EVP_PKEY_copy_parameters() is to handle public keys in certificates where the
+parameters are sometimes omitted from a public key if they are inherited from
+the CA that signed it.
+
+Since OpenSSL private keys contain public key components too the function
+EVP_PKEY_cmp() can also be used to determine if a private key matches
+a public key.
+
+=head1 RETURN VALUES
+
+The function EVP_PKEY_missing_parameters() returns 1 if the public key
+parameters of B<pkey> are missing and 0 if they are present or the algorithm
+doesn't use parameters.
+
+These functions EVP_PKEY_copy_parameters() returns 1 for success and 0 for
+failure.
+
+The function EVP_PKEY_cmp_parameters() and EVP_PKEY_cmp() return 1 if the
+keys match, 0 if they don't match, -1 if the key types are different and
+-2 if the operation is not supported.
+
+=head1 SEE ALSO
+
+L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
+L<EVP_PKEY_keygen(3)|EVP_PKEY_keygen(3)> 
+
+=cut
diff --git a/doc/crypto/EVP_PKEY_decrypt.pod b/doc/crypto/EVP_PKEY_decrypt.pod
new file mode 100644
index 0000000000..42b2a8c44e
--- /dev/null
+++ b/doc/crypto/EVP_PKEY_decrypt.pod
@@ -0,0 +1,93 @@
+=pod
+
+=head1 NAME
+
+EVP_PKEY_decrypt_init, EVP_PKEY_decrypt - decrypt using a public key algorithm
+
+=head1 SYNOPSIS
+
+ #include <openssl/evp.h>
+
+ int EVP_PKEY_decrypt_init(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_decrypt(EVP_PKEY_CTX *ctx,
+			unsigned char *out, size_t *outlen,
+			const unsigned char *in, size_t inlen);
+
+=head1 DESCRIPTION
+
+The EVP_PKEY_decrypt_init() function initializes a public key algorithm
+context using key B<pkey> for a decryption operation.
+
+The EVP_PKEY_decrypt() function performs a public key decryption operation
+using B<ctx>. The data to be decrypted is specified using the B<in> and
+B<inlen> parameters. If B<out> is B<NULL> then the maximum size of the output
+buffer is written to the B<outlen> parameter. If B<out> is not B<NULL> then
+before the call the B<outlen> parameter should contain the length of the
+B<out> buffer, if the call is successful the decrypted data is written to
+B<out> and the amount of data written to B<outlen>.
+
+=head1 NOTES
+
+After the call to EVP_PKEY_decrypt_init() algorithm specific control
+operations can be performed to set any appropriate parameters for the
+operation.
+
+The function EVP_PKEY_decrypt() can be called more than once on the same
+context if several operations are performed using the same parameters.
+
+=head1 RETURN VALUES
+
+EVP_PKEY_decrypt_init() and EVP_PKEY_decrypt() return 1 for success and 0
+or a negative value for failure. In particular a return value of -2
+indicates the operation is not supported by the public key algorithm.
+
+=head1 EXAMPLE
+
+Decrypt data using OAEP (for RSA keys):
+
+ #include <openssl/evp.h>
+ #include <openssl/rsa.h>
+
+ EVP_PKEY_CTX *ctx;
+ unsigned char *out, *in;
+ size_t outlen, inlen; 
+ EVP_PKEY *key;
+ /* NB: assumes key in, inlen are already set up
+  * and that key is an RSA private key
+  */
+ ctx = EVP_PKEY_CTX_new(key);
+ if (!ctx)
+	/* Error occurred */
+ if (EVP_PKEY_decrypt_init(ctx) <= 0)
+	/* Error */
+ if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_OAEP_PADDING) <= 0)
+	/* Error */
+
+ /* Determine buffer length */
+ if (EVP_PKEY_decrypt(ctx, NULL, &outlen, in, inlen) <= 0)
+	/* Error */
+
+ out = OPENSSL_malloc(outlen);
+
+ if (!out)
+	/* malloc failure */
+ 
+ if (EVP_PKEY_decrypt(ctx, out, &outlen, in, inlen) <= 0)
+	/* Error */
+
+ /* Decrypted data is outlen bytes written to buffer out */
+
+=head1 SEE ALSO
+
+L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
+L<EVP_PKEY_encrypt(3)|EVP_PKEY_encrypt(3)>,
+L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,
+L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>,
+L<EVP_PKEY_verifyrecover(3)|EVP_PKEY_verifyrecover(3)>,
+L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)> 
+
+=head1 HISTORY
+
+These functions were first added to OpenSSL 1.0.0.
+
+=cut
diff --git a/doc/crypto/EVP_PKEY_derive.pod b/doc/crypto/EVP_PKEY_derive.pod
new file mode 100644
index 0000000000..d9d6d76c72
--- /dev/null
+++ b/doc/crypto/EVP_PKEY_derive.pod
@@ -0,0 +1,93 @@
+=pod
+
+=head1 NAME
+
+EVP_PKEY_derive_init, EVP_PKEY_derive_set_peer, EVP_PKEY_derive - derive public key algorithm shared secret.
+
+=head1 SYNOPSIS
+
+ #include <openssl/evp.h>
+
+ int EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer);
+ int EVP_PKEY_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);
+
+=head1 DESCRIPTION
+
+The EVP_PKEY_derive_init() function initializes a public key algorithm
+context using key B<pkey> for shared secret derivation.
+
+The EVP_PKEY_derive_set_peer() function sets the peer key: this will normally
+be a public key.
+
+The EVP_PKEY_derive() derives a shared secret using B<ctx>.
+If B<key> is B<NULL> then the maximum size of the output buffer is written to
+the B<keylen> parameter. If B<key> is not B<NULL> then before the call the
+B<keylen> parameter should contain the length of the B<key> buffer, if the call
+is successful the shared secret is written to B<key> and the amount of data
+written to B<keylen>.
+
+=head1 NOTES
+
+After the call to EVP_PKEY_derive_init() algorithm specific control
+operations can be performed to set any appropriate parameters for the
+operation.
+
+The function EVP_PKEY_derive() can be called more than once on the same
+context if several operations are performed using the same parameters.
+
+=head1 RETURN VALUES
+
+EVP_PKEY_derive_init() and EVP_PKEY_derive() return 1 for success and 0
+or a negative value for failure. In particular a return value of -2
+indicates the operation is not supported by the public key algorithm.
+
+=head1 EXAMPLE
+
+Derive shared secret (for example DH or EC keys):
+
+ #include <openssl/evp.h>
+ #include <openssl/rsa.h>
+
+ EVP_PKEY_CTX *ctx;
+ unsigned char *skey;
+ size_t skeylen;
+ EVP_PKEY *pkey, *peerkey;
+ /* NB: assumes pkey, peerkey have been already set up */
+
+ ctx = EVP_PKEY_CTX_new(pkey);
+ if (!ctx)
+	/* Error occurred */
+ if (EVP_PKEY_derive_init(ctx) <= 0)
+	/* Error */
+ if (EVP_PKEY_derive_set_peer(ctx, peerkey) <= 0)
+	/* Error */
+
+ /* Determine buffer length */
+ if (EVP_PKEY_derive(ctx, NULL, &skeylen) <= 0)
+	/* Error */
+
+ skey = OPENSSL_malloc(skeylen);
+
+ if (!skey)
+	/* malloc failure */
+ 
+ if (EVP_PKEY_derive(ctx, skey, &skeylen) <= 0)
+	/* Error */
+
+ /* Shared secret is skey bytes written to buffer skey */
+
+=head1 SEE ALSO
+
+L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
+L<EVP_PKEY_encrypt(3)|EVP_PKEY_encrypt(3)>,
+L<EVP_PKEY_decrypt(3)|EVP_PKEY_decrypt(3)>,
+L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,
+L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>,
+L<EVP_PKEY_verifyrecover(3)|EVP_PKEY_verifyrecover(3)>,
+
+=head1 HISTORY
+
+These functions were first added to OpenSSL 1.0.0.
+
+=cut
diff --git a/doc/crypto/EVP_PKEY_encrypt.pod b/doc/crypto/EVP_PKEY_encrypt.pod
new file mode 100644
index 0000000000..91c9c5d0a5
--- /dev/null
+++ b/doc/crypto/EVP_PKEY_encrypt.pod
@@ -0,0 +1,93 @@
+=pod
+
+=head1 NAME
+
+EVP_PKEY_encrypt_init, EVP_PKEY_encrypt - encrypt using a public key algorithm
+
+=head1 SYNOPSIS
+
+ #include <openssl/evp.h>
+
+ int EVP_PKEY_encrypt_init(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx,
+			unsigned char *out, size_t *outlen,
+			const unsigned char *in, size_t inlen);
+
+=head1 DESCRIPTION
+
+The EVP_PKEY_encrypt_init() function initializes a public key algorithm
+context using key B<pkey> for an encryption operation.
+
+The EVP_PKEY_encrypt() function performs a public key encryption operation
+using B<ctx>. The data to be encrypted is specified using the B<in> and
+B<inlen> parameters. If B<out> is B<NULL> then the maximum size of the output
+buffer is written to the B<outlen> parameter. If B<out> is not B<NULL> then
+before the call the B<outlen> parameter should contain the length of the
+B<out> buffer, if the call is successful the encrypted data is written to
+B<out> and the amount of data written to B<outlen>.
+
+=head1 NOTES
+
+After the call to EVP_PKEY_encrypt_init() algorithm specific control
+operations can be performed to set any appropriate parameters for the
+operation.
+
+The function EVP_PKEY_encrypt() can be called more than once on the same
+context if several operations are performed using the same parameters.
+
+=head1 RETURN VALUES
+
+EVP_PKEY_encrypt_init() and EVP_PKEY_encrypt() return 1 for success and 0
+or a negative value for failure. In particular a return value of -2
+indicates the operation is not supported by the public key algorithm.
+
+=head1 EXAMPLE
+
+Encrypt data using OAEP (for RSA keys):
+
+ #include <openssl/evp.h>
+ #include <openssl/rsa.h>
+
+ EVP_PKEY_CTX *ctx;
+ unsigned char *out, *in;
+ size_t outlen, inlen; 
+ EVP_PKEY *key;
+ /* NB: assumes key in, inlen are already set up
+  * and that key is an RSA public key
+  */
+ ctx = EVP_PKEY_CTX_new(key);
+ if (!ctx)
+	/* Error occurred */
+ if (EVP_PKEY_encrypt_init(ctx) <= 0)
+	/* Error */
+ if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_OAEP_PADDING) <= 0)
+	/* Error */
+
+ /* Determine buffer length */
+ if (EVP_PKEY_encrypt(ctx, NULL, &outlen, in, inlen) <= 0)
+	/* Error */
+
+ out = OPENSSL_malloc(outlen);
+
+ if (!out)
+	/* malloc failure */
+ 
+ if (EVP_PKEY_encrypt(ctx, out, &outlen, in, inlen) <= 0)
+	/* Error */
+
+ /* Encrypted data is outlen bytes written to buffer out */
+
+=head1 SEE ALSO
+
+L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
+L<EVP_PKEY_decrypt(3)|EVP_PKEY_decrypt(3)>,
+L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,
+L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>,
+L<EVP_PKEY_verifyrecover(3)|EVP_PKEY_verifyrecover(3)>,
+L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)> 
+
+=head1 HISTORY
+
+These functions were first added to OpenSSL 1.0.0.
+
+=cut
diff --git a/doc/crypto/EVP_PKEY_get_default_digest.pod b/doc/crypto/EVP_PKEY_get_default_digest.pod
new file mode 100644
index 0000000000..1a9c7954c5
--- /dev/null
+++ b/doc/crypto/EVP_PKEY_get_default_digest.pod
@@ -0,0 +1,41 @@
+=pod
+
+=head1 NAME
+
+EVP_PKEY_get_default_digest_nid - get default signature digest
+
+=head1 SYNOPSIS
+
+ #include <openssl/evp.h>
+ int EVP_PKEY_get_default_digest_nid(EVP_PKEY *pkey, int *pnid);
+
+=head1 DESCRIPTION
+
+The EVP_PKEY_get_default_digest_nid() function sets B<pnid> to the default
+message digest NID for the public key signature operations associated with key
+B<pkey>.
+
+=head1 NOTES
+
+For all current standard OpenSSL public key algorithms SHA1 is returned.
+
+=head1 RETURN VALUES
+
+The EVP_PKEY_get_default_digest_nid() function returns 1 if the message digest
+is advisory (that is other digests can be used) and 2 if it is mandatory (other
+digests can not be used).  It returns 0 or a negative value for failure. In
+particular a return value of -2 indicates the operation is not supported by the
+public key algorithm.
+
+=head1 SEE ALSO
+
+L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
+L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,
+L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>,
+L<EVP_PKEY_verifyrecover(3)|EVP_PKEY_verifyrecover(3)>,
+
+=head1 HISTORY
+
+This function was first added to OpenSSL 1.0.0.
+
+=cut
diff --git a/doc/crypto/EVP_PKEY_keygen.pod b/doc/crypto/EVP_PKEY_keygen.pod
new file mode 100644
index 0000000000..37c6fe9503
--- /dev/null
+++ b/doc/crypto/EVP_PKEY_keygen.pod
@@ -0,0 +1,161 @@
+=pod
+
+=head1 NAME
+
+EVP_PKEY_keygen_init, EVP_PKEY_keygen, EVP_PKEY_paramgen_init, EVP_PKEY_paramgen, EVP_PKEY_CTX_set_cb, EVP_PKEY_CTX_get_cb, EVP_PKEY_CTX_get_keygen_info, EVP_PKEVP_PKEY_CTX_set_app_data, EVP_PKEY_CTX_get_app_data - key and parameter generation functions
+
+=head1 SYNOPSIS
+
+ #include <openssl/evp.h>
+
+ int EVP_PKEY_keygen_init(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey);
+ int EVP_PKEY_paramgen_init(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey);
+
+ typedef int EVP_PKEY_gen_cb(EVP_PKEY_CTX *ctx);
+
+ void EVP_PKEY_CTX_set_cb(EVP_PKEY_CTX *ctx, EVP_PKEY_gen_cb *cb);
+ EVP_PKEY_gen_cb *EVP_PKEY_CTX_get_cb(EVP_PKEY_CTX *ctx);
+
+ int EVP_PKEY_CTX_get_keygen_info(EVP_PKEY_CTX *ctx, int idx);
+
+ void EVP_PKEY_CTX_set_app_data(EVP_PKEY_CTX *ctx, void *data);
+ void *EVP_PKEY_CTX_get_app_data(EVP_PKEY_CTX *ctx);
+
+=head1 DESCRIPTION
+
+The EVP_PKEY_keygen_init() function initializes a public key algorithm
+context using key B<pkey> for a key genration operation.
+
+The EVP_PKEY_keygen() function performs a key generation operation, the 
+generated key is written to B<ppkey>.
+
+The functions EVP_PKEY_paramgen_init() and EVP_PKEY_paramgen() are similar
+except parameters are generated.
+
+The function EVP_PKEY_set_cb() sets the key or parameter generation callback
+to B<cb>. The function EVP_PKEY_CTX_get_cb() returns the key or parameter
+generation callback.
+
+The function EVP_PKEY_CTX_get_keygen_info() returns parameters associated
+with the generation operation. If B<idx> is -1 the total number of
+parameters available is returned. Any non negative value returns the value of
+that parameter. EVP_PKEY_CTX_gen_keygen_info() with a non-negative value for
+B<idx> should only be called within the generation callback.
+
+If the callback returns 0 then the key genration operation is aborted and an
+error occurs. This might occur during a time consuming operation where
+a user clicks on a "cancel" button.
+
+The functions EVP_PKEY_CTX_set_app_data() and EVP_PKEY_CTX_get_app_data() set
+and retrieve an opaque pointer. This can be used to set some application
+defined value which can be retrieved in the callback: for example a handle
+which is used to update a "progress dialog".
+
+=head1 NOTES
+
+After the call to EVP_PKEY_keygen_init() or EVP_PKEY_paramgen_init() algorithm
+specific control operations can be performed to set any appropriate parameters
+for the operation.
+
+The functions EVP_PKEY_keygen() and EVP_PKEY_paramgen() can be called more than
+once on the same context if several operations are performed using the same
+parameters.
+
+The meaning of the parameters passed to the callback will depend on the
+algorithm and the specifiic implementation of the algorithm. Some might not
+give any useful information at all during key or parameter generation. Others
+might not even call the callback.
+
+The operation performed by key or parameter generation depends on the algorithm
+used. In some cases (e.g. EC with a supplied named curve) the "generation"
+option merely sets the appropriate fields in an EVP_PKEY structure.
+
+In OpenSSL an EVP_PKEY structure containing a private key also contains the
+public key components and parameters (if any). An OpenSSL private key is
+equivalent to what some libraries call a "key pair". A private key can be used
+in functions which require the use of a public key or parameters.
+
+=head1 RETURN VALUES
+
+EVP_PKEY_keygen_init(), EVP_PKEY_paramgen_init(), EVP_PKEY_keygen() and
+EVP_PKEY_paramgen() return 1 for success and 0 or a negative value for failure.
+In particular a return value of -2 indicates the operation is not supported by
+the public key algorithm.
+
+=head1 EXAMPLES
+
+Generate a 2048 bit RSA key:
+
+ #include <openssl/evp.h>
+ #include <openssl/rsa.h>
+
+ EVP_PKEY_CTX *ctx;
+ EVP_PKEY *pkey = NULL;
+ ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL);
+ if (!ctx)
+	/* Error occurred */
+ if (EVP_PKEY_keygen_init(ctx) <= 0)
+	/* Error */
+ if (EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, 2048) <= 0)
+	/* Error */
+
+ /* Generate key */
+ if (EVP_PKEY_keygen(ctx, &pkey) <= 0)
+	/* Error */
+
+Generate a key from a set of parameters:
+
+ #include <openssl/evp.h>
+ #include <openssl/rsa.h>
+
+ EVP_PKEY_CTX *ctx;
+ EVP_PKEY *pkey = NULL, *param;
+ /* Assumed param is set up already */
+ ctx = EVP_PKEY_CTX_new(param);
+ if (!ctx)
+	/* Error occurred */
+ if (EVP_PKEY_keygen_init(ctx) <= 0)
+	/* Error */
+
+ /* Generate key */
+ if (EVP_PKEY_keygen(ctx, &pkey) <= 0)
+	/* Error */
+
+Example of generation callback for OpenSSL public key implementations:
+
+ /* Application data is a BIO to output status to */
+
+ EVP_PKEY_CTX_set_app_data(ctx, status_bio);
+
+ static int genpkey_cb(EVP_PKEY_CTX *ctx)
+	{
+	char c='*';
+	BIO *b = EVP_PKEY_CTX_get_app_data(ctx);
+	int p;
+	p = EVP_PKEY_CTX_get_keygen_info(ctx, 0);
+	if (p == 0) c='.';
+	if (p == 1) c='+';
+	if (p == 2) c='*';
+	if (p == 3) c='\n';
+	BIO_write(b,&c,1);
+	(void)BIO_flush(b);
+	return 1;
+	}
+
+=head1 SEE ALSO
+
+L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
+L<EVP_PKEY_encrypt(3)|EVP_PKEY_encrypt(3)>,
+L<EVP_PKEY_decrypt(3)|EVP_PKEY_decrypt(3)>,
+L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,
+L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>,
+L<EVP_PKEY_verifyrecover(3)|EVP_PKEY_verifyrecover(3)>,
+L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)> 
+
+=head1 HISTORY
+
+These functions were first added to OpenSSL 1.0.0.
+
+=cut
diff --git a/doc/crypto/EVP_PKEY_print_private.pod b/doc/crypto/EVP_PKEY_print_private.pod
new file mode 100644
index 0000000000..ce9d70d7a7
--- /dev/null
+++ b/doc/crypto/EVP_PKEY_print_private.pod
@@ -0,0 +1,53 @@
+=pod
+
+=head1 NAME
+
+EVP_PKEY_print_public, EVP_PKEY_print_private, EVP_PKEY_print_params - public key algorithm printing routines.
+
+=head1 SYNOPSIS
+
+ #include <openssl/evp.h>
+
+ int EVP_PKEY_print_public(BIO *out, const EVP_PKEY *pkey,
+				int indent, ASN1_PCTX *pctx);
+ int EVP_PKEY_print_private(BIO *out, const EVP_PKEY *pkey,
+				int indent, ASN1_PCTX *pctx);
+ int EVP_PKEY_print_params(BIO *out, const EVP_PKEY *pkey,
+				int indent, ASN1_PCTX *pctx);
+
+=head1 DESCRIPTION
+
+The functions EVP_PKEY_print_public(), EVP_PKEY_print_private() and
+EVP_PKEY_print_params() print out the public, private or parameter components
+of key B<pkey> respectively. The key is sent to BIO B<out> in human readable
+form. The parameter B<indent> indicated how far the printout should be indented.
+
+The B<pctx> parameter allows the print output to be finely tuned by using
+ASN1 printing options. If B<pctx> is set to NULL then default values will
+be used.
+
+=head1 NOTES
+
+Currently no public key algorithms include any options in the B<pctx> parameter 
+parameter.
+
+If the key does not include all the components indicated by the function then
+only those contained in the key will be printed. For example passing a public
+key to EVP_PKEY_print_private() will only print the public components.
+
+=head1 RETURN VALUES
+
+These functions all return 1 for success and 0 or a negative value for failure.
+In particular a return value of -2 indicates the operation is not supported by
+the public key algorithm.
+
+=head1 SEE ALSO
+
+L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
+L<EVP_PKEY_keygen(3)|EVP_PKEY_keygen(3)> 
+
+=head1 HISTORY
+
+These functions were first added to OpenSSL 1.0.0.
+
+=cut
diff --git a/doc/crypto/EVP_PKEY_sign.pod b/doc/crypto/EVP_PKEY_sign.pod
new file mode 100644
index 0000000000..2fb52c3486
--- /dev/null
+++ b/doc/crypto/EVP_PKEY_sign.pod
@@ -0,0 +1,96 @@
+=pod
+
+=head1 NAME
+
+EVP_PKEY_sign_init, EVP_PKEY_sign - sign using a public key algorithm
+
+=head1 SYNOPSIS
+
+ #include <openssl/evp.h>
+
+ int EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_sign(EVP_PKEY_CTX *ctx,
+			unsigned char *sig, size_t *siglen,
+			const unsigned char *tbs, size_t tbslen);
+
+=head1 DESCRIPTION
+
+The EVP_PKEY_sign_init() function initializes a public key algorithm
+context using key B<pkey> for a signing operation.
+
+The EVP_PKEY_sign() function performs a public key signing operation
+using B<ctx>. The data to be signed is specified using the B<tbs> and
+B<tbslen> parameters. If B<sig> is B<NULL> then the maximum size of the output
+buffer is written to the B<siglen> parameter. If B<sig> is not B<NULL> then
+before the call the B<siglen> parameter should contain the length of the
+B<sig> buffer, if the call is successful the signature is written to
+B<sig> and the amount of data written to B<siglen>.
+
+=head1 NOTES
+
+After the call to EVP_PKEY_sign_init() algorithm specific control
+operations can be performed to set any appropriate parameters for the
+operation.
+
+The function EVP_PKEY_sign() can be called more than once on the same
+context if several operations are performed using the same parameters.
+
+=head1 RETURN VALUES
+
+EVP_PKEY_sign_init() and EVP_PKEY_sign() return 1 for success and 0
+or a negative value for failure. In particular a return value of -2
+indicates the operation is not supported by the public key algorithm.
+
+=head1 EXAMPLE
+
+Sign data using RSA with PKCS#1 padding and SHA256 digest:
+
+ #include <openssl/evp.h>
+ #include <openssl/rsa.h>
+
+ EVP_PKEY_CTX *ctx;
+ unsigned char *md, *sig;
+ size_t mdlen, siglen; 
+ EVP_PKEY *signing_key;
+ /* NB: assumes signing_key, md and mdlen are already set up
+  * and that signing_key is an RSA private key
+  */
+ ctx = EVP_PKEY_CTX_new(signing_key);
+ if (!ctx)
+	/* Error occurred */
+ if (EVP_PKEY_sign_init(ctx) <= 0)
+	/* Error */
+ if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING) <= 0)
+	/* Error */
+ if (EVP_PKEY_CTX_set_signature_md(ctx, EVP_sha256()) <= 0)
+	/* Error */
+
+ /* Determine buffer length */
+ if (EVP_PKEY_sign(ctx, NULL, &siglen, md, mdlen) <= 0)
+	/* Error */
+
+ sig = OPENSSL_malloc(siglen);
+
+ if (!sig)
+	/* malloc failure */
+ 
+ if (EVP_PKEY_sign(ctx, sig, &siglen, md, mdlen) <= 0)
+	/* Error */
+
+ /* Signature is siglen bytes written to buffer sig */
+
+
+=head1 SEE ALSO
+
+L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
+L<EVP_PKEY_encrypt(3)|EVP_PKEY_encrypt(3)>,
+L<EVP_PKEY_decrypt(3)|EVP_PKEY_decrypt(3)>,
+L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>,
+L<EVP_PKEY_verifyrecover(3)|EVP_PKEY_verifyrecover(3)>,
+L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)> 
+
+=head1 HISTORY
+
+These functions were first added to OpenSSL 1.0.0.
+
+=cut
diff --git a/doc/crypto/EVP_PKEY_verify.pod b/doc/crypto/EVP_PKEY_verify.pod
new file mode 100644
index 0000000000..10633da3f2
--- /dev/null
+++ b/doc/crypto/EVP_PKEY_verify.pod
@@ -0,0 +1,91 @@
+=pod
+
+=head1 NAME
+
+EVP_PKEY_verify_init, EVP_PKEY_verify - signature verification using a public key algorithm
+
+=head1 SYNOPSIS
+
+ #include <openssl/evp.h>
+
+ int EVP_PKEY_verify_init(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_verify(EVP_PKEY_CTX *ctx,
+			const unsigned char *sig, size_t siglen,
+			const unsigned char *tbs, size_t tbslen);
+
+=head1 DESCRIPTION
+
+The EVP_PKEY_verify_init() function initializes a public key algorithm
+context using key B<pkey> for a signature verification operation.
+
+The EVP_PKEY_verify() function performs a public key verification operation
+using B<ctx>. The signature is specified using the B<sig> and
+B<siglen> parameters. The verified data (i.e. the data believed originally
+signed) is specified using the B<tbs> and B<tbslen> parameters.
+
+=head1 NOTES
+
+After the call to EVP_PKEY_verify_init() algorithm specific control
+operations can be performed to set any appropriate parameters for the
+operation.
+
+The function EVP_PKEY_verify() can be called more than once on the same
+context if several operations are performed using the same parameters.
+
+=head1 RETURN VALUES
+
+EVP_PKEY_verify_init() and EVP_PKEY_verify() return 1 if the verification was
+successful and 0 if it failed. Unlike other functions the return value 0 from
+EVP_PKEY_verify() only indicates that the signature did not not verify
+successfully (that is tbs did not match the original data or the signature was
+of invalid form) it is not an indication of a more serious error.
+
+A negative value indicates an error other that signature verification failure.
+In particular a return value of -2 indicates the operation is not supported by
+the public key algorithm.
+
+=head1 EXAMPLE
+
+Verify signature using PKCS#1 and SHA256 digest:
+
+ #include <openssl/evp.h>
+ #include <openssl/rsa.h>
+
+ EVP_PKEY_CTX *ctx;
+ unsigned char *md, *sig;
+ size_t mdlen, siglen; 
+ EVP_PKEY *verify_key;
+ /* NB: assumes verify_key, sig, siglen md and mdlen are already set up
+  * and that verify_key is an RSA public key
+  */
+ ctx = EVP_PKEY_CTX_new(verify_key);
+ if (!ctx)
+	/* Error occurred */
+ if (EVP_PKEY_verify_init(ctx) <= 0)
+	/* Error */
+ if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING) <= 0)
+	/* Error */
+ if (EVP_PKEY_CTX_set_signature_md(ctx, EVP_sha256()) <= 0)
+	/* Error */
+
+ /* Perform operation */
+ ret = EVP_PKEY_verify(ctx, md, mdlen, sig, siglen);
+
+ /* ret == 1 indicates success, 0 verify failure and < 0 for some
+  * other error.
+  */
+
+=head1 SEE ALSO
+
+L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
+L<EVP_PKEY_encrypt(3)|EVP_PKEY_encrypt(3)>,
+L<EVP_PKEY_decrypt(3)|EVP_PKEY_decrypt(3)>,
+L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,
+L<EVP_PKEY_verifyrecover(3)|EVP_PKEY_verifyrecover(3)>,
+L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)> 
+
+=head1 HISTORY
+
+These functions were first added to OpenSSL 1.0.0.
+
+=cut
diff --git a/doc/crypto/EVP_PKEY_verifyrecover.pod b/doc/crypto/EVP_PKEY_verifyrecover.pod
new file mode 100644
index 0000000000..e2a2a8c6f8
--- /dev/null
+++ b/doc/crypto/EVP_PKEY_verifyrecover.pod
@@ -0,0 +1,103 @@
+=pod
+
+=head1 NAME
+
+EVP_PKEY_verifyrecover_init, EVP_PKEY_verifyrecover - recover signature using a public key algorithm
+
+=head1 SYNOPSIS
+
+ #include <openssl/evp.h>
+
+ int EVP_PKEY_verifyrecover_init(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_verifyrecover(EVP_PKEY_CTX *ctx,
+			unsigned char *rout, size_t *routlen,
+			const unsigned char *sig, size_t siglen);
+
+=head1 DESCRIPTION
+
+The EVP_PKEY_verifyrecover_init() function initializes a public key algorithm
+context using key B<pkey> for a verify recover operation.
+
+The EVP_PKEY_verifyrecover() function recovers signed data
+using B<ctx>. The signature is specified using the B<sig> and
+B<siglen> parameters. If B<rout> is B<NULL> then the maximum size of the output
+buffer is written to the B<routlen> parameter. If B<rout> is not B<NULL> then
+before the call the B<routlen> parameter should contain the length of the
+B<rout> buffer, if the call is successful recovered data is written to
+B<rout> and the amount of data written to B<routlen>.
+
+=head1 NOTES
+
+Normally an application is only interested in whether a signature verification
+operation is successful in those cases the EVP_verify() function should be 
+used.
+
+Sometimes however it is useful to obtain the data originally signed using a
+signing operation. Only certain public key algorithms can recover a signature
+in this way (for example RSA in PKCS padding mode).
+
+After the call to EVP_PKEY_verifyrecover_init() algorithm specific control
+operations can be performed to set any appropriate parameters for the
+operation.
+
+The function EVP_PKEY_verifyrecover() can be called more than once on the same
+context if several operations are performed using the same parameters.
+
+=head1 RETURN VALUES
+
+EVP_PKEY_verifyrecover_init() and EVP_PKEY_verifyrecover() return 1 for success
+and 0 or a negative value for failure. In particular a return value of -2
+indicates the operation is not supported by the public key algorithm.
+
+=head1 EXAMPLE
+
+Recover digest originally signed using PKCS#1 and SHA256 digest:
+
+ #include <openssl/evp.h>
+ #include <openssl/rsa.h>
+
+ EVP_PKEY_CTX *ctx;
+ unsigned char *rout, *sig;
+ size_t routlen, siglen; 
+ EVP_PKEY *verify_key;
+ /* NB: assumes verify_key, sig and siglen are already set up
+  * and that verify_key is an RSA public key
+  */
+ ctx = EVP_PKEY_CTX_new(verify_key);
+ if (!ctx)
+	/* Error occurred */
+ if (EVP_PKEY_verifyrecover_init(ctx) <= 0)
+	/* Error */
+ if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING) <= 0)
+	/* Error */
+ if (EVP_PKEY_CTX_set_signature_md(ctx, EVP_sha256()) <= 0)
+	/* Error */
+
+ /* Determine buffer length */
+ if (EVP_PKEY_verifyrecover(ctx, rout, &routlen, sig, siglen) <= 0)
+	/* Error */
+
+ rout = OPENSSL_malloc(routlen);
+
+ if (!rout)
+	/* malloc failure */
+ 
+ if (EVP_PKEY_verifyrecover(ctx, rout, &routlen, sig, siglen) <= 0)
+	/* Error */
+
+ /* Recovered data is routlen bytes written to buffer rout */
+
+=head1 SEE ALSO
+
+L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
+L<EVP_PKEY_encrypt(3)|EVP_PKEY_encrypt(3)>,
+L<EVP_PKEY_decrypt(3)|EVP_PKEY_decrypt(3)>,
+L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,
+L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>,
+L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)> 
+
+=head1 HISTORY
+
+These functions were first added to OpenSSL 1.0.0.
+
+=cut
diff --git a/doc/crypto/EVP_SealInit.pod b/doc/crypto/EVP_SealInit.pod
index b5e477e294..7d793e19ef 100644
--- a/doc/crypto/EVP_SealInit.pod
+++ b/doc/crypto/EVP_SealInit.pod
@@ -8,8 +8,9 @@ EVP_SealInit, EVP_SealUpdate, EVP_SealFinal - EVP envelope encryption
 
  #include <openssl/evp.h>
 
- int EVP_SealInit(EVP_CIPHER_CTX *ctx, EVP_CIPHER *type, unsigned char **ek,
-		int *ekl, unsigned char *iv,EVP_PKEY **pubk, int npubk);
+ int EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                  unsigned char **ek, int *ekl, unsigned char *iv,
+                  EVP_PKEY **pubk, int npubk);
  int EVP_SealUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
          int *outl, unsigned char *in, int inl);
  int EVP_SealFinal(EVP_CIPHER_CTX *ctx, unsigned char *out,
diff --git a/doc/crypto/EVP_SignInit.pod b/doc/crypto/EVP_SignInit.pod
index b203c3a1c5..620a623ab6 100644
--- a/doc/crypto/EVP_SignInit.pod
+++ b/doc/crypto/EVP_SignInit.pod
@@ -29,11 +29,10 @@ EVP_SignUpdate() hashes B<cnt> bytes of data at B<d> into the
 signature context B<ctx>. This function can be called several times on the
 same B<ctx> to include additional data.
 
-EVP_SignFinal() signs the data in B<ctx> using the private key B<pkey>
-and places the signature in B<sig>. If the B<s> parameter is not NULL
-then the number of bytes of data written (i.e. the length of the signature)
-will be written to the integer at B<s>, at most EVP_PKEY_size(pkey) bytes
-will be written. 
+EVP_SignFinal() signs the data in B<ctx> using the private key B<pkey> and
+places the signature in B<sig>. The number of bytes of data written (i.e. the
+length of the signature) will be written to the integer at B<s>, at most
+EVP_PKEY_size(pkey) bytes will be written. 
 
 EVP_SignInit() initializes a signing context B<ctx> to use the default
 implementation of digest B<type>.
@@ -78,6 +77,15 @@ will occur.
 Older versions of this documentation wrongly stated that calls to 
 EVP_SignUpdate() could not be made after calling EVP_SignFinal().
 
+Since the private key is passed in the call to EVP_SignFinal() any error
+relating to the private key (for example an unsuitable key and digest
+combination) will not be indicated until after potentially large amounts of
+data have been passed through EVP_SignUpdate().
+
+It is not possible to change the signing parameters using these function.
+
+The previous two bugs are fixed in the newer EVP_SignDigest*() function.
+
 =head1 SEE ALSO
 
 L<EVP_VerifyInit(3)|EVP_VerifyInit(3)>,
diff --git a/doc/crypto/EVP_VerifyInit.pod b/doc/crypto/EVP_VerifyInit.pod
index b6afaedee5..9097f09410 100644
--- a/doc/crypto/EVP_VerifyInit.pod
+++ b/doc/crypto/EVP_VerifyInit.pod
@@ -67,6 +67,15 @@ will occur.
 Older versions of this documentation wrongly stated that calls to 
 EVP_VerifyUpdate() could not be made after calling EVP_VerifyFinal().
 
+Since the public key is passed in the call to EVP_SignFinal() any error
+relating to the private key (for example an unsuitable key and digest
+combination) will not be indicated until after potentially large amounts of
+data have been passed through EVP_SignUpdate().
+
+It is not possible to change the signing parameters using these function.
+
+The previous two bugs are fixed in the newer EVP_VerifyDigest*() function.
+
 =head1 SEE ALSO
 
 L<evp(3)|evp(3)>,
diff --git a/doc/crypto/OBJ_nid2obj.pod b/doc/crypto/OBJ_nid2obj.pod
index 7dcc07923f..1e45dd40f6 100644
--- a/doc/crypto/OBJ_nid2obj.pod
+++ b/doc/crypto/OBJ_nid2obj.pod
@@ -8,6 +8,8 @@ functions
 
 =head1 SYNOPSIS
 
+ #include <openssl/objects.h>
+
  ASN1_OBJECT * OBJ_nid2obj(int n);
  const char *  OBJ_nid2ln(int n);
  const char *  OBJ_nid2sn(int n);
diff --git a/doc/crypto/OPENSSL_Applink.pod b/doc/crypto/OPENSSL_Applink.pod
index f15fb695eb..e54de12cc8 100644
--- a/doc/crypto/OPENSSL_Applink.pod
+++ b/doc/crypto/OPENSSL_Applink.pod
@@ -2,7 +2,7 @@
 
 =head1 NAME
 
-OPENSSL_Applink
+OPENSSL_Applink - glue between OpenSSL BIO and Win32 compiler run-time
 
 =head1 SYNOPSIS
 
diff --git a/doc/crypto/OPENSSL_config.pod b/doc/crypto/OPENSSL_config.pod
index 16600620cc..e7bba2aaca 100644
--- a/doc/crypto/OPENSSL_config.pod
+++ b/doc/crypto/OPENSSL_config.pod
@@ -35,7 +35,7 @@ calls OPENSSL_add_all_algorithms() by compiling an application with the
 preprocessor symbol B<OPENSSL_LOAD_CONF> #define'd. In this way configuration
 can be added without source changes.
 
-The environment variable B<OPENSSL_CONFIG> can be set to specify the location
+The environment variable B<OPENSSL_CONF> can be set to specify the location
 of the configuration file.
  
 Currently ASN1 OBJECTs and ENGINE configuration can be performed future
diff --git a/doc/crypto/OPENSSL_ia32cap.pod b/doc/crypto/OPENSSL_ia32cap.pod
index ec6b655c17..dca2e20ace 100644
--- a/doc/crypto/OPENSSL_ia32cap.pod
+++ b/doc/crypto/OPENSSL_ia32cap.pod
@@ -2,34 +2,51 @@
 
 =head1 NAME
 
-OPENSSL_ia32cap
+OPENSSL_ia32cap - finding the IA-32 processor capabilities
 
 =head1 SYNOPSIS
 
- unsigned long *OPENSSL_ia32cap_loc(void);
- #define OPENSSL_ia32cap (*(OPENSSL_ia32cap_loc()))
+ unsigned int *OPENSSL_ia32cap_loc(void);
+ #define OPENSSL_ia32cap ((OPENSSL_ia32cap_loc())[0])
 
 =head1 DESCRIPTION
 
 Value returned by OPENSSL_ia32cap_loc() is address of a variable
-containing IA-32 processor capabilities bit vector as it appears in EDX
-register after executing CPUID instruction with EAX=1 input value (see
-Intel Application Note #241618). Naturally it's meaningful on IA-32[E]
-platforms only. The variable is normally set up automatically upon
-toolkit initialization, but can be manipulated afterwards to modify
-crypto library behaviour. For the moment of this writing three bits are
-significant, namely bit #28 denoting Hyperthreading, which is used to
-distinguish Intel P4 core, bit #26 denoting SSE2 support, and bit #4
-denoting presence of Time-Stamp Counter. Clearing bit #26 at run-time
-for example disables high-performance SSE2 code present in the crypto
-library. You might have to do this if target OpenSSL application is
-executed on SSE2 capable CPU, but under control of OS which does not
-support SSE2 extentions. Even though you can manipulate the value
-programmatically, you most likely will find it more appropriate to set
-up an environment variable with the same name prior starting target
-application, e.g. 'env OPENSSL_ia32cap=0x10 apps/openssl', to achieve
-same effect without modifying the application source code.
-Alternatively you can reconfigure the toolkit with no-sse2 option and
-recompile.
+containing IA-32 processor capabilities bit vector as it appears in
+EDX:ECX register pair after executing CPUID instruction with EAX=1
+input value (see Intel Application Note #241618). Naturally it's
+meaningful on x86 and x86_64 platforms only. The variable is normally
+set up automatically upon toolkit initialization, but can be
+manipulated afterwards to modify crypto library behaviour. For the
+moment of this writing seven bits are significant, namely:
 
+1. bit #4 denoting presence of Time-Stamp Counter.
+2. bit #20, reserved by Intel, is used to choose among RC4 code
+   paths;
+3. bit #23 denoting MMX support;
+4. bit #25 denoting SSE support;
+5. bit #26 denoting SSE2 support;
+6. bit #28 denoting Hyperthreading, which is used to distiguish
+   cores with shared cache;
+7. bit #30, reserved by Intel, is used to choose among RC4 code
+   paths;
+8. bit #57 denoting Intel AES instruction set extension;
+
+For example, clearing bit #26 at run-time disables high-performance
+SSE2 code present in the crypto library. You might have to do this if
+target OpenSSL application is executed on SSE2 capable CPU, but under
+control of OS which does not support SSE2 extentions. Even though you
+can manipulate the value programmatically, you most likely will find it
+more appropriate to set up an environment variable with the same name
+prior starting target application, e.g. on Intel P4 processor 'env
+OPENSSL_ia32cap=0x12900010 apps/openssl', to achieve same effect
+without modifying the application source code. Alternatively you can
+reconfigure the toolkit with no-sse2 option and recompile.
+
+Less intuituve is clearing bit #28. The truth is that it's not copied
+from CPUID output verbatim, but is adjusted to reflect whether or not
+the data cache is actually shared between logical cores. This in turn
+affects the decision on whether or not expensive countermeasures
+against cache-timing attacks are applied, most notably in AES assembler
+module.
 =cut
diff --git a/doc/crypto/PEM_write_bio_CMS_stream.pod b/doc/crypto/PEM_write_bio_CMS_stream.pod
new file mode 100644
index 0000000000..e070c45c2e
--- /dev/null
+++ b/doc/crypto/PEM_write_bio_CMS_stream.pod
@@ -0,0 +1,41 @@
+=pod
+
+=head1 NAME
+
+ PEM_write_bio_CMS_stream - output CMS_ContentInfo structure in PEM format.
+
+=head1 SYNOPSIS
+
+ #include <openssl/cms.h>
+ #include <openssl/pem.h>
+
+ int PEM_write_bio_CMS_stream(BIO *out, CMS_ContentInfo *cms, BIO *data, int flags);
+
+=head1 DESCRIPTION
+
+PEM_write_bio_CMS_stream() outputs a CMS_ContentInfo structure in PEM format.
+
+It is otherwise identical to the function SMIME_write_CMS().
+
+=head1 NOTES
+
+This function is effectively a version of the PEM_write_bio_CMS() supporting
+streaming.
+
+=head1 RETURN VALUES
+
+PEM_write_bio_CMS_stream() returns 1 for success or 0 for failure.
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_sign(3)|CMS_sign(3)>,
+L<CMS_verify(3)|CMS_verify(3)>, L<CMS_encrypt(3)|CMS_encrypt(3)>
+L<CMS_decrypt(3)|CMS_decrypt(3)>,
+L<SMIME_write_CMS(3)|SMIME_write_CMS(3)>,
+L<i2d_CMS_bio_stream(3)|i2d_CMS_bio_stream(3)>
+
+=head1 HISTORY
+
+PEM_write_bio_CMS_stream() was added to OpenSSL 1.0.0
+
+=cut
diff --git a/doc/crypto/PEM_write_bio_PKCS7_stream.pod b/doc/crypto/PEM_write_bio_PKCS7_stream.pod
new file mode 100644
index 0000000000..16fc9b6845
--- /dev/null
+++ b/doc/crypto/PEM_write_bio_PKCS7_stream.pod
@@ -0,0 +1,41 @@
+=pod
+
+=head1 NAME
+
+PEM_write_bio_PKCS7_stream - output PKCS7 structure in PEM format.
+
+=head1 SYNOPSIS
+
+ #include <openssl/pkcs7.h>
+ #include <openssl/pem.h>
+
+ int PEM_write_bio_PKCS7_stream(BIO *out, PKCS7 *p7, BIO *data, int flags);
+
+=head1 DESCRIPTION
+
+PEM_write_bio_PKCS7_stream() outputs a PKCS7 structure in PEM format.
+
+It is otherwise identical to the function SMIME_write_PKCS7().
+
+=head1 NOTES
+
+This function is effectively a version of the PEM_write_bio_PKCS7() supporting
+streaming.
+
+=head1 RETURN VALUES
+
+PEM_write_bio_PKCS7_stream() returns 1 for success or 0 for failure.
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<PKCS7_sign(3)|PKCS7_sign(3)>,
+L<PKCS7_verify(3)|PKCS7_verify(3)>, L<PKCS7_encrypt(3)|PKCS7_encrypt(3)>
+L<PKCS7_decrypt(3)|PKCS7_decrypt(3)>,
+L<SMIME_write_PKCS7(3)|SMIME_write_PKCS7(3)>,
+L<i2d_PKCS7_bio_stream(3)|i2d_PKCS7_bio_stream(3)>
+
+=head1 HISTORY
+
+PEM_write_bio_PKCS7_stream() was added to OpenSSL 1.0.0
+
+=cut
diff --git a/doc/crypto/PKCS12_parse.pod b/doc/crypto/PKCS12_parse.pod
index 51344f883a..c54cf2ad61 100644
--- a/doc/crypto/PKCS12_parse.pod
+++ b/doc/crypto/PKCS12_parse.pod
@@ -20,24 +20,31 @@ certificate to B<*cert> and any additional certificates to B<*ca>.
 
 =head1 NOTES
 
-The parameters B<pkey> and B<cert> cannot be B<NULL>. B<ca> can be <NULL>
-in which case additional certificates will be discarded. B<*ca> can also
-be a valid STACK in which case additional certificates are appended to
-B<*ca>. If B<*ca> is B<NULL> a new STACK will be allocated.
+The parameters B<pkey> and B<cert> cannot be B<NULL>. B<ca> can be <NULL> in
+which case additional certificates will be discarded. B<*ca> can also be a
+valid STACK in which case additional certificates are appended to B<*ca>. If
+B<*ca> is B<NULL> a new STACK will be allocated.
 
-The B<friendlyName> and B<localKeyID> attributes (if present) on each certificate
-will be stored in the B<alias> and B<keyid> attributes of the B<X509> structure.
+The B<friendlyName> and B<localKeyID> attributes (if present) on each
+certificate will be stored in the B<alias> and B<keyid> attributes of the
+B<X509> structure.
+
+=head1 RETURN VALUES
+
+PKCS12_parse() returns 1 for success and zero if an error occurred.
+
+The error can be obtained from L<ERR_get_error(3)|ERR_get_error(3)>
 
 =head1 BUGS
 
-Only a single private key and corresponding certificate is returned by this function.
-More complex PKCS#12 files with multiple private keys will only return the first
-match.
+Only a single private key and corresponding certificate is returned by this
+function. More complex PKCS#12 files with multiple private keys will only
+return the first match.
 
-Only B<friendlyName> and B<localKeyID> attributes are currently stored in certificates.
-Other attributes are discarded.
+Only B<friendlyName> and B<localKeyID> attributes are currently stored in
+certificates. Other attributes are discarded.
 
-Attributes currently cannot be store in the private key B<EVP_PKEY> structure.
+Attributes currently cannot be stored in the private key B<EVP_PKEY> structure.
 
 =head1 SEE ALSO
 
diff --git a/doc/crypto/PKCS7_decrypt.pod b/doc/crypto/PKCS7_decrypt.pod
index b0ca067b89..325699d0b6 100644
--- a/doc/crypto/PKCS7_decrypt.pod
+++ b/doc/crypto/PKCS7_decrypt.pod
@@ -6,7 +6,9 @@ PKCS7_decrypt - decrypt content from a PKCS#7 envelopedData structure
 
 =head1 SYNOPSIS
 
-int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data, int flags);
+ #include <openssl/pkcs7.h>
+
+ int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data, int flags);
 
 =head1 DESCRIPTION
 
diff --git a/doc/crypto/PKCS7_encrypt.pod b/doc/crypto/PKCS7_encrypt.pod
index 1a507b22a2..2cd925a7e0 100644
--- a/doc/crypto/PKCS7_encrypt.pod
+++ b/doc/crypto/PKCS7_encrypt.pod
@@ -6,7 +6,9 @@ PKCS7_encrypt - create a PKCS#7 envelopedData structure
 
 =head1 SYNOPSIS
 
-PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher, int flags);
+ #include <openssl/pkcs7.h>
+
+ PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher, int flags);
 
 =head1 DESCRIPTION
 
@@ -16,43 +18,55 @@ B<cipher> is the symmetric cipher to use. B<flags> is an optional set of flags.
 
 =head1 NOTES
 
-Only RSA keys are supported in PKCS#7 and envelopedData so the recipient certificates
-supplied to this function must all contain RSA public keys, though they do not have to
-be signed using the RSA algorithm.
+Only RSA keys are supported in PKCS#7 and envelopedData so the recipient
+certificates supplied to this function must all contain RSA public keys, though
+they do not have to be signed using the RSA algorithm.
 
-EVP_des_ede3_cbc() (triple DES) is the algorithm of choice for S/MIME use because
-most clients will support it.
+EVP_des_ede3_cbc() (triple DES) is the algorithm of choice for S/MIME use
+because most clients will support it.
 
-Some old "export grade" clients may only support weak encryption using 40 or 64 bit
-RC2. These can be used by passing EVP_rc2_40_cbc() and EVP_rc2_64_cbc() respectively.
+Some old "export grade" clients may only support weak encryption using 40 or 64
+bit RC2. These can be used by passing EVP_rc2_40_cbc() and EVP_rc2_64_cbc()
+respectively.
 
-The algorithm passed in the B<cipher> parameter must support ASN1 encoding of its
-parameters. 
+The algorithm passed in the B<cipher> parameter must support ASN1 encoding of
+its parameters. 
 
-Many browsers implement a "sign and encrypt" option which is simply an S/MIME 
+Many browsers implement a "sign and encrypt" option which is simply an S/MIME
 envelopedData containing an S/MIME signed message. This can be readily produced
 by storing the S/MIME signed message in a memory BIO and passing it to
 PKCS7_encrypt().
 
 The following flags can be passed in the B<flags> parameter.
 
-If the B<PKCS7_TEXT> flag is set MIME headers for type B<text/plain> are prepended
-to the data.
+If the B<PKCS7_TEXT> flag is set MIME headers for type B<text/plain> are
+prepended to the data.
 
-Normally the supplied content is translated into MIME canonical format (as required
-by the S/MIME specifications) if B<PKCS7_BINARY> is set no translation occurs. This
-option should be used if the supplied data is in binary format otherwise the translation
-will corrupt it. If B<PKCS7_BINARY> is set then B<PKCS7_TEXT> is ignored.
+Normally the supplied content is translated into MIME canonical format (as
+required by the S/MIME specifications) if B<PKCS7_BINARY> is set no translation
+occurs. This option should be used if the supplied data is in binary format
+otherwise the translation will corrupt it. If B<PKCS7_BINARY> is set then
+B<PKCS7_TEXT> is ignored.
 
-=head1 RETURN VALUES
+If the B<PKCS7_STREAM> flag is set a partial B<PKCS7> structure is output
+suitable for streaming I/O: no data is read from the BIO B<in>.
 
-PKCS7_encrypt() returns either a valid PKCS7 structure or NULL if an error occurred.
-The error can be obtained from ERR_get_error(3).
+=head1 NOTES
 
-=head1 BUGS
+If the flag B<PKCS7_STREAM> is set the returned B<PKCS7> structure is B<not>
+complete and outputting its contents via a function that does not
+properly finalize the B<PKCS7> structure will give unpredictable 
+results.
 
-The lack of single pass processing and need to hold all data in memory as
-mentioned in PKCS7_sign() also applies to PKCS7_verify().
+Several functions including SMIME_write_PKCS7(), i2d_PKCS7_bio_stream(),
+PEM_write_bio_PKCS7_stream() finalize the structure. Alternatively finalization
+can be performed by obtaining the streaming ASN1 B<BIO> directly using
+BIO_new_PKCS7().
+
+=head1 RETURN VALUES
+
+PKCS7_encrypt() returns either a PKCS7 structure or NULL if an error occurred.
+The error can be obtained from ERR_get_error(3).
 
 =head1 SEE ALSO
 
@@ -61,5 +75,6 @@ L<ERR_get_error(3)|ERR_get_error(3)>, L<PKCS7_decrypt(3)|PKCS7_decrypt(3)>
 =head1 HISTORY
 
 PKCS7_decrypt() was added to OpenSSL 0.9.5
+The B<PKCS7_STREAM> flag was first supported in OpenSSL 1.0.0.
 
 =cut
diff --git a/doc/crypto/PKCS7_sign.pod b/doc/crypto/PKCS7_sign.pod
index ffd0c734b0..64a35144f8 100644
--- a/doc/crypto/PKCS7_sign.pod
+++ b/doc/crypto/PKCS7_sign.pod
@@ -6,14 +6,16 @@ PKCS7_sign - create a PKCS#7 signedData structure
 
 =head1 SYNOPSIS
 
-PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, BIO *data, int flags);
+ #include <openssl/pkcs7.h>
+
+ PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, BIO *data, int flags);
 
 =head1 DESCRIPTION
 
-PKCS7_sign() creates and returns a PKCS#7 signedData structure. B<signcert>
-is the certificate to sign with, B<pkey> is the corresponsding private key.
-B<certs> is an optional additional set of certificates to include in the
-PKCS#7 structure (for example any intermediate CAs in the chain). 
+PKCS7_sign() creates and returns a PKCS#7 signedData structure. B<signcert> is
+the certificate to sign with, B<pkey> is the corresponsding private key.
+B<certs> is an optional additional set of certificates to include in the PKCS#7
+structure (for example any intermediate CAs in the chain). 
 
 The data to be signed is read from BIO B<data>.
 
@@ -21,72 +23,83 @@ B<flags> is an optional set of flags.
 
 =head1 NOTES
 
-Any of the following flags (ored together) can be passed in the B<flags> parameter.
+Any of the following flags (ored together) can be passed in the B<flags>
+parameter.
 
 Many S/MIME clients expect the signed content to include valid MIME headers. If
 the B<PKCS7_TEXT> flag is set MIME headers for type B<text/plain> are prepended
 to the data.
 
 If B<PKCS7_NOCERTS> is set the signer's certificate will not be included in the
-PKCS7 structure, the signer's certificate must still be supplied in the B<signcert>
-parameter though. This can reduce the size of the signature if the signers certificate
-can be obtained by other means: for example a previously signed message.
-
-The data being signed is included in the PKCS7 structure, unless B<PKCS7_DETACHED> 
-is set in which case it is omitted. This is used for PKCS7 detached signatures
-which are used in S/MIME plaintext signed messages for example.
+PKCS7 structure, the signer's certificate must still be supplied in the
+B<signcert> parameter though. This can reduce the size of the signature if the
+signers certificate can be obtained by other means: for example a previously
+signed message.
+
+The data being signed is included in the PKCS7 structure, unless
+B<PKCS7_DETACHED> is set in which case it is omitted. This is used for PKCS7
+detached signatures which are used in S/MIME plaintext signed messages for
+example.
+
+Normally the supplied content is translated into MIME canonical format (as
+required by the S/MIME specifications) if B<PKCS7_BINARY> is set no translation
+occurs. This option should be used if the supplied data is in binary format
+otherwise the translation will corrupt it.
+
+The signedData structure includes several PKCS#7 autenticatedAttributes
+including the signing time, the PKCS#7 content type and the supported list of
+ciphers in an SMIMECapabilities attribute. If B<PKCS7_NOATTR> is set then no
+authenticatedAttributes will be used. If B<PKCS7_NOSMIMECAP> is set then just
+the SMIMECapabilities are omitted.
 
-Normally the supplied content is translated into MIME canonical format (as required
-by the S/MIME specifications) if B<PKCS7_BINARY> is set no translation occurs. This
-option should be used if the supplied data is in binary format otherwise the translation
-will corrupt it.
+If present the SMIMECapabilities attribute indicates support for the following
+algorithms: triple DES, 128 bit RC2, 64 bit RC2, DES and 40 bit RC2. If any of
+these algorithms is disabled then it will not be included.
 
-The signedData structure includes several PKCS#7 autenticatedAttributes including
-the signing time, the PKCS#7 content type and the supported list of ciphers in
-an SMIMECapabilities attribute. If B<PKCS7_NOATTR> is set then no authenticatedAttributes
-will be used. If B<PKCS7_NOSMIMECAP> is set then just the SMIMECapabilities are
-omitted.
+If the flags B<PKCS7_STREAM> is set then the returned B<PKCS7> structure is
+just initialized ready to perform the signing operation. The signing is however
+B<not> performed and the data to be signed is not read from the B<data>
+parameter. Signing is deferred until after the data has been written. In this
+way data can be signed in a single pass.
 
-If present the SMIMECapabilities attribute indicates support for the following
-algorithms: triple DES, 128 bit RC2, 64 bit RC2, DES and 40 bit RC2. If any
-of these algorithms is disabled then it will not be included.
+If the B<PKCS7_PARTIAL> flag is set a partial B<PKCS7> structure is output to
+which additional signers and capabilities can be added before finalization.
 
-If the flags B<PKCS7_PARTSIGN> is set then the returned B<PKCS7> structure
-is just initialized ready to perform the signing operation. The signing
-is however B<not> performed and the data to be signed is not read from
-the B<data> parameter. Signing is deferred until after the data has been
-written. In this way data can be signed in a single pass. Currently the
-flag B<PKCS7_DETACHED> B<must> also be set.
 
 =head1 NOTES
 
-Currently the flag B<PKCS7_PARTSIGN> is only supported for detached
-data. If this flag is set the returned B<PKCS7> structure is B<not>
-complete and outputting its contents via a function that does not
-properly finalize the B<PKCS7> structure will give unpredictable 
-results.
+If the flag B<PKCS7_STREAM> is set the returned B<PKCS7> structure is B<not>
+complete and outputting its contents via a function that does not properly
+finalize the B<PKCS7> structure will give unpredictable results.
 
-At present only the SMIME_write_PKCS7() function properly finalizes the
-structure.
+Several functions including SMIME_write_PKCS7(), i2d_PKCS7_bio_stream(),
+PEM_write_bio_PKCS7_stream() finalize the structure. Alternatively finalization
+can be performed by obtaining the streaming ASN1 B<BIO> directly using
+BIO_new_PKCS7().
 
-=head1 BUGS
+If a signer is specified it will use the default digest for the signing
+algorithm. This is B<SHA1> for both RSA and DSA keys.
+
+In OpenSSL 1.0.0 the B<certs>, B<signcert> and B<pkey> parameters can all be
+B<NULL> if the B<PKCS7_PARTIAL> flag is set. One or more signers can be added
+using the function B<PKCS7_sign_add_signer()>. B<PKCS7_final()> must also be
+called to finalize the structure if streaming is not enabled. Alternative
+signing digests can also be specified using this method.
 
-PKCS7_sign() is somewhat limited. It does not support multiple signers, some
-advanced attributes such as counter signatures are not supported.
+In OpenSSL 1.0.0 if B<signcert> and B<pkey> are NULL then a certificates only
+PKCS#7 structure is output.
 
-The SHA1 digest algorithm is currently always used.
+In versions of OpenSSL before 1.0.0 the B<signcert> and B<pkey> parameters must
+B<NOT> be NULL.
 
-When the signed data is not detached it will be stored in memory within the
-B<PKCS7> structure. This effectively limits the size of messages which can be
-signed due to memory restraints. There should be a way to sign data without
-having to hold it all in memory, this would however require fairly major
-revisions of the OpenSSL ASN1 code.
+=head1 BUGS
 
+Some advanced attributes such as counter signatures are not supported.
 
 =head1 RETURN VALUES
 
-PKCS7_sign() returns either a valid PKCS7 structure or NULL if an error occurred.
-The error can be obtained from ERR_get_error(3).
+PKCS7_sign() returns either a valid PKCS7 structure or NULL if an error
+occurred.  The error can be obtained from ERR_get_error(3).
 
 =head1 SEE ALSO
 
@@ -96,6 +109,8 @@ L<ERR_get_error(3)|ERR_get_error(3)>, L<PKCS7_verify(3)|PKCS7_verify(3)>
 
 PKCS7_sign() was added to OpenSSL 0.9.5
 
-The B<PKCS7_PARTSIGN> flag was added in OpenSSL 0.9.8
+The B<PKCS7_PARTIAL> flag was added in OpenSSL 1.0.0
+
+The B<PKCS7_STREAM> flag was added in OpenSSL 1.0.0
 
 =cut
diff --git a/doc/crypto/PKCS7_sign_add_signer.pod b/doc/crypto/PKCS7_sign_add_signer.pod
new file mode 100644
index 0000000000..ebec4d57de
--- /dev/null
+++ b/doc/crypto/PKCS7_sign_add_signer.pod
@@ -0,0 +1,87 @@
+=pod
+
+=head1 NAME
+
+PKCS7_sign_add_signer - add a signer PKCS7 signed data structure.
+
+=head1 SYNOPSIS
+
+ #include <openssl/pkcs7.h>
+
+ PKCS7_SIGNER_INFO *PKCS7_sign_add_signer(PKCS7 *p7, X509 *signcert, EVP_PKEY *pkey, const EVP_MD *md, int flags);
+
+
+=head1 DESCRIPTION
+
+PKCS7_sign_add_signer() adds a signer with certificate B<signcert> and private
+key B<pkey> using message digest B<md> to a PKCS7 signed data structure
+B<p7>.
+
+The PKCS7 structure should be obtained from an initial call to PKCS7_sign()
+with the flag B<PKCS7_PARTIAL> set or in the case or re-signing a valid PKCS7
+signed data structure.
+
+If the B<md> parameter is B<NULL> then the default digest for the public
+key algorithm will be used.
+
+Unless the B<PKCS7_REUSE_DIGEST> flag is set the returned PKCS7 structure
+is not complete and must be finalized either by streaming (if applicable) or
+a call to PKCS7_final().
+
+
+=head1 NOTES
+
+The main purpose of this function is to provide finer control over a PKCS#7
+signed data structure where the simpler PKCS7_sign() function defaults are
+not appropriate. For example if multiple signers or non default digest
+algorithms are needed.
+
+Any of the following flags (ored together) can be passed in the B<flags>
+parameter.
+
+If B<PKCS7_REUSE_DIGEST> is set then an attempt is made to copy the content
+digest value from the PKCS7 struture: to add a signer to an existing structure.
+An error occurs if a matching digest value cannot be found to copy. The
+returned PKCS7 structure will be valid and finalized when this flag is set.
+
+If B<PKCS7_PARTIAL> is set in addition to B<PKCS7_REUSE_DIGEST> then the 
+B<PKCS7_SIGNER_INO> structure will not be finalized so additional attributes
+can be added. In this case an explicit call to PKCS7_SIGNER_INFO_sign() is
+needed to finalize it.
+
+If B<PKCS7_NOCERTS> is set the signer's certificate will not be included in the
+PKCS7 structure, the signer's certificate must still be supplied in the
+B<signcert> parameter though. This can reduce the size of the signature if the
+signers certificate can be obtained by other means: for example a previously
+signed message.
+
+The signedData structure includes several PKCS#7 autenticatedAttributes
+including the signing time, the PKCS#7 content type and the supported list of
+ciphers in an SMIMECapabilities attribute. If B<PKCS7_NOATTR> is set then no
+authenticatedAttributes will be used. If B<PKCS7_NOSMIMECAP> is set then just
+the SMIMECapabilities are omitted.
+
+If present the SMIMECapabilities attribute indicates support for the following
+algorithms: triple DES, 128 bit RC2, 64 bit RC2, DES and 40 bit RC2. If any of
+these algorithms is disabled then it will not be included.
+
+
+PKCS7_sign_add_signers() returns an internal pointer to the PKCS7_SIGNER_INFO
+structure just added, this can be used to set additional attributes 
+before it is finalized.
+
+=head1 RETURN VALUES
+
+PKCS7_sign_add_signers() returns an internal pointer to the PKCS7_SIGNER_INFO
+structure just added or NULL if an error occurs.
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<PKCS7_sign(3)|PKCS7_sign(3)>,
+L<PKCS7_final(3)|PKCS7_final(3)>,
+
+=head1 HISTORY
+
+PPKCS7_sign_add_signer() was added to OpenSSL 1.0.0
+
+=cut
diff --git a/doc/crypto/PKCS7_verify.pod b/doc/crypto/PKCS7_verify.pod
index 07c9fdad40..7c10a4cc3c 100644
--- a/doc/crypto/PKCS7_verify.pod
+++ b/doc/crypto/PKCS7_verify.pod
@@ -6,9 +6,11 @@ PKCS7_verify - verify a PKCS#7 signedData structure
 
 =head1 SYNOPSIS
 
-int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, BIO *indata, BIO *out, int flags);
+ #include <openssl/pkcs7.h>
 
-int PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags);
+ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, BIO *indata, BIO *out, int flags);
+
+ STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags);
 
 =head1 DESCRIPTION
 
diff --git a/doc/crypto/RAND_bytes.pod b/doc/crypto/RAND_bytes.pod
index ce6329ce54..1a9b91e281 100644
--- a/doc/crypto/RAND_bytes.pod
+++ b/doc/crypto/RAND_bytes.pod
@@ -25,6 +25,9 @@ unpredictable. They can be used for non-cryptographic purposes and for
 certain purposes in cryptographic protocols, but usually not for key
 generation etc.
 
+The contents of B<buf> is mixed into the entropy pool before retrieving
+the new pseudo-random bytes unless disabled at compile time (see FAQ).
+
 =head1 RETURN VALUES
 
 RAND_bytes() returns 1 on success, 0 otherwise. The error code can be
diff --git a/doc/crypto/RAND_egd.pod b/doc/crypto/RAND_egd.pod
index 62adbe19b2..8b8c61d161 100644
--- a/doc/crypto/RAND_egd.pod
+++ b/doc/crypto/RAND_egd.pod
@@ -45,12 +45,15 @@ EGD is available from http://www.lothar.com/tech/crypto/ (C<perl
 Makefile.PL; make; make install> to install). It is run as B<egd>
 I<path>, where I<path> is an absolute path designating a socket. When
 RAND_egd() is called with that path as an argument, it tries to read
-random bytes that EGD has collected. The read is performed in
-non-blocking mode.
+random bytes that EGD has collected. RAND_egd() retrieves entropy from the
+daemon using the daemon's "non-blocking read" command which shall
+be answered immediately by the daemon without waiting for additional
+entropy to be collected. The write and read socket operations in the
+communication are blocking.
 
 Alternatively, the EGD-interface compatible daemon PRNGD can be used. It is
 available from
-http://www.aet.tu-cottbus.de/personen/jaenicke/postfix_tls/prngd.html .
+http://prngd.sourceforge.net/ .
 PRNGD does employ an internal PRNG itself and can therefore never run
 out of entropy.
 
diff --git a/doc/crypto/RAND_set_rand_method.pod b/doc/crypto/RAND_set_rand_method.pod
index c9bb6d9f27..e5b780fad0 100644
--- a/doc/crypto/RAND_set_rand_method.pod
+++ b/doc/crypto/RAND_set_rand_method.pod
@@ -30,7 +30,7 @@ true only whilst no ENGINE has been set as a default for RAND, so this function
 is no longer recommended.
 
 RAND_get_default_method() returns a pointer to the current RAND_METHOD.
-However, the meaningfulness of this result is dependant on whether the ENGINE
+However, the meaningfulness of this result is dependent on whether the ENGINE
 API is being used, so this function is no longer recommended.
 
 =head1 THE RAND_METHOD STRUCTURE
diff --git a/doc/crypto/RSA_get_ex_new_index.pod b/doc/crypto/RSA_get_ex_new_index.pod
index 46cc8f5359..7d0fd1f91d 100644
--- a/doc/crypto/RSA_get_ex_new_index.pod
+++ b/doc/crypto/RSA_get_ex_new_index.pod
@@ -17,12 +17,12 @@ RSA_get_ex_new_index, RSA_set_ex_data, RSA_get_ex_data - add application specifi
 
  void *RSA_get_ex_data(RSA *r, int idx);
 
- typedef int new_func(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
-		int idx, long argl, void *argp);
- typedef void free_func(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
-		int idx, long argl, void *argp);
- typedef int dup_func(CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from, void *from_d, 
-		int idx, long argl, void *argp);
+ typedef int CRYPTO_EX_new(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
+                           int idx, long argl, void *argp);
+ typedef void CRYPTO_EX_free(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
+                             int idx, long argl, void *argp);
+ typedef int CRYPTO_EX_dup(CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from, void *from_d,
+                           int idx, long argl, void *argp);
 
 =head1 DESCRIPTION
 
diff --git a/doc/crypto/RSA_set_method.pod b/doc/crypto/RSA_set_method.pod
index 0a305f6b14..2c963d7e5b 100644
--- a/doc/crypto/RSA_set_method.pod
+++ b/doc/crypto/RSA_set_method.pod
@@ -42,7 +42,7 @@ structures created later. B<NB>: This is true only whilst no ENGINE has
 been set as a default for RSA, so this function is no longer recommended.
 
 RSA_get_default_method() returns a pointer to the current default
-RSA_METHOD. However, the meaningfulness of this result is dependant on
+RSA_METHOD. However, the meaningfulness of this result is dependent on
 whether the ENGINE API is being used, so this function is no longer 
 recommended.
 
diff --git a/doc/crypto/RSA_sign.pod b/doc/crypto/RSA_sign.pod
index 71688a665e..8553be8e99 100644
--- a/doc/crypto/RSA_sign.pod
+++ b/doc/crypto/RSA_sign.pod
@@ -8,10 +8,10 @@ RSA_sign, RSA_verify - RSA signatures
 
  #include <openssl/rsa.h>
 
- int RSA_sign(int type, unsigned char *m, unsigned int m_len,
+ int RSA_sign(int type, const unsigned char *m, unsigned int m_len,
     unsigned char *sigret, unsigned int *siglen, RSA *rsa);
 
- int RSA_verify(int type, unsigned char *m, unsigned int m_len,
+ int RSA_verify(int type, const unsigned char *m, unsigned int m_len,
     unsigned char *sigbuf, unsigned int siglen, RSA *rsa);
 
 =head1 DESCRIPTION
diff --git a/doc/crypto/SMIME_read_CMS.pod b/doc/crypto/SMIME_read_CMS.pod
new file mode 100644
index 0000000000..acc5524c14
--- /dev/null
+++ b/doc/crypto/SMIME_read_CMS.pod
@@ -0,0 +1,70 @@
+=pod
+
+=head1 NAME
+
+ SMIME_read_CMS - parse S/MIME message.
+
+=head1 SYNOPSIS
+
+ #include <openssl/cms.h>
+
+ CMS_ContentInfo *SMIME_read_CMS(BIO *in, BIO **bcont);
+
+=head1 DESCRIPTION
+
+SMIME_read_CMS() parses a message in S/MIME format.
+
+B<in> is a BIO to read the message from.
+
+If cleartext signing is used then the content is saved in a memory bio which is
+written to B<*bcont>, otherwise B<*bcont> is set to NULL.
+
+The parsed CMS_ContentInfo structure is returned or NULL if an
+error occurred.
+
+=head1 NOTES
+
+If B<*bcont> is not NULL then the message is clear text signed. B<*bcont> can
+then be passed to CMS_verify() with the B<CMS_DETACHED> flag set.
+
+Otherwise the type of the returned structure can be determined
+using CMS_get0_type().
+
+To support future functionality if B<bcont> is not NULL B<*bcont> should be
+initialized to NULL. For example:
+
+ BIO *cont = NULL;
+ CMS_ContentInfo *cms;
+
+ cms = SMIME_read_CMS(in, &cont);
+
+=head1 BUGS
+
+The MIME parser used by SMIME_read_CMS() is somewhat primitive.  While it will
+handle most S/MIME messages more complex compound formats may not work.
+
+The parser assumes that the CMS_ContentInfo structure is always base64 encoded
+and will not handle the case where it is in binary format or uses quoted
+printable format.
+
+The use of a memory BIO to hold the signed content limits the size of message
+which can be processed due to memory restraints: a streaming single pass option
+should be available.
+
+=head1 RETURN VALUES
+
+SMIME_read_CMS() returns a valid B<CMS_ContentInfo> structure or B<NULL>
+if an error occurred. The error can be obtained from ERR_get_error(3).
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_type(3)|CMS_type(3)>
+L<SMIME_read_CMS(3)|SMIME_read_CMS(3)>, L<CMS_sign(3)|CMS_sign(3)>,
+L<CMS_verify(3)|CMS_verify(3)>, L<CMS_encrypt(3)|CMS_encrypt(3)>
+L<CMS_decrypt(3)|CMS_decrypt(3)>
+
+=head1 HISTORY
+
+SMIME_read_CMS() was added to OpenSSL 0.9.8
+
+=cut
diff --git a/doc/crypto/SMIME_read_PKCS7.pod b/doc/crypto/SMIME_read_PKCS7.pod
index ffafa37887..9d46715941 100644
--- a/doc/crypto/SMIME_read_PKCS7.pod
+++ b/doc/crypto/SMIME_read_PKCS7.pod
@@ -6,7 +6,9 @@ SMIME_read_PKCS7 - parse S/MIME message.
 
 =head1 SYNOPSIS
 
-PKCS7 *SMIME_read_PKCS7(BIO *in, BIO **bcont);
+ #include <openssl/pkcs7.h>
+
+ PKCS7 *SMIME_read_PKCS7(BIO *in, BIO **bcont);
 
 =head1 DESCRIPTION
 
diff --git a/doc/crypto/SMIME_write_CMS.pod b/doc/crypto/SMIME_write_CMS.pod
new file mode 100644
index 0000000000..04bedfb429
--- /dev/null
+++ b/doc/crypto/SMIME_write_CMS.pod
@@ -0,0 +1,64 @@
+=pod
+
+=head1 NAME
+
+ SMIME_write_CMS - convert CMS structure to S/MIME format.
+
+=head1 SYNOPSIS
+
+ #include <openssl/cms.h>
+
+ int SMIME_write_CMS(BIO *out, CMS_ContentInfo *cms, BIO *data, int flags);
+
+=head1 DESCRIPTION
+
+SMIME_write_CMS() adds the appropriate MIME headers to a CMS
+structure to produce an S/MIME message.
+
+B<out> is the BIO to write the data to. B<cms> is the appropriate
+B<CMS_ContentInfo> structure. If streaming is enabled then the content must be
+supplied in the B<data> argument. B<flags> is an optional set of flags.
+
+=head1 NOTES
+
+The following flags can be passed in the B<flags> parameter.
+
+If B<CMS_DETACHED> is set then cleartext signing will be used, this option only
+makes sense for SignedData where B<CMS_DETACHED> is also set when CMS_sign() is
+called.
+
+If the B<CMS_TEXT> flag is set MIME headers for type B<text/plain> are added to
+the content, this only makes sense if B<CMS_DETACHED> is also set.
+
+If the B<CMS_STREAM> flag is set streaming is performed. This flag should only
+be set if B<CMS_STREAM> was also set in the previous call to a CMS_ContentInfo
+creation function.
+
+If cleartext signing is being used and B<CMS_STREAM> not set then the data must
+be read twice: once to compute the signature in CMS_sign() and once to output
+the S/MIME message.
+
+If streaming is performed the content is output in BER format using indefinite
+length constructed encoding except in the case of signed data with detached
+content where the content is absent and DER format is used.
+
+=head1 BUGS
+
+SMIME_write_CMS() always base64 encodes CMS structures, there should be an
+option to disable this.
+
+=head1 RETURN VALUES
+
+SMIME_write_CMS() returns 1 for success or 0 for failure.
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_sign(3)|CMS_sign(3)>,
+L<CMS_verify(3)|CMS_verify(3)>, L<CMS_encrypt(3)|CMS_encrypt(3)>
+L<CMS_decrypt(3)|CMS_decrypt(3)>
+
+=head1 HISTORY
+
+SMIME_write_CMS() was added to OpenSSL 0.9.8
+
+=cut
diff --git a/doc/crypto/SMIME_write_PKCS7.pod b/doc/crypto/SMIME_write_PKCS7.pod
index 61945b3887..ca6bd02763 100644
--- a/doc/crypto/SMIME_write_PKCS7.pod
+++ b/doc/crypto/SMIME_write_PKCS7.pod
@@ -6,17 +6,18 @@ SMIME_write_PKCS7 - convert PKCS#7 structure to S/MIME format.
 
 =head1 SYNOPSIS
 
-int SMIME_write_PKCS7(BIO *out, PKCS7 *p7, BIO *data, int flags);
+ #include <openssl/pkcs7.h>
+
+ int SMIME_write_PKCS7(BIO *out, PKCS7 *p7, BIO *data, int flags);
 
 =head1 DESCRIPTION
 
 SMIME_write_PKCS7() adds the appropriate MIME headers to a PKCS#7
 structure to produce an S/MIME message.
 
-B<out> is the BIO to write the data to. B<p7> is the appropriate
-B<PKCS7> structure. If cleartext signing (B<multipart/signed>) is
-being used then the signed data must be supplied in the B<data> 
-argument. B<flags> is an optional set of flags.
+B<out> is the BIO to write the data to. B<p7> is the appropriate B<PKCS7>
+structure. If streaming is enabled then the content must be supplied in the
+B<data> argument. B<flags> is an optional set of flags.
 
 =head1 NOTES
 
@@ -30,15 +31,18 @@ If the B<PKCS7_TEXT> flag is set MIME headers for type B<text/plain>
 are added to the content, this only makes sense if B<PKCS7_DETACHED>
 is also set.
 
-If the B<PKCS7_PARTSIGN> flag is set the signed data is finalized
-and output along with the content. This flag should only be set
-if B<PKCS7_DETACHED> is also set and the previous call to PKCS7_sign()
-also set these flags.
+If the B<PKCS7_STREAM> flag is set streaming is performed. This flag should
+only be set if B<PKCS7_STREAM> was also set in the previous call to
+PKCS7_sign() or B<PKCS7_encrypt()>.
 
-If cleartext signing is being used and B<PKCS7_PARTSIGN> not set then
+If cleartext signing is being used and B<PKCS7_STREAM> not set then
 the data must be read twice: once to compute the signature in PKCS7_sign()
 and once to output the S/MIME message.
 
+If streaming is performed the content is output in BER format using indefinite
+length constructuted encoding except in the case of signed data with detached
+content where the content is absent and DER format is used.
+
 =head1 BUGS
 
 SMIME_write_PKCS7() always base64 encodes PKCS#7 structures, there
diff --git a/doc/crypto/X509_NAME_ENTRY_get_object.pod b/doc/crypto/X509_NAME_ENTRY_get_object.pod
index d287c18564..41902c0d45 100644
--- a/doc/crypto/X509_NAME_ENTRY_get_object.pod
+++ b/doc/crypto/X509_NAME_ENTRY_get_object.pod
@@ -9,15 +9,17 @@ X509_NAME_ENTRY_create_by_OBJ - X509_NAME_ENTRY utility functions
 
 =head1 SYNOPSIS
 
-ASN1_OBJECT * X509_NAME_ENTRY_get_object(X509_NAME_ENTRY *ne);
-ASN1_STRING * X509_NAME_ENTRY_get_data(X509_NAME_ENTRY *ne);
+ #include <openssl/x509.h>
 
-int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne, ASN1_OBJECT *obj);
-int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type, unsigned char *bytes, int len);
+ ASN1_OBJECT * X509_NAME_ENTRY_get_object(X509_NAME_ENTRY *ne);
+ ASN1_STRING * X509_NAME_ENTRY_get_data(X509_NAME_ENTRY *ne);
 
-X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_txt(X509_NAME_ENTRY **ne, char *field, int type, unsigned char *bytes, int len);
-X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid, int type,unsigned char *bytes, int len);
-X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **ne, ASN1_OBJECT *obj, int type,unsigned char *bytes, int len);
+ int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne, ASN1_OBJECT *obj);
+ int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type, const unsigned char *bytes, int len);
+
+ X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_txt(X509_NAME_ENTRY **ne, const char *field, int type, const unsigned char *bytes, int len);
+ X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid, int type,unsigned char *bytes, int len);
+ X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **ne, ASN1_OBJECT *obj, int type, const unsigned char *bytes, int len);
 
 =head1 DESCRIPTION
 
diff --git a/doc/crypto/X509_NAME_add_entry_by_txt.pod b/doc/crypto/X509_NAME_add_entry_by_txt.pod
index 4472a1c5cf..1afd008cb3 100644
--- a/doc/crypto/X509_NAME_add_entry_by_txt.pod
+++ b/doc/crypto/X509_NAME_add_entry_by_txt.pod
@@ -7,11 +7,17 @@ X509_NAME_add_entry, X509_NAME_delete_entry - X509_NAME modification functions
 
 =head1 SYNOPSIS
 
-int X509_NAME_add_entry_by_txt(X509_NAME *name, char *field, int type, unsigned char *bytes, int len, int loc, int set);
-int X509_NAME_add_entry_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, int type, unsigned char *bytes, int len, int loc, int set);
-int X509_NAME_add_entry_by_NID(X509_NAME *name, int nid, int type, unsigned char *bytes, int len, int loc, int set);
-int X509_NAME_add_entry(X509_NAME *name,X509_NAME_ENTRY *ne, int loc, int set);
-X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name, int loc);
+ #include <openssl/x509.h>
+
+ int X509_NAME_add_entry_by_txt(X509_NAME *name, const char *field, int type, const unsigned char *bytes, int len, int loc, int set);
+
+ int X509_NAME_add_entry_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, int type, unsigned char *bytes, int len, int loc, int set);
+
+ int X509_NAME_add_entry_by_NID(X509_NAME *name, int nid, int type, unsigned char *bytes, int len, int loc, int set);
+
+ int X509_NAME_add_entry(X509_NAME *name,X509_NAME_ENTRY *ne, int loc, int set);
+
+ X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name, int loc);
 
 =head1 DESCRIPTION
 
diff --git a/doc/crypto/X509_NAME_get_index_by_NID.pod b/doc/crypto/X509_NAME_get_index_by_NID.pod
index 333323d734..3b1f9ff43b 100644
--- a/doc/crypto/X509_NAME_get_index_by_NID.pod
+++ b/doc/crypto/X509_NAME_get_index_by_NID.pod
@@ -8,14 +8,16 @@ X509_NAME lookup and enumeration functions
 
 =head1 SYNOPSIS
 
-int X509_NAME_get_index_by_NID(X509_NAME *name,int nid,int lastpos);
-int X509_NAME_get_index_by_OBJ(X509_NAME *name,ASN1_OBJECT *obj, int lastpos);
+ #include <openssl/x509.h>
 
-int X509_NAME_entry_count(X509_NAME *name);
-X509_NAME_ENTRY *X509_NAME_get_entry(X509_NAME *name, int loc);
+ int X509_NAME_get_index_by_NID(X509_NAME *name,int nid,int lastpos);
+ int X509_NAME_get_index_by_OBJ(X509_NAME *name,ASN1_OBJECT *obj, int lastpos);
 
-int X509_NAME_get_text_by_NID(X509_NAME *name, int nid, char *buf,int len);
-int X509_NAME_get_text_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, char *buf,int len);
+ int X509_NAME_entry_count(X509_NAME *name);
+ X509_NAME_ENTRY *X509_NAME_get_entry(X509_NAME *name, int loc);
+
+ int X509_NAME_get_text_by_NID(X509_NAME *name, int nid, char *buf,int len);
+ int X509_NAME_get_text_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, char *buf,int len);
 
 =head1 DESCRIPTION
 
diff --git a/doc/crypto/X509_NAME_print_ex.pod b/doc/crypto/X509_NAME_print_ex.pod
index 919b908919..2579a5dc9d 100644
--- a/doc/crypto/X509_NAME_print_ex.pod
+++ b/doc/crypto/X509_NAME_print_ex.pod
@@ -86,10 +86,10 @@ is equivalent to:
  B<ASN1_STRFLGS_RFC2253 | XN_FLAG_SEP_COMMA_PLUS | XN_FLAG_DN_REV | XN_FLAG_FN_SN | XN_FLAG_DUMP_UNKNOWN_FIELDS>
 
 
-B<XN_FLAG_ONELINE> is a more readable one line format it is the same as:
+B<XN_FLAG_ONELINE> is a more readable one line format which is the same as:
  B<ASN1_STRFLGS_RFC2253 | ASN1_STRFLGS_ESC_QUOTE | XN_FLAG_SEP_CPLUS_SPC | XN_FLAG_SPC_EQ | XN_FLAG_FN_SN>
 
-B<XN_FLAG_MULTILINE> is a multiline format is is the same as:
+B<XN_FLAG_MULTILINE> is a multiline format which is the same as:
  B<ASN1_STRFLGS_ESC_CTRL | ASN1_STRFLGS_ESC_MSB | XN_FLAG_SEP_MULTILINE | XN_FLAG_SPC_EQ | XN_FLAG_FN_LN | XN_FLAG_FN_ALIGN>
 
 B<XN_FLAG_COMPAT> uses a format identical to X509_NAME_print(): in fact it calls X509_NAME_print() internally.
diff --git a/doc/crypto/X509_STORE_CTX_get_error.pod b/doc/crypto/X509_STORE_CTX_get_error.pod
new file mode 100644
index 0000000000..a883f6c097
--- /dev/null
+++ b/doc/crypto/X509_STORE_CTX_get_error.pod
@@ -0,0 +1,303 @@
+=pod
+
+=head1 NAME
+
+X509_STORE_CTX_get_error, X509_STORE_CTX_set_error, X509_STORE_CTX_get_error_depth, X509_STORE_CTX_get_current_cert, X509_STORE_CTX_get1_chain, X509_verify_cert_error_string - get or set certificate verification status information
+
+=head1 SYNOPSIS
+
+ #include <openssl/x509.h>
+ #include <openssl/x509_vfy.h>
+
+ int	X509_STORE_CTX_get_error(X509_STORE_CTX *ctx);
+ void	X509_STORE_CTX_set_error(X509_STORE_CTX *ctx,int s);
+ int	X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx);
+ X509 *	X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx);
+
+ STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx);
+
+ const char *X509_verify_cert_error_string(long n);
+
+=head1 DESCRIPTION
+
+These functions are typically called after X509_verify_cert() has indicated
+an error or in a verification callback to determine the nature of an error.
+
+X509_STORE_CTX_get_error() returns the error code of B<ctx>, see
+the B<ERROR CODES> section for a full description of all error codes.
+
+X509_STORE_CTX_set_error() sets the error code of B<ctx> to B<s>. For example
+it might be used in a verification callback to set an error based on additional
+checks.
+
+X509_STORE_CTX_get_error_depth() returns the B<depth> of the error. This is a
+non-negative integer representing where in the certificate chain the error
+occurred. If it is zero it occured in the end entity certificate, one if
+it is the certificate which signed the end entity certificate and so on.
+
+X509_STORE_CTX_get_current_cert() returns the certificate in B<ctx> which
+caused the error or B<NULL> if no certificate is relevant.
+
+X509_STORE_CTX_get1_chain() returns a complete validate chain if a previous
+call to X509_verify_cert() is successful. If the call to X509_verify_cert()
+is B<not> successful the returned chain may be incomplete or invalid. The
+returned chain persists after the B<ctx> structure is freed, when it is
+no longer needed it should be free up using:
+
+  sk_X509_pop_free(chain, X509_free);
+
+X509_verify_cert_error_string() returns a human readable error string for
+verification error B<n>.
+
+=head1 RETURN VALUES
+
+X509_STORE_CTX_get_error() returns B<X509_V_OK> or an error code.
+
+X509_STORE_CTX_get_error_depth() returns a non-negative error depth.
+
+X509_STORE_CTX_get_current_cert() returns the cerificate which caused the
+error or B<NULL> if no certificate is relevant to the error.
+
+X509_verify_cert_error_string() returns a human readable error string for
+verification error B<n>.
+
+=head1 ERROR CODES
+
+A list of error codes and messages is shown below.  Some of the
+error codes are defined but currently never returned: these are described as
+"unused".
+
+=over 4
+
+=item B<X509_V_OK: ok>
+
+the operation was successful.
+
+=item B<X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: unable to get issuer certificate>
+
+the issuer certificate could not be found: this occurs if the issuer certificate
+of an untrusted certificate cannot be found.
+
+=item B<X509_V_ERR_UNABLE_TO_GET_CRL: unable to get certificate CRL>
+
+the CRL of a certificate could not be found.
+
+=item B<X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE: unable to decrypt certificate's signature>
+
+the certificate signature could not be decrypted. This means that the actual
+signature value could not be determined rather than it not matching the
+expected value, this is only meaningful for RSA keys.
+
+=item B<X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE: unable to decrypt CRL's signature>
+
+the CRL signature could not be decrypted: this means that the actual signature
+value could not be determined rather than it not matching the expected value.
+Unused.
+
+=item B<X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY: unable to decode issuer public key>
+
+the public key in the certificate SubjectPublicKeyInfo could not be read.
+
+=item B<X509_V_ERR_CERT_SIGNATURE_FAILURE: certificate signature failure>
+
+the signature of the certificate is invalid.
+
+=item B<X509_V_ERR_CRL_SIGNATURE_FAILURE: CRL signature failure>
+
+the signature of the certificate is invalid.
+
+=item B<X509_V_ERR_CERT_NOT_YET_VALID: certificate is not yet valid>
+
+the certificate is not yet valid: the notBefore date is after the current time.
+
+=item B<X509_V_ERR_CERT_HAS_EXPIRED: certificate has expired>
+
+the certificate has expired: that is the notAfter date is before the current time.
+
+=item B<X509_V_ERR_CRL_NOT_YET_VALID: CRL is not yet valid>
+
+the CRL is not yet valid.
+
+=item B<X509_V_ERR_CRL_HAS_EXPIRED: CRL has expired>
+
+the CRL has expired.
+
+=item B<X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD: format error in certificate's notBefore field>
+
+the certificate notBefore field contains an invalid time.
+
+=item B<X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD: format error in certificate's notAfter field>
+
+the certificate notAfter field contains an invalid time.
+
+=item B<X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD: format error in CRL's lastUpdate field>
+
+the CRL lastUpdate field contains an invalid time.
+
+=item B<X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD: format error in CRL's nextUpdate field>
+
+the CRL nextUpdate field contains an invalid time.
+
+=item B<X509_V_ERR_OUT_OF_MEM: out of memory>
+
+an error occurred trying to allocate memory. This should never happen.
+
+=item B<X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: self signed certificate>
+
+the passed certificate is self signed and the same certificate cannot be found
+in the list of trusted certificates.
+
+=item B<X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN: self signed certificate in certificate chain>
+
+the certificate chain could be built up using the untrusted certificates but
+the root could not be found locally.
+
+=item B<X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY: unable to get local issuer certificate>
+
+the issuer certificate of a locally looked up certificate could not be found.
+This normally means the list of trusted certificates is not complete.
+
+=item B<X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE: unable to verify the first certificate>
+
+no signatures could be verified because the chain contains only one certificate
+and it is not self signed.
+
+=item B<X509_V_ERR_CERT_CHAIN_TOO_LONG: certificate chain too long>
+
+the certificate chain length is greater than the supplied maximum depth. Unused.
+
+=item B<X509_V_ERR_CERT_REVOKED: certificate revoked>
+
+the certificate has been revoked.
+
+=item B<X509_V_ERR_INVALID_CA: invalid CA certificate>
+
+a CA certificate is invalid. Either it is not a CA or its extensions are not
+consistent with the supplied purpose.
+
+=item B<X509_V_ERR_PATH_LENGTH_EXCEEDED: path length constraint exceeded>
+
+the basicConstraints pathlength parameter has been exceeded.
+
+=item B<X509_V_ERR_INVALID_PURPOSE: unsupported certificate purpose>
+
+the supplied certificate cannot be used for the specified purpose.
+
+=item B<X509_V_ERR_CERT_UNTRUSTED: certificate not trusted>
+
+the root CA is not marked as trusted for the specified purpose.
+
+=item B<X509_V_ERR_CERT_REJECTED: certificate rejected>
+
+the root CA is marked to reject the specified purpose.
+
+=item B<X509_V_ERR_SUBJECT_ISSUER_MISMATCH: subject issuer mismatch>
+
+the current candidate issuer certificate was rejected because its subject name
+did not match the issuer name of the current certificate. This is only set
+if issuer check debugging is enabled it is used for status notification and
+is B<not> in itself an error.
+
+=item B<X509_V_ERR_AKID_SKID_MISMATCH: authority and subject key identifier mismatch>
+
+the current candidate issuer certificate was rejected because its subject key
+identifier was present and did not match the authority key identifier current
+certificate. This is only set if issuer check debugging is enabled it is used
+for status notification and is B<not> in itself an error.
+
+=item B<X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH: authority and issuer serial number mismatch>
+
+the current candidate issuer certificate was rejected because its issuer name
+and serial number was present and did not match the authority key identifier of
+the current certificate. This is only set if issuer check debugging is enabled
+it is used for status notification and is B<not> in itself an error.
+
+=item B<X509_V_ERR_KEYUSAGE_NO_CERTSIGN:key usage does not include certificate signing>
+
+the current candidate issuer certificate was rejected because its keyUsage
+extension does not permit certificate signing. This is only set if issuer check
+debugging is enabled it is used for status notification and is B<not> in itself
+an error.
+
+=item B<X509_V_ERR_INVALID_EXTENSION: invalid or inconsistent certificate extension>
+
+A certificate extension had an invalid value (for example an incorrect
+encoding) or some value inconsistent with other extensions.
+
+
+=item B<X509_V_ERR_INVALID_POLICY_EXTENSION: invalid or inconsistent certificate policy extension>
+
+A certificate policies extension had an invalid value (for example an incorrect
+encoding) or some value inconsistent with other extensions. This error only
+occurs if policy processing is enabled.
+
+=item B<X509_V_ERR_NO_EXPLICIT_POLICY: no explicit policy>
+
+The verification flags were set to require and explicit policy but none was
+present.
+
+=item B<X509_V_ERR_DIFFERENT_CRL_SCOPE: Different CRL scope>
+
+The only CRLs that could be found did not match the scope of the certificate.
+
+=item B<X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE: Unsupported extension feature>
+
+Some feature of a certificate extension is not supported. Unused.
+
+=item B<X509_V_ERR_PERMITTED_VIOLATION: permitted subtree violation>
+
+A name constraint violation occured in the permitted subtrees.
+
+=item B<X509_V_ERR_EXCLUDED_VIOLATION: excluded subtree violation>
+
+A name constraint violation occured in the excluded subtrees.
+
+=item B<X509_V_ERR_SUBTREE_MINMAX: name constraints minimum and maximum not supported>
+
+A certificate name constraints extension included a minimum or maximum field:
+this is not supported.
+
+=item B<X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE: unsupported name constraint type>
+
+An unsupported name constraint type was encountered. OpenSSL currently only
+supports directory name, DNS name, email and URI types.
+
+=item B<X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX: unsupported or invalid name constraint syntax>
+
+The format of the name constraint is not recognised: for example an email
+address format of a form not mentioned in RFC3280. This could be caused by
+a garbage extension or some new feature not currently supported.
+
+=item B<X509_V_ERR_CRL_PATH_VALIDATION_ERROR: CRL path validation error>
+
+An error occured when attempting to verify the CRL path. This error can only
+happen if extended CRL checking is enabled.
+
+=item B<X509_V_ERR_APPLICATION_VERIFICATION: application verification failure>
+
+an application specific error. This will never be returned unless explicitly
+set by an application.
+
+=head1 NOTES
+
+The above functions should be used instead of directly referencing the fields
+in the B<X509_VERIFY_CTX> structure.
+
+In versions of OpenSSL before 1.0 the current certificate returned by
+X509_STORE_CTX_get_current_cert() was never B<NULL>. Applications should
+check the return value before printing out any debugging information relating
+to the current certificate.
+
+If an unrecognised error code is passed to X509_verify_cert_error_string() the
+numerical value of the unknown code is returned in a static buffer. This is not
+thread safe but will never happen unless an invalid code is passed.
+
+=head1 SEE ALSO
+
+L<X509_verify_cert(3)|X509_verify_cert(3)>
+
+=head1 HISTORY
+
+TBA
+
+=cut
diff --git a/doc/crypto/X509_STORE_CTX_get_ex_new_index.pod b/doc/crypto/X509_STORE_CTX_get_ex_new_index.pod
new file mode 100644
index 0000000000..8d6b9dda47
--- /dev/null
+++ b/doc/crypto/X509_STORE_CTX_get_ex_new_index.pod
@@ -0,0 +1,41 @@
+=pod
+
+=head1 NAME
+
+X509_STORE_CTX_get_ex_new_index, X509_STORE_CTX_set_ex_data, X509_STORE_CTX_get_ex_data - add application specific data to X509_STORE_CTX structures
+
+=head1 SYNOPSIS
+
+ #include <openssl/x509_vfy.h>
+
+ int X509_STORE_CTX_get_ex_new_index(long argl, void *argp,
+		CRYPTO_EX_new *new_func,
+		CRYPTO_EX_dup *dup_func,
+		CRYPTO_EX_free *free_func);
+
+ int X509_STORE_CTX_set_ex_data(X509_STORE_CTX *d, int idx, void *arg);
+
+ char *X509_STORE_CTX_get_ex_data(X509_STORE_CTX *d, int idx);
+
+=head1 DESCRIPTION
+
+These functions handle application specific data in X509_STORE_CTX structures.
+Their usage is identical to that of RSA_get_ex_new_index(), RSA_set_ex_data()
+and RSA_get_ex_data() as described in L<RSA_get_ex_new_index(3)>.
+
+=head1 NOTES
+
+This mechanism is used internally by the B<ssl> library to store the B<SSL>
+structure associated with a verification operation in an B<X509_STORE_CTX>
+structure. 
+
+=head1 SEE ALSO
+
+L<RSA_get_ex_new_index(3)|RSA_get_ex_new_index(3)>
+
+=head1 HISTORY
+
+X509_STORE_CTX_get_ex_new_index(), X509_STORE_CTX_set_ex_data() and
+X509_STORE_CTX_get_ex_data() are available since OpenSSL 0.9.5.
+
+=cut
diff --git a/doc/crypto/X509_STORE_CTX_new.pod b/doc/crypto/X509_STORE_CTX_new.pod
new file mode 100644
index 0000000000..b17888f149
--- /dev/null
+++ b/doc/crypto/X509_STORE_CTX_new.pod
@@ -0,0 +1,122 @@
+=pod
+
+=head1 NAME
+
+X509_STORE_CTX_new, X509_STORE_CTX_cleanup, X509_STORE_CTX_free, X509_STORE_CTX_init, X509_STORE_CTX_trusted_stack, X509_STORE_CTX_set_cert, X509_STORE_CTX_set_chain, X509_STORE_CTX_set0_crls, X509_STORE_CTX_get0_param, X509_STORE_CTX_set0_param, X509_STORE_CTX_set_default - X509_STORE_CTX initialisation
+
+=head1 SYNOPSIS
+
+ #include <openssl/x509_vfy.h>
+
+ X509_STORE_CTX *X509_STORE_CTX_new(void);
+ void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx);
+ void X509_STORE_CTX_free(X509_STORE_CTX *ctx);
+
+ int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store,
+			 X509 *x509, STACK_OF(X509) *chain);
+
+ void X509_STORE_CTX_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk);
+
+ void	X509_STORE_CTX_set_cert(X509_STORE_CTX *ctx,X509 *x);
+ void	X509_STORE_CTX_set_chain(X509_STORE_CTX *ctx,STACK_OF(X509) *sk);
+ void	X509_STORE_CTX_set0_crls(X509_STORE_CTX *ctx, STACK_OF(X509_CRL) *sk);
+
+ X509_VERIFY_PARAM *X509_STORE_CTX_get0_param(X509_STORE_CTX *ctx);
+ void X509_STORE_CTX_set0_param(X509_STORE_CTX *ctx, X509_VERIFY_PARAM *param);
+ int X509_STORE_CTX_set_default(X509_STORE_CTX *ctx, const char *name);
+
+=head1 DESCRIPTION
+
+These functions initialise an B<X509_STORE_CTX> structure for subsequent use
+by X509_verify_cert().
+
+X509_STORE_CTX_new() returns a newly initialised B<X509_STORE_CTX> structure.
+
+X509_STORE_CTX_cleanup() internally cleans up an B<X509_STORE_CTX> structure.
+The context can then be reused with an new call to X509_STORE_CTX_init().
+
+X509_STORE_CTX_free() completely frees up B<ctx>. After this call B<ctx>
+is no longer valid.
+
+X509_STORE_CTX_init() sets up B<ctx> for a subsequent verification operation.
+The trusted certificate store is set to B<store>, the end entity certificate
+to be verified is set to B<x509> and a set of additional certificates (which
+will be untrusted but may be used to build the chain) in B<chain>. Any or
+all of the B<store>, B<x509> and B<chain> parameters can be B<NULL>.
+
+X509_STORE_CTX_trusted_stack() sets the set of trusted certificates of B<ctx>
+to B<sk>. This is an alternative way of specifying trusted certificates 
+instead of using an B<X509_STORE>.
+
+X509_STORE_CTX_set_cert() sets the certificate to be vertified in B<ctx> to
+B<x>.
+
+X509_STORE_CTX_set_chain() sets the additional certificate chain used by B<ctx>
+to B<sk>.
+
+X509_STORE_CTX_set0_crls() sets a set of CRLs to use to aid certificate
+verification to B<sk>. These CRLs will only be used if CRL verification is
+enabled in the associated B<X509_VERIFY_PARAM> structure. This might be
+used where additional "useful" CRLs are supplied as part of a protocol,
+for example in a PKCS#7 structure.
+
+X509_VERIFY_PARAM *X509_STORE_CTX_get0_param() retrieves an intenal pointer
+to the verification parameters associated with B<ctx>.
+
+X509_STORE_CTX_set0_param() sets the intenal verification parameter pointer
+to B<param>. After this call B<param> should not be used.
+
+X509_STORE_CTX_set_default() looks up and sets the default verification
+method to B<name>. This uses the function X509_VERIFY_PARAM_lookup() to
+find an appropriate set of parameters from B<name>.
+
+=head1 NOTES
+
+The certificates and CRLs in a store are used internally and should B<not>
+be freed up until after the associated B<X509_STORE_CTX> is freed. Legacy
+applications might implicitly use an B<X509_STORE_CTX> like this:
+
+  X509_STORE_CTX ctx;
+  X509_STORE_CTX_init(&ctx, store, cert, chain);
+
+this is B<not> recommended in new applications they should instead do:
+
+  X509_STORE_CTX *ctx;
+  ctx = X509_STORE_CTX_new();
+  if (ctx == NULL)
+	/* Bad error */
+  X509_STORE_CTX_init(ctx, store, cert, chain);
+
+=head1 BUGS
+
+The certificates and CRLs in a context are used internally and should B<not>
+be freed up until after the associated B<X509_STORE_CTX> is freed. Copies
+should be made or reference counts increased instead.
+
+=head1 RETURN VALUES
+
+X509_STORE_CTX_new() returns an newly allocates context or B<NULL> is an
+error occurred.
+
+X509_STORE_CTX_init() returns 1 for success or 0 if an error occurred.
+
+X509_STORE_CTX_get0_param() returns a pointer to an B<X509_VERIFY_PARAM>
+structure or B<NULL> if an error occurred.
+
+X509_STORE_CTX_cleanup(), X509_STORE_CTX_free(), X509_STORE_CTX_trusted_stack(),
+X509_STORE_CTX_set_cert(), X509_STORE_CTX_set_chain(),
+X509_STORE_CTX_set0_crls() and X509_STORE_CTX_set0_param() do not return
+values.
+
+X509_STORE_CTX_set_default() returns 1 for success or 0 if an error occurred.
+
+=head1 SEE ALSO
+
+L<X509_verify_cert(3)|X509_verify_cert(3)>
+L<X509_VERIFY_PARAM_set_flags(3)|X509_VERIFY_PARAM_set_flags(3)>
+
+=head1 HISTORY
+
+X509_STORE_CTX_set0_crls() was first added to OpenSSL 1.0.0
+
+=cut
diff --git a/doc/crypto/X509_STORE_CTX_set_verify_cb.pod b/doc/crypto/X509_STORE_CTX_set_verify_cb.pod
new file mode 100644
index 0000000000..b9787a6ca6
--- /dev/null
+++ b/doc/crypto/X509_STORE_CTX_set_verify_cb.pod
@@ -0,0 +1,161 @@
+=pod
+
+=head1 NAME
+
+X509_STORE_CTX_set_verify_cb - set verification callback
+
+=head1 SYNOPSIS
+
+ #include <openssl/x509_vfy.h>
+
+ void X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *ctx,
+				int (*verify_cb)(int ok, X509_STORE_CTX *ctx));
+
+=head1 DESCRIPTION
+
+X509_STORE_CTX_set_verify_cb() sets the verification callback of B<ctx> to
+B<verify_cb> overwriting any existing callback.
+
+The verification callback can be used to customise the operation of certificate
+verification, either by overriding error conditions or logging errors for
+debugging purposes.
+
+However a verification callback is B<not> essential and the default operation
+is often sufficient.
+
+The B<ok> parameter to the callback indicates the value the callback should
+return to retain the default behaviour. If it is zero then and error condition
+is indicated. If it is 1 then no error occurred. If the flag
+B<X509_V_FLAG_NOTIFY_POLICY> is set then B<ok> is set to 2 to indicate the
+policy checking is complete.
+
+The B<ctx> parameter to the callback is the B<X509_STORE_CTX> structure that
+is performing the verification operation. A callback can examine this
+structure and receive additional information about the error, for example
+by calling X509_STORE_CTX_get_current_cert(). Additional application data can
+be passed to the callback via the B<ex_data> mechanism.
+
+=head1 WARNING
+
+In general a verification callback should B<NOT> unconditionally return 1 in
+all circumstances because this will allow verification to succeed no matter
+what the error. This effectively removes all security from the application
+because B<any> certificate (including untrusted generated ones) will be
+accepted.
+
+=head1 NOTES
+
+The verification callback can be set and inherited from the parent structure
+performing the operation. In some cases (such as S/MIME verification) the
+B<X509_STORE_CTX> structure is created and destroyed internally and the
+only way to set a custom verification callback is by inheriting it from the
+associated B<X509_STORE>.
+
+=head1 RETURN VALUES
+
+X509_STORE_CTX_set_verify_cb() does not return a value.
+
+=head1 EXAMPLES
+
+Default callback operation:
+
+ int verify_callback(int ok, X509_STORE_CTX *ctx)
+	{
+	return ok;
+	}
+
+Simple example, suppose a certificate in the chain is expired and we wish
+to continue after this error:
+
+ int verify_callback(int ok, X509_STORE_CTX *ctx)
+	{
+	/* Tolerate certificate expiration */
+	if (X509_STORE_CTX_get_error(ctx) == X509_V_ERR_CERT_HAS_EXPIRED)
+			return 1;
+	/* Otherwise don't override */
+	return ok;
+	}
+
+More complex example, we don't wish to continue after B<any> certificate has
+expired just one specific case:
+
+ int verify_callback(int ok, X509_STORE_CTX *ctx)
+	{
+	int err = X509_STORE_CTX_get_error(ctx);
+	X509 *err_cert = X509_STORE_CTX_get_current_cert(ctx);
+	if (err == X509_V_ERR_CERT_HAS_EXPIRED)
+		{
+		if (check_is_acceptable_expired_cert(err_cert)
+			return 1;
+		}
+	return ok;
+	}
+
+Full featured logging callback. In this case the B<bio_err> is assumed to be
+a global logging B<BIO>, an alternative would to store a BIO in B<ctx> using
+B<ex_data>.
+	
+ int verify_callback(int ok, X509_STORE_CTX *ctx)
+	{
+	X509 *err_cert;
+	int err,depth;
+
+	err_cert = X509_STORE_CTX_get_current_cert(ctx);
+	err =	X509_STORE_CTX_get_error(ctx);
+	depth =	X509_STORE_CTX_get_error_depth(ctx);
+
+	BIO_printf(bio_err,"depth=%d ",depth);
+	if (err_cert)
+		{
+		X509_NAME_print_ex(bio_err, X509_get_subject_name(err_cert),
+					0, XN_FLAG_ONELINE);
+		BIO_puts(bio_err, "\n");
+		}
+	else
+		BIO_puts(bio_err, "<no cert>\n");
+	if (!ok)
+		BIO_printf(bio_err,"verify error:num=%d:%s\n",err,
+			X509_verify_cert_error_string(err));
+	switch (err)
+		{
+	case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
+		BIO_puts(bio_err,"issuer= ");
+		X509_NAME_print_ex(bio_err, X509_get_issuer_name(err_cert),
+					0, XN_FLAG_ONELINE);
+		BIO_puts(bio_err, "\n");
+		break;
+	case X509_V_ERR_CERT_NOT_YET_VALID:
+	case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
+		BIO_printf(bio_err,"notBefore=");
+		ASN1_TIME_print(bio_err,X509_get_notBefore(err_cert));
+		BIO_printf(bio_err,"\n");
+		break;
+	case X509_V_ERR_CERT_HAS_EXPIRED:
+	case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
+		BIO_printf(bio_err,"notAfter=");
+		ASN1_TIME_print(bio_err,X509_get_notAfter(err_cert));
+		BIO_printf(bio_err,"\n");
+		break;
+	case X509_V_ERR_NO_EXPLICIT_POLICY:
+		policies_print(bio_err, ctx);
+		break;
+		}
+	if (err == X509_V_OK && ok == 2)
+		/* print out policies */
+
+	BIO_printf(bio_err,"verify return:%d\n",ok);
+	return(ok);
+	}
+
+=head1 SEE ALSO
+
+L<X509_STORE_CTX_get_error(3)|X509_STORE_CTX_get_error(3)>
+L<X509_STORE_set_verify_cb_func(3)|X509_STORE_set_verify_cb_func(3)>
+L<X509_STORE_CTX_get_ex_new_index(3)|X509_STORE_CTX_get_ex_new_index(3)>
+
+=head1 HISTORY
+
+X509_STORE_CTX_set_verify_cb() is available in all versions of SSLeay and
+OpenSSL.
+
+=cut
diff --git a/doc/crypto/X509_STORE_set_verify_cb_func.pod b/doc/crypto/X509_STORE_set_verify_cb_func.pod
new file mode 100644
index 0000000000..1b774fc0cb
--- /dev/null
+++ b/doc/crypto/X509_STORE_set_verify_cb_func.pod
@@ -0,0 +1,54 @@
+=pod
+
+=head1 NAME
+
+X509_STORE_set_verify_cb_func, X509_STORE_set_verify_cb - set verification callback
+
+=head1 SYNOPSIS
+
+ #include <openssl/x509_vfy.h>
+
+ void X509_STORE_set_verify_cb(X509_STORE *st,
+				int (*verify_cb)(int ok, X509_STORE_CTX *ctx));
+
+ void X509_STORE_set_verify_cb_func(X509_STORE *st,
+				int (*verify_cb)(int ok, X509_STORE_CTX *ctx));
+
+=head1 DESCRIPTION
+
+X509_STORE_set_verify_cb() sets the verification callback of B<ctx> to
+B<verify_cb> overwriting any existing callback.
+
+X509_STORE_set_verify_cb_func() also sets the verification callback but it
+is implemented as a macro.
+
+=head 1 NOTES
+
+The verification callback from an B<X509_STORE> is inherited by 
+the corresponding B<X509_STORE_CTX> structure when it is initialized. This can
+be used to set the verification callback when the B<X509_STORE_CTX> is 
+otherwise inaccessible (for example during S/MIME verification).
+
+=head1 BUGS
+
+The macro version of this function was the only one available before 
+OpenSSL 1.0.0.
+
+=head1 RETURN VALUES
+
+X509_STORE_set_verify_cb() and X509_STORE_set_verify_cb_func() do not return
+a value.
+
+=head1 SEE ALSO
+
+L<X509_STORE_CTX_set_verify_cb(3)|X509_STORE_CTX_set_verify_cb(3)>
+L<CMS_verify(3)|CMS_verify(3)>
+
+=head1 HISTORY
+
+X509_STORE_set_verify_cb_func() is available in all versions of SSLeay and
+OpenSSL.
+
+X509_STORE_set_verify_cb() was added to OpenSSL 1.0.0.
+
+=cut
diff --git a/doc/crypto/X509_VERIFY_PARAM_set_flags.pod b/doc/crypto/X509_VERIFY_PARAM_set_flags.pod
new file mode 100644
index 0000000000..b68eece033
--- /dev/null
+++ b/doc/crypto/X509_VERIFY_PARAM_set_flags.pod
@@ -0,0 +1,171 @@
+=pod
+
+=head1 NAME
+
+X509_VERIFY_PARAM_set_flags, X509_VERIFY_PARAM_clear_flags, X509_VERIFY_PARAM_get_flags, X509_VERIFY_PARAM_set_purpose, X509_VERIFY_PARAM_set_trust, X509_VERIFY_PARAM_set_depth, X509_VERIFY_PARAM_get_depth, X509_VERIFY_PARAM_set_time, X509_VERIFY_PARAM_add0_policy, X509_VERIFY_PARAM_set1_policies - X509 verification parameters 
+
+=head1 SYNOPSIS
+
+ #include <openssl/x509_vfy.h>
+
+ int X509_VERIFY_PARAM_set_flags(X509_VERIFY_PARAM *param, unsigned long flags);
+ int X509_VERIFY_PARAM_clear_flags(X509_VERIFY_PARAM *param,
+							unsigned long flags);
+ unsigned long X509_VERIFY_PARAM_get_flags(X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_set_purpose(X509_VERIFY_PARAM *param, int purpose);
+ int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust);
+
+ void X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM *param, time_t t);
+
+ int X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM *param,
+						ASN1_OBJECT *policy);
+ int X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM *param, 
+					STACK_OF(ASN1_OBJECT) *policies);
+
+ void X509_VERIFY_PARAM_set_depth(X509_VERIFY_PARAM *param, int depth);
+ int X509_VERIFY_PARAM_get_depth(const X509_VERIFY_PARAM *param);
+
+=head1 DESCRIPTION
+
+These functions manipulate the B<X509_VERIFY_PARAM> structure associated with
+a certificate verification operation. 
+
+The X509_VERIFY_PARAM_set_flags() function sets the flags in B<param> by oring
+it with B<flags>. See the B<VERIFICATION FLAGS> section for a complete
+description of values the B<flags> parameter can take.
+
+X509_VERIFY_PARAM_get_flags() returns the flags in B<param>.
+
+X509_VERIFY_PARAM_clear_flags() clears the flags B<flags> in B<param>.
+
+X509_VERIFY_PARAM_set_purpose() sets the verification purpose in B<param>
+to B<purpose>. This determines the acceptable purpose of the certificate
+chain, for example SSL client or SSL server.
+
+X509_VERIFY_PARAM_set_trust() sets the trust setting in B<param> to 
+B<trust>.
+
+X509_VERIFY_PARAM_set_time() sets the verification time in B<param> to
+B<t>. Normally the current time is used.
+
+X509_VERIFY_PARAM_add0_policy() enables policy checking (it is disabled
+by default) and adds B<policy> to the acceptable policy set.
+
+X509_VERIFY_PARAM_set1_policies() enables policy checking (it is disabled
+by default) and sets the acceptable policy set to B<policies>. Any existing
+policy set is cleared. The B<policies> parameter can be B<NULL> to clear
+an existing policy set.
+
+X509_VERIFY_PARAM_set_depth() sets the maximum verification depth to B<depth>.
+That is the maximum number of untrusted CA certificates that can appear in a
+chain.
+
+=head1 RETURN VALUES
+
+X509_VERIFY_PARAM_set_flags(), X509_VERIFY_PARAM_clear_flags(), 
+X509_VERIFY_PARAM_set_purpose(), X509_VERIFY_PARAM_set_trust(),
+X509_VERIFY_PARAM_add0_policy() and X509_VERIFY_PARAM_set1_policies() return 1
+for success and 0 for failure. 
+
+X509_VERIFY_PARAM_get_flags() returns the current verification flags.
+
+X509_VERIFY_PARAM_set_time() and X509_VERIFY_PARAM_set_depth() do not return
+values.
+
+X509_VERIFY_PARAM_get_depth() returns the current verification depth.
+
+=head1 VERIFICATION FLAGS
+
+The verification flags consists of zero or more of the following flags
+ored together.
+
+B<X509_V_FLAG_CRL_CHECK> enables CRL checking for the certificate chain leaf
+certificate. An error occurs if a suitable CRL cannot be found. 
+
+B<X509_V_FLAG_CRL_CHECK_ALL> enables CRL checking for the entire certificate
+chain.
+
+B<X509_V_FLAG_IGNORE_CRITICAL> disabled critical extension checking. By default
+any unhandled critical extensions in certificates or (if checked) CRLs results
+in a fatal error. If this flag is set unhandled critical extensions are
+ignored. B<WARNING> setting this option for anything other than debugging
+purposes can be a security risk. Finer control over which extensions are
+supported can be performed in the verification callback.
+
+THe B<X509_V_FLAG_X509_STRICT> flag disables workarounds for some broken
+certificates and makes the verification strictly apply B<X509> rules.
+
+B<X509_V_FLAG_ALLOW_PROXY_CERTS> enables proxy certificate verification.
+
+B<X509_V_FLAG_POLICY_CHECK> enables certificate policy checking, by default
+no policy checking is peformed. Additional information is sent to the 
+verification callback relating to policy checking.
+
+B<X509_V_FLAG_EXPLICIT_POLICY>, B<X509_V_FLAG_INHIBIT_ANY> and
+B<X509_V_FLAG_INHIBIT_MAP> set the B<require explicit policy>, B<inhibit any
+policy> and B<inhibit policy mapping> flags respectively as defined in
+B<RFC3280>. Policy checking is automatically enabled if any of these flags
+are set.
+
+If B<X509_V_FLAG_NOTIFY_POLICY> is set and the policy checking is successful
+a special status code is set to the verification callback. This permits it
+to examine the valid policy tree and perform additional checks or simply
+log it for debugging purposes.
+
+By default some addtional features such as indirect CRLs and CRLs signed by
+different keys are disabled. If B<X509_V_FLAG_EXTENDED_CRL_SUPPORT> is set
+they are enabled.
+
+If B<X509_V_FLAG_USE_DELTAS> ise set delta CRLs (if present) are used to
+determine certificate status. If not set deltas are ignored.
+
+B<X509_V_FLAG_CHECK_SS_SIGNATURE> enables checking of the root CA self signed
+cerificate signature. By default this check is disabled because it doesn't
+add any additional security but in some cases applications might want to
+check the signature anyway. A side effect of not checking the root CA
+signature is that disabled or unsupported message digests on the root CA
+are not treated as fatal errors.
+
+The B<X509_V_FLAG_CB_ISSUER_CHECK> flag enables debugging of certificate
+issuer checks. It is B<not> needed unless you are logging certificate
+verification. If this flag is set then additional status codes will be sent
+to the verification callback and it B<must> be prepared to handle such cases
+without assuming they are hard errors.
+
+=head1 NOTES
+
+The above functions should be used to manipulate verification parameters
+instead of legacy functions which work in specific structures such as
+X509_STORE_CTX_set_flags().
+
+=head1 BUGS
+
+Delta CRL checking is currently primitive. Only a single delta can be used and
+(partly due to limitations of B<X509_STORE>) constructed CRLs are not 
+maintained.
+
+If CRLs checking is enable CRLs are expected to be available in the
+corresponding B<X509_STORE> structure. No attempt is made to download
+CRLs from the CRL distribution points extension.
+
+=head1 EXAMPLE
+
+Enable CRL checking when performing certificate verification during SSL 
+connections associated with an B<SSL_CTX> structure B<ctx>:
+
+  X509_VERIFY_PARAM *param;
+  param = X509_VERIFY_PARAM_new();
+  X509_VERIFY_PARAM_set_flags(param, X509_V_FLAG_CRL_CHECK);
+  SSL_CTX_set1_param(ctx, param);
+  X509_VERIFY_PARAM_free(param);
+
+=head1 SEE ALSO
+
+L<X509_verify_cert(3)|X509_verify_cert(3)>
+
+=head1 HISTORY
+
+TBA
+
+=cut
diff --git a/doc/crypto/X509_new.pod b/doc/crypto/X509_new.pod
index fd5fc65ce1..d38872335f 100644
--- a/doc/crypto/X509_new.pod
+++ b/doc/crypto/X509_new.pod
@@ -6,6 +6,8 @@ X509_new, X509_free - X509 certificate ASN1 allocation functions
 
 =head1 SYNOPSIS
 
+ #include <openssl/x509.h>
+
  X509 *X509_new(void);
  void X509_free(X509 *a);
 
diff --git a/doc/crypto/X509_verify_cert.pod b/doc/crypto/X509_verify_cert.pod
new file mode 100644
index 0000000000..5253bdcd70
--- /dev/null
+++ b/doc/crypto/X509_verify_cert.pod
@@ -0,0 +1,53 @@
+=pod
+
+=head1 NAME
+
+X509_verify_cert - discover and verify X509 certificte chain
+
+=head1 SYNOPSIS
+
+ #include <openssl/x509.h>
+
+ int X509_verify_cert(X509_STORE_CTX *ctx);
+
+=head1 DESCRIPTION
+
+The X509_verify_cert() function attempts to discover and validate a
+certificate chain based on parameters in B<ctx>. A complete description of
+the process is contained in the L<verify(1)|verify(1)> manual page.
+
+=head1 RETURN VALUES
+
+If a complete chain can be built and validated this function returns 1,
+otherwise it return zero, in exceptional circumstances it can also
+return a negative code.
+
+If the function fails additional error information can be obtained by
+examining B<ctx> using, for example X509_STORE_CTX_get_error().
+
+=head1 NOTES
+
+Applications rarely call this function directly but it is used by
+OpenSSL internally for certificate validation, in both the S/MIME and
+SSL/TLS code.
+
+The negative return value from X509_verify_cert() can only occur if no
+certificate is set in B<ctx> (due to a programming error) or if a retry
+operation is requested during internal lookups (which never happens with
+standard lookup methods). It is however recommended that application check
+for <= 0 return value on error.
+
+=head1 BUGS
+
+This function uses the header B<x509.h> as opposed to most chain verification
+functiosn which use B<x509_vfy.h>.
+
+=head1 SEE ALSO
+
+L<X509_STORE_CTX_get_error(3)|X509_STORE_CTX_get_error(3)>
+
+=head1 HISTORY
+
+X509_verify_cert() is available in all versions of SSLeay and OpenSSL.
+
+=cut
diff --git a/doc/crypto/bn.pod b/doc/crypto/bn.pod
index 210dfeac08..cd2f8e50c6 100644
--- a/doc/crypto/bn.pod
+++ b/doc/crypto/bn.pod
@@ -27,6 +27,9 @@ bn - multiprecision integer arithmetics
  int BN_num_bits(const BIGNUM *a);
  int BN_num_bits_word(BN_ULONG w);
 
+ void BN_set_negative(BIGNUM *a, int n);
+ int  BN_is_negative(const BIGNUM *a);
+
  int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
  int BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
  int BN_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
@@ -118,6 +121,25 @@ bn - multiprecision integer arithmetics
  int BN_to_montgomery(BIGNUM *r, BIGNUM *a, BN_MONT_CTX *mont,
          BN_CTX *ctx);
 
+ BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai,
+	BIGNUM *mod);
+ void BN_BLINDING_free(BN_BLINDING *b);
+ int BN_BLINDING_update(BN_BLINDING *b,BN_CTX *ctx);
+ int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
+ int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
+ int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b,
+	BN_CTX *ctx);
+ int BN_BLINDING_invert_ex(BIGNUM *n,const BIGNUM *r,BN_BLINDING *b,
+	BN_CTX *ctx);
+ unsigned long BN_BLINDING_get_thread_id(const BN_BLINDING *);
+ void BN_BLINDING_set_thread_id(BN_BLINDING *, unsigned long);
+ unsigned long BN_BLINDING_get_flags(const BN_BLINDING *);
+ void BN_BLINDING_set_flags(BN_BLINDING *, unsigned long);
+ BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b,
+	const BIGNUM *e, BIGNUM *m, BN_CTX *ctx,
+	int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+			  const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx),
+	BN_MONT_CTX *m_ctx);
 
 =head1 DESCRIPTION
 
@@ -153,6 +175,7 @@ L<BN_cmp(3)|BN_cmp(3)>, L<BN_zero(3)|BN_zero(3)>, L<BN_rand(3)|BN_rand(3)>,
 L<BN_generate_prime(3)|BN_generate_prime(3)>, L<BN_set_bit(3)|BN_set_bit(3)>,
 L<BN_bn2bin(3)|BN_bn2bin(3)>, L<BN_mod_inverse(3)|BN_mod_inverse(3)>,
 L<BN_mod_mul_reciprocal(3)|BN_mod_mul_reciprocal(3)>,
-L<BN_mod_mul_montgomery(3)|BN_mod_mul_montgomery(3)> 
+L<BN_mod_mul_montgomery(3)|BN_mod_mul_montgomery(3)>,
+L<BN_BLINDING_new(3)|BN_BLINDING_new(3)>
 
 =cut
diff --git a/doc/crypto/bn_internal.pod b/doc/crypto/bn_internal.pod
index 891914678c..91840b0f0d 100644
--- a/doc/crypto/bn_internal.pod
+++ b/doc/crypto/bn_internal.pod
@@ -13,6 +13,8 @@ library internal functions
 
 =head1 SYNOPSIS
 
+ #include <openssl/bn.h>
+
  BN_ULONG bn_mul_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w);
  BN_ULONG bn_mul_add_words(BN_ULONG *rp, BN_ULONG *ap, int num,
    BN_ULONG w);
@@ -70,24 +72,34 @@ applications.
 
 =head2 The BIGNUM structure
 
- typedef struct bignum_st
+ typedef struct bignum_st BIGNUM;
+
+ struct bignum_st
         {
-        int top;      /* number of words used in d */
-        BN_ULONG *d;  /* pointer to an array containing the integer value */
-        int max;      /* size of the d array */
-        int neg;      /* sign */
-        } BIGNUM;
+        BN_ULONG *d;    /* Pointer to an array of 'BN_BITS2' bit chunks. */
+        int top;        /* Index of last used d +1. */
+        /* The next are internal book keeping for bn_expand. */
+        int dmax;       /* Size of the d array. */
+        int neg;        /* one if the number is negative */
+        int flags;
+        };
+
 
 The integer value is stored in B<d>, a malloc()ed array of words (B<BN_ULONG>),
 least significant word first. A B<BN_ULONG> can be either 16, 32 or 64 bits
 in size, depending on the 'number of bits' (B<BITS2>) specified in
 C<openssl/bn.h>.
 
-B<max> is the size of the B<d> array that has been allocated.  B<top>
+B<dmax> is the size of the B<d> array that has been allocated.  B<top>
 is the number of words being used, so for a value of 4, bn.d[0]=4 and
 bn.top=1.  B<neg> is 1 if the number is negative.  When a B<BIGNUM> is
 B<0>, the B<d> field can be B<NULL> and B<top> == B<0>.
 
+B<flags> is a bit field of flags which are defined in C<openssl/bn.h>. The 
+flags begin with B<BN_FLG_>. The macros BN_set_flags(b,n) and 
+BN_get_flags(b,n) exist to enable or fetch flag(s) B<n> from B<BIGNUM>
+structure B<b>.
+
 Various routines in this library require the use of temporary
 B<BIGNUM> variables during their execution.  Since dynamic memory
 allocation to create B<BIGNUM>s is rather expensive when used in
@@ -207,12 +219,12 @@ significant non-zero word plus one when B<a> has shrunk.
 =head2 Debugging
 
 bn_check_top() verifies that C<((a)-E<gt>top E<gt>= 0 && (a)-E<gt>top
-E<lt>= (a)-E<gt>max)>.  A violation will cause the program to abort.
+E<lt>= (a)-E<gt>dmax)>.  A violation will cause the program to abort.
 
 bn_print() prints B<a> to stderr. bn_dump() prints B<n> words at B<d>
 (in reverse order, i.e. most significant word first) to stderr.
 
-bn_set_max() makes B<a> a static number with a B<max> of its current size.
+bn_set_max() makes B<a> a static number with a B<dmax> of its current size.
 This is used by bn_set_low() and bn_set_high() to make B<r> a read-only
 B<BIGNUM> that contains the B<n> low or high words of B<a>.
 
diff --git a/doc/crypto/d2i_RSAPublicKey.pod b/doc/crypto/d2i_RSAPublicKey.pod
index 279b29c873..aa6078bcf6 100644
--- a/doc/crypto/d2i_RSAPublicKey.pod
+++ b/doc/crypto/d2i_RSAPublicKey.pod
@@ -11,21 +11,21 @@ d2i_Netscape_RSA - RSA public and private key encoding functions.
  #include <openssl/rsa.h>
  #include <openssl/x509.h>
 
- RSA * d2i_RSAPublicKey(RSA **a, unsigned char **pp, long length);
+ RSA * d2i_RSAPublicKey(RSA **a, const unsigned char **pp, long length);
 
  int i2d_RSAPublicKey(RSA *a, unsigned char **pp);
 
- RSA * d2i_RSA_PUBKEY(RSA **a, unsigned char **pp, long length);
+ RSA * d2i_RSA_PUBKEY(RSA **a, const unsigned char **pp, long length);
 
  int i2d_RSA_PUBKEY(RSA *a, unsigned char **pp);
 
- RSA * d2i_RSAPrivateKey(RSA **a, unsigned char **pp, long length);
+ RSA * d2i_RSAPrivateKey(RSA **a, const unsigned char **pp, long length);
 
  int i2d_RSAPrivateKey(RSA *a, unsigned char **pp);
 
  int i2d_Netscape_RSA(RSA *a, unsigned char **pp, int (*cb)());
 
- RSA * d2i_Netscape_RSA(RSA **a, unsigned char **pp, long length, int (*cb)());
+ RSA * d2i_Netscape_RSA(RSA **a, const unsigned char **pp, long length, int (*cb)());
 
 =head1 DESCRIPTION
 
diff --git a/doc/crypto/d2i_X509.pod b/doc/crypto/d2i_X509.pod
index e8e946e18a..298ec54a4c 100644
--- a/doc/crypto/d2i_X509.pod
+++ b/doc/crypto/d2i_X509.pod
@@ -9,14 +9,14 @@ i2d_X509_fp - X509 encode and decode functions
 
  #include <openssl/x509.h>
 
- X509 *d2i_X509(X509 **px, unsigned char **in, int len);
+ X509 *d2i_X509(X509 **px, const unsigned char **in, int len);
  int i2d_X509(X509 *x, unsigned char **out);
 
  X509 *d2i_X509_bio(BIO *bp, X509 **x);
  X509 *d2i_X509_fp(FILE *fp, X509 **x);
 
- int i2d_X509_bio(X509 *x, BIO *bp);
- int i2d_X509_fp(X509 *x, FILE *fp);
+ int i2d_X509_bio(BIO *bp, X509 *x);
+ int i2d_X509_fp(FILE *fp, X509 *x);
 
 =head1 DESCRIPTION
 
@@ -212,11 +212,11 @@ d2i_X509(), d2i_X509_bio() and d2i_X509_fp() return a valid B<X509> structure
 or B<NULL> if an error occurs. The error code that can be obtained by
 L<ERR_get_error(3)|ERR_get_error(3)>. 
 
-i2d_X509(), i2d_X509_bio() and i2d_X509_fp() return a the number of bytes
-successfully encoded or a negative value if an error occurs. The error code
-can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>. 
+i2d_X509() returns the number of bytes successfully encoded or a negative
+value if an error occurs. The error code can be obtained by
+L<ERR_get_error(3)|ERR_get_error(3)>. 
 
-i2d_X509_bio() and i2d_X509_fp() returns 1 for success and 0 if an error 
+i2d_X509_bio() and i2d_X509_fp() return 1 for success and 0 if an error 
 occurs The error code can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>. 
 
 =head1 SEE ALSO
diff --git a/doc/crypto/d2i_X509_CRL.pod b/doc/crypto/d2i_X509_CRL.pod
index 06c5b23c09..224f9e082b 100644
--- a/doc/crypto/d2i_X509_CRL.pod
+++ b/doc/crypto/d2i_X509_CRL.pod
@@ -9,14 +9,14 @@ i2d_X509_CRL_bio, i2d_X509_CRL_fp - PKCS#10 certificate request functions.
 
  #include <openssl/x509.h>
 
- X509_CRL *d2i_X509_CRL(X509_CRL **a, unsigned char **pp, long length);
+ X509_CRL *d2i_X509_CRL(X509_CRL **a, const unsigned char **pp, long length);
  int i2d_X509_CRL(X509_CRL *a, unsigned char **pp);
 
  X509_CRL *d2i_X509_CRL_bio(BIO *bp, X509_CRL **x);
  X509_CRL *d2i_X509_CRL_fp(FILE *fp, X509_CRL **x);
 
- int i2d_X509_CRL_bio(X509_CRL *x, BIO *bp);
- int i2d_X509_CRL_fp(X509_CRL *x, FILE *fp);
+ int i2d_X509_CRL_bio(BIO *bp, X509_CRL *x);
+ int i2d_X509_CRL_fp(FILE *fp, X509_CRL *x);
 
 =head1 DESCRIPTION
 
diff --git a/doc/crypto/d2i_X509_REQ.pod b/doc/crypto/d2i_X509_REQ.pod
index be4ad68257..91c0c1974b 100644
--- a/doc/crypto/d2i_X509_REQ.pod
+++ b/doc/crypto/d2i_X509_REQ.pod
@@ -9,14 +9,14 @@ i2d_X509_REQ_bio, i2d_X509_REQ_fp - PKCS#10 certificate request functions.
 
  #include <openssl/x509.h>
 
- X509_REQ *d2i_X509_REQ(X509_REQ **a, unsigned char **pp, long length);
+ X509_REQ *d2i_X509_REQ(X509_REQ **a, const unsigned char **pp, long length);
  int i2d_X509_REQ(X509_REQ *a, unsigned char **pp);
 
  X509_REQ *d2i_X509_REQ_bio(BIO *bp, X509_REQ **x);
  X509_REQ *d2i_X509_REQ_fp(FILE *fp, X509_REQ **x);
 
- int i2d_X509_REQ_bio(X509_REQ *x, BIO *bp);
- int i2d_X509_REQ_fp(X509_REQ *x, FILE *fp);
+ int i2d_X509_REQ_bio(BIO *bp, X509_REQ *x);
+ int i2d_X509_REQ_fp(FILE *fp, X509_REQ *x);
 
 =head1 DESCRIPTION
 
diff --git a/doc/crypto/des_modes.pod b/doc/crypto/des_modes.pod
index 02664036fc..e883ca8fde 100644
--- a/doc/crypto/des_modes.pod
+++ b/doc/crypto/des_modes.pod
@@ -4,7 +4,7 @@
 
 =head1 NAME
 
-Modes of DES - the variants of DES and other crypto algorithms of OpenSSL
+des_modes - the variants of DES and other crypto algorithms of OpenSSL
 
 =head1 DESCRIPTION
 
diff --git a/doc/crypto/ecdsa.pod b/doc/crypto/ecdsa.pod
index 2a0f412638..49b10f2249 100644
--- a/doc/crypto/ecdsa.pod
+++ b/doc/crypto/ecdsa.pod
@@ -14,20 +14,22 @@ ecdsa - Elliptic Curve Digital Signature Algorithm
  ECDSA_SIG*	d2i_ECDSA_SIG(ECDSA_SIG **sig, const unsigned char **pp, 
 		long len);
 
- ECDSA_DATA*	ECDSA_DATA_new(void);
- ECDSA_DATA*	ECDSA_DATA_new_method(ENGINE *eng);
- void		ECDSA_DATA_free(ECDSA_DATA *data);
- ECDSA_DATA*	ecdsa_check(EC_KEY *eckey);
-
  ECDSA_SIG*	ECDSA_do_sign(const unsigned char *dgst, int dgst_len,
 			EC_KEY *eckey);
+ ECDSA_SIG*	ECDSA_do_sign_ex(const unsigned char *dgst, int dgstlen, 
+			const BIGNUM *kinv, const BIGNUM *rp,
+			EC_KEY *eckey);
  int		ECDSA_do_verify(const unsigned char *dgst, int dgst_len,
-			ECDSA_SIG *sig, EC_KEY* eckey);
+			const ECDSA_SIG *sig, EC_KEY* eckey);
  int		ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *ctx,
 			BIGNUM **kinv, BIGNUM **rp);
  int		ECDSA_sign(int type, const unsigned char *dgst,
 			int dgstlen, unsigned char *sig,
 			unsigned int *siglen, EC_KEY *eckey);
+ int		ECDSA_sign_ex(int type, const unsigned char *dgst,
+			int dgstlen, unsigned char *sig,
+			unsigned int *siglen, const BIGNUM *kinv, 
+			const BIGNUM *rp, EC_KEY *eckey);
  int		ECDSA_verify(int type, const unsigned char *dgst,
 			int dgstlen, const unsigned char *sig,
 			int siglen, EC_KEY *eckey);
@@ -72,35 +74,6 @@ the decoded signature in a newly allocated B<ECDSA_SIG> structure.
 B<*sig> points to the buffer containing the DER encoded signature
 of size B<len>.
 
-The B<ECDSA_DATA> structure extends the B<EC_KEY_METH_DATA>
-structure with ECDSA specific data.
-
- struct
-	{
-	/* EC_KEY_METH_DATA part */
-	int  (*init)(EC_KEY *);
-	void (*finish)(EC_KEY *);
-	/* method (ECDSA) specific part */
-	BIGNUM	*kinv;	/* signing pre-calc */
-	BIGNUM	*r;	/* signing pre-calc */
-	...
-	} 
- ECDSA_DATA;
-
-B<kinv> and B<r> are used to store precomputed values (see
-B<ECDSA_sign_setup>). 
-
-ECDSA_DATA_new() returns a newly allocated and initialized
-B<ECDSA_DATA> structure (or NULL on error). 
-
-ECDSA_DATA_free() frees the B<ECDSA_DATA> structure B<data>.
-
-ecdsa_check() returns the pointer to the B<ECDSA_DATA>
-structure in B<EC_KEY-E<gt>meth_data> (if B<EC_KEY-E<gt>meth_data>
-is not a pointer to a B<ECDSA_DATA> structure then the old
-data is freed and a new B<ECDSA_DATA> structure is allocated
-using B<ECDSA_DATA_new>).
-
 ECDSA_size() returns the maximum length of a DER encoded
 ECDSA signature created with the private EC key B<eckey>.
 
@@ -108,13 +81,15 @@ ECDSA_sign_setup() may be used to precompute parts of the
 signing operation. B<eckey> is the private EC key and B<ctx>
 is a pointer to B<BN_CTX> structure (or NULL). The precomputed
 values or returned in B<kinv> and B<rp> and can be used in a
-later call to B<ECDSA_sign> or B<ECDSA_do_sign> when placed in
-B<ECDSA_DATA-E<gt>kinv> and B<ECDSA_DATA-E<gt>r>.
+later call to B<ECDSA_sign_ex> or B<ECDSA_do_sign_ex>.
 
-ECDSA_sign() computes a digital signature of the B<dgstlen> bytes
-hash value B<dgst> using the private EC key B<eckey> and places
-the DER encoding of the created signature in B<sig>. The length
-of the created signature is returned in B<sig_len>. Note: B<sig>
+ECDSA_sign() is wrapper function for ECDSA_sign_ex with B<kinv>
+and B<rp> set to NULL.
+
+ECDSA_sign_ex() computes a digital signature of the B<dgstlen> bytes
+hash value B<dgst> using the private EC key B<eckey> and the optional
+pre-computed values B<kinv> and B<rp>. The DER encoded signatures is
+stored in B<sig> and it's length is returned in B<sig_len>. Note: B<sig>
 must point to B<ECDSA_size> bytes of memory. The parameter B<type>
 is ignored.
 
@@ -123,10 +98,13 @@ B<siglen> is a valid ECDSA signature of the hash value
 value B<dgst> of size B<dgstlen> using the public key B<eckey>.
 The parameter B<type> is ignored.
 
-ECDSA_do_sign() computes a digital signature of the B<dgst_len>
-bytes hash value B<dgst> using the private key B<eckey> and 
-returns the signature in a newly allocated B<ECDSA_SIG> structure
-(or NULL on error).
+ECDSA_do_sign() is wrapper function for ECDSA_do_sign_ex with B<kinv>
+and B<rp> set to NULL.
+
+ECDSA_do_sign_ex() computes a digital signature of the B<dgst_len>
+bytes hash value B<dgst> using the private key B<eckey> and the
+optional pre-computed values B<kinv> and B<rp>. The signature is
+returned in a newly allocated B<ECDSA_SIG> structure (or NULL on error).
 
 ECDSA_do_verify() verifies that the signature B<sig> is a valid
 ECDSA signature of the hash value B<dgst> of size B<dgst_len>
diff --git a/doc/crypto/engine.pod b/doc/crypto/engine.pod
index 75933fccad..f5ab1c3e50 100644
--- a/doc/crypto/engine.pod
+++ b/doc/crypto/engine.pod
@@ -183,7 +183,7 @@ Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be
 treated as handles - ie. not only as pointers, but also as references to
 the underlying ENGINE object. Ie. one should obtain a new reference when
 making copies of an ENGINE pointer if the copies will be used (and
-released) independantly.
+released) independently.
 
 ENGINE objects have two levels of reference-counting to match the way in
 which the objects are used. At the most basic level, each ENGINE pointer is
@@ -200,7 +200,7 @@ B<functional> reference. This kind of reference can be considered a
 specialised form of structural reference, because each functional reference
 implicitly contains a structural reference as well - however to avoid
 difficult-to-find programming bugs, it is recommended to treat the two
-kinds of reference independantly. If you have a functional reference to an
+kinds of reference independently. If you have a functional reference to an
 ENGINE, you have a guarantee that the ENGINE has been initialised ready to
 perform cryptographic operations and will remain uninitialised
 until after you have released your reference.
@@ -587,7 +587,7 @@ extension).
 The ENGINE API and internal architecture is currently being reviewed. Slated for
 possible release in 0.9.8 is support for transparent loading of "dynamic"
 ENGINEs (built as self-contained shared-libraries). This would allow ENGINE
-implementations to be provided independantly of OpenSSL libraries and/or
+implementations to be provided independently of OpenSSL libraries and/or
 OpenSSL-based applications, and would also remove any requirement for
 applications to explicitly use the "dynamic" ENGINE to bind to shared-library
 implementations.
diff --git a/doc/crypto/evp.pod b/doc/crypto/evp.pod
index b3ca14314f..9faa349243 100644
--- a/doc/crypto/evp.pod
+++ b/doc/crypto/evp.pod
@@ -22,14 +22,24 @@ digital signatures.
 Symmetric encryption is available with the B<EVP_Encrypt>I<...>
 functions.  The B<EVP_Digest>I<...> functions provide message digests.
 
+The B<EVP_PKEY>I<...> functions provide a high level interface to
+asymmetric algorithms.
+
 Algorithms are loaded with OpenSSL_add_all_algorithms(3).
 
-All the symmetric algorithms (ciphers) and digests can be replaced by ENGINE
-modules providing alternative implementations. If ENGINE implementations of
-ciphers or digests are registered as defaults, then the various EVP functions
-will automatically use those implementations automatically in preference to
-built in software implementations. For more information, consult the engine(3)
-man page.
+All the symmetric algorithms (ciphers), digests and asymmetric algorithms
+(public key algorithms) can be replaced by ENGINE modules providing alternative
+implementations. If ENGINE implementations of ciphers or digests are registered
+as defaults, then the various EVP functions will automatically use those
+implementations automatically in preference to built in software
+implementations. For more information, consult the engine(3) man page.
+
+Although low level algorithm specific functions exist for many algorithms
+their use is discouraged. They cannot be used with an ENGINE and ENGINE
+versions of new algorithms cannot be accessed using the low level functions.
+Also makes code harder to adapt to new algorithms and some options are not 
+cleanly supported at the low level and some operations are more efficient
+using the high level interface.
 
 =head1 SEE ALSO
 
diff --git a/doc/crypto/hmac.pod b/doc/crypto/hmac.pod
index 3976baf226..d92138d273 100644
--- a/doc/crypto/hmac.pod
+++ b/doc/crypto/hmac.pod
@@ -15,12 +15,12 @@ authentication code
 
  void HMAC_CTX_init(HMAC_CTX *ctx);
 
- void HMAC_Init(HMAC_CTX *ctx, const void *key, int key_len,
+ int HMAC_Init(HMAC_CTX *ctx, const void *key, int key_len,
                const EVP_MD *md);
- void HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int key_len,
-               	   const EVP_MD *md);
- void HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, int len);
- void HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len);
+ int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int key_len,
+               	   const EVP_MD *md, ENGINE *impl);
+ int HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, int len);
+ int HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len);
 
  void HMAC_CTX_cleanup(HMAC_CTX *ctx);
  void HMAC_cleanup(HMAC_CTX *ctx);
@@ -41,8 +41,6 @@ If B<md> is NULL, the digest is placed in a static array.  The size of
 the output is placed in B<md_len>, unless it is B<NULL>.
 
 B<evp_md> can be EVP_sha1(), EVP_ripemd160() etc.
-B<key> and B<evp_md> may be B<NULL> if a key and hash function have
-been set in a previous call to HMAC_Init() for that B<HMAC_CTX>.
 
 HMAC_CTX_init() initialises a B<HMAC_CTX> before first use. It must be
 called.
@@ -78,10 +76,13 @@ must have space for the hash function output.
 
 =head1 RETURN VALUES
 
-HMAC() returns a pointer to the message authentication code.
+HMAC() returns a pointer to the message authentication code or NULL if
+an error occurred.
 
-HMAC_CTX_init(), HMAC_Init_ex(), HMAC_Update(), HMAC_Final() and
-HMAC_CTX_cleanup() do not return values.
+HMAC_Init_ex(), HMAC_Update() and HMAC_Final() return 1 for success or 0 if
+an error occurred.
+
+HMAC_CTX_init() and HMAC_CTX_cleanup() do not return values.
 
 =head1 CONFORMING TO
 
@@ -99,4 +100,7 @@ are available since SSLeay 0.9.0.
 HMAC_CTX_init(), HMAC_Init_ex() and HMAC_CTX_cleanup() are available
 since OpenSSL 0.9.7.
 
+HMAC_Init_ex(), HMAC_Update() and HMAC_Final() did not return values in
+versions of OpenSSL before 1.0.0.
+
 =cut
diff --git a/doc/crypto/i2d_CMS_bio_stream.pod b/doc/crypto/i2d_CMS_bio_stream.pod
new file mode 100644
index 0000000000..558bdd0812
--- /dev/null
+++ b/doc/crypto/i2d_CMS_bio_stream.pod
@@ -0,0 +1,44 @@
+=pod
+
+=head1 NAME
+
+ i2d_CMS_bio_stream - output CMS_ContentInfo structure in BER format.
+
+=head1 SYNOPSIS
+
+ #include <openssl/cms.h>
+
+ int i2d_CMS_bio_stream(BIO *out, CMS_ContentInfo *cms, BIO *data, int flags);
+
+=head1 DESCRIPTION
+
+i2d_CMS_bio_stream() outputs a CMS_ContentInfo structure in BER format.
+
+It is otherwise identical to the function SMIME_write_CMS().
+
+=head1 NOTES
+
+This function is effectively a version of the i2d_CMS_bio() supporting
+streaming.
+
+=head1 BUGS
+
+The prefix "i2d" is arguably wrong because the function outputs BER format.
+
+=head1 RETURN VALUES
+
+i2d_CMS_bio_stream() returns 1 for success or 0 for failure.
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_sign(3)|CMS_sign(3)>,
+L<CMS_verify(3)|CMS_verify(3)>, L<CMS_encrypt(3)|CMS_encrypt(3)>
+L<CMS_decrypt(3)|CMS_decrypt(3)>,
+L<SMIME_write_CMS(3)|SMIME_write_CMS(3)>,
+L<PEM_write_bio_CMS_stream(3)|PEM_write_bio_CMS_stream(3)>
+
+=head1 HISTORY
+
+i2d_CMS_bio_stream() was added to OpenSSL 1.0.0
+
+=cut
diff --git a/doc/crypto/i2d_PKCS7_bio_stream.pod b/doc/crypto/i2d_PKCS7_bio_stream.pod
new file mode 100644
index 0000000000..dc4d884c59
--- /dev/null
+++ b/doc/crypto/i2d_PKCS7_bio_stream.pod
@@ -0,0 +1,44 @@
+=pod
+
+=head1 NAME
+
+i2d_PKCS7_bio_stream - output PKCS7 structure in BER format.
+
+=head1 SYNOPSIS
+
+ #include <openssl/pkcs7.h>
+
+ int i2d_PKCS7_bio_stream(BIO *out, PKCS7 *p7, BIO *data, int flags);
+
+=head1 DESCRIPTION
+
+i2d_PKCS7_bio_stream() outputs a PKCS7 structure in BER format.
+
+It is otherwise identical to the function SMIME_write_PKCS7().
+
+=head1 NOTES
+
+This function is effectively a version of the d2i_PKCS7_bio() supporting
+streaming.
+
+=head1 BUGS
+
+The prefix "d2i" is arguably wrong because the function outputs BER format.
+
+=head1 RETURN VALUES
+
+i2d_PKCS7_bio_stream() returns 1 for success or 0 for failure.
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<PKCS7_sign(3)|PKCS7_sign(3)>,
+L<PKCS7_verify(3)|PKCS7_verify(3)>, L<PKCS7_encrypt(3)|PKCS7_encrypt(3)>
+L<PKCS7_decrypt(3)|PKCS7_decrypt(3)>,
+L<SMIME_write_PKCS7(3)|SMIME_write_PKCS7(3)>,
+L<PEM_write_bio_PKCS7_stream(3)|PEM_write_bio_PKCS7_stream(3)>
+
+=head1 HISTORY
+
+i2d_PKCS7_bio_stream() was added to OpenSSL 1.0.0
+
+=cut
diff --git a/doc/crypto/lhash.pod b/doc/crypto/lhash.pod
index dcdbb43a8e..73a19b6c7e 100644
--- a/doc/crypto/lhash.pod
+++ b/doc/crypto/lhash.pod
@@ -8,18 +8,20 @@ lh_new, lh_free, lh_insert, lh_delete, lh_retrieve, lh_doall, lh_doall_arg, lh_e
 
  #include <openssl/lhash.h>
 
- LHASH *lh_new(LHASH_HASH_FN_TYPE hash, LHASH_COMP_FN_TYPE compare);
- void lh_free(LHASH *table);
+ DECLARE_LHASH_OF(<type>);
 
- void *lh_insert(LHASH *table, void *data);
- void *lh_delete(LHASH *table, void *data);
- void *lh_retrieve(LHASH *table, void *data);
+ LHASH *lh_<type>_new();
+ void lh_<type>_free(LHASH_OF(<type> *table);
 
- void lh_doall(LHASH *table, LHASH_DOALL_FN_TYPE func);
- void lh_doall_arg(LHASH *table, LHASH_DOALL_ARG_FN_TYPE func,
-          void *arg);
+ <type> *lh_<type>_insert(LHASH_OF(<type> *table, <type> *data);
+ <type> *lh_<type>_delete(LHASH_OF(<type> *table, <type> *data);
+ <type> *lh_retrieve(LHASH_OF<type> *table, <type> *data);
 
- int lh_error(LHASH *table);
+ void lh_<type>_doall(LHASH_OF(<type> *table, LHASH_DOALL_FN_TYPE func);
+ void lh_<type>_doall_arg(LHASH_OF(<type> *table, LHASH_DOALL_ARG_FN_TYPE func,
+          <type2>, <type2> *arg);
+
+ int lh_<type>_error(LHASH_OF(<type> *table);
 
  typedef int (*LHASH_COMP_FN_TYPE)(const void *, const void *);
  typedef unsigned long (*LHASH_HASH_FN_TYPE)(const void *);
@@ -28,113 +30,115 @@ lh_new, lh_free, lh_insert, lh_delete, lh_retrieve, lh_doall, lh_doall_arg, lh_e
 
 =head1 DESCRIPTION
 
-This library implements dynamic hash tables. The hash table entries
-can be arbitrary structures. Usually they consist of key and value
-fields.
-
-lh_new() creates a new B<LHASH> structure to store arbitrary data
-entries, and provides the 'hash' and 'compare' callbacks to be used in
-organising the table's entries.  The B<hash> callback takes a pointer
-to a table entry as its argument and returns an unsigned long hash
-value for its key field.  The hash value is normally truncated to a
-power of 2, so make sure that your hash function returns well mixed
-low order bits.  The B<compare> callback takes two arguments (pointers
-to two hash table entries), and returns 0 if their keys are equal,
-non-zero otherwise.  If your hash table will contain items of some
-particular type and the B<hash> and B<compare> callbacks hash/compare
-these types, then the B<DECLARE_LHASH_HASH_FN> and
-B<IMPLEMENT_LHASH_COMP_FN> macros can be used to create callback
-wrappers of the prototypes required by lh_new().  These provide
-per-variable casts before calling the type-specific callbacks written
-by the application author.  These macros, as well as those used for
-the "doall" callbacks, are defined as;
-
- #define DECLARE_LHASH_HASH_FN(f_name,o_type) \
-         unsigned long f_name##_LHASH_HASH(const void *);
- #define IMPLEMENT_LHASH_HASH_FN(f_name,o_type) \
-         unsigned long f_name##_LHASH_HASH(const void *arg) { \
-                 o_type a = (o_type)arg; \
-                 return f_name(a); }
- #define LHASH_HASH_FN(f_name) f_name##_LHASH_HASH
-
- #define DECLARE_LHASH_COMP_FN(f_name,o_type) \
-         int f_name##_LHASH_COMP(const void *, const void *);
- #define IMPLEMENT_LHASH_COMP_FN(f_name,o_type) \
-         int f_name##_LHASH_COMP(const void *arg1, const void *arg2) { \
-                 o_type a = (o_type)arg1; \
-                 o_type b = (o_type)arg2; \
-                 return f_name(a,b); }
- #define LHASH_COMP_FN(f_name) f_name##_LHASH_COMP
-
- #define DECLARE_LHASH_DOALL_FN(f_name,o_type) \
-         void f_name##_LHASH_DOALL(const void *);
- #define IMPLEMENT_LHASH_DOALL_FN(f_name,o_type) \
-         void f_name##_LHASH_DOALL(const void *arg) { \
-                 o_type a = (o_type)arg; \
-                 f_name(a); }
- #define LHASH_DOALL_FN(f_name) f_name##_LHASH_DOALL
-
- #define DECLARE_LHASH_DOALL_ARG_FN(f_name,o_type,a_type) \
-         void f_name##_LHASH_DOALL_ARG(const void *, const void *);
- #define IMPLEMENT_LHASH_DOALL_ARG_FN(f_name,o_type,a_type) \
-         void f_name##_LHASH_DOALL_ARG(const void *arg1, const void *arg2) { \
-                 o_type a = (o_type)arg1; \
-                 a_type b = (a_type)arg2; \
-                 f_name(a,b); }
- #define LHASH_DOALL_ARG_FN(f_name) f_name##_LHASH_DOALL_ARG
-
-An example of a hash table storing (pointers to) structures of type 'STUFF'
-could be defined as follows;
+This library implements type-checked dynamic hash tables. The hash
+table entries can be arbitrary structures. Usually they consist of key
+and value fields.
+
+lh_<type>_new() creates a new B<LHASH_OF(<type>> structure to store
+arbitrary data entries, and provides the 'hash' and 'compare'
+callbacks to be used in organising the table's entries.  The B<hash>
+callback takes a pointer to a table entry as its argument and returns
+an unsigned long hash value for its key field.  The hash value is
+normally truncated to a power of 2, so make sure that your hash
+function returns well mixed low order bits.  The B<compare> callback
+takes two arguments (pointers to two hash table entries), and returns
+0 if their keys are equal, non-zero otherwise.  If your hash table
+will contain items of some particular type and the B<hash> and
+B<compare> callbacks hash/compare these types, then the
+B<DECLARE_LHASH_HASH_FN> and B<IMPLEMENT_LHASH_COMP_FN> macros can be
+used to create callback wrappers of the prototypes required by
+lh_<type>_new().  These provide per-variable casts before calling the
+type-specific callbacks written by the application author.  These
+macros, as well as those used for the "doall" callbacks, are defined
+as;
+
+ #define DECLARE_LHASH_HASH_FN(name, o_type) \
+	 unsigned long name##_LHASH_HASH(const void *);
+ #define IMPLEMENT_LHASH_HASH_FN(name, o_type) \
+	 unsigned long name##_LHASH_HASH(const void *arg) { \
+		 const o_type *a = arg; \
+		 return name##_hash(a); }
+ #define LHASH_HASH_FN(name) name##_LHASH_HASH
+
+ #define DECLARE_LHASH_COMP_FN(name, o_type) \
+	 int name##_LHASH_COMP(const void *, const void *);
+ #define IMPLEMENT_LHASH_COMP_FN(name, o_type) \
+	 int name##_LHASH_COMP(const void *arg1, const void *arg2) { \
+		 const o_type *a = arg1;		    \
+		 const o_type *b = arg2; \
+		 return name##_cmp(a,b); }
+ #define LHASH_COMP_FN(name) name##_LHASH_COMP
+
+ #define DECLARE_LHASH_DOALL_FN(name, o_type) \
+	 void name##_LHASH_DOALL(void *);
+ #define IMPLEMENT_LHASH_DOALL_FN(name, o_type) \
+	 void name##_LHASH_DOALL(void *arg) { \
+		 o_type *a = arg; \
+		 name##_doall(a); }
+ #define LHASH_DOALL_FN(name) name##_LHASH_DOALL
+
+ #define DECLARE_LHASH_DOALL_ARG_FN(name, o_type, a_type) \
+	 void name##_LHASH_DOALL_ARG(void *, void *);
+ #define IMPLEMENT_LHASH_DOALL_ARG_FN(name, o_type, a_type) \
+	 void name##_LHASH_DOALL_ARG(void *arg1, void *arg2) { \
+		 o_type *a = arg1; \
+		 a_type *b = arg2; \
+		 name##_doall_arg(a, b); }
+ #define LHASH_DOALL_ARG_FN(name) name##_LHASH_DOALL_ARG
+
+ An example of a hash table storing (pointers to) structures of type 'STUFF'
+ could be defined as follows;
 
  /* Calculates the hash value of 'tohash' (implemented elsewhere) */
  unsigned long STUFF_hash(const STUFF *tohash);
  /* Orders 'arg1' and 'arg2' (implemented elsewhere) */
- int STUFF_cmp(const STUFF *arg1, const STUFF *arg2);
+ int stuff_cmp(const STUFF *arg1, const STUFF *arg2);
  /* Create the type-safe wrapper functions for use in the LHASH internals */
- static IMPLEMENT_LHASH_HASH_FN(STUFF_hash, const STUFF *)
- static IMPLEMENT_LHASH_COMP_FN(STUFF_cmp, const STUFF *);
+ static IMPLEMENT_LHASH_HASH_FN(stuff, STUFF);
+ static IMPLEMENT_LHASH_COMP_FN(stuff, STUFF);
  /* ... */
  int main(int argc, char *argv[]) {
          /* Create the new hash table using the hash/compare wrappers */
-         LHASH *hashtable = lh_new(LHASH_HASH_FN(STUFF_hash),
+         LHASH_OF(STUFF) *hashtable = lh_STUFF_new(LHASH_HASH_FN(STUFF_hash),
                                    LHASH_COMP_FN(STUFF_cmp));
 	 /* ... */
  }
 
-lh_free() frees the B<LHASH> structure B<table>. Allocated hash table
-entries will not be freed; consider using lh_doall() to deallocate any
-remaining entries in the hash table (see below).
+lh_<type>_free() frees the B<LHASH_OF(<type>> structure
+B<table>. Allocated hash table entries will not be freed; consider
+using lh_<type>_doall() to deallocate any remaining entries in the
+hash table (see below).
 
-lh_insert() inserts the structure pointed to by B<data> into B<table>.
-If there already is an entry with the same key, the old value is
-replaced. Note that lh_insert() stores pointers, the data are not
-copied.
+lh_<type>_insert() inserts the structure pointed to by B<data> into
+B<table>.  If there already is an entry with the same key, the old
+value is replaced. Note that lh_<type>_insert() stores pointers, the
+data are not copied.
 
-lh_delete() deletes an entry from B<table>.
+lh_<type>_delete() deletes an entry from B<table>.
 
-lh_retrieve() looks up an entry in B<table>. Normally, B<data> is
-a structure with the key field(s) set; the function will return a
+lh_<type>_retrieve() looks up an entry in B<table>. Normally, B<data>
+is a structure with the key field(s) set; the function will return a
 pointer to a fully populated structure.
 
-lh_doall() will, for every entry in the hash table, call B<func> with
-the data item as its parameter.  For lh_doall() and lh_doall_arg(),
-function pointer casting should be avoided in the callbacks (see
-B<NOTE>) - instead, either declare the callbacks to match the
-prototype required in lh_new() or use the declare/implement macros to
-create type-safe wrappers that cast variables prior to calling your
-type-specific callbacks.  An example of this is illustrated here where
-the callback is used to cleanup resources for items in the hash table
-prior to the hashtable itself being deallocated:
+lh_<type>_doall() will, for every entry in the hash table, call
+B<func> with the data item as its parameter.  For lh_<type>_doall()
+and lh_<type>_doall_arg(), function pointer casting should be avoided
+in the callbacks (see B<NOTE>) - instead use the declare/implement
+macros to create type-checked wrappers that cast variables prior to
+calling your type-specific callbacks.  An example of this is
+illustrated here where the callback is used to cleanup resources for
+items in the hash table prior to the hashtable itself being
+deallocated:
 
  /* Cleans up resources belonging to 'a' (this is implemented elsewhere) */
- void STUFF_cleanup(STUFF *a);
+ void STUFF_cleanup_doall(STUFF *a);
  /* Implement a prototype-compatible wrapper for "STUFF_cleanup" */
- IMPLEMENT_LHASH_DOALL_FN(STUFF_cleanup, STUFF *)
+ IMPLEMENT_LHASH_DOALL_FN(STUFF_cleanup, STUFF)
          /* ... then later in the code ... */
  /* So to run "STUFF_cleanup" against all items in a hash table ... */
- lh_doall(hashtable, LHASH_DOALL_FN(STUFF_cleanup));
+ lh_STUFF_doall(hashtable, LHASH_DOALL_FN(STUFF_cleanup));
  /* Then the hash table itself can be deallocated */
- lh_free(hashtable);
+ lh_STUFF_free(hashtable);
 
 When doing this, be careful if you delete entries from the hash table
 in your callbacks: the table may decrease in size, moving the item
@@ -145,51 +149,52 @@ you start (which will stop the hash table ever decreasing in size).
 The best solution is probably to avoid deleting items from the hash
 table inside a "doall" callback!
 
-lh_doall_arg() is the same as lh_doall() except that B<func> will be
-called with B<arg> as the second argument and B<func> should be of
-type B<LHASH_DOALL_ARG_FN_TYPE> (a callback prototype that is passed
-both the table entry and an extra argument).  As with lh_doall(), you
-can instead choose to declare your callback with a prototype matching
-the types you are dealing with and use the declare/implement macros to
-create compatible wrappers that cast variables before calling your
-type-specific callbacks.  An example of this is demonstrated here
-(printing all hash table entries to a BIO that is provided by the
-caller):
+lh_<type>_doall_arg() is the same as lh_<type>_doall() except that
+B<func> will be called with B<arg> as the second argument and B<func>
+should be of type B<LHASH_DOALL_ARG_FN_TYPE> (a callback prototype
+that is passed both the table entry and an extra argument).  As with
+lh_doall(), you can instead choose to declare your callback with a
+prototype matching the types you are dealing with and use the
+declare/implement macros to create compatible wrappers that cast
+variables before calling your type-specific callbacks.  An example of
+this is demonstrated here (printing all hash table entries to a BIO
+that is provided by the caller):
 
  /* Prints item 'a' to 'output_bio' (this is implemented elsewhere) */
- void STUFF_print(const STUFF *a, BIO *output_bio);
+ void STUFF_print_doall_arg(const STUFF *a, BIO *output_bio);
  /* Implement a prototype-compatible wrapper for "STUFF_print" */
- static IMPLEMENT_LHASH_DOALL_ARG_FN(STUFF_print, const STUFF *, BIO *)
+ static IMPLEMENT_LHASH_DOALL_ARG_FN(STUFF, const STUFF, BIO)
          /* ... then later in the code ... */
  /* Print out the entire hashtable to a particular BIO */
- lh_doall_arg(hashtable, LHASH_DOALL_ARG_FN(STUFF_print), logging_bio);
+ lh_STUFF_doall_arg(hashtable, LHASH_DOALL_ARG_FN(STUFF_print), BIO,
+                    logging_bio);
  
-lh_error() can be used to determine if an error occurred in the last
-operation. lh_error() is a macro.
+lh_<type>_error() can be used to determine if an error occurred in the last
+operation. lh_<type>_error() is a macro.
 
 =head1 RETURN VALUES
 
-lh_new() returns B<NULL> on error, otherwise a pointer to the new
+lh_<type>_new() returns B<NULL> on error, otherwise a pointer to the new
 B<LHASH> structure.
 
-When a hash table entry is replaced, lh_insert() returns the value
+When a hash table entry is replaced, lh_<type>_insert() returns the value
 being replaced. B<NULL> is returned on normal operation and on error.
 
-lh_delete() returns the entry being deleted.  B<NULL> is returned if
+lh_<type>_delete() returns the entry being deleted.  B<NULL> is returned if
 there is no such value in the hash table.
 
-lh_retrieve() returns the hash table entry if it has been found,
+lh_<type>_retrieve() returns the hash table entry if it has been found,
 B<NULL> otherwise.
 
-lh_error() returns 1 if an error occurred in the last operation, 0
+lh_<type>_error() returns 1 if an error occurred in the last operation, 0
 otherwise.
 
-lh_free(), lh_doall() and lh_doall_arg() return no values.
+lh_<type>_free(), lh_<type>_doall() and lh_<type>_doall_arg() return no values.
 
 =head1 NOTE
 
 The various LHASH macros and callback types exist to make it possible
-to write type-safe code without resorting to function-prototype
+to write type-checked code without resorting to function-prototype
 casting - an evil that makes application code much harder to
 audit/verify and also opens the window of opportunity for stack
 corruption and other hard-to-find bugs.  It also, apparently, violates
@@ -227,7 +232,7 @@ without any "const" qualifiers.
 
 =head1 BUGS
 
-lh_insert() returns B<NULL> both for success and error.
+lh_<type>_insert() returns B<NULL> both for success and error.
 
 =head1 INTERNALS
 
@@ -272,8 +277,8 @@ lh_strhash() is a demo string hashing function:
  unsigned long lh_strhash(const char *c);
 
 Since the B<LHASH> routines would normally be passed structures, this
-routine would not normally be passed to lh_new(), rather it would be
-used in the function passed to lh_new().
+routine would not normally be passed to lh_<type>_new(), rather it would be
+used in the function passed to lh_<type>_new().
 
 =head1 SEE ALSO
 
@@ -291,4 +296,7 @@ were changed for better type safety, and the function types LHASH_COMP_FN_TYPE,
 LHASH_HASH_FN_TYPE, LHASH_DOALL_FN_TYPE and LHASH_DOALL_ARG_FN_TYPE 
 became available.
 
+In OpenSSL 1.0.0, the lhash interface was revamped for even better
+type checking.
+
 =cut
diff --git a/doc/crypto/md5.pod b/doc/crypto/md5.pod
index 6e6322dcdc..d11d5c32cb 100644
--- a/doc/crypto/md5.pod
+++ b/doc/crypto/md5.pod
@@ -12,10 +12,10 @@ MD4_Final, MD5_Init, MD5_Update, MD5_Final - MD2, MD4, and MD5 hash functions
  unsigned char *MD2(const unsigned char *d, unsigned long n,
                   unsigned char *md);
 
- void MD2_Init(MD2_CTX *c);
- void MD2_Update(MD2_CTX *c, const unsigned char *data,
+ int MD2_Init(MD2_CTX *c);
+ int MD2_Update(MD2_CTX *c, const unsigned char *data,
                   unsigned long len);
- void MD2_Final(unsigned char *md, MD2_CTX *c);
+ int MD2_Final(unsigned char *md, MD2_CTX *c);
 
 
  #include <openssl/md4.h>
@@ -23,10 +23,10 @@ MD4_Final, MD5_Init, MD5_Update, MD5_Final - MD2, MD4, and MD5 hash functions
  unsigned char *MD4(const unsigned char *d, unsigned long n,
                   unsigned char *md);
 
- void MD4_Init(MD4_CTX *c);
- void MD4_Update(MD4_CTX *c, const void *data,
+ int MD4_Init(MD4_CTX *c);
+ int MD4_Update(MD4_CTX *c, const void *data,
                   unsigned long len);
- void MD4_Final(unsigned char *md, MD4_CTX *c);
+ int MD4_Final(unsigned char *md, MD4_CTX *c);
 
 
  #include <openssl/md5.h>
@@ -34,10 +34,10 @@ MD4_Final, MD5_Init, MD5_Update, MD5_Final - MD2, MD4, and MD5 hash functions
  unsigned char *MD5(const unsigned char *d, unsigned long n,
                   unsigned char *md);
 
- void MD5_Init(MD5_CTX *c);
- void MD5_Update(MD5_CTX *c, const void *data,
+ int MD5_Init(MD5_CTX *c);
+ int MD5_Update(MD5_CTX *c, const void *data,
                   unsigned long len);
- void MD5_Final(unsigned char *md, MD5_CTX *c);
+ int MD5_Final(unsigned char *md, MD5_CTX *c);
 
 =head1 DESCRIPTION
 
@@ -78,8 +78,8 @@ preferred.
 MD2(), MD4(), and MD5() return pointers to the hash value. 
 
 MD2_Init(), MD2_Update(), MD2_Final(), MD4_Init(), MD4_Update(),
-MD4_Final(), MD5_Init(), MD5_Update(), and MD5_Final() do not return
-values.
+MD4_Final(), MD5_Init(), MD5_Update(), and MD5_Final() return 1 for
+success, 0 otherwise.
 
 =head1 CONFORMING TO
 
diff --git a/doc/crypto/mdc2.pod b/doc/crypto/mdc2.pod
index 11dc303e04..41f648af36 100644
--- a/doc/crypto/mdc2.pod
+++ b/doc/crypto/mdc2.pod
@@ -11,10 +11,10 @@ MDC2, MDC2_Init, MDC2_Update, MDC2_Final - MDC2 hash function
  unsigned char *MDC2(const unsigned char *d, unsigned long n,
                   unsigned char *md);
 
- void MDC2_Init(MDC2_CTX *c);
- void MDC2_Update(MDC2_CTX *c, const unsigned char *data,
+ int MDC2_Init(MDC2_CTX *c);
+ int MDC2_Update(MDC2_CTX *c, const unsigned char *data,
                   unsigned long len);
- void MDC2_Final(unsigned char *md, MDC2_CTX *c);
+ int MDC2_Final(unsigned char *md, MDC2_CTX *c);
 
 =head1 DESCRIPTION
 
@@ -46,7 +46,7 @@ hash functions directly.
 
 MDC2() returns a pointer to the hash value. 
 
-MDC2_Init(), MDC2_Update() and MDC2_Final() do not return values.
+MDC2_Init(), MDC2_Update() and MDC2_Final() return 1 for success, 0 otherwise.
 
 =head1 CONFORMING TO
 
diff --git a/doc/crypto/pem.pod b/doc/crypto/pem.pod
index 4f9a27df0c..d5b1896119 100644
--- a/doc/crypto/pem.pod
+++ b/doc/crypto/pem.pod
@@ -2,7 +2,7 @@
 
 =head1 NAME
 
-PEM - PEM routines
+PEM, PEM_read_bio_PrivateKey, PEM_read_PrivateKey, PEM_write_bio_PrivateKey, PEM_write_PrivateKey, PEM_write_bio_PKCS8PrivateKey, PEM_write_PKCS8PrivateKey, PEM_write_bio_PKCS8PrivateKey_nid, PEM_write_PKCS8PrivateKey_nid, PEM_read_bio_PUBKEY, PEM_read_PUBKEY, PEM_write_bio_PUBKEY, PEM_write_PUBKEY, PEM_read_bio_RSAPrivateKey, PEM_read_RSAPrivateKey, PEM_write_bio_RSAPrivateKey, PEM_write_RSAPrivateKey, PEM_read_bio_RSAPublicKey, PEM_read_RSAPublicKey, PEM_write_bio_RSAPublicKey, PEM_write_RSAPublicKey, PEM_read_bio_RSA_PUBKEY, PEM_read_RSA_PUBKEY, PEM_write_bio_RSA_PUBKEY, PEM_write_RSA_PUBKEY, PEM_read_bio_DSAPrivateKey, PEM_read_DSAPrivateKey, PEM_write_bio_DSAPrivateKey, PEM_write_DSAPrivateKey, PEM_read_bio_DSA_PUBKEY, PEM_read_DSA_PUBKEY, PEM_write_bio_DSA_PUBKEY, PEM_write_DSA_PUBKEY, PEM_read_bio_DSAparams, PEM_read_DSAparams, PEM_write_bio_DSAparams, PEM_write_DSAparams, PEM_read_bio_DHparams, PEM_read_DHparams, PEM_write_bio_DHparams, PEM_write_DHparams, PEM_read_bio_X509, PEM_read_X509, PEM_write_bio_X509, PEM_write_X509, PEM_read_bio_X509_AUX, PEM_read_X509_AUX, PEM_write_bio_X509_AUX, PEM_write_X509_AUX, PEM_read_bio_X509_REQ, PEM_read_X509_REQ, PEM_write_bio_X509_REQ, PEM_write_X509_REQ, PEM_write_bio_X509_REQ_NEW, PEM_write_X509_REQ_NEW, PEM_read_bio_X509_CRL, PEM_read_X509_CRL, PEM_write_bio_X509_CRL, PEM_write_X509_CRL, PEM_read_bio_PKCS7, PEM_read_PKCS7, PEM_write_bio_PKCS7, PEM_write_PKCS7, PEM_read_bio_NETSCAPE_CERT_SEQUENCE, PEM_read_NETSCAPE_CERT_SEQUENCE, PEM_write_bio_NETSCAPE_CERT_SEQUENCE, PEM_write_NETSCAPE_CERT_SEQUENCE - PEM routines
 
 =head1 SYNOPSIS
 
diff --git a/doc/crypto/ripemd.pod b/doc/crypto/ripemd.pod
index 31054b6a8c..264bb99ae7 100644
--- a/doc/crypto/ripemd.pod
+++ b/doc/crypto/ripemd.pod
@@ -12,10 +12,10 @@ RIPEMD-160 hash function
  unsigned char *RIPEMD160(const unsigned char *d, unsigned long n,
                   unsigned char *md);
 
- void RIPEMD160_Init(RIPEMD160_CTX *c);
- void RIPEMD160_Update(RIPEMD_CTX *c, const void *data,
+ int RIPEMD160_Init(RIPEMD160_CTX *c);
+ int RIPEMD160_Update(RIPEMD_CTX *c, const void *data,
                   unsigned long len);
- void RIPEMD160_Final(unsigned char *md, RIPEMD160_CTX *c);
+ int RIPEMD160_Final(unsigned char *md, RIPEMD160_CTX *c);
 
 =head1 DESCRIPTION
 
@@ -47,8 +47,8 @@ hash functions directly.
 
 RIPEMD160() returns a pointer to the hash value. 
 
-RIPEMD160_Init(), RIPEMD160_Update() and RIPEMD160_Final() do not
-return values.
+RIPEMD160_Init(), RIPEMD160_Update() and RIPEMD160_Final() return 1 for
+success, 0 otherwise.
 
 =head1 CONFORMING TO
 
diff --git a/doc/crypto/sha.pod b/doc/crypto/sha.pod
index 0ba315d6d7..94ab7bc724 100644
--- a/doc/crypto/sha.pod
+++ b/doc/crypto/sha.pod
@@ -11,10 +11,10 @@ SHA1, SHA1_Init, SHA1_Update, SHA1_Final - Secure Hash Algorithm
  unsigned char *SHA1(const unsigned char *d, unsigned long n,
                   unsigned char *md);
 
- void SHA1_Init(SHA_CTX *c);
- void SHA1_Update(SHA_CTX *c, const void *data,
+ int SHA1_Init(SHA_CTX *c);
+ int SHA1_Update(SHA_CTX *c, const void *data,
                   unsigned long len);
- void SHA1_Final(unsigned char *md, SHA_CTX *c);
+ int SHA1_Final(unsigned char *md, SHA_CTX *c);
 
 =head1 DESCRIPTION
 
@@ -48,7 +48,7 @@ used only when backward compatibility is required.
 
 SHA1() returns a pointer to the hash value. 
 
-SHA1_Init(), SHA1_Update() and SHA1_Final() do not return values.
+SHA1_Init(), SHA1_Update() and SHA1_Final() return 1 for success, 0 otherwise.
 
 =head1 CONFORMING TO
 
diff --git a/doc/crypto/threads.pod b/doc/crypto/threads.pod
index afa45cd76c..dc0e9391dc 100644
--- a/doc/crypto/threads.pod
+++ b/doc/crypto/threads.pod
@@ -2,7 +2,9 @@
 
 =head1 NAME
 
-CRYPTO_set_locking_callback, CRYPTO_set_id_callback, CRYPTO_num_locks,
+CRYPTO_THREADID_set_callback, CRYPTO_THREADID_get_callback,
+CRYPTO_THREADID_current, CRYPTO_THREADID_cmp, CRYPTO_THREADID_cpy,
+CRYPTO_THREADID_hash, CRYPTO_set_locking_callback, CRYPTO_num_locks,
 CRYPTO_set_dynlock_create_callback, CRYPTO_set_dynlock_lock_callback,
 CRYPTO_set_dynlock_destroy_callback, CRYPTO_get_new_dynlockid,
 CRYPTO_destroy_dynlockid, CRYPTO_lock - OpenSSL thread support
@@ -11,14 +13,26 @@ CRYPTO_destroy_dynlockid, CRYPTO_lock - OpenSSL thread support
 
  #include <openssl/crypto.h>
 
- void CRYPTO_set_locking_callback(void (*locking_function)(int mode,
-        int n, const char *file, int line));
-
- void CRYPTO_set_id_callback(unsigned long (*id_function)(void));
+ /* Don't use this structure directly. */
+ typedef struct crypto_threadid_st
+         {
+         void *ptr;
+         unsigned long val;
+         } CRYPTO_THREADID;
+ /* Only use CRYPTO_THREADID_set_[numeric|pointer]() within callbacks */
+ void CRYPTO_THREADID_set_numeric(CRYPTO_THREADID *id, unsigned long val);
+ void CRYPTO_THREADID_set_pointer(CRYPTO_THREADID *id, void *ptr);
+ int CRYPTO_THREADID_set_callback(void (*threadid_func)(CRYPTO_THREADID *));
+ void (*CRYPTO_THREADID_get_callback(void))(CRYPTO_THREADID *);
+ void CRYPTO_THREADID_current(CRYPTO_THREADID *id);
+ int CRYPTO_THREADID_cmp(const CRYPTO_THREADID *a,
+                         const CRYPTO_THREADID *b);
+ void CRYPTO_THREADID_cpy(CRYPTO_THREADID *dest,
+                          const CRYPTO_THREADID *src);
+ unsigned long CRYPTO_THREADID_hash(const CRYPTO_THREADID *id);
 
  int CRYPTO_num_locks(void);
 
-
  /* struct CRYPTO_dynlock_value needs to be defined by the user */
  struct CRYPTO_dynlock_value;
 
@@ -50,7 +64,8 @@ CRYPTO_destroy_dynlockid, CRYPTO_lock - OpenSSL thread support
 =head1 DESCRIPTION
 
 OpenSSL can safely be used in multi-threaded applications provided
-that at least two callback functions are set.
+that at least two callback functions are set, locking_function and
+threadid_func.
 
 locking_function(int mode, int n, const char *file, int line) is
 needed to perform locking on shared data structures. 
@@ -65,9 +80,42 @@ B<CRYPTO_LOCK>, and releases it otherwise.
 B<file> and B<line> are the file number of the function setting the
 lock. They can be useful for debugging.
 
-id_function(void) is a function that returns a thread ID. It is not
-needed on Windows nor on platforms where getpid() returns a different
-ID for each thread (most notably Linux).
+threadid_func(CRYPTO_THREADID *id) is needed to record the currently-executing
+thread's identifier into B<id>. The implementation of this callback should not
+fill in B<id> directly, but should use CRYPTO_THREADID_set_numeric() if thread
+IDs are numeric, or CRYPTO_THREADID_set_pointer() if they are pointer-based.
+If the application does not register such a callback using
+CRYPTO_THREADID_set_callback(), then a default implementation is used - on
+Windows and BeOS this uses the system's default thread identifying APIs, and on
+all other platforms it uses the address of B<errno>. The latter is satisfactory
+for thread-safety if and only if the platform has a thread-local error number
+facility.
+
+Once threadid_func() is registered, or if the built-in default implementation is
+to be used;
+
+=over 4
+
+=item *
+CRYPTO_THREADID_current() records the currently-executing thread ID into the
+given B<id> object.
+
+=item *
+CRYPTO_THREADID_cmp() compares two thread IDs (returning zero for equality, ie.
+the same semantics as memcmp()).
+
+=item *
+CRYPTO_THREADID_cpy() duplicates a thread ID value,
+
+=item *
+CRYPTO_THREADID_hash() returns a numeric value usable as a hash-table key. This
+is usually the exact numeric or pointer-based thread ID used internally, however
+this also handles the unusual case where pointers are larger than 'long'
+variables and the platform's thread IDs are pointer-based - in this case, mixing
+is done to attempt to produce a unique numeric value even though it is not as
+wide as the platform's true thread IDs.
+
+=back
 
 Additionally, OpenSSL supports dynamic locks, and sometimes, some parts
 of OpenSSL need it for better performance.  To enable this, the following
@@ -124,13 +172,13 @@ CRYPTO_get_new_dynlockid() returns the index to the newly created lock.
 
 The other functions return no values.
 
-=head1 NOTE
+=head1 NOTES
 
 You can find out if OpenSSL was configured with thread support:
 
  #define OPENSSL_THREAD_DEFINES
  #include <openssl/opensslconf.h>
- #if defined(THREADS)
+ #if defined(OPENSSL_THREADS)
    // thread support enabled
  #else
    // no thread support
@@ -146,10 +194,14 @@ Solaris, Irix and Win32.
 
 =head1 HISTORY
 
-CRYPTO_set_locking_callback() and CRYPTO_set_id_callback() are
+CRYPTO_set_locking_callback() is
 available in all versions of SSLeay and OpenSSL.
 CRYPTO_num_locks() was added in OpenSSL 0.9.4.
 All functions dealing with dynamic locks were added in OpenSSL 0.9.5b-dev.
+B<CRYPTO_THREADID> and associated functions were introduced in OpenSSL 1.0.0
+to replace (actually, deprecate) the previous CRYPTO_set_id_callback(),
+CRYPTO_get_id_callback(), and CRYPTO_thread_id() functions which assumed
+thread IDs to always be represented by 'unsigned long'.
 
 =head1 SEE ALSO
 
diff --git a/doc/crypto/ui_compat.pod b/doc/crypto/ui_compat.pod
index 9ab3c69bf2..adf2ae5e53 100644
--- a/doc/crypto/ui_compat.pod
+++ b/doc/crypto/ui_compat.pod
@@ -7,6 +7,8 @@ Compatibility user interface functions
 
 =head1 SYNOPSIS
 
+ #include <openssl/des_old.h>
+
  int des_read_password(DES_cblock *key,const char *prompt,int verify);
  int des_read_2passwords(DES_cblock *key1,DES_cblock *key2,
  	const char *prompt,int verify);
diff --git a/doc/fingerprints.txt b/doc/fingerprints.txt
new file mode 100644
index 0000000000..7d05a85594
--- /dev/null
+++ b/doc/fingerprints.txt
@@ -0,0 +1,57 @@
+                              Fingerprints
+
+OpenSSL releases are signed with PGP/GnuPG keys.  You can find the
+signatures in separate files in the same location you find the
+distributions themselves.  The normal file name is the same as the
+distribution file, with '.asc' added.  For example, the signature for
+the distribution of OpenSSL 0.9.7f, openssl-0.9.7f.tar.gz, is found in
+the file openssl-0.9.7f.tar.gz.asc.
+
+The following is the list of fingerprints for the keys that are
+currently in use (have been used since summer 2004) to sign OpenSSL
+distributions:
+
+pub   1024D/F709453B 2003-10-20
+      Key fingerprint = C4CA B749 C34F 7F4C C04F  DAC9 A7AF 9E78 F709 453B
+uid                  Richard Levitte <richard@levitte.org>
+uid                  Richard Levitte <levitte@openssl.org>
+uid                  Richard Levitte <levitte@lp.se>
+
+pub   2048R/F295C759 1998-12-13
+      Key fingerprint = D0 5D 8C 61 6E 27 E6 60  41 EC B1 B8 D5 7E E5 97
+uid                  Dr S N Henson <shenson@drh-consultancy.demon.co.uk>
+
+pub   1024R/49A563D9 1997-02-24
+      Key fingerprint = 7B 79 19 FA 71 6B 87 25  0E 77 21 E5 52 D9 83 BF
+uid                  Mark Cox <mjc@redhat.com>
+uid                  Mark Cox <mark@awe.com>
+uid                  Mark Cox <mjc@apache.org>
+
+pub   1024R/26BB437D 1997-04-28
+      Key fingerprint = 00 C9 21 8E D1 AB 70 37  DD 67 A2 3A 0A 6F 8D A5
+uid                  Ralf S. Engelschall <rse@engelschall.com>
+
+pub   1024R/9C58A66D 1997-04-03
+      Key fingerprint = 13 D0 B8 9D 37 30 C3 ED  AC 9C 24 7D 45 8C 17 67
+uid                  jaenicke@openssl.org
+uid                  Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
+
+pub   1024D/2118CF83 1998-07-13
+      Key fingerprint = 7656 55DE 62E3 96FF 2587  EB6C 4F6D E156 2118 CF83
+uid                  Ben Laurie <ben@thebunker.net>
+uid                  Ben Laurie <ben@cryptix.org>
+uid                  Ben Laurie <ben@algroup.co.uk>
+sub   4096g/1F5143E7 1998-07-13
+
+pub   1024R/5A6A9B85 1994-03-22
+      Key fingerprint = C7 AC 7E AD 56 6A 65 EC  F6 16 66 83 7E 86 68 28
+uid                  Bodo Moeller <2005@bmoeller.de>
+uid                  Bodo Moeller <2003@bmoeller.de>
+uid                  Bodo Moeller <2004@bmoeller.de>
+uid                  Bodo Moeller <bmoeller@acm.org>
+uid                  Bodo Moeller <bodo@openssl.org>
+uid                  Bodo Moeller <bm@ulf.mali.sub.org>
+uid                  Bodo Moeller <3moeller@informatik.uni-hamburg.de>
+uid                  Bodo Moeller <Bodo_Moeller@public.uni-hamburg.de>
+uid                  Bodo Moeller <3moeller@rzdspc5.informatik.uni-hamburg.de>
+
diff --git a/doc/openssl.txt b/doc/openssl.txt
index 37730b2cbd..f8817b0a71 100644
--- a/doc/openssl.txt
+++ b/doc/openssl.txt
@@ -778,7 +778,7 @@ called.
 
 The X509V3_EXT_METHOD structure is described below.
 
-strut {
+struct {
 int ext_nid;
 int ext_flags;
 X509V3_EXT_NEW ext_new;
diff --git a/doc/ssl/SSL_CIPHER_get_name.pod b/doc/ssl/SSL_CIPHER_get_name.pod
index 4b91c63ba0..eb772b55de 100644
--- a/doc/ssl/SSL_CIPHER_get_name.pod
+++ b/doc/ssl/SSL_CIPHER_get_name.pod
@@ -8,10 +8,10 @@ SSL_CIPHER_get_name, SSL_CIPHER_get_bits, SSL_CIPHER_get_version, SSL_CIPHER_des
 
  #include <openssl/ssl.h>
 
- const char *SSL_CIPHER_get_name(SSL_CIPHER *cipher);
- int SSL_CIPHER_get_bits(SSL_CIPHER *cipher, int *alg_bits);
- char *SSL_CIPHER_get_version(SSL_CIPHER *cipher);
- char *SSL_CIPHER_description(SSL_CIPHER *cipher, char *buf, int size);
+ const char *SSL_CIPHER_get_name(const SSL_CIPHER *cipher);
+ int SSL_CIPHER_get_bits(const SSL_CIPHER *cipher, int *alg_bits);
+ char *SSL_CIPHER_get_version(const SSL_CIPHER *cipher);
+ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int size);
 
 =head1 DESCRIPTION
 
@@ -28,7 +28,7 @@ SSL_CIPHER_get_version() returns the protocol version for B<cipher>, currently
 
 SSL_CIPHER_description() returns a textual description of the cipher used
 into the buffer B<buf> of length B<len> provided. B<len> must be at least
-128 bytes, otherwise a pointer to the the string "Buffer too small" is
+128 bytes, otherwise a pointer to the string "Buffer too small" is
 returned. If B<buf> is NULL, a buffer of 128 bytes is allocated using
 OPENSSL_malloc(). If the allocation fails, a pointer to the string
 "OPENSSL_malloc Error" is returned.
diff --git a/doc/ssl/SSL_CTX_get_ex_new_index.pod b/doc/ssl/SSL_CTX_get_ex_new_index.pod
index 5686faf299..0c40a91f2f 100644
--- a/doc/ssl/SSL_CTX_get_ex_new_index.pod
+++ b/doc/ssl/SSL_CTX_get_ex_new_index.pod
@@ -15,7 +15,7 @@ SSL_CTX_get_ex_new_index, SSL_CTX_set_ex_data, SSL_CTX_get_ex_data - internal ap
 
  int SSL_CTX_set_ex_data(SSL_CTX *ctx, int idx, void *arg);
 
- void *SSL_CTX_get_ex_data(SSL_CTX *ctx, int idx);
+ void *SSL_CTX_get_ex_data(const SSL_CTX *ctx, int idx);
 
  typedef int new_func(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
                 int idx, long argl, void *argp);
diff --git a/doc/ssl/SSL_CTX_get_verify_mode.pod b/doc/ssl/SSL_CTX_get_verify_mode.pod
index 7f10c6e945..2a3747e75c 100644
--- a/doc/ssl/SSL_CTX_get_verify_mode.pod
+++ b/doc/ssl/SSL_CTX_get_verify_mode.pod
@@ -8,12 +8,12 @@ SSL_CTX_get_verify_mode, SSL_get_verify_mode, SSL_CTX_get_verify_depth, SSL_get_
 
  #include <openssl/ssl.h>
 
- int SSL_CTX_get_verify_mode(SSL_CTX *ctx);
- int SSL_get_verify_mode(SSL *ssl);
- int SSL_CTX_get_verify_depth(SSL_CTX *ctx);
- int SSL_get_verify_depth(SSL *ssl);
- int (*SSL_CTX_get_verify_callback(SSL_CTX *ctx))(int, X509_STORE_CTX *);
- int (*SSL_get_verify_callback(SSL *ssl))(int, X509_STORE_CTX *);
+ int SSL_CTX_get_verify_mode(const SSL_CTX *ctx);
+ int SSL_get_verify_mode(const SSL *ssl);
+ int SSL_CTX_get_verify_depth(const SSL_CTX *ctx);
+ int SSL_get_verify_depth(const SSL *ssl);
+ int (*SSL_CTX_get_verify_callback(const SSL_CTX *ctx))(int, X509_STORE_CTX *);
+ int (*SSL_get_verify_callback(const SSL *ssl))(int, X509_STORE_CTX *);
 
 =head1 DESCRIPTION
 
diff --git a/doc/ssl/SSL_CTX_new.pod b/doc/ssl/SSL_CTX_new.pod
index 465220a75c..73e8c47f9a 100644
--- a/doc/ssl/SSL_CTX_new.pod
+++ b/doc/ssl/SSL_CTX_new.pod
@@ -8,7 +8,7 @@ SSL_CTX_new - create a new SSL_CTX object as framework for TLS/SSL enabled funct
 
  #include <openssl/ssl.h>
 
- SSL_CTX *SSL_CTX_new(SSL_METHOD *method);
+ SSL_CTX *SSL_CTX_new(const SSL_METHOD *method);
 
 =head1 DESCRIPTION
 
diff --git a/doc/ssl/SSL_CTX_set_cert_store.pod b/doc/ssl/SSL_CTX_set_cert_store.pod
index 3a240c4d37..6acf0d9f9b 100644
--- a/doc/ssl/SSL_CTX_set_cert_store.pod
+++ b/doc/ssl/SSL_CTX_set_cert_store.pod
@@ -9,7 +9,7 @@ SSL_CTX_set_cert_store, SSL_CTX_get_cert_store - manipulate X509 certificate ver
  #include <openssl/ssl.h>
 
  void SSL_CTX_set_cert_store(SSL_CTX *ctx, X509_STORE *store);
- X509_STORE *SSL_CTX_get_cert_store(SSL_CTX *ctx);
+ X509_STORE *SSL_CTX_get_cert_store(const SSL_CTX *ctx);
 
 =head1 DESCRIPTION
 
diff --git a/doc/ssl/SSL_CTX_set_info_callback.pod b/doc/ssl/SSL_CTX_set_info_callback.pod
index 63d0b8d33f..0b4affd5eb 100644
--- a/doc/ssl/SSL_CTX_set_info_callback.pod
+++ b/doc/ssl/SSL_CTX_set_info_callback.pod
@@ -9,10 +9,10 @@ SSL_CTX_set_info_callback, SSL_CTX_get_info_callback, SSL_set_info_callback, SSL
  #include <openssl/ssl.h>
 
  void SSL_CTX_set_info_callback(SSL_CTX *ctx, void (*callback)());
- void (*SSL_CTX_get_info_callback(SSL_CTX *ctx))();
+ void (*SSL_CTX_get_info_callback(const SSL_CTX *ctx))();
 
  void SSL_set_info_callback(SSL *ssl, void (*callback)());
- void (*SSL_get_info_callback(SSL *ssl))();
+ void (*SSL_get_info_callback(const SSL *ssl))();
 
 =head1 DESCRIPTION
 
diff --git a/doc/ssl/SSL_CTX_set_mode.pod b/doc/ssl/SSL_CTX_set_mode.pod
index 9822544e5e..8cb669daeb 100644
--- a/doc/ssl/SSL_CTX_set_mode.pod
+++ b/doc/ssl/SSL_CTX_set_mode.pod
@@ -61,6 +61,16 @@ deal with read/write operations returning without success report. The
 flag SSL_MODE_AUTO_RETRY will cause read/write operations to only
 return after the handshake and successful completion.
 
+=item SSL_MODE_RELEASE_BUFFERS
+
+When we no longer need a read buffer or a write buffer for a given SSL,
+then release the memory we were using to hold it.  Released memory is
+either appended to a list of unused RAM chunks on the SSL_CTX, or simply
+freed if the list of unused chunks would become longer than 
+SSL_CTX->freelist_max_len, which defaults to 32.  Using this flag can
+save around 34k per idle SSL connection.
+This flag has no effect on SSL v2 connections, or on DTLS connections.
+
 =back
 
 =head1 RETURN VALUES
diff --git a/doc/ssl/SSL_CTX_set_options.pod b/doc/ssl/SSL_CTX_set_options.pod
index 766f0c9200..9331e67153 100644
--- a/doc/ssl/SSL_CTX_set_options.pod
+++ b/doc/ssl/SSL_CTX_set_options.pod
@@ -2,7 +2,7 @@
 
 =head1 NAME
 
-SSL_CTX_set_options, SSL_set_options, SSL_CTX_get_options, SSL_get_options - manipulate SSL engine options
+SSL_CTX_set_options, SSL_set_options, SSL_CTX_clear_options, SSL_clear_options, SSL_CTX_get_options, SSL_get_options, SSL_get_secure_renegotiation_support - manipulate SSL options
 
 =head1 SYNOPSIS
 
@@ -11,26 +11,41 @@ SSL_CTX_set_options, SSL_set_options, SSL_CTX_get_options, SSL_get_options - man
  long SSL_CTX_set_options(SSL_CTX *ctx, long options);
  long SSL_set_options(SSL *ssl, long options);
 
+ long SSL_CTX_clear_options(SSL_CTX *ctx, long options);
+ long SSL_clear_options(SSL *ssl, long options);
+
  long SSL_CTX_get_options(SSL_CTX *ctx);
  long SSL_get_options(SSL *ssl);
 
+ long SSL_get_secure_renegotiation_support(SSL *ssl);
+
 =head1 DESCRIPTION
 
+Note: all these functions are implemented using macros.
+
 SSL_CTX_set_options() adds the options set via bitmask in B<options> to B<ctx>.
 Options already set before are not cleared!
 
 SSL_set_options() adds the options set via bitmask in B<options> to B<ssl>.
 Options already set before are not cleared!
 
+SSL_CTX_clear_options() clears the options set via bitmask in B<options>
+to B<ctx>.
+
+SSL_clear_options() clears the options set via bitmask in B<options> to B<ssl>.
+
 SSL_CTX_get_options() returns the options set for B<ctx>.
 
 SSL_get_options() returns the options set for B<ssl>.
 
+SSL_get_secure_renegotiation_support() indicates whether the peer supports
+secure renegotiation.
+
 =head1 NOTES
 
 The behaviour of the SSL library can be changed by setting several options.
 The options are coded as bitmasks and can be combined by a logical B<or>
-operation (|). Options can only be added but can never be reset.
+operation (|).
 
 SSL_CTX_set_options() and SSL_set_options() affect the (external)
 protocol behaviour of the SSL library. The (internal) behaviour of
@@ -86,7 +101,7 @@ doing a re-connect, always takes the first cipher in the cipher list.
 
 =item SSL_OP_MSIE_SSLV2_RSA_PADDING
 
-...
+As of OpenSSL 0.9.7h and 0.9.8a, this option has no effect.
 
 =item SSL_OP_SSLEAY_080_CLIENT_DH_BUG
 
@@ -163,7 +178,7 @@ When choosing a cipher, use the server's preferences instead of the client
 preferences. When not set, the SSL server will always follow the clients
 preferences. When set, the SSLv3/TLSv1 server will choose following its
 own preferences. Because of the different protocol, for SSLv2 the server
-will send his list of preferences to the client and the client chooses.
+will send its list of preferences to the client and the client chooses.
 
 =item SSL_OP_PKCS1_CHECK_1
 
@@ -199,17 +214,73 @@ Do not use the TLSv1 protocol.
 
 When performing renegotiation as a server, always start a new session
 (i.e., session resumption requests are only accepted in the initial
-handshake).  This option is not needed for clients.
+handshake). This option is not needed for clients.
+
+=item SSL_OP_NO_TICKET
+
+Normally clients and servers will, where possible, transparently make use
+of RFC4507bis tickets for stateless session resumption.
+
+If this option is set this functionality is disabled and tickets will
+not be used by clients or servers.
+
+=item SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION
+
+See the B<SECURE RENEGOTIATION> section for a discussion of the purpose of
+this option
 
 =back
 
+=head1 SECURE RENEGOTIATION
+
+OpenSSL 0.9.8m and later always attempts to use secure renegotiation as
+described in draft-ietf-tls-renegotiation (FIXME: replace by RFC). This
+counters a prefix attack described in the draft and elsewhere (FIXME: need full
+reference).
+
+This attack has far reaching consequences which application writers should be
+aware of. In the description below an implementation supporting secure
+renegotiation is referred to as I<patched>. A server not supporting secure
+renegotiation is referred to as I<unpatched>.
+
+If an unpatched client attempts to connect to a patched OpenSSL server then
+the attempt will succeed but renegotiation is not permitted. As required
+by the standard a B<no_renegotiation> alert is sent back to the client if
+the TLS v1.0 protocol is used. If SSLv3.0 is used then renegotiation results
+in a fatal B<handshake_failed> alert.
+
+If a patched OpenSSL client attempts to connect to an unpatched server
+then the connection will fail because it is not possible to determine
+whether an attack is taking place.
+
+If the option B<SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION> is set then the
+above restrictions are relaxed. Renegotiation is permissible and initial
+connections to unpatched servers will succeed.
+
+This option should be used with caution because it leaves both clients and
+servers vulnerable. However unpatched servers and clients are likely to be
+around for some time and refusing to connect to unpatched servers or denying
+renegotion altogether may be unacceptable. So applications may be forced to
+tolerate unsafe renegotiation for the immediate future.
+
+The function SSL_get_secure_renegotiation_support() indicates whether the peer
+supports secure renegotiation. 
+
+The deprecated SSLv2 protocol does not support secure renegotiation at all.
+
 =head1 RETURN VALUES
 
 SSL_CTX_set_options() and SSL_set_options() return the new options bitmask
 after adding B<options>.
 
+SSL_CTX_clear_options() and SSL_clear_options() return the new options bitmask
+after clearing B<options>.
+
 SSL_CTX_get_options() and SSL_get_options() return the current bitmask.
 
+SSL_get_secure_renegotiation_support() returns 1 is the peer supports
+secure renegotiation and 0 if it does not.
+
 =head1 SEE ALSO
 
 L<ssl(3)|ssl(3)>, L<SSL_new(3)|SSL_new(3)>, L<SSL_clear(3)|SSL_clear(3)>,
@@ -232,4 +303,10 @@ Versions up to OpenSSL 0.9.6c do not include the countermeasure that
 can be disabled with this option (in OpenSSL 0.9.6d, it was always
 enabled).
 
+SSL_CTX_clear_options() and SSL_clear_options() were first added in OpenSSL
+0.9.8m.
+
+B<SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION> was first added in OpenSSL
+0.9.8m.
+
 =cut
diff --git a/doc/ssl/SSL_CTX_set_psk_client_callback.pod b/doc/ssl/SSL_CTX_set_psk_client_callback.pod
new file mode 100644
index 0000000000..573f89a922
--- /dev/null
+++ b/doc/ssl/SSL_CTX_set_psk_client_callback.pod
@@ -0,0 +1,81 @@
+=pod
+
+=begin comment
+
+Copyright 2005 Nokia. All rights reserved.
+
+The portions of the attached software ("Contribution") is developed by
+Nokia Corporation and is licensed pursuant to the OpenSSL open source
+license.
+
+The Contribution, originally written by Mika Kousa and Pasi Eronen of
+Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+support (see RFC 4279) to OpenSSL.
+
+No patent licenses or other rights except those expressly stated in
+the OpenSSL open source license shall be deemed granted or received
+expressly, by implication, estoppel, or otherwise.
+
+No assurances are provided by Nokia that the Contribution does not
+infringe the patent or other intellectual property rights of any third
+party or that the license provides you with all the necessary rights
+to make use of the Contribution.
+
+THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+OTHERWISE.
+
+=end comment
+
+=head1 NAME
+
+SSL_CTX_set_psk_client_callback, SSL_set_psk_client_callback - set PSK client callback
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ void SSL_CTX_set_psk_client_callback(SSL_CTX *ctx,
+	unsigned int (*callback)(SSL *ssl, const char *hint,
+	char *identity, unsigned int max_identity_len,
+	unsigned char *psk, unsigned int max_psk_len));
+ void SSL_set_psk_client_callback(SSL *ssl,
+	unsigned int (*callback)(SSL *ssl, const char *hint,
+	char *identity, unsigned int max_identity_len,
+ 	unsigned char *psk, unsigned int max_psk_len));
+
+
+=head1 DESCRIPTION
+
+A client application must provide a callback function which is called
+when the client is sending the ClientKeyExchange message to the server.
+
+The purpose of the callback function is to select the PSK identity and
+the pre-shared key to use during the connection setup phase.
+
+The callback is set using functions SSL_CTX_set_psk_client_callback()
+or SSL_set_psk_client_callback(). The callback function is given the
+connection in parameter B<ssl>, a B<NULL>-terminated PSK identity hint
+sent by the server in parameter B<hint>, a buffer B<identity> of
+length B<max_identity_len> bytes where the the resulting
+B<NULL>-terminated identity is to be stored, and a buffer B<psk> of
+length B<max_psk_len> bytes where the resulting pre-shared key is to
+be stored.
+
+=head1 NOTES
+
+Note that parameter B<hint> given to the callback may be B<NULL>.
+
+=head1 RETURN VALUES
+
+Return values from the client callback are interpreted as follows:
+
+On success (callback found a PSK identity and a pre-shared key to use)
+the length (> 0) of B<psk> in bytes is returned.
+
+Otherwise or on errors callback should return 0. In this case
+the connection setup fails.
+
+=cut
diff --git a/doc/ssl/SSL_CTX_set_quiet_shutdown.pod b/doc/ssl/SSL_CTX_set_quiet_shutdown.pod
index 1d0526d59a..393f8ff0b4 100644
--- a/doc/ssl/SSL_CTX_set_quiet_shutdown.pod
+++ b/doc/ssl/SSL_CTX_set_quiet_shutdown.pod
@@ -9,10 +9,10 @@ SSL_CTX_set_quiet_shutdown, SSL_CTX_get_quiet_shutdown, SSL_set_quiet_shutdown,
  #include <openssl/ssl.h>
 
  void SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx, int mode);
- int SSL_CTX_get_quiet_shutdown(SSL_CTX *ctx);
+ int SSL_CTX_get_quiet_shutdown(const SSL_CTX *ctx);
 
  void SSL_set_quiet_shutdown(SSL *ssl, int mode);
- int SSL_get_quiet_shutdown(SSL *ssl);
+ int SSL_get_quiet_shutdown(const SSL *ssl);
 
 =head1 DESCRIPTION
 
diff --git a/doc/ssl/SSL_CTX_set_ssl_version.pod b/doc/ssl/SSL_CTX_set_ssl_version.pod
index 0020180965..254f2b4397 100644
--- a/doc/ssl/SSL_CTX_set_ssl_version.pod
+++ b/doc/ssl/SSL_CTX_set_ssl_version.pod
@@ -9,9 +9,9 @@ SSL_CTX_set_ssl_version, SSL_set_ssl_method, SSL_get_ssl_method
 
  #include <openssl/ssl.h>
 
- int SSL_CTX_set_ssl_version(SSL_CTX *ctx, SSL_METHOD *method);
- int SSL_set_ssl_method(SSL *s, SSL_METHOD *method);
- SSL_METHOD *SSL_get_ssl_method(SSL *ssl);
+ int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *method);
+ int SSL_set_ssl_method(SSL *s, const SSL_METHOD *method);
+ const SSL_METHOD *SSL_get_ssl_method(SSL *ssl);
 
 =head1 DESCRIPTION
 
diff --git a/doc/ssl/SSL_CTX_set_tmp_rsa_callback.pod b/doc/ssl/SSL_CTX_set_tmp_rsa_callback.pod
index f85775927d..534643cd9d 100644
--- a/doc/ssl/SSL_CTX_set_tmp_rsa_callback.pod
+++ b/doc/ssl/SSL_CTX_set_tmp_rsa_callback.pod
@@ -18,7 +18,7 @@ SSL_CTX_set_tmp_rsa_callback, SSL_CTX_set_tmp_rsa, SSL_CTX_need_tmp_rsa, SSL_set
  long SSL_set_tmp_rsa(SSL *ssl, RSA *rsa)
  long SSL_need_tmp_rsa(SSL *ssl)
 
- RSA *(*tmp_rsa_callback)(SSL *ssl, int is_export, int keylength));
+ RSA *(*tmp_rsa_callback)(SSL *ssl, int is_export, int keylength);
 
 =head1 DESCRIPTION
 
diff --git a/doc/ssl/SSL_CTX_set_verify.pod b/doc/ssl/SSL_CTX_set_verify.pod
index ca8d81b82c..81566839d3 100644
--- a/doc/ssl/SSL_CTX_set_verify.pod
+++ b/doc/ssl/SSL_CTX_set_verify.pod
@@ -28,7 +28,7 @@ specifies the B<verify_callback> function to be used. If no callback function
 shall be specified, the NULL pointer can be used for B<verify_callback>. In
 this case last B<verify_callback> set specifically for this B<ssl> remains. If
 no special B<callback> was set before, the default callback for the underlying
-B<ctx> is used, that was valid at the the time B<ssl> was created with
+B<ctx> is used, that was valid at the time B<ssl> was created with
 L<SSL_new(3)|SSL_new(3)>.
 
 SSL_CTX_set_verify_depth() sets the maximum B<depth> for the certificate chain
diff --git a/doc/ssl/SSL_CTX_use_certificate.pod b/doc/ssl/SSL_CTX_use_certificate.pod
index ea2faba3ec..10be95fdb1 100644
--- a/doc/ssl/SSL_CTX_use_certificate.pod
+++ b/doc/ssl/SSL_CTX_use_certificate.pod
@@ -31,8 +31,8 @@ SSL_CTX_use_certificate, SSL_CTX_use_certificate_ASN1, SSL_CTX_use_certificate_f
  int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len);
  int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type);
 
- int SSL_CTX_check_private_key(SSL_CTX *ctx);
- int SSL_check_private_key(SSL *ssl);
+ int SSL_CTX_check_private_key(const SSL_CTX *ctx);
+ int SSL_check_private_key(const SSL *ssl);
 
 =head1 DESCRIPTION
 
@@ -77,6 +77,12 @@ SSL_CTX_use_PrivateKey() adds B<pkey> as private key to B<ctx>.
 SSL_CTX_use_RSAPrivateKey() adds the private key B<rsa> of type RSA
 to B<ctx>. SSL_use_PrivateKey() adds B<pkey> as private key to B<ssl>;
 SSL_use_RSAPrivateKey() adds B<rsa> as private key of type RSA to B<ssl>.
+If a certificate has already been set and the private does not belong
+to the certificate an error is returned. To change a certificate, private
+key pair the new certificate needs to be set with SSL_use_certificate()
+or SSL_CTX_use_certificate() before setting the private key with
+SSL_CTX_use_PrivateKey() or SSL_use_PrivateKey(). 
+
 
 SSL_CTX_use_PrivateKey_ASN1() adds the private key of type B<pk>
 stored at memory location B<d> (length B<len>) to B<ctx>.
@@ -154,4 +160,10 @@ L<SSL_CTX_set_cipher_list(3)|SSL_CTX_set_cipher_list(3)>,
 L<SSL_CTX_set_client_cert_cb(3)|SSL_CTX_set_client_cert_cb(3)>,
 L<SSL_CTX_add_extra_chain_cert(3)|SSL_CTX_add_extra_chain_cert(3)>
 
+=head1 HISTORY
+
+Support for DER encoded private keys (SSL_FILETYPE_ASN1) in
+SSL_CTX_use_PrivateKey_file() and SSL_use_PrivateKey_file() was added
+in 0.9.8 .
+
 =cut
diff --git a/doc/ssl/SSL_CTX_use_psk_identity_hint.pod b/doc/ssl/SSL_CTX_use_psk_identity_hint.pod
new file mode 100644
index 0000000000..b80e25be7e
--- /dev/null
+++ b/doc/ssl/SSL_CTX_use_psk_identity_hint.pod
@@ -0,0 +1,102 @@
+=pod
+
+=begin comment
+
+Copyright 2005 Nokia. All rights reserved.
+
+The portions of the attached software ("Contribution") is developed by
+Nokia Corporation and is licensed pursuant to the OpenSSL open source
+license.
+
+The Contribution, originally written by Mika Kousa and Pasi Eronen of
+Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+support (see RFC 4279) to OpenSSL.
+
+No patent licenses or other rights except those expressly stated in
+the OpenSSL open source license shall be deemed granted or received
+expressly, by implication, estoppel, or otherwise.
+
+No assurances are provided by Nokia that the Contribution does not
+infringe the patent or other intellectual property rights of any third
+party or that the license provides you with all the necessary rights
+to make use of the Contribution.
+
+THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+OTHERWISE.
+
+=end comment
+
+=head1 NAME
+
+SSL_CTX_use_psk_identity_hint, SSL_use_psk_identity_hint,
+SSL_CTX_set_psk_server_callback, SSL_set_psk_server_callback - set PSK
+identity hint to use
+
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ int SSL_CTX_use_psk_identity_hint(SSL_CTX *ctx, const char *hint);
+ int SSL_use_psk_identity_hint(SSL *ssl, const char *hint);
+
+ void SSL_CTX_set_psk_server_callback(SSL_CTX *ctx,
+	unsigned int (*callback)(SSL *ssl, const char *identity,
+	unsigned char *psk, int max_psk_len));
+ void SSL_set_psk_server_callback(SSL *ssl,
+	unsigned int (*callback)(SSL *ssl, const char *identity,
+	unsigned char *psk, int max_psk_len));
+
+
+=head1 DESCRIPTION
+
+SSL_CTX_use_psk_identity_hint() sets the given B<NULL>-terminated PSK
+identity hint B<hint> to SSL context object
+B<ctx>. SSL_use_psk_identity_hint() sets the given B<NULL>-terminated
+PSK identity hint B<hint> to SSL connection object B<ssl>. If B<hint>
+is B<NULL> the current hint from B<ctx> or B<ssl> is deleted.
+
+In the case where PSK identity hint is B<NULL>, the server
+does not send the ServerKeyExchange message to the client.
+
+A server application must provide a callback function which is called
+when the server receives the ClientKeyExchange message from the
+client. The purpose of the callback function is to validate the
+received PSK identity and to fetch the pre-shared key used during the
+connection setup phase. The callback is set using functions
+SSL_CTX_set_psk_server_callback() or
+SSL_set_psk_server_callback(). The callback function is given the
+connection in parameter B<ssl>, B<NULL>-terminated PSK identity sent
+by the client in parameter B<identity>, and a buffer B<psk> of length
+B<max_psk_len> bytes where the pre-shared key is to be stored.
+
+
+=head1 RETURN VALUES
+
+SSL_CTX_use_psk_identity_hint() and SSL_use_psk_identity_hint() return
+1 on success, 0 otherwise.
+
+Return values from the server callback are interpreted as follows:
+
+=item > 0
+
+PSK identity was found and the server callback has provided the PSK
+successfully in parameter B<psk>. Return value is the length of
+B<psk> in bytes. It is an error to return a value greater than
+B<max_psk_len>.
+
+If the PSK identity was not found but the callback instructs the
+protocol to continue anyway, the callback must provide some random
+data to B<psk> and return the length of the random data, so the
+connection will fail with decryption_error before it will be finished
+completely.
+
+=item 0
+
+PSK identity was not found. An "unknown_psk_identity" alert message
+will be sent and the connection setup fails.
+
+=cut
diff --git a/doc/ssl/SSL_SESSION_free.pod b/doc/ssl/SSL_SESSION_free.pod
index 558de01df9..110ec73ab6 100644
--- a/doc/ssl/SSL_SESSION_free.pod
+++ b/doc/ssl/SSL_SESSION_free.pod
@@ -14,7 +14,7 @@ SSL_SESSION_free - free an allocated SSL_SESSION structure
 
 SSL_SESSION_free() decrements the reference count of B<session> and removes
 the B<SSL_SESSION> structure pointed to by B<session> and frees up the allocated
-memory, if the the reference count has reached 0.
+memory, if the reference count has reached 0.
 
 =head1 NOTES
 
diff --git a/doc/ssl/SSL_SESSION_get_ex_new_index.pod b/doc/ssl/SSL_SESSION_get_ex_new_index.pod
index da0bcf1590..657cda931f 100644
--- a/doc/ssl/SSL_SESSION_get_ex_new_index.pod
+++ b/doc/ssl/SSL_SESSION_get_ex_new_index.pod
@@ -15,7 +15,7 @@ SSL_SESSION_get_ex_new_index, SSL_SESSION_set_ex_data, SSL_SESSION_get_ex_data -
 
  int SSL_SESSION_set_ex_data(SSL_SESSION *session, int idx, void *arg);
 
- void *SSL_SESSION_get_ex_data(SSL_SESSION *session, int idx);
+ void *SSL_SESSION_get_ex_data(const SSL_SESSION *session, int idx);
 
  typedef int new_func(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
                 int idx, long argl, void *argp);
diff --git a/doc/ssl/SSL_SESSION_get_time.pod b/doc/ssl/SSL_SESSION_get_time.pod
index ea3c2bcfe6..490337a32f 100644
--- a/doc/ssl/SSL_SESSION_get_time.pod
+++ b/doc/ssl/SSL_SESSION_get_time.pod
@@ -2,20 +2,20 @@
 
 =head1 NAME
 
-SSL_SESSION_get_time, SSL_SESSION_set_time, SSL_SESSION_get_timeout, SSL_SESSION_get_timeout - retrieve and manipulate session time and timeout settings
+SSL_SESSION_get_time, SSL_SESSION_set_time, SSL_SESSION_get_timeout, SSL_SESSION_set_timeout - retrieve and manipulate session time and timeout settings
 
 =head1 SYNOPSIS
 
  #include <openssl/ssl.h>
 
- long SSL_SESSION_get_time(SSL_SESSION *s);
+ long SSL_SESSION_get_time(const SSL_SESSION *s);
  long SSL_SESSION_set_time(SSL_SESSION *s, long tm);
- long SSL_SESSION_get_timeout(SSL_SESSION *s);
+ long SSL_SESSION_get_timeout(const SSL_SESSION *s);
  long SSL_SESSION_set_timeout(SSL_SESSION *s, long tm);
 
- long SSL_get_time(SSL_SESSION *s);
+ long SSL_get_time(const SSL_SESSION *s);
  long SSL_set_time(SSL_SESSION *s, long tm);
- long SSL_get_timeout(SSL_SESSION *s);
+ long SSL_get_timeout(const SSL_SESSION *s);
  long SSL_set_timeout(SSL_SESSION *s, long tm);
 
 =head1 DESCRIPTION
diff --git a/doc/ssl/SSL_free.pod b/doc/ssl/SSL_free.pod
index 2d4f8b6168..13c1abd9ec 100644
--- a/doc/ssl/SSL_free.pod
+++ b/doc/ssl/SSL_free.pod
@@ -14,7 +14,7 @@ SSL_free - free an allocated SSL structure
 
 SSL_free() decrements the reference count of B<ssl>, and removes the SSL
 structure pointed to by B<ssl> and frees up the allocated memory if the
-the reference count has reached 0.
+reference count has reached 0.
 
 =head1 NOTES
 
diff --git a/doc/ssl/SSL_get_SSL_CTX.pod b/doc/ssl/SSL_get_SSL_CTX.pod
index 52d0227b19..659c482c79 100644
--- a/doc/ssl/SSL_get_SSL_CTX.pod
+++ b/doc/ssl/SSL_get_SSL_CTX.pod
@@ -8,7 +8,7 @@ SSL_get_SSL_CTX - get the SSL_CTX from which an SSL is created
 
  #include <openssl/ssl.h>
 
- SSL_CTX *SSL_get_SSL_CTX(SSL *ssl);
+ SSL_CTX *SSL_get_SSL_CTX(const SSL *ssl);
 
 =head1 DESCRIPTION
 
diff --git a/doc/ssl/SSL_get_ciphers.pod b/doc/ssl/SSL_get_ciphers.pod
index 2a57455c23..aecadd9138 100644
--- a/doc/ssl/SSL_get_ciphers.pod
+++ b/doc/ssl/SSL_get_ciphers.pod
@@ -8,8 +8,8 @@ SSL_get_ciphers, SSL_get_cipher_list - get list of available SSL_CIPHERs
 
  #include <openssl/ssl.h>
 
- STACK_OF(SSL_CIPHER) *SSL_get_ciphers(SSL *ssl);
- const char *SSL_get_cipher_list(SSL *ssl, int priority);
+ STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *ssl);
+ const char *SSL_get_cipher_list(const SSL *ssl, int priority);
 
 =head1 DESCRIPTION
 
diff --git a/doc/ssl/SSL_get_client_CA_list.pod b/doc/ssl/SSL_get_client_CA_list.pod
index 5693fdebb2..68181b2407 100644
--- a/doc/ssl/SSL_get_client_CA_list.pod
+++ b/doc/ssl/SSL_get_client_CA_list.pod
@@ -8,8 +8,8 @@ SSL_get_client_CA_list, SSL_CTX_get_client_CA_list - get list of client CAs
 
  #include <openssl/ssl.h>
 
- STACK_OF(X509_NAME) *SSL_get_client_CA_list(SSL *s);
- STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(SSL_CTX *ctx); 
+ STACK_OF(X509_NAME) *SSL_get_client_CA_list(const SSL *s);
+ STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(const SSL_CTX *ctx); 
 
 =head1 DESCRIPTION
 
diff --git a/doc/ssl/SSL_get_current_cipher.pod b/doc/ssl/SSL_get_current_cipher.pod
index 2dd7261d89..e5ab12491e 100644
--- a/doc/ssl/SSL_get_current_cipher.pod
+++ b/doc/ssl/SSL_get_current_cipher.pod
@@ -9,7 +9,7 @@ SSL_get_cipher_bits, SSL_get_cipher_version - get SSL_CIPHER of a connection
 
  #include <openssl/ssl.h>
 
- SSL_CIPHER *SSL_get_current_cipher(SSL *ssl);
+ SSL_CIPHER *SSL_get_current_cipher(const SSL *ssl);
  #define SSL_get_cipher(s) \
                 SSL_CIPHER_get_name(SSL_get_current_cipher(s))
  #define SSL_get_cipher_name(s) \
diff --git a/doc/ssl/SSL_get_default_timeout.pod b/doc/ssl/SSL_get_default_timeout.pod
index 8d43b31345..a648a9b82d 100644
--- a/doc/ssl/SSL_get_default_timeout.pod
+++ b/doc/ssl/SSL_get_default_timeout.pod
@@ -8,7 +8,7 @@ SSL_get_default_timeout - get default session timeout value
 
  #include <openssl/ssl.h>
 
- long SSL_get_default_timeout(SSL *ssl);
+ long SSL_get_default_timeout(const SSL *ssl);
 
 =head1 DESCRIPTION
 
diff --git a/doc/ssl/SSL_get_error.pod b/doc/ssl/SSL_get_error.pod
index fe28dd942a..48c6b15db7 100644
--- a/doc/ssl/SSL_get_error.pod
+++ b/doc/ssl/SSL_get_error.pod
@@ -8,7 +8,7 @@ SSL_get_error - obtain result code for TLS/SSL I/O operation
 
  #include <openssl/ssl.h>
 
- int SSL_get_error(SSL *ssl, int ret);
+ int SSL_get_error(const SSL *ssl, int ret);
 
 =head1 DESCRIPTION
 
diff --git a/doc/ssl/SSL_get_ex_new_index.pod b/doc/ssl/SSL_get_ex_new_index.pod
index 6644ef8fbc..228d23d8c0 100644
--- a/doc/ssl/SSL_get_ex_new_index.pod
+++ b/doc/ssl/SSL_get_ex_new_index.pod
@@ -15,7 +15,7 @@ SSL_get_ex_new_index, SSL_set_ex_data, SSL_get_ex_data - internal application sp
 
  int SSL_set_ex_data(SSL *ssl, int idx, void *arg);
 
- void *SSL_get_ex_data(SSL *ssl, int idx);
+ void *SSL_get_ex_data(const SSL *ssl, int idx);
 
  typedef int new_func(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
                 int idx, long argl, void *argp);
diff --git a/doc/ssl/SSL_get_fd.pod b/doc/ssl/SSL_get_fd.pod
index a3f7625931..89260b522c 100644
--- a/doc/ssl/SSL_get_fd.pod
+++ b/doc/ssl/SSL_get_fd.pod
@@ -8,9 +8,9 @@ SSL_get_fd - get file descriptor linked to an SSL object
 
  #include <openssl/ssl.h>
 
- int SSL_get_fd(SSL *ssl);
- int SSL_get_rfd(SSL *ssl);
- int SSL_get_wfd(SSL *ssl);
+ int SSL_get_fd(const SSL *ssl);
+ int SSL_get_rfd(const SSL *ssl);
+ int SSL_get_wfd(const SSL *ssl);
 
 =head1 DESCRIPTION
 
diff --git a/doc/ssl/SSL_get_peer_cert_chain.pod b/doc/ssl/SSL_get_peer_cert_chain.pod
index 390ce0b41b..49fb88f86f 100644
--- a/doc/ssl/SSL_get_peer_cert_chain.pod
+++ b/doc/ssl/SSL_get_peer_cert_chain.pod
@@ -8,7 +8,7 @@ SSL_get_peer_cert_chain - get the X509 certificate chain of the peer
 
  #include <openssl/ssl.h>
 
- STACKOF(X509) *SSL_get_peer_cert_chain(SSL *ssl);
+ STACKOF(X509) *SSL_get_peer_cert_chain(const SSL *ssl);
 
 =head1 DESCRIPTION
 
diff --git a/doc/ssl/SSL_get_peer_certificate.pod b/doc/ssl/SSL_get_peer_certificate.pod
index 60635a9660..ef7c8be180 100644
--- a/doc/ssl/SSL_get_peer_certificate.pod
+++ b/doc/ssl/SSL_get_peer_certificate.pod
@@ -8,7 +8,7 @@ SSL_get_peer_certificate - get the X509 certificate of the peer
 
  #include <openssl/ssl.h>
 
- X509 *SSL_get_peer_certificate(SSL *ssl);
+ X509 *SSL_get_peer_certificate(const SSL *ssl);
 
 =head1 DESCRIPTION
 
diff --git a/doc/ssl/SSL_get_psk_identity.pod b/doc/ssl/SSL_get_psk_identity.pod
new file mode 100644
index 0000000000..fe6291649c
--- /dev/null
+++ b/doc/ssl/SSL_get_psk_identity.pod
@@ -0,0 +1,63 @@
+=pod
+
+=begin comment
+
+Copyright 2005 Nokia. All rights reserved.
+
+The portions of the attached software ("Contribution") is developed by
+Nokia Corporation and is licensed pursuant to the OpenSSL open source
+license.
+
+The Contribution, originally written by Mika Kousa and Pasi Eronen of
+Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+support (see RFC 4279) to OpenSSL.
+
+No patent licenses or other rights except those expressly stated in
+the OpenSSL open source license shall be deemed granted or received
+expressly, by implication, estoppel, or otherwise.
+
+No assurances are provided by Nokia that the Contribution does not
+infringe the patent or other intellectual property rights of any third
+party or that the license provides you with all the necessary rights
+to make use of the Contribution.
+
+THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+OTHERWISE.
+
+=end comment
+
+=head1 NAME
+
+SSL_get_psk_identity, SSL_get_psk_identity_hint - get PSK client identity and hint
+
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ const char *SSL_get_psk_identity_hint(const SSL *ssl);
+ const char *SSL_get_psk_identity(const SSL *ssl);
+
+
+=head1 DESCRIPTION
+
+SSL_get_psk_identity_hint() is used to retrieve the PSK identity hint
+used during the connection setup related to SSL object
+B<ssl>. Similarly, SSL_get_psk_identity() is used to retrieve the PSK
+identity used during the connection setup.
+
+
+=head1 RETURN VALUES
+
+If non-B<NULL>, SSL_get_psk_identity_hint() returns the PSK identity
+hint and SSL_get_psk_identity() returns the PSK identity. Both are
+B<NULL>-terminated. SSL_get_psk_identity_hint() may return B<NULL> if
+no PSK identity hint was used during the connection setup.
+
+Note that the return value is valid only during the lifetime of the
+SSL object B<ssl>.
+
+=cut
diff --git a/doc/ssl/SSL_get_session.pod b/doc/ssl/SSL_get_session.pod
index dd9aba40b6..0c41caa922 100644
--- a/doc/ssl/SSL_get_session.pod
+++ b/doc/ssl/SSL_get_session.pod
@@ -8,8 +8,8 @@ SSL_get_session - retrieve TLS/SSL session data
 
  #include <openssl/ssl.h>
 
- SSL_SESSION *SSL_get_session(SSL *ssl);
- SSL_SESSION *SSL_get0_session(SSL *ssl);
+ SSL_SESSION *SSL_get_session(const SSL *ssl);
+ SSL_SESSION *SSL_get0_session(const SSL *ssl);
  SSL_SESSION *SSL_get1_session(SSL *ssl);
 
 =head1 DESCRIPTION
diff --git a/doc/ssl/SSL_get_verify_result.pod b/doc/ssl/SSL_get_verify_result.pod
index e6bac9c35a..55b56a53f9 100644
--- a/doc/ssl/SSL_get_verify_result.pod
+++ b/doc/ssl/SSL_get_verify_result.pod
@@ -8,7 +8,7 @@ SSL_get_verify_result - get result of peer certificate verification
 
  #include <openssl/ssl.h>
 
- long SSL_get_verify_result(SSL *ssl);
+ long SSL_get_verify_result(const SSL *ssl);
 
 =head1 DESCRIPTION
 
diff --git a/doc/ssl/SSL_get_version.pod b/doc/ssl/SSL_get_version.pod
index 24d5291256..cc271db2c5 100644
--- a/doc/ssl/SSL_get_version.pod
+++ b/doc/ssl/SSL_get_version.pod
@@ -8,7 +8,7 @@ SSL_get_version - get the protocol version of a connection.
 
  #include <openssl/ssl.h>
 
- const char *SSL_get_version(SSL *ssl);
+ const char *SSL_get_version(const SSL *ssl);
 
 =head1 DESCRIPTION
 
diff --git a/doc/ssl/SSL_library_init.pod b/doc/ssl/SSL_library_init.pod
index ecf3c4858e..eed526e47e 100644
--- a/doc/ssl/SSL_library_init.pod
+++ b/doc/ssl/SSL_library_init.pod
@@ -23,6 +23,7 @@ for SSL_library_init().
 =head1 NOTES
 
 SSL_library_init() must be called before any other action takes place.
+SSL_library_init() is not reentrant. 
 
 =head1 WARNING
 
diff --git a/doc/ssl/SSL_pending.pod b/doc/ssl/SSL_pending.pod
index b4c48598b2..43f2874e8b 100644
--- a/doc/ssl/SSL_pending.pod
+++ b/doc/ssl/SSL_pending.pod
@@ -8,7 +8,7 @@ SSL_pending - obtain number of readable bytes buffered in an SSL object
 
  #include <openssl/ssl.h>
 
- int SSL_pending(SSL *ssl);
+ int SSL_pending(const SSL *ssl);
 
 =head1 DESCRIPTION
 
diff --git a/doc/ssl/SSL_read.pod b/doc/ssl/SSL_read.pod
index f6c37f77e4..7038cd2d75 100644
--- a/doc/ssl/SSL_read.pod
+++ b/doc/ssl/SSL_read.pod
@@ -64,6 +64,11 @@ non-blocking socket, nothing is to be done, but select() can be used to check
 for the required condition. When using a buffering BIO, like a BIO pair, data
 must be written into or retrieved out of the BIO before being able to continue.
 
+L<SSL_pending(3)|SSL_pending(3)> can be used to find out whether there
+are buffered bytes available for immediate retrieval. In this case
+SSL_read() can be called without blocking or actually receiving new
+data from the underlying socket.
+
 =head1 WARNING
 
 When an SSL_read() operation has to be repeated because of
@@ -112,6 +117,7 @@ L<SSL_get_error(3)|SSL_get_error(3)>, L<SSL_write(3)|SSL_write(3)>,
 L<SSL_CTX_set_mode(3)|SSL_CTX_set_mode(3)>, L<SSL_CTX_new(3)|SSL_CTX_new(3)>,
 L<SSL_connect(3)|SSL_connect(3)>, L<SSL_accept(3)|SSL_accept(3)>
 L<SSL_set_connect_state(3)|SSL_set_connect_state(3)>,
+L<SSL_pending(3)|SSL_pending(3)>,
 L<SSL_shutdown(3)|SSL_shutdown(3)>, L<SSL_set_shutdown(3)|SSL_set_shutdown(3)>,
 L<ssl(3)|ssl(3)>, L<bio(3)|bio(3)>
 
diff --git a/doc/ssl/SSL_set_shutdown.pod b/doc/ssl/SSL_set_shutdown.pod
index 6289e635d9..011a022a12 100644
--- a/doc/ssl/SSL_set_shutdown.pod
+++ b/doc/ssl/SSL_set_shutdown.pod
@@ -10,7 +10,7 @@ SSL_set_shutdown, SSL_get_shutdown - manipulate shutdown state of an SSL connect
 
  void SSL_set_shutdown(SSL *ssl, int mode);
 
- int SSL_get_shutdown(SSL *ssl);
+ int SSL_get_shutdown(const SSL *ssl);
 
 =head1 DESCRIPTION
 
diff --git a/doc/ssl/SSL_state_string.pod b/doc/ssl/SSL_state_string.pod
index b4be1aaa48..fe25d47c71 100644
--- a/doc/ssl/SSL_state_string.pod
+++ b/doc/ssl/SSL_state_string.pod
@@ -8,8 +8,8 @@ SSL_state_string, SSL_state_string_long - get textual description of state of an
 
  #include <openssl/ssl.h>
 
- const char *SSL_state_string(SSL *ssl);
- const char *SSL_state_string_long(SSL *ssl);
+ const char *SSL_state_string(const SSL *ssl);
+ const char *SSL_state_string_long(const SSL *ssl);
 
 =head1 DESCRIPTION
 
diff --git a/doc/ssl/SSL_want.pod b/doc/ssl/SSL_want.pod
index 50cc89db80..c0059c0d4a 100644
--- a/doc/ssl/SSL_want.pod
+++ b/doc/ssl/SSL_want.pod
@@ -8,11 +8,11 @@ SSL_want, SSL_want_nothing, SSL_want_read, SSL_want_write, SSL_want_x509_lookup
 
  #include <openssl/ssl.h>
 
- int SSL_want(SSL *ssl);
- int SSL_want_nothing(SSL *ssl);
- int SSL_want_read(SSL *ssl);
- int SSL_want_write(SSL *ssl);
- int SSL_want_x509_lookup(SSL *ssl);
+ int SSL_want(const SSL *ssl);
+ int SSL_want_nothing(const SSL *ssl);
+ int SSL_want_read(const SSL *ssl);
+ int SSL_want_write(const SSL *ssl);
+ int SSL_want_x509_lookup(const SSL *ssl);
 
 =head1 DESCRIPTION
 
diff --git a/doc/ssl/d2i_SSL_SESSION.pod b/doc/ssl/d2i_SSL_SESSION.pod
index 0321a5a36f..81d276477f 100644
--- a/doc/ssl/d2i_SSL_SESSION.pod
+++ b/doc/ssl/d2i_SSL_SESSION.pod
@@ -8,7 +8,7 @@ d2i_SSL_SESSION, i2d_SSL_SESSION - convert SSL_SESSION object from/to ASN1 repre
 
  #include <openssl/ssl.h>
 
- SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, unsigned char **pp, long length);
+ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, long length);
  int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp);
 
 =head1 DESCRIPTION
diff --git a/doc/ssl/ssl.pod b/doc/ssl/ssl.pod
index 3dc5358ef6..2b6004ee32 100644
--- a/doc/ssl/ssl.pod
+++ b/doc/ssl/ssl.pod
@@ -130,39 +130,39 @@ protocol methods defined in B<SSL_METHOD> structures.
 
 =over 4
 
-=item SSL_METHOD *B<SSLv2_client_method>(void);
+=item const SSL_METHOD *B<SSLv2_client_method>(void);
 
 Constructor for the SSLv2 SSL_METHOD structure for a dedicated client.
 
-=item SSL_METHOD *B<SSLv2_server_method>(void);
+=item const SSL_METHOD *B<SSLv2_server_method>(void);
 
 Constructor for the SSLv2 SSL_METHOD structure for a dedicated server.
 
-=item SSL_METHOD *B<SSLv2_method>(void);
+=item const SSL_METHOD *B<SSLv2_method>(void);
 
 Constructor for the SSLv2 SSL_METHOD structure for combined client and server.
 
-=item SSL_METHOD *B<SSLv3_client_method>(void);
+=item const SSL_METHOD *B<SSLv3_client_method>(void);
 
 Constructor for the SSLv3 SSL_METHOD structure for a dedicated client.
 
-=item SSL_METHOD *B<SSLv3_server_method>(void);
+=item const SSL_METHOD *B<SSLv3_server_method>(void);
 
 Constructor for the SSLv3 SSL_METHOD structure for a dedicated server.
 
-=item SSL_METHOD *B<SSLv3_method>(void);
+=item const SSL_METHOD *B<SSLv3_method>(void);
 
 Constructor for the SSLv3 SSL_METHOD structure for combined client and server.
 
-=item SSL_METHOD *B<TLSv1_client_method>(void);
+=item const SSL_METHOD *B<TLSv1_client_method>(void);
 
 Constructor for the TLSv1 SSL_METHOD structure for a dedicated client.
 
-=item SSL_METHOD *B<TLSv1_server_method>(void);
+=item cosnt SSL_METHOD *B<TLSv1_server_method>(void);
 
 Constructor for the TLSv1 SSL_METHOD structure for a dedicated server.
 
-=item SSL_METHOD *B<TLSv1_method>(void);
+=item const SSL_METHOD *B<TLSv1_method>(void);
 
 Constructor for the TLSv1 SSL_METHOD structure for combined client and server.
 
@@ -213,7 +213,7 @@ protocol context defined in the B<SSL_CTX> structure.
 
 =item int B<SSL_CTX_add_session>(SSL_CTX *ctx, SSL_SESSION *c);
 
-=item int B<SSL_CTX_check_private_key>(SSL_CTX *ctx);
+=item int B<SSL_CTX_check_private_key>(const SSL_CTX *ctx);
 
 =item long B<SSL_CTX_ctrl>(SSL_CTX *ctx, int cmd, long larg, char *parg);
 
@@ -225,23 +225,23 @@ protocol context defined in the B<SSL_CTX> structure.
 
 =item X509_STORE *B<SSL_CTX_get_cert_store>(SSL_CTX *ctx);
 
-=item STACK *B<SSL_CTX_get_client_CA_list>(SSL_CTX *ctx);
+=item STACK *B<SSL_CTX_get_client_CA_list>(const SSL_CTX *ctx);
 
 =item int (*B<SSL_CTX_get_client_cert_cb>(SSL_CTX *ctx))(SSL *ssl, X509 **x509, EVP_PKEY **pkey);
 
-=item char *B<SSL_CTX_get_ex_data>(SSL_CTX *s, int idx);
+=item char *B<SSL_CTX_get_ex_data>(const SSL_CTX *s, int idx);
 
 =item int B<SSL_CTX_get_ex_new_index>(long argl, char *argp, int (*new_func);(void), int (*dup_func)(void), void (*free_func)(void))
 
 =item void (*B<SSL_CTX_get_info_callback>(SSL_CTX *ctx))(SSL *ssl, int cb, int ret);
 
-=item int B<SSL_CTX_get_quiet_shutdown>(SSL_CTX *ctx);
+=item int B<SSL_CTX_get_quiet_shutdown>(const SSL_CTX *ctx);
 
 =item int B<SSL_CTX_get_session_cache_mode>(SSL_CTX *ctx);
 
-=item long B<SSL_CTX_get_timeout>(SSL_CTX *ctx);
+=item long B<SSL_CTX_get_timeout>(const SSL_CTX *ctx);
 
-=item int (*B<SSL_CTX_get_verify_callback>(SSL_CTX *ctx))(int ok, X509_STORE_CTX *ctx);
+=item int (*B<SSL_CTX_get_verify_callback>(const SSL_CTX *ctx))(int ok, X509_STORE_CTX *ctx);
 
 =item int B<SSL_CTX_get_verify_mode>(SSL_CTX *ctx);
 
@@ -249,7 +249,7 @@ protocol context defined in the B<SSL_CTX> structure.
 
 =item long B<SSL_CTX_need_tmp_RSA>(SSL_CTX *ctx);
 
-=item SSL_CTX *B<SSL_CTX_new>(SSL_METHOD *meth);
+=item SSL_CTX *B<SSL_CTX_new>(const SSL_METHOD *meth);
 
 =item int B<SSL_CTX_remove_session>(SSL_CTX *ctx, SSL_SESSION *c);
 
@@ -327,7 +327,7 @@ protocol context defined in the B<SSL_CTX> structure.
 
 =item void B<SSL_CTX_set_session_cache_mode>(SSL_CTX *ctx, int mode);
 
-=item int B<SSL_CTX_set_ssl_version>(SSL_CTX *ctx, SSL_METHOD *meth);
+=item int B<SSL_CTX_set_ssl_version>(SSL_CTX *ctx, const SSL_METHOD *meth);
 
 =item void B<SSL_CTX_set_timeout>(SSL_CTX *ctx, long t);
 
@@ -374,6 +374,15 @@ session instead of a context.
 
 =item int B<SSL_CTX_use_certificate_file>(SSL_CTX *ctx, char *file, int type);
 
+=item void B<SSL_CTX_set_psk_client_callback>(SSL_CTX *ctx, unsigned int (*callback)(SSL *ssl, const char *hint, char *identity, unsigned int max_identity_len, unsigned char *psk, unsigned int max_psk_len));
+
+=item int B<SSL_CTX_use_psk_identity_hint>(SSL_CTX *ctx, const char *hint);
+
+=item void B<SSL_CTX_set_psk_server_callback>(SSL_CTX *ctx, unsigned int (*callback)(SSL *ssl, const char *identity, unsigned char *psk, int max_psk_len));
+
+
+
+
 =back
 
 =head2 DEALING WITH SESSIONS
@@ -383,27 +392,27 @@ sessions defined in the B<SSL_SESSION> structures.
 
 =over 4
 
-=item int B<SSL_SESSION_cmp>(SSL_SESSION *a, SSL_SESSION *b);
+=item int B<SSL_SESSION_cmp>(const SSL_SESSION *a, const SSL_SESSION *b);
 
 =item void B<SSL_SESSION_free>(SSL_SESSION *ss);
 
 =item char *B<SSL_SESSION_get_app_data>(SSL_SESSION *s);
 
-=item char *B<SSL_SESSION_get_ex_data>(SSL_SESSION *s, int idx);
+=item char *B<SSL_SESSION_get_ex_data>(const SSL_SESSION *s, int idx);
 
 =item int B<SSL_SESSION_get_ex_new_index>(long argl, char *argp, int (*new_func);(void), int (*dup_func)(void), void (*free_func)(void))
 
-=item long B<SSL_SESSION_get_time>(SSL_SESSION *s);
+=item long B<SSL_SESSION_get_time>(const SSL_SESSION *s);
 
-=item long B<SSL_SESSION_get_timeout>(SSL_SESSION *s);
+=item long B<SSL_SESSION_get_timeout>(const SSL_SESSION *s);
 
-=item unsigned long B<SSL_SESSION_hash>(SSL_SESSION *a);
+=item unsigned long B<SSL_SESSION_hash>(const SSL_SESSION *a);
 
 =item SSL_SESSION *B<SSL_SESSION_new>(void);
 
-=item int B<SSL_SESSION_print>(BIO *bp, SSL_SESSION *x);
+=item int B<SSL_SESSION_print>(BIO *bp, const SSL_SESSION *x);
 
-=item int B<SSL_SESSION_print_fp>(FILE *fp, SSL_SESSION *x);
+=item int B<SSL_SESSION_print_fp>(FILE *fp, const SSL_SESSION *x);
 
 =item void B<SSL_SESSION_set_app_data>(SSL_SESSION *s, char *a);
 
@@ -438,7 +447,7 @@ connection defined in the B<SSL> structure.
 
 =item char *B<SSL_alert_type_string_long>(int value);
 
-=item int B<SSL_check_private_key>(SSL *ssl);
+=item int B<SSL_check_private_key>(const SSL *ssl);
 
 =item void B<SSL_clear>(SSL *ssl);
 
@@ -446,7 +455,7 @@ connection defined in the B<SSL> structure.
 
 =item int B<SSL_connect>(SSL *ssl);
 
-=item void B<SSL_copy_session_id>(SSL *t, SSL *f);
+=item void B<SSL_copy_session_id>(SSL *t, const SSL *f);
 
 =item long B<SSL_ctrl>(SSL *ssl, int cmd, long larg, char *parg);
 
@@ -458,77 +467,77 @@ connection defined in the B<SSL> structure.
 
 =item void B<SSL_free>(SSL *ssl);
 
-=item SSL_CTX *B<SSL_get_SSL_CTX>(SSL *ssl);
+=item SSL_CTX *B<SSL_get_SSL_CTX>(const SSL *ssl);
 
 =item char *B<SSL_get_app_data>(SSL *ssl);
 
-=item X509 *B<SSL_get_certificate>(SSL *ssl);
+=item X509 *B<SSL_get_certificate>(const SSL *ssl);
 
-=item const char *B<SSL_get_cipher>(SSL *ssl);
+=item const char *B<SSL_get_cipher>(const SSL *ssl);
 
-=item int B<SSL_get_cipher_bits>(SSL *ssl, int *alg_bits);
+=item int B<SSL_get_cipher_bits>(const SSL *ssl, int *alg_bits);
 
-=item char *B<SSL_get_cipher_list>(SSL *ssl, int n);
+=item char *B<SSL_get_cipher_list>(const SSL *ssl, int n);
 
-=item char *B<SSL_get_cipher_name>(SSL *ssl);
+=item char *B<SSL_get_cipher_name>(const SSL *ssl);
 
-=item char *B<SSL_get_cipher_version>(SSL *ssl);
+=item char *B<SSL_get_cipher_version>(const SSL *ssl);
 
-=item STACK *B<SSL_get_ciphers>(SSL *ssl);
+=item STACK *B<SSL_get_ciphers>(const SSL *ssl);
 
-=item STACK *B<SSL_get_client_CA_list>(SSL *ssl);
+=item STACK *B<SSL_get_client_CA_list>(const SSL *ssl);
 
 =item SSL_CIPHER *B<SSL_get_current_cipher>(SSL *ssl);
 
-=item long B<SSL_get_default_timeout>(SSL *ssl);
+=item long B<SSL_get_default_timeout>(const SSL *ssl);
 
-=item int B<SSL_get_error>(SSL *ssl, int i);
+=item int B<SSL_get_error>(const SSL *ssl, int i);
 
-=item char *B<SSL_get_ex_data>(SSL *ssl, int idx);
+=item char *B<SSL_get_ex_data>(const SSL *ssl, int idx);
 
 =item int B<SSL_get_ex_data_X509_STORE_CTX_idx>(void);
 
 =item int B<SSL_get_ex_new_index>(long argl, char *argp, int (*new_func);(void), int (*dup_func)(void), void (*free_func)(void))
 
-=item int B<SSL_get_fd>(SSL *ssl);
+=item int B<SSL_get_fd>(const SSL *ssl);
 
-=item void (*B<SSL_get_info_callback>(SSL *ssl);)(void)
+=item void (*B<SSL_get_info_callback>(const SSL *ssl);)()
 
-=item STACK *B<SSL_get_peer_cert_chain>(SSL *ssl);
+=item STACK *B<SSL_get_peer_cert_chain>(const SSL *ssl);
 
-=item X509 *B<SSL_get_peer_certificate>(SSL *ssl);
+=item X509 *B<SSL_get_peer_certificate>(const SSL *ssl);
 
 =item EVP_PKEY *B<SSL_get_privatekey>(SSL *ssl);
 
-=item int B<SSL_get_quiet_shutdown>(SSL *ssl);
+=item int B<SSL_get_quiet_shutdown>(const SSL *ssl);
 
-=item BIO *B<SSL_get_rbio>(SSL *ssl);
+=item BIO *B<SSL_get_rbio>(const SSL *ssl);
 
-=item int B<SSL_get_read_ahead>(SSL *ssl);
+=item int B<SSL_get_read_ahead>(const SSL *ssl);
 
-=item SSL_SESSION *B<SSL_get_session>(SSL *ssl);
+=item SSL_SESSION *B<SSL_get_session>(const SSL *ssl);
 
-=item char *B<SSL_get_shared_ciphers>(SSL *ssl, char *buf, int len);
+=item char *B<SSL_get_shared_ciphers>(const SSL *ssl, char *buf, int len);
 
-=item int B<SSL_get_shutdown>(SSL *ssl);
+=item int B<SSL_get_shutdown>(const SSL *ssl);
 
-=item SSL_METHOD *B<SSL_get_ssl_method>(SSL *ssl);
+=item const SSL_METHOD *B<SSL_get_ssl_method>(SSL *ssl);
 
-=item int B<SSL_get_state>(SSL *ssl);
+=item int B<SSL_get_state>(const SSL *ssl);
 
-=item long B<SSL_get_time>(SSL *ssl);
+=item long B<SSL_get_time>(const SSL *ssl);
 
-=item long B<SSL_get_timeout>(SSL *ssl);
+=item long B<SSL_get_timeout>(const SSL *ssl);
 
-=item int (*B<SSL_get_verify_callback>(SSL *ssl);)(void)
+=item int (*B<SSL_get_verify_callback>(const SSL *ssl))(int,X509_STORE_CTX *)
 
-=item int B<SSL_get_verify_mode>(SSL *ssl);
+=item int B<SSL_get_verify_mode>(const SSL *ssl);
 
-=item long B<SSL_get_verify_result>(SSL *ssl);
+=item long B<SSL_get_verify_result>(const SSL *ssl);
 
-=item char *B<SSL_get_version>(SSL *ssl);
+=item char *B<SSL_get_version>(const SSL *ssl);
 
-=item BIO *B<SSL_get_wbio>(SSL *ssl);
+=item BIO *B<SSL_get_wbio>(const SSL *ssl);
 
 =item int B<SSL_in_accept_init>(SSL *ssl);
 
@@ -550,7 +559,7 @@ connection defined in the B<SSL> structure.
 
 =item int B<SSL_peek>(SSL *ssl, void *buf, int num);
 
-=item int B<SSL_pending>(SSL *ssl);
+=item int B<SSL_pending>(const SSL *ssl);
 
 =item int B<SSL_read>(SSL *ssl, void *buf, int num);
 
@@ -596,7 +605,7 @@ connection defined in the B<SSL> structure.
 
 =item void B<SSL_set_shutdown>(SSL *ssl, int mode);
 
-=item int B<SSL_set_ssl_method>(SSL *ssl, SSL_METHOD *meth);
+=item int B<SSL_set_ssl_method>(SSL *ssl, const SSL_METHOD *meth);
 
 =item void B<SSL_set_time>(SSL *ssl, long t);
 
@@ -610,11 +619,11 @@ connection defined in the B<SSL> structure.
 
 =item int B<SSL_shutdown>(SSL *ssl);
 
-=item int B<SSL_state>(SSL *ssl);
+=item int B<SSL_state>(const SSL *ssl);
 
-=item char *B<SSL_state_string>(SSL *ssl);
+=item char *B<SSL_state_string>(const SSL *ssl);
 
-=item char *B<SSL_state_string_long>(SSL *ssl);
+=item char *B<SSL_state_string_long>(const SSL *ssl);
 
 =item long B<SSL_total_renegotiations>(SSL *ssl);
 
@@ -636,20 +645,30 @@ connection defined in the B<SSL> structure.
 
 =item int B<SSL_use_certificate_file>(SSL *ssl, char *file, int type);
 
-=item int B<SSL_version>(SSL *ssl);
+=item int B<SSL_version>(const SSL *ssl);
 
-=item int B<SSL_want>(SSL *ssl);
+=item int B<SSL_want>(const SSL *ssl);
 
-=item int B<SSL_want_nothing>(SSL *ssl);
+=item int B<SSL_want_nothing>(const SSL *ssl);
 
-=item int B<SSL_want_read>(SSL *ssl);
+=item int B<SSL_want_read>(const SSL *ssl);
 
-=item int B<SSL_want_write>(SSL *ssl);
+=item int B<SSL_want_write>(const SSL *ssl);
 
-=item int B<SSL_want_x509_lookup>(s);
+=item int B<SSL_want_x509_lookup>(const SSL *ssl);
 
 =item int B<SSL_write>(SSL *ssl, const void *buf, int num);
 
+=item void B<SSL_set_psk_client_callback>(SSL *ssl, unsigned int (*callback)(SSL *ssl, const char *hint, char *identity, unsigned int max_identity_len, unsigned char *psk, unsigned int max_psk_len));
+
+=item int B<SSL_use_psk_identity_hint>(SSL *ssl, const char *hint);
+
+=item void B<SSL_set_psk_server_callback>(SSL *ssl, unsigned int (*callback)(SSL *ssl, const char *identity, unsigned char *psk, int max_psk_len));
+
+=item const char *B<SSL_get_psk_identity_hint>(SSL *ssl);
+
+=item const char *B<SSL_get_psk_identity>(SSL *ssl);
+
 =back
 
 =head1 SEE ALSO
@@ -726,7 +745,10 @@ L<SSL_write(3)|SSL_write(3)>,
 L<SSL_SESSION_free(3)|SSL_SESSION_free(3)>,
 L<SSL_SESSION_get_ex_new_index(3)|SSL_SESSION_get_ex_new_index(3)>,
 L<SSL_SESSION_get_time(3)|SSL_SESSION_get_time(3)>,
-L<d2i_SSL_SESSION(3)|d2i_SSL_SESSION(3)>
+L<d2i_SSL_SESSION(3)|d2i_SSL_SESSION(3)>,
+L<SSL_CTX_set_psk_client_callback(3)|SSL_CTX_set_psk_client_callback(3)>,
+L<SSL_CTX_use_psk_identity_hint(3)|SSL_CTX_use_psk_identity_hint(3)>,
+L<SSL_get_psk_identity(3)|SSL_get_psk_identity(3)>
 
 =head1 HISTORY
 
diff --git a/doc/ssleay.txt b/doc/ssleay.txt
index d44d2f04a0..4d2e714868 100644
--- a/doc/ssleay.txt
+++ b/doc/ssleay.txt
@@ -20,7 +20,7 @@ don't do that.
 ==== readme ========================================================
 
 This is the old 0.6.6 docuementation.  Most of the cipher stuff is still
-relevent but I'm working (very slowly) on new docuemtation.
+relevent but I'm working (very slowly) on new documentation.
 The current version can be found online at
 
 http://www.cryptsoft.com/ssleay/doc
@@ -548,8 +548,8 @@ application, ssleay.  This one program is composed of many programs that
 can all be compiled independantly.
 
 ssleay has 3 modes of operation.
-1) If the ssleay binaray has the name of one of its component programs, it
-executes that program and then exits.  This can be achieve by using hard or
+1) If the ssleay binary has the name of one of its component programs, it
+executes that program and then exits.  This can be achieved by using hard or
 symbolic links, or failing that, just renaming the binary.
 2) If the first argument to ssleay is the name of one of the component
 programs, that program runs that program and then exits.
@@ -1185,7 +1185,7 @@ typedef struct bio_st
 	example is for BIO_s_sock().  A socket needs to be 
 	assigned to the BIO before it can be used.
 -	'shutdown', this flag indicates if the underlying 
-	comunication primative being used should be closed/freed 
+	communication primitive being used should be closed/freed 
 	when the BIO is closed.
 -	'flags' is used to hold extra state.  It is primarily used 
 	to hold information about why a non-blocking operation 
@@ -1799,7 +1799,7 @@ int BN_set_word(BIGNUM *a, unsigned long w);
 
 unsigned long BN_get_word(BIGNUM *a);
 	Returns 'a' in an unsigned long.  Not remarkably, often 'a' will
-	be biger than a word, in which case 0xffffffffL is returned.
+	be bigger than a word, in which case 0xffffffffL is returned.
 
 Word Operations
 These functions are much more efficient that the normal bignum arithmetic
@@ -2058,7 +2058,7 @@ Now you will notice that macros like
                 PEM_ASN1_write((int (*)())i2d_X509,PEM_STRING_X509,fp, \
 		                        (char *)x, NULL,NULL,0,NULL)
 Don't do encryption normally.  If you want to PEM encrypt your X509 structure,
-either just call PEM_ASN1_write directly or just define you own
+either just call PEM_ASN1_write directly or just define your own
 macro variant.  As you can see, this macro just sets all encryption related
 parameters to NULL.
 
@@ -3800,9 +3800,9 @@ made public on sci.crypt in Sep 1994 (RC4) and Feb 1996 (RC2).  I have
 copies of the origional postings if people are interested.  RSA I believe 
 claim that they were 'trade-secrets' and that some-one broke an NDA in 
 revealing them.  Other claim they reverse engineered the algorithms from 
-compiled binaries.  If the algorithms were reverse engineered, I belive 
+compiled binaries.  If the algorithms were reverse engineered, I believe 
 RSA had no legal leg to stand on.  If an NDA was broken, I don't know.
-Regardless, RSA, I belive, is willing to go to court over the issue so 
+Regardless, RSA, I believe, is willing to go to court over the issue so 
 licencing is probably the best idea, or at least talk to them.
 If there are people who actually know more about this, pease let me know, I 
 don't want to vilify or spread miss-information if I can help it.
@@ -4295,7 +4295,7 @@ X-Status:
 Loading client certs into MSIE 3.01
 ===================================
 
-This document conatains all the information necessary to succesfully set up 
+This document contains all the information necessary to successfully set up 
 some scripts to issue client certs to Microsoft Internet Explorer. It 
 includes the required knowledge about the model MSIE uses for client 
 certification and includes complete sample scripts ready to play with. The 
@@ -5566,7 +5566,7 @@ These 2 functions create and destroy SSL_CTX structures
 
 The SSL_CTX has a session_cache_mode which is by default,
 in SSL_SESS_CACHE_SERVER mode.  What this means is that the library
-will automatically add new session-id's to the cache apon sucsessful
+will automatically add new session-id's to the cache upon successful
 SSL_accept() calls.
 If SSL_SESS_CACHE_CLIENT is set, then client certificates are also added
 to the cache.
@@ -5580,12 +5580,12 @@ SSL_SESS_NO_CACHE_BOTH	- Either SSL_accept() or SSL_connect().
 If SSL_SESS_CACHE_NO_AUTO_CLEAR is set, old timed out sessions are
 not automatically removed each 255, SSL_connect()s or SSL_accept()s.
 
-By default, apon every 255 successful SSL_connect() or SSL_accept()s,
+By default, upon every 255 successful SSL_connect() or SSL_accept()s,
 the cache is flush.  Please note that this could be expensive on
 a heavily loaded SSL server, in which case, turn this off and
 clear the cache of old entries 'manually' (with one of the functions
 listed below) every few hours.  Perhaps I should up this number, it is hard
-to say.  Remember, the '255' new calls is just a mechanims to get called
+to say.  Remember, the '255' new calls is just a mechanism to get called
 every now and then, in theory at most 255 new session-id's will have been
 added but if 100 are added every minute, you would still have
 500 in the cache before any would start being flushed (assuming a 3 minute
@@ -5628,10 +5628,10 @@ if copy is 1.  Otherwise, the reference count is not modified.
 void SSL_CTX_sess_set_get_cb(ctx,cb) sets the callback and
 int (*cb)()SSL_CTX_sess_get_get_cb(ctx) returns the callback.
 
-These callbacks are basically indended to be used by processes to
+These callbacks are basically intended to be used by processes to
 send their session-id's to other processes.  I currently have not implemented
-non-blocking semantics for these callbacks, it is upto the appication
-to make the callbacks effiecent if they require blocking (perhaps
+non-blocking semantics for these callbacks, it is upto the application
+to make the callbacks efficient if they require blocking (perhaps
 by 'saving' them and then 'posting them' when control returns from
 the SSL_accept().
 
@@ -6589,7 +6589,7 @@ This information can be used to recall the functions when the 'error'
 condition has dissapeared.
 
 After the connection has been made, information can be retrived about the
-SSL session and the session-id values that have been decided apon.
+SSL session and the session-id values that have been decided upon.
 The 'peer' certificate can be retrieved.
 
 The session-id values include
diff --git a/doc/standards.txt b/doc/standards.txt
index edbe2f3a57..7bada8d35f 100644
--- a/doc/standards.txt
+++ b/doc/standards.txt
@@ -69,6 +69,10 @@ PKCS#12: Personal Information Exchange Syntax Standard, version 1.0.
 3174 US Secure Hash Algorithm 1 (SHA1). D. Eastlake 3rd, P. Jones.
      September 2001. (Format: TXT=35525 bytes) (Status: INFORMATIONAL)
 
+3161 Internet X.509 Public Key Infrastructure, Time-Stamp Protocol (TSP)
+     C. Adams, P. Cain, D. Pinkas, R. Zuccherato. August 2001
+     (Status: PROPOSED STANDARD)
+
 3268 Advanced Encryption Standard (AES) Ciphersuites for Transport
      Layer Security (TLS). P. Chown. June 2002. (Format: TXT=13530 bytes)
      (Status: PROPOSED STANDARD)
@@ -88,6 +92,26 @@ PKCS#12: Personal Information Exchange Syntax Standard, version 1.0.
      (Format: TXT=143173 bytes) (Obsoletes RFC2437) (Status:           
      INFORMATIONAL)                                         
 
+3713 A Description of the Camellia Encryption Algorithm. M. Matsui,
+     J. Nakajima, S. Moriai. April 2004. (Format: TXT=25031 bytes)
+     (Status: INFORMATIONAL)
+
+3820 Internet X.509 Public Key Infrastructure (PKI) Proxy Certificate
+     Profile. S. Tuecke, V. Welch, D. Engert, L. Pearlman, M. Thompson.
+     June 2004. (Format: TXT=86374 bytes) (Status: PROPOSED STANDARD)
+
+4132 Addition of Camellia Cipher Suites to Transport Layer Security
+     (TLS). S. Moriai, A. Kato, M. Kanda. July 2005. (Format: TXT=13590
+     bytes) (Status: PROPOSED STANDARD)
+
+4162 Addition of SEED Cipher Suites to Transport Layer Security (TLS).
+     H.J. Lee, J.H. Yoon, J.I. Lee. August 2005. (Format: TXT=10578 bytes)
+     (Status: PROPOSED STANDARD)
+
+4269 The SEED Encryption Algorithm. H.J. Lee, S.J. Lee, J.H. Yoon,
+     D.H. Cheon, J.I. Lee. December 2005. (Format: TXT=34390 bytes)
+     (Obsoletes RFC4009) (Status: INFORMATIONAL)
+
 
 Related:
 --------
@@ -246,7 +270,11 @@ STARTTLS documents.
      Protocol. A. Jungmaier, E. Rescorla, M. Tuexen. December 2002.
      (Format: TXT=16333 bytes) (Status: PROPOSED STANDARD)
 
-  "Securing FTP with TLS", 01/27/2000, <draft-murray-auth-ftp-ssl-05.txt>  
+3657 Use of the Camellia Encryption Algorithm in Cryptographic 
+     Message Syntax (CMS). S. Moriai, A. Kato. January 2004.
+     (Format: TXT=26282 bytes) (Status: PROPOSED STANDARD)
+
+"Securing FTP with TLS", 01/27/2000, <draft-murray-auth-ftp-ssl-05.txt>  
  
 
 To be implemented:
diff --git a/e_os.h b/e_os.h
index 3ff9f3cd1c..0f4b7994f5 100644
--- a/e_os.h
+++ b/e_os.h
@@ -112,7 +112,7 @@ extern "C" {
 /********************************************************************
  The Microsoft section
  ********************************************************************/
-/* The following is used becaue of the small stack in some
+/* The following is used because of the small stack in some
  * Microsoft operating systems */
 #if defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYSNAME_WIN32)
 #  define MS_STATIC	static
@@ -123,9 +123,6 @@ extern "C" {
 #if defined(OPENSSL_SYS_WIN32) && !defined(WIN32)
 #  define WIN32
 #endif
-#if defined(OPENSSL_SYS_WIN16) && !defined(WIN16)
-#  define WIN16
-#endif
 #if defined(OPENSSL_SYS_WINDOWS) && !defined(WINDOWS)
 #  define WINDOWS
 #endif
@@ -181,11 +178,32 @@ extern "C" {
 #define closesocket(s)		    close(s)
 #define readsocket(s,b,n)	    read((s),(b),(n))
 #define writesocket(s,b,n)	    write((s),(char *)(b),(n))
+#elif defined(OPENSSL_SYS_BEOS_R5)
+#define get_last_socket_error() errno
+#define clear_socket_error()    errno=0
+#define FIONBIO SO_NONBLOCK
+#define ioctlsocket(a,b,c)		  setsockopt((a),SOL_SOCKET,(b),(c),sizeof(*(c)))
+#define readsocket(s,b,n)       recv((s),(b),(n),0)
+#define writesocket(s,b,n)      send((s),(b),(n),0)
 #elif defined(OPENSSL_SYS_NETWARE)
+#if defined(NETWARE_BSDSOCK)
+#define get_last_socket_error() errno
+#define clear_socket_error()    errno=0
+#define closesocket(s)          close(s)
+#define ioctlsocket(a,b,c)      ioctl(a,b,c)
+#if defined(NETWARE_LIBC)
+#define readsocket(s,b,n)       recv((s),(b),(n),0)
+#define writesocket(s,b,n)      send((s),(b),(n),0)
+#else
+#define readsocket(s,b,n)       recv((s),(char*)(b),(n),0)
+#define writesocket(s,b,n)      send((s),(char*)(b),(n),0)
+#endif
+#else
 #define get_last_socket_error()	WSAGetLastError()
 #define clear_socket_error()	WSASetLastError(0)
 #define readsocket(s,b,n)		recv((s),(b),(n),0)
 #define writesocket(s,b,n)		send((s),(b),(n),0)
+#endif
 #else
 #define get_last_socket_error()	errno
 #define clear_socket_error()	errno=0
@@ -195,7 +213,7 @@ extern "C" {
 #define writesocket(s,b,n)	write((s),(b),(n))
 #endif
 
-#ifdef WIN16
+#ifdef WIN16 /* never the case */
 #  define MS_CALLBACK	_far _loadds
 #  define MS_FAR	_far
 #else
@@ -219,6 +237,8 @@ extern "C" {
 #    define _setmode setmode
 #    define _O_TEXT O_TEXT
 #    define _O_BINARY O_BINARY
+#    undef DEVRANDOM
+#    define DEVRANDOM "/dev/urandom\x24"
 #  endif /* __DJGPP__ */
 
 #  ifndef S_IFDIR
@@ -235,17 +255,90 @@ extern "C" {
 #  define NO_DIRENT
 
 #  ifdef WINDOWS
+#    if !defined(_WIN32_WCE) && !defined(_WIN32_WINNT)
+       /*
+	* Defining _WIN32_WINNT here in e_os.h implies certain "discipline."
+	* Most notably we ought to check for availability of each specific
+	* routine with GetProcAddress() and/or guard NT-specific calls with
+	* GetVersion() < 0x80000000. One can argue that in latter "or" case
+	* we ought to /DELAYLOAD some .DLLs in order to protect ourselves
+	* against run-time link errors. This doesn't seem to be necessary,
+	* because it turned out that already Windows 95, first non-NT Win32
+	* implementation, is equipped with at least NT 3.51 stubs, dummy
+	* routines with same name, but which do nothing. Meaning that it's
+	* apparently sufficient to guard "vanilla" NT calls with GetVersion
+	* alone, while NT 4.0 and above interfaces ought to be linked with
+	* GetProcAddress at run-time.
+	*/
+#      define _WIN32_WINNT 0x0400
+#    endif
+#    if !defined(OPENSSL_NO_SOCK) && defined(_WIN32_WINNT)
+       /*
+        * Just like defining _WIN32_WINNT including winsock2.h implies
+        * certain "discipline" for maintaining [broad] binary compatibility.
+        * As long as structures are invariant among Winsock versions,
+        * it's sufficient to check for specific Winsock2 API availability
+        * at run-time [DSO_global_lookup is recommended]...
+        */
+#      include <winsock2.h>
+#      include <ws2tcpip.h>
+       /* yes, they have to be #included prior to <windows.h> */
+#    endif
 #    include <windows.h>
+#    include <stdio.h>
 #    include <stddef.h>
 #    include <errno.h>
 #    include <string.h>
+#    ifdef _WIN64
+#      define strlen(s) _strlen31(s)
+/* cut strings to 2GB */
+static unsigned int _strlen31(const char *str)
+	{
+	unsigned int len=0;
+	while (*str && len<0x80000000U) str++, len++;
+	return len&0x7FFFFFFF;
+	}
+#    endif
 #    include <malloc.h>
+#    if defined(_MSC_VER) && _MSC_VER<=1200 && defined(_MT) && defined(isspace)
+       /* compensate for bug in VC6 ctype.h */
+#      undef isspace
+#      undef isdigit
+#      undef isalnum
+#      undef isupper
+#      undef isxdigit
+#    endif
+#    if defined(_MSC_VER) && !defined(_DLL) && defined(stdin)
+#      if _MSC_VER>=1300
+#        undef stdin
+#        undef stdout
+#        undef stderr
+         FILE *__iob_func();
+#        define stdin  (&__iob_func()[0])
+#        define stdout (&__iob_func()[1])
+#        define stderr (&__iob_func()[2])
+#      elif defined(I_CAN_LIVE_WITH_LNK4049)
+#        undef stdin
+#        undef stdout
+#        undef stderr
+         /* pre-1300 has __p__iob(), but it's available only in msvcrt.lib,
+          * or in other words with /MD. Declaring implicit import, i.e.
+          * with _imp_ prefix, works correctly with all compiler options,
+	  * but without /MD results in LINK warning LNK4049:
+	  * 'locally defined symbol "__iob" imported'.
+          */
+         extern FILE *_imp___iob;
+#        define stdin  (&_imp___iob[0])
+#        define stdout (&_imp___iob[1])
+#        define stderr (&_imp___iob[2])
+#      endif
+#    endif
 #  endif
 #  include <io.h>
 #  include <fcntl.h>
 
 #  ifdef OPENSSL_SYS_WINCE
-#    include <winsock_extras.h>
+#    define OPENSSL_NO_POSIX_IO
 #  endif
 
 #  define ssize_t long
@@ -258,12 +351,7 @@ extern "C" {
 #    define _kbhit kbhit
 #  endif
 
-#  if defined(WIN16) && defined(SSLEAY) && defined(_WINEXITNOPERSIST)
-#    define EXIT(n) _wsetexit(_WINEXITNOPERSIST)
-#    define OPENSSL_EXIT(n) do { if (n == 0) EXIT(n); return(n); } while(0)
-#  else
-#    define EXIT(n) exit(n)
-#  endif
+#  define EXIT(n) exit(n)
 #  define LIST_SEPARATOR_CHAR ';'
 #  ifndef X_OK
 #    define X_OK	0
@@ -284,7 +372,7 @@ extern "C" {
 #    define DEFAULT_HOME  "C:"
 #  endif
 
-#else /* The non-microsoft world world */
+#else /* The non-microsoft world */
 
 #  ifdef OPENSSL_SYS_VMS
 #    define VMS 1
@@ -334,6 +422,11 @@ extern "C" {
 #    undef  DEVRANDOM
 #    ifdef NETWARE_CLIB
 #      define getpid GetThreadID
+       extern int GetThreadID(void);
+/* #      include <conio.h> */
+       extern int kbhit(void);
+#    else
+#      include <screen.h>
 #    endif
 #    define NO_SYSLOG
 #    define _setmode setmode
@@ -371,6 +464,10 @@ extern "C" {
 #      define setvbuf(a, b, c, d) setbuffer((a), (b), (d))
        typedef unsigned long clock_t;
 #    endif
+#    ifdef OPENSSL_SYS_WIN32_CYGWIN
+#      include <io.h>
+#      include <fcntl.h>
+#    endif
 
 #    define OPENSSL_CONF	"openssl.cnf"
 #    define SSLEAY_CONF		OPENSSL_CONF
@@ -397,8 +494,28 @@ extern "C" {
 #      define SHUTDOWN(fd)		close(fd)
 #      define SHUTDOWN2(fd)		close(fd)
 #    elif !defined(__DJGPP__)
-#      include <winsock.h>
-extern HINSTANCE _hInstance;
+#      if defined(_WIN32_WCE) && _WIN32_WCE<410
+#        define getservbyname _masked_declaration_getservbyname
+#      endif
+#      if !defined(IPPROTO_IP)
+         /* winsock[2].h was included already? */
+#        include <winsock.h>
+#      endif
+#      ifdef getservbyname
+#        undef getservbyname
+         /* this is used to be wcecompat/include/winsock_extras.h */
+         struct servent* PASCAL getservbyname(const char*,const char*);
+#      endif
+
+#      ifdef _WIN64
+/*
+ * Even though sizeof(SOCKET) is 8, it's safe to cast it to int, because
+ * the value constitutes an index in per-process table of limited size
+ * and not a real pointer.
+ */
+#        define socket(d,t,p)	((int)socket(d,t,p))
+#        define accept(s,f,l)	((int)accept(s,f,l))
+#      endif
 #      define SSLeay_Write(a,b,c)	send((a),(b),(c),0)
 #      define SSLeay_Read(a,b,c)	recv((a),(b),(c),0)
 #      define SHUTDOWN(fd)		{ shutdown((fd),0); closesocket(fd); }
@@ -419,11 +536,19 @@ extern HINSTANCE _hInstance;
 #    define SHUTDOWN2(fd)		MacSocket_close(fd)
 
 #  elif defined(OPENSSL_SYS_NETWARE)
-         /* NetWare uses the WinSock2 interfaces
+         /* NetWare uses the WinSock2 interfaces by default, but can be configured for BSD
          */
-#      if defined(NETWARE_CLIB)
-#        include <ws2nlm.h>
-#      elif defined(NETWARE_LIBC)
+#      if defined(NETWARE_BSDSOCK)
+#        include <sys/socket.h>
+#        include <netinet/in.h>
+#        include <sys/time.h>
+#        if defined(NETWARE_CLIB)
+#          include <sys/bsdskt.h>
+#        else
+#          include <sys/select.h>
+#        endif
+#        define INVALID_SOCKET (int)(~0)
+#      else
 #        include <novsock2.h>
 #      endif
 #      define SSLeay_Write(a,b,c)   send((a),(b),(c),0)
@@ -453,8 +578,10 @@ extern HINSTANCE _hInstance;
 #        include <sys/filio.h> /* Added for FIONBIO under unixware */
 #      endif
 #      include <netinet/in.h>
+#      if !defined(OPENSSL_SYS_BEOS_R5)
 #      include <arpa/inet.h>
 #    endif
+#    endif
 
 #    if defined(NeXT) || defined(_NEXT_SOURCE)
 #      include <sys/fcntl.h>
@@ -497,6 +624,18 @@ extern HINSTANCE _hInstance;
 #    define INVALID_SOCKET	(-1)
 #    endif /* INVALID_SOCKET */
 #  endif
+
+/* Some IPv6 implementations are broken, disable them in known bad
+ * versions.
+ */
+#  if !defined(OPENSSL_USE_IPV6)
+#    if defined(AF_INET6) && !defined(OPENSSL_SYS_BEOS_BONE) && !defined(NETWARE_CLIB)
+#      define OPENSSL_USE_IPV6 1
+#    else
+#      define OPENSSL_USE_IPV6 0
+#    endif
+#  endif
+
 #endif
 
 #if defined(__ultrix)
@@ -515,6 +654,9 @@ extern HINSTANCE _hInstance;
 extern char *sys_errlist[]; extern int sys_nerr;
 # define strerror(errnum) \
 	(((errnum)<0 || (errnum)>=sys_nerr) ? NULL : sys_errlist[errnum])
+  /* Being signed SunOS 4.x memcpy breaks ASN1_OBJECT table lookup */
+#include "crypto/o_str.h"
+# define memcmp OPENSSL_memcmp
 #endif
 
 #ifndef OPENSSL_EXIT
@@ -527,18 +669,6 @@ extern char *sys_errlist[]; extern int sys_nerr;
 
 /***********************************************/
 
-/* do we need to do this for getenv.
- * Just define getenv for use under windows */
-
-#ifdef WIN16
-/* How to do this needs to be thought out a bit more.... */
-/*char *GETENV(char *);
-#define Getenv	GETENV*/
-#define Getenv	getenv
-#else
-#define Getenv getenv
-#endif
-
 #define DG_GCC_BUG	/* gcc < 2.6.3 on DGUX */
 
 #ifdef sgi
@@ -560,16 +690,12 @@ extern char *sys_errlist[]; extern int sys_nerr;
 #elif defined(OPENSSL_SYS_OS2) && defined(__EMX__)
 #  define strcasecmp stricmp
 #  define strncasecmp strnicmp
-#elif defined(OPENSSL_SYS_NETWARE) && defined(NETWARE_CLIB)
-#  define strcasecmp stricmp
-#  define strncasecmp strnicmp
-#else
-#  ifdef NO_STRINGS_H
-    int	strcasecmp();
-    int	strncasecmp();
-#  else
-#    include <strings.h>
-#  endif /* NO_STRINGS_H */
+#elif defined(OPENSSL_SYS_NETWARE)
+#  include <string.h>
+#  if defined(NETWARE_CLIB)
+#    define strcasecmp stricmp
+#    define strncasecmp strnicmp
+#  endif /* NETWARE_CLIB */
 #endif
 
 #if defined(OPENSSL_SYS_OS2) && defined(__EMX__)
@@ -604,6 +730,15 @@ struct servent *getservbyname(const char *name, const char *proto);
 #endif
 /* end vxworks */
 
+/* beos */
+#if defined(OPENSSL_SYS_BEOS_R5)
+#define SO_ERROR 0
+#define NO_SYS_UN
+#define IPPROTO_IP 0
+#include <OS.h>
+#endif
+
+
 #ifdef  __cplusplus
 }
 #endif
diff --git a/e_os2.h b/e_os2.h
index 60f9b5c9c7..f5a5fa2bfb 100644
--- a/e_os2.h
+++ b/e_os2.h
@@ -84,15 +84,12 @@ extern "C" {
 
 /* ---------------------- Microsoft operating systems ---------------------- */
 
-/* The 16 bit environments are pretty straightforward */
-#if defined(OPENSSL_SYSNAME_WIN16) || defined(OPENSSL_SYSNAME_MSDOS)
+/* Note that MSDOS actually denotes 32-bit environments running on top of
+   MS-DOS, such as DJGPP one. */
+#if defined(OPENSSL_SYSNAME_MSDOS)
 # undef OPENSSL_SYS_UNIX
 # define OPENSSL_SYS_MSDOS
 #endif
-#if defined(OPENSSL_SYSNAME_WIN16)
-# undef OPENSSL_SYS_UNIX
-# define OPENSSL_SYS_WIN16
-#endif
 
 /* For 32 bit environment, there seems to be the CygWin environment and then
    all the others that try to do the same thing Microsoft does... */
@@ -120,7 +117,7 @@ extern "C" {
 #endif
 
 /* Anything that tries to look like Microsoft is "Windows" */
-#if defined(OPENSSL_SYS_WIN16) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WINNT) || defined(OPENSSL_SYS_WINCE)
+#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WINNT) || defined(OPENSSL_SYS_WINCE)
 # undef OPENSSL_SYS_UNIX
 # define OPENSSL_SYS_WINDOWS
 # ifndef OPENSSL_SYS_MSDOS
@@ -205,15 +202,23 @@ extern "C" {
 # define OPENSSL_SYS_VXWORKS
 #endif
 
+/* --------------------------------- BeOS ---------------------------------- */
+#if defined(__BEOS__)
+# define OPENSSL_SYS_BEOS
+# include <sys/socket.h>
+# if defined(BONE_VERSION)
+#  define OPENSSL_SYS_BEOS_BONE
+# else
+#  define OPENSSL_SYS_BEOS_R5
+# endif
+#endif
+
 /**
  * That's it for OS-specific stuff
  *****************************************************************************/
 
 
 /* Specials for I/O an exit */
-#ifdef OPENSSL_SYS_WIN16
-# define OPENSSL_NO_FP_API
-#endif
 #ifdef OPENSSL_SYS_MSDOS
 # define OPENSSL_UNISTD_IO <io.h>
 # define OPENSSL_DECLARE_EXIT extern void exit(int);
@@ -246,8 +251,8 @@ extern "C" {
 # define OPENSSL_IMPORT globalref
 # define OPENSSL_GLOBAL globaldef
 #elif defined(OPENSSL_SYS_WINDOWS) && defined(OPENSSL_OPT_WINDLL)
-# define OPENSSL_EXPORT extern _declspec(dllexport)
-# define OPENSSL_IMPORT extern _declspec(dllimport)
+# define OPENSSL_EXPORT extern __declspec(dllexport)
+# define OPENSSL_IMPORT extern __declspec(dllimport)
 # define OPENSSL_GLOBAL
 #else
 # define OPENSSL_EXPORT extern
@@ -257,28 +262,33 @@ extern "C" {
 #define OPENSSL_EXTERN OPENSSL_IMPORT
 
 /* Macros to allow global variables to be reached through function calls when
-   required (if a shared library version requvres it, for example.
+   required (if a shared library version requires it, for example.
    The way it's done allows definitions like this:
 
 	// in foobar.c
-	OPENSSL_IMPLEMENT_GLOBAL(int,foobar) = 0;
+	OPENSSL_IMPLEMENT_GLOBAL(int,foobar,0)
 	// in foobar.h
 	OPENSSL_DECLARE_GLOBAL(int,foobar);
 	#define foobar OPENSSL_GLOBAL_REF(foobar)
 */
 #ifdef OPENSSL_EXPORT_VAR_AS_FUNCTION
-# define OPENSSL_IMPLEMENT_GLOBAL(type,name)			     \
-	extern type _hide_##name;				     \
-	type *_shadow_##name(void) { return &_hide_##name; }	     \
-	static type _hide_##name
+# define OPENSSL_IMPLEMENT_GLOBAL(type,name,value)			\
+	type *_shadow_##name(void)					\
+	{ static type _hide_##name=value; return &_hide_##name; }
 # define OPENSSL_DECLARE_GLOBAL(type,name) type *_shadow_##name(void)
 # define OPENSSL_GLOBAL_REF(name) (*(_shadow_##name()))
 #else
-# define OPENSSL_IMPLEMENT_GLOBAL(type,name) OPENSSL_GLOBAL type _shadow_##name
+# define OPENSSL_IMPLEMENT_GLOBAL(type,name,value) OPENSSL_GLOBAL type _shadow_##name=value;
 # define OPENSSL_DECLARE_GLOBAL(type,name) OPENSSL_EXPORT type _shadow_##name
 # define OPENSSL_GLOBAL_REF(name) _shadow_##name
 #endif
 
+#ifdef DEBUG_UNUSED
+#define __owur __attribute__((__warn_unused_result__))
+#else
+#define __owur 
+#endif
+
 #ifdef  __cplusplus
 }
 #endif
diff --git a/engines/.cvsignore b/engines/.cvsignore
index d7169dd1f3..b722ca8957 100644
--- a/engines/.cvsignore
+++ b/engines/.cvsignore
@@ -1,3 +1,6 @@
 Makefile.save
 lib
 libs
+*.flc
+semantic.cache
+*.dll
diff --git a/engines/Makefile.ssl b/engines/Makefile.ssl
deleted file mode 100644
index 8ae81f33ce..0000000000
--- a/engines/Makefile.ssl
+++ /dev/null
@@ -1,244 +0,0 @@
-#
-# SSLeay/engines/Makefile
-#
-
-DIR=	engines
-TOP=	..
-CC=	cc
-INCLUDES= -I../include
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-NEWMAKE=	make
-MAKE=		$(NEWMAKE) -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-
-PEX_LIBS=
-EX_LIBS=
- 
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile engines.com install.com engine_vector.mar
-TEST=
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBNAMES= 4758_cca aep atalla cswift gmp ncipher nuron sureware ubsec
-
-LIBSRC=	e_4758_cca.c \
-	e_aep.c \
-	e_atalla.c \
-	e_cswift.c \
-	e_gmp.c \
-	e_ncipher.c \
-	e_nuron.c \
-	e_sureware.c \
-	e_ubsec.c
-LIBOBJ= e_4758_cca.o \
-	e_aep.o \
-	e_atalla.o \
-	e_cswift.o \
-	e_gmp.o \
-	e_ncipher.o \
-	e_nuron.o \
-	e_sureware.o \
-	e_ubsec.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= 
-HEADER=	e_4758_cca_err.c e_4758_cca_err.h \
-	e_aep_err.c e_aep_err.h \
-	e_atalla_err.c e_atalla_err.h \
-	e_cswift_err.c e_cswift_err.h \
-	e_gmp_err.c e_gmp_err.h \
-	e_ncipher_err.c e_ncipher_err.h \
-	e_nuron_err.c e_nuron_err.h \
-	e_sureware_err.c e_sureware_err.h \
-	e_ubsec_err.c e_ubsec_err.h
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ..; $(MAKE) DIRS=$(DIR) all)
-
-all:	lib
-
-lib:	$(LIBOBJ)
-	@if [ -n "$(SHARED_LIBS)" ]; then \
-		set -e; \
-		for l in $(LIBNAMES); do \
-			$(NEWMAKE) -f ../Makefile.shared \
-				CC="$(CC)" LIBNAME=$$l LIBEXTRAS=e_$$l.o \
-				LIBDEPS='-L.. -lcrypto $(EX_LIBS)' \
-				CFLAG="$(CFLAG)" LDFLAGS="$(LDFLAGS)" \
-				SHARED_LDFLAGS="$(SHARED_LDFLAGS)" \
-				PLATFORM="$(PLATFORM)" \
-				link_o.$(SHLIB_TARGET); \
-		done; \
-	else \
-		$(AR) $(LIB) $(LIBOBJ); \
-		$(RANLIB) $(LIB) || echo Never mind.; \
-	fi; \
-	touch lib
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-
-# XXXXX This currently only works on systems that use .so as suffix
-# for shared libraries.
-install:
-	@if [ -n "$(SHARED_LIBS)" ]; then \
-		set -e; \
-		for l in $(LIBNAMES); do \
-			( echo installing $$l; \
-			  cp lib$$l.so $(INSTALL_PREFIX)$(INSTALLTOP)/lib/engines/lib$$l.so.new; \
-			  chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/engines/lib$$l.so.new; \
-			  mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/lib/engines/lib$$l.so.new $(INSTALL_PREFIX)$(INSTALLTOP)/lib/engines/lib$$l.so ); \
-		done; \
-	fi
-
-tags:
-	ctags $(SRC)
-
-errors:
-	set -e; for l in $(LIBNAMES); do \
-		$(PERL) ../util/mkerr.pl -conf e_$$l.ec \
-			-nostatic -staticloader -write e_$$l.c; \
-	done
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-e_4758_cca.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-e_4758_cca.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-e_4758_cca.o: ../include/openssl/crypto.h ../include/openssl/dso.h
-e_4758_cca.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-e_4758_cca.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-e_4758_cca.o: ../include/openssl/engine.h ../include/openssl/err.h
-e_4758_cca.o: ../include/openssl/evp.h ../include/openssl/lhash.h
-e_4758_cca.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-e_4758_cca.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-e_4758_cca.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
-e_4758_cca.o: ../include/openssl/rand.h ../include/openssl/rsa.h
-e_4758_cca.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-e_4758_cca.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-e_4758_cca.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
-e_4758_cca.o: e_4758_cca.c e_4758_cca_err.c e_4758_cca_err.h
-e_4758_cca.o: vendor_defns/hw_4758_cca.h
-e_aep.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-e_aep.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-e_aep.o: ../include/openssl/crypto.h ../include/openssl/dh.h
-e_aep.o: ../include/openssl/dsa.h ../include/openssl/dso.h
-e_aep.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
-e_aep.o: ../include/openssl/err.h ../include/openssl/lhash.h
-e_aep.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-e_aep.o: ../include/openssl/ossl_typ.h ../include/openssl/rsa.h
-e_aep.o: ../include/openssl/safestack.h ../include/openssl/stack.h
-e_aep.o: ../include/openssl/symhacks.h e_aep.c e_aep_err.c e_aep_err.h
-e_aep.o: vendor_defns/aep.h
-e_atalla.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-e_atalla.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-e_atalla.o: ../include/openssl/crypto.h ../include/openssl/dh.h
-e_atalla.o: ../include/openssl/dsa.h ../include/openssl/dso.h
-e_atalla.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
-e_atalla.o: ../include/openssl/err.h ../include/openssl/lhash.h
-e_atalla.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-e_atalla.o: ../include/openssl/ossl_typ.h ../include/openssl/rsa.h
-e_atalla.o: ../include/openssl/safestack.h ../include/openssl/stack.h
-e_atalla.o: ../include/openssl/symhacks.h e_atalla.c e_atalla_err.c
-e_atalla.o: e_atalla_err.h vendor_defns/atalla.h
-e_cswift.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-e_cswift.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-e_cswift.o: ../include/openssl/crypto.h ../include/openssl/dh.h
-e_cswift.o: ../include/openssl/dsa.h ../include/openssl/dso.h
-e_cswift.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
-e_cswift.o: ../include/openssl/err.h ../include/openssl/lhash.h
-e_cswift.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-e_cswift.o: ../include/openssl/ossl_typ.h ../include/openssl/rand.h
-e_cswift.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-e_cswift.o: ../include/openssl/stack.h ../include/openssl/symhacks.h e_cswift.c
-e_cswift.o: e_cswift_err.c e_cswift_err.h vendor_defns/cswift.h
-e_gmp.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
-e_gmp.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
-e_gmp.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-e_gmp.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
-e_gmp.o: ../include/openssl/stack.h ../include/openssl/symhacks.h e_gmp.c
-e_ncipher.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-e_ncipher.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-e_ncipher.o: ../include/openssl/crypto.h ../include/openssl/dh.h
-e_ncipher.o: ../include/openssl/dso.h ../include/openssl/e_os2.h
-e_ncipher.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-e_ncipher.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-e_ncipher.o: ../include/openssl/err.h ../include/openssl/evp.h
-e_ncipher.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-e_ncipher.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-e_ncipher.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-e_ncipher.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-e_ncipher.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-e_ncipher.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-e_ncipher.o: ../include/openssl/sha.h ../include/openssl/stack.h
-e_ncipher.o: ../include/openssl/symhacks.h ../include/openssl/ui.h
-e_ncipher.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
-e_ncipher.o: e_ncipher.c e_ncipher_err.c e_ncipher_err.h
-e_ncipher.o: vendor_defns/hwcryptohook.h
-e_nuron.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-e_nuron.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-e_nuron.o: ../include/openssl/crypto.h ../include/openssl/dh.h
-e_nuron.o: ../include/openssl/dsa.h ../include/openssl/dso.h
-e_nuron.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
-e_nuron.o: ../include/openssl/err.h ../include/openssl/lhash.h
-e_nuron.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-e_nuron.o: ../include/openssl/ossl_typ.h ../include/openssl/rsa.h
-e_nuron.o: ../include/openssl/safestack.h ../include/openssl/stack.h
-e_nuron.o: ../include/openssl/symhacks.h e_nuron.c e_nuron_err.c e_nuron_err.h
-e_sureware.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-e_sureware.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-e_sureware.o: ../include/openssl/crypto.h ../include/openssl/dh.h
-e_sureware.o: ../include/openssl/dsa.h ../include/openssl/dso.h
-e_sureware.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-e_sureware.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-e_sureware.o: ../include/openssl/engine.h ../include/openssl/err.h
-e_sureware.o: ../include/openssl/evp.h ../include/openssl/lhash.h
-e_sureware.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-e_sureware.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-e_sureware.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-e_sureware.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-e_sureware.o: ../include/openssl/rand.h ../include/openssl/rsa.h
-e_sureware.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-e_sureware.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-e_sureware.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
-e_sureware.o: e_sureware.c e_sureware_err.c e_sureware_err.h
-e_sureware.o: vendor_defns/sureware.h
-e_ubsec.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-e_ubsec.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-e_ubsec.o: ../include/openssl/crypto.h ../include/openssl/dh.h
-e_ubsec.o: ../include/openssl/dsa.h ../include/openssl/dso.h
-e_ubsec.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
-e_ubsec.o: ../include/openssl/err.h ../include/openssl/lhash.h
-e_ubsec.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-e_ubsec.o: ../include/openssl/ossl_typ.h ../include/openssl/rsa.h
-e_ubsec.o: ../include/openssl/safestack.h ../include/openssl/stack.h
-e_ubsec.o: ../include/openssl/symhacks.h e_ubsec.c e_ubsec_err.c e_ubsec_err.h
-e_ubsec.o: vendor_defns/hw_ubsec.h
diff --git a/engines/capierr.bat b/engines/capierr.bat
new file mode 100644
index 0000000000..274ffac2fe
--- /dev/null
+++ b/engines/capierr.bat
@@ -0,0 +1 @@
+perl ../util/mkerr.pl -conf e_capi.ec -nostatic -staticloader -write e_capi.c
diff --git a/engines/ccgost/.cvsignore b/engines/ccgost/.cvsignore
new file mode 100644
index 0000000000..b722ca8957
--- /dev/null
+++ b/engines/ccgost/.cvsignore
@@ -0,0 +1,6 @@
+Makefile.save
+lib
+libs
+*.flc
+semantic.cache
+*.dll
diff --git a/engines/ccgost/Makefile b/engines/ccgost/Makefile
new file mode 100644
index 0000000000..64be962f39
--- /dev/null
+++ b/engines/ccgost/Makefile
@@ -0,0 +1,275 @@
+DIR=ccgost
+TOP=../..
+CC=cc
+INCLUDES= -I../../include
+CFLAG=-g
+MAKEFILE= Makefile
+AR= ar r
+CFLAGS= $(INCLUDES) $(CFLAG)
+LIB=$(TOP)/libcrypto.a
+
+LIBSRC= gost2001.c gost2001_keyx.c gost89.c gost94_keyx.c gost_ameth.c gost_asn1.c gost_crypt.c gost_ctl.c gost_eng.c gosthash.c gost_keywrap.c gost_md.c gost_params.c gost_pmeth.c gost_sign.c
+
+LIBOBJ= e_gost_err.o gost2001_keyx.o gost2001.o gost89.o gost94_keyx.o gost_ameth.o gost_asn1.o gost_crypt.o gost_ctl.o gost_eng.o gosthash.o gost_keywrap.o gost_md.o gost_params.o gost_pmeth.o gost_sign.o
+
+SRC=$(LIBSRC)
+
+LIBNAME=gost
+
+top: 
+	(cd $(TOP); $(MAKE) DIRS=engines EDIRS=$(DIR) sub_all)
+
+all: lib
+
+tags:
+	ctags $(SRC)
+
+errors:
+	$(PERL) ../../util/mkerr.pl -conf gost.ec -nostatic -write $(SRC)
+
+lib: $(LIBOBJ)
+	if [ -n "$(SHARED_LIBS)" ]; then \
+		$(MAKE) -f $(TOP)/Makefile.shared -e \
+			LIBNAME=$(LIBNAME) \
+			LIBEXTRAS='$(LIBOBJ)' \
+			LIBDEPS='-L$(TOP) -lcrypto' \
+			link_o.$(SHLIB_TARGET); \
+	else \
+		$(AR) $(LIB) $(LIBOBJ); \
+	fi
+	@touch lib
+
+install:
+	[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	if [ -n "$(SHARED_LIBS)" ]; then \
+		set -e; \
+		echo installing $(LIBNAME); \
+		pfx=lib; \
+		if [ "$(PLATFORM)" != "Cygwin" ]; then \
+			case "$(CFLAGS)" in \
+			*DSO_BEOS*) sfx=".so";; \
+			*DSO_DLFCN*) sfx=".so";; \
+			*DSO_DL*) sfx=".sl";; \
+			*DSO_WIN32*) sfx="eay32.dll"; pfx=;; \
+			*) sfx=".bad";; \
+			esac; \
+			cp $${pfx}$(LIBNAME)$$sfx $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx.new; \
+		else \
+			sfx=".so"; \
+			cp cyg$(LIBNAME).dll $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx.new; \
+		fi; \
+		chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx.new; \
+		mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx; \
+	fi
+
+links:
+
+tests:
+
+depend:
+	@if [ -z "$(THIS)" ]; then \
+	    $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; \
+	else \
+	    $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC); \
+	fi
+
+files:
+
+
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff *.so *.sl *.dll
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+gost2001.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+gost2001.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+gost2001.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+gost2001.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+gost2001.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+gost2001.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+gost2001.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+gost2001.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+gost2001.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+gost2001.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+gost2001.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+gost2001.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+gost2001.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+gost2001.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+gost2001.o: e_gost_err.h gost2001.c gost89.h gost_lcl.h gost_params.h
+gost2001.o: gosthash.h
+gost2001_keyx.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+gost2001_keyx.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+gost2001_keyx.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+gost2001_keyx.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+gost2001_keyx.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+gost2001_keyx.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+gost2001_keyx.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+gost2001_keyx.o: ../../include/openssl/obj_mac.h
+gost2001_keyx.o: ../../include/openssl/objects.h
+gost2001_keyx.o: ../../include/openssl/opensslconf.h
+gost2001_keyx.o: ../../include/openssl/opensslv.h
+gost2001_keyx.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+gost2001_keyx.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+gost2001_keyx.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+gost2001_keyx.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+gost2001_keyx.o: ../../include/openssl/x509_vfy.h e_gost_err.h gost2001_keyx.c
+gost2001_keyx.o: gost2001_keyx.h gost89.h gost_keywrap.h gost_lcl.h gosthash.h
+gost89.o: gost89.c gost89.h
+gost94_keyx.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+gost94_keyx.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+gost94_keyx.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+gost94_keyx.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+gost94_keyx.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+gost94_keyx.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+gost94_keyx.o: ../../include/openssl/engine.h ../../include/openssl/evp.h
+gost94_keyx.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+gost94_keyx.o: ../../include/openssl/objects.h
+gost94_keyx.o: ../../include/openssl/opensslconf.h
+gost94_keyx.o: ../../include/openssl/opensslv.h
+gost94_keyx.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+gost94_keyx.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+gost94_keyx.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+gost94_keyx.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+gost94_keyx.o: ../../include/openssl/x509_vfy.h e_gost_err.h gost89.h
+gost94_keyx.o: gost94_keyx.c gost_keywrap.h gost_lcl.h gosthash.h
+gost_ameth.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+gost_ameth.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+gost_ameth.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+gost_ameth.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+gost_ameth.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+gost_ameth.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+gost_ameth.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+gost_ameth.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+gost_ameth.o: ../../include/openssl/objects.h
+gost_ameth.o: ../../include/openssl/opensslconf.h
+gost_ameth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+gost_ameth.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+gost_ameth.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+gost_ameth.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+gost_ameth.o: ../../include/openssl/x509_vfy.h e_gost_err.h gost89.h
+gost_ameth.o: gost_ameth.c gost_lcl.h gost_params.h gosthash.h
+gost_asn1.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+gost_asn1.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+gost_asn1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+gost_asn1.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+gost_asn1.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+gost_asn1.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+gost_asn1.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+gost_asn1.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+gost_asn1.o: ../../include/openssl/opensslconf.h
+gost_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+gost_asn1.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+gost_asn1.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+gost_asn1.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+gost_asn1.o: ../../include/openssl/x509_vfy.h gost89.h gost_asn1.c gost_lcl.h
+gost_asn1.o: gosthash.h
+gost_crypt.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+gost_crypt.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+gost_crypt.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+gost_crypt.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+gost_crypt.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+gost_crypt.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+gost_crypt.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+gost_crypt.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+gost_crypt.o: ../../include/openssl/opensslconf.h
+gost_crypt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+gost_crypt.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+gost_crypt.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+gost_crypt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+gost_crypt.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+gost_crypt.o: e_gost_err.h gost89.h gost_crypt.c gost_lcl.h gosthash.h
+gost_ctl.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+gost_ctl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+gost_ctl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+gost_ctl.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+gost_ctl.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+gost_ctl.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+gost_ctl.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+gost_ctl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+gost_ctl.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+gost_ctl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+gost_ctl.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+gost_ctl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+gost_ctl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+gost_ctl.o: ../../include/openssl/x509_vfy.h gost89.h gost_ctl.c gost_lcl.h
+gost_ctl.o: gosthash.h
+gost_eng.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+gost_eng.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+gost_eng.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+gost_eng.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+gost_eng.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+gost_eng.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+gost_eng.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+gost_eng.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+gost_eng.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+gost_eng.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+gost_eng.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+gost_eng.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+gost_eng.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+gost_eng.o: ../../include/openssl/x509_vfy.h e_gost_err.h gost89.h gost_eng.c
+gost_eng.o: gost_lcl.h gosthash.h
+gost_keywrap.o: gost89.h gost_keywrap.c gost_keywrap.h
+gost_md.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+gost_md.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+gost_md.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+gost_md.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+gost_md.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+gost_md.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+gost_md.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+gost_md.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+gost_md.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+gost_md.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+gost_md.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+gost_md.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+gost_md.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+gost_md.o: e_gost_err.h gost89.h gost_lcl.h gost_md.c gosthash.h
+gost_params.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+gost_params.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+gost_params.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+gost_params.o: ../../include/openssl/opensslconf.h
+gost_params.o: ../../include/openssl/opensslv.h
+gost_params.o: ../../include/openssl/ossl_typ.h
+gost_params.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+gost_params.o: ../../include/openssl/symhacks.h gost_params.c gost_params.h
+gost_pmeth.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+gost_pmeth.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+gost_pmeth.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+gost_pmeth.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h
+gost_pmeth.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+gost_pmeth.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+gost_pmeth.o: ../../include/openssl/engine.h ../../include/openssl/evp.h
+gost_pmeth.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+gost_pmeth.o: ../../include/openssl/objects.h
+gost_pmeth.o: ../../include/openssl/opensslconf.h
+gost_pmeth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+gost_pmeth.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+gost_pmeth.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+gost_pmeth.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+gost_pmeth.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+gost_pmeth.o: e_gost_err.h gost89.h gost_lcl.h gost_params.h gost_pmeth.c
+gost_pmeth.o: gosthash.h
+gost_sign.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+gost_sign.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+gost_sign.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+gost_sign.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+gost_sign.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+gost_sign.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+gost_sign.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+gost_sign.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+gost_sign.o: ../../include/openssl/opensslconf.h
+gost_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+gost_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+gost_sign.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+gost_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+gost_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+gost_sign.o: e_gost_err.h gost89.h gost_lcl.h gost_params.h gost_sign.c
+gost_sign.o: gosthash.h
+gosthash.o: gost89.h gosthash.c gosthash.h
diff --git a/engines/ccgost/README.gost b/engines/ccgost/README.gost
new file mode 100644
index 0000000000..c96cccc7b4
--- /dev/null
+++ b/engines/ccgost/README.gost
@@ -0,0 +1,300 @@
+GOST ENGINE
+
+This engine provides implementation of Russian cryptography standard.
+This is also an example of adding new cryptoalgorithms into OpenSSL
+without changing its core. If OpenSSL is compiled with dynamic engine
+support, new algorithms can be added even without recompilation of
+OpenSSL and applications which use it.
+
+ALGORITHMS SUPPORTED
+
+GOST R 34.10-94 and GOST R 34.10-2001 - digital signature algorithms.
+   Also support key exchange based on public keys. See RFC 4357 for
+   details of VKO key exchange algorithm. These algorithms use
+   256 bit private keys. Public keys are 1024 bit for 94 and 512 bit for
+   2001 (which is elliptic-curve based). Key exchange algorithms
+   (VKO R 34.10) are supported on these keys too.
+   
+GOST R 34.11-94  Message digest algorithm. 256-bit hash value
+
+GOST 28147-89 - Symmetric cipher  with 256-bit key. Various modes are
+   defined in the standard, but only CFB and CNT modes are implemented
+   in the engine. To make statistical analysis more difficult, key
+   meshing is supported (see RFC 4357).
+
+GOST 28147-89 MAC mode. Message authentication code. While most MAC
+    algorithms  out there are based on hash functions using HMAC
+	algorithm, this algoritm is based on symmetric cipher. 
+	It has 256-bit symmetric key and only 32 bits of MAC value
+	(while HMAC has same key size and value size). 
+
+	It is implemented as combination of EVP_PKEY type and EVP_MD type.
+
+USAGE OF THESE ALGORITHMS
+
+This engine is designed to allow usage of this algorithms in the
+high-level openssl functions, such as PKI, S/MIME and TLS.
+
+See RFC 4490 for S/MIME with GOST algorithms and RFC 4491 for PKI.
+TLS support is implemented according IETF
+draft-chudov-cryptopro-cptls-03.txt and is compatible with
+CryptoPro CSP 3.0 and 3.6 as well as with MagPro CSP. 
+GOST ciphersuites implemented in CryptoPro CSP 2.0 are not supported
+because they use ciphersuite numbers used now by AES ciphersuites.
+
+To use the engine you have to load it via openssl configuration
+file. Applications should read openssl configuration file or provide
+their own means to load engines. Also, applications which operate with
+private keys, should use generic EVP_PKEY API instead of using RSA or
+other algorithm-specific API.
+
+CONFIGURATION FILE
+
+Configuration file should include following statement in the global
+section, i.e. before first bracketed section header (see config(5) for details)
+
+   openssl_conf = openssl_def
+
+where openssl_def is name of the section in configuration file which
+describes global defaults.
+
+This section should contain following statement:
+
+   [openssl_def]
+   engines = engine_section
+
+which points to the section which describes list of the engines to be
+loaded. This section should contain:
+
+	[engine_section]
+	gost = gost_section
+
+And section which describes configuration of the engine should contain
+
+	[gost_section]
+	engine_id = gost
+	dynamic_path = /usr/lib/ssl/engines/libgost.so
+	default_algorithms = ALL
+	CRYPT_PARAMS = id-Gost28147-89-CryptoPro-A-ParamSet
+
+Where engine_id parameter specifies name of engine (should be "gost").
+dynamic_path is a location of the loadable shared library implementing the
+engine. If the engine is compiled statically or is located in the OpenSSL
+engines directory, this line can be omitted. 
+default_algorithms parameter specifies that all algorithms, provided by
+engine, should be used.
+
+The CRYPT_PARAMS parameter is engine-specific. It allows the user to choose
+between different parameter sets of symmetric cipher algorithm. RFC 4357
+specifies several parameters for the GOST 28147-89 algorithm, but OpenSSL
+doesn't provide user interface to choose one when encrypting. So use engine
+configuration parameter instead.
+
+Value of this parameter can be either short name, defined in OpenSSL
+obj_dat.h header file or numeric representation of OID, defined in RFC
+4357. 
+
+USAGE WITH COMMAND LINE openssl UTILITY
+
+1. Generation of private key
+
+	openssl genpkey -algorithm gost2001 -pkeyopt paramset:A -out seckey.pem
+
+  Use -algorithm option to specify algorithm.
+  Use -pkeyopt option to pass paramset to algorithm. The following paramsets
+  are supported by 
+  	gost94: 0,A,B,C,D,XA,XB,XC
+	gost2001: 0,A,B,C,XA,XB
+  You can also use numeric representation of OID as to destinate
+  paramset.
+
+  Paramsets starting with X are intended to use for key exchange keys.
+  Paramsets without X are for digital signature keys.
+
+  Paramset for both algorithms 0 is the test paramset which should be used
+  only for test purposes.
+
+There are no algorithm-specific things with generation of certificate
+request once you have a private key.
+
+2. Generation of certificate request along with private/public keypar
+
+   openssl req -newkey gost2001 -pkeyopt paramset:A
+
+   Syntax of -pkeyopt parameter is identical with genpkey command.
+
+   You can also use oldstyle syntax -newkey gost2001:paramfile, but in
+   this case you should create parameter file first. 
+
+   It can be created with
+
+   openssl genpkey -genparam -algorithm gost2001 -pkeyopt paramset:A\
+      -out paramfile.
+
+3. S/MIME operations
+
+If you want to send encrypted mail using GOST algorithms, don't forget
+to specify -gost89 as encryption algorithm for OpenSSL smime command.
+While OpenSSL is clever enough to find out that GOST R 34.11-94 digest
+must be used for digital signing with GOST private key, it have no way
+to derive symmetric encryption algorithm from key exchange keys.
+
+4. TLS operations
+
+OpenSSL supports all four ciphersuites defined in the IETF draft.
+Once you've loaded GOST key and certificate into your TLS server,
+ciphersuites which use GOST 28147-89 encryption are enabled.
+
+Ciphersuites with NULL encryption should be enabled explicitely if
+needed.
+
+GOST2001-GOST89-GOST89 Uses GOST R 34.10-2001 for auth and key exchange
+		GOST 28147-89 for encryption and GOST 28147-89 MAC
+GOST94-GOST89-GOST89 Uses GOST R 34.10-94 for auth and key exchange
+		GOST 28147-89 for encryption and GOST 28147-89 MAC
+GOST2001-NULL-GOST94 Uses GOST R 34.10-2001 for auth and key exchange,
+        no encryption and HMAC, based on GOST R 34.11-94
+GOST94-NULL-GOST94 Uses GOST R 34.10-94 for auth and key exchange,
+        no encryption and HMAC, based on GOST R 34.11-94
+
+Gost 94 and gost 2001 keys can be used simultaneously in the TLS server.
+RSA, DSA and EC keys can be used simultaneously with GOST keys, if
+server implementation supports loading more than two private
+key/certificate pairs. In this case ciphersuites which use any of loaded
+keys would be supported and clients can negotiate ones they wish.
+
+This allows creation of TLS servers which use GOST ciphersuites for
+Russian clients and RSA/DSA ciphersuites for foreign clients.
+
+5. Calculation of digests and symmetric encryption
+ OpenSSL provides specific commands (like sha1, aes etc) for calculation
+ of digests and symmetric encryption. Since such commands cannot be
+ added dynamically, no such commands are provided for GOST algorithms.
+ Use generic commands 'dgst' and 'enc'.
+
+ Calculation of GOST R 34.11-94 message digest
+
+ openssl dgst -md_gost94 datafile
+
+ Note that GOST R 34.11-94 specifies that digest value should be
+ interpreted as little-endian number, but OpenSSL outputs just hex dump
+ of digest value.
+
+ So, to obtain correct digest value, such as produced by gostsum utility
+ included in the engine distribution, bytes of output should be
+ reversed.
+ 
+ Calculation of HMAC based on GOST R 34.11-94
+
+ openssl dgst -md_gost94 -mac hmac -macopt key:<32 bytes of key> datafile
+  
+  (or use hexkey if key contain NUL bytes)
+ Calculation of GOST 28147 MAC
+
+ openssl dgst -mac gost-mac -macopt key:<32 bytes of key> datafile
+
+ Note absense of an option that specifies digest algorithm. gost-mac
+ algorithm supports only one digest (which is actually part of
+ implementation of this mac) and OpenSSL is clever enough to find out
+ this.
+
+ Encryption with GOST 28147 CFB mode
+ openssl enc -gost89 -out encrypted-file -in plain-text-file -k <passphrase>  
+ Encryption with GOST 28147 CNT mode
+ openssl enc -gost89-cnt -out encrypted-file -in plain-text-file -k <passphrase>
+
+
+6. Encrypting private keys and PKCS12
+
+To produce PKCS12 files compatible with MagPro CSP, you need to use
+GOST algorithm for encryption of PKCS12 file and also GOST R 34.11-94
+hash to derive key from password.
+
+openssl pksc12 -export -inkey gost.pem -in gost_cert.pem -keypbe gost89\
+   -certpbe gost89 -macalg md_gost94
+ 
+7. Testing speed of symmetric ciphers.
+   
+To test performance of GOST symmetric ciphers you should use -evp switch
+of the openssl speed command. Engine-provided ciphers couldn't be
+accessed by cipher-specific functions, only via generic evp interface
+
+ openssl speed -evp gost89
+ openssl speed -evp gost89-cnt
+
+
+PROGRAMMING INTERFACES DETAILS
+
+Applications never should access engine directly. They only use provided
+EVP_PKEY API. But there are some details, which should be taken into
+account.
+
+EVP provides two kinds of API for key exchange:
+
+1. EVP_PKEY_encrypt/EVP_PKEY_decrypt functions, intended to use with
+	RSA-like public key encryption algorithms
+
+2. EVP_PKEY_derive, intended to use with Diffie-Hellman-like shared key
+computing algorithms.
+
+Although VKO R 34.10 algorithms, described in the RFC 4357 are
+definitely second case, engine provides BOTH API for GOST R 34.10 keys.
+
+EVP_PKEY_derive just invokes appropriate VKO algorithm and computes
+256 bit shared key. VKO R 34.10-2001 requires 64 bits of random user key
+material (UKM). This UKM should be transmitted to other party, so it is
+not generated inside derive function.
+
+It should be set by EVP_PKEY_CTX_ctrl function using
+EVP_PKEY_CTRL_SET_IV command after call of EVP_PKEY_derive_init, but
+before EVP_PKEY_derive.
+	unsigned char ukm[8];
+	RAND_bytes(ukm,8);
+   EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_DERIVE, 8, ukm)
+
+EVP_PKEY_encrypt encrypts provided session key with VKO shared key and
+packs it into GOST key transport structure, described in the RFC 4490.
+
+It typically uses ephemeral key pair to compute shared key and packs its
+public part along with encrypted key. So, for most cases use of 
+EVP_PKEY_encrypt/EVP_PKEY_decrypt with GOST keys is almost same as with
+RSA.
+
+However, if peerkey field in the EVP_PKEY_CTX structure is set (using
+EVP_PKEY_derive_set_peerkey function) to EVP_PKEY structure which has private
+key and uses same parameters as the public key from which this EVP_PKEY_CTX is
+created, EVP_PKEY_encrypt will use this private key to compute shared key and
+set ephemeral key in the GOST_key_transport structure to NULL. In this case
+pkey and peerkey fields in the EVP_PKEY_CTX are used upside-down.
+
+If EVP_PKEY_decrypt encounters GOST_key_transport structure with NULL
+public key field, it tries to use peerkey field from the context to
+compute shared key. In this case peerkey field should really contain
+peer public key.
+
+Encrypt operation supports EVP_PKEY_CTRL_SET_IV operation as well.
+It can be used when some specific restriction on UKM are imposed by
+higher level protocol. For instance, description of GOST ciphersuites
+requires UKM to be derived from shared secret. 
+
+If UKM is not set by this control command, encrypt operation would
+generate random UKM.
+
+
+This sources include implementation of GOST 28147-89 and GOST R 34.11-94
+which are completely indepentent from OpenSSL and can be used separately
+(files gost89.c, gost89.h, gosthash.c, gosthash.h) Utility gostsum (file
+gostsum.c) is provided as example of such separate usage. This is
+program, simular to md5sum and sha1sum utilities, but calculates GOST R
+34.11-94 hash.
+
+Makefile doesn't include rule for compiling gostsum.
+Use command
+
+$(CC) -o gostsum gostsum.c gost89.c gosthash.c
+where $(CC) is name of your C compiler.
+
+Implementations of GOST R 34.10-xx, including VKO algorithms heavily
+depends on OpenSSL BIGNUM and Elliptic Curve libraries.
+
+
diff --git a/engines/ccgost/e_gost_err.c b/engines/ccgost/e_gost_err.c
new file mode 100644
index 0000000000..9a79a374e2
--- /dev/null
+++ b/engines/ccgost/e_gost_err.c
@@ -0,0 +1,212 @@
+/* e_gost_err.c */
+/* ====================================================================
+ * Copyright (c) 1999-2009 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/* NOTE: this file was auto generated by the mkerr.pl script: any changes
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
+ */
+
+#include <stdio.h>
+#include <openssl/err.h>
+#include "e_gost_err.h"
+
+/* BEGIN ERROR CODES */
+#ifndef OPENSSL_NO_ERR
+
+#define ERR_FUNC(func) ERR_PACK(0,func,0)
+#define ERR_REASON(reason) ERR_PACK(0,0,reason)
+
+static ERR_STRING_DATA GOST_str_functs[]=
+	{
+{ERR_FUNC(GOST_F_DECODE_GOST_ALGOR_PARAMS),	"DECODE_GOST_ALGOR_PARAMS"},
+{ERR_FUNC(GOST_F_ENCODE_GOST_ALGOR_PARAMS),	"ENCODE_GOST_ALGOR_PARAMS"},
+{ERR_FUNC(GOST_F_FILL_GOST2001_PARAMS),	"FILL_GOST2001_PARAMS"},
+{ERR_FUNC(GOST_F_FILL_GOST94_PARAMS),	"FILL_GOST94_PARAMS"},
+{ERR_FUNC(GOST_F_GET_ENCRYPTION_PARAMS),	"GET_ENCRYPTION_PARAMS"},
+{ERR_FUNC(GOST_F_GOST2001_COMPUTE_PUBLIC),	"GOST2001_COMPUTE_PUBLIC"},
+{ERR_FUNC(GOST_F_GOST2001_DO_SIGN),	"GOST2001_DO_SIGN"},
+{ERR_FUNC(GOST_F_GOST2001_DO_VERIFY),	"GOST2001_DO_VERIFY"},
+{ERR_FUNC(GOST_F_GOST2001_KEYGEN),	"GOST2001_KEYGEN"},
+{ERR_FUNC(GOST_F_GOST89_GET_ASN1_PARAMETERS),	"GOST89_GET_ASN1_PARAMETERS"},
+{ERR_FUNC(GOST_F_GOST89_SET_ASN1_PARAMETERS),	"GOST89_SET_ASN1_PARAMETERS"},
+{ERR_FUNC(GOST_F_GOST94_COMPUTE_PUBLIC),	"GOST94_COMPUTE_PUBLIC"},
+{ERR_FUNC(GOST_F_GOST_CIPHER_CTL),	"GOST_CIPHER_CTL"},
+{ERR_FUNC(GOST_F_GOST_DO_SIGN),	"GOST_DO_SIGN"},
+{ERR_FUNC(GOST_F_GOST_DO_VERIFY),	"GOST_DO_VERIFY"},
+{ERR_FUNC(GOST_F_GOST_IMIT_CTRL),	"GOST_IMIT_CTRL"},
+{ERR_FUNC(GOST_F_GOST_IMIT_FINAL),	"GOST_IMIT_FINAL"},
+{ERR_FUNC(GOST_F_GOST_IMIT_UPDATE),	"GOST_IMIT_UPDATE"},
+{ERR_FUNC(GOST_F_PARAM_COPY_GOST01),	"PARAM_COPY_GOST01"},
+{ERR_FUNC(GOST_F_PARAM_COPY_GOST94),	"PARAM_COPY_GOST94"},
+{ERR_FUNC(GOST_F_PKEY_GOST01CP_DECRYPT),	"PKEY_GOST01CP_DECRYPT"},
+{ERR_FUNC(GOST_F_PKEY_GOST01CP_ENCRYPT),	"PKEY_GOST01CP_ENCRYPT"},
+{ERR_FUNC(GOST_F_PKEY_GOST01CP_KEYGEN),	"PKEY_GOST01CP_KEYGEN"},
+{ERR_FUNC(GOST_F_PKEY_GOST01_PARAMGEN),	"PKEY_GOST01_PARAMGEN"},
+{ERR_FUNC(GOST_F_PKEY_GOST2001_DERIVE),	"PKEY_GOST2001_DERIVE"},
+{ERR_FUNC(GOST_F_PKEY_GOST94CP_DECRYPT),	"PKEY_GOST94CP_DECRYPT"},
+{ERR_FUNC(GOST_F_PKEY_GOST94CP_ENCRYPT),	"PKEY_GOST94CP_ENCRYPT"},
+{ERR_FUNC(GOST_F_PKEY_GOST94CP_KEYGEN),	"PKEY_GOST94CP_KEYGEN"},
+{ERR_FUNC(GOST_F_PKEY_GOST94_PARAMGEN),	"PKEY_GOST94_PARAMGEN"},
+{ERR_FUNC(GOST_F_PKEY_GOST_CTRL),	"PKEY_GOST_CTRL"},
+{ERR_FUNC(GOST_F_PKEY_GOST_CTRL01_STR),	"PKEY_GOST_CTRL01_STR"},
+{ERR_FUNC(GOST_F_PKEY_GOST_CTRL94_STR),	"PKEY_GOST_CTRL94_STR"},
+{ERR_FUNC(GOST_F_PKEY_GOST_MAC_CTRL),	"PKEY_GOST_MAC_CTRL"},
+{ERR_FUNC(GOST_F_PKEY_GOST_MAC_CTRL_STR),	"PKEY_GOST_MAC_CTRL_STR"},
+{ERR_FUNC(GOST_F_PKEY_GOST_MAC_KEYGEN),	"PKEY_GOST_MAC_KEYGEN"},
+{ERR_FUNC(GOST_F_PRINT_GOST_01),	"PRINT_GOST_01"},
+{ERR_FUNC(GOST_F_PRIV_DECODE_GOST),	"PRIV_DECODE_GOST"},
+{ERR_FUNC(GOST_F_PUB_DECODE_GOST01),	"PUB_DECODE_GOST01"},
+{ERR_FUNC(GOST_F_PUB_DECODE_GOST94),	"PUB_DECODE_GOST94"},
+{ERR_FUNC(GOST_F_PUB_ENCODE_GOST01),	"PUB_ENCODE_GOST01"},
+{ERR_FUNC(GOST_F_UNPACK_CC_SIGNATURE),	"UNPACK_CC_SIGNATURE"},
+{ERR_FUNC(GOST_F_UNPACK_CP_SIGNATURE),	"UNPACK_CP_SIGNATURE"},
+{0,NULL}
+	};
+
+static ERR_STRING_DATA GOST_str_reasons[]=
+	{
+{ERR_REASON(GOST_R_BAD_KEY_PARAMETERS_FORMAT),"bad key parameters format"},
+{ERR_REASON(GOST_R_BAD_PKEY_PARAMETERS_FORMAT),"bad pkey parameters format"},
+{ERR_REASON(GOST_R_CANNOT_PACK_EPHEMERAL_KEY),"cannot pack ephemeral key"},
+{ERR_REASON(GOST_R_CTRL_CALL_FAILED)     ,"ctrl call failed"},
+{ERR_REASON(GOST_R_ERROR_COMPUTING_SHARED_KEY),"error computing shared key"},
+{ERR_REASON(GOST_R_ERROR_PACKING_KEY_TRANSPORT_INFO),"error packing key transport info"},
+{ERR_REASON(GOST_R_ERROR_PARSING_KEY_TRANSPORT_INFO),"error parsing key transport info"},
+{ERR_REASON(GOST_R_INCOMPATIBLE_ALGORITHMS),"incompatible algorithms"},
+{ERR_REASON(GOST_R_INCOMPATIBLE_PEER_KEY),"incompatible peer key"},
+{ERR_REASON(GOST_R_INVALID_CIPHER_PARAMS),"invalid cipher params"},
+{ERR_REASON(GOST_R_INVALID_CIPHER_PARAM_OID),"invalid cipher param oid"},
+{ERR_REASON(GOST_R_INVALID_DIGEST_TYPE)  ,"invalid digest type"},
+{ERR_REASON(GOST_R_INVALID_GOST94_PARMSET),"invalid gost94 parmset"},
+{ERR_REASON(GOST_R_INVALID_IV_LENGTH)    ,"invalid iv length"},
+{ERR_REASON(GOST_R_INVALID_MAC_KEY_LENGTH),"invalid mac key length"},
+{ERR_REASON(GOST_R_INVALID_PARAMSET)     ,"invalid paramset"},
+{ERR_REASON(GOST_R_KEY_IS_NOT_INITALIZED),"key is not initalized"},
+{ERR_REASON(GOST_R_KEY_IS_NOT_INITIALIZED),"key is not initialized"},
+{ERR_REASON(GOST_R_KEY_PARAMETERS_MISSING),"key parameters missing"},
+{ERR_REASON(GOST_R_MAC_KEY_NOT_SET)      ,"mac key not set"},
+{ERR_REASON(GOST_R_MALLOC_FAILURE)       ,"malloc failure"},
+{ERR_REASON(GOST_R_NO_MEMORY)            ,"no memory"},
+{ERR_REASON(GOST_R_NO_PARAMETERS_SET)    ,"no parameters set"},
+{ERR_REASON(GOST_R_NO_PEER_KEY)          ,"no peer key"},
+{ERR_REASON(GOST_R_NO_PRIVATE_PART_OF_NON_EPHEMERAL_KEYPAIR),"no private part of non ephemeral keypair"},
+{ERR_REASON(GOST_R_PUBLIC_KEY_UNDEFINED) ,"public key undefined"},
+{ERR_REASON(GOST_R_RANDOM_GENERATOR_ERROR),"random generator error"},
+{ERR_REASON(GOST_R_RANDOM_GENERATOR_FAILURE),"random generator failure"},
+{ERR_REASON(GOST_R_RANDOM_NUMBER_GENERATOR_FAILED),"random number generator failed"},
+{ERR_REASON(GOST_R_SIGNATURE_MISMATCH)   ,"signature mismatch"},
+{ERR_REASON(GOST_R_SIGNATURE_PARTS_GREATER_THAN_Q),"signature parts greater than q"},
+{ERR_REASON(GOST_R_UKM_NOT_SET)          ,"ukm not set"},
+{ERR_REASON(GOST_R_UNSUPPORTED_CIPHER_CTL_COMMAND),"unsupported cipher ctl command"},
+{ERR_REASON(GOST_R_UNSUPPORTED_PARAMETER_SET),"unsupported parameter set"},
+{0,NULL}
+	};
+
+#endif
+
+#ifdef GOST_LIB_NAME
+static ERR_STRING_DATA GOST_lib_name[]=
+        {
+{0	,GOST_LIB_NAME},
+{0,NULL}
+	};
+#endif
+
+
+static int GOST_lib_error_code=0;
+static int GOST_error_init=1;
+
+void ERR_load_GOST_strings(void)
+	{
+	if (GOST_lib_error_code == 0)
+		GOST_lib_error_code=ERR_get_next_error_library();
+
+	if (GOST_error_init)
+		{
+		GOST_error_init=0;
+#ifndef OPENSSL_NO_ERR
+		ERR_load_strings(GOST_lib_error_code,GOST_str_functs);
+		ERR_load_strings(GOST_lib_error_code,GOST_str_reasons);
+#endif
+
+#ifdef GOST_LIB_NAME
+		GOST_lib_name->error = ERR_PACK(GOST_lib_error_code,0,0);
+		ERR_load_strings(0,GOST_lib_name);
+#endif
+		}
+	}
+
+void ERR_unload_GOST_strings(void)
+	{
+	if (GOST_error_init == 0)
+		{
+#ifndef OPENSSL_NO_ERR
+		ERR_unload_strings(GOST_lib_error_code,GOST_str_functs);
+		ERR_unload_strings(GOST_lib_error_code,GOST_str_reasons);
+#endif
+
+#ifdef GOST_LIB_NAME
+		ERR_unload_strings(0,GOST_lib_name);
+#endif
+		GOST_error_init=1;
+		}
+	}
+
+void ERR_GOST_error(int function, int reason, char *file, int line)
+	{
+	if (GOST_lib_error_code == 0)
+		GOST_lib_error_code=ERR_get_next_error_library();
+	ERR_PUT_error(GOST_lib_error_code,function,reason,file,line);
+	}
diff --git a/engines/ccgost/e_gost_err.h b/engines/ccgost/e_gost_err.h
new file mode 100644
index 0000000000..6dc500079d
--- /dev/null
+++ b/engines/ccgost/e_gost_err.h
@@ -0,0 +1,156 @@
+/* ====================================================================
+ * Copyright (c) 2001-2005 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_GOST_ERR_H
+#define HEADER_GOST_ERR_H
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+/* BEGIN ERROR CODES */
+/* The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_GOST_strings(void);
+void ERR_unload_GOST_strings(void);
+void ERR_GOST_error(int function, int reason, char *file, int line);
+#define GOSTerr(f,r) ERR_GOST_error((f),(r),__FILE__,__LINE__)
+
+/* Error codes for the GOST functions. */
+
+/* Function codes. */
+#define GOST_F_DECODE_GOST_ALGOR_PARAMS			 99
+#define GOST_F_ENCODE_GOST_ALGOR_PARAMS			 100
+#define GOST_F_FILL_GOST2001_PARAMS			 101
+#define GOST_F_FILL_GOST94_PARAMS			 102
+#define GOST_F_GET_ENCRYPTION_PARAMS			 103
+#define GOST_F_GOST2001_COMPUTE_PUBLIC			 104
+#define GOST_F_GOST2001_DO_SIGN				 105
+#define GOST_F_GOST2001_DO_VERIFY			 106
+#define GOST_F_GOST2001_KEYGEN				 107
+#define GOST_F_GOST89_GET_ASN1_PARAMETERS		 108
+#define GOST_F_GOST89_SET_ASN1_PARAMETERS		 109
+#define GOST_F_GOST94_COMPUTE_PUBLIC			 110
+#define GOST_F_GOST_CIPHER_CTL				 111
+#define GOST_F_GOST_DO_SIGN				 112
+#define GOST_F_GOST_DO_VERIFY				 113
+#define GOST_F_GOST_IMIT_CTRL				 114
+#define GOST_F_GOST_IMIT_FINAL				 140
+#define GOST_F_GOST_IMIT_UPDATE				 115
+#define GOST_F_PARAM_COPY_GOST01			 116
+#define GOST_F_PARAM_COPY_GOST94			 117
+#define GOST_F_PKEY_GOST01CP_DECRYPT			 118
+#define GOST_F_PKEY_GOST01CP_ENCRYPT			 119
+#define GOST_F_PKEY_GOST01CP_KEYGEN			 120
+#define GOST_F_PKEY_GOST01_PARAMGEN			 138
+#define GOST_F_PKEY_GOST2001_DERIVE			 121
+#define GOST_F_PKEY_GOST94CP_DECRYPT			 122
+#define GOST_F_PKEY_GOST94CP_ENCRYPT			 123
+#define GOST_F_PKEY_GOST94CP_KEYGEN			 124
+#define GOST_F_PKEY_GOST94_PARAMGEN			 139
+#define GOST_F_PKEY_GOST_CTRL				 125
+#define GOST_F_PKEY_GOST_CTRL01_STR			 126
+#define GOST_F_PKEY_GOST_CTRL94_STR			 127
+#define GOST_F_PKEY_GOST_MAC_CTRL			 128
+#define GOST_F_PKEY_GOST_MAC_CTRL_STR			 129
+#define GOST_F_PKEY_GOST_MAC_KEYGEN			 130
+#define GOST_F_PRINT_GOST_01				 131
+#define GOST_F_PRIV_DECODE_GOST				 132
+#define GOST_F_PUB_DECODE_GOST01			 133
+#define GOST_F_PUB_DECODE_GOST94			 134
+#define GOST_F_PUB_ENCODE_GOST01			 135
+#define GOST_F_UNPACK_CC_SIGNATURE			 136
+#define GOST_F_UNPACK_CP_SIGNATURE			 137
+
+/* Reason codes. */
+#define GOST_R_BAD_KEY_PARAMETERS_FORMAT		 99
+#define GOST_R_BAD_PKEY_PARAMETERS_FORMAT		 100
+#define GOST_R_CANNOT_PACK_EPHEMERAL_KEY		 101
+#define GOST_R_CTRL_CALL_FAILED				 132
+#define GOST_R_ERROR_COMPUTING_SHARED_KEY		 102
+#define GOST_R_ERROR_PACKING_KEY_TRANSPORT_INFO		 103
+#define GOST_R_ERROR_PARSING_KEY_TRANSPORT_INFO		 104
+#define GOST_R_INCOMPATIBLE_ALGORITHMS			 105
+#define GOST_R_INCOMPATIBLE_PEER_KEY			 131
+#define GOST_R_INVALID_CIPHER_PARAMS			 106
+#define GOST_R_INVALID_CIPHER_PARAM_OID			 107
+#define GOST_R_INVALID_DIGEST_TYPE			 108
+#define GOST_R_INVALID_GOST94_PARMSET			 109
+#define GOST_R_INVALID_IV_LENGTH			 110
+#define GOST_R_INVALID_MAC_KEY_LENGTH			 111
+#define GOST_R_INVALID_PARAMSET				 112
+#define GOST_R_KEY_IS_NOT_INITALIZED			 113
+#define GOST_R_KEY_IS_NOT_INITIALIZED			 114
+#define GOST_R_KEY_PARAMETERS_MISSING			 115
+#define GOST_R_MAC_KEY_NOT_SET				 116
+#define GOST_R_MALLOC_FAILURE				 117
+#define GOST_R_NO_MEMORY				 118
+#define GOST_R_NO_PARAMETERS_SET			 119
+#define GOST_R_NO_PEER_KEY				 120
+#define GOST_R_NO_PRIVATE_PART_OF_NON_EPHEMERAL_KEYPAIR	 121
+#define GOST_R_PUBLIC_KEY_UNDEFINED			 122
+#define GOST_R_RANDOM_GENERATOR_ERROR			 123
+#define GOST_R_RANDOM_GENERATOR_FAILURE			 124
+#define GOST_R_RANDOM_NUMBER_GENERATOR_FAILED		 125
+#define GOST_R_SIGNATURE_MISMATCH			 126
+#define GOST_R_SIGNATURE_PARTS_GREATER_THAN_Q		 127
+#define GOST_R_UKM_NOT_SET				 128
+#define GOST_R_UNSUPPORTED_CIPHER_CTL_COMMAND		 129
+#define GOST_R_UNSUPPORTED_PARAMETER_SET		 130
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/engines/ccgost/e_gost_err.proto b/engines/ccgost/e_gost_err.proto
new file mode 100644
index 0000000000..c57bd1bd8f
--- /dev/null
+++ b/engines/ccgost/e_gost_err.proto
@@ -0,0 +1,61 @@
+/* ====================================================================
+ * Copyright (c) 2001-2005 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_GOST_ERR_H
+#define HEADER_GOST_ERR_H
+
+#define GOST_LIB_NAME "GOST engine"
+#ifdef __cplusplus
+ extern "C" {
+#endif
diff --git a/engines/ccgost/gost.ec b/engines/ccgost/gost.ec
new file mode 100644
index 0000000000..6c2c85e57c
--- /dev/null
+++ b/engines/ccgost/gost.ec
@@ -0,0 +1,5 @@
+L GOST 			e_gost_err.h			e_gost_err.c
+L NONE    		asymm.h    			NONE
+L NONE    		md.h    			NONE
+L NONE    		crypt.h    			NONE
+L NONE			gostkeyx.h			NONE
diff --git a/engines/ccgost/gost2001.c b/engines/ccgost/gost2001.c
new file mode 100644
index 0000000000..e3354549e1
--- /dev/null
+++ b/engines/ccgost/gost2001.c
@@ -0,0 +1,340 @@
+/**********************************************************************
+ *                          gost2001.c                                *
+ *             Copyright (c) 2005-2006 Cryptocom LTD                  *
+ *         This file is distributed under the same license as OpenSSL *
+ *                                                                    *
+ *          Implementation of GOST R 34.10-2001      				  *
+ *          Requires OpenSSL 0.9.9 for compilation                    *
+ **********************************************************************/
+#include "gost_lcl.h"
+#include "gost_params.h"
+#include <string.h>
+#include <openssl/rand.h>
+#include <openssl/ecdsa.h>
+#include <openssl/err.h>
+#include "e_gost_err.h"
+#ifdef DEBUG_SIGN
+extern 
+void dump_signature(const char *message,const unsigned char *buffer,size_t len);
+void dump_dsa_sig(const char *message, DSA_SIG *sig);
+#else
+
+#define dump_signature(a,b,c)
+#define dump_dsa_sig(a,b)
+#endif
+
+/*
+ * Fills EC_KEY structure hidden in the app_data field of DSA structure
+ * with parameter information, extracted from parameter array in
+ * params.c file.
+ *
+ * Also fils DSA->q field with copy of EC_GROUP order field to make
+ * DSA_size function work
+ */ 
+int fill_GOST2001_params(EC_KEY *eckey, int nid)
+	{
+	R3410_2001_params *params = R3410_2001_paramset;
+	EC_GROUP *grp=NULL;
+	BIGNUM *p=NULL,*q=NULL,*a=NULL,*b=NULL,*x=NULL,*y=NULL;
+	EC_POINT *P=NULL;
+	BN_CTX *ctx=BN_CTX_new();
+	int ok=0;
+	
+	BN_CTX_start(ctx);
+	p=BN_CTX_get(ctx);
+	a=BN_CTX_get(ctx);
+	b=BN_CTX_get(ctx);
+	x=BN_CTX_get(ctx);
+	y=BN_CTX_get(ctx);
+	q=BN_CTX_get(ctx);
+	while (params->nid!=NID_undef && params->nid != nid) params++;
+	if (params->nid == NID_undef)
+		{
+		GOSTerr(GOST_F_FILL_GOST2001_PARAMS,GOST_R_UNSUPPORTED_PARAMETER_SET);
+		goto err;
+		}	
+	BN_hex2bn(&p,params->p);
+	BN_hex2bn(&a,params->a);
+	BN_hex2bn(&b,params->b);
+	
+	grp = EC_GROUP_new_curve_GFp(p,a,b,ctx);
+
+	P = EC_POINT_new(grp);
+
+	BN_hex2bn(&x,params->x);
+	BN_hex2bn(&y,params->y);
+	EC_POINT_set_affine_coordinates_GFp(grp,P,x,y,ctx);
+	BN_hex2bn(&q,params->q);
+#ifdef DEBUG_KEYS
+	fprintf(stderr,"Set params index %d oid %s\nq=",
+		(params-R3410_2001_paramset),OBJ_nid2sn(params->nid));
+	BN_print_fp(stderr,q);
+	fprintf(stderr,"\n");
+#endif	
+
+	EC_GROUP_set_generator(grp,P,q,NULL);
+	EC_GROUP_set_curve_name(grp,params->nid);
+
+	EC_KEY_set_group(eckey,grp);
+	ok=1;
+	err:
+	EC_POINT_free(P);
+	EC_GROUP_free(grp);
+	BN_CTX_end(ctx);
+	BN_CTX_free(ctx);
+	return ok;
+	}	
+
+
+/*
+ * Computes gost2001 signature as DSA_SIG structure 
+ *
+ *
+ */ 
+DSA_SIG *gost2001_do_sign(const unsigned char *dgst,int dlen, EC_KEY *eckey)
+	{
+	DSA_SIG *newsig = NULL;
+	BIGNUM *md = hashsum2bn(dgst);
+	BIGNUM *order = NULL;
+	const EC_GROUP *group;
+	const BIGNUM *priv_key;
+	BIGNUM *r=NULL,*s=NULL,*X=NULL,*tmp=NULL,*tmp2=NULL, *k=NULL,*e=NULL;
+	EC_POINT *C=NULL;
+	BN_CTX *ctx = BN_CTX_new();	
+	BN_CTX_start(ctx);
+	OPENSSL_assert(dlen==32);
+	newsig=DSA_SIG_new();
+	if (!newsig) 
+		{
+		GOSTerr(GOST_F_GOST2001_DO_SIGN,GOST_R_NO_MEMORY);
+		goto err;
+		}	
+	group = EC_KEY_get0_group(eckey);
+	order=BN_CTX_get(ctx);
+	EC_GROUP_get_order(group,order,ctx);
+	priv_key = EC_KEY_get0_private_key(eckey);
+	e = BN_CTX_get(ctx);
+	BN_mod(e,md,order,ctx);
+#ifdef DEBUG_SIGN
+	fprintf(stderr,"digest as bignum=");
+	BN_print_fp(stderr,md);
+	fprintf(stderr,"\ndigest mod q=");
+	BN_print_fp(stderr,e);
+	fprintf(stderr,"\n");
+#endif		
+	if (BN_is_zero(e))
+		{
+		BN_one(e);
+		}   
+	k =BN_CTX_get(ctx);
+	C=EC_POINT_new(group);
+	do 
+		{
+		do 
+			{
+			if (!BN_rand_range(k,order)) 
+				{
+				GOSTerr(GOST_F_GOST2001_DO_SIGN,GOST_R_RANDOM_NUMBER_GENERATOR_FAILED);
+				DSA_SIG_free(newsig);
+				goto err;
+				}	
+			if (!EC_POINT_mul(group,C,k,NULL,NULL,ctx))
+				{
+				GOSTerr(GOST_F_GOST2001_DO_SIGN,ERR_R_EC_LIB);
+				DSA_SIG_free(newsig);
+				goto err;
+				}	
+			if (!X) X=BN_CTX_get(ctx);
+			if (!EC_POINT_get_affine_coordinates_GFp(group,C,X,NULL,ctx))
+				{
+				GOSTerr(GOST_F_GOST2001_DO_SIGN,ERR_R_EC_LIB);
+				DSA_SIG_free(newsig);
+				goto err;
+				}	
+			if (!r) r=BN_CTX_get(ctx);
+			BN_nnmod(r,X,order,ctx);
+			}
+		while (BN_is_zero(r));
+		/* s =  (r*priv_key+k*e) mod order */
+		if (!tmp) tmp = BN_CTX_get(ctx);
+		BN_mod_mul(tmp,priv_key,r,order,ctx);
+		if (!tmp2) tmp2 = BN_CTX_get(ctx);
+		BN_mod_mul(tmp2,k,e,order,ctx);
+		if (!s) s=BN_CTX_get(ctx);
+		BN_mod_add(s,tmp,tmp2,order,ctx);
+		}
+	while (BN_is_zero(s));	
+
+	newsig->s=BN_dup(s);
+	newsig->r=BN_dup(r);
+	err:			
+	BN_CTX_end(ctx);
+	BN_CTX_free(ctx);
+	EC_POINT_free(C);
+	BN_free(md);
+	return newsig;
+	}
+/*
+ * Verifies gost 2001 signature
+ *
+ */ 
+int gost2001_do_verify(const unsigned char *dgst,int dgst_len,
+	DSA_SIG *sig, EC_KEY *ec)
+	{
+	BN_CTX *ctx=BN_CTX_new();
+	const EC_GROUP *group = EC_KEY_get0_group(ec);
+	BIGNUM *order;
+	BIGNUM *md = NULL,*e=NULL,*R=NULL,*v=NULL,*z1=NULL,*z2=NULL;
+	BIGNUM *X=NULL,*tmp=NULL;
+	EC_POINT *C = NULL;
+	const EC_POINT *pub_key=NULL;
+	int ok=0;
+
+	BN_CTX_start(ctx);
+	order = BN_CTX_get(ctx);
+	e = BN_CTX_get(ctx);
+	z1 = BN_CTX_get(ctx);
+	z2 = BN_CTX_get(ctx);
+	tmp = BN_CTX_get(ctx);
+	X= BN_CTX_get(ctx);	
+	R=BN_CTX_get(ctx);
+	v=BN_CTX_get(ctx);
+	
+	EC_GROUP_get_order(group,order,ctx);
+	pub_key = EC_KEY_get0_public_key(ec);
+	if (BN_is_zero(sig->s) || BN_is_zero(sig->r) ||
+		(BN_cmp(sig->s,order)>=1) || (BN_cmp(sig->r,order)>=1)) 
+		{
+		GOSTerr(GOST_F_GOST2001_DO_VERIFY,GOST_R_SIGNATURE_PARTS_GREATER_THAN_Q);
+		goto err;
+
+		}
+	md = hashsum2bn(dgst);
+
+	BN_mod(e,md,order,ctx);
+#ifdef DEBUG_SIGN
+	fprintf(stderr,"digest as bignum: ");
+	BN_print_fp(stderr,md);
+	fprintf(stderr,"\ndigest mod q: ");
+	BN_print_fp(stderr,e);
+#endif	
+	if (BN_is_zero(e)) BN_one(e);
+	v=BN_mod_inverse(v,e,order,ctx);
+	BN_mod_mul(z1,sig->s,v,order,ctx);
+	BN_sub(tmp,order,sig->r);
+	BN_mod_mul(z2,tmp,v,order,ctx);
+#ifdef DEBUG_SIGN
+	fprintf(stderr,"\nInverted digest value: ");
+	BN_print_fp(stderr,v);
+	fprintf(stderr,"\nz1: ");
+	BN_print_fp(stderr,z1);
+	fprintf(stderr,"\nz2: ");
+	BN_print_fp(stderr,z2);
+#endif	
+	C = EC_POINT_new(group);
+	if (!EC_POINT_mul(group,C,z1,pub_key,z2,ctx)) 
+		{	
+		GOSTerr(GOST_F_GOST2001_DO_VERIFY,ERR_R_EC_LIB);
+		goto err;
+		}	
+	if (!EC_POINT_get_affine_coordinates_GFp(group,C,X,NULL,ctx)) 
+		{
+		GOSTerr(GOST_F_GOST2001_DO_VERIFY,ERR_R_EC_LIB);
+		goto err;
+		}
+	BN_mod(R,X,order,ctx);
+#ifdef DEBUG_SIGN
+	fprintf(stderr,"\nX=");
+	BN_print_fp(stderr,X);
+	fprintf(stderr,"\nX mod q=");
+	BN_print_fp(stderr,R);
+	fprintf(stderr,"\n");
+#endif	
+	if (BN_cmp(R,sig->r)!=0)
+		{
+		GOSTerr(GOST_F_GOST2001_DO_VERIFY,GOST_R_SIGNATURE_MISMATCH);
+		}
+	else
+		{
+		ok = 1;
+		}
+	err:
+	EC_POINT_free(C);
+	BN_CTX_end(ctx);
+	BN_CTX_free(ctx);
+	BN_free(md);
+	return ok;
+	}
+/*
+ * Computes GOST R 34.10-2001 public key
+ *
+ *
+ */ 
+int gost2001_compute_public(EC_KEY *ec) 
+	{
+	const EC_GROUP *group = EC_KEY_get0_group(ec);
+	EC_POINT *pub_key=NULL;
+	const BIGNUM *priv_key=NULL;
+	BN_CTX *ctx=NULL;
+	int ok=0;
+
+	if (!group)
+		{
+		GOSTerr(GOST_F_GOST2001_COMPUTE_PUBLIC,GOST_R_KEY_IS_NOT_INITIALIZED);
+		return 0;
+		}	
+	ctx=BN_CTX_new();
+	BN_CTX_start(ctx);
+	if (!(priv_key=EC_KEY_get0_private_key(ec))) 
+		{
+		GOSTerr(GOST_F_GOST2001_COMPUTE_PUBLIC,ERR_R_EC_LIB);
+		goto err;
+		}	
+
+	pub_key = EC_POINT_new(group);
+	if (!EC_POINT_mul(group,pub_key,priv_key,NULL,NULL,ctx)) 
+		{
+		GOSTerr(GOST_F_GOST2001_COMPUTE_PUBLIC,ERR_R_EC_LIB);
+		goto err;
+		}	
+	if (!EC_KEY_set_public_key(ec,pub_key))
+		{
+		GOSTerr(GOST_F_GOST2001_COMPUTE_PUBLIC,ERR_R_EC_LIB);
+		goto err;
+		}	
+	ok = 256;
+	err:
+	BN_CTX_end(ctx);
+	EC_POINT_free(pub_key);
+	BN_CTX_free(ctx);
+	return ok;
+	}
+/*
+ * 
+ * Generates GOST R 34.10-2001 keypair
+ *
+ *
+ */ 
+int gost2001_keygen(EC_KEY *ec)
+	{
+	BIGNUM *order = BN_new(),*d=BN_new();
+	const EC_GROUP *group = EC_KEY_get0_group(ec);
+	EC_GROUP_get_order(group,order,NULL);
+	
+	do 
+		{
+		if (!BN_rand_range(d,order)) 
+			{
+			GOSTerr(GOST_F_GOST2001_KEYGEN,GOST_R_RANDOM_NUMBER_GENERATOR_FAILED);
+			BN_free(d);
+			BN_free(order);
+			return 0;
+			}	
+		}
+	while (BN_is_zero(d));
+	EC_KEY_set_private_key(ec,d);
+	BN_free(d);
+	BN_free(order);
+	return gost2001_compute_public(ec);
+	}
+
diff --git a/engines/ccgost/gost2001_keyx.c b/engines/ccgost/gost2001_keyx.c
new file mode 100644
index 0000000000..00759bcab0
--- /dev/null
+++ b/engines/ccgost/gost2001_keyx.c
@@ -0,0 +1,304 @@
+/**********************************************************************
+ *                          gost_keyx.c                               *
+ *             Copyright (c) 2005-2006 Cryptocom LTD                  *
+ *         This file is distributed under the same license as OpenSSL *
+ *                                                                    *
+ *   VK0 34.10-2001 key exchange and GOST R 34.10-2001                *
+ *   based PKCS7/SMIME support                                        *
+ *          Requires OpenSSL 0.9.9 for compilation                    *
+ **********************************************************************/
+#include <openssl/evp.h>
+#include <openssl/rand.h>
+#include <string.h>
+#include <openssl/objects.h>
+#include "gost89.h"
+#include "gosthash.h"
+#include "e_gost_err.h"
+#include "gost_keywrap.h"
+#include "gost_lcl.h"
+#include "gost2001_keyx.h"
+
+
+
+/* Implementation of CryptoPro VKO 34.10-2001 algorithm */
+static int VKO_compute_key(unsigned char *shared_key,size_t shared_key_size,const EC_POINT *pub_key,EC_KEY *priv_key,const unsigned char *ukm)
+	{
+	unsigned char ukm_be[8],databuf[64],hashbuf[64];
+	BIGNUM *UKM=NULL,*p=NULL,*order=NULL,*X=NULL,*Y=NULL;
+	const BIGNUM* key=EC_KEY_get0_private_key(priv_key);
+	EC_POINT *pnt=EC_POINT_new(EC_KEY_get0_group(priv_key));
+	int i;
+	gost_hash_ctx hash_ctx;
+	BN_CTX *ctx = BN_CTX_new();
+
+	for (i=0;i<8;i++)
+		{
+		ukm_be[7-i]=ukm[i];
+		}
+	BN_CTX_start(ctx);
+	UKM=getbnfrombuf(ukm_be,8);
+	p=BN_CTX_get(ctx);
+	order = BN_CTX_get(ctx);
+	X=BN_CTX_get(ctx);
+	Y=BN_CTX_get(ctx);
+	EC_GROUP_get_order(EC_KEY_get0_group(priv_key),order,ctx);
+	BN_mod_mul(p,key,UKM,order,ctx);	
+	EC_POINT_mul(EC_KEY_get0_group(priv_key),pnt,NULL,pub_key,p,ctx);
+	EC_POINT_get_affine_coordinates_GFp(EC_KEY_get0_group(priv_key),
+		pnt,X,Y,ctx);
+	/*Serialize elliptic curve point same way as we do it when saving
+	 * key */
+	store_bignum(Y,databuf,32);
+	store_bignum(X,databuf+32,32);
+ 	/* And reverse byte order of whole buffer */
+	for (i=0;i<64;i++)
+		{
+		hashbuf[63-i]=databuf[i];
+		}
+	init_gost_hash_ctx(&hash_ctx,&GostR3411_94_CryptoProParamSet);
+	start_hash(&hash_ctx);
+	hash_block(&hash_ctx,hashbuf,64);
+	finish_hash(&hash_ctx,shared_key);
+	done_gost_hash_ctx(&hash_ctx);
+	BN_free(UKM);
+	BN_CTX_end(ctx);
+	BN_CTX_free(ctx);
+	EC_POINT_free(pnt);
+	return 32;
+	}
+
+
+/*
+ * EVP_PKEY_METHOD callback derive. Implements VKO R 34.10-2001
+ * algorithm
+ */
+int pkey_gost2001_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen)
+{
+	/* Public key of peer in the ctx field peerkey
+	 * Our private key in the ctx pkey
+	 * ukm is in the algorithm specific context data
+	 */
+	EVP_PKEY *my_key = EVP_PKEY_CTX_get0_pkey(ctx);
+	EVP_PKEY *peer_key = EVP_PKEY_CTX_get0_peerkey(ctx);
+	struct gost_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx);
+	
+	if (!data->shared_ukm) {
+		GOSTerr(GOST_F_PKEY_GOST2001_DERIVE, GOST_R_UKM_NOT_SET);
+		return 0;
+	}	
+
+	if (key == NULL) {
+		*keylen = 32;
+		return 32;
+	}	
+	
+	*keylen=VKO_compute_key(key, 32, EC_KEY_get0_public_key(EVP_PKEY_get0(peer_key)),
+		(EC_KEY *)EVP_PKEY_get0(my_key),data->shared_ukm);
+	return 1;	
+}
+
+
+
+
+/*  
+ * EVP_PKEY_METHOD callback encrypt  
+ * Implementation of GOST2001 key transport, cryptocom variation 
+ */
+/* Generates ephemeral key based on pubk algorithm
+ * computes shared key using VKO and returns filled up
+ * GOST_KEY_TRANSPORT structure
+ */
+
+/*  
+ * EVP_PKEY_METHOD callback encrypt  
+ * Implementation of GOST2001 key transport, cryptopo variation 
+ */
+
+int pkey_GOST01cp_encrypt(EVP_PKEY_CTX *pctx, unsigned char *out, size_t *out_len, const unsigned char *key,size_t key_len) 
+	{
+	GOST_KEY_TRANSPORT *gkt=NULL; 
+	EVP_PKEY *pubk = EVP_PKEY_CTX_get0_pkey(pctx);
+	struct gost_pmeth_data *data = EVP_PKEY_CTX_get_data(pctx);
+	const struct gost_cipher_info *param=get_encryption_params(NULL);
+	unsigned char ukm[8], shared_key[32], crypted_key[44];
+	int ret=0;
+	int key_is_ephemeral=1;
+	gost_ctx cctx;
+	EVP_PKEY *sec_key=EVP_PKEY_CTX_get0_peerkey(pctx);
+	if (data->shared_ukm) 
+		{
+		memcpy(ukm, data->shared_ukm,8);
+		} 
+	else if (out) 
+		{
+		
+		if (RAND_bytes(ukm,8)<=0)
+			{
+			GOSTerr(GOST_F_PKEY_GOST01CP_ENCRYPT,
+				GOST_R_RANDOM_GENERATOR_FAILURE);
+			return 0;
+			}	
+		}	
+	/* Check for private key in the peer_key of context */	
+	if (sec_key) 
+		{
+		key_is_ephemeral=0;
+		if (!gost_get0_priv_key(sec_key)) 
+			{
+			GOSTerr(GOST_F_PKEY_GOST01CP_ENCRYPT,
+			GOST_R_NO_PRIVATE_PART_OF_NON_EPHEMERAL_KEYPAIR);
+			goto err;
+			}	
+		} 
+	else 
+		{
+		key_is_ephemeral=1;
+		if (out) 
+			{
+			sec_key = EVP_PKEY_new();
+			EVP_PKEY_assign(sec_key,EVP_PKEY_base_id(pubk),EC_KEY_new());
+			EVP_PKEY_copy_parameters(sec_key,pubk);
+			if (!gost2001_keygen(EVP_PKEY_get0(sec_key))) 
+				{
+				goto err;
+				}	
+			}
+		}
+	if (!get_gost_engine_param(GOST_PARAM_CRYPT_PARAMS) && param ==  gost_cipher_list)
+		{
+		param= gost_cipher_list+1;
+		}	
+    if (out) 
+		{
+		VKO_compute_key(shared_key,32,EC_KEY_get0_public_key(EVP_PKEY_get0(pubk)),EVP_PKEY_get0(sec_key),ukm);
+		gost_init(&cctx,param->sblock);	
+		keyWrapCryptoPro(&cctx,shared_key,ukm,key,crypted_key);
+		}
+	gkt = GOST_KEY_TRANSPORT_new();
+	if (!gkt)
+		{
+		goto err;
+		}	
+	if(!ASN1_OCTET_STRING_set(gkt->key_agreement_info->eph_iv,
+			ukm,8))
+		{
+		goto err;
+		}	
+	if (!ASN1_OCTET_STRING_set(gkt->key_info->imit,crypted_key+40,4))
+		{
+		goto err;
+		}
+	if (!ASN1_OCTET_STRING_set(gkt->key_info->encrypted_key,crypted_key+8,32))
+		{
+		goto err;
+		}
+	if (key_is_ephemeral) {	
+		if (!X509_PUBKEY_set(&gkt->key_agreement_info->ephem_key,out?sec_key:pubk))
+			{
+			GOSTerr(GOST_F_PKEY_GOST01CP_ENCRYPT,
+					GOST_R_CANNOT_PACK_EPHEMERAL_KEY);
+			goto err;
+			}	
+	}		
+	ASN1_OBJECT_free(gkt->key_agreement_info->cipher);
+	gkt->key_agreement_info->cipher = OBJ_nid2obj(param->nid);
+	if (key_is_ephemeral && sec_key) EVP_PKEY_free(sec_key);
+	if (!key_is_ephemeral)
+		{
+		/* Set control "public key from client certificate used" */
+		if (EVP_PKEY_CTX_ctrl(pctx, -1, -1, EVP_PKEY_CTRL_PEER_KEY, 3, NULL) <= 0)
+			{
+			GOSTerr(GOST_F_PKEY_GOST01CP_ENCRYPT,
+				GOST_R_CTRL_CALL_FAILED);
+			goto err;
+			}
+		}
+	if ((*out_len = i2d_GOST_KEY_TRANSPORT(gkt,out?&out:NULL))>0) ret =1;
+	GOST_KEY_TRANSPORT_free(gkt);
+	return ret;	
+	err:		
+	if (key_is_ephemeral && sec_key) EVP_PKEY_free(sec_key);
+	GOST_KEY_TRANSPORT_free(gkt);
+	return -1;
+	}
+/*  
+ * EVP_PKEY_METHOD callback decrypt  
+ * Implementation of GOST2001 key transport, cryptopo variation 
+ */
+int pkey_GOST01cp_decrypt(EVP_PKEY_CTX *pctx, unsigned char *key, size_t * key_len, const unsigned char *in, size_t in_len)
+	{
+	const unsigned char *p = in;
+	EVP_PKEY *priv = EVP_PKEY_CTX_get0_pkey(pctx);
+	GOST_KEY_TRANSPORT *gkt = NULL;
+	int ret=0;	
+	unsigned char wrappedKey[44];
+	unsigned char sharedKey[32];
+	gost_ctx ctx;
+	const struct gost_cipher_info *param=NULL;
+	EVP_PKEY *eph_key=NULL, *peerkey=NULL;
+
+	if (!key)
+		{
+		*key_len = 32;
+		return 1;
+		}	
+	gkt = d2i_GOST_KEY_TRANSPORT(NULL,(const unsigned char **)&p,
+		in_len);
+	if (!gkt)
+		{
+		GOSTerr(GOST_F_PKEY_GOST01CP_DECRYPT,GOST_R_ERROR_PARSING_KEY_TRANSPORT_INFO);
+		return -1;
+		}	
+
+	/* If key transport structure contains public key, use it */
+	eph_key = X509_PUBKEY_get(gkt->key_agreement_info->ephem_key);
+	if (eph_key)
+		{
+		if (EVP_PKEY_derive_set_peer(pctx, eph_key) <= 0)
+			{
+			GOSTerr(GOST_F_PKEY_GOST01CP_DECRYPT,
+				GOST_R_INCOMPATIBLE_PEER_KEY);
+			goto err;
+			}
+		}
+	else
+		{
+		/* Set control "public key from client certificate used" */
+		if (EVP_PKEY_CTX_ctrl(pctx, -1, -1, EVP_PKEY_CTRL_PEER_KEY, 3, NULL) <= 0)
+			{
+			GOSTerr(GOST_F_PKEY_GOST01CP_DECRYPT,
+				GOST_R_CTRL_CALL_FAILED);
+			goto err;
+			}
+		}
+	peerkey = EVP_PKEY_CTX_get0_peerkey(pctx);
+	if (!peerkey)
+		{
+		GOSTerr(GOST_F_PKEY_GOST01CP_DECRYPT,
+			GOST_R_NO_PEER_KEY);
+		goto err;
+		}
+		
+	param = get_encryption_params(gkt->key_agreement_info->cipher);
+	gost_init(&ctx,param->sblock);	
+	OPENSSL_assert(gkt->key_agreement_info->eph_iv->length==8);
+	memcpy(wrappedKey,gkt->key_agreement_info->eph_iv->data,8);
+	OPENSSL_assert(gkt->key_info->encrypted_key->length==32);
+	memcpy(wrappedKey+8,gkt->key_info->encrypted_key->data,32);
+	OPENSSL_assert(gkt->key_info->imit->length==4);
+	memcpy(wrappedKey+40,gkt->key_info->imit->data,4);	
+	VKO_compute_key(sharedKey,32,EC_KEY_get0_public_key(EVP_PKEY_get0(peerkey)),
+		EVP_PKEY_get0(priv),wrappedKey);
+	if (!keyUnwrapCryptoPro(&ctx,sharedKey,wrappedKey,key))
+		{
+		GOSTerr(GOST_F_PKEY_GOST01CP_DECRYPT,
+			GOST_R_ERROR_COMPUTING_SHARED_KEY);
+		goto err;
+		}	
+				
+	ret=1;
+err:	
+	if (eph_key) EVP_PKEY_free(eph_key);
+	if (gkt) GOST_KEY_TRANSPORT_free(gkt);
+	return ret;
+	}
diff --git a/engines/ccgost/gost2001_keyx.h b/engines/ccgost/gost2001_keyx.h
new file mode 100644
index 0000000000..a014d9c1e2
--- /dev/null
+++ b/engines/ccgost/gost2001_keyx.h
@@ -0,0 +1,10 @@
+GOST_KEY_TRANSPORT *
+make_rfc4490_keytransport_2001(EVP_PKEY *pubk, BIGNUM *eph_key,
+                               const unsigned char *key, size_t keylen,
+                               unsigned char *ukm, size_t ukm_len);
+
+int decrypt_rfc4490_shared_key_2001(EVP_PKEY *priv,
+                                    GOST_KEY_TRANSPORT *gkt,
+                                    unsigned char *key_buf,
+                                    int key_buf_len) ;
+
diff --git a/engines/ccgost/gost89.c b/engines/ccgost/gost89.c
new file mode 100644
index 0000000000..7ebae0f71f
--- /dev/null
+++ b/engines/ccgost/gost89.c
@@ -0,0 +1,409 @@
+/**********************************************************************
+ *                        gost89.c                                    *
+ *             Copyright (c) 2005-2006 Cryptocom LTD                  *
+ *         This file is distributed under the same license as OpenSSL *
+ *                                                                    *
+ *          Implementation of GOST 28147-89 encryption algorithm      *
+ *            No OpenSSL libraries required to compile and use        *
+ *                              this code                             *
+ **********************************************************************/ 
+#include <string.h>
+#include "gost89.h"
+/* Substitution blocks from RFC 4357 
+   
+   Note: our implementation of gost 28147-89 algorithm 
+   uses S-box matrix rotated 90 degrees counterclockwise, relative to 
+   examples given in RFC.
+  
+
+*/
+
+/* Substitution blocks from test examples for GOST R 34.11-94*/
+gost_subst_block GostR3411_94_TestParamSet = {
+	{0X1,0XF,0XD,0X0,0X5,0X7,0XA,0X4,0X9,0X2,0X3,0XE,0X6,0XB,0X8,0XC},
+	{0XD,0XB,0X4,0X1,0X3,0XF,0X5,0X9,0X0,0XA,0XE,0X7,0X6,0X8,0X2,0XC},
+	{0X4,0XB,0XA,0X0,0X7,0X2,0X1,0XD,0X3,0X6,0X8,0X5,0X9,0XC,0XF,0XE},
+	{0X6,0XC,0X7,0X1,0X5,0XF,0XD,0X8,0X4,0XA,0X9,0XE,0X0,0X3,0XB,0X2},
+	{0X7,0XD,0XA,0X1,0X0,0X8,0X9,0XF,0XE,0X4,0X6,0XC,0XB,0X2,0X5,0X3},
+	{0X5,0X8,0X1,0XD,0XA,0X3,0X4,0X2,0XE,0XF,0XC,0X7,0X6,0X0,0X9,0XB},
+	{0XE,0XB,0X4,0XC,0X6,0XD,0XF,0XA,0X2,0X3,0X8,0X1,0X0,0X7,0X5,0X9},
+	{0X4,0XA,0X9,0X2,0XD,0X8,0X0,0XE,0X6,0XB,0X1,0XC,0X7,0XF,0X5,0X3}
+	};  
+/* Substitution blocks for hash function 1.2.643.2.9.1.6.1  */
+gost_subst_block GostR3411_94_CryptoProParamSet= {
+	{0x1,0x3,0xA,0x9,0x5,0xB,0x4,0xF,0x8,0x6,0x7,0xE,0xD,0x0,0x2,0xC},
+	{0xD,0xE,0x4,0x1,0x7,0x0,0x5,0xA,0x3,0xC,0x8,0xF,0x6,0x2,0x9,0xB},
+	{0x7,0x6,0x2,0x4,0xD,0x9,0xF,0x0,0xA,0x1,0x5,0xB,0x8,0xE,0xC,0x3},
+	{0x7,0x6,0x4,0xB,0x9,0xC,0x2,0xA,0x1,0x8,0x0,0xE,0xF,0xD,0x3,0x5},
+	{0x4,0xA,0x7,0xC,0x0,0xF,0x2,0x8,0xE,0x1,0x6,0x5,0xD,0xB,0x9,0x3},
+	{0x7,0xF,0xC,0xE,0x9,0x4,0x1,0x0,0x3,0xB,0x5,0x2,0x6,0xA,0x8,0xD},
+	{0x5,0xF,0x4,0x0,0x2,0xD,0xB,0x9,0x1,0x7,0x6,0x3,0xC,0xE,0xA,0x8},
+	{0xA,0x4,0x5,0x6,0x8,0x1,0x3,0x7,0xD,0xC,0xE,0x0,0x9,0x2,0xB,0xF}
+	} ;
+
+/* Test paramset from GOST 28147 */
+gost_subst_block Gost28147_TestParamSet =
+	{
+	{0xC,0x6,0x5,0x2,0xB,0x0,0x9,0xD,0x3,0xE,0x7,0xA,0xF,0x4,0x1,0x8},
+	{0x9,0xB,0xC,0x0,0x3,0x6,0x7,0x5,0x4,0x8,0xE,0xF,0x1,0xA,0x2,0xD},
+	{0x8,0xF,0x6,0xB,0x1,0x9,0xC,0x5,0xD,0x3,0x7,0xA,0x0,0xE,0x2,0x4},
+	{0x3,0xE,0x5,0x9,0x6,0x8,0x0,0xD,0xA,0xB,0x7,0xC,0x2,0x1,0xF,0x4},
+	{0xE,0x9,0xB,0x2,0x5,0xF,0x7,0x1,0x0,0xD,0xC,0x6,0xA,0x4,0x3,0x8},
+	{0xD,0x8,0xE,0xC,0x7,0x3,0x9,0xA,0x1,0x5,0x2,0x4,0x6,0xF,0x0,0xB},
+	{0xC,0x9,0xF,0xE,0x8,0x1,0x3,0xA,0x2,0x7,0x4,0xD,0x6,0x0,0xB,0x5},
+	{0x4,0x2,0xF,0x5,0x9,0x1,0x0,0x8,0xE,0x3,0xB,0xC,0xD,0x7,0xA,0x6}
+	};
+
+
+
+
+/* 1.2.643.2.2.31.1 */
+gost_subst_block Gost28147_CryptoProParamSetA= {
+	{0xB,0xA,0xF,0x5,0x0,0xC,0xE,0x8,0x6,0x2,0x3,0x9,0x1,0x7,0xD,0x4},
+	{0x1,0xD,0x2,0x9,0x7,0xA,0x6,0x0,0x8,0xC,0x4,0x5,0xF,0x3,0xB,0xE},
+	{0x3,0xA,0xD,0xC,0x1,0x2,0x0,0xB,0x7,0x5,0x9,0x4,0x8,0xF,0xE,0x6},
+	{0xB,0x5,0x1,0x9,0x8,0xD,0xF,0x0,0xE,0x4,0x2,0x3,0xC,0x7,0xA,0x6},
+	{0xE,0x7,0xA,0xC,0xD,0x1,0x3,0x9,0x0,0x2,0xB,0x4,0xF,0x8,0x5,0x6},
+	{0xE,0x4,0x6,0x2,0xB,0x3,0xD,0x8,0xC,0xF,0x5,0xA,0x0,0x7,0x1,0x9},
+	{0x3,0x7,0xE,0x9,0x8,0xA,0xF,0x0,0x5,0x2,0x6,0xC,0xB,0x4,0xD,0x1},
+	{0x9,0x6,0x3,0x2,0x8,0xB,0x1,0x7,0xA,0x4,0xE,0xF,0xC,0x0,0xD,0x5}
+	};
+/* 1.2.643.2.2.31.2 */
+gost_subst_block Gost28147_CryptoProParamSetB= 
+	{
+	{0x0,0x4,0xB,0xE,0x8,0x3,0x7,0x1,0xA,0x2,0x9,0x6,0xF,0xD,0x5,0xC},
+	{0x5,0x2,0xA,0xB,0x9,0x1,0xC,0x3,0x7,0x4,0xD,0x0,0x6,0xF,0x8,0xE},
+	{0x8,0x3,0x2,0x6,0x4,0xD,0xE,0xB,0xC,0x1,0x7,0xF,0xA,0x0,0x9,0x5},
+	{0x2,0x7,0xC,0xF,0x9,0x5,0xA,0xB,0x1,0x4,0x0,0xD,0x6,0x8,0xE,0x3},
+	{0x7,0x5,0x0,0xD,0xB,0x6,0x1,0x2,0x3,0xA,0xC,0xF,0x4,0xE,0x9,0x8},
+	{0xE,0xC,0x0,0xA,0x9,0x2,0xD,0xB,0x7,0x5,0x8,0xF,0x3,0x6,0x1,0x4},
+	{0x0,0x1,0x2,0xA,0x4,0xD,0x5,0xC,0x9,0x7,0x3,0xF,0xB,0x8,0x6,0xE},
+	{0x8,0x4,0xB,0x1,0x3,0x5,0x0,0x9,0x2,0xE,0xA,0xC,0xD,0x6,0x7,0xF}
+	};
+/* 1.2.643.2.2.31.3 */
+gost_subst_block Gost28147_CryptoProParamSetC= 
+	{
+	{0x7,0x4,0x0,0x5,0xA,0x2,0xF,0xE,0xC,0x6,0x1,0xB,0xD,0x9,0x3,0x8},
+	{0xA,0x9,0x6,0x8,0xD,0xE,0x2,0x0,0xF,0x3,0x5,0xB,0x4,0x1,0xC,0x7},
+	{0xC,0x9,0xB,0x1,0x8,0xE,0x2,0x4,0x7,0x3,0x6,0x5,0xA,0x0,0xF,0xD},
+	{0x8,0xD,0xB,0x0,0x4,0x5,0x1,0x2,0x9,0x3,0xC,0xE,0x6,0xF,0xA,0x7},
+	{0x3,0x6,0x0,0x1,0x5,0xD,0xA,0x8,0xB,0x2,0x9,0x7,0xE,0xF,0xC,0x4},
+	{0x8,0x2,0x5,0x0,0x4,0x9,0xF,0xA,0x3,0x7,0xC,0xD,0x6,0xE,0x1,0xB},
+	{0x0,0x1,0x7,0xD,0xB,0x4,0x5,0x2,0x8,0xE,0xF,0xC,0x9,0xA,0x6,0x3},
+	{0x1,0xB,0xC,0x2,0x9,0xD,0x0,0xF,0x4,0x5,0x8,0xE,0xA,0x7,0x6,0x3}
+	};
+
+/* 1.2.643.2.2.31.4 */ 
+gost_subst_block Gost28147_CryptoProParamSetD=
+	{
+	{0x1,0xA,0x6,0x8,0xF,0xB,0x0,0x4,0xC,0x3,0x5,0x9,0x7,0xD,0x2,0xE},
+	{0x3,0x0,0x6,0xF,0x1,0xE,0x9,0x2,0xD,0x8,0xC,0x4,0xB,0xA,0x5,0x7},
+	{0x8,0x0,0xF,0x3,0x2,0x5,0xE,0xB,0x1,0xA,0x4,0x7,0xC,0x9,0xD,0x6},
+	{0x0,0xC,0x8,0x9,0xD,0x2,0xA,0xB,0x7,0x3,0x6,0x5,0x4,0xE,0xF,0x1},
+	{0x1,0x5,0xE,0xC,0xA,0x7,0x0,0xD,0x6,0x2,0xB,0x4,0x9,0x3,0xF,0x8},
+	{0x1,0xC,0xB,0x0,0xF,0xE,0x6,0x5,0xA,0xD,0x4,0x8,0x9,0x3,0x7,0x2},
+	{0xB,0x6,0x3,0x4,0xC,0xF,0xE,0x2,0x7,0xD,0x8,0x0,0x5,0xA,0x9,0x1},
+	{0xF,0xC,0x2,0xA,0x6,0x4,0x5,0x0,0x7,0x9,0xE,0xD,0x1,0xB,0x8,0x3}
+	};
+
+
+const byte CryptoProKeyMeshingKey[]={
+	0x69, 0x00, 0x72, 0x22,   0x64, 0xC9, 0x04, 0x23,
+    0x8D, 0x3A, 0xDB, 0x96,   0x46, 0xE9, 0x2A, 0xC4,
+    0x18, 0xFE, 0xAC, 0x94,   0x00, 0xED, 0x07, 0x12,
+    0xC0, 0x86, 0xDC, 0xC2,   0xEF, 0x4C, 0xA9, 0x2B
+	};	
+/* Initialization of gost_ctx subst blocks*/
+static void kboxinit(gost_ctx *c, const gost_subst_block *b)
+	{ 
+	int i; 
+	
+	for (i = 0; i < 256; i++)
+		{
+		c->k87[i] = (b->k8[i>>4] <<4 | b->k7 [i &15])<<24;
+		c->k65[i] = (b->k6[i>>4] << 4 | b->k5 [i &15])<<16;
+		c->k43[i] = (b->k4[i>>4] <<4  | b->k3 [i &15])<<8;
+		c->k21[i] = b->k2[i>>4] <<4  | b->k1 [i &15];
+
+		}
+	}
+
+/* Part of GOST 28147 algorithm moved into separate function */
+static word32 f(gost_ctx *c,word32 x) 
+	{
+	x = c->k87[x>>24 & 255] | c->k65[x>>16 & 255]| 
+		c->k43[x>> 8 & 255] | c->k21[x & 255]; 
+	/* Rotate left 11 bits */ 
+	return x<<11 | x>>(32-11);
+	}
+/* Low-level encryption routine - encrypts one 64 bit block*/
+void gostcrypt(gost_ctx *c, const byte *in, byte *out)
+	{ 
+	register word32 n1, n2; /* As named in the GOST */ 
+	n1 = in[0]|(in[1]<<8)|(in[2]<<16)|(in[3]<<24); 
+	n2 = in[4]|(in[5]<<8)|(in[6]<<16)|(in[7]<<24); 
+	/* Instead of swapping halves, swap names each round */ 
+ 	 
+	n2 ^= f(c,n1+c->k[0]); n1 ^= f(c,n2+c->k[1]); 
+	n2 ^= f(c,n1+c->k[2]); n1 ^= f(c,n2+c->k[3]); 
+	n2 ^= f(c,n1+c->k[4]); n1 ^= f(c,n2+c->k[5]); 
+	n2 ^= f(c,n1+c->k[6]); n1 ^= f(c,n2+c->k[7]); 
+  
+	n2 ^= f(c,n1+c->k[0]); n1 ^= f(c,n2+c->k[1]);
+	n2 ^= f(c,n1+c->k[2]); n1 ^= f(c,n2+c->k[3]);
+	n2 ^= f(c,n1+c->k[4]); n1 ^= f(c,n2+c->k[5]);
+	n2 ^= f(c,n1+c->k[6]); n1 ^= f(c,n2+c->k[7]);
+                               
+	n2 ^= f(c,n1+c->k[0]); n1 ^= f(c,n2+c->k[1]);
+	n2 ^= f(c,n1+c->k[2]); n1 ^= f(c,n2+c->k[3]);
+	n2 ^= f(c,n1+c->k[4]); n1 ^= f(c,n2+c->k[5]);
+	n2 ^= f(c,n1+c->k[6]); n1 ^= f(c,n2+c->k[7]);
+                               
+	n2 ^= f(c,n1+c->k[7]); n1 ^= f(c,n2+c->k[6]);
+	n2 ^= f(c,n1+c->k[5]); n1 ^= f(c,n2+c->k[4]);
+	n2 ^= f(c,n1+c->k[3]); n1 ^= f(c,n2+c->k[2]);
+	n2 ^= f(c,n1+c->k[1]); n1 ^= f(c,n2+c->k[0]);
+ 
+	out[0] = (byte)(n2&0xff);  out[1] = (byte)((n2>>8)&0xff);
+	out[2] = (byte)((n2>>16)&0xff); out[3]=(byte)(n2>>24); 
+	out[4] = (byte)(n1&0xff);  out[5] = (byte)((n1>>8)&0xff);
+	out[6] = (byte)((n1>>16)&0xff); out[7] = (byte)(n1>>24);
+	} 
+/* Low-level decryption routine. Decrypts one 64-bit block */
+void gostdecrypt(gost_ctx *c, const byte *in,byte *out)
+	{ 
+	register word32 n1, n2; /* As named in the GOST */ 
+	n1 = in[0]|(in[1]<<8)|(in[2]<<16)|(in[3]<<24); 
+	n2 = in[4]|(in[5]<<8)|(in[6]<<16)|(in[7]<<24); 
+	
+	n2 ^= f(c,n1+c->k[0]); n1 ^= f(c,n2+c->k[1]); 
+	n2 ^= f(c,n1+c->k[2]); n1 ^= f(c,n2+c->k[3]); 
+	n2 ^= f(c,n1+c->k[4]); n1 ^= f(c,n2+c->k[5]);
+	n2 ^= f(c,n1+c->k[6]); n1 ^= f(c,n2+c->k[7]); 
+	
+	n2 ^= f(c,n1+c->k[7]); n1 ^= f(c,n2+c->k[6]);
+	n2 ^= f(c,n1+c->k[5]); n1 ^= f(c,n2+c->k[4]);
+	n2 ^= f(c,n1+c->k[3]); n1 ^= f(c,n2+c->k[2]);
+	n2 ^= f(c,n1+c->k[1]); n1 ^= f(c,n2+c->k[0]);
+	
+	n2 ^= f(c,n1+c->k[7]); n1 ^= f(c,n2+c->k[6]);
+	n2 ^= f(c,n1+c->k[5]); n1 ^= f(c,n2+c->k[4]);
+	n2 ^= f(c,n1+c->k[3]); n1 ^= f(c,n2+c->k[2]);
+	n2 ^= f(c,n1+c->k[1]); n1 ^= f(c,n2+c->k[0]);
+	
+	n2 ^= f(c,n1+c->k[7]); n1 ^= f(c,n2+c->k[6]);
+	n2 ^= f(c,n1+c->k[5]); n1 ^= f(c,n2+c->k[4]);
+	n2 ^= f(c,n1+c->k[3]); n1 ^= f(c,n2+c->k[2]);
+	n2 ^= f(c,n1+c->k[1]); n1 ^= f(c,n2+c->k[0]);
+
+	out[0] = (byte)(n2&0xff);  out[1] = (byte)((n2>>8)&0xff);
+	out[2] = (byte)((n2>>16)&0xff); out[3]=(byte)(n2>>24);
+	out[4] = (byte)(n1&0xff);  out[5] = (byte)((n1>>8)&0xff);
+	out[6] = (byte)((n1>>16)&0xff); out[7] = (byte)(n1>>24);
+	} 
+
+/* Encrypts several blocks in ECB mode */
+void gost_enc(gost_ctx *c,const byte *clear,byte *cipher, int blocks)
+	{ 
+	int i; 
+	for(i=0;i<blocks;i++)
+		{ 
+		gostcrypt(c,clear,cipher); 
+		clear+=8;
+		cipher+=8;
+		}
+	}
+/* Decrypts several blocks in ECB mode */
+void gost_dec(gost_ctx *c, const byte *cipher,byte *clear, int blocks)
+	{ 
+	int i; 
+	for(i=0;i<blocks;i++)
+		{ 
+		gostdecrypt(c,cipher,clear); 
+		clear+=8; 
+		cipher+=8;
+		}
+	}
+
+/* Encrypts several full blocks in CFB mode using 8byte IV */
+void gost_enc_cfb(gost_ctx *ctx,const byte *iv,const byte *clear,byte *cipher, int blocks)
+	{
+	byte cur_iv[8];
+	byte gamma[8];
+	int i,j;
+	const byte *in;
+	byte *out;
+	memcpy(cur_iv,iv,8);
+	for(i=0,in=clear,out=cipher;i<blocks;i++,in+=8,out+=8)
+		{
+		gostcrypt(ctx,cur_iv,gamma);
+		for (j=0;j<8;j++)
+			{
+			cur_iv[j]=out[j]=in[j]^gamma[j];
+			}
+		}	
+	}	
+/* Decrypts several full blocks in CFB mode using 8byte IV */
+void gost_dec_cfb(gost_ctx *ctx,const byte *iv,const byte *cipher,byte *clear,  int blocks)
+	{
+	byte cur_iv[8];
+	byte gamma[8];
+	int i,j;
+	const byte *in;
+	byte *out;
+	memcpy(cur_iv,iv,8);
+	for(i=0,in=cipher,out=clear;i<blocks;i++,in+=8,out+=8)
+		{
+		gostcrypt(ctx,cur_iv,gamma);
+		for (j=0;j<8;j++)
+			{
+			out[j]=(cur_iv[j]=in[j])^gamma[j];
+			}
+		}	
+	}	
+
+/* Encrypts one block using specified key */
+void gost_enc_with_key(gost_ctx *c,byte *key,byte *inblock,byte *outblock) 
+	{
+	gost_key(c,key);
+	gostcrypt(c,inblock,outblock);
+	}
+
+/* Set 256 bit  key into context */
+void gost_key(gost_ctx *c, const byte *k) 
+	{ 
+	int i,j; 
+	for(i=0,j=0;i<8;i++,j+=4)
+		{
+		c->k[i]=k[j]|(k[j+1]<<8)|(k[j+2]<<16)|(k[j+3]<<24);
+		}		
+	} 
+
+/* Retrieve 256-bit key from context */
+void gost_get_key(gost_ctx *c, byte *k) 
+	{
+	int i,j; 
+	for(i=0,j=0;i<8;i++,j+=4)
+		{
+		k[j]=(byte)(c->k[i]& 0xFF);
+		k[j+1]=(byte)((c->k[i]>>8 )&0xFF);
+		k[j+2]=(byte)((c->k[i]>>16) &0xFF);
+		k[j+3]=(byte)((c->k[i]>>24) &0xFF);
+		}		
+	}
+
+/* Initalize context. Provides default value for subst_block */
+void gost_init(gost_ctx *c, const gost_subst_block *b)
+	{ 	
+	if(!b)
+		{
+		b=&GostR3411_94_TestParamSet;
+		}	
+	kboxinit(c,b); 
+	}
+
+/* Cleans up key from context */
+void gost_destroy(gost_ctx *c)
+	{ 
+	int i; for(i=0;i<8;i++) c->k[i]=0; 
+	} 
+
+/* Compute GOST 28147 mac block 
+ * 
+ * Parameters
+ *   gost_ctx *c - context initalized with substitution blocks and key
+ *   buffer - 8-byte mac state buffer
+ *   block 8-byte block to process.
+ * */
+void mac_block(gost_ctx *c,byte *buffer,const  byte *block)
+	{
+	register word32 n1, n2; /* As named in the GOST */ 
+	int i;
+	for (i=0; i<8; i++)
+		{
+		buffer[i]^=block[i];
+		}	  
+	n1 = buffer[0]|(buffer[1]<<8)|(buffer[2]<<16)|(buffer[3]<<24); 
+	n2 = buffer[4]|(buffer[5]<<8)|(buffer[6]<<16)|(buffer[7]<<24); 
+	/* Instead of swapping halves, swap names each round */ 
+ 	 
+	n2 ^= f(c,n1+c->k[0]); n1 ^= f(c,n2+c->k[1]); 
+	n2 ^= f(c,n1+c->k[2]); n1 ^= f(c,n2+c->k[3]); 
+	n2 ^= f(c,n1+c->k[4]); n1 ^= f(c,n2+c->k[5]); 
+	n2 ^= f(c,n1+c->k[6]); n1 ^= f(c,n2+c->k[7]); 
+  
+	n2 ^= f(c,n1+c->k[0]); n1 ^= f(c,n2+c->k[1]);
+	n2 ^= f(c,n1+c->k[2]); n1 ^= f(c,n2+c->k[3]);
+	n2 ^= f(c,n1+c->k[4]); n1 ^= f(c,n2+c->k[5]);
+	n2 ^= f(c,n1+c->k[6]); n1 ^= f(c,n2+c->k[7]);
+
+	buffer[0] = (byte)(n1&0xff);  buffer[1] = (byte)((n1>>8)&0xff);
+	buffer[2] = (byte)((n1>>16)&0xff); buffer[3] = (byte)(n1>>24);
+	buffer[4] = (byte)(n2&0xff);  buffer[5] = (byte)((n2>>8)&0xff);
+	buffer[6] = (byte)((n2>>16)&0xff); buffer[7] = (byte)(n2>>24);
+	}
+
+/* Get mac with specified number of bits from MAC state buffer */
+void get_mac(byte *buffer,int nbits,byte *out)
+	{
+	int nbytes= nbits >> 3;
+	int rembits = nbits & 7;
+	int mask =rembits?((1<rembits)-1):0;
+	int i;
+	for (i=0;i<nbytes;i++) out[i]=buffer[i];
+	if (rembits) out[i]=buffer[i]&mask;
+	}	
+
+/* Compute mac of specified length (in bits) from data. 
+ * Context should be initialized with key and subst blocks */
+int gost_mac(gost_ctx *ctx,int mac_len,const unsigned char *data,
+	unsigned int data_len,unsigned char *mac) 
+	{
+	byte buffer[8]={0,0,0,0,0,0,0,0};
+	byte buf2[8];
+	unsigned int i;
+	for (i=0;i+8<=data_len;i+=8) 
+		mac_block(ctx,buffer,data+i);
+	if (i<data_len)
+		{
+		memset(buf2,0,8);
+		memcpy(buf2,data+i,data_len-i);
+		mac_block(ctx,buffer,buf2);
+		}	
+	get_mac(buffer,mac_len,mac);
+	return 1;
+	}
+
+/* Compute MAC with non-zero IV. Used in some RFC 4357 algorithms */
+int gost_mac_iv(gost_ctx *ctx,int mac_len,const unsigned char *iv,const unsigned char *data,
+	unsigned int data_len,unsigned char *mac) 
+	{
+	byte buffer[8];
+	byte buf2[8];
+	unsigned int i;
+	memcpy (buffer,iv,8);
+	for (i=0;i+8<=data_len;i+=8) 
+		mac_block(ctx,buffer,data+i);
+	if (i<data_len)
+		{
+		memset(buf2,0,8);
+		memcpy(buf2,data+i,data_len-i);
+		mac_block(ctx,buffer,buf2);
+		}	
+	get_mac(buffer,mac_len,mac);
+	return 1;
+	}
+
+/* Implements key meshing algorithm by modifing ctx and IV in place */
+void cryptopro_key_meshing(gost_ctx *ctx, unsigned char *iv)
+	{
+	unsigned char newkey[32],newiv[8];
+	/* Set static keymeshing key */
+	/* "Decrypt" key with keymeshing key */
+	gost_dec(ctx,CryptoProKeyMeshingKey,newkey,4);
+	/* set new key */
+	gost_key(ctx,newkey);
+	/* Encrypt iv with new key */
+	gostcrypt(ctx,iv,newiv);
+	memcpy(iv,newiv,8);
+	}
diff --git a/engines/ccgost/gost89.h b/engines/ccgost/gost89.h
new file mode 100644
index 0000000000..2157852519
--- /dev/null
+++ b/engines/ccgost/gost89.h
@@ -0,0 +1,96 @@
+/**********************************************************************
+ *                        gost89.h                                    *
+ *             Copyright (c) 2005-2006 Cryptocom LTD                  *
+ *     This file is distributed under the same license as OpenSSL     *
+ *                                                                    *
+ *          Declarations for GOST 28147-89 encryption algorithm       *
+ *            No OpenSSL libraries required to compile and use        *
+ *                       this code                                    *
+ **********************************************************************/            
+#ifndef GOST89_H
+#define GOST89_H
+
+/* Typedef for unsigned 32-bit integer */
+#if __LONG_MAX__ > 2147483647L 
+typedef unsigned int u4; 
+#else 
+typedef unsigned long u4; 
+#endif 
+/* Typedef for unsigned 8-bit integer */
+typedef unsigned char byte; 
+
+/* Internal representation of GOST substitution blocks */
+typedef struct {
+		byte k8[16];
+		byte k7[16];
+		byte k6[16];
+		byte k5[16];
+		byte k4[16];
+		byte k3[16];
+		byte k2[16];
+		byte k1[16];
+} gost_subst_block;		
+
+
+/* Cipher context includes key and preprocessed  substitution block */
+typedef struct { 
+		u4 k[8]; 
+		/* Constant s-boxes -- set up in gost_init(). */ 
+		u4 k87[256],k65[256],k43[256],k21[256]; 
+} gost_ctx; 
+/* Note: encrypt and decrypt expect full blocks--padding blocks is 
+         caller's responsibility. All bulk encryption is done in 
+		 ECB mode by these calls. Other modes may be added easily 
+		 enough.                                            */
+/* Encrypt several full blocks in ECB mode */
+void gost_enc(gost_ctx *ctx, const byte *clear,byte *cipher, int blocks); 
+/* Decrypt several full blocks in ECB mode */
+void gost_dec(gost_ctx *ctx, const byte *cipher,byte *clear, int blocks); 
+/* Encrypts several full blocks in CFB mode using 8byte IV */
+void gost_enc_cfb(gost_ctx *ctx,const byte *iv,const byte *clear,byte *cipher,int  blocks);
+/* Decrypts several full blocks in CFB mode using 8byte IV */
+void gost_dec_cfb(gost_ctx *ctx,const byte *iv,const byte *cipher,byte *clear,int  blocks);
+
+/* Encrypt one  block */
+void gostcrypt(gost_ctx *c, const byte *in, byte *out);
+/* Decrypt one  block */
+void gostdecrypt(gost_ctx *c, const byte *in,byte *out);
+/* Set key into context */
+void gost_key(gost_ctx *ctx, const byte *key); 
+/* Get key from context */
+void gost_get_key(gost_ctx *ctx, byte *key);
+/* Set S-blocks into context */
+void gost_init(gost_ctx *ctx, const gost_subst_block *subst_block); 
+/* Clean up context */
+void gost_destroy(gost_ctx *ctx);
+/* Intermediate function used for calculate hash */
+void gost_enc_with_key(gost_ctx *,byte *key,byte *inblock,byte *outblock);
+/* Compute MAC of given length in bits from data */
+int gost_mac(gost_ctx *ctx,int hmac_len,const unsigned char *data,
+		unsigned int data_len,unsigned char *hmac) ;
+/* Compute MAC of given length in bits from data, using non-zero 8-byte
+ * IV (non-standard, for use in CryptoPro key transport only */
+int gost_mac_iv(gost_ctx *ctx,int hmac_len,const unsigned char *iv,const unsigned char *data,
+		unsigned int data_len,unsigned char *hmac) ;
+/* Perform one step of MAC calculation like gostcrypt */
+void mac_block(gost_ctx *c,byte *buffer,const  byte *block); 
+/* Extracts MAC value from mac state buffer */
+void get_mac(byte *buffer,int nbits,byte *out);
+/* Implements cryptopro key meshing algorithm. Expect IV to be 8-byte size*/
+void cryptopro_key_meshing(gost_ctx *ctx, unsigned char *iv);
+/* Parameter sets specified in RFC 4357 */
+extern gost_subst_block GostR3411_94_TestParamSet;
+extern gost_subst_block GostR3411_94_CryptoProParamSet;
+extern gost_subst_block Gost28147_TestParamSet;
+extern gost_subst_block Gost28147_CryptoProParamSetA;
+extern gost_subst_block Gost28147_CryptoProParamSetB;
+extern gost_subst_block Gost28147_CryptoProParamSetC;
+extern gost_subst_block Gost28147_CryptoProParamSetD;
+extern const byte CryptoProKeyMeshingKey[]; 
+#if __LONG_MAX__ > 2147483647L 
+typedef unsigned int word32; 
+#else 
+typedef unsigned long word32; 
+#endif 
+
+#endif
diff --git a/engines/ccgost/gost94_keyx.c b/engines/ccgost/gost94_keyx.c
new file mode 100644
index 0000000000..a183edbe8b
--- /dev/null
+++ b/engines/ccgost/gost94_keyx.c
@@ -0,0 +1,287 @@
+/**********************************************************************
+ *                             gost94_keyx.c                          *
+ *             Copyright (c) 2005-2006 Cryptocom LTD                  *
+ *         This file is distributed under the same license as OpenSSL *
+ *                                                                    *
+ *     Implements generation and parsing of GOST_KEY_TRANSPORT for    *
+ *     			GOST R 34.10-94 algorithms                            *
+ *																	  *
+ *          Requires OpenSSL 0.9.9 for compilation                    *
+ **********************************************************************/
+#include <string.h>
+#include <openssl/dh.h>
+#include <openssl/rand.h>
+#include <openssl/evp.h>
+#include <openssl/objects.h>
+
+#include "gost89.h"
+#include "gosthash.h"
+#include "e_gost_err.h"
+#include "gost_keywrap.h"
+#include "gost_lcl.h"
+/* Common functions for both 94 and 2001 key exchange schemes */
+/* Implementation of the Diffi-Hellman key agreement scheme based on
+ * GOST-94 keys */
+
+/* Computes Diffie-Hellman key and stores it into buffer in
+ * little-endian byte order as expected by both versions of GOST 94
+ * algorithm
+ */
+static int compute_pair_key_le(unsigned char *pair_key,BIGNUM *pub_key,DH *dh) 
+	{
+	unsigned char be_key[128];
+	int i,key_size;
+	key_size=DH_compute_key(be_key,pub_key,dh);
+	if (!key_size) return 0;
+	memset(pair_key,0,128);
+	for (i=0;i<key_size;i++)
+		{
+		pair_key[i]=be_key[key_size-1-i];
+		}
+	return key_size;	
+	}	
+
+/*
+ * Computes 256 bit Key exchange key as specified in RFC 4357 
+ */
+static int make_cp_exchange_key(BIGNUM *priv_key,EVP_PKEY *pubk, unsigned char *shared_key)
+	{
+	unsigned char dh_key [128];
+	int ret;
+	gost_hash_ctx hash_ctx;
+	DH *dh = DH_new();
+	
+	if (!dh)
+		return 0;
+	memset(dh_key,0,128);
+	dh->g = BN_dup(pubk->pkey.dsa->g);
+	dh->p = BN_dup(pubk->pkey.dsa->p);
+	dh->priv_key = BN_dup(priv_key);
+	ret=compute_pair_key_le(dh_key,((DSA *)(EVP_PKEY_get0(pubk)))->pub_key,dh) ;
+	DH_free(dh);
+	if (!ret)	return 0;
+	init_gost_hash_ctx(&hash_ctx,&GostR3411_94_CryptoProParamSet);
+	start_hash(&hash_ctx);
+	hash_block(&hash_ctx,dh_key,128);
+	finish_hash(&hash_ctx,shared_key);
+	done_gost_hash_ctx(&hash_ctx);
+	return 1;
+	}
+
+/* EVP_PKEY_METHOD callback derive. Implements VKO R 34.10-94 */
+
+int pkey_gost94_derive(EVP_PKEY_CTX *ctx,unsigned char *key,size_t *keylen)
+	{
+		EVP_PKEY *pubk = EVP_PKEY_CTX_get0_peerkey(ctx);
+		EVP_PKEY *mykey = EVP_PKEY_CTX_get0_pkey(ctx);
+		*keylen = 32;
+		if (key == NULL) return 1;
+
+		return make_cp_exchange_key(gost_get0_priv_key(mykey), pubk, key);
+	}
+
+/* EVP_PKEY_METHOD callback encrypt for
+ * GOST R 34.10-94 cryptopro modification
+ */
+
+
+int pkey_GOST94cp_encrypt(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, const unsigned char* key, size_t key_len ) 
+	{
+	GOST_KEY_TRANSPORT *gkt=NULL;
+	unsigned char shared_key[32], ukm[8],crypted_key[44];
+	const struct gost_cipher_info *param=get_encryption_params(NULL);
+	EVP_PKEY *pubk = EVP_PKEY_CTX_get0_pkey(ctx);
+	struct gost_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx);
+	gost_ctx cctx;
+	int key_is_ephemeral=1;
+	EVP_PKEY *mykey = EVP_PKEY_CTX_get0_peerkey(ctx);
+
+	/* Do not use vizir cipher parameters with cryptopro */
+	if (!get_gost_engine_param(GOST_PARAM_CRYPT_PARAMS) && param ==  gost_cipher_list)
+		{
+		param= gost_cipher_list+1;
+		}	
+
+	if (mykey) 
+		{
+		/* If key already set, it is not ephemeral */
+		key_is_ephemeral=0;
+		if (!gost_get0_priv_key(mykey)) 
+			{
+			GOSTerr(GOST_F_PKEY_GOST94CP_ENCRYPT,
+			GOST_R_NO_PRIVATE_PART_OF_NON_EPHEMERAL_KEYPAIR);
+			goto err;
+			}	
+		} 
+	else 
+		{
+		/* Otherwise generate ephemeral key */
+		key_is_ephemeral = 1;
+		if (out) 
+			{
+			mykey = EVP_PKEY_new();
+			EVP_PKEY_assign(mykey, EVP_PKEY_base_id(pubk),DSA_new());
+			EVP_PKEY_copy_parameters(mykey,pubk);
+			if (!gost_sign_keygen(EVP_PKEY_get0(mykey))) 
+				{
+				goto err;
+				}	
+			}
+		}	
+	if (out)
+		make_cp_exchange_key(gost_get0_priv_key(mykey),pubk,shared_key);
+	if (data->shared_ukm) 
+		{
+		memcpy(ukm,data->shared_ukm,8);
+		}
+	else if (out) 
+		{	
+		if (RAND_bytes(ukm,8)<=0)
+			{
+			GOSTerr(GOST_F_PKEY_GOST94CP_ENCRYPT,
+					GOST_R_RANDOM_GENERATOR_FAILURE);
+			goto err;
+			}	
+		}
+		
+	if (out) {
+		gost_init(&cctx,param->sblock);
+		keyWrapCryptoPro(&cctx,shared_key,ukm,key,crypted_key);
+	}	
+	gkt = GOST_KEY_TRANSPORT_new();
+	if (!gkt)
+		{
+		goto memerr;
+		}	
+	if(!ASN1_OCTET_STRING_set(gkt->key_agreement_info->eph_iv,
+			ukm,8))
+		{
+		goto memerr;
+		}	
+	if (!ASN1_OCTET_STRING_set(gkt->key_info->imit,crypted_key+40,4))
+		{
+		goto memerr;
+		}
+	if (!ASN1_OCTET_STRING_set(gkt->key_info->encrypted_key,crypted_key+8,32))
+		{
+		goto memerr;
+		}
+	if (key_is_ephemeral) {	
+	if (!X509_PUBKEY_set(&gkt->key_agreement_info->ephem_key,out?mykey:pubk))
+		{
+		GOSTerr(GOST_F_PKEY_GOST94CP_ENCRYPT,GOST_R_CANNOT_PACK_EPHEMERAL_KEY);
+		goto err;
+		}
+		if (out) EVP_PKEY_free(mykey);
+	}	
+	ASN1_OBJECT_free(gkt->key_agreement_info->cipher);
+	gkt->key_agreement_info->cipher = OBJ_nid2obj(param->nid);
+	*outlen = i2d_GOST_KEY_TRANSPORT(gkt,out?&out:NULL);
+	if (*outlen == 0)
+		{
+		GOSTerr(GOST_F_PKEY_GOST94CP_ENCRYPT,GOST_R_ERROR_PACKING_KEY_TRANSPORT_INFO);
+		goto err;
+		}
+	if (!key_is_ephemeral)
+		{
+		/* Set control "public key from client certificate used" */
+		if (EVP_PKEY_CTX_ctrl(ctx, -1, -1, EVP_PKEY_CTRL_PEER_KEY, 3, NULL) <= 0)
+			{
+			GOSTerr(GOST_F_PKEY_GOST94CP_ENCRYPT,
+				GOST_R_CTRL_CALL_FAILED);
+			goto err;
+			}
+		}
+	GOST_KEY_TRANSPORT_free(gkt);
+	return 1;	
+	memerr:
+		if (key_is_ephemeral) {
+			EVP_PKEY_free(mykey);
+		}	
+	GOSTerr(GOST_F_PKEY_GOST94CP_ENCRYPT,
+		GOST_R_MALLOC_FAILURE);
+	err:		
+	GOST_KEY_TRANSPORT_free(gkt);
+	return -1;
+	}
+
+	
+/* EVP_PLEY_METHOD callback decrypt for
+ * GOST R 34.10-94 cryptopro modification
+ */
+int pkey_GOST94cp_decrypt(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *key_len,const unsigned char *in, size_t in_len) {
+	const unsigned char *p = in;
+	GOST_KEY_TRANSPORT *gkt = NULL;
+	unsigned char wrappedKey[44];
+	unsigned char sharedKey[32];
+	gost_ctx cctx;
+	const struct gost_cipher_info *param=NULL;
+	EVP_PKEY *eph_key=NULL, *peerkey=NULL;
+	EVP_PKEY *priv= EVP_PKEY_CTX_get0_pkey(ctx); 
+	
+	if (!key)
+		{
+		*key_len = 32;
+		return 1;
+		}	
+	
+	gkt = d2i_GOST_KEY_TRANSPORT(NULL,(const unsigned char **)&p,
+		in_len);
+	if (!gkt)
+		{
+		GOSTerr(GOST_F_PKEY_GOST94CP_DECRYPT,GOST_R_ERROR_PARSING_KEY_TRANSPORT_INFO);
+		return 0;
+		}	
+	eph_key = X509_PUBKEY_get(gkt->key_agreement_info->ephem_key);
+	if (eph_key)
+		{
+		if (EVP_PKEY_derive_set_peer(ctx, eph_key) <= 0)
+			{
+			GOSTerr(GOST_F_PKEY_GOST94CP_DECRYPT,
+				GOST_R_INCOMPATIBLE_PEER_KEY);
+			goto err;
+			}
+		}
+	else
+		{
+		/* Set control "public key from client certificate used" */
+		if (EVP_PKEY_CTX_ctrl(ctx, -1, -1, EVP_PKEY_CTRL_PEER_KEY, 3, NULL) <= 0)
+			{
+			GOSTerr(GOST_F_PKEY_GOST94CP_DECRYPT,
+				GOST_R_CTRL_CALL_FAILED);
+			goto err;
+			}
+		}
+	peerkey = EVP_PKEY_CTX_get0_peerkey(ctx);
+	if (!peerkey)
+		{
+		GOSTerr(GOST_F_PKEY_GOST94CP_DECRYPT,
+			GOST_R_NO_PEER_KEY);
+		goto err;
+		}
+
+	param = get_encryption_params(gkt->key_agreement_info->cipher);
+	gost_init(&cctx,param->sblock);	
+	OPENSSL_assert(gkt->key_agreement_info->eph_iv->length==8);
+	memcpy(wrappedKey,gkt->key_agreement_info->eph_iv->data,8);
+	OPENSSL_assert(gkt->key_info->encrypted_key->length==32);
+	memcpy(wrappedKey+8,gkt->key_info->encrypted_key->data,32);
+	OPENSSL_assert(gkt->key_info->imit->length==4);
+	memcpy(wrappedKey+40,gkt->key_info->imit->data,4);	
+	make_cp_exchange_key(gost_get0_priv_key(priv),peerkey,sharedKey);
+	if (!keyUnwrapCryptoPro(&cctx,sharedKey,wrappedKey,key))
+		{
+		GOSTerr(GOST_F_PKEY_GOST94CP_DECRYPT,
+			GOST_R_ERROR_COMPUTING_SHARED_KEY);
+		goto err;
+		}	
+				
+	EVP_PKEY_free(eph_key);
+	GOST_KEY_TRANSPORT_free(gkt);
+	return 1;
+err:
+	EVP_PKEY_free(eph_key);
+	GOST_KEY_TRANSPORT_free(gkt);
+	return -1;
+	}	
+
diff --git a/engines/ccgost/gost_ameth.c b/engines/ccgost/gost_ameth.c
new file mode 100644
index 0000000000..16a99ac2b2
--- /dev/null
+++ b/engines/ccgost/gost_ameth.c
@@ -0,0 +1,910 @@
+/**********************************************************************
+ *                          gost_ameth.c                              *
+ *             Copyright (c) 2005-2006 Cryptocom LTD                  *
+ *         This file is distributed under the same license as OpenSSL *
+ *                                                                    *
+ *       Implementation of RFC 4490/4491 ASN1 method                  *
+ *       for OpenSSL                                                  *
+ *          Requires OpenSSL 0.9.9 for compilation                    *
+ **********************************************************************/
+#include <string.h>
+#include <openssl/crypto.h>
+#include <openssl/err.h>
+#include <openssl/engine.h>
+#include <openssl/evp.h>
+#include <openssl/asn1.h>
+#include "gost_params.h"
+#include "gost_lcl.h"
+#include "e_gost_err.h"
+
+int gost94_nid_by_params(DSA *p) 
+	{
+	R3410_params *gost_params;
+	BIGNUM *q=BN_new();
+	for (gost_params = R3410_paramset;gost_params->q!=NULL; gost_params++) 
+		{
+		BN_dec2bn(&q,gost_params->q);
+		if (!BN_cmp(q,p->q)) 
+			{
+			BN_free(q);
+			return gost_params->nid;
+			}
+		}	
+	BN_free(q);
+	return NID_undef;
+	}
+
+static ASN1_STRING  *encode_gost_algor_params(const EVP_PKEY *key)
+	{
+	ASN1_STRING *params = ASN1_STRING_new();
+	GOST_KEY_PARAMS *gkp = GOST_KEY_PARAMS_new();
+	int pkey_param_nid = NID_undef;
+	int cipher_param_nid = NID_undef;
+	if (!params || !gkp) 
+		{
+		GOSTerr(GOST_F_ENCODE_GOST_ALGOR_PARAMS,
+			ERR_R_MALLOC_FAILURE);
+		ASN1_STRING_free(params);
+		params = NULL;
+		goto err;
+		}	
+	switch (EVP_PKEY_base_id(key)) 
+		{
+		case NID_id_GostR3410_2001:
+			pkey_param_nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(EVP_PKEY_get0((EVP_PKEY *)key)));
+			cipher_param_nid = get_encryption_params(NULL)->nid;
+			break;
+		case NID_id_GostR3410_94:
+			pkey_param_nid = (int) gost94_nid_by_params(EVP_PKEY_get0((EVP_PKEY *)key));
+			if (pkey_param_nid == NID_undef) 
+				{
+				GOSTerr(GOST_F_ENCODE_GOST_ALGOR_PARAMS,
+					GOST_R_INVALID_GOST94_PARMSET);
+				ASN1_STRING_free(params);
+				params=NULL;
+				goto err;
+				}	
+			cipher_param_nid = get_encryption_params(NULL)->nid;
+			break;
+		}	
+	gkp->key_params = OBJ_nid2obj(pkey_param_nid);
+	gkp->hash_params = OBJ_nid2obj(NID_id_GostR3411_94_CryptoProParamSet);
+	/*gkp->cipher_params = OBJ_nid2obj(cipher_param_nid);*/
+	params->length = i2d_GOST_KEY_PARAMS(gkp, &params->data);
+	if (params->length <=0 ) 
+		{
+		GOSTerr(GOST_F_ENCODE_GOST_ALGOR_PARAMS,
+			ERR_R_MALLOC_FAILURE);
+		ASN1_STRING_free(params);
+		params = NULL;
+		goto err;
+		}
+	params ->type = V_ASN1_SEQUENCE;
+	err:
+	GOST_KEY_PARAMS_free(gkp);
+	return params;
+	}
+
+/* Parses GOST algorithm parameters from X509_ALGOR and
+ * modifies pkey setting NID and parameters
+ */
+static int decode_gost_algor_params(EVP_PKEY *pkey, X509_ALGOR *palg) 
+	{
+	ASN1_OBJECT *palg_obj =NULL;
+	int ptype = V_ASN1_UNDEF;
+	int pkey_nid = NID_undef,param_nid = NID_undef;
+        void *_pval;
+	ASN1_STRING *pval = NULL;
+	const unsigned char  *p;
+	GOST_KEY_PARAMS *gkp = NULL;
+
+	X509_ALGOR_get0(&palg_obj, &ptype, &_pval, palg);
+        pval = _pval;
+	if (ptype != V_ASN1_SEQUENCE) 
+		{
+		GOSTerr(GOST_F_DECODE_GOST_ALGOR_PARAMS,
+			GOST_R_BAD_KEY_PARAMETERS_FORMAT);
+		return 0;
+		}	
+	p=pval->data;
+	pkey_nid = OBJ_obj2nid(palg_obj);
+
+	gkp = d2i_GOST_KEY_PARAMS(NULL,&p,pval->length);
+	if (!gkp) 
+		{
+		GOSTerr(GOST_F_DECODE_GOST_ALGOR_PARAMS,
+			GOST_R_BAD_PKEY_PARAMETERS_FORMAT);
+		return 0;
+		}	
+	param_nid = OBJ_obj2nid(gkp->key_params);
+	GOST_KEY_PARAMS_free(gkp);
+	EVP_PKEY_set_type(pkey,pkey_nid);
+	switch (pkey_nid) 
+		{
+		case NID_id_GostR3410_94:
+		{
+		DSA *dsa= EVP_PKEY_get0(pkey);
+		if (!dsa) 
+			{
+			dsa = DSA_new();
+			if (!EVP_PKEY_assign(pkey,pkey_nid,dsa)) return 0;
+			}
+		if (!fill_GOST94_params(dsa,param_nid)) return 0;
+		break;
+		}
+		case NID_id_GostR3410_2001:
+		{
+		EC_KEY *ec = EVP_PKEY_get0(pkey);
+		if (!ec) 
+			{
+			ec = EC_KEY_new();
+			if (!EVP_PKEY_assign(pkey,pkey_nid,ec)) return 0;
+			}
+		if (!fill_GOST2001_params(ec,param_nid)) return 0;
+		}
+		}
+
+	return 1;
+	}
+
+static int gost_set_priv_key(EVP_PKEY *pkey,BIGNUM *priv) 
+	{
+	switch (EVP_PKEY_base_id(pkey)) 
+		{
+		case NID_id_GostR3410_94:
+		{
+		DSA *dsa = EVP_PKEY_get0(pkey);
+		if (!dsa) 
+			{
+			dsa = DSA_new();
+			EVP_PKEY_assign(pkey,EVP_PKEY_base_id(pkey),dsa);
+			}	
+		dsa->priv_key = BN_dup(priv);
+		if (!EVP_PKEY_missing_parameters(pkey)) 
+			gost94_compute_public(dsa);
+		break;
+		}	
+		case NID_id_GostR3410_2001:
+		{
+		EC_KEY *ec = EVP_PKEY_get0(pkey);
+		if (!ec) 
+			{
+			ec = EC_KEY_new();
+			EVP_PKEY_assign(pkey,EVP_PKEY_base_id(pkey),ec);
+			}	
+		if (!EC_KEY_set_private_key(ec,priv)) return 0;
+		if (!EVP_PKEY_missing_parameters(pkey)) 
+			gost2001_compute_public(ec);
+		break;
+		}
+		}
+	return 1;		
+	}
+BIGNUM* gost_get0_priv_key(const EVP_PKEY *pkey) 
+	{
+	switch (EVP_PKEY_base_id(pkey)) 
+		{
+		case NID_id_GostR3410_94:
+		{
+		DSA *dsa = EVP_PKEY_get0((EVP_PKEY *)pkey);
+		if (!dsa) 
+			{
+			return NULL;
+			}	
+		if (!dsa->priv_key) return NULL;
+		return dsa->priv_key;
+		break;
+		}	
+		case NID_id_GostR3410_2001:
+		{
+		EC_KEY *ec = EVP_PKEY_get0((EVP_PKEY *)pkey);
+		const BIGNUM* priv;
+		if (!ec) 
+			{
+			return NULL;
+			}	
+		if (!(priv=EC_KEY_get0_private_key(ec))) return NULL;
+		return (BIGNUM *)priv;
+		break;
+		}
+		}
+	return NULL;		
+	}
+
+static int pkey_ctrl_gost(EVP_PKEY *pkey, int op,
+	long arg1, void *arg2)
+	{
+	switch (op)
+		{
+		case ASN1_PKEY_CTRL_PKCS7_SIGN:
+			if (arg1 == 0) 
+				{
+				X509_ALGOR *alg1 = NULL, *alg2 = NULL;
+				int nid = EVP_PKEY_base_id(pkey);
+				PKCS7_SIGNER_INFO_get0_algs((PKCS7_SIGNER_INFO*)arg2, 
+					NULL, &alg1, &alg2);
+				X509_ALGOR_set0(alg1, OBJ_nid2obj(NID_id_GostR3411_94),
+					V_ASN1_NULL, 0);
+				if (nid == NID_undef) 
+					{
+					return (-1);
+					}
+				X509_ALGOR_set0(alg2, OBJ_nid2obj(nid), V_ASN1_NULL, 0);
+				}
+			return 1;
+		case ASN1_PKEY_CTRL_PKCS7_ENCRYPT:
+			if (arg1 == 0)
+				{
+				X509_ALGOR *alg;
+				ASN1_STRING * params = encode_gost_algor_params(pkey);
+				if (!params) 
+					{
+					return -1;
+					}
+				PKCS7_RECIP_INFO_get0_alg((PKCS7_RECIP_INFO*)arg2, &alg);
+				X509_ALGOR_set0(alg, OBJ_nid2obj(pkey->type),
+					V_ASN1_SEQUENCE, params);
+				}
+			return 1;
+		case ASN1_PKEY_CTRL_DEFAULT_MD_NID:
+			*(int *)arg2 = NID_id_GostR3411_94;
+			return 2;
+		}
+	
+	return -2;
+	}
+/*----------------------- free functions * ------------------------------*/
+static void pkey_free_gost94(EVP_PKEY *key) 
+	{
+	if (key->pkey.dsa) 
+		{
+		DSA_free(key->pkey.dsa);
+		}
+	}
+
+static void pkey_free_gost01(EVP_PKEY *key) 
+	{
+	if (key->pkey.ec) 
+		{
+		EC_KEY_free(key->pkey.ec);
+		}
+	}	
+
+/* ------------------ private key functions  -----------------------------*/
+static int priv_decode_gost( EVP_PKEY *pk, PKCS8_PRIV_KEY_INFO *p8inf) 
+	{
+	const unsigned char *pkey_buf = NULL,*p=NULL;
+	int priv_len = 0;
+	BIGNUM *pk_num=NULL;
+	int ret =0;
+	X509_ALGOR *palg =NULL;
+	ASN1_OBJECT *palg_obj = NULL;
+	ASN1_INTEGER *priv_key=NULL;
+
+	if (!PKCS8_pkey_get0(&palg_obj,&pkey_buf,&priv_len,&palg,p8inf)) 
+		return 0;
+	p = pkey_buf;
+	if (!decode_gost_algor_params(pk,palg)) 
+		{
+		return 0;
+		}
+	if (V_ASN1_OCTET_STRING == *p) 
+		{
+		/* New format - Little endian octet string */
+		unsigned char rev_buf[32];
+		int i;
+		ASN1_OCTET_STRING *s = d2i_ASN1_OCTET_STRING(NULL,&p,priv_len);
+		if (!s||s->length !=32) 
+			{
+			GOSTerr(GOST_F_PRIV_DECODE_GOST,
+				EVP_R_DECODE_ERROR);
+			return 0;	
+			}
+		for (i=0;i<32;i++)
+			{
+			rev_buf[31-i]=s->data[i];
+			}
+		ASN1_STRING_free(s);
+		pk_num = getbnfrombuf(rev_buf,32);
+		} 
+	else
+		{
+		priv_key=d2i_ASN1_INTEGER(NULL,&p,priv_len);
+		if (!priv_key) return 0;
+		ret= ((pk_num =  ASN1_INTEGER_to_BN(priv_key, NULL))!=NULL) ;
+		ASN1_INTEGER_free(priv_key);
+		if (!ret)
+			{
+			GOSTerr(GOST_F_PRIV_DECODE_GOST,
+				EVP_R_DECODE_ERROR);
+			return 0;	
+			}
+		}
+
+	ret= gost_set_priv_key(pk,pk_num);
+	BN_free(pk_num);
+	return ret;
+	}
+
+/* ----------------------------------------------------------------------*/
+static int priv_encode_gost(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk)
+	{
+	ASN1_OBJECT *algobj = OBJ_nid2obj(EVP_PKEY_base_id(pk));
+	ASN1_STRING *params = encode_gost_algor_params(pk);
+	unsigned char *priv_buf = NULL;
+	int priv_len;
+
+	ASN1_INTEGER *asn1key=NULL;
+	if (!params) 
+		{
+		return 0;
+		}
+	asn1key = BN_to_ASN1_INTEGER(gost_get0_priv_key(pk),NULL);
+	priv_len = i2d_ASN1_INTEGER(asn1key,&priv_buf);
+	ASN1_INTEGER_free(asn1key);
+	return PKCS8_pkey_set0(p8,algobj,0,V_ASN1_SEQUENCE,params,
+		priv_buf,priv_len);
+	}
+/* --------- printing keys --------------------------------*/
+static int print_gost_94(BIO *out, const EVP_PKEY *pkey, int indent,
+	ASN1_PCTX *pctx, int type) 
+	{
+	int param_nid = NID_undef;
+
+	if (type == 2) 
+		{
+		BIGNUM *key;
+
+		if (!BIO_indent(out,indent,128)) return 0;
+		BIO_printf(out,"Private key: ");
+		key = gost_get0_priv_key(pkey);
+		if (!key) 
+			BIO_printf(out,"<undefined>");
+		else 
+			BN_print(out,key);
+		BIO_printf(out,"\n");
+		}
+	if (type >= 1)
+		{
+		BIGNUM *pubkey;
+		
+		pubkey = ((DSA *)EVP_PKEY_get0((EVP_PKEY *)pkey))->pub_key;
+		BIO_indent(out,indent,128);
+		BIO_printf(out,"Public key: ");
+		BN_print(out,pubkey);
+		BIO_printf(out,"\n");
+	}	
+
+	param_nid = gost94_nid_by_params(EVP_PKEY_get0((EVP_PKEY *)pkey));
+	BIO_indent(out,indent,128);
+	BIO_printf(out, "Parameter set: %s\n",OBJ_nid2ln(param_nid));
+	return 1;
+}
+
+static int param_print_gost94(BIO *out, const EVP_PKEY *pkey, int indent,
+	ASN1_PCTX *pctx) 
+	{
+	return print_gost_94(out, pkey, indent, pctx,0);
+	}
+
+static int pub_print_gost94(BIO *out, const EVP_PKEY *pkey, int indent,
+	ASN1_PCTX *pctx)
+	{
+	return print_gost_94(out,pkey, indent, pctx,1);
+	}
+static int priv_print_gost94(BIO *out,const EVP_PKEY *pkey, int indent,
+	ASN1_PCTX *pctx) 
+	{
+	return print_gost_94(out,pkey,indent,pctx,2);
+	}
+
+static int print_gost_01(BIO *out, const EVP_PKEY *pkey, int indent,
+	ASN1_PCTX *pctx, int type)
+	{
+	int param_nid = NID_undef;
+	if (type == 2) 
+		{
+		BIGNUM *key;
+
+		if (!BIO_indent(out,indent,128)) return 0;
+		BIO_printf(out,"Private key: ");
+		key = gost_get0_priv_key(pkey);
+		if (!key) 
+			BIO_printf(out,"<undefined)");
+		else 
+			BN_print(out,key);
+		BIO_printf(out,"\n");
+		}
+	if (type >= 1) 
+		{
+		BN_CTX *ctx = BN_CTX_new();
+		BIGNUM *X,*Y;
+		const EC_POINT *pubkey;
+		const EC_GROUP *group;
+
+		if (!ctx) 
+			{
+			GOSTerr(GOST_F_PRINT_GOST_01,ERR_R_MALLOC_FAILURE);
+			return 0;
+			}
+		BN_CTX_start(ctx);
+		X = BN_CTX_get(ctx);
+		Y = BN_CTX_get(ctx);
+		pubkey = EC_KEY_get0_public_key((EC_KEY *)EVP_PKEY_get0((EVP_PKEY *)pkey));
+		group = EC_KEY_get0_group((EC_KEY *)EVP_PKEY_get0((EVP_PKEY *)pkey));
+		if (!EC_POINT_get_affine_coordinates_GFp(group,pubkey,X,Y,ctx)) 
+			{
+			GOSTerr(GOST_F_PRINT_GOST_01,ERR_R_EC_LIB);
+			BN_CTX_free(ctx);
+			return 0;
+			}
+		if (!BIO_indent(out,indent,128)) return 0;
+		BIO_printf(out,"Public key:\n");
+		if (!BIO_indent(out,indent+3,128)) return 0;
+		BIO_printf(out,"X:");
+		BN_print(out,X);
+		BIO_printf(out,"\n");
+		BIO_indent(out,indent+3,128);
+		BIO_printf(out,"Y:");
+		BN_print(out,Y);
+		BIO_printf(out,"\n");
+		BN_CTX_end(ctx);
+		BN_CTX_free(ctx);
+		}
+
+	param_nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(EVP_PKEY_get0((EVP_PKEY *)pkey)));
+	if (!BIO_indent(out,indent,128)) return 0;
+	BIO_printf(out,"Parameter set: %s\n",OBJ_nid2ln(param_nid));
+	return 1;
+}
+static int param_print_gost01(BIO *out, const EVP_PKEY *pkey, int indent,
+	ASN1_PCTX *pctx) 
+	{	
+	return print_gost_01(out,pkey,indent,pctx,0);
+	}
+static int pub_print_gost01(BIO *out, const EVP_PKEY *pkey, int indent,
+	ASN1_PCTX *pctx)
+	{
+	return print_gost_01(out,pkey, indent, pctx,1);
+	}
+static int priv_print_gost01(BIO *out,const EVP_PKEY *pkey, int indent,
+	ASN1_PCTX *pctx) 
+	{
+	return print_gost_01(out,pkey,indent,pctx,2);
+	}
+/* ---------------------------------------------------------------------*/
+static int param_missing_gost94(const EVP_PKEY *pk) 
+	{
+	const DSA *dsa = EVP_PKEY_get0((EVP_PKEY *)pk);
+	if (!dsa) return 1;
+	if (!dsa->q) return 1;
+	return 0;
+	}
+
+static int param_missing_gost01(const EVP_PKEY *pk) 
+	{
+	const EC_KEY *ec = EVP_PKEY_get0((EVP_PKEY *)pk);
+	if (!ec) return 1;
+	if (!EC_KEY_get0_group(ec)) return 1;
+	return 0;
+	}
+
+static int param_copy_gost94(EVP_PKEY *to, const EVP_PKEY *from) 
+	{
+	const DSA *dfrom = EVP_PKEY_get0((EVP_PKEY *)from);
+	DSA *dto = EVP_PKEY_get0(to);
+	if (EVP_PKEY_base_id(from) != EVP_PKEY_base_id(to)) 
+		{
+		GOSTerr(GOST_F_PARAM_COPY_GOST94,
+			GOST_R_INCOMPATIBLE_ALGORITHMS);
+		return 0;
+		}	
+	if (!dfrom) 
+		{
+		GOSTerr(GOST_F_PARAM_COPY_GOST94,
+			GOST_R_KEY_PARAMETERS_MISSING);
+		return 0;
+		}	
+	if (!dto) 
+		{
+		dto = DSA_new();
+		EVP_PKEY_assign(to,EVP_PKEY_base_id(from),dto);
+		}	
+#define COPYBIGNUM(a,b,x) if (a->x) BN_free(a->x); a->x=BN_dup(b->x);	
+	COPYBIGNUM(dto,dfrom,p)
+		COPYBIGNUM(dto,dfrom,q)
+		COPYBIGNUM(dto,dfrom,g)
+
+		if (dto->priv_key) 
+			gost94_compute_public(dto);
+	return 1;	
+	}
+static int param_copy_gost01(EVP_PKEY *to, const EVP_PKEY *from) 
+	{
+	EC_KEY *eto = EVP_PKEY_get0(to);
+	const EC_KEY *efrom = EVP_PKEY_get0((EVP_PKEY *)from);
+	if (EVP_PKEY_base_id(from) != EVP_PKEY_base_id(to)) 
+		{
+		GOSTerr(GOST_F_PARAM_COPY_GOST01,
+			GOST_R_INCOMPATIBLE_ALGORITHMS);
+		return 0;
+		}	
+	if (!efrom) 
+		{
+		GOSTerr(GOST_F_PARAM_COPY_GOST01,
+			GOST_R_KEY_PARAMETERS_MISSING);
+		return 0;
+		}	
+	if (!eto) 
+		{
+		eto = EC_KEY_new();
+		EVP_PKEY_assign(to,EVP_PKEY_base_id(from),eto);
+		}	
+	EC_KEY_set_group(eto,EC_KEY_get0_group(efrom));
+	if (EC_KEY_get0_private_key(eto)) 
+		{
+		gost2001_compute_public(eto);
+		}
+	return 1;
+	}
+
+static int param_cmp_gost94(const EVP_PKEY *a, const EVP_PKEY *b) 
+	{
+	const DSA *da = EVP_PKEY_get0((EVP_PKEY *)a);
+	const DSA *db = EVP_PKEY_get0((EVP_PKEY *)b);
+	if (!BN_cmp(da->q,db->q)) return 1;
+	return 0;
+	}
+
+static int param_cmp_gost01(const EVP_PKEY *a, const EVP_PKEY *b) 
+	{
+	if (EC_GROUP_get_curve_name(EC_KEY_get0_group(EVP_PKEY_get0((EVP_PKEY *)a)))==
+		EC_GROUP_get_curve_name(EC_KEY_get0_group(EVP_PKEY_get0((EVP_PKEY *)b)))) 
+		{
+		return 1;
+		}
+	return 0;
+
+	}
+
+/* ---------- Public key functions * --------------------------------------*/
+static int pub_decode_gost94(EVP_PKEY *pk, X509_PUBKEY *pub)
+	{
+	X509_ALGOR *palg = NULL;
+	const unsigned char *pubkey_buf = NULL;
+	unsigned char *databuf;
+	ASN1_OBJECT *palgobj = NULL;
+	int pub_len,i,j;
+	DSA *dsa;
+	ASN1_OCTET_STRING *octet= NULL;
+
+	if (!X509_PUBKEY_get0_param(&palgobj,&pubkey_buf,&pub_len,
+			&palg, pub)) return 0;
+	EVP_PKEY_assign(pk,OBJ_obj2nid(palgobj),NULL);	
+	if (!decode_gost_algor_params(pk,palg)) return 0;
+	octet = d2i_ASN1_OCTET_STRING(NULL,&pubkey_buf,pub_len);
+	if (!octet) 
+		{
+		GOSTerr(GOST_F_PUB_DECODE_GOST94,ERR_R_MALLOC_FAILURE);
+		return 0;
+		}	
+	databuf = OPENSSL_malloc(octet->length);
+	for (i=0,j=octet->length-1;i<octet->length;i++,j--)
+		{
+		databuf[j]=octet->data[i];
+		}	
+	dsa = EVP_PKEY_get0(pk);
+	dsa->pub_key=BN_bin2bn(databuf,octet->length,NULL);
+	ASN1_OCTET_STRING_free(octet);
+	OPENSSL_free(databuf);
+	return 1;
+
+	}
+
+static int pub_encode_gost94(X509_PUBKEY *pub,const EVP_PKEY *pk)
+	{
+	ASN1_OBJECT *algobj = NULL;
+	ASN1_OCTET_STRING *octet = NULL;
+	void *pval = NULL;
+	unsigned char *buf=NULL,*databuf,*sptr;
+	int i,j,data_len,ret=0;
+
+	int ptype = V_ASN1_UNDEF;
+	DSA *dsa = EVP_PKEY_get0((EVP_PKEY *)pk);
+	algobj = OBJ_nid2obj(EVP_PKEY_base_id(pk));
+	if (pk->save_parameters) 
+		{
+		ASN1_STRING *params = encode_gost_algor_params(pk);
+		pval = params;
+		ptype = V_ASN1_SEQUENCE;
+		}	
+	data_len = BN_num_bytes(dsa->pub_key);
+	databuf = OPENSSL_malloc(data_len);
+	BN_bn2bin(dsa->pub_key,databuf);
+	octet = ASN1_OCTET_STRING_new();
+	ASN1_STRING_set(octet,NULL,data_len);
+	sptr = ASN1_STRING_data(octet);
+	for (i=0,j=data_len-1; i< data_len;i++,j--)
+		{
+		sptr[i]=databuf[j];
+		}
+	OPENSSL_free(databuf);
+	ret = i2d_ASN1_OCTET_STRING(octet,&buf);
+	ASN1_BIT_STRING_free(octet);
+	if (ret <0)  return 0;
+	return X509_PUBKEY_set0_param(pub,algobj,ptype,pval,buf,ret);
+	}
+
+static int pub_decode_gost01(EVP_PKEY *pk,X509_PUBKEY *pub)
+	{
+	X509_ALGOR *palg = NULL;
+	const unsigned char *pubkey_buf = NULL;
+	unsigned char *databuf;
+	ASN1_OBJECT *palgobj = NULL;
+	int pub_len,i,j;
+	EC_POINT *pub_key;
+	BIGNUM *X,*Y;
+	ASN1_OCTET_STRING *octet= NULL;
+	int len;
+	const EC_GROUP *group;
+
+	if (!X509_PUBKEY_get0_param(&palgobj,&pubkey_buf,&pub_len,
+			&palg, pub)) return 0;
+	EVP_PKEY_assign(pk,OBJ_obj2nid(palgobj),NULL);	
+	if (!decode_gost_algor_params(pk,palg)) return 0;
+	group = EC_KEY_get0_group(EVP_PKEY_get0(pk));
+	octet = d2i_ASN1_OCTET_STRING(NULL,&pubkey_buf,pub_len);
+	if (!octet) 
+		{
+		GOSTerr(GOST_F_PUB_DECODE_GOST01,ERR_R_MALLOC_FAILURE);
+		return 0;
+		}	
+	databuf = OPENSSL_malloc(octet->length);
+	for (i=0,j=octet->length-1;i<octet->length;i++,j--)
+		{
+		databuf[j]=octet->data[i];
+		}
+	len=octet->length/2;
+	ASN1_OCTET_STRING_free(octet);	
+	
+	Y= getbnfrombuf(databuf,len);
+	X= getbnfrombuf(databuf+len,len);
+	OPENSSL_free(databuf);
+	pub_key = EC_POINT_new(group);
+	if (!EC_POINT_set_affine_coordinates_GFp(group
+			,pub_key,X,Y,NULL))
+		{
+		GOSTerr(GOST_F_PUB_DECODE_GOST01,
+			ERR_R_EC_LIB);
+		EC_POINT_free(pub_key);
+		BN_free(X);
+		BN_free(Y);
+		return 0;
+		}	
+	BN_free(X);
+	BN_free(Y);
+	if (!EC_KEY_set_public_key(EVP_PKEY_get0(pk),pub_key))
+		{
+		GOSTerr(GOST_F_PUB_DECODE_GOST01,
+			ERR_R_EC_LIB);
+		EC_POINT_free(pub_key);
+		return 0;
+		}	
+	EC_POINT_free(pub_key);
+	return 1;
+
+	}
+
+static int pub_encode_gost01(X509_PUBKEY *pub,const EVP_PKEY *pk)
+	{
+	ASN1_OBJECT *algobj = NULL;
+	ASN1_OCTET_STRING *octet = NULL;
+	void *pval = NULL;
+	unsigned char *buf=NULL,*databuf,*sptr;
+	int i,j,data_len,ret=0;
+	const EC_POINT *pub_key;
+	BIGNUM *X,*Y,*order;
+	const EC_KEY *ec = EVP_PKEY_get0((EVP_PKEY *)pk);
+	int ptype = V_ASN1_UNDEF;
+
+	algobj = OBJ_nid2obj(EVP_PKEY_base_id(pk));
+	if (pk->save_parameters) 
+		{
+		ASN1_STRING *params = encode_gost_algor_params(pk);
+		pval = params;
+		ptype = V_ASN1_SEQUENCE;
+		}
+	order = BN_new();
+	EC_GROUP_get_order(EC_KEY_get0_group(ec),order,NULL);
+	pub_key=EC_KEY_get0_public_key(ec);
+	if (!pub_key) 
+		{
+		GOSTerr(GOST_F_PUB_ENCODE_GOST01,
+			GOST_R_PUBLIC_KEY_UNDEFINED);
+		return 0;
+		}	
+	X=BN_new();
+	Y=BN_new();
+	EC_POINT_get_affine_coordinates_GFp(EC_KEY_get0_group(ec),
+		pub_key,X,Y,NULL);
+	data_len = 2*BN_num_bytes(order);
+	BN_free(order);
+	databuf = OPENSSL_malloc(data_len);
+	memset(databuf,0,data_len);
+	
+	store_bignum(X,databuf+data_len/2,data_len/2);
+	store_bignum(Y,databuf,data_len/2);
+
+	BN_free(X);
+	BN_free(Y);
+	octet = ASN1_OCTET_STRING_new();
+	ASN1_STRING_set(octet,NULL,data_len);
+	sptr=ASN1_STRING_data(octet);
+    for (i=0,j=data_len-1;i<data_len;i++,j--) 
+		{
+        sptr[i]=databuf[j];
+		}
+    OPENSSL_free(databuf);
+	ret = i2d_ASN1_OCTET_STRING(octet,&buf);
+	ASN1_BIT_STRING_free(octet);
+	if (ret <0)  return 0;
+	return X509_PUBKEY_set0_param(pub,algobj,ptype,pval,buf,ret);
+	}
+
+static int pub_cmp_gost94(const EVP_PKEY *a, const EVP_PKEY *b)
+	{
+	const DSA *da = EVP_PKEY_get0((EVP_PKEY *)a);
+	const DSA *db = EVP_PKEY_get0((EVP_PKEY *)b);
+	if (da && db && da->pub_key && db->pub_key
+		&& !BN_cmp(da->pub_key,db->pub_key)) 
+		{
+		return 1;
+		}		
+	return 0;
+	}
+
+static int pub_cmp_gost01(const EVP_PKEY *a,const EVP_PKEY *b)
+	{
+	const EC_KEY *ea = EVP_PKEY_get0((EVP_PKEY *)a);
+	const EC_KEY *eb = EVP_PKEY_get0((EVP_PKEY *)b);
+	const EC_POINT *ka,*kb;
+	int ret=0;
+	if (!ea || !eb) return 0;
+	ka = EC_KEY_get0_public_key(ea);
+	kb = EC_KEY_get0_public_key(eb);
+	if (!ka || !kb) return 0;
+	ret = (0==EC_POINT_cmp(EC_KEY_get0_group(ea),ka,kb,NULL)) ;
+	return ret;
+	}
+
+
+
+
+static int pkey_size_gost(const EVP_PKEY *pk)
+	{
+	return 64;
+	}
+
+static int pkey_bits_gost(const EVP_PKEY *pk)
+	{
+	return 256;
+	}
+/*------------------------ ASN1 METHOD for GOST MAC  -------------------*/
+static void  mackey_free_gost(EVP_PKEY *pk)
+	{
+		if (pk->pkey.ptr) {
+			OPENSSL_free(pk->pkey.ptr);
+		}	
+	}
+static int mac_ctrl_gost(EVP_PKEY *pkey, int op, long arg1, void *arg2)
+{
+	switch (op)
+		{
+		case ASN1_PKEY_CTRL_DEFAULT_MD_NID:
+			*(int *)arg2 = NID_undef;
+			return 2;
+		}
+	return -2;
+}	
+
+static int gost94_param_encode(const EVP_PKEY *pkey, unsigned char **pder) 
+{
+   int nid=gost94_nid_by_params(EVP_PKEY_get0((EVP_PKEY *)pkey));
+   return i2d_ASN1_OBJECT(OBJ_nid2obj(nid),pder);
+}
+static int gost2001_param_encode(const EVP_PKEY *pkey, unsigned char **pder) 
+{
+   int nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(EVP_PKEY_get0((EVP_PKEY *)pkey)));
+   return i2d_ASN1_OBJECT(OBJ_nid2obj(nid),pder);
+}
+
+static int gost94_param_decode(EVP_PKEY *pkey, const unsigned char **pder, int derlen)
+{
+	ASN1_OBJECT *obj=NULL;
+	DSA *dsa = EVP_PKEY_get0(pkey);
+	int nid;
+	if (d2i_ASN1_OBJECT(&obj,pder,derlen)==NULL) {
+		return 0;
+	}
+	nid = OBJ_obj2nid(obj);
+	ASN1_OBJECT_free(obj);
+	if (!dsa) 
+		{
+		dsa=DSA_new();
+		if (!EVP_PKEY_assign(pkey,NID_id_GostR3410_94,dsa)) return 0;
+		}
+	if (!fill_GOST94_params(dsa,nid)) return 0;
+	return 1;
+}	
+
+static int gost2001_param_decode(EVP_PKEY *pkey, const unsigned char **pder, int derlen) {
+	ASN1_OBJECT *obj=NULL;
+	int nid;
+	EC_KEY *ec = EVP_PKEY_get0(pkey);
+	if (d2i_ASN1_OBJECT(&obj,pder,derlen)==NULL) {
+		return 0;
+	}
+	nid = OBJ_obj2nid(obj);
+	ASN1_OBJECT_free(obj);
+	if (!ec) 
+		{
+		ec = EC_KEY_new();
+		if (!EVP_PKEY_assign(pkey,NID_id_GostR3410_2001,ec)) return 0;
+		}	
+	if (!fill_GOST2001_params(ec, nid)) return 0;
+	return 1;
+}	
+
+
+
+
+
+/* ----------------------------------------------------------------------*/
+int register_ameth_gost (int nid, EVP_PKEY_ASN1_METHOD **ameth, const char* pemstr, const char* info) 
+	{
+	*ameth =	EVP_PKEY_asn1_new(nid, 
+		ASN1_PKEY_SIGPARAM_NULL, pemstr, info); 
+	if (!*ameth) return 0;
+	switch (nid) 
+		{
+		case NID_id_GostR3410_94:
+			EVP_PKEY_asn1_set_free (*ameth, pkey_free_gost94);
+			EVP_PKEY_asn1_set_private (*ameth, 
+				priv_decode_gost, priv_encode_gost, 
+				priv_print_gost94);
+
+			EVP_PKEY_asn1_set_param (*ameth, 
+				gost94_param_decode, gost94_param_encode,
+				param_missing_gost94, param_copy_gost94, 
+				param_cmp_gost94,param_print_gost94 );
+			EVP_PKEY_asn1_set_public (*ameth,
+				pub_decode_gost94, pub_encode_gost94,
+				pub_cmp_gost94, pub_print_gost94,
+				pkey_size_gost, pkey_bits_gost);
+	
+			EVP_PKEY_asn1_set_ctrl (*ameth, pkey_ctrl_gost);
+			break;
+		case NID_id_GostR3410_2001:
+			EVP_PKEY_asn1_set_free (*ameth, pkey_free_gost01);
+			EVP_PKEY_asn1_set_private (*ameth, 
+				priv_decode_gost, priv_encode_gost, 
+				priv_print_gost01);
+
+			EVP_PKEY_asn1_set_param (*ameth, 
+				gost2001_param_decode, gost2001_param_encode,
+				param_missing_gost01, param_copy_gost01, 
+				param_cmp_gost01, param_print_gost01);
+			EVP_PKEY_asn1_set_public (*ameth,
+				pub_decode_gost01, pub_encode_gost01,
+				pub_cmp_gost01, pub_print_gost01,
+				pkey_size_gost, pkey_bits_gost);
+	
+			EVP_PKEY_asn1_set_ctrl (*ameth, pkey_ctrl_gost);
+			break;
+		case NID_id_Gost28147_89_MAC:
+			EVP_PKEY_asn1_set_free(*ameth, mackey_free_gost);
+			EVP_PKEY_asn1_set_ctrl(*ameth,mac_ctrl_gost);	
+			break;
+		}		
+	return 1;
+	}
diff --git a/engines/ccgost/gost_asn1.c b/engines/ccgost/gost_asn1.c
new file mode 100644
index 0000000000..318ecfce57
--- /dev/null
+++ b/engines/ccgost/gost_asn1.c
@@ -0,0 +1,55 @@
+/**********************************************************************
+ *                          gost_keytrans.c                           *
+ *             Copyright (c) 2005-2006 Cryptocom LTD                  *
+ *         This file is distributed under the same license as OpenSSL *
+ *                                                                    *
+ *   ASN1 structure definition for GOST key transport                 *
+ *          Requires OpenSSL 0.9.9 for compilation                    *
+ **********************************************************************/
+#include <stdio.h>
+#include <openssl/asn1t.h>
+#include <openssl/x509.h>
+#include "gost_lcl.h"
+
+ASN1_NDEF_SEQUENCE(GOST_KEY_TRANSPORT) = {
+	ASN1_SIMPLE(GOST_KEY_TRANSPORT, key_info, GOST_KEY_INFO),
+	ASN1_IMP(GOST_KEY_TRANSPORT, key_agreement_info, GOST_KEY_AGREEMENT_INFO, 0)
+} ASN1_NDEF_SEQUENCE_END(GOST_KEY_TRANSPORT)
+
+IMPLEMENT_ASN1_FUNCTIONS(GOST_KEY_TRANSPORT)
+
+ASN1_NDEF_SEQUENCE(GOST_KEY_INFO) = {
+	ASN1_SIMPLE(GOST_KEY_INFO, encrypted_key, ASN1_OCTET_STRING),
+	ASN1_SIMPLE(GOST_KEY_INFO, imit,          ASN1_OCTET_STRING)
+} ASN1_NDEF_SEQUENCE_END(GOST_KEY_INFO)
+
+IMPLEMENT_ASN1_FUNCTIONS(GOST_KEY_INFO)
+
+ASN1_NDEF_SEQUENCE(GOST_KEY_AGREEMENT_INFO) = {
+	ASN1_SIMPLE(GOST_KEY_AGREEMENT_INFO, cipher, ASN1_OBJECT),
+	ASN1_IMP_OPT(GOST_KEY_AGREEMENT_INFO, ephem_key, X509_PUBKEY, 0),
+	ASN1_SIMPLE(GOST_KEY_AGREEMENT_INFO, eph_iv, ASN1_OCTET_STRING)
+} ASN1_NDEF_SEQUENCE_END(GOST_KEY_AGREEMENT_INFO)
+
+IMPLEMENT_ASN1_FUNCTIONS(GOST_KEY_AGREEMENT_INFO)
+
+ASN1_NDEF_SEQUENCE(GOST_KEY_PARAMS) = {
+	ASN1_SIMPLE(GOST_KEY_PARAMS, key_params, ASN1_OBJECT),
+	ASN1_SIMPLE(GOST_KEY_PARAMS, hash_params, ASN1_OBJECT),
+	ASN1_OPT(GOST_KEY_PARAMS, cipher_params, ASN1_OBJECT),
+} ASN1_NDEF_SEQUENCE_END(GOST_KEY_PARAMS)
+
+IMPLEMENT_ASN1_FUNCTIONS(GOST_KEY_PARAMS)
+
+ASN1_NDEF_SEQUENCE(GOST_CIPHER_PARAMS) = {
+	ASN1_SIMPLE(GOST_CIPHER_PARAMS, iv, ASN1_OCTET_STRING),
+	ASN1_SIMPLE(GOST_CIPHER_PARAMS, enc_param_set, ASN1_OBJECT),
+} ASN1_NDEF_SEQUENCE_END(GOST_CIPHER_PARAMS)
+
+IMPLEMENT_ASN1_FUNCTIONS(GOST_CIPHER_PARAMS)
+
+ASN1_NDEF_SEQUENCE(GOST_CLIENT_KEY_EXCHANGE_PARAMS) = { /*FIXME incomplete*/
+	ASN1_SIMPLE(GOST_CLIENT_KEY_EXCHANGE_PARAMS, gkt, GOST_KEY_TRANSPORT)
+} ASN1_NDEF_SEQUENCE_END(GOST_CLIENT_KEY_EXCHANGE_PARAMS)
+
+IMPLEMENT_ASN1_FUNCTIONS(GOST_CLIENT_KEY_EXCHANGE_PARAMS)
diff --git a/engines/ccgost/gost_crypt.c b/engines/ccgost/gost_crypt.c
new file mode 100644
index 0000000000..eb11f0e328
--- /dev/null
+++ b/engines/ccgost/gost_crypt.c
@@ -0,0 +1,614 @@
+/**********************************************************************
+ *                          gost_crypt.c                              *
+ *             Copyright (c) 2005-2006 Cryptocom LTD                  *
+ *         This file is distributed under the same license as OpenSSL *
+ *                                                                    *
+ *       OpenSSL interface to GOST 28147-89 cipher functions          *
+ *          Requires OpenSSL 0.9.9 for compilation                    *
+ **********************************************************************/
+#include <string.h>
+#include "gost89.h"
+#include <openssl/rand.h>
+#include "e_gost_err.h"
+#include "gost_lcl.h"
+static int gost_cipher_init(EVP_CIPHER_CTX *ctx, const unsigned char *key, 
+	const unsigned char *iv, int enc);
+static int	gost_cipher_init_cpa(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+	const unsigned char *iv, int enc);
+/* Handles block of data in CFB mode */			
+static int	gost_cipher_do_cfb(EVP_CIPHER_CTX *ctx, unsigned char *out,
+	const unsigned char *in, size_t inl);
+/* Handles block of data in CNT mode */			
+static int	gost_cipher_do_cnt(EVP_CIPHER_CTX *ctx, unsigned char *out,
+	const unsigned char *in, size_t inl);
+/* Cleanup function */			
+static int gost_cipher_cleanup(EVP_CIPHER_CTX *);
+/* set/get cipher parameters */
+static int gost89_set_asn1_parameters(EVP_CIPHER_CTX *ctx,ASN1_TYPE *params);
+static int gost89_get_asn1_parameters(EVP_CIPHER_CTX *ctx,ASN1_TYPE *params);
+/* Control function */
+static int gost_cipher_ctl(EVP_CIPHER_CTX *ctx,int type,int arg,void *ptr);
+
+EVP_CIPHER cipher_gost = 
+	{
+	NID_id_Gost28147_89,
+	1,/*block_size*/
+	32,/*key_size*/
+	8,/*iv_len */
+	EVP_CIPH_CFB_MODE| EVP_CIPH_NO_PADDING |
+	EVP_CIPH_CUSTOM_IV| EVP_CIPH_RAND_KEY | EVP_CIPH_ALWAYS_CALL_INIT,
+	gost_cipher_init,
+	gost_cipher_do_cfb,
+	gost_cipher_cleanup,
+	sizeof(struct ossl_gost_cipher_ctx),/* ctx_size */
+	gost89_set_asn1_parameters,
+	gost89_get_asn1_parameters,
+	gost_cipher_ctl,
+	NULL,
+	};
+
+EVP_CIPHER cipher_gost_cpacnt = 
+	{
+	NID_gost89_cnt,
+	1,/*block_size*/
+	32,/*key_size*/
+	8,/*iv_len */
+	EVP_CIPH_OFB_MODE| EVP_CIPH_NO_PADDING |
+	EVP_CIPH_CUSTOM_IV| EVP_CIPH_RAND_KEY | EVP_CIPH_ALWAYS_CALL_INIT,
+	gost_cipher_init_cpa,
+	gost_cipher_do_cnt,
+	gost_cipher_cleanup,
+	sizeof(struct ossl_gost_cipher_ctx), /* ctx_size */
+	gost89_set_asn1_parameters,
+	gost89_get_asn1_parameters,
+	gost_cipher_ctl,
+	NULL,
+	};
+
+/* Implementation of GOST 28147-89 in MAC (imitovstavka) mode */
+/* Init functions which set specific parameters */
+static int gost_imit_init_cpa(EVP_MD_CTX *ctx);
+/* process block of data */
+static int gost_imit_update(EVP_MD_CTX *ctx, const void *data, size_t count);
+/* Return computed value */
+static int gost_imit_final(EVP_MD_CTX *ctx,unsigned char *md);
+/* Copies context */
+static int gost_imit_copy(EVP_MD_CTX *to,const EVP_MD_CTX *from);
+static int gost_imit_cleanup(EVP_MD_CTX *ctx);
+/* Control function, knows how to set MAC key.*/
+static int gost_imit_ctrl(EVP_MD_CTX *ctx,int type, int arg, void *ptr);
+
+EVP_MD imit_gost_cpa =
+	{
+	NID_id_Gost28147_89_MAC,
+	NID_undef,
+	4,
+	0,
+	gost_imit_init_cpa,
+	gost_imit_update,
+	gost_imit_final,
+	gost_imit_copy,
+	gost_imit_cleanup,
+	NULL,
+	NULL,
+	{0,0,0,0,0},
+	8,
+	sizeof(struct ossl_gost_imit_ctx), 
+	gost_imit_ctrl
+	};
+
+/* 
+ * Correspondence between gost parameter OIDs and substitution blocks
+ * NID field is filed by register_gost_NID function in engine.c
+ * upon engine initialization
+ */
+
+struct gost_cipher_info gost_cipher_list[]=
+	{
+/* NID */  /* Subst block */          /* Key meshing*/
+/*{NID_id_GostR3411_94_CryptoProParamSet,&GostR3411_94_CryptoProParamSet,0},*/
+	{NID_id_Gost28147_89_cc,&GostR3411_94_CryptoProParamSet,0},
+	{NID_id_Gost28147_89_CryptoPro_A_ParamSet,&Gost28147_CryptoProParamSetA,1},
+	{NID_id_Gost28147_89_CryptoPro_B_ParamSet,&Gost28147_CryptoProParamSetB,1},
+	{NID_id_Gost28147_89_CryptoPro_C_ParamSet,&Gost28147_CryptoProParamSetC,1},
+	{NID_id_Gost28147_89_CryptoPro_D_ParamSet,&Gost28147_CryptoProParamSetD,1},
+	{NID_id_Gost28147_89_TestParamSet,&Gost28147_TestParamSet,1},
+	{NID_undef,NULL,0}
+	};	
+
+/*  get encryption parameters from crypto network settings
+	FIXME For now we use environment var CRYPT_PARAMS as place to 
+	store these settings. Actually, it is better to use engine control   command, read from configuration file to set them */
+const struct gost_cipher_info *get_encryption_params(ASN1_OBJECT *obj)
+	{
+	int nid;
+	struct gost_cipher_info *param;
+	if (!obj)
+		{
+		const char * params = get_gost_engine_param(GOST_PARAM_CRYPT_PARAMS);
+		if (!params || !strlen(params)) 
+			return &gost_cipher_list[1];
+
+		nid = OBJ_txt2nid(params);
+		if (nid == NID_undef)
+			{
+			GOSTerr(GOST_F_GET_ENCRYPTION_PARAMS,
+				GOST_R_INVALID_CIPHER_PARAM_OID);
+			return NULL;
+			}	
+		}
+	else
+		{
+		nid= OBJ_obj2nid(obj);
+		}
+	for (param=gost_cipher_list;param->sblock!=NULL && param->nid!=nid; 
+		 param++);
+	if (!param->sblock)
+		{
+		GOSTerr(GOST_F_GET_ENCRYPTION_PARAMS,GOST_R_INVALID_CIPHER_PARAMS);
+		return NULL;
+		}	
+	return param;
+	}
+
+/* Sets cipher param from paramset NID. */
+static int gost_cipher_set_param(struct ossl_gost_cipher_ctx *c,int nid)
+	{
+	const struct gost_cipher_info *param;
+	param=get_encryption_params((nid==NID_undef?NULL:OBJ_nid2obj(nid)));
+	if (!param) return 0;
+	
+	c->paramNID = param->nid;
+	c->key_meshing=param->key_meshing;
+	c->count=0;
+	gost_init(&(c->cctx), param->sblock);
+	return 1;
+	}
+
+/* Initializes EVP_CIPHER_CTX by paramset NID */
+static int gost_cipher_init_param(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+	const unsigned char *iv, int enc, int paramNID,int mode)
+	{
+	struct ossl_gost_cipher_ctx *c=ctx->cipher_data;
+	if (ctx->app_data == NULL)
+		{
+		if (!gost_cipher_set_param(c,paramNID)) return 0;
+		ctx->app_data = ctx->cipher_data;
+		}
+	if (key) gost_key(&(c->cctx),key);
+	if(iv) memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx));
+	memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx));
+	return 1;
+	}	
+
+static int gost_cipher_init_cpa(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+	const unsigned char *iv, int enc)
+	{
+	struct ossl_gost_cipher_ctx *c=ctx->cipher_data;
+	gost_init(&(c->cctx),&Gost28147_CryptoProParamSetA);
+	c->key_meshing=1;
+	c->count=0;
+	if(key) gost_key(&(c->cctx),key);
+	if(iv) memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx));
+	memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx));
+	return 1;
+	}
+
+/* Initializes EVP_CIPHER_CTX with default values */
+int gost_cipher_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+	const unsigned char *iv, int enc)
+	{
+	return gost_cipher_init_param(ctx,key,iv,enc,NID_undef,EVP_CIPH_CFB_MODE);
+	}	
+/* Wrapper around gostcrypt function from gost89.c which perform
+ * key meshing when nesseccary 
+ */
+static void gost_crypt_mesh (void *ctx,unsigned char *iv,unsigned char *buf)
+	{
+	struct ossl_gost_cipher_ctx *c = ctx;
+	if (c->count&&c->key_meshing && c->count%1024==0)
+		{
+		cryptopro_key_meshing(&(c->cctx),iv);
+		}	
+	gostcrypt(&(c->cctx),iv,buf);
+	c->count+=8;
+	}
+
+static void gost_cnt_next (void *ctx, unsigned char *iv, unsigned char *buf)
+	{
+	struct ossl_gost_cipher_ctx *c = ctx;
+	word32 g,go;
+	unsigned char buf1[8];
+	if (c->count && c->key_meshing && c->count %1024 ==0)
+		{
+		cryptopro_key_meshing(&(c->cctx),iv);
+		}
+	if (c->count==0)
+		{
+		gostcrypt(&(c->cctx),iv,buf1);
+		}
+	else
+		{
+		memcpy(buf1,iv,8);
+		}	
+	g = buf1[0]|(buf1[1]<<8)|(buf1[2]<<16)|(buf1[3]<<24);
+	g += 0x01010101;
+	buf1[0]=(unsigned char)(g&0xff);
+	buf1[1]=(unsigned char)((g>>8)&0xff);
+	buf1[2]=(unsigned char)((g>>16)&0xff);
+	buf1[3]=(unsigned char)((g>>24)&0xff);
+	g = buf1[4]|(buf1[5]<<8)|(buf1[6]<<16)|(buf1[7]<<24);
+	go = g;
+	g += 0x01010104;
+	if (go > g)      /*  overflow*/
+		g++;
+	buf1[4]=(unsigned char)(g&0xff);
+	buf1[5]=(unsigned char)((g>>8)&0xff);
+	buf1[6]=(unsigned char)((g>>16)&0xff);
+	buf1[7]=(unsigned char)((g>>24)&0xff);
+	memcpy(iv,buf1,8);
+	gostcrypt(&(c->cctx),buf1,buf);
+	c->count +=8;
+	}
+
+/* GOST encryption in CFB mode */
+int	gost_cipher_do_cfb(EVP_CIPHER_CTX *ctx, unsigned char *out,
+	const unsigned char *in, size_t inl)
+	{
+	const unsigned char *in_ptr=in;
+	unsigned char *out_ptr=out;
+	size_t i=0;
+	size_t j=0;
+/* process partial block if any */
+	if (ctx->num) 
+		{
+		for (j=ctx->num,i=0;j<8 && i<inl;j++,i++,in_ptr++,out_ptr++) 
+			{
+			if (!ctx->encrypt) ctx->buf[j+8]=*in_ptr;
+			*out_ptr=ctx->buf[j]^(*in_ptr);
+			if (ctx->encrypt) ctx->buf[j+8]=*out_ptr;
+			}	
+		if (j==8)
+			{
+			memcpy(ctx->iv,ctx->buf+8,8);
+			ctx->num=0;
+			}
+		else
+			{
+			ctx->num=j;
+			return 1;
+			}	
+		}	
+
+	for (;i+8<inl;i+=8,in_ptr+=8,out_ptr+=8)
+		{
+		/*block cipher current iv */
+		gost_crypt_mesh(ctx->cipher_data,ctx->iv,ctx->buf);
+		/*xor next block of input text with it and output it*/
+		/*output this block */
+		if (!ctx->encrypt) memcpy(ctx->iv,in_ptr,8);
+		for (j=0;j<8;j++)
+			{
+			out_ptr[j]=ctx->buf[j]^in_ptr[j];
+			}	
+		/* Encrypt */
+		/* Next iv is next block of cipher text*/
+		if (ctx->encrypt) memcpy(ctx->iv,out_ptr,8);
+		}
+/* Process rest of buffer */
+	if (i<inl)
+		{
+		gost_crypt_mesh(ctx->cipher_data,ctx->iv,ctx->buf);
+		if (!ctx->encrypt) memcpy(ctx->buf+8,in_ptr,j);
+		for (j=0;i<inl;j++,i++)
+			{
+			out_ptr[j]=ctx->buf[j]^in_ptr[j];
+			}			
+		ctx->num = j;
+		if (ctx->encrypt) memcpy(ctx->buf+8,out_ptr,j);
+		}
+	else
+		{
+		ctx->num = 0;
+		}	
+	return 1;
+	}
+
+static int gost_cipher_do_cnt(EVP_CIPHER_CTX *ctx, unsigned char *out,
+	const unsigned char *in, size_t inl)
+	{
+	const unsigned char *in_ptr=in;
+	unsigned char *out_ptr=out;
+	size_t i=0;
+	size_t j;
+/* process partial block if any */
+	if (ctx->num) 
+		{
+		for (j=ctx->num,i=0;j<8 && i<inl;j++,i++,in_ptr++,out_ptr++) 
+			{
+			*out_ptr=ctx->buf[j]^(*in_ptr);
+			}	
+		if (j==8)
+			{
+			ctx->num=0;
+			}
+		else
+			{
+			ctx->num=j;
+			return 1;
+			}	
+		}	
+
+	for (;i+8<inl;i+=8,in_ptr+=8,out_ptr+=8)
+		{
+		/*block cipher current iv */
+		/* Encrypt */
+		gost_cnt_next(ctx->cipher_data,ctx->iv,ctx->buf);
+		/*xor next block of input text with it and output it*/
+		/*output this block */
+		for (j=0;j<8;j++)
+			{
+			out_ptr[j]=ctx->buf[j]^in_ptr[j];
+			}	
+		}
+/* Process rest of buffer */
+	if (i<inl)
+		{
+		gost_cnt_next(ctx->cipher_data,ctx->iv,ctx->buf);
+		for (j=0;i<inl;j++,i++)
+			{
+			out_ptr[j]=ctx->buf[j]^in_ptr[j];
+			}			
+		ctx->num = j;
+		}
+	else
+		{
+		ctx->num = 0;
+		}	
+	return 1;
+	}
+
+/* Cleaning up of EVP_CIPHER_CTX */
+int gost_cipher_cleanup(EVP_CIPHER_CTX *ctx) 
+	{
+	gost_destroy(&((struct ossl_gost_cipher_ctx *)ctx->cipher_data)->cctx);
+	ctx->app_data = NULL;
+	return 1;
+	}	
+
+/* Control function for gost cipher */
+int gost_cipher_ctl(EVP_CIPHER_CTX *ctx,int type,int arg,void *ptr)
+	{
+	switch (type)
+		{
+		case EVP_CTRL_RAND_KEY:
+		{
+		if (RAND_bytes((unsigned char *)ptr,ctx->key_len)<=0)
+			{
+			GOSTerr(GOST_F_GOST_CIPHER_CTL,GOST_R_RANDOM_GENERATOR_ERROR);
+			return -1;
+			}
+		break;
+		}
+		case EVP_CTRL_PBE_PRF_NID:
+			if (ptr) {
+				*((int *)ptr)=  NID_id_HMACGostR3411_94;
+				return 1;
+			} else {
+				return 0;
+			}	
+				
+		default:
+			GOSTerr(GOST_F_GOST_CIPHER_CTL,GOST_R_UNSUPPORTED_CIPHER_CTL_COMMAND);
+			return -1;
+		}
+	return 1;
+	}
+
+/* Set cipher parameters from ASN1 structure */
+int gost89_set_asn1_parameters(EVP_CIPHER_CTX *ctx,ASN1_TYPE *params)
+	{
+	int len=0;
+	unsigned char *buf=NULL;
+	unsigned char *p=NULL;
+	struct ossl_gost_cipher_ctx *c = ctx->cipher_data;
+	GOST_CIPHER_PARAMS *gcp = GOST_CIPHER_PARAMS_new();
+	ASN1_OCTET_STRING *os = NULL;
+	if (!gcp)
+		{
+		GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS, GOST_R_NO_MEMORY);
+		return 0;
+		}
+	if (!ASN1_OCTET_STRING_set(gcp->iv, ctx->iv, ctx->cipher->iv_len))
+		{
+		GOST_CIPHER_PARAMS_free(gcp);
+		GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS, GOST_R_NO_MEMORY);
+		return 0;
+		}
+	ASN1_OBJECT_free(gcp->enc_param_set);
+	gcp->enc_param_set = OBJ_nid2obj(c->paramNID);
+
+	len = i2d_GOST_CIPHER_PARAMS(gcp, NULL);
+	p = buf = (unsigned char*)OPENSSL_malloc(len);
+	if (!buf)
+		{
+		GOST_CIPHER_PARAMS_free(gcp);
+		GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS, GOST_R_NO_MEMORY);
+		return 0;
+		}
+	i2d_GOST_CIPHER_PARAMS(gcp, &p);
+	GOST_CIPHER_PARAMS_free(gcp);
+
+	os = ASN1_OCTET_STRING_new();
+
+	if(!os || !ASN1_OCTET_STRING_set(os, buf, len))
+		{
+		OPENSSL_free(buf);
+		GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS, GOST_R_NO_MEMORY);
+		return 0;
+		}
+	OPENSSL_free(buf);
+
+	ASN1_TYPE_set(params, V_ASN1_SEQUENCE, os);
+	return 1;
+	}
+
+/* Store parameters into ASN1 structure */
+int  gost89_get_asn1_parameters(EVP_CIPHER_CTX *ctx,ASN1_TYPE *params)
+	{
+	int ret = -1;
+	int len; 
+	GOST_CIPHER_PARAMS *gcp = NULL;
+	unsigned char *p = params->value.sequence->data;
+	struct ossl_gost_cipher_ctx *c=ctx->cipher_data;
+	if (ASN1_TYPE_get(params) != V_ASN1_SEQUENCE)
+		{
+		return ret;
+		}
+
+	gcp = d2i_GOST_CIPHER_PARAMS(NULL, (const unsigned char **)&p,
+		params->value.sequence->length);
+
+	len = gcp->iv->length;
+	if (len != ctx->cipher->iv_len)
+		{
+		GOST_CIPHER_PARAMS_free(gcp);
+		GOSTerr(GOST_F_GOST89_GET_ASN1_PARAMETERS,
+			GOST_R_INVALID_IV_LENGTH);
+		return -1;
+		}
+	if (!gost_cipher_set_param(c,OBJ_obj2nid(gcp->enc_param_set)))
+		{
+		GOST_CIPHER_PARAMS_free(gcp);
+		return -1;
+		}
+	memcpy(ctx->oiv, gcp->iv->data, len);
+
+	GOST_CIPHER_PARAMS_free(gcp);
+
+	return 1;
+	}
+
+
+int gost_imit_init_cpa(EVP_MD_CTX *ctx)
+	{
+	struct ossl_gost_imit_ctx *c = ctx->md_data;
+	memset(c->buffer,0,16);
+	c->count = 0;
+	c->bytes_left=0;
+	c->key_meshing=1;
+	gost_init(&(c->cctx),&Gost28147_CryptoProParamSetA);
+	return 1;
+	}
+
+static void mac_block_mesh(struct ossl_gost_imit_ctx *c,const unsigned char *data)
+	{
+	unsigned char buffer[8];
+	/* We are using local buffer for iv because CryptoPro doesn't 
+	 * interpret internal state of MAC algorithm as iv during keymeshing
+	 * (but does initialize internal state from iv in key transport
+	 */
+	if (c->key_meshing&& c->count && c->count %1024 ==0)
+		{
+		cryptopro_key_meshing(&(c->cctx),buffer);
+		}
+	mac_block(&(c->cctx),c->buffer,data);
+	c->count +=8;
+	}
+
+int gost_imit_update(EVP_MD_CTX *ctx, const void *data, size_t count)
+	{
+	struct ossl_gost_imit_ctx *c = ctx->md_data;
+	const unsigned char *p = data;
+	size_t bytes = count,i;
+	if (!(c->key_set)) {
+		GOSTerr(GOST_F_GOST_IMIT_UPDATE, GOST_R_MAC_KEY_NOT_SET);
+		return 0;
+	}
+	if (c->bytes_left)
+		{
+		for (i=c->bytes_left;i<8&&bytes>0;bytes--,i++,p++)
+			{
+			c->partial_block[i]=*p;
+			}
+		if (i==8)
+			{
+			mac_block_mesh(c,c->partial_block);
+			}
+		else
+			{
+			c->bytes_left = i;
+			return 1;
+			}		
+		}	
+	while (bytes>8)
+		{
+		mac_block_mesh(c,p);
+		p+=8;
+		bytes-=8;
+		}
+	if (bytes>0)
+		{
+		memcpy(c->partial_block,p,bytes);
+		}	
+	c->bytes_left=bytes;
+	return 1;
+	}
+
+int gost_imit_final(EVP_MD_CTX *ctx,unsigned char *md)
+	{
+	struct ossl_gost_imit_ctx *c = ctx->md_data;
+	if (!c->key_set) {
+		GOSTerr(GOST_F_GOST_IMIT_FINAL, GOST_R_MAC_KEY_NOT_SET);
+		return 0;
+	}
+	if (c->bytes_left)
+		{
+		int i;
+		for (i=c->bytes_left;i<8;i++)
+			{
+			c->partial_block[i]=0;
+			}
+		mac_block_mesh(c,c->partial_block);
+		}
+	get_mac(c->buffer,32,md);
+	return 1;
+	}
+
+int gost_imit_ctrl(EVP_MD_CTX *ctx,int type, int arg, void *ptr)
+	{
+	switch (type)
+		{
+		case EVP_MD_CTRL_KEY_LEN:
+			*((unsigned int*)(ptr)) = 32;
+			return 1;
+		case EVP_MD_CTRL_SET_KEY:
+		{
+		if (arg!=32) {
+			GOSTerr(GOST_F_GOST_IMIT_CTRL, GOST_R_INVALID_MAC_KEY_LENGTH);
+			return 0;
+		}
+
+		gost_key(&(((struct ossl_gost_imit_ctx*)(ctx->md_data))->cctx),ptr)	;
+		((struct ossl_gost_imit_ctx*)(ctx->md_data))->key_set = 1;
+		return 1;
+
+		}
+		default:
+			return 0;
+		}		
+	}
+
+int gost_imit_copy(EVP_MD_CTX *to,const EVP_MD_CTX *from)
+	{
+	memcpy(to->md_data,from->md_data,sizeof(struct ossl_gost_imit_ctx));
+	return 1;
+	}
+
+/* Clean up imit ctx */
+int gost_imit_cleanup(EVP_MD_CTX *ctx)
+	{
+	memset(ctx->md_data,0,sizeof(struct ossl_gost_imit_ctx));
+	return 1;
+	}
+
diff --git a/engines/ccgost/gost_ctl.c b/engines/ccgost/gost_ctl.c
new file mode 100644
index 0000000000..d3cd171818
--- /dev/null
+++ b/engines/ccgost/gost_ctl.c
@@ -0,0 +1,89 @@
+/**********************************************************************
+ *                        gost_ctl.c                                  *
+ *             Copyright (c) 2005-2006 Cryptocom LTD                  *
+ *       This file is distributed under the same license as OpenSSL   *
+ *                                                                    *
+ *        Implementation of control commands for GOST engine          *
+ *            OpenSSL 0.9.9 libraries required                        *
+ **********************************************************************/            
+#include <stdlib.h>
+#include <string.h>
+#include <openssl/crypto.h>
+#include <openssl/err.h>
+#include <openssl/engine.h>
+#include <openssl/buffer.h>
+#include "gost_lcl.h"
+
+static char *gost_params[GOST_PARAM_MAX+1]={NULL};
+static const char *gost_envnames[]={"CRYPT_PARAMS"};
+const ENGINE_CMD_DEFN gost_cmds[]=
+	{
+/*	{ GOST_CTRL_RNG,
+	"RNG",
+	"Type of random number generator to use",
+	ENGINE_CMD_FLAG_STRING
+	},
+	{ GOST_CTRL_RNG_PARAMS,
+	"RNG_PARAMS",
+	"Parameter for random number generator",
+	ENGINE_CMD_FLAG_STRING
+	},
+*/	  { GOST_CTRL_CRYPT_PARAMS,
+		"CRYPT_PARAMS",
+		"OID of default GOST 28147-89 parameters",
+		ENGINE_CMD_FLAG_STRING
+			},
+{0,NULL,NULL,0}
+	};
+
+void gost_param_free() 
+{
+	int i;
+	for (i=0;i<=GOST_PARAM_MAX;i++) 
+		if (gost_params[i]!=NULL) 
+			{
+			OPENSSL_free(gost_params[i]);
+			gost_params[i]=NULL;
+			}
+		
+}
+
+int gost_control_func(ENGINE *e,int cmd,long i, void *p, void (*f)(void))
+	{
+	int param = cmd-ENGINE_CMD_BASE;
+	int ret=0;
+	if (param <0 || param >GOST_PARAM_MAX) return -1;
+	ret=gost_set_default_param(param,p);
+	return ret;
+	}
+
+const char *get_gost_engine_param(int param) 
+	{
+	char *tmp;
+	if (param <0 || param >GOST_PARAM_MAX) return NULL;
+	if (gost_params[param]!=NULL) 
+		{
+		return gost_params[param];
+		}
+	tmp = getenv(gost_envnames[param]);
+	if (tmp) 
+		{
+		if (gost_params[param]) OPENSSL_free(gost_params[param]);
+		gost_params[param] = BUF_strdup(tmp);
+		return gost_params[param];
+		}	
+	return NULL;
+	}	
+
+int gost_set_default_param(int param, const char *value) 
+	{
+	const char *tmp;
+	if (param <0 || param >GOST_PARAM_MAX) return 0;
+	tmp = getenv(gost_envnames[param]);
+	/* if there is value in the environment, use it, else -passed string * */
+	if (!tmp) tmp=value;
+	if (gost_params[param]) OPENSSL_free(gost_params[param]);
+	gost_params[param] = BUF_strdup(tmp);
+
+	return 1;
+	}	
diff --git a/engines/ccgost/gost_eng.c b/engines/ccgost/gost_eng.c
new file mode 100644
index 0000000000..d2cbe3b831
--- /dev/null
+++ b/engines/ccgost/gost_eng.c
@@ -0,0 +1,273 @@
+/**********************************************************************
+ *                          gost_eng.c                                *
+ *             Copyright (c) 2005-2006 Cryptocom LTD                  *
+ *         This file is distributed under the same license as OpenSSL *
+ *                                                                    *
+ *              Main file of GOST engine                              *
+ *       for OpenSSL                                                  *
+ *          Requires OpenSSL 0.9.9 for compilation                    *
+ **********************************************************************/
+#include <string.h>
+#include <openssl/crypto.h>
+#include <openssl/err.h>
+#include <openssl/evp.h>
+#include <openssl/engine.h>
+#include <openssl/obj_mac.h>
+#include "e_gost_err.h"
+#include "gost_lcl.h"
+static const char *engine_gost_id = "gost";
+static const char *engine_gost_name = "Reference implementation of GOST engine";
+
+/* Symmetric cipher and digest function registrar */
+
+static int gost_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
+	const int **nids, int nid);
+
+static int gost_digests(ENGINE *e, const EVP_MD **digest,
+	const int **nids, int ind);
+
+static int gost_pkey_meths (ENGINE *e, EVP_PKEY_METHOD **pmeth,
+	const int **nids, int nid);
+
+static int gost_pkey_asn1_meths (ENGINE *e, EVP_PKEY_ASN1_METHOD **ameth,
+	const int **nids, int nid);
+
+static int gost_cipher_nids[] =
+    {NID_id_Gost28147_89, NID_gost89_cnt,0};
+
+static int gost_digest_nids[] =
+	{NID_id_GostR3411_94,NID_id_Gost28147_89_MAC, 0};
+
+static int gost_pkey_meth_nids[] = 
+	{NID_id_GostR3410_94,
+	 NID_id_GostR3410_2001, NID_id_Gost28147_89_MAC, 0};
+
+static EVP_PKEY_METHOD *pmeth_GostR3410_94 = NULL,
+	 *pmeth_GostR3410_2001 = NULL,
+	*pmeth_Gost28147_MAC = NULL;
+
+static EVP_PKEY_ASN1_METHOD *ameth_GostR3410_94 = NULL,
+	*ameth_GostR3410_2001 = NULL,
+	*ameth_Gost28147_MAC = NULL;
+
+
+static int gost_engine_init(ENGINE *e)
+	{ 
+	return 1;
+	}
+
+static int gost_engine_finish(ENGINE *e)
+	{ 
+	return 1;
+	}
+
+static int gost_engine_destroy(ENGINE *e)
+	{ 
+	gost_param_free();
+	return 1;
+	}
+
+static int bind_gost (ENGINE *e,const char *id) 
+	{
+	int ret = 0;
+	if (id && strcmp(id, engine_gost_id)) return 0;
+
+	if (!ENGINE_set_id(e, engine_gost_id)) 
+		{
+		printf("ENGINE_set_id failed\n"); 
+		goto end;
+		}	
+	if (!ENGINE_set_name(e, engine_gost_name)) 
+		{
+		printf("ENGINE_set_name failed\n");
+		goto end;
+		}	
+	if (!ENGINE_set_digests(e, gost_digests)) 
+		{
+		printf("ENGINE_set_digests failed\n");
+		goto end;
+		}	
+	if (! ENGINE_set_ciphers(e, gost_ciphers)) 
+		{
+		printf("ENGINE_set_ciphers failed\n");
+		goto end;
+		}	
+	if (! ENGINE_set_pkey_meths(e, gost_pkey_meths)) 
+		{
+		printf("ENGINE_set_pkey_meths failed\n");
+		goto end;
+		}	
+	if (! ENGINE_set_pkey_asn1_meths(e, gost_pkey_asn1_meths)) 
+		{
+		printf("ENGINE_set_pkey_asn1_meths failed\n");
+		goto end;
+		}	
+	/* Control function and commands */
+	if (!ENGINE_set_cmd_defns(e,gost_cmds)) 
+		{
+		fprintf(stderr,"ENGINE_set_cmd_defns failed\n");
+		goto end;
+		}	
+	if (!ENGINE_set_ctrl_function(e,gost_control_func)) 
+		{
+		fprintf(stderr,"ENGINE_set_ctrl_func failed\n");
+		goto end;
+		}	
+	if ( ! ENGINE_set_destroy_function(e, gost_engine_destroy)
+		|| ! ENGINE_set_init_function(e,gost_engine_init)
+		|| ! ENGINE_set_finish_function(e,gost_engine_finish))
+		{
+		goto end;
+		}
+
+	if (!register_ameth_gost(NID_id_GostR3410_94, &ameth_GostR3410_94, "GOST94", "GOST R 34.10-94")) goto end;
+	if (!register_ameth_gost(NID_id_GostR3410_2001, &ameth_GostR3410_2001, "GOST2001", "GOST R 34.10-2001")) goto end;
+	if (!register_ameth_gost(NID_id_Gost28147_89_MAC, &ameth_Gost28147_MAC,
+		"GOST-MAC", "GOST 28147-89 MAC")) goto end;
+
+	if (!register_pmeth_gost(NID_id_GostR3410_94, &pmeth_GostR3410_94, 0)) goto end;
+	if (!register_pmeth_gost(NID_id_GostR3410_2001, &pmeth_GostR3410_2001, 0)) goto end;
+	if (!register_pmeth_gost(NID_id_Gost28147_89_MAC, &pmeth_Gost28147_MAC, 0))
+		goto end;
+	if ( ! ENGINE_register_ciphers(e)
+		|| ! ENGINE_register_digests(e)
+		|| ! ENGINE_register_pkey_meths(e)
+		/* These two actually should go in LIST_ADD command */
+		|| ! EVP_add_cipher(&cipher_gost)
+		|| ! EVP_add_cipher(&cipher_gost_cpacnt)
+		|| ! EVP_add_digest(&digest_gost)
+		|| ! EVP_add_digest(&imit_gost_cpa)
+		)
+		{
+		goto end;
+		}
+
+	ERR_load_GOST_strings();
+	ret = 1;
+	end:
+	return ret;
+	}	
+
+#ifndef OPENSSL_NO_DYNAMIC_ENGINE
+IMPLEMENT_DYNAMIC_BIND_FN(bind_gost)
+IMPLEMENT_DYNAMIC_CHECK_FN()
+#endif  /* ndef OPENSSL_NO_DYNAMIC_ENGINE */
+
+static int gost_digests(ENGINE *e, const EVP_MD **digest,
+	const int **nids, int nid)
+	{ 
+	int ok =1 ;
+	if (!digest) 
+		{
+		*nids = gost_digest_nids;
+		return 2; 
+		}
+	/*printf("Digest no %d requested\n",nid);*/
+	if(nid == NID_id_GostR3411_94) 
+		{
+		*digest = &digest_gost;
+		}
+	else if (nid == NID_id_Gost28147_89_MAC) 
+		{
+		*digest = &imit_gost_cpa;
+		}
+	else
+		{
+		ok =0;
+		*digest = NULL;
+		}
+	return ok;
+	}	
+	
+static int gost_ciphers (ENGINE *e,const EVP_CIPHER **cipher,
+	const int **nids, int nid) 
+	{
+	int ok = 1;
+	if (!cipher) 
+		{
+		*nids = gost_cipher_nids;
+		return 2; /* two ciphers are supported */
+		}
+
+	if(nid == NID_id_Gost28147_89) 
+		{
+		*cipher = &cipher_gost;
+		}
+	else if  (nid == NID_gost89_cnt) 
+		{
+		*cipher = &cipher_gost_cpacnt;
+		}
+	else	
+		{
+		ok = 0;
+		*cipher = NULL;
+		}
+	return ok;
+	}	
+
+static int gost_pkey_meths (ENGINE *e, EVP_PKEY_METHOD **pmeth,
+	const int **nids, int nid)
+	{
+	if (!pmeth) 
+		{
+		*nids = gost_pkey_meth_nids;
+		return 3;
+		}
+
+	switch (nid) 
+		{
+		case NID_id_GostR3410_94: *pmeth = pmeth_GostR3410_94; return 1;
+		case NID_id_GostR3410_2001: *pmeth = pmeth_GostR3410_2001; return 1;
+		case NID_id_Gost28147_89_MAC: *pmeth = pmeth_Gost28147_MAC; return 1;
+		default:;
+		}
+	
+	*pmeth = NULL;
+	return 0;
+	}
+
+static int gost_pkey_asn1_meths (ENGINE *e, EVP_PKEY_ASN1_METHOD **ameth,
+	const int **nids, int nid)
+	{
+	if (!ameth) 
+		{
+		*nids = gost_pkey_meth_nids;
+		return 3;
+		}
+	switch (nid) 
+		{
+		case NID_id_GostR3410_94: *ameth = ameth_GostR3410_94; return 1;
+		case NID_id_GostR3410_2001: *ameth = ameth_GostR3410_2001; return 1;
+		case NID_id_Gost28147_89_MAC: *ameth = ameth_Gost28147_MAC; return 1;
+	
+		default:;
+		}
+	
+	*ameth = NULL;
+	return 0;
+	}
+
+#ifdef OPENSSL_NO_DYNAMIC_ENGINE
+static ENGINE *engine_gost(void)
+	{	
+	ENGINE *ret = ENGINE_new();
+	if (!ret)
+		return NULL;
+	if (!bind_gost(ret,engine_gost_id)) 
+		{
+		ENGINE_free(ret);
+		return NULL;
+		}
+	return ret;
+	}
+	
+void ENGINE_load_gost(void)
+	{
+	ENGINE *toadd =engine_gost();
+	if (!toadd) return;
+	ENGINE_add(toadd);
+	ENGINE_free(toadd);
+	ERR_clear_error();
+	}
+#endif	
+
diff --git a/engines/ccgost/gost_keywrap.c b/engines/ccgost/gost_keywrap.c
new file mode 100644
index 0000000000..c618f6da28
--- /dev/null
+++ b/engines/ccgost/gost_keywrap.c
@@ -0,0 +1,109 @@
+/**********************************************************************
+ *                          keywrap.c                                 *
+ *             Copyright (c) 2005-2006 Cryptocom LTD                  *
+ *         This file is distributed under the same license as OpenSSL *
+ *                                                                    *
+ * Implementation of CryptoPro key wrap algorithm, as defined in      *
+ *               RFC 4357 p 6.3 and 6.4                               *
+ *                  Doesn't need OpenSSL                              *
+ **********************************************************************/
+#include <string.h>
+#include "gost89.h"
+#include "gost_keywrap.h"
+
+/* Diversifies key using random UserKey Material
+ * Implements RFC 4357 p 6.5 key diversification algorithm 
+ * 
+ * inputKey - 32byte key to be diversified
+ * ukm - 8byte user key material
+ * outputKey - 32byte buffer to store diversified key 
+ *
+ */
+void keyDiversifyCryptoPro(gost_ctx *ctx,const unsigned char *inputKey, const unsigned char *ukm, unsigned char *outputKey)
+	{
+
+	u4 k,s1,s2;
+	int i,j,mask;
+	unsigned char S[8];
+	memcpy(outputKey,inputKey,32);
+	for (i=0;i<8;i++) 
+		{
+		/* Make array of integers from key */
+		/* Compute IV S*/
+		s1=0,s2=0;
+		for (j=0,mask=1;j<8;j++,mask<<=1) 
+			{
+			k=((u4)outputKey[4*j])|(outputKey[4*j+1]<<8)|
+				(outputKey[4*j+2]<<16)|(outputKey[4*j+3]<<24);
+			if (mask & ukm[i]) 
+				{
+				s1+=k;
+				}
+			else 
+				{
+				s2+=k;
+				}
+			}
+		S[0]=(unsigned char)(s1&0xff);
+		S[1]=(unsigned char)((s1>>8)&0xff);
+		S[2]=(unsigned char)((s1>>16)&0xff);
+		S[3]=(unsigned char)((s1>>24)&0xff); 
+		S[4]=(unsigned char)(s2&0xff);
+		S[5]=(unsigned char)((s2>>8)&0xff);
+		S[6]=(unsigned char)((s2>>16)&0xff);
+		S[7]=(unsigned char)((s2>>24)&0xff); 
+		gost_key(ctx,outputKey);
+		gost_enc_cfb(ctx,S,outputKey,outputKey,4);
+		}
+	}	
+	
+
+/*
+ * Wraps key using RFC 4357 6.3
+ * ctx - gost encryption context, initialized with some S-boxes 
+ * keyExchangeKey (KEK) 32-byte (256-bit) shared key
+ * ukm - 8 byte (64 bit) user key material, 
+ * sessionKey - 32-byte (256-bit) key to be wrapped
+ * wrappedKey - 44-byte buffer to store wrapped key
+ */ 
+
+int keyWrapCryptoPro(gost_ctx *ctx,const unsigned char *keyExchangeKey, const unsigned char *ukm,
+	const	unsigned char *sessionKey, unsigned char *wrappedKey) 
+	{
+	unsigned char kek_ukm[32];
+	keyDiversifyCryptoPro(ctx,keyExchangeKey,ukm,kek_ukm);
+	gost_key(ctx,kek_ukm);
+	memcpy(wrappedKey,ukm,8);
+	gost_enc(ctx,sessionKey,wrappedKey+8,4);
+	gost_mac_iv(ctx,32,ukm,sessionKey,32,wrappedKey+40);
+	return 1;
+	}
+/*
+ * Unwraps key using RFC 4357 6.4
+ * ctx - gost encryption context, initialized with some S-boxes 
+ * keyExchangeKey 32-byte shared key
+ * wrappedKey  44 byte key to be unwrapped (concatenation of 8-byte UKM,
+ * 32 byte  encrypted key and 4 byte MAC  
+ * 
+ * sessionKEy - 32byte buffer to store sessionKey in
+ * Returns 1 if key is decrypted successfully, and 0 if MAC doesn't match
+ */ 
+
+int keyUnwrapCryptoPro(gost_ctx *ctx,const unsigned char *keyExchangeKey,
+	const unsigned char *wrappedKey, unsigned char *sessionKey) 
+	{
+	unsigned char kek_ukm[32],cek_mac[4];
+	keyDiversifyCryptoPro(ctx,keyExchangeKey,wrappedKey 
+		/* First 8 bytes of wrapped Key is ukm */
+		,kek_ukm);
+	gost_key(ctx,kek_ukm);
+	gost_dec(ctx,wrappedKey+8,sessionKey,4);
+	gost_mac_iv(ctx,32,wrappedKey,sessionKey,32,cek_mac);
+	if (memcmp(cek_mac,wrappedKey+40,4)) 
+		{
+		return 0;
+		}		
+	return 1;		
+	}	
+
+
diff --git a/engines/ccgost/gost_keywrap.h b/engines/ccgost/gost_keywrap.h
new file mode 100644
index 0000000000..37c2a0f73d
--- /dev/null
+++ b/engines/ccgost/gost_keywrap.h
@@ -0,0 +1,56 @@
+/**********************************************************************
+ *                         gost_keywrap.h                             *
+ *             Copyright (c) 2005-2006 Cryptocom LTD                  *
+ *       This file is distributed under the same license as OpenSSL   *
+ *                                                                    *
+ * Implementation of CryptoPro key wrap algorithm, as defined in      *
+ * RFC 4357 p 6.3 and 6.4                                             *
+ * Doesn't need OpenSSL                                               *
+ **********************************************************************/
+#ifndef GOST_KEYWRAP_H
+#define GOST_KEYWRAP_H
+#include <string.h>
+#include "gost89.h"
+/* Diversifies key using random UserKey Material
+ * Implements RFC 4357 p 6.5 key diversification algorithm 
+ * 
+ * inputKey - 32byte key to be diversified
+ * ukm - 8byte user key material
+ * outputKey - 32byte buffer to store diversified key 
+ *
+ */
+void keyDiversifyCryptoPro(gost_ctx *ctx,
+	const unsigned char *inputKey, 
+	const unsigned char *ukm, 
+	unsigned char *outputKey);
+/*
+ * Wraps key using RFC 4357 6.3
+ * ctx - gost encryption context, initialized with some S-boxes 
+ * keyExchangeKey (KEK) 32-byte (256-bit) shared key
+ * ukm - 8 byte (64 bit) user key material, 
+ * sessionKey - 32-byte (256-bit) key to be wrapped
+ * wrappedKey - 44-byte buffer to store wrapped key
+ */ 
+
+int keyWrapCryptoPro(gost_ctx *ctx,
+	const unsigned char *keyExchangeKey, 
+	const unsigned char *ukm,
+	const	unsigned char *sessionKey, 
+	unsigned char *wrappedKey) ;
+/*
+ * Unwraps key using RFC 4357 6.4
+ * ctx - gost encryption context, initialized with some S-boxes 
+ * keyExchangeKey 32-byte shared key
+ * wrappedKey  44 byte key to be unwrapped (concatenation of 8-byte UKM,
+ * 32 byte  encrypted key and 4 byte MAC  
+ * 
+ * sessionKEy - 32byte buffer to store sessionKey in
+ * Returns 1 if key is decrypted successfully, and 0 if MAC doesn't match
+ */ 
+
+
+int keyUnwrapCryptoPro(gost_ctx *ctx,
+	const unsigned char *keyExchangeKey,
+	const unsigned char *wrappedKey, 
+	unsigned char *sessionKey) ;
+#endif
diff --git a/engines/ccgost/gost_lcl.h b/engines/ccgost/gost_lcl.h
new file mode 100644
index 0000000000..437a48cc86
--- /dev/null
+++ b/engines/ccgost/gost_lcl.h
@@ -0,0 +1,218 @@
+#ifndef GOST_TOOLS_H
+#define GOST_TOOLS_H
+/**********************************************************************
+ *                        gost_lcl.h                                  *
+ *             Copyright (c) 2006 Cryptocom LTD                       *
+ *       This file is distributed under the same license as OpenSSL   *
+ *                                                                    *
+ *         Internal declarations  used in GOST engine                *
+ *         OpenSSL 0.9.9 libraries required to compile and use        *
+ *                              this code                             *
+ **********************************************************************/ 
+#include <openssl/bn.h>
+#include <openssl/evp.h>
+#include <openssl/dsa.h>
+#include <openssl/asn1t.h>
+#include <openssl/x509.h>
+#include <openssl/engine.h>
+#include <openssl/ec.h>
+#include "gost89.h"
+#include "gosthash.h"
+/* Control commands */
+#define GOST_PARAM_CRYPT_PARAMS 0
+#define GOST_PARAM_MAX 0
+#define GOST_CTRL_CRYPT_PARAMS (ENGINE_CMD_BASE+GOST_PARAM_CRYPT_PARAMS)
+
+	extern const ENGINE_CMD_DEFN gost_cmds[];
+	int gost_control_func(ENGINE *e,int cmd, long i, void *p, void (*f)(void));
+	const char *get_gost_engine_param(int param);	
+	int gost_set_default_param(int param, const char *value); 
+	void gost_param_free(void);
+
+/* method registration */
+
+	int register_ameth_gost (int nid, EVP_PKEY_ASN1_METHOD **ameth, const char* pemstr, const char* info);
+	int register_pmeth_gost (int id, EVP_PKEY_METHOD **pmeth, int flags);
+
+/* Gost-specific pmeth control-function parameters */
+/* For GOST R34.10 parameters */
+#define param_ctrl_string "paramset"
+#define EVP_PKEY_CTRL_GOST_PARAMSET (EVP_PKEY_ALG_CTRL+1)
+/* For GOST 28147 MAC */
+#define key_ctrl_string "key"
+#define hexkey_ctrl_string "hexkey"
+#define EVP_PKEY_CTRL_GOST_MAC_HEXKEY (EVP_PKEY_ALG_CTRL+3)
+/* Pmeth internal representation */
+	struct gost_pmeth_data {
+   	    int sign_param_nid; /* Should be set whenever parameters are filled */
+		EVP_MD *md;
+		unsigned char *shared_ukm;
+		int peer_key_used;
+	};
+
+	struct gost_mac_pmeth_data {
+		int key_set;
+		EVP_MD *md;
+		unsigned char key[32];
+	}	;
+/* GOST-specific ASN1 structures */
+
+
+typedef struct {
+	ASN1_OCTET_STRING *encrypted_key;
+	ASN1_OCTET_STRING *imit;
+} GOST_KEY_INFO;
+
+DECLARE_ASN1_FUNCTIONS(GOST_KEY_INFO)
+
+typedef struct {
+	ASN1_OBJECT *cipher;
+	X509_PUBKEY *ephem_key;
+	ASN1_OCTET_STRING *eph_iv;
+} GOST_KEY_AGREEMENT_INFO;
+
+DECLARE_ASN1_FUNCTIONS(GOST_KEY_AGREEMENT_INFO)
+	
+typedef struct {
+	GOST_KEY_INFO *key_info;
+	GOST_KEY_AGREEMENT_INFO *key_agreement_info;
+} GOST_KEY_TRANSPORT;
+
+DECLARE_ASN1_FUNCTIONS(GOST_KEY_TRANSPORT)
+
+typedef struct { /* FIXME incomplete */
+	GOST_KEY_TRANSPORT *gkt;
+} GOST_CLIENT_KEY_EXCHANGE_PARAMS;
+
+/* Hacks to shorten symbols to 31 characters or less, or OpenVMS.
+   This mimics what's done in symhacks.h, but since this is a very
+   local header file, I prefered to put this hack directly here.
+   -- Richard Levitte */
+#ifdef OPENSSL_SYS_VMS
+#undef GOST_CLIENT_KEY_EXCHANGE_PARAMS_it
+#define GOST_CLIENT_KEY_EXCHANGE_PARAMS_it	GOST_CLIENT_KEY_EXC_PARAMS_it
+#undef GOST_CLIENT_KEY_EXCHANGE_PARAMS_new
+#define GOST_CLIENT_KEY_EXCHANGE_PARAMS_new	GOST_CLIENT_KEY_EXC_PARAMS_new
+#undef GOST_CLIENT_KEY_EXCHANGE_PARAMS_free
+#define GOST_CLIENT_KEY_EXCHANGE_PARAMS_free	GOST_CLIENT_KEY_EXC_PARAMS_free
+#undef d2i_GOST_CLIENT_KEY_EXCHANGE_PARAMS
+#define d2i_GOST_CLIENT_KEY_EXCHANGE_PARAMS	d2i_GOST_CLIENT_KEY_EXC_PARAMS
+#undef i2d_GOST_CLIENT_KEY_EXCHANGE_PARAMS
+#define i2d_GOST_CLIENT_KEY_EXCHANGE_PARAMS	i2d_GOST_CLIENT_KEY_EXC_PARAMS
+#endif /* End of hack */
+DECLARE_ASN1_FUNCTIONS(GOST_CLIENT_KEY_EXCHANGE_PARAMS)
+typedef struct {
+	ASN1_OBJECT *key_params;
+	ASN1_OBJECT *hash_params;
+	ASN1_OBJECT *cipher_params;
+} GOST_KEY_PARAMS;
+
+DECLARE_ASN1_FUNCTIONS(GOST_KEY_PARAMS)
+
+typedef struct {
+	ASN1_OCTET_STRING *iv;
+	ASN1_OBJECT *enc_param_set;
+} GOST_CIPHER_PARAMS; 
+
+DECLARE_ASN1_FUNCTIONS(GOST_CIPHER_PARAMS)
+/*============== Message digest  and cipher related structures  ==========*/
+	 /* Structure used as EVP_MD_CTX-md_data. 
+	  * It allows to avoid storing in the md-data pointers to
+	  * dynamically allocated memory.
+	  *
+	  * I cannot invent better way to avoid memory leaks, because
+	  * openssl insist on invoking Init on Final-ed digests, and there
+	  * is no reliable way to find out whether pointer in the passed
+	  * md_data is valid or not.
+	  * */
+struct ossl_gost_digest_ctx {
+	gost_hash_ctx dctx;
+	gost_ctx cctx;
+};	
+/* EVP_MD structure for GOST R 34.11 */
+extern EVP_MD digest_gost;
+/* EVP_MD structure for GOST 28147 in MAC mode */
+extern EVP_MD imit_gost_cpa;
+/* Cipher context used for EVP_CIPHER operation */
+struct ossl_gost_cipher_ctx {
+	int paramNID;
+	off_t count;
+	int key_meshing;
+	gost_ctx cctx;
+};	
+/* Structure to map parameter NID to S-block */
+struct gost_cipher_info {
+	int nid;
+	gost_subst_block *sblock;
+	int key_meshing;
+};
+/* Context for MAC */
+struct ossl_gost_imit_ctx {
+	gost_ctx cctx;
+	unsigned char buffer[8];
+	unsigned char partial_block[8];
+	off_t count;
+	int key_meshing;
+	int bytes_left;
+	int key_set;
+};	
+/* Table which maps parameter NID to S-blocks */
+extern struct gost_cipher_info gost_cipher_list[];
+/* Find encryption params from ASN1_OBJECT */
+const struct gost_cipher_info *get_encryption_params(ASN1_OBJECT *obj);
+/* Implementation of GOST 28147-89 cipher in CFB and CNT modes */
+extern EVP_CIPHER cipher_gost;
+extern EVP_CIPHER cipher_gost_cpacnt;
+#define EVP_MD_CTRL_KEY_LEN (EVP_MD_CTRL_ALG_CTRL+3)
+#define EVP_MD_CTRL_SET_KEY (EVP_MD_CTRL_ALG_CTRL+4)
+/* EVP_PKEY_METHOD key encryption callbacks */
+/* From gost94_keyx.c */
+int pkey_GOST94cp_encrypt(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, const unsigned char* key, size_t key_len );
+
+int pkey_GOST94cp_decrypt(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, const unsigned char* in, size_t in_len );
+/* From gost2001_keyx.c */
+int pkey_GOST01cp_encrypt(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, const unsigned char* key, size_t key_len );
+
+int pkey_GOST01cp_decrypt(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, const unsigned char* in, size_t in_len );
+/* derive functions */
+/* From gost2001_keyx.c */
+int pkey_gost2001_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);
+/* From gost94_keyx.c */
+int pkey_gost94_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);
+/* Internal functions for signature algorithms */
+int fill_GOST94_params(DSA *dsa,int nid);
+int fill_GOST2001_params(EC_KEY *eckey, int nid);
+int gost_sign_keygen(DSA *dsa) ;
+int gost2001_keygen(EC_KEY *ec) ;
+
+DSA_SIG *gost_do_sign(const unsigned char *dgst,int dlen, DSA *dsa) ;
+DSA_SIG *gost2001_do_sign(const unsigned char *dgst,int dlen, EC_KEY *eckey);
+
+int gost_do_verify(const unsigned char *dgst, int dgst_len,
+		DSA_SIG *sig, DSA *dsa) ;
+int gost2001_do_verify(const unsigned char *dgst,int dgst_len,
+			DSA_SIG *sig, EC_KEY *ec);
+int gost2001_compute_public(EC_KEY *ec) ;
+int gost94_compute_public(DSA *dsa) ;
+/*============== miscellaneous functions============================= */
+/* from gost_sign.c */
+/* Convert GOST R 34.11 hash sum to bignum according to standard */
+BIGNUM *hashsum2bn(const unsigned char *dgst) ;
+/* Store bignum in byte array of given length, prepending by zeros
+ * if nesseccary */
+int store_bignum(BIGNUM *bn, unsigned char *buf,int len);
+/* Read bignum, which can have few MSB all-zeros    from buffer*/ 
+BIGNUM *getbnfrombuf(const unsigned char *buf,size_t len);
+/* Pack GOST R 34.10 signature according to CryptoPro rules */
+int pack_sign_cp(DSA_SIG *s,int order,unsigned char *sig, size_t *siglen); 
+/* Unpack GOST R 34.10 signature according to CryptoPro rules */
+DSA_SIG *unpack_cp_signature(const unsigned char *sig,size_t siglen) ;
+/* from ameth.c */
+/* Get private key as BIGNUM from both R 34.10-94 and R 34.10-2001  keys*/
+/* Returns pointer into EVP_PKEY structure */
+BIGNUM* gost_get0_priv_key(const EVP_PKEY *pkey) ;
+/* Find NID by GOST 94 parameters */
+int gost94_nid_by_params(DSA *p) ;
+
+
+#endif
diff --git a/engines/ccgost/gost_md.c b/engines/ccgost/gost_md.c
new file mode 100644
index 0000000000..417e10887b
--- /dev/null
+++ b/engines/ccgost/gost_md.c
@@ -0,0 +1,75 @@
+/**********************************************************************
+ *                          md_gost.c                                 *
+ *             Copyright (c) 2005-2006 Cryptocom LTD                  *
+ *         This file is distributed under the same license as OpenSSL *
+ *                                                                    *
+ *       OpenSSL interface to GOST R 34.11-94 hash functions          *
+ *          Requires OpenSSL 0.9.9 for compilation                    *
+ **********************************************************************/
+#include <string.h>
+#include "gost_lcl.h"
+#include "gosthash.h"
+#include "e_gost_err.h"
+
+/* implementation of GOST 34.11 hash function See gost_md.c*/
+static int gost_digest_init(EVP_MD_CTX *ctx);
+static int gost_digest_update(EVP_MD_CTX *ctx, const void *data, size_t count);
+static int gost_digest_final(EVP_MD_CTX *ctx,unsigned char *md);
+static int gost_digest_copy(EVP_MD_CTX *to,const EVP_MD_CTX *from);
+static int gost_digest_cleanup(EVP_MD_CTX *ctx);
+
+EVP_MD digest_gost=  
+	{
+	NID_id_GostR3411_94,
+	NID_undef,
+	32,
+	EVP_MD_FLAG_PKEY_METHOD_SIGNATURE,
+	gost_digest_init,
+	gost_digest_update,
+	gost_digest_final,
+	gost_digest_copy,
+	gost_digest_cleanup,
+	NULL,
+	NULL,
+	{NID_undef,NID_undef,0,0,0},
+	32,
+	sizeof(struct ossl_gost_digest_ctx ),
+	NULL
+	};
+
+int gost_digest_init(EVP_MD_CTX *ctx) 
+	{
+	struct ossl_gost_digest_ctx *c = ctx->md_data;
+	memset(&(c->dctx),0,sizeof(gost_hash_ctx));
+	gost_init(&(c->cctx),&GostR3411_94_CryptoProParamSet);
+	c->dctx.cipher_ctx= &(c->cctx);
+	return 1;
+	}
+
+int gost_digest_update(EVP_MD_CTX *ctx,const void *data,size_t count) 
+	{
+	return hash_block((gost_hash_ctx *)ctx->md_data,data,count);	
+	}
+
+int gost_digest_final(EVP_MD_CTX *ctx,unsigned char *md)
+	{
+	return finish_hash((gost_hash_ctx *)ctx->md_data,md);
+	
+	}
+
+int gost_digest_copy(EVP_MD_CTX *to,const EVP_MD_CTX *from) 
+	{
+	struct ossl_gost_digest_ctx *md_ctx=to->md_data;
+	if (to->md_data && from->md_data) {
+		memcpy(to->md_data,from->md_data,sizeof(struct ossl_gost_digest_ctx));
+		md_ctx->dctx.cipher_ctx=&(md_ctx->cctx);
+	}
+	return 1;
+	}		
+
+int gost_digest_cleanup(EVP_MD_CTX *ctx) 
+	{
+	if (ctx->md_data)
+	memset(ctx->md_data,0,sizeof(struct ossl_gost_digest_ctx));
+	return 1;
+	}	
diff --git a/engines/ccgost/gost_params.c b/engines/ccgost/gost_params.c
new file mode 100644
index 0000000000..40fc343af1
--- /dev/null
+++ b/engines/ccgost/gost_params.c
@@ -0,0 +1,198 @@
+/**********************************************************************
+ *                        params.c                                    *
+ *             Copyright (c) 2005-2006 Cryptocom LTD                  *
+ *         This file is distributed under the same license as OpenSSL *
+ *                                                                    *
+ * Definitions of GOST R 34.10 parameter sets, defined in RFC 4357    *
+ *         OpenSSL 0.9.9 libraries required to compile and use        *
+ *                              this code                             *
+ **********************************************************************/ 
+#include "gost_params.h"
+#include <openssl/objects.h>
+/* Parameters of GOST 34.10 */
+
+R3410_params R3410_paramset[]={
+/* Paramset A */
+{NID_id_GostR3410_94_CryptoPro_A_ParamSet,
+"100997906755055304772081815535925224869"
+"8410825720534578748235158755771479905292727772441528526992987964833"
+"5669968284202797289605274717317548059048560713474685214192868091256"
+"1502802222185647539190902656116367847270145019066794290930185446216"
+"3997308722217328898303231940973554032134009725883228768509467406639"
+"62",
+"127021248288932417465907042777176443525"
+"7876535089165358128175072657050312609850984974231883334834011809259"
+"9999512098893413065920561499672425412104927434935707492031276956145"
+"1689224110579311248812610229678534638401693520013288995000362260684"
+"2227508135323070045173416336850045410625869714168836867788425378203"
+"83",
+"683631961449557007844441656118272528951"
+"02170888761442055095051287550314083023"},
+{NID_id_GostR3410_94_CryptoPro_B_ParamSet,
+"429418261486158041438734477379555023926"
+"7234596860714306679811299408947123142002706038521669956384871995765"
+"7284814898909770759462613437669456364882730370838934791080835932647"
+"9767786019153434744009610342313166725786869204821949328786333602033"
+"8479709268434224762105576023501613261478065276102850944540333865234"
+"1",
+"139454871199115825601409655107690713107"
+"0417070599280317977580014543757653577229840941243685222882398330391"
+"1468164807668823692122073732267216074074777170091113455043205380464"
+"7694904686120113087816240740184800477047157336662926249423571248823"
+"9685422217536601433914856808405203368594584948031873412885804895251"
+"63",
+"79885141663410976897627118935756323747307951916507639758300472692338873533959"
+},
+{NID_id_GostR3410_94_CryptoPro_C_ParamSet,
+"816552717970881016017893191415300348226"
+"2544051353358162468249467681876621283478212884286545844013955142622"
+"2087723485023722868022275009502224827866201744494021697716482008353"
+"6398202298024892620480898699335508064332313529725332208819456895108"
+"5155178100221003459370588291073071186553005962149936840737128710832"
+"3",
+"110624679233511963040518952417017040248"
+"5862954819831383774196396298584395948970608956170224210628525560327"
+"8638246716655439297654402921844747893079518669992827880792192992701"
+"1428546551433875806377110443534293554066712653034996277099320715774"
+"3542287621283671843703709141350171945045805050291770503634517804938"
+"01",
+"113468861199819350564868233378875198043"
+"267947776488510997961231672532899549103"
+},
+{NID_id_GostR3410_94_CryptoPro_D_ParamSet,
+"756976611021707301782128757801610628085"
+"5283803109571158829574281419208532589041660017017859858216341400371"
+"4687551412794400562878935266630754392677014598582103365983119173924"
+"4732511225464712252386803315902707727668715343476086350472025298282"
+"7271461690125050616858238384366331089777463541013033926723743254833"
+"7",
+"905457649621929965904290958774625315611"
+"3056083907389766971404812524422262512556054474620855996091570786713"
+"5849550236741915584185990627801066465809510095784713989819413820871"
+"5964648914493053407920737078890520482730623038837767710173664838239"
+"8574828787891286471201460474326612697849693665518073864436497893214"
+"9",
+"108988435796353506912374591498972192620"
+"190487557619582334771735390599299211593"
+},
+
+{NID_id_GostR3410_94_CryptoPro_XchA_ParamSet,
+"1335318132727206734338595199483190012179423759678474868994823595993"
+"6964252873471246159040332773182141032801252925387191478859899310331"
+"0567744136196364803064721377826656898686468463277710150809401182608"
+"7702016153249904683329312949209127762411378780302243557466062839716"
+"59376426832674269780880061631528163475887",
+"14201174159756348119636828602231808974327613839524373876287257344192"
+"74593935127189736311660784676003608489466235676257952827747192122419"
+"29071046134208380636394084512691828894000571524625445295769349356752"
+"72895683154177544176313938445719175509684710784659566254794231229333"
+"8483924514339614727760681880609734239",
+"91771529896554605945588149018382750217296858393520724172743325725474"
+"374979801"
+},
+{NID_id_GostR3410_94_CryptoPro_XchB_ParamSet,
+"8890864727828423151699995801875757891031463338652579140051973659"
+"3048131440685857067369829407947744496306656291505503608252399443"
+"7900272386749145996230867832228661977543992816745254823298629859"
+"8753575466286051738837854736167685769017780335804511440773337196"
+"2538423532919394477873664752824509986617878992443177",
+"1028946126624994859676552074360530315217970499989304888248413244"
+"8474923022758470167998871003604670704877377286176171227694098633"
+"1539089568784129110109512690503345393869871295783467257264868341"
+"7200196629860561193666752429682367397084815179752036423595736533"
+"68957392061769855284593965042530895046088067160269433",
+"9109671391802626916582318050603555673628769498182593088388796888"
+"5281641595199"
+},
+{NID_id_GostR3410_94_CryptoPro_XchC_ParamSet,
+"4430618464297584182473135030809859326863990650118941756995270074"
+"8609973181426950235239623239110557450826919295792878938752101867"
+"7047181623251027516953100431855964837602657827828194249605561893"
+"6965865325513137194483136247773653468410118796740709840825496997"
+"9375560722345106704721086025979309968763193072908334",
+"1246996366993477513607147265794064436203408861395055989217248455"
+"7299870737698999651480662364723992859320868822848751165438350943"
+"3276647222625940615560580450040947211826027729977563540237169063"
+"0448079715771649447778447000597419032457722226253269698374446528"
+"35352729304393746106576383349151001715930924115499549",
+"6787876137336591234380295020065682527118129468050147943114675429"
+"4748422492761"
+},
+
+
+{NID_undef,NULL, NULL, NULL}
+};
+	
+R3410_2001_params R3410_2001_paramset[]={
+	/* default_cc_sign01_param 1.2.643.2.9.1.8.1 */
+	{NID_id_GostR3410_2001_ParamSet_cc,
+	/* A */	
+	"C0000000000000000000000000000000000000000000000000000000000003c4",
+	/* B */
+	"2d06B4265ebc749ff7d0f1f1f88232e81632e9088fd44b7787d5e407e955080c",
+	/* P */
+	"C0000000000000000000000000000000000000000000000000000000000003C7",
+	/* Q */
+	"5fffffffffffffffffffffffffffffff606117a2f4bde428b7458a54b6e87b85",
+	/* X */
+	"2",
+	/* Y */
+	"a20e034bf8813ef5c18d01105e726a17eb248b264ae9706f440bedc8ccb6b22c"
+	},
+	/* 1.2.643.2.2.35.0 */
+	{NID_id_GostR3410_2001_TestParamSet,
+	"7",
+	"5FBFF498AA938CE739B8E022FBAFEF40563F6E6A3472FC2A514C0CE9DAE23B7E",
+	"8000000000000000000000000000000000000000000000000000000000000431",
+	"8000000000000000000000000000000150FE8A1892976154C59CFC193ACCF5B3",
+	"2",
+	"08E2A8A0E65147D4BD6316030E16D19C85C97F0A9CA267122B96ABBCEA7E8FC8"
+	},
+	/*1.2.643.2.2.35.1*/
+	{NID_id_GostR3410_2001_CryptoPro_A_ParamSet,
+	"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFD94",
+	"a6",
+	"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFD97",
+	"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF6C611070995AD10045841B09B761B893",
+	"1",
+	"8D91E471E0989CDA27DF505A453F2B7635294F2DDF23E3B122ACC99C9E9F1E14"
+	},
+	/*1.2.643.2.2.35.2*/
+	{NID_id_GostR3410_2001_CryptoPro_B_ParamSet,	
+	"8000000000000000000000000000000000000000000000000000000000000C96",
+	"3E1AF419A269A5F866A7D3C25C3DF80AE979259373FF2B182F49D4CE7E1BBC8B",
+	"8000000000000000000000000000000000000000000000000000000000000C99",
+	"800000000000000000000000000000015F700CFFF1A624E5E497161BCC8A198F",
+	"1",	
+	"3FA8124359F96680B83D1C3EB2C070E5C545C9858D03ECFB744BF8D717717EFC"
+	},
+	/*1.2.643.2.2.35.3*/
+	{NID_id_GostR3410_2001_CryptoPro_C_ParamSet,
+	"9B9F605F5A858107AB1EC85E6B41C8AACF846E86789051D37998F7B9022D7598",
+	"805a",
+	"9B9F605F5A858107AB1EC85E6B41C8AACF846E86789051D37998F7B9022D759B",
+	"9B9F605F5A858107AB1EC85E6B41C8AA582CA3511EDDFB74F02F3A6598980BB9",
+	"0",
+	"41ECE55743711A8C3CBF3783CD08C0EE4D4DC440D4641A8F366E550DFDB3BB67"
+	},
+	/*1.2.643.2.2.36.0*/
+	{NID_id_GostR3410_2001_CryptoPro_XchA_ParamSet,
+	"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFD94",
+	"a6",
+	"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFD97",
+	"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF6C611070995AD10045841B09B761B893",
+	"1",
+	"8D91E471E0989CDA27DF505A453F2B7635294F2DDF23E3B122ACC99C9E9F1E14"
+	},
+	/*1.2.643.2.2.36.1*/
+	{NID_id_GostR3410_2001_CryptoPro_XchB_ParamSet,
+	"9B9F605F5A858107AB1EC85E6B41C8AACF846E86789051D37998F7B9022D7598",
+	"805a",
+	"9B9F605F5A858107AB1EC85E6B41C8AACF846E86789051D37998F7B9022D759B",
+	"9B9F605F5A858107AB1EC85E6B41C8AA582CA3511EDDFB74F02F3A6598980BB9",
+	"0",
+	"41ECE55743711A8C3CBF3783CD08C0EE4D4DC440D4641A8F366E550DFDB3BB67"
+	},
+	{ 0,NULL,NULL,NULL,NULL,NULL,NULL
+	}
+};
diff --git a/engines/ccgost/gost_params.h b/engines/ccgost/gost_params.h
new file mode 100644
index 0000000000..4c3f5567d7
--- /dev/null
+++ b/engines/ccgost/gost_params.h
@@ -0,0 +1,34 @@
+/**********************************************************************
+ *                        gost_params.h                               *
+ *             Copyright (c) 2005-2006 Cryptocom LTD                  *
+ *       This file is distributed under the same license as OpenSSL   *
+ *                                                                    *
+ *       Declaration of structures used to represent  GOST R 34.10    *
+ * 	               parameter sets, defined in RFC 4357                *
+ *         OpenSSL 0.9.9 libraries required to compile and use        *
+ *                              this code                             *
+ **********************************************************************/ 
+#ifndef GOST_PARAMSET_H
+#define GOST_PARAMSET_H
+typedef struct R3410 {
+		int nid;
+		char *a;
+		char *p;
+		char *q;
+} R3410_params;
+
+extern R3410_params R3410_paramset[];
+
+typedef struct R3410_2001 {
+		int nid;
+		char *a;
+		char *b;
+		char *p;
+		char *q;
+		char *x;
+		char *y;
+} R3410_2001_params;
+
+extern R3410_2001_params R3410_2001_paramset[];
+
+#endif
diff --git a/engines/ccgost/gost_pmeth.c b/engines/ccgost/gost_pmeth.c
new file mode 100644
index 0000000000..caaea99d36
--- /dev/null
+++ b/engines/ccgost/gost_pmeth.c
@@ -0,0 +1,621 @@
+/**********************************************************************
+ *                          gost_pmeth.c                              *
+ *             Copyright (c) 2005-2006 Cryptocom LTD                  *
+ *         This file is distributed under the same license as OpenSSL *
+ *                                                                    *
+ *   Implementation of RFC 4357 (GOST R 34.10) Publick key method     *
+ *       for OpenSSL                                                  *
+ *          Requires OpenSSL 0.9.9 for compilation                    *
+ **********************************************************************/
+#include <openssl/evp.h>
+#include <openssl/objects.h>
+#include <openssl/ec.h>
+#include <openssl/x509v3.h> /*For string_to_hex */
+#include <stdlib.h>
+#include <string.h>
+#include <ctype.h>
+#include "gost_params.h"
+#include "gost_lcl.h"
+#include "e_gost_err.h"
+/*-------init, cleanup, copy - uniform for all algs  ---------------*/
+/* Allocates new gost_pmeth_data structure and assigns it as data */
+static int pkey_gost_init(EVP_PKEY_CTX *ctx)
+	{
+	struct gost_pmeth_data *data;
+	EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(ctx);
+	data = OPENSSL_malloc(sizeof(struct gost_pmeth_data));
+	if (!data) return 0;
+	memset(data,0,sizeof(struct gost_pmeth_data));
+	if (pkey && EVP_PKEY_get0(pkey)) 
+		{
+		switch (EVP_PKEY_base_id(pkey)) {
+		case NID_id_GostR3410_94:
+		  data->sign_param_nid = gost94_nid_by_params(EVP_PKEY_get0(pkey));
+		  break;
+		case NID_id_GostR3410_2001:
+		   data->sign_param_nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(EVP_PKEY_get0((EVP_PKEY *)pkey)));
+		break;
+		default:
+			return 0;
+		}	  
+		}
+	EVP_PKEY_CTX_set_data(ctx,data);
+	return 1;
+	}
+
+/* Copies contents of gost_pmeth_data structure */
+static int pkey_gost_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
+	{
+	struct gost_pmeth_data *dst_data,*src_data;
+	if (!pkey_gost_init(dst))
+		{
+		return 0;
+		}
+	src_data = EVP_PKEY_CTX_get_data(src);
+	dst_data = EVP_PKEY_CTX_get_data(dst);
+	*dst_data = *src_data;
+	if (src_data -> shared_ukm) {
+		dst_data->shared_ukm=NULL;
+	}	
+	return 1;
+	}
+
+/* Frees up gost_pmeth_data structure */
+static void pkey_gost_cleanup (EVP_PKEY_CTX *ctx)
+	{
+	struct gost_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx);
+	if (data->shared_ukm) OPENSSL_free(data->shared_ukm);
+	OPENSSL_free(data);
+	}	
+
+/* --------------------- control functions  ------------------------------*/
+static int pkey_gost_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
+	{
+	struct gost_pmeth_data *pctx = (struct gost_pmeth_data*)EVP_PKEY_CTX_get_data(ctx);
+	switch (type)
+		{
+		case EVP_PKEY_CTRL_MD:
+		{
+		if (EVP_MD_type((const EVP_MD *)p2) != NID_id_GostR3411_94)
+			{
+			GOSTerr(GOST_F_PKEY_GOST_CTRL, GOST_R_INVALID_DIGEST_TYPE);
+			return 0;
+			}
+		pctx->md = (EVP_MD *)p2;
+		return 1;
+		}
+		break;
+
+		case EVP_PKEY_CTRL_PKCS7_ENCRYPT:
+		case EVP_PKEY_CTRL_PKCS7_DECRYPT:
+		case EVP_PKEY_CTRL_PKCS7_SIGN:
+			return 1;
+
+		case EVP_PKEY_CTRL_GOST_PARAMSET:
+			pctx->sign_param_nid = (int)p1;
+			return 1;
+		case EVP_PKEY_CTRL_SET_IV:
+			pctx->shared_ukm=OPENSSL_malloc((int)p1);
+			memcpy(pctx->shared_ukm,p2,(int) p1);
+			return 1;
+		case EVP_PKEY_CTRL_PEER_KEY:
+			if (p1 == 0 || p1 == 1) /* call from EVP_PKEY_derive_set_peer */
+				return 1;
+			if (p1 == 2)		/* TLS: peer key used? */
+				return pctx->peer_key_used;
+			if (p1 == 3)		/* TLS: peer key used! */
+				return (pctx->peer_key_used = 1);
+			return -2;
+		}
+	return -2;
+	}
+
+
+static int pkey_gost_ctrl94_str(EVP_PKEY_CTX *ctx,
+	const char *type, const char *value)
+	{
+	int param_nid=0;
+	if(!strcmp(type, param_ctrl_string))
+		{
+		if (!value)
+			{
+			return 0;
+			}
+		if (strlen(value) == 1)
+			{
+			switch(toupper(value[0]))
+				{
+				case 'A':
+					param_nid = NID_id_GostR3410_94_CryptoPro_A_ParamSet;
+					break;
+				case 'B':
+					param_nid = NID_id_GostR3410_94_CryptoPro_B_ParamSet;
+					break;
+				case 'C':
+					param_nid = NID_id_GostR3410_94_CryptoPro_C_ParamSet;
+					break;
+				case 'D':
+					param_nid = NID_id_GostR3410_94_CryptoPro_D_ParamSet;
+					break;
+				default:
+					return 0;
+					break;
+				}
+			}
+		else if ((strlen(value) == 2) && (toupper(value[0]) == 'X'))
+			{
+			switch (toupper(value[1]))
+				{
+				case 'A':
+					param_nid = NID_id_GostR3410_94_CryptoPro_XchA_ParamSet;
+					break;
+				case 'B':
+					param_nid = NID_id_GostR3410_94_CryptoPro_XchB_ParamSet;
+					break;
+				case 'C':
+					param_nid = NID_id_GostR3410_94_CryptoPro_XchC_ParamSet;
+					break;
+				default:
+					return 0;
+					break;
+				}
+			}
+		else
+			{
+			R3410_params *p = R3410_paramset;
+			param_nid = OBJ_txt2nid(value);
+			if (param_nid == NID_undef)
+				{
+				return 0;
+				}
+			for (;p->nid != NID_undef;p++)
+				{
+				if (p->nid == param_nid) break;
+				}
+			if (p->nid == NID_undef)
+				{
+				GOSTerr(GOST_F_PKEY_GOST_CTRL94_STR,
+					GOST_R_INVALID_PARAMSET);
+				return 0;
+				}
+			}
+
+		return pkey_gost_ctrl(ctx, EVP_PKEY_CTRL_GOST_PARAMSET,
+			param_nid, NULL);
+		}
+	return -2;
+	}
+
+static int pkey_gost_ctrl01_str(EVP_PKEY_CTX *ctx,
+	const char *type, const char *value)
+	{
+	int param_nid=0;
+	if(!strcmp(type, param_ctrl_string))
+		{
+		if (!value)
+			{
+			return 0;
+			}
+		if (strlen(value) == 1)
+			{
+			switch(toupper(value[0]))
+				{
+				case 'A':
+					param_nid = NID_id_GostR3410_2001_CryptoPro_A_ParamSet;
+					break;	
+				case 'B':
+					param_nid = NID_id_GostR3410_2001_CryptoPro_B_ParamSet;
+					break;
+				case 'C':
+					param_nid = NID_id_GostR3410_2001_CryptoPro_C_ParamSet;
+					break;
+				case '0':
+					param_nid = NID_id_GostR3410_2001_TestParamSet;
+					break;
+				default:
+					return 0;
+					break;
+				}
+			}
+		else if ((strlen(value) == 2) && (toupper(value[0]) == 'X'))
+			{
+			switch (toupper(value[1]))
+				{
+				case 'A':
+					param_nid = NID_id_GostR3410_2001_CryptoPro_XchA_ParamSet;
+					break;
+				case 'B':
+					param_nid = NID_id_GostR3410_2001_CryptoPro_XchB_ParamSet;
+					break;
+				default:
+					return 0;
+					break;
+				}
+			}
+		else
+			{
+			R3410_2001_params *p = R3410_2001_paramset;
+			param_nid = OBJ_txt2nid(value);
+			if (param_nid == NID_undef)
+				{
+				return 0;
+				}
+			for (;p->nid != NID_undef;p++)
+				{
+				if (p->nid == param_nid) break;
+				}
+			if (p->nid == NID_undef)
+				{
+				GOSTerr(GOST_F_PKEY_GOST_CTRL01_STR,
+					GOST_R_INVALID_PARAMSET);
+				return 0;
+				}
+			}
+
+		return pkey_gost_ctrl(ctx, EVP_PKEY_CTRL_GOST_PARAMSET,
+			param_nid, NULL);
+		}
+	return -2;
+	}
+
+/* --------------------- key generation  --------------------------------*/
+
+static int pkey_gost_paramgen_init(EVP_PKEY_CTX *ctx) {
+	return 1;
+}	
+static int pkey_gost94_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) 
+	{
+	struct gost_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx);
+	DSA *dsa=NULL;
+	if (data->sign_param_nid == NID_undef)
+		{
+			GOSTerr(GOST_F_PKEY_GOST94_PARAMGEN,
+				GOST_R_NO_PARAMETERS_SET);
+			return 0;
+		}
+	dsa = DSA_new();
+	if (!fill_GOST94_params(dsa,data->sign_param_nid))
+		{
+		DSA_free(dsa);
+		return 0;
+		}
+	EVP_PKEY_assign(pkey,NID_id_GostR3410_94,dsa);
+	return 1;
+	}
+static int pkey_gost01_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
+	{
+	struct gost_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx);
+	EC_KEY *ec=NULL;
+
+	if (data->sign_param_nid == NID_undef)
+		{
+			GOSTerr(GOST_F_PKEY_GOST01_PARAMGEN,
+				GOST_R_NO_PARAMETERS_SET);
+			return 0;
+		}
+	if (!ec) 	
+		ec = EC_KEY_new();
+	if (!fill_GOST2001_params(ec,data->sign_param_nid))
+		{
+		EC_KEY_free(ec);
+		return 0;
+		}
+	EVP_PKEY_assign(pkey,NID_id_GostR3410_2001,ec);
+	return 1;
+	}
+
+/* Generates Gost_R3410_94_cp key */
+static int pkey_gost94cp_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
+	{
+	DSA *dsa;
+	if (!pkey_gost94_paramgen(ctx,pkey)) return 0;
+	dsa = EVP_PKEY_get0(pkey);
+	gost_sign_keygen(dsa);
+	return 1;
+	}
+
+/* Generates GOST_R3410 2001 key and assigns it using specified type */
+static int pkey_gost01cp_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
+	{
+	EC_KEY *ec;
+    if (!pkey_gost01_paramgen(ctx,pkey)) return 0;
+	ec = EVP_PKEY_get0(pkey);
+	gost2001_keygen(ec);
+	return 1;
+	}
+
+
+
+/* ----------- sign callbacks --------------------------------------*/
+
+static int pkey_gost94_cp_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+	const unsigned char *tbs, size_t tbs_len)
+	{
+	DSA_SIG *unpacked_sig=NULL;
+	EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(ctx);
+	if (!siglen) return 0;
+	if (!sig)
+		{
+		*siglen= 64; /* better to check size of pkey->pkey.dsa-q */
+		return 1;
+		}	
+	unpacked_sig = gost_do_sign(tbs,tbs_len,EVP_PKEY_get0(pkey));
+	if (!unpacked_sig)
+		{
+		return 0;
+		}
+	return pack_sign_cp(unpacked_sig,32,sig,siglen);
+	}
+
+static int pkey_gost01_cp_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+	const unsigned char *tbs, size_t tbs_len)
+	{
+	DSA_SIG *unpacked_sig=NULL;
+	EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(ctx);
+	if (!siglen) return 0;
+	if (!sig)
+		{
+		*siglen= 64; /* better to check size of curve order*/
+		return 1;
+		}	
+	unpacked_sig = gost2001_do_sign(tbs,tbs_len,EVP_PKEY_get0(pkey));
+	if (!unpacked_sig)
+		{
+		return 0;
+		}
+	return pack_sign_cp(unpacked_sig,32,sig,siglen);
+	}
+
+/* ------------------- verify callbacks ---------------------------*/
+
+static int pkey_gost94_cp_verify(EVP_PKEY_CTX *ctx, const unsigned char *sig,
+	size_t siglen, const unsigned char *tbs, size_t tbs_len)
+	{
+	int ok = 0;
+	EVP_PKEY* pub_key = EVP_PKEY_CTX_get0_pkey(ctx);
+	DSA_SIG *s=unpack_cp_signature(sig,siglen);
+	if (!s) return 0;
+	if (pub_key) ok = gost_do_verify(tbs,tbs_len,s,EVP_PKEY_get0(pub_key));
+	DSA_SIG_free(s);
+	return ok;
+	}
+
+
+static int pkey_gost01_cp_verify(EVP_PKEY_CTX *ctx, const unsigned char *sig,
+	size_t siglen, const unsigned char *tbs, size_t tbs_len)
+	{
+	int ok = 0;
+	EVP_PKEY* pub_key = EVP_PKEY_CTX_get0_pkey(ctx);
+	DSA_SIG *s=unpack_cp_signature(sig,siglen);
+	if (!s) return 0;
+#ifdef DEBUG_SIGN	
+	fprintf(stderr,"R=");
+	BN_print_fp(stderr,s->r);
+	fprintf(stderr,"\nS=");
+	BN_print_fp(stderr,s->s);
+	fprintf(stderr,"\n");
+#endif	
+	if (pub_key) ok = gost2001_do_verify(tbs,tbs_len,s,EVP_PKEY_get0(pub_key));
+	DSA_SIG_free(s);
+	return ok;
+	}
+
+/* ------------- encrypt init -------------------------------------*/
+/* Generates ephermeral key */
+static int pkey_gost_encrypt_init(EVP_PKEY_CTX *ctx)
+	{
+	return 1;
+	}
+/* --------------- Derive init ------------------------------------*/
+static int pkey_gost_derive_init(EVP_PKEY_CTX *ctx)
+{
+	return 1;
+}
+/* -------- PKEY_METHOD for GOST MAC algorithm --------------------*/
+static int pkey_gost_mac_init(EVP_PKEY_CTX *ctx)
+	{
+	struct gost_mac_pmeth_data *data;
+	data = OPENSSL_malloc(sizeof(struct gost_mac_pmeth_data));
+	if (!data) return 0;
+	memset(data,0,sizeof(struct gost_mac_pmeth_data));
+	EVP_PKEY_CTX_set_data(ctx,data);
+	return 1;
+	}	
+static void pkey_gost_mac_cleanup (EVP_PKEY_CTX *ctx)
+	{
+	struct gost_mac_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx);
+	OPENSSL_free(data);
+	}	
+static int pkey_gost_mac_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
+	{
+	struct gost_mac_pmeth_data *dst_data,*src_data;
+	if (!pkey_gost_mac_init(dst))
+		{
+		return 0;
+		}
+	src_data = EVP_PKEY_CTX_get_data(src);
+	dst_data = EVP_PKEY_CTX_get_data(dst);
+	*dst_data = *src_data;
+	return 1;
+	}
+	
+static int pkey_gost_mac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
+	{
+	struct gost_mac_pmeth_data *data =
+(struct gost_mac_pmeth_data*)EVP_PKEY_CTX_get_data(ctx);
+
+	switch (type)
+		{
+		case EVP_PKEY_CTRL_MD:
+		{
+		if (EVP_MD_type((const EVP_MD *)p2) != NID_id_Gost28147_89_MAC)
+			{
+			GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL, GOST_R_INVALID_DIGEST_TYPE);
+			return 0;
+			}
+		data->md = (EVP_MD *)p2;
+		return 1;
+		}
+		break;
+
+		case EVP_PKEY_CTRL_PKCS7_ENCRYPT:
+		case EVP_PKEY_CTRL_PKCS7_DECRYPT:
+		case EVP_PKEY_CTRL_PKCS7_SIGN:
+			return 1;
+		case EVP_PKEY_CTRL_SET_MAC_KEY:
+			if (p1 != 32) 
+				{
+				GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL,
+					GOST_R_INVALID_MAC_KEY_LENGTH);
+				return 0;
+				}
+
+			memcpy(data->key,p2,32);
+			data->key_set = 1;
+			return 1;
+		case EVP_PKEY_CTRL_DIGESTINIT:
+			{ 
+			EVP_MD_CTX *mctx = p2;
+			void *key;
+			if (!data->key_set)
+				{ 
+				EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(ctx);
+				if (!pkey) 
+					{
+					GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL,GOST_R_MAC_KEY_NOT_SET);
+					return 0;
+					}
+				key = EVP_PKEY_get0(pkey);
+				if (!key) 
+					{
+					GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL,GOST_R_MAC_KEY_NOT_SET);
+					return 0;
+					}
+				} else {
+				key = &(data->key);
+				}
+			return mctx->digest->md_ctrl(mctx,EVP_MD_CTRL_SET_KEY,32,key);
+			}  
+		}	
+	return -2;
+	}
+static int pkey_gost_mac_ctrl_str(EVP_PKEY_CTX *ctx,
+	const char *type, const char *value)
+	{
+	if (!strcmp(type, key_ctrl_string)) 
+		{
+		if (strlen(value)!=32) 
+			{
+			GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL_STR,
+				GOST_R_INVALID_MAC_KEY_LENGTH);
+			return 0;	
+			}
+		return pkey_gost_mac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY,
+			32,(char *)value);
+		}
+	if (!strcmp(type, hexkey_ctrl_string)) 
+		{
+			long keylen; int ret;
+			unsigned char *keybuf=string_to_hex(value,&keylen);
+			if (keylen != 32) 
+				{
+				GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL_STR,
+					GOST_R_INVALID_MAC_KEY_LENGTH);
+				return 0;	
+				}
+			ret= pkey_gost_mac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY,
+				32,keybuf);
+			OPENSSL_free(keybuf);
+			return ret;
+	
+		}
+	return -2;
+	}	
+
+static int pkey_gost_mac_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
+	{
+		struct gost_mac_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx);
+		unsigned char *keydata;
+		if (!data->key_set) 
+		{
+			GOSTerr(GOST_F_PKEY_GOST_MAC_KEYGEN,GOST_R_MAC_KEY_NOT_SET);
+			return 0;
+		}
+		keydata = OPENSSL_malloc(32);
+		memcpy(keydata,data->key,32);
+		EVP_PKEY_assign(pkey, NID_id_Gost28147_89_MAC, keydata);
+		return 1;
+	}
+
+static int pkey_gost_mac_signctx_init(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx)
+	{
+	return 1;
+}
+
+static int pkey_gost_mac_signctx(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, EVP_MD_CTX *mctx)
+	{
+		unsigned int tmpsiglen=*siglen; /* for platforms where sizeof(int)!=sizeof(size_t)*/
+		int ret;
+		if (!sig) 
+			{
+			*siglen = 4;
+			return 1;
+			}
+		ret=EVP_DigestFinal_ex(mctx,sig,&tmpsiglen);
+		*siglen = tmpsiglen;
+		return ret;
+	}
+/* ----------------------------------------------------------------*/
+int register_pmeth_gost(int id, EVP_PKEY_METHOD **pmeth,int flags)
+	{
+	*pmeth = EVP_PKEY_meth_new(id, flags);
+	if (!*pmeth) return 0;
+
+	switch (id)
+		{
+		case NID_id_GostR3410_94:
+			EVP_PKEY_meth_set_ctrl(*pmeth,pkey_gost_ctrl, pkey_gost_ctrl94_str);
+			EVP_PKEY_meth_set_keygen(*pmeth,NULL,pkey_gost94cp_keygen);
+			EVP_PKEY_meth_set_sign(*pmeth, NULL, pkey_gost94_cp_sign);
+			EVP_PKEY_meth_set_verify(*pmeth, NULL, pkey_gost94_cp_verify);
+			EVP_PKEY_meth_set_encrypt(*pmeth,
+				pkey_gost_encrypt_init, pkey_GOST94cp_encrypt);
+			EVP_PKEY_meth_set_decrypt(*pmeth, NULL, pkey_GOST94cp_decrypt);
+			EVP_PKEY_meth_set_derive(*pmeth,
+				pkey_gost_derive_init, pkey_gost94_derive);
+			EVP_PKEY_meth_set_paramgen(*pmeth, pkey_gost_paramgen_init,pkey_gost94_paramgen);	
+			break;
+		case NID_id_GostR3410_2001:
+			EVP_PKEY_meth_set_ctrl(*pmeth,pkey_gost_ctrl, pkey_gost_ctrl01_str);
+			EVP_PKEY_meth_set_sign(*pmeth, NULL, pkey_gost01_cp_sign);
+			EVP_PKEY_meth_set_verify(*pmeth, NULL, pkey_gost01_cp_verify);
+
+			EVP_PKEY_meth_set_keygen(*pmeth, NULL, pkey_gost01cp_keygen);
+
+			EVP_PKEY_meth_set_encrypt(*pmeth,
+				pkey_gost_encrypt_init, pkey_GOST01cp_encrypt);
+			EVP_PKEY_meth_set_decrypt(*pmeth, NULL, pkey_GOST01cp_decrypt);
+			EVP_PKEY_meth_set_derive(*pmeth,
+				pkey_gost_derive_init, pkey_gost2001_derive);
+			EVP_PKEY_meth_set_paramgen(*pmeth, pkey_gost_paramgen_init,pkey_gost01_paramgen);	
+			break;
+		case NID_id_Gost28147_89_MAC:
+			EVP_PKEY_meth_set_ctrl(*pmeth,pkey_gost_mac_ctrl, pkey_gost_mac_ctrl_str);
+			EVP_PKEY_meth_set_signctx(*pmeth,pkey_gost_mac_signctx_init, pkey_gost_mac_signctx);
+			EVP_PKEY_meth_set_keygen(*pmeth,NULL, pkey_gost_mac_keygen);
+			EVP_PKEY_meth_set_init(*pmeth,pkey_gost_mac_init);
+			EVP_PKEY_meth_set_cleanup(*pmeth,pkey_gost_mac_cleanup);
+			EVP_PKEY_meth_set_copy(*pmeth,pkey_gost_mac_copy);
+			return 1;
+		default: /*Unsupported method*/
+			return 0;
+		}
+	EVP_PKEY_meth_set_init(*pmeth, pkey_gost_init);
+	EVP_PKEY_meth_set_cleanup(*pmeth, pkey_gost_cleanup);
+
+	EVP_PKEY_meth_set_copy(*pmeth, pkey_gost_copy);
+	/*FIXME derive etc...*/
+	
+	return 1;
+	}
+
diff --git a/engines/ccgost/gost_sign.c b/engines/ccgost/gost_sign.c
new file mode 100644
index 0000000000..4095654358
--- /dev/null
+++ b/engines/ccgost/gost_sign.c
@@ -0,0 +1,321 @@
+/**********************************************************************
+ *                          gost_sign.c                               *
+ *             Copyright (c) 2005-2006 Cryptocom LTD                  *
+ *         This file is distributed under the same license as OpenSSL *
+ *                                                                    *
+ *       Implementation of GOST R 34.10-94 signature algorithm        *
+ *       for OpenSSL                                                  *
+ *          Requires OpenSSL 0.9.9 for compilation                    *
+ **********************************************************************/
+#include <string.h>
+#include <openssl/rand.h>
+#include <openssl/bn.h>
+#include <openssl/dsa.h>
+#include <openssl/evp.h>
+
+#include "gost_params.h"
+#include "gost_lcl.h"
+#include "e_gost_err.h"
+
+#ifdef DEBUG_SIGN
+void dump_signature(const char *message,const unsigned char *buffer,size_t len)
+	{
+	size_t i;
+	fprintf(stderr,"signature %s Length=%d",message,len);
+	for (i=0; i<len; i++)
+		{
+		if (i% 16 ==0) fputc('\n',stderr);
+		fprintf (stderr," %02x",buffer[i]);
+		}
+	fprintf(stderr,"\nEnd of signature\n");
+	}
+
+void dump_dsa_sig(const char *message, DSA_SIG *sig)
+	{
+	fprintf(stderr,"%s\nR=",message);
+	BN_print_fp(stderr,sig->r);
+	fprintf(stderr,"\nS=");
+	BN_print_fp(stderr,sig->s);
+	fprintf(stderr,"\n");
+	}
+
+#else
+
+#define dump_signature(a,b,c)
+#define dump_dsa_sig(a,b)
+#endif
+
+/*
+ * Computes signature and returns it as DSA_SIG structure
+ */
+DSA_SIG *gost_do_sign(const unsigned char *dgst,int dlen, DSA *dsa)
+	{
+	BIGNUM *k=NULL,*tmp=NULL,*tmp2=NULL;
+	DSA_SIG *newsig = DSA_SIG_new();
+	BIGNUM *md = hashsum2bn(dgst);
+	/* check if H(M) mod q is zero */
+	BN_CTX *ctx=BN_CTX_new();
+	BN_CTX_start(ctx);
+	if (!newsig)
+		{
+		GOSTerr(GOST_F_GOST_DO_SIGN,GOST_R_NO_MEMORY);
+		goto err;
+		}	
+	tmp=BN_CTX_get(ctx);
+	k = BN_CTX_get(ctx);
+	tmp2 = BN_CTX_get(ctx);
+	BN_mod(tmp,md,dsa->q,ctx);
+	if (BN_is_zero(tmp))
+		{
+		BN_one(md);
+		}	
+	do
+		{
+		do
+			{
+			/*Generate random number k less than q*/
+			BN_rand_range(k,dsa->q);
+			/* generate r = (a^x mod p) mod q */
+			BN_mod_exp(tmp,dsa->g, k, dsa->p,ctx);
+			if (!(newsig->r)) newsig->r=BN_new();
+			BN_mod(newsig->r,tmp,dsa->q,ctx);
+			}
+		while (BN_is_zero(newsig->r));
+		/* generate s = (xr + k(Hm)) mod q */
+		BN_mod_mul(tmp,dsa->priv_key,newsig->r,dsa->q,ctx);
+		BN_mod_mul(tmp2,k,md,dsa->q,ctx);
+		if (!newsig->s) newsig->s=BN_new();
+		BN_mod_add(newsig->s,tmp,tmp2,dsa->q,ctx);
+		}
+	while (BN_is_zero(newsig->s));		
+	err:
+	BN_free(md);
+	BN_CTX_end(ctx);
+	BN_CTX_free(ctx);
+	return newsig;
+	}	
+
+
+/*
+ * Packs signature according to Cryptocom rules
+ * and frees up DSA_SIG structure
+ */
+/*
+int pack_sign_cc(DSA_SIG *s,int order,unsigned char *sig, size_t *siglen)
+	{
+	*siglen = 2*order;
+	memset(sig,0,*siglen);
+	store_bignum(s->r, sig,order);
+	store_bignum(s->s, sig + order,order);
+	dump_signature("serialized",sig,*siglen);
+	DSA_SIG_free(s);
+	return 1;
+	}
+*/
+/*
+ * Packs signature according to Cryptopro rules
+ * and frees up DSA_SIG structure
+ */
+int pack_sign_cp(DSA_SIG *s,int order,unsigned char *sig, size_t *siglen)
+	{
+	*siglen = 2*order;
+	memset(sig,0,*siglen);
+	store_bignum(s->s, sig, order);
+	store_bignum(s->r, sig+order,order);
+	dump_signature("serialized",sig,*siglen);
+	DSA_SIG_free(s);
+	return 1;
+	}
+
+/*
+ * Verifies signature passed as DSA_SIG structure
+ *
+ */
+
+int gost_do_verify(const unsigned char *dgst, int dgst_len,
+	DSA_SIG *sig, DSA *dsa)
+	{
+	BIGNUM *md, *tmp=NULL;
+	BIGNUM *q2=NULL;
+	BIGNUM *u=NULL,*v=NULL,*z1=NULL,*z2=NULL;
+	BIGNUM *tmp2=NULL,*tmp3=NULL;
+	int ok;
+	BN_CTX *ctx = BN_CTX_new();
+
+	BN_CTX_start(ctx);
+	if (BN_cmp(sig->s,dsa->q)>=1||
+		BN_cmp(sig->r,dsa->q)>=1)
+		{
+		GOSTerr(GOST_F_GOST_DO_VERIFY,GOST_R_SIGNATURE_PARTS_GREATER_THAN_Q);
+		return 0;
+		}
+	md=hashsum2bn(dgst);
+	
+	tmp=BN_CTX_get(ctx);
+	v=BN_CTX_get(ctx);
+	q2=BN_CTX_get(ctx);
+	z1=BN_CTX_get(ctx);
+	z2=BN_CTX_get(ctx);
+	tmp2=BN_CTX_get(ctx);
+	tmp3=BN_CTX_get(ctx);
+	u = BN_CTX_get(ctx);
+	
+	BN_mod(tmp,md,dsa->q,ctx);
+	if (BN_is_zero(tmp))
+		{
+		BN_one(md);
+		}
+	BN_copy(q2,dsa->q);
+	BN_sub_word(q2,2);
+	BN_mod_exp(v,md,q2,dsa->q,ctx);
+	BN_mod_mul(z1,sig->s,v,dsa->q,ctx);
+	BN_sub(tmp,dsa->q,sig->r);
+	BN_mod_mul(z2,tmp,v,dsa->p,ctx);
+	BN_mod_exp(tmp,dsa->g,z1,dsa->p,ctx);
+	BN_mod_exp(tmp2,dsa->pub_key,z2,dsa->p,ctx);
+	BN_mod_mul(tmp3,tmp,tmp2,dsa->p,ctx);
+	BN_mod(u,tmp3,dsa->q,ctx);
+	ok= BN_cmp(u,sig->r);
+	
+	BN_free(md);
+	BN_CTX_end(ctx);
+	BN_CTX_free(ctx);
+	if (ok!=0)
+		{
+		GOSTerr(GOST_F_GOST_DO_VERIFY,GOST_R_SIGNATURE_MISMATCH);
+		}	
+	return (ok==0);
+	}
+
+/*
+ * Computes public keys for GOST R 34.10-94 algorithm
+ *
+ */
+int gost94_compute_public(DSA *dsa)
+	{
+	/* Now fill algorithm parameters with correct values */
+	BN_CTX *ctx = BN_CTX_new();
+	if (!dsa->g)
+		{
+		GOSTerr(GOST_F_GOST94_COMPUTE_PUBLIC,GOST_R_KEY_IS_NOT_INITALIZED);
+		return 0;
+		}	
+	/* Compute public key  y = a^x mod p */
+	dsa->pub_key=BN_new();
+	BN_mod_exp(dsa->pub_key, dsa->g,dsa->priv_key,dsa->p,ctx);
+	BN_CTX_free(ctx);
+	return 1;
+	}
+
+/*
+ * Fill GOST 94 params, searching them in R3410_paramset array
+ * by nid of paramset
+ *
+ */
+int fill_GOST94_params(DSA *dsa,int nid)
+	{
+	R3410_params *params=R3410_paramset;
+	while (params->nid!=NID_undef && params->nid !=nid) params++;
+	if (params->nid == NID_undef)
+		{
+		GOSTerr(GOST_F_FILL_GOST94_PARAMS,GOST_R_UNSUPPORTED_PARAMETER_SET);
+		return 0;
+		}	
+#define dump_signature(a,b,c)
+	if (dsa->p) { BN_free(dsa->p); }
+	dsa->p=NULL;
+	BN_dec2bn(&(dsa->p),params->p);
+	if (dsa->q) { BN_free(dsa->q); }
+	dsa->q=NULL;
+	BN_dec2bn(&(dsa->q),params->q);
+	if (dsa->g) { BN_free(dsa->g); }
+	dsa->g=NULL;
+	BN_dec2bn(&(dsa->g),params->a);
+	return 1;
+	}	
+
+/*
+ *  Generate GOST R 34.10-94 keypair
+ *
+ *
+ */
+int gost_sign_keygen(DSA *dsa)
+	{
+	dsa->priv_key = BN_new();
+	BN_rand_range(dsa->priv_key,dsa->q);
+	return gost94_compute_public( dsa);
+	}
+
+/* Unpack signature according to cryptocom rules  */
+/*
+DSA_SIG *unpack_cc_signature(const unsigned char *sig,size_t siglen)
+	{
+	DSA_SIG *s;
+	s = DSA_SIG_new();
+	if (s == NULL)
+		{
+		GOSTerr(GOST_F_UNPACK_CC_SIGNATURE,GOST_R_NO_MEMORY);
+		return(NULL);
+		}
+	s->r = getbnfrombuf(sig, siglen/2);
+	s->s = getbnfrombuf(sig + siglen/2, siglen/2);
+	return s;
+	}
+*/
+/* Unpack signature according to cryptopro rules  */
+DSA_SIG *unpack_cp_signature(const unsigned char *sig,size_t siglen)
+	{
+	DSA_SIG *s;
+
+	s = DSA_SIG_new();
+	if (s == NULL)
+		{
+		GOSTerr(GOST_F_UNPACK_CP_SIGNATURE,GOST_R_NO_MEMORY);
+		return NULL;
+		}
+	s->s = getbnfrombuf(sig , siglen/2);
+	s->r = getbnfrombuf(sig + siglen/2, siglen/2);
+	return s;
+	}
+
+/* Convert little-endian byte array into bignum */
+BIGNUM *hashsum2bn(const unsigned char *dgst)
+	{
+	unsigned char buf[32];
+	int i;
+	for (i=0;i<32;i++)
+		{
+		buf[31-i]=dgst[i];
+		}
+	return getbnfrombuf(buf,32);
+	}
+
+/* Convert byte buffer to bignum, skipping leading zeros*/
+BIGNUM *getbnfrombuf(const unsigned char *buf,size_t len)
+	{
+	while (*buf==0&&len>0)
+		{
+		buf++; len--;
+		}
+	if (len)
+		{
+		return BN_bin2bn(buf,len,NULL);
+		}
+	else
+		{
+		BIGNUM *b=BN_new();
+		BN_zero(b);
+		return b;
+		}
+	}
+
+/* Pack bignum into byte buffer of given size, filling all leading bytes
+ * by zeros */
+int store_bignum(BIGNUM *bn, unsigned char *buf,int len)
+	{
+	int bytes = BN_num_bytes(bn);
+	if (bytes>len) return 0;
+	memset(buf,0,len);
+	BN_bn2bin(bn,buf+len-bytes);
+	return 1;
+	}	
diff --git a/engines/ccgost/gosthash.c b/engines/ccgost/gosthash.c
new file mode 100644
index 0000000000..a5c0662ffc
--- /dev/null
+++ b/engines/ccgost/gosthash.c
@@ -0,0 +1,255 @@
+/**********************************************************************
+ *                          gosthash.c                                *
+ *             Copyright (c) 2005-2006 Cryptocom LTD                  *
+ *         This file is distributed under the same license as OpenSSL *
+ *                                                                    *
+ *    Implementation of GOST R 34.11-94 hash function                 *
+ *       uses on gost89.c and gost89.h Doesn't need OpenSSL           *
+ **********************************************************************/
+#include <string.h>
+
+#include "gost89.h"
+#include "gosthash.h"
+
+
+/* Use OPENSSL_malloc for memory allocation if compiled with 
+ * -DOPENSSL_BUILD, and libc malloc otherwise
+ */
+#ifndef MYALLOC
+# ifdef OPENSSL_BUILD
+#  include <openssl/crypto.h>
+#  define MYALLOC(size) OPENSSL_malloc(size)
+#  define MYFREE(ptr) OPENSSL_free(ptr)
+# else
+#  define MYALLOC(size) malloc(size)
+#  define MYFREE(ptr) free(ptr)
+# endif
+#endif
+/* Following functions are various bit meshing routines used in
+ * GOST R 34.11-94 algorithms */
+static void swap_bytes (byte *w, byte *k) 
+	{
+	int i,j;
+	for (i=0;i<4;i++)	
+		for (j=0;j<8;j++) 
+			k[i+4*j]=w[8*i+j];
+
+	}
+
+/* was A_A */
+static void circle_xor8 (const byte *w, byte *k) 
+	{
+	byte buf[8];
+	int i;
+	memcpy(buf,w,8);
+	memcpy(k,w+8,24);
+	for(i=0;i<8;i++) 
+		k[i+24]=buf[i]^k[i];
+	}
+
+/* was R_R */
+static void transform_3 (byte *data) 
+	{
+	unsigned short int acc;
+	acc=(data[0]^data[2]^data[4]^data[6]^data[24]^data[30])|
+		((data[1]^data[3]^data[5]^data[7]^data[25]^data[31])<<8);
+	memmove(data,data+2,30);
+	data[30]=acc&0xff;
+	data[31]=acc>>8;
+	}
+
+/* Adds blocks of N bytes modulo 2**(8*n). Returns carry*/
+static int add_blocks(int n,byte *left, const byte *right) 
+	{
+	int i;
+	int carry=0;
+	int sum;
+	for (i=0;i<n;i++) 
+		{
+	   	sum=(int)left[i]+(int)right[i]+carry;
+		left[i]=sum & 0xff;
+		carry=sum>>8;
+		}
+	return carry;
+	} 
+
+/* Xor two sequences of bytes */
+static void xor_blocks (byte *result,const byte *a,const byte *b,size_t len)
+	{
+	size_t i;
+	for (i=0;i<len;i++) result[i]=a[i]^b[i];
+	}	
+
+/* 
+ * 	Calculate H(i+1) = Hash(Hi,Mi) 
+ * 	Where H and M are 32 bytes long
+ */
+static int hash_step(gost_ctx *c,byte *H,const byte *M) 
+	{
+	byte U[32],W[32],V[32],S[32],Key[32];
+	int i;
+	/* Compute first key */
+	xor_blocks(W,H,M,32);
+	swap_bytes(W,Key);
+	/* Encrypt first 8 bytes of H with first key*/
+	gost_enc_with_key(c,Key,H,S);
+	/* Compute second key*/
+	circle_xor8(H,U);
+	circle_xor8(M,V);
+	circle_xor8(V,V);
+	xor_blocks(W,U,V,32);
+	swap_bytes(W,Key);
+	/* encrypt second 8 bytes of H with second key*/
+	gost_enc_with_key(c,Key,H+8,S+8);
+	/* compute third key */
+	circle_xor8(U,U);
+	U[31]=~U[31]; U[29]=~U[29]; U[28]=~U[28]; U[24]=~U[24];
+	U[23]=~U[23]; U[20]=~U[20]; U[18]=~U[18]; U[17]=~U[17];
+	U[14]=~U[14]; U[12]=~U[12]; U[10]=~U[10]; U[ 8]=~U[ 8];
+	U[ 7]=~U[ 7]; U[ 5]=~U[ 5]; U[ 3]=~U[ 3]; U[ 1]=~U[ 1];
+	circle_xor8(V,V);
+	circle_xor8(V,V);
+	xor_blocks(W,U,V,32);
+	swap_bytes(W,Key);
+	/* encrypt third 8 bytes of H with third key*/
+	gost_enc_with_key(c,Key,H+16,S+16);
+	/* Compute fourth key */
+	circle_xor8(U,U);
+	circle_xor8(V,V);
+	circle_xor8(V,V);
+	xor_blocks(W,U,V,32);
+	swap_bytes(W,Key);
+	/* Encrypt last 8 bytes with fourth key */
+	gost_enc_with_key(c,Key,H+24,S+24);
+	for (i=0;i<12;i++) 
+		transform_3(S);
+	xor_blocks(S,S,M,32);
+	transform_3(S);
+	xor_blocks(S,S,H,32);
+	for (i=0;i<61;i++) 
+		transform_3(S);
+	memcpy(H,S,32);
+	return 1;
+	}
+
+/* Initialize gost_hash ctx - cleans up temporary structures and
+ * set up substitution blocks
+ */
+int init_gost_hash_ctx(gost_hash_ctx *ctx, const gost_subst_block *subst_block)
+	{	
+	memset(ctx,0,sizeof(gost_hash_ctx));
+	ctx->cipher_ctx = (gost_ctx *)MYALLOC(sizeof(gost_ctx));
+	if (!ctx->cipher_ctx)
+		{
+		return 0;
+		}		
+	gost_init(ctx->cipher_ctx,subst_block);
+	return 1;
+	}
+
+/*
+ * Free cipher CTX if it is dynamically allocated. Do not use
+ * if cipher ctx is statically allocated as in OpenSSL implementation of
+ * GOST hash algroritm
+ *
+ */ 
+void done_gost_hash_ctx(gost_hash_ctx *ctx) 
+	{
+	/* No need to use gost_destroy, because cipher keys are not really
+	 * secret when hashing */
+	MYFREE(ctx->cipher_ctx);
+	}
+
+/*
+ * reset state of hash context to begin hashing new message
+ */
+int start_hash(gost_hash_ctx *ctx)
+	{
+	if (!ctx->cipher_ctx) return 0;
+	memset(&(ctx->H),0,32);
+	memset(&(ctx->S),0,32);
+	ctx->len = 0L;
+	ctx->left=0;
+	return 1;
+	}
+
+/*
+ * Hash block of arbitrary length
+ *
+ *
+ */
+int hash_block(gost_hash_ctx *ctx,const byte *block, size_t length)
+	{
+	const byte *curptr=block;
+	const byte *barrier=block+(length-32);/* Last byte we can safely hash*/
+	if (ctx->left)
+		{
+		/*There are some bytes from previous step*/
+		unsigned int add_bytes = 32-ctx->left;
+		if (add_bytes>length)
+			{
+			add_bytes = length;
+			}	
+		memcpy(&(ctx->remainder[ctx->left]),block,add_bytes);
+		ctx->left+=add_bytes;
+		if (ctx->left<32)
+			{
+			return 1;
+			}	
+		curptr=block+add_bytes;
+		hash_step(ctx->cipher_ctx,ctx->H,ctx->remainder);
+		add_blocks(32,ctx->S,ctx->remainder);
+		ctx->len+=32;
+		ctx->left=0;
+		}
+	while (curptr<=barrier)
+		{	
+		hash_step(ctx->cipher_ctx,ctx->H,curptr);
+			
+		add_blocks(32,ctx->S,curptr);
+		ctx->len+=32;
+		curptr+=32;
+		}	
+	if (curptr!=block+length)
+		{
+		ctx->left=block+length-curptr;
+		memcpy(ctx->remainder,curptr,ctx->left);
+		}	
+	return 1;	
+	}
+
+/*
+ * Compute hash value from current state of ctx
+ * state of hash ctx becomes invalid and cannot be used for further
+ * hashing.
+ */ 
+int finish_hash(gost_hash_ctx *ctx,byte *hashval)
+	{
+	byte buf[32];
+	byte H[32];
+	byte S[32];
+	ghosthash_len fin_len=ctx->len;
+	byte *bptr;
+	memcpy(H,ctx->H,32);
+	memcpy(S,ctx->S,32);
+	if (ctx->left)
+		{
+		memset(buf,0,32);
+		memcpy(buf,ctx->remainder,ctx->left);
+		hash_step(ctx->cipher_ctx,H,buf);
+		add_blocks(32,S,buf);
+		fin_len+=ctx->left;
+		}
+	memset(buf,0,32);
+	bptr=buf;
+	fin_len<<=3; /* Hash length in BITS!!*/
+	while(fin_len>0)
+		{
+		*(bptr++)=(byte)(fin_len&0xFF);
+		fin_len>>=8;
+		};
+	hash_step(ctx->cipher_ctx,H,buf);
+	hash_step(ctx->cipher_ctx,H,S);
+	memcpy(hashval,H,32);
+	return 1;
+	}
diff --git a/engines/ccgost/gosthash.h b/engines/ccgost/gosthash.h
new file mode 100644
index 0000000000..4a2e441ece
--- /dev/null
+++ b/engines/ccgost/gosthash.h
@@ -0,0 +1,48 @@
+/**********************************************************************
+ *                          gosthash.h                                *
+ *             Copyright (c) 2005-2006 Cryptocom LTD                  *
+ *       This file is distributed under the same license as OpenSSL   *
+ *                                                                    *
+ *    Declaration of GOST R 34.11-94 hash functions                   *
+ *       uses  and gost89.h Doesn't need OpenSSL                      *
+ **********************************************************************/
+#ifndef GOSTHASH_H
+#define GOSTHASH_H
+#include "gost89.h"
+#include <stdlib.h>
+
+#if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32__)
+typedef __int64 ghosthash_len;
+#elif defined(__arch64__)
+typedef long ghosthash_len;
+#else
+typedef long long ghosthash_len;
+#endif
+
+typedef struct gost_hash_ctx {
+		ghosthash_len len;
+		gost_ctx *cipher_ctx;
+		int left;
+		byte H[32];
+		byte S[32];
+		byte remainder[32];
+} gost_hash_ctx;		
+
+
+/* Initalizes gost hash ctx, including creation of gost cipher ctx */
+
+int init_gost_hash_ctx(gost_hash_ctx *ctx, const gost_subst_block *subst_block);
+void done_gost_hash_ctx(gost_hash_ctx *ctx);
+
+/* Cleans up all fields, except cipher ctx preparing ctx for computing
+ * of new hash value */
+int start_hash(gost_hash_ctx *ctx);
+
+/* Hashes block of data */
+int hash_block(gost_hash_ctx *ctx, const byte *block, size_t length);
+
+/* Finalizes computation of hash  and fills buffer (which should be at
+ * least 32 bytes long) with value of computed hash. */
+int finish_hash(gost_hash_ctx *ctx, byte *hashval);
+
+#endif	
diff --git a/engines/ccgost/gostsum.c b/engines/ccgost/gostsum.c
new file mode 100644
index 0000000000..d57112eb54
--- /dev/null
+++ b/engines/ccgost/gostsum.c
@@ -0,0 +1,210 @@
+/**********************************************************************
+ *                        gostsum.c                                   *
+ *             Copyright (c) 2005-2006 Cryptocom LTD                  *
+ *         This file is distributed under the same license as OpenSSL *
+ *                                                                    *
+ *        Almost drop-in replacement for md5sum and sha1sum           *
+ *          which computes GOST R 34.11-94 hashsum instead            *
+ *                                                                    *
+ **********************************************************************/
+#include <stdio.h>
+#include <stdlib.h>
+#include <unistd.h>
+#include <limits.h>
+#include <fcntl.h>
+#include <string.h>
+#include "gosthash.h"
+#define BUF_SIZE 262144
+int hash_file(gost_hash_ctx *ctx,char *filename,char *sum,int mode);
+int hash_stream(gost_hash_ctx *ctx,int fd, char *sum);
+int get_line(FILE *f,char *hash,char *filename);
+void help()
+	{
+	fprintf(stderr,"gostsum [-bvt] [-c [file]]| [files]\n"
+		"\t-c check message digests (default is generate)\n"
+		"\t-v verbose, print file names when checking\n"
+		"\t-b read files in binary mode\n"
+		"\t-t use test GOST paramset (default is CryptoPro paramset)\n"
+		"The input for -c should be the list of message digests and file names\n"
+		"that is printed on stdout by this program when it generates digests.\n");
+	exit(3);
+	}
+
+#ifndef O_BINARY
+#define O_BINARY 0
+#endif
+
+int main(int argc,char **argv)
+	{
+	int c,i;
+	int verbose=0;
+	int errors=0;
+	int open_mode = O_RDONLY;
+	gost_subst_block *b=  &GostR3411_94_CryptoProParamSet;
+	FILE *check_file = NULL;
+	gost_hash_ctx ctx;
+	
+	while( (c=getopt(argc,argv,"bc::tv"))!=-1)
+		{
+		switch (c)
+			{
+			case 'v': verbose=1; break;
+			case 't': b= &GostR3411_94_TestParamSet; break;
+			case 'b': open_mode |= O_BINARY; break;
+			case 'c':
+				if (optarg)
+					{
+					check_file = fopen(optarg,"r");
+					if (!check_file)
+						{
+						perror(optarg);
+						exit(2);
+						}
+					}
+				else
+					{
+				  	check_file= stdin;
+					}
+				break;
+			default:
+				fprintf(stderr,"invalid option %c",optopt);
+				help();
+			}
+		}
+	init_gost_hash_ctx(&ctx,b);
+	if (check_file)
+		{
+		char inhash[65],calcsum[65],filename[PATH_MAX];
+		int failcount=0,count=0;;
+		if (check_file==stdin && optind<argc)
+			{
+			check_file=fopen(argv[optind],"r");
+			if (!check_file)
+				{	
+				perror(argv[optind]);
+				exit(2);
+				}
+			}	
+		while (get_line(check_file,inhash,filename))
+			{
+			if (!hash_file(&ctx,filename,calcsum,open_mode))
+				{
+				exit (2);
+				}	
+			count++;
+			if (!strncmp(calcsum,inhash,65))
+				{
+				if (verbose)
+					{
+					fprintf(stderr,"%s\tOK\n",filename);
+					}
+				}
+			else
+				{
+				if (verbose)
+					{
+					fprintf(stderr,"%s\tFAILED\n",filename);
+					}
+				else
+					{
+					fprintf(stderr,"%s: GOST hash sum check failed for '%s'\n",
+						argv[0],filename);
+					}
+				failcount++;
+				}
+			}	
+		if (verbose && failcount)
+			{
+			fprintf(stderr,"%s: %d of %d file(f) failed GOST hash sum check\n",
+				argv[0],failcount,count);
+			}
+		exit (failcount?1:0);
+		}
+	if (optind==argc)
+		{
+		char sum[65];
+		if (!hash_stream(&ctx,fileno(stdin),sum))
+			{
+			perror("stdin");
+			exit(1);
+			}	
+		printf("%s -\n",sum);
+		exit(0);
+		}	
+	for (i=optind;i<argc;i++)
+		{
+		char sum[65];
+		if (!hash_file(&ctx,argv[i],sum,open_mode))
+			{
+			errors++;
+			}
+		else
+			{	
+			printf("%s %s\n",sum,argv[i]);
+			}
+		}	
+	exit(errors?1:0);	
+	}
+
+int hash_file(gost_hash_ctx *ctx,char *filename,char *sum,int mode)
+	{
+	int fd;
+	if ((fd=open(filename,mode))<0)
+		{
+		perror(filename);
+		return 0;
+		}
+	if (!hash_stream(ctx,fd,sum))
+		{
+		perror(filename);
+		return 0;
+		}	
+	close(fd);
+	return 1;
+	}
+
+int hash_stream(gost_hash_ctx *ctx,int fd, char *sum)
+	{
+	unsigned char buffer[BUF_SIZE];
+	ssize_t bytes;
+	int i;
+	start_hash(ctx);
+	while ((bytes=read(fd,buffer,BUF_SIZE))>0)
+		{
+		hash_block(ctx,buffer,bytes);
+		}
+	if (bytes<0)
+		{
+		return 0;
+		}	
+	finish_hash(ctx,buffer);
+	for (i=0;i<32;i++)
+		{
+		sprintf(sum+2*i,"%02x",buffer[31-i]);
+		}
+	return 1;
+	}	
+	
+int get_line(FILE *f,char *hash,char *filename)
+	{
+	int i;
+	if (fread(hash,1,64,f)<64) return 0;
+	hash[64]=0;
+	for (i=0;i<64;i++)
+		{
+		if (hash[i]<'0' || (hash[i]>'9' && hash[i]<'A') || (hash[i]>'F'
+				&& hash[i]<'a')||hash[i]>'f')
+			{
+			fprintf(stderr,"Not a hash value '%s'\n",hash);
+			return 0;
+			}
+		}	
+	if (fgetc(f)!=' ')
+		{
+		fprintf(stderr,"Malformed input line\n");
+		return 0;
+		}
+	i=strlen(fgets(filename,PATH_MAX,f));
+	while (filename[--i]=='\n'||filename[i]=='\r') filename[i]=0;
+	return 1;
+	}	
diff --git a/engines/e_4758_cca.ec b/engines/e_4758_cca.ec
deleted file mode 100644
index 2919969466..0000000000
--- a/engines/e_4758_cca.ec
+++ /dev/null
@@ -1 +0,0 @@
-L CCA4758	e_4758_cca_err.h		e_4758_cca_err.c
diff --git a/engines/e_4758_cca.c b/engines/e_4758cca.c
index 262b373caa..443182bd31 100644
--- a/engines/e_4758_cca.c
+++ b/engines/e_4758cca.c
@@ -61,7 +61,9 @@
 #include <openssl/objects.h>
 #include <openssl/engine.h>
 #include <openssl/rand.h>
+#ifndef OPENSSL_NO_RSA
 #include <openssl/rsa.h>
+#endif
 #include <openssl/bn.h>
 
 #ifndef OPENSSL_NO_HW
@@ -73,7 +75,7 @@
 #include "vendor_defns/hw_4758_cca.h"
 #endif
 
-#include "e_4758_cca_err.c"
+#include "e_4758cca_err.c"
 
 static int ibm_4758_cca_destroy(ENGINE *e);
 static int ibm_4758_cca_init(ENGINE *e);
@@ -90,7 +92,7 @@ static int cca_rsa_priv_dec(int flen, const unsigned char *from,
 static int cca_rsa_sign(int type, const unsigned char *m, unsigned int m_len,
 		unsigned char *sigret, unsigned int *siglen, const RSA *rsa);
 static int cca_rsa_verify(int dtype, const unsigned char *m, unsigned int m_len,
-		unsigned char *sigbuf, unsigned int siglen, const RSA *rsa);
+	const unsigned char *sigbuf, unsigned int siglen, const RSA *rsa);
 
 /* utility functions */
 /*-----------------------*/
@@ -106,11 +108,13 @@ static int getModulusAndExponent(const unsigned char *token, long *exponentLengt
 
 /* RAND number functions */
 /*-----------------------*/
-static int cca_get_random_bytes(unsigned char*, int );
+static int cca_get_random_bytes(unsigned char*, int);
 static int cca_random_status(void);
 
+#ifndef OPENSSL_NO_RSA
 static void cca_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad,
 		int idx,long argl, void *argp);
+#endif
 
 /* Function pointers for CCA verbs */
 /*---------------------------------*/
@@ -154,7 +158,9 @@ static const char* n_pkaDecrypt = CSNDPKD;
 #endif
 static const char* n_randomNumberGenerate = CSNBRNG;
 
+#ifndef OPENSSL_NO_RSA
 static int hndidx = -1;
+#endif
 static DSO *dso = NULL;
 
 /* openssl engine initialization structures */
@@ -202,6 +208,10 @@ static RAND_METHOD ibm_4758_cca_rand =
 
 static const char *engine_4758_cca_id = "4758cca";
 static const char *engine_4758_cca_name = "IBM 4758 CCA hardware engine support";
+#ifndef OPENSSL_NO_DYNAMIC_ENGINE 
+/* Compatibility hack, the dynamic library uses this form in the path */
+static const char *engine_4758_cca_id_alt = "4758_cca";
+#endif
 
 /* engine implementation */
 /*-----------------------*/
@@ -217,8 +227,10 @@ static int bind_helper(ENGINE *e)
 			!ENGINE_set_init_function(e, ibm_4758_cca_init) ||
 			!ENGINE_set_finish_function(e, ibm_4758_cca_finish) ||
 			!ENGINE_set_ctrl_function(e, ibm_4758_cca_ctrl) ||
+#ifndef OPENSSL_NO_RSA
 			!ENGINE_set_load_privkey_function(e, ibm_4758_load_privkey) ||
 			!ENGINE_set_load_pubkey_function(e, ibm_4758_load_pubkey) ||
+#endif
 			!ENGINE_set_cmd_defns(e, cca4758_cmd_defns))
 		return 0;
 	/* Ensure the error handling is set up */
@@ -300,8 +312,10 @@ static int ibm_4758_cca_init(ENGINE *e)
 		}
 #endif
 
+#ifndef OPENSSL_NO_RSA
 	hndidx = RSA_get_ex_new_index(0, "IBM 4758 CCA RSA key handle",
 		NULL, NULL, cca_ex_free);
+#endif
 
 	return 1;
 err:
@@ -309,13 +323,15 @@ err:
 		DSO_free(dso);
 	dso = NULL;
 
+#ifndef OPENSSL_NO_RSA
 	keyRecordRead = (F_KEYRECORDREAD)0;
-	randomNumberGenerate = (F_RANDOMNUMBERGENERATE)0;
 	digitalSignatureGenerate = (F_DIGITALSIGNATUREGENERATE)0;
 	digitalSignatureVerify = (F_DIGITALSIGNATUREVERIFY)0;
 	publicKeyExtract = (F_PUBLICKEYEXTRACT)0;
 	pkaEncrypt = (F_PKAENCRYPT)0;
 	pkaDecrypt = (F_PKADECRYPT)0;
+#endif
+	randomNumberGenerate = (F_RANDOMNUMBERGENERATE)0;
 	return 0;
 	}
 
@@ -335,6 +351,7 @@ static int ibm_4758_cca_finish(ENGINE *e)
 		return 0;
 		}
 	dso = NULL;
+#ifndef OPENSSL_NO_RSA
 	keyRecordRead = (F_KEYRECORDREAD)0;
 	randomNumberGenerate = (F_RANDOMNUMBERGENERATE)0;
 	digitalSignatureGenerate = (F_DIGITALSIGNATUREGENERATE)0;
@@ -342,6 +359,8 @@ static int ibm_4758_cca_finish(ENGINE *e)
 	publicKeyExtract = (F_PUBLICKEYEXTRACT)0;
 	pkaEncrypt = (F_PKAENCRYPT)0;
 	pkaDecrypt = (F_PKADECRYPT)0;
+#endif
+	randomNumberGenerate = (F_RANDOMNUMBERGENERATE)0;
 	return 1;
 	}
 
@@ -401,7 +420,7 @@ static EVP_PKEY *ibm_4758_load_privkey(ENGINE* e, const char* key_id,
 
 	if (keyLabelLength > sizeof(keyLabel))
 		{
-		CCA4758err(CCA4758_F_IBM_4758_CCA_LOAD_PRIVKEY,
+		CCA4758err(CCA4758_F_IBM_4758_LOAD_PRIVKEY,
 		CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
 		return NULL;
 		}
@@ -412,7 +431,7 @@ static EVP_PKEY *ibm_4758_load_privkey(ENGINE* e, const char* key_id,
 	keyToken = OPENSSL_malloc(MAX_CCA_PKA_TOKEN_SIZE + sizeof(long));
 	if (!keyToken)
 		{
-		CCA4758err(CCA4758_F_IBM_4758_CCA_LOAD_PRIVKEY,
+		CCA4758err(CCA4758_F_IBM_4758_LOAD_PRIVKEY,
 				ERR_R_MALLOC_FAILURE);
 		goto err;
 		}
@@ -423,7 +442,7 @@ static EVP_PKEY *ibm_4758_load_privkey(ENGINE* e, const char* key_id,
 
 	if (returnCode)
 		{
-		CCA4758err(CCA4758_F_IBM_4758_CCA_LOAD_PRIVKEY,
+		CCA4758err(CCA4758_F_IBM_4758_LOAD_PRIVKEY,
 			CCA4758_R_FAILED_LOADING_PRIVATE_KEY);
 		goto err;
 		}
@@ -434,7 +453,7 @@ static EVP_PKEY *ibm_4758_load_privkey(ENGINE* e, const char* key_id,
 
 	if (returnCode)
 		{
-		CCA4758err(CCA4758_F_IBM_4758_CCA_LOAD_PRIVKEY,
+		CCA4758err(CCA4758_F_IBM_4758_LOAD_PRIVKEY,
 			CCA4758_R_FAILED_LOADING_PRIVATE_KEY);
 		goto err;
 		}
@@ -443,7 +462,7 @@ static EVP_PKEY *ibm_4758_load_privkey(ENGINE* e, const char* key_id,
 			exponent, &modulusLength, &modulusFieldLength,
 			modulus))
 		{
-		CCA4758err(CCA4758_F_IBM_4758_CCA_LOAD_PRIVKEY,
+		CCA4758err(CCA4758_F_IBM_4758_LOAD_PRIVKEY,
 			CCA4758_R_FAILED_LOADING_PRIVATE_KEY);
 		goto err;
 		}
@@ -463,10 +482,6 @@ static EVP_PKEY *ibm_4758_load_privkey(ENGINE* e, const char* key_id,
 err:
 	if (keyToken)
 		OPENSSL_free(keyToken);
-	if (res)
-		EVP_PKEY_free(res);
-	if (rtmp)
-		RSA_free(rtmp);
 	return NULL;
 	}
 
@@ -493,7 +508,7 @@ static EVP_PKEY *ibm_4758_load_pubkey(ENGINE* e, const char* key_id,
 
 	if (keyLabelLength > sizeof(keyLabel))
 		{
-		CCA4758err(CCA4758_F_IBM_4758_CCA_LOAD_PRIVKEY,
+		CCA4758err(CCA4758_F_IBM_4758_LOAD_PUBKEY,
 			CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
 		return NULL;
 		}
@@ -504,7 +519,7 @@ static EVP_PKEY *ibm_4758_load_pubkey(ENGINE* e, const char* key_id,
 	keyToken = OPENSSL_malloc(MAX_CCA_PKA_TOKEN_SIZE + sizeof(long));
 	if (!keyToken)
 		{
-		CCA4758err(CCA4758_F_IBM_4758_CCA_LOAD_PUBKEY,
+		CCA4758err(CCA4758_F_IBM_4758_LOAD_PUBKEY,
 				ERR_R_MALLOC_FAILURE);
 		goto err;
 		}
@@ -515,7 +530,7 @@ static EVP_PKEY *ibm_4758_load_pubkey(ENGINE* e, const char* key_id,
 
 	if (returnCode)
 		{
-		CCA4758err(CCA4758_F_IBM_4758_CCA_LOAD_PRIVKEY,
+		CCA4758err(CCA4758_F_IBM_4758_LOAD_PUBKEY,
 				ERR_R_MALLOC_FAILURE);
 		goto err;
 		}
@@ -523,7 +538,7 @@ static EVP_PKEY *ibm_4758_load_pubkey(ENGINE* e, const char* key_id,
 	if (!getModulusAndExponent(keyToken+sizeof(long), &exponentLength,
 			exponent, &modulusLength, &modulusFieldLength, modulus))
 		{
-		CCA4758err(CCA4758_F_IBM_4758_CCA_LOAD_PRIVKEY,
+		CCA4758err(CCA4758_F_IBM_4758_LOAD_PUBKEY,
 			CCA4758_R_FAILED_LOADING_PUBLIC_KEY);
 		goto err;
 		}
@@ -541,10 +556,6 @@ static EVP_PKEY *ibm_4758_load_pubkey(ENGINE* e, const char* key_id,
 err:
 	if (keyToken)
 		OPENSSL_free(keyToken);
-	if (res)
-		EVP_PKEY_free(res);
-	if (rtmp)
-		RSA_free(rtmp);
 	return NULL;
 	}
 
@@ -607,7 +618,7 @@ static int cca_rsa_priv_dec(int flen, const unsigned char *from,
 #define SSL_SIG_LEN 36
 
 static int cca_rsa_verify(int type, const unsigned char *m, unsigned int m_len,
-		unsigned char *sigbuf, unsigned int siglen, const RSA *rsa)
+	const unsigned char *sigbuf, unsigned int siglen, const RSA *rsa)
 	{
 	long returnCode;
 	long reasonCode;
@@ -636,14 +647,14 @@ static int cca_rsa_verify(int type, const unsigned char *m, unsigned int m_len,
 
 		if (!algorithm.algorithm)
 			{
-			CCA4758err(CCA4758_F_IBM_4758_CCA_VERIFY,
+			CCA4758err(CCA4758_F_CCA_RSA_VERIFY,
 				CCA4758_R_UNKNOWN_ALGORITHM_TYPE);
 			return 0;
 			}
 
 		if (!algorithm.algorithm->length)
 			{
-			CCA4758err(CCA4758_F_IBM_4758_CCA_VERIFY,
+			CCA4758err(CCA4758_F_CCA_RSA_VERIFY,
 				CCA4758_R_ASN1_OID_UNKNOWN_FOR_MD);
 			return 0;
 			}
@@ -663,7 +674,7 @@ static int cca_rsa_verify(int type, const unsigned char *m, unsigned int m_len,
 
 	if (length - RSA_PKCS1_PADDING > keyLength)
 		{
-		CCA4758err(CCA4758_F_IBM_4758_CCA_VERIFY,
+		CCA4758err(CCA4758_F_CCA_RSA_VERIFY,
 			CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
 		return 0;
 		}
@@ -673,7 +684,7 @@ static int cca_rsa_verify(int type, const unsigned char *m, unsigned int m_len,
 		case NID_md5_sha1 :
 			if (m_len != SSL_SIG_LEN)
 				{
-				CCA4758err(CCA4758_F_IBM_4758_CCA_VERIFY,
+				CCA4758err(CCA4758_F_CCA_RSA_VERIFY,
 				CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
 				return 0;
 				}
@@ -688,7 +699,7 @@ static int cca_rsa_verify(int type, const unsigned char *m, unsigned int m_len,
 					(unsigned int)keyLength+1);
 			if (!hashBuffer)
 				{
-				CCA4758err(CCA4758_F_IBM_4758_CCA_VERIFY,
+				CCA4758err(CCA4758_F_CCA_RSA_VERIFY,
 						ERR_R_MALLOC_FAILURE);
 				return 0;
 				}
@@ -703,7 +714,7 @@ static int cca_rsa_verify(int type, const unsigned char *m, unsigned int m_len,
 					(unsigned int)keyLength+1);
 			if (!hashBuffer)
 				{
-				CCA4758err(CCA4758_F_IBM_4758_CCA_VERIFY,
+				CCA4758err(CCA4758_F_CCA_RSA_VERIFY,
 						ERR_R_MALLOC_FAILURE);
 				return 0;
 				}
@@ -716,7 +727,8 @@ static int cca_rsa_verify(int type, const unsigned char *m, unsigned int m_len,
 
 	digitalSignatureVerify(&returnCode, &reasonCode, &exitDataLength,
 		exitData, &ruleArrayLength, ruleArray, &keyTokenLength,
-		keyToken, &length, hashBuffer, &lsiglen, sigbuf);
+		keyToken, &length, hashBuffer, &lsiglen,
+						(unsigned char *)sigbuf);
 
 	if (type == NID_sha1 || type == NID_md5)
 		{
@@ -760,14 +772,14 @@ static int cca_rsa_sign(int type, const unsigned char *m, unsigned int m_len,
 
 		if (!algorithm.algorithm)
 			{
-			CCA4758err(CCA4758_F_IBM_4758_CCA_SIGN,
+			CCA4758err(CCA4758_F_CCA_RSA_SIGN,
 				CCA4758_R_UNKNOWN_ALGORITHM_TYPE);
 			return 0;
 			}
 
 		if (!algorithm.algorithm->length)
 			{
-			CCA4758err(CCA4758_F_IBM_4758_CCA_SIGN,
+			CCA4758err(CCA4758_F_CCA_RSA_SIGN,
 				CCA4758_R_ASN1_OID_UNKNOWN_FOR_MD);
 			return 0;
 			}
@@ -787,7 +799,7 @@ static int cca_rsa_sign(int type, const unsigned char *m, unsigned int m_len,
 
 	if (length - RSA_PKCS1_PADDING > keyLength)
 		{
-		CCA4758err(CCA4758_F_IBM_4758_CCA_SIGN,
+		CCA4758err(CCA4758_F_CCA_RSA_SIGN,
 			CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
 		return 0;
 		}
@@ -797,7 +809,7 @@ static int cca_rsa_sign(int type, const unsigned char *m, unsigned int m_len,
 		case NID_md5_sha1 :
 			if (m_len != SSL_SIG_LEN)
 				{
-				CCA4758err(CCA4758_F_IBM_4758_CCA_SIGN,
+				CCA4758err(CCA4758_F_CCA_RSA_SIGN,
 				CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
 				return 0;
 				}
@@ -811,7 +823,7 @@ static int cca_rsa_sign(int type, const unsigned char *m, unsigned int m_len,
 					(unsigned int)keyLength+1);
 			if (!hashBuffer)
 				{
-				CCA4758err(CCA4758_F_IBM_4758_CCA_VERIFY,
+				CCA4758err(CCA4758_F_CCA_RSA_SIGN,
 						ERR_R_MALLOC_FAILURE);
 				return 0;
 				}
@@ -825,7 +837,7 @@ static int cca_rsa_sign(int type, const unsigned char *m, unsigned int m_len,
 					(unsigned int)keyLength+1);
 			if (!hashBuffer)
 				{
-				CCA4758err(CCA4758_F_IBM_4758_CCA_VERIFY,
+				CCA4758err(CCA4758_F_CCA_RSA_SIGN,
 						ERR_R_MALLOC_FAILURE);
 				return 0;
 				}
@@ -947,18 +959,21 @@ static int cca_get_random_bytes(unsigned char* buf, int num)
 	return 1;
 	}
 
+#ifndef OPENSSL_NO_RSA
 static void cca_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad, int idx,
 		long argl, void *argp)
 	{
 	if (item)
 		OPENSSL_free(item);
 	}
+#endif
 
 /* Goo to handle building as a dynamic engine */
 #ifndef OPENSSL_NO_DYNAMIC_ENGINE 
 static int bind_fn(ENGINE *e, const char *id)
 	{
-	if(id && (strcmp(id, engine_4758_cca_id) != 0))
+	if(id && (strcmp(id, engine_4758_cca_id) != 0) &&
+			(strcmp(id, engine_4758_cca_id_alt) != 0))
 		return 0;
 	if(!bind_helper(e))
 		return 0;
diff --git a/engines/e_4758cca.ec b/engines/e_4758cca.ec
new file mode 100644
index 0000000000..f30ed02c05
--- /dev/null
+++ b/engines/e_4758cca.ec
@@ -0,0 +1 @@
+L CCA4758	e_4758cca_err.h		e_4758cca_err.c
diff --git a/engines/e_4758_cca_err.c b/engines/e_4758cca_err.c
index 12c6d2eeda..6ecdc6e627 100644
--- a/engines/e_4758_cca_err.c
+++ b/engines/e_4758cca_err.c
@@ -1,6 +1,6 @@
-/* hw_4758_cca_err.c */
+/* e_4758cca_err.c */
 /* ====================================================================
- * Copyright (c) 1999-2002 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -60,34 +60,38 @@
 
 #include <stdio.h>
 #include <openssl/err.h>
-#include "e_4758_cca_err.h"
+#include "e_4758cca_err.h"
 
 /* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
+
+#define ERR_FUNC(func) ERR_PACK(0,func,0)
+#define ERR_REASON(reason) ERR_PACK(0,0,reason)
+
 static ERR_STRING_DATA CCA4758_str_functs[]=
 	{
-{ERR_PACK(0,CCA4758_F_IBM_4758_CCA_CTRL,0),	"IBM_4758_CCA_CTRL"},
-{ERR_PACK(0,CCA4758_F_IBM_4758_CCA_FINISH,0),	"IBM_4758_CCA_FINISH"},
-{ERR_PACK(0,CCA4758_F_IBM_4758_CCA_INIT,0),	"IBM_4758_CCA_INIT"},
-{ERR_PACK(0,CCA4758_F_IBM_4758_CCA_LOAD_PRIVKEY,0),	"IBM_4758_CCA_LOAD_PRIVKEY"},
-{ERR_PACK(0,CCA4758_F_IBM_4758_CCA_LOAD_PUBKEY,0),	"IBM_4758_CCA_LOAD_PUBKEY"},
-{ERR_PACK(0,CCA4758_F_IBM_4758_CCA_SIGN,0),	"IBM_4758_CCA_SIGN"},
-{ERR_PACK(0,CCA4758_F_IBM_4758_CCA_VERIFY,0),	"IBM_4758_CCA_VERIFY"},
+{ERR_FUNC(CCA4758_F_CCA_RSA_SIGN),	"CCA_RSA_SIGN"},
+{ERR_FUNC(CCA4758_F_CCA_RSA_VERIFY),	"CCA_RSA_VERIFY"},
+{ERR_FUNC(CCA4758_F_IBM_4758_CCA_CTRL),	"IBM_4758_CCA_CTRL"},
+{ERR_FUNC(CCA4758_F_IBM_4758_CCA_FINISH),	"IBM_4758_CCA_FINISH"},
+{ERR_FUNC(CCA4758_F_IBM_4758_CCA_INIT),	"IBM_4758_CCA_INIT"},
+{ERR_FUNC(CCA4758_F_IBM_4758_LOAD_PRIVKEY),	"IBM_4758_LOAD_PRIVKEY"},
+{ERR_FUNC(CCA4758_F_IBM_4758_LOAD_PUBKEY),	"IBM_4758_LOAD_PUBKEY"},
 {0,NULL}
 	};
 
 static ERR_STRING_DATA CCA4758_str_reasons[]=
 	{
-{CCA4758_R_ALREADY_LOADED                ,"already loaded"},
-{CCA4758_R_ASN1_OID_UNKNOWN_FOR_MD       ,"asn1 oid unknown for md"},
-{CCA4758_R_COMMAND_NOT_IMPLEMENTED       ,"command not implemented"},
-{CCA4758_R_DSO_FAILURE                   ,"dso failure"},
-{CCA4758_R_FAILED_LOADING_PRIVATE_KEY    ,"failed loading private key"},
-{CCA4758_R_FAILED_LOADING_PUBLIC_KEY     ,"failed loading public key"},
-{CCA4758_R_NOT_LOADED                    ,"not loaded"},
-{CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL   ,"size too large or too small"},
-{CCA4758_R_UNIT_FAILURE                  ,"unit failure"},
-{CCA4758_R_UNKNOWN_ALGORITHM_TYPE        ,"unknown algorithm type"},
+{ERR_REASON(CCA4758_R_ALREADY_LOADED)    ,"already loaded"},
+{ERR_REASON(CCA4758_R_ASN1_OID_UNKNOWN_FOR_MD),"asn1 oid unknown for md"},
+{ERR_REASON(CCA4758_R_COMMAND_NOT_IMPLEMENTED),"command not implemented"},
+{ERR_REASON(CCA4758_R_DSO_FAILURE)       ,"dso failure"},
+{ERR_REASON(CCA4758_R_FAILED_LOADING_PRIVATE_KEY),"failed loading private key"},
+{ERR_REASON(CCA4758_R_FAILED_LOADING_PUBLIC_KEY),"failed loading public key"},
+{ERR_REASON(CCA4758_R_NOT_LOADED)        ,"not loaded"},
+{ERR_REASON(CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL),"size too large or too small"},
+{ERR_REASON(CCA4758_R_UNIT_FAILURE)      ,"unit failure"},
+{ERR_REASON(CCA4758_R_UNKNOWN_ALGORITHM_TYPE),"unknown algorithm type"},
 {0,NULL}
 	};
 
diff --git a/engines/e_4758_cca_err.h b/engines/e_4758cca_err.h
index 2fc563ab11..26087edbfa 100644
--- a/engines/e_4758_cca_err.h
+++ b/engines/e_4758cca_err.h
@@ -55,6 +55,10 @@
 #ifndef HEADER_CCA4758_ERR_H
 #define HEADER_CCA4758_ERR_H
 
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
 /* BEGIN ERROR CODES */
 /* The following lines are auto generated by the script mkerr.pl. Any changes
  * made after this point may be overwritten when the script is next run.
@@ -67,13 +71,13 @@ static void ERR_CCA4758_error(int function, int reason, char *file, int line);
 /* Error codes for the CCA4758 functions. */
 
 /* Function codes. */
+#define CCA4758_F_CCA_RSA_SIGN				 105
+#define CCA4758_F_CCA_RSA_VERIFY			 106
 #define CCA4758_F_IBM_4758_CCA_CTRL			 100
 #define CCA4758_F_IBM_4758_CCA_FINISH			 101
 #define CCA4758_F_IBM_4758_CCA_INIT			 102
-#define CCA4758_F_IBM_4758_CCA_LOAD_PRIVKEY		 103
-#define CCA4758_F_IBM_4758_CCA_LOAD_PUBKEY		 104
-#define CCA4758_F_IBM_4758_CCA_SIGN			 105
-#define CCA4758_F_IBM_4758_CCA_VERIFY			 106
+#define CCA4758_F_IBM_4758_LOAD_PRIVKEY			 103
+#define CCA4758_F_IBM_4758_LOAD_PUBKEY			 104
 
 /* Reason codes. */
 #define CCA4758_R_ALREADY_LOADED			 100
diff --git a/engines/e_aep.c b/engines/e_aep.c
index d3a3ec6e1f..742b4f9b18 100644
--- a/engines/e_aep.c
+++ b/engines/e_aep.c
@@ -57,7 +57,7 @@
 #include <string.h>
 
 #include <openssl/e_os2.h>
-#if !defined(OPENSSL_SYS_MSDOS) || defined(__DJGPP__)
+#if !defined(OPENSSL_SYS_MSDOS) || defined(__DJGPP__) || defined(__MINGW32__)
 #include <sys/types.h>
 #include <unistd.h>
 #else
@@ -65,13 +65,24 @@
 typedef int pid_t;
 #endif
 
+#if defined(OPENSSL_SYS_NETWARE) && defined(NETWARE_CLIB)
+#define getpid GetThreadID
+extern int GetThreadID(void);
+#endif
+
 #include <openssl/crypto.h>
 #include <openssl/dso.h>
 #include <openssl/engine.h>
 #include <openssl/buffer.h>
+#ifndef OPENSSL_NO_RSA
 #include <openssl/rsa.h>
+#endif
+#ifndef OPENSSL_NO_DSA
 #include <openssl/dsa.h>
+#endif
+#ifndef OPENSSL_NO_DH
 #include <openssl/dh.h>
+#endif
 #include <openssl/bn.h>
 
 #ifndef OPENSSL_NO_HW
@@ -98,12 +109,14 @@ static AEP_RV aep_close_connection(AEP_CONNECTION_HNDL hConnection);
 static AEP_RV aep_close_all_connections(int use_engine_lock, int *in_use);
 
 /* BIGNUM stuff */
+#ifndef OPENSSL_NO_RSA
 static int aep_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 	const BIGNUM *m, BN_CTX *ctx);
 
 static AEP_RV aep_mod_exp_crt(BIGNUM *r,const  BIGNUM *a, const BIGNUM *p,
 	const BIGNUM *q, const BIGNUM *dmp1,const BIGNUM *dmq1,
 	const BIGNUM *iqmp, BN_CTX *ctx);
+#endif
 
 /* RSA stuff */
 #ifndef OPENSSL_NO_RSA
@@ -111,8 +124,10 @@ static int aep_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx);
 #endif
 
 /* This function is aliased to mod_exp (with the mont stuff dropped). */
+#ifndef OPENSSL_NO_RSA
 static int aep_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 	const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+#endif
 
 /* DSA stuff */
 #ifndef OPENSSL_NO_DSA
@@ -479,6 +494,7 @@ static int aep_init(ENGINE *e)
 
 	if(aep_dso)
 		DSO_free(aep_dso);
+	aep_dso = NULL;
 		
 	p_AEP_OpenConnection    = NULL;
 	p_AEP_ModExp            = NULL;
@@ -620,7 +636,7 @@ static int aep_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 	rv = aep_return_connection(hConnection);
 	if (rv != AEP_R_OK)
 		{
-		AEPHKerr(AEPHK_F_AEP_RAND,AEPHK_R_RETURN_CONNECTION_FAILED); 
+		AEPHKerr(AEPHK_F_AEP_MOD_EXP,AEPHK_R_RETURN_CONNECTION_FAILED); 
 		goto err;
 		}
 
@@ -629,6 +645,7 @@ static int aep_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 	return to_return;
 	}
 	
+#ifndef OPENSSL_NO_RSA
 static AEP_RV aep_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 	const BIGNUM *q, const BIGNUM *dmp1,
 	const BIGNUM *dmq1,const BIGNUM *iqmp, BN_CTX *ctx)
@@ -658,13 +675,14 @@ static AEP_RV aep_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 	rv = aep_return_connection(hConnection);
 	if (rv != AEP_R_OK)
 		{
-		AEPHKerr(AEPHK_F_AEP_RAND,AEPHK_R_RETURN_CONNECTION_FAILED); 
+		AEPHKerr(AEPHK_F_AEP_MOD_EXP_CRT,AEPHK_R_RETURN_CONNECTION_FAILED); 
 		goto err;
 		}
  
  err:
 	return rv;
 	}
+#endif
 	
 
 #ifdef AEPRAND
@@ -820,12 +838,14 @@ static int aep_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a,
 	}
 #endif
 
+#ifndef OPENSSL_NO_RSA
 /* This function is aliased to mod_exp (with the mont stuff dropped). */
 static int aep_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 	const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
 	{
 	return aep_mod_exp(r, a, p, m, ctx);
 	}
+#endif
 
 #ifndef OPENSSL_NO_DH
 /* This function is aliased to mod_exp (with the dh and mont dropped). */
@@ -847,10 +867,12 @@ static AEP_RV aep_get_connection(AEP_CONNECTION_HNDL_PTR phConnection)
 
 	CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
 
-#ifndef NETWARE_CLIB
-	curr_pid = getpid();
-#else
+#ifdef NETWARE_CLIB
 	curr_pid = GetThreadID();
+#elif defined(_WIN32)
+	curr_pid = _getpid();
+#else
+	curr_pid = getpid();
 #endif
 
 	/*Check if this is the first time this is being called from the current
diff --git a/engines/e_aep_err.c b/engines/e_aep_err.c
index 3a0e72463c..3f95881cab 100644
--- a/engines/e_aep_err.c
+++ b/engines/e_aep_err.c
@@ -1,6 +1,6 @@
-/* hw_aep_err.c */
+/* e_aep_err.c */
 /* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -64,38 +64,42 @@
 
 /* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
+
+#define ERR_FUNC(func) ERR_PACK(0,func,0)
+#define ERR_REASON(reason) ERR_PACK(0,0,reason)
+
 static ERR_STRING_DATA AEPHK_str_functs[]=
 	{
-{ERR_PACK(0,AEPHK_F_AEP_CTRL,0),	"AEP_CTRL"},
-{ERR_PACK(0,AEPHK_F_AEP_FINISH,0),	"AEP_FINISH"},
-{ERR_PACK(0,AEPHK_F_AEP_GET_CONNECTION,0),	"AEP_GET_CONNECTION"},
-{ERR_PACK(0,AEPHK_F_AEP_INIT,0),	"AEP_INIT"},
-{ERR_PACK(0,AEPHK_F_AEP_MOD_EXP,0),	"AEP_MOD_EXP"},
-{ERR_PACK(0,AEPHK_F_AEP_MOD_EXP_CRT,0),	"AEP_MOD_EXP_CRT"},
-{ERR_PACK(0,AEPHK_F_AEP_RAND,0),	"AEP_RAND"},
-{ERR_PACK(0,AEPHK_F_AEP_RSA_MOD_EXP,0),	"AEP_RSA_MOD_EXP"},
+{ERR_FUNC(AEPHK_F_AEP_CTRL),	"AEP_CTRL"},
+{ERR_FUNC(AEPHK_F_AEP_FINISH),	"AEP_FINISH"},
+{ERR_FUNC(AEPHK_F_AEP_GET_CONNECTION),	"AEP_GET_CONNECTION"},
+{ERR_FUNC(AEPHK_F_AEP_INIT),	"AEP_INIT"},
+{ERR_FUNC(AEPHK_F_AEP_MOD_EXP),	"AEP_MOD_EXP"},
+{ERR_FUNC(AEPHK_F_AEP_MOD_EXP_CRT),	"AEP_MOD_EXP_CRT"},
+{ERR_FUNC(AEPHK_F_AEP_RAND),	"AEP_RAND"},
+{ERR_FUNC(AEPHK_F_AEP_RSA_MOD_EXP),	"AEP_RSA_MOD_EXP"},
 {0,NULL}
 	};
 
 static ERR_STRING_DATA AEPHK_str_reasons[]=
 	{
-{AEPHK_R_ALREADY_LOADED                  ,"already loaded"},
-{AEPHK_R_CLOSE_HANDLES_FAILED            ,"close handles failed"},
-{AEPHK_R_CONNECTIONS_IN_USE              ,"connections in use"},
-{AEPHK_R_CTRL_COMMAND_NOT_IMPLEMENTED    ,"ctrl command not implemented"},
-{AEPHK_R_FINALIZE_FAILED                 ,"finalize failed"},
-{AEPHK_R_GET_HANDLE_FAILED               ,"get handle failed"},
-{AEPHK_R_GET_RANDOM_FAILED               ,"get random failed"},
-{AEPHK_R_INIT_FAILURE                    ,"init failure"},
-{AEPHK_R_MISSING_KEY_COMPONENTS          ,"missing key components"},
-{AEPHK_R_MOD_EXP_CRT_FAILED              ,"mod exp crt failed"},
-{AEPHK_R_MOD_EXP_FAILED                  ,"mod exp failed"},
-{AEPHK_R_NOT_LOADED                      ,"not loaded"},
-{AEPHK_R_OK                              ,"ok"},
-{AEPHK_R_RETURN_CONNECTION_FAILED        ,"return connection failed"},
-{AEPHK_R_SETBNCALLBACK_FAILURE           ,"setbncallback failure"},
-{AEPHK_R_SIZE_TOO_LARGE_OR_TOO_SMALL     ,"size too large or too small"},
-{AEPHK_R_UNIT_FAILURE                    ,"unit failure"},
+{ERR_REASON(AEPHK_R_ALREADY_LOADED)      ,"already loaded"},
+{ERR_REASON(AEPHK_R_CLOSE_HANDLES_FAILED),"close handles failed"},
+{ERR_REASON(AEPHK_R_CONNECTIONS_IN_USE)  ,"connections in use"},
+{ERR_REASON(AEPHK_R_CTRL_COMMAND_NOT_IMPLEMENTED),"ctrl command not implemented"},
+{ERR_REASON(AEPHK_R_FINALIZE_FAILED)     ,"finalize failed"},
+{ERR_REASON(AEPHK_R_GET_HANDLE_FAILED)   ,"get handle failed"},
+{ERR_REASON(AEPHK_R_GET_RANDOM_FAILED)   ,"get random failed"},
+{ERR_REASON(AEPHK_R_INIT_FAILURE)        ,"init failure"},
+{ERR_REASON(AEPHK_R_MISSING_KEY_COMPONENTS),"missing key components"},
+{ERR_REASON(AEPHK_R_MOD_EXP_CRT_FAILED)  ,"mod exp crt failed"},
+{ERR_REASON(AEPHK_R_MOD_EXP_FAILED)      ,"mod exp failed"},
+{ERR_REASON(AEPHK_R_NOT_LOADED)          ,"not loaded"},
+{ERR_REASON(AEPHK_R_OK)                  ,"ok"},
+{ERR_REASON(AEPHK_R_RETURN_CONNECTION_FAILED),"return connection failed"},
+{ERR_REASON(AEPHK_R_SETBNCALLBACK_FAILURE),"setbncallback failure"},
+{ERR_REASON(AEPHK_R_SIZE_TOO_LARGE_OR_TOO_SMALL),"size too large or too small"},
+{ERR_REASON(AEPHK_R_UNIT_FAILURE)        ,"unit failure"},
 {0,NULL}
 	};
 
diff --git a/engines/e_aep_err.h b/engines/e_aep_err.h
index 8fe4cf921f..35b2e74260 100644
--- a/engines/e_aep_err.h
+++ b/engines/e_aep_err.h
@@ -55,6 +55,10 @@
 #ifndef HEADER_AEPHK_ERR_H
 #define HEADER_AEPHK_ERR_H
 
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
 /* BEGIN ERROR CODES */
 /* The following lines are auto generated by the script mkerr.pl. Any changes
  * made after this point may be overwritten when the script is next run.
diff --git a/engines/e_atalla.c b/engines/e_atalla.c
index a5cf6aa885..fabaa86a52 100644
--- a/engines/e_atalla.c
+++ b/engines/e_atalla.c
@@ -62,9 +62,15 @@
 #include <openssl/buffer.h>
 #include <openssl/dso.h>
 #include <openssl/engine.h>
+#ifndef OPENSSL_NO_RSA
 #include <openssl/rsa.h>
+#endif
+#ifndef OPENSSL_NO_DSA
 #include <openssl/dsa.h>
+#endif
+#ifndef OPENSSL_NO_DH
 #include <openssl/dh.h>
+#endif
 #include <openssl/bn.h>
 
 #ifndef OPENSSL_NO_HW
@@ -91,10 +97,10 @@ static int atalla_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 #ifndef OPENSSL_NO_RSA
 /* RSA stuff */
 static int atalla_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx);
-#endif
 /* This function is aliased to mod_exp (with the mont stuff dropped). */
 static int atalla_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 		const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+#endif
 
 #ifndef OPENSSL_NO_DSA
 /* DSA stuff */
@@ -384,6 +390,7 @@ static int atalla_init(ENGINE *e)
 err:
 	if(atalla_dso)
 		DSO_free(atalla_dso);
+	atalla_dso = NULL;
 	p_Atalla_GetHardwareConfig = NULL;
 	p_Atalla_RSAPrivateKeyOpFn = NULL;
 	p_Atalla_GetPerformanceStatistics = NULL;
@@ -562,12 +569,14 @@ static int atalla_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a,
 	}
 #endif
 
+#ifndef OPENSSL_NO_RSA
 /* This function is aliased to mod_exp (with the mont stuff dropped). */
 static int atalla_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 		const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
 	{
 	return atalla_mod_exp(r, a, p, m, ctx);
 	}
+#endif
 
 #ifndef OPENSSL_NO_DH
 /* This function is aliased to mod_exp (with the dh and mont dropped). */
diff --git a/engines/e_atalla_err.c b/engines/e_atalla_err.c
index 94f637a613..fd3e0049ce 100644
--- a/engines/e_atalla_err.c
+++ b/engines/e_atalla_err.c
@@ -1,6 +1,6 @@
-/* hw_atalla_err.c */
+/* e_atalla_err.c */
 /* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -64,26 +64,30 @@
 
 /* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
+
+#define ERR_FUNC(func) ERR_PACK(0,func,0)
+#define ERR_REASON(reason) ERR_PACK(0,0,reason)
+
 static ERR_STRING_DATA ATALLA_str_functs[]=
 	{
-{ERR_PACK(0,ATALLA_F_ATALLA_CTRL,0),	"ATALLA_CTRL"},
-{ERR_PACK(0,ATALLA_F_ATALLA_FINISH,0),	"ATALLA_FINISH"},
-{ERR_PACK(0,ATALLA_F_ATALLA_INIT,0),	"ATALLA_INIT"},
-{ERR_PACK(0,ATALLA_F_ATALLA_MOD_EXP,0),	"ATALLA_MOD_EXP"},
-{ERR_PACK(0,ATALLA_F_ATALLA_RSA_MOD_EXP,0),	"ATALLA_RSA_MOD_EXP"},
+{ERR_FUNC(ATALLA_F_ATALLA_CTRL),	"ATALLA_CTRL"},
+{ERR_FUNC(ATALLA_F_ATALLA_FINISH),	"ATALLA_FINISH"},
+{ERR_FUNC(ATALLA_F_ATALLA_INIT),	"ATALLA_INIT"},
+{ERR_FUNC(ATALLA_F_ATALLA_MOD_EXP),	"ATALLA_MOD_EXP"},
+{ERR_FUNC(ATALLA_F_ATALLA_RSA_MOD_EXP),	"ATALLA_RSA_MOD_EXP"},
 {0,NULL}
 	};
 
 static ERR_STRING_DATA ATALLA_str_reasons[]=
 	{
-{ATALLA_R_ALREADY_LOADED                 ,"already loaded"},
-{ATALLA_R_BN_CTX_FULL                    ,"bn ctx full"},
-{ATALLA_R_BN_EXPAND_FAIL                 ,"bn expand fail"},
-{ATALLA_R_CTRL_COMMAND_NOT_IMPLEMENTED   ,"ctrl command not implemented"},
-{ATALLA_R_MISSING_KEY_COMPONENTS         ,"missing key components"},
-{ATALLA_R_NOT_LOADED                     ,"not loaded"},
-{ATALLA_R_REQUEST_FAILED                 ,"request failed"},
-{ATALLA_R_UNIT_FAILURE                   ,"unit failure"},
+{ERR_REASON(ATALLA_R_ALREADY_LOADED)     ,"already loaded"},
+{ERR_REASON(ATALLA_R_BN_CTX_FULL)        ,"bn ctx full"},
+{ERR_REASON(ATALLA_R_BN_EXPAND_FAIL)     ,"bn expand fail"},
+{ERR_REASON(ATALLA_R_CTRL_COMMAND_NOT_IMPLEMENTED),"ctrl command not implemented"},
+{ERR_REASON(ATALLA_R_MISSING_KEY_COMPONENTS),"missing key components"},
+{ERR_REASON(ATALLA_R_NOT_LOADED)         ,"not loaded"},
+{ERR_REASON(ATALLA_R_REQUEST_FAILED)     ,"request failed"},
+{ERR_REASON(ATALLA_R_UNIT_FAILURE)       ,"unit failure"},
 {0,NULL}
 	};
 
diff --git a/engines/e_atalla_err.h b/engines/e_atalla_err.h
index cdac052d8c..36e09bf42f 100644
--- a/engines/e_atalla_err.h
+++ b/engines/e_atalla_err.h
@@ -55,6 +55,10 @@
 #ifndef HEADER_ATALLA_ERR_H
 #define HEADER_ATALLA_ERR_H
 
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
 /* BEGIN ERROR CODES */
 /* The following lines are auto generated by the script mkerr.pl. Any changes
  * made after this point may be overwritten when the script is next run.
diff --git a/engines/e_capi.c b/engines/e_capi.c
new file mode 100644
index 0000000000..8da67982b0
--- /dev/null
+++ b/engines/e_capi.c
@@ -0,0 +1,1812 @@
+/* engines/e_capi.c */
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project.
+ */
+/* ====================================================================
+ * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+
+#include <stdio.h>
+#include <string.h>
+#include <openssl/crypto.h>
+#include <openssl/buffer.h>
+#include <openssl/bn.h>
+
+#ifdef OPENSSL_SYS_WIN32
+#ifndef OPENSSL_NO_CAPIENG
+
+#include <openssl/rsa.h>
+
+#include <windows.h>
+
+#ifndef _WIN32_WINNT
+#define _WIN32_WINNT 0x0400
+#endif
+
+#include <wincrypt.h>
+
+/*
+ * This module uses several "new" interfaces, among which is
+ * CertGetCertificateContextProperty. CERT_KEY_PROV_INFO_PROP_ID is
+ * one of possible values you can pass to function in question. By
+ * checking if it's defined we can see if wincrypt.h and accompanying
+ * crypt32.lib are in shape. Yes, it's rather "weak" test and if
+ * compilation fails, then re-configure with -DOPENSSL_NO_CAPIENG.
+ */
+#ifdef CERT_KEY_PROV_INFO_PROP_ID
+# define __COMPILE_CAPIENG
+#endif /* CERT_KEY_PROV_INFO_PROP_ID */
+#endif /* OPENSSL_NO_CAPIENG */
+#endif /* OPENSSL_SYS_WIN32 */
+
+#ifdef __COMPILE_CAPIENG
+
+#undef X509_EXTENSIONS
+#undef X509_CERT_PAIR
+
+/* Definitions which may be missing from earlier version of headers */
+#ifndef CERT_STORE_OPEN_EXISTING_FLAG
+#define CERT_STORE_OPEN_EXISTING_FLAG                   0x00004000
+#endif
+
+#ifndef CERT_STORE_CREATE_NEW_FLAG
+#define CERT_STORE_CREATE_NEW_FLAG                      0x00002000
+#endif
+
+#include <openssl/engine.h>
+#include <openssl/pem.h>
+#include <openssl/x509v3.h>
+
+#include "e_capi_err.h"
+#include "e_capi_err.c"
+
+
+static const char *engine_capi_id = "capi";
+static const char *engine_capi_name = "CryptoAPI ENGINE";
+
+typedef struct CAPI_CTX_st CAPI_CTX;
+typedef struct CAPI_KEY_st CAPI_KEY;
+
+static void capi_addlasterror(void);
+static void capi_adderror(DWORD err);
+
+static void CAPI_trace(CAPI_CTX *ctx, char *format, ...);
+
+static int capi_list_providers(CAPI_CTX *ctx, BIO *out);
+static int capi_list_containers(CAPI_CTX *ctx, BIO *out);
+int capi_list_certs(CAPI_CTX *ctx, BIO *out, char *storename);
+void capi_free_key(CAPI_KEY *key);
+
+static PCCERT_CONTEXT capi_find_cert(CAPI_CTX *ctx, const char *id, HCERTSTORE hstore);
+
+CAPI_KEY *capi_find_key(CAPI_CTX *ctx, const char *id);
+
+static EVP_PKEY *capi_load_privkey(ENGINE *eng, const char *key_id,
+	UI_METHOD *ui_method, void *callback_data);
+static int capi_rsa_sign(int dtype, const unsigned char *m, unsigned int m_len,
+             unsigned char *sigret, unsigned int *siglen, const RSA *rsa);
+static int capi_rsa_priv_enc(int flen, const unsigned char *from,
+                unsigned char *to, RSA *rsa, int padding);
+static int capi_rsa_priv_dec(int flen, const unsigned char *from,
+                unsigned char *to, RSA *rsa, int padding);
+static int capi_rsa_free(RSA *rsa);
+
+static DSA_SIG *capi_dsa_do_sign(const unsigned char *digest, int dlen,
+							DSA *dsa);
+static int capi_dsa_free(DSA *dsa);
+
+static int capi_load_ssl_client_cert(ENGINE *e, SSL *ssl,
+	STACK_OF(X509_NAME) *ca_dn, X509 **pcert, EVP_PKEY **pkey,
+	STACK_OF(X509) **pother, UI_METHOD *ui_method, void *callback_data);
+
+static int cert_select_simple(ENGINE *e, SSL *ssl, STACK_OF(X509) *certs);
+#ifdef OPENSSL_CAPIENG_DIALOG
+static int cert_select_dialog(ENGINE *e, SSL *ssl, STACK_OF(X509) *certs);
+#endif
+
+typedef PCCERT_CONTEXT (WINAPI *CERTDLG)(HCERTSTORE, HWND, LPCWSTR,
+						LPCWSTR, DWORD, DWORD,
+						void *);
+typedef HWND (WINAPI *GETCONSWIN)(void);
+
+/* This structure contains CAPI ENGINE specific data:
+ * it contains various global options and affects how
+ * other functions behave.
+ */
+
+#define CAPI_DBG_TRACE	2
+#define CAPI_DBG_ERROR	1
+
+struct CAPI_CTX_st {
+	int debug_level;
+	char *debug_file;
+	/* Parameters to use for container lookup */
+	DWORD keytype;
+	LPSTR cspname;
+	DWORD csptype;
+	/* Certificate store name to use */
+	LPSTR storename;
+	LPSTR ssl_client_store;
+	/* System store flags */
+	DWORD store_flags;
+
+/* Lookup string meanings in load_private_key */
+/* Substring of subject: uses "storename" */
+#define CAPI_LU_SUBSTR		1
+/* Friendly name: uses storename */
+#define CAPI_LU_FNAME		2
+/* Container name: uses cspname, keytype */
+#define CAPI_LU_CONTNAME	3
+	int lookup_method;
+/* Info to dump with dumpcerts option */
+/* Issuer and serial name strings */
+#define CAPI_DMP_SUMMARY	0x1
+/* Friendly name */
+#define CAPI_DMP_FNAME		0x2
+/* Full X509_print dump */
+#define CAPI_DMP_FULL		0x4
+/* Dump PEM format certificate */
+#define CAPI_DMP_PEM		0x8
+/* Dump pseudo key (if possible) */
+#define CAPI_DMP_PSKEY		0x10
+/* Dump key info (if possible) */
+#define CAPI_DMP_PKEYINFO	0x20
+
+	DWORD dump_flags;
+	int (*client_cert_select)(ENGINE *e, SSL *ssl, STACK_OF(X509) *certs);
+
+	CERTDLG certselectdlg;
+	GETCONSWIN getconswindow;
+};
+
+
+static CAPI_CTX *capi_ctx_new();
+static void capi_ctx_free(CAPI_CTX *ctx);
+static int capi_ctx_set_provname(CAPI_CTX *ctx, LPSTR pname, DWORD type, int check);
+static int capi_ctx_set_provname_idx(CAPI_CTX *ctx, int idx);
+
+#define CAPI_CMD_LIST_CERTS		ENGINE_CMD_BASE
+#define CAPI_CMD_LOOKUP_CERT		(ENGINE_CMD_BASE + 1)
+#define CAPI_CMD_DEBUG_LEVEL		(ENGINE_CMD_BASE + 2)
+#define CAPI_CMD_DEBUG_FILE		(ENGINE_CMD_BASE + 3)
+#define CAPI_CMD_KEYTYPE		(ENGINE_CMD_BASE + 4)
+#define CAPI_CMD_LIST_CSPS		(ENGINE_CMD_BASE + 5)
+#define CAPI_CMD_SET_CSP_IDX		(ENGINE_CMD_BASE + 6)
+#define CAPI_CMD_SET_CSP_NAME		(ENGINE_CMD_BASE + 7)
+#define CAPI_CMD_SET_CSP_TYPE		(ENGINE_CMD_BASE + 8)
+#define CAPI_CMD_LIST_CONTAINERS	(ENGINE_CMD_BASE + 9)
+#define CAPI_CMD_LIST_OPTIONS		(ENGINE_CMD_BASE + 10)
+#define CAPI_CMD_LOOKUP_METHOD		(ENGINE_CMD_BASE + 11)
+#define CAPI_CMD_STORE_NAME		(ENGINE_CMD_BASE + 12)
+#define CAPI_CMD_STORE_FLAGS		(ENGINE_CMD_BASE + 13)
+
+static const ENGINE_CMD_DEFN capi_cmd_defns[] = {
+	{CAPI_CMD_LIST_CERTS,
+		"list_certs",
+		"List all certificates in store",
+		ENGINE_CMD_FLAG_NO_INPUT},
+	{CAPI_CMD_LOOKUP_CERT,
+		"lookup_cert",
+		"Lookup and output certificates",
+		ENGINE_CMD_FLAG_STRING},
+	{CAPI_CMD_DEBUG_LEVEL,
+		"debug_level",
+		"debug level (1=errors, 2=trace)",
+		ENGINE_CMD_FLAG_NUMERIC},
+	{CAPI_CMD_DEBUG_FILE,
+		"debug_file",
+		"debugging filename)",
+		ENGINE_CMD_FLAG_STRING},
+	{CAPI_CMD_KEYTYPE,
+		"key_type",
+		"Key type: 1=AT_KEYEXCHANGE (default), 2=AT_SIGNATURE",
+		ENGINE_CMD_FLAG_NUMERIC},
+	{CAPI_CMD_LIST_CSPS,
+		"list_csps",
+		"List all CSPs",
+		ENGINE_CMD_FLAG_NO_INPUT},
+	{CAPI_CMD_SET_CSP_IDX,
+		"csp_idx",
+		"Set CSP by index",
+		ENGINE_CMD_FLAG_NUMERIC},
+	{CAPI_CMD_SET_CSP_NAME,
+		"csp_name",
+		"Set CSP name, (default CSP used if not specified)",
+		ENGINE_CMD_FLAG_STRING},
+	{CAPI_CMD_SET_CSP_TYPE,
+		"csp_type",
+		"Set CSP type, (default RSA_PROV_FULL)",
+		ENGINE_CMD_FLAG_NUMERIC},
+	{CAPI_CMD_LIST_CONTAINERS,
+		"list_containers",
+		"list container names",
+		ENGINE_CMD_FLAG_NO_INPUT},
+	{CAPI_CMD_LIST_OPTIONS,
+		"list_options",
+		"Set list options (1=summary,2=friendly name, 4=full printout, 8=PEM output, 16=XXX, "
+		"32=private key info)",
+		ENGINE_CMD_FLAG_NUMERIC},
+	{CAPI_CMD_LOOKUP_METHOD,
+		"lookup_method",
+		"Set key lookup method (1=substring, 2=friendlyname, 3=container name)",
+		ENGINE_CMD_FLAG_NUMERIC},
+	{CAPI_CMD_STORE_NAME,
+		"store_name",
+		"certificate store name, default \"MY\"",
+		ENGINE_CMD_FLAG_STRING},
+	{CAPI_CMD_STORE_FLAGS,
+		"store_flags",
+		"Certificate store flags: 1 = system store",
+		ENGINE_CMD_FLAG_NUMERIC},
+
+	{0, NULL, NULL, 0}
+	};
+
+static int capi_idx = -1;
+static int rsa_capi_idx = -1;
+static int dsa_capi_idx = -1;
+static int cert_capi_idx = -1;
+
+static int capi_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void))
+	{
+	int ret = 1;
+	CAPI_CTX *ctx;
+	BIO *out;
+	if (capi_idx == -1)
+		{
+		CAPIerr(CAPI_F_CAPI_CTRL, CAPI_R_ENGINE_NOT_INITIALIZED);
+		return 0;
+		}
+	ctx = ENGINE_get_ex_data(e, capi_idx);
+	out = BIO_new_fp(stdout, BIO_NOCLOSE);
+	switch (cmd)
+		{
+		case CAPI_CMD_LIST_CSPS:
+		ret = capi_list_providers(ctx, out);
+		break;
+
+		case CAPI_CMD_LIST_CERTS:
+		ret = capi_list_certs(ctx, out, NULL);
+		break;
+
+		case CAPI_CMD_LOOKUP_CERT:
+		ret = capi_list_certs(ctx, out, p);
+		break;
+
+		case CAPI_CMD_LIST_CONTAINERS:
+		ret = capi_list_containers(ctx, out);
+		break;
+
+		case CAPI_CMD_STORE_NAME:
+		if (ctx->storename)
+			OPENSSL_free(ctx->storename);
+		ctx->storename = BUF_strdup(p);
+		CAPI_trace(ctx, "Setting store name to %s\n", p);
+		break;
+
+		case CAPI_CMD_STORE_FLAGS:
+		if (i & 1)
+			{
+			ctx->store_flags |= CERT_SYSTEM_STORE_LOCAL_MACHINE;
+			ctx->store_flags &= ~CERT_SYSTEM_STORE_CURRENT_USER;
+			}
+		else
+			{
+			ctx->store_flags |= CERT_SYSTEM_STORE_CURRENT_USER;
+			ctx->store_flags &= ~CERT_SYSTEM_STORE_LOCAL_MACHINE;
+			}
+		CAPI_trace(ctx, "Setting flags to %d\n", i);
+		break;
+
+		case CAPI_CMD_DEBUG_LEVEL:
+		ctx->debug_level = (int)i;
+		CAPI_trace(ctx, "Setting debug level to %d\n", ctx->debug_level);
+		break;
+
+		case CAPI_CMD_DEBUG_FILE:
+		ctx->debug_file = BUF_strdup(p);
+		CAPI_trace(ctx, "Setting debug file to %s\n", ctx->debug_file);
+		break;
+
+		case CAPI_CMD_KEYTYPE:
+		ctx->keytype = i;
+		CAPI_trace(ctx, "Setting key type to %d\n", ctx->keytype);
+		break;
+
+		case CAPI_CMD_SET_CSP_IDX:
+		ret = capi_ctx_set_provname_idx(ctx, i);
+		break;
+
+		case CAPI_CMD_LIST_OPTIONS:
+		ctx->dump_flags = i;
+		break;
+
+		case CAPI_CMD_LOOKUP_METHOD:
+		if (i < 1 || i > 3)
+			{
+			CAPIerr(CAPI_F_CAPI_CTRL, CAPI_R_INVALID_LOOKUP_METHOD);
+			return 0;
+			}
+		ctx->lookup_method = i;
+		break;
+
+		case CAPI_CMD_SET_CSP_NAME:
+		ret = capi_ctx_set_provname(ctx, p, ctx->csptype, 1);
+		break;
+
+		case CAPI_CMD_SET_CSP_TYPE:
+		ctx->csptype = i;
+		break;
+
+		default:
+		CAPIerr(CAPI_F_CAPI_CTRL, CAPI_R_UNKNOWN_COMMAND);
+		ret = 0;
+	}
+
+	BIO_free(out);
+	return ret;
+
+	}
+
+static RSA_METHOD capi_rsa_method =
+	{
+	"CryptoAPI RSA method",
+	0,				/* pub_enc */
+	0,				/* pub_dec */
+	capi_rsa_priv_enc,		/* priv_enc */
+	capi_rsa_priv_dec,		/* priv_dec */
+	0,				/* rsa_mod_exp */
+	0,				/* bn_mod_exp */
+	0,				/* init	*/
+	capi_rsa_free,			/* finish */
+	RSA_FLAG_SIGN_VER, 		/* flags */
+	NULL,				/* app_data */
+	capi_rsa_sign,			/* rsa_sign */
+	0				/* rsa_verify */
+	};
+
+static DSA_METHOD capi_dsa_method =
+	{
+	"CryptoAPI DSA method",
+	capi_dsa_do_sign,		/* dsa_do_sign */
+	0,				/* dsa_sign_setup */
+	0,				/* dsa_do_verify */
+	0,				/* dsa_mod_exp */
+	0,				/* bn_mod_exp */
+	0,				/* init	*/
+	capi_dsa_free,			/* finish */
+	0, 				/* flags */
+	NULL,				/* app_data */
+	0,				/* dsa_paramgen */
+	0				/* dsa_keygen */
+	};
+
+static int capi_init(ENGINE *e)
+	{
+	CAPI_CTX *ctx;
+	const RSA_METHOD *ossl_rsa_meth;
+	const DSA_METHOD *ossl_dsa_meth;
+	capi_idx = ENGINE_get_ex_new_index(0, NULL, NULL, NULL, 0);
+	cert_capi_idx = X509_get_ex_new_index(0, NULL, NULL, NULL, 0);
+
+	ctx = capi_ctx_new();
+	if (!ctx || (capi_idx < 0))
+		goto memerr;
+
+	ENGINE_set_ex_data(e, capi_idx, ctx);
+	/* Setup RSA_METHOD */
+	rsa_capi_idx = RSA_get_ex_new_index(0, NULL, NULL, NULL, 0);
+	ossl_rsa_meth = RSA_PKCS1_SSLeay();
+	capi_rsa_method.rsa_pub_enc = ossl_rsa_meth->rsa_pub_enc;
+	capi_rsa_method.rsa_pub_dec = ossl_rsa_meth->rsa_pub_dec;
+	capi_rsa_method.rsa_mod_exp = ossl_rsa_meth->rsa_mod_exp;
+	capi_rsa_method.bn_mod_exp = ossl_rsa_meth->bn_mod_exp;
+
+	/* Setup DSA Method */
+	dsa_capi_idx = DSA_get_ex_new_index(0, NULL, NULL, NULL, 0);
+	ossl_dsa_meth = DSA_OpenSSL();
+	capi_dsa_method.dsa_do_verify = ossl_dsa_meth->dsa_do_verify;
+	capi_dsa_method.dsa_mod_exp = ossl_dsa_meth->dsa_mod_exp;
+	capi_dsa_method.bn_mod_exp = ossl_dsa_meth->bn_mod_exp;
+
+#ifdef OPENSSL_CAPIENG_DIALOG
+	{
+	HMODULE cryptui = LoadLibrary(TEXT("CRYPTUI.DLL"));
+	HMODULE kernel = GetModuleHandle(TEXT("KERNEL32.DLL"));
+	if (cryptui)
+		ctx->certselectdlg = (CERTDLG)GetProcAddress(cryptui, "CryptUIDlgSelectCertificateFromStore");
+	if (kernel)
+		ctx->getconswindow = (GETCONSWIN)GetProcAddress(kernel, "GetConsoleWindow");
+	if (cryptui && !OPENSSL_isservice())
+		ctx->client_cert_select = cert_select_dialog;
+	}
+#endif
+		
+
+	return 1;
+
+	memerr:
+	CAPIerr(CAPI_F_CAPI_INIT, ERR_R_MALLOC_FAILURE);
+	return 0;
+
+	return 1;
+	}
+
+static int capi_destroy(ENGINE *e)
+	{
+	ERR_unload_CAPI_strings();
+	return 1;
+	}
+
+static int capi_finish(ENGINE *e)
+	{
+	CAPI_CTX *ctx;
+	ctx = ENGINE_get_ex_data(e, capi_idx);
+	capi_ctx_free(ctx);
+	ENGINE_set_ex_data(e, capi_idx, NULL);
+	return 1;
+	}
+
+
+/* CryptoAPI key application data. This contains
+ * a handle to the private key container (for sign operations)
+ * and a handle to the key (for decrypt operations).
+ */
+
+struct CAPI_KEY_st
+	{
+	/* Associated certificate context (if any) */
+	PCCERT_CONTEXT pcert;
+	HCRYPTPROV hprov;
+	HCRYPTKEY key;
+	DWORD keyspec;
+	};
+
+static int bind_capi(ENGINE *e)
+	{
+	if (!ENGINE_set_id(e, engine_capi_id)
+		|| !ENGINE_set_name(e, engine_capi_name)
+		|| !ENGINE_set_init_function(e, capi_init)
+		|| !ENGINE_set_finish_function(e, capi_finish)
+		|| !ENGINE_set_destroy_function(e, capi_destroy)
+		|| !ENGINE_set_RSA(e, &capi_rsa_method)
+		|| !ENGINE_set_DSA(e, &capi_dsa_method)
+		|| !ENGINE_set_load_privkey_function(e, capi_load_privkey)
+		|| !ENGINE_set_load_ssl_client_cert_function(e,
+						capi_load_ssl_client_cert)
+		|| !ENGINE_set_cmd_defns(e, capi_cmd_defns)
+		|| !ENGINE_set_ctrl_function(e, capi_ctrl))
+			return 0;
+	ERR_load_CAPI_strings();
+
+	return 1;
+
+	}
+
+#ifndef OPENSSL_NO_DYNAMIC_ENGINE
+static int bind_helper(ENGINE *e, const char *id)
+	{
+	if(id && (strcmp(id, engine_capi_id) != 0))
+		return 0;
+	if(!bind_capi(e))
+		return 0;
+	return 1;
+	}       
+IMPLEMENT_DYNAMIC_CHECK_FN()
+IMPLEMENT_DYNAMIC_BIND_FN(bind_helper)
+#else
+static ENGINE *engine_capi(void)
+	{
+	ENGINE *ret = ENGINE_new();
+	if(!ret)
+		return NULL;
+	if(!bind_capi(ret))
+		{
+		ENGINE_free(ret);
+		return NULL;
+		}
+	return ret;
+	}
+
+void ENGINE_load_capi(void)
+	{
+	/* Copied from eng_[openssl|dyn].c */
+	ENGINE *toadd = engine_capi();
+	if(!toadd) return;
+	ENGINE_add(toadd);
+	ENGINE_free(toadd);
+	ERR_clear_error();
+	}
+#endif
+
+
+static int lend_tobn(BIGNUM *bn, unsigned char *bin, int binlen)
+	{
+	int i;
+	/* Reverse buffer in place: since this is a keyblob structure
+	 * that will be freed up after conversion anyway it doesn't 
+	 * matter if we change it.
+	 */
+	for(i = 0; i < binlen / 2; i++)
+		{
+		unsigned char c;
+		c = bin[i];
+		bin[i] = bin[binlen - i - 1];
+		bin[binlen - i - 1] = c;
+		}
+
+	if (!BN_bin2bn(bin, binlen, bn))
+		return 0;
+	return 1;
+	}
+
+/* Given a CAPI_KEY get an EVP_PKEY structure */
+
+static EVP_PKEY *capi_get_pkey(ENGINE *eng, CAPI_KEY *key)
+	{
+	unsigned char *pubkey = NULL;
+	DWORD len;
+	BLOBHEADER *bh;
+	RSA *rkey = NULL;
+	DSA *dkey = NULL;
+	EVP_PKEY *ret = NULL;
+	if (!CryptExportKey(key->key, 0, PUBLICKEYBLOB, 0, NULL, &len))
+		{
+		CAPIerr(CAPI_F_CAPI_GET_PKEY, CAPI_R_PUBKEY_EXPORT_LENGTH_ERROR);
+		capi_addlasterror();
+		return NULL;
+		}
+
+	pubkey = OPENSSL_malloc(len);
+
+	if (!pubkey)
+		goto memerr;
+
+	if (!CryptExportKey(key->key, 0, PUBLICKEYBLOB, 0, pubkey, &len))
+		{
+		CAPIerr(CAPI_F_CAPI_GET_PKEY, CAPI_R_PUBKEY_EXPORT_ERROR);
+		capi_addlasterror();
+		goto err;
+		}
+
+	bh = (BLOBHEADER *)pubkey;
+	if (bh->bType != PUBLICKEYBLOB)
+		{
+		CAPIerr(CAPI_F_CAPI_GET_PKEY, CAPI_R_INVALID_PUBLIC_KEY_BLOB);
+		goto err;
+		}
+	if (bh->aiKeyAlg == CALG_RSA_SIGN || bh->aiKeyAlg == CALG_RSA_KEYX)
+		{
+		RSAPUBKEY *rp;
+		DWORD rsa_modlen;
+		unsigned char *rsa_modulus;
+		rp = (RSAPUBKEY *)(bh + 1);
+		if (rp->magic != 0x31415352)
+			{
+			char magstr[10];
+			BIO_snprintf(magstr, 10, "%lx", rp->magic);
+			CAPIerr(CAPI_F_CAPI_GET_PKEY, CAPI_R_INVALID_RSA_PUBLIC_KEY_BLOB_MAGIC_NUMBER);
+			ERR_add_error_data(2, "magic=0x", magstr);
+			goto err;
+			}
+		rsa_modulus = (unsigned char *)(rp + 1);
+		rkey = RSA_new_method(eng);
+		if (!rkey)
+			goto memerr;
+
+		rkey->e = BN_new();
+		rkey->n = BN_new();
+
+		if (!rkey->e || !rkey->n)
+			goto memerr;
+
+		if (!BN_set_word(rkey->e, rp->pubexp))
+			goto memerr;
+
+		rsa_modlen = rp->bitlen / 8;
+		if (!lend_tobn(rkey->n, rsa_modulus, rsa_modlen))
+			goto memerr;
+
+		RSA_set_ex_data(rkey, rsa_capi_idx, key);
+
+		if (!(ret = EVP_PKEY_new()))
+			goto memerr;
+
+		EVP_PKEY_assign_RSA(ret, rkey);
+		rkey = NULL;
+
+		}
+	else if (bh->aiKeyAlg == CALG_DSS_SIGN)
+		{
+		DSSPUBKEY *dp;
+		DWORD dsa_plen;
+		unsigned char *btmp;
+		dp = (DSSPUBKEY *)(bh + 1);
+		if (dp->magic != 0x31535344)
+			{
+			char magstr[10];
+			BIO_snprintf(magstr, 10, "%lx", dp->magic);
+			CAPIerr(CAPI_F_CAPI_GET_PKEY, CAPI_R_INVALID_DSA_PUBLIC_KEY_BLOB_MAGIC_NUMBER);
+			ERR_add_error_data(2, "magic=0x", magstr);
+			goto err;
+			}
+		dsa_plen = dp->bitlen / 8;
+		btmp = (unsigned char *)(dp + 1);
+		dkey = DSA_new_method(eng);
+		if (!dkey)
+			goto memerr;
+		dkey->p = BN_new();
+		dkey->q = BN_new();
+		dkey->g = BN_new();
+		dkey->pub_key = BN_new();
+		if (!dkey->p || !dkey->q || !dkey->g || !dkey->pub_key)
+			goto memerr;
+		if (!lend_tobn(dkey->p, btmp, dsa_plen))
+			goto memerr;
+		btmp += dsa_plen;
+		if (!lend_tobn(dkey->q, btmp, 20))
+			goto memerr;
+		btmp += 20;
+		if (!lend_tobn(dkey->g, btmp, dsa_plen))
+			goto memerr;
+		btmp += dsa_plen;
+		if (!lend_tobn(dkey->pub_key, btmp, dsa_plen))
+			goto memerr;
+		btmp += dsa_plen;
+
+		DSA_set_ex_data(dkey, dsa_capi_idx, key);
+
+		if (!(ret = EVP_PKEY_new()))
+			goto memerr;
+
+		EVP_PKEY_assign_DSA(ret, dkey);
+		dkey = NULL;
+		}
+	else
+		{
+		char algstr[10];
+		BIO_snprintf(algstr, 10, "%lx", bh->aiKeyAlg);
+		CAPIerr(CAPI_F_CAPI_GET_PKEY, CAPI_R_UNSUPPORTED_PUBLIC_KEY_ALGORITHM);
+		ERR_add_error_data(2, "aiKeyAlg=0x", algstr);
+		goto err;
+		}
+
+
+	err:
+	if (pubkey)
+		OPENSSL_free(pubkey);
+	if (!ret)
+		{
+		if (rkey)
+			RSA_free(rkey);
+		if (dkey)
+			DSA_free(dkey);
+		}
+
+	return ret;
+
+memerr:
+	CAPIerr(CAPI_F_CAPI_GET_PKEY, ERR_R_MALLOC_FAILURE);
+	goto err;
+
+	}
+
+static EVP_PKEY *capi_load_privkey(ENGINE *eng, const char *key_id,
+	UI_METHOD *ui_method, void *callback_data)
+	{
+	CAPI_CTX *ctx;
+	CAPI_KEY *key;
+	EVP_PKEY *ret;
+	ctx = ENGINE_get_ex_data(eng, capi_idx);
+
+	if (!ctx)
+		{
+		CAPIerr(CAPI_F_CAPI_LOAD_PRIVKEY, CAPI_R_CANT_FIND_CAPI_CONTEXT);
+		return NULL;
+		}
+
+	key = capi_find_key(ctx, key_id);
+
+	if (!key)
+		return NULL;
+
+	ret = capi_get_pkey(eng, key);
+
+	if (!ret)
+		capi_free_key(key);
+	return ret;
+
+	}
+
+/* CryptoAPI RSA operations */
+
+int capi_rsa_priv_enc(int flen, const unsigned char *from,
+                unsigned char *to, RSA *rsa, int padding)
+	{
+	CAPIerr(CAPI_F_CAPI_RSA_PRIV_ENC, CAPI_R_FUNCTION_NOT_SUPPORTED);
+	return -1;
+	}
+
+int capi_rsa_sign(int dtype, const unsigned char *m, unsigned int m_len,
+             unsigned char *sigret, unsigned int *siglen, const RSA *rsa)
+	{
+	ALG_ID alg;
+	HCRYPTHASH hash;
+	DWORD slen;
+	unsigned int i;
+	int ret = -1;
+	CAPI_KEY *capi_key;
+	CAPI_CTX *ctx;
+
+	ctx = ENGINE_get_ex_data(rsa->engine, capi_idx);
+
+	CAPI_trace(ctx, "Called CAPI_rsa_sign()\n");
+
+	capi_key = RSA_get_ex_data(rsa, rsa_capi_idx);
+	if (!capi_key)
+		{
+		CAPIerr(CAPI_F_CAPI_RSA_SIGN, CAPI_R_CANT_GET_KEY);
+		return -1;
+		}
+/* Convert the signature type to a CryptoAPI algorithm ID */
+	switch(dtype)
+		{
+	case NID_sha1:
+		alg = CALG_SHA1;
+		break;
+
+	case NID_md5:
+		alg = CALG_MD5;
+		break;
+
+	case NID_md5_sha1:
+		alg = CALG_SSL3_SHAMD5;
+		break;
+	default:
+		{
+		char algstr[10];
+		BIO_snprintf(algstr, 10, "%lx", dtype);
+		CAPIerr(CAPI_F_CAPI_RSA_SIGN, CAPI_R_UNSUPPORTED_ALGORITHM_NID);
+		ERR_add_error_data(2, "NID=0x", algstr);
+		return -1;
+		}
+	}
+
+
+
+/* Create the hash object */
+	if(!CryptCreateHash(capi_key->hprov, alg, 0, 0, &hash))
+		{
+		CAPIerr(CAPI_F_CAPI_RSA_SIGN, CAPI_R_CANT_CREATE_HASH_OBJECT);
+		capi_addlasterror();
+		return -1;
+		}
+/* Set the hash value to the value passed */
+
+	if(!CryptSetHashParam(hash, HP_HASHVAL, (unsigned char *)m, 0))
+		{
+		CAPIerr(CAPI_F_CAPI_RSA_SIGN, CAPI_R_CANT_SET_HASH_VALUE);
+		capi_addlasterror();
+		goto err;
+		}
+
+
+/* Finally sign it */
+	slen = RSA_size(rsa);
+	if(!CryptSignHashA(hash, capi_key->keyspec, NULL, 0, sigret, &slen))
+		{
+		CAPIerr(CAPI_F_CAPI_RSA_SIGN, CAPI_R_ERROR_SIGNING_HASH);
+		capi_addlasterror();
+		goto err;
+		}
+	else
+		{
+		ret = 1;
+		/* Inplace byte reversal of signature */
+		for(i = 0; i < slen / 2; i++)
+			{
+			unsigned char c;
+			c = sigret[i];
+			sigret[i] = sigret[slen - i - 1];
+			sigret[slen - i - 1] = c;
+			}
+		*siglen = slen;
+		}
+
+	/* Now cleanup */
+
+err:
+	CryptDestroyHash(hash);
+
+	return ret;
+	}
+
+int capi_rsa_priv_dec(int flen, const unsigned char *from,
+                unsigned char *to, RSA *rsa, int padding)
+	{
+	int i;
+	unsigned char *tmpbuf;
+	CAPI_KEY *capi_key;
+	CAPI_CTX *ctx;
+	ctx = ENGINE_get_ex_data(rsa->engine, capi_idx);
+
+	CAPI_trace(ctx, "Called capi_rsa_priv_dec()\n");
+
+
+	capi_key = RSA_get_ex_data(rsa, rsa_capi_idx);
+	if (!capi_key)
+		{
+		CAPIerr(CAPI_F_CAPI_RSA_PRIV_DEC, CAPI_R_CANT_GET_KEY);
+		return -1;
+		}
+
+	if(padding != RSA_PKCS1_PADDING)
+		{
+		char errstr[10];
+		BIO_snprintf(errstr, 10, "%d", padding);
+		CAPIerr(CAPI_F_CAPI_RSA_PRIV_DEC, CAPI_R_UNSUPPORTED_PADDING);
+		ERR_add_error_data(2, "padding=", errstr);
+		return -1;
+		}
+
+	/* Create temp reverse order version of input */
+	if(!(tmpbuf = OPENSSL_malloc(flen)) ) 
+		{
+		CAPIerr(CAPI_F_CAPI_RSA_PRIV_DEC, ERR_R_MALLOC_FAILURE);
+		return -1;
+		}
+	for(i = 0; i < flen; i++)
+		tmpbuf[flen - i - 1] = from[i];
+	
+	/* Finally decrypt it */
+	if(!CryptDecrypt(capi_key->key, 0, TRUE, 0, tmpbuf, &flen))
+		{
+		CAPIerr(CAPI_F_CAPI_RSA_PRIV_DEC, CAPI_R_DECRYPT_ERROR);
+		capi_addlasterror();
+		OPENSSL_free(tmpbuf);
+		return -1;
+		} 
+	else memcpy(to, tmpbuf, flen);
+
+	OPENSSL_free(tmpbuf);
+
+	return flen;
+	}
+
+static int capi_rsa_free(RSA *rsa)
+	{
+	CAPI_KEY *capi_key;
+	capi_key = RSA_get_ex_data(rsa, rsa_capi_idx);
+	capi_free_key(capi_key);
+	RSA_set_ex_data(rsa, rsa_capi_idx, 0);
+	return 1;
+	}
+
+/* CryptoAPI DSA operations */
+
+static DSA_SIG *capi_dsa_do_sign(const unsigned char *digest, int dlen,
+								DSA *dsa)
+	{
+	HCRYPTHASH hash;
+	DWORD slen;
+	DSA_SIG *ret = NULL;
+	CAPI_KEY *capi_key;
+	CAPI_CTX *ctx;
+	unsigned char csigbuf[40];
+
+	ctx = ENGINE_get_ex_data(dsa->engine, capi_idx);
+
+	CAPI_trace(ctx, "Called CAPI_dsa_do_sign()\n");
+
+	capi_key = DSA_get_ex_data(dsa, dsa_capi_idx);
+
+	if (!capi_key)
+		{
+		CAPIerr(CAPI_F_CAPI_DSA_DO_SIGN, CAPI_R_CANT_GET_KEY);
+		return NULL;
+		}
+
+	if (dlen != 20)
+		{
+		CAPIerr(CAPI_F_CAPI_DSA_DO_SIGN, CAPI_R_INVALID_DIGEST_LENGTH);
+		return NULL;
+		}
+
+	/* Create the hash object */
+	if(!CryptCreateHash(capi_key->hprov, CALG_SHA1, 0, 0, &hash))
+		{
+		CAPIerr(CAPI_F_CAPI_DSA_DO_SIGN, CAPI_R_CANT_CREATE_HASH_OBJECT);
+		capi_addlasterror();
+		return NULL;
+		}
+
+	/* Set the hash value to the value passed */
+	if(!CryptSetHashParam(hash, HP_HASHVAL, (unsigned char *)digest, 0))
+		{
+		CAPIerr(CAPI_F_CAPI_DSA_DO_SIGN, CAPI_R_CANT_SET_HASH_VALUE);
+		capi_addlasterror();
+		goto err;
+		}
+
+
+	/* Finally sign it */
+	slen = sizeof(csigbuf);
+	if(!CryptSignHashA(hash, capi_key->keyspec, NULL, 0, csigbuf, &slen))
+		{
+		CAPIerr(CAPI_F_CAPI_DSA_DO_SIGN, CAPI_R_ERROR_SIGNING_HASH);
+		capi_addlasterror();
+		goto err;
+		}
+	else
+		{
+		ret = DSA_SIG_new();
+		if (!ret)
+			goto err;
+		ret->r = BN_new();
+		ret->s = BN_new();
+		if (!ret->r || !ret->s)
+			goto err;
+		if (!lend_tobn(ret->r, csigbuf, 20)
+			|| !lend_tobn(ret->s, csigbuf + 20, 20))
+			{
+			DSA_SIG_free(ret);
+			ret = NULL;
+			goto err;
+			}
+		}
+
+	/* Now cleanup */
+
+err:
+	OPENSSL_cleanse(csigbuf, 40);
+	CryptDestroyHash(hash);
+	return ret;
+	}
+
+static int capi_dsa_free(DSA *dsa)
+	{
+	CAPI_KEY *capi_key;
+	capi_key = DSA_get_ex_data(dsa, dsa_capi_idx);
+	capi_free_key(capi_key);
+	DSA_set_ex_data(dsa, dsa_capi_idx, 0);
+	return 1;
+	}
+
+static void capi_vtrace(CAPI_CTX *ctx, int level, char *format, va_list argptr)
+	{
+	BIO *out;
+
+	if (!ctx || (ctx->debug_level < level) || (!ctx->debug_file))
+		return;
+	out = BIO_new_file(ctx->debug_file, "a+");
+	BIO_vprintf(out, format, argptr);
+	BIO_free(out);
+	}
+
+static void CAPI_trace(CAPI_CTX *ctx, char *format, ...)
+	{
+	va_list args;
+	va_start(args, format);
+	capi_vtrace(ctx, CAPI_DBG_TRACE, format, args);
+	va_end(args);
+	}
+
+static void capi_addlasterror(void)
+	{
+	capi_adderror(GetLastError());
+	}
+
+static void capi_adderror(DWORD err)
+	{
+	char errstr[10];
+	BIO_snprintf(errstr, 10, "%lX", err);
+	ERR_add_error_data(2, "Error code= 0x", errstr);
+	}
+
+static char *wide_to_asc(LPWSTR wstr)
+	{
+	char *str;
+	int len_0,sz;
+
+	if (!wstr)
+		return NULL;
+	len_0 = (int)wcslen(wstr)+1;	/* WideCharToMultiByte expects int */
+        sz = WideCharToMultiByte(CP_ACP,0,wstr,len_0,NULL,0,NULL,NULL);
+	if (!sz)
+		{
+		CAPIerr(CAPI_F_WIDE_TO_ASC, CAPI_R_WIN32_ERROR);
+		return NULL;
+		}
+	str = OPENSSL_malloc(sz);
+	if (!str)
+		{
+		CAPIerr(CAPI_F_WIDE_TO_ASC, ERR_R_MALLOC_FAILURE);
+		return NULL;
+		}
+	if (!WideCharToMultiByte(CP_ACP,0,wstr,len_0,str,sz,NULL,NULL))
+		{
+		OPENSSL_free(str);
+		CAPIerr(CAPI_F_WIDE_TO_ASC, CAPI_R_WIN32_ERROR);
+		return NULL;
+		}
+	return str;
+	}
+
+static int capi_get_provname(CAPI_CTX *ctx, LPSTR *pname, DWORD *ptype, DWORD idx)
+	{
+	LPSTR name;
+	DWORD len, err;
+	CAPI_trace(ctx, "capi_get_provname, index=%d\n", idx);
+	if (!CryptEnumProvidersA(idx, NULL, 0, ptype, NULL, &len))
+		{
+		err = GetLastError();
+		if (err == ERROR_NO_MORE_ITEMS)
+			return 2;
+		CAPIerr(CAPI_F_CAPI_GET_PROVNAME, CAPI_R_CRYPTENUMPROVIDERS_ERROR);
+		capi_adderror(err);
+		return 0;
+		}
+	name = OPENSSL_malloc(len);
+	if (!CryptEnumProvidersA(idx, NULL, 0, ptype, name, &len))
+		{
+		err = GetLastError();
+		if (err == ERROR_NO_MORE_ITEMS)
+			return 2;
+		CAPIerr(CAPI_F_CAPI_GET_PROVNAME, CAPI_R_CRYPTENUMPROVIDERS_ERROR);
+		capi_adderror(err);
+		return 0;
+		}
+	*pname = name;
+	CAPI_trace(ctx, "capi_get_provname, returned name=%s, type=%d\n", name, *ptype);
+
+	return 1;
+	}
+
+static int capi_list_providers(CAPI_CTX *ctx, BIO *out)
+	{
+	DWORD idx, ptype;
+	int ret;
+	LPSTR provname = NULL;
+	CAPI_trace(ctx, "capi_list_providers\n");
+	BIO_printf(out, "Available CSPs:\n");
+	for(idx = 0; ; idx++)
+		{
+		ret = capi_get_provname(ctx, &provname, &ptype, idx);
+		if (ret == 2)
+			break;
+		if (ret == 0)
+			break;
+		BIO_printf(out, "%d. %s, type %d\n", idx, provname, ptype);
+		OPENSSL_free(provname);
+		}
+	return 1;
+	}
+
+static int capi_list_containers(CAPI_CTX *ctx, BIO *out)
+	{
+	int ret = 1;
+	HCRYPTPROV hprov;
+	DWORD err, idx, flags, buflen = 0, clen;
+	LPSTR cname;
+	CAPI_trace(ctx, "Listing containers CSP=%s, type = %d\n", ctx->cspname, ctx->csptype);
+	if (!CryptAcquireContextA(&hprov, NULL, ctx->cspname, ctx->csptype, CRYPT_VERIFYCONTEXT))
+		{
+		CAPIerr(CAPI_F_CAPI_LIST_CONTAINERS, CAPI_R_CRYPTACQUIRECONTEXT_ERROR);
+		capi_addlasterror();
+		return 0;
+		}
+	if (!CryptGetProvParam(hprov, PP_ENUMCONTAINERS, NULL, &buflen, CRYPT_FIRST))
+		{
+		CAPIerr(CAPI_F_CAPI_LIST_CONTAINERS, CAPI_R_ENUMCONTAINERS_ERROR);
+		capi_addlasterror();
+		return 0;
+		}
+	CAPI_trace(ctx, "Got max container len %d\n", buflen);
+	if (buflen == 0)
+		buflen = 1024;
+	cname = OPENSSL_malloc(buflen);
+	if (!cname)
+		{
+		CAPIerr(CAPI_F_CAPI_LIST_CONTAINERS, ERR_R_MALLOC_FAILURE);
+		goto err;
+		}
+
+	for (idx = 0;;idx++)
+		{
+		clen = buflen;
+		cname[0] = 0;
+
+		if (idx == 0)
+			flags = CRYPT_FIRST;
+		else
+			flags = 0;
+		if(!CryptGetProvParam(hprov, PP_ENUMCONTAINERS, cname, &clen, flags))
+			{
+			err = GetLastError();
+			if (err == ERROR_NO_MORE_ITEMS)
+				goto done;
+			CAPIerr(CAPI_F_CAPI_LIST_CONTAINERS, CAPI_R_ENUMCONTAINERS_ERROR);
+			capi_adderror(err);
+			goto err;
+			}
+		CAPI_trace(ctx, "Container name %s, len=%d, index=%d, flags=%d\n", cname, clen, idx, flags);
+		if (!cname[0] && (clen == buflen))
+			{
+			CAPI_trace(ctx, "Enumerate bug: using workaround\n");
+			goto done;
+			}
+		BIO_printf(out, "%d. %s\n", idx, cname);
+		}
+	err:
+
+	ret = 0;
+
+	done:
+	if (cname)
+		OPENSSL_free(cname);
+	CryptReleaseContext(hprov, 0);
+
+	return ret;
+	}
+
+CRYPT_KEY_PROV_INFO *capi_get_prov_info(CAPI_CTX *ctx, PCCERT_CONTEXT cert)
+	{
+	DWORD len;
+	CRYPT_KEY_PROV_INFO *pinfo;
+	
+	if(!CertGetCertificateContextProperty(cert, CERT_KEY_PROV_INFO_PROP_ID, NULL, &len))
+		return NULL;
+	pinfo = OPENSSL_malloc(len);
+	if (!pinfo)
+		{
+		CAPIerr(CAPI_F_CAPI_GET_PROV_INFO, ERR_R_MALLOC_FAILURE);
+		return NULL;
+		}
+	if(!CertGetCertificateContextProperty(cert, CERT_KEY_PROV_INFO_PROP_ID, pinfo, &len))
+		{
+		CAPIerr(CAPI_F_CAPI_GET_PROV_INFO, CAPI_R_ERROR_GETTING_KEY_PROVIDER_INFO);
+		capi_addlasterror();
+		OPENSSL_free(pinfo);
+		return NULL;
+		}
+	return pinfo;
+	}
+
+static void capi_dump_prov_info(CAPI_CTX *ctx, BIO *out, CRYPT_KEY_PROV_INFO *pinfo)
+	{
+	char *provname = NULL, *contname = NULL;
+	if (!pinfo)
+		{
+		BIO_printf(out, "  No Private Key\n");
+		return;
+		}
+	provname = wide_to_asc(pinfo->pwszProvName);
+	contname = wide_to_asc(pinfo->pwszContainerName);
+	if (!provname || !contname)
+		goto err;
+
+	BIO_printf(out, "  Private Key Info:\n");
+	BIO_printf(out, "    Provider Name:  %s, Provider Type %d\n", provname, pinfo->dwProvType);
+	BIO_printf(out, "    Container Name: %s, Key Type %d\n", contname, pinfo->dwKeySpec);
+	err:
+	if (provname)
+		OPENSSL_free(provname);
+	if (contname)
+		OPENSSL_free(contname);
+	}
+
+char * capi_cert_get_fname(CAPI_CTX *ctx, PCCERT_CONTEXT cert)
+	{
+	LPWSTR wfname;
+	DWORD dlen;
+
+	CAPI_trace(ctx, "capi_cert_get_fname\n");
+	if (!CertGetCertificateContextProperty(cert, CERT_FRIENDLY_NAME_PROP_ID, NULL, &dlen))
+		return NULL;
+	wfname = OPENSSL_malloc(dlen);
+	if (CertGetCertificateContextProperty(cert, CERT_FRIENDLY_NAME_PROP_ID, wfname, &dlen))
+		{
+		char *fname = wide_to_asc(wfname);
+		OPENSSL_free(wfname);
+		return fname;
+		}
+	CAPIerr(CAPI_F_CAPI_CERT_GET_FNAME, CAPI_R_ERROR_GETTING_FRIENDLY_NAME);
+	capi_addlasterror();
+
+	OPENSSL_free(wfname);
+	return NULL;
+	}
+
+
+void capi_dump_cert(CAPI_CTX *ctx, BIO *out, PCCERT_CONTEXT cert)
+	{
+	X509 *x;
+	unsigned char *p;
+	unsigned long flags = ctx->dump_flags;
+	if (flags & CAPI_DMP_FNAME)
+		{
+		char *fname;
+		fname = capi_cert_get_fname(ctx, cert);
+		if (fname)
+			{
+			BIO_printf(out, "  Friendly Name \"%s\"\n", fname);
+			OPENSSL_free(fname);
+			}
+		else
+			BIO_printf(out, "  <No Friendly Name>\n");
+		}
+
+	p = cert->pbCertEncoded;
+	x = d2i_X509(NULL, &p, cert->cbCertEncoded);
+	if (!x)
+		BIO_printf(out, "  <Can't parse certificate>\n");
+	if (flags & CAPI_DMP_SUMMARY)
+		{
+		BIO_printf(out, "  Subject: ");
+		X509_NAME_print_ex(out, X509_get_subject_name(x), 0, XN_FLAG_ONELINE);
+		BIO_printf(out, "\n  Issuer: ");
+		X509_NAME_print_ex(out, X509_get_issuer_name(x), 0, XN_FLAG_ONELINE);
+		BIO_printf(out, "\n");
+		}
+	if (flags & CAPI_DMP_FULL)
+		X509_print_ex(out, x, XN_FLAG_ONELINE,0);
+
+	if (flags & CAPI_DMP_PKEYINFO)
+		{
+		CRYPT_KEY_PROV_INFO *pinfo;
+		pinfo = capi_get_prov_info(ctx, cert);
+		capi_dump_prov_info(ctx, out, pinfo);
+		if (pinfo)
+			OPENSSL_free(pinfo);
+		}
+
+	if (flags & CAPI_DMP_PEM)
+		PEM_write_bio_X509(out, x);
+	X509_free(x);
+	}
+
+HCERTSTORE capi_open_store(CAPI_CTX *ctx, char *storename)
+	{
+	HCERTSTORE hstore;
+
+	if (!storename)
+		storename = ctx->storename;
+	if (!storename)
+		storename = "MY";
+	CAPI_trace(ctx, "Opening certificate store %s\n", storename);
+
+	hstore = CertOpenStore(CERT_STORE_PROV_SYSTEM_A, 0, 0, 
+				ctx->store_flags, storename);
+	if (!hstore)
+		{
+		CAPIerr(CAPI_F_CAPI_OPEN_STORE, CAPI_R_ERROR_OPENING_STORE);
+		capi_addlasterror();
+		}
+	return hstore;
+	}
+
+int capi_list_certs(CAPI_CTX *ctx, BIO *out, char *id)
+	{
+	char *storename;
+	int idx;
+	int ret = 1;
+	HCERTSTORE hstore;
+	PCCERT_CONTEXT cert = NULL;
+
+	storename = ctx->storename;
+	if (!storename)
+		storename = "MY";
+	CAPI_trace(ctx, "Listing certs for store %s\n", storename);
+
+	hstore = capi_open_store(ctx, storename);
+	if (!hstore)
+		return 0;
+	if (id)
+		{
+		cert = capi_find_cert(ctx, id, hstore);
+		if (!cert)
+			{
+			ret = 0;
+			goto err;
+			}
+		capi_dump_cert(ctx, out, cert);
+		CertFreeCertificateContext(cert);
+		}
+	else
+		{
+		for(idx = 0;;idx++)
+			{
+			LPWSTR fname = NULL;
+			cert = CertEnumCertificatesInStore(hstore, cert);
+			if (!cert)
+				break;
+			BIO_printf(out, "Certificate %d\n", idx);
+			capi_dump_cert(ctx, out, cert);
+			}
+		}
+	err:
+	CertCloseStore(hstore, 0);
+	return ret;
+	}
+
+static PCCERT_CONTEXT capi_find_cert(CAPI_CTX *ctx, const char *id, HCERTSTORE hstore)
+	{
+	PCCERT_CONTEXT cert = NULL;
+	char *fname = NULL;
+	int match;
+	switch(ctx->lookup_method)
+		{
+		case CAPI_LU_SUBSTR:
+			return CertFindCertificateInStore(hstore,
+					X509_ASN_ENCODING, 0,
+					CERT_FIND_SUBJECT_STR_A, id, NULL);
+		case CAPI_LU_FNAME:
+			for(;;)
+				{
+				cert = CertEnumCertificatesInStore(hstore, cert);
+				if (!cert)
+					return NULL;
+				fname = capi_cert_get_fname(ctx, cert);
+				if (fname)
+					{
+					if (strcmp(fname, id))
+						match = 0;
+					else
+						match = 1;
+					OPENSSL_free(fname);
+					if (match)
+						return cert;
+					}
+				}
+		default:
+			return NULL;
+		}
+	}
+
+static CAPI_KEY *capi_get_key(CAPI_CTX *ctx, const char *contname, char *provname, DWORD ptype, DWORD keyspec)
+	{
+	CAPI_KEY *key;
+	key = OPENSSL_malloc(sizeof(CAPI_KEY));
+	CAPI_trace(ctx, "capi_get_key, contname=%s, provname=%s, type=%d\n", 
+						contname, provname, ptype);
+	if (!CryptAcquireContextA(&key->hprov, contname, provname, ptype, 0))
+		{
+		CAPIerr(CAPI_F_CAPI_GET_KEY, CAPI_R_CRYPTACQUIRECONTEXT_ERROR);
+		capi_addlasterror();
+		goto err;
+		}
+	if (!CryptGetUserKey(key->hprov, keyspec, &key->key))
+		{
+		CAPIerr(CAPI_F_CAPI_GET_KEY, CAPI_R_GETUSERKEY_ERROR);
+		capi_addlasterror();
+		CryptReleaseContext(key->hprov, 0);
+		goto err;
+		}
+	key->keyspec = keyspec;
+	key->pcert = NULL;
+	return key;
+
+	err:
+	OPENSSL_free(key);
+	return NULL;
+	}
+
+static CAPI_KEY *capi_get_cert_key(CAPI_CTX *ctx, PCCERT_CONTEXT cert)
+	{
+	CAPI_KEY *key = NULL;
+	CRYPT_KEY_PROV_INFO *pinfo = NULL;
+	char *provname = NULL, *contname = NULL;
+	pinfo = capi_get_prov_info(ctx, cert);
+	if (!pinfo)
+		goto err;
+	provname = wide_to_asc(pinfo->pwszProvName);
+	contname = wide_to_asc(pinfo->pwszContainerName);
+	if (!provname || !contname)
+		goto err;
+	key = capi_get_key(ctx, contname, provname,
+				pinfo->dwProvType, pinfo->dwKeySpec);
+
+	err:
+	if (pinfo)
+		OPENSSL_free(pinfo);
+	if (provname)
+		OPENSSL_free(provname);
+	if (contname)
+		OPENSSL_free(contname);
+	return key;
+	}
+
+CAPI_KEY *capi_find_key(CAPI_CTX *ctx, const char *id)
+	{
+	PCCERT_CONTEXT cert;
+	HCERTSTORE hstore;
+	CAPI_KEY *key = NULL;
+	switch (ctx->lookup_method)
+		{
+		case CAPI_LU_SUBSTR:
+		case CAPI_LU_FNAME:
+		hstore = capi_open_store(ctx, NULL);
+		if (!hstore)
+			return NULL;
+		cert = capi_find_cert(ctx, id, hstore);
+		if (cert)
+			{
+			key = capi_get_cert_key(ctx, cert);
+			CertFreeCertificateContext(cert);
+			}
+		CertCloseStore(hstore, 0);
+		break;
+
+		case CAPI_LU_CONTNAME:
+		key = capi_get_key(ctx, id, ctx->cspname, ctx->csptype,
+							ctx->keytype);
+		break;
+		}
+
+	return key;
+	}
+
+void capi_free_key(CAPI_KEY *key)
+	{
+	if (!key)
+		return;
+	CryptDestroyKey(key->key);
+	CryptReleaseContext(key->hprov, 0);
+	if (key->pcert)
+		CertFreeCertificateContext(key->pcert);
+	OPENSSL_free(key);
+	}
+
+
+/* Initialize a CAPI_CTX structure */
+
+static CAPI_CTX *capi_ctx_new()
+	{
+	CAPI_CTX *ctx;
+	ctx = OPENSSL_malloc(sizeof(CAPI_CTX));
+	if (!ctx)
+		{
+		CAPIerr(CAPI_F_CAPI_CTX_NEW, ERR_R_MALLOC_FAILURE);
+		return NULL;
+		}
+	ctx->cspname = NULL;
+	ctx->csptype = PROV_RSA_FULL;
+	ctx->dump_flags = CAPI_DMP_SUMMARY|CAPI_DMP_FNAME;
+	ctx->keytype = AT_KEYEXCHANGE;
+	ctx->storename = NULL;
+	ctx->ssl_client_store = NULL;
+	ctx->store_flags = CERT_STORE_OPEN_EXISTING_FLAG |
+				CERT_STORE_READONLY_FLAG |
+				CERT_SYSTEM_STORE_CURRENT_USER;
+	ctx->lookup_method = CAPI_LU_SUBSTR;
+	ctx->debug_level = 0;
+	ctx->debug_file = NULL;
+	ctx->client_cert_select = cert_select_simple;
+	return ctx;
+	}
+
+static void capi_ctx_free(CAPI_CTX *ctx)
+	{
+	CAPI_trace(ctx, "Calling capi_ctx_free with %lx\n", ctx);
+	if (!ctx)
+		return;
+	if (ctx->cspname)
+		OPENSSL_free(ctx->cspname);
+	if (ctx->debug_file)
+		OPENSSL_free(ctx->debug_file);
+	if (ctx->storename)
+		OPENSSL_free(ctx->storename);
+	if (ctx->ssl_client_store)
+		OPENSSL_free(ctx->ssl_client_store);
+	OPENSSL_free(ctx);
+	}
+
+static int capi_ctx_set_provname(CAPI_CTX *ctx, LPSTR pname, DWORD type, int check)
+	{
+	CAPI_trace(ctx, "capi_ctx_set_provname, name=%s, type=%d\n", pname, type);
+	if (check)
+		{
+		HCRYPTPROV hprov;
+		if (!CryptAcquireContextA(&hprov, NULL, pname, type,
+						CRYPT_VERIFYCONTEXT))
+			{
+			CAPIerr(CAPI_F_CAPI_CTX_SET_PROVNAME, CAPI_R_CRYPTACQUIRECONTEXT_ERROR);
+			capi_addlasterror();
+			return 0;
+			}
+		CryptReleaseContext(hprov, 0);
+		}
+	ctx->cspname = BUF_strdup(pname);
+	ctx->csptype = type;
+	return 1;
+	}
+
+static int capi_ctx_set_provname_idx(CAPI_CTX *ctx, int idx)
+	{
+	LPSTR pname;
+	DWORD type;
+	if (capi_get_provname(ctx, &pname, &type, idx) != 1)
+		return 0;
+	return capi_ctx_set_provname(ctx, pname, type, 0);
+	}
+
+static int cert_issuer_match(STACK_OF(X509_NAME) *ca_dn, X509 *x)
+	{
+	int i;
+	X509_NAME *nm;
+	/* Special case: empty list: match anything */
+	if (sk_X509_NAME_num(ca_dn) <= 0)
+		return 1;
+	for (i = 0; i < sk_X509_NAME_num(ca_dn); i++)
+		{
+		nm = sk_X509_NAME_value(ca_dn, i);
+		if (!X509_NAME_cmp(nm, X509_get_issuer_name(x)))
+				return 1;
+		}
+	return 0;
+	}
+
+
+
+static int capi_load_ssl_client_cert(ENGINE *e, SSL *ssl,
+	STACK_OF(X509_NAME) *ca_dn, X509 **pcert, EVP_PKEY **pkey,
+	STACK_OF(X509) **pother, UI_METHOD *ui_method, void *callback_data)
+	{
+	STACK_OF(X509) *certs = NULL;
+	X509 *x;
+	char *storename;
+	const char *p;
+	int i, client_cert_idx;
+	HCERTSTORE hstore;
+	PCCERT_CONTEXT cert = NULL, excert = NULL;
+	CAPI_CTX *ctx;
+	CAPI_KEY *key;
+	ctx = ENGINE_get_ex_data(e, capi_idx);
+
+	*pcert = NULL;
+	*pkey = NULL;
+
+	storename = ctx->ssl_client_store;
+	if (!storename)
+		storename = "MY";
+
+	hstore = capi_open_store(ctx, storename);
+	if (!hstore)
+		return 0;
+	/* Enumerate all certificates collect any matches */
+	for(i = 0;;i++)
+		{
+		cert = CertEnumCertificatesInStore(hstore, cert);
+		if (!cert)
+			break;
+		p = cert->pbCertEncoded;
+		x = d2i_X509(NULL, &p, cert->cbCertEncoded);
+		if (!x)
+			{
+			CAPI_trace(ctx, "Can't Parse Certificate %d\n", i);
+			continue;
+			}
+		if (cert_issuer_match(ca_dn, x)
+			&& X509_check_purpose(x, X509_PURPOSE_SSL_CLIENT, 0))
+			{
+			key = capi_get_cert_key(ctx, cert);
+			if (!key)
+				{
+				X509_free(x);
+				continue;
+				}
+			/* Match found: attach extra data to it so
+			 * we can retrieve the key later.
+			 */
+			excert = CertDuplicateCertificateContext(cert);
+			key->pcert = excert;
+			X509_set_ex_data(x, cert_capi_idx, key);
+
+			if (!certs)
+				certs = sk_X509_new_null();
+
+			sk_X509_push(certs, x);
+			}
+		else
+			X509_free(x);
+
+		}
+
+	if (cert)
+		CertFreeCertificateContext(cert);
+	if (hstore)
+		CertCloseStore(hstore, 0);
+
+	if (!certs)
+		return 0;
+
+
+	/* Select the appropriate certificate */
+
+	client_cert_idx = ctx->client_cert_select(e, ssl, certs);
+
+	/* Set the selected certificate and free the rest */
+
+	for(i = 0; i < sk_X509_num(certs); i++)
+		{
+		x = sk_X509_value(certs, i);
+		if (i == client_cert_idx)
+			*pcert = x;
+		else
+			{
+			key = X509_get_ex_data(x, cert_capi_idx);
+			capi_free_key(key);
+			X509_free(x);
+			}
+		}
+
+	sk_X509_free(certs);
+
+	if (!*pcert)
+		return 0;
+
+	/* Setup key for selected certificate */
+
+	key = X509_get_ex_data(*pcert, cert_capi_idx);
+	*pkey = capi_get_pkey(e, key);
+	X509_set_ex_data(*pcert, cert_capi_idx, NULL);
+
+	return 1;
+
+	}
+
+
+/* Simple client cert selection function: always select first */
+
+static int cert_select_simple(ENGINE *e, SSL *ssl, STACK_OF(X509) *certs)
+	{
+	return 0;
+	}
+
+#ifdef OPENSSL_CAPIENG_DIALOG
+
+/* More complex cert selection function, using standard function
+ * CryptUIDlgSelectCertificateFromStore() to produce a dialog box.
+ */
+
+/* Definitions which are in cryptuiapi.h but this is not present in older
+ * versions of headers.
+ */
+
+#ifndef CRYPTUI_SELECT_LOCATION_COLUMN
+#define CRYPTUI_SELECT_LOCATION_COLUMN                   0x000000010
+#define CRYPTUI_SELECT_INTENDEDUSE_COLUMN                0x000000004
+#endif
+
+#define dlg_title L"OpenSSL Application SSL Client Certificate Selection"
+#define dlg_prompt L"Select a certificate to use for authentication"
+#define dlg_columns	 CRYPTUI_SELECT_LOCATION_COLUMN \
+			|CRYPTUI_SELECT_INTENDEDUSE_COLUMN
+
+static int cert_select_dialog(ENGINE *e, SSL *ssl, STACK_OF(X509) *certs)
+	{
+	X509 *x;
+	HCERTSTORE dstore;
+	PCCERT_CONTEXT cert;
+	CAPI_CTX *ctx;
+	CAPI_KEY *key;
+	HWND hwnd;
+	int i, idx = -1;
+	if (sk_X509_num(certs) == 1)
+		return 0;
+	ctx = ENGINE_get_ex_data(e, capi_idx);
+	/* Create an in memory store of certificates */
+	dstore = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0,
+					CERT_STORE_CREATE_NEW_FLAG, NULL);
+	if (!dstore)
+		{
+		CAPIerr(CAPI_F_CERT_SELECT_DIALOG, CAPI_R_ERROR_CREATING_STORE);
+		capi_addlasterror();
+		goto err;
+		}
+	/* Add all certificates to store */
+	for(i = 0; i < sk_X509_num(certs); i++)
+		{
+		x = sk_X509_value(certs, i);
+		key = X509_get_ex_data(x, cert_capi_idx);
+
+		if (!CertAddCertificateContextToStore(dstore, key->pcert,
+						CERT_STORE_ADD_NEW, NULL))
+			{
+			CAPIerr(CAPI_F_CERT_SELECT_DIALOG, CAPI_R_ERROR_ADDING_CERT);
+			capi_addlasterror();
+			goto err;
+			}
+
+		}
+	hwnd = GetForegroundWindow();
+	if (!hwnd)
+		hwnd = GetActiveWindow();
+	if (!hwnd && ctx->getconswindow)
+		hwnd = ctx->getconswindow();
+	/* Call dialog to select one */
+	cert = ctx->certselectdlg(dstore, hwnd, dlg_title, dlg_prompt,
+						dlg_columns, 0, NULL);
+
+	/* Find matching cert from list */
+	if (cert)
+		{
+		for(i = 0; i < sk_X509_num(certs); i++)
+			{
+			x = sk_X509_value(certs, i);
+			key = X509_get_ex_data(x, cert_capi_idx);
+			if (CertCompareCertificate(
+				X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
+					cert->pCertInfo,
+					key->pcert->pCertInfo))
+				{
+				idx = i;
+				break;
+				}
+			}
+		}
+
+	err:
+	if (dstore)
+		CertCloseStore(dstore, 0);
+	return idx;
+
+	}
+#endif
+
+#else /* !__COMPILE_CAPIENG */
+#include <openssl/engine.h>
+#ifndef OPENSSL_NO_DYNAMIC_ENGINE
+OPENSSL_EXPORT
+int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns) { return 0; }
+IMPLEMENT_DYNAMIC_CHECK_FN()
+#else
+void ENGINE_load_capi(void){}
+#endif
+#endif
diff --git a/engines/e_capi.ec b/engines/e_capi.ec
new file mode 100644
index 0000000000..d2ad668a98
--- /dev/null
+++ b/engines/e_capi.ec
@@ -0,0 +1 @@
+L       CAPI    e_capi_err.h e_capi_err.c
diff --git a/engines/e_capi_err.c b/engines/e_capi_err.c
new file mode 100644
index 0000000000..eaaefb261e
--- /dev/null
+++ b/engines/e_capi_err.c
@@ -0,0 +1,184 @@
+/* e_capi_err.c */
+/* ====================================================================
+ * Copyright (c) 1999-2008 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/* NOTE: this file was auto generated by the mkerr.pl script: any changes
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
+ */
+
+#include <stdio.h>
+#include <openssl/err.h>
+#include "e_capi_err.h"
+
+/* BEGIN ERROR CODES */
+#ifndef OPENSSL_NO_ERR
+
+#define ERR_FUNC(func) ERR_PACK(0,func,0)
+#define ERR_REASON(reason) ERR_PACK(0,0,reason)
+
+static ERR_STRING_DATA CAPI_str_functs[]=
+	{
+{ERR_FUNC(CAPI_F_CAPI_CERT_GET_FNAME),	"CAPI_CERT_GET_FNAME"},
+{ERR_FUNC(CAPI_F_CAPI_CTRL),	"CAPI_CTRL"},
+{ERR_FUNC(CAPI_F_CAPI_CTX_NEW),	"CAPI_CTX_NEW"},
+{ERR_FUNC(CAPI_F_CAPI_CTX_SET_PROVNAME),	"CAPI_CTX_SET_PROVNAME"},
+{ERR_FUNC(CAPI_F_CAPI_DSA_DO_SIGN),	"CAPI_DSA_DO_SIGN"},
+{ERR_FUNC(CAPI_F_CAPI_GET_KEY),	"CAPI_GET_KEY"},
+{ERR_FUNC(CAPI_F_CAPI_GET_PKEY),	"CAPI_GET_PKEY"},
+{ERR_FUNC(CAPI_F_CAPI_GET_PROVNAME),	"CAPI_GET_PROVNAME"},
+{ERR_FUNC(CAPI_F_CAPI_GET_PROV_INFO),	"CAPI_GET_PROV_INFO"},
+{ERR_FUNC(CAPI_F_CAPI_INIT),	"CAPI_INIT"},
+{ERR_FUNC(CAPI_F_CAPI_LIST_CONTAINERS),	"CAPI_LIST_CONTAINERS"},
+{ERR_FUNC(CAPI_F_CAPI_LOAD_PRIVKEY),	"CAPI_LOAD_PRIVKEY"},
+{ERR_FUNC(CAPI_F_CAPI_OPEN_STORE),	"CAPI_OPEN_STORE"},
+{ERR_FUNC(CAPI_F_CAPI_RSA_PRIV_DEC),	"CAPI_RSA_PRIV_DEC"},
+{ERR_FUNC(CAPI_F_CAPI_RSA_PRIV_ENC),	"CAPI_RSA_PRIV_ENC"},
+{ERR_FUNC(CAPI_F_CAPI_RSA_SIGN),	"CAPI_RSA_SIGN"},
+{ERR_FUNC(CAPI_F_CERT_SELECT_DIALOG),	"CERT_SELECT_DIALOG"},
+{ERR_FUNC(CAPI_F_CLIENT_CERT_SELECT),	"CLIENT_CERT_SELECT"},
+{ERR_FUNC(CAPI_F_WIDE_TO_ASC),	"WIDE_TO_ASC"},
+{0,NULL}
+	};
+
+static ERR_STRING_DATA CAPI_str_reasons[]=
+	{
+{ERR_REASON(CAPI_R_CANT_CREATE_HASH_OBJECT),"cant create hash object"},
+{ERR_REASON(CAPI_R_CANT_FIND_CAPI_CONTEXT),"cant find capi context"},
+{ERR_REASON(CAPI_R_CANT_GET_KEY)         ,"cant get key"},
+{ERR_REASON(CAPI_R_CANT_SET_HASH_VALUE)  ,"cant set hash value"},
+{ERR_REASON(CAPI_R_CRYPTACQUIRECONTEXT_ERROR),"cryptacquirecontext error"},
+{ERR_REASON(CAPI_R_CRYPTENUMPROVIDERS_ERROR),"cryptenumproviders error"},
+{ERR_REASON(CAPI_R_DECRYPT_ERROR)        ,"decrypt error"},
+{ERR_REASON(CAPI_R_ENGINE_NOT_INITIALIZED),"engine not initialized"},
+{ERR_REASON(CAPI_R_ENUMCONTAINERS_ERROR) ,"enumcontainers error"},
+{ERR_REASON(CAPI_R_ERROR_ADDING_CERT)    ,"error adding cert"},
+{ERR_REASON(CAPI_R_ERROR_CREATING_STORE) ,"error creating store"},
+{ERR_REASON(CAPI_R_ERROR_GETTING_FRIENDLY_NAME),"error getting friendly name"},
+{ERR_REASON(CAPI_R_ERROR_GETTING_KEY_PROVIDER_INFO),"error getting key provider info"},
+{ERR_REASON(CAPI_R_ERROR_OPENING_STORE)  ,"error opening store"},
+{ERR_REASON(CAPI_R_ERROR_SIGNING_HASH)   ,"error signing hash"},
+{ERR_REASON(CAPI_R_FUNCTION_NOT_SUPPORTED),"function not supported"},
+{ERR_REASON(CAPI_R_GETUSERKEY_ERROR)     ,"getuserkey error"},
+{ERR_REASON(CAPI_R_INVALID_DIGEST_LENGTH),"invalid digest length"},
+{ERR_REASON(CAPI_R_INVALID_DSA_PUBLIC_KEY_BLOB_MAGIC_NUMBER),"invalid dsa public key blob magic number"},
+{ERR_REASON(CAPI_R_INVALID_LOOKUP_METHOD),"invalid lookup method"},
+{ERR_REASON(CAPI_R_INVALID_PUBLIC_KEY_BLOB),"invalid public key blob"},
+{ERR_REASON(CAPI_R_INVALID_RSA_PUBLIC_KEY_BLOB_MAGIC_NUMBER),"invalid rsa public key blob magic number"},
+{ERR_REASON(CAPI_R_PUBKEY_EXPORT_ERROR)  ,"pubkey export error"},
+{ERR_REASON(CAPI_R_PUBKEY_EXPORT_LENGTH_ERROR),"pubkey export length error"},
+{ERR_REASON(CAPI_R_UNKNOWN_COMMAND)      ,"unknown command"},
+{ERR_REASON(CAPI_R_UNSUPPORTED_ALGORITHM_NID),"unsupported algorithm nid"},
+{ERR_REASON(CAPI_R_UNSUPPORTED_PADDING)  ,"unsupported padding"},
+{ERR_REASON(CAPI_R_UNSUPPORTED_PUBLIC_KEY_ALGORITHM),"unsupported public key algorithm"},
+{ERR_REASON(CAPI_R_WIN32_ERROR)          ,"win32 error"},
+{0,NULL}
+	};
+
+#endif
+
+#ifdef CAPI_LIB_NAME
+static ERR_STRING_DATA CAPI_lib_name[]=
+        {
+{0	,CAPI_LIB_NAME},
+{0,NULL}
+	};
+#endif
+
+
+static int CAPI_lib_error_code=0;
+static int CAPI_error_init=1;
+
+static void ERR_load_CAPI_strings(void)
+	{
+	if (CAPI_lib_error_code == 0)
+		CAPI_lib_error_code=ERR_get_next_error_library();
+
+	if (CAPI_error_init)
+		{
+		CAPI_error_init=0;
+#ifndef OPENSSL_NO_ERR
+		ERR_load_strings(CAPI_lib_error_code,CAPI_str_functs);
+		ERR_load_strings(CAPI_lib_error_code,CAPI_str_reasons);
+#endif
+
+#ifdef CAPI_LIB_NAME
+		CAPI_lib_name->error = ERR_PACK(CAPI_lib_error_code,0,0);
+		ERR_load_strings(0,CAPI_lib_name);
+#endif
+		}
+	}
+
+static void ERR_unload_CAPI_strings(void)
+	{
+	if (CAPI_error_init == 0)
+		{
+#ifndef OPENSSL_NO_ERR
+		ERR_unload_strings(CAPI_lib_error_code,CAPI_str_functs);
+		ERR_unload_strings(CAPI_lib_error_code,CAPI_str_reasons);
+#endif
+
+#ifdef CAPI_LIB_NAME
+		ERR_unload_strings(0,CAPI_lib_name);
+#endif
+		CAPI_error_init=1;
+		}
+	}
+
+static void ERR_CAPI_error(int function, int reason, char *file, int line)
+	{
+	if (CAPI_lib_error_code == 0)
+		CAPI_lib_error_code=ERR_get_next_error_library();
+	ERR_PUT_error(CAPI_lib_error_code,function,reason,file,line);
+	}
diff --git a/engines/e_capi_err.h b/engines/e_capi_err.h
new file mode 100644
index 0000000000..4c749ec43d
--- /dev/null
+++ b/engines/e_capi_err.h
@@ -0,0 +1,124 @@
+/* ====================================================================
+ * Copyright (c) 2001-2008 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_CAPI_ERR_H
+#define HEADER_CAPI_ERR_H
+
+/* BEGIN ERROR CODES */
+/* The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+static void ERR_load_CAPI_strings(void);
+static void ERR_unload_CAPI_strings(void);
+static void ERR_CAPI_error(int function, int reason, char *file, int line);
+#define CAPIerr(f,r) ERR_CAPI_error((f),(r),__FILE__,__LINE__)
+
+/* Error codes for the CAPI functions. */
+
+/* Function codes. */
+#define CAPI_F_CAPI_CERT_GET_FNAME			 99
+#define CAPI_F_CAPI_CTRL				 100
+#define CAPI_F_CAPI_CTX_NEW				 101
+#define CAPI_F_CAPI_CTX_SET_PROVNAME			 102
+#define CAPI_F_CAPI_DSA_DO_SIGN				 114
+#define CAPI_F_CAPI_GET_KEY				 103
+#define CAPI_F_CAPI_GET_PKEY				 115
+#define CAPI_F_CAPI_GET_PROVNAME			 104
+#define CAPI_F_CAPI_GET_PROV_INFO			 105
+#define CAPI_F_CAPI_INIT				 106
+#define CAPI_F_CAPI_LIST_CONTAINERS			 107
+#define CAPI_F_CAPI_LOAD_PRIVKEY			 108
+#define CAPI_F_CAPI_OPEN_STORE				 109
+#define CAPI_F_CAPI_RSA_PRIV_DEC			 110
+#define CAPI_F_CAPI_RSA_PRIV_ENC			 111
+#define CAPI_F_CAPI_RSA_SIGN				 112
+#define CAPI_F_CERT_SELECT_DIALOG			 117
+#define CAPI_F_CLIENT_CERT_SELECT			 116
+#define CAPI_F_WIDE_TO_ASC				 113
+
+/* Reason codes. */
+#define CAPI_R_CANT_CREATE_HASH_OBJECT			 99
+#define CAPI_R_CANT_FIND_CAPI_CONTEXT			 100
+#define CAPI_R_CANT_GET_KEY				 101
+#define CAPI_R_CANT_SET_HASH_VALUE			 102
+#define CAPI_R_CRYPTACQUIRECONTEXT_ERROR		 103
+#define CAPI_R_CRYPTENUMPROVIDERS_ERROR			 104
+#define CAPI_R_DECRYPT_ERROR				 105
+#define CAPI_R_ENGINE_NOT_INITIALIZED			 106
+#define CAPI_R_ENUMCONTAINERS_ERROR			 107
+#define CAPI_R_ERROR_ADDING_CERT			 125
+#define CAPI_R_ERROR_CREATING_STORE			 126
+#define CAPI_R_ERROR_GETTING_FRIENDLY_NAME		 108
+#define CAPI_R_ERROR_GETTING_KEY_PROVIDER_INFO		 109
+#define CAPI_R_ERROR_OPENING_STORE			 110
+#define CAPI_R_ERROR_SIGNING_HASH			 111
+#define CAPI_R_FUNCTION_NOT_SUPPORTED			 112
+#define CAPI_R_GETUSERKEY_ERROR				 113
+#define CAPI_R_INVALID_DIGEST_LENGTH			 124
+#define CAPI_R_INVALID_DSA_PUBLIC_KEY_BLOB_MAGIC_NUMBER	 122
+#define CAPI_R_INVALID_LOOKUP_METHOD			 114
+#define CAPI_R_INVALID_PUBLIC_KEY_BLOB			 115
+#define CAPI_R_INVALID_RSA_PUBLIC_KEY_BLOB_MAGIC_NUMBER	 123
+#define CAPI_R_PUBKEY_EXPORT_ERROR			 116
+#define CAPI_R_PUBKEY_EXPORT_LENGTH_ERROR		 117
+#define CAPI_R_UNKNOWN_COMMAND				 118
+#define CAPI_R_UNSUPPORTED_ALGORITHM_NID		 119
+#define CAPI_R_UNSUPPORTED_PADDING			 120
+#define CAPI_R_UNSUPPORTED_PUBLIC_KEY_ALGORITHM		 121
+#define CAPI_R_WIN32_ERROR				 127
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/engines/e_ncipher.c b/engines/e_chil.c
index 7564f6d2b4..c0643256f2 100644
--- a/engines/e_ncipher.c
+++ b/engines/e_chil.c
@@ -1,6 +1,6 @@
-/* crypto/engine/hw_ncipher.c -*- mode: C; c-file-style: "eay" -*- */
+/* crypto/engine/e_chil.c -*- mode: C; c-file-style: "eay" -*- */
 /* Written by Richard Levitte (richard@levitte.org), Geoff Thorpe
- * (geoff@geoffthorpe.net) and Dr Stephen N Henson (shenson@bigfoot.com)
+ * (geoff@geoffthorpe.net) and Dr Stephen N Henson (steve@openssl.org)
  * for the OpenSSL project 2000.
  */
 /* ====================================================================
@@ -65,12 +65,16 @@
 #include <openssl/engine.h>
 #include <openssl/ui.h>
 #include <openssl/rand.h>
+#ifndef OPENSSL_NO_RSA
 #include <openssl/rsa.h>
+#endif
+#ifndef OPENSSL_NO_DH
 #include <openssl/dh.h>
+#endif
 #include <openssl/bn.h>
 
 #ifndef OPENSSL_NO_HW
-#ifndef OPENSSL_NO_HW_NCIPHER
+#ifndef OPENSSL_NO_HW_CHIL
 
 /* Attribution notice: nCipher have said several times that it's OK for
  * us to implement a general interface to their boxes, and recently declared
@@ -86,8 +90,8 @@
 #include "vendor_defns/hwcryptohook.h"
 #endif
 
-#define HWCRHK_LIB_NAME "hwcrhk engine"
-#include "e_ncipher_err.c"
+#define HWCRHK_LIB_NAME "CHIL engine"
+#include "e_chil_err.c"
 
 static int hwcrhk_destroy(ENGINE *e);
 static int hwcrhk_init(ENGINE *e);
@@ -108,9 +112,11 @@ static int hwcrhk_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 /* RSA stuff */
 static int hwcrhk_rsa_mod_exp(BIGNUM *r, const BIGNUM *I, RSA *rsa, BN_CTX *ctx);
 #endif
+#ifndef OPENSSL_NO_RSA
 /* This function is aliased to mod_exp (with the mont stuff dropped). */
 static int hwcrhk_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 		const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+#endif
 
 #ifndef OPENSSL_NO_DH
 /* DH stuff */
@@ -129,8 +135,10 @@ static EVP_PKEY *hwcrhk_load_privkey(ENGINE *eng, const char *key_id,
 	UI_METHOD *ui_method, void *callback_data);
 static EVP_PKEY *hwcrhk_load_pubkey(ENGINE *eng, const char *key_id,
 	UI_METHOD *ui_method, void *callback_data);
+#ifndef OPENSSL_NO_RSA
 static void hwcrhk_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad,
 	int ind,long argl, void *argp);
+#endif
 
 /* Interaction stuff */
 static int hwcrhk_insert_card(const char *prompt_info,
@@ -156,11 +164,11 @@ static const ENGINE_CMD_DEFN hwcrhk_cmd_defns[] = {
 		ENGINE_CMD_FLAG_STRING},
 	{HWCRHK_CMD_FORK_CHECK,
 		"FORK_CHECK",
-		"Turns fork() checking on or off (boolean)",
+		"Turns fork() checking on (non-zero) or off (zero)",
 		ENGINE_CMD_FLAG_NUMERIC},
 	{HWCRHK_CMD_THREAD_LOCKING,
 		"THREAD_LOCKING",
-		"Turns thread-safe locking on or off (boolean)",
+		"Turns thread-safe locking on (zero) or off (non-zero)",
 		ENGINE_CMD_FLAG_NUMERIC},
 	{HWCRHK_CMD_SET_USER_INTERFACE,
 		"SET_USER_INTERFACE",
@@ -177,7 +185,7 @@ static const ENGINE_CMD_DEFN hwcrhk_cmd_defns[] = {
 /* Our internal RSA_METHOD that we provide pointers to */
 static RSA_METHOD hwcrhk_rsa =
 	{
-	"nCipher RSA method",
+	"CHIL RSA method",
 	NULL,
 	NULL,
 	NULL,
@@ -198,7 +206,7 @@ static RSA_METHOD hwcrhk_rsa =
 /* Our internal DH_METHOD that we provide pointers to */
 static DH_METHOD hwcrhk_dh =
 	{
-	"nCipher DH method",
+	"CHIL DH method",
 	NULL,
 	NULL,
 	hwcrhk_mod_exp_dh,
@@ -212,7 +220,7 @@ static DH_METHOD hwcrhk_dh =
 
 static RAND_METHOD hwcrhk_rand =
 	{
-	/* "nCipher RAND method", */
+	/* "CHIL RAND method", */
 	NULL,
 	hwcrhk_rand_bytes,
 	NULL,
@@ -223,7 +231,11 @@ static RAND_METHOD hwcrhk_rand =
 
 /* Constants used when creating the ENGINE */
 static const char *engine_hwcrhk_id = "chil";
-static const char *engine_hwcrhk_name = "nCipher hardware engine support";
+static const char *engine_hwcrhk_name = "CHIL hardware engine support";
+#ifndef OPENSSL_NO_DYNAMIC_ENGINE 
+/* Compatibility hack, the dynamic library uses this form in the path */
+static const char *engine_hwcrhk_id_alt = "ncipher";
+#endif
 
 /* Internal stuff for HWCryptoHook */
 
@@ -323,7 +335,7 @@ static HWCryptoHook_InitInfo hwcrhk_globals = {
 
 /* Now, to our own code */
 
-/* This internal function is used by ENGINE_ncipher() and possibly by the
+/* This internal function is used by ENGINE_chil() and possibly by the
  * "dynamic" ENGINE support too */
 static int bind_helper(ENGINE *e)
 	{
@@ -379,7 +391,7 @@ static int bind_helper(ENGINE *e)
 	}
 
 #ifdef OPENSSL_NO_DYNAMIC_ENGINE
-static ENGINE *engine_ncipher(void)
+static ENGINE *engine_chil(void)
 	{
 	ENGINE *ret = ENGINE_new();
 	if(!ret)
@@ -395,7 +407,7 @@ static ENGINE *engine_ncipher(void)
 void ENGINE_load_chil(void)
 	{
 	/* Copied from eng_[openssl|dyn].c */
-	ENGINE *toadd = engine_ncipher();
+	ENGINE *toadd = engine_chil();
 	if(!toadd) return;
 	ENGINE_add(toadd);
 	ENGINE_free(toadd);
@@ -491,7 +503,7 @@ static void release_context(HWCryptoHook_ContextHandle hac)
 	p_hwcrhk_Finish(hac);
 	}
 
-/* Destructor (complements the "ENGINE_ncipher()" constructor) */
+/* Destructor (complements the "ENGINE_chil()" constructor) */
 static int hwcrhk_destroy(ENGINE *e)
 	{
 	free_HWCRHK_LIBNAME();
@@ -576,12 +588,6 @@ static int hwcrhk_init(ENGINE *e)
 			hwcrhk_globals.mutex_release = hwcrhk_mutex_unlock;
 			hwcrhk_globals.mutex_destroy = hwcrhk_mutex_destroy;
 			}
-		else if (CRYPTO_get_locking_callback() != NULL)
-			{
-			HWCRHKerr(HWCRHK_F_HWCRHK_INIT,HWCRHK_R_LOCKING_MISSING);
-			ERR_add_error_data(1,"You HAVE to add dynamic locking callbacks via CRYPTO_set_dynlock_{create,lock,destroy}_callback()");
-			goto err;
-			}
 		}
 
 	/* Try and get a context - if not, we may have a DSO but no
@@ -758,8 +764,8 @@ static EVP_PKEY *hwcrhk_load_privkey(ENGINE *eng, const char *key_id,
 #if !defined(OPENSSL_NO_RSA)
 	char tempbuf[1024];
 	HWCryptoHook_ErrMsgBuf rmsg;
-#endif
 	HWCryptoHook_PassphraseContext ppctx;
+#endif
 
 #if !defined(OPENSSL_NO_RSA)
 	rmsg.buf = tempbuf;
@@ -808,7 +814,7 @@ static EVP_PKEY *hwcrhk_load_privkey(ENGINE *eng, const char *key_id,
 	if (p_hwcrhk_RSAGetPublicKey(*hptr, &n, &e, &rmsg)
 		!= HWCRYPTOHOOK_ERROR_MPISIZE)
 		{
-		HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PUBKEY,HWCRHK_R_CHIL_ERROR);
+		HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY,HWCRHK_R_CHIL_ERROR);
 		ERR_add_error_data(1,rmsg.buf);
 		goto err;
 		}
@@ -820,7 +826,7 @@ static EVP_PKEY *hwcrhk_load_privkey(ENGINE *eng, const char *key_id,
 
 	if (p_hwcrhk_RSAGetPublicKey(*hptr, &n, &e, &rmsg))
 		{
-		HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PUBKEY,
+		HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY,
 			HWCRHK_R_CHIL_ERROR);
 		ERR_add_error_data(1,rmsg.buf);
 		goto err;
@@ -835,13 +841,11 @@ static EVP_PKEY *hwcrhk_load_privkey(ENGINE *eng, const char *key_id,
 #endif
 
         if (!res)
-                HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PUBKEY,
+                HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY,
                         HWCRHK_R_PRIVATE_KEY_ALGORITHMS_DISABLED);
 
 	return res;
  err:
-	if (res)
-		EVP_PKEY_free(res);
 #ifndef OPENSSL_NO_RSA
 	if (rtmp)
 		RSA_free(rtmp);
@@ -962,7 +966,7 @@ static int hwcrhk_rsa_mod_exp(BIGNUM *r, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
 
 	if(!hwcrhk_context)
 		{
-		HWCRHKerr(HWCRHK_F_HWCRHK_MOD_EXP,HWCRHK_R_NOT_INITIALISED);
+		HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP,HWCRHK_R_NOT_INITIALISED);
 		goto err;
 		}
 
@@ -1067,12 +1071,14 @@ err:
 	}
 #endif
 
+#ifndef OPENSSL_NO_RSA
 /* This function is aliased to mod_exp (with the mont stuff dropped). */
 static int hwcrhk_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 		const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
 	{
 	return hwcrhk_mod_exp(r, a, p, m, ctx);
 	}
+#endif
 
 #ifndef OPENSSL_NO_DH
 /* This function is aliased to mod_exp (with the dh and mont dropped). */
@@ -1131,7 +1137,7 @@ static int hwcrhk_rand_status(void)
 	}
 
 /* This cleans up an RSA KM key, called when ex_data is freed */
-
+#ifndef OPENSSL_NO_RSA
 static void hwcrhk_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad,
 	int ind,long argl, void *argp)
 {
@@ -1156,6 +1162,7 @@ static void hwcrhk_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad,
                 }
 #endif
 }
+#endif
 
 /* Mutex calls: since the HWCryptoHook model closely follows the POSIX model
  * these just wrap the POSIX functions and add some logging.
@@ -1343,7 +1350,8 @@ static void hwcrhk_log_message(void *logstr, const char *message)
 #ifndef OPENSSL_NO_DYNAMIC_ENGINE
 static int bind_fn(ENGINE *e, const char *id)
 	{
-	if(id && (strcmp(id, engine_hwcrhk_id) != 0))
+	if(id && (strcmp(id, engine_hwcrhk_id) != 0) &&
+			(strcmp(id, engine_hwcrhk_id_alt) != 0))
 		return 0;
 	if(!bind_helper(e))
 		return 0;
@@ -1353,5 +1361,5 @@ IMPLEMENT_DYNAMIC_CHECK_FN()
 IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
 #endif /* OPENSSL_NO_DYNAMIC_ENGINE */
 
-#endif /* !OPENSSL_NO_HW_NCIPHER */
+#endif /* !OPENSSL_NO_HW_CHIL */
 #endif /* !OPENSSL_NO_HW */
diff --git a/engines/e_chil.ec b/engines/e_chil.ec
new file mode 100644
index 0000000000..b5a76e17df
--- /dev/null
+++ b/engines/e_chil.ec
@@ -0,0 +1 @@
+L HWCRHK	e_chil_err.h			e_chil_err.c
diff --git a/engines/e_ncipher_err.c b/engines/e_chil_err.c
index 6716517d9e..c5983b2fd5 100644
--- a/engines/e_ncipher_err.c
+++ b/engines/e_chil_err.c
@@ -1,6 +1,6 @@
-/* e_ncipher_err.c */
+/* e_chil_err.c */
 /* ====================================================================
- * Copyright (c) 1999-2002 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -60,42 +60,45 @@
 
 #include <stdio.h>
 #include <openssl/err.h>
-#include "e_ncipher_err.h"
+#include "e_chil_err.h"
 
 /* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
+
+#define ERR_FUNC(func) ERR_PACK(0,func,0)
+#define ERR_REASON(reason) ERR_PACK(0,0,reason)
+
 static ERR_STRING_DATA HWCRHK_str_functs[]=
 	{
-{ERR_PACK(0,HWCRHK_F_HWCRHK_CTRL,0),	"HWCRHK_CTRL"},
-{ERR_PACK(0,HWCRHK_F_HWCRHK_FINISH,0),	"HWCRHK_FINISH"},
-{ERR_PACK(0,HWCRHK_F_HWCRHK_GET_PASS,0),	"HWCRHK_GET_PASS"},
-{ERR_PACK(0,HWCRHK_F_HWCRHK_INIT,0),	"HWCRHK_INIT"},
-{ERR_PACK(0,HWCRHK_F_HWCRHK_INSERT_CARD,0),	"HWCRHK_INSERT_CARD"},
-{ERR_PACK(0,HWCRHK_F_HWCRHK_LOAD_PRIVKEY,0),	"HWCRHK_LOAD_PRIVKEY"},
-{ERR_PACK(0,HWCRHK_F_HWCRHK_LOAD_PUBKEY,0),	"HWCRHK_LOAD_PUBKEY"},
-{ERR_PACK(0,HWCRHK_F_HWCRHK_MOD_EXP,0),	"HWCRHK_MOD_EXP"},
-{ERR_PACK(0,HWCRHK_F_HWCRHK_RAND_BYTES,0),	"HWCRHK_RAND_BYTES"},
-{ERR_PACK(0,HWCRHK_F_HWCRHK_RSA_MOD_EXP,0),	"HWCRHK_RSA_MOD_EXP"},
+{ERR_FUNC(HWCRHK_F_HWCRHK_CTRL),	"HWCRHK_CTRL"},
+{ERR_FUNC(HWCRHK_F_HWCRHK_FINISH),	"HWCRHK_FINISH"},
+{ERR_FUNC(HWCRHK_F_HWCRHK_GET_PASS),	"HWCRHK_GET_PASS"},
+{ERR_FUNC(HWCRHK_F_HWCRHK_INIT),	"HWCRHK_INIT"},
+{ERR_FUNC(HWCRHK_F_HWCRHK_INSERT_CARD),	"HWCRHK_INSERT_CARD"},
+{ERR_FUNC(HWCRHK_F_HWCRHK_LOAD_PRIVKEY),	"HWCRHK_LOAD_PRIVKEY"},
+{ERR_FUNC(HWCRHK_F_HWCRHK_LOAD_PUBKEY),	"HWCRHK_LOAD_PUBKEY"},
+{ERR_FUNC(HWCRHK_F_HWCRHK_MOD_EXP),	"HWCRHK_MOD_EXP"},
+{ERR_FUNC(HWCRHK_F_HWCRHK_RAND_BYTES),	"HWCRHK_RAND_BYTES"},
+{ERR_FUNC(HWCRHK_F_HWCRHK_RSA_MOD_EXP),	"HWCRHK_RSA_MOD_EXP"},
 {0,NULL}
 	};
 
 static ERR_STRING_DATA HWCRHK_str_reasons[]=
 	{
-{HWCRHK_R_ALREADY_LOADED                 ,"already loaded"},
-{HWCRHK_R_BIO_WAS_FREED                  ,"bio was freed"},
-{HWCRHK_R_CHIL_ERROR                     ,"chil error"},
-{HWCRHK_R_CTRL_COMMAND_NOT_IMPLEMENTED   ,"ctrl command not implemented"},
-{HWCRHK_R_DSO_FAILURE                    ,"dso failure"},
-{HWCRHK_R_LOCKING_MISSING                ,"locking missing"},
-{HWCRHK_R_MISSING_KEY_COMPONENTS         ,"missing key components"},
-{HWCRHK_R_NOT_INITIALISED                ,"not initialised"},
-{HWCRHK_R_NOT_LOADED                     ,"not loaded"},
-{HWCRHK_R_NO_CALLBACK                    ,"no callback"},
-{HWCRHK_R_NO_KEY                         ,"no key"},
-{HWCRHK_R_PRIVATE_KEY_ALGORITHMS_DISABLED,"private key algorithms disabled"},
-{HWCRHK_R_REQUEST_FAILED                 ,"request failed"},
-{HWCRHK_R_REQUEST_FALLBACK               ,"request fallback"},
-{HWCRHK_R_UNIT_FAILURE                   ,"unit failure"},
+{ERR_REASON(HWCRHK_R_ALREADY_LOADED)     ,"already loaded"},
+{ERR_REASON(HWCRHK_R_BIO_WAS_FREED)      ,"bio was freed"},
+{ERR_REASON(HWCRHK_R_CHIL_ERROR)         ,"chil error"},
+{ERR_REASON(HWCRHK_R_CTRL_COMMAND_NOT_IMPLEMENTED),"ctrl command not implemented"},
+{ERR_REASON(HWCRHK_R_DSO_FAILURE)        ,"dso failure"},
+{ERR_REASON(HWCRHK_R_MISSING_KEY_COMPONENTS),"missing key components"},
+{ERR_REASON(HWCRHK_R_NOT_INITIALISED)    ,"not initialised"},
+{ERR_REASON(HWCRHK_R_NOT_LOADED)         ,"not loaded"},
+{ERR_REASON(HWCRHK_R_NO_CALLBACK)        ,"no callback"},
+{ERR_REASON(HWCRHK_R_NO_KEY)             ,"no key"},
+{ERR_REASON(HWCRHK_R_PRIVATE_KEY_ALGORITHMS_DISABLED),"private key algorithms disabled"},
+{ERR_REASON(HWCRHK_R_REQUEST_FAILED)     ,"request failed"},
+{ERR_REASON(HWCRHK_R_REQUEST_FALLBACK)   ,"request fallback"},
+{ERR_REASON(HWCRHK_R_UNIT_FAILURE)       ,"unit failure"},
 {0,NULL}
 	};
 
diff --git a/engines/e_ncipher_err.h b/engines/e_chil_err.h
index 482086e3b5..3c42a02393 100644
--- a/engines/e_ncipher_err.h
+++ b/engines/e_chil_err.h
@@ -55,6 +55,10 @@
 #ifndef HEADER_HWCRHK_ERR_H
 #define HEADER_HWCRHK_ERR_H
 
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
 /* BEGIN ERROR CODES */
 /* The following lines are auto generated by the script mkerr.pl. Any changes
  * made after this point may be overwritten when the script is next run.
@@ -84,7 +88,6 @@ static void ERR_HWCRHK_error(int function, int reason, char *file, int line);
 #define HWCRHK_R_CHIL_ERROR				 102
 #define HWCRHK_R_CTRL_COMMAND_NOT_IMPLEMENTED		 103
 #define HWCRHK_R_DSO_FAILURE				 104
-#define HWCRHK_R_LOCKING_MISSING			 114
 #define HWCRHK_R_MISSING_KEY_COMPONENTS			 105
 #define HWCRHK_R_NOT_INITIALISED			 106
 #define HWCRHK_R_NOT_LOADED				 107
diff --git a/engines/e_cswift.c b/engines/e_cswift.c
index 0f9c1b264c..bc65179846 100644
--- a/engines/e_cswift.c
+++ b/engines/e_cswift.c
@@ -62,9 +62,15 @@
 #include <openssl/buffer.h>
 #include <openssl/dso.h>
 #include <openssl/engine.h>
+#ifndef OPENSSL_NO_RSA
 #include <openssl/rsa.h>
+#endif
+#ifndef OPENSSL_NO_DSA
 #include <openssl/dsa.h>
+#endif
+#ifndef OPENSSL_NO_DH
 #include <openssl/dh.h>
+#endif
 #include <openssl/rand.h>
 #include <openssl/bn.h>
 
@@ -98,21 +104,26 @@ static int cswift_destroy(ENGINE *e);
 static int cswift_init(ENGINE *e);
 static int cswift_finish(ENGINE *e);
 static int cswift_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+#ifndef OPENSSL_NO_RSA
+static int cswift_bn_32copy(SW_LARGENUMBER * out, const BIGNUM * in);
+#endif
 
 /* BIGNUM stuff */
 static int cswift_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 		const BIGNUM *m, BN_CTX *ctx);
+#ifndef OPENSSL_NO_RSA
 static int cswift_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 		const BIGNUM *q, const BIGNUM *dmp1, const BIGNUM *dmq1,
 		const BIGNUM *iqmp, BN_CTX *ctx);
+#endif
 
 #ifndef OPENSSL_NO_RSA
 /* RSA stuff */
 static int cswift_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx);
-#endif
 /* This function is aliased to mod_exp (with the mont stuff dropped). */
 static int cswift_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 		const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+#endif
 
 #ifndef OPENSSL_NO_DSA
 /* DSA stuff */
@@ -415,7 +426,10 @@ static int cswift_init(ENGINE *e)
 	return 1;
 err:
 	if(cswift_dso)
+	{
 		DSO_free(cswift_dso);
+		cswift_dso = NULL;
+	}
 	p_CSwift_AcquireAccContext = NULL;
 	p_CSwift_AttachKeyParam = NULL;
 	p_CSwift_SimpleRequest = NULL;
@@ -565,6 +579,32 @@ err:
 	return to_return;
 	}
 
+
+#ifndef OPENSSL_NO_RSA
+int cswift_bn_32copy(SW_LARGENUMBER * out, const BIGNUM * in)
+{
+	int mod;
+	int numbytes = BN_num_bytes(in);
+
+	mod = 0;
+	while( ((out->nbytes = (numbytes+mod)) % 32) )
+	{
+		mod++;
+	}
+	out->value = (unsigned char*)OPENSSL_malloc(out->nbytes);
+	if(!out->value)
+	{
+		return 0;
+	}
+	BN_bn2bin(in, &out->value[mod]);
+	if(mod)
+		memset(out->value, 0, mod);
+
+	return 1;
+}
+#endif
+
+#ifndef OPENSSL_NO_RSA
 /* Un petit mod_exp chinois */
 static int cswift_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 			const BIGNUM *q, const BIGNUM *dmp1,
@@ -574,15 +614,16 @@ static int cswift_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 	SW_LARGENUMBER arg, res;
 	SW_PARAM sw_param;
 	SW_CONTEXT_HANDLE hac;
-	BIGNUM *rsa_p = NULL;
-	BIGNUM *rsa_q = NULL;
-	BIGNUM *rsa_dmp1 = NULL;
-	BIGNUM *rsa_dmq1 = NULL;
-	BIGNUM *rsa_iqmp = NULL;
-	BIGNUM *argument = NULL;
 	BIGNUM *result = NULL;
+	BIGNUM *argument = NULL;
 	int to_return = 0; /* expect failure */
 	int acquired = 0;
+
+	sw_param.up.crt.p.value = NULL;
+	sw_param.up.crt.q.value = NULL;
+	sw_param.up.crt.dmp1.value = NULL;
+	sw_param.up.crt.dmq1.value = NULL;
+	sw_param.up.crt.iqmp.value = NULL;
  
 	if(!get_context(&hac))
 		{
@@ -590,44 +631,55 @@ static int cswift_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 		goto err;
 		}
 	acquired = 1;
+
 	/* Prepare the params */
-	BN_CTX_start(ctx);
-	rsa_p = BN_CTX_get(ctx);
-	rsa_q = BN_CTX_get(ctx);
-	rsa_dmp1 = BN_CTX_get(ctx);
-	rsa_dmq1 = BN_CTX_get(ctx);
-	rsa_iqmp = BN_CTX_get(ctx);
-	argument = BN_CTX_get(ctx);
-	result = BN_CTX_get(ctx);
-	if(!result)
+	argument = BN_new();
+	result = BN_new();
+	if(!result || !argument)
 		{
 		CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_BN_CTX_FULL);
 		goto err;
 		}
-	if(!bn_wexpand(rsa_p, p->top) || !bn_wexpand(rsa_q, q->top) ||
-			!bn_wexpand(rsa_dmp1, dmp1->top) ||
-			!bn_wexpand(rsa_dmq1, dmq1->top) ||
-			!bn_wexpand(rsa_iqmp, iqmp->top) ||
-			!bn_wexpand(argument, a->top) ||
+
+
+	sw_param.type = SW_ALG_CRT;
+	/************************************************************************/
+	/* 04/02/2003                                                           */
+	/* Modified by Frederic Giudicelli (deny-all.com) to overcome the       */
+	/* limitation of cswift with values not a multiple of 32                */
+	/************************************************************************/
+	if(!cswift_bn_32copy(&sw_param.up.crt.p, p))
+	{
+		CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_BN_EXPAND_FAIL);
+		goto err;
+	}
+	if(!cswift_bn_32copy(&sw_param.up.crt.q, q))
+	{
+		CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_BN_EXPAND_FAIL);
+		goto err;
+	}
+	if(!cswift_bn_32copy(&sw_param.up.crt.dmp1, dmp1))
+	{
+		CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_BN_EXPAND_FAIL);
+		goto err;
+	}
+	if(!cswift_bn_32copy(&sw_param.up.crt.dmq1, dmq1))
+	{
+		CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_BN_EXPAND_FAIL);
+		goto err;
+	}
+	if(!cswift_bn_32copy(&sw_param.up.crt.iqmp, iqmp))
+	{
+		CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_BN_EXPAND_FAIL);
+		goto err;
+	}
+	if(	!bn_wexpand(argument, a->top) ||
 			!bn_wexpand(result, p->top + q->top))
 		{
 		CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_BN_EXPAND_FAIL);
 		goto err;
 		}
-	sw_param.type = SW_ALG_CRT;
-	sw_param.up.crt.p.nbytes = BN_bn2bin(p, (unsigned char *)rsa_p->d);
-	sw_param.up.crt.p.value = (unsigned char *)rsa_p->d;
-	sw_param.up.crt.q.nbytes = BN_bn2bin(q, (unsigned char *)rsa_q->d);
-	sw_param.up.crt.q.value = (unsigned char *)rsa_q->d;
-	sw_param.up.crt.dmp1.nbytes = BN_bn2bin(dmp1,
-		(unsigned char *)rsa_dmp1->d);
-	sw_param.up.crt.dmp1.value = (unsigned char *)rsa_dmp1->d;
-	sw_param.up.crt.dmq1.nbytes = BN_bn2bin(dmq1,
-		(unsigned char *)rsa_dmq1->d);
-	sw_param.up.crt.dmq1.value = (unsigned char *)rsa_dmq1->d;
-	sw_param.up.crt.iqmp.nbytes = BN_bn2bin(iqmp,
-		(unsigned char *)rsa_iqmp->d);
-	sw_param.up.crt.iqmp.value = (unsigned char *)rsa_iqmp->d;
+
 	/* Attach the key params */
 	sw_status = p_CSwift_AttachKeyParam(hac, &sw_param);
 	switch(sw_status)
@@ -666,35 +718,91 @@ static int cswift_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 	BN_bin2bn((unsigned char *)result->d, res.nbytes, r);
 	to_return = 1;
 err:
+	if(sw_param.up.crt.p.value)
+		OPENSSL_free(sw_param.up.crt.p.value);
+	if(sw_param.up.crt.q.value)
+		OPENSSL_free(sw_param.up.crt.q.value);
+	if(sw_param.up.crt.dmp1.value)
+		OPENSSL_free(sw_param.up.crt.dmp1.value);
+	if(sw_param.up.crt.dmq1.value)
+		OPENSSL_free(sw_param.up.crt.dmq1.value);
+	if(sw_param.up.crt.iqmp.value)
+		OPENSSL_free(sw_param.up.crt.iqmp.value);
+	if(result)
+		BN_free(result);
+	if(argument)
+		BN_free(argument);
 	if(acquired)
 		release_context(hac);
-	BN_CTX_end(ctx);
 	return to_return;
 	}
+#endif
  
 #ifndef OPENSSL_NO_RSA
 static int cswift_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
 	{
 	int to_return = 0;
+	const RSA_METHOD * def_rsa_method;
 
 	if(!rsa->p || !rsa->q || !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp)
 		{
 		CSWIFTerr(CSWIFT_F_CSWIFT_RSA_MOD_EXP,CSWIFT_R_MISSING_KEY_COMPONENTS);
 		goto err;
 		}
+
+	/* Try the limits of RSA (2048 bits) */
+	if(BN_num_bytes(rsa->p) > 128 ||
+		BN_num_bytes(rsa->q) > 128 ||
+		BN_num_bytes(rsa->dmp1) > 128 ||
+		BN_num_bytes(rsa->dmq1) > 128 ||
+		BN_num_bytes(rsa->iqmp) > 128)
+	{
+#ifdef RSA_NULL
+		def_rsa_method=RSA_null_method();
+#else
+#if 0
+		def_rsa_method=RSA_PKCS1_RSAref();
+#else
+		def_rsa_method=RSA_PKCS1_SSLeay();
+#endif
+#endif
+		if(def_rsa_method)
+			return def_rsa_method->rsa_mod_exp(r0, I, rsa, ctx);
+	}
+
 	to_return = cswift_mod_exp_crt(r0, I, rsa->p, rsa->q, rsa->dmp1,
 		rsa->dmq1, rsa->iqmp, ctx);
 err:
 	return to_return;
 	}
-#endif
 
 /* This function is aliased to mod_exp (with the mont stuff dropped). */
 static int cswift_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 		const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
 	{
+	const RSA_METHOD * def_rsa_method;
+
+	/* Try the limits of RSA (2048 bits) */
+	if(BN_num_bytes(r) > 256 ||
+		BN_num_bytes(a) > 256 ||
+		BN_num_bytes(m) > 256)
+	{
+#ifdef RSA_NULL
+		def_rsa_method=RSA_null_method();
+#else
+#if 0
+		def_rsa_method=RSA_PKCS1_RSAref();
+#else
+		def_rsa_method=RSA_PKCS1_SSLeay();
+#endif
+#endif
+		if(def_rsa_method)
+			return def_rsa_method->bn_mod_exp(r, a, p, m, ctx, m_ctx);
+	}
+
 	return cswift_mod_exp(r, a, p, m, ctx);
 	}
+#endif	/* OPENSSL_NO_RSA */
 
 #ifndef OPENSSL_NO_DSA
 static DSA_SIG *cswift_dsa_sign(const unsigned char *dgst, int dlen, DSA *dsa)
@@ -937,45 +1045,64 @@ static int cswift_rand_bytes(unsigned char *buf, int num)
 	SW_CONTEXT_HANDLE hac;
 	SW_STATUS swrc;
 	SW_LARGENUMBER largenum;
-	size_t nbytes = 0;
 	int acquired = 0;
 	int to_return = 0; /* assume failure */
+	unsigned char buf32[1024];
+
 
 	if (!get_context(&hac))
 	{
-		CSWIFTerr(CSWIFT_F_CSWIFT_CTRL, CSWIFT_R_UNIT_FAILURE);
+		CSWIFTerr(CSWIFT_F_CSWIFT_RAND_BYTES, CSWIFT_R_UNIT_FAILURE);
 		goto err;
 	}
 	acquired = 1;
 
-	while (nbytes < (size_t)num)
+	/************************************************************************/
+	/* 04/02/2003                                                           */
+	/* Modified by Frederic Giudicelli (deny-all.com) to overcome the       */
+	/* limitation of cswift with values not a multiple of 32                */
+	/************************************************************************/
+
+	while(num >= (int)sizeof(buf32))
 	{
+		largenum.value = buf;
+		largenum.nbytes = sizeof(buf32);
 		/* tell CryptoSwift how many bytes we want and where we want it.
 		 * Note: - CryptoSwift cannot do more than 4096 bytes at a time.
 		 *       - CryptoSwift can only do multiple of 32-bits. */
-		largenum.value = (SW_BYTE *) buf + nbytes;
-		if (4096 > num - nbytes)
-			largenum.nbytes = num - nbytes;
-		else
-			largenum.nbytes = 4096;
-
 		swrc = p_CSwift_SimpleRequest(hac, SW_CMD_RAND, NULL, 0, &largenum, 1);
 		if (swrc != SW_OK)
 		{
 			char tmpbuf[20];
-			CSWIFTerr(CSWIFT_F_CSWIFT_CTRL, CSWIFT_R_REQUEST_FAILED);
+			CSWIFTerr(CSWIFT_F_CSWIFT_RAND_BYTES, CSWIFT_R_REQUEST_FAILED);
 			sprintf(tmpbuf, "%ld", swrc);
 			ERR_add_error_data(2, "CryptoSwift error number is ", tmpbuf);
 			goto err;
 		}
-
-		nbytes += largenum.nbytes;
+		buf += sizeof(buf32);
+		num -= sizeof(buf32);
+	}
+	if(num)
+	{
+		largenum.nbytes = sizeof(buf32);
+		largenum.value = buf32;
+		swrc = p_CSwift_SimpleRequest(hac, SW_CMD_RAND, NULL, 0, &largenum, 1);
+		if (swrc != SW_OK)
+		{
+			char tmpbuf[20];
+			CSWIFTerr(CSWIFT_F_CSWIFT_RAND_BYTES, CSWIFT_R_REQUEST_FAILED);
+			sprintf(tmpbuf, "%ld", swrc);
+			ERR_add_error_data(2, "CryptoSwift error number is ", tmpbuf);
+			goto err;
+		}
+		memcpy(buf, largenum.value, num);
 	}
-	to_return = 1;  /* success */
 
+	to_return = 1;  /* success */
 err:
 	if (acquired)
 		release_context(hac);
+
 	return to_return;
 }
 
diff --git a/engines/e_cswift_err.c b/engines/e_cswift_err.c
index 3c1111ba40..c7942a31fc 100644
--- a/engines/e_cswift_err.c
+++ b/engines/e_cswift_err.c
@@ -1,6 +1,6 @@
-/* hw_cswift_err.c */
+/* e_cswift_err.c */
 /* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -64,30 +64,35 @@
 
 /* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
+
+#define ERR_FUNC(func) ERR_PACK(0,func,0)
+#define ERR_REASON(reason) ERR_PACK(0,0,reason)
+
 static ERR_STRING_DATA CSWIFT_str_functs[]=
 	{
-{ERR_PACK(0,CSWIFT_F_CSWIFT_CTRL,0),	"CSWIFT_CTRL"},
-{ERR_PACK(0,CSWIFT_F_CSWIFT_DSA_SIGN,0),	"CSWIFT_DSA_SIGN"},
-{ERR_PACK(0,CSWIFT_F_CSWIFT_DSA_VERIFY,0),	"CSWIFT_DSA_VERIFY"},
-{ERR_PACK(0,CSWIFT_F_CSWIFT_FINISH,0),	"CSWIFT_FINISH"},
-{ERR_PACK(0,CSWIFT_F_CSWIFT_INIT,0),	"CSWIFT_INIT"},
-{ERR_PACK(0,CSWIFT_F_CSWIFT_MOD_EXP,0),	"CSWIFT_MOD_EXP"},
-{ERR_PACK(0,CSWIFT_F_CSWIFT_MOD_EXP_CRT,0),	"CSWIFT_MOD_EXP_CRT"},
-{ERR_PACK(0,CSWIFT_F_CSWIFT_RSA_MOD_EXP,0),	"CSWIFT_RSA_MOD_EXP"},
+{ERR_FUNC(CSWIFT_F_CSWIFT_CTRL),	"CSWIFT_CTRL"},
+{ERR_FUNC(CSWIFT_F_CSWIFT_DSA_SIGN),	"CSWIFT_DSA_SIGN"},
+{ERR_FUNC(CSWIFT_F_CSWIFT_DSA_VERIFY),	"CSWIFT_DSA_VERIFY"},
+{ERR_FUNC(CSWIFT_F_CSWIFT_FINISH),	"CSWIFT_FINISH"},
+{ERR_FUNC(CSWIFT_F_CSWIFT_INIT),	"CSWIFT_INIT"},
+{ERR_FUNC(CSWIFT_F_CSWIFT_MOD_EXP),	"CSWIFT_MOD_EXP"},
+{ERR_FUNC(CSWIFT_F_CSWIFT_MOD_EXP_CRT),	"CSWIFT_MOD_EXP_CRT"},
+{ERR_FUNC(CSWIFT_F_CSWIFT_RAND_BYTES),	"CSWIFT_RAND_BYTES"},
+{ERR_FUNC(CSWIFT_F_CSWIFT_RSA_MOD_EXP),	"CSWIFT_RSA_MOD_EXP"},
 {0,NULL}
 	};
 
 static ERR_STRING_DATA CSWIFT_str_reasons[]=
 	{
-{CSWIFT_R_ALREADY_LOADED                 ,"already loaded"},
-{CSWIFT_R_BAD_KEY_SIZE                   ,"bad key size"},
-{CSWIFT_R_BN_CTX_FULL                    ,"bn ctx full"},
-{CSWIFT_R_BN_EXPAND_FAIL                 ,"bn expand fail"},
-{CSWIFT_R_CTRL_COMMAND_NOT_IMPLEMENTED   ,"ctrl command not implemented"},
-{CSWIFT_R_MISSING_KEY_COMPONENTS         ,"missing key components"},
-{CSWIFT_R_NOT_LOADED                     ,"not loaded"},
-{CSWIFT_R_REQUEST_FAILED                 ,"request failed"},
-{CSWIFT_R_UNIT_FAILURE                   ,"unit failure"},
+{ERR_REASON(CSWIFT_R_ALREADY_LOADED)     ,"already loaded"},
+{ERR_REASON(CSWIFT_R_BAD_KEY_SIZE)       ,"bad key size"},
+{ERR_REASON(CSWIFT_R_BN_CTX_FULL)        ,"bn ctx full"},
+{ERR_REASON(CSWIFT_R_BN_EXPAND_FAIL)     ,"bn expand fail"},
+{ERR_REASON(CSWIFT_R_CTRL_COMMAND_NOT_IMPLEMENTED),"ctrl command not implemented"},
+{ERR_REASON(CSWIFT_R_MISSING_KEY_COMPONENTS),"missing key components"},
+{ERR_REASON(CSWIFT_R_NOT_LOADED)         ,"not loaded"},
+{ERR_REASON(CSWIFT_R_REQUEST_FAILED)     ,"request failed"},
+{ERR_REASON(CSWIFT_R_UNIT_FAILURE)       ,"unit failure"},
 {0,NULL}
 	};
 
diff --git a/engines/e_cswift_err.h b/engines/e_cswift_err.h
index 7120c3216f..69c2a9f874 100644
--- a/engines/e_cswift_err.h
+++ b/engines/e_cswift_err.h
@@ -55,6 +55,10 @@
 #ifndef HEADER_CSWIFT_ERR_H
 #define HEADER_CSWIFT_ERR_H
 
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
 /* BEGIN ERROR CODES */
 /* The following lines are auto generated by the script mkerr.pl. Any changes
  * made after this point may be overwritten when the script is next run.
@@ -74,6 +78,7 @@ static void ERR_CSWIFT_error(int function, int reason, char *file, int line);
 #define CSWIFT_F_CSWIFT_INIT				 104
 #define CSWIFT_F_CSWIFT_MOD_EXP				 105
 #define CSWIFT_F_CSWIFT_MOD_EXP_CRT			 106
+#define CSWIFT_F_CSWIFT_RAND_BYTES			 108
 #define CSWIFT_F_CSWIFT_RSA_MOD_EXP			 107
 
 /* Reason codes. */
diff --git a/engines/e_gmp.c b/engines/e_gmp.c
index 39da65f74b..c1f5601b62 100644
--- a/engines/e_gmp.c
+++ b/engines/e_gmp.c
@@ -57,10 +57,10 @@
  */
 
 /* This engine is not (currently) compiled in by default. Do enable it,
- * reconfigure OpenSSL with "-DOPENSSL_USE_GMP -lgmp". The GMP libraries and
+ * reconfigure OpenSSL with "enable-gmp -lgmp". The GMP libraries and
  * headers must reside in one of the paths searched by the compiler/linker,
  * otherwise paths must be specified - eg. try configuring with
- * "-DOPENSSL_USE_GMP -I<includepath> -L<libpath> -lgmp". YMMV. */
+ * "enable-gmp -I<includepath> -L<libpath> -lgmp". YMMV. */
 
 /* As for what this does - it's a largely unoptimised implementation of an
  * ENGINE that uses the GMP library to perform RSA private key operations. To
@@ -85,9 +85,13 @@
 #include <openssl/crypto.h>
 #include <openssl/buffer.h>
 #include <openssl/engine.h>
+#ifndef OPENSSL_NO_RSA
+#include <openssl/rsa.h>
+#endif
+#include <openssl/bn.h>
 
 #ifndef OPENSSL_NO_HW
-#if defined(OPENSSL_USE_GMP) && !defined(OPENSSL_NO_HW_GMP)
+#ifndef OPENSSL_NO_GMP
 
 #include <gmp.h>
 
@@ -251,27 +255,61 @@ static int e_gmp_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void))
 	return to_return;
 	}
 
-/* HACK - use text I/O functions in openssl and GMP to handle conversions. This
- * is vile. */
+
+/* Most often limb sizes will be the same. If not, we use hex conversion
+ * which is neat, but extremely inefficient. */
 static int bn2gmp(const BIGNUM *bn, mpz_t g)
 	{
-	int toret;
-	char *tmpchar = BN_bn2hex(bn);
-	if(!tmpchar) return 0;
-	toret = (mpz_set_str(g, tmpchar, 16) == 0 ? 1 : 0);
-	OPENSSL_free(tmpchar);
-	return toret;
+	bn_check_top(bn);
+	if(((sizeof(bn->d[0]) * 8) == GMP_NUMB_BITS) &&
+			(BN_BITS2 == GMP_NUMB_BITS)) 
+		{
+		/* The common case */
+		if(!_mpz_realloc (g, bn->top))
+			return 0;
+		memcpy(&g->_mp_d[0], &bn->d[0], bn->top * sizeof(bn->d[0]));
+		g->_mp_size = bn->top;
+		if(bn->neg)
+			g->_mp_size = -g->_mp_size;
+		return 1;
+		}
+	else
+		{
+		int toret;
+		char *tmpchar = BN_bn2hex(bn);
+		if(!tmpchar) return 0;
+		toret = (mpz_set_str(g, tmpchar, 16) == 0 ? 1 : 0);
+		OPENSSL_free(tmpchar);
+		return toret;
+		}
 	}
 
 static int gmp2bn(mpz_t g, BIGNUM *bn)
 	{
-	int toret;
-	char *tmpchar = OPENSSL_malloc(mpz_sizeinbase(g, 16) + 10);
-	if(!tmpchar) return 0;
-	mpz_get_str(tmpchar, 16, g);
-	toret = BN_hex2bn(&bn, tmpchar);
-	OPENSSL_free(tmpchar);
-	return toret;
+	if(((sizeof(bn->d[0]) * 8) == GMP_NUMB_BITS) &&
+			(BN_BITS2 == GMP_NUMB_BITS))
+		{
+		/* The common case */
+		int s = (g->_mp_size >= 0) ? g->_mp_size : -g->_mp_size;
+		BN_zero(bn);
+		if(bn_expand2 (bn, s) == NULL)
+			return 0;
+		bn->top = s;
+		memcpy(&bn->d[0], &g->_mp_d[0], s * sizeof(bn->d[0]));
+		bn_correct_top(bn);
+		bn->neg = g->_mp_size >= 0 ? 0 : 1;
+		return 1;
+		}
+	else
+		{
+		int toret;
+		char *tmpchar = OPENSSL_malloc(mpz_sizeinbase(g, 16) + 10);
+		if(!tmpchar) return 0;
+		mpz_get_str(tmpchar, 16, g);
+		toret = BN_hex2bn(&bn, tmpchar);
+		OPENSSL_free(tmpchar);
+		return toret;
+		}
 	}
 
 #ifndef OPENSSL_NO_RSA 
@@ -415,9 +453,13 @@ static int e_gmp_rsa_mod_exp(BIGNUM *r, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
 	}
 #endif
 
+#endif /* !OPENSSL_NO_GMP */
+
 /* This stuff is needed if this ENGINE is being compiled into a self-contained
  * shared-library. */	   
-#ifdef ENGINE_DYNAMIC_SUPPORT
+#ifndef OPENSSL_NO_DYNAMIC_ENGINE
+IMPLEMENT_DYNAMIC_CHECK_FN()
+#ifndef OPENSSL_NO_GMP
 static int bind_fn(ENGINE *e, const char *id)
 	{
 	if(id && (strcmp(id, engine_e_gmp_id) != 0))
@@ -426,10 +468,11 @@ static int bind_fn(ENGINE *e, const char *id)
 		return 0;
 	return 1;
 	}       
-IMPLEMENT_DYNAMIC_CHECK_FN()
 IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
-#endif /* ENGINE_DYNAMIC_SUPPORT */
+#else
+OPENSSL_EXPORT
+int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns) { return 0; }
+#endif
+#endif /* !OPENSSL_NO_DYNAMIC_ENGINE */
 
-#endif /* !OPENSSL_NO_HW_GMP */
 #endif /* !OPENSSL_NO_HW */
-
diff --git a/engines/e_gmp_err.c b/engines/e_gmp_err.c
index 383832ad2f..61db956796 100644
--- a/engines/e_gmp_err.c
+++ b/engines/e_gmp_err.c
@@ -1,6 +1,6 @@
 /* e_gmp_err.c */
 /* ====================================================================
- * Copyright (c) 1999-2002 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -64,18 +64,22 @@
 
 /* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
+
+#define ERR_FUNC(func) ERR_PACK(0,func,0)
+#define ERR_REASON(reason) ERR_PACK(0,0,reason)
+
 static ERR_STRING_DATA GMP_str_functs[]=
 	{
-{ERR_PACK(0,GMP_F_E_GMP_CTRL,0),	"E_GMP_CTRL"},
-{ERR_PACK(0,GMP_F_E_GMP_RSA_MOD_EXP,0),	"E_GMP_RSA_MOD_EXP"},
+{ERR_FUNC(GMP_F_E_GMP_CTRL),	"E_GMP_CTRL"},
+{ERR_FUNC(GMP_F_E_GMP_RSA_MOD_EXP),	"E_GMP_RSA_MOD_EXP"},
 {0,NULL}
 	};
 
 static ERR_STRING_DATA GMP_str_reasons[]=
 	{
-{GMP_R_CTRL_COMMAND_NOT_IMPLEMENTED      ,"ctrl command not implemented"},
-{GMP_R_KEY_CONTEXT_ERROR                 ,"key context error"},
-{GMP_R_MISSING_KEY_COMPONENTS            ,"missing key components"},
+{ERR_REASON(GMP_R_CTRL_COMMAND_NOT_IMPLEMENTED),"ctrl command not implemented"},
+{ERR_REASON(GMP_R_KEY_CONTEXT_ERROR)     ,"key context error"},
+{ERR_REASON(GMP_R_MISSING_KEY_COMPONENTS),"missing key components"},
 {0,NULL}
 	};
 
diff --git a/engines/e_gmp_err.h b/engines/e_gmp_err.h
index cf46f0ec74..dd05dfd800 100644
--- a/engines/e_gmp_err.h
+++ b/engines/e_gmp_err.h
@@ -55,6 +55,10 @@
 #ifndef HEADER_GMP_ERR_H
 #define HEADER_GMP_ERR_H
 
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
 /* BEGIN ERROR CODES */
 /* The following lines are auto generated by the script mkerr.pl. Any changes
  * made after this point may be overwritten when the script is next run.
diff --git a/engines/e_ncipher.ec b/engines/e_ncipher.ec
deleted file mode 100644
index 561db41e52..0000000000
--- a/engines/e_ncipher.ec
+++ /dev/null
@@ -1 +0,0 @@
-L HWCRHK	e_ncipher_err.h			e_ncipher_err.c
diff --git a/engines/e_nuron.c b/engines/e_nuron.c
index f6875d1fa8..4c2537cbc3 100644
--- a/engines/e_nuron.c
+++ b/engines/e_nuron.c
@@ -62,9 +62,15 @@
 #include <openssl/buffer.h>
 #include <openssl/dso.h>
 #include <openssl/engine.h>
+#ifndef OPENSSL_NO_RSA
 #include <openssl/rsa.h>
+#endif
+#ifndef OPENSSL_NO_DSA
 #include <openssl/dsa.h>
+#endif
+#ifndef OPENSSL_NO_DH
 #include <openssl/dh.h>
+#endif
 #include <openssl/bn.h>
 
 #ifndef OPENSSL_NO_HW
@@ -242,11 +248,13 @@ static int nuron_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a,
 #endif
 
 /* This function is aliased to mod_exp (with the mont stuff dropped). */
+#ifndef OPENSSL_NO_RSA
 static int nuron_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 			      const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
 	{
 	return nuron_mod_exp(r, a, p, m, ctx);
 	}
+#endif
 
 #ifndef OPENSSL_NO_DH
 /* This function is aliased to mod_exp (with the dh and mont dropped). */
diff --git a/engines/e_nuron_err.c b/engines/e_nuron_err.c
index 739529a1fa..9a7864f42f 100644
--- a/engines/e_nuron_err.c
+++ b/engines/e_nuron_err.c
@@ -1,6 +1,6 @@
-/* hw_nuron_err.c */
+/* e_nuron_err.c */
 /* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -64,23 +64,27 @@
 
 /* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
+
+#define ERR_FUNC(func) ERR_PACK(0,func,0)
+#define ERR_REASON(reason) ERR_PACK(0,0,reason)
+
 static ERR_STRING_DATA NURON_str_functs[]=
 	{
-{ERR_PACK(0,NURON_F_NURON_CTRL,0),	"NURON_CTRL"},
-{ERR_PACK(0,NURON_F_NURON_FINISH,0),	"NURON_FINISH"},
-{ERR_PACK(0,NURON_F_NURON_INIT,0),	"NURON_INIT"},
-{ERR_PACK(0,NURON_F_NURON_MOD_EXP,0),	"NURON_MOD_EXP"},
+{ERR_FUNC(NURON_F_NURON_CTRL),	"NURON_CTRL"},
+{ERR_FUNC(NURON_F_NURON_FINISH),	"NURON_FINISH"},
+{ERR_FUNC(NURON_F_NURON_INIT),	"NURON_INIT"},
+{ERR_FUNC(NURON_F_NURON_MOD_EXP),	"NURON_MOD_EXP"},
 {0,NULL}
 	};
 
 static ERR_STRING_DATA NURON_str_reasons[]=
 	{
-{NURON_R_ALREADY_LOADED                  ,"already loaded"},
-{NURON_R_CTRL_COMMAND_NOT_IMPLEMENTED    ,"ctrl command not implemented"},
-{NURON_R_DSO_FAILURE                     ,"dso failure"},
-{NURON_R_DSO_FUNCTION_NOT_FOUND          ,"dso function not found"},
-{NURON_R_DSO_NOT_FOUND                   ,"dso not found"},
-{NURON_R_NOT_LOADED                      ,"not loaded"},
+{ERR_REASON(NURON_R_ALREADY_LOADED)      ,"already loaded"},
+{ERR_REASON(NURON_R_CTRL_COMMAND_NOT_IMPLEMENTED),"ctrl command not implemented"},
+{ERR_REASON(NURON_R_DSO_FAILURE)         ,"dso failure"},
+{ERR_REASON(NURON_R_DSO_FUNCTION_NOT_FOUND),"dso function not found"},
+{ERR_REASON(NURON_R_DSO_NOT_FOUND)       ,"dso not found"},
+{ERR_REASON(NURON_R_NOT_LOADED)          ,"not loaded"},
 {0,NULL}
 	};
 
diff --git a/engines/e_nuron_err.h b/engines/e_nuron_err.h
index a56bfdf303..219babbb45 100644
--- a/engines/e_nuron_err.h
+++ b/engines/e_nuron_err.h
@@ -55,6 +55,10 @@
 #ifndef HEADER_NURON_ERR_H
 #define HEADER_NURON_ERR_H
 
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
 /* BEGIN ERROR CODES */
 /* The following lines are auto generated by the script mkerr.pl. Any changes
  * made after this point may be overwritten when the script is next run.
diff --git a/crypto/engine/eng_padlock.c b/engines/e_padlock.c
index 4f64a06fb0..240b1f9b57 100644
--- a/crypto/engine/eng_padlock.c
+++ b/engines/e_padlock.c
@@ -66,12 +66,16 @@
 #include <stdio.h>
 #include <string.h>
 
+#include <openssl/opensslconf.h>
 #include <openssl/crypto.h>
 #include <openssl/dso.h>
 #include <openssl/engine.h>
 #include <openssl/evp.h>
+#ifndef OPENSSL_NO_AES
 #include <openssl/aes.h>
+#endif
 #include <openssl/rand.h>
+#include <openssl/err.h>
 
 #ifndef OPENSSL_NO_HW
 #ifndef OPENSSL_NO_HW_PADLOCK
@@ -97,7 +101,11 @@
    compiler choice is limited to GCC and Microsoft C. */
 #undef COMPILE_HW_PADLOCK
 #if !defined(I386_ONLY) && !defined(OPENSSL_NO_INLINE_ASM)
-# if defined(__i386__) || defined(__i386) || defined(_M_IX86)
+# if (defined(__GNUC__) && __GNUC__>=2 && \
+	(defined(__i386__) || defined(__i386) || \
+	 defined(__x86_64__) || defined(__x86_64)) \
+     ) || \
+     (defined(_MSC_VER) && defined(_M_IX86))
 #  define COMPILE_HW_PADLOCK
 static ENGINE *ENGINE_padlock (void);
 # endif
@@ -118,11 +126,16 @@ void ENGINE_load_padlock (void)
 #ifdef COMPILE_HW_PADLOCK
 /* We do these includes here to avoid header problems on platforms that
    do not have the VIA padlock anyway... */
-#ifdef _MSC_VER
+#include <stdlib.h>
+#ifdef _WIN32
 # include <malloc.h>
-# define alloca _alloca
-#else
-# include <stdlib.h>
+# ifndef alloca
+#  define alloca _alloca
+# endif
+#elif defined(__GNUC__)
+# ifndef alloca
+#  define alloca(s) __builtin_alloca((s))
+# endif
 #endif
 
 /* Function for ENGINE detection and control */
@@ -133,7 +146,9 @@ static int padlock_init(ENGINE *e);
 static RAND_METHOD padlock_rand;
 
 /* Cipher Stuff */
+#ifndef OPENSSL_NO_AES
 static int padlock_ciphers(ENGINE *e, const EVP_CIPHER **cipher, const int **nids, int nid);
+#endif
 
 /* Engine names */
 static const char *padlock_id = "padlock";
@@ -142,7 +157,9 @@ static char padlock_name[100];
 /* Available features */
 static int padlock_use_ace = 0;	/* Advanced Cryptography Engine */
 static int padlock_use_rng = 0;	/* Random Number Generator */
+#ifndef OPENSSL_NO_AES
 static int padlock_aes_align_required = 1;
+#endif
 
 /* ===== Engine "management" functions ===== */
 
@@ -168,8 +185,9 @@ padlock_bind_helper(ENGINE *e)
 	    !ENGINE_set_name(e, padlock_name) ||
 
 	    !ENGINE_set_init_function(e, padlock_init) ||
-
+#ifndef OPENSSL_NO_AES
 	    (padlock_use_ace && !ENGINE_set_ciphers (e, padlock_ciphers)) ||
+#endif
 	    (padlock_use_rng && !ENGINE_set_RAND (e, &padlock_rand))) {
 		return 0;
 	}
@@ -221,12 +239,13 @@ padlock_bind_fn(ENGINE *e, const char *id)
 	return 1;
 }
 
-IMPLEMENT_DYNAMIC_CHECK_FN ();
-IMPLEMENT_DYNAMIC_BIND_FN (padlock_bind_fn);
+IMPLEMENT_DYNAMIC_CHECK_FN()
+IMPLEMENT_DYNAMIC_BIND_FN (padlock_bind_fn)
 #endif /* DYNAMIC_ENGINE */
 
 /* ===== Here comes the "real" engine ===== */
 
+#ifndef OPENSSL_NO_AES
 /* Some AES-related constants */
 #define AES_BLOCK_SIZE		16
 #define AES_KEY_SIZE_128	16
@@ -246,10 +265,12 @@ struct padlock_cipher_data
 	union {	unsigned int pad[4];
 		struct {
 			int rounds:4;
-			int algo:3;
-			int keygen:1;
+			int dgst:1;	/* n/a in C3 */
+			int align:1;	/* n/a in C3 */
+			int ciphr:1;	/* n/a in C3 */
+			unsigned int keygen:1;
 			int interm:1;
-			int encdec:1;
+			unsigned int encdec:1;
 			int ksize:2;
 		} b;
 	} cword;		/* Control word */
@@ -263,6 +284,7 @@ struct padlock_cipher_data
  * so we accept the penatly...
  */
 static volatile struct padlock_cipher_data *padlock_saved_context;
+#endif
 
 /*
  * =======================================================
@@ -275,6 +297,7 @@ static volatile struct padlock_cipher_data *padlock_saved_context;
  * =======================================================
  */
 #if defined(__GNUC__) && __GNUC__>=2
+#if defined(__i386__) || defined(__i386)
 /*
  * As for excessive "push %ebx"/"pop %ebx" found all over.
  * When generating position-independent code GCC won't let
@@ -354,19 +377,6 @@ padlock_available(void)
 	return padlock_use_ace + padlock_use_rng;
 }
 
-/* Our own htonl()/ntohl() */
-static inline void
-padlock_bswapl(AES_KEY *ks)
-{
-	size_t i = sizeof(ks->rd_key)/sizeof(ks->rd_key[0]);
-	unsigned int *key = ks->rd_key;
-
-	while (i--) {
-		asm volatile ("bswapl %0" : "+r"(*key));
-		key++;
-	}
-}
-
 /* Force key reload from memory to the CPU microcode.
    Loading EFLAGS from the stack clears EFLAGS[30] 
    which does the trick. */
@@ -376,6 +386,7 @@ padlock_reload_key(void)
 	asm volatile ("pushfl; popfl");
 }
 
+#ifndef OPENSSL_NO_AES
 /*
  * This is heuristic key context tracing. At first one
  * believes that one should use atomic swap instructions,
@@ -390,14 +401,14 @@ padlock_verify_context(struct padlock_cipher_data *cdata)
 {
 	asm volatile (
 	"pushfl\n"
-"	bt	$30,(%%esp)\n"
+"	btl	$30,(%%esp)\n"
 "	jnc	1f\n"
-"	cmp	%2,%1\n"
+"	cmpl	%2,%1\n"
 "	je	1f\n"
-"	mov	%2,%0\n"
 "	popfl\n"
-"	sub	$4,%%esp\n"
-"1:	add	$4,%%esp"
+"	subl	$4,%%esp\n"
+"1:	addl	$4,%%esp\n"
+"	movl	%2,%0"
 	:"+m"(padlock_saved_context)
 	: "r"(padlock_saved_context), "r"(cdata) : "cc");
 }
@@ -419,17 +430,133 @@ static inline void *name(size_t cnt,		\
 			rep_xcrypt "\n"		\
 		"	popl	%%ebx"		\
 		: "=a"(iv), "=c"(cnt), "=D"(out), "=S"(inp) \
-		: "0"(cdata), "1"(cnt), "2"(out), "3"(inp) \
-		: "edx", "cc");			\
+		: "0"(cdata), "1"(cnt), "2"(out), "3"(inp)  \
+		: "edx", "cc", "memory");	\
 	return iv;				\
 }
+#endif
+
+#elif defined(__x86_64__) || defined(__x86_64)
+
+/* Load supported features of the CPU to see if
+   the PadLock is available. */
+static int
+padlock_available(void)
+{
+	char vendor_string[16];
+	unsigned int eax, edx;
+
+	/* Are we running on the Centaur (VIA) CPU? */
+	eax = 0x00000000;
+	vendor_string[12] = 0;
+	asm volatile (
+		"cpuid\n"
+		"movl	%%ebx,(%1)\n"
+		"movl	%%edx,4(%1)\n"
+		"movl	%%ecx,8(%1)\n"
+		: "+a"(eax) : "r"(vendor_string) : "rbx", "rcx", "rdx");
+	if (strcmp(vendor_string, "CentaurHauls") != 0)
+		return 0;
+
+	/* Check for Centaur Extended Feature Flags presence */
+	eax = 0xC0000000;
+	asm volatile ("cpuid"
+		: "+a"(eax) : : "rbx", "rcx", "rdx");
+	if (eax < 0xC0000001)
+		return 0;
+
+	/* Read the Centaur Extended Feature Flags */
+	eax = 0xC0000001;
+	asm volatile ("cpuid"
+		: "+a"(eax), "=d"(edx) : : "rbx", "rcx");
+
+	/* Fill up some flags */
+	padlock_use_ace = ((edx & (0x3<<6)) == (0x3<<6));
+	padlock_use_rng = ((edx & (0x3<<2)) == (0x3<<2));
+
+	return padlock_use_ace + padlock_use_rng;
+}
+
+/* Force key reload from memory to the CPU microcode.
+   Loading EFLAGS from the stack clears EFLAGS[30] 
+   which does the trick. */
+static inline void
+padlock_reload_key(void)
+{
+	asm volatile ("pushfq; popfq");
+}
 
+#ifndef OPENSSL_NO_AES
+/*
+ * This is heuristic key context tracing. At first one
+ * believes that one should use atomic swap instructions,
+ * but it's not actually necessary. Point is that if
+ * padlock_saved_context was changed by another thread
+ * after we've read it and before we compare it with cdata,
+ * our key *shall* be reloaded upon thread context switch
+ * and we are therefore set in either case...
+ */
+static inline void
+padlock_verify_context(struct padlock_cipher_data *cdata)
+{
+	asm volatile (
+	"pushfq\n"
+"	btl	$30,(%%rsp)\n"
+"	jnc	1f\n"
+"	cmpq	%2,%1\n"
+"	je	1f\n"
+"	popfq\n"
+"	subq	$8,%%rsp\n"
+"1:	addq	$8,%%rsp\n"
+"	movq	%2,%0"
+	:"+m"(padlock_saved_context)
+	: "r"(padlock_saved_context), "r"(cdata) : "cc");
+}
+
+/* Template for padlock_xcrypt_* modes */
+/* BIG FAT WARNING: 
+ * 	The offsets used with 'leal' instructions
+ * 	describe items of the 'padlock_cipher_data'
+ * 	structure.
+ */
+#define PADLOCK_XCRYPT_ASM(name,rep_xcrypt)	\
+static inline void *name(size_t cnt,		\
+	struct padlock_cipher_data *cdata,	\
+	void *out, const void *inp) 		\
+{	void *iv; 				\
+	asm volatile ( "leaq	16(%0),%%rdx\n"	\
+		"	leaq	32(%0),%%rbx\n"	\
+			rep_xcrypt "\n"		\
+		: "=a"(iv), "=c"(cnt), "=D"(out), "=S"(inp) \
+		: "0"(cdata), "1"(cnt), "2"(out), "3"(inp)  \
+		: "rbx", "rdx", "cc", "memory");	\
+	return iv;				\
+}
+#endif
+
+#endif	/* cpu */
+
+#ifndef OPENSSL_NO_AES
 /* Generate all functions with appropriate opcodes */
 PADLOCK_XCRYPT_ASM(padlock_xcrypt_ecb, ".byte 0xf3,0x0f,0xa7,0xc8")	/* rep xcryptecb */
 PADLOCK_XCRYPT_ASM(padlock_xcrypt_cbc, ".byte 0xf3,0x0f,0xa7,0xd0")	/* rep xcryptcbc */
 PADLOCK_XCRYPT_ASM(padlock_xcrypt_cfb, ".byte 0xf3,0x0f,0xa7,0xe0")	/* rep xcryptcfb */
 PADLOCK_XCRYPT_ASM(padlock_xcrypt_ofb, ".byte 0xf3,0x0f,0xa7,0xe8")	/* rep xcryptofb */
 
+/* Our own htonl()/ntohl() */
+static inline void
+padlock_bswapl(AES_KEY *ks)
+{
+	size_t i = sizeof(ks->rd_key)/sizeof(ks->rd_key[0]);
+	unsigned int *key = ks->rd_key;
+
+	while (i--) {
+		asm volatile ("bswapl %0" : "+r"(*key));
+		key++;
+	}
+}
+#endif
+
 /* The RNG call itself */
 static inline unsigned int
 padlock_xstore(void *addr, unsigned int edx_in)
@@ -458,8 +585,8 @@ padlock_xstore(void *addr, unsigned int edx_in)
 static inline unsigned char *
 padlock_memcpy(void *dst,const void *src,size_t n)
 {
-	long       *d=dst;
-	const long *s=src;
+	size_t       *d=dst;
+	const size_t *s=src;
 
 	n /= sizeof(*d);
 	do { *d++ = *s++; } while (--n);
@@ -520,10 +647,10 @@ padlock_verify_context(void *cdata)
 		jnc	skip
 		cmp	ecx,padlock_saved_context
 		je	skip
-		mov	padlock_saved_context,ecx
 		popfd
 		sub	esp,4
 	skip:	add	esp,4
+		mov	padlock_saved_context,ecx
 		}
 }
 
@@ -599,6 +726,7 @@ padlock_bswapl(void *key)
 #endif
 
 /* ===== AES encryption/decryption ===== */
+#ifndef OPENSSL_NO_AES
 
 #if defined(NID_aes_128_cfb128) && ! defined (NID_aes_128_cfb)
 #define NID_aes_128_cfb	NID_aes_128_cfb128
@@ -633,17 +761,13 @@ static int padlock_cipher_nids[] = {
 
 	NID_aes_192_ecb,
 	NID_aes_192_cbc,
-#if 0
-	NID_aes_192_cfb,	/* FIXME: AES192/256 CFB/OFB don't work. */
+	NID_aes_192_cfb,
 	NID_aes_192_ofb,
-#endif
 
 	NID_aes_256_ecb,
 	NID_aes_256_cbc,
-#if 0
 	NID_aes_256_cfb,
 	NID_aes_256_ofb,
-#endif
 };
 static int padlock_cipher_nids_num = (sizeof(padlock_cipher_nids)/
 				      sizeof(padlock_cipher_nids[0]));
@@ -659,12 +783,17 @@ static int padlock_aes_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
 #define ALIGNED_CIPHER_DATA(ctx) ((struct padlock_cipher_data *)\
 	NEAREST_ALIGNED(ctx->cipher_data))
 
+#define EVP_CIPHER_block_size_ECB	AES_BLOCK_SIZE
+#define EVP_CIPHER_block_size_CBC	AES_BLOCK_SIZE
+#define EVP_CIPHER_block_size_OFB	1
+#define EVP_CIPHER_block_size_CFB	1
+
 /* Declaring so many ciphers by hand would be a pain.
    Instead introduce a bit of preprocessor magic :-) */
 #define	DECLARE_AES_EVP(ksize,lmode,umode)	\
 static const EVP_CIPHER padlock_aes_##ksize##_##lmode = {	\
 	NID_aes_##ksize##_##lmode,		\
-	AES_BLOCK_SIZE,			\
+	EVP_CIPHER_block_size_##umode,	\
 	AES_KEY_SIZE_##ksize,		\
 	AES_BLOCK_SIZE,			\
 	0 | EVP_CIPH_##umode##_MODE,	\
@@ -766,7 +895,10 @@ padlock_aes_init_key (EVP_CIPHER_CTX *ctx, const unsigned char *key,
 	memset(cdata, 0, sizeof(struct padlock_cipher_data));
 
 	/* Prepare Control word. */
-	cdata->cword.b.encdec = (ctx->encrypt == 0);
+	if (EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_OFB_MODE)
+		cdata->cword.b.encdec = 0;
+	else
+		cdata->cword.b.encdec = (ctx->encrypt == 0);
 	cdata->cword.b.rounds = 10 + (key_len - 128) / 32;
 	cdata->cword.b.ksize = (key_len - 128) / 64;
 
@@ -786,7 +918,9 @@ padlock_aes_init_key (EVP_CIPHER_CTX *ctx, const unsigned char *key,
 			   and is listed as hardware errata. They most
 			   likely will fix it at some point and then
 			   a check for stepping would be due here. */
-			if (enc)
+			if (EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_CFB_MODE ||
+			    EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_OFB_MODE ||
+			    enc)
 				AES_set_encrypt_key(key, key_len, &cdata->ks);
 			else
 				AES_set_decrypt_key(key, key_len, &cdata->ks);
@@ -861,7 +995,7 @@ padlock_aes_cipher_omnivorous(EVP_CIPHER_CTX *ctx, unsigned char *out_arg,
 }
 
 #ifndef  PADLOCK_CHUNK
-# define PADLOCK_CHUNK	4096	/* Must be a power of 2 larger than 16 */
+# define PADLOCK_CHUNK	512	/* Must be a power of 2 larger than 16 */
 #endif
 #if PADLOCK_CHUNK<16 || PADLOCK_CHUNK&(PADLOCK_CHUNK-1)
 # error "insane PADLOCK_CHUNK..."
@@ -880,15 +1014,63 @@ padlock_aes_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg,
 	int    inp_misaligned, out_misaligned, realign_in_loop;
 	size_t chunk, allocated=0;
 
+	/* ctx->num is maintained in byte-oriented modes,
+	   such as CFB and OFB... */
+	if ((chunk = ctx->num)) { /* borrow chunk variable */
+		unsigned char *ivp=ctx->iv;
+
+		switch (EVP_CIPHER_CTX_mode(ctx)) {
+		case EVP_CIPH_CFB_MODE:
+			if (chunk >= AES_BLOCK_SIZE)
+				return 0; /* bogus value */
+
+			if (ctx->encrypt)
+				while (chunk<AES_BLOCK_SIZE && nbytes!=0) {
+					ivp[chunk] = *(out_arg++) = *(in_arg++) ^ ivp[chunk];
+					chunk++, nbytes--;
+				}
+			else	while (chunk<AES_BLOCK_SIZE && nbytes!=0) {
+					unsigned char c = *(in_arg++);
+					*(out_arg++) = c ^ ivp[chunk];
+					ivp[chunk++] = c, nbytes--;
+				}
+
+			ctx->num = chunk%AES_BLOCK_SIZE;
+			break;
+		case EVP_CIPH_OFB_MODE:
+			if (chunk >= AES_BLOCK_SIZE)
+				return 0; /* bogus value */
+
+			while (chunk<AES_BLOCK_SIZE && nbytes!=0) {
+				*(out_arg++) = *(in_arg++) ^ ivp[chunk];
+				chunk++, nbytes--;
+			}
+
+			ctx->num = chunk%AES_BLOCK_SIZE;
+			break;
+		}
+	}
+
 	if (nbytes == 0)
 		return 1;
+#if 0
 	if (nbytes % AES_BLOCK_SIZE)
 		return 0; /* are we expected to do tail processing? */
+#else
+	/* nbytes is always multiple of AES_BLOCK_SIZE in ECB and CBC
+	   modes and arbitrary value in byte-oriented modes, such as
+	   CFB and OFB... */
+#endif
 
 	/* VIA promises CPUs that won't require alignment in the future.
 	   For now padlock_aes_align_required is initialized to 1 and
 	   the condition is never met... */
-	if (!padlock_aes_align_required)
+	/* C7 core is capable to manage unaligned input in non-ECB[!]
+	   mode, but performance penalties appear to be approximately
+	   same as for software alignment below or ~3x. They promise to
+	   improve it in the future, but for now we can just as well
+	   pretend that it can only handle aligned input... */
+	if (!padlock_aes_align_required && (nbytes%AES_BLOCK_SIZE)==0)
 		return padlock_aes_cipher_omnivorous(ctx, out_arg, in_arg, nbytes);
 
 	inp_misaligned = (((size_t)in_arg) & 0x0F);
@@ -900,7 +1082,7 @@ padlock_aes_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg,
 	 * in order to improve L1 cache utilization... */
 	realign_in_loop = out_misaligned|inp_misaligned;
 
-	if (!realign_in_loop)
+	if (!realign_in_loop && (nbytes%AES_BLOCK_SIZE)==0)
 		return padlock_aes_cipher_omnivorous(ctx, out_arg, in_arg, nbytes);
 
 	/* this takes one "if" out of the loops */
@@ -967,8 +1149,10 @@ padlock_aes_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg,
 		break;
 
 	case EVP_CIPH_CFB_MODE:
-		memcpy (cdata->iv, ctx->iv, AES_BLOCK_SIZE);
-		goto cfb_shortcut;
+		memcpy (iv = cdata->iv, ctx->iv, AES_BLOCK_SIZE);
+		chunk &= ~(AES_BLOCK_SIZE-1);
+		if (chunk)	goto cfb_shortcut;
+		else		goto cfb_skiploop;
 		do	{
 			if (iv != cdata->iv)
 				memcpy(cdata->iv, iv, AES_BLOCK_SIZE);
@@ -987,13 +1171,47 @@ padlock_aes_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg,
 			else
 				out     = out_arg+=chunk;
 
-		} while (nbytes -= chunk);
+			nbytes -= chunk;
+		} while (nbytes >= AES_BLOCK_SIZE);
+
+		cfb_skiploop:
+		if (nbytes) {
+			unsigned char *ivp = cdata->iv;
+
+			if (iv != ivp) {
+				memcpy(ivp, iv, AES_BLOCK_SIZE);
+				iv = ivp;
+			}
+			ctx->num = nbytes;
+			if (cdata->cword.b.encdec) {
+				cdata->cword.b.encdec=0;
+				padlock_reload_key();
+				padlock_xcrypt_ecb(1,cdata,ivp,ivp);
+				cdata->cword.b.encdec=1;
+				padlock_reload_key();
+				while(nbytes) {
+					unsigned char c = *(in_arg++);
+					*(out_arg++) = c ^ *ivp;
+					*(ivp++) = c, nbytes--;
+				}
+			}
+			else {	padlock_reload_key();
+				padlock_xcrypt_ecb(1,cdata,ivp,ivp);
+				padlock_reload_key();
+				while (nbytes) {
+					*ivp = *(out_arg++) = *(in_arg++) ^ *ivp;
+					ivp++, nbytes--;
+				}
+			}
+		}
+
 		memcpy(ctx->iv, iv, AES_BLOCK_SIZE);
 		break;
 
 	case EVP_CIPH_OFB_MODE:
 		memcpy(cdata->iv, ctx->iv, AES_BLOCK_SIZE);
-		do	{
+		chunk &= ~(AES_BLOCK_SIZE-1);
+		if (chunk) do	{
 			if (inp_misaligned)
 				inp = padlock_memcpy(out, in_arg, chunk);
 			else
@@ -1009,7 +1227,21 @@ padlock_aes_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg,
 
 			nbytes -= chunk;
 			chunk   = PADLOCK_CHUNK;
-		} while (nbytes);
+		} while (nbytes >= AES_BLOCK_SIZE);
+
+		if (nbytes) {
+			unsigned char *ivp = cdata->iv;
+
+			ctx->num = nbytes;
+			padlock_reload_key();	/* empirically found */
+			padlock_xcrypt_ecb(1,cdata,ivp,ivp);
+			padlock_reload_key();	/* empirically found */
+			while (nbytes) {
+				*(out_arg++) = *(in_arg++) ^ *ivp;
+				ivp++, nbytes--;
+			}
+		}
+
 		memcpy(ctx->iv, cdata->iv, AES_BLOCK_SIZE);
 		break;
 
@@ -1029,6 +1261,8 @@ padlock_aes_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg,
 	return 1;
 }
 
+#endif /* OPENSSL_NO_AES */
+
 /* ===== Random Number Generator ===== */
 /*
  * This code is not engaged. The reason is that it does not comply
@@ -1085,6 +1319,12 @@ static RAND_METHOD padlock_rand = {
 	padlock_rand_status,	/* rand status */
 };
 
+#else  /* !COMPILE_HW_PADLOCK */
+#ifndef OPENSSL_NO_DYNAMIC_ENGINE
+OPENSSL_EXPORT
+int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns) { return 0; }
+IMPLEMENT_DYNAMIC_CHECK_FN()
+#endif
 #endif /* COMPILE_HW_PADLOCK */
 
 #endif /* !OPENSSL_NO_HW_PADLOCK */
diff --git a/engines/e_padlock.ec b/engines/e_padlock.ec
new file mode 100644
index 0000000000..5c8a1d26a5
--- /dev/null
+++ b/engines/e_padlock.ec
@@ -0,0 +1 @@
+L PADLOCK	e_padlock_err.h			e_padlock_err.c
diff --git a/engines/e_sureware.c b/engines/e_sureware.c
index 0a60edd04b..958b15202c 100644
--- a/engines/e_sureware.c
+++ b/engines/e_sureware.c
@@ -57,9 +57,15 @@
 #include <openssl/dso.h>
 #include <openssl/engine.h>
 #include <openssl/rand.h>
+#ifndef OPENSSL_NO_RSA
 #include <openssl/rsa.h>
+#endif
+#ifndef OPENSSL_NO_DSA
 #include <openssl/dsa.h>
+#endif
+#ifndef OPENSSL_NO_DH
 #include <openssl/dh.h>
+#endif
 #include <openssl/bn.h>
 
 #ifndef OPENSSL_NO_HW
@@ -82,15 +88,17 @@ static int surewarehk_modexp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 	const BIGNUM *m, BN_CTX *ctx);
 
 /* RSA stuff */
+#ifndef OPENSSL_NO_RSA
 static int surewarehk_rsa_priv_dec(int flen,const unsigned char *from,unsigned char *to,
 			RSA *rsa,int padding);
 static int surewarehk_rsa_sign(int flen,const unsigned char *from,unsigned char *to,
 			    RSA *rsa,int padding);
+#endif
 
 /* RAND stuff */
 static int surewarehk_rand_bytes(unsigned char *buf, int num);
-static void surewarehk_rand_seed(const void *buf, int num);
-static void surewarehk_rand_add(const void *buf, int num, double entropy);
+static int surewarehk_rand_seed(const void *buf, int num);
+static int surewarehk_rand_add(const void *buf, int num, double entropy);
 
 /* KM stuff */
 static EVP_PKEY *surewarehk_load_privkey(ENGINE *e, const char *key_id,
@@ -585,7 +593,7 @@ static void surewarehk_error_handling(char *const msg,int func,int ret)
 			ENGINEerr(func,SUREWARE_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
 			break;
 		case SUREWAREHOOK_ERROR_INVALID_PAD:
-			ENGINEerr(func,RSA_R_PADDING_CHECK_FAILED);
+			ENGINEerr(func,SUREWARE_R_PADDING_CHECK_FAILED);
 			break;
 		default:
 			ENGINEerr(func,SUREWARE_R_REQUEST_FAILED);
@@ -621,24 +629,29 @@ static int surewarehk_rand_bytes(unsigned char *buf, int num)
 	return ret==1 ? 1 : 0;
 }
 
-static void surewarehk_rand_seed(const void *buf, int num)
+static int surewarehk_rand_seed(const void *buf, int num)
 {
 	int ret=0;
 	char msg[64]="ENGINE_rand_seed";
 	if(!p_surewarehk_Rand_Seed)
 	{
 		SUREWAREerr(SUREWARE_F_SUREWAREHK_RAND_SEED,ENGINE_R_NOT_INITIALISED);
+		return 0;
 	}
 	else
 	{
 		ret = p_surewarehk_Rand_Seed(msg,buf, num);
 		surewarehk_error_handling(msg,SUREWARE_F_SUREWAREHK_RAND_SEED,ret);
+		if (ret == 1)
+			return 1;
+		else
+			return 0;
 	}
 }
 
-static void surewarehk_rand_add(const void *buf, int num, double entropy)
+static int surewarehk_rand_add(const void *buf, int num, double entropy)
 {
-	surewarehk_rand_seed(buf,num);
+	return surewarehk_rand_seed(buf,num);
 }
 
 static EVP_PKEY* sureware_load_public(ENGINE *e,const char *key_id,char *hptr,unsigned long el,char keytype)
@@ -654,7 +667,7 @@ static EVP_PKEY* sureware_load_public(ENGINE *e,const char *key_id,char *hptr,un
 	int ret=0;
 	if(!p_surewarehk_Load_Rsa_Pubkey || !p_surewarehk_Load_Dsa_Pubkey)
 	{
-		SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PUBLIC_KEY,ENGINE_R_NOT_INITIALISED);
+		SUREWAREerr(SUREWARE_F_SUREWARE_LOAD_PUBLIC,ENGINE_R_NOT_INITIALISED);
 		goto err;
 	}
 	switch (keytype)
@@ -677,10 +690,10 @@ static EVP_PKEY* sureware_load_public(ENGINE *e,const char *key_id,char *hptr,un
 		ret=p_surewarehk_Load_Rsa_Pubkey(msg,key_id,el,
 						 (unsigned long *)rsatmp->n->d,
 						 (unsigned long *)rsatmp->e->d);
-		surewarehk_error_handling(msg,SUREWARE_F_SUREWAREHK_LOAD_PUBLIC_KEY,ret);
+		surewarehk_error_handling(msg,SUREWARE_F_SUREWARE_LOAD_PUBLIC,ret);
 		if (ret!=1)
 		{
-			SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PRIVATE_KEY,ENGINE_R_FAILED_LOADING_PUBLIC_KEY);
+			SUREWAREerr(SUREWARE_F_SUREWARE_LOAD_PUBLIC,ENGINE_R_FAILED_LOADING_PUBLIC_KEY);
 			goto err;
 		}
 		/* normalise pub e and pub n */
@@ -721,10 +734,10 @@ static EVP_PKEY* sureware_load_public(ENGINE *e,const char *key_id,char *hptr,un
 						 (unsigned long *)dsatmp->p->d,
 						 (unsigned long *)dsatmp->q->d,
 						 (unsigned long *)dsatmp->g->d);
-		surewarehk_error_handling(msg,SUREWARE_F_SUREWAREHK_LOAD_PUBLIC_KEY,ret);
+		surewarehk_error_handling(msg,SUREWARE_F_SUREWARE_LOAD_PUBLIC,ret);
 		if (ret!=1)
 		{
-			SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PRIVATE_KEY,ENGINE_R_FAILED_LOADING_PUBLIC_KEY);
+			SUREWAREerr(SUREWARE_F_SUREWARE_LOAD_PUBLIC,ENGINE_R_FAILED_LOADING_PUBLIC_KEY);
 			goto err;
 		}
 		/* set parameters */
@@ -745,13 +758,11 @@ static EVP_PKEY* sureware_load_public(ENGINE *e,const char *key_id,char *hptr,un
 #endif
 
 	default:
-		SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PRIVATE_KEY,ENGINE_R_FAILED_LOADING_PRIVATE_KEY);
+		SUREWAREerr(SUREWARE_F_SUREWARE_LOAD_PUBLIC,ENGINE_R_FAILED_LOADING_PRIVATE_KEY);
 		goto err;
 	}
 	return res;
  err:
-	if (res)
-		EVP_PKEY_free(res);
 #ifndef OPENSSL_NO_RSA
 	if (rsatmp)
 		RSA_free(rsatmp);
@@ -775,14 +786,14 @@ static EVP_PKEY *surewarehk_load_privkey(ENGINE *e, const char *key_id,
 
 	if(!p_surewarehk_Load_Privkey)
 	{
-		SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PRIVATE_KEY,ENGINE_R_NOT_INITIALISED);
+		SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PRIVKEY,ENGINE_R_NOT_INITIALISED);
 	}
 	else
 	{
 		ret=p_surewarehk_Load_Privkey(msg,key_id,&hptr,&el,&keytype);
 		if (ret!=1)
 		{
-			SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PRIVATE_KEY,ENGINE_R_FAILED_LOADING_PRIVATE_KEY);
+			SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PRIVKEY,ENGINE_R_FAILED_LOADING_PRIVATE_KEY);
 			ERR_add_error_data(1,msg);		
 		}
 		else
@@ -803,7 +814,7 @@ static EVP_PKEY *surewarehk_load_pubkey(ENGINE *e, const char *key_id,
 
 	if(!p_surewarehk_Info_Pubkey)
 	{
-		SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PUBLIC_KEY,ENGINE_R_NOT_INITIALISED);
+		SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PUBKEY,ENGINE_R_NOT_INITIALISED);
 	}
 	else
 	{
@@ -811,7 +822,7 @@ static EVP_PKEY *surewarehk_load_pubkey(ENGINE *e, const char *key_id,
 		ret=p_surewarehk_Info_Pubkey(msg,key_id,&el,&keytype);
 		if (ret!=1)
 		{
-			SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PUBLIC_KEY,ENGINE_R_FAILED_LOADING_PUBLIC_KEY);
+			SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PUBKEY,ENGINE_R_FAILED_LOADING_PUBLIC_KEY);
 			ERR_add_error_data(1,msg);
 		}
 		else
@@ -842,7 +853,7 @@ static void surewarehk_dh_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad,
 {
 	if(!p_surewarehk_Free)
 	{
-		SUREWAREerr(SUREWARE_F_SUREWAREHK_EX_FREE,ENGINE_R_NOT_INITIALISED);
+		SUREWAREerr(SUREWARE_F_SUREWAREHK_DH_EX_FREE,ENGINE_R_NOT_INITIALISED);
 	}
 	else
 		p_surewarehk_Free((char *)item,1);
@@ -888,7 +899,7 @@ static int surewarehk_rsa_priv_dec(int flen,const unsigned char *from,unsigned c
 		/* intermediate buffer for padding */
 		if ((buf=OPENSSL_malloc(tlen)) == NULL)
 		{
-			RSAerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC,ERR_R_MALLOC_FAILURE);
+			SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC,ERR_R_MALLOC_FAILURE);
 			goto err;
 		}
 		memcpy(buf,to,tlen);/* transfert to into buf */
@@ -906,11 +917,11 @@ static int surewarehk_rsa_priv_dec(int flen,const unsigned char *from,unsigned c
 			ret=RSA_padding_check_none(to,tlen,(unsigned char *)buf,flen,tlen);
 			break;
 		default:
-			RSAerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC,RSA_R_UNKNOWN_PADDING_TYPE);
+			SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC,SUREWARE_R_UNKNOWN_PADDING_TYPE);
 			goto err;
 		}
 		if (ret < 0)
-			RSAerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC,RSA_R_PADDING_CHECK_FAILED);
+			SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC,SUREWARE_R_PADDING_CHECK_FAILED);
 	}
 err:
 	if (buf)
@@ -932,12 +943,12 @@ static int surewarehk_rsa_sign(int flen,const unsigned char *from,unsigned char
 	char msg[64]="ENGINE_rsa_sign";
 	if (!p_surewarehk_Rsa_Sign)
 	{
-		SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_ENC,ENGINE_R_NOT_INITIALISED);
+		SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_SIGN,ENGINE_R_NOT_INITIALISED);
 	}
 	/* extract ref to private key */
 	else if (!(hptr=RSA_get_ex_data(rsa, rsaHndidx)))
 	{
-		SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_ENC,SUREWARE_R_MISSING_KEY_COMPONENTS);
+		SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_SIGN,SUREWARE_R_MISSING_KEY_COMPONENTS);
 	}
 	else
 	{
@@ -945,11 +956,11 @@ static int surewarehk_rsa_sign(int flen,const unsigned char *from,unsigned char
 		{
 		case RSA_PKCS1_PADDING: /* do it in one shot */
 			ret=p_surewarehk_Rsa_Sign(msg,flen,(unsigned char *)from,&tlen,to,hptr,SUREWARE_PKCS1_PAD);
-			surewarehk_error_handling(msg,SUREWARE_F_SUREWAREHK_RSA_PRIV_ENC,ret);
+			surewarehk_error_handling(msg,SUREWARE_F_SUREWAREHK_RSA_SIGN,ret);
 			break;
 		case RSA_NO_PADDING:
 		default:
-			RSAerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_ENC,RSA_R_UNKNOWN_PADDING_TYPE);
+			SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_SIGN,SUREWARE_R_UNKNOWN_PADDING_TYPE);
 		}
 	}
 	return ret==1 ? tlen : ret;
@@ -968,11 +979,13 @@ static	DSA_SIG * surewarehk_dsa_do_sign(const unsigned char *from, int flen, DSA
 	if (!p_surewarehk_Dsa_Sign)
 	{
 		SUREWAREerr(SUREWARE_F_SUREWAREHK_DSA_DO_SIGN,ENGINE_R_NOT_INITIALISED);
+		goto err;
 	}
 	/* extract ref to private key */
 	else if (!(hptr=DSA_get_ex_data(dsa, dsaHndidx)))
 	{
 		SUREWAREerr(SUREWARE_F_SUREWAREHK_DSA_DO_SIGN,SUREWARE_R_MISSING_KEY_COMPONENTS);
+		goto err;
 	}
 	else
 	{
@@ -1016,7 +1029,7 @@ static int surewarehk_modexp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 	char msg[64]="ENGINE_modexp";
 	if (!p_surewarehk_Mod_Exp)
 	{
-		SUREWAREerr(SUREWARE_F_SUREWAREHK_MOD_EXP,ENGINE_R_NOT_INITIALISED);
+		SUREWAREerr(SUREWARE_F_SUREWAREHK_MODEXP,ENGINE_R_NOT_INITIALISED);
 	}
 	else
 	{
@@ -1032,7 +1045,7 @@ static int surewarehk_modexp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 						 a->top*sizeof(BN_ULONG),
 						 (unsigned long *)a->d,
 						 (unsigned long *)r->d);
-			surewarehk_error_handling(msg,SUREWARE_F_SUREWAREHK_MOD_EXP,ret);
+			surewarehk_error_handling(msg,SUREWARE_F_SUREWAREHK_MODEXP,ret);
 			if (ret==1)
 			{
 				/* normalise result */
diff --git a/engines/e_sureware_err.c b/engines/e_sureware_err.c
index 3ca03367b2..d4ca68c1db 100644
--- a/engines/e_sureware_err.c
+++ b/engines/e_sureware_err.c
@@ -1,6 +1,6 @@
-/* hw_sureware_err.c */
+/* e_sureware_err.c */
 /* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -64,31 +64,39 @@
 
 /* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
+
+#define ERR_FUNC(func) ERR_PACK(0,func,0)
+#define ERR_REASON(reason) ERR_PACK(0,0,reason)
+
 static ERR_STRING_DATA SUREWARE_str_functs[]=
 	{
-{ERR_PACK(0,SUREWARE_F_SUREWAREHK_CTRL,0),	"SUREWAREHK_CTRL"},
-{ERR_PACK(0,SUREWARE_F_SUREWAREHK_DSA_DO_SIGN,0),	"SUREWAREHK_DSA_DO_SIGN"},
-{ERR_PACK(0,SUREWARE_F_SUREWAREHK_EX_FREE,0),	"SUREWAREHK_EX_FREE"},
-{ERR_PACK(0,SUREWARE_F_SUREWAREHK_FINISH,0),	"SUREWAREHK_FINISH"},
-{ERR_PACK(0,SUREWARE_F_SUREWAREHK_INIT,0),	"SUREWAREHK_INIT"},
-{ERR_PACK(0,SUREWARE_F_SUREWAREHK_LOAD_PRIVATE_KEY,0),	"SUREWAREHK_LOAD_PRIVATE_KEY"},
-{ERR_PACK(0,SUREWARE_F_SUREWAREHK_LOAD_PUBLIC_KEY,0),	"SUREWAREHK_LOAD_PUBLIC_KEY"},
-{ERR_PACK(0,SUREWARE_F_SUREWAREHK_MOD_EXP,0),	"SUREWAREHK_MOD_EXP"},
-{ERR_PACK(0,SUREWARE_F_SUREWAREHK_RAND_BYTES,0),	"SUREWAREHK_RAND_BYTES"},
-{ERR_PACK(0,SUREWARE_F_SUREWAREHK_RAND_SEED,0),	"SUREWAREHK_RAND_SEED"},
-{ERR_PACK(0,SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC,0),	"SUREWAREHK_RSA_PRIV_DEC"},
-{ERR_PACK(0,SUREWARE_F_SUREWAREHK_RSA_PRIV_ENC,0),	"SUREWAREHK_RSA_PRIV_ENC"},
+{ERR_FUNC(SUREWARE_F_SUREWAREHK_CTRL),	"SUREWAREHK_CTRL"},
+{ERR_FUNC(SUREWARE_F_SUREWAREHK_DH_EX_FREE),	"SUREWAREHK_DH_EX_FREE"},
+{ERR_FUNC(SUREWARE_F_SUREWAREHK_DSA_DO_SIGN),	"SUREWAREHK_DSA_DO_SIGN"},
+{ERR_FUNC(SUREWARE_F_SUREWAREHK_EX_FREE),	"SUREWAREHK_EX_FREE"},
+{ERR_FUNC(SUREWARE_F_SUREWAREHK_FINISH),	"SUREWAREHK_FINISH"},
+{ERR_FUNC(SUREWARE_F_SUREWAREHK_INIT),	"SUREWAREHK_INIT"},
+{ERR_FUNC(SUREWARE_F_SUREWAREHK_LOAD_PRIVKEY),	"SUREWAREHK_LOAD_PRIVKEY"},
+{ERR_FUNC(SUREWARE_F_SUREWAREHK_LOAD_PUBKEY),	"SUREWAREHK_LOAD_PUBKEY"},
+{ERR_FUNC(SUREWARE_F_SUREWAREHK_MODEXP),	"SUREWAREHK_MODEXP"},
+{ERR_FUNC(SUREWARE_F_SUREWAREHK_RAND_BYTES),	"SUREWAREHK_RAND_BYTES"},
+{ERR_FUNC(SUREWARE_F_SUREWAREHK_RAND_SEED),	"SUREWAREHK_RAND_SEED"},
+{ERR_FUNC(SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC),	"SUREWAREHK_RSA_PRIV_DEC"},
+{ERR_FUNC(SUREWARE_F_SUREWAREHK_RSA_SIGN),	"SUREWAREHK_RSA_SIGN"},
+{ERR_FUNC(SUREWARE_F_SUREWARE_LOAD_PUBLIC),	"SUREWARE_LOAD_PUBLIC"},
 {0,NULL}
 	};
 
 static ERR_STRING_DATA SUREWARE_str_reasons[]=
 	{
-{SUREWARE_R_BIO_WAS_FREED                ,"bio was freed"},
-{SUREWARE_R_MISSING_KEY_COMPONENTS       ,"missing key components"},
-{SUREWARE_R_REQUEST_FAILED               ,"request failed"},
-{SUREWARE_R_REQUEST_FALLBACK             ,"request fallback"},
-{SUREWARE_R_SIZE_TOO_LARGE_OR_TOO_SMALL  ,"size too large or too small"},
-{SUREWARE_R_UNIT_FAILURE                 ,"unit failure"},
+{ERR_REASON(SUREWARE_R_BIO_WAS_FREED)    ,"bio was freed"},
+{ERR_REASON(SUREWARE_R_MISSING_KEY_COMPONENTS),"missing key components"},
+{ERR_REASON(SUREWARE_R_PADDING_CHECK_FAILED),"padding check failed"},
+{ERR_REASON(SUREWARE_R_REQUEST_FAILED)   ,"request failed"},
+{ERR_REASON(SUREWARE_R_REQUEST_FALLBACK) ,"request fallback"},
+{ERR_REASON(SUREWARE_R_SIZE_TOO_LARGE_OR_TOO_SMALL),"size too large or too small"},
+{ERR_REASON(SUREWARE_R_UNIT_FAILURE)     ,"unit failure"},
+{ERR_REASON(SUREWARE_R_UNKNOWN_PADDING_TYPE),"unknown padding type"},
 {0,NULL}
 	};
 
diff --git a/engines/e_sureware_err.h b/engines/e_sureware_err.h
index bc52af5e05..ec8ed0c59b 100644
--- a/engines/e_sureware_err.h
+++ b/engines/e_sureware_err.h
@@ -55,6 +55,10 @@
 #ifndef HEADER_SUREWARE_ERR_H
 #define HEADER_SUREWARE_ERR_H
 
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
 /* BEGIN ERROR CODES */
 /* The following lines are auto generated by the script mkerr.pl. Any changes
  * made after this point may be overwritten when the script is next run.
@@ -68,25 +72,29 @@ static void ERR_SUREWARE_error(int function, int reason, char *file, int line);
 
 /* Function codes. */
 #define SUREWARE_F_SUREWAREHK_CTRL			 100
+#define SUREWARE_F_SUREWAREHK_DH_EX_FREE		 112
 #define SUREWARE_F_SUREWAREHK_DSA_DO_SIGN		 101
 #define SUREWARE_F_SUREWAREHK_EX_FREE			 102
 #define SUREWARE_F_SUREWAREHK_FINISH			 103
 #define SUREWARE_F_SUREWAREHK_INIT			 104
-#define SUREWARE_F_SUREWAREHK_LOAD_PRIVATE_KEY		 105
-#define SUREWARE_F_SUREWAREHK_LOAD_PUBLIC_KEY		 106
-#define SUREWARE_F_SUREWAREHK_MOD_EXP			 107
+#define SUREWARE_F_SUREWAREHK_LOAD_PRIVKEY		 105
+#define SUREWARE_F_SUREWAREHK_LOAD_PUBKEY		 113
+#define SUREWARE_F_SUREWAREHK_MODEXP			 107
 #define SUREWARE_F_SUREWAREHK_RAND_BYTES		 108
 #define SUREWARE_F_SUREWAREHK_RAND_SEED			 109
 #define SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC		 110
-#define SUREWARE_F_SUREWAREHK_RSA_PRIV_ENC		 111
+#define SUREWARE_F_SUREWAREHK_RSA_SIGN			 111
+#define SUREWARE_F_SUREWARE_LOAD_PUBLIC			 106
 
 /* Reason codes. */
 #define SUREWARE_R_BIO_WAS_FREED			 100
 #define SUREWARE_R_MISSING_KEY_COMPONENTS		 105
+#define SUREWARE_R_PADDING_CHECK_FAILED			 106
 #define SUREWARE_R_REQUEST_FAILED			 101
 #define SUREWARE_R_REQUEST_FALLBACK			 102
 #define SUREWARE_R_SIZE_TOO_LARGE_OR_TOO_SMALL		 103
 #define SUREWARE_R_UNIT_FAILURE				 104
+#define SUREWARE_R_UNKNOWN_PADDING_TYPE			 107
 
 #ifdef  __cplusplus
 }
diff --git a/engines/e_ubsec.c b/engines/e_ubsec.c
index 371224d26c..fe6bdba25b 100644
--- a/engines/e_ubsec.c
+++ b/engines/e_ubsec.c
@@ -64,9 +64,15 @@
 #include <openssl/buffer.h>
 #include <openssl/dso.h>
 #include <openssl/engine.h>
+#ifndef OPENSSL_NO_RSA
 #include <openssl/rsa.h>
+#endif
+#ifndef OPENSSL_NO_DSA
 #include <openssl/dsa.h>
+#endif
+#ifndef OPENSSL_NO_DH
 #include <openssl/dh.h>
+#endif
 #include <openssl/bn.h>
 
 #ifndef OPENSSL_NO_HW
@@ -89,14 +95,14 @@ static int ubsec_finish(ENGINE *e);
 static int ubsec_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
 static int ubsec_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 		const BIGNUM *m, BN_CTX *ctx);
+#ifndef OPENSSL_NO_RSA
 static int ubsec_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 			const BIGNUM *q, const BIGNUM *dp,
 			const BIGNUM *dq, const BIGNUM *qinv, BN_CTX *ctx);
-#ifndef OPENSSL_NO_RSA
 static int ubsec_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx);
-#endif
 static int ubsec_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 		const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+#endif
 #ifndef OPENSSL_NO_DSA
 #ifdef NOT_USED
 static int ubsec_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
@@ -296,10 +302,10 @@ static t_UBSEC_diffie_hellman_generate_ioctl
 	*p_UBSEC_diffie_hellman_generate_ioctl = NULL;
 static t_UBSEC_diffie_hellman_agree_ioctl *p_UBSEC_diffie_hellman_agree_ioctl = NULL;
 #endif
-/* #ifndef OPENSSL_NO_RSA */
 static t_UBSEC_rsa_mod_exp_ioctl *p_UBSEC_rsa_mod_exp_ioctl = NULL;
+#ifndef OPENSSL_NO_RSA
 static t_UBSEC_rsa_mod_exp_crt_ioctl *p_UBSEC_rsa_mod_exp_crt_ioctl = NULL;
-/* #endif */
+#endif
 #ifndef OPENSSL_NO_DSA
 static t_UBSEC_dsa_sign_ioctl *p_UBSEC_dsa_sign_ioctl = NULL;
 static t_UBSEC_dsa_verify_ioctl *p_UBSEC_dsa_verify_ioctl = NULL;
@@ -463,6 +469,7 @@ static int ubsec_init(ENGINE *e)
 err:
 	if(ubsec_dso)
 		DSO_free(ubsec_dso);
+	ubsec_dso = NULL;
 	p_UBSEC_ubsec_bytes_to_bits = NULL;
 	p_UBSEC_ubsec_bits_to_bytes = NULL;
 	p_UBSEC_ubsec_open = NULL;
@@ -573,7 +580,7 @@ static int ubsec_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 
 	if ((fd = p_UBSEC_ubsec_open(UBSEC_KEY_DEVICE_NAME)) <= 0) {
 		fd = 0;
-		UBSECerr(UBSEC_F_UBSEC_INIT, UBSEC_R_UNIT_FAILURE);
+		UBSECerr(UBSEC_F_UBSEC_MOD_EXP, UBSEC_R_UNIT_FAILURE);
                 return BN_mod_exp(r, a, p, m, ctx);
 	}
 
@@ -617,7 +624,6 @@ static int ubsec_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
 err:
 	return to_return;
 	}
-#endif
 
 static int ubsec_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 			const BIGNUM *q, const BIGNUM *dp,
@@ -632,18 +638,18 @@ static int ubsec_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 
 	/* Check if hardware can't handle this argument. */
 	if (y_len > max_key_len) {
-		UBSECerr(UBSEC_F_UBSEC_MOD_EXP, UBSEC_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
+		UBSECerr(UBSEC_F_UBSEC_MOD_EXP_CRT, UBSEC_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
 		return FAIL_TO_SOFTWARE;
 	} 
 
 	if (!bn_wexpand(r, p->top + q->top + 1)) {
-		UBSECerr(UBSEC_F_UBSEC_RSA_MOD_EXP_CRT, UBSEC_R_BN_EXPAND_FAIL);
+		UBSECerr(UBSEC_F_UBSEC_MOD_EXP_CRT, UBSEC_R_BN_EXPAND_FAIL);
 		return 0;
 	}
 
 	if ((fd = p_UBSEC_ubsec_open(UBSEC_KEY_DEVICE_NAME)) <= 0) {
 		fd = 0;
-		UBSECerr(UBSEC_F_UBSEC_INIT, UBSEC_R_UNIT_FAILURE);
+		UBSECerr(UBSEC_F_UBSEC_MOD_EXP_CRT, UBSEC_R_UNIT_FAILURE);
 		return FAIL_TO_SOFTWARE;
 	}
 
@@ -655,7 +661,7 @@ static int ubsec_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 		(unsigned char *)dq->d, BN_num_bits(dq),
 		(unsigned char *)q->d, BN_num_bits(q),
 		(unsigned char *)r->d,  &y_len) != 0) {
-		UBSECerr(UBSEC_F_UBSEC_MOD_EXP, UBSEC_R_REQUEST_FAILED);
+		UBSECerr(UBSEC_F_UBSEC_MOD_EXP_CRT, UBSEC_R_REQUEST_FAILED);
                 p_UBSEC_ubsec_close(fd);
 		return FAIL_TO_SOFTWARE;
 	}
@@ -665,6 +671,7 @@ static int ubsec_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 	r->top = (BN_num_bits(p) + BN_num_bits(q) + BN_BITS2 - 1)/BN_BITS2;
 	return 1;
 }
+#endif
 
 #ifndef OPENSSL_NO_DSA
 #ifdef NOT_USED
@@ -697,6 +704,8 @@ static int ubsec_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a,
 #endif
 #endif
 
+#ifndef OPENSSL_NO_RSA
+
 /*
  * This function is aliased to mod_exp (with the mont stuff dropped).
  */
@@ -705,7 +714,6 @@ static int ubsec_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
         {
 	int ret = 0;
 
-#ifndef OPENSSL_NO_RSA
  	/* Do in software if the key is too large for the hardware. */
 	if (BN_num_bits(m) > max_key_len)
                 {
@@ -713,13 +721,13 @@ static int ubsec_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 		ret = (*meth->bn_mod_exp)(r, a, p, m, ctx, m_ctx);
                 }
         else
-#endif
                 {
 		ret = ubsec_mod_exp(r, a, p, m, ctx);
                 }
 	
 	return ret;
         }
+#endif
 
 #ifndef OPENSSL_NO_DH
 /* This function is aliased to mod_exp (with the dh and mont dropped). */
@@ -749,19 +757,19 @@ static DSA_SIG *ubsec_dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
 
         if(!bn_wexpand(r, (160+BN_BITS2-1)/BN_BITS2) ||
        	   (!bn_wexpand(s, (160+BN_BITS2-1)/BN_BITS2))) {
-		UBSECerr(UBSEC_F_UBSEC_DSA_SIGN, UBSEC_R_BN_EXPAND_FAIL);
+		UBSECerr(UBSEC_F_UBSEC_DSA_DO_SIGN, UBSEC_R_BN_EXPAND_FAIL);
 		goto err;
 	}
 
 	if (BN_bin2bn(dgst,dlen,&m) == NULL) {
-		UBSECerr(UBSEC_F_UBSEC_DSA_SIGN, UBSEC_R_BN_EXPAND_FAIL);
+		UBSECerr(UBSEC_F_UBSEC_DSA_DO_SIGN, UBSEC_R_BN_EXPAND_FAIL);
 		goto err;
 	} 
 
 	if ((fd = p_UBSEC_ubsec_open(UBSEC_KEY_DEVICE_NAME)) <= 0) {
                 const DSA_METHOD *meth;
 		fd = 0;
-		UBSECerr(UBSEC_F_UBSEC_INIT, UBSEC_R_UNIT_FAILURE);
+		UBSECerr(UBSEC_F_UBSEC_DSA_DO_SIGN, UBSEC_R_UNIT_FAILURE);
                 meth = DSA_OpenSSL();
                 to_return =  meth->dsa_do_sign(dgst, dlen, dsa);
 		goto err;
@@ -778,7 +786,7 @@ static DSA_SIG *ubsec_dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
 		(unsigned char *)s->d, &s_len ) != 0) {
                 const DSA_METHOD *meth;
 
-		UBSECerr(UBSEC_F_UBSEC_DSA_SIGN, UBSEC_R_REQUEST_FAILED);
+		UBSECerr(UBSEC_F_UBSEC_DSA_DO_SIGN, UBSEC_R_REQUEST_FAILED);
                 p_UBSEC_ubsec_close(fd);
                 meth = DSA_OpenSSL();
                 to_return = meth->dsa_do_sign(dgst, dlen, dsa);
@@ -793,7 +801,7 @@ static DSA_SIG *ubsec_dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
 
 	to_return = DSA_SIG_new();
 	if(to_return == NULL) {
-		UBSECerr(UBSEC_F_UBSEC_DSA_SIGN, UBSEC_R_BN_EXPAND_FAIL);
+		UBSECerr(UBSEC_F_UBSEC_DSA_DO_SIGN, UBSEC_R_BN_EXPAND_FAIL);
 		goto err;
 	}
 
@@ -815,12 +823,12 @@ static int ubsec_dsa_verify(const unsigned char *dgst, int dgst_len,
 	int v_len, d_len;
 	int to_return = 0;
 	int fd;
-	BIGNUM v;
+	BIGNUM v, *pv = &v;
 
 	BN_init(&v);
 
-	if(!bn_wexpand(&v, dsa->p->top)) {
-		UBSECerr(UBSEC_F_UBSEC_DSA_VERIFY ,UBSEC_R_BN_EXPAND_FAIL);
+	if(!bn_wexpand(pv, dsa->p->top)) {
+		UBSECerr(UBSEC_F_UBSEC_DSA_VERIFY, UBSEC_R_BN_EXPAND_FAIL);
 		goto err;
 	}
 
@@ -831,7 +839,7 @@ static int ubsec_dsa_verify(const unsigned char *dgst, int dgst_len,
 	if ((fd = p_UBSEC_ubsec_open(UBSEC_KEY_DEVICE_NAME)) <= 0) {
                 const DSA_METHOD *meth;
 		fd = 0;
-		UBSECerr(UBSEC_F_UBSEC_INIT, UBSEC_R_UNIT_FAILURE);
+		UBSECerr(UBSEC_F_UBSEC_DSA_VERIFY, UBSEC_R_UNIT_FAILURE);
                 meth = DSA_OpenSSL();
                 to_return = meth->dsa_do_verify(dgst, dgst_len, sig, dsa);
 		goto err;
@@ -847,7 +855,7 @@ static int ubsec_dsa_verify(const unsigned char *dgst, int dgst_len,
 		(unsigned char *)sig->s->d, BN_num_bits(sig->s),
 		(unsigned char *)v.d, &v_len) != 0) {
                 const DSA_METHOD *meth;
-		UBSECerr(UBSEC_F_UBSEC_DSA_VERIFY , UBSEC_R_REQUEST_FAILED);
+		UBSECerr(UBSEC_F_UBSEC_DSA_VERIFY, UBSEC_R_REQUEST_FAILED);
                 p_UBSEC_ubsec_close(fd);
 
                 meth = DSA_OpenSSL();
@@ -866,7 +874,7 @@ err:
 #endif
 
 #ifndef OPENSSL_NO_DH
-static int ubsec_dh_compute_key (unsigned char *key,const BIGNUM *pub_key,DH *dh)
+static int ubsec_dh_compute_key(unsigned char *key,const BIGNUM *pub_key,DH *dh)
         {
         int      ret      = -1,
                  k_len,
@@ -877,7 +885,7 @@ static int ubsec_dh_compute_key (unsigned char *key,const BIGNUM *pub_key,DH *dh
         if ((fd = p_UBSEC_ubsec_open(UBSEC_KEY_DEVICE_NAME)) <= 0)
                 {
                 const DH_METHOD *meth;
-                ENGINEerr(UBSEC_F_UBSEC_INIT, UBSEC_R_UNIT_FAILURE);
+                UBSECerr(UBSEC_F_UBSEC_DH_COMPUTE_KEY, UBSEC_R_UNIT_FAILURE);
                 meth = DH_OpenSSL();
                 ret = meth->compute_key(key, pub_key, dh);
                 goto err;
@@ -891,7 +899,7 @@ static int ubsec_dh_compute_key (unsigned char *key,const BIGNUM *pub_key,DH *dh
                 {
                 /* Hardware's a no go, failover to software */
                 const DH_METHOD *meth;
-                ENGINEerr(UBSEC_F_UBSEC_DH_COMPUTE_KEY, UBSEC_R_REQUEST_FAILED);
+                UBSECerr(UBSEC_F_UBSEC_DH_COMPUTE_KEY, UBSEC_R_REQUEST_FAILED);
                 p_UBSEC_ubsec_close(fd);
 
                 meth = DH_OpenSSL();
@@ -907,7 +915,7 @@ err:
         return ret;
         }
 
-static int ubsec_dh_generate_key (DH *dh)
+static int ubsec_dh_generate_key(DH *dh)
         {
         int      ret               = 0,
                  random_bits       = 0,
@@ -953,7 +961,7 @@ static int ubsec_dh_generate_key (DH *dh)
         if ((fd = p_UBSEC_ubsec_open(UBSEC_KEY_DEVICE_NAME)) <= 0)
                 {
                 const DH_METHOD *meth;
-                ENGINEerr(UBSEC_F_UBSEC_INIT, UBSEC_R_UNIT_FAILURE);
+                UBSECerr(UBSEC_F_UBSEC_DH_GENERATE_KEY, UBSEC_R_UNIT_FAILURE);
                 meth = DH_OpenSSL();
                 ret = meth->generate_key(dh);
                 goto err;
@@ -969,7 +977,7 @@ static int ubsec_dh_generate_key (DH *dh)
                 /* Hardware's a no go, failover to software */
                 const DH_METHOD *meth;
 
-                ENGINEerr(UBSEC_F_UBSEC_DH_COMPUTE_KEY, UBSEC_R_REQUEST_FAILED);
+                UBSECerr(UBSEC_F_UBSEC_DH_GENERATE_KEY, UBSEC_R_REQUEST_FAILED);
                 p_UBSEC_ubsec_close(fd);
 
                 meth = DH_OpenSSL();
@@ -1001,7 +1009,7 @@ static int ubsec_rand_bytes(unsigned char * buf,
         if ((fd = p_UBSEC_ubsec_open(UBSEC_KEY_DEVICE_NAME)) <= 0)
                 {
                 const RAND_METHOD *meth;
-                ENGINEerr(UBSEC_F_UBSEC_INIT, UBSEC_R_UNIT_FAILURE);
+                UBSECerr(UBSEC_F_UBSEC_RAND_BYTES, UBSEC_R_UNIT_FAILURE);
                 num = p_UBSEC_ubsec_bits_to_bytes(num);
                 meth = RAND_SSLeay();
                 meth->seed(buf, num);
@@ -1019,7 +1027,7 @@ static int ubsec_rand_bytes(unsigned char * buf,
                 /* Hardware's a no go, failover to software */
                 const RAND_METHOD *meth;
 
-                ENGINEerr(UBSEC_F_UBSEC_RNG_BYTES, UBSEC_R_REQUEST_FAILED);
+                UBSECerr(UBSEC_F_UBSEC_RAND_BYTES, UBSEC_R_REQUEST_FAILED);
                 p_UBSEC_ubsec_close(fd);
 
                 num = p_UBSEC_ubsec_bits_to_bytes(num);
diff --git a/engines/e_ubsec_err.c b/engines/e_ubsec_err.c
index 5504116511..14c3d61e24 100644
--- a/engines/e_ubsec_err.c
+++ b/engines/e_ubsec_err.c
@@ -1,6 +1,6 @@
-/* hw_ubsec_err.c */
+/* e_ubsec_err.c */
 /* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -64,32 +64,38 @@
 
 /* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
+
+#define ERR_FUNC(func) ERR_PACK(0,func,0)
+#define ERR_REASON(reason) ERR_PACK(0,0,reason)
+
 static ERR_STRING_DATA UBSEC_str_functs[]=
 	{
-{ERR_PACK(0,UBSEC_F_UBSEC_CTRL,0),	"UBSEC_CTRL"},
-{ERR_PACK(0,UBSEC_F_UBSEC_DH_COMPUTE_KEY,0),	"UBSEC_DH_COMPUTE_KEY"},
-{ERR_PACK(0,UBSEC_F_UBSEC_DSA_SIGN,0),	"UBSEC_DSA_SIGN"},
-{ERR_PACK(0,UBSEC_F_UBSEC_DSA_VERIFY,0),	"UBSEC_DSA_VERIFY"},
-{ERR_PACK(0,UBSEC_F_UBSEC_FINISH,0),	"UBSEC_FINISH"},
-{ERR_PACK(0,UBSEC_F_UBSEC_INIT,0),	"UBSEC_INIT"},
-{ERR_PACK(0,UBSEC_F_UBSEC_MOD_EXP,0),	"UBSEC_MOD_EXP"},
-{ERR_PACK(0,UBSEC_F_UBSEC_RNG_BYTES,0),	"UBSEC_RNG_BYTES"},
-{ERR_PACK(0,UBSEC_F_UBSEC_RSA_MOD_EXP,0),	"UBSEC_RSA_MOD_EXP"},
-{ERR_PACK(0,UBSEC_F_UBSEC_RSA_MOD_EXP_CRT,0),	"UBSEC_RSA_MOD_EXP_CRT"},
+{ERR_FUNC(UBSEC_F_UBSEC_CTRL),	"UBSEC_CTRL"},
+{ERR_FUNC(UBSEC_F_UBSEC_DH_COMPUTE_KEY),	"UBSEC_DH_COMPUTE_KEY"},
+{ERR_FUNC(UBSEC_F_UBSEC_DH_GENERATE_KEY),	"UBSEC_DH_GENERATE_KEY"},
+{ERR_FUNC(UBSEC_F_UBSEC_DSA_DO_SIGN),	"UBSEC_DSA_DO_SIGN"},
+{ERR_FUNC(UBSEC_F_UBSEC_DSA_VERIFY),	"UBSEC_DSA_VERIFY"},
+{ERR_FUNC(UBSEC_F_UBSEC_FINISH),	"UBSEC_FINISH"},
+{ERR_FUNC(UBSEC_F_UBSEC_INIT),	"UBSEC_INIT"},
+{ERR_FUNC(UBSEC_F_UBSEC_MOD_EXP),	"UBSEC_MOD_EXP"},
+{ERR_FUNC(UBSEC_F_UBSEC_MOD_EXP_CRT),	"UBSEC_MOD_EXP_CRT"},
+{ERR_FUNC(UBSEC_F_UBSEC_RAND_BYTES),	"UBSEC_RAND_BYTES"},
+{ERR_FUNC(UBSEC_F_UBSEC_RSA_MOD_EXP),	"UBSEC_RSA_MOD_EXP"},
+{ERR_FUNC(UBSEC_F_UBSEC_RSA_MOD_EXP_CRT),	"UBSEC_RSA_MOD_EXP_CRT"},
 {0,NULL}
 	};
 
 static ERR_STRING_DATA UBSEC_str_reasons[]=
 	{
-{UBSEC_R_ALREADY_LOADED                  ,"already loaded"},
-{UBSEC_R_BN_EXPAND_FAIL                  ,"bn expand fail"},
-{UBSEC_R_CTRL_COMMAND_NOT_IMPLEMENTED    ,"ctrl command not implemented"},
-{UBSEC_R_DSO_FAILURE                     ,"dso failure"},
-{UBSEC_R_MISSING_KEY_COMPONENTS          ,"missing key components"},
-{UBSEC_R_NOT_LOADED                      ,"not loaded"},
-{UBSEC_R_REQUEST_FAILED                  ,"request failed"},
-{UBSEC_R_SIZE_TOO_LARGE_OR_TOO_SMALL     ,"size too large or too small"},
-{UBSEC_R_UNIT_FAILURE                    ,"unit failure"},
+{ERR_REASON(UBSEC_R_ALREADY_LOADED)      ,"already loaded"},
+{ERR_REASON(UBSEC_R_BN_EXPAND_FAIL)      ,"bn expand fail"},
+{ERR_REASON(UBSEC_R_CTRL_COMMAND_NOT_IMPLEMENTED),"ctrl command not implemented"},
+{ERR_REASON(UBSEC_R_DSO_FAILURE)         ,"dso failure"},
+{ERR_REASON(UBSEC_R_MISSING_KEY_COMPONENTS),"missing key components"},
+{ERR_REASON(UBSEC_R_NOT_LOADED)          ,"not loaded"},
+{ERR_REASON(UBSEC_R_REQUEST_FAILED)      ,"request failed"},
+{ERR_REASON(UBSEC_R_SIZE_TOO_LARGE_OR_TOO_SMALL),"size too large or too small"},
+{ERR_REASON(UBSEC_R_UNIT_FAILURE)        ,"unit failure"},
 {0,NULL}
 	};
 
diff --git a/engines/e_ubsec_err.h b/engines/e_ubsec_err.h
index 023d3be771..b10b2387f2 100644
--- a/engines/e_ubsec_err.h
+++ b/engines/e_ubsec_err.h
@@ -55,6 +55,10 @@
 #ifndef HEADER_UBSEC_ERR_H
 #define HEADER_UBSEC_ERR_H
 
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
 /* BEGIN ERROR CODES */
 /* The following lines are auto generated by the script mkerr.pl. Any changes
  * made after this point may be overwritten when the script is next run.
@@ -69,12 +73,14 @@ static void ERR_UBSEC_error(int function, int reason, char *file, int line);
 /* Function codes. */
 #define UBSEC_F_UBSEC_CTRL				 100
 #define UBSEC_F_UBSEC_DH_COMPUTE_KEY			 101
-#define UBSEC_F_UBSEC_DSA_SIGN				 102
+#define UBSEC_F_UBSEC_DH_GENERATE_KEY			 111
+#define UBSEC_F_UBSEC_DSA_DO_SIGN			 102
 #define UBSEC_F_UBSEC_DSA_VERIFY			 103
 #define UBSEC_F_UBSEC_FINISH				 104
 #define UBSEC_F_UBSEC_INIT				 105
 #define UBSEC_F_UBSEC_MOD_EXP				 106
-#define UBSEC_F_UBSEC_RNG_BYTES				 107
+#define UBSEC_F_UBSEC_MOD_EXP_CRT			 110
+#define UBSEC_F_UBSEC_RAND_BYTES			 107
 #define UBSEC_F_UBSEC_RSA_MOD_EXP			 108
 #define UBSEC_F_UBSEC_RSA_MOD_EXP_CRT			 109
 
diff --git a/engines/makeengines.com b/engines/makeengines.com
index e5a3aaa1ce..befb007d77 100644
--- a/engines/makeengines.com
+++ b/engines/makeengines.com
@@ -1,11 +1,11 @@
 $!
-$!  MAKEAPPS.COM
+$!  MAKEENGINES.COM
 $!  Written By:  Richard Levitte
 $!               richard@levitte.org
 $!
 $!  This command file compiles and creates the various engines in form
 $!  of shared images.  They are placed in [.xxx.EXE.ENGINES], where "xxx"
-$!  is either AXP or VAX depending on your hardware.
+$!  is ALPHA, IA64 or VAX, depending on your hardware.
 $!
 $!  P1	if this is ENGINES or ALL, the engines will build, otherwise not.
 $!
@@ -34,19 +34,53 @@ $!
 $!-----------------------------------------------------------------------------
 $!
 $! Set the names of the engines we want to build
+$! NOTE: Some might think this list ugly.  However, it's made this way to
+$! reflect the LIBNAMES variable in Makefile as closely as possible,
+$! thereby making it fairly easy to verify that the lists are the same.
+$! NOTE: gmp isn't built, as it's mostly a test engine and brings in another
+$! library that isn't necessarely ported to VMS.
 $!
 $ ENGINES = "," + P7
 $ IF ENGINES .EQS. "," THEN -
-	ENGINES = ",4758_cca,aep,atalla,cswift,ncipher,nuron,sureware,ubsec"
+	ENGINES = ",4758cca,aep,atalla,cswift,chil,nuron,sureware,ubsec,padlock,ccgost"
 $!
 $! Set the default TCP/IP library to link against if needed
 $!
 $ TCPIP_LIB = ""
 $!
-$! Set the architecture name
+$! Check What Architecture We Are Using.
 $!
-$ ARCH := VAX
-$ IF F$GETSYI("CPU") .GE. 128 THEN ARCH := AXP
+$ IF (F$GETSYI("CPU").LT.128)
+$ THEN
+$!
+$!  The Architecture Is VAX.
+$!
+$   ARCH := VAX
+$!
+$! Else...
+$!
+$ ELSE
+$!
+$!  The Architecture Is Alpha, IA64 or whatever comes in the future.
+$!
+$   ARCH = F$EDIT( F$GETSYI( "ARCH_NAME"), "UPCASE")
+$   IF (ARCH .EQS. "") THEN ARCH = "UNK"
+$!
+$! End The Architecture Check.
+$!
+$ ENDIF
+$!
+$! Set the goal directories, and creat them if necessary
+$!
+$ OBJ_DIR := SYS$DISK:[-.'ARCH'.OBJ.ENGINES]
+$ EXE_DIR := SYS$DISK:[-.'ARCH'.EXE.ENGINES]
+$ IF F$PARSE(OBJ_DIR) .EQS. "" THEN CREATE/DIRECTORY 'OBJ_DIR'
+$ IF F$PARSE(EXE_DIR) .EQS. "" THEN CREATE/DIRECTORY 'EXE_DIR'
+$!
+$! Set the goal files, and create them if necessary
+$!
+$ CRYPTO_LIB :=SYS$DISK:[-.'ARCH'.EXE.CRYPTO]LIBCRYPTO.OLB
+$ IF F$SEARCH(CRYPTO_LIB) .EQS. "" THEN LIBRARY/CREATE/OBJECT 'CRYPTO_LIB'
 $!
 $! OK, time to check options and initialise
 $!
@@ -75,22 +109,31 @@ $ CRYPTO_LIB :=SYS$DISK:[-.'ARCH'.EXE.CRYPTO]LIBCRYPTO'FILE_POINTER_SIZE'.OLB
 $ CRYPTO_EXE :=SYS$DISK:[-.'ARCH'.EXE.CRYPTO]LIBCRYPTO'FILE_POINTER_SIZE'.EXE
 $ IF F$SEARCH(CRYPTO_LIB) .EQS. "" THEN LIBRARY/CREATE/OBJECT 'CRYPTO_LIB'
 $!
-$! Define what goes into each engine
+$! Define what goes into each engine.  VAX includes a transfer vector.
 $!
 $ ENGINE_ = ""
+$ TV_OBJ = ""
 $ IF ARCH .EQS. "VAX"
 $ THEN
 $   ENGINE_ = "engine_vector.mar"
-$   EXTRA_OBJ := ,'OBJ_DIR'ENGINE_VECTOR.OBJ
+$   TV_OBJ_NAME = OBJ_DIR + F$PARSE(ENGINE_,,,"NAME","SYNTAX_ONLY") + ".OBJ"
+$   TV_OBJ = ",''TV_OBJ_NAME'"
 $ ENDIF
-$ ENGINE_4758_CCA = "e_4758_cca"
+$ ENGINE_4758CCA = "e_4758cca"
 $ ENGINE_aep = "e_aep"
 $ ENGINE_atalla = "e_atalla"
 $ ENGINE_cswift = "e_cswift"
-$ ENGINE_ncipher = "e_ncipher"
+$ ENGINE_chil = "e_chil"
 $ ENGINE_nuron = "e_nuron"
 $ ENGINE_sureware = "e_sureware"
 $ ENGINE_ubsec = "e_ubsec"
+$ ENGINE_ubsec = "e_padlock"
+$
+$ ENGINE_ccgost_SUBDIR = "ccgost"
+$ ENGINE_ccgost = "e_gost_err,gost2001_keyx,gost2001,gost89,gost94_keyx,"+ -
+		  "gost_ameth,gost_asn1,gost_crypt,gost_ctl,gost_eng,"+ -
+		  "gosthash,gost_keywrap,gost_md,gost_params,gost_pmeth,"+ -
+		  "gost_sign"
 $!
 $! Define which programs need to be linked with a TCP/IP library
 $!
@@ -137,6 +180,10 @@ $ ELSE
 $   WRITE SYS$OUTPUT "Compiling Support Files. (",BUILDALL,")"
 $ ENDIF
 $!
+$!  Create a .OPT file for the object files
+$!
+$ OPEN/WRITE OBJECTS 'EXE_DIR''ENGINE_NAME'.OPT
+$!
 $! Here's the start of per-engine module loop.
 $!
 $ FILE_COUNTER = 0
@@ -153,7 +200,12 @@ $ IF FILE_NAME .EQS. "" THEN GOTO FILE_NEXT
 $!
 $! Set up the source and object reference
 $!
-$ SOURCE_FILE = F$PARSE(FILE_NAME,"SYS$DISK:[].C",,,"SYNTAX_ONLY")
+$ IF F$TYPE('LIB_ENGINE'_SUBDIR) .EQS. ""
+$ THEN
+$     SOURCE_FILE = F$PARSE(FILE_NAME,"SYS$DISK:[].C",,,"SYNTAX_ONLY")
+$ ELSE
+$     SOURCE_FILE = F$PARSE(FILE_NAME,"SYS$DISK:[."+'LIB_ENGINE'_SUBDIR+"].C",,,"SYNTAX_ONLY")
+$ ENDIF
 $ OBJECT_FILE = OBJ_DIR + F$PARSE(FILE_NAME,,,"NAME","SYNTAX_ONLY") + ".OBJ"
 $!
 $! If we get some problem, we just go on trying to build the next module.
@@ -176,12 +228,28 @@ $!
 $! Do the dirty work.
 $!
 $ ON ERROR THEN GOTO FILE_NEXT
-$ IF FILE_NAME - ".MAR" .NES. FILE_NAME
+$ IF F$EDIT(F$PARSE(SOURCE_FILE,,,"TYPE","SYNTAX_ONLY"),"UPCASE") .EQS. ".MAR"
 $ THEN
 $   MACRO/OBJECT='OBJECT_FILE' 'SOURCE_FILE'
 $ ELSE
 $   CC/OBJECT='OBJECT_FILE' 'SOURCE_FILE'
 $ ENDIF
+$ WRITE OBJECTS OBJECT_FILE
+$!
+$! Next file
+$!
+$ GOTO FILE_NEXT
+$!
+$ FILE_DONE:
+$ CLOSE OBJECTS
+$!
+$! Do not link the support files.
+$!
+$ IF ENGINE_NAME .EQS. "" THEN GOTO ENGINE_NEXT
+$!
+$! Do not link the support files.
+$!
+$ IF ENGINE_NAME .EQS. "" THEN GOTO ENGINE_NEXT
 $!
 $! Now, there are two ways to handle this.  We can either build 
 $! shareable images or stick the engine object file into libcrypto.
@@ -197,27 +265,17 @@ $ _save_ver = f$verify(1)
 $ IF TCPIP_LIB .NES. ""
 $ THEN
 $   LINK/'DEBUGGER'/'TRACEBACK' /SHARE='EXE_DIR''ENGINE_NAME'.EXE -
-	'OBJECT_FILE''EXTRA_OBJ', -
+	'EXE_DIR''ENGINE_NAME'.OPT/OPTION'TV_OBJ', -
 	'CRYPTO_LIB'/LIBRARY, -
 	'ENGINE_OPT'/OPTION,'TCPIP_LIB','OPT_FILE'/OPTION
 $ ELSE
 $   LINK/'DEBUGGER'/'TRACEBACK' /SHARE='EXE_DIR''ENGINE_NAME'.EXE -
-	'OBJECT_FILE''EXTRA_OBJ', -
+	'EXE_DIR''ENGINE_NAME'.OPT/OPTION'TV_OBJ', -
         'CRYPTO_LIB'/LIBRARY, -
 	'ENGINE_OPT'/OPTION,'OPT_FILE'/OPTION
 $ ENDIF
 $ _save_ver := 'f$verify(_save_ver)
 $!
-$! Clean up
-$!
-$ DELETE 'OBJECT_FILE';*
-$!
-$! Next file
-$!
-$ GOTO FILE_NEXT
-$!
-$ FILE_DONE:
-$!
 $! Next engine
 $!
 $ GOTO ENGINE_NEXT
@@ -304,7 +362,7 @@ $!
 $   IF (F$SEARCH(OPT_FILE).EQS."")
 $   THEN
 $!
-$!    Figure Out If We Need An AXP Or A VAX Linker Option File.
+$!    Figure Out If We Need A non-VAX Or A VAX Linker Option File.
 $!
 $     IF ARCH .EQS. "VAX"
 $     THEN
@@ -324,19 +382,19 @@ $!    Else...
 $!
 $     ELSE
 $!
-$!      Create The AXP Linker Option File.
+$!      Create The non-VAX Linker Option File.
 $!
 $       CREATE 'OPT_FILE'
 $DECK
 !
-! Default System Options File For AXP To Link Agianst 
+! Default System Options File For non-VAX To Link Agianst 
 ! The Sharable C Runtime Library.
 !
 SYS$SHARE:CMA$OPEN_LIB_SHR/SHARE
 SYS$SHARE:CMA$OPEN_RTL/SHARE
 $EOD
 $!
-$!    End The VAX/AXP DEC C Option File Check.
+$!    End The DEC C Option File Check.
 $!
 $     ENDIF
 $!
@@ -401,8 +459,9 @@ $     IF ("," + ACCEPT_PHASE + ",") - ",ENGINES," -
 $     WRITE SYS$OUTPUT ""
 $     WRITE SYS$OUTPUT " where 'xxx' stands for:"
 $     WRITE SYS$OUTPUT ""
-$     WRITE SYS$OUTPUT "        AXP  :  Alpha architecture."
-$     WRITE SYS$OUTPUT "        VAX  :  VAX architecture."
+$     WRITE SYS$OUTPUT "    ALPHA    :  Alpha architecture."
+$     WRITE SYS$OUTPUT "    IA64     :  IA64 architecture."
+$     WRITE SYS$OUTPUT "    VAX      :  VAX architecture."
 $     WRITE SYS$OUTPUT ""
 $!
 $!    Time To EXIT.
@@ -527,7 +586,7 @@ $   ELSE
 $!
 $!    Check To See If We Have VAXC Or DECC.
 $!
-$     IF (ARCH.EQS."AXP").OR.(F$TRNLNM("DECC$CC_DEFAULT").NES."")
+$     IF (ARCH.NES."VAX").OR.(F$TRNLNM("DECC$CC_DEFAULT").NES."")
 $     THEN 
 $!
 $!      Looks Like DECC, Set To Use DECC.
@@ -638,7 +697,7 @@ $     CC = CC + "/''CC_OPTIMIZE'/''DEBUGGER'/STANDARD=ANSI89" + -
 $!
 $!    Define The Linker Options File Name.
 $!
-$     OPT_FILE = "SYS$DISK:[]VAX_DECC_OPTIONS.OPT"
+$     OPT_FILE = "''EXE_DIR'VAX_DECC_OPTIONS.OPT"
 $!
 $!  End DECC Check.
 $!
@@ -660,7 +719,7 @@ $!
 $!    Compile Using VAXC.
 $!
 $     CC = "CC"
-$     IF ARCH.EQS."AXP"
+$     IF ARCH.NES."VAX"
 $     THEN
 $	WRITE SYS$OUTPUT "There is no VAX C on Alpha!"
 $	EXIT
@@ -677,7 +736,7 @@ $     DEFINE/NOLOG SYS SYS$COMMON:[SYSLIB]
 $!
 $!    Define The Linker Options File Name.
 $!
-$     OPT_FILE = "SYS$DISK:[]VAX_VAXC_OPTIONS.OPT"
+$     OPT_FILE = "''EXE_DIR'VAX_VAXC_OPTIONS.OPT"
 $!
 $!  End VAXC Check
 $!
@@ -704,7 +763,7 @@ $     CC = "GCC/NOCASE_HACK/''GCC_OPTIMIZE'/''DEBUGGER'/NOLIST" + -
 $!
 $!    Define The Linker Options File Name.
 $!
-$     OPT_FILE = "SYS$DISK:[]VAX_GNUC_OPTIONS.OPT"
+$     OPT_FILE = "''EXE_DIR'VAX_GNUC_OPTIONS.OPT"
 $!
 $!  End The GNU C Check.
 $!
@@ -816,7 +875,7 @@ $!
 $! Build a MACRO command for the architecture at hand
 $!
 $ IF ARCH .EQS. "VAX" THEN MACRO = "MACRO/''DEBUGGER'"
-$ IF ARCH .EQS. "AXP" THEN MACRO = "MACRO/MIGRATION/''DEBUGGER'/''MACRO_OPTIMIZE'"
+$ IF ARCH .NES. "VAX" THEN MACRO = "MACRO/MIGRATION/''DEBUGGER'/''MACRO_OPTIMIZE'"
 $!
 $!  Show user the result
 $!
diff --git a/engines/vendor_defns/aep.h b/engines/vendor_defns/aep.h
index 2b2792d2d6..5e9754fe43 100644
--- a/engines/vendor_defns/aep.h
+++ b/engines/vendor_defns/aep.h
@@ -171,8 +171,8 @@ typedef AEP_RV t_AEP_GenRandom(AEP_CONNECTION_HNDL hConnection,
 #endif
 
 typedef AEP_RV t_AEP_Initialize(AEP_VOID_PTR pInitArgs);
-typedef AEP_RV t_AEP_Finalize();
-typedef AEP_RV t_AEP_SetBNCallBacks(AEP_RV (*GetBigNumSizeFunc)(),
-				    AEP_RV (*MakeAEPBigNumFunc)(),
-				    AEP_RV (*ConverAEPBigNumFunc)());
+typedef AEP_RV t_AEP_Finalize(void);
+typedef AEP_RV t_AEP_SetBNCallBacks(AEP_RV (*GetBigNumSizeFunc)(AEP_VOID_PTR ArbBigNum, AEP_U32* BigNumSize),
+				    AEP_RV (*MakeAEPBigNumFunc)(AEP_VOID_PTR ArbBigNum, AEP_U32 BigNumSize, unsigned char* AEP_BigNum),
+				    AEP_RV (*ConverAEPBigNumFunc)(void* ArbBigNum, AEP_U32 BigNumSize, unsigned char* AEP_BigNum));
 
diff --git a/engines/vendor_defns/sureware.h b/engines/vendor_defns/sureware.h
index 4bc22027f9..e46b000ddc 100644
--- a/engines/vendor_defns/sureware.h
+++ b/engines/vendor_defns/sureware.h
@@ -47,7 +47,7 @@ extern SW_EXPORT SureWareHook_Init_t SureWareHook_Init;
 /*
 *	SureWare Finish function
 */
-typedef void SureWareHook_Finish_t();
+typedef void SureWareHook_Finish_t(void);
 extern SW_EXPORT SureWareHook_Finish_t SureWareHook_Finish;
 /*
 *	 PRE_CONDITION:
diff --git a/include/.cvsignore b/include/.cvsignore
index 72e8ffc0db..55e25b4c8c 100644
--- a/include/.cvsignore
+++ b/include/.cvsignore
@@ -1 +1,3 @@
 *
+*.flc
+semantic.cache
diff --git a/install.com b/install.com
index 7c88603e46..d9285e6150 100644
--- a/install.com
+++ b/install.com
@@ -7,15 +7,25 @@ $! P1	root of the directory tree
 $! P2	prefix for certain file (this is really for Compaq, who need to
 $!	use the SSL$ prefix)
 $!
+$	DEF_ORIG = F$ENVIRONMENT( "DEFAULT")
+$	ON ERROR THEN GOTO TIDY
+$	ON CONTROL_C THEN GOTO TIDY
+$
 $	IF P1 .EQS. ""
 $	THEN
 $	    WRITE SYS$OUTPUT "First argument missing."
-$	    WRITE SYS$OUTPUT "Should be the directory where you want things installed."
+$	    WRITE SYS$OUTPUT -
+		  "It Should be the directory where you want things installed."
 $	    EXIT
 $	ENDIF
 $
-$	ARCH = "AXP"
-$	IF F$GETSYI("CPU") .LT. 128 THEN ARCH = "VAX"
+$	IF (F$GETSYI("CPU").LT.128)
+$	THEN
+$	    ARCH := VAX
+$	ELSE
+$	    ARCH = F$EDIT( F$GETSYI( "ARCH_NAME"), "UPCASE")
+$	    IF (ARCH .EQS. "") THEN ARCH = "UNK"
+$	ENDIF
 $
 $	ROOT = F$PARSE(P1,"[]A.;0",,,"SYNTAX_ONLY,NO_CONCEAL") - "A.;0"
 $	ROOT_DEV = F$PARSE(ROOT,,,"DEVICE","SYNTAX_ONLY")
@@ -24,26 +34,27 @@ $	ROOT_DIR = F$PARSE(ROOT,,,"DIRECTORY","SYNTAX_ONLY") -
 $	ROOT = ROOT_DEV + "[" + ROOT_DIR
 $
 $	DEFINE/NOLOG WRK_SSLROOT 'ROOT'.] /TRANS=CONC
-$	DEFINE/NOLOG WRK_SSLVLIB WRK_SSLROOT:[VAX_LIB]
-$	DEFINE/NOLOG WRK_SSLALIB WRK_SSLROOT:[ALPHA_LIB]
+$	DEFINE/NOLOG WRK_SSLXLIB WRK_SSLROOT:['ARCH'_LIB]
 $	DEFINE/NOLOG WRK_SSLLIB WRK_SSLROOT:[LIB]
 $	DEFINE/NOLOG WRK_SSLINCLUDE WRK_SSLROOT:[INCLUDE]
-$	DEFINE/NOLOG WRK_SSLVEXE WRK_SSLROOT:[VAX_EXE]
-$	DEFINE/NOLOG WRK_SSLAEXE WRK_SSLROOT:[ALPHA_EXE]
+$	DEFINE/NOLOG WRK_SSLXEXE WRK_SSLROOT:['ARCH'_EXE]
 $	DEFINE/NOLOG WRK_SSLCERTS WRK_SSLROOT:[CERTS]
 $	DEFINE/NOLOG WRK_SSLCOM WRK_SSLROOT:[COM]
 $	DEFINE/NOLOG WRK_SSLPRIVATE WRK_SSLROOT:[PRIVATE]
 $
+$!
+$! Exhibit the destination directory.
+$!
+$	WRITE SYS$OUTPUT "   Installing to (WRK_SSLROOT) ="
+$	WRITE SYS$OUTPUT "    ''f$trnlnm( "WRK_SSLROOT")'"
+$	WRITE SYS$OUTPUT ""
+$
 $	IF F$PARSE("WRK_SSLROOT:[000000]") .EQS. "" THEN -
 	   CREATE/DIR/LOG WRK_SSLROOT:[000000]
-$	IF F$PARSE("WRK_SSLVEXE:") .EQS. "" THEN -
-	   CREATE/DIR/LOG WRK_SSLVEXE:
-$	IF F$PARSE("WRK_SSLAEXE:") .EQS. "" THEN -
-	   CREATE/DIR/LOG WRK_SSLAEXE:
-$	IF F$PARSE("WRK_SSLVLIB:") .EQS. "" THEN -
-	   CREATE/DIR/LOG WRK_SSLVLIB:
-$	IF F$PARSE("WRK_SSLALIB:") .EQS. "" THEN -
-	   CREATE/DIR/LOG WRK_SSLALIB:
+$	IF F$PARSE("WRK_SSLXEXE:") .EQS. "" THEN -
+	   CREATE/DIR/LOG WRK_SSLXEXE:
+$	IF F$PARSE("WRK_SSLXLIB:") .EQS. "" THEN -
+	   CREATE/DIR/LOG WRK_SSLXLIB:
 $	IF F$PARSE("WRK_SSLLIB:") .EQS. "" THEN -
 	   CREATE/DIR/LOG WRK_SSLLIB:
 $	IF F$PARSE("WRK_SSLINCLUDE:") .EQS. "" THEN -
@@ -75,21 +86,22 @@ $	SET DEFAULT [-]
 $	GOTO LOOP_SDIRS
 $ LOOP_SDIRS_END:
 $
+$	WRITE SYS$OUTPUT ""
+$	WRITE SYS$OUTPUT "	Installation done!"
+$	WRITE SYS$OUTPUT ""
+$	WRITE SYS$OUTPUT "	You might want to purge ",ROOT,"...]"
+$	WRITE SYS$OUTPUT ""
+$
+$ TIDY:
+$	SET DEFAULT 'DEF_ORIG'
+$
 $	DEASSIGN WRK_SSLROOT
-$	DEASSIGN WRK_SSLVLIB
-$	DEASSIGN WRK_SSLALIB
+$	DEASSIGN WRK_SSLXLIB
 $	DEASSIGN WRK_SSLLIB
 $	DEASSIGN WRK_SSLINCLUDE
-$	DEASSIGN WRK_SSLVEXE
-$	DEASSIGN WRK_SSLAEXE
+$	DEASSIGN WRK_SSLXEXE
 $	DEASSIGN WRK_SSLCERTS
 $	DEASSIGN WRK_SSLCOM
 $	DEASSIGN WRK_SSLPRIVATE
 $
-$	WRITE SYS$OUTPUT ""
-$	WRITE SYS$OUTPUT "	Installation done!"
-$	WRITE SYS$OUTPUT ""
-$	WRITE SYS$OUTPUT "	You might want to purge ",ROOT,"...]"
-$	WRITE SYS$OUTPUT ""
-$
 $	EXIT
diff --git a/makevms.com b/makevms.com
index 0f2f8a466b..c38e88ad9f 100755
--- a/makevms.com
+++ b/makevms.com
@@ -7,18 +7,19 @@ $!                A-Com Computing, Inc.
 $!                byer@mail.all-net.net
 $!
 $! Changes by Richard Levitte <richard@levitte.org>
+$!	      Zoltan Arpadffy <zoli@polarhome.com>
 $!
 $! This procedure creates the SSL libraries of "[.xxx.EXE.CRYPTO]LIBCRYPTO.OLB"
 $! "[.xxx.EXE.SSL]LIBSSL.OLB"
-$! The "xxx" denotes the machine architecture of AXP or VAX.
+$! The "xxx" denotes the machine architecture of ALPHA, IA64 or VAX.
 $!
 $! This procedures accepts two command line options listed below.
 $!
 $! Specify one of the following build options for P1.
 $!
 $!      ALL       Just build "everything".
-$!      CONFIG    Just build the "[.CRYPTO]OPENSSLCONF.H" file.
-$!      BUILDINF  Just build the "[.CRYPTO]BUILDINF.H" file.
+$!      CONFIG    Just build the "[.CRYPTO.<ARCH>]OPENSSLCONF.H" file.
+$!      BUILDINF  Just build the "[.CRYPTO.<ARCH>]BUILDINF.H" file.
 $!      SOFTLINKS Just fix the Unix soft links.
 $!      BUILDALL  Same as ALL, except CONFIG, BUILDINF and SOFTILNKS aren't done.
 $!      CRYPTO    Just build the "[.xxx.EXE.CRYPTO]LIBCRYPTO.OLB" library.
@@ -38,7 +39,7 @@ $!
 $! Speficy DEBUG or NODEBUG as P3 to compile with or without debugging
 $! information.
 $!
-$! Specify which compiler at P4 to try to compile under.
+$! Specify which compiler as P4 to try to compile under.
 $!
 $!	VAXC	For VAX C.
 $!	DECC	For DEC C.
@@ -69,6 +70,10 @@ $!
 $!
 $ EXIT_STATUS = 1
 $!
+$ DEF_ORIG = F$ENVIRONMENT( "DEFAULT")
+$ ON ERROR THEN GOTO TIDY
+$ ON CONTROL_C THEN GOTO TIDY
+$!
 $! Check if we're in a batch job, and make sure we get to 
 $! the directory this script is in
 $!
@@ -94,20 +99,21 @@ $!
 $!
 $! Check Which Architecture We Are Using.
 $!
-$ IF (F$GETSYI("CPU").GE.128)
+$ IF (F$GETSYI("CPU").LT.128)
 $ THEN
 $!
-$!  The Architecture Is AXP.
+$!  The Architecture Is VAX.
 $!
-$   ARCH := AXP
+$   ARCH := VAX
 $!
 $! Else...
 $!
 $ ELSE
 $!
-$!  The Architecture Is VAX.
+$!  The Architecture Is Alpha, IA64 or whatever comes in the future.
 $!
-$   ARCH := VAX
+$   ARCH = F$EDIT( F$GETSYI( "ARCH_NAME"), "UPCASE")
+$   IF (ARCH .EQS. "") THEN ARCH = "UNK"
 $!
 $! End The Architecture Check.
 $!
@@ -194,23 +200,32 @@ $! Time To EXIT.
 $!
 $ GOTO CLEAN_UP_PATH
 $!
-$! Rebuild The "[.CRYPTO]OPENSSLCONF.H" file.
+$! Rebuild The "[.CRYPTO.''ARCH']OPENSSLCONF.H" file.
 $!
 $ CONFIG:
 $!
-$! Tell The User We Are Creating The [.CRYPTO]OPENSSLCONF.H File.
+$! Tell The User We Are Creating The [.CRYPTO.<ARCH>]OPENSSLCONF.H File.
+$!
+$ WRITE SYS$OUTPUT "Creating [.CRYPTO.''ARCH']OPENSSLCONF.H Include File."
 $!
-$ WRITE SYS$OUTPUT "Creating [.CRYPTO]OPENSSLCONF.H Include File."
+$! First, make sure the directory exists.
 $!
-$! Create The [.CRYPTO]OPENSSLCONF.H File.
+$ IF F$PARSE("SYS$DISK:[.CRYPTO.''ARCH']") .EQS. "" THEN -
+     CREATE/DIRECTORY SYS$DISK:[.CRYPTO.'ARCH']
 $!
-$ OPEN/WRITE H_FILE SYS$DISK:[.CRYPTO]OPENSSLCONF.H
+$! Create The [.CRYPTO.<ARCH>]OPENSSLCONF.H File.
+$! Make sure it has the right format.
 $!
-$! Write The [.CRYPTO]OPENSSLCONF.H File.
+$ OSCH_NAME = "SYS$DISK:[.CRYPTO.''ARCH']OPENSSLCONF.H"
+$ CREATE /FDL=SYS$INPUT: 'OSCH_NAME'
+RECORD
+        FORMAT stream_lf
+$ OPEN /APPEND H_FILE 'OSCH_NAME'
+$!
+$! Write The [.CRYPTO.<ARCH>]OPENSSLCONF.H File.
 $!
 $ WRITE H_FILE "/* This file was automatically built using makevms.com */"
-$ WRITE H_FILE "/* and [.CRYPTO]OPENSSLCONF.H_IN */"
-$
+$ WRITE H_FILE "/* and [.CRYPTO.''ARCH']OPENSSLCONF.H_IN */"
 $!
 $! Write a few macros that indicate how this system was built.
 $!
@@ -218,9 +233,9 @@ $ WRITE H_FILE ""
 $ WRITE H_FILE "#ifndef OPENSSL_SYS_VMS"
 $ WRITE H_FILE "# define OPENSSL_SYS_VMS"
 $ WRITE H_FILE "#endif"
-$ CONFIG_LOGICALS := NO_ASM,NO_RSA,NO_DSA,NO_DH,NO_MD2,NO_MD5,NO_RIPEMD,-
+$ CONFIG_LOGICALS := NO_ASM,NO_RSA,NO_DSA,NO_DH,NO_MD2,NO_MD5,NO_RIPEMD,WHRLPOOL,-
 	NO_SHA,NO_SHA0,NO_SHA1,NO_DES/NO_MDC2;NO_MDC2,NO_RC2,NO_RC4,NO_RC5,-
-	NO_IDEA,NO_BF,NO_CAST,NO_HMAC,NO_SSL2
+	NO_IDEA,NO_BF,NO_CAST,NO_CAMELLIA,NO_SEED,NO_HMAC,NO_SSL2
 $ CONFIG_LOG_I = 0
 $ CONFIG_LOG_LOOP:
 $   CONFIG_LOG_E1 = F$ELEMENT(CONFIG_LOG_I,",",CONFIG_LOGICALS)
@@ -282,15 +297,15 @@ $     THEN
 $       TYPE [.CRYPTO]OPENSSLCONF.H.IN /OUTPUT=H_FILE:
 $     ELSE
 $       WRITE SYS$ERROR "Couldn't find a [.CRYPTO]OPENSSLCONF.H_IN.  Exiting!"
-$       EXIT_STATUS = 0
+$       $STATUS = %X00018294 ! "%RMS-F-FNF, file not found".
 $       GOTO ERROR_PATH
 $     ENDIF
 $   ENDIF
 $ ENDIF
-$ IF ARCH .EQS. "AXP"
+$ IF ARCH .NES. "VAX"
 $ THEN
 $!
-$!  Write the Alpha specific data
+$!  Write the non-VAX specific data
 $!
 $   WRITE H_FILE "#if defined(HEADER_RC4_H)"
 $   WRITE H_FILE "#undef RC4_INT"
@@ -312,6 +327,7 @@ $   WRITE H_FILE "#define DES_UNROLL"
 $   WRITE H_FILE "#endif"
 $!
 $   WRITE H_FILE "#if defined(HEADER_BN_H)"
+$   WRITE H_FILE "#undef BN_LLONG"	! Never define with SIXTY_FOUR_BIT
 $   WRITE H_FILE "#undef SIXTY_FOUR_BIT_LONG"
 $   WRITE H_FILE "#undef SIXTY_FOUR_BIT"
 $   WRITE H_FILE "#define SIXTY_FOUR_BIT"
@@ -346,6 +362,7 @@ $   WRITE H_FILE "#undef DES_UNROLL"
 $   WRITE H_FILE "#endif"
 $!
 $   WRITE H_FILE "#if defined(HEADER_BN_H)"
+$   WRITE H_FILE "#undef BN_LLONG"	! VAX C/DEC C doesn't have long long
 $   WRITE H_FILE "#undef SIXTY_FOUR_BIT_LONG"
 $   WRITE H_FILE "#undef SIXTY_FOUR_BIT"
 $   WRITE H_FILE "#undef THIRTY_TWO_BIT"
@@ -353,7 +370,13 @@ $   WRITE H_FILE "#define THIRTY_TWO_BIT"
 $   WRITE H_FILE "#undef SIXTEEN_BIT"
 $   WRITE H_FILE "#undef EIGHT_BIT"
 $   WRITE H_FILE "#endif"
-$
+$!
+$! Oddly enough, the following symbol is tested in crypto/sha/sha512.c
+$! before sha.h gets included (and HEADER_SHA_H defined), so we will not
+$! protect this one...
+$   WRITE H_FILE "#undef OPENSSL_NO_SHA512"
+$   WRITE H_FILE "#define OPENSSL_NO_SHA512"
+$!
 $   WRITE H_FILE "#undef OPENSSL_EXPORT_VAR_AS_FUNCTION"
 $   WRITE H_FILE "#define OPENSSL_EXPORT_VAR_AS_FUNCTION"
 $!
@@ -361,40 +384,53 @@ $!  End
 $!
 $ ENDIF
 $!
-$! Close the [.CRYPTO]OPENSSLCONF.H file
+$! Close the [.CRYPTO.<ARCH>]OPENSSLCONF.H file
 $!
 $ CLOSE H_FILE
 $!
+$! Purge The [.CRYPTO.<ARCH>]OPENSSLCONF.H file
+$!
+$ PURGE SYS$DISK:[.CRYPTO.'ARCH']OPENSSLCONF.H
+$!
 $! That's All, Time To RETURN.
 $!
 $ RETURN
 $!
-$! Rebuild The "[.CRYPTO]BUILDINF.H" file.
+$! Rebuild The "[.CRYPTO.<ARCH>]BUILDINF.H" file.
 $!
 $ BUILDINF:
 $!
-$! Tell The User We Are Creating The [.CRYPTO]BUILDINF.H File.
+$! Tell The User We Are Creating The [.CRYPTO.<ARCH>]BUILDINF.H File.
+$!
+$ WRITE SYS$OUTPUT "Creating [.CRYPTO.''ARCH']BUILDINF.H Include File."
 $!
-$ WRITE SYS$OUTPUT "Creating [.CRYPTO]BUILDINF.H Include File."
+$! Create The [.CRYPTO.<ARCH>]BUILDINF.H File.
 $!
-$! Create The [.CRYPTO]BUILDINF.H File.
+$ BIH_NAME = "SYS$DISK:[.CRYPTO.''ARCH']BUILDINF.H"
+$ CREATE /FDL=SYS$INPUT: 'BIH_NAME'
+RECORD
+        FORMAT stream_lf
 $!
-$ OPEN/WRITE H_FILE SYS$DISK:[.CRYPTO]BUILDINF.H
+$ OPEN /APPEND H_FILE 'bih_name'
 $!
 $! Get The Current Date & Time.
 $!
 $ TIME = F$TIME()
 $!
-$! Write The [.CRYPTO]BUILDINF.H File.
+$! Write The [.CRYPTO.<ARCH>]BUILDINF.H File.
 $!
-$ WRITE H_FILE "#define CFLAGS ""''USER_CCFLAGS'"" /* Not filled in for now, but I'll take a crack at it.  KSG */"
-$ WRITE H_FILE "#define PLATFORM ""VMS"""
+$ WRITE H_FILE "#define CFLAGS """" /* Not filled in for now */"
+$ WRITE H_FILE "#define PLATFORM ""VMS ''ARCH' ''VMS_VER'"""
 $ WRITE H_FILE "#define DATE ""''TIME'"" "
 $!
-$! Close The [.CRYPTO]BUILDINF.H File.
+$! Close The [.CRYPTO.<ARCH>]BUILDINF.H File.
 $!
 $ CLOSE H_FILE
 $!
+$! Purge The [.CRYPTO.<ARCH>]BUILDINF.H File.
+$!
+$ PURGE SYS$DISK:[.CRYPTO.'ARCH']BUILDINF.H
+$!
 $! That's All, Time To RETURN.
 $!
 $ RETURN
@@ -458,15 +494,16 @@ $!
 $! Copy All The ".H" Files From The [.CRYPTO] Directory Tree.
 $!
 $ SDIRS := ,-
+   'ARCH',-
    OBJECTS,-
-   MD2,MD4,MD5,SHA,MDC2,HMAC,RIPEMD,-
-   DES,RC2,RC4,RC5,IDEA,BF,CAST,-
-   BN,EC,RSA,DSA,ECDSA,DH,ECDH,DSO,ENGINE,AES,-
+   MD2,MD4,MD5,SHA,MDC2,HMAC,RIPEMD,WHRLPOOL,-
+   DES,AES,RC2,RC4,RC5,IDEA,BF,CAST,CAMELLIA,SEED,MODES,-
+   BN,EC,RSA,DSA,ECDSA,DH,ECDH,DSO,ENGINE,-
    BUFFER,BIO,STACK,LHASH,RAND,ERR,-
    EVP,ASN1,PEM,X509,X509V3,CONF,TXT_DB,PKCS7,PKCS12,COMP,OCSP,UI,KRB5,-
-   STORE
-$ EXHEADER_ := crypto.h,tmdiff.h,opensslv.h,opensslconf.h,ebcdic.h,symhacks.h,-
-		ossl_typ.h
+   STORE,CMS,PQUEUE,TS,JPAKE
+$ EXHEADER_ := crypto.h,opensslv.h,ebcdic.h,symhacks.h,ossl_typ.h
+$ EXHEADER_'ARCH' := opensslconf.h
 $ EXHEADER_OBJECTS := objects.h,obj_mac.h
 $ EXHEADER_MD2 := md2.h
 $ EXHEADER_MD4 := md4.h
@@ -475,13 +512,18 @@ $ EXHEADER_SHA := sha.h
 $ EXHEADER_MDC2 := mdc2.h
 $ EXHEADER_HMAC := hmac.h
 $ EXHEADER_RIPEMD := ripemd.h
+$ EXHEADER_WHRLPOOL := whrlpool.h
 $ EXHEADER_DES := des.h,des_old.h
+$ EXHEADER_AES := aes.h
 $ EXHEADER_RC2 := rc2.h
 $ EXHEADER_RC4 := rc4.h
 $ EXHEADER_RC5 := rc5.h
 $ EXHEADER_IDEA := idea.h
 $ EXHEADER_BF := blowfish.h
 $ EXHEADER_CAST := cast.h
+$ EXHEADER_CAMELLIA := camellia.h
+$ EXHEADER_SEED := seed.h
+$ EXHEADER_MODES := modes.h
 $ EXHEADER_BN := bn.h
 $ EXHEADER_EC := ec.h
 $ EXHEADER_RSA := rsa.h
@@ -491,7 +533,6 @@ $ EXHEADER_DH := dh.h
 $ EXHEADER_ECDH := ecdh.h
 $ EXHEADER_DSO := dso.h
 $ EXHEADER_ENGINE := engine.h
-$ EXHEADER_AES := aes.h
 $ EXHEADER_BUFFER := buffer.h
 $ EXHEADER_BIO := bio.h
 $ EXHEADER_STACK := stack.h,safestack.h
@@ -513,6 +554,10 @@ $ EXHEADER_UI := ui.h,ui_compat.h
 $ EXHEADER_KRB5 := krb5_asn.h
 $!EXHEADER_STORE := store.h,str_compat.h
 $ EXHEADER_STORE := store.h
+$ EXHEADER_CMS := cms.h
+$ EXHEADER_PQUEUE := pqueue.h
+$ EXHEADER_TS := ts.h
+$ EXHEADER_JPAKE := jpake.h
 $
 $ I = 0
 $ LOOP_SDIRS: 
@@ -531,7 +576,7 @@ $ LOOP_SDIRS_END:
 $!
 $! Copy All The ".H" Files From The [.SSL] Directory.
 $!
-$ EXHEADER := ssl.h,ssl2.h,ssl3.h,ssl23.h,tls1.h,kssl.h
+$ EXHEADER := ssl.h,ssl2.h,ssl3.h,ssl23.h,tls1.h,dtls1.h,kssl.h
 $ COPY SYS$DISK:[.SSL]'EXHEADER' SYS$DISK:[.INCLUDE.OPENSSL]
 $!
 $! Purge all doubles
@@ -755,7 +800,7 @@ $   IF (P1.EQS."CONFIGALL")-
        .OR.(P1.EQS."BUILDALL") -
        .OR.(P1.EQS."CRYPTO").OR.(P1.EQS."SSL") -
        .OR.(P1.EQS."SSL_TASK").OR.(P1.EQS."TEST").OR.(P1.EQS."APPS") -
-       .OR.(P1.EQS."CERT_TOOL")
+       .OR.(P1.EQS."ENGINES").OR.(P1.EQS."CERT_TOOL")
 $   THEN
 $!
 $!    A Valid Arguement.
@@ -769,12 +814,16 @@ $!
 $!    Tell The User We Don't Know What They Want.
 $!
 $     WRITE SYS$OUTPUT ""
-$     WRITE SYS$OUTPUT "The Option ",P1," Is Invalid.  The Valid Options Are:"
+$     WRITE SYS$OUTPUT "USAGE:   @MAKEVMS.COM [Target] [not-used option] [Debug option] <Compiler>"
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT "Example: @MAKEVMS.COM ALL """" NODEBUG "
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT "The Target ",P1," Is Invalid.  The Valid Target Options Are:"
 $     WRITE SYS$OUTPUT ""
 $     WRITE SYS$OUTPUT "    ALL      :  Just Build Everything."
 $     WRITE SYS$OUTPUT "    CONFIGALL:  Same as CONFIG, BUILDINF and SOTLINIKS."
-$     WRITE SYS$OUTPUT "    CONFIG   :  Just build the [.CRYPTO]OPENSSLCONF.H file."
-$     WRITE SYS$OUTPUT "    BUILDINF :  Just build the [.CRYPTO]BUILDINF.H file."
+$     WRITE SYS$OUTPUT "    CONFIG   :  Just build the [.CRYPTO.''ARCH']OPENSSLCONF.H file."
+$     WRITE SYS$OUTPUT "    BUILDINF :  Just build the [.CRYPTO.''ARCH']BUILDINF.H file."
 $     WRITE SYS$OUTPUT "    SOFTLINKS:  Just Fix The Unix soft links."
 $     WRITE SYS$OUTPUT "    BUILDALL :  Same as ALL, except CONFIG, BUILDINF and SOFTILNKS aren't done."
 $     WRITE SYS$OUTPUT "    CRYPTO   :  To Build Just The [.xxx.EXE.CRYPTO]LIBCRYPTO.OLB Library."
@@ -785,11 +834,13 @@ $     WRITE SYS$OUTPUT "    SSL_TASK :  To Build Just The [.xxx.EXE.SSL]SSL_TASK
 $     WRITE SYS$OUTPUT "    TEST     :  To Build Just The OpenSSL Test Programs."
 $     WRITE SYS$OUTPUT "    APPS     :  To Build Just The OpenSSL Application Programs."
 $     WRITE SYS$OUTPUT "    CERT_TOOL:  To Build Just The OpenSSL Certificate Tool (VMS-unique)."
+$     WRITE SYS$OUTPUT "    ENGINES  :  To Build Just The ENGINES"
 $     WRITE SYS$OUTPUT ""
 $     WRITE SYS$OUTPUT " Where 'xxx' Stands For:"
 $     WRITE SYS$OUTPUT ""
-$     WRITE SYS$OUTPUT "        AXP  :  Alpha Architecture."
-$     WRITE SYS$OUTPUT "        VAX  :  VAX Architecture."
+$     WRITE SYS$OUTPUT "    ALPHA    :  Alpha Architecture."
+$     WRITE SYS$OUTPUT "    IA64     :  IA64 Architecture."
+$     WRITE SYS$OUTPUT "    VAX      :  VAX Architecture."
 $     WRITE SYS$OUTPUT ""
 $!
 $!    Time To EXIT.
@@ -1290,3 +1341,6 @@ $ CLEAN_UP_PATH:
 $!
 $ EXIT_PATH:
 $!
+$ SET DEFAULT 'DEF_ORIG'
+$ EXIT
+$!
diff --git a/ms/.cvsignore b/ms/.cvsignore
index 8108335b52..5f8e47bc63 100644
--- a/ms/.cvsignore
+++ b/ms/.cvsignore
@@ -1,3 +1,5 @@
 *.def
 *.mak
 *.out
+*.flc
+semantic.cache
diff --git a/ms/16all.bat b/ms/16all.bat
deleted file mode 100755
index 62ccf78963..0000000000
--- a/ms/16all.bat
+++ /dev/null
@@ -1,15 +0,0 @@
-set OPTS=no_asm
-
-perl Configure VC-WIN16
-perl util\mkfiles.pl >MINFO
-perl util\mk1mf.pl %OPTS% debug VC-WIN16 >d16.mak
-perl util\mk1mf.pl %OPTS% VC-WIN16 >16.mak
-perl util\mk1mf.pl %OPTS% debug dll VC-WIN16 >d16dll.mak
-perl util\mk1mf.pl %OPTS% dll VC-WIN16 >16dll.mak
-perl util\mkdef.pl 16 libeay > ms\libeay32.def
-perl util\mkdef.pl 16 ssleay > ms\ssleay32.def
-
-nmake -f d16.mak
-nmake -f 16.mak
-nmake -f d16dll.mak
-nmake -f 16dll.mak
diff --git a/ms/README b/ms/README
index 5804a2d84a..7a45db1081 100644
--- a/ms/README
+++ b/ms/README
@@ -6,13 +6,8 @@ The results will be in the out directory.
 
 These makefiles and def files were generated my typing
 
-perl util\mk1mf.pl VC-MSDOS no-sock >ms/msdos.mak
-perl util\mk1mf.pl VC-W31-32 >ms/w31.mak
-perl util\mk1mf.pl VC-W31-32 dll >ms/w31dll.mak
 perl util\mk1mf.pl VC-NT >ms/nt.mak
 perl util\mk1mf.pl VC-NT dll >ms/ntdll.mak
 
-perl util\mkdef.pl 16 crypto > ms/crypto16.def
 perl util\mkdef.pl 32 crypto > ms/crypto32.def
-perl util\mkdef.pl 16 ssl > ms/ssl16.def
 perl util\mkdef.pl 32 ssl > ms/ssl32.def
diff --git a/ms/applink.c b/ms/applink.c
index 4333d2639d..54a0a64262 100644
--- a/ms/applink.c
+++ b/ms/applink.c
@@ -8,21 +8,51 @@
 #define APPLINK_FSETMOD	8
 #define APPLINK_FEOF	9
 #define APPLINK_FCLOSE 	10	/* should not be used */
-#define APPLINK_MAX	10	/* always same as last macro */
+
+#define APPLINK_FOPEN	11	/* solely for completeness */
+#define APPLINK_FSEEK	12
+#define APPLINK_FTELL	13
+#define APPLINK_FFLUSH	14
+#define APPLINK_FERROR	15
+#define APPLINK_CLEARERR 16
+#define APPLINK_FILENO	17	/* to be used with below */
+
+#define APPLINK_OPEN	18	/* formally can't be used, as flags can vary */
+#define APPLINK_READ	19
+#define APPLINK_WRITE	20
+#define APPLINK_LSEEK	21
+#define APPLINK_CLOSE	22
+#define APPLINK_MAX	22	/* always same as last macro */
 
 #ifndef APPMACROS_ONLY
 #include <stdio.h>
 #include <io.h>
 #include <fcntl.h>
 
-static void *app_stdin()	{ return stdin;  }
-static void *app_stdout()	{ return stdout; }
-static void *app_stderr()	{ return stderr; }
-static int   app_feof(FILE *fp)	{ return feof(fp); }
+static void *app_stdin(void)		{ return stdin;  }
+static void *app_stdout(void)		{ return stdout; }
+static void *app_stderr(void)		{ return stderr; }
+static int   app_feof(FILE *fp)		{ return feof(fp); }
+static int   app_ferror(FILE *fp)	{ return ferror(fp); }
+static void  app_clearerr(FILE *fp)	{ clearerr(fp); }
+static int   app_fileno(FILE *fp)	{ return _fileno(fp); }
 static int   app_fsetmod(FILE *fp,char mod)
 { return _setmode (_fileno(fp),mod=='b'?_O_BINARY:_O_TEXT); }
 
-__declspec(dllexport) void **OPENSSL_Applink()
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+__declspec(dllexport)
+void **
+#if defined(__BORLANDC__)
+__stdcall	/* __stdcall appears to be the only way to get the name
+		 * decoration right with Borland C. Otherwise it works
+		 * purely incidentally, as we pass no parameters. */
+#else
+__cdecl
+#endif
+OPENSSL_Applink(void)
 { static int once=1;
   static void *OPENSSL_ApplinkTable[APPLINK_MAX+1]={(void *)APPLINK_MAX};
 
@@ -37,9 +67,28 @@ __declspec(dllexport) void **OPENSSL_Applink()
 	OPENSSL_ApplinkTable[APPLINK_FSETMOD]	= app_fsetmod;
 	OPENSSL_ApplinkTable[APPLINK_FEOF]	= app_feof;
 	OPENSSL_ApplinkTable[APPLINK_FCLOSE]	= fclose;
+
+	OPENSSL_ApplinkTable[APPLINK_FOPEN]	= fopen;
+	OPENSSL_ApplinkTable[APPLINK_FSEEK]	= fseek;
+	OPENSSL_ApplinkTable[APPLINK_FTELL]	= ftell;
+	OPENSSL_ApplinkTable[APPLINK_FFLUSH]	= fflush;
+	OPENSSL_ApplinkTable[APPLINK_FERROR]	= app_ferror;
+	OPENSSL_ApplinkTable[APPLINK_CLEARERR]	= app_clearerr;
+	OPENSSL_ApplinkTable[APPLINK_FILENO]	= app_fileno;
+
+	OPENSSL_ApplinkTable[APPLINK_OPEN]	= _open;
+	OPENSSL_ApplinkTable[APPLINK_READ]	= _read;
+	OPENSSL_ApplinkTable[APPLINK_WRITE]	= _write;
+	OPENSSL_ApplinkTable[APPLINK_LSEEK]	= _lseek;
+	OPENSSL_ApplinkTable[APPLINK_CLOSE]	= _close;
+
 	once = 0;
     }
 
   return OPENSSL_ApplinkTable;
 }
+
+#ifdef __cplusplus
+}
+#endif
 #endif
diff --git a/ms/bcb4.bat b/ms/bcb4.bat
index 71a670e794..00fb9e8459 100755
--- a/ms/bcb4.bat
+++ b/ms/bcb4.bat
@@ -1,6 +1,6 @@
-perl Configure BC-32

-perl util\mkfiles.pl > MINFO

-

-@rem create make file

-perl util\mk1mf.pl no-asm BC-NT > bcb.mak

-

+perl Configure BC-32
+perl util\mkfiles.pl > MINFO
+
+@rem create make file
+perl util\mk1mf.pl no-asm BC-NT > bcb.mak
+
diff --git a/ms/do_masm.bat b/ms/do_masm.bat
deleted file mode 100755
index f4c958c561..0000000000
--- a/ms/do_masm.bat
+++ /dev/null
@@ -1,68 +0,0 @@
-@echo off

-echo Generating x86 for MASM assember

-

-echo Bignum

-cd crypto\bn\asm

-perl x86.pl win32 > bn_win32.asm

-cd ..\..\..

-

-echo DES

-cd crypto\des\asm

-perl des-586.pl win32 > d_win32.asm

-cd ..\..\..

-

-echo "crypt(3)"

-

-cd crypto\des\asm

-perl crypt586.pl win32 > y_win32.asm

-cd ..\..\..

-

-echo Blowfish

-

-cd crypto\bf\asm

-perl bf-586.pl win32 > b_win32.asm

-cd ..\..\..

-

-echo CAST5

-cd crypto\cast\asm

-perl cast-586.pl win32 > c_win32.asm

-cd ..\..\..

-

-echo RC4

-cd crypto\rc4\asm

-perl rc4-586.pl win32 > r4_win32.asm

-cd ..\..\..

-

-echo MD5

-cd crypto\md5\asm

-perl md5-586.pl win32 > m5_win32.asm

-cd ..\..\..

-

-echo SHA1

-cd crypto\sha\asm

-perl sha1-586.pl win32 > s1_win32.asm

-cd ..\..\..

-

-echo RIPEMD160

-cd crypto\ripemd\asm

-perl rmd-586.pl win32 > rm_win32.asm

-cd ..\..\..

-

-echo RC5\32

-cd crypto\rc5\asm

-perl rc5-586.pl win32 > r5_win32.asm

-cd ..\..\..

-

-echo on

-

-perl util\mkfiles.pl >MINFO

-rem perl util\mk1mf.pl VC-MSDOS no-sock >ms\msdos.mak

-rem perl util\mk1mf.pl VC-W31-32 >ms\w31.mak

-perl util\mk1mf.pl dll VC-W31-32 >ms\w31dll.mak

-perl util\mk1mf.pl VC-WIN32 >ms\nt.mak

-perl util\mk1mf.pl dll VC-WIN32 >ms\ntdll.mak

-

-perl util\mkdef.pl 16 libeay > ms\libeay16.def

-perl util\mkdef.pl 32 libeay > ms\libeay32.def

-perl util\mkdef.pl 16 ssleay > ms\ssleay16.def

-perl util\mkdef.pl 32 ssleay > ms\ssleay32.def

diff --git a/ms/do_ms.bat b/ms/do_ms.bat
index a8cf515bac..55014d3fc3 100755
--- a/ms/do_ms.bat
+++ b/ms/do_ms.bat
@@ -1,14 +1,11 @@
-

-perl util\mkfiles.pl >MINFO

-rem perl util\mk1mf.pl VC-MSDOS no-sock >ms\msdos.mak

-rem perl util\mk1mf.pl VC-W31-32 >ms\w31.mak

-perl util\mk1mf.pl dll VC-W31-32 >ms\w31dll.mak

-perl util\mk1mf.pl no-asm VC-WIN32 >ms\nt.mak

-perl util\mk1mf.pl dll no-asm VC-WIN32 >ms\ntdll.mak

-perl util\mk1mf.pl no-asm VC-CE >ms\ce.mak

-perl util\mk1mf.pl dll no-asm VC-CE >ms\cedll.mak

-

-perl util\mkdef.pl 16 libeay > ms\libeay16.def

-perl util\mkdef.pl 32 libeay > ms\libeay32.def

-perl util\mkdef.pl 16 ssleay > ms\ssleay16.def

-perl util\mkdef.pl 32 ssleay > ms\ssleay32.def

+
+perl util\mkfiles.pl >MINFO
+perl util\mk1mf.pl no-asm VC-WIN32 >ms\nt.mak
+perl util\mk1mf.pl dll no-asm VC-WIN32 >ms\ntdll.mak
+if x%OSVERSION% == x goto skipce
+perl util\mk1mf.pl no-asm VC-CE >ms\ce.mak
+perl util\mk1mf.pl dll no-asm VC-CE >ms\cedll.mak
+:skipce
+
+perl util\mkdef.pl 32 libeay > ms\libeay32.def
+perl util\mkdef.pl 32 ssleay > ms\ssleay32.def
diff --git a/ms/do_nasm.bat b/ms/do_nasm.bat
index 557f8a66d7..7b3f3edbf0 100755
--- a/ms/do_nasm.bat
+++ b/ms/do_nasm.bat
@@ -1,70 +1,8 @@
-

-@echo off

-echo Generating x86 for NASM assember

-

-echo Bignum

-cd crypto\bn\asm

-perl x86.pl win32n > bn_win32.asm

-cd ..\..\..

-

-echo DES

-cd crypto\des\asm

-perl des-586.pl win32n > d_win32.asm

-cd ..\..\..

-

-echo "crypt(3)"

-

-cd crypto\des\asm

-perl crypt586.pl win32n > y_win32.asm

-cd ..\..\..

-

-echo Blowfish

-

-cd crypto\bf\asm

-perl bf-586.pl win32n > b_win32.asm

-cd ..\..\..

-

-echo CAST5

-cd crypto\cast\asm

-perl cast-586.pl win32n > c_win32.asm

-cd ..\..\..

-

-echo RC4

-cd crypto\rc4\asm

-perl rc4-586.pl win32n > r4_win32.asm

-cd ..\..\..

-

-echo MD5

-cd crypto\md5\asm

-perl md5-586.pl win32n > m5_win32.asm

-cd ..\..\..

-

-echo SHA1

-cd crypto\sha\asm

-perl sha1-586.pl win32n > s1_win32.asm

-cd ..\..\..

-

-echo RIPEMD160

-cd crypto\ripemd\asm

-perl rmd-586.pl win32n > rm_win32.asm

-cd ..\..\..

-

-echo RC5\32

-cd crypto\rc5\asm

-perl rc5-586.pl win32n > r5_win32.asm

-cd ..\..\..

-

-echo on

-

-perl util\mkfiles.pl >MINFO

-rem perl util\mk1mf.pl VC-MSDOS no-sock >ms\msdos.mak

-rem perl util\mk1mf.pl VC-W31-32 >ms\w31.mak

-perl util\mk1mf.pl dll VC-W31-32 >ms\w31dll.mak

-perl util\mk1mf.pl nasm VC-WIN32 >ms\nt.mak

-perl util\mk1mf.pl dll nasm VC-WIN32 >ms\ntdll.mak

-perl util\mk1mf.pl nasm BC-NT >ms\bcb.mak

-

-perl util\mkdef.pl 16 libeay > ms\libeay16.def

-perl util\mkdef.pl 32 libeay > ms\libeay32.def

-perl util\mkdef.pl 16 ssleay > ms\ssleay16.def

-perl util\mkdef.pl 32 ssleay > ms\ssleay32.def

+
+perl util\mkfiles.pl >MINFO
+perl util\mk1mf.pl nasm VC-WIN32 >ms\nt.mak
+perl util\mk1mf.pl dll nasm VC-WIN32 >ms\ntdll.mak
+perl util\mk1mf.pl nasm BC-NT >ms\bcb.mak
+
+perl util\mkdef.pl 32 libeay > ms\libeay32.def
+perl util\mkdef.pl 32 ssleay > ms\ssleay32.def
diff --git a/ms/do_nt.bat b/ms/do_nt.bat
index 9c06c27caa..e2d525e05d 100755
--- a/ms/do_nt.bat
+++ b/ms/do_nt.bat
@@ -1,7 +1,7 @@
-

-perl util\mkfiles.pl >MINFO

-perl util\mk1mf.pl no-asm VC-NT >ms\nt.mak

-perl util\mk1mf.pl dll no-asm VC-NT >ms\ntdll.mak

-

-perl util\mkdef.pl libeay NT > ms\libeay32.def

-perl util\mkdef.pl ssleay NT > ms\ssleay32.def

+
+perl util\mkfiles.pl >MINFO
+perl util\mk1mf.pl no-asm VC-NT >ms\nt.mak
+perl util\mk1mf.pl dll no-asm VC-NT >ms\ntdll.mak
+
+perl util\mkdef.pl libeay NT > ms\libeay32.def
+perl util\mkdef.pl ssleay NT > ms\ssleay32.def
diff --git a/ms/do_win64a.bat b/ms/do_win64a.bat
new file mode 100755
index 0000000000..42723f6a58
--- /dev/null
+++ b/ms/do_win64a.bat
@@ -0,0 +1,19 @@
+perl util\mkfiles.pl >MINFO
+
+cmd /c "nasm -f win64 -v" >NUL: 2>&1
+if %errorlevel% neq 0 goto ml64
+
+perl ms\uplink-x86_64.pl nasm > ms\uptable.asm
+nasm -f win64 -o ms\uptable.obj ms\uptable.asm
+goto proceed
+
+:ml64
+perl ms\uplink-x86_64.pl masm > ms\uptable.asm
+ml64 -c -Foms\uptable.obj ms\uptable.asm
+
+:proceed
+perl util\mk1mf.pl no-asm VC-WIN64A >ms\nt.mak
+perl util\mk1mf.pl dll no-asm VC-WIN64A >ms\ntdll.mak
+
+perl util\mkdef.pl 32 libeay > ms\libeay32.def
+perl util\mkdef.pl 32 ssleay > ms\ssleay32.def
diff --git a/ms/do_win64i.bat b/ms/do_win64i.bat
new file mode 100755
index 0000000000..1aa3d281ba
--- /dev/null
+++ b/ms/do_win64i.bat
@@ -0,0 +1,9 @@
+
+perl util\mkfiles.pl >MINFO
+perl ms\uplink-ia64.pl > ms\uptable.asm
+ias -o ms\uptable.obj ms\uptable.asm
+perl util\mk1mf.pl no-asm VC-WIN64I >ms\nt.mak
+perl util\mk1mf.pl dll no-asm VC-WIN64I >ms\ntdll.mak
+
+perl util\mkdef.pl 32 libeay > ms\libeay32.def
+perl util\mkdef.pl 32 ssleay > ms\ssleay32.def
diff --git a/ms/mingw32.bat b/ms/mingw32.bat
index 8c7c63e0f2..06b5733878 100644
--- a/ms/mingw32.bat
+++ b/ms/mingw32.bat
@@ -1,90 +1,90 @@
-@rem OpenSSL with Mingw32+GNU as

-@rem ---------------------------

-

-perl Configure mingw %1 %2 %3 %4 %5 %6 %7 %8

-

-@echo off

-

-perl -e "exit 1 if '%1' eq 'no-asm'"

-if errorlevel 1 goto noasm

-

-echo Generating x86 for GNU assember

-

-echo Bignum

-cd crypto\bn\asm

-perl bn-586.pl gaswin > bn-win32.s

-perl co-586.pl gaswin > co-win32.s

-cd ..\..\..

-

-echo DES

-cd crypto\des\asm

-perl des-586.pl gaswin > d-win32.s

-cd ..\..\..

-

-echo crypt

-cd crypto\des\asm

-perl crypt586.pl gaswin > y-win32.s

-cd ..\..\..

-

-echo Blowfish

-cd crypto\bf\asm

-perl bf-586.pl gaswin > b-win32.s

-cd ..\..\..

-

-echo CAST5

-cd crypto\cast\asm

-perl cast-586.pl gaswin > c-win32.s

-cd ..\..\..

-

-echo RC4

-cd crypto\rc4\asm

-perl rc4-586.pl gaswin > r4-win32.s

-cd ..\..\..

-

-echo MD5

-cd crypto\md5\asm

-perl md5-586.pl gaswin > m5-win32.s

-cd ..\..\..

-

-echo SHA1

-cd crypto\sha\asm

-perl sha1-586.pl gaswin > s1-win32.s

-cd ..\..\..

-

-echo RIPEMD160

-cd crypto\ripemd\asm

-perl rmd-586.pl gaswin > rm-win32.s

-cd ..\..\..

-

-echo RC5\32

-cd crypto\rc5\asm

-perl rc5-586.pl gaswin > r5-win32.s

-cd ..\..\..

-

-:noasm

-

-echo Generating makefile

-perl util\mkfiles.pl >MINFO

-perl util\mk1mf.pl gaswin Mingw32 >ms\mingw32a.mak

-echo Generating DLL definition files

-perl util\mkdef.pl 32 libeay >ms\libeay32.def

-if errorlevel 1 goto end

-perl util\mkdef.pl 32 ssleay >ms\ssleay32.def

-if errorlevel 1 goto end

-

-rem copy ms\tlhelp32.h outinc

-

-echo Building the libraries

-mingw32-make -f ms/mingw32a.mak

-if errorlevel 1 goto end

-

-echo Generating the DLLs and input libraries

-dllwrap --dllname libeay32.dll --output-lib out/libeay32.a --def ms/libeay32.def out/libcrypto.a -lwsock32 -lgdi32

-if errorlevel 1 goto end

-dllwrap --dllname libssl32.dll --output-lib out/libssl32.a --def ms/ssleay32.def out/libssl.a out/libeay32.a

-if errorlevel 1 goto end

-

-echo Done compiling OpenSSL

-

-:end

-

+@rem OpenSSL with Mingw32+GNU as
+@rem ---------------------------
+
+perl Configure mingw %1 %2 %3 %4 %5 %6 %7 %8
+
+@echo off
+
+perl -e "exit 1 if '%1' eq 'no-asm'"
+if errorlevel 1 goto noasm
+
+echo Generating x86 for GNU assember
+
+echo Bignum
+cd crypto\bn\asm
+perl bn-586.pl gaswin > bn-win32.s
+perl co-586.pl gaswin > co-win32.s
+cd ..\..\..
+
+echo DES
+cd crypto\des\asm
+perl des-586.pl gaswin > d-win32.s
+cd ..\..\..
+
+echo crypt
+cd crypto\des\asm
+perl crypt586.pl gaswin > y-win32.s
+cd ..\..\..
+
+echo Blowfish
+cd crypto\bf\asm
+perl bf-586.pl gaswin > b-win32.s
+cd ..\..\..
+
+echo CAST5
+cd crypto\cast\asm
+perl cast-586.pl gaswin > c-win32.s
+cd ..\..\..
+
+echo RC4
+cd crypto\rc4\asm
+perl rc4-586.pl gaswin > r4-win32.s
+cd ..\..\..
+
+echo MD5
+cd crypto\md5\asm
+perl md5-586.pl gaswin > m5-win32.s
+cd ..\..\..
+
+echo SHA1
+cd crypto\sha\asm
+perl sha1-586.pl gaswin > s1-win32.s
+cd ..\..\..
+
+echo RIPEMD160
+cd crypto\ripemd\asm
+perl rmd-586.pl gaswin > rm-win32.s
+cd ..\..\..
+
+echo RC5\32
+cd crypto\rc5\asm
+perl rc5-586.pl gaswin > r5-win32.s
+cd ..\..\..
+
+:noasm
+
+echo Generating makefile
+perl util\mkfiles.pl >MINFO
+perl util\mk1mf.pl gaswin Mingw32 >ms\mingw32a.mak
+echo Generating DLL definition files
+perl util\mkdef.pl 32 libeay >ms\libeay32.def
+if errorlevel 1 goto end
+perl util\mkdef.pl 32 ssleay >ms\ssleay32.def
+if errorlevel 1 goto end
+
+rem copy ms\tlhelp32.h outinc
+
+echo Building the libraries
+mingw32-make -f ms/mingw32a.mak
+if errorlevel 1 goto end
+
+echo Generating the DLLs and input libraries
+dllwrap --dllname libeay32.dll --output-lib out/libeay32.a --def ms/libeay32.def out/libcrypto.a -lws2_32 -lgdi32
+if errorlevel 1 goto end
+dllwrap --dllname libssl32.dll --output-lib out/libssl32.a --def ms/ssleay32.def out/libssl.a out/libeay32.a
+if errorlevel 1 goto end
+
+echo Done compiling OpenSSL
+
+:end
+
diff --git a/ms/mw.bat b/ms/mw.bat
index c5ccd693e3..35e00a4508 100644
--- a/ms/mw.bat
+++ b/ms/mw.bat
@@ -1,26 +1,26 @@
-@rem OpenSSL with Mingw32

-@rem --------------------

-

-@rem Makefile

-perl util\mkfiles.pl >MINFO

-perl util\mk1mf.pl Mingw32 >ms\mingw32.mak

-@rem DLL definition files

-perl util\mkdef.pl 32 libeay >ms\libeay32.def

-if errorlevel 1 goto end

-perl util\mkdef.pl 32 ssleay >ms\ssleay32.def

-if errorlevel 1 goto end

-

-@rem Build the libraries

-make -f ms/mingw32.mak

-if errorlevel 1 goto end

-

-@rem Generate the DLLs and input libraries

-dllwrap --dllname libeay32.dll --output-lib out/libeay32.a --def ms/libeay32.def out/libcrypto.a -lwsock32 -lgdi32

-if errorlevel 1 goto end

-dllwrap --dllname libssl32.dll --output-lib out/libssl32.a --def ms/ssleay32.def out/libssl.a out/libeay32.a

-if errorlevel 1 goto end

-

-echo Done compiling OpenSSL

-

-:end

-

+@rem OpenSSL with Mingw32
+@rem --------------------
+
+@rem Makefile
+perl util\mkfiles.pl >MINFO
+perl util\mk1mf.pl Mingw32 >ms\mingw32.mak
+@rem DLL definition files
+perl util\mkdef.pl 32 libeay >ms\libeay32.def
+if errorlevel 1 goto end
+perl util\mkdef.pl 32 ssleay >ms\ssleay32.def
+if errorlevel 1 goto end
+
+@rem Build the libraries
+make -f ms/mingw32.mak
+if errorlevel 1 goto end
+
+@rem Generate the DLLs and input libraries
+dllwrap --dllname libeay32.dll --output-lib out/libeay32.a --def ms/libeay32.def out/libcrypto.a -lws2_32 -lgdi32
+if errorlevel 1 goto end
+dllwrap --dllname libssl32.dll --output-lib out/libssl32.a --def ms/ssleay32.def out/libssl.a out/libeay32.a
+if errorlevel 1 goto end
+
+echo Done compiling OpenSSL
+
+:end
+
diff --git a/ms/speed16.bat b/ms/speed16.bat
deleted file mode 100755
index 7ff08851a2..0000000000
--- a/ms/speed16.bat
+++ /dev/null
@@ -1,38 +0,0 @@
-set makefile=ms\dos.bat
-
-perl Configure b
-del tmp\*.obj
-nmake -f %makefile%
-nmake -f %makefile%
-nmake -f %makefile%
-out\ssleay version -v -b -f >speed.1
-out\ssleay speed >speed.1l
-
-perl Configure bl-4c-2c
-del tmp\rc4*.obj tmp\bn*.obj tmp\md2_dgst.obj
-nmake -f %makefile%
-nmake -f %makefile%
-nmake -f %makefile%
-out\ssleay speed rc4 rsa md2 >speed.2l
-
-perl Configure bl-4c-ri
-del tmp\rc4*.obj
-nmake -f %makefile%
-nmake -f %makefile%
-nmake -f %makefile%
-out\ssleay speed rc4 >speed.3l
-
-perl Configure b2-is-ri-dp
-perl util\mk1mf.pl VC-MSDOS no-asm >m2
-del tmp\i_*.obj tmp\rc4*.obj tmp\ecb_enc.obj tmp\bn*.obj
-nmake -f m2
-nmake -f m2
-nmake -f m2
-out\ssleay speed rsa rc4 idea des >speed.4l
-
-type speed.1 >speed.log
-type speed.1l >>speed.log
-perl util\sp-diff.pl speed.1l speed.2l >>speed.log
-perl util\sp-diff.pl speed.1l speed.3l >>speed.log
-perl util\sp-diff.pl speed.1l speed.4l >>speed.log
-
diff --git a/ms/tenc.bat b/ms/tenc.bat
index 466fdfccbf..a4fa7f3652 100755
--- a/ms/tenc.bat
+++ b/ms/tenc.bat
@@ -1,14 +1,14 @@
-rem called by testenc

-

-echo test %1 %2 %3 %4 %5 %6 

-%ssleay% %1 %2 %3 %4 %5 %6 -e -bufsize 113 -k test -in %input% -out %tmp1%

-%ssleay% %1 %2 %3 %4 %5 %6 -d -bufsize 157 -k test -in %tmp1% -out %out1%

-%cmp% %input% %out1%

-if errorlevel 1 goto err

-

-echo test base64 %1 %2 %3 %4 %5 %6 

-%ssleay% %1 %2 %3 %4 %5 %6 -a -e -bufsize 113 -k test -in %input% -out %tmp1%

-%ssleay% %1 %2 %3 %4 %5 %6 -a -d -bufsize 157 -k test -in %tmp1% -out %out1%

-%cmp% %input% %out1%

-

-:err

+rem called by testenc
+
+echo test %1 %2 %3 %4 %5 %6 
+%ssleay% %1 %2 %3 %4 %5 %6 -e -bufsize 113 -k test -in %input% -out %tmp1%
+%ssleay% %1 %2 %3 %4 %5 %6 -d -bufsize 157 -k test -in %tmp1% -out %out1%
+%cmp% %input% %out1%
+if errorlevel 1 goto err
+
+echo test base64 %1 %2 %3 %4 %5 %6 
+%ssleay% %1 %2 %3 %4 %5 %6 -a -e -bufsize 113 -k test -in %input% -out %tmp1%
+%ssleay% %1 %2 %3 %4 %5 %6 -a -d -bufsize 157 -k test -in %tmp1% -out %out1%
+%cmp% %input% %out1%
+
+:err
diff --git a/ms/tencce.bat b/ms/tencce.bat
index 6a944d7671..c8b1acd4b4 100644
--- a/ms/tencce.bat
+++ b/ms/tencce.bat
@@ -1,19 +1,19 @@
-rem called by testencce

-

-echo test %1 %2 %3 %4 %5 %6 

-cecopy %input% CE:\OpenSSL

-cerun CE:\OpenSSL\%ssleay% %1 %2 %3 %4 %5 %6 -e -bufsize 113 -k test -in \OpenSSL\%input% -out \OpenSSL\%tmp1%

-cerun CE:\OpenSSL\%ssleay% %1 %2 %3 %4 %5 %6 -d -bufsize 157 -k test -in \OpenSSL\%tmp1% -out \OpenSSL\%out1%

-del %out1% >nul 2>&1

-cecopy CE:\OpenSSL\%out1% .

-%cmp% %input% %out1%

-if errorlevel 1 goto err

-

-echo test base64 %1 %2 %3 %4 %5 %6 

-cerun CE:\OpenSSL\%ssleay% %1 %2 %3 %4 %5 %6 -a -e -bufsize 113 -k test -in \OpenSSL\%input% -out \OpenSSL\%tmp1%

-cerun CE:\OpenSSL\%ssleay% %1 %2 %3 %4 %5 %6 -a -d -bufsize 157 -k test -in \OpenSSL\%tmp1% -out \OpenSSL\%out1%

-del %out1% >nul 2>&1

-cecopy CE:\OpenSSL\%out1% .

-%cmp% %input% %out1%

-

-:err

+rem called by testencce
+
+echo test %1 %2 %3 %4 %5 %6 
+cecopy %input% CE:\OpenSSL
+cerun CE:\OpenSSL\%ssleay% %1 %2 %3 %4 %5 %6 -e -bufsize 113 -k test -in \OpenSSL\%input% -out \OpenSSL\%tmp1%
+cerun CE:\OpenSSL\%ssleay% %1 %2 %3 %4 %5 %6 -d -bufsize 157 -k test -in \OpenSSL\%tmp1% -out \OpenSSL\%out1%
+del %out1% >nul 2>&1
+cecopy CE:\OpenSSL\%out1% .
+%cmp% %input% %out1%
+if errorlevel 1 goto err
+
+echo test base64 %1 %2 %3 %4 %5 %6 
+cerun CE:\OpenSSL\%ssleay% %1 %2 %3 %4 %5 %6 -a -e -bufsize 113 -k test -in \OpenSSL\%input% -out \OpenSSL\%tmp1%
+cerun CE:\OpenSSL\%ssleay% %1 %2 %3 %4 %5 %6 -a -d -bufsize 157 -k test -in \OpenSSL\%tmp1% -out \OpenSSL\%out1%
+del %out1% >nul 2>&1
+cecopy CE:\OpenSSL\%out1% .
+%cmp% %input% %out1%
+
+:err
diff --git a/ms/test.bat b/ms/test.bat
index 7fb0442147..f490546ebb 100755
--- a/ms/test.bat
+++ b/ms/test.bat
@@ -1,199 +1,185 @@
-@echo off

-

-set test=..\ms

-set opath=%PATH%

-PATH=..\ms;%PATH%

-set OPENSSL_CONF=..\apps\openssl.cnf

-

-rem run this from inside the bin directory

-

-echo rsa_test

-rsa_test

-if errorlevel 1 goto done

-

-echo destest

-destest

-if errorlevel 1 goto done

-

-echo ideatest

-ideatest

-if errorlevel 1 goto done

-

-echo bftest

-bftest

-if errorlevel 1 goto done

-

-echo shatest

-shatest

-if errorlevel 1 goto done

-

-echo sha1test

-sha1test

-if errorlevel 1 goto done

-

-echo md5test

-md5test

-if errorlevel 1 goto done

-

-echo md2test

-md2test

-if errorlevel 1 goto done

-

-echo mdc2test

-mdc2test

-if errorlevel 1 goto done

-

-echo rc2test

-rc2test

-if errorlevel 1 goto done

-

-echo rc4test

-rc4test

-if errorlevel 1 goto done

-

-echo randtest

-randtest

-if errorlevel 1 goto done

-

-echo dhtest

-dhtest

-if errorlevel 1 goto done

-

-echo exptest

-exptest

-if errorlevel 1 goto done

-

-echo dsatest

-dsatest

-if errorlevel 1 goto done

-

-echo ectest

-ectest

-if errorlevel 1 goto done

-

-echo testenc

-call %test%\testenc openssl

-if errorlevel 1 goto done

-

-echo testpem

-call %test%\testpem openssl

-if errorlevel 1 goto done

-

-echo verify

-copy ..\certs\*.pem cert.tmp >nul

-openssl verify -CAfile cert.tmp ..\certs\*.pem

-

-echo testss

-call %test%\testss openssl

-if errorlevel 1 goto done

-

-set SSL_TEST=ssltest -key keyU.ss -cert certU.ss -c_key keyU.ss -c_cert certU.ss -CAfile certCA.ss

-

-echo test sslv2

-ssltest -ssl2

-if errorlevel 1 goto done

-

-echo test sslv2 with server authentication

-%SSL_TEST% -ssl2 -server_auth

-if errorlevel 1 goto done

-

-echo test sslv2 with client authentication

-%SSL_TEST% -ssl2 -client_auth

-if errorlevel 1 goto done

-

-echo test sslv2 with both client and server authentication

-%SSL_TEST% -ssl2 -server_auth -client_auth

-if errorlevel 1 goto done

-

-echo test sslv3

-ssltest -ssl3

-if errorlevel 1 goto done

-

-echo test sslv3 with server authentication

-%SSL_TEST% -ssl3 -server_auth

-if errorlevel 1 goto done

-

-echo test sslv3 with client authentication

-%SSL_TEST% -ssl3 -client_auth

-if errorlevel 1 goto done

-

-echo test sslv3 with both client and server authentication

-%SSL_TEST% -ssl3 -server_auth -client_auth

-if errorlevel 1 goto done

-

-echo test sslv2/sslv3

-ssltest

-if errorlevel 1 goto done

-

-echo test sslv2/sslv3 with server authentication

-%SSL_TEST% -server_auth

-if errorlevel 1 goto done

-

-echo test sslv2/sslv3 with client authentication

-%SSL_TEST% -client_auth

-if errorlevel 1 goto done

-

-echo test sslv2/sslv3 with both client and server authentication

-%SSL_TEST% -server_auth -client_auth

-if errorlevel 1 goto done

-

-echo test sslv2 via BIO pair

-ssltest -bio_pair -ssl2

-if errorlevel 1 goto done

-

-echo test sslv2/sslv3 with 1024 bit DHE via BIO pair

-ssltest -bio_pair -dhe1024dsa -v

-if errorlevel 1 goto done

-

-echo test sslv2 with server authentication via BIO pair

-%SSL_TEST% -bio_pair -ssl2 -server_auth

-if errorlevel 1 goto done

-

-echo test sslv2 with client authentication via BIO pair

-%SSL_TEST% -bio_pair -ssl2 -client_auth

-if errorlevel 1 goto done

-

-echo test sslv2 with both client and server authentication via BIO pair

-%SSL_TEST% -bio_pair -ssl2 -server_auth -client_auth

-if errorlevel 1 goto done

-

-echo test sslv3 via BIO pair

-ssltest -bio_pair -ssl3

-if errorlevel 1 goto done

-

-echo test sslv3 with server authentication via BIO pair

-%SSL_TEST% -bio_pair -ssl3 -server_auth

-if errorlevel 1 goto done

-

-echo test sslv3 with client authentication  via BIO pair

-%SSL_TEST% -bio_pair -ssl3 -client_auth

-if errorlevel 1 goto done

-

-echo test sslv3 with both client and server authentication via BIO pair

-%SSL_TEST% -bio_pair -ssl3 -server_auth -client_auth

-if errorlevel 1 goto done

-

-echo test sslv2/sslv3 via BIO pair

-ssltest -bio_pair

-if errorlevel 1 goto done

-

-echo test sslv2/sslv3 with server authentication

-%SSL_TEST% -bio_pair -server_auth

-if errorlevel 1 goto done

-

-echo test sslv2/sslv3 with client authentication via BIO pair

-%SSL_TEST% -bio_pair -client_auth

-if errorlevel 1 goto done

-

-echo test sslv2/sslv3 with both client and server authentication via BIO pair

-%SSL_TEST% -bio_pair -server_auth -client_auth

-if errorlevel 1 goto done

-

-del cert.tmp

-

-echo passed all tests

-goto end

-:done

-echo problems.....

-:end

-PATH=%opath%

+@echo off
+
+set test=..\ms
+set opath=%PATH%
+PATH=..\ms;%PATH%
+set OPENSSL_CONF=..\apps\openssl.cnf
+
+rem run this from inside the bin directory
+
+echo rsa_test
+rsa_test
+if errorlevel 1 goto done
+
+echo destest
+destest
+if errorlevel 1 goto done
+
+echo ideatest
+ideatest
+if errorlevel 1 goto done
+
+echo bftest
+bftest
+if errorlevel 1 goto done
+
+echo shatest
+shatest
+if errorlevel 1 goto done
+
+echo sha1test
+sha1test
+if errorlevel 1 goto done
+
+echo md5test
+md5test
+if errorlevel 1 goto done
+
+echo rc2test
+rc2test
+if errorlevel 1 goto done
+
+echo rc4test
+rc4test
+if errorlevel 1 goto done
+
+echo randtest
+randtest
+if errorlevel 1 goto done
+
+echo dhtest
+dhtest
+if errorlevel 1 goto done
+
+echo exptest
+exptest
+if errorlevel 1 goto done
+
+echo dsatest
+dsatest
+if errorlevel 1 goto done
+
+echo ectest
+ectest
+if errorlevel 1 goto done
+
+echo testenc
+call %test%\testenc openssl
+if errorlevel 1 goto done
+
+echo testpem
+call %test%\testpem openssl
+if errorlevel 1 goto done
+
+echo testss
+call %test%\testss openssl
+if errorlevel 1 goto done
+
+set SSL_TEST=ssltest -key keyU.ss -cert certU.ss -c_key keyU.ss -c_cert certU.ss -CAfile certCA.ss
+
+echo test sslv2
+ssltest -ssl2
+if errorlevel 1 goto done
+
+echo test sslv2 with server authentication
+%SSL_TEST% -ssl2 -server_auth
+if errorlevel 1 goto done
+
+echo test sslv2 with client authentication
+%SSL_TEST% -ssl2 -client_auth
+if errorlevel 1 goto done
+
+echo test sslv2 with both client and server authentication
+%SSL_TEST% -ssl2 -server_auth -client_auth
+if errorlevel 1 goto done
+
+echo test sslv3
+ssltest -ssl3
+if errorlevel 1 goto done
+
+echo test sslv3 with server authentication
+%SSL_TEST% -ssl3 -server_auth
+if errorlevel 1 goto done
+
+echo test sslv3 with client authentication
+%SSL_TEST% -ssl3 -client_auth
+if errorlevel 1 goto done
+
+echo test sslv3 with both client and server authentication
+%SSL_TEST% -ssl3 -server_auth -client_auth
+if errorlevel 1 goto done
+
+echo test sslv2/sslv3
+ssltest
+if errorlevel 1 goto done
+
+echo test sslv2/sslv3 with server authentication
+%SSL_TEST% -server_auth
+if errorlevel 1 goto done
+
+echo test sslv2/sslv3 with client authentication
+%SSL_TEST% -client_auth
+if errorlevel 1 goto done
+
+echo test sslv2/sslv3 with both client and server authentication
+%SSL_TEST% -server_auth -client_auth
+if errorlevel 1 goto done
+
+echo test sslv2 via BIO pair
+ssltest -bio_pair -ssl2
+if errorlevel 1 goto done
+
+echo test sslv2/sslv3 with 1024 bit DHE via BIO pair
+ssltest -bio_pair -dhe1024dsa -v
+if errorlevel 1 goto done
+
+echo test sslv2 with server authentication via BIO pair
+%SSL_TEST% -bio_pair -ssl2 -server_auth
+if errorlevel 1 goto done
+
+echo test sslv2 with client authentication via BIO pair
+%SSL_TEST% -bio_pair -ssl2 -client_auth
+if errorlevel 1 goto done
+
+echo test sslv2 with both client and server authentication via BIO pair
+%SSL_TEST% -bio_pair -ssl2 -server_auth -client_auth
+if errorlevel 1 goto done
+
+echo test sslv3 via BIO pair
+ssltest -bio_pair -ssl3
+if errorlevel 1 goto done
+
+echo test sslv3 with server authentication via BIO pair
+%SSL_TEST% -bio_pair -ssl3 -server_auth
+if errorlevel 1 goto done
+
+echo test sslv3 with client authentication  via BIO pair
+%SSL_TEST% -bio_pair -ssl3 -client_auth
+if errorlevel 1 goto done
+
+echo test sslv3 with both client and server authentication via BIO pair
+%SSL_TEST% -bio_pair -ssl3 -server_auth -client_auth
+if errorlevel 1 goto done
+
+echo test sslv2/sslv3 via BIO pair
+ssltest -bio_pair
+if errorlevel 1 goto done
+
+echo test sslv2/sslv3 with server authentication
+%SSL_TEST% -bio_pair -server_auth
+if errorlevel 1 goto done
+
+echo test sslv2/sslv3 with client authentication via BIO pair
+%SSL_TEST% -bio_pair -client_auth
+if errorlevel 1 goto done
+
+echo test sslv2/sslv3 with both client and server authentication via BIO pair
+%SSL_TEST% -bio_pair -server_auth -client_auth
+if errorlevel 1 goto done
+
+echo passed all tests
+goto end
+:done
+echo problems.....
+:end
+PATH=%opath%
diff --git a/ms/testenc.bat b/ms/testenc.bat
index 4b99bd5895..f8e90939ed 100755
--- a/ms/testenc.bat
+++ b/ms/testenc.bat
@@ -1,94 +1,94 @@
-@echo off

-echo start testenc

-

-path=..\ms;%path%

-set ssleay=%1%

-set input=..\ms\testenc.bat

-set tmp1=..\ms\cipher.out

-set out1=..\ms\clear.out

-set cmp=perl ..\ms\cmp.pl

-

-cd

-call tenc.bat enc

-if errorlevel 1 goto err

-

-call tenc.bat rc4

-if errorlevel 1 goto err

-

-call tenc.bat des-cfb

-if errorlevel 1 goto err

-

-call tenc.bat des-ede-cfb

-if errorlevel 1 goto err

-

-call tenc.bat des-ede3-cfb

-if errorlevel 1 goto err

-

-call tenc.bat des-ofb

-if errorlevel 1 goto err

-

-call tenc.bat des-ede-ofb

-if errorlevel 1 goto err

-

-call tenc.bat des-ede3-ofb

-if errorlevel 1 goto err

-

-call tenc.bat des-ecb

-if errorlevel 1 goto err

-

-call tenc.bat des-ede

-if errorlevel 1 goto err

-

-call tenc.bat des-ede3

-if errorlevel 1 goto err

-

-call tenc.bat des-cbc

-if errorlevel 1 goto err

-

-call tenc.bat des-ede-cbc

-if errorlevel 1 goto err

-

-call tenc.bat des-ede3-cbc

-if errorlevel 1 goto err

-

-call tenc.bat idea-ecb

-if errorlevel 1 goto err

-

-call tenc.bat idea-cfb

-if errorlevel 1 goto err

-

-call tenc.bat idea-ofb

-if errorlevel 1 goto err

-

-call tenc.bat idea-cbc

-if errorlevel 1 goto err

-

-call tenc.bat rc2-ecb

-if errorlevel 1 goto err

-

-call tenc.bat rc2-cfb

-if errorlevel 1 goto err

-

-call tenc.bat rc2-ofb

-if errorlevel 1 goto err

-

-call tenc.bat rc2-cbc

-if errorlevel 1 goto err

-

-call tenc.bat bf-ecb

-if errorlevel 1 goto err

-

-call tenc.bat bf-cfb

-if errorlevel 1 goto err

-

-call tenc.bat bf-ofb

-if errorlevel 1 goto err

-

-call tenc.bat bf-cbc

-if errorlevel 1 goto err

-

-echo OK

-del %out1%

-del %tmp1%

-:err

-

+@echo off
+echo start testenc
+
+path=..\ms;%path%
+set ssleay=%1%
+set input=..\ms\testenc.bat
+set tmp1=..\ms\cipher.out
+set out1=..\ms\clear.out
+set cmp=perl ..\ms\cmp.pl
+
+cd
+call tenc.bat enc
+if errorlevel 1 goto err
+
+call tenc.bat rc4
+if errorlevel 1 goto err
+
+call tenc.bat des-cfb
+if errorlevel 1 goto err
+
+call tenc.bat des-ede-cfb
+if errorlevel 1 goto err
+
+call tenc.bat des-ede3-cfb
+if errorlevel 1 goto err
+
+call tenc.bat des-ofb
+if errorlevel 1 goto err
+
+call tenc.bat des-ede-ofb
+if errorlevel 1 goto err
+
+call tenc.bat des-ede3-ofb
+if errorlevel 1 goto err
+
+call tenc.bat des-ecb
+if errorlevel 1 goto err
+
+call tenc.bat des-ede
+if errorlevel 1 goto err
+
+call tenc.bat des-ede3
+if errorlevel 1 goto err
+
+call tenc.bat des-cbc
+if errorlevel 1 goto err
+
+call tenc.bat des-ede-cbc
+if errorlevel 1 goto err
+
+call tenc.bat des-ede3-cbc
+if errorlevel 1 goto err
+
+call tenc.bat idea-ecb
+if errorlevel 1 goto err
+
+call tenc.bat idea-cfb
+if errorlevel 1 goto err
+
+call tenc.bat idea-ofb
+if errorlevel 1 goto err
+
+call tenc.bat idea-cbc
+if errorlevel 1 goto err
+
+call tenc.bat rc2-ecb
+if errorlevel 1 goto err
+
+call tenc.bat rc2-cfb
+if errorlevel 1 goto err
+
+call tenc.bat rc2-ofb
+if errorlevel 1 goto err
+
+call tenc.bat rc2-cbc
+if errorlevel 1 goto err
+
+call tenc.bat bf-ecb
+if errorlevel 1 goto err
+
+call tenc.bat bf-cfb
+if errorlevel 1 goto err
+
+call tenc.bat bf-ofb
+if errorlevel 1 goto err
+
+call tenc.bat bf-cbc
+if errorlevel 1 goto err
+
+echo OK
+del %out1%
+del %tmp1%
+:err
+
diff --git a/ms/testencce.bat b/ms/testencce.bat
index 04faa5d99b..1da3e0861f 100644
--- a/ms/testencce.bat
+++ b/ms/testencce.bat
@@ -1,97 +1,97 @@
-@echo off

-echo start testenc

-

-path=..\ms;%path%

-set ssleay=%1%

-copy ..\ms\testenc.bat >nul

-set input=testenc.bat

-set tmp1=cipher.out

-set out1=clear.out

-set cmp=perl ..\ms\cmp.pl

-

-cecopy %ssleay% CE:\OpenSSL

-

-cd

-call tencce.bat enc

-if errorlevel 1 goto err

-

-call tencce.bat rc4

-if errorlevel 1 goto err

-

-call tencce.bat des-cfb

-if errorlevel 1 goto err

-

-call tencce.bat des-ede-cfb

-if errorlevel 1 goto err

-

-call tencce.bat des-ede3-cfb

-if errorlevel 1 goto err

-

-call tencce.bat des-ofb

-if errorlevel 1 goto err

-

-call tencce.bat des-ede-ofb

-if errorlevel 1 goto err

-

-call tencce.bat des-ede3-ofb

-if errorlevel 1 goto err

-

-call tencce.bat des-ecb

-if errorlevel 1 goto err

-

-call tencce.bat des-ede

-if errorlevel 1 goto err

-

-call tencce.bat des-ede3

-if errorlevel 1 goto err

-

-call tencce.bat des-cbc

-if errorlevel 1 goto err

-

-call tencce.bat des-ede-cbc

-if errorlevel 1 goto err

-

-call tencce.bat des-ede3-cbc

-if errorlevel 1 goto err

-

-call tencce.bat idea-ecb

-if errorlevel 1 goto err

-

-call tencce.bat idea-cfb

-if errorlevel 1 goto err

-

-call tencce.bat idea-ofb

-if errorlevel 1 goto err

-

-call tencce.bat idea-cbc

-if errorlevel 1 goto err

-

-call tencce.bat rc2-ecb

-if errorlevel 1 goto err

-

-call tencce.bat rc2-cfb

-if errorlevel 1 goto err

-

-call tencce.bat rc2-ofb

-if errorlevel 1 goto err

-

-call tencce.bat rc2-cbc

-if errorlevel 1 goto err

-

-call tencce.bat bf-ecb

-if errorlevel 1 goto err

-

-call tencce.bat bf-cfb

-if errorlevel 1 goto err

-

-call tencce.bat bf-ofb

-if errorlevel 1 goto err

-

-call tencce.bat bf-cbc

-if errorlevel 1 goto err

-

-echo OK

-del %out1% >nul 2>&1

-del %tmp1% >nul 2>&1

-:err

-

+@echo off
+echo start testenc
+
+path=..\ms;%path%
+set ssleay=%1%
+copy ..\ms\testenc.bat >nul
+set input=testenc.bat
+set tmp1=cipher.out
+set out1=clear.out
+set cmp=perl ..\ms\cmp.pl
+
+cecopy %ssleay% CE:\OpenSSL
+
+cd
+call tencce.bat enc
+if errorlevel 1 goto err
+
+call tencce.bat rc4
+if errorlevel 1 goto err
+
+call tencce.bat des-cfb
+if errorlevel 1 goto err
+
+call tencce.bat des-ede-cfb
+if errorlevel 1 goto err
+
+call tencce.bat des-ede3-cfb
+if errorlevel 1 goto err
+
+call tencce.bat des-ofb
+if errorlevel 1 goto err
+
+call tencce.bat des-ede-ofb
+if errorlevel 1 goto err
+
+call tencce.bat des-ede3-ofb
+if errorlevel 1 goto err
+
+call tencce.bat des-ecb
+if errorlevel 1 goto err
+
+call tencce.bat des-ede
+if errorlevel 1 goto err
+
+call tencce.bat des-ede3
+if errorlevel 1 goto err
+
+call tencce.bat des-cbc
+if errorlevel 1 goto err
+
+call tencce.bat des-ede-cbc
+if errorlevel 1 goto err
+
+call tencce.bat des-ede3-cbc
+if errorlevel 1 goto err
+
+call tencce.bat idea-ecb
+if errorlevel 1 goto err
+
+call tencce.bat idea-cfb
+if errorlevel 1 goto err
+
+call tencce.bat idea-ofb
+if errorlevel 1 goto err
+
+call tencce.bat idea-cbc
+if errorlevel 1 goto err
+
+call tencce.bat rc2-ecb
+if errorlevel 1 goto err
+
+call tencce.bat rc2-cfb
+if errorlevel 1 goto err
+
+call tencce.bat rc2-ofb
+if errorlevel 1 goto err
+
+call tencce.bat rc2-cbc
+if errorlevel 1 goto err
+
+call tencce.bat bf-ecb
+if errorlevel 1 goto err
+
+call tencce.bat bf-cfb
+if errorlevel 1 goto err
+
+call tencce.bat bf-ofb
+if errorlevel 1 goto err
+
+call tencce.bat bf-cbc
+if errorlevel 1 goto err
+
+echo OK
+del %out1% >nul 2>&1
+del %tmp1% >nul 2>&1
+:err
+
diff --git a/ms/testpem.bat b/ms/testpem.bat
index 005f13b67e..8b2e844d36 100755
--- a/ms/testpem.bat
+++ b/ms/testpem.bat
@@ -1,32 +1,32 @@
-@echo off

-set ssleay=%1%

-set tmp1=pem.out

-set cmp=fc.exe

-

-call tpem.bat crl ..\test\testcrl.pem

-if errorlevel 1 goto err

-

-call tpem.bat pkcs7 ..\test\testp7.pem

-if errorlevel 1 goto err

-

-call tpem.bat req ..\test\testreq2.pem

-if errorlevel 1 goto err

-

-call tpem.bat rsa ..\test\testrsa.pem

-if errorlevel 1 goto err

-

-call tpem.bat x509 ..\test\testx509.pem

-if errorlevel 1 goto err

-

-call tpem.bat x509 ..\test\v3-cert1.pem

-if errorlevel 1 goto err

-

-call tpem.bat x509 ..\test\v3-cert1.pem

-if errorlevel 1 goto err

-

-call tpem.bat sess_id ..\test\testsid.pem

-if errorlevel 1 goto err

-

-echo OK

-del %tmp1%

-:err

+@echo off
+set ssleay=%1%
+set tmp1=pem.out
+set cmp=fc.exe
+
+call tpem.bat crl ..\test\testcrl.pem
+if errorlevel 1 goto err
+
+call tpem.bat pkcs7 ..\test\testp7.pem
+if errorlevel 1 goto err
+
+call tpem.bat req ..\test\testreq2.pem
+if errorlevel 1 goto err
+
+call tpem.bat rsa ..\test\testrsa.pem
+if errorlevel 1 goto err
+
+call tpem.bat x509 ..\test\testx509.pem
+if errorlevel 1 goto err
+
+call tpem.bat x509 ..\test\v3-cert1.pem
+if errorlevel 1 goto err
+
+call tpem.bat x509 ..\test\v3-cert1.pem
+if errorlevel 1 goto err
+
+call tpem.bat sess_id ..\test\testsid.pem
+if errorlevel 1 goto err
+
+echo OK
+del %tmp1%
+:err
diff --git a/ms/testpemce.bat b/ms/testpemce.bat
index c793c3e514..ac64a7912c 100644
--- a/ms/testpemce.bat
+++ b/ms/testpemce.bat
@@ -1,42 +1,42 @@
-@echo off

-set ssleay=%1%

-set tmp1=pem.out

-set cmp=fc.exe

-

-cecopy %ssleay% CE:\OpenSSL

-

-copy ..\test\testcrl.pem >nul

-call tpemce.bat crl testcrl.pem

-if errorlevel 1 goto err

-

-copy ..\test\testp7.pem >nul

-call tpemce.bat pkcs7 testp7.pem

-if errorlevel 1 goto err

-

-copy ..\test\testreq2.pem >nul

-call tpemce.bat req testreq2.pem

-if errorlevel 1 goto err

-

-copy ..\test\testrsa.pem >nul

-call tpemce.bat rsa testrsa.pem

-if errorlevel 1 goto err

-

-copy ..\test\testx509.pem >nul

-call tpemce.bat x509 testx509.pem

-if errorlevel 1 goto err

-

-copy ..\test\v3-cert1.pem >nul

-call tpemce.bat x509 v3-cert1.pem

-if errorlevel 1 goto err

-

-copy ..\test\v3-cert1.pem >nul

-call tpemce.bat x509 v3-cert1.pem

-if errorlevel 1 goto err

-

-copy ..\test\testsid.pem >nul

-call tpemce.bat sess_id testsid.pem

-if errorlevel 1 goto err

-

-echo OK

-del %tmp1% >nul 2>&1

-:err

+@echo off
+set ssleay=%1%
+set tmp1=pem.out
+set cmp=fc.exe
+
+cecopy %ssleay% CE:\OpenSSL
+
+copy ..\test\testcrl.pem >nul
+call tpemce.bat crl testcrl.pem
+if errorlevel 1 goto err
+
+copy ..\test\testp7.pem >nul
+call tpemce.bat pkcs7 testp7.pem
+if errorlevel 1 goto err
+
+copy ..\test\testreq2.pem >nul
+call tpemce.bat req testreq2.pem
+if errorlevel 1 goto err
+
+copy ..\test\testrsa.pem >nul
+call tpemce.bat rsa testrsa.pem
+if errorlevel 1 goto err
+
+copy ..\test\testx509.pem >nul
+call tpemce.bat x509 testx509.pem
+if errorlevel 1 goto err
+
+copy ..\test\v3-cert1.pem >nul
+call tpemce.bat x509 v3-cert1.pem
+if errorlevel 1 goto err
+
+copy ..\test\v3-cert1.pem >nul
+call tpemce.bat x509 v3-cert1.pem
+if errorlevel 1 goto err
+
+copy ..\test\testsid.pem >nul
+call tpemce.bat sess_id testsid.pem
+if errorlevel 1 goto err
+
+echo OK
+del %tmp1% >nul 2>&1
+:err
diff --git a/ms/testss.bat b/ms/testss.bat
index b4aaf3c601..5afa131dba 100755
--- a/ms/testss.bat
+++ b/ms/testss.bat
@@ -1,98 +1,98 @@
-@echo off

-

-rem set ssleay=..\out\ssleay

-set ssleay=%1

-

-set reqcmd=%ssleay% req

-set x509cmd=%ssleay% x509 -sha1

-set verifycmd=%ssleay% verify

-

-set CAkey=keyCA.ss

-set CAcert=certCA.ss

-set CAserial=certCA.srl

-set CAreq=reqCA.ss

-set CAconf=..\test\CAss.cnf

-set CAreq2=req2CA.ss	

-

-set Uconf=..\test\Uss.cnf

-set Ukey=keyU.ss

-set Ureq=reqU.ss

-set Ucert=certU.ss

-

-echo make a certificate request using 'req'

-%reqcmd% -config %CAconf% -out %CAreq% -keyout %CAkey% -new

-if errorlevel 1 goto e_req

-

-echo convert the certificate request into a self signed certificate using 'x509'

-%x509cmd% -CAcreateserial -in %CAreq% -days 30 -req -out %CAcert% -signkey %CAkey% >err.ss

-if errorlevel 1 goto e_x509

-

-echo --

-echo convert a certificate into a certificate request using 'x509'

-%x509cmd% -in %CAcert% -x509toreq -signkey %CAkey% -out %CAreq2% >err.ss

-if errorlevel 1 goto e_x509_2

-

-%reqcmd% -verify -in %CAreq% -noout

-if errorlevel 1 goto e_vrfy_1

-

-%reqcmd% -verify -in %CAreq2% -noout

-if errorlevel 1 goto e_vrfy_2

-

-%verifycmd% -CAfile %CAcert% %CAcert%

-if errorlevel 1 goto e_vrfy_3

-

-echo --

-echo make another certificate request using 'req'

-%reqcmd% -config %Uconf% -out %Ureq% -keyout %Ukey% -new >err.ss

-if errorlevel 1 goto e_req_gen

-

-echo --

-echo sign certificate request with the just created CA via 'x509'

-%x509cmd% -CAcreateserial -in %Ureq% -days 30 -req -out %Ucert% -CA %CAcert% -CAkey %CAkey% -CAserial %CAserial%

-if errorlevel 1 goto e_x_sign

-

-%verifycmd% -CAfile %CAcert% %Ucert%

-echo --

-echo Certificate details

-%x509cmd% -subject -issuer -startdate -enddate -noout -in %Ucert%

-

-echo Everything appeared to work

-echo --

-echo The generated CA certificate is %CAcert%

-echo The generated CA private key is %CAkey%

-echo The current CA signing serial number is in %CAserial%

-

-echo The generated user certificate is %Ucert%

-echo The generated user private key is %Ukey%

-echo --

-

-del err.ss

-

-goto end

-

-:e_req

-echo error using 'req' to generate a certificate request

-goto end

-:e_x509

-echo error using 'x509' to self sign a certificate request

-goto end

-:e_x509_2

-echo error using 'x509' convert a certificate to a certificate request

-goto end

-:e_vrfy_1

-echo first generated request is invalid

-goto end

-:e_vrfy_2

-echo second generated request is invalid

-goto end

-:e_vrfy_3

-echo first generated cert is invalid

-goto end

-:e_req_gen

-echo error using 'req' to generate a certificate request

-goto end

-:e_x_sign

-echo error using 'x509' to sign a certificate request

-goto end

-

-:end

+@echo off
+
+rem set ssleay=..\out\ssleay
+set ssleay=%1
+
+set reqcmd=%ssleay% req
+set x509cmd=%ssleay% x509 -sha1
+set verifycmd=%ssleay% verify
+
+set CAkey=keyCA.ss
+set CAcert=certCA.ss
+set CAserial=certCA.srl
+set CAreq=reqCA.ss
+set CAconf=..\test\CAss.cnf
+set CAreq2=req2CA.ss	
+
+set Uconf=..\test\Uss.cnf
+set Ukey=keyU.ss
+set Ureq=reqU.ss
+set Ucert=certU.ss
+
+echo make a certificate request using 'req'
+%reqcmd% -config %CAconf% -out %CAreq% -keyout %CAkey% -new
+if errorlevel 1 goto e_req
+
+echo convert the certificate request into a self signed certificate using 'x509'
+%x509cmd% -CAcreateserial -in %CAreq% -days 30 -req -out %CAcert% -signkey %CAkey% >err.ss
+if errorlevel 1 goto e_x509
+
+echo --
+echo convert a certificate into a certificate request using 'x509'
+%x509cmd% -in %CAcert% -x509toreq -signkey %CAkey% -out %CAreq2% >err.ss
+if errorlevel 1 goto e_x509_2
+
+%reqcmd% -verify -in %CAreq% -noout
+if errorlevel 1 goto e_vrfy_1
+
+%reqcmd% -verify -in %CAreq2% -noout
+if errorlevel 1 goto e_vrfy_2
+
+%verifycmd% -CAfile %CAcert% %CAcert%
+if errorlevel 1 goto e_vrfy_3
+
+echo --
+echo make another certificate request using 'req'
+%reqcmd% -config %Uconf% -out %Ureq% -keyout %Ukey% -new >err.ss
+if errorlevel 1 goto e_req_gen
+
+echo --
+echo sign certificate request with the just created CA via 'x509'
+%x509cmd% -CAcreateserial -in %Ureq% -days 30 -req -out %Ucert% -CA %CAcert% -CAkey %CAkey% -CAserial %CAserial%
+if errorlevel 1 goto e_x_sign
+
+%verifycmd% -CAfile %CAcert% %Ucert%
+echo --
+echo Certificate details
+%x509cmd% -subject -issuer -startdate -enddate -noout -in %Ucert%
+
+echo Everything appeared to work
+echo --
+echo The generated CA certificate is %CAcert%
+echo The generated CA private key is %CAkey%
+echo The current CA signing serial number is in %CAserial%
+
+echo The generated user certificate is %Ucert%
+echo The generated user private key is %Ukey%
+echo --
+
+del err.ss
+
+goto end
+
+:e_req
+echo error using 'req' to generate a certificate request
+goto end
+:e_x509
+echo error using 'x509' to self sign a certificate request
+goto end
+:e_x509_2
+echo error using 'x509' convert a certificate to a certificate request
+goto end
+:e_vrfy_1
+echo first generated request is invalid
+goto end
+:e_vrfy_2
+echo second generated request is invalid
+goto end
+:e_vrfy_3
+echo first generated cert is invalid
+goto end
+:e_req_gen
+echo error using 'req' to generate a certificate request
+goto end
+:e_x_sign
+echo error using 'x509' to sign a certificate request
+goto end
+
+:end
diff --git a/ms/testssce.bat b/ms/testssce.bat
index dbb25abdb0..18381ed2fa 100644
--- a/ms/testssce.bat
+++ b/ms/testssce.bat
@@ -1,104 +1,104 @@
-rem set ssleay=..\out\ssleay

-set ssleay=%1

-

-set reqcmd=%ssleay% req

-set x509cmd=%ssleay% x509

-set verifycmd=%ssleay% verify

-

-set CAkey=\OpenSSL\keyCA.ss

-set CAcert=\OpenSSL\certCA.ss

-set CAserial=\OpenSSL\certCA.srl

-set CAreq=\OpenSSL\reqCA.ss

-cecopy ..\test\CAss.cnf CE:\OpenSSL

-set CAconf=\OpenSSL\CAss.cnf

-set CAreq2=\OpenSSL\req2CA.ss	

-

-cecopy ..\test\Uss.cnf CE:\OpenSSL

-set Uconf=\OpenSSL\Uss.cnf

-set Ukey=\OpenSSL\keyU.ss

-set Ureq=\OpenSSL\reqU.ss

-set Ucert=\OpenSSL\certU.ss

-

-echo make a certificate request using 'req'

-cerun CE:\OpenSSL\%reqcmd% -config %CAconf% -out %CAreq% -keyout %CAkey% -new

-if errorlevel 1 goto e_req

-

-echo convert the certificate request into a self signed certificate using 'x509'

-cerun CE:\OpenSSL\%x509cmd% -CAcreateserial -in %CAreq% -days 30 -req -out %CAcert% -signkey %CAkey% "> \OpenSSL\err.ss"

-if errorlevel 1 goto e_x509

-

-echo --

-echo convert a certificate into a certificate request using 'x509'

-cerun CE:\OpenSSL\%x509cmd% -in %CAcert% -x509toreq -signkey %CAkey% -out %CAreq2% "> \OpenSSL\err.ss"

-if errorlevel 1 goto e_x509_2

-

-cerun CE:\OpenSSL\%reqcmd% -verify -in %CAreq% -noout

-if errorlevel 1 goto e_vrfy_1

-

-cerun CE:\OpenSSL\%reqcmd% -verify -in %CAreq2% -noout

-if errorlevel 1 goto e_vrfy_2

-

-cerun CE:\OpenSSL\%verifycmd% -CAfile %CAcert% %CAcert%

-if errorlevel 1 goto e_vrfy_3

-

-echo --

-echo make another certificate request using 'req'

-cerun CE:\OpenSSL\%reqcmd% -config %Uconf% -out %Ureq% -keyout %Ukey% -new "> \OpenSSL\err.ss"

-if errorlevel 1 goto e_req_gen

-

-echo --

-echo sign certificate request with the just created CA via 'x509'

-cerun CE:\OpenSSL\%x509cmd% -CAcreateserial -in %Ureq% -days 30 -req -out %Ucert% -CA %CAcert% -CAkey %CAkey% -CAserial %CAserial%

-if errorlevel 1 goto e_x_sign

-

-cerun CE:\OpenSSL\%verifycmd% -CAfile %CAcert% %Ucert%

-echo --

-echo Certificate details

-cerun CE:\OpenSSL\%x509cmd% -subject -issuer -startdate -enddate -noout -in %Ucert%

-

-cecopy CE:%CAcert% .

-cecopy CE:%CAkey% .

-cecopy CE:%CAserial% .

-cecopy CE:%Ucert% .

-cecopy CE:%Ukey% .

-

-echo Everything appeared to work

-echo --

-echo The generated CA certificate is %CAcert%

-echo The generated CA private key is %CAkey%

-echo The current CA signing serial number is in %CAserial%

-

-echo The generated user certificate is %Ucert%

-echo The generated user private key is %Ukey%

-echo --

-

-cedel CE:\OpenSSL\err.ss

-

-goto end

-

-:e_req

-echo error using 'req' to generate a certificate request

-goto end

-:e_x509

-echo error using 'x509' to self sign a certificate request

-goto end

-:e_x509_2

-echo error using 'x509' convert a certificate to a certificate request

-goto end

-:e_vrfy_1

-echo first generated request is invalid

-goto end

-:e_vrfy_2

-echo second generated request is invalid

-goto end

-:e_vrfy_3

-echo first generated cert is invalid

-goto end

-:e_req_gen

-echo error using 'req' to generate a certificate request

-goto end

-:e_x_sign

-echo error using 'x509' to sign a certificate request

-goto end

-

-:end

+rem set ssleay=..\out\ssleay
+set ssleay=%1
+
+set reqcmd=%ssleay% req
+set x509cmd=%ssleay% x509
+set verifycmd=%ssleay% verify
+
+set CAkey=\OpenSSL\keyCA.ss
+set CAcert=\OpenSSL\certCA.ss
+set CAserial=\OpenSSL\certCA.srl
+set CAreq=\OpenSSL\reqCA.ss
+cecopy ..\test\CAss.cnf CE:\OpenSSL
+set CAconf=\OpenSSL\CAss.cnf
+set CAreq2=\OpenSSL\req2CA.ss	
+
+cecopy ..\test\Uss.cnf CE:\OpenSSL
+set Uconf=\OpenSSL\Uss.cnf
+set Ukey=\OpenSSL\keyU.ss
+set Ureq=\OpenSSL\reqU.ss
+set Ucert=\OpenSSL\certU.ss
+
+echo make a certificate request using 'req'
+cerun CE:\OpenSSL\%reqcmd% -config %CAconf% -out %CAreq% -keyout %CAkey% -new
+if errorlevel 1 goto e_req
+
+echo convert the certificate request into a self signed certificate using 'x509'
+cerun CE:\OpenSSL\%x509cmd% -CAcreateserial -in %CAreq% -days 30 -req -out %CAcert% -signkey %CAkey% "> \OpenSSL\err.ss"
+if errorlevel 1 goto e_x509
+
+echo --
+echo convert a certificate into a certificate request using 'x509'
+cerun CE:\OpenSSL\%x509cmd% -in %CAcert% -x509toreq -signkey %CAkey% -out %CAreq2% "> \OpenSSL\err.ss"
+if errorlevel 1 goto e_x509_2
+
+cerun CE:\OpenSSL\%reqcmd% -verify -in %CAreq% -noout
+if errorlevel 1 goto e_vrfy_1
+
+cerun CE:\OpenSSL\%reqcmd% -verify -in %CAreq2% -noout
+if errorlevel 1 goto e_vrfy_2
+
+cerun CE:\OpenSSL\%verifycmd% -CAfile %CAcert% %CAcert%
+if errorlevel 1 goto e_vrfy_3
+
+echo --
+echo make another certificate request using 'req'
+cerun CE:\OpenSSL\%reqcmd% -config %Uconf% -out %Ureq% -keyout %Ukey% -new "> \OpenSSL\err.ss"
+if errorlevel 1 goto e_req_gen
+
+echo --
+echo sign certificate request with the just created CA via 'x509'
+cerun CE:\OpenSSL\%x509cmd% -CAcreateserial -in %Ureq% -days 30 -req -out %Ucert% -CA %CAcert% -CAkey %CAkey% -CAserial %CAserial%
+if errorlevel 1 goto e_x_sign
+
+cerun CE:\OpenSSL\%verifycmd% -CAfile %CAcert% %Ucert%
+echo --
+echo Certificate details
+cerun CE:\OpenSSL\%x509cmd% -subject -issuer -startdate -enddate -noout -in %Ucert%
+
+cecopy CE:%CAcert% .
+cecopy CE:%CAkey% .
+cecopy CE:%CAserial% .
+cecopy CE:%Ucert% .
+cecopy CE:%Ukey% .
+
+echo Everything appeared to work
+echo --
+echo The generated CA certificate is %CAcert%
+echo The generated CA private key is %CAkey%
+echo The current CA signing serial number is in %CAserial%
+
+echo The generated user certificate is %Ucert%
+echo The generated user private key is %Ukey%
+echo --
+
+cedel CE:\OpenSSL\err.ss
+
+goto end
+
+:e_req
+echo error using 'req' to generate a certificate request
+goto end
+:e_x509
+echo error using 'x509' to self sign a certificate request
+goto end
+:e_x509_2
+echo error using 'x509' convert a certificate to a certificate request
+goto end
+:e_vrfy_1
+echo first generated request is invalid
+goto end
+:e_vrfy_2
+echo second generated request is invalid
+goto end
+:e_vrfy_3
+echo first generated cert is invalid
+goto end
+:e_req_gen
+echo error using 'req' to generate a certificate request
+goto end
+:e_x_sign
+echo error using 'x509' to sign a certificate request
+goto end
+
+:end
diff --git a/ms/tpem.bat b/ms/tpem.bat
index 7fc7a83279..cd01792e9f 100755
--- a/ms/tpem.bat
+++ b/ms/tpem.bat
@@ -1,6 +1,6 @@
-rem called by testpem

-

-echo test %1 %2

-%ssleay% %1 -in %2 -out %tmp1%

-%cmp% %2 %tmp1%

-

+rem called by testpem
+
+echo test %1 %2
+%ssleay% %1 -in %2 -out %tmp1%
+%cmp% %2 %tmp1%
+
diff --git a/ms/tpemce.bat b/ms/tpemce.bat
index 17b2acd390..483f559cfa 100644
--- a/ms/tpemce.bat
+++ b/ms/tpemce.bat
@@ -1,8 +1,8 @@
-rem called by testpemce

-

-echo test %1 %2

-cecopy %2 CE:\OpenSSL

-cerun CE:\OpenSSL\%ssleay% %1 -in \OpenSSL\%2 -out \OpenSSL\%tmp1%

-del %tmp1% >nul 2>&1

-cecopy CE:\OpenSSL\%tmp1% .

-%cmp% %2 %tmp1%

+rem called by testpemce
+
+echo test %1 %2
+cecopy %2 CE:\OpenSSL
+cerun CE:\OpenSSL\%ssleay% %1 -in \OpenSSL\%2 -out \OpenSSL\%tmp1%
+del %tmp1% >nul 2>&1
+cecopy CE:\OpenSSL\%tmp1% .
+%cmp% %2 %tmp1%
diff --git a/ms/uplink-common.pl b/ms/uplink-common.pl
new file mode 100755
index 0000000000..1d20e6e03e
--- /dev/null
+++ b/ms/uplink-common.pl
@@ -0,0 +1,22 @@
+#!/usr/bin/env perl
+#
+# pull APPLINK_MAX value from applink.c...
+$applink_c=$0;
+$applink_c=~s|[^/\\]+$||g;
+$applink_c.="applink.c";
+open(INPUT,$applink_c) || die "can't open $applink_c: $!";
+@max=grep {/APPLINK_MAX\s+(\d+)/} <INPUT>;
+close(INPUT);
+($#max==0) or die "can't find APPLINK_MAX in $applink_c";
+
+$max[0]=~/APPLINK_MAX\s+(\d+)/;
+$N=$1;	# number of entries in OPENSSL_UplinkTable not including
+	# OPENSSL_UplinkTable[0], which contains this value...
+
+1;
+
+# Idea is to fill the OPENSSL_UplinkTable with pointers to stubs
+# which invoke 'void OPENSSL_Uplink (ULONG_PTR *table,int index)';
+# and then dereference themselves. Latter shall result in endless
+# loop *unless* OPENSSL_Uplink does not replace 'table[index]' with
+# something else, e.g. as 'table[index]=unimplemented;'...
diff --git a/ms/uplink-ia64.pl b/ms/uplink-ia64.pl
new file mode 100755
index 0000000000..4204c73d58
--- /dev/null
+++ b/ms/uplink-ia64.pl
@@ -0,0 +1,50 @@
+#!/usr/bin/env perl
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+push(@INC,"${dir}.");
+
+require "uplink-common.pl";
+
+local $V=8;	# max number of args uplink functions may accept...
+my $loc0 = "r".(32+$V);
+print <<___;
+.text
+.global	OPENSSL_Uplink#
+.type	OPENSSL_Uplink#,\@function
+
+___
+for ($i=1;$i<=$N;$i++) {
+print <<___;
+.proc	lazy$i#
+lazy$i:
+	.prologue
+{ .mii;	.save	ar.pfs,$loc0
+	alloc	loc0=ar.pfs,$V,3,2,0
+	.save	b0,loc1
+	mov	loc1=b0
+	addl	loc2=\@ltoff(OPENSSL_UplinkTable#),gp	};;
+	.body
+{ .mmi;	ld8	out0=[loc2]
+	mov	out1=$i					};;
+{ .mib;	add	loc2=8*$i,out0
+	br.call.sptk.many	b0=OPENSSL_Uplink#	};;
+{ .mmi;	ld8	r31=[loc2];;
+	ld8	r30=[r31],8				};;
+{ .mii;	ld8	gp=[r31]
+	mov	b6=r30
+	mov	b0=loc1					};;
+{ .mib;	mov	ar.pfs=loc0
+	br.many	b6					};;
+.endp	lazy$i#
+
+___
+}
+print <<___;
+.data
+.global OPENSSL_UplinkTable#
+OPENSSL_UplinkTable:    data8   $N      // amount of following entries
+___
+for ($i=1;$i<=$N;$i++) {   print "      data8   \@fptr(lazy$i#)\n";   }
+print <<___;
+.size   OPENSSL_UplinkTable,.-OPENSSL_UplinkTable#
+___
diff --git a/ms/uplink-x86.pl b/ms/uplink-x86.pl
new file mode 100755
index 0000000000..0dffc14fcd
--- /dev/null
+++ b/ms/uplink-x86.pl
@@ -0,0 +1,33 @@
+#!/usr/bin/env perl
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+push(@INC, "${dir}.", "${dir}../crypto/perlasm");
+require "x86asm.pl";
+
+require "uplink-common.pl";
+
+&asm_init($ARGV[0],"uplink-x86");
+
+&external_label("OPENSSL_Uplink");
+&public_label("OPENSSL_UplinkTable");
+
+for ($i=1;$i<=$N;$i++) {
+&function_begin_B("_\$lazy${i}");
+	&lea	("eax",&DWP(&label("OPENSSL_UplinkTable")));
+	&push	("eax");
+	&push	($i);
+	&call	(&label("OPENSSL_Uplink"));
+	&add	("esp",8);
+	&pop	("eax");
+	&jmp_ptr(&DWP(4*$i,"eax"));
+&function_end_B("_\$lazy${i}");
+}
+
+&dataseg();
+&align(4);
+&set_label("OPENSSL_UplinkTable");
+&data_word($N);
+for ($i=1;$i<=$N;$i++) {
+&data_word(&label("_\$lazy${i}"));
+}
+&asm_finish();
diff --git a/ms/uplink-x86_64.pl b/ms/uplink-x86_64.pl
new file mode 100755
index 0000000000..9acbf6be6f
--- /dev/null
+++ b/ms/uplink-x86_64.pl
@@ -0,0 +1,64 @@
+#!/usr/bin/env perl
+
+$output=shift;
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+open STDOUT,"| $^X ${dir}../crypto/perlasm/x86_64-xlate.pl $output";
+push(@INC,"${dir}.");
+
+require "uplink-common.pl";
+
+$prefix="_lazy";
+
+print <<___;
+.text
+.extern	OPENSSL_Uplink
+.globl	OPENSSL_UplinkTable
+___
+for ($i=1;$i<=$N;$i++) {
+print <<___;
+.type	$prefix${i},\@abi-omnipotent
+.align	16
+$prefix${i}:
+	.byte	0x48,0x83,0xEC,0x28	# sub rsp,40
+	mov	%rcx,48(%rsp)
+	mov	%rdx,56(%rsp)
+	mov	%r8,64(%rsp)
+	mov	%r9,72(%rsp)
+	lea	OPENSSL_UplinkTable(%rip),%rcx
+	mov	\$$i,%rdx
+	call	OPENSSL_Uplink
+	mov	48(%rsp),%rcx
+	mov	56(%rsp),%rdx
+	mov	64(%rsp),%r8
+	mov	72(%rsp),%r9
+	lea	OPENSSL_UplinkTable(%rip),%rax
+	add	\$40,%rsp
+	jmp	*8*$i(%rax)
+$prefix${i}_end:
+.size	$prefix${i},.-$prefix${i}
+___
+}
+print <<___;
+.data
+OPENSSL_UplinkTable:
+        .quad   $N
+___
+for ($i=1;$i<=$N;$i++) {   print "      .quad   $prefix$i\n";   }
+print <<___;
+.section	.pdata,"r"
+.align		4
+___
+for ($i=1;$i<=$N;$i++) {
+print <<___;
+	.rva	$prefix${i},$prefix${i}_end,${prefix}_unwind_info
+___
+}
+print <<___;
+.section	.xdata,"r"
+.align		8
+${prefix}_unwind_info:
+	.byte	0x01,0x04,0x01,0x00
+	.byte	0x04,0x42,0x00,0x00
+___
+
+close STDOUT;
diff --git a/ms/uplink.c b/ms/uplink.c
index c839f9b087..7b7da08d47 100644
--- a/ms/uplink.c
+++ b/ms/uplink.c
@@ -1,4 +1,4 @@
-#if defined(_WIN64) && !defined(UNICODE)
+#if (defined(_WIN64) || defined(_WIN32_WCE)) && !defined(UNICODE)
 #define UNICODE
 #endif
 #if defined(UNICODE) && !defined(_UNICODE)
@@ -7,146 +7,92 @@
 #if defined(_UNICODE) && !defined(UNICODE)
 #define UNICODE
 #endif
-#if defined(_MSC_VER) && !defined(_WIN32_WINNT)
-#define _WIN32_WINNT 0x0333	/* 3.51 */
-#endif
 
 #include <windows.h>
 #include <tchar.h>
 #include <stdio.h>
-#include <malloc.h>
 #include "uplink.h"
-
-#ifdef _MSC_VER
-#pragma comment(lib,"delayimp")
-/*
- * CL command line should also be complemented with following:
- *
- *	/link /delayload:advapi32.dll /delayload:user32.dll
- *
- * This is required if/as we want to support Win9x. With delayloaded
- * DLLs in question all we have to do is to make sure NT-specific
- * functions are not actually called under Win9x.
- */
-#endif
-
-#if defined(_WIN32_WINNT) && _WIN32_WINNT>=0x0333
-int IsService()
-{ HWINSTA h;
-  DWORD len;
-  WCHAR *name;
-
-    GetDesktopWindow(); /* return value is ignored */
-
-    h = GetProcessWindowStation();
-    if (h==NULL) return -1;
-
-    if (GetUserObjectInformationW (h,UOI_NAME,NULL,0,&len) ||
-	GetLastError() != ERROR_INSUFFICIENT_BUFFER)
-	return -1;
-
-    if (len>512) return -1;		/* paranoia */
-    len++,len&=~1;			/* paranoia */
-#ifdef _MSC_VER
-    name=(WCHAR *)_alloca(len+sizeof(WCHAR));
-#else
-    name=(WCHAR *)alloca(len+sizeof(WCHAR));
-#endif
-    if (!GetUserObjectInformationW (h,UOI_NAME,name,len,&len))
-	return -1;
-
-    len++,len&=~1;			/* paranoia */
-    name[len/sizeof(WCHAR)]=L'\0';	/* paranoia */
-#if 1
-    /* This doesn't cover "interactive" services [working with real
-     * WinSta0's] nor programs started non-interactively by Task
-     * Scheduler [those are working with SAWinSta]. */
-    if (wcsstr(name,L"Service-0x"))	return 1;
-#else
-    /* This covers all non-interactive programs such as services. */
-    if (!wcsstr(name,L"WinSta0"))	return 1;
-#endif
-    else				return 0;
-}
-#endif
+void OPENSSL_showfatal(const char *,...);
 
 static TCHAR msg[128];
 
-static void unimplemented ()
-{
-#if defined(_WIN32_WINNT) && _WIN32_WINNT>=0x0333
-    /* this -------------v--- guards NT-specific calls */
-    if (GetVersion() < 0x80000000 && IsService())
-    {	HANDLE h = RegisterEventSource(0,_T("OPENSSL"));
-	TCHAR *pmsg=msg;
-	ReportEvent(h,EVENTLOG_ERROR_TYPE,0,0,0,1,0,&pmsg,0);
-	DeregisterEventSource(h);
-    }
-    else
-#endif
-    {	MSGBOXPARAMS         m;
-
-	m.cbSize             = sizeof(m);
-	m.hwndOwner          = NULL;
-	m.lpszCaption        = _T("OpenSSL: FATAL");
-	m.dwStyle            = MB_OK;
-	m.hInstance          = NULL;
-	m.lpszIcon           = IDI_ERROR;
-	m.dwContextHelpId    = 0;
-	m.lpfnMsgBoxCallback = NULL;
-	m.dwLanguageId       = MAKELANGID(LANG_ENGLISH,SUBLANG_ENGLISH_US);
-	m.lpszText           = msg;
-
-	MessageBoxIndirect (&m);
-    }
+static void unimplemented (void)
+{   OPENSSL_showfatal (sizeof(TCHAR)==sizeof(char)?"%s\n":"%S\n",msg);
     ExitProcess (1);
 }
 
-void OPENSSL_Uplink (void **table, int index)
-{ static HMODULE app=NULL;
-  static void **applinktable=NULL;
+void OPENSSL_Uplink (volatile void **table, int index)
+{ static HMODULE volatile apphandle=NULL;
+  static void ** volatile applinktable=NULL;
   int len;
-
-    len = _stprintf (msg,_T("OPENSSL_Uplink(%p,%02X): "),table,index);
-    _tcscpy (msg+len,_T("unimplemented function"));
-    table [index] = unimplemented;
-
-    if (app==NULL && (app=GetModuleHandle(NULL))==NULL)
-    {	app=(HMODULE)-1; _tcscpy (msg+len,_T("no host application"));
-	return;
-    }
-    else if (app==(HMODULE)-1)	{ return; }
-
-    if (applinktable==NULL)
-    { void**(*applink)();
-
-	applink=(void**(*)())GetProcAddress(app,"OPENSSL_Applink");
-	if (applink==NULL)
-	{   app=(HMODULE)-1; _tcscpy (msg+len,_T("no OPENSSL_Applink"));
-	    return;
+  void (*func)(void)=unimplemented;
+  HANDLE h;
+  void **p;
+
+    /* Note that the below code is not MT-safe in respect to msg
+     * buffer, but what's the worst thing that can happen? Error
+     * message might be misleading or corrupted. As error condition
+     * is fatal and should never be risen, I accept the risk... */
+    /* One can argue that I should have used InterlockedExchangePointer
+     * or something to update static variables and table[]. Well,
+     * store instructions are as atomic as they can get and assigned
+     * values are effectively constant... So that volatile qualifier
+     * should be sufficient [it prohibits compiler to reorder memory
+     * access instructions]. */
+    do {
+	len = _stprintf (msg,_T("OPENSSL_Uplink(%p,%02X): "),table,index);
+	_tcscpy (msg+len,_T("unimplemented function"));
+
+	if ((h=apphandle)==NULL)
+	{   if  ((h=GetModuleHandle(NULL))==NULL)
+	    {	apphandle=(HMODULE)-1;
+		_tcscpy (msg+len,_T("no host application"));
+		break;
+	    }
+	    apphandle = h;
 	}
-	applinktable = (*applink)();
+	if ((h=apphandle)==(HMODULE)-1) /* revalidate */
+	    break;
+
 	if (applinktable==NULL)
-	{   app=(HMODULE)-1; _tcscpy (msg+len,_T("no ApplinkTable"));
-	    return;
+	{ void**(*applink)();
+
+	    applink=(void**(*)())GetProcAddress(h,"OPENSSL_Applink");
+	    if (applink==NULL)
+	    {	apphandle=(HMODULE)-1;
+		_tcscpy (msg+len,_T("no OPENSSL_Applink"));
+		break;
+	    }
+	    p = (*applink)();
+	    if (p==NULL)
+	    {	apphandle=(HMODULE)-1;
+		_tcscpy (msg+len,_T("no ApplinkTable"));
+		break;
+	    }
+	    applinktable = p;
 	}
-    }
+	else
+	    p = applinktable;
+
+	if (index > (int)p[0])
+	    break;
 
-    if (index > (int)applinktable[0])	{ return; }
+	if (p[index]) func = p[index];
+    } while (0);
 
-    if (applinktable[index]) table[index] = applinktable[index];
+    table[index] = func;
 }    
 
-#if defined(_MSC_VER) && defined(_M_IX86)
+#if defined(_MSC_VER) && defined(_M_IX86) && !defined(OPENSSL_NO_INLINE_ASM)
 #define LAZY(i)		\
-__declspec(naked) static void lazy##i () { 	\
+__declspec(naked) static void lazy##i (void) { 	\
 	_asm	push i				\
 	_asm	push OFFSET OPENSSL_UplinkTable	\
 	_asm	call OPENSSL_Uplink		\
 	_asm	add  esp,8			\
 	_asm	jmp  OPENSSL_UplinkTable+4*i	}
 
-#if APPLINK_MAX>20
+#if APPLINK_MAX>25
 #error "Add more stubs..."
 #endif
 /* make some in advance... */
@@ -154,12 +100,14 @@ LAZY(1)  LAZY(2)  LAZY(3)  LAZY(4)  LAZY(5)
 LAZY(6)  LAZY(7)  LAZY(8)  LAZY(9)  LAZY(10)
 LAZY(11) LAZY(12) LAZY(13) LAZY(14) LAZY(15)
 LAZY(16) LAZY(17) LAZY(18) LAZY(19) LAZY(20)
+LAZY(21) LAZY(22) LAZY(23) LAZY(24) LAZY(25)
 void *OPENSSL_UplinkTable[] = {
 	(void *)APPLINK_MAX,
 	lazy1, lazy2, lazy3, lazy4, lazy5,
 	lazy6, lazy7, lazy8, lazy9, lazy10,
 	lazy11,lazy12,lazy13,lazy14,lazy15,
 	lazy16,lazy17,lazy18,lazy19,lazy20,
+	lazy21,lazy22,lazy23,lazy24,lazy25,
 };
 #endif
 
diff --git a/ms/uplink.h b/ms/uplink.h
index 3e9911ab93..a4a67d3c14 100644
--- a/ms/uplink.h
+++ b/ms/uplink.h
@@ -2,13 +2,28 @@
 #include "applink.c"
 
 extern void *OPENSSL_UplinkTable[];
-#define UP_stdin  (*(void *(*)())OPENSSL_UplinkTable[APPLINK_STDIN])()
-#define UP_stdout (*(void *(*)())OPENSSL_UplinkTable[APPLINK_STDOUT])()
-#define UP_stderr (*(void *(*)())OPENSSL_UplinkTable[APPLINK_STDERR])()
+
+#define UP_stdin  (*(void *(*)(void))OPENSSL_UplinkTable[APPLINK_STDIN])()
+#define UP_stdout (*(void *(*)(void))OPENSSL_UplinkTable[APPLINK_STDOUT])()
+#define UP_stderr (*(void *(*)(void))OPENSSL_UplinkTable[APPLINK_STDERR])()
 #define UP_fprintf (*(int (*)(void *,const char *,...))OPENSSL_UplinkTable[APPLINK_FPRINTF])
 #define UP_fgets  (*(char *(*)(char *,int,void *))OPENSSL_UplinkTable[APPLINK_FGETS])
 #define UP_fread  (*(size_t (*)(void *,size_t,size_t,void *))OPENSSL_UplinkTable[APPLINK_FREAD])
-#define UP_fwrite (*(size_t (*)(void *,size_t,size_t,void *))OPENSSL_UplinkTable[APPLINK_FWRITE])
+#define UP_fwrite (*(size_t (*)(const void *,size_t,size_t,void *))OPENSSL_UplinkTable[APPLINK_FWRITE])
 #define UP_fsetmod (*(int (*)(void *,char))OPENSSL_UplinkTable[APPLINK_FSETMOD])
 #define UP_feof   (*(int (*)(void *))OPENSSL_UplinkTable[APPLINK_FEOF])
-#define UP_fclose (*(int (*)(void *))OPENSSL_Uplink[APPLINK_FCLOSE])
+#define UP_fclose (*(int (*)(void *))OPENSSL_UplinkTable[APPLINK_FCLOSE])
+
+#define UP_fopen  (*(void *(*)(const char *,const char *))OPENSSL_UplinkTable[APPLINK_FOPEN])
+#define UP_fseek  (*(int (*)(void *,long,int))OPENSSL_UplinkTable[APPLINK_FSEEK])
+#define UP_ftell  (*(long (*)(void *))OPENSSL_UplinkTable[APPLINK_FTELL])
+#define UP_fflush (*(int (*)(void *))OPENSSL_UplinkTable[APPLINK_FFLUSH])
+#define UP_ferror (*(int (*)(void *))OPENSSL_UplinkTable[APPLINK_FERROR])
+#define UP_clearerr (*(void (*)(void *))OPENSSL_UplinkTable[APPLINK_CLEARERR])
+#define UP_fileno (*(int (*)(void *))OPENSSL_UplinkTable[APPLINK_FILENO])
+
+#define UP_open   (*(int (*)(const char *,int,...))OPENSSL_UplinkTable[APPLINK_OPEN])
+#define UP_read   (*(ssize_t (*)(int,void *,size_t))OPENSSL_UplinkTable[APPLINK_READ])
+#define UP_write  (*(ssize_t (*)(int,const void *,size_t))OPENSSL_UplinkTable[APPLINK_WRITE])
+#define UP_lseek  (*(long (*)(int,long,int))OPENSSL_UplinkTable[APPLINK_LSEEK])
+#define UP_close  (*(int (*)(int))OPENSSL_UplinkTable[APPLINK_CLOSE])
diff --git a/ms/uplink.pl b/ms/uplink.pl
deleted file mode 100755
index 801f6e01fa..0000000000
--- a/ms/uplink.pl
+++ /dev/null
@@ -1,177 +0,0 @@
-#!/usr/bin/env perl
-#
-# For Microsoft CL this is implemented as inline assembler. So that
-# even though this script can generate even Win32 code, we'll be
-# using it primarily to generate Win64 modules. Both IA-64 and AMD64
-# are supported...
-
-# pull APPLINK_MAX value from applink.c...
-$applink_c=$0;
-$applink_c=~s|[^/\\]+$||g;
-$applink_c.="applink.c";
-open(INPUT,$applink_c) || die "can't open $applink_c: $!";
-@max=grep {/APPLINK_MAX\s+(\d+)/} <INPUT>;
-close(INPUT);
-($#max==0) or die "can't find APPLINK_MAX in $applink_c";
-
-$max[0]=~/APPLINK_MAX\s+(\d+)/;
-$N=$1;	# number of entries in OPENSSL_UplinkTable not including
-	# OPENSSL_UplinkTable[0], which contains this value...
-
-# Idea is to fill the OPENSSL_UplinkTable with pointers to stubs
-# which invoke 'void OPENSSL_Uplink (ULONG_PTR *table,int index)';
-# and then dereference themselves. Latter shall result in endless
-# loop *unless* OPENSSL_Uplink does not replace 'table[index]' with
-# something else, e.g. as 'table[index]=unimplemented;'...
-
-$arg = shift;
-#( defined shift || open STDOUT,">$arg" ) || die "can't open $arg: $!";
-
-if ($arg =~ /win32n/)	{ ia32nasm();  }
-elsif ($arg =~ /win32/)	{ ia32masm();  }
-elsif ($arg =~ /ia64/)	{ ia64ias();   }
-elsif ($arg =~ /amd64/)	{ amd64masm(); }
-else	{ die "nonsense $arg"; }
-
-sub ia32masm() {
-print <<___;
-.386P
-.model	FLAT
-
-_DATA	SEGMENT
-PUBLIC	_OPENSSL_UplinkTable
-_OPENSSL_UplinkTable	DD	$N	; amount of following entries
-___
-for ($i=1;$i<=$N;$i++) {   print "	DD	FLAT:\$lazy$i\n";   }
-print <<___;
-_DATA	ENDS
-
-_TEXT	SEGMENT
-EXTRN	_OPENSSL_Uplink:NEAR
-___
-for ($i=1;$i<=$N;$i++) {
-print <<___;
-ALIGN	4
-\$lazy$i	PROC NEAR
-	push	$i
-	push	OFFSET FLAT:_OPENSSL_UplinkTable
-	call	_OPENSSL_Uplink
-	add	esp,8
-	jmp	DWORD PTR _OPENSSL_UplinkTable+4*$i
-\$lazy$i	ENDP
-___
-}
-print <<___;
-ALIGN	4
-_TEXT	ENDS
-END
-___
-}
-
-sub ia32nasm() {
-print <<___;
-SEGMENT	.data
-GLOBAL	_OPENSSL_UplinkTable
-_OPENSSL_UplinkTable	DD	$N	; amount of following entries
-___
-for ($i=1;$i<=$N;$i++) {   print "	DD	\$lazy$i\n";   }
-print <<___;
-
-SEGMENT	.text
-EXTERN	_OPENSSL_Uplink
-___
-for ($i=1;$i<=$N;$i++) {
-print <<___;
-ALIGN	4
-\$lazy$i:
-	push	$i
-	push	_OPENSSL_UplinkTable
-	call	_OPENSSL_Uplink
-	add	esp,8
-	jmp	[_OPENSSL_UplinkTable+4*$i]
-___
-}
-print <<___;
-ALIGN	4
-END
-___
-}
-
-sub ia64ias () {
-local $V=8;	# max number of args uplink functions may accept...
-print <<___;
-.data
-.global	OPENSSL_UplinkTable#
-OPENSSL_UplinkTable:	data8	$N	// amount of following entries
-___
-for ($i=1;$i<=$N;$i++) {   print "	data8	\@fptr(lazy$i#)\n";   }
-print <<___;
-.size	OPENSSL_UplinkTable,.-OPENSSL_UplinkTable#
-
-.text
-.global	OPENSSL_Uplink#
-.type	OPENSSL_Uplink#,\@function
-___
-for ($i=1;$i<=$N;$i++) {
-print <<___;
-.proc	lazy$i
-lazy$i:
-{ .mii;	alloc	loc0=ar.pfs,$V,3,2,0
-	mov	loc1=b0
-	addl	loc2=\@ltoff(OPENSSL_UplinkTable#),gp	};;
-{ .mmi;	ld8	out0=[loc2]
-	mov	out1=$i					};;
-{ .mib;	adds	loc2=8*$i,out0
-	br.call.sptk.many	b0=OPENSSL_Uplink#	};;
-{ .mmi;	ld8	r31=[loc2];;
-	ld8	r30=[r31],8				};;
-{ .mii;	ld8	gp=[r31]
-	mov	b6=r30
-	mov	b0=loc1					};;
-{ .mib; mov	ar.pfs=loc0
-	br.many	b6					};;
-.endp	lazy$i#
-___
-}
-}
-
-sub amd64masm() {
-print <<___;
-_DATA	SEGMENT
-PUBLIC	OPENSSL_UplinkTable
-OPENSSL_UplinkTable	DQ	$N
-___
-for ($i=1;$i<=$N;$i++) {   print "	DQ	FLAT:\$lazy$i\n";   }
-print <<___;
-_DATA	ENDS
-
-TEXT	SEGMENT
-EXTERN	OPENSSL_Uplink:NEAR
-___
-for ($i=1;$i<=$N;$i++) {
-print <<___;
-ALIGN	4
-\$lazy$i	PROC NEAR
-	push	r9
-	push	r8
-	push	rdx
-	push	rcx
-	sub	rsp,40
-	mov	rcx,OFFSET FLAT:OPENSSL_UplinkTable
-	mov	rdx,$i
-	call	OPENSSL_Uplink
-	add	rsp,40
-	pop	rcx
-	pop	rdx
-	pop	r8
-	pop	r9
-	jmp	QWORD PTR OPENSSL_UplinkTable+8*$i
-\$lazy$i	ENDP
-___
-}
-print <<___;
-TEXT	ENDS
-END
-___
-}
-
diff --git a/ms/x86asm.bat b/ms/x86asm.bat
index 4d80e706e4..03563c6b04 100755
--- a/ms/x86asm.bat
+++ b/ms/x86asm.bat
@@ -1,57 +1,57 @@
-

-@echo off

-echo Generating x86 assember

-

-echo Bignum

-cd crypto\bn\asm

-perl x86.pl win32n > bn-win32.asm

-cd ..\..\..

-

-echo DES

-cd crypto\des\asm

-perl des-586.pl win32n > d-win32.asm

-cd ..\..\..

-

-echo "crypt(3)"

-

-cd crypto\des\asm

-perl crypt586.pl win32n > y-win32.asm

-cd ..\..\..

-

-echo Blowfish

-

-cd crypto\bf\asm

-perl bf-586.pl win32n > b-win32.asm

-cd ..\..\..

-

-echo CAST5

-cd crypto\cast\asm

-perl cast-586.pl win32n > c-win32.asm

-cd ..\..\..

-

-echo RC4

-cd crypto\rc4\asm

-perl rc4-586.pl win32n > r4-win32.asm

-cd ..\..\..

-

-echo MD5

-cd crypto\md5\asm

-perl md5-586.pl win32n > m5-win32.asm

-cd ..\..\..

-

-echo SHA1

-cd crypto\sha\asm

-perl sha1-586.pl win32n > s1-win32.asm

-cd ..\..\..

-

-echo RIPEMD160

-cd crypto\ripemd\asm

-perl rmd-586.pl win32n > rm-win32.asm

-cd ..\..\..

-

-echo RC5\32

-cd crypto\rc5\asm

-perl rc5-586.pl win32n > r5-win32.asm

-cd ..\..\..

-

-echo on

+
+@echo off
+echo Generating x86 assember
+
+echo Bignum
+cd crypto\bn\asm
+perl x86.pl win32n > bn-win32.asm
+cd ..\..\..
+
+echo DES
+cd crypto\des\asm
+perl des-586.pl win32n > d-win32.asm
+cd ..\..\..
+
+echo "crypt(3)"
+
+cd crypto\des\asm
+perl crypt586.pl win32n > y-win32.asm
+cd ..\..\..
+
+echo Blowfish
+
+cd crypto\bf\asm
+perl bf-586.pl win32n > b-win32.asm
+cd ..\..\..
+
+echo CAST5
+cd crypto\cast\asm
+perl cast-586.pl win32n > c-win32.asm
+cd ..\..\..
+
+echo RC4
+cd crypto\rc4\asm
+perl rc4-586.pl win32n > r4-win32.asm
+cd ..\..\..
+
+echo MD5
+cd crypto\md5\asm
+perl md5-586.pl win32n > m5-win32.asm
+cd ..\..\..
+
+echo SHA1
+cd crypto\sha\asm
+perl sha1-586.pl win32n > s1-win32.asm
+cd ..\..\..
+
+echo RIPEMD160
+cd crypto\ripemd\asm
+perl rmd-586.pl win32n > rm-win32.asm
+cd ..\..\..
+
+echo RC5\32
+cd crypto\rc5\asm
+perl rc5-586.pl win32n > r5-win32.asm
+cd ..\..\..
+
+echo on
diff --git a/openssl.spec b/openssl.spec
index 3979cb85a8..06d4dea439 100644
--- a/openssl.spec
+++ b/openssl.spec
@@ -1,6 +1,7 @@
-%define libmaj 0
-%define libmin 9
-%define librel 8
+%define _unpackaged_files_terminate_build 0
+%define libmaj 1
+%define libmin 1
+%define librel 0
 #%define librev a
 Release: 1
 
@@ -96,6 +97,9 @@ perl util/perlpath.pl /usr/bin/perl
 %ifarch alpha
 ./Configure %{CONFIG_FLAGS} linux-alpha shared
 %endif
+%ifarch x86_64
+./Configure %{CONFIG_FLAGS} linux-x86_64 shared
+%endif
 LD_LIBRARY_PATH=`pwd` make
 LD_LIBRARY_PATH=`pwd` make rehash
 LD_LIBRARY_PATH=`pwd` make test
@@ -121,7 +125,6 @@ rm -rf $RPM_BUILD_ROOT
 
 %config %attr(0644,root,root) %{openssldir}/openssl.cnf 
 %dir %attr(0755,root,root) %{openssldir}/certs
-%dir %attr(0755,root,root) %{openssldir}/lib
 %dir %attr(0755,root,root) %{openssldir}/misc
 %dir %attr(0750,root,root) %{openssldir}/private
 
@@ -146,6 +149,8 @@ ldconfig
 ldconfig
 
 %changelog
+* Sun Jun  6 2005 Richard Levitte <richard@levitte.org>
+- Remove the incorrect installation of '%{openssldir}/lib'.
 * Wed May  7 2003 Richard Levitte <richard@levitte.org>
 - Add /usr/lib/pkgconfig/openssl.pc to the development section.
 * Thu Mar 22 2001 Richard Levitte <richard@levitte.org>
diff --git a/perl/.cvsignore b/perl/.cvsignore
index e3f4b2ec4e..5e8eb88bf5 100644
--- a/perl/.cvsignore
+++ b/perl/.cvsignore
@@ -10,3 +10,5 @@ openssl_err.c
 openssl_ssl.c
 openssl_x509.c
 OpenSSL.bs
+*.flc
+semantic.cache
diff --git a/shlib/win32.bat b/shlib/win32.bat
index c807a99d35..2b0faaa17b 100755
--- a/shlib/win32.bat
+++ b/shlib/win32.bat
@@ -14,5 +14,5 @@ cl /Focrypto.obj -DWIN32 %OPTIONS% -c crypto\crypto.c
 cl /Fossl.obj -DWIN32 %OPTIONS% -c ssl\ssl.c
 cl /Foeay.obj -DWIN32 %OPTIONS% -c apps\eay.c
 
-cl /Fessleay.exe %OPTIONS% eay.obj ssl.obj crypto.obj crypto\bf\asm\b-win32.obj crypto\des\asm\c-win32.obj crypto\des\asm\d-win32.obj crypto\bn\asm\x86nt32.obj user32.lib gdi32.lib wsock32.lib
+cl /Fessleay.exe %OPTIONS% eay.obj ssl.obj crypto.obj crypto\bf\asm\b-win32.obj crypto\des\asm\c-win32.obj crypto\des\asm\d-win32.obj crypto\bn\asm\x86nt32.obj user32.lib gdi32.lib ws2_32.lib
 
diff --git a/shlib/win32dll.bat b/shlib/win32dll.bat
index 294c94c81c..844e3537c8 100755
--- a/shlib/win32dll.bat
+++ b/shlib/win32dll.bat
@@ -5,9 +5,9 @@ set OPTIONS2=/W3 /WX /Ox /Gf /nologo
 
 set OPTIONS=%OPTIONS1% %OPTIONS2%
 
-cl /Felibeay32.dll /GD /MD /LD -DWIN32 %OPTIONS% ms\libeay32.def crypto\crypto.c crypto\bf\asm\b-win32.obj crypto\des\asm\c-win32.obj crypto\des\asm\d-win32.obj crypto\bn\asm\x86nt32.obj user32.lib gdi32.lib wsock32.lib
+cl /Felibeay32.dll /GD /MD /LD -DWIN32 %OPTIONS% ms\libeay32.def crypto\crypto.c crypto\bf\asm\b-win32.obj crypto\des\asm\c-win32.obj crypto\des\asm\d-win32.obj crypto\bn\asm\x86nt32.obj user32.lib gdi32.lib ws2_32.lib
 
 cl /Fessleay32.dll /GD /MD /LD -DWIN32 %OPTIONS% ms\ssleay32.def ssl\ssl.c libeay32.lib
 
-cl /Fessleay.exe /MD -DWIN32 %OPTIONS% apps\eay.c ssleay32.lib libeay32.lib user32.lib wsock32.lib
+cl /Fessleay.exe /MD -DWIN32 %OPTIONS% apps\eay.c ssleay32.lib libeay32.lib user32.lib ws2_32.lib
 
diff --git a/ssl/.cvsignore b/ssl/.cvsignore
index c6d03a9dbc..439e6d3eb6 100644
--- a/ssl/.cvsignore
+++ b/ssl/.cvsignore
@@ -1,2 +1,4 @@
 lib
 Makefile.save
+*.flc
+semantic.cache
diff --git a/ssl/Makefile.ssl b/ssl/Makefile.ssl
deleted file mode 100644
index c0f7e347a9..0000000000
--- a/ssl/Makefile.ssl
+++ /dev/null
@@ -1,754 +0,0 @@
-#
-# SSLeay/ssl/Makefile
-#
-
-DIR=	ssl
-TOP=	..
-CC=	cc
-INCLUDES= -I../crypto -I$(TOP) -I../include $(KRB5_INCLUDES)
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-AR=		ar r
-# KRB5 stuff
-KRB5_INCLUDES=
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile README ssl-lib.com install.com
-TEST=ssltest.c
-APPS=
-
-LIB=$(TOP)/libssl.a
-SHARED_LIB= libssl$(SHLIB_EXT)
-LIBSRC=	\
-	s2_meth.c   s2_srvr.c s2_clnt.c  s2_lib.c  s2_enc.c s2_pkt.c \
-	s3_meth.c   s3_srvr.c s3_clnt.c  s3_lib.c  s3_enc.c s3_pkt.c s3_both.c \
-	s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c          s23_pkt.c \
-	t1_meth.c   t1_srvr.c t1_clnt.c  t1_lib.c  t1_enc.c \
-	ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c \
-	ssl_ciph.c ssl_stat.c ssl_rsa.c \
-	ssl_asn1.c ssl_txt.c ssl_algs.c \
-	bio_ssl.c ssl_err.c kssl.c
-LIBOBJ= \
-	s2_meth.o  s2_srvr.o  s2_clnt.o  s2_lib.o  s2_enc.o s2_pkt.o \
-	s3_meth.o  s3_srvr.o  s3_clnt.o  s3_lib.o  s3_enc.o s3_pkt.o s3_both.o \
-	s23_meth.o s23_srvr.o s23_clnt.o s23_lib.o          s23_pkt.o \
-	t1_meth.o   t1_srvr.o t1_clnt.o  t1_lib.o  t1_enc.o \
-	ssl_lib.o ssl_err2.o ssl_cert.o ssl_sess.o \
-	ssl_ciph.o ssl_stat.o ssl_rsa.o \
-	ssl_asn1.o ssl_txt.o ssl_algs.o \
-	bio_ssl.o ssl_err.o kssl.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= ssl.h ssl2.h ssl3.h ssl23.h tls1.h kssl.h
-HEADER=	$(EXHEADER) ssl_locl.h kssl_lcl.h
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ..; $(MAKE) DIRS=$(DIR) all)
-
-all:	shared
-
-lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB) || echo Never mind.
-	@touch lib
-
-shared: lib
-	if [ -n "$(SHARED_LIBS)" ]; then \
-		(cd ..; $(MAKE) $(SHARED_LIB)); \
-	fi
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@sh $(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mklink.pl ../include/openssl $(EXHEADER)
-	@$(PERL) $(TOP)/util/mklink.pl ../test $(TEST)
-	@$(PERL) $(TOP)/util/mklink.pl ../apps $(APPS)
-
-install:
-	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-
-tags:
-	ctags $(SRC)
-
-tests:
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-bio_ssl.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-bio_ssl.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-bio_ssl.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-bio_ssl.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-bio_ssl.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
-bio_ssl.o: ../include/openssl/evp.h ../include/openssl/kssl.h
-bio_ssl.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-bio_ssl.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-bio_ssl.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-bio_ssl.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-bio_ssl.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
-bio_ssl.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-bio_ssl.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-bio_ssl.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-bio_ssl.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-bio_ssl.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h bio_ssl.c
-kssl.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-kssl.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-kssl.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-kssl.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-kssl.o: ../include/openssl/ecdsa.h ../include/openssl/evp.h
-kssl.o: ../include/openssl/krb5_asn.h ../include/openssl/kssl.h
-kssl.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-kssl.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-kssl.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-kssl.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-kssl.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
-kssl.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-kssl.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-kssl.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-kssl.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-kssl.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h kssl.c
-s23_clnt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-s23_clnt.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-s23_clnt.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
-s23_clnt.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-s23_clnt.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-s23_clnt.o: ../include/openssl/err.h ../include/openssl/evp.h
-s23_clnt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-s23_clnt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-s23_clnt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-s23_clnt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-s23_clnt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s23_clnt.o: ../include/openssl/rand.h ../include/openssl/rsa.h
-s23_clnt.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-s23_clnt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-s23_clnt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-s23_clnt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-s23_clnt.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-s23_clnt.o: ../include/openssl/x509_vfy.h s23_clnt.c ssl_locl.h
-s23_lib.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-s23_lib.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-s23_lib.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
-s23_lib.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-s23_lib.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-s23_lib.o: ../include/openssl/err.h ../include/openssl/evp.h
-s23_lib.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-s23_lib.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-s23_lib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-s23_lib.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-s23_lib.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s23_lib.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-s23_lib.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-s23_lib.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-s23_lib.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-s23_lib.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-s23_lib.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s23_lib.c
-s23_lib.o: ssl_locl.h
-s23_meth.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-s23_meth.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-s23_meth.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
-s23_meth.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-s23_meth.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-s23_meth.o: ../include/openssl/err.h ../include/openssl/evp.h
-s23_meth.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-s23_meth.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-s23_meth.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-s23_meth.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-s23_meth.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s23_meth.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-s23_meth.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-s23_meth.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-s23_meth.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-s23_meth.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-s23_meth.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s23_meth.c
-s23_meth.o: ssl_locl.h
-s23_pkt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-s23_pkt.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-s23_pkt.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
-s23_pkt.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-s23_pkt.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-s23_pkt.o: ../include/openssl/err.h ../include/openssl/evp.h
-s23_pkt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-s23_pkt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-s23_pkt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-s23_pkt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-s23_pkt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s23_pkt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-s23_pkt.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-s23_pkt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-s23_pkt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-s23_pkt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-s23_pkt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s23_pkt.c
-s23_pkt.o: ssl_locl.h
-s23_srvr.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-s23_srvr.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-s23_srvr.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
-s23_srvr.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-s23_srvr.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-s23_srvr.o: ../include/openssl/err.h ../include/openssl/evp.h
-s23_srvr.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-s23_srvr.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-s23_srvr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-s23_srvr.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-s23_srvr.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s23_srvr.o: ../include/openssl/rand.h ../include/openssl/rsa.h
-s23_srvr.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-s23_srvr.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-s23_srvr.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-s23_srvr.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-s23_srvr.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-s23_srvr.o: ../include/openssl/x509_vfy.h s23_srvr.c ssl_locl.h
-s2_clnt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-s2_clnt.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-s2_clnt.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
-s2_clnt.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-s2_clnt.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-s2_clnt.o: ../include/openssl/err.h ../include/openssl/evp.h
-s2_clnt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-s2_clnt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-s2_clnt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-s2_clnt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-s2_clnt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s2_clnt.o: ../include/openssl/rand.h ../include/openssl/rsa.h
-s2_clnt.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-s2_clnt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-s2_clnt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-s2_clnt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-s2_clnt.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-s2_clnt.o: ../include/openssl/x509_vfy.h s2_clnt.c ssl_locl.h
-s2_enc.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-s2_enc.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-s2_enc.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
-s2_enc.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-s2_enc.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-s2_enc.o: ../include/openssl/err.h ../include/openssl/evp.h
-s2_enc.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-s2_enc.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-s2_enc.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-s2_enc.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-s2_enc.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s2_enc.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-s2_enc.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-s2_enc.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-s2_enc.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-s2_enc.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-s2_enc.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s2_enc.c
-s2_enc.o: ssl_locl.h
-s2_lib.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-s2_lib.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-s2_lib.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
-s2_lib.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-s2_lib.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-s2_lib.o: ../include/openssl/err.h ../include/openssl/evp.h
-s2_lib.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-s2_lib.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h
-s2_lib.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-s2_lib.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-s2_lib.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-s2_lib.o: ../include/openssl/pkcs7.h ../include/openssl/rsa.h
-s2_lib.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-s2_lib.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-s2_lib.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-s2_lib.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-s2_lib.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-s2_lib.o: ../include/openssl/x509_vfy.h s2_lib.c ssl_locl.h
-s2_meth.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-s2_meth.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-s2_meth.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
-s2_meth.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-s2_meth.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-s2_meth.o: ../include/openssl/err.h ../include/openssl/evp.h
-s2_meth.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-s2_meth.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-s2_meth.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-s2_meth.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-s2_meth.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s2_meth.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-s2_meth.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-s2_meth.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-s2_meth.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-s2_meth.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-s2_meth.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s2_meth.c
-s2_meth.o: ssl_locl.h
-s2_pkt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-s2_pkt.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-s2_pkt.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
-s2_pkt.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-s2_pkt.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-s2_pkt.o: ../include/openssl/err.h ../include/openssl/evp.h
-s2_pkt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-s2_pkt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-s2_pkt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-s2_pkt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-s2_pkt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s2_pkt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-s2_pkt.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-s2_pkt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-s2_pkt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-s2_pkt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-s2_pkt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s2_pkt.c
-s2_pkt.o: ssl_locl.h
-s2_srvr.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-s2_srvr.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-s2_srvr.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
-s2_srvr.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-s2_srvr.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-s2_srvr.o: ../include/openssl/err.h ../include/openssl/evp.h
-s2_srvr.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-s2_srvr.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-s2_srvr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-s2_srvr.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-s2_srvr.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s2_srvr.o: ../include/openssl/rand.h ../include/openssl/rsa.h
-s2_srvr.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-s2_srvr.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-s2_srvr.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-s2_srvr.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-s2_srvr.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-s2_srvr.o: ../include/openssl/x509_vfy.h s2_srvr.c ssl_locl.h
-s3_both.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-s3_both.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-s3_both.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
-s3_both.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-s3_both.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-s3_both.o: ../include/openssl/err.h ../include/openssl/evp.h
-s3_both.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-s3_both.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-s3_both.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-s3_both.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-s3_both.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s3_both.o: ../include/openssl/rand.h ../include/openssl/rsa.h
-s3_both.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-s3_both.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-s3_both.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-s3_both.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-s3_both.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-s3_both.o: ../include/openssl/x509_vfy.h s3_both.c ssl_locl.h
-s3_clnt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-s3_clnt.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-s3_clnt.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-s3_clnt.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-s3_clnt.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-s3_clnt.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-s3_clnt.o: ../include/openssl/err.h ../include/openssl/evp.h
-s3_clnt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-s3_clnt.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h
-s3_clnt.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-s3_clnt.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-s3_clnt.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-s3_clnt.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-s3_clnt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-s3_clnt.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-s3_clnt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-s3_clnt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-s3_clnt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-s3_clnt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h kssl_lcl.h
-s3_clnt.o: s3_clnt.c ssl_locl.h
-s3_enc.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-s3_enc.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-s3_enc.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
-s3_enc.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-s3_enc.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-s3_enc.o: ../include/openssl/err.h ../include/openssl/evp.h
-s3_enc.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-s3_enc.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h
-s3_enc.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-s3_enc.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-s3_enc.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-s3_enc.o: ../include/openssl/pkcs7.h ../include/openssl/rsa.h
-s3_enc.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-s3_enc.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-s3_enc.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-s3_enc.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-s3_enc.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-s3_enc.o: ../include/openssl/x509_vfy.h s3_enc.c ssl_locl.h
-s3_lib.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-s3_lib.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-s3_lib.o: ../include/openssl/crypto.h ../include/openssl/dh.h
-s3_lib.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-s3_lib.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-s3_lib.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
-s3_lib.o: ../include/openssl/evp.h ../include/openssl/kssl.h
-s3_lib.o: ../include/openssl/lhash.h ../include/openssl/md5.h
-s3_lib.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-s3_lib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-s3_lib.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-s3_lib.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s3_lib.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-s3_lib.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-s3_lib.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-s3_lib.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-s3_lib.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-s3_lib.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h kssl_lcl.h
-s3_lib.o: s3_lib.c ssl_locl.h
-s3_meth.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-s3_meth.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-s3_meth.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
-s3_meth.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-s3_meth.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-s3_meth.o: ../include/openssl/err.h ../include/openssl/evp.h
-s3_meth.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-s3_meth.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-s3_meth.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-s3_meth.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-s3_meth.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s3_meth.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-s3_meth.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-s3_meth.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-s3_meth.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-s3_meth.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-s3_meth.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s3_meth.c
-s3_meth.o: ssl_locl.h
-s3_pkt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-s3_pkt.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-s3_pkt.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
-s3_pkt.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-s3_pkt.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-s3_pkt.o: ../include/openssl/err.h ../include/openssl/evp.h
-s3_pkt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-s3_pkt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-s3_pkt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-s3_pkt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-s3_pkt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s3_pkt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-s3_pkt.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-s3_pkt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-s3_pkt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-s3_pkt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-s3_pkt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s3_pkt.c
-s3_pkt.o: ssl_locl.h
-s3_srvr.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-s3_srvr.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-s3_srvr.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-s3_srvr.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-s3_srvr.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-s3_srvr.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-s3_srvr.o: ../include/openssl/err.h ../include/openssl/evp.h
-s3_srvr.o: ../include/openssl/krb5_asn.h ../include/openssl/kssl.h
-s3_srvr.o: ../include/openssl/lhash.h ../include/openssl/md5.h
-s3_srvr.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-s3_srvr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-s3_srvr.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-s3_srvr.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s3_srvr.o: ../include/openssl/rand.h ../include/openssl/rsa.h
-s3_srvr.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-s3_srvr.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-s3_srvr.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-s3_srvr.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-s3_srvr.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-s3_srvr.o: ../include/openssl/x509_vfy.h kssl_lcl.h s3_srvr.c ssl_locl.h
-ssl_algs.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-ssl_algs.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-ssl_algs.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
-ssl_algs.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-ssl_algs.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-ssl_algs.o: ../include/openssl/err.h ../include/openssl/evp.h
-ssl_algs.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-ssl_algs.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-ssl_algs.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-ssl_algs.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-ssl_algs.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-ssl_algs.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-ssl_algs.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-ssl_algs.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-ssl_algs.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-ssl_algs.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-ssl_algs.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_algs.c
-ssl_algs.o: ssl_locl.h
-ssl_asn1.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/asn1_mac.h
-ssl_asn1.o: ../include/openssl/bio.h ../include/openssl/buffer.h
-ssl_asn1.o: ../include/openssl/comp.h ../include/openssl/crypto.h
-ssl_asn1.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-ssl_asn1.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-ssl_asn1.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
-ssl_asn1.o: ../include/openssl/evp.h ../include/openssl/kssl.h
-ssl_asn1.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-ssl_asn1.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-ssl_asn1.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-ssl_asn1.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-ssl_asn1.o: ../include/openssl/pkcs7.h ../include/openssl/rsa.h
-ssl_asn1.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-ssl_asn1.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-ssl_asn1.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-ssl_asn1.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-ssl_asn1.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-ssl_asn1.o: ../include/openssl/x509_vfy.h ssl_asn1.c ssl_locl.h
-ssl_cert.o: ../crypto/o_dir.h ../e_os.h ../include/openssl/asn1.h
-ssl_cert.o: ../include/openssl/bio.h ../include/openssl/bn.h
-ssl_cert.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-ssl_cert.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-ssl_cert.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-ssl_cert.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-ssl_cert.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-ssl_cert.o: ../include/openssl/err.h ../include/openssl/evp.h
-ssl_cert.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-ssl_cert.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-ssl_cert.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-ssl_cert.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-ssl_cert.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-ssl_cert.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-ssl_cert.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-ssl_cert.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-ssl_cert.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-ssl_cert.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-ssl_cert.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
-ssl_cert.o: ../include/openssl/x509v3.h ssl_cert.c ssl_locl.h
-ssl_ciph.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-ssl_ciph.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-ssl_ciph.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
-ssl_ciph.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-ssl_ciph.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-ssl_ciph.o: ../include/openssl/err.h ../include/openssl/evp.h
-ssl_ciph.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-ssl_ciph.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-ssl_ciph.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-ssl_ciph.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-ssl_ciph.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-ssl_ciph.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-ssl_ciph.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-ssl_ciph.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-ssl_ciph.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-ssl_ciph.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-ssl_ciph.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_ciph.c
-ssl_ciph.o: ssl_locl.h
-ssl_err.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-ssl_err.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-ssl_err.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-ssl_err.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-ssl_err.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
-ssl_err.o: ../include/openssl/evp.h ../include/openssl/kssl.h
-ssl_err.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-ssl_err.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-ssl_err.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-ssl_err.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-ssl_err.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
-ssl_err.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-ssl_err.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-ssl_err.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-ssl_err.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-ssl_err.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_err.c
-ssl_err2.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-ssl_err2.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-ssl_err2.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-ssl_err2.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-ssl_err2.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
-ssl_err2.o: ../include/openssl/evp.h ../include/openssl/kssl.h
-ssl_err2.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-ssl_err2.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-ssl_err2.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-ssl_err2.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-ssl_err2.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
-ssl_err2.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-ssl_err2.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-ssl_err2.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-ssl_err2.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-ssl_err2.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_err2.c
-ssl_lib.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-ssl_lib.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-ssl_lib.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-ssl_lib.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-ssl_lib.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-ssl_lib.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-ssl_lib.o: ../include/openssl/err.h ../include/openssl/evp.h
-ssl_lib.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-ssl_lib.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-ssl_lib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-ssl_lib.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-ssl_lib.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-ssl_lib.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-ssl_lib.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-ssl_lib.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-ssl_lib.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-ssl_lib.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-ssl_lib.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
-ssl_lib.o: ../include/openssl/x509v3.h kssl_lcl.h ssl_lib.c ssl_locl.h
-ssl_rsa.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-ssl_rsa.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-ssl_rsa.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
-ssl_rsa.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-ssl_rsa.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-ssl_rsa.o: ../include/openssl/err.h ../include/openssl/evp.h
-ssl_rsa.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-ssl_rsa.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-ssl_rsa.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-ssl_rsa.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-ssl_rsa.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-ssl_rsa.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-ssl_rsa.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-ssl_rsa.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-ssl_rsa.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-ssl_rsa.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-ssl_rsa.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
-ssl_rsa.o: ssl_rsa.c
-ssl_sess.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-ssl_sess.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-ssl_sess.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
-ssl_sess.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-ssl_sess.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-ssl_sess.o: ../include/openssl/err.h ../include/openssl/evp.h
-ssl_sess.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-ssl_sess.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-ssl_sess.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-ssl_sess.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-ssl_sess.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-ssl_sess.o: ../include/openssl/rand.h ../include/openssl/rsa.h
-ssl_sess.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-ssl_sess.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-ssl_sess.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-ssl_sess.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-ssl_sess.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-ssl_sess.o: ../include/openssl/x509_vfy.h ssl_locl.h ssl_sess.c
-ssl_stat.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-ssl_stat.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-ssl_stat.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
-ssl_stat.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-ssl_stat.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-ssl_stat.o: ../include/openssl/err.h ../include/openssl/evp.h
-ssl_stat.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-ssl_stat.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-ssl_stat.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-ssl_stat.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-ssl_stat.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-ssl_stat.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-ssl_stat.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-ssl_stat.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-ssl_stat.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-ssl_stat.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-ssl_stat.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
-ssl_stat.o: ssl_stat.c
-ssl_txt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-ssl_txt.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-ssl_txt.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
-ssl_txt.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-ssl_txt.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-ssl_txt.o: ../include/openssl/err.h ../include/openssl/evp.h
-ssl_txt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-ssl_txt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-ssl_txt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-ssl_txt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-ssl_txt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-ssl_txt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-ssl_txt.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-ssl_txt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-ssl_txt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-ssl_txt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-ssl_txt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
-ssl_txt.o: ssl_txt.c
-t1_clnt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-t1_clnt.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-t1_clnt.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
-t1_clnt.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-t1_clnt.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-t1_clnt.o: ../include/openssl/err.h ../include/openssl/evp.h
-t1_clnt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-t1_clnt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-t1_clnt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-t1_clnt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-t1_clnt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-t1_clnt.o: ../include/openssl/rand.h ../include/openssl/rsa.h
-t1_clnt.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-t1_clnt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-t1_clnt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-t1_clnt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-t1_clnt.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-t1_clnt.o: ../include/openssl/x509_vfy.h ssl_locl.h t1_clnt.c
-t1_enc.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-t1_enc.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-t1_enc.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
-t1_enc.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-t1_enc.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-t1_enc.o: ../include/openssl/err.h ../include/openssl/evp.h
-t1_enc.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
-t1_enc.o: ../include/openssl/lhash.h ../include/openssl/md5.h
-t1_enc.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-t1_enc.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-t1_enc.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-t1_enc.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-t1_enc.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-t1_enc.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-t1_enc.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-t1_enc.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-t1_enc.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-t1_enc.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
-t1_enc.o: t1_enc.c
-t1_lib.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-t1_lib.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-t1_lib.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
-t1_lib.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-t1_lib.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-t1_lib.o: ../include/openssl/err.h ../include/openssl/evp.h
-t1_lib.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-t1_lib.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-t1_lib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-t1_lib.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-t1_lib.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-t1_lib.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-t1_lib.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-t1_lib.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-t1_lib.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-t1_lib.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-t1_lib.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
-t1_lib.o: t1_lib.c
-t1_meth.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-t1_meth.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-t1_meth.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
-t1_meth.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-t1_meth.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-t1_meth.o: ../include/openssl/err.h ../include/openssl/evp.h
-t1_meth.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-t1_meth.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-t1_meth.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-t1_meth.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-t1_meth.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-t1_meth.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-t1_meth.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-t1_meth.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-t1_meth.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-t1_meth.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
-t1_meth.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
-t1_meth.o: t1_meth.c
-t1_srvr.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-t1_srvr.o: ../include/openssl/buffer.h ../include/openssl/comp.h
-t1_srvr.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
-t1_srvr.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-t1_srvr.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-t1_srvr.o: ../include/openssl/err.h ../include/openssl/evp.h
-t1_srvr.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-t1_srvr.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-t1_srvr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-t1_srvr.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-t1_srvr.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-t1_srvr.o: ../include/openssl/rand.h ../include/openssl/rsa.h
-t1_srvr.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-t1_srvr.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-t1_srvr.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-t1_srvr.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-t1_srvr.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-t1_srvr.o: ../include/openssl/x509_vfy.h ssl_locl.h t1_srvr.c
diff --git a/ssl/bio_ssl.c b/ssl/bio_ssl.c
index d683ee43e1..af319af302 100644
--- a/ssl/bio_ssl.c
+++ b/ssl/bio_ssl.c
@@ -398,17 +398,19 @@ static long ssl_ctrl(BIO *b, int cmd, long num, void *ptr)
 			}
 		break;
 	case BIO_CTRL_POP:
-		/* ugly bit of a hack */
-		if (ssl->rbio != ssl->wbio) /* we are in trouble :-( */
+		/* Only detach if we are the BIO explicitly being popped */
+		if (b == ptr)
 			{
-			BIO_free_all(ssl->wbio);
-			}
-		if (b->next_bio != NULL)
-			{
-			CRYPTO_add(&b->next_bio->references,1,CRYPTO_LOCK_BIO);
+			/* Shouldn't happen in practice because the
+			 * rbio and wbio are the same when pushed.
+			 */
+			if (ssl->rbio != ssl->wbio)
+				BIO_free_all(ssl->wbio);
+			if (b->next_bio != NULL)
+				CRYPTO_add(&b->next_bio->references,-1,CRYPTO_LOCK_BIO);
+			ssl->wbio=NULL;
+			ssl->rbio=NULL;
 			}
-		ssl->wbio=NULL;
-		ssl->rbio=NULL;
 		break;
 	case BIO_C_DO_STATE_MACHINE:
 		BIO_clear_retry_flags(b);
@@ -456,7 +458,7 @@ static long ssl_ctrl(BIO *b, int cmd, long num, void *ptr)
 	case BIO_CTRL_SET_CALLBACK:
 		{
 #if 0 /* FIXME: Should this be used?  -- Richard Levitte */
-		BIOerr(SSL_F_SSL_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+		SSLerr(SSL_F_SSL_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
 		ret = -1;
 #else
 		ret=0;
@@ -465,9 +467,9 @@ static long ssl_ctrl(BIO *b, int cmd, long num, void *ptr)
 		break;
 	case BIO_CTRL_GET_CALLBACK:
 		{
-		void (**fptr)();
+		void (**fptr)(const SSL *xssl,int type,int val);
 
-		fptr=(void (**)())ptr;
+		fptr=(void (**)(const SSL *xssl,int type,int val))ptr;
 		*fptr=SSL_get_info_callback(ssl);
 		}
 		break;
@@ -543,7 +545,6 @@ BIO *BIO_new_ssl_connect(SSL_CTX *ctx)
 	return(ret);
 err:
 	if (con != NULL) BIO_free(con);
-	if (ret != NULL) BIO_free(ret);
 	return(NULL);
 	}
 
diff --git a/ssl/d1_both.c b/ssl/d1_both.c
new file mode 100644
index 0000000000..7ca3405efb
--- /dev/null
+++ b/ssl/d1_both.c
@@ -0,0 +1,1267 @@
+/* ssl/d1_both.c */
+/* 
+ * DTLS implementation written by Nagendra Modadugu
+ * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.  
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2005 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <limits.h>
+#include <string.h>
+#include <stdio.h>
+#include "ssl_locl.h"
+#include <openssl/buffer.h>
+#include <openssl/rand.h>
+#include <openssl/objects.h>
+#include <openssl/evp.h>
+#include <openssl/x509.h>
+
+
+/* XDTLS:  figure out the right values */
+static unsigned int g_probable_mtu[] = {1500 - 28, 512 - 28, 256 - 28};
+
+static unsigned int dtls1_min_mtu(void);
+static unsigned int dtls1_guess_mtu(unsigned int curr_mtu);
+static void dtls1_fix_message_header(SSL *s, unsigned long frag_off, 
+	unsigned long frag_len);
+static unsigned char *dtls1_write_message_header(SSL *s,
+	unsigned char *p);
+static void dtls1_set_message_header_int(SSL *s, unsigned char mt,
+	unsigned long len, unsigned short seq_num, unsigned long frag_off, 
+	unsigned long frag_len);
+static long dtls1_get_message_fragment(SSL *s, int st1, int stn, 
+	long max, int *ok);
+
+static hm_fragment *
+dtls1_hm_fragment_new(unsigned long frag_len)
+	{
+	hm_fragment *frag = NULL;
+	unsigned char *buf = NULL;
+
+	frag = (hm_fragment *)OPENSSL_malloc(sizeof(hm_fragment));
+	if ( frag == NULL)
+		return NULL;
+
+	if (frag_len)
+		{
+		buf = (unsigned char *)OPENSSL_malloc(frag_len);
+		if ( buf == NULL)
+			{
+			OPENSSL_free(frag);
+			return NULL;
+			}
+		}
+
+	/* zero length fragment gets zero frag->fragment */
+	frag->fragment = buf;
+
+	return frag;
+	}
+
+static void
+dtls1_hm_fragment_free(hm_fragment *frag)
+	{
+	if (frag->fragment) OPENSSL_free(frag->fragment);
+	OPENSSL_free(frag);
+	}
+
+/* send s->init_buf in records of type 'type' (SSL3_RT_HANDSHAKE or SSL3_RT_CHANGE_CIPHER_SPEC) */
+int dtls1_do_write(SSL *s, int type)
+	{
+	int ret;
+	int curr_mtu;
+	unsigned int len, frag_off, mac_size, blocksize;
+
+	/* AHA!  Figure out the MTU, and stick to the right size */
+	if ( ! (SSL_get_options(s) & SSL_OP_NO_QUERY_MTU))
+		{
+		s->d1->mtu = 
+			BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_QUERY_MTU, 0, NULL);
+
+		/* I've seen the kernel return bogus numbers when it doesn't know
+		 * (initial write), so just make sure we have a reasonable number */
+		if ( s->d1->mtu < dtls1_min_mtu())
+			{
+			s->d1->mtu = 0;
+			s->d1->mtu = dtls1_guess_mtu(s->d1->mtu);
+			BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SET_MTU, 
+				s->d1->mtu, NULL);
+			}
+		}
+#if 0 
+	mtu = s->d1->mtu;
+
+	fprintf(stderr, "using MTU = %d\n", mtu);
+
+	mtu -= (DTLS1_HM_HEADER_LENGTH + DTLS1_RT_HEADER_LENGTH);
+
+	curr_mtu = mtu - BIO_wpending(SSL_get_wbio(s));
+
+	if ( curr_mtu > 0)
+		mtu = curr_mtu;
+	else if ( ( ret = BIO_flush(SSL_get_wbio(s))) <= 0)
+		return ret;
+
+	if ( BIO_wpending(SSL_get_wbio(s)) + s->init_num >= mtu)
+		{
+		ret = BIO_flush(SSL_get_wbio(s));
+		if ( ret <= 0)
+			return ret;
+		mtu = s->d1->mtu - (DTLS1_HM_HEADER_LENGTH + DTLS1_RT_HEADER_LENGTH);
+		}
+
+	OPENSSL_assert(mtu > 0);  /* should have something reasonable now */
+
+#endif
+
+	if ( s->init_off == 0  && type == SSL3_RT_HANDSHAKE)
+		OPENSSL_assert(s->init_num == 
+			(int)s->d1->w_msg_hdr.msg_len + DTLS1_HM_HEADER_LENGTH);
+
+	if (s->write_hash)
+		mac_size = EVP_MD_CTX_size(s->write_hash);
+	else
+		mac_size = 0;
+
+	if (s->enc_write_ctx && 
+		(EVP_CIPHER_mode( s->enc_write_ctx->cipher) & EVP_CIPH_CBC_MODE))
+		blocksize = 2 * EVP_CIPHER_block_size(s->enc_write_ctx->cipher);
+	else
+		blocksize = 0;
+
+	frag_off = 0;
+	while( s->init_num)
+		{
+		curr_mtu = s->d1->mtu - BIO_wpending(SSL_get_wbio(s)) - 
+			DTLS1_RT_HEADER_LENGTH - mac_size - blocksize;
+
+		if ( curr_mtu <= DTLS1_HM_HEADER_LENGTH)
+			{
+			/* grr.. we could get an error if MTU picked was wrong */
+			ret = BIO_flush(SSL_get_wbio(s));
+			if ( ret <= 0)
+				return ret;
+			curr_mtu = s->d1->mtu - DTLS1_RT_HEADER_LENGTH -
+				mac_size - blocksize;
+			}
+
+		if ( s->init_num > curr_mtu)
+			len = curr_mtu;
+		else
+			len = s->init_num;
+
+
+		/* XDTLS: this function is too long.  split out the CCS part */
+		if ( type == SSL3_RT_HANDSHAKE)
+			{
+			if ( s->init_off != 0)
+				{
+				OPENSSL_assert(s->init_off > DTLS1_HM_HEADER_LENGTH);
+				s->init_off -= DTLS1_HM_HEADER_LENGTH;
+				s->init_num += DTLS1_HM_HEADER_LENGTH;
+
+				/* write atleast DTLS1_HM_HEADER_LENGTH bytes */
+				if ( len <= DTLS1_HM_HEADER_LENGTH)  
+					len += DTLS1_HM_HEADER_LENGTH;
+				}
+
+			dtls1_fix_message_header(s, frag_off, 
+				len - DTLS1_HM_HEADER_LENGTH);
+
+			dtls1_write_message_header(s, (unsigned char *)&s->init_buf->data[s->init_off]);
+
+			OPENSSL_assert(len >= DTLS1_HM_HEADER_LENGTH);
+			}
+
+		ret=dtls1_write_bytes(s,type,&s->init_buf->data[s->init_off],
+			len);
+		if (ret < 0)
+			{
+			/* might need to update MTU here, but we don't know
+			 * which previous packet caused the failure -- so can't
+			 * really retransmit anything.  continue as if everything
+			 * is fine and wait for an alert to handle the
+			 * retransmit 
+			 */
+			if ( BIO_ctrl(SSL_get_wbio(s),
+				BIO_CTRL_DGRAM_MTU_EXCEEDED, 0, NULL) > 0 )
+				s->d1->mtu = BIO_ctrl(SSL_get_wbio(s),
+					BIO_CTRL_DGRAM_QUERY_MTU, 0, NULL);
+			else
+				return(-1);
+			}
+		else
+			{
+
+			/* bad if this assert fails, only part of the handshake
+			 * message got sent.  but why would this happen? */
+			OPENSSL_assert(len == (unsigned int)ret);
+
+			if (type == SSL3_RT_HANDSHAKE && ! s->d1->retransmitting)
+				{
+				/* should not be done for 'Hello Request's, but in that case
+				 * we'll ignore the result anyway */
+				unsigned char *p = (unsigned char *)&s->init_buf->data[s->init_off];
+				const struct hm_header_st *msg_hdr = &s->d1->w_msg_hdr;
+				int xlen;
+
+				if (frag_off == 0 && s->version != DTLS1_BAD_VER)
+					{
+					/* reconstruct message header is if it
+					 * is being sent in single fragment */
+					*p++ = msg_hdr->type;
+					l2n3(msg_hdr->msg_len,p);
+					s2n (msg_hdr->seq,p);
+					l2n3(0,p);
+					l2n3(msg_hdr->msg_len,p);
+					p  -= DTLS1_HM_HEADER_LENGTH;
+					xlen = ret;
+					}
+				else
+					{
+					p  += DTLS1_HM_HEADER_LENGTH;
+					xlen = ret - DTLS1_HM_HEADER_LENGTH;
+					}
+
+				ssl3_finish_mac(s, p, xlen);
+				}
+
+			if (ret == s->init_num)
+				{
+				if (s->msg_callback)
+					s->msg_callback(1, s->version, type, s->init_buf->data, 
+						(size_t)(s->init_off + s->init_num), s, 
+						s->msg_callback_arg);
+
+				s->init_off = 0;  /* done writing this message */
+				s->init_num = 0;
+
+				return(1);
+				}
+			s->init_off+=ret;
+			s->init_num-=ret;
+			frag_off += (ret -= DTLS1_HM_HEADER_LENGTH);
+			}
+		}
+	return(0);
+	}
+
+
+/* Obtain handshake message of message type 'mt' (any if mt == -1),
+ * maximum acceptable body length 'max'.
+ * Read an entire handshake message.  Handshake messages arrive in
+ * fragments.
+ */
+long dtls1_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok)
+	{
+	int i, al;
+	struct hm_header_st *msg_hdr;
+
+	/* s3->tmp is used to store messages that are unexpected, caused
+	 * by the absence of an optional handshake message */
+	if (s->s3->tmp.reuse_message)
+		{
+		s->s3->tmp.reuse_message=0;
+		if ((mt >= 0) && (s->s3->tmp.message_type != mt))
+			{
+			al=SSL_AD_UNEXPECTED_MESSAGE;
+			SSLerr(SSL_F_DTLS1_GET_MESSAGE,SSL_R_UNEXPECTED_MESSAGE);
+			goto f_err;
+			}
+		*ok=1;
+		s->init_msg = s->init_buf->data + DTLS1_HM_HEADER_LENGTH;
+		s->init_num = (int)s->s3->tmp.message_size;
+		return s->init_num;
+		}
+
+	msg_hdr = &s->d1->r_msg_hdr;
+	do
+		{
+		if ( msg_hdr->frag_off == 0)
+			{
+			/* s->d1->r_message_header.msg_len = 0; */
+			memset(msg_hdr, 0x00, sizeof(struct hm_header_st));
+			}
+
+		i = dtls1_get_message_fragment(s, st1, stn, max, ok);
+		if ( i == DTLS1_HM_BAD_FRAGMENT ||
+			i == DTLS1_HM_FRAGMENT_RETRY)  /* bad fragment received */
+			continue;
+		else if ( i <= 0 && !*ok)
+			return i;
+
+		/* Note that s->init_sum is used as a counter summing
+		 * up fragments' lengths: as soon as they sum up to
+		 * handshake packet length, we assume we have got all
+		 * the fragments. Overlapping fragments would cause
+		 * premature termination, so we don't expect overlaps.
+		 * Well, handling overlaps would require something more
+		 * drastic. Indeed, as it is now there is no way to
+		 * tell if out-of-order fragment from the middle was
+		 * the last. '>=' is the best/least we can do to control
+		 * the potential damage caused by malformed overlaps. */
+		if ((unsigned int)s->init_num >= msg_hdr->msg_len)
+			{
+			unsigned char *p = (unsigned char *)s->init_buf->data;
+			unsigned long msg_len = msg_hdr->msg_len;
+
+			/* reconstruct message header as if it was
+			 * sent in single fragment */
+			*(p++) = msg_hdr->type;
+			l2n3(msg_len,p);
+			s2n (msg_hdr->seq,p);
+			l2n3(0,p);
+			l2n3(msg_len,p);
+			if (s->version != DTLS1_BAD_VER) {
+				p       -= DTLS1_HM_HEADER_LENGTH;
+				msg_len += DTLS1_HM_HEADER_LENGTH;
+			}
+
+			ssl3_finish_mac(s, p, msg_len);
+			if (s->msg_callback)
+				s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE,
+					p, msg_len,
+					s, s->msg_callback_arg);
+
+			memset(msg_hdr, 0x00, sizeof(struct hm_header_st));
+
+			s->d1->handshake_read_seq++;
+			/* we just read a handshake message from the other side:
+			 * this means that we don't need to retransmit of the
+			 * buffered messages.  
+			 * XDTLS: may be able clear out this
+			 * buffer a little sooner (i.e if an out-of-order
+			 * handshake message/record is received at the record
+			 * layer.  
+			 * XDTLS: exception is that the server needs to
+			 * know that change cipher spec and finished messages
+			 * have been received by the client before clearing this
+			 * buffer.  this can simply be done by waiting for the
+			 * first data  segment, but is there a better way?  */
+			dtls1_clear_record_buffer(s);
+
+			s->init_msg = s->init_buf->data + DTLS1_HM_HEADER_LENGTH;
+			return s->init_num;
+			}
+		else
+			msg_hdr->frag_off = i;
+		} while(1) ;
+
+f_err:
+	ssl3_send_alert(s,SSL3_AL_FATAL,al);
+	*ok = 0;
+	return -1;
+	}
+
+
+static int dtls1_preprocess_fragment(SSL *s,struct hm_header_st *msg_hdr,int max)
+	{
+	size_t frag_off,frag_len,msg_len;
+
+	msg_len  = msg_hdr->msg_len;
+	frag_off = msg_hdr->frag_off;
+	frag_len = msg_hdr->frag_len;
+
+	/* sanity checking */
+	if ( (frag_off+frag_len) > msg_len)
+		{
+		SSLerr(SSL_F_DTLS1_PREPROCESS_FRAGMENT,SSL_R_EXCESSIVE_MESSAGE_SIZE);
+		return SSL_AD_ILLEGAL_PARAMETER;
+		}
+
+	if ( (frag_off+frag_len) > (unsigned long)max)
+		{
+		SSLerr(SSL_F_DTLS1_PREPROCESS_FRAGMENT,SSL_R_EXCESSIVE_MESSAGE_SIZE);
+		return SSL_AD_ILLEGAL_PARAMETER;
+		}
+
+	if ( s->d1->r_msg_hdr.frag_off == 0) /* first fragment */
+		{
+		/* msg_len is limited to 2^24, but is effectively checked
+		 * against max above */
+		if (!BUF_MEM_grow_clean(s->init_buf,msg_len+DTLS1_HM_HEADER_LENGTH))
+			{
+			SSLerr(SSL_F_DTLS1_PREPROCESS_FRAGMENT,ERR_R_BUF_LIB);
+			return SSL_AD_INTERNAL_ERROR;
+			}
+
+		s->s3->tmp.message_size  = msg_len;
+		s->d1->r_msg_hdr.msg_len = msg_len;
+		s->s3->tmp.message_type  = msg_hdr->type;
+		s->d1->r_msg_hdr.type    = msg_hdr->type;
+		s->d1->r_msg_hdr.seq     = msg_hdr->seq;
+		}
+	else if (msg_len != s->d1->r_msg_hdr.msg_len)
+		{
+		/* They must be playing with us! BTW, failure to enforce
+		 * upper limit would open possibility for buffer overrun. */
+		SSLerr(SSL_F_DTLS1_PREPROCESS_FRAGMENT,SSL_R_EXCESSIVE_MESSAGE_SIZE);
+		return SSL_AD_ILLEGAL_PARAMETER;
+		}
+
+	return 0; /* no error */
+	}
+
+
+static int
+dtls1_retrieve_buffered_fragment(SSL *s, long max, int *ok)
+	{
+	/* (0) check whether the desired fragment is available
+	 * if so:
+	 * (1) copy over the fragment to s->init_buf->data[]
+	 * (2) update s->init_num
+	 */
+	pitem *item;
+	hm_fragment *frag;
+	int al;
+
+	*ok = 0;
+	item = pqueue_peek(s->d1->buffered_messages);
+	if ( item == NULL)
+		return 0;
+
+	frag = (hm_fragment *)item->data;
+
+	if ( s->d1->handshake_read_seq == frag->msg_header.seq)
+		{
+		unsigned long frag_len = frag->msg_header.frag_len;
+		pqueue_pop(s->d1->buffered_messages);
+
+		al=dtls1_preprocess_fragment(s,&frag->msg_header,max);
+
+		if (al==0) /* no alert */
+			{
+			unsigned char *p = (unsigned char *)s->init_buf->data+DTLS1_HM_HEADER_LENGTH;
+			memcpy(&p[frag->msg_header.frag_off],
+				frag->fragment,frag->msg_header.frag_len);
+			}
+
+		dtls1_hm_fragment_free(frag);
+		pitem_free(item);
+
+		if (al==0)
+			{
+			*ok = 1;
+			return frag_len;
+			}
+
+		ssl3_send_alert(s,SSL3_AL_FATAL,al);
+		s->init_num = 0;
+		*ok = 0;
+		return -1;
+		}
+	else
+		return 0;
+	}
+
+
+static int
+dtls1_process_out_of_seq_message(SSL *s, struct hm_header_st* msg_hdr, int *ok)
+{
+	int i=-1;
+	hm_fragment *frag = NULL;
+	pitem *item = NULL;
+	unsigned char seq64be[8];
+	unsigned long frag_len = msg_hdr->frag_len;
+
+	if ((msg_hdr->frag_off+frag_len) > msg_hdr->msg_len)
+		goto err;
+
+	/* Try to find item in queue, to prevent duplicate entries */
+	memset(seq64be,0,sizeof(seq64be));
+	seq64be[6] = (unsigned char) (msg_hdr->seq>>8);
+	seq64be[7] = (unsigned char) msg_hdr->seq;
+	item = pqueue_find(s->d1->buffered_messages, seq64be);
+	
+	/* Discard the message if sequence number was already there, is
+	 * too far in the future, already in the queue or if we received
+	 * a FINISHED before the SERVER_HELLO, which then must be a stale
+	 * retransmit.
+	 */
+	if (msg_hdr->seq <= s->d1->handshake_read_seq ||
+		msg_hdr->seq > s->d1->handshake_read_seq + 10 || item != NULL ||
+		(s->d1->handshake_read_seq == 0 && msg_hdr->type == SSL3_MT_FINISHED))
+		{
+		unsigned char devnull [256];
+
+		while (frag_len)
+			{
+			i = s->method->ssl_read_bytes(s,SSL3_RT_HANDSHAKE,
+				devnull,
+				frag_len>sizeof(devnull)?sizeof(devnull):frag_len,0);
+			if (i<=0) goto err;
+			frag_len -= i;
+			}
+		}
+
+	if (frag_len)
+		{
+		frag = dtls1_hm_fragment_new(frag_len);
+		if ( frag == NULL)
+			goto err;
+
+		memcpy(&(frag->msg_header), msg_hdr, sizeof(*msg_hdr));
+
+		/* read the body of the fragment (header has already been read */
+		i = s->method->ssl_read_bytes(s,SSL3_RT_HANDSHAKE,
+			frag->fragment,frag_len,0);
+		if (i<=0 || (unsigned long)i!=frag_len)
+			goto err;
+
+		memset(seq64be,0,sizeof(seq64be));
+		seq64be[6] = (unsigned char)(msg_hdr->seq>>8);
+		seq64be[7] = (unsigned char)(msg_hdr->seq);
+
+		item = pitem_new(seq64be, frag);
+		if ( item == NULL)
+			goto err;
+
+		pqueue_insert(s->d1->buffered_messages, item);
+		}
+
+	return DTLS1_HM_FRAGMENT_RETRY;
+
+err:
+	if ( frag != NULL) dtls1_hm_fragment_free(frag);
+	if ( item != NULL) OPENSSL_free(item);
+	*ok = 0;
+	return i;
+	}
+
+
+static long
+dtls1_get_message_fragment(SSL *s, int st1, int stn, long max, int *ok)
+	{
+	unsigned char wire[DTLS1_HM_HEADER_LENGTH];
+	unsigned long l, frag_off, frag_len;
+	int i,al;
+	struct hm_header_st msg_hdr;
+
+	/* see if we have the required fragment already */
+	if ((frag_len = dtls1_retrieve_buffered_fragment(s,max,ok)) || *ok)
+		{
+		if (*ok)	s->init_num += frag_len;
+		return frag_len;
+		}
+
+	/* read handshake message header */
+	i=s->method->ssl_read_bytes(s,SSL3_RT_HANDSHAKE,wire,
+		DTLS1_HM_HEADER_LENGTH, 0);
+	if (i <= 0) 	/* nbio, or an error */
+		{
+		s->rwstate=SSL_READING;
+		*ok = 0;
+		return i;
+		}
+	OPENSSL_assert(i == DTLS1_HM_HEADER_LENGTH);
+
+	/* parse the message fragment header */
+	dtls1_get_message_header(wire, &msg_hdr);
+
+	/* 
+	 * if this is a future (or stale) message it gets buffered
+	 * (or dropped)--no further processing at this time 
+	 */
+	if ( msg_hdr.seq != s->d1->handshake_read_seq)
+		return dtls1_process_out_of_seq_message(s, &msg_hdr, ok);
+
+	l = msg_hdr.msg_len;
+	frag_off = msg_hdr.frag_off;
+	frag_len = msg_hdr.frag_len;
+
+	if (!s->server && s->d1->r_msg_hdr.frag_off == 0 &&
+		wire[0] == SSL3_MT_HELLO_REQUEST)
+		{
+		/* The server may always send 'Hello Request' messages --
+		 * we are doing a handshake anyway now, so ignore them
+		 * if their format is correct. Does not count for
+		 * 'Finished' MAC. */
+		if (wire[1] == 0 && wire[2] == 0 && wire[3] == 0)
+			{
+			if (s->msg_callback)
+				s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE, 
+					wire, DTLS1_HM_HEADER_LENGTH, s, 
+					s->msg_callback_arg);
+			
+			s->init_num = 0;
+			return dtls1_get_message_fragment(s, st1, stn,
+				max, ok);
+			}
+		else /* Incorrectly formated Hello request */
+			{
+			al=SSL_AD_UNEXPECTED_MESSAGE;
+			SSLerr(SSL_F_DTLS1_GET_MESSAGE_FRAGMENT,SSL_R_UNEXPECTED_MESSAGE);
+			goto f_err;
+			}
+		}
+
+	if ((al=dtls1_preprocess_fragment(s,&msg_hdr,max)))
+		goto f_err;
+
+	/* XDTLS:  ressurect this when restart is in place */
+	s->state=stn;
+
+	if ( frag_len > 0)
+		{
+		unsigned char *p=(unsigned char *)s->init_buf->data+DTLS1_HM_HEADER_LENGTH;
+
+		i=s->method->ssl_read_bytes(s,SSL3_RT_HANDSHAKE,
+			&p[frag_off],frag_len,0);
+		/* XDTLS:  fix this--message fragments cannot span multiple packets */
+		if (i <= 0)
+			{
+			s->rwstate=SSL_READING;
+			*ok = 0;
+			return i;
+			}
+		}
+	else
+		i = 0;
+
+	/* XDTLS:  an incorrectly formatted fragment should cause the 
+	 * handshake to fail */
+	OPENSSL_assert(i == (int)frag_len);
+
+	*ok = 1;
+
+	/* Note that s->init_num is *not* used as current offset in
+	 * s->init_buf->data, but as a counter summing up fragments'
+	 * lengths: as soon as they sum up to handshake packet
+	 * length, we assume we have got all the fragments. */
+	s->init_num += frag_len;
+	return frag_len;
+
+f_err:
+	ssl3_send_alert(s,SSL3_AL_FATAL,al);
+	s->init_num = 0;
+
+	*ok=0;
+	return(-1);
+	}
+
+int dtls1_send_finished(SSL *s, int a, int b, const char *sender, int slen)
+	{
+	unsigned char *p,*d;
+	int i;
+	unsigned long l;
+
+	if (s->state == a)
+		{
+		d=(unsigned char *)s->init_buf->data;
+		p= &(d[DTLS1_HM_HEADER_LENGTH]);
+
+		i=s->method->ssl3_enc->final_finish_mac(s,
+			sender,slen,s->s3->tmp.finish_md);
+		s->s3->tmp.finish_md_len = i;
+		memcpy(p, s->s3->tmp.finish_md, i);
+		p+=i;
+		l=i;
+
+	/* Copy the finished so we can use it for
+	 * renegotiation checks
+	 */
+	if(s->type == SSL_ST_CONNECT)
+		{
+		OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
+		memcpy(s->s3->previous_client_finished, 
+		       s->s3->tmp.finish_md, i);
+		s->s3->previous_client_finished_len=i;
+		}
+	else
+		{
+		OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
+		memcpy(s->s3->previous_server_finished, 
+		       s->s3->tmp.finish_md, i);
+		s->s3->previous_server_finished_len=i;
+		}
+
+#ifdef OPENSSL_SYS_WIN16
+		/* MSVC 1.5 does not clear the top bytes of the word unless
+		 * I do this.
+		 */
+		l&=0xffff;
+#endif
+
+		d = dtls1_set_message_header(s, d, SSL3_MT_FINISHED, l, 0, l);
+		s->init_num=(int)l+DTLS1_HM_HEADER_LENGTH;
+		s->init_off=0;
+
+		/* buffer the message to handle re-xmits */
+		dtls1_buffer_message(s, 0);
+
+		s->state=b;
+		}
+
+	/* SSL3_ST_SEND_xxxxxx_HELLO_B */
+	return(dtls1_do_write(s,SSL3_RT_HANDSHAKE));
+	}
+
+/* for these 2 messages, we need to
+ * ssl->enc_read_ctx			re-init
+ * ssl->s3->read_sequence		zero
+ * ssl->s3->read_mac_secret		re-init
+ * ssl->session->read_sym_enc		assign
+ * ssl->session->read_compression	assign
+ * ssl->session->read_hash		assign
+ */
+int dtls1_send_change_cipher_spec(SSL *s, int a, int b)
+	{ 
+	unsigned char *p;
+
+	if (s->state == a)
+		{
+		p=(unsigned char *)s->init_buf->data;
+		*p++=SSL3_MT_CCS;
+		s->d1->handshake_write_seq = s->d1->next_handshake_write_seq;
+		s->init_num=DTLS1_CCS_HEADER_LENGTH;
+
+		if (s->version == DTLS1_BAD_VER) {
+			s->d1->next_handshake_write_seq++;
+			s2n(s->d1->handshake_write_seq,p);
+			s->init_num+=2;
+		}
+
+		s->init_off=0;
+
+		dtls1_set_message_header_int(s, SSL3_MT_CCS, 0, 
+			s->d1->handshake_write_seq, 0, 0);
+
+		/* buffer the message to handle re-xmits */
+		dtls1_buffer_message(s, 1);
+
+		s->state=b;
+		}
+
+	/* SSL3_ST_CW_CHANGE_B */
+	return(dtls1_do_write(s,SSL3_RT_CHANGE_CIPHER_SPEC));
+	}
+
+static int dtls1_add_cert_to_buf(BUF_MEM *buf, unsigned long *l, X509 *x)
+	{
+	int n;
+	unsigned char *p;
+
+	n=i2d_X509(x,NULL);
+	if (!BUF_MEM_grow_clean(buf,(int)(n+(*l)+3)))
+		{
+		SSLerr(SSL_F_DTLS1_ADD_CERT_TO_BUF,ERR_R_BUF_LIB);
+		return 0;
+		}
+	p=(unsigned char *)&(buf->data[*l]);
+	l2n3(n,p);
+	i2d_X509(x,&p);
+	*l+=n+3;
+
+	return 1;
+	}
+unsigned long dtls1_output_cert_chain(SSL *s, X509 *x)
+	{
+	unsigned char *p;
+	int i;
+	unsigned long l= 3 + DTLS1_HM_HEADER_LENGTH;
+	BUF_MEM *buf;
+
+	/* TLSv1 sends a chain with nothing in it, instead of an alert */
+	buf=s->init_buf;
+	if (!BUF_MEM_grow_clean(buf,10))
+		{
+		SSLerr(SSL_F_DTLS1_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB);
+		return(0);
+		}
+	if (x != NULL)
+		{
+		X509_STORE_CTX xs_ctx;
+
+		if (!X509_STORE_CTX_init(&xs_ctx,s->ctx->cert_store,x,NULL))
+  			{
+  			SSLerr(SSL_F_DTLS1_OUTPUT_CERT_CHAIN,ERR_R_X509_LIB);
+  			return(0);
+  			}
+  
+		X509_verify_cert(&xs_ctx);
+		for (i=0; i < sk_X509_num(xs_ctx.chain); i++)
+  			{
+			x = sk_X509_value(xs_ctx.chain, i);
+
+			if (!dtls1_add_cert_to_buf(buf, &l, x))
+  				{
+				X509_STORE_CTX_cleanup(&xs_ctx);
+				return 0;
+  				}
+  			}
+  		X509_STORE_CTX_cleanup(&xs_ctx);
+  		}
+  	/* Thawte special :-) */
+	for (i=0; i<sk_X509_num(s->ctx->extra_certs); i++)
+		{
+		x=sk_X509_value(s->ctx->extra_certs,i);
+		if (!dtls1_add_cert_to_buf(buf, &l, x))
+			return 0;
+		}
+
+	l-= (3 + DTLS1_HM_HEADER_LENGTH);
+
+	p=(unsigned char *)&(buf->data[DTLS1_HM_HEADER_LENGTH]);
+	l2n3(l,p);
+	l+=3;
+	p=(unsigned char *)&(buf->data[0]);
+	p = dtls1_set_message_header(s, p, SSL3_MT_CERTIFICATE, l, 0, l);
+
+	l+=DTLS1_HM_HEADER_LENGTH;
+	return(l);
+	}
+
+int dtls1_read_failed(SSL *s, int code)
+	{
+	if ( code > 0)
+		{
+		fprintf( stderr, "invalid state reached %s:%d", __FILE__, __LINE__);
+		return 1;
+		}
+
+	if (!dtls1_is_timer_expired(s))
+		{
+		/* not a timeout, none of our business, 
+		   let higher layers handle this.  in fact it's probably an error */
+		return code;
+		}
+
+	if ( ! SSL_in_init(s))  /* done, no need to send a retransmit */
+		{
+		BIO_set_flags(SSL_get_rbio(s), BIO_FLAGS_READ);
+		return code;
+		}
+
+#if 0 /* for now, each alert contains only one record number */
+	item = pqueue_peek(state->rcvd_records);
+	if ( item )
+		{
+		/* send an alert immediately for all the missing records */
+		}
+	else
+#endif
+
+#if 0  /* no more alert sending, just retransmit the last set of messages */
+	if ( state->timeout.read_timeouts >= DTLS1_TMO_READ_COUNT)
+		ssl3_send_alert(s,SSL3_AL_WARNING,
+			DTLS1_AD_MISSING_HANDSHAKE_MESSAGE);
+#endif
+
+	return dtls1_handle_timeout(s);
+	}
+
+int
+dtls1_get_queue_priority(unsigned short seq, int is_ccs)
+	{
+	/* The index of the retransmission queue actually is the message sequence number,
+	 * since the queue only contains messages of a single handshake. However, the
+	 * ChangeCipherSpec has no message sequence number and so using only the sequence
+	 * will result in the CCS and Finished having the same index. To prevent this,
+	 * the sequence number is multiplied by 2. In case of a CCS 1 is subtracted.
+	 * This does not only differ CSS and Finished, it also maintains the order of the
+	 * index (important for priority queues) and fits in the unsigned short variable.
+	 */	
+	return seq * 2 - is_ccs;
+	}
+
+int
+dtls1_retransmit_buffered_messages(SSL *s)
+	{
+	pqueue sent = s->d1->sent_messages;
+	piterator iter;
+	pitem *item;
+	hm_fragment *frag;
+	int found = 0;
+
+	iter = pqueue_iterator(sent);
+
+	for ( item = pqueue_next(&iter); item != NULL; item = pqueue_next(&iter))
+		{
+		frag = (hm_fragment *)item->data;
+			if ( dtls1_retransmit_message(s,
+				(unsigned short)dtls1_get_queue_priority(frag->msg_header.seq, frag->msg_header.is_ccs),
+				0, &found) <= 0 && found)
+			{
+			fprintf(stderr, "dtls1_retransmit_message() failed\n");
+			return -1;
+			}
+		}
+
+	return 1;
+	}
+
+int
+dtls1_buffer_message(SSL *s, int is_ccs)
+	{
+	pitem *item;
+	hm_fragment *frag;
+	unsigned char seq64be[8];
+
+	/* this function is called immediately after a message has 
+	 * been serialized */
+	OPENSSL_assert(s->init_off == 0);
+
+	frag = dtls1_hm_fragment_new(s->init_num);
+
+	memcpy(frag->fragment, s->init_buf->data, s->init_num);
+
+	if ( is_ccs)
+		{
+		OPENSSL_assert(s->d1->w_msg_hdr.msg_len + 
+			       ((s->version==DTLS1_VERSION)?DTLS1_CCS_HEADER_LENGTH:3) == (unsigned int)s->init_num);
+		}
+	else
+		{
+		OPENSSL_assert(s->d1->w_msg_hdr.msg_len + 
+			DTLS1_HM_HEADER_LENGTH == (unsigned int)s->init_num);
+		}
+
+	frag->msg_header.msg_len = s->d1->w_msg_hdr.msg_len;
+	frag->msg_header.seq = s->d1->w_msg_hdr.seq;
+	frag->msg_header.type = s->d1->w_msg_hdr.type;
+	frag->msg_header.frag_off = 0;
+	frag->msg_header.frag_len = s->d1->w_msg_hdr.msg_len;
+	frag->msg_header.is_ccs = is_ccs;
+
+	/* save current state*/
+	frag->msg_header.saved_retransmit_state.enc_write_ctx = s->enc_write_ctx;
+	frag->msg_header.saved_retransmit_state.write_hash = s->write_hash;
+	frag->msg_header.saved_retransmit_state.compress = s->compress;
+	frag->msg_header.saved_retransmit_state.session = s->session;
+	frag->msg_header.saved_retransmit_state.epoch = s->d1->w_epoch;
+	
+	memset(seq64be,0,sizeof(seq64be));
+	seq64be[6] = (unsigned char)(dtls1_get_queue_priority(frag->msg_header.seq,
+														  frag->msg_header.is_ccs)>>8);
+	seq64be[7] = (unsigned char)(dtls1_get_queue_priority(frag->msg_header.seq,
+														  frag->msg_header.is_ccs));
+
+	item = pitem_new(seq64be, frag);
+	if ( item == NULL)
+		{
+		dtls1_hm_fragment_free(frag);
+		return 0;
+		}
+
+#if 0
+	fprintf( stderr, "buffered messge: \ttype = %xx\n", msg_buf->type);
+	fprintf( stderr, "\t\t\t\t\tlen = %d\n", msg_buf->len);
+	fprintf( stderr, "\t\t\t\t\tseq_num = %d\n", msg_buf->seq_num);
+#endif
+
+	pqueue_insert(s->d1->sent_messages, item);
+	return 1;
+	}
+
+int
+dtls1_retransmit_message(SSL *s, unsigned short seq, unsigned long frag_off,
+	int *found)
+	{
+	int ret;
+	/* XDTLS: for now assuming that read/writes are blocking */
+	pitem *item;
+	hm_fragment *frag ;
+	unsigned long header_length;
+	unsigned char seq64be[8];
+	struct dtls1_retransmit_state saved_state;
+	unsigned char save_write_sequence[8];
+
+	/*
+	  OPENSSL_assert(s->init_num == 0);
+	  OPENSSL_assert(s->init_off == 0);
+	 */
+
+	/* XDTLS:  the requested message ought to be found, otherwise error */
+	memset(seq64be,0,sizeof(seq64be));
+	seq64be[6] = (unsigned char)(seq>>8);
+	seq64be[7] = (unsigned char)seq;
+
+	item = pqueue_find(s->d1->sent_messages, seq64be);
+	if ( item == NULL)
+		{
+		fprintf(stderr, "retransmit:  message %d non-existant\n", seq);
+		*found = 0;
+		return 0;
+		}
+
+	*found = 1;
+	frag = (hm_fragment *)item->data;
+
+	if ( frag->msg_header.is_ccs)
+		header_length = DTLS1_CCS_HEADER_LENGTH;
+	else
+		header_length = DTLS1_HM_HEADER_LENGTH;
+
+	memcpy(s->init_buf->data, frag->fragment, 
+		frag->msg_header.msg_len + header_length);
+		s->init_num = frag->msg_header.msg_len + header_length;
+
+	dtls1_set_message_header_int(s, frag->msg_header.type, 
+		frag->msg_header.msg_len, frag->msg_header.seq, 0, 
+		frag->msg_header.frag_len);
+
+	/* save current state */
+	saved_state.enc_write_ctx = s->enc_write_ctx;
+	saved_state.write_hash = s->write_hash;
+	saved_state.compress = s->compress;
+	saved_state.session = s->session;
+	saved_state.epoch = s->d1->w_epoch;
+	saved_state.epoch = s->d1->w_epoch;
+	
+	s->d1->retransmitting = 1;
+	
+	/* restore state in which the message was originally sent */
+	s->enc_write_ctx = frag->msg_header.saved_retransmit_state.enc_write_ctx;
+	s->write_hash = frag->msg_header.saved_retransmit_state.write_hash;
+	s->compress = frag->msg_header.saved_retransmit_state.compress;
+	s->session = frag->msg_header.saved_retransmit_state.session;
+	s->d1->w_epoch = frag->msg_header.saved_retransmit_state.epoch;
+	
+	if (frag->msg_header.saved_retransmit_state.epoch == saved_state.epoch - 1)
+	{
+		memcpy(save_write_sequence, s->s3->write_sequence, sizeof(s->s3->write_sequence));
+		memcpy(s->s3->write_sequence, s->d1->last_write_sequence, sizeof(s->s3->write_sequence));
+	}
+	
+	ret = dtls1_do_write(s, frag->msg_header.is_ccs ? 
+						 SSL3_RT_CHANGE_CIPHER_SPEC : SSL3_RT_HANDSHAKE);
+	
+	/* restore current state */
+	s->enc_write_ctx = saved_state.enc_write_ctx;
+	s->write_hash = saved_state.write_hash;
+	s->compress = saved_state.compress;
+	s->session = saved_state.session;
+	s->d1->w_epoch = saved_state.epoch;
+	
+	if (frag->msg_header.saved_retransmit_state.epoch == saved_state.epoch - 1)
+	{
+		memcpy(s->d1->last_write_sequence, s->s3->write_sequence, sizeof(s->s3->write_sequence));
+		memcpy(s->s3->write_sequence, save_write_sequence, sizeof(s->s3->write_sequence));
+	}
+
+	s->d1->retransmitting = 0;
+
+	(void)BIO_flush(SSL_get_wbio(s));
+	return ret;
+	}
+
+/* call this function when the buffered messages are no longer needed */
+void
+dtls1_clear_record_buffer(SSL *s)
+	{
+	pitem *item;
+
+	for(item = pqueue_pop(s->d1->sent_messages);
+		item != NULL; item = pqueue_pop(s->d1->sent_messages))
+		{
+		dtls1_hm_fragment_free((hm_fragment *)item->data);
+		pitem_free(item);
+		}
+	}
+
+
+unsigned char *
+dtls1_set_message_header(SSL *s, unsigned char *p, unsigned char mt,
+			unsigned long len, unsigned long frag_off, unsigned long frag_len)
+	{
+	if ( frag_off == 0)
+		{
+		s->d1->handshake_write_seq = s->d1->next_handshake_write_seq;
+		s->d1->next_handshake_write_seq++;
+		}
+
+	dtls1_set_message_header_int(s, mt, len, s->d1->handshake_write_seq,
+		frag_off, frag_len);
+
+	return p += DTLS1_HM_HEADER_LENGTH;
+	}
+
+
+/* don't actually do the writing, wait till the MTU has been retrieved */
+static void
+dtls1_set_message_header_int(SSL *s, unsigned char mt,
+			    unsigned long len, unsigned short seq_num, unsigned long frag_off,
+			    unsigned long frag_len)
+	{
+	struct hm_header_st *msg_hdr = &s->d1->w_msg_hdr;
+
+	msg_hdr->type = mt;
+	msg_hdr->msg_len = len;
+	msg_hdr->seq = seq_num;
+	msg_hdr->frag_off = frag_off;
+	msg_hdr->frag_len = frag_len;
+	}
+
+static void
+dtls1_fix_message_header(SSL *s, unsigned long frag_off,
+			unsigned long frag_len)
+	{
+	struct hm_header_st *msg_hdr = &s->d1->w_msg_hdr;
+
+	msg_hdr->frag_off = frag_off;
+	msg_hdr->frag_len = frag_len;
+	}
+
+static unsigned char *
+dtls1_write_message_header(SSL *s, unsigned char *p)
+	{
+	struct hm_header_st *msg_hdr = &s->d1->w_msg_hdr;
+
+	*p++ = msg_hdr->type;
+	l2n3(msg_hdr->msg_len, p);
+
+	s2n(msg_hdr->seq, p);
+	l2n3(msg_hdr->frag_off, p);
+	l2n3(msg_hdr->frag_len, p);
+
+	return p;
+	}
+
+static unsigned int 
+dtls1_min_mtu(void)
+	{
+	return (g_probable_mtu[(sizeof(g_probable_mtu) / 
+		sizeof(g_probable_mtu[0])) - 1]);
+	}
+
+static unsigned int 
+dtls1_guess_mtu(unsigned int curr_mtu)
+	{
+	unsigned int i;
+
+	if ( curr_mtu == 0 )
+		return g_probable_mtu[0] ;
+
+	for ( i = 0; i < sizeof(g_probable_mtu)/sizeof(g_probable_mtu[0]); i++)
+		if ( curr_mtu > g_probable_mtu[i])
+			return g_probable_mtu[i];
+
+	return curr_mtu;
+	}
+
+void
+dtls1_get_message_header(unsigned char *data, struct hm_header_st *msg_hdr)
+	{
+	memset(msg_hdr, 0x00, sizeof(struct hm_header_st));
+	msg_hdr->type = *(data++);
+	n2l3(data, msg_hdr->msg_len);
+
+	n2s(data, msg_hdr->seq);
+	n2l3(data, msg_hdr->frag_off);
+	n2l3(data, msg_hdr->frag_len);
+	}
+
+void
+dtls1_get_ccs_header(unsigned char *data, struct ccs_header_st *ccs_hdr)
+	{
+	memset(ccs_hdr, 0x00, sizeof(struct ccs_header_st));
+
+	ccs_hdr->type = *(data++);
+	}
diff --git a/ssl/d1_clnt.c b/ssl/d1_clnt.c
new file mode 100644
index 0000000000..5bc9eb6603
--- /dev/null
+++ b/ssl/d1_clnt.c
@@ -0,0 +1,1534 @@
+/* ssl/d1_clnt.c */
+/* 
+ * DTLS implementation written by Nagendra Modadugu
+ * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.  
+ */
+/* ====================================================================
+ * Copyright (c) 1999-2007 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "ssl_locl.h"
+#ifndef OPENSSL_NO_KRB5
+#include "kssl_lcl.h"
+#endif
+#include <openssl/buffer.h>
+#include <openssl/rand.h>
+#include <openssl/objects.h>
+#include <openssl/evp.h>
+#include <openssl/md5.h>
+#include <openssl/bn.h>
+#ifndef OPENSSL_NO_DH
+#include <openssl/dh.h>
+#endif
+
+static const SSL_METHOD *dtls1_get_client_method(int ver);
+static int dtls1_get_hello_verify(SSL *s);
+
+static const SSL_METHOD *dtls1_get_client_method(int ver)
+	{
+	if (ver == DTLS1_VERSION || ver == DTLS1_BAD_VER)
+		return(DTLSv1_client_method());
+	else
+		return(NULL);
+	}
+
+IMPLEMENT_dtls1_meth_func(DTLSv1_client_method,
+			ssl_undefined_function,
+			dtls1_connect,
+			dtls1_get_client_method)
+
+int dtls1_connect(SSL *s)
+	{
+	BUF_MEM *buf=NULL;
+	unsigned long Time=(unsigned long)time(NULL);
+	void (*cb)(const SSL *ssl,int type,int val)=NULL;
+	int ret= -1;
+	int new_state,state,skip=0;;
+
+	RAND_add(&Time,sizeof(Time),0);
+	ERR_clear_error();
+	clear_sys_error();
+
+	if (s->info_callback != NULL)
+		cb=s->info_callback;
+	else if (s->ctx->info_callback != NULL)
+		cb=s->ctx->info_callback;
+	
+	s->in_handshake++;
+	if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s); 
+
+	for (;;)
+		{
+		state=s->state;
+
+		switch(s->state)
+			{
+		case SSL_ST_RENEGOTIATE:
+			s->new_session=1;
+			s->state=SSL_ST_CONNECT;
+			s->ctx->stats.sess_connect_renegotiate++;
+			/* break */
+		case SSL_ST_BEFORE:
+		case SSL_ST_CONNECT:
+		case SSL_ST_BEFORE|SSL_ST_CONNECT:
+		case SSL_ST_OK|SSL_ST_CONNECT:
+
+			s->server=0;
+			if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1);
+
+			if ((s->version & 0xff00 ) != (DTLS1_VERSION & 0xff00) &&
+			    (s->version & 0xff00 ) != (DTLS1_BAD_VER & 0xff00))
+				{
+				SSLerr(SSL_F_DTLS1_CONNECT, ERR_R_INTERNAL_ERROR);
+				ret = -1;
+				goto end;
+				}
+				
+			/* s->version=SSL3_VERSION; */
+			s->type=SSL_ST_CONNECT;
+
+			if (s->init_buf == NULL)
+				{
+				if ((buf=BUF_MEM_new()) == NULL)
+					{
+					ret= -1;
+					goto end;
+					}
+				if (!BUF_MEM_grow(buf,SSL3_RT_MAX_PLAIN_LENGTH))
+					{
+					ret= -1;
+					goto end;
+					}
+				s->init_buf=buf;
+				buf=NULL;
+				}
+
+			if (!ssl3_setup_buffers(s)) { ret= -1; goto end; }
+
+			/* setup buffing BIO */
+			if (!ssl_init_wbio_buffer(s,0)) { ret= -1; goto end; }
+
+			/* don't push the buffering BIO quite yet */
+
+			s->state=SSL3_ST_CW_CLNT_HELLO_A;
+			s->ctx->stats.sess_connect++;
+			s->init_num=0;
+			/* mark client_random uninitialized */
+			memset(s->s3->client_random,0,sizeof(s->s3->client_random));
+			s->d1->send_cookie = 0;
+			s->hit = 0;
+			break;
+
+		case SSL3_ST_CW_CLNT_HELLO_A:
+		case SSL3_ST_CW_CLNT_HELLO_B:
+
+			s->shutdown=0;
+
+			/* every DTLS ClientHello resets Finished MAC */
+			ssl3_init_finished_mac(s);
+
+			dtls1_start_timer(s);
+			ret=dtls1_client_hello(s);
+			if (ret <= 0) goto end;
+
+			if ( s->d1->send_cookie)
+				{
+				s->state=SSL3_ST_CW_FLUSH;
+				s->s3->tmp.next_state=SSL3_ST_CR_SRVR_HELLO_A;
+				}
+			else
+				s->state=SSL3_ST_CR_SRVR_HELLO_A;
+
+			s->init_num=0;
+
+			/* turn on buffering for the next lot of output */
+			if (s->bbio != s->wbio)
+				s->wbio=BIO_push(s->bbio,s->wbio);
+
+			break;
+
+		case SSL3_ST_CR_SRVR_HELLO_A:
+		case SSL3_ST_CR_SRVR_HELLO_B:
+			ret=ssl3_get_server_hello(s);
+			if (ret <= 0) goto end;
+			else
+				{
+				dtls1_stop_timer(s);
+				if (s->hit)
+					s->state=SSL3_ST_CR_FINISHED_A;
+				else
+					s->state=DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A;
+				}
+			s->init_num=0;
+			break;
+
+		case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A:
+		case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B:
+
+			ret = dtls1_get_hello_verify(s);
+			if ( ret <= 0)
+				goto end;
+			dtls1_stop_timer(s);
+			if ( s->d1->send_cookie) /* start again, with a cookie */
+				s->state=SSL3_ST_CW_CLNT_HELLO_A;
+			else
+				s->state = SSL3_ST_CR_CERT_A;
+			s->init_num = 0;
+			break;
+
+		case SSL3_ST_CR_CERT_A:
+		case SSL3_ST_CR_CERT_B:
+#ifndef OPENSSL_NO_TLSEXT
+			ret=ssl3_check_finished(s);
+			if (ret <= 0) goto end;
+			if (ret == 2)
+				{
+				s->hit = 1;
+				if (s->tlsext_ticket_expected)
+					s->state=SSL3_ST_CR_SESSION_TICKET_A;
+				else
+					s->state=SSL3_ST_CR_FINISHED_A;
+				s->init_num=0;
+				break;
+				}
+#endif
+			/* Check if it is anon DH or PSK */
+			if (!(s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL) &&
+			    !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK))
+				{
+				ret=ssl3_get_server_certificate(s);
+				if (ret <= 0) goto end;
+#ifndef OPENSSL_NO_TLSEXT
+				if (s->tlsext_status_expected)
+					s->state=SSL3_ST_CR_CERT_STATUS_A;
+				else
+					s->state=SSL3_ST_CR_KEY_EXCH_A;
+				}
+			else
+				{
+				skip = 1;
+				s->state=SSL3_ST_CR_KEY_EXCH_A;
+				}
+#else
+				}
+			else
+				skip=1;
+
+			s->state=SSL3_ST_CR_KEY_EXCH_A;
+#endif
+			s->init_num=0;
+			break;
+
+		case SSL3_ST_CR_KEY_EXCH_A:
+		case SSL3_ST_CR_KEY_EXCH_B:
+			ret=ssl3_get_key_exchange(s);
+			if (ret <= 0) goto end;
+			s->state=SSL3_ST_CR_CERT_REQ_A;
+			s->init_num=0;
+
+			/* at this point we check that we have the
+			 * required stuff from the server */
+			if (!ssl3_check_cert_and_algorithm(s))
+				{
+				ret= -1;
+				goto end;
+				}
+			break;
+
+		case SSL3_ST_CR_CERT_REQ_A:
+		case SSL3_ST_CR_CERT_REQ_B:
+			ret=ssl3_get_certificate_request(s);
+			if (ret <= 0) goto end;
+			s->state=SSL3_ST_CR_SRVR_DONE_A;
+			s->init_num=0;
+			break;
+
+		case SSL3_ST_CR_SRVR_DONE_A:
+		case SSL3_ST_CR_SRVR_DONE_B:
+			ret=ssl3_get_server_done(s);
+			if (ret <= 0) goto end;
+			if (s->s3->tmp.cert_req)
+				s->state=SSL3_ST_CW_CERT_A;
+			else
+				s->state=SSL3_ST_CW_KEY_EXCH_A;
+			s->init_num=0;
+
+			break;
+
+		case SSL3_ST_CW_CERT_A:
+		case SSL3_ST_CW_CERT_B:
+		case SSL3_ST_CW_CERT_C:
+		case SSL3_ST_CW_CERT_D:
+			dtls1_start_timer(s);
+			ret=dtls1_send_client_certificate(s);
+			if (ret <= 0) goto end;
+			s->state=SSL3_ST_CW_KEY_EXCH_A;
+			s->init_num=0;
+			break;
+
+		case SSL3_ST_CW_KEY_EXCH_A:
+		case SSL3_ST_CW_KEY_EXCH_B:
+			dtls1_start_timer(s);
+			ret=dtls1_send_client_key_exchange(s);
+			if (ret <= 0) goto end;
+			/* EAY EAY EAY need to check for DH fix cert
+			 * sent back */
+			/* For TLS, cert_req is set to 2, so a cert chain
+			 * of nothing is sent, but no verify packet is sent */
+			if (s->s3->tmp.cert_req == 1)
+				{
+				s->state=SSL3_ST_CW_CERT_VRFY_A;
+				}
+			else
+				{
+				s->state=SSL3_ST_CW_CHANGE_A;
+				s->s3->change_cipher_spec=0;
+				}
+
+			s->init_num=0;
+			break;
+
+		case SSL3_ST_CW_CERT_VRFY_A:
+		case SSL3_ST_CW_CERT_VRFY_B:
+			dtls1_start_timer(s);
+			ret=dtls1_send_client_verify(s);
+			if (ret <= 0) goto end;
+			s->state=SSL3_ST_CW_CHANGE_A;
+			s->init_num=0;
+			s->s3->change_cipher_spec=0;
+			break;
+
+		case SSL3_ST_CW_CHANGE_A:
+		case SSL3_ST_CW_CHANGE_B:
+			dtls1_start_timer(s);
+			ret=dtls1_send_change_cipher_spec(s,
+				SSL3_ST_CW_CHANGE_A,SSL3_ST_CW_CHANGE_B);
+			if (ret <= 0) goto end;
+			s->state=SSL3_ST_CW_FINISHED_A;
+			s->init_num=0;
+
+			s->session->cipher=s->s3->tmp.new_cipher;
+#ifdef OPENSSL_NO_COMP
+			s->session->compress_meth=0;
+#else
+			if (s->s3->tmp.new_compression == NULL)
+				s->session->compress_meth=0;
+			else
+				s->session->compress_meth=
+					s->s3->tmp.new_compression->id;
+#endif
+			if (!s->method->ssl3_enc->setup_key_block(s))
+				{
+				ret= -1;
+				goto end;
+				}
+
+			if (!s->method->ssl3_enc->change_cipher_state(s,
+				SSL3_CHANGE_CIPHER_CLIENT_WRITE))
+				{
+				ret= -1;
+				goto end;
+				}
+			
+			dtls1_reset_seq_numbers(s, SSL3_CC_WRITE);
+			break;
+
+		case SSL3_ST_CW_FINISHED_A:
+		case SSL3_ST_CW_FINISHED_B:
+			dtls1_start_timer(s);
+			ret=dtls1_send_finished(s,
+				SSL3_ST_CW_FINISHED_A,SSL3_ST_CW_FINISHED_B,
+				s->method->ssl3_enc->client_finished_label,
+				s->method->ssl3_enc->client_finished_label_len);
+			if (ret <= 0) goto end;
+			s->state=SSL3_ST_CW_FLUSH;
+
+			/* clear flags */
+			s->s3->flags&= ~SSL3_FLAGS_POP_BUFFER;
+			if (s->hit)
+				{
+				s->s3->tmp.next_state=SSL_ST_OK;
+				if (s->s3->flags & SSL3_FLAGS_DELAY_CLIENT_FINISHED)
+					{
+					s->state=SSL_ST_OK;
+					s->s3->flags|=SSL3_FLAGS_POP_BUFFER;
+					s->s3->delay_buf_pop_ret=0;
+					}
+				}
+			else
+				{
+#ifndef OPENSSL_NO_TLSEXT
+				/* Allow NewSessionTicket if ticket expected */
+				if (s->tlsext_ticket_expected)
+					s->s3->tmp.next_state=SSL3_ST_CR_SESSION_TICKET_A;
+				else
+#endif
+				
+				s->s3->tmp.next_state=SSL3_ST_CR_FINISHED_A;
+				}
+			s->init_num=0;
+			break;
+
+#ifndef OPENSSL_NO_TLSEXT
+		case SSL3_ST_CR_SESSION_TICKET_A:
+		case SSL3_ST_CR_SESSION_TICKET_B:
+			ret=ssl3_get_new_session_ticket(s);
+			if (ret <= 0) goto end;
+			s->state=SSL3_ST_CR_FINISHED_A;
+			s->init_num=0;
+		break;
+
+		case SSL3_ST_CR_CERT_STATUS_A:
+		case SSL3_ST_CR_CERT_STATUS_B:
+			ret=ssl3_get_cert_status(s);
+			if (ret <= 0) goto end;
+			s->state=SSL3_ST_CR_KEY_EXCH_A;
+			s->init_num=0;
+		break;
+#endif
+
+		case SSL3_ST_CR_FINISHED_A:
+		case SSL3_ST_CR_FINISHED_B:
+			s->d1->change_cipher_spec_ok = 1;
+			ret=ssl3_get_finished(s,SSL3_ST_CR_FINISHED_A,
+				SSL3_ST_CR_FINISHED_B);
+			if (ret <= 0) goto end;
+			dtls1_stop_timer(s);
+
+			if (s->hit)
+				s->state=SSL3_ST_CW_CHANGE_A;
+			else
+				s->state=SSL_ST_OK;
+			s->init_num=0;
+			break;
+
+		case SSL3_ST_CW_FLUSH:
+			s->rwstate=SSL_WRITING;
+			if (BIO_flush(s->wbio) <= 0)
+				{
+				ret= -1;
+				goto end;
+				}
+			s->rwstate=SSL_NOTHING;
+			s->state=s->s3->tmp.next_state;
+			break;
+
+		case SSL_ST_OK:
+			/* clean a few things up */
+			ssl3_cleanup_key_block(s);
+
+#if 0
+			if (s->init_buf != NULL)
+				{
+				BUF_MEM_free(s->init_buf);
+				s->init_buf=NULL;
+				}
+#endif
+
+			/* If we are not 'joining' the last two packets,
+			 * remove the buffering now */
+			if (!(s->s3->flags & SSL3_FLAGS_POP_BUFFER))
+				ssl_free_wbio_buffer(s);
+			/* else do it later in ssl3_write */
+
+			s->init_num=0;
+			s->new_session=0;
+
+			ssl_update_cache(s,SSL_SESS_CACHE_CLIENT);
+			if (s->hit) s->ctx->stats.sess_hit++;
+
+			ret=1;
+			/* s->server=0; */
+			s->handshake_func=dtls1_connect;
+			s->ctx->stats.sess_connect_good++;
+
+			if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_DONE,1);
+
+			/* done with handshaking */
+			s->d1->handshake_read_seq  = 0;
+			s->d1->next_handshake_write_seq = 0;
+			goto end;
+			/* break; */
+			
+		default:
+			SSLerr(SSL_F_DTLS1_CONNECT,SSL_R_UNKNOWN_STATE);
+			ret= -1;
+			goto end;
+			/* break; */
+			}
+
+		/* did we do anything */
+		if (!s->s3->tmp.reuse_message && !skip)
+			{
+			if (s->debug)
+				{
+				if ((ret=BIO_flush(s->wbio)) <= 0)
+					goto end;
+				}
+
+			if ((cb != NULL) && (s->state != state))
+				{
+				new_state=s->state;
+				s->state=state;
+				cb(s,SSL_CB_CONNECT_LOOP,1);
+				s->state=new_state;
+				}
+			}
+		skip=0;
+		}
+end:
+	s->in_handshake--;
+	if (buf != NULL)
+		BUF_MEM_free(buf);
+	if (cb != NULL)
+		cb(s,SSL_CB_CONNECT_EXIT,ret);
+	return(ret);
+	}
+
+int dtls1_client_hello(SSL *s)
+	{
+	unsigned char *buf;
+	unsigned char *p,*d;
+	unsigned int i,j;
+	unsigned long Time,l;
+	SSL_COMP *comp;
+
+	buf=(unsigned char *)s->init_buf->data;
+	if (s->state == SSL3_ST_CW_CLNT_HELLO_A)
+		{
+		SSL_SESSION *sess = s->session;
+		if ((s->session == NULL) ||
+			(s->session->ssl_version != s->version) ||
+#ifdef OPENSSL_NO_TLSEXT
+			!sess->session_id_length ||
+#else
+			(!sess->session_id_length && !sess->tlsext_tick) ||
+#endif
+			(s->session->not_resumable))
+			{
+			if (!ssl_get_new_session(s,0))
+				goto err;
+			}
+		/* else use the pre-loaded session */
+
+		p=s->s3->client_random;
+
+		/* if client_random is initialized, reuse it, we are
+		 * required to use same upon reply to HelloVerify */
+		for (i=0;p[i]=='\0' && i<sizeof(s->s3->client_random);i++) ;
+		if (i==sizeof(s->s3->client_random))
+			{
+			Time=(unsigned long)time(NULL);	/* Time */
+			l2n(Time,p);
+			RAND_pseudo_bytes(p,sizeof(s->s3->client_random)-4);
+			}
+
+		/* Do the message type and length last */
+		d=p= &(buf[DTLS1_HM_HEADER_LENGTH]);
+
+		*(p++)=s->version>>8;
+		*(p++)=s->version&0xff;
+		s->client_version=s->version;
+
+		/* Random stuff */
+		memcpy(p,s->s3->client_random,SSL3_RANDOM_SIZE);
+		p+=SSL3_RANDOM_SIZE;
+
+		/* Session ID */
+		if (s->new_session)
+			i=0;
+		else
+			i=s->session->session_id_length;
+		*(p++)=i;
+		if (i != 0)
+			{
+			if (i > sizeof s->session->session_id)
+				{
+				SSLerr(SSL_F_DTLS1_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
+				goto err;
+				}
+			memcpy(p,s->session->session_id,i);
+			p+=i;
+			}
+		
+		/* cookie stuff */
+		if ( s->d1->cookie_len > sizeof(s->d1->cookie))
+			{
+			SSLerr(SSL_F_DTLS1_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
+			goto err;
+			}
+		*(p++) = s->d1->cookie_len;
+		memcpy(p, s->d1->cookie, s->d1->cookie_len);
+		p += s->d1->cookie_len;
+
+		/* Ciphers supported */
+		i=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),&(p[2]),0);
+		if (i == 0)
+			{
+			SSLerr(SSL_F_DTLS1_CLIENT_HELLO,SSL_R_NO_CIPHERS_AVAILABLE);
+			goto err;
+			}
+		s2n(i,p);
+		p+=i;
+
+		/* COMPRESSION */
+		if (s->ctx->comp_methods == NULL)
+			j=0;
+		else
+			j=sk_SSL_COMP_num(s->ctx->comp_methods);
+		*(p++)=1+j;
+		for (i=0; i<j; i++)
+			{
+			comp=sk_SSL_COMP_value(s->ctx->comp_methods,i);
+			*(p++)=comp->id;
+			}
+		*(p++)=0; /* Add the NULL method */
+
+#ifndef OPENSSL_NO_TLSEXT
+		if ((p = ssl_add_clienthello_tlsext(s, p, buf+SSL3_RT_MAX_PLAIN_LENGTH)) == NULL)
+			{
+			SSLerr(SSL_F_DTLS1_CLIENT_HELLO,ERR_R_INTERNAL_ERROR);
+			goto err;
+			}
+#endif		
+
+		l=(p-d);
+		d=buf;
+
+		d = dtls1_set_message_header(s, d, SSL3_MT_CLIENT_HELLO, l, 0, l);
+
+		s->state=SSL3_ST_CW_CLNT_HELLO_B;
+		/* number of bytes to write */
+		s->init_num=p-buf;
+		s->init_off=0;
+
+		/* buffer the message to handle re-xmits */
+		dtls1_buffer_message(s, 0);
+		}
+
+	/* SSL3_ST_CW_CLNT_HELLO_B */
+	return(dtls1_do_write(s,SSL3_RT_HANDSHAKE));
+err:
+	return(-1);
+	}
+
+static int dtls1_get_hello_verify(SSL *s)
+	{
+	int n, al, ok = 0;
+	unsigned char *data;
+	unsigned int cookie_len;
+
+	n=s->method->ssl_get_message(s,
+		DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A,
+		DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B,
+		-1,
+		s->max_cert_list,
+		&ok);
+
+	if (!ok) return((int)n);
+
+	if (s->s3->tmp.message_type != DTLS1_MT_HELLO_VERIFY_REQUEST)
+		{
+		s->d1->send_cookie = 0;
+		s->s3->tmp.reuse_message=1;
+		return(1);
+		}
+
+	data = (unsigned char *)s->init_msg;
+
+	if ((data[0] != (s->version>>8)) || (data[1] != (s->version&0xff)))
+		{
+		SSLerr(SSL_F_DTLS1_GET_HELLO_VERIFY,SSL_R_WRONG_SSL_VERSION);
+		s->version=(s->version&0xff00)|data[1];
+		al = SSL_AD_PROTOCOL_VERSION;
+		goto f_err;
+		}
+	data+=2;
+
+	cookie_len = *(data++);
+	if ( cookie_len > sizeof(s->d1->cookie))
+		{
+		al=SSL_AD_ILLEGAL_PARAMETER;
+		goto f_err;
+		}
+
+	memcpy(s->d1->cookie, data, cookie_len);
+	s->d1->cookie_len = cookie_len;
+
+	s->d1->send_cookie = 1;
+	return 1;
+
+f_err:
+	ssl3_send_alert(s, SSL3_AL_FATAL, al);
+	return -1;
+	}
+
+int dtls1_send_client_key_exchange(SSL *s)
+	{
+	unsigned char *p,*d;
+	int n;
+	unsigned long alg_k;
+#ifndef OPENSSL_NO_RSA
+	unsigned char *q;
+	EVP_PKEY *pkey=NULL;
+#endif
+#ifndef OPENSSL_NO_KRB5
+        KSSL_ERR kssl_err;
+#endif /* OPENSSL_NO_KRB5 */
+#ifndef OPENSSL_NO_ECDH
+	EC_KEY *clnt_ecdh = NULL;
+	const EC_POINT *srvr_ecpoint = NULL;
+	EVP_PKEY *srvr_pub_pkey = NULL;
+	unsigned char *encodedPoint = NULL;
+	int encoded_pt_len = 0;
+	BN_CTX * bn_ctx = NULL;
+#endif
+
+	if (s->state == SSL3_ST_CW_KEY_EXCH_A)
+		{
+		d=(unsigned char *)s->init_buf->data;
+		p= &(d[DTLS1_HM_HEADER_LENGTH]);
+		
+		alg_k=s->s3->tmp.new_cipher->algorithm_mkey;
+
+                /* Fool emacs indentation */
+                if (0) {}
+#ifndef OPENSSL_NO_RSA
+		else if (alg_k & SSL_kRSA)
+			{
+			RSA *rsa;
+			unsigned char tmp_buf[SSL_MAX_MASTER_KEY_LENGTH];
+
+			if (s->session->sess_cert->peer_rsa_tmp != NULL)
+				rsa=s->session->sess_cert->peer_rsa_tmp;
+			else
+				{
+				pkey=X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509);
+				if ((pkey == NULL) ||
+					(pkey->type != EVP_PKEY_RSA) ||
+					(pkey->pkey.rsa == NULL))
+					{
+					SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,ERR_R_INTERNAL_ERROR);
+					goto err;
+					}
+				rsa=pkey->pkey.rsa;
+				EVP_PKEY_free(pkey);
+				}
+				
+			tmp_buf[0]=s->client_version>>8;
+			tmp_buf[1]=s->client_version&0xff;
+			if (RAND_bytes(&(tmp_buf[2]),sizeof tmp_buf-2) <= 0)
+					goto err;
+
+			s->session->master_key_length=sizeof tmp_buf;
+
+			q=p;
+			/* Fix buf for TLS and [incidentally] DTLS */
+			if (s->version > SSL3_VERSION)
+				p+=2;
+			n=RSA_public_encrypt(sizeof tmp_buf,
+				tmp_buf,p,rsa,RSA_PKCS1_PADDING);
+#ifdef PKCS1_CHECK
+			if (s->options & SSL_OP_PKCS1_CHECK_1) p[1]++;
+			if (s->options & SSL_OP_PKCS1_CHECK_2) tmp_buf[0]=0x70;
+#endif
+			if (n <= 0)
+				{
+				SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,SSL_R_BAD_RSA_ENCRYPT);
+				goto err;
+				}
+
+			/* Fix buf for TLS and [incidentally] DTLS */
+			if (s->version > SSL3_VERSION)
+				{
+				s2n(n,q);
+				n+=2;
+				}
+
+			s->session->master_key_length=
+				s->method->ssl3_enc->generate_master_secret(s,
+					s->session->master_key,
+					tmp_buf,sizeof tmp_buf);
+			OPENSSL_cleanse(tmp_buf,sizeof tmp_buf);
+			}
+#endif
+#ifndef OPENSSL_NO_KRB5
+		else if (alg_k & SSL_kKRB5)
+                        {
+                        krb5_error_code	krb5rc;
+                        KSSL_CTX	*kssl_ctx = s->kssl_ctx;
+                        /*  krb5_data	krb5_ap_req;  */
+                        krb5_data	*enc_ticket;
+                        krb5_data	authenticator, *authp = NULL;
+			EVP_CIPHER_CTX	ciph_ctx;
+			const EVP_CIPHER *enc = NULL;
+			unsigned char	iv[EVP_MAX_IV_LENGTH];
+			unsigned char	tmp_buf[SSL_MAX_MASTER_KEY_LENGTH];
+			unsigned char	epms[SSL_MAX_MASTER_KEY_LENGTH 
+						+ EVP_MAX_IV_LENGTH];
+			int 		padl, outl = sizeof(epms);
+
+			EVP_CIPHER_CTX_init(&ciph_ctx);
+
+#ifdef KSSL_DEBUG
+                        printf("ssl3_send_client_key_exchange(%lx & %lx)\n",
+                                alg_k, SSL_kKRB5);
+#endif	/* KSSL_DEBUG */
+
+			authp = NULL;
+#ifdef KRB5SENDAUTH
+			if (KRB5SENDAUTH)  authp = &authenticator;
+#endif	/* KRB5SENDAUTH */
+
+                        krb5rc = kssl_cget_tkt(kssl_ctx, &enc_ticket, authp,
+				&kssl_err);
+			enc = kssl_map_enc(kssl_ctx->enctype);
+                        if (enc == NULL)
+                            goto err;
+#ifdef KSSL_DEBUG
+                        {
+                        printf("kssl_cget_tkt rtn %d\n", krb5rc);
+                        if (krb5rc && kssl_err.text)
+			  printf("kssl_cget_tkt kssl_err=%s\n", kssl_err.text);
+                        }
+#endif	/* KSSL_DEBUG */
+
+                        if (krb5rc)
+                                {
+                                ssl3_send_alert(s,SSL3_AL_FATAL,
+						SSL_AD_HANDSHAKE_FAILURE);
+                                SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,
+						kssl_err.reason);
+                                goto err;
+                                }
+
+			/*  20010406 VRS - Earlier versions used KRB5 AP_REQ
+			**  in place of RFC 2712 KerberosWrapper, as in:
+			**
+                        **  Send ticket (copy to *p, set n = length)
+                        **  n = krb5_ap_req.length;
+                        **  memcpy(p, krb5_ap_req.data, krb5_ap_req.length);
+                        **  if (krb5_ap_req.data)  
+                        **    kssl_krb5_free_data_contents(NULL,&krb5_ap_req);
+                        **
+			**  Now using real RFC 2712 KerberosWrapper
+			**  (Thanks to Simon Wilkinson <sxw@sxw.org.uk>)
+			**  Note: 2712 "opaque" types are here replaced
+			**  with a 2-byte length followed by the value.
+			**  Example:
+			**  KerberosWrapper= xx xx asn1ticket 0 0 xx xx encpms
+			**  Where "xx xx" = length bytes.  Shown here with
+			**  optional authenticator omitted.
+			*/
+
+			/*  KerberosWrapper.Ticket		*/
+			s2n(enc_ticket->length,p);
+			memcpy(p, enc_ticket->data, enc_ticket->length);
+			p+= enc_ticket->length;
+			n = enc_ticket->length + 2;
+
+			/*  KerberosWrapper.Authenticator	*/
+			if (authp  &&  authp->length)  
+				{
+				s2n(authp->length,p);
+				memcpy(p, authp->data, authp->length);
+				p+= authp->length;
+				n+= authp->length + 2;
+				
+				free(authp->data);
+				authp->data = NULL;
+				authp->length = 0;
+				}
+			else
+				{
+				s2n(0,p);/*  null authenticator length	*/
+				n+=2;
+				}
+ 
+			if (RAND_bytes(tmp_buf,sizeof tmp_buf) <= 0)
+			    goto err;
+
+			/*  20010420 VRS.  Tried it this way; failed.
+			**	EVP_EncryptInit_ex(&ciph_ctx,enc, NULL,NULL);
+			**	EVP_CIPHER_CTX_set_key_length(&ciph_ctx,
+			**				kssl_ctx->length);
+			**	EVP_EncryptInit_ex(&ciph_ctx,NULL, key,iv);
+			*/
+
+			memset(iv, 0, sizeof iv);  /* per RFC 1510 */
+			EVP_EncryptInit_ex(&ciph_ctx,enc, NULL,
+				kssl_ctx->key,iv);
+			EVP_EncryptUpdate(&ciph_ctx,epms,&outl,tmp_buf,
+				sizeof tmp_buf);
+			EVP_EncryptFinal_ex(&ciph_ctx,&(epms[outl]),&padl);
+			outl += padl;
+			if (outl > (int)sizeof epms)
+				{
+				SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
+				goto err;
+				}
+			EVP_CIPHER_CTX_cleanup(&ciph_ctx);
+
+			/*  KerberosWrapper.EncryptedPreMasterSecret	*/
+			s2n(outl,p);
+			memcpy(p, epms, outl);
+			p+=outl;
+			n+=outl + 2;
+
+                        s->session->master_key_length=
+                                s->method->ssl3_enc->generate_master_secret(s,
+					s->session->master_key,
+					tmp_buf, sizeof tmp_buf);
+
+			OPENSSL_cleanse(tmp_buf, sizeof tmp_buf);
+			OPENSSL_cleanse(epms, outl);
+                        }
+#endif
+#ifndef OPENSSL_NO_DH
+		else if (alg_k & (SSL_kEDH|SSL_kDHr|SSL_kDHd))
+			{
+			DH *dh_srvr,*dh_clnt;
+
+			if (s->session->sess_cert->peer_dh_tmp != NULL)
+				dh_srvr=s->session->sess_cert->peer_dh_tmp;
+			else
+				{
+				/* we get them from the cert */
+				ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_HANDSHAKE_FAILURE);
+				SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,SSL_R_UNABLE_TO_FIND_DH_PARAMETERS);
+				goto err;
+				}
+			
+			/* generate a new random key */
+			if ((dh_clnt=DHparams_dup(dh_srvr)) == NULL)
+				{
+				SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,ERR_R_DH_LIB);
+				goto err;
+				}
+			if (!DH_generate_key(dh_clnt))
+				{
+				SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,ERR_R_DH_LIB);
+				goto err;
+				}
+
+			/* use the 'p' output buffer for the DH key, but
+			 * make sure to clear it out afterwards */
+
+			n=DH_compute_key(p,dh_srvr->pub_key,dh_clnt);
+
+			if (n <= 0)
+				{
+				SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,ERR_R_DH_LIB);
+				goto err;
+				}
+
+			/* generate master key from the result */
+			s->session->master_key_length=
+				s->method->ssl3_enc->generate_master_secret(s,
+					s->session->master_key,p,n);
+			/* clean up */
+			memset(p,0,n);
+
+			/* send off the data */
+			n=BN_num_bytes(dh_clnt->pub_key);
+			s2n(n,p);
+			BN_bn2bin(dh_clnt->pub_key,p);
+			n+=2;
+
+			DH_free(dh_clnt);
+
+			/* perhaps clean things up a bit EAY EAY EAY EAY*/
+			}
+#endif
+#ifndef OPENSSL_NO_ECDH 
+		else if (alg_k & (SSL_kEECDH|SSL_kECDHr|SSL_kECDHe))
+			{
+			const EC_GROUP *srvr_group = NULL;
+			EC_KEY *tkey;
+			int ecdh_clnt_cert = 0;
+			int field_size = 0;
+
+			/* Did we send out the client's
+			 * ECDH share for use in premaster
+			 * computation as part of client certificate?
+			 * If so, set ecdh_clnt_cert to 1.
+			 */
+			if ((alg_k & (SSL_kECDHr|SSL_kECDHe)) && (s->cert != NULL)) 
+				{
+				/* XXX: For now, we do not support client
+				 * authentication using ECDH certificates.
+				 * To add such support, one needs to add
+				 * code that checks for appropriate 
+				 * conditions and sets ecdh_clnt_cert to 1.
+				 * For example, the cert have an ECC
+				 * key on the same curve as the server's
+				 * and the key should be authorized for
+				 * key agreement.
+				 *
+				 * One also needs to add code in ssl3_connect
+				 * to skip sending the certificate verify
+				 * message.
+				 *
+				 * if ((s->cert->key->privatekey != NULL) &&
+				 *     (s->cert->key->privatekey->type ==
+				 *      EVP_PKEY_EC) && ...)
+				 * ecdh_clnt_cert = 1;
+				 */
+				}
+
+			if (s->session->sess_cert->peer_ecdh_tmp != NULL)
+				{
+				tkey = s->session->sess_cert->peer_ecdh_tmp;
+				}
+			else
+				{
+				/* Get the Server Public Key from Cert */
+				srvr_pub_pkey = X509_get_pubkey(s->session-> \
+				    sess_cert->peer_pkeys[SSL_PKEY_ECC].x509);
+				if ((srvr_pub_pkey == NULL) ||
+				    (srvr_pub_pkey->type != EVP_PKEY_EC) ||
+				    (srvr_pub_pkey->pkey.ec == NULL))
+					{
+					SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,
+					    ERR_R_INTERNAL_ERROR);
+					goto err;
+					}
+
+				tkey = srvr_pub_pkey->pkey.ec;
+				}
+
+			srvr_group   = EC_KEY_get0_group(tkey);
+			srvr_ecpoint = EC_KEY_get0_public_key(tkey);
+
+			if ((srvr_group == NULL) || (srvr_ecpoint == NULL))
+				{
+				SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,
+				    ERR_R_INTERNAL_ERROR);
+				goto err;
+				}
+
+			if ((clnt_ecdh=EC_KEY_new()) == NULL) 
+				{
+				SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,ERR_R_MALLOC_FAILURE);
+				goto err;
+				}
+
+			if (!EC_KEY_set_group(clnt_ecdh, srvr_group))
+				{
+				SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,ERR_R_EC_LIB);
+				goto err;
+				}
+			if (ecdh_clnt_cert) 
+				{ 
+				/* Reuse key info from our certificate
+				 * We only need our private key to perform
+				 * the ECDH computation.
+				 */
+				const BIGNUM *priv_key;
+				tkey = s->cert->key->privatekey->pkey.ec;
+				priv_key = EC_KEY_get0_private_key(tkey);
+				if (priv_key == NULL)
+					{
+					SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,ERR_R_MALLOC_FAILURE);
+					goto err;
+					}
+				if (!EC_KEY_set_private_key(clnt_ecdh, priv_key))
+					{
+					SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,ERR_R_EC_LIB);
+					goto err;
+					}
+				}
+			else 
+				{
+				/* Generate a new ECDH key pair */
+				if (!(EC_KEY_generate_key(clnt_ecdh)))
+					{
+					SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE, ERR_R_ECDH_LIB);
+					goto err;
+					}
+				}
+
+			/* use the 'p' output buffer for the ECDH key, but
+			 * make sure to clear it out afterwards
+			 */
+
+			field_size = EC_GROUP_get_degree(srvr_group);
+			if (field_size <= 0)
+				{
+				SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE, 
+				       ERR_R_ECDH_LIB);
+				goto err;
+				}
+			n=ECDH_compute_key(p, (field_size+7)/8, srvr_ecpoint, clnt_ecdh, NULL);
+			if (n <= 0)
+				{
+				SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE, 
+				       ERR_R_ECDH_LIB);
+				goto err;
+				}
+
+			/* generate master key from the result */
+			s->session->master_key_length = s->method->ssl3_enc \
+			    -> generate_master_secret(s, 
+				s->session->master_key,
+				p, n);
+
+			memset(p, 0, n); /* clean up */
+
+			if (ecdh_clnt_cert) 
+				{
+				/* Send empty client key exch message */
+				n = 0;
+				}
+			else 
+				{
+				/* First check the size of encoding and
+				 * allocate memory accordingly.
+				 */
+				encoded_pt_len = 
+				    EC_POINT_point2oct(srvr_group, 
+					EC_KEY_get0_public_key(clnt_ecdh), 
+					POINT_CONVERSION_UNCOMPRESSED, 
+					NULL, 0, NULL);
+
+				encodedPoint = (unsigned char *) 
+				    OPENSSL_malloc(encoded_pt_len * 
+					sizeof(unsigned char)); 
+				bn_ctx = BN_CTX_new();
+				if ((encodedPoint == NULL) || 
+				    (bn_ctx == NULL)) 
+					{
+					SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,ERR_R_MALLOC_FAILURE);
+					goto err;
+					}
+
+				/* Encode the public key */
+				n = EC_POINT_point2oct(srvr_group, 
+				    EC_KEY_get0_public_key(clnt_ecdh), 
+				    POINT_CONVERSION_UNCOMPRESSED, 
+				    encodedPoint, encoded_pt_len, bn_ctx);
+
+				*p = n; /* length of encoded point */
+				/* Encoded point will be copied here */
+				p += 1; 
+				/* copy the point */
+				memcpy((unsigned char *)p, encodedPoint, n);
+				/* increment n to account for length field */
+				n += 1; 
+				}
+
+			/* Free allocated memory */
+			BN_CTX_free(bn_ctx);
+			if (encodedPoint != NULL) OPENSSL_free(encodedPoint);
+			if (clnt_ecdh != NULL) 
+				 EC_KEY_free(clnt_ecdh);
+			EVP_PKEY_free(srvr_pub_pkey);
+			}
+#endif /* !OPENSSL_NO_ECDH */
+
+#ifndef OPENSSL_NO_PSK
+		else if (alg_k & SSL_kPSK)
+			{
+			char identity[PSK_MAX_IDENTITY_LEN];
+			unsigned char *t = NULL;
+			unsigned char psk_or_pre_ms[PSK_MAX_PSK_LEN*2+4];
+			unsigned int pre_ms_len = 0, psk_len = 0;
+			int psk_err = 1;
+
+			n = 0;
+			if (s->psk_client_callback == NULL)
+				{
+				SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,
+					SSL_R_PSK_NO_CLIENT_CB);
+				goto err;
+				}
+
+			psk_len = s->psk_client_callback(s, s->ctx->psk_identity_hint,
+				identity, PSK_MAX_IDENTITY_LEN,
+				psk_or_pre_ms, sizeof(psk_or_pre_ms));
+			if (psk_len > PSK_MAX_PSK_LEN)
+				{
+				SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,
+					ERR_R_INTERNAL_ERROR);
+				goto psk_err;
+				}
+			else if (psk_len == 0)
+				{
+				SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,
+					SSL_R_PSK_IDENTITY_NOT_FOUND);
+				goto psk_err;
+				}
+
+			/* create PSK pre_master_secret */
+			pre_ms_len = 2+psk_len+2+psk_len;
+			t = psk_or_pre_ms;
+			memmove(psk_or_pre_ms+psk_len+4, psk_or_pre_ms, psk_len);
+			s2n(psk_len, t);
+			memset(t, 0, psk_len);
+			t+=psk_len;
+			s2n(psk_len, t);
+
+			if (s->session->psk_identity_hint != NULL)
+				OPENSSL_free(s->session->psk_identity_hint);
+			s->session->psk_identity_hint = BUF_strdup(s->ctx->psk_identity_hint);
+			if (s->ctx->psk_identity_hint != NULL &&
+				s->session->psk_identity_hint == NULL)
+				{
+				SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,
+					ERR_R_MALLOC_FAILURE);
+				goto psk_err;
+				}
+
+			if (s->session->psk_identity != NULL)
+				OPENSSL_free(s->session->psk_identity);
+			s->session->psk_identity = BUF_strdup(identity);
+			if (s->session->psk_identity == NULL)
+				{
+				SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,
+					ERR_R_MALLOC_FAILURE);
+				goto psk_err;
+				}
+
+			s->session->master_key_length =
+				s->method->ssl3_enc->generate_master_secret(s,
+					s->session->master_key,
+					psk_or_pre_ms, pre_ms_len); 
+			n = strlen(identity);
+			s2n(n, p);
+			memcpy(p, identity, n);
+			n+=2;
+			psk_err = 0;
+		psk_err:
+			OPENSSL_cleanse(identity, PSK_MAX_IDENTITY_LEN);
+			OPENSSL_cleanse(psk_or_pre_ms, sizeof(psk_or_pre_ms));
+			if (psk_err != 0)
+				{
+				ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
+				goto err;
+				}
+			}
+#endif
+		else
+			{
+			ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_HANDSHAKE_FAILURE);
+			SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,ERR_R_INTERNAL_ERROR);
+			goto err;
+			}
+		
+		d = dtls1_set_message_header(s, d,
+		SSL3_MT_CLIENT_KEY_EXCHANGE, n, 0, n);
+		/*
+		 *(d++)=SSL3_MT_CLIENT_KEY_EXCHANGE;
+		 l2n3(n,d);
+		 l2n(s->d1->handshake_write_seq,d);
+		 s->d1->handshake_write_seq++;
+		*/
+		
+		s->state=SSL3_ST_CW_KEY_EXCH_B;
+		/* number of bytes to write */
+		s->init_num=n+DTLS1_HM_HEADER_LENGTH;
+		s->init_off=0;
+
+		/* buffer the message to handle re-xmits */
+		dtls1_buffer_message(s, 0);
+		}
+	
+	/* SSL3_ST_CW_KEY_EXCH_B */
+	return(dtls1_do_write(s,SSL3_RT_HANDSHAKE));
+err:
+#ifndef OPENSSL_NO_ECDH
+	BN_CTX_free(bn_ctx);
+	if (encodedPoint != NULL) OPENSSL_free(encodedPoint);
+	if (clnt_ecdh != NULL) 
+		EC_KEY_free(clnt_ecdh);
+	EVP_PKEY_free(srvr_pub_pkey);
+#endif
+	return(-1);
+	}
+
+int dtls1_send_client_verify(SSL *s)
+	{
+	unsigned char *p,*d;
+	unsigned char data[MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH];
+	EVP_PKEY *pkey;
+#ifndef OPENSSL_NO_RSA
+	unsigned u=0;
+#endif
+	unsigned long n;
+#if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_ECDSA)
+	int j;
+#endif
+
+	if (s->state == SSL3_ST_CW_CERT_VRFY_A)
+		{
+		d=(unsigned char *)s->init_buf->data;
+		p= &(d[DTLS1_HM_HEADER_LENGTH]);
+		pkey=s->cert->key->privatekey;
+
+		s->method->ssl3_enc->cert_verify_mac(s,
+		NID_sha1,
+			&(data[MD5_DIGEST_LENGTH]));
+
+#ifndef OPENSSL_NO_RSA
+		if (pkey->type == EVP_PKEY_RSA)
+			{
+			s->method->ssl3_enc->cert_verify_mac(s,
+				NID_md5,
+				&(data[0]));
+			if (RSA_sign(NID_md5_sha1, data,
+					 MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH,
+					&(p[2]), &u, pkey->pkey.rsa) <= 0 )
+				{
+				SSLerr(SSL_F_DTLS1_SEND_CLIENT_VERIFY,ERR_R_RSA_LIB);
+				goto err;
+				}
+			s2n(u,p);
+			n=u+2;
+			}
+		else
+#endif
+#ifndef OPENSSL_NO_DSA
+			if (pkey->type == EVP_PKEY_DSA)
+			{
+			if (!DSA_sign(pkey->save_type,
+				&(data[MD5_DIGEST_LENGTH]),
+				SHA_DIGEST_LENGTH,&(p[2]),
+				(unsigned int *)&j,pkey->pkey.dsa))
+				{
+				SSLerr(SSL_F_DTLS1_SEND_CLIENT_VERIFY,ERR_R_DSA_LIB);
+				goto err;
+				}
+			s2n(j,p);
+			n=j+2;
+			}
+		else
+#endif
+#ifndef OPENSSL_NO_ECDSA
+			if (pkey->type == EVP_PKEY_EC)
+			{
+			if (!ECDSA_sign(pkey->save_type,
+				&(data[MD5_DIGEST_LENGTH]),
+				SHA_DIGEST_LENGTH,&(p[2]),
+				(unsigned int *)&j,pkey->pkey.ec))
+				{
+				SSLerr(SSL_F_DTLS1_SEND_CLIENT_VERIFY,
+				    ERR_R_ECDSA_LIB);
+				goto err;
+				}
+			s2n(j,p);
+			n=j+2;
+			}
+		else
+#endif
+			{
+			SSLerr(SSL_F_DTLS1_SEND_CLIENT_VERIFY,ERR_R_INTERNAL_ERROR);
+			goto err;
+			}
+
+		d = dtls1_set_message_header(s, d,
+			SSL3_MT_CERTIFICATE_VERIFY, n, 0, n) ;
+
+		s->init_num=(int)n+DTLS1_HM_HEADER_LENGTH;
+		s->init_off=0;
+
+		/* buffer the message to handle re-xmits */
+		dtls1_buffer_message(s, 0);
+
+		s->state = SSL3_ST_CW_CERT_VRFY_B;
+		}
+
+	/* s->state = SSL3_ST_CW_CERT_VRFY_B */
+	return(dtls1_do_write(s,SSL3_RT_HANDSHAKE));
+err:
+	return(-1);
+	}
+
+int dtls1_send_client_certificate(SSL *s)
+	{
+	X509 *x509=NULL;
+	EVP_PKEY *pkey=NULL;
+	int i;
+	unsigned long l;
+
+	if (s->state ==	SSL3_ST_CW_CERT_A)
+		{
+		if ((s->cert == NULL) ||
+			(s->cert->key->x509 == NULL) ||
+			(s->cert->key->privatekey == NULL))
+			s->state=SSL3_ST_CW_CERT_B;
+		else
+			s->state=SSL3_ST_CW_CERT_C;
+		}
+
+	/* We need to get a client cert */
+	if (s->state == SSL3_ST_CW_CERT_B)
+		{
+		/* If we get an error, we need to
+		 * ssl->rwstate=SSL_X509_LOOKUP; return(-1);
+		 * We then get retied later */
+		i=0;
+		i = ssl_do_client_cert_cb(s, &x509, &pkey);
+		if (i < 0)
+			{
+			s->rwstate=SSL_X509_LOOKUP;
+			return(-1);
+			}
+		s->rwstate=SSL_NOTHING;
+		if ((i == 1) && (pkey != NULL) && (x509 != NULL))
+			{
+			s->state=SSL3_ST_CW_CERT_B;
+			if (	!SSL_use_certificate(s,x509) ||
+				!SSL_use_PrivateKey(s,pkey))
+				i=0;
+			}
+		else if (i == 1)
+			{
+			i=0;
+			SSLerr(SSL_F_DTLS1_SEND_CLIENT_CERTIFICATE,SSL_R_BAD_DATA_RETURNED_BY_CALLBACK);
+			}
+
+		if (x509 != NULL) X509_free(x509);
+		if (pkey != NULL) EVP_PKEY_free(pkey);
+		if (i == 0)
+			{
+			if (s->version == SSL3_VERSION)
+				{
+				s->s3->tmp.cert_req=0;
+				ssl3_send_alert(s,SSL3_AL_WARNING,SSL_AD_NO_CERTIFICATE);
+				return(1);
+				}
+			else
+				{
+				s->s3->tmp.cert_req=2;
+				}
+			}
+
+		/* Ok, we have a cert */
+		s->state=SSL3_ST_CW_CERT_C;
+		}
+
+	if (s->state == SSL3_ST_CW_CERT_C)
+		{
+		s->state=SSL3_ST_CW_CERT_D;
+		l=dtls1_output_cert_chain(s,
+			(s->s3->tmp.cert_req == 2)?NULL:s->cert->key->x509);
+		s->init_num=(int)l;
+		s->init_off=0;
+
+		/* set header called by dtls1_output_cert_chain() */
+
+		/* buffer the message to handle re-xmits */
+		dtls1_buffer_message(s, 0);
+		}
+	/* SSL3_ST_CW_CERT_D */
+	return(dtls1_do_write(s,SSL3_RT_HANDSHAKE));
+	}
+
+
diff --git a/ssl/d1_enc.c b/ssl/d1_enc.c
new file mode 100644
index 0000000000..8fa57347a9
--- /dev/null
+++ b/ssl/d1_enc.c
@@ -0,0 +1,293 @@
+/* ssl/d1_enc.c */
+/* 
+ * DTLS implementation written by Nagendra Modadugu
+ * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.  
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2005 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "ssl_locl.h"
+#ifndef OPENSSL_NO_COMP
+#include <openssl/comp.h>
+#endif
+#include <openssl/evp.h>
+#include <openssl/hmac.h>
+#include <openssl/md5.h>
+#include <openssl/rand.h>
+#ifdef KSSL_DEBUG
+#include <openssl/des.h>
+#endif
+
+int dtls1_enc(SSL *s, int send)
+	{
+	SSL3_RECORD *rec;
+	EVP_CIPHER_CTX *ds;
+	unsigned long l;
+	int bs,i,ii,j,k,n=0;
+	const EVP_CIPHER *enc;
+
+	if (send)
+		{
+		if (EVP_MD_CTX_md(s->write_hash))
+			{
+			n=EVP_MD_CTX_size(s->write_hash);
+			if (n < 0)
+				return -1;
+			}
+		ds=s->enc_write_ctx;
+		rec= &(s->s3->wrec);
+		if (s->enc_write_ctx == NULL)
+			enc=NULL;
+		else
+			{
+			enc=EVP_CIPHER_CTX_cipher(s->enc_write_ctx);
+			if ( rec->data != rec->input)
+				/* we can't write into the input stream */
+				fprintf(stderr, "%s:%d: rec->data != rec->input\n",
+					__FILE__, __LINE__);
+			else if ( EVP_CIPHER_block_size(ds->cipher) > 1)
+				{
+				if (RAND_bytes(rec->input, EVP_CIPHER_block_size(ds->cipher)) <= 0)
+					return -1;
+				}
+			}
+		}
+	else
+		{
+		if (EVP_MD_CTX_md(s->read_hash))
+			{
+			n=EVP_MD_CTX_size(s->read_hash);
+			if (n < 0)
+				return -1;
+			}
+		ds=s->enc_read_ctx;
+		rec= &(s->s3->rrec);
+		if (s->enc_read_ctx == NULL)
+			enc=NULL;
+		else
+			enc=EVP_CIPHER_CTX_cipher(s->enc_read_ctx);
+		}
+
+#ifdef KSSL_DEBUG
+	printf("dtls1_enc(%d)\n", send);
+#endif    /* KSSL_DEBUG */
+
+	if ((s->session == NULL) || (ds == NULL) ||
+		(enc == NULL))
+		{
+		memmove(rec->data,rec->input,rec->length);
+		rec->input=rec->data;
+		}
+	else
+		{
+		l=rec->length;
+		bs=EVP_CIPHER_block_size(ds->cipher);
+
+		if ((bs != 1) && send)
+			{
+			i=bs-((int)l%bs);
+
+			/* Add weird padding of upto 256 bytes */
+
+			/* we need to add 'i' padding bytes of value j */
+			j=i-1;
+			if (s->options & SSL_OP_TLS_BLOCK_PADDING_BUG)
+				{
+				if (s->s3->flags & TLS1_FLAGS_TLS_PADDING_BUG)
+					j++;
+				}
+			for (k=(int)l; k<(int)(l+i); k++)
+				rec->input[k]=j;
+			l+=i;
+			rec->length+=i;
+			}
+
+#ifdef KSSL_DEBUG
+		{
+                unsigned long ui;
+		printf("EVP_Cipher(ds=%p,rec->data=%p,rec->input=%p,l=%ld) ==>\n",
+                        ds,rec->data,rec->input,l);
+		printf("\tEVP_CIPHER_CTX: %d buf_len, %d key_len [%d %d], %d iv_len\n",
+                        ds->buf_len, ds->cipher->key_len,
+                        DES_KEY_SZ, DES_SCHEDULE_SZ,
+                        ds->cipher->iv_len);
+		printf("\t\tIV: ");
+		for (i=0; i<ds->cipher->iv_len; i++) printf("%02X", ds->iv[i]);
+		printf("\n");
+		printf("\trec->input=");
+		for (ui=0; ui<l; ui++) printf(" %02x", rec->input[ui]);
+		printf("\n");
+		}
+#endif	/* KSSL_DEBUG */
+
+		if (!send)
+			{
+			if (l == 0 || l%bs != 0)
+				{
+				SSLerr(SSL_F_DTLS1_ENC,SSL_R_BLOCK_CIPHER_PAD_IS_WRONG);
+				ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECRYPTION_FAILED);
+				return 0;
+				}
+			}
+		
+		EVP_Cipher(ds,rec->data,rec->input,l);
+
+#ifdef KSSL_DEBUG
+		{
+                unsigned long i;
+                printf("\trec->data=");
+		for (i=0; i<l; i++)
+                        printf(" %02x", rec->data[i]);  printf("\n");
+                }
+#endif	/* KSSL_DEBUG */
+
+		if ((bs != 1) && !send)
+			{
+			ii=i=rec->data[l-1]; /* padding_length */
+			i++;
+			if (s->options&SSL_OP_TLS_BLOCK_PADDING_BUG)
+				{
+				/* First packet is even in size, so check */
+				if ((memcmp(s->s3->read_sequence,
+					"\0\0\0\0\0\0\0\0",8) == 0) && !(ii & 1))
+					s->s3->flags|=TLS1_FLAGS_TLS_PADDING_BUG;
+				if (s->s3->flags & TLS1_FLAGS_TLS_PADDING_BUG)
+					i--;
+				}
+			/* TLS 1.0 does not bound the number of padding bytes by the block size.
+			 * All of them must have value 'padding_length'. */
+			if (i > (int)rec->length)
+				{
+				/* Incorrect padding. SSLerr() and ssl3_alert are done
+				 * by caller: we don't want to reveal whether this is
+				 * a decryption error or a MAC verification failure
+				 * (see http://www.openssl.org/~bodo/tls-cbc.txt) 
+				 */
+				return -1;
+				}
+			for (j=(int)(l-i); j<(int)l; j++)
+				{
+				if (rec->data[j] != ii)
+					{
+					/* Incorrect padding */
+					return -1;
+					}
+				}
+			rec->length-=i;
+
+			rec->data += bs;    /* skip the implicit IV */
+			rec->input += bs;
+			rec->length -= bs;
+			}
+		}
+	return(1);
+	}
+
diff --git a/ssl/d1_lib.c b/ssl/d1_lib.c
new file mode 100644
index 0000000000..2786b61c29
--- /dev/null
+++ b/ssl/d1_lib.c
@@ -0,0 +1,384 @@
+/* ssl/d1_lib.c */
+/* 
+ * DTLS implementation written by Nagendra Modadugu
+ * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.  
+ */
+/* ====================================================================
+ * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#define USE_SOCKETS
+#include <openssl/objects.h>
+#include "ssl_locl.h"
+
+#ifdef OPENSSL_SYS_WIN32
+#include <sys/timeb.h>
+#endif
+
+static void get_current_time(struct timeval *t);
+const char dtls1_version_str[]="DTLSv1" OPENSSL_VERSION_PTEXT;
+int dtls1_listen(SSL *s, struct sockaddr *client);
+
+SSL3_ENC_METHOD DTLSv1_enc_data={
+    dtls1_enc,
+	tls1_mac,
+	tls1_setup_key_block,
+	tls1_generate_master_secret,
+	tls1_change_cipher_state,
+	tls1_final_finish_mac,
+	TLS1_FINISH_MAC_LENGTH,
+	tls1_cert_verify_mac,
+	TLS_MD_CLIENT_FINISH_CONST,TLS_MD_CLIENT_FINISH_CONST_SIZE,
+	TLS_MD_SERVER_FINISH_CONST,TLS_MD_SERVER_FINISH_CONST_SIZE,
+	tls1_alert_code,
+	};
+
+long dtls1_default_timeout(void)
+	{
+	/* 2 hours, the 24 hours mentioned in the DTLSv1 spec
+	 * is way too long for http, the cache would over fill */
+	return(60*60*2);
+	}
+
+int dtls1_new(SSL *s)
+	{
+	DTLS1_STATE *d1;
+
+	if (!ssl3_new(s)) return(0);
+	if ((d1=OPENSSL_malloc(sizeof *d1)) == NULL) return (0);
+	memset(d1,0, sizeof *d1);
+
+	/* d1->handshake_epoch=0; */
+
+	d1->unprocessed_rcds.q=pqueue_new();
+	d1->processed_rcds.q=pqueue_new();
+	d1->buffered_messages = pqueue_new();
+	d1->sent_messages=pqueue_new();
+	d1->buffered_app_data.q=pqueue_new();
+
+	if ( s->server)
+		{
+		d1->cookie_len = sizeof(s->d1->cookie);
+		}
+
+	if( ! d1->unprocessed_rcds.q || ! d1->processed_rcds.q 
+        || ! d1->buffered_messages || ! d1->sent_messages || ! d1->buffered_app_data.q)
+		{
+        if ( d1->unprocessed_rcds.q) pqueue_free(d1->unprocessed_rcds.q);
+        if ( d1->processed_rcds.q) pqueue_free(d1->processed_rcds.q);
+        if ( d1->buffered_messages) pqueue_free(d1->buffered_messages);
+		if ( d1->sent_messages) pqueue_free(d1->sent_messages);
+		if ( d1->buffered_app_data.q) pqueue_free(d1->buffered_app_data.q);
+		OPENSSL_free(d1);
+		return (0);
+		}
+
+	s->d1=d1;
+	s->method->ssl_clear(s);
+	return(1);
+	}
+
+void dtls1_free(SSL *s)
+	{
+    pitem *item = NULL;
+    hm_fragment *frag = NULL;
+
+	ssl3_free(s);
+
+    while( (item = pqueue_pop(s->d1->unprocessed_rcds.q)) != NULL)
+        {
+        OPENSSL_free(item->data);
+        pitem_free(item);
+        }
+    pqueue_free(s->d1->unprocessed_rcds.q);
+
+    while( (item = pqueue_pop(s->d1->processed_rcds.q)) != NULL)
+        {
+        OPENSSL_free(item->data);
+        pitem_free(item);
+        }
+    pqueue_free(s->d1->processed_rcds.q);
+
+    while( (item = pqueue_pop(s->d1->buffered_messages)) != NULL)
+        {
+        frag = (hm_fragment *)item->data;
+        OPENSSL_free(frag->fragment);
+        OPENSSL_free(frag);
+        pitem_free(item);
+        }
+    pqueue_free(s->d1->buffered_messages);
+
+    while ( (item = pqueue_pop(s->d1->sent_messages)) != NULL)
+        {
+        frag = (hm_fragment *)item->data;
+        OPENSSL_free(frag->fragment);
+        OPENSSL_free(frag);
+        pitem_free(item);
+        }
+	pqueue_free(s->d1->sent_messages);
+
+	while ( (item = pqueue_pop(s->d1->buffered_app_data.q)) != NULL)
+		{
+		frag = (hm_fragment *)item->data;
+		OPENSSL_free(frag->fragment);
+		OPENSSL_free(frag);
+		pitem_free(item);
+		}
+	pqueue_free(s->d1->buffered_app_data.q);
+
+	OPENSSL_free(s->d1);
+	}
+
+void dtls1_clear(SSL *s)
+	{
+	ssl3_clear(s);
+	if (s->options & SSL_OP_CISCO_ANYCONNECT)
+		s->version=DTLS1_BAD_VER;
+	else
+		s->version=DTLS1_VERSION;
+	}
+
+long dtls1_ctrl(SSL *s, int cmd, long larg, void *parg)
+	{
+	int ret=0;
+
+	switch (cmd)
+		{
+	case DTLS_CTRL_GET_TIMEOUT:
+		if (dtls1_get_timeout(s, (struct timeval*) parg) != NULL)
+			{
+			ret = 1;
+			}
+		break;
+	case DTLS_CTRL_HANDLE_TIMEOUT:
+		ret = dtls1_handle_timeout(s);
+		break;
+	case DTLS_CTRL_LISTEN:
+		ret = dtls1_listen(s, parg);
+		break;
+
+	default:
+		ret = ssl3_ctrl(s, cmd, larg, parg);
+		break;
+		}
+	return(ret);
+	}
+
+/*
+ * As it's impossible to use stream ciphers in "datagram" mode, this
+ * simple filter is designed to disengage them in DTLS. Unfortunately
+ * there is no universal way to identify stream SSL_CIPHER, so we have
+ * to explicitly list their SSL_* codes. Currently RC4 is the only one
+ * available, but if new ones emerge, they will have to be added...
+ */
+const SSL_CIPHER *dtls1_get_cipher(unsigned int u)
+	{
+	const SSL_CIPHER *ciph = ssl3_get_cipher(u);
+
+	if (ciph != NULL)
+		{
+		if (ciph->algorithm_enc == SSL_RC4)
+			return NULL;
+		}
+
+	return ciph;
+	}
+
+void dtls1_start_timer(SSL *s)
+	{
+	/* If timer is not set, initialize duration with 1 second */
+	if (s->d1->next_timeout.tv_sec == 0 && s->d1->next_timeout.tv_usec == 0)
+		{
+		s->d1->timeout_duration = 1;
+		}
+	
+	/* Set timeout to current time */
+	get_current_time(&(s->d1->next_timeout));
+
+	/* Add duration to current time */
+	s->d1->next_timeout.tv_sec += s->d1->timeout_duration;
+	BIO_ctrl(SSL_get_rbio(s), BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT, 0, &(s->d1->next_timeout));
+	}
+
+struct timeval* dtls1_get_timeout(SSL *s, struct timeval* timeleft)
+	{
+	struct timeval timenow;
+
+	/* If no timeout is set, just return NULL */
+	if (s->d1->next_timeout.tv_sec == 0 && s->d1->next_timeout.tv_usec == 0)
+		{
+		return NULL;
+		}
+
+	/* Get current time */
+	get_current_time(&timenow);
+
+	/* If timer already expired, set remaining time to 0 */
+	if (s->d1->next_timeout.tv_sec < timenow.tv_sec ||
+		(s->d1->next_timeout.tv_sec == timenow.tv_sec &&
+		 s->d1->next_timeout.tv_usec <= timenow.tv_usec))
+		{
+		memset(timeleft, 0, sizeof(struct timeval));
+		return timeleft;
+		}
+
+	/* Calculate time left until timer expires */
+	memcpy(timeleft, &(s->d1->next_timeout), sizeof(struct timeval));
+	timeleft->tv_sec -= timenow.tv_sec;
+	timeleft->tv_usec -= timenow.tv_usec;
+	if (timeleft->tv_usec < 0)
+		{
+		timeleft->tv_sec--;
+		timeleft->tv_usec += 1000000;
+		}
+
+	return timeleft;
+	}
+
+int dtls1_is_timer_expired(SSL *s)
+	{
+	struct timeval timeleft;
+
+	/* Get time left until timeout, return false if no timer running */
+	if (dtls1_get_timeout(s, &timeleft) == NULL)
+		{
+		return 0;
+		}
+
+	/* Return false if timer is not expired yet */
+	if (timeleft.tv_sec > 0 || timeleft.tv_usec > 0)
+		{
+		return 0;
+		}
+
+	/* Timer expired, so return true */	
+	return 1;
+	}
+
+void dtls1_double_timeout(SSL *s)
+	{
+	s->d1->timeout_duration *= 2;
+	if (s->d1->timeout_duration > 60)
+		s->d1->timeout_duration = 60;
+	dtls1_start_timer(s);
+	}
+
+void dtls1_stop_timer(SSL *s)
+	{
+	/* Reset everything */
+	memset(&(s->d1->next_timeout), 0, sizeof(struct timeval));
+	s->d1->timeout_duration = 1;
+	BIO_ctrl(SSL_get_rbio(s), BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT, 0, &(s->d1->next_timeout));
+	}
+
+int dtls1_handle_timeout(SSL *s)
+	{
+	DTLS1_STATE *state;
+
+	/* if no timer is expired, don't do anything */
+	if (!dtls1_is_timer_expired(s))
+		{
+		return 0;
+		}
+
+	dtls1_double_timeout(s);
+	state = s->d1;
+	state->timeout.num_alerts++;
+	if ( state->timeout.num_alerts > DTLS1_TMO_ALERT_COUNT)
+		{
+		/* fail the connection, enough alerts have been sent */
+		SSLerr(SSL_F_DTLS1_HANDLE_TIMEOUT,SSL_R_READ_TIMEOUT_EXPIRED);
+		return 0;
+		}
+
+	state->timeout.read_timeouts++;
+	if ( state->timeout.read_timeouts > DTLS1_TMO_READ_COUNT)
+		{
+		state->timeout.read_timeouts = 1;
+		}
+
+	dtls1_start_timer(s);
+	return dtls1_retransmit_buffered_messages(s);
+	}
+
+static void get_current_time(struct timeval *t)
+{
+#ifdef OPENSSL_SYS_WIN32
+	struct _timeb tb;
+	_ftime(&tb);
+	t->tv_sec = (long)tb.time;
+	t->tv_usec = (long)tb.millitm * 1000;
+#elif defined(OPENSSL_SYS_VMS)
+	struct timeb tb;
+	ftime(&tb);
+	t->tv_sec = (long)tb.time;
+	t->tv_usec = (long)tb.millitm * 1000;
+#else
+	gettimeofday(t, NULL);
+#endif
+}
+
+int dtls1_listen(SSL *s, struct sockaddr *client)
+	{
+	int ret;
+
+	SSL_set_options(s, SSL_OP_COOKIE_EXCHANGE);
+	s->d1->listen = 1;
+
+	ret = SSL_accept(s);
+	if (ret <= 0) return ret;
+	
+	(void) BIO_dgram_get_peer(SSL_get_rbio(s), client);
+	return 1;
+	}
diff --git a/ssl/d1_meth.c b/ssl/d1_meth.c
new file mode 100644
index 0000000000..5c4004bfe3
--- /dev/null
+++ b/ssl/d1_meth.c
@@ -0,0 +1,77 @@
+/* ssl/d1_meth.h */
+/* 
+ * DTLS implementation written by Nagendra Modadugu
+ * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.  
+ */
+/* ====================================================================
+ * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <openssl/objects.h>
+#include "ssl_locl.h"
+
+static const SSL_METHOD *dtls1_get_method(int ver);
+static const SSL_METHOD *dtls1_get_method(int ver)
+	{
+	if (ver == DTLS1_VERSION)
+		return(DTLSv1_method());
+	else
+		return(NULL);
+	}
+
+IMPLEMENT_dtls1_meth_func(DTLSv1_method,
+			dtls1_accept,
+			dtls1_connect,
+			dtls1_get_method)
+
diff --git a/ssl/d1_pkt.c b/ssl/d1_pkt.c
new file mode 100644
index 0000000000..c9757e1d63
--- /dev/null
+++ b/ssl/d1_pkt.c
@@ -0,0 +1,1775 @@
+/* ssl/d1_pkt.c */
+/* 
+ * DTLS implementation written by Nagendra Modadugu
+ * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.  
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2005 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <errno.h>
+#define USE_SOCKETS
+#include "ssl_locl.h"
+#include <openssl/evp.h>
+#include <openssl/buffer.h>
+#include <openssl/pqueue.h>
+#include <openssl/rand.h>
+
+/* mod 128 saturating subtract of two 64-bit values in big-endian order */
+static int satsub64be(const unsigned char *v1,const unsigned char *v2)
+{	int ret,sat,brw,i;
+
+	if (sizeof(long) == 8) do
+	{	const union { long one; char little; } is_endian = {1};
+		long l;
+
+		if (is_endian.little)			break;
+		/* not reached on little-endians */
+		/* following test is redundant, because input is
+		 * always aligned, but I take no chances... */
+		if (((size_t)v1|(size_t)v2)&0x7)	break;
+
+		l  = *((long *)v1);
+		l -= *((long *)v2);
+		if (l>128)		return 128;
+		else if (l<-128)	return -128;
+		else			return (int)l;
+	} while (0);
+
+	ret = (int)v1[7]-(int)v2[7];
+	sat = 0;
+	brw = ret>>8;	/* brw is either 0 or -1 */
+	if (ret & 0x80)
+	{	for (i=6;i>=0;i--)
+		{	brw += (int)v1[i]-(int)v2[i];
+			sat |= ~brw;
+			brw >>= 8;
+		}
+	}
+	else
+	{	for (i=6;i>=0;i--)
+		{	brw += (int)v1[i]-(int)v2[i];
+			sat |= brw;
+			brw >>= 8;
+		}
+	}
+	brw <<= 8;	/* brw is either 0 or -256 */
+
+	if (sat&0xff)	return brw | 0x80;
+	else		return brw + (ret&0xFF);
+}
+
+static int have_handshake_fragment(SSL *s, int type, unsigned char *buf, 
+	int len, int peek);
+static int dtls1_record_replay_check(SSL *s, DTLS1_BITMAP *bitmap);
+static void dtls1_record_bitmap_update(SSL *s, DTLS1_BITMAP *bitmap);
+static DTLS1_BITMAP *dtls1_get_bitmap(SSL *s, SSL3_RECORD *rr, 
+    unsigned int *is_next_epoch);
+#if 0
+static int dtls1_record_needs_buffering(SSL *s, SSL3_RECORD *rr,
+	unsigned short *priority, unsigned long *offset);
+#endif
+static int dtls1_buffer_record(SSL *s, record_pqueue *q,
+	unsigned char *priority);
+static int dtls1_process_record(SSL *s);
+static void dtls1_clear_timeouts(SSL *s);
+
+/* copy buffered record into SSL structure */
+static int
+dtls1_copy_record(SSL *s, pitem *item)
+    {
+    DTLS1_RECORD_DATA *rdata;
+
+    rdata = (DTLS1_RECORD_DATA *)item->data;
+    
+    if (s->s3->rbuf.buf != NULL)
+        OPENSSL_free(s->s3->rbuf.buf);
+    
+    s->packet = rdata->packet;
+    s->packet_length = rdata->packet_length;
+    memcpy(&(s->s3->rbuf), &(rdata->rbuf), sizeof(SSL3_BUFFER));
+    memcpy(&(s->s3->rrec), &(rdata->rrec), sizeof(SSL3_RECORD));
+    
+    return(1);
+    }
+
+
+static int
+dtls1_buffer_record(SSL *s, record_pqueue *queue, unsigned char *priority)
+	{
+	DTLS1_RECORD_DATA *rdata;
+	pitem *item;
+
+	/* Limit the size of the queue to prevent DOS attacks */
+	if (pqueue_size(queue->q) >= 100)
+		return 0;
+		
+	rdata = OPENSSL_malloc(sizeof(DTLS1_RECORD_DATA));
+	item = pitem_new(priority, rdata);
+	if (rdata == NULL || item == NULL)
+		{
+		if (rdata != NULL) OPENSSL_free(rdata);
+		if (item != NULL) pitem_free(item);
+		
+		SSLerr(SSL_F_DTLS1_BUFFER_RECORD, ERR_R_INTERNAL_ERROR);
+		return(0);
+		}
+	
+	rdata->packet = s->packet;
+	rdata->packet_length = s->packet_length;
+	memcpy(&(rdata->rbuf), &(s->s3->rbuf), sizeof(SSL3_BUFFER));
+	memcpy(&(rdata->rrec), &(s->s3->rrec), sizeof(SSL3_RECORD));
+
+	item->data = rdata;
+
+	/* insert should not fail, since duplicates are dropped */
+	if (pqueue_insert(queue->q, item) == NULL)
+		{
+		OPENSSL_free(rdata);
+		pitem_free(item);
+		return(0);
+		}
+
+	s->packet = NULL;
+	s->packet_length = 0;
+	memset(&(s->s3->rbuf), 0, sizeof(SSL3_BUFFER));
+	memset(&(s->s3->rrec), 0, sizeof(SSL3_RECORD));
+	
+	if (!ssl3_setup_buffers(s))
+		{
+		SSLerr(SSL_F_DTLS1_BUFFER_RECORD, ERR_R_INTERNAL_ERROR);
+		OPENSSL_free(rdata);
+		pitem_free(item);
+		return(0);
+		}
+	
+	return(1);
+	}
+
+
+static int
+dtls1_retrieve_buffered_record(SSL *s, record_pqueue *queue)
+    {
+    pitem *item;
+
+    item = pqueue_pop(queue->q);
+    if (item)
+        {
+        dtls1_copy_record(s, item);
+
+        OPENSSL_free(item->data);
+		pitem_free(item);
+
+        return(1);
+        }
+
+    return(0);
+    }
+
+
+/* retrieve a buffered record that belongs to the new epoch, i.e., not processed 
+ * yet */
+#define dtls1_get_unprocessed_record(s) \
+                   dtls1_retrieve_buffered_record((s), \
+                   &((s)->d1->unprocessed_rcds))
+
+/* retrieve a buffered record that belongs to the current epoch, ie, processed */
+#define dtls1_get_processed_record(s) \
+                   dtls1_retrieve_buffered_record((s), \
+                   &((s)->d1->processed_rcds))
+
+static int
+dtls1_process_buffered_records(SSL *s)
+    {
+    pitem *item;
+    
+    item = pqueue_peek(s->d1->unprocessed_rcds.q);
+    if (item)
+        {
+        DTLS1_RECORD_DATA *rdata;
+        rdata = (DTLS1_RECORD_DATA *)item->data;
+        
+        /* Check if epoch is current. */
+        if (s->d1->unprocessed_rcds.epoch != s->d1->r_epoch)
+            return(1);  /* Nothing to do. */
+        
+        /* Process all the records. */
+        while (pqueue_peek(s->d1->unprocessed_rcds.q))
+            {
+            dtls1_get_unprocessed_record(s);
+            if ( ! dtls1_process_record(s))
+                return(0);
+            dtls1_buffer_record(s, &(s->d1->processed_rcds), 
+                s->s3->rrec.seq_num);
+            }
+        }
+
+    /* sync epoch numbers once all the unprocessed records 
+     * have been processed */
+    s->d1->processed_rcds.epoch = s->d1->r_epoch;
+    s->d1->unprocessed_rcds.epoch = s->d1->r_epoch + 1;
+
+    return(1);
+    }
+
+
+#if 0
+
+static int
+dtls1_get_buffered_record(SSL *s)
+	{
+	pitem *item;
+	PQ_64BIT priority = 
+		(((PQ_64BIT)s->d1->handshake_read_seq) << 32) | 
+		((PQ_64BIT)s->d1->r_msg_hdr.frag_off);
+	
+	if ( ! SSL_in_init(s))  /* if we're not (re)negotiating, 
+							   nothing buffered */
+		return 0;
+
+
+	item = pqueue_peek(s->d1->rcvd_records);
+	if (item && item->priority == priority)
+		{
+		/* Check if we've received the record of interest.  It must be
+		 * a handshake record, since data records as passed up without
+		 * buffering */
+		DTLS1_RECORD_DATA *rdata;
+		item = pqueue_pop(s->d1->rcvd_records);
+		rdata = (DTLS1_RECORD_DATA *)item->data;
+		
+		if (s->s3->rbuf.buf != NULL)
+			OPENSSL_free(s->s3->rbuf.buf);
+		
+		s->packet = rdata->packet;
+		s->packet_length = rdata->packet_length;
+		memcpy(&(s->s3->rbuf), &(rdata->rbuf), sizeof(SSL3_BUFFER));
+		memcpy(&(s->s3->rrec), &(rdata->rrec), sizeof(SSL3_RECORD));
+		
+		OPENSSL_free(item->data);
+		pitem_free(item);
+		
+		/* s->d1->next_expected_seq_num++; */
+		return(1);
+		}
+	
+	return 0;
+	}
+
+#endif
+
+static int
+dtls1_process_record(SSL *s)
+{
+	int i,al;
+	int clear=0;
+	int enc_err;
+	SSL_SESSION *sess;
+	SSL3_RECORD *rr;
+	unsigned int mac_size;
+	unsigned char md[EVP_MAX_MD_SIZE];
+
+
+	rr= &(s->s3->rrec);
+	sess = s->session;
+
+	/* At this point, s->packet_length == SSL3_RT_HEADER_LNGTH + rr->length,
+	 * and we have that many bytes in s->packet
+	 */
+	rr->input= &(s->packet[DTLS1_RT_HEADER_LENGTH]);
+
+	/* ok, we can now read from 's->packet' data into 'rr'
+	 * rr->input points at rr->length bytes, which
+	 * need to be copied into rr->data by either
+	 * the decryption or by the decompression
+	 * When the data is 'copied' into the rr->data buffer,
+	 * rr->input will be pointed at the new buffer */ 
+
+	/* We now have - encrypted [ MAC [ compressed [ plain ] ] ]
+	 * rr->length bytes of encrypted compressed stuff. */
+
+	/* check is not needed I believe */
+	if (rr->length > SSL3_RT_MAX_ENCRYPTED_LENGTH)
+		{
+		al=SSL_AD_RECORD_OVERFLOW;
+		SSLerr(SSL_F_DTLS1_PROCESS_RECORD,SSL_R_ENCRYPTED_LENGTH_TOO_LONG);
+		goto f_err;
+		}
+
+	/* decrypt in place in 'rr->input' */
+	rr->data=rr->input;
+
+	enc_err = s->method->ssl3_enc->enc(s,0);
+	if (enc_err <= 0)
+		{
+		if (enc_err == 0)
+			/* SSLerr() and ssl3_send_alert() have been called */
+			goto err;
+
+		/* otherwise enc_err == -1 */
+		goto decryption_failed_or_bad_record_mac;
+		}
+
+#ifdef TLS_DEBUG
+printf("dec %d\n",rr->length);
+{ unsigned int z; for (z=0; z<rr->length; z++) printf("%02X%c",rr->data[z],((z+1)%16)?' ':'\n'); }
+printf("\n");
+#endif
+
+	/* r->length is now the compressed data plus mac */
+	if (	(sess == NULL) ||
+		(s->enc_read_ctx == NULL) ||
+		(s->read_hash == NULL))
+		clear=1;
+
+	if (!clear)
+		{
+		/* !clear => s->read_hash != NULL => mac_size != -1 */
+		int t;
+		t=EVP_MD_CTX_size(s->read_hash);
+		OPENSSL_assert(t >= 0);
+		mac_size=t;
+
+		if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH+mac_size)
+			{
+#if 0 /* OK only for stream ciphers (then rr->length is visible from ciphertext anyway) */
+			al=SSL_AD_RECORD_OVERFLOW;
+			SSLerr(SSL_F_DTLS1_PROCESS_RECORD,SSL_R_PRE_MAC_LENGTH_TOO_LONG);
+			goto f_err;
+#else
+			goto decryption_failed_or_bad_record_mac;
+#endif			
+			}
+		/* check the MAC for rr->input (it's in mac_size bytes at the tail) */
+		if (rr->length < mac_size)
+			{
+#if 0 /* OK only for stream ciphers */
+			al=SSL_AD_DECODE_ERROR;
+			SSLerr(SSL_F_DTLS1_PROCESS_RECORD,SSL_R_LENGTH_TOO_SHORT);
+			goto f_err;
+#else
+			goto decryption_failed_or_bad_record_mac;
+#endif
+			}
+		rr->length-=mac_size;
+		i=s->method->ssl3_enc->mac(s,md,0);
+		if (i < 0 || memcmp(md,&(rr->data[rr->length]),mac_size) != 0)
+			{
+			goto decryption_failed_or_bad_record_mac;
+			}
+		}
+
+	/* r->length is now just compressed */
+	if (s->expand != NULL)
+		{
+		if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH)
+			{
+			al=SSL_AD_RECORD_OVERFLOW;
+			SSLerr(SSL_F_DTLS1_PROCESS_RECORD,SSL_R_COMPRESSED_LENGTH_TOO_LONG);
+			goto f_err;
+			}
+		if (!ssl3_do_uncompress(s))
+			{
+			al=SSL_AD_DECOMPRESSION_FAILURE;
+			SSLerr(SSL_F_DTLS1_PROCESS_RECORD,SSL_R_BAD_DECOMPRESSION);
+			goto f_err;
+			}
+		}
+
+	if (rr->length > SSL3_RT_MAX_PLAIN_LENGTH)
+		{
+		al=SSL_AD_RECORD_OVERFLOW;
+		SSLerr(SSL_F_DTLS1_PROCESS_RECORD,SSL_R_DATA_LENGTH_TOO_LONG);
+		goto f_err;
+		}
+
+	rr->off=0;
+	/* So at this point the following is true
+	 * ssl->s3->rrec.type 	is the type of record
+	 * ssl->s3->rrec.length	== number of bytes in record
+	 * ssl->s3->rrec.off	== offset to first valid byte
+	 * ssl->s3->rrec.data	== where to take bytes from, increment
+	 *			   after use :-).
+	 */
+
+	/* we have pulled in a full packet so zero things */
+	s->packet_length=0;
+	dtls1_record_bitmap_update(s, &(s->d1->bitmap));/* Mark receipt of record. */
+	return(1);
+
+decryption_failed_or_bad_record_mac:
+	/* Separate 'decryption_failed' alert was introduced with TLS 1.0,
+	 * SSL 3.0 only has 'bad_record_mac'.  But unless a decryption
+	 * failure is directly visible from the ciphertext anyway,
+	 * we should not reveal which kind of error occured -- this
+	 * might become visible to an attacker (e.g. via logfile) */
+	al=SSL_AD_BAD_RECORD_MAC;
+	SSLerr(SSL_F_DTLS1_PROCESS_RECORD,SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC);
+f_err:
+	ssl3_send_alert(s,SSL3_AL_FATAL,al);
+err:
+	return(0);
+}
+
+
+/* Call this to get a new input record.
+ * It will return <= 0 if more data is needed, normally due to an error
+ * or non-blocking IO.
+ * When it finishes, one packet has been decoded and can be found in
+ * ssl->s3->rrec.type    - is the type of record
+ * ssl->s3->rrec.data, 	 - data
+ * ssl->s3->rrec.length, - number of bytes
+ */
+/* used only by dtls1_read_bytes */
+int dtls1_get_record(SSL *s)
+	{
+	int ssl_major,ssl_minor;
+	int i,n;
+	SSL3_RECORD *rr;
+	SSL_SESSION *sess;
+	unsigned char *p = NULL;
+	unsigned short version;
+	DTLS1_BITMAP *bitmap;
+	unsigned int is_next_epoch;
+
+	rr= &(s->s3->rrec);
+	sess=s->session;
+
+	/* The epoch may have changed.  If so, process all the
+	 * pending records.  This is a non-blocking operation. */
+	if ( ! dtls1_process_buffered_records(s))
+            return 0;
+
+	/* if we're renegotiating, then there may be buffered records */
+	if (dtls1_get_processed_record(s))
+		return 1;
+
+	/* get something from the wire */
+again:
+	/* check if we have the header */
+	if (	(s->rstate != SSL_ST_READ_BODY) ||
+		(s->packet_length < DTLS1_RT_HEADER_LENGTH)) 
+		{
+		n=ssl3_read_n(s, DTLS1_RT_HEADER_LENGTH, s->s3->rbuf.len, 0);
+		/* read timeout is handled by dtls1_read_bytes */
+		if (n <= 0) return(n); /* error or non-blocking */
+
+		/* this packet contained a partial record, dump it */
+		if (s->packet_length != DTLS1_RT_HEADER_LENGTH)
+			{
+			s->packet_length = 0;
+			goto again;
+			}
+
+		s->rstate=SSL_ST_READ_BODY;
+
+		p=s->packet;
+
+		/* Pull apart the header into the DTLS1_RECORD */
+		rr->type= *(p++);
+		ssl_major= *(p++);
+		ssl_minor= *(p++);
+		version=(ssl_major<<8)|ssl_minor;
+
+		/* sequence number is 64 bits, with top 2 bytes = epoch */ 
+		n2s(p,rr->epoch);
+
+		memcpy(&(s->s3->read_sequence[2]), p, 6);
+		p+=6;
+
+		n2s(p,rr->length);
+
+		/* Lets check version */
+		if (!s->first_packet)
+			{
+			if (version != s->version)
+				{
+				/* unexpected version, silently discard */
+				rr->length = 0;
+				s->packet_length = 0;
+				goto again;
+				}
+			}
+
+		if ((version & 0xff00) != (s->version & 0xff00))
+			{
+			/* wrong version, silently discard record */
+			rr->length = 0;
+			s->packet_length = 0;
+			goto again;
+			}
+
+		if (rr->length > SSL3_RT_MAX_ENCRYPTED_LENGTH)
+			{
+			/* record too long, silently discard it */
+			rr->length = 0;
+			s->packet_length = 0;
+			goto again;
+			}
+
+		/* now s->rstate == SSL_ST_READ_BODY */
+		}
+
+	/* s->rstate == SSL_ST_READ_BODY, get and decode the data */
+
+	if (rr->length > s->packet_length-DTLS1_RT_HEADER_LENGTH)
+		{
+		/* now s->packet_length == DTLS1_RT_HEADER_LENGTH */
+		i=rr->length;
+		n=ssl3_read_n(s,i,i,1);
+		if (n <= 0) return(n); /* error or non-blocking io */
+
+		/* this packet contained a partial record, dump it */
+		if ( n != i)
+			{
+			rr->length = 0;
+			s->packet_length = 0;
+			goto again;
+			}
+
+		/* now n == rr->length,
+		 * and s->packet_length == DTLS1_RT_HEADER_LENGTH + rr->length */
+		}
+	s->rstate=SSL_ST_READ_HEADER; /* set state for later operations */
+
+	/* match epochs.  NULL means the packet is dropped on the floor */
+	bitmap = dtls1_get_bitmap(s, rr, &is_next_epoch);
+	if ( bitmap == NULL)
+		{
+		rr->length = 0;
+		s->packet_length = 0;  /* dump this record */
+		goto again;   /* get another record */
+		}
+
+	/* Check whether this is a repeat, or aged record.
+	 * Don't check if we're listening and this message is
+	 * a ClientHello. They can look as if they're replayed,
+	 * since they arrive from different connections and
+	 * would be dropped unnecessarily.
+	 */
+	if (!(s->d1->listen && rr->type == SSL3_RT_HANDSHAKE &&
+		*p == SSL3_MT_CLIENT_HELLO) &&
+		!dtls1_record_replay_check(s, bitmap))
+		{
+		rr->length = 0;
+		s->packet_length=0; /* dump this record */
+		goto again;     /* get another record */
+		}
+
+	/* just read a 0 length packet */
+	if (rr->length == 0) goto again;
+
+	/* If this record is from the next epoch (either HM or ALERT),
+	 * buffer it since it cannot be processed at this time. Records
+	 * from the next epoch are marked as received even though they
+	 * are not processed, so as to prevent any potential resource
+	 * DoS attack */
+	if (is_next_epoch)
+		{
+		dtls1_record_bitmap_update(s, bitmap);
+		dtls1_buffer_record(s, &(s->d1->unprocessed_rcds), rr->seq_num);
+		rr->length = 0;
+		s->packet_length = 0;
+		goto again;
+		}
+
+	if ( ! dtls1_process_record(s))
+		return(0);
+
+	dtls1_clear_timeouts(s);  /* done waiting */
+	return(1);
+
+	}
+
+/* Return up to 'len' payload bytes received in 'type' records.
+ * 'type' is one of the following:
+ *
+ *   -  SSL3_RT_HANDSHAKE (when ssl3_get_message calls us)
+ *   -  SSL3_RT_APPLICATION_DATA (when ssl3_read calls us)
+ *   -  0 (during a shutdown, no data has to be returned)
+ *
+ * If we don't have stored data to work from, read a SSL/TLS record first
+ * (possibly multiple records if we still don't have anything to return).
+ *
+ * This function must handle any surprises the peer may have for us, such as
+ * Alert records (e.g. close_notify), ChangeCipherSpec records (not really
+ * a surprise, but handled as if it were), or renegotiation requests.
+ * Also if record payloads contain fragments too small to process, we store
+ * them until there is enough for the respective protocol (the record protocol
+ * may use arbitrary fragmentation and even interleaving):
+ *     Change cipher spec protocol
+ *             just 1 byte needed, no need for keeping anything stored
+ *     Alert protocol
+ *             2 bytes needed (AlertLevel, AlertDescription)
+ *     Handshake protocol
+ *             4 bytes needed (HandshakeType, uint24 length) -- we just have
+ *             to detect unexpected Client Hello and Hello Request messages
+ *             here, anything else is handled by higher layers
+ *     Application data protocol
+ *             none of our business
+ */
+int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
+	{
+	int al,i,j,ret;
+	unsigned int n;
+	SSL3_RECORD *rr;
+	void (*cb)(const SSL *ssl,int type2,int val)=NULL;
+
+	if (s->s3->rbuf.buf == NULL) /* Not initialized yet */
+		if (!ssl3_setup_buffers(s))
+			return(-1);
+
+    /* XXX: check what the second '&& type' is about */
+	if ((type && (type != SSL3_RT_APPLICATION_DATA) && 
+		(type != SSL3_RT_HANDSHAKE) && type) ||
+	    (peek && (type != SSL3_RT_APPLICATION_DATA)))
+		{
+		SSLerr(SSL_F_DTLS1_READ_BYTES, ERR_R_INTERNAL_ERROR);
+		return -1;
+		}
+
+	/* check whether there's a handshake message (client hello?) waiting */
+	if ( (ret = have_handshake_fragment(s, type, buf, len, peek)))
+		return ret;
+
+	/* Now s->d1->handshake_fragment_len == 0 if type == SSL3_RT_HANDSHAKE. */
+
+	if (!s->in_handshake && SSL_in_init(s))
+		{
+		/* type == SSL3_RT_APPLICATION_DATA */
+		i=s->handshake_func(s);
+		if (i < 0) return(i);
+		if (i == 0)
+			{
+			SSLerr(SSL_F_DTLS1_READ_BYTES,SSL_R_SSL_HANDSHAKE_FAILURE);
+			return(-1);
+			}
+		}
+
+start:
+	s->rwstate=SSL_NOTHING;
+
+	/* s->s3->rrec.type	    - is the type of record
+	 * s->s3->rrec.data,    - data
+	 * s->s3->rrec.off,     - offset into 'data' for next read
+	 * s->s3->rrec.length,  - number of bytes. */
+	rr = &(s->s3->rrec);
+
+	/* We are not handshaking and have no data yet,
+	 * so process data buffered during the last handshake
+	 * in advance, if any.
+	 */
+	if (s->state == SSL_ST_OK && rr->length == 0)
+		{
+		pitem *item;
+		item = pqueue_pop(s->d1->buffered_app_data.q);
+		if (item)
+			{
+			dtls1_copy_record(s, item);
+
+			OPENSSL_free(item->data);
+			pitem_free(item);
+			}
+		}
+
+	/* Check for timeout */
+	if (dtls1_handle_timeout(s) > 0)
+		goto start;
+
+	/* get new packet if necessary */
+	if ((rr->length == 0) || (s->rstate == SSL_ST_READ_BODY))
+		{
+		ret=dtls1_get_record(s);
+		if (ret <= 0) 
+			{
+			ret = dtls1_read_failed(s, ret);
+			/* anything other than a timeout is an error */
+			if (ret <= 0)  
+				return(ret);
+			else
+				goto start;
+			}
+		}
+
+	/* we now have a packet which can be read and processed */
+
+	if (s->s3->change_cipher_spec /* set when we receive ChangeCipherSpec,
+	                               * reset by ssl3_get_finished */
+		&& (rr->type != SSL3_RT_HANDSHAKE))
+		{
+		/* We now have application data between CCS and Finished.
+		 * Most likely the packets were reordered on their way, so
+		 * buffer the application data for later processing rather
+		 * than dropping the connection.
+		 */
+		dtls1_buffer_record(s, &(s->d1->buffered_app_data), 0);
+		rr->length = 0;
+		goto start;
+		}
+
+	/* If the other end has shut down, throw anything we read away
+	 * (even in 'peek' mode) */
+	if (s->shutdown & SSL_RECEIVED_SHUTDOWN)
+		{
+		rr->length=0;
+		s->rwstate=SSL_NOTHING;
+		return(0);
+		}
+
+
+	if (type == rr->type) /* SSL3_RT_APPLICATION_DATA or SSL3_RT_HANDSHAKE */
+		{
+		/* make sure that we are not getting application data when we
+		 * are doing a handshake for the first time */
+		if (SSL_in_init(s) && (type == SSL3_RT_APPLICATION_DATA) &&
+			(s->enc_read_ctx == NULL))
+			{
+			al=SSL_AD_UNEXPECTED_MESSAGE;
+			SSLerr(SSL_F_DTLS1_READ_BYTES,SSL_R_APP_DATA_IN_HANDSHAKE);
+			goto f_err;
+			}
+
+		if (len <= 0) return(len);
+
+		if ((unsigned int)len > rr->length)
+			n = rr->length;
+		else
+			n = (unsigned int)len;
+
+		memcpy(buf,&(rr->data[rr->off]),n);
+		if (!peek)
+			{
+			rr->length-=n;
+			rr->off+=n;
+			if (rr->length == 0)
+				{
+				s->rstate=SSL_ST_READ_HEADER;
+				rr->off=0;
+				}
+			}
+		return(n);
+		}
+
+
+	/* If we get here, then type != rr->type; if we have a handshake
+	 * message, then it was unexpected (Hello Request or Client Hello). */
+
+	/* In case of record types for which we have 'fragment' storage,
+	 * fill that so that we can process the data at a fixed place.
+	 */
+		{
+		unsigned int k, dest_maxlen = 0;
+		unsigned char *dest = NULL;
+		unsigned int *dest_len = NULL;
+
+		if (rr->type == SSL3_RT_HANDSHAKE)
+			{
+			dest_maxlen = sizeof s->d1->handshake_fragment;
+			dest = s->d1->handshake_fragment;
+			dest_len = &s->d1->handshake_fragment_len;
+			}
+		else if (rr->type == SSL3_RT_ALERT)
+			{
+			dest_maxlen = sizeof(s->d1->alert_fragment);
+			dest = s->d1->alert_fragment;
+			dest_len = &s->d1->alert_fragment_len;
+			}
+		/* else it's a CCS message, or application data or wrong */
+		else if (rr->type != SSL3_RT_CHANGE_CIPHER_SPEC)
+			{
+			/* Application data while renegotiating
+			 * is allowed. Try again reading.
+			 */
+			if (rr->type == SSL3_RT_APPLICATION_DATA)
+				{
+				BIO *bio;
+				s->s3->in_read_app_data=2;
+				bio=SSL_get_rbio(s);
+				s->rwstate=SSL_READING;
+				BIO_clear_retry_flags(bio);
+				BIO_set_retry_read(bio);
+				return(-1);
+				}
+
+			/* Not certain if this is the right error handling */
+			al=SSL_AD_UNEXPECTED_MESSAGE;
+			SSLerr(SSL_F_DTLS1_READ_BYTES,SSL_R_UNEXPECTED_RECORD);
+			goto f_err;
+			}
+
+		if (dest_maxlen > 0)
+			{
+            /* XDTLS:  In a pathalogical case, the Client Hello
+             *  may be fragmented--don't always expect dest_maxlen bytes */
+			if ( rr->length < dest_maxlen)
+				{
+#ifdef DTLS1_AD_MISSING_HANDSHAKE_MESSAGE
+				/*
+				 * for normal alerts rr->length is 2, while
+				 * dest_maxlen is 7 if we were to handle this
+				 * non-existing alert...
+				 */
+				FIX ME
+#endif
+				s->rstate=SSL_ST_READ_HEADER;
+				rr->length = 0;
+				goto start;
+				}
+
+			/* now move 'n' bytes: */
+			for ( k = 0; k < dest_maxlen; k++)
+				{
+				dest[k] = rr->data[rr->off++];
+				rr->length--;
+				}
+			*dest_len = dest_maxlen;
+			}
+		}
+
+	/* s->d1->handshake_fragment_len == 12  iff  rr->type == SSL3_RT_HANDSHAKE;
+	 * s->d1->alert_fragment_len == 7      iff  rr->type == SSL3_RT_ALERT.
+	 * (Possibly rr is 'empty' now, i.e. rr->length may be 0.) */
+
+	/* If we are a client, check for an incoming 'Hello Request': */
+	if ((!s->server) &&
+		(s->d1->handshake_fragment_len >= DTLS1_HM_HEADER_LENGTH) &&
+		(s->d1->handshake_fragment[0] == SSL3_MT_HELLO_REQUEST) &&
+		(s->session != NULL) && (s->session->cipher != NULL))
+		{
+		s->d1->handshake_fragment_len = 0;
+
+		if ((s->d1->handshake_fragment[1] != 0) ||
+			(s->d1->handshake_fragment[2] != 0) ||
+			(s->d1->handshake_fragment[3] != 0))
+			{
+			al=SSL_AD_DECODE_ERROR;
+			SSLerr(SSL_F_DTLS1_READ_BYTES,SSL_R_BAD_HELLO_REQUEST);
+			goto err;
+			}
+
+		/* no need to check sequence number on HELLO REQUEST messages */
+
+		if (s->msg_callback)
+			s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE, 
+				s->d1->handshake_fragment, 4, s, s->msg_callback_arg);
+
+		if (SSL_is_init_finished(s) &&
+			!(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) &&
+			!s->s3->renegotiate)
+			{
+			ssl3_renegotiate(s);
+			if (ssl3_renegotiate_check(s))
+				{
+				i=s->handshake_func(s);
+				if (i < 0) return(i);
+				if (i == 0)
+					{
+					SSLerr(SSL_F_DTLS1_READ_BYTES,SSL_R_SSL_HANDSHAKE_FAILURE);
+					return(-1);
+					}
+
+				if (!(s->mode & SSL_MODE_AUTO_RETRY))
+					{
+					if (s->s3->rbuf.left == 0) /* no read-ahead left? */
+						{
+						BIO *bio;
+						/* In the case where we try to read application data,
+						 * but we trigger an SSL handshake, we return -1 with
+						 * the retry option set.  Otherwise renegotiation may
+						 * cause nasty problems in the blocking world */
+						s->rwstate=SSL_READING;
+						bio=SSL_get_rbio(s);
+						BIO_clear_retry_flags(bio);
+						BIO_set_retry_read(bio);
+						return(-1);
+						}
+					}
+				}
+			}
+		/* we either finished a handshake or ignored the request,
+		 * now try again to obtain the (application) data we were asked for */
+		goto start;
+		}
+
+	if (s->d1->alert_fragment_len >= DTLS1_AL_HEADER_LENGTH)
+		{
+		int alert_level = s->d1->alert_fragment[0];
+		int alert_descr = s->d1->alert_fragment[1];
+
+		s->d1->alert_fragment_len = 0;
+
+		if (s->msg_callback)
+			s->msg_callback(0, s->version, SSL3_RT_ALERT, 
+				s->d1->alert_fragment, 2, s, s->msg_callback_arg);
+
+		if (s->info_callback != NULL)
+			cb=s->info_callback;
+		else if (s->ctx->info_callback != NULL)
+			cb=s->ctx->info_callback;
+
+		if (cb != NULL)
+			{
+			j = (alert_level << 8) | alert_descr;
+			cb(s, SSL_CB_READ_ALERT, j);
+			}
+
+		if (alert_level == 1) /* warning */
+			{
+			s->s3->warn_alert = alert_descr;
+			if (alert_descr == SSL_AD_CLOSE_NOTIFY)
+				{
+				s->shutdown |= SSL_RECEIVED_SHUTDOWN;
+				return(0);
+				}
+#if 0
+            /* XXX: this is a possible improvement in the future */
+			/* now check if it's a missing record */
+			if (alert_descr == DTLS1_AD_MISSING_HANDSHAKE_MESSAGE)
+				{
+				unsigned short seq;
+				unsigned int frag_off;
+				unsigned char *p = &(s->d1->alert_fragment[2]);
+
+				n2s(p, seq);
+				n2l3(p, frag_off);
+
+				dtls1_retransmit_message(s,
+										 dtls1_get_queue_priority(frag->msg_header.seq, 0),
+										 frag_off, &found);
+				if ( ! found  && SSL_in_init(s))
+					{
+					/* fprintf( stderr,"in init = %d\n", SSL_in_init(s)); */
+					/* requested a message not yet sent, 
+					   send an alert ourselves */
+					ssl3_send_alert(s,SSL3_AL_WARNING,
+						DTLS1_AD_MISSING_HANDSHAKE_MESSAGE);
+					}
+				}
+#endif
+			}
+		else if (alert_level == 2) /* fatal */
+			{
+			char tmp[16];
+
+			s->rwstate=SSL_NOTHING;
+			s->s3->fatal_alert = alert_descr;
+			SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_AD_REASON_OFFSET + alert_descr);
+			BIO_snprintf(tmp,sizeof tmp,"%d",alert_descr);
+			ERR_add_error_data(2,"SSL alert number ",tmp);
+			s->shutdown|=SSL_RECEIVED_SHUTDOWN;
+			SSL_CTX_remove_session(s->ctx,s->session);
+			return(0);
+			}
+		else
+			{
+			al=SSL_AD_ILLEGAL_PARAMETER;
+			SSLerr(SSL_F_DTLS1_READ_BYTES,SSL_R_UNKNOWN_ALERT_TYPE);
+			goto f_err;
+			}
+
+		goto start;
+		}
+
+	if (s->shutdown & SSL_SENT_SHUTDOWN) /* but we have not received a shutdown */
+		{
+		s->rwstate=SSL_NOTHING;
+		rr->length=0;
+		return(0);
+		}
+
+	if (rr->type == SSL3_RT_CHANGE_CIPHER_SPEC)
+		{
+		struct ccs_header_st ccs_hdr;
+		unsigned int ccs_hdr_len = DTLS1_CCS_HEADER_LENGTH;
+
+		dtls1_get_ccs_header(rr->data, &ccs_hdr);
+
+		if (s->version == DTLS1_BAD_VER)
+			ccs_hdr_len = 3;
+
+		/* 'Change Cipher Spec' is just a single byte, so we know
+		 * exactly what the record payload has to look like */
+		/* XDTLS: check that epoch is consistent */
+		if (	(rr->length != ccs_hdr_len) || 
+			(rr->off != 0) || (rr->data[0] != SSL3_MT_CCS))
+			{
+			i=SSL_AD_ILLEGAL_PARAMETER;
+			SSLerr(SSL_F_DTLS1_READ_BYTES,SSL_R_BAD_CHANGE_CIPHER_SPEC);
+			goto err;
+			}
+
+		rr->length=0;
+
+		if (s->msg_callback)
+			s->msg_callback(0, s->version, SSL3_RT_CHANGE_CIPHER_SPEC, 
+				rr->data, 1, s, s->msg_callback_arg);
+
+		/* We can't process a CCS now, because previous handshake
+		 * messages are still missing, so just drop it.
+		 */
+		if (!s->d1->change_cipher_spec_ok)
+			{
+			goto start;
+			}
+
+		s->d1->change_cipher_spec_ok = 0;
+
+		s->s3->change_cipher_spec=1;
+		if (!ssl3_do_change_cipher_spec(s))
+			goto err;
+
+		/* do this whenever CCS is processed */
+		dtls1_reset_seq_numbers(s, SSL3_CC_READ);
+
+		if (s->version == DTLS1_BAD_VER)
+			s->d1->handshake_read_seq++;
+
+		goto start;
+		}
+
+	/* Unexpected handshake message (Client Hello, or protocol violation) */
+	if ((s->d1->handshake_fragment_len >= DTLS1_HM_HEADER_LENGTH) && 
+		!s->in_handshake)
+		{
+		struct hm_header_st msg_hdr;
+		
+		/* this may just be a stale retransmit */
+		dtls1_get_message_header(rr->data, &msg_hdr);
+		if( rr->epoch != s->d1->r_epoch)
+			{
+			rr->length = 0;
+			goto start;
+			}
+
+		/* If we are server, we may have a repeated FINISHED of the
+		 * client here, then retransmit our CCS and FINISHED.
+		 */
+		if (msg_hdr.type == SSL3_MT_FINISHED)
+			{
+			dtls1_retransmit_buffered_messages(s);
+			rr->length = 0;
+			goto start;
+			}
+
+		if (((s->state&SSL_ST_MASK) == SSL_ST_OK) &&
+			!(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS))
+			{
+#if 0 /* worked only because C operator preferences are not as expected (and
+       * because this is not really needed for clients except for detecting
+       * protocol violations): */
+			s->state=SSL_ST_BEFORE|(s->server)
+				?SSL_ST_ACCEPT
+				:SSL_ST_CONNECT;
+#else
+			s->state = s->server ? SSL_ST_ACCEPT : SSL_ST_CONNECT;
+#endif
+			s->new_session=1;
+			}
+		i=s->handshake_func(s);
+		if (i < 0) return(i);
+		if (i == 0)
+			{
+			SSLerr(SSL_F_DTLS1_READ_BYTES,SSL_R_SSL_HANDSHAKE_FAILURE);
+			return(-1);
+			}
+
+		if (!(s->mode & SSL_MODE_AUTO_RETRY))
+			{
+			if (s->s3->rbuf.left == 0) /* no read-ahead left? */
+				{
+				BIO *bio;
+				/* In the case where we try to read application data,
+				 * but we trigger an SSL handshake, we return -1 with
+				 * the retry option set.  Otherwise renegotiation may
+				 * cause nasty problems in the blocking world */
+				s->rwstate=SSL_READING;
+				bio=SSL_get_rbio(s);
+				BIO_clear_retry_flags(bio);
+				BIO_set_retry_read(bio);
+				return(-1);
+				}
+			}
+		goto start;
+		}
+
+	switch (rr->type)
+		{
+	default:
+#ifndef OPENSSL_NO_TLS
+		/* TLS just ignores unknown message types */
+		if (s->version == TLS1_VERSION)
+			{
+			rr->length = 0;
+			goto start;
+			}
+#endif
+		al=SSL_AD_UNEXPECTED_MESSAGE;
+		SSLerr(SSL_F_DTLS1_READ_BYTES,SSL_R_UNEXPECTED_RECORD);
+		goto f_err;
+	case SSL3_RT_CHANGE_CIPHER_SPEC:
+	case SSL3_RT_ALERT:
+	case SSL3_RT_HANDSHAKE:
+		/* we already handled all of these, with the possible exception
+		 * of SSL3_RT_HANDSHAKE when s->in_handshake is set, but that
+		 * should not happen when type != rr->type */
+		al=SSL_AD_UNEXPECTED_MESSAGE;
+		SSLerr(SSL_F_DTLS1_READ_BYTES,ERR_R_INTERNAL_ERROR);
+		goto f_err;
+	case SSL3_RT_APPLICATION_DATA:
+		/* At this point, we were expecting handshake data,
+		 * but have application data.  If the library was
+		 * running inside ssl3_read() (i.e. in_read_app_data
+		 * is set) and it makes sense to read application data
+		 * at this point (session renegotiation not yet started),
+		 * we will indulge it.
+		 */
+		if (s->s3->in_read_app_data &&
+			(s->s3->total_renegotiations != 0) &&
+			((
+				(s->state & SSL_ST_CONNECT) &&
+				(s->state >= SSL3_ST_CW_CLNT_HELLO_A) &&
+				(s->state <= SSL3_ST_CR_SRVR_HELLO_A)
+				) || (
+					(s->state & SSL_ST_ACCEPT) &&
+					(s->state <= SSL3_ST_SW_HELLO_REQ_A) &&
+					(s->state >= SSL3_ST_SR_CLNT_HELLO_A)
+					)
+				))
+			{
+			s->s3->in_read_app_data=2;
+			return(-1);
+			}
+		else
+			{
+			al=SSL_AD_UNEXPECTED_MESSAGE;
+			SSLerr(SSL_F_DTLS1_READ_BYTES,SSL_R_UNEXPECTED_RECORD);
+			goto f_err;
+			}
+		}
+	/* not reached */
+
+f_err:
+	ssl3_send_alert(s,SSL3_AL_FATAL,al);
+err:
+	return(-1);
+	}
+
+int
+dtls1_write_app_data_bytes(SSL *s, int type, const void *buf_, int len)
+	{
+	int i;
+
+	if (SSL_in_init(s) && !s->in_handshake)
+		{
+		i=s->handshake_func(s);
+		if (i < 0) return(i);
+		if (i == 0)
+			{
+			SSLerr(SSL_F_DTLS1_WRITE_APP_DATA_BYTES,SSL_R_SSL_HANDSHAKE_FAILURE);
+			return -1;
+			}
+		}
+
+	if (len > SSL3_RT_MAX_PLAIN_LENGTH)
+		{
+			SSLerr(SSL_F_DTLS1_WRITE_APP_DATA_BYTES,SSL_R_DTLS_MESSAGE_TOO_BIG);
+			return -1;
+		}
+
+	i = dtls1_write_bytes(s, type, buf_, len);
+	return i;
+	}
+
+
+	/* this only happens when a client hello is received and a handshake 
+	 * is started. */
+static int
+have_handshake_fragment(SSL *s, int type, unsigned char *buf, 
+	int len, int peek)
+	{
+	
+	if ((type == SSL3_RT_HANDSHAKE) && (s->d1->handshake_fragment_len > 0))
+		/* (partially) satisfy request from storage */
+		{
+		unsigned char *src = s->d1->handshake_fragment;
+		unsigned char *dst = buf;
+		unsigned int k,n;
+		
+		/* peek == 0 */
+		n = 0;
+		while ((len > 0) && (s->d1->handshake_fragment_len > 0))
+			{
+			*dst++ = *src++;
+			len--; s->d1->handshake_fragment_len--;
+			n++;
+			}
+		/* move any remaining fragment bytes: */
+		for (k = 0; k < s->d1->handshake_fragment_len; k++)
+			s->d1->handshake_fragment[k] = *src++;
+		return n;
+		}
+	
+	return 0;
+	}
+
+
+
+
+/* Call this to write data in records of type 'type'
+ * It will return <= 0 if not all data has been sent or non-blocking IO.
+ */
+int dtls1_write_bytes(SSL *s, int type, const void *buf, int len)
+	{
+	int i;
+
+	OPENSSL_assert(len <= SSL3_RT_MAX_PLAIN_LENGTH);
+	s->rwstate=SSL_NOTHING;
+	i=do_dtls1_write(s, type, buf, len, 0);
+	return i;
+	}
+
+int do_dtls1_write(SSL *s, int type, const unsigned char *buf, unsigned int len, int create_empty_fragment)
+	{
+	unsigned char *p,*pseq;
+	int i,mac_size,clear=0;
+	int prefix_len = 0;
+	SSL3_RECORD *wr;
+	SSL3_BUFFER *wb;
+	SSL_SESSION *sess;
+	int bs;
+
+	/* first check if there is a SSL3_BUFFER still being written
+	 * out.  This will happen with non blocking IO */
+	if (s->s3->wbuf.left != 0)
+		{
+		OPENSSL_assert(0); /* XDTLS:  want to see if we ever get here */
+		return(ssl3_write_pending(s,type,buf,len));
+		}
+
+	/* If we have an alert to send, lets send it */
+	if (s->s3->alert_dispatch)
+		{
+		i=s->method->ssl_dispatch_alert(s);
+		if (i <= 0)
+			return(i);
+		/* if it went, fall through and send more stuff */
+		}
+
+	if (len == 0 && !create_empty_fragment)
+		return 0;
+
+	wr= &(s->s3->wrec);
+	wb= &(s->s3->wbuf);
+	sess=s->session;
+
+	if (	(sess == NULL) ||
+		(s->enc_write_ctx == NULL) ||
+		(EVP_MD_CTX_md(s->write_hash) == NULL))
+		clear=1;
+
+	if (clear)
+		mac_size=0;
+	else
+		{
+		mac_size=EVP_MD_CTX_size(s->write_hash);
+		if (mac_size < 0)
+			goto err;
+		}
+
+	/* DTLS implements explicit IV, so no need for empty fragments */
+#if 0
+	/* 'create_empty_fragment' is true only when this function calls itself */
+	if (!clear && !create_empty_fragment && !s->s3->empty_fragment_done
+	    && SSL_version(s) != DTLS1_VERSION && SSL_version(s) != DTLS1_BAD_VER)
+		{
+		/* countermeasure against known-IV weakness in CBC ciphersuites
+		 * (see http://www.openssl.org/~bodo/tls-cbc.txt) 
+		 */
+
+		if (s->s3->need_empty_fragments && type == SSL3_RT_APPLICATION_DATA)
+			{
+			/* recursive function call with 'create_empty_fragment' set;
+			 * this prepares and buffers the data for an empty fragment
+			 * (these 'prefix_len' bytes are sent out later
+			 * together with the actual payload) */
+			prefix_len = s->method->do_ssl_write(s, type, buf, 0, 1);
+			if (prefix_len <= 0)
+				goto err;
+
+			if (s->s3->wbuf.len < (size_t)prefix_len + SSL3_RT_MAX_PACKET_SIZE)
+				{
+				/* insufficient space */
+				SSLerr(SSL_F_DO_DTLS1_WRITE, ERR_R_INTERNAL_ERROR);
+				goto err;
+				}
+			}
+		
+		s->s3->empty_fragment_done = 1;
+		}
+#endif
+	p = wb->buf + prefix_len;
+
+	/* write the header */
+
+	*(p++)=type&0xff;
+	wr->type=type;
+
+	*(p++)=(s->version>>8);
+	*(p++)=s->version&0xff;
+
+	/* field where we are to write out packet epoch, seq num and len */
+	pseq=p; 
+	p+=10;
+
+	/* lets setup the record stuff. */
+
+	/* Make space for the explicit IV in case of CBC.
+	 * (this is a bit of a boundary violation, but what the heck).
+	 */
+	if ( s->enc_write_ctx && 
+		(EVP_CIPHER_mode( s->enc_write_ctx->cipher ) & EVP_CIPH_CBC_MODE))
+		bs = EVP_CIPHER_block_size(s->enc_write_ctx->cipher);
+	else
+		bs = 0;
+
+	wr->data=p + bs;  /* make room for IV in case of CBC */
+	wr->length=(int)len;
+	wr->input=(unsigned char *)buf;
+
+	/* we now 'read' from wr->input, wr->length bytes into
+	 * wr->data */
+
+	/* first we compress */
+	if (s->compress != NULL)
+		{
+		if (!ssl3_do_compress(s))
+			{
+			SSLerr(SSL_F_DO_DTLS1_WRITE,SSL_R_COMPRESSION_FAILURE);
+			goto err;
+			}
+		}
+	else
+		{
+		memcpy(wr->data,wr->input,wr->length);
+		wr->input=wr->data;
+		}
+
+	/* we should still have the output to wr->data and the input
+	 * from wr->input.  Length should be wr->length.
+	 * wr->data still points in the wb->buf */
+
+	if (mac_size != 0)
+		{
+		if(s->method->ssl3_enc->mac(s,&(p[wr->length + bs]),1) < 0)
+			goto err;
+		wr->length+=mac_size;
+		}
+
+	/* this is true regardless of mac size */
+	wr->input=p;
+	wr->data=p;
+
+
+	/* ssl3_enc can only have an error on read */
+	if (bs)	/* bs != 0 in case of CBC */
+		{
+		RAND_pseudo_bytes(p,bs);
+		/* master IV and last CBC residue stand for
+		 * the rest of randomness */
+		wr->length += bs;
+		}
+
+	s->method->ssl3_enc->enc(s,1);
+
+	/* record length after mac and block padding */
+/*	if (type == SSL3_RT_APPLICATION_DATA ||
+	(type == SSL3_RT_ALERT && ! SSL_in_init(s))) */
+	
+	/* there's only one epoch between handshake and app data */
+	
+	s2n(s->d1->w_epoch, pseq);
+
+	/* XDTLS: ?? */
+/*	else
+	s2n(s->d1->handshake_epoch, pseq); */
+
+	memcpy(pseq, &(s->s3->write_sequence[2]), 6);
+	pseq+=6;
+	s2n(wr->length,pseq);
+
+	/* we should now have
+	 * wr->data pointing to the encrypted data, which is
+	 * wr->length long */
+	wr->type=type; /* not needed but helps for debugging */
+	wr->length+=DTLS1_RT_HEADER_LENGTH;
+
+#if 0  /* this is now done at the message layer */
+	/* buffer the record, making it easy to handle retransmits */
+	if ( type == SSL3_RT_HANDSHAKE || type == SSL3_RT_CHANGE_CIPHER_SPEC)
+		dtls1_buffer_record(s, wr->data, wr->length, 
+			*((PQ_64BIT *)&(s->s3->write_sequence[0])));
+#endif
+
+	ssl3_record_sequence_update(&(s->s3->write_sequence[0]));
+
+	if (create_empty_fragment)
+		{
+		/* we are in a recursive call;
+		 * just return the length, don't write out anything here
+		 */
+		return wr->length;
+		}
+
+	/* now let's set up wb */
+	wb->left = prefix_len + wr->length;
+	wb->offset = 0;
+
+	/* memorize arguments so that ssl3_write_pending can detect bad write retries later */
+	s->s3->wpend_tot=len;
+	s->s3->wpend_buf=buf;
+	s->s3->wpend_type=type;
+	s->s3->wpend_ret=len;
+
+	/* we now just need to write the buffer */
+	return ssl3_write_pending(s,type,buf,len);
+err:
+	return -1;
+	}
+
+
+
+static int dtls1_record_replay_check(SSL *s, DTLS1_BITMAP *bitmap)
+	{
+	int cmp;
+	unsigned int shift;
+	const unsigned char *seq = s->s3->read_sequence;
+
+	cmp = satsub64be(seq,bitmap->max_seq_num);
+	if (cmp > 0)
+		{
+		memcpy (s->s3->rrec.seq_num,seq,8);
+		return 1; /* this record in new */
+		}
+	shift = -cmp;
+	if (shift >= sizeof(bitmap->map)*8)
+		return 0; /* stale, outside the window */
+	else if (bitmap->map & (1UL<<shift))
+		return 0; /* record previously received */
+
+	memcpy (s->s3->rrec.seq_num,seq,8);
+	return 1;
+	}
+
+
+static void dtls1_record_bitmap_update(SSL *s, DTLS1_BITMAP *bitmap)
+	{
+	int cmp;
+	unsigned int shift;
+	const unsigned char *seq = s->s3->read_sequence;
+
+	cmp = satsub64be(seq,bitmap->max_seq_num);
+	if (cmp > 0)
+		{
+		shift = cmp;
+		if (shift < sizeof(bitmap->map)*8)
+			bitmap->map <<= shift, bitmap->map |= 1UL;
+		else
+			bitmap->map = 1UL;
+		memcpy(bitmap->max_seq_num,seq,8);
+		}
+	else	{
+		shift = -cmp;
+		if (shift < sizeof(bitmap->map)*8)
+			bitmap->map |= 1UL<<shift;
+		}
+	}
+
+
+int dtls1_dispatch_alert(SSL *s)
+	{
+	int i,j;
+	void (*cb)(const SSL *ssl,int type,int val)=NULL;
+	unsigned char buf[DTLS1_AL_HEADER_LENGTH];
+	unsigned char *ptr = &buf[0];
+
+	s->s3->alert_dispatch=0;
+
+	memset(buf, 0x00, sizeof(buf));
+	*ptr++ = s->s3->send_alert[0];
+	*ptr++ = s->s3->send_alert[1];
+
+#ifdef DTLS1_AD_MISSING_HANDSHAKE_MESSAGE
+	if (s->s3->send_alert[1] == DTLS1_AD_MISSING_HANDSHAKE_MESSAGE)
+		{	
+		s2n(s->d1->handshake_read_seq, ptr);
+#if 0
+		if ( s->d1->r_msg_hdr.frag_off == 0)  /* waiting for a new msg */
+
+		else
+			s2n(s->d1->r_msg_hdr.seq, ptr); /* partial msg read */
+#endif
+
+#if 0
+		fprintf(stderr, "s->d1->handshake_read_seq = %d, s->d1->r_msg_hdr.seq = %d\n",s->d1->handshake_read_seq,s->d1->r_msg_hdr.seq);
+#endif
+		l2n3(s->d1->r_msg_hdr.frag_off, ptr);
+		}
+#endif
+
+	i = do_dtls1_write(s, SSL3_RT_ALERT, &buf[0], sizeof(buf), 0);
+	if (i <= 0)
+		{
+		s->s3->alert_dispatch=1;
+		/* fprintf( stderr, "not done with alert\n" ); */
+		}
+	else
+		{
+		if (s->s3->send_alert[0] == SSL3_AL_FATAL
+#ifdef DTLS1_AD_MISSING_HANDSHAKE_MESSAGE
+		    || s->s3->send_alert[1] == DTLS1_AD_MISSING_HANDSHAKE_MESSAGE
+#endif
+		    )
+			(void)BIO_flush(s->wbio);
+
+		if (s->msg_callback)
+			s->msg_callback(1, s->version, SSL3_RT_ALERT, s->s3->send_alert, 
+				2, s, s->msg_callback_arg);
+
+		if (s->info_callback != NULL)
+			cb=s->info_callback;
+		else if (s->ctx->info_callback != NULL)
+			cb=s->ctx->info_callback;
+
+		if (cb != NULL)
+			{
+			j=(s->s3->send_alert[0]<<8)|s->s3->send_alert[1];
+			cb(s,SSL_CB_WRITE_ALERT,j);
+			}
+		}
+	return(i);
+	}
+
+
+static DTLS1_BITMAP *
+dtls1_get_bitmap(SSL *s, SSL3_RECORD *rr, unsigned int *is_next_epoch)
+    {
+    
+    *is_next_epoch = 0;
+
+    /* In current epoch, accept HM, CCS, DATA, & ALERT */
+    if (rr->epoch == s->d1->r_epoch)
+        return &s->d1->bitmap;
+
+    /* Only HM and ALERT messages can be from the next epoch */
+    else if (rr->epoch == (unsigned long)(s->d1->r_epoch + 1) &&
+        (rr->type == SSL3_RT_HANDSHAKE ||
+            rr->type == SSL3_RT_ALERT))
+        {
+        *is_next_epoch = 1;
+        return &s->d1->next_bitmap;
+        }
+
+    return NULL;
+    }
+
+#if 0
+static int
+dtls1_record_needs_buffering(SSL *s, SSL3_RECORD *rr, unsigned short *priority,
+	unsigned long *offset)
+	{
+
+	/* alerts are passed up immediately */
+	if ( rr->type == SSL3_RT_APPLICATION_DATA ||
+		rr->type == SSL3_RT_ALERT)
+		return 0;
+
+	/* Only need to buffer if a handshake is underway.
+	 * (this implies that Hello Request and Client Hello are passed up
+	 * immediately) */
+	if ( SSL_in_init(s))
+		{
+		unsigned char *data = rr->data;
+		/* need to extract the HM/CCS sequence number here */
+		if ( rr->type == SSL3_RT_HANDSHAKE ||
+			rr->type == SSL3_RT_CHANGE_CIPHER_SPEC)
+			{
+			unsigned short seq_num;
+			struct hm_header_st msg_hdr;
+			struct ccs_header_st ccs_hdr;
+
+			if ( rr->type == SSL3_RT_HANDSHAKE)
+				{
+				dtls1_get_message_header(data, &msg_hdr);
+				seq_num = msg_hdr.seq;
+				*offset = msg_hdr.frag_off;
+				}
+			else
+				{
+				dtls1_get_ccs_header(data, &ccs_hdr);
+				seq_num = ccs_hdr.seq;
+				*offset = 0;
+				}
+				
+			/* this is either a record we're waiting for, or a
+			 * retransmit of something we happened to previously 
+			 * receive (higher layers will drop the repeat silently */
+			if ( seq_num < s->d1->handshake_read_seq)
+				return 0;
+			if (rr->type == SSL3_RT_HANDSHAKE && 
+				seq_num == s->d1->handshake_read_seq &&
+				msg_hdr.frag_off < s->d1->r_msg_hdr.frag_off)
+				return 0;
+			else if ( seq_num == s->d1->handshake_read_seq &&
+				(rr->type == SSL3_RT_CHANGE_CIPHER_SPEC ||
+					msg_hdr.frag_off == s->d1->r_msg_hdr.frag_off))
+				return 0;
+			else
+				{
+				*priority = seq_num;
+				return 1;
+				}
+			}
+		else /* unknown record type */
+			return 0;
+		}
+
+	return 0;
+	}
+#endif
+
+void
+dtls1_reset_seq_numbers(SSL *s, int rw)
+	{
+	unsigned char *seq;
+	unsigned int seq_bytes = sizeof(s->s3->read_sequence);
+
+	if ( rw & SSL3_CC_READ)
+		{
+		seq = s->s3->read_sequence;
+		s->d1->r_epoch++;
+		memcpy(&(s->d1->bitmap), &(s->d1->next_bitmap), sizeof(DTLS1_BITMAP));
+		memset(&(s->d1->next_bitmap), 0x00, sizeof(DTLS1_BITMAP));
+		}
+	else
+		{
+		seq = s->s3->write_sequence;
+		memcpy(s->d1->last_write_sequence, seq, sizeof(s->s3->write_sequence));
+		s->d1->w_epoch++;
+		}
+
+	memset(seq, 0x00, seq_bytes);
+	}
+
+
+static void
+dtls1_clear_timeouts(SSL *s)
+	{
+	memset(&(s->d1->timeout), 0x00, sizeof(struct dtls1_timeout_st));
+	}
diff --git a/ssl/d1_srvr.c b/ssl/d1_srvr.c
new file mode 100644
index 0000000000..eead971d25
--- /dev/null
+++ b/ssl/d1_srvr.c
@@ -0,0 +1,1550 @@
+/* ssl/d1_srvr.c */
+/* 
+ * DTLS implementation written by Nagendra Modadugu
+ * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.  
+ */
+/* ====================================================================
+ * Copyright (c) 1999-2007 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "ssl_locl.h"
+#include <openssl/buffer.h>
+#include <openssl/rand.h>
+#include <openssl/objects.h>
+#include <openssl/evp.h>
+#include <openssl/x509.h>
+#include <openssl/md5.h>
+#include <openssl/bn.h>
+#ifndef OPENSSL_NO_DH
+#include <openssl/dh.h>
+#endif
+
+static const SSL_METHOD *dtls1_get_server_method(int ver);
+static int dtls1_send_hello_verify_request(SSL *s);
+
+static const SSL_METHOD *dtls1_get_server_method(int ver)
+	{
+	if (ver == DTLS1_VERSION)
+		return(DTLSv1_server_method());
+	else
+		return(NULL);
+	}
+
+IMPLEMENT_dtls1_meth_func(DTLSv1_server_method,
+			dtls1_accept,
+			ssl_undefined_function,
+			dtls1_get_server_method)
+
+int dtls1_accept(SSL *s)
+	{
+	BUF_MEM *buf;
+	unsigned long Time=(unsigned long)time(NULL);
+	void (*cb)(const SSL *ssl,int type,int val)=NULL;
+	unsigned long alg_k;
+	int ret= -1;
+	int new_state,state,skip=0;
+
+	RAND_add(&Time,sizeof(Time),0);
+	ERR_clear_error();
+	clear_sys_error();
+
+	if (s->info_callback != NULL)
+		cb=s->info_callback;
+	else if (s->ctx->info_callback != NULL)
+		cb=s->ctx->info_callback;
+
+	/* init things to blank */
+	s->in_handshake++;
+	if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
+
+	if (s->cert == NULL)
+		{
+		SSLerr(SSL_F_DTLS1_ACCEPT,SSL_R_NO_CERTIFICATE_SET);
+		return(-1);
+		}
+
+	for (;;)
+		{
+		state=s->state;
+
+		switch (s->state)
+			{
+		case SSL_ST_RENEGOTIATE:
+			s->new_session=1;
+			/* s->state=SSL_ST_ACCEPT; */
+
+		case SSL_ST_BEFORE:
+		case SSL_ST_ACCEPT:
+		case SSL_ST_BEFORE|SSL_ST_ACCEPT:
+		case SSL_ST_OK|SSL_ST_ACCEPT:
+
+			s->server=1;
+			if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1);
+
+			if ((s->version & 0xff00) != (DTLS1_VERSION & 0xff00))
+				{
+				SSLerr(SSL_F_DTLS1_ACCEPT, ERR_R_INTERNAL_ERROR);
+				return -1;
+				}
+			s->type=SSL_ST_ACCEPT;
+
+			if (s->init_buf == NULL)
+				{
+				if ((buf=BUF_MEM_new()) == NULL)
+					{
+					ret= -1;
+					goto end;
+					}
+				if (!BUF_MEM_grow(buf,SSL3_RT_MAX_PLAIN_LENGTH))
+					{
+					ret= -1;
+					goto end;
+					}
+				s->init_buf=buf;
+				}
+
+			if (!ssl3_setup_buffers(s))
+				{
+				ret= -1;
+				goto end;
+				}
+
+			s->init_num=0;
+
+			if (s->state != SSL_ST_RENEGOTIATE)
+				{
+				/* Ok, we now need to push on a buffering BIO so that
+				 * the output is sent in a way that TCP likes :-)
+				 */
+				if (!ssl_init_wbio_buffer(s,1)) { ret= -1; goto end; }
+
+				ssl3_init_finished_mac(s);
+				s->state=SSL3_ST_SR_CLNT_HELLO_A;
+				s->ctx->stats.sess_accept++;
+				}
+			else
+				{
+				/* s->state == SSL_ST_RENEGOTIATE,
+				 * we will just send a HelloRequest */
+				s->ctx->stats.sess_accept_renegotiate++;
+				s->state=SSL3_ST_SW_HELLO_REQ_A;
+				}
+
+			break;
+
+		case SSL3_ST_SW_HELLO_REQ_A:
+		case SSL3_ST_SW_HELLO_REQ_B:
+
+			s->shutdown=0;
+			dtls1_start_timer(s);
+			ret=dtls1_send_hello_request(s);
+			if (ret <= 0) goto end;
+			s->s3->tmp.next_state=SSL3_ST_SW_HELLO_REQ_C;
+			s->state=SSL3_ST_SW_FLUSH;
+			s->init_num=0;
+
+			ssl3_init_finished_mac(s);
+			break;
+
+		case SSL3_ST_SW_HELLO_REQ_C:
+			s->state=SSL_ST_OK;
+			break;
+
+		case SSL3_ST_SR_CLNT_HELLO_A:
+		case SSL3_ST_SR_CLNT_HELLO_B:
+		case SSL3_ST_SR_CLNT_HELLO_C:
+
+			s->shutdown=0;
+			ret=ssl3_get_client_hello(s);
+			if (ret <= 0) goto end;
+			dtls1_stop_timer(s);
+
+			if (ret == 1 && (SSL_get_options(s) & SSL_OP_COOKIE_EXCHANGE))
+				s->state = DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A;
+			else
+				s->state = SSL3_ST_SW_SRVR_HELLO_A;
+
+			s->init_num=0;
+
+			/* If we're just listening, stop here */
+			if (s->d1->listen && s->state == SSL3_ST_SW_SRVR_HELLO_A)
+				{
+				ret = 2;
+				s->d1->listen = 0;
+				goto end;
+				}
+			
+			break;
+			
+		case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A:
+		case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B:
+
+			dtls1_start_timer(s);
+			ret = dtls1_send_hello_verify_request(s);
+			if ( ret <= 0) goto end;
+			s->state=SSL3_ST_SW_FLUSH;
+			s->s3->tmp.next_state=SSL3_ST_SR_CLNT_HELLO_A;
+
+			/* HelloVerifyRequest resets Finished MAC */
+			if (s->version != DTLS1_BAD_VER)
+				ssl3_init_finished_mac(s);
+			break;
+			
+		case SSL3_ST_SW_SRVR_HELLO_A:
+		case SSL3_ST_SW_SRVR_HELLO_B:
+			s->new_session = 2;
+			dtls1_start_timer(s);
+			ret=dtls1_send_server_hello(s);
+			if (ret <= 0) goto end;
+
+#ifndef OPENSSL_NO_TLSEXT
+			if (s->hit)
+				{
+				if (s->tlsext_ticket_expected)
+					s->state=SSL3_ST_SW_SESSION_TICKET_A;
+				else
+					s->state=SSL3_ST_SW_CHANGE_A;
+				}
+#else
+			if (s->hit)
+					s->state=SSL3_ST_SW_CHANGE_A;
+#endif
+			else
+				s->state=SSL3_ST_SW_CERT_A;
+			s->init_num=0;
+			break;
+
+		case SSL3_ST_SW_CERT_A:
+		case SSL3_ST_SW_CERT_B:
+			/* Check if it is anon DH or normal PSK */
+			if (!(s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL)
+				&& !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK))
+				{
+				dtls1_start_timer(s);
+				ret=dtls1_send_server_certificate(s);
+				if (ret <= 0) goto end;
+#ifndef OPENSSL_NO_TLSEXT
+				if (s->tlsext_status_expected)
+					s->state=SSL3_ST_SW_CERT_STATUS_A;
+				else
+					s->state=SSL3_ST_SW_KEY_EXCH_A;
+				}
+			else
+				{
+				skip = 1;
+				s->state=SSL3_ST_SW_KEY_EXCH_A;
+				}
+#else
+				}
+			else
+				skip=1;
+
+			s->state=SSL3_ST_SW_KEY_EXCH_A;
+#endif
+			s->init_num=0;
+			break;
+
+		case SSL3_ST_SW_KEY_EXCH_A:
+		case SSL3_ST_SW_KEY_EXCH_B:
+			alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
+
+			/* clear this, it may get reset by
+			 * send_server_key_exchange */
+			if ((s->options & SSL_OP_EPHEMERAL_RSA)
+#ifndef OPENSSL_NO_KRB5
+				&& !(alg_k & SSL_kKRB5)
+#endif /* OPENSSL_NO_KRB5 */
+				)
+				/* option SSL_OP_EPHEMERAL_RSA sends temporary RSA key
+				 * even when forbidden by protocol specs
+				 * (handshake may fail as clients are not required to
+				 * be able to handle this) */
+				s->s3->tmp.use_rsa_tmp=1;
+			else
+				s->s3->tmp.use_rsa_tmp=0;
+
+			/* only send if a DH key exchange or
+			 * RSA but we have a sign only certificate */
+			if (s->s3->tmp.use_rsa_tmp
+			/* PSK: send ServerKeyExchange if PSK identity
+			 * hint if provided */
+#ifndef OPENSSL_NO_PSK
+			    || ((alg_k & SSL_kPSK) && s->ctx->psk_identity_hint)
+#endif
+			    || (alg_k & (SSL_kEDH|SSL_kDHr|SSL_kDHd))
+			    || (alg_k & SSL_kEECDH)
+			    || ((alg_k & SSL_kRSA)
+				&& (s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL
+				    || (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher)
+					&& EVP_PKEY_size(s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey)*8 > SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)
+					)
+				    )
+				)
+			    )
+				{
+				dtls1_start_timer(s);
+				ret=dtls1_send_server_key_exchange(s);
+				if (ret <= 0) goto end;
+				}
+			else
+				skip=1;
+
+			s->state=SSL3_ST_SW_CERT_REQ_A;
+			s->init_num=0;
+			break;
+
+		case SSL3_ST_SW_CERT_REQ_A:
+		case SSL3_ST_SW_CERT_REQ_B:
+			if (/* don't request cert unless asked for it: */
+				!(s->verify_mode & SSL_VERIFY_PEER) ||
+				/* if SSL_VERIFY_CLIENT_ONCE is set,
+				 * don't request cert during re-negotiation: */
+				((s->session->peer != NULL) &&
+				 (s->verify_mode & SSL_VERIFY_CLIENT_ONCE)) ||
+				/* never request cert in anonymous ciphersuites
+				 * (see section "Certificate request" in SSL 3 drafts
+				 * and in RFC 2246): */
+				((s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL) &&
+				 /* ... except when the application insists on verification
+				  * (against the specs, but s3_clnt.c accepts this for SSL 3) */
+				 !(s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)) ||
+				 /* never request cert in Kerberos ciphersuites */
+				(s->s3->tmp.new_cipher->algorithm_auth & SSL_aKRB5)
+				/* With normal PSK Certificates and
+				 * Certificate Requests are omitted */
+				|| (s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK))
+				{
+				/* no cert request */
+				skip=1;
+				s->s3->tmp.cert_request=0;
+				s->state=SSL3_ST_SW_SRVR_DONE_A;
+				}
+			else
+				{
+				s->s3->tmp.cert_request=1;
+				dtls1_start_timer(s);
+				ret=dtls1_send_certificate_request(s);
+				if (ret <= 0) goto end;
+#ifndef NETSCAPE_HANG_BUG
+				s->state=SSL3_ST_SW_SRVR_DONE_A;
+#else
+				s->state=SSL3_ST_SW_FLUSH;
+				s->s3->tmp.next_state=SSL3_ST_SR_CERT_A;
+#endif
+				s->init_num=0;
+				}
+			break;
+
+		case SSL3_ST_SW_SRVR_DONE_A:
+		case SSL3_ST_SW_SRVR_DONE_B:
+			dtls1_start_timer(s);
+			ret=dtls1_send_server_done(s);
+			if (ret <= 0) goto end;
+			s->s3->tmp.next_state=SSL3_ST_SR_CERT_A;
+			s->state=SSL3_ST_SW_FLUSH;
+			s->init_num=0;
+			break;
+		
+		case SSL3_ST_CW_FLUSH:
+			s->rwstate=SSL_WRITING;
+			if (BIO_flush(s->wbio) <= 0)
+				{
+				ret= -1;
+				goto end;
+				}
+			s->rwstate=SSL_NOTHING;
+			s->state=s->s3->tmp.next_state;
+			break;
+
+		case SSL3_ST_SR_CERT_A:
+		case SSL3_ST_SR_CERT_B:
+			/* Check for second client hello (MS SGC) */
+			ret = ssl3_check_client_hello(s);
+			if (ret <= 0)
+				goto end;
+			dtls1_stop_timer(s);
+			if (ret == 2)
+				s->state = SSL3_ST_SR_CLNT_HELLO_C;
+			else {
+				/* could be sent for a DH cert, even if we
+				 * have not asked for it :-) */
+				ret=ssl3_get_client_certificate(s);
+				if (ret <= 0) goto end;
+				dtls1_stop_timer(s);
+				s->init_num=0;
+				s->state=SSL3_ST_SR_KEY_EXCH_A;
+			}
+			break;
+
+		case SSL3_ST_SR_KEY_EXCH_A:
+		case SSL3_ST_SR_KEY_EXCH_B:
+			ret=ssl3_get_client_key_exchange(s);
+			if (ret <= 0) goto end;
+			dtls1_stop_timer(s);
+			s->state=SSL3_ST_SR_CERT_VRFY_A;
+			s->init_num=0;
+
+			if (ret == 2)
+				{
+				/* For the ECDH ciphersuites when
+				 * the client sends its ECDH pub key in
+				 * a certificate, the CertificateVerify
+				 * message is not sent.
+				 */
+				s->state=SSL3_ST_SR_FINISHED_A;
+				s->init_num = 0;
+				}
+			else
+				{
+				s->state=SSL3_ST_SR_CERT_VRFY_A;
+				s->init_num=0;
+
+				/* We need to get hashes here so if there is
+				 * a client cert, it can be verified */ 
+				s->method->ssl3_enc->cert_verify_mac(s,
+					NID_md5,
+					&(s->s3->tmp.cert_verify_md[0]));
+				s->method->ssl3_enc->cert_verify_mac(s,
+					NID_sha1,
+					&(s->s3->tmp.cert_verify_md[MD5_DIGEST_LENGTH]));
+				}
+			break;
+
+		case SSL3_ST_SR_CERT_VRFY_A:
+		case SSL3_ST_SR_CERT_VRFY_B:
+
+			s->d1->change_cipher_spec_ok = 1;
+			/* we should decide if we expected this one */
+			ret=ssl3_get_cert_verify(s);
+			if (ret <= 0) goto end;
+			dtls1_stop_timer(s);
+
+			s->state=SSL3_ST_SR_FINISHED_A;
+			s->init_num=0;
+			break;
+
+		case SSL3_ST_SR_FINISHED_A:
+		case SSL3_ST_SR_FINISHED_B:
+			s->d1->change_cipher_spec_ok = 1;
+			ret=ssl3_get_finished(s,SSL3_ST_SR_FINISHED_A,
+				SSL3_ST_SR_FINISHED_B);
+			if (ret <= 0) goto end;
+			dtls1_stop_timer(s);
+			if (s->hit)
+				s->state=SSL_ST_OK;
+#ifndef OPENSSL_NO_TLSEXT
+			else if (s->tlsext_ticket_expected)
+				s->state=SSL3_ST_SW_SESSION_TICKET_A;
+#endif
+			else
+				s->state=SSL3_ST_SW_CHANGE_A;
+			s->init_num=0;
+			break;
+
+#ifndef OPENSSL_NO_TLSEXT
+		case SSL3_ST_SW_SESSION_TICKET_A:
+		case SSL3_ST_SW_SESSION_TICKET_B:
+			ret=dtls1_send_newsession_ticket(s);
+			if (ret <= 0) goto end;
+			s->state=SSL3_ST_SW_CHANGE_A;
+			s->init_num=0;
+			break;
+
+		case SSL3_ST_SW_CERT_STATUS_A:
+		case SSL3_ST_SW_CERT_STATUS_B:
+			ret=ssl3_send_cert_status(s);
+			if (ret <= 0) goto end;
+			s->state=SSL3_ST_SW_KEY_EXCH_A;
+			s->init_num=0;
+			break;
+
+#endif
+
+		case SSL3_ST_SW_CHANGE_A:
+		case SSL3_ST_SW_CHANGE_B:
+
+			s->session->cipher=s->s3->tmp.new_cipher;
+			if (!s->method->ssl3_enc->setup_key_block(s))
+				{ ret= -1; goto end; }
+
+			ret=dtls1_send_change_cipher_spec(s,
+				SSL3_ST_SW_CHANGE_A,SSL3_ST_SW_CHANGE_B);
+
+			if (ret <= 0) goto end;
+			s->state=SSL3_ST_SW_FINISHED_A;
+			s->init_num=0;
+
+			if (!s->method->ssl3_enc->change_cipher_state(s,
+				SSL3_CHANGE_CIPHER_SERVER_WRITE))
+				{
+				ret= -1;
+				goto end;
+				}
+
+			dtls1_reset_seq_numbers(s, SSL3_CC_WRITE);
+			break;
+
+		case SSL3_ST_SW_FINISHED_A:
+		case SSL3_ST_SW_FINISHED_B:
+			ret=dtls1_send_finished(s,
+				SSL3_ST_SW_FINISHED_A,SSL3_ST_SW_FINISHED_B,
+				s->method->ssl3_enc->server_finished_label,
+				s->method->ssl3_enc->server_finished_label_len);
+			if (ret <= 0) goto end;
+			s->state=SSL3_ST_SW_FLUSH;
+			if (s->hit)
+				s->s3->tmp.next_state=SSL3_ST_SR_FINISHED_A;
+			else
+				s->s3->tmp.next_state=SSL_ST_OK;
+			s->init_num=0;
+			break;
+
+		case SSL_ST_OK:
+			/* clean a few things up */
+			ssl3_cleanup_key_block(s);
+
+#if 0
+			BUF_MEM_free(s->init_buf);
+			s->init_buf=NULL;
+#endif
+
+			/* remove buffering on output */
+			ssl_free_wbio_buffer(s);
+
+			s->init_num=0;
+
+			if (s->new_session == 2) /* skipped if we just sent a HelloRequest */
+				{
+				/* actually not necessarily a 'new' session unless
+				 * SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION is set */
+				
+				s->new_session=0;
+				
+				ssl_update_cache(s,SSL_SESS_CACHE_SERVER);
+				
+				s->ctx->stats.sess_accept_good++;
+				/* s->server=1; */
+				s->handshake_func=dtls1_accept;
+
+				if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_DONE,1);
+				}
+			
+			ret = 1;
+
+			/* done handshaking, next message is client hello */
+			s->d1->handshake_read_seq = 0;
+			/* next message is server hello */
+			s->d1->handshake_write_seq = 0;
+			s->d1->next_handshake_write_seq = 0;
+			goto end;
+			/* break; */
+
+		default:
+			SSLerr(SSL_F_DTLS1_ACCEPT,SSL_R_UNKNOWN_STATE);
+			ret= -1;
+			goto end;
+			/* break; */
+			}
+		
+		if (!s->s3->tmp.reuse_message && !skip)
+			{
+			if (s->debug)
+				{
+				if ((ret=BIO_flush(s->wbio)) <= 0)
+					goto end;
+				}
+
+
+			if ((cb != NULL) && (s->state != state))
+				{
+				new_state=s->state;
+				s->state=state;
+				cb(s,SSL_CB_ACCEPT_LOOP,1);
+				s->state=new_state;
+				}
+			}
+		skip=0;
+		}
+end:
+	/* BIO_flush(s->wbio); */
+
+	s->in_handshake--;
+	if (cb != NULL)
+		cb(s,SSL_CB_ACCEPT_EXIT,ret);
+	return(ret);
+	}
+
+int dtls1_send_hello_request(SSL *s)
+	{
+	unsigned char *p;
+
+	if (s->state == SSL3_ST_SW_HELLO_REQ_A)
+		{
+		p=(unsigned char *)s->init_buf->data;
+		p = dtls1_set_message_header(s, p, SSL3_MT_HELLO_REQUEST, 0, 0, 0);
+
+		s->state=SSL3_ST_SW_HELLO_REQ_B;
+		/* number of bytes to write */
+		s->init_num=DTLS1_HM_HEADER_LENGTH;
+		s->init_off=0;
+
+		/* no need to buffer this message, since there are no retransmit 
+		 * requests for it */
+		}
+
+	/* SSL3_ST_SW_HELLO_REQ_B */
+	return(dtls1_do_write(s,SSL3_RT_HANDSHAKE));
+	}
+
+int dtls1_send_hello_verify_request(SSL *s)
+	{
+	unsigned int msg_len;
+	unsigned char *msg, *buf, *p;
+
+	if (s->state == DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A)
+		{
+		buf = (unsigned char *)s->init_buf->data;
+
+		msg = p = &(buf[DTLS1_HM_HEADER_LENGTH]);
+		*(p++) = s->version >> 8;
+		*(p++) = s->version & 0xFF;
+
+		if (s->ctx->app_gen_cookie_cb == NULL ||
+		     s->ctx->app_gen_cookie_cb(s, s->d1->cookie,
+			 &(s->d1->cookie_len)) == 0)
+			{
+			SSLerr(SSL_F_DTLS1_SEND_HELLO_VERIFY_REQUEST,ERR_R_INTERNAL_ERROR);
+			return 0;
+			}
+
+		*(p++) = (unsigned char) s->d1->cookie_len;
+		memcpy(p, s->d1->cookie, s->d1->cookie_len);
+		p += s->d1->cookie_len;
+		msg_len = p - msg;
+
+		dtls1_set_message_header(s, buf,
+			DTLS1_MT_HELLO_VERIFY_REQUEST, msg_len, 0, msg_len);
+
+		s->state=DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B;
+		/* number of bytes to write */
+		s->init_num=p-buf;
+		s->init_off=0;
+
+		/* buffer the message to handle re-xmits */
+		dtls1_buffer_message(s, 0);
+		}
+
+	/* s->state = DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B */
+	return(dtls1_do_write(s,SSL3_RT_HANDSHAKE));
+	}
+
+int dtls1_send_server_hello(SSL *s)
+	{
+	unsigned char *buf;
+	unsigned char *p,*d;
+	int i;
+	unsigned int sl;
+	unsigned long l,Time;
+
+	if (s->state == SSL3_ST_SW_SRVR_HELLO_A)
+		{
+		buf=(unsigned char *)s->init_buf->data;
+		p=s->s3->server_random;
+		Time=(unsigned long)time(NULL);			/* Time */
+		l2n(Time,p);
+		RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-sizeof(Time));
+		/* Do the message type and length last */
+		d=p= &(buf[DTLS1_HM_HEADER_LENGTH]);
+
+		*(p++)=s->version>>8;
+		*(p++)=s->version&0xff;
+
+		/* Random stuff */
+		memcpy(p,s->s3->server_random,SSL3_RANDOM_SIZE);
+		p+=SSL3_RANDOM_SIZE;
+
+		/* now in theory we have 3 options to sending back the
+		 * session id.  If it is a re-use, we send back the
+		 * old session-id, if it is a new session, we send
+		 * back the new session-id or we send back a 0 length
+		 * session-id if we want it to be single use.
+		 * Currently I will not implement the '0' length session-id
+		 * 12-Jan-98 - I'll now support the '0' length stuff.
+		 */
+		if (!(s->ctx->session_cache_mode & SSL_SESS_CACHE_SERVER))
+			s->session->session_id_length=0;
+
+		sl=s->session->session_id_length;
+		if (sl > sizeof s->session->session_id)
+			{
+			SSLerr(SSL_F_DTLS1_SEND_SERVER_HELLO, ERR_R_INTERNAL_ERROR);
+			return -1;
+			}
+		*(p++)=sl;
+		memcpy(p,s->session->session_id,sl);
+		p+=sl;
+
+		/* put the cipher */
+		if (s->s3->tmp.new_cipher == NULL)
+			return -1;
+		i=ssl3_put_cipher_by_char(s->s3->tmp.new_cipher,p);
+		p+=i;
+
+		/* put the compression method */
+#ifdef OPENSSL_NO_COMP
+		*(p++)=0;
+#else
+		if (s->s3->tmp.new_compression == NULL)
+			*(p++)=0;
+		else
+			*(p++)=s->s3->tmp.new_compression->id;
+#endif
+
+#ifndef OPENSSL_NO_TLSEXT
+		if ((p = ssl_add_serverhello_tlsext(s, p, buf+SSL3_RT_MAX_PLAIN_LENGTH)) == NULL)
+			{
+			SSLerr(SSL_F_DTLS1_SEND_SERVER_HELLO,ERR_R_INTERNAL_ERROR);
+			return -1;
+			}
+#endif
+
+		/* do the header */
+		l=(p-d);
+		d=buf;
+
+		d = dtls1_set_message_header(s, d, SSL3_MT_SERVER_HELLO, l, 0, l);
+
+		s->state=SSL3_ST_SW_SRVR_HELLO_B;
+		/* number of bytes to write */
+		s->init_num=p-buf;
+		s->init_off=0;
+
+		/* buffer the message to handle re-xmits */
+		dtls1_buffer_message(s, 0);
+		}
+
+	/* SSL3_ST_SW_SRVR_HELLO_B */
+	return(dtls1_do_write(s,SSL3_RT_HANDSHAKE));
+	}
+
+int dtls1_send_server_done(SSL *s)
+	{
+	unsigned char *p;
+
+	if (s->state == SSL3_ST_SW_SRVR_DONE_A)
+		{
+		p=(unsigned char *)s->init_buf->data;
+
+		/* do the header */
+		p = dtls1_set_message_header(s, p, SSL3_MT_SERVER_DONE, 0, 0, 0);
+
+		s->state=SSL3_ST_SW_SRVR_DONE_B;
+		/* number of bytes to write */
+		s->init_num=DTLS1_HM_HEADER_LENGTH;
+		s->init_off=0;
+
+		/* buffer the message to handle re-xmits */
+		dtls1_buffer_message(s, 0);
+		}
+
+	/* SSL3_ST_SW_SRVR_DONE_B */
+	return(dtls1_do_write(s,SSL3_RT_HANDSHAKE));
+	}
+
+int dtls1_send_server_key_exchange(SSL *s)
+	{
+#ifndef OPENSSL_NO_RSA
+	unsigned char *q;
+	int j,num;
+	RSA *rsa;
+	unsigned char md_buf[MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH];
+	unsigned int u;
+#endif
+#ifndef OPENSSL_NO_DH
+	DH *dh=NULL,*dhp;
+#endif
+#ifndef OPENSSL_NO_ECDH
+	EC_KEY *ecdh=NULL, *ecdhp;
+	unsigned char *encodedPoint = NULL;
+	int encodedlen = 0;
+	int curve_id = 0;
+	BN_CTX *bn_ctx = NULL; 
+#endif
+	EVP_PKEY *pkey;
+	unsigned char *p,*d;
+	int al,i;
+	unsigned long type;
+	int n;
+	CERT *cert;
+	BIGNUM *r[4];
+	int nr[4],kn;
+	BUF_MEM *buf;
+	EVP_MD_CTX md_ctx;
+
+	EVP_MD_CTX_init(&md_ctx);
+	if (s->state == SSL3_ST_SW_KEY_EXCH_A)
+		{
+		type=s->s3->tmp.new_cipher->algorithm_mkey;
+		cert=s->cert;
+
+		buf=s->init_buf;
+
+		r[0]=r[1]=r[2]=r[3]=NULL;
+		n=0;
+#ifndef OPENSSL_NO_RSA
+		if (type & SSL_kRSA)
+			{
+			rsa=cert->rsa_tmp;
+			if ((rsa == NULL) && (s->cert->rsa_tmp_cb != NULL))
+				{
+				rsa=s->cert->rsa_tmp_cb(s,
+				      SSL_C_IS_EXPORT(s->s3->tmp.new_cipher),
+				      SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher));
+				if(rsa == NULL)
+				{
+					al=SSL_AD_HANDSHAKE_FAILURE;
+					SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,SSL_R_ERROR_GENERATING_TMP_RSA_KEY);
+					goto f_err;
+				}
+				RSA_up_ref(rsa);
+				cert->rsa_tmp=rsa;
+				}
+			if (rsa == NULL)
+				{
+				al=SSL_AD_HANDSHAKE_FAILURE;
+				SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,SSL_R_MISSING_TMP_RSA_KEY);
+				goto f_err;
+				}
+			r[0]=rsa->n;
+			r[1]=rsa->e;
+			s->s3->tmp.use_rsa_tmp=1;
+			}
+		else
+#endif
+#ifndef OPENSSL_NO_DH
+			if (type & SSL_kEDH)
+			{
+			dhp=cert->dh_tmp;
+			if ((dhp == NULL) && (s->cert->dh_tmp_cb != NULL))
+				dhp=s->cert->dh_tmp_cb(s,
+				      SSL_C_IS_EXPORT(s->s3->tmp.new_cipher),
+				      SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher));
+			if (dhp == NULL)
+				{
+				al=SSL_AD_HANDSHAKE_FAILURE;
+				SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,SSL_R_MISSING_TMP_DH_KEY);
+				goto f_err;
+				}
+
+			if (s->s3->tmp.dh != NULL)
+				{
+				DH_free(dh);
+				SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
+				goto err;
+				}
+
+			if ((dh=DHparams_dup(dhp)) == NULL)
+				{
+				SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,ERR_R_DH_LIB);
+				goto err;
+				}
+
+			s->s3->tmp.dh=dh;
+			if ((dhp->pub_key == NULL ||
+			     dhp->priv_key == NULL ||
+			     (s->options & SSL_OP_SINGLE_DH_USE)))
+				{
+				if(!DH_generate_key(dh))
+				    {
+				    SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,
+					   ERR_R_DH_LIB);
+				    goto err;
+				    }
+				}
+			else
+				{
+				dh->pub_key=BN_dup(dhp->pub_key);
+				dh->priv_key=BN_dup(dhp->priv_key);
+				if ((dh->pub_key == NULL) ||
+					(dh->priv_key == NULL))
+					{
+					SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,ERR_R_DH_LIB);
+					goto err;
+					}
+				}
+			r[0]=dh->p;
+			r[1]=dh->g;
+			r[2]=dh->pub_key;
+			}
+		else 
+#endif
+#ifndef OPENSSL_NO_ECDH
+			if (type & SSL_kEECDH)
+			{
+			const EC_GROUP *group;
+
+			ecdhp=cert->ecdh_tmp;
+			if ((ecdhp == NULL) && (s->cert->ecdh_tmp_cb != NULL))
+				{
+				ecdhp=s->cert->ecdh_tmp_cb(s,
+				      SSL_C_IS_EXPORT(s->s3->tmp.new_cipher),
+				      SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher));
+				}
+			if (ecdhp == NULL)
+				{
+				al=SSL_AD_HANDSHAKE_FAILURE;
+				SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,SSL_R_MISSING_TMP_ECDH_KEY);
+				goto f_err;
+				}
+
+			if (s->s3->tmp.ecdh != NULL)
+				{
+				EC_KEY_free(s->s3->tmp.ecdh); 
+				SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
+				goto err;
+				}
+
+			/* Duplicate the ECDH structure. */
+			if (ecdhp == NULL)
+				{
+				SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,ERR_R_ECDH_LIB);
+				goto err;
+				}
+			if (!EC_KEY_up_ref(ecdhp))
+				{
+				SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,ERR_R_ECDH_LIB);
+				goto err;
+				}
+			ecdh = ecdhp;
+
+			s->s3->tmp.ecdh=ecdh;
+			if ((EC_KEY_get0_public_key(ecdh) == NULL) ||
+			    (EC_KEY_get0_private_key(ecdh) == NULL) ||
+			    (s->options & SSL_OP_SINGLE_ECDH_USE))
+				{
+				if(!EC_KEY_generate_key(ecdh))
+				    {
+				    SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,ERR_R_ECDH_LIB);
+				    goto err;
+				    }
+				}
+
+			if (((group = EC_KEY_get0_group(ecdh)) == NULL) ||
+			    (EC_KEY_get0_public_key(ecdh)  == NULL) ||
+			    (EC_KEY_get0_private_key(ecdh) == NULL))
+				{
+				SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,ERR_R_ECDH_LIB);
+				goto err;
+				}
+
+			if (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) &&
+			    (EC_GROUP_get_degree(group) > 163)) 
+				{
+				SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,SSL_R_ECGROUP_TOO_LARGE_FOR_CIPHER);
+				goto err;
+				}
+
+			/* XXX: For now, we only support ephemeral ECDH
+			 * keys over named (not generic) curves. For 
+			 * supported named curves, curve_id is non-zero.
+			 */
+			if ((curve_id = 
+			    tls1_ec_nid2curve_id(EC_GROUP_get_curve_name(group)))
+			    == 0)
+				{
+				SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,SSL_R_UNSUPPORTED_ELLIPTIC_CURVE);
+				goto err;
+				}
+
+			/* Encode the public key.
+			 * First check the size of encoding and
+			 * allocate memory accordingly.
+			 */
+			encodedlen = EC_POINT_point2oct(group, 
+			    EC_KEY_get0_public_key(ecdh),
+			    POINT_CONVERSION_UNCOMPRESSED, 
+			    NULL, 0, NULL);
+
+			encodedPoint = (unsigned char *) 
+			    OPENSSL_malloc(encodedlen*sizeof(unsigned char)); 
+			bn_ctx = BN_CTX_new();
+			if ((encodedPoint == NULL) || (bn_ctx == NULL))
+				{
+				SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,ERR_R_MALLOC_FAILURE);
+				goto err;
+				}
+
+
+			encodedlen = EC_POINT_point2oct(group, 
+			    EC_KEY_get0_public_key(ecdh), 
+			    POINT_CONVERSION_UNCOMPRESSED, 
+			    encodedPoint, encodedlen, bn_ctx);
+
+			if (encodedlen == 0) 
+				{
+				SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,ERR_R_ECDH_LIB);
+				goto err;
+				}
+
+			BN_CTX_free(bn_ctx);  bn_ctx=NULL;
+
+			/* XXX: For now, we only support named (not 
+			 * generic) curves in ECDH ephemeral key exchanges.
+			 * In this situation, we need four additional bytes
+			 * to encode the entire ServerECDHParams
+			 * structure. 
+			 */
+			n = 4 + encodedlen;
+
+			/* We'll generate the serverKeyExchange message
+			 * explicitly so we can set these to NULLs
+			 */
+			r[0]=NULL;
+			r[1]=NULL;
+			r[2]=NULL;
+			r[3]=NULL;
+			}
+		else 
+#endif /* !OPENSSL_NO_ECDH */
+#ifndef OPENSSL_NO_PSK
+			if (type & SSL_kPSK)
+				{
+				/* reserve size for record length and PSK identity hint*/
+				n+=2+strlen(s->ctx->psk_identity_hint);
+				}
+			else
+#endif /* !OPENSSL_NO_PSK */
+			{
+			al=SSL_AD_HANDSHAKE_FAILURE;
+			SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE);
+			goto f_err;
+			}
+		for (i=0; r[i] != NULL; i++)
+			{
+			nr[i]=BN_num_bytes(r[i]);
+			n+=2+nr[i];
+			}
+
+		if (!(s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL)
+			&& !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK))
+			{
+			if ((pkey=ssl_get_sign_pkey(s,s->s3->tmp.new_cipher))
+				== NULL)
+				{
+				al=SSL_AD_DECODE_ERROR;
+				goto f_err;
+				}
+			kn=EVP_PKEY_size(pkey);
+			}
+		else
+			{
+			pkey=NULL;
+			kn=0;
+			}
+
+		if (!BUF_MEM_grow_clean(buf,n+DTLS1_HM_HEADER_LENGTH+kn))
+			{
+			SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,ERR_LIB_BUF);
+			goto err;
+			}
+		d=(unsigned char *)s->init_buf->data;
+		p= &(d[DTLS1_HM_HEADER_LENGTH]);
+
+		for (i=0; r[i] != NULL; i++)
+			{
+			s2n(nr[i],p);
+			BN_bn2bin(r[i],p);
+			p+=nr[i];
+			}
+
+#ifndef OPENSSL_NO_ECDH
+		if (type & SSL_kEECDH) 
+			{
+			/* XXX: For now, we only support named (not generic) curves.
+			 * In this situation, the serverKeyExchange message has:
+			 * [1 byte CurveType], [2 byte CurveName]
+			 * [1 byte length of encoded point], followed by
+			 * the actual encoded point itself
+			 */
+			*p = NAMED_CURVE_TYPE;
+			p += 1;
+			*p = 0;
+			p += 1;
+			*p = curve_id;
+			p += 1;
+			*p = encodedlen;
+			p += 1;
+			memcpy((unsigned char*)p, 
+			    (unsigned char *)encodedPoint, 
+			    encodedlen);
+			OPENSSL_free(encodedPoint);
+			p += encodedlen;
+			}
+#endif
+
+#ifndef OPENSSL_NO_PSK
+		if (type & SSL_kPSK)
+			{
+			/* copy PSK identity hint */
+			s2n(strlen(s->ctx->psk_identity_hint), p); 
+			strncpy((char *)p, s->ctx->psk_identity_hint, strlen(s->ctx->psk_identity_hint));
+			p+=strlen(s->ctx->psk_identity_hint);
+			}
+#endif
+
+		/* not anonymous */
+		if (pkey != NULL)
+			{
+			/* n is the length of the params, they start at
+			 * &(d[DTLS1_HM_HEADER_LENGTH]) and p points to the space
+			 * at the end. */
+#ifndef OPENSSL_NO_RSA
+			if (pkey->type == EVP_PKEY_RSA)
+				{
+				q=md_buf;
+				j=0;
+				for (num=2; num > 0; num--)
+					{
+					EVP_DigestInit_ex(&md_ctx,(num == 2)
+						?s->ctx->md5:s->ctx->sha1, NULL);
+					EVP_DigestUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE);
+					EVP_DigestUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE);
+					EVP_DigestUpdate(&md_ctx,&(d[DTLS1_HM_HEADER_LENGTH]),n);
+					EVP_DigestFinal_ex(&md_ctx,q,
+						(unsigned int *)&i);
+					q+=i;
+					j+=i;
+					}
+				if (RSA_sign(NID_md5_sha1, md_buf, j,
+					&(p[2]), &u, pkey->pkey.rsa) <= 0)
+					{
+					SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,ERR_LIB_RSA);
+					goto err;
+					}
+				s2n(u,p);
+				n+=u+2;
+				}
+			else
+#endif
+#if !defined(OPENSSL_NO_DSA)
+				if (pkey->type == EVP_PKEY_DSA)
+				{
+				/* lets do DSS */
+				EVP_SignInit_ex(&md_ctx,EVP_dss1(), NULL);
+				EVP_SignUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE);
+				EVP_SignUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE);
+				EVP_SignUpdate(&md_ctx,&(d[DTLS1_HM_HEADER_LENGTH]),n);
+				if (!EVP_SignFinal(&md_ctx,&(p[2]),
+					(unsigned int *)&i,pkey))
+					{
+					SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,ERR_LIB_DSA);
+					goto err;
+					}
+				s2n(i,p);
+				n+=i+2;
+				}
+			else
+#endif
+#if !defined(OPENSSL_NO_ECDSA)
+				if (pkey->type == EVP_PKEY_EC)
+				{
+				/* let's do ECDSA */
+				EVP_SignInit_ex(&md_ctx,EVP_ecdsa(), NULL);
+				EVP_SignUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE);
+				EVP_SignUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE);
+				EVP_SignUpdate(&md_ctx,&(d[4]),n);
+				if (!EVP_SignFinal(&md_ctx,&(p[2]),
+					(unsigned int *)&i,pkey))
+					{
+					SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,ERR_LIB_ECDSA);
+					goto err;
+					}
+				s2n(i,p);
+				n+=i+2;
+				}
+			else
+#endif
+				{
+				/* Is this error check actually needed? */
+				al=SSL_AD_HANDSHAKE_FAILURE;
+				SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,SSL_R_UNKNOWN_PKEY_TYPE);
+				goto f_err;
+				}
+			}
+
+		d = dtls1_set_message_header(s, d,
+			SSL3_MT_SERVER_KEY_EXCHANGE, n, 0, n);
+
+		/* we should now have things packed up, so lets send
+		 * it off */
+		s->init_num=n+DTLS1_HM_HEADER_LENGTH;
+		s->init_off=0;
+
+		/* buffer the message to handle re-xmits */
+		dtls1_buffer_message(s, 0);
+		}
+
+	s->state = SSL3_ST_SW_KEY_EXCH_B;
+	EVP_MD_CTX_cleanup(&md_ctx);
+	return(dtls1_do_write(s,SSL3_RT_HANDSHAKE));
+f_err:
+	ssl3_send_alert(s,SSL3_AL_FATAL,al);
+err:
+#ifndef OPENSSL_NO_ECDH
+	if (encodedPoint != NULL) OPENSSL_free(encodedPoint);
+	BN_CTX_free(bn_ctx);
+#endif
+	EVP_MD_CTX_cleanup(&md_ctx);
+	return(-1);
+	}
+
+int dtls1_send_certificate_request(SSL *s)
+	{
+	unsigned char *p,*d;
+	int i,j,nl,off,n;
+	STACK_OF(X509_NAME) *sk=NULL;
+	X509_NAME *name;
+	BUF_MEM *buf;
+	unsigned int msg_len;
+
+	if (s->state == SSL3_ST_SW_CERT_REQ_A)
+		{
+		buf=s->init_buf;
+
+		d=p=(unsigned char *)&(buf->data[DTLS1_HM_HEADER_LENGTH]);
+
+		/* get the list of acceptable cert types */
+		p++;
+		n=ssl3_get_req_cert_type(s,p);
+		d[0]=n;
+		p+=n;
+		n++;
+
+		off=n;
+		p+=2;
+		n+=2;
+
+		sk=SSL_get_client_CA_list(s);
+		nl=0;
+		if (sk != NULL)
+			{
+			for (i=0; i<sk_X509_NAME_num(sk); i++)
+				{
+				name=sk_X509_NAME_value(sk,i);
+				j=i2d_X509_NAME(name,NULL);
+				if (!BUF_MEM_grow_clean(buf,DTLS1_HM_HEADER_LENGTH+n+j+2))
+					{
+					SSLerr(SSL_F_DTLS1_SEND_CERTIFICATE_REQUEST,ERR_R_BUF_LIB);
+					goto err;
+					}
+				p=(unsigned char *)&(buf->data[DTLS1_HM_HEADER_LENGTH+n]);
+				if (!(s->options & SSL_OP_NETSCAPE_CA_DN_BUG))
+					{
+					s2n(j,p);
+					i2d_X509_NAME(name,&p);
+					n+=2+j;
+					nl+=2+j;
+					}
+				else
+					{
+					d=p;
+					i2d_X509_NAME(name,&p);
+					j-=2; s2n(j,d); j+=2;
+					n+=j;
+					nl+=j;
+					}
+				}
+			}
+		/* else no CA names */
+		p=(unsigned char *)&(buf->data[DTLS1_HM_HEADER_LENGTH+off]);
+		s2n(nl,p);
+
+		d=(unsigned char *)buf->data;
+		*(d++)=SSL3_MT_CERTIFICATE_REQUEST;
+		l2n3(n,d);
+		s2n(s->d1->handshake_write_seq,d);
+		s->d1->handshake_write_seq++;
+
+		/* we should now have things packed up, so lets send
+		 * it off */
+
+		s->init_num=n+DTLS1_HM_HEADER_LENGTH;
+		s->init_off=0;
+#ifdef NETSCAPE_HANG_BUG
+/* XXX: what to do about this? */
+		p=(unsigned char *)s->init_buf->data + s->init_num;
+
+		/* do the header */
+		*(p++)=SSL3_MT_SERVER_DONE;
+		*(p++)=0;
+		*(p++)=0;
+		*(p++)=0;
+		s->init_num += 4;
+#endif
+
+		/* XDTLS:  set message header ? */
+		msg_len = s->init_num - DTLS1_HM_HEADER_LENGTH;
+		dtls1_set_message_header(s, (void *)s->init_buf->data,
+			SSL3_MT_CERTIFICATE_REQUEST, msg_len, 0, msg_len);
+
+		/* buffer the message to handle re-xmits */
+		dtls1_buffer_message(s, 0);
+
+		s->state = SSL3_ST_SW_CERT_REQ_B;
+		}
+
+	/* SSL3_ST_SW_CERT_REQ_B */
+	return(dtls1_do_write(s,SSL3_RT_HANDSHAKE));
+err:
+	return(-1);
+	}
+
+int dtls1_send_server_certificate(SSL *s)
+	{
+	unsigned long l;
+	X509 *x;
+
+	if (s->state == SSL3_ST_SW_CERT_A)
+		{
+		x=ssl_get_server_send_cert(s);
+		if (x == NULL)
+			{
+			/* VRS: allow null cert if auth == KRB5 */
+			if ((s->s3->tmp.new_cipher->algorithm_mkey != SSL_kKRB5) ||
+			    (s->s3->tmp.new_cipher->algorithm_auth != SSL_aKRB5))
+				{
+				SSLerr(SSL_F_DTLS1_SEND_SERVER_CERTIFICATE,ERR_R_INTERNAL_ERROR);
+				return(0);
+				}
+			}
+
+		l=dtls1_output_cert_chain(s,x);
+		s->state=SSL3_ST_SW_CERT_B;
+		s->init_num=(int)l;
+		s->init_off=0;
+
+		/* buffer the message to handle re-xmits */
+		dtls1_buffer_message(s, 0);
+		}
+
+	/* SSL3_ST_SW_CERT_B */
+	return(dtls1_do_write(s,SSL3_RT_HANDSHAKE));
+	}
+
+#ifndef OPENSSL_NO_TLSEXT
+int dtls1_send_newsession_ticket(SSL *s)
+	{
+	if (s->state == SSL3_ST_SW_SESSION_TICKET_A)
+		{
+		unsigned char *p, *senc, *macstart;
+		int len, slen;
+		unsigned int hlen, msg_len;
+		EVP_CIPHER_CTX ctx;
+		HMAC_CTX hctx;
+		SSL_CTX *tctx = s->initial_ctx;
+		unsigned char iv[EVP_MAX_IV_LENGTH];
+		unsigned char key_name[16];
+
+		/* get session encoding length */
+		slen = i2d_SSL_SESSION(s->session, NULL);
+		/* Some length values are 16 bits, so forget it if session is
+ 		 * too long
+ 		 */
+		if (slen > 0xFF00)
+			return -1;
+		/* Grow buffer if need be: the length calculation is as
+ 		 * follows 12 (DTLS handshake message header) +
+ 		 * 4 (ticket lifetime hint) + 2 (ticket length) +
+ 		 * 16 (key name) + max_iv_len (iv length) +
+ 		 * session_length + max_enc_block_size (max encrypted session
+ 		 * length) + max_md_size (HMAC).
+ 		 */
+		if (!BUF_MEM_grow(s->init_buf,
+			DTLS1_HM_HEADER_LENGTH + 22 + EVP_MAX_IV_LENGTH +
+			EVP_MAX_BLOCK_LENGTH + EVP_MAX_MD_SIZE + slen))
+			return -1;
+		senc = OPENSSL_malloc(slen);
+		if (!senc)
+			return -1;
+		p = senc;
+		i2d_SSL_SESSION(s->session, &p);
+
+		p=(unsigned char *)&(s->init_buf->data[DTLS1_HM_HEADER_LENGTH]);
+		EVP_CIPHER_CTX_init(&ctx);
+		HMAC_CTX_init(&hctx);
+		/* Initialize HMAC and cipher contexts. If callback present
+		 * it does all the work otherwise use generated values
+		 * from parent ctx.
+		 */
+		if (tctx->tlsext_ticket_key_cb)
+			{
+			if (tctx->tlsext_ticket_key_cb(s, key_name, iv, &ctx,
+							 &hctx, 1) < 0)
+				{
+				OPENSSL_free(senc);
+				return -1;
+				}
+			}
+		else
+			{
+			RAND_pseudo_bytes(iv, 16);
+			EVP_EncryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL,
+					tctx->tlsext_tick_aes_key, iv);
+			HMAC_Init_ex(&hctx, tctx->tlsext_tick_hmac_key, 16,
+					tlsext_tick_md(), NULL);
+			memcpy(key_name, tctx->tlsext_tick_key_name, 16);
+			}
+		l2n(s->session->tlsext_tick_lifetime_hint, p);
+		/* Skip ticket length for now */
+		p += 2;
+		/* Output key name */
+		macstart = p;
+		memcpy(p, key_name, 16);
+		p += 16;
+		/* output IV */
+		memcpy(p, iv, EVP_CIPHER_CTX_iv_length(&ctx));
+		p += EVP_CIPHER_CTX_iv_length(&ctx);
+		/* Encrypt session data */
+		EVP_EncryptUpdate(&ctx, p, &len, senc, slen);
+		p += len;
+		EVP_EncryptFinal(&ctx, p, &len);
+		p += len;
+		EVP_CIPHER_CTX_cleanup(&ctx);
+
+		HMAC_Update(&hctx, macstart, p - macstart);
+		HMAC_Final(&hctx, p, &hlen);
+		HMAC_CTX_cleanup(&hctx);
+
+		p += hlen;
+		/* Now write out lengths: p points to end of data written */
+		/* Total length */
+		len = p - (unsigned char *)&(s->init_buf->data[DTLS1_HM_HEADER_LENGTH]);
+		p=(unsigned char *)&(s->init_buf->data[DTLS1_HM_HEADER_LENGTH]) + 4;
+		s2n(len - 18, p);  /* Ticket length */
+
+		/* number of bytes to write */
+		s->init_num= len;
+		s->state=SSL3_ST_SW_SESSION_TICKET_B;
+		s->init_off=0;
+		OPENSSL_free(senc);
+
+		/* XDTLS:  set message header ? */
+		msg_len = s->init_num - DTLS1_HM_HEADER_LENGTH;
+		dtls1_set_message_header(s, (void *)s->init_buf->data,
+			SSL3_MT_NEWSESSION_TICKET, msg_len, 0, msg_len);
+
+		/* buffer the message to handle re-xmits */
+		dtls1_buffer_message(s, 0);
+		}
+
+	/* SSL3_ST_SW_SESSION_TICKET_B */
+	return(dtls1_do_write(s,SSL3_RT_HANDSHAKE));
+	}
+#endif
diff --git a/ssl/dtls1.h b/ssl/dtls1.h
new file mode 100644
index 0000000000..472fe91f13
--- /dev/null
+++ b/ssl/dtls1.h
@@ -0,0 +1,268 @@
+/* ssl/dtls1.h */
+/* 
+ * DTLS implementation written by Nagendra Modadugu
+ * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.  
+ */
+/* ====================================================================
+ * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_DTLS1_H
+#define HEADER_DTLS1_H
+
+/* Unless _XOPEN_SOURCE_EXTENDED is defined, struct timeval will not be
+   properly defined with DEC C, at least on VMS */
+#if defined(__DECC) || defined(__DECCXX)
+#define _XOPEN_SOURCE_EXTENDED
+#endif
+
+#include <openssl/buffer.h>
+#include <openssl/pqueue.h>
+#ifdef OPENSSL_SYS_WIN32
+/* Needed for struct timeval */
+#include <winsock.h>
+#elif defined(OPENSSL_SYS_NETWARE) && !defined(_WINSOCK2API_)
+#include <sys/timeval.h>
+#else
+#include <sys/time.h>
+#endif
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+#define DTLS1_VERSION			0xFEFF
+#define DTLS1_BAD_VER			0x0100
+
+#if 0
+/* this alert description is not specified anywhere... */
+#define DTLS1_AD_MISSING_HANDSHAKE_MESSAGE    110
+#endif
+
+/* lengths of messages */
+#define DTLS1_COOKIE_LENGTH                     256
+
+#define DTLS1_RT_HEADER_LENGTH                  13
+
+#define DTLS1_HM_HEADER_LENGTH                  12
+
+#define DTLS1_HM_BAD_FRAGMENT                   -2
+#define DTLS1_HM_FRAGMENT_RETRY                 -3
+
+#define DTLS1_CCS_HEADER_LENGTH                  1
+
+#ifdef DTLS1_AD_MISSING_HANDSHAKE_MESSAGE
+#define DTLS1_AL_HEADER_LENGTH                   7
+#else
+#define DTLS1_AL_HEADER_LENGTH                   2
+#endif
+
+
+typedef struct dtls1_bitmap_st
+	{
+	unsigned long map;		/* track 32 packets on 32-bit systems
+					   and 64 - on 64-bit systems */
+	unsigned char max_seq_num[8];	/* max record number seen so far,
+					   64-bit value in big-endian
+					   encoding */
+	} DTLS1_BITMAP;
+
+struct dtls1_retransmit_state
+	{
+	EVP_CIPHER_CTX *enc_write_ctx;	/* cryptographic state */
+	EVP_MD_CTX *write_hash;			/* used for mac generation */
+#ifndef OPENSSL_NO_COMP
+	COMP_CTX *compress;				/* compression */
+#else
+	char *compress;	
+#endif
+	SSL_SESSION *session;
+	unsigned short epoch;
+	};
+
+struct hm_header_st
+	{
+	unsigned char type;
+	unsigned long msg_len;
+	unsigned short seq;
+	unsigned long frag_off;
+	unsigned long frag_len;
+	unsigned int is_ccs;
+	struct dtls1_retransmit_state saved_retransmit_state;
+	};
+
+struct ccs_header_st
+	{
+	unsigned char type;
+	unsigned short seq;
+	};
+
+struct dtls1_timeout_st
+	{
+	/* Number of read timeouts so far */
+	unsigned int read_timeouts;
+	
+	/* Number of write timeouts so far */
+	unsigned int write_timeouts;
+	
+	/* Number of alerts received so far */
+	unsigned int num_alerts;
+	};
+
+typedef struct record_pqueue_st
+	{
+	unsigned short epoch;
+	pqueue q;
+	} record_pqueue;
+
+typedef struct hm_fragment_st
+	{
+	struct hm_header_st msg_header;
+	unsigned char *fragment;
+	} hm_fragment;
+
+typedef struct dtls1_state_st
+	{
+	unsigned int send_cookie;
+	unsigned char cookie[DTLS1_COOKIE_LENGTH];
+	unsigned char rcvd_cookie[DTLS1_COOKIE_LENGTH];
+	unsigned int cookie_len;
+
+	/* 
+	 * The current data and handshake epoch.  This is initially
+	 * undefined, and starts at zero once the initial handshake is
+	 * completed 
+	 */
+	unsigned short r_epoch;
+	unsigned short w_epoch;
+
+	/* records being received in the current epoch */
+	DTLS1_BITMAP bitmap;
+
+	/* renegotiation starts a new set of sequence numbers */
+	DTLS1_BITMAP next_bitmap;
+
+	/* handshake message numbers */
+	unsigned short handshake_write_seq;
+	unsigned short next_handshake_write_seq;
+
+	unsigned short handshake_read_seq;
+
+	/* save last sequence number for retransmissions */
+	unsigned char last_write_sequence[8];
+
+	/* Received handshake records (processed and unprocessed) */
+	record_pqueue unprocessed_rcds;
+	record_pqueue processed_rcds;
+
+	/* Buffered handshake messages */
+	pqueue buffered_messages;
+
+	/* Buffered (sent) handshake records */
+	pqueue sent_messages;
+
+	/* Buffered application records.
+	 * Only for records between CCS and Finished
+	 * to prevent either protocol violation or
+	 * unnecessary message loss.
+	 */
+	record_pqueue buffered_app_data;
+
+	/* Is set when listening for new connections with dtls1_listen() */
+	unsigned int listen;
+
+	unsigned int mtu; /* max DTLS packet size */
+
+	struct hm_header_st w_msg_hdr;
+	struct hm_header_st r_msg_hdr;
+
+	struct dtls1_timeout_st timeout;
+
+	/* Indicates when the last handshake msg sent will timeout */
+	struct timeval next_timeout;
+
+	/* Timeout duration */
+	unsigned short timeout_duration;
+
+	/* storage for Alert/Handshake protocol data received but not
+	 * yet processed by ssl3_read_bytes: */
+	unsigned char alert_fragment[DTLS1_AL_HEADER_LENGTH];
+	unsigned int alert_fragment_len;
+	unsigned char handshake_fragment[DTLS1_HM_HEADER_LENGTH];
+	unsigned int handshake_fragment_len;
+
+	unsigned int retransmitting;
+	unsigned int change_cipher_spec_ok;
+
+	} DTLS1_STATE;
+
+typedef struct dtls1_record_data_st
+	{
+	unsigned char *packet;
+	unsigned int   packet_length;
+	SSL3_BUFFER    rbuf;
+	SSL3_RECORD    rrec;
+	} DTLS1_RECORD_DATA;
+
+
+/* Timeout multipliers (timeout slice is defined in apps/timeouts.h */
+#define DTLS1_TMO_READ_COUNT                      2
+#define DTLS1_TMO_WRITE_COUNT                     2
+
+#define DTLS1_TMO_ALERT_COUNT                     12
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
+
diff --git a/ssl/install.com b/ssl/install.com
index fcc1899ec9..b37c49cda0 100644
--- a/ssl/install.com
+++ b/ssl/install.com
@@ -10,7 +10,8 @@ $!
 $	IF P1 .EQS. ""
 $	THEN
 $	    WRITE SYS$OUTPUT "First argument missing."
-$	    WRITE SYS$OUTPUT "Should be the directory where you want things installed."
+$	    WRITE SYS$OUTPUT -
+		  "It should be the directory where you want things installed."
 $	    EXIT
 $	ENDIF
 $
@@ -21,6 +22,14 @@ $	ELSE
 $	    FILE_PREFIX = ""
 $	ENDIF
 $
+$	IF (F$GETSYI("CPU").LT.128)
+$	THEN
+$	    ARCH := VAX
+$	ELSE
+$	    ARCH = F$EDIT( F$GETSYI( "ARCH_NAME"), "UPCASE")
+$	    IF (ARCH .EQS. "") THEN ARCH = "UNK"
+$	ENDIF
+$
 $	ROOT = F$PARSE(P1,"[]A.;0",,,"SYNTAX_ONLY,NO_CONCEAL") - "A.;0"
 $	ROOT_DEV = F$PARSE(ROOT,,,"DEVICE","SYNTAX_ONLY")
 $	ROOT_DIR = F$PARSE(ROOT,,,"DIRECTORY","SYNTAX_ONLY") -
@@ -28,31 +37,24 @@ $	ROOT_DIR = F$PARSE(ROOT,,,"DIRECTORY","SYNTAX_ONLY") -
 $	ROOT = ROOT_DEV + "[" + ROOT_DIR
 $
 $	DEFINE/NOLOG WRK_SSLROOT 'ROOT'.] /TRANS=CONC
-$	DEFINE/NOLOG WRK_SSLVLIB WRK_SSLROOT:[VAX_LIB]
-$	DEFINE/NOLOG WRK_SSLALIB WRK_SSLROOT:[ALPHA_LIB]
+$	DEFINE/NOLOG WRK_SSLXLIB WRK_SSLROOT:['ARCH'_LIB]
 $	DEFINE/NOLOG WRK_SSLINCLUDE WRK_SSLROOT:[INCLUDE]
-$	DEFINE/NOLOG WRK_SSLVEXE WRK_SSLROOT:[VAX_EXE]
-$	DEFINE/NOLOG WRK_SSLAEXE WRK_SSLROOT:[ALPHA_EXE]
+$	DEFINE/NOLOG WRK_SSLXEXE WRK_SSLROOT:['ARCH'_EXE]
 $
 $	IF F$PARSE("WRK_SSLROOT:[000000]") .EQS. "" THEN -
 	   CREATE/DIR/LOG WRK_SSLROOT:[000000]
-$	IF F$PARSE("WRK_SSLVLIB:") .EQS. "" THEN -
-	   CREATE/DIR/LOG WRK_SSLVLIB:
-$	IF F$PARSE("WRK_SSLALIB:") .EQS. "" THEN -
-	   CREATE/DIR/LOG WRK_SSLALIB:
+$	IF F$PARSE("WRK_SSLXLIB:") .EQS. "" THEN -
+	   CREATE/DIR/LOG WRK_SSLXLIB:
 $	IF F$PARSE("WRK_SSLINCLUDE:") .EQS. "" THEN -
 	   CREATE/DIR/LOG WRK_SSLINCLUDE:
-$	IF F$PARSE("WRK_SSLVEXE:") .EQS. "" THEN -
-	   CREATE/DIR/LOG WRK_SSLVEXE:
-$	IF F$PARSE("WRK_SSLAEXE:") .EQS. "" THEN -
-	   CREATE/DIR/LOG WRK_SSLAEXE:
+$	IF F$PARSE("WRK_SSLXEXE:") .EQS. "" THEN -
+	   CREATE/DIR/LOG WRK_SSLXEXE:
 $
-$	EXHEADER := ssl.h,ssl2.h,ssl3.h,ssl23.h,tls1.h,kssl.h
+$	EXHEADER := ssl.h,ssl2.h,ssl3.h,ssl23.h,tls1.h,dtls1.h,kssl.h
 $	E_EXE := ssl_task
 $	LIBS := LIBSSL64,LIBSSL32,LIBSSL,LIBSSL_SHR64,LIBSSL_SHR32,LIBSSL_SHR
 $
-$	VEXE_DIR := [-.VAX.EXE.SSL]
-$	AEXE_DIR := [-.AXP.EXE.SSL]
+$	XEXE_DIR := [-.'ARCH'.EXE.SSL]
 $
 $	COPY 'EXHEADER' WRK_SSLINCLUDE:/LOG
 $	SET FILE/PROT=WORLD:RE WRK_SSLINCLUDE:'EXHEADER'
@@ -63,15 +65,10 @@ $	E = F$EDIT(F$ELEMENT(I, ",", E_EXE),"TRIM")
 $	I = I + 1
 $	IF E .EQS. "," THEN GOTO LOOP_EXE_END
 $	SET NOON
-$	IF F$SEARCH(VEXE_DIR+E+".EXE") .NES. ""
-$	THEN
-$	  COPY 'VEXE_DIR''E'.EXE WRK_SSLVEXE:'E'.EXE/log
-$	  SET FILE/PROT=W:RE WRK_SSLVEXE:'E'.EXE
-$	ENDIF
-$	IF F$SEARCH(AEXE_DIR+E+".EXE") .NES. ""
+$	IF F$SEARCH(XEXE_DIR+E+".EXE") .NES. ""
 $	THEN
-$	  COPY 'AEXE_DIR''E'.EXE WRK_SSLAEXE:'E'.EXE/log
-$	  SET FILE/PROT=W:RE WRK_SSLAEXE:'E'.EXE
+$	  COPY 'XEXE_DIR''E'.EXE WRK_SSLXEXE:'E'.EXE/log
+$	  SET FILE/PROT=W:RE WRK_SSLXEXE:'E'.EXE
 $	ENDIF
 $	SET ON
 $	GOTO LOOP_EXE
@@ -83,27 +80,17 @@ $	E = F$EDIT(F$ELEMENT(I, ",", LIBS),"TRIM")
 $	I = I + 1
 $	IF E .EQS. "," THEN GOTO LOOP_LIB_END
 $	SET NOON
-$	IF F$SEARCH(VEXE_DIR+E+".OLB") .NES. ""
-$	THEN
-$	  COPY 'VEXE_DIR''E'.OLB WRK_SSLVLIB:'E'.OLB/log
-$	  SET FILE/PROT=W:RE WRK_SSLVLIB:'E'.OLB
-$	ENDIF
-$	! Preparing for the time when we have shareable images
-$	IF F$SEARCH(VEXE_DIR+E+".EXE") .NES. ""
-$	THEN
-$	  COPY 'VEXE_DIR''E'.EXE WRK_SSLVLIB:'FILE_PREFIX''E'.EXE/log
-$	  SET FILE/PROT=W:RE WRK_SSLVLIB:'FILE_PREFIX''E'.EXE
-$	ENDIF
-$	IF F$SEARCH(AEXE_DIR+E+".OLB") .NES. ""
+$! Object library.
+$	IF F$SEARCH(XEXE_DIR+E+".OLB") .NES. ""
 $	THEN
-$	  COPY 'AEXE_DIR''E'.OLB WRK_SSLALIB:'E'.OLB/log
-$	  SET FILE/PROT=W:RE WRK_SSLALIB:'E'.OLB
+$	  COPY 'XEXE_DIR''E'.OLB WRK_SSLXLIB:'E'.OLB/log
+$	  SET FILE/PROT=W:RE WRK_SSLXLIB:'E'.OLB
 $	ENDIF
-$	! Preparing for the time when we have shareable images
-$	IF F$SEARCH(AEXE_DIR+E+".EXE") .NES. ""
+$! Shareable image.
+$	IF F$SEARCH(XEXE_DIR+E+".EXE") .NES. ""
 $	THEN
-$	  COPY 'AEXE_DIR''E'.EXE WRK_SSLVLIB:'FILE_PREFIX''E'.EXE/log
-$	  SET FILE/PROT=W:RE WRK_SSLVLIB:'FILE_PREFIX''E'.EXE
+$	  COPY 'XEXE_DIR''E'.EXE WRK_SSLXLIB:'FILE_PREFIX''E'.EXE/log
+$	  SET FILE/PROT=W:RE WRK_SSLXLIB:'FILE_PREFIX''E'.EXE
 $	ENDIF
 $	SET ON
 $	GOTO LOOP_LIB
diff --git a/ssl/kssl.c b/ssl/kssl.c
index 51378897f6..b5fa1f147d 100644
--- a/ssl/kssl.c
+++ b/ssl/kssl.c
@@ -68,18 +68,22 @@
 
 #include <openssl/opensslconf.h>
 
-#define _XOPEN_SOURCE /* glibc2 needs this to declare strptime() */
-#include <time.h>
-#undef _XOPEN_SOURCE /* To avoid clashes with anything else... */
 #include <string.h>
 
+#define KRB5_PRIVATE	1
+
 #include <openssl/ssl.h>
 #include <openssl/evp.h>
 #include <openssl/objects.h>
 #include <openssl/krb5_asn.h>
+#include "kssl_lcl.h"
 
 #ifndef OPENSSL_NO_KRB5
 
+#ifndef ENOMEM
+#define ENOMEM KRB5KRB_ERR_GENERIC
+#endif
+
 /* 
  * When OpenSSL is built on Windows, we do not want to require that
  * the Kerberos DLLs be available in order for the OpenSSL DLLs to
@@ -128,7 +132,7 @@
 #define krb5_principal_compare   kssl_krb5_principal_compare
 #define krb5_decrypt_tkt_part    kssl_krb5_decrypt_tkt_part
 #define krb5_timeofday           kssl_krb5_timeofday
-#define krb5_rc_default           kssl_krb5_rc_default
+#define krb5_rc_default          kssl_krb5_rc_default
 
 #ifdef krb5_rc_initialize
 #undef krb5_rc_initialize
@@ -289,7 +293,7 @@ load_krb5_dll(void)
 	HANDLE hKRB5_32;
     
 	krb5_loaded++;
-	hKRB5_32 = LoadLibrary("KRB5_32");
+	hKRB5_32 = LoadLibrary(TEXT("KRB5_32"));
 	if (!hKRB5_32)
 		return;
 
@@ -776,6 +780,25 @@ kssl_krb5_kt_get_entry(krb5_context context, krb5_keytab keytab,
         }
 #endif  /* OPENSSL_SYS_WINDOWS || OPENSSL_SYS_WIN32 */
 
+
+/* memory allocation functions for non-temporary storage
+ * (e.g. stuff that gets saved into the kssl context) */
+static void* kssl_calloc(size_t nmemb, size_t size)
+{
+	void* p;
+	
+	p=OPENSSL_malloc(nmemb*size);
+	if (p){
+		memset(p, 0, nmemb*size);
+	}
+	return p;
+}
+
+#define kssl_malloc(size) OPENSSL_malloc((size))
+#define kssl_realloc(ptr, size) OPENSSL_realloc(ptr, size)
+#define kssl_free(ptr) OPENSSL_free((ptr))
+
+
 char
 *kstring(char *string)
         {
@@ -817,7 +840,7 @@ kssl_map_enc(krb5_enctype enctype)
 **	"62 xx 30 yy" (APPLICATION-2, SEQUENCE), where xx-yy =~ 2, and
 **	xx and yy are possibly multi-byte length fields.
 */
-int 	kssl_test_confound(unsigned char *p)
+static int 	kssl_test_confound(unsigned char *p)
 	{
 	int 	len = 2;
 	int 	xx = 0, yy = 0;
@@ -852,7 +875,7 @@ int 	kssl_test_confound(unsigned char *p)
 **      what the highest assigned CKSUMTYPE_ constant is.  As of 1.2.2
 **      it is 0x000c (CKSUMTYPE_HMAC_SHA1_DES3).  So we will use 0x0010.
 */
-size_t  *populate_cksumlens(void)
+static size_t  *populate_cksumlens(void)
 	{
 	int 		i, j, n;
 	static size_t 	*cklens = NULL;
@@ -919,7 +942,7 @@ kssl_err_set(KSSL_ERR *kssl_err, int reason, char *text)
 	if (kssl_err == NULL)  return;
 
 	kssl_err->reason = reason;
-	BIO_snprintf(kssl_err->text, KSSL_ERR_MAX, text);
+	BIO_snprintf(kssl_err->text, KSSL_ERR_MAX, "%s", text);
 	return;
         }
 
@@ -932,7 +955,7 @@ print_krb5_data(char *label, krb5_data *kdata)
 	int i;
 
 	printf("%s[%d] ", label, kdata->length);
-	for (i=0; i < kdata->length; i++)
+	for (i=0; i < (int)kdata->length; i++)
                 {
 		if (0 &&  isprint((int) kdata->data[i]))
                         printf(	"%c ",  kdata->data[i]);
@@ -984,14 +1007,14 @@ print_krb5_keyblock(char *label, krb5_keyblock *keyblk)
 #ifdef KRB5_HEIMDAL
 	printf("%s\n\t[et%d:%d]: ", label, keyblk->keytype,
 					   keyblk->keyvalue->length);
-	for (i=0; i < keyblk->keyvalue->length; i++)
+	for (i=0; i < (int)keyblk->keyvalue->length; i++)
                 {
 		printf("%02x",(unsigned char *)(keyblk->keyvalue->contents)[i]);
 		}
 	printf("\n");
 #else
 	printf("%s\n\t[et%d:%d]: ", label, keyblk->enctype, keyblk->length);
-	for (i=0; i < keyblk->length; i++)
+	for (i=0; i < (int)keyblk->length; i++)
                 {
 		printf("%02x",keyblk->contents[i]);
 		}
@@ -1003,19 +1026,19 @@ print_krb5_keyblock(char *label, krb5_keyblock *keyblk)
 /*	Display contents of krb5_principal_data struct, for debugging
 **	(krb5_principal is typedef'd == krb5_principal_data *)
 */
-void
+static void
 print_krb5_princ(char *label, krb5_principal_data *princ)
         {
 	int i, ui, uj;
 
 	printf("%s principal Realm: ", label);
 	if (princ == NULL)  return;
-	for (ui=0; ui < princ->realm.length; ui++)  putchar(princ->realm.data[ui]);
+	for (ui=0; ui < (int)princ->realm.length; ui++)  putchar(princ->realm.data[ui]);
 	printf(" (nametype %d) has %d strings:\n", princ->type,princ->length);
-	for (i=0; i < princ->length; i++)
+	for (i=0; i < (int)princ->length; i++)
                 {
 		printf("\t%d [%d]: ", i, princ->data[i].length);
-		for (uj=0; uj < princ->data[i].length; uj++)  {
+		for (uj=0; uj < (int)princ->data[i].length; uj++)  {
 			putchar(princ->data[i].data[uj]);
 			}
 		printf("\n");
@@ -1124,7 +1147,7 @@ kssl_cget_tkt(	/* UPDATE */	KSSL_CTX *kssl_ctx,
 	if (authenp)
                 {
 		krb5_data	krb5in_data;
-		unsigned char	*p;
+		const unsigned char	*p;
 		long		arlen;
 		KRB5_APREQBODY	*ap_req;
 
@@ -1202,7 +1225,7 @@ kssl_cget_tkt(	/* UPDATE */	KSSL_CTX *kssl_ctx,
 **				code here.  This tkt should alloc/free just
 **				like the real thing.
 */
-krb5_error_code
+static krb5_error_code
 kssl_TKT2tkt(	/* IN     */	krb5_context	krb5context,
 		/* IN     */	KRB5_TKTBODY	*asn1ticket,
 		/* OUT    */	krb5_ticket	**krb5ticket,
@@ -1293,7 +1316,7 @@ kssl_sget_tkt(	/* UPDATE */	KSSL_CTX		*kssl_ctx,
 	static krb5_auth_context	krb5auth_context = NULL;
 	krb5_ticket 			*krb5ticket = NULL;
 	KRB5_TKTBODY 			*asn1ticket = NULL;
-	unsigned char			*p;
+	const unsigned char		*p;
 	krb5_keytab 			krb5keytab = NULL;
 	krb5_keytab_entry		kt_entry;
 	krb5_principal			krb5server;
@@ -1540,7 +1563,7 @@ kssl_sget_tkt(	/* UPDATE */	KSSL_CTX		*kssl_ctx,
 KSSL_CTX	*
 kssl_ctx_new(void)
         {
-	return ((KSSL_CTX *) calloc(1, sizeof(KSSL_CTX)));
+	return ((KSSL_CTX *) kssl_calloc(1, sizeof(KSSL_CTX)));
         }
 
 
@@ -1554,13 +1577,13 @@ kssl_ctx_free(KSSL_CTX *kssl_ctx)
 
 	if (kssl_ctx->key)  		OPENSSL_cleanse(kssl_ctx->key,
 							      kssl_ctx->length);
-	if (kssl_ctx->key)  		free(kssl_ctx->key);
-	if (kssl_ctx->client_princ) 	free(kssl_ctx->client_princ);
-	if (kssl_ctx->service_host) 	free(kssl_ctx->service_host);
-	if (kssl_ctx->service_name) 	free(kssl_ctx->service_name);
-	if (kssl_ctx->keytab_file) 	free(kssl_ctx->keytab_file);
+	if (kssl_ctx->key)  		kssl_free(kssl_ctx->key);
+	if (kssl_ctx->client_princ) 	kssl_free(kssl_ctx->client_princ);
+	if (kssl_ctx->service_host) 	kssl_free(kssl_ctx->service_host);
+	if (kssl_ctx->service_name) 	kssl_free(kssl_ctx->service_name);
+	if (kssl_ctx->keytab_file) 	kssl_free(kssl_ctx->keytab_file);
 
-	free(kssl_ctx);
+	kssl_free(kssl_ctx);
 	return (KSSL_CTX *) NULL;
         }
 
@@ -1585,7 +1608,7 @@ kssl_ctx_setprinc(KSSL_CTX *kssl_ctx, int which,
         case KSSL_SERVER:	princ = &kssl_ctx->service_host;	break;
         default:		return KSSL_CTX_ERR;			break;
 		}
-	if (*princ)  free(*princ);
+	if (*princ)  kssl_free(*princ);
 
 	/* Add up all the entity->lengths */
 	length = 0;
@@ -1598,7 +1621,7 @@ kssl_ctx_setprinc(KSSL_CTX *kssl_ctx, int which,
 	/* Space for the ('@'+realm+NULL | NULL) */
 	length += ((realm)? realm->length + 2: 1);
 
-	if ((*princ = calloc(1, length)) == NULL)
+	if ((*princ = kssl_calloc(1, length)) == NULL)
 		return KSSL_CTX_ERR;
 	else
 		{
@@ -1641,7 +1664,7 @@ kssl_ctx_setstring(KSSL_CTX *kssl_ctx, int which, char *text)
         case KSSL_KEYTAB:	string = &kssl_ctx->keytab_file;	break;
         default:		return KSSL_CTX_ERR;			break;
 		}
-	if (*string)  free(*string);
+	if (*string)  kssl_free(*string);
 
 	if (!text)
                 {
@@ -1649,7 +1672,7 @@ kssl_ctx_setstring(KSSL_CTX *kssl_ctx, int which, char *text)
 		return KSSL_CTX_OK;
 		}
 
-	if ((*string = calloc(1, strlen(text) + 1)) == NULL)
+	if ((*string = kssl_calloc(1, strlen(text) + 1)) == NULL)
 		return KSSL_CTX_ERR;
 	else
 		strcpy(*string, text);
@@ -1673,7 +1696,7 @@ kssl_ctx_setkey(KSSL_CTX *kssl_ctx, krb5_keyblock *session)
 	if (kssl_ctx->key)
                 {
 		OPENSSL_cleanse(kssl_ctx->key, kssl_ctx->length);
-		free(kssl_ctx->key);
+		kssl_free(kssl_ctx->key);
 		}
 
 	if (session)
@@ -1699,7 +1722,7 @@ kssl_ctx_setkey(KSSL_CTX *kssl_ctx, krb5_keyblock *session)
 		}
 
 	if ((kssl_ctx->key =
-                (krb5_octet FAR *) calloc(1, kssl_ctx->length)) == NULL)
+                (krb5_octet FAR *) kssl_calloc(1, kssl_ctx->length)) == NULL)
                 {
 		kssl_ctx->length  = 0;
 		return KSSL_CTX_ERR;
@@ -1877,7 +1900,7 @@ void kssl_krb5_free_data_contents(krb5_context context, krb5_data *data)
 **  Return pointer to the (partially) filled in struct tm on success,
 **  return NULL on failure.
 */
-struct tm	*k_gmtime(ASN1_GENERALIZEDTIME *gtime, struct tm *k_tm)
+static struct tm *k_gmtime(ASN1_GENERALIZEDTIME *gtime, struct tm *k_tm)
 	{
 	char 		c, *p;
 
@@ -1903,7 +1926,7 @@ struct tm	*k_gmtime(ASN1_GENERALIZEDTIME *gtime, struct tm *k_tm)
 **  So we try to sneek the clockskew out through the replay cache.
 **	If that fails just return a likely default (300 seconds).
 */
-krb5_deltat	get_rc_clockskew(krb5_context context)
+static krb5_deltat get_rc_clockskew(krb5_context context)
 	{
 	krb5_rcache 	rc;
 	krb5_deltat 	clockskew;
@@ -1978,7 +2001,8 @@ krb5_error_code  kssl_check_authent(
 	EVP_CIPHER_CTX		ciph_ctx;
 	const EVP_CIPHER	*enc = NULL;
 	unsigned char		iv[EVP_MAX_IV_LENGTH];
-	unsigned char		*p, *unenc_authent;
+	const unsigned char	*p;
+	unsigned char		*unenc_authent;
 	int 			outl, unencbufsize;
 	struct tm		tm_time, *tm_l, *tm_g;
 	time_t			now, tl, tg, tr, tz_offset;
@@ -2098,7 +2122,7 @@ krb5_error_code  kssl_check_authent(
  		tm_g = gmtime(&now);		tg = mktime(tm_g);
  		tz_offset = tg - tl;
 
-		*atimep = tr - tz_offset;
+		*atimep = (krb5_timestamp)(tr - tz_offset);
  		}
 
 #ifdef KSSL_DEBUG
@@ -2168,7 +2192,7 @@ krb5_error_code  kssl_build_principal_2(
 #else /* !OPENSSL_NO_KRB5 */
 
 #if defined(PEDANTIC) || defined(OPENSSL_SYS_VMS)
-static int dummy=(int)&dummy;
+static void *dummy=&dummy;
 #endif
 
 #endif	/* !OPENSSL_NO_KRB5	*/
diff --git a/ssl/kssl.h b/ssl/kssl.h
index 19a689b089..a3d20e1ccb 100644
--- a/ssl/kssl.h
+++ b/ssl/kssl.h
@@ -82,6 +82,12 @@ extern "C" {
 #ifdef KRB5_HEIMDAL
 typedef unsigned char krb5_octet;
 #define FAR
+#else
+
+#ifndef FAR
+#define FAR
+#endif
+
 #endif
 
 /*	Uncomment this to debug kssl problems or
diff --git a/ssl/kssl_lcl.h b/ssl/kssl_lcl.h
index 4cd8dd2d7f..c039c91b4e 100644
--- a/ssl/kssl_lcl.h
+++ b/ssl/kssl_lcl.h
@@ -75,7 +75,7 @@ void print_krb5_keyblock(char *label, krb5_keyblock *keyblk);
 char *kstring(char *string);
 char *knumber(int len, krb5_octet *contents);
 
-EVP_CIPHER *kssl_map_enc(krb5_enctype enctype);
+const EVP_CIPHER *kssl_map_enc(krb5_enctype enctype);
 
 int kssl_keytab_is_available(KSSL_CTX *kssl_ctx);
 int kssl_tgt_is_available(KSSL_CTX *kssl_ctx);
diff --git a/ssl/s23_clnt.c b/ssl/s23_clnt.c
index 64ee4269ec..b2a3eb02fb 100644
--- a/ssl/s23_clnt.c
+++ b/ssl/s23_clnt.c
@@ -55,6 +55,59 @@
  * copied and put under another distribution licence
  * [including the GNU Public Licence.]
  */
+/* ====================================================================
+ * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
 
 #include <stdio.h>
 #include "ssl_locl.h"
@@ -63,10 +116,10 @@
 #include <openssl/objects.h>
 #include <openssl/evp.h>
 
-static SSL_METHOD *ssl23_get_client_method(int ver);
+static const SSL_METHOD *ssl23_get_client_method(int ver);
 static int ssl23_client_hello(SSL *s);
 static int ssl23_get_server_hello(SSL *s);
-static SSL_METHOD *ssl23_get_client_method(int ver)
+static const SSL_METHOD *ssl23_get_client_method(int ver)
 	{
 #ifndef OPENSSL_NO_SSL2
 	if (ver == SSL2_VERSION)
@@ -76,37 +129,21 @@ static SSL_METHOD *ssl23_get_client_method(int ver)
 		return(SSLv3_client_method());
 	else if (ver == TLS1_VERSION)
 		return(TLSv1_client_method());
+	else if (ver == TLS1_1_VERSION)
+		return(TLSv1_1_client_method());
 	else
 		return(NULL);
 	}
 
-SSL_METHOD *SSLv23_client_method(void)
-	{
-	static int init=1;
-	static SSL_METHOD SSLv23_client_data;
-
-	if (init)
-		{
-		CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
-
-		if (init)
-			{
-			memcpy((char *)&SSLv23_client_data,
-				(char *)sslv23_base_method(),sizeof(SSL_METHOD));
-			SSLv23_client_data.ssl_connect=ssl23_connect;
-			SSLv23_client_data.get_ssl_method=ssl23_get_client_method;
-			init=0;
-			}
-
-		CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
-		}
-	return(&SSLv23_client_data);
-	}
+IMPLEMENT_ssl23_meth_func(SSLv23_client_method,
+			ssl_undefined_function,
+			ssl23_connect,
+			ssl23_get_client_method)
 
 int ssl23_connect(SSL *s)
 	{
 	BUF_MEM *buf=NULL;
-	unsigned long Time=time(NULL);
+	unsigned long Time=(unsigned long)time(NULL);
 	void (*cb)(const SSL *ssl,int type,int val)=NULL;
 	int ret= -1;
 	int new_state,state;
@@ -215,14 +252,75 @@ end:
 	return(ret);
 	}
 
+static int ssl23_no_ssl2_ciphers(SSL *s)
+	{
+	SSL_CIPHER *cipher;
+	STACK_OF(SSL_CIPHER) *ciphers;
+	int i;
+	ciphers = SSL_get_ciphers(s);
+	for (i = 0; i < sk_SSL_CIPHER_num(ciphers); i++)
+		{
+		cipher = sk_SSL_CIPHER_value(ciphers, i);
+		if (cipher->algorithm_ssl == SSL_SSLV2)
+			return 0;
+		}
+	return 1;
+	}
 
 static int ssl23_client_hello(SSL *s)
 	{
 	unsigned char *buf;
 	unsigned char *p,*d;
 	int i,ch_len;
+	unsigned long Time,l;
+	int ssl2_compat;
+	int version = 0, version_major, version_minor;
+#ifndef OPENSSL_NO_COMP
+	int j;
+	SSL_COMP *comp;
+#endif
 	int ret;
 
+	ssl2_compat = (s->options & SSL_OP_NO_SSLv2) ? 0 : 1;
+
+	if (ssl2_compat && ssl23_no_ssl2_ciphers(s))
+		ssl2_compat = 0;
+
+	if (!(s->options & SSL_OP_NO_TLSv1_1))
+		{
+		version = TLS1_1_VERSION;
+		}
+	else if (!(s->options & SSL_OP_NO_TLSv1))
+		{
+		version = TLS1_VERSION;
+		}
+	else if (!(s->options & SSL_OP_NO_SSLv3))
+		{
+		version = SSL3_VERSION;
+		}
+	else if (!(s->options & SSL_OP_NO_SSLv2))
+		{
+		version = SSL2_VERSION;
+		}
+#ifndef OPENSSL_NO_TLSEXT
+	if (version != SSL2_VERSION)
+		{
+		/* have to disable SSL 2.0 compatibility if we need TLS extensions */
+
+		if (s->tlsext_hostname != NULL)
+			ssl2_compat = 0;
+		if (s->tlsext_status_type != -1)
+			ssl2_compat = 0;
+		if (!(s->ctx->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION))
+			ssl2_compat = 0;
+		
+#ifdef TLSEXT_TYPE_opaque_prf_input
+		if (s->ctx->tlsext_opaque_prf_input_callback != 0 || s->tlsext_opaque_prf_input != NULL)
+			ssl2_compat = 0;
+#endif
+		}
+#endif
+
 	buf=(unsigned char *)s->init_buf->data;
 	if (s->state == SSL23_ST_CW_CLNT_HELLO_A)
 		{
@@ -235,30 +333,30 @@ static int ssl23_client_hello(SSL *s)
 #endif
 
 		p=s->s3->client_random;
-		RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE);
+		Time=(unsigned long)time(NULL);		/* Time */
+		l2n(Time,p);
+		if (RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-4) <= 0)
+			return -1;
 
-		/* Do the message type and length last */
-		d= &(buf[2]);
-		p=d+9;
-
-		*(d++)=SSL2_MT_CLIENT_HELLO;
-		if (!(s->options & SSL_OP_NO_TLSv1))
+		if (version == TLS1_1_VERSION)
+			{
+			version_major = TLS1_1_VERSION_MAJOR;
+			version_minor = TLS1_1_VERSION_MINOR;
+			}
+		else if (version == TLS1_VERSION)
 			{
-			*(d++)=TLS1_VERSION_MAJOR;
-			*(d++)=TLS1_VERSION_MINOR;
-			s->client_version=TLS1_VERSION;
+			version_major = TLS1_VERSION_MAJOR;
+			version_minor = TLS1_VERSION_MINOR;
 			}
-		else if (!(s->options & SSL_OP_NO_SSLv3))
+		else if (version == SSL3_VERSION)
 			{
-			*(d++)=SSL3_VERSION_MAJOR;
-			*(d++)=SSL3_VERSION_MINOR;
-			s->client_version=SSL3_VERSION;
+			version_major = SSL3_VERSION_MAJOR;
+			version_minor = SSL3_VERSION_MINOR;
 			}
-		else if (!(s->options & SSL_OP_NO_SSLv2))
+		else if (version == SSL2_VERSION)
 			{
-			*(d++)=SSL2_VERSION_MAJOR;
-			*(d++)=SSL2_VERSION_MINOR;
-			s->client_version=SSL2_VERSION;
+			version_major = SSL2_VERSION_MAJOR;
+			version_minor = SSL2_VERSION_MINOR;
 			}
 		else
 			{
@@ -266,57 +364,175 @@ static int ssl23_client_hello(SSL *s)
 			return(-1);
 			}
 
-		/* Ciphers supported */
-		i=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),p);
-		if (i == 0)
+		s->client_version = version;
+
+		if (ssl2_compat)
 			{
-			/* no ciphers */
-			SSLerr(SSL_F_SSL23_CLIENT_HELLO,SSL_R_NO_CIPHERS_AVAILABLE);
-			return(-1);
-			}
-		s2n(i,d);
-		p+=i;
+			/* create SSL 2.0 compatible Client Hello */
+
+			/* two byte record header will be written last */
+			d = &(buf[2]);
+			p = d + 9; /* leave space for message type, version, individual length fields */
 
-		/* put in the session-id, zero since there is no
-		 * reuse. */
+			*(d++) = SSL2_MT_CLIENT_HELLO;
+			*(d++) = version_major;
+			*(d++) = version_minor;
+			
+			/* Ciphers supported */
+			i=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),p,0);
+			if (i == 0)
+				{
+				/* no ciphers */
+				SSLerr(SSL_F_SSL23_CLIENT_HELLO,SSL_R_NO_CIPHERS_AVAILABLE);
+				return -1;
+				}
+			s2n(i,d);
+			p+=i;
+			
+			/* put in the session-id length (zero since there is no reuse) */
 #if 0
-		s->session->session_id_length=0;
+			s->session->session_id_length=0;
 #endif
-		s2n(0,d);
-
-		if (s->options & SSL_OP_NETSCAPE_CHALLENGE_BUG)
-			ch_len=SSL2_CHALLENGE_LENGTH;
+			s2n(0,d);
+
+			if (s->options & SSL_OP_NETSCAPE_CHALLENGE_BUG)
+				ch_len=SSL2_CHALLENGE_LENGTH;
+			else
+				ch_len=SSL2_MAX_CHALLENGE_LENGTH;
+
+			/* write out sslv2 challenge */
+			/* Note that ch_len must be <= SSL3_RANDOM_SIZE (32),
+			   because it is one of SSL2_MAX_CHALLENGE_LENGTH (32)
+			   or SSL2_MAX_CHALLENGE_LENGTH (16), but leave the
+			   check in for futurproofing */
+			if (SSL3_RANDOM_SIZE < ch_len)
+				i=SSL3_RANDOM_SIZE;
+			else
+				i=ch_len;
+			s2n(i,d);
+			memset(&(s->s3->client_random[0]),0,SSL3_RANDOM_SIZE);
+			if (RAND_pseudo_bytes(&(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i) <= 0)
+				return -1;
+
+			memcpy(p,&(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i);
+			p+=i;
+
+			i= p- &(buf[2]);
+			buf[0]=((i>>8)&0xff)|0x80;
+			buf[1]=(i&0xff);
+
+			/* number of bytes to write */
+			s->init_num=i+2;
+			s->init_off=0;
+
+			ssl3_finish_mac(s,&(buf[2]),i);
+			}
 		else
-			ch_len=SSL2_MAX_CHALLENGE_LENGTH;
+			{
+			/* create Client Hello in SSL 3.0/TLS 1.0 format */
 
-		/* write out sslv2 challenge */
-		if (SSL3_RANDOM_SIZE < ch_len)
-			i=SSL3_RANDOM_SIZE;
-		else
-			i=ch_len;
-		s2n(i,d);
-		memset(&(s->s3->client_random[0]),0,SSL3_RANDOM_SIZE);
-		RAND_pseudo_bytes(&(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i);
-		memcpy(p,&(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i);
-		p+=i;
+			/* do the record header (5 bytes) and handshake message header (4 bytes) last */
+			d = p = &(buf[9]);
+			
+			*(p++) = version_major;
+			*(p++) = version_minor;
+
+			/* Random stuff */
+			memcpy(p, s->s3->client_random, SSL3_RANDOM_SIZE);
+			p += SSL3_RANDOM_SIZE;
+
+			/* Session ID (zero since there is no reuse) */
+			*(p++) = 0;
 
-		i= p- &(buf[2]);
-		buf[0]=((i>>8)&0xff)|0x80;
-		buf[1]=(i&0xff);
+			/* Ciphers supported (using SSL 3.0/TLS 1.0 format) */
+			i=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),&(p[2]),ssl3_put_cipher_by_char);
+			if (i == 0)
+				{
+				SSLerr(SSL_F_SSL23_CLIENT_HELLO,SSL_R_NO_CIPHERS_AVAILABLE);
+				return -1;
+				}
+			s2n(i,p);
+			p+=i;
+
+			/* COMPRESSION */
+#ifdef OPENSSL_NO_COMP
+			*(p++)=1;
+#else
+			if ((s->options & SSL_OP_NO_COMPRESSION)
+						|| !s->ctx->comp_methods)
+				j=0;
+			else
+				j=sk_SSL_COMP_num(s->ctx->comp_methods);
+			*(p++)=1+j;
+			for (i=0; i<j; i++)
+				{
+				comp=sk_SSL_COMP_value(s->ctx->comp_methods,i);
+				*(p++)=comp->id;
+				}
+#endif
+			*(p++)=0; /* Add the NULL method */
+
+#ifndef OPENSSL_NO_TLSEXT
+			/* TLS extensions*/
+			if (ssl_prepare_clienthello_tlsext(s) <= 0)
+				{
+				SSLerr(SSL_F_SSL23_CLIENT_HELLO,SSL_R_CLIENTHELLO_TLSEXT);
+				return -1;
+				}
+			if ((p = ssl_add_clienthello_tlsext(s, p, buf+SSL3_RT_MAX_PLAIN_LENGTH)) == NULL)
+				{
+				SSLerr(SSL_F_SSL23_CLIENT_HELLO,ERR_R_INTERNAL_ERROR);
+				return -1;
+				}
+#endif
+			
+			l = p-d;
+
+			/* fill in 4-byte handshake header */
+			d=&(buf[5]);
+			*(d++)=SSL3_MT_CLIENT_HELLO;
+			l2n3(l,d);
+
+			l += 4;
+
+			if (l > SSL3_RT_MAX_PLAIN_LENGTH)
+				{
+				SSLerr(SSL_F_SSL23_CLIENT_HELLO,ERR_R_INTERNAL_ERROR);
+				return -1;
+				}
+			
+			/* fill in 5-byte record header */
+			d=buf;
+			*(d++) = SSL3_RT_HANDSHAKE;
+			*(d++) = version_major;
+			*(d++) = version_minor; /* arguably we should send the *lowest* suported version here
+			                         * (indicating, e.g., TLS 1.0 in "SSL 3.0 format") */
+			s2n((int)l,d);
+
+			/* number of bytes to write */
+			s->init_num=p-buf;
+			s->init_off=0;
+
+			ssl3_finish_mac(s,&(buf[5]), s->init_num - 5);
+			}
 
 		s->state=SSL23_ST_CW_CLNT_HELLO_B;
-		/* number of bytes to write */
-		s->init_num=i+2;
 		s->init_off=0;
-
-		ssl3_finish_mac(s,&(buf[2]),i);
 		}
 
 	/* SSL3_ST_CW_CLNT_HELLO_B */
 	ret = ssl23_write_bytes(s);
-	if (ret >= 2)
-		if (s->msg_callback)
-			s->msg_callback(1, SSL2_VERSION, 0, s->init_buf->data+2, ret-2, s, s->msg_callback_arg); /* CLIENT-HELLO */
+
+	if ((ret >= 2) && s->msg_callback)
+		{
+		/* Client Hello has been sent; tell msg_callback */
+
+		if (ssl2_compat)
+			s->msg_callback(1, SSL2_VERSION, 0, s->init_buf->data+2, ret-2, s, s->msg_callback_arg);
+		else
+			s->msg_callback(1, version, SSL3_RT_HANDSHAKE, s->init_buf->data+5, ret-5, s, s->msg_callback_arg);
+		}
+
 	return ret;
 	}
 
@@ -365,6 +581,10 @@ static int ssl23_get_server_hello(SSL *s)
 			ch_len=SSL2_MAX_CHALLENGE_LENGTH;
 
 		/* write out sslv2 challenge */
+		/* Note that ch_len must be <= SSL3_RANDOM_SIZE (32), because
+		   it is one of SSL2_MAX_CHALLENGE_LENGTH (32) or
+		   SSL2_MAX_CHALLENGE_LENGTH (16), but leave the check in for
+		   futurproofing */
 		i=(SSL3_RANDOM_SIZE < ch_len)
 			?SSL3_RANDOM_SIZE:ch_len;
 		s->s2->challenge_length=i;
@@ -385,7 +605,7 @@ static int ssl23_get_server_hello(SSL *s)
 			/* use special padding (SSL 3.0 draft/RFC 2246, App. E.2) */
 			s->s2->ssl2_rollback=1;
 
-		/* setup the 5 bytes we have read so we get them from
+		/* setup the 7 bytes we have read so we get them from
 		 * the sslv2 buffer */
 		s->rstate=SSL_ST_READ_HEADER;
 		s->packet_length=n;
@@ -401,27 +621,12 @@ static int ssl23_get_server_hello(SSL *s)
 		s->handshake_func=s->method->ssl_connect;
 #endif
 		}
-	else if ((p[0] == SSL3_RT_HANDSHAKE) &&
-		 (p[1] == SSL3_VERSION_MAJOR) &&
-		 ((p[2] == SSL3_VERSION_MINOR) ||
-		  (p[2] == TLS1_VERSION_MINOR)) &&
-		 (p[5] == SSL3_MT_SERVER_HELLO))
+	else if (p[1] == SSL3_VERSION_MAJOR &&
+	         (p[2] >= SSL3_VERSION_MINOR && p[2] <= TLS1_1_VERSION_MINOR) &&
+	         ((p[0] == SSL3_RT_HANDSHAKE && p[5] == SSL3_MT_SERVER_HELLO) ||
+	          (p[0] == SSL3_RT_ALERT && p[3] == 0 && p[4] == 2)))
 		{
-		/* we have sslv3 or tls1 */
-
-		if (!ssl_init_wbio_buffer(s,1)) goto err;
-
-		/* we are in this state */
-		s->state=SSL3_ST_CR_SRVR_HELLO_A;
-
-		/* put the 5 bytes we have read into the input buffer
-		 * for SSLv3 */
-		s->rstate=SSL_ST_READ_HEADER;
-		s->packet_length=n;
-		s->packet= &(s->s3->rbuf.buf[0]);
-		memcpy(s->packet,buf,n);
-		s->s3->rbuf.left=n;
-		s->s3->rbuf.offset=0;
+		/* we have sslv3 or tls1 (server hello or alert) */
 
 		if ((p[2] == SSL3_VERSION_MINOR) &&
 			!(s->options & SSL_OP_NO_SSLv3))
@@ -435,40 +640,63 @@ static int ssl23_get_server_hello(SSL *s)
 			s->version=TLS1_VERSION;
 			s->method=TLSv1_client_method();
 			}
+		else if ((p[2] == TLS1_1_VERSION_MINOR) &&
+			!(s->options & SSL_OP_NO_TLSv1_1))
+			{
+			s->version=TLS1_1_VERSION;
+			s->method=TLSv1_1_client_method();
+			}
 		else
 			{
 			SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_R_UNSUPPORTED_PROTOCOL);
 			goto err;
 			}
-			
-		s->handshake_func=s->method->ssl_connect;
-		}
-	else if ((p[0] == SSL3_RT_ALERT) &&
-		 (p[1] == SSL3_VERSION_MAJOR) &&
-		 ((p[2] == SSL3_VERSION_MINOR) ||
-		  (p[2] == TLS1_VERSION_MINOR)) &&
-		 (p[3] == 0) &&
-		 (p[4] == 2))
-		{
-		void (*cb)(const SSL *ssl,int type,int val)=NULL;
-		int j;
-
-		/* An alert */
-		if (s->info_callback != NULL)
-			cb=s->info_callback;
-		else if (s->ctx->info_callback != NULL)
-			cb=s->ctx->info_callback;
- 
-		i=p[5];
-		if (cb != NULL)
+
+		if (p[0] == SSL3_RT_ALERT && p[5] != SSL3_AL_WARNING)
 			{
-			j=(i<<8)|p[6];
-			cb(s,SSL_CB_READ_ALERT,j);
+			/* fatal alert */
+
+			void (*cb)(const SSL *ssl,int type,int val)=NULL;
+			int j;
+
+			if (s->info_callback != NULL)
+				cb=s->info_callback;
+			else if (s->ctx->info_callback != NULL)
+				cb=s->ctx->info_callback;
+ 
+			i=p[5];
+			if (cb != NULL)
+				{
+				j=(i<<8)|p[6];
+				cb(s,SSL_CB_READ_ALERT,j);
+				}
+			
+			if (s->msg_callback)
+				s->msg_callback(0, s->version, SSL3_RT_ALERT, p+5, 2, s, s->msg_callback_arg);
+
+			s->rwstate=SSL_NOTHING;
+			SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_AD_REASON_OFFSET+p[6]);
+			goto err;
 			}
 
-		s->rwstate=SSL_NOTHING;
-		SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_AD_REASON_OFFSET+p[6]);
-		goto err;
+		if (!ssl_init_wbio_buffer(s,1)) goto err;
+
+		/* we are in this state */
+		s->state=SSL3_ST_CR_SRVR_HELLO_A;
+
+		/* put the 7 bytes we have read into the input buffer
+		 * for SSLv3 */
+		s->rstate=SSL_ST_READ_HEADER;
+		s->packet_length=n;
+		if (s->s3->rbuf.buf == NULL)
+			if (!ssl3_setup_read_buffer(s))
+				goto err;
+		s->packet= &(s->s3->rbuf.buf[0]);
+		memcpy(s->packet,buf,n);
+		s->s3->rbuf.left=n;
+		s->s3->rbuf.offset=0;
+
+		s->handshake_func=s->method->ssl_connect;
 		}
 	else
 		{
@@ -482,9 +710,7 @@ static int ssl23_get_server_hello(SSL *s)
 	if (!ssl_get_new_session(s,0))
 		goto err;
 
-	s->first_packet=1;
 	return(SSL_connect(s));
 err:
 	return(-1);
 	}
-
diff --git a/ssl/s23_lib.c b/ssl/s23_lib.c
index b70002a647..e3fce53430 100644
--- a/ssl/s23_lib.c
+++ b/ssl/s23_lib.c
@@ -60,55 +60,12 @@
 #include <openssl/objects.h>
 #include "ssl_locl.h"
 
-static int ssl23_num_ciphers(void );
-static SSL_CIPHER *ssl23_get_cipher(unsigned int u);
-static int ssl23_read(SSL *s, void *buf, int len);
-static int ssl23_peek(SSL *s, void *buf, int len);
-static int ssl23_write(SSL *s, const void *buf, int len);
-static long ssl23_default_timeout(void );
-static int ssl23_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p);
-static SSL_CIPHER *ssl23_get_cipher_by_char(const unsigned char *p);
-const char *SSL23_version_str="SSLv2/3 compatibility" OPENSSL_VERSION_PTEXT;
-
-static SSL_METHOD SSLv23_data= {
-	TLS1_VERSION,
-	tls1_new,
-	tls1_clear,
-	tls1_free,
-	ssl_undefined_function,
-	ssl_undefined_function,
-	ssl23_read,
-	ssl23_peek,
-	ssl23_write,
-	ssl_undefined_function,
-	ssl_undefined_function,
-	ssl_ok,
-	ssl3_ctrl,
-	ssl3_ctx_ctrl,
-	ssl23_get_cipher_by_char,
-	ssl23_put_cipher_by_char,
-	ssl_undefined_function,
-	ssl23_num_ciphers,
-	ssl23_get_cipher,
-	ssl_bad_method,
-	ssl23_default_timeout,
-	&ssl3_undef_enc_method,
-	ssl_undefined_function,
-	ssl3_callback_ctrl,
-	ssl3_ctx_callback_ctrl,
-	};
-
-static long ssl23_default_timeout(void)
+long ssl23_default_timeout(void)
 	{
 	return(300);
 	}
 
-SSL_METHOD *sslv23_base_method(void)
-	{
-	return(&SSLv23_data);
-	}
-
-static int ssl23_num_ciphers(void)
+int ssl23_num_ciphers(void)
 	{
 	return(ssl3_num_ciphers()
 #ifndef OPENSSL_NO_SSL2
@@ -117,7 +74,7 @@ static int ssl23_num_ciphers(void)
 	    );
 	}
 
-static SSL_CIPHER *ssl23_get_cipher(unsigned int u)
+const SSL_CIPHER *ssl23_get_cipher(unsigned int u)
 	{
 	unsigned int uu=ssl3_num_ciphers();
 
@@ -133,9 +90,10 @@ static SSL_CIPHER *ssl23_get_cipher(unsigned int u)
 
 /* This function needs to check if the ciphers required are actually
  * available */
-static SSL_CIPHER *ssl23_get_cipher_by_char(const unsigned char *p)
+const SSL_CIPHER *ssl23_get_cipher_by_char(const unsigned char *p)
 	{
-	SSL_CIPHER c,*cp;
+	SSL_CIPHER c;
+	const SSL_CIPHER *cp;
 	unsigned long id;
 	int n;
 
@@ -151,7 +109,7 @@ static SSL_CIPHER *ssl23_get_cipher_by_char(const unsigned char *p)
 	return(cp);
 	}
 
-static int ssl23_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
+int ssl23_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
 	{
 	long l;
 
@@ -166,7 +124,7 @@ static int ssl23_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
 	return(3);
 	}
 
-static int ssl23_read(SSL *s, void *buf, int len)
+int ssl23_read(SSL *s, void *buf, int len)
 	{
 	int n;
 
@@ -189,7 +147,7 @@ static int ssl23_read(SSL *s, void *buf, int len)
 		}
 	}
 
-static int ssl23_peek(SSL *s, void *buf, int len)
+int ssl23_peek(SSL *s, void *buf, int len)
 	{
 	int n;
 
@@ -212,7 +170,7 @@ static int ssl23_peek(SSL *s, void *buf, int len)
 		}
 	}
 
-static int ssl23_write(SSL *s, const void *buf, int len)
+int ssl23_write(SSL *s, const void *buf, int len)
 	{
 	int n;
 
diff --git a/ssl/s23_meth.c b/ssl/s23_meth.c
index f207140835..a2b4b224b1 100644
--- a/ssl/s23_meth.c
+++ b/ssl/s23_meth.c
@@ -60,40 +60,31 @@
 #include <openssl/objects.h>
 #include "ssl_locl.h"
 
-static SSL_METHOD *ssl23_get_method(int ver);
-static SSL_METHOD *ssl23_get_method(int ver)
+static const SSL_METHOD *ssl23_get_method(int ver);
+static const SSL_METHOD *ssl23_get_method(int ver)
 	{
+#ifndef OPENSSL_NO_SSL2
 	if (ver == SSL2_VERSION)
 		return(SSLv2_method());
-	else if (ver == SSL3_VERSION)
+	else
+#endif
+#ifndef OPENSSL_NO_SSL3
+	if (ver == SSL3_VERSION)
 		return(SSLv3_method());
-	else if (ver == TLS1_VERSION)
+	else
+#endif
+#ifndef OPENSSL_NO_TLS1
+	if (ver == TLS1_VERSION)
 		return(TLSv1_method());
+	else if (ver == TLS1_1_VERSION)
+		return(TLSv1_1_method());
 	else
+#endif
 		return(NULL);
 	}
 
-SSL_METHOD *SSLv23_method(void)
-	{
-	static int init=1;
-	static SSL_METHOD SSLv23_data;
-
-	if (init)
-		{
-		CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
-		
-		if (init)
-			{
-			memcpy((char *)&SSLv23_data,(char *)sslv23_base_method(),
-				sizeof(SSL_METHOD));
-			SSLv23_data.ssl_connect=ssl23_connect;
-			SSLv23_data.ssl_accept=ssl23_accept;
-			SSLv23_data.get_ssl_method=ssl23_get_method;
-			init=0;
-			}
-		
-		CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
-		}
-	return(&SSLv23_data);
-	}
+IMPLEMENT_ssl23_meth_func(SSLv23_method,
+			ssl23_accept,
+			ssl23_connect,
+			ssl23_get_method)
 
diff --git a/ssl/s23_srvr.c b/ssl/s23_srvr.c
index c5404ca0bc..05e4e0b47b 100644
--- a/ssl/s23_srvr.c
+++ b/ssl/s23_srvr.c
@@ -56,7 +56,7 @@
  * [including the GNU Public Licence.]
  */
 /* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -116,9 +116,9 @@
 #include <openssl/objects.h>
 #include <openssl/evp.h>
 
-static SSL_METHOD *ssl23_get_server_method(int ver);
+static const SSL_METHOD *ssl23_get_server_method(int ver);
 int ssl23_get_client_hello(SSL *s);
-static SSL_METHOD *ssl23_get_server_method(int ver)
+static const SSL_METHOD *ssl23_get_server_method(int ver)
 	{
 #ifndef OPENSSL_NO_SSL2
 	if (ver == SSL2_VERSION)
@@ -128,37 +128,21 @@ static SSL_METHOD *ssl23_get_server_method(int ver)
 		return(SSLv3_server_method());
 	else if (ver == TLS1_VERSION)
 		return(TLSv1_server_method());
+	else if (ver == TLS1_1_VERSION)
+		return(TLSv1_1_server_method());
 	else
 		return(NULL);
 	}
 
-SSL_METHOD *SSLv23_server_method(void)
-	{
-	static int init=1;
-	static SSL_METHOD SSLv23_server_data;
-
-	if (init)
-		{
-		CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
-
-		if (init)
-			{
-			memcpy((char *)&SSLv23_server_data,
-				(char *)sslv23_base_method(),sizeof(SSL_METHOD));
-			SSLv23_server_data.ssl_accept=ssl23_accept;
-			SSLv23_server_data.get_ssl_method=ssl23_get_server_method;
-			init=0;
-			}
-
-		CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
-		}
-	return(&SSLv23_server_data);
-	}
+IMPLEMENT_ssl23_meth_func(SSLv23_server_method,
+			ssl23_accept,
+			ssl_undefined_function,
+			ssl23_get_server_method)
 
 int ssl23_accept(SSL *s)
 	{
 	BUF_MEM *buf;
-	unsigned long Time=time(NULL);
+	unsigned long Time=(unsigned long)time(NULL);
 	void (*cb)(const SSL *ssl,int type,int val)=NULL;
 	int ret= -1;
 	int new_state,state;
@@ -268,9 +252,6 @@ int ssl23_get_client_hello(SSL *s)
 	int n=0,j;
 	int type=0;
 	int v[2];
-#ifndef OPENSSL_NO_RSA
-	int use_sslv2_strong=0;
-#endif
 
 	if (s->state ==	SSL23_ST_SR_CLNT_HELLO_A)
 		{
@@ -304,7 +285,13 @@ int ssl23_get_client_hello(SSL *s)
 				/* SSLv3/TLSv1 */
 				if (p[4] >= TLS1_VERSION_MINOR)
 					{
-					if (!(s->options & SSL_OP_NO_TLSv1))
+					if (p[4] >= TLS1_1_VERSION_MINOR &&
+					   !(s->options & SSL_OP_NO_TLSv1_1))
+						{
+						s->version=TLS1_1_VERSION;
+						s->state=SSL23_ST_SR_CLNT_HELLO_B;
+						}
+					else if (!(s->options & SSL_OP_NO_TLSv1))
 						{
 						s->version=TLS1_VERSION;
 						/* type=2; */ /* done later to survive restarts */
@@ -336,7 +323,7 @@ int ssl23_get_client_hello(SSL *s)
 			 (p[1] == SSL3_VERSION_MAJOR) &&
 			 (p[5] == SSL3_MT_CLIENT_HELLO) &&
 			 ((p[3] == 0 && p[4] < 5 /* silly record length? */)
-				|| (p[9] == p[1])))
+				|| (p[9] >= p[1])))
 			{
 			/*
 			 * SSLv3 or tls1 header
@@ -360,11 +347,24 @@ int ssl23_get_client_hello(SSL *s)
 				v[1] = TLS1_VERSION_MINOR;
 #endif
 				}
+			/* if major version number > 3 set minor to a value
+			 * which will use the highest version 3 we support.
+			 * If TLS 2.0 ever appears we will need to revise
+			 * this....
+			 */
+			else if (p[9] > SSL3_VERSION_MAJOR)
+				v[1]=0xff;
 			else
 				v[1]=p[10]; /* minor version according to client_version */
 			if (v[1] >= TLS1_VERSION_MINOR)
 				{
-				if (!(s->options & SSL_OP_NO_TLSv1))
+				if (v[1] >= TLS1_1_VERSION_MINOR &&
+					!(s->options & SSL_OP_NO_TLSv1_1))
+					{
+					s->version=TLS1_1_VERSION;
+					type=3;
+					}
+				else if (!(s->options & SSL_OP_NO_TLSv1))
 					{
 					s->version=TLS1_VERSION;
 					type=3;
@@ -437,7 +437,9 @@ int ssl23_get_client_hello(SSL *s)
 		n2s(p,sil);
 		n2s(p,cl);
 		d=(unsigned char *)s->init_buf->data;
-		if ((csl+sil+cl+11) != s->packet_length)
+		if ((csl+sil+cl+11) != s->packet_length) /* We can't have TLS extensions in SSL 2.0 format
+		                                          * Client Hello, can we? Error condition should be
+		                                          * '>' otherweise */
 			{
 			SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_LENGTH_MISMATCH);
 			goto err;
@@ -480,6 +482,15 @@ int ssl23_get_client_hello(SSL *s)
 		*(d++)=1;
 		*(d++)=0;
 		
+#if 0
+                /* copy any remaining data with may be extensions */
+	        p = p+csl+sil+cl;
+		while (p <  s->packet+s->packet_length)
+			{
+			*(d++)=*(p++);
+			}
+#endif
+
 		i = (d-(unsigned char *)s->init_buf->data) - 4;
 		l2n3((long)i, d_len);
 
@@ -498,6 +509,11 @@ int ssl23_get_client_hello(SSL *s)
 		SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_UNSUPPORTED_PROTOCOL);
 		goto err;
 #else
+		if (!(s->ctx->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION))
+			{
+			SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED);
+			goto err;
+			}
 		/* we are talking sslv2 */
 		/* we need to clean up the SSLv3/TLSv1 setup and put in the
 		 * sslv2 stuff. */
@@ -519,9 +535,7 @@ int ssl23_get_client_hello(SSL *s)
 			}
 
 		s->state=SSL2_ST_GET_CLIENT_HELLO_A;
-		if ((s->options & SSL_OP_MSIE_SSLV2_RSA_PADDING) ||
-			use_sslv2_strong ||
-			(s->options & SSL_OP_NO_TLSv1 && s->options & SSL_OP_NO_SSLv3))
+		if (s->options & SSL_OP_NO_TLSv1 && s->options & SSL_OP_NO_SSLv3)
 			s->s2->ssl2_rollback=0;
 		else
 			/* reject SSL 2.0 session if client supports SSL 3.0 or TLS 1.0
@@ -557,6 +571,10 @@ int ssl23_get_client_hello(SSL *s)
 			 * for SSLv3 */
 			s->rstate=SSL_ST_READ_HEADER;
 			s->packet_length=n;
+			if (s->s3->rbuf.buf == NULL)
+				if (!ssl3_setup_read_buffer(s))
+					goto err;
+
 			s->packet= &(s->s3->rbuf.buf[0]);
 			memcpy(s->packet,buf,n);
 			s->s3->rbuf.left=n;
@@ -569,7 +587,9 @@ int ssl23_get_client_hello(SSL *s)
 			s->s3->rbuf.offset=0;
 			}
 
-		if (s->version == TLS1_VERSION)
+		if (s->version == TLS1_1_VERSION)
+			s->method = TLSv1_1_server_method();
+		else if (s->version == TLS1_VERSION)
 			s->method = TLSv1_server_method();
 		else
 			s->method = SSLv3_server_method();
@@ -588,7 +608,6 @@ int ssl23_get_client_hello(SSL *s)
 	s->init_num=0;
 
 	if (buf != buf_space) OPENSSL_free(buf);
-	s->first_packet=1;
 	return(SSL_accept(s));
 err:
 	if (buf != buf_space) OPENSSL_free(buf);
diff --git a/ssl/s2_clnt.c b/ssl/s2_clnt.c
index 77d8a3b839..00ac158f9b 100644
--- a/ssl/s2_clnt.c
+++ b/ssl/s2_clnt.c
@@ -117,7 +117,7 @@
 #include <openssl/objects.h>
 #include <openssl/evp.h>
 
-static SSL_METHOD *ssl2_get_client_method(int ver);
+static const SSL_METHOD *ssl2_get_client_method(int ver);
 static int get_server_finished(SSL *s);
 static int get_server_verify(SSL *s);
 static int get_server_hello(SSL *s);
@@ -129,7 +129,7 @@ static int ssl_rsa_public_encrypt(SESS_CERT *sc, int len, unsigned char *from,
 	unsigned char *to,int padding);
 #define BREAK	break
 
-static SSL_METHOD *ssl2_get_client_method(int ver)
+static const SSL_METHOD *ssl2_get_client_method(int ver)
 	{
 	if (ver == SSL2_VERSION)
 		return(SSLv2_client_method());
@@ -137,32 +137,14 @@ static SSL_METHOD *ssl2_get_client_method(int ver)
 		return(NULL);
 	}
 
-SSL_METHOD *SSLv2_client_method(void)
-	{
-	static int init=1;
-	static SSL_METHOD SSLv2_client_data;
-
-	if (init)
-		{
-		CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
-
-		if (init)
-			{
-			memcpy((char *)&SSLv2_client_data,(char *)sslv2_base_method(),
-				sizeof(SSL_METHOD));
-			SSLv2_client_data.ssl_connect=ssl2_connect;
-			SSLv2_client_data.get_ssl_method=ssl2_get_client_method;
-			init=0;
-			}
-
-		CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
-		}
-	return(&SSLv2_client_data);
-	}
+IMPLEMENT_ssl2_meth_func(SSLv2_client_method,
+			ssl_undefined_function,
+			ssl2_connect,
+			ssl2_get_client_method)
 
 int ssl2_connect(SSL *s)
 	{
-	unsigned long l=time(NULL);
+	unsigned long l=(unsigned long)time(NULL);
 	BUF_MEM *buf=NULL;
 	int ret= -1;
 	void (*cb)(const SSL *ssl,int type,int val)=NULL;
@@ -484,11 +466,11 @@ static int get_server_hello(SSL *s)
 			return(-1);
 			}
 
-		sk_SSL_CIPHER_set_cmp_func(sk,ssl_cipher_ptr_id_cmp);
+		(void)sk_SSL_CIPHER_set_cmp_func(sk,ssl_cipher_ptr_id_cmp);
 
 		/* get the array of ciphers we will accept */
 		cl=SSL_get_ciphers(s);
-		sk_SSL_CIPHER_set_cmp_func(cl,ssl_cipher_ptr_id_cmp);
+		(void)sk_SSL_CIPHER_set_cmp_func(cl,ssl_cipher_ptr_id_cmp);
 
 		/*
 		 * If server preference flag set, choose the first
@@ -538,7 +520,8 @@ static int get_server_hello(SSL *s)
 		CRYPTO_add(&s->session->peer->references, 1, CRYPTO_LOCK_X509);
 		}
 
-	if (s->session->peer != s->session->sess_cert->peer_key->x509)
+	if (s->session->sess_cert == NULL 
+      || s->session->peer != s->session->sess_cert->peer_key->x509)
 		/* can't happen */
 		{
 		ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
@@ -584,7 +567,7 @@ static int client_hello(SSL *s)
 		s2n(SSL2_VERSION,p);			/* version */
 		n=j=0;
 
-		n=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),d);
+		n=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),d,0);
 		d+=n;
 
 		if (n == 0)
@@ -612,7 +595,8 @@ static int client_hello(SSL *s)
 		s->s2->challenge_length=SSL2_CHALLENGE_LENGTH;
 		s2n(SSL2_CHALLENGE_LENGTH,p);		/* challenge length */
 		/*challenge id data*/
-		RAND_pseudo_bytes(s->s2->challenge,SSL2_CHALLENGE_LENGTH);
+		if (RAND_pseudo_bytes(s->s2->challenge,SSL2_CHALLENGE_LENGTH) <= 0)
+			return -1;
 		memcpy(d,s->s2->challenge,SSL2_CHALLENGE_LENGTH);
 		d+=SSL2_CHALLENGE_LENGTH;
 
@@ -637,7 +621,7 @@ static int client_master_key(SSL *s)
 	if (s->state == SSL2_ST_SEND_CLIENT_MASTER_KEY_A)
 		{
 
-		if (!ssl_cipher_get_evp(s->session,&c,&md,NULL))
+		if (!ssl_cipher_get_evp(s->session,&c,&md,NULL,NULL,NULL))
 			{
 			ssl2_return_error(s,SSL2_PE_NO_CIPHER);
 			SSLerr(SSL_F_CLIENT_MASTER_KEY,SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS);
@@ -660,7 +644,9 @@ static int client_master_key(SSL *s)
 			SSLerr(SSL_F_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR);
 			return -1;
 			}
-		if (i > 0) RAND_pseudo_bytes(sess->key_arg,i);
+		if (i > 0)
+			if (RAND_pseudo_bytes(sess->key_arg,i) <= 0)
+				return -1;
 
 		/* make a master key */
 		i=EVP_CIPHER_key_length(c);
@@ -877,8 +863,10 @@ static int client_certificate(SSL *s)
 		EVP_SignUpdate(&ctx,s->s2->key_material,
 			       s->s2->key_material_length);
 		EVP_SignUpdate(&ctx,cert_ch,(unsigned int)cert_ch_len);
-		n=i2d_X509(s->session->sess_cert->peer_key->x509,&p);
-		EVP_SignUpdate(&ctx,buf,(unsigned int)n);
+		i=i2d_X509(s->session->sess_cert->peer_key->x509,&p);
+		/* Don't update the signature if it fails - FIXME: probably should handle this better */
+		if(i > 0)
+			EVP_SignUpdate(&ctx,buf,(unsigned int)i);
 
 		p=buf;
 		d=p+6;
@@ -1058,7 +1046,7 @@ int ssl2_set_certificate(SSL *s, int type, int len, const unsigned char *data)
 
 	i=ssl_verify_cert_chain(s,sk);
 		
-	if ((s->verify_mode != SSL_VERIFY_NONE) && (!i))
+	if ((s->verify_mode != SSL_VERIFY_NONE) && (i <= 0))
 		{
 		SSLerr(SSL_F_SSL2_SET_CERTIFICATE,SSL_R_CERTIFICATE_VERIFY_FAILED);
 		goto err;
diff --git a/ssl/s2_enc.c b/ssl/s2_enc.c
index 18882bf704..ff3395f459 100644
--- a/ssl/s2_enc.c
+++ b/ssl/s2_enc.c
@@ -68,29 +68,31 @@ int ssl2_enc_init(SSL *s, int client)
 	const EVP_MD *md;
 	int num;
 
-	if (!ssl_cipher_get_evp(s->session,&c,&md,NULL))
+	if (!ssl_cipher_get_evp(s->session,&c,&md,NULL,NULL,NULL))
 		{
 		ssl2_return_error(s,SSL2_PE_NO_CIPHER);
 		SSLerr(SSL_F_SSL2_ENC_INIT,SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS);
 		return(0);
 		}
-
-	s->read_hash=md;
-	s->write_hash=md;
+	ssl_replace_hash(&s->read_hash,md);
+	ssl_replace_hash(&s->write_hash,md);
 
 	if ((s->enc_read_ctx == NULL) &&
 		((s->enc_read_ctx=(EVP_CIPHER_CTX *)
 		OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL))
 		goto err;
+
+	/* make sure it's intialized in case the malloc for enc_write_ctx fails
+	 * and we exit with an error */
+	rs= s->enc_read_ctx;
+	EVP_CIPHER_CTX_init(rs);
+
 	if ((s->enc_write_ctx == NULL) &&
 		((s->enc_write_ctx=(EVP_CIPHER_CTX *)
 		OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL))
 		goto err;
 
-	rs= s->enc_read_ctx;
 	ws= s->enc_write_ctx;
-
-	EVP_CIPHER_CTX_init(rs);
 	EVP_CIPHER_CTX_init(ws);
 
 	num=c->key_len;
@@ -173,7 +175,7 @@ void ssl2_mac(SSL *s, unsigned char *md, int send)
 
 	/* There has to be a MAC algorithm. */
 	EVP_MD_CTX_init(&c);
-	EVP_DigestInit_ex(&c, s->read_hash, NULL);
+	EVP_MD_CTX_copy(&c, s->read_hash);
 	EVP_DigestUpdate(&c,sec,
 		EVP_CIPHER_CTX_key_length(s->enc_read_ctx));
 	EVP_DigestUpdate(&c,act,len); 
diff --git a/ssl/s2_lib.c b/ssl/s2_lib.c
index 075e49dc83..9914604109 100644
--- a/ssl/s2_lib.c
+++ b/ssl/s2_lib.c
@@ -55,6 +55,59 @@
  * copied and put under another distribution licence
  * [including the GNU Public Licence.]
  */
+/* ====================================================================
+ * Copyright (c) 1998-2007 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
 
 #include "ssl_locl.h"
 #ifndef OPENSSL_NO_SSL2
@@ -63,198 +116,194 @@
 #include <openssl/evp.h>
 #include <openssl/md5.h>
 
-static long ssl2_default_timeout(void );
-const char *ssl2_version_str="SSLv2" OPENSSL_VERSION_PTEXT;
+const char ssl2_version_str[]="SSLv2" OPENSSL_VERSION_PTEXT;
 
 #define SSL2_NUM_CIPHERS (sizeof(ssl2_ciphers)/sizeof(SSL_CIPHER))
 
-OPENSSL_GLOBAL SSL_CIPHER ssl2_ciphers[]={
-/* NULL_WITH_MD5 v3 */
+/* list of available SSLv2 ciphers (sorted by id) */
+OPENSSL_GLOBAL const SSL_CIPHER ssl2_ciphers[]={
 #if 0
+/* NULL_WITH_MD5 v3 */
 	{
 	1,
 	SSL2_TXT_NULL_WITH_MD5,
 	SSL2_CK_NULL_WITH_MD5,
-	SSL_kRSA|SSL_aRSA|SSL_eNULL|SSL_MD5|SSL_SSLV2,
+	SSL_kRSA,
+	SSL_aRSA,
+	SSL_eNULL,
+	SSL_MD5,
+	SSL_SSLV2,
 	SSL_EXPORT|SSL_EXP40|SSL_STRONG_NONE,
 	0,
 	0,
 	0,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
 	},
 #endif
-/* RC4_128_EXPORT40_WITH_MD5 */
-	{
-	1,
-	SSL2_TXT_RC4_128_EXPORT40_WITH_MD5,
-	SSL2_CK_RC4_128_EXPORT40_WITH_MD5,
-	SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_MD5|SSL_SSLV2,
-	SSL_EXPORT|SSL_EXP40,
-	SSL2_CF_5_BYTE_ENC,
-	40,
-	128,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
-	},
+
 /* RC4_128_WITH_MD5 */
 	{
 	1,
 	SSL2_TXT_RC4_128_WITH_MD5,
 	SSL2_CK_RC4_128_WITH_MD5,
-	SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_MD5|SSL_SSLV2,
+	SSL_kRSA,
+	SSL_aRSA,
+	SSL_RC4,
+	SSL_MD5,
+	SSL_SSLV2,
 	SSL_NOT_EXP|SSL_MEDIUM,
 	0,
 	128,
 	128,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
 	},
-/* RC2_128_CBC_EXPORT40_WITH_MD5 */
+
+/* RC4_128_EXPORT40_WITH_MD5 */
 	{
 	1,
-	SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5,
-	SSL2_CK_RC2_128_CBC_EXPORT40_WITH_MD5,
-	SSL_kRSA|SSL_aRSA|SSL_RC2|SSL_MD5|SSL_SSLV2,
+	SSL2_TXT_RC4_128_EXPORT40_WITH_MD5,
+	SSL2_CK_RC4_128_EXPORT40_WITH_MD5,
+	SSL_kRSA,
+	SSL_aRSA,
+	SSL_RC4,
+	SSL_MD5,
+	SSL_SSLV2,
 	SSL_EXPORT|SSL_EXP40,
 	SSL2_CF_5_BYTE_ENC,
 	40,
 	128,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
 	},
+
 /* RC2_128_CBC_WITH_MD5 */
 	{
 	1,
 	SSL2_TXT_RC2_128_CBC_WITH_MD5,
 	SSL2_CK_RC2_128_CBC_WITH_MD5,
-	SSL_kRSA|SSL_aRSA|SSL_RC2|SSL_MD5|SSL_SSLV2,
+	SSL_kRSA,
+	SSL_aRSA,
+	SSL_RC2,
+	SSL_MD5,
+	SSL_SSLV2,
 	SSL_NOT_EXP|SSL_MEDIUM,
 	0,
 	128,
 	128,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
 	},
-/* IDEA_128_CBC_WITH_MD5 */
+
+/* RC2_128_CBC_EXPORT40_WITH_MD5 */
+	{
+	1,
+	SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5,
+	SSL2_CK_RC2_128_CBC_EXPORT40_WITH_MD5,
+	SSL_kRSA,
+	SSL_aRSA,
+	SSL_RC2,
+	SSL_MD5,
+	SSL_SSLV2,
+	SSL_EXPORT|SSL_EXP40,
+	SSL2_CF_5_BYTE_ENC,
+	40,
+	128,
+	},
+
 #ifndef OPENSSL_NO_IDEA
+/* IDEA_128_CBC_WITH_MD5 */
 	{
 	1,
 	SSL2_TXT_IDEA_128_CBC_WITH_MD5,
 	SSL2_CK_IDEA_128_CBC_WITH_MD5,
-	SSL_kRSA|SSL_aRSA|SSL_IDEA|SSL_MD5|SSL_SSLV2,
+	SSL_kRSA,
+	SSL_aRSA,
+	SSL_IDEA,
+	SSL_MD5,
+	SSL_SSLV2,
 	SSL_NOT_EXP|SSL_MEDIUM,
 	0,
 	128,
 	128,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
 	},
 #endif
+
 /* DES_64_CBC_WITH_MD5 */
 	{
 	1,
 	SSL2_TXT_DES_64_CBC_WITH_MD5,
 	SSL2_CK_DES_64_CBC_WITH_MD5,
-	SSL_kRSA|SSL_aRSA|SSL_DES|SSL_MD5|SSL_SSLV2,
+	SSL_kRSA,
+	SSL_aRSA,
+	SSL_DES,
+	SSL_MD5,
+	SSL_SSLV2,
 	SSL_NOT_EXP|SSL_LOW,
 	0,
 	56,
 	56,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
 	},
+
 /* DES_192_EDE3_CBC_WITH_MD5 */
 	{
 	1,
 	SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5,
 	SSL2_CK_DES_192_EDE3_CBC_WITH_MD5,
-	SSL_kRSA|SSL_aRSA|SSL_3DES|SSL_MD5|SSL_SSLV2,
+	SSL_kRSA,
+	SSL_aRSA,
+	SSL_3DES,
+	SSL_MD5,
+	SSL_SSLV2,
 	SSL_NOT_EXP|SSL_HIGH,
 	0,
 	168,
 	168,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
 	},
+
+#if 0
 /* RC4_64_WITH_MD5 */
-#if 1
 	{
 	1,
 	SSL2_TXT_RC4_64_WITH_MD5,
 	SSL2_CK_RC4_64_WITH_MD5,
-	SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_MD5|SSL_SSLV2,
+	SSL_kRSA,
+	SSL_aRSA,
+	SSL_RC4,
+	SSL_MD5,
+	SSL_SSLV2,
 	SSL_NOT_EXP|SSL_LOW,
 	SSL2_CF_8_BYTE_ENC,
 	64,
 	64,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
 	},
 #endif
-/* NULL SSLeay (testing) */
+
 #if 0
+/* NULL SSLeay (testing) */
 	{	
 	0,
 	SSL2_TXT_NULL,
 	SSL2_CK_NULL,
 	0,
+	0,
+	0,
+	0,
+	SSL_SSLV2,
 	SSL_STRONG_NONE,
 	0,
 	0,
 	0,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
 	},
 #endif
 
 /* end of list :-) */
 	};
 
-static SSL_METHOD SSLv2_data= {
-	SSL2_VERSION,
-	ssl2_new,	/* local */
-	ssl2_clear,	/* local */
-	ssl2_free,	/* local */
-	ssl_undefined_function,
-	ssl_undefined_function,
-	ssl2_read,
-	ssl2_peek,
-	ssl2_write,
-	ssl2_shutdown,
-	ssl_ok,	/* NULL - renegotiate */
-	ssl_ok,	/* NULL - check renegotiate */
-	ssl2_ctrl,	/* local */
-	ssl2_ctx_ctrl,	/* local */
-	ssl2_get_cipher_by_char,
-	ssl2_put_cipher_by_char,
-	ssl2_pending,
-	ssl2_num_ciphers,
-	ssl2_get_cipher,
-	ssl_bad_method,
-	ssl2_default_timeout,
-	&ssl3_undef_enc_method,
-	ssl_undefined_function,
-	ssl2_callback_ctrl,	/* local */
-	ssl2_ctx_callback_ctrl,	/* local */
-	};
-
-static long ssl2_default_timeout(void)
+long ssl2_default_timeout(void)
 	{
 	return(300);
 	}
 
-SSL_METHOD *sslv2_base_method(void)
-	{
-	return(&SSLv2_data);
-	}
-
 int ssl2_num_ciphers(void)
 	{
 	return(SSL2_NUM_CIPHERS);
 	}
 
-SSL_CIPHER *ssl2_get_cipher(unsigned int u)
+const SSL_CIPHER *ssl2_get_cipher(unsigned int u)
 	{
 	if (u < SSL2_NUM_CIPHERS)
 		return(&(ssl2_ciphers[SSL2_NUM_CIPHERS-1-u]));
@@ -262,7 +311,7 @@ SSL_CIPHER *ssl2_get_cipher(unsigned int u)
 		return(NULL);
 	}
 
-int ssl2_pending(SSL *s)
+int ssl2_pending(const SSL *s)
 	{
 	return SSL_in_init(s) ? 0 : s->s2->ract_data_length;
 	}
@@ -348,7 +397,7 @@ long ssl2_ctrl(SSL *s, int cmd, long larg, void *parg)
 	return(ret);
 	}
 
-long ssl2_callback_ctrl(SSL *s, int cmd, void (*fp)())
+long ssl2_callback_ctrl(SSL *s, int cmd, void (*fp)(void))
 	{
 	return(0);
 	}
@@ -358,51 +407,27 @@ long ssl2_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
 	return(0);
 	}
 
-long ssl2_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)())
+long ssl2_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void))
 	{
 	return(0);
 	}
 
 /* This function needs to check if the ciphers required are actually
  * available */
-SSL_CIPHER *ssl2_get_cipher_by_char(const unsigned char *p)
+const SSL_CIPHER *ssl2_get_cipher_by_char(const unsigned char *p)
 	{
-	static int init=1;
-	static SSL_CIPHER *sorted[SSL2_NUM_CIPHERS];
-	SSL_CIPHER c,*cp= &c,**cpp;
+	SSL_CIPHER c;
+	const SSL_CIPHER *cp;
 	unsigned long id;
-	unsigned int i;
-
-	if (init)
-		{
-		CRYPTO_w_lock(CRYPTO_LOCK_SSL);
-
-		if (init)
-			{
-			for (i=0; i<SSL2_NUM_CIPHERS; i++)
-				sorted[i]= &(ssl2_ciphers[i]);
-
-			qsort((char *)sorted,
-				SSL2_NUM_CIPHERS,sizeof(SSL_CIPHER *),
-				FP_ICC ssl_cipher_ptr_id_cmp);
-
-			init=0;
-			}
-			
-		CRYPTO_w_unlock(CRYPTO_LOCK_SSL);
-		}
 
 	id=0x02000000L|((unsigned long)p[0]<<16L)|
 		((unsigned long)p[1]<<8L)|(unsigned long)p[2];
 	c.id=id;
-	cpp=(SSL_CIPHER **)OBJ_bsearch((char *)&cp,
-		(char *)sorted,
-		SSL2_NUM_CIPHERS,sizeof(SSL_CIPHER *),
-		FP_ICC ssl_cipher_ptr_id_cmp);
-	if ((cpp == NULL) || !(*cpp)->valid)
-		return(NULL);
+	cp = OBJ_bsearch_ssl_cipher_id(&c, ssl2_ciphers, SSL2_NUM_CIPHERS);
+	if ((cp == NULL) || (cp->valid == 0))
+		return NULL;
 	else
-		return(*cpp);
+		return cp;
 	}
 
 int ssl2_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
@@ -427,6 +452,7 @@ int ssl2_generate_key_material(SSL *s)
 	unsigned char *km;
 	unsigned char c='0';
 	const EVP_MD *md5;
+	int md_size;
 
 	md5 = EVP_md5();
 
@@ -443,10 +469,12 @@ int ssl2_generate_key_material(SSL *s)
  		SSLerr(SSL_F_SSL2_GENERATE_KEY_MATERIAL, ERR_R_INTERNAL_ERROR);
  		return 0;
  		}
-
-	for (i=0; i<s->s2->key_material_length; i += EVP_MD_size(md5))
+	md_size = EVP_MD_size(md5);
+	if (md_size < 0)
+	    return 0;
+	for (i=0; i<s->s2->key_material_length; i += md_size)
 		{
-		if (((km - s->s2->key_material) + EVP_MD_size(md5)) >
+		if (((km - s->s2->key_material) + md_size) >
 				(int)sizeof(s->s2->key_material))
 			{
 			/* EVP_DigestFinal_ex() below would write beyond buffer */
@@ -465,7 +493,7 @@ int ssl2_generate_key_material(SSL *s)
 		EVP_DigestUpdate(&ctx,s->s2->challenge,s->s2->challenge_length);
 		EVP_DigestUpdate(&ctx,s->s2->conn_id,s->s2->conn_id_length);
 		EVP_DigestFinal_ex(&ctx,km,NULL);
-		km += EVP_MD_size(md5);
+		km += md_size;
 		}
 
 	EVP_MD_CTX_cleanup(&ctx);
diff --git a/ssl/s2_meth.c b/ssl/s2_meth.c
index 8b6cbd086e..f0e8ca593d 100644
--- a/ssl/s2_meth.c
+++ b/ssl/s2_meth.c
@@ -61,8 +61,8 @@
 #include <stdio.h>
 #include <openssl/objects.h>
 
-static SSL_METHOD *ssl2_get_method(int ver);
-static SSL_METHOD *ssl2_get_method(int ver)
+static const SSL_METHOD *ssl2_get_method(int ver);
+static const SSL_METHOD *ssl2_get_method(int ver)
 	{
 	if (ver == SSL2_VERSION)
 		return(SSLv2_method());
@@ -70,29 +70,11 @@ static SSL_METHOD *ssl2_get_method(int ver)
 		return(NULL);
 	}
 
-SSL_METHOD *SSLv2_method(void)
-	{
-	static int init=1;
-	static SSL_METHOD SSLv2_data;
+IMPLEMENT_ssl2_meth_func(SSLv2_method,
+			 ssl2_accept,
+			 ssl2_connect,
+			 ssl2_get_method)
 
-	if (init)
-		{
-		CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
-		
-		if (init)
-			{
-			memcpy((char *)&SSLv2_data,(char *)sslv2_base_method(),
-				sizeof(SSL_METHOD));
-			SSLv2_data.ssl_connect=ssl2_connect;
-			SSLv2_data.ssl_accept=ssl2_accept;
-			SSLv2_data.get_ssl_method=ssl2_get_method;
-			init=0;
-			}
-		
-		CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
-		}
-	return(&SSLv2_data);
-	}
 #else /* !OPENSSL_NO_SSL2 */
 
 # if PEDANTIC
diff --git a/ssl/s2_pkt.c b/ssl/s2_pkt.c
index a10929a757..ac963b2d47 100644
--- a/ssl/s2_pkt.c
+++ b/ssl/s2_pkt.c
@@ -116,7 +116,7 @@
 #define USE_SOCKETS
 
 static int read_n(SSL *s,unsigned int n,unsigned int max,unsigned int extend);
-static int do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len);
+static int n_do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len);
 static int write_pending(SSL *s, const unsigned char *buf, unsigned int len);
 static int ssl_mt_error(int n);
 
@@ -130,7 +130,7 @@ static int ssl2_read_internal(SSL *s, void *buf, int len, int peek)
 	unsigned char mac[MAX_MAC_SIZE];
 	unsigned char *p;
 	int i;
-	unsigned int mac_size;
+	int mac_size;
 
  ssl2_read_again:
 	if (SSL_in_init(s) && !s->in_handshake)
@@ -246,7 +246,9 @@ static int ssl2_read_internal(SSL *s, void *buf, int len, int peek)
 			}
 		else
 			{
-			mac_size=EVP_MD_size(s->read_hash);
+			mac_size=EVP_MD_CTX_size(s->read_hash);
+			if (mac_size < 0)
+				return -1;
 			OPENSSL_assert(mac_size <= MAX_MAC_SIZE);
 			s->s2->mac_data=p;
 			s->s2->ract_data= &p[mac_size];
@@ -261,7 +263,7 @@ static int ssl2_read_internal(SSL *s, void *buf, int len, int peek)
 		/* added a check for length > max_size in case
 		 * encryption was not turned on yet due to an error */
 		if ((!s->s2->clear_text) &&
-			(s->s2->rlength >= mac_size))
+			(s->s2->rlength >= (unsigned int)mac_size))
 			{
 			ssl2_enc(s,0);
 			s->s2->ract_data_length-=mac_size;
@@ -447,7 +449,7 @@ int ssl2_write(SSL *s, const void *_buf, int len)
 	n=(len-tot);
 	for (;;)
 		{
-		i=do_ssl_write(s,&(buf[tot]),n);
+		i=n_do_ssl_write(s,&(buf[tot]),n);
 		if (i <= 0)
 			{
 			s->s2->wnum=tot;
@@ -511,9 +513,10 @@ static int write_pending(SSL *s, const unsigned char *buf, unsigned int len)
 		}
 	}
 
-static int do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len)
+static int n_do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len)
 	{
-	unsigned int j,k,olen,p,mac_size,bs;
+	unsigned int j,k,olen,p,bs;
+	int mac_size;
 	register unsigned char *pp;
 
 	olen=len;
@@ -529,7 +532,11 @@ static int do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len)
 	if (s->s2->clear_text)
 		mac_size=0;
 	else
-		mac_size=EVP_MD_size(s->write_hash);
+		{
+		mac_size=EVP_MD_CTX_size(s->write_hash);
+		if (mac_size < 0)
+			return -1;
+		}
 
 	/* lets set the pad p */
 	if (s->s2->clear_text)
diff --git a/ssl/s2_srvr.c b/ssl/s2_srvr.c
index 6c43f72078..1434e734dd 100644
--- a/ssl/s2_srvr.c
+++ b/ssl/s2_srvr.c
@@ -117,7 +117,7 @@
 #include <openssl/objects.h>
 #include <openssl/evp.h>
 
-static SSL_METHOD *ssl2_get_server_method(int ver);
+static const SSL_METHOD *ssl2_get_server_method(int ver);
 static int get_client_master_key(SSL *s);
 static int get_client_hello(SSL *s);
 static int server_hello(SSL *s); 
@@ -129,7 +129,7 @@ static int ssl_rsa_private_decrypt(CERT *c, int len, unsigned char *from,
 	unsigned char *to,int padding);
 #define BREAK	break
 
-static SSL_METHOD *ssl2_get_server_method(int ver)
+static const SSL_METHOD *ssl2_get_server_method(int ver)
 	{
 	if (ver == SSL2_VERSION)
 		return(SSLv2_server_method());
@@ -137,32 +137,14 @@ static SSL_METHOD *ssl2_get_server_method(int ver)
 		return(NULL);
 	}
 
-SSL_METHOD *SSLv2_server_method(void)
-	{
-	static int init=1;
-	static SSL_METHOD SSLv2_server_data;
-
-	if (init)
-		{
-		CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
-
-		if (init)
-			{
-			memcpy((char *)&SSLv2_server_data,(char *)sslv2_base_method(),
-				sizeof(SSL_METHOD));
-			SSLv2_server_data.ssl_accept=ssl2_accept;
-			SSLv2_server_data.get_ssl_method=ssl2_get_server_method;
-			init=0;
-			}
-
-		CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
-		}
-	return(&SSLv2_server_data);
-	}
+IMPLEMENT_ssl2_meth_func(SSLv2_server_method,
+			ssl2_accept,
+			ssl_undefined_function,
+			ssl2_get_server_method)
 
 int ssl2_accept(SSL *s)
 	{
-	unsigned long l=time(NULL);
+	unsigned long l=(unsigned long)time(NULL);
 	BUF_MEM *buf=NULL;
 	int ret= -1;
 	long num1;
@@ -285,7 +267,7 @@ int ssl2_accept(SSL *s)
  		case SSL2_ST_SEND_SERVER_VERIFY_C:
  			/* get the number of bytes to write */
  			num1=BIO_ctrl(s->wbio,BIO_CTRL_INFO,0,NULL);
- 			if (num1 != 0)
+ 			if (num1 > 0)
  				{
 				s->rwstate=SSL_WRITING;
  				num1=BIO_flush(s->wbio);
@@ -384,7 +366,7 @@ static int get_client_master_key(SSL *s)
 	int is_export,i,n,keya,ek;
 	unsigned long len;
 	unsigned char *p;
-	SSL_CIPHER *cp;
+	const SSL_CIPHER *cp;
 	const EVP_CIPHER *c;
 	const EVP_MD *md;
 
@@ -469,7 +451,7 @@ static int get_client_master_key(SSL *s)
 
 	is_export=SSL_C_IS_EXPORT(s->session->cipher);
 	
-	if (!ssl_cipher_get_evp(s->session,&c,&md,NULL))
+	if (!ssl_cipher_get_evp(s->session,&c,&md,NULL,NULL,NULL))
 		{
 		ssl2_return_error(s,SSL2_PE_NO_CIPHER);
 		SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS);
@@ -498,7 +480,8 @@ static int get_client_master_key(SSL *s)
 			i=ek;
 		else
 			i=EVP_CIPHER_key_length(c);
-		RAND_pseudo_bytes(p,i);
+		if (RAND_pseudo_bytes(p,i) <= 0)
+			return 0;
 		}
 #else
 	if (i < 0)
@@ -624,7 +607,7 @@ static int get_client_hello(SSL *s)
 	else
 		{
 		i=ssl_get_prev_session(s,&(p[s->s2->tmp.cipher_spec_length]),
-			s->s2->tmp.session_id_length);
+			s->s2->tmp.session_id_length, NULL);
 		if (i == 1)
 			{ /* previous session */
 			s->hit=1;
@@ -674,7 +657,7 @@ static int get_client_hello(SSL *s)
 			{
 			if (sk_SSL_CIPHER_find(allow,sk_SSL_CIPHER_value(prio,z)) < 0)
 				{
-				sk_SSL_CIPHER_delete(prio,z);
+				(void)sk_SSL_CIPHER_delete(prio,z);
 				z--;
 				}
 			}
@@ -796,7 +779,7 @@ static int server_hello(SSL *s)
 			/* lets send out the ciphers we like in the
 			 * prefered order */
 			sk= s->session->ciphers;
-			n=ssl_cipher_list_to_bytes(s,s->session->ciphers,d);
+			n=ssl_cipher_list_to_bytes(s,s->session->ciphers,d,0);
 			d+=n;
 			s2n(n,p);		/* add cipher length */
 			}
@@ -804,7 +787,8 @@ static int server_hello(SSL *s)
 		/* make and send conn_id */
 		s2n(SSL2_CONNECTION_ID_LENGTH,p);	/* add conn_id length */
 		s->s2->conn_id_length=SSL2_CONNECTION_ID_LENGTH;
-		RAND_pseudo_bytes(s->s2->conn_id,(int)s->s2->conn_id_length);
+		if (RAND_pseudo_bytes(s->s2->conn_id,(int)s->s2->conn_id_length) <= 0)
+			return -1;
 		memcpy(d,s->s2->conn_id,SSL2_CONNECTION_ID_LENGTH);
 		d+=SSL2_CONNECTION_ID_LENGTH;
 
@@ -950,7 +934,8 @@ static int request_certificate(SSL *s)
 		p=(unsigned char *)s->init_buf->data;
 		*(p++)=SSL2_MT_REQUEST_CERTIFICATE;
 		*(p++)=SSL2_AT_MD5_WITH_RSA_ENCRYPTION;
-		RAND_pseudo_bytes(ccd,SSL2_MIN_CERT_CHALLENGE_LENGTH);
+		if (RAND_pseudo_bytes(ccd,SSL2_MIN_CERT_CHALLENGE_LENGTH) <= 0)
+			return -1;
 		memcpy(p,ccd,SSL2_MIN_CERT_CHALLENGE_LENGTH);
 
 		s->state=SSL2_ST_SEND_REQUEST_CERTIFICATE_B;
@@ -1069,7 +1054,7 @@ static int request_certificate(SSL *s)
 
 	i=ssl_verify_cert_chain(s,sk);
 
-	if (i)	/* we like the packet, now check the chksum */
+	if (i > 0)	/* we like the packet, now check the chksum */
 		{
 		EVP_MD_CTX ctx;
 		EVP_PKEY *pkey=NULL;
@@ -1098,7 +1083,7 @@ static int request_certificate(SSL *s)
 		EVP_PKEY_free(pkey);
 		EVP_MD_CTX_cleanup(&ctx);
 
-		if (i) 
+		if (i > 0)
 			{
 			if (s->session->peer != NULL)
 				X509_free(s->session->peer);
diff --git a/ssl/s3_both.c b/ssl/s3_both.c
index 94df0e5c6c..16d92610e9 100644
--- a/ssl/s3_both.c
+++ b/ssl/s3_both.c
@@ -160,14 +160,29 @@ int ssl3_send_finished(SSL *s, int a, int b, const char *sender, int slen)
 		p= &(d[4]);
 
 		i=s->method->ssl3_enc->final_finish_mac(s,
-			&(s->s3->finish_dgst1),
-			&(s->s3->finish_dgst2),
 			sender,slen,s->s3->tmp.finish_md);
 		s->s3->tmp.finish_md_len = i;
 		memcpy(p, s->s3->tmp.finish_md, i);
 		p+=i;
 		l=i;
 
+                /* Copy the finished so we can use it for
+                   renegotiation checks */
+                if(s->type == SSL_ST_CONNECT)
+                        {
+                         OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
+                         memcpy(s->s3->previous_client_finished, 
+                             s->s3->tmp.finish_md, i);
+                         s->s3->previous_client_finished_len=i;
+                        }
+                else
+                        {
+                        OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
+                        memcpy(s->s3->previous_server_finished, 
+                            s->s3->tmp.finish_md, i);
+                        s->s3->previous_server_finished_len=i;
+                        }
+
 #ifdef OPENSSL_SYS_WIN16
 		/* MSVC 1.5 does not clear the top bytes of the word unless
 		 * I do this.
@@ -197,7 +212,7 @@ int ssl3_get_finished(SSL *s, int a, int b)
 	 * change cipher spec message and is in s->s3->tmp.peer_finish_md
 	 */ 
 
-	n=ssl3_get_message(s,
+	n=s->method->ssl_get_message(s,
 		a,
 		b,
 		SSL3_MT_FINISHED,
@@ -232,6 +247,23 @@ int ssl3_get_finished(SSL *s, int a, int b)
 		goto f_err;
 		}
 
+        /* Copy the finished so we can use it for
+           renegotiation checks */
+        if(s->type == SSL_ST_ACCEPT)
+                {
+                OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
+                memcpy(s->s3->previous_client_finished, 
+                    s->s3->tmp.peer_finish_md, i);
+                s->s3->previous_client_finished_len=i;
+                }
+        else
+                {
+                OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
+                memcpy(s->s3->previous_server_finished, 
+                    s->s3->tmp.peer_finish_md, i);
+                s->s3->previous_server_finished_len=i;
+                }
+
 	return(1);
 f_err:
 	ssl3_send_alert(s,SSL3_AL_FATAL,al);
@@ -264,15 +296,31 @@ int ssl3_send_change_cipher_spec(SSL *s, int a, int b)
 	return(ssl3_do_write(s,SSL3_RT_CHANGE_CIPHER_SPEC));
 	}
 
+static int ssl3_add_cert_to_buf(BUF_MEM *buf, unsigned long *l, X509 *x)
+	{
+	int n;
+	unsigned char *p;
+
+	n=i2d_X509(x,NULL);
+	if (!BUF_MEM_grow_clean(buf,(int)(n+(*l)+3)))
+		{
+		SSLerr(SSL_F_SSL3_ADD_CERT_TO_BUF,ERR_R_BUF_LIB);
+		return(-1);
+		}
+	p=(unsigned char *)&(buf->data[*l]);
+	l2n3(n,p);
+	i2d_X509(x,&p);
+	*l+=n+3;
+
+	return(0);
+	}
+
 unsigned long ssl3_output_cert_chain(SSL *s, X509 *x)
 	{
 	unsigned char *p;
-	int n,i;
+	int i;
 	unsigned long l=7;
 	BUF_MEM *buf;
-	X509_STORE_CTX xs_ctx;
-	X509_OBJECT obj;
-
 	int no_chain;
 
 	if ((s->mode & SSL_MODE_NO_AUTO_CHAIN) || s->ctx->extra_certs)
@@ -289,58 +337,40 @@ unsigned long ssl3_output_cert_chain(SSL *s, X509 *x)
 		}
 	if (x != NULL)
 		{
-		if(!no_chain && !X509_STORE_CTX_init(&xs_ctx,s->ctx->cert_store,NULL,NULL))
+		if (no_chain)
 			{
-			SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_X509_LIB);
-			return(0);
+			if (ssl3_add_cert_to_buf(buf, &l, x))
+				return(0);
 			}
-
-		for (;;)
+		else
 			{
-			n=i2d_X509(x,NULL);
-			if (!BUF_MEM_grow_clean(buf,(int)(n+l+3)))
+			X509_STORE_CTX xs_ctx;
+
+			if (!X509_STORE_CTX_init(&xs_ctx,s->ctx->cert_store,x,NULL))
 				{
-				SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB);
+				SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_X509_LIB);
 				return(0);
 				}
-			p=(unsigned char *)&(buf->data[l]);
-			l2n3(n,p);
-			i2d_X509(x,&p);
-			l+=n+3;
-
-			if (no_chain)
-				break;
-
-			if (X509_NAME_cmp(X509_get_subject_name(x),
-				X509_get_issuer_name(x)) == 0) break;
-
-			i=X509_STORE_get_by_subject(&xs_ctx,X509_LU_X509,
-				X509_get_issuer_name(x),&obj);
-			if (i <= 0) break;
-			x=obj.data.x509;
-			/* Count is one too high since the X509_STORE_get uped the
-			 * ref count */
-			X509_free(x);
-			}
-		if (!no_chain)
+			X509_verify_cert(&xs_ctx);
+			for (i=0; i < sk_X509_num(xs_ctx.chain); i++)
+				{
+				x = sk_X509_value(xs_ctx.chain, i);
+
+				if (ssl3_add_cert_to_buf(buf, &l, x))
+					{
+					X509_STORE_CTX_cleanup(&xs_ctx);
+					return 0;
+					}
+				}
 			X509_STORE_CTX_cleanup(&xs_ctx);
+			}
 		}
-
 	/* Thawte special :-) */
-	if (s->ctx->extra_certs != NULL)
 	for (i=0; i<sk_X509_num(s->ctx->extra_certs); i++)
 		{
 		x=sk_X509_value(s->ctx->extra_certs,i);
-		n=i2d_X509(x,NULL);
-		if (!BUF_MEM_grow_clean(buf,(int)(n+l+3)))
-			{
-			SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB);
+		if (ssl3_add_cert_to_buf(buf, &l, x))
 			return(0);
-			}
-		p=(unsigned char *)&(buf->data[l]);
-		l2n3(n,p);
-		i2d_X509(x,&p);
-		l+=n+3;
 		}
 
 	l-=7;
@@ -391,8 +421,8 @@ long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok)
 			{
 			while (s->init_num < 4)
 				{
-				i=ssl3_read_bytes(s,SSL3_RT_HANDSHAKE,&p[s->init_num],
-					4 - s->init_num, 0);
+				i=s->method->ssl_read_bytes(s,SSL3_RT_HANDSHAKE,
+					&p[s->init_num],4 - s->init_num, 0);
 				if (i <= 0)
 					{
 					s->rwstate=SSL_READING;
@@ -472,7 +502,7 @@ long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok)
 	n = s->s3->tmp.message_size - s->init_num;
 	while (n > 0)
 		{
-		i=ssl3_read_bytes(s,SSL3_RT_HANDSHAKE,&p[s->init_num],n,0);
+		i=s->method->ssl_read_bytes(s,SSL3_RT_HANDSHAKE,&p[s->init_num],n,0);
 		if (i <= 0)
 			{
 			s->rwstate=SSL_READING;
@@ -497,7 +527,7 @@ err:
 int ssl_cert_type(X509 *x, EVP_PKEY *pkey)
 	{
 	EVP_PKEY *pk;
-	int ret= -1,i,j;
+	int ret= -1,i;
 
 	if (pkey == NULL)
 		pk=X509_get_pubkey(x);
@@ -509,42 +539,25 @@ int ssl_cert_type(X509 *x, EVP_PKEY *pkey)
 	if (i == EVP_PKEY_RSA)
 		{
 		ret=SSL_PKEY_RSA_ENC;
-		if (x != NULL)
-			{
-			j=X509_get_ext_count(x);
-			/* check to see if this is a signing only certificate */
-			/* EAY EAY EAY EAY */
-			}
 		}
 	else if (i == EVP_PKEY_DSA)
 		{
 		ret=SSL_PKEY_DSA_SIGN;
 		}
-	else if (i == EVP_PKEY_DH)
-		{
-		/* if we just have a key, we needs to be guess */
-
-		if (x == NULL)
-			ret=SSL_PKEY_DH_DSA;
-		else
-			{
-			j=X509_get_signature_type(x);
-			if (j == EVP_PKEY_RSA)
-				ret=SSL_PKEY_DH_RSA;
-			else if (j== EVP_PKEY_DSA)
-				ret=SSL_PKEY_DH_DSA;
-			else ret= -1;
-			}
-		}
 #ifndef OPENSSL_NO_EC
 	else if (i == EVP_PKEY_EC)
 		{
 		ret = SSL_PKEY_ECC;
-		}
+		}	
 #endif
-	else
-		ret= -1;
-
+	else if (i == NID_id_GostR3410_94 || i == NID_id_GostR3410_94_cc) 
+		{
+		ret = SSL_PKEY_GOST94;
+		}
+	else if (i == NID_id_GostR3410_2001 || i == NID_id_GostR3410_2001_cc) 
+		{
+		ret = SSL_PKEY_GOST01;
+		}
 err:
 	if(!pkey) EVP_PKEY_free(pk);
 	return(ret);
@@ -610,37 +623,189 @@ int ssl_verify_alarm_type(long type)
 	return(al);
 	}
 
-int ssl3_setup_buffers(SSL *s)
+#ifndef OPENSSL_NO_BUF_FREELISTS
+/* On some platforms, malloc() performance is bad enough that you can't just
+ * free() and malloc() buffers all the time, so we need to use freelists from
+ * unused buffers.  Currently, each freelist holds memory chunks of only a
+ * given size (list->chunklen); other sized chunks are freed and malloced.
+ * This doesn't help much if you're using many different SSL option settings
+ * with a given context.  (The options affecting buffer size are
+ * max_send_fragment, read buffer vs write buffer,
+ * SSL_OP_MICROSOFT_BIG_WRITE_BUFFER, SSL_OP_NO_COMPRESSION, and
+ * SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS.)  Using a separate freelist for every
+ * possible size is not an option, since max_send_fragment can take on many
+ * different values.
+ *
+ * If you are on a platform with a slow malloc(), and you're using SSL
+ * connections with many different settings for these options, and you need to
+ * use the SSL_MOD_RELEASE_BUFFERS feature, you have a few options:
+ *    - Link against a faster malloc implementation.
+ *    - Use a separate SSL_CTX for each option set.
+ *    - Improve this code.
+ */
+static void *
+freelist_extract(SSL_CTX *ctx, int for_read, int sz)
+	{
+	SSL3_BUF_FREELIST *list;
+	SSL3_BUF_FREELIST_ENTRY *ent = NULL;
+	void *result = NULL;
+
+	CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
+	list = for_read ? ctx->rbuf_freelist : ctx->wbuf_freelist;
+	if (list != NULL && sz == (int)list->chunklen)
+		ent = list->head;
+	if (ent != NULL)
+		{
+		list->head = ent->next;
+		result = ent;
+		if (--list->len == 0)
+			list->chunklen = 0;
+		}
+	CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
+	if (!result)
+		result = OPENSSL_malloc(sz);
+	return result;
+}
+
+static void
+freelist_insert(SSL_CTX *ctx, int for_read, size_t sz, void *mem)
+	{
+	SSL3_BUF_FREELIST *list;
+	SSL3_BUF_FREELIST_ENTRY *ent;
+
+	CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
+	list = for_read ? ctx->rbuf_freelist : ctx->wbuf_freelist;
+	if (list != NULL &&
+	    (sz == list->chunklen || list->chunklen == 0) &&
+	    list->len < ctx->freelist_max_len &&
+	    sz >= sizeof(*ent))
+		{
+		list->chunklen = sz;
+		ent = mem;
+		ent->next = list->head;
+		list->head = ent;
+		++list->len;
+		mem = NULL;
+		}
+
+	CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
+	if (mem)
+		OPENSSL_free(mem);
+	}
+#else
+#define freelist_extract(c,fr,sz) OPENSSL_malloc(sz)
+#define freelist_insert(c,fr,sz,m) OPENSSL_free(m)
+#endif
+
+int ssl3_setup_read_buffer(SSL *s)
 	{
 	unsigned char *p;
-	unsigned int extra;
-	size_t len;
+	size_t len,align=0,headerlen;
+	
+	if (SSL_version(s) == DTLS1_VERSION || SSL_version(s) == DTLS1_BAD_VER)
+		headerlen = DTLS1_RT_HEADER_LENGTH;
+	else
+		headerlen = SSL3_RT_HEADER_LENGTH;
+
+#if defined(SSL3_ALIGN_PAYLOAD) && SSL3_ALIGN_PAYLOAD!=0
+	align = (-SSL3_RT_HEADER_LENGTH)&(SSL3_ALIGN_PAYLOAD-1);
+#endif
 
 	if (s->s3->rbuf.buf == NULL)
 		{
+		len = SSL3_RT_MAX_PLAIN_LENGTH
+			+ SSL3_RT_MAX_ENCRYPTED_OVERHEAD
+			+ headerlen + align;
 		if (s->options & SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER)
-			extra=SSL3_RT_MAX_EXTRA;
-		else
-			extra=0;
-		len = SSL3_RT_MAX_PACKET_SIZE + extra;
-		if ((p=OPENSSL_malloc(len)) == NULL)
+			{
+			s->s3->init_extra = 1;
+			len += SSL3_RT_MAX_EXTRA;
+			}
+#ifndef OPENSSL_NO_COMP
+		if (!(s->options & SSL_OP_NO_COMPRESSION))
+			len += SSL3_RT_MAX_COMPRESSED_OVERHEAD;
+#endif
+		if ((p=freelist_extract(s->ctx, 1, len)) == NULL)
 			goto err;
 		s->s3->rbuf.buf = p;
 		s->s3->rbuf.len = len;
 		}
 
+	s->packet= &(s->s3->rbuf.buf[0]);
+	return 1;
+
+err:
+	SSLerr(SSL_F_SSL3_SETUP_READ_BUFFER,ERR_R_MALLOC_FAILURE);
+	return 0;
+	}
+
+int ssl3_setup_write_buffer(SSL *s)
+	{
+	unsigned char *p;
+	size_t len,align=0,headerlen;
+
+	if (SSL_version(s) == DTLS1_VERSION || SSL_version(s) == DTLS1_BAD_VER)
+		headerlen = DTLS1_RT_HEADER_LENGTH + 1;
+	else
+		headerlen = SSL3_RT_HEADER_LENGTH;
+
+#if defined(SSL3_ALIGN_PAYLOAD) && SSL3_ALIGN_PAYLOAD!=0
+	align = (-SSL3_RT_HEADER_LENGTH)&(SSL3_ALIGN_PAYLOAD-1);
+#endif
+
 	if (s->s3->wbuf.buf == NULL)
 		{
-		len = SSL3_RT_MAX_PACKET_SIZE;
-		len += SSL3_RT_HEADER_LENGTH + 256; /* extra space for empty fragment */
-		if ((p=OPENSSL_malloc(len)) == NULL)
+		len = s->max_send_fragment
+			+ SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD
+			+ headerlen + align;
+#ifndef OPENSSL_NO_COMP
+		if (!(s->options & SSL_OP_NO_COMPRESSION))
+			len += SSL3_RT_MAX_COMPRESSED_OVERHEAD;
+#endif
+		if (!(s->options & SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS))
+			len += headerlen + align
+				+ SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD;
+
+		if ((p=freelist_extract(s->ctx, 0, len)) == NULL)
 			goto err;
 		s->s3->wbuf.buf = p;
 		s->s3->wbuf.len = len;
 		}
-	s->packet= &(s->s3->rbuf.buf[0]);
-	return(1);
+
+	return 1;
+
 err:
-	SSLerr(SSL_F_SSL3_SETUP_BUFFERS,ERR_R_MALLOC_FAILURE);
-	return(0);
+	SSLerr(SSL_F_SSL3_SETUP_WRITE_BUFFER,ERR_R_MALLOC_FAILURE);
+	return 0;
+	}
+
+
+int ssl3_setup_buffers(SSL *s)
+	{
+	if (!ssl3_setup_read_buffer(s))
+		return 0;
+	if (!ssl3_setup_write_buffer(s))
+		return 0;
+	return 1;
+	}
+
+int ssl3_release_write_buffer(SSL *s)
+	{
+	if (s->s3->wbuf.buf != NULL)
+		{
+		freelist_insert(s->ctx, 0, s->s3->wbuf.len, s->s3->wbuf.buf);
+		s->s3->wbuf.buf = NULL;
+		}
+	return 1;
 	}
+
+int ssl3_release_read_buffer(SSL *s)
+	{
+	if (s->s3->rbuf.buf != NULL)
+		{
+		freelist_insert(s->ctx, 1, s->s3->rbuf.len, s->s3->rbuf.buf);
+		s->s3->rbuf.buf = NULL;
+		}
+	return 1;
+	}
+
diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
index 56dbf75fe3..44b698cc5f 100644
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -56,7 +56,7 @@
  * [including the GNU Public Licence.]
  */
 /* ====================================================================
- * Copyright (c) 1998-2003 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1998-2007 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -121,6 +121,32 @@
  * Vipul Gupta and Sumit Gupta of Sun Microsystems Laboratories.
  *
  */
+/* ====================================================================
+ * Copyright 2005 Nokia. All rights reserved.
+ *
+ * The portions of the attached software ("Contribution") is developed by
+ * Nokia Corporation and is licensed pursuant to the OpenSSL open source
+ * license.
+ *
+ * The Contribution, originally written by Mika Kousa and Pasi Eronen of
+ * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+ * support (see RFC 4279) to OpenSSL.
+ *
+ * No patent licenses or other rights except those expressly stated in
+ * the OpenSSL open source license shall be deemed granted or received
+ * expressly, by implication, estoppel, or otherwise.
+ *
+ * No assurances are provided by Nokia that the Contribution does not
+ * infringe the patent or other intellectual property rights of any third
+ * party or that the license provides you with all the necessary rights
+ * to make use of the Contribution.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+ * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+ * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+ * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+ * OTHERWISE.
+ */
 
 #include <stdio.h>
 #include "ssl_locl.h"
@@ -130,28 +156,18 @@
 #include <openssl/objects.h>
 #include <openssl/evp.h>
 #include <openssl/md5.h>
+#ifndef OPENSSL_NO_DH
 #include <openssl/dh.h>
+#endif
 #include <openssl/bn.h>
+#ifndef OPENSSL_NO_ENGINE
+#include <openssl/engine.h>
+#endif
 
-static SSL_METHOD *ssl3_get_client_method(int ver);
-static int ssl3_client_hello(SSL *s);
-static int ssl3_get_server_hello(SSL *s);
-static int ssl3_get_certificate_request(SSL *s);
+static const SSL_METHOD *ssl3_get_client_method(int ver);
 static int ca_dn_cmp(const X509_NAME * const *a,const X509_NAME * const *b);
-static int ssl3_get_server_done(SSL *s);
-static int ssl3_send_client_verify(SSL *s);
-static int ssl3_send_client_certificate(SSL *s);
-static int ssl3_send_client_key_exchange(SSL *s);
-static int ssl3_get_key_exchange(SSL *s);
-static int ssl3_get_server_certificate(SSL *s);
-static int ssl3_check_cert_and_algorithm(SSL *s);
-
-#ifndef OPENSSL_NO_ECDH
-static int curve_id2nid(int curve_id);
-int check_srvr_ecc_cert_and_alg(X509 *x, SSL_CIPHER *cs);
-#endif
 
-static SSL_METHOD *ssl3_get_client_method(int ver)
+static const SSL_METHOD *ssl3_get_client_method(int ver)
 	{
 	if (ver == SSL3_VERSION)
 		return(SSLv3_client_method());
@@ -159,37 +175,18 @@ static SSL_METHOD *ssl3_get_client_method(int ver)
 		return(NULL);
 	}
 
-SSL_METHOD *SSLv3_client_method(void)
-	{
-	static int init=1;
-	static SSL_METHOD SSLv3_client_data;
-
-	if (init)
-		{
-		CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
-
-		if (init)
-			{
-			memcpy((char *)&SSLv3_client_data,(char *)sslv3_base_method(),
-				sizeof(SSL_METHOD));
-			SSLv3_client_data.ssl_connect=ssl3_connect;
-			SSLv3_client_data.get_ssl_method=ssl3_get_client_method;
-			init=0;
-			}
-
-		CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
-		}
-	return(&SSLv3_client_data);
-	}
+IMPLEMENT_ssl3_meth_func(SSLv3_client_method,
+			ssl_undefined_function,
+			ssl3_connect,
+			ssl3_get_client_method)
 
 int ssl3_connect(SSL *s)
 	{
 	BUF_MEM *buf=NULL;
-	unsigned long Time=time(NULL),l;
-	long num1;
+	unsigned long Time=(unsigned long)time(NULL);
 	void (*cb)(const SSL *ssl,int type,int val)=NULL;
 	int ret= -1;
-	int new_state,state,skip=0;;
+	int new_state,state,skip=0;
 
 	RAND_add(&Time,sizeof(Time),0);
 	ERR_clear_error();
@@ -281,6 +278,7 @@ int ssl3_connect(SSL *s)
 		case SSL3_ST_CR_SRVR_HELLO_B:
 			ret=ssl3_get_server_hello(s);
 			if (ret <= 0) goto end;
+
 			if (s->hit)
 				s->state=SSL3_ST_CR_FINISHED_A;
 			else
@@ -290,15 +288,45 @@ int ssl3_connect(SSL *s)
 
 		case SSL3_ST_CR_CERT_A:
 		case SSL3_ST_CR_CERT_B:
+#ifndef OPENSSL_NO_TLSEXT
+			ret=ssl3_check_finished(s);
+			if (ret <= 0) goto end;
+			if (ret == 2)
+				{
+				s->hit = 1;
+				if (s->tlsext_ticket_expected)
+					s->state=SSL3_ST_CR_SESSION_TICKET_A;
+				else
+					s->state=SSL3_ST_CR_FINISHED_A;
+				s->init_num=0;
+				break;
+				}
+#endif
 			/* Check if it is anon DH/ECDH */
-			if (!(s->s3->tmp.new_cipher->algorithms & SSL_aNULL))
+			/* or PSK */
+			if (!(s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL) &&
+			    !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK))
 				{
 				ret=ssl3_get_server_certificate(s);
 				if (ret <= 0) goto end;
+#ifndef OPENSSL_NO_TLSEXT
+				if (s->tlsext_status_expected)
+					s->state=SSL3_ST_CR_CERT_STATUS_A;
+				else
+					s->state=SSL3_ST_CR_KEY_EXCH_A;
+				}
+			else
+				{
+				skip = 1;
+				s->state=SSL3_ST_CR_KEY_EXCH_A;
+				}
+#else
 				}
 			else
 				skip=1;
+
 			s->state=SSL3_ST_CR_KEY_EXCH_A;
+#endif
 			s->init_num=0;
 			break;
 
@@ -352,7 +380,6 @@ int ssl3_connect(SSL *s)
 		case SSL3_ST_CW_KEY_EXCH_B:
 			ret=ssl3_send_client_key_exchange(s);
 			if (ret <= 0) goto end;
-			l=s->s3->tmp.new_cipher->algorithms;
 			/* EAY EAY EAY need to check for DH fix cert
 			 * sent back */
 			/* For TLS, cert_req is set to 2, so a cert chain
@@ -373,6 +400,11 @@ int ssl3_connect(SSL *s)
 				s->state=SSL3_ST_CW_CHANGE_A;
 				s->s3->change_cipher_spec=0;
 				}
+			if (s->s3->flags & TLS1_FLAGS_SKIP_CERT_VERIFY)
+				{
+				s->state=SSL3_ST_CW_CHANGE_A;
+				s->s3->change_cipher_spec=0;
+				}
 
 			s->init_num=0;
 			break;
@@ -395,11 +427,15 @@ int ssl3_connect(SSL *s)
 			s->init_num=0;
 
 			s->session->cipher=s->s3->tmp.new_cipher;
+#ifdef OPENSSL_NO_COMP
+			s->session->compress_meth=0;
+#else
 			if (s->s3->tmp.new_compression == NULL)
 				s->session->compress_meth=0;
 			else
 				s->session->compress_meth=
 					s->s3->tmp.new_compression->id;
+#endif
 			if (!s->method->ssl3_enc->setup_key_block(s))
 				{
 				ret= -1;
@@ -438,11 +474,36 @@ int ssl3_connect(SSL *s)
 				}
 			else
 				{
+#ifndef OPENSSL_NO_TLSEXT
+				/* Allow NewSessionTicket if ticket expected */
+				if (s->tlsext_ticket_expected)
+					s->s3->tmp.next_state=SSL3_ST_CR_SESSION_TICKET_A;
+				else
+#endif
+				
 				s->s3->tmp.next_state=SSL3_ST_CR_FINISHED_A;
 				}
 			s->init_num=0;
 			break;
 
+#ifndef OPENSSL_NO_TLSEXT
+		case SSL3_ST_CR_SESSION_TICKET_A:
+		case SSL3_ST_CR_SESSION_TICKET_B:
+			ret=ssl3_get_new_session_ticket(s);
+			if (ret <= 0) goto end;
+			s->state=SSL3_ST_CR_FINISHED_A;
+			s->init_num=0;
+		break;
+
+		case SSL3_ST_CR_CERT_STATUS_A:
+		case SSL3_ST_CR_CERT_STATUS_B:
+			ret=ssl3_get_cert_status(s);
+			if (ret <= 0) goto end;
+			s->state=SSL3_ST_CR_KEY_EXCH_A;
+			s->init_num=0;
+		break;
+#endif
+
 		case SSL3_ST_CR_FINISHED_A:
 		case SSL3_ST_CR_FINISHED_B:
 
@@ -458,16 +519,13 @@ int ssl3_connect(SSL *s)
 			break;
 
 		case SSL3_ST_CW_FLUSH:
-			/* number of bytes to be flushed */
-			num1=BIO_ctrl(s->wbio,BIO_CTRL_INFO,0,NULL);
-			if (num1 > 0)
+			s->rwstate=SSL_WRITING;
+			if (BIO_flush(s->wbio) <= 0)
 				{
-				s->rwstate=SSL_WRITING;
-				num1=BIO_flush(s->wbio);
-				if (num1 <= 0) { ret= -1; goto end; }
-				s->rwstate=SSL_NOTHING;
+				ret= -1;
+				goto end;
 				}
-
+			s->rwstate=SSL_NOTHING;
 			s->state=s->s3->tmp.next_state;
 			break;
 
@@ -539,20 +597,29 @@ end:
 	}
 
 
-static int ssl3_client_hello(SSL *s)
+int ssl3_client_hello(SSL *s)
 	{
 	unsigned char *buf;
 	unsigned char *p,*d;
-	int i,j;
+	int i;
 	unsigned long Time,l;
+#ifndef OPENSSL_NO_COMP
+	int j;
 	SSL_COMP *comp;
+#endif
 
 	buf=(unsigned char *)s->init_buf->data;
 	if (s->state == SSL3_ST_CW_CLNT_HELLO_A)
 		{
-		if ((s->session == NULL) ||
-			(s->session->ssl_version != s->version) ||
-			(s->session->not_resumable))
+		SSL_SESSION *sess = s->session;
+		if ((sess == NULL) ||
+			(sess->ssl_version != s->version) ||
+#ifdef OPENSSL_NO_TLSEXT
+			!sess->session_id_length ||
+#else
+			(!sess->session_id_length && !sess->tlsext_tick) ||
+#endif
+			(sess->not_resumable))
 			{
 			if (!ssl_get_new_session(s,0))
 				goto err;
@@ -560,9 +627,10 @@ static int ssl3_client_hello(SSL *s)
 		/* else use the pre-loaded session */
 
 		p=s->s3->client_random;
-		Time=time(NULL);			/* Time */
+		Time=(unsigned long)time(NULL);			/* Time */
 		l2n(Time,p);
-		RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-sizeof(Time));
+		if (RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-4) <= 0)
+			goto err;
 
 		/* Do the message type and length last */
 		d=p= &(buf[4]);
@@ -593,7 +661,7 @@ static int ssl3_client_hello(SSL *s)
 			}
 		
 		/* Ciphers supported */
-		i=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),&(p[2]));
+		i=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),&(p[2]),0);
 		if (i == 0)
 			{
 			SSLerr(SSL_F_SSL3_CLIENT_HELLO,SSL_R_NO_CIPHERS_AVAILABLE);
@@ -603,7 +671,12 @@ static int ssl3_client_hello(SSL *s)
 		p+=i;
 
 		/* COMPRESSION */
-		if (s->ctx->comp_methods == NULL)
+#ifdef OPENSSL_NO_COMP
+		*(p++)=1;
+#else
+
+		if ((s->options & SSL_OP_NO_COMPRESSION)
+					|| !s->ctx->comp_methods)
 			j=0;
 		else
 			j=sk_SSL_COMP_num(s->ctx->comp_methods);
@@ -613,7 +686,22 @@ static int ssl3_client_hello(SSL *s)
 			comp=sk_SSL_COMP_value(s->ctx->comp_methods,i);
 			*(p++)=comp->id;
 			}
+#endif
 		*(p++)=0; /* Add the NULL method */
+
+#ifndef OPENSSL_NO_TLSEXT
+		/* TLS extensions*/
+		if (ssl_prepare_clienthello_tlsext(s) <= 0)
+			{
+			SSLerr(SSL_F_SSL3_CLIENT_HELLO,SSL_R_CLIENTHELLO_TLSEXT);
+			goto err;
+			}
+		if ((p = ssl_add_clienthello_tlsext(s, p, buf+SSL3_RT_MAX_PLAIN_LENGTH)) == NULL)
+			{
+			SSLerr(SSL_F_SSL3_CLIENT_HELLO,ERR_R_INTERNAL_ERROR);
+			goto err;
+			}
+#endif
 		
 		l=(p-d);
 		d=buf;
@@ -632,24 +720,52 @@ err:
 	return(-1);
 	}
 
-static int ssl3_get_server_hello(SSL *s)
+int ssl3_get_server_hello(SSL *s)
 	{
 	STACK_OF(SSL_CIPHER) *sk;
-	SSL_CIPHER *c;
+	const SSL_CIPHER *c;
 	unsigned char *p,*d;
 	int i,al,ok;
 	unsigned int j;
 	long n;
+#ifndef OPENSSL_NO_COMP
 	SSL_COMP *comp;
+#endif
 
-	n=ssl3_get_message(s,
+	n=s->method->ssl_get_message(s,
 		SSL3_ST_CR_SRVR_HELLO_A,
 		SSL3_ST_CR_SRVR_HELLO_B,
-		SSL3_MT_SERVER_HELLO,
-		300, /* ?? */
+		-1,
+		20000, /* ?? */
 		&ok);
 
 	if (!ok) return((int)n);
+
+	if ( SSL_version(s) == DTLS1_VERSION || SSL_version(s) == DTLS1_BAD_VER)
+		{
+		if ( s->s3->tmp.message_type == DTLS1_MT_HELLO_VERIFY_REQUEST)
+			{
+			if ( s->d1->send_cookie == 0)
+				{
+				s->s3->tmp.reuse_message = 1;
+				return 1;
+				}
+			else /* already sent a cookie */
+				{
+				al=SSL_AD_UNEXPECTED_MESSAGE;
+				SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_BAD_MESSAGE_TYPE);
+				goto f_err;
+				}
+			}
+		}
+	
+	if ( s->s3->tmp.message_type != SSL3_MT_SERVER_HELLO)
+		{
+		al=SSL_AD_UNEXPECTED_MESSAGE;
+		SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_BAD_MESSAGE_TYPE);
+		goto f_err;
+		}
+
 	d=p=(unsigned char *)s->init_msg;
 
 	if ((p[0] != (s->version>>8)) || (p[1] != (s->version&0xff)))
@@ -676,6 +792,23 @@ static int ssl3_get_server_hello(SSL *s)
 		goto f_err;
 		}
 
+#ifndef OPENSSL_NO_TLSEXT
+	/* check if we want to resume the session based on external pre-shared secret */
+	if (s->version >= TLS1_VERSION && s->tls_session_secret_cb)
+		{
+		SSL_CIPHER *pref_cipher=NULL;
+		s->session->master_key_length=sizeof(s->session->master_key);
+		if (s->tls_session_secret_cb(s, s->session->master_key,
+					     &s->session->master_key_length,
+					     NULL, &pref_cipher,
+					     s->tls_session_secret_cb_arg))
+			{
+			s->session->cipher = pref_cipher ?
+				pref_cipher : ssl_get_cipher_by_char(s, p+j);
+			}
+		}
+#endif /* OPENSSL_NO_TLSEXT */
+
 	if (j != 0 && j == s->session->session_id_length
 	    && memcmp(p,s->session->session_id,j) == 0)
 	    {
@@ -742,12 +875,43 @@ static int ssl3_get_server_hello(SSL *s)
 			}
 		}
 	s->s3->tmp.new_cipher=c;
+	if (!ssl3_digest_cached_records(s))
+		goto f_err;
 
 	/* lets get the compression algorithm */
 	/* COMPRESSION */
+#ifdef OPENSSL_NO_COMP
+	if (*(p++) != 0)
+		{
+		al=SSL_AD_ILLEGAL_PARAMETER;
+		SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM);
+		goto f_err;
+		}
+	/* If compression is disabled we'd better not try to resume a session
+	 * using compression.
+	 */
+	if (s->session->compress_meth != 0)
+		{
+		al=SSL_AD_INTERNAL_ERROR;
+		SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_INCONSISTENT_COMPRESSION);
+		goto f_err;
+		}
+#else
 	j= *(p++);
+	if (s->hit && j != s->session->compress_meth)
+		{
+		al=SSL_AD_ILLEGAL_PARAMETER;
+		SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED);
+		goto f_err;
+		}
 	if (j == 0)
 		comp=NULL;
+	else if (s->options & SSL_OP_NO_COMPRESSION)
+		{
+		al=SSL_AD_ILLEGAL_PARAMETER;
+		SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_COMPRESSION_DISABLED);
+		goto f_err;
+		}
 	else
 		comp=ssl3_comp_find(s->ctx->comp_methods,j);
 	
@@ -761,6 +925,25 @@ static int ssl3_get_server_hello(SSL *s)
 		{
 		s->s3->tmp.new_compression=comp;
 		}
+#endif
+
+#ifndef OPENSSL_NO_TLSEXT
+	/* TLS extensions*/
+	if (s->version >= SSL3_VERSION)
+		{
+		if (!ssl_parse_serverhello_tlsext(s,&p,d,n, &al))
+			{
+			/* 'al' set by ssl_parse_serverhello_tlsext */
+			SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_PARSE_TLSEXT);
+			goto f_err; 
+			}
+		if (ssl_check_serverhello_tlsext(s) <= 0)
+			{
+			SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_SERVERHELLO_TLSEXT);
+				goto err;
+			}
+		}
+#endif
 
 	if (p != (d+n))
 		{
@@ -777,7 +960,7 @@ err:
 	return(-1);
 	}
 
-static int ssl3_get_server_certificate(SSL *s)
+int ssl3_get_server_certificate(SSL *s)
 	{
 	int al,i,ok,ret= -1;
 	unsigned long n,nc,llen,l;
@@ -789,7 +972,7 @@ static int ssl3_get_server_certificate(SSL *s)
 	EVP_PKEY *pkey=NULL;
 	int need_cert = 1; /* VRS: 0=> will allow null cert if auth == KRB5 */
 
-	n=ssl3_get_message(s,
+	n=s->method->ssl_get_message(s,
 		SSL3_ST_CR_CERT_A,
 		SSL3_ST_CR_CERT_B,
 		-1,
@@ -860,12 +1043,12 @@ static int ssl3_get_server_certificate(SSL *s)
 		}
 
 	i=ssl_verify_cert_chain(s,sk);
-	if ((s->verify_mode != SSL_VERIFY_NONE) && (!i)
+	if ((s->verify_mode != SSL_VERIFY_NONE) && (i <= 0)
 #ifndef OPENSSL_NO_KRB5
-	        && (s->s3->tmp.new_cipher->algorithms & (SSL_MKEY_MASK|SSL_AUTH_MASK))
-	        != (SSL_aKRB5|SSL_kKRB5)
+	    && !((s->s3->tmp.new_cipher->algorithm_mkey & SSL_kKRB5) &&
+		 (s->s3->tmp.new_cipher->algorithm_auth & SSL_aKRB5))
 #endif /* OPENSSL_NO_KRB5 */
-	        )
+		)
 		{
 		al=ssl_verify_alarm_type(s->verify_result);
 		SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_CERTIFICATE_VERIFY_FAILED);
@@ -889,15 +1072,15 @@ static int ssl3_get_server_certificate(SSL *s)
 	pkey=X509_get_pubkey(x);
 
 	/* VRS: allow null cert if auth == KRB5 */
-	need_cert =	((s->s3->tmp.new_cipher->algorithms
-	                 & (SSL_MKEY_MASK|SSL_AUTH_MASK))
-	                 == (SSL_aKRB5|SSL_kKRB5))? 0: 1;
+	need_cert = ((s->s3->tmp.new_cipher->algorithm_mkey & SSL_kKRB5) &&
+	            (s->s3->tmp.new_cipher->algorithm_auth & SSL_aKRB5))
+	            ? 0 : 1;
 
 #ifdef KSSL_DEBUG
 	printf("pkey,x = %p, %p\n", pkey,x);
 	printf("ssl_cert_type(x,pkey) = %d\n", ssl_cert_type(x,pkey));
-	printf("cipher, alg, nc = %s, %lx, %d\n", s->s3->tmp.new_cipher->name,
-	        s->s3->tmp.new_cipher->algorithms, need_cert);
+	printf("cipher, alg, nc = %s, %lx, %lx, %d\n", s->s3->tmp.new_cipher->name,
+		s->s3->tmp.new_cipher->algorithm_mkey, s->s3->tmp.new_cipher->algorithm_auth, need_cert);
 #endif    /* KSSL_DEBUG */
 
 	if (need_cert && ((pkey == NULL) || EVP_PKEY_missing_parameters(pkey)))
@@ -961,7 +1144,7 @@ err:
 	return(ret);
 	}
 
-static int ssl3_get_key_exchange(SSL *s)
+int ssl3_get_key_exchange(SSL *s)
 	{
 #ifndef OPENSSL_NO_RSA
 	unsigned char *q,md_buf[EVP_MAX_MD_SIZE*2];
@@ -969,7 +1152,7 @@ static int ssl3_get_key_exchange(SSL *s)
 	EVP_MD_CTX md_ctx;
 	unsigned char *param,*p;
 	int al,i,j,param_len,ok;
-	long n,alg;
+	long n,alg_k,alg_a;
 	EVP_PKEY *pkey=NULL;
 #ifndef OPENSSL_NO_RSA
 	RSA *rsa=NULL;
@@ -987,23 +1170,34 @@ static int ssl3_get_key_exchange(SSL *s)
 
 	/* use same message size as in ssl3_get_certificate_request()
 	 * as ServerKeyExchange message may be skipped */
-	n=ssl3_get_message(s,
+	n=s->method->ssl_get_message(s,
 		SSL3_ST_CR_KEY_EXCH_A,
 		SSL3_ST_CR_KEY_EXCH_B,
 		-1,
 		s->max_cert_list,
 		&ok);
-
 	if (!ok) return((int)n);
 
 	if (s->s3->tmp.message_type != SSL3_MT_SERVER_KEY_EXCHANGE)
 		{
+#ifndef OPENSSL_NO_PSK
+		/* In plain PSK ciphersuite, ServerKeyExchange can be
+		   omitted if no identity hint is sent. Set
+		   session->sess_cert anyway to avoid problems
+		   later.*/
+		if (s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK)
+			{
+			s->session->sess_cert=ssl_sess_cert_new();
+			if (s->ctx->psk_identity_hint)
+				OPENSSL_free(s->ctx->psk_identity_hint);
+			s->ctx->psk_identity_hint = NULL;
+			}
+#endif
 		s->s3->tmp.reuse_message=1;
 		return(1);
 		}
 
 	param=p=(unsigned char *)s->init_msg;
-
 	if (s->session->sess_cert != NULL)
 		{
 #ifndef OPENSSL_NO_RSA
@@ -1034,11 +1228,57 @@ static int ssl3_get_key_exchange(SSL *s)
 		}
 
 	param_len=0;
-	alg=s->s3->tmp.new_cipher->algorithms;
+	alg_k=s->s3->tmp.new_cipher->algorithm_mkey;
+	alg_a=s->s3->tmp.new_cipher->algorithm_auth;
 	EVP_MD_CTX_init(&md_ctx);
 
+#ifndef OPENSSL_NO_PSK
+	if (alg_k & SSL_kPSK)
+		{
+		char tmp_id_hint[PSK_MAX_IDENTITY_LEN+1];
+
+		al=SSL_AD_HANDSHAKE_FAILURE;
+		n2s(p,i);
+		param_len=i+2;
+		/* Store PSK identity hint for later use, hint is used
+		 * in ssl3_send_client_key_exchange.  Assume that the
+		 * maximum length of a PSK identity hint can be as
+		 * long as the maximum length of a PSK identity. */
+		if (i > PSK_MAX_IDENTITY_LEN)
+			{
+			SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
+				SSL_R_DATA_LENGTH_TOO_LONG);
+			goto f_err;
+			}
+		if (param_len > n)
+			{
+			al=SSL_AD_DECODE_ERROR;
+			SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
+				SSL_R_BAD_PSK_IDENTITY_HINT_LENGTH);
+			goto f_err;
+			}
+		/* If received PSK identity hint contains NULL
+		 * characters, the hint is truncated from the first
+		 * NULL. p may not be ending with NULL, so create a
+		 * NULL-terminated string. */
+		memcpy(tmp_id_hint, p, i);
+		memset(tmp_id_hint+i, 0, PSK_MAX_IDENTITY_LEN+1-i);
+		if (s->ctx->psk_identity_hint != NULL)
+			OPENSSL_free(s->ctx->psk_identity_hint);
+		s->ctx->psk_identity_hint = BUF_strdup(tmp_id_hint);
+		if (s->ctx->psk_identity_hint == NULL)
+			{
+			SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE);
+			goto f_err;
+			}	   
+
+		p+=i;
+		n-=param_len;
+		}
+	else
+#endif /* !OPENSSL_NO_PSK */
 #ifndef OPENSSL_NO_RSA
-	if (alg & SSL_kRSA)
+	if (alg_k & SSL_kRSA)
 		{
 		if ((rsa=RSA_new()) == NULL)
 			{
@@ -1077,7 +1317,7 @@ static int ssl3_get_key_exchange(SSL *s)
 		n-=param_len;
 
 		/* this should be because we are using an export cipher */
-		if (alg & SSL_aRSA)
+		if (alg_a & SSL_aRSA)
 			pkey=X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509);
 		else
 			{
@@ -1092,7 +1332,7 @@ static int ssl3_get_key_exchange(SSL *s)
 		;
 #endif
 #ifndef OPENSSL_NO_DH
-	else if (alg & SSL_kEDH)
+	else if (alg_k & SSL_kEDH)
 		{
 		if ((dh=DH_new()) == NULL)
 			{
@@ -1146,14 +1386,14 @@ static int ssl3_get_key_exchange(SSL *s)
 		n-=param_len;
 
 #ifndef OPENSSL_NO_RSA
-		if (alg & SSL_aRSA)
+		if (alg_a & SSL_aRSA)
 			pkey=X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509);
 #else
 		if (0)
 			;
 #endif
 #ifndef OPENSSL_NO_DSA
-		else if (alg & SSL_aDSS)
+		else if (alg_a & SSL_aDSS)
 			pkey=X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_DSA_SIGN].x509);
 #endif
 		/* else anonymous DH, so no certificate or pkey. */
@@ -1161,7 +1401,7 @@ static int ssl3_get_key_exchange(SSL *s)
 		s->session->sess_cert->peer_dh_tmp=dh;
 		dh=NULL;
 		}
-	else if ((alg & SSL_kDHr) || (alg & SSL_kDHd))
+	else if ((alg_k & SSL_kDHr) || (alg_k & SSL_kDHd))
 		{
 		al=SSL_AD_ILLEGAL_PARAMETER;
 		SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER);
@@ -1170,8 +1410,11 @@ static int ssl3_get_key_exchange(SSL *s)
 #endif /* !OPENSSL_NO_DH */
 
 #ifndef OPENSSL_NO_ECDH
-	else if (alg & SSL_kECDHE)
+	else if (alg_k & SSL_kEECDH)
 		{
+		EC_GROUP *ngroup;
+		const EC_GROUP *group;
+
 		if ((ecdh=EC_KEY_new()) == NULL)
 			{
 			SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_MALLOC_FAILURE);
@@ -1185,36 +1428,45 @@ static int ssl3_get_key_exchange(SSL *s)
 		 */
 
 		/* XXX: For now we only support named (not generic) curves
-		 * and the ECParameters in this case is just two bytes.
+		 * and the ECParameters in this case is just three bytes.
 		 */
-		param_len=2;
+		param_len=3;
 		if ((param_len > n) ||
 		    (*p != NAMED_CURVE_TYPE) || 
-		    ((curve_nid = curve_id2nid(*(p + 1))) == 0)) 
+		    ((curve_nid = tls1_ec_curve_id2nid(*(p + 2))) == 0)) 
 			{
 			al=SSL_AD_INTERNAL_ERROR;
 			SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS);
 			goto f_err;
 			}
 
-		if (!(ecdh->group=EC_GROUP_new_by_nid(curve_nid)))
+		ngroup = EC_GROUP_new_by_curve_name(curve_nid);
+		if (ngroup == NULL)
+			{
+			SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_EC_LIB);
+			goto err;
+			}
+		if (EC_KEY_set_group(ecdh, ngroup) == 0)
 			{
 			SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_EC_LIB);
 			goto err;
 			}
+		EC_GROUP_free(ngroup);
+
+		group = EC_KEY_get0_group(ecdh);
 
 		if (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) &&
-		    (EC_GROUP_get_degree(ecdh->group) > 163))
+		    (EC_GROUP_get_degree(group) > 163))
 			{
 			al=SSL_AD_EXPORT_RESTRICTION;
 			SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_ECGROUP_TOO_LARGE_FOR_CIPHER);
 			goto f_err;
 			}
 
-		p+=2;
+		p+=3;
 
 		/* Next, get the encoded ECPoint */
-		if (((srvr_ecpoint = EC_POINT_new(ecdh->group)) == NULL) ||
+		if (((srvr_ecpoint = EC_POINT_new(group)) == NULL) ||
 		    ((bn_ctx = BN_CTX_new()) == NULL))
 			{
 			SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_MALLOC_FAILURE);
@@ -1225,7 +1477,7 @@ static int ssl3_get_key_exchange(SSL *s)
 		p+=1;
 		param_len += (1 + encoded_pt_len);
 		if ((param_len > n) ||
-		    (EC_POINT_oct2point(ecdh->group, srvr_ecpoint, 
+		    (EC_POINT_oct2point(group, srvr_ecpoint, 
 			p, encoded_pt_len, bn_ctx) == 0))
 			{
 			al=SSL_AD_DECODE_ERROR;
@@ -1242,33 +1494,28 @@ static int ssl3_get_key_exchange(SSL *s)
 		 */
 		if (0) ;
 #ifndef OPENSSL_NO_RSA
-		else if (alg & SSL_aRSA)
+		else if (alg_a & SSL_aRSA)
 			pkey=X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509);
 #endif
 #ifndef OPENSSL_NO_ECDSA
-		else if (alg & SSL_aECDSA)
+		else if (alg_a & SSL_aECDSA)
 			pkey=X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_ECC].x509);
 #endif
 		/* else anonymous ECDH, so no certificate or pkey. */
-		ecdh->pub_key = srvr_ecpoint;
+		EC_KEY_set_public_key(ecdh, srvr_ecpoint);
 		s->session->sess_cert->peer_ecdh_tmp=ecdh;
 		ecdh=NULL;
 		BN_CTX_free(bn_ctx);
+		EC_POINT_free(srvr_ecpoint);
 		srvr_ecpoint = NULL;
 		}
-	else if (alg & SSL_kECDH)
+	else if (alg_k)
 		{
 		al=SSL_AD_UNEXPECTED_MESSAGE;
 		SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_UNEXPECTED_MESSAGE);
 		goto f_err;
 		}
 #endif /* !OPENSSL_NO_ECDH */
-	if (alg & SSL_aFZA)
-		{
-		al=SSL_AD_HANDSHAKE_FAILURE;
-		SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER);
-		goto f_err;
-		}
 
 
 	/* p points to the next byte, there are 'n' bytes left */
@@ -1332,7 +1579,7 @@ static int ssl3_get_key_exchange(SSL *s)
 			EVP_VerifyUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE);
 			EVP_VerifyUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE);
 			EVP_VerifyUpdate(&md_ctx,param,param_len);
-			if (!EVP_VerifyFinal(&md_ctx,p,(int)n,pkey))
+			if (EVP_VerifyFinal(&md_ctx,p,(int)n,pkey) <= 0)
 				{
 				/* bad signature */
 				al=SSL_AD_DECRYPT_ERROR;
@@ -1350,7 +1597,7 @@ static int ssl3_get_key_exchange(SSL *s)
 			EVP_VerifyUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE);
 			EVP_VerifyUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE);
 			EVP_VerifyUpdate(&md_ctx,param,param_len);
-			if (!EVP_VerifyFinal(&md_ctx,p,(int)n,pkey))
+			if (EVP_VerifyFinal(&md_ctx,p,(int)n,pkey) <= 0)
 				{
 				/* bad signature */
 				al=SSL_AD_DECRYPT_ERROR;
@@ -1367,12 +1614,13 @@ static int ssl3_get_key_exchange(SSL *s)
 		}
 	else
 		{
-		/* still data left over */
-		if (!(alg & SSL_aNULL))
+		if (!(alg_a & SSL_aNULL) && !(alg_k & SSL_kPSK))
+			/* aNULL or kPSK do not need public keys */
 			{
 			SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_INTERNAL_ERROR);
 			goto err;
 			}
+		/* still data left over */
 		if (n != 0)
 			{
 			al=SSL_AD_DECODE_ERROR;
@@ -1405,7 +1653,7 @@ err:
 	return(-1);
 	}
 
-static int ssl3_get_certificate_request(SSL *s)
+int ssl3_get_certificate_request(SSL *s)
 	{
 	int ok,ret=0;
 	unsigned long n,nc,l;
@@ -1415,7 +1663,7 @@ static int ssl3_get_certificate_request(SSL *s)
 	unsigned char *d;
 	STACK_OF(X509_NAME) *ca_sk=NULL;
 
-	n=ssl3_get_message(s,
+	n=s->method->ssl_get_message(s,
 		SSL3_ST_CR_CERT_REQ_A,
 		SSL3_ST_CR_CERT_REQ_B,
 		-1,
@@ -1442,8 +1690,7 @@ static int ssl3_get_certificate_request(SSL *s)
 	/* TLS does not like anon-DH with client cert */
 	if (s->version > SSL3_VERSION)
 		{
-		l=s->s3->tmp.new_cipher->algorithms;
-		if (l & SSL_aNULL)
+		if (s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL)
 			{
 			ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_UNEXPECTED_MESSAGE);
 			SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER);
@@ -1552,13 +1799,171 @@ static int ca_dn_cmp(const X509_NAME * const *a, const X509_NAME * const *b)
 	{
 	return(X509_NAME_cmp(*a,*b));
 	}
+#ifndef OPENSSL_NO_TLSEXT
+int ssl3_get_new_session_ticket(SSL *s)
+	{
+	int ok,al,ret=0, ticklen;
+	long n;
+	const unsigned char *p;
+	unsigned char *d;
 
-static int ssl3_get_server_done(SSL *s)
+	n=s->method->ssl_get_message(s,
+		SSL3_ST_CR_SESSION_TICKET_A,
+		SSL3_ST_CR_SESSION_TICKET_B,
+		-1,
+		16384,
+		&ok);
+
+	if (!ok)
+		return((int)n);
+
+	if (s->s3->tmp.message_type == SSL3_MT_FINISHED)
+		{
+		s->s3->tmp.reuse_message=1;
+		return(1);
+		}
+	if (s->s3->tmp.message_type != SSL3_MT_NEWSESSION_TICKET)
+		{
+		al=SSL_AD_UNEXPECTED_MESSAGE;
+		SSLerr(SSL_F_SSL3_GET_NEW_SESSION_TICKET,SSL_R_BAD_MESSAGE_TYPE);
+		goto f_err;
+		}
+	if (n < 6)
+		{
+		/* need at least ticket_lifetime_hint + ticket length */
+		al = SSL3_AL_FATAL,SSL_AD_DECODE_ERROR;
+		SSLerr(SSL_F_SSL3_GET_NEW_SESSION_TICKET,SSL_R_LENGTH_MISMATCH);
+		goto f_err;
+		}
+
+	p=d=(unsigned char *)s->init_msg;
+	n2l(p, s->session->tlsext_tick_lifetime_hint);
+	n2s(p, ticklen);
+	/* ticket_lifetime_hint + ticket_length + ticket */
+	if (ticklen + 6 != n)
+		{
+		al = SSL3_AL_FATAL,SSL_AD_DECODE_ERROR;
+		SSLerr(SSL_F_SSL3_GET_NEW_SESSION_TICKET,SSL_R_LENGTH_MISMATCH);
+		goto f_err;
+		}
+	if (s->session->tlsext_tick)
+		{
+		OPENSSL_free(s->session->tlsext_tick);
+		s->session->tlsext_ticklen = 0;
+		}
+	s->session->tlsext_tick = OPENSSL_malloc(ticklen);
+	if (!s->session->tlsext_tick)
+		{
+		SSLerr(SSL_F_SSL3_GET_NEW_SESSION_TICKET,ERR_R_MALLOC_FAILURE);
+		goto err;
+		}
+	memcpy(s->session->tlsext_tick, p, ticklen);
+	s->session->tlsext_ticklen = ticklen;
+	/* There are two ways to detect a resumed ticket sesion.
+	 * One is to set an appropriate session ID and then the server
+	 * must return a match in ServerHello. This allows the normal
+	 * client session ID matching to work and we know much 
+	 * earlier that the ticket has been accepted.
+	 * 
+	 * The other way is to set zero length session ID when the
+	 * ticket is presented and rely on the handshake to determine
+	 * session resumption.
+	 *
+	 * We choose the former approach because this fits in with
+	 * assumptions elsewhere in OpenSSL. The session ID is set
+	 * to the SHA256 (or SHA1 is SHA256 is disabled) hash of the
+	 * ticket.
+	 */ 
+	EVP_Digest(p, ticklen,
+			s->session->session_id, &s->session->session_id_length,
+#ifndef OPENSSL_NO_SHA256
+							EVP_sha256(), NULL);
+#else
+							EVP_sha1(), NULL);
+#endif
+	ret=1;
+	return(ret);
+f_err:
+	ssl3_send_alert(s,SSL3_AL_FATAL,al);
+err:
+	return(-1);
+	}
+
+int ssl3_get_cert_status(SSL *s)
+	{
+	int ok, al;
+	unsigned long resplen,n;
+	const unsigned char *p;
+
+	n=s->method->ssl_get_message(s,
+		SSL3_ST_CR_CERT_STATUS_A,
+		SSL3_ST_CR_CERT_STATUS_B,
+		SSL3_MT_CERTIFICATE_STATUS,
+		16384,
+		&ok);
+
+	if (!ok) return((int)n);
+	if (n < 4)
+		{
+		/* need at least status type + length */
+		al = SSL_AD_DECODE_ERROR;
+		SSLerr(SSL_F_SSL3_GET_CERT_STATUS,SSL_R_LENGTH_MISMATCH);
+		goto f_err;
+		}
+	p = (unsigned char *)s->init_msg;
+	if (*p++ != TLSEXT_STATUSTYPE_ocsp)
+		{
+		al = SSL_AD_DECODE_ERROR;
+		SSLerr(SSL_F_SSL3_GET_CERT_STATUS,SSL_R_UNSUPPORTED_STATUS_TYPE);
+		goto f_err;
+		}
+	n2l3(p, resplen);
+	if (resplen + 4 != n)
+		{
+		al = SSL_AD_DECODE_ERROR;
+		SSLerr(SSL_F_SSL3_GET_CERT_STATUS,SSL_R_LENGTH_MISMATCH);
+		goto f_err;
+		}
+	if (s->tlsext_ocsp_resp)
+		OPENSSL_free(s->tlsext_ocsp_resp);
+	s->tlsext_ocsp_resp = BUF_memdup(p, resplen);
+	if (!s->tlsext_ocsp_resp)
+		{
+		al = SSL_AD_INTERNAL_ERROR;
+		SSLerr(SSL_F_SSL3_GET_CERT_STATUS,ERR_R_MALLOC_FAILURE);
+		goto f_err;
+		}
+	s->tlsext_ocsp_resplen = resplen;
+	if (s->ctx->tlsext_status_cb)
+		{
+		int ret;
+		ret = s->ctx->tlsext_status_cb(s, s->ctx->tlsext_status_arg);
+		if (ret == 0)
+			{
+			al = SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE;
+			SSLerr(SSL_F_SSL3_GET_CERT_STATUS,SSL_R_INVALID_STATUS_RESPONSE);
+			goto f_err;
+			}
+		if (ret < 0)
+			{
+			al = SSL_AD_INTERNAL_ERROR;
+			SSLerr(SSL_F_SSL3_GET_CERT_STATUS,ERR_R_MALLOC_FAILURE);
+			goto f_err;
+			}
+		}
+	return 1;
+f_err:
+	ssl3_send_alert(s,SSL3_AL_FATAL,al);
+	return(-1);
+	}
+#endif
+
+int ssl3_get_server_done(SSL *s)
 	{
 	int ok,ret=0;
 	long n;
 
-	n=ssl3_get_message(s,
+	n=s->method->ssl_get_message(s,
 		SSL3_ST_CR_SRVR_DONE_A,
 		SSL3_ST_CR_SRVR_DONE_B,
 		SSL3_MT_SERVER_DONE,
@@ -1578,23 +1983,11 @@ static int ssl3_get_server_done(SSL *s)
 	}
 
 
-static const int KDF1_SHA1_len = 20;
-static void *KDF1_SHA1(void *in, size_t inlen, void *out, size_t outlen)
-	{
-#ifndef OPENSSL_NO_SHA
-	if (outlen != SHA_DIGEST_LENGTH)
-		return NULL;
-	return SHA1(in, inlen, out);
-#else
-	return NULL;
-#endif
-	}
-
-static int ssl3_send_client_key_exchange(SSL *s)
+int ssl3_send_client_key_exchange(SSL *s)
 	{
 	unsigned char *p,*d;
 	int n;
-	unsigned long l;
+	unsigned long alg_k;
 #ifndef OPENSSL_NO_RSA
 	unsigned char *q;
 	EVP_PKEY *pkey=NULL;
@@ -1604,7 +1997,7 @@ static int ssl3_send_client_key_exchange(SSL *s)
 #endif /* OPENSSL_NO_KRB5 */
 #ifndef OPENSSL_NO_ECDH
 	EC_KEY *clnt_ecdh = NULL;
-	EC_POINT *srvr_ecpoint = NULL;
+	const EC_POINT *srvr_ecpoint = NULL;
 	EVP_PKEY *srvr_pub_pkey = NULL;
 	unsigned char *encodedPoint = NULL;
 	int encoded_pt_len = 0;
@@ -1616,12 +2009,12 @@ static int ssl3_send_client_key_exchange(SSL *s)
 		d=(unsigned char *)s->init_buf->data;
 		p= &(d[4]);
 
-		l=s->s3->tmp.new_cipher->algorithms;
+		alg_k=s->s3->tmp.new_cipher->algorithm_mkey;
 
 		/* Fool emacs indentation */
 		if (0) {}
 #ifndef OPENSSL_NO_RSA
-		else if (l & SSL_kRSA)
+		else if (alg_k & SSL_kRSA)
 			{
 			RSA *rsa;
 			unsigned char tmp_buf[SSL_MAX_MASTER_KEY_LENGTH];
@@ -1680,7 +2073,7 @@ static int ssl3_send_client_key_exchange(SSL *s)
 			}
 #endif
 #ifndef OPENSSL_NO_KRB5
-		else if (l & SSL_kKRB5)
+		else if (alg_k & SSL_kKRB5)
 			{
 			krb5_error_code	krb5rc;
 			KSSL_CTX	*kssl_ctx = s->kssl_ctx;
@@ -1688,7 +2081,7 @@ static int ssl3_send_client_key_exchange(SSL *s)
 			krb5_data	*enc_ticket;
 			krb5_data	authenticator, *authp = NULL;
 			EVP_CIPHER_CTX	ciph_ctx;
-			EVP_CIPHER	*enc = NULL;
+			const EVP_CIPHER *enc = NULL;
 			unsigned char	iv[EVP_MAX_IV_LENGTH];
 			unsigned char	tmp_buf[SSL_MAX_MASTER_KEY_LENGTH];
 			unsigned char	epms[SSL_MAX_MASTER_KEY_LENGTH 
@@ -1699,7 +2092,7 @@ static int ssl3_send_client_key_exchange(SSL *s)
 
 #ifdef KSSL_DEBUG
 			printf("ssl3_send_client_key_exchange(%lx & %lx)\n",
-			        l, SSL_kKRB5);
+				alg_k, SSL_kKRB5);
 #endif	/* KSSL_DEBUG */
 
 			authp = NULL;
@@ -1772,8 +2165,10 @@ static int ssl3_send_client_key_exchange(SSL *s)
 				n+=2;
 				}
  
-			if (RAND_bytes(tmp_buf,sizeof tmp_buf) <= 0)
-			    goto err;
+			    tmp_buf[0]=s->client_version>>8;
+			    tmp_buf[1]=s->client_version&0xff;
+			    if (RAND_bytes(&(tmp_buf[2]),sizeof tmp_buf-2) <= 0)
+				goto err;
 
 			/*  20010420 VRS.  Tried it this way; failed.
 			**	EVP_EncryptInit_ex(&ciph_ctx,enc, NULL,NULL);
@@ -1789,7 +2184,7 @@ static int ssl3_send_client_key_exchange(SSL *s)
 				sizeof tmp_buf);
 			EVP_EncryptFinal_ex(&ciph_ctx,&(epms[outl]),&padl);
 			outl += padl;
-			if (outl > sizeof epms)
+			if (outl > (int)sizeof epms)
 				{
 				SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
 				goto err;
@@ -1803,7 +2198,7 @@ static int ssl3_send_client_key_exchange(SSL *s)
 			n+=outl + 2;
 
 			s->session->master_key_length=
-			        s->method->ssl3_enc->generate_master_secret(s,
+				s->method->ssl3_enc->generate_master_secret(s,
 					s->session->master_key,
 					tmp_buf, sizeof tmp_buf);
 
@@ -1812,10 +2207,17 @@ static int ssl3_send_client_key_exchange(SSL *s)
 			}
 #endif
 #ifndef OPENSSL_NO_DH
-		else if (l & (SSL_kEDH|SSL_kDHr|SSL_kDHd))
+		else if (alg_k & (SSL_kEDH|SSL_kDHr|SSL_kDHd))
 			{
 			DH *dh_srvr,*dh_clnt;
 
+			if (s->session->sess_cert == NULL) 
+				{
+				ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_UNEXPECTED_MESSAGE);
+				SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,SSL_R_UNEXPECTED_MESSAGE);
+				goto err;
+				}
+
 			if (s->session->sess_cert->peer_dh_tmp != NULL)
 				dh_srvr=s->session->sess_cert->peer_dh_tmp;
 			else
@@ -1869,9 +2271,10 @@ static int ssl3_send_client_key_exchange(SSL *s)
 #endif
 
 #ifndef OPENSSL_NO_ECDH 
-		else if ((l & SSL_kECDH) || (l & SSL_kECDHE))
+		else if (alg_k & (SSL_kEECDH|SSL_kECDHr|SSL_kECDHe))
 			{
-			EC_GROUP *srvr_group = NULL;
+			const EC_GROUP *srvr_group = NULL;
+			EC_KEY *tkey;
 			int ecdh_clnt_cert = 0;
 			int field_size = 0;
 
@@ -1880,7 +2283,7 @@ static int ssl3_send_client_key_exchange(SSL *s)
 			 * computation as part of client certificate?
 			 * If so, set ecdh_clnt_cert to 1.
 			 */
-			if ((l & SSL_kECDH) && (s->cert != NULL)) 
+			if ((alg_k & (SSL_kECDHr|SSL_kECDHe)) && (s->cert != NULL)) 
 				{
 				/* XXX: For now, we do not support client
 				 * authentication using ECDH certificates.
@@ -1905,10 +2308,7 @@ static int ssl3_send_client_key_exchange(SSL *s)
 
 			if (s->session->sess_cert->peer_ecdh_tmp != NULL)
 				{
-				srvr_group = s->session->sess_cert-> \
-				    peer_ecdh_tmp->group;
-				srvr_ecpoint = s->session->sess_cert-> \
-				    peer_ecdh_tmp->pub_key;
+				tkey = s->session->sess_cert->peer_ecdh_tmp;
 				}
 			else
 				{
@@ -1917,18 +2317,19 @@ static int ssl3_send_client_key_exchange(SSL *s)
 				    sess_cert->peer_pkeys[SSL_PKEY_ECC].x509);
 				if ((srvr_pub_pkey == NULL) ||
 				    (srvr_pub_pkey->type != EVP_PKEY_EC) ||
-				    (srvr_pub_pkey->pkey.eckey == NULL))
+				    (srvr_pub_pkey->pkey.ec == NULL))
 					{
 					SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
 					    ERR_R_INTERNAL_ERROR);
 					goto err;
 					}
 
-				srvr_group = srvr_pub_pkey->pkey.eckey->group;
-				srvr_ecpoint = 
-				    srvr_pub_pkey->pkey.eckey->pub_key;
+				tkey = srvr_pub_pkey->pkey.ec;
 				}
 
+			srvr_group   = EC_KEY_get0_group(tkey);
+			srvr_ecpoint = EC_KEY_get0_public_key(tkey);
+
 			if ((srvr_group == NULL) || (srvr_ecpoint == NULL))
 				{
 				SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
@@ -1942,15 +2343,30 @@ static int ssl3_send_client_key_exchange(SSL *s)
 				goto err;
 				}
 
-			clnt_ecdh->group = srvr_group;
+			if (!EC_KEY_set_group(clnt_ecdh, srvr_group))
+				{
+				SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_EC_LIB);
+				goto err;
+				}
 			if (ecdh_clnt_cert) 
 				{ 
 				/* Reuse key info from our certificate
 				 * We only need our private key to perform
 				 * the ECDH computation.
 				 */
-				clnt_ecdh->priv_key = BN_dup(s->cert->key-> \
-				    privatekey->pkey.eckey->priv_key);
+				const BIGNUM *priv_key;
+				tkey = s->cert->key->privatekey->pkey.ec;
+				priv_key = EC_KEY_get0_private_key(tkey);
+				if (priv_key == NULL)
+					{
+					SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_MALLOC_FAILURE);
+					goto err;
+					}
+				if (!EC_KEY_set_private_key(clnt_ecdh, priv_key))
+					{
+					SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_EC_LIB);
+					goto err;
+					}
 				}
 			else 
 				{
@@ -1966,21 +2382,14 @@ static int ssl3_send_client_key_exchange(SSL *s)
 			 * make sure to clear it out afterwards
 			 */
 
-			field_size = EC_GROUP_get_degree(clnt_ecdh->group);
+			field_size = EC_GROUP_get_degree(srvr_group);
 			if (field_size <= 0)
 				{
 				SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, 
 				       ERR_R_ECDH_LIB);
 				goto err;
 				}
-			/* If field size is not more than 24 octets, then use SHA-1 hash of result;
-			 * otherwise, use result (see section 4.8 of draft-ietf-tls-ecc-03.txt;
-			 * this is new with this version of the Internet Draft).
-			 */
-			if (field_size <= 24 * 8)
-				n=ECDH_compute_key(p, KDF1_SHA1_len, srvr_ecpoint, clnt_ecdh, KDF1_SHA1);
-			else
-				n=ECDH_compute_key(p, (field_size+7)/8, srvr_ecpoint, clnt_ecdh, NULL);
+			n=ECDH_compute_key(p, (field_size+7)/8, srvr_ecpoint, clnt_ecdh, NULL);
 			if (n <= 0)
 				{
 				SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, 
@@ -2007,8 +2416,8 @@ static int ssl3_send_client_key_exchange(SSL *s)
 				 * allocate memory accordingly.
 				 */
 				encoded_pt_len = 
-				    EC_POINT_point2oct(clnt_ecdh->group, 
-					clnt_ecdh->pub_key, 
+				    EC_POINT_point2oct(srvr_group, 
+					EC_KEY_get0_public_key(clnt_ecdh), 
 					POINT_CONVERSION_UNCOMPRESSED, 
 					NULL, 0, NULL);
 
@@ -2024,8 +2433,8 @@ static int ssl3_send_client_key_exchange(SSL *s)
 					}
 
 				/* Encode the public key */
-				n = EC_POINT_point2oct(clnt_ecdh->group, 
-				    clnt_ecdh->pub_key, 
+				n = EC_POINT_point2oct(srvr_group, 
+				    EC_KEY_get0_public_key(clnt_ecdh), 
 				    POINT_CONVERSION_UNCOMPRESSED, 
 				    encodedPoint, encoded_pt_len, bn_ctx);
 
@@ -2042,14 +2451,182 @@ static int ssl3_send_client_key_exchange(SSL *s)
 			BN_CTX_free(bn_ctx);
 			if (encodedPoint != NULL) OPENSSL_free(encodedPoint);
 			if (clnt_ecdh != NULL) 
-				{
-				 /* group is shared */
-				 clnt_ecdh->group = NULL; 
 				 EC_KEY_free(clnt_ecdh);
-				}
 			EVP_PKEY_free(srvr_pub_pkey);
 			}
 #endif /* !OPENSSL_NO_ECDH */
+		else if (alg_k & SSL_kGOST) 
+			{
+			/* GOST key exchange message creation */
+			EVP_PKEY_CTX *pkey_ctx;
+			X509 *peer_cert; 
+			size_t msglen;
+			unsigned int md_len;
+			int keytype;
+			unsigned char premaster_secret[32],shared_ukm[32], tmp[256];
+			EVP_MD_CTX *ukm_hash;
+			EVP_PKEY *pub_key;
+
+			/* Get server sertificate PKEY and create ctx from it */
+			peer_cert=s->session->sess_cert->peer_pkeys[(keytype=SSL_PKEY_GOST01)].x509;
+			if (!peer_cert) 
+				peer_cert=s->session->sess_cert->peer_pkeys[(keytype=SSL_PKEY_GOST94)].x509;
+			if (!peer_cert)		{
+					SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER);
+					goto err;
+				}	
+				
+			pkey_ctx=EVP_PKEY_CTX_new(pub_key=X509_get_pubkey(peer_cert),NULL);
+			/* If we have send a certificate, and certificate key
+
+			 * parameters match those of server certificate, use
+			 * certificate key for key exchange
+			 */
+
+			 /* Otherwise, generate ephemeral key pair */
+					
+			EVP_PKEY_encrypt_init(pkey_ctx);
+			  /* Generate session key */	
+		    RAND_bytes(premaster_secret,32);
+			/* If we have client certificate, use its secret as peer key */
+			if (s->s3->tmp.cert_req && s->cert->key->privatekey) {
+				if (EVP_PKEY_derive_set_peer(pkey_ctx,s->cert->key->privatekey) <=0) {
+					/* If there was an error - just ignore it. Ephemeral key
+					* would be used
+					*/
+					ERR_clear_error();
+				}
+			}			
+			/* Compute shared IV and store it in algorithm-specific
+			 * context data */
+			ukm_hash = EVP_MD_CTX_create();
+			EVP_DigestInit(ukm_hash,EVP_get_digestbynid(NID_id_GostR3411_94));
+			EVP_DigestUpdate(ukm_hash,s->s3->client_random,SSL3_RANDOM_SIZE);
+			EVP_DigestUpdate(ukm_hash,s->s3->server_random,SSL3_RANDOM_SIZE);
+			EVP_DigestFinal_ex(ukm_hash, shared_ukm, &md_len);
+			EVP_MD_CTX_destroy(ukm_hash);
+			if (EVP_PKEY_CTX_ctrl(pkey_ctx,-1,EVP_PKEY_OP_ENCRYPT,EVP_PKEY_CTRL_SET_IV,
+				8,shared_ukm)<0) {
+					SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+						SSL_R_LIBRARY_BUG);
+					goto err;
+				}	
+			/* Make GOST keytransport blob message */
+			/*Encapsulate it into sequence */
+			*(p++)=V_ASN1_SEQUENCE | V_ASN1_CONSTRUCTED;
+			msglen=255;
+			if (EVP_PKEY_encrypt(pkey_ctx,tmp,&msglen,premaster_secret,32)<0) {
+			SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+					SSL_R_LIBRARY_BUG);
+				goto err;
+			}
+			if (msglen >= 0x80)
+				{
+				*(p++)=0x81;
+				*(p++)= msglen & 0xff;
+				n=msglen+3;
+				}
+			else
+				{
+				*(p++)= msglen & 0xff;
+				n=msglen+2;
+				}
+			memcpy(p, tmp, msglen);
+			/* Check if pubkey from client certificate was used */
+			if (EVP_PKEY_CTX_ctrl(pkey_ctx, -1, -1, EVP_PKEY_CTRL_PEER_KEY, 2, NULL) > 0)
+				{
+				/* Set flag "skip certificate verify" */
+				s->s3->flags |= TLS1_FLAGS_SKIP_CERT_VERIFY;
+				}
+			EVP_PKEY_CTX_free(pkey_ctx);
+			s->session->master_key_length=
+				s->method->ssl3_enc->generate_master_secret(s,
+					s->session->master_key,premaster_secret,32);
+			EVP_PKEY_free(pub_key);
+
+			}
+#ifndef OPENSSL_NO_PSK
+		else if (alg_k & SSL_kPSK)
+			{
+			char identity[PSK_MAX_IDENTITY_LEN];
+			unsigned char *t = NULL;
+			unsigned char psk_or_pre_ms[PSK_MAX_PSK_LEN*2+4];
+			unsigned int pre_ms_len = 0, psk_len = 0;
+			int psk_err = 1;
+
+			n = 0;
+			if (s->psk_client_callback == NULL)
+				{
+				SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+					SSL_R_PSK_NO_CLIENT_CB);
+				goto err;
+				}
+
+			psk_len = s->psk_client_callback(s, s->ctx->psk_identity_hint,
+				identity, PSK_MAX_IDENTITY_LEN,
+				psk_or_pre_ms, sizeof(psk_or_pre_ms));
+			if (psk_len > PSK_MAX_PSK_LEN)
+				{
+				SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+					ERR_R_INTERNAL_ERROR);
+				goto psk_err;
+				}
+			else if (psk_len == 0)
+				{
+				SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+					SSL_R_PSK_IDENTITY_NOT_FOUND);
+				goto psk_err;
+				}
+
+			/* create PSK pre_master_secret */
+			pre_ms_len = 2+psk_len+2+psk_len;
+			t = psk_or_pre_ms;
+			memmove(psk_or_pre_ms+psk_len+4, psk_or_pre_ms, psk_len);
+			s2n(psk_len, t);
+			memset(t, 0, psk_len);
+			t+=psk_len;
+			s2n(psk_len, t);
+
+			if (s->session->psk_identity_hint != NULL)
+				OPENSSL_free(s->session->psk_identity_hint);
+			s->session->psk_identity_hint = BUF_strdup(s->ctx->psk_identity_hint);
+			if (s->ctx->psk_identity_hint != NULL &&
+				s->session->psk_identity_hint == NULL)
+				{
+				SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+					ERR_R_MALLOC_FAILURE);
+				goto psk_err;
+				}
+
+			if (s->session->psk_identity != NULL)
+				OPENSSL_free(s->session->psk_identity);
+			s->session->psk_identity = BUF_strdup(identity);
+			if (s->session->psk_identity == NULL)
+				{
+				SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+					ERR_R_MALLOC_FAILURE);
+				goto psk_err;
+				}
+
+			s->session->master_key_length =
+				s->method->ssl3_enc->generate_master_secret(s,
+					s->session->master_key,
+					psk_or_pre_ms, pre_ms_len); 
+			n = strlen(identity);
+			s2n(n, p);
+			memcpy(p, identity, n);
+			n+=2;
+			psk_err = 0;
+		psk_err:
+			OPENSSL_cleanse(identity, PSK_MAX_IDENTITY_LEN);
+			OPENSSL_cleanse(psk_or_pre_ms, sizeof(psk_or_pre_ms));
+			if (psk_err != 0)
+				{
+				ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
+				goto err;
+				}
+			}
+#endif
 		else
 			{
 			ssl3_send_alert(s, SSL3_AL_FATAL,
@@ -2075,26 +2652,23 @@ err:
 	BN_CTX_free(bn_ctx);
 	if (encodedPoint != NULL) OPENSSL_free(encodedPoint);
 	if (clnt_ecdh != NULL) 
-		{
-		/* group is shared */
-		clnt_ecdh->group = NULL; 
 		EC_KEY_free(clnt_ecdh);
-		}
 	EVP_PKEY_free(srvr_pub_pkey);
 #endif
 	return(-1);
 	}
 
-static int ssl3_send_client_verify(SSL *s)
+int ssl3_send_client_verify(SSL *s)
 	{
 	unsigned char *p,*d;
 	unsigned char data[MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH];
 	EVP_PKEY *pkey;
+	EVP_PKEY_CTX *pctx=NULL;
 #ifndef OPENSSL_NO_RSA
 	unsigned u=0;
 #endif
 	unsigned long n;
-#ifndef OPENSSL_NO_DSA
+#if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_ECDSA)
 	int j;
 #endif
 
@@ -2103,15 +2677,25 @@ static int ssl3_send_client_verify(SSL *s)
 		d=(unsigned char *)s->init_buf->data;
 		p= &(d[4]);
 		pkey=s->cert->key->privatekey;
-
-		s->method->ssl3_enc->cert_verify_mac(s,&(s->s3->finish_dgst2),
-			&(data[MD5_DIGEST_LENGTH]));
-
+/* Create context from key and test if sha1 is allowed as digest */
+		pctx = EVP_PKEY_CTX_new(pkey,NULL);
+		EVP_PKEY_sign_init(pctx);
+		if (EVP_PKEY_CTX_set_signature_md(pctx, EVP_sha1())>0)
+			{
+			s->method->ssl3_enc->cert_verify_mac(s,
+						NID_sha1,
+						&(data[MD5_DIGEST_LENGTH]));
+			}
+		else
+			{
+			ERR_clear_error();
+			}
 #ifndef OPENSSL_NO_RSA
 		if (pkey->type == EVP_PKEY_RSA)
 			{
 			s->method->ssl3_enc->cert_verify_mac(s,
-				&(s->s3->finish_dgst1),&(data[0]));
+				NID_md5,
+			 	&(data[0]));
 			if (RSA_sign(NID_md5_sha1, data,
 					 MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH,
 					&(p[2]), &u, pkey->pkey.rsa) <= 0 )
@@ -2146,7 +2730,7 @@ static int ssl3_send_client_verify(SSL *s)
 			if (!ECDSA_sign(pkey->save_type,
 				&(data[MD5_DIGEST_LENGTH]),
 				SHA_DIGEST_LENGTH,&(p[2]),
-				(unsigned int *)&j,pkey->pkey.eckey))
+				(unsigned int *)&j,pkey->pkey.ec))
 				{
 				SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY,
 				    ERR_R_ECDSA_LIB);
@@ -2157,10 +2741,30 @@ static int ssl3_send_client_verify(SSL *s)
 			}
 		else
 #endif
-			{
+		if (pkey->type == NID_id_GostR3410_94 || pkey->type == NID_id_GostR3410_2001) 
+		{
+		unsigned char signbuf[64];
+		int i;
+		size_t sigsize=64;
+		s->method->ssl3_enc->cert_verify_mac(s,
+			NID_id_GostR3411_94,
+			data);
+		if (EVP_PKEY_sign(pctx, signbuf, &sigsize, data, 32) <= 0) {
+			SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY,
+			ERR_R_INTERNAL_ERROR);
+			goto err;
+		}
+		for (i=63,j=0; i>=0; j++, i--) {
+			p[2+j]=signbuf[i];
+		}	
+		s2n(j,p);
+		n=j+2;
+		}
+		else
+		{
 			SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY,ERR_R_INTERNAL_ERROR);
 			goto err;
-			}
+		}
 		*(d++)=SSL3_MT_CERTIFICATE_VERIFY;
 		l2n3(n,d);
 
@@ -2168,12 +2772,14 @@ static int ssl3_send_client_verify(SSL *s)
 		s->init_num=(int)n+4;
 		s->init_off=0;
 		}
+	EVP_PKEY_CTX_free(pctx);
 	return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
 err:
+	EVP_PKEY_CTX_free(pctx);
 	return(-1);
 	}
 
-static int ssl3_send_client_certificate(SSL *s)
+int ssl3_send_client_certificate(SSL *s)
 	{
 	X509 *x509=NULL;
 	EVP_PKEY *pkey=NULL;
@@ -2197,8 +2803,7 @@ static int ssl3_send_client_certificate(SSL *s)
 		 * ssl->rwstate=SSL_X509_LOOKUP; return(-1);
 		 * We then get retied later */
 		i=0;
-		if (s->ctx->client_cert_cb != NULL)
-			i=s->ctx->client_cert_cb(s,&(x509),&(pkey));
+		i = ssl_do_client_cert_cb(s, &x509, &pkey);
 		if (i < 0)
 			{
 			s->rwstate=SSL_X509_LOOKUP;
@@ -2252,10 +2857,10 @@ static int ssl3_send_client_certificate(SSL *s)
 
 #define has_bits(i,m)	(((i)&(m)) == (m))
 
-static int ssl3_check_cert_and_algorithm(SSL *s)
+int ssl3_check_cert_and_algorithm(SSL *s)
 	{
 	int i,idx;
-	long algs;
+	long alg_k,alg_a;
 	EVP_PKEY *pkey=NULL;
 	SESS_CERT *sc;
 #ifndef OPENSSL_NO_RSA
@@ -2266,17 +2871,17 @@ static int ssl3_check_cert_and_algorithm(SSL *s)
 #endif
 
 	sc=s->session->sess_cert;
-
 	if (sc == NULL)
 		{
 		SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,ERR_R_INTERNAL_ERROR);
 		goto err;
 		}
 
-	algs=s->s3->tmp.new_cipher->algorithms;
+	alg_k=s->s3->tmp.new_cipher->algorithm_mkey;
+	alg_a=s->s3->tmp.new_cipher->algorithm_auth;
 
 	/* we don't have a certificate */
-	if (algs & (SSL_aDH|SSL_aNULL|SSL_aKRB5))
+	if ((alg_a & (SSL_aDH|SSL_aNULL|SSL_aKRB5)) || (alg_k & SSL_kPSK))
 		return(1);
 
 #ifndef OPENSSL_NO_RSA
@@ -2292,11 +2897,11 @@ static int ssl3_check_cert_and_algorithm(SSL *s)
 #ifndef OPENSSL_NO_ECDH
 	if (idx == SSL_PKEY_ECC)
 		{
-		if (check_srvr_ecc_cert_and_alg(sc->peer_pkeys[idx].x509,
+		if (ssl_check_srvr_ecc_cert_and_alg(sc->peer_pkeys[idx].x509,
 		    s->s3->tmp.new_cipher) == 0) 
 			{ /* check failed */
 			SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_BAD_ECC_CERT);
-			goto f_err;			
+			goto f_err;
 			}
 		else 
 			{
@@ -2310,20 +2915,20 @@ static int ssl3_check_cert_and_algorithm(SSL *s)
 
 	
 	/* Check that we have a certificate if we require one */
-	if ((algs & SSL_aRSA) && !has_bits(i,EVP_PK_RSA|EVP_PKT_SIGN))
+	if ((alg_a & SSL_aRSA) && !has_bits(i,EVP_PK_RSA|EVP_PKT_SIGN))
 		{
 		SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_RSA_SIGNING_CERT);
 		goto f_err;
 		}
 #ifndef OPENSSL_NO_DSA
-	else if ((algs & SSL_aDSS) && !has_bits(i,EVP_PK_DSA|EVP_PKT_SIGN))
+	else if ((alg_a & SSL_aDSS) && !has_bits(i,EVP_PK_DSA|EVP_PKT_SIGN))
 		{
 		SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DSA_SIGNING_CERT);
 		goto f_err;
 		}
 #endif
 #ifndef OPENSSL_NO_RSA
-	if ((algs & SSL_kRSA) &&
+	if ((alg_k & SSL_kRSA) &&
 		!(has_bits(i,EVP_PK_RSA|EVP_PKT_ENC) || (rsa != NULL)))
 		{
 		SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_RSA_ENCRYPTING_CERT);
@@ -2331,19 +2936,19 @@ static int ssl3_check_cert_and_algorithm(SSL *s)
 		}
 #endif
 #ifndef OPENSSL_NO_DH
-	if ((algs & SSL_kEDH) &&
+	if ((alg_k & SSL_kEDH) &&
 		!(has_bits(i,EVP_PK_DH|EVP_PKT_EXCH) || (dh != NULL)))
 		{
 		SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DH_KEY);
 		goto f_err;
 		}
-	else if ((algs & SSL_kDHr) && !has_bits(i,EVP_PK_DH|EVP_PKS_RSA))
+	else if ((alg_k & SSL_kDHr) && !has_bits(i,EVP_PK_DH|EVP_PKS_RSA))
 		{
 		SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DH_RSA_CERT);
 		goto f_err;
 		}
 #ifndef OPENSSL_NO_DSA
-	else if ((algs & SSL_kDHd) && !has_bits(i,EVP_PK_DH|EVP_PKS_DSA))
+	else if ((alg_k & SSL_kDHd) && !has_bits(i,EVP_PK_DH|EVP_PKS_DSA))
 		{
 		SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DH_DSA_CERT);
 		goto f_err;
@@ -2354,7 +2959,7 @@ static int ssl3_check_cert_and_algorithm(SSL *s)
 	if (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) && !has_bits(i,EVP_PKT_EXP))
 		{
 #ifndef OPENSSL_NO_RSA
-		if (algs & SSL_kRSA)
+		if (alg_k & SSL_kRSA)
 			{
 			if (rsa == NULL
 			    || RSA_size(rsa)*8 > SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher))
@@ -2366,7 +2971,7 @@ static int ssl3_check_cert_and_algorithm(SSL *s)
 		else
 #endif
 #ifndef OPENSSL_NO_DH
-			if (algs & (SSL_kEDH|SSL_kDHr|SSL_kDHd))
+			if (alg_k & (SSL_kEDH|SSL_kDHr|SSL_kDHd))
 			    {
 			    if (dh == NULL
 				|| DH_size(dh)*8 > SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher))
@@ -2389,45 +2994,51 @@ err:
 	return(0);
 	}
 
+/* Check to see if handshake is full or resumed. Usually this is just a
+ * case of checking to see if a cache hit has occurred. In the case of
+ * session tickets we have to check the next message to be sure.
+ */
 
-#ifndef OPENSSL_NO_ECDH
-/* This is the complement of nid2curve_id in s3_srvr.c. */
-static int curve_id2nid(int curve_id)
-{
-	/* ECC curves from draft-ietf-tls-ecc-01.txt (Mar 15, 2001)
-	 * (no changes in draft-ietf-tls-ecc-03.txt [June 2003]) */
-	static int nid_list[26] =
+#ifndef OPENSSL_NO_TLSEXT
+int ssl3_check_finished(SSL *s)
 	{
-		0,
-		NID_sect163k1, /* sect163k1 (1) */
-		NID_sect163r1, /* sect163r1 (2) */
-		NID_sect163r2, /* sect163r2 (3) */
-		NID_sect193r1, /* sect193r1 (4) */ 
-		NID_sect193r2, /* sect193r2 (5) */ 
-		NID_sect233k1, /* sect233k1 (6) */
-		NID_sect233r1, /* sect233r1 (7) */ 
-		NID_sect239k1, /* sect239k1 (8) */ 
-		NID_sect283k1, /* sect283k1 (9) */
-		NID_sect283r1, /* sect283r1 (10) */ 
-		NID_sect409k1, /* sect409k1 (11) */ 
-		NID_sect409r1, /* sect409r1 (12) */
-		NID_sect571k1, /* sect571k1 (13) */ 
-		NID_sect571r1, /* sect571r1 (14) */ 
-		NID_secp160k1, /* secp160k1 (15) */
-		NID_secp160r1, /* secp160r1 (16) */ 
-		NID_secp160r2, /* secp160r2 (17) */ 
-		NID_secp192k1, /* secp192k1 (18) */
-		NID_X9_62_prime192v1, /* secp192r1 (19) */ 
-		NID_secp224k1, /* secp224k1 (20) */ 
-		NID_secp224r1, /* secp224r1 (21) */
-		NID_secp256k1, /* secp256k1 (22) */ 
-		NID_X9_62_prime256v1, /* secp256r1 (23) */ 
-		NID_secp384r1, /* secp384r1 (24) */
-		NID_secp521r1  /* secp521r1 (25) */	
-	};
-	
-	if ((curve_id < 1) || (curve_id > 25)) return 0;
+	int ok;
+	long n;
+	/* If we have no ticket it cannot be a resumed session. */
+	if (!s->session->tlsext_tick)
+		return 1;
+	/* this function is called when we really expect a Certificate
+	 * message, so permit appropriate message length */
+	n=s->method->ssl_get_message(s,
+		SSL3_ST_CR_CERT_A,
+		SSL3_ST_CR_CERT_B,
+		-1,
+		s->max_cert_list,
+		&ok);
+	if (!ok) return((int)n);
+	s->s3->tmp.reuse_message = 1;
+	if ((s->s3->tmp.message_type == SSL3_MT_FINISHED)
+		|| (s->s3->tmp.message_type == SSL3_MT_NEWSESSION_TICKET))
+		return 2;
 
-	return nid_list[curve_id];
-}
+	return 1;
+	}
+#endif
+
+int ssl_do_client_cert_cb(SSL *s, X509 **px509, EVP_PKEY **ppkey)
+	{
+	int i = 0;
+#ifndef OPENSSL_NO_ENGINE
+	if (s->ctx->client_cert_engine)
+		{
+		i = ENGINE_load_ssl_client_cert(s->ctx->client_cert_engine, s,
+						SSL_get_client_CA_list(s),
+						px509, ppkey, NULL, NULL, NULL);
+		if (i != 0)
+			return i;
+		}
 #endif
+	if (s->ctx->client_cert_cb)
+		i = s->ctx->client_cert_cb(s,px509,ppkey);
+	return i;
+	}
diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c
index 5d133eef14..3d7aec97a2 100644
--- a/ssl/s3_enc.c
+++ b/ssl/s3_enc.c
@@ -56,7 +56,7 @@
  * [including the GNU Public Licence.]
  */
 /* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1998-2007 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -108,6 +108,32 @@
  * Hudson (tjh@cryptsoft.com).
  *
  */
+/* ====================================================================
+ * Copyright 2005 Nokia. All rights reserved.
+ *
+ * The portions of the attached software ("Contribution") is developed by
+ * Nokia Corporation and is licensed pursuant to the OpenSSL open source
+ * license.
+ *
+ * The Contribution, originally written by Mika Kousa and Pasi Eronen of
+ * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+ * support (see RFC 4279) to OpenSSL.
+ *
+ * No patent licenses or other rights except those expressly stated in
+ * the OpenSSL open source license shall be deemed granted or received
+ * expressly, by implication, estoppel, or otherwise.
+ *
+ * No assurances are provided by Nokia that the Contribution does not
+ * infringe the patent or other intellectual property rights of any third
+ * party or that the license provides you with all the necessary rights
+ * to make use of the Contribution.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+ * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+ * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+ * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+ * OTHERWISE.
+ */
 
 #include <stdio.h>
 #include "ssl_locl.h"
@@ -129,10 +155,8 @@ static unsigned char ssl3_pad_2[48]={
 	0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,
 	0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,
 	0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,0x5c };
-
-static int ssl3_handshake_mac(SSL *s, EVP_MD_CTX *in_ctx,
+static int ssl3_handshake_mac(SSL *s, int md_nid,
 	const char *sender, int len, unsigned char *p);
-
 static int ssl3_generate_key_block(SSL *s, unsigned char *km, int num)
 	{
 	EVP_MD_CTX m5;
@@ -196,7 +220,9 @@ int ssl3_change_cipher_state(SSL *s, int which)
 	unsigned char *ms,*key,*iv,*er1,*er2;
 	EVP_CIPHER_CTX *dd;
 	const EVP_CIPHER *c;
+#ifndef OPENSSL_NO_COMP
 	COMP_METHOD *comp;
+#endif
 	const EVP_MD *m;
 	EVP_MD_CTX md;
 	int is_exp,n,i,j,k,cl;
@@ -205,10 +231,14 @@ int ssl3_change_cipher_state(SSL *s, int which)
 	is_exp=SSL_C_IS_EXPORT(s->s3->tmp.new_cipher);
 	c=s->s3->tmp.new_sym_enc;
 	m=s->s3->tmp.new_hash;
+	/* m == NULL will lead to a crash later */
+	OPENSSL_assert(m);
+#ifndef OPENSSL_NO_COMP
 	if (s->s3->tmp.new_compression == NULL)
 		comp=NULL;
 	else
 		comp=s->s3->tmp.new_compression->method;
+#endif
 	key_block=s->s3->tmp.key_block;
 
 	if (which & SSL3_CC_READ)
@@ -217,8 +247,13 @@ int ssl3_change_cipher_state(SSL *s, int which)
 			reuse_dd = 1;
 		else if ((s->enc_read_ctx=OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL)
 			goto err;
+		else
+			/* make sure it's intialized in case we exit later with an error */
+			EVP_CIPHER_CTX_init(s->enc_read_ctx);
 		dd= s->enc_read_ctx;
-		s->read_hash=m;
+
+		ssl_replace_hash(&s->read_hash,m);
+#ifndef OPENSSL_NO_COMP
 		/* COMPRESS */
 		if (s->expand != NULL)
 			{
@@ -239,6 +274,7 @@ int ssl3_change_cipher_state(SSL *s, int which)
 			if (s->s3->rrec.comp == NULL)
 				goto err;
 			}
+#endif
 		memset(&(s->s3->read_sequence[0]),0,8);
 		mac_secret= &(s->s3->read_mac_secret[0]);
 		}
@@ -248,8 +284,12 @@ int ssl3_change_cipher_state(SSL *s, int which)
 			reuse_dd = 1;
 		else if ((s->enc_write_ctx=OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL)
 			goto err;
+		else
+			/* make sure it's intialized in case we exit later with an error */
+			EVP_CIPHER_CTX_init(s->enc_write_ctx);
 		dd= s->enc_write_ctx;
-		s->write_hash=m;
+		ssl_replace_hash(&s->write_hash,m);
+#ifndef OPENSSL_NO_COMP
 		/* COMPRESS */
 		if (s->compress != NULL)
 			{
@@ -265,16 +305,18 @@ int ssl3_change_cipher_state(SSL *s, int which)
 				goto err2;
 				}
 			}
+#endif
 		memset(&(s->s3->write_sequence[0]),0,8);
 		mac_secret= &(s->s3->write_mac_secret[0]);
 		}
 
 	if (reuse_dd)
 		EVP_CIPHER_CTX_cleanup(dd);
-	EVP_CIPHER_CTX_init(dd);
 
 	p=s->s3->tmp.key_block;
 	i=EVP_MD_size(m);
+	if (i < 0)
+		goto err2;
 	cl=EVP_CIPHER_key_length(c);
 	j=is_exp ? (cl < SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher) ?
 		 cl : SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher)) : cl;
@@ -355,7 +397,7 @@ int ssl3_setup_key_block(SSL *s)
 	if (s->s3->tmp.key_block_length != 0)
 		return(1);
 
-	if (!ssl_cipher_get_evp(s->session,&c,&hash,&comp))
+	if (!ssl_cipher_get_evp(s->session,&c,&hash,NULL,NULL,&comp))
 		{
 		SSLerr(SSL_F_SSL3_SETUP_KEY_BLOCK,SSL_R_CIPHER_OR_HASH_UNAVAILABLE);
 		return(0);
@@ -363,9 +405,17 @@ int ssl3_setup_key_block(SSL *s)
 
 	s->s3->tmp.new_sym_enc=c;
 	s->s3->tmp.new_hash=hash;
+#ifdef OPENSSL_NO_COMP
+	s->s3->tmp.new_compression=NULL;
+#else
 	s->s3->tmp.new_compression=comp;
+#endif
 
-	num=EVP_CIPHER_key_length(c)+EVP_MD_size(hash)+EVP_CIPHER_iv_length(c);
+	num=EVP_MD_size(hash);
+	if (num < 0)
+		return 0;
+
+	num=EVP_CIPHER_key_length(c)+num+EVP_CIPHER_iv_length(c);
 	num*=2;
 
 	ssl3_cleanup_key_block(s);
@@ -387,11 +437,11 @@ int ssl3_setup_key_block(SSL *s)
 
 		if (s->session->cipher != NULL)
 			{
-			if ((s->session->cipher->algorithms & SSL_ENC_MASK) == SSL_eNULL)
+			if (s->session->cipher->algorithm_enc == SSL_eNULL)
 				s->s3->need_empty_fragments = 0;
 			
 #ifndef OPENSSL_NO_RC4
-			if ((s->session->cipher->algorithms & SSL_ENC_MASK) == SSL_RC4)
+			if (s->session->cipher->algorithm_enc == SSL_RC4)
 				s->s3->need_empty_fragments = 0;
 #endif
 			}
@@ -501,47 +551,131 @@ int ssl3_enc(SSL *s, int send)
 
 void ssl3_init_finished_mac(SSL *s)
 	{
-	EVP_DigestInit_ex(&(s->s3->finish_dgst1),s->ctx->md5, NULL);
-	EVP_DigestInit_ex(&(s->s3->finish_dgst2),s->ctx->sha1, NULL);
+	if (s->s3->handshake_buffer) BIO_free(s->s3->handshake_buffer);
+	if (s->s3->handshake_dgst) ssl3_free_digest_list(s);
+    s->s3->handshake_buffer=BIO_new(BIO_s_mem());	
+	(void)BIO_set_close(s->s3->handshake_buffer,BIO_CLOSE);
 	}
 
+void ssl3_free_digest_list(SSL *s) 
+	{
+	int i;
+	if (!s->s3->handshake_dgst) return;
+	for (i=0;i<SSL_MAX_DIGEST;i++) 
+		{
+		if (s->s3->handshake_dgst[i])
+			EVP_MD_CTX_destroy(s->s3->handshake_dgst[i]);
+		}
+	OPENSSL_free(s->s3->handshake_dgst);
+	s->s3->handshake_dgst=NULL;
+	}	
+		
+
+
 void ssl3_finish_mac(SSL *s, const unsigned char *buf, int len)
 	{
-	EVP_DigestUpdate(&(s->s3->finish_dgst1),buf,len);
-	EVP_DigestUpdate(&(s->s3->finish_dgst2),buf,len);
+	if (s->s3->handshake_buffer) 
+		{
+		BIO_write (s->s3->handshake_buffer,(void *)buf,len);
+		} 
+	else 
+		{
+		int i;
+		for (i=0;i< SSL_MAX_DIGEST;i++) 
+			{
+			if (s->s3->handshake_dgst[i]!= NULL)
+			EVP_DigestUpdate(s->s3->handshake_dgst[i],buf,len);
+			}
+		}	
 	}
 
-int ssl3_cert_verify_mac(SSL *s, EVP_MD_CTX *ctx, unsigned char *p)
+int ssl3_digest_cached_records(SSL *s)
 	{
-	return(ssl3_handshake_mac(s,ctx,NULL,0,p));
+	int i;
+	long mask;
+	const EVP_MD *md;
+	long hdatalen;
+	void *hdata;
+
+	/* Allocate handshake_dgst array */
+	ssl3_free_digest_list(s);
+	s->s3->handshake_dgst = OPENSSL_malloc(SSL_MAX_DIGEST * sizeof(EVP_MD_CTX *));
+	memset(s->s3->handshake_dgst,0,SSL_MAX_DIGEST *sizeof(EVP_MD_CTX *));
+	hdatalen = BIO_get_mem_data(s->s3->handshake_buffer,&hdata);
+	if (hdatalen <= 0)
+		{
+		SSLerr(SSL_F_SSL3_DIGEST_CACHED_RECORDS, SSL_R_BAD_HANDSHAKE_LENGTH);
+		return 0;
+		}
+
+	/* Loop through bitso of algorithm2 field and create MD_CTX-es */
+	for (i=0;ssl_get_handshake_digest(i,&mask,&md); i++) 
+		{
+		if ((mask & s->s3->tmp.new_cipher->algorithm2) && md) 
+			{
+			s->s3->handshake_dgst[i]=EVP_MD_CTX_create();
+			EVP_DigestInit_ex(s->s3->handshake_dgst[i],md,NULL);
+			EVP_DigestUpdate(s->s3->handshake_dgst[i],hdata,hdatalen);
+			} 
+		else 
+			{	
+			s->s3->handshake_dgst[i]=NULL;
+			}
+		}
+	/* Free handshake_buffer BIO */
+	BIO_free(s->s3->handshake_buffer);
+	s->s3->handshake_buffer = NULL;
+
+	return 1;
 	}
 
-int ssl3_final_finish_mac(SSL *s, EVP_MD_CTX *ctx1, EVP_MD_CTX *ctx2,
+int ssl3_cert_verify_mac(SSL *s, int md_nid, unsigned char *p)
+	{
+	return(ssl3_handshake_mac(s,md_nid,NULL,0,p));
+	}
+int ssl3_final_finish_mac(SSL *s, 
 	     const char *sender, int len, unsigned char *p)
 	{
 	int ret;
-
-	ret=ssl3_handshake_mac(s,ctx1,sender,len,p);
+	ret=ssl3_handshake_mac(s,NID_md5,sender,len,p);
 	p+=ret;
-	ret+=ssl3_handshake_mac(s,ctx2,sender,len,p);
+	ret+=ssl3_handshake_mac(s,NID_sha1,sender,len,p);
 	return(ret);
 	}
-
-static int ssl3_handshake_mac(SSL *s, EVP_MD_CTX *in_ctx,
+static int ssl3_handshake_mac(SSL *s, int md_nid,
 	     const char *sender, int len, unsigned char *p)
 	{
 	unsigned int ret;
 	int npad,n;
 	unsigned int i;
 	unsigned char md_buf[EVP_MAX_MD_SIZE];
-	EVP_MD_CTX ctx;
+	EVP_MD_CTX ctx,*d=NULL;
 
-	EVP_MD_CTX_init(&ctx);
-	EVP_MD_CTX_copy_ex(&ctx,in_ctx);
+	if (s->s3->handshake_buffer) 
+		if (!ssl3_digest_cached_records(s))
+			return 0;
 
+	/* Search for digest of specified type in the handshake_dgst
+	 * array*/
+	for (i=0;i<SSL_MAX_DIGEST;i++) 
+		{
+		  if (s->s3->handshake_dgst[i]&&EVP_MD_CTX_type(s->s3->handshake_dgst[i])==md_nid) 
+		  	{
+		  	d=s->s3->handshake_dgst[i];
+			break;
+			}
+		}
+	if (!d) {
+		SSLerr(SSL_F_SSL3_HANDSHAKE_MAC,SSL_R_NO_REQUIRED_DIGEST);
+		return 0;
+	}	
+	EVP_MD_CTX_init(&ctx);
+	EVP_MD_CTX_copy_ex(&ctx,d);
 	n=EVP_MD_CTX_size(&ctx);
-	npad=(48/n)*n;
+	if (n < 0)
+		return 0;
 
+	npad=(48/n)*n;
 	if (sender != NULL)
 		EVP_DigestUpdate(&ctx,sender,len);
 	EVP_DigestUpdate(&ctx,s->session->master_key,
@@ -561,15 +695,16 @@ static int ssl3_handshake_mac(SSL *s, EVP_MD_CTX *in_ctx,
 	return((int)ret);
 	}
 
-int ssl3_mac(SSL *ssl, unsigned char *md, int send)
+int n_ssl3_mac(SSL *ssl, unsigned char *md, int send)
 	{
 	SSL3_RECORD *rec;
 	unsigned char *mac_sec,*seq;
 	EVP_MD_CTX md_ctx;
-	const EVP_MD *hash;
+	const EVP_MD_CTX *hash;
 	unsigned char *p,rec_char;
 	unsigned int md_size;
-	int npad,i;
+	int npad;
+	int t;
 
 	if (send)
 		{
@@ -586,13 +721,16 @@ int ssl3_mac(SSL *ssl, unsigned char *md, int send)
 		hash=ssl->read_hash;
 		}
 
-	md_size=EVP_MD_size(hash);
+	t=EVP_MD_CTX_size(hash);
+	if (t < 0)
+		return -1;
+	md_size=t;
 	npad=(48/md_size)*md_size;
 
 	/* Chop the digest off the end :-) */
 	EVP_MD_CTX_init(&md_ctx);
 
-	EVP_DigestInit_ex(  &md_ctx,hash, NULL);
+	EVP_MD_CTX_copy_ex( &md_ctx,hash);
 	EVP_DigestUpdate(&md_ctx,mac_sec,md_size);
 	EVP_DigestUpdate(&md_ctx,ssl3_pad_1,npad);
 	EVP_DigestUpdate(&md_ctx,seq,8);
@@ -604,7 +742,7 @@ int ssl3_mac(SSL *ssl, unsigned char *md, int send)
 	EVP_DigestUpdate(&md_ctx,rec->input,rec->length);
 	EVP_DigestFinal_ex( &md_ctx,md,NULL);
 
-	EVP_DigestInit_ex(  &md_ctx,hash, NULL);
+	EVP_MD_CTX_copy_ex( &md_ctx,hash);
 	EVP_DigestUpdate(&md_ctx,mac_sec,md_size);
 	EVP_DigestUpdate(&md_ctx,ssl3_pad_2,npad);
 	EVP_DigestUpdate(&md_ctx,md,md_size);
@@ -612,13 +750,19 @@ int ssl3_mac(SSL *ssl, unsigned char *md, int send)
 
 	EVP_MD_CTX_cleanup(&md_ctx);
 
+	ssl3_record_sequence_update(seq);
+	return(md_size);
+	}
+
+void ssl3_record_sequence_update(unsigned char *seq)
+	{
+	int i;
+
 	for (i=7; i>=0; i--)
 		{
 		++seq[i];
 		if (seq[i] != 0) break; 
 		}
-
-	return(md_size);
 	}
 
 int ssl3_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p,
@@ -691,6 +835,12 @@ int ssl3_alert_code(int code)
 	case SSL_AD_INTERNAL_ERROR:	return(SSL3_AD_HANDSHAKE_FAILURE);
 	case SSL_AD_USER_CANCELLED:	return(SSL3_AD_HANDSHAKE_FAILURE);
 	case SSL_AD_NO_RENEGOTIATION:	return(-1); /* Don't send it :-) */
+	case SSL_AD_UNSUPPORTED_EXTENSION: return(SSL3_AD_HANDSHAKE_FAILURE);
+	case SSL_AD_CERTIFICATE_UNOBTAINABLE: return(SSL3_AD_HANDSHAKE_FAILURE);
+	case SSL_AD_UNRECOGNIZED_NAME:	return(SSL3_AD_HANDSHAKE_FAILURE);
+	case SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE: return(SSL3_AD_HANDSHAKE_FAILURE);
+	case SSL_AD_BAD_CERTIFICATE_HASH_VALUE: return(SSL3_AD_HANDSHAKE_FAILURE);
+	case SSL_AD_UNKNOWN_PSK_IDENTITY:return(TLS1_AD_UNKNOWN_PSK_IDENTITY);
 	default:			return(-1);
 		}
 	}
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index adeb3418a9..d6b047c995 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -56,7 +56,7 @@
  * [including the GNU Public Licence.]
  */
 /* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1998-2007 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -121,302 +121,312 @@
  * Vipul Gupta and Sumit Gupta of Sun Microsystems Laboratories.
  *
  */
+/* ====================================================================
+ * Copyright 2005 Nokia. All rights reserved.
+ *
+ * The portions of the attached software ("Contribution") is developed by
+ * Nokia Corporation and is licensed pursuant to the OpenSSL open source
+ * license.
+ *
+ * The Contribution, originally written by Mika Kousa and Pasi Eronen of
+ * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+ * support (see RFC 4279) to OpenSSL.
+ *
+ * No patent licenses or other rights except those expressly stated in
+ * the OpenSSL open source license shall be deemed granted or received
+ * expressly, by implication, estoppel, or otherwise.
+ *
+ * No assurances are provided by Nokia that the Contribution does not
+ * infringe the patent or other intellectual property rights of any third
+ * party or that the license provides you with all the necessary rights
+ * to make use of the Contribution.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+ * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+ * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+ * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+ * OTHERWISE.
+ */
 
 #include <stdio.h>
 #include <openssl/objects.h>
 #include "ssl_locl.h"
 #include "kssl_lcl.h"
+#ifndef OPENSSL_NO_TLSEXT
+#ifndef OPENSSL_NO_EC
+#include "../crypto/ec/ec_lcl.h"
+#endif /* OPENSSL_NO_EC */
+#endif /* OPENSSL_NO_TLSEXT */
 #include <openssl/md5.h>
+#ifndef OPENSSL_NO_DH
 #include <openssl/dh.h>
+#endif
 
-const char *ssl3_version_str="SSLv3" OPENSSL_VERSION_PTEXT;
+const char ssl3_version_str[]="SSLv3" OPENSSL_VERSION_PTEXT;
 
 #define SSL3_NUM_CIPHERS	(sizeof(ssl3_ciphers)/sizeof(SSL_CIPHER))
 
-static long ssl3_default_timeout(void );
-
+/* list of available SSLv3 ciphers (sorted by id) */
 OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
+
 /* The RSA ciphers */
 /* Cipher 01 */
 	{
 	1,
 	SSL3_TXT_RSA_NULL_MD5,
 	SSL3_CK_RSA_NULL_MD5,
-	SSL_kRSA|SSL_aRSA|SSL_eNULL |SSL_MD5|SSL_SSLV3,
+	SSL_kRSA,
+	SSL_aRSA,
+	SSL_eNULL,
+	SSL_MD5,
+	SSL_SSLV3,
 	SSL_NOT_EXP|SSL_STRONG_NONE,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
 	0,
 	0,
-	0,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
 	},
+
 /* Cipher 02 */
 	{
 	1,
 	SSL3_TXT_RSA_NULL_SHA,
 	SSL3_CK_RSA_NULL_SHA,
-	SSL_kRSA|SSL_aRSA|SSL_eNULL |SSL_SHA1|SSL_SSLV3,
-	SSL_NOT_EXP|SSL_STRONG_NONE,
+	SSL_kRSA,
+	SSL_aRSA,
+	SSL_eNULL,
+	SSL_SHA1,
+	SSL_SSLV3,
+	SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
 	0,
 	0,
-	0,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
 	},
 
-/* anon DH */
-/* Cipher 17 */
-	{
-	1,
-	SSL3_TXT_ADH_RC4_40_MD5,
-	SSL3_CK_ADH_RC4_40_MD5,
-	SSL_kEDH |SSL_aNULL|SSL_RC4  |SSL_MD5 |SSL_SSLV3,
-	SSL_EXPORT|SSL_EXP40,
-	0,
-	40,
-	128,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
-	},
-/* Cipher 18 */
-	{
-	1,
-	SSL3_TXT_ADH_RC4_128_MD5,
-	SSL3_CK_ADH_RC4_128_MD5,
-	SSL_kEDH |SSL_aNULL|SSL_RC4  |SSL_MD5 |SSL_SSLV3,
-	SSL_NOT_EXP|SSL_MEDIUM,
-	0,
-	128,
-	128,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
-	},
-/* Cipher 19 */
-	{
-	1,
-	SSL3_TXT_ADH_DES_40_CBC_SHA,
-	SSL3_CK_ADH_DES_40_CBC_SHA,
-	SSL_kEDH |SSL_aNULL|SSL_DES|SSL_SHA1|SSL_SSLV3,
-	SSL_EXPORT|SSL_EXP40,
-	0,
-	40,
-	128,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
-	},
-/* Cipher 1A */
-	{
-	1,
-	SSL3_TXT_ADH_DES_64_CBC_SHA,
-	SSL3_CK_ADH_DES_64_CBC_SHA,
-	SSL_kEDH |SSL_aNULL|SSL_DES  |SSL_SHA1|SSL_SSLV3,
-	SSL_NOT_EXP|SSL_LOW,
-	0,
-	56,
-	56,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
-	},
-/* Cipher 1B */
-	{
-	1,
-	SSL3_TXT_ADH_DES_192_CBC_SHA,
-	SSL3_CK_ADH_DES_192_CBC_SHA,
-	SSL_kEDH |SSL_aNULL|SSL_3DES |SSL_SHA1|SSL_SSLV3,
-	SSL_NOT_EXP|SSL_HIGH,
-	0,
-	168,
-	168,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
-	},
-
-/* RSA again */
 /* Cipher 03 */
 	{
 	1,
 	SSL3_TXT_RSA_RC4_40_MD5,
 	SSL3_CK_RSA_RC4_40_MD5,
-	SSL_kRSA|SSL_aRSA|SSL_RC4  |SSL_MD5 |SSL_SSLV3,
+	SSL_kRSA,
+	SSL_aRSA,
+	SSL_RC4,
+	SSL_MD5,
+	SSL_SSLV3,
 	SSL_EXPORT|SSL_EXP40,
-	0,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
 	40,
 	128,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
 	},
+
 /* Cipher 04 */
 	{
 	1,
 	SSL3_TXT_RSA_RC4_128_MD5,
 	SSL3_CK_RSA_RC4_128_MD5,
-	SSL_kRSA|SSL_aRSA|SSL_RC4  |SSL_MD5|SSL_SSLV3,
+	SSL_kRSA,
+	SSL_aRSA,
+	SSL_RC4,
+	SSL_MD5,
+	SSL_SSLV3,
 	SSL_NOT_EXP|SSL_MEDIUM,
-	0,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
 	128,
 	128,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
 	},
+
 /* Cipher 05 */
 	{
 	1,
 	SSL3_TXT_RSA_RC4_128_SHA,
 	SSL3_CK_RSA_RC4_128_SHA,
-	SSL_kRSA|SSL_aRSA|SSL_RC4  |SSL_SHA1|SSL_SSLV3,
+	SSL_kRSA,
+	SSL_aRSA,
+	SSL_RC4,
+	SSL_SHA1,
+	SSL_SSLV3,
 	SSL_NOT_EXP|SSL_MEDIUM,
-	0,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
 	128,
 	128,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
 	},
+
 /* Cipher 06 */
 	{
 	1,
 	SSL3_TXT_RSA_RC2_40_MD5,
 	SSL3_CK_RSA_RC2_40_MD5,
-	SSL_kRSA|SSL_aRSA|SSL_RC2  |SSL_MD5 |SSL_SSLV3,
+	SSL_kRSA,
+	SSL_aRSA,
+	SSL_RC2,
+	SSL_MD5,
+	SSL_SSLV3,
 	SSL_EXPORT|SSL_EXP40,
-	0,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
 	40,
 	128,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
 	},
+
 /* Cipher 07 */
 #ifndef OPENSSL_NO_IDEA
 	{
 	1,
 	SSL3_TXT_RSA_IDEA_128_SHA,
 	SSL3_CK_RSA_IDEA_128_SHA,
-	SSL_kRSA|SSL_aRSA|SSL_IDEA |SSL_SHA1|SSL_SSLV3,
+	SSL_kRSA,
+	SSL_aRSA,
+	SSL_IDEA,
+	SSL_SHA1,
+	SSL_SSLV3,
 	SSL_NOT_EXP|SSL_MEDIUM,
-	0,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
 	128,
 	128,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
 	},
 #endif
+
 /* Cipher 08 */
 	{
 	1,
 	SSL3_TXT_RSA_DES_40_CBC_SHA,
 	SSL3_CK_RSA_DES_40_CBC_SHA,
-	SSL_kRSA|SSL_aRSA|SSL_DES|SSL_SHA1|SSL_SSLV3,
+	SSL_kRSA,
+	SSL_aRSA,
+	SSL_DES,
+	SSL_SHA1,
+	SSL_SSLV3,
 	SSL_EXPORT|SSL_EXP40,
-	0,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
 	40,
 	56,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
 	},
+
 /* Cipher 09 */
 	{
 	1,
 	SSL3_TXT_RSA_DES_64_CBC_SHA,
 	SSL3_CK_RSA_DES_64_CBC_SHA,
-	SSL_kRSA|SSL_aRSA|SSL_DES  |SSL_SHA1|SSL_SSLV3,
+	SSL_kRSA,
+	SSL_aRSA,
+	SSL_DES,
+	SSL_SHA1,
+	SSL_SSLV3,
 	SSL_NOT_EXP|SSL_LOW,
-	0,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
 	56,
 	56,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
 	},
+
 /* Cipher 0A */
 	{
 	1,
 	SSL3_TXT_RSA_DES_192_CBC3_SHA,
 	SSL3_CK_RSA_DES_192_CBC3_SHA,
-	SSL_kRSA|SSL_aRSA|SSL_3DES |SSL_SHA1|SSL_SSLV3,
-	SSL_NOT_EXP|SSL_HIGH,
-	0,
+	SSL_kRSA,
+	SSL_aRSA,
+	SSL_3DES,
+	SSL_SHA1,
+	SSL_SSLV3,
+	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
 	168,
 	168,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
 	},
 
-/*  The DH ciphers */
+/* The DH ciphers */
 /* Cipher 0B */
 	{
 	0,
 	SSL3_TXT_DH_DSS_DES_40_CBC_SHA,
 	SSL3_CK_DH_DSS_DES_40_CBC_SHA,
-	SSL_kDHd |SSL_aDH|SSL_DES|SSL_SHA1|SSL_SSLV3,
+	SSL_kDHd,
+	SSL_aDH,
+	SSL_DES,
+	SSL_SHA1,
+	SSL_SSLV3,
 	SSL_EXPORT|SSL_EXP40,
-	0,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
 	40,
 	56,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
 	},
+
 /* Cipher 0C */
 	{
-	0,
+	0, /* not implemented (non-ephemeral DH) */
 	SSL3_TXT_DH_DSS_DES_64_CBC_SHA,
 	SSL3_CK_DH_DSS_DES_64_CBC_SHA,
-	SSL_kDHd |SSL_aDH|SSL_DES  |SSL_SHA1|SSL_SSLV3,
+	SSL_kDHd,
+	SSL_aDH,
+	SSL_DES,
+	SSL_SHA1,
+	SSL_SSLV3,
 	SSL_NOT_EXP|SSL_LOW,
-	0,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
 	56,
 	56,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
 	},
+
 /* Cipher 0D */
 	{
-	0,
+	0, /* not implemented (non-ephemeral DH) */
 	SSL3_TXT_DH_DSS_DES_192_CBC3_SHA,
 	SSL3_CK_DH_DSS_DES_192_CBC3_SHA,
-	SSL_kDHd |SSL_aDH|SSL_3DES |SSL_SHA1|SSL_SSLV3,
-	SSL_NOT_EXP|SSL_HIGH,
-	0,
+	SSL_kDHd,
+	SSL_aDH,
+	SSL_3DES,
+	SSL_SHA1,
+	SSL_SSLV3,
+	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
 	168,
 	168,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
 	},
+
 /* Cipher 0E */
 	{
-	0,
+	0, /* not implemented (non-ephemeral DH) */
 	SSL3_TXT_DH_RSA_DES_40_CBC_SHA,
 	SSL3_CK_DH_RSA_DES_40_CBC_SHA,
-	SSL_kDHr |SSL_aDH|SSL_DES|SSL_SHA1|SSL_SSLV3,
+	SSL_kDHr,
+	SSL_aDH,
+	SSL_DES,
+	SSL_SHA1,
+	SSL_SSLV3,
 	SSL_EXPORT|SSL_EXP40,
-	0,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
 	40,
 	56,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
 	},
+
 /* Cipher 0F */
 	{
-	0,
+	0, /* not implemented (non-ephemeral DH) */
 	SSL3_TXT_DH_RSA_DES_64_CBC_SHA,
 	SSL3_CK_DH_RSA_DES_64_CBC_SHA,
-	SSL_kDHr |SSL_aDH|SSL_DES  |SSL_SHA1|SSL_SSLV3,
+	SSL_kDHr,
+	SSL_aDH,
+	SSL_DES,
+	SSL_SHA1,
+	SSL_SSLV3,
 	SSL_NOT_EXP|SSL_LOW,
-	0,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
 	56,
 	56,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
 	},
+
 /* Cipher 10 */
 	{
-	0,
+	0, /* not implemented (non-ephemeral DH) */
 	SSL3_TXT_DH_RSA_DES_192_CBC3_SHA,
 	SSL3_CK_DH_RSA_DES_192_CBC3_SHA,
-	SSL_kDHr |SSL_aDH|SSL_3DES |SSL_SHA1|SSL_SSLV3,
-	SSL_NOT_EXP|SSL_HIGH,
-	0,
+	SSL_kDHr,
+	SSL_aDH,
+	SSL_3DES,
+	SSL_SHA1,
+	SSL_SSLV3,
+	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
 	168,
 	168,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
 	},
 
 /* The Ephemeral DH ciphers */
@@ -425,93 +435,193 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
 	1,
 	SSL3_TXT_EDH_DSS_DES_40_CBC_SHA,
 	SSL3_CK_EDH_DSS_DES_40_CBC_SHA,
-	SSL_kEDH|SSL_aDSS|SSL_DES|SSL_SHA1|SSL_SSLV3,
+	SSL_kEDH,
+	SSL_aDSS,
+	SSL_DES,
+	SSL_SHA1,
+	SSL_SSLV3,
 	SSL_EXPORT|SSL_EXP40,
-	0,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
 	40,
 	56,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
 	},
+
 /* Cipher 12 */
 	{
 	1,
 	SSL3_TXT_EDH_DSS_DES_64_CBC_SHA,
 	SSL3_CK_EDH_DSS_DES_64_CBC_SHA,
-	SSL_kEDH|SSL_aDSS|SSL_DES  |SSL_SHA1|SSL_SSLV3,
+	SSL_kEDH,
+	SSL_aDSS,
+	SSL_DES,
+	SSL_SHA1,
+	SSL_SSLV3,
 	SSL_NOT_EXP|SSL_LOW,
-	0,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
 	56,
 	56,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
 	},
+
 /* Cipher 13 */
 	{
 	1,
 	SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA,
 	SSL3_CK_EDH_DSS_DES_192_CBC3_SHA,
-	SSL_kEDH|SSL_aDSS|SSL_3DES |SSL_SHA1|SSL_SSLV3,
-	SSL_NOT_EXP|SSL_HIGH,
-	0,
+	SSL_kEDH,
+	SSL_aDSS,
+	SSL_3DES,
+	SSL_SHA1,
+	SSL_SSLV3,
+	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
 	168,
 	168,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
 	},
+
 /* Cipher 14 */
 	{
 	1,
 	SSL3_TXT_EDH_RSA_DES_40_CBC_SHA,
 	SSL3_CK_EDH_RSA_DES_40_CBC_SHA,
-	SSL_kEDH|SSL_aRSA|SSL_DES|SSL_SHA1|SSL_SSLV3,
+	SSL_kEDH,
+	SSL_aRSA,
+	SSL_DES,
+	SSL_SHA1,
+	SSL_SSLV3,
 	SSL_EXPORT|SSL_EXP40,
-	0,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
 	40,
 	56,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
 	},
+
 /* Cipher 15 */
 	{
 	1,
 	SSL3_TXT_EDH_RSA_DES_64_CBC_SHA,
 	SSL3_CK_EDH_RSA_DES_64_CBC_SHA,
-	SSL_kEDH|SSL_aRSA|SSL_DES  |SSL_SHA1|SSL_SSLV3,
+	SSL_kEDH,
+	SSL_aRSA,
+	SSL_DES,
+	SSL_SHA1,
+	SSL_SSLV3,
 	SSL_NOT_EXP|SSL_LOW,
-	0,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
 	56,
 	56,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
 	},
+
 /* Cipher 16 */
 	{
 	1,
 	SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA,
 	SSL3_CK_EDH_RSA_DES_192_CBC3_SHA,
-	SSL_kEDH|SSL_aRSA|SSL_3DES |SSL_SHA1|SSL_SSLV3,
-	SSL_NOT_EXP|SSL_HIGH,
-	0,
+	SSL_kEDH,
+	SSL_aRSA,
+	SSL_3DES,
+	SSL_SHA1,
+	SSL_SSLV3,
+	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	168,
+	168,
+	},
+
+/* Cipher 17 */
+	{
+	1,
+	SSL3_TXT_ADH_RC4_40_MD5,
+	SSL3_CK_ADH_RC4_40_MD5,
+	SSL_kEDH,
+	SSL_aNULL,
+	SSL_RC4,
+	SSL_MD5,
+	SSL_SSLV3,
+	SSL_EXPORT|SSL_EXP40,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	40,
+	128,
+	},
+
+/* Cipher 18 */
+	{
+	1,
+	SSL3_TXT_ADH_RC4_128_MD5,
+	SSL3_CK_ADH_RC4_128_MD5,
+	SSL_kEDH,
+	SSL_aNULL,
+	SSL_RC4,
+	SSL_MD5,
+	SSL_SSLV3,
+	SSL_NOT_EXP|SSL_MEDIUM,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	128,
+	128,
+	},
+
+/* Cipher 19 */
+	{
+	1,
+	SSL3_TXT_ADH_DES_40_CBC_SHA,
+	SSL3_CK_ADH_DES_40_CBC_SHA,
+	SSL_kEDH,
+	SSL_aNULL,
+	SSL_DES,
+	SSL_SHA1,
+	SSL_SSLV3,
+	SSL_EXPORT|SSL_EXP40,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	40,
+	128,
+	},
+
+/* Cipher 1A */
+	{
+	1,
+	SSL3_TXT_ADH_DES_64_CBC_SHA,
+	SSL3_CK_ADH_DES_64_CBC_SHA,
+	SSL_kEDH,
+	SSL_aNULL,
+	SSL_DES,
+	SSL_SHA1,
+	SSL_SSLV3,
+	SSL_NOT_EXP|SSL_LOW,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	56,
+	56,
+	},
+
+/* Cipher 1B */
+	{
+	1,
+	SSL3_TXT_ADH_DES_192_CBC_SHA,
+	SSL3_CK_ADH_DES_192_CBC_SHA,
+	SSL_kEDH,
+	SSL_aNULL,
+	SSL_3DES,
+	SSL_SHA1,
+	SSL_SSLV3,
+	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
 	168,
 	168,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
 	},
 
-/* Fortezza */
+/* Fortezza ciphersuite from SSL 3.0 spec */
+#if 0
 /* Cipher 1C */
 	{
 	0,
 	SSL3_TXT_FZA_DMS_NULL_SHA,
 	SSL3_CK_FZA_DMS_NULL_SHA,
-	SSL_kFZA|SSL_aFZA |SSL_eNULL |SSL_SHA1|SSL_SSLV3,
+	SSL_kFZA,
+	SSL_aFZA,
+	SSL_eNULL,
+	SSL_SHA1,
+	SSL_SSLV3,
 	SSL_NOT_EXP|SSL_STRONG_NONE,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
 	0,
 	0,
-	0,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
 	},
 
 /* Cipher 1D */
@@ -519,844 +629,1455 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
 	0,
 	SSL3_TXT_FZA_DMS_FZA_SHA,
 	SSL3_CK_FZA_DMS_FZA_SHA,
-	SSL_kFZA|SSL_aFZA |SSL_eFZA |SSL_SHA1|SSL_SSLV3,
+	SSL_kFZA,
+	SSL_aFZA,
+	SSL_eFZA,
+	SSL_SHA1,
+	SSL_SSLV3,
 	SSL_NOT_EXP|SSL_STRONG_NONE,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
 	0,
 	0,
-	0,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
 	},
 
-#if 0
 /* Cipher 1E */
 	{
 	0,
 	SSL3_TXT_FZA_DMS_RC4_SHA,
 	SSL3_CK_FZA_DMS_RC4_SHA,
-	SSL_kFZA|SSL_aFZA |SSL_RC4  |SSL_SHA1|SSL_SSLV3,
+	SSL_kFZA,
+	SSL_aFZA,
+	SSL_RC4,
+	SSL_SHA1,
+	SSL_SSLV3,
 	SSL_NOT_EXP|SSL_MEDIUM,
-	0,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
 	128,
 	128,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
 	},
 #endif
 
 #ifndef OPENSSL_NO_KRB5
-/* The Kerberos ciphers
-** 20000107 VRS: And the first shall be last,
-** in hopes of avoiding the lynx ssl renegotiation problem.
-*/
-/* Cipher 1E VRS */
+/* The Kerberos ciphers*/
+/* Cipher 1E */
 	{
 	1,
 	SSL3_TXT_KRB5_DES_64_CBC_SHA,
 	SSL3_CK_KRB5_DES_64_CBC_SHA,
-	SSL_kKRB5|SSL_aKRB5|  SSL_DES|SSL_SHA1   |SSL_SSLV3,
+	SSL_kKRB5,
+	SSL_aKRB5,
+	SSL_DES,
+	SSL_SHA1,
+	SSL_SSLV3,
 	SSL_NOT_EXP|SSL_LOW,
-	0,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
 	56,
 	56,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
 	},
 
-/* Cipher 1F VRS */
+/* Cipher 1F */
 	{
 	1,
 	SSL3_TXT_KRB5_DES_192_CBC3_SHA,
 	SSL3_CK_KRB5_DES_192_CBC3_SHA,
-	SSL_kKRB5|SSL_aKRB5|  SSL_3DES|SSL_SHA1  |SSL_SSLV3,
-	SSL_NOT_EXP|SSL_HIGH,
-	0,
-	112,
+	SSL_kKRB5,
+	SSL_aKRB5,
+	SSL_3DES,
+	SSL_SHA1,
+	SSL_SSLV3,
+	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	168,
 	168,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
 	},
 
-/* Cipher 20 VRS */
+/* Cipher 20 */
 	{
 	1,
 	SSL3_TXT_KRB5_RC4_128_SHA,
 	SSL3_CK_KRB5_RC4_128_SHA,
-	SSL_kKRB5|SSL_aKRB5|  SSL_RC4|SSL_SHA1  |SSL_SSLV3,
+	SSL_kKRB5,
+	SSL_aKRB5,
+	SSL_RC4,
+	SSL_SHA1,
+	SSL_SSLV3,
 	SSL_NOT_EXP|SSL_MEDIUM,
-	0,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
 	128,
 	128,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
 	},
 
-/* Cipher 21 VRS */
+/* Cipher 21 */
 	{
 	1,
 	SSL3_TXT_KRB5_IDEA_128_CBC_SHA,
 	SSL3_CK_KRB5_IDEA_128_CBC_SHA,
-	SSL_kKRB5|SSL_aKRB5|  SSL_IDEA|SSL_SHA1  |SSL_SSLV3,
+	SSL_kKRB5,
+	SSL_aKRB5,
+	SSL_IDEA,
+	SSL_SHA1,
+	SSL_SSLV3,
 	SSL_NOT_EXP|SSL_MEDIUM,
-	0,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
 	128,
 	128,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
 	},
 
-/* Cipher 22 VRS */
+/* Cipher 22 */
 	{
 	1,
 	SSL3_TXT_KRB5_DES_64_CBC_MD5,
 	SSL3_CK_KRB5_DES_64_CBC_MD5,
-	SSL_kKRB5|SSL_aKRB5|  SSL_DES|SSL_MD5    |SSL_SSLV3,
+	SSL_kKRB5,
+	SSL_aKRB5,
+	SSL_DES,
+	SSL_MD5,
+	SSL_SSLV3,
 	SSL_NOT_EXP|SSL_LOW,
-	0,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
 	56,
 	56,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
 	},
 
-/* Cipher 23 VRS */
+/* Cipher 23 */
 	{
 	1,
 	SSL3_TXT_KRB5_DES_192_CBC3_MD5,
 	SSL3_CK_KRB5_DES_192_CBC3_MD5,
-	SSL_kKRB5|SSL_aKRB5|  SSL_3DES|SSL_MD5   |SSL_SSLV3,
+	SSL_kKRB5,
+	SSL_aKRB5,
+	SSL_3DES,
+	SSL_MD5,
+	SSL_SSLV3,
 	SSL_NOT_EXP|SSL_HIGH,
-	0,
-	112,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	168,
 	168,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
 	},
 
-/* Cipher 24 VRS */
+/* Cipher 24 */
 	{
 	1,
 	SSL3_TXT_KRB5_RC4_128_MD5,
 	SSL3_CK_KRB5_RC4_128_MD5,
-	SSL_kKRB5|SSL_aKRB5|  SSL_RC4|SSL_MD5  |SSL_SSLV3,
+	SSL_kKRB5,
+	SSL_aKRB5,
+	SSL_RC4,
+	SSL_MD5,
+	SSL_SSLV3,
 	SSL_NOT_EXP|SSL_MEDIUM,
-	0,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
 	128,
 	128,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
 	},
 
-/* Cipher 25 VRS */
+/* Cipher 25 */
 	{
 	1,
 	SSL3_TXT_KRB5_IDEA_128_CBC_MD5,
 	SSL3_CK_KRB5_IDEA_128_CBC_MD5,
-	SSL_kKRB5|SSL_aKRB5|  SSL_IDEA|SSL_MD5  |SSL_SSLV3,
+	SSL_kKRB5,
+	SSL_aKRB5,
+	SSL_IDEA,
+	SSL_MD5,
+	SSL_SSLV3,
 	SSL_NOT_EXP|SSL_MEDIUM,
-	0,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
 	128,
 	128,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
 	},
 
-/* Cipher 26 VRS */
+/* Cipher 26 */
 	{
 	1,
 	SSL3_TXT_KRB5_DES_40_CBC_SHA,
 	SSL3_CK_KRB5_DES_40_CBC_SHA,
-	SSL_kKRB5|SSL_aKRB5|  SSL_DES|SSL_SHA1   |SSL_SSLV3,
+	SSL_kKRB5,
+	SSL_aKRB5,
+	SSL_DES,
+	SSL_SHA1,
+	SSL_SSLV3,
 	SSL_EXPORT|SSL_EXP40,
-	0,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
 	40,
 	56,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
 	},
 
-/* Cipher 27 VRS */
+/* Cipher 27 */
 	{
 	1,
 	SSL3_TXT_KRB5_RC2_40_CBC_SHA,
 	SSL3_CK_KRB5_RC2_40_CBC_SHA,
-	SSL_kKRB5|SSL_aKRB5|  SSL_RC2|SSL_SHA1   |SSL_SSLV3,
+	SSL_kKRB5,
+	SSL_aKRB5,
+	SSL_RC2,
+	SSL_SHA1,
+	SSL_SSLV3,
 	SSL_EXPORT|SSL_EXP40,
-	0,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
 	40,
 	128,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
 	},
 
-/* Cipher 28 VRS */
+/* Cipher 28 */
 	{
 	1,
 	SSL3_TXT_KRB5_RC4_40_SHA,
 	SSL3_CK_KRB5_RC4_40_SHA,
-	SSL_kKRB5|SSL_aKRB5|  SSL_RC4|SSL_SHA1   |SSL_SSLV3,
+	SSL_kKRB5,
+	SSL_aKRB5,
+	SSL_RC4,
+	SSL_SHA1,
+	SSL_SSLV3,
 	SSL_EXPORT|SSL_EXP40,
-	0,
-	128,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	40,
 	128,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
 	},
 
-/* Cipher 29 VRS */
+/* Cipher 29 */
 	{
 	1,
 	SSL3_TXT_KRB5_DES_40_CBC_MD5,
 	SSL3_CK_KRB5_DES_40_CBC_MD5,
-	SSL_kKRB5|SSL_aKRB5|  SSL_DES|SSL_MD5    |SSL_SSLV3,
+	SSL_kKRB5,
+	SSL_aKRB5,
+	SSL_DES,
+	SSL_MD5,
+	SSL_SSLV3,
 	SSL_EXPORT|SSL_EXP40,
-	0,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
 	40,
 	56,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
 	},
 
-/* Cipher 2A VRS */
+/* Cipher 2A */
 	{
 	1,
 	SSL3_TXT_KRB5_RC2_40_CBC_MD5,
 	SSL3_CK_KRB5_RC2_40_CBC_MD5,
-	SSL_kKRB5|SSL_aKRB5|  SSL_RC2|SSL_MD5    |SSL_SSLV3,
+	SSL_kKRB5,
+	SSL_aKRB5,
+	SSL_RC2,
+	SSL_MD5,
+	SSL_SSLV3,
 	SSL_EXPORT|SSL_EXP40,
-	0,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
 	40,
 	128,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
 	},
 
-/* Cipher 2B VRS */
+/* Cipher 2B */
 	{
 	1,
 	SSL3_TXT_KRB5_RC4_40_MD5,
 	SSL3_CK_KRB5_RC4_40_MD5,
-	SSL_kKRB5|SSL_aKRB5|  SSL_RC4|SSL_MD5    |SSL_SSLV3,
+	SSL_kKRB5,
+	SSL_aKRB5,
+	SSL_RC4,
+	SSL_MD5,
+	SSL_SSLV3,
 	SSL_EXPORT|SSL_EXP40,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	40,
+	128,
+	},
+#endif	/* OPENSSL_NO_KRB5 */
+
+/* New AES ciphersuites */
+/* Cipher 2F */
+	{
+	1,
+	TLS1_TXT_RSA_WITH_AES_128_SHA,
+	TLS1_CK_RSA_WITH_AES_128_SHA,
+	SSL_kRSA,
+	SSL_aRSA,
+	SSL_AES128,
+	SSL_SHA1,
+	SSL_TLSV1,
+	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	128,
+	128,
+	},
+/* Cipher 30 */
+	{
 	0,
+	TLS1_TXT_DH_DSS_WITH_AES_128_SHA,
+	TLS1_CK_DH_DSS_WITH_AES_128_SHA,
+	SSL_kDHd,
+	SSL_aDH,
+	SSL_AES128,
+	SSL_SHA1,
+	SSL_TLSV1,
+	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	128,
+	128,
+	},
+/* Cipher 31 */
+	{
+	0,
+	TLS1_TXT_DH_RSA_WITH_AES_128_SHA,
+	TLS1_CK_DH_RSA_WITH_AES_128_SHA,
+	SSL_kDHr,
+	SSL_aDH,
+	SSL_AES128,
+	SSL_SHA1,
+	SSL_TLSV1,
+	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	128,
+	128,
+	},
+/* Cipher 32 */
+	{
+	1,
+	TLS1_TXT_DHE_DSS_WITH_AES_128_SHA,
+	TLS1_CK_DHE_DSS_WITH_AES_128_SHA,
+	SSL_kEDH,
+	SSL_aDSS,
+	SSL_AES128,
+	SSL_SHA1,
+	SSL_TLSV1,
+	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	128,
+	128,
+	},
+/* Cipher 33 */
+	{
+	1,
+	TLS1_TXT_DHE_RSA_WITH_AES_128_SHA,
+	TLS1_CK_DHE_RSA_WITH_AES_128_SHA,
+	SSL_kEDH,
+	SSL_aRSA,
+	SSL_AES128,
+	SSL_SHA1,
+	SSL_TLSV1,
+	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	128,
+	128,
+	},
+/* Cipher 34 */
+	{
+	1,
+	TLS1_TXT_ADH_WITH_AES_128_SHA,
+	TLS1_CK_ADH_WITH_AES_128_SHA,
+	SSL_kEDH,
+	SSL_aNULL,
+	SSL_AES128,
+	SSL_SHA1,
+	SSL_TLSV1,
+	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	128,
+	128,
+	},
+
+/* Cipher 35 */
+	{
+	1,
+	TLS1_TXT_RSA_WITH_AES_256_SHA,
+	TLS1_CK_RSA_WITH_AES_256_SHA,
+	SSL_kRSA,
+	SSL_aRSA,
+	SSL_AES256,
+	SSL_SHA1,
+	SSL_TLSV1,
+	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	256,
+	256,
+	},
+/* Cipher 36 */
+	{
+	0,
+	TLS1_TXT_DH_DSS_WITH_AES_256_SHA,
+	TLS1_CK_DH_DSS_WITH_AES_256_SHA,
+	SSL_kDHd,
+	SSL_aDH,
+	SSL_AES256,
+	SSL_SHA1,
+	SSL_TLSV1,
+	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	256,
+	256,
+	},
+
+/* Cipher 37 */
+	{
+	0, /* not implemented (non-ephemeral DH) */
+	TLS1_TXT_DH_RSA_WITH_AES_256_SHA,
+	TLS1_CK_DH_RSA_WITH_AES_256_SHA,
+	SSL_kDHr,
+	SSL_aDH,
+	SSL_AES256,
+	SSL_SHA1,
+	SSL_TLSV1,
+	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	256,
+	256,
+	},
+
+/* Cipher 38 */
+	{
+	1,
+	TLS1_TXT_DHE_DSS_WITH_AES_256_SHA,
+	TLS1_CK_DHE_DSS_WITH_AES_256_SHA,
+	SSL_kEDH,
+	SSL_aDSS,
+	SSL_AES256,
+	SSL_SHA1,
+	SSL_TLSV1,
+	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	256,
+	256,
+	},
+
+/* Cipher 39 */
+	{
+	1,
+	TLS1_TXT_DHE_RSA_WITH_AES_256_SHA,
+	TLS1_CK_DHE_RSA_WITH_AES_256_SHA,
+	SSL_kEDH,
+	SSL_aRSA,
+	SSL_AES256,
+	SSL_SHA1,
+	SSL_TLSV1,
+	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	256,
+	256,
+	},
+
+	/* Cipher 3A */
+	{
+	1,
+	TLS1_TXT_ADH_WITH_AES_256_SHA,
+	TLS1_CK_ADH_WITH_AES_256_SHA,
+	SSL_kEDH,
+	SSL_aNULL,
+	SSL_AES256,
+	SSL_SHA1,
+	SSL_TLSV1,
+	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	256,
+	256,
+	},
+
+#ifndef OPENSSL_NO_CAMELLIA
+	/* Camellia ciphersuites from RFC4132 (128-bit portion) */
+
+	/* Cipher 41 */
+	{
+	1,
+	TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA,
+	TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA,
+	SSL_kRSA,
+	SSL_aRSA,
+	SSL_CAMELLIA128,
+	SSL_SHA1,
+	SSL_TLSV1,
+	SSL_NOT_EXP|SSL_HIGH,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	128,
+	128,
+	},
+
+	/* Cipher 42 */
+	{
+	0, /* not implemented (non-ephemeral DH) */
+	TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA,
+	TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA,
+	SSL_kDHd,
+	SSL_aDH,
+	SSL_CAMELLIA128,
+	SSL_SHA1,
+	SSL_TLSV1,
+	SSL_NOT_EXP|SSL_HIGH,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	128,
+	128,
+	},
+
+	/* Cipher 43 */
+	{
+	0, /* not implemented (non-ephemeral DH) */
+	TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA,
+	TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA,
+	SSL_kDHr,
+	SSL_aDH,
+	SSL_CAMELLIA128,
+	SSL_SHA1,
+	SSL_TLSV1,
+	SSL_NOT_EXP|SSL_HIGH,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
 	128,
 	128,
-	SSL_ALL_CIPHERS,
-	SSL_ALL_STRENGTHS,
 	},
-#endif	/* OPENSSL_NO_KRB5 */
 
+	/* Cipher 44 */
+	{
+	1,
+	TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
+	TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
+	SSL_kEDH,
+	SSL_aDSS,
+	SSL_CAMELLIA128,
+	SSL_SHA1,
+	SSL_TLSV1,
+	SSL_NOT_EXP|SSL_HIGH,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	128,
+	128,
+	},
+
+	/* Cipher 45 */
+	{
+	1,
+	TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
+	TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
+	SSL_kEDH,
+	SSL_aRSA,
+	SSL_CAMELLIA128,
+	SSL_SHA1,
+	SSL_TLSV1,
+	SSL_NOT_EXP|SSL_HIGH,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	128,
+	128,
+	},
+
+	/* Cipher 46 */
+	{
+	1,
+	TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA,
+	TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA,
+	SSL_kEDH,
+	SSL_aNULL,
+	SSL_CAMELLIA128,
+	SSL_SHA1,
+	SSL_TLSV1,
+	SSL_NOT_EXP|SSL_HIGH,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	128,
+	128,
+	},
+#endif /* OPENSSL_NO_CAMELLIA */
 
 #if TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES
-	/* New TLS Export CipherSuites */
+	/* New TLS Export CipherSuites from expired ID */
+#if 0
 	/* Cipher 60 */
-	    {
-	    1,
-	    TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_MD5,
-	    TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5,
-	    SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_MD5|SSL_TLSV1,
-	    SSL_EXPORT|SSL_EXP56,
-	    0,
-	    56,
-	    128,
-	    SSL_ALL_CIPHERS,
-	    SSL_ALL_STRENGTHS,
-	    },
+	{
+	1,
+	TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_MD5,
+	TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5,
+	SSL_kRSA,
+	SSL_aRSA,
+	SSL_RC4,
+	SSL_MD5,
+	SSL_TLSV1,
+	SSL_EXPORT|SSL_EXP56,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	56,
+	128,
+	},
+
 	/* Cipher 61 */
-	    {
-	    1,
-	    TLS1_TXT_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5,
-	    TLS1_CK_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5,
-	    SSL_kRSA|SSL_aRSA|SSL_RC2|SSL_MD5|SSL_TLSV1,
-	    SSL_EXPORT|SSL_EXP56,
-	    0,
-	    56,
-	    128,
-	    SSL_ALL_CIPHERS,
-	    SSL_ALL_STRENGTHS,
-	    },
+	{
+	1,
+	TLS1_TXT_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5,
+	TLS1_CK_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5,
+	SSL_kRSA,
+	SSL_aRSA,
+	SSL_RC2,
+	SSL_MD5,
+	SSL_TLSV1,
+	SSL_EXPORT|SSL_EXP56,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	56,
+	128,
+	},
+#endif
+
 	/* Cipher 62 */
-	    {
-	    1,
-	    TLS1_TXT_RSA_EXPORT1024_WITH_DES_CBC_SHA,
-	    TLS1_CK_RSA_EXPORT1024_WITH_DES_CBC_SHA,
-	    SSL_kRSA|SSL_aRSA|SSL_DES|SSL_SHA|SSL_TLSV1,
-	    SSL_EXPORT|SSL_EXP56,
-	    0,
-	    56,
-	    56,
-	    SSL_ALL_CIPHERS,
-	    SSL_ALL_STRENGTHS,
-	    },
+	{
+	1,
+	TLS1_TXT_RSA_EXPORT1024_WITH_DES_CBC_SHA,
+	TLS1_CK_RSA_EXPORT1024_WITH_DES_CBC_SHA,
+	SSL_kRSA,
+	SSL_aRSA,
+	SSL_DES,
+	SSL_SHA1,
+	SSL_TLSV1,
+	SSL_EXPORT|SSL_EXP56,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	56,
+	56,
+	},
+
 	/* Cipher 63 */
-	    {
-	    1,
-	    TLS1_TXT_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA,
-	    TLS1_CK_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA,
-	    SSL_kEDH|SSL_aDSS|SSL_DES|SSL_SHA|SSL_TLSV1,
-	    SSL_EXPORT|SSL_EXP56,
-	    0,
-	    56,
-	    56,
-	    SSL_ALL_CIPHERS,
-	    SSL_ALL_STRENGTHS,
-	    },
+	{
+	1,
+	TLS1_TXT_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA,
+	TLS1_CK_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA,
+	SSL_kEDH,
+	SSL_aDSS,
+	SSL_DES,
+	SSL_SHA1,
+	SSL_TLSV1,
+	SSL_EXPORT|SSL_EXP56,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	56,
+	56,
+	},
+
 	/* Cipher 64 */
-	    {
-	    1,
-	    TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_SHA,
-	    TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_SHA,
-	    SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_SHA|SSL_TLSV1,
-	    SSL_EXPORT|SSL_EXP56,
-	    0,
-	    56,
-	    128,
-	    SSL_ALL_CIPHERS,
-	    SSL_ALL_STRENGTHS,
-	    },
+	{
+	1,
+	TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_SHA,
+	TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_SHA,
+	SSL_kRSA,
+	SSL_aRSA,
+	SSL_RC4,
+	SSL_SHA1,
+	SSL_TLSV1,
+	SSL_EXPORT|SSL_EXP56,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	56,
+	128,
+	},
+
 	/* Cipher 65 */
-	    {
-	    1,
-	    TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA,
-	    TLS1_CK_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA,
-	    SSL_kEDH|SSL_aDSS|SSL_RC4|SSL_SHA|SSL_TLSV1,
-	    SSL_EXPORT|SSL_EXP56,
-	    0,
-	    56,
-	    128,
-	    SSL_ALL_CIPHERS,
-	    SSL_ALL_STRENGTHS,
-	    },
+	{
+	1,
+	TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA,
+	TLS1_CK_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA,
+	SSL_kEDH,
+	SSL_aDSS,
+	SSL_RC4,
+	SSL_SHA1,
+	SSL_TLSV1,
+	SSL_EXPORT|SSL_EXP56,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	56,
+	128,
+	},
+
 	/* Cipher 66 */
-	    {
-	    1,
-	    TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA,
-	    TLS1_CK_DHE_DSS_WITH_RC4_128_SHA,
-	    SSL_kEDH|SSL_aDSS|SSL_RC4|SSL_SHA|SSL_TLSV1,
-	    SSL_NOT_EXP|SSL_MEDIUM,
-	    0,
-	    128,
-	    128,
-	    SSL_ALL_CIPHERS,
-	    SSL_ALL_STRENGTHS
-	    },
+	{
+	1,
+	TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA,
+	TLS1_CK_DHE_DSS_WITH_RC4_128_SHA,
+	SSL_kEDH,
+	SSL_aDSS,
+	SSL_RC4,
+	SSL_SHA1,
+	SSL_TLSV1,
+	SSL_NOT_EXP|SSL_MEDIUM,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	128,
+	128,
+	},
 #endif
-	/* New AES ciphersuites */
+	{
+	1,
+	"GOST94-GOST89-GOST89",
+	0x3000080,
+	SSL_kGOST,
+	SSL_aGOST94,
+	SSL_eGOST2814789CNT,
+	SSL_GOST89MAC,
+	SSL_TLSV1,
+	SSL_NOT_EXP|SSL_HIGH,
+	SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94|TLS1_STREAM_MAC,
+	256,
+	256
+	},
+	{
+	1,
+	"GOST2001-GOST89-GOST89",
+	0x3000081,
+	SSL_kGOST,
+	SSL_aGOST01,
+	SSL_eGOST2814789CNT,
+	SSL_GOST89MAC,
+	SSL_TLSV1,
+	SSL_NOT_EXP|SSL_HIGH,
+	SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94|TLS1_STREAM_MAC,
+	256,
+	256
+	},
+	{
+	1,
+	"GOST94-NULL-GOST94",
+	0x3000082,
+	SSL_kGOST,
+	SSL_aGOST94,
+	SSL_eNULL,
+	SSL_GOST94,
+	SSL_TLSV1,
+	SSL_NOT_EXP|SSL_STRONG_NONE,
+	SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94,
+	0,
+	0
+	},
+	{
+	1,
+	"GOST2001-NULL-GOST94",
+	0x3000083,
+	SSL_kGOST,
+	SSL_aGOST01,
+	SSL_eNULL,
+	SSL_GOST94,
+	SSL_TLSV1,
+	SSL_NOT_EXP|SSL_STRONG_NONE,
+	SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94,
+	0,
+	0
+	},
 
-	/* Cipher 2F */
-	    {
-	    1,
-	    TLS1_TXT_RSA_WITH_AES_128_SHA,
-	    TLS1_CK_RSA_WITH_AES_128_SHA,
-	    SSL_kRSA|SSL_aRSA|SSL_AES|SSL_SHA |SSL_TLSV1,
-	    SSL_NOT_EXP|SSL_MEDIUM,
-	    0,
-	    128,
-	    128,
-	    SSL_ALL_CIPHERS,
-	    SSL_ALL_STRENGTHS,
-	    },
-	/* Cipher 30 */
-	    {
-	    0,
-	    TLS1_TXT_DH_DSS_WITH_AES_128_SHA,
-	    TLS1_CK_DH_DSS_WITH_AES_128_SHA,
-	    SSL_kDHd|SSL_aDH|SSL_AES|SSL_SHA|SSL_TLSV1,
-	    SSL_NOT_EXP|SSL_MEDIUM,
-	    0,
-	    128,
-	    128,
-	    SSL_ALL_CIPHERS,
-	    SSL_ALL_STRENGTHS,
-	    },
-	/* Cipher 31 */
-	    {
-	    0,
-	    TLS1_TXT_DH_RSA_WITH_AES_128_SHA,
-	    TLS1_CK_DH_RSA_WITH_AES_128_SHA,
-	    SSL_kDHr|SSL_aDH|SSL_AES|SSL_SHA|SSL_TLSV1,
-	    SSL_NOT_EXP|SSL_MEDIUM,
-	    0,
-	    128,
-	    128,
-	    SSL_ALL_CIPHERS,
-	    SSL_ALL_STRENGTHS,
-	    },
-	/* Cipher 32 */
-	    {
-	    1,
-	    TLS1_TXT_DHE_DSS_WITH_AES_128_SHA,
-	    TLS1_CK_DHE_DSS_WITH_AES_128_SHA,
-	    SSL_kEDH|SSL_aDSS|SSL_AES|SSL_SHA|SSL_TLSV1,
-	    SSL_NOT_EXP|SSL_MEDIUM,
-	    0,
-	    128,
-	    128,
-	    SSL_ALL_CIPHERS,
-	    SSL_ALL_STRENGTHS,
-	    },
-	/* Cipher 33 */
-	    {
-	    1,
-	    TLS1_TXT_DHE_RSA_WITH_AES_128_SHA,
-	    TLS1_CK_DHE_RSA_WITH_AES_128_SHA,
-	    SSL_kEDH|SSL_aRSA|SSL_AES|SSL_SHA|SSL_TLSV1,
-	    SSL_NOT_EXP|SSL_MEDIUM,
-	    0,
-	    128,
-	    128,
-	    SSL_ALL_CIPHERS,
-	    SSL_ALL_STRENGTHS,
-	    },
-	/* Cipher 34 */
-	    {
-	    1,
-	    TLS1_TXT_ADH_WITH_AES_128_SHA,
-	    TLS1_CK_ADH_WITH_AES_128_SHA,
-	    SSL_kEDH|SSL_aNULL|SSL_AES|SSL_SHA|SSL_TLSV1,
-	    SSL_NOT_EXP|SSL_MEDIUM,
-	    0,
-	    128,
-	    128,
-	    SSL_ALL_CIPHERS,
-	    SSL_ALL_STRENGTHS,
-	    },
-
-	/* Cipher 35 */
-	    {
-	    1,
-	    TLS1_TXT_RSA_WITH_AES_256_SHA,
-	    TLS1_CK_RSA_WITH_AES_256_SHA,
-	    SSL_kRSA|SSL_aRSA|SSL_AES|SSL_SHA |SSL_TLSV1,
-	    SSL_NOT_EXP|SSL_HIGH,
-	    0,
-	    256,
-	    256,
-	    SSL_ALL_CIPHERS,
-	    SSL_ALL_STRENGTHS,
-	    },
-	/* Cipher 36 */
-	    {
-	    0,
-	    TLS1_TXT_DH_DSS_WITH_AES_256_SHA,
-	    TLS1_CK_DH_DSS_WITH_AES_256_SHA,
-	    SSL_kDHd|SSL_aDH|SSL_AES|SSL_SHA|SSL_TLSV1,
-	    SSL_NOT_EXP|SSL_HIGH,
-	    0,
-	    256,
-	    256,
-	    SSL_ALL_CIPHERS,
-	    SSL_ALL_STRENGTHS,
-	    },
-	/* Cipher 37 */
-	    {
-	    0,
-	    TLS1_TXT_DH_RSA_WITH_AES_256_SHA,
-	    TLS1_CK_DH_RSA_WITH_AES_256_SHA,
-	    SSL_kDHr|SSL_aDH|SSL_AES|SSL_SHA|SSL_TLSV1,
-	    SSL_NOT_EXP|SSL_HIGH,
-	    0,
-	    256,
-	    256,
-	    SSL_ALL_CIPHERS,
-	    SSL_ALL_STRENGTHS,
-	    },
-	/* Cipher 38 */
-	    {
-	    1,
-	    TLS1_TXT_DHE_DSS_WITH_AES_256_SHA,
-	    TLS1_CK_DHE_DSS_WITH_AES_256_SHA,
-	    SSL_kEDH|SSL_aDSS|SSL_AES|SSL_SHA|SSL_TLSV1,
-	    SSL_NOT_EXP|SSL_HIGH,
-	    0,
-	    256,
-	    256,
-	    SSL_ALL_CIPHERS,
-	    SSL_ALL_STRENGTHS,
-	    },
-	/* Cipher 39 */
-	    {
-	    1,
-	    TLS1_TXT_DHE_RSA_WITH_AES_256_SHA,
-	    TLS1_CK_DHE_RSA_WITH_AES_256_SHA,
-	    SSL_kEDH|SSL_aRSA|SSL_AES|SSL_SHA|SSL_TLSV1,
-	    SSL_NOT_EXP|SSL_HIGH,
-	    0,
-	    256,
-	    256,
-	    SSL_ALL_CIPHERS,
-	    SSL_ALL_STRENGTHS,
-	    },
-	/* Cipher 3A */
-	    {
-	    1,
-	    TLS1_TXT_ADH_WITH_AES_256_SHA,
-	    TLS1_CK_ADH_WITH_AES_256_SHA,
-	    SSL_kEDH|SSL_aNULL|SSL_AES|SSL_SHA|SSL_TLSV1,
-	    SSL_NOT_EXP|SSL_HIGH,
-	    0,
-	    256,
-	    256,
-	    SSL_ALL_CIPHERS,
-	    SSL_ALL_STRENGTHS,
-	    },
+#ifndef OPENSSL_NO_CAMELLIA
+	/* Camellia ciphersuites from RFC4132 (256-bit portion) */
+
+	/* Cipher 84 */
+	{
+	1,
+	TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA,
+	TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA,
+	SSL_kRSA,
+	SSL_aRSA,
+	SSL_CAMELLIA256,
+	SSL_SHA1,
+	SSL_TLSV1,
+	SSL_NOT_EXP|SSL_HIGH,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	256,
+	256,
+	},
+	/* Cipher 85 */
+	{
+	0, /* not implemented (non-ephemeral DH) */
+	TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA,
+	TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA,
+	SSL_kDHd,
+	SSL_aDH,
+	SSL_CAMELLIA256,
+	SSL_SHA1,
+	SSL_TLSV1,
+	SSL_NOT_EXP|SSL_HIGH,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	256,
+	256,
+	},
+
+	/* Cipher 86 */
+	{
+	0, /* not implemented (non-ephemeral DH) */
+	TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA,
+	TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA,
+	SSL_kDHr,
+	SSL_aDH,
+	SSL_CAMELLIA256,
+	SSL_SHA1,
+	SSL_TLSV1,
+	SSL_NOT_EXP|SSL_HIGH,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	256,
+	256,
+	},
+
+	/* Cipher 87 */
+	{
+	1,
+	TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
+	TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
+	SSL_kEDH,
+	SSL_aDSS,
+	SSL_CAMELLIA256,
+	SSL_SHA1,
+	SSL_TLSV1,
+	SSL_NOT_EXP|SSL_HIGH,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	256,
+	256,
+	},
+
+	/* Cipher 88 */
+	{
+	1,
+	TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
+	TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
+	SSL_kEDH,
+	SSL_aRSA,
+	SSL_CAMELLIA256,
+	SSL_SHA1,
+	SSL_TLSV1,
+	SSL_NOT_EXP|SSL_HIGH,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	256,
+	256,
+	},
+
+	/* Cipher 89 */
+	{
+	1,
+	TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA,
+	TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA,
+	SSL_kEDH,
+	SSL_aNULL,
+	SSL_CAMELLIA256,
+	SSL_SHA1,
+	SSL_TLSV1,
+	SSL_NOT_EXP|SSL_HIGH,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	256,
+	256,
+	},
+#endif /* OPENSSL_NO_CAMELLIA */
+
+#ifndef OPENSSL_NO_PSK
+	/* Cipher 8A */
+	{
+	1,
+	TLS1_TXT_PSK_WITH_RC4_128_SHA,
+	TLS1_CK_PSK_WITH_RC4_128_SHA,
+	SSL_kPSK,
+	SSL_aPSK,
+	SSL_RC4,
+	SSL_SHA1,
+	SSL_TLSV1,
+	SSL_NOT_EXP|SSL_MEDIUM,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	128,
+	128,
+	},
+
+	/* Cipher 8B */
+	{
+	1,
+	TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA,
+	TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA,
+	SSL_kPSK,
+	SSL_aPSK,
+	SSL_3DES,
+	SSL_SHA1,
+	SSL_TLSV1,
+	SSL_NOT_EXP|SSL_HIGH,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	168,
+	168,
+	},
+
+	/* Cipher 8C */
+	{
+	1,
+	TLS1_TXT_PSK_WITH_AES_128_CBC_SHA,
+	TLS1_CK_PSK_WITH_AES_128_CBC_SHA,
+	SSL_kPSK,
+	SSL_aPSK,
+	SSL_AES128,
+	SSL_SHA1,
+	SSL_TLSV1,
+	SSL_NOT_EXP|SSL_HIGH,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	128,
+	128,
+	},
+
+	/* Cipher 8D */
+	{
+	1,
+	TLS1_TXT_PSK_WITH_AES_256_CBC_SHA,
+	TLS1_CK_PSK_WITH_AES_256_CBC_SHA,
+	SSL_kPSK,
+	SSL_aPSK,
+	SSL_AES256,
+	SSL_SHA1,
+	SSL_TLSV1,
+	SSL_NOT_EXP|SSL_HIGH,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	256,
+	256,
+	},
+#endif  /* OPENSSL_NO_PSK */
+
+#ifndef OPENSSL_NO_SEED
+	/* SEED ciphersuites from RFC4162 */
+
+	/* Cipher 96 */
+	{
+	1,
+	TLS1_TXT_RSA_WITH_SEED_SHA,
+	TLS1_CK_RSA_WITH_SEED_SHA,
+	SSL_kRSA,
+	SSL_aRSA,
+	SSL_SEED,
+	SSL_SHA1,
+	SSL_TLSV1,
+	SSL_NOT_EXP|SSL_MEDIUM,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	128,
+	128,
+	},
+
+	/* Cipher 97 */
+	{
+	0, /* not implemented (non-ephemeral DH) */
+	TLS1_TXT_DH_DSS_WITH_SEED_SHA,
+	TLS1_CK_DH_DSS_WITH_SEED_SHA,
+	SSL_kDHd,
+	SSL_aDH,
+	SSL_SEED,
+	SSL_SHA1,
+	SSL_TLSV1,
+	SSL_NOT_EXP|SSL_MEDIUM,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	128,
+	128,
+	},
+
+	/* Cipher 98 */
+	{
+	0, /* not implemented (non-ephemeral DH) */
+	TLS1_TXT_DH_RSA_WITH_SEED_SHA,
+	TLS1_CK_DH_RSA_WITH_SEED_SHA,
+	SSL_kDHr,
+	SSL_aDH,
+	SSL_SEED,
+	SSL_SHA1,
+	SSL_TLSV1,
+	SSL_NOT_EXP|SSL_MEDIUM,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	128,
+	128,
+	},
+
+	/* Cipher 99 */
+	{
+	1,
+	TLS1_TXT_DHE_DSS_WITH_SEED_SHA,
+	TLS1_CK_DHE_DSS_WITH_SEED_SHA,
+	SSL_kEDH,
+	SSL_aDSS,
+	SSL_SEED,
+	SSL_SHA1,
+	SSL_TLSV1,
+	SSL_NOT_EXP|SSL_MEDIUM,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	128,
+	128,
+	},
+
+	/* Cipher 9A */
+	{
+	1,
+	TLS1_TXT_DHE_RSA_WITH_SEED_SHA,
+	TLS1_CK_DHE_RSA_WITH_SEED_SHA,
+	SSL_kEDH,
+	SSL_aRSA,
+	SSL_SEED,
+	SSL_SHA1,
+	SSL_TLSV1,
+	SSL_NOT_EXP|SSL_MEDIUM,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	128,
+	128,
+	},
+
+	/* Cipher 9B */
+	{
+	1,
+	TLS1_TXT_ADH_WITH_SEED_SHA,
+	TLS1_CK_ADH_WITH_SEED_SHA,
+	SSL_kEDH,
+	SSL_aNULL,
+	SSL_SEED,
+	SSL_SHA1,
+	SSL_TLSV1,
+	SSL_NOT_EXP|SSL_MEDIUM,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	128,
+	128,
+	},
+
+#endif /* OPENSSL_NO_SEED */
 
 #ifndef OPENSSL_NO_ECDH
-	/* Cipher 47 */
-	    {
-            1,
-            TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA,
-            TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA,
-            SSL_kECDH|SSL_aECDSA|SSL_eNULL|SSL_SHA|SSL_TLSV1,
-            SSL_NOT_EXP,
-            0,
-            0,
-            0,
-            SSL_ALL_CIPHERS,
-            SSL_ALL_STRENGTHS,
-            },
-
-	/* Cipher 48 */
-	    {
-            1,
-            TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA,
-            TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA,
-            SSL_kECDH|SSL_aECDSA|SSL_RC4|SSL_SHA|SSL_TLSV1,
-            SSL_NOT_EXP,
-            0,
-            128,
-            128,
-            SSL_ALL_CIPHERS,
-            SSL_ALL_STRENGTHS,
-            },
-
-	/* Cipher 49 */
-	    {
-            1,
-            TLS1_TXT_ECDH_ECDSA_WITH_DES_CBC_SHA,
-            TLS1_CK_ECDH_ECDSA_WITH_DES_CBC_SHA,
-            SSL_kECDH|SSL_aECDSA|SSL_DES|SSL_SHA|SSL_TLSV1,
-            SSL_NOT_EXP|SSL_LOW,
-            0,
-            56,
-            56,
-            SSL_ALL_CIPHERS,
-            SSL_ALL_STRENGTHS,
-            },
-
-	/* Cipher 4A */
-	    {
-            1,
-            TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA,
-            TLS1_CK_ECDH_ECDSA_WITH_DES_192_CBC3_SHA,
-            SSL_kECDH|SSL_aECDSA|SSL_3DES|SSL_SHA|SSL_TLSV1,
-            SSL_NOT_EXP|SSL_HIGH,
-            0,
-            168,
-            168,
-            SSL_ALL_CIPHERS,
-            SSL_ALL_STRENGTHS,
-            },
-
-	/* Cipher 4B */
-	    {
-            1,
-            TLS1_TXT_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
-            TLS1_CK_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
-            SSL_kECDH|SSL_aECDSA|SSL_AES|SSL_SHA|SSL_TLSV1,
-            SSL_NOT_EXP|SSL_MEDIUM,
-            0,
-            128,
-            128,
-            SSL_ALL_CIPHERS,
-            SSL_ALL_STRENGTHS,
-            },
-
-	/* Cipher 4C */
-	    {
-            1,
-            TLS1_TXT_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
-            TLS1_CK_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
-            SSL_kECDH|SSL_aECDSA|SSL_AES|SSL_SHA|SSL_TLSV1,
-            SSL_NOT_EXP|SSL_HIGH,
-            0,
-            256,
-            256,
-            SSL_ALL_CIPHERS,
-            SSL_ALL_STRENGTHS,
-            },
-
-	/* Cipher 5B */
-	/* XXX NOTE: The ECC/TLS draft has a bug and reuses 4B for this */
-	    {
-            1,
-            TLS1_TXT_ECDH_ECDSA_EXPORT_WITH_RC4_40_SHA,
-            TLS1_CK_ECDH_ECDSA_EXPORT_WITH_RC4_40_SHA,
-            SSL_kECDH|SSL_aECDSA|SSL_RC4|SSL_SHA|SSL_TLSV1,
-            SSL_EXPORT|SSL_EXP40,
-            0,
-            40,
-            128,
-            SSL_ALL_CIPHERS,
-            SSL_ALL_STRENGTHS,
-            },
-
-	/* Cipher 5C */
-	/* XXX NOTE: The ECC/TLS draft has a bug and reuses 4C for this */
-	    {
-            1,
-            TLS1_TXT_ECDH_ECDSA_EXPORT_WITH_RC4_56_SHA,
-            TLS1_CK_ECDH_ECDSA_EXPORT_WITH_RC4_56_SHA,
-            SSL_kECDH|SSL_aECDSA|SSL_RC4|SSL_SHA|SSL_TLSV1,
-            SSL_EXPORT|SSL_EXP56,
-            0,
-            56,
-            128,
-            SSL_ALL_CIPHERS,
-            SSL_ALL_STRENGTHS,
-            },
-
-	/* Cipher 4D */
-	    {
-            1,
-            TLS1_TXT_ECDH_RSA_WITH_NULL_SHA,
-            TLS1_CK_ECDH_RSA_WITH_NULL_SHA,
-            SSL_kECDH|SSL_aRSA|SSL_eNULL|SSL_SHA|SSL_TLSV1,
-            SSL_NOT_EXP,
-            0,
-            0,
-            0,
-            SSL_ALL_CIPHERS,
-            SSL_ALL_STRENGTHS,
-            },
-
-	/* Cipher 4E */
-	    {
-            1,
-            TLS1_TXT_ECDH_RSA_WITH_RC4_128_SHA,
-            TLS1_CK_ECDH_RSA_WITH_RC4_128_SHA,
-            SSL_kECDH|SSL_aRSA|SSL_RC4|SSL_SHA|SSL_TLSV1,
-            SSL_NOT_EXP,
-            0,
-            128,
-            128,
-            SSL_ALL_CIPHERS,
-            SSL_ALL_STRENGTHS,
-            },
-
-	/* Cipher 4F */
-	    {
-            1,
-            TLS1_TXT_ECDH_RSA_WITH_DES_CBC_SHA,
-            TLS1_CK_ECDH_RSA_WITH_DES_CBC_SHA,
-            SSL_kECDH|SSL_aRSA|SSL_DES|SSL_SHA|SSL_TLSV1,
-            SSL_NOT_EXP|SSL_LOW,
-            0,
-            56,
-            56,
-            SSL_ALL_CIPHERS,
-            SSL_ALL_STRENGTHS,
-            },
-
-	/* Cipher 50 */
-	    {
-            1,
-            TLS1_TXT_ECDH_RSA_WITH_DES_192_CBC3_SHA,
-            TLS1_CK_ECDH_RSA_WITH_DES_192_CBC3_SHA,
-            SSL_kECDH|SSL_aRSA|SSL_3DES|SSL_SHA|SSL_TLSV1,
-            SSL_NOT_EXP|SSL_HIGH,
-            0,
-            168,
-            168,
-            SSL_ALL_CIPHERS,
-            SSL_ALL_STRENGTHS,
-            },
-
-	/* Cipher 51 */
-	    {
-            1,
-            TLS1_TXT_ECDH_RSA_WITH_AES_128_CBC_SHA,
-            TLS1_CK_ECDH_RSA_WITH_AES_128_CBC_SHA,
-            SSL_kECDH|SSL_aRSA|SSL_AES|SSL_SHA|SSL_TLSV1,
-            SSL_NOT_EXP|SSL_MEDIUM,
-            0,
-            128,
-            128,
-            SSL_ALL_CIPHERS,
-            SSL_ALL_STRENGTHS,
-            },
-
-	/* Cipher 52 */
-	    {
-            1,
-            TLS1_TXT_ECDH_RSA_WITH_AES_256_CBC_SHA,
-            TLS1_CK_ECDH_RSA_WITH_AES_256_CBC_SHA,
-            SSL_kECDH|SSL_aRSA|SSL_AES|SSL_SHA|SSL_TLSV1,
-            SSL_NOT_EXP|SSL_HIGH,
-            0,
-            256,
-            256,
-            SSL_ALL_CIPHERS,
-            SSL_ALL_STRENGTHS,
-            },
-
-	/* Cipher 53 */
-	    {
-            1,
-            TLS1_TXT_ECDH_RSA_EXPORT_WITH_RC4_40_SHA,
-            TLS1_CK_ECDH_RSA_EXPORT_WITH_RC4_40_SHA,
-            SSL_kECDH|SSL_aRSA|SSL_RC4|SSL_SHA|SSL_TLSV1,
-            SSL_EXPORT|SSL_EXP40,
-            0,
-            40,
-            128,
-            SSL_ALL_CIPHERS,
-            SSL_ALL_STRENGTHS,
-            },
-
-	/* Cipher 54 */
-	    {
-            1,
-            TLS1_TXT_ECDH_RSA_EXPORT_WITH_RC4_56_SHA,
-            TLS1_CK_ECDH_RSA_EXPORT_WITH_RC4_56_SHA,
-            SSL_kECDH|SSL_aRSA|SSL_RC4|SSL_SHA|SSL_TLSV1,
-            SSL_EXPORT|SSL_EXP56,
-            0,
-            56,
-            128,
-            SSL_ALL_CIPHERS,
-            SSL_ALL_STRENGTHS,
-            },
-
-	/* Cipher 55 */
-            {
-            1,
-            TLS1_TXT_ECDH_anon_WITH_NULL_SHA,
-            TLS1_CK_ECDH_anon_WITH_NULL_SHA,
-            SSL_kECDHE|SSL_aNULL|SSL_eNULL|SSL_SHA|SSL_TLSV1,
-            SSL_NOT_EXP,
-            0,
-            0,
-            0,
-            SSL_ALL_CIPHERS,
-            SSL_ALL_STRENGTHS,
-	    },
-
-	/* Cipher 56 */
-            {
-            1,
-            TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA,
-            TLS1_CK_ECDH_anon_WITH_RC4_128_SHA,
-            SSL_kECDHE|SSL_aNULL|SSL_RC4|SSL_SHA|SSL_TLSV1,
-            SSL_NOT_EXP,
-            0,
-            128,
-            128,
-            SSL_ALL_CIPHERS,
-            SSL_ALL_STRENGTHS,
-	    },
-
-	/* Cipher 57 */
-	    {
-            1,
-            TLS1_TXT_ECDH_anon_WITH_DES_CBC_SHA,
-            TLS1_CK_ECDH_anon_WITH_DES_CBC_SHA,
-            SSL_kECDHE|SSL_aNULL|SSL_DES|SSL_SHA|SSL_TLSV1,
-            SSL_NOT_EXP|SSL_LOW,
-            0,
-            56,
-            56,
-            SSL_ALL_CIPHERS,
-            SSL_ALL_STRENGTHS,
-            },
-
-	/* Cipher 58 */
-	    {
-            1,
-            TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA,
-            TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA,
-            SSL_kECDHE|SSL_aNULL|SSL_3DES|SSL_SHA|SSL_TLSV1,
-            SSL_NOT_EXP|SSL_HIGH,
-            0,
-            168,
-            168,
-            SSL_ALL_CIPHERS,
-            SSL_ALL_STRENGTHS,
-            },
-
-	/* Cipher 59 */
-	    {
-            1,
-            TLS1_TXT_ECDH_anon_EXPORT_WITH_DES_40_CBC_SHA,
-            TLS1_CK_ECDH_anon_EXPORT_WITH_DES_40_CBC_SHA,
-            SSL_kECDHE|SSL_aNULL|SSL_DES|SSL_SHA|SSL_TLSV1,
-            SSL_EXPORT|SSL_EXP40,
-            0,
-            40,
-            56,
-            SSL_ALL_CIPHERS,
-            SSL_ALL_STRENGTHS,
-            },
-
-	/* Cipher 5A */
-	    {
-            1,
-            TLS1_TXT_ECDH_anon_EXPORT_WITH_RC4_40_SHA,
-            TLS1_CK_ECDH_anon_EXPORT_WITH_RC4_40_SHA,
-            SSL_kECDHE|SSL_aNULL|SSL_RC4|SSL_SHA|SSL_TLSV1,
-            SSL_EXPORT|SSL_EXP40,
-            0,
-            40,
-            128,
-            SSL_ALL_CIPHERS,
-            SSL_ALL_STRENGTHS,
-            },
-
-	/* Cipher 77 XXX: ECC ciphersuites offering forward secrecy
-	 * are not yet specified in the ECC/TLS draft but our code
-	 * allows them to be implemented very easily. To add such
-	 * a cipher suite, one needs to add two constant definitions
-	 * to tls1.h and a new structure in this file as shown below. We 
-	 * illustrate the process for the made-up cipher
-	 * ECDHE-ECDSA-AES128-SHA.
-	 */
-	    {
-            1,
-            TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
-            TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
-            SSL_kECDHE|SSL_aECDSA|SSL_AES|SSL_SHA|SSL_TLSV1,
-            SSL_NOT_EXP|SSL_MEDIUM,
-            0,
-            128,
-            128,
-            SSL_ALL_CIPHERS,
-            SSL_ALL_STRENGTHS,
-            },
-
-	/* Cipher 78 XXX: Another made-up ECC cipher suite that
-	 * offers forward secrecy (ECDHE-RSA-AES128-SHA).
-	 */
-	    {
-            1,
-            TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA,
-            TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA,
-            SSL_kECDHE|SSL_aRSA|SSL_AES|SSL_SHA|SSL_TLSV1,
-            SSL_NOT_EXP|SSL_MEDIUM,
-            0,
-            128,
-            128,
-            SSL_ALL_CIPHERS,
-            SSL_ALL_STRENGTHS,
-            },
+	/* Cipher C001 */
+	{
+	1,
+	TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA,
+	TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA,
+	SSL_kECDHe,
+	SSL_aECDH,
+	SSL_eNULL,
+	SSL_SHA1,
+	SSL_TLSV1,
+	SSL_NOT_EXP|SSL_STRONG_NONE,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	0,
+	0,
+	},
 
-#endif /* !OPENSSL_NO_ECDH */
+	/* Cipher C002 */
+	{
+	1,
+	TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA,
+	TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA,
+	SSL_kECDHe,
+	SSL_aECDH,
+	SSL_RC4,
+	SSL_SHA1,
+	SSL_TLSV1,
+	SSL_NOT_EXP|SSL_MEDIUM,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	128,
+	128,
+	},
+
+	/* Cipher C003 */
+	{
+	1,
+	TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA,
+	TLS1_CK_ECDH_ECDSA_WITH_DES_192_CBC3_SHA,
+	SSL_kECDHe,
+	SSL_aECDH,
+	SSL_3DES,
+	SSL_SHA1,
+	SSL_TLSV1,
+	SSL_NOT_EXP|SSL_HIGH,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	168,
+	168,
+	},
+
+	/* Cipher C004 */
+	{
+	1,
+	TLS1_TXT_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
+	TLS1_CK_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
+	SSL_kECDHe,
+	SSL_aECDH,
+	SSL_AES128,
+	SSL_SHA1,
+	SSL_TLSV1,
+	SSL_NOT_EXP|SSL_HIGH,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	128,
+	128,
+	},
+
+	/* Cipher C005 */
+	{
+	1,
+	TLS1_TXT_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
+	TLS1_CK_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
+	SSL_kECDHe,
+	SSL_aECDH,
+	SSL_AES256,
+	SSL_SHA1,
+	SSL_TLSV1,
+	SSL_NOT_EXP|SSL_HIGH,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	256,
+	256,
+	},
+
+	/* Cipher C006 */
+	{
+	1,
+	TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA,
+	TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA,
+	SSL_kEECDH,
+	SSL_aECDSA,
+	SSL_eNULL,
+	SSL_SHA1,
+	SSL_TLSV1,
+	SSL_NOT_EXP|SSL_STRONG_NONE,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	0,
+	0,
+	},
+
+	/* Cipher C007 */
+	{
+	1,
+	TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA,
+	TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA,
+	SSL_kEECDH,
+	SSL_aECDSA,
+	SSL_RC4,
+	SSL_SHA1,
+	SSL_TLSV1,
+	SSL_NOT_EXP|SSL_MEDIUM,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	128,
+	128,
+	},
+
+	/* Cipher C008 */
+	{
+	1,
+	TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
+	TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
+	SSL_kEECDH,
+	SSL_aECDSA,
+	SSL_3DES,
+	SSL_SHA1,
+	SSL_TLSV1,
+	SSL_NOT_EXP|SSL_HIGH,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	168,
+	168,
+	},
+
+	/* Cipher C009 */
+	{
+	1,
+	TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
+	TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
+	SSL_kEECDH,
+	SSL_aECDSA,
+	SSL_AES128,
+	SSL_SHA1,
+	SSL_TLSV1,
+	SSL_NOT_EXP|SSL_HIGH,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	128,
+	128,
+	},
+
+	/* Cipher C00A */
+	{
+	1,
+	TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
+	TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
+	SSL_kEECDH,
+	SSL_aECDSA,
+	SSL_AES256,
+	SSL_SHA1,
+	SSL_TLSV1,
+	SSL_NOT_EXP|SSL_HIGH,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	256,
+	256,
+	},
+
+	/* Cipher C00B */
+	{
+	1,
+	TLS1_TXT_ECDH_RSA_WITH_NULL_SHA,
+	TLS1_CK_ECDH_RSA_WITH_NULL_SHA,
+	SSL_kECDHr,
+	SSL_aECDH,
+	SSL_eNULL,
+	SSL_SHA1,
+	SSL_TLSV1,
+	SSL_NOT_EXP|SSL_STRONG_NONE,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	0,
+	0,
+	},
+
+	/* Cipher C00C */
+	{
+	1,
+	TLS1_TXT_ECDH_RSA_WITH_RC4_128_SHA,
+	TLS1_CK_ECDH_RSA_WITH_RC4_128_SHA,
+	SSL_kECDHr,
+	SSL_aECDH,
+	SSL_RC4,
+	SSL_SHA1,
+	SSL_TLSV1,
+	SSL_NOT_EXP|SSL_MEDIUM,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	128,
+	128,
+	},
+
+	/* Cipher C00D */
+	{
+	1,
+	TLS1_TXT_ECDH_RSA_WITH_DES_192_CBC3_SHA,
+	TLS1_CK_ECDH_RSA_WITH_DES_192_CBC3_SHA,
+	SSL_kECDHr,
+	SSL_aECDH,
+	SSL_3DES,
+	SSL_SHA1,
+	SSL_TLSV1,
+	SSL_NOT_EXP|SSL_HIGH,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	168,
+	168,
+	},
+
+	/* Cipher C00E */
+	{
+	1,
+	TLS1_TXT_ECDH_RSA_WITH_AES_128_CBC_SHA,
+	TLS1_CK_ECDH_RSA_WITH_AES_128_CBC_SHA,
+	SSL_kECDHr,
+	SSL_aECDH,
+	SSL_AES128,
+	SSL_SHA1,
+	SSL_TLSV1,
+	SSL_NOT_EXP|SSL_HIGH,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	128,
+	128,
+	},
+
+	/* Cipher C00F */
+	{
+	1,
+	TLS1_TXT_ECDH_RSA_WITH_AES_256_CBC_SHA,
+	TLS1_CK_ECDH_RSA_WITH_AES_256_CBC_SHA,
+	SSL_kECDHr,
+	SSL_aECDH,
+	SSL_AES256,
+	SSL_SHA1,
+	SSL_TLSV1,
+	SSL_NOT_EXP|SSL_HIGH,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	256,
+	256,
+	},
+
+	/* Cipher C010 */
+	{
+	1,
+	TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA,
+	TLS1_CK_ECDHE_RSA_WITH_NULL_SHA,
+	SSL_kEECDH,
+	SSL_aRSA,
+	SSL_eNULL,
+	SSL_SHA1,
+	SSL_TLSV1,
+	SSL_NOT_EXP|SSL_STRONG_NONE,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	0,
+	0,
+	},
+
+	/* Cipher C011 */
+	{
+	1,
+	TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA,
+	TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA,
+	SSL_kEECDH,
+	SSL_aRSA,
+	SSL_RC4,
+	SSL_SHA1,
+	SSL_TLSV1,
+	SSL_NOT_EXP|SSL_MEDIUM,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	128,
+	128,
+	},
+
+	/* Cipher C012 */
+	{
+	1,
+	TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
+	TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
+	SSL_kEECDH,
+	SSL_aRSA,
+	SSL_3DES,
+	SSL_SHA1,
+	SSL_TLSV1,
+	SSL_NOT_EXP|SSL_HIGH,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	168,
+	168,
+	},
+
+	/* Cipher C013 */
+	{
+	1,
+	TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA,
+	TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA,
+	SSL_kEECDH,
+	SSL_aRSA,
+	SSL_AES128,
+	SSL_SHA1,
+	SSL_TLSV1,
+	SSL_NOT_EXP|SSL_HIGH,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	128,
+	128,
+	},
+
+	/* Cipher C014 */
+	{
+	1,
+	TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA,
+	TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA,
+	SSL_kEECDH,
+	SSL_aRSA,
+	SSL_AES256,
+	SSL_SHA1,
+	SSL_TLSV1,
+	SSL_NOT_EXP|SSL_HIGH,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	256,
+	256,
+	},
+
+	/* Cipher C015 */
+	{
+	1,
+	TLS1_TXT_ECDH_anon_WITH_NULL_SHA,
+	TLS1_CK_ECDH_anon_WITH_NULL_SHA,
+	SSL_kEECDH,
+	SSL_aNULL,
+	SSL_eNULL,
+	SSL_SHA1,
+	SSL_TLSV1,
+	SSL_NOT_EXP|SSL_STRONG_NONE,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	0,
+	0,
+	},
+
+	/* Cipher C016 */
+	{
+	1,
+	TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA,
+	TLS1_CK_ECDH_anon_WITH_RC4_128_SHA,
+	SSL_kEECDH,
+	SSL_aNULL,
+	SSL_RC4,
+	SSL_SHA1,
+	SSL_TLSV1,
+	SSL_NOT_EXP|SSL_MEDIUM,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	128,
+	128,
+	},
+
+	/* Cipher C017 */
+	{
+	1,
+	TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA,
+	TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA,
+	SSL_kEECDH,
+	SSL_aNULL,
+	SSL_3DES,
+	SSL_SHA1,
+	SSL_TLSV1,
+	SSL_NOT_EXP|SSL_HIGH,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	168,
+	168,
+	},
+
+	/* Cipher C018 */
+	{
+	1,
+	TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA,
+	TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA,
+	SSL_kEECDH,
+	SSL_aNULL,
+	SSL_AES128,
+	SSL_SHA1,
+	SSL_TLSV1,
+	SSL_NOT_EXP|SSL_HIGH,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	128,
+	128,
+	},
+
+	/* Cipher C019 */
+	{
+	1,
+	TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA,
+	TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA,
+	SSL_kEECDH,
+	SSL_aNULL,
+	SSL_AES256,
+	SSL_SHA1,
+	SSL_TLSV1,
+	SSL_NOT_EXP|SSL_HIGH,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	256,
+	256,
+	},
+#endif	/* OPENSSL_NO_ECDH */
+
+#ifdef TEMP_GOST_TLS
+/* Cipher FF00 */
+	{
+	1,
+	"GOST-MD5",
+	0x0300ff00,
+	SSL_kRSA,
+	SSL_aRSA,
+	SSL_eGOST2814789CNT,
+	SSL_MD5,
+	SSL_TLSV1,
+	SSL_NOT_EXP|SSL_HIGH,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	256,
+	256,
+	},
+	{
+	1,
+	"GOST-GOST94",
+	0x0300ff01,
+	SSL_kRSA,
+	SSL_aRSA,
+	SSL_eGOST2814789CNT,
+	SSL_GOST94,
+	SSL_TLSV1,
+	SSL_NOT_EXP|SSL_HIGH,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	256,
+	256
+	},
+	{
+	1,
+	"GOST-GOST89MAC",
+	0x0300ff02,
+	SSL_kRSA,
+	SSL_aRSA,
+	SSL_eGOST2814789CNT,
+	SSL_GOST89MAC,
+	SSL_TLSV1,
+	SSL_NOT_EXP|SSL_HIGH,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+	256,
+	256
+	},
+	{
+	1,
+	"GOST-GOST89STREAM",
+	0x0300ff03,
+	SSL_kRSA,
+	SSL_aRSA,
+	SSL_eGOST2814789CNT,
+	SSL_GOST89MAC,
+	SSL_TLSV1,
+	SSL_NOT_EXP|SSL_HIGH,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF|TLS1_STREAM_MAC,
+	256,
+	256
+	},
+#endif
 
 /* end of list */
 	};
 
-static SSL3_ENC_METHOD SSLv3_enc_data={
+SSL3_ENC_METHOD SSLv3_enc_data={
 	ssl3_enc,
-	ssl3_mac,
+	n_ssl3_mac,
 	ssl3_setup_key_block,
 	ssl3_generate_master_secret,
 	ssl3_change_cipher_state,
@@ -1368,52 +2089,19 @@ static SSL3_ENC_METHOD SSLv3_enc_data={
 	ssl3_alert_code,
 	};
 
-static SSL_METHOD SSLv3_data= {
-	SSL3_VERSION,
-	ssl3_new,
-	ssl3_clear,
-	ssl3_free,
-	ssl_undefined_function,
-	ssl_undefined_function,
-	ssl3_read,
-	ssl3_peek,
-	ssl3_write,
-	ssl3_shutdown,
-	ssl3_renegotiate,
-	ssl3_renegotiate_check,
-	ssl3_ctrl,
-	ssl3_ctx_ctrl,
-	ssl3_get_cipher_by_char,
-	ssl3_put_cipher_by_char,
-	ssl3_pending,
-	ssl3_num_ciphers,
-	ssl3_get_cipher,
-	ssl_bad_method,
-	ssl3_default_timeout,
-	&SSLv3_enc_data,
-	ssl_undefined_function,
-	ssl3_callback_ctrl,
-	ssl3_ctx_callback_ctrl,
-	};
-
-static long ssl3_default_timeout(void)
+long ssl3_default_timeout(void)
 	{
 	/* 2 hours, the 24 hours mentioned in the SSLv3 spec
 	 * is way too long for http, the cache would over fill */
 	return(60*60*2);
 	}
 
-SSL_METHOD *sslv3_base_method(void)
-	{
-	return(&SSLv3_data);
-	}
-
 int ssl3_num_ciphers(void)
 	{
 	return(SSL3_NUM_CIPHERS);
 	}
 
-SSL_CIPHER *ssl3_get_cipher(unsigned int u)
+const SSL_CIPHER *ssl3_get_cipher(unsigned int u)
 	{
 	if (u < SSL3_NUM_CIPHERS)
 		return(&(ssl3_ciphers[SSL3_NUM_CIPHERS-1-u]));
@@ -1421,7 +2109,7 @@ SSL_CIPHER *ssl3_get_cipher(unsigned int u)
 		return(NULL);
 	}
 
-int ssl3_pending(SSL *s)
+int ssl3_pending(const SSL *s)
 	{
 	if (s->rstate == SSL_ST_READ_BODY)
 		return 0;
@@ -1435,8 +2123,8 @@ int ssl3_new(SSL *s)
 
 	if ((s3=OPENSSL_malloc(sizeof *s3)) == NULL) goto err;
 	memset(s3,0,sizeof *s3);
-	EVP_MD_CTX_init(&s3->finish_dgst1);
-	EVP_MD_CTX_init(&s3->finish_dgst2);
+	memset(s3->rrec.seq_num,0,sizeof(s3->rrec.seq_num));
+	memset(s3->wrec.seq_num,0,sizeof(s3->wrec.seq_num));
 
 	s->s3=s3;
 
@@ -1451,11 +2139,18 @@ void ssl3_free(SSL *s)
 	if(s == NULL)
 	    return;
 
+#ifdef TLSEXT_TYPE_opaque_prf_input
+	if (s->s3->client_opaque_prf_input != NULL)
+		OPENSSL_free(s->s3->client_opaque_prf_input);
+	if (s->s3->server_opaque_prf_input != NULL)
+		OPENSSL_free(s->s3->server_opaque_prf_input);
+#endif
+
 	ssl3_cleanup_key_block(s);
 	if (s->s3->rbuf.buf != NULL)
-		OPENSSL_free(s->s3->rbuf.buf);
+		ssl3_release_read_buffer(s);
 	if (s->s3->wbuf.buf != NULL)
-		OPENSSL_free(s->s3->wbuf.buf);
+		ssl3_release_write_buffer(s);
 	if (s->s3->rrec.comp != NULL)
 		OPENSSL_free(s->s3->rrec.comp);
 #ifndef OPENSSL_NO_DH
@@ -1469,8 +2164,10 @@ void ssl3_free(SSL *s)
 
 	if (s->s3->tmp.ca_names != NULL)
 		sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free);
-	EVP_MD_CTX_cleanup(&s->s3->finish_dgst1);
-	EVP_MD_CTX_cleanup(&s->s3->finish_dgst2);
+	if (s->s3->handshake_buffer) {
+		BIO_free(s->s3->handshake_buffer);
+	}
+	if (s->s3->handshake_dgst) ssl3_free_digest_list(s);
 	OPENSSL_cleanse(s->s3,sizeof *s->s3);
 	OPENSSL_free(s->s3);
 	s->s3=NULL;
@@ -1481,6 +2178,15 @@ void ssl3_clear(SSL *s)
 	unsigned char *rp,*wp;
 	size_t rlen, wlen;
 
+#ifdef TLSEXT_TYPE_opaque_prf_input
+	if (s->s3->client_opaque_prf_input != NULL)
+		OPENSSL_free(s->s3->client_opaque_prf_input);
+	s->s3->client_opaque_prf_input = NULL;
+	if (s->s3->server_opaque_prf_input != NULL)
+		OPENSSL_free(s->s3->server_opaque_prf_input);
+	s->s3->server_opaque_prf_input = NULL;
+#endif
+
 	ssl3_cleanup_key_block(s);
 	if (s->s3->tmp.ca_names != NULL)
 		sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free);
@@ -1503,10 +2209,13 @@ void ssl3_clear(SSL *s)
 	wp = s->s3->wbuf.buf;
 	rlen = s->s3->rbuf.len;
  	wlen = s->s3->wbuf.len;
-
-	EVP_MD_CTX_cleanup(&s->s3->finish_dgst1);
-	EVP_MD_CTX_cleanup(&s->s3->finish_dgst2);
-
+	if (s->s3->handshake_buffer) {
+		BIO_free(s->s3->handshake_buffer);
+		s->s3->handshake_buffer = NULL;
+	}
+	if (s->s3->handshake_dgst) {
+		ssl3_free_digest_list(s);
+	}	
 	memset(s->s3,0,sizeof *s->s3);
 	s->s3->rbuf.buf = rp;
 	s->s3->wbuf.buf = wp;
@@ -1674,13 +2383,108 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
 		}
 		break;
 #endif /* !OPENSSL_NO_ECDH */
+#ifndef OPENSSL_NO_TLSEXT
+	case SSL_CTRL_SET_TLSEXT_HOSTNAME:
+ 		if (larg == TLSEXT_NAMETYPE_host_name)
+			{
+			if (s->tlsext_hostname != NULL) 
+				OPENSSL_free(s->tlsext_hostname);
+			s->tlsext_hostname = NULL;
+
+			ret = 1;
+			if (parg == NULL) 
+				break;
+			if (strlen((char *)parg) > TLSEXT_MAXLEN_host_name)
+				{
+				SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME);
+				return 0;
+				}
+			if ((s->tlsext_hostname = BUF_strdup((char *)parg)) == NULL)
+				{
+				SSLerr(SSL_F_SSL3_CTRL, ERR_R_INTERNAL_ERROR);
+				return 0;
+				}
+			}
+		else
+			{
+			SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE);
+			return 0;
+			}
+ 		break;
+	case SSL_CTRL_SET_TLSEXT_DEBUG_ARG:
+		s->tlsext_debug_arg=parg;
+		ret = 1;
+		break;
+
+#ifdef TLSEXT_TYPE_opaque_prf_input
+	case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT:
+		if (larg > 12288) /* actual internal limit is 2^16 for the complete hello message
+		                   * (including the cert chain and everything) */
+			{
+			SSLerr(SSL_F_SSL3_CTRL, SSL_R_OPAQUE_PRF_INPUT_TOO_LONG);
+			break;
+			}
+		if (s->tlsext_opaque_prf_input != NULL)
+			OPENSSL_free(s->tlsext_opaque_prf_input);
+		if ((size_t)larg == 0)
+			s->tlsext_opaque_prf_input = OPENSSL_malloc(1); /* dummy byte just to get non-NULL */
+		else
+			s->tlsext_opaque_prf_input = BUF_memdup(parg, (size_t)larg);
+		if (s->tlsext_opaque_prf_input != NULL)
+			{
+			s->tlsext_opaque_prf_input_len = (size_t)larg;
+			ret = 1;
+			}
+		else
+			s->tlsext_opaque_prf_input_len = 0;
+		break;
+#endif
+
+	case SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE:
+		s->tlsext_status_type=larg;
+		ret = 1;
+		break;
+
+	case SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS:
+		*(STACK_OF(X509_EXTENSION) **)parg = s->tlsext_ocsp_exts;
+		ret = 1;
+		break;
+
+	case SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS:
+		s->tlsext_ocsp_exts = parg;
+		ret = 1;
+		break;
+
+	case SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS:
+		*(STACK_OF(OCSP_RESPID) **)parg = s->tlsext_ocsp_ids;
+		ret = 1;
+		break;
+
+	case SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS:
+		s->tlsext_ocsp_ids = parg;
+		ret = 1;
+		break;
+
+	case SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP:
+		*(unsigned char **)parg = s->tlsext_ocsp_resp;
+		return s->tlsext_ocsp_resplen;
+		
+	case SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP:
+		if (s->tlsext_ocsp_resp)
+			OPENSSL_free(s->tlsext_ocsp_resp);
+		s->tlsext_ocsp_resp = parg;
+		s->tlsext_ocsp_resplen = larg;
+		ret = 1;
+		break;
+
+#endif /* !OPENSSL_NO_TLSEXT */
 	default:
 		break;
 		}
 	return(ret);
 	}
 
-long ssl3_callback_ctrl(SSL *s, int cmd, void (*fp)())
+long ssl3_callback_ctrl(SSL *s, int cmd, void (*fp)(void))
 	{
 	int ret=0;
 
@@ -1725,6 +2529,12 @@ long ssl3_callback_ctrl(SSL *s, int cmd, void (*fp)())
 		}
 		break;
 #endif
+#ifndef OPENSSL_NO_TLSEXT
+	case SSL_CTRL_SET_TLSEXT_DEBUG_CB:
+		s->tlsext_debug_cb=(void (*)(SSL *,int ,int,
+					unsigned char *, int, void *))fp;
+		break;
+#endif
 	default:
 		break;
 		}
@@ -1827,12 +2637,12 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
 			SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_ECDH_LIB);
 			return 0;
 			}
-		if (!EC_KEY_up_ref((EC_KEY *)parg))
+		ecdh = EC_KEY_dup((EC_KEY *)parg);
+		if (ecdh == NULL)
 			{
-			SSLerr(SSL_F_SSL3_CTRL,ERR_R_ECDH_LIB);
+			SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_EC_LIB);
 			return 0;
 			}
-		ecdh = (EC_KEY *)parg;
 		if (!(ctx->options & SSL_OP_SINGLE_ECDH_USE))
 			{
 			if (!EC_KEY_generate_key(ecdh))
@@ -1858,6 +2668,49 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
 		}
 		break;
 #endif /* !OPENSSL_NO_ECDH */
+#ifndef OPENSSL_NO_TLSEXT
+	case SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG:
+		ctx->tlsext_servername_arg=parg;
+		break;
+	case SSL_CTRL_SET_TLSEXT_TICKET_KEYS:
+	case SSL_CTRL_GET_TLSEXT_TICKET_KEYS:
+		{
+		unsigned char *keys = parg;
+		if (!keys)
+			return 48;
+		if (larg != 48)
+			{
+			SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_TICKET_KEYS_LENGTH);
+			return 0;
+			}
+		if (cmd == SSL_CTRL_SET_TLSEXT_TICKET_KEYS)
+			{
+			memcpy(ctx->tlsext_tick_key_name, keys, 16);
+			memcpy(ctx->tlsext_tick_hmac_key, keys + 16, 16);
+			memcpy(ctx->tlsext_tick_aes_key, keys + 32, 16);
+			}
+		else
+			{
+			memcpy(keys, ctx->tlsext_tick_key_name, 16);
+			memcpy(keys + 16, ctx->tlsext_tick_hmac_key, 16);
+			memcpy(keys + 32, ctx->tlsext_tick_aes_key, 16);
+			}
+		return 1;
+		}
+
+#ifdef TLSEXT_TYPE_opaque_prf_input
+	case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB_ARG:
+		ctx->tlsext_opaque_prf_input_callback_arg = parg;
+		return 1;
+#endif
+
+	case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG:
+		ctx->tlsext_status_arg=parg;
+		return 1;
+		break;
+
+#endif /* !OPENSSL_NO_TLSEXT */
+
 	/* A Thawte special :-) */
 	case SSL_CTRL_EXTRA_CHAIN_CERT:
 		if (ctx->extra_certs == NULL)
@@ -1874,7 +2727,7 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
 	return(1);
 	}
 
-long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)())
+long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void))
 	{
 	CERT *cert;
 
@@ -1903,6 +2756,29 @@ long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)())
 		}
 		break;
 #endif
+#ifndef OPENSSL_NO_TLSEXT
+	case SSL_CTRL_SET_TLSEXT_SERVERNAME_CB:
+		ctx->tlsext_servername_callback=(int (*)(SSL *,int *,void *))fp;
+		break;
+
+#ifdef TLSEXT_TYPE_opaque_prf_input
+	case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB:
+		ctx->tlsext_opaque_prf_input_callback = (int (*)(SSL *,void *, size_t, void *))fp;
+		break;
+#endif
+
+	case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB:
+		ctx->tlsext_status_cb=(int (*)(SSL *,void *))fp;
+		break;
+
+	case SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB:
+		ctx->tlsext_ticket_key_cb=(int (*)(SSL *,unsigned char  *,
+						unsigned char *,
+						EVP_CIPHER_CTX *,
+						HMAC_CTX *, int))fp;
+		break;
+
+#endif
 	default:
 		return(0);
 		}
@@ -1911,43 +2787,19 @@ long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)())
 
 /* This function needs to check if the ciphers required are actually
  * available */
-SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p)
+const SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p)
 	{
-	static int init=1;
-	static SSL_CIPHER *sorted[SSL3_NUM_CIPHERS];
-	SSL_CIPHER c,*cp= &c,**cpp;
+	SSL_CIPHER c;
+	const SSL_CIPHER *cp;
 	unsigned long id;
-	unsigned int i;
-
-	if (init)
-		{
-		CRYPTO_w_lock(CRYPTO_LOCK_SSL);
-
-		if (init)
-			{
-			for (i=0; i<SSL3_NUM_CIPHERS; i++)
-				sorted[i]= &(ssl3_ciphers[i]);
-
-			qsort(sorted,
-				SSL3_NUM_CIPHERS,sizeof(SSL_CIPHER *),
-				FP_ICC ssl_cipher_ptr_id_cmp);
-
-			init=0;
-			}
-		
-		CRYPTO_w_unlock(CRYPTO_LOCK_SSL);
-		}
 
 	id=0x03000000L|((unsigned long)p[0]<<8L)|(unsigned long)p[1];
 	c.id=id;
-	cpp=(SSL_CIPHER **)OBJ_bsearch((char *)&cp,
-		(char *)sorted,
-		SSL3_NUM_CIPHERS,sizeof(SSL_CIPHER *),
-		FP_ICC ssl_cipher_ptr_id_cmp);
-	if ((cpp == NULL) || !(*cpp)->valid)
-		return(NULL);
+	cp = OBJ_bsearch_ssl_cipher_id(&c, ssl3_ciphers, SSL3_NUM_CIPHERS);
+	if (cp == NULL || cp->valid == 0)
+		return NULL;
 	else
-		return(*cpp);
+		return cp;
 	}
 
 int ssl3_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
@@ -1969,9 +2821,14 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
 	{
 	SSL_CIPHER *c,*ret=NULL;
 	STACK_OF(SSL_CIPHER) *prio, *allow;
-	int i,j,ok;
+	int i,ii,ok;
+#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_EC)
+	unsigned int j;
+	int ec_ok, ec_nid;
+	unsigned char ec_search1 = 0, ec_search2 = 0;
+#endif
 	CERT *cert;
-	unsigned long alg,mask,emask;
+	unsigned long alg_k,alg_a,mask_k,mask_a,emask_k,emask_a;
 
 	/* Let's see which ciphers we can support */
 	cert=s->cert;
@@ -1987,73 +2844,237 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
 #endif
 
 #ifdef CIPHER_DEBUG
-        printf("Server has %d from %p:\n", sk_SSL_CIPHER_num(srvr), srvr);
-        for(i=0 ; i < sk_SSL_CIPHER_num(srvr) ; ++i)
-	    {
-	    c=sk_SSL_CIPHER_value(srvr,i);
-	    printf("%p:%s\n",c,c->name);
-	    }
-        printf("Client sent %d from %p:\n", sk_SSL_CIPHER_num(clnt), clnt);
-        for(i=0 ; i < sk_SSL_CIPHER_num(clnt) ; ++i)
+	printf("Server has %d from %p:\n", sk_SSL_CIPHER_num(srvr), (void *)srvr);
+	for(i=0 ; i < sk_SSL_CIPHER_num(srvr) ; ++i)
+		{
+		c=sk_SSL_CIPHER_value(srvr,i);
+		printf("%p:%s\n",(void *)c,c->name);
+		}
+	printf("Client sent %d from %p:\n", sk_SSL_CIPHER_num(clnt), (void *)clnt);
+	for(i=0 ; i < sk_SSL_CIPHER_num(clnt) ; ++i)
 	    {
 	    c=sk_SSL_CIPHER_value(clnt,i);
-	    printf("%p:%s\n",c,c->name);
+	    printf("%p:%s\n",(void *)c,c->name);
 	    }
 #endif
 
 	if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE)
-	    {
-	    prio = srvr;
-	    allow = clnt;
-	    }
+		{
+		prio = srvr;
+		allow = clnt;
+		}
 	else
-	    {
-	    prio = clnt;
-	    allow = srvr;
-	    }
+		{
+		prio = clnt;
+		allow = srvr;
+		}
 
 	for (i=0; i<sk_SSL_CIPHER_num(prio); i++)
 		{
 		c=sk_SSL_CIPHER_value(prio,i);
 
 		ssl_set_cert_masks(cert,c);
-		mask=cert->mask;
-		emask=cert->export_mask;
+		mask_k = cert->mask_k;
+		mask_a = cert->mask_a;
+		emask_k = cert->export_mask_k;
+		emask_a = cert->export_mask_a;
 			
 #ifdef KSSL_DEBUG
-		printf("ssl3_choose_cipher %d alg= %lx\n", i,c->algorithms);
+/*		printf("ssl3_choose_cipher %d alg= %lx\n", i,c->algorithms);*/
 #endif    /* KSSL_DEBUG */
 
-		alg=c->algorithms&(SSL_MKEY_MASK|SSL_AUTH_MASK);
+		alg_k=c->algorithm_mkey;
+		alg_a=c->algorithm_auth;
+
 #ifndef OPENSSL_NO_KRB5
-                if (alg & SSL_KRB5) 
-                        {
-                        if ( !kssl_keytab_is_available(s->kssl_ctx) )
-                            continue;
-                        }
+		if (alg_k & SSL_kKRB5)
+			{
+			if ( !kssl_keytab_is_available(s->kssl_ctx) )
+			    continue;
+			}
 #endif /* OPENSSL_NO_KRB5 */
+#ifndef OPENSSL_NO_PSK
+		/* with PSK there must be server callback set */
+		if ((alg_k & SSL_kPSK) && s->psk_server_callback == NULL)
+			continue;
+#endif /* OPENSSL_NO_PSK */
+
 		if (SSL_C_IS_EXPORT(c))
 			{
-			ok=((alg & emask) == alg)?1:0;
+			ok = (alg_k & emask_k) && (alg_a & emask_a);
 #ifdef CIPHER_DEBUG
-			printf("%d:[%08lX:%08lX]%p:%s (export)\n",ok,alg,emask,
-			       c,c->name);
+			printf("%d:[%08lX:%08lX:%08lX:%08lX]%p:%s (export)\n",ok,alg_k,alg_a,emask_k,emask_a,
+			       (void *)c,c->name);
 #endif
 			}
 		else
 			{
-			ok=((alg & mask) == alg)?1:0;
+			ok = (alg_k & mask_k) && (alg_a & mask_a);
 #ifdef CIPHER_DEBUG
-			printf("%d:[%08lX:%08lX]%p:%s\n",ok,alg,mask,c,
+			printf("%d:[%08lX:%08lX:%08lX:%08lX]%p:%s\n",ok,alg_k,alg_a,mask_k,mask_a,(void *)c,
 			       c->name);
 #endif
 			}
 
+#ifndef OPENSSL_NO_TLSEXT
+#ifndef OPENSSL_NO_EC
+		if (
+			/* if we are considering an ECC cipher suite that uses our certificate */
+			(alg_a & SSL_aECDSA || alg_a & SSL_aECDH)
+			/* and we have an ECC certificate */
+			&& (s->cert->pkeys[SSL_PKEY_ECC].x509 != NULL)
+			/* and the client specified a Supported Point Formats extension */
+			&& ((s->session->tlsext_ecpointformatlist_length > 0) && (s->session->tlsext_ecpointformatlist != NULL))
+			/* and our certificate's point is compressed */
+			&& (
+				(s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info != NULL)
+				&& (s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key != NULL)
+				&& (s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key->public_key != NULL)
+				&& (s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key->public_key->data != NULL)
+				&& (
+					(*(s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key->public_key->data) == POINT_CONVERSION_COMPRESSED)
+					|| (*(s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key->public_key->data) == POINT_CONVERSION_COMPRESSED + 1)
+					)
+				)
+		)
+			{
+			ec_ok = 0;
+			/* if our certificate's curve is over a field type that the client does not support
+			 * then do not allow this cipher suite to be negotiated */
+			if (
+				(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec != NULL)
+				&& (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group != NULL)
+				&& (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth != NULL)
+				&& (EC_METHOD_get_field_type(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth) == NID_X9_62_prime_field)
+			)
+				{
+				for (j = 0; j < s->session->tlsext_ecpointformatlist_length; j++)
+					{
+					if (s->session->tlsext_ecpointformatlist[j] == TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime)
+						{
+						ec_ok = 1;
+						break;
+						}
+					}
+				}
+			else if (EC_METHOD_get_field_type(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth) == NID_X9_62_characteristic_two_field)
+				{
+				for (j = 0; j < s->session->tlsext_ecpointformatlist_length; j++)
+					{
+					if (s->session->tlsext_ecpointformatlist[j] == TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2)
+						{
+						ec_ok = 1;
+						break;
+						}
+					}
+				}
+			ok = ok && ec_ok;
+			}
+		if (
+			/* if we are considering an ECC cipher suite that uses our certificate */
+			(alg_a & SSL_aECDSA || alg_a & SSL_aECDH)
+			/* and we have an ECC certificate */
+			&& (s->cert->pkeys[SSL_PKEY_ECC].x509 != NULL)
+			/* and the client specified an EllipticCurves extension */
+			&& ((s->session->tlsext_ellipticcurvelist_length > 0) && (s->session->tlsext_ellipticcurvelist != NULL))
+		)
+			{
+			ec_ok = 0;
+			if (
+				(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec != NULL)
+				&& (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group != NULL)
+			)
+				{
+				ec_nid = EC_GROUP_get_curve_name(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group);
+				if ((ec_nid == 0)
+					&& (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth != NULL)
+				)
+					{
+					if (EC_METHOD_get_field_type(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth) == NID_X9_62_prime_field)
+						{
+						ec_search1 = 0xFF;
+						ec_search2 = 0x01;
+						}
+					else if (EC_METHOD_get_field_type(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth) == NID_X9_62_characteristic_two_field)
+						{
+						ec_search1 = 0xFF;
+						ec_search2 = 0x02;
+						}
+					}
+				else
+					{
+					ec_search1 = 0x00;
+					ec_search2 = tls1_ec_nid2curve_id(ec_nid);
+					}
+				if ((ec_search1 != 0) || (ec_search2 != 0))
+					{
+					for (j = 0; j < s->session->tlsext_ellipticcurvelist_length / 2; j++)
+						{
+						if ((s->session->tlsext_ellipticcurvelist[2*j] == ec_search1) && (s->session->tlsext_ellipticcurvelist[2*j+1] == ec_search2))
+							{
+							ec_ok = 1;
+							break;
+							}
+						}
+					}
+				}
+			ok = ok && ec_ok;
+			}
+		if (
+			/* if we are considering an ECC cipher suite that uses an ephemeral EC key */
+			(alg_k & SSL_kEECDH)
+			/* and we have an ephemeral EC key */
+			&& (s->cert->ecdh_tmp != NULL)
+			/* and the client specified an EllipticCurves extension */
+			&& ((s->session->tlsext_ellipticcurvelist_length > 0) && (s->session->tlsext_ellipticcurvelist != NULL))
+		)
+			{
+			ec_ok = 0;
+			if (s->cert->ecdh_tmp->group != NULL)
+				{
+				ec_nid = EC_GROUP_get_curve_name(s->cert->ecdh_tmp->group);
+				if ((ec_nid == 0)
+					&& (s->cert->ecdh_tmp->group->meth != NULL)
+				)
+					{
+					if (EC_METHOD_get_field_type(s->cert->ecdh_tmp->group->meth) == NID_X9_62_prime_field)
+						{
+						ec_search1 = 0xFF;
+						ec_search2 = 0x01;
+						}
+					else if (EC_METHOD_get_field_type(s->cert->ecdh_tmp->group->meth) == NID_X9_62_characteristic_two_field)
+						{
+						ec_search1 = 0xFF;
+						ec_search2 = 0x02;
+						}
+					}
+				else
+					{
+					ec_search1 = 0x00;
+					ec_search2 = tls1_ec_nid2curve_id(ec_nid);
+					}
+				if ((ec_search1 != 0) || (ec_search2 != 0))
+					{
+					for (j = 0; j < s->session->tlsext_ellipticcurvelist_length / 2; j++)
+						{
+						if ((s->session->tlsext_ellipticcurvelist[2*j] == ec_search1) && (s->session->tlsext_ellipticcurvelist[2*j+1] == ec_search2))
+							{
+							ec_ok = 1;
+							break;
+							}
+						}
+					}
+				}
+			ok = ok && ec_ok;
+			}
+#endif /* OPENSSL_NO_EC */
+#endif /* OPENSSL_NO_TLSEXT */
+
 		if (!ok) continue;
-		j=sk_SSL_CIPHER_find(allow,c);
-		if (j >= 0)
+		ii=sk_SSL_CIPHER_find(allow,c);
+		if (ii >= 0)
 			{
-			ret=sk_SSL_CIPHER_value(allow,j);
+			ret=sk_SSL_CIPHER_value(allow,ii);
 			break;
 			}
 		}
@@ -2063,12 +3084,24 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
 int ssl3_get_req_cert_type(SSL *s, unsigned char *p)
 	{
 	int ret=0;
-	unsigned long alg;
+	unsigned long alg_k;
+
+	alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
 
-	alg=s->s3->tmp.new_cipher->algorithms;
+#ifndef OPENSSL_NO_GOST
+	if (s->version >= TLS1_VERSION)
+		{
+		if (alg_k & SSL_kGOST)
+			{
+			p[ret++]=TLS_CT_GOST94_SIGN;
+			p[ret++]=TLS_CT_GOST01_SIGN;
+			return(ret);
+			}
+		}
+#endif
 
 #ifndef OPENSSL_NO_DH
-	if (alg & (SSL_kDHr|SSL_kEDH))
+	if (alg_k & (SSL_kDHr|SSL_kEDH))
 		{
 #  ifndef OPENSSL_NO_RSA
 		p[ret++]=SSL3_CT_RSA_FIXED_DH;
@@ -2078,7 +3111,7 @@ int ssl3_get_req_cert_type(SSL *s, unsigned char *p)
 #  endif
 		}
 	if ((s->version == SSL3_VERSION) &&
-		(alg & (SSL_kEDH|SSL_kDHd|SSL_kDHr)))
+		(alg_k & (SSL_kEDH|SSL_kDHd|SSL_kDHr)))
 		{
 #  ifndef OPENSSL_NO_RSA
 		p[ret++]=SSL3_CT_RSA_EPHEMERAL_DH;
@@ -2095,10 +3128,7 @@ int ssl3_get_req_cert_type(SSL *s, unsigned char *p)
 	p[ret++]=SSL3_CT_DSS_SIGN;
 #endif
 #ifndef OPENSSL_NO_ECDH
-	/* We should ask for fixed ECDH certificates only
-	 * for SSL_kECDH (and not SSL_kECDHE)
-	 */
-	if ((alg & SSL_kECDH) && (s->version >= TLS1_VERSION))
+	if ((alg_k & (SSL_kECDHr|SSL_kECDHe)) && (s->version >= TLS1_VERSION))
 		{
 		p[ret++]=TLS_CT_RSA_FIXED_ECDH;
 		p[ret++]=TLS_CT_ECDSA_FIXED_ECDH;
@@ -2107,7 +3137,7 @@ int ssl3_get_req_cert_type(SSL *s, unsigned char *p)
 
 #ifndef OPENSSL_NO_ECDSA
 	/* ECDSA certs can be used with RSA cipher suites as well 
-	 * so we don't need to check for SSL_kECDH or SSL_kECDHE
+	 * so we don't need to check for SSL_kECDH or SSL_kEECDH
 	 */
 	if (s->version >= TLS1_VERSION)
 		{
@@ -2119,6 +3149,7 @@ int ssl3_get_req_cert_type(SSL *s, unsigned char *p)
 
 int ssl3_shutdown(SSL *s)
 	{
+	int ret;
 
 	/* Don't do anything much if we have not done the handshake or
 	 * we don't want to send messages :-) */
@@ -2136,18 +3167,32 @@ int ssl3_shutdown(SSL *s)
 #endif
 		/* our shutdown alert has been sent now, and if it still needs
 	 	 * to be written, s->s3->alert_dispatch will be true */
+	 	if (s->s3->alert_dispatch)
+	 		return(-1);	/* return WANT_WRITE */
 		}
 	else if (s->s3->alert_dispatch)
 		{
 		/* resend it if not sent */
 #if 1
-		ssl3_dispatch_alert(s);
+		ret=s->method->ssl_dispatch_alert(s);
+		if(ret == -1)
+			{
+			/* we only get to return -1 here the 2nd/Nth
+			 * invocation, we must  have already signalled
+			 * return 0 upon a previous invoation,
+			 * return WANT_WRITE */
+			return(ret);
+			}
 #endif
 		}
 	else if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN))
 		{
 		/* If we are waiting for a close from our peer, we are closed */
-		ssl3_read_bytes(s,0,NULL,0,0);
+		s->method->ssl_read_bytes(s,0,NULL,0,0);
+		if(!(s->shutdown & SSL_RECEIVED_SHUTDOWN))
+			{
+			return(-1);	/* return WANT_READ */
+			}
 		}
 
 	if ((s->shutdown == (SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN)) &&
@@ -2202,8 +3247,8 @@ int ssl3_write(SSL *s, const void *buf, int len)
 		}
 	else
 		{
-		ret=ssl3_write_bytes(s,SSL3_RT_APPLICATION_DATA,
-				     buf,len);
+		ret=s->method->ssl_write_bytes(s,SSL3_RT_APPLICATION_DATA,
+			buf,len);
 		if (ret <= 0) return(ret);
 		}
 
@@ -2217,7 +3262,7 @@ static int ssl3_read_internal(SSL *s, void *buf, int len, int peek)
 	clear_sys_error();
 	if (s->s3->renegotiate) ssl3_renegotiate_check(s);
 	s->s3->in_read_app_data=1;
-	ret=ssl3_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len,peek);
+	ret=s->method->ssl_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len,peek);
 	if ((ret == -1) && (s->s3->in_read_app_data == 2))
 		{
 		/* ssl3_read_bytes decided to call s->handshake_func, which
@@ -2226,7 +3271,7 @@ static int ssl3_read_internal(SSL *s, void *buf, int len, int peek)
 		 * and thinks that application data makes sense here; so disable
 		 * handshake processing and try to read application data again. */
 		s->in_handshake++;
-		ret=ssl3_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len,peek);
+		ret=s->method->ssl_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len,peek);
 		s->in_handshake--;
 		}
 	else
diff --git a/ssl/s3_meth.c b/ssl/s3_meth.c
index 1fd7a96f87..cdddb17b62 100644
--- a/ssl/s3_meth.c
+++ b/ssl/s3_meth.c
@@ -60,8 +60,8 @@
 #include <openssl/objects.h>
 #include "ssl_locl.h"
 
-static SSL_METHOD *ssl3_get_method(int ver);
-static SSL_METHOD *ssl3_get_method(int ver)
+static const SSL_METHOD *ssl3_get_method(int ver);
+static const SSL_METHOD *ssl3_get_method(int ver)
 	{
 	if (ver == SSL3_VERSION)
 		return(SSLv3_method());
@@ -69,27 +69,9 @@ static SSL_METHOD *ssl3_get_method(int ver)
 		return(NULL);
 	}
 
-SSL_METHOD *SSLv3_method(void)
-	{
-	static int init=1;
-	static SSL_METHOD SSLv3_data;
-
-	if (init)
-		{
-		CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
-		
-		if (init)
-			{
-			memcpy((char *)&SSLv3_data,(char *)sslv3_base_method(),
-				sizeof(SSL_METHOD));
-			SSLv3_data.ssl_connect=ssl3_connect;
-			SSLv3_data.ssl_accept=ssl3_accept;
-			SSLv3_data.get_ssl_method=ssl3_get_method;
-			init=0;
-			}
+IMPLEMENT_ssl3_meth_func(SSLv3_method,
+			 ssl3_accept,
+			 ssl3_connect,
+			 ssl3_get_method)
 
-		CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
-		}
-	return(&SSLv3_data);
-	}
 
diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c
index 1f89e8ccef..da63e50aed 100644
--- a/ssl/s3_pkt.c
+++ b/ssl/s3_pkt.c
@@ -115,18 +115,13 @@
 #include "ssl_locl.h"
 #include <openssl/evp.h>
 #include <openssl/buffer.h>
+#include <openssl/rand.h>
 
 static int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
 			 unsigned int len, int create_empty_fragment);
-static int ssl3_write_pending(SSL *s, int type, const unsigned char *buf,
-			      unsigned int len);
 static int ssl3_get_record(SSL *s);
-static int do_compress(SSL *ssl);
-static int do_uncompress(SSL *ssl);
-static int do_change_cipher_spec(SSL *ssl);
 
-/* used only by ssl3_get_record */
-static int ssl3_read_n(SSL *s, int n, int max, int extend)
+int ssl3_read_n(SSL *s, int n, int max, int extend)
 	{
 	/* If extend == 0, obtain new n-byte packet; if extend == 1, increase
 	 * packet by another n bytes.
@@ -135,65 +130,113 @@ static int ssl3_read_n(SSL *s, int n, int max, int extend)
 	 * (If s->read_ahead is set, 'max' bytes may be stored in rbuf
 	 * [plus s->packet_length bytes if extend == 1].)
 	 */
-	int i,off,newb;
+	int i,len,left;
+	long align=0;
+	unsigned char *pkt;
+	SSL3_BUFFER *rb;
+
+	if (n <= 0) return n;
+
+	rb    = &(s->s3->rbuf);
+	if (rb->buf == NULL)
+		if (!ssl3_setup_read_buffer(s))
+			return -1;
+
+	left  = rb->left;
+#if defined(SSL3_ALIGN_PAYLOAD) && SSL3_ALIGN_PAYLOAD!=0
+	align = (long)rb->buf + SSL3_RT_HEADER_LENGTH;
+	align = (-align)&(SSL3_ALIGN_PAYLOAD-1);
+#endif
 
 	if (!extend)
 		{
 		/* start with empty packet ... */
-		if (s->s3->rbuf.left == 0)
-			s->s3->rbuf.offset = 0;
-		s->packet = s->s3->rbuf.buf + s->s3->rbuf.offset;
+		if (left == 0)
+			rb->offset = align;
+		else if (align != 0 && left >= SSL3_RT_HEADER_LENGTH)
+			{
+			/* check if next packet length is large
+			 * enough to justify payload alignment... */
+			pkt = rb->buf + rb->offset;
+			if (pkt[0] == SSL3_RT_APPLICATION_DATA
+			    && (pkt[3]<<8|pkt[4]) >= 128)
+				{
+				/* Note that even if packet is corrupted
+				 * and its length field is insane, we can
+				 * only be led to wrong decision about
+				 * whether memmove will occur or not.
+				 * Header values has no effect on memmove
+				 * arguments and therefore no buffer
+				 * overrun can be triggered. */
+				memmove (rb->buf+align,pkt,left);
+				rb->offset = align;
+				}
+			}
+		s->packet = rb->buf + rb->offset;
 		s->packet_length = 0;
 		/* ... now we can act as if 'extend' was set */
 		}
 
+	/* For DTLS/UDP reads should not span multiple packets
+	 * because the read operation returns the whole packet
+	 * at once (as long as it fits into the buffer). */
+	if (SSL_version(s) == DTLS1_VERSION || SSL_version(s) == DTLS1_BAD_VER)
+		{
+		if (left > 0 && n > left)
+			n = left;
+		}
+
 	/* if there is enough in the buffer from a previous read, take some */
-	if (s->s3->rbuf.left >= (int)n)
+	if (left >= n)
 		{
 		s->packet_length+=n;
-		s->s3->rbuf.left-=n;
-		s->s3->rbuf.offset+=n;
+		rb->left=left-n;
+		rb->offset+=n;
 		return(n);
 		}
 
 	/* else we need to read more data */
-	if (!s->read_ahead)
-		max=n;
 
-	{
-		/* avoid buffer overflow */
-		int max_max = s->s3->rbuf.len - s->packet_length;
-		if (max > max_max)
-			max = max_max;
-	}
-	if (n > max) /* does not happen */
+	len = s->packet_length;
+	pkt = rb->buf+align;
+	/* Move any available bytes to front of buffer:
+	 * 'len' bytes already pointed to by 'packet',
+	 * 'left' extra ones at the end */
+	if (s->packet != pkt) /* len > 0 */
+		{
+		memmove(pkt, s->packet, len+left);
+		s->packet = pkt;
+		rb->offset = len + align;
+		}
+
+	if (n > (int)(rb->len - rb->offset)) /* does not happen */
 		{
 		SSLerr(SSL_F_SSL3_READ_N,ERR_R_INTERNAL_ERROR);
 		return -1;
 		}
 
-	off = s->packet_length;
-	newb = s->s3->rbuf.left;
-	/* Move any available bytes to front of buffer:
-	 * 'off' bytes already pointed to by 'packet',
-	 * 'newb' extra ones at the end */
-	if (s->packet != s->s3->rbuf.buf)
+	if (!s->read_ahead)
+		/* ignore max parameter */
+		max = n;
+	else
 		{
-		/*  off > 0 */
-		memmove(s->s3->rbuf.buf, s->packet, off+newb);
-		s->packet = s->s3->rbuf.buf;
+		if (max < n)
+			max = n;
+		if (max > (int)(rb->len - rb->offset))
+			max = rb->len - rb->offset;
 		}
 
-	while (newb < n)
+	while (left < n)
 		{
-		/* Now we have off+newb bytes at the front of s->s3->rbuf.buf and need
-		 * to read in more until we have off+n (up to off+max if possible) */
+		/* Now we have len+left bytes at the front of s->s3->rbuf.buf
+		 * and need to read in more until we have len+n (up to
+		 * len+max if possible) */
 
 		clear_sys_error();
 		if (s->rbio != NULL)
 			{
 			s->rwstate=SSL_READING;
-			i=BIO_read(s->rbio,	&(s->s3->rbuf.buf[off+newb]), max-newb);
+			i=BIO_read(s->rbio,pkt+len+left, max-left);
 			}
 		else
 			{
@@ -203,15 +246,26 @@ static int ssl3_read_n(SSL *s, int n, int max, int extend)
 
 		if (i <= 0)
 			{
-			s->s3->rbuf.left = newb;
+			rb->left = left;
+			if (s->mode & SSL_MODE_RELEASE_BUFFERS)
+				if (len+left == 0)
+					ssl3_release_read_buffer(s);
 			return(i);
 			}
-		newb+=i;
+		left+=i;
+		/* reads should *never* span multiple packets for DTLS because
+		 * the underlying transport protocol is message oriented as opposed
+		 * to byte oriented as in the TLS case. */
+		if (SSL_version(s) == DTLS1_VERSION || SSL_version(s) == DTLS1_BAD_VER)
+			{
+			if (n > left)
+				n = left; /* makes the while condition false */
+			}
 		}
 
 	/* done reading, now the book-keeping */
-	s->s3->rbuf.offset = off + n;
-	s->s3->rbuf.left = newb - n;
+	rb->offset += n;
+	rb->left = left - n;
 	s->packet_length += n;
 	s->rwstate=SSL_NOTHING;
 	return(n);
@@ -235,7 +289,7 @@ static int ssl3_get_record(SSL *s)
 	unsigned char *p;
 	unsigned char md[EVP_MAX_MD_SIZE];
 	short version;
-	unsigned int mac_size;
+	int mac_size;
 	int clear=0;
 	size_t extra;
 	int decryption_failed_or_bad_record_mac = 0;
@@ -248,9 +302,9 @@ static int ssl3_get_record(SSL *s)
 		extra=SSL3_RT_MAX_EXTRA;
 	else
 		extra=0;
-	if (extra != s->s3->rbuf.len - SSL3_RT_MAX_PACKET_SIZE)
+	if (extra && !s->s3->init_extra)
 		{
-		/* actually likely an application error: SLS_OP_MICROSOFT_BIG_SSLV3_BUFFER
+		/* An application error: SLS_OP_MICROSOFT_BIG_SSLV3_BUFFER
 		 * set after ssl3_setup_buffers() was done */
 		SSLerr(SSL_F_SSL3_GET_RECORD, ERR_R_INTERNAL_ERROR);
 		return -1;
@@ -273,13 +327,12 @@ again:
 		ssl_minor= *(p++);
 		version=(ssl_major<<8)|ssl_minor;
 		n2s(p,rr->length);
-
+#if 0
+fprintf(stderr, "Record type=%d, Length=%d\n", rr->type, rr->length);
+#endif
+fprintf(stderr, "RX version %x, Expecting %x\n", version, s->version);
 		/* Lets check version */
-		if (s->first_packet)
-			{
-			s->first_packet=0;
-			}
-		else
+		if (!s->first_packet)
 			{
 			if (version != s->version)
 				{
@@ -298,7 +351,7 @@ again:
 			goto err;
 			}
 
-		if (rr->length > SSL3_RT_MAX_ENCRYPTED_LENGTH+extra)
+		if (rr->length > s->s3->rbuf.len - SSL3_RT_HEADER_LENGTH)
 			{
 			al=SSL_AD_RECORD_OVERFLOW;
 			SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_PACKET_LENGTH_TOO_LONG);
@@ -371,12 +424,14 @@ printf("\n");
 	/* r->length is now the compressed data plus mac */
 	if (	(sess == NULL) ||
 		(s->enc_read_ctx == NULL) ||
-		(s->read_hash == NULL))
+		(EVP_MD_CTX_md(s->read_hash) == NULL))
 		clear=1;
 
 	if (!clear)
 		{
-		mac_size=EVP_MD_size(s->read_hash);
+		/* !clear => s->read_hash != NULL => mac_size != -1 */
+		mac_size=EVP_MD_CTX_size(s->read_hash);
+		OPENSSL_assert(mac_size >= 0);
 
 		if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH+extra+mac_size)
 			{
@@ -389,7 +444,7 @@ printf("\n");
 #endif			
 			}
 		/* check the MAC for rr->input (it's in mac_size bytes at the tail) */
-		if (rr->length >= mac_size)
+		if (rr->length >= (unsigned int)mac_size)
 			{
 			rr->length -= mac_size;
 			mac = &rr->data[rr->length];
@@ -407,7 +462,7 @@ printf("\n");
 #endif
 			}
 		i=s->method->ssl3_enc->mac(s,md,0);
-		if (mac == NULL || memcmp(md, mac, mac_size) != 0)
+		if (i < 0 || mac == NULL || memcmp(md, mac, (size_t)mac_size) != 0)
 			{
 			decryption_failed_or_bad_record_mac = 1;
 			}
@@ -434,7 +489,7 @@ printf("\n");
 			SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_COMPRESSED_LENGTH_TOO_LONG);
 			goto f_err;
 			}
-		if (!do_uncompress(s))
+		if (!ssl3_do_uncompress(s))
 			{
 			al=SSL_AD_DECOMPRESSION_FAILURE;
 			SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_BAD_DECOMPRESSION);
@@ -464,6 +519,10 @@ printf("\n");
 	/* just read a 0 length packet */
 	if (rr->length == 0) goto again;
 
+#if 0
+fprintf(stderr, "Ultimate Record type=%d, Length=%d\n", rr->type, rr->length);
+#endif
+
 	return(1);
 
 f_err:
@@ -472,8 +531,9 @@ err:
 	return(ret);
 	}
 
-static int do_uncompress(SSL *ssl)
+int ssl3_do_uncompress(SSL *ssl)
 	{
+#ifndef OPENSSL_NO_COMP
 	int i;
 	SSL3_RECORD *rr;
 
@@ -485,12 +545,13 @@ static int do_uncompress(SSL *ssl)
 	else
 		rr->length=i;
 	rr->data=rr->comp;
-
+#endif
 	return(1);
 	}
 
-static int do_compress(SSL *ssl)
+int ssl3_do_compress(SSL *ssl)
 	{
+#ifndef OPENSSL_NO_COMP
 	int i;
 	SSL3_RECORD *wr;
 
@@ -504,6 +565,7 @@ static int do_compress(SSL *ssl)
 		wr->length=i;
 
 	wr->input=wr->data;
+#endif
 	return(1);
 	}
 
@@ -534,8 +596,8 @@ int ssl3_write_bytes(SSL *s, int type, const void *buf_, int len)
 	n=(len-tot);
 	for (;;)
 		{
-		if (n > SSL3_RT_MAX_PLAIN_LENGTH)
-			nw=SSL3_RT_MAX_PLAIN_LENGTH;
+		if (n > s->max_send_fragment)
+			nw=s->max_send_fragment;
 		else
 			nw=n;
 
@@ -567,20 +629,26 @@ static int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
 	{
 	unsigned char *p,*plen;
 	int i,mac_size,clear=0;
-	int prefix_len = 0;
+	int prefix_len=0;
+	int eivlen;
+	long align=0;
 	SSL3_RECORD *wr;
-	SSL3_BUFFER *wb;
+	SSL3_BUFFER *wb=&(s->s3->wbuf);
 	SSL_SESSION *sess;
 
+ 	if (wb->buf == NULL)
+		if (!ssl3_setup_write_buffer(s))
+			return -1;
+
 	/* first check if there is a SSL3_BUFFER still being written
 	 * out.  This will happen with non blocking IO */
-	if (s->s3->wbuf.left != 0)
+	if (wb->left != 0)
 		return(ssl3_write_pending(s,type,buf,len));
 
 	/* If we have an alert to send, lets send it */
 	if (s->s3->alert_dispatch)
 		{
-		i=ssl3_dispatch_alert(s);
+		i=s->method->ssl_dispatch_alert(s);
 		if (i <= 0)
 			return(i);
 		/* if it went, fall through and send more stuff */
@@ -590,18 +658,21 @@ static int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
 		return 0;
 
 	wr= &(s->s3->wrec);
-	wb= &(s->s3->wbuf);
 	sess=s->session;
 
 	if (	(sess == NULL) ||
 		(s->enc_write_ctx == NULL) ||
-		(s->write_hash == NULL))
+		(EVP_MD_CTX_md(s->write_hash) == NULL))
 		clear=1;
 
 	if (clear)
 		mac_size=0;
 	else
-		mac_size=EVP_MD_size(s->write_hash);
+		{
+		mac_size=EVP_MD_CTX_size(s->write_hash);
+		if (mac_size < 0)
+			goto err;
+		}
 
 	/* 'create_empty_fragment' is true only when this function calls itself */
 	if (!clear && !create_empty_fragment && !s->s3->empty_fragment_done)
@@ -619,7 +690,8 @@ static int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
 			if (prefix_len <= 0)
 				goto err;
 
-			if (s->s3->wbuf.len < (size_t)prefix_len + SSL3_RT_MAX_PACKET_SIZE)
+			if (prefix_len >
+		(SSL3_RT_HEADER_LENGTH + SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD))
 				{
 				/* insufficient space */
 				SSLerr(SSL_F_DO_SSL3_WRITE, ERR_R_INTERNAL_ERROR);
@@ -630,7 +702,32 @@ static int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
 		s->s3->empty_fragment_done = 1;
 		}
 
-	p = wb->buf + prefix_len;
+	if (create_empty_fragment)
+		{
+#if defined(SSL3_ALIGN_PAYLOAD) && SSL3_ALIGN_PAYLOAD!=0
+		/* extra fragment would be couple of cipher blocks,
+		 * which would be multiple of SSL3_ALIGN_PAYLOAD, so
+		 * if we want to align the real payload, then we can
+		 * just pretent we simply have two headers. */
+		align = (long)wb->buf + 2*SSL3_RT_HEADER_LENGTH;
+		align = (-align)&(SSL3_ALIGN_PAYLOAD-1);
+#endif
+		p = wb->buf + align;
+		wb->offset  = align;
+		}
+	else if (prefix_len)
+		{
+		p = wb->buf + wb->offset + prefix_len;
+		}
+	else
+		{
+#if defined(SSL3_ALIGN_PAYLOAD) && SSL3_ALIGN_PAYLOAD!=0
+		align = (long)wb->buf + SSL3_RT_HEADER_LENGTH;
+		align = (-align)&(SSL3_ALIGN_PAYLOAD-1);
+#endif
+		p = wb->buf + align;
+		wb->offset  = align;
+		}
 
 	/* write the header */
 
@@ -639,13 +736,22 @@ static int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
 
 	*(p++)=(s->version>>8);
 	*(p++)=s->version&0xff;
-
+fprintf(stderr, "Wrote version %x\n", s->version);
 	/* field where we are to write out packet length */
 	plen=p; 
 	p+=2;
+	/* Explicit IV length, block ciphers and TLS version 1.1 or later */
+	if (s->enc_write_ctx && s->version >= TLS1_1_VERSION)
+		{
+		eivlen = EVP_CIPHER_CTX_iv_length(s->enc_write_ctx);
+		if (eivlen <= 1)
+			eivlen = 0;
+		}
+	else 
+		eivlen = 0;
 
 	/* lets setup the record stuff. */
-	wr->data=p;
+	wr->data=p + eivlen;
 	wr->length=(int)len;
 	wr->input=(unsigned char *)buf;
 
@@ -655,7 +761,7 @@ static int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
 	/* first we compress */
 	if (s->compress != NULL)
 		{
-		if (!do_compress(s))
+		if (!ssl3_do_compress(s))
 			{
 			SSLerr(SSL_F_DO_SSL3_WRITE,SSL_R_COMPRESSION_FAILURE);
 			goto err;
@@ -673,10 +779,19 @@ static int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
 
 	if (mac_size != 0)
 		{
-		s->method->ssl3_enc->mac(s,&(p[wr->length]),1);
+		if (s->method->ssl3_enc->mac(s,&(p[wr->length + eivlen]),1) < 0)
+			goto err;
 		wr->length+=mac_size;
-		wr->input=p;
-		wr->data=p;
+		}
+
+	wr->input=p;
+	wr->data=p;
+
+	if (eivlen)
+		{
+	/*	if (RAND_pseudo_bytes(p, eivlen) <= 0)
+			goto err; */
+		wr->length += eivlen;
 		}
 
 	/* ssl3_enc can only have an error on read */
@@ -701,7 +816,6 @@ static int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
 
 	/* now let's set up wb */
 	wb->left = prefix_len + wr->length;
-	wb->offset = 0;
 
 	/* memorize arguments so that ssl3_write_pending can detect bad write retries later */
 	s->s3->wpend_tot=len;
@@ -716,10 +830,11 @@ err:
 	}
 
 /* if s->s3->wbuf.left != 0, we need to call this */
-static int ssl3_write_pending(SSL *s, int type, const unsigned char *buf,
-			      unsigned int len)
+int ssl3_write_pending(SSL *s, int type, const unsigned char *buf,
+	unsigned int len)
 	{
 	int i;
+	SSL3_BUFFER *wb=&(s->s3->wbuf);
 
 /* XXXX */
 	if ((s->s3->wpend_tot > (int)len)
@@ -738,24 +853,34 @@ static int ssl3_write_pending(SSL *s, int type, const unsigned char *buf,
 			{
 			s->rwstate=SSL_WRITING;
 			i=BIO_write(s->wbio,
-				(char *)&(s->s3->wbuf.buf[s->s3->wbuf.offset]),
-				(unsigned int)s->s3->wbuf.left);
+				(char *)&(wb->buf[wb->offset]),
+				(unsigned int)wb->left);
 			}
 		else
 			{
 			SSLerr(SSL_F_SSL3_WRITE_PENDING,SSL_R_BIO_NOT_SET);
 			i= -1;
 			}
-		if (i == s->s3->wbuf.left)
+		if (i == wb->left)
 			{
-			s->s3->wbuf.left=0;
+			wb->left=0;
+			wb->offset+=i;
+			if (s->mode & SSL_MODE_RELEASE_BUFFERS)
+				ssl3_release_write_buffer(s);
 			s->rwstate=SSL_NOTHING;
 			return(s->s3->wpend_ret);
 			}
-		else if (i <= 0)
+		else if (i <= 0) {
+			if (s->version == DTLS1_VERSION ||
+			    s->version == DTLS1_BAD_VER) {
+				/* For DTLS, just drop it. That's kind of the whole
+				   point in using a datagram service */
+				wb->left = 0;
+			}
 			return(i);
-		s->s3->wbuf.offset+=i;
-		s->s3->wbuf.left-=i;
+		}
+		wb->offset+=i;
+		wb->left-=i;
 		}
 	}
 
@@ -794,7 +919,7 @@ int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
 	void (*cb)(const SSL *ssl,int type2,int val)=NULL;
 
 	if (s->s3->rbuf.buf == NULL) /* Not initialized yet */
-		if (!ssl3_setup_buffers(s))
+		if (!ssl3_setup_read_buffer(s))
 			return(-1);
 
 	if ((type && (type != SSL3_RT_APPLICATION_DATA) && (type != SSL3_RT_HANDSHAKE) && type) ||
@@ -903,6 +1028,8 @@ start:
 				{
 				s->rstate=SSL_ST_READ_HEADER;
 				rr->off=0;
+				if (s->mode & SSL_MODE_RELEASE_BUFFERS)
+					ssl3_release_read_buffer(s);
 				}
 			}
 		return(n);
@@ -1012,7 +1139,25 @@ start:
 		 * now try again to obtain the (application) data we were asked for */
 		goto start;
 		}
-
+	/* If we are a server and get a client hello when renegotiation isn't
+	 * allowed send back a no renegotiation alert and carry on.
+	 * WARNING: experimental code, needs reviewing (steve)
+	 */
+	if (s->server &&
+		SSL_is_init_finished(s) &&
+    		!s->s3->send_connection_binding &&
+		(s->version > SSL3_VERSION) &&
+		(s->s3->handshake_fragment_len >= 4) &&
+		(s->s3->handshake_fragment[0] == SSL3_MT_CLIENT_HELLO) &&
+		(s->session != NULL) && (s->session->cipher != NULL) &&
+		!(s->ctx->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION))
+		
+		{
+		/*s->s3->handshake_fragment_len = 0;*/
+		rr->length = 0;
+		ssl3_send_alert(s,SSL3_AL_WARNING, SSL_AD_NO_RENEGOTIATION);
+		goto start;
+		}
 	if (s->s3->alert_fragment_len >= 2)
 		{
 		int alert_level = s->s3->alert_fragment[0];
@@ -1042,6 +1187,21 @@ start:
 				s->shutdown |= SSL_RECEIVED_SHUTDOWN;
 				return(0);
 				}
+			/* This is a warning but we receive it if we requested
+			 * renegotiation and the peer denied it. Terminate with
+			 * a fatal alert because if application tried to
+			 * renegotiatie it presumably had a good reason and
+			 * expects it to succeed.
+			 *
+			 * In future we might have a renegotiation where we
+			 * don't care if the peer refused it where we carry on.
+			 */
+			else if (alert_descr == SSL_AD_NO_RENEGOTIATION)
+				{
+				al = SSL_AD_HANDSHAKE_FAILURE;
+				SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_NO_RENEGOTIATION);
+				goto f_err;
+				}
 			}
 		else if (alert_level == 2) /* fatal */
 			{
@@ -1085,13 +1245,21 @@ start:
 			goto f_err;
 			}
 
+		/* Check we have a cipher to change to */
+		if (s->s3->tmp.new_cipher == NULL)
+			{
+			al=SSL_AD_UNEXPECTED_MESSAGE;
+			SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_CCS_RECEIVED_EARLY);
+			goto f_err;
+			}
+
 		rr->length=0;
 
 		if (s->msg_callback)
 			s->msg_callback(0, s->version, SSL3_RT_CHANGE_CIPHER_SPEC, rr->data, 1, s, s->msg_callback_arg);
 
 		s->s3->change_cipher_spec=1;
-		if (!do_change_cipher_spec(s))
+		if (!ssl3_do_change_cipher_spec(s))
 			goto err;
 		else
 			goto start;
@@ -1146,7 +1314,7 @@ start:
 	default:
 #ifndef OPENSSL_NO_TLS
 		/* TLS just ignores unknown message types */
-		if (s->version == TLS1_VERSION)
+		if (s->version >= TLS1_VERSION && s->version <= TLS1_1_VERSION)
 			{
 			rr->length = 0;
 			goto start;
@@ -1203,7 +1371,7 @@ err:
 	return(-1);
 	}
 
-static int do_change_cipher_spec(SSL *s)
+int ssl3_do_change_cipher_spec(SSL *s)
 	{
 	int i;
 	const char *sender;
@@ -1216,6 +1384,13 @@ static int do_change_cipher_spec(SSL *s)
 
 	if (s->s3->tmp.key_block == NULL)
 		{
+		if (s->session == NULL) 
+			{
+			/* might happen if dtls1_read_bytes() calls this */
+			SSLerr(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC,SSL_R_CCS_RECEIVED_EARLY);
+			return (0);
+			}
+
 		s->session->cipher=s->s3->tmp.new_cipher;
 		if (!s->method->ssl3_enc->setup_key_block(s)) return(0);
 		}
@@ -1238,20 +1413,18 @@ static int do_change_cipher_spec(SSL *s)
 		}
 
 	s->s3->tmp.peer_finish_md_len = s->method->ssl3_enc->final_finish_mac(s,
-		&(s->s3->finish_dgst1),
-		&(s->s3->finish_dgst2),
 		sender,slen,s->s3->tmp.peer_finish_md);
 
 	return(1);
 	}
 
-void ssl3_send_alert(SSL *s, int level, int desc)
+int ssl3_send_alert(SSL *s, int level, int desc)
 	{
 	/* Map tls/ssl alert value to correct one */
 	desc=s->method->ssl3_enc->alert_value(desc);
 	if (s->version == SSL3_VERSION && desc == SSL_AD_PROTOCOL_VERSION)
 		desc = SSL_AD_HANDSHAKE_FAILURE; /* SSL 3.0 does not have protocol_version alerts */
-	if (desc < 0) return;
+	if (desc < 0) return -1;
 	/* If a fatal one, remove from cache */
 	if ((level == 2) && (s->session != NULL))
 		SSL_CTX_remove_session(s->ctx,s->session);
@@ -1260,9 +1433,10 @@ void ssl3_send_alert(SSL *s, int level, int desc)
 	s->s3->send_alert[0]=level;
 	s->s3->send_alert[1]=desc;
 	if (s->s3->wbuf.left == 0) /* data still being written out? */
-		ssl3_dispatch_alert(s);
+		return s->method->ssl_dispatch_alert(s);
 	/* else data is still being written out, we will get written
 	 * some time in the future */
+	return -1;
 	}
 
 int ssl3_dispatch_alert(SSL *s)
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index 898f49810c..297f79fc1e 100644
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -1,4 +1,4 @@
-/* ssl/s3_srvr.c */
+/* ssl/s3_srvr.c -*- mode:C; c-file-style: "eay" -*- */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -56,7 +56,7 @@
  * [including the GNU Public Licence.]
  */
 /* ====================================================================
- * Copyright (c) 1998-2003 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1998-2007 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -121,6 +121,32 @@
  * Vipul Gupta and Sumit Gupta of Sun Microsystems Laboratories.
  *
  */
+/* ====================================================================
+ * Copyright 2005 Nokia. All rights reserved.
+ *
+ * The portions of the attached software ("Contribution") is developed by
+ * Nokia Corporation and is licensed pursuant to the OpenSSL open source
+ * license.
+ *
+ * The Contribution, originally written by Mika Kousa and Pasi Eronen of
+ * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+ * support (see RFC 4279) to OpenSSL.
+ *
+ * No patent licenses or other rights except those expressly stated in
+ * the OpenSSL open source license shall be deemed granted or received
+ * expressly, by implication, estoppel, or otherwise.
+ *
+ * No assurances are provided by Nokia that the Contribution does not
+ * infringe the patent or other intellectual property rights of any third
+ * party or that the license provides you with all the necessary rights
+ * to make use of the Contribution.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+ * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+ * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+ * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+ * OTHERWISE.
+ */
 
 #define REUSE_CIPHER_BUG
 #define NETSCAPE_HANG_BUG
@@ -132,31 +158,20 @@
 #include <openssl/rand.h>
 #include <openssl/objects.h>
 #include <openssl/evp.h>
+#include <openssl/hmac.h>
 #include <openssl/x509.h>
+#ifndef OPENSSL_NO_DH
 #include <openssl/dh.h>
+#endif
 #include <openssl/bn.h>
 #ifndef OPENSSL_NO_KRB5
 #include <openssl/krb5_asn.h>
 #endif
 #include <openssl/md5.h>
 
-static SSL_METHOD *ssl3_get_server_method(int ver);
-static int ssl3_get_client_hello(SSL *s);
-static int ssl3_check_client_hello(SSL *s);
-static int ssl3_send_server_hello(SSL *s);
-static int ssl3_send_server_key_exchange(SSL *s);
-static int ssl3_send_certificate_request(SSL *s);
-static int ssl3_send_server_done(SSL *s);
-static int ssl3_get_client_key_exchange(SSL *s);
-static int ssl3_get_client_certificate(SSL *s);
-static int ssl3_get_cert_verify(SSL *s);
-static int ssl3_send_hello_request(SSL *s);
-
-#ifndef OPENSSL_NO_ECDH
-static int nid2curve_id(int nid);
-#endif
+static const SSL_METHOD *ssl3_get_server_method(int ver);
 
-static SSL_METHOD *ssl3_get_server_method(int ver)
+static const SSL_METHOD *ssl3_get_server_method(int ver)
 	{
 	if (ver == SSL3_VERSION)
 		return(SSLv3_server_method());
@@ -164,35 +179,16 @@ static SSL_METHOD *ssl3_get_server_method(int ver)
 		return(NULL);
 	}
 
-SSL_METHOD *SSLv3_server_method(void)
-	{
-	static int init=1;
-	static SSL_METHOD SSLv3_server_data;
-
-	if (init)
-		{
-		CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
-
-		if (init)
-			{
-			memcpy((char *)&SSLv3_server_data,(char *)sslv3_base_method(),
-				sizeof(SSL_METHOD));
-			SSLv3_server_data.ssl_accept=ssl3_accept;
-			SSLv3_server_data.get_ssl_method=ssl3_get_server_method;
-			init=0;
-			}
-			
-		CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
-		}
-	return(&SSLv3_server_data);
-	}
+IMPLEMENT_ssl3_meth_func(SSLv3_server_method,
+			ssl3_accept,
+			ssl_undefined_function,
+			ssl3_get_server_method)
 
 int ssl3_accept(SSL *s)
 	{
 	BUF_MEM *buf;
-	unsigned long l,Time=time(NULL);
+	unsigned long alg_k,Time=(unsigned long)time(NULL);
 	void (*cb)(const SSL *ssl,int type,int val)=NULL;
-	long num1;
 	int ret= -1;
 	int new_state,state,skip=0;
 
@@ -274,6 +270,18 @@ int ssl3_accept(SSL *s)
 				s->state=SSL3_ST_SR_CLNT_HELLO_A;
 				s->ctx->stats.sess_accept++;
 				}
+			else if (!s->s3->send_connection_binding &&
+				!(s->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION))
+				{
+				/* Server attempting to renegotiate with
+				 * client that doesn't support secure
+				 * renegotiation.
+				 */
+				SSLerr(SSL_F_SSL3_ACCEPT, SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED);
+				ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_HANDSHAKE_FAILURE);
+				ret = -1;
+				goto end;
+				}
 			else
 				{
 				/* s->state == SSL_ST_RENEGOTIATE,
@@ -307,6 +315,7 @@ int ssl3_accept(SSL *s)
 			s->shutdown=0;
 			ret=ssl3_get_client_hello(s);
 			if (ret <= 0) goto end;
+			
 			s->new_session = 2;
 			s->state=SSL3_ST_SW_SRVR_HELLO_A;
 			s->init_num=0;
@@ -316,9 +325,18 @@ int ssl3_accept(SSL *s)
 		case SSL3_ST_SW_SRVR_HELLO_B:
 			ret=ssl3_send_server_hello(s);
 			if (ret <= 0) goto end;
-
+#ifndef OPENSSL_NO_TLSEXT
 			if (s->hit)
-				s->state=SSL3_ST_SW_CHANGE_A;
+				{
+				if (s->tlsext_ticket_expected)
+					s->state=SSL3_ST_SW_SESSION_TICKET_A;
+				else
+					s->state=SSL3_ST_SW_CHANGE_A;
+				}
+#else
+			if (s->hit)
+					s->state=SSL3_ST_SW_CHANGE_A;
+#endif
 			else
 				s->state=SSL3_ST_SW_CERT_A;
 			s->init_num=0;
@@ -326,27 +344,44 @@ int ssl3_accept(SSL *s)
 
 		case SSL3_ST_SW_CERT_A:
 		case SSL3_ST_SW_CERT_B:
-			/* Check if it is anon DH or anon ECDH */
-			if (!(s->s3->tmp.new_cipher->algorithms & SSL_aNULL))
+			/* Check if it is anon DH or anon ECDH, */
+			/* normal PSK or KRB5 */
+			if (!(s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL)
+				&& !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK)
+				&& !(s->s3->tmp.new_cipher->algorithm_auth & SSL_aKRB5))
 				{
 				ret=ssl3_send_server_certificate(s);
 				if (ret <= 0) goto end;
+#ifndef OPENSSL_NO_TLSEXT
+				if (s->tlsext_status_expected)
+					s->state=SSL3_ST_SW_CERT_STATUS_A;
+				else
+					s->state=SSL3_ST_SW_KEY_EXCH_A;
+				}
+			else
+				{
+				skip = 1;
+				s->state=SSL3_ST_SW_KEY_EXCH_A;
+				}
+#else
 				}
 			else
 				skip=1;
+
 			s->state=SSL3_ST_SW_KEY_EXCH_A;
+#endif
 			s->init_num=0;
 			break;
 
 		case SSL3_ST_SW_KEY_EXCH_A:
 		case SSL3_ST_SW_KEY_EXCH_B:
-			l=s->s3->tmp.new_cipher->algorithms;
+			alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
 
 			/* clear this, it may get reset by
 			 * send_server_key_exchange */
 			if ((s->options & SSL_OP_EPHEMERAL_RSA)
 #ifndef OPENSSL_NO_KRB5
-				&& !(l & SSL_KRB5)
+				&& !(alg_k & SSL_kKRB5)
 #endif /* OPENSSL_NO_KRB5 */
 				)
 				/* option SSL_OP_EPHEMERAL_RSA sends temporary RSA key
@@ -361,16 +396,23 @@ int ssl3_accept(SSL *s)
 			/* only send if a DH key exchange, fortezza or
 			 * RSA but we have a sign only certificate
 			 *
+			 * PSK: may send PSK identity hints
+			 *
 			 * For ECC ciphersuites, we send a serverKeyExchange
 			 * message only if the cipher suite is either
 			 * ECDH-anon or ECDHE. In other cases, the
-			 * server certificate contains the server's 
+			 * server certificate contains the server's
 			 * public key for key exchange.
 			 */
 			if (s->s3->tmp.use_rsa_tmp
-			    || (l & SSL_kECDHE)
-			    || (l & (SSL_DH|SSL_kFZA))
-			    || ((l & SSL_kRSA)
+			/* PSK: send ServerKeyExchange if PSK identity
+			 * hint if provided */
+#ifndef OPENSSL_NO_PSK
+			    || ((alg_k & SSL_kPSK) && s->ctx->psk_identity_hint)
+#endif
+			    || (alg_k & (SSL_kDHr|SSL_kDHd|SSL_kEDH))
+			    || (alg_k & SSL_kEECDH)
+			    || ((alg_k & SSL_kRSA)
 				&& (s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL
 				    || (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher)
 					&& EVP_PKEY_size(s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey)*8 > SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)
@@ -400,12 +442,15 @@ int ssl3_accept(SSL *s)
 				/* never request cert in anonymous ciphersuites
 				 * (see section "Certificate request" in SSL 3 drafts
 				 * and in RFC 2246): */
-				((s->s3->tmp.new_cipher->algorithms & SSL_aNULL) &&
+				((s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL) &&
 				 /* ... except when the application insists on verification
 				  * (against the specs, but s3_clnt.c accepts this for SSL 3) */
 				 !(s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)) ||
-                                 /* never request cert in Kerberos ciphersuites */
-                                (s->s3->tmp.new_cipher->algorithms & SSL_aKRB5))
+				 /* never request cert in Kerberos ciphersuites */
+				(s->s3->tmp.new_cipher->algorithm_auth & SSL_aKRB5)
+				/* With normal PSK Certificates and
+				 * Certificate Requests are omitted */
+				|| (s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK))
 				{
 				/* no cert request */
 				skip=1;
@@ -437,15 +482,24 @@ int ssl3_accept(SSL *s)
 			break;
 		
 		case SSL3_ST_SW_FLUSH:
-			/* number of bytes to be flushed */
-			num1=BIO_ctrl(s->wbio,BIO_CTRL_INFO,0,NULL);
-			if (num1 > 0)
+
+			/* This code originally checked to see if
+			 * any data was pending using BIO_CTRL_INFO
+			 * and then flushed. This caused problems
+			 * as documented in PR#1939. The proposed
+			 * fix doesn't completely resolve this issue
+			 * as buggy implementations of BIO_CTRL_PENDING
+			 * still exist. So instead we just flush
+			 * unconditionally.
+			 */
+
+			s->rwstate=SSL_WRITING;
+			if (BIO_flush(s->wbio) <= 0)
 				{
-				s->rwstate=SSL_WRITING;
-				num1=BIO_flush(s->wbio);
-				if (num1 <= 0) { ret= -1; goto end; }
-				s->rwstate=SSL_NOTHING;
+				ret= -1;
+				goto end;
 				}
+			s->rwstate=SSL_NOTHING;
 
 			s->state=s->s3->tmp.next_state;
 			break;
@@ -472,7 +526,7 @@ int ssl3_accept(SSL *s)
 		case SSL3_ST_SR_KEY_EXCH_A:
 		case SSL3_ST_SR_KEY_EXCH_B:
 			ret=ssl3_get_client_key_exchange(s);
-			if (ret <= 0) 
+			if (ret <= 0)
 				goto end;
 			if (ret == 2)
 				{
@@ -480,24 +534,43 @@ int ssl3_accept(SSL *s)
 				 * the client sends its ECDH pub key in
 				 * a certificate, the CertificateVerify
 				 * message is not sent.
+				 * Also for GOST ciphersuites when
+				 * the client uses its key from the certificate
+				 * for key exchange.
 				 */
 				s->state=SSL3_ST_SR_FINISHED_A;
 				s->init_num = 0;
 				}
-			else   
+			else
 				{
+				int offset=0;
+				int dgst_num;
+
 				s->state=SSL3_ST_SR_CERT_VRFY_A;
 				s->init_num=0;
 
 				/* We need to get hashes here so if there is
 				 * a client cert, it can be verified
-				 */ 
-				s->method->ssl3_enc->cert_verify_mac(s,
-				    &(s->s3->finish_dgst1),
-				    &(s->s3->tmp.cert_verify_md[0]));
-				s->method->ssl3_enc->cert_verify_mac(s,
-				    &(s->s3->finish_dgst2),
-				    &(s->s3->tmp.cert_verify_md[MD5_DIGEST_LENGTH]));
+				 * FIXME - digest processing for CertificateVerify
+				 * should be generalized. But it is next step
+				 */
+				if (s->s3->handshake_buffer)
+					if (!ssl3_digest_cached_records(s))
+						return -1;
+				for (dgst_num=0; dgst_num<SSL_MAX_DIGEST;dgst_num++)	
+					if (s->s3->handshake_dgst[dgst_num]) 
+						{
+						int dgst_size;
+
+						s->method->ssl3_enc->cert_verify_mac(s,EVP_MD_CTX_type(s->s3->handshake_dgst[dgst_num]),&(s->s3->tmp.cert_verify_md[offset]));
+						dgst_size=EVP_MD_CTX_size(s->s3->handshake_dgst[dgst_num]);
+						if (dgst_size < 0)
+							{
+							ret = -1;
+							goto end;
+							}
+						offset+=dgst_size;
+						}		
 				}
 			break;
 
@@ -517,13 +590,39 @@ int ssl3_accept(SSL *s)
 			ret=ssl3_get_finished(s,SSL3_ST_SR_FINISHED_A,
 				SSL3_ST_SR_FINISHED_B);
 			if (ret <= 0) goto end;
+#ifndef OPENSSL_NO_TLSEXT
+			if (s->tlsext_ticket_expected)
+				s->state=SSL3_ST_SW_SESSION_TICKET_A;
+			else if (s->hit)
+				s->state=SSL_ST_OK;
+#else
 			if (s->hit)
 				s->state=SSL_ST_OK;
+#endif
 			else
 				s->state=SSL3_ST_SW_CHANGE_A;
 			s->init_num=0;
 			break;
 
+#ifndef OPENSSL_NO_TLSEXT
+		case SSL3_ST_SW_SESSION_TICKET_A:
+		case SSL3_ST_SW_SESSION_TICKET_B:
+			ret=ssl3_send_newsession_ticket(s);
+			if (ret <= 0) goto end;
+			s->state=SSL3_ST_SW_CHANGE_A;
+			s->init_num=0;
+			break;
+
+		case SSL3_ST_SW_CERT_STATUS_A:
+		case SSL3_ST_SW_CERT_STATUS_B:
+			ret=ssl3_send_cert_status(s);
+			if (ret <= 0) goto end;
+			s->state=SSL3_ST_SW_KEY_EXCH_A;
+			s->init_num=0;
+			break;
+
+#endif
+
 		case SSL3_ST_SW_CHANGE_A:
 		case SSL3_ST_SW_CHANGE_B:
 
@@ -629,7 +728,7 @@ end:
 	return(ret);
 	}
 
-static int ssl3_send_hello_request(SSL *s)
+int ssl3_send_hello_request(SSL *s)
 	{
 	unsigned char *p;
 
@@ -651,14 +750,14 @@ static int ssl3_send_hello_request(SSL *s)
 	return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
 	}
 
-static int ssl3_check_client_hello(SSL *s)
+int ssl3_check_client_hello(SSL *s)
 	{
 	int ok;
 	long n;
 
 	/* this function is called when we really expect a Certificate message,
 	 * so permit appropriate message length */
-	n=ssl3_get_message(s,
+	n=s->method->ssl_get_message(s,
 		SSL3_ST_SR_CERT_A,
 		SSL3_ST_SR_CERT_B,
 		-1,
@@ -684,14 +783,17 @@ static int ssl3_check_client_hello(SSL *s)
 	return 1;
 }
 
-static int ssl3_get_client_hello(SSL *s)
+int ssl3_get_client_hello(SSL *s)
 	{
 	int i,j,ok,al,ret= -1;
+	unsigned int cookie_len;
 	long n;
 	unsigned long id;
 	unsigned char *p,*d,*q;
 	SSL_CIPHER *c;
+#ifndef OPENSSL_NO_COMP
 	SSL_COMP *comp=NULL;
+#endif
 	STACK_OF(SSL_CIPHER) *ciphers=NULL;
 
 	/* We do this so that we will respond with our native type.
@@ -702,10 +804,10 @@ static int ssl3_get_client_hello(SSL *s)
 	 */
 	if (s->state == SSL3_ST_SR_CLNT_HELLO_A)
 		{
-		s->first_packet=1;
 		s->state=SSL3_ST_SR_CLNT_HELLO_B;
 		}
-	n=ssl3_get_message(s,
+	s->first_packet=1;
+	n=s->method->ssl_get_message(s,
 		SSL3_ST_SR_CLNT_HELLO_B,
 		SSL3_ST_SR_CLNT_HELLO_C,
 		SSL3_MT_CLIENT_HELLO,
@@ -713,6 +815,7 @@ static int ssl3_get_client_hello(SSL *s)
 		&ok);
 
 	if (!ok) return((int)n);
+	s->first_packet=0;
 	d=p=(unsigned char *)s->init_msg;
 
 	/* use version from inside client hello, not from record header
@@ -720,10 +823,11 @@ static int ssl3_get_client_hello(SSL *s)
 	s->client_version=(((int)p[0])<<8)|(int)p[1];
 	p+=2;
 
-	if (s->client_version < s->version)
+	if ((s->version == DTLS1_VERSION && s->client_version > s->version) ||
+	    (s->version != DTLS1_VERSION && s->client_version < s->version))
 		{
 		SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_WRONG_VERSION_NUMBER);
-		if ((s->client_version>>8) == SSL3_VERSION_MAJOR) 
+		if ((s->client_version>>8) == SSL3_VERSION_MAJOR)
 			{
 			/* similar to ssl3_get_record, send alert using remote version number */
 			s->version = s->client_version;
@@ -732,6 +836,21 @@ static int ssl3_get_client_hello(SSL *s)
 		goto f_err;
 		}
 
+	/* If we require cookies and this ClientHello doesn't
+	 * contain one, just return since we do not want to
+	 * allocate any memory yet. So check cookie length...
+	 */
+	if (SSL_get_options(s) & SSL_OP_COOKIE_EXCHANGE)
+		{
+		unsigned int session_length, cookie_length;
+		
+		session_length = *(p + SSL3_RANDOM_SIZE);
+		cookie_length = *(p + SSL3_RANDOM_SIZE + session_length + 1);
+
+		if (cookie_length == 0)
+			return 1;
+		}
+
 	/* load the client random */
 	memcpy(s->s3->client_random,p,SSL3_RANDOM_SIZE);
 	p+=SSL3_RANDOM_SIZE;
@@ -748,14 +867,14 @@ static int ssl3_get_client_hello(SSL *s)
 	 * might be written that become totally unsecure when compiled with
 	 * an earlier library version)
 	 */
-	if (j == 0 || (s->new_session && (s->options & SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION)))
+	if ((s->new_session && (s->options & SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION)))
 		{
 		if (!ssl_get_new_session(s,1))
 			goto err;
 		}
 	else
 		{
-		i=ssl_get_prev_session(s,p,j);
+		i=ssl_get_prev_session(s, p, j, d + n);
 		if (i == 1)
 			{ /* previous session */
 			s->hit=1;
@@ -770,6 +889,58 @@ static int ssl3_get_client_hello(SSL *s)
 		}
 
 	p+=j;
+
+	if (s->version == DTLS1_VERSION || s->version == DTLS1_BAD_VER)
+		{
+		/* cookie stuff */
+		cookie_len = *(p++);
+
+		/* 
+		 * The ClientHello may contain a cookie even if the
+		 * HelloVerify message has not been sent--make sure that it
+		 * does not cause an overflow.
+		 */
+		if ( cookie_len > sizeof(s->d1->rcvd_cookie))
+			{
+			/* too much data */
+			al = SSL_AD_DECODE_ERROR;
+			SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_COOKIE_MISMATCH);
+			goto f_err;
+			}
+
+		/* verify the cookie if appropriate option is set. */
+		if ((SSL_get_options(s) & SSL_OP_COOKIE_EXCHANGE) &&
+			cookie_len > 0)
+			{
+			memcpy(s->d1->rcvd_cookie, p, cookie_len);
+
+			if ( s->ctx->app_verify_cookie_cb != NULL)
+				{
+				if ( s->ctx->app_verify_cookie_cb(s, s->d1->rcvd_cookie,
+					cookie_len) == 0)
+					{
+					al=SSL_AD_HANDSHAKE_FAILURE;
+					SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, 
+						SSL_R_COOKIE_MISMATCH);
+					goto f_err;
+					}
+				/* else cookie verification succeeded */
+				}
+			else if ( memcmp(s->d1->rcvd_cookie, s->d1->cookie, 
+						  s->d1->cookie_len) != 0) /* default verification */
+				{
+					al=SSL_AD_HANDSHAKE_FAILURE;
+					SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, 
+						SSL_R_COOKIE_MISMATCH);
+					goto f_err;
+				}
+
+			ret = 2;
+			}
+
+		p += cookie_len;
+		}
+
 	n2s(p,i);
 	if ((i == 0) && (j != 0))
 		{
@@ -814,23 +985,28 @@ static int ssl3_get_client_hello(SSL *s)
 				break;
 				}
 			}
-		if (j == 0)
+		if (j == 0 && (s->options & SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG) && (sk_SSL_CIPHER_num(ciphers) == 1))
 			{
-			if ((s->options & SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG) && (sk_SSL_CIPHER_num(ciphers) == 1))
-				{
-				/* Very bad for multi-threading.... */
-				s->session->cipher=sk_SSL_CIPHER_value(ciphers,
-								       0);
-				}
-			else
+			/* Special case as client bug workaround: the previously used cipher may
+			 * not be in the current list, the client instead might be trying to
+			 * continue using a cipher that before wasn't chosen due to server
+			 * preferences.  We'll have to reject the connection if the cipher is not
+			 * enabled, though. */
+			c = sk_SSL_CIPHER_value(ciphers, 0);
+			if (sk_SSL_CIPHER_find(SSL_get_ciphers(s), c) >= 0)
 				{
-				/* we need to have the cipher in the cipher
-				 * list if we are asked to reuse it */
-				al=SSL_AD_ILLEGAL_PARAMETER;
-				SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_REQUIRED_CIPHER_MISSING);
-				goto f_err;
+				s->session->cipher = c;
+				j = 1;
 				}
 			}
+		if (j == 0)
+			{
+			/* we need to have the cipher in the cipher
+			 * list if we are asked to reuse it */
+			al=SSL_AD_ILLEGAL_PARAMETER;
+			SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_REQUIRED_CIPHER_MISSING);
+			goto f_err;
+			}
 		}
 
 	/* compression */
@@ -857,11 +1033,125 @@ static int ssl3_get_client_hello(SSL *s)
 		goto f_err;
 		}
 
+#ifndef OPENSSL_NO_TLSEXT
+	/* TLS extensions*/
+	if (s->version >= SSL3_VERSION)
+		{
+		if (!ssl_parse_clienthello_tlsext(s,&p,d,n, &al))
+			{
+			/* 'al' set by ssl_parse_clienthello_tlsext */
+			SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_PARSE_TLSEXT);
+			goto f_err;
+			}
+		}
+		if (ssl_check_clienthello_tlsext(s) <= 0) {
+			SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_CLIENTHELLO_TLSEXT);
+			goto err;
+		}
+
+	/* Check if we want to use external pre-shared secret for this
+	 * handshake for not reused session only. We need to generate
+	 * server_random before calling tls_session_secret_cb in order to allow
+	 * SessionTicket processing to use it in key derivation. */
+	{
+		unsigned long Time;
+		unsigned char *pos;
+		Time=(unsigned long)time(NULL);			/* Time */
+		pos=s->s3->server_random;
+		l2n(Time,pos);
+		if (RAND_pseudo_bytes(pos,SSL3_RANDOM_SIZE-4) <= 0)
+			{
+			al=SSL_AD_INTERNAL_ERROR;
+			goto f_err;
+			}
+	}
+
+	if (!s->hit && s->version >= TLS1_VERSION && s->tls_session_secret_cb)
+		{
+		SSL_CIPHER *pref_cipher=NULL;
+
+		s->session->master_key_length=sizeof(s->session->master_key);
+		if(s->tls_session_secret_cb(s, s->session->master_key, &s->session->master_key_length,
+			ciphers, &pref_cipher, s->tls_session_secret_cb_arg))
+			{
+			s->hit=1;
+			s->session->ciphers=ciphers;
+			s->session->verify_result=X509_V_OK;
+
+			ciphers=NULL;
+
+			/* check if some cipher was preferred by call back */
+			pref_cipher=pref_cipher ? pref_cipher : ssl3_choose_cipher(s, s->session->ciphers, SSL_get_ciphers(s));
+			if (pref_cipher == NULL)
+				{
+				al=SSL_AD_HANDSHAKE_FAILURE;
+				SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_NO_SHARED_CIPHER);
+				goto f_err;
+				}
+
+			s->session->cipher=pref_cipher;
+
+			if (s->cipher_list)
+				sk_SSL_CIPHER_free(s->cipher_list);
+
+			if (s->cipher_list_by_id)
+				sk_SSL_CIPHER_free(s->cipher_list_by_id);
+
+			s->cipher_list = sk_SSL_CIPHER_dup(s->session->ciphers);
+			s->cipher_list_by_id = sk_SSL_CIPHER_dup(s->session->ciphers);
+			}
+		}
+#endif
+
 	/* Worst case, we will use the NULL compression, but if we have other
 	 * options, we will now look for them.  We have i-1 compression
 	 * algorithms from the client, starting at q. */
 	s->s3->tmp.new_compression=NULL;
-	if (s->ctx->comp_methods != NULL)
+#ifndef OPENSSL_NO_COMP
+	/* This only happens if we have a cache hit */
+	if (s->session->compress_meth != 0)
+		{
+		int m, comp_id = s->session->compress_meth;
+		/* Perform sanity checks on resumed compression algorithm */
+		/* Can't disable compression */
+		if (s->options & SSL_OP_NO_COMPRESSION)
+			{
+			al=SSL_AD_INTERNAL_ERROR;
+			SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_INCONSISTENT_COMPRESSION);
+			goto f_err;
+			}
+		/* Look for resumed compression method */
+		for (m = 0; m < sk_SSL_COMP_num(s->ctx->comp_methods); m++)
+			{
+			comp=sk_SSL_COMP_value(s->ctx->comp_methods,m);
+			if (comp_id == comp->id)
+				{
+				s->s3->tmp.new_compression=comp;
+				break;
+				}
+			}
+		if (s->s3->tmp.new_compression == NULL)
+			{
+			al=SSL_AD_INTERNAL_ERROR;
+			SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_INVALID_COMPRESSION_ALGORITHM);
+			goto f_err;
+			}
+		/* Look for resumed method in compression list */
+		for (m = 0; m < i; m++)
+			{
+			if (q[m] == comp_id)
+				break;
+			}
+		if (m >= i)
+			{
+			al=SSL_AD_ILLEGAL_PARAMETER;
+			SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_REQUIRED_COMPRESSSION_ALGORITHM_MISSING);
+			goto f_err;
+			}
+		}
+	else if (s->hit)
+		comp = NULL;
+	else if (!(s->options & SSL_OP_NO_COMPRESSION) && s->ctx->comp_methods)
 		{ /* See if we have a match */
 		int m,nn,o,v,done=0;
 
@@ -885,21 +1175,15 @@ static int ssl3_get_client_hello(SSL *s)
 		else
 			comp=NULL;
 		}
-
-	/* TLS does not mind if there is extra stuff */
-#if 0   /* SSL 3.0 does not mind either, so we should disable this test
-         * (was enabled in 0.9.6d through 0.9.6j and 0.9.7 through 0.9.7b,
-         * in earlier SSLeay/OpenSSL releases this test existed but was buggy) */
-	if (s->version == SSL3_VERSION)
+#else
+	/* If compression is disabled we'd better not try to resume a session
+	 * using compression.
+	 */
+	if (s->session->compress_meth != 0)
 		{
-		if (p < (d+n))
-			{
-			/* wrong number of bytes,
-			 * there could be more to follow */
-			al=SSL_AD_DECODE_ERROR;
-			SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_LENGTH_MISMATCH);
-			goto f_err;
-			}
+		al=SSL_AD_INTERNAL_ERROR;
+		SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_INCONSISTENT_COMPRESSION);
+		goto f_err;
 		}
 #endif
 
@@ -908,7 +1192,11 @@ static int ssl3_get_client_hello(SSL *s)
 
 	if (!s->hit)
 		{
+#ifdef OPENSSL_NO_COMP
+		s->session->compress_meth=0;
+#else
 		s->session->compress_meth=(comp == NULL)?0:comp->id;
+#endif
 		if (s->session->ciphers != NULL)
 			sk_SSL_CIPHER_free(s->session->ciphers);
 		s->session->ciphers=ciphers;
@@ -944,7 +1232,7 @@ static int ssl3_get_client_hello(SSL *s)
 			for (i=0; i<sk_SSL_CIPHER_num(sk); i++)
 				{
 				c=sk_SSL_CIPHER_value(sk,i);
-				if (c->algorithms & SSL_eNULL)
+				if (c->algorithm_enc & SSL_eNULL)
 					nc=c;
 				if (SSL_C_IS_EXPORT(c))
 					ec=c;
@@ -960,6 +1248,9 @@ static int ssl3_get_client_hello(SSL *s)
 #endif
 		s->s3->tmp.new_cipher=s->session->cipher;
 		}
+
+	if (!ssl3_digest_cached_records(s))
+		goto f_err;
 	
 	/* we now have the following setup. 
 	 * client_random
@@ -972,7 +1263,7 @@ static int ssl3_get_client_hello(SSL *s)
 	 * s->tmp.new_cipher	- the new cipher to use.
 	 */
 
-	ret=1;
+	if (ret < 0) ret=1;
 	if (0)
 		{
 f_err:
@@ -983,20 +1274,27 @@ err:
 	return(ret);
 	}
 
-static int ssl3_send_server_hello(SSL *s)
+int ssl3_send_server_hello(SSL *s)
 	{
 	unsigned char *buf;
 	unsigned char *p,*d;
 	int i,sl;
-	unsigned long l,Time;
+	unsigned long l;
+#ifdef OPENSSL_NO_TLSEXT
+	unsigned long Time;
+#endif
 
 	if (s->state == SSL3_ST_SW_SRVR_HELLO_A)
 		{
 		buf=(unsigned char *)s->init_buf->data;
+#ifdef OPENSSL_NO_TLSEXT
 		p=s->s3->server_random;
-		Time=time(NULL);			/* Time */
+		/* Generate server_random if it was not needed previously */
+		Time=(unsigned long)time(NULL);			/* Time */
 		l2n(Time,p);
-		RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-sizeof(Time));
+		if (RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-4) <= 0)
+			return -1;
+#endif
 		/* Do the message type and length last */
 		d=p= &(buf[4]);
 
@@ -1014,8 +1312,16 @@ static int ssl3_send_server_hello(SSL *s)
 		 * session-id if we want it to be single use.
 		 * Currently I will not implement the '0' length session-id
 		 * 12-Jan-98 - I'll now support the '0' length stuff.
+		 *
+		 * We also have an additional case where stateless session
+		 * resumption is successful: we always send back the old
+		 * session id. In this case s->hit is non zero: this can
+		 * only happen if stateless session resumption is succesful
+		 * if session caching is disabled so existing functionality
+		 * is unaffected.
 		 */
-		if (!(s->ctx->session_cache_mode & SSL_SESS_CACHE_SERVER))
+		if (!(s->ctx->session_cache_mode & SSL_SESS_CACHE_SERVER)
+			&& !s->hit)
 			s->session->session_id_length=0;
 
 		sl=s->session->session_id_length;
@@ -1033,28 +1339,43 @@ static int ssl3_send_server_hello(SSL *s)
 		p+=i;
 
 		/* put the compression method */
+#ifdef OPENSSL_NO_COMP
+			*(p++)=0;
+#else
 		if (s->s3->tmp.new_compression == NULL)
 			*(p++)=0;
 		else
 			*(p++)=s->s3->tmp.new_compression->id;
-
+#endif
+#ifndef OPENSSL_NO_TLSEXT
+		if (ssl_prepare_serverhello_tlsext(s) <= 0)
+			{
+			SSLerr(SSL_F_SSL3_SEND_SERVER_HELLO,SSL_R_SERVERHELLO_TLSEXT);
+			return -1;
+			}
+		if ((p = ssl_add_serverhello_tlsext(s, p, buf+SSL3_RT_MAX_PLAIN_LENGTH)) == NULL)
+			{
+			SSLerr(SSL_F_SSL3_SEND_SERVER_HELLO,ERR_R_INTERNAL_ERROR);
+			return -1;
+			}
+#endif
 		/* do the header */
 		l=(p-d);
 		d=buf;
 		*(d++)=SSL3_MT_SERVER_HELLO;
 		l2n3(l,d);
 
-		s->state=SSL3_ST_CW_CLNT_HELLO_B;
+		s->state=SSL3_ST_SW_SRVR_HELLO_B;
 		/* number of bytes to write */
 		s->init_num=p-buf;
 		s->init_off=0;
 		}
 
-	/* SSL3_ST_CW_CLNT_HELLO_B */
+	/* SSL3_ST_SW_SRVR_HELLO_B */
 	return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
 	}
 
-static int ssl3_send_server_done(SSL *s)
+int ssl3_send_server_done(SSL *s)
 	{
 	unsigned char *p;
 
@@ -1074,11 +1395,11 @@ static int ssl3_send_server_done(SSL *s)
 		s->init_off=0;
 		}
 
-	/* SSL3_ST_CW_CLNT_HELLO_B */
+	/* SSL3_ST_SW_SRVR_DONE_B */
 	return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
 	}
 
-static int ssl3_send_server_key_exchange(SSL *s)
+int ssl3_send_server_key_exchange(SSL *s)
 	{
 #ifndef OPENSSL_NO_RSA
 	unsigned char *q;
@@ -1111,7 +1432,7 @@ static int ssl3_send_server_key_exchange(SSL *s)
 	EVP_MD_CTX_init(&md_ctx);
 	if (s->state == SSL3_ST_SW_KEY_EXCH_A)
 		{
-		type=s->s3->tmp.new_cipher->algorithms & SSL_MKEY_MASK;
+		type=s->s3->tmp.new_cipher->algorithm_mkey;
 		cert=s->cert;
 
 		buf=s->init_buf;
@@ -1206,8 +1527,10 @@ static int ssl3_send_server_key_exchange(SSL *s)
 		else 
 #endif
 #ifndef OPENSSL_NO_ECDH
-			if (type & SSL_kECDHE)
+			if (type & SSL_kEECDH)
 			{
+			const EC_GROUP *group;
+
 			ecdhp=cert->ecdh_tmp;
 			if ((ecdhp == NULL) && (s->cert->ecdh_tmp_cb != NULL))
 				{
@@ -1237,14 +1560,14 @@ static int ssl3_send_server_key_exchange(SSL *s)
 				}
 			if (!EC_KEY_up_ref(ecdhp))
 				{
-				SSLerr(SSL_F_SSL3_CTRL,ERR_R_ECDH_LIB);
+				SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_R_ECDH_LIB);
 				goto err;
 				}
 			ecdh = ecdhp;
 
 			s->s3->tmp.ecdh=ecdh;
-			if ((ecdh->pub_key == NULL) ||
-			    (ecdh->priv_key == NULL) ||
+			if ((EC_KEY_get0_public_key(ecdh) == NULL) ||
+			    (EC_KEY_get0_private_key(ecdh) == NULL) ||
 			    (s->options & SSL_OP_SINGLE_ECDH_USE))
 				{
 				if(!EC_KEY_generate_key(ecdh))
@@ -1254,16 +1577,16 @@ static int ssl3_send_server_key_exchange(SSL *s)
 				    }
 				}
 
-			if ((ecdh->group == NULL) ||
-			    (ecdh->pub_key == NULL) ||
-			    (ecdh->priv_key == NULL))
+			if (((group = EC_KEY_get0_group(ecdh)) == NULL) ||
+			    (EC_KEY_get0_public_key(ecdh)  == NULL) ||
+			    (EC_KEY_get0_private_key(ecdh) == NULL))
 				{
 				SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_R_ECDH_LIB);
 				goto err;
 				}
 
 			if (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) &&
-			    (EC_GROUP_get_degree(ecdh->group) > 163)) 
+			    (EC_GROUP_get_degree(group) > 163)) 
 				{
 				SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_ECGROUP_TOO_LARGE_FOR_CIPHER);
 				goto err;
@@ -1274,7 +1597,7 @@ static int ssl3_send_server_key_exchange(SSL *s)
 			 * supported named curves, curve_id is non-zero.
 			 */
 			if ((curve_id = 
-			    nid2curve_id(EC_GROUP_get_nid(ecdh->group)))
+			    tls1_ec_nid2curve_id(EC_GROUP_get_curve_name(group)))
 			    == 0)
 				{
 				SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_UNSUPPORTED_ELLIPTIC_CURVE);
@@ -1285,8 +1608,8 @@ static int ssl3_send_server_key_exchange(SSL *s)
 			 * First check the size of encoding and
 			 * allocate memory accordingly.
 			 */
-			encodedlen = EC_POINT_point2oct(ecdh->group, 
-			    ecdh->pub_key, 
+			encodedlen = EC_POINT_point2oct(group, 
+			    EC_KEY_get0_public_key(ecdh),
 			    POINT_CONVERSION_UNCOMPRESSED, 
 			    NULL, 0, NULL);
 
@@ -1300,8 +1623,8 @@ static int ssl3_send_server_key_exchange(SSL *s)
 				}
 
 
-			encodedlen = EC_POINT_point2oct(ecdh->group, 
-			    ecdh->pub_key, 
+			encodedlen = EC_POINT_point2oct(group, 
+			    EC_KEY_get0_public_key(ecdh), 
 			    POINT_CONVERSION_UNCOMPRESSED, 
 			    encodedPoint, encodedlen, bn_ctx);
 
@@ -1315,11 +1638,11 @@ static int ssl3_send_server_key_exchange(SSL *s)
 
 			/* XXX: For now, we only support named (not 
 			 * generic) curves in ECDH ephemeral key exchanges.
-			 * In this situation, we need three additional bytes
+			 * In this situation, we need four additional bytes
 			 * to encode the entire ServerECDHParams
 			 * structure. 
 			 */
-			n = 3 + encodedlen;
+			n = 4 + encodedlen;
 
 			/* We'll generate the serverKeyExchange message
 			 * explicitly so we can set these to NULLs
@@ -1327,9 +1650,18 @@ static int ssl3_send_server_key_exchange(SSL *s)
 			r[0]=NULL;
 			r[1]=NULL;
 			r[2]=NULL;
+			r[3]=NULL;
 			}
 		else 
 #endif /* !OPENSSL_NO_ECDH */
+#ifndef OPENSSL_NO_PSK
+			if (type & SSL_kPSK)
+				{
+				/* reserve size for record length and PSK identity hint*/
+				n+=2+strlen(s->ctx->psk_identity_hint);
+				}
+			else
+#endif /* !OPENSSL_NO_PSK */
 			{
 			al=SSL_AD_HANDSHAKE_FAILURE;
 			SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE);
@@ -1341,7 +1673,8 @@ static int ssl3_send_server_key_exchange(SSL *s)
 			n+=2+nr[i];
 			}
 
-		if (!(s->s3->tmp.new_cipher->algorithms & SSL_aNULL))
+		if (!(s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL)
+			&& !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK))
 			{
 			if ((pkey=ssl_get_sign_pkey(s,s->s3->tmp.new_cipher))
 				== NULL)
@@ -1373,16 +1706,18 @@ static int ssl3_send_server_key_exchange(SSL *s)
 			}
 
 #ifndef OPENSSL_NO_ECDH
-		if (type & SSL_kECDHE) 
+		if (type & SSL_kEECDH) 
 			{
 			/* XXX: For now, we only support named (not generic) curves.
 			 * In this situation, the serverKeyExchange message has:
-			 * [1 byte CurveType], [1 byte CurveName]
+			 * [1 byte CurveType], [2 byte CurveName]
 			 * [1 byte length of encoded point], followed by
 			 * the actual encoded point itself
 			 */
 			*p = NAMED_CURVE_TYPE;
 			p += 1;
+			*p = 0;
+			p += 1;
 			*p = curve_id;
 			p += 1;
 			*p = encodedlen;
@@ -1395,6 +1730,16 @@ static int ssl3_send_server_key_exchange(SSL *s)
 			}
 #endif
 
+#ifndef OPENSSL_NO_PSK
+		if (type & SSL_kPSK)
+			{
+			/* copy PSK identity hint */
+			s2n(strlen(s->ctx->psk_identity_hint), p); 
+			strncpy((char *)p, s->ctx->psk_identity_hint, strlen(s->ctx->psk_identity_hint));
+			p+=strlen(s->ctx->psk_identity_hint);
+			}
+#endif
+
 		/* not anonymous */
 		if (pkey != NULL)
 			{
@@ -1497,7 +1842,7 @@ err:
 	return(-1);
 	}
 
-static int ssl3_send_certificate_request(SSL *s)
+int ssl3_send_certificate_request(SSL *s)
 	{
 	unsigned char *p,*d;
 	int i,j,nl,off,n;
@@ -1586,24 +1931,11 @@ err:
 	return(-1);
 	}
 
-
-static const int KDF1_SHA1_len = 20;
-static void *KDF1_SHA1(void *in, size_t inlen, void *out, size_t outlen)
-	{
-#ifndef OPENSSL_NO_SHA
-	if (outlen != SHA_DIGEST_LENGTH)
-		return NULL;
-	return SHA1(in, inlen, out);
-#else
-	return NULL;
-#endif
-	}
-
-static int ssl3_get_client_key_exchange(SSL *s)
+int ssl3_get_client_key_exchange(SSL *s)
 	{
 	int i,al,ok;
 	long n;
-	unsigned long l;
+	unsigned long alg_k;
 	unsigned char *p;
 #ifndef OPENSSL_NO_RSA
 	RSA *rsa=NULL;
@@ -1614,7 +1946,7 @@ static int ssl3_get_client_key_exchange(SSL *s)
 	DH *dh_srvr;
 #endif
 #ifndef OPENSSL_NO_KRB5
-        KSSL_ERR kssl_err;
+	KSSL_ERR kssl_err;
 #endif /* OPENSSL_NO_KRB5 */
 
 #ifndef OPENSSL_NO_ECDH
@@ -1624,7 +1956,7 @@ static int ssl3_get_client_key_exchange(SSL *s)
 	BN_CTX *bn_ctx = NULL; 
 #endif
 
-	n=ssl3_get_message(s,
+	n=s->method->ssl_get_message(s,
 		SSL3_ST_SR_KEY_EXCH_A,
 		SSL3_ST_SR_KEY_EXCH_B,
 		SSL3_MT_CLIENT_KEY_EXCHANGE,
@@ -1634,10 +1966,10 @@ static int ssl3_get_client_key_exchange(SSL *s)
 	if (!ok) return((int)n);
 	p=(unsigned char *)s->init_msg;
 
-	l=s->s3->tmp.new_cipher->algorithms;
+	alg_k=s->s3->tmp.new_cipher->algorithm_mkey;
 
 #ifndef OPENSSL_NO_RSA
-	if (l & SSL_kRSA)
+	if (alg_k & SSL_kRSA)
 		{
 		/* FIX THIS UP EAY EAY EAY EAY */
 		if (s->s3->tmp.use_rsa_tmp)
@@ -1668,8 +2000,8 @@ static int ssl3_get_client_key_exchange(SSL *s)
 			rsa=pkey->pkey.rsa;
 			}
 
-		/* TLS */
-		if (s->version > SSL3_VERSION)
+		/* TLS and [incidentally] DTLS{0xFEFF} */
+		if (s->version > SSL3_VERSION && s->version != DTLS1_BAD_VER)
 			{
 			n2s(p,i);
 			if (n != i+2)
@@ -1730,7 +2062,8 @@ static int ssl3_get_client_key_exchange(SSL *s)
 			i = SSL_MAX_MASTER_KEY_LENGTH;
 			p[0] = s->client_version >> 8;
 			p[1] = s->client_version & 0xff;
-			RAND_pseudo_bytes(p+2, i-2); /* should be RAND_bytes, but we cannot work around a failure */
+			if (RAND_pseudo_bytes(p+2, i-2) <= 0) /* should be RAND_bytes, but we cannot work around a failure */
+				goto err;
 			}
 	
 		s->session->master_key_length=
@@ -1742,7 +2075,7 @@ static int ssl3_get_client_key_exchange(SSL *s)
 	else
 #endif
 #ifndef OPENSSL_NO_DH
-		if (l & (SSL_kEDH|SSL_kDHr|SSL_kDHd))
+		if (alg_k & (SSL_kEDH|SSL_kDHr|SSL_kDHd))
 		{
 		n2s(p,i);
 		if (n != i+2)
@@ -1805,33 +2138,49 @@ static int ssl3_get_client_key_exchange(SSL *s)
 	else
 #endif
 #ifndef OPENSSL_NO_KRB5
-        if (l & SSL_kKRB5)
-                {
-                krb5_error_code		krb5rc;
+	if (alg_k & SSL_kKRB5)
+		{
+		krb5_error_code		krb5rc;
 		krb5_data		enc_ticket;
 		krb5_data		authenticator;
 		krb5_data		enc_pms;
-                KSSL_CTX		*kssl_ctx = s->kssl_ctx;
+		KSSL_CTX		*kssl_ctx = s->kssl_ctx;
 		EVP_CIPHER_CTX		ciph_ctx;
-		EVP_CIPHER		*enc = NULL;
+		const EVP_CIPHER	*enc = NULL;
 		unsigned char		iv[EVP_MAX_IV_LENGTH];
 		unsigned char		pms[SSL_MAX_MASTER_KEY_LENGTH
-                                               + EVP_MAX_BLOCK_LENGTH];
-		int                     padl, outl;
+					       + EVP_MAX_BLOCK_LENGTH];
+		int		     padl, outl;
 		krb5_timestamp		authtime = 0;
 		krb5_ticket_times	ttimes;
 
 		EVP_CIPHER_CTX_init(&ciph_ctx);
 
-                if (!kssl_ctx)  kssl_ctx = kssl_ctx_new();
+		if (!kssl_ctx)  kssl_ctx = kssl_ctx_new();
 
 		n2s(p,i);
 		enc_ticket.length = i;
+
+		if (n < (long)(enc_ticket.length + 6))
+			{
+			SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+				SSL_R_DATA_LENGTH_TOO_LONG);
+			goto err;
+			}
+
 		enc_ticket.data = (char *)p;
 		p+=enc_ticket.length;
 
 		n2s(p,i);
 		authenticator.length = i;
+
+		if (n < (long)(enc_ticket.length + authenticator.length + 6))
+			{
+			SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+				SSL_R_DATA_LENGTH_TOO_LONG);
+			goto err;
+			}
+
 		authenticator.data = (char *)p;
 		p+=authenticator.length;
 
@@ -1850,27 +2199,27 @@ static int ssl3_get_client_key_exchange(SSL *s)
 			goto err;
 			}
 
-		if (n != enc_ticket.length + authenticator.length +
-						enc_pms.length + 6)
+		if (n != (long)(enc_ticket.length + authenticator.length +
+						enc_pms.length + 6))
 			{
 			SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
 				SSL_R_DATA_LENGTH_TOO_LONG);
 			goto err;
 			}
 
-                if ((krb5rc = kssl_sget_tkt(kssl_ctx, &enc_ticket, &ttimes,
+		if ((krb5rc = kssl_sget_tkt(kssl_ctx, &enc_ticket, &ttimes,
 					&kssl_err)) != 0)
-                        {
+			{
 #ifdef KSSL_DEBUG
-                        printf("kssl_sget_tkt rtn %d [%d]\n",
-                                krb5rc, kssl_err.reason);
-                        if (kssl_err.text)
-                                printf("kssl_err text= %s\n", kssl_err.text);
+			printf("kssl_sget_tkt rtn %d [%d]\n",
+				krb5rc, kssl_err.reason);
+			if (kssl_err.text)
+				printf("kssl_err text= %s\n", kssl_err.text);
 #endif	/* KSSL_DEBUG */
-                        SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
-                                kssl_err.reason);
-                        goto err;
-                        }
+			SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+				kssl_err.reason);
+			goto err;
+			}
 
 		/*  Note: no authenticator is not considered an error,
 		**  but will return authtime == 0.
@@ -1879,29 +2228,29 @@ static int ssl3_get_client_key_exchange(SSL *s)
 					&authtime, &kssl_err)) != 0)
 			{
 #ifdef KSSL_DEBUG
-                        printf("kssl_check_authent rtn %d [%d]\n",
-                                krb5rc, kssl_err.reason);
-                        if (kssl_err.text)
-                                printf("kssl_err text= %s\n", kssl_err.text);
+			printf("kssl_check_authent rtn %d [%d]\n",
+				krb5rc, kssl_err.reason);
+			if (kssl_err.text)
+				printf("kssl_err text= %s\n", kssl_err.text);
 #endif	/* KSSL_DEBUG */
-                        SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
-                                kssl_err.reason);
-                        goto err;
+			SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+				kssl_err.reason);
+			goto err;
 			}
 
 		if ((krb5rc = kssl_validate_times(authtime, &ttimes)) != 0)
 			{
-			SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, krb5rc);
-                        goto err;
+			SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, krb5rc);
+			goto err;
 			}
 
 #ifdef KSSL_DEBUG
-                kssl_ctx_show(kssl_ctx);
+		kssl_ctx_show(kssl_ctx);
 #endif	/* KSSL_DEBUG */
 
 		enc = kssl_map_enc(kssl_ctx->enctype);
-                if (enc == NULL)
-                    goto err;
+		if (enc == NULL)
+		    goto err;
 
 		memset(iv, 0, sizeof iv);	/* per RFC 1510 */
 
@@ -1937,87 +2286,115 @@ static int ssl3_get_client_key_exchange(SSL *s)
 				SSL_R_DATA_LENGTH_TOO_LONG);
 			goto err;
 			}
+		if (!((p[0] == (s->client_version>>8)) && (p[1] == (s->client_version & 0xff))))
+		    {
+		    /* The premaster secret must contain the same version number as the
+		     * ClientHello to detect version rollback attacks (strangely, the
+		     * protocol does not offer such protection for DH ciphersuites).
+		     * However, buggy clients exist that send random bytes instead of
+		     * the protocol version.
+		     * If SSL_OP_TLS_ROLLBACK_BUG is set, tolerate such clients. 
+		     * (Perhaps we should have a separate BUG value for the Kerberos cipher)
+		     */
+		    if (!((s->options & SSL_OP_TLS_ROLLBACK_BUG) &&
+			   (p[0] == (s->version>>8)) && (p[1] == (s->version & 0xff))))
+			{
+			SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+			       SSL_AD_DECODE_ERROR);
+			goto err;
+			}
+		    }
+
 		EVP_CIPHER_CTX_cleanup(&ciph_ctx);
 
-                s->session->master_key_length=
-                        s->method->ssl3_enc->generate_master_secret(s,
-                                s->session->master_key, pms, outl);
+		s->session->master_key_length=
+			s->method->ssl3_enc->generate_master_secret(s,
+				s->session->master_key, pms, outl);
 
-                if (kssl_ctx->client_princ)
-                        {
-                        int len = strlen(kssl_ctx->client_princ);
-                        if ( len < SSL_MAX_KRB5_PRINCIPAL_LENGTH ) 
-                                {
-                                s->session->krb5_client_princ_len = len;
-                                memcpy(s->session->krb5_client_princ,kssl_ctx->client_princ,len);
-                                }
-                        }
+		if (kssl_ctx->client_princ)
+			{
+			size_t len = strlen(kssl_ctx->client_princ);
+			if ( len < SSL_MAX_KRB5_PRINCIPAL_LENGTH ) 
+				{
+				s->session->krb5_client_princ_len = len;
+				memcpy(s->session->krb5_client_princ,kssl_ctx->client_princ,len);
+				}
+			}
 
 
-                /*  Was doing kssl_ctx_free() here,
+		/*  Was doing kssl_ctx_free() here,
 		**  but it caused problems for apache.
-                **  kssl_ctx = kssl_ctx_free(kssl_ctx);
-                **  if (s->kssl_ctx)  s->kssl_ctx = NULL;
-                */
-                }
+		**  kssl_ctx = kssl_ctx_free(kssl_ctx);
+		**  if (s->kssl_ctx)  s->kssl_ctx = NULL;
+		*/
+		}
 	else
 #endif	/* OPENSSL_NO_KRB5 */
 
 #ifndef OPENSSL_NO_ECDH
-		if ((l & SSL_kECDH) || (l & SSL_kECDHE))
+		if (alg_k & (SSL_kEECDH|SSL_kECDHr|SSL_kECDHe))
 		{
 		int ret = 1;
 		int field_size = 0;
+		const EC_KEY   *tkey;
+		const EC_GROUP *group;
+		const BIGNUM *priv_key;
 
-                /* initialize structures for server's ECDH key pair */
+		/* initialize structures for server's ECDH key pair */
 		if ((srvr_ecdh = EC_KEY_new()) == NULL) 
 			{
-                	SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+			SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
 			    ERR_R_MALLOC_FAILURE);
-                	goto err;
+			goto err;
 			}
 
 		/* Let's get server private key and group information */
-		if (l & SSL_kECDH) 
+		if (alg_k & (SSL_kECDHr|SSL_kECDHe))
 			{ 
-                        /* use the certificate */
-			srvr_ecdh->group = s->cert->key->privatekey-> \
-			    pkey.eckey->group;
-			srvr_ecdh->priv_key = s->cert->key->privatekey-> \
-			    pkey.eckey->priv_key;
+			/* use the certificate */
+			tkey = s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec;
 			}
 		else
 			{
 			/* use the ephermeral values we saved when
 			 * generating the ServerKeyExchange msg.
 			 */
-			srvr_ecdh->group = s->s3->tmp.ecdh->group;
-			srvr_ecdh->priv_key = s->s3->tmp.ecdh->priv_key;
+			tkey = s->s3->tmp.ecdh;
+			}
+
+		group    = EC_KEY_get0_group(tkey);
+		priv_key = EC_KEY_get0_private_key(tkey);
+
+		if (!EC_KEY_set_group(srvr_ecdh, group) ||
+		    !EC_KEY_set_private_key(srvr_ecdh, priv_key))
+			{
+			SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+			       ERR_R_EC_LIB);
+			goto err;
 			}
 
 		/* Let's get client's public key */
-		if ((clnt_ecpoint = EC_POINT_new(srvr_ecdh->group))
-		    == NULL) 
+		if ((clnt_ecpoint = EC_POINT_new(group)) == NULL)
 			{
 			SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
 			    ERR_R_MALLOC_FAILURE);
 			goto err;
 			}
 
-                if (n == 0L) 
-                        {
+		if (n == 0L) 
+			{
 			/* Client Publickey was in Client Certificate */
 
-			 if (l & SSL_kECDHE) 
+			 if (alg_k & SSL_kEECDH)
 				 {
 				 al=SSL_AD_HANDSHAKE_FAILURE;
 				 SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_MISSING_TMP_ECDH_KEY);
 				 goto f_err;
 				 }
-                        if (((clnt_pub_pkey=X509_get_pubkey(s->session->peer))
+			if (((clnt_pub_pkey=X509_get_pubkey(s->session->peer))
 			    == NULL) || 
 			    (clnt_pub_pkey->type != EVP_PKEY_EC))
-                        	{
+				{
 				/* XXX: For now, we do not support client
 				 * authentication using ECDH certificates
 				 * so this branch (n == 0L) of the code is
@@ -2029,18 +2406,23 @@ static int ssl3_get_client_key_exchange(SSL *s)
 				 * the two ECDH shares are for the same
 				 * group.
 				 */
-                           	al=SSL_AD_HANDSHAKE_FAILURE;
-                           	SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+			   	al=SSL_AD_HANDSHAKE_FAILURE;
+			   	SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
 				    SSL_R_UNABLE_TO_DECODE_ECDH_CERTS);
-                           	goto f_err;
-                           	}
-
-			EC_POINT_copy(clnt_ecpoint,
-			    clnt_pub_pkey->pkey.eckey->pub_key);
-                        ret = 2; /* Skip certificate verify processing */
-                        }
-                else
-                        {
+			   	goto f_err;
+			   	}
+
+			if (EC_POINT_copy(clnt_ecpoint,
+			    EC_KEY_get0_public_key(clnt_pub_pkey->pkey.ec)) == 0)
+				{
+				SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+					ERR_R_EC_LIB);
+				goto err;
+				}
+			ret = 2; /* Skip certificate verify processing */
+			}
+		else
+			{
 			/* Get client's public key from encoded point
 			 * in the ClientKeyExchange message.
 			 */
@@ -2051,64 +2433,215 @@ static int ssl3_get_client_key_exchange(SSL *s)
 				goto err;
 				}
 
-                        /* Get encoded point length */
-                        i = *p; 
+			/* Get encoded point length */
+			i = *p; 
 			p += 1;
-                        if (EC_POINT_oct2point(srvr_ecdh->group, 
+			if (EC_POINT_oct2point(group, 
 			    clnt_ecpoint, p, i, bn_ctx) == 0)
 				{
 				SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
 				    ERR_R_EC_LIB);
 				goto err;
 				}
-                        /* p is pointing to somewhere in the buffer
-                         * currently, so set it to the start 
-                         */ 
-                        p=(unsigned char *)s->init_buf->data;
-                        }
+			/* p is pointing to somewhere in the buffer
+			 * currently, so set it to the start 
+			 */ 
+			p=(unsigned char *)s->init_buf->data;
+			}
 
 		/* Compute the shared pre-master secret */
-		field_size = EC_GROUP_get_degree(srvr_ecdh->group);
+		field_size = EC_GROUP_get_degree(group);
 		if (field_size <= 0)
 			{
 			SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, 
 			       ERR_R_ECDH_LIB);
 			goto err;
 			}
-		/* If field size is not more than 24 octets, then use SHA-1 hash of result;
-		 * otherwise, use result (see section 4.8 of draft-ietf-tls-ecc-03.txt;
-		 * this is new with this version of the Internet Draft).
-		 */
-		if (field_size <= 24 * 8)
-		    i = ECDH_compute_key(p, KDF1_SHA1_len, clnt_ecpoint, srvr_ecdh, KDF1_SHA1);
-		else
-		    i = ECDH_compute_key(p, (field_size+7)/8, clnt_ecpoint, srvr_ecdh, NULL);
-                if (i <= 0)
-                        {
-                        SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+		i = ECDH_compute_key(p, (field_size+7)/8, clnt_ecpoint, srvr_ecdh, NULL);
+		if (i <= 0)
+			{
+			SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
 			    ERR_R_ECDH_LIB);
-                        goto err;
-                        }
+			goto err;
+			}
 
 		EVP_PKEY_free(clnt_pub_pkey);
 		EC_POINT_free(clnt_ecpoint);
-		if (srvr_ecdh != NULL) 
-			{
-			srvr_ecdh->priv_key = NULL;
-			srvr_ecdh->group = NULL;
-			EC_KEY_free(srvr_ecdh);
-			}
+		EC_KEY_free(srvr_ecdh);
 		BN_CTX_free(bn_ctx);
+		EC_KEY_free(s->s3->tmp.ecdh);
+		s->s3->tmp.ecdh = NULL; 
 
 		/* Compute the master secret */
-                s->session->master_key_length = s->method->ssl3_enc-> \
+		s->session->master_key_length = s->method->ssl3_enc-> \
 		    generate_master_secret(s, s->session->master_key, p, i);
 		
-                OPENSSL_cleanse(p, i);
-                return (ret);
+		OPENSSL_cleanse(p, i);
+		return (ret);
 		}
 	else
 #endif
+#ifndef OPENSSL_NO_PSK
+		if (alg_k & SSL_kPSK)
+			{
+			unsigned char *t = NULL;
+			unsigned char psk_or_pre_ms[PSK_MAX_PSK_LEN*2+4];
+			unsigned int pre_ms_len = 0, psk_len = 0;
+			int psk_err = 1;
+			char tmp_id[PSK_MAX_IDENTITY_LEN+1];
+
+			al=SSL_AD_HANDSHAKE_FAILURE;
+
+			n2s(p,i);
+			if (n != i+2)
+				{
+				SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+					SSL_R_LENGTH_MISMATCH);
+				goto psk_err;
+				}
+			if (i > PSK_MAX_IDENTITY_LEN)
+				{
+				SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+					SSL_R_DATA_LENGTH_TOO_LONG);
+				goto psk_err;
+				}
+			if (s->psk_server_callback == NULL)
+				{
+				SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+				       SSL_R_PSK_NO_SERVER_CB);
+				goto psk_err;
+				}
+
+			/* Create guaranteed NULL-terminated identity
+			 * string for the callback */
+			memcpy(tmp_id, p, i);
+			memset(tmp_id+i, 0, PSK_MAX_IDENTITY_LEN+1-i);
+			psk_len = s->psk_server_callback(s, tmp_id,
+				psk_or_pre_ms, sizeof(psk_or_pre_ms));
+			OPENSSL_cleanse(tmp_id, PSK_MAX_IDENTITY_LEN+1);
+
+			if (psk_len > PSK_MAX_PSK_LEN)
+				{
+				SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+					ERR_R_INTERNAL_ERROR);
+				goto psk_err;
+				}
+			else if (psk_len == 0)
+				{
+				/* PSK related to the given identity not found */
+				SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+				       SSL_R_PSK_IDENTITY_NOT_FOUND);
+				al=SSL_AD_UNKNOWN_PSK_IDENTITY;
+				goto psk_err;
+				}
+
+			/* create PSK pre_master_secret */
+			pre_ms_len=2+psk_len+2+psk_len;
+			t = psk_or_pre_ms;
+			memmove(psk_or_pre_ms+psk_len+4, psk_or_pre_ms, psk_len);
+			s2n(psk_len, t);
+			memset(t, 0, psk_len);
+			t+=psk_len;
+			s2n(psk_len, t);
+
+			if (s->session->psk_identity != NULL)
+				OPENSSL_free(s->session->psk_identity);
+			s->session->psk_identity = BUF_strdup((char *)p);
+			if (s->session->psk_identity == NULL)
+				{
+				SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+					ERR_R_MALLOC_FAILURE);
+				goto psk_err;
+				}
+
+			if (s->session->psk_identity_hint != NULL)
+				OPENSSL_free(s->session->psk_identity_hint);
+			s->session->psk_identity_hint = BUF_strdup(s->ctx->psk_identity_hint);
+			if (s->ctx->psk_identity_hint != NULL &&
+				s->session->psk_identity_hint == NULL)
+				{
+				SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+					ERR_R_MALLOC_FAILURE);
+				goto psk_err;
+				}
+
+			s->session->master_key_length=
+				s->method->ssl3_enc->generate_master_secret(s,
+					s->session->master_key, psk_or_pre_ms, pre_ms_len);
+			psk_err = 0;
+		psk_err:
+			OPENSSL_cleanse(psk_or_pre_ms, sizeof(psk_or_pre_ms));
+			if (psk_err != 0)
+				goto f_err;
+			}
+		else
+#endif
+		if (alg_k & SSL_kGOST) 
+			{
+			int ret = 0;
+			EVP_PKEY_CTX *pkey_ctx;
+			EVP_PKEY *client_pub_pkey = NULL;
+			unsigned char premaster_secret[32], *start;
+			size_t outlen=32, inlen;			
+
+			/* Get our certificate private key*/
+			pkey_ctx = EVP_PKEY_CTX_new(s->cert->key->privatekey,NULL);	
+			EVP_PKEY_decrypt_init(pkey_ctx);
+			/* If client certificate is present and is of the same type, maybe
+			 * use it for key exchange.  Don't mind errors from
+			 * EVP_PKEY_derive_set_peer, because it is completely valid to use
+			 * a client certificate for authorization only. */
+			client_pub_pkey = X509_get_pubkey(s->session->peer);
+			if (client_pub_pkey)
+				{
+				if (EVP_PKEY_derive_set_peer(pkey_ctx, client_pub_pkey) <= 0)
+					ERR_clear_error();
+				}
+			/* Decrypt session key */
+			if ((*p!=( V_ASN1_SEQUENCE| V_ASN1_CONSTRUCTED))) 
+				{
+				SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_DECRYPTION_FAILED);
+				goto gerr;
+				}
+			if (p[1] == 0x81)
+				{
+				start = p+3;
+				inlen = p[2];
+				}
+			else if (p[1] < 0x80)
+				{
+				start = p+2;
+				inlen = p[1];
+				}
+			else
+				{
+				SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_DECRYPTION_FAILED);
+				goto gerr;
+				}
+			if (EVP_PKEY_decrypt(pkey_ctx,premaster_secret,&outlen,start,inlen) <=0) 
+
+				{
+				SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_DECRYPTION_FAILED);
+				goto gerr;
+				}
+			/* Generate master secret */
+			s->session->master_key_length=
+				s->method->ssl3_enc->generate_master_secret(s,
+					s->session->master_key,premaster_secret,32);
+			/* Check if pubkey from client certificate was used */
+			if (EVP_PKEY_CTX_ctrl(pkey_ctx, -1, -1, EVP_PKEY_CTRL_PEER_KEY, 2, NULL) > 0)
+				ret = 2;
+			else
+				ret = 1;
+		gerr:
+			EVP_PKEY_free(client_pub_pkey);
+			EVP_PKEY_CTX_free(pkey_ctx);
+			if (ret)
+				return ret;
+			else
+				goto err;
+			}
+		else
 		{
 		al=SSL_AD_HANDSHAKE_FAILURE;
 		SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
@@ -2126,17 +2659,13 @@ err:
 	EVP_PKEY_free(clnt_pub_pkey);
 	EC_POINT_free(clnt_ecpoint);
 	if (srvr_ecdh != NULL) 
-		{
-		srvr_ecdh->priv_key = NULL;
-		srvr_ecdh->group = NULL;
 		EC_KEY_free(srvr_ecdh);
-		}
 	BN_CTX_free(bn_ctx);
 #endif
 	return(-1);
 	}
 
-static int ssl3_get_cert_verify(SSL *s)
+int ssl3_get_cert_verify(SSL *s)
 	{
 	EVP_PKEY *pkey=NULL;
 	unsigned char *p;
@@ -2145,7 +2674,7 @@ static int ssl3_get_cert_verify(SSL *s)
 	int type=0,i,j;
 	X509 *peer;
 
-	n=ssl3_get_message(s,
+	n=s->method->ssl_get_message(s,
 		SSL3_ST_SR_CERT_VRFY_A,
 		SSL3_ST_SR_CERT_VRFY_B,
 		-1,
@@ -2202,15 +2731,25 @@ static int ssl3_get_cert_verify(SSL *s)
 
 	/* we now have a signature that we need to verify */
 	p=(unsigned char *)s->init_msg;
-	n2s(p,i);
-	n-=2;
-	if (i > n)
+	/* Check for broken implementations of GOST ciphersuites */
+	/* If key is GOST and n is exactly 64, it is bare
+	 * signature without length field */
+	if (n==64 && (pkey->type==NID_id_GostR3410_94 ||
+		pkey->type == NID_id_GostR3410_2001) )
 		{
-		SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_LENGTH_MISMATCH);
-		al=SSL_AD_DECODE_ERROR;
-		goto f_err;
-		}
-
+		i=64;
+		} 
+	else 
+		{	
+		n2s(p,i);
+		n-=2;
+		if (i > n)
+			{
+			SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_LENGTH_MISMATCH);
+			al=SSL_AD_DECODE_ERROR;
+			goto f_err;
+			}
+    	}
 	j=EVP_PKEY_size(pkey);
 	if ((i > j) || (n > j) || (n <= 0))
 		{
@@ -2261,7 +2800,7 @@ static int ssl3_get_cert_verify(SSL *s)
 		{
 		j=ECDSA_verify(pkey->save_type,
 			&(s->s3->tmp.cert_verify_md[MD5_DIGEST_LENGTH]),
-			SHA_DIGEST_LENGTH,p,i,pkey->pkey.eckey);
+			SHA_DIGEST_LENGTH,p,i,pkey->pkey.ec);
 		if (j <= 0)
 			{
 			/* bad signature */
@@ -2273,6 +2812,28 @@ static int ssl3_get_cert_verify(SSL *s)
 		}
 	else
 #endif
+	if (pkey->type == NID_id_GostR3410_94 || pkey->type == NID_id_GostR3410_2001)
+		{   unsigned char signature[64];
+			int idx;
+			EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new(pkey,NULL);
+			EVP_PKEY_verify_init(pctx);
+			if (i!=64) {
+				fprintf(stderr,"GOST signature length is %d",i);
+			}	
+			for (idx=0;idx<64;idx++) {
+				signature[63-idx]=p[idx];
+			}	
+			j=EVP_PKEY_verify(pctx,signature,64,s->s3->tmp.cert_verify_md,32);
+			EVP_PKEY_CTX_free(pctx);
+			if (j<=0) 
+				{
+				al=SSL_AD_DECRYPT_ERROR;
+				SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,
+					SSL_R_BAD_ECDSA_SIGNATURE);
+				goto f_err;
+				}	
+		}
+	else	
 		{
 		SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,ERR_R_INTERNAL_ERROR);
 		al=SSL_AD_UNSUPPORTED_CERTIFICATE;
@@ -2291,7 +2852,7 @@ end:
 	return(ret);
 	}
 
-static int ssl3_get_client_certificate(SSL *s)
+int ssl3_get_client_certificate(SSL *s)
 	{
 	int i,ok,al,ret= -1;
 	X509 *x=NULL;
@@ -2300,7 +2861,7 @@ static int ssl3_get_client_certificate(SSL *s)
 	unsigned char *d;
 	STACK_OF(X509) *sk=NULL;
 
-	n=ssl3_get_message(s,
+	n=s->method->ssl_get_message(s,
 		SSL3_ST_SR_CERT_A,
 		SSL3_ST_SR_CERT_B,
 		-1,
@@ -2403,7 +2964,7 @@ static int ssl3_get_client_certificate(SSL *s)
 	else
 		{
 		i=ssl_verify_cert_chain(s,sk);
-		if (!i)
+		if (i <= 0)
 			{
 			al=ssl_verify_alarm_type(s->verify_result);
 			SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_NO_CERTIFICATE_RETURNED);
@@ -2455,14 +3016,15 @@ int ssl3_send_server_certificate(SSL *s)
 	if (s->state == SSL3_ST_SW_CERT_A)
 		{
 		x=ssl_get_server_send_cert(s);
-		if (x == NULL &&
-                        /* VRS: allow null cert if auth == KRB5 */
-                        (s->s3->tmp.new_cipher->algorithms
-                                & (SSL_MKEY_MASK|SSL_AUTH_MASK))
-                        != (SSL_aKRB5|SSL_kKRB5))
+		if (x == NULL)
 			{
-			SSLerr(SSL_F_SSL3_SEND_SERVER_CERTIFICATE,ERR_R_INTERNAL_ERROR);
-			return(0);
+			/* VRS: allow null cert if auth == KRB5 */
+			if ((s->s3->tmp.new_cipher->algorithm_auth != SSL_aKRB5) ||
+			    (s->s3->tmp.new_cipher->algorithm_mkey & SSL_kKRB5))
+				{
+				SSLerr(SSL_F_SSL3_SEND_SERVER_CERTIFICATE,ERR_R_INTERNAL_ERROR);
+				return(0);
+				}
 			}
 
 		l=ssl3_output_cert_chain(s,x);
@@ -2474,67 +3036,146 @@ int ssl3_send_server_certificate(SSL *s)
 	/* SSL3_ST_SW_CERT_B */
 	return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
 	}
+#ifndef OPENSSL_NO_TLSEXT
+int ssl3_send_newsession_ticket(SSL *s)
+	{
+	if (s->state == SSL3_ST_SW_SESSION_TICKET_A)
+		{
+		unsigned char *p, *senc, *macstart;
+		int len, slen;
+		unsigned int hlen;
+		EVP_CIPHER_CTX ctx;
+		HMAC_CTX hctx;
+		SSL_CTX *tctx = s->initial_ctx;
+		unsigned char iv[EVP_MAX_IV_LENGTH];
+		unsigned char key_name[16];
+
+		/* get session encoding length */
+		slen = i2d_SSL_SESSION(s->session, NULL);
+		/* Some length values are 16 bits, so forget it if session is
+ 		 * too long
+ 		 */
+		if (slen > 0xFF00)
+			return -1;
+		/* Grow buffer if need be: the length calculation is as
+ 		 * follows 1 (size of message name) + 3 (message length
+ 		 * bytes) + 4 (ticket lifetime hint) + 2 (ticket length) +
+ 		 * 16 (key name) + max_iv_len (iv length) +
+ 		 * session_length + max_enc_block_size (max encrypted session
+ 		 * length) + max_md_size (HMAC).
+ 		 */
+		if (!BUF_MEM_grow(s->init_buf,
+			26 + EVP_MAX_IV_LENGTH + EVP_MAX_BLOCK_LENGTH +
+			EVP_MAX_MD_SIZE + slen))
+			return -1;
+		senc = OPENSSL_malloc(slen);
+		if (!senc)
+			return -1;
+		p = senc;
+		i2d_SSL_SESSION(s->session, &p);
 
+		p=(unsigned char *)s->init_buf->data;
+		/* do the header */
+		*(p++)=SSL3_MT_NEWSESSION_TICKET;
+		/* Skip message length for now */
+		p += 3;
+		EVP_CIPHER_CTX_init(&ctx);
+		HMAC_CTX_init(&hctx);
+		/* Initialize HMAC and cipher contexts. If callback present
+		 * it does all the work otherwise use generated values
+		 * from parent ctx.
+		 */
+		if (tctx->tlsext_ticket_key_cb)
+			{
+			if (tctx->tlsext_ticket_key_cb(s, key_name, iv, &ctx,
+							 &hctx, 1) < 0)
+				{
+				OPENSSL_free(senc);
+				return -1;
+				}
+			}
+		else
+			{
+			RAND_pseudo_bytes(iv, 16);
+			EVP_EncryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL,
+					tctx->tlsext_tick_aes_key, iv);
+			HMAC_Init_ex(&hctx, tctx->tlsext_tick_hmac_key, 16,
+					tlsext_tick_md(), NULL);
+			memcpy(key_name, tctx->tlsext_tick_key_name, 16);
+			}
+		l2n(s->session->tlsext_tick_lifetime_hint, p);
+		/* Skip ticket length for now */
+		p += 2;
+		/* Output key name */
+		macstart = p;
+		memcpy(p, key_name, 16);
+		p += 16;
+		/* output IV */
+		memcpy(p, iv, EVP_CIPHER_CTX_iv_length(&ctx));
+		p += EVP_CIPHER_CTX_iv_length(&ctx);
+		/* Encrypt session data */
+		EVP_EncryptUpdate(&ctx, p, &len, senc, slen);
+		p += len;
+		EVP_EncryptFinal(&ctx, p, &len);
+		p += len;
+		EVP_CIPHER_CTX_cleanup(&ctx);
+
+		HMAC_Update(&hctx, macstart, p - macstart);
+		HMAC_Final(&hctx, p, &hlen);
+		HMAC_CTX_cleanup(&hctx);
+
+		p += hlen;
+		/* Now write out lengths: p points to end of data written */
+		/* Total length */
+		len = p - (unsigned char *)s->init_buf->data;
+		p=(unsigned char *)s->init_buf->data + 1;
+		l2n3(len - 4, p); /* Message length */
+		p += 4;
+		s2n(len - 10, p);  /* Ticket length */
 
-#ifndef OPENSSL_NO_ECDH
-/* This is the complement of curve_id2nid in s3_clnt.c. */
-static int nid2curve_id(int nid)
-{
-	/* ECC curves from draft-ietf-tls-ecc-01.txt (Mar 15, 2001)
-	 * (no changes in draft-ietf-tls-ecc-03.txt [June 2003]) */
-	switch (nid) {
-	case NID_sect163k1: /* sect163k1 (1) */
-		return 1;
-	case NID_sect163r1: /* sect163r1 (2) */
-		return 2;
-	case NID_sect163r2: /* sect163r2 (3) */
-		return 3;
-	case NID_sect193r1: /* sect193r1 (4) */ 
-		return 4;
-	case NID_sect193r2: /* sect193r2 (5) */ 
-		return 5;
-	case NID_sect233k1: /* sect233k1 (6) */
-		return 6;
-	case NID_sect233r1: /* sect233r1 (7) */ 
-		return 7;
-	case NID_sect239k1: /* sect239k1 (8) */ 
-		return 8;
-	case NID_sect283k1: /* sect283k1 (9) */
-		return 9;
-	case NID_sect283r1: /* sect283r1 (10) */ 
-		return 10;
-	case NID_sect409k1: /* sect409k1 (11) */ 
-		return 11;
-	case NID_sect409r1: /* sect409r1 (12) */
-		return 12;
-	case NID_sect571k1: /* sect571k1 (13) */ 
-		return 13;
-	case NID_sect571r1: /* sect571r1 (14) */ 
-		return 14;
-	case NID_secp160k1: /* secp160k1 (15) */
-		return 15;
-	case NID_secp160r1: /* secp160r1 (16) */ 
-		return 16;
-	case NID_secp160r2: /* secp160r2 (17) */ 
-		return 17;
-	case NID_secp192k1: /* secp192k1 (18) */
-		return 18;
-	case NID_X9_62_prime192v1: /* secp192r1 (19) */ 
-		return 19;
-	case NID_secp224k1: /* secp224k1 (20) */ 
-		return 20;
-	case NID_secp224r1: /* secp224r1 (21) */
-		return 21;
-	case NID_secp256k1: /* secp256k1 (22) */ 
-		return 22;
-	case NID_X9_62_prime256v1: /* secp256r1 (23) */ 
-		return 23;
-	case NID_secp384r1: /* secp384r1 (24) */
-		return 24;
-	case NID_secp521r1:  /* secp521r1 (25) */	
-		return 25;
-	default:
-		return 0;
+		/* number of bytes to write */
+		s->init_num= len;
+		s->state=SSL3_ST_SW_SESSION_TICKET_B;
+		s->init_off=0;
+		OPENSSL_free(senc);
+		}
+
+	/* SSL3_ST_SW_SESSION_TICKET_B */
+	return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
+	}
+
+int ssl3_send_cert_status(SSL *s)
+	{
+	if (s->state == SSL3_ST_SW_CERT_STATUS_A)
+		{
+		unsigned char *p;
+		/* Grow buffer if need be: the length calculation is as
+ 		 * follows 1 (message type) + 3 (message length) +
+ 		 * 1 (ocsp response type) + 3 (ocsp response length)
+ 		 * + (ocsp response)
+ 		 */
+		if (!BUF_MEM_grow(s->init_buf, 8 + s->tlsext_ocsp_resplen))
+			return -1;
+
+		p=(unsigned char *)s->init_buf->data;
+
+		/* do the header */
+		*(p++)=SSL3_MT_CERTIFICATE_STATUS;
+		/* message length */
+		l2n3(s->tlsext_ocsp_resplen + 4, p);
+		/* status type */
+		*(p++)= s->tlsext_status_type;
+		/* length of OCSP response */
+		l2n3(s->tlsext_ocsp_resplen, p);
+		/* actual response */
+		memcpy(p, s->tlsext_ocsp_resp, s->tlsext_ocsp_resplen);
+		/* number of bytes to write */
+		s->init_num = 8 + s->tlsext_ocsp_resplen;
+		s->state=SSL3_ST_SW_CERT_STATUS_B;
+		s->init_off = 0;
+		}
+
+	/* SSL3_ST_SW_CERT_STATUS_B */
+	return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
 	}
-}
 #endif
diff --git a/ssl/ssl-lib.com b/ssl/ssl-lib.com
index fc0e63c310..454641f8bf 100644
--- a/ssl/ssl-lib.com
+++ b/ssl/ssl-lib.com
@@ -8,11 +8,11 @@ $!
 $!  Changes by Richard Levitte <richard@levitte.org>
 $!
 $!  This command file compiles and creates the "[.xxx.EXE.SSL]LIBSSL.OLB" 
-$!  library for OpenSSL.  The "xxx" denotes the machine architecture of AXP 
-$!  or VAX.
+$!  library for OpenSSL.  The "xxx" denotes the machine architecture of
+$!  ALPHA, IA64 or VAX.
 $!
 $!  It is written to detect what type of machine you are compiling on
-$!  (i.e. AXP or VAX) and which "C" compiler you have (i.e. VAXC, DECC 
+$!  (i.e. ALPHA or VAX) and which "C" compiler you have (i.e. VAXC, DECC 
 $!  or GNU C) or you can specify which compiler to use.
 $!
 $!  Specify the following as P1 to build just that part or ALL to just
@@ -51,27 +51,40 @@ $! (That Is, If We Need To Link To One.)
 $!
 $ TCPIP_LIB = ""
 $!
-$! Check Which Architecture We Are Using.
+$! Check What Architecture We Are Using.
 $!
-$ IF (F$GETSYI("CPU").GE.128)
+$ IF (F$GETSYI("CPU").LT.128)
 $ THEN
 $!
-$!  The Architecture Is AXP.
+$!  The Architecture Is VAX.
 $!
-$   ARCH := AXP
+$   ARCH := VAX
 $!
 $! Else...
 $!
 $ ELSE
 $!
-$!  The Architecture Is VAX.
+$!  The Architecture Is Alpha, IA64 or whatever comes in the future.
 $!
-$   ARCH := VAX
+$   ARCH = F$EDIT( F$GETSYI( "ARCH_NAME"), "UPCASE")
+$   IF (ARCH .EQS. "") THEN ARCH = "UNK"
 $!
 $! End The Architecture Check.
 $!
 $ ENDIF
 $!
+$! Define The OBJ Directory.
+$!
+$ OBJ_DIR := SYS$DISK:[-.'ARCH'.OBJ.SSL]
+$!
+$! Define The LIS Directory.
+$!
+$ LIS_DIR := SYS$DISK:[-.'ARCH'.LIS.SSL]
+$!
+$! Define The EXE Directory.
+$!
+$ EXE_DIR := SYS$DISK:[-.'ARCH'.EXE.SSL]
+$!
 $! Check To Make Sure We Have Valid Command Line Parameters.
 $!
 $ GOSUB CHECK_OPTIONS
@@ -84,10 +97,6 @@ $! Tell The User What Kind of Machine We Run On.
 $!
 $ WRITE SYS$OUTPUT "Compiling On A ",ARCH," Machine."
 $!
-$! Define The OBJ Directory.
-$!
-$ OBJ_DIR := SYS$DISK:[-.'ARCH'.OBJ.SSL]
-$!
 $! Check To See If The Architecture Specific OBJ Directory Exists.
 $!
 $ IF (F$PARSE(OBJ_DIR).EQS."")
@@ -101,10 +110,6 @@ $! End The Architecture Specific OBJ Directory Check.
 $!
 $ ENDIF
 $!
-$! Define The LIS Directory.
-$!
-$ LIS_DIR := SYS$DISK:[-.'ARCH'.LIS.SSL]
-$!
 $! Check To See If The Architecture Specific LIS Directory Exists.
 $!
 $ IF (F$PARSE(LIS_DIR).EQS."")
@@ -118,10 +123,6 @@ $! End The Architecture Specific LIS Directory Check.
 $!
 $ ENDIF
 $!
-$! Define The EXE Directory.
-$!
-$ EXE_DIR := SYS$DISK:[-.'ARCH'.EXE.SSL]
-$!
 $! Check To See If The Architecture Specific Directory Exists.
 $!
 $ IF (F$PARSE(EXE_DIR).EQS."")
@@ -196,10 +197,12 @@ $ LIB_SSL = "s2_meth,s2_srvr,s2_clnt,s2_lib,s2_enc,s2_pkt,"+ -
 	    "s3_meth,s3_srvr,s3_clnt,s3_lib,s3_enc,s3_pkt,s3_both,"+ -
 	    "s23_meth,s23_srvr,s23_clnt,s23_lib,s23_pkt,"+ -
 	    "t1_meth,t1_srvr,t1_clnt,t1_lib,t1_enc,"+ -
+	    "d1_meth,d1_srvr,d1_clnt,d1_lib,d1_pkt,"+ -
+	    "d1_both,d1_enc,"+ -
 	    "ssl_lib,ssl_err2,ssl_cert,ssl_sess,"+ -
 	    "ssl_ciph,ssl_stat,ssl_rsa,"+ -
 	    "ssl_asn1,ssl_txt,ssl_algs,"+ -
-	    "bio_ssl,ssl_err,kssl"
+	    "bio_ssl,ssl_err,kssl,t1_reneg"
 $!
 $! Tell The User That We Are Compiling The Library.
 $!
@@ -433,7 +436,7 @@ $!
 $   IF (F$SEARCH(OPT_FILE).EQS."")
 $   THEN
 $!
-$!    Figure Out If We Need An AXP Or A VAX Linker Option File.
+$!    Figure Out If We Need A non-VAX Or A VAX Linker Option File.
 $!
 $     IF (ARCH.EQS."VAX")
 $     THEN
@@ -453,19 +456,19 @@ $!    Else...
 $!
 $     ELSE
 $!
-$!      Create The AXP Linker Option File.
+$!      Create The non-VAX Linker Option File.
 $!
 $       CREATE 'OPT_FILE'
 $DECK
 !
-! Default System Options File For AXP To Link Agianst 
+! Default System Options File For non-VAX To Link Agianst 
 ! The Sharable C Runtime Library.
 !
 SYS$SHARE:CMA$OPEN_LIB_SHR/SHARE
 SYS$SHARE:CMA$OPEN_RTL/SHARE
 $EOD
 $!
-$!    End The VAX/AXP DEC C Option File Check.
+$!    End The DEC C Option File Check.
 $!
 $     ENDIF
 $!
@@ -571,8 +574,9 @@ $     WRITE SYS$OUTPUT "    SSL_TASK :  To Compile Just The [.xxx.EXE.SSL]SSL_TA
 $     WRITE SYS$OUTPUT ""
 $     WRITE SYS$OUTPUT " Where 'xxx' Stands For:"
 $     WRITE SYS$OUTPUT ""
-$     WRITE SYS$OUTPUT "        AXP  :  Alpha Architecture."
-$     WRITE SYS$OUTPUT "        VAX  :  VAX Architecture."
+$     WRITE SYS$OUTPUT "    ALPHA    :  Alpha Architecture."
+$     WRITE SYS$OUTPUT "    IA64     :  IA64 Architecture."
+$     WRITE SYS$OUTPUT "    VAX      :  VAX Architecture."
 $     WRITE SYS$OUTPUT ""
 $!
 $!    Time To EXIT.
@@ -756,7 +760,7 @@ $   ELSE
 $!
 $!  Check To See If We Have VAXC Or DECC.
 $!
-$     IF (ARCH.EQS."AXP").OR.(F$TRNLNM("DECC$CC_DEFAULT").NES."")
+$     IF (ARCH.NES."VAX").OR.(F$TRNLNM("DECC$CC_DEFAULT").NES."")
 $     THEN 
 $!
 $!      Looks Like DECC, Set To Use DECC.
@@ -833,7 +837,7 @@ $ CCDEFS = "TCPIP_TYPE_''P4'"
 $ IF F$TYPE(USER_CCDEFS) .NES. "" THEN CCDEFS = CCDEFS + "," + USER_CCDEFS
 $ CCEXTRAFLAGS = ""
 $ IF F$TYPE(USER_CCFLAGS) .NES. "" THEN CCEXTRAFLAGS = USER_CCFLAGS
-$ CCDISABLEWARNINGS = "LONGLONGTYPE,LONGLONGSUFX"
+$ CCDISABLEWARNINGS = "LONGLONGTYPE,LONGLONGSUFX,FOUNDCR"
 $ IF F$TYPE(USER_CCDISABLEWARNINGS) .NES. "" THEN -
 	CCDISABLEWARNINGS = CCDISABLEWARNINGS + "," + USER_CCDISABLEWARNINGS
 $!
@@ -866,7 +870,7 @@ $     CC = CC + "/''CC_OPTIMIZE'/''DEBUGGER'/STANDARD=ANSI89" + -
 $!
 $!    Define The Linker Options File Name.
 $!
-$     OPT_FILE = "SYS$DISK:[]VAX_DECC_OPTIONS.OPT"
+$     OPT_FILE = "''EXE_DIR'VAX_DECC_OPTIONS.OPT"
 $!
 $!  End DECC Check.
 $!
@@ -888,9 +892,9 @@ $!
 $!    Compile Using VAXC.
 $!
 $     CC = "CC"
-$     IF ARCH.EQS."AXP"
+$     IF ARCH.NES."VAX"
 $     THEN
-$	WRITE SYS$OUTPUT "There is no VAX C on Alpha!"
+$	WRITE SYS$OUTPUT "There is no VAX C on ''ARCH'!"
 $	EXIT
 $     ENDIF
 $     IF F$TRNLNM("DECC$CC_DEFAULT").EQS."/DECC" THEN CC = "CC/VAXC"
@@ -904,7 +908,7 @@ $     DEFINE/NOLOG SYS SYS$COMMON:[SYSLIB]
 $!
 $!    Define The Linker Options File Name.
 $!
-$     OPT_FILE = "SYS$DISK:[]VAX_VAXC_OPTIONS.OPT"
+$     OPT_FILE = "''EXE_DIR'VAX_VAXC_OPTIONS.OPT"
 $!
 $!  End VAXC Check
 $!
@@ -931,7 +935,7 @@ $     CC = GCC+"/NOCASE_HACK/''GCC_OPTIMIZE'/''DEBUGGER'" + -
 $!
 $!    Define The Linker Options File Name.
 $!
-$     OPT_FILE = "SYS$DISK:[]VAX_GNUC_OPTIONS.OPT"
+$     OPT_FILE = "''EXE_DIR'VAX_GNUC_OPTIONS.OPT"
 $!
 $!  End The GNU C Check.
 $!
diff --git a/ssl/ssl.h b/ssl/ssl.h
index 579b9ef1b2..761c6f3c1f 100644
--- a/ssl/ssl.h
+++ b/ssl/ssl.h
@@ -56,7 +56,7 @@
  * [including the GNU Public Licence.]
  */
 /* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1998-2007 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -109,62 +109,35 @@
  *
  */
 /* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * ECC cipher suite support in OpenSSL originally developed by 
+ * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
+ */
+/* ====================================================================
+ * Copyright 2005 Nokia. All rights reserved.
  *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ * The portions of the attached software ("Contribution") is developed by
+ * Nokia Corporation and is licensed pursuant to the OpenSSL open source
+ * license.
  *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
+ * The Contribution, originally written by Mika Kousa and Pasi Eronen of
+ * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+ * support (see RFC 4279) to OpenSSL.
  *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
+ * No patent licenses or other rights except those expressly stated in
+ * the OpenSSL open source license shall be deemed granted or received
+ * expressly, by implication, estoppel, or otherwise.
  *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ * No assurances are provided by Nokia that the Contribution does not
+ * infringe the patent or other intellectual property rights of any third
+ * party or that the license provides you with all the necessary rights
+ * to make use of the Contribution.
  *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * ECC cipher suite support in OpenSSL originally developed by 
- * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
+ * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+ * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+ * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+ * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+ * OTHERWISE.
  */
 
 #ifndef HEADER_SSL_H 
@@ -187,6 +160,7 @@
 #include <openssl/buffer.h>
 #endif
 #include <openssl/pem.h>
+#include <openssl/hmac.h>
 
 #include <openssl/kssl.h>
 #include <openssl/safestack.h>
@@ -247,53 +221,89 @@ extern "C" {
 #define SSL_MAX_KEY_ARG_LENGTH			8
 #define SSL_MAX_MASTER_KEY_LENGTH		48
 
+
 /* These are used to specify which ciphers to use and not to use */
+
+#define SSL_TXT_EXP40		"EXPORT40"
+#define SSL_TXT_EXP56		"EXPORT56"
 #define SSL_TXT_LOW		"LOW"
 #define SSL_TXT_MEDIUM		"MEDIUM"
 #define SSL_TXT_HIGH		"HIGH"
-#define SSL_TXT_kFZA		"kFZA"
-#define	SSL_TXT_aFZA		"aFZA"
-#define SSL_TXT_eFZA		"eFZA"
-#define SSL_TXT_FZA		"FZA"
+#define SSL_TXT_FIPS		"FIPS"
+
+#define SSL_TXT_kFZA		"kFZA" /* unused! */
+#define	SSL_TXT_aFZA		"aFZA" /* unused! */
+#define SSL_TXT_eFZA		"eFZA" /* unused! */
+#define SSL_TXT_FZA		"FZA"  /* unused! */
 
 #define	SSL_TXT_aNULL		"aNULL"
 #define	SSL_TXT_eNULL		"eNULL"
 #define	SSL_TXT_NULL		"NULL"
 
-#define SSL_TXT_kKRB5     	"kKRB5"
-#define SSL_TXT_aKRB5     	"aKRB5"
-#define SSL_TXT_KRB5      	"KRB5"
-
 #define SSL_TXT_kRSA		"kRSA"
-#define SSL_TXT_kDHr		"kDHr"
-#define SSL_TXT_kDHd		"kDHd"
+#define SSL_TXT_kDHr		"kDHr" /* no such ciphersuites supported! */
+#define SSL_TXT_kDHd		"kDHd" /* no such ciphersuites supported! */
+#define SSL_TXT_kDH 		"kDH"  /* no such ciphersuites supported! */
 #define SSL_TXT_kEDH		"kEDH"
+#define SSL_TXT_kKRB5     	"kKRB5"
+#define SSL_TXT_kECDHr		"kECDHr"
+#define SSL_TXT_kECDHe		"kECDHe"
+#define SSL_TXT_kECDH		"kECDH"
+#define SSL_TXT_kEECDH		"kEECDH"
+#define SSL_TXT_kPSK            "kPSK"
+#define SSL_TXT_kGOST		"kGOST"
+
 #define	SSL_TXT_aRSA		"aRSA"
 #define	SSL_TXT_aDSS		"aDSS"
-#define	SSL_TXT_aDH		"aDH"
+#define	SSL_TXT_aDH		"aDH" /* no such ciphersuites supported! */
+#define	SSL_TXT_aECDH		"aECDH"
+#define SSL_TXT_aKRB5     	"aKRB5"
+#define SSL_TXT_aECDSA		"aECDSA"
+#define SSL_TXT_aPSK            "aPSK"
+#define SSL_TXT_aGOST94	"aGOST94"
+#define SSL_TXT_aGOST01 "aGOST01"
+#define SSL_TXT_aGOST  "aGOST"
+
 #define	SSL_TXT_DSS		"DSS"
 #define SSL_TXT_DH		"DH"
-#define SSL_TXT_EDH		"EDH"
+#define SSL_TXT_EDH		"EDH" /* same as "kEDH:-ADH" */
 #define SSL_TXT_ADH		"ADH"
 #define SSL_TXT_RSA		"RSA"
+#define SSL_TXT_ECDH		"ECDH"
+#define SSL_TXT_EECDH		"EECDH" /* same as "kEECDH:-AECDH" */
+#define SSL_TXT_AECDH		"AECDH"
+#define SSL_TXT_ECDSA		"ECDSA"
+#define SSL_TXT_KRB5      	"KRB5"
+#define SSL_TXT_PSK             "PSK"
+
 #define SSL_TXT_DES		"DES"
 #define SSL_TXT_3DES		"3DES"
 #define SSL_TXT_RC4		"RC4"
 #define SSL_TXT_RC2		"RC2"
 #define SSL_TXT_IDEA		"IDEA"
+#define SSL_TXT_SEED		"SEED"
+#define SSL_TXT_AES128		"AES128"
+#define SSL_TXT_AES256		"AES256"
 #define SSL_TXT_AES		"AES"
+#define SSL_TXT_CAMELLIA128	"CAMELLIA128"
+#define SSL_TXT_CAMELLIA256	"CAMELLIA256"
+#define SSL_TXT_CAMELLIA	"CAMELLIA"
+
 #define SSL_TXT_MD5		"MD5"
 #define SSL_TXT_SHA1		"SHA1"
-#define SSL_TXT_SHA		"SHA"
-#define SSL_TXT_EXP		"EXP"
-#define SSL_TXT_EXPORT		"EXPORT"
-#define SSL_TXT_EXP40		"EXPORT40"
-#define SSL_TXT_EXP56		"EXPORT56"
+#define SSL_TXT_SHA		"SHA" /* same as "SHA1" */
+#define SSL_TXT_GOST94		"GOST94" 
+#define SSL_TXT_GOST89MAC		"GOST89MAC" 
+
 #define SSL_TXT_SSLV2		"SSLv2"
 #define SSL_TXT_SSLV3		"SSLv3"
 #define SSL_TXT_TLSV1		"TLSv1"
+#define SSL_TXT_TLSV1_1		"TLSv1.1"
+
+#define SSL_TXT_EXP		"EXP"
+#define SSL_TXT_EXPORT		"EXPORT"
+
 #define SSL_TXT_ALL		"ALL"
-#define SSL_TXT_ECC		"ECCdraft" /* ECC ciphersuites are not yet official */
 
 /*
  * COMPLEMENTOF* definitions. These identifiers are used to (de-select)
@@ -315,7 +325,13 @@ extern "C" {
 /* The following cipher list is used by default.
  * It also is substituted when an application-defined cipher list string
  * starts with 'DEFAULT'. */
-#define SSL_DEFAULT_CIPHER_LIST	"ALL:!ADH:+RC4:@STRENGTH" /* low priority for RC4 */
+#define SSL_DEFAULT_CIPHER_LIST	"ALL:!aNULL:!eNULL:!SSLv2"
+/* As of OpenSSL 1.0.0, ssl_create_cipher_list() in ssl/ssl_ciph.c always
+ * starts with a reasonable order, and all we have to do for DEFAULT is
+ * throwing out anonymous and unencrypted ciphersuites!
+ * (The latter are not actually enabled by ALL, but "ALL:RSA" would enable
+ * some of them.)
+ */
 
 /* Used in SSL_set_shutdown()/SSL_get_shutdown(); */
 #define SSL_SENT_SHUTDOWN	1
@@ -340,6 +356,7 @@ extern "C" {
  * 'struct ssl_st *' function parameters used to prototype callbacks
  * in SSL_CTX. */
 typedef struct ssl_st *ssl_crock_st;
+typedef struct tls_session_ticket_ext_st TLS_SESSION_TICKET_EXT;
 
 /* used to hold info on the particular ciphers used */
 typedef struct ssl_cipher_st
@@ -347,19 +364,24 @@ typedef struct ssl_cipher_st
 	int valid;
 	const char *name;		/* text name */
 	unsigned long id;		/* id, 4 bytes, first is version */
-	unsigned long algorithms;	/* what ciphers are used */
+
+	/* changed in 0.9.9: these four used to be portions of a single value 'algorithms' */
+	unsigned long algorithm_mkey;	/* key exchange algorithm */
+	unsigned long algorithm_auth;	/* server authentication */
+	unsigned long algorithm_enc;	/* symmetric encryption */
+	unsigned long algorithm_mac;	/* symmetric authentication */
+	unsigned long algorithm_ssl;	/* (major) protocol version */
+
 	unsigned long algo_strength;	/* strength and export flags */
 	unsigned long algorithm2;	/* Extra flags */
 	int strength_bits;		/* Number of bits really used */
 	int alg_bits;			/* Number of bits for algorithm */
-	unsigned long mask;		/* used for matching */
-	unsigned long mask_strength;	/* also used for matching */
 	} SSL_CIPHER;
 
 DECLARE_STACK_OF(SSL_CIPHER)
 
-typedef struct ssl_st SSL;
-typedef struct ssl_ctx_st SSL_CTX;
+typedef int (*tls_session_ticket_ext_cb_fn)(SSL *s, const unsigned char *data, int len, void *arg);
+typedef int (*tls_session_secret_cb_fn)(SSL *s, void *secret, int *secret_len, STACK_OF(SSL_CIPHER) *peer_ciphers, SSL_CIPHER **cipher, void *arg);
 
 /* Used to hold functions for SSLv2 or SSLv3/TLSv1 functions */
 typedef struct ssl_method_st
@@ -376,36 +398,45 @@ typedef struct ssl_method_st
 	int (*ssl_shutdown)(SSL *s);
 	int (*ssl_renegotiate)(SSL *s);
 	int (*ssl_renegotiate_check)(SSL *s);
+	long (*ssl_get_message)(SSL *s, int st1, int stn, int mt, long
+		max, int *ok);
+	int (*ssl_read_bytes)(SSL *s, int type, unsigned char *buf, int len, 
+		int peek);
+	int (*ssl_write_bytes)(SSL *s, int type, const void *buf_, int len);
+	int (*ssl_dispatch_alert)(SSL *s);
 	long (*ssl_ctrl)(SSL *s,int cmd,long larg,void *parg);
 	long (*ssl_ctx_ctrl)(SSL_CTX *ctx,int cmd,long larg,void *parg);
-	SSL_CIPHER *(*get_cipher_by_char)(const unsigned char *ptr);
+	const SSL_CIPHER *(*get_cipher_by_char)(const unsigned char *ptr);
 	int (*put_cipher_by_char)(const SSL_CIPHER *cipher,unsigned char *ptr);
-	int (*ssl_pending)(SSL *s);
+	int (*ssl_pending)(const SSL *s);
 	int (*num_ciphers)(void);
-	SSL_CIPHER *(*get_cipher)(unsigned ncipher);
-	struct ssl_method_st *(*get_ssl_method)(int version);
+	const SSL_CIPHER *(*get_cipher)(unsigned ncipher);
+	const struct ssl_method_st *(*get_ssl_method)(int version);
 	long (*get_timeout)(void);
 	struct ssl3_enc_method *ssl3_enc; /* Extra SSLv3/TLS stuff */
-	int (*ssl_version)();
-	long (*ssl_callback_ctrl)(SSL *s, int cb_id, void (*fp)());
-	long (*ssl_ctx_callback_ctrl)(SSL_CTX *s, int cb_id, void (*fp)());
+	int (*ssl_version)(void);
+	long (*ssl_callback_ctrl)(SSL *s, int cb_id, void (*fp)(void));
+	long (*ssl_ctx_callback_ctrl)(SSL_CTX *s, int cb_id, void (*fp)(void));
 	} SSL_METHOD;
 
 /* Lets make this into an ASN.1 type structure as follows
  * SSL_SESSION_ID ::= SEQUENCE {
  *	version 		INTEGER,	-- structure version number
  *	SSLversion 		INTEGER,	-- SSL version number
- *	Cipher 			OCTET_STRING,	-- the 3 byte cipher ID
- *	Session_ID 		OCTET_STRING,	-- the Session ID
- *	Master_key 		OCTET_STRING,	-- the master key
- *	KRB5_principal		OCTET_STRING	-- optional Kerberos principal
- *	Key_Arg [ 0 ] IMPLICIT	OCTET_STRING,	-- the optional Key argument
+ *	Cipher 			OCTET STRING,	-- the 3 byte cipher ID
+ *	Session_ID 		OCTET STRING,	-- the Session ID
+ *	Master_key 		OCTET STRING,	-- the master key
+ *	KRB5_principal		OCTET STRING	-- optional Kerberos principal
+ *	Key_Arg [ 0 ] IMPLICIT	OCTET STRING,	-- the optional Key argument
  *	Time [ 1 ] EXPLICIT	INTEGER,	-- optional Start Time
  *	Timeout [ 2 ] EXPLICIT	INTEGER,	-- optional Timeout ins seconds
  *	Peer [ 3 ] EXPLICIT	X509,		-- optional Peer Certificate
- *	Session_ID_context [ 4 ] EXPLICIT OCTET_STRING,   -- the Session ID context
- *	Verify_result [ 5 ] EXPLICIT INTEGER    -- X509_V_... code for `Peer'
- *	Compression [6] IMPLICIT ASN1_OBJECT	-- compression OID XXXXX
+ *	Session_ID_context [ 4 ] EXPLICIT OCTET STRING,   -- the Session ID context
+ *	Verify_result [ 5 ] EXPLICIT INTEGER,   -- X509_V_... code for `Peer'
+ *	HostName [ 6 ] EXPLICIT OCTET STRING,   -- optional HostName from servername TLS extension 
+ *	ECPointFormatList [ 7 ] OCTET STRING,     -- optional EC point format list from TLS extension
+ *	PSK_identity_hint [ 8 ] EXPLICIT OCTET STRING, -- optional PSK identity hint
+ *	PSK_identity [ 9 ] EXPLICIT OCTET STRING -- optional PSK identity
  *	}
  * Look in ssl/ssl_asn1.c for more details
  * I'm using EXPLICIT tags so I can read the damn things using asn1parse :-).
@@ -433,7 +464,10 @@ typedef struct ssl_session_st
         unsigned int krb5_client_princ_len;
         unsigned char krb5_client_princ[SSL_MAX_KRB5_PRINCIPAL_LENGTH];
 #endif /* OPENSSL_NO_KRB5 */
-
+#ifndef OPENSSL_NO_PSK
+	char *psk_identity_hint;
+	char *psk_identity;
+#endif
 	int not_resumable;
 
 	/* The cert is the certificate used to establish this connection */
@@ -452,9 +486,9 @@ typedef struct ssl_session_st
 	long timeout;
 	long time;
 
-	int compress_meth;		/* Need to lookup the method */
+	unsigned int compress_meth;	/* Need to lookup the method */
 
-	SSL_CIPHER *cipher;
+	const SSL_CIPHER *cipher;
 	unsigned long cipher_id;	/* when ASN.1 loaded, this
 					 * needs to be used to load
 					 * the 'cipher' structure */
@@ -466,18 +500,34 @@ typedef struct ssl_session_st
 	/* These are used to make removal of session-ids more
 	 * efficient and to implement a maximum cache size. */
 	struct ssl_session_st *prev,*next;
+#ifndef OPENSSL_NO_TLSEXT
+	char *tlsext_hostname;
+#ifndef OPENSSL_NO_EC
+	size_t tlsext_ecpointformatlist_length;
+	unsigned char *tlsext_ecpointformatlist; /* peer's list */
+	size_t tlsext_ellipticcurvelist_length;
+	unsigned char *tlsext_ellipticcurvelist; /* peer's list */
+#endif /* OPENSSL_NO_EC */
+	/* RFC4507 info */
+	unsigned char *tlsext_tick;	/* Session ticket */
+	size_t	tlsext_ticklen;		/* Session ticket length */	
+	long tlsext_tick_lifetime_hint;	/* Session lifetime hint in seconds */
+#endif
 	} SSL_SESSION;
 
 
 #define SSL_OP_MICROSOFT_SESS_ID_BUG			0x00000001L
 #define SSL_OP_NETSCAPE_CHALLENGE_BUG			0x00000002L
+/* Allow initial connection to servers that don't support RI */
+#define SSL_OP_LEGACY_SERVER_CONNECT			0x00000004L
 #define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG		0x00000008L
 #define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG		0x00000010L
 #define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER		0x00000020L
-#define SSL_OP_MSIE_SSLV2_RSA_PADDING			0x00000040L
+#define SSL_OP_MSIE_SSLV2_RSA_PADDING			0x00000040L /* no effect since 0.9.7h and 0.9.8b */
 #define SSL_OP_SSLEAY_080_CLIENT_DH_BUG			0x00000080L
 #define SSL_OP_TLS_D5_BUG				0x00000100L
 #define SSL_OP_TLS_BLOCK_PADDING_BUG			0x00000200L
+#define SSL_OP_NO_TLSv1_1				0x00000400L
 
 /* Disable SSL 3.0/TLS 1.0 CBC vulnerability workaround that was added
  * in OpenSSL 0.9.6d.  Usually (depending on the application protocol)
@@ -488,10 +538,23 @@ typedef struct ssl_session_st
 
 /* SSL_OP_ALL: various bug workarounds that should be rather harmless.
  *             This used to be 0x000FFFFFL before 0.9.7. */
-#define SSL_OP_ALL					0x00000FFFL
+#define SSL_OP_ALL					0x80000BFFL
+
+/* DTLS options */
+#define SSL_OP_NO_QUERY_MTU                 0x00001000L
+/* Turn on Cookie Exchange (on relevant for servers) */
+#define SSL_OP_COOKIE_EXCHANGE              0x00002000L
+/* Don't use RFC4507 ticket extension */
+#define SSL_OP_NO_TICKET	            0x00004000L
+/* Use Cisco's "speshul" version of DTLS_BAD_VER (as client)  */
+#define SSL_OP_CISCO_ANYCONNECT		    0x00008000L
 
 /* As server, disallow session resumption on renegotiation */
 #define SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION	0x00010000L
+/* Don't use compression even if supported */
+#define SSL_OP_NO_COMPRESSION				0x00020000L
+/* Permit unsafe legacy renegotiation */
+#define SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION	0x00040000L
 /* If set, always create a new key when using tmp_ecdh parameters */
 #define SSL_OP_SINGLE_ECDH_USE				0x00080000L
 /* If set, always create a new key when using tmp_dh parameters */
@@ -518,7 +581,11 @@ typedef struct ssl_session_st
 #define SSL_OP_PKCS1_CHECK_2				0x10000000L
 #define SSL_OP_NETSCAPE_CA_DN_BUG			0x20000000L
 #define SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG		0x40000000L
-
+/* Make server add server-hello extension from early version of
+ * cryptopro draft, when GOST ciphersuite is negotiated. 
+ * Required for interoperability with CryptoPro CSP 3.x 
+ */
+#define SSL_OP_CRYPTOPRO_TLSEXT_BUG			0x80000000L
 
 /* Allow SSL_write(..., n) to return r with 0 < r < n (i.e. report success
  * when just a single record has been written): */
@@ -533,29 +600,44 @@ typedef struct ssl_session_st
 #define SSL_MODE_AUTO_RETRY 0x00000004L
 /* Don't attempt to automatically build certificate chain */
 #define SSL_MODE_NO_AUTO_CHAIN 0x00000008L
-
+/* Save RAM by releasing read and write buffers when they're empty. (SSL3 and
+ * TLS only.)  "Released" buffers are put onto a free-list in the context
+ * or just freed (depending on the context's setting for freelist_max_len). */
+#define SSL_MODE_RELEASE_BUFFERS 0x00000010L
 
 /* Note: SSL[_CTX]_set_{options,mode} use |= op on the previous value,
  * they cannot be used to clear bits. */
 
 #define SSL_CTX_set_options(ctx,op) \
 	SSL_CTX_ctrl((ctx),SSL_CTRL_OPTIONS,(op),NULL)
+#define SSL_CTX_clear_options(ctx,op) \
+	SSL_CTX_ctrl((ctx),SSL_CTRL_CLEAR_OPTIONS,(op),NULL)
 #define SSL_CTX_get_options(ctx) \
 	SSL_CTX_ctrl((ctx),SSL_CTRL_OPTIONS,0,NULL)
 #define SSL_set_options(ssl,op) \
 	SSL_ctrl((ssl),SSL_CTRL_OPTIONS,(op),NULL)
+#define SSL_clear_options(ssl,op) \
+	SSL_ctrl((ssl),SSL_CTRL_CLEAR_OPTIONS,(op),NULL)
 #define SSL_get_options(ssl) \
         SSL_ctrl((ssl),SSL_CTRL_OPTIONS,0,NULL)
 
 #define SSL_CTX_set_mode(ctx,op) \
 	SSL_CTX_ctrl((ctx),SSL_CTRL_MODE,(op),NULL)
+#define SSL_CTX_clear_mode(ctx,op) \
+	SSL_CTX_ctrl((ctx),SSL_CTRL_CLEAR_MODE,(op),NULL)
 #define SSL_CTX_get_mode(ctx) \
 	SSL_CTX_ctrl((ctx),SSL_CTRL_MODE,0,NULL)
+#define SSL_clear_mode(ssl,op) \
+	SSL_ctrl((ssl),SSL_CTRL_CLEAR_MODE,(op),NULL)
 #define SSL_set_mode(ssl,op) \
 	SSL_ctrl((ssl),SSL_CTRL_MODE,(op),NULL)
 #define SSL_get_mode(ssl) \
         SSL_ctrl((ssl),SSL_CTRL_MODE,0,NULL)
+#define SSL_set_mtu(ssl, mtu) \
+        SSL_ctrl((ssl),SSL_CTRL_SET_MTU,(mtu),NULL)
 
+#define SSL_get_secure_renegotiation_support(ssl) \
+	SSL_ctrl((ssl), SSL_CTRL_GET_RI_SUPPORT, 0, NULL)
 
 void SSL_CTX_set_msg_callback(SSL_CTX *ctx, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg));
 void SSL_set_msg_callback(SSL *ssl, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg));
@@ -600,17 +682,18 @@ typedef struct ssl_comp_st
 	} SSL_COMP;
 
 DECLARE_STACK_OF(SSL_COMP)
+DECLARE_LHASH_OF(SSL_SESSION);
 
 struct ssl_ctx_st
 	{
-	SSL_METHOD *method;
+	const SSL_METHOD *method;
 
 	STACK_OF(SSL_CIPHER) *cipher_list;
 	/* same as above but sorted for lookup */
 	STACK_OF(SSL_CIPHER) *cipher_list_by_id;
 
 	struct x509_store_st /* X509_STORE */ *cert_store;
-	struct lhash_st /* LHASH */ *sessions;	/* a set of SSL_SESSIONs */
+	LHASH_OF(SSL_SESSION) *sessions;
 	/* Most session-ids that will be cached, default is
 	 * SSL_SESSION_CACHE_MAX_SIZE_DEFAULT. 0 is unlimited. */
 	unsigned long session_cache_size;
@@ -679,6 +762,14 @@ struct ssl_ctx_st
 	/* get client cert callback */
 	int (*client_cert_cb)(SSL *ssl, X509 **x509, EVP_PKEY **pkey);
 
+    /* cookie generate callback */
+    int (*app_gen_cookie_cb)(SSL *ssl, unsigned char *cookie, 
+        unsigned int *cookie_len);
+
+    /* verify cookie callback */
+    int (*app_verify_cookie_cb)(SSL *ssl, unsigned char *cookie, 
+        unsigned int cookie_len);
+
 	CRYPTO_EX_DATA ex_data;
 
 	const EVP_MD *rsa_md5;/* For SSLv2 - name is 'ssl2-md5' */
@@ -726,6 +817,58 @@ struct ssl_ctx_st
 #endif
 
 	int quiet_shutdown;
+
+	/* Maximum amount of data to send in one fragment.
+	 * actual record size can be more than this due to
+	 * padding and MAC overheads.
+	 */
+	unsigned int max_send_fragment;
+
+#ifndef OPENSSL_ENGINE
+	/* Engine to pass requests for client certs to
+	 */
+	ENGINE *client_cert_engine;
+#endif
+
+#ifndef OPENSSL_NO_TLSEXT
+	/* TLS extensions servername callback */
+	int (*tlsext_servername_callback)(SSL*, int *, void *);
+	void *tlsext_servername_arg;
+	/* RFC 4507 session ticket keys */
+	unsigned char tlsext_tick_key_name[16];
+	unsigned char tlsext_tick_hmac_key[16];
+	unsigned char tlsext_tick_aes_key[16];
+	/* Callback to support customisation of ticket key setting */
+	int (*tlsext_ticket_key_cb)(SSL *ssl,
+					unsigned char *name, unsigned char *iv,
+					EVP_CIPHER_CTX *ectx,
+ 					HMAC_CTX *hctx, int enc);
+
+	/* certificate status request info */
+	/* Callback for status request */
+	int (*tlsext_status_cb)(SSL *ssl, void *arg);
+	void *tlsext_status_arg;
+
+	/* draft-rescorla-tls-opaque-prf-input-00.txt information */
+	int (*tlsext_opaque_prf_input_callback)(SSL *, void *peerinput, size_t len, void *arg);
+	void *tlsext_opaque_prf_input_callback_arg;
+#endif
+
+#ifndef OPENSSL_NO_PSK
+	char *psk_identity_hint;
+	unsigned int (*psk_client_callback)(SSL *ssl, const char *hint, char *identity,
+		unsigned int max_identity_len, unsigned char *psk,
+		unsigned int max_psk_len);
+	unsigned int (*psk_server_callback)(SSL *ssl, const char *identity,
+		unsigned char *psk, unsigned int max_psk_len);
+#endif
+
+#ifndef OPENSSL_NO_BUF_FREELISTS
+#define SSL_MAX_BUF_FREELIST_LEN_DEFAULT 32
+	unsigned int freelist_max_len;
+	struct ssl3_buf_freelist_st *wbuf_freelist;
+	struct ssl3_buf_freelist_st *rbuf_freelist;
+#endif
 	};
 
 #define SSL_SESS_CACHE_OFF			0x0000
@@ -739,7 +882,7 @@ struct ssl_ctx_st
 #define SSL_SESS_CACHE_NO_INTERNAL \
 	(SSL_SESS_CACHE_NO_INTERNAL_LOOKUP|SSL_SESS_CACHE_NO_INTERNAL_STORE)
 
-  struct lhash_st *SSL_CTX_sessions(SSL_CTX *ctx);
+LHASH_OF(SSL_SESSION) *SSL_CTX_sessions(SSL_CTX *ctx);
 #define SSL_CTX_sess_number(ctx) \
 	SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_NUMBER,0,NULL)
 #define SSL_CTX_sess_connect(ctx) \
@@ -765,16 +908,46 @@ struct ssl_ctx_st
 #define SSL_CTX_sess_cache_full(ctx) \
 	SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CACHE_FULL,0,NULL)
 
-#define SSL_CTX_sess_set_new_cb(ctx,cb)	((ctx)->new_session_cb=(cb))
-#define SSL_CTX_sess_get_new_cb(ctx)	((ctx)->new_session_cb)
-#define SSL_CTX_sess_set_remove_cb(ctx,cb)	((ctx)->remove_session_cb=(cb))
-#define SSL_CTX_sess_get_remove_cb(ctx)	((ctx)->remove_session_cb)
-#define SSL_CTX_sess_set_get_cb(ctx,cb)	((ctx)->get_session_cb=(cb))
-#define SSL_CTX_sess_get_get_cb(ctx)	((ctx)->get_session_cb)
-#define SSL_CTX_set_info_callback(ctx,cb)	((ctx)->info_callback=(cb))
-#define SSL_CTX_get_info_callback(ctx)		((ctx)->info_callback)
-#define SSL_CTX_set_client_cert_cb(ctx,cb)	((ctx)->client_cert_cb=(cb))
-#define SSL_CTX_get_client_cert_cb(ctx)		((ctx)->client_cert_cb)
+void SSL_CTX_sess_set_new_cb(SSL_CTX *ctx, int (*new_session_cb)(struct ssl_st *ssl,SSL_SESSION *sess));
+int (*SSL_CTX_sess_get_new_cb(SSL_CTX *ctx))(struct ssl_st *ssl, SSL_SESSION *sess);
+void SSL_CTX_sess_set_remove_cb(SSL_CTX *ctx, void (*remove_session_cb)(struct ssl_ctx_st *ctx,SSL_SESSION *sess));
+void (*SSL_CTX_sess_get_remove_cb(SSL_CTX *ctx))(struct ssl_ctx_st *ctx, SSL_SESSION *sess);
+void SSL_CTX_sess_set_get_cb(SSL_CTX *ctx, SSL_SESSION *(*get_session_cb)(struct ssl_st *ssl, unsigned char *data,int len,int *copy));
+SSL_SESSION *(*SSL_CTX_sess_get_get_cb(SSL_CTX *ctx))(struct ssl_st *ssl, unsigned char *Data, int len, int *copy);
+void SSL_CTX_set_info_callback(SSL_CTX *ctx, void (*cb)(const SSL *ssl,int type,int val));
+void (*SSL_CTX_get_info_callback(SSL_CTX *ctx))(const SSL *ssl,int type,int val);
+void SSL_CTX_set_client_cert_cb(SSL_CTX *ctx, int (*client_cert_cb)(SSL *ssl, X509 **x509, EVP_PKEY **pkey));
+int (*SSL_CTX_get_client_cert_cb(SSL_CTX *ctx))(SSL *ssl, X509 **x509, EVP_PKEY **pkey);
+#ifndef OPENSSL_NO_ENGINE
+int SSL_CTX_set_client_cert_engine(SSL_CTX *ctx, ENGINE *e);
+#endif
+void SSL_CTX_set_cookie_generate_cb(SSL_CTX *ctx, int (*app_gen_cookie_cb)(SSL *ssl, unsigned char *cookie, unsigned int *cookie_len));
+void SSL_CTX_set_cookie_verify_cb(SSL_CTX *ctx, int (*app_verify_cookie_cb)(SSL *ssl, unsigned char *cookie, unsigned int cookie_len));
+
+#ifndef OPENSSL_NO_PSK
+/* the maximum length of the buffer given to callbacks containing the
+ * resulting identity/psk */
+#define PSK_MAX_IDENTITY_LEN 128
+#define PSK_MAX_PSK_LEN 256
+void SSL_CTX_set_psk_client_callback(SSL_CTX *ctx, 
+	unsigned int (*psk_client_callback)(SSL *ssl, const char *hint, 
+		char *identity, unsigned int max_identity_len, unsigned char *psk,
+		unsigned int max_psk_len));
+void SSL_set_psk_client_callback(SSL *ssl, 
+	unsigned int (*psk_client_callback)(SSL *ssl, const char *hint, 
+		char *identity, unsigned int max_identity_len, unsigned char *psk,
+		unsigned int max_psk_len));
+void SSL_CTX_set_psk_server_callback(SSL_CTX *ctx, 
+	unsigned int (*psk_server_callback)(SSL *ssl, const char *identity,
+		unsigned char *psk, unsigned int max_psk_len));
+void SSL_set_psk_server_callback(SSL *ssl,
+	unsigned int (*psk_server_callback)(SSL *ssl, const char *identity,
+		unsigned char *psk, unsigned int max_psk_len));
+int SSL_CTX_use_psk_identity_hint(SSL_CTX *ctx, const char *identity_hint);
+int SSL_use_psk_identity_hint(SSL *s, const char *identity_hint);
+const char *SSL_get_psk_identity_hint(const SSL *s);
+const char *SSL_get_psk_identity(const SSL *s);
+#endif
 
 #define SSL_NOTHING	1
 #define SSL_WRITING	2
@@ -787,15 +960,18 @@ struct ssl_ctx_st
 #define SSL_want_write(s)	(SSL_want(s) == SSL_WRITING)
 #define SSL_want_x509_lookup(s)	(SSL_want(s) == SSL_X509_LOOKUP)
 
+#define SSL_MAC_FLAG_READ_MAC_STREAM 1
+#define SSL_MAC_FLAG_WRITE_MAC_STREAM 2
+
 struct ssl_st
 	{
 	/* protocol version
-	 * (one of SSL2_VERSION, SSL3_VERSION, TLS1_VERSION)
+	 * (one of SSL2_VERSION, SSL3_VERSION, TLS1_VERSION, DTLS1_VERSION)
 	 */
 	int version;
 	int type; /* SSL_ST_CONNECT or SSL_ST_ACCEPT */
 
-	SSL_METHOD *method; /* SSLv3 */
+	const SSL_METHOD *method; /* SSLv3 */
 
 	/* There are 2 BIO's even though they are normally both the
 	 * same.  This is so data can be read and written to different
@@ -819,7 +995,7 @@ struct ssl_st
 
 	/* true when we are actually in SSL_accept() or SSL_connect() */
 	int in_handshake;
-	int (*handshake_func)();
+	int (*handshake_func)(SSL *);
 
 	/* Imagine that here's a boolean member "init" that is
 	 * switched as soon as SSL_set_{accept/connect}_state
@@ -854,6 +1030,7 @@ struct ssl_st
 
 	struct ssl2_state_st *s2; /* SSLv2 variables */
 	struct ssl3_state_st *s3; /* SSLv3 variables */
+	struct dtls1_state_st *d1; /* DTLSv1 variables */
 
 	int read_ahead;		/* Read as many input bytes as possible
 	               	 	 * (for non-blocking reads) */
@@ -877,9 +1054,9 @@ struct ssl_st
 
 	/* These are the ones being used, the ones in SSL_SESSION are
 	 * the ones to be 'copied' into these ones */
-
+	int mac_flags; 
 	EVP_CIPHER_CTX *enc_read_ctx;		/* cryptographic state */
-	const EVP_MD *read_hash;		/* used for mac generation */
+	EVP_MD_CTX *read_hash;		/* used for mac generation */
 #ifndef OPENSSL_NO_COMP
 	COMP_CTX *expand;			/* uncompress */
 #else
@@ -887,7 +1064,7 @@ struct ssl_st
 #endif
 
 	EVP_CIPHER_CTX *enc_write_ctx;		/* cryptographic state */
-	const EVP_MD *write_hash;		/* used for mac generation */
+	EVP_MD_CTX *write_hash;		/* used for mac generation */
 #ifndef OPENSSL_NO_COMP
 	COMP_CTX *compress;			/* compression */
 #else
@@ -925,6 +1102,14 @@ struct ssl_st
 	KSSL_CTX *kssl_ctx;     /* Kerberos 5 context */
 #endif	/* OPENSSL_NO_KRB5 */
 
+#ifndef OPENSSL_NO_PSK
+	unsigned int (*psk_client_callback)(SSL *ssl, const char *hint, char *identity,
+		unsigned int max_identity_len, unsigned char *psk,
+		unsigned int max_psk_len);
+	unsigned int (*psk_server_callback)(SSL *ssl, const char *identity,
+		unsigned char *psk, unsigned int max_psk_len);
+#endif
+
 	SSL_CTX *ctx;
 	/* set this flag to 1 and a sleep(1) is put into all SSL_read()
 	 * and SSL_write() calls, good for nbio debuging :-) */
@@ -944,6 +1129,60 @@ struct ssl_st
 	int first_packet;
 	int client_version;	/* what was passed, used for
 				 * SSLv3/TLS rollback check */
+	unsigned int max_send_fragment;
+#ifndef OPENSSL_NO_TLSEXT
+	/* TLS extension debug callback */
+	void (*tlsext_debug_cb)(SSL *s, int client_server, int type,
+					unsigned char *data, int len,
+					void *arg);
+	void *tlsext_debug_arg;
+	char *tlsext_hostname;
+	int servername_done;   /* no further mod of servername 
+	                          0 : call the servername extension callback.
+	                          1 : prepare 2, allow last ack just after in server callback.
+	                          2 : don't call servername callback, no ack in server hello
+	                       */
+	/* certificate status request info */
+	/* Status type or -1 if no status type */
+	int tlsext_status_type;
+	/* Expect OCSP CertificateStatus message */
+	int tlsext_status_expected;
+	/* OCSP status request only */
+	STACK_OF(OCSP_RESPID) *tlsext_ocsp_ids;
+	X509_EXTENSIONS *tlsext_ocsp_exts;
+	/* OCSP response received or to be sent */
+	unsigned char *tlsext_ocsp_resp;
+	int tlsext_ocsp_resplen;
+
+	/* RFC4507 session ticket expected to be received or sent */
+	int tlsext_ticket_expected;
+#ifndef OPENSSL_NO_EC
+	size_t tlsext_ecpointformatlist_length;
+	unsigned char *tlsext_ecpointformatlist; /* our list */
+	size_t tlsext_ellipticcurvelist_length;
+	unsigned char *tlsext_ellipticcurvelist; /* our list */
+#endif /* OPENSSL_NO_EC */
+
+	/* draft-rescorla-tls-opaque-prf-input-00.txt information to be used for handshakes */
+	void *tlsext_opaque_prf_input;
+	size_t tlsext_opaque_prf_input_len;
+
+	/* TLS Session Ticket extension override */
+	TLS_SESSION_TICKET_EXT *tlsext_session_ticket;
+
+	/* TLS Session Ticket extension callback */
+	tls_session_ticket_ext_cb_fn tls_session_ticket_ext_cb;
+	void *tls_session_ticket_ext_cb_arg;
+
+	/* TLS pre-shared secret session resumption */
+	tls_session_secret_cb_fn tls_session_secret_cb;
+	void *tls_session_secret_cb_arg;
+
+	SSL_CTX * initial_ctx; /* initial ctx, used to store sessions */
+#define session_ctx initial_ctx
+#else
+#define session_ctx ctx
+#endif /* OPENSSL_NO_TLSEXT */
 	};
 
 #ifdef __cplusplus
@@ -953,6 +1192,7 @@ struct ssl_st
 #include <openssl/ssl2.h>
 #include <openssl/ssl3.h>
 #include <openssl/tls1.h> /* This is mostly sslv3 with a few tweaks */
+#include <openssl/dtls1.h> /* Datagram TLS */
 #include <openssl/ssl23.h>
 
 #ifdef  __cplusplus
@@ -1014,8 +1254,8 @@ extern "C" {
  *   -- that we sent (SSL_get_finished)
  *   -- that we expected from peer (SSL_get_peer_finished).
  * Returns length (0 == no Finished so far), copies up to 'count' bytes. */
-size_t SSL_get_finished(SSL *s, void *buf, size_t count);
-size_t SSL_get_peer_finished(SSL *s, void *buf, size_t count);
+size_t SSL_get_finished(const SSL *s, void *buf, size_t count);
+size_t SSL_get_peer_finished(const SSL *s, void *buf, size_t count);
 
 /* use either SSL_VERIFY_NONE or SSL_VERIFY_PEER, the last 2 options
  * are 'ored' with SSL_VERIFY_PEER if they are desired */
@@ -1049,25 +1289,13 @@ size_t SSL_get_peer_finished(SSL *s, void *buf, size_t count);
 #define SSL_get_timeout(a)	SSL_SESSION_get_timeout(a)
 #define SSL_set_timeout(a,b)	SSL_SESSION_set_timeout((a),(b))
 
-#if 1 /*SSLEAY_MACROS*/
-#define d2i_SSL_SESSION_bio(bp,s_id) (SSL_SESSION *)ASN1_d2i_bio( \
-	(char *(*)())SSL_SESSION_new,(char *(*)())d2i_SSL_SESSION, \
-	(bp),(unsigned char **)(s_id))
-#define i2d_SSL_SESSION_bio(bp,s_id) ASN1_i2d_bio(i2d_SSL_SESSION, \
-	bp,(unsigned char *)s_id)
-#define PEM_read_SSL_SESSION(fp,x,cb,u) (SSL_SESSION *)PEM_ASN1_read( \
-	(char *(*)())d2i_SSL_SESSION,PEM_STRING_SSL_SESSION,fp,(char **)x,cb,u)
-#define PEM_read_bio_SSL_SESSION(bp,x,cb,u) (SSL_SESSION *)PEM_ASN1_read_bio( \
-	(char *(*)())d2i_SSL_SESSION,PEM_STRING_SSL_SESSION,bp,(char **)x,cb,u)
-#define PEM_write_SSL_SESSION(fp,x) \
-	PEM_ASN1_write((int (*)())i2d_SSL_SESSION, \
-		PEM_STRING_SSL_SESSION,fp, (char *)x, NULL,NULL,0,NULL,NULL)
-#define PEM_write_bio_SSL_SESSION(bp,x) \
-	PEM_ASN1_write_bio((int (*)())i2d_SSL_SESSION, \
-		PEM_STRING_SSL_SESSION,bp, (char *)x, NULL,NULL,0,NULL,NULL)
-#endif
+#define d2i_SSL_SESSION_bio(bp,s_id) ASN1_d2i_bio_of(SSL_SESSION,SSL_SESSION_new,d2i_SSL_SESSION,bp,s_id)
+#define i2d_SSL_SESSION_bio(bp,s_id) ASN1_i2d_bio_of(SSL_SESSION,i2d_SSL_SESSION,bp,s_id)
+
+DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
+
+#define SSL_AD_REASON_OFFSET		1000 /* offset to get SSL_R_... value from SSL_AD_... */
 
-#define SSL_AD_REASON_OFFSET		1000
 /* These alert types are for SSLv3 and TLSv1 */
 #define SSL_AD_CLOSE_NOTIFY		SSL3_AD_CLOSE_NOTIFY
 #define SSL_AD_UNEXPECTED_MESSAGE	SSL3_AD_UNEXPECTED_MESSAGE /* fatal */
@@ -1093,6 +1321,12 @@ size_t SSL_get_peer_finished(SSL *s, void *buf, size_t count);
 #define SSL_AD_INTERNAL_ERROR		TLS1_AD_INTERNAL_ERROR	/* fatal */
 #define SSL_AD_USER_CANCELLED		TLS1_AD_USER_CANCELLED
 #define SSL_AD_NO_RENEGOTIATION		TLS1_AD_NO_RENEGOTIATION
+#define SSL_AD_UNSUPPORTED_EXTENSION	TLS1_AD_UNSUPPORTED_EXTENSION
+#define SSL_AD_CERTIFICATE_UNOBTAINABLE TLS1_AD_CERTIFICATE_UNOBTAINABLE
+#define SSL_AD_UNRECOGNIZED_NAME	TLS1_AD_UNRECOGNIZED_NAME
+#define SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE
+#define SSL_AD_BAD_CERTIFICATE_HASH_VALUE TLS1_AD_BAD_CERTIFICATE_HASH_VALUE
+#define SSL_AD_UNKNOWN_PSK_IDENTITY     TLS1_AD_UNKNOWN_PSK_IDENTITY /* fatal */
 
 #define SSL_ERROR_NONE			0
 #define SSL_ERROR_SSL			1
@@ -1123,6 +1357,8 @@ size_t SSL_get_peer_finished(SSL *s, void *buf, size_t count);
 #define SSL_CTRL_SET_MSG_CALLBACK               15
 #define SSL_CTRL_SET_MSG_CALLBACK_ARG           16
 
+/* only applies to datagram connections */
+#define SSL_CTRL_SET_MTU                17
 /* Stats */
 #define SSL_CTRL_SESS_NUMBER			20
 #define SSL_CTRL_SESS_CONNECT			21
@@ -1149,6 +1385,48 @@ size_t SSL_get_peer_finished(SSL *s, void *buf, size_t count);
 #define SSL_CTRL_GET_MAX_CERT_LIST		50
 #define SSL_CTRL_SET_MAX_CERT_LIST		51
 
+#define SSL_CTRL_SET_MAX_SEND_FRAGMENT		52
+
+/* see tls1.h for macros based on these */
+#ifndef OPENSSL_NO_TLSEXT
+#define SSL_CTRL_SET_TLSEXT_SERVERNAME_CB	53
+#define SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG	54
+#define SSL_CTRL_SET_TLSEXT_HOSTNAME		55
+#define SSL_CTRL_SET_TLSEXT_DEBUG_CB		56
+#define SSL_CTRL_SET_TLSEXT_DEBUG_ARG		57
+#define SSL_CTRL_GET_TLSEXT_TICKET_KEYS		58
+#define SSL_CTRL_SET_TLSEXT_TICKET_KEYS		59
+#define SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT	60
+#define SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB	61
+#define SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB_ARG 62
+#define SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB	63
+#define SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG	64
+#define SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE	65
+#define SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS	66
+#define SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS	67
+#define SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS	68
+#define SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS	69
+#define SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP	70
+#define SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP	71
+
+#define SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB	72
+#endif
+
+#define DTLS_CTRL_GET_TIMEOUT		73
+#define DTLS_CTRL_HANDLE_TIMEOUT	74
+#define DTLS_CTRL_LISTEN			75
+
+#define SSL_CTRL_GET_RI_SUPPORT			76
+#define SSL_CTRL_CLEAR_OPTIONS			77
+#define SSL_CTRL_CLEAR_MODE			78
+
+#define DTLSv1_get_timeout(ssl, arg) \
+	SSL_ctrl(ssl,DTLS_CTRL_GET_TIMEOUT,0, (void *)arg)
+#define DTLSv1_handle_timeout(ssl) \
+	SSL_ctrl(ssl,DTLS_CTRL_HANDLE_TIMEOUT,0, NULL)
+#define DTLSv1_listen(ssl, peer) \
+	SSL_ctrl(ssl,DTLS_CTRL_LISTEN,0, (void *)peer)
+
 #define SSL_session_reused(ssl) \
 	SSL_ctrl((ssl),SSL_CTRL_GET_SESSION_REUSED,0,NULL)
 #define SSL_num_renegotiations(ssl) \
@@ -1190,29 +1468,29 @@ void BIO_ssl_shutdown(BIO *ssl_bio);
 #endif
 
 int	SSL_CTX_set_cipher_list(SSL_CTX *,const char *str);
-SSL_CTX *SSL_CTX_new(SSL_METHOD *meth);
+SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth);
 void	SSL_CTX_free(SSL_CTX *);
 long SSL_CTX_set_timeout(SSL_CTX *ctx,long t);
-long SSL_CTX_get_timeout(SSL_CTX *ctx);
-X509_STORE *SSL_CTX_get_cert_store(SSL_CTX *);
+long SSL_CTX_get_timeout(const SSL_CTX *ctx);
+X509_STORE *SSL_CTX_get_cert_store(const SSL_CTX *);
 void SSL_CTX_set_cert_store(SSL_CTX *,X509_STORE *);
-int SSL_want(SSL *s);
+int SSL_want(const SSL *s);
 int	SSL_clear(SSL *s);
 
 void	SSL_CTX_flush_sessions(SSL_CTX *ctx,long tm);
 
-SSL_CIPHER *SSL_get_current_cipher(SSL *s);
-int	SSL_CIPHER_get_bits(SSL_CIPHER *c,int *alg_bits);
-char *	SSL_CIPHER_get_version(SSL_CIPHER *c);
-const char *	SSL_CIPHER_get_name(SSL_CIPHER *c);
-
-int	SSL_get_fd(SSL *s);
-int	SSL_get_rfd(SSL *s);
-int	SSL_get_wfd(SSL *s);
-const char  * SSL_get_cipher_list(SSL *s,int n);
-char *	SSL_get_shared_ciphers(SSL *s, char *buf, int len);
-int	SSL_get_read_ahead(SSL * s);
-int	SSL_pending(SSL *s);
+const SSL_CIPHER *SSL_get_current_cipher(const SSL *s);
+int	SSL_CIPHER_get_bits(const SSL_CIPHER *c,int *alg_bits);
+char *	SSL_CIPHER_get_version(const SSL_CIPHER *c);
+const char *	SSL_CIPHER_get_name(const SSL_CIPHER *c);
+
+int	SSL_get_fd(const SSL *s);
+int	SSL_get_rfd(const SSL *s);
+int	SSL_get_wfd(const SSL *s);
+const char  * SSL_get_cipher_list(const SSL *s,int n);
+char *	SSL_get_shared_ciphers(const SSL *s, char *buf, int len);
+int	SSL_get_read_ahead(const SSL * s);
+int	SSL_pending(const SSL *s);
 #ifndef OPENSSL_NO_SOCK
 int	SSL_set_fd(SSL *s, int fd);
 int	SSL_set_rfd(SSL *s, int fd);
@@ -1220,14 +1498,14 @@ int	SSL_set_wfd(SSL *s, int fd);
 #endif
 #ifndef OPENSSL_NO_BIO
 void	SSL_set_bio(SSL *s, BIO *rbio,BIO *wbio);
-BIO *	SSL_get_rbio(SSL *s);
-BIO *	SSL_get_wbio(SSL *s);
+BIO *	SSL_get_rbio(const SSL *s);
+BIO *	SSL_get_wbio(const SSL *s);
 #endif
 int	SSL_set_cipher_list(SSL *s, const char *str);
 void	SSL_set_read_ahead(SSL *s, int yes);
-int	SSL_get_verify_mode(SSL *s);
-int	SSL_get_verify_depth(SSL *s);
-int	(*SSL_get_verify_callback(SSL *s))(int,X509_STORE_CTX *);
+int	SSL_get_verify_mode(const SSL *s);
+int	SSL_get_verify_depth(const SSL *s);
+int	(*SSL_get_verify_callback(const SSL *s))(int,X509_STORE_CTX *);
 void	SSL_set_verify(SSL *s, int mode,
 		       int (*callback)(int ok,X509_STORE_CTX *ctx));
 void	SSL_set_verify_depth(SSL *s, int depth);
@@ -1265,21 +1543,20 @@ const char *SSL_state_string(const SSL *s);
 const char *SSL_rstate_string(const SSL *s);
 const char *SSL_state_string_long(const SSL *s);
 const char *SSL_rstate_string_long(const SSL *s);
-long	SSL_SESSION_get_time(SSL_SESSION *s);
+long	SSL_SESSION_get_time(const SSL_SESSION *s);
 long	SSL_SESSION_set_time(SSL_SESSION *s, long t);
-long	SSL_SESSION_get_timeout(SSL_SESSION *s);
+long	SSL_SESSION_get_timeout(const SSL_SESSION *s);
 long	SSL_SESSION_set_timeout(SSL_SESSION *s, long t);
-void	SSL_copy_session_id(SSL *to,SSL *from);
+void	SSL_copy_session_id(SSL *to,const SSL *from);
 
 SSL_SESSION *SSL_SESSION_new(void);
-unsigned long SSL_SESSION_hash(SSL_SESSION *a);
-int	SSL_SESSION_cmp(SSL_SESSION *a,SSL_SESSION *b);
-const unsigned char *SSL_SESSION_get_id(const SSL_SESSION *s, unsigned int *len);
+const unsigned char *SSL_SESSION_get_id(const SSL_SESSION *s,
+					unsigned int *len);
 #ifndef OPENSSL_NO_FP_API
-int	SSL_SESSION_print_fp(FILE *fp,SSL_SESSION *ses);
+int	SSL_SESSION_print_fp(FILE *fp,const SSL_SESSION *ses);
 #endif
 #ifndef OPENSSL_NO_BIO
-int	SSL_SESSION_print(BIO *fp,SSL_SESSION *ses);
+int	SSL_SESSION_print(BIO *fp,const SSL_SESSION *ses);
 #endif
 void	SSL_SESSION_free(SSL_SESSION *ses);
 int	i2d_SSL_SESSION(SSL_SESSION *in,unsigned char **pp);
@@ -1290,17 +1567,18 @@ int	SSL_CTX_set_generate_session_id(SSL_CTX *, GEN_SESSION_CB);
 int	SSL_set_generate_session_id(SSL *, GEN_SESSION_CB);
 int	SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id,
 					unsigned int id_len);
-SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a,unsigned char **pp,long length);
+SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a,const unsigned char **pp,
+			     long length);
 
 #ifdef HEADER_X509_H
-X509 *	SSL_get_peer_certificate(SSL *s);
+X509 *	SSL_get_peer_certificate(const SSL *s);
 #endif
 
-STACK_OF(X509) *SSL_get_peer_cert_chain(SSL *s);
+STACK_OF(X509) *SSL_get_peer_cert_chain(const SSL *s);
 
-int SSL_CTX_get_verify_mode(SSL_CTX *ctx);
-int SSL_CTX_get_verify_depth(SSL_CTX *ctx);
-int (*SSL_CTX_get_verify_callback(SSL_CTX *ctx))(int,X509_STORE_CTX *);
+int SSL_CTX_get_verify_mode(const SSL_CTX *ctx);
+int SSL_CTX_get_verify_depth(const SSL_CTX *ctx);
+int (*SSL_CTX_get_verify_callback(const SSL_CTX *ctx))(int,X509_STORE_CTX *);
 void SSL_CTX_set_verify(SSL_CTX *ctx,int mode,
 			int (*callback)(int, X509_STORE_CTX *));
 void SSL_CTX_set_verify_depth(SSL_CTX *ctx,int depth);
@@ -1318,8 +1596,8 @@ int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, const unsigned char *d);
 void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, pem_password_cb *cb);
 void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx, void *u);
 
-int SSL_CTX_check_private_key(SSL_CTX *ctx);
-int SSL_check_private_key(SSL *ctx);
+int SSL_CTX_check_private_key(const SSL_CTX *ctx);
+int SSL_check_private_key(const SSL *ctx);
 
 int	SSL_CTX_set_session_id_context(SSL_CTX *ctx,const unsigned char *sid_ctx,
 				       unsigned int sid_ctx_len);
@@ -1333,6 +1611,9 @@ int SSL_set_purpose(SSL *s, int purpose);
 int SSL_CTX_set_trust(SSL_CTX *s, int trust);
 int SSL_set_trust(SSL *s, int trust);
 
+int SSL_CTX_set1_param(SSL_CTX *ctx, X509_VERIFY_PARAM *vpm);
+int SSL_set1_param(SSL *ssl, X509_VERIFY_PARAM *vpm);
+
 void	SSL_free(SSL *ssl);
 int 	SSL_accept(SSL *ssl);
 int 	SSL_connect(SSL *ssl);
@@ -1340,41 +1621,51 @@ int 	SSL_read(SSL *ssl,void *buf,int num);
 int 	SSL_peek(SSL *ssl,void *buf,int num);
 int 	SSL_write(SSL *ssl,const void *buf,int num);
 long	SSL_ctrl(SSL *ssl,int cmd, long larg, void *parg);
-long	SSL_callback_ctrl(SSL *, int, void (*)());
+long	SSL_callback_ctrl(SSL *, int, void (*)(void));
 long	SSL_CTX_ctrl(SSL_CTX *ctx,int cmd, long larg, void *parg);
-long	SSL_CTX_callback_ctrl(SSL_CTX *, int, void (*)());
+long	SSL_CTX_callback_ctrl(SSL_CTX *, int, void (*)(void));
 
-int	SSL_get_error(SSL *s,int ret_code);
-const char *SSL_get_version(SSL *s);
+int	SSL_get_error(const SSL *s,int ret_code);
+const char *SSL_get_version(const SSL *s);
 
 /* This sets the 'default' SSL version that SSL_new() will create */
-int SSL_CTX_set_ssl_version(SSL_CTX *ctx,SSL_METHOD *meth);
+int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth);
 
-SSL_METHOD *SSLv2_method(void);		/* SSLv2 */
-SSL_METHOD *SSLv2_server_method(void);	/* SSLv2 */
-SSL_METHOD *SSLv2_client_method(void);	/* SSLv2 */
+#ifndef OPENSSL_NO_SSL2
+const SSL_METHOD *SSLv2_method(void);		/* SSLv2 */
+const SSL_METHOD *SSLv2_server_method(void);	/* SSLv2 */
+const SSL_METHOD *SSLv2_client_method(void);	/* SSLv2 */
+#endif
+
+const SSL_METHOD *SSLv3_method(void);		/* SSLv3 */
+const SSL_METHOD *SSLv3_server_method(void);	/* SSLv3 */
+const SSL_METHOD *SSLv3_client_method(void);	/* SSLv3 */
 
-SSL_METHOD *SSLv3_method(void);		/* SSLv3 */
-SSL_METHOD *SSLv3_server_method(void);	/* SSLv3 */
-SSL_METHOD *SSLv3_client_method(void);	/* SSLv3 */
+const SSL_METHOD *SSLv23_method(void);	/* SSLv3 but can rollback to v2 */
+const SSL_METHOD *SSLv23_server_method(void);	/* SSLv3 but can rollback to v2 */
+const SSL_METHOD *SSLv23_client_method(void);	/* SSLv3 but can rollback to v2 */
 
-SSL_METHOD *SSLv23_method(void);	/* SSLv3 but can rollback to v2 */
-SSL_METHOD *SSLv23_server_method(void);	/* SSLv3 but can rollback to v2 */
-SSL_METHOD *SSLv23_client_method(void);	/* SSLv3 but can rollback to v2 */
+const SSL_METHOD *TLSv1_method(void);		/* TLSv1.0 */
+const SSL_METHOD *TLSv1_server_method(void);	/* TLSv1.0 */
+const SSL_METHOD *TLSv1_client_method(void);	/* TLSv1.0 */
 
-SSL_METHOD *TLSv1_method(void);		/* TLSv1.0 */
-SSL_METHOD *TLSv1_server_method(void);	/* TLSv1.0 */
-SSL_METHOD *TLSv1_client_method(void);	/* TLSv1.0 */
+const SSL_METHOD *TLSv1_1_method(void);		/* TLSv1.1 */
+const SSL_METHOD *TLSv1_1_server_method(void);	/* TLSv1.1 */
+const SSL_METHOD *TLSv1_1_client_method(void);	/* TLSv1.1 */
 
-STACK_OF(SSL_CIPHER) *SSL_get_ciphers(SSL *s);
+const SSL_METHOD *DTLSv1_method(void);		/* DTLSv1.0 */
+const SSL_METHOD *DTLSv1_server_method(void);	/* DTLSv1.0 */
+const SSL_METHOD *DTLSv1_client_method(void);	/* DTLSv1.0 */
+
+STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *s);
 
 int SSL_do_handshake(SSL *s);
 int SSL_renegotiate(SSL *s);
 int SSL_renegotiate_pending(SSL *s);
 int SSL_shutdown(SSL *s);
 
-SSL_METHOD *SSL_get_ssl_method(SSL *s);
-int SSL_set_ssl_method(SSL *s,SSL_METHOD *method);
+const SSL_METHOD *SSL_get_ssl_method(SSL *s);
+int SSL_set_ssl_method(SSL *s, const SSL_METHOD *method);
 const char *SSL_alert_type_string_long(int value);
 const char *SSL_alert_type_string(int value);
 const char *SSL_alert_desc_string_long(int value);
@@ -1382,60 +1673,61 @@ const char *SSL_alert_desc_string(int value);
 
 void SSL_set_client_CA_list(SSL *s, STACK_OF(X509_NAME) *name_list);
 void SSL_CTX_set_client_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *name_list);
-STACK_OF(X509_NAME) *SSL_get_client_CA_list(SSL *s);
-STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(SSL_CTX *s);
+STACK_OF(X509_NAME) *SSL_get_client_CA_list(const SSL *s);
+STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(const SSL_CTX *s);
 int SSL_add_client_CA(SSL *ssl,X509 *x);
 int SSL_CTX_add_client_CA(SSL_CTX *ctx,X509 *x);
 
 void SSL_set_connect_state(SSL *s);
 void SSL_set_accept_state(SSL *s);
 
-long SSL_get_default_timeout(SSL *s);
+long SSL_get_default_timeout(const SSL *s);
 
 int SSL_library_init(void );
 
-char *SSL_CIPHER_description(SSL_CIPHER *,char *buf,int size);
+char *SSL_CIPHER_description(const SSL_CIPHER *,char *buf,int size);
 STACK_OF(X509_NAME) *SSL_dup_CA_list(STACK_OF(X509_NAME) *sk);
 
 SSL *SSL_dup(SSL *ssl);
 
-X509 *SSL_get_certificate(SSL *ssl);
+X509 *SSL_get_certificate(const SSL *ssl);
 /* EVP_PKEY */ struct evp_pkey_st *SSL_get_privatekey(SSL *ssl);
 
 void SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx,int mode);
-int SSL_CTX_get_quiet_shutdown(SSL_CTX *ctx);
+int SSL_CTX_get_quiet_shutdown(const SSL_CTX *ctx);
 void SSL_set_quiet_shutdown(SSL *ssl,int mode);
-int SSL_get_quiet_shutdown(SSL *ssl);
+int SSL_get_quiet_shutdown(const SSL *ssl);
 void SSL_set_shutdown(SSL *ssl,int mode);
-int SSL_get_shutdown(SSL *ssl);
-int SSL_version(SSL *ssl);
+int SSL_get_shutdown(const SSL *ssl);
+int SSL_version(const SSL *ssl);
 int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx);
 int SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile,
 	const char *CApath);
 #define SSL_get0_session SSL_get_session /* just peek at pointer */
-SSL_SESSION *SSL_get_session(SSL *ssl);
+SSL_SESSION *SSL_get_session(const SSL *ssl);
 SSL_SESSION *SSL_get1_session(SSL *ssl); /* obtain a reference count */
-SSL_CTX *SSL_get_SSL_CTX(SSL *ssl);
+SSL_CTX *SSL_get_SSL_CTX(const SSL *ssl);
+SSL_CTX *SSL_set_SSL_CTX(SSL *ssl, SSL_CTX* ctx);
 void SSL_set_info_callback(SSL *ssl,
 			   void (*cb)(const SSL *ssl,int type,int val));
-void (*SSL_get_info_callback(SSL *ssl))(const SSL *ssl,int type,int val);
-int SSL_state(SSL *ssl);
+void (*SSL_get_info_callback(const SSL *ssl))(const SSL *ssl,int type,int val);
+int SSL_state(const SSL *ssl);
 
 void SSL_set_verify_result(SSL *ssl,long v);
-long SSL_get_verify_result(SSL *ssl);
+long SSL_get_verify_result(const SSL *ssl);
 
 int SSL_set_ex_data(SSL *ssl,int idx,void *data);
-void *SSL_get_ex_data(SSL *ssl,int idx);
+void *SSL_get_ex_data(const SSL *ssl,int idx);
 int SSL_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
 	CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
 
 int SSL_SESSION_set_ex_data(SSL_SESSION *ss,int idx,void *data);
-void *SSL_SESSION_get_ex_data(SSL_SESSION *ss,int idx);
+void *SSL_SESSION_get_ex_data(const SSL_SESSION *ss,int idx);
 int SSL_SESSION_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
 	CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
 
 int SSL_CTX_set_ex_data(SSL_CTX *ssl,int idx,void *data);
-void *SSL_CTX_get_ex_data(SSL_CTX *ssl,int idx);
+void *SSL_CTX_get_ex_data(const SSL_CTX *ssl,int idx);
 int SSL_CTX_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
 	CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
 
@@ -1465,6 +1757,11 @@ int SSL_get_ex_data_X509_STORE_CTX_idx(void );
 #define SSL_set_max_cert_list(ssl,m) \
 	SSL_ctrl(ssl,SSL_CTRL_SET_MAX_CERT_LIST,m,NULL)
 
+#define SSL_CTX_set_max_send_fragment(ctx,m) \
+	SSL_CTX_ctrl(ctx,SSL_CTRL_SET_MAX_SEND_FRAGMENT,m,NULL)
+#define SSL_set_max_send_fragment(ssl,m) \
+	SSL_ctrl(ssl,SSL_CTRL_SET_MAX_SEND_FRAGMENT,m,NULL)
+
      /* NB: the keylength is only applicable when is_export is true */
 #ifndef OPENSSL_NO_RSA
 void SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx,
@@ -1506,6 +1803,15 @@ void *SSL_COMP_get_compression_methods(void);
 int SSL_COMP_add_compression_method(int id,void *cm);
 #endif
 
+/* TLS extensions functions */
+int SSL_set_session_ticket_ext(SSL *s, void *ext_data, int ext_len);
+
+int SSL_set_session_ticket_ext_cb(SSL *s, tls_session_ticket_ext_cb_fn cb,
+				  void *arg);
+
+/* Pre-shared secret session resumption functions */
+int SSL_set_session_secret_cb(SSL *s, tls_session_secret_cb_fn tls_session_secret_cb, void *arg);
+
 /* BEGIN ERROR CODES */
 /* The following lines are auto generated by the script mkerr.pl. Any changes
  * made after this point may be overwritten when the script is next run.
@@ -1516,11 +1822,38 @@ void ERR_load_SSL_strings(void);
 
 /* Function codes. */
 #define SSL_F_CLIENT_CERTIFICATE			 100
-#define SSL_F_CLIENT_FINISHED				 238
+#define SSL_F_CLIENT_FINISHED				 167
 #define SSL_F_CLIENT_HELLO				 101
 #define SSL_F_CLIENT_MASTER_KEY				 102
 #define SSL_F_D2I_SSL_SESSION				 103
+#define SSL_F_DO_DTLS1_WRITE				 245
 #define SSL_F_DO_SSL3_WRITE				 104
+#define SSL_F_DTLS1_ACCEPT				 246
+#define SSL_F_DTLS1_ADD_CERT_TO_BUF			 295
+#define SSL_F_DTLS1_BUFFER_RECORD			 247
+#define SSL_F_DTLS1_CLIENT_HELLO			 248
+#define SSL_F_DTLS1_CONNECT				 249
+#define SSL_F_DTLS1_ENC					 250
+#define SSL_F_DTLS1_GET_HELLO_VERIFY			 251
+#define SSL_F_DTLS1_GET_MESSAGE				 252
+#define SSL_F_DTLS1_GET_MESSAGE_FRAGMENT		 253
+#define SSL_F_DTLS1_GET_RECORD				 254
+#define SSL_F_DTLS1_HANDLE_TIMEOUT			 297
+#define SSL_F_DTLS1_OUTPUT_CERT_CHAIN			 255
+#define SSL_F_DTLS1_PREPROCESS_FRAGMENT			 288
+#define SSL_F_DTLS1_PROCESS_OUT_OF_SEQ_MESSAGE		 256
+#define SSL_F_DTLS1_PROCESS_RECORD			 257
+#define SSL_F_DTLS1_READ_BYTES				 258
+#define SSL_F_DTLS1_READ_FAILED				 259
+#define SSL_F_DTLS1_SEND_CERTIFICATE_REQUEST		 260
+#define SSL_F_DTLS1_SEND_CLIENT_CERTIFICATE		 261
+#define SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE		 262
+#define SSL_F_DTLS1_SEND_CLIENT_VERIFY			 263
+#define SSL_F_DTLS1_SEND_HELLO_VERIFY_REQUEST		 264
+#define SSL_F_DTLS1_SEND_SERVER_CERTIFICATE		 265
+#define SSL_F_DTLS1_SEND_SERVER_HELLO			 266
+#define SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE		 267
+#define SSL_F_DTLS1_WRITE_APP_DATA_BYTES		 268
 #define SSL_F_GET_CLIENT_FINISHED			 105
 #define SSL_F_GET_CLIENT_HELLO				 106
 #define SSL_F_GET_CLIENT_MASTER_KEY			 107
@@ -1551,6 +1884,7 @@ void ERR_load_SSL_strings(void);
 #define SSL_F_SSL2_SET_CERTIFICATE			 126
 #define SSL_F_SSL2_WRITE				 127
 #define SSL_F_SSL3_ACCEPT				 128
+#define SSL_F_SSL3_ADD_CERT_TO_BUF			 296
 #define SSL_F_SSL3_CALLBACK_CTRL			 233
 #define SSL_F_SSL3_CHANGE_CIPHER_STATE			 129
 #define SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM		 130
@@ -1558,9 +1892,12 @@ void ERR_load_SSL_strings(void);
 #define SSL_F_SSL3_CONNECT				 132
 #define SSL_F_SSL3_CTRL					 213
 #define SSL_F_SSL3_CTX_CTRL				 133
+#define SSL_F_SSL3_DIGEST_CACHED_RECORDS		 293
+#define SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC		 292
 #define SSL_F_SSL3_ENC					 134
 #define SSL_F_SSL3_GENERATE_KEY_BLOCK			 238
 #define SSL_F_SSL3_GET_CERTIFICATE_REQUEST		 135
+#define SSL_F_SSL3_GET_CERT_STATUS			 289
 #define SSL_F_SSL3_GET_CERT_VERIFY			 136
 #define SSL_F_SSL3_GET_CLIENT_CERTIFICATE		 137
 #define SSL_F_SSL3_GET_CLIENT_HELLO			 138
@@ -1568,10 +1905,13 @@ void ERR_load_SSL_strings(void);
 #define SSL_F_SSL3_GET_FINISHED				 140
 #define SSL_F_SSL3_GET_KEY_EXCHANGE			 141
 #define SSL_F_SSL3_GET_MESSAGE				 142
+#define SSL_F_SSL3_GET_NEW_SESSION_TICKET		 283
 #define SSL_F_SSL3_GET_RECORD				 143
 #define SSL_F_SSL3_GET_SERVER_CERTIFICATE		 144
 #define SSL_F_SSL3_GET_SERVER_DONE			 145
 #define SSL_F_SSL3_GET_SERVER_HELLO			 146
+#define SSL_F_SSL3_HANDSHAKE_MAC			 285
+#define SSL_F_SSL3_NEW_SESSION_TICKET			 287
 #define SSL_F_SSL3_OUTPUT_CERT_CHAIN			 147
 #define SSL_F_SSL3_PEEK					 235
 #define SSL_F_SSL3_READ_BYTES				 148
@@ -1583,12 +1923,17 @@ void ERR_load_SSL_strings(void);
 #define SSL_F_SSL3_SEND_SERVER_CERTIFICATE		 154
 #define SSL_F_SSL3_SEND_SERVER_HELLO			 242
 #define SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE		 155
-#define SSL_F_SSL3_SETUP_BUFFERS			 156
 #define SSL_F_SSL3_SETUP_KEY_BLOCK			 157
+#define SSL_F_SSL3_SETUP_READ_BUFFER			 156
+#define SSL_F_SSL3_SETUP_WRITE_BUFFER			 291
 #define SSL_F_SSL3_WRITE_BYTES				 158
 #define SSL_F_SSL3_WRITE_PENDING			 159
+#define SSL_F_SSL_ADD_CLIENTHELLO_RENEGOTIATE_EXT	 298
+#define SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT		 277
 #define SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK	 215
 #define SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK	 216
+#define SSL_F_SSL_ADD_SERVERHELLO_RENEGOTIATE_EXT	 299
+#define SSL_F_SSL_ADD_SERVERHELLO_TLSEXT		 278
 #define SSL_F_SSL_BAD_METHOD				 160
 #define SSL_F_SSL_BYTES_TO_CIPHER_LIST			 161
 #define SSL_F_SSL_CERT_DUP				 221
@@ -1596,6 +1941,8 @@ void ERR_load_SSL_strings(void);
 #define SSL_F_SSL_CERT_INSTANTIATE			 214
 #define SSL_F_SSL_CERT_NEW				 162
 #define SSL_F_SSL_CHECK_PRIVATE_KEY			 163
+#define SSL_F_SSL_CHECK_SERVERHELLO_TLSEXT		 280
+#define SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG		 279
 #define SSL_F_SSL_CIPHER_PROCESS_RULESTR		 230
 #define SSL_F_SSL_CIPHER_STRENGTH_SORT			 231
 #define SSL_F_SSL_CLEAR					 164
@@ -1604,6 +1951,8 @@ void ERR_load_SSL_strings(void);
 #define SSL_F_SSL_CTRL					 232
 #define SSL_F_SSL_CTX_CHECK_PRIVATE_KEY			 168
 #define SSL_F_SSL_CTX_NEW				 169
+#define SSL_F_SSL_CTX_SET_CIPHER_LIST			 269
+#define SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE		 290
 #define SSL_F_SSL_CTX_SET_PURPOSE			 226
 #define SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT		 219
 #define SSL_F_SSL_CTX_SET_SSL_VERSION			 170
@@ -1615,6 +1964,7 @@ void ERR_load_SSL_strings(void);
 #define SSL_F_SSL_CTX_USE_PRIVATEKEY			 174
 #define SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1		 175
 #define SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE		 176
+#define SSL_F_SSL_CTX_USE_PSK_IDENTITY_HINT		 272
 #define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY			 177
 #define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1		 178
 #define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE		 179
@@ -1626,6 +1976,13 @@ void ERR_load_SSL_strings(void);
 #define SSL_F_SSL_INIT_WBIO_BUFFER			 184
 #define SSL_F_SSL_LOAD_CLIENT_CA_FILE			 185
 #define SSL_F_SSL_NEW					 186
+#define SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT	 300
+#define SSL_F_SSL_PARSE_CLIENTHELLO_TLSEXT		 302
+#define SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT	 301
+#define SSL_F_SSL_PARSE_SERVERHELLO_TLSEXT		 303
+#define SSL_F_SSL_PEEK					 270
+#define SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT		 281
+#define SSL_F_SSL_PREPARE_SERVERHELLO_TLSEXT		 282
 #define SSL_F_SSL_READ					 223
 #define SSL_F_SSL_RSA_PRIVATE_DECRYPT			 187
 #define SSL_F_SSL_RSA_PUBLIC_ENCRYPT			 188
@@ -1633,29 +1990,39 @@ void ERR_load_SSL_strings(void);
 #define SSL_F_SSL_SESSION_PRINT_FP			 190
 #define SSL_F_SSL_SESS_CERT_NEW				 225
 #define SSL_F_SSL_SET_CERT				 191
+#define SSL_F_SSL_SET_CIPHER_LIST			 271
 #define SSL_F_SSL_SET_FD				 192
 #define SSL_F_SSL_SET_PKEY				 193
 #define SSL_F_SSL_SET_PURPOSE				 227
 #define SSL_F_SSL_SET_RFD				 194
 #define SSL_F_SSL_SET_SESSION				 195
 #define SSL_F_SSL_SET_SESSION_ID_CONTEXT		 218
+#define SSL_F_SSL_SET_SESSION_TICKET_EXT		 294
 #define SSL_F_SSL_SET_TRUST				 228
 #define SSL_F_SSL_SET_WFD				 196
 #define SSL_F_SSL_SHUTDOWN				 224
+#define SSL_F_SSL_UNDEFINED_CONST_FUNCTION		 243
 #define SSL_F_SSL_UNDEFINED_FUNCTION			 197
+#define SSL_F_SSL_UNDEFINED_VOID_FUNCTION		 244
 #define SSL_F_SSL_USE_CERTIFICATE			 198
 #define SSL_F_SSL_USE_CERTIFICATE_ASN1			 199
 #define SSL_F_SSL_USE_CERTIFICATE_FILE			 200
 #define SSL_F_SSL_USE_PRIVATEKEY			 201
 #define SSL_F_SSL_USE_PRIVATEKEY_ASN1			 202
 #define SSL_F_SSL_USE_PRIVATEKEY_FILE			 203
+#define SSL_F_SSL_USE_PSK_IDENTITY_HINT			 273
 #define SSL_F_SSL_USE_RSAPRIVATEKEY			 204
 #define SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1		 205
 #define SSL_F_SSL_USE_RSAPRIVATEKEY_FILE		 206
 #define SSL_F_SSL_VERIFY_CERT_CHAIN			 207
 #define SSL_F_SSL_WRITE					 208
+#define SSL_F_TLS1_CERT_VERIFY_MAC			 286
 #define SSL_F_TLS1_CHANGE_CIPHER_STATE			 209
+#define SSL_F_TLS1_CHECK_SERVERHELLO_TLSEXT		 274
 #define SSL_F_TLS1_ENC					 210
+#define SSL_F_TLS1_PREPARE_CLIENTHELLO_TLSEXT		 275
+#define SSL_F_TLS1_PREPARE_SERVERHELLO_TLSEXT		 276
+#define SSL_F_TLS1_PRF					 284
 #define SSL_F_TLS1_SETUP_KEY_BLOCK			 211
 #define SSL_F_WRITE_PENDING				 212
 
@@ -1673,15 +2040,18 @@ void ERR_load_SSL_strings(void);
 #define SSL_R_BAD_DH_P_LENGTH				 110
 #define SSL_R_BAD_DIGEST_LENGTH				 111
 #define SSL_R_BAD_DSA_SIGNATURE				 112
-#define SSL_R_BAD_ECC_CERT				 1117
-#define SSL_R_BAD_ECDSA_SIGNATURE			 1112
-#define SSL_R_BAD_ECPOINT				 1113
+#define SSL_R_BAD_ECC_CERT				 304
+#define SSL_R_BAD_ECDSA_SIGNATURE			 305
+#define SSL_R_BAD_ECPOINT				 306
+#define SSL_R_BAD_HANDSHAKE_LENGTH			 332
 #define SSL_R_BAD_HELLO_REQUEST				 105
 #define SSL_R_BAD_LENGTH				 271
 #define SSL_R_BAD_MAC_DECODE				 113
+#define SSL_R_BAD_MAC_LENGTH				 333
 #define SSL_R_BAD_MESSAGE_TYPE				 114
 #define SSL_R_BAD_PACKET_LENGTH				 115
 #define SSL_R_BAD_PROTOCOL_VERSION_NUMBER		 116
+#define SSL_R_BAD_PSK_IDENTITY_HINT_LENGTH		 316
 #define SSL_R_BAD_RESPONSE_ARGUMENT			 117
 #define SSL_R_BAD_RSA_DECRYPT				 118
 #define SSL_R_BAD_RSA_ENCRYPT				 119
@@ -1705,51 +2075,62 @@ void ERR_load_SSL_strings(void);
 #define SSL_R_CIPHER_CODE_WRONG_LENGTH			 137
 #define SSL_R_CIPHER_OR_HASH_UNAVAILABLE		 138
 #define SSL_R_CIPHER_TABLE_SRC_ERROR			 139
+#define SSL_R_CLIENTHELLO_TLSEXT			 226
 #define SSL_R_COMPRESSED_LENGTH_TOO_LONG		 140
+#define SSL_R_COMPRESSION_DISABLED			 343
 #define SSL_R_COMPRESSION_FAILURE			 141
-#define SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE	 1120
+#define SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE	 307
 #define SSL_R_COMPRESSION_LIBRARY_ERROR			 142
 #define SSL_R_CONNECTION_ID_IS_DIFFERENT		 143
 #define SSL_R_CONNECTION_TYPE_NOT_SET			 144
+#define SSL_R_COOKIE_MISMATCH				 308
 #define SSL_R_DATA_BETWEEN_CCS_AND_FINISHED		 145
 #define SSL_R_DATA_LENGTH_TOO_LONG			 146
 #define SSL_R_DECRYPTION_FAILED				 147
-#define SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC	 1109
+#define SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC	 281
 #define SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG		 148
 #define SSL_R_DIGEST_CHECK_FAILED			 149
-#define SSL_R_DUPLICATE_COMPRESSION_ID			 1121
-#define SSL_R_ECGROUP_TOO_LARGE_FOR_CIPHER		 1119
+#define SSL_R_DTLS_MESSAGE_TOO_BIG			 334
+#define SSL_R_DUPLICATE_COMPRESSION_ID			 309
+#define SSL_R_ECC_CERT_NOT_FOR_KEY_AGREEMENT		 317
+#define SSL_R_ECC_CERT_NOT_FOR_SIGNING			 318
+#define SSL_R_ECC_CERT_SHOULD_HAVE_RSA_SIGNATURE	 322
+#define SSL_R_ECC_CERT_SHOULD_HAVE_SHA1_SIGNATURE	 323
+#define SSL_R_ECGROUP_TOO_LARGE_FOR_CIPHER		 310
 #define SSL_R_ENCRYPTED_LENGTH_TOO_LONG			 150
-#define SSL_R_ERROR_GENERATING_TMP_RSA_KEY		 1092
+#define SSL_R_ERROR_GENERATING_TMP_RSA_KEY		 282
 #define SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST		 151
 #define SSL_R_EXCESSIVE_MESSAGE_SIZE			 152
 #define SSL_R_EXTRA_DATA_IN_MESSAGE			 153
 #define SSL_R_GOT_A_FIN_BEFORE_A_CCS			 154
 #define SSL_R_HTTPS_PROXY_REQUEST			 155
 #define SSL_R_HTTP_REQUEST				 156
-#define SSL_R_ILLEGAL_PADDING				 1110
+#define SSL_R_ILLEGAL_PADDING				 283
+#define SSL_R_INCONSISTENT_COMPRESSION			 340
 #define SSL_R_INVALID_CHALLENGE_LENGTH			 158
 #define SSL_R_INVALID_COMMAND				 280
+#define SSL_R_INVALID_COMPRESSION_ALGORITHM		 341
 #define SSL_R_INVALID_PURPOSE				 278
+#define SSL_R_INVALID_STATUS_RESPONSE			 328
+#define SSL_R_INVALID_TICKET_KEYS_LENGTH		 325
 #define SSL_R_INVALID_TRUST				 279
-#define SSL_R_KEY_ARG_TOO_LONG				 1112
-#define SSL_R_KRB5					 1104
-#define SSL_R_KRB5_C_CC_PRINC				 1094
-#define SSL_R_KRB5_C_GET_CRED				 1095
-#define SSL_R_KRB5_C_INIT				 1096
-#define SSL_R_KRB5_C_MK_REQ				 1097
-#define SSL_R_KRB5_S_BAD_TICKET				 1098
-#define SSL_R_KRB5_S_INIT				 1099
-#define SSL_R_KRB5_S_RD_REQ				 1108
-#define SSL_R_KRB5_S_TKT_EXPIRED			 1105
-#define SSL_R_KRB5_S_TKT_NYV				 1106
-#define SSL_R_KRB5_S_TKT_SKEW				 1107
+#define SSL_R_KEY_ARG_TOO_LONG				 284
+#define SSL_R_KRB5					 285
+#define SSL_R_KRB5_C_CC_PRINC				 286
+#define SSL_R_KRB5_C_GET_CRED				 287
+#define SSL_R_KRB5_C_INIT				 288
+#define SSL_R_KRB5_C_MK_REQ				 289
+#define SSL_R_KRB5_S_BAD_TICKET				 290
+#define SSL_R_KRB5_S_INIT				 291
+#define SSL_R_KRB5_S_RD_REQ				 292
+#define SSL_R_KRB5_S_TKT_EXPIRED			 293
+#define SSL_R_KRB5_S_TKT_NYV				 294
+#define SSL_R_KRB5_S_TKT_SKEW				 295
 #define SSL_R_LENGTH_MISMATCH				 159
 #define SSL_R_LENGTH_TOO_SHORT				 160
 #define SSL_R_LIBRARY_BUG				 274
 #define SSL_R_LIBRARY_HAS_NO_CIPHERS			 161
-#define SSL_R_MASTER_KEY_TOO_LONG			 1112
-#define SSL_R_MESSAGE_TOO_LONG				 1111
+#define SSL_R_MESSAGE_TOO_LONG				 296
 #define SSL_R_MISSING_DH_DSA_CERT			 162
 #define SSL_R_MISSING_DH_KEY				 163
 #define SSL_R_MISSING_DH_RSA_CERT			 164
@@ -1760,7 +2141,7 @@ void ERR_load_SSL_strings(void);
 #define SSL_R_MISSING_RSA_ENCRYPTING_CERT		 169
 #define SSL_R_MISSING_RSA_SIGNING_CERT			 170
 #define SSL_R_MISSING_TMP_DH_KEY			 171
-#define SSL_R_MISSING_TMP_ECDH_KEY			 1114
+#define SSL_R_MISSING_TMP_ECDH_KEY			 311
 #define SSL_R_MISSING_TMP_RSA_KEY			 172
 #define SSL_R_MISSING_TMP_RSA_PKEY			 173
 #define SSL_R_MISSING_VERIFY_MESSAGE			 174
@@ -1775,19 +2156,27 @@ void ERR_load_SSL_strings(void);
 #define SSL_R_NO_CIPHERS_SPECIFIED			 183
 #define SSL_R_NO_CIPHER_LIST				 184
 #define SSL_R_NO_CIPHER_MATCH				 185
+#define SSL_R_NO_CLIENT_CERT_METHOD			 331
 #define SSL_R_NO_CLIENT_CERT_RECEIVED			 186
 #define SSL_R_NO_COMPRESSION_SPECIFIED			 187
+#define SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER		 330
 #define SSL_R_NO_METHOD_SPECIFIED			 188
 #define SSL_R_NO_PRIVATEKEY				 189
 #define SSL_R_NO_PRIVATE_KEY_ASSIGNED			 190
 #define SSL_R_NO_PROTOCOLS_AVAILABLE			 191
 #define SSL_R_NO_PUBLICKEY				 192
+#define SSL_R_NO_RENEGOTIATION				 339
+#define SSL_R_NO_REQUIRED_DIGEST			 324
 #define SSL_R_NO_SHARED_CIPHER				 193
 #define SSL_R_NO_VERIFY_CALLBACK			 194
 #define SSL_R_NULL_SSL_CTX				 195
 #define SSL_R_NULL_SSL_METHOD_PASSED			 196
 #define SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED		 197
+#define SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED 344
+#define SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE		 297
+#define SSL_R_OPAQUE_PRF_INPUT_TOO_LONG			 327
 #define SSL_R_PACKET_LENGTH_TOO_LONG			 198
+#define SSL_R_PARSE_TLSEXT				 227
 #define SSL_R_PATH_TOO_LONG				 270
 #define SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE		 199
 #define SSL_R_PEER_ERROR				 200
@@ -1798,24 +2187,37 @@ void ERR_load_SSL_strings(void);
 #define SSL_R_PRE_MAC_LENGTH_TOO_LONG			 205
 #define SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS		 206
 #define SSL_R_PROTOCOL_IS_SHUTDOWN			 207
+#define SSL_R_PSK_IDENTITY_NOT_FOUND			 223
+#define SSL_R_PSK_NO_CLIENT_CB				 224
+#define SSL_R_PSK_NO_SERVER_CB				 225
 #define SSL_R_PUBLIC_KEY_ENCRYPT_ERROR			 208
 #define SSL_R_PUBLIC_KEY_IS_NOT_RSA			 209
 #define SSL_R_PUBLIC_KEY_NOT_RSA			 210
 #define SSL_R_READ_BIO_NOT_SET				 211
+#define SSL_R_READ_TIMEOUT_EXPIRED			 312
 #define SSL_R_READ_WRONG_PACKET_TYPE			 212
 #define SSL_R_RECORD_LENGTH_MISMATCH			 213
 #define SSL_R_RECORD_TOO_LARGE				 214
-#define SSL_R_RECORD_TOO_SMALL				 1093
+#define SSL_R_RECORD_TOO_SMALL				 298
+#define SSL_R_RENEGOTIATE_EXT_TOO_LONG			 335
+#define SSL_R_RENEGOTIATION_ENCODING_ERR		 336
+#define SSL_R_RENEGOTIATION_MISMATCH			 337
 #define SSL_R_REQUIRED_CIPHER_MISSING			 215
+#define SSL_R_REQUIRED_COMPRESSSION_ALGORITHM_MISSING	 342
 #define SSL_R_REUSE_CERT_LENGTH_NOT_ZERO		 216
 #define SSL_R_REUSE_CERT_TYPE_NOT_ZERO			 217
 #define SSL_R_REUSE_CIPHER_LIST_NOT_ZERO		 218
+#define SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING		 345
+#define SSL_R_SERVERHELLO_TLSEXT			 275
 #define SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED		 277
 #define SSL_R_SHORT_READ				 219
 #define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE	 220
 #define SSL_R_SSL23_DOING_SESSION_ID_REUSE		 221
-#define SSL_R_SSL2_CONNECTION_ID_TOO_LONG		 1114
-#define SSL_R_SSL3_SESSION_ID_TOO_LONG			 1113
+#define SSL_R_SSL2_CONNECTION_ID_TOO_LONG		 299
+#define SSL_R_SSL3_EXT_INVALID_ECPOINTFORMAT		 321
+#define SSL_R_SSL3_EXT_INVALID_SERVERNAME		 319
+#define SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE		 320
+#define SSL_R_SSL3_SESSION_ID_TOO_LONG			 300
 #define SSL_R_SSL3_SESSION_ID_TOO_SHORT			 222
 #define SSL_R_SSLV3_ALERT_BAD_CERTIFICATE		 1042
 #define SSL_R_SSLV3_ALERT_BAD_RECORD_MAC		 1020
@@ -1826,20 +2228,15 @@ void ERR_load_SSL_strings(void);
 #define SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE		 1040
 #define SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER		 1047
 #define SSL_R_SSLV3_ALERT_NO_CERTIFICATE		 1041
-#define SSL_R_SSLV3_ALERT_PEER_ERROR_CERTIFICATE	 223
-#define SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CERTIFICATE	 224
-#define SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CIPHER		 225
-#define SSL_R_SSLV3_ALERT_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE 226
 #define SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE		 1010
-#define SSL_R_SSLV3_ALERT_UNKNOWN_REMOTE_ERROR_TYPE	 227
 #define SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE	 1043
 #define SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION	 228
 #define SSL_R_SSL_HANDSHAKE_FAILURE			 229
 #define SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS		 230
-#define SSL_R_SSL_SESSION_ID_CALLBACK_FAILED		 1102
-#define SSL_R_SSL_SESSION_ID_CONFLICT			 1103
+#define SSL_R_SSL_SESSION_ID_CALLBACK_FAILED		 301
+#define SSL_R_SSL_SESSION_ID_CONFLICT			 302
 #define SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG		 273
-#define SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH		 1101
+#define SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH		 303
 #define SSL_R_SSL_SESSION_ID_IS_DIFFERENT		 231
 #define SSL_R_TLSV1_ALERT_ACCESS_DENIED			 1049
 #define SSL_R_TLSV1_ALERT_DECODE_ERROR			 1050
@@ -1853,15 +2250,21 @@ void ERR_load_SSL_strings(void);
 #define SSL_R_TLSV1_ALERT_RECORD_OVERFLOW		 1022
 #define SSL_R_TLSV1_ALERT_UNKNOWN_CA			 1048
 #define SSL_R_TLSV1_ALERT_USER_CANCELLED		 1090
+#define SSL_R_TLSV1_BAD_CERTIFICATE_HASH_VALUE		 1114
+#define SSL_R_TLSV1_BAD_CERTIFICATE_STATUS_RESPONSE	 1113
+#define SSL_R_TLSV1_CERTIFICATE_UNOBTAINABLE		 1111
+#define SSL_R_TLSV1_UNRECOGNIZED_NAME			 1112
+#define SSL_R_TLSV1_UNSUPPORTED_EXTENSION		 1110
 #define SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER	 232
+#define SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST		 157
 #define SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST 233
 #define SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG	 234
 #define SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER		 235
 #define SSL_R_UNABLE_TO_DECODE_DH_CERTS			 236
-#define SSL_R_UNABLE_TO_DECODE_ECDH_CERTS		 1115
+#define SSL_R_UNABLE_TO_DECODE_ECDH_CERTS		 313
 #define SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY		 237
 #define SSL_R_UNABLE_TO_FIND_DH_PARAMETERS		 238
-#define SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS		 1116
+#define SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS		 314
 #define SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS	 239
 #define SSL_R_UNABLE_TO_FIND_SSL_METHOD			 240
 #define SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES		 241
@@ -1880,12 +2283,14 @@ void ERR_load_SSL_strings(void);
 #define SSL_R_UNKNOWN_REMOTE_ERROR_TYPE			 253
 #define SSL_R_UNKNOWN_SSL_VERSION			 254
 #define SSL_R_UNKNOWN_STATE				 255
+#define SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED	 338
 #define SSL_R_UNSUPPORTED_CIPHER			 256
 #define SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM		 257
-#define SSL_R_UNSUPPORTED_ELLIPTIC_CURVE		 1118
-#define SSL_R_UNSUPPORTED_OPTION			 1091
+#define SSL_R_UNSUPPORTED_DIGEST_TYPE			 326
+#define SSL_R_UNSUPPORTED_ELLIPTIC_CURVE		 315
 #define SSL_R_UNSUPPORTED_PROTOCOL			 258
 #define SSL_R_UNSUPPORTED_SSL_VERSION			 259
+#define SSL_R_UNSUPPORTED_STATUS_TYPE			 329
 #define SSL_R_WRITE_BIO_NOT_SET				 260
 #define SSL_R_WRONG_CIPHER_RETURNED			 261
 #define SSL_R_WRONG_MESSAGE_TYPE			 262
diff --git a/ssl/ssl3.h b/ssl/ssl3.h
index 796dcbc528..baaa89e717 100644
--- a/ssl/ssl3.h
+++ b/ssl/ssl3.h
@@ -128,6 +128,9 @@
 extern "C" {
 #endif
 
+/* Signalling cipher suite value: from draft-ietf-tls-renegotiation-03.txt */
+#define SSL3_CK_SCSV				0x030000FF
+
 #define SSL3_CK_RSA_NULL_MD5			0x03000001
 #define SSL3_CK_RSA_NULL_SHA			0x03000002
 #define SSL3_CK_RSA_RC4_40_MD5 			0x03000003
@@ -159,12 +162,14 @@ extern "C" {
 #define SSL3_CK_ADH_DES_64_CBC_SHA		0x0300001A
 #define SSL3_CK_ADH_DES_192_CBC_SHA		0x0300001B
 
-#define SSL3_CK_FZA_DMS_NULL_SHA		0x0300001C
-#define SSL3_CK_FZA_DMS_FZA_SHA			0x0300001D
-#if 0 /* Because it clashes with KRB5, is never used any more, and is safe
-	 to remove according to David Hopwood <david.hopwood@zetnet.co.uk>
-	 of the ietf-tls list */
-#define SSL3_CK_FZA_DMS_RC4_SHA			0x0300001E
+#if 0
+	#define SSL3_CK_FZA_DMS_NULL_SHA		0x0300001C
+	#define SSL3_CK_FZA_DMS_FZA_SHA			0x0300001D
+	#if 0 /* Because it clashes with KRB5, is never used any more, and is safe
+		 to remove according to David Hopwood <david.hopwood@zetnet.co.uk>
+		 of the ietf-tls list */
+	#define SSL3_CK_FZA_DMS_RC4_SHA			0x0300001E
+	#endif
 #endif
 
 /*    VRS Additional Kerberos5 entries
@@ -216,9 +221,11 @@ extern "C" {
 #define SSL3_TXT_ADH_DES_64_CBC_SHA		"ADH-DES-CBC-SHA"
 #define SSL3_TXT_ADH_DES_192_CBC_SHA		"ADH-DES-CBC3-SHA"
 
-#define SSL3_TXT_FZA_DMS_NULL_SHA		"FZA-NULL-SHA"
-#define SSL3_TXT_FZA_DMS_FZA_SHA		"FZA-FZA-CBC-SHA"
-#define SSL3_TXT_FZA_DMS_RC4_SHA		"FZA-RC4-SHA"
+#if 0
+	#define SSL3_TXT_FZA_DMS_NULL_SHA		"FZA-NULL-SHA"
+	#define SSL3_TXT_FZA_DMS_FZA_SHA		"FZA-FZA-CBC-SHA"
+	#define SSL3_TXT_FZA_DMS_RC4_SHA		"FZA-RC4-SHA"
+#endif
 
 #define SSL3_TXT_KRB5_DES_64_CBC_SHA		"KRB5-DES-CBC-SHA"
 #define SSL3_TXT_KRB5_DES_192_CBC3_SHA		"KRB5-DES-CBC3-SHA"
@@ -244,19 +251,65 @@ extern "C" {
 #define SSL3_SESSION_ID_SIZE			32
 #define SSL3_RT_HEADER_LENGTH			5
 
-/* Due to MS stuffing up, this can change.... */
-#if defined(OPENSSL_SYS_WIN16) || \
-	(defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_WIN32))
-#define SSL3_RT_MAX_EXTRA			(14000)
+#ifndef SSL3_ALIGN_PAYLOAD
+ /* Some will argue that this increases memory footprint, but it's
+  * not actually true. Point is that malloc has to return at least
+  * 64-bit aligned pointers, meaning that allocating 5 bytes wastes
+  * 3 bytes in either case. Suggested pre-gaping simply moves these
+  * wasted bytes from the end of allocated region to its front,
+  * but makes data payload aligned, which improves performance:-) */
+# define SSL3_ALIGN_PAYLOAD			8
 #else
-#define SSL3_RT_MAX_EXTRA			(16384)
+# if (SSL3_ALIGN_PAYLOAD&(SSL3_ALIGN_PAYLOAD-1))!=0
+#  error "insane SSL3_ALIGN_PAYLOAD"
+#  undef SSL3_ALIGN_PAYLOAD
+# endif
 #endif
 
+/* This is the maximum MAC (digest) size used by the SSL library.
+ * Currently maximum of 20 is used by SHA1, but we reserve for
+ * future extension for 512-bit hashes.
+ */
+
+#define SSL3_RT_MAX_MD_SIZE			64
+
+/* Maximum block size used in all ciphersuites. Currently 16 for AES.
+ */
+
+#define	SSL_RT_MAX_CIPHER_BLOCK_SIZE		16
+
+#define SSL3_RT_MAX_EXTRA			(16384)
+
+/* Maximum plaintext length: defined by SSL/TLS standards */
 #define SSL3_RT_MAX_PLAIN_LENGTH		16384
-#define SSL3_RT_MAX_COMPRESSED_LENGTH	(1024+SSL3_RT_MAX_PLAIN_LENGTH)
-#define SSL3_RT_MAX_ENCRYPTED_LENGTH	(1024+SSL3_RT_MAX_COMPRESSED_LENGTH)
-#define SSL3_RT_MAX_PACKET_SIZE		(SSL3_RT_MAX_ENCRYPTED_LENGTH+SSL3_RT_HEADER_LENGTH)
-#define SSL3_RT_MAX_DATA_SIZE			(1024*1024)
+/* Maximum compression overhead: defined by SSL/TLS standards */
+#define SSL3_RT_MAX_COMPRESSED_OVERHEAD		1024
+
+/* The standards give a maximum encryption overhead of 1024 bytes.
+ * In practice the value is lower than this. The overhead is the maximum
+ * number of padding bytes (256) plus the mac size.
+ */
+#define SSL3_RT_MAX_ENCRYPTED_OVERHEAD	(256 + SSL3_RT_MAX_MD_SIZE)
+
+/* OpenSSL currently only uses a padding length of at most one block so
+ * the send overhead is smaller.
+ */
+
+#define SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD \
+			(SSL_RT_MAX_CIPHER_BLOCK_SIZE + SSL3_RT_MAX_MD_SIZE)
+
+/* If compression isn't used don't include the compression overhead */
+
+#ifdef OPENSSL_NO_COMP
+#define SSL3_RT_MAX_COMPRESSED_LENGTH		SSL3_RT_MAX_PLAIN_LENGTH
+#else
+#define SSL3_RT_MAX_COMPRESSED_LENGTH	\
+		(SSL3_RT_MAX_PLAIN_LENGTH+SSL3_RT_MAX_COMPRESSED_OVERHEAD)
+#endif
+#define SSL3_RT_MAX_ENCRYPTED_LENGTH	\
+		(SSL3_RT_MAX_ENCRYPTED_OVERHEAD+SSL3_RT_MAX_COMPRESSED_LENGTH)
+#define SSL3_RT_MAX_PACKET_SIZE		\
+		(SSL3_RT_MAX_ENCRYPTED_LENGTH+SSL3_RT_HEADER_LENGTH)
 
 #define SSL3_MD_CLIENT_FINISHED_CONST	"\x43\x4C\x4E\x54"
 #define SSL3_MD_SERVER_FINISHED_CONST	"\x53\x52\x56\x52"
@@ -294,6 +347,8 @@ typedef struct ssl3_record_st
 /*rw*/	unsigned char *data;    /* pointer to the record data */
 /*rw*/	unsigned char *input;   /* where the decode bytes are */
 /*r */	unsigned char *comp;    /* only used with decompression - malloc()ed */
+/*r */  unsigned long epoch;    /* epoch number, needed by DTLS1 */
+/*r */  unsigned char seq_num[8]; /* sequence number, needed by DTLS1 */
 	} SSL3_RECORD;
 
 typedef struct ssl3_buffer_st
@@ -316,13 +371,14 @@ typedef struct ssl3_buffer_st
  * enough to contain all of the cert types defined either for
  * SSLv3 and TLSv1.
  */
-#define SSL3_CT_NUMBER			7
+#define SSL3_CT_NUMBER			9
 
 
 #define SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS	0x0001
 #define SSL3_FLAGS_DELAY_CLIENT_FINISHED	0x0002
 #define SSL3_FLAGS_POP_BUFFER			0x0004
 #define TLS1_FLAGS_TLS_PADDING_BUG		0x0008
+#define TLS1_FLAGS_SKIP_CERT_VERIFY		0x0010
 
 typedef struct ssl3_state_st
 	{
@@ -330,8 +386,10 @@ typedef struct ssl3_state_st
 	int delay_buf_pop_ret;
 
 	unsigned char read_sequence[8];
+	int read_mac_secret_size;
 	unsigned char read_mac_secret[EVP_MAX_MD_SIZE];
 	unsigned char write_sequence[8];
+	int write_mac_secret_size;
 	unsigned char write_mac_secret[EVP_MAX_MD_SIZE];
 
 	unsigned char server_random[SSL3_RANDOM_SIZE];
@@ -341,6 +399,9 @@ typedef struct ssl3_state_st
 	int need_empty_fragments;
 	int empty_fragment_done;
 
+	/* The value of 'extra' when the buffers were initialized */
+	int init_extra;
+
 	SSL3_BUFFER rbuf;	/* read IO goes into here */
 	SSL3_BUFFER wbuf;	/* write IO goes into here */
 
@@ -362,9 +423,11 @@ typedef struct ssl3_state_st
 	const unsigned char *wpend_buf;
 
 	/* used during startup, digest all incoming/outgoing packets */
-	EVP_MD_CTX finish_dgst1;
-	EVP_MD_CTX finish_dgst2;
-
+	BIO *handshake_buffer;
+	/* When set of handshake digests is determined, buffer is hashed
+	 * and freed and MD_CTX-es for all required digests are stored in
+	 * this array */
+	EVP_MD_CTX **handshake_dgst;
 	/* this is set whenerver we see a change_cipher_spec message
 	 * come in when we are not looking for one */
 	int change_cipher_spec;
@@ -384,6 +447,14 @@ typedef struct ssl3_state_st
 
 	int in_read_app_data;
 
+	/* Opaque PRF input as used for the current handshake.
+	 * These fields are used only if TLSEXT_TYPE_opaque_prf_input is defined
+	 * (otherwise, they are merely present to improve binary compatibility) */
+	void *client_opaque_prf_input;
+	size_t client_opaque_prf_input_len;
+	void *server_opaque_prf_input;
+	size_t server_opaque_prf_input_len;
+
 	struct	{
 		/* actually only needs to be 16+20 */
 		unsigned char cert_verify_md[EVP_MAX_MD_SIZE*2];
@@ -398,7 +469,7 @@ typedef struct ssl3_state_st
 		int message_type;
 
 		/* used to hold the new cipher we are going to use */
-		SSL_CIPHER *new_cipher;
+		const SSL_CIPHER *new_cipher;
 #ifndef OPENSSL_NO_DH
 		DH *dh;
 #endif
@@ -425,6 +496,8 @@ typedef struct ssl3_state_st
 
 		const EVP_CIPHER *new_sym_enc;
 		const EVP_MD *new_hash;
+		int new_mac_pkey_type;
+		int new_mac_secret_size;
 #ifndef OPENSSL_NO_COMP
 		const SSL_COMP *new_compression;
 #else
@@ -433,8 +506,15 @@ typedef struct ssl3_state_st
 		int cert_request;
 		} tmp;
 
+        /* Connection binding to prevent renegotiation attacks */
+        unsigned char previous_client_finished[EVP_MAX_MD_SIZE];
+        unsigned char previous_client_finished_len;
+        unsigned char previous_server_finished[EVP_MAX_MD_SIZE];
+        unsigned char previous_server_finished_len;
+        int send_connection_binding; /* TODOEKR */
 	} SSL3_STATE;
 
+
 /* SSLv3 */
 /*client */
 /* extra state */
@@ -445,6 +525,8 @@ typedef struct ssl3_state_st
 /* read from server */
 #define SSL3_ST_CR_SRVR_HELLO_A		(0x120|SSL_ST_CONNECT)
 #define SSL3_ST_CR_SRVR_HELLO_B		(0x121|SSL_ST_CONNECT)
+#define DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A (0x126|SSL_ST_CONNECT)
+#define DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B (0x127|SSL_ST_CONNECT)
 #define SSL3_ST_CR_CERT_A		(0x130|SSL_ST_CONNECT)
 #define SSL3_ST_CR_CERT_B		(0x131|SSL_ST_CONNECT)
 #define SSL3_ST_CR_KEY_EXCH_A		(0x140|SSL_ST_CONNECT)
@@ -471,6 +553,10 @@ typedef struct ssl3_state_st
 #define SSL3_ST_CR_CHANGE_B		(0x1C1|SSL_ST_CONNECT)
 #define SSL3_ST_CR_FINISHED_A		(0x1D0|SSL_ST_CONNECT)
 #define SSL3_ST_CR_FINISHED_B		(0x1D1|SSL_ST_CONNECT)
+#define SSL3_ST_CR_SESSION_TICKET_A	(0x1E0|SSL_ST_CONNECT)
+#define SSL3_ST_CR_SESSION_TICKET_B	(0x1E1|SSL_ST_CONNECT)
+#define SSL3_ST_CR_CERT_STATUS_A	(0x1F0|SSL_ST_CONNECT)
+#define SSL3_ST_CR_CERT_STATUS_B	(0x1F1|SSL_ST_CONNECT)
 
 /* server */
 /* extra state */
@@ -481,6 +567,8 @@ typedef struct ssl3_state_st
 #define SSL3_ST_SR_CLNT_HELLO_B		(0x111|SSL_ST_ACCEPT)
 #define SSL3_ST_SR_CLNT_HELLO_C		(0x112|SSL_ST_ACCEPT)
 /* write to client */
+#define DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A (0x113|SSL_ST_ACCEPT)
+#define DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B (0x114|SSL_ST_ACCEPT)
 #define SSL3_ST_SW_HELLO_REQ_A		(0x120|SSL_ST_ACCEPT)
 #define SSL3_ST_SW_HELLO_REQ_B		(0x121|SSL_ST_ACCEPT)
 #define SSL3_ST_SW_HELLO_REQ_C		(0x122|SSL_ST_ACCEPT)
@@ -510,10 +598,15 @@ typedef struct ssl3_state_st
 #define SSL3_ST_SW_CHANGE_B		(0x1D1|SSL_ST_ACCEPT)
 #define SSL3_ST_SW_FINISHED_A		(0x1E0|SSL_ST_ACCEPT)
 #define SSL3_ST_SW_FINISHED_B		(0x1E1|SSL_ST_ACCEPT)
+#define SSL3_ST_SW_SESSION_TICKET_A	(0x1F0|SSL_ST_ACCEPT)
+#define SSL3_ST_SW_SESSION_TICKET_B	(0x1F1|SSL_ST_ACCEPT)
+#define SSL3_ST_SW_CERT_STATUS_A	(0x200|SSL_ST_ACCEPT)
+#define SSL3_ST_SW_CERT_STATUS_B	(0x201|SSL_ST_ACCEPT)
 
 #define SSL3_MT_HELLO_REQUEST			0
 #define SSL3_MT_CLIENT_HELLO			1
 #define SSL3_MT_SERVER_HELLO			2
+#define	SSL3_MT_NEWSESSION_TICKET		4
 #define SSL3_MT_CERTIFICATE			11
 #define SSL3_MT_SERVER_KEY_EXCHANGE		12
 #define SSL3_MT_CERTIFICATE_REQUEST		13
@@ -521,6 +614,9 @@ typedef struct ssl3_state_st
 #define SSL3_MT_CERTIFICATE_VERIFY		15
 #define SSL3_MT_CLIENT_KEY_EXCHANGE		16
 #define SSL3_MT_FINISHED			20
+#define SSL3_MT_CERTIFICATE_STATUS		22
+#define DTLS1_MT_HELLO_VERIFY_REQUEST    3
+
 
 #define SSL3_MT_CCS				1
 
diff --git a/ssl/ssl_algs.c b/ssl/ssl_algs.c
index 1a41b9967c..a26ae43957 100644
--- a/ssl/ssl_algs.c
+++ b/ssl/ssl_algs.c
@@ -76,15 +76,25 @@ int SSL_library_init(void)
 #endif  
 #ifndef OPENSSL_NO_RC2
 	EVP_add_cipher(EVP_rc2_cbc());
+	/* Not actually used for SSL/TLS but this makes PKCS#12 work
+	 * if an application only calls SSL_library_init().
+	 */
+	EVP_add_cipher(EVP_rc2_40_cbc());
 #endif
 #ifndef OPENSSL_NO_AES
 	EVP_add_cipher(EVP_aes_128_cbc());
 	EVP_add_cipher(EVP_aes_192_cbc());
 	EVP_add_cipher(EVP_aes_256_cbc());
 #endif
-#ifndef OPENSSL_NO_MD2
-	EVP_add_digest(EVP_md2());
+#ifndef OPENSSL_NO_CAMELLIA
+	EVP_add_cipher(EVP_camellia_128_cbc());
+	EVP_add_cipher(EVP_camellia_256_cbc());
 #endif
+
+#ifndef OPENSSL_NO_SEED
+	EVP_add_cipher(EVP_seed_cbc());
+#endif
+  
 #ifndef OPENSSL_NO_MD5
 	EVP_add_digest(EVP_md5());
 	EVP_add_digest_alias(SN_md5,"ssl2-md5");
@@ -115,6 +125,8 @@ int SSL_library_init(void)
 	   be discarded safely */
 	(void)SSL_COMP_get_compression_methods();
 #endif
+	/* initialize cipher/digest methods table */
+	ssl_load_ciphers();
 	return(1);
 	}
 
diff --git a/ssl/ssl_asn1.c b/ssl/ssl_asn1.c
index 9edc447b29..e484a2992d 100644
--- a/ssl/ssl_asn1.c
+++ b/ssl/ssl_asn1.c
@@ -55,6 +55,32 @@
  * copied and put under another distribution licence
  * [including the GNU Public Licence.]
  */
+/* ====================================================================
+ * Copyright 2005 Nokia. All rights reserved.
+ *
+ * The portions of the attached software ("Contribution") is developed by
+ * Nokia Corporation and is licensed pursuant to the OpenSSL open source
+ * license.
+ *
+ * The Contribution, originally written by Mika Kousa and Pasi Eronen of
+ * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+ * support (see RFC 4279) to OpenSSL.
+ *
+ * No patent licenses or other rights except those expressly stated in
+ * the OpenSSL open source license shall be deemed granted or received
+ * expressly, by implication, estoppel, or otherwise.
+ *
+ * No assurances are provided by Nokia that the Contribution does not
+ * infringe the patent or other intellectual property rights of any third
+ * party or that the license provides you with all the necessary rights
+ * to make use of the Contribution.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+ * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+ * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+ * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+ * OTHERWISE.
+ */
 
 #include <stdio.h>
 #include <stdlib.h>
@@ -68,6 +94,7 @@ typedef struct ssl_session_asn1_st
 	ASN1_INTEGER version;
 	ASN1_INTEGER ssl_version;
 	ASN1_OCTET_STRING cipher;
+	ASN1_OCTET_STRING comp_id;
 	ASN1_OCTET_STRING master_key;
 	ASN1_OCTET_STRING session_id;
 	ASN1_OCTET_STRING session_id_context;
@@ -78,14 +105,31 @@ typedef struct ssl_session_asn1_st
 	ASN1_INTEGER time;
 	ASN1_INTEGER timeout;
 	ASN1_INTEGER verify_result;
+#ifndef OPENSSL_NO_TLSEXT
+	ASN1_OCTET_STRING tlsext_hostname;
+	ASN1_INTEGER tlsext_tick_lifetime;
+	ASN1_OCTET_STRING tlsext_tick;
+#endif /* OPENSSL_NO_TLSEXT */
+#ifndef OPENSSL_NO_PSK
+	ASN1_OCTET_STRING psk_identity_hint;
+	ASN1_OCTET_STRING psk_identity;
+#endif /* OPENSSL_NO_PSK */
 	} SSL_SESSION_ASN1;
 
 int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp)
 	{
 #define LSIZE2 (sizeof(long)*2)
-	int v1=0,v2=0,v3=0,v4=0,v5=0;
+	int v1=0,v2=0,v3=0,v4=0,v5=0,v7=0,v8=0;
 	unsigned char buf[4],ibuf1[LSIZE2],ibuf2[LSIZE2];
 	unsigned char ibuf3[LSIZE2],ibuf4[LSIZE2],ibuf5[LSIZE2];
+#ifndef OPENSSL_NO_TLSEXT
+	int v6=0,v9=0,v10=0;
+	unsigned char ibuf6[LSIZE2];
+#endif
+#ifndef OPENSSL_NO_COMP
+	unsigned char cbuf;
+	int v11=0;
+#endif
 	long l;
 	SSL_SESSION_ASN1 a;
 	M_ASN1_I2D_vars(in);
@@ -129,6 +173,16 @@ int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp)
 		buf[1]=((unsigned char)(l    ))&0xff;
 		}
 
+#ifndef OPENSSL_NO_COMP
+	if (in->compress_meth)
+		{
+		cbuf = (unsigned char)in->compress_meth;
+		a.comp_id.length = 1;
+		a.comp_id.type = V_ASN1_OCTET_STRING;
+		a.comp_id.data = &cbuf;
+		}
+#endif
+
 	a.master_key.length=in->master_key_length;
 	a.master_key.type=V_ASN1_OCTET_STRING;
 	a.master_key.data=in->master_key;
@@ -153,7 +207,7 @@ int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp)
 		a.krb5_princ.data=in->krb5_client_princ;
 		}
 #endif /* OPENSSL_NO_KRB5 */
- 
+
 	if (in->time != 0L)
 		{
 		a.time.length=LSIZE2;
@@ -178,6 +232,41 @@ int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp)
 		ASN1_INTEGER_set(&a.verify_result,in->verify_result);
 		}
 
+#ifndef OPENSSL_NO_TLSEXT
+	if (in->tlsext_hostname)
+                {
+                a.tlsext_hostname.length=strlen(in->tlsext_hostname);
+                a.tlsext_hostname.type=V_ASN1_OCTET_STRING;
+                a.tlsext_hostname.data=(unsigned char *)in->tlsext_hostname;
+                }
+	if (in->tlsext_tick)
+                {
+                a.tlsext_tick.length= in->tlsext_ticklen;
+                a.tlsext_tick.type=V_ASN1_OCTET_STRING;
+                a.tlsext_tick.data=(unsigned char *)in->tlsext_tick;
+                }
+	if (in->tlsext_tick_lifetime_hint > 0)
+		{
+		a.tlsext_tick_lifetime.length=LSIZE2;
+		a.tlsext_tick_lifetime.type=V_ASN1_INTEGER;
+		a.tlsext_tick_lifetime.data=ibuf6;
+		ASN1_INTEGER_set(&a.tlsext_tick_lifetime,in->tlsext_tick_lifetime_hint);
+		}
+#endif /* OPENSSL_NO_TLSEXT */
+#ifndef OPENSSL_NO_PSK
+	if (in->psk_identity_hint)
+		{
+		a.psk_identity_hint.length=strlen(in->psk_identity_hint);
+		a.psk_identity_hint.type=V_ASN1_OCTET_STRING;
+		a.psk_identity_hint.data=(unsigned char *)(in->psk_identity_hint);
+		}
+	if (in->psk_identity)
+		{
+		a.psk_identity.length=strlen(in->psk_identity);
+		a.psk_identity.type=V_ASN1_OCTET_STRING;
+		a.psk_identity.data=(unsigned char *)(in->psk_identity);
+		}
+#endif /* OPENSSL_NO_PSK */
 
 	M_ASN1_I2D_len(&(a.version),		i2d_ASN1_INTEGER);
 	M_ASN1_I2D_len(&(a.ssl_version),	i2d_ASN1_INTEGER);
@@ -200,6 +289,25 @@ int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp)
 	if (in->verify_result != X509_V_OK)
 		M_ASN1_I2D_len_EXP_opt(&(a.verify_result),i2d_ASN1_INTEGER,5,v5);
 
+#ifndef OPENSSL_NO_TLSEXT
+	if (in->tlsext_tick_lifetime_hint > 0)
+      	 	M_ASN1_I2D_len_EXP_opt(&a.tlsext_tick_lifetime, i2d_ASN1_INTEGER,9,v9);
+	if (in->tlsext_tick)
+        	M_ASN1_I2D_len_EXP_opt(&(a.tlsext_tick), i2d_ASN1_OCTET_STRING,10,v10);
+	if (in->tlsext_hostname)
+        	M_ASN1_I2D_len_EXP_opt(&(a.tlsext_hostname), i2d_ASN1_OCTET_STRING,6,v6);
+#ifndef OPENSSL_NO_COMP
+	if (in->compress_meth)
+        	M_ASN1_I2D_len_EXP_opt(&(a.comp_id), i2d_ASN1_OCTET_STRING,11,v11);
+#endif
+#endif /* OPENSSL_NO_TLSEXT */
+#ifndef OPENSSL_NO_PSK
+	if (in->psk_identity_hint)
+        	M_ASN1_I2D_len_EXP_opt(&(a.psk_identity_hint), i2d_ASN1_OCTET_STRING,7,v7);
+	if (in->psk_identity)
+        	M_ASN1_I2D_len_EXP_opt(&(a.psk_identity), i2d_ASN1_OCTET_STRING,8,v8);
+#endif /* OPENSSL_NO_PSK */
+
 	M_ASN1_I2D_seq_total();
 
 	M_ASN1_I2D_put(&(a.version),		i2d_ASN1_INTEGER);
@@ -223,11 +331,31 @@ int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp)
 			       v4);
 	if (in->verify_result != X509_V_OK)
 		M_ASN1_I2D_put_EXP_opt(&a.verify_result,i2d_ASN1_INTEGER,5,v5);
+#ifndef OPENSSL_NO_TLSEXT
+	if (in->tlsext_hostname)
+        	M_ASN1_I2D_put_EXP_opt(&(a.tlsext_hostname), i2d_ASN1_OCTET_STRING,6,v6);
+#endif /* OPENSSL_NO_TLSEXT */
+#ifndef OPENSSL_NO_PSK
+	if (in->psk_identity_hint)
+		M_ASN1_I2D_put_EXP_opt(&(a.psk_identity_hint), i2d_ASN1_OCTET_STRING,7,v7);
+	if (in->psk_identity)
+		M_ASN1_I2D_put_EXP_opt(&(a.psk_identity), i2d_ASN1_OCTET_STRING,8,v8);
+#endif /* OPENSSL_NO_PSK */
+#ifndef OPENSSL_NO_TLSEXT
+	if (in->tlsext_tick_lifetime_hint > 0)
+      	 	M_ASN1_I2D_put_EXP_opt(&a.tlsext_tick_lifetime, i2d_ASN1_INTEGER,9,v9);
+	if (in->tlsext_tick)
+        	M_ASN1_I2D_put_EXP_opt(&(a.tlsext_tick), i2d_ASN1_OCTET_STRING,10,v10);
+#endif /* OPENSSL_NO_TLSEXT */
+#ifndef OPENSSL_NO_COMP
+	if (in->compress_meth)
+        	M_ASN1_I2D_put_EXP_opt(&(a.comp_id), i2d_ASN1_OCTET_STRING,11,v11);
+#endif
 	M_ASN1_I2D_finish();
 	}
 
-SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, unsigned char **pp,
-	     long length)
+SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp,
+			     long length)
 	{
 	int version,ssl_version=0,i;
 	long id;
@@ -242,18 +370,18 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, unsigned char **pp,
 	M_ASN1_D2I_start_sequence();
 
 	ai.data=NULL; ai.length=0;
-	M_ASN1_D2I_get(aip,d2i_ASN1_INTEGER);
+	M_ASN1_D2I_get_x(ASN1_INTEGER,aip,d2i_ASN1_INTEGER);
 	version=(int)ASN1_INTEGER_get(aip);
 	if (ai.data != NULL) { OPENSSL_free(ai.data); ai.data=NULL; ai.length=0; }
 
 	/* we don't care about the version right now :-) */
-	M_ASN1_D2I_get(aip,d2i_ASN1_INTEGER);
+	M_ASN1_D2I_get_x(ASN1_INTEGER,aip,d2i_ASN1_INTEGER);
 	ssl_version=(int)ASN1_INTEGER_get(aip);
 	ret->ssl_version=ssl_version;
 	if (ai.data != NULL) { OPENSSL_free(ai.data); ai.data=NULL; ai.length=0; }
 
 	os.data=NULL; os.length=0;
-	M_ASN1_D2I_get(osp,d2i_ASN1_OCTET_STRING);
+	M_ASN1_D2I_get_x(ASN1_OCTET_STRING,osp,d2i_ASN1_OCTET_STRING);
 	if (ssl_version == SSL2_VERSION)
 		{
 		if (os.length != 3)
@@ -266,7 +394,7 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, unsigned char **pp,
 			((unsigned long)os.data[1]<< 8L)|
 			 (unsigned long)os.data[2];
 		}
-	else if ((ssl_version>>8) == 3)
+	else if ((ssl_version>>8) == SSL3_VERSION_MAJOR)
 		{
 		if (os.length != 2)
 			{
@@ -279,17 +407,17 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, unsigned char **pp,
 		}
 	else
 		{
-		SSLerr(SSL_F_D2I_SSL_SESSION,SSL_R_UNKNOWN_SSL_VERSION);
-		return(NULL);
+		c.error=SSL_R_UNKNOWN_SSL_VERSION;
+		goto err;
 		}
 	
 	ret->cipher=NULL;
 	ret->cipher_id=id;
 
-	M_ASN1_D2I_get(osp,d2i_ASN1_OCTET_STRING);
-	if ((ssl_version>>8) == SSL3_VERSION)
+	M_ASN1_D2I_get_x(ASN1_OCTET_STRING,osp,d2i_ASN1_OCTET_STRING);
+	if ((ssl_version>>8) == SSL3_VERSION_MAJOR)
 		i=SSL3_MAX_SSL_SESSION_ID_LENGTH;
-	else /* if (ssl_version == SSL2_VERSION) */
+	else /* if (ssl_version>>8 == SSL2_VERSION_MAJOR) */
 		i=SSL2_MAX_SSL_SESSION_ID_LENGTH;
 
 	if (os.length > i)
@@ -301,8 +429,8 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, unsigned char **pp,
 	OPENSSL_assert(os.length <= (int)sizeof(ret->session_id));
 	memcpy(ret->session_id,os.data,os.length);
 
-	M_ASN1_D2I_get(osp,d2i_ASN1_OCTET_STRING);
-	if (ret->master_key_length > SSL_MAX_MASTER_KEY_LENGTH)
+	M_ASN1_D2I_get_x(ASN1_OCTET_STRING,osp,d2i_ASN1_OCTET_STRING);
+	if (os.length > SSL_MAX_MASTER_KEY_LENGTH)
 		ret->master_key_length=SSL_MAX_MASTER_KEY_LENGTH;
 	else
 		ret->master_key_length=os.length;
@@ -344,7 +472,7 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, unsigned char **pp,
 		OPENSSL_free(ai.data); ai.data=NULL; ai.length=0;
 		}
 	else
-		ret->time=time(NULL);
+		ret->time=(unsigned long)time(NULL);
 
 	ai.length=0;
 	M_ASN1_D2I_get_EXP_opt(aip,d2i_ASN1_INTEGER,2);
@@ -371,8 +499,8 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, unsigned char **pp,
 	    {
 	    if (os.length > SSL_MAX_SID_CTX_LENGTH)
 		{
-		ret->sid_ctx_length=os.length;
-		SSLerr(SSL_F_D2I_SSL_SESSION,SSL_R_BAD_LENGTH);
+		c.error=SSL_R_BAD_LENGTH;
+		goto err;
 		}
 	    else
 		{
@@ -394,5 +522,72 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, unsigned char **pp,
 	else
 		ret->verify_result=X509_V_OK;
 
+#ifndef OPENSSL_NO_TLSEXT
+	os.length=0;
+	os.data=NULL;
+	M_ASN1_D2I_get_EXP_opt(osp,d2i_ASN1_OCTET_STRING,6);
+	if (os.data)
+		{
+		ret->tlsext_hostname = BUF_strndup((char *)os.data, os.length);
+		OPENSSL_free(os.data);
+		os.data = NULL;
+		os.length = 0;
+		}
+	else
+		ret->tlsext_hostname=NULL;
+#endif /* OPENSSL_NO_TLSEXT */
+
+#ifndef OPENSSL_NO_PSK
+	os.length=0;
+	os.data=NULL;
+	M_ASN1_D2I_get_EXP_opt(osp,d2i_ASN1_OCTET_STRING,7);
+	if (os.data)
+		{
+		ret->psk_identity_hint = BUF_strndup((char *)os.data, os.length);
+		OPENSSL_free(os.data);
+		os.data = NULL;
+		os.length = 0;
+		}
+	else
+		ret->psk_identity_hint=NULL;
+#endif /* OPENSSL_NO_PSK */
+
+#ifndef OPENSSL_NO_TLSEXT
+	ai.length=0;
+	M_ASN1_D2I_get_EXP_opt(aip,d2i_ASN1_INTEGER,9);
+	if (ai.data != NULL)
+		{
+		ret->tlsext_tick_lifetime_hint=ASN1_INTEGER_get(aip);
+		OPENSSL_free(ai.data); ai.data=NULL; ai.length=0;
+		}
+	else if (ret->tlsext_ticklen && ret->session_id_length)
+		ret->tlsext_tick_lifetime_hint = -1;
+	else
+		ret->tlsext_tick_lifetime_hint=0;
+	os.length=0;
+	os.data=NULL;
+	M_ASN1_D2I_get_EXP_opt(osp,d2i_ASN1_OCTET_STRING,10);
+	if (os.data)
+		{
+		ret->tlsext_tick = os.data;
+		ret->tlsext_ticklen = os.length;
+		os.data = NULL;
+		os.length = 0;
+		}
+	else
+		ret->tlsext_tick=NULL;
+#endif /* OPENSSL_NO_TLSEXT */
+#ifndef OPENSSL_NO_COMP
+	os.length=0;
+	os.data=NULL;
+	M_ASN1_D2I_get_EXP_opt(osp,d2i_ASN1_OCTET_STRING,11);
+	if (os.data)
+		{
+		ret->compress_meth = os.data[0];
+		OPENSSL_free(os.data);
+		os.data = NULL;
+		}
+#endif
+
 	M_ASN1_D2I_Finish(a,SSL_SESSION_free,SSL_F_D2I_SSL_SESSION);
 	}
diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c
index b515c064a8..be51b42f23 100644
--- a/ssl/ssl_cert.c
+++ b/ssl/ssl_cert.c
@@ -56,7 +56,7 @@
  * [including the GNU Public Licence.]
  */
 /* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1998-2007 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -73,12 +73,12 @@
  * 3. All advertising materials mentioning features or use of this
  *    software must display the following acknowledgment:
  *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
  *
  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
  *    endorse or promote products derived from this software without
  *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
+ *    openssl-core@openssl.org.
  *
  * 5. Products derived from this software may not be called "OpenSSL"
  *    nor may "OpenSSL" appear in their names without prior written
@@ -87,7 +87,7 @@
  * 6. Redistributions of any form whatsoever must retain the following
  *    acknowledgment:
  *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
  *
  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
@@ -102,6 +102,11 @@
  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
  * OF THE POSSIBILITY OF SUCH DAMAGE.
  * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
  */
 /* ====================================================================
  * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
@@ -121,28 +126,37 @@
 #include <openssl/bio.h>
 #include <openssl/pem.h>
 #include <openssl/x509v3.h>
+#ifndef OPENSSL_NO_DH
 #include <openssl/dh.h>
+#endif
 #include <openssl/bn.h>
 #include "ssl_locl.h"
 
 int SSL_get_ex_data_X509_STORE_CTX_idx(void)
 	{
 	static volatile int ssl_x509_store_ctx_idx= -1;
+	int got_write_lock = 0;
+
+	CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
 
 	if (ssl_x509_store_ctx_idx < 0)
 		{
-		/* any write lock will do; usually this branch
-		 * will only be taken once anyway */
+		CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
 		CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
+		got_write_lock = 1;
 		
 		if (ssl_x509_store_ctx_idx < 0)
 			{
 			ssl_x509_store_ctx_idx=X509_STORE_CTX_get_ex_new_index(
 				0,"SSL for verify callback",NULL,NULL,NULL);
 			}
-		
-		CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
 		}
+
+	if (got_write_lock)
+		CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
+	else
+		CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
+	
 	return ssl_x509_store_ctx_idx;
 	}
 
@@ -183,8 +197,10 @@ CERT *ssl_cert_dup(CERT *cert)
 	 * if you find that more readable */
 
 	ret->valid = cert->valid;
-	ret->mask = cert->mask;
-	ret->export_mask = cert->export_mask;
+	ret->mask_k = cert->mask_k;
+	ret->mask_a = cert->mask_a;
+	ret->export_mask_k = cert->export_mask_k;
+	ret->export_mask_a = cert->export_mask_a;
 
 #ifndef OPENSSL_NO_RSA
 	if (cert->rsa_tmp != NULL)
@@ -198,7 +214,6 @@ CERT *ssl_cert_dup(CERT *cert)
 #ifndef OPENSSL_NO_DH
 	if (cert->dh_tmp != NULL)
 		{
-		/* DH parameters don't have a reference count */
 		ret->dh_tmp = DHparams_dup(cert->dh_tmp);
 		if (ret->dh_tmp == NULL)
 			{
@@ -232,8 +247,12 @@ CERT *ssl_cert_dup(CERT *cert)
 #ifndef OPENSSL_NO_ECDH
 	if (cert->ecdh_tmp)
 		{
-		EC_KEY_up_ref(cert->ecdh_tmp);
-		ret->ecdh_tmp = cert->ecdh_tmp;
+		ret->ecdh_tmp = EC_KEY_dup(cert->ecdh_tmp);
+		if (ret->ecdh_tmp == NULL)
+			{
+			SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_EC_LIB);
+			goto err;
+			}
 		}
 	ret->ecdh_tmp_cb = cert->ecdh_tmp_cb;
 #endif
@@ -291,7 +310,7 @@ CERT *ssl_cert_dup(CERT *cert)
 
 	return(ret);
 	
-#ifndef OPENSSL_NO_DH /* avoid 'unreferenced label' warning if OPENSSL_NO_DH is defined */
+#if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_ECDH)
 err:
 #endif
 #ifndef OPENSSL_NO_RSA
@@ -483,9 +502,6 @@ int ssl_verify_cert_chain(SSL *s,STACK_OF(X509) *sk)
 		SSLerr(SSL_F_SSL_VERIFY_CERT_CHAIN,ERR_R_X509_LIB);
 		return(0);
 		}
-	if (s->param)
-		X509_VERIFY_PARAM_inherit(X509_STORE_CTX_get0_param(&ctx),
-						s->param);
 #if 0
 	if (SSL_get_verify_depth(s) >= 0)
 		X509_STORE_CTX_set_depth(&ctx, SSL_get_verify_depth(s));
@@ -499,6 +515,10 @@ int ssl_verify_cert_chain(SSL *s,STACK_OF(X509) *sk)
 
 	X509_STORE_CTX_set_default(&ctx,
 				s->server ? "ssl_client" : "ssl_server");
+	/* Anything non-default in "param" should overwrite anything in the
+	 * ctx.
+	 */
+	X509_VERIFY_PARAM_set1(X509_STORE_CTX_get0_param(&ctx), s->param);
 
 	if (s->verify_callback)
 		X509_STORE_CTX_set_verify_cb(&ctx, s->verify_callback);
@@ -563,12 +583,12 @@ void SSL_CTX_set_client_CA_list(SSL_CTX *ctx,STACK_OF(X509_NAME) *name_list)
 	set_client_CA_list(&(ctx->client_CA),name_list);
 	}
 
-STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(SSL_CTX *ctx)
+STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(const SSL_CTX *ctx)
 	{
 	return(ctx->client_CA);
 	}
 
-STACK_OF(X509_NAME) *SSL_get_client_CA_list(SSL *s)
+STACK_OF(X509_NAME) *SSL_get_client_CA_list(const SSL *s)
 	{
 	if (s->type == SSL_ST_CONNECT)
 		{ /* we are in the client */
@@ -635,14 +655,13 @@ STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file)
 	BIO *in;
 	X509 *x=NULL;
 	X509_NAME *xn=NULL;
-	STACK_OF(X509_NAME) *ret,*sk;
+	STACK_OF(X509_NAME) *ret = NULL,*sk;
 
-	ret=sk_X509_NAME_new_null();
 	sk=sk_X509_NAME_new(xname_cmp);
 
 	in=BIO_new(BIO_s_file_internal());
 
-	if ((ret == NULL) || (sk == NULL) || (in == NULL))
+	if ((sk == NULL) || (in == NULL))
 		{
 		SSLerr(SSL_F_SSL_LOAD_CLIENT_CA_FILE,ERR_R_MALLOC_FAILURE);
 		goto err;
@@ -655,6 +674,15 @@ STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file)
 		{
 		if (PEM_read_bio_X509(in,&x,NULL,NULL) == NULL)
 			break;
+		if (ret == NULL)
+			{
+			ret = sk_X509_NAME_new_null();
+			if (ret == NULL)
+				{
+				SSLerr(SSL_F_SSL_LOAD_CLIENT_CA_FILE,ERR_R_MALLOC_FAILURE);
+				goto err;
+				}
+			}
 		if ((xn=X509_get_subject_name(x)) == NULL) goto err;
 		/* check for duplicates */
 		xn=X509_NAME_dup(xn);
@@ -677,6 +705,8 @@ err:
 	if (sk != NULL) sk_X509_NAME_free(sk);
 	if (in != NULL) BIO_free(in);
 	if (x != NULL) X509_free(x);
+	if (ret != NULL)
+		ERR_clear_error();
 	return(ret);
 	}
 #endif
@@ -735,7 +765,7 @@ err:
 	if(x != NULL)
 		X509_free(x);
 	
-	sk_X509_NAME_set_cmp_func(stack,oldcmp);
+	(void)sk_X509_NAME_set_cmp_func(stack,oldcmp);
 
 	return ret;
 	}
diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c
index da231de213..bee3507ea1 100644
--- a/ssl/ssl_ciph.c
+++ b/ssl/ssl_ciph.c
@@ -56,13 +56,98 @@
  * [including the GNU Public Licence.]
  */
 /* ====================================================================
+ * Copyright (c) 1998-2007 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* ====================================================================
  * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
  * ECC cipher suite support in OpenSSL originally developed by 
  * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
  */
+/* ====================================================================
+ * Copyright 2005 Nokia. All rights reserved.
+ *
+ * The portions of the attached software ("Contribution") is developed by
+ * Nokia Corporation and is licensed pursuant to the OpenSSL open source
+ * license.
+ *
+ * The Contribution, originally written by Mika Kousa and Pasi Eronen of
+ * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+ * support (see RFC 4279) to OpenSSL.
+ *
+ * No patent licenses or other rights except those expressly stated in
+ * the OpenSSL open source license shall be deemed granted or received
+ * expressly, by implication, estoppel, or otherwise.
+ *
+ * No assurances are provided by Nokia that the Contribution does not
+ * infringe the patent or other intellectual property rights of any third
+ * party or that the license provides you with all the necessary rights
+ * to make use of the Contribution.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+ * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+ * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+ * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+ * OTHERWISE.
+ */
+
 #include <stdio.h>
 #include <openssl/objects.h>
+#ifndef OPENSSL_NO_COMP
 #include <openssl/comp.h>
+#endif
+#ifndef OPENSSL_NO_ENGINE
+#include <openssl/engine.h>
+#endif
 #include "ssl_locl.h"
 
 #define SSL_ENC_DES_IDX		0
@@ -70,14 +155,18 @@
 #define SSL_ENC_RC4_IDX		2
 #define SSL_ENC_RC2_IDX		3
 #define SSL_ENC_IDEA_IDX	4
-#define SSL_ENC_eFZA_IDX	5
-#define SSL_ENC_NULL_IDX	6
-#define SSL_ENC_AES128_IDX	7
-#define SSL_ENC_AES256_IDX	8
-#define SSL_ENC_NUM_IDX		9
+#define SSL_ENC_NULL_IDX	5
+#define SSL_ENC_AES128_IDX	6
+#define SSL_ENC_AES256_IDX	7
+#define SSL_ENC_CAMELLIA128_IDX	8
+#define SSL_ENC_CAMELLIA256_IDX	9
+#define SSL_ENC_GOST89_IDX	10
+#define SSL_ENC_SEED_IDX    	11
+#define SSL_ENC_NUM_IDX		12
+
 
 static const EVP_CIPHER *ssl_cipher_methods[SSL_ENC_NUM_IDX]={
-	NULL,NULL,NULL,NULL,NULL,NULL,
+	NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,
 	};
 
 #define SSL_COMP_NULL_IDX	0
@@ -88,9 +177,30 @@ static STACK_OF(SSL_COMP) *ssl_comp_methods=NULL;
 
 #define SSL_MD_MD5_IDX	0
 #define SSL_MD_SHA1_IDX	1
-#define SSL_MD_NUM_IDX	2
+#define SSL_MD_GOST94_IDX 2
+#define SSL_MD_GOST89MAC_IDX 3
+/*Constant SSL_MAX_DIGEST equal to size of digests array should be 
+ * defined in the
+ * ssl_locl.h */
+#define SSL_MD_NUM_IDX	SSL_MAX_DIGEST 
 static const EVP_MD *ssl_digest_methods[SSL_MD_NUM_IDX]={
-	NULL,NULL,
+	NULL,NULL,NULL,NULL
+	};
+/* PKEY_TYPE for GOST89MAC is known in advance, but, because
+ * implementation is engine-provided, we'll fill it only if
+ * corresponding EVP_PKEY_METHOD is found 
+ */
+static int  ssl_mac_pkey_id[SSL_MD_NUM_IDX]={
+	EVP_PKEY_HMAC,EVP_PKEY_HMAC,EVP_PKEY_HMAC,NID_undef
+	};
+
+static int ssl_mac_secret_size[SSL_MD_NUM_IDX]={
+	0,0,0,0
+	};
+
+static int ssl_handshake_digest_flag[SSL_MD_NUM_IDX]={
+	SSL_HANDSHAKE_MAC_MD5,SSL_HANDSHAKE_MAC_SHA,
+	SSL_HANDSHAKE_MAC_GOST94,0
 	};
 
 #define CIPHER_ADD	1
@@ -101,73 +211,146 @@ static const EVP_MD *ssl_digest_methods[SSL_MD_NUM_IDX]={
 
 typedef struct cipher_order_st
 	{
-	SSL_CIPHER *cipher;
+	const SSL_CIPHER *cipher;
 	int active;
 	int dead;
 	struct cipher_order_st *next,*prev;
 	} CIPHER_ORDER;
 
 static const SSL_CIPHER cipher_aliases[]={
-	/* Don't include eNULL unless specifically enabled. */
-	/* Don't include ECC in ALL because these ciphers are not yet official. */
-	{0,SSL_TXT_ALL, 0,SSL_ALL & ~SSL_eNULL & ~SSL_kECDH & ~SSL_kECDHE, SSL_ALL ,0,0,0,SSL_ALL,SSL_ALL}, /* must be first */
-	/* TODO: COMPLEMENT OF ALL and COMPLEMENT OF DEFAULT do not have ECC cipher suites handled properly. */
-	{0,SSL_TXT_CMPALL,0,SSL_eNULL,0,0,0,0,SSL_ENC_MASK,0},  /* COMPLEMENT OF ALL */
-	{0,SSL_TXT_CMPDEF,0,SSL_ADH, 0,0,0,0,SSL_AUTH_MASK,0},
-	{0,SSL_TXT_kKRB5,0,SSL_kKRB5,0,0,0,0,SSL_MKEY_MASK,0},  /* VRS Kerberos5 */
-	{0,SSL_TXT_kRSA,0,SSL_kRSA,  0,0,0,0,SSL_MKEY_MASK,0},
-	{0,SSL_TXT_kDHr,0,SSL_kDHr,  0,0,0,0,SSL_MKEY_MASK,0},
-	{0,SSL_TXT_kDHd,0,SSL_kDHd,  0,0,0,0,SSL_MKEY_MASK,0},
-	{0,SSL_TXT_kEDH,0,SSL_kEDH,  0,0,0,0,SSL_MKEY_MASK,0},
-	{0,SSL_TXT_kFZA,0,SSL_kFZA,  0,0,0,0,SSL_MKEY_MASK,0},
-	{0,SSL_TXT_DH,	0,SSL_DH,    0,0,0,0,SSL_MKEY_MASK,0},
-	{0,SSL_TXT_ECC,	0,(SSL_kECDH|SSL_kECDHE), 0,0,0,0,SSL_MKEY_MASK,0},
-	{0,SSL_TXT_EDH,	0,SSL_EDH,   0,0,0,0,SSL_MKEY_MASK|SSL_AUTH_MASK,0},
-	{0,SSL_TXT_aKRB5,0,SSL_aKRB5,0,0,0,0,SSL_AUTH_MASK,0},  /* VRS Kerberos5 */
-	{0,SSL_TXT_aRSA,0,SSL_aRSA,  0,0,0,0,SSL_AUTH_MASK,0},
-	{0,SSL_TXT_aDSS,0,SSL_aDSS,  0,0,0,0,SSL_AUTH_MASK,0},
-	{0,SSL_TXT_aFZA,0,SSL_aFZA,  0,0,0,0,SSL_AUTH_MASK,0},
-	{0,SSL_TXT_aNULL,0,SSL_aNULL,0,0,0,0,SSL_AUTH_MASK,0},
-	{0,SSL_TXT_aDH, 0,SSL_aDH,   0,0,0,0,SSL_AUTH_MASK,0},
-	{0,SSL_TXT_DSS,	0,SSL_DSS,   0,0,0,0,SSL_AUTH_MASK,0},
-
-	{0,SSL_TXT_DES,	0,SSL_DES,   0,0,0,0,SSL_ENC_MASK,0},
-	{0,SSL_TXT_3DES,0,SSL_3DES,  0,0,0,0,SSL_ENC_MASK,0},
-	{0,SSL_TXT_RC4,	0,SSL_RC4,   0,0,0,0,SSL_ENC_MASK,0},
-	{0,SSL_TXT_RC2,	0,SSL_RC2,   0,0,0,0,SSL_ENC_MASK,0},
-#ifndef OPENSSL_NO_IDEA
-	{0,SSL_TXT_IDEA,0,SSL_IDEA,  0,0,0,0,SSL_ENC_MASK,0},
-#endif
-	{0,SSL_TXT_eNULL,0,SSL_eNULL,0,0,0,0,SSL_ENC_MASK,0},
-	{0,SSL_TXT_eFZA,0,SSL_eFZA,  0,0,0,0,SSL_ENC_MASK,0},
-	{0,SSL_TXT_AES,	0,SSL_AES,   0,0,0,0,SSL_ENC_MASK,0},
-
-	{0,SSL_TXT_MD5,	0,SSL_MD5,   0,0,0,0,SSL_MAC_MASK,0},
-	{0,SSL_TXT_SHA1,0,SSL_SHA1,  0,0,0,0,SSL_MAC_MASK,0},
-	{0,SSL_TXT_SHA,	0,SSL_SHA,   0,0,0,0,SSL_MAC_MASK,0},
-
-	{0,SSL_TXT_NULL,0,SSL_NULL,  0,0,0,0,SSL_ENC_MASK,0},
-	{0,SSL_TXT_KRB5,0,SSL_KRB5,  0,0,0,0,SSL_AUTH_MASK|SSL_MKEY_MASK,0},
-	{0,SSL_TXT_RSA,	0,SSL_RSA,   0,0,0,0,SSL_AUTH_MASK|SSL_MKEY_MASK,0},
-	{0,SSL_TXT_ADH,	0,SSL_ADH,   0,0,0,0,SSL_AUTH_MASK|SSL_MKEY_MASK,0},
-	{0,SSL_TXT_FZA,	0,SSL_FZA,   0,0,0,0,SSL_AUTH_MASK|SSL_MKEY_MASK|SSL_ENC_MASK,0},
-
-	{0,SSL_TXT_SSLV2, 0,SSL_SSLV2, 0,0,0,0,SSL_SSL_MASK,0},
-	{0,SSL_TXT_SSLV3, 0,SSL_SSLV3, 0,0,0,0,SSL_SSL_MASK,0},
-	{0,SSL_TXT_TLSV1, 0,SSL_TLSV1, 0,0,0,0,SSL_SSL_MASK,0},
-
-	{0,SSL_TXT_EXP   ,0, 0,SSL_EXPORT, 0,0,0,0,SSL_EXP_MASK},
-	{0,SSL_TXT_EXPORT,0, 0,SSL_EXPORT, 0,0,0,0,SSL_EXP_MASK},
-	{0,SSL_TXT_EXP40, 0, 0, SSL_EXP40, 0,0,0,0,SSL_STRONG_MASK},
-	{0,SSL_TXT_EXP56, 0, 0, SSL_EXP56, 0,0,0,0,SSL_STRONG_MASK},
-	{0,SSL_TXT_LOW,   0, 0,   SSL_LOW, 0,0,0,0,SSL_STRONG_MASK},
-	{0,SSL_TXT_MEDIUM,0, 0,SSL_MEDIUM, 0,0,0,0,SSL_STRONG_MASK},
-	{0,SSL_TXT_HIGH,  0, 0,  SSL_HIGH, 0,0,0,0,SSL_STRONG_MASK},
+	/* "ALL" doesn't include eNULL (must be specifically enabled) */
+	{0,SSL_TXT_ALL,0,     0,0,~SSL_eNULL,0,0,0,0,0,0},
+	/* "COMPLEMENTOFALL" */
+	{0,SSL_TXT_CMPALL,0,  0,0,SSL_eNULL,0,0,0,0,0,0},
+
+	/* "COMPLEMENTOFDEFAULT" (does *not* include ciphersuites not found in ALL!) */
+	{0,SSL_TXT_CMPDEF,0,  SSL_kEDH|SSL_kEECDH,SSL_aNULL,~SSL_eNULL,0,0,0,0,0,0},
+
+	/* key exchange aliases
+	 * (some of those using only a single bit here combine
+	 * multiple key exchange algs according to the RFCs,
+	 * e.g. kEDH combines DHE_DSS and DHE_RSA) */
+	{0,SSL_TXT_kRSA,0,    SSL_kRSA,  0,0,0,0,0,0,0,0},
+
+	{0,SSL_TXT_kDHr,0,    SSL_kDHr,  0,0,0,0,0,0,0,0}, /* no such ciphersuites supported! */
+	{0,SSL_TXT_kDHd,0,    SSL_kDHd,  0,0,0,0,0,0,0,0}, /* no such ciphersuites supported! */
+	{0,SSL_TXT_kDH,0,     SSL_kDHr|SSL_kDHd,0,0,0,0,0,0,0,0}, /* no such ciphersuites supported! */
+	{0,SSL_TXT_kEDH,0,    SSL_kEDH,  0,0,0,0,0,0,0,0},
+	{0,SSL_TXT_DH,0,      SSL_kDHr|SSL_kDHd|SSL_kEDH,0,0,0,0,0,0,0,0},
+
+	{0,SSL_TXT_kKRB5,0,   SSL_kKRB5, 0,0,0,0,0,0,0,0},
+
+	{0,SSL_TXT_kECDHr,0,  SSL_kECDHr,0,0,0,0,0,0,0,0},
+	{0,SSL_TXT_kECDHe,0,  SSL_kECDHe,0,0,0,0,0,0,0,0},
+	{0,SSL_TXT_kECDH,0,   SSL_kECDHr|SSL_kECDHe,0,0,0,0,0,0,0,0},
+	{0,SSL_TXT_kEECDH,0,  SSL_kEECDH,0,0,0,0,0,0,0,0},
+	{0,SSL_TXT_ECDH,0,    SSL_kECDHr|SSL_kECDHe|SSL_kEECDH,0,0,0,0,0,0,0,0},
+
+        {0,SSL_TXT_kPSK,0,    SSL_kPSK,  0,0,0,0,0,0,0,0},
+	{0,SSL_TXT_kGOST,0, SSL_kGOST,0,0,0,0,0,0,0,0},
+
+	/* server authentication aliases */
+	{0,SSL_TXT_aRSA,0,    0,SSL_aRSA,  0,0,0,0,0,0,0},
+	{0,SSL_TXT_aDSS,0,    0,SSL_aDSS,  0,0,0,0,0,0,0},
+	{0,SSL_TXT_DSS,0,     0,SSL_aDSS,   0,0,0,0,0,0,0},
+	{0,SSL_TXT_aKRB5,0,   0,SSL_aKRB5, 0,0,0,0,0,0,0},
+	{0,SSL_TXT_aNULL,0,   0,SSL_aNULL, 0,0,0,0,0,0,0},
+	{0,SSL_TXT_aDH,0,     0,SSL_aDH,   0,0,0,0,0,0,0}, /* no such ciphersuites supported! */
+	{0,SSL_TXT_aECDH,0,   0,SSL_aECDH, 0,0,0,0,0,0,0},
+	{0,SSL_TXT_aECDSA,0,  0,SSL_aECDSA,0,0,0,0,0,0,0},
+	{0,SSL_TXT_ECDSA,0,   0,SSL_aECDSA, 0,0,0,0,0,0,0},
+        {0,SSL_TXT_aPSK,0,    0,SSL_aPSK,  0,0,0,0,0,0,0},
+	{0,SSL_TXT_aGOST94,0,0,SSL_aGOST94,0,0,0,0,0,0,0},
+	{0,SSL_TXT_aGOST01,0,0,SSL_aGOST01,0,0,0,0,0,0,0},
+	{0,SSL_TXT_aGOST,0,0,SSL_aGOST94|SSL_aGOST01,0,0,0,0,0,0,0},
+
+	/* aliases combining key exchange and server authentication */
+	{0,SSL_TXT_EDH,0,     SSL_kEDH,~SSL_aNULL,0,0,0,0,0,0,0},
+	{0,SSL_TXT_EECDH,0,   SSL_kEECDH,~SSL_aNULL,0,0,0,0,0,0,0},
+	{0,SSL_TXT_NULL,0,    0,0,SSL_eNULL, 0,0,0,0,0,0},
+	{0,SSL_TXT_KRB5,0,    SSL_kKRB5,SSL_aKRB5,0,0,0,0,0,0,0},
+	{0,SSL_TXT_RSA,0,     SSL_kRSA,SSL_aRSA,0,0,0,0,0,0,0},
+	{0,SSL_TXT_ADH,0,     SSL_kEDH,SSL_aNULL,0,0,0,0,0,0,0},
+	{0,SSL_TXT_AECDH,0,   SSL_kEECDH,SSL_aNULL,0,0,0,0,0,0,0},
+        {0,SSL_TXT_PSK,0,     SSL_kPSK,SSL_aPSK,0,0,0,0,0,0,0},
+
+
+	/* symmetric encryption aliases */
+	{0,SSL_TXT_DES,0,     0,0,SSL_DES,   0,0,0,0,0,0},
+	{0,SSL_TXT_3DES,0,    0,0,SSL_3DES,  0,0,0,0,0,0},
+	{0,SSL_TXT_RC4,0,     0,0,SSL_RC4,   0,0,0,0,0,0},
+	{0,SSL_TXT_RC2,0,     0,0,SSL_RC2,   0,0,0,0,0,0},
+	{0,SSL_TXT_IDEA,0,    0,0,SSL_IDEA,  0,0,0,0,0,0},
+	{0,SSL_TXT_SEED,0,    0,0,SSL_SEED,  0,0,0,0,0,0},
+	{0,SSL_TXT_eNULL,0,   0,0,SSL_eNULL, 0,0,0,0,0,0},
+	{0,SSL_TXT_AES128,0,  0,0,SSL_AES128,0,0,0,0,0,0},
+	{0,SSL_TXT_AES256,0,  0,0,SSL_AES256,0,0,0,0,0,0},
+	{0,SSL_TXT_AES,0,     0,0,SSL_AES128|SSL_AES256,0,0,0,0,0,0},
+	{0,SSL_TXT_CAMELLIA128,0,0,0,SSL_CAMELLIA128,0,0,0,0,0,0},
+	{0,SSL_TXT_CAMELLIA256,0,0,0,SSL_CAMELLIA256,0,0,0,0,0,0},
+	{0,SSL_TXT_CAMELLIA   ,0,0,0,SSL_CAMELLIA128|SSL_CAMELLIA256,0,0,0,0,0,0},
+
+	/* MAC aliases */	
+	{0,SSL_TXT_MD5,0,     0,0,0,SSL_MD5,   0,0,0,0,0},
+	{0,SSL_TXT_SHA1,0,    0,0,0,SSL_SHA1,  0,0,0,0,0},
+	{0,SSL_TXT_SHA,0,     0,0,0,SSL_SHA1,  0,0,0,0,0},
+	{0,SSL_TXT_GOST94,0,     0,0,0,SSL_GOST94,  0,0,0,0,0},
+	{0,SSL_TXT_GOST89MAC,0,     0,0,0,SSL_GOST89MAC,  0,0,0,0,0},
+
+	/* protocol version aliases */
+	{0,SSL_TXT_SSLV2,0,   0,0,0,0,SSL_SSLV2, 0,0,0,0},
+	{0,SSL_TXT_SSLV3,0,   0,0,0,0,SSL_SSLV3, 0,0,0,0},
+	{0,SSL_TXT_TLSV1,0,   0,0,0,0,SSL_TLSV1, 0,0,0,0},
+
+	/* export flag */
+	{0,SSL_TXT_EXP,0,     0,0,0,0,0,SSL_EXPORT,0,0,0},
+	{0,SSL_TXT_EXPORT,0,  0,0,0,0,0,SSL_EXPORT,0,0,0},
+
+	/* strength classes */
+	{0,SSL_TXT_EXP40,0,   0,0,0,0,0,SSL_EXP40, 0,0,0},
+	{0,SSL_TXT_EXP56,0,   0,0,0,0,0,SSL_EXP56, 0,0,0},
+	{0,SSL_TXT_LOW,0,     0,0,0,0,0,SSL_LOW,   0,0,0},
+	{0,SSL_TXT_MEDIUM,0,  0,0,0,0,0,SSL_MEDIUM,0,0,0},
+	{0,SSL_TXT_HIGH,0,    0,0,0,0,0,SSL_HIGH,  0,0,0},
+	/* FIPS 140-2 approved ciphersuite */
+	{0,SSL_TXT_FIPS,0,    0,0,~SSL_eNULL,0,0,SSL_FIPS,  0,0,0},
 	};
+/* Search for public key algorithm with given name and 
+ * return its pkey_id if it is available. Otherwise return 0
+ */
+#ifdef OPENSSL_NO_ENGINE
 
-static int init_ciphers=1;
+static int get_optional_pkey_id(const char *pkey_name)
+	{
+	const EVP_PKEY_ASN1_METHOD *ameth;
+	int pkey_id=0;
+	ameth = EVP_PKEY_asn1_find_str(NULL,pkey_name,-1);
+	if (ameth) 
+		{
+		EVP_PKEY_asn1_get0_info(&pkey_id, NULL,NULL,NULL,NULL,ameth);
+		}		
+	return pkey_id;
+	}
+
+#else
 
-static void load_ciphers(void)
+static int get_optional_pkey_id(const char *pkey_name)
+	{
+	const EVP_PKEY_ASN1_METHOD *ameth;
+	ENGINE *tmpeng = NULL;
+	int pkey_id=0;
+	ameth = EVP_PKEY_asn1_find_str(&tmpeng,pkey_name,-1);
+	if (ameth)
+		{
+		EVP_PKEY_asn1_get0_info(&pkey_id, NULL,NULL,NULL,NULL,ameth);
+		}
+	if (tmpeng) ENGINE_finish(tmpeng);
+	return pkey_id;
+	}
+
+#endif
+
+void ssl_load_ciphers(void)
 	{
 	ssl_cipher_methods[SSL_ENC_DES_IDX]= 
 		EVP_get_cipherbyname(SN_des_cbc);
@@ -187,13 +370,42 @@ static void load_ciphers(void)
 	  EVP_get_cipherbyname(SN_aes_128_cbc);
 	ssl_cipher_methods[SSL_ENC_AES256_IDX]=
 	  EVP_get_cipherbyname(SN_aes_256_cbc);
+	ssl_cipher_methods[SSL_ENC_CAMELLIA128_IDX]=
+	  EVP_get_cipherbyname(SN_camellia_128_cbc);
+	ssl_cipher_methods[SSL_ENC_CAMELLIA256_IDX]=
+	  EVP_get_cipherbyname(SN_camellia_256_cbc);
+	ssl_cipher_methods[SSL_ENC_GOST89_IDX]=
+	  EVP_get_cipherbyname(SN_gost89_cnt);
+	ssl_cipher_methods[SSL_ENC_SEED_IDX]=
+	  EVP_get_cipherbyname(SN_seed_cbc);
 
 	ssl_digest_methods[SSL_MD_MD5_IDX]=
 		EVP_get_digestbyname(SN_md5);
+	ssl_mac_secret_size[SSL_MD_MD5_IDX]=
+		EVP_MD_size(ssl_digest_methods[SSL_MD_MD5_IDX]);
+	OPENSSL_assert(ssl_mac_secret_size[SSL_MD_MD5_IDX] >= 0);
 	ssl_digest_methods[SSL_MD_SHA1_IDX]=
 		EVP_get_digestbyname(SN_sha1);
-	init_ciphers=0;
+	ssl_mac_secret_size[SSL_MD_SHA1_IDX]=
+		EVP_MD_size(ssl_digest_methods[SSL_MD_SHA1_IDX]);
+	OPENSSL_assert(ssl_mac_secret_size[SSL_MD_SHA1_IDX] >= 0);
+	ssl_digest_methods[SSL_MD_GOST94_IDX]=
+		EVP_get_digestbyname(SN_id_GostR3411_94);
+	if (ssl_digest_methods[SSL_MD_GOST94_IDX])
+		{	
+		ssl_mac_secret_size[SSL_MD_GOST94_IDX]=
+			EVP_MD_size(ssl_digest_methods[SSL_MD_GOST94_IDX]);
+		OPENSSL_assert(ssl_mac_secret_size[SSL_MD_GOST94_IDX] >= 0);
+		}
+	ssl_digest_methods[SSL_MD_GOST89MAC_IDX]=
+		EVP_get_digestbyname(SN_id_Gost28147_89_MAC);
+		ssl_mac_pkey_id[SSL_MD_GOST89MAC_IDX] = get_optional_pkey_id("gost-mac");
+		if (ssl_mac_pkey_id[SSL_MD_GOST89MAC_IDX]) {
+			ssl_mac_secret_size[SSL_MD_GOST89MAC_IDX]=32;
+		}		
+
 	}
+#ifndef OPENSSL_NO_COMP
 
 static int sk_comp_cmp(const SSL_COMP * const *a,
 			const SSL_COMP * const *b)
@@ -203,51 +415,63 @@ static int sk_comp_cmp(const SSL_COMP * const *a,
 
 static void load_builtin_compressions(void)
 	{
-	if (ssl_comp_methods != NULL)
-		return;
+	int got_write_lock = 0;
 
-	CRYPTO_w_lock(CRYPTO_LOCK_SSL);
+	CRYPTO_r_lock(CRYPTO_LOCK_SSL);
 	if (ssl_comp_methods == NULL)
 		{
-		SSL_COMP *comp = NULL;
-
-		MemCheck_off();
-		ssl_comp_methods=sk_SSL_COMP_new(sk_comp_cmp);
-		if (ssl_comp_methods != NULL)
+		CRYPTO_r_unlock(CRYPTO_LOCK_SSL);
+		CRYPTO_w_lock(CRYPTO_LOCK_SSL);
+		got_write_lock = 1;
+		
+		if (ssl_comp_methods == NULL)
 			{
-			comp=(SSL_COMP *)OPENSSL_malloc(sizeof(SSL_COMP));
-			if (comp != NULL)
+			SSL_COMP *comp = NULL;
+
+			MemCheck_off();
+			ssl_comp_methods=sk_SSL_COMP_new(sk_comp_cmp);
+			if (ssl_comp_methods != NULL)
 				{
-				comp->method=COMP_zlib();
-				if (comp->method
-					&& comp->method->type == NID_undef)
-					OPENSSL_free(comp);
-				else
+				comp=(SSL_COMP *)OPENSSL_malloc(sizeof(SSL_COMP));
+				if (comp != NULL)
 					{
-					comp->id=SSL_COMP_ZLIB_IDX;
-					comp->name=comp->method->name;
-					sk_SSL_COMP_push(ssl_comp_methods,comp);
+					comp->method=COMP_zlib();
+					if (comp->method
+						&& comp->method->type == NID_undef)
+						OPENSSL_free(comp);
+					else
+						{
+						comp->id=SSL_COMP_ZLIB_IDX;
+						comp->name=comp->method->name;
+						sk_SSL_COMP_push(ssl_comp_methods,comp);
+						}
 					}
 				}
+			MemCheck_on();
 			}
-		MemCheck_on();
 		}
-	CRYPTO_w_unlock(CRYPTO_LOCK_SSL);
+	
+	if (got_write_lock)
+		CRYPTO_w_unlock(CRYPTO_LOCK_SSL);
+	else
+		CRYPTO_r_unlock(CRYPTO_LOCK_SSL);
 	}
+#endif
 
-int ssl_cipher_get_evp(SSL_SESSION *s, const EVP_CIPHER **enc,
-	     const EVP_MD **md, SSL_COMP **comp)
+int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc,
+	     const EVP_MD **md, int *mac_pkey_type, int *mac_secret_size,SSL_COMP **comp)
 	{
 	int i;
-	SSL_CIPHER *c;
+	const SSL_CIPHER *c;
 
 	c=s->cipher;
 	if (c == NULL) return(0);
 	if (comp != NULL)
 		{
 		SSL_COMP ctmp;
-
+#ifndef OPENSSL_NO_COMP
 		load_builtin_compressions();
+#endif
 
 		*comp=NULL;
 		ctmp.id=s->compress_meth;
@@ -263,7 +487,7 @@ int ssl_cipher_get_evp(SSL_SESSION *s, const EVP_CIPHER **enc,
 
 	if ((enc == NULL) || (md == NULL)) return(0);
 
-	switch (c->algorithms & SSL_ENC_MASK)
+	switch (c->algorithm_enc)
 		{
 	case SSL_DES:
 		i=SSL_ENC_DES_IDX;
@@ -283,13 +507,23 @@ int ssl_cipher_get_evp(SSL_SESSION *s, const EVP_CIPHER **enc,
 	case SSL_eNULL:
 		i=SSL_ENC_NULL_IDX;
 		break;
-	case SSL_AES:
-		switch(c->alg_bits)
-			{
-		case 128: i=SSL_ENC_AES128_IDX; break;
-		case 256: i=SSL_ENC_AES256_IDX; break;
-		default: i=-1; break;
-			}
+	case SSL_AES128:
+		i=SSL_ENC_AES128_IDX;
+		break;
+	case SSL_AES256:
+		i=SSL_ENC_AES256_IDX;
+		break;
+	case SSL_CAMELLIA128:
+		i=SSL_ENC_CAMELLIA128_IDX;
+		break;
+	case SSL_CAMELLIA256:
+		i=SSL_ENC_CAMELLIA256_IDX;
+		break;
+	case SSL_eGOST2814789CNT:
+		i=SSL_ENC_GOST89_IDX;
+		break;
+	case SSL_SEED:
+		i=SSL_ENC_SEED_IDX;
 		break;
 	default:
 		i= -1;
@@ -306,7 +540,7 @@ int ssl_cipher_get_evp(SSL_SESSION *s, const EVP_CIPHER **enc,
 			*enc=ssl_cipher_methods[i];
 		}
 
-	switch (c->algorithms & SSL_MAC_MASK)
+	switch (c->algorithm_mac)
 		{
 	case SSL_MD5:
 		i=SSL_MD_MD5_IDX;
@@ -314,21 +548,48 @@ int ssl_cipher_get_evp(SSL_SESSION *s, const EVP_CIPHER **enc,
 	case SSL_SHA1:
 		i=SSL_MD_SHA1_IDX;
 		break;
+	case SSL_GOST94:
+		i = SSL_MD_GOST94_IDX;
+		break;
+	case SSL_GOST89MAC:
+		i = SSL_MD_GOST89MAC_IDX;
+		break;
 	default:
 		i= -1;
 		break;
 		}
 	if ((i < 0) || (i > SSL_MD_NUM_IDX))
-		*md=NULL;
+	{
+		*md=NULL; 
+		if (mac_pkey_type!=NULL) *mac_pkey_type = NID_undef;
+		if (mac_secret_size!=NULL) *mac_secret_size = 0;
+
+	}
 	else
+	{
 		*md=ssl_digest_methods[i];
+		if (mac_pkey_type!=NULL) *mac_pkey_type = ssl_mac_pkey_id[i];
+		if (mac_secret_size!=NULL) *mac_secret_size = ssl_mac_secret_size[i];
+	}	
 
-	if ((*enc != NULL) && (*md != NULL))
+	if ((*enc != NULL) && (*md != NULL) && (!mac_pkey_type||*mac_pkey_type != NID_undef))
 		return(1);
 	else
 		return(0);
 	}
 
+int ssl_get_handshake_digest(int idx, long *mask, const EVP_MD **md) 
+{
+	if (idx <0||idx>=SSL_MD_NUM_IDX) 
+		{
+		return 0;
+		}
+	if (ssl_handshake_digest_flag[idx]==0) return 0;
+	*mask = ssl_handshake_digest_flag[idx];
+	*md = ssl_digest_methods[idx];
+	return 1;
+}
+
 #define ITEM_SEP(a) \
 	(((a) == ':') || ((a) == ' ') || ((a) == ';') || ((a) == ','))
 
@@ -340,7 +601,7 @@ static void ll_append_tail(CIPHER_ORDER **head, CIPHER_ORDER *curr,
 		*head=curr->next;
 	if (curr->prev != NULL)
 		curr->prev->next=curr->next;
-	if (curr->next != NULL) /* should always be true */
+	if (curr->next != NULL)
 		curr->next->prev=curr->prev;
 	(*tail)->next=curr;
 	curr->prev= *tail;
@@ -348,50 +609,105 @@ static void ll_append_tail(CIPHER_ORDER **head, CIPHER_ORDER *curr,
 	*tail=curr;
 	}
 
-static unsigned long ssl_cipher_get_disabled(void)
+static void ll_append_head(CIPHER_ORDER **head, CIPHER_ORDER *curr,
+	     CIPHER_ORDER **tail)
+	{
+	if (curr == *head) return;
+	if (curr == *tail)
+		*tail=curr->prev;
+	if (curr->next != NULL)
+		curr->next->prev=curr->prev;
+	if (curr->prev != NULL)
+		curr->prev->next=curr->next;
+	(*head)->prev=curr;
+	curr->next= *head;
+	curr->prev=NULL;
+	*head=curr;
+	}
+
+static void ssl_cipher_get_disabled(unsigned long *mkey, unsigned long *auth, unsigned long *enc, unsigned long *mac, unsigned long *ssl)
 	{
-	unsigned long mask;
+	*mkey = 0;
+	*auth = 0;
+	*enc = 0;
+	*mac = 0;
+	*ssl = 0;
 
-	mask = SSL_kFZA;
 #ifdef OPENSSL_NO_RSA
-	mask |= SSL_aRSA|SSL_kRSA;
+	*mkey |= SSL_kRSA;
+	*auth |= SSL_aRSA;
 #endif
 #ifdef OPENSSL_NO_DSA
-	mask |= SSL_aDSS;
+	*auth |= SSL_aDSS;
 #endif
+	*mkey |= SSL_kDHr|SSL_kDHd; /* no such ciphersuites supported! */
+	*auth |= SSL_aDH;
 #ifdef OPENSSL_NO_DH
-	mask |= SSL_kDHr|SSL_kDHd|SSL_kEDH|SSL_aDH;
+	*mkey |= SSL_kDHr|SSL_kDHd|SSL_kEDH;
+	*auth |= SSL_aDH;
 #endif
 #ifdef OPENSSL_NO_KRB5
-	mask |= SSL_kKRB5|SSL_aKRB5;
+	*mkey |= SSL_kKRB5;
+	*auth |= SSL_aKRB5;
+#endif
+#ifdef OPENSSL_NO_ECDSA
+	*auth |= SSL_aECDSA;
 #endif
 #ifdef OPENSSL_NO_ECDH
-	mask |= SSL_kECDH|SSL_kECDHE;
+	*mkey |= SSL_kECDHe|SSL_kECDHr;
+	*auth |= SSL_aECDH;
 #endif
+#ifdef OPENSSL_NO_PSK
+	*mkey |= SSL_kPSK;
+	*auth |= SSL_aPSK;
+#endif
+	/* Check for presence of GOST 34.10 algorithms, and if they
+	 * do not present, disable  appropriate auth and key exchange */
+	if (!get_optional_pkey_id("gost94")) {
+		*auth |= SSL_aGOST94;
+	}
+	if (!get_optional_pkey_id("gost2001")) {
+		*auth |= SSL_aGOST01;
+	}
+	/* Disable GOST key exchange if no GOST signature algs are available * */
+	if ((*auth & (SSL_aGOST94|SSL_aGOST01)) == (SSL_aGOST94|SSL_aGOST01)) {
+		*mkey |= SSL_kGOST;
+	}	
 #ifdef SSL_FORBID_ENULL
-	mask |= SSL_eNULL;
+	*enc |= SSL_eNULL;
 #endif
+		
+
+
+	*enc |= (ssl_cipher_methods[SSL_ENC_DES_IDX ] == NULL) ? SSL_DES :0;
+	*enc |= (ssl_cipher_methods[SSL_ENC_3DES_IDX] == NULL) ? SSL_3DES:0;
+	*enc |= (ssl_cipher_methods[SSL_ENC_RC4_IDX ] == NULL) ? SSL_RC4 :0;
+	*enc |= (ssl_cipher_methods[SSL_ENC_RC2_IDX ] == NULL) ? SSL_RC2 :0;
+	*enc |= (ssl_cipher_methods[SSL_ENC_IDEA_IDX] == NULL) ? SSL_IDEA:0;
+	*enc |= (ssl_cipher_methods[SSL_ENC_AES128_IDX] == NULL) ? SSL_AES128:0;
+	*enc |= (ssl_cipher_methods[SSL_ENC_AES256_IDX] == NULL) ? SSL_AES256:0;
+	*enc |= (ssl_cipher_methods[SSL_ENC_CAMELLIA128_IDX] == NULL) ? SSL_CAMELLIA128:0;
+	*enc |= (ssl_cipher_methods[SSL_ENC_CAMELLIA256_IDX] == NULL) ? SSL_CAMELLIA256:0;
+	*enc |= (ssl_cipher_methods[SSL_ENC_GOST89_IDX] == NULL) ? SSL_eGOST2814789CNT:0;
+	*enc |= (ssl_cipher_methods[SSL_ENC_SEED_IDX] == NULL) ? SSL_SEED:0;
+
+	*mac |= (ssl_digest_methods[SSL_MD_MD5_IDX ] == NULL) ? SSL_MD5 :0;
+	*mac |= (ssl_digest_methods[SSL_MD_SHA1_IDX] == NULL) ? SSL_SHA1:0;
+	*mac |= (ssl_digest_methods[SSL_MD_GOST94_IDX] == NULL) ? SSL_GOST94:0;
+	*mac |= (ssl_digest_methods[SSL_MD_GOST89MAC_IDX] == NULL || ssl_mac_pkey_id[SSL_MD_GOST89MAC_IDX]==NID_undef)? SSL_GOST89MAC:0;
 
-	mask |= (ssl_cipher_methods[SSL_ENC_DES_IDX ] == NULL) ? SSL_DES :0;
-	mask |= (ssl_cipher_methods[SSL_ENC_3DES_IDX] == NULL) ? SSL_3DES:0;
-	mask |= (ssl_cipher_methods[SSL_ENC_RC4_IDX ] == NULL) ? SSL_RC4 :0;
-	mask |= (ssl_cipher_methods[SSL_ENC_RC2_IDX ] == NULL) ? SSL_RC2 :0;
-	mask |= (ssl_cipher_methods[SSL_ENC_IDEA_IDX] == NULL) ? SSL_IDEA:0;
-	mask |= (ssl_cipher_methods[SSL_ENC_eFZA_IDX] == NULL) ? SSL_eFZA:0;
-	mask |= (ssl_cipher_methods[SSL_ENC_AES128_IDX] == NULL) ? SSL_AES:0;
-
-	mask |= (ssl_digest_methods[SSL_MD_MD5_IDX ] == NULL) ? SSL_MD5 :0;
-	mask |= (ssl_digest_methods[SSL_MD_SHA1_IDX] == NULL) ? SSL_SHA1:0;
-
-	return(mask);
 	}
 
 static void ssl_cipher_collect_ciphers(const SSL_METHOD *ssl_method,
-		int num_of_ciphers, unsigned long mask, CIPHER_ORDER *co_list,
-		CIPHER_ORDER **head_p, CIPHER_ORDER **tail_p)
+                int num_of_ciphers,
+                unsigned long disabled_mkey, unsigned long disabled_auth,
+                unsigned long disabled_enc, unsigned long disabled_mac,
+                unsigned long disabled_ssl,
+                CIPHER_ORDER *co_list,
+                CIPHER_ORDER **head_p, CIPHER_ORDER **tail_p)
 	{
 	int i, co_list_num;
-	SSL_CIPHER *c;
+	const SSL_CIPHER *c;
 
 	/*
 	 * We have num_of_ciphers descriptions compiled in, depending on the
@@ -406,7 +722,12 @@ static void ssl_cipher_collect_ciphers(const SSL_METHOD *ssl_method,
 		{
 		c = ssl_method->get_cipher(i);
 		/* drop those that use any of that is not available */
-		if ((c != NULL) && c->valid && !(c->algorithms & mask))
+		if ((c != NULL) && c->valid &&
+		    !(c->algorithm_mkey & disabled_mkey) &&
+		    !(c->algorithm_auth & disabled_auth) &&
+		    !(c->algorithm_enc & disabled_enc) &&
+		    !(c->algorithm_mac & disabled_mac) &&
+		    !(c->algorithm_ssl & disabled_ssl))
 			{
 			co_list[co_list_num].cipher = c;
 			co_list[co_list_num].next = NULL;
@@ -414,7 +735,7 @@ static void ssl_cipher_collect_ciphers(const SSL_METHOD *ssl_method,
 			co_list[co_list_num].active = 0;
 			co_list_num++;
 #ifdef KSSL_DEBUG
-			printf("\t%d: %s %lx %lx\n",i,c->name,c->id,c->algorithms);
+			printf("\t%d: %s %lx %lx %lx\n",i,c->name,c->id,c->algorithm_mkey,c->algorithm_auth);
 #endif	/* KSSL_DEBUG */
 			/*
 			if (!sk_push(ca_list,(char *)c)) goto err;
@@ -425,29 +746,45 @@ static void ssl_cipher_collect_ciphers(const SSL_METHOD *ssl_method,
 	/*
 	 * Prepare linked list from list entries
 	 */	
-	for (i = 1; i < co_list_num - 1; i++)
-		{
-		co_list[i].prev = &(co_list[i-1]);
-		co_list[i].next = &(co_list[i+1]);
-		}
 	if (co_list_num > 0)
 		{
-		(*head_p) = &(co_list[0]);
-		(*head_p)->prev = NULL;
-		(*head_p)->next = &(co_list[1]);
-		(*tail_p) = &(co_list[co_list_num - 1]);
-		(*tail_p)->prev = &(co_list[co_list_num - 2]);
-		(*tail_p)->next = NULL;
+		co_list[0].prev = NULL;
+
+		if (co_list_num > 1)
+			{
+			co_list[0].next = &co_list[1];
+			
+			for (i = 1; i < co_list_num - 1; i++)
+				{
+				co_list[i].prev = &co_list[i - 1];
+				co_list[i].next = &co_list[i + 1];
+				}
+
+			co_list[co_list_num - 1].prev = &co_list[co_list_num - 2];
+			}
+		
+		co_list[co_list_num - 1].next = NULL;
+
+		*head_p = &co_list[0];
+		*tail_p = &co_list[co_list_num - 1];
 		}
 	}
 
-static void ssl_cipher_collect_aliases(SSL_CIPHER **ca_list,
-			int num_of_group_aliases, unsigned long mask,
+static void ssl_cipher_collect_aliases(const SSL_CIPHER **ca_list,
+                        int num_of_group_aliases,
+                        unsigned long disabled_mkey, unsigned long disabled_auth,
+                        unsigned long disabled_enc, unsigned long disabled_mac,
+                        unsigned long disabled_ssl,
 			CIPHER_ORDER *head)
 	{
 	CIPHER_ORDER *ciph_curr;
-	SSL_CIPHER **ca_curr;
+	const SSL_CIPHER **ca_curr;
 	int i;
+	unsigned long mask_mkey = ~disabled_mkey;
+	unsigned long mask_auth = ~disabled_auth;
+	unsigned long mask_enc = ~disabled_enc;
+	unsigned long mask_mac = ~disabled_mac;
+	unsigned long mask_ssl = ~disabled_ssl;
 
 	/*
 	 * First, add the real ciphers as already collected
@@ -463,74 +800,118 @@ static void ssl_cipher_collect_aliases(SSL_CIPHER **ca_list,
 
 	/*
 	 * Now we add the available ones from the cipher_aliases[] table.
-	 * They represent either an algorithm, that must be fully
-	 * supported (not match any bit in mask) or represent a cipher
-	 * strength value (will be added in any case because algorithms=0).
+	 * They represent either one or more algorithms, some of which
+	 * in any affected category must be supported (set in enabled_mask),
+	 * or represent a cipher strength value (will be added in any case because algorithms=0).
 	 */
 	for (i = 0; i < num_of_group_aliases; i++)
 		{
-		if ((i == 0) ||		/* always fetch "ALL" */
-		    !(cipher_aliases[i].algorithms & mask))
-			{
-			*ca_curr = (SSL_CIPHER *)(cipher_aliases + i);
-			ca_curr++;
-			}
+		unsigned long algorithm_mkey = cipher_aliases[i].algorithm_mkey;
+		unsigned long algorithm_auth = cipher_aliases[i].algorithm_auth;
+		unsigned long algorithm_enc = cipher_aliases[i].algorithm_enc;
+		unsigned long algorithm_mac = cipher_aliases[i].algorithm_mac;
+		unsigned long algorithm_ssl = cipher_aliases[i].algorithm_ssl;
+
+		if (algorithm_mkey)
+			if ((algorithm_mkey & mask_mkey) == 0)
+				continue;
+	
+		if (algorithm_auth)
+			if ((algorithm_auth & mask_auth) == 0)
+				continue;
+		
+		if (algorithm_enc)
+			if ((algorithm_enc & mask_enc) == 0)
+				continue;
+		
+		if (algorithm_mac)
+			if ((algorithm_mac & mask_mac) == 0)
+				continue;
+		
+		if (algorithm_ssl)
+			if ((algorithm_ssl & mask_ssl) == 0)
+				continue;
+		
+		*ca_curr = (SSL_CIPHER *)(cipher_aliases + i);
+		ca_curr++;
 		}
 
 	*ca_curr = NULL;	/* end of list */
 	}
 
-static void ssl_cipher_apply_rule(unsigned long algorithms, unsigned long mask,
-		unsigned long algo_strength, unsigned long mask_strength,
-		int rule, int strength_bits, CIPHER_ORDER *co_list,
+static void ssl_cipher_apply_rule(unsigned long cipher_id,
+                unsigned long alg_mkey, unsigned long alg_auth,
+                unsigned long alg_enc, unsigned long alg_mac,
+                unsigned long alg_ssl,
+		unsigned long algo_strength,
+		int rule, int strength_bits,
 		CIPHER_ORDER **head_p, CIPHER_ORDER **tail_p)
 	{
-	CIPHER_ORDER *head, *tail, *curr, *curr2, *tail2;
-	SSL_CIPHER *cp;
-	unsigned long ma, ma_s;
+	CIPHER_ORDER *head, *tail, *curr, *curr2, *last;
+	const SSL_CIPHER *cp;
+	int reverse = 0;
 
 #ifdef CIPHER_DEBUG
-	printf("Applying rule %d with %08lx %08lx %08lx %08lx (%d)\n",
-		rule, algorithms, mask, algo_strength, mask_strength,
-		strength_bits);
+	printf("Applying rule %d with %08lx/%08lx/%08lx/%08lx/%08lx %08lx (%d)\n",
+		rule, alg_mkey, alg_auth, alg_enc, alg_mac, alg_ssl, algo_strength, strength_bits);
 #endif
 
-	curr = head = *head_p;
-	curr2 = head;
-	tail2 = tail = *tail_p;
+	if (rule == CIPHER_DEL)
+		reverse = 1; /* needed to maintain sorting between currently deleted ciphers */
+
+	head = *head_p;
+	tail = *tail_p;
+
+	if (reverse)
+		{
+		curr = tail;
+		last = head;
+		}
+	else
+		{
+		curr = head;
+		last = tail;
+		}
+
+	curr2 = curr;
 	for (;;)
 		{
-		if ((curr == NULL) || (curr == tail2)) break;
+		if ((curr == NULL) || (curr == last)) break;
 		curr = curr2;
-		curr2 = curr->next;
+		curr2 = reverse ? curr->prev : curr->next;
 
 		cp = curr->cipher;
 
 		/*
-		 * Selection criteria is either the number of strength_bits
-		 * or the algorithm used.
+		 * Selection criteria is either the value of strength_bits
+		 * or the algorithms used.
 		 */
-		if (strength_bits == -1)
+		if (strength_bits >= 0)
+			{
+			if (strength_bits != cp->strength_bits)
+				continue;
+			}
+		else
 			{
-			ma = mask & cp->algorithms;
-			ma_s = mask_strength & cp->algo_strength;
-
 #ifdef CIPHER_DEBUG
-			printf("\nName: %s:\nAlgo = %08lx Algo_strength = %08lx\nMask = %08lx Mask_strength %08lx\n", cp->name, cp->algorithms, cp->algo_strength, mask, mask_strength);
-			printf("ma = %08lx ma_s %08lx, ma&algo=%08lx, ma_s&algos=%08lx\n", ma, ma_s, ma&algorithms, ma_s&algo_strength);
+			printf("\nName: %s:\nAlgo = %08lx/%08lx/%08lx/%08lx/%08lx Algo_strength = %08lx\n", cp->name, cp->algorithm_mkey, cp->algorithm_auth, cp->algorithm_enc, cp->algorithm_mac, cp->algorithm_ssl, cp->algo_strength);
 #endif
-			/*
-			 * Select: if none of the mask bit was met from the
-			 * cipher or not all of the bits were met, the
-			 * selection does not apply.
-			 */
-			if (((ma == 0) && (ma_s == 0)) ||
-			    ((ma & algorithms) != ma) ||
-			    ((ma_s & algo_strength) != ma_s))
-				continue; /* does not apply */
+
+			if (alg_mkey && !(alg_mkey & cp->algorithm_mkey))
+				continue;
+			if (alg_auth && !(alg_auth & cp->algorithm_auth))
+				continue;
+			if (alg_enc && !(alg_enc & cp->algorithm_enc))
+				continue;
+			if (alg_mac && !(alg_mac & cp->algorithm_mac))
+				continue;
+			if (alg_ssl && !(alg_ssl & cp->algorithm_ssl))
+				continue;
+			if ((algo_strength & SSL_EXP_MASK) && !(algo_strength & SSL_EXP_MASK & cp->algo_strength))
+				continue;
+			if ((algo_strength & SSL_STRONG_MASK) && !(algo_strength & SSL_STRONG_MASK & cp->algo_strength))
+				continue;
 			}
-		else if (strength_bits != cp->strength_bits)
-			continue;	/* does not apply */
 
 #ifdef CIPHER_DEBUG
 		printf("Action = %d\n", rule);
@@ -539,6 +920,7 @@ static void ssl_cipher_apply_rule(unsigned long algorithms, unsigned long mask,
 		/* add the cipher if it has not been added yet. */
 		if (rule == CIPHER_ADD)
 			{
+			/* reverse == 0 */
 			if (!curr->active)
 				{
 				ll_append_tail(&head, curr, &tail);
@@ -548,15 +930,27 @@ static void ssl_cipher_apply_rule(unsigned long algorithms, unsigned long mask,
 		/* Move the added cipher to this location */
 		else if (rule == CIPHER_ORD)
 			{
+			/* reverse == 0 */
 			if (curr->active)
 				{
 				ll_append_tail(&head, curr, &tail);
 				}
 			}
 		else if	(rule == CIPHER_DEL)
-			curr->active = 0;
+			{
+			/* reverse == 1 */
+			if (curr->active)
+				{
+				/* most recently deleted ciphersuites get best positions
+				 * for any future CIPHER_ADD (note that the CIPHER_DEL loop
+				 * works in reverse to maintain the order) */
+				ll_append_head(&head, curr, &tail);
+				curr->active = 0;
+				}
+			}
 		else if (rule == CIPHER_KILL)
 			{
+			/* reverse == 0 */
 			if (head == curr)
 				head = curr->next;
 			else
@@ -577,8 +971,7 @@ static void ssl_cipher_apply_rule(unsigned long algorithms, unsigned long mask,
 	*tail_p = tail;
 	}
 
-static int ssl_cipher_strength_sort(CIPHER_ORDER *co_list,
-				    CIPHER_ORDER **head_p,
+static int ssl_cipher_strength_sort(CIPHER_ORDER **head_p,
 				    CIPHER_ORDER **tail_p)
 	{
 	int max_strength_bits, i, *number_uses;
@@ -601,10 +994,10 @@ static int ssl_cipher_strength_sort(CIPHER_ORDER *co_list,
 
 	number_uses = OPENSSL_malloc((max_strength_bits + 1) * sizeof(int));
 	if (!number_uses)
-	{
+		{
 		SSLerr(SSL_F_SSL_CIPHER_STRENGTH_SORT,ERR_R_MALLOC_FAILURE);
 		return(0);
-	}
+		}
 	memset(number_uses, 0, (max_strength_bits + 1) * sizeof(int));
 
 	/*
@@ -623,20 +1016,20 @@ static int ssl_cipher_strength_sort(CIPHER_ORDER *co_list,
 	 */
 	for (i = max_strength_bits; i >= 0; i--)
 		if (number_uses[i] > 0)
-			ssl_cipher_apply_rule(0, 0, 0, 0, CIPHER_ORD, i,
-					co_list, head_p, tail_p);
+			ssl_cipher_apply_rule(0, 0, 0, 0, 0, 0, 0, CIPHER_ORD, i, head_p, tail_p);
 
 	OPENSSL_free(number_uses);
 	return(1);
 	}
 
 static int ssl_cipher_process_rulestr(const char *rule_str,
-		CIPHER_ORDER *co_list, CIPHER_ORDER **head_p,
-		CIPHER_ORDER **tail_p, SSL_CIPHER **ca_list)
+                CIPHER_ORDER **head_p, CIPHER_ORDER **tail_p,
+                const SSL_CIPHER **ca_list)
 	{
-	unsigned long algorithms, mask, algo_strength, mask_strength;
+	unsigned long alg_mkey, alg_auth, alg_enc, alg_mac, alg_ssl, algo_strength;
 	const char *l, *start, *buf;
 	int j, multi, found, rule, retval, ok, buflen;
+	unsigned long cipher_id = 0;
 	char ch;
 
 	retval = 1;
@@ -664,7 +1057,12 @@ static int ssl_cipher_process_rulestr(const char *rule_str,
 			continue;
 			}
 
-		algorithms = mask = algo_strength = mask_strength = 0;
+		alg_mkey = 0;
+		alg_auth = 0;
+		alg_enc = 0;
+		alg_mac = 0;
+		alg_ssl = 0;
+		algo_strength = 0;
 
 		start=l;
 		for (;;)
@@ -725,8 +1123,9 @@ static int ssl_cipher_process_rulestr(const char *rule_str,
 			 * sufficient, we have to strncmp() anyway. (We cannot
 			 * use strcmp(), because buf is not '\0' terminated.)
 			 */
-			 j = found = 0;
-			 while (ca_list[j])
+			j = found = 0;
+			cipher_id = 0;
+			while (ca_list[j])
 				{
 				if (!strncmp(buf, ca_list[j]->name, buflen) &&
 				    (ca_list[j]->name[buflen] == '\0'))
@@ -737,14 +1136,100 @@ static int ssl_cipher_process_rulestr(const char *rule_str,
 				else
 					j++;
 				}
+
 			if (!found)
 				break;	/* ignore this entry */
 
-			algorithms |= ca_list[j]->algorithms;
-			mask |= ca_list[j]->mask;
-			algo_strength |= ca_list[j]->algo_strength;
-			mask_strength |= ca_list[j]->mask_strength;
+			if (ca_list[j]->algorithm_mkey)
+				{
+				if (alg_mkey)
+					{
+					alg_mkey &= ca_list[j]->algorithm_mkey;
+					if (!alg_mkey) { found = 0; break; }
+					}
+				else
+					alg_mkey = ca_list[j]->algorithm_mkey;
+				}
+
+			if (ca_list[j]->algorithm_auth)
+				{
+				if (alg_auth)
+					{
+					alg_auth &= ca_list[j]->algorithm_auth;
+					if (!alg_auth) { found = 0; break; }
+					}
+				else
+					alg_auth = ca_list[j]->algorithm_auth;
+				}
+			
+			if (ca_list[j]->algorithm_enc)
+				{
+				if (alg_enc)
+					{
+					alg_enc &= ca_list[j]->algorithm_enc;
+					if (!alg_enc) { found = 0; break; }
+					}
+				else
+					alg_enc = ca_list[j]->algorithm_enc;
+				}
+						
+			if (ca_list[j]->algorithm_mac)
+				{
+				if (alg_mac)
+					{
+					alg_mac &= ca_list[j]->algorithm_mac;
+					if (!alg_mac) { found = 0; break; }
+					}
+				else
+					alg_mac = ca_list[j]->algorithm_mac;
+				}
+			
+			if (ca_list[j]->algo_strength & SSL_EXP_MASK)
+				{
+				if (algo_strength & SSL_EXP_MASK)
+					{
+					algo_strength &= (ca_list[j]->algo_strength & SSL_EXP_MASK) | ~SSL_EXP_MASK;
+					if (!(algo_strength & SSL_EXP_MASK)) { found = 0; break; }
+					}
+				else
+					algo_strength |= ca_list[j]->algo_strength & SSL_EXP_MASK;
+				}
+
+			if (ca_list[j]->algo_strength & SSL_STRONG_MASK)
+				{
+				if (algo_strength & SSL_STRONG_MASK)
+					{
+					algo_strength &= (ca_list[j]->algo_strength & SSL_STRONG_MASK) | ~SSL_STRONG_MASK;
+					if (!(algo_strength & SSL_STRONG_MASK)) { found = 0; break; }
+					}
+				else
+					algo_strength |= ca_list[j]->algo_strength & SSL_STRONG_MASK;
+				}
+			
+			if (ca_list[j]->valid)
+				{
+				/* explicit ciphersuite found; its protocol version
+				 * does not become part of the search pattern!*/
+
+				cipher_id = ca_list[j]->id;
+				}
+			else
+				{
+				/* not an explicit ciphersuite; only in this case, the
+				 * protocol version is considered part of the search pattern */
 
+				if (ca_list[j]->algorithm_ssl)
+					{
+					if (alg_ssl)
+						{
+						alg_ssl &= ca_list[j]->algorithm_ssl;
+						if (!alg_ssl) { found = 0; break; }
+						}
+					else
+						alg_ssl = ca_list[j]->algorithm_ssl;
+					}
+				}
+			
 			if (!multi) break;
 			}
 
@@ -756,8 +1241,7 @@ static int ssl_cipher_process_rulestr(const char *rule_str,
 			ok = 0;
 			if ((buflen == 8) &&
 				!strncmp(buf, "STRENGTH", 8))
-				ok = ssl_cipher_strength_sort(co_list,
-					head_p, tail_p);
+				ok = ssl_cipher_strength_sort(head_p, tail_p);
 			else
 				SSLerr(SSL_F_SSL_CIPHER_PROCESS_RULESTR,
 					SSL_R_INVALID_COMMAND);
@@ -769,18 +1253,18 @@ static int ssl_cipher_process_rulestr(const char *rule_str,
 			 * rest of the command, if any left, until
 			 * end or ':' is found.
 			 */
-			while ((*l != '\0') && ITEM_SEP(*l))
+			while ((*l != '\0') && !ITEM_SEP(*l))
 				l++;
 			}
 		else if (found)
 			{
-			ssl_cipher_apply_rule(algorithms, mask,
-				algo_strength, mask_strength, rule, -1,
-				co_list, head_p, tail_p);
+			ssl_cipher_apply_rule(cipher_id,
+				alg_mkey, alg_auth, alg_enc, alg_mac, alg_ssl, algo_strength,
+				rule, -1, head_p, tail_p);
 			}
 		else
 			{
-			while ((*l != '\0') && ITEM_SEP(*l))
+			while ((*l != '\0') && !ITEM_SEP(*l))
 				l++;
 			}
 		if (*l == '\0') break; /* done */
@@ -795,29 +1279,23 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method,
 		const char *rule_str)
 	{
 	int ok, num_of_ciphers, num_of_alias_max, num_of_group_aliases;
-	unsigned long disabled_mask;
-	STACK_OF(SSL_CIPHER) *cipherstack;
+	unsigned long disabled_mkey, disabled_auth, disabled_enc, disabled_mac, disabled_ssl;
+	STACK_OF(SSL_CIPHER) *cipherstack, *tmp_cipher_list;
 	const char *rule_p;
 	CIPHER_ORDER *co_list = NULL, *head = NULL, *tail = NULL, *curr;
-	SSL_CIPHER **ca_list = NULL;
+	const SSL_CIPHER **ca_list = NULL;
 
 	/*
 	 * Return with error if nothing to do.
 	 */
-	if (rule_str == NULL) return(NULL);
-
-	if (init_ciphers)
-		{
-		CRYPTO_w_lock(CRYPTO_LOCK_SSL);
-		if (init_ciphers) load_ciphers();
-		CRYPTO_w_unlock(CRYPTO_LOCK_SSL);
-		}
+	if (rule_str == NULL || cipher_list == NULL || cipher_list_by_id == NULL)
+		return NULL;
 
 	/*
 	 * To reduce the work to do we only want to process the compiled
 	 * in algorithms, so we first get the mask of disabled ciphers.
 	 */
-	disabled_mask = ssl_cipher_get_disabled();
+	ssl_cipher_get_disabled(&disabled_mkey, &disabled_auth, &disabled_enc, &disabled_mac, &disabled_ssl);
 
 	/*
 	 * Now we have to collect the available ciphers from the compiled
@@ -835,8 +1313,52 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method,
 		return(NULL);	/* Failure */
 		}
 
-	ssl_cipher_collect_ciphers(ssl_method, num_of_ciphers, disabled_mask,
-				   co_list, &head, &tail);
+	ssl_cipher_collect_ciphers(ssl_method, num_of_ciphers,
+	                           disabled_mkey, disabled_auth, disabled_enc, disabled_mac, disabled_ssl,
+	                           co_list, &head, &tail);
+
+
+	/* Now arrange all ciphers by preference: */
+
+	/* Everything else being equal, prefer ephemeral ECDH over other key exchange mechanisms */
+	ssl_cipher_apply_rule(0, SSL_kEECDH, 0, 0, 0, 0, 0, CIPHER_ADD, -1, &head, &tail);
+	ssl_cipher_apply_rule(0, SSL_kEECDH, 0, 0, 0, 0, 0, CIPHER_DEL, -1, &head, &tail);
+
+	/* AES is our preferred symmetric cipher */
+	ssl_cipher_apply_rule(0, 0, 0, SSL_AES, 0, 0, 0, CIPHER_ADD, -1, &head, &tail);
+
+	/* Temporarily enable everything else for sorting */
+	ssl_cipher_apply_rule(0, 0, 0, 0, 0, 0, 0, CIPHER_ADD, -1, &head, &tail);
+
+	/* Low priority for MD5 */
+	ssl_cipher_apply_rule(0, 0, 0, 0, SSL_MD5, 0, 0, CIPHER_ORD, -1, &head, &tail);
+
+	/* Move anonymous ciphers to the end.  Usually, these will remain disabled.
+	 * (For applications that allow them, they aren't too bad, but we prefer
+	 * authenticated ciphers.) */
+	ssl_cipher_apply_rule(0, 0, SSL_aNULL, 0, 0, 0, 0, CIPHER_ORD, -1, &head, &tail);
+
+	/* Move ciphers without forward secrecy to the end */
+	ssl_cipher_apply_rule(0, 0, SSL_aECDH, 0, 0, 0, 0, CIPHER_ORD, -1, &head, &tail);
+	/* ssl_cipher_apply_rule(0, 0, SSL_aDH, 0, 0, 0, 0, CIPHER_ORD, -1, &head, &tail); */
+	ssl_cipher_apply_rule(0, SSL_kRSA, 0, 0, 0, 0, 0, CIPHER_ORD, -1, &head, &tail);
+	ssl_cipher_apply_rule(0, SSL_kPSK, 0,0, 0, 0, 0, CIPHER_ORD, -1, &head, &tail);
+	ssl_cipher_apply_rule(0, SSL_kKRB5, 0,0, 0, 0, 0, CIPHER_ORD, -1, &head, &tail);
+
+	/* RC4 is sort-of broken -- move the the end */
+	ssl_cipher_apply_rule(0, 0, 0, SSL_RC4, 0, 0, 0, CIPHER_ORD, -1, &head, &tail);
+
+	/* Now sort by symmetric encryption strength.  The above ordering remains
+	 * in force within each class */
+	if (!ssl_cipher_strength_sort(&head, &tail))
+		{
+		OPENSSL_free(co_list);
+		return NULL;
+		}
+
+	/* Now disable everything (maintaining the ordering!) */
+	ssl_cipher_apply_rule(0, 0, 0, 0, 0, 0, 0, CIPHER_DEL, -1, &head, &tail);
+
 
 	/*
 	 * We also need cipher aliases for selecting based on the rule_str.
@@ -848,16 +1370,16 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method,
 	 */
 	num_of_group_aliases = sizeof(cipher_aliases) / sizeof(SSL_CIPHER);
 	num_of_alias_max = num_of_ciphers + num_of_group_aliases + 1;
-	ca_list =
-		(SSL_CIPHER **)OPENSSL_malloc(sizeof(SSL_CIPHER *) * num_of_alias_max);
+	ca_list = OPENSSL_malloc(sizeof(SSL_CIPHER *) * num_of_alias_max);
 	if (ca_list == NULL)
 		{
 		OPENSSL_free(co_list);
 		SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST,ERR_R_MALLOC_FAILURE);
 		return(NULL);	/* Failure */
 		}
-	ssl_cipher_collect_aliases(ca_list, num_of_group_aliases, disabled_mask,
-				   head);
+	ssl_cipher_collect_aliases(ca_list, num_of_group_aliases,
+	                           disabled_mkey, disabled_auth, disabled_enc,
+				   disabled_mac, disabled_ssl, head);
 
 	/*
 	 * If the rule_string begins with DEFAULT, apply the default rule
@@ -868,23 +1390,23 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method,
 	if (strncmp(rule_str,"DEFAULT",7) == 0)
 		{
 		ok = ssl_cipher_process_rulestr(SSL_DEFAULT_CIPHER_LIST,
-			co_list, &head, &tail, ca_list);
+			&head, &tail, ca_list);
 		rule_p += 7;
 		if (*rule_p == ':')
 			rule_p++;
 		}
 
 	if (ok && (strlen(rule_p) > 0))
-		ok = ssl_cipher_process_rulestr(rule_p, co_list, &head, &tail,
-						ca_list);
+		ok = ssl_cipher_process_rulestr(rule_p, &head, &tail, ca_list);
 
-	OPENSSL_free(ca_list);	/* Not needed anymore */
+	OPENSSL_free((void *)ca_list);	/* Not needed anymore */
 
 	if (!ok)
 		{	/* Rule processing failure */
 		OPENSSL_free(co_list);
 		return(NULL);
 		}
+	
 	/*
 	 * Allocate new "cipherstack" for the result, return with error
 	 * if we cannot get one.
@@ -911,64 +1433,42 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method,
 		}
 	OPENSSL_free(co_list);	/* Not needed any longer */
 
-	/*
-	 * The following passage is a little bit odd. If pointer variables
-	 * were supplied to hold STACK_OF(SSL_CIPHER) return information,
-	 * the old memory pointed to is free()ed. Then, however, the
-	 * cipher_list entry will be assigned just a copy of the returned
-	 * cipher stack. For cipher_list_by_id a copy of the cipher stack
-	 * will be created. See next comment...
-	 */
-	if (cipher_list != NULL)
-		{
-		if (*cipher_list != NULL)
-			sk_SSL_CIPHER_free(*cipher_list);
-		*cipher_list = cipherstack;
-		}
-
-	if (cipher_list_by_id != NULL)
-		{
-		if (*cipher_list_by_id != NULL)
-			sk_SSL_CIPHER_free(*cipher_list_by_id);
-		*cipher_list_by_id = sk_SSL_CIPHER_dup(cipherstack);
-		}
-
-	/*
-	 * Now it is getting really strange. If something failed during
-	 * the previous pointer assignment or if one of the pointers was
-	 * not requested, the error condition is met. That might be
-	 * discussable. The strange thing is however that in this case
-	 * the memory "ret" pointed to is "free()ed" and hence the pointer
-	 * cipher_list becomes wild. The memory reserved for
-	 * cipher_list_by_id however is not "free()ed" and stays intact.
-	 */
-	if (	(cipher_list_by_id == NULL) ||
-		(*cipher_list_by_id == NULL) ||
-		(cipher_list == NULL) ||
-		(*cipher_list == NULL))
+	tmp_cipher_list = sk_SSL_CIPHER_dup(cipherstack);
+	if (tmp_cipher_list == NULL)
 		{
 		sk_SSL_CIPHER_free(cipherstack);
-		return(NULL);
+		return NULL;
 		}
-
-	sk_SSL_CIPHER_set_cmp_func(*cipher_list_by_id,ssl_cipher_ptr_id_cmp);
-
+	if (*cipher_list != NULL)
+		sk_SSL_CIPHER_free(*cipher_list);
+	*cipher_list = cipherstack;
+	if (*cipher_list_by_id != NULL)
+		sk_SSL_CIPHER_free(*cipher_list_by_id);
+	*cipher_list_by_id = tmp_cipher_list;
+	(void)sk_SSL_CIPHER_set_cmp_func(*cipher_list_by_id,ssl_cipher_ptr_id_cmp);
+
+	sk_SSL_CIPHER_sort(*cipher_list_by_id);
 	return(cipherstack);
 	}
 
-char *SSL_CIPHER_description(SSL_CIPHER *cipher, char *buf, int len)
+char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)
 	{
 	int is_export,pkl,kl;
-	char *ver,*exp_str;
-	char *kx,*au,*enc,*mac;
-	unsigned long alg,alg2,alg_s;
+	const char *ver,*exp_str;
+	const char *kx,*au,*enc,*mac;
+	unsigned long alg_mkey,alg_auth,alg_enc,alg_mac,alg_ssl,alg2,alg_s;
 #ifdef KSSL_DEBUG
-	static char *format="%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s%s AL=%lx\n";
+	static const char *format="%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s%s AL=%lx/%lx/%lx/%lx/%lx\n";
 #else
-	static char *format="%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s%s\n";
+	static const char *format="%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s%s\n";
 #endif /* KSSL_DEBUG */
 
-	alg=cipher->algorithms;
+	alg_mkey = cipher->algorithm_mkey;
+	alg_auth = cipher->algorithm_auth;
+	alg_enc = cipher->algorithm_enc;
+	alg_mac = cipher->algorithm_mac;
+	alg_ssl = cipher->algorithm_ssl;
+
 	alg_s=cipher->algo_strength;
 	alg2=cipher->algorithm2;
 
@@ -977,14 +1477,14 @@ char *SSL_CIPHER_description(SSL_CIPHER *cipher, char *buf, int len)
 	kl=SSL_C_EXPORT_KEYLENGTH(cipher);
 	exp_str=is_export?" export":"";
 	
-	if (alg & SSL_SSLV2)
+	if (alg_ssl & SSL_SSLV2)
 		ver="SSLv2";
-	else if (alg & SSL_SSLV3)
+	else if (alg_ssl & SSL_SSLV3)
 		ver="SSLv3";
 	else
 		ver="unknown";
 
-	switch (alg&SSL_MKEY_MASK)
+	switch (alg_mkey)
 		{
 	case SSL_kRSA:
 		kx=is_export?(pkl == 512 ? "RSA(512)" : "RSA(1024)"):"RSA";
@@ -995,25 +1495,29 @@ char *SSL_CIPHER_description(SSL_CIPHER *cipher, char *buf, int len)
 	case SSL_kDHd:
 		kx="DH/DSS";
 		break;
-        case SSL_kKRB5:         /* VRS */
-        case SSL_KRB5:          /* VRS */
-            kx="KRB5";
-            break;
-	case SSL_kFZA:
-		kx="Fortezza";
+        case SSL_kKRB5:
+		kx="KRB5";
 		break;
 	case SSL_kEDH:
 		kx=is_export?(pkl == 512 ? "DH(512)" : "DH(1024)"):"DH";
 		break;
-	case SSL_kECDH:
-	case SSL_kECDHE:
-		kx=is_export?"ECDH(<=163)":"ECDH";
+	case SSL_kECDHr:
+		kx="ECDH/RSA";
+		break;
+	case SSL_kECDHe:
+		kx="ECDH/ECDSA";
+		break;
+	case SSL_kEECDH:
+		kx="ECDH";
+		break;
+	case SSL_kPSK:
+		kx="PSK";
 		break;
 	default:
 		kx="unknown";
 		}
 
-	switch (alg&SSL_AUTH_MASK)
+	switch (alg_auth)
 		{
 	case SSL_aRSA:
 		au="RSA";
@@ -1024,23 +1528,27 @@ char *SSL_CIPHER_description(SSL_CIPHER *cipher, char *buf, int len)
 	case SSL_aDH:
 		au="DH";
 		break;
-        case SSL_aKRB5:         /* VRS */
-        case SSL_KRB5:          /* VRS */
-            au="KRB5";
-            break;
-	case SSL_aFZA:
+        case SSL_aKRB5:
+		au="KRB5";
+		break;
+        case SSL_aECDH:
+		au="ECDH";
+		break;
 	case SSL_aNULL:
 		au="None";
 		break;
 	case SSL_aECDSA:
 		au="ECDSA";
 		break;
+	case SSL_aPSK:
+		au="PSK";
+		break;
 	default:
 		au="unknown";
 		break;
 		}
 
-	switch (alg&SSL_ENC_MASK)
+	switch (alg_enc)
 		{
 	case SSL_DES:
 		enc=(is_export && kl == 5)?"DES(40)":"DES(56)";
@@ -1058,27 +1566,30 @@ char *SSL_CIPHER_description(SSL_CIPHER *cipher, char *buf, int len)
 	case SSL_IDEA:
 		enc="IDEA(128)";
 		break;
-	case SSL_eFZA:
-		enc="Fortezza";
-		break;
 	case SSL_eNULL:
 		enc="None";
 		break;
-	case SSL_AES:
-		switch(cipher->strength_bits)
-			{
-		case 128: enc="AES(128)"; break;
-		case 192: enc="AES(192)"; break;
-		case 256: enc="AES(256)"; break;
-		default: enc="AES(?""?""?)"; break;
-			}
+	case SSL_AES128:
+		enc="AES(128)";
+		break;
+	case SSL_AES256:
+		enc="AES(256)";
+		break;
+	case SSL_CAMELLIA128:
+		enc="Camellia(128)";
+		break;
+	case SSL_CAMELLIA256:
+		enc="Camellia(256)";
+		break;
+	case SSL_SEED:
+		enc="SEED(128)";
 		break;
 	default:
 		enc="unknown";
 		break;
 		}
 
-	switch (alg&SSL_MAC_MASK)
+	switch (alg_mac)
 		{
 	case SSL_MD5:
 		mac="MD5";
@@ -1101,14 +1612,14 @@ char *SSL_CIPHER_description(SSL_CIPHER *cipher, char *buf, int len)
 		return("Buffer too small");
 
 #ifdef KSSL_DEBUG
-	BIO_snprintf(buf,len,format,cipher->name,ver,kx,au,enc,mac,exp_str,alg);
+	BIO_snprintf(buf,len,format,cipher->name,ver,kx,au,enc,mac,exp_str,alg_mkey,alg_auth,alg_enc,alg_mac,alg_ssl);
 #else
 	BIO_snprintf(buf,len,format,cipher->name,ver,kx,au,enc,mac,exp_str);
 #endif /* KSSL_DEBUG */
 	return(buf);
 	}
 
-char *SSL_CIPHER_get_version(SSL_CIPHER *c)
+char *SSL_CIPHER_get_version(const SSL_CIPHER *c)
 	{
 	int i;
 
@@ -1123,7 +1634,7 @@ char *SSL_CIPHER_get_version(SSL_CIPHER *c)
 	}
 
 /* return the actual cipher being used */
-const char *SSL_CIPHER_get_name(SSL_CIPHER *c)
+const char *SSL_CIPHER_get_name(const SSL_CIPHER *c)
 	{
 	if (c != NULL)
 		return(c->name);
@@ -1131,7 +1642,7 @@ const char *SSL_CIPHER_get_name(SSL_CIPHER *c)
 	}
 
 /* number of bits for symmetric cipher */
-int SSL_CIPHER_get_bits(SSL_CIPHER *c, int *alg_bits)
+int SSL_CIPHER_get_bits(const SSL_CIPHER *c, int *alg_bits)
 	{
 	int ret=0;
 
@@ -1159,6 +1670,21 @@ SSL_COMP *ssl3_comp_find(STACK_OF(SSL_COMP) *sk, int n)
 	return(NULL);
 	}
 
+#ifdef OPENSSL_NO_COMP
+void *SSL_COMP_get_compression_methods(void)
+	{
+	return NULL;
+	}
+int SSL_COMP_add_compression_method(int id, void *cm)
+	{
+	return 1;
+	}
+
+const char *SSL_COMP_get_name(const void *comp)
+	{
+	return NULL;
+	}
+#else
 STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void)
 	{
 	load_builtin_compressions();
@@ -1190,7 +1716,7 @@ int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm)
 	comp->method=cm;
 	load_builtin_compressions();
 	if (ssl_comp_methods
-		&& !sk_SSL_COMP_find(ssl_comp_methods,comp))
+		&& sk_SSL_COMP_find(ssl_comp_methods,comp) >= 0)
 		{
 		OPENSSL_free(comp);
 		MemCheck_on();
@@ -1219,3 +1745,4 @@ const char *SSL_COMP_get_name(const COMP_METHOD *comp)
 	return NULL;
 	}
 
+#endif
diff --git a/ssl/ssl_err.c b/ssl/ssl_err.c
index 359ea45b94..0eed464749 100644
--- a/ssl/ssl_err.c
+++ b/ssl/ssl_err.c
@@ -1,6 +1,6 @@
 /* ssl/ssl_err.c */
 /* ====================================================================
- * Copyright (c) 1999-2003 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2009 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -64,392 +64,495 @@
 
 /* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
+
+#define ERR_FUNC(func) ERR_PACK(ERR_LIB_SSL,func,0)
+#define ERR_REASON(reason) ERR_PACK(ERR_LIB_SSL,0,reason)
+
 static ERR_STRING_DATA SSL_str_functs[]=
 	{
-{ERR_PACK(0,SSL_F_CLIENT_CERTIFICATE,0),	"CLIENT_CERTIFICATE"},
-{ERR_PACK(0,SSL_F_CLIENT_FINISHED,0),	"CLIENT_FINISHED"},
-{ERR_PACK(0,SSL_F_CLIENT_HELLO,0),	"CLIENT_HELLO"},
-{ERR_PACK(0,SSL_F_CLIENT_MASTER_KEY,0),	"CLIENT_MASTER_KEY"},
-{ERR_PACK(0,SSL_F_D2I_SSL_SESSION,0),	"d2i_SSL_SESSION"},
-{ERR_PACK(0,SSL_F_DO_SSL3_WRITE,0),	"DO_SSL3_WRITE"},
-{ERR_PACK(0,SSL_F_GET_CLIENT_FINISHED,0),	"GET_CLIENT_FINISHED"},
-{ERR_PACK(0,SSL_F_GET_CLIENT_HELLO,0),	"GET_CLIENT_HELLO"},
-{ERR_PACK(0,SSL_F_GET_CLIENT_MASTER_KEY,0),	"GET_CLIENT_MASTER_KEY"},
-{ERR_PACK(0,SSL_F_GET_SERVER_FINISHED,0),	"GET_SERVER_FINISHED"},
-{ERR_PACK(0,SSL_F_GET_SERVER_HELLO,0),	"GET_SERVER_HELLO"},
-{ERR_PACK(0,SSL_F_GET_SERVER_VERIFY,0),	"GET_SERVER_VERIFY"},
-{ERR_PACK(0,SSL_F_I2D_SSL_SESSION,0),	"i2d_SSL_SESSION"},
-{ERR_PACK(0,SSL_F_READ_N,0),	"READ_N"},
-{ERR_PACK(0,SSL_F_REQUEST_CERTIFICATE,0),	"REQUEST_CERTIFICATE"},
-{ERR_PACK(0,SSL_F_SERVER_FINISH,0),	"SERVER_FINISH"},
-{ERR_PACK(0,SSL_F_SERVER_HELLO,0),	"SERVER_HELLO"},
-{ERR_PACK(0,SSL_F_SERVER_VERIFY,0),	"SERVER_VERIFY"},
-{ERR_PACK(0,SSL_F_SSL23_ACCEPT,0),	"SSL23_ACCEPT"},
-{ERR_PACK(0,SSL_F_SSL23_CLIENT_HELLO,0),	"SSL23_CLIENT_HELLO"},
-{ERR_PACK(0,SSL_F_SSL23_CONNECT,0),	"SSL23_CONNECT"},
-{ERR_PACK(0,SSL_F_SSL23_GET_CLIENT_HELLO,0),	"SSL23_GET_CLIENT_HELLO"},
-{ERR_PACK(0,SSL_F_SSL23_GET_SERVER_HELLO,0),	"SSL23_GET_SERVER_HELLO"},
-{ERR_PACK(0,SSL_F_SSL23_PEEK,0),	"SSL23_PEEK"},
-{ERR_PACK(0,SSL_F_SSL23_READ,0),	"SSL23_READ"},
-{ERR_PACK(0,SSL_F_SSL23_WRITE,0),	"SSL23_WRITE"},
-{ERR_PACK(0,SSL_F_SSL2_ACCEPT,0),	"SSL2_ACCEPT"},
-{ERR_PACK(0,SSL_F_SSL2_CONNECT,0),	"SSL2_CONNECT"},
-{ERR_PACK(0,SSL_F_SSL2_ENC_INIT,0),	"SSL2_ENC_INIT"},
-{ERR_PACK(0,SSL_F_SSL2_GENERATE_KEY_MATERIAL,0),	"SSL2_GENERATE_KEY_MATERIAL"},
-{ERR_PACK(0,SSL_F_SSL2_PEEK,0),	"SSL2_PEEK"},
-{ERR_PACK(0,SSL_F_SSL2_READ,0),	"SSL2_READ"},
-{ERR_PACK(0,SSL_F_SSL2_READ_INTERNAL,0),	"SSL2_READ_INTERNAL"},
-{ERR_PACK(0,SSL_F_SSL2_SET_CERTIFICATE,0),	"SSL2_SET_CERTIFICATE"},
-{ERR_PACK(0,SSL_F_SSL2_WRITE,0),	"SSL2_WRITE"},
-{ERR_PACK(0,SSL_F_SSL3_ACCEPT,0),	"SSL3_ACCEPT"},
-{ERR_PACK(0,SSL_F_SSL3_CALLBACK_CTRL,0),	"SSL3_CALLBACK_CTRL"},
-{ERR_PACK(0,SSL_F_SSL3_CHANGE_CIPHER_STATE,0),	"SSL3_CHANGE_CIPHER_STATE"},
-{ERR_PACK(0,SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,0),	"SSL3_CHECK_CERT_AND_ALGORITHM"},
-{ERR_PACK(0,SSL_F_SSL3_CLIENT_HELLO,0),	"SSL3_CLIENT_HELLO"},
-{ERR_PACK(0,SSL_F_SSL3_CONNECT,0),	"SSL3_CONNECT"},
-{ERR_PACK(0,SSL_F_SSL3_CTRL,0),	"SSL3_CTRL"},
-{ERR_PACK(0,SSL_F_SSL3_CTX_CTRL,0),	"SSL3_CTX_CTRL"},
-{ERR_PACK(0,SSL_F_SSL3_ENC,0),	"SSL3_ENC"},
-{ERR_PACK(0,SSL_F_SSL3_GENERATE_KEY_BLOCK,0),	"SSL3_GENERATE_KEY_BLOCK"},
-{ERR_PACK(0,SSL_F_SSL3_GET_CERTIFICATE_REQUEST,0),	"SSL3_GET_CERTIFICATE_REQUEST"},
-{ERR_PACK(0,SSL_F_SSL3_GET_CERT_VERIFY,0),	"SSL3_GET_CERT_VERIFY"},
-{ERR_PACK(0,SSL_F_SSL3_GET_CLIENT_CERTIFICATE,0),	"SSL3_GET_CLIENT_CERTIFICATE"},
-{ERR_PACK(0,SSL_F_SSL3_GET_CLIENT_HELLO,0),	"SSL3_GET_CLIENT_HELLO"},
-{ERR_PACK(0,SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,0),	"SSL3_GET_CLIENT_KEY_EXCHANGE"},
-{ERR_PACK(0,SSL_F_SSL3_GET_FINISHED,0),	"SSL3_GET_FINISHED"},
-{ERR_PACK(0,SSL_F_SSL3_GET_KEY_EXCHANGE,0),	"SSL3_GET_KEY_EXCHANGE"},
-{ERR_PACK(0,SSL_F_SSL3_GET_MESSAGE,0),	"SSL3_GET_MESSAGE"},
-{ERR_PACK(0,SSL_F_SSL3_GET_RECORD,0),	"SSL3_GET_RECORD"},
-{ERR_PACK(0,SSL_F_SSL3_GET_SERVER_CERTIFICATE,0),	"SSL3_GET_SERVER_CERTIFICATE"},
-{ERR_PACK(0,SSL_F_SSL3_GET_SERVER_DONE,0),	"SSL3_GET_SERVER_DONE"},
-{ERR_PACK(0,SSL_F_SSL3_GET_SERVER_HELLO,0),	"SSL3_GET_SERVER_HELLO"},
-{ERR_PACK(0,SSL_F_SSL3_OUTPUT_CERT_CHAIN,0),	"SSL3_OUTPUT_CERT_CHAIN"},
-{ERR_PACK(0,SSL_F_SSL3_PEEK,0),	"SSL3_PEEK"},
-{ERR_PACK(0,SSL_F_SSL3_READ_BYTES,0),	"SSL3_READ_BYTES"},
-{ERR_PACK(0,SSL_F_SSL3_READ_N,0),	"SSL3_READ_N"},
-{ERR_PACK(0,SSL_F_SSL3_SEND_CERTIFICATE_REQUEST,0),	"SSL3_SEND_CERTIFICATE_REQUEST"},
-{ERR_PACK(0,SSL_F_SSL3_SEND_CLIENT_CERTIFICATE,0),	"SSL3_SEND_CLIENT_CERTIFICATE"},
-{ERR_PACK(0,SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,0),	"SSL3_SEND_CLIENT_KEY_EXCHANGE"},
-{ERR_PACK(0,SSL_F_SSL3_SEND_CLIENT_VERIFY,0),	"SSL3_SEND_CLIENT_VERIFY"},
-{ERR_PACK(0,SSL_F_SSL3_SEND_SERVER_CERTIFICATE,0),	"SSL3_SEND_SERVER_CERTIFICATE"},
-{ERR_PACK(0,SSL_F_SSL3_SEND_SERVER_HELLO,0),	"SSL3_SEND_SERVER_HELLO"},
-{ERR_PACK(0,SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,0),	"SSL3_SEND_SERVER_KEY_EXCHANGE"},
-{ERR_PACK(0,SSL_F_SSL3_SETUP_BUFFERS,0),	"SSL3_SETUP_BUFFERS"},
-{ERR_PACK(0,SSL_F_SSL3_SETUP_KEY_BLOCK,0),	"SSL3_SETUP_KEY_BLOCK"},
-{ERR_PACK(0,SSL_F_SSL3_WRITE_BYTES,0),	"SSL3_WRITE_BYTES"},
-{ERR_PACK(0,SSL_F_SSL3_WRITE_PENDING,0),	"SSL3_WRITE_PENDING"},
-{ERR_PACK(0,SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK,0),	"SSL_add_dir_cert_subjects_to_stack"},
-{ERR_PACK(0,SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK,0),	"SSL_add_file_cert_subjects_to_stack"},
-{ERR_PACK(0,SSL_F_SSL_BAD_METHOD,0),	"SSL_BAD_METHOD"},
-{ERR_PACK(0,SSL_F_SSL_BYTES_TO_CIPHER_LIST,0),	"SSL_BYTES_TO_CIPHER_LIST"},
-{ERR_PACK(0,SSL_F_SSL_CERT_DUP,0),	"SSL_CERT_DUP"},
-{ERR_PACK(0,SSL_F_SSL_CERT_INST,0),	"SSL_CERT_INST"},
-{ERR_PACK(0,SSL_F_SSL_CERT_INSTANTIATE,0),	"SSL_CERT_INSTANTIATE"},
-{ERR_PACK(0,SSL_F_SSL_CERT_NEW,0),	"SSL_CERT_NEW"},
-{ERR_PACK(0,SSL_F_SSL_CHECK_PRIVATE_KEY,0),	"SSL_check_private_key"},
-{ERR_PACK(0,SSL_F_SSL_CIPHER_PROCESS_RULESTR,0),	"SSL_CIPHER_PROCESS_RULESTR"},
-{ERR_PACK(0,SSL_F_SSL_CIPHER_STRENGTH_SORT,0),	"SSL_CIPHER_STRENGTH_SORT"},
-{ERR_PACK(0,SSL_F_SSL_CLEAR,0),	"SSL_clear"},
-{ERR_PACK(0,SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD,0),	"SSL_COMP_add_compression_method"},
-{ERR_PACK(0,SSL_F_SSL_CREATE_CIPHER_LIST,0),	"SSL_CREATE_CIPHER_LIST"},
-{ERR_PACK(0,SSL_F_SSL_CTRL,0),	"SSL_ctrl"},
-{ERR_PACK(0,SSL_F_SSL_CTX_CHECK_PRIVATE_KEY,0),	"SSL_CTX_check_private_key"},
-{ERR_PACK(0,SSL_F_SSL_CTX_NEW,0),	"SSL_CTX_new"},
-{ERR_PACK(0,SSL_F_SSL_CTX_SET_PURPOSE,0),	"SSL_CTX_set_purpose"},
-{ERR_PACK(0,SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT,0),	"SSL_CTX_set_session_id_context"},
-{ERR_PACK(0,SSL_F_SSL_CTX_SET_SSL_VERSION,0),	"SSL_CTX_set_ssl_version"},
-{ERR_PACK(0,SSL_F_SSL_CTX_SET_TRUST,0),	"SSL_CTX_set_trust"},
-{ERR_PACK(0,SSL_F_SSL_CTX_USE_CERTIFICATE,0),	"SSL_CTX_use_certificate"},
-{ERR_PACK(0,SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1,0),	"SSL_CTX_use_certificate_ASN1"},
-{ERR_PACK(0,SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE,0),	"SSL_CTX_use_certificate_chain_file"},
-{ERR_PACK(0,SSL_F_SSL_CTX_USE_CERTIFICATE_FILE,0),	"SSL_CTX_use_certificate_file"},
-{ERR_PACK(0,SSL_F_SSL_CTX_USE_PRIVATEKEY,0),	"SSL_CTX_use_PrivateKey"},
-{ERR_PACK(0,SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1,0),	"SSL_CTX_use_PrivateKey_ASN1"},
-{ERR_PACK(0,SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE,0),	"SSL_CTX_use_PrivateKey_file"},
-{ERR_PACK(0,SSL_F_SSL_CTX_USE_RSAPRIVATEKEY,0),	"SSL_CTX_use_RSAPrivateKey"},
-{ERR_PACK(0,SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1,0),	"SSL_CTX_use_RSAPrivateKey_ASN1"},
-{ERR_PACK(0,SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE,0),	"SSL_CTX_use_RSAPrivateKey_file"},
-{ERR_PACK(0,SSL_F_SSL_DO_HANDSHAKE,0),	"SSL_do_handshake"},
-{ERR_PACK(0,SSL_F_SSL_GET_NEW_SESSION,0),	"SSL_GET_NEW_SESSION"},
-{ERR_PACK(0,SSL_F_SSL_GET_PREV_SESSION,0),	"SSL_GET_PREV_SESSION"},
-{ERR_PACK(0,SSL_F_SSL_GET_SERVER_SEND_CERT,0),	"SSL_GET_SERVER_SEND_CERT"},
-{ERR_PACK(0,SSL_F_SSL_GET_SIGN_PKEY,0),	"SSL_GET_SIGN_PKEY"},
-{ERR_PACK(0,SSL_F_SSL_INIT_WBIO_BUFFER,0),	"SSL_INIT_WBIO_BUFFER"},
-{ERR_PACK(0,SSL_F_SSL_LOAD_CLIENT_CA_FILE,0),	"SSL_load_client_CA_file"},
-{ERR_PACK(0,SSL_F_SSL_NEW,0),	"SSL_new"},
-{ERR_PACK(0,SSL_F_SSL_READ,0),	"SSL_read"},
-{ERR_PACK(0,SSL_F_SSL_RSA_PRIVATE_DECRYPT,0),	"SSL_RSA_PRIVATE_DECRYPT"},
-{ERR_PACK(0,SSL_F_SSL_RSA_PUBLIC_ENCRYPT,0),	"SSL_RSA_PUBLIC_ENCRYPT"},
-{ERR_PACK(0,SSL_F_SSL_SESSION_NEW,0),	"SSL_SESSION_new"},
-{ERR_PACK(0,SSL_F_SSL_SESSION_PRINT_FP,0),	"SSL_SESSION_print_fp"},
-{ERR_PACK(0,SSL_F_SSL_SESS_CERT_NEW,0),	"SSL_SESS_CERT_NEW"},
-{ERR_PACK(0,SSL_F_SSL_SET_CERT,0),	"SSL_SET_CERT"},
-{ERR_PACK(0,SSL_F_SSL_SET_FD,0),	"SSL_set_fd"},
-{ERR_PACK(0,SSL_F_SSL_SET_PKEY,0),	"SSL_SET_PKEY"},
-{ERR_PACK(0,SSL_F_SSL_SET_PURPOSE,0),	"SSL_set_purpose"},
-{ERR_PACK(0,SSL_F_SSL_SET_RFD,0),	"SSL_set_rfd"},
-{ERR_PACK(0,SSL_F_SSL_SET_SESSION,0),	"SSL_set_session"},
-{ERR_PACK(0,SSL_F_SSL_SET_SESSION_ID_CONTEXT,0),	"SSL_set_session_id_context"},
-{ERR_PACK(0,SSL_F_SSL_SET_TRUST,0),	"SSL_set_trust"},
-{ERR_PACK(0,SSL_F_SSL_SET_WFD,0),	"SSL_set_wfd"},
-{ERR_PACK(0,SSL_F_SSL_SHUTDOWN,0),	"SSL_shutdown"},
-{ERR_PACK(0,SSL_F_SSL_UNDEFINED_FUNCTION,0),	"SSL_UNDEFINED_FUNCTION"},
-{ERR_PACK(0,SSL_F_SSL_USE_CERTIFICATE,0),	"SSL_use_certificate"},
-{ERR_PACK(0,SSL_F_SSL_USE_CERTIFICATE_ASN1,0),	"SSL_use_certificate_ASN1"},
-{ERR_PACK(0,SSL_F_SSL_USE_CERTIFICATE_FILE,0),	"SSL_use_certificate_file"},
-{ERR_PACK(0,SSL_F_SSL_USE_PRIVATEKEY,0),	"SSL_use_PrivateKey"},
-{ERR_PACK(0,SSL_F_SSL_USE_PRIVATEKEY_ASN1,0),	"SSL_use_PrivateKey_ASN1"},
-{ERR_PACK(0,SSL_F_SSL_USE_PRIVATEKEY_FILE,0),	"SSL_use_PrivateKey_file"},
-{ERR_PACK(0,SSL_F_SSL_USE_RSAPRIVATEKEY,0),	"SSL_use_RSAPrivateKey"},
-{ERR_PACK(0,SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1,0),	"SSL_use_RSAPrivateKey_ASN1"},
-{ERR_PACK(0,SSL_F_SSL_USE_RSAPRIVATEKEY_FILE,0),	"SSL_use_RSAPrivateKey_file"},
-{ERR_PACK(0,SSL_F_SSL_VERIFY_CERT_CHAIN,0),	"SSL_VERIFY_CERT_CHAIN"},
-{ERR_PACK(0,SSL_F_SSL_WRITE,0),	"SSL_write"},
-{ERR_PACK(0,SSL_F_TLS1_CHANGE_CIPHER_STATE,0),	"TLS1_CHANGE_CIPHER_STATE"},
-{ERR_PACK(0,SSL_F_TLS1_ENC,0),	"TLS1_ENC"},
-{ERR_PACK(0,SSL_F_TLS1_SETUP_KEY_BLOCK,0),	"TLS1_SETUP_KEY_BLOCK"},
-{ERR_PACK(0,SSL_F_WRITE_PENDING,0),	"WRITE_PENDING"},
+{ERR_FUNC(SSL_F_CLIENT_CERTIFICATE),	"CLIENT_CERTIFICATE"},
+{ERR_FUNC(SSL_F_CLIENT_FINISHED),	"CLIENT_FINISHED"},
+{ERR_FUNC(SSL_F_CLIENT_HELLO),	"CLIENT_HELLO"},
+{ERR_FUNC(SSL_F_CLIENT_MASTER_KEY),	"CLIENT_MASTER_KEY"},
+{ERR_FUNC(SSL_F_D2I_SSL_SESSION),	"d2i_SSL_SESSION"},
+{ERR_FUNC(SSL_F_DO_DTLS1_WRITE),	"DO_DTLS1_WRITE"},
+{ERR_FUNC(SSL_F_DO_SSL3_WRITE),	"DO_SSL3_WRITE"},
+{ERR_FUNC(SSL_F_DTLS1_ACCEPT),	"DTLS1_ACCEPT"},
+{ERR_FUNC(SSL_F_DTLS1_ADD_CERT_TO_BUF),	"DTLS1_ADD_CERT_TO_BUF"},
+{ERR_FUNC(SSL_F_DTLS1_BUFFER_RECORD),	"DTLS1_BUFFER_RECORD"},
+{ERR_FUNC(SSL_F_DTLS1_CLIENT_HELLO),	"DTLS1_CLIENT_HELLO"},
+{ERR_FUNC(SSL_F_DTLS1_CONNECT),	"DTLS1_CONNECT"},
+{ERR_FUNC(SSL_F_DTLS1_ENC),	"DTLS1_ENC"},
+{ERR_FUNC(SSL_F_DTLS1_GET_HELLO_VERIFY),	"DTLS1_GET_HELLO_VERIFY"},
+{ERR_FUNC(SSL_F_DTLS1_GET_MESSAGE),	"DTLS1_GET_MESSAGE"},
+{ERR_FUNC(SSL_F_DTLS1_GET_MESSAGE_FRAGMENT),	"DTLS1_GET_MESSAGE_FRAGMENT"},
+{ERR_FUNC(SSL_F_DTLS1_GET_RECORD),	"DTLS1_GET_RECORD"},
+{ERR_FUNC(SSL_F_DTLS1_HANDLE_TIMEOUT),	"DTLS1_HANDLE_TIMEOUT"},
+{ERR_FUNC(SSL_F_DTLS1_OUTPUT_CERT_CHAIN),	"DTLS1_OUTPUT_CERT_CHAIN"},
+{ERR_FUNC(SSL_F_DTLS1_PREPROCESS_FRAGMENT),	"DTLS1_PREPROCESS_FRAGMENT"},
+{ERR_FUNC(SSL_F_DTLS1_PROCESS_OUT_OF_SEQ_MESSAGE),	"DTLS1_PROCESS_OUT_OF_SEQ_MESSAGE"},
+{ERR_FUNC(SSL_F_DTLS1_PROCESS_RECORD),	"DTLS1_PROCESS_RECORD"},
+{ERR_FUNC(SSL_F_DTLS1_READ_BYTES),	"DTLS1_READ_BYTES"},
+{ERR_FUNC(SSL_F_DTLS1_READ_FAILED),	"DTLS1_READ_FAILED"},
+{ERR_FUNC(SSL_F_DTLS1_SEND_CERTIFICATE_REQUEST),	"DTLS1_SEND_CERTIFICATE_REQUEST"},
+{ERR_FUNC(SSL_F_DTLS1_SEND_CLIENT_CERTIFICATE),	"DTLS1_SEND_CLIENT_CERTIFICATE"},
+{ERR_FUNC(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE),	"DTLS1_SEND_CLIENT_KEY_EXCHANGE"},
+{ERR_FUNC(SSL_F_DTLS1_SEND_CLIENT_VERIFY),	"DTLS1_SEND_CLIENT_VERIFY"},
+{ERR_FUNC(SSL_F_DTLS1_SEND_HELLO_VERIFY_REQUEST),	"DTLS1_SEND_HELLO_VERIFY_REQUEST"},
+{ERR_FUNC(SSL_F_DTLS1_SEND_SERVER_CERTIFICATE),	"DTLS1_SEND_SERVER_CERTIFICATE"},
+{ERR_FUNC(SSL_F_DTLS1_SEND_SERVER_HELLO),	"DTLS1_SEND_SERVER_HELLO"},
+{ERR_FUNC(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE),	"DTLS1_SEND_SERVER_KEY_EXCHANGE"},
+{ERR_FUNC(SSL_F_DTLS1_WRITE_APP_DATA_BYTES),	"DTLS1_WRITE_APP_DATA_BYTES"},
+{ERR_FUNC(SSL_F_GET_CLIENT_FINISHED),	"GET_CLIENT_FINISHED"},
+{ERR_FUNC(SSL_F_GET_CLIENT_HELLO),	"GET_CLIENT_HELLO"},
+{ERR_FUNC(SSL_F_GET_CLIENT_MASTER_KEY),	"GET_CLIENT_MASTER_KEY"},
+{ERR_FUNC(SSL_F_GET_SERVER_FINISHED),	"GET_SERVER_FINISHED"},
+{ERR_FUNC(SSL_F_GET_SERVER_HELLO),	"GET_SERVER_HELLO"},
+{ERR_FUNC(SSL_F_GET_SERVER_VERIFY),	"GET_SERVER_VERIFY"},
+{ERR_FUNC(SSL_F_I2D_SSL_SESSION),	"i2d_SSL_SESSION"},
+{ERR_FUNC(SSL_F_READ_N),	"READ_N"},
+{ERR_FUNC(SSL_F_REQUEST_CERTIFICATE),	"REQUEST_CERTIFICATE"},
+{ERR_FUNC(SSL_F_SERVER_FINISH),	"SERVER_FINISH"},
+{ERR_FUNC(SSL_F_SERVER_HELLO),	"SERVER_HELLO"},
+{ERR_FUNC(SSL_F_SERVER_VERIFY),	"SERVER_VERIFY"},
+{ERR_FUNC(SSL_F_SSL23_ACCEPT),	"SSL23_ACCEPT"},
+{ERR_FUNC(SSL_F_SSL23_CLIENT_HELLO),	"SSL23_CLIENT_HELLO"},
+{ERR_FUNC(SSL_F_SSL23_CONNECT),	"SSL23_CONNECT"},
+{ERR_FUNC(SSL_F_SSL23_GET_CLIENT_HELLO),	"SSL23_GET_CLIENT_HELLO"},
+{ERR_FUNC(SSL_F_SSL23_GET_SERVER_HELLO),	"SSL23_GET_SERVER_HELLO"},
+{ERR_FUNC(SSL_F_SSL23_PEEK),	"SSL23_PEEK"},
+{ERR_FUNC(SSL_F_SSL23_READ),	"SSL23_READ"},
+{ERR_FUNC(SSL_F_SSL23_WRITE),	"SSL23_WRITE"},
+{ERR_FUNC(SSL_F_SSL2_ACCEPT),	"SSL2_ACCEPT"},
+{ERR_FUNC(SSL_F_SSL2_CONNECT),	"SSL2_CONNECT"},
+{ERR_FUNC(SSL_F_SSL2_ENC_INIT),	"SSL2_ENC_INIT"},
+{ERR_FUNC(SSL_F_SSL2_GENERATE_KEY_MATERIAL),	"SSL2_GENERATE_KEY_MATERIAL"},
+{ERR_FUNC(SSL_F_SSL2_PEEK),	"SSL2_PEEK"},
+{ERR_FUNC(SSL_F_SSL2_READ),	"SSL2_READ"},
+{ERR_FUNC(SSL_F_SSL2_READ_INTERNAL),	"SSL2_READ_INTERNAL"},
+{ERR_FUNC(SSL_F_SSL2_SET_CERTIFICATE),	"SSL2_SET_CERTIFICATE"},
+{ERR_FUNC(SSL_F_SSL2_WRITE),	"SSL2_WRITE"},
+{ERR_FUNC(SSL_F_SSL3_ACCEPT),	"SSL3_ACCEPT"},
+{ERR_FUNC(SSL_F_SSL3_ADD_CERT_TO_BUF),	"SSL3_ADD_CERT_TO_BUF"},
+{ERR_FUNC(SSL_F_SSL3_CALLBACK_CTRL),	"SSL3_CALLBACK_CTRL"},
+{ERR_FUNC(SSL_F_SSL3_CHANGE_CIPHER_STATE),	"SSL3_CHANGE_CIPHER_STATE"},
+{ERR_FUNC(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM),	"SSL3_CHECK_CERT_AND_ALGORITHM"},
+{ERR_FUNC(SSL_F_SSL3_CLIENT_HELLO),	"SSL3_CLIENT_HELLO"},
+{ERR_FUNC(SSL_F_SSL3_CONNECT),	"SSL3_CONNECT"},
+{ERR_FUNC(SSL_F_SSL3_CTRL),	"SSL3_CTRL"},
+{ERR_FUNC(SSL_F_SSL3_CTX_CTRL),	"SSL3_CTX_CTRL"},
+{ERR_FUNC(SSL_F_SSL3_DIGEST_CACHED_RECORDS),	"SSL3_DIGEST_CACHED_RECORDS"},
+{ERR_FUNC(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC),	"SSL3_DO_CHANGE_CIPHER_SPEC"},
+{ERR_FUNC(SSL_F_SSL3_ENC),	"SSL3_ENC"},
+{ERR_FUNC(SSL_F_SSL3_GENERATE_KEY_BLOCK),	"SSL3_GENERATE_KEY_BLOCK"},
+{ERR_FUNC(SSL_F_SSL3_GET_CERTIFICATE_REQUEST),	"SSL3_GET_CERTIFICATE_REQUEST"},
+{ERR_FUNC(SSL_F_SSL3_GET_CERT_STATUS),	"SSL3_GET_CERT_STATUS"},
+{ERR_FUNC(SSL_F_SSL3_GET_CERT_VERIFY),	"SSL3_GET_CERT_VERIFY"},
+{ERR_FUNC(SSL_F_SSL3_GET_CLIENT_CERTIFICATE),	"SSL3_GET_CLIENT_CERTIFICATE"},
+{ERR_FUNC(SSL_F_SSL3_GET_CLIENT_HELLO),	"SSL3_GET_CLIENT_HELLO"},
+{ERR_FUNC(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE),	"SSL3_GET_CLIENT_KEY_EXCHANGE"},
+{ERR_FUNC(SSL_F_SSL3_GET_FINISHED),	"SSL3_GET_FINISHED"},
+{ERR_FUNC(SSL_F_SSL3_GET_KEY_EXCHANGE),	"SSL3_GET_KEY_EXCHANGE"},
+{ERR_FUNC(SSL_F_SSL3_GET_MESSAGE),	"SSL3_GET_MESSAGE"},
+{ERR_FUNC(SSL_F_SSL3_GET_NEW_SESSION_TICKET),	"SSL3_GET_NEW_SESSION_TICKET"},
+{ERR_FUNC(SSL_F_SSL3_GET_RECORD),	"SSL3_GET_RECORD"},
+{ERR_FUNC(SSL_F_SSL3_GET_SERVER_CERTIFICATE),	"SSL3_GET_SERVER_CERTIFICATE"},
+{ERR_FUNC(SSL_F_SSL3_GET_SERVER_DONE),	"SSL3_GET_SERVER_DONE"},
+{ERR_FUNC(SSL_F_SSL3_GET_SERVER_HELLO),	"SSL3_GET_SERVER_HELLO"},
+{ERR_FUNC(SSL_F_SSL3_HANDSHAKE_MAC),	"ssl3_handshake_mac"},
+{ERR_FUNC(SSL_F_SSL3_NEW_SESSION_TICKET),	"SSL3_NEW_SESSION_TICKET"},
+{ERR_FUNC(SSL_F_SSL3_OUTPUT_CERT_CHAIN),	"SSL3_OUTPUT_CERT_CHAIN"},
+{ERR_FUNC(SSL_F_SSL3_PEEK),	"SSL3_PEEK"},
+{ERR_FUNC(SSL_F_SSL3_READ_BYTES),	"SSL3_READ_BYTES"},
+{ERR_FUNC(SSL_F_SSL3_READ_N),	"SSL3_READ_N"},
+{ERR_FUNC(SSL_F_SSL3_SEND_CERTIFICATE_REQUEST),	"SSL3_SEND_CERTIFICATE_REQUEST"},
+{ERR_FUNC(SSL_F_SSL3_SEND_CLIENT_CERTIFICATE),	"SSL3_SEND_CLIENT_CERTIFICATE"},
+{ERR_FUNC(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE),	"SSL3_SEND_CLIENT_KEY_EXCHANGE"},
+{ERR_FUNC(SSL_F_SSL3_SEND_CLIENT_VERIFY),	"SSL3_SEND_CLIENT_VERIFY"},
+{ERR_FUNC(SSL_F_SSL3_SEND_SERVER_CERTIFICATE),	"SSL3_SEND_SERVER_CERTIFICATE"},
+{ERR_FUNC(SSL_F_SSL3_SEND_SERVER_HELLO),	"SSL3_SEND_SERVER_HELLO"},
+{ERR_FUNC(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE),	"SSL3_SEND_SERVER_KEY_EXCHANGE"},
+{ERR_FUNC(SSL_F_SSL3_SETUP_KEY_BLOCK),	"SSL3_SETUP_KEY_BLOCK"},
+{ERR_FUNC(SSL_F_SSL3_SETUP_READ_BUFFER),	"SSL3_SETUP_READ_BUFFER"},
+{ERR_FUNC(SSL_F_SSL3_SETUP_WRITE_BUFFER),	"SSL3_SETUP_WRITE_BUFFER"},
+{ERR_FUNC(SSL_F_SSL3_WRITE_BYTES),	"SSL3_WRITE_BYTES"},
+{ERR_FUNC(SSL_F_SSL3_WRITE_PENDING),	"SSL3_WRITE_PENDING"},
+{ERR_FUNC(SSL_F_SSL_ADD_CLIENTHELLO_RENEGOTIATE_EXT),	"SSL_ADD_CLIENTHELLO_RENEGOTIATE_EXT"},
+{ERR_FUNC(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT),	"SSL_ADD_CLIENTHELLO_TLSEXT"},
+{ERR_FUNC(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK),	"SSL_add_dir_cert_subjects_to_stack"},
+{ERR_FUNC(SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK),	"SSL_add_file_cert_subjects_to_stack"},
+{ERR_FUNC(SSL_F_SSL_ADD_SERVERHELLO_RENEGOTIATE_EXT),	"SSL_ADD_SERVERHELLO_RENEGOTIATE_EXT"},
+{ERR_FUNC(SSL_F_SSL_ADD_SERVERHELLO_TLSEXT),	"SSL_ADD_SERVERHELLO_TLSEXT"},
+{ERR_FUNC(SSL_F_SSL_BAD_METHOD),	"SSL_BAD_METHOD"},
+{ERR_FUNC(SSL_F_SSL_BYTES_TO_CIPHER_LIST),	"SSL_BYTES_TO_CIPHER_LIST"},
+{ERR_FUNC(SSL_F_SSL_CERT_DUP),	"SSL_CERT_DUP"},
+{ERR_FUNC(SSL_F_SSL_CERT_INST),	"SSL_CERT_INST"},
+{ERR_FUNC(SSL_F_SSL_CERT_INSTANTIATE),	"SSL_CERT_INSTANTIATE"},
+{ERR_FUNC(SSL_F_SSL_CERT_NEW),	"SSL_CERT_NEW"},
+{ERR_FUNC(SSL_F_SSL_CHECK_PRIVATE_KEY),	"SSL_check_private_key"},
+{ERR_FUNC(SSL_F_SSL_CHECK_SERVERHELLO_TLSEXT),	"SSL_CHECK_SERVERHELLO_TLSEXT"},
+{ERR_FUNC(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG),	"SSL_CHECK_SRVR_ECC_CERT_AND_ALG"},
+{ERR_FUNC(SSL_F_SSL_CIPHER_PROCESS_RULESTR),	"SSL_CIPHER_PROCESS_RULESTR"},
+{ERR_FUNC(SSL_F_SSL_CIPHER_STRENGTH_SORT),	"SSL_CIPHER_STRENGTH_SORT"},
+{ERR_FUNC(SSL_F_SSL_CLEAR),	"SSL_clear"},
+{ERR_FUNC(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD),	"SSL_COMP_add_compression_method"},
+{ERR_FUNC(SSL_F_SSL_CREATE_CIPHER_LIST),	"SSL_CREATE_CIPHER_LIST"},
+{ERR_FUNC(SSL_F_SSL_CTRL),	"SSL_ctrl"},
+{ERR_FUNC(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY),	"SSL_CTX_check_private_key"},
+{ERR_FUNC(SSL_F_SSL_CTX_NEW),	"SSL_CTX_new"},
+{ERR_FUNC(SSL_F_SSL_CTX_SET_CIPHER_LIST),	"SSL_CTX_set_cipher_list"},
+{ERR_FUNC(SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE),	"SSL_CTX_set_client_cert_engine"},
+{ERR_FUNC(SSL_F_SSL_CTX_SET_PURPOSE),	"SSL_CTX_set_purpose"},
+{ERR_FUNC(SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT),	"SSL_CTX_set_session_id_context"},
+{ERR_FUNC(SSL_F_SSL_CTX_SET_SSL_VERSION),	"SSL_CTX_set_ssl_version"},
+{ERR_FUNC(SSL_F_SSL_CTX_SET_TRUST),	"SSL_CTX_set_trust"},
+{ERR_FUNC(SSL_F_SSL_CTX_USE_CERTIFICATE),	"SSL_CTX_use_certificate"},
+{ERR_FUNC(SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1),	"SSL_CTX_use_certificate_ASN1"},
+{ERR_FUNC(SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE),	"SSL_CTX_use_certificate_chain_file"},
+{ERR_FUNC(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE),	"SSL_CTX_use_certificate_file"},
+{ERR_FUNC(SSL_F_SSL_CTX_USE_PRIVATEKEY),	"SSL_CTX_use_PrivateKey"},
+{ERR_FUNC(SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1),	"SSL_CTX_use_PrivateKey_ASN1"},
+{ERR_FUNC(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE),	"SSL_CTX_use_PrivateKey_file"},
+{ERR_FUNC(SSL_F_SSL_CTX_USE_PSK_IDENTITY_HINT),	"SSL_CTX_use_psk_identity_hint"},
+{ERR_FUNC(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY),	"SSL_CTX_use_RSAPrivateKey"},
+{ERR_FUNC(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1),	"SSL_CTX_use_RSAPrivateKey_ASN1"},
+{ERR_FUNC(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE),	"SSL_CTX_use_RSAPrivateKey_file"},
+{ERR_FUNC(SSL_F_SSL_DO_HANDSHAKE),	"SSL_do_handshake"},
+{ERR_FUNC(SSL_F_SSL_GET_NEW_SESSION),	"SSL_GET_NEW_SESSION"},
+{ERR_FUNC(SSL_F_SSL_GET_PREV_SESSION),	"SSL_GET_PREV_SESSION"},
+{ERR_FUNC(SSL_F_SSL_GET_SERVER_SEND_CERT),	"SSL_GET_SERVER_SEND_CERT"},
+{ERR_FUNC(SSL_F_SSL_GET_SIGN_PKEY),	"SSL_GET_SIGN_PKEY"},
+{ERR_FUNC(SSL_F_SSL_INIT_WBIO_BUFFER),	"SSL_INIT_WBIO_BUFFER"},
+{ERR_FUNC(SSL_F_SSL_LOAD_CLIENT_CA_FILE),	"SSL_load_client_CA_file"},
+{ERR_FUNC(SSL_F_SSL_NEW),	"SSL_new"},
+{ERR_FUNC(SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT),	"SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT"},
+{ERR_FUNC(SSL_F_SSL_PARSE_CLIENTHELLO_TLSEXT),	"SSL_PARSE_CLIENTHELLO_TLSEXT"},
+{ERR_FUNC(SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT),	"SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT"},
+{ERR_FUNC(SSL_F_SSL_PARSE_SERVERHELLO_TLSEXT),	"SSL_PARSE_SERVERHELLO_TLSEXT"},
+{ERR_FUNC(SSL_F_SSL_PEEK),	"SSL_peek"},
+{ERR_FUNC(SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT),	"SSL_PREPARE_CLIENTHELLO_TLSEXT"},
+{ERR_FUNC(SSL_F_SSL_PREPARE_SERVERHELLO_TLSEXT),	"SSL_PREPARE_SERVERHELLO_TLSEXT"},
+{ERR_FUNC(SSL_F_SSL_READ),	"SSL_read"},
+{ERR_FUNC(SSL_F_SSL_RSA_PRIVATE_DECRYPT),	"SSL_RSA_PRIVATE_DECRYPT"},
+{ERR_FUNC(SSL_F_SSL_RSA_PUBLIC_ENCRYPT),	"SSL_RSA_PUBLIC_ENCRYPT"},
+{ERR_FUNC(SSL_F_SSL_SESSION_NEW),	"SSL_SESSION_new"},
+{ERR_FUNC(SSL_F_SSL_SESSION_PRINT_FP),	"SSL_SESSION_print_fp"},
+{ERR_FUNC(SSL_F_SSL_SESS_CERT_NEW),	"SSL_SESS_CERT_NEW"},
+{ERR_FUNC(SSL_F_SSL_SET_CERT),	"SSL_SET_CERT"},
+{ERR_FUNC(SSL_F_SSL_SET_CIPHER_LIST),	"SSL_set_cipher_list"},
+{ERR_FUNC(SSL_F_SSL_SET_FD),	"SSL_set_fd"},
+{ERR_FUNC(SSL_F_SSL_SET_PKEY),	"SSL_SET_PKEY"},
+{ERR_FUNC(SSL_F_SSL_SET_PURPOSE),	"SSL_set_purpose"},
+{ERR_FUNC(SSL_F_SSL_SET_RFD),	"SSL_set_rfd"},
+{ERR_FUNC(SSL_F_SSL_SET_SESSION),	"SSL_set_session"},
+{ERR_FUNC(SSL_F_SSL_SET_SESSION_ID_CONTEXT),	"SSL_set_session_id_context"},
+{ERR_FUNC(SSL_F_SSL_SET_SESSION_TICKET_EXT),	"SSL_set_session_ticket_ext"},
+{ERR_FUNC(SSL_F_SSL_SET_TRUST),	"SSL_set_trust"},
+{ERR_FUNC(SSL_F_SSL_SET_WFD),	"SSL_set_wfd"},
+{ERR_FUNC(SSL_F_SSL_SHUTDOWN),	"SSL_shutdown"},
+{ERR_FUNC(SSL_F_SSL_UNDEFINED_CONST_FUNCTION),	"SSL_UNDEFINED_CONST_FUNCTION"},
+{ERR_FUNC(SSL_F_SSL_UNDEFINED_FUNCTION),	"SSL_UNDEFINED_FUNCTION"},
+{ERR_FUNC(SSL_F_SSL_UNDEFINED_VOID_FUNCTION),	"SSL_UNDEFINED_VOID_FUNCTION"},
+{ERR_FUNC(SSL_F_SSL_USE_CERTIFICATE),	"SSL_use_certificate"},
+{ERR_FUNC(SSL_F_SSL_USE_CERTIFICATE_ASN1),	"SSL_use_certificate_ASN1"},
+{ERR_FUNC(SSL_F_SSL_USE_CERTIFICATE_FILE),	"SSL_use_certificate_file"},
+{ERR_FUNC(SSL_F_SSL_USE_PRIVATEKEY),	"SSL_use_PrivateKey"},
+{ERR_FUNC(SSL_F_SSL_USE_PRIVATEKEY_ASN1),	"SSL_use_PrivateKey_ASN1"},
+{ERR_FUNC(SSL_F_SSL_USE_PRIVATEKEY_FILE),	"SSL_use_PrivateKey_file"},
+{ERR_FUNC(SSL_F_SSL_USE_PSK_IDENTITY_HINT),	"SSL_use_psk_identity_hint"},
+{ERR_FUNC(SSL_F_SSL_USE_RSAPRIVATEKEY),	"SSL_use_RSAPrivateKey"},
+{ERR_FUNC(SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1),	"SSL_use_RSAPrivateKey_ASN1"},
+{ERR_FUNC(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE),	"SSL_use_RSAPrivateKey_file"},
+{ERR_FUNC(SSL_F_SSL_VERIFY_CERT_CHAIN),	"SSL_VERIFY_CERT_CHAIN"},
+{ERR_FUNC(SSL_F_SSL_WRITE),	"SSL_write"},
+{ERR_FUNC(SSL_F_TLS1_CERT_VERIFY_MAC),	"tls1_cert_verify_mac"},
+{ERR_FUNC(SSL_F_TLS1_CHANGE_CIPHER_STATE),	"TLS1_CHANGE_CIPHER_STATE"},
+{ERR_FUNC(SSL_F_TLS1_CHECK_SERVERHELLO_TLSEXT),	"TLS1_CHECK_SERVERHELLO_TLSEXT"},
+{ERR_FUNC(SSL_F_TLS1_ENC),	"TLS1_ENC"},
+{ERR_FUNC(SSL_F_TLS1_PREPARE_CLIENTHELLO_TLSEXT),	"TLS1_PREPARE_CLIENTHELLO_TLSEXT"},
+{ERR_FUNC(SSL_F_TLS1_PREPARE_SERVERHELLO_TLSEXT),	"TLS1_PREPARE_SERVERHELLO_TLSEXT"},
+{ERR_FUNC(SSL_F_TLS1_PRF),	"tls1_prf"},
+{ERR_FUNC(SSL_F_TLS1_SETUP_KEY_BLOCK),	"TLS1_SETUP_KEY_BLOCK"},
+{ERR_FUNC(SSL_F_WRITE_PENDING),	"WRITE_PENDING"},
 {0,NULL}
 	};
 
 static ERR_STRING_DATA SSL_str_reasons[]=
 	{
-{SSL_R_APP_DATA_IN_HANDSHAKE             ,"app data in handshake"},
-{SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT,"attempt to reuse session in different context"},
-{SSL_R_BAD_ALERT_RECORD                  ,"bad alert record"},
-{SSL_R_BAD_AUTHENTICATION_TYPE           ,"bad authentication type"},
-{SSL_R_BAD_CHANGE_CIPHER_SPEC            ,"bad change cipher spec"},
-{SSL_R_BAD_CHECKSUM                      ,"bad checksum"},
-{SSL_R_BAD_DATA_RETURNED_BY_CALLBACK     ,"bad data returned by callback"},
-{SSL_R_BAD_DECOMPRESSION                 ,"bad decompression"},
-{SSL_R_BAD_DH_G_LENGTH                   ,"bad dh g length"},
-{SSL_R_BAD_DH_PUB_KEY_LENGTH             ,"bad dh pub key length"},
-{SSL_R_BAD_DH_P_LENGTH                   ,"bad dh p length"},
-{SSL_R_BAD_DIGEST_LENGTH                 ,"bad digest length"},
-{SSL_R_BAD_DSA_SIGNATURE                 ,"bad dsa signature"},
-{SSL_R_BAD_ECC_CERT                      ,"bad ecc cert"},
-{SSL_R_BAD_ECDSA_SIGNATURE               ,"bad ecdsa signature"},
-{SSL_R_BAD_ECPOINT                       ,"bad ecpoint"},
-{SSL_R_BAD_HELLO_REQUEST                 ,"bad hello request"},
-{SSL_R_BAD_LENGTH                        ,"bad length"},
-{SSL_R_BAD_MAC_DECODE                    ,"bad mac decode"},
-{SSL_R_BAD_MESSAGE_TYPE                  ,"bad message type"},
-{SSL_R_BAD_PACKET_LENGTH                 ,"bad packet length"},
-{SSL_R_BAD_PROTOCOL_VERSION_NUMBER       ,"bad protocol version number"},
-{SSL_R_BAD_RESPONSE_ARGUMENT             ,"bad response argument"},
-{SSL_R_BAD_RSA_DECRYPT                   ,"bad rsa decrypt"},
-{SSL_R_BAD_RSA_ENCRYPT                   ,"bad rsa encrypt"},
-{SSL_R_BAD_RSA_E_LENGTH                  ,"bad rsa e length"},
-{SSL_R_BAD_RSA_MODULUS_LENGTH            ,"bad rsa modulus length"},
-{SSL_R_BAD_RSA_SIGNATURE                 ,"bad rsa signature"},
-{SSL_R_BAD_SIGNATURE                     ,"bad signature"},
-{SSL_R_BAD_SSL_FILETYPE                  ,"bad ssl filetype"},
-{SSL_R_BAD_SSL_SESSION_ID_LENGTH         ,"bad ssl session id length"},
-{SSL_R_BAD_STATE                         ,"bad state"},
-{SSL_R_BAD_WRITE_RETRY                   ,"bad write retry"},
-{SSL_R_BIO_NOT_SET                       ,"bio not set"},
-{SSL_R_BLOCK_CIPHER_PAD_IS_WRONG         ,"block cipher pad is wrong"},
-{SSL_R_BN_LIB                            ,"bn lib"},
-{SSL_R_CA_DN_LENGTH_MISMATCH             ,"ca dn length mismatch"},
-{SSL_R_CA_DN_TOO_LONG                    ,"ca dn too long"},
-{SSL_R_CCS_RECEIVED_EARLY                ,"ccs received early"},
-{SSL_R_CERTIFICATE_VERIFY_FAILED         ,"certificate verify failed"},
-{SSL_R_CERT_LENGTH_MISMATCH              ,"cert length mismatch"},
-{SSL_R_CHALLENGE_IS_DIFFERENT            ,"challenge is different"},
-{SSL_R_CIPHER_CODE_WRONG_LENGTH          ,"cipher code wrong length"},
-{SSL_R_CIPHER_OR_HASH_UNAVAILABLE        ,"cipher or hash unavailable"},
-{SSL_R_CIPHER_TABLE_SRC_ERROR            ,"cipher table src error"},
-{SSL_R_COMPRESSED_LENGTH_TOO_LONG        ,"compressed length too long"},
-{SSL_R_COMPRESSION_FAILURE               ,"compression failure"},
-{SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE,"compression id not within private range"},
-{SSL_R_COMPRESSION_LIBRARY_ERROR         ,"compression library error"},
-{SSL_R_CONNECTION_ID_IS_DIFFERENT        ,"connection id is different"},
-{SSL_R_CONNECTION_TYPE_NOT_SET           ,"connection type not set"},
-{SSL_R_DATA_BETWEEN_CCS_AND_FINISHED     ,"data between ccs and finished"},
-{SSL_R_DATA_LENGTH_TOO_LONG              ,"data length too long"},
-{SSL_R_DECRYPTION_FAILED                 ,"decryption failed"},
-{SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC,"decryption failed or bad record mac"},
-{SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG   ,"dh public value length is wrong"},
-{SSL_R_DIGEST_CHECK_FAILED               ,"digest check failed"},
-{SSL_R_DUPLICATE_COMPRESSION_ID          ,"duplicate compression id"},
-{SSL_R_ECGROUP_TOO_LARGE_FOR_CIPHER      ,"ecgroup too large for cipher"},
-{SSL_R_ENCRYPTED_LENGTH_TOO_LONG         ,"encrypted length too long"},
-{SSL_R_ERROR_GENERATING_TMP_RSA_KEY      ,"error generating tmp rsa key"},
-{SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST     ,"error in received cipher list"},
-{SSL_R_EXCESSIVE_MESSAGE_SIZE            ,"excessive message size"},
-{SSL_R_EXTRA_DATA_IN_MESSAGE             ,"extra data in message"},
-{SSL_R_GOT_A_FIN_BEFORE_A_CCS            ,"got a fin before a ccs"},
-{SSL_R_HTTPS_PROXY_REQUEST               ,"https proxy request"},
-{SSL_R_HTTP_REQUEST                      ,"http request"},
-{SSL_R_ILLEGAL_PADDING                   ,"illegal padding"},
-{SSL_R_INVALID_CHALLENGE_LENGTH          ,"invalid challenge length"},
-{SSL_R_INVALID_COMMAND                   ,"invalid command"},
-{SSL_R_INVALID_PURPOSE                   ,"invalid purpose"},
-{SSL_R_INVALID_TRUST                     ,"invalid trust"},
-{SSL_R_KEY_ARG_TOO_LONG                  ,"key arg too long"},
-{SSL_R_KRB5                              ,"krb5"},
-{SSL_R_KRB5_C_CC_PRINC                   ,"krb5 client cc principal (no tkt?)"},
-{SSL_R_KRB5_C_GET_CRED                   ,"krb5 client get cred"},
-{SSL_R_KRB5_C_INIT                       ,"krb5 client init"},
-{SSL_R_KRB5_C_MK_REQ                     ,"krb5 client mk_req (expired tkt?)"},
-{SSL_R_KRB5_S_BAD_TICKET                 ,"krb5 server bad ticket"},
-{SSL_R_KRB5_S_INIT                       ,"krb5 server init"},
-{SSL_R_KRB5_S_RD_REQ                     ,"krb5 server rd_req (keytab perms?)"},
-{SSL_R_KRB5_S_TKT_EXPIRED                ,"krb5 server tkt expired"},
-{SSL_R_KRB5_S_TKT_NYV                    ,"krb5 server tkt not yet valid"},
-{SSL_R_KRB5_S_TKT_SKEW                   ,"krb5 server tkt skew"},
-{SSL_R_LENGTH_MISMATCH                   ,"length mismatch"},
-{SSL_R_LENGTH_TOO_SHORT                  ,"length too short"},
-{SSL_R_LIBRARY_BUG                       ,"library bug"},
-{SSL_R_LIBRARY_HAS_NO_CIPHERS            ,"library has no ciphers"},
-{SSL_R_MASTER_KEY_TOO_LONG               ,"master key too long"},
-{SSL_R_MESSAGE_TOO_LONG                  ,"message too long"},
-{SSL_R_MISSING_DH_DSA_CERT               ,"missing dh dsa cert"},
-{SSL_R_MISSING_DH_KEY                    ,"missing dh key"},
-{SSL_R_MISSING_DH_RSA_CERT               ,"missing dh rsa cert"},
-{SSL_R_MISSING_DSA_SIGNING_CERT          ,"missing dsa signing cert"},
-{SSL_R_MISSING_EXPORT_TMP_DH_KEY         ,"missing export tmp dh key"},
-{SSL_R_MISSING_EXPORT_TMP_RSA_KEY        ,"missing export tmp rsa key"},
-{SSL_R_MISSING_RSA_CERTIFICATE           ,"missing rsa certificate"},
-{SSL_R_MISSING_RSA_ENCRYPTING_CERT       ,"missing rsa encrypting cert"},
-{SSL_R_MISSING_RSA_SIGNING_CERT          ,"missing rsa signing cert"},
-{SSL_R_MISSING_TMP_DH_KEY                ,"missing tmp dh key"},
-{SSL_R_MISSING_TMP_ECDH_KEY              ,"missing tmp ecdh key"},
-{SSL_R_MISSING_TMP_RSA_KEY               ,"missing tmp rsa key"},
-{SSL_R_MISSING_TMP_RSA_PKEY              ,"missing tmp rsa pkey"},
-{SSL_R_MISSING_VERIFY_MESSAGE            ,"missing verify message"},
-{SSL_R_NON_SSLV2_INITIAL_PACKET          ,"non sslv2 initial packet"},
-{SSL_R_NO_CERTIFICATES_RETURNED          ,"no certificates returned"},
-{SSL_R_NO_CERTIFICATE_ASSIGNED           ,"no certificate assigned"},
-{SSL_R_NO_CERTIFICATE_RETURNED           ,"no certificate returned"},
-{SSL_R_NO_CERTIFICATE_SET                ,"no certificate set"},
-{SSL_R_NO_CERTIFICATE_SPECIFIED          ,"no certificate specified"},
-{SSL_R_NO_CIPHERS_AVAILABLE              ,"no ciphers available"},
-{SSL_R_NO_CIPHERS_PASSED                 ,"no ciphers passed"},
-{SSL_R_NO_CIPHERS_SPECIFIED              ,"no ciphers specified"},
-{SSL_R_NO_CIPHER_LIST                    ,"no cipher list"},
-{SSL_R_NO_CIPHER_MATCH                   ,"no cipher match"},
-{SSL_R_NO_CLIENT_CERT_RECEIVED           ,"no client cert received"},
-{SSL_R_NO_COMPRESSION_SPECIFIED          ,"no compression specified"},
-{SSL_R_NO_METHOD_SPECIFIED               ,"no method specified"},
-{SSL_R_NO_PRIVATEKEY                     ,"no privatekey"},
-{SSL_R_NO_PRIVATE_KEY_ASSIGNED           ,"no private key assigned"},
-{SSL_R_NO_PROTOCOLS_AVAILABLE            ,"no protocols available"},
-{SSL_R_NO_PUBLICKEY                      ,"no publickey"},
-{SSL_R_NO_SHARED_CIPHER                  ,"no shared cipher"},
-{SSL_R_NO_VERIFY_CALLBACK                ,"no verify callback"},
-{SSL_R_NULL_SSL_CTX                      ,"null ssl ctx"},
-{SSL_R_NULL_SSL_METHOD_PASSED            ,"null ssl method passed"},
-{SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED   ,"old session cipher not returned"},
-{SSL_R_PACKET_LENGTH_TOO_LONG            ,"packet length too long"},
-{SSL_R_PATH_TOO_LONG                     ,"path too long"},
-{SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE ,"peer did not return a certificate"},
-{SSL_R_PEER_ERROR                        ,"peer error"},
-{SSL_R_PEER_ERROR_CERTIFICATE            ,"peer error certificate"},
-{SSL_R_PEER_ERROR_NO_CERTIFICATE         ,"peer error no certificate"},
-{SSL_R_PEER_ERROR_NO_CIPHER              ,"peer error no cipher"},
-{SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE,"peer error unsupported certificate type"},
-{SSL_R_PRE_MAC_LENGTH_TOO_LONG           ,"pre mac length too long"},
-{SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS ,"problems mapping cipher functions"},
-{SSL_R_PROTOCOL_IS_SHUTDOWN              ,"protocol is shutdown"},
-{SSL_R_PUBLIC_KEY_ENCRYPT_ERROR          ,"public key encrypt error"},
-{SSL_R_PUBLIC_KEY_IS_NOT_RSA             ,"public key is not rsa"},
-{SSL_R_PUBLIC_KEY_NOT_RSA                ,"public key not rsa"},
-{SSL_R_READ_BIO_NOT_SET                  ,"read bio not set"},
-{SSL_R_READ_WRONG_PACKET_TYPE            ,"read wrong packet type"},
-{SSL_R_RECORD_LENGTH_MISMATCH            ,"record length mismatch"},
-{SSL_R_RECORD_TOO_LARGE                  ,"record too large"},
-{SSL_R_RECORD_TOO_SMALL                  ,"record too small"},
-{SSL_R_REQUIRED_CIPHER_MISSING           ,"required cipher missing"},
-{SSL_R_REUSE_CERT_LENGTH_NOT_ZERO        ,"reuse cert length not zero"},
-{SSL_R_REUSE_CERT_TYPE_NOT_ZERO          ,"reuse cert type not zero"},
-{SSL_R_REUSE_CIPHER_LIST_NOT_ZERO        ,"reuse cipher list not zero"},
-{SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED  ,"session id context uninitialized"},
-{SSL_R_SHORT_READ                        ,"short read"},
-{SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE,"signature for non signing certificate"},
-{SSL_R_SSL23_DOING_SESSION_ID_REUSE      ,"ssl23 doing session id reuse"},
-{SSL_R_SSL2_CONNECTION_ID_TOO_LONG       ,"ssl2 connection id too long"},
-{SSL_R_SSL3_SESSION_ID_TOO_LONG          ,"ssl3 session id too long"},
-{SSL_R_SSL3_SESSION_ID_TOO_SHORT         ,"ssl3 session id too short"},
-{SSL_R_SSLV3_ALERT_BAD_CERTIFICATE       ,"sslv3 alert bad certificate"},
-{SSL_R_SSLV3_ALERT_BAD_RECORD_MAC        ,"sslv3 alert bad record mac"},
-{SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED   ,"sslv3 alert certificate expired"},
-{SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED   ,"sslv3 alert certificate revoked"},
-{SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN   ,"sslv3 alert certificate unknown"},
-{SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE ,"sslv3 alert decompression failure"},
-{SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE     ,"sslv3 alert handshake failure"},
-{SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER     ,"sslv3 alert illegal parameter"},
-{SSL_R_SSLV3_ALERT_NO_CERTIFICATE        ,"sslv3 alert no certificate"},
-{SSL_R_SSLV3_ALERT_PEER_ERROR_CERTIFICATE,"sslv3 alert peer error certificate"},
-{SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CERTIFICATE,"sslv3 alert peer error no certificate"},
-{SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CIPHER  ,"sslv3 alert peer error no cipher"},
-{SSL_R_SSLV3_ALERT_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE,"sslv3 alert peer error unsupported certificate type"},
-{SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE    ,"sslv3 alert unexpected message"},
-{SSL_R_SSLV3_ALERT_UNKNOWN_REMOTE_ERROR_TYPE,"sslv3 alert unknown remote error type"},
-{SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE,"sslv3 alert unsupported certificate"},
-{SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION,"ssl ctx has no default ssl version"},
-{SSL_R_SSL_HANDSHAKE_FAILURE             ,"ssl handshake failure"},
-{SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS        ,"ssl library has no ciphers"},
-{SSL_R_SSL_SESSION_ID_CALLBACK_FAILED    ,"ssl session id callback failed"},
-{SSL_R_SSL_SESSION_ID_CONFLICT           ,"ssl session id conflict"},
-{SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG   ,"ssl session id context too long"},
-{SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH     ,"ssl session id has bad length"},
-{SSL_R_SSL_SESSION_ID_IS_DIFFERENT       ,"ssl session id is different"},
-{SSL_R_TLSV1_ALERT_ACCESS_DENIED         ,"tlsv1 alert access denied"},
-{SSL_R_TLSV1_ALERT_DECODE_ERROR          ,"tlsv1 alert decode error"},
-{SSL_R_TLSV1_ALERT_DECRYPTION_FAILED     ,"tlsv1 alert decryption failed"},
-{SSL_R_TLSV1_ALERT_DECRYPT_ERROR         ,"tlsv1 alert decrypt error"},
-{SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION    ,"tlsv1 alert export restriction"},
-{SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY ,"tlsv1 alert insufficient security"},
-{SSL_R_TLSV1_ALERT_INTERNAL_ERROR        ,"tlsv1 alert internal error"},
-{SSL_R_TLSV1_ALERT_NO_RENEGOTIATION      ,"tlsv1 alert no renegotiation"},
-{SSL_R_TLSV1_ALERT_PROTOCOL_VERSION      ,"tlsv1 alert protocol version"},
-{SSL_R_TLSV1_ALERT_RECORD_OVERFLOW       ,"tlsv1 alert record overflow"},
-{SSL_R_TLSV1_ALERT_UNKNOWN_CA            ,"tlsv1 alert unknown ca"},
-{SSL_R_TLSV1_ALERT_USER_CANCELLED        ,"tlsv1 alert user cancelled"},
-{SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER,"tls client cert req with anon cipher"},
-{SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST,"tls peer did not respond with certificate list"},
-{SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG,"tls rsa encrypted value length is wrong"},
-{SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER   ,"tried to use unsupported cipher"},
-{SSL_R_UNABLE_TO_DECODE_DH_CERTS         ,"unable to decode dh certs"},
-{SSL_R_UNABLE_TO_DECODE_ECDH_CERTS       ,"unable to decode ecdh certs"},
-{SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY      ,"unable to extract public key"},
-{SSL_R_UNABLE_TO_FIND_DH_PARAMETERS      ,"unable to find dh parameters"},
-{SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS    ,"unable to find ecdh parameters"},
-{SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS,"unable to find public key parameters"},
-{SSL_R_UNABLE_TO_FIND_SSL_METHOD         ,"unable to find ssl method"},
-{SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES  ,"unable to load ssl2 md5 routines"},
-{SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES  ,"unable to load ssl3 md5 routines"},
-{SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES ,"unable to load ssl3 sha1 routines"},
-{SSL_R_UNEXPECTED_MESSAGE                ,"unexpected message"},
-{SSL_R_UNEXPECTED_RECORD                 ,"unexpected record"},
-{SSL_R_UNINITIALIZED                     ,"uninitialized"},
-{SSL_R_UNKNOWN_ALERT_TYPE                ,"unknown alert type"},
-{SSL_R_UNKNOWN_CERTIFICATE_TYPE          ,"unknown certificate type"},
-{SSL_R_UNKNOWN_CIPHER_RETURNED           ,"unknown cipher returned"},
-{SSL_R_UNKNOWN_CIPHER_TYPE               ,"unknown cipher type"},
-{SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE         ,"unknown key exchange type"},
-{SSL_R_UNKNOWN_PKEY_TYPE                 ,"unknown pkey type"},
-{SSL_R_UNKNOWN_PROTOCOL                  ,"unknown protocol"},
-{SSL_R_UNKNOWN_REMOTE_ERROR_TYPE         ,"unknown remote error type"},
-{SSL_R_UNKNOWN_SSL_VERSION               ,"unknown ssl version"},
-{SSL_R_UNKNOWN_STATE                     ,"unknown state"},
-{SSL_R_UNSUPPORTED_CIPHER                ,"unsupported cipher"},
-{SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM ,"unsupported compression algorithm"},
-{SSL_R_UNSUPPORTED_ELLIPTIC_CURVE        ,"unsupported elliptic curve"},
-{SSL_R_UNSUPPORTED_OPTION                ,"unsupported option"},
-{SSL_R_UNSUPPORTED_PROTOCOL              ,"unsupported protocol"},
-{SSL_R_UNSUPPORTED_SSL_VERSION           ,"unsupported ssl version"},
-{SSL_R_WRITE_BIO_NOT_SET                 ,"write bio not set"},
-{SSL_R_WRONG_CIPHER_RETURNED             ,"wrong cipher returned"},
-{SSL_R_WRONG_MESSAGE_TYPE                ,"wrong message type"},
-{SSL_R_WRONG_NUMBER_OF_KEY_BITS          ,"wrong number of key bits"},
-{SSL_R_WRONG_SIGNATURE_LENGTH            ,"wrong signature length"},
-{SSL_R_WRONG_SIGNATURE_SIZE              ,"wrong signature size"},
-{SSL_R_WRONG_SSL_VERSION                 ,"wrong ssl version"},
-{SSL_R_WRONG_VERSION_NUMBER              ,"wrong version number"},
-{SSL_R_X509_LIB                          ,"x509 lib"},
-{SSL_R_X509_VERIFICATION_SETUP_PROBLEMS  ,"x509 verification setup problems"},
+{ERR_REASON(SSL_R_APP_DATA_IN_HANDSHAKE) ,"app data in handshake"},
+{ERR_REASON(SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT),"attempt to reuse session in different context"},
+{ERR_REASON(SSL_R_BAD_ALERT_RECORD)      ,"bad alert record"},
+{ERR_REASON(SSL_R_BAD_AUTHENTICATION_TYPE),"bad authentication type"},
+{ERR_REASON(SSL_R_BAD_CHANGE_CIPHER_SPEC),"bad change cipher spec"},
+{ERR_REASON(SSL_R_BAD_CHECKSUM)          ,"bad checksum"},
+{ERR_REASON(SSL_R_BAD_DATA_RETURNED_BY_CALLBACK),"bad data returned by callback"},
+{ERR_REASON(SSL_R_BAD_DECOMPRESSION)     ,"bad decompression"},
+{ERR_REASON(SSL_R_BAD_DH_G_LENGTH)       ,"bad dh g length"},
+{ERR_REASON(SSL_R_BAD_DH_PUB_KEY_LENGTH) ,"bad dh pub key length"},
+{ERR_REASON(SSL_R_BAD_DH_P_LENGTH)       ,"bad dh p length"},
+{ERR_REASON(SSL_R_BAD_DIGEST_LENGTH)     ,"bad digest length"},
+{ERR_REASON(SSL_R_BAD_DSA_SIGNATURE)     ,"bad dsa signature"},
+{ERR_REASON(SSL_R_BAD_ECC_CERT)          ,"bad ecc cert"},
+{ERR_REASON(SSL_R_BAD_ECDSA_SIGNATURE)   ,"bad ecdsa signature"},
+{ERR_REASON(SSL_R_BAD_ECPOINT)           ,"bad ecpoint"},
+{ERR_REASON(SSL_R_BAD_HANDSHAKE_LENGTH)  ,"bad handshake length"},
+{ERR_REASON(SSL_R_BAD_HELLO_REQUEST)     ,"bad hello request"},
+{ERR_REASON(SSL_R_BAD_LENGTH)            ,"bad length"},
+{ERR_REASON(SSL_R_BAD_MAC_DECODE)        ,"bad mac decode"},
+{ERR_REASON(SSL_R_BAD_MAC_LENGTH)        ,"bad mac length"},
+{ERR_REASON(SSL_R_BAD_MESSAGE_TYPE)      ,"bad message type"},
+{ERR_REASON(SSL_R_BAD_PACKET_LENGTH)     ,"bad packet length"},
+{ERR_REASON(SSL_R_BAD_PROTOCOL_VERSION_NUMBER),"bad protocol version number"},
+{ERR_REASON(SSL_R_BAD_PSK_IDENTITY_HINT_LENGTH),"bad psk identity hint length"},
+{ERR_REASON(SSL_R_BAD_RESPONSE_ARGUMENT) ,"bad response argument"},
+{ERR_REASON(SSL_R_BAD_RSA_DECRYPT)       ,"bad rsa decrypt"},
+{ERR_REASON(SSL_R_BAD_RSA_ENCRYPT)       ,"bad rsa encrypt"},
+{ERR_REASON(SSL_R_BAD_RSA_E_LENGTH)      ,"bad rsa e length"},
+{ERR_REASON(SSL_R_BAD_RSA_MODULUS_LENGTH),"bad rsa modulus length"},
+{ERR_REASON(SSL_R_BAD_RSA_SIGNATURE)     ,"bad rsa signature"},
+{ERR_REASON(SSL_R_BAD_SIGNATURE)         ,"bad signature"},
+{ERR_REASON(SSL_R_BAD_SSL_FILETYPE)      ,"bad ssl filetype"},
+{ERR_REASON(SSL_R_BAD_SSL_SESSION_ID_LENGTH),"bad ssl session id length"},
+{ERR_REASON(SSL_R_BAD_STATE)             ,"bad state"},
+{ERR_REASON(SSL_R_BAD_WRITE_RETRY)       ,"bad write retry"},
+{ERR_REASON(SSL_R_BIO_NOT_SET)           ,"bio not set"},
+{ERR_REASON(SSL_R_BLOCK_CIPHER_PAD_IS_WRONG),"block cipher pad is wrong"},
+{ERR_REASON(SSL_R_BN_LIB)                ,"bn lib"},
+{ERR_REASON(SSL_R_CA_DN_LENGTH_MISMATCH) ,"ca dn length mismatch"},
+{ERR_REASON(SSL_R_CA_DN_TOO_LONG)        ,"ca dn too long"},
+{ERR_REASON(SSL_R_CCS_RECEIVED_EARLY)    ,"ccs received early"},
+{ERR_REASON(SSL_R_CERTIFICATE_VERIFY_FAILED),"certificate verify failed"},
+{ERR_REASON(SSL_R_CERT_LENGTH_MISMATCH)  ,"cert length mismatch"},
+{ERR_REASON(SSL_R_CHALLENGE_IS_DIFFERENT),"challenge is different"},
+{ERR_REASON(SSL_R_CIPHER_CODE_WRONG_LENGTH),"cipher code wrong length"},
+{ERR_REASON(SSL_R_CIPHER_OR_HASH_UNAVAILABLE),"cipher or hash unavailable"},
+{ERR_REASON(SSL_R_CIPHER_TABLE_SRC_ERROR),"cipher table src error"},
+{ERR_REASON(SSL_R_CLIENTHELLO_TLSEXT)    ,"clienthello tlsext"},
+{ERR_REASON(SSL_R_COMPRESSED_LENGTH_TOO_LONG),"compressed length too long"},
+{ERR_REASON(SSL_R_COMPRESSION_DISABLED)  ,"compression disabled"},
+{ERR_REASON(SSL_R_COMPRESSION_FAILURE)   ,"compression failure"},
+{ERR_REASON(SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE),"compression id not within private range"},
+{ERR_REASON(SSL_R_COMPRESSION_LIBRARY_ERROR),"compression library error"},
+{ERR_REASON(SSL_R_CONNECTION_ID_IS_DIFFERENT),"connection id is different"},
+{ERR_REASON(SSL_R_CONNECTION_TYPE_NOT_SET),"connection type not set"},
+{ERR_REASON(SSL_R_COOKIE_MISMATCH)       ,"cookie mismatch"},
+{ERR_REASON(SSL_R_DATA_BETWEEN_CCS_AND_FINISHED),"data between ccs and finished"},
+{ERR_REASON(SSL_R_DATA_LENGTH_TOO_LONG)  ,"data length too long"},
+{ERR_REASON(SSL_R_DECRYPTION_FAILED)     ,"decryption failed"},
+{ERR_REASON(SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC),"decryption failed or bad record mac"},
+{ERR_REASON(SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG),"dh public value length is wrong"},
+{ERR_REASON(SSL_R_DIGEST_CHECK_FAILED)   ,"digest check failed"},
+{ERR_REASON(SSL_R_DTLS_MESSAGE_TOO_BIG)  ,"dtls message too big"},
+{ERR_REASON(SSL_R_DUPLICATE_COMPRESSION_ID),"duplicate compression id"},
+{ERR_REASON(SSL_R_ECC_CERT_NOT_FOR_KEY_AGREEMENT),"ecc cert not for key agreement"},
+{ERR_REASON(SSL_R_ECC_CERT_NOT_FOR_SIGNING),"ecc cert not for signing"},
+{ERR_REASON(SSL_R_ECC_CERT_SHOULD_HAVE_RSA_SIGNATURE),"ecc cert should have rsa signature"},
+{ERR_REASON(SSL_R_ECC_CERT_SHOULD_HAVE_SHA1_SIGNATURE),"ecc cert should have sha1 signature"},
+{ERR_REASON(SSL_R_ECGROUP_TOO_LARGE_FOR_CIPHER),"ecgroup too large for cipher"},
+{ERR_REASON(SSL_R_ENCRYPTED_LENGTH_TOO_LONG),"encrypted length too long"},
+{ERR_REASON(SSL_R_ERROR_GENERATING_TMP_RSA_KEY),"error generating tmp rsa key"},
+{ERR_REASON(SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST),"error in received cipher list"},
+{ERR_REASON(SSL_R_EXCESSIVE_MESSAGE_SIZE),"excessive message size"},
+{ERR_REASON(SSL_R_EXTRA_DATA_IN_MESSAGE) ,"extra data in message"},
+{ERR_REASON(SSL_R_GOT_A_FIN_BEFORE_A_CCS),"got a fin before a ccs"},
+{ERR_REASON(SSL_R_HTTPS_PROXY_REQUEST)   ,"https proxy request"},
+{ERR_REASON(SSL_R_HTTP_REQUEST)          ,"http request"},
+{ERR_REASON(SSL_R_ILLEGAL_PADDING)       ,"illegal padding"},
+{ERR_REASON(SSL_R_INCONSISTENT_COMPRESSION),"inconsistent compression"},
+{ERR_REASON(SSL_R_INVALID_CHALLENGE_LENGTH),"invalid challenge length"},
+{ERR_REASON(SSL_R_INVALID_COMMAND)       ,"invalid command"},
+{ERR_REASON(SSL_R_INVALID_COMPRESSION_ALGORITHM),"invalid compression algorithm"},
+{ERR_REASON(SSL_R_INVALID_PURPOSE)       ,"invalid purpose"},
+{ERR_REASON(SSL_R_INVALID_STATUS_RESPONSE),"invalid status response"},
+{ERR_REASON(SSL_R_INVALID_TICKET_KEYS_LENGTH),"invalid ticket keys length"},
+{ERR_REASON(SSL_R_INVALID_TRUST)         ,"invalid trust"},
+{ERR_REASON(SSL_R_KEY_ARG_TOO_LONG)      ,"key arg too long"},
+{ERR_REASON(SSL_R_KRB5)                  ,"krb5"},
+{ERR_REASON(SSL_R_KRB5_C_CC_PRINC)       ,"krb5 client cc principal (no tkt?)"},
+{ERR_REASON(SSL_R_KRB5_C_GET_CRED)       ,"krb5 client get cred"},
+{ERR_REASON(SSL_R_KRB5_C_INIT)           ,"krb5 client init"},
+{ERR_REASON(SSL_R_KRB5_C_MK_REQ)         ,"krb5 client mk_req (expired tkt?)"},
+{ERR_REASON(SSL_R_KRB5_S_BAD_TICKET)     ,"krb5 server bad ticket"},
+{ERR_REASON(SSL_R_KRB5_S_INIT)           ,"krb5 server init"},
+{ERR_REASON(SSL_R_KRB5_S_RD_REQ)         ,"krb5 server rd_req (keytab perms?)"},
+{ERR_REASON(SSL_R_KRB5_S_TKT_EXPIRED)    ,"krb5 server tkt expired"},
+{ERR_REASON(SSL_R_KRB5_S_TKT_NYV)        ,"krb5 server tkt not yet valid"},
+{ERR_REASON(SSL_R_KRB5_S_TKT_SKEW)       ,"krb5 server tkt skew"},
+{ERR_REASON(SSL_R_LENGTH_MISMATCH)       ,"length mismatch"},
+{ERR_REASON(SSL_R_LENGTH_TOO_SHORT)      ,"length too short"},
+{ERR_REASON(SSL_R_LIBRARY_BUG)           ,"library bug"},
+{ERR_REASON(SSL_R_LIBRARY_HAS_NO_CIPHERS),"library has no ciphers"},
+{ERR_REASON(SSL_R_MESSAGE_TOO_LONG)      ,"message too long"},
+{ERR_REASON(SSL_R_MISSING_DH_DSA_CERT)   ,"missing dh dsa cert"},
+{ERR_REASON(SSL_R_MISSING_DH_KEY)        ,"missing dh key"},
+{ERR_REASON(SSL_R_MISSING_DH_RSA_CERT)   ,"missing dh rsa cert"},
+{ERR_REASON(SSL_R_MISSING_DSA_SIGNING_CERT),"missing dsa signing cert"},
+{ERR_REASON(SSL_R_MISSING_EXPORT_TMP_DH_KEY),"missing export tmp dh key"},
+{ERR_REASON(SSL_R_MISSING_EXPORT_TMP_RSA_KEY),"missing export tmp rsa key"},
+{ERR_REASON(SSL_R_MISSING_RSA_CERTIFICATE),"missing rsa certificate"},
+{ERR_REASON(SSL_R_MISSING_RSA_ENCRYPTING_CERT),"missing rsa encrypting cert"},
+{ERR_REASON(SSL_R_MISSING_RSA_SIGNING_CERT),"missing rsa signing cert"},
+{ERR_REASON(SSL_R_MISSING_TMP_DH_KEY)    ,"missing tmp dh key"},
+{ERR_REASON(SSL_R_MISSING_TMP_ECDH_KEY)  ,"missing tmp ecdh key"},
+{ERR_REASON(SSL_R_MISSING_TMP_RSA_KEY)   ,"missing tmp rsa key"},
+{ERR_REASON(SSL_R_MISSING_TMP_RSA_PKEY)  ,"missing tmp rsa pkey"},
+{ERR_REASON(SSL_R_MISSING_VERIFY_MESSAGE),"missing verify message"},
+{ERR_REASON(SSL_R_NON_SSLV2_INITIAL_PACKET),"non sslv2 initial packet"},
+{ERR_REASON(SSL_R_NO_CERTIFICATES_RETURNED),"no certificates returned"},
+{ERR_REASON(SSL_R_NO_CERTIFICATE_ASSIGNED),"no certificate assigned"},
+{ERR_REASON(SSL_R_NO_CERTIFICATE_RETURNED),"no certificate returned"},
+{ERR_REASON(SSL_R_NO_CERTIFICATE_SET)    ,"no certificate set"},
+{ERR_REASON(SSL_R_NO_CERTIFICATE_SPECIFIED),"no certificate specified"},
+{ERR_REASON(SSL_R_NO_CIPHERS_AVAILABLE)  ,"no ciphers available"},
+{ERR_REASON(SSL_R_NO_CIPHERS_PASSED)     ,"no ciphers passed"},
+{ERR_REASON(SSL_R_NO_CIPHERS_SPECIFIED)  ,"no ciphers specified"},
+{ERR_REASON(SSL_R_NO_CIPHER_LIST)        ,"no cipher list"},
+{ERR_REASON(SSL_R_NO_CIPHER_MATCH)       ,"no cipher match"},
+{ERR_REASON(SSL_R_NO_CLIENT_CERT_METHOD) ,"no client cert method"},
+{ERR_REASON(SSL_R_NO_CLIENT_CERT_RECEIVED),"no client cert received"},
+{ERR_REASON(SSL_R_NO_COMPRESSION_SPECIFIED),"no compression specified"},
+{ERR_REASON(SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER),"Peer haven't sent GOST certificate, required for selected ciphersuite"},
+{ERR_REASON(SSL_R_NO_METHOD_SPECIFIED)   ,"no method specified"},
+{ERR_REASON(SSL_R_NO_PRIVATEKEY)         ,"no privatekey"},
+{ERR_REASON(SSL_R_NO_PRIVATE_KEY_ASSIGNED),"no private key assigned"},
+{ERR_REASON(SSL_R_NO_PROTOCOLS_AVAILABLE),"no protocols available"},
+{ERR_REASON(SSL_R_NO_PUBLICKEY)          ,"no publickey"},
+{ERR_REASON(SSL_R_NO_RENEGOTIATION)      ,"no renegotiation"},
+{ERR_REASON(SSL_R_NO_REQUIRED_DIGEST)    ,"digest requred for handshake isn't computed"},
+{ERR_REASON(SSL_R_NO_SHARED_CIPHER)      ,"no shared cipher"},
+{ERR_REASON(SSL_R_NO_VERIFY_CALLBACK)    ,"no verify callback"},
+{ERR_REASON(SSL_R_NULL_SSL_CTX)          ,"null ssl ctx"},
+{ERR_REASON(SSL_R_NULL_SSL_METHOD_PASSED),"null ssl method passed"},
+{ERR_REASON(SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED),"old session cipher not returned"},
+{ERR_REASON(SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED),"old session compression algorithm not returned"},
+{ERR_REASON(SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE),"only tls allowed in fips mode"},
+{ERR_REASON(SSL_R_OPAQUE_PRF_INPUT_TOO_LONG),"opaque PRF input too long"},
+{ERR_REASON(SSL_R_PACKET_LENGTH_TOO_LONG),"packet length too long"},
+{ERR_REASON(SSL_R_PARSE_TLSEXT)          ,"parse tlsext"},
+{ERR_REASON(SSL_R_PATH_TOO_LONG)         ,"path too long"},
+{ERR_REASON(SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE),"peer did not return a certificate"},
+{ERR_REASON(SSL_R_PEER_ERROR)            ,"peer error"},
+{ERR_REASON(SSL_R_PEER_ERROR_CERTIFICATE),"peer error certificate"},
+{ERR_REASON(SSL_R_PEER_ERROR_NO_CERTIFICATE),"peer error no certificate"},
+{ERR_REASON(SSL_R_PEER_ERROR_NO_CIPHER)  ,"peer error no cipher"},
+{ERR_REASON(SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE),"peer error unsupported certificate type"},
+{ERR_REASON(SSL_R_PRE_MAC_LENGTH_TOO_LONG),"pre mac length too long"},
+{ERR_REASON(SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS),"problems mapping cipher functions"},
+{ERR_REASON(SSL_R_PROTOCOL_IS_SHUTDOWN)  ,"protocol is shutdown"},
+{ERR_REASON(SSL_R_PSK_IDENTITY_NOT_FOUND),"psk identity not found"},
+{ERR_REASON(SSL_R_PSK_NO_CLIENT_CB)      ,"psk no client cb"},
+{ERR_REASON(SSL_R_PSK_NO_SERVER_CB)      ,"psk no server cb"},
+{ERR_REASON(SSL_R_PUBLIC_KEY_ENCRYPT_ERROR),"public key encrypt error"},
+{ERR_REASON(SSL_R_PUBLIC_KEY_IS_NOT_RSA) ,"public key is not rsa"},
+{ERR_REASON(SSL_R_PUBLIC_KEY_NOT_RSA)    ,"public key not rsa"},
+{ERR_REASON(SSL_R_READ_BIO_NOT_SET)      ,"read bio not set"},
+{ERR_REASON(SSL_R_READ_TIMEOUT_EXPIRED)  ,"read timeout expired"},
+{ERR_REASON(SSL_R_READ_WRONG_PACKET_TYPE),"read wrong packet type"},
+{ERR_REASON(SSL_R_RECORD_LENGTH_MISMATCH),"record length mismatch"},
+{ERR_REASON(SSL_R_RECORD_TOO_LARGE)      ,"record too large"},
+{ERR_REASON(SSL_R_RECORD_TOO_SMALL)      ,"record too small"},
+{ERR_REASON(SSL_R_RENEGOTIATE_EXT_TOO_LONG),"renegotiate ext too long"},
+{ERR_REASON(SSL_R_RENEGOTIATION_ENCODING_ERR),"renegotiation encoding err"},
+{ERR_REASON(SSL_R_RENEGOTIATION_MISMATCH),"renegotiation mismatch"},
+{ERR_REASON(SSL_R_REQUIRED_CIPHER_MISSING),"required cipher missing"},
+{ERR_REASON(SSL_R_REQUIRED_COMPRESSSION_ALGORITHM_MISSING),"required compresssion algorithm missing"},
+{ERR_REASON(SSL_R_REUSE_CERT_LENGTH_NOT_ZERO),"reuse cert length not zero"},
+{ERR_REASON(SSL_R_REUSE_CERT_TYPE_NOT_ZERO),"reuse cert type not zero"},
+{ERR_REASON(SSL_R_REUSE_CIPHER_LIST_NOT_ZERO),"reuse cipher list not zero"},
+{ERR_REASON(SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING),"scsv received when renegotiating"},
+{ERR_REASON(SSL_R_SERVERHELLO_TLSEXT)    ,"serverhello tlsext"},
+{ERR_REASON(SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED),"session id context uninitialized"},
+{ERR_REASON(SSL_R_SHORT_READ)            ,"short read"},
+{ERR_REASON(SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE),"signature for non signing certificate"},
+{ERR_REASON(SSL_R_SSL23_DOING_SESSION_ID_REUSE),"ssl23 doing session id reuse"},
+{ERR_REASON(SSL_R_SSL2_CONNECTION_ID_TOO_LONG),"ssl2 connection id too long"},
+{ERR_REASON(SSL_R_SSL3_EXT_INVALID_ECPOINTFORMAT),"ssl3 ext invalid ecpointformat"},
+{ERR_REASON(SSL_R_SSL3_EXT_INVALID_SERVERNAME),"ssl3 ext invalid servername"},
+{ERR_REASON(SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE),"ssl3 ext invalid servername type"},
+{ERR_REASON(SSL_R_SSL3_SESSION_ID_TOO_LONG),"ssl3 session id too long"},
+{ERR_REASON(SSL_R_SSL3_SESSION_ID_TOO_SHORT),"ssl3 session id too short"},
+{ERR_REASON(SSL_R_SSLV3_ALERT_BAD_CERTIFICATE),"sslv3 alert bad certificate"},
+{ERR_REASON(SSL_R_SSLV3_ALERT_BAD_RECORD_MAC),"sslv3 alert bad record mac"},
+{ERR_REASON(SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED),"sslv3 alert certificate expired"},
+{ERR_REASON(SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED),"sslv3 alert certificate revoked"},
+{ERR_REASON(SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN),"sslv3 alert certificate unknown"},
+{ERR_REASON(SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE),"sslv3 alert decompression failure"},
+{ERR_REASON(SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE),"sslv3 alert handshake failure"},
+{ERR_REASON(SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER),"sslv3 alert illegal parameter"},
+{ERR_REASON(SSL_R_SSLV3_ALERT_NO_CERTIFICATE),"sslv3 alert no certificate"},
+{ERR_REASON(SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE),"sslv3 alert unexpected message"},
+{ERR_REASON(SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE),"sslv3 alert unsupported certificate"},
+{ERR_REASON(SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION),"ssl ctx has no default ssl version"},
+{ERR_REASON(SSL_R_SSL_HANDSHAKE_FAILURE) ,"ssl handshake failure"},
+{ERR_REASON(SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS),"ssl library has no ciphers"},
+{ERR_REASON(SSL_R_SSL_SESSION_ID_CALLBACK_FAILED),"ssl session id callback failed"},
+{ERR_REASON(SSL_R_SSL_SESSION_ID_CONFLICT),"ssl session id conflict"},
+{ERR_REASON(SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG),"ssl session id context too long"},
+{ERR_REASON(SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH),"ssl session id has bad length"},
+{ERR_REASON(SSL_R_SSL_SESSION_ID_IS_DIFFERENT),"ssl session id is different"},
+{ERR_REASON(SSL_R_TLSV1_ALERT_ACCESS_DENIED),"tlsv1 alert access denied"},
+{ERR_REASON(SSL_R_TLSV1_ALERT_DECODE_ERROR),"tlsv1 alert decode error"},
+{ERR_REASON(SSL_R_TLSV1_ALERT_DECRYPTION_FAILED),"tlsv1 alert decryption failed"},
+{ERR_REASON(SSL_R_TLSV1_ALERT_DECRYPT_ERROR),"tlsv1 alert decrypt error"},
+{ERR_REASON(SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION),"tlsv1 alert export restriction"},
+{ERR_REASON(SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY),"tlsv1 alert insufficient security"},
+{ERR_REASON(SSL_R_TLSV1_ALERT_INTERNAL_ERROR),"tlsv1 alert internal error"},
+{ERR_REASON(SSL_R_TLSV1_ALERT_NO_RENEGOTIATION),"tlsv1 alert no renegotiation"},
+{ERR_REASON(SSL_R_TLSV1_ALERT_PROTOCOL_VERSION),"tlsv1 alert protocol version"},
+{ERR_REASON(SSL_R_TLSV1_ALERT_RECORD_OVERFLOW),"tlsv1 alert record overflow"},
+{ERR_REASON(SSL_R_TLSV1_ALERT_UNKNOWN_CA),"tlsv1 alert unknown ca"},
+{ERR_REASON(SSL_R_TLSV1_ALERT_USER_CANCELLED),"tlsv1 alert user cancelled"},
+{ERR_REASON(SSL_R_TLSV1_BAD_CERTIFICATE_HASH_VALUE),"tlsv1 bad certificate hash value"},
+{ERR_REASON(SSL_R_TLSV1_BAD_CERTIFICATE_STATUS_RESPONSE),"tlsv1 bad certificate status response"},
+{ERR_REASON(SSL_R_TLSV1_CERTIFICATE_UNOBTAINABLE),"tlsv1 certificate unobtainable"},
+{ERR_REASON(SSL_R_TLSV1_UNRECOGNIZED_NAME),"tlsv1 unrecognized name"},
+{ERR_REASON(SSL_R_TLSV1_UNSUPPORTED_EXTENSION),"tlsv1 unsupported extension"},
+{ERR_REASON(SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER),"tls client cert req with anon cipher"},
+{ERR_REASON(SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST),"tls invalid ecpointformat list"},
+{ERR_REASON(SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST),"tls peer did not respond with certificate list"},
+{ERR_REASON(SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG),"tls rsa encrypted value length is wrong"},
+{ERR_REASON(SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER),"tried to use unsupported cipher"},
+{ERR_REASON(SSL_R_UNABLE_TO_DECODE_DH_CERTS),"unable to decode dh certs"},
+{ERR_REASON(SSL_R_UNABLE_TO_DECODE_ECDH_CERTS),"unable to decode ecdh certs"},
+{ERR_REASON(SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY),"unable to extract public key"},
+{ERR_REASON(SSL_R_UNABLE_TO_FIND_DH_PARAMETERS),"unable to find dh parameters"},
+{ERR_REASON(SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS),"unable to find ecdh parameters"},
+{ERR_REASON(SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS),"unable to find public key parameters"},
+{ERR_REASON(SSL_R_UNABLE_TO_FIND_SSL_METHOD),"unable to find ssl method"},
+{ERR_REASON(SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES),"unable to load ssl2 md5 routines"},
+{ERR_REASON(SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES),"unable to load ssl3 md5 routines"},
+{ERR_REASON(SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES),"unable to load ssl3 sha1 routines"},
+{ERR_REASON(SSL_R_UNEXPECTED_MESSAGE)    ,"unexpected message"},
+{ERR_REASON(SSL_R_UNEXPECTED_RECORD)     ,"unexpected record"},
+{ERR_REASON(SSL_R_UNINITIALIZED)         ,"uninitialized"},
+{ERR_REASON(SSL_R_UNKNOWN_ALERT_TYPE)    ,"unknown alert type"},
+{ERR_REASON(SSL_R_UNKNOWN_CERTIFICATE_TYPE),"unknown certificate type"},
+{ERR_REASON(SSL_R_UNKNOWN_CIPHER_RETURNED),"unknown cipher returned"},
+{ERR_REASON(SSL_R_UNKNOWN_CIPHER_TYPE)   ,"unknown cipher type"},
+{ERR_REASON(SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE),"unknown key exchange type"},
+{ERR_REASON(SSL_R_UNKNOWN_PKEY_TYPE)     ,"unknown pkey type"},
+{ERR_REASON(SSL_R_UNKNOWN_PROTOCOL)      ,"unknown protocol"},
+{ERR_REASON(SSL_R_UNKNOWN_REMOTE_ERROR_TYPE),"unknown remote error type"},
+{ERR_REASON(SSL_R_UNKNOWN_SSL_VERSION)   ,"unknown ssl version"},
+{ERR_REASON(SSL_R_UNKNOWN_STATE)         ,"unknown state"},
+{ERR_REASON(SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED),"unsafe legacy renegotiation disabled"},
+{ERR_REASON(SSL_R_UNSUPPORTED_CIPHER)    ,"unsupported cipher"},
+{ERR_REASON(SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM),"unsupported compression algorithm"},
+{ERR_REASON(SSL_R_UNSUPPORTED_DIGEST_TYPE),"unsupported digest type"},
+{ERR_REASON(SSL_R_UNSUPPORTED_ELLIPTIC_CURVE),"unsupported elliptic curve"},
+{ERR_REASON(SSL_R_UNSUPPORTED_PROTOCOL)  ,"unsupported protocol"},
+{ERR_REASON(SSL_R_UNSUPPORTED_SSL_VERSION),"unsupported ssl version"},
+{ERR_REASON(SSL_R_UNSUPPORTED_STATUS_TYPE),"unsupported status type"},
+{ERR_REASON(SSL_R_WRITE_BIO_NOT_SET)     ,"write bio not set"},
+{ERR_REASON(SSL_R_WRONG_CIPHER_RETURNED) ,"wrong cipher returned"},
+{ERR_REASON(SSL_R_WRONG_MESSAGE_TYPE)    ,"wrong message type"},
+{ERR_REASON(SSL_R_WRONG_NUMBER_OF_KEY_BITS),"wrong number of key bits"},
+{ERR_REASON(SSL_R_WRONG_SIGNATURE_LENGTH),"wrong signature length"},
+{ERR_REASON(SSL_R_WRONG_SIGNATURE_SIZE)  ,"wrong signature size"},
+{ERR_REASON(SSL_R_WRONG_SSL_VERSION)     ,"wrong ssl version"},
+{ERR_REASON(SSL_R_WRONG_VERSION_NUMBER)  ,"wrong version number"},
+{ERR_REASON(SSL_R_X509_LIB)              ,"x509 lib"},
+{ERR_REASON(SSL_R_X509_VERIFICATION_SETUP_PROBLEMS),"x509 verification setup problems"},
 {0,NULL}
 	};
 
@@ -457,15 +560,12 @@ static ERR_STRING_DATA SSL_str_reasons[]=
 
 void ERR_load_SSL_strings(void)
 	{
-	static int init=1;
-
-	if (init)
-		{
-		init=0;
 #ifndef OPENSSL_NO_ERR
-		ERR_load_strings(ERR_LIB_SSL,SSL_str_functs);
-		ERR_load_strings(ERR_LIB_SSL,SSL_str_reasons);
-#endif
 
+	if (ERR_func_error_string(SSL_str_functs[0].error) == NULL)
+		{
+		ERR_load_strings(0,SSL_str_functs);
+		ERR_load_strings(0,SSL_str_reasons);
 		}
+#endif
 	}
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index c3bf50987c..6142b08872 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -58,7 +58,7 @@
  * [including the GNU Public Licence.]
  */
 /* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1998-2007 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -115,6 +115,32 @@
  * ECC cipher suite support in OpenSSL originally developed by 
  * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
  */
+/* ====================================================================
+ * Copyright 2005 Nokia. All rights reserved.
+ *
+ * The portions of the attached software ("Contribution") is developed by
+ * Nokia Corporation and is licensed pursuant to the OpenSSL open source
+ * license.
+ *
+ * The Contribution, originally written by Mika Kousa and Pasi Eronen of
+ * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+ * support (see RFC 4279) to OpenSSL.
+ *
+ * No patent licenses or other rights except those expressly stated in
+ * the OpenSSL open source license shall be deemed granted or received
+ * expressly, by implication, estoppel, or otherwise.
+ *
+ * No assurances are provided by Nokia that the Contribution does not
+ * infringe the patent or other intellectual property rights of any third
+ * party or that the license provides you with all the necessary rights
+ * to make use of the Contribution.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+ * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+ * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+ * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+ * OTHERWISE.
+ */
 
 #ifdef REF_CHECK
 #  include <assert.h>
@@ -125,18 +151,32 @@
 #include <openssl/objects.h>
 #include <openssl/lhash.h>
 #include <openssl/x509v3.h>
+#include <openssl/rand.h>
+#include <openssl/ocsp.h>
+#ifndef OPENSSL_NO_DH
 #include <openssl/dh.h>
+#endif
+#ifndef OPENSSL_NO_ENGINE
+#include <openssl/engine.h>
+#endif
 
 const char *SSL_version_str=OPENSSL_VERSION_TEXT;
 
-OPENSSL_GLOBAL SSL3_ENC_METHOD ssl3_undef_enc_method={
+SSL3_ENC_METHOD ssl3_undef_enc_method={
 	/* evil casts, but these functions are only called if there's a library bug */
 	(int (*)(SSL *,int))ssl_undefined_function,
 	(int (*)(SSL *, unsigned char *, int))ssl_undefined_function,
 	ssl_undefined_function,
 	(int (*)(SSL *, unsigned char *, unsigned char *, int))ssl_undefined_function,
 	(int (*)(SSL*, int))ssl_undefined_function,
-	(int (*)(SSL *, EVP_MD_CTX *, EVP_MD_CTX *, const char*, int, unsigned char *))ssl_undefined_function
+	(int (*)(SSL *,  const char*, int, unsigned char *))ssl_undefined_function,
+	0,	/* finish_mac_length */
+	(int (*)(SSL *, int, unsigned char *))ssl_undefined_function,
+	NULL,	/* client_finished_label */
+	0,	/* client_finished_label_len */
+	NULL,	/* server_finished_label */
+	0,	/* server_finished_label_len */
+	(int (*)(int))ssl_undefined_function
 	};
 
 int SSL_clear(SSL *s)
@@ -190,6 +230,8 @@ int SSL_clear(SSL *s)
 		}
 
 	ssl_clear_cipher_ctx(s);
+	ssl_clear_hash_ctx(&s->read_hash);
+	ssl_clear_hash_ctx(&s->write_hash);
 
 	s->first_packet=0;
 
@@ -210,14 +252,15 @@ int SSL_clear(SSL *s)
 	}
 
 /** Used to change an SSL_CTXs default SSL method type */
-int SSL_CTX_set_ssl_version(SSL_CTX *ctx,SSL_METHOD *meth)
+int SSL_CTX_set_ssl_version(SSL_CTX *ctx,const SSL_METHOD *meth)
 	{
 	STACK_OF(SSL_CIPHER) *sk;
 
 	ctx->method=meth;
 
 	sk=ssl_create_cipher_list(ctx->method,&(ctx->cipher_list),
-		&(ctx->cipher_list_by_id),SSL_DEFAULT_CIPHER_LIST);
+		&(ctx->cipher_list_by_id),
+		meth->version == SSL2_VERSION ? "SSLv2" : SSL_DEFAULT_CIPHER_LIST);
 	if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= 0))
 		{
 		SSLerr(SSL_F_SSL_CTX_SET_SSL_VERSION,SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS);
@@ -294,9 +337,23 @@ SSL *SSL_new(SSL_CTX *ctx)
 	s->trust = ctx->trust;
 #endif
 	s->quiet_shutdown=ctx->quiet_shutdown;
+	s->max_send_fragment = ctx->max_send_fragment;
 
 	CRYPTO_add(&ctx->references,1,CRYPTO_LOCK_SSL_CTX);
 	s->ctx=ctx;
+#ifndef OPENSSL_NO_TLSEXT
+	s->tlsext_debug_cb = 0;
+	s->tlsext_debug_arg = NULL;
+	s->tlsext_ticket_expected = 0;
+	s->tlsext_status_type = -1;
+	s->tlsext_status_expected = 0;
+	s->tlsext_ocsp_ids = NULL;
+	s->tlsext_ocsp_exts = NULL;
+	s->tlsext_ocsp_resp = NULL;
+	s->tlsext_ocsp_resplen = -1;
+	CRYPTO_add(&ctx->references,1,CRYPTO_LOCK_SSL_CTX);
+	s->initial_ctx=ctx;
+#endif
 
 	s->verify_result=X509_V_OK;
 
@@ -312,6 +369,11 @@ SSL *SSL_new(SSL_CTX *ctx)
 
 	CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->ex_data);
 
+#ifndef OPENSSL_NO_PSK
+	s->psk_client_callback=ctx->psk_client_callback;
+	s->psk_server_callback=ctx->psk_server_callback;
+#endif
+
 	return(s);
 err:
 	if (s != NULL)
@@ -399,7 +461,7 @@ int SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id,
 		}
 
 	CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
-	p = (SSL_SESSION *)lh_retrieve(ssl->ctx->sessions, &r);
+	p = lh_SSL_SESSION_retrieve(ssl->ctx->sessions, &r);
 	CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
 	return (p != NULL);
 	}
@@ -424,6 +486,16 @@ int SSL_set_trust(SSL *s, int trust)
 	return X509_VERIFY_PARAM_set_trust(s->param, trust);
 	}
 
+int SSL_CTX_set1_param(SSL_CTX *ctx, X509_VERIFY_PARAM *vpm)
+	{
+	return X509_VERIFY_PARAM_set1(ctx->param, vpm);
+	}
+
+int SSL_set1_param(SSL *ssl, X509_VERIFY_PARAM *vpm)
+	{
+	return X509_VERIFY_PARAM_set1(ssl->param, vpm);
+	}
+
 void SSL_free(SSL *s)
 	{
 	int i;
@@ -478,17 +550,37 @@ void SSL_free(SSL *s)
 		}
 
 	ssl_clear_cipher_ctx(s);
+	ssl_clear_hash_ctx(&s->read_hash);
+	ssl_clear_hash_ctx(&s->write_hash);
 
 	if (s->cert != NULL) ssl_cert_free(s->cert);
 	/* Free up if allocated */
 
-	if (s->ctx) SSL_CTX_free(s->ctx);
+#ifndef OPENSSL_NO_TLSEXT
+	if (s->tlsext_hostname)
+		OPENSSL_free(s->tlsext_hostname);
+	if (s->initial_ctx) SSL_CTX_free(s->initial_ctx);
+#ifndef OPENSSL_NO_EC
+	if (s->tlsext_ecpointformatlist) OPENSSL_free(s->tlsext_ecpointformatlist);
+	if (s->tlsext_ellipticcurvelist) OPENSSL_free(s->tlsext_ellipticcurvelist);
+#endif /* OPENSSL_NO_EC */
+	if (s->tlsext_opaque_prf_input) OPENSSL_free(s->tlsext_opaque_prf_input);
+	if (s->tlsext_ocsp_exts)
+		sk_X509_EXTENSION_pop_free(s->tlsext_ocsp_exts,
+						X509_EXTENSION_free);
+	if (s->tlsext_ocsp_ids)
+		sk_OCSP_RESPID_pop_free(s->tlsext_ocsp_ids, OCSP_RESPID_free);
+	if (s->tlsext_ocsp_resp)
+		OPENSSL_free(s->tlsext_ocsp_resp);
+#endif
 
 	if (s->client_CA != NULL)
 		sk_X509_NAME_pop_free(s->client_CA,X509_NAME_free);
 
 	if (s->method != NULL) s->method->ssl_free(s);
 
+	if (s->ctx) SSL_CTX_free(s->ctx);
+
 #ifndef	OPENSSL_NO_KRB5
 	if (s->kssl_ctx != NULL)
 		kssl_ctx_free(s->kssl_ctx);
@@ -517,18 +609,18 @@ void SSL_set_bio(SSL *s,BIO *rbio,BIO *wbio)
 	s->wbio=wbio;
 	}
 
-BIO *SSL_get_rbio(SSL *s)
+BIO *SSL_get_rbio(const SSL *s)
 	{ return(s->rbio); }
 
-BIO *SSL_get_wbio(SSL *s)
+BIO *SSL_get_wbio(const SSL *s)
 	{ return(s->wbio); }
 
-int SSL_get_fd(SSL *s)
+int SSL_get_fd(const SSL *s)
 	{
 	return(SSL_get_rfd(s));
 	}
 
-int SSL_get_rfd(SSL *s)
+int SSL_get_rfd(const SSL *s)
 	{
 	int ret= -1;
 	BIO *b,*r;
@@ -540,7 +632,7 @@ int SSL_get_rfd(SSL *s)
 	return(ret);
 	}
 
-int SSL_get_wfd(SSL *s)
+int SSL_get_wfd(const SSL *s)
 	{
 	int ret= -1;
 	BIO *b,*r;
@@ -622,7 +714,7 @@ err:
 
 
 /* return length of latest Finished message we sent, copy to 'buf' */
-size_t SSL_get_finished(SSL *s, void *buf, size_t count)
+size_t SSL_get_finished(const SSL *s, void *buf, size_t count)
 	{
 	size_t ret = 0;
 	
@@ -637,7 +729,7 @@ size_t SSL_get_finished(SSL *s, void *buf, size_t count)
 	}
 
 /* return length of latest Finished message we expected, copy to 'buf' */
-size_t SSL_get_peer_finished(SSL *s, void *buf, size_t count)
+size_t SSL_get_peer_finished(const SSL *s, void *buf, size_t count)
 	{
 	size_t ret = 0;
 	
@@ -652,32 +744,32 @@ size_t SSL_get_peer_finished(SSL *s, void *buf, size_t count)
 	}
 
 
-int SSL_get_verify_mode(SSL *s)
+int SSL_get_verify_mode(const SSL *s)
 	{
 	return(s->verify_mode);
 	}
 
-int SSL_get_verify_depth(SSL *s)
+int SSL_get_verify_depth(const SSL *s)
 	{
 	return X509_VERIFY_PARAM_get_depth(s->param);
 	}
 
-int (*SSL_get_verify_callback(SSL *s))(int,X509_STORE_CTX *)
+int (*SSL_get_verify_callback(const SSL *s))(int,X509_STORE_CTX *)
 	{
 	return(s->verify_callback);
 	}
 
-int SSL_CTX_get_verify_mode(SSL_CTX *ctx)
+int SSL_CTX_get_verify_mode(const SSL_CTX *ctx)
 	{
 	return(ctx->verify_mode);
 	}
 
-int SSL_CTX_get_verify_depth(SSL_CTX *ctx)
+int SSL_CTX_get_verify_depth(const SSL_CTX *ctx)
 	{
 	return X509_VERIFY_PARAM_get_depth(ctx->param);
 	}
 
-int (*SSL_CTX_get_verify_callback(SSL_CTX *ctx))(int,X509_STORE_CTX *)
+int (*SSL_CTX_get_verify_callback(const SSL_CTX *ctx))(int,X509_STORE_CTX *)
 	{
 	return(ctx->default_verify_callback);
 	}
@@ -700,12 +792,12 @@ void SSL_set_read_ahead(SSL *s,int yes)
 	s->read_ahead=yes;
 	}
 
-int SSL_get_read_ahead(SSL *s)
+int SSL_get_read_ahead(const SSL *s)
 	{
 	return(s->read_ahead);
 	}
 
-int SSL_pending(SSL *s)
+int SSL_pending(const SSL *s)
 	{
 	/* SSL_pending cannot work properly if read-ahead is enabled
 	 * (SSL_[CTX_]ctrl(..., SSL_CTRL_SET_READ_AHEAD, 1, NULL)),
@@ -717,7 +809,7 @@ int SSL_pending(SSL *s)
 	return(s->method->ssl_pending(s));
 	}
 
-X509 *SSL_get_peer_certificate(SSL *s)
+X509 *SSL_get_peer_certificate(const SSL *s)
 	{
 	X509 *r;
 	
@@ -733,7 +825,7 @@ X509 *SSL_get_peer_certificate(SSL *s)
 	return(r);
 	}
 
-STACK_OF(X509) *SSL_get_peer_cert_chain(SSL *s)
+STACK_OF(X509) *SSL_get_peer_cert_chain(const SSL *s)
 	{
 	STACK_OF(X509) *r;
 	
@@ -750,7 +842,7 @@ STACK_OF(X509) *SSL_get_peer_cert_chain(SSL *s)
 
 /* Now in theory, since the calling process own 't' it should be safe to
  * modify.  We need to be able to read f without being hassled */
-void SSL_copy_session_id(SSL *t,SSL *f)
+void SSL_copy_session_id(SSL *t,const SSL *f)
 	{
 	CERT *tmp;
 
@@ -779,7 +871,7 @@ void SSL_copy_session_id(SSL *t,SSL *f)
 	}
 
 /* Fix this so it checks all the valid key/cert options */
-int SSL_CTX_check_private_key(SSL_CTX *ctx)
+int SSL_CTX_check_private_key(const SSL_CTX *ctx)
 	{
 	if (	(ctx == NULL) ||
 		(ctx->cert == NULL) ||
@@ -797,7 +889,7 @@ int SSL_CTX_check_private_key(SSL_CTX *ctx)
 	}
 
 /* Fix this function so that it takes an optional type parameter */
-int SSL_check_private_key(SSL *ssl)
+int SSL_check_private_key(const SSL *ssl)
 	{
 	if (ssl == NULL)
 		{
@@ -806,7 +898,7 @@ int SSL_check_private_key(SSL *ssl)
 		}
 	if (ssl->cert == NULL)
 		{
-                SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,SSL_R_NO_CERTIFICATE_ASSIGNED);
+		SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,SSL_R_NO_CERTIFICATE_ASSIGNED);
 		return 0;
 		}
 	if (ssl->cert->key->x509 == NULL)
@@ -841,7 +933,7 @@ int SSL_connect(SSL *s)
 	return(s->method->ssl_connect(s));
 	}
 
-long SSL_get_default_timeout(SSL *s)
+long SSL_get_default_timeout(const SSL *s)
 	{
 	return(s->method->get_timeout());
 	}
@@ -866,7 +958,7 @@ int SSL_peek(SSL *s,void *buf,int num)
 	{
 	if (s->handshake_func == 0)
 		{
-		SSLerr(SSL_F_SSL_READ, SSL_R_UNINITIALIZED);
+		SSLerr(SSL_F_SSL_PEEK, SSL_R_UNINITIALIZED);
 		return -1;
 		}
 
@@ -949,20 +1041,41 @@ long SSL_ctrl(SSL *s,int cmd,long larg,void *parg)
 
 	case SSL_CTRL_OPTIONS:
 		return(s->options|=larg);
+	case SSL_CTRL_CLEAR_OPTIONS:
+		return(s->options&=~larg);
 	case SSL_CTRL_MODE:
 		return(s->mode|=larg);
+	case SSL_CTRL_CLEAR_MODE:
+		return(s->mode &=~larg);
 	case SSL_CTRL_GET_MAX_CERT_LIST:
 		return(s->max_cert_list);
 	case SSL_CTRL_SET_MAX_CERT_LIST:
 		l=s->max_cert_list;
 		s->max_cert_list=larg;
 		return(l);
+	case SSL_CTRL_SET_MTU:
+		if (SSL_version(s) == DTLS1_VERSION ||
+		    SSL_version(s) == DTLS1_BAD_VER)
+			{
+			s->d1->mtu = larg;
+			return larg;
+			}
+		return 0;
+	case SSL_CTRL_SET_MAX_SEND_FRAGMENT:
+		if (larg < 512 || larg > SSL3_RT_MAX_PLAIN_LENGTH)
+			return 0;
+		s->max_send_fragment = larg;
+		return 1;
+	case SSL_CTRL_GET_RI_SUPPORT:
+		if (s->s3)
+			return s->s3->send_connection_binding;
+		else return 0;
 	default:
 		return(s->method->ssl_ctrl(s,cmd,larg,parg));
 		}
 	}
 
-long SSL_callback_ctrl(SSL *s, int cmd, void (*fp)())
+long SSL_callback_ctrl(SSL *s, int cmd, void (*fp)(void))
 	{
 	switch(cmd)
 		{
@@ -975,7 +1088,7 @@ long SSL_callback_ctrl(SSL *s, int cmd, void (*fp)())
 		}
 	}
 
-struct lhash_st *SSL_CTX_sessions(SSL_CTX *ctx)
+LHASH_OF(SSL_SESSION) *SSL_CTX_sessions(SSL_CTX *ctx)
 	{
 	return ctx->sessions;
 	}
@@ -1018,7 +1131,7 @@ long SSL_CTX_ctrl(SSL_CTX *ctx,int cmd,long larg,void *parg)
 		return(ctx->session_cache_mode);
 
 	case SSL_CTRL_SESS_NUMBER:
-		return(ctx->sessions->num_items);
+		return(lh_SSL_SESSION_num_items(ctx->sessions));
 	case SSL_CTRL_SESS_CONNECT:
 		return(ctx->stats.sess_connect);
 	case SSL_CTRL_SESS_CONNECT_GOOD:
@@ -1043,14 +1156,23 @@ long SSL_CTX_ctrl(SSL_CTX *ctx,int cmd,long larg,void *parg)
 		return(ctx->stats.sess_cache_full);
 	case SSL_CTRL_OPTIONS:
 		return(ctx->options|=larg);
+	case SSL_CTRL_CLEAR_OPTIONS:
+		return(ctx->options&=~larg);
 	case SSL_CTRL_MODE:
 		return(ctx->mode|=larg);
+	case SSL_CTRL_CLEAR_MODE:
+		return(ctx->mode&=~larg);
+	case SSL_CTRL_SET_MAX_SEND_FRAGMENT:
+		if (larg < 512 || larg > SSL3_RT_MAX_PLAIN_LENGTH)
+			return 0;
+		ctx->max_send_fragment = larg;
+		return 1;
 	default:
 		return(ctx->method->ssl_ctx_ctrl(ctx,cmd,larg,parg));
 		}
 	}
 
-long SSL_CTX_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)())
+long SSL_CTX_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void))
 	{
 	switch(cmd)
 		{
@@ -1088,7 +1210,7 @@ int ssl_cipher_ptr_id_cmp(const SSL_CIPHER * const *ap,
 
 /** return a STACK of the ciphers available for the SSL and in order of
  * preference */
-STACK_OF(SSL_CIPHER) *SSL_get_ciphers(SSL *s)
+STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *s)
 	{
 	if (s != NULL)
 		{
@@ -1125,7 +1247,7 @@ STACK_OF(SSL_CIPHER) *ssl_get_ciphers_by_id(SSL *s)
 	}
 
 /** The old interface to get the same thing as SSL_get_ciphers() */
-const char *SSL_get_cipher_list(SSL *s,int n)
+const char *SSL_get_cipher_list(const SSL *s,int n)
 	{
 	SSL_CIPHER *c;
 	STACK_OF(SSL_CIPHER) *sk;
@@ -1146,8 +1268,21 @@ int SSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str)
 	
 	sk=ssl_create_cipher_list(ctx->method,&ctx->cipher_list,
 		&ctx->cipher_list_by_id,str);
-/* XXXX */
-	return((sk == NULL)?0:1);
+	/* ssl_create_cipher_list may return an empty stack if it
+	 * was unable to find a cipher matching the given rule string
+	 * (for example if the rule string specifies a cipher which
+	 * has been disabled). This is not an error as far as
+	 * ssl_create_cipher_list is concerned, and hence
+	 * ctx->cipher_list and ctx->cipher_list_by_id has been
+	 * updated. */
+	if (sk == NULL)
+		return 0;
+	else if (sk_SSL_CIPHER_num(sk) == 0)
+		{
+		SSLerr(SSL_F_SSL_CTX_SET_CIPHER_LIST, SSL_R_NO_CIPHER_MATCH);
+		return 0;
+		}
+	return 1;
 	}
 
 /** specify the ciphers to be used by the SSL */
@@ -1157,15 +1292,21 @@ int SSL_set_cipher_list(SSL *s,const char *str)
 	
 	sk=ssl_create_cipher_list(s->ctx->method,&s->cipher_list,
 		&s->cipher_list_by_id,str);
-/* XXXX */
-	return((sk == NULL)?0:1);
+	/* see comment in SSL_CTX_set_cipher_list */
+	if (sk == NULL)
+		return 0;
+	else if (sk_SSL_CIPHER_num(sk) == 0)
+		{
+		SSLerr(SSL_F_SSL_SET_CIPHER_LIST, SSL_R_NO_CIPHER_MATCH);
+		return 0;
+		}
+	return 1;
 	}
 
 /* works well for SSLv2, not so good for SSLv3 */
-char *SSL_get_shared_ciphers(SSL *s,char *buf,int len)
+char *SSL_get_shared_ciphers(const SSL *s,char *buf,int len)
 	{
 	char *p;
-	const char *cp;
 	STACK_OF(SSL_CIPHER) *sk;
 	SSL_CIPHER *c;
 	int i;
@@ -1178,32 +1319,34 @@ char *SSL_get_shared_ciphers(SSL *s,char *buf,int len)
 	sk=s->session->ciphers;
 	for (i=0; i<sk_SSL_CIPHER_num(sk); i++)
 		{
-		/* Decrement for either the ':' or a '\0' */
-		len--;
+		int n;
+
 		c=sk_SSL_CIPHER_value(sk,i);
-		for (cp=c->name; *cp; )
+		n=strlen(c->name);
+		if (n+1 > len)
 			{
-			if (len-- == 0)
-				{
-				*p='\0';
-				return(buf);
-				}
-			else
-				*(p++)= *(cp++);
+			if (p != buf)
+				--p;
+			*p='\0';
+			return buf;
 			}
+		strcpy(p,c->name);
+		p+=n;
 		*(p++)=':';
+		len-=n+1;
 		}
 	p[-1]='\0';
 	return(buf);
 	}
 
-int ssl_cipher_list_to_bytes(SSL *s,STACK_OF(SSL_CIPHER) *sk,unsigned char *p)
+int ssl_cipher_list_to_bytes(SSL *s,STACK_OF(SSL_CIPHER) *sk,unsigned char *p,
+			     int (*put_cb)(const SSL_CIPHER *, unsigned char *))
 	{
 	int i,j=0;
 	SSL_CIPHER *c;
 	unsigned char *q;
 #ifndef OPENSSL_NO_KRB5
-        int nokrb5 = !kssl_tgt_is_available(s->kssl_ctx);
+	int nokrb5 = !kssl_tgt_is_available(s->kssl_ctx);
 #endif /* OPENSSL_NO_KRB5 */
 
 	if (sk == NULL) return(0);
@@ -1213,21 +1356,46 @@ int ssl_cipher_list_to_bytes(SSL *s,STACK_OF(SSL_CIPHER) *sk,unsigned char *p)
 		{
 		c=sk_SSL_CIPHER_value(sk,i);
 #ifndef OPENSSL_NO_KRB5
-                if ((c->algorithms & SSL_KRB5) && nokrb5)
-                    continue;
-#endif /* OPENSSL_NO_KRB5 */                    
-		j=ssl_put_cipher_by_char(s,c,p);
+		if (((c->algorithm_mkey & SSL_kKRB5) || (c->algorithm_auth & SSL_aKRB5)) &&
+		    nokrb5)
+		    continue;
+#endif /* OPENSSL_NO_KRB5 */
+#ifndef OPENSSL_NO_PSK
+		/* with PSK there must be client callback set */
+		if (((c->algorithm_mkey & SSL_kPSK) || (c->algorithm_auth & SSL_aPSK)) &&
+		    s->psk_client_callback == NULL)
+			continue;
+#endif /* OPENSSL_NO_PSK */
+		j = put_cb ? put_cb(c,p) : ssl_put_cipher_by_char(s,c,p);
+		p+=j;
+		}
+	/* If p == q, no ciphers and caller indicates an error. Otherwise
+	 * add SCSV if not renegotiating.
+	 */
+	if (p != q && !s->new_session)
+		{
+		static SSL_CIPHER scsv =
+			{
+			0, NULL, SSL3_CK_SCSV, 0, 0, 0, 0, 0, 0, 0, 0, 0
+			};
+		j = put_cb ? put_cb(&scsv,p) : ssl_put_cipher_by_char(s,&scsv,p);
 		p+=j;
+#ifdef OPENSSL_RI_DEBUG
+		fprintf(stderr, "SCSV sent by client\n");
+#endif
 		}
+
 	return(p-q);
 	}
 
 STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s,unsigned char *p,int num,
 					       STACK_OF(SSL_CIPHER) **skp)
 	{
-	SSL_CIPHER *c;
+	const SSL_CIPHER *c;
 	STACK_OF(SSL_CIPHER) *sk;
 	int i,n;
+	if (s->s3)
+		s->s3->send_connection_binding = 0;
 
 	n=ssl_put_cipher_by_char(s,NULL,NULL);
 	if ((num%n) != 0)
@@ -1245,6 +1413,26 @@ STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s,unsigned char *p,int num,
 
 	for (i=0; i<num; i+=n)
 		{
+		/* Check for SCSV */
+		if (s->s3 && (n != 3 || !p[0]) &&
+			(p[n-2] == ((SSL3_CK_SCSV >> 8) & 0xff)) &&
+			(p[n-1] == (SSL3_CK_SCSV & 0xff)))
+			{
+			/* SCSV fatal if renegotiating */
+			if (s->new_session)
+				{
+				SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING);
+				ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_HANDSHAKE_FAILURE); 
+				goto err;
+				}
+			s->s3->send_connection_binding = 1;
+			p += n;
+#ifdef OPENSSL_RI_DEBUG
+			fprintf(stderr, "SCSV received by server\n");
+#endif
+			continue;
+			}
+
 		c=ssl_get_cipher_by_char(s,p);
 		p+=n;
 		if (c != NULL)
@@ -1266,7 +1454,31 @@ err:
 	return(NULL);
 	}
 
-unsigned long SSL_SESSION_hash(SSL_SESSION *a)
+
+#ifndef OPENSSL_NO_TLSEXT
+/** return a servername extension value if provided in Client Hello, or NULL.
+ * So far, only host_name types are defined (RFC 3546).
+ */
+
+const char *SSL_get_servername(const SSL *s, const int type)
+	{
+	if (type != TLSEXT_NAMETYPE_host_name)
+		return NULL;
+
+	return s->session && !s->tlsext_hostname ?
+		s->session->tlsext_hostname :
+		s->tlsext_hostname;
+	}
+
+int SSL_get_servername_type(const SSL *s)
+	{
+	if (s->session && (!s->tlsext_hostname ? s->session->tlsext_hostname : s->tlsext_hostname))
+		return TLSEXT_NAMETYPE_host_name;
+	return -1;
+	}
+#endif
+
+static unsigned long ssl_session_hash(const SSL_SESSION *a)
 	{
 	unsigned long l;
 
@@ -1283,7 +1495,7 @@ unsigned long SSL_SESSION_hash(SSL_SESSION *a)
  * SSL_CTX_has_matching_session_id() is checked accordingly. It relies on being
  * able to construct an SSL_SESSION that will collide with any existing session
  * with a matching session ID. */
-int SSL_SESSION_cmp(SSL_SESSION *a,SSL_SESSION *b)
+static int ssl_session_cmp(const SSL_SESSION *a,const SSL_SESSION *b)
 	{
 	if (a->ssl_version != b->ssl_version)
 		return(1);
@@ -1296,13 +1508,13 @@ int SSL_SESSION_cmp(SSL_SESSION *a,SSL_SESSION *b)
  * SSL_SESSION_hash and SSL_SESSION_cmp for void* types and casting each
  * variable. The reason is that the functions aren't static, they're exposed via
  * ssl.h. */
-static IMPLEMENT_LHASH_HASH_FN(SSL_SESSION_hash, SSL_SESSION *)
-static IMPLEMENT_LHASH_COMP_FN(SSL_SESSION_cmp, SSL_SESSION *)
+static IMPLEMENT_LHASH_HASH_FN(ssl_session, SSL_SESSION)
+static IMPLEMENT_LHASH_COMP_FN(ssl_session, SSL_SESSION)
 
-SSL_CTX *SSL_CTX_new(SSL_METHOD *meth)
+SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth)
 	{
 	SSL_CTX *ret=NULL;
-	
+
 	if (meth == NULL)
 		{
 		SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_NULL_SSL_METHOD_PASSED);
@@ -1368,16 +1580,17 @@ SSL_CTX *SSL_CTX_new(SSL_METHOD *meth)
 	ret->default_passwd_callback=0;
 	ret->default_passwd_callback_userdata=NULL;
 	ret->client_cert_cb=0;
+	ret->app_gen_cookie_cb=0;
+	ret->app_verify_cookie_cb=0;
 
-	ret->sessions=lh_new(LHASH_HASH_FN(SSL_SESSION_hash),
-			LHASH_COMP_FN(SSL_SESSION_cmp));
+	ret->sessions=lh_SSL_SESSION_new();
 	if (ret->sessions == NULL) goto err;
 	ret->cert_store=X509_STORE_new();
 	if (ret->cert_store == NULL) goto err;
 
 	ssl_create_cipher_list(ret->method,
 		&ret->cipher_list,&ret->cipher_list_by_id,
-		SSL_DEFAULT_CIPHER_LIST);
+		meth->version == SSL2_VERSION ? "SSLv2" : SSL_DEFAULT_CIPHER_LIST);
 	if (ret->cipher_list == NULL
 	    || sk_SSL_CIPHER_num(ret->cipher_list) <= 0)
 		{
@@ -1413,6 +1626,69 @@ SSL_CTX *SSL_CTX_new(SSL_METHOD *meth)
 	ret->extra_certs=NULL;
 	ret->comp_methods=SSL_COMP_get_compression_methods();
 
+	ret->max_send_fragment = SSL3_RT_MAX_PLAIN_LENGTH;
+
+#ifndef OPENSSL_NO_TLSEXT
+	ret->tlsext_servername_callback = 0;
+	ret->tlsext_servername_arg = NULL;
+	/* Setup RFC4507 ticket keys */
+	if ((RAND_pseudo_bytes(ret->tlsext_tick_key_name, 16) <= 0)
+		|| (RAND_bytes(ret->tlsext_tick_hmac_key, 16) <= 0)
+		|| (RAND_bytes(ret->tlsext_tick_aes_key, 16) <= 0))
+		ret->options |= SSL_OP_NO_TICKET;
+
+	ret->tlsext_status_cb = 0;
+	ret->tlsext_status_arg = NULL;
+
+#endif
+#ifndef OPENSSL_NO_PSK
+	ret->psk_identity_hint=NULL;
+	ret->psk_client_callback=NULL;
+	ret->psk_server_callback=NULL;
+#endif
+#ifndef OPENSSL_NO_BUF_FREELISTS
+	ret->freelist_max_len = SSL_MAX_BUF_FREELIST_LEN_DEFAULT;
+	ret->rbuf_freelist = OPENSSL_malloc(sizeof(SSL3_BUF_FREELIST));
+	if (!ret->rbuf_freelist)
+		goto err;
+	ret->rbuf_freelist->chunklen = 0;
+	ret->rbuf_freelist->len = 0;
+	ret->rbuf_freelist->head = NULL;
+	ret->wbuf_freelist = OPENSSL_malloc(sizeof(SSL3_BUF_FREELIST));
+	if (!ret->wbuf_freelist)
+		{
+		OPENSSL_free(ret->rbuf_freelist);
+		goto err;
+		}
+	ret->wbuf_freelist->chunklen = 0;
+	ret->wbuf_freelist->len = 0;
+	ret->wbuf_freelist->head = NULL;
+#endif
+#ifndef OPENSSL_NO_ENGINE
+	ret->client_cert_engine = NULL;
+#ifdef OPENSSL_SSL_CLIENT_ENGINE_AUTO
+#define eng_strx(x)	#x
+#define eng_str(x)	eng_strx(x)
+	/* Use specific client engine automatically... ignore errors */
+	{
+	ENGINE *eng;
+	eng = ENGINE_by_id(eng_str(OPENSSL_SSL_CLIENT_ENGINE_AUTO));
+	if (!eng)
+		{
+		ERR_clear_error();
+		ENGINE_load_builtin_engines();
+		eng = ENGINE_by_id(eng_str(OPENSSL_SSL_CLIENT_ENGINE_AUTO));
+		}
+	if (!eng || !SSL_CTX_set_client_cert_engine(ret, eng))
+		ERR_clear_error();
+	}
+#endif
+#endif
+	/* Default is to connect to non-RI servers. When RI is more widely
+	 * deployed might change this.
+	 */
+	ret->options = SSL_OP_LEGACY_SERVER_CONNECT;
+
 	return(ret);
 err:
 	SSLerr(SSL_F_SSL_CTX_NEW,ERR_R_MALLOC_FAILURE);
@@ -1426,6 +1702,20 @@ static void SSL_COMP_free(SSL_COMP *comp)
     { OPENSSL_free(comp); }
 #endif
 
+#ifndef OPENSSL_NO_BUF_FREELISTS
+static void
+ssl_buf_freelist_free(SSL3_BUF_FREELIST *list)
+	{
+	SSL3_BUF_FREELIST_ENTRY *ent, *next;
+	for (ent = list->head; ent; ent = next)
+		{
+		next = ent->next;
+		OPENSSL_free(ent);
+		}
+	OPENSSL_free(list);
+	}
+#endif
+
 void SSL_CTX_free(SSL_CTX *a)
 	{
 	int i;
@@ -1463,7 +1753,7 @@ void SSL_CTX_free(SSL_CTX *a)
 	CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL_CTX, a, &a->ex_data);
 
 	if (a->sessions != NULL)
-		lh_free(a->sessions);
+		lh_SSL_SESSION_free(a->sessions);
 
 	if (a->cert_store != NULL)
 		X509_STORE_free(a->cert_store);
@@ -1483,6 +1773,23 @@ void SSL_CTX_free(SSL_CTX *a)
 #else
 	a->comp_methods = NULL;
 #endif
+
+#ifndef OPENSSL_NO_PSK
+	if (a->psk_identity_hint)
+		OPENSSL_free(a->psk_identity_hint);
+#endif
+#ifndef OPENSSL_NO_ENGINE
+	if (a->client_cert_engine)
+		ENGINE_finish(a->client_cert_engine);
+#endif
+
+#ifndef OPENSSL_NO_BUF_FREELISTS
+	if (a->wbuf_freelist)
+		ssl_buf_freelist_free(a->wbuf_freelist);
+	if (a->rbuf_freelist)
+		ssl_buf_freelist_free(a->rbuf_freelist);
+#endif
+
 	OPENSSL_free(a);
 	}
 
@@ -1513,14 +1820,17 @@ void SSL_CTX_set_verify_depth(SSL_CTX *ctx,int depth)
 	X509_VERIFY_PARAM_set_depth(ctx->param, depth);
 	}
 
-void ssl_set_cert_masks(CERT *c, SSL_CIPHER *cipher)
+void ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
 	{
 	CERT_PKEY *cpk;
 	int rsa_enc,rsa_tmp,rsa_sign,dh_tmp,dh_rsa,dh_dsa,dsa_sign;
 	int rsa_enc_export,dh_rsa_export,dh_dsa_export;
 	int rsa_tmp_export,dh_tmp_export,kl;
-	unsigned long mask,emask;
-	int have_ecc_cert, have_ecdh_tmp, ecdh_ok, ecdsa_ok, ecc_pkey_size;
+	unsigned long mask_k,mask_a,emask_k,emask_a;
+	int have_ecc_cert, ecdh_ok, ecdsa_ok, ecc_pkey_size;
+#ifndef OPENSSL_NO_ECDH
+	int have_ecdh_tmp;
+#endif
 	X509 *x = NULL;
 	EVP_PKEY *ecc_pkey = NULL;
 	int signature_nid = 0;
@@ -1563,60 +1873,77 @@ void ssl_set_cert_masks(CERT *c, SSL_CIPHER *cipher)
 	dh_dsa_export=(dh_dsa && EVP_PKEY_size(cpk->privatekey)*8 <= kl);
 	cpk= &(c->pkeys[SSL_PKEY_ECC]);
 	have_ecc_cert= (cpk->x509 != NULL && cpk->privatekey != NULL);
-	mask=0;
-	emask=0;
+	mask_k=0;
+	mask_a=0;
+	emask_k=0;
+	emask_a=0;
+
+	
 
 #ifdef CIPHER_DEBUG
-	printf("rt=%d rte=%d dht=%d re=%d ree=%d rs=%d ds=%d dhr=%d dhd=%d\n",
-		rsa_tmp,rsa_tmp_export,dh_tmp,
+	printf("rt=%d rte=%d dht=%d ecdht=%d re=%d ree=%d rs=%d ds=%d dhr=%d dhd=%d\n",
+	        rsa_tmp,rsa_tmp_export,dh_tmp,have_ecdh_tmp,
 		rsa_enc,rsa_enc_export,rsa_sign,dsa_sign,dh_rsa,dh_dsa);
 #endif
+	
+	cpk = &(c->pkeys[SSL_PKEY_GOST01]);
+	if (cpk->x509 != NULL && cpk->privatekey !=NULL) {
+		mask_k |= SSL_kGOST;
+		mask_a |= SSL_aGOST01;
+	}
+	cpk = &(c->pkeys[SSL_PKEY_GOST94]);
+	if (cpk->x509 != NULL && cpk->privatekey !=NULL) {
+		mask_k |= SSL_kGOST;
+		mask_a |= SSL_aGOST94;
+	}
 
 	if (rsa_enc || (rsa_tmp && rsa_sign))
-		mask|=SSL_kRSA;
+		mask_k|=SSL_kRSA;
 	if (rsa_enc_export || (rsa_tmp_export && (rsa_sign || rsa_enc)))
-		emask|=SSL_kRSA;
+		emask_k|=SSL_kRSA;
 
 #if 0
 	/* The match needs to be both kEDH and aRSA or aDSA, so don't worry */
-	if (	(dh_tmp || dh_rsa || dh_dsa) && 
+	if (	(dh_tmp || dh_rsa || dh_dsa) &&
 		(rsa_enc || rsa_sign || dsa_sign))
-		mask|=SSL_kEDH;
+		mask_k|=SSL_kEDH;
 	if ((dh_tmp_export || dh_rsa_export || dh_dsa_export) &&
 		(rsa_enc || rsa_sign || dsa_sign))
-		emask|=SSL_kEDH;
+		emask_k|=SSL_kEDH;
 #endif
 
-	if (dh_tmp_export) 
-		emask|=SSL_kEDH;
+	if (dh_tmp_export)
+		emask_k|=SSL_kEDH;
 
 	if (dh_tmp)
-		mask|=SSL_kEDH;
+		mask_k|=SSL_kEDH;
 
-	if (dh_rsa) mask|=SSL_kDHr;
-	if (dh_rsa_export) emask|=SSL_kDHr;
+	if (dh_rsa) mask_k|=SSL_kDHr;
+	if (dh_rsa_export) emask_k|=SSL_kDHr;
 
-	if (dh_dsa) mask|=SSL_kDHd;
-	if (dh_dsa_export) emask|=SSL_kDHd;
+	if (dh_dsa) mask_k|=SSL_kDHd;
+	if (dh_dsa_export) emask_k|=SSL_kDHd;
 
 	if (rsa_enc || rsa_sign)
 		{
-		mask|=SSL_aRSA;
-		emask|=SSL_aRSA;
+		mask_a|=SSL_aRSA;
+		emask_a|=SSL_aRSA;
 		}
 
 	if (dsa_sign)
 		{
-		mask|=SSL_aDSS;
-		emask|=SSL_aDSS;
+		mask_a|=SSL_aDSS;
+		emask_a|=SSL_aDSS;
 		}
 
-	mask|=SSL_aNULL;
-	emask|=SSL_aNULL;
+	mask_a|=SSL_aNULL;
+	emask_a|=SSL_aNULL;
 
 #ifndef OPENSSL_NO_KRB5
-	mask|=SSL_kKRB5|SSL_aKRB5;
-	emask|=SSL_kKRB5|SSL_aKRB5;
+	mask_k|=SSL_kKRB5;
+	mask_a|=SSL_aKRB5;
+	emask_k|=SSL_kKRB5;
+	emask_a|=SSL_aKRB5;
 #endif
 
 	/* An ECC certificate may be usable for ECDH and/or
@@ -1624,7 +1951,7 @@ void ssl_set_cert_masks(CERT *c, SSL_CIPHER *cipher)
 	 */
 	if (have_ecc_cert)
 		{
-                /* This call populates extension flags (ex_flags) */
+		/* This call populates extension flags (ex_flags) */
 		x = (c->pkeys[SSL_PKEY_ECC]).x509;
 		X509_check_purpose(x, -1, 0);
 		ecdh_ok = (x->ex_flags & EXFLAG_KUSAGE) ?
@@ -1632,7 +1959,7 @@ void ssl_set_cert_masks(CERT *c, SSL_CIPHER *cipher)
 		ecdsa_ok = (x->ex_flags & EXFLAG_KUSAGE) ?
 		    (x->ex_kusage & X509v3_KU_DIGITAL_SIGNATURE) : 1;
 		ecc_pkey = X509_get_pubkey(x);
-		ecc_pkey_size = (ecc_pkey != NULL) ? 
+		ecc_pkey_size = (ecc_pkey != NULL) ?
 		    EVP_PKEY_bits(ecc_pkey) : 0;
 		EVP_PKEY_free(ecc_pkey);
 		if ((x->sig_alg) && (x->sig_alg->algorithm))
@@ -1640,27 +1967,41 @@ void ssl_set_cert_masks(CERT *c, SSL_CIPHER *cipher)
 #ifndef OPENSSL_NO_ECDH
 		if (ecdh_ok)
 			{
-			if ((signature_nid == NID_md5WithRSAEncryption) ||
-			    (signature_nid == NID_md4WithRSAEncryption) ||
-			    (signature_nid == NID_md2WithRSAEncryption))
+			const char *sig = OBJ_nid2ln(signature_nid);
+			if (sig == NULL)
+				{
+				ERR_clear_error();
+				sig = "unknown";
+				}
+				
+			if (strstr(sig, "WithRSA"))
 				{
-				mask|=SSL_kECDH|SSL_aRSA;
+				mask_k|=SSL_kECDHr;
+				mask_a|=SSL_aECDH;
 				if (ecc_pkey_size <= 163)
-					emask|=SSL_kECDH|SSL_aRSA;
+					{
+					emask_k|=SSL_kECDHr;
+					emask_a|=SSL_aECDH;
+					}
 				}
+
 			if (signature_nid == NID_ecdsa_with_SHA1)
 				{
-				mask|=SSL_kECDH|SSL_aECDSA;
+				mask_k|=SSL_kECDHe;
+				mask_a|=SSL_aECDH;
 				if (ecc_pkey_size <= 163)
-					emask|=SSL_kECDH|SSL_aECDSA;
+					{
+					emask_k|=SSL_kECDHe;
+					emask_a|=SSL_aECDH;
+					}
 				}
 			}
 #endif
 #ifndef OPENSSL_NO_ECDSA
 		if (ecdsa_ok)
 			{
-			mask|=SSL_aECDSA;
-			emask|=SSL_aECDSA;
+			mask_a|=SSL_aECDSA;
+			emask_a|=SSL_aECDSA;
 			}
 #endif
 		}
@@ -1668,12 +2009,22 @@ void ssl_set_cert_masks(CERT *c, SSL_CIPHER *cipher)
 #ifndef OPENSSL_NO_ECDH
 	if (have_ecdh_tmp)
 		{
-		mask|=SSL_kECDHE;
-		emask|=SSL_kECDHE;
+		mask_k|=SSL_kEECDH;
+		emask_k|=SSL_kEECDH;
 		}
 #endif
-	c->mask=mask;
-	c->export_mask=emask;
+
+#ifndef OPENSSL_NO_PSK
+	mask_k |= SSL_kPSK;
+	mask_a |= SSL_aPSK;
+	emask_k |= SSL_kPSK;
+	emask_a |= SSL_aPSK;
+#endif
+
+	c->mask_k=mask_k;
+	c->mask_a=mask_a;
+	c->export_mask_k=emask_k;
+	c->export_mask_a=emask_a;
 	c->valid=1;
 	}
 
@@ -1681,13 +2032,18 @@ void ssl_set_cert_masks(CERT *c, SSL_CIPHER *cipher)
 #define ku_reject(x, usage) \
 	(((x)->ex_flags & EXFLAG_KUSAGE) && !((x)->ex_kusage & (usage)))
 
-int check_srvr_ecc_cert_and_alg(X509 *x, SSL_CIPHER *cs)
+#ifndef OPENSSL_NO_EC
+
+int ssl_check_srvr_ecc_cert_and_alg(X509 *x, const SSL_CIPHER *cs)
 	{
-	unsigned long alg = cs->algorithms;
+	unsigned long alg_k, alg_a;
 	EVP_PKEY *pkey = NULL;
 	int keysize = 0;
 	int signature_nid = 0;
 
+	alg_k = cs->algorithm_mkey;
+	alg_a = cs->algorithm_auth;
+
 	if (SSL_C_IS_EXPORT(cs))
 		{
 		/* ECDH key length in export ciphers must be <= 163 bits */
@@ -1702,37 +2058,46 @@ int check_srvr_ecc_cert_and_alg(X509 *x, SSL_CIPHER *cs)
 	X509_check_purpose(x, -1, 0);
 	if ((x->sig_alg) && (x->sig_alg->algorithm))
 		signature_nid = OBJ_obj2nid(x->sig_alg->algorithm);
-	if (alg & SSL_kECDH) 
+	if (alg_k & SSL_kECDHe || alg_k & SSL_kECDHr)
 		{
 		/* key usage, if present, must allow key agreement */
 		if (ku_reject(x, X509v3_KU_KEY_AGREEMENT))
 			{
+			SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG, SSL_R_ECC_CERT_NOT_FOR_KEY_AGREEMENT);
 			return 0;
 			}
-		if (alg & SSL_aECDSA) 
+		if (alg_k & SSL_kECDHe)
 			{
 			/* signature alg must be ECDSA */
 			if (signature_nid != NID_ecdsa_with_SHA1)
 				{
+				SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG, SSL_R_ECC_CERT_SHOULD_HAVE_SHA1_SIGNATURE);
 				return 0;
 				}
 			}
-		if (alg & SSL_aRSA)
+		if (alg_k & SSL_kECDHr)
 			{
 			/* signature alg must be RSA */
-			if ((signature_nid != NID_md5WithRSAEncryption) &&
-			    (signature_nid != NID_md4WithRSAEncryption) &&
-			    (signature_nid != NID_md2WithRSAEncryption))
+
+			const char *sig = OBJ_nid2ln(signature_nid);
+			if (sig == NULL)
 				{
+				ERR_clear_error();
+				sig = "unknown";
+				}
+			if (strstr(sig, "WithRSA") == NULL)
+				{
+				SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG, SSL_R_ECC_CERT_SHOULD_HAVE_RSA_SIGNATURE);
 				return 0;
 				}
 			}
-		} 
-	else if (alg & SSL_aECDSA)
+		}
+	if (alg_a & SSL_aECDSA)
 		{
 		/* key usage, if present, must allow signing */
 		if (ku_reject(x, X509v3_KU_DIGITAL_SIGNATURE))
 			{
+			SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG, SSL_R_ECC_CERT_NOT_FOR_SIGNING);
 			return 0;
 			}
 		}
@@ -1740,58 +2105,74 @@ int check_srvr_ecc_cert_and_alg(X509 *x, SSL_CIPHER *cs)
 	return 1;  /* all checks are ok */
 	}
 
+#endif
+
 /* THIS NEEDS CLEANING UP */
 X509 *ssl_get_server_send_cert(SSL *s)
 	{
-	unsigned long alg,mask,kalg;
+	unsigned long alg_k,alg_a,mask_k,mask_a;
 	CERT *c;
 	int i,is_export;
 
 	c=s->cert;
 	ssl_set_cert_masks(c, s->s3->tmp.new_cipher);
-	alg=s->s3->tmp.new_cipher->algorithms;
 	is_export=SSL_C_IS_EXPORT(s->s3->tmp.new_cipher);
-	mask=is_export?c->export_mask:c->mask;
-	kalg=alg&(SSL_MKEY_MASK|SSL_AUTH_MASK);
+	if (is_export)
+		{
+		mask_k = c->export_mask_k;
+		mask_a = c->export_mask_a;
+		}
+	else
+		{
+		mask_k = c->mask_k;
+		mask_a = c->mask_a;
+		}
+	
+	alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
+	alg_a = s->s3->tmp.new_cipher->algorithm_auth;
 
-	if (kalg & SSL_kECDH)
+	if (alg_k & (SSL_kECDHr|SSL_kECDHe))
 		{
-		/* we don't need to look at SSL_kECDHE 
+		/* we don't need to look at SSL_kEECDH
 		 * since no certificate is needed for
 		 * anon ECDH and for authenticated
-		 * ECDHE, the check for the auth 
+		 * EECDH, the check for the auth
 		 * algorithm will set i correctly
 		 * NOTE: For ECDH-RSA, we need an ECC
-		 * not an RSA cert but for ECDHE-RSA
+		 * not an RSA cert but for EECDH-RSA
 		 * we need an RSA cert. Placing the
 		 * checks for SSL_kECDH before RSA
 		 * checks ensures the correct cert is chosen.
 		 */
 		i=SSL_PKEY_ECC;
 		}
-	else if (kalg & SSL_aECDSA)
+	else if (alg_a & SSL_aECDSA)
 		{
 		i=SSL_PKEY_ECC;
 		}
-	else if (kalg & SSL_kDHr)
+	else if (alg_k & SSL_kDHr)
 		i=SSL_PKEY_DH_RSA;
-	else if (kalg & SSL_kDHd)
+	else if (alg_k & SSL_kDHd)
 		i=SSL_PKEY_DH_DSA;
-	else if (kalg & SSL_aDSS)
+	else if (alg_a & SSL_aDSS)
 		i=SSL_PKEY_DSA_SIGN;
-	else if (kalg & SSL_aRSA)
+	else if (alg_a & SSL_aRSA)
 		{
 		if (c->pkeys[SSL_PKEY_RSA_ENC].x509 == NULL)
 			i=SSL_PKEY_RSA_SIGN;
 		else
 			i=SSL_PKEY_RSA_ENC;
 		}
-	else if (kalg & SSL_aKRB5)
+	else if (alg_a & SSL_aKRB5)
 		{
 		/* VRS something else here? */
 		return(NULL);
 		}
-	else /* if (kalg & SSL_aNULL) */
+	else if (alg_a & SSL_aGOST94) 
+		i=SSL_PKEY_GOST94;
+	else if (alg_a & SSL_aGOST01)
+		i=SSL_PKEY_GOST01;
+	else /* if (alg_a & SSL_aNULL) */
 		{
 		SSLerr(SSL_F_SSL_GET_SERVER_SEND_CERT,ERR_R_INTERNAL_ERROR);
 		return(NULL);
@@ -1801,18 +2182,18 @@ X509 *ssl_get_server_send_cert(SSL *s)
 	return(c->pkeys[i].x509);
 	}
 
-EVP_PKEY *ssl_get_sign_pkey(SSL *s,SSL_CIPHER *cipher)
+EVP_PKEY *ssl_get_sign_pkey(SSL *s,const SSL_CIPHER *cipher)
 	{
-	unsigned long alg;
+	unsigned long alg_a;
 	CERT *c;
 
-	alg=cipher->algorithms;
+	alg_a = cipher->algorithm_auth;
 	c=s->cert;
 
-	if ((alg & SSL_aDSS) &&
+	if ((alg_a & SSL_aDSS) &&
 		(c->pkeys[SSL_PKEY_DSA_SIGN].privatekey != NULL))
 		return(c->pkeys[SSL_PKEY_DSA_SIGN].privatekey);
-	else if (alg & SSL_aRSA)
+	else if (alg_a & SSL_aRSA)
 		{
 		if (c->pkeys[SSL_PKEY_RSA_SIGN].privatekey != NULL)
 			return(c->pkeys[SSL_PKEY_RSA_SIGN].privatekey);
@@ -1821,10 +2202,10 @@ EVP_PKEY *ssl_get_sign_pkey(SSL *s,SSL_CIPHER *cipher)
 		else
 			return(NULL);
 		}
-	else if ((alg & SSL_aECDSA) &&
+	else if ((alg_a & SSL_aECDSA) &&
 	         (c->pkeys[SSL_PKEY_ECC].privatekey != NULL))
 		return(c->pkeys[SSL_PKEY_ECC].privatekey);
-	else /* if (alg & SSL_aNULL) */
+	else /* if (alg_a & SSL_aNULL) */
 		{
 		SSLerr(SSL_F_SSL_GET_SIGN_PKEY,ERR_R_INTERNAL_ERROR);
 		return(NULL);
@@ -1839,14 +2220,14 @@ void ssl_update_cache(SSL *s,int mode)
 	 * and it would be rather hard to do anyway :-) */
 	if (s->session->session_id_length == 0) return;
 
-	i=s->ctx->session_cache_mode;
+	i=s->session_ctx->session_cache_mode;
 	if ((i & mode) && (!s->hit)
 		&& ((i & SSL_SESS_CACHE_NO_INTERNAL_STORE)
-		    || SSL_CTX_add_session(s->ctx,s->session))
-		&& (s->ctx->new_session_cb != NULL))
+		    || SSL_CTX_add_session(s->session_ctx,s->session))
+		&& (s->session_ctx->new_session_cb != NULL))
 		{
 		CRYPTO_add(&s->session->references,1,CRYPTO_LOCK_SSL_SESSION);
-		if (!s->ctx->new_session_cb(s,s->session))
+		if (!s->session_ctx->new_session_cb(s,s->session))
 			SSL_SESSION_free(s->session);
 		}
 
@@ -1855,20 +2236,20 @@ void ssl_update_cache(SSL *s,int mode)
 		((i & mode) == mode))
 		{
 		if (  (((mode & SSL_SESS_CACHE_CLIENT)
-			?s->ctx->stats.sess_connect_good
-			:s->ctx->stats.sess_accept_good) & 0xff) == 0xff)
+			?s->session_ctx->stats.sess_connect_good
+			:s->session_ctx->stats.sess_accept_good) & 0xff) == 0xff)
 			{
-			SSL_CTX_flush_sessions(s->ctx,time(NULL));
+			SSL_CTX_flush_sessions(s->session_ctx,(unsigned long)time(NULL));
 			}
 		}
 	}
 
-SSL_METHOD *SSL_get_ssl_method(SSL *s)
+const SSL_METHOD *SSL_get_ssl_method(SSL *s)
 	{
 	return(s->method);
 	}
 
-int SSL_set_ssl_method(SSL *s,SSL_METHOD *meth)
+int SSL_set_ssl_method(SSL *s, const SSL_METHOD *meth)
 	{
 	int conn= -1;
 	int ret=1;
@@ -1895,7 +2276,7 @@ int SSL_set_ssl_method(SSL *s,SSL_METHOD *meth)
 	return(ret);
 	}
 
-int SSL_get_error(SSL *s,int i)
+int SSL_get_error(const SSL *s,int i)
 	{
 	int reason;
 	unsigned long l;
@@ -2011,6 +2392,8 @@ void SSL_set_accept_state(SSL *s)
 	s->handshake_func=s->method->ssl_accept;
 	/* clear the current cipher */
 	ssl_clear_cipher_ctx(s);
+	ssl_clear_hash_ctx(&s->read_hash);
+	ssl_clear_hash_ctx(&s->write_hash);
 	}
 
 void SSL_set_connect_state(SSL *s)
@@ -2021,6 +2404,8 @@ void SSL_set_connect_state(SSL *s)
 	s->handshake_func=s->method->ssl_connect;
 	/* clear the current cipher */
 	ssl_clear_cipher_ctx(s);
+	ssl_clear_hash_ctx(&s->read_hash);
+	ssl_clear_hash_ctx(&s->write_hash);
 	}
 
 int ssl_undefined_function(SSL *s)
@@ -2029,16 +2414,30 @@ int ssl_undefined_function(SSL *s)
 	return(0);
 	}
 
+int ssl_undefined_void_function(void)
+	{
+	SSLerr(SSL_F_SSL_UNDEFINED_VOID_FUNCTION,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+	return(0);
+	}
+
+int ssl_undefined_const_function(const SSL *s)
+	{
+	SSLerr(SSL_F_SSL_UNDEFINED_CONST_FUNCTION,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+	return(0);
+	}
+
 SSL_METHOD *ssl_bad_method(int ver)
 	{
 	SSLerr(SSL_F_SSL_BAD_METHOD,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
 	return(NULL);
 	}
 
-const char *SSL_get_version(SSL *s)
+const char *SSL_get_version(const SSL *s)
 	{
-	if (s->version == TLS1_VERSION)
-		return("TLSv1");
+	if (s->version == TLS1_1_VERSION)
+		return("TLSv1.1");
+	else if (s->version == SSL3_VERSION)
+		return("SSLv3");
 	else if (s->version == SSL3_VERSION)
 		return("SSLv3");
 	else if (s->version == SSL2_VERSION)
@@ -2053,7 +2452,7 @@ SSL *SSL_dup(SSL *s)
 	X509_NAME *xn;
 	SSL *ret;
 	int i;
-		 
+	
 	if ((ret=SSL_new(SSL_get_SSL_CTX(s))) == NULL)
 	    return(NULL);
 
@@ -2191,6 +2590,7 @@ void ssl_clear_cipher_ctx(SSL *s)
 		OPENSSL_free(s->enc_write_ctx);
 		s->enc_write_ctx=NULL;
 		}
+#ifndef OPENSSL_NO_COMP
 	if (s->expand != NULL)
 		{
 		COMP_CTX_free(s->expand);
@@ -2201,10 +2601,11 @@ void ssl_clear_cipher_ctx(SSL *s)
 		COMP_CTX_free(s->compress);
 		s->compress=NULL;
 		}
+#endif
 	}
 
 /* Fix this function so that it takes an optional type parameter */
-X509 *SSL_get_certificate(SSL *s)
+X509 *SSL_get_certificate(const SSL *s)
 	{
 	if (s->cert != NULL)
 		return(s->cert->key->x509);
@@ -2221,12 +2622,22 @@ EVP_PKEY *SSL_get_privatekey(SSL *s)
 		return(NULL);
 	}
 
-SSL_CIPHER *SSL_get_current_cipher(SSL *s)
+const SSL_CIPHER *SSL_get_current_cipher(const SSL *s)
 	{
 	if ((s->session != NULL) && (s->session->cipher != NULL))
 		return(s->session->cipher);
 	return(NULL);
 	}
+#ifdef OPENSSL_NO_COMP
+const void *SSL_get_current_compression(SSL *s)
+	{
+	return NULL;
+	}
+const void *SSL_get_current_expansion(SSL *s)
+	{
+	return NULL;
+	}
+#else
 
 const COMP_METHOD *SSL_get_current_compression(SSL *s)
 	{
@@ -2241,6 +2652,7 @@ const COMP_METHOD *SSL_get_current_expansion(SSL *s)
 		return(s->expand->meth);
 	return(NULL);
 	}
+#endif
 
 int ssl_init_wbio_buffer(SSL *s,int push)
 	{
@@ -2288,7 +2700,7 @@ void ssl_free_wbio_buffer(SSL *s)
 		s->wbio=BIO_pop(s->wbio);
 #ifdef REF_CHECK /* not the usual REF_CHECK, but this avoids adding one more preprocessor symbol */
 		assert(s->wbio != NULL);
-#endif	
+#endif
 	}
 	BIO_free(s->bbio);
 	s->bbio=NULL;
@@ -2299,7 +2711,7 @@ void SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx,int mode)
 	ctx->quiet_shutdown=mode;
 	}
 
-int SSL_CTX_get_quiet_shutdown(SSL_CTX *ctx)
+int SSL_CTX_get_quiet_shutdown(const SSL_CTX *ctx)
 	{
 	return(ctx->quiet_shutdown);
 	}
@@ -2309,7 +2721,7 @@ void SSL_set_quiet_shutdown(SSL *s,int mode)
 	s->quiet_shutdown=mode;
 	}
 
-int SSL_get_quiet_shutdown(SSL *s)
+int SSL_get_quiet_shutdown(const SSL *s)
 	{
 	return(s->quiet_shutdown);
 	}
@@ -2319,21 +2731,39 @@ void SSL_set_shutdown(SSL *s,int mode)
 	s->shutdown=mode;
 	}
 
-int SSL_get_shutdown(SSL *s)
+int SSL_get_shutdown(const SSL *s)
 	{
 	return(s->shutdown);
 	}
 
-int SSL_version(SSL *s)
+int SSL_version(const SSL *s)
 	{
 	return(s->version);
 	}
 
-SSL_CTX *SSL_get_SSL_CTX(SSL *ssl)
+SSL_CTX *SSL_get_SSL_CTX(const SSL *ssl)
 	{
 	return(ssl->ctx);
 	}
 
+SSL_CTX *SSL_set_SSL_CTX(SSL *ssl, SSL_CTX* ctx)
+	{
+	if (ssl->ctx == ctx)
+		return ssl->ctx;
+#ifndef OPENSSL_NO_TLSEXT
+	if (ctx == NULL)
+		ctx = ssl->initial_ctx;
+#endif
+	if (ssl->cert != NULL)
+		ssl_cert_free(ssl->cert);
+	ssl->cert = ssl_cert_dup(ctx->cert);
+	CRYPTO_add(&ctx->references,1,CRYPTO_LOCK_SSL_CTX);
+	if (ssl->ctx != NULL)
+		SSL_CTX_free(ssl->ctx); /* decrement reference count */
+	ssl->ctx = ctx;
+	return(ssl->ctx);
+	}
+
 #ifndef OPENSSL_NO_STDIO
 int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx)
 	{
@@ -2348,17 +2778,19 @@ int SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile,
 #endif
 
 void SSL_set_info_callback(SSL *ssl,
-			   void (*cb)(const SSL *ssl,int type,int val))
+	void (*cb)(const SSL *ssl,int type,int val))
 	{
 	ssl->info_callback=cb;
 	}
 
-void (*SSL_get_info_callback(SSL *ssl))(const SSL *ssl,int type,int val)
+/* One compiler (Diab DCC) doesn't like argument names in returned
+   function pointer.  */
+void (*SSL_get_info_callback(const SSL *ssl))(const SSL * /*ssl*/,int /*type*/,int /*val*/)
 	{
 	return ssl->info_callback;
 	}
 
-int SSL_state(SSL *ssl)
+int SSL_state(const SSL *ssl)
 	{
 	return(ssl->state);
 	}
@@ -2368,7 +2800,7 @@ void SSL_set_verify_result(SSL *ssl,long arg)
 	ssl->verify_result=arg;
 	}
 
-long SSL_get_verify_result(SSL *ssl)
+long SSL_get_verify_result(const SSL *ssl)
 	{
 	return(ssl->verify_result);
 	}
@@ -2385,7 +2817,7 @@ int SSL_set_ex_data(SSL *s,int idx,void *arg)
 	return(CRYPTO_set_ex_data(&s->ex_data,idx,arg));
 	}
 
-void *SSL_get_ex_data(SSL *s,int idx)
+void *SSL_get_ex_data(const SSL *s,int idx)
 	{
 	return(CRYPTO_get_ex_data(&s->ex_data,idx));
 	}
@@ -2402,7 +2834,7 @@ int SSL_CTX_set_ex_data(SSL_CTX *s,int idx,void *arg)
 	return(CRYPTO_set_ex_data(&s->ex_data,idx,arg));
 	}
 
-void *SSL_CTX_get_ex_data(SSL_CTX *s,int idx)
+void *SSL_CTX_get_ex_data(const SSL_CTX *s,int idx)
 	{
 	return(CRYPTO_get_ex_data(&s->ex_data,idx));
 	}
@@ -2412,7 +2844,7 @@ int ssl_ok(SSL *s)
 	return(1);
 	}
 
-X509_STORE *SSL_CTX_get_cert_store(SSL_CTX *ctx)
+X509_STORE *SSL_CTX_get_cert_store(const SSL_CTX *ctx)
 	{
 	return(ctx->cert_store);
 	}
@@ -2424,7 +2856,7 @@ void SSL_CTX_set_cert_store(SSL_CTX *ctx,X509_STORE *store)
 	ctx->cert_store=store;
 	}
 
-int SSL_want(SSL *s)
+int SSL_want(const SSL *s)
 	{
 	return(s->rwstate);
 	}
@@ -2440,14 +2872,14 @@ void SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx,RSA *(*cb)(SSL *ssl,
 							  int is_export,
 							  int keylength))
     {
-    SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TMP_RSA_CB,(void (*)())cb);
+    SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TMP_RSA_CB,(void (*)(void))cb);
     }
 
 void SSL_set_tmp_rsa_callback(SSL *ssl,RSA *(*cb)(SSL *ssl,
 						  int is_export,
 						  int keylength))
     {
-    SSL_callback_ctrl(ssl,SSL_CTRL_SET_TMP_RSA_CB,(void (*)())cb);
+    SSL_callback_ctrl(ssl,SSL_CTRL_SET_TMP_RSA_CB,(void (*)(void))cb);
     }
 #endif
 
@@ -2474,43 +2906,152 @@ RSA *cb(SSL *ssl,int is_export,int keylength)
 
 #ifndef OPENSSL_NO_DH
 void SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx,DH *(*dh)(SSL *ssl,int is_export,
-							int keylength))
+                                                        int keylength))
 	{
-	SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TMP_DH_CB,(void (*)())dh);
+	SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TMP_DH_CB,(void (*)(void))dh);
 	}
 
 void SSL_set_tmp_dh_callback(SSL *ssl,DH *(*dh)(SSL *ssl,int is_export,
-						int keylength))
+                                                int keylength))
 	{
-	SSL_callback_ctrl(ssl,SSL_CTRL_SET_TMP_DH_CB,(void (*)())dh);
+	SSL_callback_ctrl(ssl,SSL_CTRL_SET_TMP_DH_CB,(void (*)(void))dh);
 	}
 #endif
 
 #ifndef OPENSSL_NO_ECDH
 void SSL_CTX_set_tmp_ecdh_callback(SSL_CTX *ctx,EC_KEY *(*ecdh)(SSL *ssl,int is_export,
-							int keylength))
+                                                                int keylength))
 	{
-	SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TMP_ECDH_CB,(void (*)())ecdh);
+	SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TMP_ECDH_CB,(void (*)(void))ecdh);
 	}
 
 void SSL_set_tmp_ecdh_callback(SSL *ssl,EC_KEY *(*ecdh)(SSL *ssl,int is_export,
-						int keylength))
+                                                        int keylength))
 	{
-	SSL_callback_ctrl(ssl,SSL_CTRL_SET_TMP_ECDH_CB,(void (*)())ecdh);
+	SSL_callback_ctrl(ssl,SSL_CTRL_SET_TMP_ECDH_CB,(void (*)(void))ecdh);
 	}
 #endif
 
+#ifndef OPENSSL_NO_PSK
+int SSL_CTX_use_psk_identity_hint(SSL_CTX *ctx, const char *identity_hint)
+	{
+	if (identity_hint != NULL && strlen(identity_hint) > PSK_MAX_IDENTITY_LEN)
+		{
+		SSLerr(SSL_F_SSL_CTX_USE_PSK_IDENTITY_HINT, SSL_R_DATA_LENGTH_TOO_LONG);
+		return 0;
+		}
+	if (ctx->psk_identity_hint != NULL)
+		OPENSSL_free(ctx->psk_identity_hint);
+	if (identity_hint != NULL)
+		{
+		ctx->psk_identity_hint = BUF_strdup(identity_hint);
+		if (ctx->psk_identity_hint == NULL)
+			return 0;
+		}
+	else
+		ctx->psk_identity_hint = NULL;
+	return 1;
+	}
+
+int SSL_use_psk_identity_hint(SSL *s, const char *identity_hint)
+	{
+	if (s == NULL)
+		return 0;
+
+	if (s->session == NULL)
+		return 1; /* session not created yet, ignored */
+
+	if (identity_hint != NULL && strlen(identity_hint) > PSK_MAX_IDENTITY_LEN)
+		{
+		SSLerr(SSL_F_SSL_USE_PSK_IDENTITY_HINT, SSL_R_DATA_LENGTH_TOO_LONG);
+		return 0;
+		}
+	if (s->session->psk_identity_hint != NULL)
+		OPENSSL_free(s->session->psk_identity_hint);
+	if (identity_hint != NULL)
+		{
+		s->session->psk_identity_hint = BUF_strdup(identity_hint);
+		if (s->session->psk_identity_hint == NULL)
+			return 0;
+		}
+	else
+		s->session->psk_identity_hint = NULL;
+	return 1;
+	}
+
+const char *SSL_get_psk_identity_hint(const SSL *s)
+	{
+	if (s == NULL || s->session == NULL)
+		return NULL;
+	return(s->session->psk_identity_hint);
+	}
+
+const char *SSL_get_psk_identity(const SSL *s)
+	{
+	if (s == NULL || s->session == NULL)
+		return NULL;
+	return(s->session->psk_identity);
+	}
+
+void SSL_set_psk_client_callback(SSL *s,
+    unsigned int (*cb)(SSL *ssl, const char *hint,
+                       char *identity, unsigned int max_identity_len, unsigned char *psk,
+                       unsigned int max_psk_len))
+	{
+	s->psk_client_callback = cb;
+	}
+
+void SSL_CTX_set_psk_client_callback(SSL_CTX *ctx,
+    unsigned int (*cb)(SSL *ssl, const char *hint,
+                       char *identity, unsigned int max_identity_len, unsigned char *psk,
+                       unsigned int max_psk_len))
+	{
+	ctx->psk_client_callback = cb;
+	}
+
+void SSL_set_psk_server_callback(SSL *s,
+    unsigned int (*cb)(SSL *ssl, const char *identity,
+                       unsigned char *psk, unsigned int max_psk_len))
+	{
+	s->psk_server_callback = cb;
+	}
+
+void SSL_CTX_set_psk_server_callback(SSL_CTX *ctx,
+    unsigned int (*cb)(SSL *ssl, const char *identity,
+                       unsigned char *psk, unsigned int max_psk_len))
+	{
+	ctx->psk_server_callback = cb;
+	}
+#endif
 
 void SSL_CTX_set_msg_callback(SSL_CTX *ctx, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg))
 	{
-	SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_MSG_CALLBACK, (void (*)())cb);
+	SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_MSG_CALLBACK, (void (*)(void))cb);
 	}
 void SSL_set_msg_callback(SSL *ssl, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg))
 	{
-	SSL_callback_ctrl(ssl, SSL_CTRL_SET_MSG_CALLBACK, (void (*)())cb);
+	SSL_callback_ctrl(ssl, SSL_CTRL_SET_MSG_CALLBACK, (void (*)(void))cb);
 	}
 
+/* Allocates new EVP_MD_CTX and sets pointer to it into given pointer
+ * vairable, freeing  EVP_MD_CTX previously stored in that variable, if
+ * any. If EVP_MD pointer is passed, initializes ctx with this md
+ * Returns newly allocated ctx;
+ */
+
+EVP_MD_CTX *ssl_replace_hash(EVP_MD_CTX **hash,const EVP_MD *md) 
+{
+	ssl_clear_hash_ctx(hash);
+	*hash = EVP_MD_CTX_create();
+	if (md) EVP_DigestInit_ex(*hash,md,NULL);
+	return *hash;
+}
+void ssl_clear_hash_ctx(EVP_MD_CTX **hash) 
+{
 
+	if (*hash) EVP_MD_CTX_destroy(*hash);
+	*hash=NULL;
+}
 
 #if defined(_WINDLL) && defined(OPENSSL_SYS_WIN16)
 #include "../crypto/bio/bss_file.c"
@@ -2518,3 +3059,6 @@ void SSL_set_msg_callback(SSL *ssl, void (*cb)(int write_p, int version, int con
 
 IMPLEMENT_STACK_OF(SSL_CIPHER)
 IMPLEMENT_STACK_OF(SSL_COMP)
+IMPLEMENT_OBJ_BSEARCH_GLOBAL_CMP_FN(SSL_CIPHER, SSL_CIPHER,
+				    ssl_cipher_id);
+
diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h
index 9c1fddd25c..41f0f77597 100644
--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h
@@ -56,7 +56,7 @@
  * [including the GNU Public Licence.]
  */
 /* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1998-2007 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -113,6 +113,32 @@
  * ECC cipher suite support in OpenSSL originally developed by 
  * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
  */
+/* ====================================================================
+ * Copyright 2005 Nokia. All rights reserved.
+ *
+ * The portions of the attached software ("Contribution") is developed by
+ * Nokia Corporation and is licensed pursuant to the OpenSSL open source
+ * license.
+ *
+ * The Contribution, originally written by Mika Kousa and Pasi Eronen of
+ * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+ * support (see RFC 4279) to OpenSSL.
+ *
+ * No patent licenses or other rights except those expressly stated in
+ * the OpenSSL open source license shall be deemed granted or received
+ * expressly, by implication, estoppel, or otherwise.
+ *
+ * No assurances are provided by Nokia that the Contribution does not
+ * infringe the patent or other intellectual property rights of any third
+ * party or that the license provides you with all the necessary rights
+ * to make use of the Contribution.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+ * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+ * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+ * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+ * OTHERWISE.
+ */
 
 #ifndef HEADER_SSL_LOCL_H
 #define HEADER_SSL_LOCL_H
@@ -124,11 +150,17 @@
 #include "e_os.h"
 
 #include <openssl/buffer.h>
+#ifndef OPENSSL_NO_COMP
 #include <openssl/comp.h>
+#endif
 #include <openssl/bio.h>
 #include <openssl/stack.h>
+#ifndef OPENSSL_NO_RSA
 #include <openssl/rsa.h>
+#endif
+#ifndef OPENSSL_NO_DSA
 #include <openssl/dsa.h>
+#endif
 #include <openssl/err.h>
 #include <openssl/ssl.h>
 #include <openssl/symhacks.h>
@@ -176,6 +208,20 @@
 			 *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
 			 *((c)++)=(unsigned char)(((l)    )&0xff))
 
+#define l2n6(l,c)	(*((c)++)=(unsigned char)(((l)>>40)&0xff), \
+			 *((c)++)=(unsigned char)(((l)>>32)&0xff), \
+			 *((c)++)=(unsigned char)(((l)>>24)&0xff), \
+			 *((c)++)=(unsigned char)(((l)>>16)&0xff), \
+			 *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
+			 *((c)++)=(unsigned char)(((l)    )&0xff))
+
+#define n2l6(c,l)	(l =((BN_ULLONG)(*((c)++)))<<40, \
+			 l|=((BN_ULLONG)(*((c)++)))<<32, \
+			 l|=((BN_ULLONG)(*((c)++)))<<24, \
+			 l|=((BN_ULLONG)(*((c)++)))<<16, \
+			 l|=((BN_ULLONG)(*((c)++)))<< 8, \
+			 l|=((BN_ULLONG)(*((c)++))))
+
 /* NOTE - c is not incremented as per l2c */
 #define l2cn(l1,l2,c,n)	{ \
 			c+=n; \
@@ -231,56 +277,84 @@
  * that the different entities within are mutually exclusive:
  * ONLY ONE BIT PER MASK CAN BE SET AT A TIME.
  */
-#define SSL_MKEY_MASK		0x000000FFL
+
+/* Bits for algorithm_mkey (key exchange algorithm) */
 #define SSL_kRSA		0x00000001L /* RSA key exchange */
-#define SSL_kDHr		0x00000002L /* DH cert RSA CA cert */
-#define SSL_kDHd		0x00000004L /* DH cert DSA CA cert */
-#define SSL_kFZA		0x00000008L
-#define SSL_kEDH		0x00000010L /* tmp DH key no DH cert */
-#define SSL_kKRB5		0x00000020L /* Kerberos5 key exchange */
-#define SSL_kECDH               0x00000040L /* ECDH w/ long-term keys */
-#define SSL_kECDHE              0x00000080L /* ephemeral ECDH */
-#define SSL_EDH			(SSL_kEDH|(SSL_AUTH_MASK^SSL_aNULL))
-
-#define SSL_AUTH_MASK		0x00007F00L
-#define SSL_aRSA		0x00000100L /* Authenticate with RSA */
-#define SSL_aDSS 		0x00000200L /* Authenticate with DSS */
-#define SSL_DSS 		SSL_aDSS
-#define SSL_aFZA 		0x00000400L
-#define SSL_aNULL 		0x00000800L /* no Authenticate, ADH */
-#define SSL_aDH 		0x00001000L /* no Authenticate, ADH */
-#define SSL_aKRB5               0x00002000L /* Authenticate with KRB5 */
-#define SSL_aECDSA              0x00004000L /* Authenticate with ECDSA */
-
-#define SSL_NULL		(SSL_eNULL)
-#define SSL_ADH			(SSL_kEDH|SSL_aNULL)
-#define SSL_RSA			(SSL_kRSA|SSL_aRSA)
-#define SSL_DH			(SSL_kDHr|SSL_kDHd|SSL_kEDH)
-#define SSL_ECDH		(SSL_kECDH|SSL_kECDHE)
-#define SSL_FZA			(SSL_aFZA|SSL_kFZA|SSL_eFZA)
-#define SSL_KRB5                (SSL_kKRB5|SSL_aKRB5)
-
-#define SSL_ENC_MASK		0x043F8000L
-#define SSL_DES			0x00008000L
-#define SSL_3DES		0x00010000L
-#define SSL_RC4			0x00020000L
-#define SSL_RC2			0x00040000L
-#define SSL_IDEA		0x00080000L
-#define SSL_eFZA		0x00100000L
-#define SSL_eNULL		0x00200000L
-#define SSL_AES			0x04000000L
-
-#define SSL_MAC_MASK		0x00c00000L
-#define SSL_MD5			0x00400000L
-#define SSL_SHA1		0x00800000L
-#define SSL_SHA			(SSL_SHA1)
-
-#define SSL_SSL_MASK		0x03000000L
-#define SSL_SSLV2		0x01000000L
-#define SSL_SSLV3		0x02000000L
+#define SSL_kDHr		0x00000002L /* DH cert, RSA CA cert */ /* no such ciphersuites supported! */
+#define SSL_kDHd		0x00000004L /* DH cert, DSA CA cert */ /* no such ciphersuite supported! */
+#define SSL_kEDH		0x00000008L /* tmp DH key no DH cert */
+#define SSL_kKRB5		0x00000010L /* Kerberos5 key exchange */
+#define SSL_kECDHr		0x00000020L /* ECDH cert, RSA CA cert */
+#define SSL_kECDHe		0x00000040L /* ECDH cert, ECDSA CA cert */
+#define SSL_kEECDH		0x00000080L /* ephemeral ECDH */
+#define SSL_kPSK		0x00000100L /* PSK */
+#define SSL_kGOST       0x00000200L /* GOST key exchange */
+
+/* Bits for algorithm_auth (server authentication) */
+#define SSL_aRSA		0x00000001L /* RSA auth */
+#define SSL_aDSS 		0x00000002L /* DSS auth */
+#define SSL_aNULL 		0x00000004L /* no auth (i.e. use ADH or AECDH) */
+#define SSL_aDH 		0x00000008L /* Fixed DH auth (kDHd or kDHr) */ /* no such ciphersuites supported! */
+#define SSL_aECDH 		0x00000010L /* Fixed ECDH auth (kECDHe or kECDHr) */
+#define SSL_aKRB5               0x00000020L /* KRB5 auth */
+#define SSL_aECDSA              0x00000040L /* ECDSA auth*/
+#define SSL_aPSK                0x00000080L /* PSK auth */
+#define SSL_aGOST94				0x00000100L /* GOST R 34.10-94 signature auth */
+#define SSL_aGOST01 			0x00000200L /* GOST R 34.10-2001 signature auth */
+
+
+/* Bits for algorithm_enc (symmetric encryption) */
+#define SSL_DES			0x00000001L
+#define SSL_3DES		0x00000002L
+#define SSL_RC4			0x00000004L
+#define SSL_RC2			0x00000008L
+#define SSL_IDEA		0x00000010L
+#define SSL_eNULL		0x00000020L
+#define SSL_AES128		0x00000040L
+#define SSL_AES256		0x00000080L
+#define SSL_CAMELLIA128		0x00000100L
+#define SSL_CAMELLIA256		0x00000200L
+#define SSL_eGOST2814789CNT	0x00000400L
+#define SSL_SEED		0x00000800L
+
+#define SSL_AES        		(SSL_AES128|SSL_AES256)
+#define SSL_CAMELLIA		(SSL_CAMELLIA128|SSL_CAMELLIA256)
+
+
+/* Bits for algorithm_mac (symmetric authentication) */
+#define SSL_MD5			0x00000001L
+#define SSL_SHA1		0x00000002L
+#define SSL_GOST94      0x00000004L
+#define SSL_GOST89MAC   0x00000008L
+
+/* Bits for algorithm_ssl (protocol version) */
+#define SSL_SSLV2		0x00000001L
+#define SSL_SSLV3		0x00000002L
 #define SSL_TLSV1		SSL_SSLV3	/* for now */
 
-/* we have used 07ffffff - 5 bits left to go. */
+
+/* Bits for algorithm2 (handshake digests and other extra flags) */
+
+#define SSL_HANDSHAKE_MAC_MD5 0x10
+#define SSL_HANDSHAKE_MAC_SHA 0x20
+#define SSL_HANDSHAKE_MAC_GOST94 0x40
+#define SSL_HANDSHAKE_MAC_DEFAULT (SSL_HANDSHAKE_MAC_MD5 | SSL_HANDSHAKE_MAC_SHA)
+
+/* When adding new digest in the ssl_ciph.c and increment SSM_MD_NUM_IDX
+ * make sure to update this constant too */
+#define SSL_MAX_DIGEST 4
+
+#define TLS1_PRF_DGST_SHIFT 8
+#define TLS1_PRF_MD5 (SSL_HANDSHAKE_MAC_MD5 << TLS1_PRF_DGST_SHIFT)
+#define TLS1_PRF_SHA1 (SSL_HANDSHAKE_MAC_SHA << TLS1_PRF_DGST_SHIFT)
+#define TLS1_PRF_GOST94 (SSL_HANDSHAKE_MAC_GOST94 << TLS1_PRF_DGST_SHIFT)
+#define TLS1_PRF (TLS1_PRF_MD5 | TLS1_PRF_SHA1)
+
+/* Stream MAC for GOST ciphersuites from cryptopro draft
+ * (currently this also goes into algorithm2) */
+#define TLS1_STREAM_MAC 0x04
+
+
 
 /*
  * Export and cipher strength information. For each cipher we have to decide
@@ -298,10 +372,11 @@
  * be possible.
  */
 #define SSL_EXP_MASK		0x00000003L
+#define SSL_STRONG_MASK		0x000001fcL
+
 #define SSL_NOT_EXP		0x00000001L
 #define SSL_EXPORT		0x00000002L
 
-#define SSL_STRONG_MASK		0x000000fcL
 #define SSL_STRONG_NONE		0x00000004L
 #define SSL_EXP40		0x00000008L
 #define SSL_MICRO		(SSL_EXP40)
@@ -310,8 +385,9 @@
 #define SSL_LOW			0x00000020L
 #define SSL_MEDIUM		0x00000040L
 #define SSL_HIGH		0x00000080L
+#define SSL_FIPS		0x00000100L
 
-/* we have used 000000ff - 24 bits left to go */
+/* we have used 000001ff - 23 bits left to go */
 
 /*
  * Macros to check the export status and cipher strength for export ciphers.
@@ -334,17 +410,14 @@
 #define SSL_C_IS_EXPORT40(c)	SSL_IS_EXPORT40((c)->algo_strength)
 
 #define SSL_EXPORT_KEYLENGTH(a,s)	(SSL_IS_EXPORT40(s) ? 5 : \
-				 ((a)&SSL_ENC_MASK) == SSL_DES ? 8 : 7)
+				 (a) == SSL_DES ? 8 : 7)
 #define SSL_EXPORT_PKEYLENGTH(a) (SSL_IS_EXPORT40(a) ? 512 : 1024)
-#define SSL_C_EXPORT_KEYLENGTH(c)	SSL_EXPORT_KEYLENGTH((c)->algorithms, \
+#define SSL_C_EXPORT_KEYLENGTH(c)	SSL_EXPORT_KEYLENGTH((c)->algorithm_enc, \
 				(c)->algo_strength)
 #define SSL_C_EXPORT_PKEYLENGTH(c)	SSL_EXPORT_PKEYLENGTH((c)->algo_strength)
 
 
-#define SSL_ALL			0xffffffffL
-#define SSL_ALL_CIPHERS		(SSL_MKEY_MASK|SSL_AUTH_MASK|SSL_ENC_MASK|\
-				SSL_MAC_MASK)
-#define SSL_ALL_STRENGTHS	(SSL_EXP_MASK|SSL_STRONG_MASK)
+
 
 /* Mostly for SSLv3 */
 #define SSL_PKEY_RSA_ENC	0
@@ -353,7 +426,9 @@
 #define SSL_PKEY_DH_RSA		3
 #define SSL_PKEY_DH_DSA		4
 #define SSL_PKEY_ECC            5
-#define SSL_PKEY_NUM		6
+#define SSL_PKEY_GOST94		6
+#define SSL_PKEY_GOST01		7
+#define SSL_PKEY_NUM		8
 
 /* SSL_kRSA <- RSA_ENC | (RSA_TMP & RSA_SIGN) |
  * 	    <- (EXPORT & (RSA_ENC | RSA_TMP) & RSA_SIGN)
@@ -394,8 +469,10 @@ typedef struct cert_st
 	/* The following masks are for the key and auth
 	 * algorithms that are supported by the certs below */
 	int valid;
-	unsigned long mask;
-	unsigned long export_mask;
+	unsigned long mask_k;
+	unsigned long mask_a;
+	unsigned long export_mask_k;
+	unsigned long export_mask_a;
 #ifndef OPENSSL_NO_RSA
 	RSA *rsa_tmp;
 	RSA *(*rsa_tmp_cb)(SSL *ssl,int is_export,int keysize);
@@ -469,9 +546,9 @@ typedef struct ssl3_enc_method
 	int (*setup_key_block)(SSL *);
 	int (*generate_master_secret)(SSL *, unsigned char *, unsigned char *, int);
 	int (*change_cipher_state)(SSL *, int);
-	int (*final_finish_mac)(SSL *, EVP_MD_CTX *, EVP_MD_CTX *, const char *, int, unsigned char *);
+	int (*final_finish_mac)(SSL *,  const char *, int, unsigned char *);
 	int finish_mac_length;
-	int (*cert_verify_mac)(SSL *, EVP_MD_CTX *, unsigned char *);
+	int (*cert_verify_mac)(SSL *, int, unsigned char *);
 	const char *client_finished_label;
 	int client_finished_label_len;
 	const char *server_finished_label;
@@ -479,6 +556,7 @@ typedef struct ssl3_enc_method
 	int (*alert_value)(int);
 	} SSL3_ENC_METHOD;
 
+#ifndef OPENSSL_NO_COMP
 /* Used for holding the relevant compression methods loaded into SSL_CTX */
 typedef struct ssl3_comp_st
 	{
@@ -486,16 +564,218 @@ typedef struct ssl3_comp_st
 	char *name;	/* Text name used for the compression type */
 	COMP_METHOD *method; /* The method :-) */
 	} SSL3_COMP;
+#endif
+
+#ifndef OPENSSL_NO_BUF_FREELISTS
+typedef struct ssl3_buf_freelist_st
+	{
+	size_t chunklen;
+	unsigned int len;
+	struct ssl3_buf_freelist_entry_st *head;
+	} SSL3_BUF_FREELIST;
 
-OPENSSL_EXTERN SSL3_ENC_METHOD ssl3_undef_enc_method;
-OPENSSL_EXTERN SSL_CIPHER ssl2_ciphers[];
+typedef struct ssl3_buf_freelist_entry_st
+	{
+	struct ssl3_buf_freelist_entry_st *next;
+	} SSL3_BUF_FREELIST_ENTRY;
+#endif
+
+extern SSL3_ENC_METHOD ssl3_undef_enc_method;
+OPENSSL_EXTERN const SSL_CIPHER ssl2_ciphers[];
 OPENSSL_EXTERN SSL_CIPHER ssl3_ciphers[];
 
 
 SSL_METHOD *ssl_bad_method(int ver);
-SSL_METHOD *sslv2_base_method(void);
-SSL_METHOD *sslv23_base_method(void);
-SSL_METHOD *sslv3_base_method(void);
+
+extern SSL3_ENC_METHOD TLSv1_enc_data;
+extern SSL3_ENC_METHOD SSLv3_enc_data;
+extern SSL3_ENC_METHOD DTLSv1_enc_data;
+
+#define IMPLEMENT_tls_meth_func(version, func_name, s_accept, s_connect, \
+				s_get_meth) \
+const SSL_METHOD *func_name(void)  \
+	{ \
+	static const SSL_METHOD func_name##_data= { \
+		version, \
+		tls1_new, \
+		tls1_clear, \
+		tls1_free, \
+		s_accept, \
+		s_connect, \
+		ssl3_read, \
+		ssl3_peek, \
+		ssl3_write, \
+		ssl3_shutdown, \
+		ssl3_renegotiate, \
+		ssl3_renegotiate_check, \
+		ssl3_get_message, \
+		ssl3_read_bytes, \
+		ssl3_write_bytes, \
+		ssl3_dispatch_alert, \
+		ssl3_ctrl, \
+		ssl3_ctx_ctrl, \
+		ssl3_get_cipher_by_char, \
+		ssl3_put_cipher_by_char, \
+		ssl3_pending, \
+		ssl3_num_ciphers, \
+		ssl3_get_cipher, \
+		s_get_meth, \
+		tls1_default_timeout, \
+		&TLSv1_enc_data, \
+		ssl_undefined_void_function, \
+		ssl3_callback_ctrl, \
+		ssl3_ctx_callback_ctrl, \
+	}; \
+	return &func_name##_data; \
+	}
+
+#define IMPLEMENT_ssl3_meth_func(func_name, s_accept, s_connect, s_get_meth) \
+const SSL_METHOD *func_name(void)  \
+	{ \
+	static const SSL_METHOD func_name##_data= { \
+		SSL3_VERSION, \
+		ssl3_new, \
+		ssl3_clear, \
+		ssl3_free, \
+		s_accept, \
+		s_connect, \
+		ssl3_read, \
+		ssl3_peek, \
+		ssl3_write, \
+		ssl3_shutdown, \
+		ssl3_renegotiate, \
+		ssl3_renegotiate_check, \
+		ssl3_get_message, \
+		ssl3_read_bytes, \
+		ssl3_write_bytes, \
+		ssl3_dispatch_alert, \
+		ssl3_ctrl, \
+		ssl3_ctx_ctrl, \
+		ssl3_get_cipher_by_char, \
+		ssl3_put_cipher_by_char, \
+		ssl3_pending, \
+		ssl3_num_ciphers, \
+		ssl3_get_cipher, \
+		s_get_meth, \
+		ssl3_default_timeout, \
+		&SSLv3_enc_data, \
+		ssl_undefined_void_function, \
+		ssl3_callback_ctrl, \
+		ssl3_ctx_callback_ctrl, \
+	}; \
+	return &func_name##_data; \
+	}
+
+#define IMPLEMENT_ssl23_meth_func(func_name, s_accept, s_connect, s_get_meth) \
+const SSL_METHOD *func_name(void)  \
+	{ \
+	static const SSL_METHOD func_name##_data= { \
+	TLS1_1_VERSION, \
+	tls1_new, \
+	tls1_clear, \
+	tls1_free, \
+	s_accept, \
+	s_connect, \
+	ssl23_read, \
+	ssl23_peek, \
+	ssl23_write, \
+	ssl_undefined_function, \
+	ssl_undefined_function, \
+	ssl_ok, \
+	ssl3_get_message, \
+	ssl3_read_bytes, \
+	ssl3_write_bytes, \
+	ssl3_dispatch_alert, \
+	ssl3_ctrl, \
+	ssl3_ctx_ctrl, \
+	ssl23_get_cipher_by_char, \
+	ssl23_put_cipher_by_char, \
+	ssl_undefined_const_function, \
+	ssl23_num_ciphers, \
+	ssl23_get_cipher, \
+	s_get_meth, \
+	ssl23_default_timeout, \
+	&ssl3_undef_enc_method, \
+	ssl_undefined_void_function, \
+	ssl3_callback_ctrl, \
+	ssl3_ctx_callback_ctrl, \
+	}; \
+	return &func_name##_data; \
+	}
+
+#define IMPLEMENT_ssl2_meth_func(func_name, s_accept, s_connect, s_get_meth) \
+const SSL_METHOD *func_name(void)  \
+	{ \
+	static const SSL_METHOD func_name##_data= { \
+		SSL2_VERSION, \
+		ssl2_new,	/* local */ \
+		ssl2_clear,	/* local */ \
+		ssl2_free,	/* local */ \
+		s_accept, \
+		s_connect, \
+		ssl2_read, \
+		ssl2_peek, \
+		ssl2_write, \
+		ssl2_shutdown, \
+		ssl_ok,	/* NULL - renegotiate */ \
+		ssl_ok,	/* NULL - check renegotiate */ \
+		NULL, /* NULL - ssl_get_message */ \
+		NULL, /* NULL - ssl_get_record */ \
+		NULL, /* NULL - ssl_write_bytes */ \
+		NULL, /* NULL - dispatch_alert */ \
+		ssl2_ctrl,	/* local */ \
+		ssl2_ctx_ctrl,	/* local */ \
+		ssl2_get_cipher_by_char, \
+		ssl2_put_cipher_by_char, \
+		ssl2_pending, \
+		ssl2_num_ciphers, \
+		ssl2_get_cipher, \
+		s_get_meth, \
+		ssl2_default_timeout, \
+		&ssl3_undef_enc_method, \
+		ssl_undefined_void_function, \
+		ssl2_callback_ctrl,	/* local */ \
+		ssl2_ctx_callback_ctrl,	/* local */ \
+	}; \
+	return &func_name##_data; \
+	}
+
+#define IMPLEMENT_dtls1_meth_func(func_name, s_accept, s_connect, s_get_meth) \
+const SSL_METHOD *func_name(void)  \
+	{ \
+	static const SSL_METHOD func_name##_data= { \
+		DTLS1_VERSION, \
+		dtls1_new, \
+		dtls1_clear, \
+		dtls1_free, \
+		s_accept, \
+		s_connect, \
+		ssl3_read, \
+		ssl3_peek, \
+		ssl3_write, \
+		ssl3_shutdown, \
+		ssl3_renegotiate, \
+		ssl3_renegotiate_check, \
+		dtls1_get_message, \
+		dtls1_read_bytes, \
+		dtls1_write_app_data_bytes, \
+		dtls1_dispatch_alert, \
+		dtls1_ctrl, \
+		ssl3_ctx_ctrl, \
+		ssl3_get_cipher_by_char, \
+		ssl3_put_cipher_by_char, \
+		ssl3_pending, \
+		ssl3_num_ciphers, \
+		dtls1_get_cipher, \
+		s_get_meth, \
+		dtls1_default_timeout, \
+		&DTLSv1_enc_data, \
+		ssl_undefined_void_function, \
+		ssl3_callback_ctrl, \
+		ssl3_ctx_callback_ctrl, \
+	}; \
+	return &func_name##_data; \
+	}
 
 void ssl_clear_cipher_ctx(SSL *s);
 int ssl_clear_bad_session(SSL *s);
@@ -507,34 +787,41 @@ SESS_CERT *ssl_sess_cert_new(void);
 void ssl_sess_cert_free(SESS_CERT *sc);
 int ssl_set_peer_cert_type(SESS_CERT *c, int type);
 int ssl_get_new_session(SSL *s, int session);
-int ssl_get_prev_session(SSL *s, unsigned char *session,int len);
+int ssl_get_prev_session(SSL *s, unsigned char *session,int len, const unsigned char *limit);
 int ssl_cipher_id_cmp(const SSL_CIPHER *a,const SSL_CIPHER *b);
+DECLARE_OBJ_BSEARCH_GLOBAL_CMP_FN(SSL_CIPHER, SSL_CIPHER,
+				  ssl_cipher_id);
 int ssl_cipher_ptr_id_cmp(const SSL_CIPHER * const *ap,
 			const SSL_CIPHER * const *bp);
 STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s,unsigned char *p,int num,
 					       STACK_OF(SSL_CIPHER) **skp);
-int ssl_cipher_list_to_bytes(SSL *s,STACK_OF(SSL_CIPHER) *sk,unsigned char *p);
+int ssl_cipher_list_to_bytes(SSL *s,STACK_OF(SSL_CIPHER) *sk,unsigned char *p,
+                             int (*put_cb)(const SSL_CIPHER *, unsigned char *));
 STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *meth,
 					     STACK_OF(SSL_CIPHER) **pref,
 					     STACK_OF(SSL_CIPHER) **sorted,
 					     const char *rule_str);
 void ssl_update_cache(SSL *s, int mode);
-int ssl_cipher_get_evp(SSL_SESSION *s,const EVP_CIPHER **enc,const EVP_MD **md,
-		       SSL_COMP **comp);
+int ssl_cipher_get_evp(const SSL_SESSION *s,const EVP_CIPHER **enc,
+		       const EVP_MD **md,int *mac_pkey_type,int *mac_secret_size, SSL_COMP **comp);
+int ssl_get_handshake_digest(int i,long *mask,const EVP_MD **md);			   
 int ssl_verify_cert_chain(SSL *s,STACK_OF(X509) *sk);
 int ssl_undefined_function(SSL *s);
+int ssl_undefined_void_function(void);
+int ssl_undefined_const_function(const SSL *s);
 X509 *ssl_get_server_send_cert(SSL *);
-EVP_PKEY *ssl_get_sign_pkey(SSL *,SSL_CIPHER *);
+EVP_PKEY *ssl_get_sign_pkey(SSL *,const SSL_CIPHER *);
 int ssl_cert_type(X509 *x,EVP_PKEY *pkey);
-void ssl_set_cert_masks(CERT *c, SSL_CIPHER *cipher);
+void ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher);
 STACK_OF(SSL_CIPHER) *ssl_get_ciphers_by_id(SSL *s);
 int ssl_verify_alarm_type(long type);
+void ssl_load_ciphers(void);
 
 int ssl2_enc_init(SSL *s, int client);
 int ssl2_generate_key_material(SSL *s);
 void ssl2_enc(SSL *s,int send_data);
 void ssl2_mac(SSL *s,unsigned char *mac,int send_data);
-SSL_CIPHER *ssl2_get_cipher_by_char(const unsigned char *p);
+const SSL_CIPHER *ssl2_get_cipher_by_char(const unsigned char *p);
 int ssl2_put_cipher_by_char(const SSL_CIPHER *c,unsigned char *p);
 int ssl2_part_read(SSL *s, unsigned long f, int i);
 int ssl2_do_write(SSL *s);
@@ -542,7 +829,7 @@ int ssl2_set_certificate(SSL *s, int type, int len, const unsigned char *data);
 void ssl2_return_error(SSL *s,int reason);
 void ssl2_write_error(SSL *s);
 int ssl2_num_ciphers(void);
-SSL_CIPHER *ssl2_get_cipher(unsigned int u);
+const SSL_CIPHER *ssl2_get_cipher(unsigned int u);
 int	ssl2_new(SSL *s);
 void	ssl2_free(SSL *s);
 int	ssl2_accept(SSL *s);
@@ -554,43 +841,51 @@ int	ssl2_shutdown(SSL *s);
 void	ssl2_clear(SSL *s);
 long	ssl2_ctrl(SSL *s,int cmd, long larg, void *parg);
 long	ssl2_ctx_ctrl(SSL_CTX *s,int cmd, long larg, void *parg);
-long	ssl2_callback_ctrl(SSL *s,int cmd, void (*fp)());
-long	ssl2_ctx_callback_ctrl(SSL_CTX *s,int cmd, void (*fp)());
-int	ssl2_pending(SSL *s);
+long	ssl2_callback_ctrl(SSL *s,int cmd, void (*fp)(void));
+long	ssl2_ctx_callback_ctrl(SSL_CTX *s,int cmd, void (*fp)(void));
+int	ssl2_pending(const SSL *s);
+long	ssl2_default_timeout(void );
 
-SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p);
+const SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p);
 int ssl3_put_cipher_by_char(const SSL_CIPHER *c,unsigned char *p);
 void ssl3_init_finished_mac(SSL *s);
 int ssl3_send_server_certificate(SSL *s);
+int ssl3_send_newsession_ticket(SSL *s);
+int ssl3_send_cert_status(SSL *s);
 int ssl3_get_finished(SSL *s,int state_a,int state_b);
 int ssl3_setup_key_block(SSL *s);
 int ssl3_send_change_cipher_spec(SSL *s,int state_a,int state_b);
 int ssl3_change_cipher_state(SSL *s,int which);
 void ssl3_cleanup_key_block(SSL *s);
 int ssl3_do_write(SSL *s,int type);
-void ssl3_send_alert(SSL *s,int level, int desc);
+int ssl3_send_alert(SSL *s,int level, int desc);
 int ssl3_generate_master_secret(SSL *s, unsigned char *out,
 	unsigned char *p, int len);
 int ssl3_get_req_cert_type(SSL *s,unsigned char *p);
 long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok);
 int ssl3_send_finished(SSL *s, int a, int b, const char *sender,int slen);
 int ssl3_num_ciphers(void);
-SSL_CIPHER *ssl3_get_cipher(unsigned int u);
+const SSL_CIPHER *ssl3_get_cipher(unsigned int u);
 int ssl3_renegotiate(SSL *ssl); 
 int ssl3_renegotiate_check(SSL *ssl); 
 int ssl3_dispatch_alert(SSL *s);
 int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek);
 int ssl3_write_bytes(SSL *s, int type, const void *buf, int len);
-int ssl3_final_finish_mac(SSL *s, EVP_MD_CTX *ctx1, EVP_MD_CTX *ctx2,
-	const char *sender, int slen,unsigned char *p);
-int ssl3_cert_verify_mac(SSL *s, EVP_MD_CTX *in, unsigned char *p);
+int ssl3_final_finish_mac(SSL *s, const char *sender, int slen,unsigned char *p);
+int ssl3_cert_verify_mac(SSL *s, int md_nid, unsigned char *p);
 void ssl3_finish_mac(SSL *s, const unsigned char *buf, int len);
 int ssl3_enc(SSL *s, int send_data);
-int ssl3_mac(SSL *ssl, unsigned char *md, int send_data);
+int n_ssl3_mac(SSL *ssl, unsigned char *md, int send_data);
+void ssl3_free_digest_list(SSL *s);
 unsigned long ssl3_output_cert_chain(SSL *s, X509 *x);
 SSL_CIPHER *ssl3_choose_cipher(SSL *ssl,STACK_OF(SSL_CIPHER) *clnt,
 			       STACK_OF(SSL_CIPHER) *srvr);
 int	ssl3_setup_buffers(SSL *s);
+int	ssl3_setup_read_buffer(SSL *s);
+int	ssl3_setup_write_buffer(SSL *s);
+int	ssl3_release_read_buffer(SSL *s);
+int	ssl3_release_write_buffer(SSL *s);
+int	ssl3_digest_cached_records(SSL *s);
 int	ssl3_new(SSL *s);
 void	ssl3_free(SSL *s);
 int	ssl3_accept(SSL *s);
@@ -602,9 +897,104 @@ int	ssl3_shutdown(SSL *s);
 void	ssl3_clear(SSL *s);
 long	ssl3_ctrl(SSL *s,int cmd, long larg, void *parg);
 long	ssl3_ctx_ctrl(SSL_CTX *s,int cmd, long larg, void *parg);
-long	ssl3_callback_ctrl(SSL *s,int cmd, void (*fp)());
-long	ssl3_ctx_callback_ctrl(SSL_CTX *s,int cmd, void (*fp)());
-int	ssl3_pending(SSL *s);
+long	ssl3_callback_ctrl(SSL *s,int cmd, void (*fp)(void));
+long	ssl3_ctx_callback_ctrl(SSL_CTX *s,int cmd, void (*fp)(void));
+int	ssl3_pending(const SSL *s);
+
+void ssl3_record_sequence_update(unsigned char *seq);
+int ssl3_do_change_cipher_spec(SSL *ssl);
+long ssl3_default_timeout(void );
+
+int ssl23_num_ciphers(void );
+const SSL_CIPHER *ssl23_get_cipher(unsigned int u);
+int ssl23_read(SSL *s, void *buf, int len);
+int ssl23_peek(SSL *s, void *buf, int len);
+int ssl23_write(SSL *s, const void *buf, int len);
+int ssl23_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p);
+const SSL_CIPHER *ssl23_get_cipher_by_char(const unsigned char *p);
+long ssl23_default_timeout(void );
+
+long tls1_default_timeout(void);
+int dtls1_do_write(SSL *s,int type);
+int ssl3_read_n(SSL *s, int n, int max, int extend);
+int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek);
+int ssl3_do_compress(SSL *ssl);
+int ssl3_do_uncompress(SSL *ssl);
+int ssl3_write_pending(SSL *s, int type, const unsigned char *buf,
+	unsigned int len);
+unsigned char *dtls1_set_message_header(SSL *s, 
+	unsigned char *p, unsigned char mt,	unsigned long len, 
+	unsigned long frag_off, unsigned long frag_len);
+
+int dtls1_write_app_data_bytes(SSL *s, int type, const void *buf, int len);
+int dtls1_write_bytes(SSL *s, int type, const void *buf, int len);
+
+int dtls1_send_change_cipher_spec(SSL *s, int a, int b);
+int dtls1_send_finished(SSL *s, int a, int b, const char *sender, int slen);
+unsigned long dtls1_output_cert_chain(SSL *s, X509 *x);
+int dtls1_read_failed(SSL *s, int code);
+int dtls1_buffer_message(SSL *s, int ccs);
+int dtls1_retransmit_message(SSL *s, unsigned short seq, 
+	unsigned long frag_off, int *found);
+int dtls1_get_queue_priority(unsigned short seq, int is_ccs);
+int dtls1_retransmit_buffered_messages(SSL *s);
+void dtls1_clear_record_buffer(SSL *s);
+void dtls1_get_message_header(unsigned char *data, struct hm_header_st *msg_hdr);
+void dtls1_get_ccs_header(unsigned char *data, struct ccs_header_st *ccs_hdr);
+void dtls1_reset_seq_numbers(SSL *s, int rw);
+long dtls1_default_timeout(void);
+struct timeval* dtls1_get_timeout(SSL *s, struct timeval* timeleft);
+int dtls1_handle_timeout(SSL *s);
+const SSL_CIPHER *dtls1_get_cipher(unsigned int u);
+void dtls1_start_timer(SSL *s);
+void dtls1_stop_timer(SSL *s);
+int dtls1_is_timer_expired(SSL *s);
+void dtls1_double_timeout(SSL *s);
+int dtls1_send_newsession_ticket(SSL *s);
+
+/* some client-only functions */
+int ssl3_client_hello(SSL *s);
+int ssl3_get_server_hello(SSL *s);
+int ssl3_get_certificate_request(SSL *s);
+int ssl3_get_new_session_ticket(SSL *s);
+int ssl3_get_cert_status(SSL *s);
+int ssl3_get_server_done(SSL *s);
+int ssl3_send_client_verify(SSL *s);
+int ssl3_send_client_certificate(SSL *s);
+int ssl_do_client_cert_cb(SSL *s, X509 **px509, EVP_PKEY **ppkey);
+int ssl3_send_client_key_exchange(SSL *s);
+int ssl3_get_key_exchange(SSL *s);
+int ssl3_get_server_certificate(SSL *s);
+int ssl3_check_cert_and_algorithm(SSL *s);
+#ifndef OPENSSL_NO_TLSEXT
+int ssl3_check_finished(SSL *s);
+#endif
+
+int dtls1_client_hello(SSL *s);
+int dtls1_send_client_certificate(SSL *s);
+int dtls1_send_client_key_exchange(SSL *s);
+int dtls1_send_client_verify(SSL *s);
+
+/* some server-only functions */
+int ssl3_get_client_hello(SSL *s);
+int ssl3_send_server_hello(SSL *s);
+int ssl3_send_hello_request(SSL *s);
+int ssl3_send_server_key_exchange(SSL *s);
+int ssl3_send_certificate_request(SSL *s);
+int ssl3_send_server_done(SSL *s);
+int ssl3_check_client_hello(SSL *s);
+int ssl3_get_client_certificate(SSL *s);
+int ssl3_get_client_key_exchange(SSL *s);
+int ssl3_get_cert_verify(SSL *s);
+
+int dtls1_send_hello_request(SSL *s);
+int dtls1_send_server_hello(SSL *s);
+int dtls1_send_server_certificate(SSL *s);
+int dtls1_send_server_key_exchange(SSL *s);
+int dtls1_send_certificate_request(SSL *s);
+int dtls1_send_server_done(SSL *s);
+
+
 
 int ssl23_accept(SSL *s);
 int ssl23_connect(SSL *s);
@@ -615,8 +1005,21 @@ int tls1_new(SSL *s);
 void tls1_free(SSL *s);
 void tls1_clear(SSL *s);
 long tls1_ctrl(SSL *s,int cmd, long larg, void *parg);
-long tls1_callback_ctrl(SSL *s,int cmd, void (*fp)());
-SSL_METHOD *tlsv1_base_method(void );
+long tls1_callback_ctrl(SSL *s,int cmd, void (*fp)(void));
+
+int dtls1_new(SSL *s);
+int	dtls1_accept(SSL *s);
+int	dtls1_connect(SSL *s);
+void dtls1_free(SSL *s);
+void dtls1_clear(SSL *s);
+long dtls1_ctrl(SSL *s,int cmd, long larg, void *parg);
+
+long dtls1_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok);
+int dtls1_get_record(SSL *s);
+int do_dtls1_write(SSL *s, int type, const unsigned char *buf,
+	unsigned int len, int create_empty_fragement);
+int dtls1_dispatch_alert(SSL *s);
+int dtls1_enc(SSL *s, int snd);
 
 int ssl_init_wbio_buffer(SSL *s, int push);
 void ssl_free_wbio_buffer(SSL *s);
@@ -624,9 +1027,9 @@ void ssl_free_wbio_buffer(SSL *s);
 int tls1_change_cipher_state(SSL *s, int which);
 int tls1_setup_key_block(SSL *s);
 int tls1_enc(SSL *s, int snd);
-int tls1_final_finish_mac(SSL *s, EVP_MD_CTX *in1_ctx, EVP_MD_CTX *in2_ctx,
+int tls1_final_finish_mac(SSL *s,
 	const char *str, int slen, unsigned char *p);
-int tls1_cert_verify_mac(SSL *s, EVP_MD_CTX *in, unsigned char *p);
+int tls1_cert_verify_mac(SSL *s, int md_nid, unsigned char *p);
 int tls1_mac(SSL *ssl, unsigned char *md, int snd);
 int tls1_generate_master_secret(SSL *s, unsigned char *out,
 	unsigned char *p, int len);
@@ -634,9 +1037,43 @@ int tls1_alert_code(int code);
 int ssl3_alert_code(int code);
 int ssl_ok(SSL *s);
 
-int check_srvr_ecc_cert_and_alg(X509 *x, SSL_CIPHER *cs);
+#ifndef OPENSSL_NO_ECDH
+int ssl_check_srvr_ecc_cert_and_alg(X509 *x, const SSL_CIPHER *cs);
+#endif
 
 SSL_COMP *ssl3_comp_find(STACK_OF(SSL_COMP) *sk, int n);
 
-
+#ifndef OPENSSL_NO_EC
+int tls1_ec_curve_id2nid(int curve_id);
+int tls1_ec_nid2curve_id(int nid);
+#endif /* OPENSSL_NO_EC */
+
+#ifndef OPENSSL_NO_TLSEXT
+unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned char *limit); 
+unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned char *limit); 
+int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **data, unsigned char *d, int n, int *al);
+int ssl_parse_serverhello_tlsext(SSL *s, unsigned char **data, unsigned char *d, int n, int *al);
+int ssl_prepare_clienthello_tlsext(SSL *s);
+int ssl_prepare_serverhello_tlsext(SSL *s);
+int ssl_check_clienthello_tlsext(SSL *s);
+int ssl_check_serverhello_tlsext(SSL *s);
+
+#ifdef OPENSSL_NO_SHA256
+#define tlsext_tick_md	EVP_sha1
+#else
+#define tlsext_tick_md	EVP_sha256
+#endif
+int tls1_process_ticket(SSL *s, unsigned char *session_id, int len,
+				const unsigned char *limit, SSL_SESSION **ret);
+#endif
+EVP_MD_CTX* ssl_replace_hash(EVP_MD_CTX **hash,const EVP_MD *md) ;
+void ssl_clear_hash_ctx(EVP_MD_CTX **hash);
+int ssl_add_serverhello_renegotiate_ext(SSL *s, unsigned char *p, int *len,
+					int maxlen);
+int ssl_parse_serverhello_renegotiate_ext(SSL *s, unsigned char *d, int len,
+					  int *al);
+int ssl_add_clienthello_renegotiate_ext(SSL *s, unsigned char *p, int *len,
+					int maxlen);
+int ssl_parse_clienthello_renegotiate_ext(SSL *s, unsigned char *d, int len,
+					  int *al);
 #endif
diff --git a/ssl/ssl_rsa.c b/ssl/ssl_rsa.c
index 72511d248b..c0960b5712 100644
--- a/ssl/ssl_rsa.c
+++ b/ssl/ssl_rsa.c
@@ -181,7 +181,7 @@ int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa)
 
 static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey)
 	{
-	int i,ok=0,bad=0;
+	int i;
 
 	i=ssl_cert_type(NULL,pkey);
 	if (i < 0)
@@ -202,47 +202,18 @@ static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey)
 		/* Don't check the public/private key, this is mostly
 		 * for smart cards. */
 		if ((pkey->type == EVP_PKEY_RSA) &&
-			(RSA_flags(pkey->pkey.rsa) &
-			 RSA_METHOD_FLAG_NO_CHECK))
-			 ok=1;
+			(RSA_flags(pkey->pkey.rsa) & RSA_METHOD_FLAG_NO_CHECK))
+			;
 		else
 #endif
-		     if (!X509_check_private_key(c->pkeys[i].x509,pkey))
+		if (!X509_check_private_key(c->pkeys[i].x509,pkey))
 			{
-			if ((i == SSL_PKEY_DH_RSA) || (i == SSL_PKEY_DH_DSA))
-				{
-				i=(i == SSL_PKEY_DH_RSA)?
-					SSL_PKEY_DH_DSA:SSL_PKEY_DH_RSA;
-
-				if (c->pkeys[i].x509 == NULL)
-					ok=1;
-				else
-					{
-					if (!X509_check_private_key(
-						c->pkeys[i].x509,pkey))
-						bad=1;
-					else
-						ok=1;
-					}
-				}
-			else
-				bad=1;
+			X509_free(c->pkeys[i].x509);
+			c->pkeys[i].x509 = NULL;
+			return 0;
 			}
-		else
-			ok=1;
-		}
-	else
-		ok=1;
-
-	if (bad)
-		{
-		X509_free(c->pkeys[i].x509);
-		c->pkeys[i].x509=NULL;
-		return(0);
 		}
 
-	ERR_clear_error(); /* make sure no error from X509_check_private_key()
-	                    * is left if we have chosen to ignore it */
 	if (c->pkeys[i].privatekey != NULL)
 		EVP_PKEY_free(c->pkeys[i].privatekey);
 	CRYPTO_add(&pkey->references,1,CRYPTO_LOCK_EVP_PKEY);
@@ -364,6 +335,11 @@ int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type)
 		pkey=PEM_read_bio_PrivateKey(in,NULL,
 			ssl->ctx->default_passwd_callback,ssl->ctx->default_passwd_callback_userdata);
 		}
+	else if (type == SSL_FILETYPE_ASN1)
+		{
+		j = ERR_R_ASN1_LIB;
+		pkey = d2i_PrivateKey_bio(in,NULL);
+		}
 	else
 		{
 		SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE,SSL_R_BAD_SSL_FILETYPE);
@@ -418,7 +394,7 @@ int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x)
 static int ssl_set_cert(CERT *c, X509 *x)
 	{
 	EVP_PKEY *pkey;
-	int i,ok=0,bad=0;
+	int i;
 
 	pkey=X509_get_pubkey(x);
 	if (pkey == NULL)
@@ -446,44 +422,23 @@ static int ssl_set_cert(CERT *c, X509 *x)
 		if ((c->pkeys[i].privatekey->type == EVP_PKEY_RSA) &&
 			(RSA_flags(c->pkeys[i].privatekey->pkey.rsa) &
 			 RSA_METHOD_FLAG_NO_CHECK))
-			 ok=1;
+			 ;
 		else
-#endif
-		{
+#endif /* OPENSSL_NO_RSA */
 		if (!X509_check_private_key(x,c->pkeys[i].privatekey))
 			{
-			if ((i == SSL_PKEY_DH_RSA) || (i == SSL_PKEY_DH_DSA))
-				{
-				i=(i == SSL_PKEY_DH_RSA)?
-					SSL_PKEY_DH_DSA:SSL_PKEY_DH_RSA;
-
-				if (c->pkeys[i].privatekey == NULL)
-					ok=1;
-				else
-					{
-					if (!X509_check_private_key(x,
-						c->pkeys[i].privatekey))
-						bad=1;
-					else
-						ok=1;
-					}
-				}
-			else
-				bad=1;
+			/* don't fail for a cert/key mismatch, just free
+			 * current private key (when switching to a different
+			 * cert & key, first this function should be used,
+			 * then ssl_set_pkey */
+			EVP_PKEY_free(c->pkeys[i].privatekey);
+			c->pkeys[i].privatekey=NULL;
+			/* clear error queue */
+			ERR_clear_error();
 			}
-		else
-			ok=1;
-		} /* OPENSSL_NO_RSA */
 		}
-	else
-		ok=1;
 
 	EVP_PKEY_free(pkey);
-	if (bad)
-		{
-		EVP_PKEY_free(c->pkeys[i].privatekey);
-		c->pkeys[i].privatekey=NULL;
-		}
 
 	if (c->pkeys[i].x509 != NULL)
 		X509_free(c->pkeys[i].x509);
@@ -699,6 +654,11 @@ int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type)
 		pkey=PEM_read_bio_PrivateKey(in,NULL,
 			ctx->default_passwd_callback,ctx->default_passwd_callback_userdata);
 		}
+	else if (type == SSL_FILETYPE_ASN1)
+		{
+		j = ERR_R_ASN1_LIB;
+		pkey = d2i_PrivateKey_bio(in,NULL);
+		}
 	else
 		{
 		SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE,SSL_R_BAD_SSL_FILETYPE);
@@ -748,6 +708,8 @@ int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file)
 	int ret=0;
 	X509 *x=NULL;
 
+	ERR_clear_error(); /* clear error stack for SSL_CTX_use_certificate() */
+
 	in=BIO_new(BIO_s_file_internal());
 	if (in == NULL)
 		{
@@ -761,7 +723,7 @@ int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file)
 		goto end;
 		}
 
-	x=PEM_read_bio_X509(in,NULL,ctx->default_passwd_callback,ctx->default_passwd_callback_userdata);
+	x=PEM_read_bio_X509_AUX(in,NULL,ctx->default_passwd_callback,ctx->default_passwd_callback_userdata);
 	if (x == NULL)
 		{
 		SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE,ERR_R_PEM_LIB);
@@ -804,7 +766,7 @@ int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file)
 		/* When the while loop ends, it's usually just EOF. */
 		err = ERR_peek_last_error();
 		if (ERR_GET_LIB(err) == ERR_LIB_PEM && ERR_GET_REASON(err) == PEM_R_NO_START_LINE)
-			(void)ERR_get_error();
+			ERR_clear_error();
 		else 
 			ret = 0; /* some real error */
 		}
diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c
index 85581d43ca..348410e5c3 100644
--- a/ssl/ssl_sess.c
+++ b/ssl/ssl_sess.c
@@ -55,17 +55,99 @@
  * copied and put under another distribution licence
  * [including the GNU Public Licence.]
  */
+/* ====================================================================
+ * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* ====================================================================
+ * Copyright 2005 Nokia. All rights reserved.
+ *
+ * The portions of the attached software ("Contribution") is developed by
+ * Nokia Corporation and is licensed pursuant to the OpenSSL open source
+ * license.
+ *
+ * The Contribution, originally written by Mika Kousa and Pasi Eronen of
+ * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+ * support (see RFC 4279) to OpenSSL.
+ *
+ * No patent licenses or other rights except those expressly stated in
+ * the OpenSSL open source license shall be deemed granted or received
+ * expressly, by implication, estoppel, or otherwise.
+ *
+ * No assurances are provided by Nokia that the Contribution does not
+ * infringe the patent or other intellectual property rights of any third
+ * party or that the license provides you with all the necessary rights
+ * to make use of the Contribution.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+ * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+ * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+ * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+ * OTHERWISE.
+ */
 
 #include <stdio.h>
 #include <openssl/lhash.h>
 #include <openssl/rand.h>
+#ifndef OPENSSL_NO_ENGINE
+#include <openssl/engine.h>
+#endif
 #include "ssl_locl.h"
 
 static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s);
 static void SSL_SESSION_list_add(SSL_CTX *ctx,SSL_SESSION *s);
 static int remove_session_lock(SSL_CTX *ctx, SSL_SESSION *c, int lck);
 
-SSL_SESSION *SSL_get_session(SSL *ssl)
+SSL_SESSION *SSL_get_session(const SSL *ssl)
 /* aka SSL_get0_session; gets 0 objects, just returns a copy of the pointer */
 	{
 	return(ssl->session);
@@ -98,7 +180,7 @@ int SSL_SESSION_set_ex_data(SSL_SESSION *s, int idx, void *arg)
 	return(CRYPTO_set_ex_data(&s->ex_data,idx,arg));
 	}
 
-void *SSL_SESSION_get_ex_data(SSL_SESSION *s, int idx)
+void *SSL_SESSION_get_ex_data(const SSL_SESSION *s, int idx)
 	{
 	return(CRYPTO_get_ex_data(&s->ex_data,idx));
 	}
@@ -118,11 +200,24 @@ SSL_SESSION *SSL_SESSION_new(void)
 	ss->verify_result = 1; /* avoid 0 (= X509_V_OK) just in case */
 	ss->references=1;
 	ss->timeout=60*5+4; /* 5 minute timeout by default */
-	ss->time=time(NULL);
+	ss->time=(unsigned long)time(NULL);
 	ss->prev=NULL;
 	ss->next=NULL;
 	ss->compress_meth=0;
+#ifndef OPENSSL_NO_TLSEXT
+	ss->tlsext_hostname = NULL; 
+#ifndef OPENSSL_NO_EC
+	ss->tlsext_ecpointformatlist_length = 0;
+	ss->tlsext_ecpointformatlist = NULL;
+	ss->tlsext_ellipticcurvelist_length = 0;
+	ss->tlsext_ellipticcurvelist = NULL;
+#endif
+#endif
 	CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, ss, &ss->ex_data);
+#ifndef OPENSSL_NO_PSK
+	ss->psk_identity_hint=NULL;
+	ss->psk_identity=NULL;
+#endif
 	return(ss);
 	}
 
@@ -148,7 +243,8 @@ static int def_generate_session_id(const SSL *ssl, unsigned char *id,
 {
 	unsigned int retry = 0;
 	do
-		RAND_pseudo_bytes(id, *id_len);
+		if (RAND_pseudo_bytes(id, *id_len) <= 0)
+			return 0;
 	while(SSL_has_matching_session_id(ssl, id, *id_len) &&
 		(++retry < MAX_SESS_ID_ATTEMPTS));
 	if(retry < MAX_SESS_ID_ATTEMPTS)
@@ -176,10 +272,10 @@ int ssl_get_new_session(SSL *s, int session)
 	if ((ss=SSL_SESSION_new()) == NULL) return(0);
 
 	/* If the context has a default timeout, use it */
-	if (s->ctx->session_timeout == 0)
+	if (s->session_ctx->session_timeout == 0)
 		ss->timeout=SSL_get_default_timeout(s);
 	else
-		ss->timeout=s->ctx->session_timeout;
+		ss->timeout=s->session_ctx->session_timeout;
 
 	if (s->session != NULL)
 		{
@@ -204,18 +300,41 @@ int ssl_get_new_session(SSL *s, int session)
 			ss->ssl_version=TLS1_VERSION;
 			ss->session_id_length=SSL3_SSL_SESSION_ID_LENGTH;
 			}
+		else if (s->version == TLS1_1_VERSION)
+			{
+			ss->ssl_version=TLS1_1_VERSION;
+			ss->session_id_length=SSL3_SSL_SESSION_ID_LENGTH;
+			}
+		else if (s->version == DTLS1_BAD_VER)
+			{
+			ss->ssl_version=DTLS1_BAD_VER;
+			ss->session_id_length=SSL3_SSL_SESSION_ID_LENGTH;
+			}
+		else if (s->version == DTLS1_VERSION)
+			{
+			ss->ssl_version=DTLS1_VERSION;
+			ss->session_id_length=SSL3_SSL_SESSION_ID_LENGTH;
+			}
 		else
 			{
 			SSLerr(SSL_F_SSL_GET_NEW_SESSION,SSL_R_UNSUPPORTED_SSL_VERSION);
 			SSL_SESSION_free(ss);
 			return(0);
 			}
+#ifndef OPENSSL_NO_TLSEXT
+		/* If RFC4507 ticket use empty session ID */
+		if (s->tlsext_ticket_expected)
+			{
+			ss->session_id_length = 0;
+			goto sess_id_done;
+			}
+#endif
 		/* Choose which callback will set the session ID */
 		CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
 		if(s->generate_session_id)
 			cb = s->generate_session_id;
-		else if(s->ctx->generate_session_id)
-			cb = s->ctx->generate_session_id;
+		else if(s->session_ctx->generate_session_id)
+			cb = s->session_ctx->generate_session_id;
 		CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
 		/* Choose a session ID */
 		tmp = ss->session_id_length;
@@ -251,6 +370,43 @@ int ssl_get_new_session(SSL *s, int session)
 			SSL_SESSION_free(ss);
 			return(0);
 			}
+#ifndef OPENSSL_NO_TLSEXT
+		sess_id_done:
+		if (s->tlsext_hostname) {
+			ss->tlsext_hostname = BUF_strdup(s->tlsext_hostname);
+			if (ss->tlsext_hostname == NULL) {
+				SSLerr(SSL_F_SSL_GET_NEW_SESSION, ERR_R_INTERNAL_ERROR);
+				SSL_SESSION_free(ss);
+				return 0;
+				}
+			}
+#ifndef OPENSSL_NO_EC
+		if (s->tlsext_ecpointformatlist)
+			{
+			if (ss->tlsext_ecpointformatlist != NULL) OPENSSL_free(ss->tlsext_ecpointformatlist);
+			if ((ss->tlsext_ecpointformatlist = OPENSSL_malloc(s->tlsext_ecpointformatlist_length)) == NULL)
+				{
+				SSLerr(SSL_F_SSL_GET_NEW_SESSION, ERR_R_MALLOC_FAILURE);
+				SSL_SESSION_free(ss);
+				return 0;
+				}
+			ss->tlsext_ecpointformatlist_length = s->tlsext_ecpointformatlist_length;
+			memcpy(ss->tlsext_ecpointformatlist, s->tlsext_ecpointformatlist, s->tlsext_ecpointformatlist_length);
+			}
+		if (s->tlsext_ellipticcurvelist)
+			{
+			if (ss->tlsext_ellipticcurvelist != NULL) OPENSSL_free(ss->tlsext_ellipticcurvelist);
+			if ((ss->tlsext_ellipticcurvelist = OPENSSL_malloc(s->tlsext_ellipticcurvelist_length)) == NULL)
+				{
+				SSLerr(SSL_F_SSL_GET_NEW_SESSION, ERR_R_MALLOC_FAILURE);
+				SSL_SESSION_free(ss);
+				return 0;
+				}
+			ss->tlsext_ellipticcurvelist_length = s->tlsext_ellipticcurvelist_length;
+			memcpy(ss->tlsext_ellipticcurvelist, s->tlsext_ellipticcurvelist, s->tlsext_ellipticcurvelist_length);
+			}
+#endif
+#endif
 		}
 	else
 		{
@@ -272,23 +428,43 @@ int ssl_get_new_session(SSL *s, int session)
 	return(1);
 	}
 
-int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len)
+int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len,
+			const unsigned char *limit)
 	{
 	/* This is used only by servers. */
 
-	SSL_SESSION *ret=NULL,data;
+	SSL_SESSION *ret=NULL;
 	int fatal = 0;
+#ifndef OPENSSL_NO_TLSEXT
+	int r;
+#endif
 
-	data.ssl_version=s->version;
-	data.session_id_length=len;
 	if (len > SSL_MAX_SSL_SESSION_ID_LENGTH)
 		goto err;
-	memcpy(data.session_id,session_id,len);
-
-	if (!(s->ctx->session_cache_mode & SSL_SESS_CACHE_NO_INTERNAL_LOOKUP))
+#ifndef OPENSSL_NO_TLSEXT
+	r = tls1_process_ticket(s, session_id, len, limit, &ret);
+	if (r == -1)
 		{
+		fatal = 1;
+		goto err;
+		}
+	else if (r == 0 || (!ret && !len))
+		goto err;
+	else if (!ret && !(s->session_ctx->session_cache_mode & SSL_SESS_CACHE_NO_INTERNAL_LOOKUP))
+#else
+	if (len == 0)
+		goto err;
+	if (!(s->session_ctx->session_cache_mode & SSL_SESS_CACHE_NO_INTERNAL_LOOKUP))
+#endif
+		{
+		SSL_SESSION data;
+		data.ssl_version=s->version;
+		data.session_id_length=len;
+		if (len == 0)
+			return 0;
+		memcpy(data.session_id,session_id,len);
 		CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
-		ret=(SSL_SESSION *)lh_retrieve(s->ctx->sessions,&data);
+		ret=lh_SSL_SESSION_retrieve(s->session_ctx->sessions,&data);
 		if (ret != NULL)
 		    /* don't allow other threads to steal it: */
 		    CRYPTO_add(&ret->references,1,CRYPTO_LOCK_SSL_SESSION);
@@ -299,13 +475,13 @@ int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len)
 		{
 		int copy=1;
 	
-		s->ctx->stats.sess_miss++;
+		s->session_ctx->stats.sess_miss++;
 		ret=NULL;
-		if (s->ctx->get_session_cb != NULL
-		    && (ret=s->ctx->get_session_cb(s,session_id,len,&copy))
+		if (s->session_ctx->get_session_cb != NULL
+		    && (ret=s->session_ctx->get_session_cb(s,session_id,len,&copy))
 		       != NULL)
 			{
-			s->ctx->stats.sess_cb_hit++;
+			s->session_ctx->stats.sess_cb_hit++;
 
 			/* Increment reference count now if the session callback
 			 * asks us to do so (note that if the session structures
@@ -317,10 +493,10 @@ int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len)
 
 			/* Add the externally cached session to the internal
 			 * cache as well if and only if we are supposed to. */
-			if(!(s->ctx->session_cache_mode & SSL_SESS_CACHE_NO_INTERNAL_STORE))
+			if(!(s->session_ctx->session_cache_mode & SSL_SESS_CACHE_NO_INTERNAL_STORE))
 				/* The following should not return 1, otherwise,
 				 * things are very strange */
-				SSL_CTX_add_session(s->ctx,ret);
+				SSL_CTX_add_session(s->session_ctx,ret);
 			}
 		if (ret == NULL)
 			goto err;
@@ -328,33 +504,35 @@ int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len)
 
 	/* Now ret is non-NULL, and we own one of its reference counts. */
 
-	if((s->verify_mode&SSL_VERIFY_PEER)
-	   && (!s->sid_ctx_length || ret->sid_ctx_length != s->sid_ctx_length
-	       || memcmp(ret->sid_ctx,s->sid_ctx,ret->sid_ctx_length)))
-	    {
+	if (ret->sid_ctx_length != s->sid_ctx_length
+	    || memcmp(ret->sid_ctx,s->sid_ctx,ret->sid_ctx_length))
+		{
 		/* We've found the session named by the client, but we don't
 		 * want to use it in this context. */
-		
-		if (s->sid_ctx_length == 0)
-			{
-			/* application should have used SSL[_CTX]_set_session_id_context
-			 * -- we could tolerate this and just pretend we never heard
-			 * of this session, but then applications could effectively
-			 * disable the session cache by accident without anyone noticing */
 
-			SSLerr(SSL_F_SSL_GET_PREV_SESSION,SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED);
-			fatal = 1;
-			goto err;
-			}
-		else
-			{
 #if 0 /* The client cannot always know when a session is not appropriate,
-	   * so we shouldn't generate an error message. */
+       * so we shouldn't generate an error message. */
 
-			SSLerr(SSL_F_SSL_GET_PREV_SESSION,SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT);
+		SSLerr(SSL_F_SSL_GET_PREV_SESSION,SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT);
 #endif
-			goto err; /* treat like cache miss */
-			}
+		goto err; /* treat like cache miss */
+		}
+	
+	if((s->verify_mode & SSL_VERIFY_PEER) && s->sid_ctx_length == 0)
+		{
+		/* We can't be sure if this session is being used out of
+		 * context, which is especially important for SSL_VERIFY_PEER.
+		 * The application should have used SSL[_CTX]_set_session_id_context.
+		 *
+		 * For this error case, we generate an error instead of treating
+		 * the event like a cache miss (otherwise it would be easy for
+		 * applications to effectively disable the session cache by
+		 * accident without anyone noticing).
+		 */
+		
+		SSLerr(SSL_F_SSL_GET_PREV_SESSION,SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED);
+		fatal = 1;
+		goto err;
 		}
 
 	if (ret->cipher == NULL)
@@ -383,15 +561,15 @@ int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len)
 	CRYPTO_add(&ret->references,1,CRYPTO_LOCK_SSL_SESSION);
 #endif
 
-	if ((long)(ret->time+ret->timeout) < (long)time(NULL)) /* timeout */
+	if (ret->timeout < (long)(time(NULL) - ret->time)) /* timeout */
 		{
-		s->ctx->stats.sess_timeout++;
+		s->session_ctx->stats.sess_timeout++;
 		/* remove it from the cache */
-		SSL_CTX_remove_session(s->ctx,ret);
+		SSL_CTX_remove_session(s->session_ctx,ret);
 		goto err;
 		}
 
-	s->ctx->stats.sess_hit++;
+	s->session_ctx->stats.sess_hit++;
 
 	/* ret->time=time(NULL); */ /* rezero timeout? */
 	/* again, just leave the session 
@@ -424,7 +602,7 @@ int SSL_CTX_add_session(SSL_CTX *ctx, SSL_SESSION *c)
 	/* if session c is in already in cache, we take back the increment later */
 
 	CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
-	s=(SSL_SESSION *)lh_insert(ctx->sessions,c);
+	s=lh_SSL_SESSION_insert(ctx->sessions,c);
 	
 	/* s != NULL iff we already had a session with the given PID.
 	 * In this case, s == c should hold (then we did not really modify
@@ -490,10 +668,10 @@ static int remove_session_lock(SSL_CTX *ctx, SSL_SESSION *c, int lck)
 	if ((c != NULL) && (c->session_id_length != 0))
 		{
 		if(lck) CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
-		if ((r = (SSL_SESSION *)lh_retrieve(ctx->sessions,c)) == c)
+		if ((r = lh_SSL_SESSION_retrieve(ctx->sessions,c)) == c)
 			{
 			ret=1;
-			r=(SSL_SESSION *)lh_delete(ctx->sessions,c);
+			r=lh_SSL_SESSION_delete(ctx->sessions,c);
 			SSL_SESSION_list_remove(ctx,c);
 			}
 
@@ -540,6 +718,22 @@ void SSL_SESSION_free(SSL_SESSION *ss)
 	if (ss->sess_cert != NULL) ssl_sess_cert_free(ss->sess_cert);
 	if (ss->peer != NULL) X509_free(ss->peer);
 	if (ss->ciphers != NULL) sk_SSL_CIPHER_free(ss->ciphers);
+#ifndef OPENSSL_NO_TLSEXT
+	if (ss->tlsext_hostname != NULL) OPENSSL_free(ss->tlsext_hostname);
+	if (ss->tlsext_tick != NULL) OPENSSL_free(ss->tlsext_tick);
+#ifndef OPENSSL_NO_EC
+	ss->tlsext_ecpointformatlist_length = 0;
+	if (ss->tlsext_ecpointformatlist != NULL) OPENSSL_free(ss->tlsext_ecpointformatlist);
+	ss->tlsext_ellipticcurvelist_length = 0;
+	if (ss->tlsext_ellipticcurvelist != NULL) OPENSSL_free(ss->tlsext_ellipticcurvelist);
+#endif /* OPENSSL_NO_EC */
+#endif
+#ifndef OPENSSL_NO_PSK
+	if (ss->psk_identity_hint != NULL)
+		OPENSSL_free(ss->psk_identity_hint);
+	if (ss->psk_identity != NULL)
+		OPENSSL_free(ss->psk_identity);
+#endif
 	OPENSSL_cleanse(ss,sizeof(*ss));
 	OPENSSL_free(ss);
 	}
@@ -547,7 +741,7 @@ void SSL_SESSION_free(SSL_SESSION *ss)
 int SSL_set_session(SSL *s, SSL_SESSION *session)
 	{
 	int ret=0;
-	SSL_METHOD *meth;
+	const SSL_METHOD *meth;
 
 	if (session != NULL)
 		{
@@ -574,7 +768,7 @@ int SSL_set_session(SSL *s, SSL_SESSION *session)
                 if (s->kssl_ctx && !s->kssl_ctx->client_princ &&
                     session->krb5_client_princ_len > 0)
                 {
-                    s->kssl_ctx->client_princ = (char *)malloc(session->krb5_client_princ_len + 1);
+                    s->kssl_ctx->client_princ = (char *)OPENSSL_malloc(session->krb5_client_princ_len + 1);
                     memcpy(s->kssl_ctx->client_princ,session->krb5_client_princ,
                             session->krb5_client_princ_len);
                     s->kssl_ctx->client_princ[session->krb5_client_princ_len] = '\0';
@@ -616,13 +810,13 @@ long SSL_SESSION_set_timeout(SSL_SESSION *s, long t)
 	return(1);
 	}
 
-long SSL_SESSION_get_timeout(SSL_SESSION *s)
+long SSL_SESSION_get_timeout(const SSL_SESSION *s)
 	{
 	if (s == NULL) return(0);
 	return(s->timeout);
 	}
 
-long SSL_SESSION_get_time(SSL_SESSION *s)
+long SSL_SESSION_get_time(const SSL_SESSION *s)
 	{
 	if (s == NULL) return(0);
 	return(s->time);
@@ -644,26 +838,81 @@ long SSL_CTX_set_timeout(SSL_CTX *s, long t)
 	return(l);
 	}
 
-long SSL_CTX_get_timeout(SSL_CTX *s)
+long SSL_CTX_get_timeout(const SSL_CTX *s)
 	{
 	if (s == NULL) return(0);
 	return(s->session_timeout);
 	}
 
+#ifndef OPENSSL_NO_TLSEXT
+int SSL_set_session_secret_cb(SSL *s, int (*tls_session_secret_cb)(SSL *s, void *secret, int *secret_len,
+	STACK_OF(SSL_CIPHER) *peer_ciphers, SSL_CIPHER **cipher, void *arg), void *arg)
+	{
+	if (s == NULL) return(0);
+	s->tls_session_secret_cb = tls_session_secret_cb;
+	s->tls_session_secret_cb_arg = arg;
+	return(1);
+	}
+
+int SSL_set_session_ticket_ext_cb(SSL *s, tls_session_ticket_ext_cb_fn cb,
+				  void *arg)
+	{
+	if (s == NULL) return(0);
+	s->tls_session_ticket_ext_cb = cb;
+	s->tls_session_ticket_ext_cb_arg = arg;
+	return(1);
+	}
+
+int SSL_set_session_ticket_ext(SSL *s, void *ext_data, int ext_len)
+	{
+	if (s->version >= TLS1_VERSION)
+		{
+		if (s->tlsext_session_ticket)
+			{
+			OPENSSL_free(s->tlsext_session_ticket);
+			s->tlsext_session_ticket = NULL;
+			}
+
+		s->tlsext_session_ticket = OPENSSL_malloc(sizeof(TLS_SESSION_TICKET_EXT) + ext_len);
+		if (!s->tlsext_session_ticket)
+			{
+			SSLerr(SSL_F_SSL_SET_SESSION_TICKET_EXT, ERR_R_MALLOC_FAILURE);
+			return 0;
+			}
+
+		if (ext_data)
+			{
+			s->tlsext_session_ticket->length = ext_len;
+			s->tlsext_session_ticket->data = s->tlsext_session_ticket + 1;
+			memcpy(s->tlsext_session_ticket->data, ext_data, ext_len);
+			}
+		else
+			{
+			s->tlsext_session_ticket->length = 0;
+			s->tlsext_session_ticket->data = NULL;
+			}
+
+		return 1;
+		}
+
+	return 0;
+	}
+#endif /* OPENSSL_NO_TLSEXT */
+
 typedef struct timeout_param_st
 	{
 	SSL_CTX *ctx;
 	long time;
-	LHASH *cache;
+	LHASH_OF(SSL_SESSION) *cache;
 	} TIMEOUT_PARAM;
 
-static void timeout(SSL_SESSION *s, TIMEOUT_PARAM *p)
+static void timeout_doall_arg(SSL_SESSION *s, TIMEOUT_PARAM *p)
 	{
 	if ((p->time == 0) || (p->time > (s->time+s->timeout))) /* timeout */
 		{
 		/* The reason we don't call SSL_CTX_remove_session() is to
 		 * save on locking overhead */
-		lh_delete(p->cache,s);
+		(void)lh_SSL_SESSION_delete(p->cache,s);
 		SSL_SESSION_list_remove(p->ctx,s);
 		s->not_resumable=1;
 		if (p->ctx->remove_session_cb != NULL)
@@ -672,7 +921,7 @@ static void timeout(SSL_SESSION *s, TIMEOUT_PARAM *p)
 		}
 	}
 
-static IMPLEMENT_LHASH_DOALL_ARG_FN(timeout, SSL_SESSION *, TIMEOUT_PARAM *)
+static IMPLEMENT_LHASH_DOALL_ARG_FN(timeout, SSL_SESSION, TIMEOUT_PARAM)
 
 void SSL_CTX_flush_sessions(SSL_CTX *s, long t)
 	{
@@ -684,10 +933,11 @@ void SSL_CTX_flush_sessions(SSL_CTX *s, long t)
 	if (tp.cache == NULL) return;
 	tp.time=t;
 	CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
-	i=tp.cache->down_load;
-	tp.cache->down_load=0;
-	lh_doall_arg(tp.cache, LHASH_DOALL_ARG_FN(timeout), &tp);
-	tp.cache->down_load=i;
+	i=CHECKED_LHASH_OF(SSL_SESSION, tp.cache)->down_load;
+	CHECKED_LHASH_OF(SSL_SESSION, tp.cache)->down_load=0;
+	lh_SSL_SESSION_doall_arg(tp.cache, LHASH_DOALL_ARG_FN(timeout),
+				 TIMEOUT_PARAM, &tp);
+	CHECKED_LHASH_OF(SSL_SESSION, tp.cache)->down_load=i;
 	CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
 	}
 
@@ -759,3 +1009,92 @@ static void SSL_SESSION_list_add(SSL_CTX *ctx, SSL_SESSION *s)
 		}
 	}
 
+void SSL_CTX_sess_set_new_cb(SSL_CTX *ctx,
+	int (*cb)(struct ssl_st *ssl,SSL_SESSION *sess))
+	{
+	ctx->new_session_cb=cb;
+	}
+
+int (*SSL_CTX_sess_get_new_cb(SSL_CTX *ctx))(SSL *ssl, SSL_SESSION *sess)
+	{
+	return ctx->new_session_cb;
+	}
+
+void SSL_CTX_sess_set_remove_cb(SSL_CTX *ctx,
+	void (*cb)(SSL_CTX *ctx,SSL_SESSION *sess))
+	{
+	ctx->remove_session_cb=cb;
+	}
+
+void (*SSL_CTX_sess_get_remove_cb(SSL_CTX *ctx))(SSL_CTX * ctx,SSL_SESSION *sess)
+	{
+	return ctx->remove_session_cb;
+	}
+
+void SSL_CTX_sess_set_get_cb(SSL_CTX *ctx,
+	SSL_SESSION *(*cb)(struct ssl_st *ssl,
+	         unsigned char *data,int len,int *copy))
+	{
+	ctx->get_session_cb=cb;
+	}
+
+SSL_SESSION * (*SSL_CTX_sess_get_get_cb(SSL_CTX *ctx))(SSL *ssl,
+	         unsigned char *data,int len,int *copy)
+	{
+	return ctx->get_session_cb;
+	}
+
+void SSL_CTX_set_info_callback(SSL_CTX *ctx, 
+	void (*cb)(const SSL *ssl,int type,int val))
+	{
+	ctx->info_callback=cb;
+	}
+
+void (*SSL_CTX_get_info_callback(SSL_CTX *ctx))(const SSL *ssl,int type,int val)
+	{
+	return ctx->info_callback;
+	}
+
+void SSL_CTX_set_client_cert_cb(SSL_CTX *ctx,
+	int (*cb)(SSL *ssl, X509 **x509, EVP_PKEY **pkey))
+	{
+	ctx->client_cert_cb=cb;
+	}
+
+int (*SSL_CTX_get_client_cert_cb(SSL_CTX *ctx))(SSL * ssl, X509 ** x509 , EVP_PKEY **pkey)
+	{
+	return ctx->client_cert_cb;
+	}
+
+#ifndef OPENSSL_NO_ENGINE
+int SSL_CTX_set_client_cert_engine(SSL_CTX *ctx, ENGINE *e)
+	{
+	if (!ENGINE_init(e))
+		{
+		SSLerr(SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE, ERR_R_ENGINE_LIB);
+		return 0;
+		}
+	if(!ENGINE_get_ssl_client_cert_function(e))
+		{
+		SSLerr(SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE, SSL_R_NO_CLIENT_CERT_METHOD);
+		ENGINE_finish(e);
+		return 0;
+		}
+	ctx->client_cert_engine = e;
+	return 1;
+	}
+#endif
+
+void SSL_CTX_set_cookie_generate_cb(SSL_CTX *ctx,
+	int (*cb)(SSL *ssl, unsigned char *cookie, unsigned int *cookie_len))
+	{
+	ctx->app_gen_cookie_cb=cb;
+	}
+
+void SSL_CTX_set_cookie_verify_cb(SSL_CTX *ctx,
+	int (*cb)(SSL *ssl, unsigned char *cookie, unsigned int cookie_len))
+	{
+	ctx->app_verify_cookie_cb=cb;
+	}
+
+IMPLEMENT_PEM_rw(SSL_SESSION, SSL_SESSION, PEM_STRING_SSL_SESSION, SSL_SESSION)
diff --git a/ssl/ssl_stat.c b/ssl/ssl_stat.c
index b16d253081..144b81e55f 100644
--- a/ssl/ssl_stat.c
+++ b/ssl/ssl_stat.c
@@ -55,6 +55,32 @@
  * copied and put under another distribution licence
  * [including the GNU Public Licence.]
  */
+/* ====================================================================
+ * Copyright 2005 Nokia. All rights reserved.
+ *
+ * The portions of the attached software ("Contribution") is developed by
+ * Nokia Corporation and is licensed pursuant to the OpenSSL open source
+ * license.
+ *
+ * The Contribution, originally written by Mika Kousa and Pasi Eronen of
+ * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+ * support (see RFC 4279) to OpenSSL.
+ *
+ * No patent licenses or other rights except those expressly stated in
+ * the OpenSSL open source license shall be deemed granted or received
+ * expressly, by implication, estoppel, or otherwise.
+ *
+ * No assurances are provided by Nokia that the Contribution does not
+ * infringe the patent or other intellectual property rights of any third
+ * party or that the license provides you with all the necessary rights
+ * to make use of the Contribution.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+ * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+ * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+ * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+ * OTHERWISE.
+ */
 
 #include <stdio.h>
 #include "ssl_locl.h"
@@ -127,6 +153,8 @@ case SSL3_ST_CR_KEY_EXCH_A:	str="SSLv3 read server key exchange A"; break;
 case SSL3_ST_CR_KEY_EXCH_B:	str="SSLv3 read server key exchange B"; break;
 case SSL3_ST_CR_CERT_REQ_A:	str="SSLv3 read server certificate request A"; break;
 case SSL3_ST_CR_CERT_REQ_B:	str="SSLv3 read server certificate request B"; break;
+case SSL3_ST_CR_SESSION_TICKET_A: str="SSLv3 read server session ticket A";break;
+case SSL3_ST_CR_SESSION_TICKET_B: str="SSLv3 read server session ticket B";break;
 case SSL3_ST_CR_SRVR_DONE_A:	str="SSLv3 read server done A"; break;
 case SSL3_ST_CR_SRVR_DONE_B:	str="SSLv3 read server done B"; break;
 case SSL3_ST_CW_CERT_A:		str="SSLv3 write client certificate A"; break;
@@ -172,6 +200,8 @@ case SSL3_ST_SW_KEY_EXCH_A:	str="SSLv3 write key exchange A"; break;
 case SSL3_ST_SW_KEY_EXCH_B:	str="SSLv3 write key exchange B"; break;
 case SSL3_ST_SW_CERT_REQ_A:	str="SSLv3 write certificate request A"; break;
 case SSL3_ST_SW_CERT_REQ_B:	str="SSLv3 write certificate request B"; break;
+case SSL3_ST_SW_SESSION_TICKET_A: str="SSLv3 write session ticket A"; break;
+case SSL3_ST_SW_SESSION_TICKET_B: str="SSLv3 write session ticket B"; break;
 case SSL3_ST_SW_SRVR_DONE_A:	str="SSLv3 write server done A"; break;
 case SSL3_ST_SW_SRVR_DONE_B:	str="SSLv3 write server done B"; break;
 case SSL3_ST_SR_CERT_A:		str="SSLv3 read client certificate A"; break;
@@ -194,6 +224,12 @@ case SSL23_ST_SR_CLNT_HELLO_A:	str="SSLv2/v3 read client hello A"; break;
 case SSL23_ST_SR_CLNT_HELLO_B:	str="SSLv2/v3 read client hello B"; break;
 #endif
 
+/* DTLS */
+case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A: str="DTLS1 read hello verify request A"; break;
+case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B: str="DTLS1 read hello verify request B"; break;
+case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A: str="DTLS1 write hello verify request A"; break;
+case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B: str="DTLS1 write hello verify request B"; break;
+
 default:	str="unknown state"; break;
 		}
 	return(str);
@@ -341,6 +377,11 @@ case SSL23_ST_CR_SRVR_HELLO_B:			str="23RSHA"; break;
 case SSL23_ST_SR_CLNT_HELLO_A:			str="23RCHA"; break;
 case SSL23_ST_SR_CLNT_HELLO_B:			str="23RCHB"; break;
 #endif
+/* DTLS */
+case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A: str="DRCHVA"; break;
+case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B: str="DRCHVB"; break;
+case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A: str="DWCHVA"; break;
+case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B: str="DWCHVB"; break;
 
 default:					str="UNKWN "; break;
 		}
@@ -399,6 +440,12 @@ const char *SSL_alert_desc_string(int value)
 	case TLS1_AD_INTERNAL_ERROR:		str="IE"; break;
 	case TLS1_AD_USER_CANCELLED:		str="US"; break;
 	case TLS1_AD_NO_RENEGOTIATION:		str="NR"; break;
+	case TLS1_AD_UNSUPPORTED_EXTENSION:	str="UE"; break;
+	case TLS1_AD_CERTIFICATE_UNOBTAINABLE:	str="CO"; break;
+	case TLS1_AD_UNRECOGNIZED_NAME:		str="UN"; break;
+	case TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE: str="BR"; break;
+	case TLS1_AD_BAD_CERTIFICATE_HASH_VALUE: str="BH"; break;
+	case TLS1_AD_UNKNOWN_PSK_IDENTITY:	str="UP"; break;
 	default:				str="UK"; break;
 		}
 	return(str);
@@ -482,6 +529,24 @@ const char *SSL_alert_desc_string_long(int value)
 	case TLS1_AD_NO_RENEGOTIATION:
 		str="no renegotiation";
 		break;
+	case TLS1_AD_UNSUPPORTED_EXTENSION:
+		str="unsupported extension";
+		break;
+	case TLS1_AD_CERTIFICATE_UNOBTAINABLE:
+		str="certificate unobtainable";
+		break;
+	case TLS1_AD_UNRECOGNIZED_NAME:
+		str="unrecognized name";
+		break;
+	case TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE:
+		str="bad certificate status response";
+		break;
+	case TLS1_AD_BAD_CERTIFICATE_HASH_VALUE:
+		str="bad certificate hash value";
+		break;
+	case TLS1_AD_UNKNOWN_PSK_IDENTITY:
+		str="unknown PSK identity";
+		break;
 	default: str="unknown"; break;
 		}
 	return(str);
diff --git a/ssl/ssl_txt.c b/ssl/ssl_txt.c
index 40b76b1b26..cab712b9a8 100644
--- a/ssl/ssl_txt.c
+++ b/ssl/ssl_txt.c
@@ -55,13 +55,39 @@
  * copied and put under another distribution licence
  * [including the GNU Public Licence.]
  */
+/* ====================================================================
+ * Copyright 2005 Nokia. All rights reserved.
+ *
+ * The portions of the attached software ("Contribution") is developed by
+ * Nokia Corporation and is licensed pursuant to the OpenSSL open source
+ * license.
+ *
+ * The Contribution, originally written by Mika Kousa and Pasi Eronen of
+ * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+ * support (see RFC 4279) to OpenSSL.
+ *
+ * No patent licenses or other rights except those expressly stated in
+ * the OpenSSL open source license shall be deemed granted or received
+ * expressly, by implication, estoppel, or otherwise.
+ *
+ * No assurances are provided by Nokia that the Contribution does not
+ * infringe the patent or other intellectual property rights of any third
+ * party or that the license provides you with all the necessary rights
+ * to make use of the Contribution.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+ * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+ * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+ * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+ * OTHERWISE.
+ */
 
 #include <stdio.h>
 #include <openssl/buffer.h>
 #include "ssl_locl.h"
 
 #ifndef OPENSSL_NO_FP_API
-int SSL_SESSION_print_fp(FILE *fp, SSL_SESSION *x)
+int SSL_SESSION_print_fp(FILE *fp, const SSL_SESSION *x)
 	{
 	BIO *b;
 	int ret;
@@ -78,10 +104,10 @@ int SSL_SESSION_print_fp(FILE *fp, SSL_SESSION *x)
 	}
 #endif
 
-int SSL_SESSION_print(BIO *bp, SSL_SESSION *x)
+int SSL_SESSION_print(BIO *bp, const SSL_SESSION *x)
 	{
 	unsigned int i;
-	char *s;
+	const char *s;
 
 	if (x == NULL) goto err;
 	if (BIO_puts(bp,"SSL-Session:\n") <= 0) goto err;
@@ -89,8 +115,14 @@ int SSL_SESSION_print(BIO *bp, SSL_SESSION *x)
 		s="SSLv2";
 	else if (x->ssl_version == SSL3_VERSION)
 		s="SSLv3";
+	else if (x->ssl_version == TLS1_1_VERSION)
+		s="TLSv1.1";
 	else if (x->ssl_version == TLS1_VERSION)
 		s="TLSv1";
+	else if (x->ssl_version == DTLS1_VERSION)
+		s="DTLSv1";
+	else if (x->ssl_version == DTLS1_BAD_VER)
+		s="DTLSv1-bad";
 	else
 		s="unknown";
 	if (BIO_printf(bp,"    Protocol  : %s\n",s) <= 0) goto err;
@@ -151,20 +183,44 @@ int SSL_SESSION_print(BIO *bp, SSL_SESSION *x)
 			if (BIO_printf(bp,"%02X",x->krb5_client_princ[i]) <= 0) goto err;
 			}
 #endif /* OPENSSL_NO_KRB5 */
+#ifndef OPENSSL_NO_PSK
+	if (BIO_puts(bp,"\n    PSK identity: ") <= 0) goto err;
+	if (BIO_printf(bp, "%s", x->psk_identity ? x->psk_identity : "None") <= 0) goto err;
+	if (BIO_puts(bp,"\n    PSK identity hint: ") <= 0) goto err;
+	if (BIO_printf(bp, "%s", x->psk_identity_hint ? x->psk_identity_hint : "None") <= 0) goto err;
+#endif
+#ifndef OPENSSL_NO_TLSEXT
+	if (x->tlsext_tick_lifetime_hint)
+		{
+		if (BIO_printf(bp,
+			"\n    TLS session ticket lifetime hint: %ld (seconds)",
+			x->tlsext_tick_lifetime_hint) <=0)
+			goto err;
+		}
+	if (x->tlsext_tick)
+		{
+		if (BIO_puts(bp, "\n    TLS session ticket:\n") <= 0) goto err;
+		if (BIO_dump_indent(bp, (char *)x->tlsext_tick, x->tlsext_ticklen, 4) <= 0)
+			goto err;
+		}
+#endif
+
+#ifndef OPENSSL_NO_COMP
 	if (x->compress_meth != 0)
 		{
-		SSL_COMP *comp;
+		SSL_COMP *comp = NULL;
 
-		ssl_cipher_get_evp(x,NULL,NULL,&comp);
+		ssl_cipher_get_evp(x,NULL,NULL,NULL,NULL,&comp);
 		if (comp == NULL)
 			{
-			if (BIO_printf(bp,"\n   Compression: %d",x->compress_meth) <= 0) goto err;
+			if (BIO_printf(bp,"\n    Compression: %d",x->compress_meth) <= 0) goto err;
 			}
 		else
 			{
-			if (BIO_printf(bp,"\n   Compression: %d (%s)", comp->id,comp->method->name) <= 0) goto err;
+			if (BIO_printf(bp,"\n    Compression: %d (%s)", comp->id,comp->method->name) <= 0) goto err;
 			}
 		}	
+#endif
 	if (x->time != 0L)
 		{
 		if (BIO_printf(bp, "\n    Start Time: %ld",x->time) <= 0) goto err;
diff --git a/ssl/ssltest.c b/ssl/ssltest.c
index e57a8e7540..abf214ad7f 100644
--- a/ssl/ssltest.c
+++ b/ssl/ssltest.c
@@ -113,6 +113,32 @@
  * ECC cipher suite support in OpenSSL originally developed by 
  * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
  */
+/* ====================================================================
+ * Copyright 2005 Nokia. All rights reserved.
+ *
+ * The portions of the attached software ("Contribution") is developed by
+ * Nokia Corporation and is licensed pursuant to the OpenSSL open source
+ * license.
+ *
+ * The Contribution, originally written by Mika Kousa and Pasi Eronen of
+ * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+ * support (see RFC 4279) to OpenSSL.
+ *
+ * No patent licenses or other rights except those expressly stated in
+ * the OpenSSL open source license shall be deemed granted or received
+ * expressly, by implication, estoppel, or otherwise.
+ *
+ * No assurances are provided by Nokia that the Contribution does not
+ * infringe the patent or other intellectual property rights of any third
+ * party or that the license provides you with all the necessary rights
+ * to make use of the Contribution.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+ * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+ * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+ * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+ * OTHERWISE.
+ */
 
 #define _BSD_SOURCE 1		/* Or gethostname won't be declared properly
 				   on Linux and GNU platforms. */
@@ -128,8 +154,11 @@
 #define USE_SOCKETS
 #include "e_os.h"
 
-#define _XOPEN_SOURCE 1		/* Or isascii won't be declared properly on
+#ifdef OPENSSL_SYS_VMS
+#define _XOPEN_SOURCE 500	/* Or isascii won't be declared properly on
 				   VMS (at least with DECompHP C).  */
+#endif
+
 #include <ctype.h>
 
 #include <openssl/bio.h>
@@ -143,9 +172,15 @@
 #endif
 #include <openssl/err.h>
 #include <openssl/rand.h>
+#ifndef OPENSSL_NO_RSA
 #include <openssl/rsa.h>
+#endif
+#ifndef OPENSSL_NO_DSA
 #include <openssl/dsa.h>
+#endif
+#ifndef OPENSSL_NO_DH
 #include <openssl/dh.h>
+#endif
 #include <openssl/bn.h>
 
 #define _XOPEN_SOURCE_EXTENDED	1 /* Or gethostname won't be declared properly
@@ -190,6 +225,7 @@ struct app_verify_arg
 	{
 	char *string;
 	int app_verify;
+	int allow_proxy_certs;
 	char *proxy_auth;
 	char *proxy_cond;
 	};
@@ -200,6 +236,16 @@ static DH *get_dh1024(void);
 static DH *get_dh1024dsa(void);
 #endif
 
+
+static char *psk_key=NULL; /* by default PSK is not used */
+#ifndef OPENSSL_NO_PSK
+static unsigned int psk_client_callback(SSL *ssl, const char *hint, char *identity,
+	unsigned int max_identity_len, unsigned char *psk,
+	unsigned int max_psk_len);
+static unsigned int psk_server_callback(SSL *ssl, const char *identity, unsigned char *psk,
+	unsigned int max_psk_len);
+#endif
+
 static BIO *bio_err=NULL;
 static BIO *bio_stdout=NULL;
 
@@ -217,12 +263,14 @@ static const char rnd_seed[] = "string to make the random number generator think
 
 int doit_biopair(SSL *s_ssl,SSL *c_ssl,long bytes,clock_t *s_time,clock_t *c_time);
 int doit(SSL *s_ssl,SSL *c_ssl,long bytes);
+static int do_test_cipherlist(void);
 static void sv_usage(void)
 	{
 	fprintf(stderr,"usage: ssltest [args ...]\n");
 	fprintf(stderr,"\n");
 	fprintf(stderr," -server_auth  - check server certificate\n");
 	fprintf(stderr," -client_auth  - do client authentication\n");
+	fprintf(stderr," -proxy        - allow proxy certificates\n");
 	fprintf(stderr," -proxy_auth <val> - set proxy policy rights\n");
 	fprintf(stderr," -proxy_cond <val> - experssion to test proxy policy rights\n");
 	fprintf(stderr," -v            - more output\n");
@@ -238,6 +286,9 @@ static void sv_usage(void)
 #ifndef OPENSSL_NO_ECDH
 	fprintf(stderr," -no_ecdhe     - disable ECDHE\n");
 #endif
+#ifndef OPENSSL_NO_PSK
+	fprintf(stderr," -psk arg      - PSK in hex (without 0x)\n");
+#endif
 #ifndef OPENSSL_NO_SSL2
 	fprintf(stderr," -ssl2         - use SSLv2\n");
 #endif
@@ -264,11 +315,12 @@ static void sv_usage(void)
 	               "                 Use \"openssl ecparam -list_curves\" for all names\n"  \
 	               "                 (default is sect163r2).\n");
 #endif
+	fprintf(stderr," -test_cipherlist - verifies the order of the ssl cipher lists\n");
 	}
 
 static void print_details(SSL *c_ssl, const char *prefix)
 	{
-	SSL_CIPHER *ciph;
+	const SSL_CIPHER *ciph;
 	X509 *cert;
 		
 	ciph=SSL_get_current_cipher(c_ssl);
@@ -373,6 +425,26 @@ static void lock_dbg_cb(int mode, int type, const char *file, int line)
 		}
 	}
 
+#ifdef TLSEXT_TYPE_opaque_prf_input
+struct cb_info_st { void *input; size_t len; int ret; };
+struct cb_info_st co1 = { "C", 1, 1 }; /* try to negotiate oqaque PRF input */
+struct cb_info_st co2 = { "C", 1, 2 }; /* insist on oqaque PRF input */
+struct cb_info_st so1 = { "S", 1, 1 }; /* try to negotiate oqaque PRF input */
+struct cb_info_st so2 = { "S", 1, 2 }; /* insist on oqaque PRF input */
+
+int opaque_prf_input_cb(SSL *ssl, void *peerinput, size_t len, void *arg_)
+	{
+	struct cb_info_st *arg = arg_;
+
+	if (arg == NULL)
+		return 1;
+	
+	if (!SSL_set_tlsext_opaque_prf_input(ssl, arg->input, arg->len))
+		return 0;
+	return arg->ret;
+	}
+#endif
+
 int main(int argc, char *argv[])
 	{
 	char *CApath=NULL,*CAfile=NULL;
@@ -383,15 +455,17 @@ int main(int argc, char *argv[])
 	int client_auth=0;
 	int server_auth=0,i;
 	struct app_verify_arg app_verify_arg =
-		{ APP_CALLBACK_STRING, 0, NULL, NULL };
+		{ APP_CALLBACK_STRING, 0, 0, NULL, NULL };
 	char *server_cert=TEST_SERVER_CERT;
 	char *server_key=NULL;
 	char *client_cert=TEST_CLIENT_CERT;
 	char *client_key=NULL;
+#ifndef OPENSSL_NO_ECDH
 	char *named_curve = NULL;
+#endif
 	SSL_CTX *s_ctx=NULL;
 	SSL_CTX *c_ctx=NULL;
-	SSL_METHOD *meth=NULL;
+	const SSL_METHOD *meth=NULL;
 	SSL *c_ssl,*s_ssl;
 	int number=1,reuse=0;
 	long bytes=256L;
@@ -404,17 +478,21 @@ int main(int argc, char *argv[])
 #endif
 	int no_dhe = 0;
 	int no_ecdhe = 0;
+	int no_psk = 0;
 	int print_time = 0;
 	clock_t s_time = 0, c_time = 0;
 	int comp = 0;
+#ifndef OPENSSL_NO_COMP
 	COMP_METHOD *cm = NULL;
+#endif
 	STACK_OF(SSL_COMP) *ssl_comp_methods = NULL;
+	int test_cipherlist = 0;
 
 	verbose = 0;
 	debug = 0;
 	cipher = 0;
 
-	bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);	
+	bio_err=BIO_new_fp(stderr,BIO_NOCLOSE|BIO_FP_TEXT);	
 
 	CRYPTO_set_locking_callback(lock_dbg_cb);
 
@@ -433,7 +511,7 @@ int main(int argc, char *argv[])
 
 	RAND_seed(rnd_seed, sizeof rnd_seed);
 
-	bio_stdout=BIO_new_fp(stdout,BIO_NOCLOSE);
+	bio_stdout=BIO_new_fp(stdout,BIO_NOCLOSE|BIO_FP_TEXT);
 
 	argc--;
 	argv++;
@@ -480,6 +558,20 @@ int main(int argc, char *argv[])
 			no_dhe=1;
 		else if	(strcmp(*argv,"-no_ecdhe") == 0)
 			no_ecdhe=1;
+		else if (strcmp(*argv,"-psk") == 0)
+			{
+			if (--argc < 1) goto bad;
+			psk_key=*(++argv);
+#ifndef OPENSSL_NO_PSK
+			if (strspn(psk_key, "abcdefABCDEF1234567890") != strlen(psk_key))
+				{
+				BIO_printf(bio_err,"Not a hex number '%s'\n",*argv);
+				goto bad;
+				}
+#else
+			no_psk=1;
+#endif
+			}
 		else if	(strcmp(*argv,"-ssl2") == 0)
 			ssl2=1;
 		else if	(strcmp(*argv,"-tls1") == 0)
@@ -580,6 +672,14 @@ int main(int argc, char *argv[])
 			{
 			app_verify_arg.app_verify = 1;
 			}
+		else if	(strcmp(*argv,"-proxy") == 0)
+			{
+			app_verify_arg.allow_proxy_certs = 1;
+			}
+		else if (strcmp(*argv,"-test_cipherlist") == 0)
+			{
+			test_cipherlist = 1;
+			}
 		else
 			{
 			fprintf(stderr,"unknown option %s\n",*argv);
@@ -596,6 +696,15 @@ bad:
 		goto end;
 		}
 
+	if (test_cipherlist == 1)
+		{
+		/* ensure that the cipher list are correctly sorted and exit */
+		if (do_test_cipherlist() == 0)
+			EXIT(1);
+		ret = 0;
+		goto end;
+		}
+
 	if (!ssl2 && !ssl3 && !tls1 && number > 1 && !reuse && !force)
 		{
 		fprintf(stderr, "This case cannot work.  Use -f to perform "
@@ -621,6 +730,7 @@ bad:
 	SSL_library_init();
 	SSL_load_error_strings();
 
+#ifndef OPENSSL_NO_COMP
 	if (comp == COMP_ZLIB) cm = COMP_zlib();
 	if (comp == COMP_RLE) cm = COMP_rle();
 	if (cm != NULL)
@@ -657,6 +767,7 @@ bad:
 			fprintf(stderr, "  %d: %s\n", c->id, c->name);
 			}
 	}
+#endif
 
 #if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
 	if (ssl2)
@@ -714,36 +825,30 @@ bad:
 #ifndef OPENSSL_NO_ECDH
 	if (!no_ecdhe)
 		{
-		ecdh = EC_KEY_new();
-		if (ecdh != NULL)
-			{
-			if (named_curve)
-				{
-				int nid = OBJ_sn2nid(named_curve);
+		int nid;
 
-				if (nid == 0)
-					{
-					BIO_printf(bio_err, "unknown curve name (%s)\n", named_curve);
-					EC_KEY_free(ecdh);
-					goto end;
-					}
-
-				ecdh->group = EC_GROUP_new_by_nid(nid);
-				if (ecdh->group == NULL)
-					{
-					BIO_printf(bio_err, "unable to create curve (%s)\n", named_curve);
-					EC_KEY_free(ecdh);
-					goto end;
-					}
+		if (named_curve != NULL)
+			{
+			nid = OBJ_sn2nid(named_curve);
+			if (nid == 0)
+			{
+				BIO_printf(bio_err, "unknown curve name (%s)\n", named_curve);
+				goto end;
 				}
-			
-			if (ecdh->group == NULL)
-				ecdh->group=EC_GROUP_new_by_nid(NID_sect163r2);
+			}
+		else
+			nid = NID_sect163r2;
 
-			SSL_CTX_set_tmp_ecdh(s_ctx, ecdh);
-			SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_ECDH_USE);
-			EC_KEY_free(ecdh);
+		ecdh = EC_KEY_new_by_curve_name(nid);
+		if (ecdh == NULL)
+			{
+			BIO_printf(bio_err, "unable to create curve\n");
+			goto end;
 			}
+
+		SSL_CTX_set_tmp_ecdh(s_ctx, ecdh);
+		SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_ECDH_USE);
+		EC_KEY_free(ecdh);
 		}
 #else
 	(void)no_ecdhe;
@@ -753,6 +858,13 @@ bad:
 	SSL_CTX_set_tmp_rsa_callback(s_ctx,tmp_rsa_cb);
 #endif
 
+#ifdef TLSEXT_TYPE_opaque_prf_input
+	SSL_CTX_set_tlsext_opaque_prf_input_callback(c_ctx, opaque_prf_input_cb);
+	SSL_CTX_set_tlsext_opaque_prf_input_callback(s_ctx, opaque_prf_input_cb);
+	SSL_CTX_set_tlsext_opaque_prf_input_callback_arg(c_ctx, &co1); /* or &co2 or NULL */
+	SSL_CTX_set_tlsext_opaque_prf_input_callback_arg(s_ctx, &so1); /* or &so2 or NULL */
+#endif
+
 	if (!SSL_CTX_use_certificate_file(s_ctx,server_cert,SSL_FILETYPE_PEM))
 		{
 		ERR_print_errors(bio_err);
@@ -804,6 +916,31 @@ bad:
 		SSL_CTX_set_session_id_context(s_ctx, (void *)&session_id_context, sizeof session_id_context);
 	}
 
+	/* Use PSK only if PSK key is given */
+	if (psk_key != NULL)
+		{
+		/* no_psk is used to avoid putting psk command to openssl tool */
+		if (no_psk)
+			{
+			/* if PSK is not compiled in and psk key is
+			 * given, do nothing and exit successfully */
+			ret=0;
+			goto end;
+			}
+#ifndef OPENSSL_NO_PSK
+		SSL_CTX_set_psk_client_callback(c_ctx, psk_client_callback);
+		SSL_CTX_set_psk_server_callback(s_ctx, psk_server_callback);
+		if (debug)
+			BIO_printf(bio_err,"setting PSK identity hint to s_ctx\n");
+		if (!SSL_CTX_use_psk_identity_hint(s_ctx, "ctx server identity_hint"))
+			{
+			BIO_printf(bio_err,"error setting PSK identity hint to s_ctx\n");
+			ERR_print_errors(bio_err);
+			goto end;
+			}
+#endif
+		}
+
 	c_ssl=SSL_new(c_ctx);
 	s_ssl=SSL_new(s_ctx);
 
@@ -880,11 +1017,12 @@ end:
 #endif
 	CRYPTO_cleanup_all_ex_data();
 	ERR_free_strings();
-	ERR_remove_state(0);
+	ERR_remove_thread_state(NULL);
 	EVP_cleanup();
 	CRYPTO_mem_leaks(bio_err);
 	if (bio_err != NULL) BIO_free(bio_err);
 	EXIT(ret);
+	return ret;
 	}
 
 int doit_biopair(SSL *s_ssl, SSL *c_ssl, long count,
@@ -1606,17 +1744,22 @@ static int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx)
 			fprintf(stderr,"depth=%d %s\n",
 				ctx->error_depth,buf);
 		else
+			{
 			fprintf(stderr,"depth=%d error=%d %s\n",
 				ctx->error_depth,ctx->error,buf);
+			}
 		}
 
 	if (ok == 0)
 		{
+		fprintf(stderr,"Error string: %s\n",
+			X509_verify_cert_error_string(ctx->error));
 		switch (ctx->error)
 			{
 		case X509_V_ERR_CERT_NOT_YET_VALID:
 		case X509_V_ERR_CERT_HAS_EXPIRED:
 		case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
+			fprintf(stderr,"  ... ignored.\n");
 			ok=1;
 			}
 		}
@@ -1689,7 +1832,7 @@ static int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx)
 					fprintf(stderr, "  Certificate proxy rights = %*.*s", i, i, s);
 					while(i-- > 0)
 						{
-						char c = *s++;
+						int c = *s++;
 						if (isascii(c) && isalpha(c))
 							{
 							if (islower(c))
@@ -1750,11 +1893,11 @@ static int process_proxy_cond_adders(unsigned int letters[26],
 static int process_proxy_cond_val(unsigned int letters[26],
 	const char *cond, const char **cond_end, int *pos, int indent)
 	{
-	char c;
+	int c;
 	int ok = 1;
 	int negate = 0;
 
-	while(isspace(*cond))
+	while(isspace((int)*cond))
 		{
 		cond++; (*pos)++;
 		}
@@ -1769,7 +1912,7 @@ static int process_proxy_cond_val(unsigned int letters[26],
 		{
 		negate = !negate;
 		cond++; (*pos)++;
-		while(isspace(*cond))
+		while(isspace((int)*cond))
 			{
 			cond++; (*pos)++;
 			}
@@ -1784,7 +1927,7 @@ static int process_proxy_cond_val(unsigned int letters[26],
 		cond = *cond_end;
 		if (ok < 0)
 			goto end;
-		while(isspace(*cond))
+		while(isspace((int)*cond))
 			{
 			cond++; (*pos)++;
 			}
@@ -1844,7 +1987,7 @@ static int process_proxy_cond_multipliers(unsigned int letters[26],
 
 	while(ok >= 0)
 		{
-		while(isspace(*cond))
+		while(isspace((int)*cond))
 			{
 			cond++; (*pos)++;
 			}
@@ -1911,7 +2054,7 @@ static int process_proxy_cond_adders(unsigned int letters[26],
 
 	while(ok >= 0)
 		{
-		while(isspace(*cond))
+		while(isspace((int)*cond))
 			{
 			cond++; (*pos)++;
 			}
@@ -1975,8 +2118,8 @@ static int MS_CALLBACK app_verify_callback(X509_STORE_CTX *ctx, void *arg)
 
 		fprintf(stderr, "In app_verify_callback, allowing cert. ");
 		fprintf(stderr, "Arg is: %s\n", cb_arg->string);
-		fprintf(stderr, "Finished printing do we have a context? 0x%x a cert? 0x%x\n",
-			(unsigned int)ctx, (unsigned int)ctx->cert);
+		fprintf(stderr, "Finished printing do we have a context? 0x%p a cert? 0x%p\n",
+			(void *)ctx, (void *)ctx->cert);
 		if (ctx->cert)
 			s=X509_NAME_oneline(X509_get_subject_name(ctx->cert),buf,256);
 		if (s != NULL)
@@ -1994,7 +2137,7 @@ static int MS_CALLBACK app_verify_callback(X509_STORE_CTX *ctx, void *arg)
 			letters[i] = 0;
 		for(sp = cb_arg->proxy_auth; *sp; sp++)
 			{
-			char c = *sp;
+			int c = *sp;
 			if (isascii(c) && isalpha(c))
 				{
 				if (islower(c))
@@ -2018,6 +2161,10 @@ static int MS_CALLBACK app_verify_callback(X509_STORE_CTX *ctx, void *arg)
 		X509_STORE_CTX_set_ex_data(ctx,
 			get_proxy_auth_ex_data_idx(),letters);
 		}
+	if (cb_arg->allow_proxy_certs)
+		{
+		X509_STORE_CTX_set_flags(ctx, X509_V_FLAG_ALLOW_PROXY_CERTS);
+		}
 
 #ifndef OPENSSL_NO_X509_VERIFY
 # ifdef OPENSSL_FIPS
@@ -2033,7 +2180,7 @@ static int MS_CALLBACK app_verify_callback(X509_STORE_CTX *ctx, void *arg)
 
 	if (cb_arg->proxy_auth)
 		{
-		if (ok)
+		if (ok > 0)
 			{
 			const char *cond_end = NULL;
 
@@ -2196,3 +2343,123 @@ static DH *get_dh1024dsa()
 	return(dh);
 	}
 #endif
+
+#ifndef OPENSSL_NO_PSK
+/* convert the PSK key (psk_key) in ascii to binary (psk) */
+static int psk_key2bn(const char *pskkey, unsigned char *psk,
+	unsigned int max_psk_len)
+	{
+	int ret;
+	BIGNUM *bn = NULL;
+
+	ret = BN_hex2bn(&bn, pskkey);
+	if (!ret)
+		{
+		BIO_printf(bio_err,"Could not convert PSK key '%s' to BIGNUM\n", pskkey); 
+		if (bn)
+			BN_free(bn);
+		return 0;
+		}
+	if (BN_num_bytes(bn) > (int)max_psk_len)
+		{
+		BIO_printf(bio_err,"psk buffer of callback is too small (%d) for key (%d)\n",
+			max_psk_len, BN_num_bytes(bn));
+		BN_free(bn);
+		return 0;
+		}
+	ret = BN_bn2bin(bn, psk);
+	BN_free(bn);
+	return ret;
+	}
+
+static unsigned int psk_client_callback(SSL *ssl, const char *hint, char *identity,
+	unsigned int max_identity_len, unsigned char *psk,
+	unsigned int max_psk_len)
+	{
+	int ret;
+	unsigned int psk_len = 0;
+
+	ret = BIO_snprintf(identity, max_identity_len, "Client_identity");
+	if (ret < 0)
+		goto out_err;
+	if (debug)
+		fprintf(stderr, "client: created identity '%s' len=%d\n", identity, ret);
+	ret = psk_key2bn(psk_key, psk, max_psk_len);
+	if (ret < 0)
+		goto out_err;
+	psk_len = ret;
+out_err:
+	return psk_len;
+	}
+
+static unsigned int psk_server_callback(SSL *ssl, const char *identity,
+	unsigned char *psk, unsigned int max_psk_len)
+	{
+	unsigned int psk_len=0;
+
+	if (strcmp(identity, "Client_identity") != 0)
+		{
+		BIO_printf(bio_err, "server: PSK error: client identity not found\n");
+		return 0;
+		}
+	psk_len=psk_key2bn(psk_key, psk, max_psk_len);
+	return psk_len;
+	}
+#endif
+
+static int do_test_cipherlist(void)
+	{
+	int i = 0;
+	const SSL_METHOD *meth;
+	const SSL_CIPHER *ci, *tci = NULL;
+
+#ifndef OPENSSL_NO_SSL2
+	fprintf(stderr, "testing SSLv2 cipher list order: ");
+	meth = SSLv2_method();
+	while ((ci = meth->get_cipher(i++)) != NULL)
+		{
+		if (tci != NULL)
+			if (ci->id >= tci->id)
+				{
+				fprintf(stderr, "failed %lx vs. %lx\n", ci->id, tci->id);
+				return 0;
+				}
+		tci = ci;
+		}
+	fprintf(stderr, "ok\n");
+#endif
+#ifndef OPENSSL_NO_SSL3
+	fprintf(stderr, "testing SSLv3 cipher list order: ");
+	meth = SSLv3_method();
+	tci = NULL;
+	while ((ci = meth->get_cipher(i++)) != NULL)
+		{
+		if (tci != NULL)
+			if (ci->id >= tci->id)
+				{
+				fprintf(stderr, "failed %lx vs. %lx\n", ci->id, tci->id);
+				return 0;
+				}
+		tci = ci;
+		}
+	fprintf(stderr, "ok\n");
+#endif
+#ifndef OPENSSL_NO_TLS1
+	fprintf(stderr, "testing TLSv1 cipher list order: ");
+	meth = TLSv1_method();
+	tci = NULL;
+	while ((ci = meth->get_cipher(i++)) != NULL)
+		{
+		if (tci != NULL)
+			if (ci->id >= tci->id)
+				{
+				fprintf(stderr, "failed %lx vs. %lx\n", ci->id, tci->id);
+				return 0;
+				}
+		tci = ci;
+		}
+	fprintf(stderr, "ok\n");
+#endif
+
+	return 1;
+	}
diff --git a/ssl/t1_clnt.c b/ssl/t1_clnt.c
index 57205fb429..b06bada6f2 100644
--- a/ssl/t1_clnt.c
+++ b/ssl/t1_clnt.c
@@ -63,35 +63,23 @@
 #include <openssl/objects.h>
 #include <openssl/evp.h>
 
-static SSL_METHOD *tls1_get_client_method(int ver);
-static SSL_METHOD *tls1_get_client_method(int ver)
+static const SSL_METHOD *tls1_get_client_method(int ver);
+static const SSL_METHOD *tls1_get_client_method(int ver)
 	{
+	if (ver == TLS1_1_VERSION)
+		return TLSv1_1_client_method();
 	if (ver == TLS1_VERSION)
-		return(TLSv1_client_method());
-	else
-		return(NULL);
+		return TLSv1_client_method();
+	return NULL;
 	}
 
-SSL_METHOD *TLSv1_client_method(void)
-	{
-	static int init=1;
-	static SSL_METHOD TLSv1_client_data;
-
-	if (init)
-		{
-		CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
+IMPLEMENT_tls_meth_func(TLS1_1_VERSION, TLSv1_1_client_method,
+			ssl_undefined_function,
+			ssl3_connect,
+			tls1_get_client_method)
 
-		if (init)
-			{
-			memcpy((char *)&TLSv1_client_data,(char *)tlsv1_base_method(),
-				sizeof(SSL_METHOD));
-			TLSv1_client_data.ssl_connect=ssl3_connect;
-			TLSv1_client_data.get_ssl_method=tls1_get_client_method;
-			init=0;
-			}
-		
-		CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
-		}
-	return(&TLSv1_client_data);
-	}
+IMPLEMENT_tls_meth_func(TLS1_VERSION, TLSv1_client_method,
+			ssl_undefined_function,
+			ssl3_connect,
+			tls1_get_client_method)
 
diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c
index bfcd7d9191..028f6493d1 100644
--- a/ssl/t1_enc.c
+++ b/ssl/t1_enc.c
@@ -56,7 +56,7 @@
  * [including the GNU Public Licence.]
  */
 /* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1998-2007 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -108,16 +108,54 @@
  * Hudson (tjh@cryptsoft.com).
  *
  */
+/* ====================================================================
+ * Copyright 2005 Nokia. All rights reserved.
+ *
+ * The portions of the attached software ("Contribution") is developed by
+ * Nokia Corporation and is licensed pursuant to the OpenSSL open source
+ * license.
+ *
+ * The Contribution, originally written by Mika Kousa and Pasi Eronen of
+ * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+ * support (see RFC 4279) to OpenSSL.
+ *
+ * No patent licenses or other rights except those expressly stated in
+ * the OpenSSL open source license shall be deemed granted or received
+ * expressly, by implication, estoppel, or otherwise.
+ *
+ * No assurances are provided by Nokia that the Contribution does not
+ * infringe the patent or other intellectual property rights of any third
+ * party or that the license provides you with all the necessary rights
+ * to make use of the Contribution.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+ * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+ * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+ * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+ * OTHERWISE.
+ */
 
 #include <stdio.h>
 #include "ssl_locl.h"
+#ifndef OPENSSL_NO_COMP
 #include <openssl/comp.h>
+#endif
 #include <openssl/evp.h>
 #include <openssl/hmac.h>
 #include <openssl/md5.h>
+#include <openssl/rand.h>
+#ifdef KSSL_DEBUG
+#include <openssl/des.h>
+#endif
 
+/* seed1 through seed5 are virtually concatenated */
 static void tls1_P_hash(const EVP_MD *md, const unsigned char *sec,
-			int sec_len, unsigned char *seed, int seed_len,
+			int sec_len,
+			const void *seed1, int seed1_len,
+			const void *seed2, int seed2_len,
+			const void *seed3, int seed3_len,
+			const void *seed4, int seed4_len,
+			const void *seed5, int seed5_len,
 			unsigned char *out, int olen)
 	{
 	int chunk,n;
@@ -128,12 +166,17 @@ static void tls1_P_hash(const EVP_MD *md, const unsigned char *sec,
 	unsigned int A1_len;
 	
 	chunk=EVP_MD_size(md);
+	OPENSSL_assert(chunk >= 0);
 
 	HMAC_CTX_init(&ctx);
 	HMAC_CTX_init(&ctx_tmp);
 	HMAC_Init_ex(&ctx,sec,sec_len,md, NULL);
 	HMAC_Init_ex(&ctx_tmp,sec,sec_len,md, NULL);
-	HMAC_Update(&ctx,seed,seed_len);
+	if (seed1 != NULL) HMAC_Update(&ctx,seed1,seed1_len);
+	if (seed2 != NULL) HMAC_Update(&ctx,seed2,seed2_len);
+	if (seed3 != NULL) HMAC_Update(&ctx,seed3,seed3_len);
+	if (seed4 != NULL) HMAC_Update(&ctx,seed4,seed4_len);
+	if (seed5 != NULL) HMAC_Update(&ctx,seed5,seed5_len);
 	HMAC_Final(&ctx,A1,&A1_len);
 
 	n=0;
@@ -143,7 +186,11 @@ static void tls1_P_hash(const EVP_MD *md, const unsigned char *sec,
 		HMAC_Init_ex(&ctx_tmp,NULL,0,NULL,NULL); /* re-init */
 		HMAC_Update(&ctx,A1,A1_len);
 		HMAC_Update(&ctx_tmp,A1,A1_len);
-		HMAC_Update(&ctx,seed,seed_len);
+		if (seed1 != NULL) HMAC_Update(&ctx,seed1,seed1_len);
+		if (seed2 != NULL) HMAC_Update(&ctx,seed2,seed2_len);
+		if (seed3 != NULL) HMAC_Update(&ctx,seed3,seed3_len);
+		if (seed4 != NULL) HMAC_Update(&ctx,seed4,seed4_len);
+		if (seed5 != NULL) HMAC_Update(&ctx,seed5,seed5_len);
 
 		if (olen > chunk)
 			{
@@ -164,44 +211,57 @@ static void tls1_P_hash(const EVP_MD *md, const unsigned char *sec,
 	OPENSSL_cleanse(A1,sizeof(A1));
 	}
 
-static void tls1_PRF(const EVP_MD *md5, const EVP_MD *sha1,
-		     unsigned char *label, int label_len,
-		     const unsigned char *sec, int slen, unsigned char *out1,
+/* seed1 through seed5 are virtually concatenated */
+static void tls1_PRF(long digest_mask,
+		     const void *seed1, int seed1_len,
+		     const void *seed2, int seed2_len,
+		     const void *seed3, int seed3_len,
+		     const void *seed4, int seed4_len,
+		     const void *seed5, int seed5_len,
+		     const unsigned char *sec, int slen,
+		     unsigned char *out1,
 		     unsigned char *out2, int olen)
 	{
-	int len,i;
-	const unsigned char *S1,*S2;
-
-	len=slen/2;
+	int len,i,idx,count;
+	const unsigned char *S1;
+	long m;
+	const EVP_MD *md;
+
+	/* Count number of digests and partition sec evenly */
+	count=0;
+	for (idx=0;ssl_get_handshake_digest(idx,&m,&md);idx++) {
+		if ((m<<TLS1_PRF_DGST_SHIFT) & digest_mask) count++;
+	}	
+	len=slen/count;
 	S1=sec;
-	S2= &(sec[len]);
-	len+=(slen&1); /* add for odd, make longer */
-
-	
-	tls1_P_hash(md5 ,S1,len,label,label_len,out1,olen);
-	tls1_P_hash(sha1,S2,len,label,label_len,out2,olen);
-
-	for (i=0; i<olen; i++)
-		out1[i]^=out2[i];
+	memset(out1,0,olen);
+	for (idx=0;ssl_get_handshake_digest(idx,&m,&md);idx++) {
+		if ((m<<TLS1_PRF_DGST_SHIFT) & digest_mask) {
+			if (!md) {
+				SSLerr(SSL_F_TLS1_PRF,
+				SSL_R_UNSUPPORTED_DIGEST_TYPE);
+				return;				
+			}
+			tls1_P_hash(md ,S1,len+(slen&1),
+			            seed1,seed1_len,seed2,seed2_len,seed3,seed3_len,seed4,seed4_len,seed5,seed5_len,
+			            out2,olen);
+			S1+=len;
+			for (i=0; i<olen; i++)
+			{
+				out1[i]^=out2[i];
+			}
+		}
 	}
 
+}
 static void tls1_generate_key_block(SSL *s, unsigned char *km,
 	     unsigned char *tmp, int num)
 	{
-	unsigned char *p;
-	unsigned char buf[SSL3_RANDOM_SIZE*2+
-		TLS_MD_MAX_CONST_SIZE];
-	p=buf;
-
-	memcpy(p,TLS_MD_KEY_EXPANSION_CONST,
-		TLS_MD_KEY_EXPANSION_CONST_SIZE);
-	p+=TLS_MD_KEY_EXPANSION_CONST_SIZE;
-	memcpy(p,s->s3->server_random,SSL3_RANDOM_SIZE);
-	p+=SSL3_RANDOM_SIZE;
-	memcpy(p,s->s3->client_random,SSL3_RANDOM_SIZE);
-	p+=SSL3_RANDOM_SIZE;
-
-	tls1_PRF(s->ctx->md5,s->ctx->sha1,buf,(int)(p-buf),
+	tls1_PRF(s->s3->tmp.new_cipher->algorithm2,
+		 TLS_MD_KEY_EXPANSION_CONST,TLS_MD_KEY_EXPANSION_CONST_SIZE,
+		 s->s3->server_random,SSL3_RANDOM_SIZE,
+		 s->s3->client_random,SSL3_RANDOM_SIZE,
+		 NULL,0,NULL,0,
 		 s->session->master_key,s->session->master_key_length,
 		 km,tmp,num);
 #ifdef KSSL_DEBUG
@@ -221,8 +281,7 @@ int tls1_change_cipher_state(SSL *s, int which)
 	{
 	static const unsigned char empty[]="";
 	unsigned char *p,*key_block,*mac_secret;
-	unsigned char *exp_label,buf[TLS_MD_MAX_CONST_SIZE+
-		SSL3_RANDOM_SIZE*2];
+	unsigned char *exp_label;
 	unsigned char tmp1[EVP_MAX_KEY_LENGTH];
 	unsigned char tmp2[EVP_MAX_KEY_LENGTH];
 	unsigned char iv1[EVP_MAX_IV_LENGTH*2];
@@ -231,21 +290,32 @@ int tls1_change_cipher_state(SSL *s, int which)
 	int client_write;
 	EVP_CIPHER_CTX *dd;
 	const EVP_CIPHER *c;
+#ifndef OPENSSL_NO_COMP
 	const SSL_COMP *comp;
+#endif
 	const EVP_MD *m;
+	int mac_type;
+	int *mac_secret_size;
+	EVP_MD_CTX *mac_ctx;
+	EVP_PKEY *mac_key;
 	int is_export,n,i,j,k,exp_label_len,cl;
 	int reuse_dd = 0;
 
 	is_export=SSL_C_IS_EXPORT(s->s3->tmp.new_cipher);
 	c=s->s3->tmp.new_sym_enc;
 	m=s->s3->tmp.new_hash;
+	mac_type = s->s3->tmp.new_mac_pkey_type;
+#ifndef OPENSSL_NO_COMP
 	comp=s->s3->tmp.new_compression;
+#endif
 	key_block=s->s3->tmp.key_block;
 
 #ifdef KSSL_DEBUG
 	printf("tls1_change_cipher_state(which= %d) w/\n", which);
-	printf("\talg= %ld, comp= %p\n", s->s3->tmp.new_cipher->algorithms,
-                comp);
+	printf("\talg= %ld/%ld, comp= %p\n",
+	       s->s3->tmp.new_cipher->algorithm_mkey,
+	       s->s3->tmp.new_cipher->algorithm_auth,
+	       comp);
 	printf("\tevp_cipher == %p ==? &d_cbc_ede_cipher3\n", c);
 	printf("\tevp_cipher: nid, blksz= %d, %d, keylen=%d, ivlen=%d\n",
                 c->nid,c->block_size,c->key_len,c->iv_len);
@@ -259,12 +329,21 @@ int tls1_change_cipher_state(SSL *s, int which)
 
 	if (which & SSL3_CC_READ)
 		{
+		if (s->s3->tmp.new_cipher->algorithm2 & TLS1_STREAM_MAC)
+			s->mac_flags |= SSL_MAC_FLAG_READ_MAC_STREAM;
+			else
+			s->mac_flags &= ~SSL_MAC_FLAG_READ_MAC_STREAM;
+
 		if (s->enc_read_ctx != NULL)
 			reuse_dd = 1;
 		else if ((s->enc_read_ctx=OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL)
 			goto err;
+		else
+			/* make sure it's intialized in case we exit later with an error */
+			EVP_CIPHER_CTX_init(s->enc_read_ctx);
 		dd= s->enc_read_ctx;
-		s->read_hash=m;
+		mac_ctx=ssl_replace_hash(&s->read_hash,NULL);
+#ifndef OPENSSL_NO_COMP
 		if (s->expand != NULL)
 			{
 			COMP_CTX_free(s->expand);
@@ -284,21 +363,29 @@ int tls1_change_cipher_state(SSL *s, int which)
 			if (s->s3->rrec.comp == NULL)
 				goto err;
 			}
-		memset(&(s->s3->read_sequence[0]),0,8);
+#endif
+		/* this is done by dtls1_reset_seq_numbers for DTLS1_VERSION */
+ 		if (s->version != DTLS1_VERSION)
+			memset(&(s->s3->read_sequence[0]),0,8);
 		mac_secret= &(s->s3->read_mac_secret[0]);
+		mac_secret_size=&(s->s3->read_mac_secret_size);
 		}
 	else
 		{
+		if (s->s3->tmp.new_cipher->algorithm2 & TLS1_STREAM_MAC)
+			s->mac_flags |= SSL_MAC_FLAG_WRITE_MAC_STREAM;
+			else
+			s->mac_flags &= ~SSL_MAC_FLAG_WRITE_MAC_STREAM;
 		if (s->enc_write_ctx != NULL)
 			reuse_dd = 1;
 		else if ((s->enc_write_ctx=OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL)
 			goto err;
-		if ((s->enc_write_ctx == NULL) &&
-			((s->enc_write_ctx=(EVP_CIPHER_CTX *)
-			OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL))
-			goto err;
+		else
+			/* make sure it's intialized in case we exit later with an error */
+			EVP_CIPHER_CTX_init(s->enc_write_ctx);
 		dd= s->enc_write_ctx;
-		s->write_hash=m;
+		mac_ctx = ssl_replace_hash(&s->write_hash,NULL);
+#ifndef OPENSSL_NO_COMP
 		if (s->compress != NULL)
 			{
 			COMP_CTX_free(s->compress);
@@ -313,16 +400,20 @@ int tls1_change_cipher_state(SSL *s, int which)
 				goto err2;
 				}
 			}
-		memset(&(s->s3->write_sequence[0]),0,8);
+#endif
+		/* this is done by dtls1_reset_seq_numbers for DTLS1_VERSION */
+ 		if (s->version != DTLS1_VERSION)
+			memset(&(s->s3->write_sequence[0]),0,8);
 		mac_secret= &(s->s3->write_mac_secret[0]);
+		mac_secret_size = &(s->s3->write_mac_secret_size);
 		}
 
 	if (reuse_dd)
 		EVP_CIPHER_CTX_cleanup(dd);
-	EVP_CIPHER_CTX_init(dd);
 
 	p=s->s3->tmp.key_block;
-	i=EVP_MD_size(m);
+	i=*mac_secret_size=s->s3->tmp.new_mac_secret_size;
+
 	cl=EVP_CIPHER_key_length(c);
 	j=is_export ? (cl < SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher) ?
 	               cl : SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher)) : cl;
@@ -358,6 +449,10 @@ int tls1_change_cipher_state(SSL *s, int which)
 		}
 
 	memcpy(mac_secret,ms,i);
+	mac_key = EVP_PKEY_new_mac_key(mac_type, NULL,
+			mac_secret,*mac_secret_size);
+	EVP_DigestSignInit(mac_ctx,NULL,m,NULL,mac_key);
+	EVP_PKEY_free(mac_key);
 #ifdef TLS_DEBUG
 printf("which = %04X\nmac key=",which);
 { int z; for (z=0; z<i; z++) printf("%02X%c",ms[z],((z+1)%16)?' ':'\n'); }
@@ -367,29 +462,22 @@ printf("which = %04X\nmac key=",which);
 		/* In here I set both the read and write key/iv to the
 		 * same value since only the correct one will be used :-).
 		 */
-		p=buf;
-		memcpy(p,exp_label,exp_label_len);
-		p+=exp_label_len;
-		memcpy(p,s->s3->client_random,SSL3_RANDOM_SIZE);
-		p+=SSL3_RANDOM_SIZE;
-		memcpy(p,s->s3->server_random,SSL3_RANDOM_SIZE);
-		p+=SSL3_RANDOM_SIZE;
-		tls1_PRF(s->ctx->md5,s->ctx->sha1,buf,(int)(p-buf),key,j,
-			 tmp1,tmp2,EVP_CIPHER_key_length(c));
+		tls1_PRF(s->s3->tmp.new_cipher->algorithm2,
+			 exp_label,exp_label_len,
+			 s->s3->client_random,SSL3_RANDOM_SIZE,
+			 s->s3->server_random,SSL3_RANDOM_SIZE,
+			 NULL,0,NULL,0,
+			 key,j,tmp1,tmp2,EVP_CIPHER_key_length(c));
 		key=tmp1;
 
 		if (k > 0)
 			{
-			p=buf;
-			memcpy(p,TLS_MD_IV_BLOCK_CONST,
-				TLS_MD_IV_BLOCK_CONST_SIZE);
-			p+=TLS_MD_IV_BLOCK_CONST_SIZE;
-			memcpy(p,s->s3->client_random,SSL3_RANDOM_SIZE);
-			p+=SSL3_RANDOM_SIZE;
-			memcpy(p,s->s3->server_random,SSL3_RANDOM_SIZE);
-			p+=SSL3_RANDOM_SIZE;
-			tls1_PRF(s->ctx->md5,s->ctx->sha1,buf,p-buf,empty,0,
-				 iv1,iv2,k*2);
+			tls1_PRF(s->s3->tmp.new_cipher->algorithm2,
+				 TLS_MD_IV_BLOCK_CONST,TLS_MD_IV_BLOCK_CONST_SIZE,
+				 s->s3->client_random,SSL3_RANDOM_SIZE,
+				 s->s3->server_random,SSL3_RANDOM_SIZE,
+				 NULL,0,NULL,0,
+				 empty,0,iv1,iv2,k*2);
 			if (client_write)
 				iv=iv1;
 			else
@@ -436,6 +524,7 @@ int tls1_setup_key_block(SSL *s)
 	const EVP_MD *hash;
 	int num;
 	SSL_COMP *comp;
+	int mac_type= NID_undef,mac_secret_size=0;
 
 #ifdef KSSL_DEBUG
 	printf ("tls1_setup_key_block()\n");
@@ -444,7 +533,7 @@ int tls1_setup_key_block(SSL *s)
 	if (s->s3->tmp.key_block_length != 0)
 		return(1);
 
-	if (!ssl_cipher_get_evp(s->session,&c,&hash,&comp))
+	if (!ssl_cipher_get_evp(s->session,&c,&hash,&mac_type,&mac_secret_size,&comp))
 		{
 		SSLerr(SSL_F_TLS1_SETUP_KEY_BLOCK,SSL_R_CIPHER_OR_HASH_UNAVAILABLE);
 		return(0);
@@ -452,8 +541,9 @@ int tls1_setup_key_block(SSL *s)
 
 	s->s3->tmp.new_sym_enc=c;
 	s->s3->tmp.new_hash=hash;
-
-	num=EVP_CIPHER_key_length(c)+EVP_MD_size(hash)+EVP_CIPHER_iv_length(c);
+	s->s3->tmp.new_mac_pkey_type = mac_type;
+	s->s3->tmp.new_mac_secret_size = mac_secret_size;
+	num=EVP_CIPHER_key_length(c)+mac_secret_size+EVP_CIPHER_iv_length(c);
 	num*=2;
 
 	ssl3_cleanup_key_block(s);
@@ -492,11 +582,11 @@ printf("\nkey block\n");
 
 		if (s->session->cipher != NULL)
 			{
-			if ((s->session->cipher->algorithms & SSL_ENC_MASK) == SSL_eNULL)
+			if (s->session->cipher->algorithm_enc == SSL_eNULL)
 				s->s3->need_empty_fragments = 0;
 			
 #ifndef OPENSSL_NO_RC4
-			if ((s->session->cipher->algorithms & SSL_ENC_MASK) == SSL_RC4)
+			if (s->session->cipher->algorithm_enc == SSL_RC4)
 				s->s3->need_empty_fragments = 0;
 #endif
 			}
@@ -518,19 +608,45 @@ int tls1_enc(SSL *s, int send)
 
 	if (send)
 		{
-		if (s->write_hash != NULL)
-			n=EVP_MD_size(s->write_hash);
+		if (EVP_MD_CTX_md(s->write_hash))
+			{
+			n=EVP_MD_CTX_size(s->write_hash);
+			OPENSSL_assert(n >= 0);
+			}
 		ds=s->enc_write_ctx;
 		rec= &(s->s3->wrec);
 		if (s->enc_write_ctx == NULL)
 			enc=NULL;
 		else
+			{
+			int ivlen;
 			enc=EVP_CIPHER_CTX_cipher(s->enc_write_ctx);
+			/* For TLSv1.1 and later explicit IV */
+			if (s->version >= TLS1_1_VERSION)
+				ivlen = EVP_CIPHER_iv_length(enc);
+			else
+				ivlen = 0;
+			if (ivlen > 1)
+				{
+				if ( rec->data != rec->input)
+				/* we can't write into the input stream:
+				 * Can this ever happen?? (steve)
+				 */
+				fprintf(stderr,
+					"%s:%d: rec->data != rec->input\n",
+					__FILE__, __LINE__);
+				else if (RAND_bytes(rec->input, ivlen) <= 0)
+					return -1;
+				}
+			}
 		}
 	else
 		{
-		if (s->read_hash != NULL)
-			n=EVP_MD_size(s->read_hash);
+		if (EVP_MD_CTX_md(s->read_hash))
+			{
+			n=EVP_MD_CTX_size(s->read_hash);
+			OPENSSL_assert(n >= 0);
+			}
 		ds=s->enc_read_ctx;
 		rec= &(s->s3->rrec);
 		if (s->enc_read_ctx == NULL)
@@ -616,7 +732,15 @@ int tls1_enc(SSL *s, int send)
 			{
 			ii=i=rec->data[l-1]; /* padding_length */
 			i++;
-			if (s->options&SSL_OP_TLS_BLOCK_PADDING_BUG)
+			/* NB: if compression is in operation the first packet
+			 * may not be of even length so the padding bug check
+			 * cannot be performed. This bug workaround has been
+			 * around since SSLeay so hopefully it is either fixed
+			 * now or no buggy implementation supports compression 
+			 * [steve]
+			 */
+			if ( (s->options&SSL_OP_TLS_BLOCK_PADDING_BUG)
+				&& !s->expand)
 				{
 				/* First packet is even in size, so check */
 				if ((memcmp(s->s3->read_sequence,
@@ -643,61 +767,111 @@ int tls1_enc(SSL *s, int send)
 					return -1;
 					}
 				}
-			rec->length-=i;
+			rec->length -=i;
+			if (s->version >= TLS1_1_VERSION)
+				{
+				rec->data += bs;    /* skip the explicit IV */
+				rec->input += bs;
+				rec->length -= bs;
+				}
 			}
 		}
 	return(1);
 	}
-
-int tls1_cert_verify_mac(SSL *s, EVP_MD_CTX *in_ctx, unsigned char *out)
+int tls1_cert_verify_mac(SSL *s, int md_nid, unsigned char *out)
 	{
 	unsigned int ret;
-	EVP_MD_CTX ctx;
+	EVP_MD_CTX ctx, *d=NULL;
+	int i;
+
+	if (s->s3->handshake_buffer) 
+		if (!ssl3_digest_cached_records(s))
+			return 0;
+
+	for (i=0;i<SSL_MAX_DIGEST;i++) 
+		{
+		  if (s->s3->handshake_dgst[i]&&EVP_MD_CTX_type(s->s3->handshake_dgst[i])==md_nid) 
+		  	{
+		  	d=s->s3->handshake_dgst[i];
+			break;
+			}
+		}
+	if (!d) {
+		SSLerr(SSL_F_TLS1_CERT_VERIFY_MAC,SSL_R_NO_REQUIRED_DIGEST);
+		return 0;
+	}	
 
 	EVP_MD_CTX_init(&ctx);
-	EVP_MD_CTX_copy_ex(&ctx,in_ctx);
+	EVP_MD_CTX_copy_ex(&ctx,d);
 	EVP_DigestFinal_ex(&ctx,out,&ret);
 	EVP_MD_CTX_cleanup(&ctx);
 	return((int)ret);
 	}
 
-int tls1_final_finish_mac(SSL *s, EVP_MD_CTX *in1_ctx, EVP_MD_CTX *in2_ctx,
+int tls1_final_finish_mac(SSL *s,
 	     const char *str, int slen, unsigned char *out)
 	{
 	unsigned int i;
 	EVP_MD_CTX ctx;
-	unsigned char buf[TLS_MD_MAX_CONST_SIZE+MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH];
+	unsigned char buf[2*EVP_MAX_MD_SIZE];
 	unsigned char *q,buf2[12];
+	int idx;
+	long mask;
+	int err=0;
+	const EVP_MD *md; 
 
 	q=buf;
-	memcpy(q,str,slen);
-	q+=slen;
+
+	if (s->s3->handshake_buffer) 
+		if (!ssl3_digest_cached_records(s))
+			return 0;
 
 	EVP_MD_CTX_init(&ctx);
-	EVP_MD_CTX_copy_ex(&ctx,in1_ctx);
-	EVP_DigestFinal_ex(&ctx,q,&i);
-	q+=i;
-	EVP_MD_CTX_copy_ex(&ctx,in2_ctx);
-	EVP_DigestFinal_ex(&ctx,q,&i);
-	q+=i;
-
-	tls1_PRF(s->ctx->md5,s->ctx->sha1,buf,(int)(q-buf),
-		s->session->master_key,s->session->master_key_length,
-		out,buf2,sizeof buf2);
+
+	for (idx=0;ssl_get_handshake_digest(idx,&mask,&md);idx++)
+		{
+		if (mask & s->s3->tmp.new_cipher->algorithm2)
+			{
+			int hashsize = EVP_MD_size(md);
+			if (hashsize < 0 || hashsize > (int)(sizeof buf - (size_t)(q-buf)))
+				{
+				/* internal error: 'buf' is too small for this cipersuite! */
+				err = 1;
+				}
+			else
+				{
+				EVP_MD_CTX_copy_ex(&ctx,s->s3->handshake_dgst[idx]);
+				EVP_DigestFinal_ex(&ctx,q,&i);
+				if (i != (unsigned int)hashsize) /* can't really happen */
+					err = 1;
+				q+=i;
+				}
+			}
+		}
+		
+	tls1_PRF(s->s3->tmp.new_cipher->algorithm2,
+		 str,slen, buf,(int)(q-buf), NULL,0, NULL,0, NULL,0,
+		 s->session->master_key,s->session->master_key_length,
+		 out,buf2,sizeof buf2);
 	EVP_MD_CTX_cleanup(&ctx);
 
-	return sizeof buf2;
+	if (err)
+		return 0;
+	else
+		return sizeof buf2;
 	}
 
 int tls1_mac(SSL *ssl, unsigned char *md, int send)
 	{
 	SSL3_RECORD *rec;
 	unsigned char *mac_sec,*seq;
-	const EVP_MD *hash;
-	unsigned int md_size;
+	EVP_MD_CTX *hash;
+	size_t md_size;
 	int i;
-	HMAC_CTX hmac;
+	EVP_MD_CTX hmac, *mac_ctx;
 	unsigned char buf[5]; 
+	int stream_mac = (send?(ssl->mac_flags & SSL_MAC_FLAG_WRITE_MAC_STREAM):(ssl->mac_flags&SSL_MAC_FLAG_READ_MAC_STREAM));
+	int t;
 
 	if (send)
 		{
@@ -714,23 +888,45 @@ int tls1_mac(SSL *ssl, unsigned char *md, int send)
 		hash=ssl->read_hash;
 		}
 
-	md_size=EVP_MD_size(hash);
+	t=EVP_MD_CTX_size(hash);
+	OPENSSL_assert(t >= 0);
+	md_size=t;
 
 	buf[0]=rec->type;
-	buf[1]=TLS1_VERSION_MAJOR;
-	buf[2]=TLS1_VERSION_MINOR;
+	buf[1]=(unsigned char)(ssl->version>>8);
+	buf[2]=(unsigned char)(ssl->version);
 	buf[3]=rec->length>>8;
 	buf[4]=rec->length&0xff;
 
 	/* I should fix this up TLS TLS TLS TLS TLS XXXXXXXX */
-	HMAC_CTX_init(&hmac);
-	HMAC_Init_ex(&hmac,mac_sec,EVP_MD_size(hash),hash,NULL);
-	HMAC_Update(&hmac,seq,8);
-	HMAC_Update(&hmac,buf,5);
-	HMAC_Update(&hmac,rec->input,rec->length);
-	HMAC_Final(&hmac,md,&md_size);
-	HMAC_CTX_cleanup(&hmac);
+	if (stream_mac) 
+		{
+			mac_ctx = hash;
+		}
+		else
+		{
+			EVP_MD_CTX_copy(&hmac,hash);
+			mac_ctx = &hmac;
+		}
 
+	if (ssl->version == DTLS1_VERSION || ssl->version == DTLS1_BAD_VER)
+		{
+		unsigned char dtlsseq[8],*p=dtlsseq;
+
+		s2n(send?ssl->d1->w_epoch:ssl->d1->r_epoch, p);
+		memcpy (p,&seq[2],6);
+
+		EVP_DigestSignUpdate(mac_ctx,dtlsseq,8);
+		}
+	else
+		EVP_DigestSignUpdate(mac_ctx,seq,8);
+
+	EVP_DigestSignUpdate(mac_ctx,buf,5);
+	EVP_DigestSignUpdate(mac_ctx,rec->input,rec->length);
+	t=EVP_DigestSignFinal(mac_ctx,md,&md_size);
+	OPENSSL_assert(t > 0);
+		
+	if (!stream_mac) EVP_MD_CTX_cleanup(&hmac);
 #ifdef TLS_DEBUG
 printf("sec=");
 {unsigned int z; for (z=0; z<md_size; z++) printf("%02X ",mac_sec[z]); printf("\n"); }
@@ -742,10 +938,13 @@ printf("rec=");
 {unsigned int z; for (z=0; z<rec->length; z++) printf("%02X ",buf[z]); printf("\n"); }
 #endif
 
-	for (i=7; i>=0; i--)
+	if (ssl->version != DTLS1_VERSION && ssl->version != DTLS1_BAD_VER)
 		{
-		++seq[i];
-		if (seq[i] != 0) break; 
+		for (i=7; i>=0; i--)
+			{
+			++seq[i];
+			if (seq[i] != 0) break; 
+			}
 		}
 
 #ifdef TLS_DEBUG
@@ -757,23 +956,35 @@ printf("rec=");
 int tls1_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p,
 	     int len)
 	{
-	unsigned char buf[SSL3_RANDOM_SIZE*2+TLS_MD_MASTER_SECRET_CONST_SIZE];
 	unsigned char buff[SSL_MAX_MASTER_KEY_LENGTH];
+	const void *co = NULL, *so = NULL;
+	int col = 0, sol = 0;
 
 #ifdef KSSL_DEBUG
 	printf ("tls1_generate_master_secret(%p,%p, %p, %d)\n", s,out, p,len);
 #endif	/* KSSL_DEBUG */
 
-	/* Setup the stuff to munge */
-	memcpy(buf,TLS_MD_MASTER_SECRET_CONST,
-		TLS_MD_MASTER_SECRET_CONST_SIZE);
-	memcpy(&(buf[TLS_MD_MASTER_SECRET_CONST_SIZE]),
-		s->s3->client_random,SSL3_RANDOM_SIZE);
-	memcpy(&(buf[SSL3_RANDOM_SIZE+TLS_MD_MASTER_SECRET_CONST_SIZE]),
-		s->s3->server_random,SSL3_RANDOM_SIZE);
-	tls1_PRF(s->ctx->md5,s->ctx->sha1,
-		buf,TLS_MD_MASTER_SECRET_CONST_SIZE+SSL3_RANDOM_SIZE*2,p,len,
+#ifdef TLSEXT_TYPE_opaque_prf_input
+	if (s->s3->client_opaque_prf_input != NULL && s->s3->server_opaque_prf_input != NULL &&
+	    s->s3->client_opaque_prf_input_len > 0 &&
+	    s->s3->client_opaque_prf_input_len == s->s3->server_opaque_prf_input_len)
+		{
+		co = s->s3->client_opaque_prf_input;
+		col = s->s3->server_opaque_prf_input_len;
+		so = s->s3->server_opaque_prf_input;
+		sol = s->s3->client_opaque_prf_input_len; /* must be same as col (see draft-rescorla-tls-opaque-prf-input-00.txt, section 3.1) */
+		}
+#endif
+
+	tls1_PRF(s->s3->tmp.new_cipher->algorithm2,
+		TLS_MD_MASTER_SECRET_CONST,TLS_MD_MASTER_SECRET_CONST_SIZE,
+		s->s3->client_random,SSL3_RANDOM_SIZE,
+		co, col,
+		s->s3->server_random,SSL3_RANDOM_SIZE,
+		so, sol,
+		p,len,
 		s->session->master_key,buff,sizeof buff);
+
 #ifdef KSSL_DEBUG
 	printf ("tls1_generate_master_secret() complete\n");
 #endif	/* KSSL_DEBUG */
@@ -808,6 +1019,16 @@ int tls1_alert_code(int code)
 	case SSL_AD_INTERNAL_ERROR:	return(TLS1_AD_INTERNAL_ERROR);
 	case SSL_AD_USER_CANCELLED:	return(TLS1_AD_USER_CANCELLED);
 	case SSL_AD_NO_RENEGOTIATION:	return(TLS1_AD_NO_RENEGOTIATION);
+	case SSL_AD_UNSUPPORTED_EXTENSION: return(TLS1_AD_UNSUPPORTED_EXTENSION);
+	case SSL_AD_CERTIFICATE_UNOBTAINABLE: return(TLS1_AD_CERTIFICATE_UNOBTAINABLE);
+	case SSL_AD_UNRECOGNIZED_NAME:	return(TLS1_AD_UNRECOGNIZED_NAME);
+	case SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE: return(TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE);
+	case SSL_AD_BAD_CERTIFICATE_HASH_VALUE: return(TLS1_AD_BAD_CERTIFICATE_HASH_VALUE);
+	case SSL_AD_UNKNOWN_PSK_IDENTITY:return(TLS1_AD_UNKNOWN_PSK_IDENTITY);
+#if 0 /* not appropriate for TLS, not used for DTLS */
+	case DTLS1_AD_MISSING_HANDSHAKE_MESSAGE: return 
+					  (DTLS1_AD_MISSING_HANDSHAKE_MESSAGE);
+#endif
 	default:			return(-1);
 		}
 	}
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index ca6c03d5af..b50d2a52f6 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -55,16 +55,76 @@
  * copied and put under another distribution licence
  * [including the GNU Public Licence.]
  */
+/* ====================================================================
+ * Copyright (c) 1998-2007 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
 
 #include <stdio.h>
 #include <openssl/objects.h>
+#include <openssl/evp.h>
+#include <openssl/hmac.h>
+#include <openssl/ocsp.h>
 #include "ssl_locl.h"
 
-const char *tls1_version_str="TLSv1" OPENSSL_VERSION_PTEXT;
+const char tls1_version_str[]="TLSv1" OPENSSL_VERSION_PTEXT;
 
-static long tls1_default_timeout(void);
+#ifndef OPENSSL_NO_TLSEXT
+static int tls_decrypt_ticket(SSL *s, const unsigned char *tick, int ticklen,
+				const unsigned char *sess_id, int sesslen,
+				SSL_SESSION **psess);
+#endif
 
-static SSL3_ENC_METHOD TLSv1_enc_data={
+SSL3_ENC_METHOD TLSv1_enc_data={
 	tls1_enc,
 	tls1_mac,
 	tls1_setup_key_block,
@@ -78,46 +138,13 @@ static SSL3_ENC_METHOD TLSv1_enc_data={
 	tls1_alert_code,
 	};
 
-static SSL_METHOD TLSv1_data= {
-	TLS1_VERSION,
-	tls1_new,
-	tls1_clear,
-	tls1_free,
-	ssl_undefined_function,
-	ssl_undefined_function,
-	ssl3_read,
-	ssl3_peek,
-	ssl3_write,
-	ssl3_shutdown,
-	ssl3_renegotiate,
-	ssl3_renegotiate_check,
-	ssl3_ctrl,
-	ssl3_ctx_ctrl,
-	ssl3_get_cipher_by_char,
-	ssl3_put_cipher_by_char,
-	ssl3_pending,
-	ssl3_num_ciphers,
-	ssl3_get_cipher,
-	ssl_bad_method,
-	tls1_default_timeout,
-	&TLSv1_enc_data,
-	ssl_undefined_function,
-	ssl3_callback_ctrl,
-	ssl3_ctx_callback_ctrl,
-	};
-
-static long tls1_default_timeout(void)
+long tls1_default_timeout(void)
 	{
 	/* 2 hours, the 24 hours mentioned in the TLSv1 spec
 	 * is way too long for http, the cache would over fill */
 	return(60*60*2);
 	}
 
-SSL_METHOD *tlsv1_base_method(void)
-	{
-	return(&TLSv1_data);
-	}
-
 int tls1_new(SSL *s)
 	{
 	if (!ssl3_new(s)) return(0);
@@ -127,23 +154,1562 @@ int tls1_new(SSL *s)
 
 void tls1_free(SSL *s)
 	{
+#ifndef OPENSSL_NO_TLSEXT
+	if (s->tlsext_session_ticket)
+		{
+		OPENSSL_free(s->tlsext_session_ticket);
+		}
+#endif /* OPENSSL_NO_TLSEXT */
 	ssl3_free(s);
 	}
 
 void tls1_clear(SSL *s)
 	{
 	ssl3_clear(s);
-	s->version=TLS1_VERSION;
+	s->version = s->method->version;
+	}
+
+#ifndef OPENSSL_NO_EC
+static int nid_list[] =
+	{
+		NID_sect163k1, /* sect163k1 (1) */
+		NID_sect163r1, /* sect163r1 (2) */
+		NID_sect163r2, /* sect163r2 (3) */
+		NID_sect193r1, /* sect193r1 (4) */ 
+		NID_sect193r2, /* sect193r2 (5) */ 
+		NID_sect233k1, /* sect233k1 (6) */
+		NID_sect233r1, /* sect233r1 (7) */ 
+		NID_sect239k1, /* sect239k1 (8) */ 
+		NID_sect283k1, /* sect283k1 (9) */
+		NID_sect283r1, /* sect283r1 (10) */ 
+		NID_sect409k1, /* sect409k1 (11) */ 
+		NID_sect409r1, /* sect409r1 (12) */
+		NID_sect571k1, /* sect571k1 (13) */ 
+		NID_sect571r1, /* sect571r1 (14) */ 
+		NID_secp160k1, /* secp160k1 (15) */
+		NID_secp160r1, /* secp160r1 (16) */ 
+		NID_secp160r2, /* secp160r2 (17) */ 
+		NID_secp192k1, /* secp192k1 (18) */
+		NID_X9_62_prime192v1, /* secp192r1 (19) */ 
+		NID_secp224k1, /* secp224k1 (20) */ 
+		NID_secp224r1, /* secp224r1 (21) */
+		NID_secp256k1, /* secp256k1 (22) */ 
+		NID_X9_62_prime256v1, /* secp256r1 (23) */ 
+		NID_secp384r1, /* secp384r1 (24) */
+		NID_secp521r1  /* secp521r1 (25) */	
+	};
+	
+int tls1_ec_curve_id2nid(int curve_id)
+	{
+	/* ECC curves from draft-ietf-tls-ecc-12.txt (Oct. 17, 2005) */
+	if ((curve_id < 1) || ((unsigned int)curve_id >
+				sizeof(nid_list)/sizeof(nid_list[0])))
+		return 0;
+	return nid_list[curve_id-1];
+	}
+
+int tls1_ec_nid2curve_id(int nid)
+	{
+	/* ECC curves from draft-ietf-tls-ecc-12.txt (Oct. 17, 2005) */
+	switch (nid)
+		{
+	case NID_sect163k1: /* sect163k1 (1) */
+		return 1;
+	case NID_sect163r1: /* sect163r1 (2) */
+		return 2;
+	case NID_sect163r2: /* sect163r2 (3) */
+		return 3;
+	case NID_sect193r1: /* sect193r1 (4) */ 
+		return 4;
+	case NID_sect193r2: /* sect193r2 (5) */ 
+		return 5;
+	case NID_sect233k1: /* sect233k1 (6) */
+		return 6;
+	case NID_sect233r1: /* sect233r1 (7) */ 
+		return 7;
+	case NID_sect239k1: /* sect239k1 (8) */ 
+		return 8;
+	case NID_sect283k1: /* sect283k1 (9) */
+		return 9;
+	case NID_sect283r1: /* sect283r1 (10) */ 
+		return 10;
+	case NID_sect409k1: /* sect409k1 (11) */ 
+		return 11;
+	case NID_sect409r1: /* sect409r1 (12) */
+		return 12;
+	case NID_sect571k1: /* sect571k1 (13) */ 
+		return 13;
+	case NID_sect571r1: /* sect571r1 (14) */ 
+		return 14;
+	case NID_secp160k1: /* secp160k1 (15) */
+		return 15;
+	case NID_secp160r1: /* secp160r1 (16) */ 
+		return 16;
+	case NID_secp160r2: /* secp160r2 (17) */ 
+		return 17;
+	case NID_secp192k1: /* secp192k1 (18) */
+		return 18;
+	case NID_X9_62_prime192v1: /* secp192r1 (19) */ 
+		return 19;
+	case NID_secp224k1: /* secp224k1 (20) */ 
+		return 20;
+	case NID_secp224r1: /* secp224r1 (21) */
+		return 21;
+	case NID_secp256k1: /* secp256k1 (22) */ 
+		return 22;
+	case NID_X9_62_prime256v1: /* secp256r1 (23) */ 
+		return 23;
+	case NID_secp384r1: /* secp384r1 (24) */
+		return 24;
+	case NID_secp521r1:  /* secp521r1 (25) */	
+		return 25;
+	default:
+		return 0;
+		}
+	}
+#endif /* OPENSSL_NO_EC */
+
+#ifndef OPENSSL_NO_TLSEXT
+unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned char *limit)
+	{
+	int extdatalen=0;
+	unsigned char *ret = p;
+
+	/* don't add extensions for SSLv3 unless doing secure renegotiation */
+	if (s->client_version == SSL3_VERSION
+					&& !s->s3->send_connection_binding)
+		return p;
+
+	ret+=2;
+
+	if (ret>=limit) return NULL; /* this really never occurs, but ... */
+
+ 	if (s->tlsext_hostname != NULL)
+		{ 
+		/* Add TLS extension servername to the Client Hello message */
+		unsigned long size_str;
+		long lenmax; 
+
+		/* check for enough space.
+		   4 for the servername type and entension length
+		   2 for servernamelist length
+		   1 for the hostname type
+		   2 for hostname length
+		   + hostname length 
+		*/
+		   
+		if ((lenmax = limit - ret - 9) < 0 
+		    || (size_str = strlen(s->tlsext_hostname)) > (unsigned long)lenmax) 
+			return NULL;
+			
+		/* extension type and length */
+		s2n(TLSEXT_TYPE_server_name,ret); 
+		s2n(size_str+5,ret);
+		
+		/* length of servername list */
+		s2n(size_str+3,ret);
+	
+		/* hostname type, length and hostname */
+		*(ret++) = (unsigned char) TLSEXT_NAMETYPE_host_name;
+		s2n(size_str,ret);
+		memcpy(ret, s->tlsext_hostname, size_str);
+		ret+=size_str;
+		}
+
+        /* Add RI if renegotiating */
+        if (s->new_session)
+          {
+          int el;
+          
+          if(!ssl_add_clienthello_renegotiate_ext(s, 0, &el, 0))
+              {
+              SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
+              return NULL;
+              }
+
+          if((limit - p - 4 - el) < 0) return NULL;
+          
+          s2n(TLSEXT_TYPE_renegotiate,ret);
+          s2n(el,ret);
+
+          if(!ssl_add_clienthello_renegotiate_ext(s, ret, &el, el))
+              {
+              SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
+              return NULL;
+              }
+
+          ret += el;
+        }
+
+#ifndef OPENSSL_NO_EC
+	if (s->tlsext_ecpointformatlist != NULL &&
+	    s->version != DTLS1_VERSION)
+		{
+		/* Add TLS extension ECPointFormats to the ClientHello message */
+		long lenmax; 
+
+		if ((lenmax = limit - ret - 5) < 0) return NULL; 
+		if (s->tlsext_ecpointformatlist_length > (unsigned long)lenmax) return NULL;
+		if (s->tlsext_ecpointformatlist_length > 255)
+			{
+			SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
+			return NULL;
+			}
+		
+		s2n(TLSEXT_TYPE_ec_point_formats,ret);
+		s2n(s->tlsext_ecpointformatlist_length + 1,ret);
+		*(ret++) = (unsigned char) s->tlsext_ecpointformatlist_length;
+		memcpy(ret, s->tlsext_ecpointformatlist, s->tlsext_ecpointformatlist_length);
+		ret+=s->tlsext_ecpointformatlist_length;
+		}
+	if (s->tlsext_ellipticcurvelist != NULL &&
+	    s->version != DTLS1_VERSION)
+		{
+		/* Add TLS extension EllipticCurves to the ClientHello message */
+		long lenmax; 
+
+		if ((lenmax = limit - ret - 6) < 0) return NULL; 
+		if (s->tlsext_ellipticcurvelist_length > (unsigned long)lenmax) return NULL;
+		if (s->tlsext_ellipticcurvelist_length > 65532)
+			{
+			SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
+			return NULL;
+			}
+		
+		s2n(TLSEXT_TYPE_elliptic_curves,ret);
+		s2n(s->tlsext_ellipticcurvelist_length + 2, ret);
+
+		/* NB: draft-ietf-tls-ecc-12.txt uses a one-byte prefix for
+		 * elliptic_curve_list, but the examples use two bytes.
+		 * http://www1.ietf.org/mail-archive/web/tls/current/msg00538.html
+		 * resolves this to two bytes.
+		 */
+		s2n(s->tlsext_ellipticcurvelist_length, ret);
+		memcpy(ret, s->tlsext_ellipticcurvelist, s->tlsext_ellipticcurvelist_length);
+		ret+=s->tlsext_ellipticcurvelist_length;
+		}
+#endif /* OPENSSL_NO_EC */
+
+	if (!(SSL_get_options(s) & SSL_OP_NO_TICKET))
+		{
+		int ticklen;
+		if (!s->new_session && s->session && s->session->tlsext_tick)
+			ticklen = s->session->tlsext_ticklen;
+		else if (s->session && s->tlsext_session_ticket &&
+			 s->tlsext_session_ticket->data)
+			{
+			ticklen = s->tlsext_session_ticket->length;
+			s->session->tlsext_tick = OPENSSL_malloc(ticklen);
+			if (!s->session->tlsext_tick)
+				return NULL;
+			memcpy(s->session->tlsext_tick,
+			       s->tlsext_session_ticket->data,
+			       ticklen);
+			s->session->tlsext_ticklen = ticklen;
+			}
+		else
+			ticklen = 0;
+		if (ticklen == 0 && s->tlsext_session_ticket &&
+		    s->tlsext_session_ticket->data == NULL)
+			goto skip_ext;
+		/* Check for enough room 2 for extension type, 2 for len
+ 		 * rest for ticket
+  		 */
+		if ((long)(limit - ret - 4 - ticklen) < 0) return NULL;
+		s2n(TLSEXT_TYPE_session_ticket,ret); 
+		s2n(ticklen,ret);
+		if (ticklen)
+			{
+			memcpy(ret, s->session->tlsext_tick, ticklen);
+			ret += ticklen;
+			}
+		}
+		skip_ext:
+
+#ifdef TLSEXT_TYPE_opaque_prf_input
+	if (s->s3->client_opaque_prf_input != NULL &&
+	    s->version != DTLS1_VERSION)
+		{
+		size_t col = s->s3->client_opaque_prf_input_len;
+		
+		if ((long)(limit - ret - 6 - col < 0))
+			return NULL;
+		if (col > 0xFFFD) /* can't happen */
+			return NULL;
+
+		s2n(TLSEXT_TYPE_opaque_prf_input, ret); 
+		s2n(col + 2, ret);
+		s2n(col, ret);
+		memcpy(ret, s->s3->client_opaque_prf_input, col);
+		ret += col;
+		}
+#endif
+
+	if (s->tlsext_status_type == TLSEXT_STATUSTYPE_ocsp &&
+	    s->version != DTLS1_VERSION)
+		{
+		int i;
+		long extlen, idlen, itmp;
+		OCSP_RESPID *id;
+
+		idlen = 0;
+		for (i = 0; i < sk_OCSP_RESPID_num(s->tlsext_ocsp_ids); i++)
+			{
+			id = sk_OCSP_RESPID_value(s->tlsext_ocsp_ids, i);
+			itmp = i2d_OCSP_RESPID(id, NULL);
+			if (itmp <= 0)
+				return NULL;
+			idlen += itmp + 2;
+			}
+
+		if (s->tlsext_ocsp_exts)
+			{
+			extlen = i2d_X509_EXTENSIONS(s->tlsext_ocsp_exts, NULL);
+			if (extlen < 0)
+				return NULL;
+			}
+		else
+			extlen = 0;
+			
+		if ((long)(limit - ret - 7 - extlen - idlen) < 0) return NULL;
+		s2n(TLSEXT_TYPE_status_request, ret);
+		if (extlen + idlen > 0xFFF0)
+			return NULL;
+		s2n(extlen + idlen + 5, ret);
+		*(ret++) = TLSEXT_STATUSTYPE_ocsp;
+		s2n(idlen, ret);
+		for (i = 0; i < sk_OCSP_RESPID_num(s->tlsext_ocsp_ids); i++)
+			{
+			/* save position of id len */
+			unsigned char *q = ret;
+			id = sk_OCSP_RESPID_value(s->tlsext_ocsp_ids, i);
+			/* skip over id len */
+			ret += 2;
+			itmp = i2d_OCSP_RESPID(id, &ret);
+			/* write id len */
+			s2n(itmp, q);
+			}
+		s2n(extlen, ret);
+		if (extlen > 0)
+			i2d_X509_EXTENSIONS(s->tlsext_ocsp_exts, &ret);
+		}
+
+	if ((extdatalen = ret-p-2)== 0) 
+		return p;
+
+	s2n(extdatalen,p);
+	return ret;
+	}
+
+unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned char *limit)
+	{
+	int extdatalen=0;
+	unsigned char *ret = p;
+
+	/* don't add extensions for SSLv3, unless doing secure renegotiation */
+	if (s->version == SSL3_VERSION && !s->s3->send_connection_binding)
+		return p;
+	
+	ret+=2;
+	if (ret>=limit) return NULL; /* this really never occurs, but ... */
+
+	if (!s->hit && s->servername_done == 1 && s->session->tlsext_hostname != NULL)
+		{ 
+		if ((long)(limit - ret - 4) < 0) return NULL; 
+
+		s2n(TLSEXT_TYPE_server_name,ret);
+		s2n(0,ret);
+		}
+
+	if(s->s3->send_connection_binding)
+        {
+          int el;
+          
+          if(!ssl_add_serverhello_renegotiate_ext(s, 0, &el, 0))
+              {
+              SSLerr(SSL_F_SSL_ADD_SERVERHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
+              return NULL;
+              }
+
+          if((limit - p - 4 - el) < 0) return NULL;
+          
+          s2n(TLSEXT_TYPE_renegotiate,ret);
+          s2n(el,ret);
+
+          if(!ssl_add_serverhello_renegotiate_ext(s, ret, &el, el))
+              {
+              SSLerr(SSL_F_SSL_ADD_SERVERHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
+              return NULL;
+              }
+
+          ret += el;
+        }
+
+#ifndef OPENSSL_NO_EC
+	if (s->tlsext_ecpointformatlist != NULL &&
+	    s->version != DTLS1_VERSION)
+		{
+		/* Add TLS extension ECPointFormats to the ServerHello message */
+		long lenmax; 
+
+		if ((lenmax = limit - ret - 5) < 0) return NULL; 
+		if (s->tlsext_ecpointformatlist_length > (unsigned long)lenmax) return NULL;
+		if (s->tlsext_ecpointformatlist_length > 255)
+			{
+			SSLerr(SSL_F_SSL_ADD_SERVERHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
+			return NULL;
+			}
+		
+		s2n(TLSEXT_TYPE_ec_point_formats,ret);
+		s2n(s->tlsext_ecpointformatlist_length + 1,ret);
+		*(ret++) = (unsigned char) s->tlsext_ecpointformatlist_length;
+		memcpy(ret, s->tlsext_ecpointformatlist, s->tlsext_ecpointformatlist_length);
+		ret+=s->tlsext_ecpointformatlist_length;
+
+		}
+	/* Currently the server should not respond with a SupportedCurves extension */
+#endif /* OPENSSL_NO_EC */
+
+	if (s->tlsext_ticket_expected
+		&& !(SSL_get_options(s) & SSL_OP_NO_TICKET)) 
+		{ 
+		if ((long)(limit - ret - 4) < 0) return NULL; 
+		s2n(TLSEXT_TYPE_session_ticket,ret);
+		s2n(0,ret);
+		}
+
+	if (s->tlsext_status_expected)
+		{ 
+		if ((long)(limit - ret - 4) < 0) return NULL; 
+		s2n(TLSEXT_TYPE_status_request,ret);
+		s2n(0,ret);
+		}
+
+#ifdef TLSEXT_TYPE_opaque_prf_input
+	if (s->s3->server_opaque_prf_input != NULL &&
+	    s->version != DTLS1_VERSION)
+		{
+		size_t sol = s->s3->server_opaque_prf_input_len;
+		
+		if ((long)(limit - ret - 6 - sol) < 0)
+			return NULL;
+		if (sol > 0xFFFD) /* can't happen */
+			return NULL;
+
+		s2n(TLSEXT_TYPE_opaque_prf_input, ret); 
+		s2n(sol + 2, ret);
+		s2n(sol, ret);
+		memcpy(ret, s->s3->server_opaque_prf_input, sol);
+		ret += sol;
+		}
+#endif
+	if (((s->s3->tmp.new_cipher->id & 0xFFFF)==0x80 || (s->s3->tmp.new_cipher->id & 0xFFFF)==0x81) 
+		&& (SSL_get_options(s) & SSL_OP_CRYPTOPRO_TLSEXT_BUG))
+		{ const unsigned char cryptopro_ext[36] = {
+			0xfd, 0xe8, /*65000*/
+			0x00, 0x20, /*32 bytes length*/
+			0x30, 0x1e, 0x30, 0x08, 0x06, 0x06, 0x2a, 0x85, 
+			0x03,   0x02, 0x02, 0x09, 0x30, 0x08, 0x06, 0x06, 
+			0x2a, 0x85, 0x03, 0x02, 0x02, 0x16, 0x30, 0x08, 
+			0x06, 0x06, 0x2a, 0x85, 0x03, 0x02, 0x02, 0x17};
+			if (limit-ret<36) return NULL;
+			memcpy(ret,cryptopro_ext,36);
+			ret+=36;
+
+		}
+
+	if ((extdatalen = ret-p-2)== 0) 
+		return p;
+
+	s2n(extdatalen,p);
+	return ret;
+	}
+
+int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, int n, int *al)
+	{
+	unsigned short type;
+	unsigned short size;
+	unsigned short len;
+	unsigned char *data = *p;
+	int renegotiate_seen = 0;
+
+	s->servername_done = 0;
+	s->tlsext_status_type = -1;
+
+	if (data >= (d+n-2))
+		goto ri_check;
+	n2s(data,len);
+
+	if (data > (d+n-len)) 
+		goto ri_check;
+
+	while (data <= (d+n-4))
+		{
+		n2s(data,type);
+		n2s(data,size);
+
+		if (data+size > (d+n))
+	   		goto ri_check;
+#if 0
+		fprintf(stderr,"Received extension type %d size %d\n",type,size);
+#endif
+		if (s->tlsext_debug_cb)
+			s->tlsext_debug_cb(s, 0, type, data, size,
+						s->tlsext_debug_arg);
+/* The servername extension is treated as follows:
+
+   - Only the hostname type is supported with a maximum length of 255.
+   - The servername is rejected if too long or if it contains zeros,
+     in which case an fatal alert is generated.
+   - The servername field is maintained together with the session cache.
+   - When a session is resumed, the servername call back invoked in order
+     to allow the application to position itself to the right context. 
+   - The servername is acknowledged if it is new for a session or when 
+     it is identical to a previously used for the same session. 
+     Applications can control the behaviour.  They can at any time
+     set a 'desirable' servername for a new SSL object. This can be the
+     case for example with HTTPS when a Host: header field is received and
+     a renegotiation is requested. In this case, a possible servername
+     presented in the new client hello is only acknowledged if it matches
+     the value of the Host: field. 
+   - Applications must  use SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION
+     if they provide for changing an explicit servername context for the session,
+     i.e. when the session has been established with a servername extension. 
+   - On session reconnect, the servername extension may be absent. 
+
+*/      
+
+		if (type == TLSEXT_TYPE_server_name)
+			{
+			unsigned char *sdata;
+			int servname_type;
+			int dsize; 
+		
+			if (size < 2) 
+				{
+				*al = SSL_AD_DECODE_ERROR;
+				return 0;
+				}
+			n2s(data,dsize);  
+			size -= 2;
+			if (dsize > size  ) 
+				{
+				*al = SSL_AD_DECODE_ERROR;
+				return 0;
+				} 
+
+			sdata = data;
+			while (dsize > 3) 
+				{
+	 			servname_type = *(sdata++); 
+				n2s(sdata,len);
+				dsize -= 3;
+
+				if (len > dsize) 
+					{
+					*al = SSL_AD_DECODE_ERROR;
+					return 0;
+					}
+				if (s->servername_done == 0)
+				switch (servname_type)
+					{
+				case TLSEXT_NAMETYPE_host_name:
+					if (s->session->tlsext_hostname == NULL)
+						{
+						if (len > TLSEXT_MAXLEN_host_name || 
+							((s->session->tlsext_hostname = OPENSSL_malloc(len+1)) == NULL))
+							{
+							*al = TLS1_AD_UNRECOGNIZED_NAME;
+							return 0;
+							}
+						memcpy(s->session->tlsext_hostname, sdata, len);
+						s->session->tlsext_hostname[len]='\0';
+						if (strlen(s->session->tlsext_hostname) != len) {
+							OPENSSL_free(s->session->tlsext_hostname);
+							s->session->tlsext_hostname = NULL;
+							*al = TLS1_AD_UNRECOGNIZED_NAME;
+							return 0;
+						}
+						s->servername_done = 1; 
+
+						}
+					else 
+						s->servername_done = strlen(s->session->tlsext_hostname) == len 
+							&& strncmp(s->session->tlsext_hostname, (char *)sdata, len) == 0;
+					
+					break;
+
+				default:
+					break;
+					}
+				 
+				dsize -= len;
+				}
+			if (dsize != 0) 
+				{
+				*al = SSL_AD_DECODE_ERROR;
+				return 0;
+				}
+
+			}
+
+#ifndef OPENSSL_NO_EC
+		else if (type == TLSEXT_TYPE_ec_point_formats &&
+	             s->version != DTLS1_VERSION)
+			{
+			unsigned char *sdata = data;
+			int ecpointformatlist_length = *(sdata++);
+
+			if (ecpointformatlist_length != size - 1)
+				{
+				*al = TLS1_AD_DECODE_ERROR;
+				return 0;
+				}
+			s->session->tlsext_ecpointformatlist_length = 0;
+			if (s->session->tlsext_ecpointformatlist != NULL) OPENSSL_free(s->session->tlsext_ecpointformatlist);
+			if ((s->session->tlsext_ecpointformatlist = OPENSSL_malloc(ecpointformatlist_length)) == NULL)
+				{
+				*al = TLS1_AD_INTERNAL_ERROR;
+				return 0;
+				}
+			s->session->tlsext_ecpointformatlist_length = ecpointformatlist_length;
+			memcpy(s->session->tlsext_ecpointformatlist, sdata, ecpointformatlist_length);
+#if 0
+			fprintf(stderr,"ssl_parse_clienthello_tlsext s->session->tlsext_ecpointformatlist (length=%i) ", s->session->tlsext_ecpointformatlist_length);
+			sdata = s->session->tlsext_ecpointformatlist;
+			for (i = 0; i < s->session->tlsext_ecpointformatlist_length; i++)
+				fprintf(stderr,"%i ",*(sdata++));
+			fprintf(stderr,"\n");
+#endif
+			}
+		else if (type == TLSEXT_TYPE_elliptic_curves &&
+	             s->version != DTLS1_VERSION)
+			{
+			unsigned char *sdata = data;
+			int ellipticcurvelist_length = (*(sdata++) << 8);
+			ellipticcurvelist_length += (*(sdata++));
+
+			if (ellipticcurvelist_length != size - 2)
+				{
+				*al = TLS1_AD_DECODE_ERROR;
+				return 0;
+				}
+			s->session->tlsext_ellipticcurvelist_length = 0;
+			if (s->session->tlsext_ellipticcurvelist != NULL) OPENSSL_free(s->session->tlsext_ellipticcurvelist);
+			if ((s->session->tlsext_ellipticcurvelist = OPENSSL_malloc(ellipticcurvelist_length)) == NULL)
+				{
+				*al = TLS1_AD_INTERNAL_ERROR;
+				return 0;
+				}
+			s->session->tlsext_ellipticcurvelist_length = ellipticcurvelist_length;
+			memcpy(s->session->tlsext_ellipticcurvelist, sdata, ellipticcurvelist_length);
+#if 0
+			fprintf(stderr,"ssl_parse_clienthello_tlsext s->session->tlsext_ellipticcurvelist (length=%i) ", s->session->tlsext_ellipticcurvelist_length);
+			sdata = s->session->tlsext_ellipticcurvelist;
+			for (i = 0; i < s->session->tlsext_ellipticcurvelist_length; i++)
+				fprintf(stderr,"%i ",*(sdata++));
+			fprintf(stderr,"\n");
+#endif
+			}
+#endif /* OPENSSL_NO_EC */
+#ifdef TLSEXT_TYPE_opaque_prf_input
+		else if (type == TLSEXT_TYPE_opaque_prf_input &&
+	             s->version != DTLS1_VERSION)
+			{
+			unsigned char *sdata = data;
+
+			if (size < 2)
+				{
+				*al = SSL_AD_DECODE_ERROR;
+				return 0;
+				}
+			n2s(sdata, s->s3->client_opaque_prf_input_len);
+			if (s->s3->client_opaque_prf_input_len != size - 2)
+				{
+				*al = SSL_AD_DECODE_ERROR;
+				return 0;
+				}
+
+			if (s->s3->client_opaque_prf_input != NULL) /* shouldn't really happen */
+				OPENSSL_free(s->s3->client_opaque_prf_input);
+			if (s->s3->client_opaque_prf_input_len == 0)
+				s->s3->client_opaque_prf_input = OPENSSL_malloc(1); /* dummy byte just to get non-NULL */
+			else
+				s->s3->client_opaque_prf_input = BUF_memdup(sdata, s->s3->client_opaque_prf_input_len);
+			if (s->s3->client_opaque_prf_input == NULL)
+				{
+				*al = TLS1_AD_INTERNAL_ERROR;
+				return 0;
+				}
+			}
+#endif
+		else if (type == TLSEXT_TYPE_session_ticket)
+			{
+			if (s->tls_session_ticket_ext_cb &&
+			    !s->tls_session_ticket_ext_cb(s, data, size, s->tls_session_ticket_ext_cb_arg))
+				{
+				*al = TLS1_AD_INTERNAL_ERROR;
+				return 0;
+				}
+			}
+		else if (type == TLSEXT_TYPE_renegotiate)
+			{
+			if(!ssl_parse_clienthello_renegotiate_ext(s, data, size, al))
+				return 0;
+			renegotiate_seen = 1;
+			}
+		else if (type == TLSEXT_TYPE_status_request &&
+		         s->version != DTLS1_VERSION && s->ctx->tlsext_status_cb)
+			{
+		
+			if (size < 5) 
+				{
+				*al = SSL_AD_DECODE_ERROR;
+				return 0;
+				}
+
+			s->tlsext_status_type = *data++;
+			size--;
+			if (s->tlsext_status_type == TLSEXT_STATUSTYPE_ocsp)
+				{
+				const unsigned char *sdata;
+				int dsize;
+				/* Read in responder_id_list */
+				n2s(data,dsize);
+				size -= 2;
+				if (dsize > size  ) 
+					{
+					*al = SSL_AD_DECODE_ERROR;
+					return 0;
+					}
+				while (dsize > 0)
+					{
+					OCSP_RESPID *id;
+					int idsize;
+					if (dsize < 4)
+						{
+						*al = SSL_AD_DECODE_ERROR;
+						return 0;
+						}
+					n2s(data, idsize);
+					dsize -= 2 + idsize;
+					if (dsize < 0)
+						{
+						*al = SSL_AD_DECODE_ERROR;
+						return 0;
+						}
+					sdata = data;
+					data += idsize;
+					id = d2i_OCSP_RESPID(NULL,
+								&sdata, idsize);
+					if (!id)
+						{
+						*al = SSL_AD_DECODE_ERROR;
+						return 0;
+						}
+					if (data != sdata)
+						{
+						OCSP_RESPID_free(id);
+						*al = SSL_AD_DECODE_ERROR;
+						return 0;
+						}
+					if (!s->tlsext_ocsp_ids
+						&& !(s->tlsext_ocsp_ids =
+						sk_OCSP_RESPID_new_null()))
+						{
+						OCSP_RESPID_free(id);
+						*al = SSL_AD_INTERNAL_ERROR;
+						return 0;
+						}
+					if (!sk_OCSP_RESPID_push(
+							s->tlsext_ocsp_ids, id))
+						{
+						OCSP_RESPID_free(id);
+						*al = SSL_AD_INTERNAL_ERROR;
+						return 0;
+						}
+					}
+
+				/* Read in request_extensions */
+				n2s(data,dsize);
+				size -= 2;
+				if (dsize > size) 
+					{
+					*al = SSL_AD_DECODE_ERROR;
+					return 0;
+					}
+				sdata = data;
+				if (dsize > 0)
+					{
+					s->tlsext_ocsp_exts =
+						d2i_X509_EXTENSIONS(NULL,
+							&sdata, dsize);
+					if (!s->tlsext_ocsp_exts
+						|| (data + dsize != sdata))
+						{
+						*al = SSL_AD_DECODE_ERROR;
+						return 0;
+						}
+					}
+				}
+				/* We don't know what to do with any other type
+ 			 	* so ignore it.
+ 			 	*/
+				else
+					s->tlsext_status_type = -1;
+			}
+
+		/* session ticket processed earlier */
+		data+=size;
+		}
+				
+	*p = data;
+
+	ri_check:
+
+	/* Need RI if renegotiating */
+
+	if (!renegotiate_seen && s->new_session &&
+		!(s->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION))
+		{
+		*al = SSL_AD_HANDSHAKE_FAILURE;
+	 	SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_TLSEXT,
+				SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED);
+		return 0;
+		}
+
+	return 1;
 	}
 
+int ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, unsigned char *d, int n, int *al)
+	{
+	unsigned short type;
+	unsigned short size;
+	unsigned short len;  
+	unsigned char *data = *p;
+	int tlsext_servername = 0;
+	int renegotiate_seen = 0;
+
+	if (data >= (d+n-2))
+		goto ri_check;
+
+	n2s(data,len);
+
+	while(data <= (d+n-4))
+		{
+		n2s(data,type);
+		n2s(data,size);
+
+		if (data+size > (d+n))
+	   		goto ri_check;
+
+		if (s->tlsext_debug_cb)
+			s->tlsext_debug_cb(s, 1, type, data, size,
+						s->tlsext_debug_arg);
+
+		if (type == TLSEXT_TYPE_server_name)
+			{
+			if (s->tlsext_hostname == NULL || size > 0)
+				{
+				*al = TLS1_AD_UNRECOGNIZED_NAME;
+				return 0;
+				}
+			tlsext_servername = 1;   
+			}
+
+#ifndef OPENSSL_NO_EC
+		else if (type == TLSEXT_TYPE_ec_point_formats &&
+	             s->version != DTLS1_VERSION)
+			{
+			unsigned char *sdata = data;
+			int ecpointformatlist_length = *(sdata++);
+
+			if (ecpointformatlist_length != size - 1)
+				{
+				*al = TLS1_AD_DECODE_ERROR;
+				return 0;
+				}
+			s->session->tlsext_ecpointformatlist_length = 0;
+			if (s->session->tlsext_ecpointformatlist != NULL) OPENSSL_free(s->session->tlsext_ecpointformatlist);
+			if ((s->session->tlsext_ecpointformatlist = OPENSSL_malloc(ecpointformatlist_length)) == NULL)
+				{
+				*al = TLS1_AD_INTERNAL_ERROR;
+				return 0;
+				}
+			s->session->tlsext_ecpointformatlist_length = ecpointformatlist_length;
+			memcpy(s->session->tlsext_ecpointformatlist, sdata, ecpointformatlist_length);
 #if 0
-long tls1_ctrl(SSL *s, int cmd, long larg, char *parg)
+			fprintf(stderr,"ssl_parse_serverhello_tlsext s->session->tlsext_ecpointformatlist ");
+			sdata = s->session->tlsext_ecpointformatlist;
+			for (i = 0; i < s->session->tlsext_ecpointformatlist_length; i++)
+				fprintf(stderr,"%i ",*(sdata++));
+			fprintf(stderr,"\n");
+#endif
+			}
+#endif /* OPENSSL_NO_EC */
+
+		else if (type == TLSEXT_TYPE_session_ticket)
+			{
+			if (s->tls_session_ticket_ext_cb &&
+			    !s->tls_session_ticket_ext_cb(s, data, size, s->tls_session_ticket_ext_cb_arg))
+				{
+				*al = TLS1_AD_INTERNAL_ERROR;
+				return 0;
+				}
+			if ((SSL_get_options(s) & SSL_OP_NO_TICKET)
+				|| (size > 0))
+				{
+				*al = TLS1_AD_UNSUPPORTED_EXTENSION;
+				return 0;
+				}
+			s->tlsext_ticket_expected = 1;
+			}
+#ifdef TLSEXT_TYPE_opaque_prf_input
+		else if (type == TLSEXT_TYPE_opaque_prf_input &&
+	             s->version != DTLS1_VERSION)
+			{
+			unsigned char *sdata = data;
+
+			if (size < 2)
+				{
+				*al = SSL_AD_DECODE_ERROR;
+				return 0;
+				}
+			n2s(sdata, s->s3->server_opaque_prf_input_len);
+			if (s->s3->server_opaque_prf_input_len != size - 2)
+				{
+				*al = SSL_AD_DECODE_ERROR;
+				return 0;
+				}
+			
+			if (s->s3->server_opaque_prf_input != NULL) /* shouldn't really happen */
+				OPENSSL_free(s->s3->server_opaque_prf_input);
+			if (s->s3->server_opaque_prf_input_len == 0)
+				s->s3->server_opaque_prf_input = OPENSSL_malloc(1); /* dummy byte just to get non-NULL */
+			else
+				s->s3->server_opaque_prf_input = BUF_memdup(sdata, s->s3->server_opaque_prf_input_len);
+
+			if (s->s3->server_opaque_prf_input == NULL)
+				{
+				*al = TLS1_AD_INTERNAL_ERROR;
+				return 0;
+				}
+			}
+#endif
+		else if (type == TLSEXT_TYPE_status_request &&
+		         s->version != DTLS1_VERSION)
+			{
+			/* MUST be empty and only sent if we've requested
+			 * a status request message.
+			 */ 
+			if ((s->tlsext_status_type == -1) || (size > 0))
+				{
+				*al = TLS1_AD_UNSUPPORTED_EXTENSION;
+				return 0;
+				}
+			/* Set flag to expect CertificateStatus message */
+			s->tlsext_status_expected = 1;
+			}
+		else if (type == TLSEXT_TYPE_renegotiate)
+			{
+			if(!ssl_parse_serverhello_renegotiate_ext(s, data, size, al))
+				return 0;
+			renegotiate_seen = 1;
+			}
+		data+=size;		
+		}
+
+	if (data != d+n)
+		{
+		*al = SSL_AD_DECODE_ERROR;
+		return 0;
+		}
+
+	if (!s->hit && tlsext_servername == 1)
+		{
+ 		if (s->tlsext_hostname)
+			{
+			if (s->session->tlsext_hostname == NULL)
+				{
+				s->session->tlsext_hostname = BUF_strdup(s->tlsext_hostname);	
+				if (!s->session->tlsext_hostname)
+					{
+					*al = SSL_AD_UNRECOGNIZED_NAME;
+					return 0;
+					}
+				}
+			else 
+				{
+				*al = SSL_AD_DECODE_ERROR;
+				return 0;
+				}
+			}
+		}
+
+	*p = data;
+
+	ri_check:
+
+	/* Determine if we need to see RI. Strictly speaking if we want to
+	 * avoid an attack we should *always* see RI even on initial server
+	 * hello because the client doesn't see any renegotiation during an
+	 * attack. However this would mean we could not connect to any server
+	 * which doesn't support RI so for the immediate future tolerate RI
+	 * absence on initial connect only.
+	 */
+	if (!renegotiate_seen && 
+		(s->new_session || !(s->options & SSL_OP_LEGACY_SERVER_CONNECT))
+		&& !(s->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION))
+		{
+		*al = SSL_AD_HANDSHAKE_FAILURE;
+		SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_TLSEXT,
+				SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED);
+		return 0;
+		}
+
+	return 1;
+	}
+
+
+int ssl_prepare_clienthello_tlsext(SSL *s)
+	{
+#ifndef OPENSSL_NO_EC
+	/* If we are client and using an elliptic curve cryptography cipher suite, send the point formats 
+	 * and elliptic curves we support.
+	 */
+	int using_ecc = 0;
+	int i;
+	unsigned char *j;
+	unsigned long alg_k, alg_a;
+	STACK_OF(SSL_CIPHER) *cipher_stack = SSL_get_ciphers(s);
+
+	for (i = 0; i < sk_SSL_CIPHER_num(cipher_stack); i++)
+		{
+		SSL_CIPHER *c = sk_SSL_CIPHER_value(cipher_stack, i);
+
+		alg_k = c->algorithm_mkey;
+		alg_a = c->algorithm_auth;
+		if ((alg_k & (SSL_kEECDH|SSL_kECDHr|SSL_kECDHe) || (alg_a & SSL_aECDSA)))
+			{
+			using_ecc = 1;
+			break;
+			}
+		}
+	using_ecc = using_ecc && (s->version == TLS1_VERSION);
+	if (using_ecc)
+		{
+		if (s->tlsext_ecpointformatlist != NULL) OPENSSL_free(s->tlsext_ecpointformatlist);
+		if ((s->tlsext_ecpointformatlist = OPENSSL_malloc(3)) == NULL)
+			{
+			SSLerr(SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT,ERR_R_MALLOC_FAILURE);
+			return -1;
+			}
+		s->tlsext_ecpointformatlist_length = 3;
+		s->tlsext_ecpointformatlist[0] = TLSEXT_ECPOINTFORMAT_uncompressed;
+		s->tlsext_ecpointformatlist[1] = TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime;
+		s->tlsext_ecpointformatlist[2] = TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2;
+
+		/* we support all named elliptic curves in draft-ietf-tls-ecc-12 */
+		if (s->tlsext_ellipticcurvelist != NULL) OPENSSL_free(s->tlsext_ellipticcurvelist);
+		s->tlsext_ellipticcurvelist_length = sizeof(nid_list)/sizeof(nid_list[0]) * 2;
+		if ((s->tlsext_ellipticcurvelist = OPENSSL_malloc(s->tlsext_ellipticcurvelist_length)) == NULL)
+			{
+			s->tlsext_ellipticcurvelist_length = 0;
+			SSLerr(SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT,ERR_R_MALLOC_FAILURE);
+			return -1;
+			}
+		for (i = 1, j = s->tlsext_ellipticcurvelist; (unsigned int)i <=
+				sizeof(nid_list)/sizeof(nid_list[0]); i++)
+			s2n(i,j);
+		}
+#endif /* OPENSSL_NO_EC */
+
+#ifdef TLSEXT_TYPE_opaque_prf_input
+ 	{
+		int r = 1;
+	
+		if (s->ctx->tlsext_opaque_prf_input_callback != 0)
+			{
+			r = s->ctx->tlsext_opaque_prf_input_callback(s, NULL, 0, s->ctx->tlsext_opaque_prf_input_callback_arg);
+			if (!r)
+				return -1;
+			}
+
+		if (s->tlsext_opaque_prf_input != NULL)
+			{
+			if (s->s3->client_opaque_prf_input != NULL) /* shouldn't really happen */
+				OPENSSL_free(s->s3->client_opaque_prf_input);
+
+			if (s->tlsext_opaque_prf_input_len == 0)
+				s->s3->client_opaque_prf_input = OPENSSL_malloc(1); /* dummy byte just to get non-NULL */
+			else
+				s->s3->client_opaque_prf_input = BUF_memdup(s->tlsext_opaque_prf_input, s->tlsext_opaque_prf_input_len);
+			if (s->s3->client_opaque_prf_input == NULL)
+				{
+				SSLerr(SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT,ERR_R_MALLOC_FAILURE);
+				return -1;
+				}
+			s->s3->client_opaque_prf_input_len = s->tlsext_opaque_prf_input_len;
+			}
+
+		if (r == 2)
+			/* at callback's request, insist on receiving an appropriate server opaque PRF input */
+			s->s3->server_opaque_prf_input_len = s->tlsext_opaque_prf_input_len;
+	}
+#endif
+
+	return 1;
+	}
+
+int ssl_prepare_serverhello_tlsext(SSL *s)
+	{
+#ifndef OPENSSL_NO_EC
+	/* If we are server and using an ECC cipher suite, send the point formats we support 
+	 * if the client sent us an ECPointsFormat extension.  Note that the server is not
+	 * supposed to send an EllipticCurves extension.
+	 */
+
+	unsigned long alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
+	unsigned long alg_a = s->s3->tmp.new_cipher->algorithm_auth;
+	int using_ecc = (alg_k & (SSL_kEECDH|SSL_kECDHr|SSL_kECDHe)) || (alg_a & SSL_aECDSA);
+	using_ecc = using_ecc && (s->session->tlsext_ecpointformatlist != NULL);
+	
+	if (using_ecc)
+		{
+		if (s->tlsext_ecpointformatlist != NULL) OPENSSL_free(s->tlsext_ecpointformatlist);
+		if ((s->tlsext_ecpointformatlist = OPENSSL_malloc(3)) == NULL)
+			{
+			SSLerr(SSL_F_SSL_PREPARE_SERVERHELLO_TLSEXT,ERR_R_MALLOC_FAILURE);
+			return -1;
+			}
+		s->tlsext_ecpointformatlist_length = 3;
+		s->tlsext_ecpointformatlist[0] = TLSEXT_ECPOINTFORMAT_uncompressed;
+		s->tlsext_ecpointformatlist[1] = TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime;
+		s->tlsext_ecpointformatlist[2] = TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2;
+		}
+#endif /* OPENSSL_NO_EC */
+
+	return 1;
+	}
+
+int ssl_check_clienthello_tlsext(SSL *s)
+	{
+	int ret=SSL_TLSEXT_ERR_NOACK;
+	int al = SSL_AD_UNRECOGNIZED_NAME;
+
+#ifndef OPENSSL_NO_EC
+	/* The handling of the ECPointFormats extension is done elsewhere, namely in 
+	 * ssl3_choose_cipher in s3_lib.c.
+	 */
+	/* The handling of the EllipticCurves extension is done elsewhere, namely in 
+	 * ssl3_choose_cipher in s3_lib.c.
+	 */
+#endif
+
+	if (s->ctx != NULL && s->ctx->tlsext_servername_callback != 0) 
+		ret = s->ctx->tlsext_servername_callback(s, &al, s->ctx->tlsext_servername_arg);
+	else if (s->initial_ctx != NULL && s->initial_ctx->tlsext_servername_callback != 0) 		
+		ret = s->initial_ctx->tlsext_servername_callback(s, &al, s->initial_ctx->tlsext_servername_arg);
+
+	/* If status request then ask callback what to do.
+ 	 * Note: this must be called after servername callbacks in case 
+ 	 * the certificate has changed.
+ 	 */
+	if ((s->tlsext_status_type != -1) && s->ctx && s->ctx->tlsext_status_cb)
+		{
+		int r;
+		r = s->ctx->tlsext_status_cb(s, s->ctx->tlsext_status_arg);
+		switch (r)
+			{
+			/* We don't want to send a status request response */
+			case SSL_TLSEXT_ERR_NOACK:
+				s->tlsext_status_expected = 0;
+				break;
+			/* status request response should be sent */
+			case SSL_TLSEXT_ERR_OK:
+				if (s->tlsext_ocsp_resp)
+					s->tlsext_status_expected = 1;
+				else
+					s->tlsext_status_expected = 0;
+				break;
+			/* something bad happened */
+			case SSL_TLSEXT_ERR_ALERT_FATAL:
+				ret = SSL_TLSEXT_ERR_ALERT_FATAL;
+				al = SSL_AD_INTERNAL_ERROR;
+				goto err;
+			}
+		}
+	else
+		s->tlsext_status_expected = 0;
+
+#ifdef TLSEXT_TYPE_opaque_prf_input
+ 	{
+		/* This sort of belongs into ssl_prepare_serverhello_tlsext(),
+		 * but we might be sending an alert in response to the client hello,
+		 * so this has to happen here in ssl_check_clienthello_tlsext(). */
+
+		int r = 1;
+	
+		if (s->ctx->tlsext_opaque_prf_input_callback != 0)
+			{
+			r = s->ctx->tlsext_opaque_prf_input_callback(s, NULL, 0, s->ctx->tlsext_opaque_prf_input_callback_arg);
+			if (!r)
+				{
+				ret = SSL_TLSEXT_ERR_ALERT_FATAL;
+				al = SSL_AD_INTERNAL_ERROR;
+				goto err;
+				}
+			}
+
+		if (s->s3->server_opaque_prf_input != NULL) /* shouldn't really happen */
+			OPENSSL_free(s->s3->server_opaque_prf_input);
+		s->s3->server_opaque_prf_input = NULL;
+
+		if (s->tlsext_opaque_prf_input != NULL)
+			{
+			if (s->s3->client_opaque_prf_input != NULL &&
+				s->s3->client_opaque_prf_input_len == s->tlsext_opaque_prf_input_len)
+				{
+				/* can only use this extension if we have a server opaque PRF input
+				 * of the same length as the client opaque PRF input! */
+
+				if (s->tlsext_opaque_prf_input_len == 0)
+					s->s3->server_opaque_prf_input = OPENSSL_malloc(1); /* dummy byte just to get non-NULL */
+				else
+					s->s3->server_opaque_prf_input = BUF_memdup(s->tlsext_opaque_prf_input, s->tlsext_opaque_prf_input_len);
+				if (s->s3->server_opaque_prf_input == NULL)
+					{
+					ret = SSL_TLSEXT_ERR_ALERT_FATAL;
+					al = SSL_AD_INTERNAL_ERROR;
+					goto err;
+					}
+				s->s3->server_opaque_prf_input_len = s->tlsext_opaque_prf_input_len;
+				}
+			}
+
+		if (r == 2 && s->s3->server_opaque_prf_input == NULL)
+			{
+			/* The callback wants to enforce use of the extension,
+			 * but we can't do that with the client opaque PRF input;
+			 * abort the handshake.
+			 */
+			ret = SSL_TLSEXT_ERR_ALERT_FATAL;
+			al = SSL_AD_HANDSHAKE_FAILURE;
+			}
+	}
+
+#endif
+ err:
+	switch (ret)
+		{
+		case SSL_TLSEXT_ERR_ALERT_FATAL:
+			ssl3_send_alert(s,SSL3_AL_FATAL,al); 
+			return -1;
+
+		case SSL_TLSEXT_ERR_ALERT_WARNING:
+			ssl3_send_alert(s,SSL3_AL_WARNING,al);
+			return 1; 
+					
+		case SSL_TLSEXT_ERR_NOACK:
+			s->servername_done=0;
+			default:
+		return 1;
+		}
+	}
+
+int ssl_check_serverhello_tlsext(SSL *s)
 	{
-	return(0);
+	int ret=SSL_TLSEXT_ERR_NOACK;
+	int al = SSL_AD_UNRECOGNIZED_NAME;
+
+#ifndef OPENSSL_NO_EC
+	/* If we are client and using an elliptic curve cryptography cipher suite, then server
+	 * must return a an EC point formats lists containing uncompressed.
+	 */
+	unsigned long alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
+	unsigned long alg_a = s->s3->tmp.new_cipher->algorithm_auth;
+	if ((s->tlsext_ecpointformatlist != NULL) && (s->tlsext_ecpointformatlist_length > 0) && 
+	    ((alg_k & (SSL_kEECDH|SSL_kECDHr|SSL_kECDHe)) || (alg_a & SSL_aECDSA)))
+		{
+		/* we are using an ECC cipher */
+		size_t i;
+		unsigned char *list;
+		int found_uncompressed = 0;
+		if ((s->session->tlsext_ecpointformatlist == NULL) || (s->session->tlsext_ecpointformatlist_length == 0))
+			{
+			SSLerr(SSL_F_SSL_CHECK_SERVERHELLO_TLSEXT,SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST);
+			return -1;
+			}
+		list = s->session->tlsext_ecpointformatlist;
+		for (i = 0; i < s->session->tlsext_ecpointformatlist_length; i++)
+			{
+			if (*(list++) == TLSEXT_ECPOINTFORMAT_uncompressed)
+				{
+				found_uncompressed = 1;
+				break;
+				}
+			}
+		if (!found_uncompressed)
+			{
+			SSLerr(SSL_F_SSL_CHECK_SERVERHELLO_TLSEXT,SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST);
+			return -1;
+			}
+		}
+	ret = SSL_TLSEXT_ERR_OK;
+#endif /* OPENSSL_NO_EC */
+
+	if (s->ctx != NULL && s->ctx->tlsext_servername_callback != 0) 
+		ret = s->ctx->tlsext_servername_callback(s, &al, s->ctx->tlsext_servername_arg);
+	else if (s->initial_ctx != NULL && s->initial_ctx->tlsext_servername_callback != 0) 		
+		ret = s->initial_ctx->tlsext_servername_callback(s, &al, s->initial_ctx->tlsext_servername_arg);
+
+#ifdef TLSEXT_TYPE_opaque_prf_input
+	if (s->s3->server_opaque_prf_input_len > 0)
+		{
+		/* This case may indicate that we, as a client, want to insist on using opaque PRF inputs.
+		 * So first verify that we really have a value from the server too. */
+
+		if (s->s3->server_opaque_prf_input == NULL)
+			{
+			ret = SSL_TLSEXT_ERR_ALERT_FATAL;
+			al = SSL_AD_HANDSHAKE_FAILURE;
+			}
+		
+		/* Anytime the server *has* sent an opaque PRF input, we need to check
+		 * that we have a client opaque PRF input of the same size. */
+		if (s->s3->client_opaque_prf_input == NULL ||
+		    s->s3->client_opaque_prf_input_len != s->s3->server_opaque_prf_input_len)
+			{
+			ret = SSL_TLSEXT_ERR_ALERT_FATAL;
+			al = SSL_AD_ILLEGAL_PARAMETER;
+			}
+		}
+#endif
+
+	/* If we've requested certificate status and we wont get one
+ 	 * tell the callback
+ 	 */
+	if ((s->tlsext_status_type != -1) && !(s->tlsext_status_expected)
+			&& s->ctx && s->ctx->tlsext_status_cb)
+		{
+		int r;
+		/* Set resp to NULL, resplen to -1 so callback knows
+ 		 * there is no response.
+ 		 */
+		if (s->tlsext_ocsp_resp)
+			{
+			OPENSSL_free(s->tlsext_ocsp_resp);
+			s->tlsext_ocsp_resp = NULL;
+			}
+		s->tlsext_ocsp_resplen = -1;
+		r = s->ctx->tlsext_status_cb(s, s->ctx->tlsext_status_arg);
+		if (r == 0)
+			{
+			al = SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE;
+			ret = SSL_TLSEXT_ERR_ALERT_FATAL;
+			}
+		if (r < 0)
+			{
+			al = SSL_AD_INTERNAL_ERROR;
+			ret = SSL_TLSEXT_ERR_ALERT_FATAL;
+			}
+		}
+
+	switch (ret)
+		{
+		case SSL_TLSEXT_ERR_ALERT_FATAL:
+			ssl3_send_alert(s,SSL3_AL_FATAL,al); 
+			return -1;
+
+		case SSL_TLSEXT_ERR_ALERT_WARNING:
+			ssl3_send_alert(s,SSL3_AL_WARNING,al);
+			return 1; 
+					
+		case SSL_TLSEXT_ERR_NOACK:
+			s->servername_done=0;
+			default:
+		return 1;
+		}
 	}
 
-long tls1_callback_ctrl(SSL *s, int cmd, void *(*fp)())
+/* Since the server cache lookup is done early on in the processing of client
+ * hello and other operations depend on the result we need to handle any TLS
+ * session ticket extension at the same time.
+ */
+
+int tls1_process_ticket(SSL *s, unsigned char *session_id, int len,
+				const unsigned char *limit, SSL_SESSION **ret)
 	{
-	return(0);
+	/* Point after session ID in client hello */
+	const unsigned char *p = session_id + len;
+	unsigned short i;
+
+	/* If tickets disabled behave as if no ticket present
+ 	 * to permit stateful resumption.
+ 	 */
+	if (SSL_get_options(s) & SSL_OP_NO_TICKET)
+		return 1;
+
+	if ((s->version <= SSL3_VERSION) || !limit)
+		return 1;
+	if (p >= limit)
+		return -1;
+	/* Skip past DTLS cookie */
+	if (s->version == DTLS1_VERSION || s->version == DTLS1_BAD_VER)
+		{
+		i = *(p++);
+		p+= i;
+		if (p >= limit)
+			return -1;
+		}
+	/* Skip past cipher list */
+	n2s(p, i);
+	p+= i;
+	if (p >= limit)
+		return -1;
+	/* Skip past compression algorithm list */
+	i = *(p++);
+	p += i;
+	if (p > limit)
+		return -1;
+	/* Now at start of extensions */
+	if ((p + 2) >= limit)
+		return 1;
+	n2s(p, i);
+	while ((p + 4) <= limit)
+		{
+		unsigned short type, size;
+		n2s(p, type);
+		n2s(p, size);
+		if (p + size > limit)
+			return 1;
+		if (type == TLSEXT_TYPE_session_ticket)
+			{
+			/* If tickets disabled indicate cache miss which will
+ 			 * trigger a full handshake
+ 			 */
+			if (SSL_get_options(s) & SSL_OP_NO_TICKET)
+				return 1;
+			/* If zero length note client will accept a ticket
+ 			 * and indicate cache miss to trigger full handshake
+ 			 */
+			if (size == 0)
+				{
+				s->tlsext_ticket_expected = 1;
+				return 0;	/* Cache miss */
+				}
+			if (s->tls_session_secret_cb)
+				{
+				/* Indicate cache miss here and instead of
+				 * generating the session from ticket now,
+				 * trigger abbreviated handshake based on
+				 * external mechanism to calculate the master
+				 * secret later. */
+				return 0;
+				}
+			return tls_decrypt_ticket(s, p, size, session_id, len,
+									ret);
+			}
+		p += size;
+		}
+	return 1;
 	}
+
+static int tls_decrypt_ticket(SSL *s, const unsigned char *etick, int eticklen,
+				const unsigned char *sess_id, int sesslen,
+				SSL_SESSION **psess)
+	{
+	SSL_SESSION *sess;
+	unsigned char *sdec;
+	const unsigned char *p;
+	int slen, mlen, renew_ticket = 0;
+	unsigned char tick_hmac[EVP_MAX_MD_SIZE];
+	HMAC_CTX hctx;
+	EVP_CIPHER_CTX ctx;
+	SSL_CTX *tctx = s->initial_ctx;
+	/* Need at least keyname + iv + some encrypted data */
+	if (eticklen < 48)
+		goto tickerr;
+	/* Initialize session ticket encryption and HMAC contexts */
+	HMAC_CTX_init(&hctx);
+	EVP_CIPHER_CTX_init(&ctx);
+	if (tctx->tlsext_ticket_key_cb)
+		{
+		unsigned char *nctick = (unsigned char *)etick;
+		int rv = tctx->tlsext_ticket_key_cb(s, nctick, nctick + 16,
+							&ctx, &hctx, 0);
+		if (rv < 0)
+			return -1;
+		if (rv == 0)
+			goto tickerr;
+		if (rv == 2)
+			renew_ticket = 1;
+		}
+	else
+		{
+		/* Check key name matches */
+		if (memcmp(etick, tctx->tlsext_tick_key_name, 16))
+			goto tickerr;
+		HMAC_Init_ex(&hctx, tctx->tlsext_tick_hmac_key, 16,
+					tlsext_tick_md(), NULL);
+		EVP_DecryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL,
+				tctx->tlsext_tick_aes_key, etick + 16);
+		}
+	/* Attempt to process session ticket, first conduct sanity and
+ 	 * integrity checks on ticket.
+ 	 */
+	mlen = HMAC_size(&hctx);
+	if (mlen < 0)
+		{
+		EVP_CIPHER_CTX_cleanup(&ctx);
+		return -1;
+		}
+	eticklen -= mlen;
+	/* Check HMAC of encrypted ticket */
+	HMAC_Update(&hctx, etick, eticklen);
+	HMAC_Final(&hctx, tick_hmac, NULL);
+	HMAC_CTX_cleanup(&hctx);
+	if (memcmp(tick_hmac, etick + eticklen, mlen))
+		goto tickerr;
+	/* Attempt to decrypt session data */
+	/* Move p after IV to start of encrypted ticket, update length */
+	p = etick + 16 + EVP_CIPHER_CTX_iv_length(&ctx);
+	eticklen -= 16 + EVP_CIPHER_CTX_iv_length(&ctx);
+	sdec = OPENSSL_malloc(eticklen);
+	if (!sdec)
+		{
+		EVP_CIPHER_CTX_cleanup(&ctx);
+		return -1;
+		}
+	EVP_DecryptUpdate(&ctx, sdec, &slen, p, eticklen);
+	if (EVP_DecryptFinal(&ctx, sdec + slen, &mlen) <= 0)
+		goto tickerr;
+	slen += mlen;
+	EVP_CIPHER_CTX_cleanup(&ctx);
+	p = sdec;
+		
+	sess = d2i_SSL_SESSION(NULL, &p, slen);
+	OPENSSL_free(sdec);
+	if (sess)
+		{
+		/* The session ID if non-empty is used by some clients to
+ 		 * detect that the ticket has been accepted. So we copy it to
+ 		 * the session structure. If it is empty set length to zero
+ 		 * as required by standard.
+ 		 */
+		if (sesslen)
+			memcpy(sess->session_id, sess_id, sesslen);
+		sess->session_id_length = sesslen;
+		*psess = sess;
+		s->tlsext_ticket_expected = renew_ticket;
+		return 1;
+		}
+	/* If session decrypt failure indicate a cache miss and set state to
+ 	 * send a new ticket
+ 	 */
+	tickerr:	
+	s->tlsext_ticket_expected = 1;
+	return 0;
+	}
+
 #endif
diff --git a/ssl/t1_meth.c b/ssl/t1_meth.c
index fcc243f782..3257636425 100644
--- a/ssl/t1_meth.c
+++ b/ssl/t1_meth.c
@@ -60,37 +60,22 @@
 #include <openssl/objects.h>
 #include "ssl_locl.h"
 
-static SSL_METHOD *tls1_get_method(int ver);
-static SSL_METHOD *tls1_get_method(int ver)
+static const SSL_METHOD *tls1_get_method(int ver)
 	{
+	if (ver == TLS1_1_VERSION)
+		return TLSv1_1_method();
 	if (ver == TLS1_VERSION)
-		return(TLSv1_method());
-	else
-		return(NULL);
+		return TLSv1_method();
+	return NULL;
 	}
 
-SSL_METHOD *TLSv1_method(void)
-	{
-	static int init=1;
-	static SSL_METHOD TLSv1_data;
-
-	if (init)
-		{
-		CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
-		
-		if (init)
-			{
-			memcpy((char *)&TLSv1_data,(char *)tlsv1_base_method(),
-				sizeof(SSL_METHOD));
-			TLSv1_data.ssl_connect=ssl3_connect;
-			TLSv1_data.ssl_accept=ssl3_accept;
-			TLSv1_data.get_ssl_method=tls1_get_method;
-			init=0;
-			}
+IMPLEMENT_tls_meth_func(TLS1_1_VERSION, TLSv1_1_method,
+			ssl3_accept,
+			ssl3_connect,
+			tls1_get_method)
 
-		CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
-		}
-	
-	return(&TLSv1_data);
-	}
+IMPLEMENT_tls_meth_func(TLS1_VERSION, TLSv1_method,
+			ssl3_accept,
+			ssl3_connect,
+			tls1_get_method)
 
diff --git a/ssl/t1_reneg.c b/ssl/t1_reneg.c
new file mode 100644
index 0000000000..9c2cc3c712
--- /dev/null
+++ b/ssl/t1_reneg.c
@@ -0,0 +1,292 @@
+/* ssl/t1_reneg.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2009 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+#include <stdio.h>
+#include <openssl/objects.h>
+#include "ssl_locl.h"
+
+/* Add the client's renegotiation binding */
+int ssl_add_clienthello_renegotiate_ext(SSL *s, unsigned char *p, int *len,
+					int maxlen)
+    {
+    if(p)
+        {
+	if((s->s3->previous_client_finished_len+1) > maxlen)
+            {
+            SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_RENEGOTIATE_EXT,SSL_R_RENEGOTIATE_EXT_TOO_LONG);
+            return 0;
+            }
+            
+        /* Length byte */
+	*p = s->s3->previous_client_finished_len;
+        p++;
+
+        memcpy(p, s->s3->previous_client_finished,
+	       s->s3->previous_client_finished_len);
+#ifdef OPENSSL_RI_DEBUG
+    fprintf(stderr, "%s RI extension sent by client\n",
+		s->s3->previous_client_finished_len ? "Non-empty" : "Empty");
+#endif
+        }
+    
+    *len=s->s3->previous_client_finished_len + 1;
+
+ 
+    return 1;
+    }
+
+/* Parse the client's renegotiation binding and abort if it's not
+   right */
+int ssl_parse_clienthello_renegotiate_ext(SSL *s, unsigned char *d, int len,
+					  int *al)
+    {
+    int ilen;
+
+    /* Parse the length byte */
+    if(len < 1)
+        {
+        SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT,SSL_R_RENEGOTIATION_ENCODING_ERR);
+        *al=SSL_AD_ILLEGAL_PARAMETER;
+        return 0;
+        }
+    ilen = *d;
+    d++;
+
+    /* Consistency check */
+    if((ilen+1) != len)
+        {
+        SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT,SSL_R_RENEGOTIATION_ENCODING_ERR);
+        *al=SSL_AD_ILLEGAL_PARAMETER;
+        return 0;
+        }
+
+    /* Check that the extension matches */
+    if(ilen != s->s3->previous_client_finished_len)
+        {
+        SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT,SSL_R_RENEGOTIATION_MISMATCH);
+        *al=SSL_AD_HANDSHAKE_FAILURE;
+        return 0;
+        }
+    
+    if(memcmp(d, s->s3->previous_client_finished,
+	      s->s3->previous_client_finished_len))
+        {
+        SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT,SSL_R_RENEGOTIATION_MISMATCH);
+        *al=SSL_AD_HANDSHAKE_FAILURE;
+        return 0;
+        }
+#ifdef OPENSSL_RI_DEBUG
+    fprintf(stderr, "%s RI extension received by server\n",
+				ilen ? "Non-empty" : "Empty");
+#endif
+
+    s->s3->send_connection_binding=1;
+
+    return 1;
+    }
+
+/* Add the server's renegotiation binding */
+int ssl_add_serverhello_renegotiate_ext(SSL *s, unsigned char *p, int *len,
+					int maxlen)
+    {
+    if(p)
+        {
+        if((s->s3->previous_client_finished_len +
+            s->s3->previous_server_finished_len + 1) > maxlen)
+            {
+            SSLerr(SSL_F_SSL_ADD_SERVERHELLO_RENEGOTIATE_EXT,SSL_R_RENEGOTIATE_EXT_TOO_LONG);
+            return 0;
+            }
+        
+        /* Length byte */
+        *p = s->s3->previous_client_finished_len + s->s3->previous_server_finished_len;
+        p++;
+
+        memcpy(p, s->s3->previous_client_finished,
+	       s->s3->previous_client_finished_len);
+        p += s->s3->previous_client_finished_len;
+
+        memcpy(p, s->s3->previous_server_finished,
+	       s->s3->previous_server_finished_len);
+#ifdef OPENSSL_RI_DEBUG
+    fprintf(stderr, "%s RI extension sent by server\n",
+    		s->s3->previous_client_finished_len ? "Non-empty" : "Empty");
+#endif
+        }
+    
+    *len=s->s3->previous_client_finished_len
+	+ s->s3->previous_server_finished_len + 1;
+    
+    return 1;
+    }
+
+/* Parse the server's renegotiation binding and abort if it's not
+   right */
+int ssl_parse_serverhello_renegotiate_ext(SSL *s, unsigned char *d, int len,
+					  int *al)
+    {
+    int expected_len=s->s3->previous_client_finished_len
+	+ s->s3->previous_server_finished_len;
+    int ilen;
+
+    /* Check for logic errors */
+    OPENSSL_assert(!expected_len || s->s3->previous_client_finished_len);
+    OPENSSL_assert(!expected_len || s->s3->previous_server_finished_len);
+    
+    /* Parse the length byte */
+    if(len < 1)
+        {
+        SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT,SSL_R_RENEGOTIATION_ENCODING_ERR);
+        *al=SSL_AD_ILLEGAL_PARAMETER;
+        return 0;
+        }
+    ilen = *d;
+    d++;
+
+    /* Consistency check */
+    if(ilen+1 != len)
+        {
+        SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT,SSL_R_RENEGOTIATION_ENCODING_ERR);
+        *al=SSL_AD_ILLEGAL_PARAMETER;
+        return 0;
+        }
+    
+    /* Check that the extension matches */
+    if(ilen != expected_len)
+        {
+        SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT,SSL_R_RENEGOTIATION_MISMATCH);
+        *al=SSL_AD_HANDSHAKE_FAILURE;
+        return 0;
+        }
+
+    if(memcmp(d, s->s3->previous_client_finished,
+	      s->s3->previous_client_finished_len))
+        {
+        SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT,SSL_R_RENEGOTIATION_MISMATCH);
+        *al=SSL_AD_HANDSHAKE_FAILURE;
+        return 0;
+        }
+    d += s->s3->previous_client_finished_len;
+
+    if(memcmp(d, s->s3->previous_server_finished,
+	      s->s3->previous_server_finished_len))
+        {
+        SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT,SSL_R_RENEGOTIATION_MISMATCH);
+        *al=SSL_AD_ILLEGAL_PARAMETER;
+        return 0;
+        }
+#ifdef OPENSSL_RI_DEBUG
+    fprintf(stderr, "%s RI extension received by client\n",
+				ilen ? "Non-empty" : "Empty");
+#endif
+    s->s3->send_connection_binding=1;
+
+    return 1;
+    }
diff --git a/ssl/t1_srvr.c b/ssl/t1_srvr.c
index 1c1149e49f..274a3d6738 100644
--- a/ssl/t1_srvr.c
+++ b/ssl/t1_srvr.c
@@ -64,35 +64,23 @@
 #include <openssl/evp.h>
 #include <openssl/x509.h>
 
-static SSL_METHOD *tls1_get_server_method(int ver);
-static SSL_METHOD *tls1_get_server_method(int ver)
+static const SSL_METHOD *tls1_get_server_method(int ver);
+static const SSL_METHOD *tls1_get_server_method(int ver)
 	{
+	if (ver == TLS1_1_VERSION)
+		return TLSv1_1_server_method();
 	if (ver == TLS1_VERSION)
-		return(TLSv1_server_method());
-	else
-		return(NULL);
+		return TLSv1_server_method();
+	return NULL;
 	}
 
-SSL_METHOD *TLSv1_server_method(void)
-	{
-	static int init=1;
-	static SSL_METHOD TLSv1_server_data;
-
-	if (init)
-		{
-		CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
+IMPLEMENT_tls_meth_func(TLS1_1_VERSION, TLSv1_1_server_method,
+			ssl3_accept,
+			ssl_undefined_function,
+			tls1_get_server_method)
 
-		if (init)
-			{
-			memcpy((char *)&TLSv1_server_data,(char *)tlsv1_base_method(),
-				sizeof(SSL_METHOD));
-			TLSv1_server_data.ssl_accept=ssl3_accept;
-			TLSv1_server_data.get_ssl_method=tls1_get_server_method;
-			init=0;
-			}
-			
-		CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
-		}
-	return(&TLSv1_server_data);
-	}
+IMPLEMENT_tls_meth_func(TLS1_VERSION, TLSv1_server_method,
+			ssl3_accept,
+			ssl_undefined_function,
+			tls1_get_server_method)
 
diff --git a/ssl/tls1.h b/ssl/tls1.h
index be15445384..b32b713ca8 100644
--- a/ssl/tls1.h
+++ b/ssl/tls1.h
@@ -56,6 +56,59 @@
  * [including the GNU Public Licence.]
  */
 /* ====================================================================
+ * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* ====================================================================
  * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
  *
  * Portions of the attached software ("Contribution") are developed by 
@@ -68,6 +121,32 @@
  * Vipul Gupta and Sumit Gupta of Sun Microsystems Laboratories.
  *
  */
+/* ====================================================================
+ * Copyright 2005 Nokia. All rights reserved.
+ *
+ * The portions of the attached software ("Contribution") is developed by
+ * Nokia Corporation and is licensed pursuant to the OpenSSL open source
+ * license.
+ *
+ * The Contribution, originally written by Mika Kousa and Pasi Eronen of
+ * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+ * support (see RFC 4279) to OpenSSL.
+ *
+ * No patent licenses or other rights except those expressly stated in
+ * the OpenSSL open source license shall be deemed granted or received
+ * expressly, by implication, estoppel, or otherwise.
+ *
+ * No assurances are provided by Nokia that the Contribution does not
+ * infringe the patent or other intellectual property rights of any third
+ * party or that the license provides you with all the necessary rights
+ * to make use of the Contribution.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+ * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+ * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+ * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+ * OTHERWISE.
+ */
 
 #ifndef HEADER_TLS1_H 
 #define HEADER_TLS1_H 
@@ -78,7 +157,11 @@
 extern "C" {
 #endif
 
-#define TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES	1
+#define TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES	0
+
+#define TLS1_1_VERSION			0x0302
+#define TLS1_1_VERSION_MAJOR		0x03
+#define TLS1_1_VERSION_MINOR		0x02
 
 #define TLS1_VERSION			0x0301
 #define TLS1_VERSION_MAJOR		0x03
@@ -96,13 +179,131 @@ extern "C" {
 #define TLS1_AD_INTERNAL_ERROR		80	/* fatal */
 #define TLS1_AD_USER_CANCELLED		90
 #define TLS1_AD_NO_RENEGOTIATION	100
+/* codes 110-114 are from RFC3546 */
+#define TLS1_AD_UNSUPPORTED_EXTENSION	110
+#define TLS1_AD_CERTIFICATE_UNOBTAINABLE 111
+#define TLS1_AD_UNRECOGNIZED_NAME 	112
+#define TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE 113
+#define TLS1_AD_BAD_CERTIFICATE_HASH_VALUE 114
+#define TLS1_AD_UNKNOWN_PSK_IDENTITY	115	/* fatal */
+
+/* ExtensionType values from RFC3546 / RFC4366 */
+#define TLSEXT_TYPE_server_name			0
+#define TLSEXT_TYPE_max_fragment_length		1
+#define TLSEXT_TYPE_client_certificate_url	2
+#define TLSEXT_TYPE_trusted_ca_keys		3
+#define TLSEXT_TYPE_truncated_hmac		4
+#define TLSEXT_TYPE_status_request		5
+/* ExtensionType values from RFC4492 */
+#define TLSEXT_TYPE_elliptic_curves		10
+#define TLSEXT_TYPE_ec_point_formats		11
+#define TLSEXT_TYPE_session_ticket		35
+/* ExtensionType value from draft-rescorla-tls-opaque-prf-input-00.txt */
+#if 0 /* will have to be provided externally for now ,
+       * i.e. build with -DTLSEXT_TYPE_opaque_prf_input=38183
+       * using whatever extension number you'd like to try */
+# define TLSEXT_TYPE_opaque_prf_input		?? */
+#endif
+
+/* Temporary extension type */
+#define TLSEXT_TYPE_renegotiate                 0xff01
+
+/* NameType value from RFC 3546 */
+#define TLSEXT_NAMETYPE_host_name 0
+/* status request value from RFC 3546 */
+#define TLSEXT_STATUSTYPE_ocsp 1
+
+/* ECPointFormat values from draft-ietf-tls-ecc-12 */
+#define TLSEXT_ECPOINTFORMAT_first			0
+#define TLSEXT_ECPOINTFORMAT_uncompressed		0
+#define TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime	1
+#define TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2	2
+#define TLSEXT_ECPOINTFORMAT_last			2
+
+#ifndef OPENSSL_NO_TLSEXT
+
+#define TLSEXT_MAXLEN_host_name 255
+
+const char *SSL_get_servername(const SSL *s, const int type) ;
+int SSL_get_servername_type(const SSL *s) ;
+
+#define SSL_set_tlsext_host_name(s,name) \
+SSL_ctrl(s,SSL_CTRL_SET_TLSEXT_HOSTNAME,TLSEXT_NAMETYPE_host_name,(char *)name)
+
+#define SSL_set_tlsext_debug_callback(ssl, cb) \
+SSL_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_DEBUG_CB,(void (*)(void))cb)
+
+#define SSL_set_tlsext_debug_arg(ssl, arg) \
+SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_DEBUG_ARG,0, (void *)arg)
+
+#define SSL_set_tlsext_status_type(ssl, type) \
+SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE,type, NULL)
+
+#define SSL_get_tlsext_status_exts(ssl, arg) \
+SSL_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS,0, (void *)arg)
+
+#define SSL_set_tlsext_status_exts(ssl, arg) \
+SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS,0, (void *)arg)
 
-/* Additional TLS ciphersuites from draft-ietf-tls-56-bit-ciphersuites-00.txt
+#define SSL_get_tlsext_status_ids(ssl, arg) \
+SSL_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS,0, (void *)arg)
+
+#define SSL_set_tlsext_status_ids(ssl, arg) \
+SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS,0, (void *)arg)
+
+#define SSL_get_tlsext_status_ocsp_resp(ssl, arg) \
+SSL_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP,0, (void *)arg)
+
+#define SSL_set_tlsext_status_ocsp_resp(ssl, arg, arglen) \
+SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP,arglen, (void *)arg)
+
+#define SSL_CTX_set_tlsext_servername_callback(ctx, cb) \
+SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TLSEXT_SERVERNAME_CB,(void (*)(void))cb)
+
+#define SSL_TLSEXT_ERR_OK 0
+#define SSL_TLSEXT_ERR_ALERT_WARNING 1
+#define SSL_TLSEXT_ERR_ALERT_FATAL 2
+#define SSL_TLSEXT_ERR_NOACK 3
+
+#define SSL_CTX_set_tlsext_servername_arg(ctx, arg) \
+SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG,0, (void *)arg)
+
+#define SSL_CTX_get_tlsext_ticket_keys(ctx, keys, keylen) \
+	SSL_CTX_ctrl((ctx),SSL_CTRL_GET_TLSEXT_TICKET_KEYS,(keylen),(keys))
+#define SSL_CTX_set_tlsext_ticket_keys(ctx, keys, keylen) \
+	SSL_CTX_ctrl((ctx),SSL_CTRL_SET_TLSEXT_TICKET_KEYS,(keylen),(keys))
+
+#define SSL_CTX_set_tlsext_status_cb(ssl, cb) \
+SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB,(void (*)(void))cb)
+
+#define SSL_CTX_set_tlsext_status_arg(ssl, arg) \
+SSL_CTX_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG,0, (void *)arg)
+
+#define SSL_set_tlsext_opaque_prf_input(s, src, len) \
+SSL_ctrl(s,SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT, len, src)
+#define SSL_CTX_set_tlsext_opaque_prf_input_callback(ctx, cb) \
+SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB, (void (*)(void))cb)
+#define SSL_CTX_set_tlsext_opaque_prf_input_callback_arg(ctx, arg) \
+SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB_ARG, 0, arg)
+
+#define SSL_CTX_set_tlsext_ticket_key_cb(ssl, cb) \
+SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
+
+#endif
+
+/* PSK ciphersuites from 4279 */
+#define TLS1_CK_PSK_WITH_RC4_128_SHA                    0x0300008A
+#define TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA               0x0300008B
+#define TLS1_CK_PSK_WITH_AES_128_CBC_SHA                0x0300008C
+#define TLS1_CK_PSK_WITH_AES_256_CBC_SHA                0x0300008D
+
+/* Additional TLS ciphersuites from expired Internet Draft
+ * draft-ietf-tls-56-bit-ciphersuites-01.txt
  * (available if TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES is defined, see
  * s3_lib.c).  We actually treat them like SSL 3.0 ciphers, which we probably
- * shouldn't. */
-#define TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5		0x03000060
-#define TLS1_CK_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5	0x03000061
+ * shouldn't.  Note that the first two are actually not in the IDs. */
+#define TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5		0x03000060 /* not in ID */
+#define TLS1_CK_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5	0x03000061 /* not in ID */
 #define TLS1_CK_RSA_EXPORT1024_WITH_DES_CBC_SHA		0x03000062
 #define TLS1_CK_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA	0x03000063
 #define TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_SHA		0x03000064
@@ -125,51 +326,59 @@ extern "C" {
 #define TLS1_CK_DHE_RSA_WITH_AES_256_SHA		0x03000039
 #define TLS1_CK_ADH_WITH_AES_256_SHA			0x0300003A
 
-/* ECC ciphersuites from draft-ietf-tls-ecc-01.txt (Mar 15, 2001).
- * XXX NOTE: There is a bug in the draft, cipher numbers 4B, and 4C
- * are defined twice so we define ECDH_ECDSA_EXPORT cipher
- * suites to use 5B and 5C instead (this may change with future
- * updates to the IETF draft).
- */
-/* draft-ietf-tls-ecc-03.txt (June 2003) gives a changed list of
- * ciphersuites, but does not define numbers for all of them
- * because of possible conflicts with other Internet Drafts;
- * most numbers are still subject to change. */
-#define TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA                0x03000047
-#define TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA             0x03000048
-#define TLS1_CK_ECDH_ECDSA_WITH_DES_CBC_SHA             0x03000049
-#define TLS1_CK_ECDH_ECDSA_WITH_DES_192_CBC3_SHA        0x0300004A
-#define TLS1_CK_ECDH_ECDSA_WITH_AES_128_CBC_SHA         0x0300004B
-#define TLS1_CK_ECDH_ECDSA_WITH_AES_256_CBC_SHA         0x0300004C
-#define TLS1_CK_ECDH_ECDSA_EXPORT_WITH_RC4_40_SHA       0x0300005B
-#define TLS1_CK_ECDH_ECDSA_EXPORT_WITH_RC4_56_SHA       0x0300005C
-
-#define TLS1_CK_ECDH_RSA_WITH_NULL_SHA                  0x0300004D
-#define TLS1_CK_ECDH_RSA_WITH_RC4_128_SHA               0x0300004E
-#define TLS1_CK_ECDH_RSA_WITH_DES_CBC_SHA               0x0300004F
-#define TLS1_CK_ECDH_RSA_WITH_DES_192_CBC3_SHA          0x03000050
-#define TLS1_CK_ECDH_RSA_WITH_AES_128_CBC_SHA           0x03000051
-#define TLS1_CK_ECDH_RSA_WITH_AES_256_CBC_SHA           0x03000052
-#define TLS1_CK_ECDH_RSA_EXPORT_WITH_RC4_40_SHA         0x03000053
-#define TLS1_CK_ECDH_RSA_EXPORT_WITH_RC4_56_SHA         0x03000054
-
-#define TLS1_CK_ECDH_anon_WITH_NULL_SHA                 0x03000055
-#define TLS1_CK_ECDH_anon_WITH_RC4_128_SHA              0x03000056
-#define TLS1_CK_ECDH_anon_WITH_DES_CBC_SHA              0x03000057
-#define TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA         0x03000058
-#define TLS1_CK_ECDH_anon_EXPORT_WITH_DES_40_CBC_SHA    0x03000059
-#define TLS1_CK_ECDH_anon_EXPORT_WITH_RC4_40_SHA        0x0300005A
-
-/* XXX: ECC ciphersuites offering forward secrecy are not yet specified
- * in the ECC/TLS draft but our code allows them to be implemented
- * very easily. To add such a cipher suite, one needs to add two constant
- * definitions to this file and a new structure in s3_lib.c. We illustrate
- * the process for the made-up ciphers ECDHE-ECDSA-AES128-SHA and
- * ECDHE-RSA-AES128-SHA.
- */
-#define TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA        0x03000077
-#define TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA          0x03000078
+/* Camellia ciphersuites from RFC4132 */
+#define TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA		0x03000041
+#define TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA	0x03000042
+#define TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA	0x03000043
+#define TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA	0x03000044
+#define TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA	0x03000045
+#define TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA		0x03000046
+
+#define TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA		0x03000084
+#define TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA	0x03000085
+#define TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA	0x03000086
+#define TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA	0x03000087
+#define TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA	0x03000088
+#define TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA		0x03000089
+
+/* SEED ciphersuites from RFC4162 */
+#define TLS1_CK_RSA_WITH_SEED_SHA                       0x03000096
+#define TLS1_CK_DH_DSS_WITH_SEED_SHA                    0x03000097
+#define TLS1_CK_DH_RSA_WITH_SEED_SHA                    0x03000098
+#define TLS1_CK_DHE_DSS_WITH_SEED_SHA                   0x03000099
+#define TLS1_CK_DHE_RSA_WITH_SEED_SHA                   0x0300009A
+#define TLS1_CK_ADH_WITH_SEED_SHA                	0x0300009B
 
+/* ECC ciphersuites from draft-ietf-tls-ecc-12.txt with changes soon to be in draft 13 */
+#define TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA                0x0300C001
+#define TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA             0x0300C002
+#define TLS1_CK_ECDH_ECDSA_WITH_DES_192_CBC3_SHA        0x0300C003
+#define TLS1_CK_ECDH_ECDSA_WITH_AES_128_CBC_SHA         0x0300C004
+#define TLS1_CK_ECDH_ECDSA_WITH_AES_256_CBC_SHA         0x0300C005
+
+#define TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA               0x0300C006
+#define TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA            0x0300C007
+#define TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA       0x0300C008
+#define TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA        0x0300C009
+#define TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA        0x0300C00A
+
+#define TLS1_CK_ECDH_RSA_WITH_NULL_SHA                  0x0300C00B
+#define TLS1_CK_ECDH_RSA_WITH_RC4_128_SHA               0x0300C00C
+#define TLS1_CK_ECDH_RSA_WITH_DES_192_CBC3_SHA          0x0300C00D
+#define TLS1_CK_ECDH_RSA_WITH_AES_128_CBC_SHA           0x0300C00E
+#define TLS1_CK_ECDH_RSA_WITH_AES_256_CBC_SHA           0x0300C00F
+
+#define TLS1_CK_ECDHE_RSA_WITH_NULL_SHA                 0x0300C010
+#define TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA              0x0300C011
+#define TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA         0x0300C012
+#define TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA          0x0300C013
+#define TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA          0x0300C014
+
+#define TLS1_CK_ECDH_anon_WITH_NULL_SHA                 0x0300C015
+#define TLS1_CK_ECDH_anon_WITH_RC4_128_SHA              0x0300C016
+#define TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA         0x0300C017
+#define TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA          0x0300C018
+#define TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA          0x0300C019
 
 /* XXX
  * Inconsistency alert:
@@ -204,44 +413,76 @@ extern "C" {
 /* ECC ciphersuites from draft-ietf-tls-ecc-01.txt (Mar 15, 2001) */
 #define TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA               "ECDH-ECDSA-NULL-SHA"
 #define TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA            "ECDH-ECDSA-RC4-SHA"
-#define TLS1_TXT_ECDH_ECDSA_WITH_DES_CBC_SHA            "ECDH-ECDSA-DES-CBC-SHA"
 #define TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA       "ECDH-ECDSA-DES-CBC3-SHA"
 #define TLS1_TXT_ECDH_ECDSA_WITH_AES_128_CBC_SHA        "ECDH-ECDSA-AES128-SHA"
 #define TLS1_TXT_ECDH_ECDSA_WITH_AES_256_CBC_SHA        "ECDH-ECDSA-AES256-SHA"
-#define TLS1_TXT_ECDH_ECDSA_EXPORT_WITH_RC4_40_SHA      "EXP-ECDH-ECDSA-RC4-40-SHA"
-#define TLS1_TXT_ECDH_ECDSA_EXPORT_WITH_RC4_56_SHA      "EXP-ECDH-ECDSA-RC4-56-SHA"
+
+#define TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA              "ECDHE-ECDSA-NULL-SHA"
+#define TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA           "ECDHE-ECDSA-RC4-SHA"
+#define TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA      "ECDHE-ECDSA-DES-CBC3-SHA"
+#define TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA       "ECDHE-ECDSA-AES128-SHA"
+#define TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA       "ECDHE-ECDSA-AES256-SHA"
 
 #define TLS1_TXT_ECDH_RSA_WITH_NULL_SHA                 "ECDH-RSA-NULL-SHA"
 #define TLS1_TXT_ECDH_RSA_WITH_RC4_128_SHA              "ECDH-RSA-RC4-SHA"
-#define TLS1_TXT_ECDH_RSA_WITH_DES_CBC_SHA              "ECDH-RSA-DES-CBC-SHA"
 #define TLS1_TXT_ECDH_RSA_WITH_DES_192_CBC3_SHA         "ECDH-RSA-DES-CBC3-SHA"
 #define TLS1_TXT_ECDH_RSA_WITH_AES_128_CBC_SHA          "ECDH-RSA-AES128-SHA"
 #define TLS1_TXT_ECDH_RSA_WITH_AES_256_CBC_SHA          "ECDH-RSA-AES256-SHA"
-#define TLS1_TXT_ECDH_RSA_EXPORT_WITH_RC4_40_SHA        "EXP-ECDH-RSA-RC4-40-SHA"
-#define TLS1_TXT_ECDH_RSA_EXPORT_WITH_RC4_56_SHA        "EXP-ECDH-RSA-RC4-56-SHA"
+
+#define TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA                "ECDHE-RSA-NULL-SHA"
+#define TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA             "ECDHE-RSA-RC4-SHA"
+#define TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA        "ECDHE-RSA-DES-CBC3-SHA"
+#define TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA         "ECDHE-RSA-AES128-SHA"
+#define TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA         "ECDHE-RSA-AES256-SHA"
 
 #define TLS1_TXT_ECDH_anon_WITH_NULL_SHA                "AECDH-NULL-SHA"
 #define TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA             "AECDH-RC4-SHA"
-#define TLS1_TXT_ECDH_anon_WITH_DES_CBC_SHA             "AECDH-DES-CBC-SHA"
 #define TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA        "AECDH-DES-CBC3-SHA"
-#define TLS1_TXT_ECDH_anon_EXPORT_WITH_DES_40_CBC_SHA   "EXP-AECDH-DES-40-CBC-SHA"
-#define TLS1_TXT_ECDH_anon_EXPORT_WITH_RC4_40_SHA       "EXP-AECDH-RC4-40-SHA"
+#define TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA         "AECDH-AES128-SHA"
+#define TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA         "AECDH-AES256-SHA"
 
-/* XXX: Made-up ECC cipher suites offering forward secrecy. This is for 
- * illustration only. 
- */
-#define TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA       "ECDHE-ECDSA-AES128-SHA"
-#define TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA         "ECDHE-RSA-AES128-SHA"
+/* PSK ciphersuites from RFC 4279 */
+#define TLS1_TXT_PSK_WITH_RC4_128_SHA			"PSK-RC4-SHA"
+#define TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA		"PSK-3DES-EDE-CBC-SHA"
+#define TLS1_TXT_PSK_WITH_AES_128_CBC_SHA		"PSK-AES128-CBC-SHA"
+#define TLS1_TXT_PSK_WITH_AES_256_CBC_SHA		"PSK-AES256-CBC-SHA"
+
+/* Camellia ciphersuites from RFC4132 */
+#define TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA		"CAMELLIA128-SHA"
+#define TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA	"DH-DSS-CAMELLIA128-SHA"
+#define TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA	"DH-RSA-CAMELLIA128-SHA"
+#define TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA	"DHE-DSS-CAMELLIA128-SHA"
+#define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA	"DHE-RSA-CAMELLIA128-SHA"
+#define TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA		"ADH-CAMELLIA128-SHA"
+
+#define TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA		"CAMELLIA256-SHA"
+#define TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA	"DH-DSS-CAMELLIA256-SHA"
+#define TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA	"DH-RSA-CAMELLIA256-SHA"
+#define TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA	"DHE-DSS-CAMELLIA256-SHA"
+#define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA	"DHE-RSA-CAMELLIA256-SHA"
+#define TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA		"ADH-CAMELLIA256-SHA"
+
+/* SEED ciphersuites from RFC4162 */
+#define TLS1_TXT_RSA_WITH_SEED_SHA                      "SEED-SHA"
+#define TLS1_TXT_DH_DSS_WITH_SEED_SHA                   "DH-DSS-SEED-SHA"
+#define TLS1_TXT_DH_RSA_WITH_SEED_SHA                   "DH-RSA-SEED-SHA"
+#define TLS1_TXT_DHE_DSS_WITH_SEED_SHA                  "DHE-DSS-SEED-SHA"
+#define TLS1_TXT_DHE_RSA_WITH_SEED_SHA                  "DHE-RSA-SEED-SHA"
+#define TLS1_TXT_ADH_WITH_SEED_SHA                      "ADH-SEED-SHA"
 
 
 #define TLS_CT_RSA_SIGN			1
 #define TLS_CT_DSS_SIGN			2
 #define TLS_CT_RSA_FIXED_DH		3
 #define TLS_CT_DSS_FIXED_DH		4
-#define TLS_CT_ECDSA_SIGN		5
-#define TLS_CT_RSA_FIXED_ECDH		6
-#define TLS_CT_ECDSA_FIXED_ECDH 	7
-#define TLS_CT_NUMBER			7
+#define TLS_CT_ECDSA_SIGN		64
+#define TLS_CT_RSA_FIXED_ECDH		65
+#define TLS_CT_ECDSA_FIXED_ECDH 	66
+#define TLS_CT_GOST94_SIGN		21
+#define TLS_CT_GOST01_SIGN		22
+/* when correcting this number, correct also SSL3_CT_NUMBER in ssl3.h (see
+ * comment there) */
+#define TLS_CT_NUMBER			9
 
 #define TLS1_FINISH_MAC_LENGTH		12
 
@@ -282,10 +523,14 @@ extern "C" {
 #define TLS_MD_MASTER_SECRET_CONST    "\x6d\x61\x73\x74\x65\x72\x20\x73\x65\x63\x72\x65\x74"  /*master secret*/
 #endif
 
+/* TLS Session Ticket extension struct */
+struct tls_session_ticket_ext_st
+	{
+	unsigned short length;
+	void *data;
+	};
+
 #ifdef  __cplusplus
 }
 #endif
 #endif
-
-
-
diff --git a/test/.cvsignore b/test/.cvsignore
index 8d2d623289..8b5997c6dc 100644
--- a/test/.cvsignore
+++ b/test/.cvsignore
@@ -11,8 +11,24 @@ req2CA.ss
 keyU.ss
 reqU.ss
 certU.ss
+certU.srl
+intP1.ss
+tmp_intP1.ss
+keyP1.ss
+reqP1.ss
+certP1.ss
+certP1.srl
+intP2.ss
+tmp_intP2.ss
+keyP2.ss
+reqP2.ss
+certP2.ss
 Makefile.save
 tmp.bntest
 evptests.txt
 sha256t
 sha512t
+*.flc
+semantic.cache
+newkey.pem
+*.dll
diff --git a/test/CAtsa.cnf b/test/CAtsa.cnf
new file mode 100644
index 0000000000..f5a275bfc2
--- /dev/null
+++ b/test/CAtsa.cnf
@@ -0,0 +1,163 @@
+
+#
+# This config is used by the Time Stamp Authority tests.
+#
+
+RANDFILE		= ./.rnd
+
+# Extra OBJECT IDENTIFIER info:
+oid_section		= new_oids
+
+TSDNSECT		= ts_cert_dn
+INDEX			= 1
+
+[ new_oids ]
+
+# Policies used by the TSA tests.
+tsa_policy1 = 1.2.3.4.1
+tsa_policy2 = 1.2.3.4.5.6
+tsa_policy3 = 1.2.3.4.5.7
+
+#----------------------------------------------------------------------
+[ ca ]
+default_ca	= CA_default		# The default ca section
+
+[ CA_default ]
+
+dir		= ./demoCA
+certs		= $dir/certs		# Where the issued certs are kept
+database	= $dir/index.txt	# database index file.
+new_certs_dir	= $dir/newcerts		# default place for new certs.
+
+certificate	= $dir/cacert.pem 	# The CA certificate
+serial		= $dir/serial 		# The current serial number
+private_key	= $dir/private/cakey.pem# The private key
+RANDFILE	= $dir/private/.rand	# private random number file
+
+default_days	= 365			# how long to certify for
+default_md	= sha1			# which md to use.
+preserve	= no			# keep passed DN ordering
+
+policy		= policy_match
+
+# For the CA policy
+[ policy_match ]
+countryName		= supplied
+stateOrProvinceName	= supplied
+organizationName	= supplied
+organizationalUnitName	= optional
+commonName		= supplied
+emailAddress		= optional
+
+#----------------------------------------------------------------------
+[ req ]
+default_bits		= 1024
+default_md		= sha1
+distinguished_name	= $ENV::TSDNSECT
+encrypt_rsa_key		= no
+prompt 			= no
+# attributes		= req_attributes
+x509_extensions	= v3_ca	# The extentions to add to the self signed cert
+
+string_mask = nombstr
+
+[ ts_ca_dn ]
+countryName			= HU
+stateOrProvinceName		= Budapest
+localityName			= Budapest
+organizationName		= Gov-CA Ltd.
+commonName			= ca1
+
+[ ts_cert_dn ]
+countryName			= HU
+stateOrProvinceName		= Budapest
+localityName			= Buda
+organizationName		= Hun-TSA Ltd.
+commonName			= tsa$ENV::INDEX
+
+[ tsa_cert ]
+
+# TSA server cert is not a CA cert.
+basicConstraints=CA:FALSE
+
+# The following key usage flags are needed for TSA server certificates.
+keyUsage = nonRepudiation, digitalSignature
+extendedKeyUsage = critical,timeStamping
+
+# PKIX recommendations harmless if included in all certificates.
+subjectKeyIdentifier=hash
+authorityKeyIdentifier=keyid,issuer:always
+
+[ non_tsa_cert ]
+
+# This is not a CA cert and not a TSA cert, either (timeStamping usage missing)
+basicConstraints=CA:FALSE
+
+# The following key usage flags are needed for TSA server certificates.
+keyUsage = nonRepudiation, digitalSignature
+# timeStamping is not supported by this certificate
+# extendedKeyUsage = critical,timeStamping
+
+# PKIX recommendations harmless if included in all certificates.
+subjectKeyIdentifier=hash
+authorityKeyIdentifier=keyid,issuer:always
+
+[ v3_req ]
+
+# Extensions to add to a certificate request
+basicConstraints = CA:FALSE
+keyUsage = nonRepudiation, digitalSignature
+
+[ v3_ca ]
+
+# Extensions for a typical CA
+
+subjectKeyIdentifier=hash
+authorityKeyIdentifier=keyid:always,issuer:always
+basicConstraints = critical,CA:true
+keyUsage = cRLSign, keyCertSign
+
+#----------------------------------------------------------------------
+[ tsa ]
+
+default_tsa = tsa_config1	# the default TSA section
+
+[ tsa_config1 ]
+
+# These are used by the TSA reply generation only.
+dir		= .			# TSA root directory
+serial		= $dir/tsa_serial	# The current serial number (mandatory)
+signer_cert	= $dir/tsa_cert1.pem 	# The TSA signing certificate
+					# (optional)
+certs		= $dir/tsaca.pem	# Certificate chain to include in reply
+					# (optional)
+signer_key	= $dir/tsa_key1.pem	# The TSA private key (optional)
+
+default_policy	= tsa_policy1		# Policy if request did not specify it
+					# (optional)
+other_policies	= tsa_policy2, tsa_policy3	# acceptable policies (optional)
+digests		= md5, sha1		# Acceptable message digests (mandatory)
+accuracy	= secs:1, millisecs:500, microsecs:100	# (optional)
+ordering		= yes	# Is ordering defined for timestamps?
+				# (optional, default: no)
+tsa_name		= yes	# Must the TSA name be included in the reply?
+				# (optional, default: no)
+ess_cert_id_chain	= yes	# Must the ESS cert id chain be included?
+				# (optional, default: no)
+
+[ tsa_config2 ]
+
+# This configuration uses a certificate which doesn't have timeStamping usage.
+# These are used by the TSA reply generation only.
+dir		= .			# TSA root directory
+serial		= $dir/tsa_serial	# The current serial number (mandatory)
+signer_cert	= $dir/tsa_cert2.pem 	# The TSA signing certificate
+					# (optional)
+certs		= $dir/demoCA/cacert.pem# Certificate chain to include in reply
+					# (optional)
+signer_key	= $dir/tsa_key2.pem	# The TSA private key (optional)
+
+default_policy	= tsa_policy1		# Policy if request did not specify it
+					# (optional)
+other_policies	= tsa_policy2, tsa_policy3	# acceptable policies (optional)
+digests		= md5, sha1		# Acceptable message digests (mandatory)
diff --git a/test/Makefile.ssl b/test/Makefile.ssl
deleted file mode 100644
index 1e733b3a1a..0000000000
--- a/test/Makefile.ssl
+++ /dev/null
@@ -1,1045 +0,0 @@
-#
-# test/Makefile.ssl
-#
-
-DIR=		test
-TOP=		..
-CC=		cc
-INCLUDES=	-I$(TOP) -I../include $(KRB5_INCLUDES)
-CFLAG=		-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=	/usr/local/ssl
-MAKEFILE=	Makefile.ssl
-NEWMAKE=	make
-MAKE=		$(NEWMAKE) -f $(MAKEFILE)
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-PERL=		perl
-# KRB5 stuff
-KRB5_INCLUDES=
-LIBKRB5=
-
-PEX_LIBS=
-EX_LIBS= #-lnsl -lsocket
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile.ssl maketests.com \
-	tests.com testenc.com tx509.com trsa.com tcrl.com tsid.com treq.com \
-	tpkcs7.com tpkcs7d.com tverify.com testgen.com testss.com testssl.com \
-	testca.com VMSca-response.1 VMSca-response.2
-
-DLIBCRYPTO= ../libcrypto.a
-DLIBSSL= ../libssl.a
-LIBCRYPTO= -L.. -lcrypto
-LIBSSL= -L.. -lssl
-
-BNTEST=		bntest
-ECTEST=		ectest
-ECDSATEST=	ecdsatest
-ECDHTEST=	ecdhtest
-EXPTEST=	exptest
-IDEATEST=	ideatest
-SHATEST=	shatest
-SHA1TEST=	sha1test
-SHA256TEST=	sha256t
-SHA512TEST=	sha512t
-MDC2TEST=	mdc2test
-RMDTEST=	rmdtest
-MD2TEST=	md2test
-MD4TEST=	md4test
-MD5TEST=	md5test
-HMACTEST=	hmactest
-RC2TEST=	rc2test
-RC4TEST=	rc4test
-RC5TEST=	rc5test
-BFTEST=		bftest
-CASTTEST=	casttest
-DESTEST=	destest
-RANDTEST=	randtest
-DHTEST=		dhtest
-DSATEST=	dsatest
-METHTEST=	methtest
-SSLTEST=	ssltest
-RSATEST=	rsa_test
-ENGINETEST=	enginetest
-EVPTEST=	evp_test
-
-TESTS=		alltests
-
-EXE=	$(BNTEST)$(EXE_EXT) $(ECTEST)$(EXE_EXT)  $(ECDSATEST)$(EXE_EXT) $(ECDHTEST)$(EXE_EXT) $(IDEATEST)$(EXE_EXT) \
-	$(MD2TEST)$(EXE_EXT)  $(MD4TEST)$(EXE_EXT) $(MD5TEST)$(EXE_EXT) $(HMACTEST)$(EXE_EXT) \
-	$(RC2TEST)$(EXE_EXT) $(RC4TEST)$(EXE_EXT) $(RC5TEST)$(EXE_EXT) \
-	$(DESTEST)$(EXE_EXT) $(SHATEST)$(EXE_EXT) $(SHA1TEST)$(EXE_EXT) $(SHA256TEST)$(EXE_EXT) $(SHA512TEST)$(EXE_EXT) \
-	$(MDC2TEST)$(EXE_EXT) $(RMDTEST)$(EXE_EXT) \
-	$(RANDTEST)$(EXE_EXT) $(DHTEST)$(EXE_EXT) $(ENGINETEST)$(EXE_EXT) \
-	$(BFTEST)$(EXE_EXT) $(CASTTEST)$(EXE_EXT) $(SSLTEST)$(EXE_EXT) $(EXPTEST)$(EXE_EXT) $(DSATEST)$(EXE_EXT) $(RSATEST)$(EXE_EXT) \
-	$(EVPTEST)$(EXE_EXT)
-
-# $(METHTEST)$(EXE_EXT)
-
-OBJ=	$(BNTEST).o $(ECTEST).o  $(ECDSATEST).o $(ECDHTEST).o $(IDEATEST).o \
-	$(MD2TEST).o $(MD4TEST).o $(MD5TEST).o \
-	$(HMACTEST).o \
-	$(RC2TEST).o $(RC4TEST).o $(RC5TEST).o \
-	$(DESTEST).o $(SHATEST).o $(SHA1TEST).o $(SHA256TEST).o $(SHA512TEST).o \
-	$(MDC2TEST).o $(RMDTEST).o \
-	$(RANDTEST).o $(DHTEST).o $(ENGINETEST).o $(CASTTEST).o \
-	$(BFTEST).o  $(SSLTEST).o  $(DSATEST).o  $(EXPTEST).o $(RSATEST).o \
-	$(EVPTEST).o
-SRC=	$(BNTEST).c $(ECTEST).c  $(ECDSATEST).c $(ECDHTEST).c $(IDEATEST).c \
-	$(MD2TEST).c  $(MD4TEST).c $(MD5TEST).c \
-	$(HMACTEST).c \
-	$(RC2TEST).c $(RC4TEST).c $(RC5TEST).c \
-	$(DESTEST).c $(SHATEST).c $(SHA1TEST).c $(MDC2TEST).c $(RMDTEST).c \
-	$(RANDTEST).c $(DHTEST).c $(ENGINETEST).c $(CASTTEST).c \
-	$(BFTEST).c  $(SSLTEST).c $(DSATEST).c   $(EXPTEST).c $(RSATEST).c \
-	$(EVPTEST).c
-
-EXHEADER= 
-HEADER=	$(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-top:
-	(cd ..; $(MAKE) DIRS=$(DIR) TESTS=$(TESTS) all)
-
-all:	exe
-
-exe:	$(EXE) dummytest$(EXE_EXT)
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@sh $(TOP)/util/point.sh Makefile.ssl Makefile
-
-generate: $(SRC)
-$(SRC):
-	@sh $(TOP)/util/point.sh dummytest.c $@
-
-errors:
-
-install:
-
-tags:
-	ctags $(SRC)
-
-tests:	exe apps $(TESTS)
-
-apps:
-	@(cd ..; $(MAKE) DIRS=apps all)
-
-alltests: \
-	test_des test_idea test_sha test_md4 test_md5 test_hmac \
-	test_md2 test_mdc2 \
-	test_rmd test_rc2 test_rc4 test_rc5 test_bf test_cast test_aes \
-	test_rand test_bn test_ec test_ecdsa test_ecdh \
-	test_enc test_x509 test_rsa test_crl test_sid \
-	test_gen test_req test_pkcs7 test_verify test_dh test_dsa \
-	test_ss test_ca test_engine test_evp test_ssl
-
-test_evp:
-	../util/shlib_wrap.sh ./$(EVPTEST) evptests.txt
-
-test_des:
-	../util/shlib_wrap.sh ./$(DESTEST)
-
-test_idea:
-	../util/shlib_wrap.sh ./$(IDEATEST)
-
-test_sha:
-	../util/shlib_wrap.sh ./$(SHATEST)
-	../util/shlib_wrap.sh ./$(SHA1TEST)
-	../util/shlib_wrap.sh ./$(SHA256TEST)
-	../util/shlib_wrap.sh ./$(SHA512TEST)
-
-test_mdc2:
-	../util/shlib_wrap.sh ./$(MDC2TEST)
-
-test_md5:
-	../util/shlib_wrap.sh ./$(MD5TEST)
-
-test_md4:
-	../util/shlib_wrap.sh ./$(MD4TEST)
-
-test_hmac:
-	../util/shlib_wrap.sh ./$(HMACTEST)
-
-test_md2:
-	../util/shlib_wrap.sh ./$(MD2TEST)
-
-test_rmd:
-	../util/shlib_wrap.sh ./$(RMDTEST)
-
-test_bf:
-	../util/shlib_wrap.sh ./$(BFTEST)
-
-test_cast:
-	../util/shlib_wrap.sh ./$(CASTTEST)
-
-test_rc2:
-	../util/shlib_wrap.sh ./$(RC2TEST)
-
-test_rc4:
-	../util/shlib_wrap.sh ./$(RC4TEST)
-
-test_rc5:
-	../util/shlib_wrap.sh ./$(RC5TEST)
-
-test_rand:
-	../util/shlib_wrap.sh ./$(RANDTEST)
-
-test_enc:
-	@sh ./testenc
-
-test_x509:
-	echo test normal x509v1 certificate
-	sh ./tx509 2>/dev/null
-	echo test first x509v3 certificate
-	sh ./tx509 v3-cert1.pem 2>/dev/null
-	echo test second x509v3 certificate
-	sh ./tx509 v3-cert2.pem 2>/dev/null
-
-test_rsa:
-	@sh ./trsa 2>/dev/null
-	../util/shlib_wrap.sh ./$(RSATEST)
-
-test_crl:
-	@sh ./tcrl 2>/dev/null
-
-test_sid:
-	@sh ./tsid 2>/dev/null
-
-test_req:
-	@sh ./treq 2>/dev/null
-	@sh ./treq testreq2.pem 2>/dev/null
-
-test_pkcs7:
-	@sh ./tpkcs7 2>/dev/null
-	@sh ./tpkcs7d 2>/dev/null
-
-test_bn:
-	@echo starting big number library test, could take a while...
-	@../util/shlib_wrap.sh ./$(BNTEST) >tmp.bntest
-	@echo quit >>tmp.bntest
-	@echo "running bc"
-	@<tmp.bntest sh -c "`sh ./bctest ignore`" | $(PERL) -e '$$i=0; while (<STDIN>) {if (/^test (.*)/) {print STDERR "\nverify $$1";} elsif (!/^0$$/) {die "\nFailed! bc: $$_";} else {print STDERR "."; $$i++;}} print STDERR "\n$$i tests passed\n"'
-	@echo 'test a^b%c implementations'
-	../util/shlib_wrap.sh ./$(EXPTEST)
-
-test_ec:
-	@echo 'test elliptic curves'
-	../util/shlib_wrap.sh ./$(ECTEST)
-
-test_ecdsa:
-	@echo 'test ecdsa'
-	../util/shlib_wrap.sh ./$(ECDSATEST)
-
-test_ecdh:
-	@echo 'test ecdh'
-	../util/shlib_wrap.sh ./$(ECDHTEST)
-
-test_verify:
-	@echo "The following command should have some OK's and some failures"
-	@echo "There are definitly a few expired certificates"
-	../util/shlib_wrap.sh ../apps/openssl verify -CApath ../certs ../certs/*.pem
-
-test_dh:
-	@echo "Generate a set of DH parameters"
-	../util/shlib_wrap.sh ./$(DHTEST)
-
-test_dsa:
-	@echo "Generate a set of DSA parameters"
-	../util/shlib_wrap.sh ./$(DSATEST)
-	../util/shlib_wrap.sh ./$(DSATEST) -app2_1
-
-test_gen:
-	@echo "Generate and verify a certificate request"
-	@sh ./testgen
-
-test_ss keyU.ss certU.ss certCA.ss certP1.ss keyP1.ss certP2.ss keyP2.ss \
-		intP1.ss intP2.ss: testss
-	@echo "Generate and certify a test certificate"
-	@sh ./testss
-	@cat certCA.ss certU.ss > intP1.ss
-	@cat certCA.ss certU.ss certP1.ss > intP2.ss
-
-test_engine: 
-	@echo "Manipulate the ENGINE structures"
-	../util/shlib_wrap.sh ./$(ENGINETEST)
-
-test_ssl: keyU.ss certU.ss certCA.ss certP1.ss keyP1.ss certP2.ss keyP2.ss \
-		intP1.ss intP2.ss
-	@echo "test SSL protocol"
-	@sh ./testssl keyU.ss certU.ss certCA.ss
-	@sh ./testsslproxy keyP1.ss certP1.ss intP1.ss
-	@sh ./testsslproxy keyP2.ss certP2.ss intP2.ss
-
-test_ca:
-	@if ../util/shlib_wrap.sh ../apps/openssl no-rsa; then \
-	  echo "skipping CA.sh test -- requires RSA"; \
-	else \
-	  echo "Generate and certify a test certificate via the 'ca' program"; \
-	  sh ./testca; \
- 	fi
-
-test_aes: #$(AESTEST)
-#	@echo "test Rijndael"
-#	../util/shlib_wrap.sh ./$(AESTEST)
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(SRC)
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f .rnd tmp.bntest tmp.bctest *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff $(EXE) *.ss *.srl log
-
-$(DLIBSSL):
-	(cd ..; $(MAKE) DIRS=ssl all)
-
-$(DLIBCRYPTO):
-	(cd ..; $(MAKE) DIRS=crypto all)
-
-$(RSATEST)$(EXE_EXT): $(RSATEST).o $(DLIBCRYPTO)
-	shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \
-		shlib_target="$(SHLIB_TARGET)"; \
-	fi; \
-	if [ "$${shlib_target}" = "hpux-shared" -o "$${shlib_target}" = "darwin-shared" ] ; then \
-	  LIBRARIES="$(DLIBCRYPTO)"; \
-	else \
-	  LIBRARIES="$(LIBCRYPTO)"; \
-	fi; \
-	$(NEWMAKE) -f $(TOP)/Makefile.shared \
-		APPNAME=$(RSATEST)$(EXE_EXT) CC="$(CC)" CFLAGS="$(CFLAGS)" \
-		LDFLAGS="$(LDFLAGS)" SHARED_LDFLAGS="$(SHARED_LDFLAGS)" \
-		OBJECTS="$(RSATEST).o" \
-		LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
-		LIBRPATH=$(INSTALLTOP)/lib \
-		link_app.$${shlib_target}
-
-$(BNTEST)$(EXE_EXT): $(BNTEST).o $(DLIBCRYPTO)
-	shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \
-		shlib_target="$(SHLIB_TARGET)"; \
-	fi; \
-	if [ "$${shlib_target}" = "hpux-shared" -o "$${shlib_target}" = "darwin-shared" ] ; then \
-	  LIBRARIES="$(DLIBCRYPTO)"; \
-	else \
-	  LIBRARIES="$(LIBCRYPTO)"; \
-	fi; \
-	$(NEWMAKE) -f $(TOP)/Makefile.shared \
-		APPNAME=$(BNTEST)$(EXE_EXT) CC="$(CC)" CFLAGS="$(CFLAGS)" \
-		LDFLAGS="$(LDFLAGS)" SHARED_LDFLAGS="$(SHARED_LDFLAGS)" \
-		OBJECTS="$(BNTEST).o" \
-		LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
-		LIBRPATH=$(INSTALLTOP)/lib \
-		link_app.$${shlib_target}
-
-$(ECTEST)$(EXE_EXT): $(ECTEST).o $(DLIBCRYPTO)
-	shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \
-		shlib_target="$(SHLIB_TARGET)"; \
-	fi; \
-	if [ "$${shlib_target}" = "hpux-shared" -o "$${shlib_target}" = "darwin-shared" ] ; then \
-	  LIBRARIES="$(DLIBCRYPTO)"; \
-	else \
-	  LIBRARIES="$(LIBCRYPTO)"; \
-	fi; \
-	$(NEWMAKE) -f $(TOP)/Makefile.shared \
-		APPNAME=$(ECTEST)$(EXE_EXT) CC="$(CC)" CFLAGS="$(CFLAGS)" \
-		LDFLAGS="$(LDFLAGS)" SHARED_LDFLAGS="$(SHARED_LDFLAGS)" \
-		OBJECTS="$(ECTEST).o" \
-		LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
-		LIBRPATH=$(INSTALLTOP)/lib \
-		link_app.$${shlib_target}
-
-$(EXPTEST)$(EXE_EXT): $(EXPTEST).o $(DLIBCRYPTO)
-	shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \
-		shlib_target="$(SHLIB_TARGET)"; \
-	fi; \
-	if [ "$${shlib_target}" = "hpux-shared" -o "$${shlib_target}" = "darwin-shared" ] ; then \
-	  LIBRARIES="$(DLIBCRYPTO)"; \
-	else \
-	  LIBRARIES="$(LIBCRYPTO)"; \
-	fi; \
-	$(NEWMAKE) -f $(TOP)/Makefile.shared \
-		APPNAME=$(EXPTEST)$(EXE_EXT) CC="$(CC)" CFLAGS="$(CFLAGS)" \
-		LDFLAGS="$(LDFLAGS)" SHARED_LDFLAGS="$(SHARED_LDFLAGS)" \
-		OBJECTS="$(EXPTEST).o" \
-		LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
-		LIBRPATH=$(INSTALLTOP)/lib \
-		link_app.$${shlib_target}
-
-$(IDEATEST)$(EXE_EXT): $(IDEATEST).o $(DLIBCRYPTO)
-	shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \
-		shlib_target="$(SHLIB_TARGET)"; \
-	fi; \
-	if [ "$${shlib_target}" = "hpux-shared" -o "$${shlib_target}" = "darwin-shared" ] ; then \
-	  LIBRARIES="$(DLIBCRYPTO)"; \
-	else \
-	  LIBRARIES="$(LIBCRYPTO)"; \
-	fi; \
-	$(NEWMAKE) -f $(TOP)/Makefile.shared \
-		APPNAME=$(IDEATEST)$(EXE_EXT) CC="$(CC)" CFLAGS="$(CFLAGS)" \
-		LDFLAGS="$(LDFLAGS)" SHARED_LDFLAGS="$(SHARED_LDFLAGS)" \
-		OBJECTS="$(IDEATEST).o" \
-		LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
-		LIBRPATH=$(INSTALLTOP)/lib \
-		link_app.$${shlib_target}
-
-$(MD2TEST)$(EXE_EXT): $(MD2TEST).o $(DLIBCRYPTO)
-	shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \
-		shlib_target="$(SHLIB_TARGET)"; \
-	fi; \
-	if [ "$${shlib_target}" = "hpux-shared" -o "$${shlib_target}" = "darwin-shared" ] ; then \
-	  LIBRARIES="$(DLIBCRYPTO)"; \
-	else \
-	  LIBRARIES="$(LIBCRYPTO)"; \
-	fi; \
-	$(NEWMAKE) -f $(TOP)/Makefile.shared \
-		APPNAME=$(MD2TEST)$(EXE_EXT) CC="$(CC)" CFLAGS="$(CFLAGS)" \
-		LDFLAGS="$(LDFLAGS)" SHARED_LDFLAGS="$(SHARED_LDFLAGS)" \
-		OBJECTS="$(MD2TEST).o" \
-		LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
-		LIBRPATH=$(INSTALLTOP)/lib \
-		link_app.$${shlib_target}
-
-$(SHATEST)$(EXE_EXT): $(SHATEST).o $(DLIBCRYPTO)
-	shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \
-		shlib_target="$(SHLIB_TARGET)"; \
-	fi; \
-	if [ "$${shlib_target}" = "hpux-shared" -o "$${shlib_target}" = "darwin-shared" ] ; then \
-	  LIBRARIES="$(DLIBCRYPTO)"; \
-	else \
-	  LIBRARIES="$(LIBCRYPTO)"; \
-	fi; \
-	$(NEWMAKE) -f $(TOP)/Makefile.shared \
-		APPNAME=$(SHATEST)$(EXE_EXT) CC="$(CC)" CFLAGS="$(CFLAGS)" \
-		LDFLAGS="$(LDFLAGS)" SHARED_LDFLAGS="$(SHARED_LDFLAGS)" \
-		OBJECTS="$(SHATEST).o" \
-		LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
-		LIBRPATH=$(INSTALLTOP)/lib \
-		link_app.$${shlib_target}
-
-$(SHA1TEST)$(EXE_EXT): $(SHA1TEST).o $(DLIBCRYPTO)
-	shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \
-		shlib_target="$(SHLIB_TARGET)"; \
-	fi; \
-	if [ "$${shlib_target}" = "hpux-shared" -o "$${shlib_target}" = "darwin-shared" ] ; then \
-	  LIBRARIES="$(DLIBCRYPTO)"; \
-	else \
-	  LIBRARIES="$(LIBCRYPTO)"; \
-	fi; \
-	$(NEWMAKE) -f $(TOP)/Makefile.shared \
-		APPNAME=$(SHA1TEST)$(EXE_EXT) CC="$(CC)" CFLAGS="$(CFLAGS)" \
-		LDFLAGS="$(LDFLAGS)" SHARED_LDFLAGS="$(SHARED_LDFLAGS)" \
-		OBJECTS="$(SHA1TEST).o" \
-		LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
-		LIBRPATH=$(INSTALLTOP)/lib \
-		link_app.$${shlib_target}
-
-$(SHA256TEST)$(EXE_EXT): $(SHA256TEST).o $(DLIBCRYPTO)
-	shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \
-		shlib_target="$(SHLIB_TARGET)"; \
-	fi; \
-	if [ "$${shlib_target}" = "hpux-shared" -o "$${shlib_target}" = "darwin-shared" ] ; then \
-	  LIBRARIES="$(DLIBCRYPTO)"; \
-	else \
-	  LIBRARIES="$(LIBCRYPTO)"; \
-	fi; \
-	$(NEWMAKE) -f $(TOP)/Makefile.shared \
-		APPNAME=$(SHA256TEST)$(EXE_EXT) CC="$(CC)" CFLAGS="$(CFLAGS)" \
-		LDFLAGS="$(LDFLAGS)" SHARED_LDFLAGS="$(SHARED_LDFLAGS)" \
-		OBJECTS="$(SHA256TEST).o" \
-		LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
-		LIBRPATH=$(INSTALLTOP)/lib \
-		link_app.$${shlib_target}
-
-$(SHA512TEST)$(EXE_EXT): $(SHA512TEST).o $(DLIBCRYPTO)
-	shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \
-		shlib_target="$(SHLIB_TARGET)"; \
-	fi; \
-	if [ "$${shlib_target}" = "hpux-shared" -o "$${shlib_target}" = "darwin-shared" ] ; then \
-	  LIBRARIES="$(DLIBCRYPTO)"; \
-	else \
-	  LIBRARIES="$(LIBCRYPTO)"; \
-	fi; \
-	$(NEWMAKE) -f $(TOP)/Makefile.shared \
-		APPNAME=$(SHA512TEST)$(EXE_EXT) CC="$(CC)" CFLAGS="$(CFLAGS)" \
-		LDFLAGS="$(LDFLAGS)" SHARED_LDFLAGS="$(SHARED_LDFLAGS)" \
-		OBJECTS="$(SHA512TEST).o" \
-		LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
-		LIBRPATH=$(INSTALLTOP)/lib \
-		link_app.$${shlib_target}
-
-$(RMDTEST)$(EXE_EXT): $(RMDTEST).o $(DLIBCRYPTO)
-	shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \
-		shlib_target="$(SHLIB_TARGET)"; \
-	fi; \
-	if [ "$${shlib_target}" = "hpux-shared" -o "$${shlib_target}" = "darwin-shared" ] ; then \
-	  LIBRARIES="$(DLIBCRYPTO)"; \
-	else \
-	  LIBRARIES="$(LIBCRYPTO)"; \
-	fi; \
-	$(NEWMAKE) -f $(TOP)/Makefile.shared \
-		APPNAME=$(RMDTEST)$(EXE_EXT) CC="$(CC)" CFLAGS="$(CFLAGS)" \
-		LDFLAGS="$(LDFLAGS)" SHARED_LDFLAGS="$(SHARED_LDFLAGS)" \
-		OBJECTS="$(RMDTEST).o" \
-		LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
-		LIBRPATH=$(INSTALLTOP)/lib \
-		link_app.$${shlib_target}
-
-$(MDC2TEST)$(EXE_EXT): $(MDC2TEST).o $(DLIBCRYPTO)
-	shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \
-		shlib_target="$(SHLIB_TARGET)"; \
-	fi; \
-	if [ "$${shlib_target}" = "hpux-shared" -o "$${shlib_target}" = "darwin-shared" ] ; then \
-	  LIBRARIES="$(DLIBCRYPTO)"; \
-	else \
-	  LIBRARIES="$(LIBCRYPTO)"; \
-	fi; \
-	$(NEWMAKE) -f $(TOP)/Makefile.shared \
-		APPNAME=$(MDC2TEST)$(EXE_EXT) CC="$(CC)" CFLAGS="$(CFLAGS)" \
-		LDFLAGS="$(LDFLAGS)" SHARED_LDFLAGS="$(SHARED_LDFLAGS)" \
-		OBJECTS="$(MDC2TEST).o" \
-		LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
-		LIBRPATH=$(INSTALLTOP)/lib \
-		link_app.$${shlib_target}
-
-$(MD4TEST)$(EXE_EXT): $(MD4TEST).o $(DLIBCRYPTO)
-	shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \
-		shlib_target="$(SHLIB_TARGET)"; \
-	fi; \
-	if [ "$${shlib_target}" = "hpux-shared" -o "$${shlib_target}" = "darwin-shared" ] ; then \
-	  LIBRARIES="$(DLIBCRYPTO)"; \
-	else \
-	  LIBRARIES="$(LIBCRYPTO)"; \
-	fi; \
-	$(NEWMAKE) -f $(TOP)/Makefile.shared \
-		APPNAME=$(MD4TEST)$(EXE_EXT) CC="$(CC)" CFLAGS="$(CFLAGS)" \
-		LDFLAGS="$(LDFLAGS)" SHARED_LDFLAGS="$(SHARED_LDFLAGS)" \
-		OBJECTS="$(MD4TEST).o" \
-		LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
-		LIBRPATH=$(INSTALLTOP)/lib \
-		link_app.$${shlib_target}
-
-$(MD5TEST)$(EXE_EXT): $(MD5TEST).o $(DLIBCRYPTO)
-	shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \
-		shlib_target="$(SHLIB_TARGET)"; \
-	fi; \
-	if [ "$${shlib_target}" = "hpux-shared" -o "$${shlib_target}" = "darwin-shared" ] ; then \
-	  LIBRARIES="$(DLIBCRYPTO)"; \
-	else \
-	  LIBRARIES="$(LIBCRYPTO)"; \
-	fi; \
-	$(NEWMAKE) -f $(TOP)/Makefile.shared \
-		APPNAME=$(MD5TEST)$(EXE_EXT) CC="$(CC)" CFLAGS="$(CFLAGS)" \
-		LDFLAGS="$(LDFLAGS)" SHARED_LDFLAGS="$(SHARED_LDFLAGS)" \
-		OBJECTS="$(MD5TEST).o" \
-		LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
-		LIBRPATH=$(INSTALLTOP)/lib \
-		link_app.$${shlib_target}
-
-$(HMACTEST)$(EXE_EXT): $(HMACTEST).o $(DLIBCRYPTO)
-	shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \
-		shlib_target="$(SHLIB_TARGET)"; \
-	fi; \
-	if [ "$${shlib_target}" = "hpux-shared" -o "$${shlib_target}" = "darwin-shared" ] ; then \
-	  LIBRARIES="$(DLIBCRYPTO)"; \
-	else \
-	  LIBRARIES="$(LIBCRYPTO)"; \
-	fi; \
-	$(NEWMAKE) -f $(TOP)/Makefile.shared \
-		APPNAME=$(HMACTEST)$(EXE_EXT) CC="$(CC)" CFLAGS="$(CFLAGS)" \
-		LDFLAGS="$(LDFLAGS)" SHARED_LDFLAGS="$(SHARED_LDFLAGS)" \
-		OBJECTS="$(HMACTEST).o" \
-		LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
-		LIBRPATH=$(INSTALLTOP)/lib \
-		link_app.$${shlib_target}
-
-$(RC2TEST)$(EXE_EXT): $(RC2TEST).o $(DLIBCRYPTO)
-	shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \
-		shlib_target="$(SHLIB_TARGET)"; \
-	fi; \
-	if [ "$${shlib_target}" = "hpux-shared" -o "$${shlib_target}" = "darwin-shared" ] ; then \
-	  LIBRARIES="$(DLIBCRYPTO)"; \
-	else \
-	  LIBRARIES="$(LIBCRYPTO)"; \
-	fi; \
-	$(NEWMAKE) -f $(TOP)/Makefile.shared \
-		APPNAME=$(RC2TEST)$(EXE_EXT) CC="$(CC)" CFLAGS="$(CFLAGS)" \
-		LDFLAGS="$(LDFLAGS)" SHARED_LDFLAGS="$(SHARED_LDFLAGS)" \
-		OBJECTS="$(RC2TEST).o" \
-		LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
-		LIBRPATH=$(INSTALLTOP)/lib \
-		link_app.$${shlib_target}
-
-$(BFTEST)$(EXE_EXT): $(BFTEST).o $(DLIBCRYPTO)
-	shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \
-		shlib_target="$(SHLIB_TARGET)"; \
-	fi; \
-	if [ "$${shlib_target}" = "hpux-shared" -o "$${shlib_target}" = "darwin-shared" ] ; then \
-	  LIBRARIES="$(DLIBCRYPTO)"; \
-	else \
-	  LIBRARIES="$(LIBCRYPTO)"; \
-	fi; \
-	$(NEWMAKE) -f $(TOP)/Makefile.shared \
-		APPNAME=$(BFTEST)$(EXE_EXT) CC="$(CC)" CFLAGS="$(CFLAGS)" \
-		LDFLAGS="$(LDFLAGS)" SHARED_LDFLAGS="$(SHARED_LDFLAGS)" \
-		OBJECTS="$(BFTEST).o" \
-		LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
-		LIBRPATH=$(INSTALLTOP)/lib \
-		link_app.$${shlib_target}
-
-$(CASTTEST)$(EXE_EXT): $(CASTTEST).o $(DLIBCRYPTO)
-	shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \
-		shlib_target="$(SHLIB_TARGET)"; \
-	fi; \
-	if [ "$${shlib_target}" = "hpux-shared" -o "$${shlib_target}" = "darwin-shared" ] ; then \
-	  LIBRARIES="$(DLIBCRYPTO)"; \
-	else \
-	  LIBRARIES="$(LIBCRYPTO)"; \
-	fi; \
-	$(NEWMAKE) -f $(TOP)/Makefile.shared \
-		APPNAME=$(CASTTEST)$(EXE_EXT) CC="$(CC)" CFLAGS="$(CFLAGS)" \
-		LDFLAGS="$(LDFLAGS)" SHARED_LDFLAGS="$(SHARED_LDFLAGS)" \
-		OBJECTS="$(CASTTEST).o" \
-		LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
-		LIBRPATH=$(INSTALLTOP)/lib \
-		link_app.$${shlib_target}
-
-$(RC4TEST)$(EXE_EXT): $(RC4TEST).o $(DLIBCRYPTO)
-	shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \
-		shlib_target="$(SHLIB_TARGET)"; \
-	fi; \
-	if [ "$${shlib_target}" = "hpux-shared" -o "$${shlib_target}" = "darwin-shared" ] ; then \
-	  LIBRARIES="$(DLIBCRYPTO)"; \
-	else \
-	  LIBRARIES="$(LIBCRYPTO)"; \
-	fi; \
-	$(NEWMAKE) -f $(TOP)/Makefile.shared \
-		APPNAME=$(RC4TEST)$(EXE_EXT) CC="$(CC)" CFLAGS="$(CFLAGS)" \
-		LDFLAGS="$(LDFLAGS)" SHARED_LDFLAGS="$(SHARED_LDFLAGS)" \
-		OBJECTS="$(RC4TEST).o" \
-		LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
-		LIBRPATH=$(INSTALLTOP)/lib \
-		link_app.$${shlib_target}
-
-$(RC5TEST)$(EXE_EXT): $(RC5TEST).o $(DLIBCRYPTO)
-	shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \
-		shlib_target="$(SHLIB_TARGET)"; \
-	fi; \
-	if [ "$${shlib_target}" = "hpux-shared" -o "$${shlib_target}" = "darwin-shared" ] ; then \
-	  LIBRARIES="$(DLIBCRYPTO)"; \
-	else \
-	  LIBRARIES="$(LIBCRYPTO)"; \
-	fi; \
-	$(NEWMAKE) -f $(TOP)/Makefile.shared \
-		APPNAME=$(RC5TEST)$(EXE_EXT) CC="$(CC)" CFLAGS="$(CFLAGS)" \
-		LDFLAGS="$(LDFLAGS)" SHARED_LDFLAGS="$(SHARED_LDFLAGS)" \
-		OBJECTS="$(RC5TEST).o" \
-		LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
-		LIBRPATH=$(INSTALLTOP)/lib \
-		link_app.$${shlib_target}
-
-$(DESTEST)$(EXE_EXT): $(DESTEST).o $(DLIBCRYPTO)
-	shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \
-		shlib_target="$(SHLIB_TARGET)"; \
-	fi; \
-	if [ "$${shlib_target}" = "hpux-shared" -o "$${shlib_target}" = "darwin-shared" ] ; then \
-	  LIBRARIES="$(DLIBCRYPTO)"; \
-	else \
-	  LIBRARIES="$(LIBCRYPTO)"; \
-	fi; \
-	$(NEWMAKE) -f $(TOP)/Makefile.shared \
-		APPNAME=$(DESTEST)$(EXE_EXT) CC="$(CC)" CFLAGS="$(CFLAGS)" \
-		LDFLAGS="$(LDFLAGS)" SHARED_LDFLAGS="$(SHARED_LDFLAGS)" \
-		OBJECTS="$(DESTEST).o" \
-		LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
-		LIBRPATH=$(INSTALLTOP)/lib \
-		link_app.$${shlib_target}
-
-$(RANDTEST)$(EXE_EXT): $(RANDTEST).o $(DLIBCRYPTO)
-	shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \
-		shlib_target="$(SHLIB_TARGET)"; \
-	fi; \
-	if [ "$${shlib_target}" = "hpux-shared" -o "$${shlib_target}" = "darwin-shared" ] ; then \
-	  LIBRARIES="$(DLIBCRYPTO)"; \
-	else \
-	  LIBRARIES="$(LIBCRYPTO)"; \
-	fi; \
-	$(NEWMAKE) -f $(TOP)/Makefile.shared \
-		APPNAME=$(RANDTEST)$(EXE_EXT) CC="$(CC)" CFLAGS="$(CFLAGS)" \
-		LDFLAGS="$(LDFLAGS)" SHARED_LDFLAGS="$(SHARED_LDFLAGS)" \
-		OBJECTS="$(RANDTEST).o" \
-		LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
-		LIBRPATH=$(INSTALLTOP)/lib \
-		link_app.$${shlib_target}
-
-$(DHTEST)$(EXE_EXT): $(DHTEST).o $(DLIBCRYPTO)
-	shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \
-		shlib_target="$(SHLIB_TARGET)"; \
-	fi; \
-	if [ "$${shlib_target}" = "hpux-shared" -o "$${shlib_target}" = "darwin-shared" ] ; then \
-	  LIBRARIES="$(DLIBCRYPTO)"; \
-	else \
-	  LIBRARIES="$(LIBCRYPTO)"; \
-	fi; \
-	$(NEWMAKE) -f $(TOP)/Makefile.shared \
-		APPNAME=$(DHTEST)$(EXE_EXT) CC="$(CC)" CFLAGS="$(CFLAGS)" \
-		LDFLAGS="$(LDFLAGS)" SHARED_LDFLAGS="$(SHARED_LDFLAGS)" \
-		OBJECTS="$(DHTEST).o" \
-		LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
-		LIBRPATH=$(INSTALLTOP)/lib \
-		link_app.$${shlib_target}
-
-$(DSATEST)$(EXE_EXT): $(DSATEST).o $(DLIBCRYPTO)
-	shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \
-		shlib_target="$(SHLIB_TARGET)"; \
-	fi; \
-	if [ "$${shlib_target}" = "hpux-shared" -o "$${shlib_target}" = "darwin-shared" ] ; then \
-	  LIBRARIES="$(DLIBCRYPTO)"; \
-	else \
-	  LIBRARIES="$(LIBCRYPTO)"; \
-	fi; \
-	$(NEWMAKE) -f $(TOP)/Makefile.shared \
-		APPNAME=$(DSATEST)$(EXE_EXT) CC="$(CC)" CFLAGS="$(CFLAGS)" \
-		LDFLAGS="$(LDFLAGS)" SHARED_LDFLAGS="$(SHARED_LDFLAGS)" \
-		OBJECTS="$(DSATEST).o" \
-		LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
-		LIBRPATH=$(INSTALLTOP)/lib \
-		link_app.$${shlib_target}
-
-$(METHTEST)$(EXE_EXT): $(METHTEST).o $(DLIBCRYPTO)
-	shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \
-		shlib_target="$(SHLIB_TARGET)"; \
-	fi; \
-	if [ "$${shlib_target}" = "hpux-shared" -o "$${shlib_target}" = "darwin-shared" ] ; then \
-	  LIBRARIES="$(DLIBCRYPTO)"; \
-	else \
-	  LIBRARIES="$(LIBCRYPTO)"; \
-	fi; \
-	$(NEWMAKE) -f $(TOP)/Makefile.shared \
-		APPNAME=$(METHTEST)$(EXE_EXT) CC="$(CC)" CFLAGS="$(CFLAGS)" \
-		LDFLAGS="$(LDFLAGS)" SHARED_LDFLAGS="$(SHARED_LDFLAGS)" \
-		OBJECTS="$(METHTEST).o" \
-		LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
-		LIBRPATH=$(INSTALLTOP)/lib \
-		link_app.$${shlib_target}
-
-$(SSLTEST)$(EXE_EXT): $(SSLTEST).o $(DLIBSSL) $(DLIBCRYPTO)
-	shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \
-		shlib_target="$(SHLIB_TARGET)"; \
-	fi; \
-	if [ "$${shlib_target}" = "hpux-shared" -o "$${shlib_target}" = "darwin-shared" ] ; then \
-	  LIBRARIES="$(DLIBSSL) $(LIBKRB5) $(DLIBCRYPTO)"; \
-	else \
-	  LIBRARIES="$(LIBSSL) $(LIBKRB5) $(LIBCRYPTO)"; \
-	fi; \
-	$(NEWMAKE) -f $(TOP)/Makefile.shared \
-		APPNAME=$(SSLTEST)$(EXE_EXT) CC="$(CC)" CFLAGS="$(CFLAGS)" \
-		LDFLAGS="$(LDFLAGS)" SHARED_LDFLAGS="$(SHARED_LDFLAGS)" \
-		OBJECTS="$(SSLTEST).o" \
-		LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
-		LIBRPATH=$(INSTALLTOP)/lib \
-		link_app.$${shlib_target}
-
-$(ENGINETEST)$(EXE_EXT): $(ENGINETEST).o $(DLIBCRYPTO)
-	shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \
-		shlib_target="$(SHLIB_TARGET)"; \
-	fi; \
-	if [ "$${shlib_target}" = "hpux-shared" -o "$${shlib_target}" = "darwin-shared" ] ; then \
-	  LIBRARIES="$(DLIBCRYPTO)"; \
-	else \
-	  LIBRARIES="$(LIBCRYPTO)"; \
-	fi; \
-	$(NEWMAKE) -f $(TOP)/Makefile.shared \
-		APPNAME=$(ENGINETEST)$(EXE_EXT) CC="$(CC)" CFLAGS="$(CFLAGS)" \
-		LDFLAGS="$(LDFLAGS)" SHARED_LDFLAGS="$(SHARED_LDFLAGS)" \
-		OBJECTS="$(ENGINETEST).o" \
-		LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
-		LIBRPATH=$(INSTALLTOP)/lib \
-		link_app.$${shlib_target}
-
-$(EVPTEST)$(EXE_EXT): $(EVPTEST).o $(DLIBCRYPTO)
-	shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \
-		shlib_target="$(SHLIB_TARGET)"; \
-	fi; \
-	if [ "$${shlib_target}" = "hpux-shared" -o "$${shlib_target}" = "darwin-shared" ] ; then \
-	  LIBRARIES="$(DLIBCRYPTO)"; \
-	else \
-	  LIBRARIES="$(LIBCRYPTO)"; \
-	fi; \
-	$(NEWMAKE) -f $(TOP)/Makefile.shared \
-		APPNAME=$(EVPTEST)$(EXE_EXT) CC="$(CC)" CFLAGS="$(CFLAGS)" \
-		LDFLAGS="$(LDFLAGS)" SHARED_LDFLAGS="$(SHARED_LDFLAGS)" \
-		OBJECTS="$(EVPTEST).o" \
-		LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
-		LIBRPATH=$(INSTALLTOP)/lib \
-		link_app.$${shlib_target}
-
-$(ECDSATEST)$(EXE_EXT): $(ECDSATEST).o $(DLIBCRYPTO)
-	shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \
-		shlib_target="$(SHLIB_TARGET)"; \
-	fi; \
-	if [ "$${shlib_target}" = "hpux-shared" -o "$${shlib_target}" = "darwin-shared" ] ; then \
-	  LIBRARIES="$(DLIBCRYPTO)"; \
-	else \
-	  LIBRARIES="$(LIBCRYPTO)"; \
-	fi; \
-	$(NEWMAKE) -f $(TOP)/Makefile.shared \
-		APPNAME=$(ECDSATEST)$(EXE_EXT) CC="$(CC)" CFLAGS="$(CFLAGS)" \
-		LDFLAGS="$(LDFLAGS)" SHARED_LDFLAGS="$(SHARED_LDFLAGS)" \
-		OBJECTS="$(ECDSATEST).o" \
-		LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
-		LIBRPATH=$(INSTALLTOP)/lib \
-		link_app.$${shlib_target}
-
-$(ECDHTEST)$(EXE_EXT): $(ECDHTEST).o $(DLIBCRYPTO)
-	shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \
-		shlib_target="$(SHLIB_TARGET)"; \
-	fi; \
-	if [ "$${shlib_target}" = "hpux-shared" -o "$${shlib_target}" = "darwin-shared" ] ; then \
-	  LIBRARIES="$(DLIBCRYPTO)"; \
-	else \
-	  LIBRARIES="$(LIBCRYPTO)"; \
-	fi; \
-	$(NEWMAKE) -f $(TOP)/Makefile.shared \
-		APPNAME=$(ECDHTEST)$(EXE_EXT) CC="$(CC)" CFLAGS="$(CFLAGS)" \
-		LDFLAGS="$(LDFLAGS)" SHARED_LDFLAGS="$(SHARED_LDFLAGS)" \
-		OBJECTS="$(ECDHTEST).o" \
-		LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
-		LIBRPATH=$(INSTALLTOP)/lib \
-		link_app.$${shlib_target}
-
-#$(AESTEST).o: $(AESTEST).c
-#	$(CC) -c $(CFLAGS) -DINTERMEDIATE_VALUE_KAT -DTRACE_KAT_MCT $(AESTEST).c
-
-#$(AESTEST)$(EXE_EXT): $(AESTEST).o $(DLIBCRYPTO)
-#	if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
-#	  $(CC) -o $(AESTEST)$(EXE_EXT) $(CFLAGS) $(AESTEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
-#	else \
-#	  $(CC) -o $(AESTEST)$(EXE_EXT) $(CFLAGS) $(AESTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
-#	fi
-
-dummytest$(EXE_EXT): dummytest.o $(DLIBCRYPTO)
-	shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \
-		shlib_target="$(SHLIB_TARGET)"; \
-	fi; \
-	if [ "$${shlib_target}" = "hpux-shared" -o "$${shlib_target}" = "darwin-shared" ] ; then \
-	  LIBRARIES="$(DLIBCRYPTO)"; \
-	else \
-	  LIBRARIES="$(LIBCRYPTO)"; \
-	fi; \
-	$(NEWMAKE) -f $(TOP)/Makefile.shared \
-		APPNAME=dummytest$(EXE_EXT) CC="$(CC)" CFLAGS="$(CFLAGS)" \
-		LDFLAGS="$(LDFLAGS)" SHARED_LDFLAGS="$(SHARED_LDFLAGS)" \
-		OBJECTS="dummytest.o" \
-		LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
-		LIBRPATH=$(INSTALLTOP)/lib \
-		link_app.$${shlib_target}
-	@case "../*.dll" in *\**) ;; *) cp -p ../*.dll .;; esac
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-bftest.o: ../e_os.h ../include/openssl/blowfish.h ../include/openssl/e_os2.h
-bftest.o: ../include/openssl/opensslconf.h bftest.c
-bntest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-bntest.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-bntest.o: ../include/openssl/crypto.h ../include/openssl/dh.h
-bntest.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-bntest.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-bntest.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
-bntest.o: ../include/openssl/evp.h ../include/openssl/lhash.h
-bntest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-bntest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-bntest.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
-bntest.o: ../include/openssl/rand.h ../include/openssl/rsa.h
-bntest.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-bntest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-bntest.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h bntest.c
-casttest.o: ../e_os.h ../include/openssl/cast.h ../include/openssl/e_os2.h
-casttest.o: ../include/openssl/opensslconf.h casttest.c
-destest.o: ../include/openssl/des.h ../include/openssl/des_old.h
-destest.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h
-destest.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
-destest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-destest.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h destest.c
-dhtest.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/bn.h
-dhtest.o: ../include/openssl/crypto.h ../include/openssl/dh.h
-dhtest.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-dhtest.o: ../include/openssl/lhash.h ../include/openssl/opensslconf.h
-dhtest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-dhtest.o: ../include/openssl/rand.h ../include/openssl/safestack.h
-dhtest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h dhtest.c
-dsatest.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/bn.h
-dsatest.o: ../include/openssl/crypto.h ../include/openssl/dh.h
-dsatest.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-dsatest.o: ../include/openssl/err.h ../include/openssl/lhash.h
-dsatest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-dsatest.o: ../include/openssl/ossl_typ.h ../include/openssl/rand.h
-dsatest.o: ../include/openssl/safestack.h ../include/openssl/stack.h
-dsatest.o: ../include/openssl/symhacks.h dsatest.c
-ecdhtest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-ecdhtest.o: ../include/openssl/bn.h ../include/openssl/crypto.h
-ecdhtest.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-ecdhtest.o: ../include/openssl/ecdh.h ../include/openssl/err.h
-ecdhtest.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-ecdhtest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-ecdhtest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-ecdhtest.o: ../include/openssl/rand.h ../include/openssl/safestack.h
-ecdhtest.o: ../include/openssl/sha.h ../include/openssl/stack.h
-ecdhtest.o: ../include/openssl/symhacks.h ecdhtest.c
-ecdsatest.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-ecdsatest.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-ecdsatest.o: ../include/openssl/crypto.h ../include/openssl/dh.h
-ecdsatest.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-ecdsatest.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-ecdsatest.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-ecdsatest.o: ../include/openssl/err.h ../include/openssl/evp.h
-ecdsatest.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-ecdsatest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-ecdsatest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-ecdsatest.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-ecdsatest.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-ecdsatest.o: ../include/openssl/sha.h ../include/openssl/stack.h
-ecdsatest.o: ../include/openssl/store.h ../include/openssl/symhacks.h
-ecdsatest.o: ../include/openssl/ui.h ../include/openssl/x509.h
-ecdsatest.o: ../include/openssl/x509_vfy.h ecdsatest.c
-ectest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-ectest.o: ../include/openssl/bn.h ../include/openssl/crypto.h
-ectest.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-ectest.o: ../include/openssl/engine.h ../include/openssl/err.h
-ectest.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-ectest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-ectest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-ectest.o: ../include/openssl/rand.h ../include/openssl/safestack.h
-ectest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h ectest.c
-enginetest.o: ../include/openssl/bio.h ../include/openssl/buffer.h
-enginetest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-enginetest.o: ../include/openssl/engine.h ../include/openssl/err.h
-enginetest.o: ../include/openssl/lhash.h ../include/openssl/opensslconf.h
-enginetest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-enginetest.o: ../include/openssl/safestack.h ../include/openssl/stack.h
-enginetest.o: ../include/openssl/symhacks.h enginetest.c
-evp_test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-evp_test.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-evp_test.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
-evp_test.o: ../include/openssl/err.h ../include/openssl/evp.h
-evp_test.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-evp_test.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-evp_test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-evp_test.o: ../include/openssl/safestack.h ../include/openssl/stack.h
-evp_test.o: ../include/openssl/symhacks.h evp_test.c
-exptest.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/bn.h
-exptest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-exptest.o: ../include/openssl/err.h ../include/openssl/lhash.h
-exptest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-exptest.o: ../include/openssl/ossl_typ.h ../include/openssl/rand.h
-exptest.o: ../include/openssl/safestack.h ../include/openssl/stack.h
-exptest.o: ../include/openssl/symhacks.h exptest.c
-hmactest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-hmactest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-hmactest.o: ../include/openssl/evp.h ../include/openssl/hmac.h
-hmactest.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h
-hmactest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-hmactest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-hmactest.o: ../include/openssl/safestack.h ../include/openssl/stack.h
-hmactest.o: ../include/openssl/symhacks.h hmactest.c
-ideatest.o: ../e_os.h ../include/openssl/e_os2.h ../include/openssl/idea.h
-ideatest.o: ../include/openssl/opensslconf.h ideatest.c
-md2test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-md2test.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-md2test.o: ../include/openssl/evp.h ../include/openssl/md2.h
-md2test.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-md2test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-md2test.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
-md2test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h md2test.c
-md4test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-md4test.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-md4test.o: ../include/openssl/evp.h ../include/openssl/md4.h
-md4test.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-md4test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-md4test.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
-md4test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h md4test.c
-md5test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-md5test.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-md5test.o: ../include/openssl/evp.h ../include/openssl/md5.h
-md5test.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-md5test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-md5test.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
-md5test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h md5test.c
-mdc2test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-mdc2test.o: ../include/openssl/crypto.h ../include/openssl/des.h
-mdc2test.o: ../include/openssl/des_old.h ../include/openssl/e_os2.h
-mdc2test.o: ../include/openssl/evp.h ../include/openssl/mdc2.h
-mdc2test.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-mdc2test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-mdc2test.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
-mdc2test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-mdc2test.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h mdc2test.c
-randtest.o: ../e_os.h ../include/openssl/e_os2.h
-randtest.o: ../include/openssl/opensslconf.h ../include/openssl/ossl_typ.h
-randtest.o: ../include/openssl/rand.h randtest.c
-rc2test.o: ../e_os.h ../include/openssl/e_os2.h
-rc2test.o: ../include/openssl/opensslconf.h ../include/openssl/rc2.h rc2test.c
-rc4test.o: ../e_os.h ../include/openssl/e_os2.h
-rc4test.o: ../include/openssl/opensslconf.h ../include/openssl/rc4.h
-rc4test.o: ../include/openssl/sha.h rc4test.c
-rc5test.o: ../e_os.h ../include/openssl/e_os2.h
-rc5test.o: ../include/openssl/opensslconf.h ../include/openssl/rc5.h rc5test.c
-rmdtest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-rmdtest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-rmdtest.o: ../include/openssl/evp.h ../include/openssl/obj_mac.h
-rmdtest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-rmdtest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-rmdtest.o: ../include/openssl/ripemd.h ../include/openssl/safestack.h
-rmdtest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h rmdtest.c
-rsa_test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-rsa_test.o: ../include/openssl/bn.h ../include/openssl/crypto.h
-rsa_test.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-rsa_test.o: ../include/openssl/lhash.h ../include/openssl/opensslconf.h
-rsa_test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-rsa_test.o: ../include/openssl/rand.h ../include/openssl/rsa.h
-rsa_test.o: ../include/openssl/safestack.h ../include/openssl/stack.h
-rsa_test.o: ../include/openssl/symhacks.h rsa_test.c
-sha1test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-sha1test.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-sha1test.o: ../include/openssl/evp.h ../include/openssl/obj_mac.h
-sha1test.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-sha1test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-sha1test.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-sha1test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h sha1test.c
-shatest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-shatest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-shatest.o: ../include/openssl/evp.h ../include/openssl/obj_mac.h
-shatest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-shatest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-shatest.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-shatest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h shatest.c
-ssltest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
-ssltest.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-ssltest.o: ../include/openssl/comp.h ../include/openssl/conf.h
-ssltest.o: ../include/openssl/crypto.h ../include/openssl/dh.h
-ssltest.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
-ssltest.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-ssltest.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-ssltest.o: ../include/openssl/err.h ../include/openssl/evp.h
-ssltest.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
-ssltest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-ssltest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-ssltest.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-ssltest.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-ssltest.o: ../include/openssl/rand.h ../include/openssl/rsa.h
-ssltest.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-ssltest.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-ssltest.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-ssltest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-ssltest.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-ssltest.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h ssltest.c
diff --git a/test/cms-examples.pl b/test/cms-examples.pl
new file mode 100644
index 0000000000..2e95b48ba4
--- /dev/null
+++ b/test/cms-examples.pl
@@ -0,0 +1,409 @@
+# test/cms-examples.pl
+# Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+# project.
+#
+# ====================================================================
+# Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+#
+# 1. Redistributions of source code must retain the above copyright
+#    notice, this list of conditions and the following disclaimer.
+#
+# 2. Redistributions in binary form must reproduce the above copyright
+#    notice, this list of conditions and the following disclaimer in
+#    the documentation and/or other materials provided with the
+#    distribution.
+#
+# 3. All advertising materials mentioning features or use of this
+#    software must display the following acknowledgment:
+#    "This product includes software developed by the OpenSSL Project
+#    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+#
+# 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+#    endorse or promote products derived from this software without
+#    prior written permission. For written permission, please contact
+#    licensing@OpenSSL.org.
+#
+# 5. Products derived from this software may not be called "OpenSSL"
+#    nor may "OpenSSL" appear in their names without prior written
+#    permission of the OpenSSL Project.
+#
+# 6. Redistributions of any form whatsoever must retain the following
+#    acknowledgment:
+#    "This product includes software developed by the OpenSSL Project
+#    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+#
+# THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+# EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+# PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+# ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+# OF THE POSSIBILITY OF SUCH DAMAGE.
+# ====================================================================
+
+# Perl script to run tests against S/MIME examples in RFC4134
+# Assumes RFC is in current directory and called "rfc4134.txt"
+
+use MIME::Base64;
+
+my $badttest = 0;
+my $verbose  = 1;
+
+my $cmscmd;
+my $exdir  = "./";
+my $exfile = "./rfc4134.txt";
+
+if (-f "../apps/openssl")
+	{
+	$cmscmd = "../util/shlib_wrap.sh ../apps/openssl cms";
+	}
+elsif (-f "..\\out32dll\\openssl.exe")
+	{
+	$cmscmd = "..\\out32dll\\openssl.exe cms";
+	}
+elsif (-f "..\\out32\\openssl.exe")
+	{
+	$cmscmd = "..\\out32\\openssl.exe cms";
+	}
+
+my @test_list = (
+    [ "3.1.bin"  => "dataout" ],
+    [ "3.2.bin"  => "encode, dataout" ],
+    [ "4.1.bin"  => "encode, verifyder, cont, dss" ],
+    [ "4.2.bin"  => "encode, verifyder, cont, rsa" ],
+    [ "4.3.bin"  => "encode, verifyder, cont_extern, dss" ],
+    [ "4.4.bin"  => "encode, verifyder, cont, dss" ],
+    [ "4.5.bin"  => "verifyder, cont, rsa" ],
+    [ "4.6.bin"  => "encode, verifyder, cont, dss" ],
+    [ "4.7.bin"  => "encode, verifyder, cont, dss" ],
+    [ "4.8.eml"  => "verifymime, dss" ],
+    [ "4.9.eml"  => "verifymime, dss" ],
+    [ "4.10.bin" => "encode, verifyder, cont, dss" ],
+    [ "4.11.bin" => "encode, certsout" ],
+    [ "5.1.bin"  => "encode, envelopeder, cont" ],
+    [ "5.2.bin"  => "encode, envelopeder, cont" ],
+    [ "5.3.eml"  => "envelopemime, cont" ],
+    [ "6.0.bin"  => "encode, digest, cont" ],
+    [ "7.1.bin"  => "encode, encrypted, cont" ],
+    [ "7.2.bin"  => "encode, encrypted, cont" ]
+);
+
+# Extract examples from RFC4134 text.
+# Base64 decode all examples, certificates and
+# private keys are converted to PEM format.
+
+my ( $filename, $data );
+
+my @cleanup = ( "cms.out", "cms.err", "tmp.der", "tmp.txt" );
+
+$data = "";
+
+open( IN, $exfile ) || die "Can't Open RFC examples file $exfile";
+
+while (<IN>) {
+    next unless (/^\|/);
+    s/^\|//;
+    next if (/^\*/);
+    if (/^>(.*)$/) {
+        $filename = $1;
+        next;
+    }
+    if (/^</) {
+        $filename = "$exdir/$filename";
+        if ( $filename =~ /\.bin$/ || $filename =~ /\.eml$/ ) {
+            $data = decode_base64($data);
+            open OUT, ">$filename";
+            binmode OUT;
+            print OUT $data;
+            close OUT;
+            push @cleanup, $filename;
+        }
+        elsif ( $filename =~ /\.cer$/ ) {
+            write_pem( $filename, "CERTIFICATE", $data );
+        }
+        elsif ( $filename =~ /\.pri$/ ) {
+            write_pem( $filename, "PRIVATE KEY", $data );
+        }
+        $data     = "";
+        $filename = "";
+    }
+    else {
+        $data .= $_;
+    }
+
+}
+
+my $secretkey =
+  "73:7c:79:1f:25:ea:d0:e0:46:29:25:43:52:f7:dc:62:91:e5:cb:26:91:7a:da:32";
+
+foreach (@test_list) {
+    my ( $file, $tlist ) = @$_;
+    print "Example file $file:\n";
+    if ( $tlist =~ /encode/ ) {
+        run_reencode_test( $exdir, $file );
+    }
+    if ( $tlist =~ /certsout/ ) {
+        run_certsout_test( $exdir, $file );
+    }
+    if ( $tlist =~ /dataout/ ) {
+        run_dataout_test( $exdir, $file );
+    }
+    if ( $tlist =~ /verify/ ) {
+        run_verify_test( $exdir, $tlist, $file );
+    }
+    if ( $tlist =~ /digest/ ) {
+        run_digest_test( $exdir, $tlist, $file );
+    }
+    if ( $tlist =~ /encrypted/ ) {
+        run_encrypted_test( $exdir, $tlist, $file, $secretkey );
+    }
+    if ( $tlist =~ /envelope/ ) {
+        run_envelope_test( $exdir, $tlist, $file );
+    }
+
+}
+
+foreach (@cleanup) {
+    unlink $_;
+}
+
+if ($badtest) {
+    print "\n$badtest TESTS FAILED!!\n";
+}
+else {
+    print "\n***All tests successful***\n";
+}
+
+sub write_pem {
+    my ( $filename, $str, $data ) = @_;
+
+    $filename =~ s/\.[^.]*$/.pem/;
+
+    push @cleanup, $filename;
+
+    open OUT, ">$filename";
+
+    print OUT "-----BEGIN $str-----\n";
+    print OUT $data;
+    print OUT "-----END $str-----\n";
+
+    close OUT;
+}
+
+sub run_reencode_test {
+    my ( $cmsdir, $tfile ) = @_;
+    unlink "tmp.der";
+
+    system( "$cmscmd -cmsout -inform DER -outform DER"
+          . " -in $cmsdir/$tfile -out tmp.der" );
+
+    if ($?) {
+        print "\tReencode command FAILED!!\n";
+        $badtest++;
+    }
+    elsif ( !cmp_files( "$cmsdir/$tfile", "tmp.der" ) ) {
+        print "\tReencode FAILED!!\n";
+        $badtest++;
+    }
+    else {
+        print "\tReencode passed\n" if $verbose;
+    }
+}
+
+sub run_certsout_test {
+    my ( $cmsdir, $tfile ) = @_;
+    unlink "tmp.der";
+    unlink "tmp.pem";
+
+    system( "$cmscmd -cmsout -inform DER -certsout tmp.pem"
+          . " -in $cmsdir/$tfile -out tmp.der" );
+
+    if ($?) {
+        print "\tCertificate output command FAILED!!\n";
+        $badtest++;
+    }
+    else {
+        print "\tCertificate output passed\n" if $verbose;
+    }
+}
+
+sub run_dataout_test {
+    my ( $cmsdir, $tfile ) = @_;
+    unlink "tmp.txt";
+
+    system(
+        "$cmscmd -data_out -inform DER" . " -in $cmsdir/$tfile -out tmp.txt" );
+
+    if ($?) {
+        print "\tDataout command FAILED!!\n";
+        $badtest++;
+    }
+    elsif ( !cmp_files( "$cmsdir/ExContent.bin", "tmp.txt" ) ) {
+        print "\tDataout compare FAILED!!\n";
+        $badtest++;
+    }
+    else {
+        print "\tDataout passed\n" if $verbose;
+    }
+}
+
+sub run_verify_test {
+    my ( $cmsdir, $tlist, $tfile ) = @_;
+    unlink "tmp.txt";
+
+    $form   = "DER"                     if $tlist =~ /verifyder/;
+    $form   = "SMIME"                   if $tlist =~ /verifymime/;
+    $cafile = "$cmsdir/CarlDSSSelf.pem" if $tlist =~ /dss/;
+    $cafile = "$cmsdir/CarlRSASelf.pem" if $tlist =~ /rsa/;
+
+    $cmd =
+        "$cmscmd -verify -inform $form"
+      . " -CAfile $cafile"
+      . " -in $cmsdir/$tfile -out tmp.txt";
+
+    $cmd .= " -content $cmsdir/ExContent.bin" if $tlist =~ /cont_extern/;
+
+    system("$cmd 2>cms.err 1>cms.out");
+
+    if ($?) {
+        print "\tVerify command FAILED!!\n";
+        $badtest++;
+    }
+    elsif ( $tlist =~ /cont/
+        && !cmp_files( "$cmsdir/ExContent.bin", "tmp.txt" ) )
+    {
+        print "\tVerify content compare FAILED!!\n";
+        $badtest++;
+    }
+    else {
+        print "\tVerify passed\n" if $verbose;
+    }
+}
+
+sub run_envelope_test {
+    my ( $cmsdir, $tlist, $tfile ) = @_;
+    unlink "tmp.txt";
+
+    $form = "DER"   if $tlist =~ /envelopeder/;
+    $form = "SMIME" if $tlist =~ /envelopemime/;
+
+    $cmd =
+        "$cmscmd -decrypt -inform $form"
+      . " -recip $cmsdir/BobRSASignByCarl.pem"
+      . " -inkey $cmsdir/BobPrivRSAEncrypt.pem"
+      . " -in $cmsdir/$tfile -out tmp.txt";
+
+    system("$cmd 2>cms.err 1>cms.out");
+
+    if ($?) {
+        print "\tDecrypt command FAILED!!\n";
+        $badtest++;
+    }
+    elsif ( $tlist =~ /cont/
+        && !cmp_files( "$cmsdir/ExContent.bin", "tmp.txt" ) )
+    {
+        print "\tDecrypt content compare FAILED!!\n";
+        $badtest++;
+    }
+    else {
+        print "\tDecrypt passed\n" if $verbose;
+    }
+}
+
+sub run_digest_test {
+    my ( $cmsdir, $tlist, $tfile ) = @_;
+    unlink "tmp.txt";
+
+    my $cmd =
+      "$cmscmd -digest_verify -inform DER" . " -in $cmsdir/$tfile -out tmp.txt";
+
+    system("$cmd 2>cms.err 1>cms.out");
+
+    if ($?) {
+        print "\tDigest verify command FAILED!!\n";
+        $badtest++;
+    }
+    elsif ( $tlist =~ /cont/
+        && !cmp_files( "$cmsdir/ExContent.bin", "tmp.txt" ) )
+    {
+        print "\tDigest verify content compare FAILED!!\n";
+        $badtest++;
+    }
+    else {
+        print "\tDigest verify passed\n" if $verbose;
+    }
+}
+
+sub run_encrypted_test {
+    my ( $cmsdir, $tlist, $tfile, $key ) = @_;
+    unlink "tmp.txt";
+
+    system( "$cmscmd -EncryptedData_decrypt -inform DER"
+          . " -secretkey $key"
+          . " -in $cmsdir/$tfile -out tmp.txt" );
+
+    if ($?) {
+        print "\tEncrypted Data command FAILED!!\n";
+        $badtest++;
+    }
+    elsif ( $tlist =~ /cont/
+        && !cmp_files( "$cmsdir/ExContent.bin", "tmp.txt" ) )
+    {
+        print "\tEncrypted Data content compare FAILED!!\n";
+        $badtest++;
+    }
+    else {
+        print "\tEncryptedData verify passed\n" if $verbose;
+    }
+}
+
+sub cmp_files {
+    my ( $f1, $f2 ) = @_;
+    my ( $fp1, $fp2 );
+
+    my ( $rd1, $rd2 );
+
+    if ( !open( $fp1, "<$f1" ) ) {
+        print STDERR "Can't Open file $f1\n";
+        return 0;
+    }
+
+    if ( !open( $fp2, "<$f2" ) ) {
+        print STDERR "Can't Open file $f2\n";
+        return 0;
+    }
+
+    binmode $fp1;
+    binmode $fp2;
+
+    my $ret = 0;
+
+    for ( ; ; ) {
+        $n1 = sysread $fp1, $rd1, 4096;
+        $n2 = sysread $fp2, $rd2, 4096;
+        last if ( $n1 != $n2 );
+        last if ( $rd1 ne $rd2 );
+
+        if ( $n1 == 0 ) {
+            $ret = 1;
+            last;
+        }
+
+    }
+
+    close $fp1;
+    close $fp2;
+
+    return $ret;
+
+}
+
diff --git a/test/cms-test.pl b/test/cms-test.pl
new file mode 100644
index 0000000000..6ad7883464
--- /dev/null
+++ b/test/cms-test.pl
@@ -0,0 +1,449 @@
+# test/cms-test.pl
+# Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+# project.
+#
+# ====================================================================
+# Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+#
+# 1. Redistributions of source code must retain the above copyright
+#    notice, this list of conditions and the following disclaimer.
+#
+# 2. Redistributions in binary form must reproduce the above copyright
+#    notice, this list of conditions and the following disclaimer in
+#    the documentation and/or other materials provided with the
+#    distribution.
+#
+# 3. All advertising materials mentioning features or use of this
+#    software must display the following acknowledgment:
+#    "This product includes software developed by the OpenSSL Project
+#    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+#
+# 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+#    endorse or promote products derived from this software without
+#    prior written permission. For written permission, please contact
+#    licensing@OpenSSL.org.
+#
+# 5. Products derived from this software may not be called "OpenSSL"
+#    nor may "OpenSSL" appear in their names without prior written
+#    permission of the OpenSSL Project.
+#
+# 6. Redistributions of any form whatsoever must retain the following
+#    acknowledgment:
+#    "This product includes software developed by the OpenSSL Project
+#    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+#
+# THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+# EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+# PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+# ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+# OF THE POSSIBILITY OF SUCH DAMAGE.
+# ====================================================================
+
+# CMS, PKCS7 consistency test script. Run extensive tests on
+# OpenSSL PKCS#7 and CMS implementations.
+
+my $ossl_path;
+
+if ( -f "../apps/openssl$ENV{EXE_EXT}" ) {
+    $ossl_path = "../util/shlib_wrap.sh ../apps/openssl";
+}
+elsif ( -f "..\\out32dll\\openssl.exe" ) {
+    $ossl_path = "..\\out32dll\\openssl.exe";
+}
+elsif ( -f "..\\out32\\openssl.exe" ) {
+    $ossl_path = "..\\out32\\openssl.exe";
+}
+else {
+    die "Can't find OpenSSL executable";
+}
+
+my $pk7cmd   = "$ossl_path smime ";
+my $cmscmd   = "$ossl_path cms ";
+my $smdir    = "smime-certs";
+my $halt_err = 1;
+
+my $badcmd = 0;
+my $ossl8 = `$ossl_path version -v` =~ /0\.9\.8/;
+
+my @smime_pkcs7_tests = (
+
+    [
+        "signed content DER format, RSA key",
+        "-sign -in smcont.txt -outform DER -nodetach"
+          . " -certfile $smdir/smroot.pem"
+          . " -signer $smdir/smrsa1.pem -out test.cms",
+        "-verify -in test.cms -inform DER "
+          . " -CAfile $smdir/smroot.pem -out smtst.txt"
+    ],
+
+    [
+        "signed detached content DER format, RSA key",
+        "-sign -in smcont.txt -outform DER"
+          . " -signer $smdir/smrsa1.pem -out test.cms",
+        "-verify -in test.cms -inform DER "
+          . " -CAfile $smdir/smroot.pem -out smtst.txt -content smcont.txt"
+    ],
+
+    [
+        "signed content test streaming BER format, RSA",
+        "-sign -in smcont.txt -outform DER -nodetach"
+          . " -stream -signer $smdir/smrsa1.pem -out test.cms",
+        "-verify -in test.cms -inform DER "
+          . " -CAfile $smdir/smroot.pem -out smtst.txt"
+    ],
+
+    [
+        "signed content DER format, DSA key",
+        "-sign -in smcont.txt -outform DER -nodetach"
+          . " -signer $smdir/smdsa1.pem -out test.cms",
+        "-verify -in test.cms -inform DER "
+          . " -CAfile $smdir/smroot.pem -out smtst.txt"
+    ],
+
+    [
+        "signed detached content DER format, DSA key",
+        "-sign -in smcont.txt -outform DER"
+          . " -signer $smdir/smdsa1.pem -out test.cms",
+        "-verify -in test.cms -inform DER "
+          . " -CAfile $smdir/smroot.pem -out smtst.txt -content smcont.txt"
+    ],
+
+    [
+        "signed detached content DER format, add RSA signer",
+        "-resign -inform DER -in test.cms -outform DER"
+          . " -signer $smdir/smrsa1.pem -out test2.cms",
+        "-verify -in test2.cms -inform DER "
+          . " -CAfile $smdir/smroot.pem -out smtst.txt -content smcont.txt"
+    ],
+
+    [
+        "signed content test streaming BER format, DSA key",
+        "-sign -in smcont.txt -outform DER -nodetach"
+          . " -stream -signer $smdir/smdsa1.pem -out test.cms",
+        "-verify -in test.cms -inform DER "
+          . " -CAfile $smdir/smroot.pem -out smtst.txt"
+    ],
+
+    [
+        "signed content test streaming BER format, 2 DSA and 2 RSA keys",
+        "-sign -in smcont.txt -outform DER -nodetach"
+          . " -signer $smdir/smrsa1.pem -signer $smdir/smrsa2.pem"
+          . " -signer $smdir/smdsa1.pem -signer $smdir/smdsa2.pem"
+          . " -stream -out test.cms",
+        "-verify -in test.cms -inform DER "
+          . " -CAfile $smdir/smroot.pem -out smtst.txt"
+    ],
+
+    [
+"signed content test streaming BER format, 2 DSA and 2 RSA keys, no attributes",
+        "-sign -in smcont.txt -outform DER -noattr -nodetach"
+          . " -signer $smdir/smrsa1.pem -signer $smdir/smrsa2.pem"
+          . " -signer $smdir/smdsa1.pem -signer $smdir/smdsa2.pem"
+          . " -stream -out test.cms",
+        "-verify -in test.cms -inform DER "
+          . " -CAfile $smdir/smroot.pem -out smtst.txt"
+    ],
+
+    [
+        "signed content test streaming S/MIME format, 2 DSA and 2 RSA keys",
+        "-sign -in smcont.txt -nodetach"
+          . " -signer $smdir/smrsa1.pem -signer $smdir/smrsa2.pem"
+          . " -signer $smdir/smdsa1.pem -signer $smdir/smdsa2.pem"
+          . " -stream -out test.cms",
+        "-verify -in test.cms " . " -CAfile $smdir/smroot.pem -out smtst.txt"
+    ],
+
+    [
+"signed content test streaming multipart S/MIME format, 2 DSA and 2 RSA keys",
+        "-sign -in smcont.txt"
+          . " -signer $smdir/smrsa1.pem -signer $smdir/smrsa2.pem"
+          . " -signer $smdir/smdsa1.pem -signer $smdir/smdsa2.pem"
+          . " -stream -out test.cms",
+        "-verify -in test.cms " . " -CAfile $smdir/smroot.pem -out smtst.txt"
+    ],
+
+    [
+        "enveloped content test streaming S/MIME format, 3 recipients",
+        "-encrypt -in smcont.txt"
+          . " -stream -out test.cms"
+          . " $smdir/smrsa1.pem $smdir/smrsa2.pem $smdir/smrsa3.pem ",
+        "-decrypt -recip $smdir/smrsa1.pem -in test.cms -out smtst.txt"
+    ],
+
+    [
+"enveloped content test streaming S/MIME format, 3 recipients, 3rd used",
+        "-encrypt -in smcont.txt"
+          . " -stream -out test.cms"
+          . " $smdir/smrsa1.pem $smdir/smrsa2.pem $smdir/smrsa3.pem ",
+        "-decrypt -recip $smdir/smrsa3.pem -in test.cms -out smtst.txt"
+    ],
+
+    [
+"enveloped content test streaming S/MIME format, 3 recipients, key only used",
+        "-encrypt -in smcont.txt"
+          . " -stream -out test.cms"
+          . " $smdir/smrsa1.pem $smdir/smrsa2.pem $smdir/smrsa3.pem ",
+        "-decrypt -inkey $smdir/smrsa3.pem -in test.cms -out smtst.txt"
+    ],
+
+    [
+"enveloped content test streaming S/MIME format, AES-256 cipher, 3 recipients",
+        "-encrypt -in smcont.txt"
+          . " -aes256 -stream -out test.cms"
+          . " $smdir/smrsa1.pem $smdir/smrsa2.pem $smdir/smrsa3.pem ",
+        "-decrypt -recip $smdir/smrsa1.pem -in test.cms -out smtst.txt"
+    ],
+
+);
+
+my @smime_cms_tests = (
+
+    [
+        "signed content test streaming BER format, 2 DSA and 2 RSA keys, keyid",
+        "-sign -in smcont.txt -outform DER -nodetach -keyid"
+          . " -signer $smdir/smrsa1.pem -signer $smdir/smrsa2.pem"
+          . " -signer $smdir/smdsa1.pem -signer $smdir/smdsa2.pem"
+          . " -stream -out test.cms",
+        "-verify -in test.cms -inform DER "
+          . " -CAfile $smdir/smroot.pem -out smtst.txt"
+    ],
+
+    [
+        "signed content test streaming PEM format, 2 DSA and 2 RSA keys",
+        "-sign -in smcont.txt -outform PEM -nodetach"
+          . " -signer $smdir/smrsa1.pem -signer $smdir/smrsa2.pem"
+          . " -signer $smdir/smdsa1.pem -signer $smdir/smdsa2.pem"
+          . " -stream -out test.cms",
+        "-verify -in test.cms -inform PEM "
+          . " -CAfile $smdir/smroot.pem -out smtst.txt"
+    ],
+
+    [
+        "signed content MIME format, RSA key, signed receipt request",
+        "-sign -in smcont.txt -signer $smdir/smrsa1.pem -nodetach"
+          . " -receipt_request_to test\@openssl.org -receipt_request_all"
+          . " -out test.cms",
+        "-verify -in test.cms "
+          . " -CAfile $smdir/smroot.pem -out smtst.txt"
+    ],
+
+    [
+        "signed receipt MIME format, RSA key",
+        "-sign_receipt -in test.cms"
+          . " -signer $smdir/smrsa2.pem"
+          . " -out test2.cms",
+        "-verify_receipt test2.cms -in test.cms"
+          . " -CAfile $smdir/smroot.pem"
+    ],
+
+    [
+        "enveloped content test streaming S/MIME format, 3 recipients, keyid",
+        "-encrypt -in smcont.txt"
+          . " -stream -out test.cms -keyid"
+          . " $smdir/smrsa1.pem $smdir/smrsa2.pem $smdir/smrsa3.pem ",
+        "-decrypt -recip $smdir/smrsa1.pem -in test.cms -out smtst.txt"
+    ],
+
+    [
+        "enveloped content test streaming PEM format, KEK",
+        "-encrypt -in smcont.txt -outform PEM -aes128"
+          . " -stream -out test.cms "
+          . " -secretkey 000102030405060708090A0B0C0D0E0F "
+          . " -secretkeyid C0FEE0",
+        "-decrypt -in test.cms -out smtst.txt -inform PEM"
+          . " -secretkey 000102030405060708090A0B0C0D0E0F "
+          . " -secretkeyid C0FEE0"
+    ],
+
+    [
+        "enveloped content test streaming PEM format, KEK, key only",
+        "-encrypt -in smcont.txt -outform PEM -aes128"
+          . " -stream -out test.cms "
+          . " -secretkey 000102030405060708090A0B0C0D0E0F "
+          . " -secretkeyid C0FEE0",
+        "-decrypt -in test.cms -out smtst.txt -inform PEM"
+          . " -secretkey 000102030405060708090A0B0C0D0E0F "
+    ],
+
+    [
+        "data content test streaming PEM format",
+        "-data_create -in smcont.txt -outform PEM -nodetach"
+          . " -stream -out test.cms",
+        "-data_out -in test.cms -inform PEM -out smtst.txt"
+    ],
+
+    [
+        "encrypted content test streaming PEM format, 128 bit RC2 key",
+        "-EncryptedData_encrypt -in smcont.txt -outform PEM"
+          . " -rc2 -secretkey 000102030405060708090A0B0C0D0E0F"
+          . " -stream -out test.cms",
+        "-EncryptedData_decrypt -in test.cms -inform PEM "
+          . " -secretkey 000102030405060708090A0B0C0D0E0F -out smtst.txt"
+    ],
+
+    [
+        "encrypted content test streaming PEM format, 40 bit RC2 key",
+        "-EncryptedData_encrypt -in smcont.txt -outform PEM"
+          . " -rc2 -secretkey 0001020304"
+          . " -stream -out test.cms",
+        "-EncryptedData_decrypt -in test.cms -inform PEM "
+          . " -secretkey 0001020304 -out smtst.txt"
+    ],
+
+    [
+        "encrypted content test streaming PEM format, triple DES key",
+        "-EncryptedData_encrypt -in smcont.txt -outform PEM"
+          . " -des3 -secretkey 000102030405060708090A0B0C0D0E0F1011121314151617"
+          . " -stream -out test.cms",
+        "-EncryptedData_decrypt -in test.cms -inform PEM "
+          . " -secretkey 000102030405060708090A0B0C0D0E0F1011121314151617"
+          . " -out smtst.txt"
+    ],
+
+    [
+        "encrypted content test streaming PEM format, 128 bit AES key",
+        "-EncryptedData_encrypt -in smcont.txt -outform PEM"
+          . " -aes128 -secretkey 000102030405060708090A0B0C0D0E0F"
+          . " -stream -out test.cms",
+        "-EncryptedData_decrypt -in test.cms -inform PEM "
+          . " -secretkey 000102030405060708090A0B0C0D0E0F -out smtst.txt"
+    ],
+
+);
+
+my @smime_cms_comp_tests = (
+
+    [
+        "compressed content test streaming PEM format",
+        "-compress -in smcont.txt -outform PEM -nodetach"
+          . " -stream -out test.cms",
+        "-uncompress -in test.cms -inform PEM -out smtst.txt"
+    ]
+
+);
+
+print "CMS => PKCS#7 compatibility tests\n";
+
+run_smime_tests( \$badcmd, \@smime_pkcs7_tests, $cmscmd, $pk7cmd );
+
+print "CMS <= PKCS#7 compatibility tests\n";
+
+run_smime_tests( \$badcmd, \@smime_pkcs7_tests, $pk7cmd, $cmscmd );
+
+print "CMS <=> CMS consistency tests\n";
+
+run_smime_tests( \$badcmd, \@smime_pkcs7_tests, $cmscmd, $cmscmd );
+run_smime_tests( \$badcmd, \@smime_cms_tests,   $cmscmd, $cmscmd );
+
+if ( `$ossl_path version -f` =~ /ZLIB/ ) {
+    run_smime_tests( \$badcmd, \@smime_cms_comp_tests, $cmscmd, $cmscmd );
+}
+else {
+    print "Zlib not supported: compression tests skipped\n";
+}
+
+print "Running modified tests for OpenSSL 0.9.8 cms backport\n" if($ossl8);
+
+if ($badcmd) {
+    print "$badcmd TESTS FAILED!!\n";
+}
+else {
+    print "ALL TESTS SUCCESSFUL.\n";
+}
+
+unlink "test.cms";
+unlink "test2.cms";
+unlink "smtst.txt";
+unlink "cms.out";
+unlink "cms.err";
+
+sub run_smime_tests {
+    my ( $rv, $aref, $scmd, $vcmd ) = @_;
+
+    foreach $smtst (@$aref) {
+        my ( $tnam, $rscmd, $rvcmd ) = @$smtst;
+	if ($ossl8)
+		{
+		# Skip smime resign: 0.9.8 smime doesn't support -resign	
+		next if ($scmd =~ /smime/ && $rscmd =~ /-resign/);
+		# Disable streaming: option not supported in 0.9.8
+		$tnam =~ s/streaming//;	
+		$rscmd =~ s/-stream//;	
+		$rvcmd =~ s/-stream//;
+		}
+        system("$scmd$rscmd 2>cms.err 1>cms.out");
+        if ($?) {
+            print "$tnam: generation error\n";
+            $$rv++;
+            exit 1 if $halt_err;
+            next;
+        }
+        system("$vcmd$rvcmd 2>cms.err 1>cms.out");
+        if ($?) {
+            print "$tnam: verify error\n";
+            $$rv++;
+            exit 1 if $halt_err;
+            next;
+        }
+	if (!cmp_files("smtst.txt", "smcont.txt")) {
+            print "$tnam: content verify error\n";
+            $$rv++;
+            exit 1 if $halt_err;
+            next;
+	}
+        print "$tnam: OK\n";
+    }
+}
+
+sub cmp_files {
+    my ( $f1, $f2 ) = @_;
+    my ( $fp1, $fp2 );
+
+    my ( $rd1, $rd2 );
+
+    if ( !open( $fp1, "<$f1" ) ) {
+        print STDERR "Can't Open file $f1\n";
+        return 0;
+    }
+
+    if ( !open( $fp2, "<$f2" ) ) {
+        print STDERR "Can't Open file $f2\n";
+        return 0;
+    }
+
+    binmode $fp1;
+    binmode $fp2;
+
+    my $ret = 0;
+
+    for ( ; ; ) {
+        $n1 = sysread $fp1, $rd1, 4096;
+        $n2 = sysread $fp2, $rd2, 4096;
+        last if ( $n1 != $n2 );
+        last if ( $rd1 ne $rd2 );
+
+        if ( $n1 == 0 ) {
+            $ret = 1;
+            last;
+        }
+
+    }
+
+    close $fp1;
+    close $fp2;
+
+    return $ret;
+
+}
+
diff --git a/test/igetest.c b/test/igetest.c
new file mode 100644
index 0000000000..1ba900244d
--- /dev/null
+++ b/test/igetest.c
@@ -0,0 +1,503 @@
+/* test/igetest.c -*- mode:C; c-file-style: "eay" -*- */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#include <openssl/aes.h>
+#include <openssl/rand.h>
+#include <stdio.h>
+#include <string.h>
+#include <assert.h>
+
+#define TEST_SIZE	128
+#define BIG_TEST_SIZE 10240
+
+static void hexdump(FILE *f,const char *title,const unsigned char *s,int l)
+    {
+    int n=0;
+
+    fprintf(f,"%s",title);
+    for( ; n < l ; ++n)
+		{
+		if((n%16) == 0)
+			fprintf(f,"\n%04x",n);
+		fprintf(f," %02x",s[n]);
+		}
+    fprintf(f,"\n");
+    }
+
+#define MAX_VECTOR_SIZE	64
+
+struct ige_test
+	{
+	const unsigned char key[16];
+	const unsigned char iv[32];
+	const unsigned char in[MAX_VECTOR_SIZE];
+	const unsigned char out[MAX_VECTOR_SIZE];
+	const size_t length;
+	const int encrypt;
+	};
+
+static struct ige_test const ige_test_vectors[] = {
+{ { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+    0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f }, /* key */
+  { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+    0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
+    0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
+    0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f }, /* iv */
+  { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, /* in */
+  { 0x1a, 0x85, 0x19, 0xa6, 0x55, 0x7b, 0xe6, 0x52,
+    0xe9, 0xda, 0x8e, 0x43, 0xda, 0x4e, 0xf4, 0x45,
+    0x3c, 0xf4, 0x56, 0xb4, 0xca, 0x48, 0x8a, 0xa3,
+    0x83, 0xc7, 0x9c, 0x98, 0xb3, 0x47, 0x97, 0xcb }, /* out */
+  32, AES_ENCRYPT }, /* test vector 0 */
+
+{ { 0x54, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20,
+    0x61, 0x6e, 0x20, 0x69, 0x6d, 0x70, 0x6c, 0x65 }, /* key */
+  { 0x6d, 0x65, 0x6e, 0x74, 0x61, 0x74, 0x69, 0x6f,
+    0x6e, 0x20, 0x6f, 0x66, 0x20, 0x49, 0x47, 0x45,
+    0x20, 0x6d, 0x6f, 0x64, 0x65, 0x20, 0x66, 0x6f,
+    0x72, 0x20, 0x4f, 0x70, 0x65, 0x6e, 0x53, 0x53 }, /* iv */
+  { 0x4c, 0x2e, 0x20, 0x4c, 0x65, 0x74, 0x27, 0x73,
+    0x20, 0x68, 0x6f, 0x70, 0x65, 0x20, 0x42, 0x65,
+    0x6e, 0x20, 0x67, 0x6f, 0x74, 0x20, 0x69, 0x74,
+    0x20, 0x72, 0x69, 0x67, 0x68, 0x74, 0x21, 0x0a }, /* in */
+  { 0x99, 0x70, 0x64, 0x87, 0xa1, 0xcd, 0xe6, 0x13,
+    0xbc, 0x6d, 0xe0, 0xb6, 0xf2, 0x4b, 0x1c, 0x7a,
+    0xa4, 0x48, 0xc8, 0xb9, 0xc3, 0x40, 0x3e, 0x34,
+    0x67, 0xa8, 0xca, 0xd8, 0x93, 0x40, 0xf5, 0x3b }, /* out */
+  32, AES_DECRYPT }, /* test vector 1 */
+};
+
+struct bi_ige_test
+	{
+	const unsigned char key1[32];
+	const unsigned char key2[32];
+	const unsigned char iv[64];
+	const unsigned char in[MAX_VECTOR_SIZE];
+	const unsigned char out[MAX_VECTOR_SIZE];
+	const size_t keysize;
+	const size_t length;
+	const int encrypt;
+	};
+
+static struct bi_ige_test const bi_ige_test_vectors[] = {
+{ { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+    0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f }, /* key1 */
+  { 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
+    0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f }, /* key2 */
+  { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+    0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
+    0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
+    0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
+    0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
+    0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
+    0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
+    0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f }, /* iv */
+  { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, /* in */
+  { 0x14, 0x40, 0x6f, 0xae, 0xa2, 0x79, 0xf2, 0x56,
+	0x1f, 0x86, 0xeb, 0x3b, 0x7d, 0xff, 0x53, 0xdc,
+	0x4e, 0x27, 0x0c, 0x03, 0xde, 0x7c, 0xe5, 0x16,
+	0x6a, 0x9c, 0x20, 0x33, 0x9d, 0x33, 0xfe, 0x12 }, /* out */
+  16, 32, AES_ENCRYPT }, /* test vector 0 */
+{ { 0x58, 0x0a, 0x06, 0xe9, 0x97, 0x07, 0x59, 0x5c,
+	0x9e, 0x19, 0xd2, 0xa7, 0xbb, 0x40, 0x2b, 0x7a,
+	0xc7, 0xd8, 0x11, 0x9e, 0x4c, 0x51, 0x35, 0x75,
+	0x64, 0x28, 0x0f, 0x23, 0xad, 0x74, 0xac, 0x37 }, /* key1 */
+  { 0xd1, 0x80, 0xa0, 0x31, 0x47, 0xa3, 0x11, 0x13,
+	0x86, 0x26, 0x9e, 0x6d, 0xff, 0xaf, 0x72, 0x74,
+	0x5b, 0xa2, 0x35, 0x81, 0xd2, 0xa6, 0x3d, 0x21,
+	0x67, 0x7b, 0x58, 0xa8, 0x18, 0xf9, 0x72, 0xe4 }, /* key2 */
+  { 0x80, 0x3d, 0xbd, 0x4c, 0xe6, 0x7b, 0x06, 0xa9,
+	0x53, 0x35, 0xd5, 0x7e, 0x71, 0xc1, 0x70, 0x70,
+	0x74, 0x9a, 0x00, 0x28, 0x0c, 0xbf, 0x6c, 0x42,
+	0x9b, 0xa4, 0xdd, 0x65, 0x11, 0x77, 0x7c, 0x67,
+	0xfe, 0x76, 0x0a, 0xf0, 0xd5, 0xc6, 0x6e, 0x6a,
+	0xe7, 0x5e, 0x4c, 0xf2, 0x7e, 0x9e, 0xf9, 0x20,
+	0x0e, 0x54, 0x6f, 0x2d, 0x8a, 0x8d, 0x7e, 0xbd,
+	0x48, 0x79, 0x37, 0x99, 0xff, 0x27, 0x93, 0xa3 }, /* iv */
+  { 0xf1, 0x54, 0x3d, 0xca, 0xfe, 0xb5, 0xef, 0x1c,
+	0x4f, 0xa6, 0x43, 0xf6, 0xe6, 0x48, 0x57, 0xf0,
+	0xee, 0x15, 0x7f, 0xe3, 0xe7, 0x2f, 0xd0, 0x2f,
+	0x11, 0x95, 0x7a, 0x17, 0x00, 0xab, 0xa7, 0x0b,
+	0xbe, 0x44, 0x09, 0x9c, 0xcd, 0xac, 0xa8, 0x52,
+	0xa1, 0x8e, 0x7b, 0x75, 0xbc, 0xa4, 0x92, 0x5a,
+	0xab, 0x46, 0xd3, 0x3a, 0xa0, 0xd5, 0x35, 0x1c,
+	0x55, 0xa4, 0xb3, 0xa8, 0x40, 0x81, 0xa5, 0x0b}, /* in */
+  { 0x42, 0xe5, 0x28, 0x30, 0x31, 0xc2, 0xa0, 0x23,
+	0x68, 0x49, 0x4e, 0xb3, 0x24, 0x59, 0x92, 0x79,
+	0xc1, 0xa5, 0xcc, 0xe6, 0x76, 0x53, 0xb1, 0xcf,
+	0x20, 0x86, 0x23, 0xe8, 0x72, 0x55, 0x99, 0x92,
+	0x0d, 0x16, 0x1c, 0x5a, 0x2f, 0xce, 0xcb, 0x51,
+	0xe2, 0x67, 0xfa, 0x10, 0xec, 0xcd, 0x3d, 0x67,
+	0xa5, 0xe6, 0xf7, 0x31, 0x26, 0xb0, 0x0d, 0x76,
+	0x5e, 0x28, 0xdc, 0x7f, 0x01, 0xc5, 0xa5, 0x4c}, /* out */
+  32, 64, AES_ENCRYPT }, /* test vector 1 */
+
+};
+
+static int run_test_vectors(void)
+	{
+	unsigned int n;
+	int errs = 0;
+
+	for(n=0 ; n < sizeof(ige_test_vectors)/sizeof(ige_test_vectors[0]) ; ++n)
+		{
+		const struct ige_test * const v = &ige_test_vectors[n];
+		AES_KEY key;
+		unsigned char buf[MAX_VECTOR_SIZE];
+		unsigned char iv[AES_BLOCK_SIZE*2];
+
+		assert(v->length <= MAX_VECTOR_SIZE);
+
+		if(v->encrypt == AES_ENCRYPT)
+			AES_set_encrypt_key(v->key, 8*sizeof v->key, &key);
+		else
+			AES_set_decrypt_key(v->key, 8*sizeof v->key, &key);
+		memcpy(iv, v->iv, sizeof iv);
+		AES_ige_encrypt(v->in, buf, v->length, &key, iv, v->encrypt);
+
+		if(memcmp(v->out, buf, v->length))
+			{
+			printf("IGE test vector %d failed\n", n);
+			hexdump(stdout, "key", v->key, sizeof v->key);
+			hexdump(stdout, "iv", v->iv, sizeof v->iv);
+			hexdump(stdout, "in", v->in, v->length);
+			hexdump(stdout, "expected", v->out, v->length);
+			hexdump(stdout, "got", buf, v->length);
+
+			++errs;
+			}
+
+                /* try with in == out */
+		memcpy(iv, v->iv, sizeof iv);
+                memcpy(buf, v->in, v->length);
+		AES_ige_encrypt(buf, buf, v->length, &key, iv, v->encrypt);
+
+		if(memcmp(v->out, buf, v->length))
+			{
+			printf("IGE test vector %d failed (with in == out)\n", n);
+			hexdump(stdout, "key", v->key, sizeof v->key);
+			hexdump(stdout, "iv", v->iv, sizeof v->iv);
+			hexdump(stdout, "in", v->in, v->length);
+			hexdump(stdout, "expected", v->out, v->length);
+			hexdump(stdout, "got", buf, v->length);
+
+			++errs;
+			}
+		}
+
+	for(n=0 ; n < sizeof(bi_ige_test_vectors)/sizeof(bi_ige_test_vectors[0])
+			; ++n)
+		{
+		const struct bi_ige_test * const v = &bi_ige_test_vectors[n];
+		AES_KEY key1;
+		AES_KEY key2;
+		unsigned char buf[MAX_VECTOR_SIZE];
+
+		assert(v->length <= MAX_VECTOR_SIZE);
+
+		if(v->encrypt == AES_ENCRYPT)
+			{
+			AES_set_encrypt_key(v->key1, 8*v->keysize, &key1);
+			AES_set_encrypt_key(v->key2, 8*v->keysize, &key2);
+			}
+		else
+			{
+			AES_set_decrypt_key(v->key1, 8*v->keysize, &key1);
+			AES_set_decrypt_key(v->key2, 8*v->keysize, &key2);
+			}
+
+		AES_bi_ige_encrypt(v->in, buf, v->length, &key1, &key2, v->iv,
+						   v->encrypt);
+
+		if(memcmp(v->out, buf, v->length))
+			{
+			printf("Bidirectional IGE test vector %d failed\n", n);
+			hexdump(stdout, "key 1", v->key1, sizeof v->key1);
+			hexdump(stdout, "key 2", v->key2, sizeof v->key2);
+			hexdump(stdout, "iv", v->iv, sizeof v->iv);
+			hexdump(stdout, "in", v->in, v->length);
+			hexdump(stdout, "expected", v->out, v->length);
+			hexdump(stdout, "got", buf, v->length);
+
+			++errs;
+			}
+		}
+
+	return errs;
+	}
+
+int main(int argc, char **argv)
+	{
+	unsigned char rkey[16];
+	unsigned char rkey2[16];
+	AES_KEY key;
+	AES_KEY key2;
+	unsigned char plaintext[BIG_TEST_SIZE];
+	unsigned char ciphertext[BIG_TEST_SIZE];
+	unsigned char checktext[BIG_TEST_SIZE];
+	unsigned char iv[AES_BLOCK_SIZE*4];
+	unsigned char saved_iv[AES_BLOCK_SIZE*4];
+	int err = 0;
+	unsigned int n;
+	unsigned matches;
+
+	assert(BIG_TEST_SIZE >= TEST_SIZE);
+
+	RAND_pseudo_bytes(rkey, sizeof rkey);
+	RAND_pseudo_bytes(plaintext, sizeof plaintext);
+	RAND_pseudo_bytes(iv, sizeof iv);
+	memcpy(saved_iv, iv, sizeof saved_iv);
+
+	/* Forward IGE only... */
+
+	/* Straight encrypt/decrypt */
+	AES_set_encrypt_key(rkey, 8*sizeof rkey, &key);
+	AES_ige_encrypt(plaintext, ciphertext, TEST_SIZE, &key, iv,
+					AES_ENCRYPT);
+
+	AES_set_decrypt_key(rkey, 8*sizeof rkey, &key);
+	memcpy(iv, saved_iv, sizeof iv);
+	AES_ige_encrypt(ciphertext, checktext, TEST_SIZE, &key, iv,
+					AES_DECRYPT);
+
+	if(memcmp(checktext, plaintext, TEST_SIZE))
+		{
+		printf("Encrypt+decrypt doesn't match\n");
+		hexdump(stdout, "Plaintext", plaintext, TEST_SIZE);
+		hexdump(stdout, "Checktext", checktext, TEST_SIZE);
+		++err;
+		}
+
+	/* Now check encrypt chaining works */
+	AES_set_encrypt_key(rkey, 8*sizeof rkey, &key);
+	memcpy(iv, saved_iv, sizeof iv);
+	AES_ige_encrypt(plaintext, ciphertext, TEST_SIZE/2, &key, iv,
+					AES_ENCRYPT);
+	AES_ige_encrypt(plaintext+TEST_SIZE/2,
+					ciphertext+TEST_SIZE/2, TEST_SIZE/2,
+					&key, iv, AES_ENCRYPT);
+
+	AES_set_decrypt_key(rkey, 8*sizeof rkey, &key);
+	memcpy(iv, saved_iv, sizeof iv);
+	AES_ige_encrypt(ciphertext, checktext, TEST_SIZE, &key, iv,
+					AES_DECRYPT);
+
+	if(memcmp(checktext, plaintext, TEST_SIZE))
+		{
+		printf("Chained encrypt+decrypt doesn't match\n");
+		hexdump(stdout, "Plaintext", plaintext, TEST_SIZE);
+		hexdump(stdout, "Checktext", checktext, TEST_SIZE);
+		++err;
+		}
+
+	/* And check decrypt chaining */
+	AES_set_encrypt_key(rkey, 8*sizeof rkey, &key);
+	memcpy(iv, saved_iv, sizeof iv);
+	AES_ige_encrypt(plaintext, ciphertext, TEST_SIZE/2, &key, iv,
+					AES_ENCRYPT);
+	AES_ige_encrypt(plaintext+TEST_SIZE/2,
+					ciphertext+TEST_SIZE/2, TEST_SIZE/2,
+					&key, iv, AES_ENCRYPT);
+
+	AES_set_decrypt_key(rkey, 8*sizeof rkey, &key);
+	memcpy(iv, saved_iv, sizeof iv);
+	AES_ige_encrypt(ciphertext, checktext, TEST_SIZE/2, &key, iv,
+					AES_DECRYPT);
+	AES_ige_encrypt(ciphertext+TEST_SIZE/2,
+					checktext+TEST_SIZE/2, TEST_SIZE/2, &key, iv,
+					AES_DECRYPT);
+
+	if(memcmp(checktext, plaintext, TEST_SIZE))
+		{
+		printf("Chained encrypt+chained decrypt doesn't match\n");
+		hexdump(stdout, "Plaintext", plaintext, TEST_SIZE);
+		hexdump(stdout, "Checktext", checktext, TEST_SIZE);
+		++err;
+		}
+
+	/* make sure garble extends forwards only */
+	AES_set_encrypt_key(rkey, 8*sizeof rkey, &key);
+	memcpy(iv, saved_iv, sizeof iv);
+	AES_ige_encrypt(plaintext, ciphertext, sizeof plaintext, &key, iv,
+					AES_ENCRYPT);
+
+	/* corrupt halfway through */
+	++ciphertext[sizeof ciphertext/2];
+	AES_set_decrypt_key(rkey, 8*sizeof rkey, &key);
+	memcpy(iv, saved_iv, sizeof iv);
+	AES_ige_encrypt(ciphertext, checktext, sizeof checktext, &key, iv,
+					AES_DECRYPT);
+
+	matches=0;
+	for(n=0 ; n < sizeof checktext ; ++n)
+		if(checktext[n] == plaintext[n])
+			++matches;
+
+	if(matches > sizeof checktext/2+sizeof checktext/100)
+		{
+		printf("More than 51%% matches after garbling\n");
+		++err;
+		}
+
+	if(matches < sizeof checktext/2)
+		{
+		printf("Garble extends backwards!\n");
+		++err;
+		}
+
+	/* Bi-directional IGE */
+
+	/* Note that we don't have to recover the IV, because chaining isn't */
+	/* possible with biIGE, so the IV is not updated. */
+
+	RAND_pseudo_bytes(rkey2, sizeof rkey2);
+
+	/* Straight encrypt/decrypt */
+	AES_set_encrypt_key(rkey, 8*sizeof rkey, &key);
+	AES_set_encrypt_key(rkey2, 8*sizeof rkey2, &key2);
+	AES_bi_ige_encrypt(plaintext, ciphertext, TEST_SIZE, &key, &key2, iv,
+					   AES_ENCRYPT);
+
+	AES_set_decrypt_key(rkey, 8*sizeof rkey, &key);
+	AES_set_decrypt_key(rkey2, 8*sizeof rkey2, &key2);
+	AES_bi_ige_encrypt(ciphertext, checktext, TEST_SIZE, &key, &key2, iv,
+					   AES_DECRYPT);
+
+	if(memcmp(checktext, plaintext, TEST_SIZE))
+		{
+		printf("Encrypt+decrypt doesn't match\n");
+		hexdump(stdout, "Plaintext", plaintext, TEST_SIZE);
+		hexdump(stdout, "Checktext", checktext, TEST_SIZE);
+		++err;
+		}
+
+	/* make sure garble extends both ways */
+	AES_set_encrypt_key(rkey, 8*sizeof rkey, &key);
+	AES_set_encrypt_key(rkey2, 8*sizeof rkey2, &key2);
+	AES_ige_encrypt(plaintext, ciphertext, sizeof plaintext, &key, iv,
+					AES_ENCRYPT);
+
+	/* corrupt halfway through */
+	++ciphertext[sizeof ciphertext/2];
+	AES_set_decrypt_key(rkey, 8*sizeof rkey, &key);
+	AES_set_decrypt_key(rkey2, 8*sizeof rkey2, &key2);
+	AES_ige_encrypt(ciphertext, checktext, sizeof checktext, &key, iv,
+					AES_DECRYPT);
+
+	matches=0;
+	for(n=0 ; n < sizeof checktext ; ++n)
+		if(checktext[n] == plaintext[n])
+			++matches;
+
+	if(matches > sizeof checktext/100)
+		{
+		printf("More than 1%% matches after bidirectional garbling\n");
+		++err;
+		}
+
+	/* make sure garble extends both ways (2) */
+	AES_set_encrypt_key(rkey, 8*sizeof rkey, &key);
+	AES_set_encrypt_key(rkey2, 8*sizeof rkey2, &key2);
+	AES_ige_encrypt(plaintext, ciphertext, sizeof plaintext, &key, iv,
+					AES_ENCRYPT);
+
+	/* corrupt right at the end */
+	++ciphertext[sizeof ciphertext-1];
+	AES_set_decrypt_key(rkey, 8*sizeof rkey, &key);
+	AES_set_decrypt_key(rkey2, 8*sizeof rkey2, &key2);
+	AES_ige_encrypt(ciphertext, checktext, sizeof checktext, &key, iv,
+					AES_DECRYPT);
+
+	matches=0;
+	for(n=0 ; n < sizeof checktext ; ++n)
+		if(checktext[n] == plaintext[n])
+			++matches;
+
+	if(matches > sizeof checktext/100)
+		{
+		printf("More than 1%% matches after bidirectional garbling (2)\n");
+		++err;
+		}
+
+	/* make sure garble extends both ways (3) */
+	AES_set_encrypt_key(rkey, 8*sizeof rkey, &key);
+	AES_set_encrypt_key(rkey2, 8*sizeof rkey2, &key2);
+	AES_ige_encrypt(plaintext, ciphertext, sizeof plaintext, &key, iv,
+					AES_ENCRYPT);
+
+	/* corrupt right at the start */
+	++ciphertext[0];
+	AES_set_decrypt_key(rkey, 8*sizeof rkey, &key);
+	AES_set_decrypt_key(rkey2, 8*sizeof rkey2, &key2);
+	AES_ige_encrypt(ciphertext, checktext, sizeof checktext, &key, iv,
+					AES_DECRYPT);
+
+	matches=0;
+	for(n=0 ; n < sizeof checktext ; ++n)
+		if(checktext[n] == plaintext[n])
+			++matches;
+
+	if(matches > sizeof checktext/100)
+		{
+		printf("More than 1%% matches after bidirectional garbling (3)\n");
+		++err;
+		}
+
+	err += run_test_vectors();
+
+	return err;
+	}
diff --git a/test/maketests.com b/test/maketests.com
index 15482cdbb7..3548f43231 100644
--- a/test/maketests.com
+++ b/test/maketests.com
@@ -12,9 +12,9 @@ $!  "test" programs for the different types of encryption for OpenSSL.
 $!  It was written so it would try to determine what "C" compiler to
 $!  use or you can specify which "C" compiler to use.
 $!
-$!  The test "executeables" will be placed in a directory called
-$!  [.xxx.EXE.TEST] where "xxx" denotes AXP or VAX depending on your machines
-$!  architecture.
+$!  The test "executables" will be placed in a directory called
+$!  [.xxx.EXE.TEST] where "xxx" denotes ALPHA, IA64, or VAX, depending
+$!  on your machine architecture.
 $!
 $!  Specify DEBUG or NODEBUG P1 to compile with or without debugger
 $!  information.
@@ -46,27 +46,40 @@ $! (That is, If Wee Need To Link To One.)
 $!
 $ TCPIP_LIB = ""
 $!
-$! Check Which Architecture We Are Using.
+$! Check What Architecture We Are Using.
 $!
-$ IF (F$GETSYI("CPU").GE.128) 
+$ IF (F$GETSYI("CPU").LT.128)
 $ THEN
 $!
-$!  The Architecture Is AXP.
+$!  The Architecture Is VAX.
 $!
-$   ARCH := AXP
+$   ARCH := VAX
 $!
 $! Else...
 $!
 $ ELSE
 $!
-$!  The Architecture Is VAX.
+$!  The Architecture Is Alpha, IA64 or whatever comes in the future.
 $!
-$   ARCH := VAX
+$   ARCH = F$EDIT( F$GETSYI( "ARCH_NAME"), "UPCASE")
+$   IF (ARCH .EQS. "") THEN ARCH = "UNK"
 $!
 $! End The Architecture Check.
 $!
 $ ENDIF
 $!
+$! Define The OBJ Directory.
+$!
+$ OBJ_DIR := SYS$DISK:[-.'ARCH'.OBJ.TEST]
+$!
+$! Define The LIS Directory.
+$!
+$ LIS_DIR := SYS$DISK:[-.'ARCH'.LIS.TEST]
+$!
+$! Define The EXE Directory.
+$!
+$ EXE_DIR := SYS$DISK:[-.'ARCH'.EXE.TEST]
+$!
 $! Check To Make Sure We Have Valid Command Line Parameters.
 $!
 $ GOSUB CHECK_OPTIONS
@@ -89,10 +102,6 @@ $! Define The SSL We Are To Use.
 $!
 $ SSL_LIB := SYS$DISK:[-.'ARCH'.EXE.SSL]LIBSSL'FILE_POINTER_SIZE'.OLB
 $!
-$! Define The OBJ Directory.
-$!
-$ OBJ_DIR := SYS$DISK:[-.'ARCH'.OBJ.TEST]
-$!
 $! Check To See If The Architecture Specific OBJ Directory Exists.
 $!
 $ IF (F$PARSE(OBJ_DIR).EQS."")
@@ -106,10 +115,6 @@ $! End The Architecture Specific OBJ Directory Check.
 $!
 $ ENDIF
 $!
-$! Define The LIS Directory.
-$!
-$ LIS_DIR := SYS$DISK:[-.'ARCH'.LIS.TEST]
-$!
 $! Check To See If The Architecture Specific LIS Directory Exists.
 $!
 $ IF (F$PARSE(LIS_DIR).EQS."")
@@ -123,10 +128,6 @@ $! End The Architecture Specific LIS Directory Check.
 $!
 $ ENDIF
 $!
-$! Define The EXE Directory.
-$!
-$ EXE_DIR := SYS$DISK:[-.'ARCH'.EXE.TEST]
-$!
 $! Check To See If The Architecture Specific EXE Directory Exists.
 $!
 $ IF (F$PARSE(EXE_DIR).EQS."")
@@ -149,15 +150,20 @@ $!
 $ GOSUB CHECK_OPT_FILE
 $!
 $! Define The TEST Files.
+$! NOTE: Some might think this list ugly.  However, it's made this way to
+$! reflect the EXE variable in Makefile as closely as possible,
+$! thereby making it fairly easy to verify that the lists are the same.
 $!
 $ TEST_FILES = "BNTEST,ECTEST,ECDSATEST,ECDHTEST,IDEATEST,"+ -
-	       "MD2TEST,MD4TEST,MD5TEST,HMACTEST,"+ -
+	       "MD2TEST,MD4TEST,MD5TEST,HMACTEST,WP_TEST,"+ -
 	       "RC2TEST,RC4TEST,RC5TEST,"+ -
 	       "DESTEST,SHATEST,SHA1TEST,SHA256T,SHA512T,"+ -
 	       "MDC2TEST,RMDTEST,"+ -
 	       "RANDTEST,DHTEST,ENGINETEST,"+ -
 	       "BFTEST,CASTTEST,SSLTEST,EXPTEST,DSATEST,RSA_TEST,"+ -
-	       "EVP_TEST"
+	       "EVP_TEST,JPAKETEST"
+$! Should we add MTTEST,PQ_TEST,LH_TEST,DIVTEST,TABTEST as well?
+$
 $ TCPIP_PROGRAMS = ",,"
 $ IF COMPILER .EQS. "VAXC" THEN -
      TCPIP_PROGRAMS = ",SSLTEST,"
@@ -226,7 +232,9 @@ $!
 $! Compile The File.
 $!
 $ ON ERROR THEN GOTO NEXT_FILE
-$ CC/OBJECT='OBJECT_FILE'/LIST='LIST_FILE'/MACHINE_CODE 'SOURCE_FILE'
+$ CC/OBJECT='OBJECT_FILE'/LIST='LIST_FILE'/MACHINE_CODE /PREFIX=ALL -
+    /INCLUDE=(SYS$DISK:[-],SYS$DISK:[-.CRYPTO],SYS$DISK:[-.CRYPTO.X509V3],SYS$DISK:[-.INCLUDE.OPENSSL]) - 
+    'SOURCE_FILE'
 $ ON WARNING THEN GOTO NEXT_FILE
 $!
 $! Check If What We Are About To Compile Works Without A TCP/IP Library.
@@ -361,7 +369,7 @@ $!
 $   IF (F$SEARCH(OPT_FILE).EQS."")
 $   THEN
 $!
-$!    Figure Out If We Need An AXP Or A VAX Linker Option File.
+$!    Figure Out If We Need A non-VAX Or A VAX Linker Option File.
 $!
 $     IF (ARCH.EQS."VAX")
 $     THEN
@@ -381,19 +389,19 @@ $!    Else...
 $!
 $     ELSE
 $!
-$!      Create The AXP Linker Option File.
+$!      Create The non-VAX Linker Option File.
 $!
 $       CREATE 'OPT_FILE'
 $DECK
 !
-! Default System Options File For AXP To Link Agianst 
+! Default System Options File For non-VAX To Link Agianst 
 ! The Sharable C Runtime Library.
 !
 SYS$SHARE:CMA$OPEN_LIB_SHR/SHARE
 SYS$SHARE:CMA$OPEN_RTL/SHARE
 $EOD
 $!
-$!    End The VAX/AXP DEC C Option File Check.
+$!    End The DEC C Option File Check.
 $!
 $     ENDIF
 $!
@@ -545,7 +553,7 @@ $   ELSE
 $!
 $!  Check To See If We Have VAXC Or DECC.
 $!
-$     IF (ARCH.EQS."AXP").OR.(F$TRNLNM("DECC$CC_DEFAULT").NES."")
+$     IF (ARCH.NES."VAX").OR.(F$TRNLNM("DECC$CC_DEFAULT").NES."")
 $     THEN 
 $!
 $!      Looks Like DECC, Set To Use DECC.
@@ -622,7 +630,7 @@ $ CCDEFS = "TCPIP_TYPE_''P3'"
 $ IF F$TYPE(USER_CCDEFS) .NES. "" THEN CCDEFS = CCDEFS + "," + USER_CCDEFS
 $ CCEXTRAFLAGS = ""
 $ IF F$TYPE(USER_CCFLAGS) .NES. "" THEN CCEXTRAFLAGS = USER_CCFLAGS
-$ CCDISABLEWARNINGS = "LONGLONGTYPE,LONGLONGSUFX"
+$ CCDISABLEWARNINGS = "LONGLONGTYPE,LONGLONGSUFX,FOUNDCR"
 $ IF F$TYPE(USER_CCDISABLEWARNINGS) .NES. "" THEN -
 	CCDISABLEWARNINGS = CCDISABLEWARNINGS + "," + USER_CCDISABLEWARNINGS
 $!
@@ -713,7 +721,7 @@ $     CC = CC + "/''CC_OPTIMIZE'/''DEBUGGER'/STANDARD=ANSI89" + -
 $!
 $!    Define The Linker Options File Name.
 $!
-$     OPT_FILE = "SYS$DISK:[]VAX_DECC_OPTIONS.OPT"
+$     OPT_FILE = "''EXE_DIR'VAX_DECC_OPTIONS.OPT"
 $!
 $!  End DECC Check.
 $!
@@ -735,9 +743,9 @@ $!
 $!    Compile Using VAXC.
 $!
 $     CC = "CC"
-$     IF ARCH.EQS."AXP"
+$     IF ARCH.NES."VAX"
 $     THEN
-$	WRITE SYS$OUTPUT "There is no VAX C on Alpha!"
+$	WRITE SYS$OUTPUT "There is no VAX C on ''ARCH'!"
 $	EXIT
 $     ENDIF
 $     IF F$TRNLNM("DECC$CC_DEFAULT").EQS."/DECC" THEN CC = "CC/VAXC"
@@ -751,7 +759,7 @@ $     DEFINE/NOLOG SYS SYS$COMMON:[SYSLIB]
 $!
 $!    Define The Linker Options File Name.
 $!
-$     OPT_FILE = "SYS$DISK:[]VAX_VAXC_OPTIONS.OPT"
+$     OPT_FILE = "''EXE_DIR'VAX_VAXC_OPTIONS.OPT"
 $!
 $!  End VAXC Check
 $!
@@ -777,7 +785,7 @@ $     CC = "GCC/NOCASE_HACK/''GCC_OPTIMIZE'/''DEBUGGER'" + -
 $!
 $!    Define The Linker Options File Name.
 $!
-$     OPT_FILE = "SYS$DISK:[]VAX_GNUC_OPTIONS.OPT"
+$     OPT_FILE = "''EXE_DIR'VAX_GNUC_OPTIONS.OPT"
 $!
 $!  End The GNU C Check.
 $!
diff --git a/test/pkits-test.pl b/test/pkits-test.pl
new file mode 100644
index 0000000000..69dffa16f9
--- /dev/null
+++ b/test/pkits-test.pl
@@ -0,0 +1,940 @@
+# test/pkits-test.pl
+# Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+# project.
+#
+# ====================================================================
+# Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+#
+# 1. Redistributions of source code must retain the above copyright
+#    notice, this list of conditions and the following disclaimer.
+#
+# 2. Redistributions in binary form must reproduce the above copyright
+#    notice, this list of conditions and the following disclaimer in
+#    the documentation and/or other materials provided with the
+#    distribution.
+#
+# 3. All advertising materials mentioning features or use of this
+#    software must display the following acknowledgment:
+#    "This product includes software developed by the OpenSSL Project
+#    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+#
+# 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+#    endorse or promote products derived from this software without
+#    prior written permission. For written permission, please contact
+#    licensing@OpenSSL.org.
+#
+# 5. Products derived from this software may not be called "OpenSSL"
+#    nor may "OpenSSL" appear in their names without prior written
+#    permission of the OpenSSL Project.
+#
+# 6. Redistributions of any form whatsoever must retain the following
+#    acknowledgment:
+#    "This product includes software developed by the OpenSSL Project
+#    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+#
+# THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+# EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+# PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+# ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+# OF THE POSSIBILITY OF SUCH DAMAGE.
+# ====================================================================
+
+# Perl utility to run PKITS tests for RFC3280 compliance. 
+
+my $ossl_path;
+
+if ( -f "../apps/openssl" ) {
+    $ossl_path = "../util/shlib_wrap.sh ../apps/openssl";
+}
+elsif ( -f "..\\out32dll\\openssl.exe" ) {
+    $ossl_path = "..\\out32dll\\openssl.exe";
+}
+elsif ( -f "..\\out32\\openssl.exe" ) {
+    $ossl_path = "..\\out32\\openssl.exe";
+}
+else {
+    die "Can't find OpenSSL executable";
+}
+
+my $pkitsdir = "pkits/smime";
+my $pkitsta = "pkits/certs/TrustAnchorRootCertificate.crt";
+
+die "Can't find PKITS test data" if !-d $pkitsdir;
+
+my $nist1 = "2.16.840.1.101.3.2.1.48.1";
+my $nist2 = "2.16.840.1.101.3.2.1.48.2";
+my $nist3 = "2.16.840.1.101.3.2.1.48.3";
+my $nist4 = "2.16.840.1.101.3.2.1.48.4";
+my $nist5 = "2.16.840.1.101.3.2.1.48.5";
+my $nist6 = "2.16.840.1.101.3.2.1.48.6";
+
+my $apolicy = "X509v3 Any Policy";
+
+# This table contains the chapter headings of the accompanying PKITS
+# document. They provide useful informational output and their names
+# can be converted into the filename to test.
+
+my @testlists = (
+    [ "4.1", "Signature Verification" ],
+    [ "4.1.1", "Valid Signatures Test1",                        0 ],
+    [ "4.1.2", "Invalid CA Signature Test2",                    7 ],
+    [ "4.1.3", "Invalid EE Signature Test3",                    7 ],
+    [ "4.1.4", "Valid DSA Signatures Test4",                    0 ],
+    [ "4.1.5", "Valid DSA Parameter Inheritance Test5",         0 ],
+    [ "4.1.6", "Invalid DSA Signature Test6",                   7 ],
+    [ "4.2",   "Validity Periods" ],
+    [ "4.2.1", "Invalid CA notBefore Date Test1",               9 ],
+    [ "4.2.2", "Invalid EE notBefore Date Test2",               9 ],
+    [ "4.2.3", "Valid pre2000 UTC notBefore Date Test3",        0 ],
+    [ "4.2.4", "Valid GeneralizedTime notBefore Date Test4",    0 ],
+    [ "4.2.5", "Invalid CA notAfter Date Test5",                10 ],
+    [ "4.2.6", "Invalid EE notAfter Date Test6",                10 ],
+    [ "4.2.7", "Invalid pre2000 UTC EE notAfter Date Test7",    10 ],
+    [ "4.2.8", "Valid GeneralizedTime notAfter Date Test8",     0 ],
+    [ "4.3",   "Verifying Name Chaining" ],
+    [ "4.3.1", "Invalid Name Chaining EE Test1",                20 ],
+    [ "4.3.2", "Invalid Name Chaining Order Test2",             20 ],
+    [ "4.3.3", "Valid Name Chaining Whitespace Test3",          0 ],
+    [ "4.3.4", "Valid Name Chaining Whitespace Test4",          0 ],
+    [ "4.3.5", "Valid Name Chaining Capitalization Test5",      0 ],
+    [ "4.3.6", "Valid Name Chaining UIDs Test6",                0 ],
+    [ "4.3.7", "Valid RFC3280 Mandatory Attribute Types Test7", 0 ],
+    [ "4.3.8", "Valid RFC3280 Optional Attribute Types Test8",  0 ],
+    [ "4.3.9", "Valid UTF8String Encoded Names Test9",          0 ],
+    [ "4.3.10", "Valid Rollover from PrintableString to UTF8String Test10", 0 ],
+    [ "4.3.11", "Valid UTF8String Case Insensitive Match Test11",           0 ],
+    [ "4.4",    "Basic Certificate Revocation Tests" ],
+    [ "4.4.1",  "Missing CRL Test1",                                        3 ],
+    [ "4.4.2", "Invalid Revoked CA Test2",          23 ],
+    [ "4.4.3", "Invalid Revoked EE Test3",          23 ],
+    [ "4.4.4", "Invalid Bad CRL Signature Test4",   8 ],
+    [ "4.4.5", "Invalid Bad CRL Issuer Name Test5", 3 ],
+    [ "4.4.6", "Invalid Wrong CRL Test6",           3 ],
+    [ "4.4.7", "Valid Two CRLs Test7",              0 ],
+
+    # The test document suggests these should return certificate revoked...
+    # Subsquent discussion has concluded they should not due to unhandle
+    # critical CRL extensions.
+    [ "4.4.8", "Invalid Unknown CRL Entry Extension Test8", 36 ],
+    [ "4.4.9", "Invalid Unknown CRL Extension Test9",       36 ],
+
+    [ "4.4.10", "Invalid Unknown CRL Extension Test10",             36 ],
+    [ "4.4.11", "Invalid Old CRL nextUpdate Test11",                12 ],
+    [ "4.4.12", "Invalid pre2000 CRL nextUpdate Test12",            12 ],
+    [ "4.4.13", "Valid GeneralizedTime CRL nextUpdate Test13",      0 ],
+    [ "4.4.14", "Valid Negative Serial Number Test14",              0 ],
+    [ "4.4.15", "Invalid Negative Serial Number Test15",            23 ],
+    [ "4.4.16", "Valid Long Serial Number Test16",                  0 ],
+    [ "4.4.17", "Valid Long Serial Number Test17",                  0 ],
+    [ "4.4.18", "Invalid Long Serial Number Test18",                23 ],
+    [ "4.4.19", "Valid Separate Certificate and CRL Keys Test19",   0 ],
+    [ "4.4.20", "Invalid Separate Certificate and CRL Keys Test20", 23 ],
+
+    # CRL path is revoked so get a CRL path validation error
+    [ "4.4.21", "Invalid Separate Certificate and CRL Keys Test21",      54 ],
+    [ "4.5",    "Verifying Paths with Self-Issued Certificates" ],
+    [ "4.5.1",  "Valid Basic Self-Issued Old With New Test1",            0 ],
+    [ "4.5.2",  "Invalid Basic Self-Issued Old With New Test2",          23 ],
+    [ "4.5.3",  "Valid Basic Self-Issued New With Old Test3",            0 ],
+    [ "4.5.4",  "Valid Basic Self-Issued New With Old Test4",            0 ],
+    [ "4.5.5",  "Invalid Basic Self-Issued New With Old Test5",          23 ],
+    [ "4.5.6",  "Valid Basic Self-Issued CRL Signing Key Test6",         0 ],
+    [ "4.5.7",  "Invalid Basic Self-Issued CRL Signing Key Test7",       23 ],
+    [ "4.5.8",  "Invalid Basic Self-Issued CRL Signing Key Test8",       20 ],
+    [ "4.6",    "Verifying Basic Constraints" ],
+    [ "4.6.1",  "Invalid Missing basicConstraints Test1",                24 ],
+    [ "4.6.2",  "Invalid cA False Test2",                                24 ],
+    [ "4.6.3",  "Invalid cA False Test3",                                24 ],
+    [ "4.6.4",  "Valid basicConstraints Not Critical Test4",             0 ],
+    [ "4.6.5",  "Invalid pathLenConstraint Test5",                       25 ],
+    [ "4.6.6",  "Invalid pathLenConstraint Test6",                       25 ],
+    [ "4.6.7",  "Valid pathLenConstraint Test7",                         0 ],
+    [ "4.6.8",  "Valid pathLenConstraint Test8",                         0 ],
+    [ "4.6.9",  "Invalid pathLenConstraint Test9",                       25 ],
+    [ "4.6.10", "Invalid pathLenConstraint Test10",                      25 ],
+    [ "4.6.11", "Invalid pathLenConstraint Test11",                      25 ],
+    [ "4.6.12", "Invalid pathLenConstraint Test12",                      25 ],
+    [ "4.6.13", "Valid pathLenConstraint Test13",                        0 ],
+    [ "4.6.14", "Valid pathLenConstraint Test14",                        0 ],
+    [ "4.6.15", "Valid Self-Issued pathLenConstraint Test15",            0 ],
+    [ "4.6.16", "Invalid Self-Issued pathLenConstraint Test16",          25 ],
+    [ "4.6.17", "Valid Self-Issued pathLenConstraint Test17",            0 ],
+    [ "4.7",    "Key Usage" ],
+    [ "4.7.1",  "Invalid keyUsage Critical keyCertSign False Test1",     20 ],
+    [ "4.7.2",  "Invalid keyUsage Not Critical keyCertSign False Test2", 20 ],
+    [ "4.7.3",  "Valid keyUsage Not Critical Test3",                     0 ],
+    [ "4.7.4",  "Invalid keyUsage Critical cRLSign False Test4",         35 ],
+    [ "4.7.5",  "Invalid keyUsage Not Critical cRLSign False Test5",     35 ],
+
+    # Certificate policy tests need special handling. They can have several
+    # sub tests and we need to check the outputs are correct.
+
+    [ "4.8", "Certificate Policies" ],
+    [
+        "4.8.1.1",
+        "All Certificates Same Policy Test1",
+        "-policy anyPolicy -explicit_policy",
+        "True", $nist1, $nist1, 0
+    ],
+    [
+        "4.8.1.2",
+        "All Certificates Same Policy Test1",
+        "-policy $nist1 -explicit_policy",
+        "True", $nist1, $nist1, 0
+    ],
+    [
+        "4.8.1.3",
+        "All Certificates Same Policy Test1",
+        "-policy $nist2 -explicit_policy",
+        "True", $nist1, "<empty>", 43
+    ],
+    [
+        "4.8.1.4",
+        "All Certificates Same Policy Test1",
+        "-policy $nist1 -policy $nist2 -explicit_policy",
+        "True", $nist1, $nist1, 0
+    ],
+    [
+        "4.8.2.1",
+        "All Certificates No Policies Test2",
+        "-policy anyPolicy",
+        "False", "<empty>", "<empty>", 0
+    ],
+    [
+        "4.8.2.2",
+        "All Certificates No Policies Test2",
+        "-policy anyPolicy -explicit_policy",
+        "True", "<empty>", "<empty>", 43
+    ],
+    [
+        "4.8.3.1",
+        "Different Policies Test3",
+        "-policy anyPolicy",
+        "False", "<empty>", "<empty>", 0
+    ],
+    [
+        "4.8.3.2",
+        "Different Policies Test3",
+        "-policy anyPolicy -explicit_policy",
+        "True", "<empty>", "<empty>", 43
+    ],
+    [
+        "4.8.3.3",
+        "Different Policies Test3",
+        "-policy $nist1 -policy $nist2 -explicit_policy",
+        "True", "<empty>", "<empty>", 43
+    ],
+
+    [
+        "4.8.4",
+        "Different Policies Test4",
+        "-policy anyPolicy",
+        "True", "<empty>", "<empty>", 43
+    ],
+    [
+        "4.8.5",
+        "Different Policies Test5",
+        "-policy anyPolicy",
+        "True", "<empty>", "<empty>", 43
+    ],
+    [
+        "4.8.6.1",
+        "Overlapping Policies Test6",
+        "-policy anyPolicy",
+        "True", $nist1, $nist1, 0
+    ],
+    [
+        "4.8.6.2",
+        "Overlapping Policies Test6",
+        "-policy $nist1",
+        "True", $nist1, $nist1, 0
+    ],
+    [
+        "4.8.6.3",
+        "Overlapping Policies Test6",
+        "-policy $nist2",
+        "True", $nist1, "<empty>", 43
+    ],
+    [
+        "4.8.7",
+        "Different Policies Test7",
+        "-policy anyPolicy",
+        "True", "<empty>", "<empty>", 43
+    ],
+    [
+        "4.8.8",
+        "Different Policies Test8",
+        "-policy anyPolicy",
+        "True", "<empty>", "<empty>", 43
+    ],
+    [
+        "4.8.9",
+        "Different Policies Test9",
+        "-policy anyPolicy",
+        "True", "<empty>", "<empty>", 43
+    ],
+    [
+        "4.8.10.1",
+        "All Certificates Same Policies Test10",
+        "-policy $nist1",
+        "True", "$nist1:$nist2", "$nist1", 0
+    ],
+    [
+        "4.8.10.2",
+        "All Certificates Same Policies Test10",
+        "-policy $nist2",
+        "True", "$nist1:$nist2", "$nist2", 0
+    ],
+    [
+        "4.8.10.3",
+        "All Certificates Same Policies Test10",
+        "-policy anyPolicy",
+        "True", "$nist1:$nist2", "$nist1:$nist2", 0
+    ],
+    [
+        "4.8.11.1",
+        "All Certificates AnyPolicy Test11",
+        "-policy anyPolicy",
+        "True", "$apolicy", "$apolicy", 0
+    ],
+    [
+        "4.8.11.2",
+        "All Certificates AnyPolicy Test11",
+        "-policy $nist1",
+        "True", "$apolicy", "$nist1", 0
+    ],
+    [
+        "4.8.12",
+        "Different Policies Test12",
+        "-policy anyPolicy",
+        "True", "<empty>", "<empty>", 43
+    ],
+    [
+        "4.8.13.1",
+        "All Certificates Same Policies Test13",
+        "-policy $nist1",
+        "True", "$nist1:$nist2:$nist3", "$nist1", 0
+    ],
+    [
+        "4.8.13.2",
+        "All Certificates Same Policies Test13",
+        "-policy $nist2",
+        "True", "$nist1:$nist2:$nist3", "$nist2", 0
+    ],
+    [
+        "4.8.13.3",
+        "All Certificates Same Policies Test13",
+        "-policy $nist3",
+        "True", "$nist1:$nist2:$nist3", "$nist3", 0
+    ],
+    [
+        "4.8.14.1",       "AnyPolicy Test14",
+        "-policy $nist1", "True",
+        "$nist1",         "$nist1",
+        0
+    ],
+    [
+        "4.8.14.2",       "AnyPolicy Test14",
+        "-policy $nist2", "True",
+        "$nist1",         "<empty>",
+        43
+    ],
+    [
+        "4.8.15",
+        "User Notice Qualifier Test15",
+        "-policy anyPolicy",
+        "False", "$nist1", "$nist1", 0
+    ],
+    [
+        "4.8.16",
+        "User Notice Qualifier Test16",
+        "-policy anyPolicy",
+        "False", "$nist1", "$nist1", 0
+    ],
+    [
+        "4.8.17",
+        "User Notice Qualifier Test17",
+        "-policy anyPolicy",
+        "False", "$nist1", "$nist1", 0
+    ],
+    [
+        "4.8.18.1",
+        "User Notice Qualifier Test18",
+        "-policy $nist1",
+        "True", "$nist1:$nist2", "$nist1", 0
+    ],
+    [
+        "4.8.18.2",
+        "User Notice Qualifier Test18",
+        "-policy $nist2",
+        "True", "$nist1:$nist2", "$nist2", 0
+    ],
+    [
+        "4.8.19",
+        "User Notice Qualifier Test19",
+        "-policy anyPolicy",
+        "False", "$nist1", "$nist1", 0
+    ],
+    [
+        "4.8.20",
+        "CPS Pointer Qualifier Test20",
+        "-policy anyPolicy -explicit_policy",
+        "True", "$nist1", "$nist1", 0
+    ],
+    [ "4.9", "Require Explicit Policy" ],
+    [
+        "4.9.1",
+        "Valid RequireExplicitPolicy Test1",
+        "-policy anyPolicy",
+        "False", "<empty>", "<empty>", 0
+    ],
+    [
+        "4.9.2",
+        "Valid RequireExplicitPolicy Test2",
+        "-policy anyPolicy",
+        "False", "<empty>", "<empty>", 0
+    ],
+    [
+        "4.9.3",
+        "Invalid RequireExplicitPolicy Test3",
+        "-policy anyPolicy",
+        "True", "<empty>", "<empty>", 43
+    ],
+    [
+        "4.9.4",
+        "Valid RequireExplicitPolicy Test4",
+        "-policy anyPolicy",
+        "True", "$nist1", "$nist1", 0
+    ],
+    [
+        "4.9.5",
+        "Invalid RequireExplicitPolicy Test5",
+        "-policy anyPolicy",
+        "True", "<empty>", "<empty>", 43
+    ],
+    [
+        "4.9.6",
+        "Valid Self-Issued requireExplicitPolicy Test6",
+        "-policy anyPolicy",
+        "False", "<empty>", "<empty>", 0
+    ],
+    [
+        "4.9.7",
+        "Invalid Self-Issued requireExplicitPolicy Test7",
+        "-policy anyPolicy",
+        "True", "<empty>", "<empty>", 43
+    ],
+    [
+        "4.9.8",
+        "Invalid Self-Issued requireExplicitPolicy Test8",
+        "-policy anyPolicy",
+        "True", "<empty>", "<empty>", 43
+    ],
+    [ "4.10", "Policy Mappings" ],
+    [
+        "4.10.1.1",
+        "Valid Policy Mapping Test1",
+        "-policy $nist1",
+        "True", "$nist1", "$nist1", 0
+    ],
+    [
+        "4.10.1.2",
+        "Valid Policy Mapping Test1",
+        "-policy $nist2",
+        "True", "$nist1", "<empty>", 43
+    ],
+    [
+        "4.10.1.3",
+        "Valid Policy Mapping Test1",
+        "-policy anyPolicy -inhibit_map",
+        "True", "<empty>", "<empty>", 43
+    ],
+    [
+        "4.10.2.1",
+        "Invalid Policy Mapping Test2",
+        "-policy anyPolicy",
+        "True", "<empty>", "<empty>", 43
+    ],
+    [
+        "4.10.2.2",
+        "Invalid Policy Mapping Test2",
+        "-policy anyPolicy -inhibit_map",
+        "True", "<empty>", "<empty>", 43
+    ],
+    [
+        "4.10.3.1",
+        "Valid Policy Mapping Test3",
+        "-policy $nist1",
+        "True", "$nist2", "<empty>", 43
+    ],
+    [
+        "4.10.3.2",
+        "Valid Policy Mapping Test3",
+        "-policy $nist2",
+        "True", "$nist2", "$nist2", 0
+    ],
+    [
+        "4.10.4",
+        "Invalid Policy Mapping Test4",
+        "-policy anyPolicy",
+        "True", "<empty>", "<empty>", 43
+    ],
+    [
+        "4.10.5.1",
+        "Valid Policy Mapping Test5",
+        "-policy $nist1",
+        "True", "$nist1", "$nist1", 0
+    ],
+    [
+        "4.10.5.2",
+        "Valid Policy Mapping Test5",
+        "-policy $nist6",
+        "True", "$nist1", "<empty>", 43
+    ],
+    [
+        "4.10.6.1",
+        "Valid Policy Mapping Test6",
+        "-policy $nist1",
+        "True", "$nist1", "$nist1", 0
+    ],
+    [
+        "4.10.6.2",
+        "Valid Policy Mapping Test6",
+        "-policy $nist6",
+        "True", "$nist1", "<empty>", 43
+    ],
+    [ "4.10.7", "Invalid Mapping From anyPolicy Test7", 42 ],
+    [ "4.10.8", "Invalid Mapping To anyPolicy Test8",   42 ],
+    [
+        "4.10.9",
+        "Valid Policy Mapping Test9",
+        "-policy anyPolicy",
+        "True", "$nist1", "$nist1", 0
+    ],
+    [
+        "4.10.10",
+        "Invalid Policy Mapping Test10",
+        "-policy anyPolicy",
+        "True", "<empty>", "<empty>", 43
+    ],
+    [
+        "4.10.11",
+        "Valid Policy Mapping Test11",
+        "-policy anyPolicy",
+        "True", "$nist1", "$nist1", 0
+    ],
+
+    # TODO: check notice display
+    [
+        "4.10.12.1",
+        "Valid Policy Mapping Test12",
+        "-policy $nist1",
+        "True", "$nist1:$nist2", "$nist1", 0
+    ],
+
+    # TODO: check notice display
+    [
+        "4.10.12.2",
+        "Valid Policy Mapping Test12",
+        "-policy $nist2",
+        "True", "$nist1:$nist2", "$nist2", 0
+    ],
+    [
+        "4.10.13",
+        "Valid Policy Mapping Test13",
+        "-policy anyPolicy",
+        "True", "$nist1", "$nist1", 0
+    ],
+
+    # TODO: check notice display
+    [
+        "4.10.14",
+        "Valid Policy Mapping Test14",
+        "-policy anyPolicy",
+        "True", "$nist1", "$nist1", 0
+    ],
+    [ "4.11", "Inhibit Policy Mapping" ],
+    [
+        "4.11.1",
+        "Invalid inhibitPolicyMapping Test1",
+        "-policy anyPolicy",
+        "True", "<empty>", "<empty>", 43
+    ],
+    [
+        "4.11.2",
+        "Valid inhibitPolicyMapping Test2",
+        "-policy anyPolicy",
+        "True", "$nist1", "$nist1", 0
+    ],
+    [
+        "4.11.3",
+        "Invalid inhibitPolicyMapping Test3",
+        "-policy anyPolicy",
+        "True", "<empty>", "<empty>", 43
+    ],
+    [
+        "4.11.4",
+        "Valid inhibitPolicyMapping Test4",
+        "-policy anyPolicy",
+        "True", "$nist2", "$nist2", 0
+    ],
+    [
+        "4.11.5",
+        "Invalid inhibitPolicyMapping Test5",
+        "-policy anyPolicy",
+        "True", "<empty>", "<empty>", 43
+    ],
+    [
+        "4.11.6",
+        "Invalid inhibitPolicyMapping Test6",
+        "-policy anyPolicy",
+        "True", "<empty>", "<empty>", 43
+    ],
+    [
+        "4.11.7",
+        "Valid Self-Issued inhibitPolicyMapping Test7",
+        "-policy anyPolicy",
+        "True", "$nist1", "$nist1", 0
+    ],
+    [
+        "4.11.8",
+        "Invalid Self-Issued inhibitPolicyMapping Test8",
+        "-policy anyPolicy",
+        "True", "<empty>", "<empty>", 43
+    ],
+    [
+        "4.11.9",
+        "Invalid Self-Issued inhibitPolicyMapping Test9",
+        "-policy anyPolicy",
+        "True", "<empty>", "<empty>", 43
+    ],
+    [
+        "4.11.10",
+        "Invalid Self-Issued inhibitPolicyMapping Test10",
+        "-policy anyPolicy",
+        "True", "<empty>", "<empty>", 43
+    ],
+    [
+        "4.11.11",
+        "Invalid Self-Issued inhibitPolicyMapping Test11",
+        "-policy anyPolicy",
+        "True", "<empty>", "<empty>", 43
+    ],
+    [ "4.12", "Inhibit Any Policy" ],
+    [
+        "4.12.1",
+        "Invalid inhibitAnyPolicy Test1",
+        "-policy anyPolicy",
+        "True", "<empty>", "<empty>", 43
+    ],
+    [
+        "4.12.2",
+        "Valid inhibitAnyPolicy Test2",
+        "-policy anyPolicy",
+        "True", "$nist1", "$nist1", 0
+    ],
+    [
+        "4.12.3.1",
+        "inhibitAnyPolicy Test3",
+        "-policy anyPolicy",
+        "True", "$nist1", "$nist1", 0
+    ],
+    [
+        "4.12.3.2",
+        "inhibitAnyPolicy Test3",
+        "-policy anyPolicy -inhibit_any",
+        "True", "<empty>", "<empty>", 43
+    ],
+    [
+        "4.12.4",
+        "Invalid inhibitAnyPolicy Test4",
+        "-policy anyPolicy",
+        "True", "<empty>", "<empty>", 43
+    ],
+    [
+        "4.12.5",
+        "Invalid inhibitAnyPolicy Test5",
+        "-policy anyPolicy",
+        "True", "<empty>", "<empty>", 43
+    ],
+    [
+        "4.12.6",
+        "Invalid inhibitAnyPolicy Test6",
+        "-policy anyPolicy",
+        "True", "<empty>", "<empty>", 43
+    ],
+    [ "4.12.7",  "Valid Self-Issued inhibitAnyPolicy Test7",      0 ],
+    [ "4.12.8",  "Invalid Self-Issued inhibitAnyPolicy Test8",    43 ],
+    [ "4.12.9",  "Valid Self-Issued inhibitAnyPolicy Test9",      0 ],
+    [ "4.12.10", "Invalid Self-Issued inhibitAnyPolicy Test10",   43 ],
+    [ "4.13",    "Name Constraints" ],
+    [ "4.13.1",  "Valid DN nameConstraints Test1",                0 ],
+    [ "4.13.2",  "Invalid DN nameConstraints Test2",              47 ],
+    [ "4.13.3",  "Invalid DN nameConstraints Test3",              47 ],
+    [ "4.13.4",  "Valid DN nameConstraints Test4",                0 ],
+    [ "4.13.5",  "Valid DN nameConstraints Test5",                0 ],
+    [ "4.13.6",  "Valid DN nameConstraints Test6",                0 ],
+    [ "4.13.7",  "Invalid DN nameConstraints Test7",              48 ],
+    [ "4.13.8",  "Invalid DN nameConstraints Test8",              48 ],
+    [ "4.13.9",  "Invalid DN nameConstraints Test9",              48 ],
+    [ "4.13.10", "Invalid DN nameConstraints Test10",             48 ],
+    [ "4.13.11", "Valid DN nameConstraints Test11",               0 ],
+    [ "4.13.12", "Invalid DN nameConstraints Test12",             47 ],
+    [ "4.13.13", "Invalid DN nameConstraints Test13",             47 ],
+    [ "4.13.14", "Valid DN nameConstraints Test14",               0 ],
+    [ "4.13.15", "Invalid DN nameConstraints Test15",             48 ],
+    [ "4.13.16", "Invalid DN nameConstraints Test16",             48 ],
+    [ "4.13.17", "Invalid DN nameConstraints Test17",             48 ],
+    [ "4.13.18", "Valid DN nameConstraints Test18",               0 ],
+    [ "4.13.19", "Valid Self-Issued DN nameConstraints Test19",   0 ],
+    [ "4.13.20", "Invalid Self-Issued DN nameConstraints Test20", 47 ],
+    [ "4.13.21", "Valid RFC822 nameConstraints Test21",           0 ],
+    [ "4.13.22", "Invalid RFC822 nameConstraints Test22",         47 ],
+    [ "4.13.23", "Valid RFC822 nameConstraints Test23",           0 ],
+    [ "4.13.24", "Invalid RFC822 nameConstraints Test24",         47 ],
+    [ "4.13.25", "Valid RFC822 nameConstraints Test25",           0 ],
+    [ "4.13.26", "Invalid RFC822 nameConstraints Test26",         48 ],
+    [ "4.13.27", "Valid DN and RFC822 nameConstraints Test27",    0 ],
+    [ "4.13.28", "Invalid DN and RFC822 nameConstraints Test28",  47 ],
+    [ "4.13.29", "Invalid DN and RFC822 nameConstraints Test29",  47 ],
+    [ "4.13.30", "Valid DNS nameConstraints Test30",              0 ],
+    [ "4.13.31", "Invalid DNS nameConstraints Test31",            47 ],
+    [ "4.13.32", "Valid DNS nameConstraints Test32",              0 ],
+    [ "4.13.33", "Invalid DNS nameConstraints Test33",            48 ],
+    [ "4.13.34", "Valid URI nameConstraints Test34",              0 ],
+    [ "4.13.35", "Invalid URI nameConstraints Test35",            47 ],
+    [ "4.13.36", "Valid URI nameConstraints Test36",              0 ],
+    [ "4.13.37", "Invalid URI nameConstraints Test37",            48 ],
+    [ "4.13.38", "Invalid DNS nameConstraints Test38",            47 ],
+    [ "4.14",    "Distribution Points" ],
+    [ "4.14.1",  "Valid distributionPoint Test1",                 0 ],
+    [ "4.14.2",  "Invalid distributionPoint Test2",               23 ],
+    [ "4.14.3",  "Invalid distributionPoint Test3",               44 ],
+    [ "4.14.4",  "Valid distributionPoint Test4",                 0 ],
+    [ "4.14.5",  "Valid distributionPoint Test5",                 0 ],
+    [ "4.14.6",  "Invalid distributionPoint Test6",               23 ],
+    [ "4.14.7",  "Valid distributionPoint Test7",                 0 ],
+    [ "4.14.8",  "Invalid distributionPoint Test8",               44 ],
+    [ "4.14.9",  "Invalid distributionPoint Test9",               44 ],
+    [ "4.14.10", "Valid No issuingDistributionPoint Test10",      0 ],
+    [ "4.14.11", "Invalid onlyContainsUserCerts CRL Test11",      44 ],
+    [ "4.14.12", "Invalid onlyContainsCACerts CRL Test12",        44 ],
+    [ "4.14.13", "Valid onlyContainsCACerts CRL Test13",          0 ],
+    [ "4.14.14", "Invalid onlyContainsAttributeCerts Test14",     44 ],
+    [ "4.14.15", "Invalid onlySomeReasons Test15",                23 ],
+    [ "4.14.16", "Invalid onlySomeReasons Test16",                23 ],
+    [ "4.14.17", "Invalid onlySomeReasons Test17",                3 ],
+    [ "4.14.18", "Valid onlySomeReasons Test18",                  0 ],
+    [ "4.14.19", "Valid onlySomeReasons Test19",                  0 ],
+    [ "4.14.20", "Invalid onlySomeReasons Test20",                23 ],
+    [ "4.14.21", "Invalid onlySomeReasons Test21",                23 ],
+    [ "4.14.22", "Valid IDP with indirectCRL Test22",             0 ],
+    [ "4.14.23", "Invalid IDP with indirectCRL Test23",           23 ],
+    [ "4.14.24", "Valid IDP with indirectCRL Test24",             0 ],
+    [ "4.14.25", "Valid IDP with indirectCRL Test25",             0 ],
+    [ "4.14.26", "Invalid IDP with indirectCRL Test26",           44 ],
+    [ "4.14.27", "Invalid cRLIssuer Test27",                      3 ],
+    [ "4.14.28", "Valid cRLIssuer Test28",                        0 ],
+    [ "4.14.29", "Valid cRLIssuer Test29",                        0 ],
+
+    # Although this test is valid it has a circular dependency. As a result
+    # an attempt is made to reursively checks a CRL path and rejected due to
+    # a CRL path validation error. PKITS notes suggest this test does not
+    # need to be run due to this issue.
+    [ "4.14.30", "Valid cRLIssuer Test30",                                 54 ],
+    [ "4.14.31", "Invalid cRLIssuer Test31",                               23 ],
+    [ "4.14.32", "Invalid cRLIssuer Test32",                               23 ],
+    [ "4.14.33", "Valid cRLIssuer Test33",                                 0 ],
+    [ "4.14.34", "Invalid cRLIssuer Test34",                               23 ],
+    [ "4.14.35", "Invalid cRLIssuer Test35",                               44 ],
+    [ "4.15",    "Delta-CRLs" ],
+    [ "4.15.1",  "Invalid deltaCRLIndicator No Base Test1",                3 ],
+    [ "4.15.2",  "Valid delta-CRL Test2",                                  0 ],
+    [ "4.15.3",  "Invalid delta-CRL Test3",                                23 ],
+    [ "4.15.4",  "Invalid delta-CRL Test4",                                23 ],
+    [ "4.15.5",  "Valid delta-CRL Test5",                                  0 ],
+    [ "4.15.6",  "Invalid delta-CRL Test6",                                23 ],
+    [ "4.15.7",  "Valid delta-CRL Test7",                                  0 ],
+    [ "4.15.8",  "Valid delta-CRL Test8",                                  0 ],
+    [ "4.15.9",  "Invalid delta-CRL Test9",                                23 ],
+    [ "4.15.10", "Invalid delta-CRL Test10",                               12 ],
+    [ "4.16",    "Private Certificate Extensions" ],
+    [ "4.16.1",  "Valid Unknown Not Critical Certificate Extension Test1", 0 ],
+    [ "4.16.2",  "Invalid Unknown Critical Certificate Extension Test2",   34 ],
+);
+
+
+my $verbose = 1;
+
+my $numtest = 0;
+my $numfail = 0;
+
+my $ossl = "ossl/apps/openssl";
+
+my $ossl_cmd = "$ossl_path cms -verify -verify_retcode ";
+$ossl_cmd .= "-CAfile pkitsta.pem -crl_check_all -x509_strict ";
+$ossl_cmd .= "-policy_check -extended_crl -use_deltas -out /dev/null 2>&1 ";
+
+system "$ossl_path x509 -inform DER -in $pkitsta -out pkitsta.pem";
+
+die "Can't create trust anchor file" if $?;
+
+print "Running PKITS tests:\n" if $verbose;
+
+foreach (@testlists) {
+    my $argnum = @$_;
+    if ( $argnum == 2 ) {
+        my ( $tnum, $title ) = @$_;
+        print "$tnum $title\n" if $verbose;
+    }
+    elsif ( $argnum == 3 ) {
+        my ( $tnum, $title, $exp_ret ) = @$_;
+        my $filename = $title;
+        $exp_ret += 32 if $exp_ret;
+        $filename =~ tr/ -//d;
+        $filename = "Signed${filename}.eml";
+        if ( !-f "$pkitsdir/$filename" ) {
+            print "\"$filename\" not found\n";
+        }
+        else {
+            my $ret;
+            my $test_fail = 0;
+            my $errmsg    = "";
+            my $cmd       = $ossl_cmd;
+            $cmd .= "-in $pkitsdir/$filename -policy anyPolicy";
+            my $cmdout = `$cmd`;
+            $ret = $? >> 8;
+            if ( $? & 0xff ) {
+                $errmsg .= "Abnormal OpenSSL termination\n";
+                $test_fail = 1;
+            }
+            if ( $exp_ret != $ret ) {
+                $errmsg .= "Return code:$ret, ";
+                $errmsg .= "expected $exp_ret\n";
+                $test_fail = 1;
+            }
+            if ($test_fail) {
+                print "$tnum $title : Failed!\n";
+                print "Filename: $pkitsdir/$filename\n";
+                print $errmsg;
+                print "Command output:\n$cmdout\n";
+                $numfail++;
+            }
+            $numtest++;
+        }
+    }
+    elsif ( $argnum == 7 ) {
+        my ( $tnum, $title, $exargs, $exp_epol, $exp_aset, $exp_uset, $exp_ret )
+          = @$_;
+        my $filename = $title;
+        $exp_ret += 32 if $exp_ret;
+        $filename =~ tr/ -//d;
+        $filename = "Signed${filename}.eml";
+        if ( !-f "$pkitsdir/$filename" ) {
+            print "\"$filename\" not found\n";
+        }
+        else {
+            my $ret;
+            my $cmdout    = "";
+            my $errmsg    = "";
+            my $epol      = "";
+            my $aset      = "";
+            my $uset      = "";
+            my $pol       = -1;
+            my $test_fail = 0;
+            my $cmd       = $ossl_cmd;
+            $cmd .= "-in $pkitsdir/$filename $exargs -policy_print";
+            @oparr = `$cmd`;
+            $ret   = $? >> 8;
+
+            if ( $? & 0xff ) {
+                $errmsg .= "Abnormal OpenSSL termination\n";
+                $test_fail = 1;
+            }
+            foreach (@oparr) {
+                my $test_failed = 0;
+                $cmdout .= $_;
+                if (/^Require explicit Policy: (.*)$/) {
+                    $epol = $1;
+                }
+                if (/^Authority Policies/) {
+                    if (/empty/) {
+                        $aset = "<empty>";
+                    }
+                    else {
+                        $pol = 1;
+                    }
+                }
+                $test_fail = 1 if (/leak/i);
+                if (/^User Policies/) {
+                    if (/empty/) {
+                        $uset = "<empty>";
+                    }
+                    else {
+                        $pol = 2;
+                    }
+                }
+                if (/\s+Policy: (.*)$/) {
+                    if ( $pol == 1 ) {
+                        $aset .= ":" if $aset ne "";
+                        $aset .= $1;
+                    }
+                    elsif ( $pol == 2 ) {
+                        $uset .= ":" if $uset ne "";
+                        $uset .= $1;
+                    }
+                }
+            }
+
+            if ( $epol ne $exp_epol ) {
+                $errmsg .= "Explicit policy:$epol, ";
+                $errmsg .= "expected $exp_epol\n";
+                $test_fail = 1;
+            }
+            if ( $aset ne $exp_aset ) {
+                $errmsg .= "Authority policy set :$aset, ";
+                $errmsg .= "expected $exp_aset\n";
+                $test_fail = 1;
+            }
+            if ( $uset ne $exp_uset ) {
+                $errmsg .= "User policy set :$uset, ";
+                $errmsg .= "expected $exp_uset\n";
+                $test_fail = 1;
+            }
+
+            if ( $exp_ret != $ret ) {
+                print "Return code:$ret, expected $exp_ret\n";
+                $test_fail = 1;
+            }
+
+            if ($test_fail) {
+                print "$tnum $title : Failed!\n";
+                print "Filename: $pkitsdir/$filename\n";
+                print "Command output:\n$cmdout\n";
+                $numfail++;
+            }
+            $numtest++;
+        }
+    }
+}
+
+if ($numfail) {
+    print "$numfail tests failed out of $numtest\n";
+}
+else {
+    print "All Tests Successful.\n";
+}
+
+unlink "pkitsta.pem";
+
diff --git a/test/smcont.txt b/test/smcont.txt
new file mode 100644
index 0000000000..e837c0b75b
--- /dev/null
+++ b/test/smcont.txt
@@ -0,0 +1 @@
+Some test content for OpenSSL CMS
\ No newline at end of file
diff --git a/test/smime-certs/smdsa1.pem b/test/smime-certs/smdsa1.pem
new file mode 100644
index 0000000000..d5677dbfbe
--- /dev/null
+++ b/test/smime-certs/smdsa1.pem
@@ -0,0 +1,34 @@
+-----BEGIN DSA PRIVATE KEY-----
+MIIBuwIBAAKBgQDFJfsIPOIawMO5biw+AoYUhNVxReBOLQosU3Qv4B8krac0BNr3
+OjSGLh1wZxHqhlAE0QmasTaKojuk20nNWeFnczSz6vDl0IVJEhS8VYor5kt9gLqt
+GcoAgsf4gRDIutJyQDaNn3IVY89uXUVIoexvQeLQDBCgQPC5O8rJdqBwtwIVAK2J
+jt+dqk07eQUE59koYUEKyNorAoGBAI4IEpusf8G14kCHmRtnHXM2tG5EWJDmW6Qt
+wjqvWp1GKUx5WFy1tVWR9nl5rL0Di+kNdENo+SkKj7h3uDulGOI6T0mQYbV2h1IK
++FMOGnOqvZ8eNTE2n4PGTo5puZ63LBm+QYrQsrNiUY4vakLFQ2rEK/SLwdsDFK4Z
+SJCBQw5zAoGATQlPPF+OeU8nu3rsdXGDiZdJzOkuCce3KQfTABA9C+Dk4CVcvBdd
+YRLGpnykumkNTO1sTO+4/Gphsuje1ujK9td4UEhdYqylCe5QjEMrszDlJtelDQF9
+C0yhdjKGTP0kxofLhsGckcuQvcKEKffT2pDDKJIy4vWQO0UyJl1vjLcCFG2uiGGx
+9fMUZq1v0ePD4Wo0Xkxo
+-----END DSA PRIVATE KEY-----
+-----BEGIN CERTIFICATE-----
+MIIDpDCCAw2gAwIBAgIJAMtotfHYdEsWMA0GCSqGSIb3DQEBBQUAMEQxCzAJBgNV
+BAYTAlVLMRYwFAYDVQQKEw1PcGVuU1NMIEdyb3VwMR0wGwYDVQQDExRUZXN0IFMv
+TUlNRSBSU0EgUm9vdDAeFw0wODAyMjIxMzUzMDlaFw0xNjA1MTAxMzUzMDlaMEUx
+CzAJBgNVBAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMR4wHAYDVQQDDBVU
+ZXN0IFMvTUlNRSBFRSBEU0EgIzEwggG3MIIBLAYHKoZIzjgEATCCAR8CgYEAxSX7
+CDziGsDDuW4sPgKGFITVcUXgTi0KLFN0L+AfJK2nNATa9zo0hi4dcGcR6oZQBNEJ
+mrE2iqI7pNtJzVnhZ3M0s+rw5dCFSRIUvFWKK+ZLfYC6rRnKAILH+IEQyLrSckA2
+jZ9yFWPPbl1FSKHsb0Hi0AwQoEDwuTvKyXagcLcCFQCtiY7fnapNO3kFBOfZKGFB
+CsjaKwKBgQCOCBKbrH/BteJAh5kbZx1zNrRuRFiQ5lukLcI6r1qdRilMeVhctbVV
+kfZ5eay9A4vpDXRDaPkpCo+4d7g7pRjiOk9JkGG1dodSCvhTDhpzqr2fHjUxNp+D
+xk6OabmetywZvkGK0LKzYlGOL2pCxUNqxCv0i8HbAxSuGUiQgUMOcwOBhAACgYBN
+CU88X455Tye7eux1cYOJl0nM6S4Jx7cpB9MAED0L4OTgJVy8F11hEsamfKS6aQ1M
+7WxM77j8amGy6N7W6Mr213hQSF1irKUJ7lCMQyuzMOUm16UNAX0LTKF2MoZM/STG
+h8uGwZyRy5C9woQp99PakMMokjLi9ZA7RTImXW+Mt6OBgzCBgDAdBgNVHQ4EFgQU
+4Qfbhpi5yqXaXuCLXj427mR25MkwHwYDVR0jBBgwFoAUE89Lp7uJLrM4Vxd2xput
+aFvl7RcwDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCBsAwIAYDVR0RBBkwF4EV
+c21pbWVkc2ExQG9wZW5zc2wub3JnMA0GCSqGSIb3DQEBBQUAA4GBAFrdUzKK1pWO
+kd02S423KUBc4GWWyiGlVoEO7WxVhHLJ8sm67X7OtJOwe0UGt+Nc5qLtyJYSirw8
+phjiTdNpQCTJ8+Kc56tWkJ6H7NAI4vTJtPL5BM/EmeYrVSU9JI9xhqpyKw9IBD+n
+hRJ79W9FaiJRvaAOX+TkyTukJrxAWRyv
+-----END CERTIFICATE-----
diff --git a/test/smime-certs/smdsa2.pem b/test/smime-certs/smdsa2.pem
new file mode 100644
index 0000000000..ef86c115d7
--- /dev/null
+++ b/test/smime-certs/smdsa2.pem
@@ -0,0 +1,34 @@
+-----BEGIN DSA PRIVATE KEY-----
+MIIBvAIBAAKBgQDFJfsIPOIawMO5biw+AoYUhNVxReBOLQosU3Qv4B8krac0BNr3
+OjSGLh1wZxHqhlAE0QmasTaKojuk20nNWeFnczSz6vDl0IVJEhS8VYor5kt9gLqt
+GcoAgsf4gRDIutJyQDaNn3IVY89uXUVIoexvQeLQDBCgQPC5O8rJdqBwtwIVAK2J
+jt+dqk07eQUE59koYUEKyNorAoGBAI4IEpusf8G14kCHmRtnHXM2tG5EWJDmW6Qt
+wjqvWp1GKUx5WFy1tVWR9nl5rL0Di+kNdENo+SkKj7h3uDulGOI6T0mQYbV2h1IK
++FMOGnOqvZ8eNTE2n4PGTo5puZ63LBm+QYrQsrNiUY4vakLFQ2rEK/SLwdsDFK4Z
+SJCBQw5zAoGBAIPmO8BtJ+Yac58trrPwq9b/6VW3jQTWzTLWSH84/QQdqQa+Pz3v
+It/+hHM0daNF5uls8ICsPL1aLXmRx0pHvIyb0aAzYae4T4Jv/COPDMTdKbA1uitJ
+VbkGZrm+LIrs7I9lOkb4T0vI6kL/XdOCXY1469zsqCgJ/O2ibn6mq0nWAhR716o2
+Nf8SimTZYB0/CKje6M5ufA==
+-----END DSA PRIVATE KEY-----
+-----BEGIN CERTIFICATE-----
+MIIDpTCCAw6gAwIBAgIJAMtotfHYdEsXMA0GCSqGSIb3DQEBBQUAMEQxCzAJBgNV
+BAYTAlVLMRYwFAYDVQQKEw1PcGVuU1NMIEdyb3VwMR0wGwYDVQQDExRUZXN0IFMv
+TUlNRSBSU0EgUm9vdDAeFw0wODAyMjIxMzUzMDlaFw0xNjA1MTAxMzUzMDlaMEUx
+CzAJBgNVBAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMR4wHAYDVQQDDBVU
+ZXN0IFMvTUlNRSBFRSBEU0EgIzIwggG4MIIBLAYHKoZIzjgEATCCAR8CgYEAxSX7
+CDziGsDDuW4sPgKGFITVcUXgTi0KLFN0L+AfJK2nNATa9zo0hi4dcGcR6oZQBNEJ
+mrE2iqI7pNtJzVnhZ3M0s+rw5dCFSRIUvFWKK+ZLfYC6rRnKAILH+IEQyLrSckA2
+jZ9yFWPPbl1FSKHsb0Hi0AwQoEDwuTvKyXagcLcCFQCtiY7fnapNO3kFBOfZKGFB
+CsjaKwKBgQCOCBKbrH/BteJAh5kbZx1zNrRuRFiQ5lukLcI6r1qdRilMeVhctbVV
+kfZ5eay9A4vpDXRDaPkpCo+4d7g7pRjiOk9JkGG1dodSCvhTDhpzqr2fHjUxNp+D
+xk6OabmetywZvkGK0LKzYlGOL2pCxUNqxCv0i8HbAxSuGUiQgUMOcwOBhQACgYEA
+g+Y7wG0n5hpzny2us/Cr1v/pVbeNBNbNMtZIfzj9BB2pBr4/Pe8i3/6EczR1o0Xm
+6WzwgKw8vVoteZHHSke8jJvRoDNhp7hPgm/8I48MxN0psDW6K0lVuQZmub4siuzs
+j2U6RvhPS8jqQv9d04JdjXjr3OyoKAn87aJufqarSdajgYMwgYAwHQYDVR0OBBYE
+FHsAGNfVltSYUq4hC+YVYwsYtA+dMB8GA1UdIwQYMBaAFBPPS6e7iS6zOFcXdsab
+rWhb5e0XMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgbAMCAGA1UdEQQZMBeB
+FXNtaW1lZHNhMkBvcGVuc3NsLm9yZzANBgkqhkiG9w0BAQUFAAOBgQCx9BtCbaYF
+FXjLClkuKXbESaDZA1biPgY25i00FsUzARuhCpqD2v+0tu5c33ZzIhL6xlvBRU5l
+6Atw/xpZhae+hdBEtxPJoGekLLrHOau7Md3XwDjV4lFgcEJkWZoaSOOIK+4D5jF0
+jZWtHjnwEzuLYlo7ScHSsbcQfjH0M1TP5A==
+-----END CERTIFICATE-----
diff --git a/test/smime-certs/smdsa3.pem b/test/smime-certs/smdsa3.pem
new file mode 100644
index 0000000000..eeb848dabc
--- /dev/null
+++ b/test/smime-certs/smdsa3.pem
@@ -0,0 +1,34 @@
+-----BEGIN DSA PRIVATE KEY-----
+MIIBvAIBAAKBgQDFJfsIPOIawMO5biw+AoYUhNVxReBOLQosU3Qv4B8krac0BNr3
+OjSGLh1wZxHqhlAE0QmasTaKojuk20nNWeFnczSz6vDl0IVJEhS8VYor5kt9gLqt
+GcoAgsf4gRDIutJyQDaNn3IVY89uXUVIoexvQeLQDBCgQPC5O8rJdqBwtwIVAK2J
+jt+dqk07eQUE59koYUEKyNorAoGBAI4IEpusf8G14kCHmRtnHXM2tG5EWJDmW6Qt
+wjqvWp1GKUx5WFy1tVWR9nl5rL0Di+kNdENo+SkKj7h3uDulGOI6T0mQYbV2h1IK
++FMOGnOqvZ8eNTE2n4PGTo5puZ63LBm+QYrQsrNiUY4vakLFQ2rEK/SLwdsDFK4Z
+SJCBQw5zAoGAYzOpPmh8Je1IDauEXhgaLz14wqYUHHcrj2VWVJ6fRm8GhdQFJSI7
+GUk08pgKZSKic2lNqxuzW7/vFxKQ/nvzfytY16b+2i+BR4Q6yvMzCebE1hHVg0Ju
+TwfUMwoFEOhYP6ZwHSUiQl9IBMH9TNJCMwYMxfY+VOrURFsjGTRUgpwCFQCIGt5g
+Y+XZd0Sv69CatDIRYWvaIA==
+-----END DSA PRIVATE KEY-----
+-----BEGIN CERTIFICATE-----
+MIIDpDCCAw2gAwIBAgIJAMtotfHYdEsYMA0GCSqGSIb3DQEBBQUAMEQxCzAJBgNV
+BAYTAlVLMRYwFAYDVQQKEw1PcGVuU1NMIEdyb3VwMR0wGwYDVQQDExRUZXN0IFMv
+TUlNRSBSU0EgUm9vdDAeFw0wODAyMjIxMzUzMDlaFw0xNjA1MTAxMzUzMDlaMEUx
+CzAJBgNVBAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMR4wHAYDVQQDDBVU
+ZXN0IFMvTUlNRSBFRSBEU0EgIzMwggG3MIIBLAYHKoZIzjgEATCCAR8CgYEAxSX7
+CDziGsDDuW4sPgKGFITVcUXgTi0KLFN0L+AfJK2nNATa9zo0hi4dcGcR6oZQBNEJ
+mrE2iqI7pNtJzVnhZ3M0s+rw5dCFSRIUvFWKK+ZLfYC6rRnKAILH+IEQyLrSckA2
+jZ9yFWPPbl1FSKHsb0Hi0AwQoEDwuTvKyXagcLcCFQCtiY7fnapNO3kFBOfZKGFB
+CsjaKwKBgQCOCBKbrH/BteJAh5kbZx1zNrRuRFiQ5lukLcI6r1qdRilMeVhctbVV
+kfZ5eay9A4vpDXRDaPkpCo+4d7g7pRjiOk9JkGG1dodSCvhTDhpzqr2fHjUxNp+D
+xk6OabmetywZvkGK0LKzYlGOL2pCxUNqxCv0i8HbAxSuGUiQgUMOcwOBhAACgYBj
+M6k+aHwl7UgNq4ReGBovPXjCphQcdyuPZVZUnp9GbwaF1AUlIjsZSTTymAplIqJz
+aU2rG7Nbv+8XEpD+e/N/K1jXpv7aL4FHhDrK8zMJ5sTWEdWDQm5PB9QzCgUQ6Fg/
+pnAdJSJCX0gEwf1M0kIzBgzF9j5U6tREWyMZNFSCnKOBgzCBgDAdBgNVHQ4EFgQU
+VhpVXqQ/EzUMdxLvP7o9EhJ8h70wHwYDVR0jBBgwFoAUE89Lp7uJLrM4Vxd2xput
+aFvl7RcwDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCBsAwIAYDVR0RBBkwF4EV
+c21pbWVkc2EzQG9wZW5zc2wub3JnMA0GCSqGSIb3DQEBBQUAA4GBACM9e75EQa8m
+k/AZkH/tROqf3yeqijULl9x8FjFatqoY+29OM6oMGM425IqSkKd2ipz7OxO0SShu
+rE0O3edS7DvYBwvhWPviRaYBMyZ4iFJVup+fOzoYK/j/bASxS3BHQBwb2r4rhe25
+OlTyyFEk7DJyW18YFOG97S1P52oQ5f5x
+-----END CERTIFICATE-----
diff --git a/test/smime-certs/smdsap.pem b/test/smime-certs/smdsap.pem
new file mode 100644
index 0000000000..249706c8c7
--- /dev/null
+++ b/test/smime-certs/smdsap.pem
@@ -0,0 +1,9 @@
+-----BEGIN DSA PARAMETERS-----
+MIIBHwKBgQDFJfsIPOIawMO5biw+AoYUhNVxReBOLQosU3Qv4B8krac0BNr3OjSG
+Lh1wZxHqhlAE0QmasTaKojuk20nNWeFnczSz6vDl0IVJEhS8VYor5kt9gLqtGcoA
+gsf4gRDIutJyQDaNn3IVY89uXUVIoexvQeLQDBCgQPC5O8rJdqBwtwIVAK2Jjt+d
+qk07eQUE59koYUEKyNorAoGBAI4IEpusf8G14kCHmRtnHXM2tG5EWJDmW6Qtwjqv
+Wp1GKUx5WFy1tVWR9nl5rL0Di+kNdENo+SkKj7h3uDulGOI6T0mQYbV2h1IK+FMO
+GnOqvZ8eNTE2n4PGTo5puZ63LBm+QYrQsrNiUY4vakLFQ2rEK/SLwdsDFK4ZSJCB
+Qw5z
+-----END DSA PARAMETERS-----
diff --git a/test/smime-certs/smroot.pem b/test/smime-certs/smroot.pem
new file mode 100644
index 0000000000..a59eb2684c
--- /dev/null
+++ b/test/smime-certs/smroot.pem
@@ -0,0 +1,30 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQDBV1Z/Q5gPF7lojc8pKUdyz5+Jf2B3vs4he6egekugWnoJduki
+9Lnae/JchB/soIX0co3nLc11NuFFlnAWJNMDJr08l5AHAJLYNHevF5l/f9oDQwvZ
+speKh1xpIAJNqCTzVeQ/ZLx6/GccIXV/xDuKIiovqJTPgR5WPkYKaw++lQIDAQAB
+AoGALXnUj5SflJU4+B2652ydMKUjWl0KnL/VjkyejgGV/j6py8Ybaixz9q8Gv7oY
+JDlRqMC1HfZJCFQDQrHy5VJ+CywA/H9WrqKo/Ch9U4tJAZtkig1Cmay/BAYixVu0
+xBeim10aKF6hxHH4Chg9We+OCuzWBWJhqveNjuDedL/i7JUCQQDlejovcwBUCbhJ
+U12qKOwlaboolWbl7yF3XdckTJZg7+1UqQHZH5jYZlLZyZxiaC92SNV0SyTLJZnS
+Jh5CO+VDAkEA16/pPcuVtMMz/R6SSPpRSIAa1stLs0mFSs3NpR4pdm0n42mu05pO
+1tJEt3a1g7zkreQBf53+Dwb+lA841EkjRwJBAIFmt0DifKDnCkBu/jZh9SfzwsH3
+3Zpzik+hXxxdA7+ODCrdUul449vDd5zQD5t+XKU61QNLDGhxv5e9XvrCg7kCQH/a
+3ldsVF0oDaxxL+QkxoREtCQ5tLEd1u7F2q6Tl56FDE0pe6Ih6bQ8RtG+g9EI60IN
+U7oTrOO5kLWx5E0q4ccCQAZVgoenn9MhRU1agKOCuM6LT2DxReTu4XztJzynej+8
+0J93n3ebanB1MlRpn1XJwhQ7gAC8ImaQKLJK5jdJzFc=
+-----END RSA PRIVATE KEY-----
+-----BEGIN CERTIFICATE-----
+MIICaTCCAdKgAwIBAgIJAP6VN47boiXRMA0GCSqGSIb3DQEBBQUAMEQxCzAJBgNV
+BAYTAlVLMRYwFAYDVQQKEw1PcGVuU1NMIEdyb3VwMR0wGwYDVQQDExRUZXN0IFMv
+TUlNRSBSU0EgUm9vdDAeFw0wODAyMjIxMzUzMDdaFw0xNjA1MTExMzUzMDdaMEQx
+CzAJBgNVBAYTAlVLMRYwFAYDVQQKEw1PcGVuU1NMIEdyb3VwMR0wGwYDVQQDExRU
+ZXN0IFMvTUlNRSBSU0EgUm9vdDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
+wVdWf0OYDxe5aI3PKSlHcs+fiX9gd77OIXunoHpLoFp6CXbpIvS52nvyXIQf7KCF
+9HKN5y3NdTbhRZZwFiTTAya9PJeQBwCS2DR3rxeZf3/aA0ML2bKXiodcaSACTagk
+81XkP2S8evxnHCF1f8Q7iiIqL6iUz4EeVj5GCmsPvpUCAwEAAaNjMGEwHQYDVR0O
+BBYEFBPPS6e7iS6zOFcXdsabrWhb5e0XMB8GA1UdIwQYMBaAFBPPS6e7iS6zOFcX
+dsabrWhb5e0XMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMA0GCSqG
+SIb3DQEBBQUAA4GBAIECprq5viDvnDbkyOaiSr9ubMUmWqvycfAJMdPZRKcOZczS
+l+L9R9lF3JSqbt3knOe9u6bGDBOTY2285PdCCuHRVMk2Af1f6El1fqAlRUwNqipp
+r68sWFuRqrcRNtk6QQvXfkOhrqQBuDa7te/OVQLa2lGN9Dr2mQsD8ijctatG
+-----END CERTIFICATE-----
diff --git a/test/smime-certs/smrsa1.pem b/test/smime-certs/smrsa1.pem
new file mode 100644
index 0000000000..2cf3148e33
--- /dev/null
+++ b/test/smime-certs/smrsa1.pem
@@ -0,0 +1,31 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXgIBAAKBgQC6A978j4pmPgUtUQqF+bjh6vdhwGOGZSD7xXgFTMjm88twfv+E
+ixkq2KXSDjD0ZXoQbdOaSbvGRQrIJpG2NGiKAFdYNrP025kCCdh5wF/aEI7KLEm7
+JlHwXpQsuj4wkMgmkFjL3Ty4Z55aNH+2pPQIa0k+ENJXm2gDuhqgBmduAwIDAQAB
+AoGBAJMuYu51aO2THyeHGwt81uOytcCbqGP7eoib62ZOJhxPRGYjpmuqX+R9/V5i
+KiwGavm63JYUx0WO9YP+uIZxm1BUATzkgkS74u5LP6ajhkZh6/Bck1oIYYkbVOXl
+JVrdENuH6U7nupznsyYgONByo+ykFPVUGmutgiaC7NMVo/MxAkEA6KLejWXdCIEn
+xr7hGph9NlvY9xuRIMexRV/WrddcFfCdjI1PciIupgrIkR65M9yr7atm1iU6/aRf
+KOr8rLZsSQJBAMyyXN71NsDNx4BP6rtJ/LJMP0BylznWkA7zWfGCbAYn9VhZVlSY
+Eu9Gyr7quD1ix7G3kInKVYOEEOpockBLz+sCQQCedyMmKjcQLfpMVYW8uhbAynvW
+h36qV5yXZxszO7nMcCTBsxhk5IfmLv5EbCs3+p9avCDGyoGOeUMg+kC33WORAkAg
+oUIarH4o5+SoeJTTfCzTA0KF9H5U0vYt2+73h7HOnWoHxl3zqDZEfEVvf50U8/0f
+QELDJETTbScBJtsnkq43AkEA38etvoZ2i4FJvvo7R/9gWBHVEcrGzcsCBYrNnIR1
+SZLRwHEGaiOK1wxMsWzqp7PJwL9z/M8A8DyOFBx3GPOniA==
+-----END RSA PRIVATE KEY-----
+-----BEGIN CERTIFICATE-----
+MIICizCCAfSgAwIBAgIJAMtotfHYdEsTMA0GCSqGSIb3DQEBBQUAMEQxCzAJBgNV
+BAYTAlVLMRYwFAYDVQQKEw1PcGVuU1NMIEdyb3VwMR0wGwYDVQQDExRUZXN0IFMv
+TUlNRSBSU0EgUm9vdDAeFw0wODAyMjIxMzUzMDhaFw0xNjA1MTAxMzUzMDhaMEUx
+CzAJBgNVBAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMR4wHAYDVQQDDBVU
+ZXN0IFMvTUlNRSBFRSBSU0EgIzEwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGB
+ALoD3vyPimY+BS1RCoX5uOHq92HAY4ZlIPvFeAVMyObzy3B+/4SLGSrYpdIOMPRl
+ehBt05pJu8ZFCsgmkbY0aIoAV1g2s/TbmQIJ2HnAX9oQjsosSbsmUfBelCy6PjCQ
+yCaQWMvdPLhnnlo0f7ak9AhrST4Q0lebaAO6GqAGZ24DAgMBAAGjgYMwgYAwHQYD
+VR0OBBYEFE2vMvKz5jrC7Lbdg68XwZ95iL/QMB8GA1UdIwQYMBaAFBPPS6e7iS6z
+OFcXdsabrWhb5e0XMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgXgMCAGA1Ud
+EQQZMBeBFXNtaW1lcnNhMUBvcGVuc3NsLm9yZzANBgkqhkiG9w0BAQUFAAOBgQAi
+O3GOkUl646oLnOimc36i9wxZ1tejsqs8vMjJ0Pym6Uq9FE2JoGzJ6OhB1GOsEVmj
+9cQ5UNQcRYL3cqOFtl6f4Dpu/lhzfbaqgmLjv29G1mS0uuTZrixhlyCXjwcbOkNC
+I/+wvHHENYIK5+T/79M9LaZ2Qk4F9MNE1VMljdz9Qw==
+-----END CERTIFICATE-----
diff --git a/test/smime-certs/smrsa2.pem b/test/smime-certs/smrsa2.pem
new file mode 100644
index 0000000000..d41f69c82f
--- /dev/null
+++ b/test/smime-certs/smrsa2.pem
@@ -0,0 +1,31 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICWwIBAAKBgQCwBfryW4Vu5U9wNIDKspJO/N9YF4CcTlrCUyzVlKgb+8urHlSe
+59i5verR9IOCCXkemjOzZ/3nALTGqYZlnEvHp0Rjk+KdKXnKBIB+SRPpeu3LcXMT
+WPgsThPa0UQxedNKG0g6aG+kLhsDlFBCoxd09jJtSpb9jmroJOq0ZYEHLwIDAQAB
+AoGAKa/w4677Je1W5+r3SYoLDnvi5TkDs4D3C6ipKJgBTEdQz+DqB4w/DpZE4551
++rkFn1LDxcxuHGRVa+tAMhZW97fwq9YUbjVZEyOz79qrX+BMyl/NbHkf1lIKDo3q
+dWalzQvop7nbzeLC+VmmviwZfLQUbA61AQl3jm4dswT4XykCQQDloDadEv/28NTx
+bvvywvyGuvJkCkEIycm4JrIInvwsd76h/chZ3oymrqzc7hkEtK6kThqlS5y+WXl6
+QzPruTKTAkEAxD2ro/VUoN+scIVaLmn0RBmZ67+9Pdn6pNSfjlK3s0T0EM6/iUWS
+M06l6L9wFS3/ceu1tIifsh9BeqOGTa+udQJARIFnybTBaIqw/NZ/lA1YCVn8tpvY
+iyaoZ6gjtS65TQrsdKeh/i3HCHNUXxUpoZ3F/H7QtD+6o49ODou+EbVOwQJAVmex
+A2gp8wuJKaINqxIL81AybZLnCCzKJ3lXJ5tUNyLNM/lUbGStktm2Q1zHRQwTxV07
+jFn7trn8YrtNjzcjYQJAUKIJRt38A8Jw3HoPT+D0WS2IgxjVL0eYGsZX1lyeammG
+6rfnQ3u5uP7mEK2EH2o8mDUpAE0gclWBU9UkKxJsGA==
+-----END RSA PRIVATE KEY-----
+-----BEGIN CERTIFICATE-----
+MIICizCCAfSgAwIBAgIJAMtotfHYdEsUMA0GCSqGSIb3DQEBBQUAMEQxCzAJBgNV
+BAYTAlVLMRYwFAYDVQQKEw1PcGVuU1NMIEdyb3VwMR0wGwYDVQQDExRUZXN0IFMv
+TUlNRSBSU0EgUm9vdDAeFw0wODAyMjIxMzUzMDhaFw0xNjA1MTAxMzUzMDhaMEUx
+CzAJBgNVBAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMR4wHAYDVQQDDBVU
+ZXN0IFMvTUlNRSBFRSBSU0EgIzIwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGB
+ALAF+vJbhW7lT3A0gMqykk7831gXgJxOWsJTLNWUqBv7y6seVJ7n2Lm96tH0g4IJ
+eR6aM7Nn/ecAtMaphmWcS8enRGOT4p0pecoEgH5JE+l67ctxcxNY+CxOE9rRRDF5
+00obSDpob6QuGwOUUEKjF3T2Mm1Klv2Oaugk6rRlgQcvAgMBAAGjgYMwgYAwHQYD
+VR0OBBYEFIL/u+mEvaw7RuKLRuElfVkxSQjYMB8GA1UdIwQYMBaAFBPPS6e7iS6z
+OFcXdsabrWhb5e0XMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgXgMCAGA1Ud
+EQQZMBeBFXNtaW1lcnNhMkBvcGVuc3NsLm9yZzANBgkqhkiG9w0BAQUFAAOBgQC2
+rXR5bm/9RtOMQPleNpd3y6uUX3oy+0CafK5Yl3PMnItjjnKJ0l1/DbLbDj2twehe
+ewaB8CROcBCA3AMLSmGvPKgUCFMGtWam3328M4fBHzon5ka7qDXzM+imkAly/Yx2
+YNdR/aNOug+5sXygHmTSKqiCpQjOIClzXoPVVeEVHw==
+-----END CERTIFICATE-----
diff --git a/test/smime-certs/smrsa3.pem b/test/smime-certs/smrsa3.pem
new file mode 100644
index 0000000000..c8cbe55151
--- /dev/null
+++ b/test/smime-certs/smrsa3.pem
@@ -0,0 +1,31 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQC6syTZtZNe1hRScFc4PUVyVLsr7+C1HDIZnOHmwFoLayX6RHwy
+ep/TkdwiPHnemVLuwvpSjLMLZkXy/J764kSHJrNeVl3UvmCVCOm40hAtK1+F39pM
+h8phkbPPD7i+hwq4/Vs79o46nzwbVKmzgoZBJhZ+codujUSYM3LjJ4aq+wIDAQAB
+AoGAE1Zixrnr3bLGwBMqtYSDIOhtyos59whImCaLr17U9MHQWS+mvYO98if1aQZi
+iQ/QazJ+wvYXxWJ+dEB+JvYwqrGeuAU6He/rAb4OShG4FPVU2D19gzRnaButWMeT
+/1lgXV08hegGBL7RQNaN7b0viFYMcKnSghleMP0/q+Y/oaECQQDkXEwDYJW13X9p
+ijS20ykWdY5lLknjkHRhhOYux0rlhOqsyMZjoUmwI2m0qj9yrIysKhrk4MZaM/uC
+hy0xp3hdAkEA0Uv/UY0Kwsgc+W6YxeypECtg1qCE6FBib8n4iFy/6VcWqhvE5xrs
+OdhKv9/p6aLjLneGd1sU+F8eS9LGyKIbNwJBAJPgbNzXA7uUZriqZb5qeTXxBDfj
+RLfXSHYKAKEULxz3+JvRHB9SR4yHMiFrCdExiZrHXUkPgYLSHLGG5a4824UCQD6T
+9XvhquUARkGCAuWy0/3Eqoihp/t6BWSdQ9Upviu7YUhtUxsyXo0REZB7F4pGrJx5
+GlhXgFaewgUzuUHFzlMCQCzJMMWslWpoLntnR6sMhBMhBFHSw+Y5CbxBmFrdtSkd
+VdtNO1VuDCTxjjW7W3Khj7LX4KZ1ye/5jfAgnnnXisc=
+-----END RSA PRIVATE KEY-----
+-----BEGIN CERTIFICATE-----
+MIICizCCAfSgAwIBAgIJAMtotfHYdEsVMA0GCSqGSIb3DQEBBQUAMEQxCzAJBgNV
+BAYTAlVLMRYwFAYDVQQKEw1PcGVuU1NMIEdyb3VwMR0wGwYDVQQDExRUZXN0IFMv
+TUlNRSBSU0EgUm9vdDAeFw0wODAyMjIxMzUzMDlaFw0xNjA1MTAxMzUzMDlaMEUx
+CzAJBgNVBAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMR4wHAYDVQQDDBVU
+ZXN0IFMvTUlNRSBFRSBSU0EgIzMwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGB
+ALqzJNm1k17WFFJwVzg9RXJUuyvv4LUcMhmc4ebAWgtrJfpEfDJ6n9OR3CI8ed6Z
+Uu7C+lKMswtmRfL8nvriRIcms15WXdS+YJUI6bjSEC0rX4Xf2kyHymGRs88PuL6H
+Crj9Wzv2jjqfPBtUqbOChkEmFn5yh26NRJgzcuMnhqr7AgMBAAGjgYMwgYAwHQYD
+VR0OBBYEFDsSFjNtYZzd0tTHafNS7tneQQj6MB8GA1UdIwQYMBaAFBPPS6e7iS6z
+OFcXdsabrWhb5e0XMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgXgMCAGA1Ud
+EQQZMBeBFXNtaW1lcnNhM0BvcGVuc3NsLm9yZzANBgkqhkiG9w0BAQUFAAOBgQBE
+tUDB+1Dqigu4p1xtdq7JRK6S+gfA7RWmhz0j2scb2zhpS12h37JLHsidGeKAzZYq
+jUjOrH/j3xcV5AnuJoqImJaN23nzzxtR4qGGX2mrq6EtObzdEGgCUaizsGM+0slJ
+PYxcy8KeY/63B1BpYhj2RjGkL6HrvuAaxVORa3acoA==
+-----END CERTIFICATE-----
diff --git a/test/tcrl.com b/test/tcrl.com
index 86bf9735aa..1f606eb850 100644
--- a/test/tcrl.com
+++ b/test/tcrl.com
@@ -1,7 +1,9 @@
 $! TCRL.COM  --  Tests crl keys
 $
 $	__arch := VAX
-$	if f$getsyi("cpu") .ge. 128 then __arch := AXP
+$	if f$getsyi("cpu") .ge. 128 then -
+	   __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
+$	if __arch .eqs. "" then __arch := UNK
 $	exe_dir := sys$disk:[-.'__arch'.exe.apps]
 $
 $	cmd := mcr 'exe_dir'openssl crl
diff --git a/test/test_aesni b/test/test_aesni
new file mode 100755
index 0000000000..e8fb63ee2b
--- /dev/null
+++ b/test/test_aesni
@@ -0,0 +1,69 @@
+#!/bin/sh
+
+PROG=$1
+
+if [ -x $PROG ]; then
+    if expr "x`$PROG version`" : "xOpenSSL" > /dev/null; then
+	:
+    else
+	echo "$PROG is not OpenSSL executable"
+	exit 1
+    fi
+else
+    echo "$PROG is not executable"
+    exit 1;
+fi
+
+if $PROG engine aesni | grep -v no-aesni; then
+
+    HASH=`cat $PROG | $PROG dgst -hex`
+
+    AES_ALGS="	aes-128-ecb aes-192-ecb aes-256-ecb \
+		aes-128-cbc aes-192-cbc aes-256-cbc \
+		aes-128-cfb aes-192-cfb aes-256-cfb \
+		aes-128-ofb aes-192-ofb aes-256-ofb"
+    BUFSIZE="16 32 48 64 80 96 128 144 999"
+
+    nerr=0
+
+    for alg in $AES_ALGS; do
+	echo $alg
+	for bufsize in $BUFSIZE; do
+	    TEST=`(	cat $PROG | \
+		$PROG enc -e -k "$HASH" -$alg -bufsize $bufsize -engine aesni | \
+		$PROG enc -d -k "$HASH" -$alg | \
+		$PROG dgst -hex ) 2>/dev/null`
+	    if [ "$TEST" != "$HASH" ]; then
+		echo "-$alg/$bufsize encrypt test failed"
+		nerr=`expr $nerr + 1`
+	    fi
+	done
+	for bufsize in $BUFSIZE; do 
+	    TEST=`(	cat $PROG | \
+		$PROG enc -e -k "$HASH" -$alg | \
+		$PROG enc -d -k "$HASH" -$alg -bufsize $bufsize -engine aesni | \
+		$PROG dgst -hex ) 2>/dev/null`
+	    if [ "$TEST" != "$HASH" ]; then
+		echo "-$alg/$bufsize decrypt test failed"
+		nerr=`expr $nerr + 1`
+	    fi
+	done
+	TEST=`(	cat $PROG | \
+		$PROG enc -e -k "$HASH" -$alg -engine aesni | \
+		$PROG enc -d -k "$HASH" -$alg -engine aesni | \
+		$PROG dgst -hex ) 2>/dev/null`
+	if [ "$TEST" != "$HASH" ]; then
+		echo "-$alg en/decrypt test failed"
+		nerr=`expr $nerr + 1`
+	fi
+    done
+
+    if [ $nerr -gt 0 ]; then
+	echo "AESNI engine test failed."
+	exit 1;
+    fi
+else
+    echo "AESNI engine is not available"
+fi
+
+exit 0
diff --git a/test/test_padlock b/test/test_padlock
new file mode 100755
index 0000000000..5c0f21043c
--- /dev/null
+++ b/test/test_padlock
@@ -0,0 +1,64 @@
+#!/bin/sh
+
+PROG=$1
+
+if [ -x $PROG ]; then
+    if expr "x`$PROG version`" : "xOpenSSL" > /dev/null; then
+	:
+    else
+	echo "$PROG is not OpenSSL executable"
+	exit 1
+    fi
+else
+    echo "$PROG is not executable"
+    exit 1;
+fi
+
+if $PROG engine padlock | grep -v no-ACE; then
+
+    HASH=`cat $PROG | $PROG dgst -hex`
+
+    ACE_ALGS="	aes-128-ecb aes-192-ecb aes-256-ecb \
+		aes-128-cbc aes-192-cbc aes-256-cbc \
+		aes-128-cfb aes-192-cfb aes-256-cfb \
+		aes-128-ofb aes-192-ofb aes-256-ofb"
+
+    nerr=0
+
+    for alg in $ACE_ALGS; do
+	echo $alg
+	TEST=`(	cat $PROG | \
+		$PROG enc -e -k "$HASH" -$alg -bufsize 999 -engine padlock | \
+		$PROG enc -d -k "$HASH" -$alg | \
+		$PROG dgst -hex ) 2>/dev/null`
+	if [ "$TEST" != "$HASH" ]; then
+		echo "-$alg encrypt test failed"
+		nerr=`expr $nerr + 1`
+	fi
+	TEST=`(	cat $PROG | \
+		$PROG enc -e -k "$HASH" -$alg | \
+		$PROG enc -d -k "$HASH" -$alg -bufsize 999 -engine padlock | \
+		$PROG dgst -hex ) 2>/dev/null`
+	if [ "$TEST" != "$HASH" ]; then
+		echo "-$alg decrypt test failed"
+		nerr=`expr $nerr + 1`
+	fi
+	TEST=`(	cat $PROG | \
+		$PROG enc -e -k "$HASH" -$alg -engine padlock | \
+		$PROG enc -d -k "$HASH" -$alg -engine padlock | \
+		$PROG dgst -hex ) 2>/dev/null`
+	if [ "$TEST" != "$HASH" ]; then
+		echo "-$alg en/decrypt test failed"
+		nerr=`expr $nerr + 1`
+	fi
+    done
+
+    if [ $nerr -gt 0 ]; then
+	echo "PadLock ACE test failed."
+	exit 1;
+    fi
+else
+    echo "PadLock ACE is not available"
+fi
+
+exit 0
diff --git a/test/testca.com b/test/testca.com
index c670f2bf5f..ec7e56dad6 100644
--- a/test/testca.com
+++ b/test/testca.com
@@ -1,8 +1,9 @@
 $! TESTCA.COM
 $
 $	__arch := VAX
-$	if f$getsyi("cpu") .ge. 128 then __arch := AXP
-$	exe_dir := sys$disk:[-.'__arch'.exe.apps]
+$	if f$getsyi("cpu") .ge. 128 then -
+	   __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
+$	if __arch .eqs. "" then __arch := UNK
 $
 $	openssl := mcr 'exe_dir'openssl
 $
@@ -11,7 +12,7 @@ $
 $	set noon
 $	if f$search("demoCA.dir") .nes. ""
 $	then
-$	    call deltree [.demoCA]*.*
+$	    @[-.util]deltree [.demoCA]*.*
 $	    set file/prot=(S:RWED,O:RWED,G:RWED,W:RWED) demoCA.dir;*
 $	    delete demoCA.dir;*
 $	endif
@@ -38,7 +39,7 @@ $	@[-.apps]CA.com -verify newcert.pem
 $	if $severity .ne. 1 then exit 3
 $
 $	set noon
-$	call deltree [.demoCA]*.*
+$	@[-.util]deltree [.demoCA]*.*
 $	set file/prot=(S:RWED,O:RWED,G:RWED,W:RWED) demoCA.dir;*
 $	delete demoCA.dir;*
 $	if f$search("newcert.pem") .nes. "" then delete newcert.pem;*
@@ -47,32 +48,3 @@ $	set on
 $!	#usage: CA -newcert|-newreq|-newca|-sign|-verify
 $
 $	exit
-$
-$ deltree: subroutine ! P1 is a name of a directory
-$	on control_y then goto dt_STOP
-$	on warning then goto dt_exit
-$	_dt_def = f$trnlnm("SYS$DISK")+f$directory()
-$	if f$parse(p1) .eqs. "" then exit
-$	set default 'f$parse(p1,,,"DEVICE")''f$parse(p1,,,"DIRECTORY")'
-$	p1 = f$parse(p1,,,"NAME") + f$parse(p1,,,"TYPE")
-$	_fp = f$parse(".DIR",p1)
-$ dt_loop:
-$	_f = f$search(_fp)
-$	if _f .eqs. "" then goto dt_loopend
-$	call deltree [.'f$parse(_f,,,"NAME")']*.*
-$	goto dt_loop
-$ dt_loopend:
-$	_fp = f$parse(p1,".;*")
-$	if f$search(_fp) .eqs. "" then goto dt_exit
-$	set noon
-$	set file/prot=(S:RWED,O:RWED,G:RWED,W:RWED) '_fp'
-$	set on
-$	delete/nolog '_fp'
-$ dt_exit:
-$	set default '_dt_def'
-$	exit
-$ dt_STOP:
-$	set default '_dt_def'
-$	stop/id=""
-$	exit
-$	endsubroutine
diff --git a/test/testenc b/test/testenc
index 23e3f5a376..f5ce7c0c45 100644
--- a/test/testenc
+++ b/test/testenc
@@ -1,6 +1,6 @@
 #!/bin/sh
 
-testsrc=Makefile.ssl
+testsrc=Makefile
 test=./p
 cmd="../util/shlib_wrap.sh ../apps/openssl"
 
diff --git a/test/testenc.com b/test/testenc.com
index c24fa388c0..621d9a2126 100644
--- a/test/testenc.com
+++ b/test/testenc.com
@@ -1,10 +1,11 @@
 $! TESTENC.COM  --  Test encoding and decoding
 $
 $	__arch := VAX
-$	if f$getsyi("cpu") .ge. 128 then __arch := AXP
-$	exe_dir := sys$disk:[-.'__arch'.exe.apps]
+$	if f$getsyi("cpu") .ge. 128 then -
+	   __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
+$	if __arch .eqs. "" then __arch := UNK
 $
-$	testsrc := makefile.ssl
+$	testsrc := makefile.
 $	test := p.txt
 $	cmd := mcr 'exe_dir'openssl
 $
diff --git a/test/testgen.com b/test/testgen.com
index 5d28ebec72..a4bc574bec 100644
--- a/test/testgen.com
+++ b/test/testgen.com
@@ -1,7 +1,9 @@
 $! TETSGEN.COM
 $
 $	__arch := VAX
-$	if f$getsyi("cpu") .ge. 128 then __arch := AXP
+$	if f$getsyi("cpu") .ge. 128 then -
+	   __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
+$	if __arch .eqs. "" then __arch := UNK
 $	exe_dir := sys$disk:[-.'__arch'.exe.apps]
 $
 $	T := testcert
diff --git a/test/tests.com b/test/tests.com
index 9263c8b843..92984e1195 100644
--- a/test/tests.com
+++ b/test/tests.com
@@ -6,14 +6,20 @@ $	__proc = f$element(0,";",f$environment("procedure"))
 $	__here = f$parse(f$parse("A.;",__proc) - "A.;","[]A.;") - "A.;"
 $	__save_default = f$environment("default")
 $	__arch := VAX
-$	if f$getsyi("cpu") .ge. 128 then __arch := AXP
+$	if f$getsyi("cpu") .ge. 128 then -
+	   __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
+$	if __arch .eqs. "" then __arch := UNK
 $
 $	show time
 $
 $	texe_dir := sys$disk:[-.'__arch'.exe.test]
 $	exe_dir := sys$disk:[-.'__arch'.exe.apps]
-$!
+$
+$	sslroot = f$parse("sys$disk:[-.apps];",,,,"syntax_only") - "].;"+ ".]"
+$	define /translation_attributes = concealed sslroot 'sslroot'
+$
 $	set default '__here'
+$
 $	on control_y then goto exit
 $	on error then goto exit
 $
@@ -21,14 +27,18 @@ $	if p1 .nes. ""
 $	then
 $	    tests = p1
 $	else
+$! NOTE: This list reflects the list of dependencies following the
+$! "alltests" target in Makefile.  This should make it easy to see
+$! if there's a difference that needs to be taken care of.
 $	    tests := -
 	test_des,test_idea,test_sha,test_md4,test_md5,test_hmac,-
-	test_md2,test_mdc2,-
-	test_rmd,test_rc2,test_rc4,test_rc5,test_bf,test_cast,test_rd,-
+	test_md2,test_mdc2,test_wp,-
+	test_rmd,test_rc2,test_rc4,test_rc5,test_bf,test_cast,test_aes,-
 	test_rand,test_bn,test_ec,test_ecdsa,test_ecdh,-
 	test_enc,test_x509,test_rsa,test_crl,test_sid,-
 	test_gen,test_req,test_pkcs7,test_verify,test_dh,test_dsa,-
-	test_ss,test_ca,test_engine,test_evp,test_ssl
+	test_ss,test_ca,test_engine,test_evp,test_ssl,test_tsa,test_ige,-
+	test_jpake,test_cms
 $	endif
 $	tests = f$edit(tests,"COLLAPSE")
 $
@@ -46,6 +56,7 @@ $	MD2TEST :=	md2test
 $	MD4TEST :=	md4test
 $	MD5TEST :=	md5test
 $	HMACTEST :=	hmactest
+$	WPTEST :=	wp_test
 $	RC2TEST :=	rc2test
 $	RC4TEST :=	rc4test
 $	RC5TEST :=	rc5test
@@ -60,6 +71,8 @@ $	SSLTEST :=	ssltest
 $	RSATEST :=	rsa_test
 $	ENGINETEST :=	enginetest
 $	EVPTEST :=	evp_test
+$	IGETEST :=	igetest
+$	JPAKETEST :=	jpaketest
 $
 $	tests_i = 0
 $ loop_tests:
@@ -97,6 +110,9 @@ $	return
 $ test_hmac:
 $	mcr 'texe_dir''hmactest'
 $	return
+$ test_wp:
+$	mcr 'texe_dir''wptest'
+$	return
 $ test_md2:
 $	mcr 'texe_dir''md2test'
 $	return
@@ -252,13 +268,39 @@ $	    write sys$output "Generate and certify a test certificate via the 'ca' pro
 $	    @testca.com
 $	endif
 $	return
-$ test_rd: 
-$	write sys$output "test Rijndael"
-$	!mcr 'texe_dir''rdtest'
+$ test_aes: 
+$!	write sys$output "test AES"
+$!	!mcr 'texe_dir''aestest'
+$	return
+$ test_tsa:
+$	set noon
+$	define/user sys$output nla0:
+$	mcr 'exe_dir'openssl no-rsa
+$	save_severity=$SEVERITY
+$	set on
+$	if save_severity
+$	then
+$	    write sys$output "skipping testtsa.com test -- requires RSA"
+$	else
+$	    @testtsa.com
+$	endif
+$	return
+$ test_ige: 
+$	write sys$output "Test IGE mode"
+$	mcr 'texe_dir''igetest'
+$	return
+$ test_jpake: 
+$	write sys$output "Test JPAKE"
+$	mcr 'texe_dir''jpaketest'
+$	return
+$ test_cms:
+$	write sys$output "CMS consistency test"
+$	perl CMS-TEST.PL
 $	return
 $
 $
 $ exit:
 $	set default '__save_default'
 $	show time
+$	deassign sslroot
 $	exit
diff --git a/test/testss.com b/test/testss.com
index 685ae5043d..6598106b09 100644
--- a/test/testss.com
+++ b/test/testss.com
@@ -1,7 +1,9 @@
 $! TESTSS.COM
 $
 $	__arch := VAX
-$	if f$getsyi("cpu") .ge. 128 then __arch := AXP
+$	if f$getsyi("cpu") .ge. 128 then -
+	   __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
+$	if __arch .eqs. "" then __arch := UNK
 $	exe_dir := sys$disk:[-.'__arch'.exe.apps]
 $
 $	digest="-md5"
diff --git a/test/testssl b/test/testssl
index 8ac90ae5ee..f9d7c5d65f 100644
--- a/test/testssl
+++ b/test/testssl
@@ -142,4 +142,10 @@ else
   fi
 fi
 
+echo test tls1 with PSK
+$ssltest -tls1 -cipher PSK -psk abc123 $extra || exit 1
+
+echo test tls1 with PSK via BIO pair
+$ssltest -bio_pair -tls1 -cipher PSK -psk abc123 $extra || exit 1
+
 exit 0
diff --git a/test/testssl.com b/test/testssl.com
index 26308f7715..9c83afba04 100644
--- a/test/testssl.com
+++ b/test/testssl.com
@@ -1,7 +1,9 @@
 $! TESTSSL.COM
 $
 $	__arch := VAX
-$	if f$getsyi("cpu") .ge. 128 then __arch := AXP
+$	if f$getsyi("cpu") .ge. 128 then -
+	   __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
+$	if __arch .eqs. "" then __arch := UNK
 $	texe_dir := sys$disk:[-.'__arch'.exe.test]
 $	exe_dir := sys$disk:[-.'__arch'.exe.apps]
 $
diff --git a/test/testsslproxy b/test/testsslproxy
index 70cf12342d..58bbda8ab7 100644
--- a/test/testsslproxy
+++ b/test/testsslproxy
@@ -4,7 +4,7 @@ echo 'Testing a lot of proxy conditions.'
 echo 'Some of them may turn out being invalid, which is fine.'
 for auth in A B C BC; do
     for cond in A B C 'A|B&!C'; do
-	sh ./testssl $1 $2 $3 "-proxy_auth $auth -proxy_cond $cond"
+	sh ./testssl $1 $2 $3 "-proxy -proxy_auth $auth -proxy_cond $cond"
 	if [ $? = 3 ]; then exit 1; fi
     done
 done
diff --git a/test/testtsa b/test/testtsa
new file mode 100644
index 0000000000..bb653b5f73
--- /dev/null
+++ b/test/testtsa
@@ -0,0 +1,238 @@
+#!/bin/sh
+
+#
+# A few very basic tests for the 'ts' time stamping authority command.
+#
+
+SH="/bin/sh"
+if test "$OSTYPE" = msdosdjgpp; then
+    PATH="../apps\;$PATH"
+else
+    PATH="../apps:$PATH"
+fi
+export SH PATH
+
+OPENSSL_CONF="../CAtsa.cnf"
+export OPENSSL_CONF
+# Because that's what ../apps/CA.sh really looks at
+SSLEAY_CONFIG="-config $OPENSSL_CONF"
+export SSLEAY_CONFIG
+
+OPENSSL="`pwd`/../util/opensslwrap.sh"
+export OPENSSL
+
+error () {
+
+    echo "TSA test failed!" >&2
+    exit 1
+}
+
+setup_dir () {
+
+    rm -rf tsa 2>/dev/null
+    mkdir tsa
+    cd ./tsa
+}
+
+clean_up_dir () {
+
+    cd ..
+    rm -rf tsa
+}
+
+create_ca () {
+
+    echo "Creating a new CA for the TSA tests..."
+    TSDNSECT=ts_ca_dn
+    export TSDNSECT   
+    ../../util/shlib_wrap.sh ../../apps/openssl req -new -x509 -nodes \
+	-out tsaca.pem -keyout tsacakey.pem
+    test $? != 0 && error
+}
+
+create_tsa_cert () {
+
+    INDEX=$1
+    export INDEX
+    EXT=$2
+    TSDNSECT=ts_cert_dn
+    export TSDNSECT   
+
+    ../../util/shlib_wrap.sh ../../apps/openssl req -new \
+	-out tsa_req${INDEX}.pem -keyout tsa_key${INDEX}.pem
+    test $? != 0 && error
+echo Using extension $EXT
+    ../../util/shlib_wrap.sh ../../apps/openssl x509 -req \
+	-in tsa_req${INDEX}.pem -out tsa_cert${INDEX}.pem \
+	-CA tsaca.pem -CAkey tsacakey.pem -CAcreateserial \
+	-extfile $OPENSSL_CONF -extensions $EXT
+    test $? != 0 && error
+}
+
+print_request () {
+
+    ../../util/shlib_wrap.sh ../../apps/openssl ts -query -in $1 -text
+}
+
+create_time_stamp_request1 () {
+
+    ../../util/shlib_wrap.sh ../../apps/openssl ts -query -data ../testtsa -policy tsa_policy1 -cert -out req1.tsq
+    test $? != 0 && error
+}
+
+create_time_stamp_request2 () {
+
+    ../../util/shlib_wrap.sh ../../apps/openssl ts -query -data ../testtsa -policy tsa_policy2 -no_nonce \
+	-out req2.tsq
+    test $? != 0 && error
+}
+
+create_time_stamp_request3 () {
+
+    ../../util/shlib_wrap.sh ../../apps/openssl ts -query -data ../CAtsa.cnf -no_nonce -out req3.tsq
+    test $? != 0 && error
+}
+
+print_response () {
+
+    ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $1 -text
+    test $? != 0 && error
+}
+
+create_time_stamp_response () {
+
+    ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -section $3 -queryfile $1 -out $2
+    test $? != 0 && error
+}
+
+time_stamp_response_token_test () {
+
+    RESPONSE2=$2.copy.tsr
+    TOKEN_DER=$2.token.der
+    ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $2 -out $TOKEN_DER -token_out
+    test $? != 0 && error
+    ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $TOKEN_DER -token_in -out $RESPONSE2
+    test $? != 0 && error
+    cmp $RESPONSE2 $2
+    test $? != 0 && error
+    ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $2 -text -token_out
+    test $? != 0 && error
+    ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $TOKEN_DER -token_in -text -token_out
+    test $? != 0 && error
+    ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -queryfile $1 -text -token_out
+    test $? != 0 && error
+}
+
+verify_time_stamp_response () {
+
+    ../../util/shlib_wrap.sh ../../apps/openssl ts -verify -queryfile $1 -in $2 -CAfile tsaca.pem \
+	-untrusted tsa_cert1.pem
+    test $? != 0 && error
+    ../../util/shlib_wrap.sh ../../apps/openssl ts -verify -data $3 -in $2 -CAfile tsaca.pem \
+	-untrusted tsa_cert1.pem
+    test $? != 0 && error
+}
+
+verify_time_stamp_token () {
+
+    # create the token from the response first
+    ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $2 -out $2.token -token_out
+    test $? != 0 && error
+    ../../util/shlib_wrap.sh ../../apps/openssl ts -verify -queryfile $1 -in $2.token -token_in \
+	-CAfile tsaca.pem -untrusted tsa_cert1.pem
+    test $? != 0 && error
+    ../../util/shlib_wrap.sh ../../apps/openssl ts -verify -data $3 -in $2.token -token_in \
+	-CAfile tsaca.pem -untrusted tsa_cert1.pem
+    test $? != 0 && error
+}
+
+verify_time_stamp_response_fail () {
+
+    ../../util/shlib_wrap.sh ../../apps/openssl ts -verify -queryfile $1 -in $2 -CAfile tsaca.pem \
+	-untrusted tsa_cert1.pem
+    # Checks if the verification failed, as it should have.
+    test $? = 0 && error
+    echo Ok
+}
+
+# main functions
+
+echo "Setting up TSA test directory..."
+setup_dir
+
+echo "Creating CA for TSA tests..."
+create_ca
+
+echo "Creating tsa_cert1.pem TSA server cert..."
+create_tsa_cert 1 tsa_cert
+
+echo "Creating tsa_cert2.pem non-TSA server cert..."
+create_tsa_cert 2 non_tsa_cert
+
+echo "Creating req1.req time stamp request for file testtsa..."
+create_time_stamp_request1
+
+echo "Printing req1.req..."
+print_request req1.tsq
+
+echo "Generating valid response for req1.req..."
+create_time_stamp_response req1.tsq resp1.tsr tsa_config1
+
+echo "Printing response..."
+print_response resp1.tsr
+
+echo "Verifying valid response..."
+verify_time_stamp_response req1.tsq resp1.tsr ../testtsa
+
+echo "Verifying valid token..."
+verify_time_stamp_token req1.tsq resp1.tsr ../testtsa
+
+# The tests below are commented out, because invalid signer certificates
+# can no longer be specified in the config file.
+
+# echo "Generating _invalid_ response for req1.req..."
+# create_time_stamp_response req1.tsq resp1_bad.tsr tsa_config2
+
+# echo "Printing response..."
+# print_response resp1_bad.tsr
+
+# echo "Verifying invalid response, it should fail..."
+# verify_time_stamp_response_fail req1.tsq resp1_bad.tsr
+
+echo "Creating req2.req time stamp request for file testtsa..."
+create_time_stamp_request2
+
+echo "Printing req2.req..."
+print_request req2.tsq
+
+echo "Generating valid response for req2.req..."
+create_time_stamp_response req2.tsq resp2.tsr tsa_config1
+
+echo "Checking '-token_in' and '-token_out' options with '-reply'..."
+time_stamp_response_token_test req2.tsq resp2.tsr
+
+echo "Printing response..."
+print_response resp2.tsr
+
+echo "Verifying valid response..."
+verify_time_stamp_response req2.tsq resp2.tsr ../testtsa
+
+echo "Verifying response against wrong request, it should fail..."
+verify_time_stamp_response_fail req1.tsq resp2.tsr
+
+echo "Verifying response against wrong request, it should fail..."
+verify_time_stamp_response_fail req2.tsq resp1.tsr
+
+echo "Creating req3.req time stamp request for file CAtsa.cnf..."
+create_time_stamp_request3
+
+echo "Printing req3.req..."
+print_request req3.tsq
+
+echo "Verifying response against wrong request, it should fail..."
+verify_time_stamp_response_fail req3.tsq resp1.tsr
+
+echo "Cleaning up..."
+clean_up_dir
+
+exit 0
diff --git a/test/testtsa.com b/test/testtsa.com
new file mode 100644
index 0000000000..e3c586f14a
--- /dev/null
+++ b/test/testtsa.com
@@ -0,0 +1,248 @@
+$!
+$! A few very basic tests for the 'ts' time stamping authority command.
+$!
+$
+$	__arch := VAX
+$	if f$getsyi("cpu") .ge. 128 then -
+	   __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
+$	if __arch .eqs. "" then __arch := UNK
+$	exe_dir := sys$disk:[-.'__arch'.exe.apps]
+$
+$	openssl := mcr 'f$parse(exe_dir+"openssl.exe")'
+$	OPENSSL_CONF := [-]CAtsa.cnf
+$	! Because that's what ../apps/CA.sh really looks at
+$	SSLEAY_CONFIG = "-config " + OPENSSL_CONF
+$
+$ error:
+$	subroutine
+$		write sys$error "TSA test failed!"
+$		exit 3
+$	endsubroutine
+$
+$ setup_dir:
+$	subroutine
+$
+$		if f$search("tsa.dir") .nes ""
+$		then
+$			@[-.util]deltree [.tsa]*.*
+$ 			set file/prot=(S:RWED,O:RWED,G:RWED,W:RWED) tsa.dir;*
+$ 			delete tsa.dir;*
+$		endif
+$
+$		create/dir [.tsa]
+$		set default [.tsa]
+$	endsubroutine
+$
+$ clean_up_dir:
+$	subroutine
+$
+$		set default [-]
+$		@[-.util]deltree [.tsa]*.*
+$ 		set file/prot=(S:RWED,O:RWED,G:RWED,W:RWED) tsa.dir;*
+$ 		delete tsa.dir;*
+$	endsubroutine
+$
+$ create_ca:
+$	subroutine
+$
+$		write sys$output "Creating a new CA for the TSA tests..."
+$		TSDNSECT = "ts_ca_dn"
+$		openssl req -new -x509 -nodes -
+			-out tsaca.pem -keyout tsacakey.pem
+$		if $severity .ne. 1 then call error
+$	endsubroutine
+$
+$ create_tsa_cert:
+$	subroutine
+$
+$		INDEX=p1
+$		EXT=p2
+$		TSDNSECT = "ts_cert_dn"
+$
+$		openssl req -new -
+			-out tsa_req'INDEX'.pem -keyout tsa_key'INDEX'.pem
+$		if $severity .ne. 1 then call error
+$
+$		write sys$output "Using extension ''EXT'"
+$		openssl x509 -req -
+			-in tsa_req'INDEX'.pem -out tsa_cert'INDEX'.pem -
+			"-CA" tsaca.pem "-CAkey" tsacakey.pem "-CAcreateserial" -
+			-extfile 'OPENSSL_CONF' -extensions "''EXT'"
+$		if $severity .ne. 1 then call error
+$	endsubroutine
+$
+$ print_request:
+$	subroutine
+$
+$		openssl ts -query -in 'p1' -text
+$	endsubroutine
+$
+$ create_time_stamp_request1: subroutine
+$
+$		openssl ts -query -data [-]testtsa.com -policy tsa_policy1 -
+			-cert -out req1.tsq
+$		if $severity .ne. 1 then call error
+$	endsubroutine
+$
+$ create_time_stamp_request2: subroutine
+$
+$		openssl ts -query -data [-]testtsa.com -policy tsa_policy2 -
+			-no_nonce -out req2.tsq
+$		if $severity .ne. 1 then call error
+$	endsubroutine
+$
+$ create_time_stamp_request3: subroutine
+$
+$		openssl ts -query -data [-]CAtsa.cnf -no_nonce -out req3.tsq
+$		if $severity .ne. 1 then call error
+$	endsubroutine
+$
+$ print_response:
+$	subroutine
+$
+$		openssl ts -reply -in 'p1' -text
+$		if $severity .ne. 1 then call error
+$	endsubroutine
+$
+$ create_time_stamp_response:
+$	subroutine
+$
+$		openssl ts -reply -section 'p3' -queryfile 'p1' -out 'p2'
+$		if $severity .ne. 1 then call error
+$	endsubroutine
+$
+$ time_stamp_response_token_test:
+$	subroutine
+$
+$		RESPONSE2:='p2'.copy_tsr
+$		TOKEN_DER:='p2'.token_der
+$		openssl ts -reply -in 'p2' -out 'TOKEN_DER' -token_out
+$		if $severity .ne. 1 then call error
+$		openssl ts -reply -in 'TOKEN_DER' -token_in -out 'RESPONSE2'
+$		if $severity .ne. 1 then call error
+$		backup/compare 'RESPONSE2' 'p2'
+$		if $severity .ne. 1 then call error
+$		openssl ts -reply -in 'p2' -text -token_out
+$		if $severity .ne. 1 then call error
+$		openssl ts -reply -in 'TOKEN_DER' -token_in -text -token_out
+$		if $severity .ne. 1 then call error
+$		openssl ts -reply -queryfile 'p1' -text -token_out
+$		if $severity .ne. 1 then call error
+$	endsubroutine
+$
+$ verify_time_stamp_response:
+$	subroutine
+$
+$		openssl ts -verify -queryfile 'p1' -in 'p2' -
+			"-CAfile" tsaca.pem -untrusted tsa_cert1.pem
+$		if $severity .ne. 1 then call error
+$		openssl ts -verify -data 'p3' -in 'p2' -
+			"-CAfile" tsaca.pem -untrusted tsa_cert1.pem
+$		if $severity .ne. 1 then call error
+$	endsubroutine
+$
+$ verify_time_stamp_token:
+$	subroutine
+$
+$		! create the token from the response first
+$		openssl ts -reply -in 'p2' -out 'p2'.token -token_out
+$		if $severity .ne. 1 then call error
+$		openssl ts -verify -queryfile 'p1' -in 'p2'.token -token_in -
+			"-CAfile" tsaca.pem -untrusted tsa_cert1.pem
+$		if $severity .ne. 1 then call error
+$		openssl ts -verify -data 'p3' -in 'p2'.token -token_in -
+			"-CAfile" tsaca.pem -untrusted tsa_cert1.pem
+$		if $severity .ne. 1 then call error
+$	endsubroutine
+$
+$ verify_time_stamp_response_fail:
+$	subroutine
+$
+$		openssl ts -verify -queryfile 'p1' -in 'p2' -
+			"-CAfile" tsaca.pem -untrusted tsa_cert1.pem
+$		! Checks if the verification failed, as it should have.
+$		if $severity .eq. 1 then call error
+$		write sys$output "Ok"
+$	endsubroutine
+$
+$	! Main body ----------------------------------------------------------
+$
+$	write sys$output "Setting up TSA test directory..."
+$	call setup_dir
+$
+$	write sys$output "Creating CA for TSA tests..."
+$	call create_ca
+$
+$	write sys$output "Creating tsa_cert1.pem TSA server cert..."
+$	call create_tsa_cert 1 "tsa_cert"
+$
+$	write sys$output "Creating tsa_cert2.pem non-TSA server cert..."
+$	call create_tsa_cert 2 "non_tsa_cert"
+$
+$	write sys$output "Creating req1.req time stamp request for file testtsa..."
+$	call create_time_stamp_request1
+$
+$	write sys$output "Printing req1.req..."
+$	call print_request req1.tsq
+$
+$	write sys$output "Generating valid response for req1.req..."
+$	call create_time_stamp_response req1.tsq resp1.tsr tsa_config1
+$
+$	write sys$output "Printing response..."
+$	call print_response resp1.tsr
+$
+$	write sys$output "Verifying valid response..."
+$	call verify_time_stamp_response req1.tsq resp1.tsr [-]testtsa.com
+$
+$	write sys$output "Verifying valid token..."
+$	call verify_time_stamp_token req1.tsq resp1.tsr [-]testtsa.com
+$
+$	! The tests below are commented out, because invalid signer certificates
+$	! can no longer be specified in the config file.
+$
+$	! write sys$output "Generating _invalid_ response for req1.req..."
+$	! call create_time_stamp_response req1.tsq resp1_bad.tsr tsa_config2
+$
+$	! write sys$output "Printing response..."
+$	! call print_response resp1_bad.tsr
+$
+$	! write sys$output "Verifying invalid response, it should fail..."
+$	! call verify_time_stamp_response_fail req1.tsq resp1_bad.tsr
+$
+$	write sys$output "Creating req2.req time stamp request for file testtsa..."
+$	call create_time_stamp_request2
+$
+$	write sys$output "Printing req2.req..."
+$	call print_request req2.tsq
+$
+$	write sys$output "Generating valid response for req2.req..."
+$	call create_time_stamp_response req2.tsq resp2.tsr tsa_config1
+$
+$	write sys$output "Checking '-token_in' and '-token_out' options with '-reply'..."
+$	call time_stamp_response_token_test req2.tsq resp2.tsr
+$
+$	write sys$output "Printing response..."
+$	call print_response resp2.tsr
+$
+$	write sys$output "Verifying valid response..."
+$	call verify_time_stamp_response req2.tsq resp2.tsr [-]testtsa.com
+$
+$	write sys$output "Verifying response against wrong request, it should fail..."
+$	call verify_time_stamp_response_fail req1.tsq resp2.tsr
+$
+$	write sys$output "Verifying response against wrong request, it should fail..."
+$	call verify_time_stamp_response_fail req2.tsq resp1.tsr
+$
+$	write sys$output "Creating req3.req time stamp request for file CAtsa.cnf..."
+$	call create_time_stamp_request3
+$
+$	write sys$output "Printing req3.req..."
+$	call print_request req3.tsq
+$
+$	write sys$output "Verifying response against wrong request, it should fail..."
+$	call verify_time_stamp_response_fail req3.tsq resp1.tsr
+$
+$	write sys$output "Cleaning up..."
+$	call clean_up_dir
+$
+$	exit
diff --git a/test/times b/test/times
index 49aeebf216..6b66eb342e 100644
--- a/test/times
+++ b/test/times
@@ -1,7 +1,7 @@
 
 More number for the questions about SSL overheads....
 
-The following numbers were generated on a pentium pro 200, running linux.
+The following numbers were generated on a Pentium pro 200, running Linux.
 They give an indication of the SSL protocol and encryption overheads.
 
 The program that generated them is an unreleased version of ssl/ssltest.c
@@ -11,7 +11,7 @@ interface.
 
 How do I read this?  The protocol and cipher are reasonable obvious.
 The next number is the number of connections being made.  The next is the
-number of bytes exchanged bewteen the client and server side of the protocol.
+number of bytes exchanged between the client and server side of the protocol.
 This is the number of bytes that the client sends to the server, and then
 the server sends back.  Because this is all happening in one process,
 the data is being encrypted, decrypted, encrypted and then decrypted again.
@@ -55,10 +55,10 @@ SSLv3 DES-CBC3-SHA 1000 x 102400  336.61s 323.82s
 
 What does this all mean?  Well for a server, with no session-id reuse, with
 a transfer size of 10240 bytes, using RC4-MD5 and a 512bit server key,
-a pentium pro 200 running linux can handle the SSLv3 protocol overheads of
+a Pentium pro 200 running Linux can handle the SSLv3 protocol overheads of
 about 49 connections a second.  Reality will be quite different :-).
 
-Remeber the first number is 1000 full ssl handshakes, the second is
+Remember the first number is 1000 full ssl handshakes, the second is
 1 full and 999 with session-id reuse.  The RSA overheads for each exchange
 would be one public and one private operation, but the protocol/MAC/cipher
 cost would be quite similar in both the client and server.
@@ -68,25 +68,25 @@ eric (adding numbers to speculation)
 --- Appendix ---
 - The time measured is user time but these number a very rough.
 - Remember this is the cost of both client and server sides of the protocol.
-- The TCP/kernal overhead of connection establishment is normally the
+- The TCP/kernel overhead of connection establishment is normally the
   killer in SSL.  Often delays in the TCP protocol will make session-id
   reuse look slower that new sessions, but this would not be the case on
   a loaded server.
-- The TCP round trip latencies, while slowing indervidual connections,
+- The TCP round trip latencies, while slowing individual connections,
   would have minimal impact on throughput.
 - Instead of sending one 102400 byte buffer, one 8k buffer is sent until
 - the required number of bytes are processed.
-- The SSLv3 connections were actually SSLv2 compatable SSLv3 headers.
+- The SSLv3 connections were actually SSLv2 compatible SSLv3 headers.
 - A 512bit server key was being used except where noted.
 - No server key verification was being performed on the client side of the
   protocol.  This would slow things down very little.
 - The library being used is SSLeay 0.8.x.
-- The normal mesauring system was commands of the form
+- The normal measuring system was commands of the form
   time ./ssltest -num 1000 -bytes 102400 -cipher DES-CBC-SHA -reuse
   This modified version of ssltest should be in the next public release of
   SSLeay.
 
-The general cipher performace number for this platform are
+The general cipher performance number for this platform are
 
 SSLeay 0.8.2a 04-Sep-1997
 built on Fri Sep  5 17:37:05 EST 1997
diff --git a/test/tpkcs7.com b/test/tpkcs7.com
index 047834fba4..e107cc141a 100644
--- a/test/tpkcs7.com
+++ b/test/tpkcs7.com
@@ -1,7 +1,9 @@
 $! TPKCS7.COM  --  Tests pkcs7 keys
 $
 $	__arch := VAX
-$	if f$getsyi("cpu") .ge. 128 then __arch := AXP
+$	if f$getsyi("cpu") .ge. 128 then -
+	   __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
+$	if __arch .eqs. "" then __arch := UNK
 $	exe_dir := sys$disk:[-.'__arch'.exe.apps]
 $
 $	cmd := mcr 'exe_dir'openssl pkcs7
diff --git a/test/tpkcs7d.com b/test/tpkcs7d.com
index 193bb72137..5ff653ccee 100644
--- a/test/tpkcs7d.com
+++ b/test/tpkcs7d.com
@@ -1,7 +1,9 @@
 $! TPKCS7.COM  --  Tests pkcs7 keys
 $
 $	__arch := VAX
-$	if f$getsyi("cpu") .ge. 128 then __arch := AXP
+$	if f$getsyi("cpu") .ge. 128 then -
+	   __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
+$	if __arch .eqs. "" then __arch := UNK
 $	exe_dir := sys$disk:[-.'__arch'.exe.apps]
 $
 $	cmd := mcr 'exe_dir'openssl pkcs7
diff --git a/test/treq b/test/treq
index 2f20e640cf..77f37dcf3a 100644
--- a/test/treq
+++ b/test/treq
@@ -8,7 +8,7 @@ else
 	t=testreq.pem
 fi
 
-if $cmd -in $t -inform p -noout -text | fgrep 'Unknown Public Key'; then
+if $cmd -in $t -inform p -noout -text 2>&1 | fgrep -i 'Unknown Public Key'; then
   echo "skipping req conversion test for $t"
   exit 0
 fi
diff --git a/test/treq.com b/test/treq.com
index 5524e485ba..d2594be6a7 100644
--- a/test/treq.com
+++ b/test/treq.com
@@ -1,7 +1,9 @@
 $! TREQ.COM  --  Tests req keys
 $
 $	__arch := VAX
-$	if f$getsyi("cpu") .ge. 128 then __arch := AXP
+$	if f$getsyi("cpu") .ge. 128 then -
+	   __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
+$	if __arch .eqs. "" then __arch := UNK
 $	exe_dir := sys$disk:[-.'__arch'.exe.apps]
 $
 $	cmd := mcr 'exe_dir'openssl req -config [-.apps]openssl-vms.cnf
diff --git a/test/trsa.com b/test/trsa.com
index 6dbe59ef64..d3a8a605b7 100644
--- a/test/trsa.com
+++ b/test/trsa.com
@@ -1,7 +1,9 @@
 $! TRSA.COM  --  Tests rsa keys
 $
 $	__arch := VAX
-$	if f$getsyi("cpu") .ge. 128 then __arch := AXP
+$	if f$getsyi("cpu") .ge. 128 then -
+	   __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
+$	if __arch .eqs. "" then __arch := UNK
 $	exe_dir := sys$disk:[-.'__arch'.exe.apps]
 $
 $	set noon
diff --git a/test/tsid.com b/test/tsid.com
index abd1d4d737..267ace1135 100644
--- a/test/tsid.com
+++ b/test/tsid.com
@@ -1,7 +1,9 @@
 $! TSID.COM  --  Tests sid keys
 $
 $	__arch := VAX
-$	if f$getsyi("cpu") .ge. 128 then __arch := AXP
+$	if f$getsyi("cpu") .ge. 128 then -
+	   __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
+$	if __arch .eqs. "" then __arch := UNK
 $	exe_dir := sys$disk:[-.'__arch'.exe.apps]
 $
 $	cmd := mcr 'exe_dir'openssl sess_id
diff --git a/test/tverify.com b/test/tverify.com
index f97e71478f..01431f4aac 100644
--- a/test/tverify.com
+++ b/test/tverify.com
@@ -1,26 +1,63 @@
 $! TVERIFY.COM
 $
 $	__arch := VAX
-$	if f$getsyi("cpu") .ge. 128 then __arch := AXP
+$	if f$getsyi("cpu") .ge. 128 then -
+	   __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
+$	if __arch .eqs. "" then __arch := UNK
+$!
+$	line_max = 255 ! Could be longer on modern non-VAX.
+$	temp_file_name = "certs_"+ f$getjpi( "", "PID")+ ".tmp"
 $	exe_dir := sys$disk:[-.'__arch'.exe.apps]
-$
-$	copy/concatenate [-.certs]*.pem certs.tmp
-$
+$	cmd = "mcr ''exe_dir'openssl verify ""-CAfile"" ''temp_file_name'"
+$	cmd_len = f$length( cmd)
+$	pems = "[-.certs...]*.pem"
+$!
+$!	Concatenate all the certificate files.
+$!
+$	copy /concatenate 'pems' 'temp_file_name'
+$!
+$!	Loop through all the certificate files.
+$!
+$	args = ""
 $	old_f :=
-$ loop_certs:
-$	c := NO
-$	certs :=
-$ loop_certs2:
-$	f = f$search("[-.certs]*.pem")
-$	if f .nes. "" .and. f .nes. old_f
+$ loop_file: 
+$	    f = f$search( pems)
+$	    if ((f .nes. "") .and. (f .nes. old_f))
+$	    then
+$	      old_f = f
+$!
+$!	      If this file name would over-extend the command line, then
+$!	      run the command now.
+$!
+$	      if (cmd_len+ f$length( args)+ 1+ f$length( f) .gt. line_max)
+$	      then
+$	         if (args .eqs. "") then goto disaster
+$	         'cmd''args'
+$	         args = ""
+$	      endif
+$!	      Add the next file to the argument list.
+$	      args = args+ " "+ f
+$	   else
+$!            No more files in the list
+$	      goto loop_file_end
+$	   endif
+$	goto loop_file
+$	loop_file_end:
+$!
+$!	Run the command for any left-over arguments.
+$!
+$	if (args .nes. "")
 $	then
-$	    certs = certs + " [-.certs]" + f$parse(f,,,"NAME") + ".pem"
-$	    if f$length(certs) .lt. 180 then goto loop_certs2
-$	    c := YES
+$	   'cmd''args'
 $	endif
-$	certs = certs - " "
-$
-$	mcr 'exe_dir'openssl verify "-CAfile" certs.tmp 'certs'
-$	if c then goto loop_certs
-$
-$	delete certs.tmp;*
+$!
+$!	Delete the temporary file.
+$!
+$	if (f$search( "''temp_file_name';*") .nes. "") then -
+	 delete 'temp_file_name';*
+$!
+$	exit
+$!
+$	disaster:
+$	write sys$output "   Command line too long.  Doomed."
+$!
diff --git a/test/tx509.com b/test/tx509.com
index 7b2592f773..399eb01490 100644
--- a/test/tx509.com
+++ b/test/tx509.com
@@ -1,7 +1,9 @@
 $! TX509.COM  --  Tests x509 certificates
 $
 $	__arch := VAX
-$	if f$getsyi("cpu") .ge. 128 then __arch := AXP
+$	if f$getsyi("cpu") .ge. 128 then -
+	   __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
+$	if __arch .eqs. "" then __arch := UNK
 $	exe_dir := sys$disk:[-.'__arch'.exe.apps]
 $
 $	cmd := mcr 'exe_dir'openssl x509
diff --git a/times/x86/des3s.cpp b/times/x86/des3s.cpp
index 02d527c057..cd2b1126f1 100644
--- a/times/x86/des3s.cpp
+++ b/times/x86/des3s.cpp
@@ -60,7 +60,7 @@ void main(int argc,char *argv[])
 			des_encrypt3(&data[0],key1,key2,key3);
 			}
 
-		printf("des %d %d (%d)\n",
+		printf("des3 %d %d (%d)\n",
 			e1-s1,e2-s2,((e2-s2)-(e1-s1)));
 		}
 	}
diff --git a/tools/.cvsignore b/tools/.cvsignore
index af0e591579..cde7450dfc 100644
--- a/tools/.cvsignore
+++ b/tools/.cvsignore
@@ -1,2 +1,4 @@
 c_rehash
 c_rehash.bak
+*.flc
+semantic.cache
diff --git a/tools/Makefile.ssl b/tools/Makefile.ssl
deleted file mode 100644
index cb33d4a41e..0000000000
--- a/tools/Makefile.ssl
+++ /dev/null
@@ -1,64 +0,0 @@
-#
-# SSLeay/tools/Makefile
-#
-
-DIR=	tools
-TOP=	..
-CC=	cc
-INCLUDES= -I$(TOP) -I../../include
-CFLAG=-g
-INSTALL_PREFIX=
-OPENSSLDIR=     /usr/local/ssl
-INSTALLTOP=/usr/local/ssl
-MAKE=		make -f Makefile.ssl
-MAKEDEPPROG=	makedepend
-MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
-MAKEFILE=	Makefile.ssl
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile.ssl
-TEST=
-APPS= c_rehash
-MISC_APPS= c_hash c_info c_issuer c_name
-
-all:
-
-install:
-	@for i in $(APPS) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new; \
-	chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new; \
-	mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i ); \
-	done;
-	@for i in $(MISC_APPS) ; \
-	do  \
-	(cp $$i $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i.new; \
-	chmod 755 $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i.new; \
-	mv -f $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i.new $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i ); \
-	done;
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
-
-links:
-	@sh $(TOP)/util/point.sh Makefile.ssl Makefile
-
-lint:
-
-tags:
-
-errors:
-
-depend:
-
-dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-errors:
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/tools/c_rehash.in b/tools/c_rehash.in
index 4497cbd9f1..6dd3c24fc1 100644
--- a/tools/c_rehash.in
+++ b/tools/c_rehash.in
@@ -15,13 +15,23 @@ if(defined $ENV{OPENSSL}) {
 	$ENV{OPENSSL} = $openssl;
 }
 
-$ENV{PATH} .= ":$dir/bin";
+my $pwd;
+eval "require Cwd";
+if (defined(&Cwd::getcwd)) {
+	$pwd=Cwd::getcwd();
+} else {
+	$pwd=`pwd`; chomp($pwd);
+}
+my $path_delim = ($pwd =~ /^[a-z]\:/i) ? ';' : ':'; # DOS/Win32 or Unix delimiter?
+
+$ENV{PATH} .= "$path_delim$dir/bin";
 
 if(! -x $openssl) {
 	my $found = 0;
-	foreach (split /:/, $ENV{PATH}) {
+	foreach (split /$path_delim/, $ENV{PATH}) {
 		if(-x "$_/$openssl") {
 			$found = 1;
+			$openssl = "$_/$openssl";
 			last;
 		}	
 	}
@@ -34,11 +44,16 @@ if(! -x $openssl) {
 if(@ARGV) {
 	@dirlist = @ARGV;
 } elsif($ENV{SSL_CERT_DIR}) {
-	@dirlist = split /:/, $ENV{SSL_CERT_DIR};
+	@dirlist = split /$path_delim/, $ENV{SSL_CERT_DIR};
 } else {
 	$dirlist[0] = "$dir/certs";
 }
 
+if (-d $dirlist[0]) {
+	chdir $dirlist[0];
+	$openssl="$pwd/$openssl" if (!-x $openssl);
+	chdir $pwd;
+}
 
 foreach (@dirlist) {
 	if(-d $_ and -w $_) {
@@ -101,7 +116,7 @@ sub check_file {
 sub link_hash_cert {
 		my $fname = $_[0];
 		$fname =~ s/'/'\\''/g;
-		my ($hash, $fprint) = `"$openssl" x509 -hash -fingerprint -noout -in '$fname'`;
+		my ($hash, $fprint) = `"$openssl" x509 -hash -fingerprint -noout -in "$fname"`;
 		chomp $hash;
 		chomp $fprint;
 		$fprint =~ s/^.*=//;
@@ -122,7 +137,11 @@ sub link_hash_cert {
 		if ($symlink_exists) {
 			symlink $fname, $hash;
 		} else {
-			system ("cp", $fname, $hash);
+			open IN,"<$fname" or die "can't open $fname for read";
+			open OUT,">$hash" or die "can't open $hash for write";
+			print OUT <IN>;	# does the job for small text files
+			close OUT;
+			close IN;
 		}
 		$hashlist{$hash} = $fprint;
 }
diff --git a/util/.cvsignore b/util/.cvsignore
new file mode 100644
index 0000000000..8b4054c51d
--- /dev/null
+++ b/util/.cvsignore
@@ -0,0 +1,2 @@
+*.flc
+semantic.cache
diff --git a/util/ck_errf.pl b/util/ck_errf.pl
index 7a24d6c5a2..f13af5c50b 100755
--- a/util/ck_errf.pl
+++ b/util/ck_errf.pl
@@ -7,22 +7,35 @@
 # perl util/ck_errf.pl */*.c */*/*.c
 #
 
+my $err_strict = 0;
+my $bad = 0;
+
 foreach $file (@ARGV)
 	{
+	if ($file eq "-strict")
+		{
+		$err_strict = 1;
+		next;
+		}
 	open(IN,"<$file") || die "unable to open $file\n";
 	$func="";
 	while (<IN>)
 		{
-		if (/^[a-zA-Z].+[\s*]([A-Za-z_0-9]+)\(.*\)/)
+		if (!/;$/ && /^([a-zA-Z].*[\s*])?([A-Za-z_0-9]+)\(.*[),]/)
 			{
-			$func=$1;
+			/^([^()]*(\([^()]*\)[^()]*)*)\(/;
+			$1 =~ /([A-Za-z_0-9]*)$/;
+			$func = $1;
 			$func =~ tr/A-Z/a-z/;
 			}
-		if (/([A-Z0-9]+)err\(([^,]+)/)
+		if (/([A-Z0-9]+)err\(([^,]+)/ && ! /ckerr_ignore/)
 			{
-			next if ($func eq "");
 			$errlib=$1;
 			$n=$2;
+
+			if ($func eq "")
+				{ print "$file:$.:???:$n\n"; $bad = 1; next; }
+
 			if ($n !~ /([^_]+)_F_(.+)$/)
 				{
 		#		print "check -$file:$.:$func:$n\n";
@@ -32,14 +45,20 @@ foreach $file (@ARGV)
 			$n=$2;
 
 			if ($lib ne $errlib)
-				{ print "$file:$.:$func:$n\n"; next; }
+				{ print "$file:$.:$func:$n [${errlib}err]\n"; $bad = 1; next; }
 
 			$n =~ tr/A-Z/a-z/;
 			if (($n ne $func) && ($errlib ne "SYS"))
-				{ print "$file:$.:$func:$n\n"; next; }
+				{ print "$file:$.:$func:$n\n"; $bad = 1; next; }
 	#		print "$func:$1\n";
 			}
 		}
 	close(IN);
         }
 
+if ($bad && $err_strict)
+	{
+	print STDERR "FATAL: error discrepancy\n";
+	exit 1;
+	}
+
diff --git a/util/clean-depend.pl b/util/clean-depend.pl
index 6c485d1e2f..d3525b0ed0 100755
--- a/util/clean-depend.pl
+++ b/util/clean-depend.pl
@@ -37,7 +37,11 @@ foreach $file (sort keys %files) {
     $file=~s/^\.\///;
     push @{$files{$file}},$origfile;
     my $prevdep="";
-    foreach $dep (sort @{$files{$file}}) {
+
+    # Remove leading ./ before sorting
+    my @deps = map { $_ =~ s/^\.\///; $_ } @{$files{$file}};
+
+    foreach $dep (sort @deps) {
 	$dep=~s/^\.\///;
 	next if $prevdep eq $dep; # to exterminate duplicates...
 	$prevdep = $dep;
diff --git a/util/copy.pl b/util/copy.pl
new file mode 100644
index 0000000000..e20b45530a
--- /dev/null
+++ b/util/copy.pl
@@ -0,0 +1,59 @@
+#!/usr/local/bin/perl
+
+use Fcntl;
+
+
+# copy.pl
+
+# Perl script 'copy' comment. On Windows the built in "copy" command also
+# copies timestamps: this messes up Makefile dependencies.
+
+my $arg;
+
+foreach $arg (@ARGV) {
+	$arg =~ s|\\|/|g;	# compensate for bug/feature in cygwin glob...
+	foreach (glob $arg)
+		{
+		push @filelist, $_;
+		}
+}
+
+$fnum = @filelist;
+
+if ($fnum <= 1)
+	{
+	die "Need at least two filenames";
+	}
+
+$dest = pop @filelist;
+	
+if ($fnum > 2 && ! -d $dest)
+	{
+	die "Destination must be a directory";
+	}
+
+foreach (@filelist)
+	{
+	if (-d $dest)
+		{
+		$dfile = $_;
+		$dfile =~ s|^.*[/\\]([^/\\]*)$|$1|;
+		$dfile = "$dest/$dfile";
+		}
+	else
+		{
+		$dfile = $dest;
+		}
+	sysopen(IN, $_, O_RDONLY|O_BINARY) || die "Can't Open $_";
+	sysopen(OUT, $dfile, O_WRONLY|O_CREAT|O_TRUNC|O_BINARY)
+					|| die "Can't Open $dfile";
+	while (sysread IN, $buf, 10240)
+		{
+		syswrite(OUT, $buf, length($buf));
+		}
+	close(IN);
+	close(OUT);
+	print "Copying: $_ to $dfile\n";
+	}
+		
+
diff --git a/util/cygwin.sh b/util/cygwin.sh
index 0cc3197870..a4f2e740b4 100755
--- a/util/cygwin.sh
+++ b/util/cygwin.sh
@@ -7,7 +7,7 @@
 # Uncomment when debugging
 #set -x
 
-CONFIG_OPTIONS="--prefix=/usr shared no-idea no-rc5 no-mdc2"
+CONFIG_OPTIONS="--prefix=/usr shared zlib no-idea no-rc5"
 INSTALL_PREFIX=/tmp/install
 
 VERSION=
@@ -21,11 +21,11 @@ function cleanup()
 
 function get_openssl_version()
 {
-  eval `grep '^VERSION=' Makefile.ssl`
+  eval `grep '^VERSION=' Makefile`
   if [ -z "${VERSION}" ]
   then
-    echo "Error: Couldn't retrieve OpenSSL version from Makefile.ssl."
-    echo "       Check value of variable VERSION in Makefile.ssl."
+    echo "Error: Couldn't retrieve OpenSSL version from Makefile."
+    echo "       Check value of variable VERSION in Makefile."
     exit 1
   fi
 }
@@ -47,6 +47,14 @@ function doc_install()
   create_cygwin_readme
 }
 
+function certs_install()
+{
+  CERTS_DIR=${INSTALL_PREFIX}/usr/ssl/certs
+
+  mkdir -p ${CERTS_DIR}
+  cp -rp certs/* ${CERTS_DIR}
+}
+
 function create_cygwin_readme()
 {
   README_DIR=${INSTALL_PREFIX}/usr/share/doc/Cygwin
@@ -58,7 +66,7 @@ function create_cygwin_readme()
 
 	  ./config ${CONFIG_OPTIONS}
 
-	The IDEA, RC5 and MDC2 algorithms are disabled due to patent and/or
+	The IDEA and RC5 algorithms are disabled due to patent and/or
 	licensing issues.
 	EOF
 }
@@ -104,19 +112,25 @@ base_install
 
 doc_install
 
+certs_install
+
 create_cygwin_readme
 
 create_profile_files
 
 cd ${INSTALL_PREFIX}
-strip usr/bin/*.exe usr/bin/*.dll
+chmod u+w usr/lib/engines/*.so
+strip usr/bin/*.exe usr/bin/*.dll usr/lib/engines/*.so
+chmod u-w usr/lib/engines/*.so
 
 # Runtime package
-find etc usr/bin usr/share/doc usr/ssl/certs usr/ssl/man/man[157] \
-     usr/ssl/misc usr/ssl/openssl.cnf usr/ssl/private -empty -o \! -type d |
+find etc usr/bin usr/lib/engines usr/share/doc usr/ssl/certs \
+     usr/ssl/man/man[157] usr/ssl/misc usr/ssl/openssl.cnf usr/ssl/private \
+     -empty -o \! -type d |
 tar cjfT openssl-${VERSION}-${SUBVERSION}.tar.bz2 -
 # Development package
-find usr/include usr/lib usr/ssl/man/man3 -empty -o \! -type d |
+find usr/include usr/lib/*.a usr/lib/pkgconfig usr/ssl/man/man3 \
+     -empty -o \! -type d |
 tar cjfT openssl-devel-${VERSION}-${SUBVERSION}.tar.bz2 -
 
 ls -l openssl-${VERSION}-${SUBVERSION}.tar.bz2
diff --git a/util/deltree.com b/util/deltree.com
new file mode 100644
index 0000000000..9f36b1a5e9
--- /dev/null
+++ b/util/deltree.com
@@ -0,0 +1,34 @@
+$! DELTREE.COM
+$
+$ call deltree 'p1'
+$ exit $status
+$
+$ deltree: subroutine ! P1 is a name of a directory
+$	on control_y then goto dt_STOP
+$	on warning then goto dt_exit
+$	_dt_def = f$trnlnm("SYS$DISK")+f$directory()
+$	if f$parse(p1) .eqs. "" then exit
+$	set default 'f$parse(p1,,,"DEVICE")''f$parse(p1,,,"DIRECTORY")'
+$	p1 = f$parse(p1,,,"NAME") + f$parse(p1,,,"TYPE")
+$	_fp = f$parse(".DIR",p1)
+$ dt_loop:
+$	_f = f$search(_fp)
+$	if _f .eqs. "" then goto dt_loopend
+$	call deltree [.'f$parse(_f,,,"NAME")']*.*
+$	goto dt_loop
+$ dt_loopend:
+$	_fp = f$parse(p1,".;*")
+$	if f$search(_fp) .eqs. "" then goto dt_exit
+$	set noon
+$	set file/prot=(S:RWED,O:RWED,G:RWED,W:RWED) '_fp'
+$	set on
+$	delete/nolog '_fp'
+$ dt_exit:
+$	set default '_dt_def'
+$	goto dt_end
+$ dt_STOP:
+$	set default '_dt_def'
+$	stop/id=""
+$	exit
+$ dt_end:
+$	endsubroutine
diff --git a/util/domd b/util/domd
index 49310bbdd1..bab48cb7a2 100755
--- a/util/domd
+++ b/util/domd
@@ -11,24 +11,28 @@ if [ "$1" = "-MD" ]; then
 fi
 if [ "$MAKEDEPEND" = "" ]; then MAKEDEPEND=makedepend; fi
 
-cp Makefile.ssl Makefile.save
+cp Makefile Makefile.save
 # fake the presence of Kerberos
 touch $TOP/krb5.h
-if [ "$MAKEDEPEND" = "gcc" ]; then
+if expr "$MAKEDEPEND" : '.*gcc$' > /dev/null; then
     args=""
     while [ $# -gt 0 ]; do
 	if [ "$1" != "--" ]; then args="$args $1"; fi
 	shift
     done
-    sed -e '/^# DO NOT DELETE.*/,$d' < Makefile.ssl > Makefile.tmp
+    sed -e '/^# DO NOT DELETE.*/,$d' < Makefile > Makefile.tmp
     echo '# DO NOT DELETE THIS LINE -- make depend depends on it.' >> Makefile.tmp
-    gcc -D OPENSSL_DOING_MAKEDEPEND -M $args >> Makefile.tmp
+    ${MAKEDEPEND} -Werror -D OPENSSL_DOING_MAKEDEPEND -M $args >> Makefile.tmp || exit 1
     ${PERL} $TOP/util/clean-depend.pl < Makefile.tmp > Makefile.new
+    RC=$?
     rm -f Makefile.tmp
 else
-    ${MAKEDEPEND} -D OPENSSL_DOING_MAKEDEPEND -f Makefile.ssl $@
-    ${PERL} $TOP/util/clean-depend.pl < Makefile.ssl > Makefile.new
+    ${MAKEDEPEND} -D OPENSSL_DOING_MAKEDEPEND $@ && \
+    ${PERL} $TOP/util/clean-depend.pl < Makefile > Makefile.new
+    RC=$?
 fi
-mv Makefile.new Makefile.ssl
+mv Makefile.new Makefile
 # unfake the presence of Kerberos
 rm $TOP/krb5.h
+
+exit $RC
diff --git a/util/fixNT.sh b/util/fixNT.sh
index ce4f19299b..ab9e766b86 100755
--- a/util/fixNT.sh
+++ b/util/fixNT.sh
@@ -3,12 +3,12 @@
 # clean up the mess that NT makes of my source tree
 #
 
-if [ -f makefile.ssl -a ! -f Makefile.ssl ]; then
-	/bin/mv makefile.ssl Makefile.ssl
+if [ -f makefile -a ! -f Makefile ]; then
+	/bin/mv makefile Makefile
 fi
 chmod +x Configure util/*
 echo cleaning
 /bin/rm -f `find . -name '*.$$$' -print` 2>/dev/null >/dev/null
 echo 'removing those damn ^M'
 perl -pi -e 's/\015//' `find . -type 'f' -print |grep -v '.obj$' |grep -v '.der$' |grep -v '.gz'`
-make -f Makefile.ssl links
+make -f Makefile links
diff --git a/util/libeay.num b/util/libeay.num
index 30beee2fb3..25556e86de 100755
--- a/util/libeay.num
+++ b/util/libeay.num
@@ -1,9 +1,9 @@
 SSLeay                                  1	EXIST::FUNCTION:
 SSLeay_version                          2	EXIST::FUNCTION:
-ASN1_BIT_STRING_asn1_meth               3	EXIST::FUNCTION:
-ASN1_HEADER_free                        4	EXIST::FUNCTION:
-ASN1_HEADER_new                         5	EXIST::FUNCTION:
-ASN1_IA5STRING_asn1_meth                6	EXIST::FUNCTION:
+ASN1_BIT_STRING_asn1_meth               3	NOEXIST::FUNCTION:
+ASN1_HEADER_free                        4	NOEXIST::FUNCTION:
+ASN1_HEADER_new                         5	NOEXIST::FUNCTION:
+ASN1_IA5STRING_asn1_meth                6	NOEXIST::FUNCTION:
 ASN1_INTEGER_get                        7	EXIST::FUNCTION:
 ASN1_INTEGER_set                        8	EXIST::FUNCTION:
 ASN1_INTEGER_to_BN                      9	EXIST::FUNCTION:
@@ -75,8 +75,8 @@ BIO_new                                 78	EXIST::FUNCTION:
 BIO_new_accept                          79	EXIST::FUNCTION:
 BIO_new_connect                         80	EXIST::FUNCTION:
 BIO_new_fd                              81	EXIST::FUNCTION:
-BIO_new_file                            82	EXIST:!WIN16:FUNCTION:FP_API
-BIO_new_fp                              83	EXIST:!WIN16:FUNCTION:FP_API
+BIO_new_file                            82	EXIST::FUNCTION:FP_API
+BIO_new_fp                              83	EXIST::FUNCTION:FP_API
 BIO_new_socket                          84	EXIST::FUNCTION:
 BIO_pop                                 85	EXIST::FUNCTION:
 BIO_printf                              86	EXIST::FUNCTION:
@@ -86,7 +86,7 @@ BIO_read                                89	EXIST::FUNCTION:
 BIO_s_accept                            90	EXIST::FUNCTION:
 BIO_s_connect                           91	EXIST::FUNCTION:
 BIO_s_fd                                92	EXIST::FUNCTION:
-BIO_s_file                              93	EXIST:!WIN16:FUNCTION:FP_API
+BIO_s_file                              93	EXIST::FUNCTION:FP_API
 BIO_s_mem                               95	EXIST::FUNCTION:
 BIO_s_null                              96	EXIST::FUNCTION:
 BIO_s_proxy_client                      97	NOEXIST::FUNCTION:
@@ -172,7 +172,7 @@ CRYPTO_dbg_realloc                      179	EXIST::FUNCTION:
 CRYPTO_dbg_remalloc                     180	NOEXIST::FUNCTION:
 CRYPTO_free                             181	EXIST::FUNCTION:
 CRYPTO_get_add_lock_callback            182	EXIST::FUNCTION:
-CRYPTO_get_id_callback                  183	EXIST::FUNCTION:
+CRYPTO_get_id_callback                  183	EXIST::FUNCTION:DEPRECATED
 CRYPTO_get_lock_name                    184	EXIST::FUNCTION:
 CRYPTO_get_locking_callback             185	EXIST::FUNCTION:
 CRYPTO_get_mem_functions                186	EXIST::FUNCTION:
@@ -185,10 +185,10 @@ CRYPTO_mem_leaks_fp                     192	EXIST::FUNCTION:FP_API
 CRYPTO_realloc                          193	EXIST::FUNCTION:
 CRYPTO_remalloc                         194	EXIST::FUNCTION:
 CRYPTO_set_add_lock_callback            195	EXIST::FUNCTION:
-CRYPTO_set_id_callback                  196	EXIST::FUNCTION:
+CRYPTO_set_id_callback                  196	EXIST::FUNCTION:DEPRECATED
 CRYPTO_set_locking_callback             197	EXIST::FUNCTION:
 CRYPTO_set_mem_functions                198	EXIST::FUNCTION:
-CRYPTO_thread_id                        199	EXIST::FUNCTION:
+CRYPTO_thread_id                        199	EXIST::FUNCTION:DEPRECATED
 DH_check                                200	EXIST::FUNCTION:DH
 DH_compute_key                          201	EXIST::FUNCTION:DH
 DH_free                                 202	EXIST::FUNCTION:DH
@@ -243,7 +243,7 @@ ERR_print_errors                        250	EXIST::FUNCTION:BIO
 ERR_print_errors_fp                     251	EXIST::FUNCTION:FP_API
 ERR_put_error                           252	EXIST::FUNCTION:
 ERR_reason_error_string                 253	EXIST::FUNCTION:
-ERR_remove_state                        254	EXIST::FUNCTION:
+ERR_remove_state                        254	EXIST::FUNCTION:DEPRECATED
 EVP_BytesToKey                          255	EXIST::FUNCTION:
 EVP_CIPHER_CTX_cleanup                  256	EXIST::FUNCTION:
 EVP_CipherFinal                         257	EXIST::FUNCTION:
@@ -343,7 +343,7 @@ NETSCAPE_SPKI_new                       350	EXIST::FUNCTION:
 NETSCAPE_SPKI_sign                      351	EXIST::FUNCTION:EVP
 NETSCAPE_SPKI_verify                    352	EXIST::FUNCTION:EVP
 OBJ_add_object                          353	EXIST::FUNCTION:
-OBJ_bsearch                             354	EXIST::FUNCTION:
+OBJ_bsearch                             354	NOEXIST::FUNCTION:
 OBJ_cleanup                             355	EXIST::FUNCTION:
 OBJ_cmp                                 356	EXIST::FUNCTION:
 OBJ_create                              357	EXIST::FUNCTION:
@@ -356,9 +356,9 @@ OBJ_nid2sn                              363	EXIST::FUNCTION:
 OBJ_obj2nid                             364	EXIST::FUNCTION:
 OBJ_sn2nid                              365	EXIST::FUNCTION:
 OBJ_txt2nid                             366	EXIST::FUNCTION:
-PEM_ASN1_read                           367	EXIST:!WIN16:FUNCTION:
+PEM_ASN1_read                           367	EXIST::FUNCTION:
 PEM_ASN1_read_bio                       368	EXIST::FUNCTION:BIO
-PEM_ASN1_write                          369	EXIST:!WIN16:FUNCTION:
+PEM_ASN1_write                          369	EXIST::FUNCTION:
 PEM_ASN1_write_bio                      370	EXIST::FUNCTION:BIO
 PEM_SealFinal                           371	EXIST::FUNCTION:RSA
 PEM_SealInit                            372	EXIST::FUNCTION:RSA
@@ -366,14 +366,14 @@ PEM_SealUpdate                          373	EXIST::FUNCTION:RSA
 PEM_SignFinal                           374	EXIST::FUNCTION:
 PEM_SignInit                            375	EXIST::FUNCTION:
 PEM_SignUpdate                          376	EXIST::FUNCTION:
-PEM_X509_INFO_read                      377	EXIST:!WIN16:FUNCTION:
+PEM_X509_INFO_read                      377	EXIST::FUNCTION:
 PEM_X509_INFO_read_bio                  378	EXIST::FUNCTION:BIO
 PEM_X509_INFO_write_bio                 379	EXIST::FUNCTION:BIO
 PEM_dek_info                            380	EXIST::FUNCTION:
 PEM_do_header                           381	EXIST::FUNCTION:
 PEM_get_EVP_CIPHER_INFO                 382	EXIST::FUNCTION:
 PEM_proc_type                           383	EXIST::FUNCTION:
-PEM_read                                384	EXIST:!WIN16:FUNCTION:
+PEM_read                                384	EXIST::FUNCTION:
 PEM_read_DHparams                       385	EXIST:!WIN16:FUNCTION:DH
 PEM_read_DSAPrivateKey                  386	EXIST:!WIN16:FUNCTION:DSA
 PEM_read_DSAparams                      387	EXIST:!WIN16:FUNCTION:DSA
@@ -393,7 +393,7 @@ PEM_read_bio_RSAPrivateKey              400	EXIST::FUNCTION:RSA
 PEM_read_bio_X509                       401	EXIST::FUNCTION:
 PEM_read_bio_X509_CRL                   402	EXIST::FUNCTION:
 PEM_read_bio_X509_REQ                   403	EXIST::FUNCTION:
-PEM_write                               404	EXIST:!WIN16:FUNCTION:
+PEM_write                               404	EXIST::FUNCTION:
 PEM_write_DHparams                      405	EXIST:!WIN16:FUNCTION:DH
 PEM_write_DSAPrivateKey                 406	EXIST:!WIN16:FUNCTION:DSA
 PEM_write_DSAparams                     407	EXIST:!WIN16:FUNCTION:DSA
@@ -469,7 +469,7 @@ RC2_set_key                             476	EXIST::FUNCTION:RC2
 RC4                                     477	EXIST::FUNCTION:RC4
 RC4_options                             478	EXIST::FUNCTION:RC4
 RC4_set_key                             479	EXIST::FUNCTION:RC4
-RSAPrivateKey_asn1_meth                 480	EXIST::FUNCTION:RSA
+RSAPrivateKey_asn1_meth                 480	NOEXIST::FUNCTION:
 RSAPrivateKey_dup                       481	EXIST::FUNCTION:RSA
 RSAPublicKey_dup                        482	EXIST::FUNCTION:RSA
 RSA_PKCS1_SSLeay                        483	EXIST::FUNCTION:RSA
@@ -624,7 +624,7 @@ X509_STORE_set_default_paths            630	EXIST::FUNCTION:STDIO
 X509_VAL_free                           631	EXIST::FUNCTION:
 X509_VAL_new                            632	EXIST::FUNCTION:
 X509_add_ext                            633	EXIST::FUNCTION:
-X509_asn1_meth                          634	EXIST::FUNCTION:
+X509_asn1_meth                          634	NOEXIST::FUNCTION:
 X509_certificate_type                   635	EXIST::FUNCTION:
 X509_check_private_key                  636	EXIST::FUNCTION:
 X509_cmp_current_time                   637	EXIST::FUNCTION:
@@ -704,7 +704,7 @@ bn_sqr_words                            710	EXIST::FUNCTION:
 _ossl_old_crypt                         711	EXIST:!NeXT,!PERL5:FUNCTION:DES
 d2i_ASN1_BIT_STRING                     712	EXIST::FUNCTION:
 d2i_ASN1_BOOLEAN                        713	EXIST::FUNCTION:
-d2i_ASN1_HEADER                         714	EXIST::FUNCTION:
+d2i_ASN1_HEADER                         714	NOEXIST::FUNCTION:
 d2i_ASN1_IA5STRING                      715	EXIST::FUNCTION:
 d2i_ASN1_INTEGER                        716	EXIST::FUNCTION:
 d2i_ASN1_OBJECT                         717	EXIST::FUNCTION:
@@ -725,7 +725,7 @@ d2i_DSAPublicKey                        731	EXIST::FUNCTION:DSA
 d2i_DSAparams                           732	EXIST::FUNCTION:DSA
 d2i_NETSCAPE_SPKAC                      733	EXIST::FUNCTION:
 d2i_NETSCAPE_SPKI                       734	EXIST::FUNCTION:
-d2i_Netscape_RSA                        735	EXIST::FUNCTION:RSA
+d2i_Netscape_RSA                        735	EXIST::FUNCTION:RC4,RSA
 d2i_PKCS7                               736	EXIST::FUNCTION:
 d2i_PKCS7_DIGEST                        737	EXIST::FUNCTION:
 d2i_PKCS7_ENCRYPT                       738	EXIST::FUNCTION:
@@ -802,14 +802,14 @@ DES_set_odd_parity                      809	EXIST::FUNCTION:DES
 DES_string_to_2keys                     810	EXIST::FUNCTION:DES
 DES_string_to_key                       811	EXIST::FUNCTION:DES
 DES_xcbc_encrypt                        812	EXIST::FUNCTION:DES
-DES_xwhite_in2out                       813	EXIST::FUNCTION:DES
+DES_xwhite_in2out                       813	NOEXIST::FUNCTION:
 fcrypt_body                             814	NOEXIST::FUNCTION:
 i2a_ASN1_INTEGER                        815	EXIST::FUNCTION:BIO
 i2a_ASN1_OBJECT                         816	EXIST::FUNCTION:BIO
 i2a_ASN1_STRING                         817	EXIST::FUNCTION:BIO
 i2d_ASN1_BIT_STRING                     818	EXIST::FUNCTION:
 i2d_ASN1_BOOLEAN                        819	EXIST::FUNCTION:
-i2d_ASN1_HEADER                         820	EXIST::FUNCTION:
+i2d_ASN1_HEADER                         820	NOEXIST::FUNCTION:
 i2d_ASN1_IA5STRING                      821	EXIST::FUNCTION:
 i2d_ASN1_INTEGER                        822	EXIST::FUNCTION:
 i2d_ASN1_OBJECT                         823	EXIST::FUNCTION:
@@ -827,7 +827,7 @@ i2d_DSAPublicKey                        834	EXIST::FUNCTION:DSA
 i2d_DSAparams                           835	EXIST::FUNCTION:DSA
 i2d_NETSCAPE_SPKAC                      836	EXIST::FUNCTION:
 i2d_NETSCAPE_SPKI                       837	EXIST::FUNCTION:
-i2d_Netscape_RSA                        838	EXIST::FUNCTION:RSA
+i2d_Netscape_RSA                        838	EXIST::FUNCTION:RC4,RSA
 i2d_PKCS7                               839	EXIST::FUNCTION:
 i2d_PKCS7_DIGEST                        840	EXIST::FUNCTION:
 i2d_PKCS7_ENCRYPT                       841	EXIST::FUNCTION:
@@ -950,9 +950,9 @@ ERR_get_next_error_library              966	EXIST::FUNCTION:
 EVP_PKEY_cmp_parameters                 967	EXIST::FUNCTION:
 HMAC_cleanup                            968	NOEXIST::FUNCTION:
 BIO_ptr_ctrl                            969	EXIST::FUNCTION:
-BIO_new_file_internal                   970	EXIST:WIN16:FUNCTION:FP_API
-BIO_new_fp_internal                     971	EXIST:WIN16:FUNCTION:FP_API
-BIO_s_file_internal                     972	EXIST:WIN16:FUNCTION:FP_API
+BIO_new_file_internal                   970	NOEXIST::FUNCTION:
+BIO_new_fp_internal                     971	NOEXIST::FUNCTION:
+BIO_s_file_internal                     972	NOEXIST::FUNCTION:
 BN_BLINDING_convert                     973	EXIST::FUNCTION:
 BN_BLINDING_invert                      974	EXIST::FUNCTION:
 BN_BLINDING_update                      975	EXIST::FUNCTION:
@@ -984,8 +984,8 @@ BIO_ghbn_ctrl                           1003	NOEXIST::FUNCTION:
 CRYPTO_free_ex_data                     1004	EXIST::FUNCTION:
 CRYPTO_get_ex_data                      1005	EXIST::FUNCTION:
 CRYPTO_set_ex_data                      1007	EXIST::FUNCTION:
-ERR_load_CRYPTO_strings                 1009	EXIST:!OS2,!VMS,!WIN16:FUNCTION:
-ERR_load_CRYPTOlib_strings              1009	EXIST:OS2,VMS,WIN16:FUNCTION:
+ERR_load_CRYPTO_strings                 1009	EXIST:!OS2,!VMS:FUNCTION:
+ERR_load_CRYPTOlib_strings              1009	EXIST:OS2,VMS:FUNCTION:
 EVP_PKEY_bits                           1010	EXIST::FUNCTION:
 MD5_Transform                           1011	EXIST::FUNCTION:MD5
 SHA1_Transform                          1012	EXIST::FUNCTION:SHA,SHA1
@@ -1117,11 +1117,11 @@ COMP_compress_block                     1144	EXIST::FUNCTION:
 COMP_expand_block                       1145	EXIST::FUNCTION:
 COMP_rle                                1146	EXIST::FUNCTION:
 COMP_zlib                               1147	EXIST::FUNCTION:
-ms_time_diff                            1148	EXIST::FUNCTION:
-ms_time_new                             1149	EXIST::FUNCTION:
-ms_time_free                            1150	EXIST::FUNCTION:
-ms_time_cmp                             1151	EXIST::FUNCTION:
-ms_time_get                             1152	EXIST::FUNCTION:
+ms_time_diff                            1148	NOEXIST::FUNCTION:
+ms_time_new                             1149	NOEXIST::FUNCTION:
+ms_time_free                            1150	NOEXIST::FUNCTION:
+ms_time_cmp                             1151	NOEXIST::FUNCTION:
+ms_time_get                             1152	NOEXIST::FUNCTION:
 PKCS7_set_attributes                    1153	EXIST::FUNCTION:
 PKCS7_set_signed_attributes             1154	EXIST::FUNCTION:
 X509_ATTRIBUTE_create                   1155	EXIST::FUNCTION:
@@ -1255,8 +1255,8 @@ PKCS12_gen_mac                          1278	EXIST::FUNCTION:
 PKCS12_verify_mac                       1279	EXIST::FUNCTION:
 PKCS12_set_mac                          1280	EXIST::FUNCTION:
 PKCS12_setup_mac                        1281	EXIST::FUNCTION:
-asc2uni                                 1282	EXIST::FUNCTION:
-uni2asc                                 1283	EXIST::FUNCTION:
+OPENSSL_asc2uni                         1282	EXIST::FUNCTION:
+OPENSSL_uni2asc                         1283	EXIST::FUNCTION:
 i2d_PKCS12_BAGS                         1284	EXIST::FUNCTION:
 PKCS12_BAGS_new                         1285	EXIST::FUNCTION:
 d2i_PKCS12_BAGS                         1286	EXIST::FUNCTION:
@@ -1814,9 +1814,9 @@ RAND_egd_bytes                          2402	EXIST::FUNCTION:
 X509_REQ_get1_email                     2403	EXIST::FUNCTION:
 X509_get1_email                         2404	EXIST::FUNCTION:
 X509_email_free                         2405	EXIST::FUNCTION:
-i2d_RSA_NET                             2406	EXIST::FUNCTION:RSA
+i2d_RSA_NET                             2406	EXIST::FUNCTION:RC4,RSA
 d2i_RSA_NET_2                           2407	NOEXIST::FUNCTION:
-d2i_RSA_NET                             2408	EXIST::FUNCTION:RSA
+d2i_RSA_NET                             2408	EXIST::FUNCTION:RC4,RSA
 DSO_bind_func                           2409	EXIST::FUNCTION:
 CRYPTO_get_new_dynlockid                2410	EXIST::FUNCTION:
 sk_new_null                             2411	EXIST::FUNCTION:
@@ -2081,7 +2081,7 @@ NETSCAPE_SPKAC_it                       2641	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIA
 NETSCAPE_SPKAC_it                       2641	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
 X509_REVOKED_it                         2642	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
 X509_REVOKED_it                         2642	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-ASN1_STRING_encode                      2643	EXIST::FUNCTION:
+ASN1_STRING_encode                      2643	NOEXIST::FUNCTION:
 EVP_aes_128_ecb                         2644	EXIST::FUNCTION:AES
 KRB5_AUTHENT_free                       2645	EXIST::FUNCTION:
 OCSP_BASICRESP_get_ext_by_critical      2646	EXIST:!VMS:FUNCTION:
@@ -2089,7 +2089,7 @@ OCSP_BASICRESP_get_ext_by_crit          2646	EXIST:VMS:FUNCTION:
 OCSP_cert_status_str                    2647	EXIST::FUNCTION:
 d2i_OCSP_REQUEST                        2648	EXIST::FUNCTION:
 UI_dup_info_string                      2649	EXIST::FUNCTION:
-_ossl_old_des_xwhite_in2out             2650	EXIST::FUNCTION:DES
+_ossl_old_des_xwhite_in2out             2650	NOEXIST::FUNCTION:
 PKCS12_it                               2651	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
 PKCS12_it                               2651	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
 OCSP_SINGLERESP_get_ext_by_critical     2652	EXIST:!VMS:FUNCTION:
@@ -2732,8 +2732,8 @@ EC_POINT_point2oct                      3178	EXIST::FUNCTION:EC
 KRB5_APREQ_free                         3179	EXIST::FUNCTION:
 ASN1_OBJECT_it                          3180	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
 ASN1_OBJECT_it                          3180	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-OCSP_crlID_new                          3181	EXIST:!OS2,!VMS,!WIN16:FUNCTION:
-OCSP_crlID2_new                         3181	EXIST:OS2,VMS,WIN16:FUNCTION:
+OCSP_crlID_new                          3181	EXIST:!OS2,!VMS:FUNCTION:
+OCSP_crlID2_new                         3181	EXIST:OS2,VMS:FUNCTION:
 CONF_modules_load_file                  3182	EXIST::FUNCTION:
 CONF_imodule_set_usr_data               3183	EXIST::FUNCTION:
 ENGINE_set_default_string               3184	EXIST::FUNCTION:ENGINE
@@ -2776,10 +2776,10 @@ ENGINE_load_4758cca                     3218	EXIST::FUNCTION:ENGINE,STATIC_ENGIN
 _ossl_096_des_random_seed               3219	EXIST::FUNCTION:DES
 EVP_aes_256_ofb                         3220	EXIST::FUNCTION:AES
 EVP_aes_192_ofb                         3221	EXIST::FUNCTION:AES
-EVP_aes_128_cfb64                       3222	NOEXIST::FUNCTION:
-EVP_aes_256_cfb64                       3223	NOEXIST::FUNCTION:
+EVP_aes_128_cfb128                      3222	EXIST::FUNCTION:AES
+EVP_aes_256_cfb128                      3223	EXIST::FUNCTION:AES
 EVP_aes_128_ofb                         3224	EXIST::FUNCTION:AES
-EVP_aes_192_cfb64                       3225	NOEXIST::FUNCTION:
+EVP_aes_192_cfb128                      3225	EXIST::FUNCTION:AES
 CONF_modules_free                       3226	EXIST::FUNCTION:
 NCONF_default                           3227	EXIST::FUNCTION:
 OPENSSL_no_config                       3228	EXIST::FUNCTION:
@@ -2801,7 +2801,6 @@ BIO_indent                              3242	EXIST::FUNCTION:
 BUF_strlcpy                             3243	EXIST::FUNCTION:
 OpenSSLDie                              3244	EXIST::FUNCTION:
 OPENSSL_cleanse                         3245	EXIST::FUNCTION:
-BN_get0_nist_prime_384                  3246	EXIST::FUNCTION:
 ENGINE_setup_bsd_cryptodev              3246	EXIST:__FreeBSD__:FUNCTION:ENGINE
 ERR_release_err_state_table             3247	EXIST::FUNCTION:LHASH
 EVP_aes_128_cfb8                        3248	EXIST::FUNCTION:AES
@@ -2816,7 +2815,7 @@ FIPS_allow_md5                          3256	NOEXIST::FUNCTION:
 DES_ede3_cfb_encrypt                    3257	EXIST::FUNCTION:DES
 EVP_des_ede3_cfb8                       3258	EXIST::FUNCTION:DES
 FIPS_rand_seeded                        3259	NOEXIST::FUNCTION:
-AES_cfbr_encrypt_block                  3260	EXIST::FUNCTION:AES
+AES_cfbr_encrypt_block                  3260	NOEXIST::FUNCTION:
 AES_cfb8_encrypt                        3261	EXIST::FUNCTION:AES
 FIPS_rand_seed                          3262	NOEXIST::FUNCTION:
 FIPS_corrupt_des                        3263	NOEXIST::FUNCTION:
@@ -2843,460 +2842,1338 @@ FIPS_mode                               3283	NOEXIST::FUNCTION:
 FIPS_selftest_failed                    3284	NOEXIST::FUNCTION:
 sk_is_sorted                            3285	EXIST::FUNCTION:
 X509_check_ca                           3286	EXIST::FUNCTION:
-d2i_PROXY_CERT_INFO_EXTENSION           3287	EXIST::FUNCTION:
-PROXY_POLICY_it                         3288	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-PROXY_POLICY_it                         3288	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-i2d_PROXY_POLICY                        3289	EXIST::FUNCTION:
-i2d_PROXY_CERT_INFO_EXTENSION           3290	EXIST::FUNCTION:
-d2i_PROXY_POLICY                        3291	EXIST::FUNCTION:
-PROXY_CERT_INFO_EXTENSION_new           3292	EXIST::FUNCTION:
-PROXY_CERT_INFO_EXTENSION_free          3293	EXIST::FUNCTION:
-PROXY_CERT_INFO_EXTENSION_it            3294	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-PROXY_CERT_INFO_EXTENSION_it            3294	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-PROXY_POLICY_free                       3295	EXIST::FUNCTION:
-PROXY_POLICY_new                        3296	EXIST::FUNCTION:
-ERR_set_mark                            3297	EXIST::FUNCTION:
-X509_STORE_CTX_set0_crls                3298	EXIST::FUNCTION:
-ENGINE_set_STORE                        3299	EXIST::FUNCTION:ENGINE
-ENGINE_register_ECDSA                   3300	EXIST::FUNCTION:ENGINE
-STORE_method_set_list_start_function    3301	EXIST:!VMS:FUNCTION:
-STORE_meth_set_list_start_fn            3301	EXIST:VMS:FUNCTION:
-NAME_CONSTRAINTS_free                   3302	EXIST::FUNCTION:
-STORE_ATTR_INFO_set_number              3303	EXIST::FUNCTION:
-X509_STORE_CTX_set0_param               3304	EXIST::FUNCTION:
-POLICY_MAPPING_it                       3305	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-POLICY_MAPPING_it                       3305	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-STORE_parse_attrs_start                 3306	EXIST::FUNCTION:
-POLICY_CONSTRAINTS_free                 3307	EXIST::FUNCTION:
-BN_nist_mod_192                         3308	EXIST::FUNCTION:
-EC_GROUP_get_trinomial_basis            3309	EXIST::FUNCTION:EC
-STORE_set_method                        3310	EXIST::FUNCTION:
-EVP_aes_256_cfb128                      3311	EXIST::FUNCTION:AES
-GENERAL_SUBTREE_free                    3312	EXIST::FUNCTION:
-NAME_CONSTRAINTS_it                     3313	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-NAME_CONSTRAINTS_it                     3313	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-ECDH_get_default_method                 3314	EXIST::FUNCTION:ECDH
-PKCS12_add_safe                         3315	EXIST::FUNCTION:
-STORE_method_get_update_store_function  3316	EXIST:!VMS:FUNCTION:
-STORE_meth_get_update_store_fn          3316	EXIST:VMS:FUNCTION:
-ENGINE_register_ECDH                    3317	EXIST::FUNCTION:ENGINE
-EVP_sha384                              3318	EXIST::FUNCTION:SHA,SHA512
-SHA512_Update                           3319	EXIST::FUNCTION:SHA,SHA512
-i2d_ECPrivateKey                        3320	EXIST::FUNCTION:EC
-BN_get0_nist_prime_192                  3321	EXIST::FUNCTION:
-STORE_modify_certificate                3322	EXIST::FUNCTION:
-EC_POINT_set_affine_coordinates_GF2m    3323	EXIST:!VMS:FUNCTION:EC
-EC_POINT_set_affine_coords_GF2m         3323	EXIST:VMS:FUNCTION:EC
-BN_GF2m_mod_exp_arr                     3324	EXIST::FUNCTION:
-STORE_ATTR_INFO_modify_number           3325	EXIST::FUNCTION:
-X509_keyid_get0                         3326	EXIST::FUNCTION:
-EC_GROUP_new_by_nid                     3327	EXIST::FUNCTION:EC
-ENGINE_load_gmp                         3328	EXIST::FUNCTION:ENGINE,STATIC_ENGINE
-BN_GF2m_mod_mul_arr                     3329	EXIST::FUNCTION:
-STORE_list_public_key_endp              3330	EXIST::FUNCTION:
-o2i_ECPublicKey                         3331	EXIST::FUNCTION:EC
-EC_KEY_copy                             3332	EXIST::FUNCTION:EC
-BIO_dump_fp                             3333	EXIST::FUNCTION:FP_API
-X509_policy_node_get0_parent            3334	EXIST::FUNCTION:
-EC_GROUP_check_discriminant             3335	EXIST::FUNCTION:EC
-i2o_ECPublicKey                         3336	EXIST::FUNCTION:EC
-a2i_IPADDRESS                           3337	EXIST::FUNCTION:
-STORE_method_set_initialise_function    3338	EXIST:!VMS:FUNCTION:
-STORE_meth_set_initialise_fn            3338	EXIST:VMS:FUNCTION:
-X509_STORE_CTX_set_depth                3339	EXIST::FUNCTION:
-X509_VERIFY_PARAM_inherit               3340	EXIST::FUNCTION:
-EC_POINT_point2bn                       3341	EXIST::FUNCTION:EC
-STORE_ATTR_INFO_set_dn                  3342	EXIST::FUNCTION:
-X509_policy_tree_get0_policies          3343	EXIST::FUNCTION:
-EC_GROUP_new_curve_GF2m                 3344	EXIST::FUNCTION:EC
-STORE_destroy_method                    3345	EXIST::FUNCTION:
-ENGINE_unregister_STORE                 3346	EXIST::FUNCTION:ENGINE
-EVP_PKEY_get1_EC_KEY                    3347	EXIST::FUNCTION:EC
-STORE_ATTR_INFO_get0_number             3348	EXIST::FUNCTION:
-ENGINE_get_default_ECDH                 3349	EXIST::FUNCTION:ENGINE
-ASN1_OCTET_STRING_NDEF_it               3350	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-ASN1_OCTET_STRING_NDEF_it               3350	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-STORE_delete_public_key                 3351	EXIST::FUNCTION:
-STORE_get_public_key                    3352	EXIST::FUNCTION:
-STORE_modify_arbitrary                  3353	EXIST::FUNCTION:
-ENGINE_get_static_state                 3354	EXIST::FUNCTION:ENGINE
-ECDSA_SIG_new                           3355	EXIST::FUNCTION:ECDSA
-OPENSSL_DIR_end                         3356	EXIST::FUNCTION:
-BN_GF2m_mod_sqr                         3357	EXIST::FUNCTION:
-EC_POINT_bn2point                       3358	EXIST::FUNCTION:EC
-X509_VERIFY_PARAM_set_depth             3359	EXIST::FUNCTION:
-STORE_get_method                        3360	EXIST::FUNCTION:
-STORE_parse_attrs_end                   3361	EXIST::FUNCTION:
-EC_GROUP_get_point_conversion_form      3362	EXIST:!VMS:FUNCTION:EC
-EC_GROUP_get_point_conv_form            3362	EXIST:VMS:FUNCTION:EC
-STORE_method_set_store_function         3363	EXIST::FUNCTION:
-STORE_ATTR_INFO_in                      3364	EXIST::FUNCTION:
-PEM_read_bio_ECPKParameters             3365	EXIST::FUNCTION:EC
-EC_GROUP_get_pentanomial_basis          3366	EXIST::FUNCTION:EC
-X509_VERIFY_PARAM_set1_policies         3367	EXIST::FUNCTION:
-EVP_sha512                              3368	EXIST::FUNCTION:SHA,SHA512
-X509_VERIFY_PARAM_set1_name             3369	EXIST::FUNCTION:
-X509_VERIFY_PARAM_set_purpose           3370	EXIST::FUNCTION:
-EC_GROUP_get_nid                        3371	EXIST::FUNCTION:EC
-STORE_get_number                        3372	EXIST::FUNCTION:
-ECDSA_sign_setup                        3373	EXIST::FUNCTION:ECDSA
-BN_GF2m_mod_solve_quad_arr              3374	EXIST::FUNCTION:
-EC_KEY_up_ref                           3375	EXIST::FUNCTION:EC
-POLICY_MAPPING_free                     3376	EXIST::FUNCTION:
-BN_GF2m_mod_div                         3377	EXIST::FUNCTION:
-X509_VERIFY_PARAM_set_flags             3378	EXIST::FUNCTION:
-EC_KEY_free                             3379	EXIST::FUNCTION:EC
-STORE_method_set_list_next_function     3380	EXIST:!VMS:FUNCTION:
-STORE_meth_set_list_next_fn             3380	EXIST:VMS:FUNCTION:
-PEM_write_bio_ECPrivateKey              3381	EXIST::FUNCTION:EC
-d2i_EC_PUBKEY                           3382	EXIST::FUNCTION:EC
-STORE_method_get_generate_function      3383	EXIST:!VMS:FUNCTION:
-STORE_meth_get_generate_fn              3383	EXIST:VMS:FUNCTION:
-STORE_method_set_list_end_function      3384	EXIST:!VMS:FUNCTION:
-STORE_meth_set_list_end_fn              3384	EXIST:VMS:FUNCTION:
-EC_GROUP_have_precompute_mult           3385	EXIST::FUNCTION:EC
-EC_KEY_print_fp                         3386	EXIST::FUNCTION:EC,FP_API
-BN_GF2m_mod_arr                         3387	EXIST::FUNCTION:
-PEM_write_bio_X509_CERT_PAIR            3388	EXIST::FUNCTION:
-EVP_PKEY_cmp                            3389	EXIST::FUNCTION:
-X509_policy_level_node_count            3390	EXIST::FUNCTION:
-STORE_new_engine                        3391	EXIST::FUNCTION:
-STORE_list_public_key_start             3392	EXIST::FUNCTION:
-X509_VERIFY_PARAM_new                   3393	EXIST::FUNCTION:
-ECDH_get_ex_data                        3394	EXIST::FUNCTION:ECDH
-ECDSA_do_sign                           3395	EXIST::FUNCTION:ECDSA
-ENGINE_unregister_ECDH                  3396	EXIST::FUNCTION:ENGINE
-ECDH_OpenSSL                            3397	EXIST::FUNCTION:ECDH
-EC_POINT_dup                            3398	EXIST::FUNCTION:EC
-GENERAL_SUBTREE_new                     3399	EXIST::FUNCTION:
-STORE_list_crl_endp                     3400	EXIST::FUNCTION:
-EC_get_builtin_curves                   3401	EXIST::FUNCTION:EC
-EVP_aes_128_cfb128                      3402	EXIST::FUNCTION:AES
-X509_policy_node_get0_qualifiers        3403	EXIST:!VMS:FUNCTION:
-X509_pcy_node_get0_qualifiers           3403	EXIST:VMS:FUNCTION:
-STORE_list_crl_end                      3404	EXIST::FUNCTION:
-EVP_PKEY_set1_EC_KEY                    3405	EXIST::FUNCTION:EC
-BN_GF2m_mod_sqrt_arr                    3406	EXIST::FUNCTION:
-i2d_ECPrivateKey_bio                    3407	EXIST::FUNCTION:BIO,EC
-ECPKParameters_print_fp                 3408	EXIST::FUNCTION:EC,FP_API
-ECDSA_SIG_free                          3409	EXIST::FUNCTION:ECDSA
-PEM_write_bio_ECPKParameters            3410	EXIST::FUNCTION:EC
-STORE_method_set_ctrl_function          3411	EXIST::FUNCTION:
-STORE_list_public_key_end               3412	EXIST::FUNCTION:
-EC_GROUP_set_nid                        3413	EXIST::FUNCTION:EC
-STORE_get_arbitrary                     3414	EXIST::FUNCTION:
-STORE_store_crl                         3415	EXIST::FUNCTION:
-X509_policy_node_get0_policy            3416	EXIST::FUNCTION:
-PKCS12_add_safes                        3417	EXIST::FUNCTION:
-X509_policy_tree_free                   3418	EXIST::FUNCTION:
-BN_GF2m_poly2arr                        3419	EXIST::FUNCTION:
-STORE_ctrl                              3420	EXIST::FUNCTION:
-EVP_sha224                              3421	EXIST::FUNCTION:SHA,SHA256
-STORE_ATTR_INFO_compare                 3422	EXIST::FUNCTION:
-BN_get0_nist_prime_224                  3423	EXIST::FUNCTION:
-i2d_ECParameters                        3424	EXIST::FUNCTION:EC
-i2d_ECPKParameters                      3425	EXIST::FUNCTION:EC
-BN_GENCB_call                           3426	EXIST::FUNCTION:
-BN_ncopy                                3427	EXIST::FUNCTION:
-d2i_ECPKParameters                      3428	EXIST::FUNCTION:EC
-STORE_method_set_generate_function      3429	EXIST:!VMS:FUNCTION:
-STORE_meth_set_generate_fn              3429	EXIST:VMS:FUNCTION:
-ENGINE_set_ECDH                         3430	EXIST::FUNCTION:ENGINE
-NAME_CONSTRAINTS_new                    3431	EXIST::FUNCTION:
-SHA256_Init                             3432	EXIST::FUNCTION:SHA,SHA256
-PEM_write_bio_EC_PUBKEY                 3433	EXIST::FUNCTION:EC
-STORE_ATTR_INFO_set_cstr                3434	EXIST::FUNCTION:
-STORE_list_crl_next                     3435	EXIST::FUNCTION:
-STORE_ATTR_INFO_in_range                3436	EXIST::FUNCTION:
-ECParameters_print                      3437	EXIST::FUNCTION:BIO,EC
-STORE_method_set_delete_function        3438	EXIST:!VMS:FUNCTION:
-STORE_meth_set_delete_fn                3438	EXIST:VMS:FUNCTION:
-STORE_list_certificate_next             3439	EXIST::FUNCTION:
-ASN1_generate_nconf                     3440	EXIST::FUNCTION:
-BUF_memdup                              3441	EXIST::FUNCTION:
-BN_GF2m_mod_mul                         3442	EXIST::FUNCTION:
-STORE_method_get_list_next_function     3443	EXIST:!VMS:FUNCTION:
-STORE_meth_get_list_next_fn             3443	EXIST:VMS:FUNCTION:
-STORE_ATTR_INFO_get0_dn                 3444	EXIST::FUNCTION:
-STORE_list_private_key_next             3445	EXIST::FUNCTION:
-EC_GROUP_set_seed                       3446	EXIST::FUNCTION:EC
-X509_VERIFY_PARAM_set_trust             3447	EXIST::FUNCTION:
-STORE_ATTR_INFO_free                    3448	EXIST::FUNCTION:
-STORE_get_private_key                   3449	EXIST::FUNCTION:
-STORE_ATTR_INFO_new                     3450	EXIST::FUNCTION:
-EC_GROUP_get_curve_GF2m                 3451	EXIST::FUNCTION:EC
-STORE_method_set_revoke_function        3452	EXIST:!VMS:FUNCTION:
-STORE_meth_set_revoke_fn                3452	EXIST:VMS:FUNCTION:
-STORE_store_number                      3453	EXIST::FUNCTION:
-BN_is_prime_ex                          3454	EXIST::FUNCTION:
-STORE_revoke_public_key                 3455	EXIST::FUNCTION:
-X509_STORE_CTX_get0_param               3456	EXIST::FUNCTION:
-STORE_delete_arbitrary                  3457	EXIST::FUNCTION:
-PEM_read_X509_CERT_PAIR                 3458	EXIST:!WIN16:FUNCTION:
-X509_STORE_set_depth                    3459	EXIST::FUNCTION:
-ECDSA_get_ex_data                       3460	EXIST::FUNCTION:ECDSA
-SHA224                                  3461	EXIST::FUNCTION:SHA,SHA256
-BIO_dump_indent_fp                      3462	EXIST::FUNCTION:FP_API
-BUF_strndup                             3463	EXIST::FUNCTION:
-STORE_list_certificate_start            3464	EXIST::FUNCTION:
-BN_GF2m_mod                             3465	EXIST::FUNCTION:
-X509_REQ_check_private_key              3466	EXIST::FUNCTION:
-EC_GROUP_get_seed_len                   3467	EXIST::FUNCTION:EC
-ERR_load_STORE_strings                  3468	EXIST::FUNCTION:
-PEM_read_bio_EC_PUBKEY                  3469	EXIST::FUNCTION:EC
-STORE_list_private_key_end              3470	EXIST::FUNCTION:
-i2d_EC_PUBKEY                           3471	EXIST::FUNCTION:EC
-ECDSA_get_default_method                3472	EXIST::FUNCTION:ECDSA
-ASN1_put_eoc                            3473	EXIST::FUNCTION:
-X509_STORE_CTX_get_explicit_policy      3474	EXIST:!VMS:FUNCTION:
-X509_STORE_CTX_get_expl_policy          3474	EXIST:VMS:FUNCTION:
-ECDSA_DATA_free                         3475	EXIST::FUNCTION:ECDSA
-X509_VERIFY_PARAM_table_cleanup         3476	EXIST::FUNCTION:
-STORE_modify_private_key                3477	EXIST::FUNCTION:
-X509_VERIFY_PARAM_free                  3478	EXIST::FUNCTION:
-EC_METHOD_get_field_type                3479	EXIST::FUNCTION:EC
-EC_GFp_nist_method                      3480	EXIST::FUNCTION:EC
-STORE_method_set_modify_function        3481	EXIST:!VMS:FUNCTION:
-STORE_meth_set_modify_fn                3481	EXIST:VMS:FUNCTION:
-STORE_parse_attrs_next                  3482	EXIST::FUNCTION:
-ENGINE_load_padlock                     3483	EXIST::FUNCTION:ENGINE
-X509_CERT_PAIR_it                       3484	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-X509_CERT_PAIR_it                       3484	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-STORE_method_get_revoke_function        3485	EXIST:!VMS:FUNCTION:
-STORE_meth_get_revoke_fn                3485	EXIST:VMS:FUNCTION:
-STORE_method_set_get_function           3486	EXIST::FUNCTION:
-STORE_modify_number                     3487	EXIST::FUNCTION:
-STORE_method_get_store_function         3488	EXIST::FUNCTION:
-STORE_store_private_key                 3489	EXIST::FUNCTION:
-BN_GF2m_mod_sqr_arr                     3490	EXIST::FUNCTION:
-STORE_Memory                            3491	EXIST::FUNCTION:
-sk_find_ex                              3492	EXIST::FUNCTION:
-EC_GROUP_set_curve_GF2m                 3493	EXIST::FUNCTION:EC
-ENGINE_set_default_ECDSA                3494	EXIST::FUNCTION:ENGINE
-POLICY_CONSTRAINTS_new                  3495	EXIST::FUNCTION:
-BN_GF2m_mod_sqrt                        3496	EXIST::FUNCTION:
-ECDH_set_default_method                 3497	EXIST::FUNCTION:ECDH
-EC_KEY_generate_key                     3498	EXIST::FUNCTION:EC
-SHA384_Update                           3499	EXIST::FUNCTION:SHA,SHA512
-BN_GF2m_arr2poly                        3500	EXIST::FUNCTION:
-STORE_method_get_get_function           3501	EXIST::FUNCTION:
-STORE_method_set_cleanup_function       3502	EXIST:!VMS:FUNCTION:
-STORE_meth_set_cleanup_fn               3502	EXIST:VMS:FUNCTION:
-EC_GROUP_check                          3503	EXIST::FUNCTION:EC
-d2i_ECPrivateKey_bio                    3504	EXIST::FUNCTION:BIO,EC
-STORE_method_get_lock_store_function    3505	EXIST:!VMS:FUNCTION:
-STORE_meth_get_lock_store_fn            3505	EXIST:VMS:FUNCTION:
-X509_VERIFY_PARAM_get_depth             3506	EXIST::FUNCTION:
-EVP_aes_192_cfb128                      3507	EXIST::FUNCTION:AES
-SHA224_Final                            3508	EXIST::FUNCTION:SHA,SHA256
-STORE_method_set_update_store_function  3509	EXIST:!VMS:FUNCTION:
-STORE_meth_set_update_store_fn          3509	EXIST:VMS:FUNCTION:
-SHA224_Update                           3510	EXIST::FUNCTION:SHA,SHA256
-d2i_ECPrivateKey                        3511	EXIST::FUNCTION:EC
-ASN1_item_ndef_i2d                      3512	EXIST::FUNCTION:
-STORE_delete_private_key                3513	EXIST::FUNCTION:
-ERR_pop_to_mark                         3514	EXIST::FUNCTION:
-ENGINE_register_all_STORE               3515	EXIST::FUNCTION:ENGINE
-X509_policy_level_get0_node             3516	EXIST::FUNCTION:
-i2d_PKCS7_NDEF                          3517	EXIST::FUNCTION:
-EC_GROUP_get_degree                     3518	EXIST::FUNCTION:EC
-ASN1_generate_v3                        3519	EXIST::FUNCTION:
-STORE_ATTR_INFO_modify_cstr             3520	EXIST::FUNCTION:
-X509_policy_tree_level_count            3521	EXIST::FUNCTION:
-BN_GF2m_add                             3522	EXIST::FUNCTION:
-STORE_generate_crl                      3523	EXIST::FUNCTION:
-STORE_store_public_key                  3524	EXIST::FUNCTION:
-X509_CERT_PAIR_free                     3525	EXIST::FUNCTION:
-STORE_revoke_private_key                3526	EXIST::FUNCTION:
-BN_nist_mod_224                         3527	EXIST::FUNCTION:
-SHA512_Final                            3528	EXIST::FUNCTION:SHA,SHA512
-STORE_ATTR_INFO_modify_dn               3529	EXIST::FUNCTION:
-STORE_method_get_initialise_function    3530	EXIST:!VMS:FUNCTION:
-STORE_meth_get_initialise_fn            3530	EXIST:VMS:FUNCTION:
-STORE_delete_number                     3531	EXIST::FUNCTION:
-i2d_EC_PUBKEY_bio                       3532	EXIST::FUNCTION:BIO,EC
-EC_GROUP_get_asn1_flag                  3533	EXIST::FUNCTION:EC
-STORE_ATTR_INFO_in_ex                   3534	EXIST::FUNCTION:
-STORE_list_crl_start                    3535	EXIST::FUNCTION:
-ECDH_get_ex_new_index                   3536	EXIST::FUNCTION:ECDH
-STORE_method_get_modify_function        3537	EXIST:!VMS:FUNCTION:
-STORE_meth_get_modify_fn                3537	EXIST:VMS:FUNCTION:
-v2i_ASN1_BIT_STRING                     3538	EXIST::FUNCTION:
-STORE_store_certificate                 3539	EXIST::FUNCTION:
-OBJ_bsearch_ex                          3540	EXIST::FUNCTION:
-X509_STORE_CTX_set_default              3541	EXIST::FUNCTION:
-STORE_ATTR_INFO_set_sha1str             3542	EXIST::FUNCTION:
-BN_GF2m_mod_inv                         3543	EXIST::FUNCTION:
-BN_GF2m_mod_exp                         3544	EXIST::FUNCTION:
-STORE_modify_public_key                 3545	EXIST::FUNCTION:
-STORE_method_get_list_start_function    3546	EXIST:!VMS:FUNCTION:
-STORE_meth_get_list_start_fn            3546	EXIST:VMS:FUNCTION:
-EC_GROUP_get0_seed                      3547	EXIST::FUNCTION:EC
-ecdsa_check                             3548	EXIST::FUNCTION:ECDSA
-STORE_store_arbitrary                   3549	EXIST::FUNCTION:
-STORE_method_set_unlock_store_function  3550	EXIST:!VMS:FUNCTION:
-STORE_meth_set_unlock_store_fn          3550	EXIST:VMS:FUNCTION:
-BN_GF2m_mod_div_arr                     3551	EXIST::FUNCTION:
-ENGINE_set_ECDSA                        3552	EXIST::FUNCTION:ENGINE
-STORE_create_method                     3553	EXIST::FUNCTION:
-ECPKParameters_print                    3554	EXIST::FUNCTION:BIO,EC
-PEM_write_EC_PUBKEY                     3555	EXIST:!WIN16:FUNCTION:EC
-X509_VERIFY_PARAM_set1                  3556	EXIST::FUNCTION:
-ECDH_set_method                         3557	EXIST::FUNCTION:ECDH
-v2i_GENERAL_NAME_ex                     3558	EXIST::FUNCTION:
-ECDH_set_ex_data                        3559	EXIST::FUNCTION:ECDH
-STORE_generate_key                      3560	EXIST::FUNCTION:
-BN_nist_mod_521                         3561	EXIST::FUNCTION:
-X509_policy_tree_get0_level             3562	EXIST::FUNCTION:
-EC_GROUP_set_point_conversion_form      3563	EXIST:!VMS:FUNCTION:EC
-EC_GROUP_set_point_conv_form            3563	EXIST:VMS:FUNCTION:EC
-PEM_read_EC_PUBKEY                      3564	EXIST:!WIN16:FUNCTION:EC
-i2d_ECDSA_SIG                           3565	EXIST::FUNCTION:ECDSA
-ECDSA_OpenSSL                           3566	EXIST::FUNCTION:ECDSA
-STORE_delete_crl                        3567	EXIST::FUNCTION:
-ASN1_const_check_infinite_end           3568	EXIST::FUNCTION:
-ECDSA_set_default_method                3569	EXIST::FUNCTION:ECDSA
-EC_POINT_set_compressed_coordinates_GF2m 3570	EXIST:!VMS:FUNCTION:EC
-EC_POINT_set_compr_coords_GF2m          3570	EXIST:VMS:FUNCTION:EC
-EC_GROUP_cmp                            3571	EXIST::FUNCTION:EC
-STORE_revoke_certificate                3572	EXIST::FUNCTION:
-ECDH_DATA_new_method                    3573	EXIST::FUNCTION:ECDH
-BN_get0_nist_prime_256                  3574	EXIST::FUNCTION:
-STORE_method_get_delete_function        3575	EXIST:!VMS:FUNCTION:
-STORE_meth_get_delete_fn                3575	EXIST:VMS:FUNCTION:
-SHA224_Init                             3576	EXIST::FUNCTION:SHA,SHA256
-PEM_read_ECPrivateKey                   3577	EXIST:!WIN16:FUNCTION:EC
-SHA512_Init                             3578	EXIST::FUNCTION:SHA,SHA512
-STORE_parse_attrs_endp                  3579	EXIST::FUNCTION:
-ERR_load_ECDSA_strings                  3580	EXIST::FUNCTION:ECDSA
-EC_GROUP_get_basis_type                 3581	EXIST::FUNCTION:EC
-ECDH_DATA_new                           3582	EXIST::FUNCTION:ECDH
-STORE_list_public_key_next              3583	EXIST::FUNCTION:
-i2v_ASN1_BIT_STRING                     3584	EXIST::FUNCTION:
-STORE_OBJECT_free                       3585	EXIST::FUNCTION:
-BN_nist_mod_384                         3586	EXIST::FUNCTION:
-i2d_X509_CERT_PAIR                      3587	EXIST::FUNCTION:
-PEM_write_ECPKParameters                3588	EXIST:!WIN16:FUNCTION:EC
-ECDH_compute_key                        3589	EXIST::FUNCTION:ECDH
-STORE_ATTR_INFO_get0_sha1str            3590	EXIST::FUNCTION:
-ENGINE_register_all_ECDH                3591	EXIST::FUNCTION:ENGINE
-STORE_ATTR_INFO_get0_cstr               3592	EXIST::FUNCTION:
-POLICY_CONSTRAINTS_it                   3593	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-POLICY_CONSTRAINTS_it                   3593	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-STORE_get_ex_new_index                  3594	EXIST::FUNCTION:
-X509_VERIFY_PARAM_add0_policy           3595	EXIST::FUNCTION:
-BN_GF2m_mod_solve_quad                  3596	EXIST::FUNCTION:
-SHA256                                  3597	EXIST::FUNCTION:SHA,SHA256
-i2d_ECPrivateKey_fp                     3598	EXIST::FUNCTION:EC,FP_API
-X509_policy_tree_get0_user_policies     3599	EXIST:!VMS:FUNCTION:
-X509_pcy_tree_get0_usr_policies         3599	EXIST:VMS:FUNCTION:
-OPENSSL_DIR_read                        3600	EXIST::FUNCTION:
-ENGINE_register_all_ECDSA               3601	EXIST::FUNCTION:ENGINE
-X509_VERIFY_PARAM_lookup                3602	EXIST::FUNCTION:
-EC_POINT_get_affine_coordinates_GF2m    3603	EXIST:!VMS:FUNCTION:EC
-EC_POINT_get_affine_coords_GF2m         3603	EXIST:VMS:FUNCTION:EC
-EC_GROUP_dup                            3604	EXIST::FUNCTION:EC
-ENGINE_get_default_ECDSA                3605	EXIST::FUNCTION:ENGINE
-EC_KEY_new                              3606	EXIST::FUNCTION:EC
-SHA256_Transform                        3607	EXIST::FUNCTION:SHA,SHA256
-ECDSA_verify                            3608	EXIST::FUNCTION:ECDSA
-EC_POINT_point2hex                      3609	EXIST::FUNCTION:EC
-ENGINE_get_STORE                        3610	EXIST::FUNCTION:ENGINE
-SHA512                                  3611	EXIST::FUNCTION:SHA,SHA512
-STORE_get_certificate                   3612	EXIST::FUNCTION:
-ECDSA_do_verify                         3613	EXIST::FUNCTION:ECDSA
-d2i_ECPrivateKey_fp                     3614	EXIST::FUNCTION:EC,FP_API
-STORE_delete_certificate                3615	EXIST::FUNCTION:
-SHA512_Transform                        3616	EXIST::FUNCTION:SHA,SHA512
-X509_STORE_set1_param                   3617	EXIST::FUNCTION:
-STORE_method_get_ctrl_function          3618	EXIST::FUNCTION:
-STORE_free                              3619	EXIST::FUNCTION:
-PEM_write_ECPrivateKey                  3620	EXIST:!WIN16:FUNCTION:EC
-STORE_method_get_unlock_store_function  3621	EXIST:!VMS:FUNCTION:
-STORE_meth_get_unlock_store_fn          3621	EXIST:VMS:FUNCTION:
-STORE_get_ex_data                       3622	EXIST::FUNCTION:
-PEM_read_ECPKParameters                 3623	EXIST:!WIN16:FUNCTION:EC
-X509_CERT_PAIR_new                      3624	EXIST::FUNCTION:
-ENGINE_register_STORE                   3625	EXIST::FUNCTION:ENGINE
-RSA_generate_key_ex                     3626	EXIST::FUNCTION:RSA
-DSA_generate_parameters_ex              3627	EXIST::FUNCTION:DSA
-ECParameters_print_fp                   3628	EXIST::FUNCTION:EC,FP_API
-X509V3_NAME_from_section                3629	EXIST::FUNCTION:
-STORE_modify_crl                        3630	EXIST::FUNCTION:
-STORE_list_private_key_start            3631	EXIST::FUNCTION:
-POLICY_MAPPINGS_it                      3632	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-POLICY_MAPPINGS_it                      3632	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-GENERAL_SUBTREE_it                      3633	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
-GENERAL_SUBTREE_it                      3633	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
-ECDH_DATA_free                          3634	EXIST::FUNCTION:ECDH
-PEM_write_X509_CERT_PAIR                3635	EXIST:!WIN16:FUNCTION:
-BIO_dump_indent_cb                      3636	EXIST::FUNCTION:
-d2i_X509_CERT_PAIR                      3637	EXIST::FUNCTION:
-STORE_list_private_key_endp             3638	EXIST::FUNCTION:
-asn1_const_Finish                       3639	EXIST::FUNCTION:
-i2d_EC_PUBKEY_fp                        3640	EXIST::FUNCTION:EC,FP_API
-BN_nist_mod_256                         3641	EXIST::FUNCTION:
-ECDSA_DATA_new                          3642	EXIST::FUNCTION:ECDSA
-X509_VERIFY_PARAM_add0_table            3643	EXIST::FUNCTION:
-EVP_sha256                              3644	EXIST::FUNCTION:SHA,SHA256
-ECDSA_size                              3645	EXIST::FUNCTION:ECDSA
-d2i_EC_PUBKEY_bio                       3646	EXIST::FUNCTION:BIO,EC
-BN_get0_nist_prime_521                  3647	EXIST::FUNCTION:
-STORE_ATTR_INFO_modify_sha1str          3648	EXIST::FUNCTION:
-BN_generate_prime_ex                    3649	EXIST::FUNCTION:
-SHA256_Final                            3650	EXIST::FUNCTION:SHA,SHA256
-DH_generate_parameters_ex               3651	EXIST::FUNCTION:DH
-PEM_read_bio_ECPrivateKey               3652	EXIST::FUNCTION:EC
-STORE_method_get_cleanup_function       3653	EXIST:!VMS:FUNCTION:
-STORE_meth_get_cleanup_fn               3653	EXIST:VMS:FUNCTION:
-ENGINE_get_ECDH                         3654	EXIST::FUNCTION:ENGINE
-d2i_ECDSA_SIG                           3655	EXIST::FUNCTION:ECDSA
-BN_is_prime_fasttest_ex                 3656	EXIST::FUNCTION:
-ECDSA_sign                              3657	EXIST::FUNCTION:ECDSA
-X509_policy_check                       3658	EXIST::FUNCTION:
-STORE_set_ex_data                       3659	EXIST::FUNCTION:
-ENGINE_get_ECDSA                        3660	EXIST::FUNCTION:ENGINE
-EVP_ecdsa                               3661	EXIST::FUNCTION:SHA
-PKCS12_add_cert                         3662	EXIST::FUNCTION:
-STORE_OBJECT_new                        3663	EXIST::FUNCTION:
-ERR_load_ECDH_strings                   3664	EXIST::FUNCTION:ECDH
-EC_KEY_dup                              3665	EXIST::FUNCTION:EC
-EVP_CIPHER_CTX_rand_key                 3666	EXIST::FUNCTION:
-ECDSA_set_method                        3667	EXIST::FUNCTION:ECDSA
-a2i_IPADDRESS_NC                        3668	EXIST::FUNCTION:
-d2i_ECParameters                        3669	EXIST::FUNCTION:EC
-STORE_list_certificate_end              3670	EXIST::FUNCTION:
-STORE_get_crl                           3671	EXIST::FUNCTION:
-X509_POLICY_NODE_print                  3672	EXIST::FUNCTION:
-SHA384_Init                             3673	EXIST::FUNCTION:SHA,SHA512
-EC_GF2m_simple_method                   3674	EXIST::FUNCTION:EC
-ECDSA_set_ex_data                       3675	EXIST::FUNCTION:ECDSA
-SHA384_Final                            3676	EXIST::FUNCTION:SHA,SHA512
-PKCS7_set_digest                        3677	EXIST::FUNCTION:
-EC_KEY_print                            3678	EXIST::FUNCTION:BIO,EC
-STORE_method_set_lock_store_function    3679	EXIST:!VMS:FUNCTION:
-STORE_meth_set_lock_store_fn            3679	EXIST:VMS:FUNCTION:
-ECDSA_get_ex_new_index                  3680	EXIST::FUNCTION:ECDSA
-SHA384                                  3681	EXIST::FUNCTION:SHA,SHA512
-POLICY_MAPPING_new                      3682	EXIST::FUNCTION:
-STORE_list_certificate_endp             3683	EXIST::FUNCTION:
-X509_STORE_CTX_get0_policy_tree         3684	EXIST::FUNCTION:
-EC_GROUP_set_asn1_flag                  3685	EXIST::FUNCTION:EC
-EC_KEY_check_key                        3686	EXIST::FUNCTION:EC
-d2i_EC_PUBKEY_fp                        3687	EXIST::FUNCTION:EC,FP_API
-PKCS7_set0_type_other                   3688	EXIST::FUNCTION:
-ecdh_check                              3689	EXIST::FUNCTION:ECDH
-ECDSA_DATA_new_method                   3690	EXIST::FUNCTION:ECDSA
-PEM_read_bio_X509_CERT_PAIR             3691	EXIST::FUNCTION:
-STORE_method_get_list_end_function      3692	EXIST:!VMS:FUNCTION:
-STORE_meth_get_list_end_fn              3692	EXIST:VMS:FUNCTION:
-X509_VERIFY_PARAM_set_time              3693	EXIST::FUNCTION:
-ENGINE_set_default_ECDH                 3694	EXIST::FUNCTION:ENGINE
-STORE_new_method                        3695	EXIST::FUNCTION:
-PKCS12_add_key                          3696	EXIST::FUNCTION:
-DSO_merge                               3697	EXIST::FUNCTION:
-EC_POINT_hex2point                      3698	EXIST::FUNCTION:EC
-BIO_dump_cb                             3699	EXIST::FUNCTION:
-SHA256_Update                           3700	EXIST::FUNCTION:SHA,SHA256
-BN_GF2m_mod_inv_arr                     3701	EXIST::FUNCTION:
-ENGINE_unregister_ECDSA                 3702	EXIST::FUNCTION:ENGINE
+private_idea_set_encrypt_key            3287	NOEXIST::FUNCTION:
+HMAC_CTX_set_flags                      3288	EXIST::FUNCTION:HMAC
+private_SHA_Init                        3289	NOEXIST::FUNCTION:
+private_CAST_set_key                    3290	NOEXIST::FUNCTION:
+private_RIPEMD160_Init                  3291	NOEXIST::FUNCTION:
+private_RC5_32_set_key                  3292	NOEXIST::FUNCTION:
+private_MD5_Init                        3293	NOEXIST::FUNCTION:
+private_RC4_set_key                     3294	NOEXIST::FUNCTION:
+private_MDC2_Init                       3295	NOEXIST::FUNCTION:
+private_RC2_set_key                     3296	NOEXIST::FUNCTION:
+private_MD4_Init                        3297	NOEXIST::FUNCTION:
+private_BF_set_key                      3298	NOEXIST::FUNCTION:
+private_MD2_Init                        3299	NOEXIST::FUNCTION:
+d2i_PROXY_CERT_INFO_EXTENSION           3300	EXIST::FUNCTION:
+PROXY_POLICY_it                         3301	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+PROXY_POLICY_it                         3301	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+i2d_PROXY_POLICY                        3302	EXIST::FUNCTION:
+i2d_PROXY_CERT_INFO_EXTENSION           3303	EXIST::FUNCTION:
+d2i_PROXY_POLICY                        3304	EXIST::FUNCTION:
+PROXY_CERT_INFO_EXTENSION_new           3305	EXIST::FUNCTION:
+PROXY_CERT_INFO_EXTENSION_free          3306	EXIST::FUNCTION:
+PROXY_CERT_INFO_EXTENSION_it            3307	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+PROXY_CERT_INFO_EXTENSION_it            3307	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+PROXY_POLICY_free                       3308	EXIST::FUNCTION:
+PROXY_POLICY_new                        3309	EXIST::FUNCTION:
+BN_MONT_CTX_set_locked                  3310	EXIST::FUNCTION:
+FIPS_selftest_rng                       3311	NOEXIST::FUNCTION:
+EVP_sha384                              3312	EXIST:!VMSVAX:FUNCTION:SHA,SHA512
+EVP_sha512                              3313	EXIST:!VMSVAX:FUNCTION:SHA,SHA512
+EVP_sha224                              3314	EXIST::FUNCTION:SHA,SHA256
+EVP_sha256                              3315	EXIST::FUNCTION:SHA,SHA256
+FIPS_selftest_hmac                      3316	NOEXIST::FUNCTION:
+FIPS_corrupt_rng                        3317	NOEXIST::FUNCTION:
+BN_mod_exp_mont_consttime               3318	EXIST::FUNCTION:
+RSA_X931_hash_id                        3319	EXIST::FUNCTION:RSA
+RSA_padding_check_X931                  3320	EXIST::FUNCTION:RSA
+RSA_verify_PKCS1_PSS                    3321	EXIST::FUNCTION:RSA
+RSA_padding_add_X931                    3322	EXIST::FUNCTION:RSA
+RSA_padding_add_PKCS1_PSS               3323	EXIST::FUNCTION:RSA
+PKCS1_MGF1                              3324	EXIST::FUNCTION:RSA
+BN_X931_generate_Xpq                    3325	NOEXIST::FUNCTION:
+RSA_X931_generate_key                   3326	NOEXIST::FUNCTION:
+BN_X931_derive_prime                    3327	NOEXIST::FUNCTION:
+BN_X931_generate_prime                  3328	NOEXIST::FUNCTION:
+RSA_X931_derive                         3329	NOEXIST::FUNCTION:
+BIO_new_dgram                           3330	EXIST::FUNCTION:
+BN_get0_nist_prime_384                  3331	EXIST::FUNCTION:
+ERR_set_mark                            3332	EXIST::FUNCTION:
+X509_STORE_CTX_set0_crls                3333	EXIST::FUNCTION:
+ENGINE_set_STORE                        3334	EXIST::FUNCTION:ENGINE
+ENGINE_register_ECDSA                   3335	EXIST::FUNCTION:ENGINE
+STORE_meth_set_list_start_fn            3336	NOEXIST::FUNCTION:
+STORE_method_set_list_start_function    3336	NOEXIST::FUNCTION:
+BN_BLINDING_invert_ex                   3337	EXIST::FUNCTION:
+NAME_CONSTRAINTS_free                   3338	EXIST::FUNCTION:
+STORE_ATTR_INFO_set_number              3339	NOEXIST::FUNCTION:
+BN_BLINDING_get_thread_id               3340	EXIST::FUNCTION:DEPRECATED
+X509_STORE_CTX_set0_param               3341	EXIST::FUNCTION:
+POLICY_MAPPING_it                       3342	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+POLICY_MAPPING_it                       3342	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+STORE_parse_attrs_start                 3343	NOEXIST::FUNCTION:
+POLICY_CONSTRAINTS_free                 3344	EXIST::FUNCTION:
+EVP_PKEY_add1_attr_by_NID               3345	EXIST::FUNCTION:
+BN_nist_mod_192                         3346	EXIST::FUNCTION:
+EC_GROUP_get_trinomial_basis            3347	EXIST::FUNCTION:EC
+STORE_set_method                        3348	NOEXIST::FUNCTION:
+GENERAL_SUBTREE_free                    3349	EXIST::FUNCTION:
+NAME_CONSTRAINTS_it                     3350	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+NAME_CONSTRAINTS_it                     3350	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ECDH_get_default_method                 3351	EXIST::FUNCTION:ECDH
+PKCS12_add_safe                         3352	EXIST::FUNCTION:
+EC_KEY_new_by_curve_name                3353	EXIST::FUNCTION:EC
+STORE_meth_get_update_store_fn          3354	NOEXIST::FUNCTION:
+STORE_method_get_update_store_function  3354	NOEXIST::FUNCTION:
+ENGINE_register_ECDH                    3355	EXIST::FUNCTION:ENGINE
+SHA512_Update                           3356	EXIST:!VMSVAX:FUNCTION:SHA,SHA512
+i2d_ECPrivateKey                        3357	EXIST::FUNCTION:EC
+BN_get0_nist_prime_192                  3358	EXIST::FUNCTION:
+STORE_modify_certificate                3359	NOEXIST::FUNCTION:
+EC_POINT_set_affine_coordinates_GF2m    3360	EXIST:!VMS:FUNCTION:EC
+EC_POINT_set_affine_coords_GF2m         3360	EXIST:VMS:FUNCTION:EC
+BN_GF2m_mod_exp_arr                     3361	EXIST::FUNCTION:
+STORE_ATTR_INFO_modify_number           3362	NOEXIST::FUNCTION:
+X509_keyid_get0                         3363	EXIST::FUNCTION:
+ENGINE_load_gmp                         3364	EXIST::FUNCTION:ENGINE,GMP,STATIC_ENGINE
+pitem_new                               3365	EXIST::FUNCTION:
+BN_GF2m_mod_mul_arr                     3366	EXIST::FUNCTION:
+STORE_list_public_key_endp              3367	NOEXIST::FUNCTION:
+o2i_ECPublicKey                         3368	EXIST::FUNCTION:EC
+EC_KEY_copy                             3369	EXIST::FUNCTION:EC
+BIO_dump_fp                             3370	EXIST::FUNCTION:FP_API
+X509_policy_node_get0_parent            3371	EXIST::FUNCTION:
+EC_GROUP_check_discriminant             3372	EXIST::FUNCTION:EC
+i2o_ECPublicKey                         3373	EXIST::FUNCTION:EC
+EC_KEY_precompute_mult                  3374	EXIST::FUNCTION:EC
+a2i_IPADDRESS                           3375	EXIST::FUNCTION:
+STORE_meth_set_initialise_fn            3376	NOEXIST::FUNCTION:
+STORE_method_set_initialise_function    3376	NOEXIST::FUNCTION:
+X509_STORE_CTX_set_depth                3377	EXIST::FUNCTION:
+X509_VERIFY_PARAM_inherit               3378	EXIST::FUNCTION:
+EC_POINT_point2bn                       3379	EXIST::FUNCTION:EC
+STORE_ATTR_INFO_set_dn                  3380	NOEXIST::FUNCTION:
+X509_policy_tree_get0_policies          3381	EXIST::FUNCTION:
+EC_GROUP_new_curve_GF2m                 3382	EXIST::FUNCTION:EC
+STORE_destroy_method                    3383	NOEXIST::FUNCTION:
+ENGINE_unregister_STORE                 3384	EXIST::FUNCTION:ENGINE
+EVP_PKEY_get1_EC_KEY                    3385	EXIST::FUNCTION:EC
+STORE_ATTR_INFO_get0_number             3386	NOEXIST::FUNCTION:
+ENGINE_get_default_ECDH                 3387	EXIST::FUNCTION:ENGINE
+EC_KEY_get_conv_form                    3388	EXIST::FUNCTION:EC
+ASN1_OCTET_STRING_NDEF_it               3389	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ASN1_OCTET_STRING_NDEF_it               3389	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+STORE_delete_public_key                 3390	NOEXIST::FUNCTION:
+STORE_get_public_key                    3391	NOEXIST::FUNCTION:
+STORE_modify_arbitrary                  3392	NOEXIST::FUNCTION:
+ENGINE_get_static_state                 3393	EXIST::FUNCTION:ENGINE
+pqueue_iterator                         3394	EXIST::FUNCTION:
+ECDSA_SIG_new                           3395	EXIST::FUNCTION:ECDSA
+OPENSSL_DIR_end                         3396	EXIST::FUNCTION:
+BN_GF2m_mod_sqr                         3397	EXIST::FUNCTION:
+EC_POINT_bn2point                       3398	EXIST::FUNCTION:EC
+X509_VERIFY_PARAM_set_depth             3399	EXIST::FUNCTION:
+EC_KEY_set_asn1_flag                    3400	EXIST::FUNCTION:EC
+STORE_get_method                        3401	NOEXIST::FUNCTION:
+EC_KEY_get_key_method_data              3402	EXIST::FUNCTION:EC
+ECDSA_sign_ex                           3403	EXIST::FUNCTION:ECDSA
+STORE_parse_attrs_end                   3404	NOEXIST::FUNCTION:
+EC_GROUP_get_point_conversion_form      3405	EXIST:!VMS:FUNCTION:EC
+EC_GROUP_get_point_conv_form            3405	EXIST:VMS:FUNCTION:EC
+STORE_method_set_store_function         3406	NOEXIST::FUNCTION:
+STORE_ATTR_INFO_in                      3407	NOEXIST::FUNCTION:
+PEM_read_bio_ECPKParameters             3408	EXIST::FUNCTION:EC
+EC_GROUP_get_pentanomial_basis          3409	EXIST::FUNCTION:EC
+EVP_PKEY_add1_attr_by_txt               3410	EXIST::FUNCTION:
+BN_BLINDING_set_flags                   3411	EXIST::FUNCTION:
+X509_VERIFY_PARAM_set1_policies         3412	EXIST::FUNCTION:
+X509_VERIFY_PARAM_set1_name             3413	EXIST::FUNCTION:
+X509_VERIFY_PARAM_set_purpose           3414	EXIST::FUNCTION:
+STORE_get_number                        3415	NOEXIST::FUNCTION:
+ECDSA_sign_setup                        3416	EXIST::FUNCTION:ECDSA
+BN_GF2m_mod_solve_quad_arr              3417	EXIST::FUNCTION:
+EC_KEY_up_ref                           3418	EXIST::FUNCTION:EC
+POLICY_MAPPING_free                     3419	EXIST::FUNCTION:
+BN_GF2m_mod_div                         3420	EXIST::FUNCTION:
+X509_VERIFY_PARAM_set_flags             3421	EXIST::FUNCTION:
+EC_KEY_free                             3422	EXIST::FUNCTION:EC
+STORE_meth_set_list_next_fn             3423	NOEXIST::FUNCTION:
+STORE_method_set_list_next_function     3423	NOEXIST::FUNCTION:
+PEM_write_bio_ECPrivateKey              3424	EXIST::FUNCTION:EC
+d2i_EC_PUBKEY                           3425	EXIST::FUNCTION:EC
+STORE_meth_get_generate_fn              3426	NOEXIST::FUNCTION:
+STORE_method_get_generate_function      3426	NOEXIST::FUNCTION:
+STORE_meth_set_list_end_fn              3427	NOEXIST::FUNCTION:
+STORE_method_set_list_end_function      3427	NOEXIST::FUNCTION:
+pqueue_print                            3428	EXIST::FUNCTION:
+EC_GROUP_have_precompute_mult           3429	EXIST::FUNCTION:EC
+EC_KEY_print_fp                         3430	EXIST::FUNCTION:EC,FP_API
+BN_GF2m_mod_arr                         3431	EXIST::FUNCTION:
+PEM_write_bio_X509_CERT_PAIR            3432	EXIST::FUNCTION:
+EVP_PKEY_cmp                            3433	EXIST::FUNCTION:
+X509_policy_level_node_count            3434	EXIST::FUNCTION:
+STORE_new_engine                        3435	NOEXIST::FUNCTION:
+STORE_list_public_key_start             3436	NOEXIST::FUNCTION:
+X509_VERIFY_PARAM_new                   3437	EXIST::FUNCTION:
+ECDH_get_ex_data                        3438	EXIST::FUNCTION:ECDH
+EVP_PKEY_get_attr                       3439	EXIST::FUNCTION:
+ECDSA_do_sign                           3440	EXIST::FUNCTION:ECDSA
+ENGINE_unregister_ECDH                  3441	EXIST::FUNCTION:ENGINE
+ECDH_OpenSSL                            3442	EXIST::FUNCTION:ECDH
+EC_KEY_set_conv_form                    3443	EXIST::FUNCTION:EC
+EC_POINT_dup                            3444	EXIST::FUNCTION:EC
+GENERAL_SUBTREE_new                     3445	EXIST::FUNCTION:
+STORE_list_crl_endp                     3446	NOEXIST::FUNCTION:
+EC_get_builtin_curves                   3447	EXIST::FUNCTION:EC
+X509_policy_node_get0_qualifiers        3448	EXIST:!VMS:FUNCTION:
+X509_pcy_node_get0_qualifiers           3448	EXIST:VMS:FUNCTION:
+STORE_list_crl_end                      3449	NOEXIST::FUNCTION:
+EVP_PKEY_set1_EC_KEY                    3450	EXIST::FUNCTION:EC
+BN_GF2m_mod_sqrt_arr                    3451	EXIST::FUNCTION:
+i2d_ECPrivateKey_bio                    3452	EXIST::FUNCTION:BIO,EC
+ECPKParameters_print_fp                 3453	EXIST::FUNCTION:EC,FP_API
+pqueue_find                             3454	EXIST::FUNCTION:
+ECDSA_SIG_free                          3455	EXIST::FUNCTION:ECDSA
+PEM_write_bio_ECPKParameters            3456	EXIST::FUNCTION:EC
+STORE_method_set_ctrl_function          3457	NOEXIST::FUNCTION:
+STORE_list_public_key_end               3458	NOEXIST::FUNCTION:
+EC_KEY_set_private_key                  3459	EXIST::FUNCTION:EC
+pqueue_peek                             3460	EXIST::FUNCTION:
+STORE_get_arbitrary                     3461	NOEXIST::FUNCTION:
+STORE_store_crl                         3462	NOEXIST::FUNCTION:
+X509_policy_node_get0_policy            3463	EXIST::FUNCTION:
+PKCS12_add_safes                        3464	EXIST::FUNCTION:
+BN_BLINDING_convert_ex                  3465	EXIST::FUNCTION:
+X509_policy_tree_free                   3466	EXIST::FUNCTION:
+OPENSSL_ia32cap_loc                     3467	EXIST::FUNCTION:
+BN_GF2m_poly2arr                        3468	EXIST::FUNCTION:
+STORE_ctrl                              3469	NOEXIST::FUNCTION:
+STORE_ATTR_INFO_compare                 3470	NOEXIST::FUNCTION:
+BN_get0_nist_prime_224                  3471	EXIST::FUNCTION:
+i2d_ECParameters                        3472	EXIST::FUNCTION:EC
+i2d_ECPKParameters                      3473	EXIST::FUNCTION:EC
+BN_GENCB_call                           3474	EXIST::FUNCTION:
+d2i_ECPKParameters                      3475	EXIST::FUNCTION:EC
+STORE_meth_set_generate_fn              3476	NOEXIST::FUNCTION:
+STORE_method_set_generate_function      3476	NOEXIST::FUNCTION:
+ENGINE_set_ECDH                         3477	EXIST::FUNCTION:ENGINE
+NAME_CONSTRAINTS_new                    3478	EXIST::FUNCTION:
+SHA256_Init                             3479	EXIST::FUNCTION:SHA,SHA256
+EC_KEY_get0_public_key                  3480	EXIST::FUNCTION:EC
+PEM_write_bio_EC_PUBKEY                 3481	EXIST::FUNCTION:EC
+STORE_ATTR_INFO_set_cstr                3482	NOEXIST::FUNCTION:
+STORE_list_crl_next                     3483	NOEXIST::FUNCTION:
+STORE_ATTR_INFO_in_range                3484	NOEXIST::FUNCTION:
+ECParameters_print                      3485	EXIST::FUNCTION:BIO,EC
+STORE_meth_set_delete_fn                3486	NOEXIST::FUNCTION:
+STORE_method_set_delete_function        3486	NOEXIST::FUNCTION:
+STORE_list_certificate_next             3487	NOEXIST::FUNCTION:
+ASN1_generate_nconf                     3488	EXIST::FUNCTION:
+BUF_memdup                              3489	EXIST::FUNCTION:
+BN_GF2m_mod_mul                         3490	EXIST::FUNCTION:
+STORE_meth_get_list_next_fn             3491	NOEXIST::FUNCTION:
+STORE_method_get_list_next_function     3491	NOEXIST::FUNCTION:
+STORE_ATTR_INFO_get0_dn                 3492	NOEXIST::FUNCTION:
+STORE_list_private_key_next             3493	NOEXIST::FUNCTION:
+EC_GROUP_set_seed                       3494	EXIST::FUNCTION:EC
+X509_VERIFY_PARAM_set_trust             3495	EXIST::FUNCTION:
+STORE_ATTR_INFO_free                    3496	NOEXIST::FUNCTION:
+STORE_get_private_key                   3497	NOEXIST::FUNCTION:
+EVP_PKEY_get_attr_count                 3498	EXIST::FUNCTION:
+STORE_ATTR_INFO_new                     3499	NOEXIST::FUNCTION:
+EC_GROUP_get_curve_GF2m                 3500	EXIST::FUNCTION:EC
+STORE_meth_set_revoke_fn                3501	NOEXIST::FUNCTION:
+STORE_method_set_revoke_function        3501	NOEXIST::FUNCTION:
+STORE_store_number                      3502	NOEXIST::FUNCTION:
+BN_is_prime_ex                          3503	EXIST::FUNCTION:
+STORE_revoke_public_key                 3504	NOEXIST::FUNCTION:
+X509_STORE_CTX_get0_param               3505	EXIST::FUNCTION:
+STORE_delete_arbitrary                  3506	NOEXIST::FUNCTION:
+PEM_read_X509_CERT_PAIR                 3507	EXIST:!WIN16:FUNCTION:
+X509_STORE_set_depth                    3508	EXIST::FUNCTION:
+ECDSA_get_ex_data                       3509	EXIST::FUNCTION:ECDSA
+SHA224                                  3510	EXIST::FUNCTION:SHA,SHA256
+BIO_dump_indent_fp                      3511	EXIST::FUNCTION:FP_API
+EC_KEY_set_group                        3512	EXIST::FUNCTION:EC
+BUF_strndup                             3513	EXIST::FUNCTION:
+STORE_list_certificate_start            3514	NOEXIST::FUNCTION:
+BN_GF2m_mod                             3515	EXIST::FUNCTION:
+X509_REQ_check_private_key              3516	EXIST::FUNCTION:
+EC_GROUP_get_seed_len                   3517	EXIST::FUNCTION:EC
+ERR_load_STORE_strings                  3518	NOEXIST::FUNCTION:
+PEM_read_bio_EC_PUBKEY                  3519	EXIST::FUNCTION:EC
+STORE_list_private_key_end              3520	NOEXIST::FUNCTION:
+i2d_EC_PUBKEY                           3521	EXIST::FUNCTION:EC
+ECDSA_get_default_method                3522	EXIST::FUNCTION:ECDSA
+ASN1_put_eoc                            3523	EXIST::FUNCTION:
+X509_STORE_CTX_get_explicit_policy      3524	EXIST:!VMS:FUNCTION:
+X509_STORE_CTX_get_expl_policy          3524	EXIST:VMS:FUNCTION:
+X509_VERIFY_PARAM_table_cleanup         3525	EXIST::FUNCTION:
+STORE_modify_private_key                3526	NOEXIST::FUNCTION:
+X509_VERIFY_PARAM_free                  3527	EXIST::FUNCTION:
+EC_METHOD_get_field_type                3528	EXIST::FUNCTION:EC
+EC_GFp_nist_method                      3529	EXIST::FUNCTION:EC
+STORE_meth_set_modify_fn                3530	NOEXIST::FUNCTION:
+STORE_method_set_modify_function        3530	NOEXIST::FUNCTION:
+STORE_parse_attrs_next                  3531	NOEXIST::FUNCTION:
+ENGINE_load_padlock                     3532	EXIST::FUNCTION:ENGINE,STATIC_ENGINE
+EC_GROUP_set_curve_name                 3533	EXIST::FUNCTION:EC
+X509_CERT_PAIR_it                       3534	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+X509_CERT_PAIR_it                       3534	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+STORE_meth_get_revoke_fn                3535	NOEXIST::FUNCTION:
+STORE_method_get_revoke_function        3535	NOEXIST::FUNCTION:
+STORE_method_set_get_function           3536	NOEXIST::FUNCTION:
+STORE_modify_number                     3537	NOEXIST::FUNCTION:
+STORE_method_get_store_function         3538	NOEXIST::FUNCTION:
+STORE_store_private_key                 3539	NOEXIST::FUNCTION:
+BN_GF2m_mod_sqr_arr                     3540	EXIST::FUNCTION:
+RSA_setup_blinding                      3541	EXIST::FUNCTION:RSA
+BIO_s_datagram                          3542	EXIST::FUNCTION:DGRAM
+STORE_Memory                            3543	NOEXIST::FUNCTION:
+sk_find_ex                              3544	EXIST::FUNCTION:
+EC_GROUP_set_curve_GF2m                 3545	EXIST::FUNCTION:EC
+ENGINE_set_default_ECDSA                3546	EXIST::FUNCTION:ENGINE
+POLICY_CONSTRAINTS_new                  3547	EXIST::FUNCTION:
+BN_GF2m_mod_sqrt                        3548	EXIST::FUNCTION:
+ECDH_set_default_method                 3549	EXIST::FUNCTION:ECDH
+EC_KEY_generate_key                     3550	EXIST::FUNCTION:EC
+SHA384_Update                           3551	EXIST:!VMSVAX:FUNCTION:SHA,SHA512
+BN_GF2m_arr2poly                        3552	EXIST::FUNCTION:
+STORE_method_get_get_function           3553	NOEXIST::FUNCTION:
+STORE_meth_set_cleanup_fn               3554	NOEXIST::FUNCTION:
+STORE_method_set_cleanup_function       3554	NOEXIST::FUNCTION:
+EC_GROUP_check                          3555	EXIST::FUNCTION:EC
+d2i_ECPrivateKey_bio                    3556	EXIST::FUNCTION:BIO,EC
+EC_KEY_insert_key_method_data           3557	EXIST::FUNCTION:EC
+STORE_meth_get_lock_store_fn            3558	NOEXIST::FUNCTION:
+STORE_method_get_lock_store_function    3558	NOEXIST::FUNCTION:
+X509_VERIFY_PARAM_get_depth             3559	EXIST::FUNCTION:
+SHA224_Final                            3560	EXIST::FUNCTION:SHA,SHA256
+STORE_meth_set_update_store_fn          3561	NOEXIST::FUNCTION:
+STORE_method_set_update_store_function  3561	NOEXIST::FUNCTION:
+SHA224_Update                           3562	EXIST::FUNCTION:SHA,SHA256
+d2i_ECPrivateKey                        3563	EXIST::FUNCTION:EC
+ASN1_item_ndef_i2d                      3564	EXIST::FUNCTION:
+STORE_delete_private_key                3565	NOEXIST::FUNCTION:
+ERR_pop_to_mark                         3566	EXIST::FUNCTION:
+ENGINE_register_all_STORE               3567	EXIST::FUNCTION:ENGINE
+X509_policy_level_get0_node             3568	EXIST::FUNCTION:
+i2d_PKCS7_NDEF                          3569	EXIST::FUNCTION:
+EC_GROUP_get_degree                     3570	EXIST::FUNCTION:EC
+ASN1_generate_v3                        3571	EXIST::FUNCTION:
+STORE_ATTR_INFO_modify_cstr             3572	NOEXIST::FUNCTION:
+X509_policy_tree_level_count            3573	EXIST::FUNCTION:
+BN_GF2m_add                             3574	EXIST::FUNCTION:
+EC_KEY_get0_group                       3575	EXIST::FUNCTION:EC
+STORE_generate_crl                      3576	NOEXIST::FUNCTION:
+STORE_store_public_key                  3577	NOEXIST::FUNCTION:
+X509_CERT_PAIR_free                     3578	EXIST::FUNCTION:
+STORE_revoke_private_key                3579	NOEXIST::FUNCTION:
+BN_nist_mod_224                         3580	EXIST::FUNCTION:
+SHA512_Final                            3581	EXIST:!VMSVAX:FUNCTION:SHA,SHA512
+STORE_ATTR_INFO_modify_dn               3582	NOEXIST::FUNCTION:
+STORE_meth_get_initialise_fn            3583	NOEXIST::FUNCTION:
+STORE_method_get_initialise_function    3583	NOEXIST::FUNCTION:
+STORE_delete_number                     3584	NOEXIST::FUNCTION:
+i2d_EC_PUBKEY_bio                       3585	EXIST::FUNCTION:BIO,EC
+BIO_dgram_non_fatal_error               3586	EXIST::FUNCTION:
+EC_GROUP_get_asn1_flag                  3587	EXIST::FUNCTION:EC
+STORE_ATTR_INFO_in_ex                   3588	NOEXIST::FUNCTION:
+STORE_list_crl_start                    3589	NOEXIST::FUNCTION:
+ECDH_get_ex_new_index                   3590	EXIST::FUNCTION:ECDH
+STORE_meth_get_modify_fn                3591	NOEXIST::FUNCTION:
+STORE_method_get_modify_function        3591	NOEXIST::FUNCTION:
+v2i_ASN1_BIT_STRING                     3592	EXIST::FUNCTION:
+STORE_store_certificate                 3593	NOEXIST::FUNCTION:
+OBJ_bsearch_ex                          3594	NOEXIST::FUNCTION:
+X509_STORE_CTX_set_default              3595	EXIST::FUNCTION:
+STORE_ATTR_INFO_set_sha1str             3596	NOEXIST::FUNCTION:
+BN_GF2m_mod_inv                         3597	EXIST::FUNCTION:
+BN_GF2m_mod_exp                         3598	EXIST::FUNCTION:
+STORE_modify_public_key                 3599	NOEXIST::FUNCTION:
+STORE_meth_get_list_start_fn            3600	NOEXIST::FUNCTION:
+STORE_method_get_list_start_function    3600	NOEXIST::FUNCTION:
+EC_GROUP_get0_seed                      3601	EXIST::FUNCTION:EC
+STORE_store_arbitrary                   3602	NOEXIST::FUNCTION:
+STORE_meth_set_unlock_store_fn          3603	NOEXIST::FUNCTION:
+STORE_method_set_unlock_store_function  3603	NOEXIST::FUNCTION:
+BN_GF2m_mod_div_arr                     3604	EXIST::FUNCTION:
+ENGINE_set_ECDSA                        3605	EXIST::FUNCTION:ENGINE
+STORE_create_method                     3606	NOEXIST::FUNCTION:
+ECPKParameters_print                    3607	EXIST::FUNCTION:BIO,EC
+EC_KEY_get0_private_key                 3608	EXIST::FUNCTION:EC
+PEM_write_EC_PUBKEY                     3609	EXIST:!WIN16:FUNCTION:EC
+X509_VERIFY_PARAM_set1                  3610	EXIST::FUNCTION:
+ECDH_set_method                         3611	EXIST::FUNCTION:ECDH
+v2i_GENERAL_NAME_ex                     3612	EXIST::FUNCTION:
+ECDH_set_ex_data                        3613	EXIST::FUNCTION:ECDH
+STORE_generate_key                      3614	NOEXIST::FUNCTION:
+BN_nist_mod_521                         3615	EXIST::FUNCTION:
+X509_policy_tree_get0_level             3616	EXIST::FUNCTION:
+EC_GROUP_set_point_conversion_form      3617	EXIST:!VMS:FUNCTION:EC
+EC_GROUP_set_point_conv_form            3617	EXIST:VMS:FUNCTION:EC
+PEM_read_EC_PUBKEY                      3618	EXIST:!WIN16:FUNCTION:EC
+i2d_ECDSA_SIG                           3619	EXIST::FUNCTION:ECDSA
+ECDSA_OpenSSL                           3620	EXIST::FUNCTION:ECDSA
+STORE_delete_crl                        3621	NOEXIST::FUNCTION:
+EC_KEY_get_enc_flags                    3622	EXIST::FUNCTION:EC
+ASN1_const_check_infinite_end           3623	EXIST::FUNCTION:
+EVP_PKEY_delete_attr                    3624	EXIST::FUNCTION:
+ECDSA_set_default_method                3625	EXIST::FUNCTION:ECDSA
+EC_POINT_set_compressed_coordinates_GF2m 3626	EXIST:!VMS:FUNCTION:EC
+EC_POINT_set_compr_coords_GF2m          3626	EXIST:VMS:FUNCTION:EC
+EC_GROUP_cmp                            3627	EXIST::FUNCTION:EC
+STORE_revoke_certificate                3628	NOEXIST::FUNCTION:
+BN_get0_nist_prime_256                  3629	EXIST::FUNCTION:
+STORE_meth_get_delete_fn                3630	NOEXIST::FUNCTION:
+STORE_method_get_delete_function        3630	NOEXIST::FUNCTION:
+SHA224_Init                             3631	EXIST::FUNCTION:SHA,SHA256
+PEM_read_ECPrivateKey                   3632	EXIST:!WIN16:FUNCTION:EC
+SHA512_Init                             3633	EXIST:!VMSVAX:FUNCTION:SHA,SHA512
+STORE_parse_attrs_endp                  3634	NOEXIST::FUNCTION:
+BN_set_negative                         3635	EXIST::FUNCTION:
+ERR_load_ECDSA_strings                  3636	EXIST::FUNCTION:ECDSA
+EC_GROUP_get_basis_type                 3637	EXIST::FUNCTION:EC
+STORE_list_public_key_next              3638	NOEXIST::FUNCTION:
+i2v_ASN1_BIT_STRING                     3639	EXIST::FUNCTION:
+STORE_OBJECT_free                       3640	NOEXIST::FUNCTION:
+BN_nist_mod_384                         3641	EXIST::FUNCTION:
+i2d_X509_CERT_PAIR                      3642	EXIST::FUNCTION:
+PEM_write_ECPKParameters                3643	EXIST:!WIN16:FUNCTION:EC
+ECDH_compute_key                        3644	EXIST::FUNCTION:ECDH
+STORE_ATTR_INFO_get0_sha1str            3645	NOEXIST::FUNCTION:
+ENGINE_register_all_ECDH                3646	EXIST::FUNCTION:ENGINE
+pqueue_pop                              3647	EXIST::FUNCTION:
+STORE_ATTR_INFO_get0_cstr               3648	NOEXIST::FUNCTION:
+POLICY_CONSTRAINTS_it                   3649	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+POLICY_CONSTRAINTS_it                   3649	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+STORE_get_ex_new_index                  3650	NOEXIST::FUNCTION:
+EVP_PKEY_get_attr_by_OBJ                3651	EXIST::FUNCTION:
+X509_VERIFY_PARAM_add0_policy           3652	EXIST::FUNCTION:
+BN_GF2m_mod_solve_quad                  3653	EXIST::FUNCTION:
+SHA256                                  3654	EXIST::FUNCTION:SHA,SHA256
+i2d_ECPrivateKey_fp                     3655	EXIST::FUNCTION:EC,FP_API
+X509_policy_tree_get0_user_policies     3656	EXIST:!VMS:FUNCTION:
+X509_pcy_tree_get0_usr_policies         3656	EXIST:VMS:FUNCTION:
+OPENSSL_DIR_read                        3657	EXIST::FUNCTION:
+ENGINE_register_all_ECDSA               3658	EXIST::FUNCTION:ENGINE
+X509_VERIFY_PARAM_lookup                3659	EXIST::FUNCTION:
+EC_POINT_get_affine_coordinates_GF2m    3660	EXIST:!VMS:FUNCTION:EC
+EC_POINT_get_affine_coords_GF2m         3660	EXIST:VMS:FUNCTION:EC
+EC_GROUP_dup                            3661	EXIST::FUNCTION:EC
+ENGINE_get_default_ECDSA                3662	EXIST::FUNCTION:ENGINE
+EC_KEY_new                              3663	EXIST::FUNCTION:EC
+SHA256_Transform                        3664	EXIST::FUNCTION:SHA,SHA256
+EC_KEY_set_enc_flags                    3665	EXIST::FUNCTION:EC
+ECDSA_verify                            3666	EXIST::FUNCTION:ECDSA
+EC_POINT_point2hex                      3667	EXIST::FUNCTION:EC
+ENGINE_get_STORE                        3668	EXIST::FUNCTION:ENGINE
+SHA512                                  3669	EXIST:!VMSVAX:FUNCTION:SHA,SHA512
+STORE_get_certificate                   3670	NOEXIST::FUNCTION:
+ECDSA_do_sign_ex                        3671	EXIST::FUNCTION:ECDSA
+ECDSA_do_verify                         3672	EXIST::FUNCTION:ECDSA
+d2i_ECPrivateKey_fp                     3673	EXIST::FUNCTION:EC,FP_API
+STORE_delete_certificate                3674	NOEXIST::FUNCTION:
+SHA512_Transform                        3675	EXIST:!VMSVAX:FUNCTION:SHA,SHA512
+X509_STORE_set1_param                   3676	EXIST::FUNCTION:
+STORE_method_get_ctrl_function          3677	NOEXIST::FUNCTION:
+STORE_free                              3678	NOEXIST::FUNCTION:
+PEM_write_ECPrivateKey                  3679	EXIST:!WIN16:FUNCTION:EC
+STORE_meth_get_unlock_store_fn          3680	NOEXIST::FUNCTION:
+STORE_method_get_unlock_store_function  3680	NOEXIST::FUNCTION:
+STORE_get_ex_data                       3681	NOEXIST::FUNCTION:
+EC_KEY_set_public_key                   3682	EXIST::FUNCTION:EC
+PEM_read_ECPKParameters                 3683	EXIST:!WIN16:FUNCTION:EC
+X509_CERT_PAIR_new                      3684	EXIST::FUNCTION:
+ENGINE_register_STORE                   3685	EXIST::FUNCTION:ENGINE
+RSA_generate_key_ex                     3686	EXIST::FUNCTION:RSA
+DSA_generate_parameters_ex              3687	EXIST::FUNCTION:DSA
+ECParameters_print_fp                   3688	EXIST::FUNCTION:EC,FP_API
+X509V3_NAME_from_section                3689	EXIST::FUNCTION:
+EVP_PKEY_add1_attr                      3690	EXIST::FUNCTION:
+STORE_modify_crl                        3691	NOEXIST::FUNCTION:
+STORE_list_private_key_start            3692	NOEXIST::FUNCTION:
+POLICY_MAPPINGS_it                      3693	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+POLICY_MAPPINGS_it                      3693	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+GENERAL_SUBTREE_it                      3694	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+GENERAL_SUBTREE_it                      3694	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+EC_GROUP_get_curve_name                 3695	EXIST::FUNCTION:EC
+PEM_write_X509_CERT_PAIR                3696	EXIST:!WIN16:FUNCTION:
+BIO_dump_indent_cb                      3697	EXIST::FUNCTION:
+d2i_X509_CERT_PAIR                      3698	EXIST::FUNCTION:
+STORE_list_private_key_endp             3699	NOEXIST::FUNCTION:
+asn1_const_Finish                       3700	EXIST::FUNCTION:
+i2d_EC_PUBKEY_fp                        3701	EXIST::FUNCTION:EC,FP_API
+BN_nist_mod_256                         3702	EXIST::FUNCTION:
+X509_VERIFY_PARAM_add0_table            3703	EXIST::FUNCTION:
+pqueue_free                             3704	EXIST::FUNCTION:
+BN_BLINDING_create_param                3705	EXIST::FUNCTION:
+ECDSA_size                              3706	EXIST::FUNCTION:ECDSA
+d2i_EC_PUBKEY_bio                       3707	EXIST::FUNCTION:BIO,EC
+BN_get0_nist_prime_521                  3708	EXIST::FUNCTION:
+STORE_ATTR_INFO_modify_sha1str          3709	NOEXIST::FUNCTION:
+BN_generate_prime_ex                    3710	EXIST::FUNCTION:
+EC_GROUP_new_by_curve_name              3711	EXIST::FUNCTION:EC
+SHA256_Final                            3712	EXIST::FUNCTION:SHA,SHA256
+DH_generate_parameters_ex               3713	EXIST::FUNCTION:DH
+PEM_read_bio_ECPrivateKey               3714	EXIST::FUNCTION:EC
+STORE_meth_get_cleanup_fn               3715	NOEXIST::FUNCTION:
+STORE_method_get_cleanup_function       3715	NOEXIST::FUNCTION:
+ENGINE_get_ECDH                         3716	EXIST::FUNCTION:ENGINE
+d2i_ECDSA_SIG                           3717	EXIST::FUNCTION:ECDSA
+BN_is_prime_fasttest_ex                 3718	EXIST::FUNCTION:
+ECDSA_sign                              3719	EXIST::FUNCTION:ECDSA
+X509_policy_check                       3720	EXIST::FUNCTION:
+EVP_PKEY_get_attr_by_NID                3721	EXIST::FUNCTION:
+STORE_set_ex_data                       3722	NOEXIST::FUNCTION:
+ENGINE_get_ECDSA                        3723	EXIST::FUNCTION:ENGINE
+EVP_ecdsa                               3724	EXIST::FUNCTION:SHA
+BN_BLINDING_get_flags                   3725	EXIST::FUNCTION:
+PKCS12_add_cert                         3726	EXIST::FUNCTION:
+STORE_OBJECT_new                        3727	NOEXIST::FUNCTION:
+ERR_load_ECDH_strings                   3728	EXIST::FUNCTION:ECDH
+EC_KEY_dup                              3729	EXIST::FUNCTION:EC
+EVP_CIPHER_CTX_rand_key                 3730	EXIST::FUNCTION:
+ECDSA_set_method                        3731	EXIST::FUNCTION:ECDSA
+a2i_IPADDRESS_NC                        3732	EXIST::FUNCTION:
+d2i_ECParameters                        3733	EXIST::FUNCTION:EC
+STORE_list_certificate_end              3734	NOEXIST::FUNCTION:
+STORE_get_crl                           3735	NOEXIST::FUNCTION:
+X509_POLICY_NODE_print                  3736	EXIST::FUNCTION:
+SHA384_Init                             3737	EXIST:!VMSVAX:FUNCTION:SHA,SHA512
+EC_GF2m_simple_method                   3738	EXIST::FUNCTION:EC
+ECDSA_set_ex_data                       3739	EXIST::FUNCTION:ECDSA
+SHA384_Final                            3740	EXIST:!VMSVAX:FUNCTION:SHA,SHA512
+PKCS7_set_digest                        3741	EXIST::FUNCTION:
+EC_KEY_print                            3742	EXIST::FUNCTION:BIO,EC
+STORE_meth_set_lock_store_fn            3743	NOEXIST::FUNCTION:
+STORE_method_set_lock_store_function    3743	NOEXIST::FUNCTION:
+ECDSA_get_ex_new_index                  3744	EXIST::FUNCTION:ECDSA
+SHA384                                  3745	EXIST:!VMSVAX:FUNCTION:SHA,SHA512
+POLICY_MAPPING_new                      3746	EXIST::FUNCTION:
+STORE_list_certificate_endp             3747	NOEXIST::FUNCTION:
+X509_STORE_CTX_get0_policy_tree         3748	EXIST::FUNCTION:
+EC_GROUP_set_asn1_flag                  3749	EXIST::FUNCTION:EC
+EC_KEY_check_key                        3750	EXIST::FUNCTION:EC
+d2i_EC_PUBKEY_fp                        3751	EXIST::FUNCTION:EC,FP_API
+PKCS7_set0_type_other                   3752	EXIST::FUNCTION:
+PEM_read_bio_X509_CERT_PAIR             3753	EXIST::FUNCTION:
+pqueue_next                             3754	EXIST::FUNCTION:
+STORE_meth_get_list_end_fn              3755	NOEXIST::FUNCTION:
+STORE_method_get_list_end_function      3755	NOEXIST::FUNCTION:
+EVP_PKEY_add1_attr_by_OBJ               3756	EXIST::FUNCTION:
+X509_VERIFY_PARAM_set_time              3757	EXIST::FUNCTION:
+pqueue_new                              3758	EXIST::FUNCTION:
+ENGINE_set_default_ECDH                 3759	EXIST::FUNCTION:ENGINE
+STORE_new_method                        3760	NOEXIST::FUNCTION:
+PKCS12_add_key                          3761	EXIST::FUNCTION:
+DSO_merge                               3762	EXIST::FUNCTION:
+EC_POINT_hex2point                      3763	EXIST::FUNCTION:EC
+BIO_dump_cb                             3764	EXIST::FUNCTION:
+SHA256_Update                           3765	EXIST::FUNCTION:SHA,SHA256
+pqueue_insert                           3766	EXIST::FUNCTION:
+pitem_free                              3767	EXIST::FUNCTION:
+BN_GF2m_mod_inv_arr                     3768	EXIST::FUNCTION:
+ENGINE_unregister_ECDSA                 3769	EXIST::FUNCTION:ENGINE
+BN_BLINDING_set_thread_id               3770	EXIST::FUNCTION:DEPRECATED
+get_rfc3526_prime_8192                  3771	EXIST::FUNCTION:
+X509_VERIFY_PARAM_clear_flags           3772	EXIST::FUNCTION:
+get_rfc2409_prime_1024                  3773	EXIST::FUNCTION:
+DH_check_pub_key                        3774	EXIST::FUNCTION:DH
+get_rfc3526_prime_2048                  3775	EXIST::FUNCTION:
+get_rfc3526_prime_6144                  3776	EXIST::FUNCTION:
+get_rfc3526_prime_1536                  3777	EXIST::FUNCTION:
+get_rfc3526_prime_3072                  3778	EXIST::FUNCTION:
+get_rfc3526_prime_4096                  3779	EXIST::FUNCTION:
+get_rfc2409_prime_768                   3780	EXIST::FUNCTION:
+X509_VERIFY_PARAM_get_flags             3781	EXIST::FUNCTION:
+EVP_CIPHER_CTX_new                      3782	EXIST::FUNCTION:
+EVP_CIPHER_CTX_free                     3783	EXIST::FUNCTION:
+Camellia_cbc_encrypt                    3784	EXIST::FUNCTION:CAMELLIA
+Camellia_cfb128_encrypt                 3785	EXIST::FUNCTION:CAMELLIA
+Camellia_cfb1_encrypt                   3786	EXIST::FUNCTION:CAMELLIA
+Camellia_cfb8_encrypt                   3787	EXIST::FUNCTION:CAMELLIA
+Camellia_ctr128_encrypt                 3788	EXIST::FUNCTION:CAMELLIA
+Camellia_cfbr_encrypt_block             3789	NOEXIST::FUNCTION:
+Camellia_decrypt                        3790	EXIST::FUNCTION:CAMELLIA
+Camellia_ecb_encrypt                    3791	EXIST::FUNCTION:CAMELLIA
+Camellia_encrypt                        3792	EXIST::FUNCTION:CAMELLIA
+Camellia_ofb128_encrypt                 3793	EXIST::FUNCTION:CAMELLIA
+Camellia_set_key                        3794	EXIST::FUNCTION:CAMELLIA
+EVP_camellia_128_cbc                    3795	EXIST::FUNCTION:CAMELLIA
+EVP_camellia_128_cfb128                 3796	EXIST::FUNCTION:CAMELLIA
+EVP_camellia_128_cfb1                   3797	EXIST::FUNCTION:CAMELLIA
+EVP_camellia_128_cfb8                   3798	EXIST::FUNCTION:CAMELLIA
+EVP_camellia_128_ecb                    3799	EXIST::FUNCTION:CAMELLIA
+EVP_camellia_128_ofb                    3800	EXIST::FUNCTION:CAMELLIA
+EVP_camellia_192_cbc                    3801	EXIST::FUNCTION:CAMELLIA
+EVP_camellia_192_cfb128                 3802	EXIST::FUNCTION:CAMELLIA
+EVP_camellia_192_cfb1                   3803	EXIST::FUNCTION:CAMELLIA
+EVP_camellia_192_cfb8                   3804	EXIST::FUNCTION:CAMELLIA
+EVP_camellia_192_ecb                    3805	EXIST::FUNCTION:CAMELLIA
+EVP_camellia_192_ofb                    3806	EXIST::FUNCTION:CAMELLIA
+EVP_camellia_256_cbc                    3807	EXIST::FUNCTION:CAMELLIA
+EVP_camellia_256_cfb128                 3808	EXIST::FUNCTION:CAMELLIA
+EVP_camellia_256_cfb1                   3809	EXIST::FUNCTION:CAMELLIA
+EVP_camellia_256_cfb8                   3810	EXIST::FUNCTION:CAMELLIA
+EVP_camellia_256_ecb                    3811	EXIST::FUNCTION:CAMELLIA
+EVP_camellia_256_ofb                    3812	EXIST::FUNCTION:CAMELLIA
+a2i_ipadd                               3813	EXIST::FUNCTION:
+ASIdentifiers_free                      3814	EXIST::FUNCTION:RFC3779
+i2d_ASIdOrRange                         3815	EXIST::FUNCTION:RFC3779
+EVP_CIPHER_block_size                   3816	EXIST::FUNCTION:
+v3_asid_is_canonical                    3817	EXIST::FUNCTION:RFC3779
+IPAddressChoice_free                    3818	EXIST::FUNCTION:RFC3779
+EVP_CIPHER_CTX_set_app_data             3819	EXIST::FUNCTION:
+BIO_set_callback_arg                    3820	EXIST::FUNCTION:
+v3_addr_add_prefix                      3821	EXIST::FUNCTION:RFC3779
+IPAddressOrRange_it                     3822	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779
+IPAddressOrRange_it                     3822	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RFC3779
+BIO_set_flags                           3823	EXIST::FUNCTION:
+ASIdentifiers_it                        3824	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779
+ASIdentifiers_it                        3824	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RFC3779
+v3_addr_get_range                       3825	EXIST::FUNCTION:RFC3779
+BIO_method_type                         3826	EXIST::FUNCTION:
+v3_addr_inherits                        3827	EXIST::FUNCTION:RFC3779
+IPAddressChoice_it                      3828	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779
+IPAddressChoice_it                      3828	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RFC3779
+AES_ige_encrypt                         3829	EXIST::FUNCTION:AES
+v3_addr_add_range                       3830	EXIST::FUNCTION:RFC3779
+EVP_CIPHER_CTX_nid                      3831	EXIST::FUNCTION:
+d2i_ASRange                             3832	EXIST::FUNCTION:RFC3779
+v3_addr_add_inherit                     3833	EXIST::FUNCTION:RFC3779
+v3_asid_add_id_or_range                 3834	EXIST::FUNCTION:RFC3779
+v3_addr_validate_resource_set           3835	EXIST::FUNCTION:RFC3779
+EVP_CIPHER_iv_length                    3836	EXIST::FUNCTION:
+EVP_MD_type                             3837	EXIST::FUNCTION:
+v3_asid_canonize                        3838	EXIST::FUNCTION:RFC3779
+IPAddressRange_free                     3839	EXIST::FUNCTION:RFC3779
+v3_asid_add_inherit                     3840	EXIST::FUNCTION:RFC3779
+EVP_CIPHER_CTX_key_length               3841	EXIST::FUNCTION:
+IPAddressRange_new                      3842	EXIST::FUNCTION:RFC3779
+ASIdOrRange_new                         3843	EXIST::FUNCTION:RFC3779
+EVP_MD_size                             3844	EXIST::FUNCTION:
+EVP_MD_CTX_test_flags                   3845	EXIST::FUNCTION:
+BIO_clear_flags                         3846	EXIST::FUNCTION:
+i2d_ASRange                             3847	EXIST::FUNCTION:RFC3779
+IPAddressRange_it                       3848	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779
+IPAddressRange_it                       3848	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RFC3779
+IPAddressChoice_new                     3849	EXIST::FUNCTION:RFC3779
+ASIdentifierChoice_new                  3850	EXIST::FUNCTION:RFC3779
+ASRange_free                            3851	EXIST::FUNCTION:RFC3779
+EVP_MD_pkey_type                        3852	EXIST::FUNCTION:
+EVP_MD_CTX_clear_flags                  3853	EXIST::FUNCTION:
+IPAddressFamily_free                    3854	EXIST::FUNCTION:RFC3779
+i2d_IPAddressFamily                     3855	EXIST::FUNCTION:RFC3779
+IPAddressOrRange_new                    3856	EXIST::FUNCTION:RFC3779
+EVP_CIPHER_flags                        3857	EXIST::FUNCTION:
+v3_asid_validate_resource_set           3858	EXIST::FUNCTION:RFC3779
+d2i_IPAddressRange                      3859	EXIST::FUNCTION:RFC3779
+AES_bi_ige_encrypt                      3860	EXIST::FUNCTION:AES
+BIO_get_callback                        3861	EXIST::FUNCTION:
+IPAddressOrRange_free                   3862	EXIST::FUNCTION:RFC3779
+v3_addr_subset                          3863	EXIST::FUNCTION:RFC3779
+d2i_IPAddressFamily                     3864	EXIST::FUNCTION:RFC3779
+v3_asid_subset                          3865	EXIST::FUNCTION:RFC3779
+BIO_test_flags                          3866	EXIST::FUNCTION:
+i2d_ASIdentifierChoice                  3867	EXIST::FUNCTION:RFC3779
+ASRange_it                              3868	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779
+ASRange_it                              3868	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RFC3779
+d2i_ASIdentifiers                       3869	EXIST::FUNCTION:RFC3779
+ASRange_new                             3870	EXIST::FUNCTION:RFC3779
+d2i_IPAddressChoice                     3871	EXIST::FUNCTION:RFC3779
+v3_addr_get_afi                         3872	EXIST::FUNCTION:RFC3779
+EVP_CIPHER_key_length                   3873	EXIST::FUNCTION:
+EVP_Cipher                              3874	EXIST::FUNCTION:
+i2d_IPAddressOrRange                    3875	EXIST::FUNCTION:RFC3779
+ASIdOrRange_it                          3876	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779
+ASIdOrRange_it                          3876	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RFC3779
+EVP_CIPHER_nid                          3877	EXIST::FUNCTION:
+i2d_IPAddressChoice                     3878	EXIST::FUNCTION:RFC3779
+EVP_CIPHER_CTX_block_size               3879	EXIST::FUNCTION:
+ASIdentifiers_new                       3880	EXIST::FUNCTION:RFC3779
+v3_addr_validate_path                   3881	EXIST::FUNCTION:RFC3779
+IPAddressFamily_new                     3882	EXIST::FUNCTION:RFC3779
+EVP_MD_CTX_set_flags                    3883	EXIST::FUNCTION:
+v3_addr_is_canonical                    3884	EXIST::FUNCTION:RFC3779
+i2d_IPAddressRange                      3885	EXIST::FUNCTION:RFC3779
+IPAddressFamily_it                      3886	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779
+IPAddressFamily_it                      3886	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RFC3779
+v3_asid_inherits                        3887	EXIST::FUNCTION:RFC3779
+EVP_CIPHER_CTX_cipher                   3888	EXIST::FUNCTION:
+EVP_CIPHER_CTX_get_app_data             3889	EXIST::FUNCTION:
+EVP_MD_block_size                       3890	EXIST::FUNCTION:
+EVP_CIPHER_CTX_flags                    3891	EXIST::FUNCTION:
+v3_asid_validate_path                   3892	EXIST::FUNCTION:RFC3779
+d2i_IPAddressOrRange                    3893	EXIST::FUNCTION:RFC3779
+v3_addr_canonize                        3894	EXIST::FUNCTION:RFC3779
+ASIdentifierChoice_it                   3895	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779
+ASIdentifierChoice_it                   3895	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RFC3779
+EVP_MD_CTX_md                           3896	EXIST::FUNCTION:
+d2i_ASIdentifierChoice                  3897	EXIST::FUNCTION:RFC3779
+BIO_method_name                         3898	EXIST::FUNCTION:
+EVP_CIPHER_CTX_iv_length                3899	EXIST::FUNCTION:
+ASIdOrRange_free                        3900	EXIST::FUNCTION:RFC3779
+ASIdentifierChoice_free                 3901	EXIST::FUNCTION:RFC3779
+BIO_get_callback_arg                    3902	EXIST::FUNCTION:
+BIO_set_callback                        3903	EXIST::FUNCTION:
+d2i_ASIdOrRange                         3904	EXIST::FUNCTION:RFC3779
+i2d_ASIdentifiers                       3905	EXIST::FUNCTION:RFC3779
+SEED_decrypt                            3908	EXIST::FUNCTION:SEED
+SEED_encrypt                            3909	EXIST::FUNCTION:SEED
+SEED_cbc_encrypt                        3910	EXIST::FUNCTION:SEED
+EVP_seed_ofb                            3911	EXIST::FUNCTION:SEED
+SEED_cfb128_encrypt                     3912	EXIST::FUNCTION:SEED
+SEED_ofb128_encrypt                     3913	EXIST::FUNCTION:SEED
+EVP_seed_cbc                            3914	EXIST::FUNCTION:SEED
+SEED_ecb_encrypt                        3915	EXIST::FUNCTION:SEED
+EVP_seed_ecb                            3916	EXIST::FUNCTION:SEED
+SEED_set_key                            3917	EXIST::FUNCTION:SEED
+EVP_seed_cfb128                         3918	EXIST::FUNCTION:SEED
+X509_EXTENSIONS_it                      3919	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+X509_EXTENSIONS_it                      3919	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+X509_get1_ocsp                          3920	EXIST::FUNCTION:
+OCSP_REQ_CTX_free                       3921	EXIST::FUNCTION:
+i2d_X509_EXTENSIONS                     3922	EXIST::FUNCTION:
+OCSP_sendreq_nbio                       3923	EXIST::FUNCTION:
+OCSP_sendreq_new                        3924	EXIST::FUNCTION:
+d2i_X509_EXTENSIONS                     3925	EXIST::FUNCTION:
+X509_ALGORS_it                          3926	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+X509_ALGORS_it                          3926	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+X509_ALGOR_get0                         3927	EXIST::FUNCTION:
+X509_ALGOR_set0                         3928	EXIST::FUNCTION:
+AES_unwrap_key                          3929	EXIST::FUNCTION:AES
+AES_wrap_key                            3930	EXIST::FUNCTION:AES
+X509at_get0_data_by_OBJ                 3931	EXIST::FUNCTION:
+ASN1_TYPE_set1                          3932	EXIST::FUNCTION:
+ASN1_STRING_set0                        3933	EXIST::FUNCTION:
+i2d_X509_ALGORS                         3934	EXIST::FUNCTION:
+BIO_f_zlib                              3935	EXIST:ZLIB:FUNCTION:
+COMP_zlib_cleanup                       3936	EXIST::FUNCTION:
+d2i_X509_ALGORS                         3937	EXIST::FUNCTION:
+CMS_ReceiptRequest_free                 3938	EXIST::FUNCTION:CMS
+PEM_write_CMS                           3939	EXIST:!WIN16:FUNCTION:CMS
+CMS_add0_CertificateChoices             3940	EXIST::FUNCTION:CMS
+CMS_unsigned_add1_attr_by_OBJ           3941	EXIST::FUNCTION:CMS
+ERR_load_CMS_strings                    3942	EXIST::FUNCTION:CMS
+CMS_sign_receipt                        3943	EXIST::FUNCTION:CMS
+i2d_CMS_ContentInfo                     3944	EXIST::FUNCTION:CMS
+CMS_signed_delete_attr                  3945	EXIST::FUNCTION:CMS
+d2i_CMS_bio                             3946	EXIST::FUNCTION:CMS
+CMS_unsigned_get_attr_by_NID            3947	EXIST::FUNCTION:CMS
+CMS_verify                              3948	EXIST::FUNCTION:CMS
+SMIME_read_CMS                          3949	EXIST::FUNCTION:CMS
+CMS_decrypt_set1_key                    3950	EXIST::FUNCTION:CMS
+CMS_SignerInfo_get0_algs                3951	EXIST::FUNCTION:CMS
+CMS_add1_cert                           3952	EXIST::FUNCTION:CMS
+CMS_set_detached                        3953	EXIST::FUNCTION:CMS
+CMS_encrypt                             3954	EXIST::FUNCTION:CMS
+CMS_EnvelopedData_create                3955	EXIST::FUNCTION:CMS
+CMS_uncompress                          3956	EXIST::FUNCTION:CMS
+CMS_add0_crl                            3957	EXIST::FUNCTION:CMS
+CMS_SignerInfo_verify_content           3958	EXIST::FUNCTION:CMS
+CMS_unsigned_get0_data_by_OBJ           3959	EXIST::FUNCTION:CMS
+PEM_write_bio_CMS                       3960	EXIST::FUNCTION:CMS
+CMS_unsigned_get_attr                   3961	EXIST::FUNCTION:CMS
+CMS_RecipientInfo_ktri_cert_cmp         3962	EXIST::FUNCTION:CMS
+CMS_RecipientInfo_ktri_get0_algs        3963	EXIST:!VMS:FUNCTION:CMS
+CMS_RecipInfo_ktri_get0_algs            3963	EXIST:VMS:FUNCTION:CMS
+CMS_ContentInfo_free                    3964	EXIST::FUNCTION:CMS
+CMS_final                               3965	EXIST::FUNCTION:CMS
+CMS_add_simple_smimecap                 3966	EXIST::FUNCTION:CMS
+CMS_SignerInfo_verify                   3967	EXIST::FUNCTION:CMS
+CMS_data                                3968	EXIST::FUNCTION:CMS
+CMS_ContentInfo_it                      3969	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:CMS
+CMS_ContentInfo_it                      3969	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:CMS
+d2i_CMS_ReceiptRequest                  3970	EXIST::FUNCTION:CMS
+CMS_compress                            3971	EXIST::FUNCTION:CMS
+CMS_digest_create                       3972	EXIST::FUNCTION:CMS
+CMS_SignerInfo_cert_cmp                 3973	EXIST::FUNCTION:CMS
+CMS_SignerInfo_sign                     3974	EXIST::FUNCTION:CMS
+CMS_data_create                         3975	EXIST::FUNCTION:CMS
+i2d_CMS_bio                             3976	EXIST::FUNCTION:CMS
+CMS_EncryptedData_set1_key              3977	EXIST::FUNCTION:CMS
+CMS_decrypt                             3978	EXIST::FUNCTION:CMS
+int_smime_write_ASN1                    3979	NOEXIST::FUNCTION:
+CMS_unsigned_delete_attr                3980	EXIST::FUNCTION:CMS
+CMS_unsigned_get_attr_count             3981	EXIST::FUNCTION:CMS
+CMS_add_smimecap                        3982	EXIST::FUNCTION:CMS
+PEM_read_CMS                            3983	EXIST:!WIN16:FUNCTION:CMS
+CMS_signed_get_attr_by_OBJ              3984	EXIST::FUNCTION:CMS
+d2i_CMS_ContentInfo                     3985	EXIST::FUNCTION:CMS
+CMS_add_standard_smimecap               3986	EXIST::FUNCTION:CMS
+CMS_ContentInfo_new                     3987	EXIST::FUNCTION:CMS
+CMS_RecipientInfo_type                  3988	EXIST::FUNCTION:CMS
+CMS_get0_type                           3989	EXIST::FUNCTION:CMS
+CMS_is_detached                         3990	EXIST::FUNCTION:CMS
+CMS_sign                                3991	EXIST::FUNCTION:CMS
+CMS_signed_add1_attr                    3992	EXIST::FUNCTION:CMS
+CMS_unsigned_get_attr_by_OBJ            3993	EXIST::FUNCTION:CMS
+SMIME_write_CMS                         3994	EXIST::FUNCTION:CMS
+CMS_EncryptedData_decrypt               3995	EXIST::FUNCTION:CMS
+CMS_get0_RecipientInfos                 3996	EXIST::FUNCTION:CMS
+CMS_add0_RevocationInfoChoice           3997	EXIST::FUNCTION:CMS
+CMS_decrypt_set1_pkey                   3998	EXIST::FUNCTION:CMS
+CMS_SignerInfo_set1_signer_cert         3999	EXIST::FUNCTION:CMS
+CMS_get0_signers                        4000	EXIST::FUNCTION:CMS
+CMS_ReceiptRequest_get0_values          4001	EXIST::FUNCTION:CMS
+CMS_signed_get0_data_by_OBJ             4002	EXIST::FUNCTION:CMS
+CMS_get0_SignerInfos                    4003	EXIST::FUNCTION:CMS
+CMS_add0_cert                           4004	EXIST::FUNCTION:CMS
+CMS_EncryptedData_encrypt               4005	EXIST::FUNCTION:CMS
+CMS_digest_verify                       4006	EXIST::FUNCTION:CMS
+CMS_set1_signers_certs                  4007	EXIST::FUNCTION:CMS
+CMS_signed_get_attr                     4008	EXIST::FUNCTION:CMS
+CMS_RecipientInfo_set0_key              4009	EXIST::FUNCTION:CMS
+CMS_SignedData_init                     4010	EXIST::FUNCTION:CMS
+CMS_RecipientInfo_kekri_get0_id         4011	EXIST::FUNCTION:CMS
+CMS_verify_receipt                      4012	EXIST::FUNCTION:CMS
+CMS_ReceiptRequest_it                   4013	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:CMS
+CMS_ReceiptRequest_it                   4013	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:CMS
+PEM_read_bio_CMS                        4014	EXIST::FUNCTION:CMS
+CMS_get1_crls                           4015	EXIST::FUNCTION:CMS
+CMS_add0_recipient_key                  4016	EXIST::FUNCTION:CMS
+SMIME_read_ASN1                         4017	EXIST::FUNCTION:
+CMS_ReceiptRequest_new                  4018	EXIST::FUNCTION:CMS
+CMS_get0_content                        4019	EXIST::FUNCTION:CMS
+CMS_get1_ReceiptRequest                 4020	EXIST::FUNCTION:CMS
+CMS_signed_add1_attr_by_OBJ             4021	EXIST::FUNCTION:CMS
+CMS_RecipientInfo_kekri_id_cmp          4022	EXIST::FUNCTION:CMS
+CMS_add1_ReceiptRequest                 4023	EXIST::FUNCTION:CMS
+CMS_SignerInfo_get0_signer_id           4024	EXIST::FUNCTION:CMS
+CMS_unsigned_add1_attr_by_NID           4025	EXIST::FUNCTION:CMS
+CMS_unsigned_add1_attr                  4026	EXIST::FUNCTION:CMS
+CMS_signed_get_attr_by_NID              4027	EXIST::FUNCTION:CMS
+CMS_get1_certs                          4028	EXIST::FUNCTION:CMS
+CMS_signed_add1_attr_by_NID             4029	EXIST::FUNCTION:CMS
+CMS_unsigned_add1_attr_by_txt           4030	EXIST::FUNCTION:CMS
+CMS_dataFinal                           4031	EXIST::FUNCTION:CMS
+CMS_RecipientInfo_ktri_get0_signer_id   4032	EXIST:!VMS:FUNCTION:CMS
+CMS_RecipInfo_ktri_get0_sigr_id         4032	EXIST:VMS:FUNCTION:CMS
+i2d_CMS_ReceiptRequest                  4033	EXIST::FUNCTION:CMS
+CMS_add1_recipient_cert                 4034	EXIST::FUNCTION:CMS
+CMS_dataInit                            4035	EXIST::FUNCTION:CMS
+CMS_signed_add1_attr_by_txt             4036	EXIST::FUNCTION:CMS
+CMS_RecipientInfo_decrypt               4037	EXIST::FUNCTION:CMS
+CMS_signed_get_attr_count               4038	EXIST::FUNCTION:CMS
+CMS_get0_eContentType                   4039	EXIST::FUNCTION:CMS
+CMS_set1_eContentType                   4040	EXIST::FUNCTION:CMS
+CMS_ReceiptRequest_create0              4041	EXIST::FUNCTION:CMS
+CMS_add1_signer                         4042	EXIST::FUNCTION:CMS
+CMS_RecipientInfo_set0_pkey             4043	EXIST::FUNCTION:CMS
+ENGINE_set_load_ssl_client_cert_function 4044	EXIST:!VMS:FUNCTION:ENGINE
+ENGINE_set_ld_ssl_clnt_cert_fn          4044	EXIST:VMS:FUNCTION:ENGINE
+ENGINE_get_ssl_client_cert_function     4045	EXIST:!VMS:FUNCTION:ENGINE
+ENGINE_get_ssl_client_cert_fn           4045	EXIST:VMS:FUNCTION:ENGINE
+ENGINE_load_ssl_client_cert             4046	EXIST::FUNCTION:ENGINE
+ENGINE_load_capi                        4047	EXIST::FUNCTION:ENGINE,STATIC_ENGINE
+OPENSSL_isservice                       4048	EXIST::FUNCTION:
+FIPS_dsa_sig_decode                     4049	NOEXIST::FUNCTION:
+EVP_CIPHER_CTX_clear_flags              4050	EXIST::FUNCTION:
+FIPS_rand_status                        4051	NOEXIST::FUNCTION:
+FIPS_rand_set_key                       4052	NOEXIST::FUNCTION:
+CRYPTO_set_mem_info_functions           4053	NOEXIST::FUNCTION:
+RSA_X931_generate_key_ex                4054	NOEXIST::FUNCTION:
+int_ERR_set_state_func                  4055	NOEXIST::FUNCTION:
+int_EVP_MD_set_engine_callbacks         4056	NOEXIST::FUNCTION:
+int_CRYPTO_set_do_dynlock_callback      4057	NOEXIST::FUNCTION:
+FIPS_rng_stick                          4058	NOEXIST::FUNCTION:
+EVP_CIPHER_CTX_set_flags                4059	EXIST::FUNCTION:
+BN_X931_generate_prime_ex               4060	NOEXIST::FUNCTION:
+FIPS_selftest_check                     4061	NOEXIST::FUNCTION:
+FIPS_rand_set_dt                        4062	NOEXIST::FUNCTION:
+CRYPTO_dbg_pop_info                     4063	NOEXIST::FUNCTION:
+FIPS_dsa_free                           4064	NOEXIST::FUNCTION:
+RSA_X931_derive_ex                      4065	NOEXIST::FUNCTION:
+FIPS_rsa_new                            4066	NOEXIST::FUNCTION:
+FIPS_rand_bytes                         4067	NOEXIST::FUNCTION:
+fips_cipher_test                        4068	NOEXIST::FUNCTION:
+EVP_CIPHER_CTX_test_flags               4069	EXIST::FUNCTION:
+CRYPTO_malloc_debug_init                4070	NOEXIST::FUNCTION:
+CRYPTO_dbg_push_info                    4071	NOEXIST::FUNCTION:
+FIPS_corrupt_rsa_keygen                 4072	NOEXIST::FUNCTION:
+FIPS_dh_new                             4073	NOEXIST::FUNCTION:
+FIPS_corrupt_dsa_keygen                 4074	NOEXIST::FUNCTION:
+FIPS_dh_free                            4075	NOEXIST::FUNCTION:
+fips_pkey_signature_test                4076	NOEXIST::FUNCTION:
+EVP_add_alg_module                      4077	NOEXIST::FUNCTION:
+int_RAND_init_engine_callbacks          4078	NOEXIST::FUNCTION:
+int_EVP_CIPHER_set_engine_callbacks     4079	NOEXIST::FUNCTION:
+int_EVP_MD_init_engine_callbacks        4080	NOEXIST::FUNCTION:
+FIPS_rand_test_mode                     4081	NOEXIST::FUNCTION:
+FIPS_rand_reset                         4082	NOEXIST::FUNCTION:
+FIPS_dsa_new                            4083	NOEXIST::FUNCTION:
+int_RAND_set_callbacks                  4084	NOEXIST::FUNCTION:
+BN_X931_derive_prime_ex                 4085	NOEXIST::FUNCTION:
+int_ERR_lib_init                        4086	NOEXIST::FUNCTION:
+int_EVP_CIPHER_init_engine_callbacks    4087	NOEXIST::FUNCTION:
+FIPS_rsa_free                           4088	NOEXIST::FUNCTION:
+FIPS_dsa_sig_encode                     4089	NOEXIST::FUNCTION:
+CRYPTO_dbg_remove_all_info              4090	NOEXIST::FUNCTION:
+OPENSSL_init                            4091	NOEXIST::FUNCTION:
+private_Camellia_set_key                4092	NOEXIST::FUNCTION:
+CRYPTO_strdup                           4093	EXIST::FUNCTION:
+JPAKE_STEP3A_process                    4094	EXIST::FUNCTION:JPAKE
+JPAKE_STEP1_release                     4095	EXIST::FUNCTION:JPAKE
+JPAKE_get_shared_key                    4096	EXIST::FUNCTION:JPAKE
+JPAKE_STEP3B_init                       4097	EXIST::FUNCTION:JPAKE
+JPAKE_STEP1_generate                    4098	EXIST::FUNCTION:JPAKE
+JPAKE_STEP1_init                        4099	EXIST::FUNCTION:JPAKE
+JPAKE_STEP3B_process                    4100	EXIST::FUNCTION:JPAKE
+JPAKE_STEP2_generate                    4101	EXIST::FUNCTION:JPAKE
+JPAKE_CTX_new                           4102	EXIST::FUNCTION:JPAKE
+JPAKE_CTX_free                          4103	EXIST::FUNCTION:JPAKE
+JPAKE_STEP3B_release                    4104	EXIST::FUNCTION:JPAKE
+JPAKE_STEP3A_release                    4105	EXIST::FUNCTION:JPAKE
+JPAKE_STEP2_process                     4106	EXIST::FUNCTION:JPAKE
+JPAKE_STEP3B_generate                   4107	EXIST::FUNCTION:JPAKE
+JPAKE_STEP1_process                     4108	EXIST::FUNCTION:JPAKE
+JPAKE_STEP3A_generate                   4109	EXIST::FUNCTION:JPAKE
+JPAKE_STEP2_release                     4110	EXIST::FUNCTION:JPAKE
+JPAKE_STEP3A_init                       4111	EXIST::FUNCTION:JPAKE
+ERR_load_JPAKE_strings                  4112	EXIST::FUNCTION:JPAKE
+JPAKE_STEP2_init                        4113	EXIST::FUNCTION:JPAKE
+pqueue_size                             4114	EXIST::FUNCTION:
+i2d_TS_ACCURACY                         4115	EXIST::FUNCTION:
+i2d_TS_MSG_IMPRINT_fp                   4116	EXIST::FUNCTION:
+i2d_TS_MSG_IMPRINT                      4117	EXIST::FUNCTION:
+EVP_PKEY_print_public                   4118	EXIST::FUNCTION:
+EVP_PKEY_CTX_new                        4119	EXIST::FUNCTION:
+i2d_TS_TST_INFO                         4120	EXIST::FUNCTION:
+EVP_PKEY_asn1_find                      4121	EXIST::FUNCTION:
+DSO_METHOD_beos                         4122	EXIST::FUNCTION:
+TS_CONF_load_cert                       4123	EXIST::FUNCTION:
+TS_REQ_get_ext                          4124	EXIST::FUNCTION:
+EVP_PKEY_sign_init                      4125	EXIST::FUNCTION:
+ASN1_item_print                         4126	EXIST::FUNCTION:
+TS_TST_INFO_set_nonce                   4127	EXIST::FUNCTION:
+TS_RESP_dup                             4128	EXIST::FUNCTION:
+ENGINE_register_pkey_meths              4129	EXIST::FUNCTION:ENGINE
+EVP_PKEY_asn1_add0                      4130	EXIST::FUNCTION:
+PKCS7_add0_attrib_signing_time          4131	EXIST::FUNCTION:
+i2d_TS_TST_INFO_fp                      4132	EXIST::FUNCTION:
+BIO_asn1_get_prefix                     4133	EXIST::FUNCTION:
+TS_TST_INFO_set_time                    4134	EXIST::FUNCTION:
+EVP_PKEY_meth_set_decrypt               4135	EXIST::FUNCTION:
+EVP_PKEY_set_type_str                   4136	EXIST::FUNCTION:
+EVP_PKEY_CTX_get_keygen_info            4137	EXIST::FUNCTION:
+TS_REQ_set_policy_id                    4138	EXIST::FUNCTION:
+d2i_TS_RESP_fp                          4139	EXIST::FUNCTION:
+ENGINE_get_pkey_asn1_meth_engine        4140	EXIST:!VMS:FUNCTION:ENGINE
+ENGINE_get_pkey_asn1_meth_eng           4140	EXIST:VMS:FUNCTION:ENGINE
+WHIRLPOOL_Init                          4141	EXIST::FUNCTION:WHIRLPOOL
+TS_RESP_set_status_info                 4142	EXIST::FUNCTION:
+EVP_PKEY_keygen                         4143	EXIST::FUNCTION:
+EVP_DigestSignInit                      4144	EXIST::FUNCTION:
+TS_ACCURACY_set_millis                  4145	EXIST::FUNCTION:
+TS_REQ_dup                              4146	EXIST::FUNCTION:
+GENERAL_NAME_dup                        4147	EXIST::FUNCTION:
+ASN1_SEQUENCE_ANY_it                    4148	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ASN1_SEQUENCE_ANY_it                    4148	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+WHIRLPOOL                               4149	EXIST::FUNCTION:WHIRLPOOL
+X509_STORE_get1_crls                    4150	EXIST::FUNCTION:
+ENGINE_get_pkey_asn1_meth               4151	EXIST::FUNCTION:ENGINE
+EVP_PKEY_asn1_new                       4152	EXIST::FUNCTION:
+BIO_new_NDEF                            4153	EXIST::FUNCTION:
+ENGINE_get_pkey_meth                    4154	EXIST::FUNCTION:ENGINE
+TS_MSG_IMPRINT_set_algo                 4155	EXIST::FUNCTION:
+i2d_TS_TST_INFO_bio                     4156	EXIST::FUNCTION:
+TS_TST_INFO_set_ordering                4157	EXIST::FUNCTION:
+TS_TST_INFO_get_ext_by_OBJ              4158	EXIST::FUNCTION:
+CRYPTO_THREADID_set_pointer             4159	EXIST::FUNCTION:
+TS_CONF_get_tsa_section                 4160	EXIST::FUNCTION:
+SMIME_write_ASN1                        4161	EXIST::FUNCTION:
+TS_RESP_CTX_set_signer_key              4162	EXIST::FUNCTION:
+EVP_PKEY_encrypt_old                    4163	EXIST::FUNCTION:
+EVP_PKEY_encrypt_init                   4164	EXIST::FUNCTION:
+CRYPTO_THREADID_cpy                     4165	EXIST::FUNCTION:
+ASN1_PCTX_get_cert_flags                4166	EXIST::FUNCTION:
+i2d_ESS_SIGNING_CERT                    4167	EXIST::FUNCTION:
+TS_CONF_load_key                        4168	EXIST::FUNCTION:
+i2d_ASN1_SEQUENCE_ANY                   4169	EXIST::FUNCTION:
+d2i_TS_MSG_IMPRINT_bio                  4170	EXIST::FUNCTION:
+EVP_PKEY_asn1_set_public                4171	EXIST::FUNCTION:
+b2i_PublicKey_bio                       4172	EXIST::FUNCTION:
+BIO_asn1_set_prefix                     4173	EXIST::FUNCTION:
+EVP_PKEY_new_mac_key                    4174	EXIST::FUNCTION:
+BIO_new_CMS                             4175	EXIST::FUNCTION:CMS
+CRYPTO_THREADID_cmp                     4176	EXIST::FUNCTION:
+TS_REQ_ext_free                         4177	EXIST::FUNCTION:
+EVP_PKEY_asn1_set_free                  4178	EXIST::FUNCTION:
+EVP_PKEY_get0_asn1                      4179	EXIST::FUNCTION:
+d2i_NETSCAPE_X509                       4180	EXIST::FUNCTION:
+EVP_PKEY_verify_recover_init            4181	EXIST::FUNCTION:
+EVP_PKEY_CTX_set_data                   4182	EXIST::FUNCTION:
+EVP_PKEY_keygen_init                    4183	EXIST::FUNCTION:
+TS_RESP_CTX_set_status_info             4184	EXIST::FUNCTION:
+TS_MSG_IMPRINT_get_algo                 4185	EXIST::FUNCTION:
+TS_REQ_print_bio                        4186	EXIST::FUNCTION:
+EVP_PKEY_CTX_ctrl_str                   4187	EXIST::FUNCTION:
+EVP_PKEY_get_default_digest_nid         4188	EXIST::FUNCTION:
+PEM_write_bio_PKCS7_stream              4189	EXIST::FUNCTION:
+TS_MSG_IMPRINT_print_bio                4190	EXIST::FUNCTION:
+BN_asc2bn                               4191	EXIST::FUNCTION:
+TS_REQ_get_policy_id                    4192	EXIST::FUNCTION:
+ENGINE_set_default_pkey_asn1_meths      4193	EXIST:!VMS:FUNCTION:ENGINE
+ENGINE_set_def_pkey_asn1_meths          4193	EXIST:VMS:FUNCTION:ENGINE
+d2i_TS_ACCURACY                         4194	EXIST::FUNCTION:
+DSO_global_lookup                       4195	EXIST::FUNCTION:
+TS_CONF_set_tsa_name                    4196	EXIST::FUNCTION:
+i2d_ASN1_SET_ANY                        4197	EXIST::FUNCTION:
+ENGINE_load_gost                        4198	EXIST::FUNCTION:ENGINE,GOST,STATIC_ENGINE
+WHIRLPOOL_BitUpdate                     4199	EXIST::FUNCTION:WHIRLPOOL
+ASN1_PCTX_get_flags                     4200	EXIST::FUNCTION:
+TS_TST_INFO_get_ext_by_NID              4201	EXIST::FUNCTION:
+TS_RESP_new                             4202	EXIST::FUNCTION:
+ESS_CERT_ID_dup                         4203	EXIST::FUNCTION:
+TS_STATUS_INFO_dup                      4204	EXIST::FUNCTION:
+TS_REQ_delete_ext                       4205	EXIST::FUNCTION:
+EVP_DigestVerifyFinal                   4206	EXIST::FUNCTION:
+EVP_PKEY_print_params                   4207	EXIST::FUNCTION:
+i2d_CMS_bio_stream                      4208	EXIST::FUNCTION:CMS
+TS_REQ_get_msg_imprint                  4209	EXIST::FUNCTION:
+OBJ_find_sigid_by_algs                  4210	EXIST::FUNCTION:
+TS_TST_INFO_get_serial                  4211	EXIST::FUNCTION:
+TS_REQ_get_nonce                        4212	EXIST::FUNCTION:
+X509_PUBKEY_set0_param                  4213	EXIST::FUNCTION:
+EVP_PKEY_CTX_set0_keygen_info           4214	EXIST::FUNCTION:
+DIST_POINT_set_dpname                   4215	EXIST::FUNCTION:
+i2d_ISSUING_DIST_POINT                  4216	EXIST::FUNCTION:
+ASN1_SET_ANY_it                         4217	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ASN1_SET_ANY_it                         4217	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+EVP_PKEY_CTX_get_data                   4218	EXIST::FUNCTION:
+TS_STATUS_INFO_print_bio                4219	EXIST::FUNCTION:
+EVP_PKEY_derive_init                    4220	EXIST::FUNCTION:
+d2i_TS_TST_INFO                         4221	EXIST::FUNCTION:
+EVP_PKEY_asn1_add_alias                 4222	EXIST::FUNCTION:
+d2i_TS_RESP_bio                         4223	EXIST::FUNCTION:
+OTHERNAME_cmp                           4224	EXIST::FUNCTION:
+GENERAL_NAME_set0_value                 4225	EXIST::FUNCTION:
+PKCS7_RECIP_INFO_get0_alg               4226	EXIST::FUNCTION:
+TS_RESP_CTX_new                         4227	EXIST::FUNCTION:
+TS_RESP_set_tst_info                    4228	EXIST::FUNCTION:
+PKCS7_final                             4229	EXIST::FUNCTION:
+EVP_PKEY_base_id                        4230	EXIST::FUNCTION:
+TS_RESP_CTX_set_signer_cert             4231	EXIST::FUNCTION:
+TS_REQ_set_msg_imprint                  4232	EXIST::FUNCTION:
+EVP_PKEY_CTX_ctrl                       4233	EXIST::FUNCTION:
+TS_CONF_set_digests                     4234	EXIST::FUNCTION:
+d2i_TS_MSG_IMPRINT                      4235	EXIST::FUNCTION:
+EVP_PKEY_meth_set_ctrl                  4236	EXIST::FUNCTION:
+TS_REQ_get_ext_by_NID                   4237	EXIST::FUNCTION:
+PKCS5_pbe_set0_algor                    4238	EXIST::FUNCTION:
+BN_BLINDING_thread_id                   4239	EXIST::FUNCTION:
+TS_ACCURACY_new                         4240	EXIST::FUNCTION:
+X509_CRL_METHOD_free                    4241	EXIST::FUNCTION:
+ASN1_PCTX_get_nm_flags                  4242	EXIST::FUNCTION:
+EVP_PKEY_meth_set_sign                  4243	EXIST::FUNCTION:
+CRYPTO_THREADID_current                 4244	EXIST::FUNCTION:
+EVP_PKEY_decrypt_init                   4245	EXIST::FUNCTION:
+NETSCAPE_X509_free                      4246	EXIST::FUNCTION:
+i2b_PVK_bio                             4247	EXIST::FUNCTION:
+EVP_PKEY_print_private                  4248	EXIST::FUNCTION:
+GENERAL_NAME_get0_value                 4249	EXIST::FUNCTION:
+b2i_PVK_bio                             4250	EXIST::FUNCTION:
+ASN1_UTCTIME_adj                        4251	EXIST::FUNCTION:
+TS_TST_INFO_new                         4252	EXIST::FUNCTION:
+EVP_MD_do_all_sorted                    4253	EXIST::FUNCTION:
+TS_CONF_set_default_engine              4254	EXIST::FUNCTION:
+TS_ACCURACY_set_seconds                 4255	EXIST::FUNCTION:
+TS_TST_INFO_get_time                    4256	EXIST::FUNCTION:
+PKCS8_pkey_get0                         4257	EXIST::FUNCTION:
+EVP_PKEY_asn1_get0                      4258	EXIST::FUNCTION:
+OBJ_add_sigid                           4259	EXIST::FUNCTION:
+PKCS7_SIGNER_INFO_sign                  4260	EXIST::FUNCTION:
+EVP_PKEY_paramgen_init                  4261	EXIST::FUNCTION:
+EVP_PKEY_sign                           4262	EXIST::FUNCTION:
+OBJ_sigid_free                          4263	EXIST::FUNCTION:
+EVP_PKEY_meth_set_init                  4264	EXIST::FUNCTION:
+d2i_ESS_ISSUER_SERIAL                   4265	EXIST::FUNCTION:
+ISSUING_DIST_POINT_new                  4266	EXIST::FUNCTION:
+ASN1_TIME_adj                           4267	EXIST::FUNCTION:
+TS_OBJ_print_bio                        4268	EXIST::FUNCTION:
+EVP_PKEY_meth_set_verify_recover        4269	EXIST:!VMS:FUNCTION:
+EVP_PKEY_meth_set_vrfy_recover          4269	EXIST:VMS:FUNCTION:
+TS_RESP_get_status_info                 4270	EXIST::FUNCTION:
+CMS_stream                              4271	EXIST::FUNCTION:CMS
+EVP_PKEY_CTX_set_cb                     4272	EXIST::FUNCTION:
+PKCS7_to_TS_TST_INFO                    4273	EXIST::FUNCTION:
+ASN1_PCTX_get_oid_flags                 4274	EXIST::FUNCTION:
+TS_TST_INFO_add_ext                     4275	EXIST::FUNCTION:
+EVP_PKEY_meth_set_derive                4276	EXIST::FUNCTION:
+i2d_TS_RESP_fp                          4277	EXIST::FUNCTION:
+i2d_TS_MSG_IMPRINT_bio                  4278	EXIST::FUNCTION:
+TS_RESP_CTX_set_accuracy                4279	EXIST::FUNCTION:
+TS_REQ_set_nonce                        4280	EXIST::FUNCTION:
+ESS_CERT_ID_new                         4281	EXIST::FUNCTION:
+ENGINE_pkey_asn1_find_str               4282	EXIST::FUNCTION:ENGINE
+TS_REQ_get_ext_count                    4283	EXIST::FUNCTION:
+BUF_reverse                             4284	EXIST::FUNCTION:
+TS_TST_INFO_print_bio                   4285	EXIST::FUNCTION:
+d2i_ISSUING_DIST_POINT                  4286	EXIST::FUNCTION:
+ENGINE_get_pkey_meths                   4287	EXIST::FUNCTION:ENGINE
+i2b_PrivateKey_bio                      4288	EXIST::FUNCTION:
+i2d_TS_RESP                             4289	EXIST::FUNCTION:
+b2i_PublicKey                           4290	EXIST::FUNCTION:
+TS_VERIFY_CTX_cleanup                   4291	EXIST::FUNCTION:
+TS_STATUS_INFO_free                     4292	EXIST::FUNCTION:
+TS_RESP_verify_token                    4293	EXIST::FUNCTION:
+OBJ_bsearch_ex_                         4294	EXIST::FUNCTION:
+ASN1_bn_print                           4295	EXIST::FUNCTION:BIO
+EVP_PKEY_asn1_get_count                 4296	EXIST::FUNCTION:
+ENGINE_register_pkey_asn1_meths         4297	EXIST::FUNCTION:ENGINE
+ASN1_PCTX_set_nm_flags                  4298	EXIST::FUNCTION:
+EVP_DigestVerifyInit                    4299	EXIST::FUNCTION:
+ENGINE_set_default_pkey_meths           4300	EXIST::FUNCTION:ENGINE
+TS_TST_INFO_get_policy_id               4301	EXIST::FUNCTION:
+TS_REQ_get_cert_req                     4302	EXIST::FUNCTION:
+X509_CRL_set_meth_data                  4303	EXIST::FUNCTION:
+PKCS8_pkey_set0                         4304	EXIST::FUNCTION:
+ASN1_STRING_copy                        4305	EXIST::FUNCTION:
+d2i_TS_TST_INFO_fp                      4306	EXIST::FUNCTION:
+X509_CRL_match                          4307	EXIST::FUNCTION:
+EVP_PKEY_asn1_set_private               4308	EXIST::FUNCTION:
+TS_TST_INFO_get_ext_d2i                 4309	EXIST::FUNCTION:
+TS_RESP_CTX_add_policy                  4310	EXIST::FUNCTION:
+d2i_TS_RESP                             4311	EXIST::FUNCTION:
+TS_CONF_load_certs                      4312	EXIST::FUNCTION:
+TS_TST_INFO_get_msg_imprint             4313	EXIST::FUNCTION:
+ERR_load_TS_strings                     4314	EXIST::FUNCTION:
+TS_TST_INFO_get_version                 4315	EXIST::FUNCTION:
+EVP_PKEY_CTX_dup                        4316	EXIST::FUNCTION:
+EVP_PKEY_meth_set_verify                4317	EXIST::FUNCTION:
+i2b_PublicKey_bio                       4318	EXIST::FUNCTION:
+TS_CONF_set_certs                       4319	EXIST::FUNCTION:
+EVP_PKEY_asn1_get0_info                 4320	EXIST::FUNCTION:
+TS_VERIFY_CTX_free                      4321	EXIST::FUNCTION:
+TS_REQ_get_ext_by_critical              4322	EXIST::FUNCTION:
+TS_RESP_CTX_set_serial_cb               4323	EXIST::FUNCTION:
+X509_CRL_get_meth_data                  4324	EXIST::FUNCTION:
+TS_RESP_CTX_set_time_cb                 4325	EXIST::FUNCTION:
+TS_MSG_IMPRINT_get_msg                  4326	EXIST::FUNCTION:
+TS_TST_INFO_ext_free                    4327	EXIST::FUNCTION:
+TS_REQ_get_version                      4328	EXIST::FUNCTION:
+TS_REQ_add_ext                          4329	EXIST::FUNCTION:
+EVP_PKEY_CTX_set_app_data               4330	EXIST::FUNCTION:
+OBJ_bsearch_                            4331	EXIST::FUNCTION:
+EVP_PKEY_meth_set_verifyctx             4332	EXIST::FUNCTION:
+i2d_PKCS7_bio_stream                    4333	EXIST::FUNCTION:
+CRYPTO_THREADID_set_numeric             4334	EXIST::FUNCTION:
+PKCS7_sign_add_signer                   4335	EXIST::FUNCTION:
+d2i_TS_TST_INFO_bio                     4336	EXIST::FUNCTION:
+TS_TST_INFO_get_ordering                4337	EXIST::FUNCTION:
+TS_RESP_print_bio                       4338	EXIST::FUNCTION:
+TS_TST_INFO_get_exts                    4339	EXIST::FUNCTION:
+HMAC_CTX_copy                           4340	EXIST::FUNCTION:HMAC
+PKCS5_pbe2_set_iv                       4341	EXIST::FUNCTION:
+ENGINE_get_pkey_asn1_meths              4342	EXIST::FUNCTION:ENGINE
+b2i_PrivateKey                          4343	EXIST::FUNCTION:
+EVP_PKEY_CTX_get_app_data               4344	EXIST::FUNCTION:
+TS_REQ_set_cert_req                     4345	EXIST::FUNCTION:
+CRYPTO_THREADID_set_callback            4346	EXIST::FUNCTION:
+TS_CONF_set_serial                      4347	EXIST::FUNCTION:
+TS_TST_INFO_free                        4348	EXIST::FUNCTION:
+d2i_TS_REQ_fp                           4349	EXIST::FUNCTION:
+TS_RESP_verify_response                 4350	EXIST::FUNCTION:
+i2d_ESS_ISSUER_SERIAL                   4351	EXIST::FUNCTION:
+TS_ACCURACY_get_seconds                 4352	EXIST::FUNCTION:
+EVP_CIPHER_do_all                       4353	EXIST::FUNCTION:
+b2i_PrivateKey_bio                      4354	EXIST::FUNCTION:
+OCSP_CERTID_dup                         4355	EXIST::FUNCTION:
+X509_PUBKEY_get0_param                  4356	EXIST::FUNCTION:
+TS_MSG_IMPRINT_dup                      4357	EXIST::FUNCTION:
+PKCS7_print_ctx                         4358	EXIST::FUNCTION:
+i2d_TS_REQ_bio                          4359	EXIST::FUNCTION:
+EVP_whirlpool                           4360	EXIST::FUNCTION:WHIRLPOOL
+EVP_PKEY_asn1_set_param                 4361	EXIST::FUNCTION:
+EVP_PKEY_meth_set_encrypt               4362	EXIST::FUNCTION:
+ASN1_PCTX_set_flags                     4363	EXIST::FUNCTION:
+i2d_ESS_CERT_ID                         4364	EXIST::FUNCTION:
+TS_VERIFY_CTX_new                       4365	EXIST::FUNCTION:
+TS_RESP_CTX_set_extension_cb            4366	EXIST::FUNCTION:
+ENGINE_register_all_pkey_meths          4367	EXIST::FUNCTION:ENGINE
+TS_RESP_CTX_set_status_info_cond        4368	EXIST:!VMS:FUNCTION:
+TS_RESP_CTX_set_stat_info_cond          4368	EXIST:VMS:FUNCTION:
+EVP_PKEY_verify                         4369	EXIST::FUNCTION:
+WHIRLPOOL_Final                         4370	EXIST::FUNCTION:WHIRLPOOL
+X509_CRL_METHOD_new                     4371	EXIST::FUNCTION:
+EVP_DigestSignFinal                     4372	EXIST::FUNCTION:
+TS_RESP_CTX_set_def_policy              4373	EXIST::FUNCTION:
+NETSCAPE_X509_it                        4374	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+NETSCAPE_X509_it                        4374	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+TS_RESP_create_response                 4375	EXIST::FUNCTION:
+PKCS7_SIGNER_INFO_get0_algs             4376	EXIST::FUNCTION:
+TS_TST_INFO_get_nonce                   4377	EXIST::FUNCTION:
+EVP_PKEY_decrypt_old                    4378	EXIST::FUNCTION:
+TS_TST_INFO_set_policy_id               4379	EXIST::FUNCTION:
+TS_CONF_set_ess_cert_id_chain           4380	EXIST::FUNCTION:
+EVP_PKEY_CTX_get0_pkey                  4381	EXIST::FUNCTION:
+d2i_TS_REQ                              4382	EXIST::FUNCTION:
+EVP_PKEY_asn1_find_str                  4383	EXIST::FUNCTION:
+BIO_f_asn1                              4384	EXIST::FUNCTION:
+ESS_SIGNING_CERT_new                    4385	EXIST::FUNCTION:
+EVP_PBE_find                            4386	EXIST::FUNCTION:
+X509_CRL_get0_by_cert                   4387	EXIST::FUNCTION:
+EVP_PKEY_derive                         4388	EXIST::FUNCTION:
+i2d_TS_REQ                              4389	EXIST::FUNCTION:
+TS_TST_INFO_delete_ext                  4390	EXIST::FUNCTION:
+ESS_ISSUER_SERIAL_free                  4391	EXIST::FUNCTION:
+ASN1_PCTX_set_str_flags                 4392	EXIST::FUNCTION:
+ENGINE_get_pkey_asn1_meth_str           4393	EXIST::FUNCTION:ENGINE
+TS_CONF_set_signer_key                  4394	EXIST::FUNCTION:
+TS_ACCURACY_get_millis                  4395	EXIST::FUNCTION:
+TS_RESP_get_token                       4396	EXIST::FUNCTION:
+TS_ACCURACY_dup                         4397	EXIST::FUNCTION:
+ENGINE_register_all_pkey_asn1_meths     4398	EXIST:!VMS:FUNCTION:ENGINE
+ENGINE_reg_all_pkey_asn1_meths          4398	EXIST:VMS:FUNCTION:ENGINE
+X509_CRL_set_default_method             4399	EXIST::FUNCTION:
+CRYPTO_THREADID_hash                    4400	EXIST::FUNCTION:
+CMS_ContentInfo_print_ctx               4401	EXIST::FUNCTION:CMS
+TS_RESP_free                            4402	EXIST::FUNCTION:
+ISSUING_DIST_POINT_free                 4403	EXIST::FUNCTION:
+ESS_ISSUER_SERIAL_new                   4404	EXIST::FUNCTION:
+CMS_add1_crl                            4405	EXIST::FUNCTION:CMS
+PKCS7_add1_attrib_digest                4406	EXIST::FUNCTION:
+TS_RESP_CTX_add_md                      4407	EXIST::FUNCTION:
+TS_TST_INFO_dup                         4408	EXIST::FUNCTION:
+ENGINE_set_pkey_asn1_meths              4409	EXIST::FUNCTION:ENGINE
+PEM_write_bio_Parameters                4410	EXIST::FUNCTION:
+TS_TST_INFO_get_accuracy                4411	EXIST::FUNCTION:
+X509_CRL_get0_by_serial                 4412	EXIST::FUNCTION:
+TS_TST_INFO_set_version                 4413	EXIST::FUNCTION:
+TS_RESP_CTX_get_tst_info                4414	EXIST::FUNCTION:
+TS_RESP_verify_signature                4415	EXIST::FUNCTION:
+CRYPTO_THREADID_get_callback            4416	EXIST::FUNCTION:
+TS_TST_INFO_get_tsa                     4417	EXIST::FUNCTION:
+TS_STATUS_INFO_new                      4418	EXIST::FUNCTION:
+EVP_PKEY_CTX_get_cb                     4419	EXIST::FUNCTION:
+TS_REQ_get_ext_d2i                      4420	EXIST::FUNCTION:
+GENERAL_NAME_set0_othername             4421	EXIST::FUNCTION:
+TS_TST_INFO_get_ext_count               4422	EXIST::FUNCTION:
+TS_RESP_CTX_get_request                 4423	EXIST::FUNCTION:
+i2d_NETSCAPE_X509                       4424	EXIST::FUNCTION:
+ENGINE_get_pkey_meth_engine             4425	EXIST::FUNCTION:ENGINE
+EVP_PKEY_meth_set_signctx               4426	EXIST::FUNCTION:
+EVP_PKEY_asn1_copy                      4427	EXIST::FUNCTION:
+ASN1_TYPE_cmp                           4428	EXIST::FUNCTION:
+EVP_CIPHER_do_all_sorted                4429	EXIST::FUNCTION:
+EVP_PKEY_CTX_free                       4430	EXIST::FUNCTION:
+ISSUING_DIST_POINT_it                   4431	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ISSUING_DIST_POINT_it                   4431	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+d2i_TS_MSG_IMPRINT_fp                   4432	EXIST::FUNCTION:
+X509_STORE_get1_certs                   4433	EXIST::FUNCTION:
+EVP_PKEY_CTX_get_operation              4434	EXIST::FUNCTION:
+d2i_ESS_SIGNING_CERT                    4435	EXIST::FUNCTION:
+TS_CONF_set_ordering                    4436	EXIST::FUNCTION:
+EVP_PBE_alg_add_type                    4437	EXIST::FUNCTION:
+TS_REQ_set_version                      4438	EXIST::FUNCTION:
+EVP_PKEY_get0                           4439	EXIST::FUNCTION:
+BIO_asn1_set_suffix                     4440	EXIST::FUNCTION:
+i2d_TS_STATUS_INFO                      4441	EXIST::FUNCTION:
+EVP_MD_do_all                           4442	EXIST::FUNCTION:
+TS_TST_INFO_set_accuracy                4443	EXIST::FUNCTION:
+PKCS7_add_attrib_content_type           4444	EXIST::FUNCTION:
+ERR_remove_thread_state                 4445	EXIST::FUNCTION:
+EVP_PKEY_meth_add0                      4446	EXIST::FUNCTION:
+TS_TST_INFO_set_tsa                     4447	EXIST::FUNCTION:
+EVP_PKEY_meth_new                       4448	EXIST::FUNCTION:
+WHIRLPOOL_Update                        4449	EXIST::FUNCTION:WHIRLPOOL
+TS_CONF_set_accuracy                    4450	EXIST::FUNCTION:
+ASN1_PCTX_set_oid_flags                 4451	EXIST::FUNCTION:
+ESS_SIGNING_CERT_dup                    4452	EXIST::FUNCTION:
+d2i_TS_REQ_bio                          4453	EXIST::FUNCTION:
+X509_time_adj_ex                        4454	EXIST::FUNCTION:
+TS_RESP_CTX_add_flags                   4455	EXIST::FUNCTION:
+d2i_TS_STATUS_INFO                      4456	EXIST::FUNCTION:
+TS_MSG_IMPRINT_set_msg                  4457	EXIST::FUNCTION:
+BIO_asn1_get_suffix                     4458	EXIST::FUNCTION:
+TS_REQ_free                             4459	EXIST::FUNCTION:
+EVP_PKEY_meth_free                      4460	EXIST::FUNCTION:
+TS_REQ_get_exts                         4461	EXIST::FUNCTION:
+TS_RESP_CTX_set_clock_precision_digits  4462	EXIST:!VMS:FUNCTION:
+TS_RESP_CTX_set_clk_prec_digits         4462	EXIST:VMS:FUNCTION:
+TS_RESP_CTX_add_failure_info            4463	EXIST::FUNCTION:
+i2d_TS_RESP_bio                         4464	EXIST::FUNCTION:
+EVP_PKEY_CTX_get0_peerkey               4465	EXIST::FUNCTION:
+PEM_write_bio_CMS_stream                4466	EXIST::FUNCTION:CMS
+TS_REQ_new                              4467	EXIST::FUNCTION:
+TS_MSG_IMPRINT_new                      4468	EXIST::FUNCTION:
+EVP_PKEY_meth_find                      4469	EXIST::FUNCTION:
+EVP_PKEY_id                             4470	EXIST::FUNCTION:
+TS_TST_INFO_set_serial                  4471	EXIST::FUNCTION:
+a2i_GENERAL_NAME                        4472	EXIST::FUNCTION:
+TS_CONF_set_crypto_device               4473	EXIST::FUNCTION:
+EVP_PKEY_verify_init                    4474	EXIST::FUNCTION:
+TS_CONF_set_policies                    4475	EXIST::FUNCTION:
+ASN1_PCTX_new                           4476	EXIST::FUNCTION:
+ESS_CERT_ID_free                        4477	EXIST::FUNCTION:
+ENGINE_unregister_pkey_meths            4478	EXIST::FUNCTION:ENGINE
+TS_MSG_IMPRINT_free                     4479	EXIST::FUNCTION:
+TS_VERIFY_CTX_init                      4480	EXIST::FUNCTION:
+PKCS7_stream                            4481	EXIST::FUNCTION:
+TS_RESP_CTX_set_certs                   4482	EXIST::FUNCTION:
+TS_CONF_set_def_policy                  4483	EXIST::FUNCTION:
+ASN1_GENERALIZEDTIME_adj                4484	EXIST::FUNCTION:
+NETSCAPE_X509_new                       4485	EXIST::FUNCTION:
+TS_ACCURACY_free                        4486	EXIST::FUNCTION:
+TS_RESP_get_tst_info                    4487	EXIST::FUNCTION:
+EVP_PKEY_derive_set_peer                4488	EXIST::FUNCTION:
+PEM_read_bio_Parameters                 4489	EXIST::FUNCTION:
+TS_CONF_set_clock_precision_digits      4490	EXIST:!VMS:FUNCTION:
+TS_CONF_set_clk_prec_digits             4490	EXIST:VMS:FUNCTION:
+ESS_ISSUER_SERIAL_dup                   4491	EXIST::FUNCTION:
+TS_ACCURACY_get_micros                  4492	EXIST::FUNCTION:
+ASN1_PCTX_get_str_flags                 4493	EXIST::FUNCTION:
+NAME_CONSTRAINTS_check                  4494	EXIST::FUNCTION:
+ASN1_BIT_STRING_check                   4495	EXIST::FUNCTION:
+X509_check_akid                         4496	EXIST::FUNCTION:
+ENGINE_unregister_pkey_asn1_meths       4497	EXIST:!VMS:FUNCTION:ENGINE
+ENGINE_unreg_pkey_asn1_meths            4497	EXIST:VMS:FUNCTION:ENGINE
+ASN1_PCTX_free                          4498	EXIST::FUNCTION:
+PEM_write_bio_ASN1_stream               4499	EXIST::FUNCTION:
+i2d_ASN1_bio_stream                     4500	EXIST::FUNCTION:
+TS_X509_ALGOR_print_bio                 4501	EXIST::FUNCTION:
+EVP_PKEY_meth_set_cleanup               4502	EXIST::FUNCTION:
+EVP_PKEY_asn1_free                      4503	EXIST::FUNCTION:
+ESS_SIGNING_CERT_free                   4504	EXIST::FUNCTION:
+TS_TST_INFO_set_msg_imprint             4505	EXIST::FUNCTION:
+GENERAL_NAME_cmp                        4506	EXIST::FUNCTION:
+d2i_ASN1_SET_ANY                        4507	EXIST::FUNCTION:
+ENGINE_set_pkey_meths                   4508	EXIST::FUNCTION:ENGINE
+i2d_TS_REQ_fp                           4509	EXIST::FUNCTION:
+d2i_ASN1_SEQUENCE_ANY                   4510	EXIST::FUNCTION:
+GENERAL_NAME_get0_otherName             4511	EXIST::FUNCTION:
+d2i_ESS_CERT_ID                         4512	EXIST::FUNCTION:
+OBJ_find_sigid_algs                     4513	EXIST::FUNCTION:
+EVP_PKEY_meth_set_keygen                4514	EXIST::FUNCTION:
+PKCS5_PBKDF2_HMAC                       4515	EXIST::FUNCTION:
+EVP_PKEY_paramgen                       4516	EXIST::FUNCTION:
+EVP_PKEY_meth_set_paramgen              4517	EXIST::FUNCTION:
+BIO_new_PKCS7                           4518	EXIST::FUNCTION:
+EVP_PKEY_verify_recover                 4519	EXIST::FUNCTION:
+TS_ext_print_bio                        4520	EXIST::FUNCTION:
+TS_ASN1_INTEGER_print_bio               4521	EXIST::FUNCTION:
+check_defer                             4522	EXIST::FUNCTION:
+DSO_pathbyaddr                          4523	EXIST::FUNCTION:
+EVP_PKEY_set_type                       4524	EXIST::FUNCTION:
+TS_ACCURACY_set_micros                  4525	EXIST::FUNCTION:
+TS_REQ_to_TS_VERIFY_CTX                 4526	EXIST::FUNCTION:
+EVP_PKEY_meth_set_copy                  4527	EXIST::FUNCTION:
+ASN1_PCTX_set_cert_flags                4528	EXIST::FUNCTION:
+TS_TST_INFO_get_ext                     4529	EXIST::FUNCTION:
+EVP_PKEY_asn1_set_ctrl                  4530	EXIST::FUNCTION:
+TS_TST_INFO_get_ext_by_critical         4531	EXIST::FUNCTION:
+EVP_PKEY_CTX_new_id                     4532	EXIST::FUNCTION:
+TS_REQ_get_ext_by_OBJ                   4533	EXIST::FUNCTION:
+TS_CONF_set_signer_cert                 4534	EXIST::FUNCTION:
+X509_NAME_hash_old                      4535	EXIST::FUNCTION:
+ASN1_TIME_set_string                    4536	EXIST::FUNCTION:
+EVP_MD_flags                            4537	EXIST::FUNCTION:
+TS_RESP_CTX_free                        4538	EXIST::FUNCTION:
+DSAparams_dup                           4539	EXIST::FUNCTION:DSA
+DHparams_dup                            4540	EXIST::FUNCTION:DH
+OCSP_REQ_CTX_add1_header                4541	EXIST::FUNCTION:
+OCSP_REQ_CTX_set1_req                   4542	EXIST::FUNCTION:
+X509_STORE_set_verify_cb                4543	EXIST::FUNCTION:
+X509_STORE_CTX_get0_current_crl         4544	EXIST::FUNCTION:
+X509_STORE_CTX_get0_parent_ctx          4545	EXIST::FUNCTION:
+X509_STORE_CTX_get0_current_issuer      4546	EXIST:!VMS:FUNCTION:
+X509_STORE_CTX_get0_cur_issuer          4546	EXIST:VMS:FUNCTION:
+X509_issuer_name_hash_old               4547	EXIST::FUNCTION:MD5
+X509_subject_name_hash_old              4548	EXIST::FUNCTION:MD5
+PKCS5_pbkdf2_set                        4549	EXIST::FUNCTION:
+ENGINE_load_aesni                       4550	EXIST::FUNCTION:ENGINE
+CMS_add0_recipient_password             4551	EXIST::FUNCTION:CMS
+CMS_decrypt_set1_password               4552	EXIST::FUNCTION:CMS
+CMS_RecipientInfo_set0_password         4553	EXIST::FUNCTION:CMS
diff --git a/util/mk1mf.pl b/util/mk1mf.pl
index 15813461f0..280e9de1ad 100755
--- a/util/mk1mf.pl
+++ b/util/mk1mf.pl
@@ -6,45 +6,83 @@
 #
 
 $INSTALLTOP="/usr/local/ssl";
+$OPENSSLDIR="/usr/local/ssl";
 $OPTIONS="";
 $ssl_version="";
 $banner="\t\@echo Building OpenSSL";
 
-open(IN,"<Makefile.ssl") || die "unable to open Makefile.ssl!\n";
+my $no_static_engine = 1;
+my $engines = "";
+local $zlib_opt = 0;	# 0 = no zlib, 1 = static, 2 = dynamic
+local $zlib_lib = "";
+local $perl_asm = 0;	# 1 to autobuild asm files from perl scripts
+
+# Options to import from top level Makefile
+
+my %mf_import = (
+	VERSION	       => \$ssl_version,
+	OPTIONS        => \$OPTIONS,
+	INSTALLTOP     => \$INSTALLTOP,
+	OPENSSLDIR     => \$OPENSSLDIR,
+	PLATFORM       => \$mf_platform,
+	CFLAG	       => \$mf_cflag,
+	DEPFLAG	       => \$mf_depflag,
+	CPUID_OBJ      => \$mf_cpuid_asm,
+	BN_ASM	       => \$mf_bn_asm,
+	DES_ENC	       => \$mf_des_asm,
+	AES_ENC        => \$mf_aes_asm,
+	BF_ENC	       => \$mf_bf_asm,
+	CAST_ENC       => \$mf_cast_asm,
+	RC4_ENC	       => \$mf_rc4_asm,
+	RC5_ENC        => \$mf_rc5_asm,
+	MD5_ASM_OBJ    => \$mf_md5_asm,
+	SHA1_ASM_OBJ   => \$mf_sha_asm,
+	RMD160_ASM_OBJ => \$mf_rmd_asm,
+	WP_ASM_OBJ     => \$mf_wp_asm,
+	CMLL_ENC       => \$mf_cm_asm
+);
+
+
+open(IN,"<Makefile") || die "unable to open Makefile!\n";
 while(<IN>) {
-    $ssl_version=$1 if (/^VERSION=(.*)$/);
-    $OPTIONS=$1 if (/^OPTIONS=(.*)$/);
-    $INSTALLTOP=$1 if (/^INSTALLTOP=(.*$)/);
+    my ($mf_opt, $mf_ref);
+    while (($mf_opt, $mf_ref) = each %mf_import) {
+    	if (/^$mf_opt\s*=\s*(.*)$/) {
+	   $$mf_ref = $1;
+	}
+    }
 }
 close(IN);
 
-die "Makefile.ssl is not the toplevel Makefile!\n" if $ssl_version eq "";
+$debug = 1 if $mf_platform =~ /^debug-/;
+
+die "Makefile is not the toplevel Makefile!\n" if $ssl_version eq "";
 
 $infile="MINFO";
 
 %ops=(
 	"VC-WIN32",   "Microsoft Visual C++ [4-6] - Windows NT or 9X",
+	"VC-WIN64I",  "Microsoft C/C++ - Win64/IA-64",
+	"VC-WIN64A",  "Microsoft C/C++ - Win64/x64",
 	"VC-CE",   "Microsoft eMbedded Visual C++ 3.0 - Windows CE ONLY",
 	"VC-NT",   "Microsoft Visual C++ [4-6] - Windows NT ONLY",
-	"VC-W31-16",  "Microsoft Visual C++ 1.52 - Windows 3.1 - 286",
-	"VC-WIN16",   "Alias for VC-W31-32",
-	"VC-W31-32",  "Microsoft Visual C++ 1.52 - Windows 3.1 - 386+",
-	"VC-MSDOS","Microsoft Visual C++ 1.52 - MSDOS",
 	"Mingw32", "GNU C++ - Windows NT or 9x",
 	"Mingw32-files", "Create files with DOS copy ...",
 	"BC-NT",   "Borland C++ 4.5 - Windows NT",
-	"BC-W31",  "Borland C++ 4.5 - Windows 3.1 - PROBABLY NOT WORKING",
-	"BC-MSDOS","Borland C++ 4.5 - MSDOS",
 	"linux-elf","Linux elf",
 	"ultrix-mips","DEC mips ultrix",
 	"FreeBSD","FreeBSD distribution",
 	"OS2-EMX", "EMX GCC OS/2",
-	"netware-clib", "CodeWarrior for NetWare - CLib",
-	"netware-libc", "CodeWarrior for NetWare - LibC",
+	"netware-clib", "CodeWarrior for NetWare - CLib - with WinSock Sockets",
+	"netware-clib-bsdsock", "CodeWarrior for NetWare - CLib - with BSD Sockets",
+	"netware-libc", "CodeWarrior for NetWare - LibC - with WinSock Sockets",
+	"netware-libc-bsdsock", "CodeWarrior for NetWare - LibC - with BSD Sockets",
 	"default","cc under unix",
+	"auto", "auto detect from top level Makefile"
 	);
 
 $platform="";
+my $xcflags="";
 foreach (@ARGV)
 	{
 	if (!&read_options && !defined($ops{$_}))
@@ -59,7 +97,7 @@ and [options] can be one of
 	no-md2 no-md4 no-md5 no-sha no-mdc2	- Skip this digest
 	no-ripemd
 	no-rc2 no-rc4 no-rc5 no-idea no-des     - Skip this symetric cipher
-	no-bf no-cast no-aes
+	no-bf no-cast no-aes no-camellia no-seed
 	no-rsa no-dsa no-dh			- Skip this public key cipher
 	no-ssl2 no-ssl3				- Skip this version of SSL
 	just-ssl				- remove all non-ssl keys/digest
@@ -72,7 +110,7 @@ and [options] can be one of
 	no-hw					- No hw
 	nasm 					- Use NASM for x86 asm
 	nw-nasm					- Use NASM x86 asm for NetWare
-	nw-mwasm					- Use Metrowerks x86 asm for NetWare
+	nw-mwasm				- Use Metrowerks x86 asm for NetWare
 	gaswin					- Use GNU as with Mingw32
 	no-socks				- No socket code
 	no-err					- No error strings
@@ -97,6 +135,8 @@ foreach (grep(!/^$/, split(/ /, $OPTIONS)))
 	print STDERR "unknown option - $_\n" if !&read_options;
 	}
 
+$no_static_engine = 0 if (!$shlib);
+
 $no_mdc2=1 if ($no_des);
 
 $no_ssl3=1 if ($no_md5 || $no_sha);
@@ -109,7 +149,8 @@ $out_def="out";
 $inc_def="outinc";
 $tmp_def="tmp";
 
-$mkdir="-mkdir";
+$perl="perl" unless defined $perl;
+$mkdir="-mkdir" unless defined $mkdir;
 
 ($ssl,$crypto)=("ssl","crypto");
 $ranlib="echo ranlib";
@@ -120,36 +161,22 @@ $bin_dir=(defined($VARS{'BIN'}))?$VARS{'BIN'}:'';
 
 # $bin_dir.=$o causes a core dump on my sparc :-(
 
+
 $NT=0;
 
 push(@INC,"util/pl","pl");
-if ($platform eq "VC-MSDOS")
-	{
-	$asmbits=16;
-	$msdos=1;
-	require 'VC-16.pl';
-	}
-elsif ($platform eq "VC-W31-16")
-	{
-	$asmbits=16;
-	$msdos=1; $win16=1;
-	require 'VC-16.pl';
-	}
-elsif (($platform eq "VC-W31-32") || ($platform eq "VC-WIN16"))
-	{
-	$asmbits=32;
-	$msdos=1; $win16=1;
-	require 'VC-16.pl';
-	}
-elsif (($platform eq "VC-WIN32") || ($platform eq "VC-NT"))
+
+if ($platform eq "auto") {
+	$platform = $mf_platform;
+	print STDERR "Imported platform $mf_platform\n";
+}
+
+if (($platform =~ /VC-(.+)/))
 	{
-	$NT = 1 if $platform eq "VC-NT";
+	$FLAVOR=$1;
+	$NT = 1 if $1 eq "NT";
 	require 'VC-32.pl';
 	}
-elsif ($platform eq "VC-CE")
-	{
-	require 'VC-CE.pl';
-	}
 elsif ($platform eq "Mingw32")
 	{
 	require 'Mingw32.pl';
@@ -163,23 +190,6 @@ elsif ($platform eq "BC-NT")
 	$bc=1;
 	require 'BC-32.pl';
 	}
-elsif ($platform eq "BC-W31")
-	{
-	$bc=1;
-	$msdos=1; $w16=1;
-	require 'BC-16.pl';
-	}
-elsif ($platform eq "BC-Q16")
-	{
-	$msdos=1; $w16=1; $shlib=0; $qw=1;
-	require 'BC-16.pl';
-	}
-elsif ($platform eq "BC-MSDOS")
-	{
-	$asmbits=16;
-	$msdos=1;
-	require 'BC-16.pl';
-	}
 elsif ($platform eq "FreeBSD")
 	{
 	require 'unix.pl';
@@ -202,9 +212,11 @@ elsif ($platform eq "OS2-EMX")
 	$wc=1;
 	require 'OS2-EMX.pl';
 	}
-elsif (($platform eq "netware-clib") || ($platform eq "netware-libc"))
+elsif (($platform eq "netware-clib") || ($platform eq "netware-libc") ||
+       ($platform eq "netware-clib-bsdsock") || ($platform eq "netware-libc-bsdsock"))
 	{
-   $LIBC=1 if $platform eq "netware-libc";
+	$LIBC=1 if $platform eq "netware-libc" || $platform eq "netware-libc-bsdsock";
+	$BSDSOCK=1 if ($platform eq "netware-libc-bsdsock") || ($platform eq "netware-clib-bsdsock");
 	require 'netware.pl';
 	}
 else
@@ -221,8 +233,12 @@ $inc_dir=(defined($VARS{'INC'}))?$VARS{'INC'}:$inc_def;
 
 $bin_dir=$bin_dir.$o unless ((substr($bin_dir,-1,1) eq $o) || ($bin_dir eq ''));
 
+$cflags= "$xcflags$cflags" if $xcflags ne "";
+
 $cflags.=" -DOPENSSL_NO_IDEA" if $no_idea;
 $cflags.=" -DOPENSSL_NO_AES"  if $no_aes;
+$cflags.=" -DOPENSSL_NO_CAMELLIA"  if $no_camellia;
+$cflags.=" -DOPENSSL_NO_SEED" if $no_seed;
 $cflags.=" -DOPENSSL_NO_RC2"  if $no_rc2;
 $cflags.=" -DOPENSSL_NO_RC4"  if $no_rc4;
 $cflags.=" -DOPENSSL_NO_RC5"  if $no_rc5;
@@ -239,9 +255,12 @@ $cflags.=" -DOPENSSL_NO_DES"  if $no_des;
 $cflags.=" -DOPENSSL_NO_RSA"  if $no_rsa;
 $cflags.=" -DOPENSSL_NO_DSA"  if $no_dsa;
 $cflags.=" -DOPENSSL_NO_DH"   if $no_dh;
+$cflags.=" -DOPENSSL_NO_WHIRLPOOL"   if $no_whirlpool;
 $cflags.=" -DOPENSSL_NO_SOCK" if $no_sock;
 $cflags.=" -DOPENSSL_NO_SSL2" if $no_ssl2;
 $cflags.=" -DOPENSSL_NO_SSL3" if $no_ssl3;
+$cflags.=" -DOPENSSL_NO_TLSEXT" if $no_tlsext;
+$cflags.=" -DOPENSSL_NO_CMS" if $no_cms;
 $cflags.=" -DOPENSSL_NO_ERR"  if $no_err;
 $cflags.=" -DOPENSSL_NO_KRB5" if $no_krb5;
 $cflags.=" -DOPENSSL_NO_EC"   if $no_ec;
@@ -249,6 +268,19 @@ $cflags.=" -DOPENSSL_NO_ECDSA" if $no_ecdsa;
 $cflags.=" -DOPENSSL_NO_ECDH" if $no_ecdh;
 $cflags.=" -DOPENSSL_NO_ENGINE"   if $no_engine;
 $cflags.=" -DOPENSSL_NO_HW"   if $no_hw;
+$cflags.=" -DOPENSSL_NO_JPAKE"    if $no_jpake;
+$cflags.= " -DZLIB" if $zlib_opt;
+$cflags.= " -DZLIB_SHARED" if $zlib_opt == 2;
+
+if ($no_static_engine)
+	{
+	$cflags .= " -DOPENSSL_NO_STATIC_ENGINE";
+	}
+else
+	{
+	$cflags .= " -DOPENSSL_NO_DYNAMIC_ENGINE";
+	}
+
 #$cflags.=" -DRSAref"  if $rsaref ne "";
 
 ## if ($unix)
@@ -258,6 +290,7 @@ $cflags.=" -DOPENSSL_NO_HW"   if $no_hw;
 
 $ex_libs="$l_flags$ex_libs" if ($l_flags ne "");
 
+
 %shlib_ex_cflags=("SSL" => " -DOPENSSL_BUILD_SHLIBSSL",
 		  "CRYPTO" => " -DOPENSSL_BUILD_SHLIBCRYPTO");
 
@@ -273,6 +306,97 @@ if ($msdos)
 $link="$bin_dir$link" if ($link !~ /^\$/);
 
 $INSTALLTOP =~ s|/|$o|g;
+$OPENSSLDIR =~ s|/|$o|g;
+
+#############################################
+# We parse in input file and 'store' info for later printing.
+open(IN,"<$infile") || die "unable to open $infile:$!\n";
+$_=<IN>;
+for (;;)
+	{
+	chop;
+
+	($key,$val)=/^([^=]+)=(.*)/;
+	if ($key eq "RELATIVE_DIRECTORY")
+		{
+		if ($lib ne "")
+			{
+			$uc=$lib;
+			$uc =~ s/^lib(.*)\.a/$1/;
+			$uc =~ tr/a-z/A-Z/;
+			$lib_nam{$uc}=$uc;
+			$lib_obj{$uc}.=$libobj." ";
+			}
+		last if ($val eq "FINISHED");
+		$lib="";
+		$libobj="";
+		$dir=$val;
+		}
+
+	if ($key eq "KRB5_INCLUDES")
+		{ $cflags .= " $val";}
+
+	if ($key eq "ZLIB_INCLUDE")
+		{ $cflags .= " $val" if $val ne "";}
+
+	if ($key eq "LIBZLIB")
+		{ $zlib_lib = "$val" if $val ne "";}
+
+	if ($key eq "LIBKRB5")
+		{ $ex_libs .= " $val" if $val ne "";}
+
+	if ($key eq "TEST")
+		{ $test.=&var_add($dir,$val, 0); }
+
+	if (($key eq "PROGS") || ($key eq "E_OBJ"))
+		{ $e_exe.=&var_add($dir,$val, 0); }
+
+	if ($key eq "LIB")
+		{
+		$lib=$val;
+		$lib =~ s/^.*\/([^\/]+)$/$1/;
+		}
+
+	if ($key eq "EXHEADER")
+		{ $exheader.=&var_add($dir,$val, 1); }
+
+	if ($key eq "HEADER")
+		{ $header.=&var_add($dir,$val, 1); }
+
+	if ($key eq "LIBOBJ" && ($dir ne "engines" || !$no_static_engine))
+		{ $libobj=&var_add($dir,$val, 0); }
+	if ($key eq "LIBNAMES" && $dir eq "engines" && $no_static_engine)
+ 		{ $engines.=$val }
+
+	if (!($_=<IN>))
+		{ $_="RELATIVE_DIRECTORY=FINISHED\n"; }
+	}
+close(IN);
+
+if ($shlib)
+	{
+	$extra_install= <<"EOF";
+	\$(CP) \"\$(O_SSL)\" \"\$(INSTALLTOP)${o}bin\"
+	\$(CP) \"\$(O_CRYPTO)\" \"\$(INSTALLTOP)${o}bin\"
+	\$(CP) \"\$(L_SSL)\" \"\$(INSTALLTOP)${o}lib\"
+	\$(CP) \"\$(L_CRYPTO)\" \"\$(INSTALLTOP)${o}lib\"
+EOF
+	if ($no_static_engine)
+		{
+		$extra_install .= <<"EOF"
+	\$(MKDIR) \"\$(INSTALLTOP)${o}lib${o}engines\"
+	\$(CP) \"\$(E_SHLIB)\" \"\$(INSTALLTOP)${o}lib${o}engines\"
+EOF
+		}
+	}
+else
+	{
+	$extra_install= <<"EOF";
+	\$(CP) \"\$(O_SSL)\" \"\$(INSTALLTOP)${o}lib\"
+	\$(CP) \"\$(O_CRYPTO)\" \"\$(INSTALLTOP)${o}lib\"
+EOF
+	$ex_libs .= " $zlib_lib" if $zlib_opt == 1;
+	}
 
 $defs= <<"EOF";
 # This makefile has been automatically generated from the OpenSSL distribution.
@@ -292,16 +416,9 @@ EOF
 
 $defs .= $preamble if defined $preamble;
 
-if ($platform eq "VC-CE")
-	{
-	$defs.= <<"EOF";
-!INCLUDE <\$(WCECOMPAT)/wcedefs.mak>
-
-EOF
-	}
-
 $defs.= <<"EOF";
 INSTALLTOP=$INSTALLTOP
+OPENSSLDIR=$OPENSSLDIR
 
 # Set your compiler options
 PLATFORM=$platform
@@ -323,27 +440,6 @@ LINK=$link
 LFLAGS=$lflags
 RSC=$rsc
 
-BN_ASM_OBJ=$bn_asm_obj
-BN_ASM_SRC=$bn_asm_src
-BNCO_ASM_OBJ=$bnco_asm_obj
-BNCO_ASM_SRC=$bnco_asm_src
-DES_ENC_OBJ=$des_enc_obj
-DES_ENC_SRC=$des_enc_src
-BF_ENC_OBJ=$bf_enc_obj
-BF_ENC_SRC=$bf_enc_src
-CAST_ENC_OBJ=$cast_enc_obj
-CAST_ENC_SRC=$cast_enc_src
-RC4_ENC_OBJ=$rc4_enc_obj
-RC4_ENC_SRC=$rc4_enc_src
-RC5_ENC_OBJ=$rc5_enc_obj
-RC5_ENC_SRC=$rc5_enc_src
-MD5_ASM_OBJ=$md5_asm_obj
-MD5_ASM_SRC=$md5_asm_src
-SHA1_ASM_OBJ=$sha1_asm_obj
-SHA1_ASM_SRC=$sha1_asm_src
-RMD160_ASM_OBJ=$rmd160_asm_obj
-RMD160_ASM_SRC=$rmd160_asm_src
-
 # The output directory for everything intersting
 OUT_D=$out_dir
 # The output directory for all the temporary muck
@@ -352,6 +448,7 @@ TMP_D=$tmp_dir
 INC_D=$inc_dir
 INCO_D=$inc_dir${o}openssl
 
+PERL=$perl
 CP=$cp
 RM=$rm
 RANLIB=$ranlib
@@ -371,12 +468,14 @@ CRYPTO=$crypto
 # BIN_D  - Binary output directory
 # TEST_D - Binary test file output directory
 # LIB_D  - library output directory
+# ENG_D  - dynamic engine output directory
 # Note: if you change these point to different directories then uncomment out
 # the lines around the 'NB' comment below.
 # 
 BIN_D=\$(OUT_D)
 TEST_D=\$(OUT_D)
 LIB_D=\$(OUT_D)
+ENG_D=\$(OUT_D)
 
 # INCL_D - local library directory
 # OBJ_D  - temp object file directory
@@ -412,7 +511,7 @@ banner:
 $banner
 
 \$(TMP_D):
-	\$(MKDIR) \$(TMP_D)
+	\$(MKDIR) \"\$(TMP_D)\"
 # NB: uncomment out these lines if BIN_D, TEST_D and LIB_D are different
 #\$(BIN_D):
 #	\$(MKDIR) \$(BIN_D)
@@ -421,31 +520,37 @@ $banner
 #	\$(MKDIR) \$(TEST_D)
 
 \$(LIB_D):
-	\$(MKDIR) \$(LIB_D)
+	\$(MKDIR) \"\$(LIB_D)\"
 
 \$(INCO_D): \$(INC_D)
-	\$(MKDIR) \$(INCO_D)
+	\$(MKDIR) \"\$(INCO_D)\"
 
 \$(INC_D):
-	\$(MKDIR) \$(INC_D)
+	\$(MKDIR) \"\$(INC_D)\"
 
 headers: \$(HEADER) \$(EXHEADER)
 	@
 
-lib: \$(LIBS_DEP)
+lib: \$(LIBS_DEP) \$(E_SHLIB)
 
 exe: \$(T_EXE) \$(BIN_D)$o\$(E_EXE)$exep
 
-install:
-	\$(MKDIR) \$(INSTALLTOP)
-	\$(MKDIR) \$(INSTALLTOP)${o}bin
-	\$(MKDIR) \$(INSTALLTOP)${o}include
-	\$(MKDIR) \$(INSTALLTOP)${o}include${o}openssl
-	\$(MKDIR) \$(INSTALLTOP)${o}lib
-	\$(CP) \$(INCO_D)${o}*.\[ch\] \$(INSTALLTOP)${o}include${o}openssl
-	\$(CP) \$(BIN_D)$o\$(E_EXE)$exep \$(INSTALLTOP)${o}bin
-	\$(CP) \$(O_SSL) \$(INSTALLTOP)${o}lib
-	\$(CP) \$(O_CRYPTO) \$(INSTALLTOP)${o}lib
+install: all
+	\$(MKDIR) \"\$(INSTALLTOP)\"
+	\$(MKDIR) \"\$(INSTALLTOP)${o}bin\"
+	\$(MKDIR) \"\$(INSTALLTOP)${o}include\"
+	\$(MKDIR) \"\$(INSTALLTOP)${o}include${o}openssl\"
+	\$(MKDIR) \"\$(INSTALLTOP)${o}lib\"
+	\$(CP) \"\$(INCO_D)${o}*.\[ch\]\" \"\$(INSTALLTOP)${o}include${o}openssl\"
+	\$(CP) \"\$(BIN_D)$o\$(E_EXE)$exep \$(INSTALLTOP)${o}bin\"
+	\$(MKDIR) \"\$(OPENSSLDIR)\"
+	\$(CP) apps${o}openssl.cnf \"\$(OPENSSLDIR)\"
+$extra_install
+
+
+test: \$(T_EXE)
+	cd \$(BIN_D)
+	..${o}ms${o}test
 
 clean:
 	\$(RM) \$(TMP_D)$o*.*
@@ -492,57 +597,6 @@ printf OUT "  #define DATE \"%s\"\n", scalar gmtime();
 printf OUT "#endif\n";
 close(OUT);
 
-#############################################
-# We parse in input file and 'store' info for later printing.
-open(IN,"<$infile") || die "unable to open $infile:$!\n";
-$_=<IN>;
-for (;;)
-	{
-	chop;
-
-	($key,$val)=/^([^=]+)=(.*)/;
-	if ($key eq "RELATIVE_DIRECTORY")
-		{
-		if ($lib ne "")
-			{
-			$uc=$lib;
-			$uc =~ s/^lib(.*)\.a/$1/;
-			$uc =~ tr/a-z/A-Z/;
-			$lib_nam{$uc}=$uc;
-			$lib_obj{$uc}.=$libobj." ";
-			}
-		last if ($val eq "FINISHED");
-		$lib="";
-		$libobj="";
-		$dir=$val;
-		}
-
-	if ($key eq "TEST")
-		{ $test.=&var_add($dir,$val); }
-
-	if (($key eq "PROGS") || ($key eq "E_OBJ"))
-		{ $e_exe.=&var_add($dir,$val); }
-
-	if ($key eq "LIB")
-		{
-		$lib=$val;
-		$lib =~ s/^.*\/([^\/]+)$/$1/;
-		}
-
-	if ($key eq "EXHEADER")
-		{ $exheader.=&var_add($dir,$val); }
-
-	if ($key eq "HEADER")
-		{ $header.=&var_add($dir,$val); }
-
-	if ($key eq "LIBOBJ")
-		{ $libobj=&var_add($dir,$val); }
-
-	if (!($_=<IN>))
-		{ $_="RELATIVE_DIRECTORY=FINISHED\n"; }
-	}
-close(IN);
-
 # Strip of trailing ' '
 foreach (keys %lib_obj) { $lib_obj{$_}=&clean_up_ws($lib_obj{$_}); }
 $test=&clean_up_ws($test);
@@ -555,11 +609,11 @@ foreach (split(/\s+/,$exheader)){ $h{$_}=1; }
 foreach (split(/\s+/,$header))	{ $h.=$_." " unless $h{$_}; }
 chop($h); $header=$h;
 
-$defs.=&do_defs("HEADER",$header,"\$(INCL_D)",".h");
-$rules.=&do_copy_rule("\$(INCL_D)",$header,".h");
+$defs.=&do_defs("HEADER",$header,"\$(INCL_D)","");
+$rules.=&do_copy_rule("\$(INCL_D)",$header,"");
 
-$defs.=&do_defs("EXHEADER",$exheader,"\$(INCO_D)",".h");
-$rules.=&do_copy_rule("\$(INCO_D)",$exheader,".h");
+$defs.=&do_defs("EXHEADER",$exheader,"\$(INCO_D)","");
+$rules.=&do_copy_rule("\$(INCO_D)",$exheader,"");
 
 $defs.=&do_defs("T_OBJ",$test,"\$(OBJ_D)",$obj);
 $rules.=&do_compile_rule("\$(OBJ_D)",$test,"\$(APP_CFLAGS)");
@@ -578,64 +632,14 @@ foreach (values %lib_nam)
 		next;
 		}
 
-	if (($bn_asm_obj ne "") && ($_ eq "CRYPTO"))
-		{
-		$lib_obj =~ s/\s\S*\/bn_asm\S*/ \$(BN_ASM_OBJ)/;
-		$rules.=&do_asm_rule($bn_asm_obj,$bn_asm_src);
-		}
-	if (($bnco_asm_obj ne "") && ($_ eq "CRYPTO"))
-		{
-		$lib_obj .= "\$(BNCO_ASM_OBJ)";
-		$rules.=&do_asm_rule($bnco_asm_obj,$bnco_asm_src);
-		}
-	if (($des_enc_obj ne "") && ($_ eq "CRYPTO"))
-		{
-		$lib_obj =~ s/\s\S*des_enc\S*/ \$(DES_ENC_OBJ)/;
-		$lib_obj =~ s/\s\S*\/fcrypt_b\S*\s*/ /;
-		$rules.=&do_asm_rule($des_enc_obj,$des_enc_src);
-		}
-	if (($bf_enc_obj ne "") && ($_ eq "CRYPTO"))
-		{
-		$lib_obj =~ s/\s\S*\/bf_enc\S*/ \$(BF_ENC_OBJ)/;
-		$rules.=&do_asm_rule($bf_enc_obj,$bf_enc_src);
-		}
-	if (($cast_enc_obj ne "") && ($_ eq "CRYPTO"))
-		{
-		$lib_obj =~ s/(\s\S*\/c_enc\S*)/ \$(CAST_ENC_OBJ)/;
-		$rules.=&do_asm_rule($cast_enc_obj,$cast_enc_src);
-		}
-	if (($rc4_enc_obj ne "") && ($_ eq "CRYPTO"))
-		{
-		$lib_obj =~ s/\s\S*\/rc4_enc\S*/ \$(RC4_ENC_OBJ)/;
-		$rules.=&do_asm_rule($rc4_enc_obj,$rc4_enc_src);
-		}
-	if (($rc5_enc_obj ne "") && ($_ eq "CRYPTO"))
-		{
-		$lib_obj =~ s/\s\S*\/rc5_enc\S*/ \$(RC5_ENC_OBJ)/;
-		$rules.=&do_asm_rule($rc5_enc_obj,$rc5_enc_src);
-		}
-	if (($md5_asm_obj ne "") && ($_ eq "CRYPTO"))
-		{
-		$lib_obj =~ s/\s(\S*\/md5_dgst\S*)/ $1 \$(MD5_ASM_OBJ)/;
-		$rules.=&do_asm_rule($md5_asm_obj,$md5_asm_src);
-		}
-	if (($sha1_asm_obj ne "") && ($_ eq "CRYPTO"))
-		{
-		$lib_obj =~ s/\s(\S*\/sha1dgst\S*)/ $1 \$(SHA1_ASM_OBJ)/;
-		$rules.=&do_asm_rule($sha1_asm_obj,$sha1_asm_src);
-		}
-	if (($rmd160_asm_obj ne "") && ($_ eq "CRYPTO"))
-		{
-		$lib_obj =~ s/\s(\S*\/rmd_dgst\S*)/ $1 \$(RMD160_ASM_OBJ)/;
-		$rules.=&do_asm_rule($rmd160_asm_obj,$rmd160_asm_src);
-		}
 	$defs.=&do_defs(${_}."OBJ",$lib_obj,"\$(OBJ_D)",$obj);
 	$lib=($slib)?" \$(SHLIB_CFLAGS)".$shlib_ex_cflags{$_}:" \$(LIB_CFLAGS)";
 	$rules.=&do_compile_rule("\$(OBJ_D)",$lib_obj{$_},$lib);
 	}
 
 # hack to add version info on MSVC
-if (($platform eq "VC-WIN32") || ($platform eq "VC-NT")) {
+if (($platform eq "VC-WIN32") || ($platform eq "VC-WIN64A")
+	|| ($platform eq "VC-WIN64I") || ($platform eq "VC-NT")) {
     $rules.= <<"EOF";
 \$(OBJ_D)\\\$(CRYPTO).res: ms\\version32.rc
 	\$(RSC) /fo"\$(OBJ_D)\\\$(CRYPTO).res" /d CRYPTO ms\\version32.rc
@@ -654,6 +658,16 @@ foreach (split(/\s+/,$test))
 	$rules.=&do_link_rule("\$(TEST_D)$o$t$exep",$tt,"\$(LIBS_DEP)","\$(L_LIBS) \$(EX_LIBS)");
 	}
 
+$defs.=&do_defs("E_SHLIB",$engines,"\$(ENG_D)",$shlibp);
+
+foreach (split(/\s+/,$engines))
+	{
+	$rules.=&do_compile_rule("\$(OBJ_D)","engines${o}e_$_",$lib);
+	$rules.= &do_lib_rule("\$(OBJ_D)${o}e_${_}.obj","\$(ENG_D)$o$_$shlibp","",$shlib,"");
+	}
+
+
+
 $rules.= &do_lib_rule("\$(SSLOBJ)","\$(O_SSL)",$ssl,$shlib,"\$(SO_SSL)");
 $rules.= &do_lib_rule("\$(CRYPTOOBJ)","\$(O_CRYPTO)",$crypto,$shlib,"\$(SO_CRYPTO)");
 
@@ -665,7 +679,7 @@ if ($platform eq "linux-elf") {
     print <<"EOF";
 # Generate perlasm output files
 %.cpp:
-	(cd \$(\@D)/..; PERL=perl make -f Makefile.ssl asm/\$(\@F))
+	(cd \$(\@D)/..; PERL=perl make -f Makefile asm/\$(\@F))
 EOF
 }
 print "###################################################################\n";
@@ -677,13 +691,15 @@ print $rules;
 # directories
 sub var_add
 	{
-	local($dir,$val)=@_;
+	local($dir,$val,$keepext)=@_;
 	local(@a,$_,$ret);
 
 	return("") if $no_engine && $dir =~ /\/engine/;
 	return("") if $no_hw   && $dir =~ /\/hw/;
 	return("") if $no_idea && $dir =~ /\/idea/;
 	return("") if $no_aes  && $dir =~ /\/aes/;
+	return("") if $no_camellia  && $dir =~ /\/camellia/;
+	return("") if $no_seed && $dir =~ /\/seed/;
 	return("") if $no_rc2  && $dir =~ /\/rc2/;
 	return("") if $no_rc4  && $dir =~ /\/rc4/;
 	return("") if $no_rc5  && $dir =~ /\/rc5/;
@@ -692,6 +708,8 @@ sub var_add
 	return("") if $no_dsa  && $dir =~ /\/dsa/;
 	return("") if $no_dh   && $dir =~ /\/dh/;
 	return("") if $no_ec   && $dir =~ /\/ec/;
+	return("") if $no_cms  && $dir =~ /\/cms/;
+	return("") if $no_jpake  && $dir =~ /\/jpake/;
 	if ($no_des && $dir =~ /\/des/)
 		{
 		if ($val =~ /read_pwd/)
@@ -703,10 +721,11 @@ sub var_add
 	return("") if $no_sock && $dir =~ /\/proxy/;
 	return("") if $no_bf   && $dir =~ /\/bf/;
 	return("") if $no_cast && $dir =~ /\/cast/;
+	return("") if $no_whirlpool && $dir =~ /\/whrlpool/;
 
 	$val =~ s/^\s*(.*)\s*$/$1/;
 	@a=split(/\s+/,$val);
-	grep(s/\.[och]$//,@a);
+	grep(s/\.[och]$//,@a) unless $keepext;
 
 	@a=grep(!/^e_.*_3d$/,@a) if $no_des;
 	@a=grep(!/^e_.*_d$/,@a) if $no_des;
@@ -717,9 +736,11 @@ sub var_add
 	@a=grep(!/^e_.*_bf$/,@a) if $no_bf;
 	@a=grep(!/^e_.*_c$/,@a) if $no_cast;
 	@a=grep(!/^e_rc4$/,@a) if $no_rc4;
+	@a=grep(!/^e_camellia$/,@a) if $no_camellia;
+	@a=grep(!/^e_seed$/,@a) if $no_seed;
 
-	@a=grep(!/(^s2_)|(^s23_)/,@a) if $no_ssl2;
-	@a=grep(!/(^s3_)|(^s23_)/,@a) if $no_ssl3;
+	#@a=grep(!/(^s2_)|(^s23_)/,@a) if $no_ssl2;
+	#@a=grep(!/(^s3_)|(^s23_)/,@a) if $no_ssl3;
 
 	@a=grep(!/(_sock$)|(_acpt$)|(_conn$)|(^pxy_)/,@a) if $no_sock;
 
@@ -793,6 +814,7 @@ sub do_defs
 		else	{ $pf=$postfix; }
 		if ($_ =~ /BN_ASM/)	{ $t="$_ "; }
 		elsif ($_ =~ /BNCO_ASM/){ $t="$_ "; }
+		elsif ($_ =~ /AES_ASM/){ $t="$_ "; }
 		elsif ($_ =~ /DES_ENC/)	{ $t="$_ "; }
 		elsif ($_ =~ /BF_ENC/)	{ $t="$_ "; }
 		elsif ($_ =~ /CAST_ENC/){ $t="$_ "; }
@@ -801,20 +823,22 @@ sub do_defs
 		elsif ($_ =~ /MD5_ASM/)	{ $t="$_ "; }
 		elsif ($_ =~ /SHA1_ASM/){ $t="$_ "; }
 		elsif ($_ =~ /RMD160_ASM/){ $t="$_ "; }
+		elsif ($_ =~ /WHIRLPOOL_ASM/){ $t="$_ "; }
+		elsif ($_ =~ /CPUID_ASM/){ $t="$_ "; }
 		else	{ $t="$location${o}$_$pf "; }
 
 		$Vars{$var}.="$t ";
 		$ret.=$t;
 		}
 	# hack to add version info on MSVC
-	if ($shlib && ($platform eq "VC-WIN32") || ($platform eq "VC-NT"))
+	if ($shlib && (($platform eq "VC-WIN32") || ($platfrom eq "VC-WIN64I") || ($platform eq "VC-WIN64A") || ($platform eq "VC-NT")))
 		{
 		if ($var eq "CRYPTOOBJ")
 			{ $ret.="\$(OBJ_D)\\\$(CRYPTO).res "; }
 		elsif ($var eq "SSLOBJ")
 			{ $ret.="\$(OBJ_D)\\\$(SSL).res "; }
 		}
-	chop($ret);
+	chomp($ret);
 	$ret.="\n\n";
 	return($ret);
 	}
@@ -827,6 +851,13 @@ sub bname
 	return($ret);
 	}
 
+# return the leading path
+sub dname
+	{
+	my $ret=shift;
+	$ret =~ s/(^.*)[\\\/][^\\\/]+$/$1/;
+	return($ret);
+	}
 
 ##############################################################
 # do a rule for each file that says 'compile' to new direcory
@@ -834,19 +865,61 @@ sub bname
 sub do_compile_rule
 	{
 	local($to,$files,$ex)=@_;
-	local($ret,$_,$n);
-	
+	local($ret,$_,$n,$d,$s);
+
 	$files =~ s/\//$o/g if $o ne '/';
 	foreach (split(/\s+/,$files))
 		{
 		$n=&bname($_);
-		$ret.=&cc_compile_target("$to${o}$n$obj","${_}.c",$ex)
+		$d=&dname($_);
+		if (-f "${_}.c")
+			{
+			$ret.=&cc_compile_target("$to${o}$n$obj","${_}.c",$ex)
+			}
+		elsif (-f ($s="${d}${o}asm${o}${n}.pl") or
+		       ($s=~s/sha256/sha512/ and -f $s) or
+		       -f ($s="${d}${o}${n}.pl"))
+			{
+			$ret.=&perlasm_compile_target("$to${o}$n$obj",$s,$n);
+			}
+		elsif (-f ($s="${d}${o}asm${o}${n}.S") or
+		       -f ($s="${d}${o}${n}.S"))
+			{
+			$ret.=&Sasm_compile_target("$to${o}$n$obj",$s,$n);
+			}
+		else	{ die "no rule for $_"; }
 		}
 	return($ret);
 	}
 
 ##############################################################
 # do a rule for each file that says 'compile' to new direcory
+sub perlasm_compile_target
+	{
+	my($target,$source,$bname)=@_;
+	my($ret);
+
+	$bname =~ s/(.*)\.[^\.]$/$1/;
+	$ret ="\$(TMP_D)$o$bname.asm: $source\n";
+	$ret.="\t\$(PERL) $source $asmtype \$(CFLAG) >\$\@\n\n";
+	$ret.="$target: \$(TMP_D)$o$bname.asm\n";
+	$ret.="\t\$(ASM) $afile\$\@ \$(TMP_D)$o$bname.asm\n\n";
+	return($ret);
+	}
+
+sub Sasm_compile_target
+	{
+	my($target,$source,$bname)=@_;
+	my($ret);
+
+	$bname =~ s/(.*)\.[^\.]$/$1/;
+	$ret ="\$(TMP_D)$o$bname.asm: $source\n";
+	$ret.="\t\$(CC) -E \$(CFLAG) $source >\$\@\n\n";
+	$ret.="$target: \$(TMP_D)$o$bname.asm\n";
+	$ret.="\t\$(ASM) $afile\$\@ \$(TMP_D)$o$bname.asm\n\n";
+	return($ret);
+	}
+
 sub cc_compile_target
 	{
 	local($target,$source,$ex_flags)=@_;
@@ -869,13 +942,25 @@ sub do_asm_rule
 	$target =~ s/\//$o/g if $o ne "/";
 	$src =~ s/\//$o/g if $o ne "/";
 
-	@s=split(/\s+/,$src);
 	@t=split(/\s+/,$target);
+	@s=split(/\s+/,$src);
+
 
 	for ($i=0; $i<=$#s; $i++)
 		{
-		$ret.="$t[$i]: $s[$i]\n";
-		$ret.="\t\$(ASM) $afile$t[$i] \$(SRC_D)$o$s[$i]\n\n";
+		my $objfile = $t[$i];
+		my $srcfile = $s[$i];
+
+		if ($perl_asm == 1)
+			{
+			my $plasm = $objfile;
+			$plasm =~ s/${obj}/.pl/;
+			$ret.="$srcfile: $plasm\n";
+			$ret.="\t\$(PERL) $plasm $asmtype \$(CFLAG) >$srcfile\n\n";
+			}
+
+		$ret.="$objfile: $srcfile\n";
+		$ret.="\t\$(ASM) $afile$objfile \$(SRC_D)$o$srcfile\n\n";
 		}
 	return($ret);
 	}
@@ -909,62 +994,149 @@ sub do_copy_rule
 		if ($n =~ /bss_file/)
 			{ $pp=".c"; }
 		else	{ $pp=$p; }
-		$ret.="$to${o}$n$pp: \$(SRC_D)$o$_$pp\n\t\$(CP) \$(SRC_D)$o$_$pp $to${o}$n$pp\n\n";
+		$ret.="$to${o}$n$pp: \$(SRC_D)$o$_$pp\n\t\$(CP) \"\$(SRC_D)$o$_$pp\" \"$to${o}$n$pp\"\n\n";
 		}
 	return($ret);
 	}
 
 sub read_options
 	{
-	if    (/^no-rc2$/)	{ $no_rc2=1; }
-	elsif (/^no-rc4$/)	{ $no_rc4=1; }
-	elsif (/^no-rc5$/)	{ $no_rc5=1; }
-	elsif (/^no-idea$/)	{ $no_idea=1; }
-	elsif (/^no-aes$/)	{ $no_aes=1; }
-	elsif (/^no-des$/)	{ $no_des=1; }
-	elsif (/^no-bf$/)	{ $no_bf=1; }
-	elsif (/^no-cast$/)	{ $no_cast=1; }
-	elsif (/^no-md2$/)  	{ $no_md2=1; }
-	elsif (/^no-md4$/)	{ $no_md4=1; }
-	elsif (/^no-md5$/)	{ $no_md5=1; }
-	elsif (/^no-sha$/)	{ $no_sha=1; }
-	elsif (/^no-sha1$/)	{ $no_sha1=1; }
-	elsif (/^no-ripemd$/)	{ $no_ripemd=1; }
-	elsif (/^no-mdc2$/)	{ $no_mdc2=1; }
-	elsif (/^no-patents$/)	{ $no_rc2=$no_rc4=$no_rc5=$no_idea=$no_rsa=1; }
-	elsif (/^no-rsa$/)	{ $no_rsa=1; }
-	elsif (/^no-dsa$/)	{ $no_dsa=1; }
-	elsif (/^no-dh$/)	{ $no_dh=1; }
-	elsif (/^no-hmac$/)	{ $no_hmac=1; }
-	elsif (/^no-aes$/)	{ $no_aes=1; }
-	elsif (/^no-asm$/)	{ $no_asm=1; }
-	elsif (/^nasm$/)	{ $nasm=1; }
-	elsif (/^nw-nasm$/)	{ $nw_nasm=1; }
-	elsif (/^nw-mwasm$/)	{ $nw_mwasm=1; }
-	elsif (/^gaswin$/)	{ $gaswin=1; }
-	elsif (/^no-ssl2$/)	{ $no_ssl2=1; }
-	elsif (/^no-ssl3$/)	{ $no_ssl3=1; }
-	elsif (/^no-err$/)	{ $no_err=1; }
-	elsif (/^no-sock$/)	{ $no_sock=1; }
-	elsif (/^no-krb5$/)	{ $no_krb5=1; }
-	elsif (/^no-ec$/)	{ $no_ec=1; }
-	elsif (/^no-ecdsa$/)	{ $no_ecdsa=1; }
-	elsif (/^no-ecdh$/)	{ $no_ecdh=1; }
-	elsif (/^no-engine$/)	{ $no_engine=1; }
-	elsif (/^no-hw$/)	{ $no_hw=1; }
-
-	elsif (/^just-ssl$/)	{ $no_rc2=$no_idea=$no_des=$no_bf=$no_cast=1;
-				  $no_md2=$no_sha=$no_mdc2=$no_dsa=$no_dh=1;
-				  $no_ssl2=$no_err=$no_ripemd=$no_rc5=1;
-				  $no_aes=1; }
-
-	elsif (/^rsaref$/)	{ }
-	elsif (/^gcc$/)		{ $gcc=1; }
-	elsif (/^debug$/)	{ $debug=1; }
-	elsif (/^profile$/)	{ $profile=1; }
-	elsif (/^shlib$/)	{ $shlib=1; }
-	elsif (/^dll$/)		{ $shlib=1; }
-	elsif (/^shared$/)	{ } # We just need to ignore it for now...
+	# Many options are handled in a similar way. In particular
+	# no-xxx sets zero or more scalars to 1.
+	# Process these using a hash containing the option name and
+	# reference to the scalars to set.
+
+	my %valid_options = (
+		"no-rc2" => \$no_rc2,
+		"no-rc4" => \$no_rc4,
+		"no-rc5" => \$no_rc5,
+		"no-idea" => \$no_idea,
+		"no-aes" => \$no_aes,
+		"no-camellia" => \$no_camellia,
+		"no-seed" => \$no_seed,
+		"no-des" => \$no_des,
+		"no-bf" => \$no_bf,
+		"no-cast" => \$no_cast,
+		"no-md2" => \$no_md2,
+		"no-md4" => \$no_md4,
+		"no-md5" => \$no_md5,
+		"no-sha" => \$no_sha,
+		"no-sha1" => \$no_sha1,
+		"no-ripemd" => \$no_ripemd,
+		"no-mdc2" => \$no_mdc2,
+		"no-whirlpool" => \$no_whirlpool,
+		"no-patents" => 
+			[\$no_rc2, \$no_rc4, \$no_rc5, \$no_idea, \$no_rsa],
+		"no-rsa" => \$no_rsa,
+		"no-dsa" => \$no_dsa,
+		"no-dh" => \$no_dh,
+		"no-hmac" => \$no_hmac,
+		"no-asm" => \$no_asm,
+		"nasm" => \$nasm,
+		"nw-nasm" => \$nw_nasm,
+		"nw-mwasm" => \$nw_mwasm,
+		"gaswin" => \$gaswin,
+		"no-ssl2" => \$no_ssl2,
+		"no-ssl3" => \$no_ssl3,
+		"no-tlsext" => \$no_tlsext,
+		"no-cms" => \$no_cms,
+		"no-jpake" => \$no_jpake,
+		"no-err" => \$no_err,
+		"no-sock" => \$no_sock,
+		"no-krb5" => \$no_krb5,
+		"no-ec" => \$no_ec,
+		"no-ecdsa" => \$no_ecdsa,
+		"no-ecdh" => \$no_ecdh,
+		"no-engine" => \$no_engine,
+		"no-hw" => \$no_hw,
+		"just-ssl" =>
+			[\$no_rc2, \$no_idea, \$no_des, \$no_bf, \$no_cast,
+			  \$no_md2, \$no_sha, \$no_mdc2, \$no_dsa, \$no_dh,
+			  \$no_ssl2, \$no_err, \$no_ripemd, \$no_rc5,
+			  \$no_aes, \$no_camellia, \$no_seed],
+		"rsaref" => 0,
+		"gcc" => \$gcc,
+		"debug" => \$debug,
+		"profile" => \$profile,
+		"shlib" => \$shlib,
+		"dll" => \$shlib,
+		"shared" => 0,
+		"no-gmp" => 0,
+		"no-rfc3779" => 0,
+		"no-montasm" => 0,
+		"no-shared" => 0,
+		"no-store" => 0,
+		"no-zlib" => 0,
+		"no-zlib-dynamic" => 0,
+		);
+
+	if (exists $valid_options{$_})
+		{
+		my $r = $valid_options{$_};
+		if ( ref $r eq "SCALAR")
+			{ $$r = 1;}
+		elsif ( ref $r eq "ARRAY")
+			{
+			my $r2;
+			foreach $r2 (@$r)
+				{
+				$$r2 = 1;
+				}
+			}
+		}
+	elsif (/^no-comp$/) { $xcflags = "-DOPENSSL_NO_COMP $xcflags"; }
+	elsif (/^enable-zlib$/) { $zlib_opt = 1 if $zlib_opt == 0 }
+	elsif (/^enable-zlib-dynamic$/)
+		{
+		$zlib_opt = 2;
+		}
+	elsif (/^no-static-engine/)
+		{
+		$no_static_engine = 1;
+		}
+	elsif (/^enable-static-engine/)
+		{
+		$no_static_engine = 0;
+		}
+	# There are also enable-xxx options which correspond to
+	# the no-xxx. Since the scalars are enabled by default
+	# these can be ignored.
+	elsif (/^enable-/)
+		{
+		my $t = $_;
+		$t =~ s/^enable/no/;
+		if (exists $valid_options{$t})
+			{return 1;}
+		return 0;
+		}
+	# experimental-xxx is mostly like enable-xxx, but opensslconf.v
+	# will still set OPENSSL_NO_xxx unless we set OPENSSL_EXPERIMENTAL_xxx.
+	# (No need to fail if we don't know the algorithm -- this is for adventurous users only.)
+	elsif (/^experimental-/)
+		{
+		my $algo, $ALGO;
+		($algo = $_) =~ s/^experimental-//;
+		($ALGO = $algo) =~ tr/[a-z]/[A-Z]/;
+
+		$xcflags="-DOPENSSL_EXPERIMENTAL_$ALGO $xcflags";
+		
+		}
+	elsif (/^--with-krb5-flavor=(.*)$/)
+		{
+		my $krb5_flavor = $1;
+		if ($krb5_flavor =~ /^force-[Hh]eimdal$/)
+			{
+			$xcflags="-DKRB5_HEIMDAL $xcflags";
+			}
+		elsif ($krb5_flavor =~ /^MIT/i)
+			{
+			$xcflags="-DKRB5_MIT $xcflags";
+		 	if ($krb5_flavor =~ /^MIT[._-]*1[._-]*[01]/i)
+				{
+				$xcflags="-DKRB5_MIT_OLD11 $xcflags"
+				}
+			}
+		}
 	elsif (/^([^=]*)=(.*)$/){ $VARS{$1}=$2; }
 	elsif (/^-[lL].*$/)	{ $l_flags.="$_ "; }
 	elsif ((!/^-help/) && (!/^-h/) && (!/^-\?/) && /^-.*$/)
diff --git a/util/mkdef.pl b/util/mkdef.pl
index 98cd12706c..1d579c897c 100755
--- a/util/mkdef.pl
+++ b/util/mkdef.pl
@@ -69,7 +69,7 @@ my $do_ctestall = 0;
 my $do_checkexist = 0;
 
 my $VMSVAX=0;
-my $VMSAlpha=0;
+my $VMSNonVAX=0;
 my $VMS=0;
 my $W32=0;
 my $W16=0;
@@ -79,26 +79,39 @@ my $OS2=0;
 my $safe_stack_def = 0;
 
 my @known_platforms = ( "__FreeBSD__", "PERL5", "NeXT",
-			"EXPORT_VAR_AS_FUNCTION" );
+			"EXPORT_VAR_AS_FUNCTION", "ZLIB" );
 my @known_ossl_platforms = ( "VMS", "WIN16", "WIN32", "WINNT", "OS2" );
 my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF",
 			 "CAST", "MD2", "MD4", "MD5", "SHA", "SHA0", "SHA1",
 			 "SHA256", "SHA512", "RIPEMD",
-			 "MDC2", "RSA", "DSA", "DH", "EC", "ECDH", "ECDSA", "HMAC", "AES",
+			 "MDC2", "WHIRLPOOL", "RSA", "DSA", "DH", "EC", "ECDH", "ECDSA",
+			 "HMAC", "AES", "CAMELLIA", "SEED", "GOST",
 			 # Envelope "algorithms"
 			 "EVP", "X509", "ASN1_TYPEDEFS",
 			 # Helper "algorithms"
 			 "BIO", "COMP", "BUFFER", "LHASH", "STACK", "ERR",
 			 "LOCKING",
 			 # External "algorithms"
-			 "FP_API", "STDIO", "SOCK", "KRB5",
+			 "FP_API", "STDIO", "SOCK", "KRB5", "DGRAM",
 			 # Engines
-			 "STATIC_ENGINE", "ENGINE", "HW",
+			 "STATIC_ENGINE", "ENGINE", "HW", "GMP",
+			 # RFC3779
+			 "RFC3779",
+			 # TLS
+			 "TLSEXT", "PSK",
+			 # CMS
+			 "CMS",
+			 # CryptoAPI Engine
+			 "CAPIENG",
+			 # SSL v2
+			 "SSL2",
+			 # JPAKE
+			 "JPAKE",
 			 # Deprecated functions
 			 "DEPRECATED" );
 
 my $options="";
-open(IN,"<Makefile.ssl") || die "unable to open Makefile.ssl!\n";
+open(IN,"<Makefile") || die "unable to open Makefile!\n";
 while(<IN>) {
     $options=$1 if (/^OPTIONS=(.*)$/);
 }
@@ -108,11 +121,16 @@ close(IN);
 # defined with ifndef(NO_XXX) are not included in the .def file, and everything
 # in directory xxx is ignored.
 my $no_rc2; my $no_rc4; my $no_rc5; my $no_idea; my $no_des; my $no_bf;
-my $no_cast;
+my $no_cast; my $no_whirlpool; my $no_camellia; my $no_seed;
 my $no_md2; my $no_md4; my $no_md5; my $no_sha; my $no_ripemd; my $no_mdc2;
 my $no_rsa; my $no_dsa; my $no_dh; my $no_hmac=0; my $no_aes; my $no_krb5;
 my $no_ec; my $no_ecdsa; my $no_ecdh; my $no_engine; my $no_hw;
-my $no_fp_api; my $no_static_engine; my $no_deprecated;
+my $no_fp_api; my $no_static_engine=1; my $no_gmp; my $no_deprecated;
+my $no_rfc3779; my $no_psk; my $no_tlsext; my $no_cms; my $no_capieng;
+my $no_jpake; my $no_ssl2;
+
+my $zlib;
+
 
 foreach (@ARGV, split(/ /, $options))
 	{
@@ -127,12 +145,16 @@ foreach (@ARGV, split(/ /, $options))
 		$VMS=1;
 		$VMSVAX=1;
 	}
-	if ($_ eq "VMS-Alpha") {
+	if ($_ eq "VMS-NonVAX") {
 		$VMS=1;
-		$VMSAlpha=1;
+		$VMSNonVAX=1;
 	}
 	$VMS=1 if $_ eq "VMS";
 	$OS2=1 if $_ eq "OS2";
+	if ($_ eq "zlib" || $_ eq "enable-zlib" || $_ eq "zlib-dynamic"
+			 || $_ eq "enable-zlib-dynamic") {
+		$zlib = 1;
+	}
 
 	$do_ssl=1 if $_ eq "ssleay";
 	if ($_ eq "ssl") {
@@ -144,6 +166,8 @@ foreach (@ARGV, split(/ /, $options))
 		$do_crypto=1;
 		$libname=$_;
 	}
+	$no_static_engine=1 if $_ eq "no-static-engine";
+	$no_static_engine=0 if $_ eq "enable-static-engine";
 	$do_update=1 if $_ eq "update";
 	$do_rewrite=1 if $_ eq "rewrite";
 	$do_ctest=1 if $_ eq "ctest";
@@ -158,6 +182,7 @@ foreach (@ARGV, split(/ /, $options))
 	elsif (/^no-des$/)      { $no_des=1; $no_mdc2=1; }
 	elsif (/^no-bf$/)       { $no_bf=1; }
 	elsif (/^no-cast$/)     { $no_cast=1; }
+	elsif (/^no-whirlpool$/)     { $no_whirlpool=1; }
 	elsif (/^no-md2$/)      { $no_md2=1; }
 	elsif (/^no-md4$/)      { $no_md4=1; }
 	elsif (/^no-md5$/)      { $no_md5=1; }
@@ -172,6 +197,8 @@ foreach (@ARGV, split(/ /, $options))
 	elsif (/^no-ecdh$/) 	{ $no_ecdh=1; }
 	elsif (/^no-hmac$/)	{ $no_hmac=1; }
 	elsif (/^no-aes$/)	{ $no_aes=1; }
+	elsif (/^no-camellia$/)	{ $no_camellia=1; }
+	elsif (/^no-seed$/)     { $no_seed=1; }
 	elsif (/^no-evp$/)	{ $no_evp=1; }
 	elsif (/^no-lhash$/)	{ $no_lhash=1; }
 	elsif (/^no-stack$/)	{ $no_stack=1; }
@@ -184,6 +211,13 @@ foreach (@ARGV, split(/ /, $options))
 	elsif (/^no-krb5$/)	{ $no_krb5=1; }
 	elsif (/^no-engine$/)	{ $no_engine=1; }
 	elsif (/^no-hw$/)	{ $no_hw=1; }
+	elsif (/^no-gmp$/)	{ $no_gmp=1; }
+	elsif (/^no-rfc3779$/)	{ $no_rfc3779=1; }
+	elsif (/^no-tlsext$/)	{ $no_tlsext=1; }
+	elsif (/^no-cms$/)	{ $no_cms=1; }
+	elsif (/^no-ssl2$/)	{ $no_ssl2=1; }
+	elsif (/^no-capieng$/)	{ $no_capieng=1; }
+	elsif (/^no-jpake$/)	{ $no_jpake=1; }
 	}
 
 
@@ -219,6 +253,7 @@ $max_crypto = $max_num;
 
 my $ssl="ssl/ssl.h";
 $ssl.=" ssl/kssl.h";
+$ssl.=" ssl/tls1.h";
 
 my $crypto ="crypto/crypto.h";
 $crypto.=" crypto/o_dir.h";
@@ -229,6 +264,7 @@ $crypto.=" crypto/rc5/rc5.h" ; # unless $no_rc5;
 $crypto.=" crypto/rc2/rc2.h" ; # unless $no_rc2;
 $crypto.=" crypto/bf/blowfish.h" ; # unless $no_bf;
 $crypto.=" crypto/cast/cast.h" ; # unless $no_cast;
+$crypto.=" crypto/whrlpool/whrlpool.h" ;
 $crypto.=" crypto/md2/md2.h" ; # unless $no_md2;
 $crypto.=" crypto/md4/md4.h" ; # unless $no_md4;
 $crypto.=" crypto/md5/md5.h" ; # unless $no_md5;
@@ -236,6 +272,8 @@ $crypto.=" crypto/mdc2/mdc2.h" ; # unless $no_mdc2;
 $crypto.=" crypto/sha/sha.h" ; # unless $no_sha;
 $crypto.=" crypto/ripemd/ripemd.h" ; # unless $no_ripemd;
 $crypto.=" crypto/aes/aes.h" ; # unless $no_aes;
+$crypto.=" crypto/camellia/camellia.h" ; # unless $no_camellia;
+$crypto.=" crypto/seed/seed.h"; # unless $no_seed;
 
 $crypto.=" crypto/bn/bn.h";
 $crypto.=" crypto/rsa/rsa.h" ; # unless $no_rsa;
@@ -268,13 +306,16 @@ $crypto.=" crypto/pkcs12/pkcs12.h";
 $crypto.=" crypto/x509/x509.h";
 $crypto.=" crypto/x509/x509_vfy.h";
 $crypto.=" crypto/x509v3/x509v3.h";
+$crypto.=" crypto/ts/ts.h";
 $crypto.=" crypto/rand/rand.h";
 $crypto.=" crypto/comp/comp.h" ; # unless $no_comp;
 $crypto.=" crypto/ocsp/ocsp.h";
 $crypto.=" crypto/ui/ui.h crypto/ui/ui_compat.h";
 $crypto.=" crypto/krb5/krb5_asn.h";
-$crypto.=" crypto/tmdiff.h";
-$crypto.=" crypto/store/store.h";
+#$crypto.=" crypto/store/store.h";
+$crypto.=" crypto/pqueue/pqueue.h";
+$crypto.=" crypto/cms/cms.h";
+$crypto.=" crypto/jpake/jpake.h";
 
 my $symhacks="crypto/symhacks.h";
 
@@ -430,7 +471,11 @@ sub do_defs
 
 		print STDERR "DEBUG: parsing ----------\n" if $debug;
 		while(<IN>) {
-			last if (/\/\* Error codes for the \w+ functions\. \*\//);
+			if (/\/\* Error codes for the \w+ functions\. \*\//)
+				{
+				undef @tag;
+				last;
+				}
 			if ($line ne '') {
 				$_ = $line . $_;
 				$line = '';
@@ -443,17 +488,22 @@ sub do_defs
 				next;
 			}
 
-	    		$cpp = 1 if /^\#.*ifdef.*cplusplus/;
+			if(/\/\*/) {
+				if (not /\*\//) {	# multiline comment...
+					$line = $_;	# ... just accumulate
+					next;
+				} else {
+					s/\/\*.*?\*\///gs;# wipe it
+				}
+			}
+
 			if ($cpp) {
-				$cpp = 0 if /^\#.*endif/;
+				$cpp++ if /^#\s*if/;
+				$cpp-- if /^#\s*endif/;
 				next;
 	    		}
+			$cpp = 1 if /^#.*ifdef.*cplusplus/;
 
-			s/\/\*.*?\*\///gs;                   # ignore comments
-			if (/\/\*/) {			     # if we have part
-				$line = $_;		     # of a comment,
-				next;			     # continue reading
-			}
 			s/{[^{}]*}//gs;                      # ignore {} blocks
 			print STDERR "DEBUG: \$def=\"$def\"\n" if $debug && $def ne "";
 			print STDERR "DEBUG: \$_=\"$_\"\n" if $debug;
@@ -731,10 +781,17 @@ sub do_defs
 					$def .= "int i2d_$1_NDEF(void);";
 				} elsif (/^\s*DECLARE_ASN1_SET_OF\s*\(\s*(\w*)\s*\)/) {
 					next;
+				} elsif (/^\s*DECLARE_ASN1_PRINT_FUNCTION\s*\(\s*(\w*)\s*\)/) {
+					$def .= "int $1_print_ctx(void);";
+					next;
+				} elsif (/^\s*DECLARE_ASN1_PRINT_FUNCTION_name\s*\(\s*(\w*)\s*,\s*(\w*)\s*\)/) {
+					$def .= "int $2_print_ctx(void);";
+					next;
 				} elsif (/^\s*DECLARE_PKCS12_STACK_OF\s*\(\s*(\w*)\s*\)/) {
 					next;
 				} elsif (/^DECLARE_PEM_rw\s*\(\s*(\w*)\s*,/ ||
-					 /^DECLARE_PEM_rw_cb\s*\(\s*(\w*)\s*,/ ) {
+					 /^DECLARE_PEM_rw_cb\s*\(\s*(\w*)\s*,/ ||
+					 /^DECLARE_PEM_rw_const\s*\(\s*(\w*)\s*,/ ) {
 					# Things not in Win16
 					$def .=
 					    "#INFO:"
@@ -822,6 +879,18 @@ sub do_defs
 			next if(/typedef\W/);
 			next if(/\#define/);
 
+			# Reduce argument lists to empty ()
+			# fold round brackets recursively: (t(*v)(t),t) -> (t{}{},t) -> {}
+			while(/\(.*\)/s) {
+				s/\([^\(\)]+\)/\{\}/gs;
+				s/\(\s*\*\s*(\w+)\s*\{\}\s*\)/$1/gs;	#(*f{}) -> f
+			}
+			# pretend as we didn't use curly braces: {} -> ()
+			s/\{\}/\(\)/gs;
+
+			s/STACK_OF\(\)/void/gs;
+			s/LHASH_OF\(\)/void/gs;
+
 			print STDERR "DEBUG: \$_ = \"$_\"\n" if $debug;
 			if (/^\#INFO:([^:]*):(.*)$/) {
 				$plats = $1;
@@ -832,21 +901,10 @@ sub do_defs
 				$s = $1;
 				$k = "VARIABLE";
 				print STDERR "DEBUG: found external variable $s\n" if $debug;
-			} elsif (/\(\*(\w*(\{[0-9]+\})?)\([^\)]+/) {
-				$s = $1;
-				print STDERR "DEBUG: found ANSI C function $s\n" if $debug;
-			} elsif (/\w+\W+(\w+)\W*\(\s*\)(\s*__attribute__\(.*\)\s*)?$/s) {
-				# K&R C
-				print STDERR "DEBUG: found K&R C function $s\n" if $debug;
+			} elsif (/TYPEDEF_\w+_OF/s) {
 				next;
-			} elsif (/\w+\W+\w+(\{[0-9]+\})?\W*\(.*\)(\s*__attribute__\(.*\)\s*)?$/s) {
-				while (not /\(\)(\s*__attribute__\(.*\)\s*)?$/s) {
-					s/[^\(\)]*\)(\s*__attribute__\(.*\)\s*)?$/\)/s;
-					s/\([^\(\)]*\)\)(\s*__attribute__\(.*\)\s*)?$/\)/s;
-				}
-				s/\(void\)//;
-				/(\w+(\{[0-9]+\})?)\W*\(\)/s;
-				$s = $1;
+			} elsif (/(\w+)\s*\(\).*/s) {	# first token prior [first] () is
+				$s = $1;		# a function name!
 				print STDERR "DEBUG: found function $s\n" if $debug;
 			} elsif (/\(/ and not (/=/)) {
 				print STDERR "File $file: cannot parse: $_;\n";
@@ -908,6 +966,19 @@ sub do_defs
 	$platform{"PEM_write_NS_CERT_SEQ"} = "VMS";
 	$platform{"PEM_read_P8_PRIV_KEY_INFO"} = "VMS";
 	$platform{"PEM_write_P8_PRIV_KEY_INFO"} = "VMS";
+	$platform{"EVP_sha384"} = "!VMSVAX";
+	$platform{"EVP_sha512"} = "!VMSVAX";
+	$platform{"SHA384_Init"} = "!VMSVAX";
+	$platform{"SHA384_Transform"} = "!VMSVAX";
+	$platform{"SHA384_Update"} = "!VMSVAX";
+	$platform{"SHA384_Final"} = "!VMSVAX";
+	$platform{"SHA384"} = "!VMSVAX";
+	$platform{"SHA512_Init"} = "!VMSVAX";
+	$platform{"SHA512_Transform"} = "!VMSVAX";
+	$platform{"SHA512_Update"} = "!VMSVAX";
+	$platform{"SHA512_Final"} = "!VMSVAX";
+	$platform{"SHA512"} = "!VMSVAX";
+
 
 	# Info we know about
 
@@ -1023,7 +1094,7 @@ sub is_valid
 {
 	my ($keywords_txt,$platforms) = @_;
 	my (@keywords) = split /,/,$keywords_txt;
-	my ($falsesum, $truesum) = (0, !grep(/^[^!]/,@keywords));
+	my ($falsesum, $truesum) = (0, 1);
 
 	# Param: one keyword
 	sub recognise
@@ -1032,6 +1103,8 @@ sub is_valid
 
 		if ($platforms) {
 			# platforms
+			if ($keyword eq "VMSVAX" && $VMSVAX) { return 1; }
+			if ($keyword eq "VMSNonVAX" && $VMSNonVAX) { return 1; }
 			if ($keyword eq "VMS" && $VMS) { return 1; }
 			if ($keyword eq "WIN32" && $W32) { return 1; }
 			if ($keyword eq "WIN16" && $W16) { return 1; }
@@ -1044,6 +1117,7 @@ sub is_valid
 			if ($keyword eq "EXPORT_VAR_AS_FUNCTION" && ($VMSVAX || $W32 || $W16)) {
 				return 1;
 			}
+			if ($keyword eq "ZLIB" && $zlib) { return 1; }
 			return 0;
 		} else {
 			# algorithms
@@ -1060,6 +1134,7 @@ sub is_valid
 			if ($keyword eq "SHA" && $no_sha) { return 0; }
 			if ($keyword eq "RIPEMD" && $no_ripemd) { return 0; }
 			if ($keyword eq "MDC2" && $no_mdc2) { return 0; }
+			if ($keyword eq "WHIRLPOOL" && $no_whirlpool) { return 0; }
 			if ($keyword eq "RSA" && $no_rsa) { return 0; }
 			if ($keyword eq "DSA" && $no_dsa) { return 0; }
 			if ($keyword eq "DH" && $no_dh) { return 0; }
@@ -1068,6 +1143,8 @@ sub is_valid
 			if ($keyword eq "ECDH" && $no_ecdh) { return 0; }
 			if ($keyword eq "HMAC" && $no_hmac) { return 0; }
 			if ($keyword eq "AES" && $no_aes) { return 0; }
+			if ($keyword eq "CAMELLIA" && $no_camellia) { return 0; }
+			if ($keyword eq "SEED" && $no_seed) { return 0; }
 			if ($keyword eq "EVP" && $no_evp) { return 0; }
 			if ($keyword eq "LHASH" && $no_lhash) { return 0; }
 			if ($keyword eq "STACK" && $no_stack) { return 0; }
@@ -1081,6 +1158,14 @@ sub is_valid
 			if ($keyword eq "HW" && $no_hw) { return 0; }
 			if ($keyword eq "FP_API" && $no_fp_api) { return 0; }
 			if ($keyword eq "STATIC_ENGINE" && $no_static_engine) { return 0; }
+			if ($keyword eq "GMP" && $no_gmp) { return 0; }
+			if ($keyword eq "RFC3779" && $no_rfc3779) { return 0; }
+			if ($keyword eq "TLSEXT" && $no_tlsext) { return 0; }
+			if ($keyword eq "PSK" && $no_psk) { return 0; }
+			if ($keyword eq "CMS" && $no_cms) { return 0; }
+			if ($keyword eq "SSL2" && $no_ssl2) { return 0; }
+			if ($keyword eq "CAPIENG" && $no_capieng) { return 0; }
+			if ($keyword eq "JPAKE" && $no_jpake) { return 0; }
 			if ($keyword eq "DEPRECATED" && $no_deprecated) { return 0; }
 
 			# Nothing recognise as true
@@ -1092,7 +1177,7 @@ sub is_valid
 		if ($k =~ /^!(.*)$/) {
 			$falsesum += &recognise($1,$platforms);
 		} else {
-			$truesum += &recognise($k,$platforms);
+			$truesum *= &recognise($k,$platforms);
 		}
 	}
 	print STDERR "DEBUG: [",$#keywords,",",$#keywords < 0,"] is_valid($keywords_txt) => (\!$falsesum) && $truesum = ",(!$falsesum) && $truesum,"\n" if $debug;
@@ -1139,7 +1224,7 @@ sub print_test_file
 sub get_version {
    local *MF;
    my $v = '?';
-   open MF, 'Makefile.ssl' or return $v;
+   open MF, 'Makefile' or return $v;
    while (<MF>) {
      $v = $1, last if /^VERSION=(.*?)\s*$/;
    }
@@ -1184,8 +1269,6 @@ EOO
 
 LIBRARY         $libname	$liboptions
 
-DESCRIPTION     '$description'
-
 EOF
 
 	if ($W16) {
diff --git a/util/mkdir-p.pl b/util/mkdir-p.pl
index 6c69c2daa4..e73d02b073 100755
--- a/util/mkdir-p.pl
+++ b/util/mkdir-p.pl
@@ -8,6 +8,7 @@
 my $arg;
 
 foreach $arg (@ARGV) {
+  $arg =~ tr|\\|/|;
   &do_mkdir_p($arg);
 }
 
diff --git a/util/mkerr.pl b/util/mkerr.pl
index 05d0340f6a..ba2fd6eba3 100644
--- a/util/mkerr.pl
+++ b/util/mkerr.pl
@@ -1,6 +1,7 @@
 #!/usr/local/bin/perl -w
 
 my $config = "crypto/err/openssl.ec";
+my $hprefix = "openssl/";
 my $debug = 0;
 my $rebuild = 0;
 my $static = 1;
@@ -9,11 +10,19 @@ my $reindex = 0;
 my $dowrite = 0;
 my $staticloader = "";
 
+my $pack_errcode;
+my $load_errcode;
+
+my $errcount;
+
 while (@ARGV) {
 	my $arg = $ARGV[0];
 	if($arg eq "-conf") {
 		shift @ARGV;
 		$config = shift @ARGV;
+	} elsif($arg eq "-hprefix") {
+		shift @ARGV;
+		$hprefix = shift @ARGV;
 	} elsif($arg eq "-debug") {
 		$debug = 1;
 		shift @ARGV;
@@ -35,6 +44,71 @@ while (@ARGV) {
 	} elsif($arg eq "-write") {
 		$dowrite = 1;
 		shift @ARGV;
+	} elsif($arg eq "-help" || $arg eq "-h" || $arg eq "-?" || $arg eq "--help") {
+		print STDERR <<"EOF";
+mkerr.pl [options] ...
+
+Options:
+
+  -conf F       Use the config file F instead of the default one:
+                  crypto/err/openssl.ec
+
+  -hprefix P    Prepend the filenames in generated #include <header>
+                statements with prefix P. Default: 'openssl/' (without
+                the quotes, naturally)
+
+  -debug        Turn on debugging verbose output on stderr.
+
+  -rebuild      Rebuild all header and C source files, irrespective of the
+                fact if any error or function codes have been added/removed.
+                Default: only update files for libraries which saw change
+                         (of course, this requires '-write' as well, or no
+                          files will be touched!)
+
+  -recurse      scan a preconfigured set of directories / files for error and
+                function codes:
+                  (<crypto/*.c>, <crypto/*/*.c>, <ssl/*.c>, <apps/*.c>)
+                When this option is NOT specified, the filelist is taken from
+                the commandline instead. Here, wildcards may be embedded. (Be
+                sure to escape those to prevent the shell from expanding them
+                for you when you wish mkerr.pl to do so instead.)
+                Default: take file list to scan from the command line.
+
+  -reindex      Discard the numeric values previously assigned to the error
+                and function codes as extracted from the scanned header files;
+                instead renumber all of them starting from 100. (Note that
+                the numbers assigned through 'R' records in the config file
+                remain intact.)
+                Default: keep previously assigned numbers. (You are warned
+                         when collisions are detected.)
+
+  -nostatic     Generates a different source code, where these additional 
+                functions are generated for each library specified in the
+                config file:
+                  void ERR_load_<LIB>_strings(void);
+                  void ERR_unload_<LIB>_strings(void);
+                  void ERR_<LIB>_error(int f, int r, char *fn, int ln);
+                  #define <LIB>err(f,r) ERR_<LIB>_error(f,r,__FILE__,__LINE__)
+                while the code facilitates the use of these in an environment
+                where the error support routines are dynamically loaded at 
+                runtime.
+                Default: 'static' code generation.
+
+  -staticloader Prefix generated functions with the 'static' scope modifier.
+                Default: don't write any scope modifier prefix.
+
+  -write        Actually (over)write the generated code to the header and C 
+                source files as assigned to each library through the config 
+                file.
+                Default: don't write.
+
+  -help / -h / -? / --help            Show this help text.
+
+  ...           Additional arguments are added to the file list to scan,
+                assuming '-recurse' was NOT specified on the command line.
+
+EOF
+		exit 1;
 	} else {
 		last;
 	}
@@ -60,8 +134,10 @@ while(<IN>)
 		$cskip{$3} = $1;
 		if($3 ne "NONE") {
 			$csrc{$1} = $3;
-			$fmax{$1} = 99;
-			$rmax{$1} = 99;
+			$fmax{$1} = 100;
+			$rmax{$1} = 100;
+			$fassigned{$1} = ":";
+			$rassigned{$1} = ":";
 			$fnew{$1} = 0;
 			$rnew{$1} = 0;
 		}
@@ -100,15 +176,24 @@ while (($hdr, $lib) = each %libinc)
 		    next;
 		}
 
-		$cpp = 1 if /^#.*ifdef.*cplusplus/;  # skip "C" declaration
+		if(/\/\*/) {
+		    if (not /\*\//) {		# multiline comment...
+			$line = $_;		# ... just accumulate
+			next; 
+		    } else {
+			s/\/\*.*?\*\///gs;	# wipe it
+		    }
+		}
+
 		if ($cpp) {
-		    $cpp = 0 if /^#.*endif/;
+		    $cpp++ if /^#\s*if/;
+		    $cpp-- if /^#\s*endif/;
 		    next;
 		}
+		$cpp = 1 if /^#.*ifdef.*cplusplus/;  # skip "C" declaration
 
 		next if (/^\#/);                      # skip preprocessor directives
 
-		s/\/\*.*?\*\///gs;                   # ignore comments
 		s/{[^{}]*}//gs;                      # ignore {} blocks
 
 		if (/\{|\/\*/) { # Add a } so editor works...
@@ -121,31 +206,37 @@ while (($hdr, $lib) = each %libinc)
 
 	print STDERR "                                  \r" if $debug;
         $defnr = 0;
+	# Delete any DECLARE_ macros
+	$def =~ s/DECLARE_\w+\([\w,\s]+\)//gs;
 	foreach (split /;/, $def) {
 	    $defnr++;
 	    print STDERR "def: $defnr\r" if $debug;
 
+	    # The goal is to collect function names from function declarations.
+
 	    s/^[\n\s]*//g;
 	    s/[\n\s]*$//g;
-	    next if(/typedef\W/);
-	    if (/\(\*(\w*)\([^\)]+/) {
-		my $name = $1;
-		$name =~ tr/[a-z]/[A-Z]/;
-		$ftrans{$name} = $1;
-	    } elsif (/\w+\W+(\w+)\W*\(\s*\)(\s*__attribute__\(.*\)\s*)?$/s){
-		# K&R C
-		next ;
-	    } elsif (/\w+\W+\w+\W*\(.*\)(\s*__attribute__\(.*\)\s*)?$/s) {
-		while (not /\(\)(\s*__attribute__\(.*\)\s*)?$/s) {
-		    s/[^\(\)]*\)(\s*__attribute__\(.*\)\s*)?$/\)/s;
-		    s/\([^\(\)]*\)\)(\s*__attribute__\(.*\)\s*)?$/\)/s;
-		}
-		s/\(void\)//;
-		/(\w+(\{[0-9]+\})?)\W*\(\)/s;
-		my $name = $1;
+
+	    # Skip over recognized non-function declarations
+	    next if(/typedef\W/ or /DECLARE_STACK_OF/ or /TYPEDEF_.*_OF/);
+
+	    # Remove STACK_OF(foo)
+	    s/STACK_OF\(\w+\)/void/;
+
+	    # Reduce argument lists to empty ()
+	    # fold round brackets recursively: (t(*v)(t),t) -> (t{}{},t) -> {}
+	    while(/\(.*\)/s) {
+		s/\([^\(\)]+\)/\{\}/gs;
+		s/\(\s*\*\s*(\w+)\s*\{\}\s*\)/$1/gs;	#(*f{}) -> f
+	    }
+	    # pretend as we didn't use curly braces: {} -> ()
+	    s/\{\}/\(\)/gs;
+
+	    if (/(\w+)\s*\(\).*/s) {	# first token prior [first] () is
+		my $name = $1;		# a function name!
 		$name =~ tr/[a-z]/[A-Z]/;
 		$ftrans{$name} = $1;
-	    } elsif (/\(/ and not (/=/ or /DECLARE_STACK/)) {
+	    } elsif (/[\(\)]/ and not (/=/)) {
 		print STDERR "Header $hdr: cannot parse: $_;\n";
 	    }
 	}
@@ -158,7 +249,7 @@ while (($hdr, $lib) = each %libinc)
 	# maximum code used.
 
 	if ($gotfile) {
-	    while(<IN>) {
+	  while(<IN>) {
 		if(/^\#define\s+(\S+)\s+(\S+)/) {
 			$name = $1;
 			$code = $2;
@@ -169,18 +260,52 @@ while (($hdr, $lib) = each %libinc)
 			}
 			if($1 eq "R") {
 				$rcodes{$name} = $code;
+				if ($rassigned{$lib} =~ /:$code:/) {
+					print STDERR "!! ERROR: $lib reason code $code assigned twice (collision at $name)\n";
+					++$errcount;
+				}
+				$rassigned{$lib} .= "$code:";
 				if(!(exists $rextra{$name}) &&
 					 ($code > $rmax{$lib}) ) {
 					$rmax{$lib} = $code;
 				}
 			} else {
+				if ($fassigned{$lib} =~ /:$code:/) {
+					print STDERR "!! ERROR: $lib function code $code assigned twice (collision at $name)\n";
+					++$errcount;
+				}
+				$fassigned{$lib} .= "$code:";
 				if($code > $fmax{$lib}) {
 					$fmax{$lib} = $code;
 				}
 				$fcodes{$name} = $code;
 			}
 		}
-	    }
+	  }
+	}
+
+	if ($debug) {
+		if (defined($fmax{$lib})) {
+			print STDERR "Max function code fmax" . "{" . "$lib" . "} = $fmax{$lib}\n";
+			$fassigned{$lib} =~ m/^:(.*):$/;
+			@fassigned = sort {$a <=> $b} split(":", $1);
+			print STDERR "  @fassigned\n";
+		}
+		if (defined($rmax{$lib})) {
+			print STDERR "Max reason code rmax" . "{" . "$lib" . "} = $rmax{$lib}\n";
+			$rassigned{$lib} =~ m/^:(.*):$/;
+			@rassigned = sort {$a <=> $b} split(":", $1);
+			print STDERR "  @rassigned\n";
+		}
+	}
+
+	if ($lib eq "SSL") {
+		if ($rmax{$lib} >= 1000) {
+			print STDERR "!! ERROR: SSL error codes 1000+ are reserved for alerts.\n";
+			print STDERR "!!        Any new alerts must be added to $config.\n";
+			++$errcount;
+			print STDERR "\n";
+		}
 	}
 	close IN;
 }
@@ -197,13 +322,15 @@ while (($hdr, $lib) = each %libinc)
 # so all those unreferenced can be printed out.
 
 
-print STDERR "Files loaded: " if $debug;
 foreach $file (@source) {
 	# Don't parse the error source file.
 	next if exists $cskip{$file};
-	print STDERR $file if $debug;
+	print STDERR "File loaded: ".$file."\r" if $debug;
 	open(IN, "<$file") || die "Can't open source file $file\n";
 	while(<IN>) {
+		# skip obsoleted source files entirely!
+		last if(/^#error\s+obsolete/);
+
 		if(/(([A-Z0-9]+)_F_([A-Z0-9_]+))/) {
 			next unless exists $csrc{$2};
 			next if($1 eq "BIO_F_BUFFER_CTX");
@@ -213,6 +340,7 @@ foreach $file (@source) {
 				$fnew{$2}++;
 			}
 			$notrans{$1} = 1 unless exists $ftrans{$3};
+			print STDERR "Function: $1\t= $fcodes{$1} (lib: $2, name: $3)\n" if $debug; 
 		}
 		if(/(([A-Z0-9]+)_R_[A-Z0-9_]+)/) {
 			next unless exists $csrc{$2};
@@ -221,11 +349,12 @@ foreach $file (@source) {
 				$rcodes{$1} = "X";
 				$rnew{$2}++;
 			}
+			print STDERR "Reason: $1\t= $rcodes{$1} (lib: $2)\n" if $debug; 
 		} 
 	}
 	close IN;
 }
-print STDERR "\n" if $debug;
+print STDERR "                                  \n" if $debug;
 
 # Now process each library in turn.
 
@@ -262,7 +391,7 @@ foreach $lib (keys %csrc)
 	} else {
 	    push @out,
 "/* ====================================================================\n",
-" * Copyright (c) 2001-2005 The OpenSSL Project.  All rights reserved.\n",
+" * Copyright (c) 2001-2009 The OpenSSL Project.  All rights reserved.\n",
 " *\n",
 " * Redistribution and use in source and binary forms, with or without\n",
 " * modification, are permitted provided that the following conditions\n",
@@ -318,6 +447,10 @@ foreach $lib (keys %csrc)
 "#ifndef HEADER_${lib}_ERR_H\n",
 "#define HEADER_${lib}_ERR_H\n",
 "\n",
+"#ifdef  __cplusplus\n",
+"extern \"C\" {\n",
+"#endif\n",
+"\n",
 "/* BEGIN ERROR CODES */\n";
 	}
 	open (OUT, ">$hfile") || die "Can't Open File $hfile for writing\n";
@@ -352,7 +485,16 @@ EOF
 	foreach $i (@function) {
 		$z=6-int(length($i)/8);
 		if($fcodes{$i} eq "X") {
-			$fcodes{$i} = ++$fmax{$lib};
+			$fassigned{$lib} =~ m/^:([^:]*):/;
+			$findcode = $1;
+			if (!defined($findcode)) {
+				$findcode = $fmax{$lib};
+			}
+			while ($fassigned{$lib} =~ m/:$findcode:/) {
+				$findcode++;
+			}
+			$fcodes{$i} = $findcode;
+			$fassigned{$lib} .= "$findcode:";
 			print STDERR "New Function code $i\n" if $debug;
 		}
 		printf OUT "#define $i%s $fcodes{$i}\n","\t" x $z;
@@ -363,7 +505,16 @@ EOF
 	foreach $i (@reasons) {
 		$z=6-int(length($i)/8);
 		if($rcodes{$i} eq "X") {
-			$rcodes{$i} = ++$rmax{$lib};
+			$rassigned{$lib} =~ m/^:([^:]*):/;
+			$findcode = $1;
+			if (!defined($findcode)) {
+				$findcode = $rmax{$lib};
+			}
+			while ($rassigned{$lib} =~ m/:$findcode:/) {
+				$findcode++;
+			}
+			$rcodes{$i} = $findcode;
+			$rassigned{$lib} .= "$findcode:";
 			print STDERR "New Reason code   $i\n" if $debug;
 		}
 		printf OUT "#define $i%s $rcodes{$i}\n","\t" x $z;
@@ -386,25 +537,46 @@ EOF
 			if (/\b(${lib}_R_\w*)\b.*\"(.*)\"/) {
 				$err_reason_strings{$1} = $2;
 			}
+			if (/\b${lib}_F_(\w*)\b.*\"(.*)\"/) {
+				if (!exists $ftrans{$1} && ($1 ne $2)) {
+					print STDERR "WARNING: Mismatched function string $2\n";
+					$ftrans{$1} = $2;
+				}
+			}
 		}
 		close(IN);
 	}
 
+
 	my $hincf;
 	if($static) {
 		$hfile =~ /([^\/]+)$/;
-		$hincf = "<openssl/$1>";
+		$hincf = "<${hprefix}$1>";
 	} else {
 		$hincf = "\"$hfile\"";
 	}
 
+	# If static we know the error code at compile time so use it
+	# in error definitions.
+
+	if ($static)
+		{
+		$pack_errcode = "ERR_LIB_${lib}";
+		$load_errcode = "0";
+		}
+	else
+		{
+		$pack_errcode = "0";
+		$load_errcode = "ERR_LIB_${lib}";
+		}
+
 
 	open (OUT,">$cfile") || die "Can't open $cfile for writing";
 
 	print OUT <<"EOF";
 /* $cfile */
 /* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2009 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -468,6 +640,10 @@ EOF
 
 /* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
+
+#define ERR_FUNC(func) ERR_PACK($pack_errcode,func,0)
+#define ERR_REASON(reason) ERR_PACK($pack_errcode,0,reason)
+
 static ERR_STRING_DATA ${lib}_str_functs[]=
 	{
 EOF
@@ -479,7 +655,8 @@ EOF
 		if(exists $ftrans{$fn}) {
 			$fn = $ftrans{$fn};
 		}
-		print OUT "{ERR_PACK(0,$i,0),\t\"$fn\"},\n";
+#		print OUT "{ERR_PACK($pack_errcode,$i,0),\t\"$fn\"},\n";
+		print OUT "{ERR_FUNC($i),\t\"$fn\"},\n";
 	}
 	print OUT <<"EOF";
 {0,NULL}
@@ -491,6 +668,7 @@ EOF
 	# Add each reason code.
 	foreach $i (@reasons) {
 		my $rn;
+		my $rstr = "ERR_REASON($i)";
 		my $nspc = 0;
 		if (exists $err_reason_strings{$i}) {
 			$rn = $err_reason_strings{$i};
@@ -499,9 +677,9 @@ EOF
 			$rn = $1;
 			$rn =~ tr/_[A-Z]/ [a-z]/;
 		}
-		$nspc = 40 - length($i) unless length($i) > 40;
+		$nspc = 40 - length($rstr) unless length($rstr) > 40;
 		$nspc = " " x $nspc;
-		print OUT "{${i}${nspc},\"$rn\"},\n";
+		print OUT "{${rstr}${nspc},\"$rn\"},\n";
 	}
 if($static) {
 	print OUT <<"EOF";
@@ -512,17 +690,14 @@ if($static) {
 
 ${staticloader}void ERR_load_${lib}_strings(void)
 	{
-	static int init=1;
-
-	if (init)
-		{
-		init=0;
 #ifndef OPENSSL_NO_ERR
-		ERR_load_strings(ERR_LIB_${lib},${lib}_str_functs);
-		ERR_load_strings(ERR_LIB_${lib},${lib}_str_reasons);
-#endif
 
+	if (ERR_func_error_string(${lib}_str_functs[0].error) == NULL)
+		{
+		ERR_load_strings($load_errcode,${lib}_str_functs);
+		ERR_load_strings($load_errcode,${lib}_str_reasons);
 		}
+#endif
 	}
 EOF
 } else {
@@ -627,3 +802,9 @@ if($debug && defined(@runref) ) {
 		print STDERR "$_\n";
 	}
 }
+
+if($errcount) {
+	print STDERR "There were errors, failing...\n\n";
+	exit $errcount;
+}
+
diff --git a/util/mkfiles.pl b/util/mkfiles.pl
index d8cac3a3b4..6d15831450 100755
--- a/util/mkfiles.pl
+++ b/util/mkfiles.pl
@@ -24,6 +24,9 @@ my @dirs = (
 "crypto/bf",
 "crypto/cast",
 "crypto/aes",
+"crypto/camellia",
+"crypto/seed",
+"crypto/modes",
 "crypto/bn",
 "crypto/rsa",
 "crypto/dsa",
@@ -44,7 +47,9 @@ my @dirs = (
 "crypto/pem",
 "crypto/x509",
 "crypto/x509v3",
+"crypto/cms",
 "crypto/conf",
+"crypto/jpake",
 "crypto/txt_db",
 "crypto/pkcs7",
 "crypto/pkcs12",
@@ -53,16 +58,22 @@ my @dirs = (
 "crypto/ocsp",
 "crypto/ui",
 "crypto/krb5",
-"crypto/store",
+#"crypto/store",
+"crypto/pqueue",
+"crypto/whrlpool",
+"crypto/ts",
 "ssl",
 "apps",
 "engines",
+"engines/ccgost",
 "test",
 "tools"
 );
 
+%top;
+
 foreach (@dirs) {
-	&files_dir ($_, "Makefile.ssl");
+	&files_dir ($_, "Makefile");
 }
 
 exit(0);
@@ -104,8 +115,8 @@ while (<IN>)
 		$o =~ s/\s+$//;
 		$o =~ s/\s+/ /g;
 
-		$o =~ s/\$[({]([^)}]+)[)}]/$sym{$1}/g;
-		$sym{$s}=$o;
+		$o =~ s/\$[({]([^)}]+)[)}]/$top{$1} or $sym{$1}/ge;
+		$sym{$s}=($top{$s} or $o);
 		}
 	}
 
@@ -115,6 +126,15 @@ foreach (sort keys %sym)
 	{
 	print "$_=$sym{$_}\n";
 	}
+if ($dir eq "." && defined($sym{"BUILDENV"}))
+	{
+	foreach (split(' ',$sym{"BUILDENV"}))
+		{
+		/^(.+)=/;
+		$top{$1}=$sym{$1};
+		}
+	}
+
 print "RELATIVE_DIRECTORY=\n";
 
 close (IN);
diff --git a/util/mklink.pl b/util/mklink.pl
index c8653cecc3..61db12c68f 100755
--- a/util/mklink.pl
+++ b/util/mklink.pl
@@ -15,12 +15,14 @@
 # Apart from this, this script should be able to handle even the most
 # pathological cases.
 
+use Cwd;
+
 my $from = shift;
 my @files = @ARGV;
 
 my @from_path = split(/[\\\/]/, $from);
-my $pwd = `pwd`;
-chop($pwd);
+my $pwd = getcwd();
+chomp($pwd);
 my @pwd_path = split(/[\\\/]/, $pwd);
 
 my @to_path = ();
@@ -49,6 +51,7 @@ my $to = join('/', @to_path);
 
 my $file;
 $symlink_exists=eval {symlink("",""); 1};
+if ($^O eq "msys") { $symlink_exists=0 };
 foreach $file (@files) {
     my $err = "";
     if ($symlink_exists) {
diff --git a/util/mkrc.pl b/util/mkrc.pl
new file mode 100755
index 0000000000..0ceadcf8d1
--- /dev/null
+++ b/util/mkrc.pl
@@ -0,0 +1,71 @@
+#!/bin/env perl
+#
+open FD,"crypto/opensslv.h";
+while(<FD>) {
+    if (/OPENSSL_VERSION_NUMBER\s+(0x[0-9a-f]+)/i) {
+	$ver = hex($1);
+	$v1 = ($ver>>28);
+	$v2 = ($ver>>20)&0xff;
+	$v3 = ($ver>>12)&0xff;
+	$v4 = ($ver>> 4)&0xff;
+	$beta = $ver&0xf;
+	$version = "$v1.$v2.$v3";
+	if ($beta==0xf)	{ $version .= chr(ord('a')+$v4-1) if ($v4);	}
+	elsif ($beta==0){ $version .= "-dev";				}
+	else		{ $version .= "-beta$beta";			}
+	last;
+    }
+}
+close(FD);
+
+$filename = $ARGV[0]; $filename =~ /(.*)\.([^.]+)$/;
+$basename = $1;
+$extname  = $2;
+
+if ($extname =~ /dll/i)	{ $description = "OpenSSL shared library"; }
+else			{ $description = "OpenSSL application";    }
+
+print <<___;
+#include <winver.h>
+
+LANGUAGE 0x09,0x01
+
+1 VERSIONINFO
+  FILEVERSION $v1,$v2,$v3,$v4
+  PRODUCTVERSION $v1,$v2,$v3,$v4
+  FILEFLAGSMASK 0x3fL
+#ifdef _DEBUG
+  FILEFLAGS 0x01L
+#else
+  FILEFLAGS 0x00L
+#endif
+  FILEOS VOS__WINDOWS32
+  FILETYPE VFT_DLL
+  FILESUBTYPE 0x0L
+BEGIN
+    BLOCK "StringFileInfo"
+    BEGIN
+        BLOCK "040904b0"
+        BEGIN
+            // Required:
+            VALUE "CompanyName", "The OpenSSL Project, http://www.openssl.org/\\0"
+            VALUE "FileDescription", "$description\\0"
+            VALUE "FileVersion", "$version\\0"
+            VALUE "InternalName", "$basename\\0"
+            VALUE "OriginalFilename", "$filename\\0"
+            VALUE "ProductName", "The OpenSSL Toolkit\\0"
+            VALUE "ProductVersion", "$version\\0"
+            // Optional:
+            //VALUE "Comments", "\\0"
+            VALUE "LegalCopyright", "Copyright © 1998-2006 The OpenSSL Project. Copyright © 1995-1998 Eric A. Young, Tim J. Hudson. All rights reserved.\\0"
+            //VALUE "LegalTrademarks", "\\0"
+            //VALUE "PrivateBuild", "\\0"
+            //VALUE "SpecialBuild", "\\0"
+        END
+    END
+    BLOCK "VarFileInfo"
+    BEGIN
+        VALUE "Translation", 0x409, 0x4b0
+    END
+END
+___
diff --git a/util/mkstack.pl b/util/mkstack.pl
index 2a968f395f..6a43757c95 100755
--- a/util/mkstack.pl
+++ b/util/mkstack.pl
@@ -21,7 +21,7 @@ while (@ARGV) {
 }
 
 
-@source = (<crypto/*.[ch]>, <crypto/*/*.[ch]>, <ssl/*.[ch]>);
+@source = (<crypto/*.[ch]>, <crypto/*/*.[ch]>, <ssl/*.[ch]>, <apps/*.[ch]>);
 foreach $file (@source) {
 	next if -l $file;
 
@@ -31,11 +31,19 @@ foreach $file (@source) {
 	while(<IN>) {
 		if (/^DECLARE_STACK_OF\(([^)]+)\)/) {
 			push @stacklst, $1;
-		} if (/^DECLARE_ASN1_SET_OF\(([^)]+)\)/) {
+		}
+	        if (/^DECLARE_SPECIAL_STACK_OF\(([^,\s]+)\s*,\s*([^>\s]+)\)/) {
+		    	push @sstacklst, [$1, $2];
+		}
+		if (/^DECLARE_ASN1_SET_OF\(([^)]+)\)/) {
 			push @asn1setlst, $1;
-		} if (/^DECLARE_PKCS12_STACK_OF\(([^)]+)\)/) {
+		}
+		if (/^DECLARE_PKCS12_STACK_OF\(([^)]+)\)/) {
 			push @p12stklst, $1;
 		}
+		if (/^DECLARE_LHASH_OF\(([^)]+)\)/) {
+			push @lhashlst, $1;
+		}
 	}
 	close(IN);
 }
@@ -65,7 +73,7 @@ while(<IN>) {
 	foreach $type_thing (sort @stacklst) {
 		$new_stackfile .= <<EOF;
 
-#define sk_${type_thing}_new(st) SKM_sk_new($type_thing, (st))
+#define sk_${type_thing}_new(cmp) SKM_sk_new($type_thing, (cmp))
 #define sk_${type_thing}_new_null() SKM_sk_new_null($type_thing)
 #define sk_${type_thing}_free(st) SKM_sk_free($type_thing, (st))
 #define sk_${type_thing}_num(st) SKM_sk_num($type_thing, (st))
@@ -88,6 +96,39 @@ while(<IN>) {
 #define sk_${type_thing}_is_sorted(st) SKM_sk_is_sorted($type_thing, (st))
 EOF
 	}
+
+	foreach $type_thing (sort @sstacklst) {
+	    my $t1 = $type_thing->[0];
+	    my $t2 = $type_thing->[1];
+	    $new_stackfile .= <<EOF;
+
+#define sk_${t1}_new(cmp) ((STACK_OF($t1) *)sk_new(CHECKED_SK_CMP_FUNC($t2, cmp)))
+#define sk_${t1}_new_null() ((STACK_OF($t1) *)sk_new_null())
+#define sk_${t1}_push(st, val) sk_push(CHECKED_PTR_OF(STACK_OF($t1), st), CHECKED_PTR_OF($t2, val))
+#define sk_${t1}_find(st, val) sk_find(CHECKED_PTR_OF(STACK_OF($t1), st), CHECKED_PTR_OF($t2, val))
+#define sk_${t1}_value(st, i) (($t1)sk_value(CHECKED_PTR_OF(STACK_OF($t1), st), i))
+#define sk_${t1}_num(st) SKM_sk_num($t1, st)
+#define sk_${t1}_pop_free(st, free_func) sk_pop_free(CHECKED_PTR_OF(STACK_OF($t1), st), CHECKED_SK_FREE_FUNC2($t1, free_func))
+#define sk_${t1}_insert(st, val, i) sk_insert(CHECKED_PTR_OF(STACK_OF($t1), st), CHECKED_PTR_OF($t2, val), i)
+#define sk_${t1}_free(st) SKM_sk_free(${t1}, st)
+#define sk_${t1}_set(st, i, val) sk_set((_STACK *)CHECKED_PTR_OF(STACK_OF($t1), st), i, CHECKED_PTR_OF($t2, val))
+#define sk_${t1}_zero(st) SKM_sk_zero($t1, (st))
+#define sk_${t1}_unshift(st, val) sk_unshift((_STACK *)CHECKED_PTR_OF(STACK_OF($t1), st), CHECKED_PTR_OF($t2, val))
+#define sk_${t1}_find_ex(st, val) sk_find_ex((_STACK *)CHECKED_CONST_PTR_OF(STACK_OF($t1), st), CHECKED_CONST_PTR_OF($t2, val))
+#define sk_${t1}_delete(st, i) SKM_sk_delete($t1, (st), (i))
+#define sk_${t1}_delete_ptr(st, ptr) ($t1 *)sk_delete_ptr((_STACK *)CHECKED_PTR_OF(STACK_OF($t1), st), CHECKED_PTR_OF($t2, ptr))
+#define sk_${t1}_set_cmp_func(st, cmp)  \\
+	((int (*)(const $t2 * const *,const $t2 * const *)) \\
+	sk_set_cmp_func((_STACK *)CHECKED_PTR_OF(STACK_OF($t1), st), CHECKED_SK_CMP_FUNC($t2, cmp)))
+#define sk_${t1}_dup(st) SKM_sk_dup($t1, st)
+#define sk_${t1}_shift(st) SKM_sk_shift($t1, (st))
+#define sk_${t1}_pop(st) ($t2 *)sk_pop((_STACK *)CHECKED_PTR_OF(STACK_OF($t1), st))
+#define sk_${t1}_sort(st) SKM_sk_sort($t1, (st))
+#define sk_${t1}_is_sorted(st) SKM_sk_is_sorted($t1, (st))
+
+EOF
+	}
+
 	foreach $type_thing (sort @asn1setlst) {
 		$new_stackfile .= <<EOF;
 
@@ -108,6 +149,31 @@ EOF
 	SKM_PKCS12_decrypt_d2i($type_thing, (algor), (d2i_func), (free_func), (pass), (passlen), (oct), (seq))
 EOF
 	}
+
+	foreach $type_thing (sort @lhashlst) {
+		my $lc_tt = lc $type_thing;
+		$new_stackfile .= <<EOF;
+
+#define lh_${type_thing}_new() LHM_lh_new(${type_thing},${lc_tt})
+#define lh_${type_thing}_insert(lh,inst) LHM_lh_insert(${type_thing},lh,inst)
+#define lh_${type_thing}_retrieve(lh,inst) LHM_lh_retrieve(${type_thing},lh,inst)
+#define lh_${type_thing}_delete(lh,inst) LHM_lh_delete(${type_thing},lh,inst)
+#define lh_${type_thing}_doall(lh,fn) LHM_lh_doall(${type_thing},lh,fn)
+#define lh_${type_thing}_doall_arg(lh,fn,arg_type,arg) \\
+  LHM_lh_doall_arg(${type_thing},lh,fn,arg_type,arg)
+#define lh_${type_thing}_error(lh) LHM_lh_error(${type_thing},lh)
+#define lh_${type_thing}_num_items(lh) LHM_lh_num_items(${type_thing},lh)
+#define lh_${type_thing}_down_load(lh) LHM_lh_down_load(${type_thing},lh)
+#define lh_${type_thing}_node_stats_bio(lh,out) \\
+  LHM_lh_node_stats_bio(${type_thing},lh,out)
+#define lh_${type_thing}_node_usage_stats_bio(lh,out) \\
+  LHM_lh_node_usage_stats_bio(${type_thing},lh,out)
+#define lh_${type_thing}_stats_bio(lh,out) \\
+  LHM_lh_stats_bio(${type_thing},lh,out)
+#define lh_${type_thing}_free(lh) LHM_lh_free(${type_thing},lh)
+EOF
+	}
+
 	$new_stackfile .= "/* End of util/mkstack.pl block, you may now edit :-) */\n";
 	$inside_block = 2;
 }
diff --git a/util/opensslwrap.sh b/util/opensslwrap.sh
index 91d29e2b87..b27cbb897f 100755
--- a/util/opensslwrap.sh
+++ b/util/opensslwrap.sh
@@ -3,6 +3,10 @@
 HERE="`echo $0 | sed -e 's|[^/]*$||'`"
 OPENSSL="${HERE}../apps/openssl"
 
+if [ -d "${HERE}../engines" -a "x$OPENSSL_ENGINES" = "x" ]; then
+	OPENSSL_ENGINES="${HERE}../engines"; export OPENSSL_ENGINES
+fi
+
 if [ -x "${OPENSSL}.exe" ]; then
 	# The original reason for this script existence is to work around
 	# certain caveats in run-time linker behaviour. On Windows platforms
diff --git a/util/pl/BC-16.pl b/util/pl/BC-16.pl
deleted file mode 100644
index 2033f524ca..0000000000
--- a/util/pl/BC-16.pl
+++ /dev/null
@@ -1,146 +0,0 @@
-#!/usr/local/bin/perl
-# VCw16lib.pl - the file for Visual C++ 1.52b for windows, static libraries
-#
-
-$o='\\';
-$cp='copy';
-$rm='del';
-
-# C compiler stuff
-$cc='bcc';
-
-if ($debug)
-	{ $op="-v "; }
-else	{ $op="-O "; }
-
-$cflags="-d -ml $op -DL_ENDIAN";
-# I add the stack opt
-$base_lflags="/c /C";
-$lflags="$base_lflags";
-
-if ($win16)
-	{
-	$shlib=1;
-	$cflags.=" -DOPENSSL_SYSNAME_WIN16";
-	$app_cflag="-W";
-	$lib_cflag="-WD";
-	$lflags.="/Twe";
-	}
-else
-	{
-	$cflags.=" -DOENSSL_SYSNAME_MSDOS";
-	$lflags.=" /Tde";
-	}
-
-if ($shlib)
-	{
-	$mlflags=" /Twd $base_lflags"; # stack if defined in .def file
-	$libs="libw ldllcew";
-	$no_asm=1;
-	}
-else
-	{ $mlflags=''; }
-
-$obj='.obj';
-$ofile="-o";
-
-# EXE linking stuff
-$link="tlink";
-$efile="";
-$exep='.exe';
-$ex_libs="CL";
-$ex_libs.=$no_sock?"":" winsock.lib";
-
-$app_ex_obj="C0L.obj ";
-$shlib_ex_obj="" if ($shlib);
-
-# static library stuff
-$mklib='tlib';
-$ranlib='echo no ranlib';
-$plib="";
-$libp=".lib";
-$shlibp=($shlib)?".dll":".lib";
-$lfile='';
-
-$asm='bcc -c -B -Tml';
-$afile='/o';
-if ($no_asm)
-	{
-	$bn_asm_obj='';
-	$bn_asm_src='';
-	}
-elsif ($asmbits == 32)
-	{
-	$bn_asm_obj='crypto\bn\asm\x86w32.obj';
-	$bn_asm_src='crypto\bn\asm\x86w32.asm';
-	}
-else
-	{
-	$bn_asm_obj='crypto\bn\asm\x86w16.obj';
-	$bn_asm_src='crypto\bn\asm\x86w16.asm';
-	}
-
-sub do_lib_rule
-	{
-	local($target,$name,$shlib)=@_;
-	local($ret,$Name);
-
-	$taget =~ s/\//$o/g if $o ne '/';
-	($Name=$name) =~ tr/a-z/A-Z/;
-
-	$ret.="$target: \$(${Name}OBJ)\n";
-	$ret.="\t\$(RM) \$(O_$Name)\n";
-
-	# Due to a pathetic line length limit, I unwrap the args.
-	local($lib_names)="";
-	local($dll_names)="";
-	foreach $_ (sort split(/\s+/,$Vars{"${Name}OBJ"}))
-		{
-		$lib_names.="  +$_ &\n";
-		$dll_names.="  $_\n";
-		}
-
-	if (!$shlib)
-		{
-		$ret.="\t\$(MKLIB) $target & <<|\n$lib_names\n,\n|\n";
-		}
-	else
-		{
-		local($ex)=($Name eq "SSL")?' $(L_CRYPTO) winsock':"";
-		$ret.="\t\$(LINK) \$(MLFLAGS) @&&|\n";
-		$ret.=$dll_names;
-		$ret.="\n  $target\n\n  $ex $libs\nms$o${name}16.def;\n|\n";
-		($out_lib=$target) =~ s/O_/L_/;
-		$ret.="\timplib /nowep $out_lib $target\n\n";
-		}
-	$ret.="\n";
-	return($ret);
-	}
-
-sub do_link_rule
-	{
-	local($target,$files,$dep_libs,$libs)=@_;
-	local($ret,$f,$_,@f);
-	
-	$file =~ s/\//$o/g if $o ne '/';
-	$n=&bname($targer);
-	$ret.="$target: $files $dep_libs\n";
-	$ret.="  \$(LINK) @&&|";
-	
-	# Due to a pathetic line length limit, I have to unwrap the args.
-	$ret.=" \$(LFLAGS) ";
-	if ($files =~ /\(([^)]*)\)$/)
-		{
-		$ret.=" \$(APP_EX_OBJ)";
-		foreach $_ (sort split(/\s+/,$Vars{$1}))
-			{ $ret.="\n  $r $_ +"; }
-		chop($ret);
-		$ret.="\n";
-		}
-	else
-		{ $ret.="\n $r \$(APP_EX_OBJ) $files\n"; }
-	$ret.="  $target\n\n  $libs\n\n|\n\n";
-	return($ret);
-	}
-
-1;
diff --git a/util/pl/BC-32.pl b/util/pl/BC-32.pl
index e83b336190..1f1e13fb40 100644
--- a/util/pl/BC-32.pl
+++ b/util/pl/BC-32.pl
@@ -18,7 +18,7 @@ $out_def="out32";
 $tmp_def="tmp32";
 $inc_def="inc32";
 #enable max error messages, disable most common warnings
-$cflags="-DWIN32_LEAN_AND_MEAN -q -w-aus -w-par -w-inl  -c -tWC -tWM -DOPENSSL_SYSNAME_WIN32 -DL_ENDIAN -DDSO_WIN32 -D_stricmp=stricmp ";
+$cflags="-DWIN32_LEAN_AND_MEAN -q -w-ccc -w-rch -w-pia -w-aus -w-par -w-inl  -c -tWC -tWM -DOPENSSL_SYSNAME_WIN32 -DL_ENDIAN -DDSO_WIN32 -D_stricmp=stricmp -D_strnicmp=strnicmp ";
 if ($debug)
 {
     $cflags.="-Od -y -v -vi- -D_DEBUG";
@@ -51,7 +51,7 @@ $lfile='';
 $shlib_ex_obj="";
 $app_ex_obj="c0x32.obj"; 
 
-$asm='nasmw -f obj';
+$asm='nasmw -f obj -d__omf__';
 $asm.=" /Zi" if $debug;
 $afile='-o';
 
@@ -106,14 +106,18 @@ sub do_lib_rule
 	$ret.="$target: $objs\n";
 	if (!$shlib)
 		{
-		#		$ret.="\t\$(RM) \$(O_$Name)\n";
-		$ret.="\techo LIB $<\n";    
-                $ret.="\t&\$(MKLIB) $lfile$target -+\$**\n";
+		$ret.=<<___;
+	-\$(RM) $lfile$target
+	\$(MKLIB) $lfile$target \@&&!
++\$(**: = &^
++)
+!
+___
 		}
 	else
 		{
 		local($ex)=($target =~ /O_SSL/)?' $(L_CRYPTO)':'';
-		$ex.=' wsock32.lib gdi32.lib';
+		$ex.=' ws2_32.lib gdi32.lib';
 		$ret.="\t\$(LINK) \$(MLFLAGS) $efile$target /def:ms/${Name}.def @<<\n  \$(SHLIB_EX_OBJ) $objs $ex\n<<\n";
 		}
 	$ret.="\n";
diff --git a/util/pl/Mingw32.pl b/util/pl/Mingw32.pl
index b76b7afd27..fe3fb27a78 100644
--- a/util/pl/Mingw32.pl
+++ b/util/pl/Mingw32.pl
@@ -55,7 +55,7 @@ $link='${CC}';
 $lflags='${CFLAGS}';
 $efile='-o ';
 $exep='';
-$ex_libs="-lwsock32 -lgdi32";
+$ex_libs="-lws2_32 -lgdi32";
 
 # static library stuff
 $mklib='ar r';
diff --git a/util/pl/OS2-EMX.pl b/util/pl/OS2-EMX.pl
index ddb3524210..28cd116907 100644
--- a/util/pl/OS2-EMX.pl
+++ b/util/pl/OS2-EMX.pl
@@ -68,6 +68,7 @@ if (!$no_asm)
 	$sha1_asm_src="crypto/sha/asm/s1-os2.asm";
 	$rmd160_asm_obj="crypto/ripemd/asm/rm-os2$obj";
 	$rmd160_asm_src="crypto/ripemd/asm/rm-os2.asm";
+	$cflags.=" -DBN_ASM -DMD5_ASM -DSHA1_ASM -DOPENSSL_BN_ASM_PART_WORDS";
 	}
 
 if ($shlib)
diff --git a/util/pl/VC-16.pl b/util/pl/VC-16.pl
deleted file mode 100644
index ab97c4c9b8..0000000000
--- a/util/pl/VC-16.pl
+++ /dev/null
@@ -1,172 +0,0 @@
-#!/usr/local/bin/perl
-# VCw16lib.pl - the file for Visual C++ 1.52b for windows, static libraries
-#
-
-$ssl=	"ssleay16";
-$crypto="libeay16";
-
-$o='\\';
-$cp='copy';
-$rm='del';
-
-# C compiler stuff
-$cc='cl';
-
-$out_def="out16";
-$tmp_def="tmp16";
-$inc_def="inc16";
-
-if ($debug)
-	{
-	$op="/Od /Zi /Zd";
-	$base_lflags="/CO";
-	}
-else	{
-	$op="/G2 /f- /Ocgnotb2";
-	}
-$base_lflags.=" /FARCALL /NOLOGO /NOD /SEG:1024 /ONERROR:NOEXE /NOE /PACKC:60000";
-if ($win16) { $base_lflags.=" /PACKD:60000"; }
-
-$cflags="/ALw /Gx- /Gt256 /Gf $op /W3 /WX -DL_ENDIAN /nologo";
-# I add the stack opt
-$lflags="$base_lflags /STACK:20000";
-
-if ($win16)
-	{
-	$cflags.=" -DOPENSSL_SYSNAME_WIN16";
-	$app_cflag="/Gw /FPi87";
-	$lib_cflag="/Gw";
-	$lib_cflag.=" -D_WINDLL -D_DLL" if $shlib;
-	$lib_cflag.=" -DWIN16TTY" if !$shlib;
-	$lflags.=" /ALIGN:256";
-	$ex_libs.="oldnames llibcewq libw";
-	}
-else
-	{
-	$no_sock=1;
-	$cflags.=" -DOPENSSL_SYSNAME_MSDOS";
-	$lflags.=" /EXEPACK";
-	$ex_libs.="oldnames.lib llibce.lib";
-	}
-
-if ($shlib)
-	{
-	$mlflags="$base_lflags";
-	$libs="oldnames ldllcew libw";
-	$shlib_ex_obj="";
-#	$no_asm=1;
-	$out_def="out16dll";
-	$tmp_def="tmp16dll";
-	}
-else
-	{ $mlflags=''; }
-
-$app_ex_obj="setargv.obj";
-
-$obj='.obj';
-$ofile="/Fo";
-
-# EXE linking stuff
-$link="link";
-$efile="";
-$exep='.exe';
-$ex_libs.=$no_sock?"":" winsock";
-
-# static library stuff
-$mklib='lib /PAGESIZE:1024';
-$ranlib='';
-$plib="";
-$libp=".lib";
-$shlibp=($shlib)?".dll":".lib";
-$lfile='';
-
-$asm='ml /Cp /c /Cx';
-$afile='/Fo';
-
-$bn_asm_obj='';
-$bn_asm_src='';
-$des_enc_obj='';
-$des_enc_src='';
-$bf_enc_obj='';
-$bf_enc_src='';
-
-if (!$no_asm)
-	{
-	if ($asmbits == 32)
-		{
-		$bn_asm_obj='crypto\bn\asm\x86w32.obj';
-		$bn_asm_src='crypto\bn\asm\x86w32.asm';
-		}
-	else
-		{
-		$bn_asm_obj='crypto\bn\asm\x86w16.obj';
-		$bn_asm_src='crypto\bn\asm\x86w16.asm';
-		}
-	}
-
-sub do_lib_rule
-	{
-	local($objs,$target,$name,$shlib)=@_;
-	local($ret,$Name);
-
-	$taget =~ s/\//$o/g if $o ne '/';
-	($Name=$name) =~ tr/a-z/A-Z/;
-
-#	$target="\$(LIB_D)$o$target";
-	$ret.="$target: $objs\n";
-#	$ret.="\t\$(RM) \$(O_$Name)\n";
-
-	# Due to a pathetic line length limit, I unwrap the args.
-	local($lib_names)="";
-	local($dll_names)="  \$(SHLIB_EX_OBJ) +\n";
-	($obj)= ($objs =~ /\((.*)\)/);
-	foreach $_ (sort split(/\s+/,$Vars{$obj}))
-		{
-		$lib_names.="+$_ &\n";
-		$dll_names.="  $_ +\n";
-		}
-
-	if (!$shlib)
-		{
-		$ret.="\tdel $target\n";
-		$ret.="\t\$(MKLIB) @<<\n$target\ny\n$lib_names\n\n<<\n";
-		}
-	else
-		{
-		local($ex)=($target =~ /O_SSL/)?'$(L_CRYPTO)':"";
-		$ex.=' winsock';
-		$ret.="\t\$(LINK) \$(MLFLAGS) @<<\n";
-		$ret.=$dll_names;
-		$ret.="\n  $target\n\n  $ex $libs\nms$o${name}.def;\n<<\n";
-		($out_lib=$target) =~ s/O_/L_/;
-		$ret.="\timplib /noignorecase /nowep $out_lib $target\n";
-		}
-	$ret.="\n";
-	return($ret);
-	}
-
-sub do_link_rule
-	{
-	local($target,$files,$dep_libs,$libs)=@_;
-	local($ret,$f,$_,@f);
-	
-	$file =~ s/\//$o/g if $o ne '/';
-	$n=&bname($targer);
-	$ret.="$target: $files $dep_libs\n";
-	$ret.="  \$(LINK) \$(LFLAGS) @<<\n";
-	
-	# Due to a pathetic line length limit, I have to unwrap the args.
-	if ($files =~ /\(([^)]*)\)$/)
-		{
-		@a=('$(APP_EX_OBJ)');
-		push(@a,sort split(/\s+/,$Vars{$1}));
-		for $_ (@a)
-			{ $ret.="  $_ +\n"; }
-		}
-	else
-		{ $ret.="  \$(APP_EX_OBJ) $files"; }
-	$ret.="\n  $target\n\n  $libs\n\n<<\n\n";
-	return($ret);
-	}
-
-1;
diff --git a/util/pl/VC-32.pl b/util/pl/VC-32.pl
index 17d7448faf..45013475da 100644
--- a/util/pl/VC-32.pl
+++ b/util/pl/VC-32.pl
@@ -1,33 +1,144 @@
 #!/usr/local/bin/perl
-# VCw32lib.pl - the file for Visual C++ 4.[01] for windows NT, static libraries
+# VC-32.pl - unified script for Microsoft Visual C++, covering Win32,
+# Win64 and WinCE [follow $FLAVOR variable to trace the differences].
 #
 
 $ssl=	"ssleay32";
 $crypto="libeay32";
 
 $o='\\';
-$cp='copy nul+';	# Timestamps get stuffed otherwise
-$rm='del';
+$cp='$(PERL) util/copy.pl';
+$mkdir='$(PERL) util/mkdir-p.pl';
+$rm='del /Q';
+
+$zlib_lib="zlib1.lib";
+
+# Santize -L options for ms link
+$l_flags =~ s/-L("\[^"]+")/\/libpath:$1/g;
+$l_flags =~ s/-L(\S+)/\/libpath:$1/g;
 
 # C compiler stuff
 $cc='cl';
-$cflags=' /MD /W3 /WX /G5 /Ox /O2 /Ob2 /Gs0 /GF /Gy /nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DDSO_WIN32';
-$lflags="/nologo /subsystem:console /machine:I386 /opt:ref";
+if ($FLAVOR =~ /WIN64/)
+    {
+    # Note that we currently don't have /WX on Win64! There is a lot of
+    # warnings, but only of two types:
+    #
+    # C4344: conversion from '__int64' to 'int/long', possible loss of data
+    # C4267: conversion from 'size_t' to 'int/long', possible loss of data
+    #
+    # Amount of latter type is minimized by aliasing strlen to function of
+    # own desing and limiting its return value to 2GB-1 (see e_os.h). As
+    # per 0.9.8 release remaining warnings were explicitly examined and
+    # considered safe to ignore.
+    # 
+    $base_cflags= " $mf_cflag";
+    my $f = $shlib?' /MD':' /MT';
+    $lib_cflag='/Zl' if (!$shlib);	# remove /DEFAULTLIBs from static lib
+    $opt_cflags=$f.' /Ox';
+    $dbg_cflags=$f.'d /Od -DDEBUG -D_DEBUG';
+    $lflags="/nologo /subsystem:console /opt:ref";
+
+    *::perlasm_compile_target = sub {
+	my ($target,$source,$bname)=@_;
+	my $ret;
+
+	$bname =~ s/(.*)\.[^\.]$/$1/;
+	$ret=<<___;
+\$(TMP_D)$o$bname.asm: $source
+	set ASM=\$(ASM)
+	\$(PERL) $source \$\@
+
+$target: \$(TMP_D)$o$bname.asm
+	\$(ASM) $afile\$\@ \$(TMP_D)$o$bname.asm
+
+___
+	}
+    }
+elsif ($FLAVOR =~ /CE/)
+    {
+    # sanity check
+    die '%OSVERSION% is not defined'	if (!defined($ENV{'OSVERSION'}));
+    die '%PLATFORM% is not defined'	if (!defined($ENV{'PLATFORM'}));
+    die '%TARGETCPU% is not defined'	if (!defined($ENV{'TARGETCPU'}));
+
+    #
+    # Idea behind this is to mimic flags set by eVC++ IDE...
+    #
+    $wcevers = $ENV{'OSVERSION'};			# WCENNN
+    die '%OSVERSION% value is insane'	if ($wcevers !~ /^WCE([1-9])([0-9]{2})$/);
+    $wcecdefs = "-D_WIN32_WCE=$1$2 -DUNDER_CE=$1$2";	# -D_WIN32_WCE=NNN
+    $wcelflag = "/subsystem:windowsce,$1.$2";		# ...,N.NN
+
+    $wceplatf =  $ENV{'PLATFORM'};
+    $wceplatf =~ tr/a-z0-9 /A-Z0-9_/d;
+    $wcecdefs .= " -DWCE_PLATFORM_$wceplatf";
+
+    $wcetgt = $ENV{'TARGETCPU'};	# just shorter name...
+    SWITCH: for($wcetgt) {
+	/^X86/		&& do {	$wcecdefs.=" -Dx86 -D_X86_ -D_i386_ -Di_386_";
+				$wcelflag.=" /machine:IX86";	last; };
+	/^ARMV4[IT]/	&& do { $wcecdefs.=" -DARM -D_ARM_ -D$wcetgt";
+				$wcecdefs.=" -DTHUMB -D_THUMB_" if($wcetgt=~/T$/);
+				$wcecdefs.=" -QRarch4T -QRinterwork-return";
+				$wcelflag.=" /machine:THUMB";	last; };
+	/^ARM/		&& do {	$wcecdefs.=" -DARM -D_ARM_ -D$wcetgt";
+				$wcelflag.=" /machine:ARM";	last; };
+	/^MIPSIV/	&& do {	$wcecdefs.=" -DMIPS -D_MIPS_ -DR4000 -D$wcetgt";
+				$wcecdefs.=" -D_MIPS64 -QMmips4 -QMn32";
+				$wcelflag.=" /machine:MIPSFPU";	last; };
+	/^MIPS16/	&& do {	$wcecdefs.=" -DMIPS -D_MIPS_ -DR4000 -D$wcetgt";
+				$wcecdefs.=" -DMIPSII -QMmips16";
+				$wcelflag.=" /machine:MIPS16";	last; };
+	/^MIPSII/	&& do {	$wcecdefs.=" -DMIPS -D_MIPS_ -DR4000 -D$wcetgt";
+				$wcecdefs.=" -QMmips2";
+				$wcelflag.=" /machine:MIPS";	last; };
+	/^R4[0-9]{3}/	&& do {	$wcecdefs.=" -DMIPS -D_MIPS_ -DR4000";
+				$wcelflag.=" /machine:MIPS";	last; };
+	/^SH[0-9]/	&& do {	$wcecdefs.=" -D$wcetgt -D_$wcetgt_ -DSHx";
+				$wcecdefs.=" -Qsh4" if ($wcetgt =~ /^SH4/);
+				$wcelflag.=" /machine:$wcetgt";	last; };
+	{ $wcecdefs.=" -D$wcetgt -D_$wcetgt_";
+	  $wcelflag.=" /machine:$wcetgt";			last; };
+    }
+
+    $cc='$(CC)';
+    $base_cflags=' /W3 /WX /GF /Gy /nologo -DUNICODE -D_UNICODE -DOPENSSL_SYSNAME_WINCE -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DDSO_WIN32 -DNO_CHMOD -DOPENSSL_SMALL_FOOTPRINT';
+    $base_cflags.=" $wcecdefs";
+    $base_cflags.=' -I$(WCECOMPAT)/include'		if (defined($ENV{'WCECOMPAT'}));
+    $base_cflags.=' -I$(PORTSDK_LIBPATH)/../../include'	if (defined($ENV{'PORTSDK_LIBPATH'}));
+    $opt_cflags=' /MC /O1i';	# optimize for space, but with intrinsics...
+    $dbg_clfags=' /MC /Od -DDEBUG -D_DEBUG';
+    $lflags="/nologo /opt:ref $wcelflag";
+    }
+else	# Win32
+    {
+    $base_cflags= " $mf_cflag";
+    my $f = $shlib?' /MD':' /MT';
+    $lib_cflag='/Zl' if (!$shlib);	# remove /DEFAULTLIBs from static lib
+    $opt_cflags=$f.' /Ox /O2 /Ob2';
+    $dbg_cflags=$f.'d /Od -DDEBUG -D_DEBUG';
+    $lflags="/nologo /subsystem:console /opt:ref";
+    }
 $mlflags='';
 
-$out_def="out32";
-$tmp_def="tmp32";
+$out_def="out32"; $out_def.='_$(TARGETCPU)' if ($FLAVOR =~ /CE/);
+$tmp_def="tmp32"; $tmp_def.='_$(TARGETCPU)' if ($FLAVOR =~ /CE/);
 $inc_def="inc32";
 
 if ($debug)
 	{
-	$cflags=" /MDd /W3 /WX /Zi /Yd /Od /nologo -DOPENSSL_SYSNAME_WIN32 -D_DEBUG -DL_ENDIAN -DWIN32_LEAN_AND_MEAN -DDEBUG -DDSO_WIN32";
+	$cflags=$dbg_cflags.$base_cflags;
 	$lflags.=" /debug";
 	$mlflags.=' /debug';
 	}
-$cflags .= " -DOPENSSL_SYSNAME_WINNT" if $NT == 1;
+else
+	{
+	$cflags=$opt_cflags.$base_cflags;
+	}
 
 $obj='.obj';
+$asm_suffix='.asm';
 $ofile="/Fo";
 
 # EXE linking stuff
@@ -35,12 +146,27 @@ $link="link";
 $rsc="rc";
 $efile="/out:";
 $exep='.exe';
-if ($no_sock)
-	{ $ex_libs=""; }
-else	{ $ex_libs="wsock32.lib user32.lib gdi32.lib"; }
+if ($no_sock)		{ $ex_libs=''; }
+elsif ($FLAVOR =~ /CE/)	{ $ex_libs='winsock.lib'; }
+else			{ $ex_libs='ws2_32.lib'; }
+
+if ($FLAVOR =~ /CE/)
+	{
+	$ex_libs.=' $(WCECOMPAT)/lib/wcecompatex.lib'	if (defined($ENV{'WCECOMPAT'}));
+	$ex_libs.=' $(PORTSDK_LIBPATH)/portlib.lib'	if (defined($ENV{'PORTSDK_LIBPATH'}));
+	$ex_libs.=' /nodefaultlib:oldnames.lib coredll.lib corelibc.lib' if ($ENV{'TARGETCPU'} eq "X86");
+	}
+else
+	{
+	$ex_libs.=' gdi32.lib advapi32.lib crypt32.lib user32.lib';
+	$ex_libs.=' bufferoverflowu.lib' if ($FLAVOR =~ /WIN64/ and `cl 2>&1` =~ /14\.00\.4[0-9]{4}\./);
+	# WIN32 UNICODE build gets linked with unicows.lib for
+	# backward compatibility with Win9x.
+	$ex_libs="unicows.lib $ex_libs" if ($FLAVOR =~ /WIN32/ and $cflags =~ /\-DUNICODE/);
+	}
 
 # static library stuff
-$mklib='lib';
+$mklib='lib /nologo';
 $ranlib='';
 $plib="";
 $libp=".lib";
@@ -48,14 +174,33 @@ $shlibp=($shlib)?".dll":".lib";
 $lfile='/out:';
 
 $shlib_ex_obj="";
-$app_ex_obj="setargv.obj";
-if ($nasm) {
-	$asm='nasmw -f win32';
+$app_ex_obj="setargv.obj" if ($FLAVOR !~ /CE/);
+if ($FLAVOR =~ /WIN64A/) {
+	if (`nasm -v` =~ /NASM version ([0-9]+\.[0-9]+)/ && $1 >= 2.0) {
+		$asm='nasm -f win64 -DNEAR -Ox';
+		$asm.=' -g' if $debug;
+		$afile='-o ';
+	} else {
+		$asm='ml64 /c /Cp /Cx';
+		$asm.=" /Zi" if $debug;
+		$afile='/Fo';
+	}
+} elsif ($FLAVOR =~ /WIN64I/) {
+	$asm='ias';
+	$asm.=" -d debug" if $debug;
+	$afile="-o ";
+} elsif ($nasm) {
+	my $ver=`nasm -v 2>NUL`;
+	my $vew=`nasmw -v 2>NUL`;
+	# pick newest version
+	$asm=($ver gt $vew?"nasm":"nasmw")." -f win32";
+	$asmtype="win32n";
 	$afile='-o ';
 } else {
-	$asm='ml /Cp /coff /c /Cx';
+	$asm='ml /nologo /Cp /coff /c /Cx';
 	$asm.=" /Zi" if $debug;
 	$afile='/Fo';
+	$asmtype="win32";
 }
 
 $bn_asm_obj='';
@@ -67,34 +212,59 @@ $bf_enc_src='';
 
 if (!$no_asm)
 	{
-	$bn_asm_obj='crypto\bn\asm\bn_win32.obj';
-	$bn_asm_src='crypto\bn\asm\bn_win32.asm';
-	$des_enc_obj='crypto\des\asm\d_win32.obj crypto\des\asm\y_win32.obj';
-	$des_enc_src='crypto\des\asm\d_win32.asm crypto\des\asm\y_win32.asm';
-	$bf_enc_obj='crypto\bf\asm\b_win32.obj';
-	$bf_enc_src='crypto\bf\asm\b_win32.asm';
-	$cast_enc_obj='crypto\cast\asm\c_win32.obj';
-	$cast_enc_src='crypto\cast\asm\c_win32.asm';
-	$rc4_enc_obj='crypto\rc4\asm\r4_win32.obj';
-	$rc4_enc_src='crypto\rc4\asm\r4_win32.asm';
-	$rc5_enc_obj='crypto\rc5\asm\r5_win32.obj';
-	$rc5_enc_src='crypto\rc5\asm\r5_win32.asm';
-	$md5_asm_obj='crypto\md5\asm\m5_win32.obj';
-	$md5_asm_src='crypto\md5\asm\m5_win32.asm';
-	$sha1_asm_obj='crypto\sha\asm\s1_win32.obj';
-	$sha1_asm_src='crypto\sha\asm\s1_win32.asm';
-	$rmd160_asm_obj='crypto\ripemd\asm\rm_win32.obj';
-	$rmd160_asm_src='crypto\ripemd\asm\rm_win32.asm';
-	$cflags.=" -DBN_ASM -DMD5_ASM -DSHA1_ASM -DRMD160_ASM";
+	win32_import_asm($mf_bn_asm, "bn", \$bn_asm_obj, \$bn_asm_src);
+	win32_import_asm($mf_aes_asm, "aes", \$aes_asm_obj, \$aes_asm_src);
+	win32_import_asm($mf_des_asm, "des", \$des_enc_obj, \$des_enc_src);
+	win32_import_asm($mf_bf_asm, "bf", \$bf_enc_obj, \$bf_enc_src);
+	win32_import_asm($mf_cast_asm, "cast", \$cast_enc_obj, \$cast_enc_src);
+	win32_import_asm($mf_rc4_asm, "rc4", \$rc4_enc_obj, \$rc4_enc_src);
+	win32_import_asm($mf_rc5_asm, "rc5", \$rc5_enc_obj, \$rc5_enc_src);
+	win32_import_asm($mf_md5_asm, "md5", \$md5_asm_obj, \$md5_asm_src);
+	win32_import_asm($mf_sha_asm, "sha", \$sha1_asm_obj, \$sha1_asm_src);
+	win32_import_asm($mf_rmd_asm, "ripemd", \$rmd160_asm_obj, \$rmd160_asm_src);
+	win32_import_asm($mf_wp_asm, "whrlpool", \$whirlpool_asm_obj, \$whirlpool_asm_src);
+	win32_import_asm($mf_cpuid_asm, "", \$cpuid_asm_obj, \$cpuid_asm_src);
+	$perl_asm = 1;
 	}
 
-if ($shlib)
+if ($shlib && $FLAVOR !~ /CE/)
 	{
 	$mlflags.=" $lflags /dll";
-#	$cflags =~ s| /MD| /MT|;
 	$lib_cflag=" -D_WINDLL";
 	$out_def="out32dll";
 	$tmp_def="tmp32dll";
+	#
+	# Engage Applink...
+	#
+	$app_ex_obj.=" \$(OBJ_D)\\applink.obj /implib:\$(TMP_D)\\junk.lib";
+	$cflags.=" -DOPENSSL_USE_APPLINK -I.";
+	# I'm open for better suggestions than overriding $banner...
+	$banner=<<'___';
+	@echo Building OpenSSL
+
+$(OBJ_D)\applink.obj:	ms\applink.c
+	$(CC) /Fo$(OBJ_D)\applink.obj $(APP_CFLAGS) -c ms\applink.c
+$(OBJ_D)\uplink.obj:	ms\uplink.c ms\applink.c
+	$(CC) /Fo$(OBJ_D)\uplink.obj $(SHLIB_CFLAGS) -c ms\uplink.c
+$(INCO_D)\applink.c:	ms\applink.c
+	$(CP) ms\applink.c $(INCO_D)\applink.c
+
+EXHEADER= $(EXHEADER) $(INCO_D)\applink.c
+
+LIBS_DEP=$(LIBS_DEP) $(OBJ_D)\applink.obj
+CRYPTOOBJ=$(OBJ_D)\uplink.obj $(CRYPTOOBJ)
+___
+	$banner.=<<'___' if ($FLAVOR =~ /WIN64/);
+CRYPTOOBJ=ms\uptable.obj $(CRYPTOOBJ)
+___
+	}
+elsif ($shlib && $FLAVOR =~ /CE/)
+	{
+	$mlflags.=" $lflags /dll";
+	$lflags.=' /entry:mainCRTstartup' if(defined($ENV{'PORTSDK_LIBPATH'}));
+	$lib_cflag=" -D_WINDLL -D_DLL";
+	$out_def='out32dll_$(TARGETCPU)';
+	$tmp_def='tmp32dll_$(TARGETCPU)';
 	}
 
 $cflags.=" /Fd$out_def";
@@ -102,24 +272,28 @@ $cflags.=" /Fd$out_def";
 sub do_lib_rule
 	{
 	local($objs,$target,$name,$shlib)=@_;
-	local($ret,$Name);
+	local($ret);
 
 	$taget =~ s/\//$o/g if $o ne '/';
-	($Name=$name) =~ tr/a-z/A-Z/;
+	if ($name ne "")
+		{
+		$name =~ tr/a-z/A-Z/;
+		$name = "/def:ms/${name}.def";
+		}
 
 #	$target="\$(LIB_D)$o$target";
 	$ret.="$target: $objs\n";
 	if (!$shlib)
 		{
 #		$ret.="\t\$(RM) \$(O_$Name)\n";
-		$ex =' advapi32.lib';
-		$ret.="\t\$(MKLIB) $lfile$target @<<\n  $objs $ex\n<<\n";
+		$ret.="\t\$(MKLIB) $lfile$target @<<\n  $objs\n<<\n";
 		}
 	else
 		{
-		local($ex)=($target =~ /O_SSL/)?' $(L_CRYPTO)':'';
-		$ex.=' wsock32.lib gdi32.lib advapi32.lib';
-		$ret.="\t\$(LINK) \$(MLFLAGS) $efile$target /def:ms/${Name}.def @<<\n  \$(SHLIB_EX_OBJ) $objs $ex\n<<\n";
+		local($ex)=($target =~ /O_CRYPTO/)?'':' $(L_CRYPTO)';
+		$ex.=" $zlib_lib" if $zlib_opt == 1 && $target =~ /O_CRYPTO/;
+		$ret.="\t\$(LINK) \$(MLFLAGS) $efile$target $name @<<\n  \$(SHLIB_EX_OBJ) $objs $ex \$(EX_LIBS)\n<<\n";
+		$ret.="\tIF EXIST \$@.manifest mt -nologo -manifest \$@.manifest -outputresource:\$@;2\n\n";
 		}
 	$ret.="\n";
 	return($ret);
@@ -133,9 +307,37 @@ sub do_link_rule
 	$file =~ s/\//$o/g if $o ne '/';
 	$n=&bname($targer);
 	$ret.="$target: $files $dep_libs\n";
-	$ret.="  \$(LINK) \$(LFLAGS) $efile$target @<<\n";
-	$ret.="  \$(APP_EX_OBJ) $files $libs\n<<\n\n";
+	$ret.="\t\$(LINK) \$(LFLAGS) $efile$target @<<\n";
+	$ret.="  \$(APP_EX_OBJ) $files $libs\n<<\n";
+	$ret.="\tIF EXIST \$@.manifest mt -nologo -manifest \$@.manifest -outputresource:\$@;1\n\n";
 	return($ret);
 	}
 
+sub win32_import_asm
+	{
+	my ($mf_var, $asm_name, $oref, $sref) = @_;
+	my $asm_dir;
+	if ($asm_name eq "")
+		{
+		$asm_dir = "crypto\\";
+		}
+	else
+		{
+		$asm_dir = "crypto\\$asm_name\\asm\\";
+		}
+
+	$$oref = "";
+	$mf_var =~ s/\.o$/.obj/g;
+
+	foreach (split(/ /, $mf_var))
+		{
+		$$oref .= $asm_dir . $_ . " ";
+		}
+	$$oref =~ s/ $//;
+	$$sref = $$oref;
+	$$sref =~ s/\.obj/.asm/g;
+
+	}
+
+
 1;
diff --git a/util/pl/VC-CE.pl b/util/pl/VC-CE.pl
deleted file mode 100644
index 547383720a..0000000000
--- a/util/pl/VC-CE.pl
+++ /dev/null
@@ -1,111 +0,0 @@
-#!/usr/local/bin/perl
-# VC-CE.pl - the file for eMbedded Visual C++ 3.0 for windows CE, static libraries
-#
-
-$ssl=	"ssleay32";
-$crypto="libeay32";
-$RSAref="RSAref32";
-
-$o='\\';
-$cp='copy nul+';	# Timestamps get stuffed otherwise
-$rm='del';
-
-# C compiler stuff
-$cc='$(CC)';
-$cflags=' /W3 /WX /Ox /O2 /Ob2 /Gs0 /GF /Gy /nologo $(WCETARGETDEFS) -DUNICODE -D_UNICODE -DOPENSSL_SYSNAME_WINCE -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DDSO_WIN32 -DNO_CHMOD -I$(WCECOMPAT)/include';
-$lflags='/nologo /subsystem:windowsce,$(WCELDVERSION) /machine:$(WCELDMACHINE) /opt:ref';
-$mlflags='';
-
-$out_def='out32_$(TARGETCPU)';
-$tmp_def='tmp32_$(TARGETCPU)';
-$inc_def="inc32";
-
-if ($debug)
-	{
-	$cflags=" /MDd /W3 /WX /Zi /Yd /Od /nologo -DUNICODE -D_UNICODE -DOPENSSL_SYSNAME_WINCE -D_DEBUG -DL_ENDIAN -DWIN32_LEAN_AND_MEAN -DDEBUG -DDSO_WIN32";
-	$lflags.=" /debug";
-	$mlflags.=' /debug';
-	}
-
-$obj='.obj';
-$ofile="/Fo";
-
-# EXE linking stuff
-$link="link";
-$efile="/out:";
-$exep='.exe';
-if ($no_sock)
-	{ $ex_libs=""; }
-else	{ $ex_libs='winsock.lib $(WCECOMPAT)/lib/wcecompatex.lib $(WCELDFLAGS)'; }
-
-# static library stuff
-$mklib='lib';
-$ranlib='';
-$plib="";
-$libp=".lib";
-$shlibp=($shlib)?".dll":".lib";
-$lfile='/out:';
-
-$shlib_ex_obj="";
-#$app_ex_obj="setargv.obj";
-$app_ex_obj="";
-
-$bn_asm_obj='';
-$bn_asm_src='';
-$des_enc_obj='';
-$des_enc_src='';
-$bf_enc_obj='';
-$bf_enc_src='';
-
-if ($shlib)
-	{
-	$mlflags.=" $lflags /dll";
-#	$cflags =~ s| /MD| /MT|;
-	$lib_cflag=" -D_WINDLL -D_DLL";
-	$out_def='out32dll_$(TARGETCPU)';
-	$tmp_def='tmp32dll_$(TARGETCPU)';
-	}
-
-$cflags.=" /Fd$out_def";
-
-sub do_lib_rule
-	{
-	local($objs,$target,$name,$shlib)=@_;
-	local($ret,$Name);
-
-	$taget =~ s/\//$o/g if $o ne '/';
-	($Name=$name) =~ tr/a-z/A-Z/;
-
-#	$target="\$(LIB_D)$o$target";
-	$ret.="$target: $objs\n";
-	if (!$shlib)
-		{
-#		$ret.="\t\$(RM) \$(O_$Name)\n";
-		$ex =' ';
-		$ret.="\t\$(MKLIB) $lfile$target @<<\n  $objs $ex\n<<\n";
-		}
-	else
-		{
-		local($ex)=($target =~ /O_SSL/)?' $(L_CRYPTO)':'';
-#		$ex.=' winsock.lib coredll.lib $(WCECOMPAT)/lib/wcecompatex.lib';
-		$ex.=' winsock.lib $(WCECOMPAT)/lib/wcecompatex.lib';
-		$ret.="\t\$(LINK) \$(MLFLAGS) $efile$target /def:ms/${Name}.def @<<\n  \$(SHLIB_EX_OBJ) $objs $ex\n<<\n";
-		}
-	$ret.="\n";
-	return($ret);
-	}
-
-sub do_link_rule
-	{
-	local($target,$files,$dep_libs,$libs)=@_;
-	local($ret,$_);
-	
-	$file =~ s/\//$o/g if $o ne '/';
-	$n=&bname($targer);
-	$ret.="$target: $files $dep_libs\n";
-	$ret.="  \$(LINK) \$(LFLAGS) $efile$target @<<\n";
-	$ret.="  \$(APP_EX_OBJ) $files $libs\n<<\n\n";
-	return($ret);
-	}
-
-1;
diff --git a/util/pl/netware.pl b/util/pl/netware.pl
index 233612a911..c78bcfc874 100644
--- a/util/pl/netware.pl
+++ b/util/pl/netware.pl
@@ -1,20 +1,74 @@
-# Metrowerks Codewarrior for NetWare
+# Metrowerks Codewarrior or gcc / nlmconv for NetWare
 #
 
+$version_header = "crypto/opensslv.h";
+open(IN, "$version_header") or die "Couldn't open $version_header: $!";
+while (<IN>) {
+  if (/^#define[\s\t]+OPENSSL_VERSION_NUMBER[\s\t]+0x(\d)(\d{2})(\d{2})(\d{2})/)
+  {
+    # die "OpenSSL version detected: $1.$2.$3.$4\n";
+    #$nlmvernum = "$1,$2,$3";
+    $nlmvernum = "$1,".($2*10+$3).",".($4*1);
+    #$nlmverstr = "$1.".($2*1).".".($3*1).($4?(chr(96+$4)):"");
+    break;
+  }
+}
+close(IN) or die "Couldn't close $version_header: $!";
+
+$readme_file = "README";
+open(IN, $readme_file) or die "Couldn't open $readme_file: $!";
+while (<IN>) {
+  if (/^[\s\t]+OpenSSL[\s\t]+(\d)\.(\d{1,2})\.(\d{1,2})([a-z])(.*)/)
+  {
+    #$nlmvernum = "$1,$2,$3";
+    #$nlmvernum = "$1,".($2*10+$3).",".($4*1);
+    $nlmverstr = "$1.$2.$3$4$5";
+  }
+  elsif (/^[\s\t]+(Copyright \(c\) \d{4}\-\d{4} The OpenSSL Project)$/)
+  {
+    $nlmcpystr = $1;
+  }
+  break if ($nlmvernum && $nlmcpystr);
+}
+close(IN) or die "Couldn't close $readme_file: $!";
+
+# Define stacksize here
+$nlmstack = "32768";
+
+# some default settings here in case we failed to find them in README
+$nlmvernum = "1,0,0" if (!$nlmvernum);
+$nlmverstr = "OpenSSL" if (!$nlmverstr);
+$nlmcpystr = "Copyright (c) 1998-now The OpenSSL Project" if (!$nlmcpystr);
+
+# die "OpenSSL copyright: $nlmcpystr\nOpenSSL verstring: $nlmverstr\nOpenSSL vernumber: $nlmvernum\n";
+
 # The import files and other misc imports needed to link
+@misc_imports = ("GetProcessSwitchCount", "RunningProcess",
+                 "GetSuperHighResolutionTimer");
 if ($LIBC)
 {
-   @import_files = ("libc.imp", "ws2nlm.imp");
+   @import_files = ("libc.imp");
    @module_files = ("libc");
+   $libarch = "LIBC";
 }
 else
 {
    # clib build
-   @import_files = ("clib.imp", "ws2nlm.imp");
+   @import_files = ("clib.imp");
+   push(@import_files, "socklib.imp") if ($BSDSOCK);
    @module_files = ("clib");
+   # push(@misc_imports, "_rt_modu64%16", "_rt_divu64%16");
+   $libarch = "CLIB";
+}
+if ($BSDSOCK)
+{
+   $libarch .= "-BSD";
+}
+else
+{
+   $libarch .= "-WS2";
+   push(@import_files, "ws2nlm.imp");
 }
-@misc_imports = ("GetProcessSwitchCount", "RunningProcess",  
-                 "GetSuperHighResolutionTimer" );
 
 # The "IMPORTS" environment variable must be set and point to the location
 # where import files (*.imp) can be found.
@@ -27,30 +81,69 @@ $import_path = $ENV{"IMPORTS"} || die ("IMPORTS environment variable not set\n")
 # Example: set PRELUDE=c:\codewar\novell support\metrowerks support\libraries\runtime\nwpre.obj
 $prelude = $ENV{"PRELUDE"} || die ("PRELUDE environment variable not set\n");
 
-#$ssl=   "ssleay32";
-#$crypto="libeay32";
-
-$o='\\\\';
-$cp='copy >nul:';
-$rm='del';
+# The "INCLUDES" environment variable must be set and point to the location
+# where import files (*.imp) can be found.
+$include_path = $ENV{"INCLUDE"} || die ("INCLUDES environment variable not set\n");
+$include_path =~ s/\\/\//g;
+$include_path = join(" -I", split(/;/, $include_path));
 
-# C compiler
-$cc="mwccnlm";
+# check for gcc compiler
+$gnuc = $ENV{"GNUC"};
 
-# Linker
-$link="mwldnlm";
+#$ssl=   "ssleay32";
+#$crypto="libeay32";
 
-# librarian
-$mklib="mwldnlm";
+if ($gnuc)
+{
+   # C compiler
+   $cc='gcc';
+   # Linker
+   $link='nlmconv';
+   # librarian
+   $mklib='ar';
+   $o='/';
+   # cp command
+   $cp='cp -af';
+   # rm command
+   $rm='rm -f';
+   # mv command
+   $mv='mv -f';
+   # mkdir command
+   $mkdir='gmkdir';
+   #$ranlib='ranlib';
+}
+else
+{
+   # C compiler
+   $cc='mwccnlm';
+   # Linker
+   $link='mwldnlm';
+   # librarian
+   $mklib='mwldnlm';
+   # Path separator
+   $o='\\';
+   # cp command
+   $cp='copy >nul:';
+   # rm command
+   $rm='del /f /q';
+}
 
-# assembler 
-if ($nw_nasm) 
+# assembler
+if ($nw_nasm)
 {
-   $asm="nasmw -s -f coff";
+   $asm=(`nasm -v 2>NUL` gt `nasmw -v 2>NUL`?"nasm":"nasmw");
+   if ($gnuc)
+   {
+      $asm.=" -s -f elf";
+   }
+   else
+   {
+      $asm.=" -s -f coff -d __coff__";
+   }
    $afile="-o ";
    $asm.=" -g" if $debug;
 }
-elsif ($nw_mwasm) 
+elsif ($nw_mwasm)
 {
    $asm="mwasmnlm -maxerrors 20";
    $afile="-o ";
@@ -58,14 +151,14 @@ elsif ($nw_mwasm)
 }
 elsif ($nw_masm)
 {
-# masm assembly settings - it should be possible to use masm but haven't 
+# masm assembly settings - it should be possible to use masm but haven't
 # got it working.
 # $asm='ml /Cp /coff /c /Cx';
 # $asm.=" /Zi" if $debug;
 # $afile='/Fo';
    die("Support for masm assembler not yet functional\n");
 }
-else 
+else
 {
    $asm="";
    $afile="";
@@ -73,51 +166,89 @@ else
 
 
 
-# compile flags
-#
-# NOTES: Several c files in the crypto subdirectory include headers from
-#        their local directories.  Metrowerks wouldn't find these h files
-#        without adding individual include directives as compile flags
-#        or modifying the c files.  Instead of adding individual include
-#        paths for each subdirectory a recursive include directive
-#        is used ( -ir crypto ).
-#
-#        Turned off the "possible" warnings ( -w nopossible ).  Metrowerks
-#        complained a lot about various stuff.  May want to turn back
-#        on for further development.
-$cflags="-ir crypto -msgstyle gcc -align 4 -processor pentium \\
-         -char unsigned -w on -w nolargeargs -w nopossible -w nounusedarg \\
-         -w noimplicitconv -relax_pointers -nosyspath -DL_ENDIAN \\
-         -DOPENSSL_SYSNAME_NETWARE -U_WIN32 -maxerrors 20 ";
-
-# link flags
-$lflags="-msgstyle gcc -zerobss -stacksize 32768 -nostdlib -sym internal ";
-
-
-# additional flags based upon debug | non-debug
-if ($debug)
+if ($gnuc)
 {
-   $cflags.=" -opt off -g -sym internal -DDEBUG";
+   # compile flags for GNUC
+   # additional flags based upon debug | non-debug
+   if ($debug)
+   {
+      $cflags="-g -DDEBUG";
+   }
+   else
+   {
+      $cflags="-O2";
+   }
+   $cflags.=" -nostdinc -I$include_path \\
+         -fno-builtin -fpcc-struct-return -fno-strict-aliasing \\
+         -funsigned-char -Wall -Wno-unused -Wno-uninitialized";
+
+   # link flags
+   $lflags="-T";
 }
 else
 {
-# CodeWarrior compiler has a problem with optimizations for floating
-# points - no optimizations until further investigation
-#   $cflags.=" -opt all";
+   # compile flags for CodeWarrior
+   # additional flags based upon debug | non-debug
+   if ($debug)
+   {
+      $cflags="-opt off -g -sym internal -DDEBUG";
+   }
+   else
+   {
+   # CodeWarrior compiler has a problem with optimizations for floating
+   # points - no optimizations until further investigation
+   #      $cflags="-opt all";
+   }
+
+   # NOTES: Several c files in the crypto subdirectory include headers from
+   #        their local directories.  Metrowerks wouldn't find these h files
+   #        without adding individual include directives as compile flags
+   #        or modifying the c files.  Instead of adding individual include
+   #        paths for each subdirectory a recursive include directive
+   #        is used ( -ir crypto ).
+   #
+   #        A similar issue exists for the engines and apps subdirectories.
+   #
+   #        Turned off the "possible" warnings ( -w nopossible ).  Metrowerks
+   #        complained a lot about various stuff.  May want to turn back
+   #        on for further development.
+   $cflags.=" -nostdinc -ir crypto -ir engines -ir apps -I$include_path \\
+         -msgstyle gcc -align 4 -processor pentium -char unsigned \\
+         -w on -w nolargeargs -w nopossible -w nounusedarg -w nounusedexpr \\
+         -w noimplicitconv -relax_pointers -nosyspath -maxerrors 20";
+
+   # link flags
+   $lflags="-msgstyle gcc -zerobss -nostdlib -sym internal -commandfile";
 }
 
+# common defines
+$cflags.=" -DL_ENDIAN -DOPENSSL_SYSNAME_NETWARE -U_WIN32";
+
 # If LibC build add in NKS_LIBC define and set the entry/exit
 # routines - The default entry/exit routines are for CLib and don't exist
 # in LibC
 if ($LIBC)
 {
    $cflags.=" -DNETWARE_LIBC";
-   $lflags.=" -entry _LibCPrelude -exit _LibCPostlude -flags pseudopreemption";
+   $nlmstart = "_LibCPrelude";
+   $nlmexit = "_LibCPostlude";
+   @nlm_flags = ("pseudopreemption", "flag_on 64");
 }
 else
 {
    $cflags.=" -DNETWARE_CLIB";
-   $lflags.=" -entry _Prelude -exit _Stop";
+   $nlmstart = "_Prelude";
+   $nlmexit = "_Stop";
+}
+
+# If BSD Socket support is requested, set a define for the compiler
+if ($BSDSOCK)
+{
+   $cflags.=" -DNETWARE_BSDSOCK";
+   if (!$LIBC)
+   {
+      $cflags.=" -DNETDB_USE_INTERNET";
+   }
 }
 
 
@@ -140,16 +271,25 @@ if ($shlib)
 }
 else
 {
-   $libp=".lib";
-   $shlibp=".lib";
-   $lib_flags="-nodefaults -type library";
+   if ($gnuc) # GNUC Tools
+   {
+      $libp=".a";
+      $shlibp=".a";
+      $lib_flags="-cr";
+   }
+   else       # CodeWarrior
+   {
+      $libp=".lib";
+      $shlibp=".lib";
+      $lib_flags="-nodefaults -type library -o";
+   }
    if ($LIBC)
    {
       $out_def.="_nw_libc";
       $tmp_def.="_nw_libc";
       $inc_def.="_nw_libc";
    }
-   else  # NETWARE_CLIB 
+   else  # NETWARE_CLIB
    {
       $out_def.="_nw_clib";
       $tmp_def.="_nw_clib";
@@ -158,7 +298,7 @@ else
 }
 
 # used by mk1mf.pl
-$obj='.obj';
+$obj='.o';
 $ofile='-o ';
 $efile='';
 $exep='.nlm';
@@ -166,30 +306,44 @@ $ex_libs='';
 
 if (!$no_asm)
 {
-   $bn_asm_obj="crypto${o}bn${o}asm${o}bn-nw.obj";
+   $bn_asm_obj="\$(OBJ_D)${o}bn-nw${obj}";
    $bn_asm_src="crypto${o}bn${o}asm${o}bn-nw.asm";
-   $des_enc_obj="crypto${o}des${o}asm${o}d-nw.obj crypto${o}des${o}asm${o}y-nw.obj";
+   $bnco_asm_obj="\$(OBJ_D)${o}co-nw${obj}";
+   $bnco_asm_src="crypto${o}bn${o}asm${o}co-nw.asm";
+   $aes_asm_obj="\$(OBJ_D)${o}a-nw${obj}";
+   $aes_asm_src="crypto${o}aes${o}asm${o}a-nw.asm";
+   $des_enc_obj="\$(OBJ_D)${o}d-nw${obj} \$(OBJ_D)${o}y-nw${obj}";
    $des_enc_src="crypto${o}des${o}asm${o}d-nw.asm crypto${o}des${o}asm${o}y-nw.asm";
-   $bf_enc_obj="crypto${o}bf${o}asm${o}b-nw.obj";
+   $bf_enc_obj="\$(OBJ_D)${o}b-nw${obj}";
    $bf_enc_src="crypto${o}bf${o}asm${o}b-nw.asm";
-   $cast_enc_obj="crypto${o}cast${o}asm${o}c-nw.obj";
+   $cast_enc_obj="\$(OBJ_D)${o}c-nw${obj}";
    $cast_enc_src="crypto${o}cast${o}asm${o}c-nw.asm";
-   $rc4_enc_obj="crypto${o}rc4${o}asm${o}r4-nw.obj";
+   $rc4_enc_obj="\$(OBJ_D)${o}r4-nw${obj}";
    $rc4_enc_src="crypto${o}rc4${o}asm${o}r4-nw.asm";
-   $rc5_enc_obj="crypto${o}rc5${o}asm${o}r5-nw.obj";
+   $rc5_enc_obj="\$(OBJ_D)${o}r5-nw${obj}";
    $rc5_enc_src="crypto${o}rc5${o}asm${o}r5-nw.asm";
-   $md5_asm_obj="crypto${o}md5${o}asm${o}m5-nw.obj";
+   $md5_asm_obj="\$(OBJ_D)${o}m5-nw${obj}";
    $md5_asm_src="crypto${o}md5${o}asm${o}m5-nw.asm";
-   $sha1_asm_obj="crypto${o}sha${o}asm${o}s1-nw.obj";
-   $sha1_asm_src="crypto${o}sha${o}asm${o}s1-nw.asm";
-   $rmd160_asm_obj="crypto${o}ripemd${o}asm${o}rm-nw.obj";
+   $sha1_asm_obj="\$(OBJ_D)${o}s1-nw${obj} \$(OBJ_D)${o}sha256-nw${obj} \$(OBJ_D)${o}sha512-nw${obj}";
+   $sha1_asm_src="crypto${o}sha${o}asm${o}s1-nw.asm crypto${o}sha${o}asm${o}sha256-nw.asm crypto${o}sha${o}asm${o}sha512-nw.asm";
+   $rmd160_asm_obj="\$(OBJ_D)${o}rm-nw${obj}";
    $rmd160_asm_src="crypto${o}ripemd${o}asm${o}rm-nw.asm";
-   $cflags.=" -DBN_ASM -DMD5_ASM -DSHA1_ASM -DRMD160_ASM";
+   $whirlpool_asm_obj="\$(OBJ_D)${o}wp-nw${obj}";
+   $whirlpool_asm_src="crypto${o}whrlpool${o}asm${o}wp-nw.asm";
+   $cpuid_asm_obj="\$(OBJ_D)${o}x86cpuid-nw${obj}";
+   $cpuid_asm_src="crypto${o}x86cpuid-nw.asm";
+   $cflags.=" -DOPENSSL_CPUID_OBJ -DBN_ASM -DOPENSSL_BN_ASM_PART_WORDS -DMD5_ASM -DWHIRLPOOL_ASM";
+   $cflags.=" -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM";
+   $cflags.=" -DAES_ASM -DRMD160_ASM";
 }
 else
 {
    $bn_asm_obj='';
    $bn_asm_src='';
+   $bnco_asm_obj='';
+   $bnco_asm_src='';
+   $aes_asm_obj='';
+   $aes_asm_src='';
    $des_enc_obj='';
    $des_enc_src='';
    $bf_enc_obj='';
@@ -206,15 +360,17 @@ else
    $sha1_asm_src='';
    $rmd160_asm_obj='';
    $rmd160_asm_src='';
+   $whirlpool_asm_obj='';
+   $whirlpool_asm_src='';
+   $cpuid_asm_obj='';
+   $cpuid_asm_src='';
 }
 
 # create the *.def linker command files in \openssl\netware\ directory
 sub do_def_file
 {
    # strip off the leading path
-   my($target) = bname(@_);
-   my($def_file);
-   my($mod_file);
+   my($target) = bname(shift);
    my($i);
 
    if ($target =~ /(.*).nlm/)
@@ -225,35 +381,72 @@ sub do_def_file
    # special case for openssl - the mk1mf.pl defines E_EXE = openssl
    if ($target =~ /E_EXE/)
    {
-      $target = "openssl";
+      $target =~ s/\$\(E_EXE\)/openssl/;
    }
 
    # Note: originally tried to use full path ( \openssl\netware\$target.def )
    # Metrowerks linker choked on this with an assertion failure. bug???
    #
-   $def_file = "netware\\$target.def";
+   my($def_file) = "netware${o}$target.def";
 
    open(DEF_OUT, ">$def_file") || die("unable to open file $def_file\n");
 
-   print( DEF_OUT "# command file generated by netware.pl for Metrowerks build\n" );
+   print( DEF_OUT "# command file generated by netware.pl for NLM target.\n" );
+   print( DEF_OUT "# do not edit this file - all your changes will be lost!!\n" );
    print( DEF_OUT "#\n");
-   print( DEF_OUT "DESCRIPTION \"$target\"\n");
-   
+   print( DEF_OUT "DESCRIPTION \"$target ($libarch) - OpenSSL $nlmverstr\"\n");
+   print( DEF_OUT "COPYRIGHT \"$nlmcpystr\"\n");
+   print( DEF_OUT "VERSION $nlmvernum\n");
+   print( DEF_OUT "STACK $nlmstack\n");
+   print( DEF_OUT "START $nlmstart\n");
+   print( DEF_OUT "EXIT $nlmexit\n");
+
+   # special case for openssl
+   if ($target eq "openssl")
+   {
+      print( DEF_OUT "SCREENNAME \"OpenSSL $nlmverstr\"\n");
+   }
+   else
+   {
+      print( DEF_OUT "SCREENNAME \"DEFAULT\"\n");
+   }
+
    foreach $i (@misc_imports)
    {
       print( DEF_OUT "IMPORT $i\n");
    }
-   
+
    foreach $i (@import_files)
    {
-      print( DEF_OUT "IMPORT \@$import_path\\$i\n");
+      print( DEF_OUT "IMPORT \@$import_path${o}$i\n");
    }
-   
+
    foreach $i (@module_files)
    {
       print( DEF_OUT "MODULE $i\n");
    }
 
+   foreach $i (@nlm_flags)
+   {
+      print( DEF_OUT "$i\n");
+   }
+
+   if ($gnuc)
+   {
+      if ($target =~ /openssl/)
+      {
+         print( DEF_OUT "INPUT ${tmp_def}${o}openssl${obj}\n");
+         print( DEF_OUT "INPUT ${tmp_def}${o}openssl${libp}\n");
+      }
+      else
+      {
+         print( DEF_OUT "INPUT ${tmp_def}${o}${target}${obj}\n");
+      }
+      print( DEF_OUT "INPUT $prelude\n");
+      print( DEF_OUT "INPUT ${out_def}${o}${ssl}${libp} ${out_def}${o}${crypto}${libp}\n");
+      print( DEF_OUT "OUTPUT $target.nlm\n");
+   }
+
    close(DEF_OUT);
    return($def_file);
 }
@@ -267,7 +460,7 @@ sub do_lib_rule
    if (!$shlib)
    {
       $ret.="\t\@echo Building Lib: $name\n";
-      $ret.="\t\$(MKLIB) $lib_flags -o $target $objs\n";
+      $ret.="\t\$(MKLIB) $lib_flags $target $objs\n";
       $ret.="\t\@echo .\n"
    }
    else
@@ -283,17 +476,15 @@ sub do_link_rule
 {
    my($target,$files,$dep_libs,$libs)=@_;
    my($ret);
-   my($def_file);
+   my($def_file) = do_def_file($target);
 
-   $def_file = do_def_file($target);
-
-   # special case for openssl - the mk1mf.pl defines E_EXE = openssl
+   $ret.="$target: $files $dep_libs\n";
 
    # NOTE:  When building the test nlms no screen name is given
    #  which causes the console screen to be used.  By using the console
    #  screen there is no "<press any key to continue>" message which
-   #  requires user interaction.  The test script ( tests.pl ) needs to be
-   #  able to run the tests without requiring user interaction.
+   #  requires user interaction.  The test script ( do_tests.pl ) needs
+   #  to be able to run the tests without requiring user interaction.
    #
    #  However, the sample program "openssl.nlm" is used by the tests and is
    #  a interactive sample so a screen is desired when not be run by the
@@ -301,27 +492,41 @@ sub do_link_rule
    #    openssl2 - no screen used by tests
    #    openssl - default screen - use for normal interactive modes
    #
+
+   # special case for openssl - the mk1mf.pl defines E_EXE = openssl
    if ($target =~ /E_EXE/)
    {
       my($target2) = $target;
 
       $target2 =~ s/\(E_EXE\)/\(E_EXE\)2/;
 
-      $ret.="$target: $files $dep_libs\n";
-
-         # openssl
-      $ret.="\t\$(LINK) \$(LFLAGS) -screenname openssl -commandfile $def_file $files \"$prelude\" $libs -o $target\n";
-         # openssl2
-      $ret.="\t\$(LINK) \$(LFLAGS) -commandfile $def_file $files \"$prelude\" $libs -o $target2\n";
+      # openssl2
+      my($def_file2) = do_def_file($target2);
+
+      if ($gnuc)
+      {
+         $ret.="\t\$(MKLIB) $lib_flags \$(TMP_D)${o}\$(E_EXE).a \$(filter-out \$(TMP_D)${o}\$(E_EXE)${obj},$files)\n";
+         $ret.="\t\$(LINK) \$(LFLAGS) $def_file2\n";
+         $ret.="\t\@$mv \$(E_EXE)2.nlm \$(TEST_D)\n";
+      }
+      else
+      {
+         $ret.="\t\$(LINK) \$(LFLAGS) $def_file2 $files \"$prelude\" $libs -o $target2\n";
+      }
+   }
+   if ($gnuc)
+   {
+      $ret.="\t\$(LINK) \$(LFLAGS) $def_file\n";
+      $ret.="\t\@$mv \$(\@F) \$(TEST_D)\n";
    }
    else
    {
-      $ret.="$target: $files $dep_libs\n";
-      $ret.="\t\$(LINK) \$(LFLAGS) -commandfile $def_file $files \"$prelude\" $libs -o $target\n";
+      $ret.="\t\$(LINK) \$(LFLAGS) $def_file $files \"$prelude\" $libs -o $target\n";
    }
 
    $ret.="\n";
    return($ret);
+
 }
 
 1;
diff --git a/util/pod2man.pl b/util/pod2man.pl
index 657e4e264e..025d914f2e 100755
--- a/util/pod2man.pl
+++ b/util/pod2man.pl
@@ -425,6 +425,7 @@ if ($name ne 'something') {
 	    }
 	    next if /^=cut\b/;	# DB_File and Net::Ping have =cut before NAME
 	    next if /^=pod\b/;  # It is OK to have =pod before NAME
+	    next if /^=(for|begin|end)\s+comment\b/;  # It is OK to have =for =begin or =end comment before NAME
 	    die "$0: Invalid man page - 1st pod line is not NAME in $ARGV[0]\n" unless $lax;
 	}
 	die "$0: Invalid man page - no documentation in $ARGV[0]\n" unless $lax;
diff --git a/util/pod2mantest b/util/pod2mantest
index 412ca8d6d8..384e683df4 100755
--- a/util/pod2mantest
+++ b/util/pod2mantest
@@ -1,6 +1,6 @@
 #!/bin/sh
 
-# This script is used by test/Makefile.ssl to check whether a sane 'pod2man'
+# This script is used by test/Makefile to check whether a sane 'pod2man'
 # is installed.
 # ('make install' should not try to run 'pod2man' if it does not exist or if
 # it is a broken 'pod2man' version that is known to cause trouble. if we find
diff --git a/util/point.sh b/util/point.sh
index 4790e08f8a..da39899cb1 100755
--- a/util/point.sh
+++ b/util/point.sh
@@ -1,7 +1,7 @@
 #!/bin/sh
 
 rm -f "$2"
-if test "$OSTYPE" = msdosdjgpp; then
+if test "$OSTYPE" = msdosdjgpp || test "x$PLATFORM" = xmingw ; then
     cp "$1" "$2"
 else
     ln -s "$1" "$2"
diff --git a/util/selftest.pl b/util/selftest.pl
index 276b81183d..7b32e9f4ff 100644
--- a/util/selftest.pl
+++ b/util/selftest.pl
@@ -34,9 +34,9 @@ foreach $_ (split("\n",$c)) {
     $platform0=$1 if (/Configuring for (.*)$/);
 }
 
-system "sh config" if (! -f "Makefile.ssl");
+system "sh config" if (! -f "Makefile");
 
-if (open(IN,"<Makefile.ssl")) {
+if (open(IN,"<Makefile")) {
     while (<IN>) {
 	$version=$1 if (/^VERSION=(.*)$/);
 	$platform=$1 if (/^PLATFORM=(.*)$/);
@@ -49,7 +49,7 @@ if (open(IN,"<Makefile.ssl")) {
 }
 
 $cversion=`$cc -v 2>&1`;
-$cversion=`$cc -V 2>&1` if $cversion =~ "usage";
+$cversion=`$cc -V 2>&1` if $cversion =~ "[Uu]sage";
 $cversion=`$cc -V |head -1` if $cversion =~ "Error";
 $cversion=`$cc --version` if $cversion eq "";
 $cversion =~ s/Reading specs.*\n//;
@@ -78,7 +78,7 @@ print OUT "\n";
 
 print "Checking compiler...\n";
 if (open(TEST,">cctest.c")) {
-    print TEST "#include <stdio.h>\n#include <errno.h>\nmain(){printf(\"Hello world\\n\");}\n";
+    print TEST "#include <stdio.h>\n#include <stdlib.h>\n#include <errno.h>\nmain(){printf(\"Hello world\\n\");}\n";
     close(TEST);
     system("$cc -o cctest cctest.c");
     if (`./cctest` !~ /Hello world/) {
@@ -96,7 +96,7 @@ if (open(TEST,">cctest.c")) {
     print OUT "Can't create cctest.c\n";
 }
 if (open(TEST,">cctest.c")) {
-    print TEST "#include <openssl/opensslv.h>\nmain(){printf(OPENSSL_VERSION_TEXT);}\n";
+    print TEST "#include <stdio.h>\n#include <stdlib.h>\n#include <openssl/opensslv.h>\nmain(){printf(OPENSSL_VERSION_TEXT);}\n";
     close(TEST);
     system("$cc -o cctest -Iinclude cctest.c");
     $cctest = `./cctest`;
@@ -130,15 +130,21 @@ if (system("make 2>&1 | tee make.log") > 255) {
     goto err;
 }
 
-$_=$options;
-s/no-asm//;
-s/no-shared//;
-s/no-krb5//;
-if (/no-/)
-{
-    print OUT "Test skipped.\n";
-    goto err;
-}
+# Not sure why this is here.  The tests themselves can detect if their
+# particular feature isn't included, and should therefore skip themselves.
+# To skip *all* tests just because one algorithm isn't included is like
+# shooting mosquito with an elephant gun...
+#                   -- Richard Levitte, inspired by problem report 1089
+#
+#$_=$options;
+#s/no-asm//;
+#s/no-shared//;
+#s/no-krb5//;
+#if (/no-/)
+#{
+#    print OUT "Test skipped.\n";
+#    goto err;
+#}
 
 print "Running make test...\n";
 if (system("make test 2>&1 | tee maketest.log") > 255)
diff --git a/util/shlib_wrap.sh b/util/shlib_wrap.sh
index dc5f5b1ce4..9416d593d2 100755
--- a/util/shlib_wrap.sh
+++ b/util/shlib_wrap.sh
@@ -22,19 +22,39 @@ SunOS|IRIX*)
 	# variables depending on target ABI...
 	rld_var=LD_LIBRARY_PATH
 	case "`(/usr/bin/file "$LIBCRYPTOSO") 2>/dev/null`" in
-	*ELF\ 64*SPARC*)
+	*ELF\ 64*SPARC*|*ELF\ 64*AMD64*)
 		[ -n "$LD_LIBRARY_PATH_64" ] && rld_var=LD_LIBRARY_PATH_64
+		LD_PRELOAD_64="$LIBCRYPTOSO $LIBSSLSO"; export LD_PRELOAD_64
+		preload_var=LD_PRELOAD_64
+		;;
+	# Why are newly built .so's preloaded anyway? Because run-time
+	# .so lookup path embedded into application takes precedence
+	# over LD_LIBRARY_PATH and as result application ends up linking
+	# to previously installed .so's. On IRIX instead of preloading
+	# newly built .so's we trick run-time linker to fail to find
+	# the installed .so by setting _RLD_ROOT variable.
+	*ELF\ 32*MIPS*)
+		#_RLD_LIST="$LIBCRYPTOSO:$LIBSSLSO:DEFAULT"; export _RLD_LIST
+		_RLD_ROOT=/no/such/dir; export _RLD_ROOT
+		eval $rld_var=\"/usr/lib'${'$rld_var':+:$'$rld_var'}'\"
+		preload_var=_RLD_LIST
 		;;
 	*ELF\ N32*MIPS*)
 		[ -n "$LD_LIBRARYN32_PATH" ] && rld_var=LD_LIBRARYN32_PATH
-		_RLDN32_LIST="$LIBCRYPTOSO:$LIBSSLSO:DEFAULT"; export _RLDN32_LIST
+		#_RLDN32_LIST="$LIBCRYPTOSO:$LIBSSLSO:DEFAULT"; export _RLDN32_LIST
+		_RLDN32_ROOT=/no/such/dir; export _RLDN32_ROOT
+		eval $rld_var=\"/usr/lib32'${'$rld_var':+:$'$rld_var'}'\"
+		preload_var=_RLDN32_LIST
 		;;
 	*ELF\ 64*MIPS*)
 		[ -n "$LD_LIBRARY64_PATH"  ] && rld_var=LD_LIBRARY64_PATH
-		_RLD64_LIST="$LIBCRYPTOSO:$LIBSSLSO:DEFAULT"; export _RLD64_LIST
+		#_RLD64_LIST="$LIBCRYPTOSO:$LIBSSLSO:DEFAULT"; export _RLD64_LIST
+		_RLD64_ROOT=/no/such/dir; export _RLD64_ROOT
+		eval $rld_var=\"/usr/lib64'${'$rld_var':+:$'$rld_var'}'\"
+		preload_var=_RLD64_LIST
 		;;
 	esac
-	eval $rld_var=\"${THERE}:'$'$rld_var\"; export $rld_var
+	eval $rld_var=\"${THERE}'${'$rld_var':+:$'$rld_var'}'\"; export $rld_var
 	unset rld_var
 	;;
 *)	LD_LIBRARY_PATH="${THERE}:$LD_LIBRARY_PATH"	# Linux, ELF HP-UX
@@ -52,7 +72,7 @@ SunOS|IRIX*)
 	;;
 esac
 
-if [ -f "$LIBCRYPTOSO" ]; then
+if [ -f "$LIBCRYPTOSO" -a -z "$preload_var" ]; then
 	# Following three lines are major excuse for isolating them into
 	# this wrapper script. Original reason for setting LD_PRELOAD
 	# was to make it possible to pass 'make test' when user linked
@@ -60,11 +80,14 @@ if [ -f "$LIBCRYPTOSO" ]; then
 	# it into a script makes it possible to do so on multi-ABI
 	# platforms.
 	case "$SYSNAME" in
-	*BSD)	LD_PRELOAD="$LIBCRYPTOSO:$LIBSSLSO" ;;	# *BSD
+	*BSD|QNX)	LD_PRELOAD="$LIBCRYPTOSO:$LIBSSLSO" ;;	# *BSD, QNX
 	*)	LD_PRELOAD="$LIBCRYPTOSO $LIBSSLSO" ;;	# SunOS, Linux, ELF HP-UX
 	esac
 	_RLD_LIST="$LIBCRYPTOSO:$LIBSSLSO:DEFAULT"	# Tru64, o32 IRIX
-	export LD_PRELOAD _RLD_LIST
+	DYLD_INSERT_LIBRARIES="$LIBCRYPTOSO:$LIBSSLSO"	# MacOS X
+	export LD_PRELOAD _RLD_LIST DYLD_INSERT_LIBRARIES
 fi
 
-exec "$@"
+cmd="$1${EXE_EXT}"
+shift
+exec "$cmd" "$@"
diff --git a/util/ssleay.num b/util/ssleay.num
index e3c33661d7..1acb28c1de 100755
--- a/util/ssleay.num
+++ b/util/ssleay.num
@@ -98,9 +98,9 @@ SSLeay_add_ssl_algorithms               109	NOEXIST::FUNCTION:
 SSLv23_client_method                    110	EXIST::FUNCTION:RSA
 SSLv23_method                           111	EXIST::FUNCTION:RSA
 SSLv23_server_method                    112	EXIST::FUNCTION:RSA
-SSLv2_client_method                     113	EXIST::FUNCTION:RSA
-SSLv2_method                            114	EXIST::FUNCTION:RSA
-SSLv2_server_method                     115	EXIST::FUNCTION:RSA
+SSLv2_client_method                     113	EXIST::FUNCTION:RSA,SSL2
+SSLv2_method                            114	EXIST::FUNCTION:RSA,SSL2
+SSLv2_server_method                     115	EXIST::FUNCTION:RSA,SSL2
 SSLv3_client_method                     116	EXIST::FUNCTION:
 SSLv3_method                            117	EXIST::FUNCTION:
 SSLv3_server_method                     118	EXIST::FUNCTION:
@@ -117,8 +117,8 @@ SSL_CIPHER_get_bits                     128	EXIST::FUNCTION:
 SSL_CIPHER_get_version                  129	EXIST::FUNCTION:
 SSL_CIPHER_get_name                     130	EXIST::FUNCTION:
 BIO_ssl_shutdown                        131	EXIST::FUNCTION:BIO
-SSL_SESSION_cmp                         132	EXIST::FUNCTION:
-SSL_SESSION_hash                        133	EXIST::FUNCTION:
+SSL_SESSION_cmp                         132	NOEXIST::FUNCTION:
+SSL_SESSION_hash                        133	NOEXIST::FUNCTION:
 SSL_SESSION_get_time                    134	EXIST::FUNCTION:
 SSL_SESSION_set_time                    135	EXIST::FUNCTION:
 SSL_SESSION_get_timeout                 136	EXIST::FUNCTION:
@@ -215,11 +215,50 @@ SSL_CTX_set_generate_session_id         264	EXIST::FUNCTION:
 SSL_renegotiate_pending                 265	EXIST::FUNCTION:
 SSL_CTX_set_msg_callback                266	EXIST::FUNCTION:
 SSL_set_msg_callback                    267	EXIST::FUNCTION:
-SSL_set_tmp_ecdh_callback               268	EXIST::FUNCTION:ECDH
+DTLSv1_client_method                    268	EXIST::FUNCTION:
 SSL_CTX_set_tmp_ecdh_callback           269	EXIST::FUNCTION:ECDH
-SSL_SESSION_get_id                      270	EXIST::FUNCTION:
-SSL_COMP_get_compression_methods        271	EXIST:!VMS:FUNCTION:COMP
-SSL_COMP_get_compress_methods           271	EXIST:VMS:FUNCTION:COMP
-SSL_COMP_get_name                       272	EXIST::FUNCTION:COMP
-SSL_get_current_expansion               273	EXIST::FUNCTION:COMP
-SSL_get_current_compression             274	EXIST::FUNCTION:COMP
+SSL_set_tmp_ecdh_callback               270	EXIST::FUNCTION:ECDH
+SSL_COMP_get_name                       271	EXIST::FUNCTION:COMP
+SSL_get_current_compression             272	EXIST::FUNCTION:COMP
+DTLSv1_method                           273	EXIST::FUNCTION:
+SSL_get_current_expansion               274	EXIST::FUNCTION:COMP
+DTLSv1_server_method                    275	EXIST::FUNCTION:
+SSL_COMP_get_compression_methods        276	EXIST:!VMS:FUNCTION:COMP
+SSL_COMP_get_compress_methods           276	EXIST:VMS:FUNCTION:COMP
+SSL_SESSION_get_id                      277	EXIST::FUNCTION:
+SSL_CTX_sess_set_new_cb                 278	EXIST::FUNCTION:
+SSL_CTX_sess_get_get_cb                 279	EXIST::FUNCTION:
+SSL_CTX_sess_set_get_cb                 280	EXIST::FUNCTION:
+SSL_CTX_set_cookie_verify_cb            281	EXIST::FUNCTION:
+SSL_CTX_get_info_callback               282	EXIST::FUNCTION:
+SSL_CTX_set_cookie_generate_cb          283	EXIST::FUNCTION:
+SSL_CTX_set_client_cert_cb              284	EXIST::FUNCTION:
+SSL_CTX_sess_set_remove_cb              285	EXIST::FUNCTION:
+SSL_CTX_set_info_callback               286	EXIST::FUNCTION:
+SSL_CTX_sess_get_new_cb                 287	EXIST::FUNCTION:
+SSL_CTX_get_client_cert_cb              288	EXIST::FUNCTION:
+SSL_CTX_sess_get_remove_cb              289	EXIST::FUNCTION:
+SSL_set_SSL_CTX                         290	EXIST::FUNCTION:
+SSL_get_servername                      291	EXIST::FUNCTION:TLSEXT
+SSL_get_servername_type                 292	EXIST::FUNCTION:TLSEXT
+SSL_CTX_set_client_cert_engine          293	EXIST::FUNCTION:ENGINE
+SSL_CTX_use_psk_identity_hint           294	EXIST::FUNCTION:PSK
+SSL_CTX_set_psk_client_callback         295	EXIST::FUNCTION:PSK
+PEM_write_bio_SSL_SESSION               296	EXIST::FUNCTION:
+SSL_get_psk_identity_hint               297	EXIST::FUNCTION:PSK
+SSL_set_psk_server_callback             298	EXIST::FUNCTION:PSK
+SSL_use_psk_identity_hint               299	EXIST::FUNCTION:PSK
+SSL_set_psk_client_callback             300	EXIST::FUNCTION:PSK
+PEM_read_SSL_SESSION                    301	EXIST:!WIN16:FUNCTION:
+PEM_read_bio_SSL_SESSION                302	EXIST::FUNCTION:
+SSL_CTX_set_psk_server_callback         303	EXIST::FUNCTION:PSK
+SSL_get_psk_identity                    304	EXIST::FUNCTION:PSK
+PEM_write_SSL_SESSION                   305	EXIST:!WIN16:FUNCTION:
+SSL_set_session_ticket_ext              306	EXIST::FUNCTION:
+SSL_set_session_secret_cb               307	EXIST::FUNCTION:
+SSL_set_session_ticket_ext_cb           308	EXIST::FUNCTION:
+SSL_set1_param                          309	EXIST::FUNCTION:
+SSL_CTX_set1_param                      310	EXIST::FUNCTION:
+TLSv1_1_method                          311	EXIST::FUNCTION:
+TLSv1_1_client_method                   312	EXIST::FUNCTION:
+TLSv1_1_server_method                   313	EXIST::FUNCTION: